Пример #1
0
/* This call frees resources associated with the context */
int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
	{
#ifndef OPENSSL_FIPS
	/* Don't assume ctx->md_data was cleaned in EVP_Digest_Final,
	 * because sometimes only copies of the context are ever finalised.
	 */
	if (ctx->digest && ctx->digest->cleanup
	    && !EVP_MD_CTX_test_flags(ctx,EVP_MD_CTX_FLAG_CLEANED))
		ctx->digest->cleanup(ctx);
	if (ctx->digest && ctx->digest->ctx_size && ctx->md_data
	    && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE))
		{
		OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size);
		OPENSSL_free(ctx->md_data);
		}
#endif
	if (ctx->pctx)
		EVP_PKEY_CTX_free(ctx->pctx);
#ifndef OPENSSL_NO_ENGINE
	if(ctx->engine)
		/* The EVP_MD we used belongs to an ENGINE, release the
		 * functional reference we held for this reason. */
		ENGINE_finish(ctx->engine);
#endif
#ifdef OPENSSL_FIPS
	FIPS_md_ctx_cleanup(ctx);
#endif
	memset(ctx,'\0',sizeof *ctx);

	return 1;
	}
Пример #2
0
/*
 * RSA: generate keys and sign, verify input plaintext.
 */
static int FIPS_rsa_test(int bad)
{
    RSA *key;
    unsigned char input_ptext[] = "etaonrishdlc";
    unsigned char buf[256];
    unsigned int slen;
    BIGNUM *bn;
    EVP_MD_CTX mctx;
    int r = 0;

    ERR_clear_error();
    FIPS_md_ctx_init(&mctx);
    key = FIPS_rsa_new();
    bn = BN_new();
    if (!key || !bn)
        return 0;
    BN_set_word(bn, 65537);
    if (!RSA_generate_key_ex(key, 2048,bn,NULL))
        return 0;
    BN_free(bn);
    if (bad)
        BN_add_word(key->n, 1);

    if (!FIPS_digestinit(&mctx, EVP_sha256()))
        goto end;
    if (!FIPS_digestupdate(&mctx, input_ptext, sizeof(input_ptext) - 1))
        goto end;
    if (!FIPS_rsa_sign_ctx(key, &mctx, RSA_PKCS1_PADDING, 0, NULL, buf, &slen))
        goto end;

    if (!FIPS_digestinit(&mctx, EVP_sha256()))
        goto end;
    if (!FIPS_digestupdate(&mctx, input_ptext, sizeof(input_ptext) - 1))
        goto end;
    r = FIPS_rsa_verify_ctx(key, &mctx, RSA_PKCS1_PADDING, 0, NULL, buf, slen);
end:
    FIPS_md_ctx_cleanup(&mctx);
    if (key)
        FIPS_rsa_free(key);
    if (r != 1)
        return 0;
    return 1;
}
Пример #3
0
/*
 * DSA: generate keys and sign, verify input plaintext.
 */
static int FIPS_dsa_test(int bad)
{
    DSA *dsa = NULL;
    unsigned char dgst[] = "etaonrishdlc";
    int r = 0;
    EVP_MD_CTX mctx;
    DSA_SIG *sig = NULL;

    ERR_clear_error();
    FIPS_md_ctx_init(&mctx);
    dsa = FIPS_dsa_new();
    if (!dsa)
        goto end;
    if (!DSA_generate_parameters_ex(dsa, 1024,NULL,0,NULL,NULL,NULL))
        goto end;
    if (!DSA_generate_key(dsa))
        goto end;
    if (bad)
        BN_add_word(dsa->pub_key, 1);

    if (!FIPS_digestinit(&mctx, EVP_sha256()))
        goto end;
    if (!FIPS_digestupdate(&mctx, dgst, sizeof(dgst) - 1))
        goto end;
    sig = FIPS_dsa_sign_ctx(dsa, &mctx);
    if (!sig)
        goto end;

    if (!FIPS_digestinit(&mctx, EVP_sha256()))
        goto end;
    if (!FIPS_digestupdate(&mctx, dgst, sizeof(dgst) - 1))
        goto end;
    r = FIPS_dsa_verify_ctx(dsa, &mctx, sig);
end:
    if (sig)
        FIPS_dsa_sig_free(sig);
    FIPS_md_ctx_cleanup(&mctx);
    if (dsa)
        FIPS_dsa_free(dsa);
    if (r != 1)
        return 0;
    return 1;
}
Пример #4
0
int fips_pkey_signature_test(int id, EVP_PKEY *pkey,
			const unsigned char *tbs, size_t tbslen,
			const unsigned char *kat, size_t katlen,
			const EVP_MD *digest, int pad_mode,
			const char *fail_str)
	{	
	int subid;
	void *ex = NULL;
	int ret = 0;
	unsigned char *sig = NULL;
	unsigned int siglen;
	static const unsigned char str1[]="12345678901234567890";
	DSA_SIG *dsig = NULL;
	ECDSA_SIG *esig = NULL;
	EVP_MD_CTX mctx;
	FIPS_md_ctx_init(&mctx);

	if (tbs == NULL)
		tbs = str1;

	if (tbslen == 0)
		tbslen = strlen((char *)tbs);

	if (digest == NULL)
		digest = EVP_sha256();

	subid = M_EVP_MD_type(digest);


	if (!fips_post_started(id, subid, pkey))
		return 1;

	if (!pkey || pkey->type == EVP_PKEY_RSA)
		{
		size_t sigsize;
		if (!pkey)
			sigsize = EVP_MAX_MD_SIZE;
		else
			sigsize = RSA_size(pkey->pkey.rsa);

		sig = OPENSSL_malloc(sigsize);
		if (!sig)
			{
			FIPSerr(FIPS_F_FIPS_PKEY_SIGNATURE_TEST,ERR_R_MALLOC_FAILURE);
			goto error;
			}
		}

	if (!FIPS_digestinit(&mctx, digest))
		goto error;
	if (!FIPS_digestupdate(&mctx, tbs, tbslen))
		goto error;

	if (!fips_post_corrupt(id, subid, pkey))
		{
		if (!FIPS_digestupdate(&mctx, tbs, 1))
			goto error;
		}

	if (pkey == NULL)
		{
		if (!FIPS_digestfinal(&mctx, sig, &siglen))
			goto error;
		}
	else if (pkey->type == EVP_PKEY_RSA)
		{
		if (!FIPS_rsa_sign_ctx(pkey->pkey.rsa, &mctx,
					pad_mode, 0, NULL, sig, &siglen))
			goto error;
		}
	else if (pkey->type == EVP_PKEY_DSA)
		{
		dsig = FIPS_dsa_sign_ctx(pkey->pkey.dsa, &mctx);
		if (!dsig)
			goto error;
		}
	else if (pkey->type == EVP_PKEY_EC)
		{
		esig = FIPS_ecdsa_sign_ctx(pkey->pkey.ec, &mctx);
		if (!esig)
			goto error;
		}

	if (kat && ((siglen != katlen) || memcmp(kat, sig, katlen)))
		goto error;
#if 0
	{
	/* Debug code to print out self test KAT discrepancies */
	unsigned int i;
	fprintf(stderr, "%s=", fail_str);
	for (i = 0; i < siglen; i++)
			fprintf(stderr, "%02X", sig[i]);
	fprintf(stderr, "\n");
	goto error;
	}
#endif
	/* If just digest test we've finished */
	if (pkey == NULL)
		{
		ret = 1;
		/* Well actually sucess as we've set ret to 1 */
		goto error;
		}
	if (!FIPS_digestinit(&mctx, digest))
		goto error;
	if (!FIPS_digestupdate(&mctx, tbs, tbslen))
		goto error;
	if (pkey->type == EVP_PKEY_RSA)
		{
		ret = FIPS_rsa_verify_ctx(pkey->pkey.rsa, &mctx,
						pad_mode, 0, NULL, sig, siglen);
		}
	else if (pkey->type == EVP_PKEY_DSA)
		{
		ret = FIPS_dsa_verify_ctx(pkey->pkey.dsa, &mctx, dsig);
		}
	else if (pkey->type == EVP_PKEY_EC)
		{
		ret = FIPS_ecdsa_verify_ctx(pkey->pkey.ec, &mctx, esig);
		}

	error:
	if (dsig != NULL)
		FIPS_dsa_sig_free(dsig);
	if (esig != NULL)
		FIPS_ecdsa_sig_free(esig);
	if (sig)
		OPENSSL_free(sig);
	FIPS_md_ctx_cleanup(&mctx);
	if (ret != 1)
		{
		FIPSerr(FIPS_F_FIPS_PKEY_SIGNATURE_TEST,FIPS_R_TEST_FAILURE);
		if (fail_str)
			FIPS_add_error_data(2, "Type=", fail_str);
		fips_post_failed(id, subid, ex);
		return 0;
		}
	return fips_post_success(id, subid, pkey);
	}
Пример #5
0
static void sigver(FILE *in, FILE *out)
    {
    DSA *dsa=NULL;
    char buf[1024];
    char lbuf[1024];
    unsigned char msg[1024];
    char *keyword, *value;
    int n=0;
    int dsa2, L, N;
    const EVP_MD *md = NULL;
    DSA_SIG sg, *sig = &sg;

    sig->r = NULL;
    sig->s = NULL;

    while(fgets(buf,sizeof buf,in) != NULL)
	{
	if (!parse_line(&keyword, &value, lbuf, buf))
		{
		fputs(buf,out);
		continue;
		}
	fputs(buf,out);
	if(!strcmp(keyword,"[mod"))
	    {
	    if (!parse_mod(value, &dsa2, &L, &N, &md))
		{
		fprintf(stderr, "Mod Parse Error\n");
		exit (1);
		}
	    if (dsa)
		FIPS_dsa_free(dsa);
	    dsa = FIPS_dsa_new();
	    }
	else if(!strcmp(keyword,"P"))
	    dsa->p=hex2bn(value);
	else if(!strcmp(keyword,"Q"))
	    dsa->q=hex2bn(value);
	else if(!strcmp(keyword,"G"))
	    dsa->g=hex2bn(value);
	else if(!strcmp(keyword,"Msg"))
	    n=hex2bin(value,msg);
	else if(!strcmp(keyword,"Y"))
	    dsa->pub_key=hex2bn(value);
	else if(!strcmp(keyword,"R"))
	    sig->r=hex2bn(value);
	else if(!strcmp(keyword,"S"))
	    {
	    EVP_MD_CTX mctx;
	    int r;
	    FIPS_md_ctx_init(&mctx);
	    sig->s=hex2bn(value);

	    FIPS_digestinit(&mctx, md);
	    FIPS_digestupdate(&mctx, msg, n);
	    no_err = 1;
	    r = FIPS_dsa_verify_ctx(dsa, &mctx, sig);
	    no_err = 0;
	    FIPS_md_ctx_cleanup(&mctx);
	
	    fprintf(out, "Result = %c\n\n", r == 1 ? 'P' : 'F');
	    }
	}
    }
Пример #6
0
static void siggen(FILE *in, FILE *out)
    {
    char buf[1024];
    char lbuf[1024];
    char *keyword, *value;
    int dsa2, L, N;
    const EVP_MD *md = NULL;
    DSA *dsa=NULL;

    while(fgets(buf,sizeof buf,in) != NULL)
	{
	if (!parse_line(&keyword, &value, lbuf, buf))
		{
		fputs(buf,out);
		continue;
		}
	fputs(buf,out);
	if(!strcmp(keyword,"[mod"))
	    {
	    if (!parse_mod(value, &dsa2, &L, &N, &md))
		{
		fprintf(stderr, "Mod Parse Error\n");
		exit (1);
		}
	    if (dsa)
		FIPS_dsa_free(dsa);
	    dsa = FIPS_dsa_new();
	    if (!dsa2 && !dsa_builtin_paramgen(dsa, L, N, md, NULL, 0,
						NULL, NULL, NULL, NULL))
			{
			fprintf(stderr, "Parameter Generation error\n");
			exit(1);
			}
	    if (dsa2 && dsa_builtin_paramgen2(dsa, L, N, md, NULL, 0,
						NULL, NULL, NULL, NULL) <= 0)
			{
			fprintf(stderr, "Parameter Generation error\n");
			exit(1);
			}
	    do_bn_print_name(out, "P",dsa->p);
	    do_bn_print_name(out, "Q",dsa->q);
	    do_bn_print_name(out, "G",dsa->g);
	    fputs("\n", out);
	    }
	else if(!strcmp(keyword,"Msg"))
	    {
	    unsigned char msg[1024];
	    int n;
	    EVP_MD_CTX mctx;
	    DSA_SIG *sig;
	    FIPS_md_ctx_init(&mctx);

	    n=hex2bin(value,msg);

	    if (!DSA_generate_key(dsa))
		exit(1);
	    do_bn_print_name(out, "Y",dsa->pub_key);

	    FIPS_digestinit(&mctx, md);
	    FIPS_digestupdate(&mctx, msg, n);
	    sig = FIPS_dsa_sign_ctx(dsa, &mctx);

	    do_bn_print_name(out, "R",sig->r);
	    do_bn_print_name(out, "S",sig->s);
	    fputs("\n", out);
	    FIPS_dsa_sig_free(sig);
	    FIPS_md_ctx_cleanup(&mctx);
	    }
	}
	if (dsa)
		FIPS_dsa_free(dsa);
    }