X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=fips%2Fdes%2Ffips_desmovs.c;h=79900aeae28e18e7f55c6f1beaf7c8749129639f;hp=16b8dc1936aee5983f76b6afe9d9842283affe45;hb=69569dd1684ec67ccf8f0a7007872ebbb7a724d5;hpb=017bc57bf9734777d7cc0b847a55b0d762b5a149 diff --git a/fips/des/fips_desmovs.c b/fips/des/fips_desmovs.c index 16b8dc1936..79900aeae2 100644 --- a/fips/des/fips_desmovs.c +++ b/fips/des/fips_desmovs.c @@ -102,30 +102,30 @@ static int DESTest(EVP_CIPHER_CTX *ctx, if (akeysz != 192) { printf("Invalid key size: %d\n", akeysz); - EXIT(1); + return 0; } - if (strcasecmp(amode, "CBC") == 0) + if (fips_strcasecmp(amode, "CBC") == 0) cipher = EVP_des_ede3_cbc(); - else if (strcasecmp(amode, "ECB") == 0) + else if (fips_strcasecmp(amode, "ECB") == 0) cipher = EVP_des_ede3_ecb(); - else if (strcasecmp(amode, "CFB64") == 0) + else if (fips_strcasecmp(amode, "CFB64") == 0) cipher = EVP_des_ede3_cfb64(); - else if (strncasecmp(amode, "OFB", 3) == 0) + else if (fips_strncasecmp(amode, "OFB", 3) == 0) cipher = EVP_des_ede3_ofb(); - else if(!strcasecmp(amode,"CFB8")) + else if(!fips_strcasecmp(amode,"CFB8")) cipher = EVP_des_ede3_cfb8(); - else if(!strcasecmp(amode,"CFB1")) + else if(!fips_strcasecmp(amode,"CFB1")) cipher = EVP_des_ede3_cfb1(); else { printf("Unknown mode: %s\n", amode); - EXIT(1); + return 0; } if (FIPS_cipherinit(ctx, cipher, aKey, iVec, dir) <= 0) return 0; - if(!strcasecmp(amode,"CFB1")) + if(!fips_strcasecmp(amode,"CFB1")) M_EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS); FIPS_cipher(ctx, out, in, len); @@ -155,12 +155,12 @@ static void shiftin(unsigned char *dst,unsigned char *src,int nbits) } /*-----------------------------------------------*/ -char *t_tag[2] = {"PLAINTEXT", "CIPHERTEXT"}; -char *t_mode[6] = {"CBC","ECB","OFB","CFB1","CFB8","CFB64"}; -enum Mode {CBC, ECB, OFB, CFB1, CFB8, CFB64}; +char *tdes_t_tag[2] = {"PLAINTEXT", "CIPHERTEXT"}; +char *tdes_t_mode[6] = {"CBC","ECB","OFB","CFB1","CFB8","CFB64"}; +enum tdes_Mode {TCBC, TECB, TOFB, TCFB1, TCFB8, TCFB64}; int Sizes[6]={64,64,64,1,8,64}; -static void do_mct(char *amode, +static int do_tmct(char *amode, int akeysz, int numkeys, unsigned char *akey,unsigned char *ivec, int dir, unsigned char *text, int len, FILE *rfp) @@ -170,14 +170,13 @@ static void do_mct(char *amode, unsigned char text0[8]; for (imode=0 ; imode < 6 ; ++imode) - if(!strcmp(amode,t_mode[imode])) + if(!strcmp(amode,tdes_t_mode[imode])) break; if (imode == 6) { printf("Unrecognized mode: %s\n", amode); - EXIT(1); + return 0; } - for(i=0 ; i < 400 ; ++i) { int j; @@ -187,7 +186,7 @@ static void do_mct(char *amode, EVP_CIPHER_CTX ctx; FIPS_cipher_ctx_init(&ctx); - fprintf(rfp,"\nCOUNT = %d\n",i); + fprintf(rfp,RESP_EOL "COUNT = %d" RESP_EOL,i); if(kp == 1) OutputValue("KEY",akey,8,rfp,0); else @@ -197,12 +196,12 @@ static void do_mct(char *amode, OutputValue("",akey+n*8,8,rfp,0); } - if(imode != ECB) + if(imode != TECB) OutputValue("IV",ivec,8,rfp,0); - OutputValue(t_tag[dir^1],text,len,rfp,imode == CFB1); + OutputValue(tdes_t_tag[dir^1],text,len,rfp,imode == TCFB1); #if 0 /* compensate for endianness */ - if(imode == CFB1) + if(imode == TCFB1) text[0]<<=7; #endif memcpy(text0,text,8); @@ -224,18 +223,18 @@ static void do_mct(char *amode, } if(j == 9999) { - OutputValue(t_tag[dir],text,len,rfp,imode == CFB1); + OutputValue(tdes_t_tag[dir],text,len,rfp,imode == TCFB1); /* memcpy(ivec,text,8); */ } /* DebugValue("iv",ctx.iv,8); */ /* accumulate material for the next key */ shiftin(nk,text,Sizes[imode]); /* DebugValue("nk",nk,24);*/ - if((dir && (imode == CFB1 || imode == CFB8 || imode == CFB64 - || imode == CBC)) || imode == OFB) + if((dir && (imode == TCFB1 || imode == TCFB8 + || imode == TCFB64 || imode == TCBC)) || imode == TOFB) memcpy(text,old_iv,8); - if(!dir && (imode == CFB1 || imode == CFB8 || imode == CFB64)) + if(!dir && (imode == TCFB1 || imode == TCFB8 || imode == TCFB64)) { /* the test specifies using the output of the raw DES operation which we don't have, so reconstruct it... */ @@ -261,13 +260,15 @@ static void do_mct(char *amode, /* pointless exercise - the final text doesn't depend on the initial text in OFB mode, so who cares what it is? (Who designed these tests?) */ - if(imode == OFB) + if(imode == TOFB) for(n=0 ; n < 8 ; ++n) text[n]=text0[n]^old_iv[n]; + FIPS_cipher_ctx_cleanup(&ctx); } + return 1; } -static int proc_file(char *rqfile, char *rspfile) +static int tproc_file(char *rqfile, char *rspfile) { char afn[256], rfn[256]; FILE *afp = NULL, *rfp = NULL; @@ -277,7 +278,7 @@ static int proc_file(char *rqfile, char *rspfile) char atest[100] = ""; int akeysz=0; unsigned char iVec[20], aKey[40]; - int dir = -1, err = 0, step = 0; + int dir = -1, err = 0, step = 0, echo = 1; unsigned char plaintext[2048]; unsigned char ciphertext[2048]; char *rp; @@ -342,7 +343,7 @@ static int proc_file(char *rqfile, char *rspfile) } else { - fputs(ibuf, rfp); + copy_line(ibuf, rfp); ++ step; } } @@ -358,11 +359,12 @@ static int proc_file(char *rqfile, char *rspfile) if(*amode) { /* insert current time & date */ time_t rtim = time(0); - fprintf(rfp, "# %s", ctime(&rtim)); + fputs("# ", rfp); + copy_line(ctime(&rtim), rfp); } else { - fputs(ibuf, rfp); + copy_line(ibuf, rfp); if(!strncmp(pp,"INVERSE ",8) || !strncmp(pp,"DES ",4) || !strncmp(pp,"TDES ",5) || !strncmp(pp,"PERMUTATION ",12) @@ -383,6 +385,8 @@ static int proc_file(char *rqfile, char *rspfile) n = strlen(xp+1)-1; strncpy(amode, xp+1, n); amode[n] = '\0'; + if (!strcmp(atest, "Monte")) + echo = 0; /* amode[3] = '\0'; */ if (VERBOSE) printf("Test=%s, Mode=%s\n",atest,amode); @@ -396,11 +400,11 @@ static int proc_file(char *rqfile, char *rspfile) break; if (ibuf[0] == '[') { - fputs(ibuf, rfp); + copy_line(ibuf, rfp); ++step; - if (strncasecmp(ibuf, "[ENCRYPT]", 9) == 0) + if (fips_strncasecmp(ibuf, "[ENCRYPT]", 9) == 0) dir = 1; - else if (strncasecmp(ibuf, "[DECRYPT]", 9) == 0) + else if (fips_strncasecmp(ibuf, "[DECRYPT]", 9) == 0) dir = 0; else { @@ -421,27 +425,27 @@ static int proc_file(char *rqfile, char *rspfile) case 2: /* KEY = xxxx */ if(*ibuf == '\n') { - fputs(ibuf, rfp); + copy_line(ibuf, rfp); break; } - if(!strncasecmp(ibuf,"COUNT = ",8)) + if(!fips_strncasecmp(ibuf,"COUNT = ",8)) { - fputs(ibuf, rfp); + copy_line(ibuf, rfp); break; } - if(!strncasecmp(ibuf,"COUNT=",6)) + if(!fips_strncasecmp(ibuf,"COUNT=",6)) { - fputs(ibuf, rfp); + copy_line(ibuf, rfp); break; } - if(!strncasecmp(ibuf,"NumKeys = ",10)) + if(!fips_strncasecmp(ibuf,"NumKeys = ",10)) { numkeys=atoi(ibuf+10); break; } - - fputs(ibuf, rfp); - if(!strncasecmp(ibuf,"KEY = ",6)) + if (echo) + copy_line(ibuf, rfp); + if(!fips_strncasecmp(ibuf,"KEY = ",6)) { akeysz=64; len = hex2bin((char*)ibuf+6, aKey); @@ -454,7 +458,7 @@ static int proc_file(char *rqfile, char *rspfile) PrintValue("KEY", aKey, len); ++step; } - else if(!strncasecmp(ibuf,"KEYs = ",7)) + else if(!fips_strncasecmp(ibuf,"KEYs = ",7)) { akeysz=64*3; len=hex2bin(ibuf+7,aKey); @@ -470,7 +474,7 @@ static int proc_file(char *rqfile, char *rspfile) PrintValue("KEYs",aKey,len); ++step; } - else if(!strncasecmp(ibuf,"KEY",3)) + else if(!fips_strncasecmp(ibuf,"KEY",3)) { int n=ibuf[3]-'1'; @@ -495,8 +499,9 @@ static int proc_file(char *rqfile, char *rspfile) break; case 3: /* IV = xxxx */ - fputs(ibuf, rfp); - if (strncasecmp(ibuf, "IV = ", 5) != 0) + if (echo) + copy_line(ibuf, rfp); + if (fips_strncasecmp(ibuf, "IV = ", 5) != 0) { printf("Missing IV\n"); err = 1; @@ -516,8 +521,9 @@ static int proc_file(char *rqfile, char *rspfile) break; case 4: /* PLAINTEXT = xxxx */ - fputs(ibuf, rfp); - if (strncasecmp(ibuf, "PLAINTEXT = ", 12) != 0) + if (echo) + copy_line(ibuf, rfp); + if (fips_strncasecmp(ibuf, "PLAINTEXT = ", 12) != 0) { printf("Missing PLAINTEXT\n"); err = 1; @@ -542,7 +548,9 @@ static int proc_file(char *rqfile, char *rspfile) PrintValue("PLAINTEXT", (unsigned char*)plaintext, len); if (strcmp(atest, "Monte") == 0) /* Monte Carlo Test */ { - do_mct(amode,akeysz,numkeys,aKey,iVec,dir,plaintext,len,rfp); + if (!do_tmct(amode,akeysz,numkeys,aKey,iVec, + dir,plaintext,len,rfp)) + return -1; } else { @@ -558,8 +566,9 @@ static int proc_file(char *rqfile, char *rspfile) break; case 5: /* CIPHERTEXT = xxxx */ - fputs(ibuf, rfp); - if (strncasecmp(ibuf, "CIPHERTEXT = ", 13) != 0) + if (echo) + copy_line(ibuf, rfp); + if (fips_strncasecmp(ibuf, "CIPHERTEXT = ", 13) != 0) { printf("Missing KEY\n"); err = 1; @@ -580,7 +589,7 @@ static int proc_file(char *rqfile, char *rspfile) PrintValue("CIPHERTEXT", ciphertext, len); if (strcmp(atest, "Monte") == 0) /* Monte Carlo Test */ { - do_mct(amode, akeysz, numkeys, aKey, iVec, + do_tmct(amode, akeysz, numkeys, aKey, iVec, dir, ciphertext, len, rfp); } else @@ -604,7 +613,7 @@ static int proc_file(char *rqfile, char *rspfile) } else if (strcmp(atest, "MCT") != 0) { /* MCT already added terminating nl */ - fputs(ibuf, rfp); + copy_line(ibuf, rfp); } step = 1; break; @@ -614,6 +623,7 @@ static int proc_file(char *rqfile, char *rspfile) fclose(rfp); if (afp) fclose(afp); + FIPS_cipher_ctx_cleanup(&ctx); return err; } @@ -626,25 +636,25 @@ static int proc_file(char *rqfile, char *rspfile) aes_test -d xxxxx.xxx The default is: -d req.txt --------------------------------------------------*/ +#ifdef FIPS_ALGVS +int fips_desmovs_main(int argc, char **argv) +#else int main(int argc, char **argv) +#endif { char *rqlist = "req.txt", *rspfile = NULL; FILE *fp = NULL; char fn[250] = "", rfn[256] = ""; int f_opt = 0, d_opt = 1; -#ifdef OPENSSL_FIPS - fips_set_error_print(); - if(!FIPS_mode_set(1)) - EXIT(1); -#endif + fips_algtest_init(); if (argc > 1) { - if (strcasecmp(argv[1], "-d") == 0) + if (fips_strcasecmp(argv[1], "-d") == 0) { d_opt = 1; } - else if (strcasecmp(argv[1], "-f") == 0) + else if (fips_strcasecmp(argv[1], "-f") == 0) { f_opt = 1; d_opt = 0; @@ -679,10 +689,10 @@ int main(int argc, char **argv) strtok(fn, "\r\n"); strcpy(rfn, fn); printf("Processing: %s\n", rfn); - if (proc_file(rfn, rspfile)) + if (tproc_file(rfn, rspfile)) { printf(">>> Processing failed for: %s <<<\n", rfn); - EXIT(1); + return -1; } } fclose(fp); @@ -691,12 +701,11 @@ int main(int argc, char **argv) { if (VERBOSE) printf("Processing: %s\n", fn); - if (proc_file(fn, rspfile)) + if (tproc_file(fn, rspfile)) { printf(">>> Processing failed for: %s <<<\n", fn); } } - EXIT(0); return 0; }