Exemplo n.º 1
0
/*
 * RSA: generate keys and sign, verify input plaintext.
 */
static int FIPS_rsa_test(int bad)
{
    RSA *key;
    unsigned char input_ptext[] = "etaonrishdlc";
    unsigned char buf[256];
    unsigned int slen;
    BIGNUM *bn;
    EVP_MD_CTX mctx;
    int r = 0;

    ERR_clear_error();
    FIPS_md_ctx_init(&mctx);
    key = FIPS_rsa_new();
    bn = BN_new();
    if (!key || !bn)
        return 0;
    BN_set_word(bn, 65537);
    if (!RSA_generate_key_ex(key, 2048,bn,NULL))
        return 0;
    BN_free(bn);
    if (bad)
        BN_add_word(key->n, 1);

    if (!FIPS_digestinit(&mctx, EVP_sha256()))
        goto end;
    if (!FIPS_digestupdate(&mctx, input_ptext, sizeof(input_ptext) - 1))
        goto end;
    if (!FIPS_rsa_sign_ctx(key, &mctx, RSA_PKCS1_PADDING, 0, NULL, buf, &slen))
        goto end;

    if (!FIPS_digestinit(&mctx, EVP_sha256()))
        goto end;
    if (!FIPS_digestupdate(&mctx, input_ptext, sizeof(input_ptext) - 1))
        goto end;
    r = FIPS_rsa_verify_ctx(key, &mctx, RSA_PKCS1_PADDING, 0, NULL, buf, slen);
end:
    FIPS_md_ctx_cleanup(&mctx);
    if (key)
        FIPS_rsa_free(key);
    if (r != 1)
        return 0;
    return 1;
}
Exemplo n.º 2
0
int fips_pkey_signature_test(int id, EVP_PKEY *pkey,
			const unsigned char *tbs, size_t tbslen,
			const unsigned char *kat, size_t katlen,
			const EVP_MD *digest, int pad_mode,
			const char *fail_str)
	{	
	int subid;
	void *ex = NULL;
	int ret = 0;
	unsigned char *sig = NULL;
	unsigned int siglen;
	static const unsigned char str1[]="12345678901234567890";
	DSA_SIG *dsig = NULL;
	ECDSA_SIG *esig = NULL;
	EVP_MD_CTX mctx;
	FIPS_md_ctx_init(&mctx);

	if (tbs == NULL)
		tbs = str1;

	if (tbslen == 0)
		tbslen = strlen((char *)tbs);

	if (digest == NULL)
		digest = EVP_sha256();

	subid = M_EVP_MD_type(digest);


	if (!fips_post_started(id, subid, pkey))
		return 1;

	if (!pkey || pkey->type == EVP_PKEY_RSA)
		{
		size_t sigsize;
		if (!pkey)
			sigsize = EVP_MAX_MD_SIZE;
		else
			sigsize = RSA_size(pkey->pkey.rsa);

		sig = OPENSSL_malloc(sigsize);
		if (!sig)
			{
			FIPSerr(FIPS_F_FIPS_PKEY_SIGNATURE_TEST,ERR_R_MALLOC_FAILURE);
			goto error;
			}
		}

	if (!FIPS_digestinit(&mctx, digest))
		goto error;
	if (!FIPS_digestupdate(&mctx, tbs, tbslen))
		goto error;

	if (!fips_post_corrupt(id, subid, pkey))
		{
		if (!FIPS_digestupdate(&mctx, tbs, 1))
			goto error;
		}

	if (pkey == NULL)
		{
		if (!FIPS_digestfinal(&mctx, sig, &siglen))
			goto error;
		}
	else if (pkey->type == EVP_PKEY_RSA)
		{
		if (!FIPS_rsa_sign_ctx(pkey->pkey.rsa, &mctx,
					pad_mode, 0, NULL, sig, &siglen))
			goto error;
		}
	else if (pkey->type == EVP_PKEY_DSA)
		{
		dsig = FIPS_dsa_sign_ctx(pkey->pkey.dsa, &mctx);
		if (!dsig)
			goto error;
		}
	else if (pkey->type == EVP_PKEY_EC)
		{
		esig = FIPS_ecdsa_sign_ctx(pkey->pkey.ec, &mctx);
		if (!esig)
			goto error;
		}

	if (kat && ((siglen != katlen) || memcmp(kat, sig, katlen)))
		goto error;
#if 0
	{
	/* Debug code to print out self test KAT discrepancies */
	unsigned int i;
	fprintf(stderr, "%s=", fail_str);
	for (i = 0; i < siglen; i++)
			fprintf(stderr, "%02X", sig[i]);
	fprintf(stderr, "\n");
	goto error;
	}
#endif
	/* If just digest test we've finished */
	if (pkey == NULL)
		{
		ret = 1;
		/* Well actually sucess as we've set ret to 1 */
		goto error;
		}
	if (!FIPS_digestinit(&mctx, digest))
		goto error;
	if (!FIPS_digestupdate(&mctx, tbs, tbslen))
		goto error;
	if (pkey->type == EVP_PKEY_RSA)
		{
		ret = FIPS_rsa_verify_ctx(pkey->pkey.rsa, &mctx,
						pad_mode, 0, NULL, sig, siglen);
		}
	else if (pkey->type == EVP_PKEY_DSA)
		{
		ret = FIPS_dsa_verify_ctx(pkey->pkey.dsa, &mctx, dsig);
		}
	else if (pkey->type == EVP_PKEY_EC)
		{
		ret = FIPS_ecdsa_verify_ctx(pkey->pkey.ec, &mctx, esig);
		}

	error:
	if (dsig != NULL)
		FIPS_dsa_sig_free(dsig);
	if (esig != NULL)
		FIPS_ecdsa_sig_free(esig);
	if (sig)
		OPENSSL_free(sig);
	FIPS_md_ctx_cleanup(&mctx);
	if (ret != 1)
		{
		FIPSerr(FIPS_F_FIPS_PKEY_SIGNATURE_TEST,FIPS_R_TEST_FAILURE);
		if (fail_str)
			FIPS_add_error_data(2, "Type=", fail_str);
		fips_post_failed(id, subid, ex);
		return 0;
		}
	return fips_post_success(id, subid, pkey);
	}