Loading fips/fips.h +0 −1 Original line number Original line Diff line number Diff line Loading @@ -79,7 +79,6 @@ int FIPS_selftest_des(void); int FIPS_selftest_rsa(void); int FIPS_selftest_rsa(void); int FIPS_selftest_dsa(void); int FIPS_selftest_dsa(void); int FIPS_selftest_ecdsa(void); int FIPS_selftest_ecdsa(void); void FIPS_corrupt_x931(void); void FIPS_corrupt_drbg(void); void FIPS_corrupt_drbg(void); void FIPS_x931_stick(void); void FIPS_x931_stick(void); void FIPS_drbg_stick(void); void FIPS_drbg_stick(void); Loading fips/fips_test_suite.c +4 −1 Original line number Original line Diff line number Diff line Loading @@ -711,6 +711,7 @@ static int fail_key = -1; static int post_cb(int op, int id, int subid, void *ex) static int post_cb(int op, int id, int subid, void *ex) { { const char *idstr, *exstr = ""; const char *idstr, *exstr = ""; char asctmp[20]; int keytype = -1; int keytype = -1; switch(id) switch(id) { { Loading Loading @@ -762,6 +763,8 @@ static int post_cb(int op, int id, int subid, void *ex) case FIPS_TEST_X931: case FIPS_TEST_X931: idstr = "X9.31 PRNG"; idstr = "X9.31 PRNG"; sprintf(asctmp, "keylen=%d", subid); exstr = asctmp; break; break; case FIPS_TEST_DRBG: case FIPS_TEST_DRBG: Loading Loading @@ -883,7 +886,7 @@ int main(int argc,char **argv) } else if (!strcmp(argv[1], "drbg")) { } else if (!strcmp(argv[1], "drbg")) { FIPS_corrupt_drbg(); FIPS_corrupt_drbg(); } else if (!strcmp(argv[1], "rng")) { } else if (!strcmp(argv[1], "rng")) { FIPS_corrupt_x931(); fail_id = FIPS_TEST_X931; } else if (!strcmp(argv[1], "rngstick")) { } else if (!strcmp(argv[1], "rngstick")) { do_rng_stick = 1; do_rng_stick = 1; no_exit = 1; no_exit = 1; Loading fips/rand/fips_rand_selftest.c +22 −16 Original line number Original line Diff line number Diff line Loading @@ -54,6 +54,7 @@ #include <openssl/fips.h> #include <openssl/fips.h> #include <openssl/rand.h> #include <openssl/rand.h> #include <openssl/fips_rand.h> #include <openssl/fips_rand.h> #include "fips_locl.h" #ifdef OPENSSL_FIPS #ifdef OPENSSL_FIPS Loading Loading @@ -324,11 +325,6 @@ static AES_PRNG_TV aes_256_tv[] = { }; }; void FIPS_corrupt_x931() { aes_192_tv[0].V[0]++; } #define fips_x931_test(key, tv) \ #define fips_x931_test(key, tv) \ do_x931_test(key, sizeof key, tv, sizeof(tv)/sizeof(AES_PRNG_TV)) do_x931_test(key, sizeof key, tv, sizeof(tv)/sizeof(AES_PRNG_TV)) Loading @@ -336,38 +332,48 @@ static int do_x931_test(unsigned char *key, int keylen, AES_PRNG_TV *tv, int ntv) AES_PRNG_TV *tv, int ntv) { { unsigned char R[16]; unsigned char R[16]; int i; int i, rv = 1; if (!FIPS_x931_set_key(key, keylen)) if (!FIPS_x931_set_key(key, keylen)) return 0; return 0; for (i = 0; i < ntv; i++) for (i = 0; i < ntv; i++) { { if (!fips_post_started(FIPS_TEST_X931, keylen, NULL)) return 1; if (!fips_post_corrupt(FIPS_TEST_X931, keylen, NULL)) tv[i].V[0]++; FIPS_x931_seed(tv[i].V, 16); FIPS_x931_seed(tv[i].V, 16); FIPS_x931_set_dt(tv[i].DT); FIPS_x931_set_dt(tv[i].DT); FIPS_x931_bytes(R, 16); FIPS_x931_bytes(R, 16); if (memcmp(R, tv[i].R, 16)) if (memcmp(R, tv[i].R, 16)) { fips_post_failed(FIPS_TEST_X931, keylen, NULL); rv = 0; } else if (!fips_post_success(FIPS_TEST_X931, keylen, NULL)) return 0; return 0; } } return 1; return rv; } } int FIPS_selftest_x931() int FIPS_selftest_x931() { { int rv = 1; FIPS_x931_reset(); FIPS_x931_reset(); if (!FIPS_x931_test_mode()) if (!FIPS_x931_test_mode()) { { FIPSerr(FIPS_F_FIPS_SELFTEST_X931,FIPS_R_SELFTEST_FAILED); FIPSerr(FIPS_F_FIPS_SELFTEST_X931,FIPS_R_SELFTEST_FAILED); return 0; return 0; } } if (!fips_x931_test(aes_128_key,aes_128_tv) if (!fips_x931_test(aes_128_key,aes_128_tv)) || !fips_x931_test(aes_192_key, aes_192_tv) rv = 0; || !fips_x931_test(aes_256_key, aes_256_tv)) if (!fips_x931_test(aes_192_key, aes_192_tv)) { rv = 0; FIPSerr(FIPS_F_FIPS_SELFTEST_X931,FIPS_R_SELFTEST_FAILED); if (!fips_x931_test(aes_256_key, aes_256_tv)) return 0; rv = 0; } FIPS_x931_reset(); FIPS_x931_reset(); return 1; if (!rv) FIPSerr(FIPS_F_FIPS_SELFTEST_X931,FIPS_R_SELFTEST_FAILED); return rv; } } #endif #endif Loading
fips/fips.h +0 −1 Original line number Original line Diff line number Diff line Loading @@ -79,7 +79,6 @@ int FIPS_selftest_des(void); int FIPS_selftest_rsa(void); int FIPS_selftest_rsa(void); int FIPS_selftest_dsa(void); int FIPS_selftest_dsa(void); int FIPS_selftest_ecdsa(void); int FIPS_selftest_ecdsa(void); void FIPS_corrupt_x931(void); void FIPS_corrupt_drbg(void); void FIPS_corrupt_drbg(void); void FIPS_x931_stick(void); void FIPS_x931_stick(void); void FIPS_drbg_stick(void); void FIPS_drbg_stick(void); Loading
fips/fips_test_suite.c +4 −1 Original line number Original line Diff line number Diff line Loading @@ -711,6 +711,7 @@ static int fail_key = -1; static int post_cb(int op, int id, int subid, void *ex) static int post_cb(int op, int id, int subid, void *ex) { { const char *idstr, *exstr = ""; const char *idstr, *exstr = ""; char asctmp[20]; int keytype = -1; int keytype = -1; switch(id) switch(id) { { Loading Loading @@ -762,6 +763,8 @@ static int post_cb(int op, int id, int subid, void *ex) case FIPS_TEST_X931: case FIPS_TEST_X931: idstr = "X9.31 PRNG"; idstr = "X9.31 PRNG"; sprintf(asctmp, "keylen=%d", subid); exstr = asctmp; break; break; case FIPS_TEST_DRBG: case FIPS_TEST_DRBG: Loading Loading @@ -883,7 +886,7 @@ int main(int argc,char **argv) } else if (!strcmp(argv[1], "drbg")) { } else if (!strcmp(argv[1], "drbg")) { FIPS_corrupt_drbg(); FIPS_corrupt_drbg(); } else if (!strcmp(argv[1], "rng")) { } else if (!strcmp(argv[1], "rng")) { FIPS_corrupt_x931(); fail_id = FIPS_TEST_X931; } else if (!strcmp(argv[1], "rngstick")) { } else if (!strcmp(argv[1], "rngstick")) { do_rng_stick = 1; do_rng_stick = 1; no_exit = 1; no_exit = 1; Loading
fips/rand/fips_rand_selftest.c +22 −16 Original line number Original line Diff line number Diff line Loading @@ -54,6 +54,7 @@ #include <openssl/fips.h> #include <openssl/fips.h> #include <openssl/rand.h> #include <openssl/rand.h> #include <openssl/fips_rand.h> #include <openssl/fips_rand.h> #include "fips_locl.h" #ifdef OPENSSL_FIPS #ifdef OPENSSL_FIPS Loading Loading @@ -324,11 +325,6 @@ static AES_PRNG_TV aes_256_tv[] = { }; }; void FIPS_corrupt_x931() { aes_192_tv[0].V[0]++; } #define fips_x931_test(key, tv) \ #define fips_x931_test(key, tv) \ do_x931_test(key, sizeof key, tv, sizeof(tv)/sizeof(AES_PRNG_TV)) do_x931_test(key, sizeof key, tv, sizeof(tv)/sizeof(AES_PRNG_TV)) Loading @@ -336,38 +332,48 @@ static int do_x931_test(unsigned char *key, int keylen, AES_PRNG_TV *tv, int ntv) AES_PRNG_TV *tv, int ntv) { { unsigned char R[16]; unsigned char R[16]; int i; int i, rv = 1; if (!FIPS_x931_set_key(key, keylen)) if (!FIPS_x931_set_key(key, keylen)) return 0; return 0; for (i = 0; i < ntv; i++) for (i = 0; i < ntv; i++) { { if (!fips_post_started(FIPS_TEST_X931, keylen, NULL)) return 1; if (!fips_post_corrupt(FIPS_TEST_X931, keylen, NULL)) tv[i].V[0]++; FIPS_x931_seed(tv[i].V, 16); FIPS_x931_seed(tv[i].V, 16); FIPS_x931_set_dt(tv[i].DT); FIPS_x931_set_dt(tv[i].DT); FIPS_x931_bytes(R, 16); FIPS_x931_bytes(R, 16); if (memcmp(R, tv[i].R, 16)) if (memcmp(R, tv[i].R, 16)) { fips_post_failed(FIPS_TEST_X931, keylen, NULL); rv = 0; } else if (!fips_post_success(FIPS_TEST_X931, keylen, NULL)) return 0; return 0; } } return 1; return rv; } } int FIPS_selftest_x931() int FIPS_selftest_x931() { { int rv = 1; FIPS_x931_reset(); FIPS_x931_reset(); if (!FIPS_x931_test_mode()) if (!FIPS_x931_test_mode()) { { FIPSerr(FIPS_F_FIPS_SELFTEST_X931,FIPS_R_SELFTEST_FAILED); FIPSerr(FIPS_F_FIPS_SELFTEST_X931,FIPS_R_SELFTEST_FAILED); return 0; return 0; } } if (!fips_x931_test(aes_128_key,aes_128_tv) if (!fips_x931_test(aes_128_key,aes_128_tv)) || !fips_x931_test(aes_192_key, aes_192_tv) rv = 0; || !fips_x931_test(aes_256_key, aes_256_tv)) if (!fips_x931_test(aes_192_key, aes_192_tv)) { rv = 0; FIPSerr(FIPS_F_FIPS_SELFTEST_X931,FIPS_R_SELFTEST_FAILED); if (!fips_x931_test(aes_256_key, aes_256_tv)) return 0; rv = 0; } FIPS_x931_reset(); FIPS_x931_reset(); return 1; if (!rv) FIPSerr(FIPS_F_FIPS_SELFTEST_X931,FIPS_R_SELFTEST_FAILED); return rv; } } #endif #endif
