fclose streams in fips_drbvs.c

Produced error message for unsupported curves in fips_ecdhvs.c

CHANGES

@@ -4,6 +4,20 @@
 
  Changes between 1.0.1 and 1.1.0  [xx XXX xxxx]
 
+  *) Update fips_test_suite to support multiple command line options. New
+     test to induce all self test errors in sequence and check expected
+     failures.
+     [Steve Henson]
+
+  *) Add FIPS_{rsa,dsa,ecdsa}_{sign,verify} functions which digest and
+     sign or verify all in one operation.
+     [Steve Henson]
+
+  *) Add fips_algvs: a multicall fips utility incorporaing all the algorithm
+     test programs and fips_test_suite. Includes functionality to parse
+     the minimal script output of fipsalgest.pl directly.
+     [Steve Henson]
+
   *) Add authorisation parameter to FIPS_module_mode_set().
      [Steve Henson]
 

Configure

@@ -578,6 +578,8 @@ my %table=(
 "debug-darwin-i386-cc","cc:-arch i386 -g3 -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR:${x86_asm}:macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
 "darwin64-x86_64-cc","cc:-arch x86_64 -O3 -DL_ENDIAN -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
 "debug-darwin-ppc-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DB_ENDIAN -g -Wall -O::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc32_asm}:osx32:dlfcn:darwin-shared:-fPIC:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+# iPhoneOS/iOS
+"iphoneos-cross","llvm-gcc:-O3 -isysroot \$(CROSS_TOP)/SDKs/\$(CROSS_SDK) -fomit-frame-pointer -fno-common::-D_REENTRANT:iOS:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:darwin-shared:-fPIC -fno-common:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
 
 ##### A/UX
 "aux3-gcc","gcc:-O2 -DTERMIO::(unknown):AUX:-lbsd:RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",
@@ -906,6 +908,7 @@ EOF
 				}
 			elsif (/^-[^-]/ or /^\+/)
 				{
+				$_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei;
 				$flags.=$_." ";
 				}
 			elsif (/^--prefix=(.*)$/)

Makefile.fips

@@ -387,6 +387,8 @@ build_apps:
 	@dir=apps; target=all; $(BUILD_ONE_CMD)
 build_tests:
 	@dir=test; target=fipsexe; $(BUILD_ONE_CMD)
+build_algvs:
+	@dir=test; target=fipsalgvs; $(BUILD_ONE_CMD)
 build_tools:
 	@dir=tools; target=all; $(BUILD_ONE_CMD)
 
@@ -536,9 +538,7 @@ dclean:
 test:   tests
 
 tests:
-	@(cd test && echo "testing..." && \
-	$(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf tests );
-	OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a
+	@echo "Not implemented in FIPS build" ; false
 
 report:
 	@$(PERL) util/selftest.pl

TABLE

@@ -3465,6 +3465,39 @@ $ranlib       =
 $arflags      = 
 $multilib     = 
 
+*** iphoneos-cross
+$cc           = llvm-gcc
+$cflags       = -O3 -isysroot $(CROSS_TOP)/SDKs/$(CROSS_SDK) -fomit-frame-pointer -fno-common
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = iOS
+$lflags       = -Wl,-search_paths_first%
+$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
+$cpuid_obj    = 
+$bn_obj       = 
+$des_obj      = 
+$aes_obj      = 
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = 
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$modes_obj    = 
+$engines_obj  = 
+$perlasm_scheme = void
+$dso_scheme   = dlfcn
+$shared_target= darwin-shared
+$shared_cflag = -fPIC -fno-common
+$shared_ldflag = -dynamiclib
+$shared_extension = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
+$ranlib       = 
+$arflags      = 
+$multilib     = 
+
 *** irix-cc
 $cc           = cc
 $cflags       = -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN

config

@@ -538,7 +538,7 @@ case "$GUESSOS" in
   ppc-apple-rhapsody) OUT="rhapsody-ppc-cc" ;;
   ppc-apple-darwin*)
 	ISA64=`(sysctl -n hw.optional.64bitops) 2>/dev/null`
-	if [ "$ISA64" = "1" ]; then
+	if [ "$ISA64" = "1" -a -z "$KERNEL_BITS" ]; then
 	    echo "WARNING! If you wish to build 64-bit library, then you have to"
 	    echo "         invoke './Configure darwin64-ppc-cc' *manually*."
 	    if [ "$TEST" = "false" -a -t 1 ]; then
@@ -546,10 +546,14 @@ case "$GUESSOS" in
 	      (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
 	    fi
 	fi
-	OUT="darwin-ppc-cc" ;;
+	if [ "$ISA64" = "1" -a "$KERNEL_BITS" = "64" ]; then
+	    OUT="darwin64-ppc-cc"
+	else
+	    OUT="darwin-ppc-cc"
+	fi ;;
   i?86-apple-darwin*)
 	ISA64=`(sysctl -n hw.optional.x86_64) 2>/dev/null`
-	if [ "$ISA64" = "1" ]; then
+	if [ "$ISA64" = "1" -a -z "$KERNEL_BITS" ]; then
 	    echo "WARNING! If you wish to build 64-bit library, then you have to"
 	    echo "         invoke './Configure darwin64-x86_64-cc' *manually*."
 	    if [ "$TEST" = "false" -a -t 1 ]; then
@@ -557,7 +561,17 @@ case "$GUESSOS" in
 	      (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
 	    fi
 	fi
-	OUT="darwin-i386-cc" ;;
+	if [ "$ISA64" = "1" -a "$KERNEL_BITS" = "64" ]; then
+	    OUT="darwin64-x86_64-cc"
+	else
+	    OUT="darwin-i386-cc"
+	fi ;;
+  armv6+7-*-iphoneos)
+	options="$options -arch%20armv6 -arch%20armv7"
+	OUT="iphoneos-cross" ;;
+  *-*-iphoneos)
+	options="$options -arch%20${MACHINE}"
+	OUT="iphoneos-cross" ;;
   alpha-*-linux2)
         ISA=`awk '/cpu model/{print$4;exit(0);}' /proc/cpuinfo`
 	case ${ISA:-generic} in
@@ -664,7 +678,7 @@ case "$GUESSOS" in
   sun4[uv]*-*-solaris2)
 	OUT="solaris-sparcv9-$CC"
 	ISA64=`(isalist) 2>/dev/null | grep sparcv9`
-	if [ "$ISA64" != "" ]; then
+	if [ "$ISA64" != "" -a "$KERNEL_BITS" = "" ]; then
 	    if [ "$CC" = "cc" -a $CCVER -ge 50 ]; then
 		echo "WARNING! If you wish to build 64-bit library, then you have to"
 		echo "         invoke './Configure solaris64-sparcv9-cc' *manually*."
@@ -694,13 +708,16 @@ case "$GUESSOS" in
 		fi
 	    fi
 	fi
+	if [ "$ISA64" != "" -a "$KERNEL_BITS" = "64" ]; then
+	    OUT="solaris64-sparcv9-$CC"
+	fi
 	;;
   sun4m-*-solaris2)	OUT="solaris-sparcv8-$CC" ;;
   sun4d-*-solaris2)	OUT="solaris-sparcv8-$CC" ;;
   sun4*-*-solaris2)	OUT="solaris-sparcv7-$CC" ;;
   *86*-*-solaris2)
 	ISA64=`(isalist) 2>/dev/null | grep amd64`
-	if [ "$ISA64" != "" ]; then
+	if [ "$ISA64" != "" -a ${KERNEL_BITS:-64} -eq 64 ]; then
 	    OUT="solaris64-x86_64-$CC"
 	else
 	    OUT="solaris-x86-$CC"

crypto/armcap.c

@@ -30,7 +30,7 @@ unsigned int OPENSSL_rdtsc(void)
 	}
 
 #if defined(__GNUC__) && __GNUC__>=2
-void OPENSSL_cpuid_setup(void) __attribute__((constructor))
+void OPENSSL_cpuid_setup(void) __attribute__((constructor));
 #endif
 void OPENSSL_cpuid_setup(void)
 	{

crypto/armv4cpuid.S

@@ -44,7 +44,7 @@ OPENSSL_atomic_add:
 	bne	.Lspin
 
 	ldr	r2,[r4]
-	add	r2,r5
+	add	r2,r2,r5
 	str	r2,[r4]
 	str	r0,[r6]		@ release spinlock
 	ldmia	sp!,{r4-r6,lr}
@@ -59,26 +59,26 @@ OPENSSL_atomic_add:
 OPENSSL_cleanse:
 	eor	ip,ip,ip
 	cmp	r1,#7
-	subhs	r1,#4
+	subhs	r1,r1,#4
 	bhs	.Lot
 	cmp	r1,#0
 	beq	.Lcleanse_done
 .Little:
 	strb	ip,[r0],#1
-	subs	r1,#1
+	subs	r1,r1,#1
 	bhi	.Little
 	b	.Lcleanse_done
 
 .Lot:	tst	r0,#3
 	beq	.Laligned
 	strb	ip,[r0],#1
-	sub	r1,#1
+	sub	r1,r1,#1
 	b	.Lot
 .Laligned:
 	str	ip,[r0],#4
-	subs	r1,#4
+	subs	r1,r1,#4
 	bhs	.Laligned
-	adds	r1,#4
+	adds	r1,r1,#4
 	bne	.Little
 .Lcleanse_done:
 	tst	lr,#1

crypto/bn/asm/armv4-gf2m.pl

@@ -218,38 +218,38 @@ $code.=<<___;
 	mov	$b,r3			@ $b=b1
 	ldr	r3,[sp,#32]		@ load b0
 	mov	$mask,#7<<2
-	sub	sp,#32			@ allocate tab[8]
+	sub	sp,sp,#32		@ allocate tab[8]
 
 	bl	mul_1x1_ialu		@ a1<61>b1
 	str	$lo,[$ret,#8]
 	str	$hi,[$ret,#12]
 
-	eor	$b,r3			@ flip b0 and b1
-	 eor	$a,r2			@ flip a0 and a1
-	eor	r3,$b
-	 eor	r2,$a
-	eor	$b,r3
-	 eor	$a,r2
+	eor	$b,$b,r3		@ flip b0 and b1
+	 eor	$a,$a,r2		@ flip a0 and a1
+	eor	r3,r3,$b
+	 eor	r2,r2,$a
+	eor	$b,$b,r3
+	 eor	$a,$a,r2
 	bl	mul_1x1_ialu		@ a0<61>b0
 	str	$lo,[$ret]
 	str	$hi,[$ret,#4]
 
-	eor	$a,r2
-	eor	$b,r3
+	eor	$a,$a,r2
+	eor	$b,$b,r3
 	bl	mul_1x1_ialu		@ (a1+a0)<29>(b1+b0)
 ___
 @r=map("r$_",(6..9));
 $code.=<<___;
 	ldmia	$ret,{@r[0]-@r[3]}
-	eor	$lo,$hi
-	eor	$hi,@r[1]
-	eor	$lo,@r[0]
-	eor	$hi,@r[2]
-	eor	$lo,@r[3]
-	eor	$hi,@r[3]
+	eor	$lo,$lo,$hi
+	eor	$hi,$hi,@r[1]
+	eor	$lo,$lo,@r[0]
+	eor	$hi,$hi,@r[2]
+	eor	$lo,$lo,@r[3]
+	eor	$hi,$hi,@r[3]
 	str	$hi,[$ret,#8]
-	eor	$lo,$hi
-	add	sp,#32			@ destroy tab[8]
+	eor	$lo,$lo,$hi
+	add	sp,sp,#32		@ destroy tab[8]
 	str	$lo,[$ret,#4]
 
 #if __ARM_ARCH__>=5

crypto/bn/asm/ppc.pl

@@ -952,7 +952,7 @@ $data=<<EOF;
 	addze	r11,r0
 					#mul_add_c(a[3],b[2],c3,c1,c2);
 	$LD	r6,`3*$BNSZ`(r4)
-	$LD	r7,`2*$BNSZ`(r4)
+	$LD	r7,`2*$BNSZ`(r5)
 	$UMULL	r8,r6,r7
 	$UMULH	r9,r6,r7
 	addc	r12,r8,r12

crypto/dsa/dsa.h

@@ -215,6 +215,11 @@ DSA_SIG * FIPS_dsa_sign_ctx(DSA *dsa, EVP_MD_CTX *ctx);
 int FIPS_dsa_verify_digest(DSA *dsa,
 				const unsigned char *dig, int dlen, DSA_SIG *s);
 int FIPS_dsa_verify_ctx(DSA *dsa, EVP_MD_CTX *ctx, DSA_SIG *s);
+int FIPS_dsa_verify(DSA *dsa, const unsigned char *msg, size_t msglen,
+			const EVP_MD *mhash, DSA_SIG *s);
+DSA_SIG * FIPS_dsa_sign(DSA *dsa, const unsigned char *msg, size_t msglen,
+			const EVP_MD *mhash);
+
 #endif
 
 DSA *	DSA_new(void);

crypto/ec/ec2_smpl.c

@@ -556,7 +556,7 @@ int ec_GF2m_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_
 	field_sqr = group->meth->field_sqr;	
 
 	/* only support affine coordinates */
-	if (!point->Z_is_one) goto err;
+	if (!point->Z_is_one) return -1;
 
 	if (ctx == NULL)
 		{

crypto/ecdsa/ecdsa.h

@@ -236,6 +236,11 @@ ECDSA_SIG * FIPS_ecdsa_sign_ctx(EC_KEY *key, EVP_MD_CTX *ctx);
 int FIPS_ecdsa_verify_digest(EC_KEY *key,
 			const unsigned char *dig, int dlen, ECDSA_SIG *s);
 int FIPS_ecdsa_verify_ctx(EC_KEY *key, EVP_MD_CTX *ctx, ECDSA_SIG *s);
+int FIPS_ecdsa_verify(EC_KEY *key, const unsigned char *msg, size_t msglen,
+			const EVP_MD *mhash, ECDSA_SIG *s);
+ECDSA_SIG * FIPS_ecdsa_sign(EC_KEY *key,
+			const unsigned char *msg, size_t msglen,
+			const EVP_MD *mhash);
 #endif
 
 

crypto/evp/e_aes.c

@@ -89,6 +89,10 @@ typedef struct
 	{
 	AES_KEY ks1, ks2;	/* AES key schedules to use */
 	XTS128_CONTEXT xts;
+	void     (*stream)(const unsigned char *in,
+			unsigned char *out, size_t length,
+			const AES_KEY *key1, const AES_KEY *key2,
+			const unsigned char iv[16]);
 	} EVP_AES_XTS_CTX;
 
 typedef struct
@@ -123,6 +127,9 @@ void vpaes_cbc_encrypt(const unsigned char *in,
 			unsigned char *ivec, int enc);
 #endif
 #ifdef BSAES_ASM
+void bsaes_cbc_encrypt(const unsigned char *in, unsigned char *out,
+			size_t length, const AES_KEY *key,
+			unsigned char ivec[16], int enc);
 void bsaes_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
 			size_t len, const AES_KEY *key,
 			const unsigned char ivec[16]);
@@ -337,11 +344,13 @@ static int aesni_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 			{
 			aesni_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1);
 			xctx->xts.block1 = (block128_f)aesni_encrypt;
+			xctx->stream = aesni_xts_encrypt;
 			}
 		else
 			{
 			aesni_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1);
 			xctx->xts.block1 = (block128_f)aesni_decrypt;
+			xctx->stream = aesni_xts_decrypt;
 			}
 
 		aesni_set_encrypt_key(key + ctx->key_len/2,
@@ -360,32 +369,9 @@ static int aesni_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 	return 1;
 	}
 
+#define aesni_xts_cipher aes_xts_cipher
 static int aesni_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-		const unsigned char *in, size_t len)
-	{
-	EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
-	if (!xctx->xts.key1 || !xctx->xts.key2)
-		return -1;
-	if (!out || !in)
-		return -1;
-#ifdef OPENSSL_FIPS
-	/* Requirement of SP800-38E */
-	if (FIPS_module_mode() && !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW) &&
-			(len > (1L<<20)*16))
-		{
-		EVPerr(EVP_F_AESNI_XTS_CIPHER, EVP_R_TOO_LARGE);
-		return -1;
-		}
-#endif
-	if (ctx->encrypt)
-		aesni_xts_encrypt(in, out, len,
-			xctx->xts.key1, xctx->xts.key2, ctx->iv);
-	else
-		aesni_xts_decrypt(in, out, len,
-			xctx->xts.key1, xctx->xts.key2, ctx->iv);
-
-	return len;
-	}
+		const unsigned char *in, size_t len);
 
 static int aesni_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                         const unsigned char *iv, int enc)
@@ -503,6 +489,15 @@ static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 	mode = ctx->cipher->flags & EVP_CIPH_MODE;
 	if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
 	    && !enc)
+#ifdef BSAES_CAPABLE
+	    if (BSAES_CAPABLE && mode==EVP_CIPH_CBC_MODE)
+		{
+		ret = AES_set_decrypt_key(key,ctx->key_len*8,&dat->ks);
+		dat->block	= (block128_f)AES_decrypt;
+		dat->stream.cbc	= (cbc128_f)bsaes_cbc_encrypt;
+		}
+	    else
+#endif
 #ifdef VPAES_CAPABLE
 	    if (VPAES_CAPABLE)
 		{
@@ -1050,6 +1045,7 @@ static int aes_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 
 	if (key) do
 		{
+		xctx->stream = NULL;
 		/* key_len is two AES keys */
 #ifdef VPAES_CAPABLE
 		if (VPAES_CAPABLE)
@@ -1105,22 +1101,25 @@ static int aes_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 	{
 	EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
 	if (!xctx->xts.key1 || !xctx->xts.key2)
-		return -1;
+		return 0;
 	if (!out || !in)
-		return -1;
+		return 0;
 #ifdef OPENSSL_FIPS
 	/* Requirement of SP800-38E */
 	if (FIPS_module_mode() && !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW) &&
-			(len > (1L<<20)*16))
+			(len > (1UL<<20)*16))
 		{
 		EVPerr(EVP_F_AES_XTS_CIPHER, EVP_R_TOO_LARGE);
-		return -1;
+		return 0;
 		}
 #endif
-	if (CRYPTO_xts128_encrypt(&xctx->xts, ctx->iv, in, out, len,
+	if (xctx->stream)
+		(*xctx->stream)(in, out, len,
+				xctx->xts.key1, xctx->xts.key2, ctx->iv);
+	else if (CRYPTO_xts128_encrypt(&xctx->xts, ctx->iv, in, out, len,
 								ctx->encrypt))
-		return -1;
-	return len;
+		return 0;
+	return 1;
 	}
 
 #define aes_xts_cleanup NULL

crypto/x86cpuid.pl

@@ -122,7 +122,7 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
 	&bt	("ecx",26);		# check XSAVE bit
 	&jnc	(&label("done"));
 	&bt	("ecx",27);		# check OSXSAVE bit
-	&jnc	(&label("clear_xmm"));
+	&jnc	(&label("clear_avx"));
 	&xor	("ecx","ecx");
 	&data_byte(0x0f,0x01,0xd0);	# xgetbv
 	&and	("eax",6);

doc/crypto/SSLeay_version.pod

@@ -1,74 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSLeay_version - retrieve version/build information about OpenSSL library
-
-=head1 SYNOPSIS
-
- #include <openssl/crypto.h>
-
- const char *SSLeay_version(int type);
-
-=head1 DESCRIPTION
-
-SSLeay_version() returns a pointer to a constant string describing the
-version of the OpenSSL library or giving information about the library
-build.
-
-The following B<type> values are supported:
-
-=over 4
-
-=item SSLEAY_VERSION
-
-The version of the OpenSSL library including the release date.
-
-=item SSLEAY_CFLAGS
-
-The compiler flags set for the compilation process in the form
-"compiler: ..."  if available or "compiler: information not available"
-otherwise.
-
-=item SSLEAY_BUILT_ON
-
-The date of the build process in the form "built on: ..." if available
-or "built on: date not available" otherwise.
-
-=item SSLEAY_PLATFORM
-
-The "Configure" target of the library build in the form "platform: ..."
-if available or "platform: information not available" otherwise.
-
-=item SSLEAY_DIR
-
-The "OPENSSLDIR" setting of the library build in the form "OPENSSLDIR: "...""
-if available or "OPENSSLDIR: N/A" otherwise.
-
-=back
-
-=head1 RETURN VALUES
-
-The following return values can occur:
-
-=over 4
-
-=item "not available"
-
-An invalid value for B<type> was given.
-
-=item Pointer to constant string
-
-Textual description.
-
-=back
-
-=head1 SEE ALSO
-
-L<crypto(3)|crypto(3)>
-
-=head1 HISTORY
-
-B<SSLEAY_DIR> was added in OpenSSL 0.9.7.
-
-=cut

fips/aes/fips_aesavs.c

@@ -535,7 +535,7 @@ static int do_mct(char *amode,
 		}
 	    }
 	}
-    
+    FIPS_cipher_ctx_cleanup(&ctx);
     return ret;
     }
 
@@ -554,7 +554,7 @@ static int proc_file(char *rqfile, char *rspfile)
     FILE *afp = NULL, *rfp = NULL;
     char ibuf[2048];
     char tbuf[2048];
-    int ilen, len, ret = 0;
+    int len;
     char algo[8] = "";
     char amode[8] = "";
     char atest[8] = "";
@@ -605,7 +605,6 @@ static int proc_file(char *rqfile, char *rspfile)
     while (!err && (fgets(ibuf, sizeof(ibuf), afp)) != NULL)
 	{
 	tidy_line(tbuf, ibuf);
-	ilen = strlen(ibuf);
 	/*      printf("step=%d ibuf=%s",step,ibuf); */
 	switch (step)
 	    {
@@ -780,11 +779,11 @@ static int proc_file(char *rqfile, char *rspfile)
 		    if(do_mct(amode, akeysz, aKey, iVec, 
 			      dir, (unsigned char*)plaintext, len, 
 			      rfp) < 0)
-			EXIT(1);
+			err = 1;
 		    }
 		else
 		    {
-		    ret = AESTest(&ctx, amode, akeysz, aKey, iVec, 
+		    AESTest(&ctx, amode, akeysz, aKey, iVec, 
 				  dir,  /* 0 = decrypt, 1 = encrypt */
 				  plaintext, ciphertext, len);
 		    OutputValue("CIPHERTEXT",ciphertext,len,rfp,
@@ -822,7 +821,7 @@ static int proc_file(char *rqfile, char *rspfile)
 		    }
 		else
 		    {
-		    ret = AESTest(&ctx, amode, akeysz, aKey, iVec, 
+		    AESTest(&ctx, amode, akeysz, aKey, iVec, 
 				  dir,  /* 0 = decrypt, 1 = encrypt */
 				  plaintext, ciphertext, len);
 		    OutputValue("PLAINTEXT",(unsigned char *)plaintext,len,rfp,
@@ -850,6 +849,7 @@ static int proc_file(char *rqfile, char *rspfile)
 	fclose(rfp);
     if (afp)
 	fclose(afp);
+    FIPS_cipher_ctx_cleanup(&ctx);
     return err;
     }
 
@@ -862,12 +862,16 @@ static int proc_file(char *rqfile, char *rspfile)
     aes_test -d xxxxx.xxx
   The default is: -d req.txt
 --------------------------------------------------*/
+#ifdef FIPS_ALGVS
+int fips_aesavs_main(int argc, char **argv)
+#else
 int main(int argc, char **argv)
+#endif
     {
     char *rqlist = "req.txt", *rspfile = NULL;
     FILE *fp = NULL;
     char fn[250] = "", rfn[256] = "";
-    int f_opt = 0, d_opt = 1;
+    int d_opt = 1;
     fips_algtest_init();
 
     if (argc > 1)
@@ -878,7 +882,6 @@ int main(int argc, char **argv)
 	    }
 	else if (strcasecmp(argv[1], "-f") == 0)
 	    {
-	    f_opt = 1;
 	    d_opt = 0;
 	    }
 	else
@@ -915,7 +918,7 @@ int main(int argc, char **argv)
 	    if (proc_file(rfn, rspfile))
 		{
 		printf(">>> Processing failed for: %s <<<\n", rfn);
-		EXIT(1);
+		return 1;
 		}
 	    }
 	fclose(fp);
@@ -929,7 +932,6 @@ int main(int argc, char **argv)
 	    printf(">>> Processing failed for: %s <<<\n", fn);
 	    }
 	}
-    EXIT(0);
     return 0;
     }
 

fips/aes/fips_gcmtest.c

@@ -261,6 +261,7 @@ static void gcmtest(FILE *in, FILE *out, int encrypt)
 			iv = aad = ct = pt = key = tag = NULL;
 			}
 		}
+	FIPS_cipher_ctx_cleanup(&ctx);	
 	}
 
 static void xtstest(FILE *in, FILE *out)
@@ -270,7 +271,6 @@ static void xtstest(FILE *in, FILE *out)
 	char *keyword, *value;
 	int inlen = 0;
 	int encrypt = 0;
-	int rv;
 	long l;
 	unsigned char *key = NULL, *iv = NULL;
 	unsigned char *inbuf = NULL, *outbuf = NULL;
@@ -326,7 +326,7 @@ static void xtstest(FILE *in, FILE *out)
 			{
 			FIPS_cipherinit(&ctx, xts, key, iv, encrypt);
 			outbuf = OPENSSL_malloc(inlen);
-			rv = FIPS_cipher(&ctx, outbuf, inbuf, inlen);
+			FIPS_cipher(&ctx, outbuf, inbuf, inlen);
 			OutputValue(encrypt ? "CT":"PT", outbuf, inlen, out, 0);
 			OPENSSL_free(inbuf);
 			OPENSSL_free(outbuf);
@@ -335,6 +335,7 @@ static void xtstest(FILE *in, FILE *out)
 			iv = key = inbuf = outbuf = NULL;
 			}	
 		}
+	FIPS_cipher_ctx_cleanup(&ctx);	
 	}
 
 static void ccmtest(FILE *in, FILE *out)
@@ -428,6 +429,8 @@ static void ccmtest(FILE *in, FILE *out)
 			}
 		else if (!strcmp(keyword,"Adata"))
 			{
+			if (Adata)
+				OPENSSL_free(Adata);
 			Adata = hex2bin_m(value, &l);
 			if (Alen && l != Alen)
 				{
@@ -493,10 +496,16 @@ static void ccmtest(FILE *in, FILE *out)
 		OPENSSL_free(Key);
 	if (Nonce)
 		OPENSSL_free(Nonce);
+	if (Adata)
+		OPENSSL_free(Adata);
 	FIPS_cipher_ctx_cleanup(&ctx);
 	}
 
-int main(int argc,char **argv)
+#ifdef FIPS_ALGVS
+int fips_gcmtest_main(int argc, char **argv)
+#else
+int main(int argc, char **argv)
+#endif
 	{
 	int encrypt;
 	int xts = 0, ccm = 0;

fips/cmac/fips_cmactest.c

@@ -92,7 +92,11 @@ static int print_cmac_ver(const EVP_CIPHER *cipher, FILE *out,
 		unsigned char *Mac, int Maclen,
 		int Tlen);
 
+#ifdef FIPS_ALGVS
+int fips_cmactest_main(int argc, char **argv)
+#else
 int main(int argc, char **argv)
+#endif
 	{
 	FILE *in = NULL, *out = NULL;
 	int mode = 0;		/* 0 => Generate, 1 => Verify */

fips/des/fips_desmovs.c

@@ -102,7 +102,7 @@ static int DESTest(EVP_CIPHER_CTX *ctx,
     if (akeysz != 192)
 	{
 	printf("Invalid key size: %d\n", akeysz);
-	EXIT(1);
+	return 0;
 	}
 
     if (fips_strcasecmp(amode, "CBC") == 0)
@@ -120,7 +120,7 @@ static int DESTest(EVP_CIPHER_CTX *ctx,
     else
 	{
 	printf("Unknown mode: %s\n", amode);
-	EXIT(1);
+	return 0;
 	}
 
     if (FIPS_cipherinit(ctx, cipher, aKey, iVec, dir) <= 0)
@@ -155,12 +155,12 @@ static void shiftin(unsigned char *dst,unsigned char *src,int nbits)
     }	
 
 /*-----------------------------------------------*/
-char *t_tag[2] = {"PLAINTEXT", "CIPHERTEXT"};
-char *t_mode[6] = {"CBC","ECB","OFB","CFB1","CFB8","CFB64"};
-enum Mode {CBC, ECB, OFB, CFB1, CFB8, CFB64};
+char *tdes_t_tag[2] = {"PLAINTEXT", "CIPHERTEXT"};
+char *tdes_t_mode[6] = {"CBC","ECB","OFB","CFB1","CFB8","CFB64"};
+enum tdes_Mode {TCBC, TECB, TOFB, TCFB1, TCFB8, TCFB64};
 int Sizes[6]={64,64,64,1,8,64};
 
-static void do_mct(char *amode, 
+static int do_tmct(char *amode, 
 	    int akeysz, int numkeys, unsigned char *akey,unsigned char *ivec,
 	    int dir, unsigned char *text, int len,
 	    FILE *rfp)
@@ -170,12 +170,12 @@ static void do_mct(char *amode,
     unsigned char text0[8];
 
     for (imode=0 ; imode < 6 ; ++imode)
-	if(!strcmp(amode,t_mode[imode]))
+	if(!strcmp(amode,tdes_t_mode[imode]))
 	    break;
     if (imode == 6)
 	{ 
 	printf("Unrecognized mode: %s\n", amode);
-	EXIT(1);
+	return 0;
 	}
     for(i=0 ; i < 400 ; ++i)
 	{
@@ -196,12 +196,12 @@ static void do_mct(char *amode,
 		OutputValue("",akey+n*8,8,rfp,0);
 		}
 
-	if(imode != ECB)
+	if(imode != TECB)
 	    OutputValue("IV",ivec,8,rfp,0);
-	OutputValue(t_tag[dir^1],text,len,rfp,imode == CFB1);
+	OutputValue(tdes_t_tag[dir^1],text,len,rfp,imode == TCFB1);
 #if 0
 	/* compensate for endianness */
-	if(imode == CFB1)
+	if(imode == TCFB1)
 	    text[0]<<=7;
 #endif
 	memcpy(text0,text,8);
@@ -223,18 +223,18 @@ static void do_mct(char *amode,
 		}
 	    if(j == 9999)
 		{
-		OutputValue(t_tag[dir],text,len,rfp,imode == CFB1);
+		OutputValue(tdes_t_tag[dir],text,len,rfp,imode == TCFB1);
 		/*		memcpy(ivec,text,8); */
 		}
 	    /*	    DebugValue("iv",ctx.iv,8); */
 	    /* accumulate material for the next key */
 	    shiftin(nk,text,Sizes[imode]);
 	    /*	    DebugValue("nk",nk,24);*/
-	    if((dir && (imode == CFB1 || imode == CFB8 || imode == CFB64
-			|| imode == CBC)) || imode == OFB)
+	    if((dir && (imode == TCFB1 || imode == TCFB8
+			|| imode == TCFB64 || imode == TCBC)) || imode == TOFB)
 		memcpy(text,old_iv,8);
 
-	    if(!dir && (imode == CFB1 || imode == CFB8 || imode == CFB64))
+	    if(!dir && (imode == TCFB1 || imode == TCFB8 || imode == TCFB64))
 		{
 		/* the test specifies using the output of the raw DES operation
 		   which we don't have, so reconstruct it... */
@@ -260,18 +260,20 @@ static void do_mct(char *amode,
 	/* pointless exercise - the final text doesn't depend on the
 	   initial text in OFB mode, so who cares what it is? (Who
 	   designed these tests?) */
-	if(imode == OFB)
+	if(imode == TOFB)
 	    for(n=0 ; n < 8 ; ++n)
 		text[n]=text0[n]^old_iv[n];
+	FIPS_cipher_ctx_cleanup(&ctx);
 	}
+    return 1;
     }
     
-static int proc_file(char *rqfile, char *rspfile)
+static int tproc_file(char *rqfile, char *rspfile)
     {
     char afn[256], rfn[256];
     FILE *afp = NULL, *rfp = NULL;
     char ibuf[2048], tbuf[2048];
-    int ilen, len, ret = 0;
+    int len;
     char amode[8] = "";
     char atest[100] = "";
     int akeysz=0;
@@ -322,7 +324,6 @@ static int proc_file(char *rqfile, char *rspfile)
     while (!err && (fgets(ibuf, sizeof(ibuf), afp)) != NULL)
 	{
 	tidy_line(tbuf, ibuf);
-	ilen = strlen(ibuf);
 	/*	printf("step=%d ibuf=%s",step,ibuf);*/
 	if(step == 3 && !strcmp(amode,"ECB"))
 	    {
@@ -546,12 +547,14 @@ static int proc_file(char *rqfile, char *rspfile)
 		PrintValue("PLAINTEXT", (unsigned char*)plaintext, len);
 		if (strcmp(atest, "Monte") == 0)  /* Monte Carlo Test */
 		    {
-		    do_mct(amode,akeysz,numkeys,aKey,iVec,dir,plaintext,len,rfp);
+		    if (!do_tmct(amode,akeysz,numkeys,aKey,iVec,
+					dir,plaintext,len,rfp))
+			return -1;
 		    }
 		else
 		    {
 		    assert(dir == 1);
-		    ret = DESTest(&ctx, amode, akeysz, aKey, iVec, 
+		    DESTest(&ctx, amode, akeysz, aKey, iVec, 
 				  dir,  /* 0 = decrypt, 1 = encrypt */
 				  ciphertext, plaintext, len);
 		    OutputValue("CIPHERTEXT",ciphertext,len,rfp,
@@ -585,13 +588,13 @@ static int proc_file(char *rqfile, char *rspfile)
 		PrintValue("CIPHERTEXT", ciphertext, len);
 		if (strcmp(atest, "Monte") == 0)  /* Monte Carlo Test */
 		    {
-		    do_mct(amode, akeysz, numkeys, aKey, iVec, 
+		    do_tmct(amode, akeysz, numkeys, aKey, iVec, 
 			   dir, ciphertext, len, rfp);
 		    }
 		else
 		    {
 		    assert(dir == 0);
-		    ret = DESTest(&ctx, amode, akeysz, aKey, iVec, 
+		    DESTest(&ctx, amode, akeysz, aKey, iVec, 
 				  dir,  /* 0 = decrypt, 1 = encrypt */
 				  plaintext, ciphertext, len);
 		    OutputValue("PLAINTEXT",(unsigned char *)plaintext,len,rfp,
@@ -619,6 +622,7 @@ static int proc_file(char *rqfile, char *rspfile)
 	fclose(rfp);
     if (afp)
 	fclose(afp);
+    FIPS_cipher_ctx_cleanup(&ctx);
     return err;
     }
 
@@ -631,12 +635,16 @@ static int proc_file(char *rqfile, char *rspfile)
     aes_test -d xxxxx.xxx
   The default is: -d req.txt
 --------------------------------------------------*/
+#ifdef FIPS_ALGVS
+int fips_desmovs_main(int argc, char **argv)
+#else
 int main(int argc, char **argv)
+#endif
     {
     char *rqlist = "req.txt", *rspfile = NULL;
     FILE *fp = NULL;
     char fn[250] = "", rfn[256] = "";
-    int f_opt = 0, d_opt = 1;
+    int d_opt = 1;
 
     fips_algtest_init();
     if (argc > 1)
@@ -647,7 +655,6 @@ int main(int argc, char **argv)
 	    }
 	else if (fips_strcasecmp(argv[1], "-f") == 0)
 	    {
-	    f_opt = 1;
 	    d_opt = 0;
 	    }
 	else
@@ -680,10 +687,10 @@ int main(int argc, char **argv)
 	    strtok(fn, "\r\n");
 	    strcpy(rfn, fn);
 	    printf("Processing: %s\n", rfn);
-	    if (proc_file(rfn, rspfile))
+	    if (tproc_file(rfn, rspfile))
 		{
 		printf(">>> Processing failed for: %s <<<\n", rfn);
-		EXIT(1);
+		return -1;
 		}
 	    }
 	fclose(fp);
@@ -692,12 +699,11 @@ int main(int argc, char **argv)
 	{
 	if (VERBOSE)
 		printf("Processing: %s\n", fn);
-	if (proc_file(fn, rspfile))
+	if (tproc_file(fn, rspfile))
 	    {
 	    printf(">>> Processing failed for: %s <<<\n", fn);
 	    }
 	}
-    EXIT(0);
     return 0;
     }
 

fips/dh/fips_dhvs.c

@@ -146,7 +146,11 @@ static void output_Zhash(FILE *out, int exout,
 	OPENSSL_free(Z);
 	}
 
-int main(int argc,char **argv)
+#ifdef FIPS_ALGVS
+int fips_dhvs_main(int argc, char **argv)
+#else
+int main(int argc, char **argv)
+#endif
 	{
 	char **args = argv + 1;
 	int argn = argc - 1;

fips/dsa/fips_dsa_sign.c

@@ -114,4 +114,28 @@ int FIPS_dsa_verify_digest(DSA *dsa,
 	return dsa->meth->dsa_do_verify(dig,dlen,s,dsa);
 	}
 
+int FIPS_dsa_verify(DSA *dsa, const unsigned char *msg, size_t msglen,
+			const EVP_MD *mhash, DSA_SIG *s)
+	{
+	int ret=-1;
+	unsigned char dig[EVP_MAX_MD_SIZE];
+	unsigned int dlen;
+        FIPS_digest(msg, msglen, dig, &dlen, mhash);
+	ret=FIPS_dsa_verify_digest(dsa, dig, dlen, s);
+	OPENSSL_cleanse(dig, dlen);
+	return ret;
+	}
+
+DSA_SIG * FIPS_dsa_sign(DSA *dsa, const unsigned char *msg, size_t msglen,
+			const EVP_MD *mhash)
+	{
+	DSA_SIG *s;
+	unsigned char dig[EVP_MAX_MD_SIZE];
+	unsigned int dlen;
+        FIPS_digest(msg, msglen, dig, &dlen, mhash);
+	s = FIPS_dsa_sign_digest(dsa, dig, dlen);
+	OPENSSL_cleanse(dig, dlen);
+	return s;
+	}
+
 #endif

fips/dsa/fips_dsatest.c

@@ -154,9 +154,7 @@ int main(int argc, char **argv)
 	unsigned char buf[256];
 	unsigned long h;
 	BN_GENCB cb;
-	EVP_MD_CTX mctx;
 	BN_GENCB_set(&cb, dsa_cb, stderr);
-	FIPS_md_ctx_init(&mctx);
 
     	fips_algtest_init();
 
@@ -210,19 +208,11 @@ int main(int argc, char **argv)
 		}
 	DSA_generate_key(dsa);
 
-	if (!FIPS_digestinit(&mctx, EVP_sha1()))
-		goto end;
-	if (!FIPS_digestupdate(&mctx, str1, 20))
-		goto end;
-	sig = FIPS_dsa_sign_ctx(dsa, &mctx);
+	sig = FIPS_dsa_sign(dsa, str1, 20, EVP_sha1());
 	if (!sig)
 		goto end;
 
-	if (!FIPS_digestinit(&mctx, EVP_sha1()))
-		goto end;
-	if (!FIPS_digestupdate(&mctx, str1, 20))
-		goto end;
-	if (FIPS_dsa_verify_ctx(dsa, &mctx, sig) != 1)
+	if (FIPS_dsa_verify(dsa, str1, 20, EVP_sha1(), sig) != 1)
 		goto end;
 
 	ret = 1;
@@ -231,7 +221,6 @@ end:
 	if (sig)
 		FIPS_dsa_sig_free(sig);
 	if (dsa != NULL) FIPS_dsa_free(dsa);
-	FIPS_md_ctx_cleanup(&mctx);
 #if 0
 	CRYPTO_mem_leaks(bio_err);
 #endif

fips/dsa/fips_dssvs.c

@@ -199,6 +199,7 @@ static void pqg(FILE *in, FILE *out)
 			{
 			fprintf(out, "counter = %d" RESP_EOL RESP_EOL, counter);
 			}
+		FIPS_dsa_free(dsa);
 		}
 	    }
 	else if(!strcmp(keyword,"P"))
@@ -519,6 +520,8 @@ static void keyver(FILE *in, FILE *out)
 	    BN_free(g);
 	if (Y2)
 	    BN_free(Y2);
+	if (ctx)
+	    BN_CTX_free(ctx);
     }
 
 static void keypair(FILE *in, FILE *out)
@@ -575,6 +578,8 @@ static void keypair(FILE *in, FILE *out)
 		do_bn_print_name(out, "Y",dsa->pub_key);
 	    	fputs(RESP_EOL, out);
 		}
+	    if (dsa)
+		FIPS_dsa_free(dsa);
 	    }
 	}
     }
@@ -627,9 +632,7 @@ static void siggen(FILE *in, FILE *out)
 	    {
 	    unsigned char msg[1024];
 	    int n;
-	    EVP_MD_CTX mctx;
 	    DSA_SIG *sig;
-	    FIPS_md_ctx_init(&mctx);
 
 	    n=hex2bin(value,msg);
 
@@ -637,15 +640,12 @@ static void siggen(FILE *in, FILE *out)
 		exit(1);
 	    do_bn_print_name(out, "Y",dsa->pub_key);
 
-	    FIPS_digestinit(&mctx, md);
-	    FIPS_digestupdate(&mctx, msg, n);
-	    sig = FIPS_dsa_sign_ctx(dsa, &mctx);
+	    sig = FIPS_dsa_sign(dsa, msg, n, md);
 
 	    do_bn_print_name(out, "R",sig->r);
 	    do_bn_print_name(out, "S",sig->s);
 	    fputs(RESP_EOL, out);
 	    FIPS_dsa_sig_free(sig);
-	    FIPS_md_ctx_cleanup(&mctx);
 	    }
 	}
     if (dsa)
@@ -687,37 +687,48 @@ static void sigver(FILE *in, FILE *out)
 	    dsa = FIPS_dsa_new();
 	    }
 	else if(!strcmp(keyword,"P"))
-	    dsa->p=hex2bn(value);
+	    do_hex2bn(&dsa->p, value);
 	else if(!strcmp(keyword,"Q"))
-	    dsa->q=hex2bn(value);
+	    do_hex2bn(&dsa->q, value);
 	else if(!strcmp(keyword,"G"))
-	    dsa->g=hex2bn(value);
+	    do_hex2bn(&dsa->g, value);
 	else if(!strcmp(keyword,"Msg"))
 	    n=hex2bin(value,msg);
 	else if(!strcmp(keyword,"Y"))
-	    dsa->pub_key=hex2bn(value);
+	    do_hex2bn(&dsa->pub_key, value);
 	else if(!strcmp(keyword,"R"))
 	    sig->r=hex2bn(value);
 	else if(!strcmp(keyword,"S"))
 	    {
-	    EVP_MD_CTX mctx;
 	    int r;
-	    FIPS_md_ctx_init(&mctx);
 	    sig->s=hex2bn(value);
 
-	    FIPS_digestinit(&mctx, md);
-	    FIPS_digestupdate(&mctx, msg, n);
 	    no_err = 1;
-	    r = FIPS_dsa_verify_ctx(dsa, &mctx, sig);
+	    r = FIPS_dsa_verify(dsa, msg, n, md, sig);
 	    no_err = 0;
-	    FIPS_md_ctx_cleanup(&mctx);
+	    if (sig->s)
+		{
+		BN_free(sig->s);
+		sig->s = NULL;
+		}
+	    if (sig->r)
+		{
+		BN_free(sig->r);
+		sig->r = NULL;
+		}
 	
 	    fprintf(out, "Result = %c" RESP_EOL RESP_EOL, r == 1 ? 'P' : 'F');
 	    }
 	}
+	if (dsa)
+	    FIPS_dsa_free(dsa);
     }
 
-int main(int argc,char **argv)
+#ifdef FIPS_ALGVS
+int fips_dssvs_main(int argc, char **argv)
+#else
+int main(int argc, char **argv)
+#endif
     {
     FILE *in, *out;
     if (argc == 4)

fips/ecdh/fips_ecdhvs.c

@@ -76,7 +76,7 @@ int main(int argc, char **argv)
 
 #include "fips_utl.h"
 
-static const EVP_MD *parse_md(char *line)
+static const EVP_MD *eparse_md(char *line)
 	{
 	char *p;
 	if (line[0] != '[' || line[1] != 'E')
@@ -301,7 +301,11 @@ static void ec_output_Zhash(FILE *out, int exout, EC_GROUP *group,
 	EC_POINT_free(peerkey);
 	}
 		
-int main(int argc,char **argv)
+#ifdef FIPS_ALGVS
+int fips_ecdhvs_main(int argc, char **argv)
+#else
+int main(int argc, char **argv)
+#endif
 	{
 	char **args = argv + 1;
 	int argn = argc - 1;
@@ -315,6 +319,7 @@ int main(int argc,char **argv)
 	EC_GROUP *group = NULL;
 	char *keyword = NULL, *value = NULL;
 	int do_verify = -1, exout = 0;
+	int rv = 1;
 
 	int curve_nids[5] = {0,0,0,0,0};
 	int param_set = -1;
@@ -408,11 +413,16 @@ int main(int argc,char **argv)
 			if (group)
 				EC_GROUP_free(group);
 			group = EC_GROUP_new_by_curve_name(nid);
+			if (!group)
+				{
+				fprintf(stderr, "ERROR: unsupported curve %s\n", buf + 1);
+				return 1;
+				}
 			}
 
 		if (strlen(buf) > 6 && !strncmp(buf, "[E", 2))
 			{
-			md = parse_md(buf);
+			md = eparse_md(buf);
 			if (md == NULL)
 				goto parse_error;
 			continue;
@@ -459,10 +469,23 @@ int main(int argc,char **argv)
 					md, rhash, rhashlen);
 			}
 		}
-	return 0;
+	rv = 0;
 	parse_error:
+	if (id)
+		BN_free(id);
+	if (ix)
+		BN_free(ix);
+	if (iy)
+		BN_free(iy);
+	if (cx)
+		BN_free(cx);
+	if (cy)
+		BN_free(cy);
+	if (group)
+		EC_GROUP_free(group);
+	if (rv)
 		fprintf(stderr, "Error Parsing request file\n");
-	exit(1);
+	return rv;
 	}
 
 #endif

fips/ecdsa/fips_ecdsa_sign.c

@@ -87,3 +87,28 @@ int FIPS_ecdsa_verify_ctx(EC_KEY *key, EVP_MD_CTX *ctx, ECDSA_SIG *s)
 	return ret;
 	}
 
+int FIPS_ecdsa_verify(EC_KEY *key, const unsigned char *msg, size_t msglen,
+			const EVP_MD *mhash, ECDSA_SIG *s)
+	{
+	int ret=-1;
+	unsigned char dig[EVP_MAX_MD_SIZE];
+	unsigned int dlen;
+        FIPS_digest(msg, msglen, dig, &dlen, mhash);
+	ret=FIPS_ecdsa_verify_digest(key, dig, dlen, s);
+	OPENSSL_cleanse(dig, dlen);
+	return ret;
+	}
+
+ECDSA_SIG * FIPS_ecdsa_sign(EC_KEY *key,
+			const unsigned char *msg, size_t msglen,
+			const EVP_MD *mhash)
+	{
+	ECDSA_SIG *s;
+	unsigned char dig[EVP_MAX_MD_SIZE];
+	unsigned int dlen;
+        FIPS_digest(msg, msglen, dig, &dlen, mhash);
+	s = FIPS_ecdsa_sign_digest(key, dig, dlen);
+	OPENSSL_cleanse(dig, dlen);
+	return s;
+	}
+

fips/ecdsa/fips_ecdsavs.c

@@ -75,7 +75,7 @@ int main(int argc, char **argv)
 #include <openssl/objects.h>
 
 
-static int lookup_curve(char *in, char *curve_name, const EVP_MD **pmd)
+static int elookup_curve(char *in, char *curve_name, const EVP_MD **pmd)
 	{
 	char *cname, *p;
 	/* Copy buffer as we will change it */
@@ -200,7 +200,7 @@ static int KeyPair(FILE *in, FILE *out)
 		if (*buf == '[' && buf[2] == '-')
 			{
 			if (buf[2] == '-')
-			curve_nid = lookup_curve(buf, lbuf, NULL);
+			curve_nid = elookup_curve(buf, lbuf, NULL);
 			fputs(buf, out);
 			continue;
 			}
@@ -260,7 +260,7 @@ static int PKV(FILE *in, FILE *out)
 		fputs(buf, out);
 		if (*buf == '[' && buf[2] == '-')
 			{
-			curve_nid = lookup_curve(buf, lbuf, NULL);
+			curve_nid = elookup_curve(buf, lbuf, NULL);
 			if (curve_nid == NID_undef)
 				return 0;
 				
@@ -287,10 +287,13 @@ static int PKV(FILE *in, FILE *out)
 			no_err = 1;
 			rv = EC_KEY_set_public_key_affine_coordinates(key, Qx, Qy);
 			no_err = 0;
+			EC_KEY_free(key);
 			fprintf(out, "Result = %s" RESP_EOL, rv ? "P":"F");
 			}
 
 		}
+	BN_free(Qx);
+	BN_free(Qy);
 	return 1;
 	}
 
@@ -305,8 +308,6 @@ static int SigGen(FILE *in, FILE *out)
 	EC_KEY *key = NULL;
 	ECDSA_SIG *sig = NULL;
 	const EVP_MD *digest = NULL;
-	EVP_MD_CTX mctx;
-	EVP_MD_CTX_init(&mctx);
 	Qx = BN_new();
 	Qy = BN_new();
 	while(fgets(buf, sizeof buf, in) != NULL)
@@ -314,7 +315,7 @@ static int SigGen(FILE *in, FILE *out)
 		fputs(buf, out);
 		if (*buf == '[')
 			{
-			curve_nid = lookup_curve(buf, lbuf, &digest);
+			curve_nid = elookup_curve(buf, lbuf, &digest);
 			if (curve_nid == NID_undef)
 				return 0;
 			}
@@ -342,9 +343,7 @@ static int SigGen(FILE *in, FILE *out)
 				return 0;
 				}
 
-			FIPS_digestinit(&mctx, digest);
-			FIPS_digestupdate(&mctx, msg, mlen);
-	    		sig = FIPS_ecdsa_sign_ctx(key, &mctx);
+	    		sig = FIPS_ecdsa_sign(key, msg, mlen, digest);
 
 			if (!sig)
 				{
@@ -358,7 +357,7 @@ static int SigGen(FILE *in, FILE *out)
 			do_bn_print_name(out, "S", sig->s);
 
 			EC_KEY_free(key);
-
+			OPENSSL_free(msg);
 			FIPS_ecdsa_sig_free(sig);
 
 			}
@@ -366,7 +365,6 @@ static int SigGen(FILE *in, FILE *out)
 		}
 	BN_free(Qx);
 	BN_free(Qy);
-	FIPS_md_ctx_cleanup(&mctx);
 	return 1;
 	}
 
@@ -381,8 +379,6 @@ static int SigVer(FILE *in, FILE *out)
 	EC_KEY *key = NULL;
 	ECDSA_SIG sg, *sig = &sg;
 	const EVP_MD *digest = NULL;
-	EVP_MD_CTX mctx;
-	EVP_MD_CTX_init(&mctx);
 	sig->r = NULL;
 	sig->s = NULL;
 	while(fgets(buf, sizeof buf, in) != NULL)
@@ -390,7 +386,7 @@ static int SigVer(FILE *in, FILE *out)
 		fputs(buf, out);
 		if (*buf == '[')
 			{
-			curve_nid = lookup_curve(buf, lbuf, &digest);
+			curve_nid = elookup_curve(buf, lbuf, &digest);
 			if (curve_nid == NID_undef)
 				return 0;
 			}
@@ -447,20 +443,32 @@ static int SigVer(FILE *in, FILE *out)
 				return 0;
 				}
 
-			FIPS_digestinit(&mctx, digest);
-			FIPS_digestupdate(&mctx, msg, mlen);
 			no_err = 1;
-	    		rv = FIPS_ecdsa_verify_ctx(key, &mctx, sig);
+	    		rv = FIPS_ecdsa_verify(key, msg, mlen, digest, sig);
+			EC_KEY_free(key);
+			if (msg)
+				OPENSSL_free(msg);
 			no_err = 0;
 
 			fprintf(out, "Result = %s" RESP_EOL, rv ? "P":"F");
 			}
 
 		}
+	if (sig->r)
+		BN_free(sig->r);
+	if (sig->s)
+		BN_free(sig->s);
+	if (Qx)
+		BN_free(Qx);
+	if (Qy)
+		BN_free(Qy);
 	return 1;
 	}
-
+#ifdef FIPS_ALGVS
+int fips_ecdsavs_main(int argc, char **argv)
+#else
 int main(int argc, char **argv)
+#endif
 	{
 	FILE *in = NULL, *out = NULL;
 	const char *cmd = argv[1];

fips/fips.h

@@ -97,9 +97,8 @@ int FIPS_selftest_rsa(void);
 int FIPS_selftest_dsa(void);
 int FIPS_selftest_ecdsa(void);
 int FIPS_selftest_ecdh(void);
-void FIPS_corrupt_drbg(void);
-void FIPS_x931_stick(void);
-void FIPS_drbg_stick(void);
+void FIPS_x931_stick(int onoff);
+void FIPS_drbg_stick(int onoff);
 int FIPS_selftest_x931(void);
 int FIPS_selftest_hmac(void);
 int FIPS_selftest_drbg(void);
@@ -224,6 +223,16 @@ int FIPS_rsa_verify_digest(struct rsa_st *rsa,
 			const struct env_md_st *mgf1Hash,
 			const unsigned char *sigbuf, unsigned int siglen);
 
+int FIPS_rsa_sign(struct rsa_st *rsa, const unsigned char *msg, int msglen,
+			const struct env_md_st *mhash, int rsa_pad_mode,
+			int saltlen, const struct env_md_st *mgf1Hash,
+			unsigned char *sigret, unsigned int *siglen);
+
+int FIPS_rsa_verify(struct rsa_st *rsa, const unsigned char *msg, int msglen,
+			const struct env_md_st *mhash, int rsa_pad_mode,
+			int saltlen, const struct env_md_st *mgf1Hash,
+			const unsigned char *sigbuf, unsigned int siglen);
+
 #ifdef OPENSSL_FIPSCAPABLE
 
 int FIPS_digestinit(EVP_MD_CTX *ctx, const EVP_MD *type);

fips/fips_canister.c

@@ -34,6 +34,7 @@ const void         *FIPS_text_end(void);
 				  defined(__mips__)|| defined(__mips)))	|| \
 	(defined(__linux)     && ((defined(__PPC__) && !defined(__PPC64__)) || \
 				  defined(__arm__) || defined(__arm)))	|| \
+	(defined(__APPLE__) /* verified on all MacOS X & iOS flavors */)|| \
 	(defined(_WIN32)      && defined(_MSC_VER))
 #  define FIPS_REF_POINT_IS_CROSS_COMPILER_AWARE
 # endif

fips/fips_locl.h

@@ -67,8 +67,8 @@ int fips_post_failed(int id, int subid, void *ex);
 int fips_post_corrupt(int id, int subid, void *ex);
 int fips_post_status(void);
 
-#define FIPS_MODULE_VERSION_NUMBER	0x20000000L
-#define FIPS_MODULE_VERSION_TEXT	"FIPS 2.0-dev unvalidated test module xx XXX xxxx"
+#define FIPS_MODULE_VERSION_NUMBER	0x20000003L
+#define FIPS_MODULE_VERSION_TEXT	"FIPS 2.0-rc3-dev unvalidated test module xx XXX xxxx"
 
 #ifdef  __cplusplus
 }

fips/fips_post.c

@@ -207,7 +207,6 @@ int fips_pkey_signature_test(int id, EVP_PKEY *pkey,
 			const char *fail_str)
 	{	
 	int subid;
-	void *ex = NULL;
 	int ret = 0;
 	unsigned char *sig = NULL;
 	unsigned int siglen;
@@ -335,7 +334,7 @@ int fips_pkey_signature_test(int id, EVP_PKEY *pkey,
 		FIPSerr(FIPS_F_FIPS_PKEY_SIGNATURE_TEST,FIPS_R_TEST_FAILURE);
 		if (fail_str)
 			FIPS_add_error_data(2, "Type=", fail_str);
-		fips_post_failed(id, subid, ex);
+		fips_post_failed(id, subid, pkey);
 		return 0;
 		}
 	return fips_post_success(id, subid, pkey);

fips/fips_premain.c

@@ -7,7 +7,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#if defined(__unix) || defined(__unix__) || defined(__vxworks) || defined(__ANDROID__)
+#if defined(__unix) || defined(__unix__) || defined(__vxworks) || defined(__ANDROID__) || defined(__APPLE__)
 #include <unistd.h>
 #endif
 

fips/fips_premain.c.sha1

@@ -1 +1 @@
-HMAC-SHA1(fips_premain.c)= a401afd9c2b57f0f11d2b34b6d0c9815b1fe6a66
+HMAC-SHA1(fips_premain.c)= 1eaf66f76187877ff403708a2948d240f92736a0

fips/fips_test_suite.c

@@ -144,11 +144,9 @@ static int FIPS_dsa_test(int bad)
     DSA *dsa = NULL;
     unsigned char dgst[] = "etaonrishdlc";
     int r = 0;
-    EVP_MD_CTX mctx;
     DSA_SIG *sig = NULL;
 
     ERR_clear_error();
-    FIPS_md_ctx_init(&mctx);
     dsa = FIPS_dsa_new();
     if (!dsa)
 	goto end;
@@ -159,23 +157,14 @@ static int FIPS_dsa_test(int bad)
     if (bad)
 	    BN_add_word(dsa->pub_key, 1);
 
-    if (!FIPS_digestinit(&mctx, EVP_sha256()))
-	goto end;
-    if (!FIPS_digestupdate(&mctx, dgst, sizeof(dgst) - 1))
-	goto end;
-    sig = FIPS_dsa_sign_ctx(dsa, &mctx);
+    sig = FIPS_dsa_sign(dsa, dgst, sizeof(dgst) -1, EVP_sha256());
     if (!sig)
 	goto end;
 
-    if (!FIPS_digestinit(&mctx, EVP_sha256()))
-	goto end;
-    if (!FIPS_digestupdate(&mctx, dgst, sizeof(dgst) - 1))
-	goto end;
-    r = FIPS_dsa_verify_ctx(dsa, &mctx, sig);
+    r = FIPS_dsa_verify(dsa, dgst, sizeof(dgst) -1, EVP_sha256(), sig);
     end:
     if (sig)
 	FIPS_dsa_sig_free(sig);
-    FIPS_md_ctx_cleanup(&mctx);
     if (dsa)
   	  FIPS_dsa_free(dsa);
     if (r != 1)
@@ -193,11 +182,9 @@ static int FIPS_rsa_test(int bad)
     unsigned char buf[256];
     unsigned int slen;
     BIGNUM *bn;
-    EVP_MD_CTX mctx;
     int r = 0;
 
     ERR_clear_error();
-    FIPS_md_ctx_init(&mctx);
     key = FIPS_rsa_new();
     bn = BN_new();
     if (!key || !bn)
@@ -209,20 +196,13 @@ static int FIPS_rsa_test(int bad)
     if (bad)
 	    BN_add_word(key->n, 1);
 
-    if (!FIPS_digestinit(&mctx, EVP_sha256()))
-	goto end;
-    if (!FIPS_digestupdate(&mctx, input_ptext, sizeof(input_ptext) - 1))
-	goto end;
-    if (!FIPS_rsa_sign_ctx(key, &mctx, RSA_PKCS1_PADDING, 0, NULL, buf, &slen))
+    if (!FIPS_rsa_sign(key, input_ptext, sizeof(input_ptext) - 1, EVP_sha256(),
+			RSA_PKCS1_PADDING, 0, NULL, buf, &slen))
 	goto end;
 
-    if (!FIPS_digestinit(&mctx, EVP_sha256()))
-	goto end;
-    if (!FIPS_digestupdate(&mctx, input_ptext, sizeof(input_ptext) - 1))
-	goto end;
-    r = FIPS_rsa_verify_ctx(key, &mctx, RSA_PKCS1_PADDING, 0, NULL, buf, slen);
+    r = FIPS_rsa_verify(key, input_ptext, sizeof(input_ptext) - 1, EVP_sha256(),
+			RSA_PKCS1_PADDING, 0, NULL, buf, slen);
     end:
-    FIPS_md_ctx_cleanup(&mctx);
     if (key)
   	  FIPS_rsa_free(key);
     if (r != 1)
@@ -651,6 +631,8 @@ static int Zeroize()
     for(i = 0; i < sizeof(userkey); i++) printf("%02x", userkey[i]);
         printf("\n");
 
+    FIPS_rsa_free(key);
+
     return 1;
     }
 
@@ -696,7 +678,7 @@ static int do_drbg_test(int type, int flags)
 	}
     rv = 1;
     err:
-    FIPS_drbg_uninstantiate(dctx);
+    FIPS_drbg_free(dctx);
     return rv;
     }
 
@@ -822,11 +804,14 @@ static int fail_id = -1;
 static int fail_sub = -1;
 static int fail_key = -1;
 
+static int st_err, post_quiet = 0;
+
 static int post_cb(int op, int id, int subid, void *ex)
 	{
 	const char *idstr, *exstr = "";
 	char asctmp[20];
 	int keytype = -1;
+	int exp_fail = 0;
 #ifdef FIPS_POST_TIME
 	static struct timespec start, end, tstart, tend;
 #endif
@@ -938,6 +923,11 @@ static int post_cb(int op, int id, int subid, void *ex)
 
 		}
 
+	if (fail_id == id
+		&& (fail_key == -1 || fail_key == keytype)
+		&& (fail_sub == -1 || fail_sub == subid))
+			exp_fail = 1;
+
 	switch(op)
 		{
 		case FIPS_POST_BEGIN:
@@ -961,6 +951,7 @@ static int post_cb(int op, int id, int subid, void *ex)
 		break;
 
 		case FIPS_POST_STARTED:
+		if (!post_quiet && !exp_fail)
 			printf("\t\t%s %s test started\n", idstr, exstr);
 #ifdef FIPS_POST_TIME
 		clock_gettime(CLOCK_REALTIME, &start);
@@ -968,6 +959,13 @@ static int post_cb(int op, int id, int subid, void *ex)
 		break;
 
 		case FIPS_POST_SUCCESS:
+		if (exp_fail)
+			{
+			printf("\t\t%s %s test OK but should've failed\n",
+								idstr, exstr);
+			st_err++;
+			}
+		else if (!post_quiet)
 			printf("\t\t%s %s test OK\n", idstr, exstr);
 #ifdef FIPS_POST_TIME
 		clock_gettime(CLOCK_REALTIME, &end);
@@ -978,13 +976,21 @@ static int post_cb(int op, int id, int subid, void *ex)
 		break;
 
 		case FIPS_POST_FAIL:
-		printf("\t\t%s %s test FAILED!!\n", idstr, exstr);
+		if (exp_fail)
+			{
+			printf("\t\t%s %s test failed as expected\n",
+							idstr, exstr);
+			}
+		else
+			{
+			printf("\t\t%s %s test Failed Incorrectly!!\n",
+							idstr, exstr);
+			st_err++;
+			}
 		break;
 
 		case FIPS_POST_CORRUPT:
-		if (fail_id == id
-			&& (fail_key == -1 || fail_key == keytype)
-			&& (fail_sub == -1 || fail_sub == subid))
+		if (exp_fail)
 			{
 			printf("\t\t%s %s test failure induced\n", idstr, exstr);
 			return 0;
@@ -995,14 +1001,272 @@ static int post_cb(int op, int id, int subid, void *ex)
 	return 1;
 	}
 
-int main(int argc,char **argv)
+/* Test POST induced failures */
+
+typedef struct 
 	{
+	const char *name;
+	int id, subid, keyid;
+	} fail_list;
+
+static fail_list flist[] =
+	{
+	{"Integrity", FIPS_TEST_INTEGRITY, -1, -1},
+	{"AES", FIPS_TEST_CIPHER, NID_aes_128_ecb, -1},
+	{"DES3", FIPS_TEST_CIPHER, NID_des_ede3_ecb, -1},
+	{"AES-GCM", FIPS_TEST_GCM, -1, -1},
+	{"AES-CCM", FIPS_TEST_CCM, -1, -1},
+	{"AES-XTS", FIPS_TEST_XTS, -1, -1},
+	{"Digest", FIPS_TEST_DIGEST, -1, -1},
+	{"HMAC", FIPS_TEST_HMAC, -1, -1},
+	{"CMAC", FIPS_TEST_CMAC, -1, -1},
+	{"DRBG", FIPS_TEST_DRBG, -1, -1},
+	{"X9.31 PRNG", FIPS_TEST_X931, -1, -1},
+	{"RSA", FIPS_TEST_SIGNATURE, -1, EVP_PKEY_RSA},
+	{"DSA", FIPS_TEST_SIGNATURE, -1, EVP_PKEY_DSA},
+	{"ECDSA", FIPS_TEST_SIGNATURE, -1, EVP_PKEY_EC},
+	{"ECDH", FIPS_TEST_ECDH, -1, -1},
+	{NULL, -1, -1, -1}
+	};
+
+static int do_fail_all(int fullpost, int fullerr)
+	{
+	fail_list *ftmp;
+	int rv;
+	size_t i;
+	RSA *rsa = NULL;
+	DSA *dsa = NULL;
+	DRBG_CTX *dctx = NULL;
+	EC_KEY *ec = NULL;
+	BIGNUM *bn = NULL;
+	unsigned char out[10];
+	if (!fullpost)
+		post_quiet = 1;
+	if (!fullerr)
+		no_err = 1;
+	FIPS_module_mode_set(0, NULL);
+	for (ftmp = flist; ftmp->name; ftmp++)
+		{
+		printf("    Testing induced failure of %s test\n", ftmp->name);
+		fail_id = ftmp->id;
+		fail_sub = ftmp->subid;
+		fail_key = ftmp->keyid;
+		rv = FIPS_module_mode_set(1, FIPS_AUTH_USER_PASS);
+		if (rv)
+			{
+			printf("\tFIPS mode incorrectly successful!!\n");
+			st_err++;
+			}
+		}
+	printf("    Testing induced failure of RSA keygen test\n");
+	/* NB POST will succeed with a pairwise test failures as
+	 * it is not used during POST.
+	 */
+	fail_id = FIPS_TEST_PAIRWISE;
+	fail_key = EVP_PKEY_RSA;
+	/* Now enter FIPS mode successfully */
+	if (!FIPS_module_mode_set(1, FIPS_AUTH_USER_PASS))
+		{
+		printf("\tError entering FIPS mode\n");
+		st_err++;
+		}
+
+	rsa = FIPS_rsa_new();
+	bn = BN_new();
+ 	if (!rsa || !bn)
+		return 0;
+	BN_set_word(bn, 65537);
+	if (RSA_generate_key_ex(rsa, 2048,bn,NULL))
+		{
+		printf("\tRSA key generated OK incorrectly!!\n");
+		st_err++;
+		}
+	else
+		printf("\tRSA key generation failed as expected.\n");
+
+	/* Leave FIPS mode to clear error */
+	FIPS_module_mode_set(0, NULL);
+
+	printf("    Testing induced failure of DSA keygen test\n");
+	fail_key = EVP_PKEY_DSA;
+	/* Enter FIPS mode successfully */
+	if (!FIPS_module_mode_set(1, FIPS_AUTH_USER_PASS))
+		{
+		printf("\tError entering FIPS mode\n");
+		st_err++;
+		}
+	dsa = FIPS_dsa_new();
+    	if (!dsa)
+		return 0;
+	if (!DSA_generate_parameters_ex(dsa, 1024,NULL,0,NULL,NULL,NULL))
+		return 0;
+    	if (DSA_generate_key(dsa))
+		{
+		printf("\tDSA key generated OK incorrectly!!\n");
+		st_err++;
+		}
+	else
+		printf("\tDSA key generation failed as expected.\n");
+
+	/* Leave FIPS mode to clear error */
+	FIPS_module_mode_set(0, NULL);
+	/* Enter FIPS mode successfully */
+	if (!FIPS_module_mode_set(1, FIPS_AUTH_USER_PASS))
+		{
+		printf("\tError entering FIPS mode\n");
+		st_err++;
+		}
+
+	printf("    Testing induced failure of ECDSA keygen test\n");
+	fail_key = EVP_PKEY_EC;
+
+	ec = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+
+	if (!ec)
+		return 0;
+
+    	if (EC_KEY_generate_key(ec))
+		{
+		printf("\tECDSA key generated OK incorrectly!!\n");
+		st_err++;
+		}
+	else
+		printf("\tECDSA key generation failed as expected.\n");
+
+	fail_id = -1;
+	fail_sub = -1;
+	fail_key = -1;
+	/* Leave FIPS mode to clear error */
+	FIPS_module_mode_set(0, NULL);
+	/* Enter FIPS mode successfully */
+	if (!FIPS_module_mode_set(1, FIPS_AUTH_USER_PASS))
+		{
+		printf("\tError entering FIPS mode\n");
+		st_err++;
+		}
+	/* Induce continuous PRNG failure for DRBG */
+	printf("    Testing induced failure of DRBG CPRNG test\n");
+	FIPS_drbg_stick(1);
+
+	/* Initialise a DRBG context */
+	dctx = FIPS_drbg_new(NID_sha1, 0);
+	if (!dctx)
+		return 0;
+	for (i = 0; i < sizeof(dummy_drbg_entropy); i++)
+		{
+		dummy_drbg_entropy[i] = i & 0xff;
+		}
+	FIPS_drbg_set_callbacks(dctx, drbg_test_cb, 0, 0x10, drbg_test_cb, 0);
+	if (!FIPS_drbg_instantiate(dctx, dummy_drbg_entropy, 10))
+		{
+		printf("\tDRBG instantiate error!!\n");
+		st_err++;
+		}
+	if (FIPS_drbg_generate(dctx, out, sizeof(out), 0, NULL, 0))
+		{
+		printf("\tDRBG continuous PRNG OK incorrectly!!\n");
+		st_err++;
+		}
+	else
+		printf("\tDRBG continuous PRNG failed as expected\n");
+	FIPS_drbg_stick(0);
+
+	/* Leave FIPS mode to clear error */
+	FIPS_module_mode_set(0, NULL);
+	/* Enter FIPS mode successfully */
+	if (!FIPS_module_mode_set(1, FIPS_AUTH_USER_PASS))
+		{
+		printf("\tError entering FIPS mode\n");
+		st_err++;
+		}
+
+	FIPS_drbg_free(dctx);
+
+	/* Induce continuous PRNG failure for DRBG entropy source*/
+	printf("    Testing induced failure of DRBG entropy CPRNG test\n");
+
+	/* Initialise a DRBG context */
+	dctx = FIPS_drbg_new(NID_sha1, 0);
+	if (!dctx)
+		return 0;
+	for (i = 0; i < sizeof(dummy_drbg_entropy); i++)
+		{
+		dummy_drbg_entropy[i] = i & 0xf;
+		}
+	FIPS_drbg_set_callbacks(dctx, drbg_test_cb, 0, 0x10, drbg_test_cb, 0);
+	if (FIPS_drbg_instantiate(dctx, dummy_drbg_entropy, 10))
+		{
+		printf("\tDRBG continuous PRNG entropy OK incorrectly!!\n");
+		st_err++;
+		}
+	else
+		printf("\tDRBG continuous PRNG entropy failed as expected\n");
+	/* Leave FIPS mode to clear error */
+	FIPS_module_mode_set(0, NULL);
+	/* Enter FIPS mode successfully */
+	if (!FIPS_module_mode_set(1, FIPS_AUTH_USER_PASS))
+		{
+		printf("\tError entering FIPS mode\n");
+		st_err++;
+		}
+	FIPS_drbg_free(dctx);
+
+	/* Leave FIPS mode to clear error */
+	FIPS_module_mode_set(0, NULL);
+	/* Enter FIPS mode successfully */
+	if (!FIPS_module_mode_set(1, FIPS_AUTH_USER_PASS))
+		{
+		printf("\tError entering FIPS mode\n");
+		st_err++;
+		}
+
+	printf("    Testing induced failure of X9.31 CPRNG test\n");
+	FIPS_x931_stick(1);
+	if (!FIPS_x931_set_key(dummy_drbg_entropy, 32))
+		{
+		printf("\tError initialiasing X9.31 PRNG\n");
+		st_err++;
+		}
+	if (!FIPS_x931_seed(dummy_drbg_entropy + 32, 16))
+		{
+		printf("\tError seeding X9.31 PRNG\n");
+		st_err++;
+		}
+	if (FIPS_x931_bytes(out, 10) > 0)
+		{
+		printf("\tX9.31 continuous PRNG failure OK incorrectly!!\n");
+		st_err++;
+		}
+	else
+		printf("\tX9.31 continuous PRNG failed as expected\n");
+	FIPS_x931_stick(0);
+
+	printf("  Induced failure test completed with %d errors\n", st_err);
+	post_quiet = 0; 
+	no_err = 0;
+	BN_free(bn);
+	FIPS_rsa_free(rsa);
+	FIPS_dsa_free(dsa);
+	FIPS_ec_key_free(ec);
+	if (st_err)
+		return 0;
+	return 1;
+	}
+
+#ifdef FIPS_ALGVS
+int fips_test_suite_main(int argc, char **argv)
+#else
+int main(int argc, char **argv)
+#endif
+    {
+    char **args = argv + 1;
     int bad_rsa = 0, bad_dsa = 0;
     int do_rng_stick = 0;
     int do_drbg_stick = 0;
     int no_exit = 0;
-    int no_dh = 0;
+    int no_dh = 0, no_drbg = 0;
     char *pass = FIPS_AUTH_USER_PASS;
+    int fullpost = 0, fullerr = 0;
 
     FIPS_post_set_callback(post_cb);
 
@@ -1010,95 +1274,106 @@ int main(int argc,char **argv)
 
     printf("\t%s\n\n", FIPS_module_version_text());
 
-    if (argv[1]) {
+    while(*args) {
         /* Corrupted KAT tests */
-        if (!strcmp(argv[1], "integrity")) {
+        if (!strcmp(*args, "integrity")) {
 	    fail_id = FIPS_TEST_INTEGRITY;
-        } else if (!strcmp(argv[1], "aes")) {
+        } else if (!strcmp(*args, "aes")) {
 	    fail_id = FIPS_TEST_CIPHER;
 	    fail_sub = NID_aes_128_ecb;	
-        } else if (!strcmp(argv[1], "aes-ccm")) {
+        } else if (!strcmp(*args, "aes-ccm")) {
 	    fail_id = FIPS_TEST_CCM;
-        } else if (!strcmp(argv[1], "aes-gcm")) {
+        } else if (!strcmp(*args, "aes-gcm")) {
 	    fail_id = FIPS_TEST_GCM;
-        } else if (!strcmp(argv[1], "aes-xts")) {
+        } else if (!strcmp(*args, "aes-xts")) {
 	    fail_id = FIPS_TEST_XTS;
-        } else if (!strcmp(argv[1], "des")) {
+        } else if (!strcmp(*args, "des")) {
 	    fail_id = FIPS_TEST_CIPHER;
 	    fail_sub = NID_des_ede3_ecb;	
-        } else if (!strcmp(argv[1], "dsa")) {
+        } else if (!strcmp(*args, "dsa")) {
 	    fail_id = FIPS_TEST_SIGNATURE;
 	    fail_key = EVP_PKEY_DSA;	
         } else if (!strcmp(argv[1], "ecdh")) {
 	    fail_id = FIPS_TEST_ECDH;
-        } else if (!strcmp(argv[1], "ecdsa")) {
+        } else if (!strcmp(*args, "ecdsa")) {
 	    fail_id = FIPS_TEST_SIGNATURE;
 	    fail_key = EVP_PKEY_EC;	
-        } else if (!strcmp(argv[1], "rsa")) {
+        } else if (!strcmp(*args, "rsa")) {
 	    fail_id = FIPS_TEST_SIGNATURE;
 	    fail_key = EVP_PKEY_RSA;	
-        } else if (!strcmp(argv[1], "rsakey")) {
+        } else if (!strcmp(*args, "rsakey")) {
             printf("RSA key generation and signature validation with corrupted key...\n");
 	    bad_rsa = 1;
 	    no_exit = 1;
-        } else if (!strcmp(argv[1], "rsakeygen")) {
+        } else if (!strcmp(*args, "rsakeygen")) {
 	    fail_id = FIPS_TEST_PAIRWISE;
 	    fail_key = EVP_PKEY_RSA;
 	    no_exit = 1;
-        } else if (!strcmp(argv[1], "dsakey")) {
+        } else if (!strcmp(*args, "dsakey")) {
             printf("DSA key generation and signature validation with corrupted key...\n");
 	    bad_dsa = 1;
 	    no_exit = 1;
-        } else if (!strcmp(argv[1], "dsakeygen")) {
+        } else if (!strcmp(*args, "dsakeygen")) {
 	    fail_id = FIPS_TEST_PAIRWISE;
 	    fail_key = EVP_PKEY_DSA;
 	    no_exit = 1;
-        } else if (!strcmp(argv[1], "sha1")) {
+        } else if (!strcmp(*args, "sha1")) {
 	    fail_id = FIPS_TEST_DIGEST;
-        } else if (!strcmp(argv[1], "hmac")) {
+        } else if (!strcmp(*args, "hmac")) {
 	    fail_id = FIPS_TEST_HMAC;
-        } else if (!strcmp(argv[1], "cmac")) {
+        } else if (!strcmp(*args, "cmac")) {
 	    fail_id = FIPS_TEST_CMAC;
-	} else if (!strcmp(argv[1], "drbg")) {
+	} else if (!strcmp(*args, "drbg")) {
 	    fail_id = FIPS_TEST_DRBG;
 	} else if (!strcmp(argv[1], "rng")) {
 	    fail_id = FIPS_TEST_X931;
-	} else if (!strcmp(argv[1], "nodh")) {
+	} else if (!strcmp(*args, "nodrbg")) {
+	    no_drbg = 1;
+	    no_exit = 1;
+	} else if (!strcmp(*args, "nodh")) {
 	    no_dh = 1;
 	    no_exit = 1;
-	} else if (!strcmp(argv[1], "post")) {
+	} else if (!strcmp(*args, "post")) {
 	    fail_id = -1;
-	} else if (!strcmp(argv[1], "rngstick")) {
+	} else if (!strcmp(*args, "rngstick")) {
 	    do_rng_stick = 1;
 	    no_exit = 1;
 	    printf("RNG test with stuck continuous test...\n");
-	} else if (!strcmp(argv[1], "drbgentstick")) {
+	} else if (!strcmp(*args, "drbgentstick")) {
 		do_entropy_stick();
-	} else if (!strcmp(argv[1], "drbgstick")) {
+	} else if (!strcmp(*args, "drbgstick")) {
 	    do_drbg_stick = 1;
 	    no_exit = 1;
 	    printf("DRBG test with stuck continuous test...\n");
-	} else if (!strcmp(argv[1], "user")) {
+	} else if (!strcmp(*args, "user")) {
 		pass = FIPS_AUTH_USER_PASS;
-	} else if (!strcmp(argv[1], "officer")) {
+	} else if (!strcmp(*args, "officer")) {
 		pass = FIPS_AUTH_OFFICER_PASS;
-	} else if (!strcmp(argv[1], "badpass")) {
+	} else if (!strcmp(*args, "badpass")) {
 		pass = "bad invalid password";
-	} else if (!strcmp(argv[1], "nopass")) {
+	} else if (!strcmp(*args, "nopass")) {
 		pass = "";
+	} else if (!strcmp(*args, "fullpost")) {
+		fullpost = 1;
+	    	no_exit = 1;
+	} else if (!strcmp(*args, "fullerr")) {
+		fullerr = 1;
+	    	no_exit = 1;
         } else {
-            printf("Bad argument \"%s\"\n", argv[1]);
-            exit(1);
+            printf("Bad argument \"%s\"\n", *args);
+            return 1;
         }
-	if (!no_exit) {
+    args++;
+    }
+
+    if ((argc != 1) && !no_exit) {
     		fips_algtest_init_nofips();
         	if (!FIPS_module_mode_set(1, pass)) {
         	    printf("Power-up self test failed\n");
-		    exit(1);
+		    return 1;
 		}
         	printf("Power-up self test successful\n");
-        	exit(0);
-	}
+        	return 0;
     }
 
     fips_algtest_init_nofips();
@@ -1116,11 +1391,11 @@ int main(int argc,char **argv)
     ERR_clear_error();
     test_msg("2. Automatic power-up self test", FIPS_module_mode_set(1, pass));
     if (!FIPS_module_mode())
-	exit(1);
+	return 1;
     if (do_drbg_stick)
-            FIPS_drbg_stick();
+            FIPS_drbg_stick(1);
     if (do_rng_stick)
-            FIPS_x931_stick();
+            FIPS_x931_stick(1);
 
     /* AES encryption/decryption
     */
@@ -1216,9 +1491,15 @@ int main(int argc,char **argv)
 					: Fail("failed INCORRECTLY!") );
 
     printf("12. DRBG generation check...\n");
+    if (no_drbg)
+	printf("\tskipped\n");
+    else
     	printf("\t%s\n", do_drbg_all() ? "successful as expected"
 					: Fail("failed INCORRECTLY!") );
 
+    printf("13. Induced test failure check...\n");
+    printf("\t%s\n", do_fail_all(fullpost, fullerr) ? "successful as expected"
+					: Fail("failed INCORRECTLY!") );
     printf("\nAll tests completed with %d errors\n", Error);
     return Error ? 1 : 0;
     }

fips/fips_utl.h

@@ -47,6 +47,9 @@
  *
  */
 
+#ifndef FIPS_UTL_H
+#define FIPS_UTL_H
+
 #define OPENSSL_FIPSAPI
 
 #include <openssl/fips_rand.h>
@@ -487,3 +490,5 @@ int fips_strcasecmp(const char *str1, const char *str2)
 	return fips_strncasecmp(str1, str2, (size_t)-1);
 	}
 
+
+#endif

fips/fipsld

@@ -1,6 +1,6 @@
 #!/bin/sh -e
 #
-# Copyright (c) 2005-2007 The OpenSSL Project.
+# Copyright (c) 2005-2011 The OpenSSL Project.
 #
 # Depending on output file name, the script either embeds fingerprint
 # into libcrypto.so or static application. "Static" refers to static
@@ -127,12 +127,15 @@ lib*|*.dll)	# must be linking a shared lib...
 		"${PREMAIN_C}" \
 		${_WL_PREMAIN} "$@"
 
-	# generate signature...
-	if [ -z "${FIPS_SIG}" ]; then
-		SIG=`"${PREMAIN_DSO}" "${TARGET}"`
-	else
-		SIG=`"${FIPS_SIG}" -dso "${TARGET}"`
+	if [ "x${FIPS_SIG}" != "x" ]; then
+		# embed signature
+		"${FIPS_SIG}" "${TARGET}"
+		[ $? -ne 42 ] && exit $?
 	fi
+
+	# generate signature...
+	SIG=`"${PREMAIN_DSO}" "${TARGET}"`
+
 	/bin/rm -f "${TARGET}"
 	if [ -z "${SIG}" ]; then
 	   echo "unable to collect signature"; exit 1
@@ -172,12 +175,15 @@ lib*|*.dll)	# must be linking a shared lib...
 		"${PREMAIN_C}" \
 		${_WL_PREMAIN} "$@"
 
-	# generate signature...
-	if [ -z "${FIPS_SIG}" ]; then
-		SIG=`"${TARGET}"`
-	else
-		SIG=`"${FIPS_SIG}" -exe "${TARGET}"`
+	if [ "x${FIPS_SIG}" != "x" ]; then
+		# embed signature
+		"${FIPS_SIG}" "${TARGET}"
+		[ $? -ne 42 ] && exit $?
 	fi
+
+	# generate signature...
+	SIG=`"${TARGET}"`
+
 	/bin/rm -f "${TARGET}"
 	if [ -z "${SIG}" ]; then
 	   echo "unable to collect signature"; exit 1

fips/hmac/fips_hmactest.c

@@ -85,7 +85,11 @@ static int print_hmac(const EVP_MD *md, FILE *out,
 		unsigned char *Key, int Klen,
 		unsigned char *Msg, int Msglen, int Tlen);
 
+#ifdef FIPS_ALGVS
+int fips_hmactest_main(int argc, char **argv)
+#else
 int main(int argc, char **argv)
+#endif
 	{
 	FILE *in = NULL, *out = NULL;
 

fips/rand/fips_drbg_lib.c

@@ -154,6 +154,8 @@ static size_t fips_get_entropy(DRBG_CTX *dctx, unsigned char **pout,
 	{
 	unsigned char *tout, *p;
 	size_t bl = dctx->entropy_blocklen, rv;
+	if (!dctx->get_entropy)
+		return 0;
 	if (dctx->xflags & DRBG_FLAG_TEST || !bl)
 		return dctx->get_entropy(dctx, pout, entropy, min_len, max_len);
 	rv = dctx->get_entropy(dctx, &tout, entropy + bl,
@@ -241,7 +243,7 @@ int FIPS_drbg_instantiate(DRBG_CTX *dctx,
 		goto end;
 		}
 
-	if (dctx->max_nonce > 0)
+	if (dctx->max_nonce > 0 && dctx->get_nonce)
 		{
 		noncelen = dctx->get_nonce(dctx, &nonce,
 					dctx->strength / 2,
@@ -544,9 +546,9 @@ void FIPS_drbg_set_reseed_interval(DRBG_CTX *dctx, int interval)
 
 static int drbg_stick = 0;
 
-void FIPS_drbg_stick(void)
+void FIPS_drbg_stick(int onoff)
 	{
-	drbg_stick = 1;
+	drbg_stick = onoff;
 	}
 
 /* Continuous DRBG utility function */

fips/rand/fips_drbg_selftest.c

@@ -582,7 +582,6 @@ static int fips_drbg_error_check(DRBG_CTX *dctx, DRBG_SELFTEST_DATA *td)
 		}
 		
 	dctx->iflags &= ~DRBG_FLAG_NOERR;
-
 	if (!FIPS_drbg_uninstantiate(dctx))
 		{
 		FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR);
@@ -617,28 +616,20 @@ static int fips_drbg_error_check(DRBG_CTX *dctx, DRBG_SELFTEST_DATA *td)
 		goto err;
 		}
 
-	/* Explicit reseed tests */
-
-	/* Test explicit reseed with too large additional input */
-	if (!do_drbg_init(dctx, td, &t))
-		goto err;
-
-	dctx->iflags |= DRBG_FLAG_NOERR;
-
-	if (FIPS_drbg_reseed(dctx, td->adin, dctx->max_adin + 1) > 0)
+	dctx->iflags &= ~DRBG_FLAG_NOERR;
+	if (!FIPS_drbg_uninstantiate(dctx))
 		{
-		FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_ADDITIONAL_INPUT_ERROR_UNDETECTED);
+		FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR);
 		goto err;
 		}
 
-	/* Test explicit reseed with entropy source failure */
-
 	/* Check prediction resistance request fails if entropy source
 	 * failure.
 	 */
 
 	t.entlen = 0;
 
+	dctx->iflags |= DRBG_FLAG_NOERR;
 	if (FIPS_drbg_generate(dctx, randout, td->katlen, 1,
 				td->adin, td->adinlen))
 		{
@@ -680,6 +671,13 @@ static int fips_drbg_error_check(DRBG_CTX *dctx, DRBG_SELFTEST_DATA *td)
 		goto err;
 		}
 
+	dctx->iflags &= ~DRBG_FLAG_NOERR;
+	if (!FIPS_drbg_uninstantiate(dctx))
+		{
+		FIPSerr(FIPS_F_FIPS_DRBG_ERROR_CHECK, FIPS_R_UNINSTANTIATE_ERROR);
+		goto err;
+		}
+
 	/* Explicit reseed tests */
 
 	/* Test explicit reseed with too large additional input */
@@ -696,11 +694,6 @@ static int fips_drbg_error_check(DRBG_CTX *dctx, DRBG_SELFTEST_DATA *td)
 
 	/* Test explicit reseed with entropy source failure */
 
-	if (!do_drbg_init(dctx, td, &t))
-		goto err;
-
-	dctx->iflags |= DRBG_FLAG_NOERR;
-
 	t.entlen = 0;
 
 	if (FIPS_drbg_reseed(dctx, td->adin, td->adinlen) > 0)

fips/rand/fips_drbgvs.c

@@ -76,7 +76,7 @@ int main(int argc, char **argv)
 
 #include "fips_utl.h"
 
-static int parse_md(char *str)
+static int dparse_md(char *str)
 	{
 	switch(atoi(str + 5))
 		{
@@ -115,7 +115,7 @@ static int parse_ec(char *str)
 		curve_nid = NID_secp521r1;
 	else
 		return NID_undef;
-	md_nid = parse_md(md);
+	md_nid = dparse_md(md);
 	if (md_nid == NID_undef)
 		return NID_undef;
 	return (curve_nid << 16) | md_nid;
@@ -170,11 +170,13 @@ static size_t test_nonce(DRBG_CTX *dctx, unsigned char **pout,
 	return t->noncelen;
 	}
 
-
-
+#ifdef FIPS_ALGVS
+int fips_drbgvs_main(int argc,char **argv)
+#else
 int main(int argc,char **argv)
+#endif
 	{
-	FILE *in, *out;
+	FILE *in = NULL, *out = NULL;
 	DRBG_CTX *dctx = NULL;
 	TEST_ENT t;
 	int r, nid = 0;
@@ -240,7 +242,7 @@ int main(int argc,char **argv)
 			}
 		if (strlen(buf) > 4 && !strncmp(buf, "[SHA-", 5))
 			{
-			nid = parse_md(buf);
+			nid = dparse_md(buf);
 			if (nid == NID_undef)
 				exit(1);
 			if (drbg_type == DRBG_HMAC)
@@ -404,6 +406,10 @@ int main(int argc,char **argv)
 			}
 
 		}
+	if (in && in != stdin)
+		fclose(in);
+	if (out && out != stdout)
+		fclose(out);
 	return 0;
 	}
 

fips/rand/fips_rand.c

@@ -114,9 +114,9 @@ static FIPS_PRNG_CTX sctx;
 
 static int fips_prng_fail = 0;
 
-void FIPS_x931_stick(void)
+void FIPS_x931_stick(int onoff)
 	{
-	fips_prng_fail = 1;
+	fips_prng_fail = onoff;
 	}
 
 static void fips_rand_prng_reset(FIPS_PRNG_CTX *ctx)

fips/rand/fips_rand_selftest.c

@@ -129,15 +129,16 @@ static AES_PRNG_TV aes_256_tv =
 static int do_x931_test(unsigned char *key, int keylen,
 			AES_PRNG_TV *tv)
 	{
-	unsigned char R[16];
+	unsigned char R[16], V[16];
 	int rv = 1;
+	memcpy(V, tv->V, sizeof(V));
 	if (!FIPS_x931_set_key(key, keylen))
 		return 0;
 	if (!fips_post_started(FIPS_TEST_X931, keylen, NULL))
 		return 1;
 	if (!fips_post_corrupt(FIPS_TEST_X931, keylen, NULL))
-		tv->V[0]++;
-	FIPS_x931_seed(tv->V, 16);
+		V[0]++;
+	FIPS_x931_seed(V, 16);
 	FIPS_x931_set_dt(tv->DT);
 	FIPS_x931_bytes(R, 16);
 	if (memcmp(R, tv->R, 16))

fips/rand/fips_rngvs.c

@@ -198,7 +198,11 @@ static void mct(FILE *in, FILE *out)
 	}
     }
 
-int main(int argc,char **argv)
+#ifdef FIPS_ALGVS
+int fips_rngvs_main(int argc, char **argv)
+#else
+int main(int argc, char **argv)
+#endif
     {
     FILE *in, *out;
     if (argc == 4)

fips/rsa/fips_rsa_sign.c

@@ -442,4 +442,33 @@ err:
 	return(ret);
 	}
 
+int FIPS_rsa_sign(RSA *rsa, const unsigned char *msg, int msglen,
+			const EVP_MD *mhash, int rsa_pad_mode, int saltlen,
+			const EVP_MD *mgf1Hash,
+			unsigned char *sigret, unsigned int *siglen)
+	{
+	unsigned int md_len, rv;
+	unsigned char md[EVP_MAX_MD_SIZE];
+        FIPS_digest(msg, msglen, md, &md_len, mhash);
+	rv = FIPS_rsa_sign_digest(rsa, md, md_len, mhash, rsa_pad_mode,
+					saltlen, mgf1Hash, sigret, siglen);
+	OPENSSL_cleanse(md, md_len);
+	return rv;
+	}
+
+
+int FIPS_rsa_verify(RSA *rsa, const unsigned char *msg, int msglen,
+			const EVP_MD *mhash, int rsa_pad_mode, int saltlen,
+			const EVP_MD *mgf1Hash,
+			const unsigned char *sigbuf, unsigned int siglen)
+	{
+	unsigned int md_len, rv;
+	unsigned char md[EVP_MAX_MD_SIZE];
+        FIPS_digest(msg, msglen, md, &md_len, mhash);
+	rv = FIPS_rsa_verify_digest(rsa, md, md_len, mhash, rsa_pad_mode,
+					saltlen, mgf1Hash, sigbuf, siglen);
+	OPENSSL_cleanse(md, md_len);
+	return rv;
+	}
+
 #endif

fips/rsa/fips_rsagtest.c

@@ -88,7 +88,11 @@ static int rsa_printkey1(FILE *out, RSA *rsa,
 static int rsa_printkey2(FILE *out, RSA *rsa,
 		BIGNUM *Xq1, BIGNUM *Xq2, BIGNUM *Xq);
 
+#ifdef FIPS_ALGVS
+int fips_rsagtest_main(int argc, char **argv)
+#else
 int main(int argc, char **argv)
+#endif
 	{
 	FILE *in = NULL, *out = NULL;
 

fips/rsa/fips_rsastest.c

@@ -85,7 +85,11 @@ static int rsa_stest(FILE *out, FILE *in, int Saltlen);
 static int rsa_printsig(FILE *out, RSA *rsa, const EVP_MD *dgst,
 		unsigned char *Msg, long Msglen, int Saltlen);
 
+#ifdef FIPS_ALGVS
+int fips_rsastest_main(int argc, char **argv)
+#else
 int main(int argc, char **argv)
+#endif
 	{
 	FILE *in = NULL, *out = NULL;
 
@@ -321,15 +325,12 @@ static int rsa_printsig(FILE *out, RSA *rsa, const EVP_MD *dgst,
 	unsigned char *sigbuf = NULL;
 	int i, siglen, pad_mode;
 	/* EVP_PKEY structure */
-	EVP_MD_CTX ctx;
 
 	siglen = RSA_size(rsa);
 	sigbuf = OPENSSL_malloc(siglen);
 	if (!sigbuf)
 		goto error;
 
-	FIPS_md_ctx_init(&ctx);
-
 	if (Saltlen >= 0)
 		pad_mode = RSA_PKCS1_PSS_PADDING;
 	else if (Saltlen == -2)
@@ -337,16 +338,10 @@ static int rsa_printsig(FILE *out, RSA *rsa, const EVP_MD *dgst,
 	else
 		pad_mode = RSA_PKCS1_PADDING;
 
-	if (!FIPS_digestinit(&ctx, dgst))
-		goto error;
-	if (!FIPS_digestupdate(&ctx, Msg, Msglen))
-		goto error;
-	if (!FIPS_rsa_sign_ctx(rsa, &ctx, pad_mode, Saltlen, NULL,
+	if (!FIPS_rsa_sign(rsa, Msg, Msglen, dgst, pad_mode, Saltlen, NULL,
 				sigbuf, (unsigned int *)&siglen))
 		goto error;
 
-	FIPS_md_ctx_cleanup(&ctx);
-
 	fputs("S = ", out);
 
 	for (i = 0; i < siglen; i++)
@@ -358,6 +353,9 @@ static int rsa_printsig(FILE *out, RSA *rsa, const EVP_MD *dgst,
 
 	error:
 
+	if (sigbuf)
+		OPENSSL_free(sigbuf);
+
 	return ret;
 	}
 #endif

fips/rsa/fips_rsavtest.c

@@ -82,14 +82,18 @@ int main(int argc, char *argv[])
 
 #include "fips_utl.h"
 
-int rsa_test(FILE *out, FILE *in, int saltlen);
+int rsa_vtest(FILE *out, FILE *in, int saltlen);
 static int rsa_printver(FILE *out,
 		BIGNUM *n, BIGNUM *e,
 		const EVP_MD *dgst,
 		unsigned char *Msg, long Msglen,
 		unsigned char *S, long Slen, int Saltlen);
 
+#ifdef FIPS_ALGVS
+int fips_rsavtest_main(int argc, char **argv)
+#else
 int main(int argc, char **argv)
+#endif
 	{
 	FILE *in = NULL, *out = NULL;
 
@@ -138,7 +142,7 @@ int main(int argc, char **argv)
 		goto end;
 		}
 
-	if (!rsa_test(out, in, Saltlen))
+	if (!rsa_vtest(out, in, Saltlen))
 		{
 		fprintf(stderr, "FATAL RSAVTEST file processing error\n");
 		goto end;
@@ -159,7 +163,7 @@ int main(int argc, char **argv)
 
 #define RSA_TEST_MAXLINELEN	10240
 
-int rsa_test(FILE *out, FILE *in, int Saltlen)
+int rsa_vtest(FILE *out, FILE *in, int Saltlen)
 	{
 	char *linebuf, *olinebuf, *p, *q;
 	char *keyword, *value;
@@ -319,7 +323,6 @@ static int rsa_printver(FILE *out,
 	int ret = 0, r, pad_mode;
 	/* Setup RSA and EVP_PKEY structures */
 	RSA *rsa_pubkey = NULL;
-	EVP_MD_CTX ctx;
 	unsigned char *buf = NULL;
 	rsa_pubkey = FIPS_rsa_new();
 	if (!rsa_pubkey)
@@ -329,8 +332,6 @@ static int rsa_printver(FILE *out,
 	if (!rsa_pubkey->n || !rsa_pubkey->e)
 		goto error;
 
-	FIPS_md_ctx_init(&ctx);
-
 	if (Saltlen >= 0)
 		pad_mode = RSA_PKCS1_PSS_PADDING;
 	else if (Saltlen == -2)
@@ -338,19 +339,11 @@ static int rsa_printver(FILE *out,
 	else
 		pad_mode = RSA_PKCS1_PADDING;
 
-	if (!FIPS_digestinit(&ctx, dgst))
-		goto error;
-	if (!FIPS_digestupdate(&ctx, Msg, Msglen))
-		goto error;
-
 	no_err = 1;
-	r = FIPS_rsa_verify_ctx(rsa_pubkey, &ctx,
+	r = FIPS_rsa_verify(rsa_pubkey, Msg, Msglen, dgst,
 				pad_mode, Saltlen, NULL, S, Slen);
 	no_err = 0;
 
-
-	FIPS_md_ctx_cleanup(&ctx);
-
 	if (r < 0)
 		goto error;
 

fips/sha/fips_shatest.c

@@ -86,7 +86,11 @@ static int print_dgst(const EVP_MD *md, FILE *out,
 static int print_monte(const EVP_MD *md, FILE *out,
 		unsigned char *Seed, int SeedLen);
 
+#ifdef FIPS_ALGVS
+int fips_shatest_main(int argc, char **argv)
+#else
 int main(int argc, char **argv)
+#endif
 	{
 	FILE *in = NULL, *out = NULL;
 

test/Makefile

@@ -81,6 +81,7 @@ FIPS_ECDHVS=	fips_ecdhvs
 FIPS_ECDSAVS=	fips_ecdsavs
 FIPS_TEST_SUITE=fips_test_suite
 FIPS_CMACTEST=	fips_cmactest
+FIPS_ALGVS=	fips_algvs
 
 TESTS=		alltests
 
@@ -119,7 +120,7 @@ OBJ=	$(BNTEST).o $(ECTEST).o  $(ECDSATEST).o $(ECDHTEST).o $(IDEATEST).o \
 	$(FIPS_RSASTEST).o $(FIPS_RSAGTEST).o $(FIPS_GCMTEST).o \
 	$(FIPS_DSSVS).o $(FIPS_DSATEST).o $(FIPS_RNGVS).o $(FIPS_DRBGVS).o \
 	$(FIPS_TEST_SUITE).o $(FIPS_DHVS).o $(FIPS_ECDSAVS).o \
-	$(FIPS_ECDHVS).o $(FIPS_CMACTEST).o \
+	$(FIPS_ECDHVS).o $(FIPS_CMACTEST).o $(FIPS_ALGVS).o \
 	$(EVPTEST).o $(IGETEST).o $(JPAKETEST).o
 SRC=	$(BNTEST).c $(ECTEST).c  $(ECDSATEST).c $(ECDHTEST).c $(IDEATEST).c \
 	$(MD2TEST).c  $(MD4TEST).c $(MD5TEST).c \
@@ -133,7 +134,7 @@ SRC=	$(BNTEST).c $(ECTEST).c  $(ECDSATEST).c $(ECDHTEST).c $(IDEATEST).c \
 	$(FIPS_RSASTEST).c $(FIPS_RSAGTEST).c $(FIPS_GCMTEST).c \
 	$(FIPS_DSSVS).c $(FIPS_DSATEST).c $(FIPS_RNGVS).c $(FIPS_DRBGVS).c \
 	$(FIPS_TEST_SUITE).c $(FIPS_DHVS).c $(FIPS_ECDSAVS).c \
-	$(FIPS_ECDHVS).c $(FIPS_CMACTEST).c \
+	$(FIPS_ECDHVS).c $(FIPS_CMACTEST).c $(FIPS_ALGVS).c \
 	$(EVPTEST).c $(IGETEST).c $(JPAKETEST).c
 
 EXHEADER= 
@@ -150,6 +151,8 @@ exe:	$(EXE) $(FIPSEXE) dummytest$(EXE_EXT)
 
 fipsexe:	$(FIPSEXE)
 
+fipsalgvs:	$(FIPS_ALGVS)
+
 files:
 	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
 
@@ -504,6 +507,9 @@ $(FIPS_TEST_SUITE)$(EXE_EXT): $(FIPS_TEST_SUITE).o $(DLIBCRYPTO)
 $(FIPS_CMACTEST)$(EXE_EXT): $(FIPS_CMACTEST).o $(DLIBCRYPTO)
 	@target=$(FIPS_CMACTEST); $(FIPS_BUILD_CMD)
 
+$(FIPS_ALGVS)$(EXE_EXT): $(FIPS_ALGVS).o $(DLIBCRYPTO)
+	@target=$(FIPS_ALGVS); $(FIPS_BUILD_CMD)
+
 $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
 	@target=$(RMDTEST); $(BUILD_CMD)
 

test/fips_algvs.c

@@ -0,0 +1,330 @@
+/* test/fips_algvs.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2011
+ */
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <openssl/crypto.h>
+#include <openssl/opensslconf.h>
+
+#ifndef OPENSSL_FIPS
+#include <stdio.h>
+
+int main(int argc, char **argv)
+{
+    printf("No FIPS ALGVS support\n");
+    return 0;
+}
+#else
+
+#define FIPS_ALGVS
+
+extern int fips_aesavs_main(int argc, char **argv);
+extern int fips_cmactest_main(int argc, char **argv);
+extern int fips_desmovs_main(int argc, char **argv);
+extern int fips_dhvs_main(int argc, char **argv);
+extern int fips_drbgvs_main(int argc,char **argv);
+extern int fips_dssvs_main(int argc, char **argv);
+extern int fips_ecdhvs_main(int argc, char **argv);
+extern int fips_ecdsavs_main(int argc, char **argv);
+extern int fips_gcmtest_main(int argc, char **argv);
+extern int fips_hmactest_main(int argc, char **argv);
+extern int fips_rngvs_main(int argc, char **argv);
+extern int fips_rsagtest_main(int argc, char **argv);
+extern int fips_rsastest_main(int argc, char **argv);
+extern int fips_rsavtest_main(int argc, char **argv);
+extern int fips_shatest_main(int argc, char **argv);
+extern int fips_test_suite_main(int argc, char **argv);
+
+#include "fips_aesavs.c"
+#include "fips_cmactest.c"
+#include "fips_desmovs.c"
+#include "fips_dhvs.c"
+#include "fips_drbgvs.c"
+#include "fips_dssvs.c"
+#include "fips_ecdhvs.c"
+#include "fips_ecdsavs.c"
+#include "fips_gcmtest.c"
+#include "fips_hmactest.c"
+#include "fips_rngvs.c"
+#include "fips_rsagtest.c"
+#include "fips_rsastest.c"
+#include "fips_rsavtest.c"
+#include "fips_shatest.c"
+#include "fips_test_suite.c"
+
+typedef struct
+	{
+	const char *name;
+	int (*func)(int argc, char **argv);
+	} ALGVS_FUNCTION;
+
+static ALGVS_FUNCTION algvs[] = {
+	{"fips_aesavs", fips_aesavs_main}, 
+	{"fips_cmactest", fips_cmactest_main}, 
+	{"fips_desmovs", fips_desmovs_main}, 
+	{"fips_dhvs", fips_dhvs_main}, 
+	{"fips_drbgvs", fips_drbgvs_main}, 
+	{"fips_dssvs", fips_dssvs_main}, 
+	{"fips_ecdhvs", fips_ecdhvs_main}, 
+	{"fips_ecdsavs", fips_ecdsavs_main}, 
+	{"fips_gcmtest", fips_gcmtest_main}, 
+	{"fips_hmactest", fips_hmactest_main}, 
+	{"fips_rngvs", fips_rngvs_main}, 
+	{"fips_rsagtest", fips_rsagtest_main}, 
+	{"fips_rsastest", fips_rsastest_main}, 
+	{"fips_rsavtest", fips_rsavtest_main}, 
+	{"fips_shatest", fips_shatest_main}, 
+	{"fips_test_suite", fips_test_suite_main}, 
+	{NULL, 0}
+	};
+
+/* Argument parsing taken from apps/apps.c */
+
+typedef struct args_st
+	{
+	char **data;
+	int count;
+	} ARGS;
+
+static int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
+	{
+	int num,i;
+	char *p;
+
+	*argc=0;
+	*argv=NULL;
+
+	i=0;
+	if (arg->count == 0)
+		{
+		arg->count=20;
+		arg->data=(char **)OPENSSL_malloc(sizeof(char *)*arg->count);
+		}
+	for (i=0; i<arg->count; i++)
+		arg->data[i]=NULL;
+
+	num=0;
+	p=buf;
+	for (;;)
+		{
+		/* first scan over white space */
+		if (!*p) break;
+		while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n')))
+			p++;
+		if (!*p) break;
+
+		/* The start of something good :-) */
+		if (num >= arg->count)
+			{
+			fprintf(stderr, "Too many arguments!!\n");
+			return 0;
+			}
+		arg->data[num++]=p;
+
+		/* now look for the end of this */
+		if ((*p == '\'') || (*p == '\"')) /* scan for closing quote */
+			{
+			i= *(p++);
+			arg->data[num-1]++; /* jump over quote */
+			while (*p && (*p != i))
+				p++;
+			*p='\0';
+			}
+		else
+			{
+			while (*p && ((*p != ' ') &&
+				(*p != '\t') && (*p != '\n')))
+				p++;
+
+			if (*p == '\0')
+				p--;
+			else
+				*p='\0';
+			}
+		p++;
+		}
+	*argc=num;
+	*argv=arg->data;
+	return(1);
+	}
+
+static int run_prg(int argc, char **argv)
+	{
+	ALGVS_FUNCTION *t;
+	const char *prg_name;
+	prg_name = strrchr(argv[0], '/');
+	if (prg_name)
+		prg_name++;
+	else
+		prg_name = argv[0];
+	for (t = algvs; t->name; t++)
+		{
+		if (!strcmp(prg_name, t->name))
+			return t->func(argc, argv);
+		}
+	return -100;
+	}
+
+int main(int argc, char **argv)
+	{
+	char buf[1024];
+	char **args = argv + 1;
+	const char *sname = "fipstests.sh";
+	ARGS arg;
+	int xargc;
+	char **xargv;
+	int lineno = 0, badarg = 0;
+	int nerr = 0, quiet = 0, verbose = 0;
+	int rv;
+	FILE *in = NULL;
+#ifdef FIPS_ALGVS_MEMCHECK
+	CRYPTO_malloc_debug_init();
+	OPENSSL_init();
+	CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+#endif
+
+	if (*args && *args[0] != '-')
+		{
+		rv = run_prg(argc - 1, args);
+#ifdef FIPS_ALGVS_MEMCHECK
+		CRYPTO_mem_leaks_fp(stderr);
+#endif
+		return rv;
+		}
+	while (!badarg && *args && *args[0] == '-')
+		{
+		if (!strcmp(*args, "-script"))
+			{
+			if (args[1])
+				{
+				args++;
+				sname = *args;
+				}
+			else
+				badarg = 1;
+			}
+		else if (!strcmp(*args, "-quiet"))
+			quiet = 1;
+		else if (!strcmp(*args, "-verbose"))
+			verbose = 1;
+		else
+			badarg = 1;
+		args++;
+		}
+
+	if (badarg)
+		{
+		fprintf(stderr, "Error processing arguments\n");
+		return 1;
+		}
+
+	in = fopen(sname, "r");
+	if (!in)
+		{
+		fprintf(stderr, "Error opening script file \"%s\"\n", sname);
+		return 1;
+		}
+
+	arg.data = NULL;
+	arg.count = 0;
+
+	while (fgets(buf, sizeof(buf), in))
+		{
+		lineno++;
+		if (!chopup_args(&arg, buf, &xargc, &xargv))
+			fprintf(stderr, "Error processing line %d\n", lineno);
+		else
+			{
+			if (!quiet)
+				{
+				int i;
+				int narg = verbose ? xargc : xargc - 2;
+				printf("Running command line:");
+				for (i = 0; i < narg; i++)
+					printf(" %s", xargv[i]);
+				printf("\n");
+				}
+			rv = run_prg(xargc, xargv);
+			if (FIPS_module_mode())
+				FIPS_module_mode_set(0, NULL);
+			if (rv != 0)
+				nerr++;
+			if (rv == -100)
+				fprintf(stderr, "ERROR: Command not found\n");
+			else if (rv != 0)
+				fprintf(stderr, "ERROR: returned %d\n", rv);
+			else if (verbose)
+				printf("\tCommand run successfully\n");
+			}
+		}
+
+	if (!quiet)
+		printf("Completed with %d errors\n", nerr);
+
+	if (arg.data)
+		OPENSSL_free(arg.data);
+
+	fclose(in);
+#ifdef FIPS_ALGVS_MEMCHECK
+	CRYPTO_mem_leaks_fp(stderr);
+#endif
+	if (nerr == 0)
+		return 0;
+	return 1;
+	}
+#endif

util/fipsdist.pl

@@ -76,7 +76,7 @@ while (<STDIN>)
 		}
 	if (/^test\//)
 		{
-		next unless /Makefile/ || /dummytest.c/;
+		next unless /Makefile/ || /dummytest.c/ || /fips_algvs.c/ ;
 		}
 	print "$_\n";
 	}

util/incore

@@ -34,6 +34,7 @@
 	@e_ident{magic,class,data,version,osabi,abiver,pad}=
 		unpack("a4C*",$elf);
 
+	$!=42;		# signal fipsld to revert to two-step link
 	die "not ELF file" if ($e_ident{magic} ne chr(0177)."ELF");
 
 	my $elf_bits   = $e_ident{class}*32;	# 32 or 64
@@ -377,7 +378,7 @@ $FIPS_text_endX		= $exe->Lookup("FIPS_text_endX");
 if (!$legacy_mode) {
     if (!$FIPS_text_startX || !$FIPS_text_endX) {
 	print STDERR "@ARGV[$#ARGV] is not cross-compiler aware.\n";
-	exit(1);
+	exit(42);	# signal fipsld to revert to two-step link
     }
 
     $FINGERPRINT_ascii_value