remove FIPS module code from crypto/rsa
authorDr. Stephen Henson <steve@openssl.org>
Sun, 19 Oct 2014 00:04:07 +0000 (01:04 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Mon, 8 Dec 2014 13:25:38 +0000 (13:25 +0000)
Reviewed-by: Tim Hudson <tjh@openssl.org>
crypto/rsa/rsa_eay.c
crypto/rsa/rsa_gen.c
crypto/rsa/rsa_pss.c
crypto/rsa/rsa_x931g.c

index 683181f..6c28431 100644 (file)
 #include <openssl/bn.h>
 #include <openssl/rsa.h>
 #include <openssl/rand.h>
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#endif
 
 #ifndef RSA_NULL
 
@@ -162,21 +159,6 @@ static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
        unsigned char *buf=NULL;
        BN_CTX *ctx=NULL;
 
-#ifdef OPENSSL_FIPS
-       if(FIPS_selftest_failed())
-               {
-               FIPSerr(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT,FIPS_R_FIPS_SELFTEST_FAILED);
-               goto err;
-               }
-
-       if (FIPS_module_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)
-               && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
-               {
-               RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
-               return -1;
-               }
-#endif
-
        if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)
                {
                RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE);
@@ -380,21 +362,6 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
        BIGNUM *unblind = NULL;
        BN_BLINDING *blinding = NULL;
 
-#ifdef OPENSSL_FIPS
-       if(FIPS_selftest_failed())
-               {
-               FIPSerr(FIPS_F_RSA_EAY_PRIVATE_ENCRYPT,FIPS_R_FIPS_SELFTEST_FAILED);
-               goto err;
-               }
-
-       if (FIPS_module_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)
-               && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
-               {
-               RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
-               return -1;
-               }
-#endif
-
        if ((ctx=BN_CTX_new()) == NULL) goto err;
        BN_CTX_start(ctx);
        f   = BN_CTX_get(ctx);
@@ -538,21 +505,6 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
        BIGNUM *unblind = NULL;
        BN_BLINDING *blinding = NULL;
 
-#ifdef OPENSSL_FIPS
-       if(FIPS_selftest_failed())
-               {
-               FIPSerr(FIPS_F_RSA_EAY_PRIVATE_DECRYPT,FIPS_R_FIPS_SELFTEST_FAILED);
-               goto err;
-               }
-
-       if (FIPS_module_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)
-               && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
-               {
-               RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
-               return -1;
-               }
-#endif
-
        if((ctx = BN_CTX_new()) == NULL) goto err;
        BN_CTX_start(ctx);
        f   = BN_CTX_get(ctx);
@@ -688,21 +640,6 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
        unsigned char *buf=NULL;
        BN_CTX *ctx=NULL;
 
-#ifdef OPENSSL_FIPS
-       if(FIPS_selftest_failed())
-               {
-               FIPSerr(FIPS_F_RSA_EAY_PUBLIC_DECRYPT,FIPS_R_FIPS_SELFTEST_FAILED);
-               goto err;
-               }
-
-       if (FIPS_module_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)
-               && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
-               {
-               RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
-               return -1;
-               }
-#endif
-
        if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)
                {
                RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE);
@@ -961,13 +898,6 @@ err:
 
 static int RSA_eay_init(RSA *rsa)
        {
-#ifdef OPENSSL_FIPS
-       if(FIPS_selftest_failed())
-               {
-               FIPSerr(FIPS_F_RSA_EAY_INIT,FIPS_R_FIPS_SELFTEST_FAILED);
-               return 0;
-               }
-#endif
        rsa->flags|=RSA_FLAG_CACHE_PUBLIC|RSA_FLAG_CACHE_PRIVATE;
        return(1);
        }
index d28f872..a4eb675 100644 (file)
 #include <openssl/bn.h>
 #include <openssl/rsa.h>
 
-#ifdef OPENSSL_FIPS
-
-
-#include <openssl/fips.h>
-#include <openssl/fips_rand.h>
-#include <openssl/evp.h>
-
-/* Check PRNG has sufficient security level to handle an RSA operation */
-
-int fips_check_rsa_prng(RSA *rsa, int bits)
-       {
-       int strength;
-       if (!FIPS_module_mode())
-               return 1;
-
-       if (rsa->flags & (RSA_FLAG_NON_FIPS_ALLOW|RSA_FLAG_CHECKED))
-               return 1;
-
-       if (bits == 0)
-               bits = BN_num_bits(rsa->n);
-
-       /* Should never happen */
-       if (bits < 1024)
-               {
-               FIPSerr(FIPS_F_FIPS_CHECK_RSA_PRNG,FIPS_R_KEY_TOO_SHORT);
-               return 0;
-               }
-       /* From SP800-57 */
-       if (bits < 2048)
-               strength = 80;
-       else if (bits < 3072)
-               strength = 112;
-       else if (bits < 7680)
-               strength = 128;
-       else if (bits < 15360)
-               strength = 192;
-       else 
-               strength = 256;
-
-       if (FIPS_rand_strength() >= strength)
-               return 1;
-
-       FIPSerr(FIPS_F_FIPS_CHECK_RSA_PRNG,FIPS_R_PRNG_STRENGTH_TOO_LOW);
-       return 0;
-       }
-       
-
-int fips_check_rsa(RSA *rsa)
-       {
-       const unsigned char tbs[] = "RSA Pairwise Check Data";
-       unsigned char *ctbuf = NULL, *ptbuf = NULL;
-       int len, ret = 0;
-       EVP_PKEY pk;
-       pk.type = EVP_PKEY_RSA;
-       pk.pkey.rsa = rsa;
-
-       /* Perform pairwise consistency signature test */
-       if (!fips_pkey_signature_test(FIPS_TEST_PAIRWISE, &pk, tbs, 0,
-                       NULL, 0, NULL, RSA_PKCS1_PADDING, NULL)
-               || !fips_pkey_signature_test(FIPS_TEST_PAIRWISE, &pk, tbs, 0,
-                       NULL, 0, NULL, RSA_X931_PADDING, NULL)
-               || !fips_pkey_signature_test(FIPS_TEST_PAIRWISE, &pk, tbs, 0,
-                       NULL, 0, NULL, RSA_PKCS1_PSS_PADDING, NULL))
-               goto err;
-       /* Now perform pairwise consistency encrypt/decrypt test */
-       ctbuf = OPENSSL_malloc(RSA_size(rsa));
-       if (!ctbuf)
-               goto err;
-
-       len = RSA_public_encrypt(sizeof(tbs) - 1, tbs, ctbuf, rsa, RSA_PKCS1_PADDING);
-       if (len <= 0)
-               goto err;
-       /* Check ciphertext doesn't match plaintext */
-       if ((len == (sizeof(tbs) - 1)) && !memcmp(tbs, ctbuf, len))
-               goto err;
-       ptbuf = OPENSSL_malloc(RSA_size(rsa));
-
-       if (!ptbuf)
-               goto err;
-       len = RSA_private_decrypt(len, ctbuf, ptbuf, rsa, RSA_PKCS1_PADDING);
-       if (len != (sizeof(tbs) - 1))
-               goto err;
-       if (memcmp(ptbuf, tbs, len))
-               goto err;
-
-       ret = 1;
-
-       if (!ptbuf)
-               goto err;
-       
-       err:
-       if (ret == 0)
-               {
-               fips_set_selftest_fail();
-               FIPSerr(FIPS_F_FIPS_CHECK_RSA,FIPS_R_PAIRWISE_TEST_FAILED);
-               }
-
-       if (ctbuf)
-               OPENSSL_free(ctbuf);
-       if (ptbuf)
-               OPENSSL_free(ptbuf);
-
-       return ret;
-       }
-#endif
-
 static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb);
 
 /* NB: this wrapper would normally be placed in rsa_lib.c and the static
@@ -198,23 +92,6 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
        int bitsp,bitsq,ok= -1,n=0;
        BN_CTX *ctx=NULL;
 
-#ifdef OPENSSL_FIPS
-       if(FIPS_selftest_failed())
-           {
-           FIPSerr(FIPS_F_RSA_BUILTIN_KEYGEN,FIPS_R_FIPS_SELFTEST_FAILED);
-           return 0;
-           }
-
-       if (FIPS_module_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) 
-               && (bits < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
-           {
-           FIPSerr(FIPS_F_RSA_BUILTIN_KEYGEN,FIPS_R_KEY_TOO_SHORT);
-           return 0;
-           }
-       if (!fips_check_rsa_prng(rsa, bits))
-           return 0;
-#endif
-
        ctx=BN_CTX_new();
        if (ctx == NULL) goto err;
        BN_CTX_start(ctx);
@@ -326,11 +203,6 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
                p = rsa->p;
        if (!BN_mod_inverse(rsa->iqmp,rsa->q,p,ctx)) goto err;
 
-#ifdef OPENSSL_FIPS
-       if(!fips_check_rsa(rsa))
-           goto err;
-#endif
-
        ok=1;
 err:
        if (ok == -1)
index e90dbea..c776b78 100644 (file)
 #include <openssl/sha.h>
 #include "rsa_locl.h"
 
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#endif
-
 static const unsigned char zeroes[] = {0,0,0,0,0,0,0,0};
 
 #if defined(_MSC_VER) && defined(_ARM_)
index e6e62c4..2f37cf4 100644 (file)
 #include <openssl/bn.h>
 #include <openssl/rsa.h>
 
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-
-extern int fips_check_rsa(RSA *rsa);
-#endif
-
 /* X9.31 RSA key derivation and generation */
 
 int RSA_X931_derive_ex(RSA *rsa, BIGNUM *p1, BIGNUM *p2, BIGNUM *q1, BIGNUM *q2,
@@ -209,29 +203,6 @@ int RSA_X931_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e, BN_GENCB *cb)
        BIGNUM *Xp = NULL, *Xq = NULL;
        BN_CTX *ctx = NULL;
 
-#ifdef OPENSSL_FIPS
-       if (FIPS_module_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) && 
-               (bits < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
-           {
-           FIPSerr(FIPS_F_RSA_X931_GENERATE_KEY_EX,FIPS_R_KEY_TOO_SHORT);
-           return 0;
-           }
-
-       if (bits & 0xff)
-           {
-           FIPSerr(FIPS_F_RSA_X931_GENERATE_KEY_EX,FIPS_R_INVALID_KEY_LENGTH);
-           return 0;
-           }
-
-       if(FIPS_selftest_failed())
-           {
-           FIPSerr(FIPS_F_RSA_X931_GENERATE_KEY_EX,FIPS_R_FIPS_SELFTEST_FAILED);
-           return 0;
-           }
-       if (!fips_check_rsa_prng(rsa, bits))
-           return 0;
-#endif
-
        ctx = BN_CTX_new();
        if (!ctx)
                goto error;
@@ -265,11 +236,6 @@ int RSA_X931_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e, BN_GENCB *cb)
                                NULL, NULL, NULL, NULL, NULL, NULL, e, cb))
                goto error;
 
-#ifdef OPENSSL_FIPS
-       if(!fips_check_rsa(rsa))
-           goto error;
-#endif
-
        ok = 1;
 
        error: