From 343e6a4950b6db78c7503f63bd1c9d1124c6dc56 Mon Sep 17 00:00:00 2001 From: Ben Laurie Date: Wed, 14 Apr 2004 17:58:54 +0000 Subject: [PATCH] Add corruptors so KATs can be made to fail. --- fips/aes/fingerprint.sha1 | 2 +- fips/aes/fips_aes_selftest.c | 5 +++++ fips/des/fingerprint.sha1 | 2 +- fips/des/fips_des_selftest.c | 7 ++++++- fips/dsa/fingerprint.sha1 | 2 +- fips/dsa/fips_dsa_selftest.c | 5 +++++ fips/fingerprint.sha1 | 2 +- fips/fips.h | 5 +++++ fips/rsa/fingerprint.sha1 | 2 +- fips/rsa/fips_rsa_selftest.c | 12 +++++++++--- fips/sha1/fingerprint.sha1 | 2 +- fips/sha1/fips_sha1_selftest.c | 5 +++++ fips/sha1/standalone.sha1 | 2 +- 13 files changed, 42 insertions(+), 11 deletions(-) diff --git a/fips/aes/fingerprint.sha1 b/fips/aes/fingerprint.sha1 index b16b9c5cef..295b552cb1 100644 --- a/fips/aes/fingerprint.sha1 +++ b/fips/aes/fingerprint.sha1 @@ -1,3 +1,3 @@ HMAC-SHA1(fips_aes_core.c)= 979e9a3084dc8e15d9f222bf721e6faccf6bcd18 -HMAC-SHA1(fips_aes_selftest.c)= 0bf32b515e2ee39332aa6563b45d7d44d88f4ed4 +HMAC-SHA1(fips_aes_selftest.c)= 98b01502221e7fe529fd981222f2cbb52eb4cbe0 HMAC-SHA1(fips_aes_locl.h)= ded58f0cda8cb967dc5f5f3a860601c0b8744623 diff --git a/fips/aes/fips_aes_selftest.c b/fips/aes/fips_aes_selftest.c index d47004c171..0e53d21bd0 100644 --- a/fips/aes/fips_aes_selftest.c +++ b/fips/aes/fips_aes_selftest.c @@ -70,6 +70,11 @@ static struct }, }; +void FIPS_corrupt_aes() + { + tests[0].key[0]++; + } + int FIPS_selftest_aes() { int n; diff --git a/fips/des/fingerprint.sha1 b/fips/des/fingerprint.sha1 index 89968240e0..76caf96fb4 100644 --- a/fips/des/fingerprint.sha1 +++ b/fips/des/fingerprint.sha1 @@ -1,5 +1,5 @@ HMAC-SHA1(fips_des_enc.c)= ea89417ba58c148c3d72d29438cd0bedc2315f7f HMAC-SHA1(asm/fips-dx86-elf.s)= 2f85e8e86806c92ee4c12cf5354e19eccf6ed47d -HMAC-SHA1(fips_des_selftest.c)= af1ad8d10a0f0567d48fcffd6f45b7b050f6dcb5 +HMAC-SHA1(fips_des_selftest.c)= 3bc574e51647c5f5ab45d1007b2cf461d67764a9 HMAC-SHA1(fips_set_key.c)= e55cabd0cbe5cd17710e11270d9594c0d7237064 HMAC-SHA1(fips_des_locl.h)= 7053848e884df47f06de9f2248380b92e58ef4e5 diff --git a/fips/des/fips_des_selftest.c b/fips/des/fips_des_selftest.c index f2c9ad5b24..3e0778eb5e 100644 --- a/fips/des/fips_des_selftest.c +++ b/fips/des/fips_des_selftest.c @@ -57,7 +57,7 @@ static struct { DES_cblock key; - DES_cblock plaintext; + unsigned char plaintext[8]; unsigned char ciphertext[8]; } tests[]= { @@ -120,6 +120,11 @@ static struct }, }; +void FIPS_corrupt_des() + { + tests[0].plaintext[0]++; + } + int FIPS_selftest_des() { int n; diff --git a/fips/dsa/fingerprint.sha1 b/fips/dsa/fingerprint.sha1 index d760ed4f4a..74ac84ffeb 100644 --- a/fips/dsa/fingerprint.sha1 +++ b/fips/dsa/fingerprint.sha1 @@ -1,3 +1,3 @@ HMAC-SHA1(fips_dsa_ossl.c)= 1295b5241620e1d5449aaeeb7084b181fc197003 HMAC-SHA1(fips_dsa_gen.c)= e347a0c5b19cdcde37c73f6abcdc52c794d5dd4e -HMAC-SHA1(fips_dsa_selftest.c)= 5a42b699e44b68e765fd6a1e9bcc2b923512a198 +HMAC-SHA1(fips_dsa_selftest.c)= a3de5feb989e7bfb15478318feab1f035e700933 diff --git a/fips/dsa/fips_dsa_selftest.c b/fips/dsa/fips_dsa_selftest.c index bca7c37faf..5f0e6651cb 100644 --- a/fips/dsa/fips_dsa_selftest.c +++ b/fips/dsa/fips_dsa_selftest.c @@ -100,6 +100,11 @@ static unsigned char out_g[]={ static const unsigned char str1[]="12345678901234567890"; +void FIPS_corrupt_dsa() + { + ++seed[0]; + } + int FIPS_selftest_dsa() { DSA *dsa=NULL; diff --git a/fips/fingerprint.sha1 b/fips/fingerprint.sha1 index 56adb13b20..a0e87dfc4c 100644 --- a/fips/fingerprint.sha1 +++ b/fips/fingerprint.sha1 @@ -1,4 +1,4 @@ HMAC-SHA1(fips.c)= 28c5bb3a276b1536327eb61b496b8c02a574c279 HMAC-SHA1(fips_err_wrapper.c)= d3e2be316062510312269e98f964cb87e7577898 -HMAC-SHA1(fips.h)= 30200a267be0bed23d4a93a9e242e181e0ee2b44 +HMAC-SHA1(fips.h)= aeab7ad3b7a84dc83cf5099cffdec07a3f995dea HMAC-SHA1(fips_err.h)= f4203a47100a815c21cf3a97092f91a595938f7c diff --git a/fips/fips.h b/fips/fips.h index 6abf8f5e67..5b152e3a37 100644 --- a/fips/fips.h +++ b/fips/fips.h @@ -60,10 +60,15 @@ struct dsa_st; int FIPS_mode_set(int onoff,const char *path); int FIPS_dsa_check(struct dsa_st *dsa); +void FIPS_corrupt_sha1(void); int FIPS_selftest_sha1(void); +void FIPS_corrupt_aes(void); int FIPS_selftest_aes(void); +void FIPS_corrupt_des(void); int FIPS_selftest_des(void); +void FIPS_corrupt_rsa(void); int FIPS_selftest_rsa(void); +void FIPS_corrupt_dsa(void); int FIPS_selftest_dsa(void); /* The following lines are auto generated by the script mkerr.pl. Any changes diff --git a/fips/rsa/fingerprint.sha1 b/fips/rsa/fingerprint.sha1 index 56f73808b6..e574531dd0 100644 --- a/fips/rsa/fingerprint.sha1 +++ b/fips/rsa/fingerprint.sha1 @@ -1,3 +1,3 @@ HMAC-SHA1(fips_rsa_eay.c)= 3808fed15de958768052db96ff710699ca9afd92 HMAC-SHA1(fips_rsa_gen.c)= bdc892485913c405f9e0459eb4e9b7e94881a4dc -HMAC-SHA1(fips_rsa_selftest.c)= b3cd2e2ff2bcf910ec8dfc891168761cb5dca0d6 +HMAC-SHA1(fips_rsa_selftest.c)= af5b9c9a0237b2219f375849a5b2311d786e711b diff --git a/fips/rsa/fips_rsa_selftest.c b/fips/rsa/fips_rsa_selftest.c index b055d6be26..cf3bf02aab 100644 --- a/fips/rsa/fips_rsa_selftest.c +++ b/fips/rsa/fips_rsa_selftest.c @@ -66,9 +66,7 @@ memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \ return (sizeof(ctext_ex) - 1); -static int setrsakey(RSA *key, unsigned char *c) - { - static unsigned char n[] = +static unsigned char n[] = "\x00\xBB\xF8\x2F\x09\x06\x82\xCE\x9C\x23\x38\xAC\x2B\x9D\xA8\x71" "\xF7\x36\x8D\x07\xEE\xD4\x10\x43\xA4\x40\xD6\xB6\xF0\x74\x54\xF5" "\x1F\xB8\xDF\xBA\xAF\x03\x5C\x02\xAB\x61\xEA\x48\xCE\xEB\x6F\xCD" @@ -79,6 +77,9 @@ static int setrsakey(RSA *key, unsigned char *c) "\x7F\xE2\x53\x72\x98\xCA\x2A\x8F\x59\x46\xF8\xE5\xFD\x09\x1D\xBD" "\xCB"; + +static int setrsakey(RSA *key, unsigned char *c) + { static unsigned char e[] = "\x11"; static unsigned char d[] = @@ -138,6 +139,11 @@ static int setrsakey(RSA *key, unsigned char *c) SetKey; } +void FIPS_corrupt_rsa() + { + n[0]++; + } + int FIPS_selftest_rsa() { int clen; diff --git a/fips/sha1/fingerprint.sha1 b/fips/sha1/fingerprint.sha1 index e0ea1f1709..c7fd5fbe80 100644 --- a/fips/sha1/fingerprint.sha1 +++ b/fips/sha1/fingerprint.sha1 @@ -1,5 +1,5 @@ HMAC-SHA1(fips_sha1dgst.c)= 10575600a9540eb15188a7d3b0b031e60aedbc18 -HMAC-SHA1(fips_sha1_selftest.c)= 9719f7e68950250ce4b7726be3e560c24cd72a32 +HMAC-SHA1(fips_sha1_selftest.c)= 98910a0c85eff1688bd7adb23e738dc75b39546e HMAC-SHA1(asm/sx86-elf.s)= 6286cba0ea3b071e67ab5c1e607d1387de6a871d HMAC-SHA1(fips_sha_locl.h)= 199ceca9016ba5514997ce1fcd22be7d4f66e9b5 HMAC-SHA1(fips_md32_common.h)= 4dd5d27e9bedbbaab6c6c5536b254e040137471e diff --git a/fips/sha1/fips_sha1_selftest.c b/fips/sha1/fips_sha1_selftest.c index 505e6f893d..248539acb0 100644 --- a/fips/sha1/fips_sha1_selftest.c +++ b/fips/sha1/fips_sha1_selftest.c @@ -71,6 +71,11 @@ static unsigned char ret[][SHA_DIGEST_LENGTH]= 0x4a,0xa1,0xf9,0x51,0x29,0xe5,0xe5,0x46,0x70,0xf1 }, }; +void FIPS_corrupt_sha1() + { + ret[0][0]++; + } + int FIPS_selftest_sha1() { int n; diff --git a/fips/sha1/standalone.sha1 b/fips/sha1/standalone.sha1 index 9d6e631874..356b4009a5 100644 --- a/fips/sha1/standalone.sha1 +++ b/fips/sha1/standalone.sha1 @@ -1,5 +1,5 @@ HMAC-SHA1(fips_sha1dgst.c)= 10575600a9540eb15188a7d3b0b031e60aedbc18 -HMAC-SHA1(fips_sha1_selftest.c)= 9719f7e68950250ce4b7726be3e560c24cd72a32 +HMAC-SHA1(fips_sha1_selftest.c)= 98910a0c85eff1688bd7adb23e738dc75b39546e HMAC-SHA1(asm/sx86-elf.s)= 6286cba0ea3b071e67ab5c1e607d1387de6a871d HMAC-SHA1(fips_standalone_sha1.c)= c17f83ccfe601558b33b6df27d2d82887b8c9dc2 HMAC-SHA1(fips_sha_locl.h)= 199ceca9016ba5514997ce1fcd22be7d4f66e9b5 -- 2.25.1