fips/rsa/fips_rsastest.c

226890Sdim/* fips_rsastest.c */
193326Sed/*
193326Sed * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
193326Sed * 2005.
193326Sed */
193326Sed/* ====================================================================
193326Sed * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
193326Sed *
193326Sed * Redistribution and use in source and binary forms, with or without
193326Sed * modification, are permitted provided that the following conditions
226890Sdim * are met:
193326Sed *
193326Sed * 1. Redistributions of source code must retain the above copyright
193326Sed *    notice, this list of conditions and the following disclaimer.
212904Sdim *
212904Sdim * 2. Redistributions in binary form must reproduce the above copyright
193326Sed *    notice, this list of conditions and the following disclaimer in
223017Sdim *    the documentation and/or other materials provided with the
193326Sed *    distribution.
193326Sed *
212904Sdim * 3. All advertising materials mentioning features or use of this
193326Sed *    software must display the following acknowledgment:
193326Sed *    "This product includes software developed by the OpenSSL Project
193326Sed *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
193326Sed *
193326Sed * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
193326Sed *    endorse or promote products derived from this software without
193326Sed *    prior written permission. For written permission, please contact
193326Sed *    licensing@OpenSSL.org.
193326Sed *
193326Sed * 5. Products derived from this software may not be called "OpenSSL"
193326Sed *    nor may "OpenSSL" appear in their names without prior written
193326Sed *    permission of the OpenSSL Project.
198092Srdivacky *
193326Sed * 6. Redistributions of any form whatsoever must retain the following
193326Sed *    acknowledgment:
193326Sed *    "This product includes software developed by the OpenSSL Project
193326Sed *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
193326Sed *
193326Sed * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
193326Sed * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
193326Sed * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
193326Sed * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
198092Srdivacky * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
235633Sdim * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
208600Srdivacky * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
198092Srdivacky * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
235633Sdim * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
208600Srdivacky * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
208600Srdivacky * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
208600Srdivacky * OF THE POSSIBILITY OF SUCH DAMAGE.
208600Srdivacky * ====================================================================
193326Sed *
193326Sed * This product includes cryptographic software written by Eric Young
198092Srdivacky * (eay@cryptsoft.com).  This product includes software written by Tim
208600Srdivacky * Hudson (tjh@cryptsoft.com).
208600Srdivacky *
208600Srdivacky */
193326Sed
198092Srdivacky#include <stdio.h>
226890Sdim#include <ctype.h>
193326Sed#include <string.h>
226890Sdim#include <openssl/bio.h>
208600Srdivacky#include <openssl/evp.h>
226890Sdim#include <openssl/hmac.h>
226890Sdim#include <openssl/err.h>
193326Sed#include <openssl/bn.h>
193326Sed#include <openssl/x509v3.h>
193326Sed
210299Sed#ifndef OPENSSL_FIPS
224145Sdim
224145Sdimint main(int argc, char *argv[])
224145Sdim{
224145Sdim    printf("No FIPS RSA support\n");
193326Sed    return (0);
208600Srdivacky}
235633Sdim
208600Srdivacky#else
218893Sdim
226890Sdim# include <openssl/rsa.h>
235633Sdim# include "fips_utl.h"
235633Sdim
208600Srdivackystatic int rsa_stest(FILE *out, FILE *in, int Saltlen);
208600Srdivackystatic int rsa_printsig(FILE *out, RSA *rsa, const EVP_MD *dgst,
193326Sed                        unsigned char *Msg, long Msglen, int Saltlen);
193326Sed
193326Sedint main(int argc, char **argv)
193326Sed{
193326Sed    FILE *in = NULL, *out = NULL;
193326Sed
208600Srdivacky    int ret = 1, Saltlen = -1;
198092Srdivacky
193326Sed    if (!FIPS_mode_set(1)) {
193326Sed        do_print_errors();
224145Sdim        goto end;
224145Sdim    }
198092Srdivacky
193326Sed    if ((argc > 2) && !strcmp("-saltlen", argv[1])) {
193326Sed        Saltlen = atoi(argv[2]);
208600Srdivacky        if (Saltlen < 0) {
193326Sed            fprintf(stderr, "FATAL: Invalid salt length\n");
198092Srdivacky            goto end;
208600Srdivacky        }
208600Srdivacky        argc -= 2;
208600Srdivacky        argv += 2;
208600Srdivacky    } else if ((argc > 1) && !strcmp("-x931", argv[1])) {
208600Srdivacky        Saltlen = -2;
208600Srdivacky        argc--;
208600Srdivacky        argv++;
208600Srdivacky    }
208600Srdivacky
208600Srdivacky    if (argc == 1)
208600Srdivacky        in = stdin;
208600Srdivacky    else
208600Srdivacky        in = fopen(argv[1], "r");
208600Srdivacky
208600Srdivacky    if (argc < 2)
208600Srdivacky        out = stdout;
208600Srdivacky    else
224145Sdim        out = fopen(argv[2], "w");
224145Sdim
193326Sed    if (!in) {
193326Sed        fprintf(stderr, "FATAL input initialization error\n");
224145Sdim        goto end;
193326Sed    }
245431Sdim
193326Sed    if (!out) {
208600Srdivacky        fprintf(stderr, "FATAL output initialization error\n");
208600Srdivacky        goto end;
224145Sdim    }
224145Sdim
224145Sdim    if (!rsa_stest(out, in, Saltlen)) {
224145Sdim        fprintf(stderr, "FATAL RSASTEST file processing error\n");
224145Sdim        goto end;
224145Sdim    } else
224145Sdim        ret = 0;
224145Sdim
235633Sdim end:
224145Sdim
224145Sdim    if (ret)
224145Sdim        do_print_errors();
224145Sdim
224145Sdim    if (in && (in != stdin))
224145Sdim        fclose(in);
224145Sdim    if (out && (out != stdout))
224145Sdim        fclose(out);
224145Sdim
224145Sdim    return ret;
224145Sdim
224145Sdim}
224145Sdim
235633Sdim# define RSA_TEST_MAXLINELEN     10240
235633Sdim
224145Sdimint rsa_stest(FILE *out, FILE *in, int Saltlen)
224145Sdim{
224145Sdim    char *linebuf, *olinebuf, *p, *q;
224145Sdim    char *keyword, *value;
224145Sdim    RSA *rsa = NULL;
224145Sdim    const EVP_MD *dgst = NULL;
224145Sdim    unsigned char *Msg = NULL;
224145Sdim    long Msglen = -1;
224145Sdim    int keylen = -1, current_keylen = -1;
224145Sdim    int ret = 0;
224145Sdim    int lnum = 0;
224145Sdim
224145Sdim    olinebuf = OPENSSL_malloc(RSA_TEST_MAXLINELEN);
245431Sdim    linebuf = OPENSSL_malloc(RSA_TEST_MAXLINELEN);
245431Sdim
245431Sdim    if (!linebuf || !olinebuf)
224145Sdim        goto error;
245431Sdim
245431Sdim    while (fgets(olinebuf, RSA_TEST_MAXLINELEN, in)) {
245431Sdim        lnum++;
224145Sdim        strcpy(linebuf, olinebuf);
245431Sdim        keyword = linebuf;
245431Sdim        /* Skip leading space */
224145Sdim        while (isspace((unsigned char)*keyword))
245431Sdim            keyword++;
245431Sdim
224145Sdim        /* Look for = sign */
245431Sdim        p = strchr(linebuf, '=');
245431Sdim
245431Sdim        /* If no = just copy */
224145Sdim        if (!p) {
245431Sdim            if (fputs(olinebuf, out) < 0)
245431Sdim                goto error;
245431Sdim            continue;
245431Sdim        }
245431Sdim
245431Sdim        q = p - 1;
245431Sdim
245431Sdim        /* Remove trailing space */
245431Sdim        while (isspace((unsigned char)*q))
245431Sdim            *q-- = 0;
245431Sdim
245431Sdim        *p = 0;
245431Sdim        value = p + 1;
245431Sdim
245431Sdim        /* Remove leading space from value */
245431Sdim        while (isspace((unsigned char)*value))
245431Sdim            value++;
245431Sdim
245431Sdim        /* Remove trailing space from value */
245431Sdim        p = value + strlen(value) - 1;
245431Sdim
245431Sdim        while (*p == '\n' || isspace((unsigned char)*p))
245431Sdim            *p-- = 0;
210299Sed
245431Sdim        /* Look for [mod = XXX] for key length */
245431Sdim
208600Srdivacky        if (!strcmp(keyword, "[mod")) {
245431Sdim            p = value + strlen(value) - 1;
245431Sdim            if (*p != ']')
208600Srdivacky                goto parse_error;
208600Srdivacky            *p = 0;
208600Srdivacky            keylen = atoi(value);
193326Sed            if (keylen < 0)
224145Sdim                goto parse_error;
193326Sed        } else if (!strcmp(keyword, "SHAAlg")) {
198092Srdivacky            if (!strcmp(value, "SHA1"))
221345Sdim                dgst = EVP_sha1();
221345Sdim            else if (!strcmp(value, "SHA224"))
224145Sdim                dgst = EVP_sha224();
221345Sdim            else if (!strcmp(value, "SHA256"))
221345Sdim                dgst = EVP_sha256();
224145Sdim            else if (!strcmp(value, "SHA384"))
193326Sed                dgst = EVP_sha384();
193326Sed            else if (!strcmp(value, "SHA512"))
210299Sed                dgst = EVP_sha512();
210299Sed            else {
210299Sed                fprintf(stderr,
224145Sdim                        "FATAL: unsupported algorithm \"%s\"\n", value);
210299Sed                goto parse_error;
210299Sed            }
210299Sed        } else if (!strcmp(keyword, "Msg")) {
210299Sed            if (Msg)
210299Sed                goto parse_error;
210299Sed            if (strlen(value) & 1)
210299Sed                *(--value) = '0';
210299Sed            Msg = hex2bin_m(value, &Msglen);
210299Sed            if (!Msg)
210299Sed                goto parse_error;
210299Sed        }
210299Sed
193326Sed        fputs(olinebuf, out);
224145Sdim
224145Sdim        /*
224145Sdim         * If key length has changed, generate and output public key
224145Sdim         * components of new RSA private key.
224145Sdim         */
224145Sdim
224145Sdim        if (keylen != current_keylen) {
224145Sdim            BIGNUM *bn_e;
224145Sdim            if (rsa)
224145Sdim                FIPS_rsa_free(rsa);
224145Sdim            rsa = FIPS_rsa_new();
224145Sdim            if (!rsa)
224145Sdim                goto error;
224145Sdim            bn_e = BN_new();
224145Sdim            if (!bn_e || !BN_set_word(bn_e, 0x1001))
224145Sdim                goto error;
224145Sdim            if (!RSA_X931_generate_key_ex(rsa, keylen, bn_e, NULL))
224145Sdim                goto error;
224145Sdim            BN_free(bn_e);
224145Sdim            fputs("n = ", out);
224145Sdim            do_bn_print(out, rsa->n);
224145Sdim            fputs("\ne = ", out);
224145Sdim            do_bn_print(out, rsa->e);
224145Sdim            fputs("\n", out);
224145Sdim            current_keylen = keylen;
224145Sdim        }
235633Sdim
224145Sdim        if (Msg && dgst) {
224145Sdim            if (!rsa_printsig(out, rsa, dgst, Msg, Msglen, Saltlen))
224145Sdim                goto error;
224145Sdim            OPENSSL_free(Msg);
224145Sdim            Msg = NULL;
224145Sdim        }
224145Sdim
224145Sdim    }
224145Sdim
224145Sdim    ret = 1;
193326Sed
193326Sed error:
193326Sed
193326Sed    if (olinebuf)
224145Sdim        OPENSSL_free(olinebuf);
224145Sdim    if (linebuf)
224145Sdim        OPENSSL_free(linebuf);
224145Sdim    if (rsa)
224145Sdim        FIPS_rsa_free(rsa);
224145Sdim
224145Sdim    return ret;
224145Sdim
210299Sed parse_error:
210299Sed
193326Sed    fprintf(stderr, "FATAL parse error processing line %d\n", lnum);
208600Srdivacky
208600Srdivacky    goto error;
208600Srdivacky
208600Srdivacky}
208600Srdivacky
208600Srdivackystatic int rsa_printsig(FILE *out, RSA *rsa, const EVP_MD *dgst,
218893Sdim                        unsigned char *Msg, long Msglen, int Saltlen)
218893Sdim{
218893Sdim    int ret = 0;
218893Sdim    unsigned char *sigbuf = NULL;
218893Sdim    int i, siglen;
218893Sdim    /* EVP_PKEY structure */
218893Sdim    EVP_PKEY pk;
218893Sdim    EVP_MD_CTX ctx;
218893Sdim    pk.type = EVP_PKEY_RSA;
218893Sdim    pk.pkey.rsa = rsa;
218893Sdim
208600Srdivacky    siglen = RSA_size(rsa);
208600Srdivacky    sigbuf = OPENSSL_malloc(siglen);
208600Srdivacky    if (!sigbuf)
208600Srdivacky        goto error;
210299Sed
210299Sed    EVP_MD_CTX_init(&ctx);
210299Sed
210299Sed    if (Saltlen >= 0) {
210299Sed        M_EVP_MD_CTX_set_flags(&ctx,
210299Sed                               EVP_MD_CTX_FLAG_PAD_PSS | (Saltlen << 16));
210299Sed    } else if (Saltlen == -2)
210299Sed        M_EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_PAD_X931);
210299Sed    if (!EVP_SignInit_ex(&ctx, dgst, NULL))
208600Srdivacky        goto error;
193326Sed    if (!EVP_SignUpdate(&ctx, Msg, Msglen))
193326Sed        goto error;
193326Sed    if (!EVP_SignFinal(&ctx, sigbuf, (unsigned int *)&siglen, &pk))
193326Sed        goto error;
208600Srdivacky
208600Srdivacky    EVP_MD_CTX_cleanup(&ctx);
245431Sdim
245431Sdim    fputs("S = ", out);
245431Sdim
245431Sdim    for (i = 0; i < siglen; i++)
245431Sdim        fprintf(out, "%02X", sigbuf[i]);
245431Sdim
245431Sdim    fputs("\n", out);
245431Sdim
245431Sdim    ret = 1;
245431Sdim
245431Sdim error:
245431Sdim
245431Sdim    return ret;
245431Sdim}
245431Sdim#endif
245431Sdim