]>
git.ipfire.org Git - thirdparty/openssl.git/blob - fips-1.0/dsa/fips_dssvs.c
1 #include <openssl/opensslconf.h>
8 printf("No FIPS DSA support\n");
13 #include <openssl/bn.h>
14 #include <openssl/dsa.h>
15 #include <openssl/fips.h>
16 #include <openssl/err.h>
17 #include <openssl/evp.h>
18 #include <openssl/fips_sha.h>
24 static void pbn(const char *name
, BIGNUM
*bn
)
28 len
= BN_num_bytes(bn
);
29 tmp
= OPENSSL_malloc(len
);
32 fprintf(stderr
, "Memory allocation error\n");
36 printf("%s = ", name
);
37 for (i
= 0; i
< len
; i
++)
38 printf("%02X", tmp
[i
]);
48 char *keyword
, *value
;
50 while(fgets(buf
,sizeof buf
,stdin
) != NULL
)
53 if (!parse_line(&keyword
, &value
, lbuf
, buf
))
55 if(!strcmp(keyword
,"Prime"))
61 printf("result= %c\n",
62 BN_is_prime_ex(pp
,20,NULL
,NULL
) ? 'P' : 'F');
71 char *keyword
, *value
;
74 while(fgets(buf
,sizeof buf
,stdin
) != NULL
)
76 if (!parse_line(&keyword
, &value
, lbuf
, buf
))
81 if(!strcmp(keyword
,"[mod"))
83 else if(!strcmp(keyword
,"N"))
87 printf("[mod = %d]\n\n",nmod
);
91 unsigned char seed
[20];
97 if (!DSA_generate_parameters_ex(dsa
, nmod
,seed
,0,&counter
,&h
,NULL
))
103 printf("c = %d\n",counter
);
104 printf("H = %lx\n",h
);
117 char *keyword
, *value
;
120 while(fgets(buf
,sizeof buf
,stdin
) != NULL
)
122 if (!parse_line(&keyword
, &value
, lbuf
, buf
))
127 if(!strcmp(keyword
,"[mod"))
129 else if(!strcmp(keyword
,"N"))
134 printf("[mod = %d]\n\n",nmod
);
135 dsa
= FIPS_dsa_new();
136 if (!DSA_generate_parameters_ex(dsa
, nmod
,NULL
,0,NULL
,NULL
,NULL
))
145 if (!DSA_generate_key(dsa
))
149 pbn("X",dsa
->priv_key
);
150 pbn("Y",dsa
->pub_key
);
161 char *keyword
, *value
;
165 while(fgets(buf
,sizeof buf
,stdin
) != NULL
)
167 if (!parse_line(&keyword
, &value
, lbuf
, buf
))
172 if(!strcmp(keyword
,"[mod"))
175 printf("[mod = %d]\n\n",nmod
);
178 dsa
= FIPS_dsa_new();
179 if (!DSA_generate_parameters_ex(dsa
, nmod
,NULL
,0,NULL
,NULL
,NULL
))
186 else if(!strcmp(keyword
,"Msg"))
188 unsigned char msg
[1024];
189 unsigned char sbuf
[60];
195 EVP_MD_CTX_init(&mctx
);
197 n
=hex2bin(value
,msg
);
200 if (!DSA_generate_key(dsa
))
202 pk
.type
= EVP_PKEY_DSA
;
204 pbn("Y",dsa
->pub_key
);
206 EVP_SignInit_ex(&mctx
, EVP_dss1(), NULL
);
207 EVP_SignUpdate(&mctx
, msg
, n
);
208 EVP_SignFinal(&mctx
, sbuf
, &slen
, &pk
);
211 FIPS_dsa_sig_decode(sig
, sbuf
, slen
);
217 EVP_MD_CTX_cleanup(&mctx
);
229 unsigned char msg
[1024];
231 char *keyword
, *value
;
233 unsigned char hash
[20];
234 DSA_SIG sg
, *sig
= &sg
;
239 while(fgets(buf
,sizeof buf
,stdin
) != NULL
)
241 if (!parse_line(&keyword
, &value
, lbuf
, buf
))
246 if(!strcmp(keyword
,"[mod"))
253 else if(!strcmp(keyword
,"P"))
254 dsa
->p
=hex2bn(value
);
255 else if(!strcmp(keyword
,"Q"))
256 dsa
->q
=hex2bn(value
);
257 else if(!strcmp(keyword
,"G"))
259 dsa
->g
=hex2bn(value
);
261 printf("[mod = %d]\n\n",nmod
);
267 else if(!strcmp(keyword
,"Msg"))
270 n
=hex2bin(value
,msg
);
274 else if(!strcmp(keyword
,"Y"))
275 dsa
->pub_key
=hex2bn(value
);
276 else if(!strcmp(keyword
,"R"))
277 sig
->r
=hex2bn(value
);
278 else if(!strcmp(keyword
,"S"))
282 unsigned char sigbuf
[60];
285 EVP_MD_CTX_init(&mctx
);
286 pk
.type
= EVP_PKEY_DSA
;
288 sig
->s
=hex2bn(value
);
290 pbn("Y",dsa
->pub_key
);
294 slen
= FIPS_dsa_sig_encode(sigbuf
, sig
);
295 EVP_VerifyInit_ex(&mctx
, EVP_dss1(), NULL
);
296 EVP_VerifyUpdate(&mctx
, msg
, n
);
297 r
= EVP_VerifyFinal(&mctx
, sigbuf
, slen
, &pk
);
298 EVP_MD_CTX_cleanup(&mctx
);
300 printf("Result = %c\n", r
== 1 ? 'P' : 'F');
306 int main(int argc
,char **argv
)
310 fprintf(stderr
,"%s [prime|pqg]\n",argv
[0]);
313 if(!FIPS_mode_set(1))
318 if(!strcmp(argv
[1],"prime"))
320 else if(!strcmp(argv
[1],"pqg"))
322 else if(!strcmp(argv
[1],"keypair"))
324 else if(!strcmp(argv
[1],"siggen"))
326 else if(!strcmp(argv
[1],"sigver"))
330 fprintf(stderr
,"Don't know how to %s.\n",argv
[1]);