Commit fe26d066 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Add ECDSA functionality to fips module. Initial very incomplete version 

of algorithm test program.
parent c876a4b7

CHANGES

+6 −0
Original line number Diff line number Diff line
@@ -4,6 +4,12 @@ 


 Changes between 1.0.1 and 1.1.0  [xx XXX xxxx]



  *) Add ECDSA code to fips module. Add tiny fips_ecdsa_check to just

     return internal method without any ENGINE dependencies. Add new

     tiny fips sign and verify functions. Initial incomplete algorithm

     test program.

     [Steve Henson]



  *) New build option no-ec2m to disable characteristic 2 code.

     [Steve Henson]

Makefile.fips

+13 −1
Original line number Diff line number Diff line
@@ -269,7 +269,6 @@ BUILD_ONE_CMD=\ 
reflect:

	@[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV)





# FIXME



FIPS_EX_OBJ= ../crypto/aes/aes_cfb.o \
@@ -282,10 +281,12 @@ FIPS_EX_OBJ= ../crypto/aes/aes_cfb.o \ 
	../crypto/bn/bn_exp2.o \

	../crypto/bn/bn_exp.o \

	../crypto/bn/bn_gcd.o \

	../crypto/bn/bn_gf2m.o \

	../crypto/bn/bn_lib.o \

	../crypto/bn/bn_mod.o \

	../crypto/bn/bn_mont.o \

	../crypto/bn/bn_mul.o \

	../crypto/bn/bn_nist.o \

	../crypto/bn/bn_prime.o \

	../crypto/bn/bn_rand.o \

	../crypto/bn/bn_recp.o \
@@ -308,6 +309,17 @@ FIPS_EX_OBJ= ../crypto/aes/aes_cfb.o \ 
	../crypto/dsa/dsa_gen.o \

	../crypto/dsa/dsa_key.o \

	../crypto/dsa/dsa_ossl.o \

	../crypto/ec/ec_curve.o \

	../crypto/ec/ec_cvt.o \

	../crypto/ec/ec_key.o \

	../crypto/ec/ec_lib.o \

	../crypto/ec/ecp_mont.o \

	../crypto/ec/ec_mult.o \

	../crypto/ec/ecp_nist.o \

	../crypto/ec/ecp_smpl.o \

	../crypto/ec/ec2_mult.o \

	../crypto/ec/ec2_smpl.o \

	../crypto/ecdsa/ecs_ossl.o \

	../crypto/evp/e_aes.o \

	../crypto/evp/e_des3.o \

	../crypto/evp/m_sha1.o \

Makefile.org

+13 −0
Original line number Diff line number Diff line
@@ -281,10 +281,12 @@ FIPS_EX_OBJ= ../crypto/aes/aes_cfb.o \ 
	../crypto/bn/bn_exp2.o \

	../crypto/bn/bn_exp.o \

	../crypto/bn/bn_gcd.o \

	../crypto/bn/bn_gf2m.o \

	../crypto/bn/bn_lib.o \

	../crypto/bn/bn_mod.o \

	../crypto/bn/bn_mont.o \

	../crypto/bn/bn_mul.o \

	../crypto/bn/bn_nist.o \

	../crypto/bn/bn_prime.o \

	../crypto/bn/bn_rand.o \

	../crypto/bn/bn_recp.o \
@@ -307,6 +309,17 @@ FIPS_EX_OBJ= ../crypto/aes/aes_cfb.o \ 
	../crypto/dsa/dsa_gen.o \

	../crypto/dsa/dsa_key.o \

	../crypto/dsa/dsa_ossl.o \

	../crypto/ec/ec_curve.o \

	../crypto/ec/ec_cvt.o \

	../crypto/ec/ec_key.o \

	../crypto/ec/ec_lib.o \

	../crypto/ec/ecp_mont.o \

	../crypto/ec/ec_mult.o \

	../crypto/ec/ecp_nist.o \

	../crypto/ec/ecp_smpl.o \

	../crypto/ec/ec2_mult.o \

	../crypto/ec/ec2_smpl.o \

	../crypto/ecdsa/ecs_ossl.o \

	../crypto/evp/e_aes.o \

	../crypto/evp/e_des3.o \

	../crypto/evp/m_sha1.o \

crypto/bn/bn_gf2m.c

+2 −0
Original line number Diff line number Diff line
@@ -88,6 +88,8 @@ 
 *

 */



#define OPENSSL_FIPSAPI



#include <assert.h>

#include <limits.h>

#include <stdio.h>

crypto/ecdsa/ecdsa.h

+10 −0
Original line number Diff line number Diff line
@@ -228,6 +228,16 @@ int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new 
int 	  ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg);

void 	  *ECDSA_get_ex_data(EC_KEY *d, int idx);



#ifdef OPENSSL_FIPS

/* Standalone FIPS signature operations */

ECDSA_SIG * FIPS_ecdsa_sign_digest(EC_KEY *key,

					const unsigned char *dig, int dlen);

ECDSA_SIG * FIPS_ecdsa_sign_ctx(EC_KEY *key, EVP_MD_CTX *ctx);

int FIPS_ecdsa_verify_digest(EC_KEY *key,

			const unsigned char *dig, int dlen, ECDSA_SIG *s);

int FIPS_ecdsa_verify_ctx(EC_KEY *key, EVP_MD_CTX *ctx, ECDSA_SIG *s);

#endif





/* BEGIN ERROR CODES */

/* The following lines are auto generated by the script mkerr.pl. Any changes