Commit 8f331999 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Report each cipher used with CMAC tests. 

Only add one error to error queue if a specific test type fails.
parent 9338f290

fips/cmac/fips_cmac_selftest.c

+41 −17
Original line number Diff line number Diff line
@@ -114,39 +114,63 @@ int FIPS_selftest_cmac() 
	const EVP_CIPHER *cipher;

	CMAC_CTX *ctx = CMAC_CTX_new();

	const CMAC_KAT *t;

	int do_corrupt = 0, rv = 0;



	if (!fips_post_started(FIPS_TEST_CMAC, 0, 0))

		return 1;

	if (!fips_post_corrupt(FIPS_TEST_CMAC, 0, NULL))

	int subid, rv = 1;



	for(n=0,t=vector; n<sizeof(vector)/sizeof(vector[0]); n++,t++)

		{

		cipher = (*t->alg)();

		CMAC_Init(ctx, t->key, t->keysize/8, cipher, 0);

		CMAC_Update(ctx, t->msg, t->msgsize/8);

		if (do_corrupt)

			CMAC_Update(ctx, t->msg, 1);

		CMAC_Final(ctx, out, &outlen);

		subid = M_EVP_CIPHER_nid(cipher);

		if (!fips_post_started(FIPS_TEST_CMAC, subid, 0))

			continue;

		if (!CMAC_Init(ctx, t->key, t->keysize/8, cipher, 0))

			{

			rv = -1;

			goto err;

			}

		if (!CMAC_Update(ctx, t->msg, t->msgsize/8))

			{

			rv = -1;

			goto err;

			}

			

		if (!fips_post_corrupt(FIPS_TEST_CMAC, subid, NULL))

			{

			if (!CMAC_Update(ctx, t->msg, 1))

				{

				rv = -1;

				goto err;

				}

			}

		if (!CMAC_Final(ctx, out, &outlen))

			{

			rv = -1;

			goto err;

			}

		CMAC_CTX_cleanup(ctx);



		if(outlen < t->macsize/8 || memcmp(out,t->mac,t->macsize/8))

			{

		    	FIPSerr(FIPS_F_FIPS_SELFTEST_CMAC,FIPS_R_SELFTEST_FAILED);

			fips_post_failed(FIPS_TEST_CMAC, subid, NULL);

		    	rv = 0;

		    	}

		else if (!fips_post_success(FIPS_TEST_CMAC, subid, NULL))

			{

			rv = 0;

			goto err;

			}

		}



	rv = 1;

	err:

	CMAC_CTX_free(ctx);



	if (rv == 0)

	if (rv == -1)

		{

		fips_post_failed(FIPS_TEST_CMAC, 0, NULL);

		return 0;

		fips_post_failed(FIPS_TEST_CMAC, subid, NULL);

		rv = 0;

		}

	if (!rv)

		   FIPSerr(FIPS_F_FIPS_SELFTEST_CMAC,FIPS_R_SELFTEST_FAILED);



	return fips_post_success(FIPS_TEST_CMAC, 0, NULL);

	return rv;

	}

#endif

fips/fips_test_suite.c

+8 −1
Original line number Diff line number Diff line
@@ -682,7 +682,11 @@ POST_ID id_list[] = { 
	{EVP_PKEY_RSA, "RSA"},

	{EVP_PKEY_DSA, "DSA"},

	{EVP_PKEY_EC, "ECDSA"},

	{NID_aes_128_cbc, "AES-128-CBC"},

	{NID_aes_192_cbc, "AES-192-CBC"},

	{NID_aes_256_cbc, "AES-256-CBC"},

	{NID_aes_128_ecb, "AES-128-ECB"},

	{NID_des_ede3_cbc, "DES-EDE3-CBC"},

	{NID_des_ede3_ecb, "DES-EDE3-ECB"},

	{0, NULL}

};
@@ -696,7 +700,7 @@ static const char *lookup_id(int id) 
		if (n->id == id)

			return n->name;

		}

	sprintf(out, "ID=%d\n", id);

	sprintf(out, "ID=%d", id);

	return out;

	}
@@ -741,6 +745,7 @@ static int post_cb(int op, int id, int subid, void *ex) 


		case FIPS_TEST_CMAC:

		idstr = "CMAC";

		exstr = lookup_id(subid);

		break;



		case FIPS_TEST_GCM:
@@ -873,6 +878,8 @@ int main(int argc,char **argv) 
	    fail_id = FIPS_TEST_DIGEST;

        } else if (!strcmp(argv[1], "hmac")) {

	    fail_id = FIPS_TEST_HMAC;

        } else if (!strcmp(argv[1], "cmac")) {

	    fail_id = FIPS_TEST_CMAC;

	} else if (!strcmp(argv[1], "drbg")) {

	    FIPS_corrupt_drbg();

	} else if (!strcmp(argv[1], "rng")) {

fips/hmac/fips_hmac_selftest.c

+3 −2
Original line number Diff line number Diff line
@@ -156,11 +156,10 @@ int FIPS_selftest_hmac() 


		if(memcmp(out,t->kaval,outlen))

			{

		    	FIPSerr(FIPS_F_FIPS_SELFTEST_HMAC,FIPS_R_SELFTEST_FAILED);

			fips_post_failed(FIPS_TEST_HMAC, subid, NULL);

			rv = 0;

		    	}

		if (!fips_post_success(FIPS_TEST_HMAC, subid, NULL))

		else if (!fips_post_success(FIPS_TEST_HMAC, subid, NULL))

			goto err;

		}
@@ -171,6 +170,8 @@ int FIPS_selftest_hmac() 
		fips_post_failed(FIPS_TEST_HMAC, subid, NULL);

		rv = 0;

		}

	if (!rv)

		   FIPSerr(FIPS_F_FIPS_SELFTEST_HMAC,FIPS_R_SELFTEST_FAILED);

	return rv;

	}

#endif