U.S.A.
----------------------------------------------*/
-#define OPENSSL_FIPSEVP
+#define OPENSSL_FIPSAPI
#include <stdio.h>
#include <stdlib.h>
}
}
- else if (strncasecmp(amode, "OFB", 3) == 0)
+ else if (fips_strncasecmp(amode, "OFB", 3) == 0)
{
switch (akeysz)
{
printf("Invalid key size: %d\n", akeysz);
return 0;
}
- if (EVP_CipherInit_ex(ctx, cipher, NULL, aKey, iVec, dir) <= 0)
+ if (FIPS_cipherinit(ctx, cipher, aKey, iVec, dir) <= 0)
return 0;
if(!strcasecmp(amode,"CFB1"))
M_EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS);
if (dir)
- EVP_Cipher(ctx, ciphertext, plaintext, len);
+ FIPS_cipher(ctx, ciphertext, plaintext, len);
else
- EVP_Cipher(ctx, plaintext, ciphertext, len);
+ FIPS_cipher(ctx, plaintext, ciphertext, len);
return 1;
}
int i, j, n, n1, n2;
int imode = 0, nkeysz = akeysz/8;
EVP_CIPHER_CTX ctx;
- EVP_CIPHER_CTX_init(&ctx);
+ FIPS_cipher_ctx_init(&ctx);
if (len > 32)
{
/* printf("Iteration %d\n", i); */
if (i > 0)
{
- fprintf(rfp,"COUNT = %d\n",i);
+ fprintf(rfp,"COUNT = %d" RESP_EOL ,i);
OutputValue("KEY",key[i],nkeysz,rfp,0);
if (imode != ECB) /* ECB */
OutputValue("IV",iv[i],AES_BLOCK_SIZE,rfp,0);
{
if (dir == XENCRYPT)
{
- EVP_Cipher(&ctx, ctext[j], ptext[j], len);
+ FIPS_cipher(&ctx, ctext[j], ptext[j], len);
memcpy(ptext[j+1], ctext[j], len);
}
else
{
- EVP_Cipher(&ctx, ptext[j], ctext[j], len);
+ FIPS_cipher(&ctx, ptext[j], ctext[j], len);
memcpy(ctext[j+1], ptext[j], len);
}
}
{
if (dir == XENCRYPT)
{
- EVP_Cipher(&ctx, ctext[j], ptext[j], len);
+ FIPS_cipher(&ctx, ctext[j], ptext[j], len);
memcpy(ptext[j+1], ctext[j-1], len);
}
else
{
- EVP_Cipher(&ctx, ptext[j], ctext[j], len);
+ FIPS_cipher(&ctx, ptext[j], ctext[j], len);
memcpy(ctext[j+1], ptext[j-1], len);
}
}
else
{
if (dir == XENCRYPT)
- EVP_Cipher(&ctx, ctext[j], ptext[j], len);
+ FIPS_cipher(&ctx, ctext[j], ptext[j], len);
else
- EVP_Cipher(&ctx, ptext[j], ctext[j], len);
+ FIPS_cipher(&ctx, ptext[j], ctext[j], len);
}
if (dir == XENCRYPT)
{
else
{
if (dir == XENCRYPT)
- EVP_Cipher(&ctx, ctext[j], ptext[j], len);
+ FIPS_cipher(&ctx, ctext[j], ptext[j], len);
else
- EVP_Cipher(&ctx, ptext[j], ctext[j], len);
+ FIPS_cipher(&ctx, ptext[j], ctext[j], len);
}
if(dir == XENCRYPT)
/* Output Ciphertext | Plaintext */
OutputValue(t_tag[dir],dir ? ctext[j] : ptext[j],len,rfp,
imode == CFB1);
- fprintf(rfp, "\n"); /* add separator */
+ fprintf(rfp, RESP_EOL); /* add separator */
/* Compute next KEY */
if (dir == XENCRYPT)
}
}
}
-
+ FIPS_cipher_ctx_cleanup(&ctx);
return ret;
}
FILE *afp = NULL, *rfp = NULL;
char ibuf[2048];
char tbuf[2048];
- int ilen, len, ret = 0;
+ int len;
char algo[8] = "";
char amode[8] = "";
char atest[8] = "";
unsigned char ciphertext[2048];
char *rp;
EVP_CIPHER_CTX ctx;
- EVP_CIPHER_CTX_init(&ctx);
+ FIPS_cipher_ctx_init(&ctx);
if (!rqfile || !(*rqfile))
{
while (!err && (fgets(ibuf, sizeof(ibuf), afp)) != NULL)
{
tidy_line(tbuf, ibuf);
- ilen = strlen(ibuf);
/* printf("step=%d ibuf=%s",step,ibuf); */
switch (step)
{
}
else
{
- fputs(ibuf, rfp);
+ copy_line(ibuf, rfp);
++ step;
}
}
if (akeysz)
{ /* insert current time & date */
time_t rtim = time(0);
- fprintf(rfp, "# %s", ctime(&rtim));
+ fputs("# ", rfp);
+ copy_line(ctime(&rtim), rfp);
}
else
{
- fputs(ibuf, rfp);
+ copy_line(ibuf, rfp);
if (strncmp(pp, "AESVS ", 6) == 0)
{
strcpy(algo, "AES");
if (VERBOSE)
printf("Test = %s, Mode = %s\n", atest, amode);
}
- else if (strncasecmp(pp, "Key Length : ", 13) == 0)
+ else if (fips_strncasecmp(pp, "Key Length : ", 13) == 0)
{
akeysz = atoi(pp+13);
if (VERBOSE)
case 1: /* [ENCRYPT] | [DECRYPT] */
if (ibuf[0] == '[')
{
- fputs(ibuf, rfp);
+ copy_line(ibuf, rfp);
++step;
- if (strncasecmp(ibuf, "[ENCRYPT]", 9) == 0)
+ if (fips_strncasecmp(ibuf, "[ENCRYPT]", 9) == 0)
dir = 1;
- else if (strncasecmp(ibuf, "[DECRYPT]", 9) == 0)
+ else if (fips_strncasecmp(ibuf, "[DECRYPT]", 9) == 0)
dir = 0;
else
{
step = 2;
case 2: /* KEY = xxxx */
- fputs(ibuf, rfp);
+ copy_line(ibuf, rfp);
if(*ibuf == '\n')
break;
- if(!strncasecmp(ibuf,"COUNT = ",8))
+ if(!fips_strncasecmp(ibuf,"COUNT = ",8))
break;
- if (strncasecmp(ibuf, "KEY = ", 6) != 0)
+ if (fips_strncasecmp(ibuf, "KEY = ", 6) != 0)
{
printf("Missing KEY\n");
err = 1;
break;
case 3: /* IV = xxxx */
- fputs(ibuf, rfp);
- if (strncasecmp(ibuf, "IV = ", 5) != 0)
+ copy_line(ibuf, rfp);
+ if (fips_strncasecmp(ibuf, "IV = ", 5) != 0)
{
printf("Missing IV\n");
err = 1;
break;
case 4: /* PLAINTEXT = xxxx */
- fputs(ibuf, rfp);
- if (strncasecmp(ibuf, "PLAINTEXT = ", 12) != 0)
+ copy_line(ibuf, rfp);
+ if (fips_strncasecmp(ibuf, "PLAINTEXT = ", 12) != 0)
{
printf("Missing PLAINTEXT\n");
err = 1;
if(do_mct(amode, akeysz, aKey, iVec,
dir, (unsigned char*)plaintext, len,
rfp) < 0)
- EXIT(1);
+ err = 1;
}
else
{
- ret = AESTest(&ctx, amode, akeysz, aKey, iVec,
+ AESTest(&ctx, amode, akeysz, aKey, iVec,
dir, /* 0 = decrypt, 1 = encrypt */
plaintext, ciphertext, len);
OutputValue("CIPHERTEXT",ciphertext,len,rfp,
break;
case 5: /* CIPHERTEXT = xxxx */
- fputs(ibuf, rfp);
- if (strncasecmp(ibuf, "CIPHERTEXT = ", 13) != 0)
+ copy_line(ibuf, rfp);
+ if (fips_strncasecmp(ibuf, "CIPHERTEXT = ", 13) != 0)
{
printf("Missing KEY\n");
err = 1;
}
else
{
- ret = AESTest(&ctx, amode, akeysz, aKey, iVec,
+ AESTest(&ctx, amode, akeysz, aKey, iVec,
dir, /* 0 = decrypt, 1 = encrypt */
plaintext, ciphertext, len);
OutputValue("PLAINTEXT",(unsigned char *)plaintext,len,rfp,
}
else if (strcmp(atest, "MCT") != 0)
{ /* MCT already added terminating nl */
- fputs(ibuf, rfp);
+ copy_line(ibuf, rfp);
}
step = 1;
break;
fclose(rfp);
if (afp)
fclose(afp);
+ FIPS_cipher_ctx_cleanup(&ctx);
return err;
}
aes_test -d xxxxx.xxx
The default is: -d req.txt
--------------------------------------------------*/
+#ifdef FIPS_ALGVS
+int fips_aesavs_main(int argc, char **argv)
+#else
int main(int argc, char **argv)
+#endif
{
char *rqlist = "req.txt", *rspfile = NULL;
FILE *fp = NULL;
char fn[250] = "", rfn[256] = "";
- int f_opt = 0, d_opt = 1;
- fips_set_error_print();
+ int d_opt = 1;
+ fips_algtest_init();
-#ifdef OPENSSL_FIPS
- if(!FIPS_mode_set(1))
- EXIT(1);
-#endif
if (argc > 1)
{
if (strcasecmp(argv[1], "-d") == 0)
}
else if (strcasecmp(argv[1], "-f") == 0)
{
- f_opt = 1;
d_opt = 0;
}
else
if (proc_file(rfn, rspfile))
{
printf(">>> Processing failed for: %s <<<\n", rfn);
- EXIT(1);
+ return 1;
}
}
fclose(fp);
printf(">>> Processing failed for: %s <<<\n", fn);
}
}
- EXIT(0);
return 0;
}