From eb798944b3466c939b00d809c9f4edbb1b72d478 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sun, 8 May 2005 23:48:18 +0000 Subject: [PATCH] Stop warnings in asserts. Add support for SHA-XXX in RSA tests. Make fips_check_rsa work for key lengths > 2048 bits. --- fips/fips.h | 1 + fips/fipshashes.c | 4 ++-- fips/rsa/fips_rsa_gen.c | 34 ++++++++++++++++++++++++++++------ fips/rsa/fips_rsastest.c | 25 +++++++++++++++++++------ fips/rsa/fips_rsavtest.c | 26 ++++++++++++++++++++++---- 5 files changed, 72 insertions(+), 18 deletions(-) diff --git a/fips/fips.h b/fips/fips.h index 451138a336..8bb0f68117 100644 --- a/fips/fips.h +++ b/fips/fips.h @@ -72,6 +72,7 @@ void FIPS_corrupt_rsa(void); int FIPS_selftest_rsa(void); void FIPS_corrupt_dsa(void); int FIPS_selftest_dsa(void); +int FIPS_selftest_rng(void); /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. diff --git a/fips/fipshashes.c b/fips/fipshashes.c index 07989f5f4a..4a65ac665d 100644 --- a/fips/fipshashes.c +++ b/fips/fipshashes.c @@ -1,7 +1,7 @@ const char * const FIPS_source_hashes[] = { "HMAC-SHA1(fips.c)= 23f2470208ebbc7daeae50ad7b13e7cd7e269477", "HMAC-SHA1(fips_err_wrapper.c)= d3e2be316062510312269e98f964cb87e7577898", -"HMAC-SHA1(fips.h)= 87423b80f7635f08fbea23897c64e999166360a2", +"HMAC-SHA1(fips.h)= c0260653a24bb6a986e726326d404b79dfc01b62", "HMAC-SHA1(fips_err.h)= d356c4436362dba2974f767e06c6be1c90dbfe9f", "HMAC-SHA1(aes/fips_aes_core.c)= b70bbbd675efe0613da0d57055310926a0104d55", "HMAC-SHA1(aes/asm/fips-ax86-elf.s)= 361df58c4838e55cf0b5fa1427c81c253e551388", @@ -22,7 +22,7 @@ const char * const FIPS_source_hashes[] = { "HMAC-SHA1(rand/fips_rand.h)= bf009ea8963e79b1e414442ede9ae7010a03160b", "HMAC-SHA1(rand/fips_rand_selftest.c)= d9c8985e08feecefafe667ad0119d444b42f807c", "HMAC-SHA1(rsa/fips_rsa_eay.c)= 2596773a7af8f037427217b79f56858296961d66", -"HMAC-SHA1(rsa/fips_rsa_gen.c)= 713d2e0d7a1a682b1794f1224b7afe01272ba755", +"HMAC-SHA1(rsa/fips_rsa_gen.c)= beedbc14a7b262d36a2b829494030f3032563bac", "HMAC-SHA1(rsa/fips_rsa_selftest.c)= dcd0970a4de2d7f0d2333d6a3efb1ae350209b57", "HMAC-SHA1(sha1/fips_sha1dgst.c)= 26e529d630b5e754b4a29bd1bb697e991e7fdc04", "HMAC-SHA1(sha1/fips_standalone_sha1.c)= faae95bc36cc80f5be6a0cde02ebab0f63d4fd97", diff --git a/fips/rsa/fips_rsa_gen.c b/fips/rsa/fips_rsa_gen.c index 5c92163c6e..71b268a1bb 100644 --- a/fips/rsa/fips_rsa_gen.c +++ b/fips/rsa/fips_rsa_gen.c @@ -70,14 +70,26 @@ void *OPENSSL_stderr(void); static int fips_check_rsa(RSA *rsa) { - int n; - unsigned char ctext[256]; - unsigned char ptext[256]; + int n, ret = 0; + unsigned char tctext[256], *ctext = tctext; + unsigned char tptext[256], *ptext = tptext; /* The longest we can have with OAEP padding and a 512 bit key */ static const unsigned char original_ptext[] = "\x01\x23\x45\x67\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0" "\x23\x45\x67\x89\xab\xcd"; + if (RSA_size(rsa) > sizeof(tctext)) + { + ctext = OPENSSL_malloc(RSA_size(rsa)); + ptext = OPENSSL_malloc(RSA_size(rsa)); + if (!ctext || !ptext) + { + ERR_print_errors_fp(OPENSSL_stderr()); + exit(1); + } + } + + /* this will fail for keys shorter than 512 bits */ n=RSA_public_encrypt(sizeof(original_ptext)-1,original_ptext,ctext,rsa, RSA_PKCS1_OAEP_PADDING); @@ -89,7 +101,7 @@ static int fips_check_rsa(RSA *rsa) if(!memcmp(ctext,original_ptext,n)) { FIPSerr(FIPS_F_FIPS_CHECK_RSA,FIPS_R_PAIRWISE_TEST_FAILED); - return 0; + goto error; } n=RSA_private_decrypt(n,ctext,ptext,rsa,RSA_PKCS1_OAEP_PADDING); if(n < 0) @@ -100,10 +112,20 @@ static int fips_check_rsa(RSA *rsa) if(n != sizeof(original_ptext)-1 || memcmp(ptext,original_ptext,n)) { FIPSerr(FIPS_F_FIPS_CHECK_RSA,FIPS_R_PAIRWISE_TEST_FAILED); - return 0; + goto error; + } + + ret = 1; + + error: + + if (RSA_size(rsa) > sizeof(tctext)) + { + OPENSSL_free(ctext); + OPENSSL_free(ptext); } - return 1; + return ret; } RSA *RSA_generate_key(FIPS_RSA_SIZE_T bits, unsigned long e_value, diff --git a/fips/rsa/fips_rsastest.c b/fips/rsa/fips_rsastest.c index 78f4e104cf..9de82ed86f 100644 --- a/fips/rsa/fips_rsastest.c +++ b/fips/rsa/fips_rsastest.c @@ -66,7 +66,7 @@ #include static int rsa_stest(BIO *err, BIO *out, BIO *in); -static int rsa_printsig(BIO *err, BIO *out, RSA *pkey, +static int rsa_printsig(BIO *err, BIO *out, RSA *rsa, const EVP_MD *dgst, unsigned char *Msg, long Msglen); int main(int argc, char **argv) @@ -145,6 +145,7 @@ int rsa_stest(BIO *err, BIO *out, BIO *in) char *linebuf, *olinebuf, *p, *q; char *keyword, *value; RSA *rsa = NULL; + const EVP_MD *dgst = NULL; unsigned char *Msg = NULL; long Msglen; int keylen = -1, current_keylen = -1; @@ -210,7 +211,17 @@ int rsa_stest(BIO *err, BIO *out, BIO *in) } else if (!strcmp(keyword, "SHAAlg")) { - if (strcmp(value, "SHA1")) + if (!strcmp(value, "SHA1")) + dgst = EVP_sha1(); + else if (!strcmp(value, "SHA224")) + dgst = EVP_sha224(); + else if (!strcmp(value, "SHA256")) + dgst = EVP_sha256(); + else if (!strcmp(value, "SHA384")) + dgst = EVP_sha384(); + else if (!strcmp(value, "SHA512")) + dgst = EVP_sha512(); + else { BIO_printf(err, "FATAL: unsupported algorithm \"%s\"\n", @@ -222,6 +233,8 @@ int rsa_stest(BIO *err, BIO *out, BIO *in) { if (Msg) goto parse_error; + if (strlen(value) & 1) + *(--value) = '0'; Msg = string_to_hex(value, &Msglen); if (!Msg) goto parse_error; @@ -248,9 +261,9 @@ int rsa_stest(BIO *err, BIO *out, BIO *in) current_keylen = keylen; } - if (Msg) + if (Msg && dgst) { - if (!rsa_printsig(err, out, rsa, Msg, Msglen)) + if (!rsa_printsig(err, out, rsa, dgst, Msg, Msglen)) goto error; OPENSSL_free(Msg); Msg = NULL; @@ -279,7 +292,7 @@ int rsa_stest(BIO *err, BIO *out, BIO *in) } -static int rsa_printsig(BIO *err, BIO *out, RSA *rsa, +static int rsa_printsig(BIO *err, BIO *out, RSA *rsa, const EVP_MD *dgst, unsigned char *Msg, long Msglen) { int ret = 0; @@ -301,7 +314,7 @@ static int rsa_printsig(BIO *err, BIO *out, RSA *rsa, EVP_MD_CTX_init(&ctx); - if (!EVP_SignInit_ex(&ctx, EVP_sha1(), NULL)) + if (!EVP_SignInit_ex(&ctx, dgst, NULL)) goto error; if (!EVP_SignUpdate(&ctx, Msg, Msglen)) goto error; diff --git a/fips/rsa/fips_rsavtest.c b/fips/rsa/fips_rsavtest.c index f8b07a989a..9da60773e1 100644 --- a/fips/rsa/fips_rsavtest.c +++ b/fips/rsa/fips_rsavtest.c @@ -68,6 +68,7 @@ static int rsa_test(BIO *err, BIO *out, BIO *in); static int rsa_printver(BIO *err, BIO *out, BIGNUM *n, BIGNUM *e, + const EVP_MD *dgst, unsigned char *Msg, long Msglen, unsigned char *S, long Slen); @@ -146,6 +147,7 @@ int rsa_test(BIO *err, BIO *out, BIO *in) { char *linebuf, *olinebuf, *p, *q; char *keyword, *value; + const EVP_MD *dgst = NULL; BIGNUM *n = NULL, *e = NULL; unsigned char *Msg = NULL, *S = NULL; long Msglen, Slen; @@ -209,7 +211,17 @@ int rsa_test(BIO *err, BIO *out, BIO *in) } else if (!strcmp(keyword, "SHAAlg")) { - if (strcmp(value, "SHA1")) + if (!strcmp(value, "SHA1")) + dgst = EVP_sha1(); + else if (!strcmp(value, "SHA224")) + dgst = EVP_sha224(); + else if (!strcmp(value, "SHA256")) + dgst = EVP_sha256(); + else if (!strcmp(value, "SHA384")) + dgst = EVP_sha384(); + else if (!strcmp(value, "SHA512")) + dgst = EVP_sha512(); + else { BIO_printf(err, "FATAL: unsupported algorithm \"%s\"\n", @@ -221,6 +233,8 @@ int rsa_test(BIO *err, BIO *out, BIO *in) { if (Msg) goto parse_error; + if (strlen(value) & 1) + *(--value) = '0'; Msg = string_to_hex(value, &Msglen); if (!Msg) goto parse_error; @@ -229,6 +243,8 @@ int rsa_test(BIO *err, BIO *out, BIO *in) { if (S) goto parse_error; + if (strlen(value) & 1) + *(--value) = '0'; S = string_to_hex(value, &Slen); if (!S) goto parse_error; @@ -240,9 +256,10 @@ int rsa_test(BIO *err, BIO *out, BIO *in) BIO_puts(out, olinebuf); - if (n && e && Msg && S) + if (n && e && Msg && S && dgst) { - if (!rsa_printver(err, out, n, e, Msg, Msglen, S, Slen)) + if (!rsa_printver(err, out, n, e, dgst, + Msg, Msglen, S, Slen)) goto error; OPENSSL_free(Msg); Msg = NULL; @@ -279,6 +296,7 @@ int rsa_test(BIO *err, BIO *out, BIO *in) static int rsa_printver(BIO *err, BIO *out, BIGNUM *n, BIGNUM *e, + const EVP_MD *dgst, unsigned char *Msg, long Msglen, unsigned char *S, long Slen) { @@ -300,7 +318,7 @@ static int rsa_printver(BIO *err, BIO *out, EVP_MD_CTX_init(&ctx); - if (!EVP_VerifyInit_ex(&ctx, EVP_sha1(), NULL)) + if (!EVP_VerifyInit_ex(&ctx, dgst, NULL)) goto error; if (!EVP_VerifyUpdate(&ctx, Msg, Msglen)) goto error; -- 2.25.1