Remove several of the old obsolete FIPS_corrupt_*() functions.
authorDr. Stephen Henson <steve@openssl.org>
Thu, 14 Apr 2011 11:30:51 +0000 (11:30 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Thu, 14 Apr 2011 11:30:51 +0000 (11:30 +0000)
crypto/dsa/dsa_key.c
crypto/ec/ec_key.c
crypto/rsa/rsa_gen.c
fips/aes/fips_aes_selftest.c
fips/des/fips_des_selftest.c
fips/dsa/fips_dsa_selftest.c
fips/ecdsa/fips_ecdsa_selftest.c
fips/fips.h
fips/fips_test_suite.c
fips/rsa/fips_rsa_selftest.c
fips/sha/fips_sha1_selftest.c

index 39cf6b7..c758987 100644 (file)
 #include <openssl/fips.h>
 #include <openssl/evp.h>
 
-static int fips_dsa_pairwise_fail = 0;
-
-void FIPS_corrupt_dsa_keygen(void)
-       {
-       fips_dsa_pairwise_fail = 1;
-       }
-
 static int fips_check_dsa(DSA *dsa)
        {
        EVP_PKEY pk;
@@ -159,8 +152,6 @@ static int dsa_builtin_keygen(DSA *dsa)
        dsa->priv_key=priv_key;
        dsa->pub_key=pub_key;
 #ifdef OPENSSL_FIPS
-       if (fips_dsa_pairwise_fail)
-               BN_add_word(dsa->pub_key, 1);
        if(!fips_check_dsa(dsa))
                {
                dsa->pub_key = NULL;
index 1f04894..59bc084 100644 (file)
@@ -236,13 +236,6 @@ int EC_KEY_up_ref(EC_KEY *r)
 
 #include <openssl/evp.h>
 
-static int fips_ec_pairwise_fail = 0;
-
-void FIPS_corrupt_ec_keygen(void)
-       {
-       fips_ec_pairwise_fail = 1;
-       }
-
 static int fips_check_ec(EC_KEY *key)
        {
        EVP_PKEY pk;
@@ -311,8 +304,6 @@ int EC_KEY_generate_key(EC_KEY *eckey)
        eckey->pub_key  = pub_key;
 
 #ifdef OPENSSL_FIPS
-       if (fips_ec_pairwise_fail)
-               BN_add_word(eckey->priv_key, 1);
        if(!fips_check_ec(eckey))
                {
                eckey->priv_key = NULL;
index 977e461..8f798c0 100644 (file)
 #include <openssl/fips.h>
 #include <openssl/evp.h>
 
-static int fips_rsa_pairwise_fail = 0;
-
-void FIPS_corrupt_rsa_keygen(void)
-       {
-       fips_rsa_pairwise_fail = 1;
-       }
-
 int fips_check_rsa(RSA *rsa)
        {
        const unsigned char tbs[] = "RSA Pairwise Check Data";
@@ -290,9 +283,6 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
        if (!BN_mod_inverse(rsa->iqmp,rsa->q,p,ctx)) goto err;
 
 #ifdef OPENSSL_FIPS
-       if (fips_rsa_pairwise_fail)
-               BN_add_word(rsa->n, 1);
-
        if(!fips_check_rsa(rsa))
            goto err;
 #endif
index 457dabd..403f4b7 100644 (file)
@@ -57,9 +57,9 @@
 #ifdef OPENSSL_FIPS
 static struct
     {
-    unsigned char key[16];
-    unsigned char plaintext[16];
-    unsigned char ciphertext[16];
+    const unsigned char key[16];
+    const unsigned char plaintext[16];
+    const unsigned char ciphertext[16];
     } tests[]=
        {
        {
@@ -72,11 +72,6 @@ static struct
        },
        };
 
-void FIPS_corrupt_aes()
-    {
-    tests[0].key[0]++;
-    }
-
 int FIPS_selftest_aes()
     {
     int n;
index 9eea546..9d027c9 100644 (file)
 
 static struct
     {
-    unsigned char key[16];
-    unsigned char plaintext[8];
-    unsigned char ciphertext[8];
-    } tests2[]=
-       {
-       {
-       { 0x7c,0x4f,0x6e,0xf7,0xa2,0x04,0x16,0xec,
-         0x0b,0x6b,0x7c,0x9e,0x5e,0x19,0xa7,0xc4 },
-       { 0x06,0xa7,0xd8,0x79,0xaa,0xce,0x69,0xef },
-       { 0x4c,0x11,0x17,0x55,0xbf,0xc4,0x4e,0xfd }
-       },
-       {
-       { 0x5d,0x9e,0x01,0xd3,0x25,0xc7,0x3e,0x34,
-         0x01,0x16,0x7c,0x85,0x23,0xdf,0xe0,0x68 },
-       { 0x9c,0x50,0x09,0x0f,0x5e,0x7d,0x69,0x7e },
-       { 0xd2,0x0b,0x18,0xdf,0xd9,0x0d,0x9e,0xff },
-       }
-       };
-
-static struct
-    {
-    unsigned char key[24];
-    unsigned char plaintext[8];
-    unsigned char ciphertext[8];
+    const unsigned char key[24];
+    const unsigned char plaintext[8];
+    const unsigned char ciphertext[8];
     } tests3[]=
        {
        {
@@ -101,11 +80,6 @@ static struct
        },
        };
 
-void FIPS_corrupt_des()
-    {
-    tests2[0].plaintext[0]++;
-    }
-
 int FIPS_selftest_des()
     {
     int n, ret = 0;
index 8d89425..9617ab1 100644 (file)
@@ -84,7 +84,7 @@ static const unsigned char dsa_test_2048_p[] = {
        0x2c,0x8d,0x74,0x69,0xdb,0x02,0xe2,0x4d,0x59,0x23,0x94,0xa7,
        0xdb,0xa0,0x69,0xe9
 };
-static unsigned char dsa_test_2048_q[] = {
+static const unsigned char dsa_test_2048_q[] = {
        0xd2,0x77,0x04,0x4e,0x50,0xf5,0xa4,0xe3,0xf5,0x10,0xa5,0x0a,
        0x0b,0x84,0xfd,0xff,0xbc,0xa0,0x47,0xed,0x27,0x60,0x20,0x56,
        0x74,0x41,0xa0,0xa5
@@ -144,11 +144,6 @@ static const unsigned char dsa_test_2048_priv_key[] = {
        0xec,0x55,0xf6,0xcc
 };
 
-void FIPS_corrupt_dsa()
-    {
-    ++dsa_test_2048_q[0];
-    }
-
 int FIPS_selftest_dsa()
        {
        DSA *dsa=NULL;
index 6949480..8681005 100644 (file)
@@ -67,7 +67,7 @@
 
 static const char P_384_name[] = "ECDSA P-384";
 
-static unsigned char P_384_d[] = {
+static const unsigned char P_384_d[] = {
        0x1d,0x84,0x42,0xde,0xa2,0x35,0x29,0xbd,0x9f,0xe2,0x6e,0x6d,
        0x01,0x26,0x30,0x79,0x33,0x57,0x01,0xf3,0x97,0x88,0x41,0xb3,
        0x82,0x07,0x08,0x5e,0x63,0x8e,0x1a,0xa6,0x9b,0x08,0xb6,0xe2,
@@ -86,11 +86,6 @@ static const unsigned char P_384_qy[] = {
        0xfc,0x03,0xe5,0x12,0x50,0x17,0x98,0x7f,0x14,0x7e,0x95,0x17
 };
 
-void FIPS_corrupt_ecdsa()
-       {
-       P_384_d[0]++;
-       }
-
 #ifndef OPENSSL_NO_EC2M
 
 static const char K_409_name[] = "ECDSA K-409";
index 4bc77f0..1e4b109 100644 (file)
@@ -72,23 +72,14 @@ const void *FIPS_rand_check(void);
 int FIPS_selftest(void);
 int FIPS_selftest_failed(void);
 void FIPS_selftest_check(void);
-void FIPS_corrupt_sha1(void);
 int FIPS_selftest_sha1(void);
-void FIPS_corrupt_aes(void);
 int FIPS_selftest_aes_gcm(void);
 void FIPS_corrupt_aes_gcm(void);
 int FIPS_selftest_aes(void);
-void FIPS_corrupt_des(void);
 int FIPS_selftest_des(void);
-void FIPS_corrupt_rsa(void);
-void FIPS_corrupt_rsa_keygen(void);
 int FIPS_selftest_rsa(void);
-void FIPS_corrupt_dsa(void);
-void FIPS_corrupt_dsa_keygen(void);
 int FIPS_selftest_dsa(void);
 int FIPS_selftest_ecdsa(void);
-void FIPS_corrupt_ecdsa(void);
-void FIPS_corrupt_ec_keygen(void);
 void FIPS_corrupt_x931(void);
 void FIPS_corrupt_drbg(void);
 void FIPS_x931_stick(void);
index e71ab11..168db53 100644 (file)
@@ -826,8 +826,6 @@ static int post_cb(int op, int id, int subid, void *ex)
 
 int main(int argc,char **argv)
     {
-
-    int do_corrupt_rsa_keygen = 0, do_corrupt_dsa_keygen = 0;
     int bad_rsa = 0, bad_dsa = 0;
     int do_rng_stick = 0;
     int do_drbg_stick = 0;
@@ -917,10 +915,6 @@ int main(int argc,char **argv)
     test_msg("2. Automatic power-up self test", FIPS_mode_set(1));
     if (!FIPS_mode())
        exit(1);
-    if (do_corrupt_dsa_keygen)
-            FIPS_corrupt_dsa_keygen();
-    if (do_corrupt_rsa_keygen)
-            FIPS_corrupt_rsa_keygen();
     if (do_drbg_stick)
             FIPS_drbg_stick();
     if (do_rng_stick)
index 0f6c5ff..df03b6a 100644 (file)
@@ -61,7 +61,7 @@
 
 #ifdef OPENSSL_FIPS
 
-static unsigned char rsa_test_2048_n[] = {
+static const unsigned char rsa_test_2048_n[] = {
        0xDB,0x10,0x1A,0xC2,0xA3,0xF1,0xDC,0xFF,0x13,0x6B,0xED,0x44,
        0xDF,0xF0,0x02,0x6D,0x13,0xC7,0x88,0xDA,0x70,0x6B,0x54,0xF1,
        0xE8,0x27,0xDC,0xC3,0x0F,0x99,0x6A,0xFA,0xC6,0x67,0xFF,0x1D,
@@ -193,11 +193,6 @@ static int setrsakey(RSA *k)
        return 0;
        }
 
-void FIPS_corrupt_rsa()
-    {
-    rsa_test_2048_n[0]++;
-    }
-
 /* Known Answer Test (KAT) data for the above RSA private key signing
  * kat_tbs.
  */
index e0f0c12..3c8ca2b 100644 (file)
@@ -56,7 +56,7 @@
 #include <openssl/sha.h>
 
 #ifdef OPENSSL_FIPS
-static unsigned char test[][60]=
+static const unsigned char test[][60]=
     {
     "",
     "abc",
@@ -73,11 +73,6 @@ static const unsigned char ret[][SHA_DIGEST_LENGTH]=
       0x4a,0xa1,0xf9,0x51,0x29,0xe5,0xe5,0x46,0x70,0xf1 },
     };
 
-void FIPS_corrupt_sha1()
-    {
-    test[2][0]++;
-    }
-
 int FIPS_selftest_sha1()
        {
        int rv = 1;