Loading fips/dh/fips_dhvs.c +80 −19 Original line number Diff line number Diff line Loading @@ -106,42 +106,111 @@ static const EVP_MD *parse_md(char *line) return NULL; } static void output_Zhash(FILE *out, int exout, DH *dh, BIGNUM *peerkey, const EVP_MD *md, unsigned char *rhash, size_t rhashlen) { unsigned char *Z; unsigned char chash[EVP_MAX_MD_SIZE]; int Zlen; if (rhash == NULL) { rhashlen = M_EVP_MD_size(md); if (!DH_generate_key(dh)) exit (1); do_bn_print_name(out, "YephemIUT", dh->pub_key); if (exout) do_bn_print_name(out, "XephemIUT", dh->priv_key); } Z = OPENSSL_malloc(BN_num_bytes(dh->p)); if (!Z) exit(1); Zlen = DH_compute_key_padded(Z, peerkey, dh); if (exout) OutputValue("Z", Z, Zlen, out, 0); FIPS_digest(Z, Zlen, chash, NULL, md); OutputValue(rhash ? "IUTHashZZ" : "HashZZ", chash, rhashlen, out, 0); if (rhash) { fprintf(out, "Result = %s\n", memcmp(chash, rhash, rhashlen) ? "F" : "P"); } else { BN_clear_free(dh->priv_key); BN_clear_free(dh->pub_key); dh->priv_key = NULL; dh->pub_key = NULL; } OPENSSL_cleanse(Z, Zlen); OPENSSL_free(Z); } int main(int argc,char **argv) { char **args = argv + 1; int argn = argc - 1; FILE *in, *out; char buf[2048], lbuf[2048]; unsigned char *rhash, chash[EVP_MAX_MD_SIZE]; unsigned char *rhash; long rhashlen; DH *dh = NULL; const EVP_MD *md = NULL; BIGNUM *peerkey = NULL; char *keyword = NULL, *value = NULL; int do_verify = -1, exout = 0; fips_set_error_print(); if (argc == 3) if (argn && !strcmp(*args, "dhver")) { do_verify = 1; args++; argn--; } else if (argn && !strcmp(*args, "dhgen")) { do_verify = 0; args++; argn--; } if (argn && !strcmp(*args, "-exout")) { exout = 1; args++; argn--; } if (do_verify == -1) { fprintf(stderr,"%s [dhver|dhgen|] [-exout] (infile outfile)\n",argv[0]); exit(1); } if (argn == 2) { in = fopen(argv[1], "r"); in = fopen(*args, "r"); if (!in) { fprintf(stderr, "Error opening input file\n"); exit(1); } out = fopen(argv[2], "w"); out = fopen(args[1], "w"); if (!out) { fprintf(stderr, "Error opening output file\n"); exit(1); } } else if (argc == 1) else if (argn == 0) { in = stdin; out = stdout; } else { fprintf(stderr,"%s (infile outfile)\n",argv[0]); fprintf(stderr,"%s [dhver|dhgen|] [-exout] (infile outfile)\n",argv[0]); exit(1); } Loading @@ -162,7 +231,6 @@ int main(int argc,char **argv) } if (!parse_line(&keyword, &value, lbuf, buf)) continue; if (!strcmp(keyword, "P")) { if (!do_hex2bn(&dh->p, value)) Loading Loading @@ -192,26 +260,19 @@ int main(int argc,char **argv) { if (!do_hex2bn(&peerkey, value)) goto parse_error; if (do_verify == 0) output_Zhash(out, exout, dh, peerkey, md, NULL, 0); } else if (!strcmp(keyword, "CAVSHashZZ")) { int Zlen; unsigned char *Z; if (!md) goto parse_error; rhash = hex2bin_m(value, &rhashlen); if (!rhash || rhashlen != M_EVP_MD_size(md)) goto parse_error; Z = OPENSSL_malloc(BN_num_bytes(dh->p)); if (!Z) exit(1); Zlen = DH_compute_key_padded(Z, peerkey, dh); OutputValue("Z", Z, Zlen, out, 0); FIPS_digest(Z, Zlen, chash, NULL, md); OutputValue("IUTHashZZ", chash, rhashlen, out, 0); fprintf(out, "Result = %s\n", memcmp(chash, rhash, rhashlen) ? "F" : "P"); OPENSSL_free(Z); output_Zhash(out, exout, dh, peerkey, md, rhash, rhashlen); } } return 0; Loading Loading
fips/dh/fips_dhvs.c +80 −19 Original line number Diff line number Diff line Loading @@ -106,42 +106,111 @@ static const EVP_MD *parse_md(char *line) return NULL; } static void output_Zhash(FILE *out, int exout, DH *dh, BIGNUM *peerkey, const EVP_MD *md, unsigned char *rhash, size_t rhashlen) { unsigned char *Z; unsigned char chash[EVP_MAX_MD_SIZE]; int Zlen; if (rhash == NULL) { rhashlen = M_EVP_MD_size(md); if (!DH_generate_key(dh)) exit (1); do_bn_print_name(out, "YephemIUT", dh->pub_key); if (exout) do_bn_print_name(out, "XephemIUT", dh->priv_key); } Z = OPENSSL_malloc(BN_num_bytes(dh->p)); if (!Z) exit(1); Zlen = DH_compute_key_padded(Z, peerkey, dh); if (exout) OutputValue("Z", Z, Zlen, out, 0); FIPS_digest(Z, Zlen, chash, NULL, md); OutputValue(rhash ? "IUTHashZZ" : "HashZZ", chash, rhashlen, out, 0); if (rhash) { fprintf(out, "Result = %s\n", memcmp(chash, rhash, rhashlen) ? "F" : "P"); } else { BN_clear_free(dh->priv_key); BN_clear_free(dh->pub_key); dh->priv_key = NULL; dh->pub_key = NULL; } OPENSSL_cleanse(Z, Zlen); OPENSSL_free(Z); } int main(int argc,char **argv) { char **args = argv + 1; int argn = argc - 1; FILE *in, *out; char buf[2048], lbuf[2048]; unsigned char *rhash, chash[EVP_MAX_MD_SIZE]; unsigned char *rhash; long rhashlen; DH *dh = NULL; const EVP_MD *md = NULL; BIGNUM *peerkey = NULL; char *keyword = NULL, *value = NULL; int do_verify = -1, exout = 0; fips_set_error_print(); if (argc == 3) if (argn && !strcmp(*args, "dhver")) { do_verify = 1; args++; argn--; } else if (argn && !strcmp(*args, "dhgen")) { do_verify = 0; args++; argn--; } if (argn && !strcmp(*args, "-exout")) { exout = 1; args++; argn--; } if (do_verify == -1) { fprintf(stderr,"%s [dhver|dhgen|] [-exout] (infile outfile)\n",argv[0]); exit(1); } if (argn == 2) { in = fopen(argv[1], "r"); in = fopen(*args, "r"); if (!in) { fprintf(stderr, "Error opening input file\n"); exit(1); } out = fopen(argv[2], "w"); out = fopen(args[1], "w"); if (!out) { fprintf(stderr, "Error opening output file\n"); exit(1); } } else if (argc == 1) else if (argn == 0) { in = stdin; out = stdout; } else { fprintf(stderr,"%s (infile outfile)\n",argv[0]); fprintf(stderr,"%s [dhver|dhgen|] [-exout] (infile outfile)\n",argv[0]); exit(1); } Loading @@ -162,7 +231,6 @@ int main(int argc,char **argv) } if (!parse_line(&keyword, &value, lbuf, buf)) continue; if (!strcmp(keyword, "P")) { if (!do_hex2bn(&dh->p, value)) Loading Loading @@ -192,26 +260,19 @@ int main(int argc,char **argv) { if (!do_hex2bn(&peerkey, value)) goto parse_error; if (do_verify == 0) output_Zhash(out, exout, dh, peerkey, md, NULL, 0); } else if (!strcmp(keyword, "CAVSHashZZ")) { int Zlen; unsigned char *Z; if (!md) goto parse_error; rhash = hex2bin_m(value, &rhashlen); if (!rhash || rhashlen != M_EVP_MD_size(md)) goto parse_error; Z = OPENSSL_malloc(BN_num_bytes(dh->p)); if (!Z) exit(1); Zlen = DH_compute_key_padded(Z, peerkey, dh); OutputValue("Z", Z, Zlen, out, 0); FIPS_digest(Z, Zlen, chash, NULL, md); OutputValue("IUTHashZZ", chash, rhashlen, out, 0); fprintf(out, "Result = %s\n", memcmp(chash, rhash, rhashlen) ? "F" : "P"); OPENSSL_free(Z); output_Zhash(out, exout, dh, peerkey, md, rhash, rhashlen); } } return 0; Loading
