From 5affe206e1d96aa1085e18804b542c7cb93d64ab Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 19 May 2004 14:16:33 +0000 Subject: [PATCH] Define FIPS_*_SIZE_T for AES, DSA and RSA as well, in preparation for size_t-ification of those algorithms in future version of OpenSSL... --- crypto/aes/aes.h | 6 ++++++ crypto/dsa/dsa.h | 4 ++++ crypto/rsa/rsa.h | 4 ++++ fips/aes/fingerprint.sha1 | 2 +- fips/aes/fips_aes_core.c | 10 +++++----- fips/dsa/fingerprint.sha1 | 4 ++-- fips/dsa/fips_dsa_gen.c | 4 ++-- fips/dsa/fips_dsa_ossl.c | 8 ++++---- fips/rsa/fingerprint.sha1 | 4 ++-- fips/rsa/fips_rsa_eay.c | 16 ++++++++-------- fips/rsa/fips_rsa_gen.c | 2 +- 11 files changed, 39 insertions(+), 25 deletions(-) diff --git a/crypto/aes/aes.h b/crypto/aes/aes.h index 5e177a3dd8..8a3ea0b883 100644 --- a/crypto/aes/aes.h +++ b/crypto/aes/aes.h @@ -52,6 +52,8 @@ #ifndef HEADER_AES_H #define HEADER_AES_H +#include + #ifdef OPENSSL_NO_AES #error AES is disabled. #endif @@ -64,6 +66,10 @@ #define AES_MAXNR 14 #define AES_BLOCK_SIZE 16 +#if defined(OPENSSL_FIPS) +#define FIPS_AES_SIZE_T int +#endif + #ifdef __cplusplus extern "C" { #endif diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h index 9b3baadf2c..225ff391f9 100644 --- a/crypto/dsa/dsa.h +++ b/crypto/dsa/dsa.h @@ -81,6 +81,10 @@ #define DSA_FLAG_CACHE_MONT_P 0x01 +#if defined(OPENSSL_FIPS) +#define FIPS_DSA_SIZE_T int +#endif + #ifdef __cplusplus extern "C" { #endif diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h index 62fa745f79..fc3bb5f86d 100644 --- a/crypto/rsa/rsa.h +++ b/crypto/rsa/rsa.h @@ -72,6 +72,10 @@ #error RSA is disabled. #endif +#if defined(OPENSSL_FIPS) +#define FIPS_RSA_SIZE_T int +#endif + #ifdef __cplusplus extern "C" { #endif diff --git a/fips/aes/fingerprint.sha1 b/fips/aes/fingerprint.sha1 index 295b552cb1..121def333c 100644 --- a/fips/aes/fingerprint.sha1 +++ b/fips/aes/fingerprint.sha1 @@ -1,3 +1,3 @@ -HMAC-SHA1(fips_aes_core.c)= 979e9a3084dc8e15d9f222bf721e6faccf6bcd18 +HMAC-SHA1(fips_aes_core.c)= e3b9b4ddceaca72392f59ee05164d9e6a81521a7 HMAC-SHA1(fips_aes_selftest.c)= 98b01502221e7fe529fd981222f2cbb52eb4cbe0 HMAC-SHA1(fips_aes_locl.h)= ded58f0cda8cb967dc5f5f3a860601c0b8744623 diff --git a/fips/aes/fips_aes_core.c b/fips/aes/fips_aes_core.c index 371a7f9e49..49169e7a4e 100644 --- a/fips/aes/fips_aes_core.c +++ b/fips/aes/fips_aes_core.c @@ -727,11 +727,11 @@ static const u32 rcon[] = { /** * Expand the cipher key into the encryption key schedule. */ -int AES_set_encrypt_key(const unsigned char *userKey, const int bits, - AES_KEY *key) { +int AES_set_encrypt_key(const unsigned char *userKey, + const FIPS_AES_SIZE_T bits, AES_KEY *key) { u32 *rk; - int i = 0; + int i = 0; u32 temp; if (!userKey || !key) @@ -830,8 +830,8 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits, /** * Expand the cipher key into the decryption key schedule. */ -int AES_set_decrypt_key(const unsigned char *userKey, const int bits, - AES_KEY *key) { +int AES_set_decrypt_key(const unsigned char *userKey, + const FIPS_AES_SIZE_T bits, AES_KEY *key) { u32 *rk; int i, j, status; diff --git a/fips/dsa/fingerprint.sha1 b/fips/dsa/fingerprint.sha1 index e81fe003d7..444eb69047 100644 --- a/fips/dsa/fingerprint.sha1 +++ b/fips/dsa/fingerprint.sha1 @@ -1,3 +1,3 @@ -HMAC-SHA1(fips_dsa_ossl.c)= 1295b5241620e1d5449aaeeb7084b181fc197003 -HMAC-SHA1(fips_dsa_gen.c)= e347a0c5b19cdcde37c73f6abcdc52c794d5dd4e +HMAC-SHA1(fips_dsa_ossl.c)= b817acc77487f42298205cc5fdd2593e30c66a9d +HMAC-SHA1(fips_dsa_gen.c)= 6276272125759148b60f2500fa40beea84648a21 HMAC-SHA1(fips_dsa_selftest.c)= 4bfc5d3a6b977527b053f3a03d0760a822a26135 diff --git a/fips/dsa/fips_dsa_gen.c b/fips/dsa/fips_dsa_gen.c index 9524a4e21b..6fa63f61cd 100644 --- a/fips/dsa/fips_dsa_gen.c +++ b/fips/dsa/fips_dsa_gen.c @@ -103,8 +103,8 @@ static int fips_check_dsa(DSA *dsa) return 1; } -DSA *DSA_generate_parameters(int bits, - unsigned char *seed_in, int seed_len, +DSA *DSA_generate_parameters(FIPS_DSA_SIZE_T bits, + unsigned char *seed_in, FIPS_DSA_SIZE_T seed_len, int *counter_ret, unsigned long *h_ret, void (*callback)(int, int, void *), void *cb_arg) diff --git a/fips/dsa/fips_dsa_ossl.c b/fips/dsa/fips_dsa_ossl.c index b47e59c737..a39286101b 100644 --- a/fips/dsa/fips_dsa_ossl.c +++ b/fips/dsa/fips_dsa_ossl.c @@ -70,9 +70,9 @@ #ifdef OPENSSL_FIPS -static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); +static DSA_SIG *dsa_do_sign(const unsigned char *dgst, FIPS_DSA_SIZE_T dlen, DSA *dsa); static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); -static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, +static int dsa_do_verify(const unsigned char *dgst, FIPS_DSA_SIZE_T dgst_len, DSA_SIG *sig, DSA *dsa); static int dsa_init(DSA *dsa); static int dsa_finish(DSA *dsa); @@ -116,7 +116,7 @@ const DSA_METHOD *DSA_OpenSSL(void) return &openssl_dsa_meth; } -static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) +static DSA_SIG *dsa_do_sign(const unsigned char *dgst, FIPS_DSA_SIZE_T dlen, DSA *dsa) { BIGNUM *kinv=NULL,*r=NULL,*s=NULL; BIGNUM m; @@ -257,7 +257,7 @@ err: return(ret); } -static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, +static int dsa_do_verify(const unsigned char *dgst, FIPS_DSA_SIZE_T dgst_len, DSA_SIG *sig, DSA *dsa) { BN_CTX *ctx; diff --git a/fips/rsa/fingerprint.sha1 b/fips/rsa/fingerprint.sha1 index 727c71930a..d4dcbdcb8b 100644 --- a/fips/rsa/fingerprint.sha1 +++ b/fips/rsa/fingerprint.sha1 @@ -1,3 +1,3 @@ -HMAC-SHA1(fips_rsa_eay.c)= 3808fed15de958768052db96ff710699ca9afd92 -HMAC-SHA1(fips_rsa_gen.c)= 0f7eec6b217844f638902ff82fe41e2201ade1d5 +HMAC-SHA1(fips_rsa_eay.c)= 660512794d0a702fc2bf17ae094e9e3181bf9152 +HMAC-SHA1(fips_rsa_gen.c)= 6bcf339dda5bb7d7e162c30d579431848a5e921f HMAC-SHA1(fips_rsa_selftest.c)= af5b9c9a0237b2219f375849a5b2311d786e711b diff --git a/fips/rsa/fips_rsa_eay.c b/fips/rsa/fips_rsa_eay.c index dafc7f1472..e4b11d9956 100644 --- a/fips/rsa/fips_rsa_eay.c +++ b/fips/rsa/fips_rsa_eay.c @@ -65,13 +65,13 @@ #if !defined(RSA_NULL) && defined(OPENSSL_FIPS) -static int RSA_eay_public_encrypt(int flen, const unsigned char *from, +static int RSA_eay_public_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -static int RSA_eay_private_encrypt(int flen, const unsigned char *from, +static int RSA_eay_private_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -static int RSA_eay_public_decrypt(int flen, const unsigned char *from, +static int RSA_eay_public_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -static int RSA_eay_private_decrypt(int flen, const unsigned char *from, +static int RSA_eay_private_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa); static int RSA_eay_init(RSA *rsa); @@ -97,7 +97,7 @@ const RSA_METHOD *RSA_PKCS1_SSLeay(void) return(&rsa_pkcs1_eay_meth); } -static int RSA_eay_public_encrypt(int flen, const unsigned char *from, +static int RSA_eay_public_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { BIGNUM f,ret; @@ -254,7 +254,7 @@ err: } /* signing */ -static int RSA_eay_private_encrypt(int flen, const unsigned char *from, +static int RSA_eay_private_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { BIGNUM f,ret; @@ -370,7 +370,7 @@ err: return(r); } -static int RSA_eay_private_decrypt(int flen, const unsigned char *from, +static int RSA_eay_private_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { BIGNUM f,ret; @@ -503,7 +503,7 @@ err: } /* signature verification */ -static int RSA_eay_public_decrypt(int flen, const unsigned char *from, +static int RSA_eay_public_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { BIGNUM f,ret; diff --git a/fips/rsa/fips_rsa_gen.c b/fips/rsa/fips_rsa_gen.c index e191baa926..cb671678b7 100644 --- a/fips/rsa/fips_rsa_gen.c +++ b/fips/rsa/fips_rsa_gen.c @@ -104,7 +104,7 @@ static int fips_check_rsa(RSA *rsa) return 1; } -RSA *RSA_generate_key(int bits, unsigned long e_value, +RSA *RSA_generate_key(FIPS_RSA_SIZE_T bits, unsigned long e_value, void (*callback)(int,int,void *), void *cb_arg) { RSA *rsa=NULL; -- 2.25.1