2009-03-25 21:12:41 +00:00
|
|
|
diff -up openssl-0.9.8k/fips/sha/Makefile.fipscheck-hmac openssl-0.9.8k/fips/sha/Makefile
|
|
|
|
--- openssl-0.9.8k/fips/sha/Makefile.fipscheck-hmac 2008-10-26 19:42:05.000000000 +0100
|
|
|
|
+++ openssl-0.9.8k/fips/sha/Makefile 2009-03-25 20:18:08.000000000 +0100
|
2009-01-15 09:10:25 +00:00
|
|
|
@@ -46,7 +46,7 @@ lib: $(LIBOBJ)
|
|
|
|
@echo $(LIBOBJ) > lib
|
|
|
|
|
|
|
|
../fips_standalone_sha1$(EXE_EXT): fips_standalone_sha1.o
|
|
|
|
- FIPS_SHA_ASM=""; for i in $(SHA1_ASM_OBJ) sha1dgst.o ; do FIPS_SHA_ASM="$$FIPS_SHA_ASM ../../crypto/sha/$$i" ; done; \
|
|
|
|
+ FIPS_SHA_ASM=""; for i in $(SHA1_ASM_OBJ) sha256.o ; do FIPS_SHA_ASM="$$FIPS_SHA_ASM ../../crypto/sha/$$i" ; done; \
|
|
|
|
$(CC) -o $@ $(CFLAGS) fips_standalone_sha1.o $$FIPS_SHA_ASM
|
|
|
|
|
|
|
|
files:
|
2009-03-25 21:12:41 +00:00
|
|
|
diff -up openssl-0.9.8k/fips/sha/fips_standalone_sha1.c.fipscheck-hmac openssl-0.9.8k/fips/sha/fips_standalone_sha1.c
|
|
|
|
--- openssl-0.9.8k/fips/sha/fips_standalone_sha1.c.fipscheck-hmac 2009-01-15 13:34:54.000000000 +0100
|
|
|
|
+++ openssl-0.9.8k/fips/sha/fips_standalone_sha1.c 2009-03-25 20:18:08.000000000 +0100
|
2009-01-15 09:10:25 +00:00
|
|
|
@@ -62,7 +62,7 @@ void OPENSSL_cleanse(void *p,size_t len)
|
|
|
|
|
|
|
|
#ifdef OPENSSL_FIPS
|
|
|
|
|
|
|
|
-static void hmac_init(SHA_CTX *md_ctx,SHA_CTX *o_ctx,
|
|
|
|
+static void hmac_init(SHA256_CTX *md_ctx,SHA256_CTX *o_ctx,
|
|
|
|
const char *key)
|
|
|
|
{
|
2009-03-25 21:12:41 +00:00
|
|
|
size_t len=strlen(key);
|
2009-01-15 09:10:25 +00:00
|
|
|
@@ -72,10 +72,10 @@ static void hmac_init(SHA_CTX *md_ctx,SH
|
|
|
|
|
|
|
|
if (len > SHA_CBLOCK)
|
|
|
|
{
|
|
|
|
- SHA1_Init(md_ctx);
|
|
|
|
- SHA1_Update(md_ctx,key,len);
|
|
|
|
- SHA1_Final(keymd,md_ctx);
|
|
|
|
- len=20;
|
|
|
|
+ SHA256_Init(md_ctx);
|
|
|
|
+ SHA256_Update(md_ctx,key,len);
|
|
|
|
+ SHA256_Final(keymd,md_ctx);
|
|
|
|
+ len=SHA256_DIGEST_LENGTH;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
memcpy(keymd,key,len);
|
|
|
|
@@ -83,22 +83,22 @@ static void hmac_init(SHA_CTX *md_ctx,SH
|
|
|
|
|
|
|
|
for(i=0 ; i < HMAC_MAX_MD_CBLOCK ; i++)
|
|
|
|
pad[i]=0x36^keymd[i];
|
|
|
|
- SHA1_Init(md_ctx);
|
|
|
|
- SHA1_Update(md_ctx,pad,SHA_CBLOCK);
|
|
|
|
+ SHA256_Init(md_ctx);
|
|
|
|
+ SHA256_Update(md_ctx,pad,SHA256_CBLOCK);
|
|
|
|
|
|
|
|
for(i=0 ; i < HMAC_MAX_MD_CBLOCK ; i++)
|
|
|
|
pad[i]=0x5c^keymd[i];
|
|
|
|
- SHA1_Init(o_ctx);
|
|
|
|
- SHA1_Update(o_ctx,pad,SHA_CBLOCK);
|
|
|
|
+ SHA256_Init(o_ctx);
|
|
|
|
+ SHA256_Update(o_ctx,pad,SHA256_CBLOCK);
|
|
|
|
}
|
|
|
|
|
|
|
|
-static void hmac_final(unsigned char *md,SHA_CTX *md_ctx,SHA_CTX *o_ctx)
|
|
|
|
+static void hmac_final(unsigned char *md,SHA256_CTX *md_ctx,SHA256_CTX *o_ctx)
|
|
|
|
{
|
|
|
|
- unsigned char buf[20];
|
|
|
|
+ unsigned char buf[SHA256_DIGEST_LENGTH];
|
|
|
|
|
|
|
|
- SHA1_Final(buf,md_ctx);
|
|
|
|
- SHA1_Update(o_ctx,buf,sizeof buf);
|
|
|
|
- SHA1_Final(md,o_ctx);
|
|
|
|
+ SHA256_Final(buf,md_ctx);
|
|
|
|
+ SHA256_Update(o_ctx,buf,sizeof buf);
|
|
|
|
+ SHA256_Final(md,o_ctx);
|
|
|
|
}
|
|
|
|
|
|
|
|
#endif
|
|
|
|
@@ -106,7 +106,7 @@ static void hmac_final(unsigned char *md
|
|
|
|
int main(int argc,char **argv)
|
|
|
|
{
|
|
|
|
#ifdef OPENSSL_FIPS
|
|
|
|
- static char key[]="etaonrishdlcupfm";
|
|
|
|
+ static char key[]="orboDeJITITejsirpADONivirpUkvarP";
|
|
|
|
int n,binary=0;
|
|
|
|
|
|
|
|
if(argc < 2)
|
|
|
|
@@ -125,8 +125,8 @@ int main(int argc,char **argv)
|
|
|
|
for(; n < argc ; ++n)
|
|
|
|
{
|
|
|
|
FILE *f=fopen(argv[n],"rb");
|
|
|
|
- SHA_CTX md_ctx,o_ctx;
|
|
|
|
- unsigned char md[20];
|
|
|
|
+ SHA256_CTX md_ctx,o_ctx;
|
|
|
|
+ unsigned char md[SHA256_DIGEST_LENGTH];
|
|
|
|
int i;
|
|
|
|
|
|
|
|
if(!f)
|
|
|
|
@@ -151,18 +151,18 @@ int main(int argc,char **argv)
|
|
|
|
else
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
- SHA1_Update(&md_ctx,buf,l);
|
|
|
|
+ SHA256_Update(&md_ctx,buf,l);
|
|
|
|
}
|
|
|
|
hmac_final(md,&md_ctx,&o_ctx);
|
|
|
|
|
|
|
|
if (binary)
|
|
|
|
{
|
|
|
|
- fwrite(md,20,1,stdout);
|
|
|
|
+ fwrite(md,SHA256_DIGEST_LENGTH,1,stdout);
|
|
|
|
break; /* ... for single(!) file */
|
|
|
|
}
|
|
|
|
|
|
|
|
- printf("HMAC-SHA1(%s)= ",argv[n]);
|
|
|
|
- for(i=0 ; i < 20 ; ++i)
|
|
|
|
+/* printf("HMAC-SHA1(%s)= ",argv[n]); */
|
|
|
|
+ for(i=0 ; i < SHA256_DIGEST_LENGTH ; ++i)
|
|
|
|
printf("%02x",md[i]);
|
|
|
|
printf("\n");
|
|
|
|
}
|