X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=fips%2Ffips_test_suite.c;h=447d1088bd8aea74d9e93d7ca8c0b9daecbee616;hp=1d88b0d00c8b8382bfd479dd8e3510deae14111b;hb=4420b3b17acf19f78f4fdea1a69d5f0a644c8154;hpb=947ff113d29ec9755d4e1fd60bfb67674872f23d diff --git a/fips/fips_test_suite.c b/fips/fips_test_suite.c index 1d88b0d00c..447d1088bd 100644 --- a/fips/fips_test_suite.c +++ b/fips/fips_test_suite.c @@ -21,6 +21,7 @@ #include #include #include +#include #include #include @@ -42,6 +43,7 @@ int main(int argc, char *argv[]) #include #include +#include #include "fips_utl.h" /* AES: encrypt and decrypt known plaintext, verify result matches original plaintext @@ -394,6 +396,209 @@ static int FIPS_hmac_sha512_test() return 1; } +/* CMAC-AES128: generate hash of known digest value and compare to known + precomputed correct hash +*/ +static int FIPS_cmac_aes128_test() + { + unsigned char key[16] = { 0x2b,0x7e,0x15,0x16, 0x28,0xae,0xd2,0xa6, + 0xab,0xf7,0x15,0x88, 0x09,0xcf,0x4f,0x3c, }; + unsigned char data[] = "Sample text"; + unsigned char kaval[EVP_MAX_MD_SIZE] = + { 0x16,0x83,0xfe,0xac, 0x52,0x9b,0xae,0x23, + 0xd7,0xd5,0x66,0xf5, 0xd2,0x8d,0xbd,0x2a, }; + + unsigned char *out = NULL; + size_t outlen; + CMAC_CTX *ctx = CMAC_CTX_new(); + int r = 0; + + ERR_clear_error(); + + if (!ctx) + goto end; + if (!CMAC_Init(ctx,key,sizeof(key),EVP_aes_128_cbc(),NULL)) + goto end; + if (!CMAC_Update(ctx,data,sizeof(data)-1)) + goto end; + /* This should return 1. If not, there's a programming error... */ + if (!CMAC_Final(ctx, out, &outlen)) + goto end; + out = OPENSSL_malloc(outlen); + if (!CMAC_Final(ctx, out, &outlen)) + goto end; +#if 0 + { + char *hexout = OPENSSL_malloc(outlen * 2 + 1); + bin2hex(out, outlen, hexout); + printf("CMAC-AES128: res = %s\n", hexout); + OPENSSL_free(hexout); + } + r = 1; +#else + if (!memcmp(out,kaval,outlen)) + r = 1; +#endif + end: + CMAC_CTX_free(ctx); + if (out) + OPENSSL_free(out); + return r; + } + +/* CMAC-AES192: generate hash of known digest value and compare to known + precomputed correct hash +*/ +static int FIPS_cmac_aes192_test() + { + unsigned char key[] = { 0x8e,0x73,0xb0,0xf7, 0xda,0x0e,0x64,0x52, + 0xc8,0x10,0xf3,0x2b, 0x80,0x90,0x79,0xe5, + 0x62,0xf8,0xea,0xd2, 0x52,0x2c,0x6b,0x7b, }; + unsigned char data[] = "Sample text"; + unsigned char kaval[] = + { 0xd6,0x99,0x19,0x25, 0xe5,0x1d,0x95,0x48, + 0xb1,0x4a,0x0b,0xf2, 0xc6,0x3c,0x47,0x1f, }; + + unsigned char *out = NULL; + size_t outlen; + CMAC_CTX *ctx = CMAC_CTX_new(); + int r = 0; + + ERR_clear_error(); + + if (!ctx) + goto end; + if (!CMAC_Init(ctx,key,sizeof(key),EVP_aes_192_cbc(),NULL)) + goto end; + if (!CMAC_Update(ctx,data,sizeof(data)-1)) + goto end; + /* This should return 1. If not, there's a programming error... */ + if (!CMAC_Final(ctx, out, &outlen)) + goto end; + out = OPENSSL_malloc(outlen); + if (!CMAC_Final(ctx, out, &outlen)) + goto end; +#if 0 + { + char *hexout = OPENSSL_malloc(outlen * 2 + 1); + bin2hex(out, outlen, hexout); + printf("CMAC-AES192: res = %s\n", hexout); + OPENSSL_free(hexout); + } + r = 1; +#else + if (!memcmp(out,kaval,outlen)) + r = 1; +#endif + end: + CMAC_CTX_free(ctx); + if (out) + OPENSSL_free(out); + return r; + } + +/* CMAC-AES256: generate hash of known digest value and compare to known + precomputed correct hash +*/ +static int FIPS_cmac_aes256_test() + { + unsigned char key[] = { 0x60,0x3d,0xeb,0x10, 0x15,0xca,0x71,0xbe, + 0x2b,0x73,0xae,0xf0, 0x85,0x7d,0x77,0x81, + 0x1f,0x35,0x2c,0x07, 0x3b,0x61,0x08,0xd7, + 0x2d,0x98,0x10,0xa3, 0x09,0x14,0xdf,0xf4, }; + unsigned char data[] = "Sample text"; + unsigned char kaval[] = + { 0xec,0xc2,0xcf,0x63, 0xc7,0xce,0xfc,0xa4, + 0xb0,0x86,0x37,0x5f, 0x15,0x60,0xba,0x1f, }; + + unsigned char *out = NULL; + size_t outlen; + CMAC_CTX *ctx = CMAC_CTX_new(); + int r = 0; + + ERR_clear_error(); + + if (!ctx) + goto end; + if (!CMAC_Init(ctx,key,sizeof(key),EVP_aes_256_cbc(),NULL)) + goto end; + if (!CMAC_Update(ctx,data,sizeof(data)-1)) + goto end; + /* This should return 1. If not, there's a programming error... */ + if (!CMAC_Final(ctx, out, &outlen)) + goto end; + out = OPENSSL_malloc(outlen); + if (!CMAC_Final(ctx, out, &outlen)) + goto end; +#if 0 + { + char *hexout = OPENSSL_malloc(outlen * 2 + 1); + bin2hex(out, outlen, hexout); + printf("CMAC-AES256: res = %s\n", hexout); + OPENSSL_free(hexout); + } + r = 1; +#else + if (!memcmp(out,kaval,outlen)) + r = 1; +#endif + end: + CMAC_CTX_free(ctx); + if (out) + OPENSSL_free(out); + return r; + } + +/* CMAC-TDEA3: generate hash of known digest value and compare to known + precomputed correct hash +*/ +static int FIPS_cmac_tdea3_test() + { + unsigned char key[] = { 0x8a,0xa8,0x3b,0xf8, 0xcb,0xda,0x10,0x62, + 0x0b,0xc1,0xbf,0x19, 0xfb,0xb6,0xcd,0x58, + 0xbc,0x31,0x3d,0x4a, 0x37,0x1c,0xa8,0xb5, }; + unsigned char data[] = "Sample text"; + unsigned char kaval[EVP_MAX_MD_SIZE] = + { 0xb4,0x06,0x4e,0xbf, 0x59,0x89,0xba,0x68, }; + + unsigned char *out = NULL; + size_t outlen; + CMAC_CTX *ctx = CMAC_CTX_new(); + int r = 0; + + ERR_clear_error(); + + if (!ctx) + goto end; + if (!CMAC_Init(ctx,key,sizeof(key),EVP_des_ede3_cbc(),NULL)) + goto end; + if (!CMAC_Update(ctx,data,sizeof(data)-1)) + goto end; + /* This should return 1. If not, there's a programming error... */ + if (!CMAC_Final(ctx, out, &outlen)) + goto end; + out = OPENSSL_malloc(outlen); + if (!CMAC_Final(ctx, out, &outlen)) + goto end; +#if 0 + { + char *hexout = OPENSSL_malloc(outlen * 2 + 1); + bin2hex(out, outlen, hexout); + printf("CMAC-TDEA3: res = %s\n", hexout); + OPENSSL_free(hexout); + } + r = 1; +#else + if (!memcmp(out,kaval,outlen)) + r = 1; +#endif + end: + CMAC_CTX_free(ctx); + if (out) + OPENSSL_free(out); + return r; + } + /* DH: generate shared parameters */ @@ -449,6 +654,103 @@ static int Zeroize() return 1; } +/* Dummy Entropy for DRBG tests. WARNING: THIS IS TOTALLY BOGUS + * HAS ZERO SECURITY AND MUST NOT BE USED IN REAL APPLICATIONS. + */ + +static unsigned char dummy_drbg_entropy[1024]; + +static size_t drbg_test_cb(DRBG_CTX *ctx, unsigned char **pout, + int entropy, size_t min_len, size_t max_len) + { + *pout = dummy_drbg_entropy; + /* Round up to multiple of block size */ + return (min_len + 0xf) & ~0xf; + } + +/* DRBG test: just generate lots of data and trigger health checks */ + +static int do_drbg_test(int type, int flags) + { + DRBG_CTX *dctx; + int rv = 0; + size_t i; + unsigned char randout[1024]; + dctx = FIPS_drbg_new(type, flags); + if (!dctx) + return 0; + FIPS_drbg_set_callbacks(dctx, drbg_test_cb, 0, 0x10, drbg_test_cb, 0); + for (i = 0; i < sizeof(dummy_drbg_entropy); i++) + { + dummy_drbg_entropy[i] = i & 0xff; + } + if (!FIPS_drbg_instantiate(dctx, dummy_drbg_entropy, 10)) + goto err; + FIPS_drbg_set_check_interval(dctx, 10); + for (i = 0; i < 32; i++) + { + if (!FIPS_drbg_generate(dctx, randout, sizeof(randout), 0, NULL, 0)) + goto err; + if (!FIPS_drbg_generate(dctx, randout, sizeof(randout), 0, dummy_drbg_entropy, 1)) + goto err; + } + rv = 1; + err: + FIPS_drbg_uninstantiate(dctx); + return rv; + } + +typedef struct + { + int type, flags; + } DRBG_LIST; + +static int do_drbg_all(void) + { + static DRBG_LIST drbg_types[] = + { + {NID_sha1, 0}, + {NID_sha224, 0}, + {NID_sha256, 0}, + {NID_sha384, 0}, + {NID_sha512, 0}, + {NID_hmacWithSHA1, 0}, + {NID_hmacWithSHA224, 0}, + {NID_hmacWithSHA256, 0}, + {NID_hmacWithSHA384, 0}, + {NID_hmacWithSHA512, 0}, + {NID_aes_128_ctr, 0}, + {NID_aes_192_ctr, 0}, + {NID_aes_256_ctr, 0}, + {NID_aes_128_ctr, DRBG_FLAG_CTR_USE_DF}, + {NID_aes_192_ctr, DRBG_FLAG_CTR_USE_DF}, + {NID_aes_256_ctr, DRBG_FLAG_CTR_USE_DF}, + {(NID_X9_62_prime256v1 << 16)|NID_sha1, 0}, + {(NID_X9_62_prime256v1 << 16)|NID_sha224, 0}, + {(NID_X9_62_prime256v1 << 16)|NID_sha256, 0}, + {(NID_X9_62_prime256v1 << 16)|NID_sha384, 0}, + {(NID_X9_62_prime256v1 << 16)|NID_sha512, 0}, + {(NID_secp384r1 << 16)|NID_sha224, 0}, + {(NID_secp384r1 << 16)|NID_sha256, 0}, + {(NID_secp384r1 << 16)|NID_sha384, 0}, + {(NID_secp384r1 << 16)|NID_sha512, 0}, + {(NID_secp521r1 << 16)|NID_sha256, 0}, + {(NID_secp521r1 << 16)|NID_sha384, 0}, + {(NID_secp521r1 << 16)|NID_sha512, 0}, + {0, 0} + }; + DRBG_LIST *lst; + int rv = 1; + for (lst = drbg_types;; lst++) + { + if (lst->type == 0) + break; + if (!do_drbg_test(lst->type, lst->flags)) + rv = 0; + } + return rv; + } + static int Error; static const char * Fail(const char *msg) { @@ -461,72 +763,307 @@ static void test_msg(const char *msg, int result) printf("%s...%s\n", msg, result ? "successful" : Fail("Failed!")); } +/* Table of IDs for POST translating between NIDs and names */ + +typedef struct + { + int id; + const char *name; + } POST_ID; + +POST_ID id_list[] = { + {NID_sha1, "SHA1"}, + {NID_sha224, "SHA224"}, + {NID_sha256, "SHA256"}, + {NID_sha384, "SHA384"}, + {NID_sha512, "SHA512"}, + {NID_hmacWithSHA1, "HMAC-SHA1"}, + {NID_hmacWithSHA224, "HMAC-SHA224"}, + {NID_hmacWithSHA256, "HMAC-SHA256"}, + {NID_hmacWithSHA384, "HMAC-SHA384"}, + {NID_hmacWithSHA512, "HMAC-SHA512"}, + {EVP_PKEY_RSA, "RSA"}, + {EVP_PKEY_DSA, "DSA"}, + {EVP_PKEY_EC, "ECDSA"}, + {NID_aes_128_cbc, "AES-128-CBC"}, + {NID_aes_192_cbc, "AES-192-CBC"}, + {NID_aes_256_cbc, "AES-256-CBC"}, + {NID_aes_128_ctr, "AES-128-CTR"}, + {NID_aes_192_ctr, "AES-192-CTR"}, + {NID_aes_256_ctr, "AES-256-CTR"}, + {NID_aes_128_ecb, "AES-128-ECB"}, + {NID_aes_128_xts, "AES-128-XTS"}, + {NID_aes_256_xts, "AES-256-XTS"}, + {NID_des_ede3_cbc, "DES-EDE3-CBC"}, + {NID_des_ede3_ecb, "DES-EDE3-ECB"}, + {NID_X9_62_prime256v1, "P-256"}, + {NID_secp384r1, "P-384"}, + {NID_secp521r1, "P-521"}, + {0, NULL} +}; + +static const char *lookup_id(int id) + { + POST_ID *n; + static char out[40]; + for (n = id_list; n->name; n++) + { + if (n->id == id) + return n->name; + } + sprintf(out, "ID=%d", id); + return out; + } + +static int fail_id = -1; +static int fail_sub = -1; +static int fail_key = -1; + +static int post_cb(int op, int id, int subid, void *ex) + { + const char *idstr, *exstr = ""; + char asctmp[20]; + int keytype = -1; +#ifdef FIPS_POST_TIME + static struct timespec start, end, tstart, tend; +#endif + switch(id) + { + case FIPS_TEST_INTEGRITY: + idstr = "Integrity"; + break; + + case FIPS_TEST_DIGEST: + idstr = "Digest"; + exstr = lookup_id(subid); + break; + + case FIPS_TEST_CIPHER: + exstr = lookup_id(subid); + idstr = "Cipher"; + break; + + case FIPS_TEST_SIGNATURE: + if (ex) + { + EVP_PKEY *pkey = ex; + keytype = pkey->type; + exstr = lookup_id(keytype); + } + idstr = "Signature"; + break; + + case FIPS_TEST_HMAC: + exstr = lookup_id(subid); + idstr = "HMAC"; + break; + + case FIPS_TEST_CMAC: + idstr = "CMAC"; + exstr = lookup_id(subid); + break; + + case FIPS_TEST_GCM: + idstr = "GCM"; + break; + + case FIPS_TEST_XTS: + idstr = "XTS"; + exstr = lookup_id(subid); + break; + + case FIPS_TEST_CCM: + idstr = "CCM"; + break; + + case FIPS_TEST_X931: + idstr = "X9.31 PRNG"; + sprintf(asctmp, "keylen=%d", subid); + exstr = asctmp; + break; + + case FIPS_TEST_DRBG: + idstr = "DRBG"; + if (*(int *)ex & DRBG_FLAG_CTR_USE_DF) + { + sprintf(asctmp, "%s DF", lookup_id(subid)); + exstr = asctmp; + } + else if (subid >> 16) + { + sprintf(asctmp, "%s %s", + lookup_id(subid >> 16), + lookup_id(subid & 0xFFFF)); + exstr = asctmp; + } + else + exstr = lookup_id(subid); + break; + + case FIPS_TEST_PAIRWISE: + if (ex) + { + EVP_PKEY *pkey = ex; + keytype = pkey->type; + exstr = lookup_id(keytype); + } + idstr = "Pairwise Consistency"; + break; + + case FIPS_TEST_CONTINUOUS: + idstr = "Continuous PRNG"; + break; + + default: + idstr = "Unknown"; + break; + + } + + switch(op) + { + case FIPS_POST_BEGIN: +#ifdef FIPS_POST_TIME + clock_getres(CLOCK_REALTIME, &tstart); + printf("\tTimer resolution %ld s, %ld ns\n", + (long)tstart.tv_sec, (long)tstart.tv_nsec); + clock_gettime(CLOCK_REALTIME, &tstart); +#endif + printf("\tPOST started\n"); + break; + + case FIPS_POST_END: + printf("\tPOST %s\n", id ? "Success" : "Failed"); +#ifdef FIPS_POST_TIME + clock_gettime(CLOCK_REALTIME, &tend); + printf("\t\tTook %f seconds\n", + (double)((tend.tv_sec+tend.tv_nsec*1e-9) + - (tstart.tv_sec+tstart.tv_nsec*1e-9))); +#endif + break; + + case FIPS_POST_STARTED: + printf("\t\t%s %s test started\n", idstr, exstr); +#ifdef FIPS_POST_TIME + clock_gettime(CLOCK_REALTIME, &start); +#endif + break; + + case FIPS_POST_SUCCESS: + printf("\t\t%s %s test OK\n", idstr, exstr); +#ifdef FIPS_POST_TIME + clock_gettime(CLOCK_REALTIME, &end); + printf("\t\t\tTook %f seconds\n", + (double)((end.tv_sec+end.tv_nsec*1e-9) + - (start.tv_sec+start.tv_nsec*1e-9))); +#endif + break; + + case FIPS_POST_FAIL: + printf("\t\t%s %s test FAILED!!\n", idstr, exstr); + break; + + case FIPS_POST_CORRUPT: + if (fail_id == id + && (fail_key == -1 || fail_key == keytype) + && (fail_sub == -1 || fail_sub == subid)) + { + printf("\t\t%s %s test failure induced\n", idstr, exstr); + return 0; + } + break; + + } + return 1; + } + int main(int argc,char **argv) { - - int do_corrupt_rsa_keygen = 0, do_corrupt_dsa_keygen = 0; int bad_rsa = 0, bad_dsa = 0; int do_rng_stick = 0; + int do_drbg_stick = 0; int no_exit = 0; + int no_dh = 0; - fips_set_error_print(); + FIPS_post_set_callback(post_cb); - printf("\tFIPS-mode test application\n\n"); + printf("\tFIPS-mode test application\n"); - /* Load entropy from external file, if any */ - RAND_load_file(".rnd", 1024); + printf("\t%s\n\n", FIPS_module_version_text()); if (argv[1]) { /* Corrupted KAT tests */ - if (!strcmp(argv[1], "aes")) { - FIPS_corrupt_aes(); - printf("AES encryption/decryption with corrupted KAT...\n"); + if (!strcmp(argv[1], "integrity")) { + fail_id = FIPS_TEST_INTEGRITY; + } else if (!strcmp(argv[1], "aes")) { + fail_id = FIPS_TEST_CIPHER; + fail_sub = NID_aes_128_ecb; + } else if (!strcmp(argv[1], "aes-ccm")) { + fail_id = FIPS_TEST_CCM; } else if (!strcmp(argv[1], "aes-gcm")) { - FIPS_corrupt_aes_gcm(); - printf("AES-GCM encryption/decryption with corrupted KAT...\n"); + fail_id = FIPS_TEST_GCM; + } else if (!strcmp(argv[1], "aes-xts")) { + fail_id = FIPS_TEST_XTS; } else if (!strcmp(argv[1], "des")) { - FIPS_corrupt_des(); - printf("DES3-ECB encryption/decryption with corrupted KAT...\n"); + fail_id = FIPS_TEST_CIPHER; + fail_sub = NID_des_ede3_ecb; } else if (!strcmp(argv[1], "dsa")) { - FIPS_corrupt_dsa(); - printf("DSA key generation and signature validation with corrupted KAT...\n"); + fail_id = FIPS_TEST_SIGNATURE; + fail_key = EVP_PKEY_DSA; } else if (!strcmp(argv[1], "ecdsa")) { - FIPS_corrupt_ecdsa(); - printf("ECDSA key generation and signature validation with corrupted KAT...\n"); + fail_id = FIPS_TEST_SIGNATURE; + fail_key = EVP_PKEY_EC; } else if (!strcmp(argv[1], "rsa")) { - FIPS_corrupt_rsa(); - printf("RSA key generation and signature validation with corrupted KAT...\n"); + fail_id = FIPS_TEST_SIGNATURE; + fail_key = EVP_PKEY_RSA; } else if (!strcmp(argv[1], "rsakey")) { printf("RSA key generation and signature validation with corrupted key...\n"); bad_rsa = 1; no_exit = 1; } else if (!strcmp(argv[1], "rsakeygen")) { - do_corrupt_rsa_keygen = 1; + fail_id = FIPS_TEST_PAIRWISE; + fail_key = EVP_PKEY_RSA; no_exit = 1; - printf("RSA key generation and signature validation with corrupted keygen...\n"); } else if (!strcmp(argv[1], "dsakey")) { printf("DSA key generation and signature validation with corrupted key...\n"); bad_dsa = 1; no_exit = 1; } else if (!strcmp(argv[1], "dsakeygen")) { - do_corrupt_dsa_keygen = 1; + fail_id = FIPS_TEST_PAIRWISE; + fail_key = EVP_PKEY_DSA; no_exit = 1; - printf("DSA key generation and signature validation with corrupted keygen...\n"); } else if (!strcmp(argv[1], "sha1")) { - FIPS_corrupt_sha1(); - printf("SHA-1 hash with corrupted KAT...\n"); + fail_id = FIPS_TEST_DIGEST; + } else if (!strcmp(argv[1], "hmac")) { + fail_id = FIPS_TEST_HMAC; + } else if (!strcmp(argv[1], "cmac")) { + fail_id = FIPS_TEST_CMAC; + } else if (!strcmp(argv[1], "drbg")) { + fail_id = FIPS_TEST_DRBG; } else if (!strcmp(argv[1], "rng")) { - FIPS_corrupt_rng(); + fail_id = FIPS_TEST_X931; + } else if (!strcmp(argv[1], "nodh")) { + no_dh = 1; + no_exit = 1; + } else if (!strcmp(argv[1], "post")) { + fail_id = -1; } else if (!strcmp(argv[1], "rngstick")) { do_rng_stick = 1; no_exit = 1; printf("RNG test with stuck continuous test...\n"); + } else if (!strcmp(argv[1], "drbgentstick")) { + do_entropy_stick(); + } else if (!strcmp(argv[1], "drbgstick")) { + do_drbg_stick = 1; + no_exit = 1; + printf("DRBG test with stuck continuous test...\n"); } else { printf("Bad argument \"%s\"\n", argv[1]); exit(1); } if (!no_exit) { - if (!FIPS_mode_set(1)) { + fips_algtest_init_nofips(); + if (!FIPS_module_mode_set(1)) { printf("Power-up self test failed\n"); exit(1); } @@ -535,23 +1072,26 @@ int main(int argc,char **argv) } } + fips_algtest_init_nofips(); + /* Non-Approved cryptographic operation */ printf("1. Non-Approved cryptographic operation test...\n"); - test_msg("\ta. Included algorithm (D-H)...", dh_test()); + if (no_dh) + printf("\t D-H test skipped\n"); + else + test_msg("\ta. Included algorithm (D-H)...", dh_test()); /* Power-up self test */ ERR_clear_error(); - test_msg("2. Automatic power-up self test", FIPS_mode_set(1)); - if (!FIPS_mode()) + test_msg("2. Automatic power-up self test", FIPS_module_mode_set(1)); + if (!FIPS_module_mode()) exit(1); - if (do_corrupt_dsa_keygen) - FIPS_corrupt_dsa_keygen(); - if (do_corrupt_rsa_keygen) - FIPS_corrupt_rsa_keygen(); + if (do_drbg_stick) + FIPS_drbg_stick(); if (do_rng_stick) - FIPS_rng_stick(); + FIPS_x931_stick(); /* AES encryption/decryption */ @@ -606,19 +1146,50 @@ int main(int argc,char **argv) */ test_msg("7h. HMAC-SHA-512 hash", FIPS_hmac_sha512_test()); + /* CMAC-AES-128 hash + */ + test_msg("8a. CMAC-AES-128 hash", FIPS_cmac_aes128_test()); + + /* CMAC-AES-192 hash + */ + test_msg("8b. CMAC-AES-192 hash", FIPS_cmac_aes192_test()); + + /* CMAC-AES-256 hash + */ + test_msg("8c. CMAC-AES-256 hash", FIPS_cmac_aes256_test()); + +# if 0 /* Not a FIPS algorithm */ + /* CMAC-TDEA-2 hash + */ + test_msg("8d. CMAC-TDEA-2 hash", FIPS_cmac_tdea2_test()); +#endif + + /* CMAC-TDEA-3 hash + */ + test_msg("8e. CMAC-TDEA-3 hash", FIPS_cmac_tdea3_test()); + /* Non-Approved cryptographic operation */ - printf("8. Non-Approved cryptographic operation test...\n"); + printf("9. Non-Approved cryptographic operation test...\n"); printf("\ta. Included algorithm (D-H)...%s\n", + no_dh ? "skipped" : dh_test() ? "successful as expected" : Fail("failed INCORRECTLY!") ); /* Zeroization */ - printf("9. Zero-ization...\n\t%s\n", + printf("10. Zero-ization...\n\t%s\n", Zeroize() ? "successful as expected" : Fail("failed INCORRECTLY!") ); + printf("11. Complete DRBG health check...\n"); + printf("\t%s\n", FIPS_selftest_drbg_all() ? "successful as expected" + : Fail("failed INCORRECTLY!") ); + + printf("12. DRBG generation check...\n"); + printf("\t%s\n", do_drbg_all() ? "successful as expected" + : Fail("failed INCORRECTLY!") ); + printf("\nAll tests completed with %d errors\n", Error); return Error ? 1 : 0; }