Block low level public key signature operations in FIPS mode.

 Changes between 0.9.8e and 0.9.8f-fips  [xx XXX xxxx]

  *) Rewrite self tests and pairwise tests to use EVP. Add more extensive

     self tests for RSA in all digests and modes.

     [Steve Henson]

  *) New flags RSA_FIPS_METHOD and DSA_FIPS_METHOD to indicate a method is

     allowed in FIPS mode. Disable direct low level RSA and DSA signature

     operations in FIPS mode so all operations have to be made via EVP.

     [Steve Henson]

  *) New flag EVP_MD_FLAG_SVCTX which passes EVP_MD_CTX and key to underlying

     sign/verify method. This permits the method to perform finalization

     and signing itself and have access to the EVP_MD_CTX structure in case

	EVP_PKEY *sigkey = NULL;

	unsigned char *sigbuf = NULL;

	int siglen = 0;

	unsigned int sig_flags = 0;

	char *passargin = NULL, *passin = NULL;

#ifndef OPENSSL_NO_ENGINE

	char *engine=NULL;

			keyfile=*(++argv);

			do_verify = 1;

			}

		else if (strcmp(*argv,"-x931") == 0)

			sig_flags = EVP_MD_CTX_FLAG_PAD_X931;

		else if (strcmp(*argv,"-pss_saltlen") == 0)

			{

			int saltlen;

			if (--argc < 1) break;

			saltlen=atoi(*(++argv));

			if (saltlen == -1)

				sig_flags = EVP_MD_CTX_FLAG_PSS_MREC;

			else if (saltlen == -2)

				sig_flags = EVP_MD_CTX_FLAG_PSS_MDLEN;

			else if (saltlen < -2 || saltlen >= 0xFFFE)

				{

				BIO_printf(bio_err, "Invalid PSS salt length %d\n", saltlen);

				goto end;

				}

			else

				sig_flags = saltlen;

			sig_flags <<= 16;

			sig_flags |= EVP_MD_CTX_FLAG_PAD_PSS;

			}

		else if (strcmp(*argv,"-signature") == 0)

			{

			if (--argc < 1) break;

		EVP_MD_CTX_set_flags(md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);

		}

	if (sig_flags)

		{

		EVP_MD_CTX *md_ctx;

		BIO_get_md_ctx(bmd,&md_ctx);

		EVP_MD_CTX_set_flags(md_ctx, sig_flags);

		}

	/* we use md as a filter, reading from 'in' */

	if (!BIO_set_md(bmd,md))

                                              * be used for all exponents.

                                              */

/* If this flag is set external DSA_METHOD callbacks are allowed in FIPS mode

 * it is then the applications responsibility to ensure the external method

 * is compliant.

/* If this flag is set the DSA method is FIPS compliant and can be used

 * in FIPS mode. This is set in the validated module method. If an

 * application sets this flag in its own methods it is its reposibility

 * to ensure the result is compliant.

 */

#define DSA_FLAG_FIPS_EXTERNAL_METHOD_ALLOW	0x04

#define DSA_FLAG_FIPS_METHOD			0x0400

/* If this flag is set the operations normally disabled in FIPS mode are

 * permitted it is then the applications responsibility to ensure that the

 * usage is compliant.

 */

#define DSA_FLAG_NON_FIPS_ALLOW			0x0400

#ifdef OPENSSL_FIPS

#define FIPS_DSA_SIZE_T	int

#define DSA_F_DSA_NEW_METHOD				 103

#define DSA_F_DSA_PRINT					 104

#define DSA_F_DSA_PRINT_FP				 105

#define DSA_F_DSA_SET_DEFAULT_METHOD			 115

#define DSA_F_DSA_SET_METHOD				 116

#define DSA_F_DSA_SIGN					 106

#define DSA_F_DSA_SIGN_SETUP				 107

#define DSA_F_DSA_SIG_NEW				 109

#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 100

#define DSA_R_MISSING_PARAMETERS			 101

#define DSA_R_MODULUS_TOO_LARGE				 103

#define DSA_R_NON_FIPS_METHOD				 104

#define DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE	 105

#ifdef  __cplusplus

}

#include <openssl/dsa.h>

#include <openssl/asn1.h>

#include <openssl/asn1t.h>

#include <openssl/fips.h>

/* Override the default new methods */

static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)

	     unsigned int *siglen, DSA *dsa)

	{

	DSA_SIG *s;

#ifdef OPENSSL_FIPS

	if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW))

		{

		DSAerr(DSA_F_DSA_SIGN, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);

		return 0;

		}

#endif

	s=DSA_do_sign(dgst,dlen,dsa);

	if (s == NULL)

		{

	{

	DSA_SIG *s;

	int ret=-1;

#ifdef OPENSSL_FIPS

	if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW))

		{

		DSAerr(DSA_F_DSA_VERIFY, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);

		return 0;

		}

#endif

	s = DSA_SIG_new();

	if (s == NULL) return(ret);

/* crypto/dsa/dsa_err.c */

/* ====================================================================

 * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.

 * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.

 *

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

{ERR_FUNC(DSA_F_DSA_NEW_METHOD),	"DSA_new_method"},

{ERR_FUNC(DSA_F_DSA_PRINT),	"DSA_print"},

{ERR_FUNC(DSA_F_DSA_PRINT_FP),	"DSA_print_fp"},

{ERR_FUNC(DSA_F_DSA_SET_DEFAULT_METHOD),	"DSA_set_default_method"},

{ERR_FUNC(DSA_F_DSA_SET_METHOD),	"DSA_set_method"},

{ERR_FUNC(DSA_F_DSA_SIGN),	"DSA_sign"},

{ERR_FUNC(DSA_F_DSA_SIGN_SETUP),	"DSA_sign_setup"},

{ERR_FUNC(DSA_F_DSA_SIG_NEW),	"DSA_SIG_new"},

{ERR_REASON(DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"},

{ERR_REASON(DSA_R_MISSING_PARAMETERS)    ,"missing parameters"},

{ERR_REASON(DSA_R_MODULUS_TOO_LARGE)     ,"modulus too large"},

{ERR_REASON(DSA_R_NON_FIPS_METHOD)       ,"non fips method"},

{ERR_REASON(DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE),"operation not allowed in fips mode"},

{0,NULL}

	};