generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add tiny ASN1 code for DSA signatures.

Browse Source 
Make DSA tests, selftests and algorithm tests use EVP.
This commit is contained in:
Dr. Stephen Henson
2007-04-02 23:59:47 +00:00
parent 82c8b6b74d
commit ff03c6bc97
12 changed files with 274 additions and 100 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
CHANGES
View File

@@ -4,6 +4,11 @@
Changes between 0.9.8e and 0.9.8f-fips [xx XXX xxxx] Changes between 0.9.8e and 0.9.8f-fips [xx XXX xxxx]
*) Add small standalone ASN1 encoder/decoder to handle DSA signature format.
Modify test, algorithm test and selftest routines to use EVP for DSA.
Move FIPS implementation of EVP_sha*() and EVP_dss1() under fips-1.0.
[Steve Henson]
*) Modify VC++ build system to rename .text and .rdata segments in *) Modify VC++ build system to rename .text and .rdata segments in
FIPS sources to .fipst${a,b,c}, and $fipsr${a,b,c} and place them FIPS sources to .fipst${a,b,c}, and $fipsr${a,b,c} and place them
in a static library fipscanister.lib using a perl script. These are in a static library fipscanister.lib using a perl script. These are

1
Makefile.org
View File

@@ -298,7 +298,6 @@ FIPS_EX_OBJ= ../crypto/aes/aes_cbc.o \
../crypto/dsa/dsa_vrf.o \ ../crypto/dsa/dsa_vrf.o \
../crypto/err/err.o \ ../crypto/err/err.o \
../crypto/evp/digest.o \ ../crypto/evp/digest.o \
../crypto/evp/m_sha1.o \
../crypto/evp/p_sign.o \ ../crypto/evp/p_sign.o \
../crypto/evp/p_verify.o \ ../crypto/evp/p_verify.o \
../crypto/mem_clr.o \ ../crypto/mem_clr.o \

5
crypto/dsa/dsa.h
View File

@@ -265,6 +265,11 @@ int DSA_print_fp(FILE *bp, const DSA *x, int off);
DH *DSA_dup_DH(const DSA *r); DH *DSA_dup_DH(const DSA *r);
#endif #endif
#ifdef OPENSSL_FIPS
int FIPS_dsa_sig_encode(unsigned char *out, DSA_SIG *sig);
int FIPS_dsa_sig_decode(DSA_SIG *sig, const unsigned char *in, int inlen);
#endif
/* BEGIN ERROR CODES */ /* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes /* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run. * made after this point may be overwritten when the script is next run.

1
crypto/dsa/dsa_asn1.c
View File

@@ -196,3 +196,4 @@ err:
DSA_SIG_free(s); DSA_SIG_free(s);
return(ret); return(ret);
} }

5
crypto/evp/m_dss1.c
View File

@@ -68,6 +68,8 @@
#include <openssl/dsa.h> #include <openssl/dsa.h>
#endif #endif
#ifndef OPENSSL_FIPS
static int init(EVP_MD_CTX *ctx) static int init(EVP_MD_CTX *ctx)
{ return SHA1_Init(ctx->md_data); } { return SHA1_Init(ctx->md_data); }
@@ -82,7 +84,7 @@ static const EVP_MD dss1_md=
NID_dsa, NID_dsa,
NID_dsaWithSHA1, NID_dsaWithSHA1,
SHA_DIGEST_LENGTH, SHA_DIGEST_LENGTH,
EVP_MD_FLAG_FIPS, 0,
init, init,
update, update,
final, final,
@@ -98,3 +100,4 @@ const EVP_MD *EVP_dss1(void)
return(&dss1_md); return(&dss1_md);
} }
#endif #endif
#endif

34
crypto/evp/m_sha1.c
View File

@@ -68,14 +68,7 @@
#include <openssl/rsa.h> #include <openssl/rsa.h>
#endif #endif
#ifdef OPENSSL_FIPS #ifndef OPENSSL_FIPS
#define EVP_PKEY_RSA_fips_method \
(evp_sign_method *)FIPS_rsa_sign, \
(evp_verify_method *) FIPS_rsa_verify, \
{EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
#else
#define EVP_PKEY_RSA_fips_method EVP_PKEY_RSA_method
#endif
static int init(EVP_MD_CTX *ctx) static int init(EVP_MD_CTX *ctx)
{ return SHA1_Init(ctx->md_data); } { return SHA1_Init(ctx->md_data); }
@@ -91,13 +84,13 @@ static const EVP_MD sha1_md=
NID_sha1, NID_sha1,
NID_sha1WithRSAEncryption, NID_sha1WithRSAEncryption,
SHA_DIGEST_LENGTH, SHA_DIGEST_LENGTH,
EVP_MD_FLAG_FIPS, 0,
init, init,
update, update,
final, final,
NULL, NULL,
NULL, NULL,
EVP_PKEY_RSA_fips_method, EVP_PKEY_RSA_method,
SHA_CBLOCK, SHA_CBLOCK,
sizeof(EVP_MD *)+sizeof(SHA_CTX), sizeof(EVP_MD *)+sizeof(SHA_CTX),
}; };
@@ -106,7 +99,6 @@ const EVP_MD *EVP_sha1(void)
{ {
return(&sha1_md); return(&sha1_md);
} }
#endif
#ifndef OPENSSL_NO_SHA256 #ifndef OPENSSL_NO_SHA256
static int init224(EVP_MD_CTX *ctx) static int init224(EVP_MD_CTX *ctx)
@@ -128,13 +120,13 @@ static const EVP_MD sha224_md=
NID_sha224, NID_sha224,
NID_sha224WithRSAEncryption, NID_sha224WithRSAEncryption,
SHA224_DIGEST_LENGTH, SHA224_DIGEST_LENGTH,
EVP_MD_FLAG_FIPS, 0,
init224, init224,
update256, update256,
final256, final256,
NULL, NULL,
NULL, NULL,
EVP_PKEY_RSA_fips_method, EVP_PKEY_RSA_method,
SHA256_CBLOCK, SHA256_CBLOCK,
sizeof(EVP_MD *)+sizeof(SHA256_CTX), sizeof(EVP_MD *)+sizeof(SHA256_CTX),
}; };
@@ -147,13 +139,13 @@ static const EVP_MD sha256_md=
NID_sha256, NID_sha256,
NID_sha256WithRSAEncryption, NID_sha256WithRSAEncryption,
SHA256_DIGEST_LENGTH, SHA256_DIGEST_LENGTH,
EVP_MD_FLAG_FIPS, 0,
init256, init256,
update256, update256,
final256, final256,
NULL, NULL,
NULL, NULL,
EVP_PKEY_RSA_fips_method, EVP_PKEY_RSA_method,
SHA256_CBLOCK, SHA256_CBLOCK,
sizeof(EVP_MD *)+sizeof(SHA256_CTX), sizeof(EVP_MD *)+sizeof(SHA256_CTX),
}; };
@@ -178,13 +170,13 @@ static const EVP_MD sha384_md=
NID_sha384, NID_sha384,
NID_sha384WithRSAEncryption, NID_sha384WithRSAEncryption,
SHA384_DIGEST_LENGTH, SHA384_DIGEST_LENGTH,
EVP_MD_FLAG_FIPS, 0,
init384, init384,
update512, update512,
final512, final512,
NULL, NULL,
NULL, NULL,
EVP_PKEY_RSA_fips_method, EVP_PKEY_RSA_method,
SHA512_CBLOCK, SHA512_CBLOCK,
sizeof(EVP_MD *)+sizeof(SHA512_CTX), sizeof(EVP_MD *)+sizeof(SHA512_CTX),
}; };
@@ -197,13 +189,13 @@ static const EVP_MD sha512_md=
NID_sha512, NID_sha512,
NID_sha512WithRSAEncryption, NID_sha512WithRSAEncryption,
SHA512_DIGEST_LENGTH, SHA512_DIGEST_LENGTH,
EVP_MD_FLAG_FIPS, 0,
init512, init512,
update512, update512,
final512, final512,
NULL, NULL,
NULL, NULL,
EVP_PKEY_RSA_fips_method, EVP_PKEY_RSA_method,
SHA512_CBLOCK, SHA512_CBLOCK,
sizeof(EVP_MD *)+sizeof(SHA512_CTX), sizeof(EVP_MD *)+sizeof(SHA512_CTX),
}; };
@@ -211,3 +203,7 @@ static const EVP_MD sha512_md=
const EVP_MD *EVP_sha512(void) const EVP_MD *EVP_sha512(void)
{ return(&sha512_md); } { return(&sha512_md); }
#endif /* ifndef OPENSSL_NO_SHA512 */ #endif /* ifndef OPENSSL_NO_SHA512 */
#endif
#endif

7
crypto/rsa/rsa.h
View File

@@ -323,13 +323,6 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_length,
int RSA_verify(int type, const unsigned char *m, unsigned int m_length, int RSA_verify(int type, const unsigned char *m, unsigned int m_length,
unsigned char *sigbuf, unsigned int siglen, RSA *rsa); unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
#ifdef OPENSSL_FIPS
int FIPS_rsa_sign(int type, const unsigned char *m, unsigned int m_length,
unsigned char *sigret, unsigned int *siglen, RSA *rsa);
int FIPS_rsa_verify(int type, const unsigned char *m, unsigned int m_length,
unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
#endif
/* The following 2 function sign and verify a ASN1_OCTET_STRING /* The following 2 function sign and verify a ASN1_OCTET_STRING
* object inside PKCS#1 padded RSA encryption */ * object inside PKCS#1 padded RSA encryption */
int RSA_sign_ASN1_OCTET_STRING(int type, int RSA_sign_ASN1_OCTET_STRING(int type,

4
fips-1.0/dsa/Makefile
View File

@@ -23,9 +23,9 @@ APPS=
LIB=$(TOP)/libcrypto.a LIB=$(TOP)/libcrypto.a
LIBSRC=fips_dsa_ossl.c fips_dsa_gen.c fips_dsa_selftest.c fips_dsa_key.c \ LIBSRC=fips_dsa_ossl.c fips_dsa_gen.c fips_dsa_selftest.c fips_dsa_key.c \
fips_dsa_lib.c fips_dsa_lib.c fips_dsa_sign.c
LIBOBJ=fips_dsa_ossl.o fips_dsa_gen.o fips_dsa_selftest.o fips_dsa_key.o \ LIBOBJ=fips_dsa_ossl.o fips_dsa_gen.o fips_dsa_selftest.o fips_dsa_key.o \
fips_dsa_lib.o fips_dsa_lib.o fips_dsa_sign.o
SRC= $(LIBSRC) SRC= $(LIBSRC)

82
fips-1.0/dsa/fips_dsa_selftest.c
View File

@@ -61,6 +61,7 @@
#include <openssl/dsa.h> #include <openssl/dsa.h>
#include <openssl/fips.h> #include <openssl/fips.h>
#include <openssl/err.h> #include <openssl/err.h>
#include <openssl/evp.h>
#ifdef OPENSSL_FIPS #ifdef OPENSSL_FIPS
@@ -109,74 +110,65 @@ void FIPS_corrupt_dsa()
int FIPS_selftest_dsa() int FIPS_selftest_dsa()
{ {
DSA *dsa=NULL; DSA *dsa=NULL;
int counter,i,j; int counter,i,j, ret = 0;
unsigned int slen;
unsigned char buf[256]; unsigned char buf[256];
unsigned long h; unsigned long h;
EVP_MD_CTX mctx;
EVP_PKEY pk;
DSA_SIG *sig = NULL; EVP_MD_CTX_init(&mctx);
dsa = FIPS_dsa_new(); dsa = FIPS_dsa_new();
if(dsa == NULL) if(dsa == NULL)
{ goto err;
FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED);
return 0;
}
if(!DSA_generate_parameters_ex(dsa, 512,seed,20,&counter,&h,NULL)) if(!DSA_generate_parameters_ex(dsa, 512,seed,20,&counter,&h,NULL))
{ goto err;
FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED);
return 0;
}
if (counter != 105) if (counter != 105)
{ goto err;
FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED);
return 0;
}
if (h != 2) if (h != 2)
{ goto err;
FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED);
return 0;
}
i=BN_bn2bin(dsa->q,buf); i=BN_bn2bin(dsa->q,buf);
j=sizeof(out_q); j=sizeof(out_q);
if (i != j || memcmp(buf,out_q,i) != 0) if (i != j || memcmp(buf,out_q,i) != 0)
{ goto err;
FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED);
return 0;
}
i=BN_bn2bin(dsa->p,buf); i=BN_bn2bin(dsa->p,buf);
j=sizeof(out_p); j=sizeof(out_p);
if (i != j || memcmp(buf,out_p,i) != 0) if (i != j || memcmp(buf,out_p,i) != 0)
{ goto err;
FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED);
return 0;
}
i=BN_bn2bin(dsa->g,buf); i=BN_bn2bin(dsa->g,buf);
j=sizeof(out_g); j=sizeof(out_g);
if (i != j || memcmp(buf,out_g,i) != 0) if (i != j || memcmp(buf,out_g,i) != 0)
{ goto err;
FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED);
return 0;
}
DSA_generate_key(dsa); DSA_generate_key(dsa);
sig = DSA_do_sign(str1, 20, dsa); pk.type = EVP_PKEY_DSA;
pk.pkey.dsa = dsa;
if (sig) if (!EVP_SignInit_ex(&mctx, EVP_dss1(), NULL))
{ goto err;
i = DSA_do_verify(str1, 20, sig, dsa); if (!EVP_SignUpdate(&mctx, str1, 20))
DSA_SIG_free(sig); goto err;
} if (!EVP_SignFinal(&mctx, buf, &slen, &pk))
else goto err;
i = 0;
if (i != 1) if (!EVP_VerifyInit_ex(&mctx, EVP_dss1(), NULL))
{ goto err;
FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED); if (!EVP_VerifyUpdate(&mctx, str1, 20))
return 0; goto err;
} if (EVP_VerifyFinal(&mctx, buf, slen, &pk) != 1)
FIPS_dsa_free(dsa); goto err;
return 1;
ret = 1;
err:
EVP_MD_CTX_cleanup(&mctx);
if (dsa)
FIPS_dsa_free(dsa);
if (ret == 0)
FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED);
return ret;
} }
#endif #endif

35
fips-1.0/dsa/fips_dsatest.c
View File

@@ -139,20 +139,21 @@ static const unsigned char rnd_key2[]="abcdefgh";
int main(int argc, char **argv) int main(int argc, char **argv)
{ {
DSA *dsa=NULL; DSA *dsa=NULL;
EVP_PKEY pk;
int counter,ret=0,i,j; int counter,ret=0,i,j;
unsigned int slen;
unsigned char buf[256]; unsigned char buf[256];
unsigned long h; unsigned long h;
DSA_SIG *sig = NULL;
BN_GENCB cb; BN_GENCB cb;
EVP_MD_CTX mctx;
BN_GENCB_set(&cb, dsa_cb, stderr); BN_GENCB_set(&cb, dsa_cb, stderr);
EVP_MD_CTX_init(&mctx);
#ifdef OPENSSL_FIPS
if(!FIPS_mode_set(1)) if(!FIPS_mode_set(1))
{ {
do_print_errors(); do_print_errors();
EXIT(1); EXIT(1);
} }
#endif
#if 0 #if 0
CRYPTO_malloc_debug_init(); CRYPTO_malloc_debug_init();
CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL); CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
@@ -214,22 +215,30 @@ int main(int argc, char **argv)
goto end; goto end;
} }
DSA_generate_key(dsa); DSA_generate_key(dsa);
pk.type = EVP_PKEY_DSA;
pk.pkey.dsa = dsa;
sig = DSA_do_sign(str1, 20, dsa); if (!EVP_SignInit_ex(&mctx, EVP_dss1(), NULL))
goto end;
if (!EVP_SignUpdate(&mctx, str1, 20))
goto end;
if (!EVP_SignFinal(&mctx, buf, &slen, &pk))
goto end;
if (!EVP_VerifyInit_ex(&mctx, EVP_dss1(), NULL))
goto end;
if (!EVP_VerifyUpdate(&mctx, str1, 20))
goto end;
if (EVP_VerifyFinal(&mctx, buf, slen, &pk) != 1)
goto end;
ret = 1;
if (sig)
{
i = DSA_do_verify(str1, 20, sig, dsa);
DSA_SIG_free(sig);
}
else
i = 0;
if (i == 1)
ret=1;
end: end:
if (!ret) if (!ret)
do_print_errors(); do_print_errors();
if (dsa != NULL) FIPS_dsa_free(dsa); if (dsa != NULL) FIPS_dsa_free(dsa);
EVP_MD_CTX_cleanup(&mctx);
#if 0 #if 0
CRYPTO_mem_leaks(bio_err); CRYPTO_mem_leaks(bio_err);
#endif #endif

42
fips-1.0/dsa/fips_dssvs.c
View File

@@ -14,6 +14,7 @@ int main()
#include <openssl/dsa.h> #include <openssl/dsa.h>
#include <openssl/fips.h> #include <openssl/fips.h>
#include <openssl/err.h> #include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/fips_sha.h> #include <openssl/fips_sha.h>
#include <string.h> #include <string.h>
#include <ctype.h> #include <ctype.h>
@@ -179,21 +180,34 @@ void siggen()
else if(!strcmp(keyword,"Msg")) else if(!strcmp(keyword,"Msg"))
{ {
unsigned char msg[1024]; unsigned char msg[1024];
unsigned char hash[20]; unsigned char sbuf[60];
unsigned int slen;
int n; int n;
EVP_PKEY pk;
EVP_MD_CTX mctx;
DSA_SIG *sig; DSA_SIG *sig;
EVP_MD_CTX_init(&mctx);
n=hex2bin(value,msg); n=hex2bin(value,msg);
pv("Msg",msg,n); pv("Msg",msg,n);
DSA_generate_key(dsa); DSA_generate_key(dsa);
pk.type = EVP_PKEY_DSA;
pk.pkey.dsa = dsa;
pbn("Y",dsa->pub_key); pbn("Y",dsa->pub_key);
SHA1(msg,n,hash); EVP_SignInit_ex(&mctx, EVP_dss1(), NULL);
sig=DSA_do_sign(hash,sizeof hash,dsa); EVP_SignUpdate(&mctx, msg, n);
EVP_SignFinal(&mctx, sbuf, &slen, &pk);
sig = DSA_SIG_new();
FIPS_dsa_sig_decode(sig, sbuf, slen);
pbn("R",sig->r); pbn("R",sig->r);
pbn("S",sig->s); pbn("S",sig->s);
putc('\n',stdout); putc('\n',stdout);
EVP_MD_CTX_cleanup(&mctx);
FIPS_dsa_free(dsa);
} }
} }
} }
@@ -203,6 +217,8 @@ void sigver()
DSA *dsa=NULL; DSA *dsa=NULL;
char buf[1024]; char buf[1024];
char lbuf[1024]; char lbuf[1024];
unsigned char msg[1024];
int n;
char *keyword, *value; char *keyword, *value;
int nmod=0; int nmod=0;
unsigned char hash[20]; unsigned char hash[20];
@@ -241,8 +257,6 @@ void sigver()
} }
else if(!strcmp(keyword,"Msg")) else if(!strcmp(keyword,"Msg"))
{ {
unsigned char msg[1024];
int n;
n=hex2bin(value,msg); n=hex2bin(value,msg);
pv("Msg",msg,n); pv("Msg",msg,n);
@@ -254,13 +268,27 @@ void sigver()
sig->r=hex2bn(value); sig->r=hex2bn(value);
else if(!strcmp(keyword,"S")) else if(!strcmp(keyword,"S"))
{ {
EVP_MD_CTX mctx;
EVP_PKEY pk;
unsigned char sigbuf[60];
unsigned int slen;
int r;
EVP_MD_CTX_init(&mctx);
pk.type = EVP_PKEY_DSA;
pk.pkey.dsa = dsa;
sig->s=hex2bn(value); sig->s=hex2bn(value);
pbn("Y",dsa->pub_key); pbn("Y",dsa->pub_key);
pbn("R",sig->r); pbn("R",sig->r);
pbn("S",sig->s); pbn("S",sig->s);
printf("Result = %c\n",DSA_do_verify(hash,sizeof hash,sig,dsa)
? 'P' : 'F'); slen = FIPS_dsa_sig_encode(sigbuf, sig);
EVP_VerifyInit_ex(&mctx, EVP_dss1(), NULL);
EVP_VerifyUpdate(&mctx, msg, n);
r = EVP_VerifyFinal(&mctx, sigbuf, slen, &pk);
EVP_MD_CTX_cleanup(&mctx);
printf("Result = %c\n", r == 1 ? 'P' : 'F');
putc('\n',stdout); putc('\n',stdout);
} }
} }

153
fips-1.0/rsa/fips_rsa_sign.c
View File

@@ -60,6 +60,9 @@
#include <openssl/evp.h> #include <openssl/evp.h>
#include <openssl/rsa.h> #include <openssl/rsa.h>
#include <openssl/err.h> #include <openssl/err.h>
#include <openssl/sha.h>
#ifdef OPENSSL_FIPS
/* FIPS versions of RSA_sign() and RSA_verify(). /* FIPS versions of RSA_sign() and RSA_verify().
* These will only have to deal with SHA* signatures and by including * These will only have to deal with SHA* signatures and by including
@@ -123,7 +126,7 @@ static const unsigned char *fips_digestinfo_encoding(int nid, unsigned int *len)
} }
} }
int FIPS_rsa_sign(int type, const unsigned char *m, unsigned int m_len, static int fips_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
unsigned char *sigret, unsigned int *siglen, RSA *rsa) unsigned char *sigret, unsigned int *siglen, RSA *rsa)
{ {
int i,j,ret=1; int i,j,ret=1;
@@ -161,7 +164,8 @@ int FIPS_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
return(0); return(0);
} }
j=RSA_private_encrypt(i,tmpdinfo,sigret,rsa,RSA_PKCS1_PADDING); /* NB: call underlying method directly to avoid FIPS blocking */
j=rsa->meth->rsa_priv_enc(i,tmpdinfo,sigret,rsa,RSA_PKCS1_PADDING);
if (j <= 0) if (j <= 0)
ret=0; ret=0;
else else
@@ -171,8 +175,9 @@ int FIPS_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
return(ret); return(ret);
} }
int FIPS_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len, static int fips_rsa_verify(int dtype,
unsigned char *sigbuf, unsigned int siglen, RSA *rsa) const unsigned char *m, unsigned int m_len,
unsigned char *sigbuf, unsigned int siglen, RSA *rsa)
{ {
int i,ret=0; int i,ret=0;
unsigned int dlen; unsigned int dlen;
@@ -198,7 +203,8 @@ int FIPS_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len,
goto err; goto err;
} }
i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING); /* NB: call underlying method directly to avoid FIPS blocking */
i=rsa->meth->rsa_pub_dec((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
if (i <= 0) goto err; if (i <= 0) goto err;
@@ -229,3 +235,140 @@ err:
} }
return(ret); return(ret);
} }
#define EVP_PKEY_RSA_fips_method \
(evp_sign_method *)fips_rsa_sign, \
(evp_verify_method *)fips_rsa_verify, \
{EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
static int init(EVP_MD_CTX *ctx)
{ return SHA1_Init(ctx->md_data); }
static int update(EVP_MD_CTX *ctx,const void *data,size_t count)
{ return SHA1_Update(ctx->md_data,data,count); }
static int final(EVP_MD_CTX *ctx,unsigned char *md)
{ return SHA1_Final(md,ctx->md_data); }
static const EVP_MD sha1_md=
{
NID_sha1,
NID_sha1WithRSAEncryption,
SHA_DIGEST_LENGTH,
EVP_MD_FLAG_FIPS,
init,
update,
final,
NULL,
NULL,
EVP_PKEY_RSA_fips_method,
SHA_CBLOCK,
sizeof(EVP_MD *)+sizeof(SHA_CTX),
};
const EVP_MD *EVP_sha1(void)
{
return(&sha1_md);
}
static int init224(EVP_MD_CTX *ctx)
{ return SHA224_Init(ctx->md_data); }
static int init256(EVP_MD_CTX *ctx)
{ return SHA256_Init(ctx->md_data); }
/*
* Even though there're separate SHA224_[Update|Final], we call
* SHA256 functions even in SHA224 context. This is what happens
* there anyway, so we can spare few CPU cycles:-)
*/
static int update256(EVP_MD_CTX *ctx,const void *data,size_t count)
{ return SHA256_Update(ctx->md_data,data,count); }
static int final256(EVP_MD_CTX *ctx,unsigned char *md)
{ return SHA256_Final(md,ctx->md_data); }
static const EVP_MD sha224_md=
{
NID_sha224,
NID_sha224WithRSAEncryption,
SHA224_DIGEST_LENGTH,
EVP_MD_FLAG_FIPS,
init224,
update256,
final256,
NULL,
NULL,
EVP_PKEY_RSA_fips_method,
SHA256_CBLOCK,
sizeof(EVP_MD *)+sizeof(SHA256_CTX),
};
const EVP_MD *EVP_sha224(void)
{ return(&sha224_md); }
static const EVP_MD sha256_md=
{
NID_sha256,
NID_sha256WithRSAEncryption,
SHA256_DIGEST_LENGTH,
EVP_MD_FLAG_FIPS,
init256,
update256,
final256,
NULL,
NULL,
EVP_PKEY_RSA_fips_method,
SHA256_CBLOCK,
sizeof(EVP_MD *)+sizeof(SHA256_CTX),
};
const EVP_MD *EVP_sha256(void)
{ return(&sha256_md); }
static int init384(EVP_MD_CTX *ctx)
{ return SHA384_Init(ctx->md_data); }
static int init512(EVP_MD_CTX *ctx)
{ return SHA512_Init(ctx->md_data); }
/* See comment in SHA224/256 section */
static int update512(EVP_MD_CTX *ctx,const void *data,size_t count)
{ return SHA512_Update(ctx->md_data,data,count); }
static int final512(EVP_MD_CTX *ctx,unsigned char *md)
{ return SHA512_Final(md,ctx->md_data); }
static const EVP_MD sha384_md=
{
NID_sha384,
NID_sha384WithRSAEncryption,
SHA384_DIGEST_LENGTH,
EVP_MD_FLAG_FIPS,
init384,
update512,
final512,
NULL,
NULL,
EVP_PKEY_RSA_fips_method,
SHA512_CBLOCK,
sizeof(EVP_MD *)+sizeof(SHA512_CTX),
};
const EVP_MD *EVP_sha384(void)
{ return(&sha384_md); }
static const EVP_MD sha512_md=
{
NID_sha512,
NID_sha512WithRSAEncryption,
SHA512_DIGEST_LENGTH,
EVP_MD_FLAG_FIPS,
init512,
update512,
final512,
NULL,
NULL,
EVP_PKEY_RSA_fips_method,
SHA512_CBLOCK,
sizeof(EVP_MD *)+sizeof(SHA512_CTX),
};
const EVP_MD *EVP_sha512(void)
{ return(&sha512_md); }
#endif