From 1f4eccaaa5dc69d55234263d3d1843f49021cb56 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Mon, 17 May 2004 15:37:26 +0000 Subject: [PATCH] Make reservations in FIPS code for upcoming size_t-fication of OpenSSL API. And couple of bug-fixes in fips/rand code [return without lock release and incorrect return value in fips_rand_bytes]. --- crypto/opensslv.h | 4 ++++ crypto/rand/rand.h | 4 ++++ crypto/sha/sha.h | 4 ++++ fips/rand/fingerprint.sha1 | 4 ++-- fips/rand/fips_rand.c | 37 ++++++++++++++++++++++++------------ fips/rand/fips_rand.h | 2 +- fips/rand/fips_randtest.c | 4 ++-- fips/sha1/fingerprint.sha1 | 4 ++-- fips/sha1/fips_md32_common.h | 12 ++++++------ fips/sha1/fips_sha_locl.h | 12 ++++++------ fips/sha1/standalone.sha1 | 4 ++-- 11 files changed, 58 insertions(+), 33 deletions(-) diff --git a/crypto/opensslv.h b/crypto/opensslv.h index 72c7c3344d..fcbf0f3ccd 100644 --- a/crypto/opensslv.h +++ b/crypto/opensslv.h @@ -26,7 +26,11 @@ * major minor fix final patch/beta) */ #define OPENSSL_VERSION_NUMBER 0x00907050L +#ifdef OPENSSL_FIPS +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7e-fips-dev XX xxx XXXX" +#else #define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7e-dev XX xxx XXXX" +#endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT diff --git a/crypto/rand/rand.h b/crypto/rand/rand.h index f8a369794a..cb30eed1cd 100644 --- a/crypto/rand/rand.h +++ b/crypto/rand/rand.h @@ -71,6 +71,10 @@ extern "C" { #endif +#if defined(OPENSSL_FIPS) +#define FIPS_RAND_SIZE_T int +#endif + typedef struct rand_meth_st { void (*seed)(const void *buf, int num); diff --git a/crypto/sha/sha.h b/crypto/sha/sha.h index 3fd54a10cc..a26ed5ddc1 100644 --- a/crypto/sha/sha.h +++ b/crypto/sha/sha.h @@ -69,6 +69,10 @@ extern "C" { #error SHA is disabled. #endif +#if defined(OPENSSL_FIPS) +#define FIPS_SHA_SIZE_T unsigned long +#endif + /* * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! * ! SHA_LONG has to be at least 32 bits wide. If it's wider, then ! diff --git a/fips/rand/fingerprint.sha1 b/fips/rand/fingerprint.sha1 index 11421113e0..f648232779 100644 --- a/fips/rand/fingerprint.sha1 +++ b/fips/rand/fingerprint.sha1 @@ -1,2 +1,2 @@ -HMAC-SHA1(fips_rand.c)= 58be68c405269c9a4c35ee19642c4da982374769 -HMAC-SHA1(fips_rand.h)= 889afc9a526fe59138326134950b733627a7e9cf +HMAC-SHA1(fips_rand.c)= 9371bac9e8929fe26327383f6e7fb11f06671565 +HMAC-SHA1(fips_rand.h)= 0567b1fe9b0efe034a537f335659b0b681809791 diff --git a/fips/rand/fips_rand.c b/fips/rand/fips_rand.c index 2ff197ebb0..15c270b446 100644 --- a/fips/rand/fips_rand.c +++ b/fips/rand/fips_rand.c @@ -75,8 +75,8 @@ #define SEED_SIZE 8 static unsigned char seed[SEED_SIZE]; -static int n_seed; -static int o_seed; +static FIPS_RAND_SIZE_T n_seed; +static FIPS_RAND_SIZE_T o_seed; static DES_cblock key1; static DES_cblock key2; static DES_key_schedule ks1,ks2; @@ -90,8 +90,8 @@ static int key_pid; #endif static void fips_rand_cleanup(void); -static void fips_rand_add(const void *buf, int num, double add_entropy); -static int fips_rand_bytes(unsigned char *buf, int num); +static void fips_rand_add(const void *buf, FIPS_RAND_SIZE_T num, double add_entropy); +static int fips_rand_bytes(unsigned char *buf, FIPS_RAND_SIZE_T num); static int fips_rand_status(void); static RAND_METHOD rand_fips_meth= @@ -195,10 +195,10 @@ static void fips_rand_cleanup(void) n_seed=0; } -void FIPS_rand_seed(const void *buf_, int num) +void FIPS_rand_seed(const void *buf_, FIPS_RAND_SIZE_T num) { const char *buf=buf_; - int n; + FIPS_RAND_SIZE_T n; static int init; /* If the key hasn't been set, we can't seed! */ @@ -219,7 +219,7 @@ void FIPS_rand_seed(const void *buf_, int num) */ for(n=0 ; n < num ; ) { - int t=num-n; + FIPS_RAND_SIZE_T t=num-n; if(o_seed+t > sizeof seed) t=sizeof seed-o_seed; @@ -239,14 +239,14 @@ void FIPS_rand_seed(const void *buf_, int num) CRYPTO_w_unlock(CRYPTO_LOCK_RAND); } -static void fips_rand_add(const void *buf, int num, double add_entropy) +static void fips_rand_add(const void *buf, FIPS_RAND_SIZE_T num, double add_entropy) { FIPS_rand_seed(buf,num); } -static int fips_rand_bytes(unsigned char *buf,int num) +static int fips_rand_bytes(unsigned char *buf,FIPS_RAND_SIZE_T num) { - int n; + FIPS_RAND_SIZE_T n; unsigned char timeseed[8]; unsigned char intermediate[SEED_SIZE]; unsigned char output[SEED_SIZE]; @@ -261,6 +261,18 @@ static int fips_rand_bytes(unsigned char *buf,int num) return 0; } +#ifdef FIPS_RAND_MAX_SIZE_T + if (num > FIPS_RAND_MAX_SIZE_T) + { +#ifdef RAND_R_PRNG_ASKING_FOR_TOO_MUCH + RANDerr(RAND_F_FIPS_RAND_BYTES,RAND_R_PRNG_ASKING_FOR_TOO_MUCH); + return 0; +#else + return -1; /* signal "not supported" condition */ +#endif + } +#endif + #ifndef GETPID_IS_MEANINGLESS pid=getpid(); if(pid != seed_pid) @@ -283,7 +295,7 @@ static int fips_rand_bytes(unsigned char *buf,int num) for(n=0 ; n < num ; ) { unsigned char t[SEED_SIZE]; - int l; + FIPS_RAND_SIZE_T l; /* now generate a full 64 bits of "randomness" */ for(l=0 ; l < sizeof t ; ++l) @@ -296,6 +308,7 @@ static int fips_rand_bytes(unsigned char *buf,int num) if(second && !memcmp(output,previous,sizeof previous)) { RANDerr(RAND_F_FIPS_RAND_BYTES,RAND_R_PRNG_STUCK); + CRYPTO_w_unlock(CRYPTO_LOCK_RAND); return 0; } memcpy(previous,output,sizeof previous); @@ -308,7 +321,7 @@ static int fips_rand_bytes(unsigned char *buf,int num) CRYPTO_w_unlock(CRYPTO_LOCK_RAND); - return num; + return 1; } static int fips_rand_status(void) diff --git a/fips/rand/fips_rand.h b/fips/rand/fips_rand.h index d50eaa8a50..1286b63ab2 100644 --- a/fips/rand/fips_rand.h +++ b/fips/rand/fips_rand.h @@ -60,7 +60,7 @@ extern "C" { void FIPS_set_prng_key(const unsigned char k1[8],const unsigned char k2[8]); void FIPS_test_mode(int test,const unsigned char faketime[8]); -void FIPS_rand_seed(const void *buf, int num); +void FIPS_rand_seed(const void *buf, FIPS_RAND_SIZE_T num); /* NB: this returns true if _partially_ seeded */ int FIPS_rand_seeded(void); diff --git a/fips/rand/fips_randtest.c b/fips/rand/fips_randtest.c index ff9c91cd36..98fe83ca4a 100644 --- a/fips/rand/fips_randtest.c +++ b/fips/rand/fips_randtest.c @@ -191,14 +191,14 @@ static void run_test(const PRNGtest *t) FIPS_test_mode(1,t->time); RAND_seed(t->seed,sizeof t->seed); - if(RAND_bytes(buf,8) != 8) + if(RAND_bytes(buf,8) <= 0) { ERR_print_errors_fp(stderr); exit(2); } compare(buf,t->block1,8); for(n=0 ; n < 99 ; ++n) - if(RAND_bytes(buf,8) != 8) + if(RAND_bytes(buf,8) <= 0) { ERR_print_errors_fp(stderr); exit(2); diff --git a/fips/sha1/fingerprint.sha1 b/fips/sha1/fingerprint.sha1 index 7e6d05e8e9..9b57f9d994 100644 --- a/fips/sha1/fingerprint.sha1 +++ b/fips/sha1/fingerprint.sha1 @@ -1,5 +1,5 @@ HMAC-SHA1(fips_sha1dgst.c)= 10575600a9540eb15188a7d3b0b031e60aedbc18 HMAC-SHA1(fips_sha1_selftest.c)= 98910a0c85eff1688bd7adb23e738dc75b39546e HMAC-SHA1(asm/sx86-elf.s)= 6286cba0ea3b071e67ab5c1e607d1387de6a871d -HMAC-SHA1(fips_sha_locl.h)= 199ceca9016ba5514997ce1fcd22be7d4f66e9b5 -HMAC-SHA1(fips_md32_common.h)= 5bd82fd4f27c9c9f5164dafbb617272fa5c96521 +HMAC-SHA1(fips_sha_locl.h)= b793c80946d1029a630844393e294b27f61b1485 +HMAC-SHA1(fips_md32_common.h)= cd86b0f4a9a22552dce8db3ae5f2614e54a61f15 diff --git a/fips/sha1/fips_md32_common.h b/fips/sha1/fips_md32_common.h index cf8d31f351..e714475dc6 100644 --- a/fips/sha1/fips_md32_common.h +++ b/fips/sha1/fips_md32_common.h @@ -179,7 +179,7 @@ */ #undef ROTATE #ifndef PEDANTIC -# if 0 /* defined(_MSC_VER) */ +# if defined(_MSC_VER) || defined(__ICC) # define ROTATE(a,n) _lrotl(a,n) # elif defined(__MWERKS__) # if defined(__POWERPC__) @@ -410,11 +410,11 @@ * Time for some action:-) */ -int HASH_UPDATE (HASH_CTX *c, const void *data_, unsigned long len) +int HASH_UPDATE (HASH_CTX *c, const void *data_, FIPS_SHA_SIZE_T len) { const unsigned char *data=data_; register HASH_LONG * p; - register unsigned long l; + register HASH_LONG l; int sw,sc,ew,ec; if(FIPS_selftest_fail) @@ -422,7 +422,7 @@ int HASH_UPDATE (HASH_CTX *c, const void *data_, unsigned long len) if (len==0) return 1; - l=(c->Nl+(len<<3))&0xffffffffL; + l=(c->Nl+(((HASH_LONG)len)<<3))&0xffffffffUL; /* 95-05-24 eay Fixed a bug with the overflow handling, thanks to * Wei Dai for pointing it out. */ if (l < c->Nl) /* overflow */ @@ -487,7 +487,7 @@ int HASH_UPDATE (HASH_CTX *c, const void *data_, unsigned long len) if ((((unsigned long)data)%4) == 0) { /* data is properly aligned so that we can cast it: */ - HASH_BLOCK_DATA_ORDER_ALIGNED (c,(HASH_LONG *)data,sw); + HASH_BLOCK_DATA_ORDER_ALIGNED (c,(const HASH_LONG *)data,sw); sw*=HASH_CBLOCK; data+=sw; len-=sw; @@ -535,7 +535,7 @@ void HASH_TRANSFORM (HASH_CTX *c, const unsigned char *data) #if defined(HASH_BLOCK_DATA_ORDER_ALIGNED) if ((((unsigned long)data)%4) == 0) /* data is properly aligned so that we can cast it: */ - HASH_BLOCK_DATA_ORDER_ALIGNED (c,(HASH_LONG *)data,1); + HASH_BLOCK_DATA_ORDER_ALIGNED (c,(const HASH_LONG *)data,1); else #if !defined(HASH_BLOCK_DATA_ORDER) { diff --git a/fips/sha1/fips_sha_locl.h b/fips/sha1/fips_sha_locl.h index 61d4146501..5008aa79b9 100644 --- a/fips/sha1/fips_sha_locl.h +++ b/fips/sha1/fips_sha_locl.h @@ -93,8 +93,8 @@ # define HASH_BLOCK_DATA_ORDER sha_block_data_order # define Xupdate(a,ix,ia,ib,ic,id) (ix=(a)=(ia^ib^ic^id)) - void sha_block_host_order (SHA_CTX *c, const void *p,int num); - void sha_block_data_order (SHA_CTX *c, const void *p,int num); + void sha_block_host_order (SHA_CTX *c, const void *p,FIPS_SHA_SIZE_T num); + void sha_block_data_order (SHA_CTX *c, const void *p,FIPS_SHA_SIZE_T num); #elif defined(SHA_1) @@ -124,8 +124,8 @@ # define HASH_BLOCK_DATA_ORDER_ALIGNED sha1_block_asm_data_order # endif # endif - void sha1_block_host_order (SHA_CTX *c, const void *p,int num); - void sha1_block_data_order (SHA_CTX *c, const void *p,int num); + void sha1_block_host_order (SHA_CTX *c, const void *p,FIPS_SHA_SIZE_T num); + void sha1_block_data_order (SHA_CTX *c, const void *p,FIPS_SHA_SIZE_T num); #else # error "Either SHA_0 or SHA_1 must be defined." @@ -222,7 +222,7 @@ int HASH_INIT (SHA_CTX *c) #endif #ifndef DONT_IMPLEMENT_BLOCK_HOST_ORDER -void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, int num) +void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, FIPS_SHA_SIZE_T num) { const SHA_LONG *W=d; register unsigned MD32_REG_T A,B,C,D,E,T; @@ -350,7 +350,7 @@ void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, int num) #endif #ifndef DONT_IMPLEMENT_BLOCK_DATA_ORDER -void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, int num) +void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, FIPS_SHA_SIZE_T num) { const unsigned char *data=p; register unsigned MD32_REG_T A,B,C,D,E,T,l; diff --git a/fips/sha1/standalone.sha1 b/fips/sha1/standalone.sha1 index 3ce8151260..d11f6424f2 100644 --- a/fips/sha1/standalone.sha1 +++ b/fips/sha1/standalone.sha1 @@ -2,5 +2,5 @@ HMAC-SHA1(fips_sha1dgst.c)= 10575600a9540eb15188a7d3b0b031e60aedbc18 HMAC-SHA1(fips_sha1_selftest.c)= 98910a0c85eff1688bd7adb23e738dc75b39546e HMAC-SHA1(asm/sx86-elf.s)= 6286cba0ea3b071e67ab5c1e607d1387de6a871d HMAC-SHA1(fips_standalone_sha1.c)= c17f83ccfe601558b33b6df27d2d82887b8c9dc2 -HMAC-SHA1(fips_sha_locl.h)= 199ceca9016ba5514997ce1fcd22be7d4f66e9b5 -HMAC-SHA1(fips_md32_common.h)= 5bd82fd4f27c9c9f5164dafbb617272fa5c96521 +HMAC-SHA1(fips_sha_locl.h)= b793c80946d1029a630844393e294b27f61b1485 +HMAC-SHA1(fips_md32_common.h)= cd86b0f4a9a22552dce8db3ae5f2614e54a61f15 -- 2.25.1