int FIPS_selftest_dsa()
{
DSA *dsa=NULL;
EVP_PKEY pk;
int ret = 0;
dsa = FIPS_dsa_new();
if(dsa == NULL)
goto err;
fips_load_key_component(dsa, p, dsa_test_2048);
fips_load_key_component(dsa, q, dsa_test_2048);
fips_load_key_component(dsa, g, dsa_test_2048);
fips_load_key_component(dsa, pub_key, dsa_test_2048);
fips_load_key_component(dsa, priv_key, dsa_test_2048);
pk.type = EVP_PKEY_DSA;
pk.pkey.dsa = dsa;
if (!fips_pkey_signature_test(FIPS_TEST_SIGNATURE, &pk, NULL, 0,
NULL, 0, EVP_sha384(), 0,
"DSA SHA384"))
goto err;
ret = 1;
err:
if (dsa)
FIPS_dsa_free(dsa);
return ret;
}
static void keypair(FILE *in, FILE *out)
{
char buf[1024];
char lbuf[1024];
char *keyword, *value;
int dsa2, L, N;
while(fgets(buf,sizeof buf,in) != NULL)
{
if (!parse_line(&keyword, &value, lbuf, buf))
{
continue;
}
if(!strcmp(keyword,"[mod"))
{
if (!parse_mod(value, &dsa2, &L, &N, NULL))
{
fprintf(stderr, "Mod Parse Error\n");
exit (1);
}
fputs(buf,out);
}
else if(!strcmp(keyword,"N"))
{
DSA *dsa;
int n=atoi(value);
dsa = FIPS_dsa_new();
if (!dsa2 && !dsa_builtin_paramgen(dsa, L, N, NULL, NULL, 0,
NULL, NULL, NULL, NULL))
{
fprintf(stderr, "Parameter Generation error\n");
exit(1);
}
if (dsa2 && dsa_builtin_paramgen2(dsa, L, N, NULL, NULL, 0, -1,
NULL, NULL, NULL, NULL) <= 0)
{
fprintf(stderr, "Parameter Generation error\n");
exit(1);
}
do_bn_print_name(out, "P",dsa->p);
do_bn_print_name(out, "Q",dsa->q);
do_bn_print_name(out, "G",dsa->g);
fputs(RESP_EOL, out);
while(n--)
{
if (!DSA_generate_key(dsa))
exit(1);
do_bn_print_name(out, "X",dsa->priv_key);
do_bn_print_name(out, "Y",dsa->pub_key);
fputs(RESP_EOL, out);
}
if (dsa)
FIPS_dsa_free(dsa);
}
}
}
/*
* DSA: generate keys and sign, verify input plaintext.
*/
static int FIPS_dsa_test(int bad)
{
DSA *dsa = NULL;
EVP_PKEY pk;
unsigned char dgst[] = "etaonrishdlc";
unsigned char buf[60];
unsigned int slen;
int r = 0;
EVP_MD_CTX mctx;
ERR_clear_error();
EVP_MD_CTX_init(&mctx);
dsa = FIPS_dsa_new();
if (!dsa)
goto end;
if (!DSA_generate_parameters_ex(dsa, 1024,NULL,0,NULL,NULL,NULL))
goto end;
if (!DSA_generate_key(dsa))
goto end;
if (bad)
BN_add_word(dsa->pub_key, 1);
pk.type = EVP_PKEY_DSA;
pk.pkey.dsa = dsa;
if (!EVP_SignInit_ex(&mctx, EVP_dss1(), NULL))
goto end;
if (!EVP_SignUpdate(&mctx, dgst, sizeof(dgst) - 1))
goto end;
if (!EVP_SignFinal(&mctx, buf, &slen, &pk))
goto end;
if (!EVP_VerifyInit_ex(&mctx, EVP_dss1(), NULL))
goto end;
if (!EVP_VerifyUpdate(&mctx, dgst, sizeof(dgst) - 1))
goto end;
r = EVP_VerifyFinal(&mctx, buf, slen, &pk);
end:
EVP_MD_CTX_cleanup(&mctx);
if (dsa)
FIPS_dsa_free(dsa);
if (r != 1)
return 0;
return 1;
}
/*
* DSA: generate keys and sign, verify input plaintext.
*/
static int FIPS_dsa_test(int bad)
{
DSA *dsa = NULL;
unsigned char dgst[] = "etaonrishdlc";
int r = 0;
EVP_MD_CTX mctx;
DSA_SIG *sig = NULL;
ERR_clear_error();
FIPS_md_ctx_init(&mctx);
dsa = FIPS_dsa_new();
if (!dsa)
goto end;
if (!DSA_generate_parameters_ex(dsa, 1024,NULL,0,NULL,NULL,NULL))
goto end;
if (!DSA_generate_key(dsa))
goto end;
if (bad)
BN_add_word(dsa->pub_key, 1);
if (!FIPS_digestinit(&mctx, EVP_sha256()))
goto end;
if (!FIPS_digestupdate(&mctx, dgst, sizeof(dgst) - 1))
goto end;
sig = FIPS_dsa_sign_ctx(dsa, &mctx);
if (!sig)
goto end;
if (!FIPS_digestinit(&mctx, EVP_sha256()))
goto end;
if (!FIPS_digestupdate(&mctx, dgst, sizeof(dgst) - 1))
goto end;
r = FIPS_dsa_verify_ctx(dsa, &mctx, sig);
end:
if (sig)
FIPS_dsa_sig_free(sig);
FIPS_md_ctx_cleanup(&mctx);
if (dsa)
FIPS_dsa_free(dsa);
if (r != 1)
return 0;
return 1;
}
static void sigver(FILE *in, FILE *out)
{
DSA *dsa=NULL;
char buf[1024];
char lbuf[1024];
unsigned char msg[1024];
char *keyword, *value;
int n=0;
int dsa2, L, N;
const EVP_MD *md = NULL;
DSA_SIG sg, *sig = &sg;
sig->r = NULL;
sig->s = NULL;
while(fgets(buf,sizeof buf,in) != NULL)
{
if (!parse_line(&keyword, &value, lbuf, buf))
{
fputs(buf,out);
continue;
}
fputs(buf,out);
if(!strcmp(keyword,"[mod"))
{
if (!parse_mod(value, &dsa2, &L, &N, &md))
{
fprintf(stderr, "Mod Parse Error\n");
exit (1);
}
if (dsa)
FIPS_dsa_free(dsa);
dsa = FIPS_dsa_new();
}
else if(!strcmp(keyword,"P"))
dsa->p=hex2bn(value);
else if(!strcmp(keyword,"Q"))
dsa->q=hex2bn(value);
else if(!strcmp(keyword,"G"))
dsa->g=hex2bn(value);
else if(!strcmp(keyword,"Msg"))
n=hex2bin(value,msg);
else if(!strcmp(keyword,"Y"))
dsa->pub_key=hex2bn(value);
else if(!strcmp(keyword,"R"))
sig->r=hex2bn(value);
else if(!strcmp(keyword,"S"))
{
EVP_MD_CTX mctx;
int r;
FIPS_md_ctx_init(&mctx);
sig->s=hex2bn(value);
FIPS_digestinit(&mctx, md);
FIPS_digestupdate(&mctx, msg, n);
no_err = 1;
r = FIPS_dsa_verify_ctx(dsa, &mctx, sig);
no_err = 0;
FIPS_md_ctx_cleanup(&mctx);
fprintf(out, "Result = %c\n\n", r == 1 ? 'P' : 'F');
}
}
}
static void siggen(FILE *in, FILE *out)
{
char buf[1024];
char lbuf[1024];
char *keyword, *value;
int dsa2, L, N;
const EVP_MD *md = NULL;
DSA *dsa=NULL;
while(fgets(buf,sizeof buf,in) != NULL)
{
if (!parse_line(&keyword, &value, lbuf, buf))
{
fputs(buf,out);
continue;
}
fputs(buf,out);
if(!strcmp(keyword,"[mod"))
{
if (!parse_mod(value, &dsa2, &L, &N, &md))
{
fprintf(stderr, "Mod Parse Error\n");
exit (1);
}
if (dsa)
FIPS_dsa_free(dsa);
dsa = FIPS_dsa_new();
if (!dsa2 && !dsa_builtin_paramgen(dsa, L, N, md, NULL, 0,
NULL, NULL, NULL, NULL))
{
fprintf(stderr, "Parameter Generation error\n");
exit(1);
}
if (dsa2 && dsa_builtin_paramgen2(dsa, L, N, md, NULL, 0,
NULL, NULL, NULL, NULL) <= 0)
{
fprintf(stderr, "Parameter Generation error\n");
exit(1);
}
do_bn_print_name(out, "P",dsa->p);
do_bn_print_name(out, "Q",dsa->q);
do_bn_print_name(out, "G",dsa->g);
fputs("\n", out);
}
else if(!strcmp(keyword,"Msg"))
{
unsigned char msg[1024];
int n;
EVP_MD_CTX mctx;
DSA_SIG *sig;
FIPS_md_ctx_init(&mctx);
n=hex2bin(value,msg);
if (!DSA_generate_key(dsa))
exit(1);
do_bn_print_name(out, "Y",dsa->pub_key);
FIPS_digestinit(&mctx, md);
FIPS_digestupdate(&mctx, msg, n);
sig = FIPS_dsa_sign_ctx(dsa, &mctx);
do_bn_print_name(out, "R",sig->r);
do_bn_print_name(out, "S",sig->s);
fputs("\n", out);
FIPS_dsa_sig_free(sig);
FIPS_md_ctx_cleanup(&mctx);
}
}
if (dsa)
FIPS_dsa_free(dsa);
}
static void pqgver(FILE *in, FILE *out)
{
char buf[1024];
char lbuf[1024];
char *keyword, *value;
BIGNUM *p = NULL, *q = NULL, *g = NULL;
int counter=-1, counter2;
unsigned long h=0, h2;
DSA *dsa=NULL;
int dsa2, L, N, part_test = 0;
const EVP_MD *md = NULL;
int seedlen=-1;
unsigned char seed[1024];
while(fgets(buf,sizeof buf,in) != NULL)
{
if (!parse_line(&keyword, &value, lbuf, buf))
{
if (p && q)
{
part_test = 1;
goto partial;
}
fputs(buf,out);
continue;
}
fputs(buf, out);
if(!strcmp(keyword,"[mod"))
{
if (!parse_mod(value, &dsa2, &L, &N, &md))
{
fprintf(stderr, "Mod Parse Error\n");
exit (1);
}
}
else if(!strcmp(keyword,"P"))
p=hex2bn(value);
else if(!strcmp(keyword,"Q"))
q=hex2bn(value);
else if(!strcmp(keyword,"G"))
g=hex2bn(value);
else if(!strcmp(keyword,"Seed"))
{
seedlen = hex2bin(value, seed);
if (!dsa2 && seedlen != 20)
{
fprintf(stderr, "Seed parse length error\n");
exit (1);
}
}
else if(!strcmp(keyword,"c"))
counter =atoi(buf+4);
partial:
if(!strcmp(keyword,"H") || part_test)
{
if (!part_test)
h = atoi(value);
if (!p || !q || (!g && !part_test))
{
fprintf(stderr, "Parse Error\n");
exit (1);
}
dsa = FIPS_dsa_new();
if (!dsa2 && !dsa_builtin_paramgen(dsa, L, N, md,
seed, seedlen, NULL,
&counter2, &h2, NULL))
{
fprintf(stderr, "Parameter Generation error\n");
exit(1);
}
if (dsa2 && dsa_builtin_paramgen2(dsa, L, N, md,
seed, seedlen, NULL,
&counter2, &h2, NULL) < 0)
{
fprintf(stderr, "Parameter Generation error\n");
exit(1);
}
if (BN_cmp(dsa->p, p) || BN_cmp(dsa->q, q) ||
(!part_test &&
((BN_cmp(dsa->g, g) || (counter != counter2) || (h != h2)))))
fprintf(out, "Result = F\n");
else
fprintf(out, "Result = P\n");
BN_free(p);
BN_free(q);
BN_free(g);
p = NULL;
q = NULL;
g = NULL;
FIPS_dsa_free(dsa);
dsa = NULL;
if (part_test)
{
fputs(buf,out);
part_test = 0;
}
}
}
}
static void sigver()
{
DSA *dsa = NULL;
char buf[1024];
char lbuf[1024];
unsigned char msg[1024];
char *keyword, *value;
int nmod = 0, n = 0;
DSA_SIG sg, *sig = &sg;
sig->r = NULL;
sig->s = NULL;
while (fgets(buf, sizeof buf, stdin) != NULL) {
if (!parse_line(&keyword, &value, lbuf, buf)) {
fputs(buf, stdout);
continue;
}
if (!strcmp(keyword, "[mod")) {
nmod = atoi(value);
if (dsa)
FIPS_dsa_free(dsa);
dsa = FIPS_dsa_new();
} else if (!strcmp(keyword, "P"))
dsa->p = hex2bn(value);
else if (!strcmp(keyword, "Q"))
dsa->q = hex2bn(value);
else if (!strcmp(keyword, "G")) {
dsa->g = hex2bn(value);
printf("[mod = %d]\n\n", nmod);
pbn("P", dsa->p);
pbn("Q", dsa->q);
pbn("G", dsa->g);
putc('\n', stdout);
} else if (!strcmp(keyword, "Msg")) {
n = hex2bin(value, msg);
pv("Msg", msg, n);
} else if (!strcmp(keyword, "Y"))
dsa->pub_key = hex2bn(value);
else if (!strcmp(keyword, "R"))
sig->r = hex2bn(value);
else if (!strcmp(keyword, "S")) {
EVP_MD_CTX mctx;
EVP_PKEY pk;
unsigned char sigbuf[60];
unsigned int slen;
int r;
EVP_MD_CTX_init(&mctx);
pk.type = EVP_PKEY_DSA;
pk.pkey.dsa = dsa;
sig->s = hex2bn(value);
pbn("Y", dsa->pub_key);
pbn("R", sig->r);
pbn("S", sig->s);
slen = FIPS_dsa_sig_encode(sigbuf, sig);
EVP_VerifyInit_ex(&mctx, EVP_dss1(), NULL);
EVP_VerifyUpdate(&mctx, msg, n);
r = EVP_VerifyFinal(&mctx, sigbuf, slen, &pk);
EVP_MD_CTX_cleanup(&mctx);
printf("Result = %c\n", r == 1 ? 'P' : 'F');
putc('\n', stdout);
}
}
}
static void siggen()
{
char buf[1024];
char lbuf[1024];
char *keyword, *value;
int nmod = 0;
DSA *dsa = NULL;
while (fgets(buf, sizeof buf, stdin) != NULL) {
if (!parse_line(&keyword, &value, lbuf, buf)) {
fputs(buf, stdout);
continue;
}
if (!strcmp(keyword, "[mod")) {
nmod = atoi(value);
printf("[mod = %d]\n\n", nmod);
if (dsa)
FIPS_dsa_free(dsa);
dsa = FIPS_dsa_new();
if (!DSA_generate_parameters_ex
(dsa, nmod, NULL, 0, NULL, NULL, NULL)) {
do_print_errors();
exit(1);
}
pbn("P", dsa->p);
pbn("Q", dsa->q);
pbn("G", dsa->g);
putc('\n', stdout);
} else if (!strcmp(keyword, "Msg")) {
unsigned char msg[1024];
unsigned char sbuf[60];
unsigned int slen;
int n;
EVP_PKEY pk;
EVP_MD_CTX mctx;
DSA_SIG *sig;
EVP_MD_CTX_init(&mctx);
n = hex2bin(value, msg);
pv("Msg", msg, n);
if (!DSA_generate_key(dsa)) {
do_print_errors();
exit(1);
}
pk.type = EVP_PKEY_DSA;
pk.pkey.dsa = dsa;
pbn("Y", dsa->pub_key);
EVP_SignInit_ex(&mctx, EVP_dss1(), NULL);
EVP_SignUpdate(&mctx, msg, n);
EVP_SignFinal(&mctx, sbuf, &slen, &pk);
sig = DSA_SIG_new();
FIPS_dsa_sig_decode(sig, sbuf, slen);
pbn("R", sig->r);
pbn("S", sig->s);
putc('\n', stdout);
DSA_SIG_free(sig);
EVP_MD_CTX_cleanup(&mctx);
}
}
if (dsa)
FIPS_dsa_free(dsa);
}
static void pqgver()
{
char buf[1024];
char lbuf[1024];
char *keyword, *value;
BIGNUM *p = NULL, *q = NULL, *g = NULL;
int counter, counter2;
unsigned long h, h2;
DSA *dsa = NULL;
int nmod = 0;
unsigned char seed[1024];
while (fgets(buf, sizeof buf, stdin) != NULL) {
if (!parse_line(&keyword, &value, lbuf, buf)) {
fputs(buf, stdout);
continue;
}
fputs(buf, stdout);
if (!strcmp(keyword, "[mod"))
nmod = atoi(value);
else if (!strcmp(keyword, "P"))
p = hex2bn(value);
else if (!strcmp(keyword, "Q"))
q = hex2bn(value);
else if (!strcmp(keyword, "G"))
g = hex2bn(value);
else if (!strcmp(keyword, "Seed")) {
int slen = hex2bin(value, seed);
if (slen != 20) {
fprintf(stderr, "Seed parse length error\n");
exit(1);
}
} else if (!strcmp(keyword, "c"))
counter = atoi(buf + 4);
else if (!strcmp(keyword, "H")) {
h = atoi(value);
if (!p || !q || !g) {
fprintf(stderr, "Parse Error\n");
exit(1);
}
dsa = FIPS_dsa_new();
if (!DSA_generate_parameters_ex
(dsa, nmod, seed, 20, &counter2, &h2, NULL)) {
do_print_errors();
exit(1);
}
if (BN_cmp(dsa->p, p) || BN_cmp(dsa->q, q) || BN_cmp(dsa->g, g)
|| (counter != counter2) || (h != h2))
printf("Result = F\n");
else
printf("Result = P\n");
BN_free(p);
BN_free(q);
BN_free(g);
p = NULL;
q = NULL;
g = NULL;
FIPS_dsa_free(dsa);
dsa = NULL;
}
}
}
static void sigver(FILE *in, FILE *out)
{
DSA *dsa=NULL;
char buf[1024];
char lbuf[1024];
unsigned char msg[1024];
char *keyword, *value;
int n=0;
int dsa2, L, N;
const EVP_MD *md = NULL;
DSA_SIG sg, *sig = &sg;
sig->r = NULL;
sig->s = NULL;
while(fgets(buf,sizeof buf,in) != NULL)
{
if (!parse_line(&keyword, &value, lbuf, buf))
{
fputs(buf,out);
continue;
}
fputs(buf,out);
if(!strcmp(keyword,"[mod"))
{
if (!parse_mod(value, &dsa2, &L, &N, &md))
{
fprintf(stderr, "Mod Parse Error\n");
exit (1);
}
if (dsa)
FIPS_dsa_free(dsa);
dsa = FIPS_dsa_new();
}
else if(!strcmp(keyword,"P"))
do_hex2bn(&dsa->p, value);
else if(!strcmp(keyword,"Q"))
do_hex2bn(&dsa->q, value);
else if(!strcmp(keyword,"G"))
do_hex2bn(&dsa->g, value);
else if(!strcmp(keyword,"Msg"))
n=hex2bin(value,msg);
else if(!strcmp(keyword,"Y"))
do_hex2bn(&dsa->pub_key, value);
else if(!strcmp(keyword,"R"))
sig->r=hex2bn(value);
else if(!strcmp(keyword,"S"))
{
int r;
sig->s=hex2bn(value);
no_err = 1;
r = FIPS_dsa_verify(dsa, msg, n, md, sig);
no_err = 0;
if (sig->s)
{
BN_free(sig->s);
sig->s = NULL;
}
if (sig->r)
{
BN_free(sig->r);
sig->r = NULL;
}
fprintf(out, "Result = %c" RESP_EOL RESP_EOL, r == 1 ? 'P' : 'F');
}
}
if (dsa)
FIPS_dsa_free(dsa);
}
static void pqgver(FILE *in, FILE *out)
{
char buf[1024];
char lbuf[1024];
char *keyword, *value;
BIGNUM *p = NULL, *q = NULL, *g = NULL;
int counter=-1, counter2;
unsigned long h=0, h2;
DSA *dsa=NULL;
int dsa2, L, N, part_test = 0;
const EVP_MD *md = NULL;
int seedlen=-1, idxlen, idx = -1;
unsigned char seed[1024], idtmp[1024];
while(fgets(buf,sizeof buf,in) != NULL)
{
if (!parse_line(&keyword, &value, lbuf, buf))
{
if (p && q)
{
part_test = 1;
goto partial;
}
fputs(buf,out);
continue;
}
fputs(buf, out);
if(!strcmp(keyword,"[mod"))
{
if (!parse_mod(value, &dsa2, &L, &N, &md))
{
fprintf(stderr, "Mod Parse Error\n");
exit (1);
}
}
else if(!strcmp(keyword,"P"))
p=hex2bn(value);
else if(!strcmp(keyword,"Q"))
q=hex2bn(value);
else if(!strcmp(keyword,"G"))
g=hex2bn(value);
else if(!strcmp(keyword,"firstseed"))
seedlen = hex2bin(value, seed);
else if(!strcmp(keyword,"pseed"))
seedlen += hex2bin(value, seed + seedlen);
else if(!strcmp(keyword,"qseed"))
seedlen += hex2bin(value, seed + seedlen);
else if(!strcmp(keyword,"Seed")
|| !strcmp(keyword,"domain_parameter_seed"))
{
seedlen = hex2bin(value, seed);
if (!dsa2 && seedlen != 20)
{
fprintf(stderr, "Seed parse length error\n");
exit (1);
}
if (idx > 0)
part_test = 1;
}
else if(!strcmp(keyword,"index"))
{
idxlen = hex2bin(value, idtmp);
if (idxlen != 1)
{
fprintf(stderr, "Index value error\n");
exit (1);
}
idx = idtmp[0];
}
else if(!strcmp(keyword,"c"))
counter = atoi(buf+4);
partial:
if (part_test && idx < 0 && h == 0 && g)
{
dsa = FIPS_dsa_new();
dsa->p = BN_dup(p);
dsa->q = BN_dup(q);
dsa->g = BN_dup(g);
if (dsa_paramgen_check_g(dsa))
fprintf(out, "Result = P" RESP_EOL);
else
fprintf(out, "Result = F" RESP_EOL);
BN_free(p);
BN_free(q);
BN_free(g);
p = NULL;
q = NULL;
g = NULL;
FIPS_dsa_free(dsa);
dsa = NULL;
part_test = 0;
}
else if(!strcmp(keyword,"H") || part_test)
{
if (!part_test)
h = atoi(value);
if (!p || !q || (!g && !part_test))
{
fprintf(stderr, "Parse Error\n");
exit (1);
}
dsa = FIPS_dsa_new();
if (idx >= 0)
{
dsa->p = BN_dup(p);
dsa->q = BN_dup(q);
}
no_err = 1;
if (!dsa2 && !dsa_builtin_paramgen(dsa, L, N, md,
seed, seedlen, NULL,
&counter2, &h2, NULL))
{
fprintf(stderr, "Parameter Generation error\n");
exit(1);
}
if (dsa2 && dsa_builtin_paramgen2(dsa, L, N, md,
seed, seedlen, idx, NULL,
&counter2, &h2, NULL) < 0)
{
fprintf(stderr, "Parameter Generation error\n");
exit(1);
}
no_err = 0;
if (idx >= 0)
{
if (BN_cmp(dsa->g, g))
fprintf(out, "Result = F" RESP_EOL);
else
fprintf(out, "Result = P" RESP_EOL);
}
else if (BN_cmp(dsa->p, p) || BN_cmp(dsa->q, q) ||
(!part_test &&
((BN_cmp(dsa->g, g) || (counter != counter2) || (h != h2)))))
fprintf(out, "Result = F" RESP_EOL);
else
fprintf(out, "Result = P" RESP_EOL);
BN_free(p);
BN_free(q);
BN_free(g);
p = NULL;
q = NULL;
g = NULL;
FIPS_dsa_free(dsa);
dsa = NULL;
if (part_test)
{
if (idx == -1)
fputs(buf,out);
part_test = 0;
}
idx = -1;
}
}
}
static void pqg(FILE *in, FILE *out)
{
char buf[1024];
char lbuf[1024];
char *keyword, *value;
int dsa2, L, N;
const EVP_MD *md = NULL;
BIGNUM *p = NULL, *q = NULL;
enum pqtype { PQG_NONE, PQG_PQ, PQG_G, PQG_GCANON}
pqg_type = PQG_NONE;
int seedlen=-1, idxlen, idx = -1;
unsigned char seed[1024], idtmp[1024];
while(fgets(buf,sizeof buf,in) != NULL)
{
if (buf[0] == '[')
{
if (strstr(buf, "Probable"))
pqg_type = PQG_PQ;
else if (strstr(buf, "Unverifiable"))
pqg_type = PQG_G;
else if (strstr(buf, "Canonical"))
pqg_type = PQG_GCANON;
}
if (!parse_line(&keyword, &value, lbuf, buf))
{
fputs(buf,out);
continue;
}
if (strcmp(keyword, "Num"))
fputs(buf,out);
if(!strcmp(keyword,"[mod"))
{
if (!parse_mod(value, &dsa2, &L, &N, &md))
{
fprintf(stderr, "Mod Parse Error\n");
exit (1);
}
}
else if(!strcmp(keyword,"N")
|| (!strcmp(keyword, "Num") && pqg_type == PQG_PQ))
{
int n=atoi(value);
while(n--)
{
DSA *dsa;
int counter;
unsigned long h;
dsa = FIPS_dsa_new();
if (!dsa2 && !dsa_builtin_paramgen(dsa, L, N, md,
NULL, 0, seed,
&counter, &h, NULL))
{
fprintf(stderr, "Parameter Generation error\n");
exit(1);
}
if (dsa2 && dsa_builtin_paramgen2(dsa, L, N, md,
NULL, 0, -1, seed,
&counter, &h, NULL) <= 0)
{
fprintf(stderr, "Parameter Generation error\n");
exit(1);
}
do_bn_print_name(out, "P",dsa->p);
do_bn_print_name(out, "Q",dsa->q);
if (!dsa2)
do_bn_print_name(out, "G",dsa->g);
OutputValue(dsa2 ? "domain_parameter_seed" : "Seed",
seed, M_EVP_MD_size(md), out, 0);
if (!dsa2)
{
fprintf(out, "c = %d" RESP_EOL, counter);
fprintf(out, "H = %lx" RESP_EOL RESP_EOL,h);
}
else
{
fprintf(out, "counter = %d" RESP_EOL RESP_EOL, counter);
}
FIPS_dsa_free(dsa);
}
}
else if(!strcmp(keyword,"P"))
p=hex2bn(value);
else if(!strcmp(keyword,"Q"))
q=hex2bn(value);
else if(!strcmp(keyword,"domain_parameter_seed"))
seedlen = hex2bin(value, seed);
else if(!strcmp(keyword,"firstseed"))
seedlen = hex2bin(value, seed);
else if(!strcmp(keyword,"pseed"))
seedlen += hex2bin(value, seed + seedlen);
else if(!strcmp(keyword,"qseed"))
seedlen += hex2bin(value, seed + seedlen);
else if(!strcmp(keyword,"index"))
{
idxlen = hex2bin(value, idtmp);
if (idxlen != 1)
{
fprintf(stderr, "Index value error\n");
exit (1);
}
idx = idtmp[0];
}
if ((idx >= 0 && pqg_type == PQG_GCANON) || (q && pqg_type == PQG_G))
{
DSA *dsa;
dsa = FIPS_dsa_new();
dsa->p = p;
dsa->q = q;
p = q = NULL;
if (dsa_builtin_paramgen2(dsa, L, N, md,
seed, seedlen, idx, NULL,
NULL, NULL, NULL) <= 0)
{
fprintf(stderr, "Parameter Generation error\n");
exit(1);
}
do_bn_print_name(out, "G",dsa->g);
FIPS_dsa_free(dsa);
idx = -1;
}
}
}
int main(int argc, char **argv)
{
DSA *dsa=NULL;
EVP_PKEY pk;
int counter,ret=0,i,j;
unsigned int slen;
unsigned char buf[256];
unsigned long h;
BN_GENCB cb;
EVP_MD_CTX mctx;
BN_GENCB_set(&cb, dsa_cb, stderr);
EVP_MD_CTX_init(&mctx);
if(!FIPS_mode_set(1))
{
do_print_errors();
EXIT(1);
}
fprintf(stderr,"test generation of DSA parameters\n");
dsa = FIPS_dsa_new();
DSA_generate_parameters_ex(dsa, 1024,seed,20,&counter,&h,&cb);
fprintf(stderr,"seed\n");
for (i=0; i<20; i+=4)
{
fprintf(stderr,"%02X%02X%02X%02X ",
seed[i],seed[i+1],seed[i+2],seed[i+3]);
}
fprintf(stderr,"\ncounter=%d h=%ld\n",counter,h);
if (dsa == NULL) goto end;
if (counter != 16)
{
fprintf(stderr,"counter should be 105\n");
goto end;
}
if (h != 2)
{
fprintf(stderr,"h should be 2\n");
goto end;
}
i=BN_bn2bin(dsa->q,buf);
j=sizeof(out_q);
if ((i != j) || (memcmp(buf,out_q,i) != 0))
{
fprintf(stderr,"q value is wrong\n");
goto end;
}
i=BN_bn2bin(dsa->p,buf);
j=sizeof(out_p);
if ((i != j) || (memcmp(buf,out_p,i) != 0))
{
fprintf(stderr,"p value is wrong\n");
goto end;
}
i=BN_bn2bin(dsa->g,buf);
j=sizeof(out_g);
if ((i != j) || (memcmp(buf,out_g,i) != 0))
{
fprintf(stderr,"g value is wrong\n");
goto end;
}
DSA_generate_key(dsa);
pk.type = EVP_PKEY_DSA;
pk.pkey.dsa = dsa;
if (!EVP_SignInit_ex(&mctx, EVP_dss1(), NULL))
goto end;
if (!EVP_SignUpdate(&mctx, str1, 20))
goto end;
if (!EVP_SignFinal(&mctx, buf, &slen, &pk))
goto end;
if (!EVP_VerifyInit_ex(&mctx, EVP_dss1(), NULL))
goto end;
if (!EVP_VerifyUpdate(&mctx, str1, 20))
goto end;
if (EVP_VerifyFinal(&mctx, buf, slen, &pk) != 1)
goto end;
ret = 1;
end:
if (!ret)
do_print_errors();
if (dsa != NULL) FIPS_dsa_free(dsa);
EVP_MD_CTX_cleanup(&mctx);
#if 0
CRYPTO_mem_leaks(bio_err);
#endif
EXIT(!ret);
return(!ret);
}
int main(int argc, char **argv)
{
DSA *dsa=NULL;
DSA_SIG *sig = NULL;
int counter,ret=0,i,j;
unsigned char buf[256];
unsigned long h;
BN_GENCB cb;
BN_GENCB_set(&cb, dsa_cb, stderr);
fips_algtest_init();
fprintf(stderr,"test generation of DSA parameters\n");
dsa = FIPS_dsa_new();
DSA_generate_parameters_ex(dsa, 1024,seed,20,&counter,&h,&cb);
fprintf(stderr,"seed\n");
for (i=0; i<20; i+=4)
{
fprintf(stderr,"%02X%02X%02X%02X ",
seed[i],seed[i+1],seed[i+2],seed[i+3]);
}
fprintf(stderr,"\ncounter=%d h=%ld\n",counter,h);
if (dsa == NULL) goto end;
if (counter != 16)
{
fprintf(stderr,"counter should be 105\n");
goto end;
}
if (h != 2)
{
fprintf(stderr,"h should be 2\n");
goto end;
}
i=BN_bn2bin(dsa->q,buf);
j=sizeof(out_q);
if ((i != j) || (memcmp(buf,out_q,i) != 0))
{
fprintf(stderr,"q value is wrong\n");
goto end;
}
i=BN_bn2bin(dsa->p,buf);
j=sizeof(out_p);
if ((i != j) || (memcmp(buf,out_p,i) != 0))
{
fprintf(stderr,"p value is wrong\n");
goto end;
}
i=BN_bn2bin(dsa->g,buf);
j=sizeof(out_g);
if ((i != j) || (memcmp(buf,out_g,i) != 0))
{
fprintf(stderr,"g value is wrong\n");
goto end;
}
DSA_generate_key(dsa);
sig = FIPS_dsa_sign(dsa, str1, 20, EVP_sha1());
if (!sig)
goto end;
if (FIPS_dsa_verify(dsa, str1, 20, EVP_sha1(), sig) != 1)
goto end;
ret = 1;
end:
if (sig)
FIPS_dsa_sig_free(sig);
if (dsa != NULL) FIPS_dsa_free(dsa);
#if 0
CRYPTO_mem_leaks(bio_err);
#endif
EXIT(!ret);
return(!ret);
}
int FIPS_selftest_dsa()
{
DSA *dsa=NULL;
int counter,i,j, ret = 0;
unsigned int slen;
unsigned char buf[256];
unsigned long h;
EVP_MD_CTX mctx;
EVP_PKEY pk;
EVP_MD_CTX_init(&mctx);
dsa = FIPS_dsa_new();
if(dsa == NULL)
goto err;
if(!DSA_generate_parameters_ex(dsa, 1024,seed,20,&counter,&h,NULL))
goto err;
if (counter != 378)
goto err;
if (h != 2)
goto err;
i=BN_bn2bin(dsa->q,buf);
j=sizeof(out_q);
if (i != j || memcmp(buf,out_q,i) != 0)
goto err;
i=BN_bn2bin(dsa->p,buf);
j=sizeof(out_p);
if (i != j || memcmp(buf,out_p,i) != 0)
goto err;
i=BN_bn2bin(dsa->g,buf);
j=sizeof(out_g);
if (i != j || memcmp(buf,out_g,i) != 0)
goto err;
DSA_generate_key(dsa);
pk.type = EVP_PKEY_DSA;
pk.pkey.dsa = dsa;
if (!EVP_SignInit_ex(&mctx, EVP_dss1(), NULL))
goto err;
if (!EVP_SignUpdate(&mctx, str1, 20))
goto err;
if (!EVP_SignFinal(&mctx, buf, &slen, &pk))
goto err;
if (!EVP_VerifyInit_ex(&mctx, EVP_dss1(), NULL))
goto err;
if (!EVP_VerifyUpdate(&mctx, str1, 20))
goto err;
if (EVP_VerifyFinal(&mctx, buf, slen, &pk) != 1)
goto err;
ret = 1;
err:
EVP_MD_CTX_cleanup(&mctx);
if (dsa)
FIPS_dsa_free(dsa);
if (ret == 0)
FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED);
return ret;
}