fips/dh/fips_dhvs.c

   1 /* fips/dh/fips_dhvs.c */
   2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
   3  * project.
   4  */
   5 /* ====================================================================
   6  * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
   7  *
   8  * Redistribution and use in source and binary forms, with or without
   9  * modification, are permitted provided that the following conditions
  10  * are met:
  11  *
  12  * 1. Redistributions of source code must retain the above copyright
  13  *    notice, this list of conditions and the following disclaimer.
  14  *
  15  * 2. Redistributions in binary form must reproduce the above copyright
  16  *    notice, this list of conditions and the following disclaimer in
  17  *    the documentation and/or other materials provided with the
  18  *    distribution.
  19  *
  20  * 3. All advertising materials mentioning features or use of this
  21  *    software must display the following acknowledgment:
  22  *    "This product includes software developed by the OpenSSL Project
  23  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
  24  *
  25  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  26  *    endorse or promote products derived from this software without
  27  *    prior written permission. For written permission, please contact
  28  *    licensing@OpenSSL.org.
  29  *
  30  * 5. Products derived from this software may not be called "OpenSSL"
  31  *    nor may "OpenSSL" appear in their names without prior written
  32  *    permission of the OpenSSL Project.
  33  *
  34  * 6. Redistributions of any form whatsoever must retain the following
  35  *    acknowledgment:
  36  *    "This product includes software developed by the OpenSSL Project
  37  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
  38  *
  39  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  40  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  41  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  42  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
  43  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  44  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  45  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  46  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  48  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  49  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  50  * OF THE POSSIBILITY OF SUCH DAMAGE.
  51  * ====================================================================
  52  */
  53
  54
  55 #define OPENSSL_FIPSAPI
  56 #include <openssl/opensslconf.h>
  57
  58 #ifndef OPENSSL_FIPS
  59 #include <stdio.h>
  60
  61 int main(int argc, char **argv)
  62 {
  63     printf("No FIPS DH support\n");
  64     return(0);
  65 }
  66 #else
  67
  68 #include <openssl/crypto.h>
  69 #include <openssl/bn.h>
  70 #include <openssl/dh.h>
  71 #include <openssl/fips.h>
  72 #include <openssl/err.h>
  73 #include <openssl/evp.h>
  74 #include <string.h>
  75 #include <ctype.h>
  76
  77 #include "fips_utl.h"
  78
  79 static const EVP_MD *parse_md(char *line)
  80         {
  81         char *p;
  82         if (line[0] != '[' || line[1] != 'F')
  83                 return NULL;
  84         p = strchr(line, '-');
  85         if (!p)
  86                 return NULL;
  87         line = p + 1;
  88         p = strchr(line, ']');
  89         if (!p)
  90                 return NULL;
  91         *p = 0;
  92         p = line;
  93         while(isspace(*p))
  94                 p++;
  95         if (!strcmp(p, "SHA1"))
  96                 return EVP_sha1();
  97         else if (!strcmp(p, "SHA224"))
  98                 return EVP_sha224();
  99         else if (!strcmp(p, "SHA256"))
 100                 return EVP_sha256();
 101         else if (!strcmp(p, "SHA384"))
 102                 return EVP_sha384();
 103         else if (!strcmp(p, "SHA512"))
 104                 return EVP_sha512();
 105         else
 106                 return NULL;
 107         }
 108
 109 static void output_Zhash(FILE *out, int exout,
 110                                 DH *dh, BIGNUM *peerkey, const EVP_MD *md,
 111                                 unsigned char *rhash, size_t rhashlen)
 112         {
 113         unsigned char *Z;
 114         unsigned char chash[EVP_MAX_MD_SIZE];
 115         int Zlen;
 116         if (rhash == NULL)
 117                 {
 118                 rhashlen = M_EVP_MD_size(md);
 119                 if (!DH_generate_key(dh))
 120                         exit (1);
 121                 do_bn_print_name(out, "YephemIUT", dh->pub_key);
 122                 if (exout)
 123                         do_bn_print_name(out, "XephemIUT", dh->priv_key);
 124                 }
 125         Z = OPENSSL_malloc(BN_num_bytes(dh->p));
 126         if (!Z)
 127                 exit(1);
 128         Zlen = DH_compute_key_padded(Z, peerkey, dh);
 129         if (exout)
 130                 OutputValue("Z", Z, Zlen, out, 0);
 131         FIPS_digest(Z, Zlen, chash, NULL, md);
 132         OutputValue(rhash ? "IUTHashZZ" : "HashZZ", chash, rhashlen, out, 0);
 133         if (rhash)
 134                 {
 135                 fprintf(out, "Result = %s\n",
 136                                 memcmp(chash, rhash, rhashlen) ? "F" : "P");
 137                 }
 138         else
 139                 {
 140                 BN_clear_free(dh->priv_key);
 141                 BN_clear_free(dh->pub_key);
 142                 dh->priv_key = NULL;
 143                 dh->pub_key = NULL;
 144                 }
 145         OPENSSL_cleanse(Z, Zlen);
 146         OPENSSL_free(Z);
 147         }
 148
 149 #ifdef FIPS_ALGVS
 150 int fips_dhvs_main(int argc, char **argv)
 151 #else
 152 int main(int argc, char **argv)
 153 #endif
 154         {
 155         char **args = argv + 1;
 156         int argn = argc - 1;
 157         FILE *in, *out;
 158         char buf[2048], lbuf[2048];
 159         unsigned char *rhash;
 160         long rhashlen;
 161         DH *dh = NULL;
 162         const EVP_MD *md = NULL;
 163         BIGNUM *peerkey = NULL;
 164         char *keyword = NULL, *value = NULL;
 165         int do_verify = -1, exout = 0;
 166
 167         fips_algtest_init();
 168
 169         if (argn && !strcmp(*args, "dhver"))
 170                 {
 171                 do_verify = 1;
 172                 args++;
 173                 argn--;
 174                 }
 175         else if (argn && !strcmp(*args, "dhgen"))
 176                 {
 177                 do_verify = 0;
 178                 args++;
 179                 argn--;
 180                 }
 181
 182         if (argn && !strcmp(*args, "-exout"))
 183                 {
 184                 exout = 1;
 185                 args++;
 186                 argn--;
 187                 }
 188
 189         if (do_verify == -1)
 190                 {
 191                 fprintf(stderr,"%s [dhver|dhgen|] [-exout] (infile outfile)\n",argv[0]);
 192                 exit(1);
 193                 }
 194
 195         if (argn == 2)
 196                 {
 197                 in = fopen(*args, "r");
 198                 if (!in)
 199                         {
 200                         fprintf(stderr, "Error opening input file\n");
 201                         exit(1);
 202                         }
 203                 out = fopen(args[1], "w");
 204                 if (!out)
 205                         {
 206                         fprintf(stderr, "Error opening output file\n");
 207                         exit(1);
 208                         }
 209                 }
 210         else if (argn == 0)
 211                 {
 212                 in = stdin;
 213                 out = stdout;
 214                 }
 215         else
 216                 {
 217                 fprintf(stderr,"%s [dhver|dhgen|] [-exout] (infile outfile)\n",argv[0]);
 218                 exit(1);
 219                 }
 220
 221         dh = FIPS_dh_new();
 222
 223         while (fgets(buf, sizeof(buf), in) != NULL)
 224                 {
 225                 fputs(buf, out);
 226                 if (strlen(buf) > 6 && !strncmp(buf, "[F", 2))
 227                         {
 228                         md = parse_md(buf);
 229                         if (md == NULL)
 230                                 goto parse_error;
 231                         if (dh)
 232                                 FIPS_dh_free(dh);
 233                         dh = FIPS_dh_new();
 234                         continue;
 235                         }
 236                 if (!parse_line(&keyword, &value, lbuf, buf))
 237                         continue;
 238                 if (!strcmp(keyword, "P"))
 239                         {
 240                         if (!do_hex2bn(&dh->p, value))
 241                                 goto parse_error;
 242                         }
 243                 else if (!strcmp(keyword, "Q"))
 244                         {
 245                         if (!do_hex2bn(&dh->q, value))
 246                                 goto parse_error;
 247                         }
 248                 else if (!strcmp(keyword, "G"))
 249                         {
 250                         if (!do_hex2bn(&dh->g, value))
 251                                 goto parse_error;
 252                         }
 253                 else if (!strcmp(keyword, "XephemIUT"))
 254                         {
 255                         if (!do_hex2bn(&dh->priv_key, value))
 256                                 goto parse_error;
 257                         }
 258                 else if (!strcmp(keyword, "YephemIUT"))
 259                         {
 260                         if (!do_hex2bn(&dh->pub_key, value))
 261                                 goto parse_error;
 262                         }
 263                 else if (!strcmp(keyword, "YephemCAVS"))
 264                         {
 265                         if (!do_hex2bn(&peerkey, value))
 266                                 goto parse_error;
 267                         if (do_verify == 0)
 268                                 output_Zhash(out, exout, dh, peerkey, md,
 269                                                         NULL, 0);
 270                         }
 271                 else if (!strcmp(keyword, "CAVSHashZZ"))
 272                         {
 273                         if (!md)
 274                                 goto parse_error;
 275                         rhash = hex2bin_m(value, &rhashlen);
 276                         if (!rhash || rhashlen != M_EVP_MD_size(md))
 277                                 goto parse_error;
 278                         output_Zhash(out, exout, dh, peerkey, md,
 279                                                         rhash, rhashlen);
 280                         }
 281                 }
 282         if (in && in != stdin)
 283                 fclose(in);
 284         if (out && out != stdout)
 285                 fclose(out);
 286         return 0;
 287         parse_error:
 288         fprintf(stderr, "Error Parsing request file\n");
 289         exit(1);
 290         }
 291
 292 #endif