Corrected test program.
This commit is contained in:
Ben Laurie
parent
901959c945
commit
d70f5891da
2 changed files with 42 additions and 9 deletions
|
|
@ -1,3 +1,3 @@
|
|||
HMAC-SHA1(fips_dh_check.c)= 5657cf7c136f6d9608df40d0699fe1d61d0ad5b5
|
||||
HMAC-SHA1(fips_dh_gen.c)= e3626ccd5124942cb19ca962470d2c3704d265bb
|
||||
HMAC-SHA1(fips_dh_key.c)= 88c882a9063c0b7e5f46de1a7bfa82f71e0a918e
|
||||
HMAC-SHA1(fips_dh_check.c)= 63347e2007e224381d4a7b6d871633889de72cf3
|
||||
HMAC-SHA1(fips_dh_gen.c)= 6aaf18dab32bf9a5fb4b7449ac4cbe559040adb4
|
||||
HMAC-SHA1(fips_dh_key.c)= 7bf23b329a776953bbe7c30ebd7f9faf5249ddbe
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@
|
|||
#include <openssl/md5.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/fips.h>
|
||||
|
||||
#include <openssl/bn.h>
|
||||
#ifndef OPENSSL_FIPS
|
||||
int main(int argc, char *argv[])
|
||||
{
|
||||
|
|
@ -174,12 +174,37 @@ static int dh_test()
|
|||
|
||||
ERR_clear_error();
|
||||
dh = DH_generate_parameters(256, 2, NULL, NULL);
|
||||
if (!dh)
|
||||
{
|
||||
ERR_load_crypto_strings();
|
||||
ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
|
||||
if (dh)
|
||||
return 1;
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* Zeroize
|
||||
*/
|
||||
static int Zeroize()
|
||||
{
|
||||
RSA *key;
|
||||
unsigned char userkey[16] =
|
||||
{ 0x48, 0x50, 0xf0, 0xa3, 0x3a, 0xed, 0xd3, 0xaf, 0x6e, 0x47, 0x7f, 0x83, 0x02, 0xb1, 0x09, 0x68 };
|
||||
int i, n;
|
||||
|
||||
key = RSA_generate_key(1024,65537,NULL,NULL);
|
||||
if (!key)
|
||||
return 0;
|
||||
}
|
||||
n = BN_num_bytes(key->d);
|
||||
printf(" Generated %d byte RSA private key\n", n);
|
||||
printf("\tBN key before overwriting:\n%s\n", BN_bn2hex(key->d));
|
||||
BN_rand(key->d,n*8,-1,0);
|
||||
printf("\tBN key after overwriting:\n%s\n", BN_bn2hex(key->d));
|
||||
|
||||
printf("\tchar buffer key before overwriting: \n\t\t");
|
||||
for(i = 0; i < sizeof(userkey); i++) printf("%02x", userkey[i]);
|
||||
printf("\n");
|
||||
RAND_bytes(userkey, sizeof userkey);
|
||||
printf("\tchar buffer key after overwriting: \n\t\t");
|
||||
for(i = 0; i < sizeof(userkey); i++) printf("%02x", userkey[i]);
|
||||
printf("\n");
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
|
@ -195,6 +220,9 @@ int main(int argc,char **argv)
|
|||
|
||||
printf("\tFIPS-mode test application\n\n");
|
||||
|
||||
/* Load entropy from external file, if any */
|
||||
RAND_load_file(".rnd", 1024);
|
||||
|
||||
if (argv[1]) {
|
||||
/* Corrupted KAT tests */
|
||||
if (!strcmp(argv[1], "aes")) {
|
||||
|
|
@ -301,6 +329,11 @@ int main(int argc,char **argv)
|
|||
printf( dh_test() ? "successful as expected\n"
|
||||
: Fail("failed INCORRECTLY!\n") );
|
||||
|
||||
/* Zeroization
|
||||
*/
|
||||
printf("9. Zero-ization...\n");
|
||||
Zeroize();
|
||||
|
||||
printf("\nAll tests completed with %d errors\n", Error);
|
||||
return 0;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue