generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Backport fixes/updates from 0.9.8-fips to algorithm tests.

Browse Source
This commit is contained in:
Dr. Stephen Henson
2008-01-03 13:37:23 +00:00
parent 87dc67a2e1
commit 8b6d0dc208
3 changed files with 177 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
fips-1.0/aes/fips_aesavs.c
View File

@@ -82,7 +82,7 @@ int main(int argc, char *argv[])
#define AES_BLOCK_SIZE 16
#define VERBOSE 1
#define VERBOSE 0
/*-----------------------------------------------*/
@@ -476,8 +476,10 @@ int do_mct(char *amode,
if(j == 0)
{
/* compensate for wrong endianness of input file */
#if 0
if(i == 0)
ptext[0][0]<<=7;
#endif
ret=AESTest(&ctx,amode,akeysz,key[i],iv[i],dir,
ptext[j], ctext[j], len);
}
@@ -694,7 +696,7 @@ static int tidy_line(char *linebuf, char *olinebuf)
# Fri Aug 30 04:07:22 PM
----------------------------*/
int proc_file(char *rqfile)
int proc_file(char *rqfile, char *rspfile)
{
char afn[256], rfn[256];
FILE *afp = NULL, *rfp = NULL;
@@ -725,13 +727,21 @@ int proc_file(char *rqfile)
afn, strerror(errno));
return -1;
}
strcpy(rfn,afn);
rp=strstr(rfn,"req/");
assert(rp);
memcpy(rp,"rsp",3);
rp = strstr(rfn, ".req");
memcpy(rp, ".rsp", 4);
if ((rfp = fopen(rfn, "w")) == NULL)
if (!rspfile)
{
strcpy(rfn,afn);
rp=strstr(rfn,"req/");
#ifdef OPENSSL_SYS_WIN32
if (!rp)
rp=strstr(rfn,"req\\");
#endif
assert(rp);
memcpy(rp,"rsp",3);
rp = strstr(rfn, ".req");
memcpy(rp, ".rsp", 4);
rspfile = rfn;
}
if ((rfp = fopen(rspfile, "w")) == NULL)
{
printf("Cannot open file: %s, %s\n",
rfn, strerror(errno));
@@ -795,7 +805,8 @@ int proc_file(char *rqfile)
strncpy(amode, xp+1, n);
amode[n] = '\0';
/* amode[3] = '\0'; */
printf("Test = %s, Mode = %s\n", atest, amode);
if (VERBOSE)
printf("Test = %s, Mode = %s\n", atest, amode);
}
else if (strncasecmp(pp, "Key Length : ", 13) == 0)
{
@@ -947,7 +958,6 @@ int proc_file(char *rqfile)
err =1;
break;
}
PrintValue("CIPHERTEXT", ciphertext, len);
if (strcmp(atest, "MCT") == 0) /* Monte Carlo Test */
{
@@ -998,7 +1008,7 @@ int proc_file(char *rqfile)
--------------------------------------------------*/
int main(int argc, char **argv)
{
char *rqlist = "req.txt";
char *rqlist = "req.txt", *rspfile = NULL;
FILE *fp = NULL;
char fn[250] = "", rfn[256] = "";
int f_opt = 0, d_opt = 1;
@@ -1034,7 +1044,10 @@ int main(int argc, char **argv)
if (d_opt)
rqlist = argv[2];
else
{
strcpy(fn, argv[2]);
rspfile = argv[3];
}
}
if (d_opt)
{ /* list of files (directory) */
@@ -1047,8 +1060,9 @@ int main(int argc, char **argv)
{
strtok(fn, "\r\n");
strcpy(rfn, fn);
printf("Processing: %s\n", rfn);
if (proc_file(rfn))
if (VERBOSE)
printf("Processing: %s\n", rfn);
if (proc_file(rfn, rspfile))
{
printf(">>> Processing failed for: %s <<<\n", rfn);
EXIT(1);
@@ -1058,8 +1072,9 @@ int main(int argc, char **argv)
}
else /* single file */
{
printf("Processing: %s\n", fn);
if (proc_file(fn))
if (VERBOSE)
printf("Processing: %s\n", fn);
if (proc_file(fn, rspfile))
{
printf(">>> Processing failed for: %s <<<\n", fn);
}

42
fips-1.0/des/fips_desmovs.c
View File

@@ -558,7 +558,7 @@ void do_mct(char *amode,
}
}
int proc_file(char *rqfile)
int proc_file(char *rqfile, char *rspfile)
{
char afn[256], rfn[256];
FILE *afp = NULL, *rfp = NULL;
@@ -588,13 +588,21 @@ int proc_file(char *rqfile)
afn, strerror(errno));
return -1;
}
strcpy(rfn,afn);
rp=strstr(rfn,"req/");
assert(rp);
memcpy(rp,"rsp",3);
rp = strstr(rfn, ".req");
memcpy(rp, ".rsp", 4);
if ((rfp = fopen(rfn, "w")) == NULL)
if (!rspfile)
{
strcpy(rfn,afn);
rp=strstr(rfn,"req/");
#ifdef OPENSSL_SYS_WIN32
if (!rp)
rp=strstr(rfn,"req\\");
#endif
assert(rp);
memcpy(rp,"rsp",3);
rp = strstr(rfn, ".req");
memcpy(rp, ".rsp", 4);
rspfile = rfn;
}
if ((rfp = fopen(rspfile, "w")) == NULL)
{
printf("Cannot open file: %s, %s\n",
rfn, strerror(errno));
@@ -666,7 +674,8 @@ int proc_file(char *rqfile)
strncpy(amode, xp+1, n);
amode[n] = '\0';
/* amode[3] = '\0'; */
printf("Test=%s, Mode=%s\n",atest,amode);
if (VERBOSE)
printf("Test=%s, Mode=%s\n",atest,amode);
}
}
}
@@ -909,7 +918,7 @@ int proc_file(char *rqfile)
--------------------------------------------------*/
int main(int argc, char **argv)
{
char *rqlist = "req.txt";
char *rqlist = "req.txt", *rspfile = NULL;
FILE *fp = NULL;
char fn[250] = "", rfn[256] = "";
int f_opt = 0, d_opt = 1;
@@ -945,7 +954,10 @@ int main(int argc, char **argv)
if (d_opt)
rqlist = argv[2];
else
{
strcpy(fn, argv[2]);
rspfile = argv[3];
}
}
if (d_opt)
{ /* list of files (directory) */
@@ -958,8 +970,9 @@ int main(int argc, char **argv)
{
strtok(fn, "\r\n");
strcpy(rfn, fn);
printf("Processing: %s\n", rfn);
if (proc_file(rfn))
if (VERBOSE)
printf("Processing: %s\n", rfn);
if (proc_file(rfn, rspfile))
{
printf(">>> Processing failed for: %s <<<\n", rfn);
EXIT(1);
@@ -969,8 +982,9 @@ int main(int argc, char **argv)
}
else /* single file */
{
printf("Processing: %s\n", fn);
if (proc_file(fn))
if (VERBOSE)
printf("Processing: %s\n", fn);
if (proc_file(fn, rspfile))
{
printf(">>> Processing failed for: %s <<<\n", fn);
}

118
fips-1.0/dsa/fips_dssvs.c
View File

@@ -274,6 +274,122 @@ void pqgver()
}
}
/* Keypair verification routine. NB: this isn't part of the stndard FIPS140-2
* algorithm tests. It is an additional test to perform sanity checks on the
* output of the KeyPair test.
*/
static int dss_paramcheck(int nmod, BIGNUM *p, BIGNUM *q, BIGNUM *g,
BN_CTX *ctx)
{
BIGNUM *rem = NULL;
if (BN_num_bits(p) != nmod)
return 0;
if (BN_num_bits(q) != 160)
return 0;
if (BN_is_prime(p, BN_prime_checks, NULL, NULL, NULL) != 1)
return 0;
if (BN_is_prime(q, BN_prime_checks, NULL, NULL, NULL) != 1)
return 0;
rem = BN_new();
if (!BN_mod(rem, p, q, ctx) || !BN_is_one(rem)
|| (BN_cmp(g, BN_value_one()) <= 0)
|| !BN_mod_exp(rem, g, q, p, ctx) || !BN_is_one(rem))
{
BN_free(rem);
return 0;
}
BN_free(rem);
return 1;
}
void keyver()
{
char buf[1024];
char lbuf[1024];
char *keyword, *value;
BIGNUM *p = NULL, *q = NULL, *g = NULL, *X = NULL, *Y = NULL;
BIGNUM *Y2;
BN_CTX *ctx = NULL;
int nmod=0, paramcheck = 0;
ctx = BN_CTX_new();
Y2 = BN_new();
while(fgets(buf,sizeof buf,stdin) != NULL)
{
if (!parse_line(&keyword, &value, lbuf, buf))
{
fputs(buf,stdout);
continue;
}
if(!strcmp(keyword,"[mod"))
{
if (p)
BN_free(p);
p = NULL;
if (q)
BN_free(q);
q = NULL;
if (g)
BN_free(g);
g = NULL;
paramcheck = 0;
nmod=atoi(value);
}
else if(!strcmp(keyword,"P"))
p=hex2bn(value);
else if(!strcmp(keyword,"Q"))
q=hex2bn(value);
else if(!strcmp(keyword,"G"))
g=hex2bn(value);
else if(!strcmp(keyword,"X"))
X=hex2bn(value);
else if(!strcmp(keyword,"Y"))
{
Y=hex2bn(value);
if (!p || !q || !g || !X || !Y)
{
fprintf(stderr, "Parse Error\n");
exit (1);
}
pbn("P",p);
pbn("Q",q);
pbn("G",g);
pbn("X",X);
pbn("Y",Y);
if (!paramcheck)
{
if (dss_paramcheck(nmod, p, q, g, ctx))
paramcheck = 1;
else
paramcheck = -1;
}
if (paramcheck != 1)
printf("Result = F\n");
else
{
if (!BN_mod_exp(Y2, g, X, p, ctx) || BN_cmp(Y2, Y))
printf("Result = F\n");
else
printf("Result = T\n");
}
BN_free(X);
BN_free(Y);
X = NULL;
Y = NULL;
}
}
if (p)
BN_free(p);
if (q)
BN_free(q);
if (g)
BN_free(g);
if (Y2)
BN_free(Y2);
}
void keypair()
{
char buf[1024];
@@ -451,6 +567,8 @@ int main(int argc,char **argv)
pqgver();
else if(!strcmp(argv[1],"keypair"))
keypair();
else if(!strcmp(argv[1],"keyver"))
keyver();
else if(!strcmp(argv[1],"siggen"))
siggen();
else if(!strcmp(argv[1],"sigver"))