X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=fips%2Ffips.c;h=2b66160bb51de24d234de3c9b4d9402ce6680e75;hp=83b72e577f982deff37e747780b348a381dc297b;hb=011c865640fb6edd3e810326a2c331b29759e87d;hpb=7c8ced94c32131f24d469d2899f3339f77c47aa1

diff --git a/fips/fips.c b/fips/fips.c
index 83b72e577f..2b66160bb5 100644
--- a/fips/fips.c
+++ b/fips/fips.c
@@ -49,6 +49,7 @@
 
 #define OPENSSL_FIPSAPI
 
+#include <openssl/crypto.h>
 #include <openssl/rand.h>
 #include <openssl/fips_rand.h>
 #include <openssl/err.h>
@@ -56,6 +57,7 @@
 #include <openssl/hmac.h>
 #include <openssl/rsa.h>
 #include <openssl/dsa.h>
+#include <openssl/ecdsa.h>
 #include <string.h>
 #include <limits.h>
 #include "fips_locl.h"
@@ -70,13 +72,24 @@
 
 static int fips_selftest_fail;
 static int fips_mode;
+static int fips_started = 0;
 static const void *fips_rand_check;
 
+static int fips_is_owning_thread(void);
+static int fips_set_owning_thread(void);
+static int fips_clear_owning_thread(void);
+static unsigned char *fips_signature_witness(void);
+
+static void fips_w_lock(void)	{ CRYPTO_w_lock(CRYPTO_LOCK_FIPS); }
+static void fips_w_unlock(void)	{ CRYPTO_w_unlock(CRYPTO_LOCK_FIPS); }
+static void fips_r_lock(void)	{ CRYPTO_r_lock(CRYPTO_LOCK_FIPS); }
+static void fips_r_unlock(void)	{ CRYPTO_r_unlock(CRYPTO_LOCK_FIPS); }
+
 static void fips_set_mode(int onoff)
 	{
 	int owning_thread = fips_is_owning_thread();
 
-	if (fips_is_started())
+	if (fips_started)
 		{
 		if (!owning_thread) fips_w_lock();
 		fips_mode = onoff;
@@ -88,7 +101,7 @@ static void fips_set_rand_check(const void *rand_check)
 	{
 	int owning_thread = fips_is_owning_thread();
 
-	if (fips_is_started())
+	if (fips_started)
 		{
 		if (!owning_thread) fips_w_lock();
 		fips_rand_check = rand_check;
@@ -101,7 +114,7 @@ int FIPS_mode(void)
 	int ret = 0;
 	int owning_thread = fips_is_owning_thread();
 
-	if (fips_is_started())
+	if (fips_started)
 		{
 		if (!owning_thread) fips_r_lock();
 		ret = fips_mode;
@@ -115,7 +128,7 @@ const void *FIPS_rand_check(void)
 	const void *ret = 0;
 	int owning_thread = fips_is_owning_thread();
 
-	if (fips_is_started())
+	if (fips_started)
 		{
 		if (!owning_thread) fips_r_lock();
 		ret = fips_rand_check;
@@ -127,7 +140,7 @@ const void *FIPS_rand_check(void)
 int FIPS_selftest_failed(void)
     {
     int ret = 0;
-    if (fips_is_started())
+    if (fips_started)
 	{
 	int owning_thread = fips_is_owning_thread();
 
@@ -161,9 +174,12 @@ int FIPS_selftest(void)
 
     return FIPS_selftest_sha1()
 	&& FIPS_selftest_hmac()
+	&& FIPS_selftest_cmac()
 	&& FIPS_selftest_aes()
+	&& FIPS_selftest_aes_gcm()
 	&& FIPS_selftest_des()
 	&& FIPS_selftest_rsa()
+	&& FIPS_selftest_ecdsa()
 	&& FIPS_selftest_dsa();
     }
 
@@ -256,12 +272,11 @@ int FIPS_mode_set(int onoff)
     int ret = 0;
 
     fips_w_lock();
-    fips_set_started();
+    fips_started = 1;
     fips_set_owning_thread();
 
     if(onoff)
 	{
-	unsigned char buf[48];
 
 	fips_selftest_fail = 0;
 
@@ -300,6 +315,13 @@ int FIPS_mode_set(int onoff)
 	    goto end;
 	    }
 
+	if (!FIPS_selftest_drbg())
+	    {
+	    fips_selftest_fail = 1;
+	    ret = 0;
+	    goto end;
+	    }
+
 	/* Perform RNG KAT before seeding */
 	if (!FIPS_selftest_rng())
 	    {
@@ -307,10 +329,11 @@ int FIPS_mode_set(int onoff)
 	    ret = 0;
 	    goto end;
 	    }
-
+#if 0
 	/* automagically seed PRNG if not already seeded */
 	if(!FIPS_rand_status())
 	    {
+	    unsigned char buf[48];
 	    if(RAND_bytes(buf,sizeof buf) <= 0)
 		{
 		fips_selftest_fail = 1;
@@ -324,6 +347,10 @@ int FIPS_mode_set(int onoff)
 	/* now switch into FIPS mode */
 	fips_set_rand_check(FIPS_rand_method());
 	RAND_set_rand_method(FIPS_rand_method());
+#else
+	fips_set_rand_check(FIPS_drbg_method());
+	RAND_set_rand_method(FIPS_drbg_method());
+#endif
 	if(FIPS_selftest())
 	    fips_set_mode(1);
 	else
@@ -344,30 +371,14 @@ end:
     return ret;
     }
 
-void fips_w_lock(void)		{ CRYPTO_w_lock(CRYPTO_LOCK_FIPS); }
-void fips_w_unlock(void)	{ CRYPTO_w_unlock(CRYPTO_LOCK_FIPS); }
-void fips_r_lock(void)		{ CRYPTO_r_lock(CRYPTO_LOCK_FIPS); }
-void fips_r_unlock(void)	{ CRYPTO_r_unlock(CRYPTO_LOCK_FIPS); }
-
-static int fips_started = 0;
 static CRYPTO_THREADID fips_thread;
 static int fips_thread_set = 0;
 
-void fips_set_started(void)
-	{
-	fips_started = 1;
-	}
-
-int fips_is_started(void)
-	{
-	return fips_started;
-	}
-
-int fips_is_owning_thread(void)
+static int fips_is_owning_thread(void)
 	{
 	int ret = 0;
 
-	if (fips_is_started())
+	if (fips_started)
 		{
 		CRYPTO_r_lock(CRYPTO_LOCK_FIPS2);
 		if (fips_thread_set)
@@ -386,7 +397,7 @@ int fips_set_owning_thread(void)
 	{
 	int ret = 0;
 
-	if (fips_is_started())
+	if (fips_started)
 		{
 		CRYPTO_w_lock(CRYPTO_LOCK_FIPS2);
 		if (!fips_thread_set)
@@ -403,7 +414,7 @@ int fips_clear_owning_thread(void)
 	{
 	int ret = 0;
 
-	if (fips_is_started())
+	if (fips_started)
 		{
 		CRYPTO_w_lock(CRYPTO_LOCK_FIPS2);
 		if (fips_thread_set)
@@ -442,8 +453,9 @@ int fips_pkey_signature_test(EVP_PKEY *pkey,
 	unsigned char sigtmp[256], *sig = sigtmp;
 	unsigned int siglen;
 	DSA_SIG *dsig = NULL;
+	ECDSA_SIG *esig = NULL;
 	EVP_MD_CTX mctx;
-	EVP_MD_CTX_init(&mctx);
+	FIPS_md_ctx_init(&mctx);
 
 	if ((pkey->type == EVP_PKEY_RSA)
 		&& ((size_t)RSA_size(pkey->pkey.rsa) > sizeof(sigtmp)))
@@ -459,9 +471,12 @@ int fips_pkey_signature_test(EVP_PKEY *pkey,
 	if (tbslen == -1)
 		tbslen = strlen((char *)tbs);
 
-	if (!EVP_DigestInit_ex(&mctx, digest, NULL))
+	if (digest == NULL)
+		digest = EVP_sha256();
+
+	if (!FIPS_digestinit(&mctx, digest))
 		goto error;
-	if (!EVP_DigestUpdate(&mctx, tbs, tbslen))
+	if (!FIPS_digestupdate(&mctx, tbs, tbslen))
 		goto error;
 	if (pkey->type == EVP_PKEY_RSA)
 		{
@@ -475,6 +490,12 @@ int fips_pkey_signature_test(EVP_PKEY *pkey,
 		if (!dsig)
 			goto error;
 		}
+	else if (pkey->type == EVP_PKEY_EC)
+		{
+		esig = FIPS_ecdsa_sign_ctx(pkey->pkey.ec, &mctx);
+		if (!esig)
+			goto error;
+		}
 #if 0
 	else if (!EVP_SignFinal(&mctx, sig, &siglen, pkey))
 		goto error;
@@ -483,9 +504,9 @@ int fips_pkey_signature_test(EVP_PKEY *pkey,
 	if (kat && ((siglen != katlen) || memcmp(kat, sig, katlen)))
 		goto error;
 
-	if (!EVP_DigestInit_ex(&mctx, digest, NULL))
+	if (!FIPS_digestinit(&mctx, digest))
 		goto error;
-	if (!EVP_DigestUpdate(&mctx, tbs, tbslen))
+	if (!FIPS_digestupdate(&mctx, tbs, tbslen))
 		goto error;
 	if (pkey->type == EVP_PKEY_RSA)
 		{
@@ -496,6 +517,10 @@ int fips_pkey_signature_test(EVP_PKEY *pkey,
 		{
 		ret = FIPS_dsa_verify_ctx(pkey->pkey.dsa, &mctx, dsig);
 		}
+	else if (pkey->type == EVP_PKEY_EC)
+		{
+		ret = FIPS_ecdsa_verify_ctx(pkey->pkey.ec, &mctx, esig);
+		}
 #if 0
 	else
 		ret = EVP_VerifyFinal(&mctx, sig, siglen, pkey);
@@ -503,15 +528,17 @@ int fips_pkey_signature_test(EVP_PKEY *pkey,
 
 	error:
 	if (dsig != NULL)
-		DSA_SIG_free(dsig);
+		FIPS_dsa_sig_free(dsig);
+	if (esig != NULL)
+		FIPS_ecdsa_sig_free(esig);
 	if (sig != sigtmp)
 		OPENSSL_free(sig);
-	EVP_MD_CTX_cleanup(&mctx);
+	FIPS_md_ctx_cleanup(&mctx);
 	if (ret != 1)
 		{
 		FIPSerr(FIPS_F_FIPS_PKEY_SIGNATURE_TEST,FIPS_R_TEST_FAILURE);
 		if (fail_str)
-			ERR_add_error_data(2, "Type=", fail_str);
+			FIPS_add_error_data(2, "Type=", fail_str);
 		return 0;
 		}
 	return 1;
@@ -531,14 +558,14 @@ int fips_cipher_test(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
 	unsigned char pltmp[FIPS_MAX_CIPHER_TEST_SIZE];
 	unsigned char citmp[FIPS_MAX_CIPHER_TEST_SIZE];
 	OPENSSL_assert(len <= FIPS_MAX_CIPHER_TEST_SIZE);
-	if (EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, 1) <= 0)
+	if (FIPS_cipherinit(ctx, cipher, key, iv, 1) <= 0)
 		return 0;
-	EVP_Cipher(ctx, citmp, plaintext, len);
+	FIPS_cipher(ctx, citmp, plaintext, len);
 	if (memcmp(citmp, ciphertext, len))
 		return 0;
-	if (EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, 0) <= 0)
+	if (FIPS_cipherinit(ctx, cipher, key, iv, 0) <= 0)
 		return 0;
-	EVP_Cipher(ctx, pltmp, citmp, len);
+	FIPS_cipher(ctx, pltmp, citmp, len);
 	if (memcmp(pltmp, plaintext, len))
 		return 0;
 	return 1;