Commit 09773532 authored by Ben Laurie's avatar Ben Laurie
Browse files

Add pairwise tests, fix makefiles.

parent cc77f7c5

Makefile.org

+2 −1
Original line number Diff line number Diff line
@@ -817,7 +817,7 @@ install: all install_docs 
			cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \

			if ! egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \

				$(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \

			fi \

			fi; \

			chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \

			mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \

		fi; \
@@ -859,6 +859,7 @@ install: all install_docs 
		if [ -f "$$i" ]; then \

		(       echo installing $$i; \

			cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \

			chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \

			mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \

		fi; \

	done;

crypto/dsa/dsa_key.c

+2 −0
Original line number Diff line number Diff line
@@ -64,6 +64,7 @@ 
#include <openssl/dsa.h>

#include <openssl/rand.h>



#ifndef OPENSSL_FIPS

int DSA_generate_key(DSA *dsa)

	{

	int ok=0;
@@ -103,3 +104,4 @@ err: 
	return(ok);

	}

#endif

#endif

fips/dsa/Makefile.ssl

+6 −5
Original line number Diff line number Diff line
@@ -56,11 +56,12 @@ links: 
	@$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS)



install:

	@for i in $(EXHEADER) ; \

	do  \

	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \

	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \

	done;

# some shells don't like empty lists

#	@for i in $(EXHEADER) ; \

#	do  \

#	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \

#	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \

#	done;



tags:

	ctags $(SRC)

fips/dsa/fingerprint.sha1

+1 −1
Original line number Diff line number Diff line 
SHA1(fips_dsa_ossl.c)= 592cd23f6e63bc08b9c960014d52aad05594f913

SHA1(fips_dsa_gen.c)= 87e185e25c1d606922651ea264470cb93c04e6a8

SHA1(fips_dsa_gen.c)= 418cbd83675130cf7c45f3ea669b96167a1d65aa

SHA1(fips_dsa_selftest.c)= d638e2d13912befe42e0ed6efa8a27719b6689d5

fips/dsa/fips_dsa_gen.c

+58 −0
Original line number Diff line number Diff line
@@ -88,6 +88,21 @@ 


#ifdef OPENSSL_FIPS



static int fips_check_dsa(DSA *dsa)

    {

    static const unsigned char str1[]="12345678901234567890";

    unsigned char sig[256];

    unsigned int siglen;



    DSA_sign(0, str1, 20, sig, &siglen, dsa);

    if(DSA_verify(0, str1, 20, sig, siglen, dsa) != 1)

	{

	FIPSerr(FIPS_F_FIPS_CHECK_DSA,FIPS_R_PAIRWISE_TEST_FAILED);

	return 0;

	}

    return 1;

    }



DSA *DSA_generate_parameters(int bits,

		unsigned char *seed_in, int seed_len,

		int *counter_ret, unsigned long *h_ret,
@@ -310,6 +325,49 @@ err: 
	if (mont != NULL) BN_MONT_CTX_free(mont);

	return(ok?ret:NULL);

	}



int DSA_generate_key(DSA *dsa)

	{

	int ok=0;

	BN_CTX *ctx=NULL;

	BIGNUM *pub_key=NULL,*priv_key=NULL;



	if ((ctx=BN_CTX_new()) == NULL) goto err;



	if (dsa->priv_key == NULL)

		{

		if ((priv_key=BN_new()) == NULL) goto err;

		}

	else

		priv_key=dsa->priv_key;



	do

		if (!BN_rand_range(priv_key,dsa->q)) goto err;

	while (BN_is_zero(priv_key));



	if (dsa->pub_key == NULL)

		{

		if ((pub_key=BN_new()) == NULL) goto err;

		}

	else

		pub_key=dsa->pub_key;



	if (!BN_mod_exp(pub_key,dsa->g,priv_key,dsa->p,ctx)) goto err;



	dsa->priv_key=priv_key;

	dsa->pub_key=pub_key;



	if(!fips_check_dsa(dsa))

	    goto err;



	ok=1;



err:

	if ((pub_key != NULL) && (dsa->pub_key == NULL)) BN_free(pub_key);

	if ((priv_key != NULL) && (dsa->priv_key == NULL)) BN_free(priv_key);

	if (ctx != NULL) BN_CTX_free(ctx);

	return(ok);

	}

#endif



#endif