Loading crypto/fips_err.h +2 −12 Original line number Diff line number Diff line Loading @@ -71,13 +71,10 @@ static ERR_STRING_DATA FIPS_str_functs[]= { {ERR_FUNC(FIPS_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"}, {ERR_FUNC(FIPS_F_DRBG_CPRNG_TEST), "DRBG_CPRNG_TEST"}, {ERR_FUNC(FIPS_F_DSA_BUILTIN_PARAMGEN), "DSA_BUILTIN_PARAMGEN"}, {ERR_FUNC(FIPS_F_DSA_BUILTIN_PARAMGEN2), "DSA_BUILTIN_PARAMGEN2"}, {ERR_FUNC(FIPS_F_DSA_DO_SIGN), "DSA_do_sign"}, {ERR_FUNC(FIPS_F_DSA_DO_VERIFY), "DSA_do_verify"}, {ERR_FUNC(FIPS_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"}, {ERR_FUNC(FIPS_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"}, {ERR_FUNC(FIPS_F_FIPS_CHECK_DSA), "FIPS_CHECK_DSA"}, {ERR_FUNC(FIPS_F_FIPS_CHECK_EC), "FIPS_CHECK_EC"}, {ERR_FUNC(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT), "FIPS_check_incore_fingerprint"}, Loading @@ -85,15 +82,14 @@ static ERR_STRING_DATA FIPS_str_functs[]= {ERR_FUNC(FIPS_F_FIPS_CIPHERINIT), "FIPS_CIPHERINIT"}, {ERR_FUNC(FIPS_F_FIPS_DIGESTINIT), "FIPS_DIGESTINIT"}, {ERR_FUNC(FIPS_F_FIPS_DRBG_BYTES), "FIPS_DRBG_BYTES"}, {ERR_FUNC(FIPS_F_FIPS_DRBG_CPRNG_TEST), "FIPS_DRBG_CPRNG_TEST"}, {ERR_FUNC(FIPS_F_FIPS_DRBG_GENERATE), "FIPS_drbg_generate"}, {ERR_FUNC(FIPS_F_FIPS_DRBG_GENERATE_INTERNAL), "FIPS_DRBG_GENERATE_INTERNAL"}, {ERR_FUNC(FIPS_F_FIPS_DRBG_HEALTH_CHECK), "FIPS_DRBG_HEALTH_CHECK"}, {ERR_FUNC(FIPS_F_FIPS_DRBG_INIT), "FIPS_drbg_init"}, {ERR_FUNC(FIPS_F_FIPS_DRBG_INSTANTIATE), "FIPS_drbg_instantiate"}, {ERR_FUNC(FIPS_F_FIPS_DRBG_NEW), "FIPS_drbg_new"}, {ERR_FUNC(FIPS_F_FIPS_DRBG_RESEED), "FIPS_drbg_reseed"}, {ERR_FUNC(FIPS_F_FIPS_DRBG_SINGLE_KAT), "FIPS_DRBG_SINGLE_KAT"}, {ERR_FUNC(FIPS_F_FIPS_DSA_CHECK), "FIPS_DSA_CHECK"}, {ERR_FUNC(FIPS_F_FIPS_MODE_SET), "FIPS_mode_set"}, {ERR_FUNC(FIPS_F_FIPS_PKEY_SIGNATURE_TEST), "fips_pkey_signature_test"}, {ERR_FUNC(FIPS_F_FIPS_RAND_ADD), "FIPS_rand_add"}, Loading @@ -109,7 +105,6 @@ static ERR_STRING_DATA FIPS_str_functs[]= {ERR_FUNC(FIPS_F_FIPS_SELFTEST_DSA), "FIPS_selftest_dsa"}, {ERR_FUNC(FIPS_F_FIPS_SELFTEST_ECDSA), "FIPS_selftest_ecdsa"}, {ERR_FUNC(FIPS_F_FIPS_SELFTEST_HMAC), "FIPS_selftest_hmac"}, {ERR_FUNC(FIPS_F_FIPS_SELFTEST_RNG), "FIPS_selftest_rng"}, {ERR_FUNC(FIPS_F_FIPS_SELFTEST_SHA1), "FIPS_selftest_sha1"}, {ERR_FUNC(FIPS_F_FIPS_SELFTEST_X931), "FIPS_selftest_x931"}, {ERR_FUNC(FIPS_F_HASH_FINAL), "HASH_FINAL"}, Loading @@ -119,7 +114,6 @@ static ERR_STRING_DATA FIPS_str_functs[]= {ERR_FUNC(FIPS_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"}, {ERR_FUNC(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"}, {ERR_FUNC(FIPS_F_RSA_X931_GENERATE_KEY_EX), "RSA_X931_generate_key_ex"}, {ERR_FUNC(FIPS_F_SSLEAY_RAND_BYTES), "SSLEAY_RAND_BYTES"}, {0,NULL} }; Loading @@ -127,8 +121,6 @@ static ERR_STRING_DATA FIPS_str_reasons[]= { {ERR_REASON(FIPS_R_ADDITIONAL_INPUT_TOO_LONG),"additional input too long"}, {ERR_REASON(FIPS_R_ALREADY_INSTANTIATED) ,"already instantiated"}, {ERR_REASON(FIPS_R_CANNOT_READ_EXE) ,"cannot read exe"}, {ERR_REASON(FIPS_R_CANNOT_READ_EXE_DIGEST),"cannot read exe digest"}, {ERR_REASON(FIPS_R_CONTRADICTING_EVIDENCE),"contradicting evidence"}, {ERR_REASON(FIPS_R_DRBG_STUCK) ,"drbg stuck"}, {ERR_REASON(FIPS_R_ENTROPY_ERROR_UNDETECTED),"entropy error undetected"}, Loading @@ -138,7 +130,6 @@ static ERR_STRING_DATA FIPS_str_reasons[]= {ERR_REASON(FIPS_R_ERROR_RETRIEVING_ADDITIONAL_INPUT),"error retrieving additional input"}, {ERR_REASON(FIPS_R_ERROR_RETRIEVING_ENTROPY),"error retrieving entropy"}, {ERR_REASON(FIPS_R_ERROR_RETRIEVING_NONCE),"error retrieving nonce"}, {ERR_REASON(FIPS_R_EXE_DIGEST_DOES_NOT_MATCH),"exe digest does not match"}, {ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH),"fingerprint does not match"}, {ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH_NONPIC_RELOCATED),"fingerprint does not match nonpic relocated"}, {ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING),"fingerprint does not match segment aliasing"}, Loading @@ -162,9 +153,8 @@ static ERR_STRING_DATA FIPS_str_reasons[]= {ERR_REASON(FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG),"request too large for drbg"}, {ERR_REASON(FIPS_R_RESEED_COUNTER_ERROR) ,"reseed counter error"}, {ERR_REASON(FIPS_R_RESEED_ERROR) ,"reseed error"}, {ERR_REASON(FIPS_R_RSA_DECRYPT_ERROR) ,"rsa decrypt error"}, {ERR_REASON(FIPS_R_RSA_ENCRYPT_ERROR) ,"rsa encrypt error"}, {ERR_REASON(FIPS_R_SELFTEST_FAILED) ,"selftest failed"}, {ERR_REASON(FIPS_R_SELFTEST_FAILURE) ,"selftest failure"}, {ERR_REASON(FIPS_R_STRENGTH_ERROR_UNDETECTED),"strength error undetected"}, {ERR_REASON(FIPS_R_TEST_FAILURE) ,"test failure"}, {ERR_REASON(FIPS_R_UNINSTANTIATE_ZEROISE_ERROR),"uninstantiate zeroise error"}, Loading fips/fips.h +83 −93 Original line number Diff line number Diff line Loading @@ -197,102 +197,92 @@ void ERR_load_FIPS_strings(void); /* Function codes. */ #define FIPS_F_DH_BUILTIN_GENPARAMS 100 #define FIPS_F_DRBG_CPRNG_TEST 141 #define FIPS_F_DSA_BUILTIN_PARAMGEN 101 #define FIPS_F_DSA_BUILTIN_PARAMGEN2 126 #define FIPS_F_DSA_DO_SIGN 102 #define FIPS_F_DSA_DO_VERIFY 103 #define FIPS_F_EVP_CIPHERINIT_EX 124 #define FIPS_F_EVP_DIGESTINIT_EX 125 #define FIPS_F_FIPS_CHECK_DSA 104 #define FIPS_F_FIPS_CHECK_EC 129 #define FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT 105 #define FIPS_F_FIPS_CHECK_RSA 106 #define FIPS_F_FIPS_CIPHERINIT 128 #define FIPS_F_FIPS_DIGESTINIT 127 #define FIPS_F_FIPS_DRBG_BYTES 142 #define FIPS_F_FIPS_DRBG_GENERATE 132 #define FIPS_F_FIPS_DRBG_GENERATE_INTERNAL 138 #define FIPS_F_FIPS_DRBG_HEALTH_CHECK 137 #define FIPS_F_FIPS_DRBG_INIT 136 #define FIPS_F_FIPS_DRBG_INSTANTIATE 133 #define FIPS_F_FIPS_DRBG_NEW 134 #define FIPS_F_FIPS_DRBG_RESEED 135 #define FIPS_F_FIPS_DRBG_SINGLE_KAT 140 #define FIPS_F_FIPS_DSA_CHECK 107 #define FIPS_F_FIPS_MODE_SET 108 #define FIPS_F_FIPS_PKEY_SIGNATURE_TEST 109 #define FIPS_F_FIPS_RAND_ADD 143 #define FIPS_F_FIPS_RAND_BYTES 144 #define FIPS_F_FIPS_RAND_PSEUDO_BYTES 145 #define FIPS_F_FIPS_RAND_SEED 148 #define FIPS_F_FIPS_RAND_SET_METHOD 146 #define FIPS_F_FIPS_RAND_STATUS 147 #define FIPS_F_FIPS_SELFTEST_AES 110 #define FIPS_F_FIPS_SELFTEST_AES_GCM 130 #define FIPS_F_FIPS_SELFTEST_CMAC 139 #define FIPS_F_FIPS_SELFTEST_DES 111 #define FIPS_F_FIPS_SELFTEST_DSA 112 #define FIPS_F_FIPS_SELFTEST_ECDSA 131 #define FIPS_F_FIPS_SELFTEST_HMAC 113 #define FIPS_F_FIPS_SELFTEST_RNG 114 #define FIPS_F_FIPS_SELFTEST_SHA1 115 #define FIPS_F_FIPS_SELFTEST_X931 149 #define FIPS_F_HASH_FINAL 123 #define FIPS_F_RSA_BUILTIN_KEYGEN 116 #define FIPS_F_RSA_EAY_PRIVATE_DECRYPT 117 #define FIPS_F_RSA_EAY_PRIVATE_ENCRYPT 118 #define FIPS_F_RSA_EAY_PUBLIC_DECRYPT 119 #define FIPS_F_RSA_EAY_PUBLIC_ENCRYPT 120 #define FIPS_F_RSA_X931_GENERATE_KEY_EX 121 #define FIPS_F_SSLEAY_RAND_BYTES 122 #define FIPS_F_DSA_BUILTIN_PARAMGEN2 102 #define FIPS_F_DSA_DO_SIGN 103 #define FIPS_F_DSA_DO_VERIFY 104 #define FIPS_F_FIPS_CHECK_DSA 105 #define FIPS_F_FIPS_CHECK_EC 106 #define FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT 107 #define FIPS_F_FIPS_CHECK_RSA 108 #define FIPS_F_FIPS_CIPHERINIT 109 #define FIPS_F_FIPS_DIGESTINIT 110 #define FIPS_F_FIPS_DRBG_BYTES 111 #define FIPS_F_FIPS_DRBG_CPRNG_TEST 112 #define FIPS_F_FIPS_DRBG_GENERATE 113 #define FIPS_F_FIPS_DRBG_HEALTH_CHECK 114 #define FIPS_F_FIPS_DRBG_INIT 115 #define FIPS_F_FIPS_DRBG_INSTANTIATE 116 #define FIPS_F_FIPS_DRBG_NEW 117 #define FIPS_F_FIPS_DRBG_RESEED 118 #define FIPS_F_FIPS_DRBG_SINGLE_KAT 119 #define FIPS_F_FIPS_MODE_SET 120 #define FIPS_F_FIPS_PKEY_SIGNATURE_TEST 121 #define FIPS_F_FIPS_RAND_ADD 122 #define FIPS_F_FIPS_RAND_BYTES 123 #define FIPS_F_FIPS_RAND_PSEUDO_BYTES 124 #define FIPS_F_FIPS_RAND_SEED 125 #define FIPS_F_FIPS_RAND_SET_METHOD 126 #define FIPS_F_FIPS_RAND_STATUS 127 #define FIPS_F_FIPS_SELFTEST_AES 128 #define FIPS_F_FIPS_SELFTEST_AES_GCM 129 #define FIPS_F_FIPS_SELFTEST_CMAC 130 #define FIPS_F_FIPS_SELFTEST_DES 131 #define FIPS_F_FIPS_SELFTEST_DSA 132 #define FIPS_F_FIPS_SELFTEST_ECDSA 133 #define FIPS_F_FIPS_SELFTEST_HMAC 134 #define FIPS_F_FIPS_SELFTEST_SHA1 135 #define FIPS_F_FIPS_SELFTEST_X931 136 #define FIPS_F_HASH_FINAL 137 #define FIPS_F_RSA_BUILTIN_KEYGEN 138 #define FIPS_F_RSA_EAY_PRIVATE_DECRYPT 139 #define FIPS_F_RSA_EAY_PRIVATE_ENCRYPT 140 #define FIPS_F_RSA_EAY_PUBLIC_DECRYPT 141 #define FIPS_F_RSA_EAY_PUBLIC_ENCRYPT 142 #define FIPS_F_RSA_X931_GENERATE_KEY_EX 143 /* Reason codes. */ #define FIPS_R_ADDITIONAL_INPUT_TOO_LONG 118 #define FIPS_R_ALREADY_INSTANTIATED 119 #define FIPS_R_CANNOT_READ_EXE 103 #define FIPS_R_CANNOT_READ_EXE_DIGEST 104 #define FIPS_R_CONTRADICTING_EVIDENCE 114 #define FIPS_R_DRBG_STUCK 142 #define FIPS_R_ENTROPY_ERROR_UNDETECTED 133 #define FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED 134 #define FIPS_R_ERROR_INITIALISING_DRBG 120 #define FIPS_R_ERROR_INSTANTIATING_DRBG 121 #define FIPS_R_ERROR_RETRIEVING_ADDITIONAL_INPUT 144 #define FIPS_R_ERROR_RETRIEVING_ENTROPY 122 #define FIPS_R_ERROR_RETRIEVING_NONCE 123 #define FIPS_R_EXE_DIGEST_DOES_NOT_MATCH 105 #define FIPS_R_FINGERPRINT_DOES_NOT_MATCH 110 #define FIPS_R_FINGERPRINT_DOES_NOT_MATCH_NONPIC_RELOCATED 111 #define FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING 112 #define FIPS_R_FIPS_MODE_ALREADY_SET 102 #define FIPS_R_FIPS_SELFTEST_FAILED 106 #define FIPS_R_FUNCTION_ERROR 135 #define FIPS_R_GENERATE_ERROR 124 #define FIPS_R_GENERATE_ERROR_UNDETECTED 136 #define FIPS_R_INSTANTIATE_ERROR 125 #define FIPS_R_INSUFFICIENT_SECURITY_STRENGTH 132 #define FIPS_R_INTERNAL_ERROR 143 #define FIPS_R_INVALID_KEY_LENGTH 109 #define FIPS_R_IN_ERROR_STATE 126 #define FIPS_R_KEY_TOO_SHORT 108 #define FIPS_R_NON_FIPS_METHOD 100 #define FIPS_R_NOT_INSTANTIATED 127 #define FIPS_R_PAIRWISE_TEST_FAILED 107 #define FIPS_R_PERSONALISATION_ERROR_UNDETECTED 137 #define FIPS_R_PERSONALISATION_STRING_TOO_LONG 128 #define FIPS_R_REQUEST_LENGTH_ERROR_UNDETECTED 138 #define FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG 129 #define FIPS_R_RESEED_COUNTER_ERROR 139 #define FIPS_R_RESEED_ERROR 130 #define FIPS_R_RSA_DECRYPT_ERROR 115 #define FIPS_R_RSA_ENCRYPT_ERROR 116 #define FIPS_R_SELFTEST_FAILED 101 #define FIPS_R_STRENGTH_ERROR_UNDETECTED 140 #define FIPS_R_TEST_FAILURE 117 #define FIPS_R_UNINSTANTIATE_ZEROISE_ERROR 141 #define FIPS_R_UNSUPPORTED_DRBG_TYPE 131 #define FIPS_R_UNSUPPORTED_PLATFORM 113 #define FIPS_R_ADDITIONAL_INPUT_TOO_LONG 100 #define FIPS_R_ALREADY_INSTANTIATED 101 #define FIPS_R_CONTRADICTING_EVIDENCE 102 #define FIPS_R_DRBG_STUCK 103 #define FIPS_R_ENTROPY_ERROR_UNDETECTED 104 #define FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED 105 #define FIPS_R_ERROR_INITIALISING_DRBG 106 #define FIPS_R_ERROR_INSTANTIATING_DRBG 107 #define FIPS_R_ERROR_RETRIEVING_ADDITIONAL_INPUT 108 #define FIPS_R_ERROR_RETRIEVING_ENTROPY 109 #define FIPS_R_ERROR_RETRIEVING_NONCE 110 #define FIPS_R_FINGERPRINT_DOES_NOT_MATCH 111 #define FIPS_R_FINGERPRINT_DOES_NOT_MATCH_NONPIC_RELOCATED 112 #define FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING 113 #define FIPS_R_FIPS_MODE_ALREADY_SET 114 #define FIPS_R_FIPS_SELFTEST_FAILED 115 #define FIPS_R_FUNCTION_ERROR 116 #define FIPS_R_GENERATE_ERROR 117 #define FIPS_R_GENERATE_ERROR_UNDETECTED 118 #define FIPS_R_INSTANTIATE_ERROR 119 #define FIPS_R_INSUFFICIENT_SECURITY_STRENGTH 120 #define FIPS_R_INTERNAL_ERROR 121 #define FIPS_R_INVALID_KEY_LENGTH 122 #define FIPS_R_IN_ERROR_STATE 123 #define FIPS_R_KEY_TOO_SHORT 124 #define FIPS_R_NON_FIPS_METHOD 125 #define FIPS_R_NOT_INSTANTIATED 126 #define FIPS_R_PAIRWISE_TEST_FAILED 127 #define FIPS_R_PERSONALISATION_ERROR_UNDETECTED 128 #define FIPS_R_PERSONALISATION_STRING_TOO_LONG 129 #define FIPS_R_REQUEST_LENGTH_ERROR_UNDETECTED 130 #define FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG 131 #define FIPS_R_RESEED_COUNTER_ERROR 132 #define FIPS_R_RESEED_ERROR 133 #define FIPS_R_SELFTEST_FAILED 134 #define FIPS_R_SELFTEST_FAILURE 135 #define FIPS_R_STRENGTH_ERROR_UNDETECTED 136 #define FIPS_R_TEST_FAILURE 137 #define FIPS_R_UNINSTANTIATE_ZEROISE_ERROR 138 #define FIPS_R_UNSUPPORTED_DRBG_TYPE 139 #define FIPS_R_UNSUPPORTED_PLATFORM 140 #ifdef __cplusplus } Loading fips/rand/fips_drbg_lib.c +3 −3 Original line number Diff line number Diff line Loading @@ -91,7 +91,7 @@ int FIPS_drbg_init(DRBG_CTX *dctx, int type, unsigned int flags) DRBG_CTX tctx; if (!fips_drbg_kat(&tctx, type, flags | DRBG_FLAG_TEST)) { /*FIPSerr(FIPS_F_FIPS_DRBG_INIT, FIPS_R_SELFTEST_FAILURE);*/ FIPSerr(FIPS_F_FIPS_DRBG_INIT, FIPS_R_SELFTEST_FAILURE); return 0; } } Loading Loading @@ -426,7 +426,7 @@ int fips_drbg_cprng_test(DRBG_CTX *dctx, const unsigned char *out) /* Check block is valid: should never happen */ if (dctx->lb_valid == 0) { FIPSerr(FIPS_F_DRBG_CPRNG_TEST, FIPS_R_INTERNAL_ERROR); FIPSerr(FIPS_F_FIPS_DRBG_CPRNG_TEST, FIPS_R_INTERNAL_ERROR); fips_set_selftest_fail(); return 0; } Loading @@ -435,7 +435,7 @@ int fips_drbg_cprng_test(DRBG_CTX *dctx, const unsigned char *out) /* Check against last block: fail if match */ if (!memcmp(dctx->lb, out, dctx->blocklength)) { FIPSerr(FIPS_F_DRBG_CPRNG_TEST, FIPS_R_DRBG_STUCK); FIPSerr(FIPS_F_FIPS_DRBG_CPRNG_TEST, FIPS_R_DRBG_STUCK); fips_set_selftest_fail(); return 0; } Loading Loading
crypto/fips_err.h +2 −12 Original line number Diff line number Diff line Loading @@ -71,13 +71,10 @@ static ERR_STRING_DATA FIPS_str_functs[]= { {ERR_FUNC(FIPS_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"}, {ERR_FUNC(FIPS_F_DRBG_CPRNG_TEST), "DRBG_CPRNG_TEST"}, {ERR_FUNC(FIPS_F_DSA_BUILTIN_PARAMGEN), "DSA_BUILTIN_PARAMGEN"}, {ERR_FUNC(FIPS_F_DSA_BUILTIN_PARAMGEN2), "DSA_BUILTIN_PARAMGEN2"}, {ERR_FUNC(FIPS_F_DSA_DO_SIGN), "DSA_do_sign"}, {ERR_FUNC(FIPS_F_DSA_DO_VERIFY), "DSA_do_verify"}, {ERR_FUNC(FIPS_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"}, {ERR_FUNC(FIPS_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"}, {ERR_FUNC(FIPS_F_FIPS_CHECK_DSA), "FIPS_CHECK_DSA"}, {ERR_FUNC(FIPS_F_FIPS_CHECK_EC), "FIPS_CHECK_EC"}, {ERR_FUNC(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT), "FIPS_check_incore_fingerprint"}, Loading @@ -85,15 +82,14 @@ static ERR_STRING_DATA FIPS_str_functs[]= {ERR_FUNC(FIPS_F_FIPS_CIPHERINIT), "FIPS_CIPHERINIT"}, {ERR_FUNC(FIPS_F_FIPS_DIGESTINIT), "FIPS_DIGESTINIT"}, {ERR_FUNC(FIPS_F_FIPS_DRBG_BYTES), "FIPS_DRBG_BYTES"}, {ERR_FUNC(FIPS_F_FIPS_DRBG_CPRNG_TEST), "FIPS_DRBG_CPRNG_TEST"}, {ERR_FUNC(FIPS_F_FIPS_DRBG_GENERATE), "FIPS_drbg_generate"}, {ERR_FUNC(FIPS_F_FIPS_DRBG_GENERATE_INTERNAL), "FIPS_DRBG_GENERATE_INTERNAL"}, {ERR_FUNC(FIPS_F_FIPS_DRBG_HEALTH_CHECK), "FIPS_DRBG_HEALTH_CHECK"}, {ERR_FUNC(FIPS_F_FIPS_DRBG_INIT), "FIPS_drbg_init"}, {ERR_FUNC(FIPS_F_FIPS_DRBG_INSTANTIATE), "FIPS_drbg_instantiate"}, {ERR_FUNC(FIPS_F_FIPS_DRBG_NEW), "FIPS_drbg_new"}, {ERR_FUNC(FIPS_F_FIPS_DRBG_RESEED), "FIPS_drbg_reseed"}, {ERR_FUNC(FIPS_F_FIPS_DRBG_SINGLE_KAT), "FIPS_DRBG_SINGLE_KAT"}, {ERR_FUNC(FIPS_F_FIPS_DSA_CHECK), "FIPS_DSA_CHECK"}, {ERR_FUNC(FIPS_F_FIPS_MODE_SET), "FIPS_mode_set"}, {ERR_FUNC(FIPS_F_FIPS_PKEY_SIGNATURE_TEST), "fips_pkey_signature_test"}, {ERR_FUNC(FIPS_F_FIPS_RAND_ADD), "FIPS_rand_add"}, Loading @@ -109,7 +105,6 @@ static ERR_STRING_DATA FIPS_str_functs[]= {ERR_FUNC(FIPS_F_FIPS_SELFTEST_DSA), "FIPS_selftest_dsa"}, {ERR_FUNC(FIPS_F_FIPS_SELFTEST_ECDSA), "FIPS_selftest_ecdsa"}, {ERR_FUNC(FIPS_F_FIPS_SELFTEST_HMAC), "FIPS_selftest_hmac"}, {ERR_FUNC(FIPS_F_FIPS_SELFTEST_RNG), "FIPS_selftest_rng"}, {ERR_FUNC(FIPS_F_FIPS_SELFTEST_SHA1), "FIPS_selftest_sha1"}, {ERR_FUNC(FIPS_F_FIPS_SELFTEST_X931), "FIPS_selftest_x931"}, {ERR_FUNC(FIPS_F_HASH_FINAL), "HASH_FINAL"}, Loading @@ -119,7 +114,6 @@ static ERR_STRING_DATA FIPS_str_functs[]= {ERR_FUNC(FIPS_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"}, {ERR_FUNC(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"}, {ERR_FUNC(FIPS_F_RSA_X931_GENERATE_KEY_EX), "RSA_X931_generate_key_ex"}, {ERR_FUNC(FIPS_F_SSLEAY_RAND_BYTES), "SSLEAY_RAND_BYTES"}, {0,NULL} }; Loading @@ -127,8 +121,6 @@ static ERR_STRING_DATA FIPS_str_reasons[]= { {ERR_REASON(FIPS_R_ADDITIONAL_INPUT_TOO_LONG),"additional input too long"}, {ERR_REASON(FIPS_R_ALREADY_INSTANTIATED) ,"already instantiated"}, {ERR_REASON(FIPS_R_CANNOT_READ_EXE) ,"cannot read exe"}, {ERR_REASON(FIPS_R_CANNOT_READ_EXE_DIGEST),"cannot read exe digest"}, {ERR_REASON(FIPS_R_CONTRADICTING_EVIDENCE),"contradicting evidence"}, {ERR_REASON(FIPS_R_DRBG_STUCK) ,"drbg stuck"}, {ERR_REASON(FIPS_R_ENTROPY_ERROR_UNDETECTED),"entropy error undetected"}, Loading @@ -138,7 +130,6 @@ static ERR_STRING_DATA FIPS_str_reasons[]= {ERR_REASON(FIPS_R_ERROR_RETRIEVING_ADDITIONAL_INPUT),"error retrieving additional input"}, {ERR_REASON(FIPS_R_ERROR_RETRIEVING_ENTROPY),"error retrieving entropy"}, {ERR_REASON(FIPS_R_ERROR_RETRIEVING_NONCE),"error retrieving nonce"}, {ERR_REASON(FIPS_R_EXE_DIGEST_DOES_NOT_MATCH),"exe digest does not match"}, {ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH),"fingerprint does not match"}, {ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH_NONPIC_RELOCATED),"fingerprint does not match nonpic relocated"}, {ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING),"fingerprint does not match segment aliasing"}, Loading @@ -162,9 +153,8 @@ static ERR_STRING_DATA FIPS_str_reasons[]= {ERR_REASON(FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG),"request too large for drbg"}, {ERR_REASON(FIPS_R_RESEED_COUNTER_ERROR) ,"reseed counter error"}, {ERR_REASON(FIPS_R_RESEED_ERROR) ,"reseed error"}, {ERR_REASON(FIPS_R_RSA_DECRYPT_ERROR) ,"rsa decrypt error"}, {ERR_REASON(FIPS_R_RSA_ENCRYPT_ERROR) ,"rsa encrypt error"}, {ERR_REASON(FIPS_R_SELFTEST_FAILED) ,"selftest failed"}, {ERR_REASON(FIPS_R_SELFTEST_FAILURE) ,"selftest failure"}, {ERR_REASON(FIPS_R_STRENGTH_ERROR_UNDETECTED),"strength error undetected"}, {ERR_REASON(FIPS_R_TEST_FAILURE) ,"test failure"}, {ERR_REASON(FIPS_R_UNINSTANTIATE_ZEROISE_ERROR),"uninstantiate zeroise error"}, Loading
fips/fips.h +83 −93 Original line number Diff line number Diff line Loading @@ -197,102 +197,92 @@ void ERR_load_FIPS_strings(void); /* Function codes. */ #define FIPS_F_DH_BUILTIN_GENPARAMS 100 #define FIPS_F_DRBG_CPRNG_TEST 141 #define FIPS_F_DSA_BUILTIN_PARAMGEN 101 #define FIPS_F_DSA_BUILTIN_PARAMGEN2 126 #define FIPS_F_DSA_DO_SIGN 102 #define FIPS_F_DSA_DO_VERIFY 103 #define FIPS_F_EVP_CIPHERINIT_EX 124 #define FIPS_F_EVP_DIGESTINIT_EX 125 #define FIPS_F_FIPS_CHECK_DSA 104 #define FIPS_F_FIPS_CHECK_EC 129 #define FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT 105 #define FIPS_F_FIPS_CHECK_RSA 106 #define FIPS_F_FIPS_CIPHERINIT 128 #define FIPS_F_FIPS_DIGESTINIT 127 #define FIPS_F_FIPS_DRBG_BYTES 142 #define FIPS_F_FIPS_DRBG_GENERATE 132 #define FIPS_F_FIPS_DRBG_GENERATE_INTERNAL 138 #define FIPS_F_FIPS_DRBG_HEALTH_CHECK 137 #define FIPS_F_FIPS_DRBG_INIT 136 #define FIPS_F_FIPS_DRBG_INSTANTIATE 133 #define FIPS_F_FIPS_DRBG_NEW 134 #define FIPS_F_FIPS_DRBG_RESEED 135 #define FIPS_F_FIPS_DRBG_SINGLE_KAT 140 #define FIPS_F_FIPS_DSA_CHECK 107 #define FIPS_F_FIPS_MODE_SET 108 #define FIPS_F_FIPS_PKEY_SIGNATURE_TEST 109 #define FIPS_F_FIPS_RAND_ADD 143 #define FIPS_F_FIPS_RAND_BYTES 144 #define FIPS_F_FIPS_RAND_PSEUDO_BYTES 145 #define FIPS_F_FIPS_RAND_SEED 148 #define FIPS_F_FIPS_RAND_SET_METHOD 146 #define FIPS_F_FIPS_RAND_STATUS 147 #define FIPS_F_FIPS_SELFTEST_AES 110 #define FIPS_F_FIPS_SELFTEST_AES_GCM 130 #define FIPS_F_FIPS_SELFTEST_CMAC 139 #define FIPS_F_FIPS_SELFTEST_DES 111 #define FIPS_F_FIPS_SELFTEST_DSA 112 #define FIPS_F_FIPS_SELFTEST_ECDSA 131 #define FIPS_F_FIPS_SELFTEST_HMAC 113 #define FIPS_F_FIPS_SELFTEST_RNG 114 #define FIPS_F_FIPS_SELFTEST_SHA1 115 #define FIPS_F_FIPS_SELFTEST_X931 149 #define FIPS_F_HASH_FINAL 123 #define FIPS_F_RSA_BUILTIN_KEYGEN 116 #define FIPS_F_RSA_EAY_PRIVATE_DECRYPT 117 #define FIPS_F_RSA_EAY_PRIVATE_ENCRYPT 118 #define FIPS_F_RSA_EAY_PUBLIC_DECRYPT 119 #define FIPS_F_RSA_EAY_PUBLIC_ENCRYPT 120 #define FIPS_F_RSA_X931_GENERATE_KEY_EX 121 #define FIPS_F_SSLEAY_RAND_BYTES 122 #define FIPS_F_DSA_BUILTIN_PARAMGEN2 102 #define FIPS_F_DSA_DO_SIGN 103 #define FIPS_F_DSA_DO_VERIFY 104 #define FIPS_F_FIPS_CHECK_DSA 105 #define FIPS_F_FIPS_CHECK_EC 106 #define FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT 107 #define FIPS_F_FIPS_CHECK_RSA 108 #define FIPS_F_FIPS_CIPHERINIT 109 #define FIPS_F_FIPS_DIGESTINIT 110 #define FIPS_F_FIPS_DRBG_BYTES 111 #define FIPS_F_FIPS_DRBG_CPRNG_TEST 112 #define FIPS_F_FIPS_DRBG_GENERATE 113 #define FIPS_F_FIPS_DRBG_HEALTH_CHECK 114 #define FIPS_F_FIPS_DRBG_INIT 115 #define FIPS_F_FIPS_DRBG_INSTANTIATE 116 #define FIPS_F_FIPS_DRBG_NEW 117 #define FIPS_F_FIPS_DRBG_RESEED 118 #define FIPS_F_FIPS_DRBG_SINGLE_KAT 119 #define FIPS_F_FIPS_MODE_SET 120 #define FIPS_F_FIPS_PKEY_SIGNATURE_TEST 121 #define FIPS_F_FIPS_RAND_ADD 122 #define FIPS_F_FIPS_RAND_BYTES 123 #define FIPS_F_FIPS_RAND_PSEUDO_BYTES 124 #define FIPS_F_FIPS_RAND_SEED 125 #define FIPS_F_FIPS_RAND_SET_METHOD 126 #define FIPS_F_FIPS_RAND_STATUS 127 #define FIPS_F_FIPS_SELFTEST_AES 128 #define FIPS_F_FIPS_SELFTEST_AES_GCM 129 #define FIPS_F_FIPS_SELFTEST_CMAC 130 #define FIPS_F_FIPS_SELFTEST_DES 131 #define FIPS_F_FIPS_SELFTEST_DSA 132 #define FIPS_F_FIPS_SELFTEST_ECDSA 133 #define FIPS_F_FIPS_SELFTEST_HMAC 134 #define FIPS_F_FIPS_SELFTEST_SHA1 135 #define FIPS_F_FIPS_SELFTEST_X931 136 #define FIPS_F_HASH_FINAL 137 #define FIPS_F_RSA_BUILTIN_KEYGEN 138 #define FIPS_F_RSA_EAY_PRIVATE_DECRYPT 139 #define FIPS_F_RSA_EAY_PRIVATE_ENCRYPT 140 #define FIPS_F_RSA_EAY_PUBLIC_DECRYPT 141 #define FIPS_F_RSA_EAY_PUBLIC_ENCRYPT 142 #define FIPS_F_RSA_X931_GENERATE_KEY_EX 143 /* Reason codes. */ #define FIPS_R_ADDITIONAL_INPUT_TOO_LONG 118 #define FIPS_R_ALREADY_INSTANTIATED 119 #define FIPS_R_CANNOT_READ_EXE 103 #define FIPS_R_CANNOT_READ_EXE_DIGEST 104 #define FIPS_R_CONTRADICTING_EVIDENCE 114 #define FIPS_R_DRBG_STUCK 142 #define FIPS_R_ENTROPY_ERROR_UNDETECTED 133 #define FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED 134 #define FIPS_R_ERROR_INITIALISING_DRBG 120 #define FIPS_R_ERROR_INSTANTIATING_DRBG 121 #define FIPS_R_ERROR_RETRIEVING_ADDITIONAL_INPUT 144 #define FIPS_R_ERROR_RETRIEVING_ENTROPY 122 #define FIPS_R_ERROR_RETRIEVING_NONCE 123 #define FIPS_R_EXE_DIGEST_DOES_NOT_MATCH 105 #define FIPS_R_FINGERPRINT_DOES_NOT_MATCH 110 #define FIPS_R_FINGERPRINT_DOES_NOT_MATCH_NONPIC_RELOCATED 111 #define FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING 112 #define FIPS_R_FIPS_MODE_ALREADY_SET 102 #define FIPS_R_FIPS_SELFTEST_FAILED 106 #define FIPS_R_FUNCTION_ERROR 135 #define FIPS_R_GENERATE_ERROR 124 #define FIPS_R_GENERATE_ERROR_UNDETECTED 136 #define FIPS_R_INSTANTIATE_ERROR 125 #define FIPS_R_INSUFFICIENT_SECURITY_STRENGTH 132 #define FIPS_R_INTERNAL_ERROR 143 #define FIPS_R_INVALID_KEY_LENGTH 109 #define FIPS_R_IN_ERROR_STATE 126 #define FIPS_R_KEY_TOO_SHORT 108 #define FIPS_R_NON_FIPS_METHOD 100 #define FIPS_R_NOT_INSTANTIATED 127 #define FIPS_R_PAIRWISE_TEST_FAILED 107 #define FIPS_R_PERSONALISATION_ERROR_UNDETECTED 137 #define FIPS_R_PERSONALISATION_STRING_TOO_LONG 128 #define FIPS_R_REQUEST_LENGTH_ERROR_UNDETECTED 138 #define FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG 129 #define FIPS_R_RESEED_COUNTER_ERROR 139 #define FIPS_R_RESEED_ERROR 130 #define FIPS_R_RSA_DECRYPT_ERROR 115 #define FIPS_R_RSA_ENCRYPT_ERROR 116 #define FIPS_R_SELFTEST_FAILED 101 #define FIPS_R_STRENGTH_ERROR_UNDETECTED 140 #define FIPS_R_TEST_FAILURE 117 #define FIPS_R_UNINSTANTIATE_ZEROISE_ERROR 141 #define FIPS_R_UNSUPPORTED_DRBG_TYPE 131 #define FIPS_R_UNSUPPORTED_PLATFORM 113 #define FIPS_R_ADDITIONAL_INPUT_TOO_LONG 100 #define FIPS_R_ALREADY_INSTANTIATED 101 #define FIPS_R_CONTRADICTING_EVIDENCE 102 #define FIPS_R_DRBG_STUCK 103 #define FIPS_R_ENTROPY_ERROR_UNDETECTED 104 #define FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED 105 #define FIPS_R_ERROR_INITIALISING_DRBG 106 #define FIPS_R_ERROR_INSTANTIATING_DRBG 107 #define FIPS_R_ERROR_RETRIEVING_ADDITIONAL_INPUT 108 #define FIPS_R_ERROR_RETRIEVING_ENTROPY 109 #define FIPS_R_ERROR_RETRIEVING_NONCE 110 #define FIPS_R_FINGERPRINT_DOES_NOT_MATCH 111 #define FIPS_R_FINGERPRINT_DOES_NOT_MATCH_NONPIC_RELOCATED 112 #define FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING 113 #define FIPS_R_FIPS_MODE_ALREADY_SET 114 #define FIPS_R_FIPS_SELFTEST_FAILED 115 #define FIPS_R_FUNCTION_ERROR 116 #define FIPS_R_GENERATE_ERROR 117 #define FIPS_R_GENERATE_ERROR_UNDETECTED 118 #define FIPS_R_INSTANTIATE_ERROR 119 #define FIPS_R_INSUFFICIENT_SECURITY_STRENGTH 120 #define FIPS_R_INTERNAL_ERROR 121 #define FIPS_R_INVALID_KEY_LENGTH 122 #define FIPS_R_IN_ERROR_STATE 123 #define FIPS_R_KEY_TOO_SHORT 124 #define FIPS_R_NON_FIPS_METHOD 125 #define FIPS_R_NOT_INSTANTIATED 126 #define FIPS_R_PAIRWISE_TEST_FAILED 127 #define FIPS_R_PERSONALISATION_ERROR_UNDETECTED 128 #define FIPS_R_PERSONALISATION_STRING_TOO_LONG 129 #define FIPS_R_REQUEST_LENGTH_ERROR_UNDETECTED 130 #define FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG 131 #define FIPS_R_RESEED_COUNTER_ERROR 132 #define FIPS_R_RESEED_ERROR 133 #define FIPS_R_SELFTEST_FAILED 134 #define FIPS_R_SELFTEST_FAILURE 135 #define FIPS_R_STRENGTH_ERROR_UNDETECTED 136 #define FIPS_R_TEST_FAILURE 137 #define FIPS_R_UNINSTANTIATE_ZEROISE_ERROR 138 #define FIPS_R_UNSUPPORTED_DRBG_TYPE 139 #define FIPS_R_UNSUPPORTED_PLATFORM 140 #ifdef __cplusplus } Loading
fips/rand/fips_drbg_lib.c +3 −3 Original line number Diff line number Diff line Loading @@ -91,7 +91,7 @@ int FIPS_drbg_init(DRBG_CTX *dctx, int type, unsigned int flags) DRBG_CTX tctx; if (!fips_drbg_kat(&tctx, type, flags | DRBG_FLAG_TEST)) { /*FIPSerr(FIPS_F_FIPS_DRBG_INIT, FIPS_R_SELFTEST_FAILURE);*/ FIPSerr(FIPS_F_FIPS_DRBG_INIT, FIPS_R_SELFTEST_FAILURE); return 0; } } Loading Loading @@ -426,7 +426,7 @@ int fips_drbg_cprng_test(DRBG_CTX *dctx, const unsigned char *out) /* Check block is valid: should never happen */ if (dctx->lb_valid == 0) { FIPSerr(FIPS_F_DRBG_CPRNG_TEST, FIPS_R_INTERNAL_ERROR); FIPSerr(FIPS_F_FIPS_DRBG_CPRNG_TEST, FIPS_R_INTERNAL_ERROR); fips_set_selftest_fail(); return 0; } Loading @@ -435,7 +435,7 @@ int fips_drbg_cprng_test(DRBG_CTX *dctx, const unsigned char *out) /* Check against last block: fail if match */ if (!memcmp(dctx->lb, out, dctx->blocklength)) { FIPSerr(FIPS_F_DRBG_CPRNG_TEST, FIPS_R_DRBG_STUCK); FIPSerr(FIPS_F_FIPS_DRBG_CPRNG_TEST, FIPS_R_DRBG_STUCK); fips_set_selftest_fail(); return 0; } Loading
