1193645Ssimon/* ====================================================================
2193645Ssimon * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
3193645Ssimon *
4193645Ssimon * Redistribution and use in source and binary forms, with or without
5193645Ssimon * modification, are permitted provided that the following conditions
6193645Ssimon * are met:
7193645Ssimon *
8193645Ssimon * 1. Redistributions of source code must retain the above copyright
9296465Sdelphij *    notice, this list of conditions and the following disclaimer.
10193645Ssimon *
11193645Ssimon * 2. Redistributions in binary form must reproduce the above copyright
12193645Ssimon *    notice, this list of conditions and the following disclaimer in
13193645Ssimon *    the documentation and/or other materials provided with the
14193645Ssimon *    distribution.
15193645Ssimon *
16193645Ssimon * 3. All advertising materials mentioning features or use of this
17193645Ssimon *    software must display the following acknowledgment:
18193645Ssimon *    "This product includes software developed by the OpenSSL Project
19193645Ssimon *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
20193645Ssimon *
21193645Ssimon * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22193645Ssimon *    endorse or promote products derived from this software without
23193645Ssimon *    prior written permission. For written permission, please contact
24193645Ssimon *    openssl-core@openssl.org.
25193645Ssimon *
26193645Ssimon * 5. Products derived from this software may not be called "OpenSSL"
27193645Ssimon *    nor may "OpenSSL" appear in their names without prior written
28193645Ssimon *    permission of the OpenSSL Project.
29193645Ssimon *
30193645Ssimon * 6. Redistributions of any form whatsoever must retain the following
31193645Ssimon *    acknowledgment:
32193645Ssimon *    "This product includes software developed by the OpenSSL Project
33193645Ssimon *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
34193645Ssimon *
35193645Ssimon * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36193645Ssimon * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37193645Ssimon * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38193645Ssimon * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
39193645Ssimon * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40193645Ssimon * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41193645Ssimon * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42193645Ssimon * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43193645Ssimon * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44193645Ssimon * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45193645Ssimon * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46193645Ssimon * OF THE POSSIBILITY OF SUCH DAMAGE.
47193645Ssimon *
48193645Ssimon */
49193645Ssimon
50193645Ssimon#include <string.h>
51193645Ssimon#include <openssl/err.h>
52193645Ssimon#include <openssl/fips.h>
53193645Ssimon#include <openssl/hmac.h>
54193645Ssimon
55193645Ssimon#ifdef OPENSSL_FIPS
56193645Ssimontypedef struct {
57296465Sdelphij    const EVP_MD *(*alg) (void);
58296465Sdelphij    const char *key, *iv;
59296465Sdelphij    unsigned char kaval[EVP_MAX_MD_SIZE];
60193645Ssimon} HMAC_KAT;
61193645Ssimon
62193645Ssimonstatic const HMAC_KAT vector[] = {
63296465Sdelphij    {EVP_sha1,
64296465Sdelphij     /*
65296465Sdelphij      * from http://csrc.nist.gov/publications/fips/fips198/fips-198a.pdf
66296465Sdelphij      */
67296465Sdelphij     "0123456789:;<=>?@ABC",
68296465Sdelphij     "Sample #2",
69296465Sdelphij     {0x09, 0x22, 0xd3, 0x40, 0x5f, 0xaa, 0x3d, 0x19,
70296465Sdelphij      0x4f, 0x82, 0xa4, 0x58, 0x30, 0x73, 0x7d, 0x5c,
71296465Sdelphij      0xc6, 0xc7, 0x5d, 0x24}
72296465Sdelphij     },
73296465Sdelphij    {EVP_sha224,
74296465Sdelphij     /* just keep extending the above... */
75296465Sdelphij     "0123456789:;<=>?@ABC",
76296465Sdelphij     "Sample #2",
77296465Sdelphij     {0xdd, 0xef, 0x0a, 0x40, 0xcb, 0x7d, 0x50, 0xfb,
78296465Sdelphij      0x6e, 0xe6, 0xce, 0xa1, 0x20, 0xba, 0x26, 0xaa,
79296465Sdelphij      0x08, 0xf3, 0x07, 0x75, 0x87, 0xb8, 0xad, 0x1b,
80296465Sdelphij      0x8c, 0x8d, 0x12, 0xc7}
81296465Sdelphij     },
82296465Sdelphij    {EVP_sha256,
83296465Sdelphij     "0123456789:;<=>?@ABC",
84296465Sdelphij     "Sample #2",
85296465Sdelphij     {0xb8, 0xf2, 0x0d, 0xb5, 0x41, 0xea, 0x43, 0x09,
86296465Sdelphij      0xca, 0x4e, 0xa9, 0x38, 0x0c, 0xd0, 0xe8, 0x34,
87296465Sdelphij      0xf7, 0x1f, 0xbe, 0x91, 0x74, 0xa2, 0x61, 0x38,
88296465Sdelphij      0x0d, 0xc1, 0x7e, 0xae, 0x6a, 0x34, 0x51, 0xd9}
89296465Sdelphij     },
90296465Sdelphij    {EVP_sha384,
91296465Sdelphij     "0123456789:;<=>?@ABC",
92296465Sdelphij     "Sample #2",
93296465Sdelphij     {0x08, 0xbc, 0xb0, 0xda, 0x49, 0x1e, 0x87, 0xad,
94296465Sdelphij      0x9a, 0x1d, 0x6a, 0xce, 0x23, 0xc5, 0x0b, 0xf6,
95296465Sdelphij      0xb7, 0x18, 0x06, 0xa5, 0x77, 0xcd, 0x49, 0x04,
96296465Sdelphij      0x89, 0xf1, 0xe6, 0x23, 0x44, 0x51, 0x51, 0x9f,
97296465Sdelphij      0x85, 0x56, 0x80, 0x79, 0x0c, 0xbd, 0x4d, 0x50,
98296465Sdelphij      0xa4, 0x5f, 0x29, 0xe3, 0x93, 0xf0, 0xe8, 0x7f}
99296465Sdelphij     },
100296465Sdelphij    {EVP_sha512,
101296465Sdelphij     "0123456789:;<=>?@ABC",
102296465Sdelphij     "Sample #2",
103296465Sdelphij     {0x80, 0x9d, 0x44, 0x05, 0x7c, 0x5b, 0x95, 0x41,
104296465Sdelphij      0x05, 0xbd, 0x04, 0x13, 0x16, 0xdb, 0x0f, 0xac,
105296465Sdelphij      0x44, 0xd5, 0xa4, 0xd5, 0xd0, 0x89, 0x2b, 0xd0,
106296465Sdelphij      0x4e, 0x86, 0x64, 0x12, 0xc0, 0x90, 0x77, 0x68,
107296465Sdelphij      0xf1, 0x87, 0xb7, 0x7c, 0x4f, 0xae, 0x2c, 0x2f,
108296465Sdelphij      0x21, 0xa5, 0xb5, 0x65, 0x9a, 0x4f, 0x4b, 0xa7,
109296465Sdelphij      0x47, 0x02, 0xa3, 0xde, 0x9b, 0x51, 0xf1, 0x45,
110296465Sdelphij      0xbd, 0x4f, 0x25, 0x27, 0x42, 0x98, 0x99, 0x05}
111296465Sdelphij     },
112193645Ssimon};
113193645Ssimon
114193645Ssimonint FIPS_selftest_hmac()
115296465Sdelphij{
116205128Ssimon    size_t n;
117296465Sdelphij    unsigned int outlen;
118296465Sdelphij    unsigned char out[EVP_MAX_MD_SIZE];
119296465Sdelphij    const EVP_MD *md;
120193645Ssimon    const HMAC_KAT *t;
121193645Ssimon
122296465Sdelphij    for (n = 0, t = vector; n < sizeof(vector) / sizeof(vector[0]); n++, t++) {
123296465Sdelphij        md = (*t->alg) ();
124296465Sdelphij        HMAC(md, t->key, strlen(t->key),
125296465Sdelphij             (const unsigned char *)t->iv, strlen(t->iv), out, &outlen);
126193645Ssimon
127296465Sdelphij        if (memcmp(out, t->kaval, outlen)) {
128296465Sdelphij            FIPSerr(FIPS_F_FIPS_SELFTEST_HMAC, FIPS_R_SELFTEST_FAILED);
129296465Sdelphij            return 0;
130296465Sdelphij        }
131296465Sdelphij    }
132193645Ssimon    return 1;
133296465Sdelphij}
134193645Ssimon#endif
135