*
*/
+#define OPENSSL_FIPSAPI
+
#include "ecs_locl.h"
#include <openssl/err.h>
#include <openssl/obj_mac.h>
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
goto err;
}
+
+#ifdef OPENSSL_FIPS
+ if (!fips_check_ec_prng(eckey))
+ goto err;
+#endif
do
{
}
while (BN_is_zero(k));
+#ifdef ECDSA_POINT_MUL_NO_CONSTTIME
+ /* We do not want timing information to leak the length of k,
+ * so we compute G*k using an equivalent scalar of fixed
+ * bit-length. */
+
+ if (!BN_add(k, k, order)) goto err;
+ if (BN_num_bits(k) <= BN_num_bits(order))
+ if (!BN_add(k, k, order)) goto err;
+#endif /* def(ECDSA_POINT_MUL_NO_CONSTTIME) */
+
/* compute r the x-coordinate of generator * k */
if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx))
{
goto err;
}
}
+#ifndef OPENSSL_NO_EC2M
else /* NID_X9_62_characteristic_two_field */
{
if (!EC_POINT_get_affine_coordinates_GF2m(group,
goto err;
}
}
+#endif
if (!BN_nnmod(r, X, order, ctx))
{
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
return NULL;
}
+#ifdef OPENSSL_FIPS
+ if (!fips_check_ec_prng(eckey))
+ return NULL;
+#endif
+
ret = ECDSA_SIG_new();
if (!ret)
{
{
if (in_kinv == NULL || in_r == NULL)
{
- if (!ECDSA_sign_setup(eckey, ctx, &kinv, &ret->r))
+ if (!ecdsa->meth->ecdsa_sign_setup(eckey, ctx,
+ &kinv, &ret->r))
{
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN,ERR_R_ECDSA_LIB);
goto err;
goto err;
}
}
+#ifndef OPENSSL_NO_EC2M
else /* NID_X9_62_characteristic_two_field */
{
if (!EC_POINT_get_affine_coordinates_GF2m(group,
goto err;
}
}
-
+#endif
if (!BN_nnmod(u1, X, order, ctx))
{
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
EC_POINT_free(point);
return ret;
}
+
+#ifdef OPENSSL_FIPSCANISTER
+/* FIPS stanadlone version of ecdsa_check: just return FIPS method */
+ECDSA_DATA *fips_ecdsa_check(EC_KEY *key)
+ {
+ static ECDSA_DATA rv = {
+ 0,0,0,
+ &openssl_ecdsa_meth
+ };
+ return &rv;
+ }
+/* Standalone digest sign and verify */
+int FIPS_ecdsa_verify_digest(EC_KEY *key,
+ const unsigned char *dig, int dlen, ECDSA_SIG *s)
+ {
+ ECDSA_DATA *ecdsa = ecdsa_check(key);
+ if (ecdsa == NULL)
+ return 0;
+ return ecdsa->meth->ecdsa_do_verify(dig, dlen, s, key);
+ }
+ECDSA_SIG * FIPS_ecdsa_sign_digest(EC_KEY *key,
+ const unsigned char *dig, int dlen)
+ {
+ ECDSA_DATA *ecdsa = ecdsa_check(key);
+ if (ecdsa == NULL)
+ return NULL;
+ return ecdsa->meth->ecdsa_do_sign(dig, dlen, NULL, NULL, key);
+ }
+#endif