Add fips checks for dsa signatures

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12745)

diff --git a/providers/implementations/signature/build.info b/providers/implementations/signature/build.info
index 5a813083b2c1314798215650d14d456e6bad80ae..9d682b81da3ae0144d7c891c79d2fba4e020ba07 100644 (file)
--- a/providers/implementations/signature/build.info
+++ b/providers/implementations/signature/build.info
@@ -5,7 +5,8 @@ $DSA_GOAL=../../libimplementations.a
 $EC_GOAL=../../libimplementations.a
 
 IF[{- !$disabled{dsa} -}]
 $EC_GOAL=../../libimplementations.a
 
 IF[{- !$disabled{dsa} -}]

-  SOURCE[$DSA_GOAL]=dsa.c
+  SOURCE[../../libfips.a]=dsa.c
+  SOURCE[../../libnonfips.a]=dsa.c

 ENDIF
 
 IF[{- !$disabled{ec} -}]
 ENDIF
 
 IF[{- !$disabled{ec} -}]

diff --git a/providers/implementations/signature/dsa.c b/providers/implementations/signature/dsa.c
index f18f90ec6389a2c5619ede947698810522bf1570..7d2496aae8397b2e254b6dc93ff4ad797bf9fb44 100644 (file)
--- a/providers/implementations/signature/dsa.c
+++ b/providers/implementations/signature/dsa.c
@@ -30,18 +30,19 @@
 #include "prov/implementations.h"
 #include "prov/providercommonerr.h"
 #include "prov/provider_ctx.h"
 #include "prov/implementations.h"
 #include "prov/providercommonerr.h"
 #include "prov/provider_ctx.h"

+#include "prov/provider_util.h"

 #include "crypto/dsa.h"
 #include "prov/der_dsa.h"
 
 static OSSL_FUNC_signature_newctx_fn dsa_newctx;
 #include "crypto/dsa.h"
 #include "prov/der_dsa.h"
 
 static OSSL_FUNC_signature_newctx_fn dsa_newctx;

-static OSSL_FUNC_signature_sign_init_fn dsa_signature_init;
-static OSSL_FUNC_signature_verify_init_fn dsa_signature_init;
+static OSSL_FUNC_signature_sign_init_fn dsa_sign_init;
+static OSSL_FUNC_signature_verify_init_fn dsa_verify_init;

 static OSSL_FUNC_signature_sign_fn dsa_sign;
 static OSSL_FUNC_signature_verify_fn dsa_verify;
 static OSSL_FUNC_signature_sign_fn dsa_sign;
 static OSSL_FUNC_signature_verify_fn dsa_verify;

-static OSSL_FUNC_signature_digest_sign_init_fn dsa_digest_signverify_init;
+static OSSL_FUNC_signature_digest_sign_init_fn dsa_digest_sign_init;

 static OSSL_FUNC_signature_digest_sign_update_fn dsa_digest_signverify_update;
 static OSSL_FUNC_signature_digest_sign_final_fn dsa_digest_sign_final;
 static OSSL_FUNC_signature_digest_sign_update_fn dsa_digest_signverify_update;
 static OSSL_FUNC_signature_digest_sign_final_fn dsa_digest_sign_final;

-static OSSL_FUNC_signature_digest_verify_init_fn dsa_digest_signverify_init;
+static OSSL_FUNC_signature_digest_verify_init_fn dsa_digest_verify_init;

 static OSSL_FUNC_signature_digest_verify_update_fn dsa_digest_signverify_update;
 static OSSL_FUNC_signature_digest_verify_final_fn dsa_digest_verify_final;
 static OSSL_FUNC_signature_freectx_fn dsa_freectx;
 static OSSL_FUNC_signature_digest_verify_update_fn dsa_digest_signverify_update;
 static OSSL_FUNC_signature_digest_verify_final_fn dsa_digest_verify_final;
 static OSSL_FUNC_signature_freectx_fn dsa_freectx;


@@ -85,8 +86,50 @@ typedef struct {
     EVP_MD *md;
     EVP_MD_CTX *mdctx;
     size_t mdsize;
     EVP_MD *md;
     EVP_MD_CTX *mdctx;
     size_t mdsize;

+    int operation;
+

 } PROV_DSA_CTX;
 
 } PROV_DSA_CTX;
 

+/*
+ * Check for valid key sizes if fips mode. Refer to
+ * https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf
+ * "Table 2"
+ */
+static int dsa_check_key_size(const PROV_DSA_CTX *ctx)
+{
+#ifdef FIPS_MODULE
+    size_t L, N;
+    const BIGNUM *p, *q;
+    DSA *dsa = ctx->dsa;
+
+    if (dsa == NULL)
+        return 0;
+
+    p = DSA_get0_p(dsa);
+    q = DSA_get0_q(dsa);
+    if (p == NULL || q == NULL)
+        return 0;
+
+    L = BN_num_bits(p);
+    N = BN_num_bits(q);
+
+    /*
+     * Valid sizes or verification - Note this could be a fips186-2 type
+     * key - so we allow 512 also. When this is no longer suppported the
+     * lower bound should be increased to 1024.
+     */
+    if (ctx->operation != EVP_PKEY_OP_SIGN)
+        return (L >= 512 && N >= 160);
+
+     /* Valid sizes for both sign and verify */
+    if (L == 2048 && (N == 224 || N == 256))
+        return 1;
+    return (L == 3072 && N == 256);
+#else
+    return 1;
+#endif
+}
+

 static size_t dsa_get_md_size(const PROV_DSA_CTX *pdsactx)
 {
     if (pdsactx->md != NULL)
 static size_t dsa_get_md_size(const PROV_DSA_CTX *pdsactx)
 {
     if (pdsactx->md != NULL)


@@ -94,42 +137,11 @@ static size_t dsa_get_md_size(const PROV_DSA_CTX *pdsactx)
     return 0;
 }
 
     return 0;
 }
 

-static int dsa_get_md_nid(const EVP_MD *md)
+static int dsa_get_md_nid(const PROV_DSA_CTX *ctx, const EVP_MD *md)

 {
 {

-    /*
-     * Because the DSA library deals with NIDs, we need to translate.
-     * We do so using EVP_MD_is_a(), and therefore need a name to NID
-     * map.
-     */
-    static const OSSL_ITEM name_to_nid[] = {
-        { NID_sha1,   OSSL_DIGEST_NAME_SHA1   },
-        { NID_sha224, OSSL_DIGEST_NAME_SHA2_224 },
-        { NID_sha256, OSSL_DIGEST_NAME_SHA2_256 },
-        { NID_sha384, OSSL_DIGEST_NAME_SHA2_384 },
-        { NID_sha512, OSSL_DIGEST_NAME_SHA2_512 },
-        { NID_sha3_224, OSSL_DIGEST_NAME_SHA3_224 },
-        { NID_sha3_256, OSSL_DIGEST_NAME_SHA3_256 },
-        { NID_sha3_384, OSSL_DIGEST_NAME_SHA3_384 },
-        { NID_sha3_512, OSSL_DIGEST_NAME_SHA3_512 },
-    };
-    size_t i;
-    int mdnid = NID_undef;
-
-    if (md == NULL)
-        goto end;
-
-    for (i = 0; i < OSSL_NELEM(name_to_nid); i++) {
-        if (EVP_MD_is_a(md, name_to_nid[i].ptr)) {
-            mdnid = (int)name_to_nid[i].id;
-            break;
-        }
-    }
-
-    if (mdnid == NID_undef)
-        ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_DIGEST);
+    int sha1_allowed = (ctx->operation != EVP_PKEY_OP_SIGN);

 
 

- end:
-    return mdnid;
+    return ossl_prov_digest_get_approved_nid(md, sha1_allowed);

 }
 
 static void *dsa_newctx(void *provctx, const char *propq)
 }
 
 static void *dsa_newctx(void *provctx, const char *propq)


@@ -160,11 +172,21 @@ static int dsa_setup_md(PROV_DSA_CTX *ctx,
         mdprops = ctx->propq;
 
     if (mdname != NULL) {
         mdprops = ctx->propq;
 
     if (mdname != NULL) {

-        EVP_MD *md = EVP_MD_fetch(ctx->libctx, mdname, mdprops);
-        int md_nid = dsa_get_md_nid(md);

         WPACKET pkt;
         WPACKET pkt;

+        EVP_MD *md = EVP_MD_fetch(ctx->libctx, mdname, mdprops);
+        int md_nid = dsa_get_md_nid(ctx, md);
+        size_t mdname_len = strlen(mdname);

 
         if (md == NULL || md_nid == NID_undef) {
 
         if (md == NULL || md_nid == NID_undef) {

+            if (md == NULL)
+                ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST,
+                               "%s could not be fetched", mdname);
+            if (md_nid == NID_undef)
+                ERR_raise_data(ERR_LIB_PROV, PROV_R_DIGEST_NOT_ALLOWED,
+                               "digest=%s", mdname);
+            if (mdname_len >= sizeof(ctx->mdname))
+                ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST,
+                               "%s exceeds name buffer length", mdname);

             EVP_MD_free(md);
             return 0;
         }
             EVP_MD_free(md);
             return 0;
         }


@@ -196,7 +218,7 @@ static int dsa_setup_md(PROV_DSA_CTX *ctx,
     return 1;
 }
 
     return 1;
 }
 

-static int dsa_signature_init(void *vpdsactx, void *vdsa)
+static int dsa_signverify_init(void *vpdsactx, void *vdsa, int operation)

 {
     PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
 
 {
     PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
 


@@ -207,9 +229,24 @@ static int dsa_signature_init(void *vpdsactx, void *vdsa)
         return 0;
     DSA_free(pdsactx->dsa);
     pdsactx->dsa = vdsa;
         return 0;
     DSA_free(pdsactx->dsa);
     pdsactx->dsa = vdsa;

+    pdsactx->operation = operation;
+    if (!dsa_check_key_size(pdsactx)) {
+        ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
+        return 0;
+    }

     return 1;
 }
 
     return 1;
 }
 

+static int dsa_sign_init(void *vpdsactx, void *vdsa)
+{
+    return dsa_signverify_init(vpdsactx, vdsa, EVP_PKEY_OP_SIGN);
+}
+
+static int dsa_verify_init(void *vpdsactx, void *vdsa)
+{
+    return dsa_signverify_init(vpdsactx, vdsa, EVP_PKEY_OP_VERIFY);
+}
+

 static int dsa_sign(void *vpdsactx, unsigned char *sig, size_t *siglen,
                     size_t sigsize, const unsigned char *tbs, size_t tbslen)
 {
 static int dsa_sign(void *vpdsactx, unsigned char *sig, size_t *siglen,
                     size_t sigsize, const unsigned char *tbs, size_t tbslen)
 {


@@ -254,7 +291,7 @@ static int dsa_verify(void *vpdsactx, const unsigned char *sig, size_t siglen,
 }
 
 static int dsa_digest_signverify_init(void *vpdsactx, const char *mdname,
 }
 
 static int dsa_digest_signverify_init(void *vpdsactx, const char *mdname,

-                                      void *vdsa)
+                                      void *vdsa, int operation)

 {
     PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
 
 {
     PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
 


@@ -262,7 +299,7 @@ static int dsa_digest_signverify_init(void *vpdsactx, const char *mdname,
         return 0;
 
     pdsactx->flag_allow_md = 0;
         return 0;
 
     pdsactx->flag_allow_md = 0;

-    if (!dsa_signature_init(vpdsactx, vdsa))
+    if (!dsa_signverify_init(vpdsactx, vdsa, operation))

         return 0;
 
     if (!dsa_setup_md(pdsactx, mdname, NULL))
         return 0;
 
     if (!dsa_setup_md(pdsactx, mdname, NULL))


@@ -285,6 +322,17 @@ static int dsa_digest_signverify_init(void *vpdsactx, const char *mdname,
     return 0;
 }
 
     return 0;
 }
 

+static int dsa_digest_sign_init(void *vpdsactx, const char *mdname,
+                                      void *vdsa)
+{
+    return dsa_digest_signverify_init(vpdsactx, mdname, vdsa, EVP_PKEY_OP_SIGN);
+}
+
+static int dsa_digest_verify_init(void *vpdsactx, const char *mdname, void *vdsa)
+{
+    return dsa_digest_signverify_init(vpdsactx, mdname, vdsa, EVP_PKEY_OP_VERIFY);
+}
+

 int dsa_digest_signverify_update(void *vpdsactx, const unsigned char *data,
                                  size_t datalen)
 {
 int dsa_digest_signverify_update(void *vpdsactx, const unsigned char *data,
                                  size_t datalen)
 {


@@ -428,7 +476,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = {
     OSSL_PARAM_END
 };
 
     OSSL_PARAM_END
 };
 

-static const OSSL_PARAM *dsa_gettable_ctx_params(ossl_unused void *provctx)
+static const OSSL_PARAM *dsa_gettable_ctx_params(ossl_unused void *vctx)

 {
     return known_gettable_ctx_params;
 }
 {
     return known_gettable_ctx_params;
 }


@@ -477,6 +525,12 @@ static const OSSL_PARAM *dsa_settable_ctx_params(ossl_unused void *provctx)
      * params if the ctx is being used for a DigestSign/DigestVerify? In that
      * case it is not allowed to set the digest size/digest name because the
      * digest is explicitly set as part of the init.
      * params if the ctx is being used for a DigestSign/DigestVerify? In that
      * case it is not allowed to set the digest size/digest name because the
      * digest is explicitly set as part of the init.

+     * NOTE: Ideally we would check pdsactx->flag_allow_md, but this is
+     * problematic because there is no nice way of passing the
+     * PROV_DSA_CTX down to this function...
+     * Because we have API's that dont know about their parent..
+     * e.g: EVP_SIGNATURE_gettable_ctx_params(const EVP_SIGNATURE *sig).
+     * We could pass NULL for that case (but then how useful is the check?).

      */
     return known_settable_ctx_params;
 }
      */
     return known_settable_ctx_params;
 }


@@ -523,18 +577,18 @@ static const OSSL_PARAM *dsa_settable_ctx_md_params(void *vpdsactx)
 
 const OSSL_DISPATCH dsa_signature_functions[] = {
     { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))dsa_newctx },
 
 const OSSL_DISPATCH dsa_signature_functions[] = {
     { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))dsa_newctx },

-    { OSSL_FUNC_SIGNATURE_SIGN_INIT, (void (*)(void))dsa_signature_init },
+    { OSSL_FUNC_SIGNATURE_SIGN_INIT, (void (*)(void))dsa_sign_init },

     { OSSL_FUNC_SIGNATURE_SIGN, (void (*)(void))dsa_sign },
     { OSSL_FUNC_SIGNATURE_SIGN, (void (*)(void))dsa_sign },

-    { OSSL_FUNC_SIGNATURE_VERIFY_INIT, (void (*)(void))dsa_signature_init },
+    { OSSL_FUNC_SIGNATURE_VERIFY_INIT, (void (*)(void))dsa_verify_init },

     { OSSL_FUNC_SIGNATURE_VERIFY, (void (*)(void))dsa_verify },
     { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT,
     { OSSL_FUNC_SIGNATURE_VERIFY, (void (*)(void))dsa_verify },
     { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT,

-      (void (*)(void))dsa_digest_signverify_init },
+      (void (*)(void))dsa_digest_sign_init },

     { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE,
       (void (*)(void))dsa_digest_signverify_update },
     { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL,
       (void (*)(void))dsa_digest_sign_final },
     { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT,
     { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE,
       (void (*)(void))dsa_digest_signverify_update },
     { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL,
       (void (*)(void))dsa_digest_sign_final },
     { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT,

-      (void (*)(void))dsa_digest_signverify_init },
+      (void (*)(void))dsa_digest_verify_init },

     { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE,
       (void (*)(void))dsa_digest_signverify_update },
     { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_FINAL,
     { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE,
       (void (*)(void))dsa_digest_signverify_update },
     { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_FINAL,

diff --git a/test/recipes/30-test_evp_data/evppkey_dsa.txt b/test/recipes/30-test_evp_data/evppkey_dsa.txt
index 551c9bd356e536e5781ace9cfabd00d93eb4808d..5ec5d57b8dcc8365e1bfe64bc057da0859ba22bb 100644 (file)
--- a/test/recipes/30-test_evp_data/evppkey_dsa.txt
+++ b/test/recipes/30-test_evp_data/evppkey_dsa.txt
@@ -128,3 +128,193 @@ Result = KEYPAIR_MISMATCH
 
 PrivPubKeyPair = DSA-1024-BIS:DSA-1024-PUBLIC
 Result = KEYPAIR_MISMATCH
 
 PrivPubKeyPair = DSA-1024-BIS:DSA-1024-PUBLIC
 Result = KEYPAIR_MISMATCH

+
+
+PrivateKey = DSA-1024-FIPS186-2
+-----BEGIN PRIVATE KEY-----
+MIIBWgIBADCCATMGByqGSM44BAEwggEmAoGBALRSnNcjMPIl4tekT5D3AgqsK042
+Ar1dGKeJCmWrSngAELtSH0yZCwsbl7wLEgG2lfusbn5sdtbpFioKInohZruRhzwC
+59GRXjAFD0QPhVE/qy6Oto+8WIHAa/RiEIkxRfTiAe9Ach56k9lZYONDUHDqH38u
+UIfjoUN+jlzoJcWbAh0A6TfgjmB+CxvxG/2pz8OAXXfNP8/JLfYvolE/fwKBgH7l
+jLeoOofKc+rwO2Fha8nuFddXRSePZKzC7mRQsPXwfvX5V6msU2xizjdPIsqVu7qA
+Bcc1YMd7/5C3vaKuS21DxBOs7nAHbO9ZZtGlpUAnJwM/P09nMb3yG6tR9LF3AQmu
+Kr2KShQB0FlSgvcCDTX7g8eJ/UuIWo6wX4hSdHDhBB4CHAdVVg1m5ikOICUBo37Y
+/TqkTaCFsMDwcDc20Jg=
+-----END PRIVATE KEY-----
+
+PrivateKey = DSA-2048-224
+-----BEGIN PRIVATE KEY-----
+MIICXAIBADCCAjUGByqGSM44BAEwggIoAoIBAQDVjuiHR3XA9yAjToNQOmdg2rN9
+0A4mIEV3XGy1nqaKZXdavdXcsAGLmttZ/gfiHi0JNh3rxj4dbvcaN+K0IWXq6hAY
+6ZOvDZ0FH5DRH63Ecd8fWY/BMDr178sOINkPG8hLRmYcrAp/4woMBPxkEtQBfl4R
+POus+OYS4sJpl8wEgfy0HhLXkkN4YQhBf57NvQ7+LcwaErDcNLRguI3TRzflhNEh
+ieBfYtIIgISIi0yMsxOINopuHeAmcANLjyUqkQ44xcJ0kM+OoAKFq/XukkTj++iP
+9Okh+bmNEo23RtM4qqScZyUIX4bPyynbkMdu01ZG+q8PEhyoxGpHkMT6kYHBAh0A
+/rbeX9L8STLoLIsLUMbdPVLWvnLyLooSygawvwKCAQAhscCNIY/bPZ6DRULS8i4G
+0f+9chMR+C5tNykaTzCUxRjObOWKu0z1JyViiafcAoV8j1e64xRxA4a8g9RrKilK
+KztCJfwIJCeHIjHi/dvIR0z1SDeNNVpFacAT+DF5G+sMqS8Mael0MnEcR2sNkw+1
+MVIO5tinKWAFM087hsSmKs/uIvdVexH2ptKKehxTFjs8ySfAMiMfqhaC2JgPCFL1
+jUpAIvs4oCx2yZKvq+TzJOq8LRHG3qSHa0BcNVPKfVkmVJRg4ETzza1/e14Re1BR
+si7RL7EtHuFiFjYiWTGueT+e0jdBS8CoafD1V/I7NPqVmGc5NeaRv4n+ESpDSX+z
+BB4CHBN2hfQxLXg+t/MNcza5M0WoAWna5JzQBAtDzIM=
+-----END PRIVATE KEY-----
+
+PrivateKey = DSA-2048-256
+-----BEGIN PRIVATE KEY-----
+MIICZQIBADCCAjoGByqGSM44BAEwggItAoIBAQDAuDj/d/t7n4013h18atbOYg4Q
+oWZPLmA7MvFABqrlv9lfa0dRGhOHyXClHh2bsNMwk3txKjTaTwjM9v80xe47y2lv
+34DPEKaWf+6HGcsu313kjIoAITO61HK0TJXjm0BV2uzZQFmvVHwEZmt7uGFcTc4t
+Vl71Z+MjhlMqpOmXIL/OBJkMOE1CXF/b6oKyXJvyZRpE4oxS+8B1l7d/N0B1XhQl
+EMToFwmvsKfeeK24wDfxasfbNbQ7Zih/5HylWtNXbvldnOf6cfPPPM6FO7HVI9R5
+llQKxFWujVrX0IOXu89xT8t+/ICKJtLKD5HzmeH1Y6LO+Qnsu5tW8IhnDHKLAiEA
+prlohsCeURHqsKcqtMElD7vg+Ati8OKgdo79/ktz9bMCggEBALC9Awm0lClgvefU
+inwV6gQppvAQttX7fUGjnrmuAXjw/pm4MBuzkR1P7vm2IY51+SopK+ZvgXXXnWGQ
+m8y3DCuoSnfE6Y+NpAfL9iJxy5W+ByvW75GW7/Lj5hR/igKKuYhfGYT/2eIGtdQ2
+C2tcWTcV7Gfk60WSw9eLUtKCUjBHaoFHFMo3MWH64Fc0xVEQ1DLgEC5Y3TLmiLBx
+VOGpp5ZFeAc52n/W4afbBcQ5ifGFPwgcS7+WdnUUs7awuCCldh74kz58kdTJAztZ
+ZjjK728BYEE4P6itUNtr3jgNzhqwTBFvOwWCQA//a7vpyqtHMzDmpcVuDx6f4iP3
+aghyxFAEIgIgK1Ct6iRtcq01mdt4EGRrkiAHBr5zTcAgbv5ZaU99pmQ=
+-----END PRIVATE KEY-----
+
+PrivateKey = DSA-3072-256
+-----BEGIN PRIVATE KEY-----
+MIIDZgIBADCCAzoGByqGSM44BAEwggMtAoIBgQCvf6pPUvu2J7j4aaGcpEkfjX7e
+DvM5qlpuf2GDwbWFQpkxeRFtmd5EFbgNvRMsLyfTA3KWd4k2nFug2Uf5kFJ0rOcI
+nToVcrPjg8onD43Rcknvmu5grsjDvCFMmWFu361LbWxZCgGCwSUv4P647kS5ccaD
+k0o4f+a8YWLahop/HowqoN8/TvC/izdN0WvRYKeegJcBzaaBKWsBS8ucu0jEh5S3
+PCAQRFoKNRPjUzjIhycIlpdmI5BG72SkvSSMef9wvGl72FN2t3v5dbWjl7QgghU5
+0BB/RlueApJgrFhadE/0ZJKSukPMbL9a0L1xZl01iJYraa76rn5weVkU8sW7BN7C
+oHTovusrls/AtEBKXKC47rNnfSc9VwfwdNBuvs33Ga872575bjOunQiXQRxuuqjq
+u3MyixPygIy+MmjhjPhnpYnb+1sytpoN1UOTi9QMHWLp2ExYvurda6n4nCjbJBcB
+DvWPyapslDP+yT/3aEH0ctqu/QMk3rPxBAzVytUCIQD/CwBYEWtyd6IoiqcWVMT5
+4k1cKfg5ZbNu7mG3iS+iSwKCAYEAm1QNpGrOS2orCVUP80KQFTQwg37tlynJjXev
+ORdBgDXpIjFcdEgsEx9cHzlOywBDQWxHLXRukvgQbx7dCq2RgEM6Fo6ngbhj87zw
+dLFdXxj/TU0fJPhj3VIF2qu5vG1SZRu4zKNZ6uoJP7R4/7o/shHOoTyCOigRew4X
+A2P9eIxpEv/KXRznxjG1IcAQJcPYBDwjE555WNHL0jzzKEyxyxmkm9ThEpleW7HU
+ij78B5O45V/AHVF7oB/L+Aqmbc2dZy8EtShsMKqSMdFWjV0BnuzsPt9KmKT+rbj6
+MpqgdaKPEsYVD4Nk6EWEyYbWmELtS9jKH5E4Z/pqFGeamsiD5Sn0ap7SGa81BtA+
+s7FMG851b2jtRw0RB4+boGx0Lt43WbytfmW445i4h/NMB0nE/pzjIIjD3URdNoaS
+2G2eZcW/aC9bKkOoAr2USSlgylPCkz2a/CAx7i925HOZ2dw9HJ940vkAoxP+nMQv
+kMzKKeM5QVgAeRwjDqRk9uCWD7VyBCMCIQDxycQrIIL4PxAoPIM7//v8mL7A3YSW
+o3mO5AXuBuEe2g==
+-----END PRIVATE KEY-----
+
+PrivateKey = DSA-3072-224
+-----BEGIN PRIVATE KEY-----
+MIIDXAIBADCCAzUGByqGSM44BAEwggMoAoIBgQDEY9anVQ8qwdz77IQx1bSmu5MI
+mP7pf9IUXbH5fZFrCjlDu34w2WvsdDRrM2/isvKb/wj+sgg5dx5bWRn/+xolwu8l
+upmD6KMJ07t9SSla155tkvS/8hU5AD8elH9vV+HlTPKRHNF1X3jFJRVay64O+vFX
+WRe7t3yBFv/VqkhnYwm5aymMK6/TXR1znJzrMNgU1Ao3unhjaFnRsldHVHjXrA4y
+rJRMsa4r5BCPQNK8iXKabAw19oiRbRvqs3YfzoR1HqZ3LGO1/p9ECoc/QW0uI1Za
+LYQli1aNtNmtYhwKvy7O8IzjrbjkDRgl/TtDmtfpDnM6FkQebgU0OxQXTOwZgtEV
+a7VY+EwG1q+Qab7uvuO2YJ7Mk2JKmu4u0Gz7tq5N+hEN4P5UMC/MUw6ftLCGN6l6
+ycEJHMgGzDsAKEJW6NcXneY3vXpdaRGnuxyUKI86wQd3Qg1Mm3H1gqtkd48owIJm
+RtE/u91T4OJOcwVm2FxDgmMsb0LwqAELL+I9RH8CHQDNAddLZ4ovSccoD+s06I+X
+d+GzJ8cNcbn4H1TVAoIBgAmwgz0CjHaacOiXcQ4GLw0kN2IpXKAXYma1vDlDcesT
+lY8dcGsX2UjuLnfegMRkb5FMGZ8TDjgDG4vLo2p1ybt7S7s0hn56bju5HZLSOmAp
+nu5M15iZxDzgVvhRkB0EG/aw5i6iq22JUA5SUAGYLemcZIuukIDu6vhTeK2125qa
+q+Uc0/kyPMOf0zABo+I2wWNmZgdq26F147Yrf06VY3ekxcER1vAUfVBHxeYPfdZR
+N8ztdzYTPtCSxyIWATUxYvWxsaxqNckjXLZp5t9L72Zc8k5swsBDIAabhJTiQrRS
+hkhD0UOCf2pUNFcHIxLqYskOycEjtmKrAYbrHZDRw5CzP5ABaDYwqgxi2ZSt/tv4
+iYUhX4tRicGeAWLM7D3LxG+P/6q7dJ/Gjjx8gmbcBJKcjVDGp/b8xn1WY83gbNEJ
+HOAqdXyxgnQL+E581jk13LixzoOboyrhryFqVoMarZOXEAQKToG24tj5DO7LmviW
+8hzXTwJmVlKblGJxVmqDuQQeAhx6PjOtN4DxhxZdoX8+lU7C6CWYvyQbJOER0XVn
+-----END PRIVATE KEY-----
+
+PrivateKey = DSA-4096-256
+-----BEGIN PRIVATE KEY-----
+MIIEZQIBADCCBDoGByqGSM44BAEwggQtAoICAQD9m23nz0MOXi3GFvuv+Qpva9Ms
+oZ/oPS1sYy/JtxvBtEjWv0b0wxtLAiASkBBhaqC1Qy+9O7dC7s5wze/0v/mAxFtF
+X18KhMWSRtgiGOWzg6Nyog+Dus224Qa6wfYC1+lcGG/TmDLSmukBrVzd/71pSOkT
+6O3v5hx1JOdJzzNPt1kjq31B1/2h9OXnARg1JDCLHP6fxRkWj2ThwU+FwlKTpo+d
+MsC0Xl93t1lBOiS5VsHLSZIeqsInEj3bWBTT6C5q0huZKBQ9iT3SwAq/gG8KL9DV
+MGSWQwAQdUpQWcv6JDwLb6h6QhHmzclDCF8JAGRzLA9kDWbmYPXQuVxj1//LuJba
+fMe6tLWBuAMeQNFuB/pro2dszbo8GDOYEaOfogG86x9hfgBoPufU0oHlfhj3nhO8
+cLYwvhRkN/ZZyTM5/1aHQNvp6S+sIGD1WFKPxMZuTH2k01I0s8ESGrlWpnPgwNQx
+iwx+dlXLFZNdDOiS+Mb9JPSuJ/xDagHmQzG0gxYiLfWQKjAMol4niB6mGIm0gEYq
+Rw9OEHE/ghzBMbr6M+BLDm7PDac5y1a3L6l9e0Yq9h+4bwqTqZIpNIsRS4A0lmXd
+IXs54dQmTwF75cMWjOAOYwxua97I4Ci3nkJWiozBugoGrKTSkeNX21uMfVJKidjd
+j79Vlz79qnMSB42sqwIhAPwv8XkIkZvnDKTTowvUy8L6V/SxF7KZFtvX5Mx4KJt7
+AoICAQDdWpUSEpBLdFiu6MzqdWnRv9pt8BEu0sC9Z+xE3VrpDKqqnK2Rhtye0yIk
+4fofLl9VF2J4P6hzDcCu8QEDj0K3dWQR+BU1WMBHMCTHrTM51XAqbjR1H3ZYWVxC
+WgWrVGQkcD55TrM2RYBKH6Wa7K9HeFVJcdHrh0AZb4lXIBZHf0+71cOfZH8w1ufl
+yKzYNMGY9+eoU3Pm0D5gBO/69uWDrK21SJMW3Fpqm4rgeHtNhR4oI6cagyo2+XfD
+e+ivCk5XKCXgImKpKDMuKhJy0K4vZFjVHeIWl2mf1zyhmCxuAcGEf9dRVKtnQQGS
+8uJGddKuda67J9vecN78H2nhsZcU9DRPzgjW+tUTwSX3ycW/hEA65kN5PUSpj8Ax
+7gZN5Jn8bGNlCgLItHQMscGDo0L47+bN8G8JguZr+hpNFKmYMpbQ15yHaRU7DR36
+Zx91SEQ1o8Kn8mNT37RBYk/vZij9P8QRnn3pen9Ha5CBNs6/8RERaUJ84kSCV0iL
+4/ed3syr8bek8a2rN6qhLZSKfYwLdiu0VaBsmJrOoE7xNgJ+f0g7aTptO1NOiwtY
+ftiDvljQGG1QhAv9i1uSmz6EPYn3VCJPadxX8mlPmpGCewk8ycOV1IFgCK86cdTl
+bDfJavyQoCWW6EF260m2+rWtl6ILGhhWIbDN5KfXBhrOPvxvHQQiAiBZM1KxUjGw
+h2C/91Z0b0Xg4QYNOtVUbfqQTJQAqEpaRg==
+-----END PRIVATE KEY-----
+
+
+Title = FIPS Tests (using different key sizes and digests)
+
+# Test sign with a 2048 bit key with N == 224 is allowed in fips mode
+DigestSign = SHA256
+Key = DSA-2048-224
+Input = "Hello"
+Output = 00
+Result = SIGNATURE_MISMATCH
+
+# Test sign with a 2048 bit key with N == 256 is allowed in fips mode
+DigestSign = SHA256
+Key = DSA-2048-256
+Input = "Hello"
+Result = SIGNATURE_MISMATCH
+
+# Test sign with a 3072 bit key with N == 256 is allowed in fips mode
+DigestSign = SHA256
+Key = DSA-3072-256
+Input = "Hello"
+Result = SIGNATURE_MISMATCH
+
+# Test sign with a 2048 bit SHA3 is allowed in fips mode
+DigestSign = SHA3-224
+Key = DSA-2048-256
+Input = "Hello"
+Result = SIGNATURE_MISMATCH
+
+# Test verify with a 1024 bit key is allowed in fips mode
+DigestVerify = SHA256
+Key = DSA-1024
+Input = "Hello "
+Output = 302c02142e32c8a5b0bd19b2ba33fd9c78aad3729dcb1b9e02142c006f7726a9d6833d414865b95167ea5f4f7713
+
+# Test verify with SHA1 is allowed in fips mode
+DigestVerify = SHA1
+Key = DSA-1024
+Input = "Hello "
+Output = 302c0214602d21ed37e46051bb3d06cc002adddeb4cdb3bd02144f39f75587b286588862d06366b2f29bddaf8cf6
+
+Title = Fips Negative Tests (using different key sizes and digests)
+
+# Test sign with a 1024 bit key is not allowed in fips mode
+Availablein = fips
+DigestSign = SHA256
+Key = DSA-1024-FIPS186-2
+Input = "Hello"
+Result = DIGESTSIGNINIT_ERROR
+
+# Test sign with SHA1 is not allowed in fips mode
+Availablein = fips
+DigestSign = SHA1
+Key = DSA-2048
+Input = "Hello"
+Result = DIGESTSIGNINIT_ERROR
+
+# Test sign with a 3072 bit key with N == 224 is not allowed in fips mode
+Availablein = fips
+DigestSign = SHA256
+Key = DSA-3072-224
+Input = "Hello"
+Result = DIGESTSIGNINIT_ERROR
+
+# Test sign with a 4096 bit key is not allowed in fips mode
+Availablein = fips
+DigestSign = SHA256
+Key = DSA-4096-256
+Input = "Hello"
+Result = DIGESTSIGNINIT_ERROR