Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
btwise
openssl
提交
ad478495
O
openssl
项目概览
btwise
/
openssl
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
O
openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
ad478495
编写于
5月 06, 2011
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Return error codes for selftest failure instead of hard assertion errors.
上级
6b7be581
变更
7
隐藏空白更改
内联
并排
Showing
7 changed file
with
65 addition
and
11 deletion
+65
-11
crypto/fips_err.h
crypto/fips_err.h
+9
-0
fips/dsa/fips_dsa_sign.c
fips/dsa/fips_dsa_sign.c
+11
-3
fips/fips.h
fips/fips.h
+9
-0
fips/rand/fips_rand.c
fips/rand/fips_rand.c
+5
-1
fips/rsa/fips_rsa_sign.c
fips/rsa/fips_rsa_sign.c
+11
-3
fips/utl/fips_enc.c
fips/utl/fips_enc.c
+10
-2
fips/utl/fips_md.c
fips/utl/fips_md.c
+10
-2
未找到文件。
crypto/fips_err.h
浏览文件 @
ad478495
...
...
@@ -83,8 +83,12 @@ static ERR_STRING_DATA FIPS_str_functs[]=
{
ERR_FUNC
(
FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT
),
"FIPS_check_incore_fingerprint"
},
{
ERR_FUNC
(
FIPS_F_FIPS_CHECK_RSA
),
"fips_check_rsa"
},
{
ERR_FUNC
(
FIPS_F_FIPS_CHECK_RSA_PRNG
),
"fips_check_rsa_prng"
},
{
ERR_FUNC
(
FIPS_F_FIPS_CIPHER
),
"FIPS_CIPHER"
},
{
ERR_FUNC
(
FIPS_F_FIPS_CIPHERINIT
),
"FIPS_CIPHERINIT"
},
{
ERR_FUNC
(
FIPS_F_FIPS_CIPHER_CTX_CTRL
),
"FIPS_CIPHER_CTX_CTRL"
},
{
ERR_FUNC
(
FIPS_F_FIPS_DIGESTFINAL
),
"FIPS_DIGESTFINAL"
},
{
ERR_FUNC
(
FIPS_F_FIPS_DIGESTINIT
),
"FIPS_DIGESTINIT"
},
{
ERR_FUNC
(
FIPS_F_FIPS_DIGESTUPDATE
),
"FIPS_DIGESTUPDATE"
},
{
ERR_FUNC
(
FIPS_F_FIPS_DRBG_BYTES
),
"FIPS_DRBG_BYTES"
},
{
ERR_FUNC
(
FIPS_F_FIPS_DRBG_CHECK
),
"FIPS_DRBG_CHECK"
},
{
ERR_FUNC
(
FIPS_F_FIPS_DRBG_CPRNG_TEST
),
"FIPS_DRBG_CPRNG_TEST"
},
...
...
@@ -95,6 +99,8 @@ static ERR_STRING_DATA FIPS_str_functs[]=
{
ERR_FUNC
(
FIPS_F_FIPS_DRBG_NEW
),
"FIPS_drbg_new"
},
{
ERR_FUNC
(
FIPS_F_FIPS_DRBG_RESEED
),
"FIPS_drbg_reseed"
},
{
ERR_FUNC
(
FIPS_F_FIPS_DRBG_SINGLE_KAT
),
"FIPS_DRBG_SINGLE_KAT"
},
{
ERR_FUNC
(
FIPS_F_FIPS_DSA_SIGN_DIGEST
),
"FIPS_dsa_sign_digest"
},
{
ERR_FUNC
(
FIPS_F_FIPS_DSA_VERIFY_DIGEST
),
"FIPS_dsa_verify_digest"
},
{
ERR_FUNC
(
FIPS_F_FIPS_GET_ENTROPY
),
"FIPS_GET_ENTROPY"
},
{
ERR_FUNC
(
FIPS_F_FIPS_MODE_SET
),
"FIPS_mode_set"
},
{
ERR_FUNC
(
FIPS_F_FIPS_PKEY_SIGNATURE_TEST
),
"fips_pkey_signature_test"
},
...
...
@@ -104,6 +110,8 @@ static ERR_STRING_DATA FIPS_str_functs[]=
{
ERR_FUNC
(
FIPS_F_FIPS_RAND_SEED
),
"FIPS_rand_seed"
},
{
ERR_FUNC
(
FIPS_F_FIPS_RAND_SET_METHOD
),
"FIPS_rand_set_method"
},
{
ERR_FUNC
(
FIPS_F_FIPS_RAND_STATUS
),
"FIPS_rand_status"
},
{
ERR_FUNC
(
FIPS_F_FIPS_RSA_SIGN_DIGEST
),
"FIPS_rsa_sign_digest"
},
{
ERR_FUNC
(
FIPS_F_FIPS_RSA_VERIFY_DIGEST
),
"FIPS_rsa_verify_digest"
},
{
ERR_FUNC
(
FIPS_F_FIPS_SELFTEST_AES
),
"FIPS_selftest_aes"
},
{
ERR_FUNC
(
FIPS_F_FIPS_SELFTEST_AES_CCM
),
"FIPS_selftest_aes_ccm"
},
{
ERR_FUNC
(
FIPS_F_FIPS_SELFTEST_AES_GCM
),
"FIPS_selftest_aes_gcm"
},
...
...
@@ -115,6 +123,7 @@ static ERR_STRING_DATA FIPS_str_functs[]=
{
ERR_FUNC
(
FIPS_F_FIPS_SELFTEST_HMAC
),
"FIPS_selftest_hmac"
},
{
ERR_FUNC
(
FIPS_F_FIPS_SELFTEST_SHA1
),
"FIPS_selftest_sha1"
},
{
ERR_FUNC
(
FIPS_F_FIPS_SELFTEST_X931
),
"FIPS_selftest_x931"
},
{
ERR_FUNC
(
FIPS_F_FIPS_SET_PRNG_KEY
),
"FIPS_SET_PRNG_KEY"
},
{
ERR_FUNC
(
FIPS_F_HASH_FINAL
),
"HASH_FINAL"
},
{
ERR_FUNC
(
FIPS_F_RSA_BUILTIN_KEYGEN
),
"RSA_BUILTIN_KEYGEN"
},
{
ERR_FUNC
(
FIPS_F_RSA_EAY_INIT
),
"RSA_EAY_INIT"
},
...
...
fips/dsa/fips_dsa_sign.c
浏览文件 @
ad478495
...
...
@@ -3,7 +3,7 @@
* project 2007.
*/
/* ====================================================================
* Copyright (c) 20
07
The OpenSSL Project. All rights reserved.
* Copyright (c) 20
11
The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
...
...
@@ -84,7 +84,11 @@ DSA_SIG * FIPS_dsa_sign_ctx(DSA *dsa, EVP_MD_CTX *ctx)
DSA_SIG
*
FIPS_dsa_sign_digest
(
DSA
*
dsa
,
const
unsigned
char
*
dig
,
int
dlen
)
{
FIPS_selftest_check
();
if
(
FIPS_selftest_failed
())
{
FIPSerr
(
FIPS_F_FIPS_DSA_SIGN_DIGEST
,
FIPS_R_SELFTEST_FAILED
);
return
NULL
;
}
return
dsa
->
meth
->
dsa_do_sign
(
dig
,
dlen
,
dsa
);
}
...
...
@@ -102,7 +106,11 @@ int FIPS_dsa_verify_ctx(DSA *dsa, EVP_MD_CTX *ctx, DSA_SIG *s)
int
FIPS_dsa_verify_digest
(
DSA
*
dsa
,
const
unsigned
char
*
dig
,
int
dlen
,
DSA_SIG
*
s
)
{
FIPS_selftest_check
();
if
(
FIPS_selftest_failed
())
{
FIPSerr
(
FIPS_F_FIPS_DSA_VERIFY_DIGEST
,
FIPS_R_SELFTEST_FAILED
);
return
-
1
;
}
return
dsa
->
meth
->
dsa_do_verify
(
dig
,
dlen
,
s
,
dsa
);
}
...
...
fips/fips.h
浏览文件 @
ad478495
...
...
@@ -249,8 +249,12 @@ void ERR_load_FIPS_strings(void);
#define FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT 107
#define FIPS_F_FIPS_CHECK_RSA 108
#define FIPS_F_FIPS_CHECK_RSA_PRNG 150
#define FIPS_F_FIPS_CIPHER 160
#define FIPS_F_FIPS_CIPHERINIT 109
#define FIPS_F_FIPS_CIPHER_CTX_CTRL 161
#define FIPS_F_FIPS_DIGESTFINAL 158
#define FIPS_F_FIPS_DIGESTINIT 110
#define FIPS_F_FIPS_DIGESTUPDATE 159
#define FIPS_F_FIPS_DRBG_BYTES 111
#define FIPS_F_FIPS_DRBG_CHECK 146
#define FIPS_F_FIPS_DRBG_CPRNG_TEST 112
...
...
@@ -261,6 +265,8 @@ void ERR_load_FIPS_strings(void);
#define FIPS_F_FIPS_DRBG_NEW 117
#define FIPS_F_FIPS_DRBG_RESEED 118
#define FIPS_F_FIPS_DRBG_SINGLE_KAT 119
#define FIPS_F_FIPS_DSA_SIGN_DIGEST 154
#define FIPS_F_FIPS_DSA_VERIFY_DIGEST 155
#define FIPS_F_FIPS_GET_ENTROPY 147
#define FIPS_F_FIPS_MODE_SET 120
#define FIPS_F_FIPS_PKEY_SIGNATURE_TEST 121
...
...
@@ -270,6 +276,8 @@ void ERR_load_FIPS_strings(void);
#define FIPS_F_FIPS_RAND_SEED 125
#define FIPS_F_FIPS_RAND_SET_METHOD 126
#define FIPS_F_FIPS_RAND_STATUS 127
#define FIPS_F_FIPS_RSA_SIGN_DIGEST 156
#define FIPS_F_FIPS_RSA_VERIFY_DIGEST 157
#define FIPS_F_FIPS_SELFTEST_AES 128
#define FIPS_F_FIPS_SELFTEST_AES_CCM 145
#define FIPS_F_FIPS_SELFTEST_AES_GCM 129
...
...
@@ -281,6 +289,7 @@ void ERR_load_FIPS_strings(void);
#define FIPS_F_FIPS_SELFTEST_HMAC 134
#define FIPS_F_FIPS_SELFTEST_SHA1 135
#define FIPS_F_FIPS_SELFTEST_X931 136
#define FIPS_F_FIPS_SET_PRNG_KEY 153
#define FIPS_F_HASH_FINAL 137
#define FIPS_F_RSA_BUILTIN_KEYGEN 138
#define FIPS_F_RSA_EAY_INIT 149
...
...
fips/rand/fips_rand.c
浏览文件 @
ad478495
...
...
@@ -136,7 +136,11 @@ static void fips_rand_prng_reset(FIPS_PRNG_CTX *ctx)
static
int
fips_set_prng_key
(
FIPS_PRNG_CTX
*
ctx
,
const
unsigned
char
*
key
,
unsigned
int
keylen
)
{
FIPS_selftest_check
();
if
(
FIPS_selftest_failed
())
{
FIPSerr
(
FIPS_F_FIPS_SET_PRNG_KEY
,
FIPS_R_SELFTEST_FAILED
);
return
0
;
}
if
(
keylen
!=
16
&&
keylen
!=
24
&&
keylen
!=
32
)
{
/* error: invalid key size */
...
...
fips/rsa/fips_rsa_sign.c
浏览文件 @
ad478495
...
...
@@ -219,7 +219,11 @@ int FIPS_rsa_sign_digest(RSA *rsa, const unsigned char *md, int md_len,
/* Largest DigestInfo: 19 (max encoding) + max MD */
unsigned
char
tmpdinfo
[
19
+
EVP_MAX_MD_SIZE
];
FIPS_selftest_check
();
if
(
FIPS_selftest_failed
())
{
FIPSerr
(
FIPS_F_FIPS_RSA_SIGN_DIGEST
,
FIPS_R_SELFTEST_FAILED
);
return
0
;
}
md_type
=
M_EVP_MD_type
(
mhash
);
...
...
@@ -322,14 +326,18 @@ int FIPS_rsa_verify_digest(RSA *rsa, const unsigned char *dig, int diglen,
int
md_type
;
int
rsa_dec_pad_mode
;
if
(
FIPS_selftest_failed
())
{
FIPSerr
(
FIPS_F_FIPS_RSA_VERIFY_DIGEST
,
FIPS_R_SELFTEST_FAILED
);
return
0
;
}
if
(
siglen
!=
(
unsigned
int
)
RSA_size
(
rsa
))
{
RSAerr
(
RSA_F_FIPS_RSA_VERIFY_DIGEST
,
RSA_R_WRONG_SIGNATURE_LENGTH
);
return
(
0
);
}
FIPS_selftest_check
();
md_type
=
M_EVP_MD_type
(
mhash
);
s
=
OPENSSL_malloc
((
unsigned
int
)
siglen
);
...
...
fips/utl/fips_enc.c
浏览文件 @
ad478495
...
...
@@ -256,11 +256,15 @@ int FIPS_cipher_ctx_cleanup(EVP_CIPHER_CTX *c)
int
FIPS_cipher_ctx_ctrl
(
EVP_CIPHER_CTX
*
ctx
,
int
type
,
int
arg
,
void
*
ptr
)
{
int
ret
;
if
(
FIPS_selftest_failed
())
{
FIPSerr
(
FIPS_F_FIPS_CIPHER_CTX_CTRL
,
FIPS_R_SELFTEST_FAILED
);
return
0
;
}
if
(
!
ctx
->
cipher
)
{
EVPerr
(
EVP_F_FIPS_CIPHER_CTX_CTRL
,
EVP_R_NO_CIPHER_SET
);
return
0
;
}
FIPS_selftest_check
();
if
(
!
ctx
->
cipher
->
ctrl
)
{
EVPerr
(
EVP_F_FIPS_CIPHER_CTX_CTRL
,
EVP_R_CTRL_NOT_IMPLEMENTED
);
...
...
@@ -327,6 +331,10 @@ int FIPS_cipher_ctx_set_key_length(EVP_CIPHER_CTX *ctx, int keylen)
int
FIPS_cipher
(
EVP_CIPHER_CTX
*
ctx
,
unsigned
char
*
out
,
const
unsigned
char
*
in
,
unsigned
int
inl
)
{
FIPS_selftest_check
();
if
(
FIPS_selftest_failed
())
{
FIPSerr
(
FIPS_F_FIPS_CIPHER
,
FIPS_R_SELFTEST_FAILED
);
return
-
1
;
}
return
ctx
->
cipher
->
do_cipher
(
ctx
,
out
,
in
,
inl
);
}
fips/utl/fips_md.c
浏览文件 @
ad478495
...
...
@@ -204,7 +204,11 @@ int FIPS_digestinit(EVP_MD_CTX *ctx, const EVP_MD *type)
int
FIPS_digestupdate
(
EVP_MD_CTX
*
ctx
,
const
void
*
data
,
size_t
count
)
{
FIPS_selftest_check
();
if
(
FIPS_selftest_failed
())
{
FIPSerr
(
FIPS_F_FIPS_DIGESTUPDATE
,
FIPS_R_SELFTEST_FAILED
);
return
0
;
}
return
ctx
->
update
(
ctx
,
data
,
count
);
}
...
...
@@ -213,7 +217,11 @@ int FIPS_digestfinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
{
int
ret
;
FIPS_selftest_check
();
if
(
FIPS_selftest_failed
())
{
FIPSerr
(
FIPS_F_FIPS_DIGESTFINAL
,
FIPS_R_SELFTEST_FAILED
);
return
0
;
}
OPENSSL_assert
(
ctx
->
digest
->
md_size
<=
EVP_MAX_MD_SIZE
);
ret
=
ctx
->
digest
->
final
(
ctx
,
md
);
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录