X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=fips%2Ffips_test_suite.c;h=c829d184a7f8a8bd037172a5d5ad525aa7a3b7ef;hp=8192eb2cc87a9e3a1268f0ea2987e769cbc35536;hb=a11f06b2dc73ca3a79e27dfabc2e714af07c7b3f;hpb=b8b6a13a569fc6a5ad097502cdc87a121a27f3c6 diff --git a/fips/fips_test_suite.c b/fips/fips_test_suite.c index 8192eb2cc8..c829d184a7 100644 --- a/fips/fips_test_suite.c +++ b/fips/fips_test_suite.c @@ -679,6 +679,11 @@ POST_ID id_list[] = { {NID_sha256, "SHA256"}, {NID_sha384, "SHA384"}, {NID_sha512, "SHA512"}, + {NID_hmacWithSHA1, "HMAC-SHA1"}, + {NID_hmacWithSHA224, "HMAC-SHA224"}, + {NID_hmacWithSHA256, "HMAC-SHA256"}, + {NID_hmacWithSHA384, "HMAC-SHA384"}, + {NID_hmacWithSHA512, "HMAC-SHA512"}, {EVP_PKEY_RSA, "RSA"}, {EVP_PKEY_DSA, "DSA"}, {EVP_PKEY_EC, "ECDSA"}, @@ -693,6 +698,9 @@ POST_ID id_list[] = { {NID_aes_256_xts, "AES-256-XTS"}, {NID_des_ede3_cbc, "DES-EDE3-CBC"}, {NID_des_ede3_ecb, "DES-EDE3-ECB"}, + {NID_X9_62_prime256v1, "P-256"}, + {NID_secp384r1, "P-384"}, + {NID_secp521r1, "P-521"}, {0, NULL} }; @@ -718,6 +726,9 @@ static int post_cb(int op, int id, int subid, void *ex) const char *idstr, *exstr = ""; char asctmp[20]; int keytype = -1; +#ifdef FIPS_POST_TIME + static struct timespec start, end, tstart, tend; +#endif switch(id) { case FIPS_TEST_INTEGRITY: @@ -780,6 +791,13 @@ static int post_cb(int op, int id, int subid, void *ex) sprintf(asctmp, "%s DF", lookup_id(subid)); exstr = asctmp; } + else if (subid >> 16) + { + sprintf(asctmp, "%s %s", + lookup_id(subid >> 16), + lookup_id(subid & 0xFFFF)); + exstr = asctmp; + } else exstr = lookup_id(subid); break; @@ -807,19 +825,40 @@ static int post_cb(int op, int id, int subid, void *ex) switch(op) { case FIPS_POST_BEGIN: +#ifdef FIPS_POST_TIME + clock_getres(CLOCK_REALTIME, &tstart); + printf("\tTimer resolution %ld s, %ld ns\n", + (long)tstart.tv_sec, (long)tstart.tv_nsec); + clock_gettime(CLOCK_REALTIME, &tstart); +#endif printf("\tPOST started\n"); break; case FIPS_POST_END: printf("\tPOST %s\n", id ? "Success" : "Failed"); +#ifdef FIPS_POST_TIME + clock_gettime(CLOCK_REALTIME, &tend); + printf("\t\tTook %f seconds\n", + (double)((tend.tv_sec+tend.tv_nsec*1e-9) + - (tstart.tv_sec+tstart.tv_nsec*1e-9))); +#endif break; case FIPS_POST_STARTED: printf("\t\t%s %s test started\n", idstr, exstr); +#ifdef FIPS_POST_TIME + clock_gettime(CLOCK_REALTIME, &start); +#endif break; case FIPS_POST_SUCCESS: printf("\t\t%s %s test OK\n", idstr, exstr); +#ifdef FIPS_POST_TIME + clock_gettime(CLOCK_REALTIME, &end); + printf("\t\t\tTook %f seconds\n", + (double)((end.tv_sec+end.tv_nsec*1e-9) + - (start.tv_sec+start.tv_nsec*1e-9))); +#endif break; case FIPS_POST_FAIL: @@ -850,7 +889,9 @@ int main(int argc,char **argv) FIPS_post_set_callback(post_cb); - printf("\tFIPS-mode test application\n\n"); + printf("\tFIPS-mode test application\n"); + + printf("\t%s\n\n", FIPS_module_version_text()); if (argv[1]) { /* Corrupted KAT tests */ @@ -921,7 +962,7 @@ int main(int argc,char **argv) } if (!no_exit) { fips_algtest_init_nofips(); - if (!FIPS_mode_set(1)) { + if (!FIPS_module_mode_set(1)) { printf("Power-up self test failed\n"); exit(1); } @@ -940,8 +981,8 @@ int main(int argc,char **argv) /* Power-up self test */ ERR_clear_error(); - test_msg("2. Automatic power-up self test", FIPS_mode_set(1)); - if (!FIPS_mode()) + test_msg("2. Automatic power-up self test", FIPS_module_mode_set(1)); + if (!FIPS_module_mode()) exit(1); if (do_drbg_stick) FIPS_drbg_stick(); @@ -1036,6 +1077,10 @@ int main(int argc,char **argv) Zeroize() ? "successful as expected" : Fail("failed INCORRECTLY!") ); + printf("11. Complete DRBG health check...\n\t%s\n", + FIPS_selftest_drbg_all() ? "successful as expected" + : Fail("failed INCORRECTLY!") ); + printf("\nAll tests completed with %d errors\n", Error); return Error ? 1 : 0; }