]> git.ipfire.org Git - thirdparty/openssl.git/blame - fips-1.0/dsa/fips_dssvs.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Avoid warnings. Fix fips_dssvs program.
[thirdparty/openssl.git] / fips-1.0 / dsa / fips_dssvs.c
CommitLineData
aeb9ccfa
DSH		 1#include <openssl/opensslconf.h>
2
3#ifndef OPENSSL_FIPS
4#include <stdio.h>
5
6int main()
7{
8 printf("No FIPS DSA support\n");
9 return(0);
10}
11#else
12
13#include <openssl/bn.h>
14#include <openssl/dsa.h>
15#include <openssl/fips.h>
16#include <openssl/err.h>
ff03c6bc 17#include <openssl/evp.h>
aeb9ccfa
DSH		 18#include <openssl/fips_sha.h>
19#include <string.h>
20#include <ctype.h>
21
22#include "fips_utl.h"
23
24static void pbn(const char *name, BIGNUM *bn)
25 {
26 int len, i;
27 unsigned char *tmp;
28 len = BN_num_bytes(bn);
29 tmp = OPENSSL_malloc(len);
30 if (!tmp)
31 {
32 fprintf(stderr, "Memory allocation error\n");
33 return;
34 }
35 BN_bn2bin(bn, tmp);
36 printf("%s = ", name);
37 for (i = 0; i < len; i++)
38 printf("%02X", tmp[i]);
39 fputs("\n", stdout);
40 OPENSSL_free(tmp);
41 return;
42 }
43
44void primes()
45 {
46 char buf[10240];
47 char lbuf[10240];
48 char *keyword, *value;
49
50 while(fgets(buf,sizeof buf,stdin) != NULL)
51 {
52 fputs(buf,stdout);
53 if (!parse_line(&keyword, &value, lbuf, buf))
54 continue;
55 if(!strcmp(keyword,"Prime"))
56 {
57 BIGNUM *pp;
58
59 pp=BN_new();
60 do_hex2bn(&pp,value);
61 printf("result= %c\n",
62 BN_is_prime_ex(pp,20,NULL,NULL) ? 'P' : 'F');
63 }
64 }
65 }
66
67void pqg()
68 {
69 char buf[1024];
70 char lbuf[1024];
71 char *keyword, *value;
72 int nmod=0;
73
74 while(fgets(buf,sizeof buf,stdin) != NULL)
75 {
76 if (!parse_line(&keyword, &value, lbuf, buf))
77 {
78 fputs(buf,stdout);
79 continue;
80 }
81 if(!strcmp(keyword,"[mod"))
82 nmod=atoi(value);
83 else if(!strcmp(keyword,"N"))
84 {
85 int n=atoi(value);
86
87 printf("[mod = %d]\n\n",nmod);
88
89 while(n--)
90 {
91 unsigned char seed[20];
92 DSA *dsa;
93 int counter;
94 unsigned long h;
95 dsa = FIPS_dsa_new();
96
ddb0cb5b
DSH		 97 if (!DSA_generate_parameters_ex(dsa, nmod,seed,0,&counter,&h,NULL))
98 do_print_errors();
aeb9ccfa
DSH		 99 pbn("P",dsa->p);
100 pbn("Q",dsa->q);
101 pbn("G",dsa->g);
102 pv("Seed",seed,20);
103 printf("c = %d\n",counter);
104 printf("H = %lx\n",h);
105 putc('\n',stdout);
106 }
107 }
108 else
109 fputs(buf,stdout);
110 }
111 }
112
113void keypair()
114 {
115 char buf[1024];
116 char lbuf[1024];
117 char *keyword, *value;
118 int nmod=0;
119
120 while(fgets(buf,sizeof buf,stdin) != NULL)
121 {
122 if (!parse_line(&keyword, &value, lbuf, buf))
123 {
124 fputs(buf,stdout);
125 continue;
126 }
127 if(!strcmp(keyword,"[mod"))
128 nmod=atoi(value);
129 else if(!strcmp(keyword,"N"))
130 {
131 DSA *dsa;
132 int n=atoi(value);
133
134 printf("[mod = %d]\n\n",nmod);
135 dsa = FIPS_dsa_new();
ddb0cb5b
DSH		 136 if (!DSA_generate_parameters_ex(dsa, nmod,NULL,0,NULL,NULL,NULL))
137 do_print_errors();
aeb9ccfa
DSH		 138 pbn("P",dsa->p);
139 pbn("Q",dsa->q);
140 pbn("G",dsa->g);
141 putc('\n',stdout);
142
143 while(n--)
144 {
ddb0cb5b
DSH		 145 if (!DSA_generate_key(dsa))
146 do_print_errors();
147
aeb9ccfa
DSH		 148
149 pbn("X",dsa->priv_key);
150 pbn("Y",dsa->pub_key);
151 putc('\n',stdout);
152 }
153 }
154 }
155 }
156
157void siggen()
158 {
159 char buf[1024];
160 char lbuf[1024];
161 char *keyword, *value;
162 int nmod=0;
163 DSA *dsa=NULL;
164
165 while(fgets(buf,sizeof buf,stdin) != NULL)
166 {
167 if (!parse_line(&keyword, &value, lbuf, buf))
168 {
169 fputs(buf,stdout);
170 continue;
171 }
172 if(!strcmp(keyword,"[mod"))
173 {
174 nmod=atoi(value);
175 printf("[mod = %d]\n\n",nmod);
ddb0cb5b
DSH		 176 if (dsa)
177 FIPS_dsa_free(dsa);
aeb9ccfa 178 dsa = FIPS_dsa_new();
ddb0cb5b
DSH		 179 if (!DSA_generate_parameters_ex(dsa, nmod,NULL,0,NULL,NULL,NULL))
180 do_print_errors();
aeb9ccfa
DSH		 181 pbn("P",dsa->p);
182 pbn("Q",dsa->q);
183 pbn("G",dsa->g);
184 putc('\n',stdout);
185 }
186 else if(!strcmp(keyword,"Msg"))
187 {
188 unsigned char msg[1024];
ff03c6bc
DSH		 189 unsigned char sbuf[60];
190 unsigned int slen;
aeb9ccfa 191 int n;
ff03c6bc
DSH		 192 EVP_PKEY pk;
193 EVP_MD_CTX mctx;
aeb9ccfa 194 DSA_SIG *sig;
ff03c6bc 195 EVP_MD_CTX_init(&mctx);
aeb9ccfa
DSH		 196
197 n=hex2bin(value,msg);
198 pv("Msg",msg,n);
199
ddb0cb5b
DSH		 200 if (!DSA_generate_key(dsa))
201 do_print_errors();
ff03c6bc
DSH		 202 pk.type = EVP_PKEY_DSA;
203 pk.pkey.dsa = dsa;
aeb9ccfa
DSH		 204 pbn("Y",dsa->pub_key);
205
ff03c6bc
DSH		 206 EVP_SignInit_ex(&mctx, EVP_dss1(), NULL);
207 EVP_SignUpdate(&mctx, msg, n);
208 EVP_SignFinal(&mctx, sbuf, &slen, &pk);
209
210 sig = DSA_SIG_new();
211 FIPS_dsa_sig_decode(sig, sbuf, slen);
212
aeb9ccfa
DSH		 213 pbn("R",sig->r);
214 pbn("S",sig->s);
215 putc('\n',stdout);
ddb0cb5b 216 DSA_SIG_free(sig);
ff03c6bc 217 EVP_MD_CTX_cleanup(&mctx);
aeb9ccfa
DSH		 218 }
219 }
ddb0cb5b
DSH		 220 if (dsa)
221 FIPS_dsa_free(dsa);
aeb9ccfa
DSH		 222 }
223
224void sigver()
225 {
226 DSA *dsa=NULL;
227 char buf[1024];
228 char lbuf[1024];
ff03c6bc
DSH		 229 unsigned char msg[1024];
230 int n;
aeb9ccfa
DSH		 231 char *keyword, *value;
232 int nmod=0;
233 unsigned char hash[20];
234 DSA_SIG sg, *sig = &sg;
235
236 sig->r = NULL;
237 sig->s = NULL;
238
239 while(fgets(buf,sizeof buf,stdin) != NULL)
240 {
241 if (!parse_line(&keyword, &value, lbuf, buf))
242 {
243 fputs(buf,stdout);
244 continue;
245 }
246 if(!strcmp(keyword,"[mod"))
247 {
248 nmod=atoi(value);
249 if(dsa)
250 FIPS_dsa_free(dsa);
251 dsa=FIPS_dsa_new();
252 }
253 else if(!strcmp(keyword,"P"))
254 dsa->p=hex2bn(value);
255 else if(!strcmp(keyword,"Q"))
256 dsa->q=hex2bn(value);
257 else if(!strcmp(keyword,"G"))
258 {
259 dsa->g=hex2bn(value);
260
261 printf("[mod = %d]\n\n",nmod);
262 pbn("P",dsa->p);
263 pbn("Q",dsa->q);
264 pbn("G",dsa->g);
265 putc('\n',stdout);
266 }
267 else if(!strcmp(keyword,"Msg"))
268 {
aeb9ccfa
DSH		 269
270 n=hex2bin(value,msg);
271 pv("Msg",msg,n);
272 SHA1(msg,n,hash);
273 }
274 else if(!strcmp(keyword,"Y"))
275 dsa->pub_key=hex2bn(value);
276 else if(!strcmp(keyword,"R"))
277 sig->r=hex2bn(value);
278 else if(!strcmp(keyword,"S"))
279 {
ff03c6bc
DSH		 280 EVP_MD_CTX mctx;
281 EVP_PKEY pk;
282 unsigned char sigbuf[60];
283 unsigned int slen;
284 int r;
285 EVP_MD_CTX_init(&mctx);
286 pk.type = EVP_PKEY_DSA;
287 pk.pkey.dsa = dsa;
aeb9ccfa
DSH		 288 sig->s=hex2bn(value);
289
290 pbn("Y",dsa->pub_key);
291 pbn("R",sig->r);
292 pbn("S",sig->s);
ff03c6bc
DSH		 293
294 slen = FIPS_dsa_sig_encode(sigbuf, sig);
295 EVP_VerifyInit_ex(&mctx, EVP_dss1(), NULL);
296 EVP_VerifyUpdate(&mctx, msg, n);
297 r = EVP_VerifyFinal(&mctx, sigbuf, slen, &pk);
298 EVP_MD_CTX_cleanup(&mctx);
299
300 printf("Result = %c\n", r == 1 ? 'P' : 'F');
aeb9ccfa
DSH		 301 putc('\n',stdout);
302 }
303 }
304 }
305
306int main(int argc,char **argv)
307 {
308 if(argc != 2)
309 {
310 fprintf(stderr,"%s [prime|pqg]\n",argv[0]);
311 exit(1);
312 }
313 if(!FIPS_mode_set(1))
314 {
315 do_print_errors();
316 exit(1);
317 }
318 if(!strcmp(argv[1],"prime"))
319 primes();
320 else if(!strcmp(argv[1],"pqg"))
321 pqg();
322 else if(!strcmp(argv[1],"keypair"))
323 keypair();
324 else if(!strcmp(argv[1],"siggen"))
325 siggen();
326 else if(!strcmp(argv[1],"sigver"))
327 sigver();
328 else
329 {
330 fprintf(stderr,"Don't know how to %s.\n",argv[1]);
331 exit(1);
332 }
333
334 return 0;
335 }
336
337#endif
A mirror of the official openssl repository