Esempio n. 1
0
int FIPS_selftest_dsa()
	{
	DSA *dsa=NULL;
	EVP_PKEY pk;
	int ret = 0;

	dsa = FIPS_dsa_new();

	if(dsa == NULL)
		goto err;

	fips_load_key_component(dsa, p, dsa_test_2048);
	fips_load_key_component(dsa, q, dsa_test_2048);
	fips_load_key_component(dsa, g, dsa_test_2048);
	fips_load_key_component(dsa, pub_key, dsa_test_2048);
	fips_load_key_component(dsa, priv_key, dsa_test_2048);

	pk.type = EVP_PKEY_DSA;
	pk.pkey.dsa = dsa;

	if (!fips_pkey_signature_test(FIPS_TEST_SIGNATURE, &pk, NULL, 0,
					NULL, 0, EVP_sha384(), 0,
					"DSA SHA384"))
		goto err;
	ret = 1;

	err:
	if (dsa)
		FIPS_dsa_free(dsa);
	return ret;
	}
static void keypair(FILE *in, FILE *out)
    {
    char buf[1024];
    char lbuf[1024];
    char *keyword, *value;
    int dsa2, L, N;

    while(fgets(buf,sizeof buf,in) != NULL)
	{
	if (!parse_line(&keyword, &value, lbuf, buf))
		{
		continue;
		}
	if(!strcmp(keyword,"[mod"))
	    {
	    if (!parse_mod(value, &dsa2, &L, &N, NULL))
		{
		fprintf(stderr, "Mod Parse Error\n");
		exit (1);
		}
	    fputs(buf,out);
	    }
	else if(!strcmp(keyword,"N"))
	    {
	    DSA *dsa;
	    int n=atoi(value);

	    dsa = FIPS_dsa_new();
	    if (!dsa2 && !dsa_builtin_paramgen(dsa, L, N, NULL, NULL, 0,
						NULL, NULL, NULL, NULL))
			{
			fprintf(stderr, "Parameter Generation error\n");
			exit(1);
			}
	    if (dsa2 && dsa_builtin_paramgen2(dsa, L, N, NULL, NULL, 0, -1,
						NULL, NULL, NULL, NULL) <= 0)
			{
			fprintf(stderr, "Parameter Generation error\n");
			exit(1);
			}
	    do_bn_print_name(out, "P",dsa->p);
	    do_bn_print_name(out, "Q",dsa->q);
	    do_bn_print_name(out, "G",dsa->g);
	    fputs(RESP_EOL, out);

	    while(n--)
		{
		if (!DSA_generate_key(dsa))
			exit(1);

		do_bn_print_name(out, "X",dsa->priv_key);
		do_bn_print_name(out, "Y",dsa->pub_key);
	    	fputs(RESP_EOL, out);
		}
	    if (dsa)
		FIPS_dsa_free(dsa);
	    }
	}
    }
Esempio n. 3
0
/*
 * DSA: generate keys and sign, verify input plaintext.
 */
static int FIPS_dsa_test(int bad)
    {
    DSA *dsa = NULL;
    EVP_PKEY pk;
    unsigned char dgst[] = "etaonrishdlc";
    unsigned char buf[60];
    unsigned int slen;
    int r = 0;
    EVP_MD_CTX mctx;

    ERR_clear_error();
    EVP_MD_CTX_init(&mctx);
    dsa = FIPS_dsa_new();
    if (!dsa)
	goto end;
    if (!DSA_generate_parameters_ex(dsa, 1024,NULL,0,NULL,NULL,NULL))
	goto end;
    if (!DSA_generate_key(dsa))
	goto end;
    if (bad)
	    BN_add_word(dsa->pub_key, 1);

    pk.type = EVP_PKEY_DSA;
    pk.pkey.dsa = dsa;

    if (!EVP_SignInit_ex(&mctx, EVP_dss1(), NULL))
	goto end;
    if (!EVP_SignUpdate(&mctx, dgst, sizeof(dgst) - 1))
	goto end;
    if (!EVP_SignFinal(&mctx, buf, &slen, &pk))
	goto end;

    if (!EVP_VerifyInit_ex(&mctx, EVP_dss1(), NULL))
	goto end;
    if (!EVP_VerifyUpdate(&mctx, dgst, sizeof(dgst) - 1))
	goto end;
    r = EVP_VerifyFinal(&mctx, buf, slen, &pk);
    end:
    EVP_MD_CTX_cleanup(&mctx);
    if (dsa)
  	  FIPS_dsa_free(dsa);
    if (r != 1)
	return 0;
    return 1;
    }
Esempio n. 4
0
/*
 * DSA: generate keys and sign, verify input plaintext.
 */
static int FIPS_dsa_test(int bad)
{
    DSA *dsa = NULL;
    unsigned char dgst[] = "etaonrishdlc";
    int r = 0;
    EVP_MD_CTX mctx;
    DSA_SIG *sig = NULL;

    ERR_clear_error();
    FIPS_md_ctx_init(&mctx);
    dsa = FIPS_dsa_new();
    if (!dsa)
        goto end;
    if (!DSA_generate_parameters_ex(dsa, 1024,NULL,0,NULL,NULL,NULL))
        goto end;
    if (!DSA_generate_key(dsa))
        goto end;
    if (bad)
        BN_add_word(dsa->pub_key, 1);

    if (!FIPS_digestinit(&mctx, EVP_sha256()))
        goto end;
    if (!FIPS_digestupdate(&mctx, dgst, sizeof(dgst) - 1))
        goto end;
    sig = FIPS_dsa_sign_ctx(dsa, &mctx);
    if (!sig)
        goto end;

    if (!FIPS_digestinit(&mctx, EVP_sha256()))
        goto end;
    if (!FIPS_digestupdate(&mctx, dgst, sizeof(dgst) - 1))
        goto end;
    r = FIPS_dsa_verify_ctx(dsa, &mctx, sig);
end:
    if (sig)
        FIPS_dsa_sig_free(sig);
    FIPS_md_ctx_cleanup(&mctx);
    if (dsa)
        FIPS_dsa_free(dsa);
    if (r != 1)
        return 0;
    return 1;
}
Esempio n. 5
0
static void sigver(FILE *in, FILE *out)
    {
    DSA *dsa=NULL;
    char buf[1024];
    char lbuf[1024];
    unsigned char msg[1024];
    char *keyword, *value;
    int n=0;
    int dsa2, L, N;
    const EVP_MD *md = NULL;
    DSA_SIG sg, *sig = &sg;

    sig->r = NULL;
    sig->s = NULL;

    while(fgets(buf,sizeof buf,in) != NULL)
	{
	if (!parse_line(&keyword, &value, lbuf, buf))
		{
		fputs(buf,out);
		continue;
		}
	fputs(buf,out);
	if(!strcmp(keyword,"[mod"))
	    {
	    if (!parse_mod(value, &dsa2, &L, &N, &md))
		{
		fprintf(stderr, "Mod Parse Error\n");
		exit (1);
		}
	    if (dsa)
		FIPS_dsa_free(dsa);
	    dsa = FIPS_dsa_new();
	    }
	else if(!strcmp(keyword,"P"))
	    dsa->p=hex2bn(value);
	else if(!strcmp(keyword,"Q"))
	    dsa->q=hex2bn(value);
	else if(!strcmp(keyword,"G"))
	    dsa->g=hex2bn(value);
	else if(!strcmp(keyword,"Msg"))
	    n=hex2bin(value,msg);
	else if(!strcmp(keyword,"Y"))
	    dsa->pub_key=hex2bn(value);
	else if(!strcmp(keyword,"R"))
	    sig->r=hex2bn(value);
	else if(!strcmp(keyword,"S"))
	    {
	    EVP_MD_CTX mctx;
	    int r;
	    FIPS_md_ctx_init(&mctx);
	    sig->s=hex2bn(value);

	    FIPS_digestinit(&mctx, md);
	    FIPS_digestupdate(&mctx, msg, n);
	    no_err = 1;
	    r = FIPS_dsa_verify_ctx(dsa, &mctx, sig);
	    no_err = 0;
	    FIPS_md_ctx_cleanup(&mctx);
	
	    fprintf(out, "Result = %c\n\n", r == 1 ? 'P' : 'F');
	    }
	}
    }
Esempio n. 6
0
static void siggen(FILE *in, FILE *out)
    {
    char buf[1024];
    char lbuf[1024];
    char *keyword, *value;
    int dsa2, L, N;
    const EVP_MD *md = NULL;
    DSA *dsa=NULL;

    while(fgets(buf,sizeof buf,in) != NULL)
	{
	if (!parse_line(&keyword, &value, lbuf, buf))
		{
		fputs(buf,out);
		continue;
		}
	fputs(buf,out);
	if(!strcmp(keyword,"[mod"))
	    {
	    if (!parse_mod(value, &dsa2, &L, &N, &md))
		{
		fprintf(stderr, "Mod Parse Error\n");
		exit (1);
		}
	    if (dsa)
		FIPS_dsa_free(dsa);
	    dsa = FIPS_dsa_new();
	    if (!dsa2 && !dsa_builtin_paramgen(dsa, L, N, md, NULL, 0,
						NULL, NULL, NULL, NULL))
			{
			fprintf(stderr, "Parameter Generation error\n");
			exit(1);
			}
	    if (dsa2 && dsa_builtin_paramgen2(dsa, L, N, md, NULL, 0,
						NULL, NULL, NULL, NULL) <= 0)
			{
			fprintf(stderr, "Parameter Generation error\n");
			exit(1);
			}
	    do_bn_print_name(out, "P",dsa->p);
	    do_bn_print_name(out, "Q",dsa->q);
	    do_bn_print_name(out, "G",dsa->g);
	    fputs("\n", out);
	    }
	else if(!strcmp(keyword,"Msg"))
	    {
	    unsigned char msg[1024];
	    int n;
	    EVP_MD_CTX mctx;
	    DSA_SIG *sig;
	    FIPS_md_ctx_init(&mctx);

	    n=hex2bin(value,msg);

	    if (!DSA_generate_key(dsa))
		exit(1);
	    do_bn_print_name(out, "Y",dsa->pub_key);

	    FIPS_digestinit(&mctx, md);
	    FIPS_digestupdate(&mctx, msg, n);
	    sig = FIPS_dsa_sign_ctx(dsa, &mctx);

	    do_bn_print_name(out, "R",sig->r);
	    do_bn_print_name(out, "S",sig->s);
	    fputs("\n", out);
	    FIPS_dsa_sig_free(sig);
	    FIPS_md_ctx_cleanup(&mctx);
	    }
	}
	if (dsa)
		FIPS_dsa_free(dsa);
    }
Esempio n. 7
0
static void pqgver(FILE *in, FILE *out)
    {
    char buf[1024];
    char lbuf[1024];
    char *keyword, *value;
    BIGNUM *p = NULL, *q = NULL, *g = NULL;
    int counter=-1, counter2;
    unsigned long h=0, h2;
    DSA *dsa=NULL;
    int dsa2, L, N, part_test = 0;
    const EVP_MD *md = NULL;
    int seedlen=-1;
    unsigned char seed[1024];

    while(fgets(buf,sizeof buf,in) != NULL)
	{
	if (!parse_line(&keyword, &value, lbuf, buf))
		{
		if (p && q)
			{
			part_test = 1;
			goto partial;
			}
		fputs(buf,out);
		continue;
		}
	fputs(buf, out);
	if(!strcmp(keyword,"[mod"))
	    {
	    if (!parse_mod(value, &dsa2, &L, &N, &md))
		{
		fprintf(stderr, "Mod Parse Error\n");
		exit (1);
		}
	    }
	else if(!strcmp(keyword,"P"))
	    p=hex2bn(value);
	else if(!strcmp(keyword,"Q"))
	    q=hex2bn(value);
	else if(!strcmp(keyword,"G"))
	    g=hex2bn(value);
	else if(!strcmp(keyword,"Seed"))
	    {
	    seedlen = hex2bin(value, seed);
	    if (!dsa2 && seedlen != 20)
		{
		fprintf(stderr, "Seed parse length error\n");
		exit (1);
		}
	    }
	else if(!strcmp(keyword,"c"))
	    counter =atoi(buf+4);
	partial:
	if(!strcmp(keyword,"H") || part_test)
	    {
	    if (!part_test)
	    	h = atoi(value);
	    if (!p || !q || (!g && !part_test))
		{
		fprintf(stderr, "Parse Error\n");
		exit (1);
		}
	    dsa = FIPS_dsa_new();
	    if (!dsa2 && !dsa_builtin_paramgen(dsa, L, N, md,
					seed, seedlen, NULL,
					&counter2, &h2, NULL))
			{
			fprintf(stderr, "Parameter Generation error\n");
			exit(1);
			}
	    if (dsa2 && dsa_builtin_paramgen2(dsa, L, N, md,
					seed, seedlen, NULL,
					&counter2, &h2, NULL) < 0)
			{
			fprintf(stderr, "Parameter Generation error\n");
			exit(1);
			}
            if (BN_cmp(dsa->p, p) || BN_cmp(dsa->q, q) || 
		(!part_test &&
		((BN_cmp(dsa->g, g) || (counter != counter2) || (h != h2)))))
	    	fprintf(out, "Result = F\n");
	    else
	    	fprintf(out, "Result = P\n");
	    BN_free(p);
	    BN_free(q);
	    BN_free(g);
	    p = NULL;
	    q = NULL;
	    g = NULL;
	    FIPS_dsa_free(dsa);
	    dsa = NULL;
	    if (part_test)
		{
		fputs(buf,out);
		part_test = 0;
		}
	    }
	}
    }
Esempio n. 8
0
static void sigver()
{
    DSA *dsa = NULL;
    char buf[1024];
    char lbuf[1024];
    unsigned char msg[1024];
    char *keyword, *value;
    int nmod = 0, n = 0;
    DSA_SIG sg, *sig = &sg;

    sig->r = NULL;
    sig->s = NULL;

    while (fgets(buf, sizeof buf, stdin) != NULL) {
        if (!parse_line(&keyword, &value, lbuf, buf)) {
            fputs(buf, stdout);
            continue;
        }
        if (!strcmp(keyword, "[mod")) {
            nmod = atoi(value);
            if (dsa)
                FIPS_dsa_free(dsa);
            dsa = FIPS_dsa_new();
        } else if (!strcmp(keyword, "P"))
            dsa->p = hex2bn(value);
        else if (!strcmp(keyword, "Q"))
            dsa->q = hex2bn(value);
        else if (!strcmp(keyword, "G")) {
            dsa->g = hex2bn(value);

            printf("[mod = %d]\n\n", nmod);
            pbn("P", dsa->p);
            pbn("Q", dsa->q);
            pbn("G", dsa->g);
            putc('\n', stdout);
        } else if (!strcmp(keyword, "Msg")) {
            n = hex2bin(value, msg);
            pv("Msg", msg, n);
        } else if (!strcmp(keyword, "Y"))
            dsa->pub_key = hex2bn(value);
        else if (!strcmp(keyword, "R"))
            sig->r = hex2bn(value);
        else if (!strcmp(keyword, "S")) {
            EVP_MD_CTX mctx;
            EVP_PKEY pk;
            unsigned char sigbuf[60];
            unsigned int slen;
            int r;
            EVP_MD_CTX_init(&mctx);
            pk.type = EVP_PKEY_DSA;
            pk.pkey.dsa = dsa;
            sig->s = hex2bn(value);

            pbn("Y", dsa->pub_key);
            pbn("R", sig->r);
            pbn("S", sig->s);

            slen = FIPS_dsa_sig_encode(sigbuf, sig);
            EVP_VerifyInit_ex(&mctx, EVP_dss1(), NULL);
            EVP_VerifyUpdate(&mctx, msg, n);
            r = EVP_VerifyFinal(&mctx, sigbuf, slen, &pk);
            EVP_MD_CTX_cleanup(&mctx);

            printf("Result = %c\n", r == 1 ? 'P' : 'F');
            putc('\n', stdout);
        }
    }
}
Esempio n. 9
0
static void siggen()
{
    char buf[1024];
    char lbuf[1024];
    char *keyword, *value;
    int nmod = 0;
    DSA *dsa = NULL;

    while (fgets(buf, sizeof buf, stdin) != NULL) {
        if (!parse_line(&keyword, &value, lbuf, buf)) {
            fputs(buf, stdout);
            continue;
        }
        if (!strcmp(keyword, "[mod")) {
            nmod = atoi(value);
            printf("[mod = %d]\n\n", nmod);
            if (dsa)
                FIPS_dsa_free(dsa);
            dsa = FIPS_dsa_new();
            if (!DSA_generate_parameters_ex
                    (dsa, nmod, NULL, 0, NULL, NULL, NULL)) {
                do_print_errors();
                exit(1);
            }
            pbn("P", dsa->p);
            pbn("Q", dsa->q);
            pbn("G", dsa->g);
            putc('\n', stdout);
        } else if (!strcmp(keyword, "Msg")) {
            unsigned char msg[1024];
            unsigned char sbuf[60];
            unsigned int slen;
            int n;
            EVP_PKEY pk;
            EVP_MD_CTX mctx;
            DSA_SIG *sig;
            EVP_MD_CTX_init(&mctx);

            n = hex2bin(value, msg);
            pv("Msg", msg, n);

            if (!DSA_generate_key(dsa)) {
                do_print_errors();
                exit(1);
            }
            pk.type = EVP_PKEY_DSA;
            pk.pkey.dsa = dsa;
            pbn("Y", dsa->pub_key);

            EVP_SignInit_ex(&mctx, EVP_dss1(), NULL);
            EVP_SignUpdate(&mctx, msg, n);
            EVP_SignFinal(&mctx, sbuf, &slen, &pk);

            sig = DSA_SIG_new();
            FIPS_dsa_sig_decode(sig, sbuf, slen);

            pbn("R", sig->r);
            pbn("S", sig->s);
            putc('\n', stdout);
            DSA_SIG_free(sig);
            EVP_MD_CTX_cleanup(&mctx);
        }
    }
    if (dsa)
        FIPS_dsa_free(dsa);
}
Esempio n. 10
0
static void pqgver()
{
    char buf[1024];
    char lbuf[1024];
    char *keyword, *value;
    BIGNUM *p = NULL, *q = NULL, *g = NULL;
    int counter, counter2;
    unsigned long h, h2;
    DSA *dsa = NULL;
    int nmod = 0;
    unsigned char seed[1024];

    while (fgets(buf, sizeof buf, stdin) != NULL) {
        if (!parse_line(&keyword, &value, lbuf, buf)) {
            fputs(buf, stdout);
            continue;
        }
        fputs(buf, stdout);
        if (!strcmp(keyword, "[mod"))
            nmod = atoi(value);
        else if (!strcmp(keyword, "P"))
            p = hex2bn(value);
        else if (!strcmp(keyword, "Q"))
            q = hex2bn(value);
        else if (!strcmp(keyword, "G"))
            g = hex2bn(value);
        else if (!strcmp(keyword, "Seed")) {
            int slen = hex2bin(value, seed);
            if (slen != 20) {
                fprintf(stderr, "Seed parse length error\n");
                exit(1);
            }
        } else if (!strcmp(keyword, "c"))
            counter = atoi(buf + 4);
        else if (!strcmp(keyword, "H")) {
            h = atoi(value);
            if (!p || !q || !g) {
                fprintf(stderr, "Parse Error\n");
                exit(1);
            }
            dsa = FIPS_dsa_new();
            if (!DSA_generate_parameters_ex
                    (dsa, nmod, seed, 20, &counter2, &h2, NULL)) {
                do_print_errors();
                exit(1);
            }
            if (BN_cmp(dsa->p, p) || BN_cmp(dsa->q, q) || BN_cmp(dsa->g, g)
                    || (counter != counter2) || (h != h2))
                printf("Result = F\n");
            else
                printf("Result = P\n");
            BN_free(p);
            BN_free(q);
            BN_free(g);
            p = NULL;
            q = NULL;
            g = NULL;
            FIPS_dsa_free(dsa);
            dsa = NULL;
        }
    }
}
static void sigver(FILE *in, FILE *out)
    {
    DSA *dsa=NULL;
    char buf[1024];
    char lbuf[1024];
    unsigned char msg[1024];
    char *keyword, *value;
    int n=0;
    int dsa2, L, N;
    const EVP_MD *md = NULL;
    DSA_SIG sg, *sig = &sg;

    sig->r = NULL;
    sig->s = NULL;

    while(fgets(buf,sizeof buf,in) != NULL)
	{
	if (!parse_line(&keyword, &value, lbuf, buf))
		{
		fputs(buf,out);
		continue;
		}
	fputs(buf,out);
	if(!strcmp(keyword,"[mod"))
	    {
	    if (!parse_mod(value, &dsa2, &L, &N, &md))
		{
		fprintf(stderr, "Mod Parse Error\n");
		exit (1);
		}
	    if (dsa)
		FIPS_dsa_free(dsa);
	    dsa = FIPS_dsa_new();
	    }
	else if(!strcmp(keyword,"P"))
	    do_hex2bn(&dsa->p, value);
	else if(!strcmp(keyword,"Q"))
	    do_hex2bn(&dsa->q, value);
	else if(!strcmp(keyword,"G"))
	    do_hex2bn(&dsa->g, value);
	else if(!strcmp(keyword,"Msg"))
	    n=hex2bin(value,msg);
	else if(!strcmp(keyword,"Y"))
	    do_hex2bn(&dsa->pub_key, value);
	else if(!strcmp(keyword,"R"))
	    sig->r=hex2bn(value);
	else if(!strcmp(keyword,"S"))
	    {
	    int r;
	    sig->s=hex2bn(value);

	    no_err = 1;
	    r = FIPS_dsa_verify(dsa, msg, n, md, sig);
	    no_err = 0;
	    if (sig->s)
		{
		BN_free(sig->s);
		sig->s = NULL;
		}
	    if (sig->r)
		{
		BN_free(sig->r);
		sig->r = NULL;
		}
	
	    fprintf(out, "Result = %c" RESP_EOL RESP_EOL, r == 1 ? 'P' : 'F');
	    }
	}
	if (dsa)
	    FIPS_dsa_free(dsa);
    }
static void pqgver(FILE *in, FILE *out)
    {
    char buf[1024];
    char lbuf[1024];
    char *keyword, *value;
    BIGNUM *p = NULL, *q = NULL, *g = NULL;
    int counter=-1, counter2;
    unsigned long h=0, h2;
    DSA *dsa=NULL;
    int dsa2, L, N, part_test = 0;
    const EVP_MD *md = NULL;
    int seedlen=-1, idxlen, idx = -1;
    unsigned char seed[1024], idtmp[1024];

    while(fgets(buf,sizeof buf,in) != NULL)
	{
	if (!parse_line(&keyword, &value, lbuf, buf))
		{
		if (p && q)
			{
			part_test = 1;
			goto partial;
			}
		fputs(buf,out);
		continue;
		}
	fputs(buf, out);
	if(!strcmp(keyword,"[mod"))
	    {
	    if (!parse_mod(value, &dsa2, &L, &N, &md))
		{
		fprintf(stderr, "Mod Parse Error\n");
		exit (1);
		}
	    }
	else if(!strcmp(keyword,"P"))
	    p=hex2bn(value);
	else if(!strcmp(keyword,"Q"))
	    q=hex2bn(value);
	else if(!strcmp(keyword,"G"))
	    g=hex2bn(value);
	else if(!strcmp(keyword,"firstseed"))
	    seedlen = hex2bin(value, seed);
	else if(!strcmp(keyword,"pseed"))
	    seedlen += hex2bin(value, seed + seedlen);
	else if(!strcmp(keyword,"qseed"))
	    seedlen += hex2bin(value, seed + seedlen);
	else if(!strcmp(keyword,"Seed")
		|| !strcmp(keyword,"domain_parameter_seed"))
	    {
	    seedlen = hex2bin(value, seed);
	    if (!dsa2 && seedlen != 20)
		{
		fprintf(stderr, "Seed parse length error\n");
		exit (1);
		}
	    if (idx > 0)
		part_test = 1;
	    }
	else if(!strcmp(keyword,"index"))
	    {
	    idxlen = hex2bin(value, idtmp);
            if (idxlen != 1)
		{
		fprintf(stderr, "Index value error\n");
		exit (1);
		}
	    idx = idtmp[0];
	    }
	else if(!strcmp(keyword,"c"))
	    counter = atoi(buf+4);
	partial:
	if (part_test && idx < 0 && h == 0 && g)
	    {
	    dsa = FIPS_dsa_new();
	    dsa->p = BN_dup(p);
	    dsa->q = BN_dup(q);
	    dsa->g = BN_dup(g);
	    if (dsa_paramgen_check_g(dsa))
		fprintf(out, "Result = P" RESP_EOL);
	    else
		fprintf(out, "Result = F" RESP_EOL);
	    BN_free(p);
	    BN_free(q);
	    BN_free(g);
	    p = NULL;
	    q = NULL;
	    g = NULL;
	    FIPS_dsa_free(dsa);
	    dsa = NULL;
	    part_test = 0;
	    }
	else if(!strcmp(keyword,"H") || part_test)
	    {
	    if (!part_test)
	    	h = atoi(value);
	    if (!p || !q || (!g && !part_test))
		{
		fprintf(stderr, "Parse Error\n");
		exit (1);
		}
	    dsa = FIPS_dsa_new();
	    if (idx >= 0)
		{
		dsa->p = BN_dup(p);
		dsa->q = BN_dup(q);
		}
	    no_err = 1;
	    if (!dsa2 && !dsa_builtin_paramgen(dsa, L, N, md,
					seed, seedlen, NULL,
					&counter2, &h2, NULL))
			{
			fprintf(stderr, "Parameter Generation error\n");
			exit(1);
			}
	    if (dsa2 && dsa_builtin_paramgen2(dsa, L, N, md,
					seed, seedlen, idx, NULL,
					&counter2, &h2, NULL) < 0)
			{
			fprintf(stderr, "Parameter Generation error\n");
			exit(1);
			}
	    no_err = 0;
	    if (idx >= 0)
		{
		if (BN_cmp(dsa->g, g))
			fprintf(out, "Result = F" RESP_EOL);
		else
			fprintf(out, "Result = P" RESP_EOL);
		}
            else if (BN_cmp(dsa->p, p) || BN_cmp(dsa->q, q) || 
		(!part_test &&
		((BN_cmp(dsa->g, g) || (counter != counter2) || (h != h2)))))
	    	fprintf(out, "Result = F" RESP_EOL);
	    else
	    	fprintf(out, "Result = P" RESP_EOL);
	    BN_free(p);
	    BN_free(q);
	    BN_free(g);
	    p = NULL;
	    q = NULL;
	    g = NULL;
	    FIPS_dsa_free(dsa);
	    dsa = NULL;
	    if (part_test)
		{
		if (idx == -1)
			fputs(buf,out);
		part_test = 0;
		}
	    idx = -1;
	    }
	}
    }
static void pqg(FILE *in, FILE *out)
    {
    char buf[1024];
    char lbuf[1024];
    char *keyword, *value;
    int dsa2, L, N;
    const EVP_MD *md = NULL;
    BIGNUM *p = NULL, *q = NULL;
    enum pqtype { PQG_NONE, PQG_PQ, PQG_G, PQG_GCANON}
		pqg_type = PQG_NONE;
    int seedlen=-1, idxlen, idx = -1;
    unsigned char seed[1024], idtmp[1024];

    while(fgets(buf,sizeof buf,in) != NULL)
	{
	if (buf[0] == '[')
		{
	    	if (strstr(buf, "Probable"))
			pqg_type = PQG_PQ;
	    	else if (strstr(buf, "Unverifiable"))
			pqg_type = PQG_G;
	    	else if (strstr(buf, "Canonical"))
			pqg_type = PQG_GCANON;
		}
	if (!parse_line(&keyword, &value, lbuf, buf))
		{
		fputs(buf,out);
		continue;
		}
	if (strcmp(keyword, "Num"))
		fputs(buf,out);
	if(!strcmp(keyword,"[mod"))
	    {
	    if (!parse_mod(value, &dsa2, &L, &N, &md))
		{
		fprintf(stderr, "Mod Parse Error\n");
		exit (1);
		}
	    }
	else if(!strcmp(keyword,"N") 
		|| (!strcmp(keyword, "Num") && pqg_type == PQG_PQ))
	    {
	    int n=atoi(value);

	    while(n--)
		{
		DSA *dsa;
		int counter;
		unsigned long h;
		dsa = FIPS_dsa_new();

		if (!dsa2 && !dsa_builtin_paramgen(dsa, L, N, md,
						NULL, 0, seed,
						&counter, &h, NULL))
			{
			fprintf(stderr, "Parameter Generation error\n");
			exit(1);
			}
		if (dsa2 && dsa_builtin_paramgen2(dsa, L, N, md,
						NULL, 0, -1, seed,
						&counter, &h, NULL) <= 0)
			{
			fprintf(stderr, "Parameter Generation error\n");
			exit(1);
			}
 
		do_bn_print_name(out, "P",dsa->p);
		do_bn_print_name(out, "Q",dsa->q);
		if (!dsa2)
			do_bn_print_name(out, "G",dsa->g);
		OutputValue(dsa2 ? "domain_parameter_seed" : "Seed",
				seed, M_EVP_MD_size(md), out, 0);
		if (!dsa2)
			{
			fprintf(out, "c = %d" RESP_EOL, counter);
			fprintf(out, "H = %lx" RESP_EOL RESP_EOL,h);
			}
		else
			{
			fprintf(out, "counter = %d" RESP_EOL RESP_EOL, counter);
			}
		FIPS_dsa_free(dsa);
		}
	    }
	else if(!strcmp(keyword,"P"))
	    p=hex2bn(value);
	else if(!strcmp(keyword,"Q"))
	    q=hex2bn(value);
	else if(!strcmp(keyword,"domain_parameter_seed"))
	    seedlen = hex2bin(value, seed);
	else if(!strcmp(keyword,"firstseed"))
	    seedlen = hex2bin(value, seed);
	else if(!strcmp(keyword,"pseed"))
	    seedlen += hex2bin(value, seed + seedlen);
	else if(!strcmp(keyword,"qseed"))
	    seedlen += hex2bin(value, seed + seedlen);
	else if(!strcmp(keyword,"index"))
	    {
	    idxlen = hex2bin(value, idtmp);
            if (idxlen != 1)
		{
		fprintf(stderr, "Index value error\n");
		exit (1);
		}
	    idx = idtmp[0];
	    }
	if ((idx >= 0 && pqg_type == PQG_GCANON) || (q && pqg_type == PQG_G))
		{
		DSA *dsa;
		dsa = FIPS_dsa_new();
		dsa->p = p;
		dsa->q = q;
		p = q = NULL;
		if (dsa_builtin_paramgen2(dsa, L, N, md,
						seed, seedlen, idx, NULL,
						NULL, NULL, NULL) <= 0)
			{
			fprintf(stderr, "Parameter Generation error\n");
			exit(1);
			}
		do_bn_print_name(out, "G",dsa->g);
		FIPS_dsa_free(dsa);
		idx = -1;
		}
	}
    }
Esempio n. 14
0
int main(int argc, char **argv)
	{
	DSA *dsa=NULL;
	EVP_PKEY pk;
	int counter,ret=0,i,j;
	unsigned int slen;
	unsigned char buf[256];
	unsigned long h;
	BN_GENCB cb;
	EVP_MD_CTX mctx;
	BN_GENCB_set(&cb, dsa_cb, stderr);
	EVP_MD_CTX_init(&mctx);

	if(!FIPS_mode_set(1))
	    {
	    do_print_errors();
	    EXIT(1);
	    }

	fprintf(stderr,"test generation of DSA parameters\n");

	dsa = FIPS_dsa_new();
	DSA_generate_parameters_ex(dsa, 1024,seed,20,&counter,&h,&cb);

	fprintf(stderr,"seed\n");
	for (i=0; i<20; i+=4)
		{
		fprintf(stderr,"%02X%02X%02X%02X ",
			seed[i],seed[i+1],seed[i+2],seed[i+3]);
		}
	fprintf(stderr,"\ncounter=%d h=%ld\n",counter,h);

	if (dsa == NULL) goto end;
	if (counter != 16) 
		{
		fprintf(stderr,"counter should be 105\n");
		goto end;
		}
	if (h != 2)
		{
		fprintf(stderr,"h should be 2\n");
		goto end;
		}

	i=BN_bn2bin(dsa->q,buf);
	j=sizeof(out_q);
	if ((i != j) || (memcmp(buf,out_q,i) != 0))
		{
		fprintf(stderr,"q value is wrong\n");
		goto end;
		}

	i=BN_bn2bin(dsa->p,buf);
	j=sizeof(out_p);
	if ((i != j) || (memcmp(buf,out_p,i) != 0))
		{
		fprintf(stderr,"p value is wrong\n");
		goto end;
		}

	i=BN_bn2bin(dsa->g,buf);
	j=sizeof(out_g);
	if ((i != j) || (memcmp(buf,out_g,i) != 0))
		{
		fprintf(stderr,"g value is wrong\n");
		goto end;
		}
	DSA_generate_key(dsa);
	pk.type = EVP_PKEY_DSA;
	pk.pkey.dsa = dsa;

	if (!EVP_SignInit_ex(&mctx, EVP_dss1(), NULL))
		goto end;
	if (!EVP_SignUpdate(&mctx, str1, 20))
		goto end;
	if (!EVP_SignFinal(&mctx, buf, &slen, &pk))
		goto end;

	if (!EVP_VerifyInit_ex(&mctx, EVP_dss1(), NULL))
		goto end;
	if (!EVP_VerifyUpdate(&mctx, str1, 20))
		goto end;
	if (EVP_VerifyFinal(&mctx, buf, slen, &pk) != 1)
		goto end;

	ret = 1;

end:
	if (!ret)
		do_print_errors();
	if (dsa != NULL) FIPS_dsa_free(dsa);
	EVP_MD_CTX_cleanup(&mctx);
#if 0
	CRYPTO_mem_leaks(bio_err);
#endif
	EXIT(!ret);
	return(!ret);
	}
Esempio n. 15
0
int main(int argc, char **argv)
	{
	DSA *dsa=NULL;
	DSA_SIG *sig = NULL;
	int counter,ret=0,i,j;
	unsigned char buf[256];
	unsigned long h;
	BN_GENCB cb;
	BN_GENCB_set(&cb, dsa_cb, stderr);

    	fips_algtest_init();

	fprintf(stderr,"test generation of DSA parameters\n");

	dsa = FIPS_dsa_new();
	DSA_generate_parameters_ex(dsa, 1024,seed,20,&counter,&h,&cb);

	fprintf(stderr,"seed\n");
	for (i=0; i<20; i+=4)
		{
		fprintf(stderr,"%02X%02X%02X%02X ",
			seed[i],seed[i+1],seed[i+2],seed[i+3]);
		}
	fprintf(stderr,"\ncounter=%d h=%ld\n",counter,h);

	if (dsa == NULL) goto end;
	if (counter != 16) 
		{
		fprintf(stderr,"counter should be 105\n");
		goto end;
		}
	if (h != 2)
		{
		fprintf(stderr,"h should be 2\n");
		goto end;
		}

	i=BN_bn2bin(dsa->q,buf);
	j=sizeof(out_q);
	if ((i != j) || (memcmp(buf,out_q,i) != 0))
		{
		fprintf(stderr,"q value is wrong\n");
		goto end;
		}

	i=BN_bn2bin(dsa->p,buf);
	j=sizeof(out_p);
	if ((i != j) || (memcmp(buf,out_p,i) != 0))
		{
		fprintf(stderr,"p value is wrong\n");
		goto end;
		}

	i=BN_bn2bin(dsa->g,buf);
	j=sizeof(out_g);
	if ((i != j) || (memcmp(buf,out_g,i) != 0))
		{
		fprintf(stderr,"g value is wrong\n");
		goto end;
		}
	DSA_generate_key(dsa);

	sig = FIPS_dsa_sign(dsa, str1, 20, EVP_sha1());
	if (!sig)
		goto end;

	if (FIPS_dsa_verify(dsa, str1, 20, EVP_sha1(), sig) != 1)
		goto end;

	ret = 1;

end:
	if (sig)
		FIPS_dsa_sig_free(sig);
	if (dsa != NULL) FIPS_dsa_free(dsa);
#if 0
	CRYPTO_mem_leaks(bio_err);
#endif
	EXIT(!ret);
	return(!ret);
	}
int FIPS_selftest_dsa()
    {
    DSA *dsa=NULL;
    int counter,i,j, ret = 0;
    unsigned int slen;
    unsigned char buf[256];
    unsigned long h;
    EVP_MD_CTX mctx;
    EVP_PKEY pk;

    EVP_MD_CTX_init(&mctx);

    dsa = FIPS_dsa_new();

    if(dsa == NULL)
	goto err;
    if(!DSA_generate_parameters_ex(dsa, 1024,seed,20,&counter,&h,NULL))
	goto err;
    if (counter != 378) 
	goto err;
    if (h != 2)
	goto err;
    i=BN_bn2bin(dsa->q,buf);
    j=sizeof(out_q);
    if (i != j || memcmp(buf,out_q,i) != 0)
	goto err;

    i=BN_bn2bin(dsa->p,buf);
    j=sizeof(out_p);
    if (i != j || memcmp(buf,out_p,i) != 0)
	goto err;

    i=BN_bn2bin(dsa->g,buf);
    j=sizeof(out_g);
    if (i != j || memcmp(buf,out_g,i) != 0)
	goto err;
    DSA_generate_key(dsa);
    pk.type = EVP_PKEY_DSA;
    pk.pkey.dsa = dsa;

    if (!EVP_SignInit_ex(&mctx, EVP_dss1(), NULL))
	goto err;
    if (!EVP_SignUpdate(&mctx, str1, 20))
	goto err;
    if (!EVP_SignFinal(&mctx, buf, &slen, &pk))
	goto err;

    if (!EVP_VerifyInit_ex(&mctx, EVP_dss1(), NULL))
	goto err;
    if (!EVP_VerifyUpdate(&mctx, str1, 20))
	goto err;
    if (EVP_VerifyFinal(&mctx, buf, slen, &pk) != 1)
	goto err;

    ret = 1;

    err:
    EVP_MD_CTX_cleanup(&mctx);
    if (dsa)
	FIPS_dsa_free(dsa);
    if (ret == 0)
	    FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED);
    return ret;
    }