From d107905b3105ce02c2d57fa6ed4c04266a355dba Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Mon, 15 Jan 2007 00:25:59 +0000 Subject: [PATCH] Perl script to build shell scripts and batch files to run algorithm test programs. --- CHANGES | 4 + fips-1.0/Makefile | 131 ++++++++++++++++++++++++++++++ fips-1.0/mkfipsscr.pl | 180 ++++++++++++++++++++++++++++++++++++++++++ util/mk1mf.pl | 34 ++++++++ util/pl/VC-32.pl | 6 +- 5 files changed, 352 insertions(+), 3 deletions(-) create mode 100644 fips-1.0/mkfipsscr.pl diff --git a/CHANGES b/CHANGES index 3cd2a3fa7b..176b432713 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,10 @@ Changes between 0.9.7l and 0.9.7m [xx XXX xxxx] + *) New perl script mkfipsscr.pl to create shell scripts or batch files to + run algorithm test programs. + [Steve Henson] + *) Make algorithm test programs more tolerant of whitespace. [Steve Henson] diff --git a/fips-1.0/Makefile b/fips-1.0/Makefile index 891a40b36a..8037b83e84 100644 --- a/fips-1.0/Makefile +++ b/fips-1.0/Makefile @@ -216,6 +216,137 @@ dclean: $(MAKE) PERL='${PERL}' CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' dclean ); \ done; +FIPS_EX_OBJ= ../crypto/aes/aes_cbc.o \ + ../crypto/aes/aes_cfb.o \ + ../crypto/aes/aes_ecb.o \ + ../crypto/aes/aes_ofb.o \ + ../crypto/asn1/a_bitstr.o \ + ../crypto/asn1/a_bytes.o \ + ../crypto/asn1/a_dup.o \ + ../crypto/asn1/a_int.o \ + ../crypto/asn1/a_object.o \ + ../crypto/asn1/asn1_err.o \ + ../crypto/asn1/asn1_lib.o \ + ../crypto/asn1/a_type.o \ + ../crypto/asn1/evp_asn1.o \ + ../crypto/asn1/tasn_dec.o \ + ../crypto/asn1/tasn_enc.o \ + ../crypto/asn1/tasn_fre.o \ + ../crypto/asn1/tasn_new.o \ + ../crypto/asn1/tasn_typ.o \ + ../crypto/asn1/tasn_utl.o \ + ../crypto/asn1/t_pkey.o \ + ../crypto/asn1/x_algor.o \ + ../crypto/asn1/x_bignum.o \ + ../crypto/asn1/x_long.o \ + ../crypto/asn1/x_sig.o \ + ../crypto/bio/bio_err.o \ + ../crypto/bio/bio_lib.o \ + ../crypto/bio/b_print.o \ + ../crypto/bio/bss_file.o \ + ../crypto/bn/bn_add.o \ + ../crypto/bn/bn_blind.o \ + ../crypto/bn/bn_ctx.o \ + ../crypto/bn/bn_div.o \ + ../crypto/bn/bn_err.o \ + ../crypto/bn/bn_exp2.o \ + ../crypto/bn/bn_exp.o \ + ../crypto/bn/bn_gcd.o \ + ../crypto/bn/bn_lib.o \ + ../crypto/bn/bn_mod.o \ + ../crypto/bn/bn_mont.o \ + ../crypto/bn/bn_mul.o \ + ../crypto/bn/bn_prime.o \ + ../crypto/bn/bn_print.o \ + ../crypto/bn/bn_rand.o \ + ../crypto/bn/bn_recp.o \ + ../crypto/bn/bn_shift.o \ + ../crypto/bn/bn_sqr.o \ + ../crypto/bn/bn_word.o \ + ../crypto/bn/bn_x931p.o \ + ../crypto/buffer/buf_err.o \ + ../crypto/buffer/buffer.o \ + ../crypto/conf/conf_err.o \ + ../crypto/cpt_err.o \ + ../crypto/cryptlib.o \ + ../crypto/des/cfb64ede.o \ + ../crypto/des/cfb64enc.o \ + ../crypto/des/cfb_enc.o \ + ../crypto/des/des_enc.o \ + ../crypto/des/ecb3_enc.o \ + ../crypto/des/ecb_enc.o \ + ../crypto/des/ofb64ede.o \ + ../crypto/des/ofb64enc.o \ + ../crypto/dh/dh_err.o \ + ../crypto/dh/dh_lib.o \ + ../crypto/dsa/dsa_asn1.o \ + ../crypto/dsa/dsa_err.o \ + ../crypto/dsa/dsa_lib.o \ + ../crypto/dsa/dsa_sign.o \ + ../crypto/dsa/dsa_vrf.o \ + ../crypto/dso/dso_err.o \ + ../crypto/ec/ec_err.o \ + ../crypto/engine/eng_err.o \ + ../crypto/engine/eng_init.o \ + ../crypto/engine/eng_lib.o \ + ../crypto/engine/eng_list.o \ + ../crypto/engine/eng_table.o \ + ../crypto/engine/tb_cipher.o \ + ../crypto/engine/tb_dh.o \ + ../crypto/engine/tb_digest.o \ + ../crypto/engine/tb_dsa.o \ + ../crypto/engine/tb_rand.o \ + ../crypto/engine/tb_rsa.o \ + ../crypto/err/err_all.o \ + ../crypto/err/err.o \ + ../crypto/err/err_prn.o \ + ../crypto/evp/digest.o \ + ../crypto/evp/e_aes.o \ + ../crypto/evp/e_des3.o \ + ../crypto/evp/e_des.o \ + ../crypto/evp/evp_enc.o \ + ../crypto/evp/evp_err.o \ + ../crypto/evp/evp_lib.o \ + ../crypto/evp/m_sha1.o \ + ../crypto/evp/p_lib.o \ + ../crypto/evp/p_sign.o \ + ../crypto/evp/p_verify.o \ + ../crypto/ex_data.o \ + ../crypto/lhash/lhash.o \ + ../crypto/mem_clr.o \ + ../crypto/mem_dbg.o \ + ../crypto/mem.o \ + ../crypto/objects/obj_dat.o \ + ../crypto/objects/obj_err.o \ + ../crypto/objects/obj_lib.o \ + ../crypto/ocsp/ocsp_err.o \ + ../crypto/pem/pem_err.o \ + ../crypto/pkcs12/pk12err.o \ + ../crypto/pkcs7/pkcs7err.o \ + ../crypto/rand/md_rand.o \ + ../crypto/rand/rand_egd.o \ + ../crypto/rand/rand_err.o \ + ../crypto/rand/randfile.o \ + ../crypto/rand/rand_lib.o \ + ../crypto/rand/rand_os2.o \ + ../crypto/rand/rand_unix.o \ + ../crypto/rand/rand_win.o \ + ../crypto/rsa/rsa_err.o \ + ../crypto/rsa/rsa_lib.o \ + ../crypto/rsa/rsa_none.o \ + ../crypto/rsa/rsa_oaep.o \ + ../crypto/rsa/rsa_pk1.o \ + ../crypto/rsa/rsa_pss.o \ + ../crypto/rsa/rsa_sign.o \ + ../crypto/rsa/rsa_ssl.o \ + ../crypto/rsa/rsa_x931.o \ + ../crypto/stack/stack.o \ + ../crypto/uid.o \ + ../crypto/ui/ui_err.o \ + ../crypto/x509v3/v3err.o \ + ../crypto/x509v3/v3_hex.o \ + ../crypto/x509/x509_err.o + # DO NOT DELETE THIS LINE -- make depend depends on it. fips.o: ../include/openssl/aes.h ../include/openssl/asn1.h diff --git a/fips-1.0/mkfipsscr.pl b/fips-1.0/mkfipsscr.pl new file mode 100644 index 0000000000..0efa7f416f --- /dev/null +++ b/fips-1.0/mkfipsscr.pl @@ -0,0 +1,180 @@ +#!/usr/local/bin/perl -w + +my @fips_tests = ( + +# FIPS test descriptions + +# DSA tests + +["dsa", "PQGGen", "fips_dssvs pqg"], +["dsa", "KeyPair", "fips_dssvs keypair"], +["dsa", "SigGen", "fips_dssvs siggen"], +["dsa", "SigVer", "fips_dssvs sigver"], + +# SHA tests + +["sha", "SHA1LongMsg", "fips_shatest"], +["sha", "SHA1Monte", "fips_shatest"], +["sha", "SHA1ShortMsg", "fips_shatest"], +["sha", "SHA224LongMsg", "fips_shatest"], +["sha", "SHA224Monte", "fips_shatest"], +["sha", "SHA224ShortMsg", "fips_shatest"], +["sha", "SHA256LongMsg", "fips_shatest"], +["sha", "SHA256Monte", "fips_shatest"], +["sha", "SHA256ShortMsg", "fips_shatest"], +["sha", "SHA384LongMsg", "fips_shatest"], +["sha", "SHA384Monte", "fips_shatest"], +["sha", "SHA384ShortMsg", "fips_shatest"], +["sha", "SHA512LongMsg", "fips_shatest"], +["sha", "SHA512Monte", "fips_shatest"], +["sha", "SHA512ShortMsg", "fips_shatest"], + +# AES tests, file search mode +["aes", "\@dir", "fips_aesavs -f"], + +# DES tests, file search mode +["tdes", "\@dir", "fips_desmovs -f"], + +# HMAC + +["hmac", "HMAC", "fips_hmactest"], + +# RAND tests + +["rng", "ANSI931_TDES2MCT", "fips_rngvs mct"], +["rng", "ANSI931_TDES2VST", "fips_rngvs vst"], + +# RSA tests + +["rsa", "SigGen15", "fips_rsastest"], +["rsa", "SigVer15", "fips_rsavtest"], +["rsa", "SigGenPSS", "fips_rsastest -saltlen 0"], +["rsa", "SigVerPSS", "fips_rsavtest -saltlen 0"], +["rsa", "SigGenRSA", "fips_rsastest -x931"], +["rsa", "SigVerRSA", "fips_rsavtest -x931"], +["rsa", "KeyGenRSA", "fips_rsagtest"], +["rsa_salt_62", "SigGenPSS", "fips_rsastest -saltlen 62"], +["rsa_salt_62", "SigVerPSS", "fips_rsavtest -saltlen 62"] + +); + +my $lnum = 0; +my $win32 = 0; +my $tvdir = "testvectors"; +my $ltdir = ""; + +foreach (@ARGV) + { + if ($_ eq "--win32") + { + $win32 = 1; + } + elsif (/--dir=(.*)$/) + { + $tvdir = $1; + } + } + +if ($win32) + { + open(OUT, ">fipstests.bat"); + + print OUT <fipstests.sh"); + +print OUT <) + { + if ($win32) + { + print OUT ".\\$tcmd ../fips-1.0/${_}\n"; + } + else + { + print OUT < $rsp\n"; +END + } + else + { + my $req = "$tvdir/$tdir/req/$fprefix.req"; + my $rsp = "$tvdir/$tdir/rsp/$fprefix.rsp"; + print OUT < $rsp; fi +END + } + } + diff --git a/util/mk1mf.pl b/util/mk1mf.pl index 05a6086164..4a422c07ee 100755 --- a/util/mk1mf.pl +++ b/util/mk1mf.pl @@ -360,6 +360,9 @@ for (;;) if ($key eq "LIBOBJ") { $libobj=&var_add($dir,$val); } + if ($key eq "FIPS_EX_OBJ") + { $fips_ex_obj=&var_add($dir,$val); } + if ($key eq "FIPSLIBDIR") { $fipslibdir=$val;} @@ -371,6 +374,33 @@ for (;;) } close(IN); +foreach (split " ", $fips_ex_obj) + { + $fips_exclude_obj{$1} = 1 if (/\/([^\/]*)$/); + } + +$fips_exclude_obj{"bn_asm"} = 1; + +my @ltmp = split " ", $lib_obj{"CRYPTO"}; + + +$lib_obj{"CRYPTO"} = ""; + +foreach(@ltmp) + { + if (/\/([^\/]*)$/ && exists $fips_exclude_obj{$1}) + { + print STDERR "Excluing $_\n"; + } + else + { + $lib_obj{"CRYPTO"} .= "$_ "; + } + } + + +#foreach (keys %fips_exclude_obj) { print STDERR "FIPS is $_\n"; } + if ($fips_canister_path eq "") { $fips_canister_path = "\$(FIPSLIB_D)${o}fipscanister.o"; @@ -765,6 +795,10 @@ foreach (values %lib_nam) $lib_obj =~ s/\s(\S*\/rmd_dgst\S*)/ $1 \$(RMD160_ASM_OBJ)/; $rules.=&do_asm_rule($rmd160_asm_obj,$rmd160_asm_src); } +if ($_ eq "CRYPTO") + { +# print STDERR "OBJ is $lib_obj\n"; + } $defs.=&do_defs(${_}."OBJ",$lib_obj,"\$(OBJ_D)",$obj); $lib=($slib)?" \$(SHLIB_CFLAGS)".$shlib_ex_cflags{$_}:" \$(LIB_CFLAGS)"; $rules.=&do_compile_rule("\$(OBJ_D)",$lib_obj{$_},$lib); diff --git a/util/pl/VC-32.pl b/util/pl/VC-32.pl index 4e97dfa9af..a0f9aa4b39 100644 --- a/util/pl/VC-32.pl +++ b/util/pl/VC-32.pl @@ -135,7 +135,7 @@ sub do_lib_rule # $ret.="\t\$(RM) \$(O_$Name)\n"; $ret.="$target: $objs\n"; $ex =' advapi32.lib'; - $ex.=" \$(FIPSLIB_D)${o}_chkstk.o" if $fips && $target =~ /O_CRYPTO/; + $ex.=" \$(FIPSLIB_D)${o}_chkstk.o \$(FIPSLIB_D)${o}_udivdi3.o \$(FIPSLIB_D)${o}_umoddi3.o" if $fips && $target =~ /O_CRYPTO/; $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs $ex\n<<\n"; } else @@ -145,7 +145,7 @@ sub do_lib_rule $ex.=" $zlib_lib" if $zlib_opt == 1 && $target =~ /O_CRYPTO/; if ($fips && $target =~ /O_CRYPTO/) { - $ex.=" \$(FIPSLIB_D)${o}_chkstk.o"; + $ex.=" \$(FIPSLIB_D)${o}_chkstk.o \$(FIPSLIB_D)${o}_udivdi3.o \$(FIPSLIB_D)${o}_umoddi3.o"; $ret.="$target: $objs \$(PREMAIN_DSO_EXE)\n"; $ret.="\tSET FIPS_LINK=\$(LINK)\n"; $ret.="\tSET FIPS_CC=\$(CC)\n"; @@ -178,7 +178,7 @@ sub do_link_rule if ($standalone) { $ret.=" \$(LINK) \$(LFLAGS) $efile$target @<<\n\t"; - $ret.="\$(FIPSLIB_D)${o}_chkstk.o " if ($files =~ /O_FIPSCANISTER/); + $ret.="\$(FIPSLIB_D)${o}_chkstk.o \$(FIPSLIB_D)${o}_udivdi3.o \$(FIPSLIB_D)${o}_umoddi3.o advapi32.lib " if ($files =~ /O_FIPSCANISTER/); $ret.="$files $libs\n<<\n"; } elsif ($fips && !$shlib) -- 2.25.1