FIPS mode RSA changes:

[openssl.git] / crypto / rsa / rsa_eay.c
diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c

index 7c941885f07665fc62bf669f3a54f3462ea2bbc4..8d3107d84f181fbfb3ed3ab8e128b8d68d240974 100644 (file)
--- a/crypto/rsa/rsa_eay.c
+++ b/crypto/rsa/rsa_eay.c
@@ -114,6 +114,9 @@
  #include <openssl/bn.h>
  #include <openssl/rsa.h>
  #include <openssl/rand.h>
  #include <openssl/bn.h>
  #include <openssl/rsa.h>
  #include <openssl/rand.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
  
  #ifndef RSA_NULL
  
  
  #ifndef RSA_NULL
  
@@ -138,7 +141,7 @@ static RSA_METHOD rsa_pkcs1_eay_meth={
         BN_mod_exp_mont, /* XXX probably we should not use Montgomery if  e == 3 */
         RSA_eay_init,
         RSA_eay_finish,
         BN_mod_exp_mont, /* XXX probably we should not use Montgomery if  e == 3 */
         RSA_eay_init,
         RSA_eay_finish,
-       0, /* flags */
+       RSA_FLAG_FIPS_METHOD, /* flags */
         NULL,
         0, /* rsa_sign */
         0, /* rsa_verify */
         NULL,
         0, /* rsa_sign */
         0, /* rsa_verify */
@@ -158,6 +161,20 @@ static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
         unsigned char *buf=NULL;
         BN_CTX *ctx=NULL;
  
         unsigned char *buf=NULL;
         BN_CTX *ctx=NULL;
  
+#ifdef OPENSSL_FIPS
+       if(FIPS_selftest_failed())
+               {
+               FIPSerr(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT,FIPS_R_FIPS_SELFTEST_FAILED);
+               goto err;
+               }
+
+       if (FIPS_mode() && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
+               {
+               RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
+               return -1;
+               }
+#endif
+
         if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)
                 {
                 RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE);
         if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)
                 {
                 RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE);
@@ -355,6 +372,20 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
         int local_blinding = 0;
         BN_BLINDING *blinding = NULL;
  
         int local_blinding = 0;
         BN_BLINDING *blinding = NULL;
  
+#ifdef OPENSSL_FIPS
+       if(FIPS_selftest_failed())
+               {
+               FIPSerr(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT,FIPS_R_FIPS_SELFTEST_FAILED);
+               goto err;
+               }
+
+       if (FIPS_mode() && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
+               {
+               RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
+               return -1;
+               }
+#endif
+
         if ((ctx=BN_CTX_new()) == NULL) goto err;
         BN_CTX_start(ctx);
         f   = BN_CTX_get(ctx);
         if ((ctx=BN_CTX_new()) == NULL) goto err;
         BN_CTX_start(ctx);
         f   = BN_CTX_get(ctx);
@@ -488,6 +519,20 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
         int local_blinding = 0;
         BN_BLINDING *blinding = NULL;
  
         int local_blinding = 0;
         BN_BLINDING *blinding = NULL;
  
+#ifdef OPENSSL_FIPS
+       if(FIPS_selftest_failed())
+               {
+               FIPSerr(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT,FIPS_R_FIPS_SELFTEST_FAILED);
+               goto err;
+               }
+
+       if (FIPS_mode() && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
+               {
+               RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
+               return -1;
+               }
+#endif
+
         if((ctx = BN_CTX_new()) == NULL) goto err;
         BN_CTX_start(ctx);
         f   = BN_CTX_get(ctx);
         if((ctx = BN_CTX_new()) == NULL) goto err;
         BN_CTX_start(ctx);
         f   = BN_CTX_get(ctx);
@@ -617,6 +662,20 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
         unsigned char *buf=NULL;
         BN_CTX *ctx=NULL;
  
         unsigned char *buf=NULL;
         BN_CTX *ctx=NULL;
  
+#ifdef OPENSSL_FIPS
+       if(FIPS_selftest_failed())
+               {
+               FIPSerr(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT,FIPS_R_FIPS_SELFTEST_FAILED);
+               goto err;
+               }
+
+       if (FIPS_mode() && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
+               {
+               RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
+               return -1;
+               }
+#endif
+
         if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)
                 {
                 RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE);
         if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)
                 {
                 RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE);
@@ -875,6 +934,9 @@ err:
  
  static int RSA_eay_init(RSA *rsa)
         {
  
  static int RSA_eay_init(RSA *rsa)
         {
+#ifdef OPENSSL_FIPS
+       FIPS_selftest_check();
+#endif
         rsa->flags|=RSA_FLAG_CACHE_PUBLIC|RSA_FLAG_CACHE_PRIVATE;
         return(1);
         }
         rsa->flags|=RSA_FLAG_CACHE_PUBLIC|RSA_FLAG_CACHE_PRIVATE;
         return(1);
         }