From: slontis Date: Mon, 30 Sep 2024 01:12:38 +0000 (+1000) Subject: Change FIPS self tests to use EVP_PKEY_sign/verify API. X-Git-Tag: openssl-3.5.0-alpha1~1052 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=923baa12e149e92d2599dddbb490ed0201465bed;p=thirdparty%2Fopenssl.git Change FIPS self tests to use EVP_PKEY_sign/verify API. Self tests no longer use the EVP_DigestSign/Verify API's. Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/25570) --- diff --git a/providers/fips/self_test_data.inc b/providers/fips/self_test_data.inc index 65ed70f4064..4384ef1cb89 100644 --- a/providers/fips/self_test_data.inc +++ b/providers/fips/self_test_data.inc @@ -56,7 +56,7 @@ typedef struct st_kat_st { /* FIPS 140-3 only allows DSA verification for legacy purposes */ #define SIGNATURE_MODE_VERIFY_ONLY 1 #define SIGNATURE_MODE_SIGN_ONLY 2 -#define SIGNATURE_MODE_ONESHOT 4 +#define SIGNATURE_MODE_DIGESTED 4 typedef ST_KAT ST_KAT_DIGEST; typedef struct st_kat_cipher_st { @@ -117,8 +117,8 @@ typedef struct st_kat_kas_st { typedef struct st_kat_sign_st { const char *desc; - const char *algorithm; - const char *mdalgorithm; + const char *keytype; + const char *sigalgorithm; int mode; const ST_KAT_PARAM *key; const unsigned char *msg; @@ -1651,7 +1651,7 @@ static const unsigned char sig_kat_persstr[] = { static const ST_KAT_SIGN st_kat_sign_tests[] = { { OSSL_SELF_TEST_DESC_SIGN_RSA, - "RSA", "SHA-256", 0, + "RSA", "RSA-SHA256", 0, rsa_crt_key, ITM_STR(rsa_sig_msg), ITM(sig_kat_entropyin), @@ -1662,7 +1662,7 @@ static const ST_KAT_SIGN st_kat_sign_tests[] = { #ifndef OPENSSL_NO_EC { OSSL_SELF_TEST_DESC_SIGN_ECDSA, - "EC", "SHA-256", 0, + "EC", "ECDSA-SHA256", 0, ecdsa_prime_key, ITM_STR(rsa_sig_msg), ITM(sig_kat_entropyin), @@ -1673,7 +1673,7 @@ static const ST_KAT_SIGN st_kat_sign_tests[] = { # ifndef OPENSSL_NO_EC2M { OSSL_SELF_TEST_DESC_SIGN_ECDSA, - "EC", "SHA-256", 0, + "EC", "ECDSA-SHA256", 0, ecdsa_bin_key, ITM_STR(rsa_sig_msg), ITM(sig_kat_entropyin), @@ -1685,7 +1685,7 @@ static const ST_KAT_SIGN st_kat_sign_tests[] = { # ifndef OPENSSL_NO_ECX { OSSL_SELF_TEST_DESC_SIGN_EDDSA, - "ED448", NULL, SIGNATURE_MODE_ONESHOT, + "ED448", "ED448", 0, ed448_key, ITM(ecx_sig_msg), NULL, 0, NULL, 0, NULL, 0, @@ -1693,7 +1693,7 @@ static const ST_KAT_SIGN st_kat_sign_tests[] = { }, { OSSL_SELF_TEST_DESC_SIGN_EDDSA, - "ED25519", NULL, SIGNATURE_MODE_ONESHOT, + "ED25519", "ED25519", 0, ed25519_key, ITM(ecx_sig_msg), NULL, 0, NULL, 0, NULL, 0, @@ -1704,7 +1704,7 @@ static const ST_KAT_SIGN st_kat_sign_tests[] = { #ifndef OPENSSL_NO_DSA { OSSL_SELF_TEST_DESC_SIGN_DSA, - "DSA", "SHA-256", SIGNATURE_MODE_VERIFY_ONLY, + "DSA", "DSA-SHA256", SIGNATURE_MODE_VERIFY_ONLY, dsa_key, ITM_STR(rsa_sig_msg), ITM(sig_kat_entropyin), diff --git a/providers/fips/self_test_kats.c b/providers/fips/self_test_kats.c index 8c9c5b5b34b..d62a7b7c835 100644 --- a/providers/fips/self_test_kats.c +++ b/providers/fips/self_test_kats.c @@ -452,15 +452,19 @@ static int self_test_digest_sign(const ST_KAT_SIGN *t, int ret = 0; OSSL_PARAM *paramskey = NULL, *paramsinit = NULL; OSSL_PARAM_BLD *bldkey = NULL, *bldinit = NULL; - EVP_MD_CTX *mctx = NULL; + EVP_SIGNATURE *sigalg = NULL; + EVP_PKEY_CTX *ctx = NULL; EVP_PKEY_CTX *fromctx = NULL; EVP_PKEY *pkey = NULL; unsigned char sig[256]; BN_CTX *bnctx = NULL; size_t siglen = sizeof(sig); - int oneshot = 0; + int digested = 0; const char *typ = OSSL_SELF_TEST_TYPE_KAT_SIGNATURE; + if (t->sig_expected_len > sizeof(sig)) + goto err; + if (t->sig_expected == NULL) typ = OSSL_SELF_TEST_TYPE_PCT_SIGNATURE; @@ -481,71 +485,69 @@ static int self_test_digest_sign(const ST_KAT_SIGN *t, if (bldkey == NULL || bldinit == NULL) goto err; - if (!add_params(bldkey, t->key, bnctx)) - goto err; - if (!add_params(bldinit, t->init, bnctx)) + if (!add_params(bldkey, t->key, bnctx) + || !add_params(bldinit, t->init, bnctx)) goto err; paramskey = OSSL_PARAM_BLD_to_param(bldkey); paramsinit = OSSL_PARAM_BLD_to_param(bldinit); - fromctx = EVP_PKEY_CTX_new_from_name(libctx, t->algorithm, ""); + fromctx = EVP_PKEY_CTX_new_from_name(libctx, t->keytype, NULL); if (fromctx == NULL - || paramskey == NULL - || paramsinit == NULL) + || paramskey == NULL + || paramsinit == NULL) goto err; if (EVP_PKEY_fromdata_init(fromctx) <= 0 - || EVP_PKEY_fromdata(fromctx, &pkey, EVP_PKEY_KEYPAIR, paramskey) <= 0) + || EVP_PKEY_fromdata(fromctx, &pkey, EVP_PKEY_KEYPAIR, paramskey) <= 0) goto err; - mctx = EVP_MD_CTX_new(); - if (mctx == NULL) + sigalg = EVP_SIGNATURE_fetch(libctx, t->sigalgorithm, NULL); + if (sigalg == NULL) + goto err; + ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, NULL); + if (ctx == NULL) goto err; - oneshot = ((t->mode & SIGNATURE_MODE_ONESHOT) != 0); + digested = ((t->mode & SIGNATURE_MODE_DIGESTED) != 0); if ((t->mode & SIGNATURE_MODE_VERIFY_ONLY) != 0) { memcpy(sig, t->sig_expected, t->sig_expected_len); siglen = t->sig_expected_len; } else { - if (EVP_DigestSignInit_ex(mctx, NULL, t->mdalgorithm, libctx, NULL, - pkey, paramsinit) <= 0) - goto err; - - if (oneshot) { - if (EVP_DigestSign(mctx, sig, &siglen, t->msg, t->msg_len) <= 0) + if (digested) { + if (EVP_PKEY_sign_init_ex2(ctx, sigalg, paramsinit) <= 0) goto err; } else { - if (EVP_DigestSignUpdate(mctx, t->msg, t->msg_len) <= 0 - || EVP_DigestSignFinal(mctx, sig, &siglen) <= 0) + if (EVP_PKEY_sign_message_init(ctx, sigalg, paramsinit) <= 0) goto err; } + if (EVP_PKEY_sign(ctx, sig, &siglen, t->msg, t->msg_len) <= 0) + goto err; if (t->sig_expected != NULL - && (siglen != t->sig_expected_len - || memcmp(sig, t->sig_expected, t->sig_expected_len) != 0)) + && (siglen != t->sig_expected_len + || memcmp(sig, t->sig_expected, t->sig_expected_len) != 0)) goto err; } if ((t->mode & SIGNATURE_MODE_SIGN_ONLY) == 0) { - if (EVP_DigestVerifyInit_ex(mctx, NULL, t->mdalgorithm, libctx, NULL, - pkey, paramsinit) <= 0) - goto err; - OSSL_SELF_TEST_oncorrupt_byte(st, sig); - if (oneshot) { - if (EVP_DigestVerify(mctx, sig, siglen, t->msg, t->msg_len) <= 0) + if (digested) { + if (EVP_PKEY_verify_init_ex2(ctx, sigalg, NULL) <= 0) goto err; } else { - if (EVP_DigestVerifyUpdate(mctx, t->msg, t->msg_len) <= 0 - || EVP_DigestVerifyFinal(mctx, sig, siglen) <= 0) + if (EVP_PKEY_verify_message_init(ctx, sigalg, NULL) <= 0) goto err; } + OSSL_SELF_TEST_oncorrupt_byte(st, sig); + if (EVP_PKEY_verify(ctx, sig, siglen, t->msg, t->msg_len) <= 0) + goto err; } ret = 1; err: BN_CTX_free(bnctx); EVP_PKEY_free(pkey); EVP_PKEY_CTX_free(fromctx); - EVP_MD_CTX_free(mctx); + EVP_PKEY_CTX_free(ctx); + EVP_SIGNATURE_free(sigalg); OSSL_PARAM_free(paramskey); OSSL_PARAM_free(paramsinit); OSSL_PARAM_BLD_free(bldkey);