From 09773532ed93cbe8f9f3047fdd6088d7adf1c524 Mon Sep 17 00:00:00 2001
From: Ben Laurie <ben@openssl.org>
Date: Fri, 5 Mar 2004 08:28:01 +0000
Subject: [PATCH] Add pairwise tests, fix makefiles.

---
 Makefile.org              |  3 +-
 crypto/dsa/dsa_key.c      |  2 ++
 fips/dsa/Makefile.ssl     | 11 ++++----
 fips/dsa/fingerprint.sha1 |  2 +-
 fips/dsa/fips_dsa_gen.c   | 58 +++++++++++++++++++++++++++++++++++++++
 fips/fingerprint.sha1     |  4 +--
 fips/fips.h               |  3 ++
 fips/fips_err.h           |  3 ++
 fips/rsa/Makefile.ssl     | 11 ++++----
 fips/rsa/fingerprint.sha1 |  2 +-
 fips/rsa/fips_rsa_gen.c   | 41 +++++++++++++++++++++++++++
 11 files changed, 125 insertions(+), 15 deletions(-)

diff --git a/Makefile.org b/Makefile.org
index 19b5c243ba..f2e31a5794 100644
--- a/Makefile.org
+++ b/Makefile.org
@@ -817,7 +817,7 @@ install: all install_docs
 			cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
 			if ! egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
 				$(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
-			fi \
+			fi; \
 			chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
 			mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \
 		fi; \
@@ -859,6 +859,7 @@ install: all install_docs
 		if [ -f "$$i" ]; then \
 		(       echo installing $$i; \
 			cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
+			chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
 			mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \
 		fi; \
 	done;
diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c
index ef87c3e637..30607ca579 100644
--- a/crypto/dsa/dsa_key.c
+++ b/crypto/dsa/dsa_key.c
@@ -64,6 +64,7 @@
 #include <openssl/dsa.h>
 #include <openssl/rand.h>
 
+#ifndef OPENSSL_FIPS
 int DSA_generate_key(DSA *dsa)
 	{
 	int ok=0;
@@ -103,3 +104,4 @@ err:
 	return(ok);
 	}
 #endif
+#endif
diff --git a/fips/dsa/Makefile.ssl b/fips/dsa/Makefile.ssl
index d7d4f9d58b..eb94ad8e74 100644
--- a/fips/dsa/Makefile.ssl
+++ b/fips/dsa/Makefile.ssl
@@ -56,11 +56,12 @@ links:
 	@$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS)
 
 install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
+# some shells don't like empty lists
+#	@for i in $(EXHEADER) ; \
+#	do  \
+#	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+#	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+#	done;
 
 tags:
 	ctags $(SRC)
diff --git a/fips/dsa/fingerprint.sha1 b/fips/dsa/fingerprint.sha1
index 4784cd542f..9a4d3fe900 100644
--- a/fips/dsa/fingerprint.sha1
+++ b/fips/dsa/fingerprint.sha1
@@ -1,3 +1,3 @@
 SHA1(fips_dsa_ossl.c)= 592cd23f6e63bc08b9c960014d52aad05594f913
-SHA1(fips_dsa_gen.c)= 87e185e25c1d606922651ea264470cb93c04e6a8
+SHA1(fips_dsa_gen.c)= 418cbd83675130cf7c45f3ea669b96167a1d65aa
 SHA1(fips_dsa_selftest.c)= d638e2d13912befe42e0ed6efa8a27719b6689d5
diff --git a/fips/dsa/fips_dsa_gen.c b/fips/dsa/fips_dsa_gen.c
index b326bb5b4d..9524a4e21b 100644
--- a/fips/dsa/fips_dsa_gen.c
+++ b/fips/dsa/fips_dsa_gen.c
@@ -88,6 +88,21 @@
 
 #ifdef OPENSSL_FIPS
 
+static int fips_check_dsa(DSA *dsa)
+    {
+    static const unsigned char str1[]="12345678901234567890";
+    unsigned char sig[256];
+    unsigned int siglen;
+
+    DSA_sign(0, str1, 20, sig, &siglen, dsa);
+    if(DSA_verify(0, str1, 20, sig, siglen, dsa) != 1)
+	{
+	FIPSerr(FIPS_F_FIPS_CHECK_DSA,FIPS_R_PAIRWISE_TEST_FAILED);
+	return 0;
+	}
+    return 1;
+    }
+
 DSA *DSA_generate_parameters(int bits,
 		unsigned char *seed_in, int seed_len,
 		int *counter_ret, unsigned long *h_ret,
@@ -310,6 +325,49 @@ err:
 	if (mont != NULL) BN_MONT_CTX_free(mont);
 	return(ok?ret:NULL);
 	}
+
+int DSA_generate_key(DSA *dsa)
+	{
+	int ok=0;
+	BN_CTX *ctx=NULL;
+	BIGNUM *pub_key=NULL,*priv_key=NULL;
+
+	if ((ctx=BN_CTX_new()) == NULL) goto err;
+
+	if (dsa->priv_key == NULL)
+		{
+		if ((priv_key=BN_new()) == NULL) goto err;
+		}
+	else
+		priv_key=dsa->priv_key;
+
+	do
+		if (!BN_rand_range(priv_key,dsa->q)) goto err;
+	while (BN_is_zero(priv_key));
+
+	if (dsa->pub_key == NULL)
+		{
+		if ((pub_key=BN_new()) == NULL) goto err;
+		}
+	else
+		pub_key=dsa->pub_key;
+
+	if (!BN_mod_exp(pub_key,dsa->g,priv_key,dsa->p,ctx)) goto err;
+
+	dsa->priv_key=priv_key;
+	dsa->pub_key=pub_key;
+
+	if(!fips_check_dsa(dsa))
+	    goto err;
+
+	ok=1;
+
+err:
+	if ((pub_key != NULL) && (dsa->pub_key == NULL)) BN_free(pub_key);
+	if ((priv_key != NULL) && (dsa->priv_key == NULL)) BN_free(priv_key);
+	if (ctx != NULL) BN_CTX_free(ctx);
+	return(ok);
+	}
 #endif
 
 #endif
diff --git a/fips/fingerprint.sha1 b/fips/fingerprint.sha1
index b282604234..94d96b7ca1 100644
--- a/fips/fingerprint.sha1
+++ b/fips/fingerprint.sha1
@@ -1,4 +1,4 @@
 SHA1(fips.c)= 3ce5c4660e56e1a1c1ef177f3536b3098bb65290
 SHA1(fips_err_wrapper.c)= ad4a2ffa18743c83827de398c811eb6124ba0b27
-SHA1(fips.h)= a664b76451ff3d3674e7c79b6d56d547ffb9e5be
-SHA1(fips_err.h)= 54f9f9931fdef839dcfbf7807a1977199ad4b4f1
+SHA1(fips.h)= da5e4f1bb957eb808c818507a76c8dcaa06dcec0
+SHA1(fips_err.h)= 8a6c9283e478afae4b30c033c5f885b1d20e75c1
diff --git a/fips/fips.h b/fips/fips.h
index a9adfc1506..6abf8f5e67 100644
--- a/fips/fips.h
+++ b/fips/fips.h
@@ -83,7 +83,9 @@ void ERR_load_FIPS_strings(void);
 #define FIPS_F_DSA_DO_SIGN				 111
 #define FIPS_F_DSA_DO_VERIFY				 112
 #define FIPS_F_DSA_GENERATE_PARAMETERS			 110
+#define FIPS_F_FIPS_CHECK_DSA				 116
 #define FIPS_F_FIPS_CHECK_EXE				 106
+#define FIPS_F_FIPS_CHECK_RSA				 115
 #define FIPS_F_FIPS_DSA_CHECK				 102
 #define FIPS_F_FIPS_MODE_SET				 105
 #define FIPS_F_FIPS_SELFTEST_AES			 104
@@ -103,6 +105,7 @@ void ERR_load_FIPS_strings(void);
 #define FIPS_R_FIPS_MODE_ALREADY_SET			 102
 #define FIPS_R_FIPS_SELFTEST_FAILED			 106
 #define FIPS_R_NON_FIPS_METHOD				 100
+#define FIPS_R_PAIRWISE_TEST_FAILED			 107
 #define FIPS_R_SELFTEST_FAILED				 101
 
 #ifdef  __cplusplus
diff --git a/fips/fips_err.h b/fips/fips_err.h
index c5c683b368..e8dafa4900 100644
--- a/fips/fips_err.h
+++ b/fips/fips_err.h
@@ -69,7 +69,9 @@ static ERR_STRING_DATA FIPS_str_functs[]=
 {ERR_PACK(0,FIPS_F_DSA_DO_SIGN,0),	"DSA_do_sign"},
 {ERR_PACK(0,FIPS_F_DSA_DO_VERIFY,0),	"DSA_do_verify"},
 {ERR_PACK(0,FIPS_F_DSA_GENERATE_PARAMETERS,0),	"DSA_generate_parameters"},
+{ERR_PACK(0,FIPS_F_FIPS_CHECK_DSA,0),	"FIPS_CHECK_DSA"},
 {ERR_PACK(0,FIPS_F_FIPS_CHECK_EXE,0),	"FIPS_CHECK_EXE"},
+{ERR_PACK(0,FIPS_F_FIPS_CHECK_RSA,0),	"FIPS_CHECK_RSA"},
 {ERR_PACK(0,FIPS_F_FIPS_DSA_CHECK,0),	"FIPS_dsa_check"},
 {ERR_PACK(0,FIPS_F_FIPS_MODE_SET,0),	"FIPS_mode_set"},
 {ERR_PACK(0,FIPS_F_FIPS_SELFTEST_AES,0),	"FIPS_selftest_aes"},
@@ -92,6 +94,7 @@ static ERR_STRING_DATA FIPS_str_reasons[]=
 {FIPS_R_FIPS_MODE_ALREADY_SET            ,"fips mode already set"},
 {FIPS_R_FIPS_SELFTEST_FAILED             ,"fips selftest failed"},
 {FIPS_R_NON_FIPS_METHOD                  ,"non fips method"},
+{FIPS_R_PAIRWISE_TEST_FAILED             ,"pairwise test failed"},
 {FIPS_R_SELFTEST_FAILED                  ,"selftest failed"},
 {0,NULL}
 	};
diff --git a/fips/rsa/Makefile.ssl b/fips/rsa/Makefile.ssl
index 383bc2510a..8306397507 100644
--- a/fips/rsa/Makefile.ssl
+++ b/fips/rsa/Makefile.ssl
@@ -56,11 +56,12 @@ links:
 	@$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS)
 
 install:
-	@for i in $(EXHEADER) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
+# some shells don't like empty lists
+# 	@for i in $(EXHEADER) ; \
+# 	do  \
+# 	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+# 	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+# 	done;
 
 tags:
 	ctags $(SRC)
diff --git a/fips/rsa/fingerprint.sha1 b/fips/rsa/fingerprint.sha1
index e03de116ba..14caeb1d23 100644
--- a/fips/rsa/fingerprint.sha1
+++ b/fips/rsa/fingerprint.sha1
@@ -1,3 +1,3 @@
 SHA1(fips_rsa_eay.c)= eacbcc656f1f046509abb9cc0207880b58ae8b90
-SHA1(fips_rsa_gen.c)= bfc4d7204f714a354a2e652318c5e82518441427
+SHA1(fips_rsa_gen.c)= eb47b6add96f4fe2396538b8ef394d16c4b1e87f
 SHA1(fips_rsa_selftest.c)= 0106c4c565833ad2c8975b7d38765038a58f037c
diff --git a/fips/rsa/fips_rsa_gen.c b/fips/rsa/fips_rsa_gen.c
index 06ffbd3769..dd0b04c5c2 100644
--- a/fips/rsa/fips_rsa_gen.c
+++ b/fips/rsa/fips_rsa_gen.c
@@ -65,6 +65,44 @@
 
 #ifdef OPENSSL_FIPS
 
+static int fips_check_rsa(RSA *rsa)
+    {
+    int n;
+    unsigned char ctext[256];
+    unsigned char ptext[256];
+    static unsigned char original_ptext[] =
+	"\x01\x23\x45\x67\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0"
+	"\x23\x45\x67\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12"
+	"\x45\x67\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34"
+	"\x67\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34\x56";
+
+    n=RSA_public_encrypt(sizeof(original_ptext)-1,original_ptext,ctext,rsa,
+			 RSA_NO_PADDING);
+    if(n < 0)
+	{
+	ERR_print_errors_fp(stderr);
+	exit(1);
+	}
+    if(!memcmp(ctext,original_ptext,n))
+  	{
+  	FIPSerr(FIPS_F_FIPS_CHECK_RSA,FIPS_R_PAIRWISE_TEST_FAILED);
+ 	return 0;
+ 	}
+    n=RSA_private_decrypt(n,ctext,ptext,rsa,RSA_NO_PADDING);
+    if(n < 0)
+	{
+	ERR_print_errors_fp(stderr);
+	exit(1);
+	}
+    if(n != sizeof(original_ptext)-1 || memcmp(ptext,original_ptext,n))
+	{
+	FIPSerr(FIPS_F_FIPS_CHECK_RSA,FIPS_R_PAIRWISE_TEST_FAILED);
+	return 0;
+	}
+
+    return 1;
+    }
+
 RSA *RSA_generate_key(int bits, unsigned long e_value,
 	     void (*callback)(int,int,void *), void *cb_arg)
 	{
@@ -184,6 +222,9 @@ RSA *RSA_generate_key(int bits, unsigned long e_value,
 	rsa->iqmp=BN_mod_inverse(NULL,rsa->q,rsa->p,ctx2);
 	if (rsa->iqmp == NULL) goto err;
 
+	if(!fips_check_rsa(rsa))
+	    goto err;
+
 	ok=1;
 err:
 	if (ok == -1)
-- 
2.25.1