Update fips_pkey_signature_test: use fixed string if supplies tbs is
authorDr. Stephen Henson <steve@openssl.org>
Tue, 12 Apr 2011 17:41:53 +0000 (17:41 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Tue, 12 Apr 2011 17:41:53 +0000 (17:41 +0000)
NULL. Always allocate signature buffer.

Update ECDSA selftest to use fips_pkey_signature_test. Add copyright notice
to file.

fips/dsa/fips_dsa_selftest.c
fips/ecdsa/fips_ecdsa_selftest.c
fips/fips.c
fips/fips.h

index 9ddfa79..9646ae9 100644 (file)
@@ -144,8 +144,6 @@ static const unsigned char dsa_test_2048_priv_key[] = {
        0xec,0x55,0xf6,0xcc
 };
 
-static const unsigned char str1[]="12345678901234567890";
-
 void FIPS_corrupt_dsa()
     {
     ++dsa_test_2048_q[0];
@@ -171,7 +169,7 @@ int FIPS_selftest_dsa()
        pk.type = EVP_PKEY_DSA;
        pk.pkey.dsa = dsa;
 
-       if (!fips_pkey_signature_test(&pk, str1, sizeof(str1) - 1,
+       if (!fips_pkey_signature_test(&pk, NULL, 0,
                                        NULL, 0, EVP_sha384(), 0,
                                        "DSA SHA384"))
                goto err;
index 7f7ddda..c09f59d 100644 (file)
@@ -1,4 +1,56 @@
 /* fips/ecdsa/fips_ecdsa_selftest.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2011.
+ */
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
 
 #define OPENSSL_FIPSAPI
 
 
 #ifdef OPENSSL_FIPS
 
-static const unsigned char str1[]="12345678901234567890";
+static const char P_384_name[] = "ECDSA P-384";
 
-static int corrupt_ecdsa = 0;
-
-void FIPS_corrupt_ecdsa()
-    {
-    corrupt_ecdsa = 1;
-    }
-
-static const unsigned char P_384_d[] = {
+static unsigned char P_384_d[] = {
        0x1d,0x84,0x42,0xde,0xa2,0x35,0x29,0xbd,0x9f,0xe2,0x6e,0x6d,
        0x01,0x26,0x30,0x79,0x33,0x57,0x01,0xf3,0x97,0x88,0x41,0xb3,
        0x82,0x07,0x08,0x5e,0x63,0x8e,0x1a,0xa6,0x9b,0x08,0xb6,0xe2,
@@ -41,8 +86,15 @@ static const unsigned char P_384_qy[] = {
        0xfc,0x03,0xe5,0x12,0x50,0x17,0x98,0x7f,0x14,0x7e,0x95,0x17
 };
 
+void FIPS_corrupt_ecdsa()
+       {
+       P_384_d[0]++;
+       }
+
 #ifndef OPENSSL_NO_EC2M
 
+static const char K_409_name[] = "ECDSA K-409";
+
 static const unsigned char K_409_d[] = {
        0x68,0xe1,0x64,0x0a,0xe6,0x80,0x57,0x53,0x8d,0x35,0xd1,0xec,
        0x69,0xea,0x82,0x05,0x47,0x48,0x4d,0xda,0x9f,0x8c,0xa0,0xf3,
@@ -70,24 +122,25 @@ static const unsigned char K_409_qy[] = {
 typedef struct 
        {
        int curve;
+       const char *name;
        const unsigned char *x;
        size_t xlen;
        const unsigned char *y;
        size_t ylen;
        const unsigned char *d;
        size_t dlen;
-       } EC_SELFTEST_PRIVKEY;
+       } EC_SELFTEST_DATA;
 
-#define make_ec_key(nid, pr) { nid, \
+#define make_ecdsa_test(nid, pr) { nid, pr##_name, \
                                pr##_qx, sizeof(pr##_qx), \
                                pr##_qy, sizeof(pr##_qy), \
-                               pr##_d, sizeof(pr##_d) }
+                               pr##_d, sizeof(pr##_d)}
 
-static EC_SELFTEST_PRIVKEY test_ec_keys[] = 
+static EC_SELFTEST_DATA test_ec_data[] = 
        {
-       make_ec_key(NID_secp384r1, P_384),
+       make_ecdsa_test(NID_secp384r1, P_384),
 #ifndef OPENSSL_NO_EC2M
-       make_ec_key(NID_sect409k1, K_409)
+       make_ecdsa_test(NID_sect409k1, K_409)
 #endif
        };
 
@@ -95,25 +148,22 @@ int FIPS_selftest_ecdsa()
        {
        EC_KEY *ec = NULL;
        BIGNUM *x = NULL, *y = NULL, *d = NULL;
-       EVP_MD_CTX mctx;
-       ECDSA_SIG *esig = NULL;
+       EVP_PKEY pk;
        int rv = 0;
        size_t i;
 
-       FIPS_md_ctx_init(&mctx);
-
-       for (i = 0; i < sizeof(test_ec_keys)/sizeof(EC_SELFTEST_PRIVKEY); i++)
+       for (i = 0; i < sizeof(test_ec_data)/sizeof(EC_SELFTEST_DATA); i++)
                {
-               EC_SELFTEST_PRIVKEY *key = test_ec_keys + i;
+               EC_SELFTEST_DATA *ecd = test_ec_data + i;
 
-               x = BN_bin2bn(key->x, key->xlen, x);
-               y = BN_bin2bn(key->y, key->ylen, y);
-               d = BN_bin2bn(key->d, key->dlen, d);
+               x = BN_bin2bn(ecd->x, ecd->xlen, x);
+               y = BN_bin2bn(ecd->y, ecd->ylen, y);
+               d = BN_bin2bn(ecd->d, ecd->dlen, d);
 
                if (!x || !y || !d)
                        goto err;
 
-               ec = EC_KEY_new_by_curve_name(key->curve);
+               ec = EC_KEY_new_by_curve_name(ecd->curve);
                if (!ec)
                        goto err;
 
@@ -123,26 +173,13 @@ int FIPS_selftest_ecdsa()
                if (!EC_KEY_set_private_key(ec, d))
                        goto err;
 
-               if (!FIPS_digestinit(&mctx, EVP_sha512()))
-                       goto err;
-               if (!FIPS_digestupdate(&mctx, str1, 20))
-                       goto err;
-               esig = FIPS_ecdsa_sign_ctx(ec, &mctx);
-               if (!esig)
-                       goto err;
+               pk.type = EVP_PKEY_EC;
+               pk.pkey.ec = ec;
 
-               if (corrupt_ecdsa)
-                       BN_add_word(esig->r, 1);
-
-               if (!FIPS_digestinit(&mctx, EVP_sha512()))
-                       goto err;
-               if (!FIPS_digestupdate(&mctx, str1, 20))
+               if (!fips_pkey_signature_test(&pk, NULL, 0,
+                                               NULL, 0, EVP_sha512(), 0,
+                                               ecd->name))
                        goto err;
-               if (FIPS_ecdsa_verify_ctx(ec, &mctx, esig) != 1)
-                       goto err;
-
-               FIPS_ecdsa_sig_free(esig);
-               esig = NULL;
                EC_KEY_free(ec);
                ec = NULL;
                }
@@ -151,8 +188,6 @@ int FIPS_selftest_ecdsa()
 
        err:
 
-       FIPS_md_ctx_cleanup(&mctx);
-
        if (x)
                BN_clear_free(x);
        if (y)
@@ -161,8 +196,6 @@ int FIPS_selftest_ecdsa()
                BN_clear_free(d);
        if (ec)
                EC_KEY_free(ec);
-       if (esig)
-               FIPS_ecdsa_sig_free(esig);
 
        return rv;
 
index a4ed4f2..9ad1761 100644 (file)
@@ -397,21 +397,25 @@ unsigned char *fips_signature_witness(void)
  */
 
 int fips_pkey_signature_test(EVP_PKEY *pkey,
-                       const unsigned char *tbs, int tbslen,
-                       const unsigned char *kat, unsigned int katlen,
+                       const unsigned char *tbs, size_t tbslen,
+                       const unsigned char *kat, size_t katlen,
                        const EVP_MD *digest, int pad_mode,
                        const char *fail_str)
        {       
        int ret = 0;
-       unsigned char sigtmp[256], *sig = sigtmp;
+       unsigned char *sig = NULL;
        unsigned int siglen;
+       static const unsigned char str1[]="12345678901234567890";
        DSA_SIG *dsig = NULL;
        ECDSA_SIG *esig = NULL;
        EVP_MD_CTX mctx;
        FIPS_md_ctx_init(&mctx);
 
-       if ((pkey->type == EVP_PKEY_RSA)
-               && ((size_t)RSA_size(pkey->pkey.rsa) > sizeof(sigtmp)))
+
+       if (tbs == NULL)
+               tbs = str1;
+
+       if (pkey->type == EVP_PKEY_RSA)
                {
                sig = OPENSSL_malloc(RSA_size(pkey->pkey.rsa));
                if (!sig)
@@ -421,7 +425,7 @@ int fips_pkey_signature_test(EVP_PKEY *pkey,
                        }
                }
 
-       if (tbslen == -1)
+       if (tbslen == 0)
                tbslen = strlen((char *)tbs);
 
        if (digest == NULL)
@@ -486,7 +490,7 @@ int fips_pkey_signature_test(EVP_PKEY *pkey,
                FIPS_dsa_sig_free(dsig);
        if (esig != NULL)
                FIPS_ecdsa_sig_free(esig);
-       if (sig != sigtmp)
+       if (sig)
                OPENSSL_free(sig);
        FIPS_md_ctx_cleanup(&mctx);
        if (ret != 1)
index 0481983..e308ff4 100644 (file)
@@ -102,8 +102,8 @@ unsigned int FIPS_incore_fingerprint(unsigned char *sig,unsigned int len);
 int FIPS_check_incore_fingerprint(void);
 
 int fips_pkey_signature_test(struct evp_pkey_st *pkey,
-                       const unsigned char *tbs, int tbslen,
-                       const unsigned char *kat, unsigned int katlen,
+                       const unsigned char *tbs, size_t tbslen,
+                       const unsigned char *kat, size_t katlen,
                        const struct env_md_st *digest, int pad_mode,
                        const char *fail_str);