fips_rsagtest.c revision 296465
1/* fips_rsagtest.c */ 2/* 3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project 4 * 2005. 5 */ 6/* ==================================================================== 7 * Copyright (c) 2005,2007 The OpenSSL Project. All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in 18 * the documentation and/or other materials provided with the 19 * distribution. 20 * 21 * 3. All advertising materials mentioning features or use of this 22 * software must display the following acknowledgment: 23 * "This product includes software developed by the OpenSSL Project 24 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 25 * 26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 27 * endorse or promote products derived from this software without 28 * prior written permission. For written permission, please contact 29 * licensing@OpenSSL.org. 30 * 31 * 5. Products derived from this software may not be called "OpenSSL" 32 * nor may "OpenSSL" appear in their names without prior written 33 * permission of the OpenSSL Project. 34 * 35 * 6. Redistributions of any form whatsoever must retain the following 36 * acknowledgment: 37 * "This product includes software developed by the OpenSSL Project 38 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 39 * 40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 51 * OF THE POSSIBILITY OF SUCH DAMAGE. 52 * ==================================================================== 53 * 54 * This product includes cryptographic software written by Eric Young 55 * (eay@cryptsoft.com). This product includes software written by Tim 56 * Hudson (tjh@cryptsoft.com). 57 * 58 */ 59 60#include <stdio.h> 61#include <ctype.h> 62#include <string.h> 63#include <openssl/bio.h> 64#include <openssl/evp.h> 65#include <openssl/hmac.h> 66#include <openssl/err.h> 67#include <openssl/bn.h> 68#include <openssl/x509v3.h> 69 70#ifndef OPENSSL_FIPS 71 72int main(int argc, char *argv[]) 73{ 74 printf("No FIPS RSA support\n"); 75 return (0); 76} 77 78#else 79 80# include <openssl/rsa.h> 81# include "fips_utl.h" 82 83int rsa_test(FILE *out, FILE *in); 84static int rsa_printkey1(FILE *out, RSA *rsa, 85 BIGNUM *Xp1, BIGNUM *Xp2, BIGNUM *Xp, BIGNUM *e); 86static int rsa_printkey2(FILE *out, RSA *rsa, 87 BIGNUM *Xq1, BIGNUM *Xq2, BIGNUM *Xq); 88 89int main(int argc, char **argv) 90{ 91 FILE *in = NULL, *out = NULL; 92 93 int ret = 1; 94 95 if (!FIPS_mode_set(1)) { 96 do_print_errors(); 97 goto end; 98 } 99 100 if (argc == 1) 101 in = stdin; 102 else 103 in = fopen(argv[1], "r"); 104 105 if (argc < 2) 106 out = stdout; 107 else 108 out = fopen(argv[2], "w"); 109 110 if (!in) { 111 fprintf(stderr, "FATAL input initialization error\n"); 112 goto end; 113 } 114 115 if (!out) { 116 fprintf(stderr, "FATAL output initialization error\n"); 117 goto end; 118 } 119 120 if (!rsa_test(out, in)) { 121 fprintf(stderr, "FATAL RSAGTEST file processing error\n"); 122 goto end; 123 } else 124 ret = 0; 125 126 end: 127 128 if (ret) 129 do_print_errors(); 130 131 if (in && (in != stdin)) 132 fclose(in); 133 if (out && (out != stdout)) 134 fclose(out); 135 136 return ret; 137 138} 139 140# define RSA_TEST_MAXLINELEN 10240 141 142int rsa_test(FILE *out, FILE *in) 143{ 144 char *linebuf, *olinebuf, *p, *q; 145 char *keyword, *value; 146 RSA *rsa = NULL; 147 BIGNUM *Xp1 = NULL, *Xp2 = NULL, *Xp = NULL; 148 BIGNUM *Xq1 = NULL, *Xq2 = NULL, *Xq = NULL; 149 BIGNUM *e = NULL; 150 int ret = 0; 151 int lnum = 0; 152 153 olinebuf = OPENSSL_malloc(RSA_TEST_MAXLINELEN); 154 linebuf = OPENSSL_malloc(RSA_TEST_MAXLINELEN); 155 156 if (!linebuf || !olinebuf) 157 goto error; 158 159 while (fgets(olinebuf, RSA_TEST_MAXLINELEN, in)) { 160 lnum++; 161 strcpy(linebuf, olinebuf); 162 keyword = linebuf; 163 /* Skip leading space */ 164 while (isspace((unsigned char)*keyword)) 165 keyword++; 166 167 /* Look for = sign */ 168 p = strchr(linebuf, '='); 169 170 /* 171 * If no = or starts with [ (for [foo = bar] line) just copy 172 */ 173 if (!p || *keyword == '[') { 174 if (fputs(olinebuf, out) < 0) 175 goto error; 176 continue; 177 } 178 179 q = p - 1; 180 181 /* Remove trailing space */ 182 while (isspace((unsigned char)*q)) 183 *q-- = 0; 184 185 *p = 0; 186 value = p + 1; 187 188 /* Remove leading space from value */ 189 while (isspace((unsigned char)*value)) 190 value++; 191 192 /* Remove trailing space from value */ 193 p = value + strlen(value) - 1; 194 195 while (*p == '\n' || isspace((unsigned char)*p)) 196 *p-- = 0; 197 198 if (!strcmp(keyword, "xp1")) { 199 if (Xp1 || !do_hex2bn(&Xp1, value)) 200 goto parse_error; 201 } else if (!strcmp(keyword, "xp2")) { 202 if (Xp2 || !do_hex2bn(&Xp2, value)) 203 goto parse_error; 204 } else if (!strcmp(keyword, "Xp")) { 205 if (Xp || !do_hex2bn(&Xp, value)) 206 goto parse_error; 207 } else if (!strcmp(keyword, "xq1")) { 208 if (Xq1 || !do_hex2bn(&Xq1, value)) 209 goto parse_error; 210 } else if (!strcmp(keyword, "xq2")) { 211 if (Xq2 || !do_hex2bn(&Xq2, value)) 212 goto parse_error; 213 } else if (!strcmp(keyword, "Xq")) { 214 if (Xq || !do_hex2bn(&Xq, value)) 215 goto parse_error; 216 } else if (!strcmp(keyword, "e")) { 217 if (e || !do_hex2bn(&e, value)) 218 goto parse_error; 219 } else if (!strcmp(keyword, "p1")) 220 continue; 221 else if (!strcmp(keyword, "p2")) 222 continue; 223 else if (!strcmp(keyword, "p")) 224 continue; 225 else if (!strcmp(keyword, "q1")) 226 continue; 227 else if (!strcmp(keyword, "q2")) 228 continue; 229 else if (!strcmp(keyword, "q")) 230 continue; 231 else if (!strcmp(keyword, "n")) 232 continue; 233 else if (!strcmp(keyword, "d")) 234 continue; 235 else 236 goto parse_error; 237 238 fputs(olinebuf, out); 239 240 if (e && Xp1 && Xp2 && Xp) { 241 rsa = FIPS_rsa_new(); 242 if (!rsa) 243 goto error; 244 if (!rsa_printkey1(out, rsa, Xp1, Xp2, Xp, e)) 245 goto error; 246 BN_free(Xp1); 247 Xp1 = NULL; 248 BN_free(Xp2); 249 Xp2 = NULL; 250 BN_free(Xp); 251 Xp = NULL; 252 BN_free(e); 253 e = NULL; 254 } 255 256 if (rsa && Xq1 && Xq2 && Xq) { 257 if (!rsa_printkey2(out, rsa, Xq1, Xq2, Xq)) 258 goto error; 259 BN_free(Xq1); 260 Xq1 = NULL; 261 BN_free(Xq2); 262 Xq2 = NULL; 263 BN_free(Xq); 264 Xq = NULL; 265 FIPS_rsa_free(rsa); 266 rsa = NULL; 267 } 268 } 269 270 ret = 1; 271 272 error: 273 274 if (olinebuf) 275 OPENSSL_free(olinebuf); 276 if (linebuf) 277 OPENSSL_free(linebuf); 278 279 if (Xp1) 280 BN_free(Xp1); 281 if (Xp2) 282 BN_free(Xp2); 283 if (Xp) 284 BN_free(Xp); 285 if (Xq1) 286 BN_free(Xq1); 287 if (Xq1) 288 BN_free(Xq1); 289 if (Xq2) 290 BN_free(Xq2); 291 if (Xq) 292 BN_free(Xq); 293 if (e) 294 BN_free(e); 295 if (rsa) 296 FIPS_rsa_free(rsa); 297 298 return ret; 299 300 parse_error: 301 302 fprintf(stderr, "FATAL parse error processing line %d\n", lnum); 303 304 goto error; 305 306} 307 308static int rsa_printkey1(FILE *out, RSA *rsa, 309 BIGNUM *Xp1, BIGNUM *Xp2, BIGNUM *Xp, BIGNUM *e) 310{ 311 int ret = 0; 312 BIGNUM *p1 = NULL, *p2 = NULL; 313 p1 = BN_new(); 314 p2 = BN_new(); 315 if (!p1 || !p2) 316 goto error; 317 318 if (!RSA_X931_derive_ex(rsa, p1, p2, NULL, NULL, Xp1, Xp2, Xp, 319 NULL, NULL, NULL, e, NULL)) 320 goto error; 321 322 do_bn_print_name(out, "p1", p1); 323 do_bn_print_name(out, "p2", p2); 324 do_bn_print_name(out, "p", rsa->p); 325 326 ret = 1; 327 328 error: 329 if (p1) 330 BN_free(p1); 331 if (p2) 332 BN_free(p2); 333 334 return ret; 335} 336 337static int rsa_printkey2(FILE *out, RSA *rsa, 338 BIGNUM *Xq1, BIGNUM *Xq2, BIGNUM *Xq) 339{ 340 int ret = 0; 341 BIGNUM *q1 = NULL, *q2 = NULL; 342 q1 = BN_new(); 343 q2 = BN_new(); 344 if (!q1 || !q2) 345 goto error; 346 347 if (!RSA_X931_derive_ex(rsa, NULL, NULL, q1, q2, NULL, NULL, NULL, 348 Xq1, Xq2, Xq, NULL, NULL)) 349 goto error; 350 351 do_bn_print_name(out, "q1", q1); 352 do_bn_print_name(out, "q2", q2); 353 do_bn_print_name(out, "q", rsa->q); 354 do_bn_print_name(out, "n", rsa->n); 355 do_bn_print_name(out, "d", rsa->d); 356 357 ret = 1; 358 359 error: 360 if (q1) 361 BN_free(q1); 362 if (q2) 363 BN_free(q2); 364 365 return ret; 366} 367 368#endif 369