openssl/fips/sha/fips_shatest.c

387 lines
8.5 KiB
C
Raw Normal View History

2011-01-26 01:09:52 +00:00
/* fips_shatest.c */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2005.
*/
/* ====================================================================
* Copyright (c) 2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#define OPENSSL_FIPSAPI
2011-01-26 01:09:52 +00:00
#include <stdio.h>
#include <ctype.h>
#include <string.h>
#include <openssl/bio.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/bn.h>
#include <openssl/x509v3.h>
#ifndef OPENSSL_FIPS
int main(int argc, char *argv[])
{
printf("No FIPS SHAXXX support\n");
return(0);
}
#else
#include <openssl/fips.h>
#include "fips_utl.h"
static int dgst_test(FILE *out, FILE *in);
static int print_dgst(const EVP_MD *md, FILE *out,
unsigned char *Msg, int Msglen);
static int print_monte(const EVP_MD *md, FILE *out,
unsigned char *Seed, int SeedLen);
int main(int argc, char **argv)
{
FILE *in = NULL, *out = NULL;
int ret = 1;
fips_set_error_print();
if(!FIPS_mode_set(1))
goto end;
if (argc == 1)
in = stdin;
else
in = fopen(argv[1], "r");
if (argc < 2)
out = stdout;
else
out = fopen(argv[2], "w");
if (!in)
{
fprintf(stderr, "FATAL input initialization error\n");
goto end;
}
if (!out)
{
fprintf(stderr, "FATAL output initialization error\n");
goto end;
}
if (!dgst_test(out, in))
{
fprintf(stderr, "FATAL digest file processing error\n");
goto end;
}
else
ret = 0;
end:
if (in && (in != stdin))
fclose(in);
if (out && (out != stdout))
fclose(out);
return ret;
}
#define SHA_TEST_MAX_BITS 102400
#define SHA_TEST_MAXLINELEN (((SHA_TEST_MAX_BITS >> 3) * 2) + 100)
int dgst_test(FILE *out, FILE *in)
{
const EVP_MD *md = NULL;
char *linebuf, *olinebuf, *p, *q;
char *keyword, *value;
unsigned char *Msg = NULL, *Seed = NULL;
long MsgLen = -1, Len = -1, SeedLen = -1;
int ret = 0;
int lnum = 0;
olinebuf = OPENSSL_malloc(SHA_TEST_MAXLINELEN);
linebuf = OPENSSL_malloc(SHA_TEST_MAXLINELEN);
if (!linebuf || !olinebuf)
goto error;
while (fgets(olinebuf, SHA_TEST_MAXLINELEN, in))
{
lnum++;
strcpy(linebuf, olinebuf);
keyword = linebuf;
/* Skip leading space */
while (isspace((unsigned char)*keyword))
keyword++;
/* Look for = sign */
p = strchr(linebuf, '=');
/* If no = or starts with [ (for [L=20] line) just copy */
if (!p)
{
fputs(olinebuf, out);
continue;
}
q = p - 1;
/* Remove trailing space */
while (isspace((unsigned char)*q))
*q-- = 0;
*p = 0;
value = p + 1;
/* Remove leading space from value */
while (isspace((unsigned char)*value))
value++;
/* Remove trailing space from value */
p = value + strlen(value) - 1;
while (*p == '\n' || isspace((unsigned char)*p))
*p-- = 0;
if (!strcmp(keyword,"[L") && *p==']')
{
switch (atoi(value))
{
case 20: md=EVP_sha1(); break;
case 28: md=EVP_sha224(); break;
case 32: md=EVP_sha256(); break;
case 48: md=EVP_sha384(); break;
case 64: md=EVP_sha512(); break;
default: goto parse_error;
}
}
else if (!strcmp(keyword, "Len"))
{
if (Len != -1)
goto parse_error;
Len = atoi(value);
if (Len < 0)
goto parse_error;
/* Only handle multiples of 8 bits */
if (Len & 0x7)
goto parse_error;
if (Len > SHA_TEST_MAX_BITS)
goto parse_error;
MsgLen = Len >> 3;
}
else if (!strcmp(keyword, "Msg"))
{
long tmplen;
if (strlen(value) & 1)
*(--value) = '0';
if (Msg)
goto parse_error;
Msg = hex2bin_m(value, &tmplen);
if (!Msg)
goto parse_error;
}
else if (!strcmp(keyword, "Seed"))
{
if (strlen(value) & 1)
*(--value) = '0';
if (Seed)
goto parse_error;
Seed = hex2bin_m(value, &SeedLen);
if (!Seed)
goto parse_error;
}
else if (!strcmp(keyword, "MD"))
continue;
else
goto parse_error;
fputs(olinebuf, out);
if (md && Msg && (MsgLen >= 0))
{
if (!print_dgst(md, out, Msg, MsgLen))
goto error;
OPENSSL_free(Msg);
Msg = NULL;
MsgLen = -1;
Len = -1;
}
else if (md && Seed && (SeedLen > 0))
{
if (!print_monte(md, out, Seed, SeedLen))
goto error;
OPENSSL_free(Seed);
Seed = NULL;
SeedLen = -1;
}
}
ret = 1;
error:
if (olinebuf)
OPENSSL_free(olinebuf);
if (linebuf)
OPENSSL_free(linebuf);
if (Msg)
OPENSSL_free(Msg);
if (Seed)
OPENSSL_free(Seed);
return ret;
parse_error:
fprintf(stderr, "FATAL parse error processing line %d\n", lnum);
goto error;
}
static int print_dgst(const EVP_MD *emd, FILE *out,
unsigned char *Msg, int Msglen)
{
int i, mdlen;
unsigned char md[EVP_MAX_MD_SIZE];
if (!EVP_Digest(Msg, Msglen, md, (unsigned int *)&mdlen, emd, NULL))
{
fputs("Error calculating HASH\n", stderr);
return 0;
}
fputs("MD = ", out);
for (i = 0; i < mdlen; i++)
fprintf(out, "%02x", md[i]);
fputs("\n", out);
return 1;
}
static int print_monte(const EVP_MD *md, FILE *out,
unsigned char *Seed, int SeedLen)
{
unsigned int i, j, k;
int ret = 0;
EVP_MD_CTX ctx;
unsigned char *m1, *m2, *m3, *p;
unsigned int mlen, m1len, m2len, m3len;
EVP_MD_CTX_init(&ctx);
if (SeedLen > EVP_MAX_MD_SIZE)
mlen = SeedLen;
else
mlen = EVP_MAX_MD_SIZE;
m1 = OPENSSL_malloc(mlen);
m2 = OPENSSL_malloc(mlen);
m3 = OPENSSL_malloc(mlen);
if (!m1 || !m2 || !m3)
goto mc_error;
m1len = m2len = m3len = SeedLen;
memcpy(m1, Seed, SeedLen);
memcpy(m2, Seed, SeedLen);
memcpy(m3, Seed, SeedLen);
fputs("\n", out);
for (j = 0; j < 100; j++)
{
for (i = 0; i < 1000; i++)
{
EVP_DigestInit_ex(&ctx, md, NULL);
EVP_DigestUpdate(&ctx, m1, m1len);
EVP_DigestUpdate(&ctx, m2, m2len);
EVP_DigestUpdate(&ctx, m3, m3len);
p = m1;
m1 = m2;
m1len = m2len;
m2 = m3;
m2len = m3len;
m3 = p;
EVP_DigestFinal_ex(&ctx, m3, &m3len);
}
fprintf(out, "COUNT = %d\n", j);
fputs("MD = ", out);
for (k = 0; k < m3len; k++)
fprintf(out, "%02x", m3[k]);
fputs("\n\n", out);
memcpy(m1, m3, m3len);
memcpy(m2, m3, m3len);
m1len = m2len = m3len;
}
ret = 1;
mc_error:
if (m1)
OPENSSL_free(m1);
if (m2)
OPENSSL_free(m2);
if (m3)
OPENSSL_free(m3);
EVP_MD_CTX_cleanup(&ctx);
return ret;
}
#endif