generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Corrected test program.

Browse Source
This commit is contained in:
Ben Laurie 2004-07-12 17:59:50 +00:00
parent 901959c945
commit d70f5891da
2 changed files with 42 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
fips/dh/fingerprint.sha1
View File

@ -1,3 +1,3 @@
HMAC-SHA1(fips_dh_check.c)= 5657cf7c136f6d9608df40d0699fe1d61d0ad5b5 HMAC-SHA1(fips_dh_check.c)= 63347e2007e224381d4a7b6d871633889de72cf3
HMAC-SHA1(fips_dh_gen.c)= e3626ccd5124942cb19ca962470d2c3704d265bb HMAC-SHA1(fips_dh_gen.c)= 6aaf18dab32bf9a5fb4b7449ac4cbe559040adb4
HMAC-SHA1(fips_dh_key.c)= 88c882a9063c0b7e5f46de1a7bfa82f71e0a918e HMAC-SHA1(fips_dh_key.c)= 7bf23b329a776953bbe7c30ebd7f9faf5249ddbe

45
fips/fips_test_suite.c
View File

@ -24,7 +24,7 @@
#include <openssl/md5.h> #include <openssl/md5.h>
#include <openssl/err.h> #include <openssl/err.h>
#include <openssl/fips.h> #include <openssl/fips.h>
#include <openssl/bn.h>
#ifndef OPENSSL_FIPS #ifndef OPENSSL_FIPS
int main(int argc, char *argv[]) int main(int argc, char *argv[])
{ {
@ -174,12 +174,37 @@ static int dh_test()
ERR_clear_error(); ERR_clear_error();
dh = DH_generate_parameters(256, 2, NULL, NULL); dh = DH_generate_parameters(256, 2, NULL, NULL);
if (!dh) if (dh)
{ return 1;
ERR_load_crypto_strings(); return 0;
ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE)); }
/* Zeroize
*/
static int Zeroize()
{
RSA *key;
unsigned char userkey[16] =
{ 0x48, 0x50, 0xf0, 0xa3, 0x3a, 0xed, 0xd3, 0xaf, 0x6e, 0x47, 0x7f, 0x83, 0x02, 0xb1, 0x09, 0x68 };
int i, n;
key = RSA_generate_key(1024,65537,NULL,NULL);
if (!key)
return 0; return 0;
} n = BN_num_bytes(key->d);
printf(" Generated %d byte RSA private key\n", n);
printf("\tBN key before overwriting:\n%s\n", BN_bn2hex(key->d));
BN_rand(key->d,n*8,-1,0);
printf("\tBN key after overwriting:\n%s\n", BN_bn2hex(key->d));
printf("\tchar buffer key before overwriting: \n\t\t");
for(i = 0; i < sizeof(userkey); i++) printf("%02x", userkey[i]);
printf("\n");
RAND_bytes(userkey, sizeof userkey);
printf("\tchar buffer key after overwriting: \n\t\t");
for(i = 0; i < sizeof(userkey); i++) printf("%02x", userkey[i]);
printf("\n");
return 1; return 1;
} }
@ -195,6 +220,9 @@ int main(int argc,char **argv)
printf("\tFIPS-mode test application\n\n"); printf("\tFIPS-mode test application\n\n");
/* Load entropy from external file, if any */
RAND_load_file(".rnd", 1024);
if (argv[1]) { if (argv[1]) {
/* Corrupted KAT tests */ /* Corrupted KAT tests */
if (!strcmp(argv[1], "aes")) { if (!strcmp(argv[1], "aes")) {
@ -301,6 +329,11 @@ int main(int argc,char **argv)
printf( dh_test() ? "successful as expected\n" printf( dh_test() ? "successful as expected\n"
: Fail("failed INCORRECTLY!\n") ); : Fail("failed INCORRECTLY!\n") );
/* Zeroization
*/
printf("9. Zero-ization...\n");
Zeroize();
printf("\nAll tests completed with %d errors\n", Error); printf("\nAll tests completed with %d errors\n", Error);
return 0; return 0;
} }