Add support for Dual EC DRBG from SP800-90. Include updates to algorithm
[openssl.git] / fips / rand / fips_drbgvs.c
index d3b47a0..db05d40 100644 (file)
@@ -100,6 +100,27 @@ static int parse_md(char *str)
        return NID_undef;
        }
 
+static int parse_ec(char *str)
+       {
+       int curve_nid, md_nid;
+       char *md;
+       md = strchr(str, ' ');
+       if (!md)
+               return NID_undef;
+       if (!strncmp(str, "[P-256", 6))
+               curve_nid = NID_X9_62_prime256v1;
+       else if (!strncmp(str, "[P-384", 6))
+               curve_nid = NID_secp384r1;
+       else if (!strncmp(str, "[P-521", 6))
+               curve_nid = NID_secp521r1;
+       else
+               return NID_undef;
+       md_nid = parse_md(md);
+       if (md_nid == NID_undef)
+               return NID_undef;
+       return (curve_nid << 16) | md_nid;
+       }
+
 static int parse_aes(char *str, int *pdf)
        {
 
@@ -123,8 +144,6 @@ static int parse_aes(char *str, int *pdf)
                return NID_undef;
 
                }
-
-       return NID_undef;
        }
 
 typedef struct 
@@ -135,19 +154,19 @@ typedef struct
        size_t noncelen;
        } TEST_ENT;
 
-static size_t test_entropy(DRBG_CTX *dctx, unsigned char *out,
+static size_t test_entropy(DRBG_CTX *dctx, unsigned char **pout,
                                 int entropy, size_t min_len, size_t max_len)
        {
        TEST_ENT *t = FIPS_drbg_get_app_data(dctx);
-       memcpy(out, t->ent, t->entlen);
+       *pout = (unsigned char *)t->ent;
        return t->entlen;
        }
 
-static size_t test_nonce(DRBG_CTX *dctx, unsigned char *out,
+static size_t test_nonce(DRBG_CTX *dctx, unsigned char **pout,
                                 int entropy, size_t min_len, size_t max_len)
        {
        TEST_ENT *t = FIPS_drbg_get_app_data(dctx);
-       memcpy(out, t->nonce, t->noncelen);
+       *pout = (unsigned char *)t->nonce;
        return t->noncelen;
        }
 
@@ -168,6 +187,9 @@ int main(int argc,char **argv)
        long entlen, noncelen, perslen, adinlen;
        int df = 0;
 
+       enum dtype { DRBG_NONE, DRBG_CTR, DRBG_HASH, DRBG_HMAC, DRBG_DUAL_EC }
+               drbg_type = DRBG_NONE;
+
        int randoutlen = 0;
 
        int gen = 0;
@@ -203,11 +225,52 @@ int main(int argc,char **argv)
        while (fgets(buf, sizeof(buf), in) != NULL)
                {
                fputs(buf, out);
+               if (drbg_type == DRBG_NONE)
+                       {
+                       if (strstr(buf, "CTR_DRBG"))
+                               drbg_type = DRBG_CTR;
+                       else if (strstr(buf, "Hash_DRBG"))
+                               drbg_type = DRBG_HASH;
+                       else if (strstr(buf, "HMAC_DRBG"))
+                               drbg_type = DRBG_HMAC;
+                       else if (strstr(buf, "Dual_EC_DRBG"))
+                               drbg_type = DRBG_DUAL_EC;
+                       else
+                               continue;
+                       }
                if (strlen(buf) > 4 && !strncmp(buf, "[SHA-", 5))
                        {
                        nid = parse_md(buf);
                        if (nid == NID_undef)
                                exit(1);
+                       if (drbg_type == DRBG_HMAC)
+                               {
+                               switch (nid)
+                                       {
+                                       case NID_sha1:
+                                       nid = NID_hmacWithSHA1;
+                                       break;
+
+                                       case NID_sha224:
+                                       nid = NID_hmacWithSHA224;
+                                       break;
+
+                                       case NID_sha256:
+                                       nid = NID_hmacWithSHA256;
+                                       break;
+
+                                       case NID_sha384:
+                                       nid = NID_hmacWithSHA384;
+                                       break;
+
+                                       case NID_sha512:
+                                       nid = NID_hmacWithSHA512;
+                                       break;
+
+                                       default:
+                                       exit(1);
+                                       }
+                               }
                        }
                if (strlen(buf) > 12 && !strncmp(buf, "[AES-", 5))
                        {
@@ -215,6 +278,12 @@ int main(int argc,char **argv)
                        if (nid == NID_undef)
                                exit(1);
                        }
+               if (strlen(buf) > 12 && !strncmp(buf, "[P-", 3))
+                       {
+                       nid = parse_ec(buf);
+                       if (nid == NID_undef)
+                               exit(1);
+                       }
                if (!parse_line(&keyword, &value, lbuf, buf))
                        continue;
 
@@ -248,7 +317,8 @@ int main(int argc,char **argv)
                        dctx = FIPS_drbg_new(nid, df | DRBG_FLAG_TEST);
                        if (!dctx)
                                exit (1);
-                       FIPS_drbg_set_callbacks(dctx, test_entropy, test_nonce);
+                       FIPS_drbg_set_callbacks(dctx, test_entropy, 0, 0,
+                                                       test_nonce, 0);
                        FIPS_drbg_set_app_data(dctx, &t);
                        randoutlen = (int)FIPS_drbg_get_blocklength(dctx);
                        r = FIPS_drbg_instantiate(dctx, pers, perslen);