Report each cipher used with CMAC tests.
[openssl.git] / fips / cmac / fips_cmac_selftest.c
index c8435263d271798a0082a3eede1f5e3c931ea29d..b307297305fba751eafd66f3da35bf270105cefc 100644 (file)
 #include <openssl/err.h>
 #include <openssl/fips.h>
 #include <openssl/cmac.h>
+#include "fips_locl.h"
 
 #ifdef OPENSSL_FIPS
 typedef struct {
        const EVP_CIPHER *(*alg)(void);
-       const unsigned char key[EVP_MAX_KEY_LENGTH]; int keysize;
-       const unsigned char msg[64]; int msgsize;
-       const unsigned char mac[32]; int macsize;
+       const unsigned char key[EVP_MAX_KEY_LENGTH]; size_t keysize;
+       const unsigned char msg[64]; size_t msgsize;
+       const unsigned char mac[32]; size_t macsize;
 } CMAC_KAT;
 
 /* from http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf */
@@ -107,30 +108,69 @@ static const CMAC_KAT vector[] = {
 };
 
 int FIPS_selftest_cmac()
-    {
-    size_t n;
-    unsigned int     outlen;
-    unsigned char    out[32];
-    const EVP_CIPHER *cipher;
-    CMAC_CTX *ctx = CMAC_CTX_new();
-    const CMAC_KAT *t;
-
-    for(n=0,t=vector; n<sizeof(vector)/sizeof(vector[0]); n++,t++)
        {
-       cipher = (*t->alg)();
-       CMAC_Init(ctx, t->key, t->keysize/8, cipher, 0);
-       CMAC_Update(ctx, t->msg, t->msgsize/8);
-       CMAC_Final(ctx, out, &outlen);
-       CMAC_CTX_cleanup(ctx);
+       size_t n, outlen;
+       unsigned char    out[32];
+       const EVP_CIPHER *cipher;
+       CMAC_CTX *ctx = CMAC_CTX_new();
+       const CMAC_KAT *t;
+       int subid, rv = 1;
 
-       if(outlen < t->macsize/8 || memcmp(out,t->mac,t->macsize/8))
-           {
-           FIPSerr(FIPS_F_FIPS_SELFTEST_CMAC,FIPS_R_SELFTEST_FAILED);
-           return 0;
-           }
-       }
+       for(n=0,t=vector; n<sizeof(vector)/sizeof(vector[0]); n++,t++)
+               {
+               cipher = (*t->alg)();
+               subid = M_EVP_CIPHER_nid(cipher);
+               if (!fips_post_started(FIPS_TEST_CMAC, subid, 0))
+                       continue;
+               if (!CMAC_Init(ctx, t->key, t->keysize/8, cipher, 0))
+                       {
+                       rv = -1;
+                       goto err;
+                       }
+               if (!CMAC_Update(ctx, t->msg, t->msgsize/8))
+                       {
+                       rv = -1;
+                       goto err;
+                       }
+                       
+               if (!fips_post_corrupt(FIPS_TEST_CMAC, subid, NULL))
+                       {
+                       if (!CMAC_Update(ctx, t->msg, 1))
+                               {
+                               rv = -1;
+                               goto err;
+                               }
+                       }
+               if (!CMAC_Final(ctx, out, &outlen))
+                       {
+                       rv = -1;
+                       goto err;
+                       }
+               CMAC_CTX_cleanup(ctx);
+
+               if(outlen < t->macsize/8 || memcmp(out,t->mac,t->macsize/8))
+                       {
+                       fips_post_failed(FIPS_TEST_CMAC, subid, NULL);
+                       rv = 0;
+                       }
+               else if (!fips_post_success(FIPS_TEST_CMAC, subid, NULL))
+                       {
+                       rv = 0;
+                       goto err;
+                       }
+               }
 
-    CMAC_CTX_free(ctx);
-    return 1;
-    }
+       err:
+       CMAC_CTX_free(ctx);
+
+       if (rv == -1)
+               {
+               fips_post_failed(FIPS_TEST_CMAC, subid, NULL);
+               rv = 0;
+               }
+       if (!rv)
+                  FIPSerr(FIPS_F_FIPS_SELFTEST_CMAC,FIPS_R_SELFTEST_FAILED);
+
+       return rv;
+       }
 #endif