generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Remove CRs from files.

Browse Source
This commit is contained in:
Dr. Stephen Henson 2005-06-10 00:41:25 +00:00
parent b00f715c96
commit 67cdaca99d
3 changed files with 355 additions and 355 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
fips/fipshashes.c
View File

@ -20,7 +20,7 @@ const char * const FIPS_source_hashes[] = {
"HMAC-SHA1(dsa/fips_dsa_selftest.c)= 7c2ba8d82feda2aadc8b769a3b6c4c25a6356e01",
"HMAC-SHA1(rand/fips_rand.c)= 7e3964447a81cfe4e75df981827d14a5fe0c2923",
"HMAC-SHA1(rand/fips_rand.h)= bf009ea8963e79b1e414442ede9ae7010a03160b",
"HMAC-SHA1(rand/fips_rand_selftest.c)= d9c8985e08feecefafe667ad0119d444b42f807c",
"HMAC-SHA1(rand/fips_rand_selftest.c)= 5661f383decf0708d0230409fe1564223e834a3b",
"HMAC-SHA1(rsa/fips_rsa_eay.c)= 2512f849a220daa083f346b10effdb2ee96d4395",
"HMAC-SHA1(rsa/fips_rsa_gen.c)= 577466931c054d99caf4ac2aefff0e35efd94024",
"HMAC-SHA1(rsa/fips_rsa_selftest.c)= a9dc47bd1001f795d1565111d26433c300101e06",

240
fips/rand/fips_rand_selftest.c
View File

@ -1,120 +1,120 @@
/* ====================================================================
* Copyright (c) 2003 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#include <string.h>
#include <openssl/err.h>
#include <openssl/fips.h>
#include <openssl/rand.h>
#include <openssl/fips_rand.h>
#ifdef OPENSSL_FIPS
static struct
{
unsigned char key1[8];
unsigned char key2[8];
unsigned char seed[8];
unsigned char dt[8];
} init_iv[] =
{
{
{ 0x75, 0xc7, 0x1a, 0xe5, 0xa1, 0x1a, 0x23, 0x2c },
{ 0x40, 0x25, 0x6d, 0xcd, 0x94, 0xf7, 0x67, 0xb0 },
{ 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
{ 0xc8, 0x9a, 0x1d, 0x88, 0x8e, 0xd1, 0x2f, 0x3c },
},
{
{ 0x75, 0xc7, 0x1a, 0xe5, 0xa1, 0x1a, 0x23, 0x2c },
{ 0x40, 0x25, 0x6d, 0xcd, 0x94, 0xf7, 0x67, 0xb0 },
{ 0xf8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
{ 0xc8, 0x9a, 0x1d, 0x88, 0x8e, 0xd1, 0x2f, 0x40 },
},
{
{ 0x75, 0xc7, 0x1a, 0xe5, 0xa1, 0x1a, 0x23, 0x2c },
{ 0x40, 0x25, 0x6d, 0xcd, 0x94, 0xf7, 0x67, 0xb0 },
{ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff },
{ 0xc8, 0x9a, 0x1d, 0x88, 0x8e, 0xd1, 0x2f, 0x7b },
},
};
static const unsigned char expected_ret[][8]=
{
{ 0x94, 0x4d, 0xc7, 0x21, 0x0d, 0x6d, 0x7f, 0xd7 },
{ 0x02, 0x43, 0x3c, 0x94, 0x17, 0xa3, 0x32, 0x6f },
{ 0xe7, 0xe2, 0xb2, 0x96, 0x4f, 0x36, 0xed, 0x41 },
};
void FIPS_corrupt_rng()
{
init_iv[0].dt[0]++;
}
int FIPS_selftest_rng()
{
int n;
for(n=0 ; n < 3 ; ++n)
{
unsigned char actual_ret[8];
FIPS_rand_method()->cleanup();
FIPS_set_prng_key(init_iv[n].key1,init_iv[n].key2);
FIPS_rand_seed(init_iv[n].seed,8);
FIPS_test_mode(1,init_iv[n].dt);
if ((FIPS_rand_method()->bytes(actual_ret, 8) <=0) || (memcmp(actual_ret,expected_ret[n],sizeof actual_ret)))
{
FIPS_test_mode(0,NULL);
FIPSerr(FIPS_F_FIPS_SELFTEST_RNG,FIPS_R_SELFTEST_FAILED);
return 0;
}
}
FIPS_test_mode(0,NULL);
return 1;
}
#endif
/* ====================================================================
* Copyright (c) 2003 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#include <string.h>
#include <openssl/err.h>
#include <openssl/fips.h>
#include <openssl/rand.h>
#include <openssl/fips_rand.h>
#ifdef OPENSSL_FIPS
static struct
{
unsigned char key1[8];
unsigned char key2[8];
unsigned char seed[8];
unsigned char dt[8];
} init_iv[] =
{
{
{ 0x75, 0xc7, 0x1a, 0xe5, 0xa1, 0x1a, 0x23, 0x2c },
{ 0x40, 0x25, 0x6d, 0xcd, 0x94, 0xf7, 0x67, 0xb0 },
{ 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
{ 0xc8, 0x9a, 0x1d, 0x88, 0x8e, 0xd1, 0x2f, 0x3c },
},
{
{ 0x75, 0xc7, 0x1a, 0xe5, 0xa1, 0x1a, 0x23, 0x2c },
{ 0x40, 0x25, 0x6d, 0xcd, 0x94, 0xf7, 0x67, 0xb0 },
{ 0xf8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
{ 0xc8, 0x9a, 0x1d, 0x88, 0x8e, 0xd1, 0x2f, 0x40 },
},
{
{ 0x75, 0xc7, 0x1a, 0xe5, 0xa1, 0x1a, 0x23, 0x2c },
{ 0x40, 0x25, 0x6d, 0xcd, 0x94, 0xf7, 0x67, 0xb0 },
{ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff },
{ 0xc8, 0x9a, 0x1d, 0x88, 0x8e, 0xd1, 0x2f, 0x7b },
},
};
static const unsigned char expected_ret[][8]=
{
{ 0x94, 0x4d, 0xc7, 0x21, 0x0d, 0x6d, 0x7f, 0xd7 },
{ 0x02, 0x43, 0x3c, 0x94, 0x17, 0xa3, 0x32, 0x6f },
{ 0xe7, 0xe2, 0xb2, 0x96, 0x4f, 0x36, 0xed, 0x41 },
};
void FIPS_corrupt_rng()
{
init_iv[0].dt[0]++;
}
int FIPS_selftest_rng()
{
int n;
for(n=0 ; n < 3 ; ++n)
{
unsigned char actual_ret[8];
FIPS_rand_method()->cleanup();
FIPS_set_prng_key(init_iv[n].key1,init_iv[n].key2);
FIPS_rand_seed(init_iv[n].seed,8);
FIPS_test_mode(1,init_iv[n].dt);
if ((FIPS_rand_method()->bytes(actual_ret, 8) <=0) || (memcmp(actual_ret,expected_ret[n],sizeof actual_ret)))
{
FIPS_test_mode(0,NULL);
FIPSerr(FIPS_F_FIPS_SELFTEST_RNG,FIPS_R_SELFTEST_FAILED);
return 0;
}
}
FIPS_test_mode(0,NULL);
return 1;
}
#endif

468
fips/rand/fips_rngvs.c
View File

@ -1,234 +1,234 @@
/*
* Crude test driver for processing the VST and MCT testvector files
* generated by the CMVP RNGVS product.
*
* Note the input files are assumed to have a _very_ specific format
* as described in the NIST document "The Random Number Generator
* Validation System (RNGVS)", May 25, 2004.
*
*/
#include <openssl/opensslconf.h>
#ifndef OPENSSL_FIPS
#include <stdio.h>
int main()
{
printf("No FIPS RNG support\n");
return 0;
}
#else
#include <openssl/bn.h>
#include <openssl/dsa.h>
#include <openssl/fips.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/fips_rand.h>
#include <string.h>
int hex2bin(const char *in, unsigned char *out)
{
int n1, n2;
unsigned char ch;
for (n1=0,n2=0 ; in[n1] && in[n1] != '\n' ; )
{ /* first byte */
if ((in[n1] >= '0') && (in[n1] <= '9'))
ch = in[n1++] - '0';
else if ((in[n1] >= 'A') && (in[n1] <= 'F'))
ch = in[n1++] - 'A' + 10;
else if ((in[n1] >= 'a') && (in[n1] <= 'f'))
ch = in[n1++] - 'a' + 10;
else
return -1;
if(!in[n1])
{
out[n2++]=ch;
break;
}
out[n2] = ch << 4;
/* second byte */
if ((in[n1] >= '0') && (in[n1] <= '9'))
ch = in[n1++] - '0';
else if ((in[n1] >= 'A') && (in[n1] <= 'F'))
ch = in[n1++] - 'A' + 10;
else if ((in[n1] >= 'a') && (in[n1] <= 'f'))
ch = in[n1++] - 'a' + 10;
else
return -1;
out[n2++] |= ch;
}
return n2;
}
int bin2hex(const unsigned char *in,int len,char *out)
{
int n1, n2;
unsigned char ch;
for (n1=0,n2=0 ; n1 < len ; ++n1)
{
ch=in[n1] >> 4;
if (ch <= 0x09)
out[n2++]=ch+'0';
else
out[n2++]=ch-10+'a';
ch=in[n1] & 0x0f;
if(ch <= 0x09)
out[n2++]=ch+'0';
else
out[n2++]=ch-10+'a';
}
out[n2]='\0';
return n2;
}
void pv(const char *tag,const unsigned char *val,int len)
{
char obuf[2048];
bin2hex(val,len,obuf);
printf("%s = %s\n",tag,obuf);
}
void vst()
{
unsigned char key1[8];
unsigned char key2[8];
unsigned char v[8];
unsigned char dt[8];
unsigned char ret[8];
char buf[1024];
int n;
while(fgets(buf,sizeof buf,stdin) != NULL)
{
if(!strncmp(buf,"Key1 = ",7))
{
n=hex2bin(buf+7,key1);
pv("Key1",key1,n);
}
else if(!strncmp(buf,"Key2 = ",7))
{
n=hex2bin(buf+7,key2);
pv("Key1",key2,n);
}
else if(!strncmp(buf,"DT = ",5))
{
n=hex2bin(buf+5,dt);
pv("DT",dt,n);
}
else if(!strncmp(buf,"V = ",4))
{
n=hex2bin(buf+4,v);
pv("V",v,n);
FIPS_rand_method()->cleanup();
FIPS_set_prng_key(key1,key2);
FIPS_rand_seed(v,8);
FIPS_test_mode(1,dt);
if (FIPS_rand_method()->bytes(ret,8) <= 0)
{
FIPS_test_mode(0,NULL);
FIPSerr(FIPS_F_FIPS_SELFTEST_RNG,FIPS_R_SELFTEST_FAILED);
return;
}
pv("R",ret,8);
putc('\n',stdout);
}
else
fputs(buf,stdout);
}
}
void mct()
{
unsigned char key1[8];
unsigned char key2[8];
unsigned char v[8];
unsigned char dt[8];
unsigned char ret[8];
char buf[1024];
int n;
BIGNUM *bn;
BIGNUM *pbn;
bn = BN_new();
while(fgets(buf,sizeof buf,stdin) != NULL)
{
if(!strncmp(buf,"Key1 = ",7))
{
n=hex2bin(buf+7,key1);
pv("Key1",key1,n);
}
else if(!strncmp(buf,"Key2 = ",7))
{
n=hex2bin(buf+7,key2);
pv("Key1",key2,n);
}
else if(!strncmp(buf,"DT = ",5))
{
n=hex2bin(buf+5,dt);
pv("DT",dt,n);
}
else if(!strncmp(buf,"V = ",4))
{
int iter;
n=hex2bin(buf+4,v);
pv("V",v,n);
FIPS_rand_method()->cleanup();
FIPS_set_prng_key(key1,key2);
FIPS_rand_seed(v,8);
for (iter=0; iter < 10000; ++iter)
{
FIPS_test_mode(1,dt);
if (FIPS_rand_method()->bytes(ret,8) <= 0)
{
FIPS_test_mode(0,NULL);
FIPSerr(FIPS_F_FIPS_SELFTEST_RNG,FIPS_R_SELFTEST_FAILED);
return;
}
pbn = BN_bin2bn(dt,8,bn);
n = BN_add(bn,bn,BN_value_one());
n = BN_bn2bin(bn,dt);
}
pv("R",ret,8);
putc('\n',stdout);
}
else
fputs(buf,stdout);
}
BN_free(bn);
}
int main(int argc,char **argv)
{
if(argc != 2)
{
fprintf(stderr,"%s [mct|vst]\n",argv[0]);
exit(1);
}
if(!FIPS_mode_set(1,argv[0]))
{
ERR_load_crypto_strings();
ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
exit(1);
}
if(!strcmp(argv[1],"mct"))
mct();
else if(!strcmp(argv[1],"vst"))
vst();
else
{
fprintf(stderr,"Don't know how to %s.\n",argv[1]);
exit(1);
}
return 0;
}
#endif
/*
* Crude test driver for processing the VST and MCT testvector files
* generated by the CMVP RNGVS product.
*
* Note the input files are assumed to have a _very_ specific format
* as described in the NIST document "The Random Number Generator
* Validation System (RNGVS)", May 25, 2004.
*
*/
#include <openssl/opensslconf.h>
#ifndef OPENSSL_FIPS
#include <stdio.h>
int main()
{
printf("No FIPS RNG support\n");
return 0;
}
#else
#include <openssl/bn.h>
#include <openssl/dsa.h>
#include <openssl/fips.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/fips_rand.h>
#include <string.h>
int hex2bin(const char *in, unsigned char *out)
{
int n1, n2;
unsigned char ch;
for (n1=0,n2=0 ; in[n1] && in[n1] != '\n' ; )
{ /* first byte */
if ((in[n1] >= '0') && (in[n1] <= '9'))
ch = in[n1++] - '0';
else if ((in[n1] >= 'A') && (in[n1] <= 'F'))
ch = in[n1++] - 'A' + 10;
else if ((in[n1] >= 'a') && (in[n1] <= 'f'))
ch = in[n1++] - 'a' + 10;
else
return -1;
if(!in[n1])
{
out[n2++]=ch;
break;
}
out[n2] = ch << 4;
/* second byte */
if ((in[n1] >= '0') && (in[n1] <= '9'))
ch = in[n1++] - '0';
else if ((in[n1] >= 'A') && (in[n1] <= 'F'))
ch = in[n1++] - 'A' + 10;
else if ((in[n1] >= 'a') && (in[n1] <= 'f'))
ch = in[n1++] - 'a' + 10;
else
return -1;
out[n2++] |= ch;
}
return n2;
}
int bin2hex(const unsigned char *in,int len,char *out)
{
int n1, n2;
unsigned char ch;
for (n1=0,n2=0 ; n1 < len ; ++n1)
{
ch=in[n1] >> 4;
if (ch <= 0x09)
out[n2++]=ch+'0';
else
out[n2++]=ch-10+'a';
ch=in[n1] & 0x0f;
if(ch <= 0x09)
out[n2++]=ch+'0';
else
out[n2++]=ch-10+'a';
}
out[n2]='\0';
return n2;
}
void pv(const char *tag,const unsigned char *val,int len)
{
char obuf[2048];
bin2hex(val,len,obuf);
printf("%s = %s\n",tag,obuf);
}
void vst()
{
unsigned char key1[8];
unsigned char key2[8];
unsigned char v[8];
unsigned char dt[8];
unsigned char ret[8];
char buf[1024];
int n;
while(fgets(buf,sizeof buf,stdin) != NULL)
{
if(!strncmp(buf,"Key1 = ",7))
{
n=hex2bin(buf+7,key1);
pv("Key1",key1,n);
}
else if(!strncmp(buf,"Key2 = ",7))
{
n=hex2bin(buf+7,key2);
pv("Key1",key2,n);
}
else if(!strncmp(buf,"DT = ",5))
{
n=hex2bin(buf+5,dt);
pv("DT",dt,n);
}
else if(!strncmp(buf,"V = ",4))
{
n=hex2bin(buf+4,v);
pv("V",v,n);
FIPS_rand_method()->cleanup();
FIPS_set_prng_key(key1,key2);
FIPS_rand_seed(v,8);
FIPS_test_mode(1,dt);
if (FIPS_rand_method()->bytes(ret,8) <= 0)
{
FIPS_test_mode(0,NULL);
FIPSerr(FIPS_F_FIPS_SELFTEST_RNG,FIPS_R_SELFTEST_FAILED);
return;
}
pv("R",ret,8);
putc('\n',stdout);
}
else
fputs(buf,stdout);
}
}
void mct()
{
unsigned char key1[8];
unsigned char key2[8];
unsigned char v[8];
unsigned char dt[8];
unsigned char ret[8];
char buf[1024];
int n;
BIGNUM *bn;
BIGNUM *pbn;
bn = BN_new();
while(fgets(buf,sizeof buf,stdin) != NULL)
{
if(!strncmp(buf,"Key1 = ",7))
{
n=hex2bin(buf+7,key1);
pv("Key1",key1,n);
}
else if(!strncmp(buf,"Key2 = ",7))
{
n=hex2bin(buf+7,key2);
pv("Key1",key2,n);
}
else if(!strncmp(buf,"DT = ",5))
{
n=hex2bin(buf+5,dt);
pv("DT",dt,n);
}
else if(!strncmp(buf,"V = ",4))
{
int iter;
n=hex2bin(buf+4,v);
pv("V",v,n);
FIPS_rand_method()->cleanup();
FIPS_set_prng_key(key1,key2);
FIPS_rand_seed(v,8);
for (iter=0; iter < 10000; ++iter)
{
FIPS_test_mode(1,dt);
if (FIPS_rand_method()->bytes(ret,8) <= 0)
{
FIPS_test_mode(0,NULL);
FIPSerr(FIPS_F_FIPS_SELFTEST_RNG,FIPS_R_SELFTEST_FAILED);
return;
}
pbn = BN_bin2bn(dt,8,bn);
n = BN_add(bn,bn,BN_value_one());
n = BN_bn2bin(bn,dt);
}
pv("R",ret,8);
putc('\n',stdout);
}
else
fputs(buf,stdout);
}
BN_free(bn);
}
int main(int argc,char **argv)
{
if(argc != 2)
{
fprintf(stderr,"%s [mct|vst]\n",argv[0]);
exit(1);
}
if(!FIPS_mode_set(1,argv[0]))
{
ERR_load_crypto_strings();
ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
exit(1);
}
if(!strcmp(argv[1],"mct"))
mct();
else if(!strcmp(argv[1],"vst"))
vst();
else
{
fprintf(stderr,"Don't know how to %s.\n",argv[1]);
exit(1);
}
return 0;
}
#endif