1 /* ====================================================================
2 * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * openssl-core@openssl.org.
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
30 * 6. Redistributions of any form whatsoever must retain the following
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
50 #define OPENSSL_FIPSAPI
53 #include <openssl/err.h>
54 #include <openssl/fips.h>
55 #include <openssl/cmac.h>
56 #include "fips_locl.h"
61 const unsigned char key
[EVP_MAX_KEY_LENGTH
]; size_t keysize
;
62 const unsigned char msg
[64]; size_t msgsize
;
63 const unsigned char mac
[32]; size_t macsize
;
66 /* from http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf */
67 static const CMAC_KAT vector
[] = {
68 { NID_aes_128_cbc
, /* Count = 32 from CMACGenAES128.txt */
69 { 0x77,0xa7,0x7f,0xaf, 0x29,0x0c,0x1f,0xa3,
70 0x0c,0x68,0x3d,0xf1, 0x6b,0xa7,0xa7,0x7b, }, 128,
71 { 0x02,0x06,0x83,0xe1, 0xf0,0x39,0x2f,0x4c,
72 0xac,0x54,0x31,0x8b, 0x60,0x29,0x25,0x9e,
73 0x9c,0x55,0x3d,0xbc, 0x4b,0x6a,0xd9,0x98,
74 0xe6,0x4d,0x58,0xe4, 0xe7,0xdc,0x2e,0x13, }, 256,
75 { 0xfb,0xfe,0xa4,0x1b, }, 32
77 { NID_aes_192_cbc
, /* Count = 23 from CMACGenAES192.txt */
78 { 0x7b,0x32,0x39,0x13, 0x69,0xaa,0x4c,0xa9,
79 0x75,0x58,0x09,0x5b, 0xe3,0xc3,0xec,0x86,
80 0x2b,0xd0,0x57,0xce, 0xf1,0xe3,0x2d,0x62, }, 192,
82 { 0xe4,0xd9,0x34,0x0b, 0x03,0xe6,0x7d,0xef,
83 0xd4,0x96,0x9c,0xc1, 0xed,0x37,0x35,0xe6, }, 128,
85 { NID_aes_256_cbc
, /* Count = 33 from CMACGenAES256.txt */
86 { 0x0b,0x12,0x2a,0xc8, 0xf3,0x4e,0xd1,0xfe,
87 0x08,0x2a,0x36,0x25, 0xd1,0x57,0x56,0x14,
88 0x54,0x16,0x7a,0xc1, 0x45,0xa1,0x0b,0xbf,
89 0x77,0xc6,0xa7,0x05, 0x96,0xd5,0x74,0xf1, }, 256,
90 { 0x49,0x8b,0x53,0xfd, 0xec,0x87,0xed,0xcb,
91 0xf0,0x70,0x97,0xdc, 0xcd,0xe9,0x3a,0x08,
92 0x4b,0xad,0x75,0x01, 0xa2,0x24,0xe3,0x88,
93 0xdf,0x34,0x9c,0xe1, 0x89,0x59,0xfe,0x84,
94 0x85,0xf8,0xad,0x15, 0x37,0xf0,0xd8,0x96,
95 0xea,0x73,0xbe,0xdc, 0x72,0x14,0x71,0x3f, }, 384,
96 { 0xf6,0x2c,0x46,0x32, 0x9b, }, 40,
98 { NID_des_ede3_cbc
, /* Count = 41 from CMACGenTDES3.req */
99 { 0x89,0xbc,0xd9,0x52, 0xa8,0xc8,0xab,0x37,
100 0x1a,0xf4,0x8a,0xc7, 0xd0,0x70,0x85,0xd5,
101 0xef,0xf7,0x02,0xe6, 0xd6,0x2c,0xdc,0x23, }, 192,
102 { 0xfa,0x62,0x0c,0x1b, 0xbe,0x97,0x31,0x9e,
103 0x9a,0x0c,0xf0,0x49, 0x21,0x21,0xf7,0xa2,
104 0x0e,0xb0,0x8a,0x6a, 0x70,0x9d,0xcb,0xd0,
105 0x0a,0xaf,0x38,0xe4, 0xf9,0x9e,0x75,0x4e, }, 256,
106 { 0x8f,0x49,0xa1,0xb7, 0xd6,0xaa,0x22,0x58, }, 64,
110 int FIPS_selftest_cmac()
113 unsigned char out
[32];
114 const EVP_CIPHER
*cipher
;
115 CMAC_CTX
*ctx
= CMAC_CTX_new();
119 for(n
=0,t
=vector
; n
<sizeof(vector
)/sizeof(vector
[0]); n
++,t
++)
121 cipher
= FIPS_get_cipherbynid(t
->nid
);
127 subid
= M_EVP_CIPHER_nid(cipher
);
128 if (!fips_post_started(FIPS_TEST_CMAC
, subid
, 0))
130 if (!CMAC_Init(ctx
, t
->key
, t
->keysize
/8, cipher
, 0))
135 if (!CMAC_Update(ctx
, t
->msg
, t
->msgsize
/8))
141 if (!fips_post_corrupt(FIPS_TEST_CMAC
, subid
, NULL
))
143 if (!CMAC_Update(ctx
, t
->msg
, 1))
149 if (!CMAC_Final(ctx
, out
, &outlen
))
154 CMAC_CTX_cleanup(ctx
);
156 if(outlen
< t
->macsize
/8 || memcmp(out
,t
->mac
,t
->macsize
/8))
158 fips_post_failed(FIPS_TEST_CMAC
, subid
, NULL
);
161 else if (!fips_post_success(FIPS_TEST_CMAC
, subid
, NULL
))
173 fips_post_failed(FIPS_TEST_CMAC
, subid
, NULL
);
177 FIPSerr(FIPS_F_FIPS_SELFTEST_CMAC
,FIPS_R_SELFTEST_FAILED
);