only ECC NIST Suite B curves support

- drop -fips subpackage
This commit is contained in:
Tomas Mraz 2013-10-16 14:37:51 +02:00
parent 1f19ac14f9
commit b3551463ca
10 changed files with 1723 additions and 613 deletions

1
.gitignore vendored
View File

@ -12,3 +12,4 @@ openssl-1.0.0a-usa.tar.bz2
/openssl-1.0.1b-usa.tar.xz /openssl-1.0.1b-usa.tar.xz
/openssl-1.0.1c-usa.tar.xz /openssl-1.0.1c-usa.tar.xz
/openssl-1.0.1e-usa.tar.xz /openssl-1.0.1e-usa.tar.xz
/openssl-1.0.1e-hobbled.tar.xz

341
ec_curve.c Normal file
View File

@ -0,0 +1,341 @@
/* crypto/ec/ec_curve.c */
/*
* Written by Nils Larsch for the OpenSSL project.
*/
/* ====================================================================
* Copyright (c) 1998-2010 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
* Portions of the attached software ("Contribution") are developed by
* SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
*
* The Contribution is licensed pursuant to the OpenSSL open source
* license provided above.
*
* The elliptic curve binary polynomial software is originally written by
* Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
*
*/
#include "ec_lcl.h"
#include <openssl/err.h>
#include <openssl/obj_mac.h>
#include <openssl/opensslconf.h>
typedef struct {
int field_type, /* either NID_X9_62_prime_field or
* NID_X9_62_characteristic_two_field */
seed_len,
param_len;
unsigned int cofactor; /* promoted to BN_ULONG */
} EC_CURVE_DATA;
static const struct { EC_CURVE_DATA h; unsigned char data[20+48*6]; }
_EC_NIST_PRIME_384 = {
{ NID_X9_62_prime_field,20,48,1 },
{ 0xA3,0x35,0x92,0x6A,0xA3,0x19,0xA2,0x7A,0x1D,0x00, /* seed */
0x89,0x6A,0x67,0x73,0xA4,0x82,0x7A,0xCD,0xAC,0x73,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, /* p */
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFE,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, /* a */
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFE,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFC,
0xB3,0x31,0x2F,0xA7,0xE2,0x3E,0xE7,0xE4,0x98,0x8E, /* b */
0x05,0x6B,0xE3,0xF8,0x2D,0x19,0x18,0x1D,0x9C,0x6E,
0xFE,0x81,0x41,0x12,0x03,0x14,0x08,0x8F,0x50,0x13,
0x87,0x5A,0xC6,0x56,0x39,0x8D,0x8A,0x2E,0xD1,0x9D,
0x2A,0x85,0xC8,0xED,0xD3,0xEC,0x2A,0xEF,
0xAA,0x87,0xCA,0x22,0xBE,0x8B,0x05,0x37,0x8E,0xB1, /* x */
0xC7,0x1E,0xF3,0x20,0xAD,0x74,0x6E,0x1D,0x3B,0x62,
0x8B,0xA7,0x9B,0x98,0x59,0xF7,0x41,0xE0,0x82,0x54,
0x2A,0x38,0x55,0x02,0xF2,0x5D,0xBF,0x55,0x29,0x6C,
0x3A,0x54,0x5E,0x38,0x72,0x76,0x0A,0xB7,
0x36,0x17,0xde,0x4a,0x96,0x26,0x2c,0x6f,0x5d,0x9e, /* y */
0x98,0xbf,0x92,0x92,0xdc,0x29,0xf8,0xf4,0x1d,0xbd,
0x28,0x9a,0x14,0x7c,0xe9,0xda,0x31,0x13,0xb5,0xf0,
0xb8,0xc0,0x0a,0x60,0xb1,0xce,0x1d,0x7e,0x81,0x9d,
0x7a,0x43,0x1d,0x7c,0x90,0xea,0x0e,0x5f,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, /* order */
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0xC7,0x63,0x4D,0x81,0xF4,0x37,
0x2D,0xDF,0x58,0x1A,0x0D,0xB2,0x48,0xB0,0xA7,0x7A,
0xEC,0xEC,0x19,0x6A,0xCC,0xC5,0x29,0x73 }
};
static const struct { EC_CURVE_DATA h; unsigned char data[20+32*6]; }
_EC_X9_62_PRIME_256V1 = {
{ NID_X9_62_prime_field,20,32,1 },
{ 0xC4,0x9D,0x36,0x08,0x86,0xE7,0x04,0x93,0x6A,0x66, /* seed */
0x78,0xE1,0x13,0x9D,0x26,0xB7,0x81,0x9F,0x7E,0x90,
0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x01,0x00,0x00, /* p */
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x01,0x00,0x00, /* a */
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFC,
0x5A,0xC6,0x35,0xD8,0xAA,0x3A,0x93,0xE7,0xB3,0xEB, /* b */
0xBD,0x55,0x76,0x98,0x86,0xBC,0x65,0x1D,0x06,0xB0,
0xCC,0x53,0xB0,0xF6,0x3B,0xCE,0x3C,0x3E,0x27,0xD2,
0x60,0x4B,
0x6B,0x17,0xD1,0xF2,0xE1,0x2C,0x42,0x47,0xF8,0xBC, /* x */
0xE6,0xE5,0x63,0xA4,0x40,0xF2,0x77,0x03,0x7D,0x81,
0x2D,0xEB,0x33,0xA0,0xF4,0xA1,0x39,0x45,0xD8,0x98,
0xC2,0x96,
0x4f,0xe3,0x42,0xe2,0xfe,0x1a,0x7f,0x9b,0x8e,0xe7, /* y */
0xeb,0x4a,0x7c,0x0f,0x9e,0x16,0x2b,0xce,0x33,0x57,
0x6b,0x31,0x5e,0xce,0xcb,0xb6,0x40,0x68,0x37,0xbf,
0x51,0xf5,
0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xFF,0xFF, /* order */
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xBC,0xE6,0xFA,0xAD,
0xA7,0x17,0x9E,0x84,0xF3,0xB9,0xCA,0xC2,0xFC,0x63,
0x25,0x51 }
};
typedef struct _ec_list_element_st {
int nid;
const EC_CURVE_DATA *data;
const EC_METHOD *(*meth)(void);
const char *comment;
} ec_list_element;
static const ec_list_element curve_list[] = {
/* prime field curves */
/* secg curves */
/* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */
{ NID_secp384r1, &_EC_NIST_PRIME_384.h, 0, "NIST/SECG curve over a 384 bit prime field" },
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
{ NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, EC_GFp_nistp256_method, "X9.62/SECG curve over a 256 bit prime field" },
#else
{ NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, 0, "X9.62/SECG curve over a 256 bit prime field" },
#endif
};
#define curve_list_length (sizeof(curve_list)/sizeof(ec_list_element))
static EC_GROUP *ec_group_new_from_data(const ec_list_element curve)
{
EC_GROUP *group=NULL;
EC_POINT *P=NULL;
BN_CTX *ctx=NULL;
BIGNUM *p=NULL, *a=NULL, *b=NULL, *x=NULL, *y=NULL, *order=NULL;
int ok=0;
int seed_len,param_len;
const EC_METHOD *meth;
const EC_CURVE_DATA *data;
const unsigned char *params;
if ((ctx = BN_CTX_new()) == NULL)
{
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_MALLOC_FAILURE);
goto err;
}
data = curve.data;
seed_len = data->seed_len;
param_len = data->param_len;
params = (const unsigned char *)(data+1); /* skip header */
params += seed_len; /* skip seed */
if (!(p = BN_bin2bn(params+0*param_len, param_len, NULL))
|| !(a = BN_bin2bn(params+1*param_len, param_len, NULL))
|| !(b = BN_bin2bn(params+2*param_len, param_len, NULL)))
{
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
goto err;
}
if (curve.meth != 0)
{
meth = curve.meth();
if (((group = EC_GROUP_new(meth)) == NULL) ||
(!(group->meth->group_set_curve(group, p, a, b, ctx))))
{
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
goto err;
}
}
else if (data->field_type == NID_X9_62_prime_field)
{
if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL)
{
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
goto err;
}
}
#ifndef OPENSSL_NO_EC2M
else /* field_type == NID_X9_62_characteristic_two_field */
{
if ((group = EC_GROUP_new_curve_GF2m(p, a, b, ctx)) == NULL)
{
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
goto err;
}
}
#endif
if ((P = EC_POINT_new(group)) == NULL)
{
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
goto err;
}
if (!(x = BN_bin2bn(params+3*param_len, param_len, NULL))
|| !(y = BN_bin2bn(params+4*param_len, param_len, NULL)))
{
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
goto err;
}
if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx))
{
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
goto err;
}
if (!(order = BN_bin2bn(params+5*param_len, param_len, NULL))
|| !BN_set_word(x, (BN_ULONG)data->cofactor))
{
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
goto err;
}
if (!EC_GROUP_set_generator(group, P, order, x))
{
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
goto err;
}
if (seed_len)
{
if (!EC_GROUP_set_seed(group, params-seed_len, seed_len))
{
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
goto err;
}
}
ok=1;
err:
if (!ok)
{
EC_GROUP_free(group);
group = NULL;
}
if (P)
EC_POINT_free(P);
if (ctx)
BN_CTX_free(ctx);
if (p)
BN_free(p);
if (a)
BN_free(a);
if (b)
BN_free(b);
if (order)
BN_free(order);
if (x)
BN_free(x);
if (y)
BN_free(y);
return group;
}
EC_GROUP *EC_GROUP_new_by_curve_name(int nid)
{
size_t i;
EC_GROUP *ret = NULL;
if (nid <= 0)
return NULL;
for (i=0; i<curve_list_length; i++)
if (curve_list[i].nid == nid)
{
ret = ec_group_new_from_data(curve_list[i]);
break;
}
if (ret == NULL)
{
ECerr(EC_F_EC_GROUP_NEW_BY_CURVE_NAME, EC_R_UNKNOWN_GROUP);
return NULL;
}
EC_GROUP_set_curve_name(ret, nid);
return ret;
}
size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems)
{
size_t i, min;
if (r == NULL || nitems == 0)
return curve_list_length;
min = nitems < curve_list_length ? nitems : curve_list_length;
for (i = 0; i < min; i++)
{
r[i].nid = curve_list[i].nid;
r[i].comment = curve_list[i].comment;
}
return curve_list_length;
}

695
ectest.c Normal file
View File

@ -0,0 +1,695 @@
/* crypto/ec/ectest.c */
/*
* Originally written by Bodo Moeller for the OpenSSL project.
*/
/* ====================================================================
* Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
* Portions of the attached software ("Contribution") are developed by
* SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
*
* The Contribution is licensed pursuant to the OpenSSL open source
* license provided above.
*
* The elliptic curve binary polynomial software is originally written by
* Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
*
*/
#include <stdio.h>
#include <stdlib.h>
#ifdef FLAT_INC
#include "e_os.h"
#else
#include "../e_os.h"
#endif
#include <string.h>
#include <time.h>
#ifdef OPENSSL_NO_EC
int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); return 0; }
#else
#include <openssl/ec.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#include <openssl/err.h>
#include <openssl/obj_mac.h>
#include <openssl/objects.h>
#include <openssl/rand.h>
#include <openssl/bn.h>
#include <openssl/opensslconf.h>
#if defined(_MSC_VER) && defined(_MIPS_) && (_MSC_VER/100==12)
/* suppress "too big too optimize" warning */
#pragma warning(disable:4959)
#endif
#define ABORT do { \
fflush(stdout); \
fprintf(stderr, "%s:%d: ABORT\n", __FILE__, __LINE__); \
ERR_print_errors_fp(stderr); \
EXIT(1); \
} while (0)
#define TIMING_BASE_PT 0
#define TIMING_RAND_PT 1
#define TIMING_SIMUL 2
#if 0
static void timings(EC_GROUP *group, int type, BN_CTX *ctx)
{
clock_t clck;
int i, j;
BIGNUM *s;
BIGNUM *r[10], *r0[10];
EC_POINT *P;
s = BN_new();
if (s == NULL) ABORT;
fprintf(stdout, "Timings for %d-bit field, ", EC_GROUP_get_degree(group));
if (!EC_GROUP_get_order(group, s, ctx)) ABORT;
fprintf(stdout, "%d-bit scalars ", (int)BN_num_bits(s));
fflush(stdout);
P = EC_POINT_new(group);
if (P == NULL) ABORT;
EC_POINT_copy(P, EC_GROUP_get0_generator(group));
for (i = 0; i < 10; i++)
{
if ((r[i] = BN_new()) == NULL) ABORT;
if (!BN_pseudo_rand(r[i], BN_num_bits(s), 0, 0)) ABORT;
if (type != TIMING_BASE_PT)
{
if ((r0[i] = BN_new()) == NULL) ABORT;
if (!BN_pseudo_rand(r0[i], BN_num_bits(s), 0, 0)) ABORT;
}
}
clck = clock();
for (i = 0; i < 10; i++)
{
for (j = 0; j < 10; j++)
{
if (!EC_POINT_mul(group, P, (type != TIMING_RAND_PT) ? r[i] : NULL,
(type != TIMING_BASE_PT) ? P : NULL, (type != TIMING_BASE_PT) ? r0[i] : NULL, ctx)) ABORT;
}
}
clck = clock() - clck;
fprintf(stdout, "\n");
#ifdef CLOCKS_PER_SEC
/* "To determine the time in seconds, the value returned
* by the clock function should be divided by the value
* of the macro CLOCKS_PER_SEC."
* -- ISO/IEC 9899 */
# define UNIT "s"
#else
/* "`CLOCKS_PER_SEC' undeclared (first use this function)"
* -- cc on NeXTstep/OpenStep */
# define UNIT "units"
# define CLOCKS_PER_SEC 1
#endif
if (type == TIMING_BASE_PT) {
fprintf(stdout, "%i %s in %.2f " UNIT "\n", i*j,
"base point multiplications", (double)clck/CLOCKS_PER_SEC);
} else if (type == TIMING_RAND_PT) {
fprintf(stdout, "%i %s in %.2f " UNIT "\n", i*j,
"random point multiplications", (double)clck/CLOCKS_PER_SEC);
} else if (type == TIMING_SIMUL) {
fprintf(stdout, "%i %s in %.2f " UNIT "\n", i*j,
"s*P+t*Q operations", (double)clck/CLOCKS_PER_SEC);
}
fprintf(stdout, "average: %.4f " UNIT "\n", (double)clck/(CLOCKS_PER_SEC*i*j));
EC_POINT_free(P);
BN_free(s);
for (i = 0; i < 10; i++)
{
BN_free(r[i]);
if (type != TIMING_BASE_PT) BN_free(r0[i]);
}
}
#endif
/* test multiplication with group order, long and negative scalars */
static void group_order_tests(EC_GROUP *group)
{
BIGNUM *n1, *n2, *order;
EC_POINT *P = EC_POINT_new(group);
EC_POINT *Q = EC_POINT_new(group);
BN_CTX *ctx = BN_CTX_new();
n1 = BN_new(); n2 = BN_new(); order = BN_new();
fprintf(stdout, "verify group order ...");
fflush(stdout);
if (!EC_GROUP_get_order(group, order, ctx)) ABORT;
if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx)) ABORT;
if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
fprintf(stdout, ".");
fflush(stdout);
if (!EC_GROUP_precompute_mult(group, ctx)) ABORT;
if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx)) ABORT;
if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
fprintf(stdout, " ok\n");
fprintf(stdout, "long/negative scalar tests ... ");
if (!BN_one(n1)) ABORT;
/* n1 = 1 - order */
if (!BN_sub(n1, n1, order)) ABORT;
if(!EC_POINT_mul(group, Q, NULL, P, n1, ctx)) ABORT;
if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT;
/* n2 = 1 + order */
if (!BN_add(n2, order, BN_value_one())) ABORT;
if(!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT;
if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT;
/* n2 = (1 - order) * (1 + order) */
if (!BN_mul(n2, n1, n2, ctx)) ABORT;
if(!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT;
if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT;
fprintf(stdout, "ok\n");
EC_POINT_free(P);
EC_POINT_free(Q);
BN_free(n1);
BN_free(n2);
BN_free(order);
BN_CTX_free(ctx);
}
static void prime_field_tests(void)
{
BN_CTX *ctx = NULL;
BIGNUM *p, *a, *b;
EC_GROUP *group;
EC_GROUP *P_160 = NULL, *P_192 = NULL, *P_224 = NULL, *P_256 = NULL, *P_384 = NULL, *P_521 = NULL;
EC_POINT *P, *Q, *R;
BIGNUM *x, *y, *z;
unsigned char buf[100];
size_t i, len;
int k;
#if 1 /* optional */
ctx = BN_CTX_new();
if (!ctx) ABORT;
#endif
p = BN_new();
a = BN_new();
b = BN_new();
if (!p || !a || !b) ABORT;
group = EC_GROUP_new(EC_GFp_mont_method()); /* applications should use EC_GROUP_new_curve_GFp
* so that the library gets to choose the EC_METHOD */
if (!group) ABORT;
P = EC_POINT_new(group);
Q = EC_POINT_new(group);
R = EC_POINT_new(group);
if (!P || !Q || !R) ABORT;
x = BN_new();
y = BN_new();
z = BN_new();
if (!x || !y || !z) ABORT;
/* Curve P-256 (FIPS PUB 186-2, App. 6) */
if (!BN_hex2bn(&p, "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF")) ABORT;
if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT;
if (!BN_hex2bn(&a, "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC")) ABORT;
if (!BN_hex2bn(&b, "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B")) ABORT;
if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT;
if (!BN_hex2bn(&x, "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296")) ABORT;
if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx)) ABORT;
if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT;
if (!BN_hex2bn(&z, "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E"
"84F3B9CAC2FC632551")) ABORT;
if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) ABORT;
if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT;
fprintf(stdout, "\nNIST curve P-256 -- Generator:\n x = 0x");
BN_print_fp(stdout, x);
fprintf(stdout, "\n y = 0x");
BN_print_fp(stdout, y);
fprintf(stdout, "\n");
/* G_y value taken from the standard: */
if (!BN_hex2bn(&z, "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5")) ABORT;
if (0 != BN_cmp(y, z)) ABORT;
fprintf(stdout, "verify degree ...");
if (EC_GROUP_get_degree(group) != 256) ABORT;
fprintf(stdout, " ok\n");
group_order_tests(group);
if (!(P_256 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT;
if (!EC_GROUP_copy(P_256, group)) ABORT;
/* Curve P-384 (FIPS PUB 186-2, App. 6) */
if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
"FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF")) ABORT;
if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT;
if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
"FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC")) ABORT;
if (!BN_hex2bn(&b, "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141"
"120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF")) ABORT;
if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT;
if (!BN_hex2bn(&x, "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B"
"9859F741E082542A385502F25DBF55296C3A545E3872760AB7")) ABORT;
if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx)) ABORT;
if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT;
if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
"FFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973")) ABORT;
if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) ABORT;
if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT;
fprintf(stdout, "\nNIST curve P-384 -- Generator:\n x = 0x");
BN_print_fp(stdout, x);
fprintf(stdout, "\n y = 0x");
BN_print_fp(stdout, y);
fprintf(stdout, "\n");
/* G_y value taken from the standard: */
if (!BN_hex2bn(&z, "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A14"
"7CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F")) ABORT;
if (0 != BN_cmp(y, z)) ABORT;
fprintf(stdout, "verify degree ...");
if (EC_GROUP_get_degree(group) != 384) ABORT;
fprintf(stdout, " ok\n");
group_order_tests(group);
if (!(P_384 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT;
if (!EC_GROUP_copy(P_384, group)) ABORT;
/* more tests using the last curve */
if (!EC_POINT_copy(Q, P)) ABORT;
if (EC_POINT_is_at_infinity(group, Q)) ABORT;
if (!EC_POINT_dbl(group, P, P, ctx)) ABORT;
if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT;
if (!EC_POINT_invert(group, Q, ctx)) ABORT; /* P = -2Q */
if (!EC_POINT_add(group, R, P, Q, ctx)) ABORT;
if (!EC_POINT_add(group, R, R, Q, ctx)) ABORT;
if (!EC_POINT_is_at_infinity(group, R)) ABORT; /* R = P + 2Q */
{
const EC_POINT *points[4];
const BIGNUM *scalars[4];
BIGNUM scalar3;
if (EC_POINT_is_at_infinity(group, Q)) ABORT;
points[0] = Q;
points[1] = Q;
points[2] = Q;
points[3] = Q;
if (!EC_GROUP_get_order(group, z, ctx)) ABORT;
if (!BN_add(y, z, BN_value_one())) ABORT;
if (BN_is_odd(y)) ABORT;
if (!BN_rshift1(y, y)) ABORT;
scalars[0] = y; /* (group order + 1)/2, so y*Q + y*Q = Q */
scalars[1] = y;
fprintf(stdout, "combined multiplication ...");
fflush(stdout);
/* z is still the group order */
if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) ABORT;
if (!EC_POINTs_mul(group, R, z, 2, points, scalars, ctx)) ABORT;
if (0 != EC_POINT_cmp(group, P, R, ctx)) ABORT;
if (0 != EC_POINT_cmp(group, R, Q, ctx)) ABORT;
fprintf(stdout, ".");
fflush(stdout);
if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0)) ABORT;
if (!BN_add(z, z, y)) ABORT;
BN_set_negative(z, 1);
scalars[0] = y;
scalars[1] = z; /* z = -(order + y) */
if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) ABORT;
if (!EC_POINT_is_at_infinity(group, P)) ABORT;
fprintf(stdout, ".");
fflush(stdout);
if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0)) ABORT;
if (!BN_add(z, x, y)) ABORT;
BN_set_negative(z, 1);
scalars[0] = x;
scalars[1] = y;
scalars[2] = z; /* z = -(x+y) */
BN_init(&scalar3);
BN_zero(&scalar3);
scalars[3] = &scalar3;
if (!EC_POINTs_mul(group, P, NULL, 4, points, scalars, ctx)) ABORT;
if (!EC_POINT_is_at_infinity(group, P)) ABORT;
fprintf(stdout, " ok\n\n");
BN_free(&scalar3);
}
#if 0
timings(P_256, TIMING_BASE_PT, ctx);
timings(P_256, TIMING_RAND_PT, ctx);
timings(P_256, TIMING_SIMUL, ctx);
timings(P_384, TIMING_BASE_PT, ctx);
timings(P_384, TIMING_RAND_PT, ctx);
timings(P_384, TIMING_SIMUL, ctx);
#endif
if (ctx)
BN_CTX_free(ctx);
BN_free(p); BN_free(a); BN_free(b);
EC_GROUP_free(group);
EC_POINT_free(P);
EC_POINT_free(Q);
EC_POINT_free(R);
BN_free(x); BN_free(y); BN_free(z);
if (P_160) EC_GROUP_free(P_160);
if (P_192) EC_GROUP_free(P_192);
if (P_224) EC_GROUP_free(P_224);
if (P_256) EC_GROUP_free(P_256);
if (P_384) EC_GROUP_free(P_384);
if (P_521) EC_GROUP_free(P_521);
}
static void internal_curve_test(void)
{
EC_builtin_curve *curves = NULL;
size_t crv_len = 0, n = 0;
int ok = 1;
crv_len = EC_get_builtin_curves(NULL, 0);
curves = OPENSSL_malloc(sizeof(EC_builtin_curve) * crv_len);
if (curves == NULL)
return;
if (!EC_get_builtin_curves(curves, crv_len))
{
OPENSSL_free(curves);
return;
}
fprintf(stdout, "testing internal curves: ");
for (n = 0; n < crv_len; n++)
{
EC_GROUP *group = NULL;
int nid = curves[n].nid;
if ((group = EC_GROUP_new_by_curve_name(nid)) == NULL)
{
ok = 0;
fprintf(stdout, "\nEC_GROUP_new_curve_name() failed with"
" curve %s\n", OBJ_nid2sn(nid));
/* try next curve */
continue;
}
if (!EC_GROUP_check(group, NULL))
{
ok = 0;
fprintf(stdout, "\nEC_GROUP_check() failed with"
" curve %s\n", OBJ_nid2sn(nid));
EC_GROUP_free(group);
/* try the next curve */
continue;
}
fprintf(stdout, ".");
fflush(stdout);
EC_GROUP_free(group);
}
if (ok)
fprintf(stdout, " ok\n\n");
else
{
fprintf(stdout, " failed\n\n");
ABORT;
}
OPENSSL_free(curves);
return;
}
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
/* nistp_test_params contains magic numbers for testing our optimized
* implementations of several NIST curves with characteristic > 3. */
struct nistp_test_params
{
const EC_METHOD* (*meth) ();
int degree;
/* Qx, Qy and D are taken from
* http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/ECDSA_Prime.pdf
* Otherwise, values are standard curve parameters from FIPS 180-3 */
const char *p, *a, *b, *Qx, *Qy, *Gx, *Gy, *order, *d;
};
static const struct nistp_test_params nistp_tests_params[] =
{
{
/* P-256 */
EC_GFp_nistp256_method,
256,
"ffffffff00000001000000000000000000000000ffffffffffffffffffffffff", /* p */
"ffffffff00000001000000000000000000000000fffffffffffffffffffffffc", /* a */
"5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b", /* b */
"b7e08afdfe94bad3f1dc8c734798ba1c62b3a0ad1e9ea2a38201cd0889bc7a19", /* Qx */
"3603f747959dbf7a4bb226e41928729063adc7ae43529e61b563bbc606cc5e09", /* Qy */
"6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296", /* Gx */
"4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5", /* Gy */
"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", /* order */
"c477f9f65c22cce20657faa5b2d1d8122336f851a508a1ed04e479c34985bf96", /* d */
},
};
void nistp_single_test(const struct nistp_test_params *test)
{
BN_CTX *ctx;
BIGNUM *p, *a, *b, *x, *y, *n, *m, *order;
EC_GROUP *NISTP;
EC_POINT *G, *P, *Q, *Q_CHECK;
fprintf(stdout, "\nNIST curve P-%d (optimised implementation):\n", test->degree);
ctx = BN_CTX_new();
p = BN_new();
a = BN_new();
b = BN_new();
x = BN_new(); y = BN_new();
m = BN_new(); n = BN_new(); order = BN_new();
NISTP = EC_GROUP_new(test->meth());
if(!NISTP) ABORT;
if (!BN_hex2bn(&p, test->p)) ABORT;
if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT;
if (!BN_hex2bn(&a, test->a)) ABORT;
if (!BN_hex2bn(&b, test->b)) ABORT;
if (!EC_GROUP_set_curve_GFp(NISTP, p, a, b, ctx)) ABORT;
G = EC_POINT_new(NISTP);
P = EC_POINT_new(NISTP);
Q = EC_POINT_new(NISTP);
Q_CHECK = EC_POINT_new(NISTP);
if(!BN_hex2bn(&x, test->Qx)) ABORT;
if(!BN_hex2bn(&y, test->Qy)) ABORT;
if(!EC_POINT_set_affine_coordinates_GFp(NISTP, Q_CHECK, x, y, ctx)) ABORT;
if (!BN_hex2bn(&x, test->Gx)) ABORT;
if (!BN_hex2bn(&y, test->Gy)) ABORT;
if (!EC_POINT_set_affine_coordinates_GFp(NISTP, G, x, y, ctx)) ABORT;
if (!BN_hex2bn(&order, test->order)) ABORT;
if (!EC_GROUP_set_generator(NISTP, G, order, BN_value_one())) ABORT;
fprintf(stdout, "verify degree ... ");
if (EC_GROUP_get_degree(NISTP) != test->degree) ABORT;
fprintf(stdout, "ok\n");
fprintf(stdout, "NIST test vectors ... ");
if (!BN_hex2bn(&n, test->d)) ABORT;
/* fixed point multiplication */
EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx);
if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) ABORT;
/* random point multiplication */
EC_POINT_mul(NISTP, Q, NULL, G, n, ctx);
if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) ABORT;
/* set generator to P = 2*G, where G is the standard generator */
if (!EC_POINT_dbl(NISTP, P, G, ctx)) ABORT;
if (!EC_GROUP_set_generator(NISTP, P, order, BN_value_one())) ABORT;
/* set the scalar to m=n/2, where n is the NIST test scalar */
if (!BN_rshift(m, n, 1)) ABORT;
/* test the non-standard generator */
/* fixed point multiplication */
EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx);
if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) ABORT;
/* random point multiplication */
EC_POINT_mul(NISTP, Q, NULL, P, m, ctx);
if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) ABORT;
/* now repeat all tests with precomputation */
if (!EC_GROUP_precompute_mult(NISTP, ctx)) ABORT;
/* fixed point multiplication */
EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx);
if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) ABORT;
/* random point multiplication */
EC_POINT_mul(NISTP, Q, NULL, P, m, ctx);
if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) ABORT;
/* reset generator */
if (!EC_GROUP_set_generator(NISTP, G, order, BN_value_one())) ABORT;
/* fixed point multiplication */
EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx);
if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) ABORT;
/* random point multiplication */
EC_POINT_mul(NISTP, Q, NULL, G, n, ctx);
if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) ABORT;
fprintf(stdout, "ok\n");
group_order_tests(NISTP);
#if 0
timings(NISTP, TIMING_BASE_PT, ctx);
timings(NISTP, TIMING_RAND_PT, ctx);
#endif
EC_GROUP_free(NISTP);
EC_POINT_free(G);
EC_POINT_free(P);
EC_POINT_free(Q);
EC_POINT_free(Q_CHECK);
BN_free(n);
BN_free(m);
BN_free(p);
BN_free(a);
BN_free(b);
BN_free(x);
BN_free(y);
BN_free(order);
BN_CTX_free(ctx);
}
void nistp_tests()
{
unsigned i;
for (i = 0; i < sizeof(nistp_tests_params) / sizeof(struct nistp_test_params); i++)
{
nistp_single_test(&nistp_tests_params[i]);
}
}
#endif
static const char rnd_seed[] = "string to make the random number generator think it has entropy";
int main(int argc, char *argv[])
{
/* enable memory leak checking unless explicitly disabled */
if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
{
CRYPTO_malloc_debug_init();
CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
}
else
{
/* OPENSSL_DEBUG_MEMORY=off */
CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
}
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
ERR_load_crypto_strings();
RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */
prime_field_tests();
puts("");
#ifndef OPENSSL_NO_EC2M
char2_field_tests();
#endif
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
nistp_tests();
#endif
/* test the internal curves */
internal_curve_test();
#ifndef OPENSSL_NO_ENGINE
ENGINE_cleanup();
#endif
CRYPTO_cleanup_all_ex_data();
ERR_free_strings();
ERR_remove_thread_state(NULL);
CRYPTO_mem_leaks_fp(stderr);
return 0;
}
#endif

View File

@ -7,6 +7,7 @@ set -e
# MDC-2: 4,908,861 13/03/2007 - expired, we do not remove it but do not enable it anyway # MDC-2: 4,908,861 13/03/2007 - expired, we do not remove it but do not enable it anyway
# IDEA: 5,214,703 07/01/2012 - expired, we do not remove it anymore # IDEA: 5,214,703 07/01/2012 - expired, we do not remove it anymore
# RC5: 5,724,428 01/11/2015 # RC5: 5,724,428 01/11/2015
# EC: ????????? ??/??/2020
# SRP: ????????? ??/??/20?? # SRP: ????????? ??/??/20??
# Remove assembler portions of IDEA, MDC2, and RC5. # Remove assembler portions of IDEA, MDC2, and RC5.
@ -25,12 +26,23 @@ for c in `find crypto/evp -name "*_rc5.c"`; do
> $c > $c
done done
for c in `find crypto/bn -name "*gf2m.c"`; do
echo Destroying $c
> $c
done
for c in `find crypto/ec -name "ec2*.c" -o -name "ec_curve.c" -o -name "ecp_nistp?2?.c" -o -name "ectest.c"`; do
echo Destroying $c
> $c
done
for h in `find crypto ssl apps test -name "*.h"` ; do for h in `find crypto ssl apps test -name "*.h"` ; do
echo Removing RC5, SRP references from $h echo Removing RC5, SRP and EC2M references from $h
cat $h | \ cat $h | \
awk 'BEGIN {ech=1;} \ awk 'BEGIN {ech=1;} \
/^#[ \t]*ifndef.*NO_SRP/ {ech--; next;} \ /^#[ \t]*ifndef.*NO_SRP/ {ech--; next;} \
/^#[ \t]*ifndef.*NO_RC5/ {ech--; next;} \ /^#[ \t]*ifndef.*NO_RC5/ {ech--; next;} \
/^#[ \t]*ifndef.*NO_EC2M/ {ech--; next;} \
/^#[ \t]*if/ {if(ech < 1) ech--;} \ /^#[ \t]*if/ {if(ech < 1) ech--;} \
{if(ech>0) {;print $0};} \ {if(ech>0) {;print $0};} \
/^#[ \t]*endif/ {if(ech < 1) ech++;}' > $h.hobbled && \ /^#[ \t]*endif/ {if(ech < 1) ech++;}' > $h.hobbled && \

View File

@ -1,6 +1,6 @@
diff -up openssl-1.0.1e/crypto/fips/fips.c.fips-ctor openssl-1.0.1e/crypto/fips/fips.c diff -up openssl-1.0.1e/crypto/fips/fips.c.fips-ctor openssl-1.0.1e/crypto/fips/fips.c
--- openssl-1.0.1e/crypto/fips/fips.c.fips-ctor 2013-09-23 18:05:15.731136863 +0200 --- openssl-1.0.1e/crypto/fips/fips.c.fips-ctor 2013-09-26 13:52:30.767885457 +0200
+++ openssl-1.0.1e/crypto/fips/fips.c 2013-09-23 18:18:27.953969770 +0200 +++ openssl-1.0.1e/crypto/fips/fips.c 2013-09-26 14:01:29.406010187 +0200
@@ -60,6 +60,8 @@ @@ -60,6 +60,8 @@
#include <dlfcn.h> #include <dlfcn.h>
#include <stdio.h> #include <stdio.h>
@ -45,7 +45,7 @@ diff -up openssl-1.0.1e/crypto/fips/fips.c.fips-ctor openssl-1.0.1e/crypto/fips/
hmacpath = make_hmac_path(path); hmacpath = make_hmac_path(path);
if (hmacpath == NULL) if (hmacpath == NULL)
@@ -341,6 +339,64 @@ end: @@ -341,6 +339,53 @@ end:
return 1; return 1;
} }
@ -80,37 +80,26 @@ diff -up openssl-1.0.1e/crypto/fips/fips.c.fips-ctor openssl-1.0.1e/crypto/fips/
+ return 1; + return 1;
+ } + }
+ +
+#ifndef FIPS_MODULE_PATH
+#define FIPS_MODULE_PATH "/etc/system-fips"
+#endif
+
+int +int
+FIPS_module_installed(void) +FIPS_module_installed(void)
+ { + {
+ char path[PATH_MAX+1]; + int rv;
+ int rv; + rv = access(FIPS_MODULE_PATH, F_OK);
+ char *hmacpath, *p; + if (rv < 0 && errno != ENOENT)
+ char *hmac = NULL; + rv = 0;
+ size_t n;
+
+ rv = get_library_path("libcrypto.so." SHLIB_VERSION_NUMBER, "FIPS_mode_set", path, sizeof(path));
+ +
+ if (rv < 0) + /* Installed == true */
+ return 0; + return !rv;
+
+ hmacpath = make_hmac_path(path);
+ if (hmacpath == NULL)
+ return 0;
+
+ rv = access(hmacpath, F_OK);
+ if (rv < 0 && errno != ENOENT)
+ rv = 0;
+
+ free(hmacpath);
+ /* Installed == true */
+ return !rv;
+ } + }
+ +
int FIPS_module_mode_set(int onoff, const char *auth) int FIPS_module_mode_set(int onoff, const char *auth)
{ {
int ret = 0; int ret = 0;
@@ -379,15 +435,7 @@ int FIPS_module_mode_set(int onoff, cons @@ -379,15 +424,7 @@ int FIPS_module_mode_set(int onoff, cons
} }
#endif #endif
@ -128,8 +117,8 @@ diff -up openssl-1.0.1e/crypto/fips/fips.c.fips-ctor openssl-1.0.1e/crypto/fips/
FIPSerr(FIPS_F_FIPS_MODULE_MODE_SET,FIPS_R_FINGERPRINT_DOES_NOT_MATCH); FIPSerr(FIPS_F_FIPS_MODULE_MODE_SET,FIPS_R_FINGERPRINT_DOES_NOT_MATCH);
fips_selftest_fail = 1; fips_selftest_fail = 1;
diff -up openssl-1.0.1e/crypto/fips/fips.h.fips-ctor openssl-1.0.1e/crypto/fips/fips.h diff -up openssl-1.0.1e/crypto/fips/fips.h.fips-ctor openssl-1.0.1e/crypto/fips/fips.h
--- openssl-1.0.1e/crypto/fips/fips.h.fips-ctor 2013-09-23 18:05:15.734136931 +0200 --- openssl-1.0.1e/crypto/fips/fips.h.fips-ctor 2013-09-26 13:52:30.814886515 +0200
+++ openssl-1.0.1e/crypto/fips/fips.h 2013-09-23 18:05:15.775137854 +0200 +++ openssl-1.0.1e/crypto/fips/fips.h 2013-09-26 13:52:30.816886560 +0200
@@ -74,6 +74,7 @@ struct hmac_ctx_st; @@ -74,6 +74,7 @@ struct hmac_ctx_st;
int FIPS_module_mode_set(int onoff, const char *auth); int FIPS_module_mode_set(int onoff, const char *auth);
@ -139,33 +128,37 @@ diff -up openssl-1.0.1e/crypto/fips/fips.h.fips-ctor openssl-1.0.1e/crypto/fips/
int FIPS_selftest(void); int FIPS_selftest(void);
int FIPS_selftest_failed(void); int FIPS_selftest_failed(void);
diff -up openssl-1.0.1e/crypto/o_init.c.fips-ctor openssl-1.0.1e/crypto/o_init.c diff -up openssl-1.0.1e/crypto/o_init.c.fips-ctor openssl-1.0.1e/crypto/o_init.c
--- openssl-1.0.1e/crypto/o_init.c.fips-ctor 2013-09-23 18:05:15.762137561 +0200 --- openssl-1.0.1e/crypto/o_init.c.fips-ctor 2013-09-26 13:52:30.807886357 +0200
+++ openssl-1.0.1e/crypto/o_init.c 2013-09-23 18:05:15.776137876 +0200 +++ openssl-1.0.1e/crypto/o_init.c 2013-09-26 14:00:21.000000000 +0200
@@ -73,6 +73,10 @@ static void init_fips_mode(void) @@ -71,6 +71,9 @@ static void init_fips_mode(void)
char buf[2] = "0"; char buf[2] = "0";
int fd; int fd;
+ /* Ensure the selftests always run and abort on error */ + /* Ensure the selftests always run */
+ FIPS_mode_set(1); + FIPS_mode_set(1);
+ FIPS_selftest_check();
+ +
if (secure_getenv("OPENSSL_FORCE_FIPS_MODE") != NULL) if (secure_getenv("OPENSSL_FORCE_FIPS_MODE") != NULL)
{ {
buf[0] = '1'; buf[0] = '1';
@@ -87,9 +91,10 @@ static void init_fips_mode(void) @@ -85,9 +88,15 @@ static void init_fips_mode(void)
* otherwise. * otherwise.
*/ */
- if (buf[0] == '1') - if (buf[0] == '1')
+ if (buf[0] != '1') + if (buf[0] != '1')
{ + {
- FIPS_mode_set(1);
+ /* drop down to non-FIPS mode if it is not requested */ + /* drop down to non-FIPS mode if it is not requested */
+ FIPS_mode_set(0); + FIPS_mode_set(0);
+ }
+ else
{
- FIPS_mode_set(1);
+ /* abort if selftest failed */
+ FIPS_selftest_check();
} }
} }
#endif #endif
@@ -98,13 +103,17 @@ static void init_fips_mode(void) @@ -96,13 +105,17 @@ static void init_fips_mode(void)
* Currently only sets FIPS callbacks * Currently only sets FIPS callbacks
*/ */

View File

@ -1,27 +1,220 @@
diff -up openssl-1.0.1e/crypto/ec/ec2_smpl.c.fips-ec openssl-1.0.1e/crypto/ec/ec2_smpl.c diff -up openssl-1.0.1e/crypto/ecdh/ecdh.h.fips-ec openssl-1.0.1e/crypto/ecdh/ecdh.h
--- openssl-1.0.1e/crypto/ec/ec2_smpl.c.fips-ec 2013-10-15 01:10:57.472546753 +0100 --- openssl-1.0.1e/crypto/ecdh/ecdh.h.fips-ec 2013-05-03 12:19:59.248301642 +0200
+++ openssl-1.0.1e/crypto/ec/ec2_smpl.c 2013-10-15 01:11:10.346529011 +0100 +++ openssl-1.0.1e/crypto/ecdh/ecdh.h 2013-05-03 12:19:59.975317289 +0200
@@ -80,9 +80,6 @@ @@ -85,6 +85,8 @@
extern "C" {
#endif
const EC_METHOD *EC_GF2m_simple_method(void) +#define EC_FLAG_COFACTOR_ECDH 0x1000
+
const ECDH_METHOD *ECDH_OpenSSL(void);
void ECDH_set_default_method(const ECDH_METHOD *);
diff -up openssl-1.0.1e/crypto/ecdh/ecdhtest.c.fips-ec openssl-1.0.1e/crypto/ecdh/ecdhtest.c
--- openssl-1.0.1e/crypto/ecdh/ecdhtest.c.fips-ec 2013-02-11 16:26:04.000000000 +0100
+++ openssl-1.0.1e/crypto/ecdh/ecdhtest.c 2013-05-03 12:19:59.975317289 +0200
@@ -323,11 +323,15 @@ int main(int argc, char *argv[])
if ((ctx=BN_CTX_new()) == NULL) goto err;
/* NIST PRIME CURVES TESTS */
+#if 0
if (!test_ecdh_curve(NID_X9_62_prime192v1, "NIST Prime-Curve P-192", ctx, out)) goto err;
if (!test_ecdh_curve(NID_secp224r1, "NIST Prime-Curve P-224", ctx, out)) goto err;
+#endif
if (!test_ecdh_curve(NID_X9_62_prime256v1, "NIST Prime-Curve P-256", ctx, out)) goto err;
if (!test_ecdh_curve(NID_secp384r1, "NIST Prime-Curve P-384", ctx, out)) goto err;
+#if 0
if (!test_ecdh_curve(NID_secp521r1, "NIST Prime-Curve P-521", ctx, out)) goto err;
+#endif
#ifndef OPENSSL_NO_EC2M
/* NIST BINARY CURVES TESTS */
if (!test_ecdh_curve(NID_sect163k1, "NIST Binary-Curve K-163", ctx, out)) goto err;
diff -up openssl-1.0.1e/crypto/ecdh/ech_lib.c.fips-ec openssl-1.0.1e/crypto/ecdh/ech_lib.c
--- openssl-1.0.1e/crypto/ecdh/ech_lib.c.fips-ec 2013-02-11 16:26:04.000000000 +0100
+++ openssl-1.0.1e/crypto/ecdh/ech_lib.c 2013-05-03 12:19:59.976317311 +0200
@@ -94,14 +94,7 @@ const ECDH_METHOD *ECDH_get_default_meth
{ {
if(!default_ECDH_method)
{
-#ifdef OPENSSL_FIPS -#ifdef OPENSSL_FIPS
- return fips_ec_gf2m_simple_method(); - if (FIPS_mode())
- return FIPS_ecdh_openssl();
- else
- return ECDH_OpenSSL();
-#else -#else
static const EC_METHOD ret = { default_ECDH_method = ECDH_OpenSSL();
EC_FLAGS_DEFAULT_OCT,
NID_X9_62_characteristic_two_field,
@@ -126,7 +123,6 @@ const EC_METHOD *EC_GF2m_simple_method(v
0 /* field_set_to_one */ };
return &ret;
-#endif -#endif
}
return default_ECDH_method;
}
diff -up openssl-1.0.1e/crypto/ecdh/ech_ossl.c.fips-ec openssl-1.0.1e/crypto/ecdh/ech_ossl.c
--- openssl-1.0.1e/crypto/ecdh/ech_ossl.c.fips-ec 2013-02-11 16:26:04.000000000 +0100
+++ openssl-1.0.1e/crypto/ecdh/ech_ossl.c 2013-05-03 12:19:59.976317311 +0200
@@ -79,6 +79,10 @@
#include <openssl/obj_mac.h>
#include <openssl/bn.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
+
static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key,
EC_KEY *ecdh,
void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
@@ -90,7 +94,7 @@ static ECDH_METHOD openssl_ecdh_meth = {
NULL, /* init */
NULL, /* finish */
#endif
- 0, /* flags */
+ ECDH_FLAG_FIPS_METHOD, /* flags */
NULL /* app_data */
};
@@ -118,6 +122,14 @@ static int ecdh_compute_key(void *out, s
size_t buflen, len;
unsigned char *buf=NULL;
+#ifdef OPENSSL_FIPS
+ if(FIPS_selftest_failed())
+ {
+ FIPSerr(FIPS_F_ECDH_COMPUTE_KEY,FIPS_R_FIPS_SELFTEST_FAILED);
+ return -1;
+ }
+#endif
+
if (outlen > INT_MAX)
{
ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); /* sort of, anyway */
@@ -137,6 +149,18 @@ static int ecdh_compute_key(void *out, s
}
group = EC_KEY_get0_group(ecdh);
+
+ if (EC_KEY_get_flags(ecdh) & EC_FLAG_COFACTOR_ECDH)
+ {
+ if (!EC_GROUP_get_cofactor(group, x, ctx) ||
+ !BN_mul(x, x, priv_key, ctx))
+ {
+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ priv_key = x;
+ }
+
if ((tmp=EC_POINT_new(group)) == NULL)
{
ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE);
diff -up openssl-1.0.1e/crypto/ecdsa/ecdsatest.c.fips-ec openssl-1.0.1e/crypto/ecdsa/ecdsatest.c
--- openssl-1.0.1e/crypto/ecdsa/ecdsatest.c.fips-ec 2013-02-11 16:26:04.000000000 +0100
+++ openssl-1.0.1e/crypto/ecdsa/ecdsatest.c 2013-05-03 12:19:59.976317311 +0200
@@ -138,11 +138,14 @@ int restore_rand(void)
} }
static int fbytes_counter = 0;
-static const char *numbers[8] = {
+static const char *numbers[10] = {
+ "651056770906015076056810763456358567190100156695615665659",
"651056770906015076056810763456358567190100156695615665659",
"6140507067065001063065065565667405560006161556565665656654",
"8763001015071075675010661307616710783570106710677817767166"
"71676178726717",
+ "8763001015071075675010661307616710783570106710677817767166"
+ "71676178726717",
"7000000175690566466555057817571571075705015757757057795755"
"55657156756655",
"1275552191113212300012030439187146164646146646466749494799",
@@ -157,7 +160,7 @@ int fbytes(unsigned char *buf, int num)
int ret;
BIGNUM *tmp = NULL;
- if (fbytes_counter >= 8)
+ if (fbytes_counter >= 10)
return 0;
tmp = BN_new();
if (!tmp)
@@ -550,7 +553,9 @@ int main(void)
RAND_seed(rnd_seed, sizeof(rnd_seed));
/* the tests */
+#if 0
if (!x9_62_tests(out)) goto err;
+#endif
if (!test_builtin(out)) goto err;
ret = 0;
diff -up openssl-1.0.1e/crypto/ecdsa/ecs_lib.c.fips-ec openssl-1.0.1e/crypto/ecdsa/ecs_lib.c
--- openssl-1.0.1e/crypto/ecdsa/ecs_lib.c.fips-ec 2013-02-11 16:26:04.000000000 +0100
+++ openssl-1.0.1e/crypto/ecdsa/ecs_lib.c 2013-05-03 12:19:59.977317333 +0200
@@ -81,14 +81,7 @@ const ECDSA_METHOD *ECDSA_get_default_me
{
if(!default_ECDSA_method)
{
-#ifdef OPENSSL_FIPS
- if (FIPS_mode())
- return FIPS_ecdsa_openssl();
- else
- return ECDSA_OpenSSL();
-#else
default_ECDSA_method = ECDSA_OpenSSL();
-#endif
}
return default_ECDSA_method;
}
diff -up openssl-1.0.1e/crypto/ecdsa/ecs_ossl.c.fips-ec openssl-1.0.1e/crypto/ecdsa/ecs_ossl.c
--- openssl-1.0.1e/crypto/ecdsa/ecs_ossl.c.fips-ec 2013-02-11 16:26:04.000000000 +0100
+++ openssl-1.0.1e/crypto/ecdsa/ecs_ossl.c 2013-05-03 12:19:59.977317333 +0200
@@ -60,6 +60,9 @@
#include <openssl/err.h>
#include <openssl/obj_mac.h>
#include <openssl/bn.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dlen,
const BIGNUM *, const BIGNUM *, EC_KEY *eckey);
@@ -77,7 +80,7 @@ static ECDSA_METHOD openssl_ecdsa_meth =
NULL, /* init */
NULL, /* finish */
#endif
- 0, /* flags */
+ ECDSA_FLAG_FIPS_METHOD, /* flags */
NULL /* app_data */
};
@@ -231,6 +234,14 @@ static ECDSA_SIG *ecdsa_do_sign(const un
ECDSA_DATA *ecdsa;
const BIGNUM *priv_key;
+#ifdef OPENSSL_FIPS
+ if(FIPS_selftest_failed())
+ {
+ FIPSerr(FIPS_F_ECDSA_DO_SIGN,FIPS_R_FIPS_SELFTEST_FAILED);
+ return NULL;
+ }
+#endif
+
ecdsa = ecdsa_check(eckey);
group = EC_KEY_get0_group(eckey);
priv_key = EC_KEY_get0_private_key(eckey);
@@ -360,6 +371,14 @@ static int ecdsa_do_verify(const unsigne
const EC_GROUP *group;
const EC_POINT *pub_key;
+#ifdef OPENSSL_FIPS
+ if(FIPS_selftest_failed())
+ {
+ FIPSerr(FIPS_F_ECDSA_DO_VERIFY,FIPS_R_FIPS_SELFTEST_FAILED);
+ return -1;
+ }
+#endif
+
/* check input values */
if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL ||
(pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL)
diff -up openssl-1.0.1e/crypto/ec/ec_key.c.fips-ec openssl-1.0.1e/crypto/ec/ec_key.c diff -up openssl-1.0.1e/crypto/ec/ec_key.c.fips-ec openssl-1.0.1e/crypto/ec/ec_key.c
--- openssl-1.0.1e/crypto/ec/ec_key.c.fips-ec 2013-02-11 15:26:04.000000000 +0000 --- openssl-1.0.1e/crypto/ec/ec_key.c.fips-ec 2013-02-11 16:26:04.000000000 +0100
+++ openssl-1.0.1e/crypto/ec/ec_key.c 2013-10-15 01:08:06.046783148 +0100 +++ openssl-1.0.1e/crypto/ec/ec_key.c 2013-05-03 12:19:59.978317354 +0200
@@ -64,9 +64,6 @@ @@ -64,9 +64,6 @@
#include <string.h> #include <string.h>
#include "ec_lcl.h" #include "ec_lcl.h"
@ -119,8 +312,8 @@ diff -up openssl-1.0.1e/crypto/ec/ec_key.c.fips-ec openssl-1.0.1e/crypto/ec/ec_k
ECerr(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES, ECerr(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES,
EC_R_COORDINATES_OUT_OF_RANGE); EC_R_COORDINATES_OUT_OF_RANGE);
diff -up openssl-1.0.1e/crypto/ec/ecp_mont.c.fips-ec openssl-1.0.1e/crypto/ec/ecp_mont.c diff -up openssl-1.0.1e/crypto/ec/ecp_mont.c.fips-ec openssl-1.0.1e/crypto/ec/ecp_mont.c
--- openssl-1.0.1e/crypto/ec/ecp_mont.c.fips-ec 2013-02-11 15:26:04.000000000 +0000 --- openssl-1.0.1e/crypto/ec/ecp_mont.c.fips-ec 2013-02-11 16:26:04.000000000 +0100
+++ openssl-1.0.1e/crypto/ec/ecp_mont.c 2013-10-15 01:08:06.047783146 +0100 +++ openssl-1.0.1e/crypto/ec/ecp_mont.c 2013-05-03 12:19:59.978317354 +0200
@@ -63,18 +63,11 @@ @@ -63,18 +63,11 @@
#include <openssl/err.h> #include <openssl/err.h>
@ -149,8 +342,8 @@ diff -up openssl-1.0.1e/crypto/ec/ecp_mont.c.fips-ec openssl-1.0.1e/crypto/ec/ec
diff -up openssl-1.0.1e/crypto/ec/ecp_nist.c.fips-ec openssl-1.0.1e/crypto/ec/ecp_nist.c diff -up openssl-1.0.1e/crypto/ec/ecp_nist.c.fips-ec openssl-1.0.1e/crypto/ec/ecp_nist.c
--- openssl-1.0.1e/crypto/ec/ecp_nist.c.fips-ec 2013-02-11 15:26:04.000000000 +0000 --- openssl-1.0.1e/crypto/ec/ecp_nist.c.fips-ec 2013-02-11 16:26:04.000000000 +0100
+++ openssl-1.0.1e/crypto/ec/ecp_nist.c 2013-10-15 01:08:06.047783146 +0100 +++ openssl-1.0.1e/crypto/ec/ecp_nist.c 2013-05-03 12:19:59.978317354 +0200
@@ -67,15 +67,8 @@ @@ -67,15 +67,8 @@
#include <openssl/obj_mac.h> #include <openssl/obj_mac.h>
#include "ec_lcl.h" #include "ec_lcl.h"
@ -176,8 +369,8 @@ diff -up openssl-1.0.1e/crypto/ec/ecp_nist.c.fips-ec openssl-1.0.1e/crypto/ec/ec
int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src) int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src)
diff -up openssl-1.0.1e/crypto/ec/ecp_smpl.c.fips-ec openssl-1.0.1e/crypto/ec/ecp_smpl.c diff -up openssl-1.0.1e/crypto/ec/ecp_smpl.c.fips-ec openssl-1.0.1e/crypto/ec/ecp_smpl.c
--- openssl-1.0.1e/crypto/ec/ecp_smpl.c.fips-ec 2013-02-11 15:26:04.000000000 +0000 --- openssl-1.0.1e/crypto/ec/ecp_smpl.c.fips-ec 2013-02-11 16:26:04.000000000 +0100
+++ openssl-1.0.1e/crypto/ec/ecp_smpl.c 2013-10-15 01:08:06.047783146 +0100 +++ openssl-1.0.1e/crypto/ec/ecp_smpl.c 2013-05-03 12:19:59.979317376 +0200
@@ -65,17 +65,10 @@ @@ -65,17 +65,10 @@
#include <openssl/err.h> #include <openssl/err.h>
#include <openssl/symhacks.h> #include <openssl/symhacks.h>
@ -204,223 +397,22 @@ diff -up openssl-1.0.1e/crypto/ec/ecp_smpl.c.fips-ec openssl-1.0.1e/crypto/ec/ec
} }
diff -up openssl-1.0.1e/crypto/ecdh/ecdh.h.fips-ec openssl-1.0.1e/crypto/ecdh/ecdh.h @@ -186,6 +178,12 @@ int ec_GFp_simple_group_set_curve(EC_GRO
--- openssl-1.0.1e/crypto/ecdh/ecdh.h.fips-ec 2013-10-15 01:08:05.748783559 +0100
+++ openssl-1.0.1e/crypto/ecdh/ecdh.h 2013-10-15 01:08:06.046783148 +0100
@@ -85,6 +85,8 @@
extern "C" {
#endif
+#define EC_FLAG_COFACTOR_ECDH 0x1000
+
const ECDH_METHOD *ECDH_OpenSSL(void);
void ECDH_set_default_method(const ECDH_METHOD *);
diff -up openssl-1.0.1e/crypto/ecdh/ecdhtest.c.fips-ec openssl-1.0.1e/crypto/ecdh/ecdhtest.c
--- openssl-1.0.1e/crypto/ecdh/ecdhtest.c.fips-ec 2013-02-11 15:26:04.000000000 +0000
+++ openssl-1.0.1e/crypto/ecdh/ecdhtest.c 2013-10-15 01:08:06.046783148 +0100
@@ -323,11 +323,15 @@ int main(int argc, char *argv[])
if ((ctx=BN_CTX_new()) == NULL) goto err;
/* NIST PRIME CURVES TESTS */
+#if 0
if (!test_ecdh_curve(NID_X9_62_prime192v1, "NIST Prime-Curve P-192", ctx, out)) goto err;
if (!test_ecdh_curve(NID_secp224r1, "NIST Prime-Curve P-224", ctx, out)) goto err;
+#endif
if (!test_ecdh_curve(NID_X9_62_prime256v1, "NIST Prime-Curve P-256", ctx, out)) goto err;
if (!test_ecdh_curve(NID_secp384r1, "NIST Prime-Curve P-384", ctx, out)) goto err;
+#if 0
if (!test_ecdh_curve(NID_secp521r1, "NIST Prime-Curve P-521", ctx, out)) goto err;
+#endif
#ifndef OPENSSL_NO_EC2M
/* NIST BINARY CURVES TESTS */
if (!test_ecdh_curve(NID_sect163k1, "NIST Binary-Curve K-163", ctx, out)) goto err;
diff -up openssl-1.0.1e/crypto/ecdh/ech_lib.c.fips-ec openssl-1.0.1e/crypto/ecdh/ech_lib.c
--- openssl-1.0.1e/crypto/ecdh/ech_lib.c.fips-ec 2013-02-11 15:26:04.000000000 +0000
+++ openssl-1.0.1e/crypto/ecdh/ech_lib.c 2013-10-15 01:08:06.046783148 +0100
@@ -94,14 +94,7 @@ const ECDH_METHOD *ECDH_get_default_meth
{
if(!default_ECDH_method)
{
-#ifdef OPENSSL_FIPS
- if (FIPS_mode())
- return FIPS_ecdh_openssl();
- else
- return ECDH_OpenSSL();
-#else
default_ECDH_method = ECDH_OpenSSL();
-#endif
}
return default_ECDH_method;
}
diff -up openssl-1.0.1e/crypto/ecdh/ech_ossl.c.fips-ec openssl-1.0.1e/crypto/ecdh/ech_ossl.c
--- openssl-1.0.1e/crypto/ecdh/ech_ossl.c.fips-ec 2013-02-11 15:26:04.000000000 +0000
+++ openssl-1.0.1e/crypto/ecdh/ech_ossl.c 2013-10-15 01:08:06.046783148 +0100
@@ -79,6 +79,10 @@
#include <openssl/obj_mac.h>
#include <openssl/bn.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
+
static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key,
EC_KEY *ecdh,
void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
@@ -90,7 +94,7 @@ static ECDH_METHOD openssl_ecdh_meth = {
NULL, /* init */
NULL, /* finish */
#endif
- 0, /* flags */
+ ECDH_FLAG_FIPS_METHOD, /* flags */
NULL /* app_data */
};
@@ -118,6 +122,14 @@ static int ecdh_compute_key(void *out, s
size_t buflen, len;
unsigned char *buf=NULL;
+#ifdef OPENSSL_FIPS
+ if(FIPS_selftest_failed())
+ {
+ FIPSerr(FIPS_F_ECDH_COMPUTE_KEY,FIPS_R_FIPS_SELFTEST_FAILED);
+ return -1;
+ }
+#endif
+
if (outlen > INT_MAX)
{
ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); /* sort of, anyway */
@@ -137,6 +149,18 @@ static int ecdh_compute_key(void *out, s
}
group = EC_KEY_get0_group(ecdh);
+
+ if (EC_KEY_get_flags(ecdh) & EC_FLAG_COFACTOR_ECDH)
+ {
+ if (!EC_GROUP_get_cofactor(group, x, ctx) ||
+ !BN_mul(x, x, priv_key, ctx))
+ {
+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ priv_key = x;
+ }
+
if ((tmp=EC_POINT_new(group)) == NULL)
{
ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE);
diff -up openssl-1.0.1e/crypto/ecdsa/ecdsatest.c.fips-ec openssl-1.0.1e/crypto/ecdsa/ecdsatest.c
--- openssl-1.0.1e/crypto/ecdsa/ecdsatest.c.fips-ec 2013-02-11 15:26:04.000000000 +0000
+++ openssl-1.0.1e/crypto/ecdsa/ecdsatest.c 2013-10-15 01:08:06.046783148 +0100
@@ -138,11 +138,14 @@ int restore_rand(void)
}
static int fbytes_counter = 0;
-static const char *numbers[8] = {
+static const char *numbers[10] = {
+ "651056770906015076056810763456358567190100156695615665659",
"651056770906015076056810763456358567190100156695615665659",
"6140507067065001063065065565667405560006161556565665656654",
"8763001015071075675010661307616710783570106710677817767166"
"71676178726717",
+ "8763001015071075675010661307616710783570106710677817767166"
+ "71676178726717",
"7000000175690566466555057817571571075705015757757057795755"
"55657156756655",
"1275552191113212300012030439187146164646146646466749494799",
@@ -157,7 +160,7 @@ int fbytes(unsigned char *buf, int num)
int ret;
BIGNUM *tmp = NULL;
- if (fbytes_counter >= 8)
+ if (fbytes_counter >= 10)
return 0; return 0;
tmp = BN_new();
if (!tmp)
@@ -550,7 +553,9 @@ int main(void)
RAND_seed(rnd_seed, sizeof(rnd_seed));
/* the tests */
+#if 0
if (!x9_62_tests(out)) goto err;
+#endif
if (!test_builtin(out)) goto err;
ret = 0;
diff -up openssl-1.0.1e/crypto/ecdsa/ecs_lib.c.fips-ec openssl-1.0.1e/crypto/ecdsa/ecs_lib.c
--- openssl-1.0.1e/crypto/ecdsa/ecs_lib.c.fips-ec 2013-02-11 15:26:04.000000000 +0000
+++ openssl-1.0.1e/crypto/ecdsa/ecs_lib.c 2013-10-15 01:08:06.046783148 +0100
@@ -81,14 +81,7 @@ const ECDSA_METHOD *ECDSA_get_default_me
{
if(!default_ECDSA_method)
{
-#ifdef OPENSSL_FIPS
- if (FIPS_mode())
- return FIPS_ecdsa_openssl();
- else
- return ECDSA_OpenSSL();
-#else
default_ECDSA_method = ECDSA_OpenSSL();
-#endif
} }
return default_ECDSA_method;
}
diff -up openssl-1.0.1e/crypto/ecdsa/ecs_ossl.c.fips-ec openssl-1.0.1e/crypto/ecdsa/ecs_ossl.c
--- openssl-1.0.1e/crypto/ecdsa/ecs_ossl.c.fips-ec 2013-02-11 15:26:04.000000000 +0000
+++ openssl-1.0.1e/crypto/ecdsa/ecs_ossl.c 2013-10-15 01:08:06.046783148 +0100
@@ -60,6 +60,9 @@
#include <openssl/err.h>
#include <openssl/obj_mac.h>
#include <openssl/bn.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dlen, + if (BN_num_bits(p) < 256)
const BIGNUM *, const BIGNUM *, EC_KEY *eckey);
@@ -77,7 +80,7 @@ static ECDSA_METHOD openssl_ecdsa_meth =
NULL, /* init */
NULL, /* finish */
#endif
- 0, /* flags */
+ ECDSA_FLAG_FIPS_METHOD, /* flags */
NULL /* app_data */
};
@@ -231,6 +234,14 @@ static ECDSA_SIG *ecdsa_do_sign(const un
ECDSA_DATA *ecdsa;
const BIGNUM *priv_key;
+#ifdef OPENSSL_FIPS
+ if(FIPS_selftest_failed())
+ { + {
+ FIPSerr(FIPS_F_ECDSA_DO_SIGN,FIPS_R_FIPS_SELFTEST_FAILED); + ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE, EC_R_UNSUPPORTED_FIELD);
+ return NULL; + return 0;
+ } + }
+#endif
+ +
ecdsa = ecdsa_check(eckey); if (ctx == NULL)
group = EC_KEY_get0_group(eckey); {
priv_key = EC_KEY_get0_private_key(eckey); ctx = new_ctx = BN_CTX_new();
@@ -360,6 +371,14 @@ static int ecdsa_do_verify(const unsigne
const EC_GROUP *group;
const EC_POINT *pub_key;
+#ifdef OPENSSL_FIPS
+ if(FIPS_selftest_failed())
+ {
+ FIPSerr(FIPS_F_ECDSA_DO_VERIFY,FIPS_R_FIPS_SELFTEST_FAILED);
+ return -1;
+ }
+#endif
+
/* check input values */
if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL ||
(pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL)
diff -up openssl-1.0.1e/crypto/evp/m_ecdsa.c.fips-ec openssl-1.0.1e/crypto/evp/m_ecdsa.c diff -up openssl-1.0.1e/crypto/evp/m_ecdsa.c.fips-ec openssl-1.0.1e/crypto/evp/m_ecdsa.c
--- openssl-1.0.1e/crypto/evp/m_ecdsa.c.fips-ec 2013-02-11 15:26:04.000000000 +0000 --- openssl-1.0.1e/crypto/evp/m_ecdsa.c.fips-ec 2013-02-11 16:26:04.000000000 +0100
+++ openssl-1.0.1e/crypto/evp/m_ecdsa.c 2013-10-15 01:08:06.047783146 +0100 +++ openssl-1.0.1e/crypto/evp/m_ecdsa.c 2013-05-03 12:19:59.979317376 +0200
@@ -116,7 +116,6 @@ @@ -116,7 +116,6 @@
#include <openssl/x509.h> #include <openssl/x509.h>
@ -443,113 +435,9 @@ diff -up openssl-1.0.1e/crypto/evp/m_ecdsa.c.fips-ec openssl-1.0.1e/crypto/evp/m
} }
#endif #endif
-#endif -#endif
diff -up openssl-1.0.1e/crypto/fips/Makefile.fips-ec openssl-1.0.1e/crypto/fips/Makefile
--- openssl-1.0.1e/crypto/fips/Makefile.fips-ec 2013-10-15 01:08:06.008783200 +0100
+++ openssl-1.0.1e/crypto/fips/Makefile 2013-10-15 01:08:17.627767168 +0100
@@ -24,13 +24,13 @@ LIBSRC=fips_aes_selftest.c fips_des_self
fips_rsa_selftest.c fips_sha_selftest.c fips.c fips_dsa_selftest.c fips_rand.c \
fips_rsa_x931g.c fips_post.c fips_drbg_ctr.c fips_drbg_hash.c fips_drbg_hmac.c \
fips_drbg_lib.c fips_drbg_rand.c fips_drbg_selftest.c fips_rand_lib.c \
- fips_cmac_selftest.c fips_enc.c fips_md.c
+ fips_cmac_selftest.c fips_ecdh_selftest.c fips_ecdsa_selftest.c fips_enc.c fips_md.c
LIBOBJ=fips_aes_selftest.o fips_des_selftest.o fips_hmac_selftest.o fips_rand_selftest.o \
fips_rsa_selftest.o fips_sha_selftest.o fips.o fips_dsa_selftest.o fips_rand.o \
fips_rsa_x931g.o fips_post.o fips_drbg_ctr.o fips_drbg_hash.o fips_drbg_hmac.o \
fips_drbg_lib.o fips_drbg_rand.o fips_drbg_selftest.o fips_rand_lib.o \
- fips_cmac_selftest.o fips_enc.o fips_md.o
+ fips_cmac_selftest.o fips_ecdh_selftest.o fips_ecdsa_selftest.o fips_enc.o fips_md.o
LIBCRYPTO=-L.. -lcrypto
@@ -118,6 +118,21 @@ fips_aes_selftest.o: ../../include/opens
fips_aes_selftest.o: ../../include/openssl/safestack.h
fips_aes_selftest.o: ../../include/openssl/stack.h
fips_aes_selftest.o: ../../include/openssl/symhacks.h fips_aes_selftest.c
+fips_cmac_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+fips_cmac_selftest.o: ../../include/openssl/cmac.h
+fips_cmac_selftest.o: ../../include/openssl/crypto.h
+fips_cmac_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+fips_cmac_selftest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
+fips_cmac_selftest.o: ../../include/openssl/lhash.h
+fips_cmac_selftest.o: ../../include/openssl/obj_mac.h
+fips_cmac_selftest.o: ../../include/openssl/objects.h
+fips_cmac_selftest.o: ../../include/openssl/opensslconf.h
+fips_cmac_selftest.o: ../../include/openssl/opensslv.h
+fips_cmac_selftest.o: ../../include/openssl/ossl_typ.h
+fips_cmac_selftest.o: ../../include/openssl/safestack.h
+fips_cmac_selftest.o: ../../include/openssl/stack.h
+fips_cmac_selftest.o: ../../include/openssl/symhacks.h fips_cmac_selftest.c
+fips_cmac_selftest.o: fips_locl.h
fips_des_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
fips_des_selftest.o: ../../include/openssl/crypto.h
fips_des_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
@@ -231,6 +246,46 @@ fips_dsa_selftest.o: ../../include/opens
fips_dsa_selftest.o: ../../include/openssl/stack.h
fips_dsa_selftest.o: ../../include/openssl/symhacks.h fips_dsa_selftest.c
fips_dsa_selftest.o: fips_locl.h
+fips_ecdh_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+fips_ecdh_selftest.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+fips_ecdh_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+fips_ecdh_selftest.o: ../../include/openssl/ecdh.h ../../include/openssl/err.h
+fips_ecdh_selftest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
+fips_ecdh_selftest.o: ../../include/openssl/lhash.h
+fips_ecdh_selftest.o: ../../include/openssl/obj_mac.h
+fips_ecdh_selftest.o: ../../include/openssl/objects.h
+fips_ecdh_selftest.o: ../../include/openssl/opensslconf.h
+fips_ecdh_selftest.o: ../../include/openssl/opensslv.h
+fips_ecdh_selftest.o: ../../include/openssl/ossl_typ.h
+fips_ecdh_selftest.o: ../../include/openssl/safestack.h
+fips_ecdh_selftest.o: ../../include/openssl/stack.h
+fips_ecdh_selftest.o: ../../include/openssl/symhacks.h fips_ecdh_selftest.c
+fips_ecdh_selftest.o: fips_locl.h
+fips_ecdsa_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+fips_ecdsa_selftest.o: ../../include/openssl/bn.h
+fips_ecdsa_selftest.o: ../../include/openssl/crypto.h
+fips_ecdsa_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+fips_ecdsa_selftest.o: ../../include/openssl/ecdsa.h
+fips_ecdsa_selftest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+fips_ecdsa_selftest.o: ../../include/openssl/fips.h
+fips_ecdsa_selftest.o: ../../include/openssl/lhash.h
+fips_ecdsa_selftest.o: ../../include/openssl/obj_mac.h
+fips_ecdsa_selftest.o: ../../include/openssl/objects.h
+fips_ecdsa_selftest.o: ../../include/openssl/opensslconf.h
+fips_ecdsa_selftest.o: ../../include/openssl/opensslv.h
+fips_ecdsa_selftest.o: ../../include/openssl/ossl_typ.h
+fips_ecdsa_selftest.o: ../../include/openssl/safestack.h
+fips_ecdsa_selftest.o: ../../include/openssl/stack.h
+fips_ecdsa_selftest.o: ../../include/openssl/symhacks.h fips_ecdsa_selftest.c
+fips_enc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+fips_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+fips_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+fips_enc.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
+fips_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+fips_enc.o: ../../include/openssl/opensslconf.h
+fips_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+fips_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+fips_enc.o: ../../include/openssl/symhacks.h fips_enc.c
fips_hmac_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
fips_hmac_selftest.o: ../../include/openssl/crypto.h
fips_hmac_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
@@ -245,6 +300,15 @@ fips_hmac_selftest.o: ../../include/open
fips_hmac_selftest.o: ../../include/openssl/safestack.h
fips_hmac_selftest.o: ../../include/openssl/stack.h
fips_hmac_selftest.o: ../../include/openssl/symhacks.h fips_hmac_selftest.c
+fips_md.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+fips_md.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+fips_md.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+fips_md.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
+fips_md.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+fips_md.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+fips_md.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+fips_md.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+fips_md.o: fips_md.c
fips_post.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
fips_post.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
fips_post.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
diff -up openssl-1.0.1e/crypto/fips/cavs/fips_ecdhvs.c.fips-ec openssl-1.0.1e/crypto/fips/cavs/fips_ecdhvs.c diff -up openssl-1.0.1e/crypto/fips/cavs/fips_ecdhvs.c.fips-ec openssl-1.0.1e/crypto/fips/cavs/fips_ecdhvs.c
--- openssl-1.0.1e/crypto/fips/cavs/fips_ecdhvs.c.fips-ec 2013-10-15 01:08:06.047783146 +0100 --- openssl-1.0.1e/crypto/fips/cavs/fips_ecdhvs.c.fips-ec 2013-05-03 12:19:59.980317397 +0200
+++ openssl-1.0.1e/crypto/fips/cavs/fips_ecdhvs.c 2013-10-15 01:08:06.047783146 +0100 +++ openssl-1.0.1e/crypto/fips/cavs/fips_ecdhvs.c 2013-05-03 12:19:59.980317397 +0200
@@ -0,0 +1,496 @@ @@ -0,0 +1,496 @@
+/* fips/ecdh/fips_ecdhvs.c */ +/* fips/ecdh/fips_ecdhvs.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@ -1048,8 +936,8 @@ diff -up openssl-1.0.1e/crypto/fips/cavs/fips_ecdhvs.c.fips-ec openssl-1.0.1e/cr
+ +
+#endif +#endif
diff -up openssl-1.0.1e/crypto/fips/cavs/fips_ecdsavs.c.fips-ec openssl-1.0.1e/crypto/fips/cavs/fips_ecdsavs.c diff -up openssl-1.0.1e/crypto/fips/cavs/fips_ecdsavs.c.fips-ec openssl-1.0.1e/crypto/fips/cavs/fips_ecdsavs.c
--- openssl-1.0.1e/crypto/fips/cavs/fips_ecdsavs.c.fips-ec 2013-10-15 01:08:06.047783146 +0100 --- openssl-1.0.1e/crypto/fips/cavs/fips_ecdsavs.c.fips-ec 2013-05-03 12:19:59.980317397 +0200
+++ openssl-1.0.1e/crypto/fips/cavs/fips_ecdsavs.c 2013-10-15 01:08:06.047783146 +0100 +++ openssl-1.0.1e/crypto/fips/cavs/fips_ecdsavs.c 2013-05-03 12:19:59.980317397 +0200
@@ -0,0 +1,533 @@ @@ -0,0 +1,533 @@
+/* fips/ecdsa/fips_ecdsavs.c */ +/* fips/ecdsa/fips_ecdsavs.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@ -1584,21 +1472,9 @@ diff -up openssl-1.0.1e/crypto/fips/cavs/fips_ecdsavs.c.fips-ec openssl-1.0.1e/c
+ } + }
+ +
+#endif +#endif
diff -up openssl-1.0.1e/crypto/fips/fips.h.fips-ec openssl-1.0.1e/crypto/fips/fips.h
--- openssl-1.0.1e/crypto/fips/fips.h.fips-ec 2013-10-15 01:08:06.037783160 +0100
+++ openssl-1.0.1e/crypto/fips/fips.h 2013-10-15 01:08:06.048783145 +0100
@@ -94,6 +94,8 @@ int FIPS_selftest_rsa(void);
void FIPS_corrupt_dsa(void);
void FIPS_corrupt_dsa_keygen(void);
int FIPS_selftest_dsa(void);
+int FIPS_selftest_ecdsa(void);
+int FIPS_selftest_ecdh(void);
void FIPS_corrupt_rng(void);
void FIPS_rng_stick(void);
void FIPS_x931_stick(int onoff);
diff -up openssl-1.0.1e/crypto/fips/fips_ecdh_selftest.c.fips-ec openssl-1.0.1e/crypto/fips/fips_ecdh_selftest.c diff -up openssl-1.0.1e/crypto/fips/fips_ecdh_selftest.c.fips-ec openssl-1.0.1e/crypto/fips/fips_ecdh_selftest.c
--- openssl-1.0.1e/crypto/fips/fips_ecdh_selftest.c.fips-ec 2013-10-15 01:08:06.048783145 +0100 --- openssl-1.0.1e/crypto/fips/fips_ecdh_selftest.c.fips-ec 2013-05-03 12:19:59.981317418 +0200
+++ openssl-1.0.1e/crypto/fips/fips_ecdh_selftest.c 2013-10-15 01:08:06.048783145 +0100 +++ openssl-1.0.1e/crypto/fips/fips_ecdh_selftest.c 2013-05-03 12:19:59.981317418 +0200
@@ -0,0 +1,252 @@ @@ -0,0 +1,252 @@
+/* fips/ecdh/fips_ecdh_selftest.c */ +/* fips/ecdh/fips_ecdh_selftest.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@ -1853,8 +1729,8 @@ diff -up openssl-1.0.1e/crypto/fips/fips_ecdh_selftest.c.fips-ec openssl-1.0.1e/
+ +
+#endif +#endif
diff -up openssl-1.0.1e/crypto/fips/fips_ecdsa_selftest.c.fips-ec openssl-1.0.1e/crypto/fips/fips_ecdsa_selftest.c diff -up openssl-1.0.1e/crypto/fips/fips_ecdsa_selftest.c.fips-ec openssl-1.0.1e/crypto/fips/fips_ecdsa_selftest.c
--- openssl-1.0.1e/crypto/fips/fips_ecdsa_selftest.c.fips-ec 2013-10-15 01:08:06.048783145 +0100 --- openssl-1.0.1e/crypto/fips/fips_ecdsa_selftest.c.fips-ec 2013-05-03 12:19:59.981317418 +0200
+++ openssl-1.0.1e/crypto/fips/fips_ecdsa_selftest.c 2013-10-15 01:08:06.048783145 +0100 +++ openssl-1.0.1e/crypto/fips/fips_ecdsa_selftest.c 2013-05-03 12:19:59.981317418 +0200
@@ -0,0 +1,167 @@ @@ -0,0 +1,167 @@
+/* fips/ecdsa/fips_ecdsa_selftest.c */ +/* fips/ecdsa/fips_ecdsa_selftest.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@ -2023,9 +1899,21 @@ diff -up openssl-1.0.1e/crypto/fips/fips_ecdsa_selftest.c.fips-ec openssl-1.0.1e
+ } + }
+ +
+#endif +#endif
diff -up openssl-1.0.1e/crypto/fips/fips.h.fips-ec openssl-1.0.1e/crypto/fips/fips.h
--- openssl-1.0.1e/crypto/fips/fips.h.fips-ec 2013-05-03 12:19:59.942316578 +0200
+++ openssl-1.0.1e/crypto/fips/fips.h 2013-05-03 12:19:59.981317418 +0200
@@ -93,6 +93,8 @@ int FIPS_selftest_rsa(void);
void FIPS_corrupt_dsa(void);
void FIPS_corrupt_dsa_keygen(void);
int FIPS_selftest_dsa(void);
+int FIPS_selftest_ecdsa(void);
+int FIPS_selftest_ecdh(void);
void FIPS_corrupt_rng(void);
void FIPS_rng_stick(void);
void FIPS_x931_stick(int onoff);
diff -up openssl-1.0.1e/crypto/fips/fips_post.c.fips-ec openssl-1.0.1e/crypto/fips/fips_post.c diff -up openssl-1.0.1e/crypto/fips/fips_post.c.fips-ec openssl-1.0.1e/crypto/fips/fips_post.c
--- openssl-1.0.1e/crypto/fips/fips_post.c.fips-ec 2013-10-15 01:08:06.005783204 +0100 --- openssl-1.0.1e/crypto/fips/fips_post.c.fips-ec 2013-05-03 12:19:59.942316578 +0200
+++ openssl-1.0.1e/crypto/fips/fips_post.c 2013-10-15 01:08:06.048783145 +0100 +++ openssl-1.0.1e/crypto/fips/fips_post.c 2013-05-03 12:19:59.982317439 +0200
@@ -95,8 +95,12 @@ int FIPS_selftest(void) @@ -95,8 +95,12 @@ int FIPS_selftest(void)
rv = 0; rv = 0;
if (!FIPS_selftest_rsa()) if (!FIPS_selftest_rsa())
@ -2039,10 +1927,114 @@ diff -up openssl-1.0.1e/crypto/fips/fips_post.c.fips-ec openssl-1.0.1e/crypto/fi
return rv; return rv;
} }
diff -up openssl-1.0.1e/crypto/fips/Makefile.fips-ec openssl-1.0.1e/crypto/fips/Makefile
--- openssl-1.0.1e/crypto/fips/Makefile.fips-ec 2013-05-03 12:19:59.945316642 +0200
+++ openssl-1.0.1e/crypto/fips/Makefile 2013-05-03 12:20:12.173579845 +0200
@@ -24,13 +24,13 @@ LIBSRC=fips_aes_selftest.c fips_des_self
fips_rsa_selftest.c fips_sha_selftest.c fips.c fips_dsa_selftest.c fips_rand.c \
fips_rsa_x931g.c fips_post.c fips_drbg_ctr.c fips_drbg_hash.c fips_drbg_hmac.c \
fips_drbg_lib.c fips_drbg_rand.c fips_drbg_selftest.c fips_rand_lib.c \
- fips_cmac_selftest.c fips_enc.c fips_md.c
+ fips_cmac_selftest.c fips_ecdh_selftest.c fips_ecdsa_selftest.c fips_enc.c fips_md.c
LIBOBJ=fips_aes_selftest.o fips_des_selftest.o fips_hmac_selftest.o fips_rand_selftest.o \
fips_rsa_selftest.o fips_sha_selftest.o fips.o fips_dsa_selftest.o fips_rand.o \
fips_rsa_x931g.o fips_post.o fips_drbg_ctr.o fips_drbg_hash.o fips_drbg_hmac.o \
fips_drbg_lib.o fips_drbg_rand.o fips_drbg_selftest.o fips_rand_lib.o \
- fips_cmac_selftest.o fips_enc.o fips_md.o
+ fips_cmac_selftest.o fips_ecdh_selftest.o fips_ecdsa_selftest.o fips_enc.o fips_md.o
LIBCRYPTO=-L.. -lcrypto
@@ -118,6 +118,21 @@ fips_aes_selftest.o: ../../include/opens
fips_aes_selftest.o: ../../include/openssl/safestack.h
fips_aes_selftest.o: ../../include/openssl/stack.h
fips_aes_selftest.o: ../../include/openssl/symhacks.h fips_aes_selftest.c
+fips_cmac_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+fips_cmac_selftest.o: ../../include/openssl/cmac.h
+fips_cmac_selftest.o: ../../include/openssl/crypto.h
+fips_cmac_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+fips_cmac_selftest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
+fips_cmac_selftest.o: ../../include/openssl/lhash.h
+fips_cmac_selftest.o: ../../include/openssl/obj_mac.h
+fips_cmac_selftest.o: ../../include/openssl/objects.h
+fips_cmac_selftest.o: ../../include/openssl/opensslconf.h
+fips_cmac_selftest.o: ../../include/openssl/opensslv.h
+fips_cmac_selftest.o: ../../include/openssl/ossl_typ.h
+fips_cmac_selftest.o: ../../include/openssl/safestack.h
+fips_cmac_selftest.o: ../../include/openssl/stack.h
+fips_cmac_selftest.o: ../../include/openssl/symhacks.h fips_cmac_selftest.c
+fips_cmac_selftest.o: fips_locl.h
fips_des_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
fips_des_selftest.o: ../../include/openssl/crypto.h
fips_des_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
@@ -231,6 +246,46 @@ fips_dsa_selftest.o: ../../include/opens
fips_dsa_selftest.o: ../../include/openssl/stack.h
fips_dsa_selftest.o: ../../include/openssl/symhacks.h fips_dsa_selftest.c
fips_dsa_selftest.o: fips_locl.h
+fips_ecdh_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+fips_ecdh_selftest.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+fips_ecdh_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+fips_ecdh_selftest.o: ../../include/openssl/ecdh.h ../../include/openssl/err.h
+fips_ecdh_selftest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
+fips_ecdh_selftest.o: ../../include/openssl/lhash.h
+fips_ecdh_selftest.o: ../../include/openssl/obj_mac.h
+fips_ecdh_selftest.o: ../../include/openssl/objects.h
+fips_ecdh_selftest.o: ../../include/openssl/opensslconf.h
+fips_ecdh_selftest.o: ../../include/openssl/opensslv.h
+fips_ecdh_selftest.o: ../../include/openssl/ossl_typ.h
+fips_ecdh_selftest.o: ../../include/openssl/safestack.h
+fips_ecdh_selftest.o: ../../include/openssl/stack.h
+fips_ecdh_selftest.o: ../../include/openssl/symhacks.h fips_ecdh_selftest.c
+fips_ecdh_selftest.o: fips_locl.h
+fips_ecdsa_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+fips_ecdsa_selftest.o: ../../include/openssl/bn.h
+fips_ecdsa_selftest.o: ../../include/openssl/crypto.h
+fips_ecdsa_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+fips_ecdsa_selftest.o: ../../include/openssl/ecdsa.h
+fips_ecdsa_selftest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+fips_ecdsa_selftest.o: ../../include/openssl/fips.h
+fips_ecdsa_selftest.o: ../../include/openssl/lhash.h
+fips_ecdsa_selftest.o: ../../include/openssl/obj_mac.h
+fips_ecdsa_selftest.o: ../../include/openssl/objects.h
+fips_ecdsa_selftest.o: ../../include/openssl/opensslconf.h
+fips_ecdsa_selftest.o: ../../include/openssl/opensslv.h
+fips_ecdsa_selftest.o: ../../include/openssl/ossl_typ.h
+fips_ecdsa_selftest.o: ../../include/openssl/safestack.h
+fips_ecdsa_selftest.o: ../../include/openssl/stack.h
+fips_ecdsa_selftest.o: ../../include/openssl/symhacks.h fips_ecdsa_selftest.c
+fips_enc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+fips_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+fips_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+fips_enc.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
+fips_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+fips_enc.o: ../../include/openssl/opensslconf.h
+fips_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+fips_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+fips_enc.o: ../../include/openssl/symhacks.h fips_enc.c
fips_hmac_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
fips_hmac_selftest.o: ../../include/openssl/crypto.h
fips_hmac_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
@@ -245,6 +300,15 @@ fips_hmac_selftest.o: ../../include/open
fips_hmac_selftest.o: ../../include/openssl/safestack.h
fips_hmac_selftest.o: ../../include/openssl/stack.h
fips_hmac_selftest.o: ../../include/openssl/symhacks.h fips_hmac_selftest.c
+fips_md.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+fips_md.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+fips_md.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+fips_md.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
+fips_md.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+fips_md.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+fips_md.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+fips_md.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+fips_md.o: fips_md.c
fips_post.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
fips_post.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
fips_post.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
diff -up openssl-1.0.1e/version.map.fips-ec openssl-1.0.1e/version.map diff -up openssl-1.0.1e/version.map.fips-ec openssl-1.0.1e/version.map
--- openssl-1.0.1e/version.map.fips-ec 2013-10-15 01:08:06.016783189 +0100 --- openssl-1.0.1e/version.map.fips-ec 2013-05-03 12:19:59.000000000 +0200
+++ openssl-1.0.1e/version.map 2013-10-15 01:08:06.048783145 +0100 +++ openssl-1.0.1e/version.map 2013-05-09 11:11:08.022300608 +0200
@@ -6,3 +6,7 @@ OPENSSL_1.0.1 { @@ -5,3 +5,7 @@ OPENSSL_1.0.1 {
_original*; _original*;
_current*; _current*;
}; };

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,89 @@
diff -up openssl-1.0.1e/apps/speed.c.suiteb openssl-1.0.1e/apps/speed.c
--- openssl-1.0.1e/apps/speed.c.suiteb 2013-09-27 15:57:09.947894307 +0200
+++ openssl-1.0.1e/apps/speed.c 2013-09-27 15:57:52.528852804 +0200
@@ -966,49 +966,21 @@ int MAIN(int argc, char **argv)
else
#endif
#ifndef OPENSSL_NO_ECDSA
- if (strcmp(*argv,"ecdsap160") == 0) ecdsa_doit[R_EC_P160]=2;
- else if (strcmp(*argv,"ecdsap192") == 0) ecdsa_doit[R_EC_P192]=2;
- else if (strcmp(*argv,"ecdsap224") == 0) ecdsa_doit[R_EC_P224]=2;
- else if (strcmp(*argv,"ecdsap256") == 0) ecdsa_doit[R_EC_P256]=2;
+ if (strcmp(*argv,"ecdsap256") == 0) ecdsa_doit[R_EC_P256]=2;
else if (strcmp(*argv,"ecdsap384") == 0) ecdsa_doit[R_EC_P384]=2;
- else if (strcmp(*argv,"ecdsap521") == 0) ecdsa_doit[R_EC_P521]=2;
- else if (strcmp(*argv,"ecdsak163") == 0) ecdsa_doit[R_EC_K163]=2;
- else if (strcmp(*argv,"ecdsak233") == 0) ecdsa_doit[R_EC_K233]=2;
- else if (strcmp(*argv,"ecdsak283") == 0) ecdsa_doit[R_EC_K283]=2;
- else if (strcmp(*argv,"ecdsak409") == 0) ecdsa_doit[R_EC_K409]=2;
- else if (strcmp(*argv,"ecdsak571") == 0) ecdsa_doit[R_EC_K571]=2;
- else if (strcmp(*argv,"ecdsab163") == 0) ecdsa_doit[R_EC_B163]=2;
- else if (strcmp(*argv,"ecdsab233") == 0) ecdsa_doit[R_EC_B233]=2;
- else if (strcmp(*argv,"ecdsab283") == 0) ecdsa_doit[R_EC_B283]=2;
- else if (strcmp(*argv,"ecdsab409") == 0) ecdsa_doit[R_EC_B409]=2;
- else if (strcmp(*argv,"ecdsab571") == 0) ecdsa_doit[R_EC_B571]=2;
else if (strcmp(*argv,"ecdsa") == 0)
{
- for (i=0; i < EC_NUM; i++)
+ for (i=R_EC_P256; i <= R_EC_P384; i++)
ecdsa_doit[i]=1;
}
else
#endif
#ifndef OPENSSL_NO_ECDH
- if (strcmp(*argv,"ecdhp160") == 0) ecdh_doit[R_EC_P160]=2;
- else if (strcmp(*argv,"ecdhp192") == 0) ecdh_doit[R_EC_P192]=2;
- else if (strcmp(*argv,"ecdhp224") == 0) ecdh_doit[R_EC_P224]=2;
- else if (strcmp(*argv,"ecdhp256") == 0) ecdh_doit[R_EC_P256]=2;
+ if (strcmp(*argv,"ecdhp256") == 0) ecdh_doit[R_EC_P256]=2;
else if (strcmp(*argv,"ecdhp384") == 0) ecdh_doit[R_EC_P384]=2;
- else if (strcmp(*argv,"ecdhp521") == 0) ecdh_doit[R_EC_P521]=2;
- else if (strcmp(*argv,"ecdhk163") == 0) ecdh_doit[R_EC_K163]=2;
- else if (strcmp(*argv,"ecdhk233") == 0) ecdh_doit[R_EC_K233]=2;
- else if (strcmp(*argv,"ecdhk283") == 0) ecdh_doit[R_EC_K283]=2;
- else if (strcmp(*argv,"ecdhk409") == 0) ecdh_doit[R_EC_K409]=2;
- else if (strcmp(*argv,"ecdhk571") == 0) ecdh_doit[R_EC_K571]=2;
- else if (strcmp(*argv,"ecdhb163") == 0) ecdh_doit[R_EC_B163]=2;
- else if (strcmp(*argv,"ecdhb233") == 0) ecdh_doit[R_EC_B233]=2;
- else if (strcmp(*argv,"ecdhb283") == 0) ecdh_doit[R_EC_B283]=2;
- else if (strcmp(*argv,"ecdhb409") == 0) ecdh_doit[R_EC_B409]=2;
- else if (strcmp(*argv,"ecdhb571") == 0) ecdh_doit[R_EC_B571]=2;
else if (strcmp(*argv,"ecdh") == 0)
{
- for (i=0; i < EC_NUM; i++)
+ for (i=R_EC_P256; i <= R_EC_P384; i++)
ecdh_doit[i]=1;
}
else
@@ -1097,15 +1069,11 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err,"dsa512 dsa1024 dsa2048\n");
#endif
#ifndef OPENSSL_NO_ECDSA
- BIO_printf(bio_err,"ecdsap160 ecdsap192 ecdsap224 ecdsap256 ecdsap384 ecdsap521\n");
- BIO_printf(bio_err,"ecdsak163 ecdsak233 ecdsak283 ecdsak409 ecdsak571\n");
- BIO_printf(bio_err,"ecdsab163 ecdsab233 ecdsab283 ecdsab409 ecdsab571\n");
+ BIO_printf(bio_err,"ecdsap256 ecdsap384\n");
BIO_printf(bio_err,"ecdsa\n");
#endif
#ifndef OPENSSL_NO_ECDH
- BIO_printf(bio_err,"ecdhp160 ecdhp192 ecdhp224 ecdhp256 ecdhp384 ecdhp521\n");
- BIO_printf(bio_err,"ecdhk163 ecdhk233 ecdhk283 ecdhk409 ecdhk571\n");
- BIO_printf(bio_err,"ecdhb163 ecdhb233 ecdhb283 ecdhb409 ecdhb571\n");
+ BIO_printf(bio_err,"ecdhp256 ecdhp384\n");
BIO_printf(bio_err,"ecdh\n");
#endif
@@ -1181,11 +1149,11 @@ int MAIN(int argc, char **argv)
if (!FIPS_mode() || i != R_DSA_512)
dsa_doit[i]=1;
#ifndef OPENSSL_NO_ECDSA
- for (i=0; i<EC_NUM; i++)
+ for (i=R_EC_P256; i <= R_EC_P384; i++)
ecdsa_doit[i]=1;
#endif
#ifndef OPENSSL_NO_ECDH
- for (i=0; i<EC_NUM; i++)
+ for (i=R_EC_P256; i <= R_EC_P384; i++)
ecdh_doit[i]=1;
#endif
}

View File

@ -21,12 +21,12 @@
Summary: Utilities from the general purpose cryptography library with TLS implementation Summary: Utilities from the general purpose cryptography library with TLS implementation
Name: openssl Name: openssl
Version: 1.0.1e Version: 1.0.1e
Release: 27%{?dist} Release: 28%{?dist}
Epoch: 1 Epoch: 1
# We have to remove certain patented algorithms from the openssl source # We have to remove certain patented algorithms from the openssl source
# tarball with the hobble-openssl script which is included below. # tarball with the hobble-openssl script which is included below.
# The original openssl upstream tarball cannot be shipped in the .src.rpm. # The original openssl upstream tarball cannot be shipped in the .src.rpm.
Source: openssl-%{version}-usa.tar.xz Source: openssl-%{version}-hobbled.tar.xz
Source1: hobble-openssl Source1: hobble-openssl
Source2: Makefile.certificate Source2: Makefile.certificate
Source6: make-dummy-cert Source6: make-dummy-cert
@ -35,7 +35,8 @@ Source8: openssl-thread-test.c
Source9: opensslconf-new.h Source9: opensslconf-new.h
Source10: opensslconf-new-warning.h Source10: opensslconf-new-warning.h
Source11: README.FIPS Source11: README.FIPS
Source12: openssl-fips.conf Source12: ec_curve.c
Source13: ectest.c
# Build changes # Build changes
Patch1: openssl-1.0.1-beta2-rpmbuild.patch Patch1: openssl-1.0.1-beta2-rpmbuild.patch
Patch2: openssl-1.0.0f-defaults.patch Patch2: openssl-1.0.0f-defaults.patch
@ -69,15 +70,16 @@ Patch65: openssl-1.0.0e-chil-fixes.patch
Patch66: openssl-1.0.1-pkgconfig-krb5.patch Patch66: openssl-1.0.1-pkgconfig-krb5.patch
Patch68: openssl-1.0.1e-secure-getenv.patch Patch68: openssl-1.0.1e-secure-getenv.patch
Patch69: openssl-1.0.1c-dh-1024.patch Patch69: openssl-1.0.1c-dh-1024.patch
Patch70: openssl-1.0.1e-fips-ec.patch
Patch71: openssl-1.0.1e-manfix.patch Patch71: openssl-1.0.1e-manfix.patch
Patch72: openssl-1.0.1e-fips-ctor.patch Patch72: openssl-1.0.1e-fips-ctor.patch
Patch73: openssl-1.0.1e-speed-suiteb.patch
# Backported fixes including security fixes # Backported fixes including security fixes
Patch81: openssl-1.0.1-beta2-padlock64.patch Patch81: openssl-1.0.1-beta2-padlock64.patch
Patch82: openssl-1.0.1e-backports.patch Patch82: openssl-1.0.1e-backports.patch
Patch83: openssl-1.0.1e-bad-mac.patch Patch83: openssl-1.0.1e-bad-mac.patch
Patch84: openssl-1.0.1e-trusted-first.patch Patch84: openssl-1.0.1e-trusted-first.patch
Patch85: openssl-1.0.1e-arm-use-elf-auxv-caps.patch Patch85: openssl-1.0.1e-arm-use-elf-auxv-caps.patch
Patch86: openssl-1.0.1e-fips-ec.patch
License: OpenSSL License: OpenSSL
Group: System Environment/Libraries Group: System Environment/Libraries
@ -100,8 +102,8 @@ Group: System Environment/Libraries
Requires: ca-certificates >= 2008-5 Requires: ca-certificates >= 2008-5
# Needed obsoletes due to the base/lib subpackage split # Needed obsoletes due to the base/lib subpackage split
Obsoletes: openssl < 1:1.0.1-0.3.beta3 Obsoletes: openssl < 1:1.0.1-0.3.beta3
# Needed for proper transaction ordering if openssl-fips is installed Obsoletes: openssl-fips < 1:1.0.1e-28
OrderWithRequires(pre): openssl-fips Provides: openssl-fips = %{epoch}:%{version}-%{release}
%description libs %description libs
OpenSSL is a toolkit for supporting cryptography. The openssl-libs OpenSSL is a toolkit for supporting cryptography. The openssl-libs
@ -142,22 +144,15 @@ OpenSSL is a toolkit for supporting cryptography. The openssl-perl
package provides Perl scripts for converting certificates and keys package provides Perl scripts for converting certificates and keys
from other formats to the formats used by the OpenSSL toolkit. from other formats to the formats used by the OpenSSL toolkit.
%package fips
Summary: The FIPS module package for OpenSSL
Group: System Environment/Libraries
Requires: %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release}
%description fips
OpenSSL is a toolkit for supporting cryptography. The openssl-fips
package provides files that complete the installation of the
OpenSSL FIPS module.
%prep %prep
%setup -q -n %{name}-%{version} %setup -q -n %{name}-%{version}
# The hobble_openssl is called here redundantly, just to be sure. # The hobble_openssl is called here redundantly, just to be sure.
# The tarball has already the sources removed. # The tarball has already the sources removed.
%{SOURCE1} > /dev/null %{SOURCE1} > /dev/null
cp %{SOURCE12} %{SOURCE13} crypto/ec/
%patch1 -p1 -b .rpmbuild %patch1 -p1 -b .rpmbuild
%patch2 -p1 -b .defaults %patch2 -p1 -b .defaults
%patch4 -p1 -b .enginesdir %{?_rawbuild} %patch4 -p1 -b .enginesdir %{?_rawbuild}
@ -190,15 +185,16 @@ OpenSSL FIPS module.
%patch66 -p1 -b .krb5 %patch66 -p1 -b .krb5
%patch68 -p1 -b .secure-getenv %patch68 -p1 -b .secure-getenv
%patch69 -p1 -b .dh1024 %patch69 -p1 -b .dh1024
%patch70 -p1 -b .fips-ec
%patch72 -p1 -b .fips-ctor
%patch73 -p1 -b .suiteb
%patch81 -p1 -b .padlock64 %patch81 -p1 -b .padlock64
%patch82 -p1 -b .backports %patch82 -p1 -b .backports
%patch71 -p1 -b .manfix %patch71 -p1 -b .manfix
%patch72 -p1 -b .fips-ctor
%patch83 -p1 -b .bad-mac %patch83 -p1 -b .bad-mac
%patch84 -p1 -b .trusted-first %patch84 -p1 -b .trusted-first
%patch85 -p1 -b .armcap %patch85 -p1 -b .armcap
%patch86 -p1 -b .fips-ec
sed -i 's/SHLIB_VERSION_NUMBER "1.0.0"/SHLIB_VERSION_NUMBER "%{version}"/' crypto/opensslv.h sed -i 's/SHLIB_VERSION_NUMBER "1.0.0"/SHLIB_VERSION_NUMBER "%{version}"/' crypto/opensslv.h
@ -253,7 +249,7 @@ sslarch=linux-ppc64
./Configure \ ./Configure \
--prefix=%{_prefix} --openssldir=%{_sysconfdir}/pki/tls ${sslflags} \ --prefix=%{_prefix} --openssldir=%{_sysconfdir}/pki/tls ${sslflags} \
zlib enable-camellia enable-seed enable-tlsext enable-rfc3779 \ zlib enable-camellia enable-seed enable-tlsext enable-rfc3779 \
enable-cms enable-md2 no-mdc2 no-rc5 no-srp \ enable-cms enable-md2 no-mdc2 no-rc5 no-ec2m no-gost no-srp \
--with-krb5-flavor=MIT --enginesdir=%{_libdir}/openssl/engines \ --with-krb5-flavor=MIT --enginesdir=%{_libdir}/openssl/engines \
--with-krb5-dir=/usr shared ${sslarch} %{?!nofips:fips} --with-krb5-dir=/usr shared ${sslarch} %{?!nofips:fips}
@ -261,7 +257,7 @@ sslarch=linux-ppc64
# marked as not requiring an executable stack. # marked as not requiring an executable stack.
# Also add -DPURIFY to make using valgrind with openssl easier as we do not # Also add -DPURIFY to make using valgrind with openssl easier as we do not
# want to depend on the uninitialized memory as a source of entropy anyway. # want to depend on the uninitialized memory as a source of entropy anyway.
RPM_OPT_FLAGS="$RPM_OPT_FLAGS -Wa,--noexecstack -DPURIFY -DHMAC_SUFFIX=\\\".%{version}-%{release}.hmac\\\"" RPM_OPT_FLAGS="$RPM_OPT_FLAGS -Wa,--noexecstack -DPURIFY"
make depend make depend
make all make all
@ -296,10 +292,10 @@ make -C test apps tests
%{?__debug_package:%{__debug_install_post}} \ %{?__debug_package:%{__debug_install_post}} \
%{__arch_install_post} \ %{__arch_install_post} \
%{__os_install_post} \ %{__os_install_post} \
crypto/fips/fips_standalone_hmac $RPM_BUILD_ROOT%{_libdir}/libcrypto.so.%{version} >$RPM_BUILD_ROOT%{_libdir}/.libcrypto.so.%{version}.%{version}-%{release}.hmac \ crypto/fips/fips_standalone_hmac $RPM_BUILD_ROOT%{_libdir}/libcrypto.so.%{version} >$RPM_BUILD_ROOT%{_libdir}/.libcrypto.so.%{version}.hmac \
ln -sf .libcrypto.so.%{version}.%{version}-%{release}.hmac $RPM_BUILD_ROOT%{_libdir}/.libcrypto.so.%{soversion}.%{version}-%{release}.hmac \ ln -sf .libcrypto.so.%{version}.hmac $RPM_BUILD_ROOT%{_libdir}/.libcrypto.so.%{soversion}.hmac \
crypto/fips/fips_standalone_hmac $RPM_BUILD_ROOT%{_libdir}/libssl.so.%{version} >$RPM_BUILD_ROOT%{_libdir}/.libssl.so.%{version}.%{version}-%{release}.hmac \ crypto/fips/fips_standalone_hmac $RPM_BUILD_ROOT%{_libdir}/libssl.so.%{version} >$RPM_BUILD_ROOT%{_libdir}/.libssl.so.%{version}.hmac \
ln -sf .libssl.so.%{version}.%{version}-%{release}.hmac $RPM_BUILD_ROOT%{_libdir}/.libssl.so.%{soversion}.%{version}-%{release}.hmac \ ln -sf .libssl.so.%{version}.hmac $RPM_BUILD_ROOT%{_libdir}/.libssl.so.%{soversion}.hmac \
%{nil} %{nil}
%define __provides_exclude_from %{_libdir}/openssl %define __provides_exclude_from %{_libdir}/openssl
@ -391,11 +387,6 @@ install -m644 %{SOURCE9} \
$RPM_BUILD_ROOT/%{_prefix}/include/openssl/opensslconf.h $RPM_BUILD_ROOT/%{_prefix}/include/openssl/opensslconf.h
%endif %endif
#install prelink blacklist
mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/prelink.conf.d
install -m644 %{SOURCE12} \
$RPM_BUILD_ROOT/%{_sysconfdir}/prelink.conf.d/openssl-fips.conf
# Remove unused files from upstream fips support # Remove unused files from upstream fips support
rm -rf $RPM_BUILD_ROOT/%{_bindir}/openssl_fips_fingerprint rm -rf $RPM_BUILD_ROOT/%{_bindir}/openssl_fips_fingerprint
rm -rf $RPM_BUILD_ROOT/%{_libdir}/fips_premain.* rm -rf $RPM_BUILD_ROOT/%{_libdir}/fips_premain.*
@ -438,6 +429,8 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
%attr(0755,root,root) %{_libdir}/libcrypto.so.%{soversion} %attr(0755,root,root) %{_libdir}/libcrypto.so.%{soversion}
%attr(0755,root,root) %{_libdir}/libssl.so.%{version} %attr(0755,root,root) %{_libdir}/libssl.so.%{version}
%attr(0755,root,root) %{_libdir}/libssl.so.%{soversion} %attr(0755,root,root) %{_libdir}/libssl.so.%{soversion}
%attr(0644,root,root) %{_libdir}/.libcrypto.so.*.hmac
%attr(0644,root,root) %{_libdir}/.libssl.so.*.hmac
%attr(0755,root,root) %{_libdir}/openssl %attr(0755,root,root) %{_libdir}/openssl
%files devel %files devel
@ -458,23 +451,15 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
%{_sysconfdir}/pki/tls/misc/*.pl %{_sysconfdir}/pki/tls/misc/*.pl
%{_sysconfdir}/pki/tls/misc/tsget %{_sysconfdir}/pki/tls/misc/tsget
%files fips
%defattr(-,root,root)
%attr(0644,root,root) %{_libdir}/.libcrypto.so.*.hmac
%attr(0644,root,root) %{_libdir}/.libssl.so.*.hmac
# We don't want to depend on prelink for this directory
%dir %{_sysconfdir}/prelink.conf.d
%{_sysconfdir}/prelink.conf.d/openssl-fips.conf
%post libs -p /sbin/ldconfig %post libs -p /sbin/ldconfig
%postun libs -p /sbin/ldconfig %postun libs -p /sbin/ldconfig
%pre fips
# Must use pre to avoid some possible races
prelink -u %{_libdir}/libcrypto.so.%{version} %{_libdir}/libssl.so.%{version} 2>/dev/null || :
%changelog %changelog
* Wed Oct 16 2013 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-28
- only ECC NIST Suite B curves support
- drop -fips subpackage
* Mon Oct 14 2013 Tom Callaway <spot@fedoraproject.org> - 1.0.1e-27 * Mon Oct 14 2013 Tom Callaway <spot@fedoraproject.org> - 1.0.1e-27
- resolve bugzilla 319901 (phew! only took 6 years & 9 days) - resolve bugzilla 319901 (phew! only took 6 years & 9 days)

View File

@ -1 +1 @@
3b0845cfbbb2af350ef3b026f8dfcd5f openssl-1.0.1e-usa.tar.xz 6115ae0bb61b481a9195baef72514c2e openssl-1.0.1e-hobbled.tar.xz