Loading fips/aes/fips_aes_selftest.c +28 −18 Original line number Diff line number Diff line Loading @@ -53,6 +53,7 @@ #include <openssl/err.h> #include <openssl/fips.h> #include <openssl/evp.h> #include "fips_locl.h" #ifdef OPENSSL_FIPS static struct Loading Loading @@ -123,22 +124,23 @@ static const unsigned char gcm_tag[] = { 0x98,0xf7,0x7e,0x0c }; static int corrupt_aes_gcm = 0; void FIPS_corrupt_aes_gcm(void) { corrupt_aes_gcm = 1; } int FIPS_selftest_aes_gcm(void) { int ret = 0; int ret = 0, do_corrupt = 0; unsigned char out[128], tag[16]; EVP_CIPHER_CTX ctx; FIPS_cipher_ctx_init(&ctx); FIPS_cipherinit(&ctx, EVP_aes_256_gcm(), NULL, NULL, 1); FIPS_cipher_ctx_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN, sizeof(gcm_iv), NULL); memset(out, 0, sizeof(out)); memset(tag, 0, sizeof(tag)); if (!fips_post_started(FIPS_TEST_GCM, 0, 0)) return 1; if (!fips_post_corrupt(FIPS_TEST_HMAC, 0, NULL)) do_corrupt = 1; if (!FIPS_cipherinit(&ctx, EVP_aes_256_gcm(), NULL, NULL, 1)) goto err; if (!FIPS_cipher_ctx_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN, sizeof(gcm_iv), NULL)) goto err; if (!FIPS_cipherinit(&ctx, NULL, gcm_key, gcm_iv, 1)) goto err; if (FIPS_cipher(&ctx, NULL, gcm_aad, sizeof(gcm_aad)) < 0) Loading @@ -154,13 +156,17 @@ int FIPS_selftest_aes_gcm(void) if (memcmp(tag, gcm_tag, 16) || memcmp(out, gcm_ct, 16)) goto err; memset(out, 0, sizeof(out)); /* Modify expected tag value */ if (corrupt_aes_gcm) if (do_corrupt) tag[0]++; FIPS_cipherinit(&ctx, EVP_aes_256_gcm(), NULL, NULL, 0); FIPS_cipher_ctx_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN, sizeof(gcm_iv), NULL); if (!FIPS_cipherinit(&ctx, EVP_aes_256_gcm(), NULL, NULL, 0)) goto err; if (!FIPS_cipher_ctx_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN, sizeof(gcm_iv), NULL)) goto err; if (!FIPS_cipher_ctx_ctrl(&ctx, EVP_CTRL_GCM_SET_TAG, 16, tag)) goto err; if (!FIPS_cipherinit(&ctx, NULL, gcm_key, gcm_iv, 0)) Loading @@ -178,13 +184,17 @@ int FIPS_selftest_aes_gcm(void) ret = 1; err: FIPS_cipher_ctx_cleanup(&ctx); if (ret == 0) { fips_post_failed(FIPS_TEST_GCM, 0, NULL); FIPSerr(FIPS_F_FIPS_SELFTEST_AES_GCM,FIPS_R_SELFTEST_FAILED); return 0; } else return fips_post_success(FIPS_TEST_GCM, 0, NULL); FIPS_cipher_ctx_cleanup(&ctx); return ret; } #endif fips/cmac/fips_cmac_selftest.c +39 −22 Original line number Diff line number Diff line Loading @@ -53,6 +53,7 @@ #include <openssl/err.h> #include <openssl/fips.h> #include <openssl/cmac.h> #include "fips_locl.h" #ifdef OPENSSL_FIPS typedef struct { Loading Loading @@ -113,23 +114,39 @@ int FIPS_selftest_cmac() const EVP_CIPHER *cipher; CMAC_CTX *ctx = CMAC_CTX_new(); const CMAC_KAT *t; int do_corrupt = 0, rv = 0; if (!fips_post_started(FIPS_TEST_CMAC, 0, 0)) return 1; if (!fips_post_corrupt(FIPS_TEST_CMAC, 0, NULL)) for(n=0,t=vector; n<sizeof(vector)/sizeof(vector[0]); n++,t++) { cipher = (*t->alg)(); CMAC_Init(ctx, t->key, t->keysize/8, cipher, 0); CMAC_Update(ctx, t->msg, t->msgsize/8); if (do_corrupt) CMAC_Update(ctx, t->msg, 1); CMAC_Final(ctx, out, &outlen); CMAC_CTX_cleanup(ctx); if(outlen < t->macsize/8 || memcmp(out,t->mac,t->macsize/8)) { FIPSerr(FIPS_F_FIPS_SELFTEST_CMAC,FIPS_R_SELFTEST_FAILED); return 0; goto err; } } rv = 1; err: CMAC_CTX_free(ctx); return 1; if (rv == 0) { fips_post_failed(FIPS_TEST_CMAC, 0, NULL); return 0; } return fips_post_success(FIPS_TEST_CMAC, 0, NULL); } #endif fips/fips.h +0 −1 Original line number Diff line number Diff line Loading @@ -74,7 +74,6 @@ int FIPS_selftest_failed(void); void FIPS_selftest_check(void); int FIPS_selftest_sha1(void); int FIPS_selftest_aes_gcm(void); void FIPS_corrupt_aes_gcm(void); int FIPS_selftest_aes(void); int FIPS_selftest_des(void); int FIPS_selftest_rsa(void); Loading fips/fips_post.c +4 −2 Original line number Diff line number Diff line Loading @@ -105,11 +105,13 @@ void fips_post_end(void) if (post_failure) { post_status = FIPS_POST_STATUS_FAILED; if(fips_post_cb) fips_post_cb(FIPS_POST_END, 0, 0, NULL); } else { post_status = FIPS_POST_STATUS_OK; if (fips_post_cb) fips_post_cb(FIPS_POST_END, 1, 0, NULL); } } Loading fips/fips_test_suite.c +4 −4 Original line number Diff line number Diff line Loading @@ -743,7 +743,7 @@ static int post_cb(int op, int id, int subid, void *ex) break; case FIPS_TEST_CMAC: idstr = "HMAC"; idstr = "CMAC"; break; case FIPS_TEST_GCM: Loading Loading @@ -845,8 +845,7 @@ int main(int argc,char **argv) fail_id = FIPS_TEST_CIPHER; fail_sub = NID_aes_128_ecb; } else if (!strcmp(argv[1], "aes-gcm")) { FIPS_corrupt_aes_gcm(); printf("AES-GCM encryption/decryption with corrupted KAT...\n"); fail_id = FIPS_TEST_GCM; } else if (!strcmp(argv[1], "des")) { fail_id = FIPS_TEST_CIPHER; fail_sub = NID_des_ede3_ecb; Loading Loading @@ -877,7 +876,8 @@ int main(int argc,char **argv) no_exit = 1; } else if (!strcmp(argv[1], "sha1")) { fail_id = FIPS_TEST_DIGEST; fail_sub = NID_sha1; } else if (!strcmp(argv[1], "hmac")) { fail_id = FIPS_TEST_HMAC; } else if (!strcmp(argv[1], "drbg")) { FIPS_corrupt_drbg(); } else if (!strcmp(argv[1], "rng")) { Loading Loading
fips/aes/fips_aes_selftest.c +28 −18 Original line number Diff line number Diff line Loading @@ -53,6 +53,7 @@ #include <openssl/err.h> #include <openssl/fips.h> #include <openssl/evp.h> #include "fips_locl.h" #ifdef OPENSSL_FIPS static struct Loading Loading @@ -123,22 +124,23 @@ static const unsigned char gcm_tag[] = { 0x98,0xf7,0x7e,0x0c }; static int corrupt_aes_gcm = 0; void FIPS_corrupt_aes_gcm(void) { corrupt_aes_gcm = 1; } int FIPS_selftest_aes_gcm(void) { int ret = 0; int ret = 0, do_corrupt = 0; unsigned char out[128], tag[16]; EVP_CIPHER_CTX ctx; FIPS_cipher_ctx_init(&ctx); FIPS_cipherinit(&ctx, EVP_aes_256_gcm(), NULL, NULL, 1); FIPS_cipher_ctx_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN, sizeof(gcm_iv), NULL); memset(out, 0, sizeof(out)); memset(tag, 0, sizeof(tag)); if (!fips_post_started(FIPS_TEST_GCM, 0, 0)) return 1; if (!fips_post_corrupt(FIPS_TEST_HMAC, 0, NULL)) do_corrupt = 1; if (!FIPS_cipherinit(&ctx, EVP_aes_256_gcm(), NULL, NULL, 1)) goto err; if (!FIPS_cipher_ctx_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN, sizeof(gcm_iv), NULL)) goto err; if (!FIPS_cipherinit(&ctx, NULL, gcm_key, gcm_iv, 1)) goto err; if (FIPS_cipher(&ctx, NULL, gcm_aad, sizeof(gcm_aad)) < 0) Loading @@ -154,13 +156,17 @@ int FIPS_selftest_aes_gcm(void) if (memcmp(tag, gcm_tag, 16) || memcmp(out, gcm_ct, 16)) goto err; memset(out, 0, sizeof(out)); /* Modify expected tag value */ if (corrupt_aes_gcm) if (do_corrupt) tag[0]++; FIPS_cipherinit(&ctx, EVP_aes_256_gcm(), NULL, NULL, 0); FIPS_cipher_ctx_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN, sizeof(gcm_iv), NULL); if (!FIPS_cipherinit(&ctx, EVP_aes_256_gcm(), NULL, NULL, 0)) goto err; if (!FIPS_cipher_ctx_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN, sizeof(gcm_iv), NULL)) goto err; if (!FIPS_cipher_ctx_ctrl(&ctx, EVP_CTRL_GCM_SET_TAG, 16, tag)) goto err; if (!FIPS_cipherinit(&ctx, NULL, gcm_key, gcm_iv, 0)) Loading @@ -178,13 +184,17 @@ int FIPS_selftest_aes_gcm(void) ret = 1; err: FIPS_cipher_ctx_cleanup(&ctx); if (ret == 0) { fips_post_failed(FIPS_TEST_GCM, 0, NULL); FIPSerr(FIPS_F_FIPS_SELFTEST_AES_GCM,FIPS_R_SELFTEST_FAILED); return 0; } else return fips_post_success(FIPS_TEST_GCM, 0, NULL); FIPS_cipher_ctx_cleanup(&ctx); return ret; } #endif
fips/cmac/fips_cmac_selftest.c +39 −22 Original line number Diff line number Diff line Loading @@ -53,6 +53,7 @@ #include <openssl/err.h> #include <openssl/fips.h> #include <openssl/cmac.h> #include "fips_locl.h" #ifdef OPENSSL_FIPS typedef struct { Loading Loading @@ -113,23 +114,39 @@ int FIPS_selftest_cmac() const EVP_CIPHER *cipher; CMAC_CTX *ctx = CMAC_CTX_new(); const CMAC_KAT *t; int do_corrupt = 0, rv = 0; if (!fips_post_started(FIPS_TEST_CMAC, 0, 0)) return 1; if (!fips_post_corrupt(FIPS_TEST_CMAC, 0, NULL)) for(n=0,t=vector; n<sizeof(vector)/sizeof(vector[0]); n++,t++) { cipher = (*t->alg)(); CMAC_Init(ctx, t->key, t->keysize/8, cipher, 0); CMAC_Update(ctx, t->msg, t->msgsize/8); if (do_corrupt) CMAC_Update(ctx, t->msg, 1); CMAC_Final(ctx, out, &outlen); CMAC_CTX_cleanup(ctx); if(outlen < t->macsize/8 || memcmp(out,t->mac,t->macsize/8)) { FIPSerr(FIPS_F_FIPS_SELFTEST_CMAC,FIPS_R_SELFTEST_FAILED); return 0; goto err; } } rv = 1; err: CMAC_CTX_free(ctx); return 1; if (rv == 0) { fips_post_failed(FIPS_TEST_CMAC, 0, NULL); return 0; } return fips_post_success(FIPS_TEST_CMAC, 0, NULL); } #endif
fips/fips.h +0 −1 Original line number Diff line number Diff line Loading @@ -74,7 +74,6 @@ int FIPS_selftest_failed(void); void FIPS_selftest_check(void); int FIPS_selftest_sha1(void); int FIPS_selftest_aes_gcm(void); void FIPS_corrupt_aes_gcm(void); int FIPS_selftest_aes(void); int FIPS_selftest_des(void); int FIPS_selftest_rsa(void); Loading
fips/fips_post.c +4 −2 Original line number Diff line number Diff line Loading @@ -105,11 +105,13 @@ void fips_post_end(void) if (post_failure) { post_status = FIPS_POST_STATUS_FAILED; if(fips_post_cb) fips_post_cb(FIPS_POST_END, 0, 0, NULL); } else { post_status = FIPS_POST_STATUS_OK; if (fips_post_cb) fips_post_cb(FIPS_POST_END, 1, 0, NULL); } } Loading
fips/fips_test_suite.c +4 −4 Original line number Diff line number Diff line Loading @@ -743,7 +743,7 @@ static int post_cb(int op, int id, int subid, void *ex) break; case FIPS_TEST_CMAC: idstr = "HMAC"; idstr = "CMAC"; break; case FIPS_TEST_GCM: Loading Loading @@ -845,8 +845,7 @@ int main(int argc,char **argv) fail_id = FIPS_TEST_CIPHER; fail_sub = NID_aes_128_ecb; } else if (!strcmp(argv[1], "aes-gcm")) { FIPS_corrupt_aes_gcm(); printf("AES-GCM encryption/decryption with corrupted KAT...\n"); fail_id = FIPS_TEST_GCM; } else if (!strcmp(argv[1], "des")) { fail_id = FIPS_TEST_CIPHER; fail_sub = NID_des_ede3_ecb; Loading Loading @@ -877,7 +876,8 @@ int main(int argc,char **argv) no_exit = 1; } else if (!strcmp(argv[1], "sha1")) { fail_id = FIPS_TEST_DIGEST; fail_sub = NID_sha1; } else if (!strcmp(argv[1], "hmac")) { fail_id = FIPS_TEST_HMAC; } else if (!strcmp(argv[1], "drbg")) { FIPS_corrupt_drbg(); } else if (!strcmp(argv[1], "rng")) { Loading
