wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Enforce minimum key sizes in FIPS mode.

Browse source
This commit is contained in:
Dr. Stephen Henson 2007-08-13 18:02:52 +00:00
parent 0a6e92a88f
commit 7f1288da93
11 changed files with 74 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
crypto/dh/dh.h
View file

@ -77,6 +77,8 @@
# define OPENSSL_DH_MAX_MODULUS_BITS 10000
#endif
#define OPENSSL_DH_FIPS_MIN_MODULUS_BITS 1024
#define DH_FLAG_CACHE_MONT_P 0x01
#define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
* implementation now uses constant time
@ -233,6 +235,7 @@ void ERR_load_DH_strings(void);
/* Reason codes. */
#define DH_R_BAD_GENERATOR 101
#define DH_R_INVALID_PUBKEY 102
#define DH_R_KEY_SIZE_TOO_SMALL 104
#define DH_R_MODULUS_TOO_LARGE 103
#define DH_R_NO_PRIVATE_VALUE 100

3
crypto/dh/dh_err.c
View file

@ -1,6 +1,6 @@
/* crypto/dh/dh_err.c */
/* ====================================================================
* Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
* Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -87,6 +87,7 @@ static ERR_STRING_DATA DH_str_reasons[]=
{
{ERR_REASON(DH_R_BAD_GENERATOR) ,"bad generator"},
{ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"},
{ERR_REASON(DH_R_KEY_SIZE_TOO_SMALL) ,"key size too small"},
{ERR_REASON(DH_R_MODULUS_TOO_LARGE) ,"modulus too large"},
{ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"},
{0,NULL}

4
crypto/dsa/dsa.h
View file

@ -88,6 +88,8 @@
# define OPENSSL_DSA_MAX_MODULUS_BITS 10000
#endif
#define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS 1024
#define DSA_FLAG_CACHE_MONT_P 0x01
#define DSA_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DSA
* implementation now uses constant time
@ -292,6 +294,7 @@ void ERR_load_DSA_strings(void);
#define DSA_F_DSAPARAMS_PRINT_FP 101
#define DSA_F_DSA_DO_SIGN 112
#define DSA_F_DSA_DO_VERIFY 113
#define DSA_F_DSA_GENERATE_PARAMETERS 117
#define DSA_F_DSA_NEW_METHOD 103
#define DSA_F_DSA_PRINT 104
#define DSA_F_DSA_PRINT_FP 105
@ -307,6 +310,7 @@ void ERR_load_DSA_strings(void);
/* Reason codes. */
#define DSA_R_BAD_Q_VALUE 102
#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
#define DSA_R_KEY_SIZE_TOO_SMALL 106
#define DSA_R_MISSING_PARAMETERS 101
#define DSA_R_MODULUS_TOO_LARGE 103
#define DSA_R_NON_FIPS_METHOD 104

2
crypto/dsa/dsa_err.c
View file

@ -75,6 +75,7 @@ static ERR_STRING_DATA DSA_str_functs[]=
{ERR_FUNC(DSA_F_DSAPARAMS_PRINT_FP), "DSAparams_print_fp"},
{ERR_FUNC(DSA_F_DSA_DO_SIGN), "DSA_do_sign"},
{ERR_FUNC(DSA_F_DSA_DO_VERIFY), "DSA_do_verify"},
{ERR_FUNC(DSA_F_DSA_GENERATE_PARAMETERS), "DSA_generate_parameters"},
{ERR_FUNC(DSA_F_DSA_NEW_METHOD), "DSA_new_method"},
{ERR_FUNC(DSA_F_DSA_PRINT), "DSA_print"},
{ERR_FUNC(DSA_F_DSA_PRINT_FP), "DSA_print_fp"},
@ -93,6 +94,7 @@ static ERR_STRING_DATA DSA_str_reasons[]=
{
{ERR_REASON(DSA_R_BAD_Q_VALUE) ,"bad q value"},
{ERR_REASON(DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"},
{ERR_REASON(DSA_R_KEY_SIZE_TOO_SMALL) ,"key size too small"},
{ERR_REASON(DSA_R_MISSING_PARAMETERS) ,"missing parameters"},
{ERR_REASON(DSA_R_MODULUS_TOO_LARGE) ,"modulus too large"},
{ERR_REASON(DSA_R_NON_FIPS_METHOD) ,"non fips method"},

2
crypto/rsa/rsa.h
View file

@ -182,6 +182,8 @@ struct rsa_st
# define OPENSSL_RSA_MAX_MODULUS_BITS 16384
#endif
#define OPENSSL_RSA_FIPS_MIN_MODULUS_BITS 1024
#ifndef OPENSSL_RSA_SMALL_MODULUS_BITS
# define OPENSSL_RSA_SMALL_MODULUS_BITS 3072
#endif

6
fips-1.0/dh/fips_dh_gen.c
View file

@ -115,6 +115,12 @@ static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB
return 0;
}
if (FIPS_mode() && (prime_len < OPENSSL_DH_FIPS_MIN_MODULUS_BITS))
{
DHerr(DH_F_GENERATE_PARAMETERS, DH_R_KEY_SIZE_TOO_SMALL);
goto err;
}
ctx=BN_CTX_new();
if (ctx == NULL) goto err;
BN_CTX_start(ctx);

8
fips-1.0/dh/fips_dh_key.c
View file

@ -194,7 +194,13 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
DHerr(DH_F_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE);
goto err;
}
if (FIPS_mode() && (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS))
{
DHerr(DH_F_COMPUTE_KEY, DH_R_KEY_SIZE_TOO_SMALL);
goto err;
}
if (dh->priv_key == NULL)
{
DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);

6
fips-1.0/dsa/fips_dsa_gen.c
View file

@ -124,6 +124,12 @@ static int dsa_builtin_paramgen(DSA *ret, int bits,
goto err;
}
if (FIPS_mode() && (bits < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS))
{
DSAerr(DSA_F_DSA_GENERATE_PARAMETERS, DSA_R_KEY_SIZE_TOO_SMALL);
goto err;
}
if (bits < 512) bits=512;
bits=(bits+63)/64*64;

12
fips-1.0/dsa/fips_dsa_ossl.c
View file

@ -132,6 +132,12 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, FIPS_DSA_SIZE_T dlen, DSA
return NULL;
}
if (FIPS_mode() && (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS))
{
DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_KEY_SIZE_TOO_SMALL);
return NULL;
}
BN_init(&m);
BN_init(&xr);
@ -309,6 +315,12 @@ static int dsa_do_verify(const unsigned char *dgst, FIPS_DSA_SIZE_T dgst_len, DS
return -1;
}
if (FIPS_mode() && (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS))
{
DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_KEY_SIZE_TOO_SMALL);
return -1;
}
BN_init(&u1);
BN_init(&u2);
BN_init(&t1);

24
fips-1.0/rsa/fips_rsa_eay.c
View file

@ -175,6 +175,12 @@ static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
goto err;
}
if (FIPS_mode() && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
return -1;
}
if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE);
@ -374,6 +380,12 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
goto err;
}
if (FIPS_mode() && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
return -1;
}
if ((ctx=BN_CTX_new()) == NULL) goto err;
BN_CTX_start(ctx);
f = BN_CTX_get(ctx);
@ -511,6 +523,12 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
goto err;
}
if (FIPS_mode() && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
return -1;
}
if((ctx = BN_CTX_new()) == NULL) goto err;
BN_CTX_start(ctx);
f = BN_CTX_get(ctx);
@ -644,6 +662,12 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
goto err;
}
if (FIPS_mode() && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
return -1;
}
if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE);

12
fips-1.0/rsa/fips_rsa_gen.c
View file

@ -116,18 +116,18 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
int bitsp,bitsq,ok= -1,n=0;
BN_CTX *ctx=NULL;
if (bits < 512)
{
FIPSerr(FIPS_F_RSA_GENERATE_KEY,FIPS_R_KEY_TOO_SHORT);
return 0;
}
if(FIPS_selftest_failed())
{
FIPSerr(FIPS_F_RSA_GENERATE_KEY,FIPS_R_FIPS_SELFTEST_FAILED);
return 0;
}
if (FIPS_mode() && (bits < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
{
FIPSerr(FIPS_F_RSA_GENERATE_KEY,FIPS_R_KEY_TOO_SHORT);
return 0;
}
ctx=BN_CTX_new();
if (ctx == NULL) goto err;
BN_CTX_start(ctx);