]> git.ipfire.org Git - thirdparty/openssl.git/blob - fips/dsa/fips_dssvs.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Provisional, experimental support for DSA2 parameter generation algorithm.
[thirdparty/openssl.git] / fips / dsa / fips_dssvs.c
1
2 #define OPENSSL_FIPSAPI
3 #include <openssl/opensslconf.h>
4
5 #ifndef OPENSSL_FIPS
6 #include <stdio.h>
7
8 int main(int argc, char **argv)
9 {
10 printf("No FIPS DSA support\n");
11 return(0);
12 }
13 #else
14
15 #include <openssl/bn.h>
16 #include <openssl/dsa.h>
17 #include <openssl/fips.h>
18 #include <openssl/err.h>
19 #include <openssl/evp.h>
20 #include <string.h>
21 #include <ctype.h>
22
23 #include "fips_utl.h"
24
25 static int parse_mod(char *line, int *pdsa2, int *pL, int *pN,
26 const EVP_MD **pmd)
27 {
28 char lbuf[10240];
29 char *keyword, *value;
30
31 char *p;
32 p = strchr(line, ',');
33 if (!p)
34 {
35 *pL = atoi(line);
36 *pdsa2 = 0;
37 *pN = 160;
38 *pmd = EVP_sha1();
39 return 1;
40 }
41 *pdsa2 = 1;
42 *p = 0;
43 if (!parse_line(&keyword, &value, lbuf, line))
44 return 0;
45 if (strcmp(keyword, "L"))
46 return 0;
47 *pL = atoi(value);
48 strcpy(line, p + 1);
49 p = strchr(line, ',');
50 if (!p)
51 return 0;
52 *p = 0;
53 if (!parse_line(&keyword, &value, lbuf, line))
54 return 0;
55 if (strcmp(keyword, "N"))
56 return 0;
57 *pN = atoi(value);
58 strcpy(line, p + 1);
59 p = strchr(line, ']');
60 if (!p)
61 return 0;
62 *p = 0;
63 p = line;
64 while(isspace(*p))
65 p++;
66 if (!strcmp(p, "SHA-1"))
67 *pmd = EVP_sha1();
68 else if (!strcmp(p, "SHA-224"))
69 *pmd = EVP_sha224();
70 else if (!strcmp(p, "SHA-256"))
71 *pmd = EVP_sha256();
72 else if (!strcmp(p, "SHA-384"))
73 *pmd = EVP_sha384();
74 else if (!strcmp(p, "SHA-512"))
75 *pmd = EVP_sha512();
76 else
77 return 0;
78 return 1;
79 }
80
81
82
83 static void pbn(const char *name, BIGNUM *bn)
84 {
85 int len, i;
86 unsigned char *tmp;
87 len = BN_num_bytes(bn);
88 tmp = OPENSSL_malloc(len);
89 if (!tmp)
90 {
91 fprintf(stderr, "Memory allocation error\n");
92 return;
93 }
94 BN_bn2bin(bn, tmp);
95 printf("%s = ", name);
96 for (i = 0; i < len; i++)
97 printf("%02X", tmp[i]);
98 fputs("\n", stdout);
99 OPENSSL_free(tmp);
100 return;
101 }
102
103 static void primes()
104 {
105 char buf[10240];
106 char lbuf[10240];
107 char *keyword, *value;
108
109 while(fgets(buf,sizeof buf,stdin) != NULL)
110 {
111 fputs(buf,stdout);
112 if (!parse_line(&keyword, &value, lbuf, buf))
113 continue;
114 if(!strcmp(keyword,"Prime"))
115 {
116 BIGNUM *pp;
117
118 pp=BN_new();
119 do_hex2bn(&pp,value);
120 printf("result= %c\n",
121 BN_is_prime_ex(pp,20,NULL,NULL) ? 'P' : 'F');
122 }
123 }
124 }
125
126 int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
127 const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len,
128 unsigned char *seed_out,
129 int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
130 int dsa_builtin_paramgen2(DSA *ret, size_t bits, size_t qbits,
131 const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len,
132 unsigned char *seed_out,
133 int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
134
135 static void pqg()
136 {
137 char buf[1024];
138 char lbuf[1024];
139 char *keyword, *value;
140 int nmod=0;
141
142 while(fgets(buf,sizeof buf,stdin) != NULL)
143 {
144 if (!parse_line(&keyword, &value, lbuf, buf))
145 {
146 fputs(buf,stdout);
147 continue;
148 }
149 if(!strcmp(keyword,"[mod"))
150 {
151 nmod=atoi(value);
152 }
153 else if(!strcmp(keyword,"N"))
154 {
155 int n=atoi(value);
156
157 printf("[mod = %d]\n\n",nmod);
158
159 while(n--)
160 {
161 unsigned char seed[EVP_MAX_MD_SIZE];
162 DSA *dsa;
163 int counter;
164 unsigned long h;
165 dsa = FIPS_dsa_new();
166
167 if (!dsa_builtin_paramgen(dsa, nmod, 160, NULL, NULL, 0,
168 seed,&counter,&h,NULL))
169 exit(1);
170 pbn("P",dsa->p);
171 pbn("Q",dsa->q);
172 pbn("G",dsa->g);
173 pv("Seed",seed,20);
174 printf("c = %d\n",counter);
175 printf("H = %lx\n",h);
176 putc('\n',stdout);
177 }
178 }
179 else
180 fputs(buf,stdout);
181 }
182 }
183
184 static void pqgver()
185 {
186 char buf[1024];
187 char lbuf[1024];
188 char *keyword, *value;
189 BIGNUM *p = NULL, *q = NULL, *g = NULL;
190 int counter, counter2;
191 unsigned long h, h2;
192 DSA *dsa=NULL;
193 int dsa2, L, N;
194 const EVP_MD *md = NULL;
195 int seedlen;
196 unsigned char seed[1024];
197
198 while(fgets(buf,sizeof buf,stdin) != NULL)
199 {
200 if (!parse_line(&keyword, &value, lbuf, buf))
201 {
202 fputs(buf,stdout);
203 continue;
204 }
205 fputs(buf, stdout);
206 if(!strcmp(keyword,"[mod"))
207 {
208 if (!parse_mod(value, &dsa2, &L, &N, &md))
209 {
210 fprintf(stderr, "Mod Parse Error\n");
211 exit (1);
212 }
213 }
214 else if(!strcmp(keyword,"P"))
215 p=hex2bn(value);
216 else if(!strcmp(keyword,"Q"))
217 q=hex2bn(value);
218 else if(!strcmp(keyword,"G"))
219 g=hex2bn(value);
220 else if(!strcmp(keyword,"Seed"))
221 {
222 seedlen = hex2bin(value, seed);
223 if (!dsa2 && seedlen != 20)
224 {
225 fprintf(stderr, "Seed parse length error\n");
226 exit (1);
227 }
228 }
229 else if(!strcmp(keyword,"c"))
230 counter =atoi(buf+4);
231 else if(!strcmp(keyword,"H"))
232 {
233 h = atoi(value);
234 if (!p || !q || !g)
235 {
236 fprintf(stderr, "Parse Error\n");
237 exit (1);
238 }
239 dsa = FIPS_dsa_new();
240 if (!dsa2 && !dsa_builtin_paramgen(dsa, L, N, md,
241 seed, seedlen, NULL,
242 &counter2, &h2, NULL))
243 {
244 fprintf(stderr, "Parameter Generation error\n");
245 exit(1);
246 }
247 if (dsa2 && dsa_builtin_paramgen2(dsa, L, N, md,
248 seed, seedlen, NULL,
249 &counter2, &h2, NULL) < 0)
250 {
251 fprintf(stderr, "Parameter Generation error\n");
252 exit(1);
253 }
254 if (BN_cmp(dsa->p, p) || BN_cmp(dsa->q, q) || BN_cmp(dsa->g, g)
255 || (counter != counter2) || (h != h2))
256 printf("Result = F\n");
257 else
258 printf("Result = P\n");
259 BN_free(p);
260 BN_free(q);
261 BN_free(g);
262 p = NULL;
263 q = NULL;
264 g = NULL;
265 FIPS_dsa_free(dsa);
266 dsa = NULL;
267 }
268 }
269 }
270
271 /* Keypair verification routine. NB: this isn't part of the standard FIPS140-2
272 * algorithm tests. It is an additional test to perform sanity checks on the
273 * output of the KeyPair test.
274 */
275
276 static int dss_paramcheck(int nmod, BIGNUM *p, BIGNUM *q, BIGNUM *g,
277 BN_CTX *ctx)
278 {
279 BIGNUM *rem = NULL;
280 if (BN_num_bits(p) != nmod)
281 return 0;
282 if (BN_num_bits(q) != 160)
283 return 0;
284 if (BN_is_prime_ex(p, BN_prime_checks, ctx, NULL) != 1)
285 return 0;
286 if (BN_is_prime_ex(q, BN_prime_checks, ctx, NULL) != 1)
287 return 0;
288 rem = BN_new();
289 if (!BN_mod(rem, p, q, ctx) || !BN_is_one(rem)
290 || (BN_cmp(g, BN_value_one()) <= 0)
291 || !BN_mod_exp(rem, g, q, p, ctx) || !BN_is_one(rem))
292 {
293 BN_free(rem);
294 return 0;
295 }
296 /* Todo: check g */
297 BN_free(rem);
298 return 1;
299 }
300
301 static void keyver()
302 {
303 char buf[1024];
304 char lbuf[1024];
305 char *keyword, *value;
306 BIGNUM *p = NULL, *q = NULL, *g = NULL, *X = NULL, *Y = NULL;
307 BIGNUM *Y2;
308 BN_CTX *ctx = NULL;
309 int nmod=0, paramcheck = 0;
310
311 ctx = BN_CTX_new();
312 Y2 = BN_new();
313
314 while(fgets(buf,sizeof buf,stdin) != NULL)
315 {
316 if (!parse_line(&keyword, &value, lbuf, buf))
317 {
318 fputs(buf,stdout);
319 continue;
320 }
321 if(!strcmp(keyword,"[mod"))
322 {
323 if (p)
324 BN_free(p);
325 p = NULL;
326 if (q)
327 BN_free(q);
328 q = NULL;
329 if (g)
330 BN_free(g);
331 g = NULL;
332 paramcheck = 0;
333 nmod=atoi(value);
334 }
335 else if(!strcmp(keyword,"P"))
336 p=hex2bn(value);
337 else if(!strcmp(keyword,"Q"))
338 q=hex2bn(value);
339 else if(!strcmp(keyword,"G"))
340 g=hex2bn(value);
341 else if(!strcmp(keyword,"X"))
342 X=hex2bn(value);
343 else if(!strcmp(keyword,"Y"))
344 {
345 Y=hex2bn(value);
346 if (!p || !q || !g || !X || !Y)
347 {
348 fprintf(stderr, "Parse Error\n");
349 exit (1);
350 }
351 pbn("P",p);
352 pbn("Q",q);
353 pbn("G",g);
354 pbn("X",X);
355 pbn("Y",Y);
356 if (!paramcheck)
357 {
358 if (dss_paramcheck(nmod, p, q, g, ctx))
359 paramcheck = 1;
360 else
361 paramcheck = -1;
362 }
363 if (paramcheck != 1)
364 printf("Result = F\n");
365 else
366 {
367 if (!BN_mod_exp(Y2, g, X, p, ctx) || BN_cmp(Y2, Y))
368 printf("Result = F\n");
369 else
370 printf("Result = P\n");
371 }
372 BN_free(X);
373 BN_free(Y);
374 X = NULL;
375 Y = NULL;
376 }
377 }
378 if (p)
379 BN_free(p);
380 if (q)
381 BN_free(q);
382 if (g)
383 BN_free(g);
384 if (Y2)
385 BN_free(Y2);
386 }
387
388 static void keypair()
389 {
390 char buf[1024];
391 char lbuf[1024];
392 char *keyword, *value;
393 int nmod=0;
394
395 while(fgets(buf,sizeof buf,stdin) != NULL)
396 {
397 if (!parse_line(&keyword, &value, lbuf, buf))
398 {
399 fputs(buf,stdout);
400 continue;
401 }
402 if(!strcmp(keyword,"[mod"))
403 nmod=atoi(value);
404 else if(!strcmp(keyword,"N"))
405 {
406 DSA *dsa;
407 int n=atoi(value);
408
409 printf("[mod = %d]\n\n",nmod);
410 dsa = FIPS_dsa_new();
411 if (!DSA_generate_parameters_ex(dsa, nmod,NULL,0,NULL,NULL,NULL))
412 exit(1);
413 pbn("P",dsa->p);
414 pbn("Q",dsa->q);
415 pbn("G",dsa->g);
416 putc('\n',stdout);
417
418 while(n--)
419 {
420 if (!DSA_generate_key(dsa))
421 exit(1);
422
423 pbn("X",dsa->priv_key);
424 pbn("Y",dsa->pub_key);
425 putc('\n',stdout);
426 }
427 }
428 }
429 }
430
431 static void siggen()
432 {
433 char buf[1024];
434 char lbuf[1024];
435 char *keyword, *value;
436 int nmod=0;
437 DSA *dsa=NULL;
438
439 while(fgets(buf,sizeof buf,stdin) != NULL)
440 {
441 if (!parse_line(&keyword, &value, lbuf, buf))
442 {
443 fputs(buf,stdout);
444 continue;
445 }
446 if(!strcmp(keyword,"[mod"))
447 {
448 nmod=atoi(value);
449 printf("[mod = %d]\n\n",nmod);
450 if (dsa)
451 FIPS_dsa_free(dsa);
452 dsa = FIPS_dsa_new();
453 if (!DSA_generate_parameters_ex(dsa, nmod,NULL,0,NULL,NULL,NULL))
454 exit(1);
455 pbn("P",dsa->p);
456 pbn("Q",dsa->q);
457 pbn("G",dsa->g);
458 putc('\n',stdout);
459 }
460 else if(!strcmp(keyword,"Msg"))
461 {
462 unsigned char msg[1024];
463 int n;
464 EVP_MD_CTX mctx;
465 DSA_SIG *sig;
466 EVP_MD_CTX_init(&mctx);
467
468 n=hex2bin(value,msg);
469 pv("Msg",msg,n);
470
471 if (!DSA_generate_key(dsa))
472 exit(1);
473 pbn("Y",dsa->pub_key);
474
475 EVP_DigestInit_ex(&mctx, EVP_sha1(), NULL);
476 EVP_DigestUpdate(&mctx, msg, n);
477 sig = FIPS_dsa_sign_ctx(dsa, &mctx);
478
479 pbn("R",sig->r);
480 pbn("S",sig->s);
481 putc('\n',stdout);
482 DSA_SIG_free(sig);
483 EVP_MD_CTX_cleanup(&mctx);
484 }
485 }
486 if (dsa)
487 FIPS_dsa_free(dsa);
488 }
489
490 static void sigver()
491 {
492 DSA *dsa=NULL;
493 char buf[1024];
494 char lbuf[1024];
495 unsigned char msg[1024];
496 char *keyword, *value;
497 int nmod=0, n=0;
498 DSA_SIG sg, *sig = &sg;
499
500 sig->r = NULL;
501 sig->s = NULL;
502
503 while(fgets(buf,sizeof buf,stdin) != NULL)
504 {
505 if (!parse_line(&keyword, &value, lbuf, buf))
506 {
507 fputs(buf,stdout);
508 continue;
509 }
510 if(!strcmp(keyword,"[mod"))
511 {
512 nmod=atoi(value);
513 if(dsa)
514 FIPS_dsa_free(dsa);
515 dsa=FIPS_dsa_new();
516 }
517 else if(!strcmp(keyword,"P"))
518 dsa->p=hex2bn(value);
519 else if(!strcmp(keyword,"Q"))
520 dsa->q=hex2bn(value);
521 else if(!strcmp(keyword,"G"))
522 {
523 dsa->g=hex2bn(value);
524
525 printf("[mod = %d]\n\n",nmod);
526 pbn("P",dsa->p);
527 pbn("Q",dsa->q);
528 pbn("G",dsa->g);
529 putc('\n',stdout);
530 }
531 else if(!strcmp(keyword,"Msg"))
532 {
533 n=hex2bin(value,msg);
534 pv("Msg",msg,n);
535 }
536 else if(!strcmp(keyword,"Y"))
537 dsa->pub_key=hex2bn(value);
538 else if(!strcmp(keyword,"R"))
539 sig->r=hex2bn(value);
540 else if(!strcmp(keyword,"S"))
541 {
542 EVP_MD_CTX mctx;
543 int r;
544 EVP_MD_CTX_init(&mctx);
545 sig->s=hex2bn(value);
546
547 pbn("Y",dsa->pub_key);
548 pbn("R",sig->r);
549 pbn("S",sig->s);
550 EVP_DigestInit_ex(&mctx, EVP_sha1(), NULL);
551 EVP_DigestUpdate(&mctx, msg, n);
552 no_err = 1;
553 r = FIPS_dsa_verify_ctx(dsa, &mctx, sig);
554 no_err = 0;
555 EVP_MD_CTX_cleanup(&mctx);
556
557 printf("Result = %c\n", r == 1 ? 'P' : 'F');
558 putc('\n',stdout);
559 }
560 }
561 }
562
563 int main(int argc,char **argv)
564 {
565 if(argc != 2)
566 {
567 fprintf(stderr,"%s [prime|pqg|pqgver|keypair|siggen|sigver]\n",argv[0]);
568 exit(1);
569 }
570 fips_set_error_print();
571 if(!FIPS_mode_set(1))
572 exit(1);
573 if(!strcmp(argv[1],"prime"))
574 primes();
575 else if(!strcmp(argv[1],"pqg"))
576 pqg();
577 else if(!strcmp(argv[1],"pqgver"))
578 pqgver();
579 else if(!strcmp(argv[1],"keypair"))
580 keypair();
581 else if(!strcmp(argv[1],"keyver"))
582 keyver();
583 else if(!strcmp(argv[1],"siggen"))
584 siggen();
585 else if(!strcmp(argv[1],"sigver"))
586 sigver();
587 else
588 {
589 fprintf(stderr,"Don't know how to %s.\n",argv[1]);
590 exit(1);
591 }
592
593 return 0;
594 }
595
596 #endif
A mirror of the official openssl repository