typo

some versions of Windows.

CHANGES

@@ -4,6 +4,9 @@
 
  Changes between 1.0.1 and 1.1.0  [xx XXX xxxx]
 
+  *) Add flag to EC_KEY to use cofactor ECDH if set.
+     [Steve Henson]
+
   *) Update fips_test_suite to support multiple command line options. New
      test to induce all self test errors in sequence and check expected
      failures.

Makefile.fips

@@ -524,8 +524,8 @@ files:
 links:
 	@$(PERL) $(TOP)/util/mkdir-p.pl include/openssl
 	@$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER)
-	@set -e; dir=fips target=links; $(RECURSIVE_BUILD_CMD)
-	@(cd crypto ; SDIRS='$(LINKDIRS)' $(MAKE) -e links)
+	@set -e; dir=fips target=links; $(BUILD_ONE_CMD)
+	@(cd crypto ; TEST='' SDIRS='$(LINKDIRS)' $(MAKE) -e links)
 
 gentests:
 	@(cd test && echo "generating dummy tests (if needed)..." && \

crypto/bn/asm/mips.pl

@@ -267,7 +267,7 @@ ___
 $code.=<<___;
 	jr	$ra
 	move	$a0,$v0
-.end	bn_mul_add_words
+.end	bn_mul_add_words_internal
 
 .align	5
 .globl	bn_mul_words
@@ -778,7 +778,7 @@ ___
 $code.=<<___;
 	jr	$ra
 	move	$a0,$v0
-.end	bn_sub_words
+.end	bn_sub_words_internal
 
 .align 5
 .globl	bn_div_3_words

crypto/cryptlib.c

@@ -359,7 +359,15 @@ void OPENSSL_showfatal (const char *fmta,...)
 { va_list ap;
 
     va_start (ap,fmta);
+#if defined(OPENSSL_SYS_VXWORKS)
+    {
+	char buf[256];
+	vsnprintf(buf,sizeof(buf),fmta,ap);
+	printf("%s",buf);
+    }
+#else 
     vfprintf (stderr,fmta,ap);
+#endif
     va_end (ap);
 }
 int OPENSSL_isservice (void) { return 0; }

crypto/dsa/dsa_gen.c

@@ -666,7 +666,13 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
 			/* "offset = offset + n + 1" */
 
 			/* step 14 */
-			if (counter >= 4096) break;
+			if (counter >= (int)(4 * L)) break;
+			}
+		if (seed_in)
+			{
+			ok = 0;
+			DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN2, DSA_R_INVALID_PARAMETERS);
+			goto err;
 			}
 		}
 end:

crypto/ecdh/ecdh.h

@@ -85,6 +85,8 @@
 extern "C" {
 #endif
 
+#define EC_FLAG_COFACTOR_ECDH	0x1000
+
 const ECDH_METHOD *ECDH_OpenSSL(void);
 
 void	  ECDH_set_default_method(const ECDH_METHOD *);

crypto/ecdh/ech_ossl.c

@@ -146,6 +146,18 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
 		}
 
 	group = EC_KEY_get0_group(ecdh);
+
+	if (EC_KEY_get_flags(ecdh) & EC_FLAG_COFACTOR_ECDH)
+		{
+		if (!EC_GROUP_get_cofactor(group, x, ctx) ||
+			!BN_mul(x, x, priv_key, ctx))
+			{
+			ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
+			goto err;
+			}
+		priv_key = x;
+		}
+
 	if ((tmp=EC_POINT_new(group)) == NULL)
 		{
 		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE);

crypto/evp/evp_locl.h

@@ -75,7 +75,7 @@ static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const uns
 	return 1;\
 }
 
-#define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2))
+#define EVP_MAXCHUNK ((size_t)1<<(sizeof(int)*8-2))
 
 #define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \
 static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \

crypto/x86cpuid.pl

@@ -119,8 +119,6 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
 	&mov	("esi","edx");
 	&or	("ebp","ecx");		# merge AMD XOP flag
 
-	&bt	("ecx",26);		# check XSAVE bit
-	&jnc	(&label("done"));
 	&bt	("ecx",27);		# check OSXSAVE bit
 	&jnc	(&label("clear_avx"));
 	&xor	("ecx","ecx");

fips/dh/fips_dhvs.c

@@ -279,6 +279,10 @@ int main(int argc, char **argv)
 							rhash, rhashlen);
 			}
 		}
+	if (in && in != stdin)
+		fclose(in);
+	if (out && out != stdout)
+		fclose(out);
 	return 0;
 	parse_error:
 	fprintf(stderr, "Error Parsing request file\n");

fips/ecdh/fips_ecdh_selftest.c

@@ -166,6 +166,7 @@ int FIPS_selftest_ecdh(void)
 			rv = -1;
 			goto err;
 			}
+		EC_KEY_set_flags(ec1, EC_FLAG_COFACTOR_ECDH);
 
 		if (!EC_KEY_set_public_key_affine_coordinates(ec1, x, y))
 			{
@@ -194,6 +195,7 @@ int FIPS_selftest_ecdh(void)
 			rv = -1;
 			goto err;
 			}
+		EC_KEY_set_flags(ec1, EC_FLAG_COFACTOR_ECDH);
 
 		if (!EC_KEY_set_public_key_affine_coordinates(ec2, x, y))
 			{

fips/ecdh/fips_ecdhvs.c

@@ -261,6 +261,7 @@ static void ec_output_Zhash(FILE *out, int exout, EC_GROUP *group,
 	unsigned char chash[EVP_MAX_MD_SIZE];
 	int Zlen;
 	ec = EC_KEY_new();
+	EC_KEY_set_flags(ec, EC_FLAG_COFACTOR_ECDH);
 	EC_KEY_set_group(ec, group);
 	peerkey = make_peer(group, cx, cy);
 	if (rhash == NULL)
@@ -483,6 +484,10 @@ int main(int argc, char **argv)
 		BN_free(cy);
 	if (group)
 		EC_GROUP_free(group);
+	if (in && in != stdin)
+		fclose(in);
+	if (out && out != stdout)
+		fclose(out);
 	if (rv)
 		fprintf(stderr, "Error Parsing request file\n");
 	return rv;

fips/fips_locl.h

@@ -67,8 +67,8 @@ int fips_post_failed(int id, int subid, void *ex);
 int fips_post_corrupt(int id, int subid, void *ex);
 int fips_post_status(void);
 
-#define FIPS_MODULE_VERSION_NUMBER	0x20000003L
-#define FIPS_MODULE_VERSION_TEXT	"FIPS 2.0-rc3 unvalidated test module xx XXX xxxx"
+#define FIPS_MODULE_VERSION_NUMBER	0x20000008L
+#define FIPS_MODULE_VERSION_TEXT	"FIPS 2.0-rc8 unvalidated test module xx XXX xxxx"
 
 #ifdef  __cplusplus
 }

fips/fips_test_suite.c

@@ -650,6 +650,13 @@ static size_t drbg_test_cb(DRBG_CTX *ctx, unsigned char **pout,
 	return (min_len + 0xf) & ~0xf;
 	}
 
+/* Callback which returns 0 to indicate entropy source failure */
+static size_t drbg_fail_cb(DRBG_CTX *ctx, unsigned char **pout,
+                                int entropy, size_t min_len, size_t max_len)
+	{
+	return 0;
+	}
+
 /* DRBG test: just generate lots of data and trigger health checks */
 
 static int do_drbg_test(int type, int flags)
@@ -1036,7 +1043,7 @@ static int do_fail_all(int fullpost, int fullerr)
 	size_t i;
 	RSA *rsa = NULL;
 	DSA *dsa = NULL;
-	DRBG_CTX *dctx = NULL;
+	DRBG_CTX *dctx = NULL, *defctx = NULL;
 	EC_KEY *ec = NULL;
 	BIGNUM *bn = NULL;
 	unsigned char out[10];
@@ -1133,6 +1140,9 @@ static int do_fail_all(int fullpost, int fullerr)
 	else
 		printf("\tECDSA key generation failed as expected.\n");
 
+	FIPS_ec_key_free(ec);
+	ec = NULL;
+
 	fail_id = -1;
 	fail_sub = -1;
 	fail_key = -1;
@@ -1241,6 +1251,63 @@ static int do_fail_all(int fullpost, int fullerr)
 		printf("\tX9.31 continuous PRNG failed as expected\n");
 	FIPS_x931_stick(0);
 
+	/* Leave FIPS mode to clear error */
+	FIPS_module_mode_set(0, NULL);
+	/* Enter FIPS mode successfully */
+	if (!FIPS_module_mode_set(1, FIPS_AUTH_USER_PASS))
+		{
+		printf("\tError entering FIPS mode\n");
+		st_err++;
+		}
+
+	printf("    Testing operation failure with DRBG entropy failure\n");
+
+	/* Generate DSA key for later use */
+    	if (DSA_generate_key(dsa))
+		printf("\tDSA key generated OK as expected.\n");
+	else
+		{
+		printf("\tDSA key generation FAILED!!\n");
+		st_err++;
+		}
+
+	/* Initialise default DRBG context */
+	defctx = FIPS_get_default_drbg();
+	if (!defctx)
+		return 0;
+	if (!FIPS_drbg_init(defctx, NID_sha512, 0))
+		return 0;
+	/* Set entropy failure callback */
+	FIPS_drbg_set_callbacks(defctx, drbg_fail_cb, 0, 0x10, drbg_test_cb, 0);
+	if (FIPS_drbg_instantiate(defctx, dummy_drbg_entropy, 10))
+		{
+		printf("\tDRBG entropy fail OK incorrectly!!\n");
+		st_err++;
+		}
+	else
+		printf("\tDRBG entropy fail failed as expected\n");
+
+	if (FIPS_dsa_sign(dsa, dummy_drbg_entropy, 5, EVP_sha256()))
+		{
+		printf("\tDSA signing OK incorrectly!!\n");
+		st_err++;
+		}
+	else
+		printf("\tDSA signing failed as expected\n");
+
+	ec = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+
+	if (!ec)
+		return 0;
+
+    	if (EC_KEY_generate_key(ec))
+		{
+		printf("\tECDSA key generated OK incorrectly!!\n");
+		st_err++;
+		}
+	else
+		printf("\tECDSA key generation failed as expected.\n");
+
 	printf("  Induced failure test completed with %d errors\n", st_err);
 	post_quiet = 0; 
 	no_err = 0;

util/fipsas.pl

@@ -8,6 +8,9 @@ my @ARGS = @ARGV;
 
 my $top = shift @ARGS;
 my $target = shift @ARGS;
+my $tmptarg = $target;
+
+$tmptarg =~ s/\.[^\\\/\.]+$/.tmp/;
 
 my $runasm = 1;
 
@@ -48,11 +51,22 @@ while (<IN>)
 
 my ($from, $to);
 
+#delete any temp file lying around
+
+unlink $tmptarg;
+
 #rename target temporarily
-rename($target, "tmptarg.s") || die "Can't rename $target";
+my $rencnt = 0;
+# On windows the previous file doesn't always close straight away
+# so retry the rename operation a few times if it fails.
+while (!rename($target, $tmptarg))
+        {
+        sleep 2;
+        die "Can't rename $target" if ($rencnt++ > 10);
+        }
 
 #edit target
-open(IN,"tmptarg.s") || die "Can't open temporary file";
+open(IN,$tmptarg) || die "Can't open temporary file";
 open(OUT, ">$target") || die "Can't open output file $target";
 
 while (<IN>)
@@ -75,16 +89,12 @@ if ($runasm)
 
 	# restore target
 	unlink $target;
-	rename "tmptarg.s", $target;
+	rename $tmptarg, $target;
 
 	die "Error executing assembler!" if $rv != 0;
 	}
 else
 	{
 	# Don't care about target
-	unlink "tmptarg.s";
+	unlink $tmptarg;
 	}
-
-
-
-

util/fipslink.pl

@@ -57,6 +57,15 @@ print "$fips_cc -DHMAC_SHA1_SIG=\\\"$fips_hash\\\" $fips_cc_args $fips_libdir/fi
 system "$fips_cc -DHMAC_SHA1_SIG=\\\"$fips_hash\\\" $fips_cc_args $fips_libdir/fips_premain.c";
 die "Second stage Compile failure" if $? != 0;
 
+my $delcnt = 0;
+# On windows the previous file doesn't always close straight away
+# so retry an unlink operation a few times if it fails.
+while (!unlink($fips_target))
+        {
+        sleep 2;
+        die "Can't delete $fips_target" if ($delcnt++ > 10);
+        }
+
 
 print "$fips_link @ARGV\n";
 system "$fips_link @ARGV";

util/mklink.pl

@@ -52,6 +52,7 @@ my $to = join('/', @to_path);
 my $file;
 $symlink_exists=eval {symlink("",""); 1};
 if ($^O eq "msys") { $symlink_exists=0 };
+if ($^O eq "MSWin32") { $symlink_exists=0 };
 foreach $file (@files) {
     my $err = "";
     if ($symlink_exists) {

util/point.sh

@@ -1,7 +1,7 @@
 #!/bin/sh
 
 rm -f "$2"
-if test "$OSTYPE" = msdosdjgpp || test "x$PLATFORM" = xmingw ; then
+if test "$OSTYPE" = msdosdjgpp || test "x$PLATFORM" = xmingw || test "x$OS" = xWindows_NT ; then
     cp "$1" "$2"
 else
     ln -s "$1" "$2"