int fips_check_rsa(RSA *rsa) { const unsigned char tbs[] = "RSA Pairwise Check Data"; unsigned char *ctbuf = NULL, *ptbuf = NULL; int len, ret = 0; EVP_PKEY pk; pk.type = EVP_PKEY_RSA; pk.pkey.rsa = rsa; /* Perform pairwise consistency signature test */ if (!fips_pkey_signature_test(FIPS_TEST_PAIRWISE, &pk, tbs, 0, NULL, 0, NULL, RSA_PKCS1_PADDING, NULL) || !fips_pkey_signature_test(FIPS_TEST_PAIRWISE, &pk, tbs, 0, NULL, 0, NULL, RSA_X931_PADDING, NULL) || !fips_pkey_signature_test(FIPS_TEST_PAIRWISE, &pk, tbs, 0, NULL, 0, NULL, RSA_PKCS1_PSS_PADDING, NULL)) goto err; /* Now perform pairwise consistency encrypt/decrypt test */ ctbuf = OPENSSL_malloc(RSA_size(rsa)); if (!ctbuf) goto err; len = RSA_public_encrypt(sizeof(tbs) - 1, tbs, ctbuf, rsa, RSA_PKCS1_PADDING); if (len <= 0) goto err; /* Check ciphertext doesn't match plaintext */ if ((len == (sizeof(tbs) - 1)) && !memcmp(tbs, ctbuf, len)) goto err; ptbuf = OPENSSL_malloc(RSA_size(rsa)); if (!ptbuf) goto err; len = RSA_private_decrypt(len, ctbuf, ptbuf, rsa, RSA_PKCS1_PADDING); if (len != (sizeof(tbs) - 1)) goto err; if (memcmp(ptbuf, tbs, len)) goto err; ret = 1; if (!ptbuf) goto err; err: if (ret == 0) { fips_set_selftest_fail(); FIPSerr(FIPS_F_FIPS_CHECK_RSA,FIPS_R_PAIRWISE_TEST_FAILED); } if (ctbuf) OPENSSL_free(ctbuf); if (ptbuf) OPENSSL_free(ptbuf); return ret; }
int FIPS_selftest_dsa() { DSA *dsa=NULL; EVP_PKEY pk; int ret = 0; dsa = FIPS_dsa_new(); if(dsa == NULL) goto err; fips_load_key_component(dsa, p, dsa_test_2048); fips_load_key_component(dsa, q, dsa_test_2048); fips_load_key_component(dsa, g, dsa_test_2048); fips_load_key_component(dsa, pub_key, dsa_test_2048); fips_load_key_component(dsa, priv_key, dsa_test_2048); pk.type = EVP_PKEY_DSA; pk.pkey.dsa = dsa; if (!fips_pkey_signature_test(FIPS_TEST_SIGNATURE, &pk, NULL, 0, NULL, 0, EVP_sha384(), 0, "DSA SHA384")) goto err; ret = 1; err: if (dsa) FIPS_dsa_free(dsa); return ret; }
int FIPS_selftest_ecdsa() { EC_KEY *ec = NULL; BIGNUM *x = NULL, *y = NULL, *d = NULL; EVP_PKEY pk; int rv = 0; size_t i; for (i = 0; i < sizeof(test_ec_data)/sizeof(EC_SELFTEST_DATA); i++) { EC_SELFTEST_DATA *ecd = test_ec_data + i; x = BN_bin2bn(ecd->x, ecd->xlen, x); y = BN_bin2bn(ecd->y, ecd->ylen, y); d = BN_bin2bn(ecd->d, ecd->dlen, d); if (!x || !y || !d) goto err; ec = EC_KEY_new_by_curve_name(ecd->curve); if (!ec) goto err; if (!EC_KEY_set_public_key_affine_coordinates(ec, x, y)) goto err; if (!EC_KEY_set_private_key(ec, d)) goto err; pk.type = EVP_PKEY_EC; pk.pkey.ec = ec; if (!fips_pkey_signature_test(FIPS_TEST_SIGNATURE, &pk, NULL, 0, NULL, 0, EVP_sha512(), 0, ecd->name)) goto err; EC_KEY_free(ec); ec = NULL; } rv = 1; err: if (x) BN_clear_free(x); if (y) BN_clear_free(y); if (d) BN_clear_free(d); if (ec) EC_KEY_free(ec); return rv; }
static int fips_check_dsa(DSA *dsa) { EVP_PKEY pk; unsigned char tbs[] = "DSA Pairwise Check Data"; pk.type = EVP_PKEY_DSA; pk.pkey.dsa = dsa; if (!fips_pkey_signature_test(&pk, tbs, -1, NULL, 0, EVP_dss1(), 0, NULL)) { FIPSerr(FIPS_F_FIPS_CHECK_DSA, FIPS_R_PAIRWISE_TEST_FAILED); fips_set_selftest_fail(); return 0; } return 1; }
static int fips_check_ec(EC_KEY *key) { EVP_PKEY pk; unsigned char tbs[] = "ECDSA Pairwise Check Data"; pk.type = EVP_PKEY_EC; pk.pkey.ec = key; if (!fips_pkey_signature_test(FIPS_TEST_PAIRWISE, &pk, tbs, 0, NULL, 0, NULL, 0, NULL)) { FIPSerr(FIPS_F_FIPS_CHECK_EC,FIPS_R_PAIRWISE_TEST_FAILED); fips_set_selftest_fail(); return 0; } return 1; }
int FIPS_selftest_sha1() { int rv = 1; size_t i; for(i=0 ; i <sizeof(test)/sizeof(test[0]) ; i++) { if (!fips_pkey_signature_test(FIPS_TEST_DIGEST, NULL, test[i], 0, ret[i], 20, EVP_sha1(), 0, "SHA1 Digest")) rv = 0; } return rv; }
int FIPS_selftest_rsa() { int ret = 0; RSA *key = NULL; EVP_PKEY pk; key=FIPS_rsa_new(); setrsakey(key); pk.type = EVP_PKEY_RSA; pk.pkey.rsa = key; if (!fips_pkey_signature_test(FIPS_TEST_SIGNATURE, &pk, kat_tbs, sizeof(kat_tbs) - 1, kat_RSA_PSS_SHA256, sizeof(kat_RSA_PSS_SHA256), EVP_sha256(), RSA_PKCS1_PSS_PADDING, "RSA SHA256 PSS")) goto err; ret = 1; err: FIPS_rsa_free(key); return ret; }
int FIPS_selftest_dsa() { DSA *dsa = NULL; EVP_PKEY *pk = NULL; int ret = 0; dsa = DSA_new(); if (dsa == NULL) goto err; fips_load_key_component(dsa, p, dsa_test_2048); fips_load_key_component(dsa, q, dsa_test_2048); fips_load_key_component(dsa, g, dsa_test_2048); fips_load_key_component(dsa, pub_key, dsa_test_2048); fips_load_key_component(dsa, priv_key, dsa_test_2048); if (corrupt_dsa) BN_set_bit(dsa->pub_key, 2047); if ((pk = EVP_PKEY_new()) == NULL) goto err; EVP_PKEY_assign_DSA(pk, dsa); if (!fips_pkey_signature_test(pk, NULL, 0, NULL, 0, EVP_sha256(), 0, "DSA SHA256")) goto err; ret = 1; err: if (pk) EVP_PKEY_free(pk); else if (dsa) DSA_free(dsa); return ret; }