FIPS mode RSA changes:
[openssl.git] / crypto / rsa / rsa_eay.c
index 7c94188..8d3107d 100644 (file)
 #include <openssl/bn.h>
 #include <openssl/rsa.h>
 #include <openssl/rand.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
 
 #ifndef RSA_NULL
 
@@ -138,7 +141,7 @@ static RSA_METHOD rsa_pkcs1_eay_meth={
        BN_mod_exp_mont, /* XXX probably we should not use Montgomery if  e == 3 */
        RSA_eay_init,
        RSA_eay_finish,
-       0, /* flags */
+       RSA_FLAG_FIPS_METHOD, /* flags */
        NULL,
        0, /* rsa_sign */
        0, /* rsa_verify */
@@ -158,6 +161,20 @@ static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
        unsigned char *buf=NULL;
        BN_CTX *ctx=NULL;
 
+#ifdef OPENSSL_FIPS
+       if(FIPS_selftest_failed())
+               {
+               FIPSerr(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT,FIPS_R_FIPS_SELFTEST_FAILED);
+               goto err;
+               }
+
+       if (FIPS_mode() && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
+               {
+               RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
+               return -1;
+               }
+#endif
+
        if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)
                {
                RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE);
@@ -355,6 +372,20 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
        int local_blinding = 0;
        BN_BLINDING *blinding = NULL;
 
+#ifdef OPENSSL_FIPS
+       if(FIPS_selftest_failed())
+               {
+               FIPSerr(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT,FIPS_R_FIPS_SELFTEST_FAILED);
+               goto err;
+               }
+
+       if (FIPS_mode() && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
+               {
+               RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
+               return -1;
+               }
+#endif
+
        if ((ctx=BN_CTX_new()) == NULL) goto err;
        BN_CTX_start(ctx);
        f   = BN_CTX_get(ctx);
@@ -488,6 +519,20 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
        int local_blinding = 0;
        BN_BLINDING *blinding = NULL;
 
+#ifdef OPENSSL_FIPS
+       if(FIPS_selftest_failed())
+               {
+               FIPSerr(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT,FIPS_R_FIPS_SELFTEST_FAILED);
+               goto err;
+               }
+
+       if (FIPS_mode() && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
+               {
+               RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
+               return -1;
+               }
+#endif
+
        if((ctx = BN_CTX_new()) == NULL) goto err;
        BN_CTX_start(ctx);
        f   = BN_CTX_get(ctx);
@@ -617,6 +662,20 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
        unsigned char *buf=NULL;
        BN_CTX *ctx=NULL;
 
+#ifdef OPENSSL_FIPS
+       if(FIPS_selftest_failed())
+               {
+               FIPSerr(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT,FIPS_R_FIPS_SELFTEST_FAILED);
+               goto err;
+               }
+
+       if (FIPS_mode() && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
+               {
+               RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
+               return -1;
+               }
+#endif
+
        if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)
                {
                RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE);
@@ -875,6 +934,9 @@ err:
 
 static int RSA_eay_init(RSA *rsa)
        {
+#ifdef OPENSSL_FIPS
+       FIPS_selftest_check();
+#endif
        rsa->flags|=RSA_FLAG_CACHE_PUBLIC|RSA_FLAG_CACHE_PRIVATE;
        return(1);
        }