提交 96ec46f7 编写于 作者: D Dr. Stephen Henson

Implement health checks needed by SP800-90.

Fix warnings.

Instantiate DRBGs at maximum strength.
上级 27131fe8
......@@ -4,6 +4,11 @@
Changes between 1.0.1 and 1.1.0 [xx XXX xxxx]
*) Extensive self tests and health checking required by SP800-90 DRBG.
Remove strength parameter from FIPS_drbg_instantiate and always
instantiate at maximum supported strength.
[Steve Henson]
*) Add SRP support.
[Tom Wu <tjw@cs.stanford.edu> and Ben Laurie]
......
......@@ -84,6 +84,7 @@ static ERR_STRING_DATA FIPS_str_functs[]=
{ERR_FUNC(FIPS_F_FIPS_CIPHERINIT), "FIPS_CIPHERINIT"},
{ERR_FUNC(FIPS_F_FIPS_DIGESTINIT), "FIPS_DIGESTINIT"},
{ERR_FUNC(FIPS_F_FIPS_DRBG_GENERATE), "FIPS_drbg_generate"},
{ERR_FUNC(FIPS_F_FIPS_DRBG_HEALTH_CHECK), "FIPS_DRBG_HEALTH_CHECK"},
{ERR_FUNC(FIPS_F_FIPS_DRBG_INIT), "FIPS_drbg_init"},
{ERR_FUNC(FIPS_F_FIPS_DRBG_INSTANTIATE), "FIPS_drbg_instantiate"},
{ERR_FUNC(FIPS_F_FIPS_DRBG_NEW), "FIPS_drbg_new"},
......@@ -117,6 +118,8 @@ static ERR_STRING_DATA FIPS_str_reasons[]=
{ERR_REASON(FIPS_R_CANNOT_READ_EXE) ,"cannot read exe"},
{ERR_REASON(FIPS_R_CANNOT_READ_EXE_DIGEST),"cannot read exe digest"},
{ERR_REASON(FIPS_R_CONTRADICTING_EVIDENCE),"contradicting evidence"},
{ERR_REASON(FIPS_R_ENTROPY_ERROR_UNDETECTED),"entropy error undetected"},
{ERR_REASON(FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED),"entropy not requested for reseed"},
{ERR_REASON(FIPS_R_ERROR_INITIALISING_DRBG),"error initialising drbg"},
{ERR_REASON(FIPS_R_ERROR_INSTANTIATING_DRBG),"error instantiating drbg"},
{ERR_REASON(FIPS_R_ERROR_RETRIEVING_ENTROPY),"error retrieving entropy"},
......@@ -127,7 +130,9 @@ static ERR_STRING_DATA FIPS_str_reasons[]=
{ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING),"fingerprint does not match segment aliasing"},
{ERR_REASON(FIPS_R_FIPS_MODE_ALREADY_SET),"fips mode already set"},
{ERR_REASON(FIPS_R_FIPS_SELFTEST_FAILED) ,"fips selftest failed"},
{ERR_REASON(FIPS_R_FUNCTION_ERROR) ,"function error"},
{ERR_REASON(FIPS_R_GENERATE_ERROR) ,"generate error"},
{ERR_REASON(FIPS_R_GENERATE_ERROR_UNDETECTED),"generate error undetected"},
{ERR_REASON(FIPS_R_INSTANTIATE_ERROR) ,"instantiate error"},
{ERR_REASON(FIPS_R_INSUFFICIENT_SECURITY_STRENGTH),"insufficient security strength"},
{ERR_REASON(FIPS_R_INVALID_KEY_LENGTH) ,"invalid key length"},
......@@ -136,13 +141,18 @@ static ERR_STRING_DATA FIPS_str_reasons[]=
{ERR_REASON(FIPS_R_NON_FIPS_METHOD) ,"non fips method"},
{ERR_REASON(FIPS_R_NOT_INSTANTIATED) ,"not instantiated"},
{ERR_REASON(FIPS_R_PAIRWISE_TEST_FAILED) ,"pairwise test failed"},
{ERR_REASON(FIPS_R_PERSONALISATION_ERROR_UNDETECTED),"personalisation error undetected"},
{ERR_REASON(FIPS_R_PERSONALISATION_STRING_TOO_LONG),"personalisation string too long"},
{ERR_REASON(FIPS_R_REQUEST_LENGTH_ERROR_UNDETECTED),"request length error undetected"},
{ERR_REASON(FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG),"request too large for drbg"},
{ERR_REASON(FIPS_R_RESEED_COUNTER_ERROR) ,"reseed counter error"},
{ERR_REASON(FIPS_R_RESEED_ERROR) ,"reseed error"},
{ERR_REASON(FIPS_R_RSA_DECRYPT_ERROR) ,"rsa decrypt error"},
{ERR_REASON(FIPS_R_RSA_ENCRYPT_ERROR) ,"rsa encrypt error"},
{ERR_REASON(FIPS_R_SELFTEST_FAILED) ,"selftest failed"},
{ERR_REASON(FIPS_R_STRENGTH_ERROR_UNDETECTED),"strength error undetected"},
{ERR_REASON(FIPS_R_TEST_FAILURE) ,"test failure"},
{ERR_REASON(FIPS_R_UNINSTANTIATE_ZEROISE_ERROR),"uninstantiate zeroise error"},
{ERR_REASON(FIPS_R_UNSUPPORTED_DRBG_TYPE),"unsupported drbg type"},
{ERR_REASON(FIPS_R_UNSUPPORTED_PLATFORM) ,"unsupported platform"},
{0,NULL}
......
......@@ -279,7 +279,7 @@ int main(int argc,char **argv)
int argn = argc - 1;
FILE *in, *out;
char buf[2048], lbuf[2048];
unsigned char *rhash;
unsigned char *rhash = NULL;
long rhashlen;
BIGNUM *cx = NULL, *cy = NULL;
BIGNUM *id = NULL, *ix = NULL, *iy = NULL;
......
......@@ -460,7 +460,7 @@ static int SigVer(FILE *in, FILE *out)
int main(int argc, char **argv)
{
FILE *in, *out;
FILE *in = NULL, *out = NULL;
const char *cmd = argv[1];
int rv = 0;
fips_set_error_print();
......
......@@ -194,6 +194,7 @@ void ERR_load_FIPS_strings(void);
#define FIPS_F_FIPS_CIPHERINIT 128
#define FIPS_F_FIPS_DIGESTINIT 127
#define FIPS_F_FIPS_DRBG_GENERATE 132
#define FIPS_F_FIPS_DRBG_HEALTH_CHECK 137
#define FIPS_F_FIPS_DRBG_INIT 136
#define FIPS_F_FIPS_DRBG_INSTANTIATE 133
#define FIPS_F_FIPS_DRBG_NEW 134
......@@ -224,6 +225,8 @@ void ERR_load_FIPS_strings(void);
#define FIPS_R_CANNOT_READ_EXE 103
#define FIPS_R_CANNOT_READ_EXE_DIGEST 104
#define FIPS_R_CONTRADICTING_EVIDENCE 114
#define FIPS_R_ENTROPY_ERROR_UNDETECTED 133
#define FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED 134
#define FIPS_R_ERROR_INITIALISING_DRBG 120
#define FIPS_R_ERROR_INSTANTIATING_DRBG 121
#define FIPS_R_ERROR_RETRIEVING_ENTROPY 122
......@@ -234,7 +237,9 @@ void ERR_load_FIPS_strings(void);
#define FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING 112
#define FIPS_R_FIPS_MODE_ALREADY_SET 102
#define FIPS_R_FIPS_SELFTEST_FAILED 106
#define FIPS_R_FUNCTION_ERROR 135
#define FIPS_R_GENERATE_ERROR 124
#define FIPS_R_GENERATE_ERROR_UNDETECTED 136
#define FIPS_R_INSTANTIATE_ERROR 125
#define FIPS_R_INSUFFICIENT_SECURITY_STRENGTH 132
#define FIPS_R_INVALID_KEY_LENGTH 109
......@@ -243,13 +248,18 @@ void ERR_load_FIPS_strings(void);
#define FIPS_R_NON_FIPS_METHOD 100
#define FIPS_R_NOT_INSTANTIATED 127
#define FIPS_R_PAIRWISE_TEST_FAILED 107
#define FIPS_R_PERSONALISATION_ERROR_UNDETECTED 137
#define FIPS_R_PERSONALISATION_STRING_TOO_LONG 128
#define FIPS_R_REQUEST_LENGTH_ERROR_UNDETECTED 138
#define FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG 129
#define FIPS_R_RESEED_COUNTER_ERROR 139
#define FIPS_R_RESEED_ERROR 130
#define FIPS_R_RSA_DECRYPT_ERROR 115
#define FIPS_R_RSA_ENCRYPT_ERROR 116
#define FIPS_R_SELFTEST_FAILED 101
#define FIPS_R_STRENGTH_ERROR_UNDETECTED 140
#define FIPS_R_TEST_FAILURE 117
#define FIPS_R_UNINSTANTIATE_ZEROISE_ERROR 141
#define FIPS_R_UNSUPPORTED_DRBG_TYPE 131
#define FIPS_R_UNSUPPORTED_PLATFORM 113
......
......@@ -352,7 +352,7 @@ static int drbg_ctr_generate(DRBG_CTX *dctx,
static int drbg_ctr_uninstantiate(DRBG_CTX *dctx)
{
OPENSSL_cleanse(&dctx->d.ctr, sizeof(DRBG_CTR_CTX));
memset(&dctx->d.ctr, 0, sizeof(DRBG_CTR_CTX));
return 1;
}
......@@ -385,7 +385,6 @@ int fips_drbg_ctr_init(DRBG_CTX *dctx)
dctx->generate = drbg_ctr_generate;
dctx->uninstantiate = drbg_ctr_uninstantiate;
cctx->keylen = keylen;
dctx->strength = keylen * 8;
dctx->blocklength = 16;
......@@ -423,7 +422,7 @@ int fips_drbg_ctr_init(DRBG_CTX *dctx)
}
dctx->max_request = 1<<19;
dctx->reseed_counter = DRBG_MAX_LENGTH;
dctx->reseed_interval = 1<<24;
return 1;
}
......@@ -377,6 +377,7 @@ int fips_drbg_hash_init(DRBG_CTX *dctx)
dctx->max_adin = DRBG_MAX_LENGTH;
dctx->max_request = 1<<19;
dctx->reseed_interval = 1<<24;
return 1;
}
......@@ -118,7 +118,6 @@ void FIPS_drbg_free(DRBG_CTX *dctx)
}
int FIPS_drbg_instantiate(DRBG_CTX *dctx,
int strength,
const unsigned char *pers, size_t perslen)
{
size_t entlen, noncelen;
......@@ -151,12 +150,6 @@ int FIPS_drbg_instantiate(DRBG_CTX *dctx,
goto end;
}
if (strength > dctx->strength)
{
r = FIPS_R_INSUFFICIENT_SECURITY_STRENGTH;
goto end;
}
dctx->status = DRBG_STATUS_ERROR;
entlen = dctx->get_entropy(dctx, dctx->entropy, dctx->strength,
......@@ -197,8 +190,6 @@ int FIPS_drbg_instantiate(DRBG_CTX *dctx,
dctx->status = DRBG_STATUS_READY;
dctx->reseed_counter = 1;
/* Initial test value for reseed interval */
dctx->reseed_interval = 1<<24;
end:
......@@ -208,7 +199,7 @@ int FIPS_drbg_instantiate(DRBG_CTX *dctx,
if (dctx->status == DRBG_STATUS_READY)
return 1;
if (r && !(dctx->flags & DRBG_FLAG_TEST))
if (r && !(dctx->flags & DRBG_FLAG_NOERR))
FIPSerr(FIPS_F_FIPS_DRBG_INSTANTIATE, r);
return 0;
......@@ -265,7 +256,7 @@ int FIPS_drbg_reseed(DRBG_CTX *dctx,
if (dctx->status == DRBG_STATUS_READY)
return 1;
if (r && !(dctx->flags & DRBG_FLAG_TEST))
if (r && !(dctx->flags & DRBG_FLAG_NOERR))
FIPSerr(FIPS_F_FIPS_DRBG_RESEED, r);
return 0;
......@@ -313,7 +304,7 @@ int FIPS_drbg_generate(DRBG_CTX *dctx, unsigned char *out, size_t outlen,
dctx->status = DRBG_STATUS_ERROR;
goto end;
}
if (dctx->reseed_counter > dctx->reseed_interval)
if (dctx->reseed_counter >= dctx->reseed_interval)
dctx->status = DRBG_STATUS_RESEED;
else
dctx->reseed_counter++;
......@@ -321,7 +312,7 @@ int FIPS_drbg_generate(DRBG_CTX *dctx, unsigned char *out, size_t outlen,
end:
if (r)
{
if (!(dctx->flags & DRBG_FLAG_TEST))
if (!(dctx->flags & DRBG_FLAG_NOERR))
FIPSerr(FIPS_F_FIPS_DRBG_GENERATE, r);
return 0;
}
......@@ -331,11 +322,14 @@ int FIPS_drbg_generate(DRBG_CTX *dctx, unsigned char *out, size_t outlen,
int FIPS_drbg_uninstantiate(DRBG_CTX *dctx)
{
int save_type, save_flags, rv;
save_type = dctx->type;
save_flags = dctx->flags;
int rv;
if (!dctx->uninstantiate)
return 1;
rv = dctx->uninstantiate(dctx);
OPENSSL_cleanse(dctx, sizeof(DRBG_CTX));
/* Although we'd like to cleanse here we can't because we have to
* test the uninstantiate really zeroes the data.
*/
memset(dctx, 0, sizeof(DRBG_CTX));
/* If method has problems uninstantiating, return error */
return rv;
}
......
......@@ -726,8 +726,10 @@ typedef struct
{
const unsigned char *ent;
size_t entlen;
int entcnt;
const unsigned char *nonce;
size_t noncelen;
int noncecnt;
} TEST_ENT;
static size_t test_entropy(DRBG_CTX *dctx, unsigned char *out,
......@@ -735,6 +737,7 @@ static size_t test_entropy(DRBG_CTX *dctx, unsigned char *out,
{
TEST_ENT *t = FIPS_drbg_get_app_data(dctx);
memcpy(out, t->ent, t->entlen);
t->entcnt++;
return t->entlen;
}
......@@ -743,6 +746,7 @@ static size_t test_nonce(DRBG_CTX *dctx, unsigned char *out,
{
TEST_ENT *t = FIPS_drbg_get_app_data(dctx);
memcpy(out, t->nonce, t->noncelen);
t->noncecnt++;
return t->noncelen;
}
......@@ -767,8 +771,10 @@ static int fips_drbg_single_kat(DRBG_CTX *dctx, DRBG_SELFTEST_DATA *td)
t.entlen = td->entlen;
t.nonce = td->nonce;
t.noncelen = td->noncelen;
t.entcnt = 0;
t.noncecnt = 0;
if (!FIPS_drbg_instantiate(dctx, 0, td->pers, td->perslen))
if (!FIPS_drbg_instantiate(dctx, td->pers, td->perslen))
goto err;
t.ent = td->entpr;
......@@ -796,13 +802,197 @@ static int fips_drbg_single_kat(DRBG_CTX *dctx, DRBG_SELFTEST_DATA *td)
return rv;
}
/* This is the "health check" function required by SP800-90. Induce several
* failure modes and check an error condition is set.
*/
static int fips_drbg_health_check(DRBG_CTX *dctx, DRBG_SELFTEST_DATA *td)
{
unsigned char randout[1024];
TEST_ENT t;
size_t i;
unsigned char *p = (unsigned char *)dctx;
/* Initialise DRBG */
if (!FIPS_drbg_init(dctx, td->nid, td->flags))
goto err;
if (!FIPS_drbg_set_test_mode(dctx, test_entropy, test_nonce))
goto err;
FIPS_drbg_set_app_data(dctx, &t);
t.ent = td->ent;
t.entlen = td->entlen;
t.nonce = td->nonce;
t.noncelen = td->noncelen;
t.entcnt = 0;
t.noncecnt = 0;
/* Don't report induced errors */
dctx->flags |= DRBG_FLAG_NOERR;
/* Try too large a personalisation length */
if (FIPS_drbg_instantiate(dctx, td->pers, dctx->max_pers + 1) > 0)
{
FIPSerr(FIPS_F_FIPS_DRBG_HEALTH_CHECK, FIPS_R_PERSONALISATION_ERROR_UNDETECTED);
goto err;
}
/* Test entropy source failure detection */
t.entlen = 0;
if (FIPS_drbg_instantiate(dctx, td->pers, td->perslen) > 0)
{
FIPSerr(FIPS_F_FIPS_DRBG_HEALTH_CHECK, FIPS_R_ENTROPY_ERROR_UNDETECTED);
goto err;
}
/* Try to generate output from uninstantiated DRBG */
if (FIPS_drbg_generate(dctx, randout, td->katlen, 0, 0,
td->adin, td->adinlen))
{
FIPSerr(FIPS_F_FIPS_DRBG_HEALTH_CHECK, FIPS_R_GENERATE_ERROR_UNDETECTED);
goto err;
}
/* Instantiate with valid data. NB: errors now reported again */
if (!FIPS_drbg_init(dctx, td->nid, td->flags))
goto err;
if (!FIPS_drbg_set_test_mode(dctx, test_entropy, test_nonce))
goto err;
FIPS_drbg_set_app_data(dctx, &t);
t.entlen = td->entlen;
if (!FIPS_drbg_instantiate(dctx, td->pers, td->perslen))
goto err;
/* Check generation is now OK */
if (!FIPS_drbg_generate(dctx, randout, td->katlen, 0, 0,
td->adin, td->adinlen))
goto err;
/* Try to generate with too high a strength.
*/
dctx->flags |= DRBG_FLAG_NOERR;
if (dctx->strength != 256)
{
if (FIPS_drbg_generate(dctx, randout, td->katlen, 256, 0,
td->adin, td->adinlen))
{
FIPSerr(FIPS_F_FIPS_DRBG_HEALTH_CHECK, FIPS_R_STRENGTH_ERROR_UNDETECTED);
goto err;
}
}
/* Request too much data for one request */
if (FIPS_drbg_generate(dctx, randout, dctx->max_request + 1, 0, 0,
td->adin, td->adinlen))
{
FIPSerr(FIPS_F_FIPS_DRBG_HEALTH_CHECK, FIPS_R_REQUEST_LENGTH_ERROR_UNDETECTED);
goto err;
}
/* Check prediction resistance request fails if entropy source
* failure.
*/
t.entlen = 0;
if (FIPS_drbg_generate(dctx, randout, td->katlen, 0, 1,
td->adin, td->adinlen))
{
FIPSerr(FIPS_F_FIPS_DRBG_HEALTH_CHECK, FIPS_R_ENTROPY_ERROR_UNDETECTED);
goto err;
}
/* Instantiate again with valid data */
if (!FIPS_drbg_init(dctx, td->nid, td->flags))
goto err;
if (!FIPS_drbg_set_test_mode(dctx, test_entropy, test_nonce))
goto err;
FIPS_drbg_set_app_data(dctx, &t);
t.entlen = td->entlen;
/* Test reseeding works */
dctx->reseed_interval = 2;
if (!FIPS_drbg_instantiate(dctx, td->pers, td->perslen))
goto err;
/* Check generation is now OK */
if (!FIPS_drbg_generate(dctx, randout, td->katlen, 0, 0,
td->adin, td->adinlen))
goto err;
if (!FIPS_drbg_generate(dctx, randout, td->katlen, 0, 0,
td->adin, td->adinlen))
goto err;
/* DRBG should now require a reseed */
if (dctx->status != DRBG_STATUS_RESEED)
{
FIPSerr(FIPS_F_FIPS_DRBG_HEALTH_CHECK, FIPS_R_RESEED_COUNTER_ERROR);
goto err;
}
/* Generate again and check entropy has been requested for reseed */
t.entcnt = 0;
if (!FIPS_drbg_generate(dctx, randout, td->katlen, 0, 0,
td->adin, td->adinlen))
goto err;
if (t.entcnt != 1)
{
FIPSerr(FIPS_F_FIPS_DRBG_HEALTH_CHECK, FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED);
goto err;
}
FIPS_drbg_uninstantiate(dctx);
p = (unsigned char *)dctx;
/* Standard says we have to check uninstantiate really zeroes
* the data...
*/
for (i = 0; i < sizeof(DRBG_CTX); i++)
{
if (*p != 0)
{
FIPSerr(FIPS_F_FIPS_DRBG_HEALTH_CHECK, FIPS_R_UNINSTANTIATE_ZEROISE_ERROR);
goto err;
}
p++;
}
return 1;
err:
/* A real error as opposed to an induced one: underlying function will
* indicate the error.
*/
if (!(dctx->flags & DRBG_FLAG_NOERR))
FIPSerr(FIPS_F_FIPS_DRBG_HEALTH_CHECK, FIPS_R_FUNCTION_ERROR);
FIPS_drbg_uninstantiate(dctx);
return 0;
}
int fips_drbg_kat(DRBG_CTX *dctx, int nid, unsigned int flags)
{
int rv;
DRBG_SELFTEST_DATA *td;
for (td = drbg_test; td->nid != 0; td++)
{
if (td->nid == nid && td->flags == flags)
return fips_drbg_single_kat(dctx, td);
{
rv = fips_drbg_single_kat(dctx, td);
if (rv <= 0)
return rv;
return fips_drbg_health_check(dctx, td);
}
}
return 0;
}
......@@ -815,8 +1005,12 @@ int FIPS_selftest_drbg(void)
if (!dctx)
return 0;
for (td = drbg_test; td->nid != 0; td++)
{
if (!fips_drbg_single_kat(dctx, td))
break;
if (!fips_drbg_health_check(dctx, td))
break;
}
if (td->nid == 0)
return 1;
return 0;
......
......@@ -156,9 +156,9 @@ static size_t test_nonce(DRBG_CTX *dctx, unsigned char *out,
int main(int argc,char **argv)
{
FILE *in, *out;
DRBG_CTX *dctx;
DRBG_CTX *dctx = NULL;
TEST_ENT t;
int r, nid;
int r, nid = 0;
int pr = 0;
char buf[2048], lbuf[2048];
unsigned char randout[2048];
......@@ -166,7 +166,7 @@ int main(int argc,char **argv)
unsigned char *ent = NULL, *nonce = NULL, *pers = NULL, *adin = NULL;
long entlen, noncelen, perslen, adinlen;
int df;
int df = 0;
int randoutlen = 0;
......@@ -251,7 +251,7 @@ int main(int argc,char **argv)
FIPS_drbg_set_test_mode(dctx, test_entropy, test_nonce);
FIPS_drbg_set_app_data(dctx, &t);
randoutlen = (int)FIPS_drbg_get_blocklength(dctx);
r = FIPS_drbg_instantiate(dctx, 0, pers, perslen);
r = FIPS_drbg_instantiate(dctx, pers, perslen);
if (!r)
{
fprintf(stderr, "Error instantiating DRBG\n");
......
......@@ -77,7 +77,7 @@ typedef struct drbg_ctx_st DRBG_CTX;
DRBG_CTX *FIPS_drbg_new(int type, unsigned int flags);
int FIPS_drbg_init(DRBG_CTX *dctx, int type, unsigned int flags);
int FIPS_drbg_instantiate(DRBG_CTX *dctx, int strength,
int FIPS_drbg_instantiate(DRBG_CTX *dctx,
const unsigned char *pers, size_t perslen);
int FIPS_drbg_reseed(DRBG_CTX *dctx, const unsigned char *adin, size_t adinlen);
int FIPS_drbg_generate(DRBG_CTX *dctx, unsigned char *out, size_t outlen,
......
......@@ -86,6 +86,8 @@ struct drbg_ctr_ctx_st
/* PRNG is in test state */
#define DRBG_FLAG_TEST 0x2
/* Functions shouldn't call err library */
#define DRBG_FLAG_NOERR 0x4
/* DRBG status values */
/* not initialised */
......@@ -103,7 +105,7 @@ struct drbg_ctr_ctx_st
/* A default maximum length: larger than any reasonable value used in pratice */
#define DRBG_MAX_LENGTH 0x7fffffff
#define DRBG_MAX_LENGTH 0x7ffffff0
/* DRBG context structure */
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册