Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
T
TLMSP OpenSSL
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Package Registry
Container Registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
CYBER - Cyber Security
TS 103 523 MSP
TLMSP
TLMSP OpenSSL
Commits
f55f5f77
Commit
f55f5f77
authored
13 years ago
by
Dr. Stephen Henson
Browse files
Options
Downloads
Patches
Plain Diff
Add support for canonical generation of DSA parameter g.
Modify fips_dssvs to support appropriate file format.
parent
7daf0efa
No related branches found
No related tags found
No related merge requests found
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
CHANGES
+3
-0
3 additions, 0 deletions
CHANGES
crypto/dsa/dsa_gen.c
+107
-11
107 additions, 11 deletions
crypto/dsa/dsa_gen.c
crypto/dsa/dsa_locl.h
+4
-2
4 additions, 2 deletions
crypto/dsa/dsa_locl.h
fips/dsa/fips_dssvs.c
+39
-12
39 additions, 12 deletions
fips/dsa/fips_dssvs.c
with
153 additions
and
25 deletions
CHANGES
+
3
−
0
View file @
f55f5f77
...
...
@@ -4,6 +4,9 @@
Changes between 1.0.1 and 1.1.0 [xx XXX xxxx]
*) Add support for canonical generation of DSA parameter 'g'. See
FIPS 186-3 A.2.3.
*) Add support for HMAC DRBG from SP800-90. Update algorithm and POST
to handle HMAC cases.
[Steve Henson]
...
...
This diff is collapsed.
Click to expand it.
crypto/dsa/dsa_gen.c
+
107
−
11
View file @
f55f5f77
...
...
@@ -452,11 +452,11 @@ int fips_check_dsa_prng(DSA *dsa, size_t L, size_t N)
int
dsa_builtin_paramgen2
(
DSA
*
ret
,
size_t
L
,
size_t
N
,
const
EVP_MD
*
evpmd
,
const
unsigned
char
*
seed_in
,
size_t
seed_len
,
unsigned
char
*
seed_out
,
int
idx
,
unsigned
char
*
seed_out
,
int
*
counter_ret
,
unsigned
long
*
h_ret
,
BN_GENCB
*
cb
)
{
int
ok
=-
1
;
unsigned
char
*
seed
=
NULL
;
unsigned
char
*
seed
=
NULL
,
*
seed_tmp
=
NULL
;
unsigned
char
md
[
EVP_MAX_MD_SIZE
];
int
mdsize
;
BIGNUM
*
r0
,
*
W
,
*
X
,
*
c
,
*
test
;
...
...
@@ -466,8 +466,11 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
int
counter
=
0
;
int
r
=
0
;
BN_CTX
*
ctx
=
NULL
;
EVP_MD_CTX
mctx
;
unsigned
int
h
=
2
;
EVP_MD_CTX_init
(
&
mctx
);
#ifdef OPENSSL_FIPS
if
(
FIPS_selftest_failed
())
{
...
...
@@ -497,7 +500,12 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
seed
=
OPENSSL_malloc
(
seed_len
);
if
(
!
seed
)
if
(
seed_out
)
seed_tmp
=
seed_out
;
else
seed_tmp
=
OPENSSL_malloc
(
seed_len
);
if
(
!
seed
||
!
seed_tmp
)
goto
err
;
if
(
seed_in
)
...
...
@@ -513,12 +521,24 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
r0
=
BN_CTX_get
(
ctx
);
g
=
BN_CTX_get
(
ctx
);
W
=
BN_CTX_get
(
ctx
);
q
=
BN_CTX_get
(
ctx
);
X
=
BN_CTX_get
(
ctx
);
c
=
BN_CTX_get
(
ctx
);
p
=
BN_CTX_get
(
ctx
);
test
=
BN_CTX_get
(
ctx
);
/* if p, q already supplied generate g only */
if
(
ret
->
p
&&
ret
->
q
)
{
p
=
ret
->
p
;
q
=
ret
->
q
;
memcpy
(
seed_tmp
,
seed
,
seed_len
);
goto
g_only
;
}
else
{
p
=
BN_CTX_get
(
ctx
);
q
=
BN_CTX_get
(
ctx
);
}
if
(
!
BN_lshift
(
test
,
BN_value_one
(),
L
-
1
))
goto
err
;
for
(;;)
...
...
@@ -648,21 +668,50 @@ end:
if
(
!
BN_GENCB_call
(
cb
,
2
,
1
))
goto
err
;
g_only:
/* We now need to generate g */
/* Set r0=(p-1)/q */
if
(
!
BN_sub
(
test
,
p
,
BN_value_one
()))
goto
err
;
if
(
!
BN_div
(
r0
,
NULL
,
test
,
q
,
ctx
))
goto
err
;
if
(
!
BN_set_word
(
test
,
h
))
goto
err
;
if
(
idx
<
0
)
{
if
(
!
BN_set_word
(
test
,
h
))
goto
err
;
}
else
h
=
1
;
if
(
!
BN_MONT_CTX_set
(
mont
,
p
,
ctx
))
goto
err
;
for
(;;)
{
static
const
unsigned
char
ggen
[
4
]
=
{
0x67
,
0x67
,
0x65
,
0x6e
};
if
(
idx
>=
0
)
{
md
[
0
]
=
idx
&
0xff
;
md
[
1
]
=
(
h
>>
8
)
&
0xff
;
md
[
2
]
=
h
&
0xff
;
if
(
!
EVP_DigestInit_ex
(
&
mctx
,
evpmd
,
NULL
))
goto
err
;
if
(
!
EVP_DigestUpdate
(
&
mctx
,
seed_tmp
,
seed_len
))
goto
err
;
if
(
!
EVP_DigestUpdate
(
&
mctx
,
ggen
,
sizeof
(
ggen
)))
goto
err
;
if
(
!
EVP_DigestUpdate
(
&
mctx
,
md
,
3
))
goto
err
;
if
(
!
EVP_DigestFinal_ex
(
&
mctx
,
md
,
NULL
))
goto
err
;
if
(
!
BN_bin2bn
(
md
,
mdsize
,
test
))
goto
err
;
}
/* g=test^r0%p */
if
(
!
BN_mod_exp_mont
(
g
,
test
,
r0
,
p
,
ctx
,
mont
))
goto
err
;
if
(
!
BN_is_one
(
g
))
break
;
if
(
!
BN_add
(
test
,
test
,
BN_value_one
()))
goto
err
;
if
(
idx
<
0
&&
!
BN_add
(
test
,
test
,
BN_value_one
()))
goto
err
;
h
++
;
if
(
idx
>=
0
&&
h
>
0xffff
)
goto
err
;
}
if
(
!
BN_GENCB_call
(
cb
,
3
,
1
))
...
...
@@ -672,11 +721,17 @@ end:
err:
if
(
ok
==
1
)
{
if
(
ret
->
p
)
BN_free
(
ret
->
p
);
if
(
ret
->
q
)
BN_free
(
ret
->
q
);
if
(
p
!=
ret
->
p
)
{
if
(
ret
->
p
)
BN_free
(
ret
->
p
);
ret
->
p
=
BN_dup
(
p
);
}
if
(
q
!=
ret
->
q
)
{
if
(
ret
->
q
)
BN_free
(
ret
->
q
);
ret
->
q
=
BN_dup
(
q
);
}
if
(
ret
->
g
)
BN_free
(
ret
->
g
);
ret
->
p
=
BN_dup
(
p
);
ret
->
q
=
BN_dup
(
q
);
ret
->
g
=
BN_dup
(
g
);
if
(
ret
->
p
==
NULL
||
ret
->
q
==
NULL
||
ret
->
g
==
NULL
)
{
...
...
@@ -688,12 +743,53 @@ err:
}
if
(
seed
)
OPENSSL_free
(
seed
);
if
(
seed_out
!=
seed_tmp
)
OPENSSL_free
(
seed_tmp
);
if
(
ctx
)
{
BN_CTX_end
(
ctx
);
BN_CTX_free
(
ctx
);
}
if
(
mont
!=
NULL
)
BN_MONT_CTX_free
(
mont
);
EVP_MD_CTX_cleanup
(
&
mctx
);
return
ok
;
}
int
dsa_paramgen_check_g
(
DSA
*
dsa
)
{
BN_CTX
*
ctx
;
BIGNUM
*
tmp
;
BN_MONT_CTX
*
mont
=
NULL
;
int
rv
=
-
1
;
ctx
=
BN_CTX_new
();
if
(
!
ctx
)
return
-
1
;
BN_CTX_start
(
ctx
);
if
(
BN_cmp
(
dsa
->
g
,
BN_value_one
())
<=
0
)
return
0
;
if
(
BN_cmp
(
dsa
->
g
,
dsa
->
p
)
>=
0
)
return
0
;
tmp
=
BN_CTX_get
(
ctx
);
if
(
!
tmp
)
goto
err
;
if
((
mont
=
BN_MONT_CTX_new
())
==
NULL
)
goto
err
;
if
(
!
BN_MONT_CTX_set
(
mont
,
dsa
->
p
,
ctx
))
goto
err
;
/* Work out g^q mod p */
if
(
!
BN_mod_exp_mont
(
tmp
,
dsa
->
g
,
dsa
->
q
,
dsa
->
p
,
ctx
,
mont
))
goto
err
;
if
(
!
BN_cmp
(
tmp
,
BN_value_one
()))
rv
=
1
;
else
rv
=
0
;
err:
BN_CTX_end
(
ctx
);
if
(
mont
)
BN_MONT_CTX_free
(
mont
);
BN_CTX_free
(
ctx
);
return
rv
;
}
#endif
This diff is collapsed.
Click to expand it.
crypto/dsa/dsa_locl.h
+
4
−
2
View file @
f55f5f77
...
...
@@ -59,7 +59,9 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
unsigned
char
*
seed_out
,
int
*
counter_ret
,
unsigned
long
*
h_ret
,
BN_GENCB
*
cb
);
int
dsa_builtin_paramgen2
(
DSA
*
ret
,
size_t
bits
,
size_t
qbits
,
int
dsa_builtin_paramgen2
(
DSA
*
ret
,
size_t
L
,
size_t
N
,
const
EVP_MD
*
evpmd
,
const
unsigned
char
*
seed_in
,
size_t
seed_len
,
unsigned
char
*
seed_out
,
int
idx
,
unsigned
char
*
seed_out
,
int
*
counter_ret
,
unsigned
long
*
h_ret
,
BN_GENCB
*
cb
);
int
dsa_paramgen_check_g
(
DSA
*
dsa
);
This diff is collapsed.
Click to expand it.
fips/dsa/fips_dssvs.c
+
39
−
12
View file @
f55f5f77
...
...
@@ -111,9 +111,9 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
const
EVP_MD
*
evpmd
,
const
unsigned
char
*
seed_in
,
size_t
seed_len
,
unsigned
char
*
seed_out
,
int
*
counter_ret
,
unsigned
long
*
h_ret
,
BN_GENCB
*
cb
);
int
dsa_builtin_paramgen2
(
DSA
*
ret
,
size_t
bits
,
size_t
qbits
,
int
dsa_builtin_paramgen2
(
DSA
*
ret
,
size_t
L
,
size_t
N
,
const
EVP_MD
*
evpmd
,
const
unsigned
char
*
seed_in
,
size_t
seed_len
,
unsigned
char
*
seed_out
,
int
idx
,
unsigned
char
*
seed_out
,
int
*
counter_ret
,
unsigned
long
*
h_ret
,
BN_GENCB
*
cb
);
static
void
pqg
(
FILE
*
in
,
FILE
*
out
)
...
...
@@ -160,7 +160,7 @@ static void pqg(FILE *in, FILE *out)
exit
(
1
);
}
if
(
dsa2
&&
dsa_builtin_paramgen2
(
dsa
,
L
,
N
,
md
,
NULL
,
0
,
seed
,
NULL
,
0
,
-
1
,
seed
,
&
counter
,
&
h
,
NULL
)
<=
0
)
{
fprintf
(
stderr
,
"Parameter Generation error
\n
"
);
...
...
@@ -191,8 +191,8 @@ static void pqgver(FILE *in, FILE *out)
DSA
*
dsa
=
NULL
;
int
dsa2
,
L
,
N
,
part_test
=
0
;
const
EVP_MD
*
md
=
NULL
;
int
seedlen
=-
1
;
unsigned
char
seed
[
1024
];
int
seedlen
=
-
1
,
idxlen
,
idx
=
-
1
;
unsigned
char
seed
[
1024
]
,
idtmp
[
1024
]
;
while
(
fgets
(
buf
,
sizeof
buf
,
in
)
!=
NULL
)
{
...
...
@@ -221,7 +221,8 @@ static void pqgver(FILE *in, FILE *out)
q
=
hex2bn
(
value
);
else
if
(
!
strcmp
(
keyword
,
"G"
))
g
=
hex2bn
(
value
);
else
if
(
!
strcmp
(
keyword
,
"Seed"
))
else
if
(
!
strcmp
(
keyword
,
"Seed"
)
||
!
strcmp
(
keyword
,
"domain_parameter_seed"
))
{
seedlen
=
hex2bin
(
value
,
seed
);
if
(
!
dsa2
&&
seedlen
!=
20
)
...
...
@@ -229,9 +230,21 @@ static void pqgver(FILE *in, FILE *out)
fprintf
(
stderr
,
"Seed parse length error
\n
"
);
exit
(
1
);
}
if
(
idx
>
0
)
part_test
=
1
;
}
else
if
(
!
strcmp
(
keyword
,
"index"
))
{
idxlen
=
hex2bin
(
value
,
idtmp
);
if
(
idxlen
!=
1
)
{
fprintf
(
stderr
,
"Index value error
\n
"
);
exit
(
1
);
}
idx
=
idtmp
[
0
];
}
else
if
(
!
strcmp
(
keyword
,
"c"
))
counter
=
atoi
(
buf
+
4
);
counter
=
atoi
(
buf
+
4
);
partial:
if
(
!
strcmp
(
keyword
,
"H"
)
||
part_test
)
{
...
...
@@ -243,6 +256,11 @@ static void pqgver(FILE *in, FILE *out)
exit
(
1
);
}
dsa
=
FIPS_dsa_new
();
if
(
idx
>=
0
)
{
dsa
->
p
=
BN_dup
(
p
);
dsa
->
q
=
BN_dup
(
q
);
}
if
(
!
dsa2
&&
!
dsa_builtin_paramgen
(
dsa
,
L
,
N
,
md
,
seed
,
seedlen
,
NULL
,
&
counter2
,
&
h2
,
NULL
))
...
...
@@ -251,13 +269,20 @@ static void pqgver(FILE *in, FILE *out)
exit
(
1
);
}
if
(
dsa2
&&
dsa_builtin_paramgen2
(
dsa
,
L
,
N
,
md
,
seed
,
seedlen
,
NULL
,
seed
,
seedlen
,
idx
,
NULL
,
&
counter2
,
&
h2
,
NULL
)
<
0
)
{
fprintf
(
stderr
,
"Parameter Generation error
\n
"
);
exit
(
1
);
}
if
(
BN_cmp
(
dsa
->
p
,
p
)
||
BN_cmp
(
dsa
->
q
,
q
)
||
if
(
idx
>=
0
)
{
if
(
BN_cmp
(
dsa
->
g
,
g
))
fprintf
(
out
,
"Result = F
\n
"
);
else
fprintf
(
out
,
"Result = P
\n
"
);
}
else
if
(
BN_cmp
(
dsa
->
p
,
p
)
||
BN_cmp
(
dsa
->
q
,
q
)
||
(
!
part_test
&&
((
BN_cmp
(
dsa
->
g
,
g
)
||
(
counter
!=
counter2
)
||
(
h
!=
h2
)))))
fprintf
(
out
,
"Result = F
\n
"
);
...
...
@@ -273,9 +298,11 @@ static void pqgver(FILE *in, FILE *out)
dsa
=
NULL
;
if
(
part_test
)
{
fputs
(
buf
,
out
);
if
(
idx
==
-
1
)
fputs
(
buf
,
out
);
part_test
=
0
;
}
idx
=
-
1
;
}
}
}
...
...
@@ -436,7 +463,7 @@ static void keypair(FILE *in, FILE *out)
fprintf
(
stderr
,
"Parameter Generation error
\n
"
);
exit
(
1
);
}
if
(
dsa2
&&
dsa_builtin_paramgen2
(
dsa
,
L
,
N
,
NULL
,
NULL
,
0
,
if
(
dsa2
&&
dsa_builtin_paramgen2
(
dsa
,
L
,
N
,
NULL
,
NULL
,
0
,
-
1
,
NULL
,
NULL
,
NULL
,
NULL
)
<=
0
)
{
fprintf
(
stderr
,
"Parameter Generation error
\n
"
);
...
...
@@ -493,7 +520,7 @@ static void siggen(FILE *in, FILE *out)
fprintf
(
stderr
,
"Parameter Generation error
\n
"
);
exit
(
1
);
}
if
(
dsa2
&&
dsa_builtin_paramgen2
(
dsa
,
L
,
N
,
md
,
NULL
,
0
,
if
(
dsa2
&&
dsa_builtin_paramgen2
(
dsa
,
L
,
N
,
md
,
NULL
,
0
,
-
1
,
NULL
,
NULL
,
NULL
,
NULL
)
<=
0
)
{
fprintf
(
stderr
,
"Parameter Generation error
\n
"
);
...
...
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment