Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
8038511c
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
1 年多 前同步成功
通知
10
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
8038511c
编写于
4月 14, 2011
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Update CMAC, HMAC, GCM to use new POST system.
Fix crash if callback not set.
上级
a6311f85
变更
6
隐藏空白更改
内联
并排
Showing
6 changed file
with
121 addition
and
66 deletion
+121
-66
fips/aes/fips_aes_selftest.c
fips/aes/fips_aes_selftest.c
+28
-18
fips/cmac/fips_cmac_selftest.c
fips/cmac/fips_cmac_selftest.c
+39
-22
fips/fips.h
fips/fips.h
+0
-1
fips/fips_post.c
fips/fips_post.c
+4
-2
fips/fips_test_suite.c
fips/fips_test_suite.c
+4
-4
fips/hmac/fips_hmac_selftest.c
fips/hmac/fips_hmac_selftest.c
+46
-19
未找到文件。
fips/aes/fips_aes_selftest.c
浏览文件 @
8038511c
...
...
@@ -53,6 +53,7 @@
#include <openssl/err.h>
#include <openssl/fips.h>
#include <openssl/evp.h>
#include "fips_locl.h"
#ifdef OPENSSL_FIPS
static
struct
...
...
@@ -123,22 +124,23 @@ static const unsigned char gcm_tag[] = {
0x98
,
0xf7
,
0x7e
,
0x0c
};
static
int
corrupt_aes_gcm
=
0
;
void
FIPS_corrupt_aes_gcm
(
void
)
{
corrupt_aes_gcm
=
1
;
}
int
FIPS_selftest_aes_gcm
(
void
)
{
int
ret
=
0
;
int
ret
=
0
,
do_corrupt
=
0
;
unsigned
char
out
[
128
],
tag
[
16
];
EVP_CIPHER_CTX
ctx
;
FIPS_cipher_ctx_init
(
&
ctx
);
FIPS_cipherinit
(
&
ctx
,
EVP_aes_256_gcm
(),
NULL
,
NULL
,
1
);
FIPS_cipher_ctx_ctrl
(
&
ctx
,
EVP_CTRL_GCM_SET_IVLEN
,
sizeof
(
gcm_iv
),
NULL
);
memset
(
out
,
0
,
sizeof
(
out
));
memset
(
tag
,
0
,
sizeof
(
tag
));
if
(
!
fips_post_started
(
FIPS_TEST_GCM
,
0
,
0
))
return
1
;
if
(
!
fips_post_corrupt
(
FIPS_TEST_HMAC
,
0
,
NULL
))
do_corrupt
=
1
;
if
(
!
FIPS_cipherinit
(
&
ctx
,
EVP_aes_256_gcm
(),
NULL
,
NULL
,
1
))
goto
err
;
if
(
!
FIPS_cipher_ctx_ctrl
(
&
ctx
,
EVP_CTRL_GCM_SET_IVLEN
,
sizeof
(
gcm_iv
),
NULL
))
goto
err
;
if
(
!
FIPS_cipherinit
(
&
ctx
,
NULL
,
gcm_key
,
gcm_iv
,
1
))
goto
err
;
if
(
FIPS_cipher
(
&
ctx
,
NULL
,
gcm_aad
,
sizeof
(
gcm_aad
))
<
0
)
...
...
@@ -154,13 +156,17 @@ int FIPS_selftest_aes_gcm(void)
if
(
memcmp
(
tag
,
gcm_tag
,
16
)
||
memcmp
(
out
,
gcm_ct
,
16
))
goto
err
;
memset
(
out
,
0
,
sizeof
(
out
));
/* Modify expected tag value */
if
(
corrupt_aes_gcm
)
if
(
do_corrupt
)
tag
[
0
]
++
;
FIPS_cipherinit
(
&
ctx
,
EVP_aes_256_gcm
(),
NULL
,
NULL
,
0
);
FIPS_cipher_ctx_ctrl
(
&
ctx
,
EVP_CTRL_GCM_SET_IVLEN
,
sizeof
(
gcm_iv
),
NULL
);
if
(
!
FIPS_cipherinit
(
&
ctx
,
EVP_aes_256_gcm
(),
NULL
,
NULL
,
0
))
goto
err
;
if
(
!
FIPS_cipher_ctx_ctrl
(
&
ctx
,
EVP_CTRL_GCM_SET_IVLEN
,
sizeof
(
gcm_iv
),
NULL
))
goto
err
;
if
(
!
FIPS_cipher_ctx_ctrl
(
&
ctx
,
EVP_CTRL_GCM_SET_TAG
,
16
,
tag
))
goto
err
;
if
(
!
FIPS_cipherinit
(
&
ctx
,
NULL
,
gcm_key
,
gcm_iv
,
0
))
...
...
@@ -178,13 +184,17 @@ int FIPS_selftest_aes_gcm(void)
ret
=
1
;
err:
FIPS_cipher_ctx_cleanup
(
&
ctx
);
if
(
ret
==
0
)
{
fips_post_failed
(
FIPS_TEST_GCM
,
0
,
NULL
);
FIPSerr
(
FIPS_F_FIPS_SELFTEST_AES_GCM
,
FIPS_R_SELFTEST_FAILED
);
return
0
;
}
else
return
fips_post_success
(
FIPS_TEST_GCM
,
0
,
NULL
);
FIPS_cipher_ctx_cleanup
(
&
ctx
);
return
ret
;
}
#endif
fips/cmac/fips_cmac_selftest.c
浏览文件 @
8038511c
...
...
@@ -53,6 +53,7 @@
#include <openssl/err.h>
#include <openssl/fips.h>
#include <openssl/cmac.h>
#include "fips_locl.h"
#ifdef OPENSSL_FIPS
typedef
struct
{
...
...
@@ -107,29 +108,45 @@ static const CMAC_KAT vector[] = {
};
int
FIPS_selftest_cmac
()
{
size_t
n
,
outlen
;
unsigned
char
out
[
32
];
const
EVP_CIPHER
*
cipher
;
CMAC_CTX
*
ctx
=
CMAC_CTX_new
();
const
CMAC_KAT
*
t
;
for
(
n
=
0
,
t
=
vector
;
n
<
sizeof
(
vector
)
/
sizeof
(
vector
[
0
]);
n
++
,
t
++
)
{
cipher
=
(
*
t
->
alg
)();
CMAC_Init
(
ctx
,
t
->
key
,
t
->
keysize
/
8
,
cipher
,
0
);
CMAC_Update
(
ctx
,
t
->
msg
,
t
->
msgsize
/
8
);
CMAC_Final
(
ctx
,
out
,
&
outlen
);
CMAC_CTX_cleanup
(
ctx
);
size_t
n
,
outlen
;
unsigned
char
out
[
32
];
const
EVP_CIPHER
*
cipher
;
CMAC_CTX
*
ctx
=
CMAC_CTX_new
();
const
CMAC_KAT
*
t
;
int
do_corrupt
=
0
,
rv
=
0
;
if
(
outlen
<
t
->
macsize
/
8
||
memcmp
(
out
,
t
->
mac
,
t
->
macsize
/
8
))
{
FIPSerr
(
FIPS_F_FIPS_SELFTEST_CMAC
,
FIPS_R_SELFTEST_FAILED
);
return
0
;
}
}
if
(
!
fips_post_started
(
FIPS_TEST_CMAC
,
0
,
0
))
return
1
;
if
(
!
fips_post_corrupt
(
FIPS_TEST_CMAC
,
0
,
NULL
))
for
(
n
=
0
,
t
=
vector
;
n
<
sizeof
(
vector
)
/
sizeof
(
vector
[
0
]);
n
++
,
t
++
)
{
cipher
=
(
*
t
->
alg
)();
CMAC_Init
(
ctx
,
t
->
key
,
t
->
keysize
/
8
,
cipher
,
0
);
CMAC_Update
(
ctx
,
t
->
msg
,
t
->
msgsize
/
8
);
if
(
do_corrupt
)
CMAC_Update
(
ctx
,
t
->
msg
,
1
);
CMAC_Final
(
ctx
,
out
,
&
outlen
);
CMAC_CTX_cleanup
(
ctx
);
if
(
outlen
<
t
->
macsize
/
8
||
memcmp
(
out
,
t
->
mac
,
t
->
macsize
/
8
))
{
FIPSerr
(
FIPS_F_FIPS_SELFTEST_CMAC
,
FIPS_R_SELFTEST_FAILED
);
goto
err
;
}
}
CMAC_CTX_free
(
ctx
);
return
1
;
}
rv
=
1
;
err:
CMAC_CTX_free
(
ctx
);
if
(
rv
==
0
)
{
fips_post_failed
(
FIPS_TEST_CMAC
,
0
,
NULL
);
return
0
;
}
return
fips_post_success
(
FIPS_TEST_CMAC
,
0
,
NULL
);
}
#endif
fips/fips.h
浏览文件 @
8038511c
...
...
@@ -74,7 +74,6 @@ int FIPS_selftest_failed(void);
void
FIPS_selftest_check
(
void
);
int
FIPS_selftest_sha1
(
void
);
int
FIPS_selftest_aes_gcm
(
void
);
void
FIPS_corrupt_aes_gcm
(
void
);
int
FIPS_selftest_aes
(
void
);
int
FIPS_selftest_des
(
void
);
int
FIPS_selftest_rsa
(
void
);
...
...
fips/fips_post.c
浏览文件 @
8038511c
...
...
@@ -105,12 +105,14 @@ void fips_post_end(void)
if
(
post_failure
)
{
post_status
=
FIPS_POST_STATUS_FAILED
;
fips_post_cb
(
FIPS_POST_END
,
0
,
0
,
NULL
);
if
(
fips_post_cb
)
fips_post_cb
(
FIPS_POST_END
,
0
,
0
,
NULL
);
}
else
{
post_status
=
FIPS_POST_STATUS_OK
;
fips_post_cb
(
FIPS_POST_END
,
1
,
0
,
NULL
);
if
(
fips_post_cb
)
fips_post_cb
(
FIPS_POST_END
,
1
,
0
,
NULL
);
}
}
...
...
fips/fips_test_suite.c
浏览文件 @
8038511c
...
...
@@ -743,7 +743,7 @@ static int post_cb(int op, int id, int subid, void *ex)
break
;
case
FIPS_TEST_CMAC
:
idstr
=
"
H
MAC"
;
idstr
=
"
C
MAC"
;
break
;
case
FIPS_TEST_GCM
:
...
...
@@ -845,8 +845,7 @@ int main(int argc,char **argv)
fail_id
=
FIPS_TEST_CIPHER
;
fail_sub
=
NID_aes_128_ecb
;
}
else
if
(
!
strcmp
(
argv
[
1
],
"aes-gcm"
))
{
FIPS_corrupt_aes_gcm
();
printf
(
"AES-GCM encryption/decryption with corrupted KAT...
\n
"
);
fail_id
=
FIPS_TEST_GCM
;
}
else
if
(
!
strcmp
(
argv
[
1
],
"des"
))
{
fail_id
=
FIPS_TEST_CIPHER
;
fail_sub
=
NID_des_ede3_ecb
;
...
...
@@ -877,7 +876,8 @@ int main(int argc,char **argv)
no_exit
=
1
;
}
else
if
(
!
strcmp
(
argv
[
1
],
"sha1"
))
{
fail_id
=
FIPS_TEST_DIGEST
;
fail_sub
=
NID_sha1
;
}
else
if
(
!
strcmp
(
argv
[
1
],
"hmac"
))
{
fail_id
=
FIPS_TEST_HMAC
;
}
else
if
(
!
strcmp
(
argv
[
1
],
"drbg"
))
{
FIPS_corrupt_drbg
();
}
else
if
(
!
strcmp
(
argv
[
1
],
"rng"
))
{
...
...
fips/hmac/fips_hmac_selftest.c
浏览文件 @
8038511c
...
...
@@ -53,6 +53,7 @@
#include <openssl/err.h>
#include <openssl/fips.h>
#include <openssl/hmac.h>
#include "fips_locl.h"
#ifdef OPENSSL_FIPS
typedef
struct
{
...
...
@@ -112,26 +113,52 @@ static const HMAC_KAT vector[] = {
};
int
FIPS_selftest_hmac
()
{
size_t
n
;
unsigned
int
outlen
;
unsigned
char
out
[
EVP_MAX_MD_SIZE
];
const
EVP_MD
*
md
;
const
HMAC_KAT
*
t
;
for
(
n
=
0
,
t
=
vector
;
n
<
sizeof
(
vector
)
/
sizeof
(
vector
[
0
]);
n
++
,
t
++
)
{
md
=
(
*
t
->
alg
)();
HMAC
(
md
,
t
->
key
,
strlen
(
t
->
key
),
(
const
unsigned
char
*
)
t
->
iv
,
strlen
(
t
->
iv
),
out
,
&
outlen
);
size_t
n
;
unsigned
int
outlen
;
unsigned
char
out
[
EVP_MAX_MD_SIZE
];
const
EVP_MD
*
md
;
const
HMAC_KAT
*
t
;
int
rv
=
0
,
do_corrupt
=
0
;
HMAC_CTX
c
;
HMAC_CTX_init
(
&
c
);
if
(
!
fips_post_started
(
FIPS_TEST_HMAC
,
0
,
0
))
return
1
;
if
(
!
fips_post_corrupt
(
FIPS_TEST_HMAC
,
0
,
NULL
))
do_corrupt
=
1
;
for
(
n
=
0
,
t
=
vector
;
n
<
sizeof
(
vector
)
/
sizeof
(
vector
[
0
]);
n
++
,
t
++
)
{
md
=
(
*
t
->
alg
)();
if
(
!
HMAC_Init_ex
(
&
c
,
t
->
key
,
strlen
(
t
->
key
),
md
,
NULL
))
goto
err
;
if
(
!
HMAC_Update
(
&
c
,
(
const
unsigned
char
*
)
t
->
iv
,
strlen
(
t
->
iv
)))
goto
err
;
if
(
do_corrupt
)
{
if
(
!
HMAC_Update
(
&
c
,
(
const
unsigned
char
*
)
t
->
iv
,
1
))
goto
err
;
}
if
(
!
HMAC_Final
(
&
c
,
out
,
&
outlen
))
goto
err
;
if
(
memcmp
(
out
,
t
->
kaval
,
outlen
))
{
FIPSerr
(
FIPS_F_FIPS_SELFTEST_HMAC
,
FIPS_R_SELFTEST_FAILED
);
goto
err
;
}
}
rv
=
1
;
if
(
memcmp
(
out
,
t
->
kaval
,
outlen
))
{
FIPSerr
(
FIPS_F_FIPS_SELFTEST_HMAC
,
FIPS_R_SELFTEST_FAILED
);
return
0
;
}
err:
HMAC_CTX_cleanup
(
&
c
);
if
(
rv
==
0
)
{
fips_post_failed
(
FIPS_TEST_HMAC
,
0
,
NULL
);
return
0
;
}
return
fips_post_success
(
FIPS_TEST_HMAC
,
0
,
NULL
);
}
return
1
;
}
#endif
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录