Add support for Dual EC DRBG from SP800-90. Include updates to algorithm
[openssl.git] / fips / rand / fips_drbgvs.c
index 3259250..db05d40 100644 (file)
@@ -60,7 +60,7 @@
 
 int main(int argc, char **argv)
 {
-    printf("No FIPS GCM support\n");
+    printf("No FIPS DRBG support\n");
     return(0);
 }
 #else
@@ -100,6 +100,27 @@ static int parse_md(char *str)
        return NID_undef;
        }
 
+static int parse_ec(char *str)
+       {
+       int curve_nid, md_nid;
+       char *md;
+       md = strchr(str, ' ');
+       if (!md)
+               return NID_undef;
+       if (!strncmp(str, "[P-256", 6))
+               curve_nid = NID_X9_62_prime256v1;
+       else if (!strncmp(str, "[P-384", 6))
+               curve_nid = NID_secp384r1;
+       else if (!strncmp(str, "[P-521", 6))
+               curve_nid = NID_secp521r1;
+       else
+               return NID_undef;
+       md_nid = parse_md(md);
+       if (md_nid == NID_undef)
+               return NID_undef;
+       return (curve_nid << 16) | md_nid;
+       }
+
 static int parse_aes(char *str, int *pdf)
        {
 
@@ -123,8 +144,6 @@ static int parse_aes(char *str, int *pdf)
                return NID_undef;
 
                }
-
-       return NID_undef;
        }
 
 typedef struct 
@@ -135,19 +154,19 @@ typedef struct
        size_t noncelen;
        } TEST_ENT;
 
-static size_t test_entropy(DRBG_CTX *dctx, unsigned char *out,
+static size_t test_entropy(DRBG_CTX *dctx, unsigned char **pout,
                                 int entropy, size_t min_len, size_t max_len)
        {
        TEST_ENT *t = FIPS_drbg_get_app_data(dctx);
-       memcpy(out, t->ent, t->entlen);
+       *pout = (unsigned char *)t->ent;
        return t->entlen;
        }
 
-static size_t test_nonce(DRBG_CTX *dctx, unsigned char *out,
+static size_t test_nonce(DRBG_CTX *dctx, unsigned char **pout,
                                 int entropy, size_t min_len, size_t max_len)
        {
        TEST_ENT *t = FIPS_drbg_get_app_data(dctx);
-       memcpy(out, t->nonce, t->noncelen);
+       *pout = (unsigned char *)t->nonce;
        return t->noncelen;
        }
 
@@ -155,32 +174,103 @@ static size_t test_nonce(DRBG_CTX *dctx, unsigned char *out,
 
 int main(int argc,char **argv)
        {
-       DRBG_CTX *dctx;
+       FILE *in, *out;
+       DRBG_CTX *dctx = NULL;
        TEST_ENT t;
-       int r, nid;
+       int r, nid = 0;
        int pr = 0;
        char buf[2048], lbuf[2048];
-       unsigned char out[2048];
+       unsigned char randout[2048];
        char *keyword = NULL, *value = NULL;
 
        unsigned char *ent = NULL, *nonce = NULL, *pers = NULL, *adin = NULL;
        long entlen, noncelen, perslen, adinlen;
-       int df;
+       int df = 0;
 
-       int outlen = 0;
+       enum dtype { DRBG_NONE, DRBG_CTR, DRBG_HASH, DRBG_HMAC, DRBG_DUAL_EC }
+               drbg_type = DRBG_NONE;
+
+       int randoutlen = 0;
 
        int gen = 0;
 
-       fips_set_error_print();
-       
-       while (fgets(buf, sizeof(buf), stdin) != NULL)
+       fips_algtest_init();
+
+       if (argc == 3)
                {
-               fputs(buf, stdout);
+               in = fopen(argv[1], "r");
+               if (!in)
+                       {
+                       fprintf(stderr, "Error opening input file\n");
+                       exit(1);
+                       }
+               out = fopen(argv[2], "w");
+               if (!out)
+                       {
+                       fprintf(stderr, "Error opening output file\n");
+                       exit(1);
+                       }
+               }
+       else if (argc == 1)
+               {
+               in = stdin;
+               out = stdout;
+               }
+       else
+               {
+               fprintf(stderr,"%s (infile outfile)\n",argv[0]);
+               exit(1);
+               }
+
+       while (fgets(buf, sizeof(buf), in) != NULL)
+               {
+               fputs(buf, out);
+               if (drbg_type == DRBG_NONE)
+                       {
+                       if (strstr(buf, "CTR_DRBG"))
+                               drbg_type = DRBG_CTR;
+                       else if (strstr(buf, "Hash_DRBG"))
+                               drbg_type = DRBG_HASH;
+                       else if (strstr(buf, "HMAC_DRBG"))
+                               drbg_type = DRBG_HMAC;
+                       else if (strstr(buf, "Dual_EC_DRBG"))
+                               drbg_type = DRBG_DUAL_EC;
+                       else
+                               continue;
+                       }
                if (strlen(buf) > 4 && !strncmp(buf, "[SHA-", 5))
                        {
                        nid = parse_md(buf);
                        if (nid == NID_undef)
                                exit(1);
+                       if (drbg_type == DRBG_HMAC)
+                               {
+                               switch (nid)
+                                       {
+                                       case NID_sha1:
+                                       nid = NID_hmacWithSHA1;
+                                       break;
+
+                                       case NID_sha224:
+                                       nid = NID_hmacWithSHA224;
+                                       break;
+
+                                       case NID_sha256:
+                                       nid = NID_hmacWithSHA256;
+                                       break;
+
+                                       case NID_sha384:
+                                       nid = NID_hmacWithSHA384;
+                                       break;
+
+                                       case NID_sha512:
+                                       nid = NID_hmacWithSHA512;
+                                       break;
+
+                                       default:
+                                       exit(1);
+                                       }
+                               }
                        }
                if (strlen(buf) > 12 && !strncmp(buf, "[AES-", 5))
                        {
@@ -188,6 +278,12 @@ int main(int argc,char **argv)
                        if (nid == NID_undef)
                                exit(1);
                        }
+               if (strlen(buf) > 12 && !strncmp(buf, "[P-", 3))
+                       {
+                       nid = parse_ec(buf);
+                       if (nid == NID_undef)
+                               exit(1);
+                       }
                if (!parse_line(&keyword, &value, lbuf, buf))
                        continue;
 
@@ -218,13 +314,14 @@ int main(int argc,char **argv)
                if (!strcmp(keyword, "PersonalizationString"))
                        {
                        pers = hex2bin_m(value, &perslen);
-                       dctx = FIPS_drbg_new(nid, df);
+                       dctx = FIPS_drbg_new(nid, df | DRBG_FLAG_TEST);
                        if (!dctx)
                                exit (1);
-                       FIPS_drbg_set_test_mode(dctx, test_entropy, test_nonce);
+                       FIPS_drbg_set_callbacks(dctx, test_entropy, 0, 0,
+                                                       test_nonce, 0);
                        FIPS_drbg_set_app_data(dctx, &t);
-                       outlen = (int)FIPS_drbg_get_blocklength(dctx);
-                       r = FIPS_drbg_instantiate(dctx, 0, pers, perslen);
+                       randoutlen = (int)FIPS_drbg_get_blocklength(dctx);
+                       r = FIPS_drbg_instantiate(dctx, pers, perslen);
                        if (!r)
                                {
                                fprintf(stderr, "Error instantiating DRBG\n");
@@ -242,7 +339,7 @@ int main(int argc,char **argv)
                        adin = hex2bin_m(value, &adinlen);
                        if (pr)
                                continue;
-                       r = FIPS_drbg_generate(dctx, out, outlen, 0,
+                       r = FIPS_drbg_generate(dctx, randout, randoutlen, 0, 0,
                                                                adin, adinlen);
                        if (!r)
                                {
@@ -263,8 +360,9 @@ int main(int argc,char **argv)
                                ent = hex2bin_m(value, &entlen);
                                t.ent = ent;
                                t.entlen = entlen;
-                               r = FIPS_drbg_generate(dctx, out, outlen, 1,
-                                                       adin, adinlen);
+                               r = FIPS_drbg_generate(dctx,
+                                                       randout, randoutlen,
+                                                       0, 1, adin, adinlen);
                                if (!r)
                                        {
                                        fprintf(stderr,
@@ -293,7 +391,8 @@ int main(int argc,char **argv)
                        }
                if (gen == 2)
                        {
-                       OutputValue("ReturnedBits", out, outlen, stdout, 0);
+                       OutputValue("ReturnedBits", randout, randoutlen,
+                                                                       out, 0);
                        FIPS_drbg_free(dctx);
                        dctx = NULL;
                        gen = 0;