/*
* DSA: generate keys and sign, verify input plaintext.
*/
static int FIPS_dsa_test(int bad)
{
DSA *dsa = NULL;
unsigned char dgst[] = "etaonrishdlc";
int r = 0;
EVP_MD_CTX mctx;
DSA_SIG *sig = NULL;
ERR_clear_error();
FIPS_md_ctx_init(&mctx);
dsa = FIPS_dsa_new();
if (!dsa)
goto end;
if (!DSA_generate_parameters_ex(dsa, 1024,NULL,0,NULL,NULL,NULL))
goto end;
if (!DSA_generate_key(dsa))
goto end;
if (bad)
BN_add_word(dsa->pub_key, 1);
if (!FIPS_digestinit(&mctx, EVP_sha256()))
goto end;
if (!FIPS_digestupdate(&mctx, dgst, sizeof(dgst) - 1))
goto end;
sig = FIPS_dsa_sign_ctx(dsa, &mctx);
if (!sig)
goto end;
if (!FIPS_digestinit(&mctx, EVP_sha256()))
goto end;
if (!FIPS_digestupdate(&mctx, dgst, sizeof(dgst) - 1))
goto end;
r = FIPS_dsa_verify_ctx(dsa, &mctx, sig);
end:
if (sig)
FIPS_dsa_sig_free(sig);
FIPS_md_ctx_cleanup(&mctx);
if (dsa)
FIPS_dsa_free(dsa);
if (r != 1)
return 0;
return 1;
}
int fips_pkey_signature_test(int id, EVP_PKEY *pkey,
const unsigned char *tbs, size_t tbslen,
const unsigned char *kat, size_t katlen,
const EVP_MD *digest, int pad_mode,
const char *fail_str)
{
int subid;
void *ex = NULL;
int ret = 0;
unsigned char *sig = NULL;
unsigned int siglen;
static const unsigned char str1[]="12345678901234567890";
DSA_SIG *dsig = NULL;
ECDSA_SIG *esig = NULL;
EVP_MD_CTX mctx;
FIPS_md_ctx_init(&mctx);
if (tbs == NULL)
tbs = str1;
if (tbslen == 0)
tbslen = strlen((char *)tbs);
if (digest == NULL)
digest = EVP_sha256();
subid = M_EVP_MD_type(digest);
if (!fips_post_started(id, subid, pkey))
return 1;
if (!pkey || pkey->type == EVP_PKEY_RSA)
{
size_t sigsize;
if (!pkey)
sigsize = EVP_MAX_MD_SIZE;
else
sigsize = RSA_size(pkey->pkey.rsa);
sig = OPENSSL_malloc(sigsize);
if (!sig)
{
FIPSerr(FIPS_F_FIPS_PKEY_SIGNATURE_TEST,ERR_R_MALLOC_FAILURE);
goto error;
}
}
if (!FIPS_digestinit(&mctx, digest))
goto error;
if (!FIPS_digestupdate(&mctx, tbs, tbslen))
goto error;
if (!fips_post_corrupt(id, subid, pkey))
{
if (!FIPS_digestupdate(&mctx, tbs, 1))
goto error;
}
if (pkey == NULL)
{
if (!FIPS_digestfinal(&mctx, sig, &siglen))
goto error;
}
else if (pkey->type == EVP_PKEY_RSA)
{
if (!FIPS_rsa_sign_ctx(pkey->pkey.rsa, &mctx,
pad_mode, 0, NULL, sig, &siglen))
goto error;
}
else if (pkey->type == EVP_PKEY_DSA)
{
dsig = FIPS_dsa_sign_ctx(pkey->pkey.dsa, &mctx);
if (!dsig)
goto error;
}
else if (pkey->type == EVP_PKEY_EC)
{
esig = FIPS_ecdsa_sign_ctx(pkey->pkey.ec, &mctx);
if (!esig)
goto error;
}
if (kat && ((siglen != katlen) || memcmp(kat, sig, katlen)))
goto error;
#if 0
{
/* Debug code to print out self test KAT discrepancies */
unsigned int i;
fprintf(stderr, "%s=", fail_str);
for (i = 0; i < siglen; i++)
fprintf(stderr, "%02X", sig[i]);
fprintf(stderr, "\n");
goto error;
}
#endif
/* If just digest test we've finished */
if (pkey == NULL)
{
ret = 1;
/* Well actually sucess as we've set ret to 1 */
goto error;
}
if (!FIPS_digestinit(&mctx, digest))
goto error;
if (!FIPS_digestupdate(&mctx, tbs, tbslen))
goto error;
if (pkey->type == EVP_PKEY_RSA)
{
ret = FIPS_rsa_verify_ctx(pkey->pkey.rsa, &mctx,
pad_mode, 0, NULL, sig, siglen);
}
else if (pkey->type == EVP_PKEY_DSA)
{
ret = FIPS_dsa_verify_ctx(pkey->pkey.dsa, &mctx, dsig);
}
else if (pkey->type == EVP_PKEY_EC)
{
ret = FIPS_ecdsa_verify_ctx(pkey->pkey.ec, &mctx, esig);
}
error:
if (dsig != NULL)
FIPS_dsa_sig_free(dsig);
if (esig != NULL)
FIPS_ecdsa_sig_free(esig);
if (sig)
OPENSSL_free(sig);
FIPS_md_ctx_cleanup(&mctx);
if (ret != 1)
{
FIPSerr(FIPS_F_FIPS_PKEY_SIGNATURE_TEST,FIPS_R_TEST_FAILURE);
if (fail_str)
FIPS_add_error_data(2, "Type=", fail_str);
fips_post_failed(id, subid, ex);
return 0;
}
return fips_post_success(id, subid, pkey);
}
static void siggen(FILE *in, FILE *out)
{
char buf[1024];
char lbuf[1024];
char *keyword, *value;
int dsa2, L, N;
const EVP_MD *md = NULL;
DSA *dsa=NULL;
while(fgets(buf,sizeof buf,in) != NULL)
{
if (!parse_line(&keyword, &value, lbuf, buf))
{
fputs(buf,out);
continue;
}
fputs(buf,out);
if(!strcmp(keyword,"[mod"))
{
if (!parse_mod(value, &dsa2, &L, &N, &md))
{
fprintf(stderr, "Mod Parse Error\n");
exit (1);
}
if (dsa)
FIPS_dsa_free(dsa);
dsa = FIPS_dsa_new();
if (!dsa2 && !dsa_builtin_paramgen(dsa, L, N, md, NULL, 0,
NULL, NULL, NULL, NULL))
{
fprintf(stderr, "Parameter Generation error\n");
exit(1);
}
if (dsa2 && dsa_builtin_paramgen2(dsa, L, N, md, NULL, 0,
NULL, NULL, NULL, NULL) <= 0)
{
fprintf(stderr, "Parameter Generation error\n");
exit(1);
}
do_bn_print_name(out, "P",dsa->p);
do_bn_print_name(out, "Q",dsa->q);
do_bn_print_name(out, "G",dsa->g);
fputs("\n", out);
}
else if(!strcmp(keyword,"Msg"))
{
unsigned char msg[1024];
int n;
EVP_MD_CTX mctx;
DSA_SIG *sig;
FIPS_md_ctx_init(&mctx);
n=hex2bin(value,msg);
if (!DSA_generate_key(dsa))
exit(1);
do_bn_print_name(out, "Y",dsa->pub_key);
FIPS_digestinit(&mctx, md);
FIPS_digestupdate(&mctx, msg, n);
sig = FIPS_dsa_sign_ctx(dsa, &mctx);
do_bn_print_name(out, "R",sig->r);
do_bn_print_name(out, "S",sig->s);
fputs("\n", out);
FIPS_dsa_sig_free(sig);
FIPS_md_ctx_cleanup(&mctx);
}
}
if (dsa)
FIPS_dsa_free(dsa);
}
int main(int argc, char **argv)
{
DSA *dsa=NULL;
DSA_SIG *sig = NULL;
int counter,ret=0,i,j;
unsigned char buf[256];
unsigned long h;
BN_GENCB cb;
BN_GENCB_set(&cb, dsa_cb, stderr);
fips_algtest_init();
fprintf(stderr,"test generation of DSA parameters\n");
dsa = FIPS_dsa_new();
DSA_generate_parameters_ex(dsa, 1024,seed,20,&counter,&h,&cb);
fprintf(stderr,"seed\n");
for (i=0; i<20; i+=4)
{
fprintf(stderr,"%02X%02X%02X%02X ",
seed[i],seed[i+1],seed[i+2],seed[i+3]);
}
fprintf(stderr,"\ncounter=%d h=%ld\n",counter,h);
if (dsa == NULL) goto end;
if (counter != 16)
{
fprintf(stderr,"counter should be 105\n");
goto end;
}
if (h != 2)
{
fprintf(stderr,"h should be 2\n");
goto end;
}
i=BN_bn2bin(dsa->q,buf);
j=sizeof(out_q);
if ((i != j) || (memcmp(buf,out_q,i) != 0))
{
fprintf(stderr,"q value is wrong\n");
goto end;
}
i=BN_bn2bin(dsa->p,buf);
j=sizeof(out_p);
if ((i != j) || (memcmp(buf,out_p,i) != 0))
{
fprintf(stderr,"p value is wrong\n");
goto end;
}
i=BN_bn2bin(dsa->g,buf);
j=sizeof(out_g);
if ((i != j) || (memcmp(buf,out_g,i) != 0))
{
fprintf(stderr,"g value is wrong\n");
goto end;
}
DSA_generate_key(dsa);
sig = FIPS_dsa_sign(dsa, str1, 20, EVP_sha1());
if (!sig)
goto end;
if (FIPS_dsa_verify(dsa, str1, 20, EVP_sha1(), sig) != 1)
goto end;
ret = 1;
end:
if (sig)
FIPS_dsa_sig_free(sig);
if (dsa != NULL) FIPS_dsa_free(dsa);
#if 0
CRYPTO_mem_leaks(bio_err);
#endif
EXIT(!ret);
return(!ret);
}