forked from rpms/openssl
		
	only ECC NIST Suite B curves support
- drop -fips subpackage
This commit is contained in:
		
							parent
							
								
									1f19ac14f9
								
							
						
					
					
						commit
						b3551463ca
					
				
							
								
								
									
										1
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										1
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							| @ -12,3 +12,4 @@ openssl-1.0.0a-usa.tar.bz2 | ||||
| /openssl-1.0.1b-usa.tar.xz | ||||
| /openssl-1.0.1c-usa.tar.xz | ||||
| /openssl-1.0.1e-usa.tar.xz | ||||
| /openssl-1.0.1e-hobbled.tar.xz | ||||
|  | ||||
							
								
								
									
										341
									
								
								ec_curve.c
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										341
									
								
								ec_curve.c
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,341 @@ | ||||
| /* crypto/ec/ec_curve.c */ | ||||
| /*
 | ||||
|  * Written by Nils Larsch for the OpenSSL project. | ||||
|  */ | ||||
| /* ====================================================================
 | ||||
|  * Copyright (c) 1998-2010 The OpenSSL Project.  All rights reserved. | ||||
|  * | ||||
|  * Redistribution and use in source and binary forms, with or without | ||||
|  * modification, are permitted provided that the following conditions | ||||
|  * are met: | ||||
|  * | ||||
|  * 1. Redistributions of source code must retain the above copyright | ||||
|  *    notice, this list of conditions and the following disclaimer.  | ||||
|  * | ||||
|  * 2. Redistributions in binary form must reproduce the above copyright | ||||
|  *    notice, this list of conditions and the following disclaimer in | ||||
|  *    the documentation and/or other materials provided with the | ||||
|  *    distribution. | ||||
|  * | ||||
|  * 3. All advertising materials mentioning features or use of this | ||||
|  *    software must display the following acknowledgment: | ||||
|  *    "This product includes software developed by the OpenSSL Project | ||||
|  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
 | ||||
|  * | ||||
|  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||||
|  *    endorse or promote products derived from this software without | ||||
|  *    prior written permission. For written permission, please contact | ||||
|  *    openssl-core@openssl.org. | ||||
|  * | ||||
|  * 5. Products derived from this software may not be called "OpenSSL" | ||||
|  *    nor may "OpenSSL" appear in their names without prior written | ||||
|  *    permission of the OpenSSL Project. | ||||
|  * | ||||
|  * 6. Redistributions of any form whatsoever must retain the following | ||||
|  *    acknowledgment: | ||||
|  *    "This product includes software developed by the OpenSSL Project | ||||
|  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
 | ||||
|  * | ||||
|  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||||
|  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||||
|  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||||
|  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||||
|  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||||
|  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||||
|  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||||
|  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||||
|  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||||
|  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||||
|  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||||
|  * OF THE POSSIBILITY OF SUCH DAMAGE. | ||||
|  * ==================================================================== | ||||
|  * | ||||
|  * This product includes cryptographic software written by Eric Young | ||||
|  * (eay@cryptsoft.com).  This product includes software written by Tim | ||||
|  * Hudson (tjh@cryptsoft.com). | ||||
|  * | ||||
|  */ | ||||
| /* ====================================================================
 | ||||
|  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | ||||
|  * | ||||
|  * Portions of the attached software ("Contribution") are developed by  | ||||
|  * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. | ||||
|  * | ||||
|  * The Contribution is licensed pursuant to the OpenSSL open source | ||||
|  * license provided above. | ||||
|  * | ||||
|  * The elliptic curve binary polynomial software is originally written by  | ||||
|  * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. | ||||
|  * | ||||
|  */ | ||||
| 
 | ||||
| #include "ec_lcl.h" | ||||
| #include <openssl/err.h> | ||||
| #include <openssl/obj_mac.h> | ||||
| #include <openssl/opensslconf.h> | ||||
| 
 | ||||
| typedef struct { | ||||
| 	int	field_type,	/* either NID_X9_62_prime_field or
 | ||||
| 				 * NID_X9_62_characteristic_two_field */ | ||||
| 		seed_len, | ||||
| 		param_len; | ||||
| 	unsigned int cofactor;	/* promoted to BN_ULONG */ | ||||
| } EC_CURVE_DATA; | ||||
| 
 | ||||
| static const struct { EC_CURVE_DATA h; unsigned char data[20+48*6]; } | ||||
| 	_EC_NIST_PRIME_384 = { | ||||
| 	{ NID_X9_62_prime_field,20,48,1 }, | ||||
| 	{ 0xA3,0x35,0x92,0x6A,0xA3,0x19,0xA2,0x7A,0x1D,0x00,	/* seed */ | ||||
| 	  0x89,0x6A,0x67,0x73,0xA4,0x82,0x7A,0xCD,0xAC,0x73, | ||||
| 
 | ||||
| 	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* p */ | ||||
| 	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, | ||||
| 	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, | ||||
| 	  0xFF,0xFE,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00, | ||||
| 	  0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF, | ||||
| 	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* a */ | ||||
| 	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, | ||||
| 	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, | ||||
| 	  0xFF,0xFE,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00, | ||||
| 	  0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFC, | ||||
| 	  0xB3,0x31,0x2F,0xA7,0xE2,0x3E,0xE7,0xE4,0x98,0x8E,	/* b */ | ||||
| 	  0x05,0x6B,0xE3,0xF8,0x2D,0x19,0x18,0x1D,0x9C,0x6E, | ||||
| 	  0xFE,0x81,0x41,0x12,0x03,0x14,0x08,0x8F,0x50,0x13, | ||||
| 	  0x87,0x5A,0xC6,0x56,0x39,0x8D,0x8A,0x2E,0xD1,0x9D, | ||||
| 	  0x2A,0x85,0xC8,0xED,0xD3,0xEC,0x2A,0xEF, | ||||
| 	  0xAA,0x87,0xCA,0x22,0xBE,0x8B,0x05,0x37,0x8E,0xB1,	/* x */ | ||||
| 	  0xC7,0x1E,0xF3,0x20,0xAD,0x74,0x6E,0x1D,0x3B,0x62, | ||||
| 	  0x8B,0xA7,0x9B,0x98,0x59,0xF7,0x41,0xE0,0x82,0x54, | ||||
| 	  0x2A,0x38,0x55,0x02,0xF2,0x5D,0xBF,0x55,0x29,0x6C, | ||||
| 	  0x3A,0x54,0x5E,0x38,0x72,0x76,0x0A,0xB7, | ||||
| 	  0x36,0x17,0xde,0x4a,0x96,0x26,0x2c,0x6f,0x5d,0x9e,	/* y */ | ||||
| 	  0x98,0xbf,0x92,0x92,0xdc,0x29,0xf8,0xf4,0x1d,0xbd, | ||||
| 	  0x28,0x9a,0x14,0x7c,0xe9,0xda,0x31,0x13,0xb5,0xf0, | ||||
| 	  0xb8,0xc0,0x0a,0x60,0xb1,0xce,0x1d,0x7e,0x81,0x9d, | ||||
| 	  0x7a,0x43,0x1d,0x7c,0x90,0xea,0x0e,0x5f, | ||||
| 	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* order */ | ||||
| 	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, | ||||
| 	  0xFF,0xFF,0xFF,0xFF,0xC7,0x63,0x4D,0x81,0xF4,0x37, | ||||
| 	  0x2D,0xDF,0x58,0x1A,0x0D,0xB2,0x48,0xB0,0xA7,0x7A, | ||||
| 	  0xEC,0xEC,0x19,0x6A,0xCC,0xC5,0x29,0x73 } | ||||
| 	}; | ||||
| 
 | ||||
| static const struct { EC_CURVE_DATA h; unsigned char data[20+32*6]; } | ||||
| 	_EC_X9_62_PRIME_256V1 = { | ||||
| 	{ NID_X9_62_prime_field,20,32,1 }, | ||||
| 	{ 0xC4,0x9D,0x36,0x08,0x86,0xE7,0x04,0x93,0x6A,0x66,	/* seed */ | ||||
| 	  0x78,0xE1,0x13,0x9D,0x26,0xB7,0x81,0x9F,0x7E,0x90, | ||||
| 
 | ||||
| 	  0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x01,0x00,0x00,	/* p */ | ||||
| 	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, | ||||
| 	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, | ||||
| 	  0xFF,0xFF, | ||||
| 	  0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x01,0x00,0x00,	/* a */ | ||||
| 	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, | ||||
| 	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, | ||||
| 	  0xFF,0xFC, | ||||
| 	  0x5A,0xC6,0x35,0xD8,0xAA,0x3A,0x93,0xE7,0xB3,0xEB,	/* b */ | ||||
| 	  0xBD,0x55,0x76,0x98,0x86,0xBC,0x65,0x1D,0x06,0xB0, | ||||
| 	  0xCC,0x53,0xB0,0xF6,0x3B,0xCE,0x3C,0x3E,0x27,0xD2, | ||||
| 	  0x60,0x4B, | ||||
| 	  0x6B,0x17,0xD1,0xF2,0xE1,0x2C,0x42,0x47,0xF8,0xBC,	/* x */ | ||||
| 	  0xE6,0xE5,0x63,0xA4,0x40,0xF2,0x77,0x03,0x7D,0x81, | ||||
| 	  0x2D,0xEB,0x33,0xA0,0xF4,0xA1,0x39,0x45,0xD8,0x98, | ||||
| 	  0xC2,0x96, | ||||
| 	  0x4f,0xe3,0x42,0xe2,0xfe,0x1a,0x7f,0x9b,0x8e,0xe7,	/* y */ | ||||
| 	  0xeb,0x4a,0x7c,0x0f,0x9e,0x16,0x2b,0xce,0x33,0x57, | ||||
| 	  0x6b,0x31,0x5e,0xce,0xcb,0xb6,0x40,0x68,0x37,0xbf, | ||||
| 	  0x51,0xf5, | ||||
| 	  0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xFF,0xFF,	/* order */ | ||||
| 	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xBC,0xE6,0xFA,0xAD, | ||||
| 	  0xA7,0x17,0x9E,0x84,0xF3,0xB9,0xCA,0xC2,0xFC,0x63, | ||||
| 	  0x25,0x51 } | ||||
| 	}; | ||||
| 
 | ||||
| typedef struct _ec_list_element_st { | ||||
| 	int	nid; | ||||
| 	const EC_CURVE_DATA *data; | ||||
| 	const EC_METHOD *(*meth)(void); | ||||
| 	const char *comment; | ||||
| 	} ec_list_element; | ||||
| 
 | ||||
| static const ec_list_element curve_list[] = { | ||||
| 	/* prime field curves */ | ||||
| 	/* secg curves */ | ||||
| 	/* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */ | ||||
| 	{ NID_secp384r1, &_EC_NIST_PRIME_384.h, 0, "NIST/SECG curve over a 384 bit prime field" }, | ||||
| #ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 | ||||
| 	{ NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, EC_GFp_nistp256_method, "X9.62/SECG curve over a 256 bit prime field" }, | ||||
| #else | ||||
| 	{ NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, 0, "X9.62/SECG curve over a 256 bit prime field" }, | ||||
| #endif | ||||
| }; | ||||
| 
 | ||||
| #define curve_list_length (sizeof(curve_list)/sizeof(ec_list_element)) | ||||
| 
 | ||||
| static EC_GROUP *ec_group_new_from_data(const ec_list_element curve) | ||||
| 	{ | ||||
| 	EC_GROUP *group=NULL; | ||||
| 	EC_POINT *P=NULL; | ||||
| 	BN_CTX	 *ctx=NULL; | ||||
| 	BIGNUM	 *p=NULL, *a=NULL, *b=NULL, *x=NULL, *y=NULL, *order=NULL; | ||||
| 	int	 ok=0; | ||||
| 	int	 seed_len,param_len; | ||||
| 	const EC_METHOD *meth; | ||||
| 	const EC_CURVE_DATA *data; | ||||
| 	const unsigned char *params; | ||||
| 
 | ||||
| 	if ((ctx = BN_CTX_new()) == NULL) | ||||
| 		{ | ||||
| 		ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_MALLOC_FAILURE); | ||||
| 		goto err; | ||||
| 		} | ||||
| 
 | ||||
| 	data = curve.data; | ||||
| 	seed_len  = data->seed_len; | ||||
| 	param_len = data->param_len; | ||||
| 	params	  = (const unsigned char *)(data+1);	/* skip header */ | ||||
| 	params	 += seed_len;				/* skip seed   */ | ||||
| 
 | ||||
| 	if (!(p = BN_bin2bn(params+0*param_len, param_len, NULL)) | ||||
| 		|| !(a = BN_bin2bn(params+1*param_len, param_len, NULL)) | ||||
| 		|| !(b = BN_bin2bn(params+2*param_len, param_len, NULL))) | ||||
| 		{ | ||||
| 		ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB); | ||||
| 		goto err; | ||||
| 		} | ||||
| 
 | ||||
| 	if (curve.meth != 0) | ||||
| 		{ | ||||
| 		meth = curve.meth(); | ||||
| 		if (((group = EC_GROUP_new(meth)) == NULL) || | ||||
| 			(!(group->meth->group_set_curve(group, p, a, b, ctx)))) | ||||
| 			{ | ||||
| 			ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); | ||||
| 			goto err; | ||||
| 			} | ||||
| 		} | ||||
| 	else if (data->field_type == NID_X9_62_prime_field) | ||||
| 		{ | ||||
| 		if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL) | ||||
| 			{ | ||||
| 			ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); | ||||
| 			goto err; | ||||
| 			} | ||||
| 		} | ||||
| #ifndef OPENSSL_NO_EC2M | ||||
| 	else	/* field_type == NID_X9_62_characteristic_two_field */ | ||||
| 		{ | ||||
| 		if ((group = EC_GROUP_new_curve_GF2m(p, a, b, ctx)) == NULL) | ||||
| 			{ | ||||
| 			ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); | ||||
| 			goto err; | ||||
| 			} | ||||
| 		} | ||||
| #endif | ||||
| 
 | ||||
| 	if ((P = EC_POINT_new(group)) == NULL) | ||||
| 		{ | ||||
| 		ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); | ||||
| 		goto err; | ||||
| 		} | ||||
| 
 | ||||
| 	if (!(x = BN_bin2bn(params+3*param_len, param_len, NULL)) | ||||
| 		|| !(y = BN_bin2bn(params+4*param_len, param_len, NULL))) | ||||
| 		{ | ||||
| 		ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB); | ||||
| 		goto err; | ||||
| 		} | ||||
| 	if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx)) | ||||
| 		{ | ||||
| 		ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); | ||||
| 		goto err; | ||||
| 		} | ||||
| 	if (!(order = BN_bin2bn(params+5*param_len, param_len, NULL)) | ||||
| 		|| !BN_set_word(x, (BN_ULONG)data->cofactor)) | ||||
| 		{ | ||||
| 		ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB); | ||||
| 		goto err; | ||||
| 		} | ||||
| 	if (!EC_GROUP_set_generator(group, P, order, x)) | ||||
| 		{ | ||||
| 		ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); | ||||
| 		goto err; | ||||
| 		} | ||||
| 	if (seed_len) | ||||
| 		{ | ||||
| 		if (!EC_GROUP_set_seed(group, params-seed_len, seed_len)) | ||||
| 			{ | ||||
| 			ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); | ||||
| 			goto err; | ||||
| 			} | ||||
| 		} | ||||
| 	ok=1; | ||||
| err: | ||||
| 	if (!ok) | ||||
| 		{ | ||||
| 		EC_GROUP_free(group); | ||||
| 		group = NULL; | ||||
| 		} | ||||
| 	if (P) | ||||
| 		EC_POINT_free(P); | ||||
| 	if (ctx) | ||||
| 		BN_CTX_free(ctx); | ||||
| 	if (p) | ||||
| 		BN_free(p); | ||||
| 	if (a) | ||||
| 		BN_free(a); | ||||
| 	if (b) | ||||
| 		BN_free(b); | ||||
| 	if (order) | ||||
| 		BN_free(order); | ||||
| 	if (x) | ||||
| 		BN_free(x); | ||||
| 	if (y) | ||||
| 		BN_free(y); | ||||
| 	return group; | ||||
| 	} | ||||
| 
 | ||||
| EC_GROUP *EC_GROUP_new_by_curve_name(int nid) | ||||
| 	{ | ||||
| 	size_t i; | ||||
| 	EC_GROUP *ret = NULL; | ||||
| 
 | ||||
| 	if (nid <= 0) | ||||
| 		return NULL; | ||||
| 
 | ||||
| 	for (i=0; i<curve_list_length; i++) | ||||
| 		if (curve_list[i].nid == nid) | ||||
| 			{ | ||||
| 			ret = ec_group_new_from_data(curve_list[i]); | ||||
| 			break; | ||||
| 			} | ||||
| 
 | ||||
| 	if (ret == NULL) | ||||
| 		{ | ||||
| 		ECerr(EC_F_EC_GROUP_NEW_BY_CURVE_NAME, EC_R_UNKNOWN_GROUP); | ||||
| 		return NULL; | ||||
| 		} | ||||
| 
 | ||||
| 	EC_GROUP_set_curve_name(ret, nid); | ||||
| 
 | ||||
| 	return ret; | ||||
| 	} | ||||
| 
 | ||||
| size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems) | ||||
| 	{ | ||||
| 	size_t	i, min; | ||||
| 
 | ||||
| 	if (r == NULL || nitems == 0) | ||||
| 		return curve_list_length; | ||||
| 
 | ||||
| 	min = nitems < curve_list_length ? nitems : curve_list_length; | ||||
| 
 | ||||
| 	for (i = 0; i < min; i++) | ||||
| 		{ | ||||
| 		r[i].nid = curve_list[i].nid; | ||||
| 		r[i].comment = curve_list[i].comment; | ||||
| 		} | ||||
| 
 | ||||
| 	return curve_list_length; | ||||
| 	} | ||||
							
								
								
									
										695
									
								
								ectest.c
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										695
									
								
								ectest.c
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,695 @@ | ||||
| /* crypto/ec/ectest.c */ | ||||
| /*
 | ||||
|  * Originally written by Bodo Moeller for the OpenSSL project. | ||||
|  */ | ||||
| /* ====================================================================
 | ||||
|  * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved. | ||||
|  * | ||||
|  * Redistribution and use in source and binary forms, with or without | ||||
|  * modification, are permitted provided that the following conditions | ||||
|  * are met: | ||||
|  * | ||||
|  * 1. Redistributions of source code must retain the above copyright | ||||
|  *    notice, this list of conditions and the following disclaimer.  | ||||
|  * | ||||
|  * 2. Redistributions in binary form must reproduce the above copyright | ||||
|  *    notice, this list of conditions and the following disclaimer in | ||||
|  *    the documentation and/or other materials provided with the | ||||
|  *    distribution. | ||||
|  * | ||||
|  * 3. All advertising materials mentioning features or use of this | ||||
|  *    software must display the following acknowledgment: | ||||
|  *    "This product includes software developed by the OpenSSL Project | ||||
|  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
 | ||||
|  * | ||||
|  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||||
|  *    endorse or promote products derived from this software without | ||||
|  *    prior written permission. For written permission, please contact | ||||
|  *    openssl-core@openssl.org. | ||||
|  * | ||||
|  * 5. Products derived from this software may not be called "OpenSSL" | ||||
|  *    nor may "OpenSSL" appear in their names without prior written | ||||
|  *    permission of the OpenSSL Project. | ||||
|  * | ||||
|  * 6. Redistributions of any form whatsoever must retain the following | ||||
|  *    acknowledgment: | ||||
|  *    "This product includes software developed by the OpenSSL Project | ||||
|  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
 | ||||
|  * | ||||
|  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||||
|  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||||
|  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||||
|  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||||
|  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||||
|  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||||
|  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||||
|  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||||
|  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||||
|  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||||
|  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||||
|  * OF THE POSSIBILITY OF SUCH DAMAGE. | ||||
|  * ==================================================================== | ||||
|  * | ||||
|  * This product includes cryptographic software written by Eric Young | ||||
|  * (eay@cryptsoft.com).  This product includes software written by Tim | ||||
|  * Hudson (tjh@cryptsoft.com). | ||||
|  * | ||||
|  */ | ||||
| /* ====================================================================
 | ||||
|  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | ||||
|  * | ||||
|  * Portions of the attached software ("Contribution") are developed by  | ||||
|  * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. | ||||
|  * | ||||
|  * The Contribution is licensed pursuant to the OpenSSL open source | ||||
|  * license provided above. | ||||
|  * | ||||
|  * The elliptic curve binary polynomial software is originally written by  | ||||
|  * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. | ||||
|  * | ||||
|  */ | ||||
| 
 | ||||
| #include <stdio.h> | ||||
| #include <stdlib.h> | ||||
| #ifdef FLAT_INC | ||||
| #include "e_os.h" | ||||
| #else | ||||
| #include "../e_os.h" | ||||
| #endif | ||||
| #include <string.h> | ||||
| #include <time.h> | ||||
| 
 | ||||
| 
 | ||||
| #ifdef OPENSSL_NO_EC | ||||
| int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); return 0; } | ||||
| #else | ||||
| 
 | ||||
| 
 | ||||
| #include <openssl/ec.h> | ||||
| #ifndef OPENSSL_NO_ENGINE | ||||
| #include <openssl/engine.h> | ||||
| #endif | ||||
| #include <openssl/err.h> | ||||
| #include <openssl/obj_mac.h> | ||||
| #include <openssl/objects.h> | ||||
| #include <openssl/rand.h> | ||||
| #include <openssl/bn.h> | ||||
| #include <openssl/opensslconf.h> | ||||
| 
 | ||||
| #if defined(_MSC_VER) && defined(_MIPS_) && (_MSC_VER/100==12) | ||||
| /* suppress "too big too optimize" warning */ | ||||
| #pragma warning(disable:4959) | ||||
| #endif | ||||
| 
 | ||||
| #define ABORT do { \ | ||||
| 	fflush(stdout); \ | ||||
| 	fprintf(stderr, "%s:%d: ABORT\n", __FILE__, __LINE__); \ | ||||
| 	ERR_print_errors_fp(stderr); \ | ||||
| 	EXIT(1); \ | ||||
| } while (0) | ||||
| 
 | ||||
| #define TIMING_BASE_PT 0 | ||||
| #define TIMING_RAND_PT 1 | ||||
| #define TIMING_SIMUL 2 | ||||
| 
 | ||||
| #if 0 | ||||
| static void timings(EC_GROUP *group, int type, BN_CTX *ctx) | ||||
| 	{ | ||||
| 	clock_t clck; | ||||
| 	int i, j; | ||||
| 	BIGNUM *s; | ||||
| 	BIGNUM *r[10], *r0[10]; | ||||
| 	EC_POINT *P; | ||||
| 		 | ||||
| 	s = BN_new(); | ||||
| 	if (s == NULL) ABORT; | ||||
| 
 | ||||
| 	fprintf(stdout, "Timings for %d-bit field, ", EC_GROUP_get_degree(group)); | ||||
| 	if (!EC_GROUP_get_order(group, s, ctx)) ABORT; | ||||
| 	fprintf(stdout, "%d-bit scalars ", (int)BN_num_bits(s)); | ||||
| 	fflush(stdout); | ||||
| 
 | ||||
| 	P = EC_POINT_new(group); | ||||
| 	if (P == NULL) ABORT; | ||||
| 	EC_POINT_copy(P, EC_GROUP_get0_generator(group)); | ||||
| 
 | ||||
| 	for (i = 0; i < 10; i++) | ||||
| 		{ | ||||
| 		if ((r[i] = BN_new()) == NULL) ABORT; | ||||
| 		if (!BN_pseudo_rand(r[i], BN_num_bits(s), 0, 0)) ABORT; | ||||
| 		if (type != TIMING_BASE_PT) | ||||
| 			{ | ||||
| 			if ((r0[i] = BN_new()) == NULL) ABORT; | ||||
| 			if (!BN_pseudo_rand(r0[i], BN_num_bits(s), 0, 0)) ABORT; | ||||
| 			} | ||||
| 		} | ||||
| 
 | ||||
| 	clck = clock(); | ||||
| 	for (i = 0; i < 10; i++) | ||||
| 		{ | ||||
| 		for (j = 0; j < 10; j++) | ||||
| 			{ | ||||
| 			if (!EC_POINT_mul(group, P, (type != TIMING_RAND_PT) ? r[i] : NULL,  | ||||
| 				(type != TIMING_BASE_PT) ? P : NULL, (type != TIMING_BASE_PT) ? r0[i] : NULL, ctx)) ABORT; | ||||
| 			} | ||||
| 		} | ||||
| 	clck = clock() - clck; | ||||
| 
 | ||||
| 	fprintf(stdout, "\n"); | ||||
| 
 | ||||
| #ifdef CLOCKS_PER_SEC | ||||
| 	/* "To determine the time in seconds, the value returned
 | ||||
| 	 * by the clock function should be divided by the value | ||||
| 	 * of the macro CLOCKS_PER_SEC." | ||||
| 	 *                                       -- ISO/IEC 9899 */ | ||||
| #	define UNIT "s" | ||||
| #else | ||||
| 	/* "`CLOCKS_PER_SEC' undeclared (first use this function)"
 | ||||
| 	 *                            -- cc on NeXTstep/OpenStep */ | ||||
| #	define UNIT "units" | ||||
| #	define CLOCKS_PER_SEC 1 | ||||
| #endif | ||||
| 
 | ||||
| 	if (type == TIMING_BASE_PT) { | ||||
| 		fprintf(stdout, "%i %s in %.2f " UNIT "\n", i*j, | ||||
| 			"base point multiplications", (double)clck/CLOCKS_PER_SEC); | ||||
| 	} else if (type == TIMING_RAND_PT) { | ||||
| 		fprintf(stdout, "%i %s in %.2f " UNIT "\n", i*j, | ||||
| 			"random point multiplications", (double)clck/CLOCKS_PER_SEC); | ||||
| 	} else if (type == TIMING_SIMUL) { | ||||
| 		fprintf(stdout, "%i %s in %.2f " UNIT "\n", i*j, | ||||
| 			"s*P+t*Q operations", (double)clck/CLOCKS_PER_SEC); | ||||
| 	} | ||||
| 	fprintf(stdout, "average: %.4f " UNIT "\n", (double)clck/(CLOCKS_PER_SEC*i*j)); | ||||
| 
 | ||||
| 	EC_POINT_free(P); | ||||
| 	BN_free(s); | ||||
| 	for (i = 0; i < 10; i++) | ||||
| 		{ | ||||
| 		BN_free(r[i]); | ||||
| 		if (type != TIMING_BASE_PT) BN_free(r0[i]); | ||||
| 		} | ||||
| 	} | ||||
| #endif | ||||
| 
 | ||||
| /* test multiplication with group order, long and negative scalars */ | ||||
| static void group_order_tests(EC_GROUP *group) | ||||
| 	{ | ||||
| 	BIGNUM *n1, *n2, *order; | ||||
| 	EC_POINT *P = EC_POINT_new(group); | ||||
| 	EC_POINT *Q = EC_POINT_new(group); | ||||
| 	BN_CTX *ctx = BN_CTX_new(); | ||||
| 
 | ||||
| 	n1 = BN_new(); n2 = BN_new(); order = BN_new(); | ||||
| 	fprintf(stdout, "verify group order ..."); | ||||
| 	fflush(stdout); | ||||
| 	if (!EC_GROUP_get_order(group, order, ctx)) ABORT; | ||||
| 	if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx)) ABORT; | ||||
| 	if (!EC_POINT_is_at_infinity(group, Q)) ABORT; | ||||
| 	fprintf(stdout, "."); | ||||
| 	fflush(stdout); | ||||
| 	if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; | ||||
| 	if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx)) ABORT; | ||||
| 	if (!EC_POINT_is_at_infinity(group, Q)) ABORT; | ||||
| 	fprintf(stdout, " ok\n"); | ||||
| 	fprintf(stdout, "long/negative scalar tests ... "); | ||||
| 	if (!BN_one(n1)) ABORT; | ||||
| 	/* n1 = 1 - order */ | ||||
| 	if (!BN_sub(n1, n1, order)) ABORT; | ||||
| 	if(!EC_POINT_mul(group, Q, NULL, P, n1, ctx)) ABORT; | ||||
| 	if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT; | ||||
| 	/* n2 = 1 + order */ | ||||
| 	if (!BN_add(n2, order, BN_value_one())) ABORT; | ||||
| 	if(!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT; | ||||
| 	if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT; | ||||
| 	/* n2 = (1 - order) * (1 + order) */ | ||||
| 	if (!BN_mul(n2, n1, n2, ctx)) ABORT; | ||||
| 	if(!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT; | ||||
| 	if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT; | ||||
| 	fprintf(stdout, "ok\n"); | ||||
| 	EC_POINT_free(P); | ||||
| 	EC_POINT_free(Q); | ||||
| 	BN_free(n1); | ||||
| 	BN_free(n2); | ||||
| 	BN_free(order); | ||||
| 	BN_CTX_free(ctx); | ||||
| 	} | ||||
| 
 | ||||
| static void prime_field_tests(void) | ||||
| 	{ | ||||
| 	BN_CTX *ctx = NULL; | ||||
| 	BIGNUM *p, *a, *b; | ||||
| 	EC_GROUP *group; | ||||
| 	EC_GROUP *P_160 = NULL, *P_192 = NULL, *P_224 = NULL, *P_256 = NULL, *P_384 = NULL, *P_521 = NULL; | ||||
| 	EC_POINT *P, *Q, *R; | ||||
| 	BIGNUM *x, *y, *z; | ||||
| 	unsigned char buf[100]; | ||||
| 	size_t i, len; | ||||
| 	int k; | ||||
| 	 | ||||
| #if 1 /* optional */ | ||||
| 	ctx = BN_CTX_new(); | ||||
| 	if (!ctx) ABORT; | ||||
| #endif | ||||
| 
 | ||||
| 	p = BN_new(); | ||||
| 	a = BN_new(); | ||||
| 	b = BN_new(); | ||||
| 	if (!p || !a || !b) ABORT; | ||||
| 	 | ||||
| 	group = EC_GROUP_new(EC_GFp_mont_method()); /* applications should use EC_GROUP_new_curve_GFp
 | ||||
| 	                                             * so that the library gets to choose the EC_METHOD */ | ||||
| 	if (!group) ABORT; | ||||
| 
 | ||||
| 	P = EC_POINT_new(group); | ||||
| 	Q = EC_POINT_new(group); | ||||
| 	R = EC_POINT_new(group); | ||||
| 	if (!P || !Q || !R) ABORT; | ||||
| 
 | ||||
| 	x = BN_new(); | ||||
| 	y = BN_new(); | ||||
| 	z = BN_new(); | ||||
| 	if (!x || !y || !z) ABORT; | ||||
| 
 | ||||
| /* Curve P-256 (FIPS PUB 186-2, App. 6) */ | ||||
| 	 | ||||
| 	if (!BN_hex2bn(&p, "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF")) ABORT; | ||||
| 	if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; | ||||
| 	if (!BN_hex2bn(&a, "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC")) ABORT; | ||||
| 	if (!BN_hex2bn(&b, "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B")) ABORT; | ||||
| 	if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT; | ||||
| 
 | ||||
| 	if (!BN_hex2bn(&x, "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296")) ABORT; | ||||
| 	if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx)) ABORT; | ||||
| 	if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; | ||||
| 	if (!BN_hex2bn(&z, "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E" | ||||
| 		"84F3B9CAC2FC632551")) ABORT; | ||||
| 	if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) ABORT; | ||||
| 
 | ||||
| 	if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT; | ||||
| 	fprintf(stdout, "\nNIST curve P-256 -- Generator:\n     x = 0x"); | ||||
| 	BN_print_fp(stdout, x); | ||||
| 	fprintf(stdout, "\n     y = 0x"); | ||||
| 	BN_print_fp(stdout, y); | ||||
| 	fprintf(stdout, "\n"); | ||||
| 	/* G_y value taken from the standard: */ | ||||
| 	if (!BN_hex2bn(&z, "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5")) ABORT; | ||||
| 	if (0 != BN_cmp(y, z)) ABORT; | ||||
| 	 | ||||
| 	fprintf(stdout, "verify degree ..."); | ||||
| 	if (EC_GROUP_get_degree(group) != 256) ABORT; | ||||
| 	fprintf(stdout, " ok\n"); | ||||
| 	 | ||||
| 	group_order_tests(group); | ||||
| 
 | ||||
| 	if (!(P_256 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT; | ||||
| 	if (!EC_GROUP_copy(P_256, group)) ABORT; | ||||
| 
 | ||||
| 
 | ||||
| 	/* Curve P-384 (FIPS PUB 186-2, App. 6) */ | ||||
| 	 | ||||
| 	if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" | ||||
| 		"FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF")) ABORT; | ||||
| 	if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; | ||||
| 	if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" | ||||
| 		"FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC")) ABORT; | ||||
| 	if (!BN_hex2bn(&b, "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141" | ||||
| 		"120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF")) ABORT; | ||||
| 	if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT; | ||||
| 
 | ||||
| 	if (!BN_hex2bn(&x, "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B" | ||||
| 		"9859F741E082542A385502F25DBF55296C3A545E3872760AB7")) ABORT; | ||||
| 	if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx)) ABORT; | ||||
| 	if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; | ||||
| 	if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" | ||||
| 		"FFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973")) ABORT; | ||||
| 	if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) ABORT; | ||||
| 
 | ||||
| 	if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT; | ||||
| 	fprintf(stdout, "\nNIST curve P-384 -- Generator:\n     x = 0x"); | ||||
| 	BN_print_fp(stdout, x); | ||||
| 	fprintf(stdout, "\n     y = 0x"); | ||||
| 	BN_print_fp(stdout, y); | ||||
| 	fprintf(stdout, "\n"); | ||||
| 	/* G_y value taken from the standard: */ | ||||
| 	if (!BN_hex2bn(&z, "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A14" | ||||
| 		"7CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F")) ABORT; | ||||
| 	if (0 != BN_cmp(y, z)) ABORT; | ||||
| 	 | ||||
| 	fprintf(stdout, "verify degree ..."); | ||||
| 	if (EC_GROUP_get_degree(group) != 384) ABORT; | ||||
| 	fprintf(stdout, " ok\n"); | ||||
| 
 | ||||
| 	group_order_tests(group); | ||||
| 
 | ||||
| 	if (!(P_384 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT; | ||||
| 	if (!EC_GROUP_copy(P_384, group)) ABORT; | ||||
| 
 | ||||
| 	/* more tests using the last curve */ | ||||
| 
 | ||||
| 	if (!EC_POINT_copy(Q, P)) ABORT; | ||||
| 	if (EC_POINT_is_at_infinity(group, Q)) ABORT; | ||||
| 	if (!EC_POINT_dbl(group, P, P, ctx)) ABORT; | ||||
| 	if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; | ||||
| 	if (!EC_POINT_invert(group, Q, ctx)) ABORT; /* P = -2Q */ | ||||
| 
 | ||||
| 	if (!EC_POINT_add(group, R, P, Q, ctx)) ABORT; | ||||
| 	if (!EC_POINT_add(group, R, R, Q, ctx)) ABORT; | ||||
| 	if (!EC_POINT_is_at_infinity(group, R)) ABORT; /* R = P + 2Q */ | ||||
| 
 | ||||
| 	{ | ||||
| 		const EC_POINT *points[4]; | ||||
| 		const BIGNUM *scalars[4]; | ||||
| 		BIGNUM scalar3; | ||||
| 	 | ||||
| 		if (EC_POINT_is_at_infinity(group, Q)) ABORT; | ||||
| 		points[0] = Q; | ||||
| 		points[1] = Q; | ||||
| 		points[2] = Q; | ||||
| 		points[3] = Q; | ||||
| 
 | ||||
| 		if (!EC_GROUP_get_order(group, z, ctx)) ABORT; | ||||
| 		if (!BN_add(y, z, BN_value_one())) ABORT; | ||||
| 		if (BN_is_odd(y)) ABORT; | ||||
| 		if (!BN_rshift1(y, y)) ABORT; | ||||
| 		scalars[0] = y; /* (group order + 1)/2,  so  y*Q + y*Q = Q */ | ||||
| 		scalars[1] = y; | ||||
| 
 | ||||
| 		fprintf(stdout, "combined multiplication ..."); | ||||
| 		fflush(stdout); | ||||
| 
 | ||||
| 		/* z is still the group order */ | ||||
| 		if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) ABORT; | ||||
| 		if (!EC_POINTs_mul(group, R, z, 2, points, scalars, ctx)) ABORT; | ||||
| 		if (0 != EC_POINT_cmp(group, P, R, ctx)) ABORT; | ||||
| 		if (0 != EC_POINT_cmp(group, R, Q, ctx)) ABORT; | ||||
| 
 | ||||
| 		fprintf(stdout, "."); | ||||
| 		fflush(stdout); | ||||
| 
 | ||||
| 		if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0)) ABORT; | ||||
| 		if (!BN_add(z, z, y)) ABORT; | ||||
| 		BN_set_negative(z, 1); | ||||
| 		scalars[0] = y; | ||||
| 		scalars[1] = z; /* z = -(order + y) */ | ||||
| 
 | ||||
| 		if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) ABORT; | ||||
| 		if (!EC_POINT_is_at_infinity(group, P)) ABORT; | ||||
| 
 | ||||
| 		fprintf(stdout, "."); | ||||
| 		fflush(stdout); | ||||
| 
 | ||||
| 		if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0)) ABORT; | ||||
| 		if (!BN_add(z, x, y)) ABORT; | ||||
| 		BN_set_negative(z, 1); | ||||
| 		scalars[0] = x; | ||||
| 		scalars[1] = y; | ||||
| 		scalars[2] = z; /* z = -(x+y) */ | ||||
| 
 | ||||
| 		BN_init(&scalar3); | ||||
| 		BN_zero(&scalar3); | ||||
| 		scalars[3] = &scalar3; | ||||
| 
 | ||||
| 		if (!EC_POINTs_mul(group, P, NULL, 4, points, scalars, ctx)) ABORT; | ||||
| 		if (!EC_POINT_is_at_infinity(group, P)) ABORT; | ||||
| 
 | ||||
| 		fprintf(stdout, " ok\n\n"); | ||||
| 
 | ||||
| 		BN_free(&scalar3); | ||||
| 	} | ||||
| 
 | ||||
| 
 | ||||
| #if 0 | ||||
| 	timings(P_256, TIMING_BASE_PT, ctx); | ||||
| 	timings(P_256, TIMING_RAND_PT, ctx); | ||||
| 	timings(P_256, TIMING_SIMUL, ctx); | ||||
| 	timings(P_384, TIMING_BASE_PT, ctx); | ||||
| 	timings(P_384, TIMING_RAND_PT, ctx); | ||||
| 	timings(P_384, TIMING_SIMUL, ctx); | ||||
| #endif | ||||
| 
 | ||||
| 
 | ||||
| 	if (ctx) | ||||
| 		BN_CTX_free(ctx); | ||||
| 	BN_free(p); BN_free(a);	BN_free(b); | ||||
| 	EC_GROUP_free(group); | ||||
| 	EC_POINT_free(P); | ||||
| 	EC_POINT_free(Q); | ||||
| 	EC_POINT_free(R); | ||||
| 	BN_free(x); BN_free(y); BN_free(z); | ||||
| 
 | ||||
| 	if (P_160) EC_GROUP_free(P_160); | ||||
| 	if (P_192) EC_GROUP_free(P_192); | ||||
| 	if (P_224) EC_GROUP_free(P_224); | ||||
| 	if (P_256) EC_GROUP_free(P_256); | ||||
| 	if (P_384) EC_GROUP_free(P_384); | ||||
| 	if (P_521) EC_GROUP_free(P_521); | ||||
| 
 | ||||
| 	} | ||||
| 
 | ||||
| 
 | ||||
| static void internal_curve_test(void) | ||||
| 	{ | ||||
| 	EC_builtin_curve *curves = NULL; | ||||
| 	size_t crv_len = 0, n = 0; | ||||
| 	int    ok = 1; | ||||
| 
 | ||||
| 	crv_len = EC_get_builtin_curves(NULL, 0); | ||||
| 
 | ||||
| 	curves = OPENSSL_malloc(sizeof(EC_builtin_curve) * crv_len); | ||||
| 
 | ||||
| 	if (curves == NULL) | ||||
| 		return; | ||||
| 
 | ||||
| 	if (!EC_get_builtin_curves(curves, crv_len)) | ||||
| 		{ | ||||
| 		OPENSSL_free(curves); | ||||
| 		return; | ||||
| 		} | ||||
| 
 | ||||
| 	fprintf(stdout, "testing internal curves: "); | ||||
| 		 | ||||
| 	for (n = 0; n < crv_len; n++) | ||||
| 		{ | ||||
| 		EC_GROUP *group = NULL; | ||||
| 		int nid = curves[n].nid; | ||||
| 		if ((group = EC_GROUP_new_by_curve_name(nid)) == NULL) | ||||
| 			{ | ||||
| 			ok = 0; | ||||
| 			fprintf(stdout, "\nEC_GROUP_new_curve_name() failed with" | ||||
| 				" curve %s\n", OBJ_nid2sn(nid)); | ||||
| 			/* try next curve */ | ||||
| 			continue; | ||||
| 			} | ||||
| 		if (!EC_GROUP_check(group, NULL)) | ||||
| 			{ | ||||
| 			ok = 0; | ||||
| 			fprintf(stdout, "\nEC_GROUP_check() failed with" | ||||
| 				" curve %s\n", OBJ_nid2sn(nid)); | ||||
| 			EC_GROUP_free(group); | ||||
| 			/* try the next curve */ | ||||
| 			continue; | ||||
| 			} | ||||
| 		fprintf(stdout, "."); | ||||
| 		fflush(stdout); | ||||
| 		EC_GROUP_free(group); | ||||
| 		} | ||||
| 	if (ok) | ||||
| 		fprintf(stdout, " ok\n\n"); | ||||
| 	else | ||||
| 		{ | ||||
| 		fprintf(stdout, " failed\n\n"); | ||||
| 		ABORT; | ||||
| 		} | ||||
| 	OPENSSL_free(curves); | ||||
| 	return; | ||||
| 	} | ||||
| 
 | ||||
| #ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 | ||||
| /* nistp_test_params contains magic numbers for testing our optimized
 | ||||
|  * implementations of several NIST curves with characteristic > 3. */ | ||||
| struct nistp_test_params | ||||
| 	{ | ||||
| 	const EC_METHOD* (*meth) (); | ||||
| 	int degree; | ||||
| 	/* Qx, Qy and D are taken from
 | ||||
| 	 * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/ECDSA_Prime.pdf
 | ||||
| 	 * Otherwise, values are standard curve parameters from FIPS 180-3 */ | ||||
| 	const char *p, *a, *b, *Qx, *Qy, *Gx, *Gy, *order, *d; | ||||
| 	}; | ||||
| 
 | ||||
| static const struct nistp_test_params nistp_tests_params[] = | ||||
| 	{ | ||||
| 		{ | ||||
| 		/* P-256 */ | ||||
| 		EC_GFp_nistp256_method, | ||||
| 		256, | ||||
| 		"ffffffff00000001000000000000000000000000ffffffffffffffffffffffff", /* p */ | ||||
| 		"ffffffff00000001000000000000000000000000fffffffffffffffffffffffc", /* a */ | ||||
| 		"5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b", /* b */ | ||||
| 		"b7e08afdfe94bad3f1dc8c734798ba1c62b3a0ad1e9ea2a38201cd0889bc7a19", /* Qx */ | ||||
| 		"3603f747959dbf7a4bb226e41928729063adc7ae43529e61b563bbc606cc5e09", /* Qy */ | ||||
| 		"6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296", /* Gx */ | ||||
| 		"4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5", /* Gy */ | ||||
| 		"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", /* order */ | ||||
| 		"c477f9f65c22cce20657faa5b2d1d8122336f851a508a1ed04e479c34985bf96", /* d */ | ||||
| 		}, | ||||
| 	}; | ||||
| 
 | ||||
| void nistp_single_test(const struct nistp_test_params *test) | ||||
| 	{ | ||||
| 	BN_CTX *ctx; | ||||
| 	BIGNUM *p, *a, *b, *x, *y, *n, *m, *order; | ||||
| 	EC_GROUP *NISTP; | ||||
| 	EC_POINT *G, *P, *Q, *Q_CHECK; | ||||
| 
 | ||||
| 	fprintf(stdout, "\nNIST curve P-%d (optimised implementation):\n", test->degree); | ||||
| 	ctx = BN_CTX_new(); | ||||
| 	p = BN_new(); | ||||
| 	a = BN_new(); | ||||
| 	b = BN_new(); | ||||
| 	x = BN_new(); y = BN_new(); | ||||
| 	m = BN_new(); n = BN_new(); order = BN_new(); | ||||
| 
 | ||||
| 	NISTP = EC_GROUP_new(test->meth()); | ||||
| 	if(!NISTP) ABORT; | ||||
| 	if (!BN_hex2bn(&p, test->p)) ABORT; | ||||
| 	if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; | ||||
| 	if (!BN_hex2bn(&a, test->a)) ABORT; | ||||
| 	if (!BN_hex2bn(&b, test->b)) ABORT; | ||||
| 	if (!EC_GROUP_set_curve_GFp(NISTP, p, a, b, ctx)) ABORT; | ||||
| 	G = EC_POINT_new(NISTP); | ||||
| 	P = EC_POINT_new(NISTP); | ||||
| 	Q = EC_POINT_new(NISTP); | ||||
| 	Q_CHECK = EC_POINT_new(NISTP); | ||||
| 	if(!BN_hex2bn(&x, test->Qx)) ABORT; | ||||
| 	if(!BN_hex2bn(&y, test->Qy)) ABORT; | ||||
| 	if(!EC_POINT_set_affine_coordinates_GFp(NISTP, Q_CHECK, x, y, ctx)) ABORT; | ||||
| 	if (!BN_hex2bn(&x, test->Gx)) ABORT; | ||||
| 	if (!BN_hex2bn(&y, test->Gy)) ABORT; | ||||
| 	if (!EC_POINT_set_affine_coordinates_GFp(NISTP, G, x, y, ctx)) ABORT; | ||||
| 	if (!BN_hex2bn(&order, test->order)) ABORT; | ||||
| 	if (!EC_GROUP_set_generator(NISTP, G, order, BN_value_one())) ABORT; | ||||
| 
 | ||||
| 	fprintf(stdout, "verify degree ... "); | ||||
| 	if (EC_GROUP_get_degree(NISTP) != test->degree) ABORT; | ||||
| 	fprintf(stdout, "ok\n"); | ||||
| 
 | ||||
| 	fprintf(stdout, "NIST test vectors ... "); | ||||
| 	if (!BN_hex2bn(&n, test->d)) ABORT; | ||||
| 	/* fixed point multiplication */ | ||||
| 	EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx); | ||||
| 	if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) ABORT; | ||||
| 	/* random point multiplication */ | ||||
| 	EC_POINT_mul(NISTP, Q, NULL, G, n, ctx); | ||||
| 	if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) ABORT; | ||||
| 
 | ||||
| 	/* set generator to P = 2*G, where G is the standard generator */ | ||||
| 	if (!EC_POINT_dbl(NISTP, P, G, ctx)) ABORT; | ||||
| 	if (!EC_GROUP_set_generator(NISTP, P, order, BN_value_one())) ABORT; | ||||
| 	/* set the scalar to m=n/2, where n is the NIST test scalar */ | ||||
| 	if (!BN_rshift(m, n, 1)) ABORT; | ||||
| 
 | ||||
| 	/* test the non-standard generator */ | ||||
| 	/* fixed point multiplication */ | ||||
| 	EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx); | ||||
| 	if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) ABORT; | ||||
| 	/* random point multiplication */ | ||||
| 	EC_POINT_mul(NISTP, Q, NULL, P, m, ctx); | ||||
| 	if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) ABORT; | ||||
| 
 | ||||
| 	/* now repeat all tests with precomputation */ | ||||
| 	if (!EC_GROUP_precompute_mult(NISTP, ctx)) ABORT; | ||||
| 
 | ||||
| 	/* fixed point multiplication */ | ||||
| 	EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx); | ||||
| 	if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) ABORT; | ||||
| 	/* random point multiplication */ | ||||
| 	EC_POINT_mul(NISTP, Q, NULL, P, m, ctx); | ||||
| 	if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) ABORT; | ||||
| 
 | ||||
| 	/* reset generator */ | ||||
| 	if (!EC_GROUP_set_generator(NISTP, G, order, BN_value_one())) ABORT; | ||||
| 	/* fixed point multiplication */ | ||||
| 	EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx); | ||||
| 	if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) ABORT; | ||||
| 	/* random point multiplication */ | ||||
| 	EC_POINT_mul(NISTP, Q, NULL, G, n, ctx); | ||||
| 	if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) ABORT; | ||||
| 
 | ||||
| 	fprintf(stdout, "ok\n"); | ||||
| 	group_order_tests(NISTP); | ||||
| #if 0 | ||||
| 	timings(NISTP, TIMING_BASE_PT, ctx); | ||||
| 	timings(NISTP, TIMING_RAND_PT, ctx); | ||||
| #endif | ||||
| 	EC_GROUP_free(NISTP); | ||||
| 	EC_POINT_free(G); | ||||
| 	EC_POINT_free(P); | ||||
| 	EC_POINT_free(Q); | ||||
| 	EC_POINT_free(Q_CHECK); | ||||
| 	BN_free(n); | ||||
| 	BN_free(m); | ||||
| 	BN_free(p); | ||||
| 	BN_free(a); | ||||
| 	BN_free(b); | ||||
| 	BN_free(x); | ||||
| 	BN_free(y); | ||||
| 	BN_free(order); | ||||
| 	BN_CTX_free(ctx); | ||||
| 	} | ||||
| 
 | ||||
| void nistp_tests() | ||||
| 	{ | ||||
| 	unsigned i; | ||||
| 
 | ||||
| 	for (i = 0; i < sizeof(nistp_tests_params) / sizeof(struct nistp_test_params); i++) | ||||
| 		{ | ||||
| 		nistp_single_test(&nistp_tests_params[i]); | ||||
| 		} | ||||
| 	} | ||||
| #endif | ||||
| 
 | ||||
| static const char rnd_seed[] = "string to make the random number generator think it has entropy"; | ||||
| 
 | ||||
| int main(int argc, char *argv[]) | ||||
| 	{	 | ||||
| 	 | ||||
| 	/* enable memory leak checking unless explicitly disabled */ | ||||
| 	if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) | ||||
| 		{ | ||||
| 		CRYPTO_malloc_debug_init(); | ||||
| 		CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL); | ||||
| 		} | ||||
| 	else | ||||
| 		{ | ||||
| 		/* OPENSSL_DEBUG_MEMORY=off */ | ||||
| 		CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0); | ||||
| 		} | ||||
| 	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); | ||||
| 	ERR_load_crypto_strings(); | ||||
| 
 | ||||
| 	RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */ | ||||
| 
 | ||||
| 	prime_field_tests(); | ||||
| 	puts(""); | ||||
| #ifndef OPENSSL_NO_EC2M | ||||
| 	char2_field_tests(); | ||||
| #endif | ||||
| #ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 | ||||
| 	nistp_tests(); | ||||
| #endif | ||||
| 	/* test the internal curves */ | ||||
| 	internal_curve_test(); | ||||
| 
 | ||||
| #ifndef OPENSSL_NO_ENGINE | ||||
| 	ENGINE_cleanup(); | ||||
| #endif | ||||
| 	CRYPTO_cleanup_all_ex_data(); | ||||
| 	ERR_free_strings(); | ||||
| 	ERR_remove_thread_state(NULL); | ||||
| 	CRYPTO_mem_leaks_fp(stderr); | ||||
| 	 | ||||
| 	return 0; | ||||
| 	} | ||||
| #endif | ||||
| @ -7,6 +7,7 @@ set -e | ||||
| # MDC-2: 4,908,861 13/03/2007 - expired, we do not remove it but do not enable it anyway | ||||
| # IDEA:  5,214,703 07/01/2012 - expired, we do not remove it anymore | ||||
| # RC5:   5,724,428 01/11/2015 | ||||
| # EC:    ????????? ??/??/2020 | ||||
| # SRP:   ????????? ??/??/20?? | ||||
| 
 | ||||
| # Remove assembler portions of IDEA, MDC2, and RC5. | ||||
| @ -25,12 +26,23 @@ for c in `find crypto/evp -name "*_rc5.c"`; do | ||||
| 	> $c | ||||
| done | ||||
| 
 | ||||
| for c in `find crypto/bn -name "*gf2m.c"`; do | ||||
| 	echo Destroying $c | ||||
| 	> $c | ||||
| done | ||||
| 
 | ||||
| for c in `find crypto/ec -name "ec2*.c" -o -name "ec_curve.c" -o -name "ecp_nistp?2?.c" -o -name "ectest.c"`; do | ||||
| 	echo Destroying $c | ||||
| 	> $c | ||||
| done | ||||
| 
 | ||||
| for h in `find crypto ssl apps test -name "*.h"` ; do | ||||
| 	echo Removing RC5, SRP references from $h | ||||
| 	echo Removing RC5, SRP and EC2M references from $h | ||||
| 	cat $h | \ | ||||
| 	awk    'BEGIN {ech=1;} \ | ||||
| 		/^#[ \t]*ifndef.*NO_SRP/ {ech--; next;} \ | ||||
| 		/^#[ \t]*ifndef.*NO_RC5/ {ech--; next;} \ | ||||
| 		/^#[ \t]*ifndef.*NO_EC2M/ {ech--; next;} \ | ||||
|                 /^#[ \t]*if/ {if(ech < 1) ech--;} \ | ||||
| 		{if(ech>0) {;print $0};} \ | ||||
| 		/^#[ \t]*endif/ {if(ech < 1) ech++;}' > $h.hobbled && \ | ||||
|  | ||||
| @ -1,6 +1,6 @@ | ||||
| diff -up openssl-1.0.1e/crypto/fips/fips.c.fips-ctor openssl-1.0.1e/crypto/fips/fips.c
 | ||||
| --- openssl-1.0.1e/crypto/fips/fips.c.fips-ctor	2013-09-23 18:05:15.731136863 +0200
 | ||||
| +++ openssl-1.0.1e/crypto/fips/fips.c	2013-09-23 18:18:27.953969770 +0200
 | ||||
| --- openssl-1.0.1e/crypto/fips/fips.c.fips-ctor	2013-09-26 13:52:30.767885457 +0200
 | ||||
| +++ openssl-1.0.1e/crypto/fips/fips.c	2013-09-26 14:01:29.406010187 +0200
 | ||||
| @@ -60,6 +60,8 @@
 | ||||
|  #include <dlfcn.h> | ||||
|  #include <stdio.h> | ||||
| @ -45,7 +45,7 @@ diff -up openssl-1.0.1e/crypto/fips/fips.c.fips-ctor openssl-1.0.1e/crypto/fips/ | ||||
|   | ||||
|  	hmacpath = make_hmac_path(path); | ||||
|  	if (hmacpath == NULL) | ||||
| @@ -341,6 +339,64 @@ end:
 | ||||
| @@ -341,6 +339,53 @@ end:
 | ||||
|  	return 1;	 | ||||
|  } | ||||
|   | ||||
| @ -80,37 +80,26 @@ diff -up openssl-1.0.1e/crypto/fips/fips.c.fips-ctor openssl-1.0.1e/crypto/fips/ | ||||
| +	return 1;
 | ||||
| +    }
 | ||||
| +
 | ||||
| +#ifndef FIPS_MODULE_PATH
 | ||||
| +#define FIPS_MODULE_PATH "/etc/system-fips"
 | ||||
| +#endif
 | ||||
| +
 | ||||
| +int
 | ||||
| +FIPS_module_installed(void)
 | ||||
| +    {
 | ||||
| +	char path[PATH_MAX+1];
 | ||||
| +	int rv;
 | ||||
| +	char *hmacpath, *p;
 | ||||
| +	char *hmac = NULL;
 | ||||
| +	size_t n;
 | ||||
| +	
 | ||||
| +	rv = get_library_path("libcrypto.so." SHLIB_VERSION_NUMBER, "FIPS_mode_set", path, sizeof(path));
 | ||||
| +    int rv;
 | ||||
| +    rv = access(FIPS_MODULE_PATH, F_OK);
 | ||||
| +    if (rv < 0 && errno != ENOENT)
 | ||||
| +	rv = 0;
 | ||||
| +
 | ||||
| +	if (rv < 0)
 | ||||
| +		return 0;
 | ||||
| +
 | ||||
| +	hmacpath = make_hmac_path(path);
 | ||||
| +	if (hmacpath == NULL)
 | ||||
| +		return 0;
 | ||||
| +
 | ||||
| +	rv = access(hmacpath, F_OK);
 | ||||
| +	if (rv < 0 && errno != ENOENT)
 | ||||
| +		rv = 0;
 | ||||
| +
 | ||||
| +        free(hmacpath);
 | ||||
| +	/* Installed == true */
 | ||||
| +	return !rv;
 | ||||
| +    /* Installed == true */
 | ||||
| +    return !rv;
 | ||||
| +    }
 | ||||
| +
 | ||||
|  int FIPS_module_mode_set(int onoff, const char *auth) | ||||
|      { | ||||
|      int ret = 0; | ||||
| @@ -379,15 +435,7 @@ int FIPS_module_mode_set(int onoff, cons
 | ||||
| @@ -379,15 +424,7 @@ int FIPS_module_mode_set(int onoff, cons
 | ||||
|  	} | ||||
|  #endif | ||||
|   | ||||
| @ -128,8 +117,8 @@ diff -up openssl-1.0.1e/crypto/fips/fips.c.fips-ctor openssl-1.0.1e/crypto/fips/ | ||||
|  	    FIPSerr(FIPS_F_FIPS_MODULE_MODE_SET,FIPS_R_FINGERPRINT_DOES_NOT_MATCH); | ||||
|  	    fips_selftest_fail = 1; | ||||
| diff -up openssl-1.0.1e/crypto/fips/fips.h.fips-ctor openssl-1.0.1e/crypto/fips/fips.h
 | ||||
| --- openssl-1.0.1e/crypto/fips/fips.h.fips-ctor	2013-09-23 18:05:15.734136931 +0200
 | ||||
| +++ openssl-1.0.1e/crypto/fips/fips.h	2013-09-23 18:05:15.775137854 +0200
 | ||||
| --- openssl-1.0.1e/crypto/fips/fips.h.fips-ctor	2013-09-26 13:52:30.814886515 +0200
 | ||||
| +++ openssl-1.0.1e/crypto/fips/fips.h	2013-09-26 13:52:30.816886560 +0200
 | ||||
| @@ -74,6 +74,7 @@ struct hmac_ctx_st;
 | ||||
|   | ||||
|  int FIPS_module_mode_set(int onoff, const char *auth); | ||||
| @ -139,33 +128,37 @@ diff -up openssl-1.0.1e/crypto/fips/fips.h.fips-ctor openssl-1.0.1e/crypto/fips/ | ||||
|  int FIPS_selftest(void); | ||||
|  int FIPS_selftest_failed(void); | ||||
| diff -up openssl-1.0.1e/crypto/o_init.c.fips-ctor openssl-1.0.1e/crypto/o_init.c
 | ||||
| --- openssl-1.0.1e/crypto/o_init.c.fips-ctor	2013-09-23 18:05:15.762137561 +0200
 | ||||
| +++ openssl-1.0.1e/crypto/o_init.c	2013-09-23 18:05:15.776137876 +0200
 | ||||
| @@ -73,6 +73,10 @@ static void init_fips_mode(void)
 | ||||
| --- openssl-1.0.1e/crypto/o_init.c.fips-ctor	2013-09-26 13:52:30.807886357 +0200
 | ||||
| +++ openssl-1.0.1e/crypto/o_init.c	2013-09-26 14:00:21.000000000 +0200
 | ||||
| @@ -71,6 +71,9 @@ static void init_fips_mode(void)
 | ||||
|  	char buf[2] = "0"; | ||||
|  	int fd; | ||||
|  	 | ||||
| +	/* Ensure the selftests always run and abort on error */
 | ||||
| +	/* Ensure the selftests always run */
 | ||||
| +	FIPS_mode_set(1);
 | ||||
| +	FIPS_selftest_check();
 | ||||
| +
 | ||||
|  	if (secure_getenv("OPENSSL_FORCE_FIPS_MODE") != NULL) | ||||
|  		{ | ||||
|  		buf[0] = '1'; | ||||
| @@ -87,9 +91,10 @@ static void init_fips_mode(void)
 | ||||
| @@ -85,9 +88,15 @@ static void init_fips_mode(void)
 | ||||
|  	 * otherwise.  | ||||
|  	 */ | ||||
|  	 | ||||
| -	if (buf[0] == '1')
 | ||||
| +	if (buf[0] != '1')
 | ||||
|  		{ | ||||
| -		FIPS_mode_set(1);
 | ||||
| +		{
 | ||||
| +		/* drop down to non-FIPS mode if it is not requested */
 | ||||
| +		FIPS_mode_set(0);
 | ||||
| +		}
 | ||||
| +	else
 | ||||
|  		{ | ||||
| -		FIPS_mode_set(1);
 | ||||
| +		/* abort if selftest failed */
 | ||||
| +		FIPS_selftest_check();
 | ||||
|  		} | ||||
|  	} | ||||
|  #endif | ||||
| @@ -98,13 +103,17 @@ static void init_fips_mode(void)
 | ||||
| @@ -96,13 +105,17 @@ static void init_fips_mode(void)
 | ||||
|   * Currently only sets FIPS callbacks | ||||
|   */ | ||||
|   | ||||
|  | ||||
| @ -1,27 +1,220 @@ | ||||
| diff -up openssl-1.0.1e/crypto/ec/ec2_smpl.c.fips-ec openssl-1.0.1e/crypto/ec/ec2_smpl.c
 | ||||
| --- openssl-1.0.1e/crypto/ec/ec2_smpl.c.fips-ec	2013-10-15 01:10:57.472546753 +0100
 | ||||
| +++ openssl-1.0.1e/crypto/ec/ec2_smpl.c	2013-10-15 01:11:10.346529011 +0100
 | ||||
| @@ -80,9 +80,6 @@
 | ||||
| diff -up openssl-1.0.1e/crypto/ecdh/ecdh.h.fips-ec openssl-1.0.1e/crypto/ecdh/ecdh.h
 | ||||
| --- openssl-1.0.1e/crypto/ecdh/ecdh.h.fips-ec	2013-05-03 12:19:59.248301642 +0200
 | ||||
| +++ openssl-1.0.1e/crypto/ecdh/ecdh.h	2013-05-03 12:19:59.975317289 +0200
 | ||||
| @@ -85,6 +85,8 @@
 | ||||
|  extern "C" { | ||||
|  #endif | ||||
|   | ||||
|  const EC_METHOD *EC_GF2m_simple_method(void) | ||||
| +#define EC_FLAG_COFACTOR_ECDH	0x1000
 | ||||
| +
 | ||||
|  const ECDH_METHOD *ECDH_OpenSSL(void); | ||||
|   | ||||
|  void	  ECDH_set_default_method(const ECDH_METHOD *); | ||||
| diff -up openssl-1.0.1e/crypto/ecdh/ecdhtest.c.fips-ec openssl-1.0.1e/crypto/ecdh/ecdhtest.c
 | ||||
| --- openssl-1.0.1e/crypto/ecdh/ecdhtest.c.fips-ec	2013-02-11 16:26:04.000000000 +0100
 | ||||
| +++ openssl-1.0.1e/crypto/ecdh/ecdhtest.c	2013-05-03 12:19:59.975317289 +0200
 | ||||
| @@ -323,11 +323,15 @@ int main(int argc, char *argv[])
 | ||||
|  	if ((ctx=BN_CTX_new()) == NULL) goto err; | ||||
|   | ||||
|  	/* NIST PRIME CURVES TESTS */ | ||||
| +#if 0
 | ||||
|  	if (!test_ecdh_curve(NID_X9_62_prime192v1, "NIST Prime-Curve P-192", ctx, out)) goto err; | ||||
|  	if (!test_ecdh_curve(NID_secp224r1, "NIST Prime-Curve P-224", ctx, out)) goto err; | ||||
| +#endif
 | ||||
|  	if (!test_ecdh_curve(NID_X9_62_prime256v1, "NIST Prime-Curve P-256", ctx, out)) goto err; | ||||
|  	if (!test_ecdh_curve(NID_secp384r1, "NIST Prime-Curve P-384", ctx, out)) goto err; | ||||
| +#if 0
 | ||||
|  	if (!test_ecdh_curve(NID_secp521r1, "NIST Prime-Curve P-521", ctx, out)) goto err; | ||||
| +#endif
 | ||||
|  #ifndef OPENSSL_NO_EC2M | ||||
|  	/* NIST BINARY CURVES TESTS */ | ||||
|  	if (!test_ecdh_curve(NID_sect163k1, "NIST Binary-Curve K-163", ctx, out)) goto err; | ||||
| diff -up openssl-1.0.1e/crypto/ecdh/ech_lib.c.fips-ec openssl-1.0.1e/crypto/ecdh/ech_lib.c
 | ||||
| --- openssl-1.0.1e/crypto/ecdh/ech_lib.c.fips-ec	2013-02-11 16:26:04.000000000 +0100
 | ||||
| +++ openssl-1.0.1e/crypto/ecdh/ech_lib.c	2013-05-03 12:19:59.976317311 +0200
 | ||||
| @@ -94,14 +94,7 @@ const ECDH_METHOD *ECDH_get_default_meth
 | ||||
|  	{ | ||||
|  	if(!default_ECDH_method)  | ||||
|  		{ | ||||
| -#ifdef OPENSSL_FIPS
 | ||||
| -	return fips_ec_gf2m_simple_method();
 | ||||
| -		if (FIPS_mode())
 | ||||
| -			return FIPS_ecdh_openssl();
 | ||||
| -		else
 | ||||
| -			return ECDH_OpenSSL();
 | ||||
| -#else
 | ||||
|  	static const EC_METHOD ret = { | ||||
|  		EC_FLAGS_DEFAULT_OCT, | ||||
|  		NID_X9_62_characteristic_two_field, | ||||
| @@ -126,7 +123,6 @@ const EC_METHOD *EC_GF2m_simple_method(v
 | ||||
|  		0 /* field_set_to_one */ }; | ||||
|   | ||||
|  	return &ret; | ||||
|  		default_ECDH_method = ECDH_OpenSSL(); | ||||
| -#endif
 | ||||
|  		} | ||||
|  	return default_ECDH_method; | ||||
|  	} | ||||
| diff -up openssl-1.0.1e/crypto/ecdh/ech_ossl.c.fips-ec openssl-1.0.1e/crypto/ecdh/ech_ossl.c
 | ||||
| --- openssl-1.0.1e/crypto/ecdh/ech_ossl.c.fips-ec	2013-02-11 16:26:04.000000000 +0100
 | ||||
| +++ openssl-1.0.1e/crypto/ecdh/ech_ossl.c	2013-05-03 12:19:59.976317311 +0200
 | ||||
| @@ -79,6 +79,10 @@
 | ||||
|  #include <openssl/obj_mac.h> | ||||
|  #include <openssl/bn.h> | ||||
|   | ||||
| +#ifdef OPENSSL_FIPS
 | ||||
| +#include <openssl/fips.h>
 | ||||
| +#endif
 | ||||
| +
 | ||||
|  static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key, | ||||
|  	EC_KEY *ecdh,  | ||||
|  	void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); | ||||
| @@ -90,7 +94,7 @@ static ECDH_METHOD openssl_ecdh_meth = {
 | ||||
|  	NULL, /* init     */ | ||||
|  	NULL, /* finish   */ | ||||
|  #endif | ||||
| -	0,    /* flags    */
 | ||||
| +	ECDH_FLAG_FIPS_METHOD,    /* flags    */
 | ||||
|  	NULL  /* app_data */ | ||||
|  }; | ||||
|   | ||||
| @@ -118,6 +122,14 @@ static int ecdh_compute_key(void *out, s
 | ||||
|  	size_t buflen, len; | ||||
|  	unsigned char *buf=NULL; | ||||
|   | ||||
| +#ifdef OPENSSL_FIPS
 | ||||
| +	if(FIPS_selftest_failed())
 | ||||
| +		{
 | ||||
| +		FIPSerr(FIPS_F_ECDH_COMPUTE_KEY,FIPS_R_FIPS_SELFTEST_FAILED);
 | ||||
| +		return -1;
 | ||||
| +		}
 | ||||
| +#endif
 | ||||
| +
 | ||||
|  	if (outlen > INT_MAX) | ||||
|  		{ | ||||
|  		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); /* sort of, anyway */ | ||||
| @@ -137,6 +149,18 @@ static int ecdh_compute_key(void *out, s
 | ||||
|  		} | ||||
|   | ||||
|  	group = EC_KEY_get0_group(ecdh); | ||||
| +
 | ||||
| +	if (EC_KEY_get_flags(ecdh) & EC_FLAG_COFACTOR_ECDH)
 | ||||
| +		{
 | ||||
| +		if (!EC_GROUP_get_cofactor(group, x, ctx) ||
 | ||||
| +			!BN_mul(x, x, priv_key, ctx))
 | ||||
| +			{
 | ||||
| +			ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
 | ||||
| +			goto err;
 | ||||
| +			}
 | ||||
| +		priv_key = x;
 | ||||
| +		}
 | ||||
| +
 | ||||
|  	if ((tmp=EC_POINT_new(group)) == NULL) | ||||
|  		{ | ||||
|  		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); | ||||
| diff -up openssl-1.0.1e/crypto/ecdsa/ecdsatest.c.fips-ec openssl-1.0.1e/crypto/ecdsa/ecdsatest.c
 | ||||
| --- openssl-1.0.1e/crypto/ecdsa/ecdsatest.c.fips-ec	2013-02-11 16:26:04.000000000 +0100
 | ||||
| +++ openssl-1.0.1e/crypto/ecdsa/ecdsatest.c	2013-05-03 12:19:59.976317311 +0200
 | ||||
| @@ -138,11 +138,14 @@ int restore_rand(void)
 | ||||
|  	} | ||||
|   | ||||
|  static int fbytes_counter = 0; | ||||
| -static const char *numbers[8] = {
 | ||||
| +static const char *numbers[10] = {
 | ||||
| +	"651056770906015076056810763456358567190100156695615665659",
 | ||||
|  	"651056770906015076056810763456358567190100156695615665659", | ||||
|  	"6140507067065001063065065565667405560006161556565665656654", | ||||
|  	"8763001015071075675010661307616710783570106710677817767166" | ||||
|  	"71676178726717", | ||||
| +	"8763001015071075675010661307616710783570106710677817767166"
 | ||||
| +	"71676178726717",
 | ||||
|  	"7000000175690566466555057817571571075705015757757057795755" | ||||
|  	"55657156756655", | ||||
|  	"1275552191113212300012030439187146164646146646466749494799", | ||||
| @@ -157,7 +160,7 @@ int fbytes(unsigned char *buf, int num)
 | ||||
|  	int	ret; | ||||
|  	BIGNUM	*tmp = NULL; | ||||
|   | ||||
| -	if (fbytes_counter >= 8)
 | ||||
| +	if (fbytes_counter >= 10)
 | ||||
|  		return 0; | ||||
|  	tmp = BN_new(); | ||||
|  	if (!tmp) | ||||
| @@ -550,7 +553,9 @@ int main(void)
 | ||||
|  	RAND_seed(rnd_seed, sizeof(rnd_seed)); | ||||
|   | ||||
|  	/* the tests */ | ||||
| +#if 0
 | ||||
|  	if (!x9_62_tests(out))  goto err; | ||||
| +#endif
 | ||||
|  	if (!test_builtin(out)) goto err; | ||||
|  	 | ||||
|  	ret = 0; | ||||
| diff -up openssl-1.0.1e/crypto/ecdsa/ecs_lib.c.fips-ec openssl-1.0.1e/crypto/ecdsa/ecs_lib.c
 | ||||
| --- openssl-1.0.1e/crypto/ecdsa/ecs_lib.c.fips-ec	2013-02-11 16:26:04.000000000 +0100
 | ||||
| +++ openssl-1.0.1e/crypto/ecdsa/ecs_lib.c	2013-05-03 12:19:59.977317333 +0200
 | ||||
| @@ -81,14 +81,7 @@ const ECDSA_METHOD *ECDSA_get_default_me
 | ||||
|  { | ||||
|  	if(!default_ECDSA_method)  | ||||
|  		{ | ||||
| -#ifdef OPENSSL_FIPS
 | ||||
| -		if (FIPS_mode())
 | ||||
| -			return FIPS_ecdsa_openssl();
 | ||||
| -		else
 | ||||
| -			return ECDSA_OpenSSL();
 | ||||
| -#else
 | ||||
|  		default_ECDSA_method = ECDSA_OpenSSL(); | ||||
| -#endif
 | ||||
|  		} | ||||
|  	return default_ECDSA_method; | ||||
|  } | ||||
| diff -up openssl-1.0.1e/crypto/ecdsa/ecs_ossl.c.fips-ec openssl-1.0.1e/crypto/ecdsa/ecs_ossl.c
 | ||||
| --- openssl-1.0.1e/crypto/ecdsa/ecs_ossl.c.fips-ec	2013-02-11 16:26:04.000000000 +0100
 | ||||
| +++ openssl-1.0.1e/crypto/ecdsa/ecs_ossl.c	2013-05-03 12:19:59.977317333 +0200
 | ||||
| @@ -60,6 +60,9 @@
 | ||||
|  #include <openssl/err.h> | ||||
|  #include <openssl/obj_mac.h> | ||||
|  #include <openssl/bn.h> | ||||
| +#ifdef OPENSSL_FIPS
 | ||||
| +#include <openssl/fips.h>
 | ||||
| +#endif
 | ||||
|   | ||||
|  static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dlen,  | ||||
|  		const BIGNUM *, const BIGNUM *, EC_KEY *eckey); | ||||
| @@ -77,7 +80,7 @@ static ECDSA_METHOD openssl_ecdsa_meth =
 | ||||
|  	NULL, /* init     */ | ||||
|  	NULL, /* finish   */ | ||||
|  #endif | ||||
| -	0,    /* flags    */
 | ||||
| +	ECDSA_FLAG_FIPS_METHOD,    /* flags    */
 | ||||
|  	NULL  /* app_data */ | ||||
|  }; | ||||
|   | ||||
| @@ -231,6 +234,14 @@ static ECDSA_SIG *ecdsa_do_sign(const un
 | ||||
|  	ECDSA_DATA *ecdsa; | ||||
|  	const BIGNUM *priv_key; | ||||
|   | ||||
| +#ifdef OPENSSL_FIPS
 | ||||
| +	if(FIPS_selftest_failed())
 | ||||
| +		{
 | ||||
| +		FIPSerr(FIPS_F_ECDSA_DO_SIGN,FIPS_R_FIPS_SELFTEST_FAILED);
 | ||||
| +		return NULL;
 | ||||
| +		}
 | ||||
| +#endif
 | ||||
| +
 | ||||
|  	ecdsa    = ecdsa_check(eckey); | ||||
|  	group    = EC_KEY_get0_group(eckey); | ||||
|  	priv_key = EC_KEY_get0_private_key(eckey); | ||||
| @@ -360,6 +371,14 @@ static int ecdsa_do_verify(const unsigne
 | ||||
|  	const EC_GROUP *group; | ||||
|  	const EC_POINT *pub_key; | ||||
|   | ||||
| +#ifdef OPENSSL_FIPS
 | ||||
| +	if(FIPS_selftest_failed())
 | ||||
| +		{
 | ||||
| +		FIPSerr(FIPS_F_ECDSA_DO_VERIFY,FIPS_R_FIPS_SELFTEST_FAILED);
 | ||||
| +		return -1;
 | ||||
| +		}
 | ||||
| +#endif
 | ||||
| +
 | ||||
|  	/* check input values */ | ||||
|  	if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL || | ||||
|  	    (pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL) | ||||
| diff -up openssl-1.0.1e/crypto/ec/ec_key.c.fips-ec openssl-1.0.1e/crypto/ec/ec_key.c
 | ||||
| --- openssl-1.0.1e/crypto/ec/ec_key.c.fips-ec	2013-02-11 15:26:04.000000000 +0000
 | ||||
| +++ openssl-1.0.1e/crypto/ec/ec_key.c	2013-10-15 01:08:06.046783148 +0100
 | ||||
| --- openssl-1.0.1e/crypto/ec/ec_key.c.fips-ec	2013-02-11 16:26:04.000000000 +0100
 | ||||
| +++ openssl-1.0.1e/crypto/ec/ec_key.c	2013-05-03 12:19:59.978317354 +0200
 | ||||
| @@ -64,9 +64,6 @@
 | ||||
|  #include <string.h> | ||||
|  #include "ec_lcl.h" | ||||
| @ -119,8 +312,8 @@ diff -up openssl-1.0.1e/crypto/ec/ec_key.c.fips-ec openssl-1.0.1e/crypto/ec/ec_k | ||||
|  		ECerr(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES, | ||||
|  			EC_R_COORDINATES_OUT_OF_RANGE); | ||||
| diff -up openssl-1.0.1e/crypto/ec/ecp_mont.c.fips-ec openssl-1.0.1e/crypto/ec/ecp_mont.c
 | ||||
| --- openssl-1.0.1e/crypto/ec/ecp_mont.c.fips-ec	2013-02-11 15:26:04.000000000 +0000
 | ||||
| +++ openssl-1.0.1e/crypto/ec/ecp_mont.c	2013-10-15 01:08:06.047783146 +0100
 | ||||
| --- openssl-1.0.1e/crypto/ec/ecp_mont.c.fips-ec	2013-02-11 16:26:04.000000000 +0100
 | ||||
| +++ openssl-1.0.1e/crypto/ec/ecp_mont.c	2013-05-03 12:19:59.978317354 +0200
 | ||||
| @@ -63,18 +63,11 @@
 | ||||
|   | ||||
|  #include <openssl/err.h> | ||||
| @ -149,8 +342,8 @@ diff -up openssl-1.0.1e/crypto/ec/ecp_mont.c.fips-ec openssl-1.0.1e/crypto/ec/ec | ||||
|   | ||||
|   | ||||
| diff -up openssl-1.0.1e/crypto/ec/ecp_nist.c.fips-ec openssl-1.0.1e/crypto/ec/ecp_nist.c
 | ||||
| --- openssl-1.0.1e/crypto/ec/ecp_nist.c.fips-ec	2013-02-11 15:26:04.000000000 +0000
 | ||||
| +++ openssl-1.0.1e/crypto/ec/ecp_nist.c	2013-10-15 01:08:06.047783146 +0100
 | ||||
| --- openssl-1.0.1e/crypto/ec/ecp_nist.c.fips-ec	2013-02-11 16:26:04.000000000 +0100
 | ||||
| +++ openssl-1.0.1e/crypto/ec/ecp_nist.c	2013-05-03 12:19:59.978317354 +0200
 | ||||
| @@ -67,15 +67,8 @@
 | ||||
|  #include <openssl/obj_mac.h> | ||||
|  #include "ec_lcl.h" | ||||
| @ -176,8 +369,8 @@ diff -up openssl-1.0.1e/crypto/ec/ecp_nist.c.fips-ec openssl-1.0.1e/crypto/ec/ec | ||||
|   | ||||
|  int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src) | ||||
| diff -up openssl-1.0.1e/crypto/ec/ecp_smpl.c.fips-ec openssl-1.0.1e/crypto/ec/ecp_smpl.c
 | ||||
| --- openssl-1.0.1e/crypto/ec/ecp_smpl.c.fips-ec	2013-02-11 15:26:04.000000000 +0000
 | ||||
| +++ openssl-1.0.1e/crypto/ec/ecp_smpl.c	2013-10-15 01:08:06.047783146 +0100
 | ||||
| --- openssl-1.0.1e/crypto/ec/ecp_smpl.c.fips-ec	2013-02-11 16:26:04.000000000 +0100
 | ||||
| +++ openssl-1.0.1e/crypto/ec/ecp_smpl.c	2013-05-03 12:19:59.979317376 +0200
 | ||||
| @@ -65,17 +65,10 @@
 | ||||
|  #include <openssl/err.h> | ||||
|  #include <openssl/symhacks.h> | ||||
| @ -204,223 +397,22 @@ diff -up openssl-1.0.1e/crypto/ec/ecp_smpl.c.fips-ec openssl-1.0.1e/crypto/ec/ec | ||||
|  	} | ||||
|   | ||||
|   | ||||
| diff -up openssl-1.0.1e/crypto/ecdh/ecdh.h.fips-ec openssl-1.0.1e/crypto/ecdh/ecdh.h
 | ||||
| --- openssl-1.0.1e/crypto/ecdh/ecdh.h.fips-ec	2013-10-15 01:08:05.748783559 +0100
 | ||||
| +++ openssl-1.0.1e/crypto/ecdh/ecdh.h	2013-10-15 01:08:06.046783148 +0100
 | ||||
| @@ -85,6 +85,8 @@
 | ||||
|  extern "C" { | ||||
|  #endif | ||||
|   | ||||
| +#define EC_FLAG_COFACTOR_ECDH	0x1000
 | ||||
| +
 | ||||
|  const ECDH_METHOD *ECDH_OpenSSL(void); | ||||
|   | ||||
|  void	  ECDH_set_default_method(const ECDH_METHOD *); | ||||
| diff -up openssl-1.0.1e/crypto/ecdh/ecdhtest.c.fips-ec openssl-1.0.1e/crypto/ecdh/ecdhtest.c
 | ||||
| --- openssl-1.0.1e/crypto/ecdh/ecdhtest.c.fips-ec	2013-02-11 15:26:04.000000000 +0000
 | ||||
| +++ openssl-1.0.1e/crypto/ecdh/ecdhtest.c	2013-10-15 01:08:06.046783148 +0100
 | ||||
| @@ -323,11 +323,15 @@ int main(int argc, char *argv[])
 | ||||
|  	if ((ctx=BN_CTX_new()) == NULL) goto err; | ||||
|   | ||||
|  	/* NIST PRIME CURVES TESTS */ | ||||
| +#if 0
 | ||||
|  	if (!test_ecdh_curve(NID_X9_62_prime192v1, "NIST Prime-Curve P-192", ctx, out)) goto err; | ||||
|  	if (!test_ecdh_curve(NID_secp224r1, "NIST Prime-Curve P-224", ctx, out)) goto err; | ||||
| +#endif
 | ||||
|  	if (!test_ecdh_curve(NID_X9_62_prime256v1, "NIST Prime-Curve P-256", ctx, out)) goto err; | ||||
|  	if (!test_ecdh_curve(NID_secp384r1, "NIST Prime-Curve P-384", ctx, out)) goto err; | ||||
| +#if 0
 | ||||
|  	if (!test_ecdh_curve(NID_secp521r1, "NIST Prime-Curve P-521", ctx, out)) goto err; | ||||
| +#endif
 | ||||
|  #ifndef OPENSSL_NO_EC2M | ||||
|  	/* NIST BINARY CURVES TESTS */ | ||||
|  	if (!test_ecdh_curve(NID_sect163k1, "NIST Binary-Curve K-163", ctx, out)) goto err; | ||||
| diff -up openssl-1.0.1e/crypto/ecdh/ech_lib.c.fips-ec openssl-1.0.1e/crypto/ecdh/ech_lib.c
 | ||||
| --- openssl-1.0.1e/crypto/ecdh/ech_lib.c.fips-ec	2013-02-11 15:26:04.000000000 +0000
 | ||||
| +++ openssl-1.0.1e/crypto/ecdh/ech_lib.c	2013-10-15 01:08:06.046783148 +0100
 | ||||
| @@ -94,14 +94,7 @@ const ECDH_METHOD *ECDH_get_default_meth
 | ||||
|  	{ | ||||
|  	if(!default_ECDH_method)  | ||||
|  		{ | ||||
| -#ifdef OPENSSL_FIPS
 | ||||
| -		if (FIPS_mode())
 | ||||
| -			return FIPS_ecdh_openssl();
 | ||||
| -		else
 | ||||
| -			return ECDH_OpenSSL();
 | ||||
| -#else
 | ||||
|  		default_ECDH_method = ECDH_OpenSSL(); | ||||
| -#endif
 | ||||
|  		} | ||||
|  	return default_ECDH_method; | ||||
|  	} | ||||
| diff -up openssl-1.0.1e/crypto/ecdh/ech_ossl.c.fips-ec openssl-1.0.1e/crypto/ecdh/ech_ossl.c
 | ||||
| --- openssl-1.0.1e/crypto/ecdh/ech_ossl.c.fips-ec	2013-02-11 15:26:04.000000000 +0000
 | ||||
| +++ openssl-1.0.1e/crypto/ecdh/ech_ossl.c	2013-10-15 01:08:06.046783148 +0100
 | ||||
| @@ -79,6 +79,10 @@
 | ||||
|  #include <openssl/obj_mac.h> | ||||
|  #include <openssl/bn.h> | ||||
|   | ||||
| +#ifdef OPENSSL_FIPS
 | ||||
| +#include <openssl/fips.h>
 | ||||
| +#endif
 | ||||
| +
 | ||||
|  static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key, | ||||
|  	EC_KEY *ecdh,  | ||||
|  	void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); | ||||
| @@ -90,7 +94,7 @@ static ECDH_METHOD openssl_ecdh_meth = {
 | ||||
|  	NULL, /* init     */ | ||||
|  	NULL, /* finish   */ | ||||
|  #endif | ||||
| -	0,    /* flags    */
 | ||||
| +	ECDH_FLAG_FIPS_METHOD,    /* flags    */
 | ||||
|  	NULL  /* app_data */ | ||||
|  }; | ||||
|   | ||||
| @@ -118,6 +122,14 @@ static int ecdh_compute_key(void *out, s
 | ||||
|  	size_t buflen, len; | ||||
|  	unsigned char *buf=NULL; | ||||
|   | ||||
| +#ifdef OPENSSL_FIPS
 | ||||
| +	if(FIPS_selftest_failed())
 | ||||
| +		{
 | ||||
| +		FIPSerr(FIPS_F_ECDH_COMPUTE_KEY,FIPS_R_FIPS_SELFTEST_FAILED);
 | ||||
| +		return -1;
 | ||||
| +		}
 | ||||
| +#endif
 | ||||
| +
 | ||||
|  	if (outlen > INT_MAX) | ||||
|  		{ | ||||
|  		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); /* sort of, anyway */ | ||||
| @@ -137,6 +149,18 @@ static int ecdh_compute_key(void *out, s
 | ||||
|  		} | ||||
|   | ||||
|  	group = EC_KEY_get0_group(ecdh); | ||||
| +
 | ||||
| +	if (EC_KEY_get_flags(ecdh) & EC_FLAG_COFACTOR_ECDH)
 | ||||
| +		{
 | ||||
| +		if (!EC_GROUP_get_cofactor(group, x, ctx) ||
 | ||||
| +			!BN_mul(x, x, priv_key, ctx))
 | ||||
| +			{
 | ||||
| +			ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
 | ||||
| +			goto err;
 | ||||
| +			}
 | ||||
| +		priv_key = x;
 | ||||
| +		}
 | ||||
| +
 | ||||
|  	if ((tmp=EC_POINT_new(group)) == NULL) | ||||
|  		{ | ||||
|  		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); | ||||
| diff -up openssl-1.0.1e/crypto/ecdsa/ecdsatest.c.fips-ec openssl-1.0.1e/crypto/ecdsa/ecdsatest.c
 | ||||
| --- openssl-1.0.1e/crypto/ecdsa/ecdsatest.c.fips-ec	2013-02-11 15:26:04.000000000 +0000
 | ||||
| +++ openssl-1.0.1e/crypto/ecdsa/ecdsatest.c	2013-10-15 01:08:06.046783148 +0100
 | ||||
| @@ -138,11 +138,14 @@ int restore_rand(void)
 | ||||
|  	} | ||||
|   | ||||
|  static int fbytes_counter = 0; | ||||
| -static const char *numbers[8] = {
 | ||||
| +static const char *numbers[10] = {
 | ||||
| +	"651056770906015076056810763456358567190100156695615665659",
 | ||||
|  	"651056770906015076056810763456358567190100156695615665659", | ||||
|  	"6140507067065001063065065565667405560006161556565665656654", | ||||
|  	"8763001015071075675010661307616710783570106710677817767166" | ||||
|  	"71676178726717", | ||||
| +	"8763001015071075675010661307616710783570106710677817767166"
 | ||||
| +	"71676178726717",
 | ||||
|  	"7000000175690566466555057817571571075705015757757057795755" | ||||
|  	"55657156756655", | ||||
|  	"1275552191113212300012030439187146164646146646466749494799", | ||||
| @@ -157,7 +160,7 @@ int fbytes(unsigned char *buf, int num)
 | ||||
|  	int	ret; | ||||
|  	BIGNUM	*tmp = NULL; | ||||
|   | ||||
| -	if (fbytes_counter >= 8)
 | ||||
| +	if (fbytes_counter >= 10)
 | ||||
| @@ -186,6 +178,12 @@ int ec_GFp_simple_group_set_curve(EC_GRO
 | ||||
|  		return 0; | ||||
|  	tmp = BN_new(); | ||||
|  	if (!tmp) | ||||
| @@ -550,7 +553,9 @@ int main(void)
 | ||||
|  	RAND_seed(rnd_seed, sizeof(rnd_seed)); | ||||
|   | ||||
|  	/* the tests */ | ||||
| +#if 0
 | ||||
|  	if (!x9_62_tests(out))  goto err; | ||||
| +#endif
 | ||||
|  	if (!test_builtin(out)) goto err; | ||||
|  	 | ||||
|  	ret = 0; | ||||
| diff -up openssl-1.0.1e/crypto/ecdsa/ecs_lib.c.fips-ec openssl-1.0.1e/crypto/ecdsa/ecs_lib.c
 | ||||
| --- openssl-1.0.1e/crypto/ecdsa/ecs_lib.c.fips-ec	2013-02-11 15:26:04.000000000 +0000
 | ||||
| +++ openssl-1.0.1e/crypto/ecdsa/ecs_lib.c	2013-10-15 01:08:06.046783148 +0100
 | ||||
| @@ -81,14 +81,7 @@ const ECDSA_METHOD *ECDSA_get_default_me
 | ||||
|  { | ||||
|  	if(!default_ECDSA_method)  | ||||
|  		{ | ||||
| -#ifdef OPENSSL_FIPS
 | ||||
| -		if (FIPS_mode())
 | ||||
| -			return FIPS_ecdsa_openssl();
 | ||||
| -		else
 | ||||
| -			return ECDSA_OpenSSL();
 | ||||
| -#else
 | ||||
|  		default_ECDSA_method = ECDSA_OpenSSL(); | ||||
| -#endif
 | ||||
|  		} | ||||
|  	return default_ECDSA_method; | ||||
|  } | ||||
| diff -up openssl-1.0.1e/crypto/ecdsa/ecs_ossl.c.fips-ec openssl-1.0.1e/crypto/ecdsa/ecs_ossl.c
 | ||||
| --- openssl-1.0.1e/crypto/ecdsa/ecs_ossl.c.fips-ec	2013-02-11 15:26:04.000000000 +0000
 | ||||
| +++ openssl-1.0.1e/crypto/ecdsa/ecs_ossl.c	2013-10-15 01:08:06.046783148 +0100
 | ||||
| @@ -60,6 +60,9 @@
 | ||||
|  #include <openssl/err.h> | ||||
|  #include <openssl/obj_mac.h> | ||||
|  #include <openssl/bn.h> | ||||
| +#ifdef OPENSSL_FIPS
 | ||||
| +#include <openssl/fips.h>
 | ||||
| +#endif
 | ||||
|   | ||||
|  static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dlen,  | ||||
|  		const BIGNUM *, const BIGNUM *, EC_KEY *eckey); | ||||
| @@ -77,7 +80,7 @@ static ECDSA_METHOD openssl_ecdsa_meth =
 | ||||
|  	NULL, /* init     */ | ||||
|  	NULL, /* finish   */ | ||||
|  #endif | ||||
| -	0,    /* flags    */
 | ||||
| +	ECDSA_FLAG_FIPS_METHOD,    /* flags    */
 | ||||
|  	NULL  /* app_data */ | ||||
|  }; | ||||
|   | ||||
| @@ -231,6 +234,14 @@ static ECDSA_SIG *ecdsa_do_sign(const un
 | ||||
|  	ECDSA_DATA *ecdsa; | ||||
|  	const BIGNUM *priv_key; | ||||
|   | ||||
| +#ifdef OPENSSL_FIPS
 | ||||
| +	if(FIPS_selftest_failed())
 | ||||
| +	if (BN_num_bits(p) < 256)
 | ||||
| +		{
 | ||||
| +		FIPSerr(FIPS_F_ECDSA_DO_SIGN,FIPS_R_FIPS_SELFTEST_FAILED);
 | ||||
| +		return NULL;
 | ||||
| +		ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE, EC_R_UNSUPPORTED_FIELD);
 | ||||
| +		return 0;
 | ||||
| +		}
 | ||||
| +#endif
 | ||||
| +
 | ||||
|  	ecdsa    = ecdsa_check(eckey); | ||||
|  	group    = EC_KEY_get0_group(eckey); | ||||
|  	priv_key = EC_KEY_get0_private_key(eckey); | ||||
| @@ -360,6 +371,14 @@ static int ecdsa_do_verify(const unsigne
 | ||||
|  	const EC_GROUP *group; | ||||
|  	const EC_POINT *pub_key; | ||||
|   | ||||
| +#ifdef OPENSSL_FIPS
 | ||||
| +	if(FIPS_selftest_failed())
 | ||||
| +		{
 | ||||
| +		FIPSerr(FIPS_F_ECDSA_DO_VERIFY,FIPS_R_FIPS_SELFTEST_FAILED);
 | ||||
| +		return -1;
 | ||||
| +		}
 | ||||
| +#endif
 | ||||
| +
 | ||||
|  	/* check input values */ | ||||
|  	if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL || | ||||
|  	    (pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL) | ||||
|  	if (ctx == NULL) | ||||
|  		{ | ||||
|  		ctx = new_ctx = BN_CTX_new(); | ||||
| diff -up openssl-1.0.1e/crypto/evp/m_ecdsa.c.fips-ec openssl-1.0.1e/crypto/evp/m_ecdsa.c
 | ||||
| --- openssl-1.0.1e/crypto/evp/m_ecdsa.c.fips-ec	2013-02-11 15:26:04.000000000 +0000
 | ||||
| +++ openssl-1.0.1e/crypto/evp/m_ecdsa.c	2013-10-15 01:08:06.047783146 +0100
 | ||||
| --- openssl-1.0.1e/crypto/evp/m_ecdsa.c.fips-ec	2013-02-11 16:26:04.000000000 +0100
 | ||||
| +++ openssl-1.0.1e/crypto/evp/m_ecdsa.c	2013-05-03 12:19:59.979317376 +0200
 | ||||
| @@ -116,7 +116,6 @@
 | ||||
|  #include <openssl/x509.h> | ||||
|   | ||||
| @ -443,113 +435,9 @@ diff -up openssl-1.0.1e/crypto/evp/m_ecdsa.c.fips-ec openssl-1.0.1e/crypto/evp/m | ||||
|  	} | ||||
|  #endif | ||||
| -#endif
 | ||||
| diff -up openssl-1.0.1e/crypto/fips/Makefile.fips-ec openssl-1.0.1e/crypto/fips/Makefile
 | ||||
| --- openssl-1.0.1e/crypto/fips/Makefile.fips-ec	2013-10-15 01:08:06.008783200 +0100
 | ||||
| +++ openssl-1.0.1e/crypto/fips/Makefile	2013-10-15 01:08:17.627767168 +0100
 | ||||
| @@ -24,13 +24,13 @@ LIBSRC=fips_aes_selftest.c fips_des_self
 | ||||
|      fips_rsa_selftest.c fips_sha_selftest.c fips.c fips_dsa_selftest.c  fips_rand.c \ | ||||
|      fips_rsa_x931g.c fips_post.c fips_drbg_ctr.c fips_drbg_hash.c fips_drbg_hmac.c \ | ||||
|      fips_drbg_lib.c fips_drbg_rand.c fips_drbg_selftest.c fips_rand_lib.c \ | ||||
| -    fips_cmac_selftest.c fips_enc.c fips_md.c
 | ||||
| +    fips_cmac_selftest.c fips_ecdh_selftest.c fips_ecdsa_selftest.c fips_enc.c fips_md.c
 | ||||
|   | ||||
|  LIBOBJ=fips_aes_selftest.o fips_des_selftest.o fips_hmac_selftest.o fips_rand_selftest.o \ | ||||
|      fips_rsa_selftest.o fips_sha_selftest.o fips.o fips_dsa_selftest.o  fips_rand.o \ | ||||
|      fips_rsa_x931g.o fips_post.o fips_drbg_ctr.o fips_drbg_hash.o fips_drbg_hmac.o \ | ||||
|      fips_drbg_lib.o fips_drbg_rand.o fips_drbg_selftest.o fips_rand_lib.o \ | ||||
| -    fips_cmac_selftest.o fips_enc.o fips_md.o
 | ||||
| +    fips_cmac_selftest.o fips_ecdh_selftest.o fips_ecdsa_selftest.o fips_enc.o fips_md.o
 | ||||
|   | ||||
|  LIBCRYPTO=-L.. -lcrypto | ||||
|   | ||||
| @@ -118,6 +118,21 @@ fips_aes_selftest.o: ../../include/opens
 | ||||
|  fips_aes_selftest.o: ../../include/openssl/safestack.h | ||||
|  fips_aes_selftest.o: ../../include/openssl/stack.h | ||||
|  fips_aes_selftest.o: ../../include/openssl/symhacks.h fips_aes_selftest.c | ||||
| +fips_cmac_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/cmac.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/crypto.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/lhash.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/obj_mac.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/objects.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/opensslconf.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/opensslv.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/ossl_typ.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/safestack.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/stack.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/symhacks.h fips_cmac_selftest.c
 | ||||
| +fips_cmac_selftest.o: fips_locl.h
 | ||||
|  fips_des_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||||
|  fips_des_selftest.o: ../../include/openssl/crypto.h | ||||
|  fips_des_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||||
| @@ -231,6 +246,46 @@ fips_dsa_selftest.o: ../../include/opens
 | ||||
|  fips_dsa_selftest.o: ../../include/openssl/stack.h | ||||
|  fips_dsa_selftest.o: ../../include/openssl/symhacks.h fips_dsa_selftest.c | ||||
|  fips_dsa_selftest.o: fips_locl.h | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/ecdh.h ../../include/openssl/err.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/lhash.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/obj_mac.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/objects.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/opensslconf.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/opensslv.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/ossl_typ.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/safestack.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/stack.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/symhacks.h fips_ecdh_selftest.c
 | ||||
| +fips_ecdh_selftest.o: fips_locl.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/bn.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/crypto.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/ecdsa.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/fips.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/lhash.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/obj_mac.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/objects.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/opensslconf.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/opensslv.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/ossl_typ.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/safestack.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/stack.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/symhacks.h fips_ecdsa_selftest.c
 | ||||
| +fips_enc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 | ||||
| +fips_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 | ||||
| +fips_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 | ||||
| +fips_enc.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
 | ||||
| +fips_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 | ||||
| +fips_enc.o: ../../include/openssl/opensslconf.h
 | ||||
| +fips_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 | ||||
| +fips_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 | ||||
| +fips_enc.o: ../../include/openssl/symhacks.h fips_enc.c
 | ||||
|  fips_hmac_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||||
|  fips_hmac_selftest.o: ../../include/openssl/crypto.h | ||||
|  fips_hmac_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||||
| @@ -245,6 +300,15 @@ fips_hmac_selftest.o: ../../include/open
 | ||||
|  fips_hmac_selftest.o: ../../include/openssl/safestack.h | ||||
|  fips_hmac_selftest.o: ../../include/openssl/stack.h | ||||
|  fips_hmac_selftest.o: ../../include/openssl/symhacks.h fips_hmac_selftest.c | ||||
| +fips_md.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 | ||||
| +fips_md.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 | ||||
| +fips_md.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 | ||||
| +fips_md.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
 | ||||
| +fips_md.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 | ||||
| +fips_md.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 | ||||
| +fips_md.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
 | ||||
| +fips_md.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 | ||||
| +fips_md.o: fips_md.c
 | ||||
|  fips_post.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h | ||||
|  fips_post.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h | ||||
|  fips_post.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | ||||
| diff -up openssl-1.0.1e/crypto/fips/cavs/fips_ecdhvs.c.fips-ec openssl-1.0.1e/crypto/fips/cavs/fips_ecdhvs.c
 | ||||
| --- openssl-1.0.1e/crypto/fips/cavs/fips_ecdhvs.c.fips-ec	2013-10-15 01:08:06.047783146 +0100
 | ||||
| +++ openssl-1.0.1e/crypto/fips/cavs/fips_ecdhvs.c	2013-10-15 01:08:06.047783146 +0100
 | ||||
| --- openssl-1.0.1e/crypto/fips/cavs/fips_ecdhvs.c.fips-ec	2013-05-03 12:19:59.980317397 +0200
 | ||||
| +++ openssl-1.0.1e/crypto/fips/cavs/fips_ecdhvs.c	2013-05-03 12:19:59.980317397 +0200
 | ||||
| @@ -0,0 +1,496 @@
 | ||||
| +/* fips/ecdh/fips_ecdhvs.c */
 | ||||
| +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 | ||||
| @ -1048,8 +936,8 @@ diff -up openssl-1.0.1e/crypto/fips/cavs/fips_ecdhvs.c.fips-ec openssl-1.0.1e/cr | ||||
| +
 | ||||
| +#endif
 | ||||
| diff -up openssl-1.0.1e/crypto/fips/cavs/fips_ecdsavs.c.fips-ec openssl-1.0.1e/crypto/fips/cavs/fips_ecdsavs.c
 | ||||
| --- openssl-1.0.1e/crypto/fips/cavs/fips_ecdsavs.c.fips-ec	2013-10-15 01:08:06.047783146 +0100
 | ||||
| +++ openssl-1.0.1e/crypto/fips/cavs/fips_ecdsavs.c	2013-10-15 01:08:06.047783146 +0100
 | ||||
| --- openssl-1.0.1e/crypto/fips/cavs/fips_ecdsavs.c.fips-ec	2013-05-03 12:19:59.980317397 +0200
 | ||||
| +++ openssl-1.0.1e/crypto/fips/cavs/fips_ecdsavs.c	2013-05-03 12:19:59.980317397 +0200
 | ||||
| @@ -0,0 +1,533 @@
 | ||||
| +/* fips/ecdsa/fips_ecdsavs.c */
 | ||||
| +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 | ||||
| @ -1584,21 +1472,9 @@ diff -up openssl-1.0.1e/crypto/fips/cavs/fips_ecdsavs.c.fips-ec openssl-1.0.1e/c | ||||
| +	}
 | ||||
| +
 | ||||
| +#endif
 | ||||
| diff -up openssl-1.0.1e/crypto/fips/fips.h.fips-ec openssl-1.0.1e/crypto/fips/fips.h
 | ||||
| --- openssl-1.0.1e/crypto/fips/fips.h.fips-ec	2013-10-15 01:08:06.037783160 +0100
 | ||||
| +++ openssl-1.0.1e/crypto/fips/fips.h	2013-10-15 01:08:06.048783145 +0100
 | ||||
| @@ -94,6 +94,8 @@ int FIPS_selftest_rsa(void);
 | ||||
|  void FIPS_corrupt_dsa(void); | ||||
|  void FIPS_corrupt_dsa_keygen(void); | ||||
|  int FIPS_selftest_dsa(void); | ||||
| +int FIPS_selftest_ecdsa(void);
 | ||||
| +int FIPS_selftest_ecdh(void);
 | ||||
|  void FIPS_corrupt_rng(void); | ||||
|  void FIPS_rng_stick(void); | ||||
|  void FIPS_x931_stick(int onoff); | ||||
| diff -up openssl-1.0.1e/crypto/fips/fips_ecdh_selftest.c.fips-ec openssl-1.0.1e/crypto/fips/fips_ecdh_selftest.c
 | ||||
| --- openssl-1.0.1e/crypto/fips/fips_ecdh_selftest.c.fips-ec	2013-10-15 01:08:06.048783145 +0100
 | ||||
| +++ openssl-1.0.1e/crypto/fips/fips_ecdh_selftest.c	2013-10-15 01:08:06.048783145 +0100
 | ||||
| --- openssl-1.0.1e/crypto/fips/fips_ecdh_selftest.c.fips-ec	2013-05-03 12:19:59.981317418 +0200
 | ||||
| +++ openssl-1.0.1e/crypto/fips/fips_ecdh_selftest.c	2013-05-03 12:19:59.981317418 +0200
 | ||||
| @@ -0,0 +1,252 @@
 | ||||
| +/* fips/ecdh/fips_ecdh_selftest.c */
 | ||||
| +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 | ||||
| @ -1853,8 +1729,8 @@ diff -up openssl-1.0.1e/crypto/fips/fips_ecdh_selftest.c.fips-ec openssl-1.0.1e/ | ||||
| +
 | ||||
| +#endif
 | ||||
| diff -up openssl-1.0.1e/crypto/fips/fips_ecdsa_selftest.c.fips-ec openssl-1.0.1e/crypto/fips/fips_ecdsa_selftest.c
 | ||||
| --- openssl-1.0.1e/crypto/fips/fips_ecdsa_selftest.c.fips-ec	2013-10-15 01:08:06.048783145 +0100
 | ||||
| +++ openssl-1.0.1e/crypto/fips/fips_ecdsa_selftest.c	2013-10-15 01:08:06.048783145 +0100
 | ||||
| --- openssl-1.0.1e/crypto/fips/fips_ecdsa_selftest.c.fips-ec	2013-05-03 12:19:59.981317418 +0200
 | ||||
| +++ openssl-1.0.1e/crypto/fips/fips_ecdsa_selftest.c	2013-05-03 12:19:59.981317418 +0200
 | ||||
| @@ -0,0 +1,167 @@
 | ||||
| +/* fips/ecdsa/fips_ecdsa_selftest.c */
 | ||||
| +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 | ||||
| @ -2023,9 +1899,21 @@ diff -up openssl-1.0.1e/crypto/fips/fips_ecdsa_selftest.c.fips-ec openssl-1.0.1e | ||||
| +	}
 | ||||
| +
 | ||||
| +#endif
 | ||||
| diff -up openssl-1.0.1e/crypto/fips/fips.h.fips-ec openssl-1.0.1e/crypto/fips/fips.h
 | ||||
| --- openssl-1.0.1e/crypto/fips/fips.h.fips-ec	2013-05-03 12:19:59.942316578 +0200
 | ||||
| +++ openssl-1.0.1e/crypto/fips/fips.h	2013-05-03 12:19:59.981317418 +0200
 | ||||
| @@ -93,6 +93,8 @@ int FIPS_selftest_rsa(void);
 | ||||
|  void FIPS_corrupt_dsa(void); | ||||
|  void FIPS_corrupt_dsa_keygen(void); | ||||
|  int FIPS_selftest_dsa(void); | ||||
| +int FIPS_selftest_ecdsa(void);
 | ||||
| +int FIPS_selftest_ecdh(void);
 | ||||
|  void FIPS_corrupt_rng(void); | ||||
|  void FIPS_rng_stick(void); | ||||
|  void FIPS_x931_stick(int onoff); | ||||
| diff -up openssl-1.0.1e/crypto/fips/fips_post.c.fips-ec openssl-1.0.1e/crypto/fips/fips_post.c
 | ||||
| --- openssl-1.0.1e/crypto/fips/fips_post.c.fips-ec	2013-10-15 01:08:06.005783204 +0100
 | ||||
| +++ openssl-1.0.1e/crypto/fips/fips_post.c	2013-10-15 01:08:06.048783145 +0100
 | ||||
| --- openssl-1.0.1e/crypto/fips/fips_post.c.fips-ec	2013-05-03 12:19:59.942316578 +0200
 | ||||
| +++ openssl-1.0.1e/crypto/fips/fips_post.c	2013-05-03 12:19:59.982317439 +0200
 | ||||
| @@ -95,8 +95,12 @@ int FIPS_selftest(void)
 | ||||
|  		rv = 0; | ||||
|  	if (!FIPS_selftest_rsa()) | ||||
| @ -2039,10 +1927,114 @@ diff -up openssl-1.0.1e/crypto/fips/fips_post.c.fips-ec openssl-1.0.1e/crypto/fi | ||||
|  	return rv; | ||||
|  	} | ||||
|   | ||||
| diff -up openssl-1.0.1e/crypto/fips/Makefile.fips-ec openssl-1.0.1e/crypto/fips/Makefile
 | ||||
| --- openssl-1.0.1e/crypto/fips/Makefile.fips-ec	2013-05-03 12:19:59.945316642 +0200
 | ||||
| +++ openssl-1.0.1e/crypto/fips/Makefile	2013-05-03 12:20:12.173579845 +0200
 | ||||
| @@ -24,13 +24,13 @@ LIBSRC=fips_aes_selftest.c fips_des_self
 | ||||
|      fips_rsa_selftest.c fips_sha_selftest.c fips.c fips_dsa_selftest.c  fips_rand.c \ | ||||
|      fips_rsa_x931g.c fips_post.c fips_drbg_ctr.c fips_drbg_hash.c fips_drbg_hmac.c \ | ||||
|      fips_drbg_lib.c fips_drbg_rand.c fips_drbg_selftest.c fips_rand_lib.c \ | ||||
| -    fips_cmac_selftest.c fips_enc.c fips_md.c
 | ||||
| +    fips_cmac_selftest.c fips_ecdh_selftest.c fips_ecdsa_selftest.c fips_enc.c fips_md.c
 | ||||
|   | ||||
|  LIBOBJ=fips_aes_selftest.o fips_des_selftest.o fips_hmac_selftest.o fips_rand_selftest.o \ | ||||
|      fips_rsa_selftest.o fips_sha_selftest.o fips.o fips_dsa_selftest.o  fips_rand.o \ | ||||
|      fips_rsa_x931g.o fips_post.o fips_drbg_ctr.o fips_drbg_hash.o fips_drbg_hmac.o \ | ||||
|      fips_drbg_lib.o fips_drbg_rand.o fips_drbg_selftest.o fips_rand_lib.o \ | ||||
| -    fips_cmac_selftest.o fips_enc.o fips_md.o
 | ||||
| +    fips_cmac_selftest.o fips_ecdh_selftest.o fips_ecdsa_selftest.o fips_enc.o fips_md.o
 | ||||
|   | ||||
|  LIBCRYPTO=-L.. -lcrypto | ||||
|   | ||||
| @@ -118,6 +118,21 @@ fips_aes_selftest.o: ../../include/opens
 | ||||
|  fips_aes_selftest.o: ../../include/openssl/safestack.h | ||||
|  fips_aes_selftest.o: ../../include/openssl/stack.h | ||||
|  fips_aes_selftest.o: ../../include/openssl/symhacks.h fips_aes_selftest.c | ||||
| +fips_cmac_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/cmac.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/crypto.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/lhash.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/obj_mac.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/objects.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/opensslconf.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/opensslv.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/ossl_typ.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/safestack.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/stack.h
 | ||||
| +fips_cmac_selftest.o: ../../include/openssl/symhacks.h fips_cmac_selftest.c
 | ||||
| +fips_cmac_selftest.o: fips_locl.h
 | ||||
|  fips_des_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||||
|  fips_des_selftest.o: ../../include/openssl/crypto.h | ||||
|  fips_des_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||||
| @@ -231,6 +246,46 @@ fips_dsa_selftest.o: ../../include/opens
 | ||||
|  fips_dsa_selftest.o: ../../include/openssl/stack.h | ||||
|  fips_dsa_selftest.o: ../../include/openssl/symhacks.h fips_dsa_selftest.c | ||||
|  fips_dsa_selftest.o: fips_locl.h | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/ecdh.h ../../include/openssl/err.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/lhash.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/obj_mac.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/objects.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/opensslconf.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/opensslv.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/ossl_typ.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/safestack.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/stack.h
 | ||||
| +fips_ecdh_selftest.o: ../../include/openssl/symhacks.h fips_ecdh_selftest.c
 | ||||
| +fips_ecdh_selftest.o: fips_locl.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/bn.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/crypto.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/ecdsa.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/fips.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/lhash.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/obj_mac.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/objects.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/opensslconf.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/opensslv.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/ossl_typ.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/safestack.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/stack.h
 | ||||
| +fips_ecdsa_selftest.o: ../../include/openssl/symhacks.h fips_ecdsa_selftest.c
 | ||||
| +fips_enc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 | ||||
| +fips_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 | ||||
| +fips_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 | ||||
| +fips_enc.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
 | ||||
| +fips_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 | ||||
| +fips_enc.o: ../../include/openssl/opensslconf.h
 | ||||
| +fips_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 | ||||
| +fips_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 | ||||
| +fips_enc.o: ../../include/openssl/symhacks.h fips_enc.c
 | ||||
|  fips_hmac_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||||
|  fips_hmac_selftest.o: ../../include/openssl/crypto.h | ||||
|  fips_hmac_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||||
| @@ -245,6 +300,15 @@ fips_hmac_selftest.o: ../../include/open
 | ||||
|  fips_hmac_selftest.o: ../../include/openssl/safestack.h | ||||
|  fips_hmac_selftest.o: ../../include/openssl/stack.h | ||||
|  fips_hmac_selftest.o: ../../include/openssl/symhacks.h fips_hmac_selftest.c | ||||
| +fips_md.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 | ||||
| +fips_md.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 | ||||
| +fips_md.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 | ||||
| +fips_md.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
 | ||||
| +fips_md.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 | ||||
| +fips_md.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 | ||||
| +fips_md.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
 | ||||
| +fips_md.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 | ||||
| +fips_md.o: fips_md.c
 | ||||
|  fips_post.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h | ||||
|  fips_post.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h | ||||
|  fips_post.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | ||||
| diff -up openssl-1.0.1e/version.map.fips-ec openssl-1.0.1e/version.map
 | ||||
| --- openssl-1.0.1e/version.map.fips-ec	2013-10-15 01:08:06.016783189 +0100
 | ||||
| +++ openssl-1.0.1e/version.map	2013-10-15 01:08:06.048783145 +0100
 | ||||
| @@ -6,3 +6,7 @@ OPENSSL_1.0.1 {
 | ||||
| --- openssl-1.0.1e/version.map.fips-ec	2013-05-03 12:19:59.000000000 +0200
 | ||||
| +++ openssl-1.0.1e/version.map	2013-05-09 11:11:08.022300608 +0200
 | ||||
| @@ -5,3 +5,7 @@ OPENSSL_1.0.1 {
 | ||||
|  	    _original*; | ||||
|  	    _current*; | ||||
|  }; | ||||
|  | ||||
										
											
												File diff suppressed because it is too large
												Load Diff
											
										
									
								
							
							
								
								
									
										89
									
								
								openssl-1.0.1e-speed-suiteb.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										89
									
								
								openssl-1.0.1e-speed-suiteb.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,89 @@ | ||||
| diff -up openssl-1.0.1e/apps/speed.c.suiteb openssl-1.0.1e/apps/speed.c
 | ||||
| --- openssl-1.0.1e/apps/speed.c.suiteb	2013-09-27 15:57:09.947894307 +0200
 | ||||
| +++ openssl-1.0.1e/apps/speed.c	2013-09-27 15:57:52.528852804 +0200
 | ||||
| @@ -966,49 +966,21 @@ int MAIN(int argc, char **argv)
 | ||||
|  		else | ||||
|  #endif | ||||
|  #ifndef OPENSSL_NO_ECDSA | ||||
| -		     if (strcmp(*argv,"ecdsap160") == 0) ecdsa_doit[R_EC_P160]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdsap192") == 0) ecdsa_doit[R_EC_P192]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdsap224") == 0) ecdsa_doit[R_EC_P224]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdsap256") == 0) ecdsa_doit[R_EC_P256]=2;
 | ||||
| +		if (strcmp(*argv,"ecdsap256") == 0) ecdsa_doit[R_EC_P256]=2;
 | ||||
|  		else if (strcmp(*argv,"ecdsap384") == 0) ecdsa_doit[R_EC_P384]=2; | ||||
| -		else if (strcmp(*argv,"ecdsap521") == 0) ecdsa_doit[R_EC_P521]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdsak163") == 0) ecdsa_doit[R_EC_K163]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdsak233") == 0) ecdsa_doit[R_EC_K233]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdsak283") == 0) ecdsa_doit[R_EC_K283]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdsak409") == 0) ecdsa_doit[R_EC_K409]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdsak571") == 0) ecdsa_doit[R_EC_K571]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdsab163") == 0) ecdsa_doit[R_EC_B163]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdsab233") == 0) ecdsa_doit[R_EC_B233]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdsab283") == 0) ecdsa_doit[R_EC_B283]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdsab409") == 0) ecdsa_doit[R_EC_B409]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdsab571") == 0) ecdsa_doit[R_EC_B571]=2;
 | ||||
|  		else if (strcmp(*argv,"ecdsa") == 0) | ||||
|  			{ | ||||
| -			for (i=0; i < EC_NUM; i++)
 | ||||
| +			for (i=R_EC_P256; i <= R_EC_P384; i++)
 | ||||
|  				ecdsa_doit[i]=1; | ||||
|  			} | ||||
|  		else | ||||
|  #endif | ||||
|  #ifndef OPENSSL_NO_ECDH | ||||
| -		     if (strcmp(*argv,"ecdhp160") == 0) ecdh_doit[R_EC_P160]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdhp192") == 0) ecdh_doit[R_EC_P192]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdhp224") == 0) ecdh_doit[R_EC_P224]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdhp256") == 0) ecdh_doit[R_EC_P256]=2;
 | ||||
| +		if (strcmp(*argv,"ecdhp256") == 0) ecdh_doit[R_EC_P256]=2;
 | ||||
|  		else if (strcmp(*argv,"ecdhp384") == 0) ecdh_doit[R_EC_P384]=2; | ||||
| -		else if (strcmp(*argv,"ecdhp521") == 0) ecdh_doit[R_EC_P521]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdhk163") == 0) ecdh_doit[R_EC_K163]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdhk233") == 0) ecdh_doit[R_EC_K233]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdhk283") == 0) ecdh_doit[R_EC_K283]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdhk409") == 0) ecdh_doit[R_EC_K409]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdhk571") == 0) ecdh_doit[R_EC_K571]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdhb163") == 0) ecdh_doit[R_EC_B163]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdhb233") == 0) ecdh_doit[R_EC_B233]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdhb283") == 0) ecdh_doit[R_EC_B283]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdhb409") == 0) ecdh_doit[R_EC_B409]=2;
 | ||||
| -		else if (strcmp(*argv,"ecdhb571") == 0) ecdh_doit[R_EC_B571]=2;
 | ||||
|  		else if (strcmp(*argv,"ecdh") == 0) | ||||
|  			{ | ||||
| -			for (i=0; i < EC_NUM; i++)
 | ||||
| +			for (i=R_EC_P256; i <= R_EC_P384; i++)
 | ||||
|  				ecdh_doit[i]=1; | ||||
|  			} | ||||
|  		else | ||||
| @@ -1097,15 +1069,11 @@ int MAIN(int argc, char **argv)
 | ||||
|  			BIO_printf(bio_err,"dsa512   dsa1024  dsa2048\n"); | ||||
|  #endif | ||||
|  #ifndef OPENSSL_NO_ECDSA | ||||
| -			BIO_printf(bio_err,"ecdsap160 ecdsap192 ecdsap224 ecdsap256 ecdsap384 ecdsap521\n");
 | ||||
| -			BIO_printf(bio_err,"ecdsak163 ecdsak233 ecdsak283 ecdsak409 ecdsak571\n");
 | ||||
| -			BIO_printf(bio_err,"ecdsab163 ecdsab233 ecdsab283 ecdsab409 ecdsab571\n");
 | ||||
| +			BIO_printf(bio_err,"ecdsap256 ecdsap384\n");
 | ||||
|  			BIO_printf(bio_err,"ecdsa\n"); | ||||
|  #endif | ||||
|  #ifndef OPENSSL_NO_ECDH | ||||
| -			BIO_printf(bio_err,"ecdhp160  ecdhp192  ecdhp224  ecdhp256  ecdhp384  ecdhp521\n");
 | ||||
| -			BIO_printf(bio_err,"ecdhk163  ecdhk233  ecdhk283  ecdhk409  ecdhk571\n");
 | ||||
| -			BIO_printf(bio_err,"ecdhb163  ecdhb233  ecdhb283  ecdhb409  ecdhb571\n");
 | ||||
| +			BIO_printf(bio_err,"ecdhp256  ecdhp384\n");
 | ||||
|  			BIO_printf(bio_err,"ecdh\n"); | ||||
|  #endif | ||||
|   | ||||
| @@ -1181,11 +1149,11 @@ int MAIN(int argc, char **argv)
 | ||||
|  		    if (!FIPS_mode() || i != R_DSA_512) | ||||
|  			dsa_doit[i]=1; | ||||
|  #ifndef OPENSSL_NO_ECDSA | ||||
| -		for (i=0; i<EC_NUM; i++)
 | ||||
| +		for (i=R_EC_P256; i <= R_EC_P384; i++)
 | ||||
|  			ecdsa_doit[i]=1; | ||||
|  #endif | ||||
|  #ifndef OPENSSL_NO_ECDH | ||||
| -		for (i=0; i<EC_NUM; i++)
 | ||||
| +		for (i=R_EC_P256; i <= R_EC_P384; i++)
 | ||||
|  			ecdh_doit[i]=1; | ||||
|  #endif | ||||
|  		} | ||||
							
								
								
									
										67
									
								
								openssl.spec
									
									
									
									
									
								
							
							
						
						
									
										67
									
								
								openssl.spec
									
									
									
									
									
								
							| @ -21,12 +21,12 @@ | ||||
| Summary: Utilities from the general purpose cryptography library with TLS implementation | ||||
| Name: openssl | ||||
| Version: 1.0.1e | ||||
| Release: 27%{?dist} | ||||
| Release: 28%{?dist} | ||||
| Epoch: 1 | ||||
| # We have to remove certain patented algorithms from the openssl source | ||||
| # tarball with the hobble-openssl script which is included below. | ||||
| # The original openssl upstream tarball cannot be shipped in the .src.rpm. | ||||
| Source: openssl-%{version}-usa.tar.xz | ||||
| Source: openssl-%{version}-hobbled.tar.xz | ||||
| Source1: hobble-openssl | ||||
| Source2: Makefile.certificate | ||||
| Source6: make-dummy-cert | ||||
| @ -35,7 +35,8 @@ Source8: openssl-thread-test.c | ||||
| Source9: opensslconf-new.h | ||||
| Source10: opensslconf-new-warning.h | ||||
| Source11: README.FIPS | ||||
| Source12: openssl-fips.conf | ||||
| Source12: ec_curve.c | ||||
| Source13: ectest.c | ||||
| # Build changes | ||||
| Patch1: openssl-1.0.1-beta2-rpmbuild.patch | ||||
| Patch2: openssl-1.0.0f-defaults.patch | ||||
| @ -69,15 +70,16 @@ Patch65: openssl-1.0.0e-chil-fixes.patch | ||||
| Patch66: openssl-1.0.1-pkgconfig-krb5.patch | ||||
| Patch68: openssl-1.0.1e-secure-getenv.patch | ||||
| Patch69: openssl-1.0.1c-dh-1024.patch | ||||
| Patch70: openssl-1.0.1e-fips-ec.patch | ||||
| Patch71: openssl-1.0.1e-manfix.patch | ||||
| Patch72: openssl-1.0.1e-fips-ctor.patch | ||||
| Patch73: openssl-1.0.1e-speed-suiteb.patch | ||||
| # Backported fixes including security fixes | ||||
| Patch81: openssl-1.0.1-beta2-padlock64.patch | ||||
| Patch82: openssl-1.0.1e-backports.patch | ||||
| Patch83: openssl-1.0.1e-bad-mac.patch | ||||
| Patch84: openssl-1.0.1e-trusted-first.patch | ||||
| Patch85: openssl-1.0.1e-arm-use-elf-auxv-caps.patch | ||||
| Patch86: openssl-1.0.1e-fips-ec.patch | ||||
| 
 | ||||
| License: OpenSSL | ||||
| Group: System Environment/Libraries | ||||
| @ -100,8 +102,8 @@ Group: System Environment/Libraries | ||||
| Requires: ca-certificates >= 2008-5 | ||||
| # Needed obsoletes due to the base/lib subpackage split | ||||
| Obsoletes: openssl < 1:1.0.1-0.3.beta3 | ||||
| # Needed for proper transaction ordering if openssl-fips is installed | ||||
| OrderWithRequires(pre): openssl-fips | ||||
| Obsoletes: openssl-fips < 1:1.0.1e-28 | ||||
| Provides: openssl-fips = %{epoch}:%{version}-%{release} | ||||
| 
 | ||||
| %description libs | ||||
| OpenSSL is a toolkit for supporting cryptography. The openssl-libs | ||||
| @ -142,22 +144,15 @@ OpenSSL is a toolkit for supporting cryptography. The openssl-perl | ||||
| package provides Perl scripts for converting certificates and keys | ||||
| from other formats to the formats used by the OpenSSL toolkit. | ||||
| 
 | ||||
| %package fips | ||||
| Summary: The FIPS module package for OpenSSL | ||||
| Group: System Environment/Libraries | ||||
| Requires: %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release} | ||||
| 
 | ||||
| %description fips | ||||
| OpenSSL is a toolkit for supporting cryptography. The openssl-fips | ||||
| package provides files that complete the installation of the | ||||
| OpenSSL FIPS module. | ||||
| 
 | ||||
| %prep | ||||
| %setup -q -n %{name}-%{version} | ||||
| 
 | ||||
| # The hobble_openssl is called here redundantly, just to be sure. | ||||
| # The tarball has already the sources removed. | ||||
| %{SOURCE1} > /dev/null | ||||
| 
 | ||||
| cp %{SOURCE12} %{SOURCE13} crypto/ec/ | ||||
| 
 | ||||
| %patch1 -p1 -b .rpmbuild | ||||
| %patch2 -p1 -b .defaults | ||||
| %patch4 -p1 -b .enginesdir %{?_rawbuild} | ||||
| @ -190,15 +185,16 @@ OpenSSL FIPS module. | ||||
| %patch66 -p1 -b .krb5 | ||||
| %patch68 -p1 -b .secure-getenv | ||||
| %patch69 -p1 -b .dh1024 | ||||
| %patch70 -p1 -b .fips-ec | ||||
| %patch72 -p1 -b .fips-ctor | ||||
| %patch73 -p1 -b .suiteb | ||||
| 
 | ||||
| %patch81 -p1 -b .padlock64 | ||||
| %patch82 -p1 -b .backports | ||||
| %patch71 -p1 -b .manfix | ||||
| %patch72 -p1 -b .fips-ctor | ||||
| %patch83 -p1 -b .bad-mac | ||||
| %patch84 -p1 -b .trusted-first | ||||
| %patch85 -p1 -b .armcap | ||||
| %patch86 -p1 -b .fips-ec | ||||
| 
 | ||||
| sed -i 's/SHLIB_VERSION_NUMBER "1.0.0"/SHLIB_VERSION_NUMBER "%{version}"/' crypto/opensslv.h | ||||
| 
 | ||||
| @ -253,7 +249,7 @@ sslarch=linux-ppc64 | ||||
| ./Configure \ | ||||
| 	--prefix=%{_prefix} --openssldir=%{_sysconfdir}/pki/tls ${sslflags} \ | ||||
| 	zlib enable-camellia enable-seed enable-tlsext enable-rfc3779 \ | ||||
| 	enable-cms enable-md2 no-mdc2 no-rc5 no-srp \ | ||||
| 	enable-cms enable-md2 no-mdc2 no-rc5 no-ec2m no-gost no-srp \ | ||||
| 	--with-krb5-flavor=MIT --enginesdir=%{_libdir}/openssl/engines \ | ||||
| 	--with-krb5-dir=/usr shared  ${sslarch} %{?!nofips:fips} | ||||
| 
 | ||||
| @ -261,7 +257,7 @@ sslarch=linux-ppc64 | ||||
| # marked as not requiring an executable stack. | ||||
| # Also add -DPURIFY to make using valgrind with openssl easier as we do not | ||||
| # want to depend on the uninitialized memory as a source of entropy anyway. | ||||
| RPM_OPT_FLAGS="$RPM_OPT_FLAGS -Wa,--noexecstack -DPURIFY -DHMAC_SUFFIX=\\\".%{version}-%{release}.hmac\\\"" | ||||
| RPM_OPT_FLAGS="$RPM_OPT_FLAGS -Wa,--noexecstack -DPURIFY" | ||||
| make depend | ||||
| make all | ||||
| 
 | ||||
| @ -296,10 +292,10 @@ make -C test apps tests | ||||
|     %{?__debug_package:%{__debug_install_post}} \ | ||||
|     %{__arch_install_post} \ | ||||
|     %{__os_install_post} \ | ||||
|     crypto/fips/fips_standalone_hmac $RPM_BUILD_ROOT%{_libdir}/libcrypto.so.%{version} >$RPM_BUILD_ROOT%{_libdir}/.libcrypto.so.%{version}.%{version}-%{release}.hmac \ | ||||
|     ln -sf .libcrypto.so.%{version}.%{version}-%{release}.hmac $RPM_BUILD_ROOT%{_libdir}/.libcrypto.so.%{soversion}.%{version}-%{release}.hmac \ | ||||
|     crypto/fips/fips_standalone_hmac $RPM_BUILD_ROOT%{_libdir}/libssl.so.%{version} >$RPM_BUILD_ROOT%{_libdir}/.libssl.so.%{version}.%{version}-%{release}.hmac \ | ||||
|     ln -sf .libssl.so.%{version}.%{version}-%{release}.hmac $RPM_BUILD_ROOT%{_libdir}/.libssl.so.%{soversion}.%{version}-%{release}.hmac \ | ||||
|     crypto/fips/fips_standalone_hmac $RPM_BUILD_ROOT%{_libdir}/libcrypto.so.%{version} >$RPM_BUILD_ROOT%{_libdir}/.libcrypto.so.%{version}.hmac \ | ||||
|     ln -sf .libcrypto.so.%{version}.hmac $RPM_BUILD_ROOT%{_libdir}/.libcrypto.so.%{soversion}.hmac \ | ||||
|     crypto/fips/fips_standalone_hmac $RPM_BUILD_ROOT%{_libdir}/libssl.so.%{version} >$RPM_BUILD_ROOT%{_libdir}/.libssl.so.%{version}.hmac \ | ||||
|     ln -sf .libssl.so.%{version}.hmac $RPM_BUILD_ROOT%{_libdir}/.libssl.so.%{soversion}.hmac \ | ||||
| %{nil} | ||||
| 
 | ||||
| %define __provides_exclude_from %{_libdir}/openssl | ||||
| @ -391,11 +387,6 @@ install -m644 %{SOURCE9} \ | ||||
| 	$RPM_BUILD_ROOT/%{_prefix}/include/openssl/opensslconf.h | ||||
| %endif | ||||
| 
 | ||||
| #install prelink blacklist | ||||
| mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/prelink.conf.d | ||||
| install -m644 %{SOURCE12} \ | ||||
| 	$RPM_BUILD_ROOT/%{_sysconfdir}/prelink.conf.d/openssl-fips.conf | ||||
| 
 | ||||
| # Remove unused files from upstream fips support | ||||
| rm -rf $RPM_BUILD_ROOT/%{_bindir}/openssl_fips_fingerprint | ||||
| rm -rf $RPM_BUILD_ROOT/%{_libdir}/fips_premain.* | ||||
| @ -438,6 +429,8 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.* | ||||
| %attr(0755,root,root) %{_libdir}/libcrypto.so.%{soversion} | ||||
| %attr(0755,root,root) %{_libdir}/libssl.so.%{version} | ||||
| %attr(0755,root,root) %{_libdir}/libssl.so.%{soversion} | ||||
| %attr(0644,root,root) %{_libdir}/.libcrypto.so.*.hmac | ||||
| %attr(0644,root,root) %{_libdir}/.libssl.so.*.hmac | ||||
| %attr(0755,root,root) %{_libdir}/openssl | ||||
| 
 | ||||
| %files devel | ||||
| @ -458,23 +451,15 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.* | ||||
| %{_sysconfdir}/pki/tls/misc/*.pl | ||||
| %{_sysconfdir}/pki/tls/misc/tsget | ||||
| 
 | ||||
| %files fips | ||||
| %defattr(-,root,root) | ||||
| %attr(0644,root,root) %{_libdir}/.libcrypto.so.*.hmac | ||||
| %attr(0644,root,root) %{_libdir}/.libssl.so.*.hmac | ||||
| # We don't want to depend on prelink for this directory | ||||
| %dir %{_sysconfdir}/prelink.conf.d | ||||
| %{_sysconfdir}/prelink.conf.d/openssl-fips.conf | ||||
| 
 | ||||
| %post libs -p /sbin/ldconfig | ||||
| 
 | ||||
| %postun libs -p /sbin/ldconfig | ||||
| 
 | ||||
| %pre fips | ||||
| # Must use pre to avoid some possible races | ||||
| prelink -u %{_libdir}/libcrypto.so.%{version} %{_libdir}/libssl.so.%{version} 2>/dev/null || : | ||||
| 
 | ||||
| %changelog | ||||
| * Wed Oct 16 2013 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-28 | ||||
| - only ECC NIST Suite B curves support | ||||
| - drop -fips subpackage | ||||
| 
 | ||||
| * Mon Oct 14 2013 Tom Callaway <spot@fedoraproject.org> - 1.0.1e-27 | ||||
| - resolve bugzilla 319901 (phew! only took 6 years & 9 days) | ||||
| 
 | ||||
|  | ||||
		Loading…
	
		Reference in New Issue
	
	Block a user