*
*/
+#define OPENSSL_FIPSAPI
+
+#include <openssl/fips_rand.h>
+#include <openssl/objects.h>
+
int hex2bin(const char *in, unsigned char *out);
unsigned char *hex2bin_m(const char *in, long *plen);
int do_hex2bn(BIGNUM **pr, const char *in);
-int do_bn_print(FILE *out, BIGNUM *bn);
-int do_bn_print_name(FILE *out, const char *name, BIGNUM *bn);
+int do_bn_print(FILE *out, const BIGNUM *bn);
+int do_bn_print_name(FILE *out, const char *name, const BIGNUM *bn);
int parse_line(char **pkw, char **pval, char *linebuf, char *olinebuf);
BIGNUM *hex2bn(const char *in);
int bin2hex(const unsigned char *in,int len,char *out);
int bin2bint(const unsigned char *in,int len,char *out);
void PrintValue(char *tag, unsigned char *val, int len);
void OutputValue(char *tag, unsigned char *val, int len, FILE *rfp,int bitmode);
+void fips_algtest_init(void);
static int no_err;
{
if (no_err)
return;
- fprintf(stderr, "ERROR:lib=%d,func=%d,reason=%d"
+ fprintf(stderr, "ERROR:%08lX:lib=%d,func=%d,reason=%d"
":file=%s:line=%d\n",
+ ERR_PACK(lib, func, reason),
lib, func, reason, file, line);
}
fputs("\n", stderr);
}
-static void fips_set_error_print(void)
+/* Dummy Entropy to keep DRBG happy. WARNING: THIS IS TOTALLY BOGUS
+ * HAS ZERO SECURITY AND MUST NOT BE USED IN REAL APPLICATIONS.
+ */
+
+static unsigned char dummy_entropy[1024];
+
+static size_t dummy_cb(DRBG_CTX *ctx, unsigned char **pout,
+ int entropy, size_t min_len, size_t max_len)
+ {
+ *pout = dummy_entropy;
+ return min_len;
+ }
+
+static void fips_algtest_init_nofips(void)
{
+ DRBG_CTX *ctx;
FIPS_set_error_callbacks(put_err_cb, add_err_cb);
+ OPENSSL_cleanse(dummy_entropy, 1024);
+ ctx = FIPS_get_default_drbg();
+ FIPS_drbg_init(ctx, NID_aes_256_ctr, DRBG_FLAG_CTR_USE_DF);
+ FIPS_drbg_set_callbacks(ctx, dummy_cb, 0, dummy_cb, 0);
+ FIPS_drbg_instantiate(ctx, dummy_entropy, 10);
+ }
+
+void fips_algtest_init(void)
+ {
+ fips_algtest_init_nofips();
+ if (!FIPS_mode_set(1))
+ {
+ fprintf(stderr, "Error entering FIPS mode\n");
+ exit(1);
+ }
}
int hex2bin(const char *in, unsigned char *out)
{
- int n1, n2;
+ int n1, n2, isodd = 0;
unsigned char ch;
+ n1 = strlen(in);
+ if (in[n1 - 1] == '\n')
+ n1--;
+
+ if (n1 & 1)
+ isodd = 1;
+
for (n1=0,n2=0 ; in[n1] && in[n1] != '\n' ; )
{ /* first byte */
if ((in[n1] >= '0') && (in[n1] <= '9'))
out[n2++]=ch;
break;
}
+ /* If input is odd length first digit is least significant: assumes
+ * all digits valid hex and null terminated which is true for the
+ * strings we pass.
+ */
+ if (n1 == 1 && isodd)
+ {
+ out[n2++] = ch;
+ continue;
+ }
out[n2] = ch << 4;
/* second byte */
if ((in[n1] >= '0') && (in[n1] <= '9'))
unsigned char *hex2bin_m(const char *in, long *plen)
{
unsigned char *p;
+ if (strlen(in) == 0)
+ {
+ *plen = 0;
+ return OPENSSL_malloc(1);
+ }
p = OPENSSL_malloc((strlen(in) + 1)/2);
*plen = hex2bin(in, p);
return p;
return r;
}
-int do_bn_print(FILE *out, BIGNUM *bn)
+int do_bn_print(FILE *out, const BIGNUM *bn)
{
int len, i;
unsigned char *tmp;
return 1;
}
-int do_bn_print_name(FILE *out, const char *name, BIGNUM *bn)
+int do_bn_print_name(FILE *out, const char *name, const BIGNUM *bn)
{
int r;
fprintf(out, "%s = ", name);