From f4324e51ddab9ed6671f9645afe33d16f9039d12 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sat, 5 Nov 2011 01:34:36 +0000 Subject: [PATCH] Add single call public key sign and verify functions. --- CHANGES | 5 +++++ crypto/dsa/dsa.h | 5 +++++ crypto/ecdsa/ecdsa.h | 5 +++++ fips/dsa/fips_dsa_sign.c | 24 ++++++++++++++++++++++++ fips/dsa/fips_dsatest.c | 15 ++------------- fips/dsa/fips_dssvs.c | 14 ++------------ fips/ecdsa/fips_ecdsa_sign.c | 25 +++++++++++++++++++++++++ fips/ecdsa/fips_ecdsavs.c | 14 ++------------ fips/fips.h | 10 ++++++++++ fips/fips_test_suite.c | 32 ++++++-------------------------- fips/rsa/fips_rsa_sign.c | 29 +++++++++++++++++++++++++++++ fips/rsa/fips_rsastest.c | 11 +---------- fips/rsa/fips_rsavtest.c | 13 +------------ 13 files changed, 117 insertions(+), 85 deletions(-) diff --git a/CHANGES b/CHANGES index 4159394ef9..d3883be28f 100644 --- a/CHANGES +++ b/CHANGES @@ -4,9 +4,14 @@ Changes between 1.0.1 and 1.1.0 [xx XXX xxxx] + *) Add FIPS_{rsa,dsa,ecdsa}_{sign,verify} functions which digest and + sign or verify all in one operation. + [Steve Henson] + *) Add fips_algvs: a multicall fips utility incorporaing all the algorithm test programs and fips_test_suite. Includes functionality to parse the minimal script output of fipsalgest.pl directly. + [Steve Henson] *) Add authorisation parameter to FIPS_module_mode_set(). [Steve Henson] diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h index 86766dacb4..408ee11b72 100644 --- a/crypto/dsa/dsa.h +++ b/crypto/dsa/dsa.h @@ -215,6 +215,11 @@ DSA_SIG * FIPS_dsa_sign_ctx(DSA *dsa, EVP_MD_CTX *ctx); int FIPS_dsa_verify_digest(DSA *dsa, const unsigned char *dig, int dlen, DSA_SIG *s); int FIPS_dsa_verify_ctx(DSA *dsa, EVP_MD_CTX *ctx, DSA_SIG *s); +int FIPS_dsa_verify(DSA *dsa, const unsigned char *msg, size_t msglen, + const EVP_MD *mhash, DSA_SIG *s); +DSA_SIG * FIPS_dsa_sign(DSA *dsa, const unsigned char *msg, size_t msglen, + const EVP_MD *mhash); + #endif DSA * DSA_new(void); diff --git a/crypto/ecdsa/ecdsa.h b/crypto/ecdsa/ecdsa.h index c3275b0839..cd6d19ccde 100644 --- a/crypto/ecdsa/ecdsa.h +++ b/crypto/ecdsa/ecdsa.h @@ -236,6 +236,11 @@ ECDSA_SIG * FIPS_ecdsa_sign_ctx(EC_KEY *key, EVP_MD_CTX *ctx); int FIPS_ecdsa_verify_digest(EC_KEY *key, const unsigned char *dig, int dlen, ECDSA_SIG *s); int FIPS_ecdsa_verify_ctx(EC_KEY *key, EVP_MD_CTX *ctx, ECDSA_SIG *s); +int FIPS_ecdsa_verify(EC_KEY *key, const unsigned char *msg, size_t msglen, + const EVP_MD *mhash, ECDSA_SIG *s); +ECDSA_SIG * FIPS_ecdsa_sign(EC_KEY *key, + const unsigned char *msg, size_t msglen, + const EVP_MD *mhash); #endif diff --git a/fips/dsa/fips_dsa_sign.c b/fips/dsa/fips_dsa_sign.c index ea1bd87303..274bcd9016 100644 --- a/fips/dsa/fips_dsa_sign.c +++ b/fips/dsa/fips_dsa_sign.c @@ -114,4 +114,28 @@ int FIPS_dsa_verify_digest(DSA *dsa, return dsa->meth->dsa_do_verify(dig,dlen,s,dsa); } +int FIPS_dsa_verify(DSA *dsa, const unsigned char *msg, size_t msglen, + const EVP_MD *mhash, DSA_SIG *s) + { + int ret=-1; + unsigned char dig[EVP_MAX_MD_SIZE]; + unsigned int dlen; + FIPS_digest(msg, msglen, dig, &dlen, mhash); + ret=FIPS_dsa_verify_digest(dsa, dig, dlen, s); + OPENSSL_cleanse(dig, dlen); + return ret; + } + +DSA_SIG * FIPS_dsa_sign(DSA *dsa, const unsigned char *msg, size_t msglen, + const EVP_MD *mhash) + { + DSA_SIG *s; + unsigned char dig[EVP_MAX_MD_SIZE]; + unsigned int dlen; + FIPS_digest(msg, msglen, dig, &dlen, mhash); + s = FIPS_dsa_sign_digest(dsa, dig, dlen); + OPENSSL_cleanse(dig, dlen); + return s; + } + #endif diff --git a/fips/dsa/fips_dsatest.c b/fips/dsa/fips_dsatest.c index 64d52258eb..3c95d176b8 100644 --- a/fips/dsa/fips_dsatest.c +++ b/fips/dsa/fips_dsatest.c @@ -154,9 +154,7 @@ int main(int argc, char **argv) unsigned char buf[256]; unsigned long h; BN_GENCB cb; - EVP_MD_CTX mctx; BN_GENCB_set(&cb, dsa_cb, stderr); - FIPS_md_ctx_init(&mctx); fips_algtest_init(); @@ -210,19 +208,11 @@ int main(int argc, char **argv) } DSA_generate_key(dsa); - if (!FIPS_digestinit(&mctx, EVP_sha1())) - goto end; - if (!FIPS_digestupdate(&mctx, str1, 20)) - goto end; - sig = FIPS_dsa_sign_ctx(dsa, &mctx); + sig = FIPS_dsa_sign(dsa, str1, 20, EVP_sha1()); if (!sig) goto end; - if (!FIPS_digestinit(&mctx, EVP_sha1())) - goto end; - if (!FIPS_digestupdate(&mctx, str1, 20)) - goto end; - if (FIPS_dsa_verify_ctx(dsa, &mctx, sig) != 1) + if (FIPS_dsa_verify(dsa, str1, 20, EVP_sha1(), sig) != 1) goto end; ret = 1; @@ -231,7 +221,6 @@ end: if (sig) FIPS_dsa_sig_free(sig); if (dsa != NULL) FIPS_dsa_free(dsa); - FIPS_md_ctx_cleanup(&mctx); #if 0 CRYPTO_mem_leaks(bio_err); #endif diff --git a/fips/dsa/fips_dssvs.c b/fips/dsa/fips_dssvs.c index 45eefb7c63..e2f2297f00 100644 --- a/fips/dsa/fips_dssvs.c +++ b/fips/dsa/fips_dssvs.c @@ -632,9 +632,7 @@ static void siggen(FILE *in, FILE *out) { unsigned char msg[1024]; int n; - EVP_MD_CTX mctx; DSA_SIG *sig; - FIPS_md_ctx_init(&mctx); n=hex2bin(value,msg); @@ -642,15 +640,12 @@ static void siggen(FILE *in, FILE *out) exit(1); do_bn_print_name(out, "Y",dsa->pub_key); - FIPS_digestinit(&mctx, md); - FIPS_digestupdate(&mctx, msg, n); - sig = FIPS_dsa_sign_ctx(dsa, &mctx); + sig = FIPS_dsa_sign(dsa, msg, n, md); do_bn_print_name(out, "R",sig->r); do_bn_print_name(out, "S",sig->s); fputs(RESP_EOL, out); FIPS_dsa_sig_free(sig); - FIPS_md_ctx_cleanup(&mctx); } } if (dsa) @@ -705,17 +700,12 @@ static void sigver(FILE *in, FILE *out) sig->r=hex2bn(value); else if(!strcmp(keyword,"S")) { - EVP_MD_CTX mctx; int r; - FIPS_md_ctx_init(&mctx); sig->s=hex2bn(value); - FIPS_digestinit(&mctx, md); - FIPS_digestupdate(&mctx, msg, n); no_err = 1; - r = FIPS_dsa_verify_ctx(dsa, &mctx, sig); + r = FIPS_dsa_verify(dsa, msg, n, md, sig); no_err = 0; - FIPS_md_ctx_cleanup(&mctx); if (sig->s) { BN_free(sig->s); diff --git a/fips/ecdsa/fips_ecdsa_sign.c b/fips/ecdsa/fips_ecdsa_sign.c index 0e86a50ef4..847d44e784 100644 --- a/fips/ecdsa/fips_ecdsa_sign.c +++ b/fips/ecdsa/fips_ecdsa_sign.c @@ -87,3 +87,28 @@ int FIPS_ecdsa_verify_ctx(EC_KEY *key, EVP_MD_CTX *ctx, ECDSA_SIG *s) return ret; } +int FIPS_ecdsa_verify(EC_KEY *key, const unsigned char *msg, size_t msglen, + const EVP_MD *mhash, ECDSA_SIG *s) + { + int ret=-1; + unsigned char dig[EVP_MAX_MD_SIZE]; + unsigned int dlen; + FIPS_digest(msg, msglen, dig, &dlen, mhash); + ret=FIPS_ecdsa_verify_digest(key, dig, dlen, s); + OPENSSL_cleanse(dig, dlen); + return ret; + } + +ECDSA_SIG * FIPS_ecdsa_sign(EC_KEY *key, + const unsigned char *msg, size_t msglen, + const EVP_MD *mhash) + { + ECDSA_SIG *s; + unsigned char dig[EVP_MAX_MD_SIZE]; + unsigned int dlen; + FIPS_digest(msg, msglen, dig, &dlen, mhash); + s = FIPS_dsa_sign_digest(key, dig, dlen); + OPENSSL_cleanse(dig, dlen); + return s; + } + diff --git a/fips/ecdsa/fips_ecdsavs.c b/fips/ecdsa/fips_ecdsavs.c index 35ff251060..5745a6d37a 100644 --- a/fips/ecdsa/fips_ecdsavs.c +++ b/fips/ecdsa/fips_ecdsavs.c @@ -308,8 +308,6 @@ static int SigGen(FILE *in, FILE *out) EC_KEY *key = NULL; ECDSA_SIG *sig = NULL; const EVP_MD *digest = NULL; - EVP_MD_CTX mctx; - EVP_MD_CTX_init(&mctx); Qx = BN_new(); Qy = BN_new(); while(fgets(buf, sizeof buf, in) != NULL) @@ -345,9 +343,7 @@ static int SigGen(FILE *in, FILE *out) return 0; } - FIPS_digestinit(&mctx, digest); - FIPS_digestupdate(&mctx, msg, mlen); - sig = FIPS_ecdsa_sign_ctx(key, &mctx); + sig = FIPS_ecdsa_sign(key, msg, mlen, digest); if (!sig) { @@ -369,7 +365,6 @@ static int SigGen(FILE *in, FILE *out) } BN_free(Qx); BN_free(Qy); - FIPS_md_ctx_cleanup(&mctx); return 1; } @@ -384,8 +379,6 @@ static int SigVer(FILE *in, FILE *out) EC_KEY *key = NULL; ECDSA_SIG sg, *sig = &sg; const EVP_MD *digest = NULL; - EVP_MD_CTX mctx; - EVP_MD_CTX_init(&mctx); sig->r = NULL; sig->s = NULL; while(fgets(buf, sizeof buf, in) != NULL) @@ -450,10 +443,8 @@ static int SigVer(FILE *in, FILE *out) return 0; } - FIPS_digestinit(&mctx, digest); - FIPS_digestupdate(&mctx, msg, mlen); no_err = 1; - rv = FIPS_ecdsa_verify_ctx(key, &mctx, sig); + rv = FIPS_ecdsa_verify(key, msg, mlen, digest, sig); EC_KEY_free(key); if (msg) OPENSSL_free(msg); @@ -471,7 +462,6 @@ static int SigVer(FILE *in, FILE *out) BN_free(Qx); if (Qy) BN_free(Qy); - EVP_MD_CTX_cleanup(&mctx); return 1; } #ifdef FIPS_ALGVS diff --git a/fips/fips.h b/fips/fips.h index 4cadbd26fd..8833dd2e9e 100644 --- a/fips/fips.h +++ b/fips/fips.h @@ -224,6 +224,16 @@ int FIPS_rsa_verify_digest(struct rsa_st *rsa, const struct env_md_st *mgf1Hash, const unsigned char *sigbuf, unsigned int siglen); +int FIPS_rsa_sign(struct rsa_st *rsa, const unsigned char *msg, int msglen, + const struct env_md_st *mhash, int rsa_pad_mode, + int saltlen, const struct env_md_st *mgf1Hash, + unsigned char *sigret, unsigned int *siglen); + +int FIPS_rsa_verify(struct rsa_st *rsa, const unsigned char *msg, int msglen, + const struct env_md_st *mhash, int rsa_pad_mode, + int saltlen, const struct env_md_st *mgf1Hash, + const unsigned char *sigbuf, unsigned int siglen); + #ifdef OPENSSL_FIPSCAPABLE int FIPS_digestinit(EVP_MD_CTX *ctx, const EVP_MD *type); diff --git a/fips/fips_test_suite.c b/fips/fips_test_suite.c index db0f18a16b..ee706d8a96 100644 --- a/fips/fips_test_suite.c +++ b/fips/fips_test_suite.c @@ -144,11 +144,9 @@ static int FIPS_dsa_test(int bad) DSA *dsa = NULL; unsigned char dgst[] = "etaonrishdlc"; int r = 0; - EVP_MD_CTX mctx; DSA_SIG *sig = NULL; ERR_clear_error(); - FIPS_md_ctx_init(&mctx); dsa = FIPS_dsa_new(); if (!dsa) goto end; @@ -159,23 +157,14 @@ static int FIPS_dsa_test(int bad) if (bad) BN_add_word(dsa->pub_key, 1); - if (!FIPS_digestinit(&mctx, EVP_sha256())) - goto end; - if (!FIPS_digestupdate(&mctx, dgst, sizeof(dgst) - 1)) - goto end; - sig = FIPS_dsa_sign_ctx(dsa, &mctx); + sig = FIPS_dsa_sign(dsa, dgst, sizeof(dgst) -1, EVP_sha256()); if (!sig) goto end; - if (!FIPS_digestinit(&mctx, EVP_sha256())) - goto end; - if (!FIPS_digestupdate(&mctx, dgst, sizeof(dgst) - 1)) - goto end; - r = FIPS_dsa_verify_ctx(dsa, &mctx, sig); + r = FIPS_dsa_verify(dsa, dgst, sizeof(dgst) -1, EVP_sha256(), sig); end: if (sig) FIPS_dsa_sig_free(sig); - FIPS_md_ctx_cleanup(&mctx); if (dsa) FIPS_dsa_free(dsa); if (r != 1) @@ -193,11 +182,9 @@ static int FIPS_rsa_test(int bad) unsigned char buf[256]; unsigned int slen; BIGNUM *bn; - EVP_MD_CTX mctx; int r = 0; ERR_clear_error(); - FIPS_md_ctx_init(&mctx); key = FIPS_rsa_new(); bn = BN_new(); if (!key || !bn) @@ -209,20 +196,13 @@ static int FIPS_rsa_test(int bad) if (bad) BN_add_word(key->n, 1); - if (!FIPS_digestinit(&mctx, EVP_sha256())) - goto end; - if (!FIPS_digestupdate(&mctx, input_ptext, sizeof(input_ptext) - 1)) - goto end; - if (!FIPS_rsa_sign_ctx(key, &mctx, RSA_PKCS1_PADDING, 0, NULL, buf, &slen)) + if (!FIPS_rsa_sign(key, input_ptext, sizeof(input_ptext) - 1, EVP_sha256(), + RSA_PKCS1_PADDING, 0, NULL, buf, &slen)) goto end; - if (!FIPS_digestinit(&mctx, EVP_sha256())) - goto end; - if (!FIPS_digestupdate(&mctx, input_ptext, sizeof(input_ptext) - 1)) - goto end; - r = FIPS_rsa_verify_ctx(key, &mctx, RSA_PKCS1_PADDING, 0, NULL, buf, slen); + r = FIPS_rsa_verify(key, input_ptext, sizeof(input_ptext) - 1, EVP_sha256(), + RSA_PKCS1_PADDING, 0, NULL, buf, slen); end: - FIPS_md_ctx_cleanup(&mctx); if (key) FIPS_rsa_free(key); if (r != 1) diff --git a/fips/rsa/fips_rsa_sign.c b/fips/rsa/fips_rsa_sign.c index 013333e0b4..a4e03e7417 100644 --- a/fips/rsa/fips_rsa_sign.c +++ b/fips/rsa/fips_rsa_sign.c @@ -442,4 +442,33 @@ err: return(ret); } +int FIPS_rsa_sign(RSA *rsa, const unsigned char *msg, int msglen, + const EVP_MD *mhash, int rsa_pad_mode, int saltlen, + const EVP_MD *mgf1Hash, + unsigned char *sigret, unsigned int *siglen) + { + unsigned int md_len, rv; + unsigned char md[EVP_MAX_MD_SIZE]; + FIPS_digest(msg, msglen, md, &md_len, mhash); + rv = FIPS_rsa_sign_digest(rsa, md, md_len, mhash, rsa_pad_mode, + saltlen, mgf1Hash, sigret, siglen); + OPENSSL_cleanse(md, md_len); + return rv; + } + + +int FIPS_rsa_verify(RSA *rsa, const unsigned char *msg, int msglen, + const EVP_MD *mhash, int rsa_pad_mode, int saltlen, + const EVP_MD *mgf1Hash, + const unsigned char *sigbuf, unsigned int siglen) + { + unsigned int md_len, rv; + unsigned char md[EVP_MAX_MD_SIZE]; + FIPS_digest(msg, msglen, md, &md_len, mhash); + rv = FIPS_rsa_verify_digest(rsa, md, md_len, mhash, rsa_pad_mode, + saltlen, mgf1Hash, sigbuf, siglen); + OPENSSL_cleanse(md, md_len); + return rv; + } + #endif diff --git a/fips/rsa/fips_rsastest.c b/fips/rsa/fips_rsastest.c index 72e75a3cc6..a96f277e6a 100644 --- a/fips/rsa/fips_rsastest.c +++ b/fips/rsa/fips_rsastest.c @@ -325,15 +325,12 @@ static int rsa_printsig(FILE *out, RSA *rsa, const EVP_MD *dgst, unsigned char *sigbuf = NULL; int i, siglen, pad_mode; /* EVP_PKEY structure */ - EVP_MD_CTX ctx; siglen = RSA_size(rsa); sigbuf = OPENSSL_malloc(siglen); if (!sigbuf) goto error; - FIPS_md_ctx_init(&ctx); - if (Saltlen >= 0) pad_mode = RSA_PKCS1_PSS_PADDING; else if (Saltlen == -2) @@ -341,16 +338,10 @@ static int rsa_printsig(FILE *out, RSA *rsa, const EVP_MD *dgst, else pad_mode = RSA_PKCS1_PADDING; - if (!FIPS_digestinit(&ctx, dgst)) - goto error; - if (!FIPS_digestupdate(&ctx, Msg, Msglen)) - goto error; - if (!FIPS_rsa_sign_ctx(rsa, &ctx, pad_mode, Saltlen, NULL, + if (!FIPS_rsa_sign(rsa, Msg, Msglen, dgst, pad_mode, Saltlen, NULL, sigbuf, (unsigned int *)&siglen)) goto error; - FIPS_md_ctx_cleanup(&ctx); - fputs("S = ", out); for (i = 0; i < siglen; i++) diff --git a/fips/rsa/fips_rsavtest.c b/fips/rsa/fips_rsavtest.c index 7685c74ef0..9bfc5e688b 100644 --- a/fips/rsa/fips_rsavtest.c +++ b/fips/rsa/fips_rsavtest.c @@ -323,7 +323,6 @@ static int rsa_printver(FILE *out, int ret = 0, r, pad_mode; /* Setup RSA and EVP_PKEY structures */ RSA *rsa_pubkey = NULL; - EVP_MD_CTX ctx; unsigned char *buf = NULL; rsa_pubkey = FIPS_rsa_new(); if (!rsa_pubkey) @@ -333,8 +332,6 @@ static int rsa_printver(FILE *out, if (!rsa_pubkey->n || !rsa_pubkey->e) goto error; - FIPS_md_ctx_init(&ctx); - if (Saltlen >= 0) pad_mode = RSA_PKCS1_PSS_PADDING; else if (Saltlen == -2) @@ -342,19 +339,11 @@ static int rsa_printver(FILE *out, else pad_mode = RSA_PKCS1_PADDING; - if (!FIPS_digestinit(&ctx, dgst)) - goto error; - if (!FIPS_digestupdate(&ctx, Msg, Msglen)) - goto error; - no_err = 1; - r = FIPS_rsa_verify_ctx(rsa_pubkey, &ctx, + r = FIPS_rsa_verify(rsa_pubkey, Msg, Msglen, dgst, pad_mode, Saltlen, NULL, S, Slen); no_err = 0; - - FIPS_md_ctx_cleanup(&ctx); - if (r < 0) goto error; -- 2.25.1