From 1b76fac5ae55d2d307f635af4775a7c9149c8551 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Fri, 11 Mar 2011 17:42:11 +0000 Subject: [PATCH] Check requested security strength in DRBG. Add function to retrieve the security strength. --- crypto/fips_err.h | 1 + fips/fips.h | 1 + fips/rand/fips_drbg_lib.c | 20 +++++++++++++++++++- fips/rand/fips_drbgvs.c | 6 +++--- fips/rand/fips_rand.h | 3 ++- 5 files changed, 26 insertions(+), 5 deletions(-) diff --git a/crypto/fips_err.h b/crypto/fips_err.h index 8bde7e8712..07a13e208e 100644 --- a/crypto/fips_err.h +++ b/crypto/fips_err.h @@ -128,6 +128,7 @@ static ERR_STRING_DATA FIPS_str_reasons[]= {ERR_REASON(FIPS_R_FIPS_SELFTEST_FAILED) ,"fips selftest failed"}, {ERR_REASON(FIPS_R_GENERATE_ERROR) ,"generate error"}, {ERR_REASON(FIPS_R_INSTANTIATE_ERROR) ,"instantiate error"}, +{ERR_REASON(FIPS_R_INSUFFICIENT_SECURITY_STRENGTH),"insufficient security strength"}, {ERR_REASON(FIPS_R_INVALID_KEY_LENGTH) ,"invalid key length"}, {ERR_REASON(FIPS_R_IN_ERROR_STATE) ,"in error state"}, {ERR_REASON(FIPS_R_KEY_TOO_SHORT) ,"key too short"}, diff --git a/fips/fips.h b/fips/fips.h index fa4f68087d..ee144a1b2e 100644 --- a/fips/fips.h +++ b/fips/fips.h @@ -233,6 +233,7 @@ void ERR_load_FIPS_strings(void); #define FIPS_R_FIPS_SELFTEST_FAILED 106 #define FIPS_R_GENERATE_ERROR 124 #define FIPS_R_INSTANTIATE_ERROR 125 +#define FIPS_R_INSUFFICIENT_SECURITY_STRENGTH 132 #define FIPS_R_INVALID_KEY_LENGTH 109 #define FIPS_R_IN_ERROR_STATE 126 #define FIPS_R_KEY_TOO_SHORT 108 diff --git a/fips/rand/fips_drbg_lib.c b/fips/rand/fips_drbg_lib.c index fd154c0346..1c8712e7a5 100644 --- a/fips/rand/fips_drbg_lib.c +++ b/fips/rand/fips_drbg_lib.c @@ -145,6 +145,12 @@ int FIPS_drbg_instantiate(DRBG_CTX *dctx, goto end; } + if (strength > dctx->strength) + { + r = FIPS_R_INSUFFICIENT_SECURITY_STRENGTH; + goto end; + } + dctx->status = DRBG_STATUS_ERROR; entlen = dctx->get_entropy(dctx, dctx->entropy, dctx->strength, @@ -261,7 +267,7 @@ int FIPS_drbg_reseed(DRBG_CTX *dctx, int FIPS_drbg_generate(DRBG_CTX *dctx, unsigned char *out, size_t outlen, - int prediction_resistance, + int strength, int prediction_resistance, const unsigned char *adin, size_t adinlen) { int r = 0; @@ -270,6 +276,13 @@ int FIPS_drbg_generate(DRBG_CTX *dctx, unsigned char *out, size_t outlen, r = FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG; return 0; } + + if (strength > dctx->strength) + { + r = FIPS_R_INSUFFICIENT_SECURITY_STRENGTH; + goto end; + } + if (dctx->status == DRBG_STATUS_RESEED || prediction_resistance) { if (!FIPS_drbg_reseed(dctx, adin, adinlen)) @@ -351,3 +364,8 @@ size_t FIPS_drbg_get_blocklength(DRBG_CTX *dctx) { return dctx->blocklength; } + +int FIPS_drbg_get_strength(DRBG_CTX *dctx) + { + return dctx->strength; + } diff --git a/fips/rand/fips_drbgvs.c b/fips/rand/fips_drbgvs.c index 3f6a2a54e9..c60b80bf2f 100644 --- a/fips/rand/fips_drbgvs.c +++ b/fips/rand/fips_drbgvs.c @@ -269,7 +269,7 @@ int main(int argc,char **argv) adin = hex2bin_m(value, &adinlen); if (pr) continue; - r = FIPS_drbg_generate(dctx, randout, randoutlen, 0, + r = FIPS_drbg_generate(dctx, randout, randoutlen, 0, 0, adin, adinlen); if (!r) { @@ -291,8 +291,8 @@ int main(int argc,char **argv) t.ent = ent; t.entlen = entlen; r = FIPS_drbg_generate(dctx, - randout, randoutlen, 1, - adin, adinlen); + randout, randoutlen, + 0, 1, adin, adinlen); if (!r) { fprintf(stderr, diff --git a/fips/rand/fips_rand.h b/fips/rand/fips_rand.h index e9e2afbbaa..6a0b6729a7 100644 --- a/fips/rand/fips_rand.h +++ b/fips/rand/fips_rand.h @@ -80,7 +80,7 @@ int FIPS_drbg_instantiate(DRBG_CTX *dctx, int strength, const unsigned char *pers, size_t perslen); int FIPS_drbg_reseed(DRBG_CTX *dctx, const unsigned char *adin, size_t adinlen); int FIPS_drbg_generate(DRBG_CTX *dctx, unsigned char *out, size_t outlen, - int prediction_resistance, + int strength, int prediction_resistance, const unsigned char *adin, size_t adinlen); int FIPS_drbg_uninstantiate(DRBG_CTX *dctx); @@ -95,6 +95,7 @@ int FIPS_drbg_set_test_mode(DRBG_CTX *dctx, void *FIPS_drbg_get_app_data(DRBG_CTX *ctx); void FIPS_drbg_set_app_data(DRBG_CTX *ctx, void *app_data); size_t FIPS_drbg_get_blocklength(DRBG_CTX *dctx); +int FIPS_drbg_get_strength(DRBG_CTX *dctx); #ifdef __cplusplus } -- 2.25.1