/* Standard encodings including NULL parameter */
+__fips_constseg
static const unsigned char sha1_bin[] = {
0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05,
0x00, 0x04, 0x14
};
+__fips_constseg
static const unsigned char sha224_bin[] = {
0x30, 0x2d, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
0x04, 0x02, 0x04, 0x05, 0x00, 0x04, 0x1c
};
+__fips_constseg
static const unsigned char sha256_bin[] = {
0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20
};
+__fips_constseg
static const unsigned char sha384_bin[] = {
0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
0x04, 0x02, 0x02, 0x05, 0x00, 0x04, 0x30
};
+__fips_constseg
static const unsigned char sha512_bin[] = {
0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40
* using this format but do tolerate received signatures of this form.
*/
-static unsigned char sha1_nn_bin[] = {
+__fips_constseg
+static const unsigned char sha1_nn_bin[] = {
0x30, 0x1f, 0x30, 0x07, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x04,
0x14
};
-static unsigned char sha224_nn_bin[] = {
+__fips_constseg
+static const unsigned char sha224_nn_bin[] = {
0x30, 0x2b, 0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
0x04, 0x02, 0x04, 0x04, 0x1c
};
-static unsigned char sha256_nn_bin[] = {
+__fips_constseg
+static const unsigned char sha256_nn_bin[] = {
0x30, 0x2f, 0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
0x04, 0x02, 0x01, 0x04, 0x20
};
-static unsigned char sha384_nn_bin[] = {
+__fips_constseg
+static const unsigned char sha384_nn_bin[] = {
0x30, 0x3f, 0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
0x04, 0x02, 0x02, 0x04, 0x30
};
-static unsigned char sha512_nn_bin[] = {
+__fips_constseg
+static const unsigned char sha512_nn_bin[] = {
0x30, 0x4f, 0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
0x04, 0x02, 0x03, 0x04, 0x40
};
/* Largest DigestInfo: 19 (max encoding) + max MD */
unsigned char tmpdinfo[19 + EVP_MAX_MD_SIZE];
- FIPS_selftest_check();
-
- md_type = M_EVP_MD_type(mhash);
+ if (FIPS_selftest_failed())
+ {
+ FIPSerr(FIPS_F_FIPS_RSA_SIGN_DIGEST, FIPS_R_SELFTEST_FAILED);
+ return 0;
+ }
+ if (!mhash && rsa_pad_mode == RSA_PKCS1_PADDING)
+ md_type = saltlen;
+ else
+ md_type = M_EVP_MD_type(mhash);
if (rsa_pad_mode == RSA_X931_PADDING)
{
int FIPS_rsa_verify_ctx(RSA *rsa, EVP_MD_CTX *ctx,
int rsa_pad_mode, int saltlen, const EVP_MD *mgf1Hash,
- unsigned char *sigbuf, unsigned int siglen)
+ const unsigned char *sigbuf, unsigned int siglen)
{
unsigned int md_len, rv;
unsigned char md[EVP_MAX_MD_SIZE];
int FIPS_rsa_verify_digest(RSA *rsa, const unsigned char *dig, int diglen,
const EVP_MD *mhash, int rsa_pad_mode, int saltlen,
const EVP_MD *mgf1Hash,
- unsigned char *sigbuf, unsigned int siglen)
+ const unsigned char *sigbuf, unsigned int siglen)
{
int i,ret=0;
unsigned int dlen;
int md_type;
int rsa_dec_pad_mode;
+ if (FIPS_selftest_failed())
+ {
+ FIPSerr(FIPS_F_FIPS_RSA_VERIFY_DIGEST, FIPS_R_SELFTEST_FAILED);
+ return 0;
+ }
+
if (siglen != (unsigned int)RSA_size(rsa))
{
RSAerr(RSA_F_FIPS_RSA_VERIFY_DIGEST,RSA_R_WRONG_SIGNATURE_LENGTH);
return(0);
}
- FIPS_selftest_check();
-
- md_type = M_EVP_MD_type(mhash);
+ if (!mhash && rsa_pad_mode == RSA_PKCS1_PADDING)
+ md_type = saltlen;
+ else
+ md_type = M_EVP_MD_type(mhash);
s= OPENSSL_malloc((unsigned int)siglen);
if (s == NULL)
return(ret);
}
+int FIPS_rsa_sign(RSA *rsa, const unsigned char *msg, int msglen,
+ const EVP_MD *mhash, int rsa_pad_mode, int saltlen,
+ const EVP_MD *mgf1Hash,
+ unsigned char *sigret, unsigned int *siglen)
+ {
+ unsigned int md_len, rv;
+ unsigned char md[EVP_MAX_MD_SIZE];
+ FIPS_digest(msg, msglen, md, &md_len, mhash);
+ rv = FIPS_rsa_sign_digest(rsa, md, md_len, mhash, rsa_pad_mode,
+ saltlen, mgf1Hash, sigret, siglen);
+ OPENSSL_cleanse(md, md_len);
+ return rv;
+ }
+
+
+int FIPS_rsa_verify(RSA *rsa, const unsigned char *msg, int msglen,
+ const EVP_MD *mhash, int rsa_pad_mode, int saltlen,
+ const EVP_MD *mgf1Hash,
+ const unsigned char *sigbuf, unsigned int siglen)
+ {
+ unsigned int md_len, rv;
+ unsigned char md[EVP_MAX_MD_SIZE];
+ FIPS_digest(msg, msglen, md, &md_len, mhash);
+ rv = FIPS_rsa_verify_digest(rsa, md, md_len, mhash, rsa_pad_mode,
+ saltlen, mgf1Hash, sigbuf, siglen);
+ OPENSSL_cleanse(md, md_len);
+ return rv;
+ }
+
#endif