]>
Commit | Line | Data |
---|---|---|
59f3477b | 1 | /* fips_rsagtest.c */ |
40720ce3 MC |
2 | /* |
3 | * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project | |
4 | * 2005. | |
59f3477b DSH |
5 | */ |
6 | /* ==================================================================== | |
7 | * Copyright (c) 2005,2007 The OpenSSL Project. All rights reserved. | |
8 | * | |
9 | * Redistribution and use in source and binary forms, with or without | |
10 | * modification, are permitted provided that the following conditions | |
11 | * are met: | |
12 | * | |
13 | * 1. Redistributions of source code must retain the above copyright | |
40720ce3 | 14 | * notice, this list of conditions and the following disclaimer. |
59f3477b DSH |
15 | * |
16 | * 2. Redistributions in binary form must reproduce the above copyright | |
17 | * notice, this list of conditions and the following disclaimer in | |
18 | * the documentation and/or other materials provided with the | |
19 | * distribution. | |
20 | * | |
21 | * 3. All advertising materials mentioning features or use of this | |
22 | * software must display the following acknowledgment: | |
23 | * "This product includes software developed by the OpenSSL Project | |
24 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | |
25 | * | |
26 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | |
27 | * endorse or promote products derived from this software without | |
28 | * prior written permission. For written permission, please contact | |
29 | * licensing@OpenSSL.org. | |
30 | * | |
31 | * 5. Products derived from this software may not be called "OpenSSL" | |
32 | * nor may "OpenSSL" appear in their names without prior written | |
33 | * permission of the OpenSSL Project. | |
34 | * | |
35 | * 6. Redistributions of any form whatsoever must retain the following | |
36 | * acknowledgment: | |
37 | * "This product includes software developed by the OpenSSL Project | |
38 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | |
39 | * | |
40 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | |
41 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
42 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
43 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | |
44 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
45 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
46 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
47 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
49 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
50 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
51 | * OF THE POSSIBILITY OF SUCH DAMAGE. | |
52 | * ==================================================================== | |
53 | * | |
54 | * This product includes cryptographic software written by Eric Young | |
55 | * (eay@cryptsoft.com). This product includes software written by Tim | |
56 | * Hudson (tjh@cryptsoft.com). | |
57 | * | |
58 | */ | |
59 | ||
60 | #include <stdio.h> | |
61 | #include <ctype.h> | |
62 | #include <string.h> | |
63 | #include <openssl/bio.h> | |
64 | #include <openssl/evp.h> | |
65 | #include <openssl/hmac.h> | |
66 | #include <openssl/err.h> | |
155ad6d2 | 67 | #include <openssl/bn.h> |
59f3477b DSH |
68 | #include <openssl/x509v3.h> |
69 | ||
70 | #ifndef OPENSSL_FIPS | |
71 | ||
72 | int main(int argc, char *argv[]) | |
73 | { | |
74 | printf("No FIPS RSA support\n"); | |
40720ce3 | 75 | return (0); |
59f3477b DSH |
76 | } |
77 | ||
78 | #else | |
79 | ||
40720ce3 MC |
80 | # include <openssl/rsa.h> |
81 | # include "fips_utl.h" | |
59f3477b DSH |
82 | |
83 | int rsa_test(FILE *out, FILE *in); | |
84 | static int rsa_printkey1(FILE *out, RSA *rsa, | |
40720ce3 | 85 | BIGNUM *Xp1, BIGNUM *Xp2, BIGNUM *Xp, BIGNUM *e); |
59f3477b | 86 | static int rsa_printkey2(FILE *out, RSA *rsa, |
40720ce3 | 87 | BIGNUM *Xq1, BIGNUM *Xq2, BIGNUM *Xq); |
59f3477b DSH |
88 | |
89 | int main(int argc, char **argv) | |
40720ce3 MC |
90 | { |
91 | FILE *in = NULL, *out = NULL; | |
59f3477b | 92 | |
40720ce3 | 93 | int ret = 1; |
59f3477b | 94 | |
40720ce3 MC |
95 | if (!FIPS_mode_set(1)) { |
96 | do_print_errors(); | |
97 | goto end; | |
98 | } | |
59f3477b | 99 | |
40720ce3 MC |
100 | if (argc == 1) |
101 | in = stdin; | |
102 | else | |
103 | in = fopen(argv[1], "r"); | |
59f3477b | 104 | |
40720ce3 MC |
105 | if (argc < 2) |
106 | out = stdout; | |
107 | else | |
108 | out = fopen(argv[2], "w"); | |
59f3477b | 109 | |
40720ce3 MC |
110 | if (!in) { |
111 | fprintf(stderr, "FATAL input initialization error\n"); | |
112 | goto end; | |
113 | } | |
59f3477b | 114 | |
40720ce3 MC |
115 | if (!out) { |
116 | fprintf(stderr, "FATAL output initialization error\n"); | |
117 | goto end; | |
118 | } | |
59f3477b | 119 | |
40720ce3 MC |
120 | if (!rsa_test(out, in)) { |
121 | fprintf(stderr, "FATAL RSAGTEST file processing error\n"); | |
122 | goto end; | |
123 | } else | |
124 | ret = 0; | |
59f3477b | 125 | |
40720ce3 | 126 | end: |
59f3477b | 127 | |
40720ce3 MC |
128 | if (ret) |
129 | do_print_errors(); | |
59f3477b | 130 | |
40720ce3 MC |
131 | if (in && (in != stdin)) |
132 | fclose(in); | |
133 | if (out && (out != stdout)) | |
134 | fclose(out); | |
59f3477b | 135 | |
40720ce3 | 136 | return ret; |
59f3477b | 137 | |
40720ce3 | 138 | } |
59f3477b | 139 | |
40720ce3 | 140 | # define RSA_TEST_MAXLINELEN 10240 |
59f3477b DSH |
141 | |
142 | int rsa_test(FILE *out, FILE *in) | |
40720ce3 MC |
143 | { |
144 | char *linebuf, *olinebuf, *p, *q; | |
145 | char *keyword, *value; | |
146 | RSA *rsa = NULL; | |
147 | BIGNUM *Xp1 = NULL, *Xp2 = NULL, *Xp = NULL; | |
148 | BIGNUM *Xq1 = NULL, *Xq2 = NULL, *Xq = NULL; | |
149 | BIGNUM *e = NULL; | |
150 | int ret = 0; | |
151 | int lnum = 0; | |
152 | ||
153 | olinebuf = OPENSSL_malloc(RSA_TEST_MAXLINELEN); | |
154 | linebuf = OPENSSL_malloc(RSA_TEST_MAXLINELEN); | |
155 | ||
156 | if (!linebuf || !olinebuf) | |
157 | goto error; | |
158 | ||
159 | while (fgets(olinebuf, RSA_TEST_MAXLINELEN, in)) { | |
160 | lnum++; | |
161 | strcpy(linebuf, olinebuf); | |
162 | keyword = linebuf; | |
163 | /* Skip leading space */ | |
164 | while (isspace((unsigned char)*keyword)) | |
165 | keyword++; | |
166 | ||
167 | /* Look for = sign */ | |
168 | p = strchr(linebuf, '='); | |
169 | ||
170 | /* | |
171 | * If no = or starts with [ (for [foo = bar] line) just copy | |
172 | */ | |
173 | if (!p || *keyword == '[') { | |
174 | if (fputs(olinebuf, out) < 0) | |
175 | goto error; | |
176 | continue; | |
177 | } | |
178 | ||
179 | q = p - 1; | |
180 | ||
181 | /* Remove trailing space */ | |
182 | while (isspace((unsigned char)*q)) | |
183 | *q-- = 0; | |
184 | ||
185 | *p = 0; | |
186 | value = p + 1; | |
187 | ||
188 | /* Remove leading space from value */ | |
189 | while (isspace((unsigned char)*value)) | |
190 | value++; | |
191 | ||
192 | /* Remove trailing space from value */ | |
193 | p = value + strlen(value) - 1; | |
194 | ||
195 | while (*p == '\n' || isspace((unsigned char)*p)) | |
196 | *p-- = 0; | |
197 | ||
198 | if (!strcmp(keyword, "xp1")) { | |
199 | if (Xp1 || !do_hex2bn(&Xp1, value)) | |
200 | goto parse_error; | |
201 | } else if (!strcmp(keyword, "xp2")) { | |
202 | if (Xp2 || !do_hex2bn(&Xp2, value)) | |
203 | goto parse_error; | |
204 | } else if (!strcmp(keyword, "Xp")) { | |
205 | if (Xp || !do_hex2bn(&Xp, value)) | |
206 | goto parse_error; | |
207 | } else if (!strcmp(keyword, "xq1")) { | |
208 | if (Xq1 || !do_hex2bn(&Xq1, value)) | |
209 | goto parse_error; | |
210 | } else if (!strcmp(keyword, "xq2")) { | |
211 | if (Xq2 || !do_hex2bn(&Xq2, value)) | |
212 | goto parse_error; | |
213 | } else if (!strcmp(keyword, "Xq")) { | |
214 | if (Xq || !do_hex2bn(&Xq, value)) | |
215 | goto parse_error; | |
216 | } else if (!strcmp(keyword, "e")) { | |
217 | if (e || !do_hex2bn(&e, value)) | |
218 | goto parse_error; | |
219 | } else if (!strcmp(keyword, "p1")) | |
220 | continue; | |
221 | else if (!strcmp(keyword, "p2")) | |
222 | continue; | |
223 | else if (!strcmp(keyword, "p")) | |
224 | continue; | |
225 | else if (!strcmp(keyword, "q1")) | |
226 | continue; | |
227 | else if (!strcmp(keyword, "q2")) | |
228 | continue; | |
229 | else if (!strcmp(keyword, "q")) | |
230 | continue; | |
231 | else if (!strcmp(keyword, "n")) | |
232 | continue; | |
233 | else if (!strcmp(keyword, "d")) | |
234 | continue; | |
235 | else | |
236 | goto parse_error; | |
237 | ||
238 | fputs(olinebuf, out); | |
239 | ||
240 | if (e && Xp1 && Xp2 && Xp) { | |
241 | rsa = FIPS_rsa_new(); | |
242 | if (!rsa) | |
243 | goto error; | |
244 | if (!rsa_printkey1(out, rsa, Xp1, Xp2, Xp, e)) | |
245 | goto error; | |
246 | BN_free(Xp1); | |
247 | Xp1 = NULL; | |
248 | BN_free(Xp2); | |
249 | Xp2 = NULL; | |
250 | BN_free(Xp); | |
251 | Xp = NULL; | |
252 | BN_free(e); | |
253 | e = NULL; | |
254 | } | |
255 | ||
256 | if (rsa && Xq1 && Xq2 && Xq) { | |
257 | if (!rsa_printkey2(out, rsa, Xq1, Xq2, Xq)) | |
258 | goto error; | |
259 | BN_free(Xq1); | |
260 | Xq1 = NULL; | |
261 | BN_free(Xq2); | |
262 | Xq2 = NULL; | |
263 | BN_free(Xq); | |
264 | Xq = NULL; | |
265 | FIPS_rsa_free(rsa); | |
266 | rsa = NULL; | |
267 | } | |
268 | } | |
269 | ||
270 | ret = 1; | |
271 | ||
272 | error: | |
273 | ||
274 | if (olinebuf) | |
275 | OPENSSL_free(olinebuf); | |
276 | if (linebuf) | |
277 | OPENSSL_free(linebuf); | |
278 | ||
279 | if (Xp1) | |
280 | BN_free(Xp1); | |
281 | if (Xp2) | |
282 | BN_free(Xp2); | |
283 | if (Xp) | |
284 | BN_free(Xp); | |
285 | if (Xq1) | |
286 | BN_free(Xq1); | |
287 | if (Xq1) | |
288 | BN_free(Xq1); | |
289 | if (Xq2) | |
290 | BN_free(Xq2); | |
291 | if (Xq) | |
292 | BN_free(Xq); | |
293 | if (e) | |
294 | BN_free(e); | |
295 | if (rsa) | |
296 | FIPS_rsa_free(rsa); | |
297 | ||
298 | return ret; | |
299 | ||
300 | parse_error: | |
301 | ||
302 | fprintf(stderr, "FATAL parse error processing line %d\n", lnum); | |
303 | ||
304 | goto error; | |
305 | ||
306 | } | |
59f3477b DSH |
307 | |
308 | static int rsa_printkey1(FILE *out, RSA *rsa, | |
40720ce3 MC |
309 | BIGNUM *Xp1, BIGNUM *Xp2, BIGNUM *Xp, BIGNUM *e) |
310 | { | |
311 | int ret = 0; | |
312 | BIGNUM *p1 = NULL, *p2 = NULL; | |
313 | p1 = BN_new(); | |
314 | p2 = BN_new(); | |
315 | if (!p1 || !p2) | |
316 | goto error; | |
317 | ||
318 | if (!RSA_X931_derive_ex(rsa, p1, p2, NULL, NULL, Xp1, Xp2, Xp, | |
319 | NULL, NULL, NULL, e, NULL)) | |
320 | goto error; | |
321 | ||
322 | do_bn_print_name(out, "p1", p1); | |
323 | do_bn_print_name(out, "p2", p2); | |
324 | do_bn_print_name(out, "p", rsa->p); | |
325 | ||
326 | ret = 1; | |
327 | ||
328 | error: | |
329 | if (p1) | |
330 | BN_free(p1); | |
331 | if (p2) | |
332 | BN_free(p2); | |
333 | ||
334 | return ret; | |
335 | } | |
59f3477b DSH |
336 | |
337 | static int rsa_printkey2(FILE *out, RSA *rsa, | |
40720ce3 MC |
338 | BIGNUM *Xq1, BIGNUM *Xq2, BIGNUM *Xq) |
339 | { | |
340 | int ret = 0; | |
341 | BIGNUM *q1 = NULL, *q2 = NULL; | |
342 | q1 = BN_new(); | |
343 | q2 = BN_new(); | |
344 | if (!q1 || !q2) | |
345 | goto error; | |
346 | ||
347 | if (!RSA_X931_derive_ex(rsa, NULL, NULL, q1, q2, NULL, NULL, NULL, | |
348 | Xq1, Xq2, Xq, NULL, NULL)) | |
349 | goto error; | |
350 | ||
351 | do_bn_print_name(out, "q1", q1); | |
352 | do_bn_print_name(out, "q2", q2); | |
353 | do_bn_print_name(out, "q", rsa->q); | |
354 | do_bn_print_name(out, "n", rsa->n); | |
355 | do_bn_print_name(out, "d", rsa->d); | |
356 | ||
357 | ret = 1; | |
358 | ||
359 | error: | |
360 | if (q1) | |
361 | BN_free(q1); | |
362 | if (q2) | |
363 | BN_free(q2); | |
364 | ||
365 | return ret; | |
366 | } | |
59f3477b DSH |
367 | |
368 | #endif |