From 96a259e81e47cf61d54eb0cb0dd05434eda2f301 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Tue, 16 Sep 2008 10:47:28 +0000 Subject: [PATCH] Merge FIPS low level algorithm blocking code. Give hard errors if non-FIPS algorithms are use in FIPS mode using low level API. No effect in non-FIPS mode. --- crypto/aes/aes.h | 4 +++ crypto/aes/aes_cbc.c | 2 ++ crypto/aes/aes_core.c | 8 ++++++ crypto/bf/bf_skey.c | 7 ++++- crypto/bf/blowfish.h | 4 ++- crypto/cast/c_skey.c | 7 ++++- crypto/cast/cast.h | 4 ++- crypto/crypto.h | 54 ++++++++++++++++++++++++++++++++++++ crypto/idea/i_skey.c | 17 ++++++++++++ crypto/idea/idea.h | 3 ++ crypto/md2/md2.h | 3 ++ crypto/md2/md2_dgst.c | 7 ++++- crypto/md4/md4.h | 3 ++ crypto/md4/md4_dgst.c | 7 ++++- crypto/md5/md5.h | 3 ++ crypto/md5/md5_dgst.c | 7 ++++- crypto/mdc2/mdc2.h | 4 ++- crypto/mdc2/mdc2dgst.c | 7 ++++- crypto/rc2/rc2.h | 4 ++- crypto/rc2/rc2_skey.c | 17 ++++++++++++ crypto/rc4/asm/rc4-x86_64.pl | 2 ++ crypto/rc4/rc4.h | 3 ++ crypto/rc4/rc4_skey.c | 16 ++++++++++- crypto/rc5/rc5.h | 5 +++- crypto/rc5/rc5_skey.c | 17 ++++++++++++ crypto/ripemd/ripemd.h | 4 ++- crypto/ripemd/rmd_dgst.c | 7 ++++- crypto/ripemd/rmd_locl.h | 2 +- crypto/sha/sha.h | 3 ++ crypto/sha/sha1_one.c | 2 +- crypto/sha/sha1dgst.c | 4 +++ crypto/sha/sha256.c | 10 +++++++ crypto/sha/sha512.c | 12 +++++++- crypto/sha/sha_dgst.c | 6 ++++ crypto/sha/sha_locl.h | 7 +++++ 35 files changed, 255 insertions(+), 17 deletions(-) diff --git a/crypto/aes/aes.h b/crypto/aes/aes.h index baf0222d49..450f2b4051 100644 --- a/crypto/aes/aes.h +++ b/crypto/aes/aes.h @@ -66,6 +66,10 @@ #define AES_MAXNR 14 #define AES_BLOCK_SIZE 16 +#ifdef OPENSSL_FIPS +#define FIPS_AES_SIZE_T int +#endif + #ifdef __cplusplus extern "C" { #endif diff --git a/crypto/aes/aes_cbc.c b/crypto/aes/aes_cbc.c index d2ba6bcdb4..373864cd4b 100644 --- a/crypto/aes/aes_cbc.c +++ b/crypto/aes/aes_cbc.c @@ -59,6 +59,7 @@ #include #include "aes_locl.h" +#if !defined(OPENSSL_FIPS_AES_ASM) void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, const unsigned long length, const AES_KEY *key, unsigned char *ivec, const int enc) { @@ -129,3 +130,4 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, } } } +#endif diff --git a/crypto/aes/aes_core.c b/crypto/aes/aes_core.c index 3a80e18b0a..cffdd4daec 100644 --- a/crypto/aes/aes_core.c +++ b/crypto/aes/aes_core.c @@ -37,6 +37,10 @@ #include #include +#ifdef OPENSSL_FIPS +#include +#endif + #include "aes_locl.h" /* @@ -631,6 +635,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits, int i = 0; u32 temp; +#ifdef OPENSSL_FIPS + FIPS_selftest_check(); +#endif + if (!userKey || !key) return -1; if (bits != 128 && bits != 192 && bits != 256) diff --git a/crypto/bf/bf_skey.c b/crypto/bf/bf_skey.c index 3673cdee6e..6ac2aeb279 100644 --- a/crypto/bf/bf_skey.c +++ b/crypto/bf/bf_skey.c @@ -59,10 +59,15 @@ #include #include #include +#include +#ifdef OPENSSL_FIPS +#include +#endif + #include "bf_locl.h" #include "bf_pi.h" -void BF_set_key(BF_KEY *key, int len, const unsigned char *data) +FIPS_NON_FIPS_VCIPHER_Init(BF) { int i; BF_LONG *p,ri,in[2]; diff --git a/crypto/bf/blowfish.h b/crypto/bf/blowfish.h index cd49e85ab2..d24ffccb65 100644 --- a/crypto/bf/blowfish.h +++ b/crypto/bf/blowfish.h @@ -104,7 +104,9 @@ typedef struct bf_key_st BF_LONG S[4*256]; } BF_KEY; - +#ifdef OPENSSL_FIPS +void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data); +#endif void BF_set_key(BF_KEY *key, int len, const unsigned char *data); void BF_encrypt(BF_LONG *data,const BF_KEY *key); diff --git a/crypto/cast/c_skey.c b/crypto/cast/c_skey.c index 76e40005c9..68e690a60c 100644 --- a/crypto/cast/c_skey.c +++ b/crypto/cast/c_skey.c @@ -57,6 +57,11 @@ */ #include +#include +#ifdef OPENSSL_FIPS +#include +#endif + #include "cast_lcl.h" #include "cast_s.h" @@ -72,7 +77,7 @@ #define S6 CAST_S_table6 #define S7 CAST_S_table7 -void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data) +FIPS_NON_FIPS_VCIPHER_Init(CAST) { CAST_LONG x[16]; CAST_LONG z[16]; diff --git a/crypto/cast/cast.h b/crypto/cast/cast.h index 90b45b950a..1faf5806aa 100644 --- a/crypto/cast/cast.h +++ b/crypto/cast/cast.h @@ -83,7 +83,9 @@ typedef struct cast_key_st int short_key; /* Use reduced rounds for short key */ } CAST_KEY; - +#ifdef OPENSSL_FIPS +void private_CAST_set_key(CAST_KEY *key, int len, const unsigned char *data); +#endif void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data); void CAST_ecb_encrypt(const unsigned char *in,unsigned char *out,CAST_KEY *key, int enc); diff --git a/crypto/crypto.h b/crypto/crypto.h index fe2c1d6403..1b6c5df329 100644 --- a/crypto/crypto.h +++ b/crypto/crypto.h @@ -523,6 +523,60 @@ unsigned long *OPENSSL_ia32cap_loc(void); #define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc())) int OPENSSL_isservice(void); +#ifdef OPENSSL_FIPS +#define FIPS_ERROR_IGNORED(alg) OpenSSLDie(__FILE__, __LINE__, \ + alg " previous FIPS forbidden algorithm error ignored"); + +#define FIPS_BAD_ABORT(alg) OpenSSLDie(__FILE__, __LINE__, \ + #alg " Algorithm forbidden in FIPS mode"); + +#ifdef OPENSSL_FIPS_STRICT +#define FIPS_BAD_ALGORITHM(alg) FIPS_BAD_ABORT(alg) +#else +#define FIPS_BAD_ALGORITHM(alg) \ + { \ + FIPSerr(FIPS_F_HASH_FINAL,FIPS_R_NON_FIPS_METHOD); \ + ERR_add_error_data(2, "Algorithm=", #alg); \ + return 0; \ + } +#endif + +/* Low level digest API blocking macro */ + +#define FIPS_NON_FIPS_MD_Init(alg) \ + int alg##_Init(alg##_CTX *c) \ + { \ + if (FIPS_mode()) \ + FIPS_BAD_ALGORITHM(alg) \ + return private_##alg##_Init(c); \ + } \ + int private_##alg##_Init(alg##_CTX *c) + +/* For ciphers the API often varies from cipher to cipher and each needs to + * be treated as a special case. Variable key length ciphers (Blowfish, RC4, + * CAST) however are very similar and can use a blocking macro. + */ + +#define FIPS_NON_FIPS_VCIPHER_Init(alg) \ + void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data) \ + { \ + if (FIPS_mode()) \ + FIPS_BAD_ABORT(alg) \ + private_##alg##_set_key(key, len, data); \ + } \ + void private_##alg##_set_key(alg##_KEY *key, int len, \ + const unsigned char *data) + +#else + +#define FIPS_NON_FIPS_VCIPHER_Init(alg) \ + void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data) + +#define FIPS_NON_FIPS_MD_Init(alg) \ + int alg##_Init(alg##_CTX *c) + +#endif /* def OPENSSL_FIPS */ + /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. diff --git a/crypto/idea/i_skey.c b/crypto/idea/i_skey.c index 3b1bbd8a45..fa75b14466 100644 --- a/crypto/idea/i_skey.c +++ b/crypto/idea/i_skey.c @@ -57,10 +57,27 @@ */ #include +#include +#ifdef OPENSSL_FIPS +#include +#endif + #include "idea_lcl.h" static IDEA_INT inverse(unsigned int xin); + +#ifdef OPENSSL_FIPS +void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks) + { + if (FIPS_mode()) + FIPS_BAD_ABORT(IDEA) + private_idea_set_encrypt_key(key, ks); + } +void private_idea_set_encrypt_key(const unsigned char *key, + IDEA_KEY_SCHEDULE *ks) +#else void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks) +#endif { int i; register IDEA_INT *kt,*kf,r0,r1,r2; diff --git a/crypto/idea/idea.h b/crypto/idea/idea.h index bf97a37e39..a137d4cbce 100644 --- a/crypto/idea/idea.h +++ b/crypto/idea/idea.h @@ -83,6 +83,9 @@ typedef struct idea_key_st const char *idea_options(void); void idea_ecb_encrypt(const unsigned char *in, unsigned char *out, IDEA_KEY_SCHEDULE *ks); +#ifdef OPENSSL_FIPS +void private_idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks); +#endif void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks); void idea_set_decrypt_key(const IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk); void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, diff --git a/crypto/md2/md2.h b/crypto/md2/md2.h index a46120e7d4..d59c9f2593 100644 --- a/crypto/md2/md2.h +++ b/crypto/md2/md2.h @@ -81,6 +81,9 @@ typedef struct MD2state_st } MD2_CTX; const char *MD2_options(void); +#ifdef OPENSSL_FIPS +int private_MD2_Init(MD2_CTX *c); +#endif int MD2_Init(MD2_CTX *c); int MD2_Update(MD2_CTX *c, const unsigned char *data, size_t len); int MD2_Final(unsigned char *md, MD2_CTX *c); diff --git a/crypto/md2/md2_dgst.c b/crypto/md2/md2_dgst.c index 6f68b25c6a..cc4eeaf7a7 100644 --- a/crypto/md2/md2_dgst.c +++ b/crypto/md2/md2_dgst.c @@ -62,6 +62,11 @@ #include #include #include +#ifdef OPENSSL_FIPS +#include +#endif + +#include const char MD2_version[]="MD2" OPENSSL_VERSION_PTEXT; @@ -116,7 +121,7 @@ const char *MD2_options(void) return("md2(int)"); } -int MD2_Init(MD2_CTX *c) +FIPS_NON_FIPS_MD_Init(MD2) { c->num=0; memset(c->state,0,sizeof c->state); diff --git a/crypto/md4/md4.h b/crypto/md4/md4.h index 5598c93a4f..ba1fe4a6ee 100644 --- a/crypto/md4/md4.h +++ b/crypto/md4/md4.h @@ -105,6 +105,9 @@ typedef struct MD4state_st unsigned int num; } MD4_CTX; +#ifdef OPENSSL_FIPS +int private_MD4_Init(MD4_CTX *c); +#endif int MD4_Init(MD4_CTX *c); int MD4_Update(MD4_CTX *c, const void *data, size_t len); int MD4_Final(unsigned char *md, MD4_CTX *c); diff --git a/crypto/md4/md4_dgst.c b/crypto/md4/md4_dgst.c index cfef94af39..0f5448601d 100644 --- a/crypto/md4/md4_dgst.c +++ b/crypto/md4/md4_dgst.c @@ -59,6 +59,11 @@ #include #include "md4_locl.h" #include +#include +#ifdef OPENSSL_FIPS +#include +#endif + const char MD4_version[]="MD4" OPENSSL_VERSION_PTEXT; @@ -70,7 +75,7 @@ const char MD4_version[]="MD4" OPENSSL_VERSION_PTEXT; #define INIT_DATA_C (unsigned long)0x98badcfeL #define INIT_DATA_D (unsigned long)0x10325476L -int MD4_Init(MD4_CTX *c) +FIPS_NON_FIPS_MD_Init(MD4) { c->A=INIT_DATA_A; c->B=INIT_DATA_B; diff --git a/crypto/md5/md5.h b/crypto/md5/md5.h index dbdc0e1abc..0761f84a27 100644 --- a/crypto/md5/md5.h +++ b/crypto/md5/md5.h @@ -105,6 +105,9 @@ typedef struct MD5state_st unsigned int num; } MD5_CTX; +#ifdef OPENSSL_FIPS +int private_MD5_Init(MD5_CTX *c); +#endif int MD5_Init(MD5_CTX *c); int MD5_Update(MD5_CTX *c, const void *data, size_t len); int MD5_Final(unsigned char *md, MD5_CTX *c); diff --git a/crypto/md5/md5_dgst.c b/crypto/md5/md5_dgst.c index b96e332ba4..47bb9020ee 100644 --- a/crypto/md5/md5_dgst.c +++ b/crypto/md5/md5_dgst.c @@ -59,6 +59,11 @@ #include #include "md5_locl.h" #include +#include +#ifdef OPENSSL_FIPS +#include +#endif + const char MD5_version[]="MD5" OPENSSL_VERSION_PTEXT; @@ -70,7 +75,7 @@ const char MD5_version[]="MD5" OPENSSL_VERSION_PTEXT; #define INIT_DATA_C (unsigned long)0x98badcfeL #define INIT_DATA_D (unsigned long)0x10325476L -int MD5_Init(MD5_CTX *c) +FIPS_NON_FIPS_MD_Init(MD5) { c->A=INIT_DATA_A; c->B=INIT_DATA_B; diff --git a/crypto/mdc2/mdc2.h b/crypto/mdc2/mdc2.h index 72778a5212..7e1354116a 100644 --- a/crypto/mdc2/mdc2.h +++ b/crypto/mdc2/mdc2.h @@ -80,7 +80,9 @@ typedef struct mdc2_ctx_st int pad_type; /* either 1 or 2, default 1 */ } MDC2_CTX; - +#ifdef OPENSSL_FIPS +int private_MDC2_Init(MDC2_CTX *c); +#endif int MDC2_Init(MDC2_CTX *c); int MDC2_Update(MDC2_CTX *c, const unsigned char *data, size_t len); int MDC2_Final(unsigned char *md, MDC2_CTX *c); diff --git a/crypto/mdc2/mdc2dgst.c b/crypto/mdc2/mdc2dgst.c index 4aa406edc3..a36b3f578e 100644 --- a/crypto/mdc2/mdc2dgst.c +++ b/crypto/mdc2/mdc2dgst.c @@ -61,6 +61,11 @@ #include #include #include +#include +#ifdef OPENSSL_FIPS +#include +#endif + #undef c2l #define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \ @@ -75,7 +80,7 @@ *((c)++)=(unsigned char)(((l)>>24L)&0xff)) static void mdc2_body(MDC2_CTX *c, const unsigned char *in, size_t len); -int MDC2_Init(MDC2_CTX *c) +FIPS_NON_FIPS_MD_Init(MDC2) { c->num=0; c->pad_type=1; diff --git a/crypto/rc2/rc2.h b/crypto/rc2/rc2.h index 34c8362317..e542ec94ff 100644 --- a/crypto/rc2/rc2.h +++ b/crypto/rc2/rc2.h @@ -79,7 +79,9 @@ typedef struct rc2_key_st RC2_INT data[64]; } RC2_KEY; - +#ifdef OPENSSL_FIPS +void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits); +#endif void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits); void RC2_ecb_encrypt(const unsigned char *in,unsigned char *out,RC2_KEY *key, int enc); diff --git a/crypto/rc2/rc2_skey.c b/crypto/rc2/rc2_skey.c index 4953642056..4e000e5b99 100644 --- a/crypto/rc2/rc2_skey.c +++ b/crypto/rc2/rc2_skey.c @@ -57,6 +57,11 @@ */ #include +#include +#ifdef OPENSSL_FIPS +#include +#endif + #include "rc2_locl.h" static unsigned char key_table[256]={ @@ -94,7 +99,19 @@ static unsigned char key_table[256]={ * BSAFE uses the 'retarded' version. What I previously shipped is * the same as specifying 1024 for the 'bits' parameter. Bsafe uses * a version where the bits parameter is the same as len*8 */ + +#ifdef OPENSSL_FIPS void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) + { + if (FIPS_mode()) + FIPS_BAD_ABORT(RC2) + private_RC2_set_key(key, len, data, bits); + } +void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, + int bits) +#else +void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) +#endif { int i,j; unsigned char *k; diff --git a/crypto/rc4/asm/rc4-x86_64.pl b/crypto/rc4/asm/rc4-x86_64.pl index 2d47320485..00c6fa28aa 100755 --- a/crypto/rc4/asm/rc4-x86_64.pl +++ b/crypto/rc4/asm/rc4-x86_64.pl @@ -359,6 +359,8 @@ ___ $code =~ s/#([bwd])/$1/gm; +$code =~ s/RC4_set_key/private_RC4_set_key/g if ($ENV{FIPSCANLIB} ne ""); + print $code; close STDOUT; diff --git a/crypto/rc4/rc4.h b/crypto/rc4/rc4.h index 7aec04fe93..2d8620d33b 100644 --- a/crypto/rc4/rc4.h +++ b/crypto/rc4/rc4.h @@ -76,6 +76,9 @@ typedef struct rc4_key_st const char *RC4_options(void); +#ifdef OPENSSL_FIPS +void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); +#endif void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, unsigned char *outdata); diff --git a/crypto/rc4/rc4_skey.c b/crypto/rc4/rc4_skey.c index 46b77ec321..4478d1a4b3 100644 --- a/crypto/rc4/rc4_skey.c +++ b/crypto/rc4/rc4_skey.c @@ -59,6 +59,11 @@ #include #include "rc4_locl.h" #include +#include +#ifdef OPENSSL_FIPS +#include +#endif + const char RC4_version[]="RC4" OPENSSL_VERSION_PTEXT; @@ -85,7 +90,11 @@ const char *RC4_options(void) * Date: Wed, 14 Sep 1994 06:35:31 GMT */ +#ifdef OPENSSL_FIPS +void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) +#else void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) +#endif { register RC4_INT tmp; register int id1,id2; @@ -127,7 +136,12 @@ void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) * * */ - if (OPENSSL_ia32cap_P & (1<<20)) { +#ifdef OPENSSL_FIPS + unsigned long *ia32cap_ptr = OPENSSL_ia32cap_loc(); + if (ia32cap_ptr && (*ia32cap_ptr & (1<<28))) { +#else + if (OPENSSL_ia32cap_P & (1<<28)) { +#endif unsigned char *cp=(unsigned char *)d; for (i=0;i<256;i++) cp[i]=i; diff --git a/crypto/rc5/rc5.h b/crypto/rc5/rc5.h index 4b3c153b50..f73a2a02a4 100644 --- a/crypto/rc5/rc5.h +++ b/crypto/rc5/rc5.h @@ -94,7 +94,10 @@ typedef struct rc5_key_st RC5_32_INT data[2*(RC5_16_ROUNDS+1)]; } RC5_32_KEY; - +#ifdef OPENSSL_FIPS +void private_RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, + int rounds); +#endif void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, int rounds); void RC5_32_ecb_encrypt(const unsigned char *in,unsigned char *out,RC5_32_KEY *key, diff --git a/crypto/rc5/rc5_skey.c b/crypto/rc5/rc5_skey.c index a2e00a41c5..247fa6500c 100644 --- a/crypto/rc5/rc5_skey.c +++ b/crypto/rc5/rc5_skey.c @@ -56,11 +56,28 @@ * [including the GNU Public Licence.] */ +#include #include +#ifdef OPENSSL_FIPS +#include +#endif + #include "rc5_locl.h" +#ifdef OPENSSL_FIPS +void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, + int rounds) + { + if (FIPS_mode()) + FIPS_BAD_ABORT(RC5) + private_RC5_32_set_key(key, len, data, rounds); + } +void private_RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, + int rounds) +#else void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, int rounds) +#endif { RC5_32_INT L[64],l,ll,A,B,*S,k; int i,j,m,c,t,ii,jj; diff --git a/crypto/ripemd/ripemd.h b/crypto/ripemd/ripemd.h index 033a5965b5..3b6d04386d 100644 --- a/crypto/ripemd/ripemd.h +++ b/crypto/ripemd/ripemd.h @@ -90,7 +90,9 @@ typedef struct RIPEMD160state_st RIPEMD160_LONG data[RIPEMD160_LBLOCK]; unsigned int num; } RIPEMD160_CTX; - +#ifdef OPENSSL_FIPS +int private_RIPEMD160_Init(RIPEMD160_CTX *c); +#endif int RIPEMD160_Init(RIPEMD160_CTX *c); int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len); int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c); diff --git a/crypto/ripemd/rmd_dgst.c b/crypto/ripemd/rmd_dgst.c index 61626284b8..ead11d075a 100644 --- a/crypto/ripemd/rmd_dgst.c +++ b/crypto/ripemd/rmd_dgst.c @@ -59,6 +59,11 @@ #include #include "rmd_locl.h" #include +#include +#ifdef OPENSSL_FIPS +#include +#endif + const char RMD160_version[]="RIPE-MD160" OPENSSL_VERSION_PTEXT; @@ -69,7 +74,7 @@ const char RMD160_version[]="RIPE-MD160" OPENSSL_VERSION_PTEXT; void ripemd160_block(RIPEMD160_CTX *c, unsigned long *p,size_t num); # endif -int RIPEMD160_Init(RIPEMD160_CTX *c) +FIPS_NON_FIPS_MD_Init(RIPEMD160) { c->A=RIPEMD160_A; c->B=RIPEMD160_B; diff --git a/crypto/ripemd/rmd_locl.h b/crypto/ripemd/rmd_locl.h index f14b346e66..ce12a8000e 100644 --- a/crypto/ripemd/rmd_locl.h +++ b/crypto/ripemd/rmd_locl.h @@ -72,7 +72,7 @@ */ #ifdef RMD160_ASM # if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) -# define ripemd160_block_data_order ripemd160_block_asm_data_order +# define ripemd160_block_host_order ripemd160_block_asm_data_order # endif #endif diff --git a/crypto/sha/sha.h b/crypto/sha/sha.h index eed44d7f94..47a2c29f66 100644 --- a/crypto/sha/sha.h +++ b/crypto/sha/sha.h @@ -106,6 +106,9 @@ typedef struct SHAstate_st } SHA_CTX; #ifndef OPENSSL_NO_SHA0 +#ifdef OPENSSL_FIPS +int private_SHA_Init(SHA_CTX *c); +#endif int SHA_Init(SHA_CTX *c); int SHA_Update(SHA_CTX *c, const void *data, size_t len); int SHA_Final(unsigned char *md, SHA_CTX *c); diff --git a/crypto/sha/sha1_one.c b/crypto/sha/sha1_one.c index 7c65b60276..4831174198 100644 --- a/crypto/sha/sha1_one.c +++ b/crypto/sha/sha1_one.c @@ -61,7 +61,7 @@ #include #include -#ifndef OPENSSL_NO_SHA1 +#if !defined(OPENSSL_NO_SHA1) unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md) { SHA_CTX c; diff --git a/crypto/sha/sha1dgst.c b/crypto/sha/sha1dgst.c index 50d1925cde..d31f0781a0 100644 --- a/crypto/sha/sha1dgst.c +++ b/crypto/sha/sha1dgst.c @@ -63,6 +63,10 @@ #define SHA_1 #include +#ifdef OPENSSL_FIPS +#include +#endif + const char SHA1_version[]="SHA1" OPENSSL_VERSION_PTEXT; diff --git a/crypto/sha/sha256.c b/crypto/sha/sha256.c index 867f90cc97..3256a83e98 100644 --- a/crypto/sha/sha256.c +++ b/crypto/sha/sha256.c @@ -12,12 +12,19 @@ #include #include +#ifdef OPENSSL_FIPS +#include +#endif + #include const char SHA256_version[]="SHA-256" OPENSSL_VERSION_PTEXT; int SHA224_Init (SHA256_CTX *c) { +#ifdef OPENSSL_FIPS + FIPS_selftest_check(); +#endif c->h[0]=0xc1059ed8UL; c->h[1]=0x367cd507UL; c->h[2]=0x3070dd17UL; c->h[3]=0xf70e5939UL; c->h[4]=0xffc00b31UL; c->h[5]=0x68581511UL; @@ -29,6 +36,9 @@ int SHA224_Init (SHA256_CTX *c) int SHA256_Init (SHA256_CTX *c) { +#ifdef OPENSSL_FIPS + FIPS_selftest_check(); +#endif c->h[0]=0x6a09e667UL; c->h[1]=0xbb67ae85UL; c->h[2]=0x3c6ef372UL; c->h[3]=0xa54ff53aUL; c->h[4]=0x510e527fUL; c->h[5]=0x9b05688cUL; diff --git a/crypto/sha/sha512.c b/crypto/sha/sha512.c index 987fc07c99..f5ed468b85 100644 --- a/crypto/sha/sha512.c +++ b/crypto/sha/sha512.c @@ -5,6 +5,10 @@ * ==================================================================== */ #include +#ifdef OPENSSL_FIPS +#include +#endif + #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA512) /* * IMPLEMENTATION NOTES. @@ -61,6 +65,9 @@ const char SHA512_version[]="SHA-512" OPENSSL_VERSION_PTEXT; int SHA384_Init (SHA512_CTX *c) { +#ifdef OPENSSL_FIPS + FIPS_selftest_check(); +#endif c->h[0]=U64(0xcbbb9d5dc1059ed8); c->h[1]=U64(0x629a292a367cd507); c->h[2]=U64(0x9159015a3070dd17); @@ -76,6 +83,9 @@ int SHA384_Init (SHA512_CTX *c) int SHA512_Init (SHA512_CTX *c) { +#ifdef OPENSSL_FIPS + FIPS_selftest_check(); +#endif c->h[0]=U64(0x6a09e667f3bcc908); c->h[1]=U64(0xbb67ae8584caa73b); c->h[2]=U64(0x3c6ef372fe94f82b); @@ -327,7 +337,7 @@ static const SHA_LONG64 K512[80] = { ((SHA_LONG64)hi)<<32|lo; }) # else # define PULL64(x) ({ const unsigned int *p=(const unsigned int *)(&(x));\ - unsigned int hi=p[0],lo=p[1]; \ + unsigned int hi=p[0],lo=p[1]; \ asm ("bswapl %0; bswapl %1;" \ : "=r"(lo),"=r"(hi) \ : "0"(lo),"1"(hi)); \ diff --git a/crypto/sha/sha_dgst.c b/crypto/sha/sha_dgst.c index 70eb56032c..598f4d721a 100644 --- a/crypto/sha/sha_dgst.c +++ b/crypto/sha/sha_dgst.c @@ -57,6 +57,12 @@ */ #include +#include +#ifdef OPENSSL_FIPS +#include +#endif + +#include #if !defined(OPENSSL_NO_SHA0) && !defined(OPENSSL_NO_SHA) #undef SHA_1 diff --git a/crypto/sha/sha_locl.h b/crypto/sha/sha_locl.h index e37e5726e3..da46ddfe79 100644 --- a/crypto/sha/sha_locl.h +++ b/crypto/sha/sha_locl.h @@ -122,8 +122,15 @@ void sha1_block_data_order (SHA_CTX *c, const void *p,size_t num); #define INIT_DATA_h3 0x10325476UL #define INIT_DATA_h4 0xc3d2e1f0UL +#if defined(SHA_0) && defined(OPENSSL_FIPS) +FIPS_NON_FIPS_MD_Init(SHA) +#else int HASH_INIT (SHA_CTX *c) +#endif { +#if defined(SHA_1) && defined(OPENSSL_FIPS) + FIPS_selftest_check(); +#endif c->h0=INIT_DATA_h0; c->h1=INIT_DATA_h1; c->h2=INIT_DATA_h2; -- 2.25.1