../crypto/bn/bn_word.o \
../crypto/bn/bn_x931p.o \
../crypto/buffer/buf_str.o \
+ ../crypto/cmac/cmac.o \
../crypto/cryptlib.o \
../crypto/des/cfb64ede.o \
../crypto/des/cfb64enc.o \
* ====================================================================
*/
+#define OPENSSL_FIPSAPI
+
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
return 0;
if (!EVP_CIPHER_CTX_copy(&out->cctx, &in->cctx))
return 0;
- bl = EVP_CIPHER_CTX_block_size(&in->cctx);
+ bl = M_EVP_CIPHER_CTX_block_size(&in->cctx);
memcpy(out->k1, in->k1, bl);
memcpy(out->k2, in->k2, bl);
memcpy(out->tbl, in->tbl, bl);
/* Not initialised */
if (ctx->nlast_block == -1)
return 0;
- if (!EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, zero_iv))
+ if (!M_EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, zero_iv))
return 0;
return 1;
}
/* Initialiase context */
- if (cipher && !EVP_EncryptInit_ex(&ctx->cctx, cipher, impl, NULL, NULL))
+ if (cipher && !M_EVP_EncryptInit_ex(&ctx->cctx, cipher, impl, NULL, NULL))
return 0;
/* Non-NULL key means initialisation complete */
if (key)
{
int bl;
- if (!EVP_CIPHER_CTX_cipher(&ctx->cctx))
+ if (!M_EVP_CIPHER_CTX_cipher(&ctx->cctx))
return 0;
if (!EVP_CIPHER_CTX_set_key_length(&ctx->cctx, keylen))
return 0;
- if (!EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, key, zero_iv))
+ if (!M_EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, key, zero_iv))
return 0;
- bl = EVP_CIPHER_CTX_block_size(&ctx->cctx);
+ bl = M_EVP_CIPHER_CTX_block_size(&ctx->cctx);
if (!EVP_Cipher(&ctx->cctx, ctx->tbl, zero_iv, bl))
return 0;
make_kn(ctx->k1, ctx->tbl, bl);
make_kn(ctx->k2, ctx->k1, bl);
OPENSSL_cleanse(ctx->tbl, bl);
/* Reset context again ready for first data block */
- if (!EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, zero_iv))
+ if (!M_EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, zero_iv))
return 0;
/* Zero tbl so resume works */
memset(ctx->tbl, 0, bl);
return 0;
if (dlen == 0)
return 1;
- bl = EVP_CIPHER_CTX_block_size(&ctx->cctx);
+ bl = M_EVP_CIPHER_CTX_block_size(&ctx->cctx);
/* Copy into partial block if we need to */
if (ctx->nlast_block > 0)
{
int i, bl, lb;
if (ctx->nlast_block == -1)
return 0;
- bl = EVP_CIPHER_CTX_block_size(&ctx->cctx);
+ bl = M_EVP_CIPHER_CTX_block_size(&ctx->cctx);
*poutlen = (size_t)bl;
if (!out)
return 1;
* So reinitliasing using the last decrypted block will allow
* CMAC to continue after calling CMAC_Final().
*/
- return EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, ctx->tbl);
+ return M_EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, ctx->tbl);
}
#define M_EVP_MD_CTX_type(e) M_EVP_MD_type(M_EVP_MD_CTX_md(e))
#define M_EVP_MD_CTX_md(e) ((e)->digest)
-#define M_EVP_CIPHER_CTX_iv_length(e) (e->cipher->iv_len)
-#define M_EVP_CIPHER_CTX_flags(e) (e->cipher->flags)
+#define M_EVP_CIPHER_CTX_iv_length(e) ((e)->cipher->iv_len)
+#define M_EVP_CIPHER_CTX_flags(e) ((e)->cipher->flags)
+#define M_EVP_CIPHER_CTX_block_size(e) ((e)->cipher->block_size)
+#define M_EVP_CIPHER_CTX_cipher(e) ((e)->cipher)
#define M_EVP_CIPHER_CTX_mode(e) (M_EVP_CIPHER_CTX_flags(e) & EVP_CIPH_MODE)
#define M_EVP_CIPHER_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs))
+#define M_EVP_EncryptInit(ctx,ciph,key,iv) \
+ (EVP_CipherInit(ctx,ciph,key,iv,1))
+#define M_EVP_EncryptInit_ex(ctx,ciph,impl,key,iv) \
+ (EVP_CipherInit_ex(ctx,ciph,impl,key,iv,1))
+#define M_EVP_DecryptInit(ctx,ciph,key,iv) \
+ (EVP_CipherInit(ctx,ciph,key,iv,0))
+#define M_EVP_DecryptInit_ex(ctx,ciph,impl,key,iv) \
+ (EVP_CipherInit_ex(ctx,ciph,impl,key,iv,0))
+
int EVP_MD_type(const EVP_MD *md);
#define EVP_MD_nid(e) EVP_MD_type(e)
#define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_nid(e))
#define EVP_F_EVP_SIGNFINAL 107
#define EVP_F_EVP_VERIFYFINAL 108
#define EVP_F_FIPS_CIPHERINIT 166
+#define EVP_F_FIPS_CIPHER_CTX_COPY 170
#define EVP_F_FIPS_CIPHER_CTX_CTRL 167
+#define EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH 171
#define EVP_F_FIPS_DIGESTINIT 168
#define EVP_F_FIPS_MD_CTX_COPY 169
#define EVP_F_INT_CTX_NEW 157
LIBS=
-FDIRS=sha rand des aes dsa ecdh ecdsa rsa dh hmac utl
+FDIRS=sha rand des aes dsa ecdh ecdsa rsa dh cmac hmac utl
GENERAL=Makefile README fips-lib.com install.com
LIBOBJ=fips.o
FIPS_OBJ_LISTS=sha/lib hmac/lib rand/lib des/lib aes/lib dsa/lib rsa/lib \
- dh/lib utl/lib ecdsa/lib
+ dh/lib utl/lib ecdsa/lib cmac/lib
SRC= $(LIBSRC)
--- /dev/null
+#
+# OpenSSL/fips/cmac/Makefile
+#
+
+DIR= cmac
+TOP= ../..
+CC= cc
+INCLUDES=
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR= /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKEDEPPROG= makedepend
+MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE= Makefile
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=fips_cmactest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= fips_cmac_selftest.c
+LIBOBJ= fips_cmac_selftest.o
+
+SRC= $(LIBSRC)
+
+EXHEADER=
+HEADER= $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ @echo $(LIBOBJ) > lib
+
+files:
+ $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+ @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER)
+ @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST)
+ @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS)
+
+install:
+ @headerlist="$(EXHEADER)"; for i in $$headerlist; \
+ do \
+ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+ done
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+Q=../testvectors/cmac/req
+A=../testvectors/cmac/rsp
+
+fips_test:
+ -rm -rf $(A)
+ mkdir $(A)
+ if [ -f $(Q)/CMACGenAES256.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_cmactest -g < $(Q)/CMACGenAES256.req > $(A)/CMACGenAES256.rsp; fi
+ if [ -f $(Q)/CMACVerAES256.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_cmactest -v < $(Q)/CMACVerAES256.req > $(A)/CMACVerAES256.rsp; fi
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(SRC) $(TEST)
+
+dclean:
+ $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+fips_cmac_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+fips_cmac_selftest.o: ../../include/openssl/cmac.h
+fips_cmac_selftest.o: ../../include/openssl/crypto.h
+fips_cmac_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+fips_cmac_selftest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
+fips_cmac_selftest.o: ../../include/openssl/lhash.h
+fips_cmac_selftest.o: ../../include/openssl/obj_mac.h
+fips_cmac_selftest.o: ../../include/openssl/objects.h
+fips_cmac_selftest.o: ../../include/openssl/opensslconf.h
+fips_cmac_selftest.o: ../../include/openssl/opensslv.h
+fips_cmac_selftest.o: ../../include/openssl/ossl_typ.h
+fips_cmac_selftest.o: ../../include/openssl/safestack.h
+fips_cmac_selftest.o: ../../include/openssl/stack.h
+fips_cmac_selftest.o: ../../include/openssl/symhacks.h fips_cmac_selftest.c
+fips_cmactest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+fips_cmactest.o: ../../include/openssl/bn.h ../../include/openssl/cmac.h
+fips_cmactest.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+fips_cmactest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+fips_cmactest.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
+fips_cmactest.o: ../../include/openssl/obj_mac.h
+fips_cmactest.o: ../../include/openssl/objects.h
+fips_cmactest.o: ../../include/openssl/opensslconf.h
+fips_cmactest.o: ../../include/openssl/opensslv.h
+fips_cmactest.o: ../../include/openssl/ossl_typ.h
+fips_cmactest.o: ../../include/openssl/safestack.h
+fips_cmactest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+fips_cmactest.o: ../fips_utl.h fips_cmactest.c
--- /dev/null
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#define OPENSSL_FIPSAPI
+
+#include <string.h>
+#include <openssl/err.h>
+#include <openssl/fips.h>
+#include <openssl/cmac.h>
+
+#ifdef OPENSSL_FIPS
+typedef struct {
+ const EVP_CIPHER *(*alg)(void);
+ const unsigned char key[EVP_MAX_KEY_LENGTH]; int keysize;
+ const unsigned char msg[64]; int msgsize;
+ const unsigned char mac[32]; int macsize;
+} CMAC_KAT;
+
+/* from http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf */
+static const CMAC_KAT vector[] = {
+ { EVP_aes_128_cbc, /* Example 3: Mlen = 320 */
+ { 0x2b,0x7e,0x15,0x16,0x28,0xae,0xd2,0xa6,
+ 0xab,0xf7,0x15,0x88,0x09,0xcf,0x4f,0x3c }, 128,
+ { 0x6b,0xc1,0xbe,0xe2, 0x2e,0x40,0x9f,0x96,
+ 0xe9,0x3d,0x7e,0x11, 0x73,0x93,0x17,0x2a,
+ 0xae,0x2d,0x8a,0x57, 0x1e,0x03,0xac,0x9c,
+ 0x9e,0xb7,0x6f,0xac, 0x45,0xaf,0x8e,0x51,
+ 0x30,0xc8,0x1c,0x46, 0xa3,0x5c,0xe4,0x11 }, 320,
+ { 0xdf,0xa6,0x67,0x47, 0xde,0x9a,0xe6,0x30,
+ 0x30,0xca,0x32,0x61, 0x14,0x97,0xc8,0x27 }, 128
+ },
+ { EVP_aes_192_cbc, /* Example 5: Mlen = 0 */
+ { 0x8e,0x73,0xb0,0xf7, 0xda,0x0e,0x64,0x52,
+ 0xc8,0x10,0xf3,0x2b, 0x80,0x90,0x79,0xe5,
+ 0x62,0xf8,0xea,0xd2, 0x52,0x2c,0x6b,0x7b, }, 192,
+ { 0x0 }, 0,
+ { 0xd1,0x7d,0xdf,0x46, 0xad,0xaa,0xcd,0xe5,
+ 0x31,0xca,0xc4,0x83, 0xde,0x7a,0x93,0x67, }, 128
+ },
+ { EVP_aes_256_cbc, /* Example 12: Mlen = 512 */
+ { 0x60,0x3d,0xeb,0x10, 0x15,0xca,0x71,0xbe,
+ 0x2b,0x73,0xae,0xf0, 0x85,0x7d,0x77,0x81,
+ 0x1f,0x35,0x2c,0x07, 0x3b,0x61,0x08,0xd7,
+ 0x2d,0x98,0x10,0xa3, 0x09,0x14,0xdf,0xf4, }, 256,
+ { 0x6b,0xc1,0xbe,0xe2, 0x2e,0x40,0x9f,0x96,
+ 0xe9,0x3d,0x7e,0x11, 0x73,0x93,0x17,0x2a,
+ 0xae,0x2d,0x8a,0x57, 0x1e,0x03,0xac,0x9c,
+ 0x9e,0xb7,0x6f,0xac, 0x45,0xaf,0x8e,0x51,
+ 0x30,0xc8,0x1c,0x46, 0xa3,0x5c,0xe4,0x11,
+ 0xe5,0xfb,0xc1,0x19, 0x1a,0x0a,0x52,0xef,
+ 0xf6,0x9f,0x24,0x45, 0xdf,0x4f,0x9b,0x17,
+ 0xad,0x2b,0x41,0x7b, 0xe6,0x6c,0x37,0x10, }, 512,
+ { 0xe1,0x99,0x21,0x90, 0x54,0x9f,0x6e,0xd5,
+ 0x69,0x6a,0x2c,0x05, 0x6c,0x31,0x54,0x10, }, 128,
+ },
+# if 0
+ /* Removed because the actual result was:
+ 0x74,0x3d,0xdb,0xe0, 0xce,0x2d,0xc2,0xed
+ I suspect an error on my part -- Richard Levitte
+ */
+ { EVP_des_ede3_cbc, /* Example 15: Mlen = 160 */
+ { 0x8a,0xa8,0x3b,0xf8, 0xcb,0xda,0x10,0x62,
+ 0x0b,0xc1,0xbf,0x19, 0xfb,0xb6,0xcd,0x58,
+ 0xbc,0x31,0x3d,0x4a, 0x37,0x1c,0xa8,0xb5, }, 192,
+ { 0x6b,0xc1,0xbe,0xe2, 0x2e,0x40,0x9f,0x96,
+ 0xe9,0x3d,0x7e,0x11, 0x73,0x93,0x17,0x2a,
+ 0xae,0x2d,0x8a,0x57, }, 160,
+ { 0xd3,0x2b,0xce,0xbe, 0x43,0xd2,0x3d,0x80, }, 64,
+ },
+# endif
+};
+
+int FIPS_selftest_cmac()
+ {
+ size_t n;
+ unsigned int outlen;
+ unsigned char out[32];
+ const EVP_CIPHER *cipher;
+ CMAC_CTX *ctx = CMAC_CTX_new();
+ const CMAC_KAT *t;
+
+ for(n=0,t=vector; n<sizeof(vector)/sizeof(vector[0]); n++,t++)
+ {
+ cipher = (*t->alg)();
+ CMAC_Init(ctx, t->key, t->keysize/8, cipher, 0);
+ CMAC_Update(ctx, t->msg, t->msgsize/8);
+ CMAC_Final(ctx, out, &outlen);
+ CMAC_CTX_cleanup(ctx);
+
+ if(outlen != t->macsize/8 || memcmp(out,t->mac,outlen))
+ {
+ FIPSerr(FIPS_F_FIPS_SELFTEST_CMAC,FIPS_R_SELFTEST_FAILED);
+ return 0;
+ }
+ }
+
+ CMAC_CTX_free(ctx);
+ return 1;
+ }
+#endif
--- /dev/null
+/* fips_cmactest.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 2005 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#define OPENSSL_FIPSAPI
+
+#include <stdio.h>
+#include <ctype.h>
+#include <string.h>
+#include <openssl/bio.h>
+#include <openssl/evp.h>
+#include <openssl/cmac.h>
+#include <openssl/err.h>
+#include <openssl/bn.h>
+
+#ifndef OPENSSL_FIPS
+
+int main(int argc, char *argv[])
+{
+ printf("No FIPS CMAC support\n");
+ return(0);
+}
+
+#else
+
+#include <openssl/fips.h>
+#include "fips_utl.h"
+
+static int cmac_test(const EVP_CIPHER *cipher, FILE *out, FILE *in, int mode);
+static int print_cmac_gen(const EVP_CIPHER *cipher, FILE *out,
+ unsigned char *Key, int Klen,
+ unsigned char *Msg, int Msglen,
+ int Tlen);
+static int print_cmac_ver(const EVP_CIPHER *cipher, FILE *out,
+ unsigned char *Key, int Klen,
+ unsigned char *Msg, int Msglen,
+ unsigned char *Mac, int Maclen,
+ int Tlen);
+
+int main(int argc, char **argv)
+ {
+ FILE *in = NULL, *out = NULL;
+ int mode = 0; /* 0 => Generate, 1 => Verify */
+
+ int ret = 1;
+ fips_set_error_print();
+ if(!FIPS_mode_set(1))
+ goto end;
+
+ if (argc > 1 && argv[1][0] == '-')
+ {
+ if (strcmp(argv[1], "-g") == 0)
+ mode = 0;
+ else if (strcmp(argv[1], "-v") == 0)
+ mode = 1;
+ else
+ {
+ fprintf(stderr, "Unknown option %s\n", argv[1]);
+ goto end;
+ }
+ argv++;
+ argc--;
+ }
+ if (argc == 1)
+ in = stdin;
+ else
+ in = fopen(argv[1], "r");
+
+ if (argc < 2)
+ out = stdout;
+ else
+ out = fopen(argv[2], "w");
+
+ if (!in)
+ {
+ fprintf(stderr, "FATAL input initialization error\n");
+ goto end;
+ }
+
+ if (!out)
+ {
+ fprintf(stderr, "FATAL output initialization error\n");
+ goto end;
+ }
+
+ if (!cmac_test(EVP_aes_256_cbc(), out, in, mode))
+ {
+ fprintf(stderr, "FATAL cmac file processing error\n");
+ goto end;
+ }
+ else
+ ret = 0;
+
+ end:
+
+ if (in && (in != stdin))
+ fclose(in);
+ if (out && (out != stdout))
+ fclose(out);
+
+ return ret;
+
+ }
+
+#define CMAC_TEST_MAXLINELEN 1024
+
+int cmac_test(const EVP_CIPHER *cipher, FILE *out, FILE *in, int mode)
+ {
+ char *linebuf, *olinebuf, *p, *q;
+ char *keyword, *value;
+ unsigned char *Key = NULL, *Msg = NULL, *Mac = NULL;
+ int Count, Klen, Mlen, Tlen;
+ long Keylen, Msglen, Maclen;
+ int ret = 0;
+ int lnum = 0;
+
+ olinebuf = OPENSSL_malloc(CMAC_TEST_MAXLINELEN);
+ linebuf = OPENSSL_malloc(CMAC_TEST_MAXLINELEN);
+
+ if (!linebuf || !olinebuf)
+ goto error;
+
+ Count = -1;
+ Klen = -1;
+ Mlen = -1;
+ Tlen = -1;
+
+ while (fgets(olinebuf, CMAC_TEST_MAXLINELEN, in))
+ {
+ lnum++;
+ strcpy(linebuf, olinebuf);
+ keyword = linebuf;
+ /* Skip leading space */
+ while (isspace((unsigned char)*keyword))
+ keyword++;
+
+ /* Skip comments */
+ if (keyword[0] == '#')
+ {
+ if (fputs(olinebuf, out) < 0)
+ goto error;
+ continue;
+ }
+
+ /* Look for = sign */
+ p = strchr(linebuf, '=');
+
+ /* If no = or starts with [ (for [L=20] line) just copy */
+ if (!p)
+ {
+ if (fputs(olinebuf, out) < 0)
+ goto error;
+ continue;
+ }
+
+ q = p - 1;
+
+ /* Remove trailing space */
+ while (isspace((unsigned char)*q))
+ *q-- = 0;
+
+ *p = 0;
+ value = p + 1;
+
+ /* Remove leading space from value */
+ while (isspace((unsigned char)*value))
+ value++;
+
+ /* Remove trailing space from value */
+ p = value + strlen(value) - 1;
+
+ while (*p == '\n' || isspace((unsigned char)*p))
+ *p-- = 0;
+
+ if (!strcmp(keyword, "Count"))
+ {
+ if (Count != -1)
+ goto parse_error;
+ Count = atoi(value);
+ if (Count < 0)
+ goto parse_error;
+ }
+ else if (!strcmp(keyword, "Klen"))
+ {
+ if (Klen != -1)
+ goto parse_error;
+ Klen = atoi(value);
+ if (Klen < 0)
+ goto parse_error;
+ }
+ else if (!strcmp(keyword, "Mlen"))
+ {
+ if (Mlen != -1)
+ goto parse_error;
+ Mlen = atoi(value);
+ if (Mlen < 0)
+ goto parse_error;
+ }
+ else if (!strcmp(keyword, "Tlen"))
+ {
+ if (Tlen != -1)
+ goto parse_error;
+ Tlen = atoi(value);
+ if (Tlen < 0)
+ goto parse_error;
+ }
+ else if (!strcmp(keyword, "Key"))
+ {
+ if (Key)
+ goto parse_error;
+ Key = hex2bin_m(value, &Keylen);
+ if (!Key)
+ goto parse_error;
+ }
+ else if (!strcmp(keyword, "Msg"))
+ {
+ if (Msg)
+ goto parse_error;
+ Msg = hex2bin_m(value, &Msglen);
+ if (!Msg)
+ goto parse_error;
+ }
+ else if (!strcmp(keyword, "Mac"))
+ {
+ if (mode == 0)
+ continue;
+ if (Mac)
+ goto parse_error;
+ Mac = hex2bin_m(value, &Maclen);
+ if (!Mac)
+ goto parse_error;
+ }
+ else if (!strcmp(keyword, "Result"))
+ {
+ if (mode == 1)
+ continue;
+ goto parse_error;
+ }
+ else
+ goto parse_error;
+
+ fputs(olinebuf, out);
+
+ switch(mode)
+ {
+ case 0:
+ if (Key && Msg && (Tlen > 0) && (Klen > 0))
+ {
+ if (!print_cmac_gen(cipher, out,
+ Key, Klen,
+ Msg, Mlen,
+ Tlen))
+ goto error;
+ OPENSSL_free(Key);
+ Key = NULL;
+ OPENSSL_free(Msg);
+ Msg = NULL;
+ Klen = -1;
+ Mlen = -1;
+ Tlen = -1;
+ Count = -1;
+ }
+ break;
+ case 1:
+ if (Key && Msg && Mac && (Tlen > 0) && (Klen > 0))
+ {
+ if (!print_cmac_ver(cipher, out,
+ Key, Klen,
+ Msg, Mlen,
+ Mac, Maclen,
+ Tlen))
+ goto error;
+ OPENSSL_free(Key);
+ Key = NULL;
+ OPENSSL_free(Msg);
+ Msg = NULL;
+ OPENSSL_free(Mac);
+ Mac = NULL;
+ Klen = -1;
+ Mlen = -1;
+ Tlen = -1;
+ Count = -1;
+ }
+ break;
+ }
+
+ }
+
+
+ ret = 1;
+
+
+ error:
+
+ if (olinebuf)
+ OPENSSL_free(olinebuf);
+ if (linebuf)
+ OPENSSL_free(linebuf);
+ if (Key)
+ OPENSSL_free(Key);
+ if (Msg)
+ OPENSSL_free(Msg);
+
+ return ret;
+
+ parse_error:
+
+ fprintf(stderr, "FATAL parse error processing line %d\n", lnum);
+
+ goto error;
+
+ }
+
+static int print_cmac_gen(const EVP_CIPHER *cipher, FILE *out,
+ unsigned char *Key, int Klen,
+ unsigned char *Msg, int Mlen,
+ int Tlen)
+ {
+ int rc, i;
+ size_t reslen;
+ unsigned char res[1024];
+ CMAC_CTX *cmac_ctx = CMAC_CTX_new();
+
+ CMAC_Init(cmac_ctx, Key, Klen, cipher, 0);
+ CMAC_Update(cmac_ctx, Msg, Mlen);
+ if (!CMAC_Final(cmac_ctx, res, &reslen))
+ {
+ fputs("Error calculating CMAC\n", stderr);
+ rc = 0;
+ }
+ else if (Tlen > reslen)
+ {
+ fputs("Parameter error, Tlen > CMAC length\n", stderr);
+ rc = 0;
+ }
+ else
+ {
+ fputs("Mac = ", out);
+ for (i = 0; i < Tlen; i++)
+ fprintf(out, "%02x", res[i]);
+ fputs("\n", out);
+ rc = 1;
+ }
+ CMAC_CTX_free(cmac_ctx);
+ return rc;
+ }
+
+static int print_cmac_ver(const EVP_CIPHER *cipher, FILE *out,
+ unsigned char *Key, int Klen,
+ unsigned char *Msg, int Mlen,
+ unsigned char *Mac, int Maclen,
+ int Tlen)
+ {
+ int rc;
+ size_t reslen;
+ unsigned char res[1024];
+ CMAC_CTX *cmac_ctx = CMAC_CTX_new();
+
+ CMAC_Init(cmac_ctx, Key, Klen, cipher, 0);
+ CMAC_Update(cmac_ctx, Msg, Mlen);
+ if (!CMAC_Final(cmac_ctx, res, &reslen))
+ {
+ fputs("Error calculating CMAC\n", stderr);
+ rc = 0;
+ }
+ else if (Tlen > reslen)
+ {
+ fputs("Parameter error, Tlen > CMAC length\n", stderr);
+ rc = 0;
+ }
+ else if (Tlen != Maclen)
+ {
+ fputs("Parameter error, Tlen != resulting Mac length\n", stderr);
+ rc = 0;
+ }
+ else
+ {
+ if (!memcmp(Mac, res, Maclen))
+ fputs("Result = P\n", out);
+ else
+ fputs("Result = F\n", out);
+ }
+ CMAC_CTX_free(cmac_ctx);
+ return rc;
+ }
+
+#endif
--- /dev/null
+fips_cmac_selftest.o
return FIPS_selftest_sha1()
&& FIPS_selftest_hmac()
+ && FIPS_selftest_cmac()
&& FIPS_selftest_aes()
&& FIPS_selftest_aes_gcm()
&& FIPS_selftest_des()
int FIPS_selftest_rng(void);
int FIPS_selftest_hmac(void);
int FIPS_selftest_drbg(void);
+int FIPS_selftest_cmac(void);
unsigned int FIPS_incore_fingerprint(unsigned char *sig,unsigned int len);
int FIPS_check_incore_fingerprint(void);
#define EVP_CIPHER_CTX_ctrl FIPS_cipher_ctx_ctrl
#define EVP_CIPHER_CTX_new FIPS_cipher_ctx_new
#define EVP_CIPHER_CTX_free FIPS_cipher_ctx_free
+#define EVP_CIPHER_CTX_copy FIPS_cipher_ctx_copy
+#define EVP_CIPHER_CTX_set_key_length FIPS_cipher_ctx_set_key_length
#define DSA_SIG_new FIPS_dsa_sig_new
#define DSA_SIG_free FIPS_dsa_sig_free
#define FIPS_F_FIPS_PKEY_SIGNATURE_TEST 109
#define FIPS_F_FIPS_SELFTEST_AES 110
#define FIPS_F_FIPS_SELFTEST_AES_GCM 130
+#define FIPS_F_FIPS_SELFTEST_CMAC 139
#define FIPS_F_FIPS_SELFTEST_DES 111
#define FIPS_F_FIPS_SELFTEST_DSA 112
#define FIPS_F_FIPS_SELFTEST_ECDSA 131
return ret;
}
+int FIPS_cipher_ctx_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
+ {
+ if ((in == NULL) || (in->cipher == NULL))
+ {
+ EVPerr(EVP_F_FIPS_CIPHER_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED);
+ return 0;
+ }
+
+ /* Only FIPS ciphers allowed */
+ if (FIPS_mode() && !(in->cipher->flags & EVP_CIPH_FLAG_FIPS) &&
+ !(out->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW))
+ {
+ EVPerr(EVP_F_FIPS_CIPHER_CTX_COPY, EVP_R_DISABLED_FOR_FIPS);
+ out->cipher = &bad_cipher;
+ return 0;
+ }
+
+ FIPS_cipher_ctx_cleanup(out);
+ memcpy(out,in,sizeof *out);
+
+ if (in->cipher_data && in->cipher->ctx_size)
+ {
+ out->cipher_data=OPENSSL_malloc(in->cipher->ctx_size);
+ if (!out->cipher_data)
+ {
+ EVPerr(EVP_F_FIPS_CIPHER_CTX_COPY,ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ memcpy(out->cipher_data,in->cipher_data,in->cipher->ctx_size);
+ }
+
+ if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY)
+ return in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out);
+ return 1;
+ }
+
+/* You can't really set the key length with FIPS, so just check that the
+ caller sets the length the context already has. */
+int FIPS_cipher_ctx_set_key_length(EVP_CIPHER_CTX *ctx, int keylen)
+ {
+ if (ctx->key_len == keylen)
+ return 1;
+
+ EVPerr(EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH,EVP_R_INVALID_KEY_LENGTH);
+ return 0;
+ }
+
+
int FIPS_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, unsigned int inl)