Google Git
Sign in
flutter / third_party / openssl / 8f331999f5906f2f8fdd350ee647865984831c9b / . / fips / fips_test_suite.c
blob: 6b2cdc7bf96dc14c6c97dd53ad3e7ea193a47e81 [file] [log] [blame]
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]1/* ====================================================================
2 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
3 *
4 *
5 * This command is intended as a test driver for the FIPS-140 testing
6 * lab performing FIPS-140 validation. It demonstrates the use of the
7 * OpenSSL library ito perform a variety of common cryptographic
8 * functions. A power-up self test is demonstrated by deliberately
9 * pointing to an invalid executable hash
10 *
11 * Contributed by Steve Marquess.
12 *
13 */
14
Dr. Stephen Henson7c8ced92011-01-27 15:22:26 +0000[diff] [blame]15#define OPENSSL_FIPSAPI
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]16
17#include <stdio.h>
18#include <assert.h>
19#include <ctype.h>
20#include <string.h>
21#include <stdlib.h>
22#include <openssl/evp.h>
23#include <openssl/hmac.h>
Richard Levitte37942b92011-03-24 22:57:52 +0000[diff] [blame]24#include <openssl/cmac.h>
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]25#include <openssl/sha.h>
26#include <openssl/err.h>
27
28#include <openssl/bn.h>
29#include <openssl/rand.h>
30
31#ifndef OPENSSL_FIPS
32int main(int argc, char *argv[])
33 {
34 printf("No FIPS support\n");
35 return(0);
36 }
37#else
38
39#define ERR_clear_error() while(0)
40
41#include <openssl/rsa.h>
42#include <openssl/dsa.h>
43#include <openssl/dh.h>
44
45#include <openssl/fips.h>
46#include "fips_utl.h"
47
48/* AES: encrypt and decrypt known plaintext, verify result matches original plaintext
49*/
50static int FIPS_aes_test(void)
51 {
52 int ret = 0;
53 unsigned char pltmp[16];
54 unsigned char citmp[16];
55 unsigned char key[16] = { 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16};
56 unsigned char plaintext[16] = "etaonrishdlcu";
57 EVP_CIPHER_CTX ctx;
Dr. Stephen Hensone47af462011-02-12 18:25:18 +0000[diff] [blame]58 FIPS_cipher_ctx_init(&ctx);
59 if (FIPS_cipherinit(&ctx, EVP_aes_128_ecb(), key, NULL, 1) <= 0)
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]60 goto err;
Dr. Stephen Hensone47af462011-02-12 18:25:18 +0000[diff] [blame]61 FIPS_cipher(&ctx, citmp, plaintext, 16);
62 if (FIPS_cipherinit(&ctx, EVP_aes_128_ecb(), key, NULL, 0) <= 0)
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]63 goto err;
Dr. Stephen Hensone47af462011-02-12 18:25:18 +0000[diff] [blame]64 FIPS_cipher(&ctx, pltmp, citmp, 16);
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]65 if (memcmp(pltmp, plaintext, 16))
66 goto err;
67 ret = 1;
68 err:
Dr. Stephen Hensone47af462011-02-12 18:25:18 +0000[diff] [blame]69 FIPS_cipher_ctx_cleanup(&ctx);
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]70 return ret;
71 }
72
Dr. Stephen Hensonacf254f2011-02-18 17:09:33 +0000[diff] [blame]73static int FIPS_aes_gcm_test(void)
74 {
75 int ret = 0;
76 unsigned char pltmp[16];
77 unsigned char citmp[16];
78 unsigned char tagtmp[16];
79 unsigned char key[16] = {1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16};
80 unsigned char iv[16] = {21,22,23,24,25,26,27,28,29,30,31,32};
81 unsigned char aad[] = "Some text AAD";
82 unsigned char plaintext[16] = "etaonrishdlcu";
83 EVP_CIPHER_CTX ctx;
84 FIPS_cipher_ctx_init(&ctx);
85 if (FIPS_cipherinit(&ctx, EVP_aes_128_gcm(), key, iv, 1) <= 0)
86 goto err;
87 FIPS_cipher(&ctx, NULL, aad, sizeof(aad));
88 FIPS_cipher(&ctx, citmp, plaintext, 16);
89 FIPS_cipher(&ctx, NULL, NULL, 0);
90 if (!FIPS_cipher_ctx_ctrl(&ctx, EVP_CTRL_GCM_GET_TAG, 16, tagtmp))
91 goto err;
92
93 if (FIPS_cipherinit(&ctx, EVP_aes_128_gcm(), key, iv, 0) <= 0)
94 goto err;
95 if (!FIPS_cipher_ctx_ctrl(&ctx, EVP_CTRL_GCM_SET_TAG, 16, tagtmp))
96 goto err;
97
98 FIPS_cipher(&ctx, NULL, aad, sizeof(aad));
99
100 FIPS_cipher(&ctx, pltmp, citmp, 16);
101
102 if (FIPS_cipher(&ctx, NULL, NULL, 0) < 0)
103 goto err;
104
105 if (memcmp(pltmp, plaintext, 16))
106 goto err;
107
108 ret = 1;
109 err:
110 FIPS_cipher_ctx_cleanup(&ctx);
111 return ret;
112 }
113
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]114static int FIPS_des3_test(void)
115 {
116 int ret = 0;
117 unsigned char pltmp[8];
118 unsigned char citmp[8];
119 unsigned char key[] = { 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,
120 19,20,21,22,23,24};
121 unsigned char plaintext[] = { 'e', 't', 'a', 'o', 'n', 'r', 'i', 's' };
122 EVP_CIPHER_CTX ctx;
Dr. Stephen Hensone47af462011-02-12 18:25:18 +0000[diff] [blame]123 FIPS_cipher_ctx_init(&ctx);
124 if (FIPS_cipherinit(&ctx, EVP_des_ede3_ecb(), key, NULL, 1) <= 0)
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]125 goto err;
Dr. Stephen Hensone47af462011-02-12 18:25:18 +0000[diff] [blame]126 FIPS_cipher(&ctx, citmp, plaintext, 8);
127 if (FIPS_cipherinit(&ctx, EVP_des_ede3_ecb(), key, NULL, 0) <= 0)
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]128 goto err;
Dr. Stephen Hensone47af462011-02-12 18:25:18 +0000[diff] [blame]129 FIPS_cipher(&ctx, pltmp, citmp, 8);
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]130 if (memcmp(pltmp, plaintext, 8))
131 goto err;
132 ret = 1;
133 err:
Dr. Stephen Hensone47af462011-02-12 18:25:18 +0000[diff] [blame]134 FIPS_cipher_ctx_cleanup(&ctx);
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]135 return ret;
136 }
137
138/*
139 * DSA: generate keys and sign, verify input plaintext.
140 */
141static int FIPS_dsa_test(int bad)
142 {
143 DSA *dsa = NULL;
144 unsigned char dgst[] = "etaonrishdlc";
145 int r = 0;
146 EVP_MD_CTX mctx;
147 DSA_SIG *sig = NULL;
148
149 ERR_clear_error();
Dr. Stephen Hensone47af462011-02-12 18:25:18 +0000[diff] [blame]150 FIPS_md_ctx_init(&mctx);
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]151 dsa = FIPS_dsa_new();
152 if (!dsa)
153 goto end;
154 if (!DSA_generate_parameters_ex(dsa, 1024,NULL,0,NULL,NULL,NULL))
155 goto end;
156 if (!DSA_generate_key(dsa))
157 goto end;
158 if (bad)
159 BN_add_word(dsa->pub_key, 1);
160
Dr. Stephen Hensonc81f8f52011-02-15 16:58:06 +0000[diff] [blame]161 if (!FIPS_digestinit(&mctx, EVP_sha256()))
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]162 goto end;
Dr. Stephen Hensone47af462011-02-12 18:25:18 +0000[diff] [blame]163 if (!FIPS_digestupdate(&mctx, dgst, sizeof(dgst) - 1))
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]164 goto end;
165 sig = FIPS_dsa_sign_ctx(dsa, &mctx);
166 if (!sig)
167 goto end;
168
Dr. Stephen Hensonc81f8f52011-02-15 16:58:06 +0000[diff] [blame]169 if (!FIPS_digestinit(&mctx, EVP_sha256()))
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]170 goto end;
Dr. Stephen Hensone47af462011-02-12 18:25:18 +0000[diff] [blame]171 if (!FIPS_digestupdate(&mctx, dgst, sizeof(dgst) - 1))
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]172 goto end;
173 r = FIPS_dsa_verify_ctx(dsa, &mctx, sig);
174 end:
175 if (sig)
Dr. Stephen Hensone990b4f2011-02-13 18:45:41 +0000[diff] [blame]176 FIPS_dsa_sig_free(sig);
Dr. Stephen Hensone47af462011-02-12 18:25:18 +0000[diff] [blame]177 FIPS_md_ctx_cleanup(&mctx);
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]178 if (dsa)
179 FIPS_dsa_free(dsa);
180 if (r != 1)
181 return 0;
182 return 1;
183 }
184
185/*
186 * RSA: generate keys and sign, verify input plaintext.
187 */
188static int FIPS_rsa_test(int bad)
189 {
190 RSA *key;
191 unsigned char input_ptext[] = "etaonrishdlc";
192 unsigned char buf[256];
193 unsigned int slen;
194 BIGNUM *bn;
195 EVP_MD_CTX mctx;
196 int r = 0;
197
198 ERR_clear_error();
Dr. Stephen Hensone47af462011-02-12 18:25:18 +0000[diff] [blame]199 FIPS_md_ctx_init(&mctx);
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]200 key = FIPS_rsa_new();
201 bn = BN_new();
202 if (!key || !bn)
203 return 0;
204 BN_set_word(bn, 65537);
Dr. Stephen Hensonc81f8f52011-02-15 16:58:06 +0000[diff] [blame]205 if (!RSA_generate_key_ex(key, 2048,bn,NULL))
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]206 return 0;
207 BN_free(bn);
208 if (bad)
209 BN_add_word(key->n, 1);
210
Dr. Stephen Hensonc81f8f52011-02-15 16:58:06 +0000[diff] [blame]211 if (!FIPS_digestinit(&mctx, EVP_sha256()))
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]212 goto end;
Dr. Stephen Hensone47af462011-02-12 18:25:18 +0000[diff] [blame]213 if (!FIPS_digestupdate(&mctx, input_ptext, sizeof(input_ptext) - 1))
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]214 goto end;
215 if (!FIPS_rsa_sign_ctx(key, &mctx, RSA_PKCS1_PADDING, 0, NULL, buf, &slen))
216 goto end;
217
Dr. Stephen Hensonc81f8f52011-02-15 16:58:06 +0000[diff] [blame]218 if (!FIPS_digestinit(&mctx, EVP_sha256()))
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]219 goto end;
Dr. Stephen Hensone47af462011-02-12 18:25:18 +0000[diff] [blame]220 if (!FIPS_digestupdate(&mctx, input_ptext, sizeof(input_ptext) - 1))
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]221 goto end;
222 r = FIPS_rsa_verify_ctx(key, &mctx, RSA_PKCS1_PADDING, 0, NULL, buf, slen);
223 end:
Dr. Stephen Hensone47af462011-02-12 18:25:18 +0000[diff] [blame]224 FIPS_md_ctx_cleanup(&mctx);
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]225 if (key)
226 FIPS_rsa_free(key);
227 if (r != 1)
228 return 0;
229 return 1;
230 }
231
232/* SHA1: generate hash of known digest value and compare to known
233 precomputed correct hash
234*/
235static int FIPS_sha1_test()
236 {
237 unsigned char digest[SHA_DIGEST_LENGTH] =
238 { 0x11, 0xf1, 0x9a, 0x3a, 0xec, 0x1a, 0x1e, 0x8e, 0x65, 0xd4, 0x9a, 0x38, 0x0c, 0x8b, 0x1e, 0x2c, 0xe8, 0xb3, 0xc5, 0x18 };
239 unsigned char str[] = "etaonrishd";
240
241 unsigned char md[SHA_DIGEST_LENGTH];
242
243 ERR_clear_error();
Dr. Stephen Hensone47af462011-02-12 18:25:18 +0000[diff] [blame]244 if (!FIPS_digest(str,sizeof(str) - 1,md, NULL, EVP_sha1())) return 0;
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]245 if (memcmp(md,digest,sizeof(md)))
246 return 0;
247 return 1;
248 }
249
250/* SHA256: generate hash of known digest value and compare to known
251 precomputed correct hash
252*/
253static int FIPS_sha256_test()
254 {
255 unsigned char digest[SHA256_DIGEST_LENGTH] =
256 {0xf5, 0x53, 0xcd, 0xb8, 0xcf, 0x1, 0xee, 0x17, 0x9b, 0x93, 0xc9, 0x68, 0xc0, 0xea, 0x40, 0x91,
257 0x6, 0xec, 0x8e, 0x11, 0x96, 0xc8, 0x5d, 0x1c, 0xaf, 0x64, 0x22, 0xe6, 0x50, 0x4f, 0x47, 0x57};
258 unsigned char str[] = "etaonrishd";
259
260 unsigned char md[SHA256_DIGEST_LENGTH];
261
262 ERR_clear_error();
Dr. Stephen Hensone47af462011-02-12 18:25:18 +0000[diff] [blame]263 if (!FIPS_digest(str,sizeof(str) - 1,md, NULL, EVP_sha256())) return 0;
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]264 if (memcmp(md,digest,sizeof(md)))
265 return 0;
266 return 1;
267 }
268
269/* SHA512: generate hash of known digest value and compare to known
270 precomputed correct hash
271*/
272static int FIPS_sha512_test()
273 {
274 unsigned char digest[SHA512_DIGEST_LENGTH] =
275 {0x99, 0xc9, 0xe9, 0x5b, 0x88, 0xd4, 0x78, 0x88, 0xdf, 0x88, 0x5f, 0x94, 0x71, 0x64, 0x28, 0xca,
276 0x16, 0x1f, 0x3d, 0xf4, 0x1f, 0xf3, 0x0f, 0xc5, 0x03, 0x99, 0xb2, 0xd0, 0xe7, 0x0b, 0x94, 0x4a,
277 0x45, 0xd2, 0x6c, 0x4f, 0x20, 0x06, 0xef, 0x71, 0xa9, 0x25, 0x7f, 0x24, 0xb1, 0xd9, 0x40, 0x22,
278 0x49, 0x54, 0x10, 0xc2, 0x22, 0x9d, 0x27, 0xfe, 0xbd, 0xd6, 0xd6, 0xeb, 0x2d, 0x42, 0x1d, 0xa3};
279 unsigned char str[] = "etaonrishd";
280
281 unsigned char md[SHA512_DIGEST_LENGTH];
282
283 ERR_clear_error();
Dr. Stephen Hensone47af462011-02-12 18:25:18 +0000[diff] [blame]284 if (!FIPS_digest(str,sizeof(str) - 1,md, NULL, EVP_sha512())) return 0;
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]285 if (memcmp(md,digest,sizeof(md)))
286 return 0;
287 return 1;
288 }
289
290/* HMAC-SHA1: generate hash of known digest value and compare to known
291 precomputed correct hash
292*/
293static int FIPS_hmac_sha1_test()
294 {
295 unsigned char key[] = "etaonrishd";
296 unsigned char iv[] = "Sample text";
297 unsigned char kaval[EVP_MAX_MD_SIZE] =
298 {0x73, 0xf7, 0xa0, 0x48, 0xf8, 0x94, 0xed, 0xdd, 0x0a, 0xea, 0xea, 0x56, 0x1b, 0x61, 0x2e, 0x70,
299 0xb2, 0xfb, 0xec, 0xc6};
300
301 unsigned char out[EVP_MAX_MD_SIZE];
302 unsigned int outlen;
303
304 ERR_clear_error();
305 if (!HMAC(EVP_sha1(),key,sizeof(key)-1,iv,sizeof(iv)-1,out,&outlen)) return 0;
306 if (memcmp(out,kaval,outlen))
307 return 0;
308 return 1;
309 }
310
311/* HMAC-SHA224: generate hash of known digest value and compare to known
312 precomputed correct hash
313*/
314static int FIPS_hmac_sha224_test()
315 {
316 unsigned char key[] = "etaonrishd";
317 unsigned char iv[] = "Sample text";
318 unsigned char kaval[EVP_MAX_MD_SIZE] =
319 {0x75, 0x58, 0xd5, 0xbd, 0x55, 0x6d, 0x87, 0x0f, 0x75, 0xff, 0xbe, 0x1c, 0xb2, 0xf0, 0x20, 0x35,
320 0xe5, 0x62, 0x49, 0xb6, 0x94, 0xb9, 0xfc, 0x65, 0x34, 0x33, 0x3a, 0x19};
321
322 unsigned char out[EVP_MAX_MD_SIZE];
323 unsigned int outlen;
324
325 ERR_clear_error();
326 if (!HMAC(EVP_sha224(),key,sizeof(key)-1,iv,sizeof(iv)-1,out,&outlen)) return 0;
327 if (memcmp(out,kaval,outlen))
328 return 0;
329 return 1;
330 }
331
332/* HMAC-SHA256: generate hash of known digest value and compare to known
333 precomputed correct hash
334*/
335static int FIPS_hmac_sha256_test()
336 {
337 unsigned char key[] = "etaonrishd";
338 unsigned char iv[] = "Sample text";
339 unsigned char kaval[EVP_MAX_MD_SIZE] =
340 {0xe9, 0x17, 0xc1, 0x7b, 0x4c, 0x6b, 0x77, 0xda, 0xd2, 0x30, 0x36, 0x02, 0xf5, 0x72, 0x33, 0x87,
341 0x9f, 0xc6, 0x6e, 0x7b, 0x7e, 0xa8, 0xea, 0xaa, 0x9f, 0xba, 0xee, 0x51, 0xff, 0xda, 0x24, 0xf4};
342
343 unsigned char out[EVP_MAX_MD_SIZE];
344 unsigned int outlen;
345
346 ERR_clear_error();
347 if (!HMAC(EVP_sha256(),key,sizeof(key)-1,iv,sizeof(iv)-1,out,&outlen)) return 0;
348 if (memcmp(out,kaval,outlen))
349 return 0;
350 return 1;
351 }
352
353/* HMAC-SHA384: generate hash of known digest value and compare to known
354 precomputed correct hash
355*/
356static int FIPS_hmac_sha384_test()
357 {
358 unsigned char key[] = "etaonrishd";
359 unsigned char iv[] = "Sample text";
360 unsigned char kaval[EVP_MAX_MD_SIZE] =
361 {0xb2, 0x9d, 0x40, 0x58, 0x32, 0xc4, 0xe3, 0x31, 0xb6, 0x63, 0x08, 0x26, 0x99, 0xef, 0x3b, 0x10,
362 0xe2, 0xdf, 0xf8, 0xff, 0xc6, 0xe1, 0x03, 0x29, 0x81, 0x2a, 0x1b, 0xac, 0xb0, 0x07, 0x39, 0x08,
363 0xf3, 0x91, 0x35, 0x11, 0x76, 0xd6, 0x4c, 0x20, 0xfb, 0x4d, 0xc3, 0xf3, 0xb8, 0x9b, 0x88, 0x1c};
364
365 unsigned char out[EVP_MAX_MD_SIZE];
366 unsigned int outlen;
367
368 ERR_clear_error();
369 if (!HMAC(EVP_sha384(),key,sizeof(key)-1,iv,sizeof(iv)-1,out,&outlen)) return 0;
370 if (memcmp(out,kaval,outlen))
371 return 0;
372 return 1;
373 }
374
375/* HMAC-SHA512: generate hash of known digest value and compare to known
376 precomputed correct hash
377*/
378static int FIPS_hmac_sha512_test()
379 {
380 unsigned char key[] = "etaonrishd";
381 unsigned char iv[] = "Sample text";
382 unsigned char kaval[EVP_MAX_MD_SIZE] =
383 {0xcd, 0x3e, 0xb9, 0x51, 0xb8, 0xbc, 0x7f, 0x9a, 0x23, 0xaf, 0xf3, 0x77, 0x59, 0x85, 0xa9, 0xe6,
384 0xf7, 0xd1, 0x51, 0x96, 0x17, 0xe0, 0x92, 0xd8, 0xa6, 0x3b, 0xc1, 0xad, 0x7e, 0x24, 0xca, 0xb1,
385 0xd7, 0x79, 0x0a, 0xa5, 0xea, 0x2c, 0x02, 0x58, 0x0b, 0xa6, 0x52, 0x6b, 0x61, 0x7f, 0xeb, 0x9c,
386 0x47, 0x86, 0x5d, 0x74, 0x2b, 0x88, 0xdf, 0xee, 0x46, 0x69, 0x96, 0x3d, 0xa6, 0xd9, 0x2a, 0x53};
387
388 unsigned char out[EVP_MAX_MD_SIZE];
389 unsigned int outlen;
390
391 ERR_clear_error();
392 if (!HMAC(EVP_sha512(),key,sizeof(key)-1,iv,sizeof(iv)-1,out,&outlen)) return 0;
393 if (memcmp(out,kaval,outlen))
394 return 0;
395 return 1;
396 }
397
Richard Levitte37942b92011-03-24 22:57:52 +0000[diff] [blame]398/* CMAC-AES128: generate hash of known digest value and compare to known
399 precomputed correct hash
400*/
401static int FIPS_cmac_aes128_test()
402 {
403 unsigned char key[16] = { 0x2b,0x7e,0x15,0x16, 0x28,0xae,0xd2,0xa6,
404 0xab,0xf7,0x15,0x88, 0x09,0xcf,0x4f,0x3c, };
405 unsigned char data[] = "Sample text";
406 unsigned char kaval[EVP_MAX_MD_SIZE] =
407 { 0x16,0x83,0xfe,0xac, 0x52,0x9b,0xae,0x23,
408 0xd7,0xd5,0x66,0xf5, 0xd2,0x8d,0xbd,0x2a, };
409
410 unsigned char *out = NULL;
Dr. Stephen Hensonbb61a6c2011-03-31 17:12:49 +0000[diff] [blame]411 size_t outlen;
Richard Levitte37942b92011-03-24 22:57:52 +0000[diff] [blame]412 CMAC_CTX *ctx = CMAC_CTX_new();
413 int r = 0;
414
415 ERR_clear_error();
416
417 if (!ctx)
418 goto end;
419 if (!CMAC_Init(ctx,key,sizeof(key),EVP_aes_128_cbc(),NULL))
420 goto end;
421 if (!CMAC_Update(ctx,data,sizeof(data)-1))
422 goto end;
423 /* This should return 1. If not, there's a programming error... */
424 if (!CMAC_Final(ctx, out, &outlen))
425 goto end;
426 out = OPENSSL_malloc(outlen);
427 if (!CMAC_Final(ctx, out, &outlen))
428 goto end;
429#if 0
430 {
431 char *hexout = OPENSSL_malloc(outlen * 2 + 1);
432 bin2hex(out, outlen, hexout);
433 printf("CMAC-AES128: res = %s\n", hexout);
434 OPENSSL_free(hexout);
435 }
436 r = 1;
437#else
438 if (!memcmp(out,kaval,outlen))
439 r = 1;
440#endif
441 end:
442 CMAC_CTX_free(ctx);
443 if (out)
444 OPENSSL_free(out);
445 return r;
446 }
447
448/* CMAC-AES192: generate hash of known digest value and compare to known
449 precomputed correct hash
450*/
451static int FIPS_cmac_aes192_test()
452 {
453 unsigned char key[] = { 0x8e,0x73,0xb0,0xf7, 0xda,0x0e,0x64,0x52,
454 0xc8,0x10,0xf3,0x2b, 0x80,0x90,0x79,0xe5,
455 0x62,0xf8,0xea,0xd2, 0x52,0x2c,0x6b,0x7b, };
456 unsigned char data[] = "Sample text";
457 unsigned char kaval[] =
458 { 0xd6,0x99,0x19,0x25, 0xe5,0x1d,0x95,0x48,
459 0xb1,0x4a,0x0b,0xf2, 0xc6,0x3c,0x47,0x1f, };
460
461 unsigned char *out = NULL;
Dr. Stephen Hensonbb61a6c2011-03-31 17:12:49 +0000[diff] [blame]462 size_t outlen;
Richard Levitte37942b92011-03-24 22:57:52 +0000[diff] [blame]463 CMAC_CTX *ctx = CMAC_CTX_new();
464 int r = 0;
465
466 ERR_clear_error();
467
468 if (!ctx)
469 goto end;
470 if (!CMAC_Init(ctx,key,sizeof(key),EVP_aes_192_cbc(),NULL))
471 goto end;
472 if (!CMAC_Update(ctx,data,sizeof(data)-1))
473 goto end;
474 /* This should return 1. If not, there's a programming error... */
475 if (!CMAC_Final(ctx, out, &outlen))
476 goto end;
477 out = OPENSSL_malloc(outlen);
478 if (!CMAC_Final(ctx, out, &outlen))
479 goto end;
480#if 0
481 {
482 char *hexout = OPENSSL_malloc(outlen * 2 + 1);
483 bin2hex(out, outlen, hexout);
484 printf("CMAC-AES192: res = %s\n", hexout);
485 OPENSSL_free(hexout);
486 }
487 r = 1;
488#else
489 if (!memcmp(out,kaval,outlen))
490 r = 1;
491#endif
492 end:
493 CMAC_CTX_free(ctx);
494 if (out)
495 OPENSSL_free(out);
496 return r;
497 }
498
499/* CMAC-AES256: generate hash of known digest value and compare to known
500 precomputed correct hash
501*/
502static int FIPS_cmac_aes256_test()
503 {
504 unsigned char key[] = { 0x60,0x3d,0xeb,0x10, 0x15,0xca,0x71,0xbe,
505 0x2b,0x73,0xae,0xf0, 0x85,0x7d,0x77,0x81,
506 0x1f,0x35,0x2c,0x07, 0x3b,0x61,0x08,0xd7,
507 0x2d,0x98,0x10,0xa3, 0x09,0x14,0xdf,0xf4, };
508 unsigned char data[] = "Sample text";
509 unsigned char kaval[] =
510 { 0xec,0xc2,0xcf,0x63, 0xc7,0xce,0xfc,0xa4,
511 0xb0,0x86,0x37,0x5f, 0x15,0x60,0xba,0x1f, };
512
513 unsigned char *out = NULL;
Dr. Stephen Hensonbb61a6c2011-03-31 17:12:49 +0000[diff] [blame]514 size_t outlen;
Richard Levitte37942b92011-03-24 22:57:52 +0000[diff] [blame]515 CMAC_CTX *ctx = CMAC_CTX_new();
516 int r = 0;
517
518 ERR_clear_error();
519
520 if (!ctx)
521 goto end;
522 if (!CMAC_Init(ctx,key,sizeof(key),EVP_aes_256_cbc(),NULL))
523 goto end;
524 if (!CMAC_Update(ctx,data,sizeof(data)-1))
525 goto end;
526 /* This should return 1. If not, there's a programming error... */
527 if (!CMAC_Final(ctx, out, &outlen))
528 goto end;
529 out = OPENSSL_malloc(outlen);
530 if (!CMAC_Final(ctx, out, &outlen))
531 goto end;
532#if 0
533 {
534 char *hexout = OPENSSL_malloc(outlen * 2 + 1);
535 bin2hex(out, outlen, hexout);
536 printf("CMAC-AES256: res = %s\n", hexout);
537 OPENSSL_free(hexout);
538 }
539 r = 1;
540#else
541 if (!memcmp(out,kaval,outlen))
542 r = 1;
543#endif
544 end:
545 CMAC_CTX_free(ctx);
546 if (out)
547 OPENSSL_free(out);
548 return r;
549 }
550
Richard Levitte37942b92011-03-24 22:57:52 +0000[diff] [blame]551/* CMAC-TDEA3: generate hash of known digest value and compare to known
552 precomputed correct hash
553*/
554static int FIPS_cmac_tdea3_test()
555 {
556 unsigned char key[] = { 0x8a,0xa8,0x3b,0xf8, 0xcb,0xda,0x10,0x62,
557 0x0b,0xc1,0xbf,0x19, 0xfb,0xb6,0xcd,0x58,
558 0xbc,0x31,0x3d,0x4a, 0x37,0x1c,0xa8,0xb5, };
559 unsigned char data[] = "Sample text";
560 unsigned char kaval[EVP_MAX_MD_SIZE] =
561 { 0xb4,0x06,0x4e,0xbf, 0x59,0x89,0xba,0x68, };
562
563 unsigned char *out = NULL;
Dr. Stephen Hensonbb61a6c2011-03-31 17:12:49 +0000[diff] [blame]564 size_t outlen;
Richard Levitte37942b92011-03-24 22:57:52 +0000[diff] [blame]565 CMAC_CTX *ctx = CMAC_CTX_new();
566 int r = 0;
567
568 ERR_clear_error();
569
570 if (!ctx)
571 goto end;
572 if (!CMAC_Init(ctx,key,sizeof(key),EVP_des_ede3_cbc(),NULL))
573 goto end;
574 if (!CMAC_Update(ctx,data,sizeof(data)-1))
575 goto end;
576 /* This should return 1. If not, there's a programming error... */
577 if (!CMAC_Final(ctx, out, &outlen))
578 goto end;
579 out = OPENSSL_malloc(outlen);
580 if (!CMAC_Final(ctx, out, &outlen))
581 goto end;
582#if 0
583 {
584 char *hexout = OPENSSL_malloc(outlen * 2 + 1);
585 bin2hex(out, outlen, hexout);
586 printf("CMAC-TDEA3: res = %s\n", hexout);
587 OPENSSL_free(hexout);
588 }
589 r = 1;
590#else
591 if (!memcmp(out,kaval,outlen))
592 r = 1;
593#endif
594 end:
595 CMAC_CTX_free(ctx);
596 if (out)
597 OPENSSL_free(out);
598 return r;
599 }
600
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]601
602/* DH: generate shared parameters
603*/
604static int dh_test()
605 {
606 DH *dh;
607 ERR_clear_error();
608 dh = FIPS_dh_new();
609 if (!dh)
610 return 0;
611 if (!DH_generate_parameters_ex(dh, 1024, 2, NULL))
612 return 0;
613 FIPS_dh_free(dh);
614 return 1;
615 }
616
617/* Zeroize
618*/
619static int Zeroize()
620 {
621 RSA *key;
622 BIGNUM *bn;
623 unsigned char userkey[16] =
624 { 0x48, 0x50, 0xf0, 0xa3, 0x3a, 0xed, 0xd3, 0xaf, 0x6e, 0x47, 0x7f, 0x83, 0x02, 0xb1, 0x09, 0x68 };
625 size_t i;
626 int n;
627
628 key = FIPS_rsa_new();
629 bn = BN_new();
630 if (!key || !bn)
631 return 0;
632 BN_set_word(bn, 65537);
633 if (!RSA_generate_key_ex(key, 1024,bn,NULL))
634 return 0;
635 BN_free(bn);
636
637 n = BN_num_bytes(key->d);
638 printf(" Generated %d byte RSA private key\n", n);
639 printf("\tBN key before overwriting:\n");
640 do_bn_print(stdout, key->d);
641 BN_rand(key->d,n*8,-1,0);
642 printf("\tBN key after overwriting:\n");
643 do_bn_print(stdout, key->d);
644
645 printf("\tchar buffer key before overwriting: \n\t\t");
646 for(i = 0; i < sizeof(userkey); i++) printf("%02x", userkey[i]);
647 printf("\n");
648 RAND_bytes(userkey, sizeof userkey);
649 printf("\tchar buffer key after overwriting: \n\t\t");
650 for(i = 0; i < sizeof(userkey); i++) printf("%02x", userkey[i]);
651 printf("\n");
652
653 return 1;
654 }
655
656static int Error;
657static const char * Fail(const char *msg)
658 {
659 Error++;
660 return msg;
661 }
662
663static void test_msg(const char *msg, int result)
664 {
665 printf("%s...%s\n", msg, result ? "successful" : Fail("Failed!"));
666 }
667
Dr. Stephen Henson9338f292011-04-14 16:14:41 +0000[diff] [blame]668/* Table of IDs for POST translating between NIDs and names */
669
670typedef struct
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]671 {
Dr. Stephen Henson9338f292011-04-14 16:14:41 +0000[diff] [blame]672 int id;
673 const char *name;
674 } POST_ID;
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]675
Dr. Stephen Henson9338f292011-04-14 16:14:41 +0000[diff] [blame]676POST_ID id_list[] = {
677 {NID_sha1, "SHA1"},
678 {NID_sha224, "SHA224"},
679 {NID_sha256, "SHA256"},
680 {NID_sha384, "SHA384"},
681 {NID_sha512, "SHA512"},
682 {EVP_PKEY_RSA, "RSA"},
683 {EVP_PKEY_DSA, "DSA"},
684 {EVP_PKEY_EC, "ECDSA"},
Dr. Stephen Henson8f331992011-04-14 16:38:20 +0000[diff] [blame^]685 {NID_aes_128_cbc, "AES-128-CBC"},
686 {NID_aes_192_cbc, "AES-192-CBC"},
687 {NID_aes_256_cbc, "AES-256-CBC"},
Dr. Stephen Henson9338f292011-04-14 16:14:41 +0000[diff] [blame]688 {NID_aes_128_ecb, "AES-128-ECB"},
Dr. Stephen Henson8f331992011-04-14 16:38:20 +0000[diff] [blame^]689 {NID_des_ede3_cbc, "DES-EDE3-CBC"},
Dr. Stephen Henson9338f292011-04-14 16:14:41 +0000[diff] [blame]690 {NID_des_ede3_ecb, "DES-EDE3-ECB"},
691 {0, NULL}
692};
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]693
Dr. Stephen Henson9338f292011-04-14 16:14:41 +0000[diff] [blame]694static const char *lookup_id(int id)
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]695 {
Dr. Stephen Henson9338f292011-04-14 16:14:41 +0000[diff] [blame]696 POST_ID *n;
697 static char out[40];
698 for (n = id_list; n->name; n++)
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]699 {
Dr. Stephen Henson9338f292011-04-14 16:14:41 +0000[diff] [blame]700 if (n->id == id)
701 return n->name;
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]702 }
Dr. Stephen Henson8f331992011-04-14 16:38:20 +0000[diff] [blame^]703 sprintf(out, "ID=%d", id);
Dr. Stephen Henson9338f292011-04-14 16:14:41 +0000[diff] [blame]704 return out;
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]705 }
706
707static int fail_id = -1;
708static int fail_sub = -1;
709static int fail_key = -1;
710
711static int post_cb(int op, int id, int subid, void *ex)
712 {
713 const char *idstr, *exstr = "";
714 int keytype = -1;
715 switch(id)
716 {
717 case FIPS_TEST_INTEGRITY:
718 idstr = "Integrity";
719 break;
720
721 case FIPS_TEST_DIGEST:
722 idstr = "Digest";
Dr. Stephen Henson9338f292011-04-14 16:14:41 +0000[diff] [blame]723 exstr = lookup_id(subid);
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]724 break;
725
726 case FIPS_TEST_CIPHER:
Dr. Stephen Henson9338f292011-04-14 16:14:41 +0000[diff] [blame]727 exstr = lookup_id(subid);
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]728 idstr = "Cipher";
729 break;
730
731 case FIPS_TEST_SIGNATURE:
732 if (ex)
733 {
734 EVP_PKEY *pkey = ex;
735 keytype = pkey->type;
Dr. Stephen Henson9338f292011-04-14 16:14:41 +0000[diff] [blame]736 exstr = lookup_id(keytype);
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]737 }
738 idstr = "Signature";
739 break;
740
741 case FIPS_TEST_HMAC:
Dr. Stephen Henson9338f292011-04-14 16:14:41 +0000[diff] [blame]742 exstr = lookup_id(subid);
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]743 idstr = "HMAC";
744 break;
745
746 case FIPS_TEST_CMAC:
Dr. Stephen Henson80385112011-04-14 13:10:00 +0000[diff] [blame]747 idstr = "CMAC";
Dr. Stephen Henson8f331992011-04-14 16:38:20 +0000[diff] [blame^]748 exstr = lookup_id(subid);
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]749 break;
750
751 case FIPS_TEST_GCM:
Dr. Stephen Henson9338f292011-04-14 16:14:41 +0000[diff] [blame]752 idstr = "GCM";
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]753 break;
754
755 case FIPS_TEST_CCM:
Dr. Stephen Henson9338f292011-04-14 16:14:41 +0000[diff] [blame]756 idstr = "CCM";
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]757 break;
758
759 case FIPS_TEST_XTS:
760 idstr = "HMAC";
761 break;
762
763 case FIPS_TEST_X931:
764 idstr = "X9.31 PRNG";
765 break;
766
767 case FIPS_TEST_DRBG:
768 idstr = "DRBG";
769 break;
770
771 case FIPS_TEST_PAIRWISE:
772 if (ex)
773 {
774 EVP_PKEY *pkey = ex;
775 keytype = pkey->type;
Dr. Stephen Henson9338f292011-04-14 16:14:41 +0000[diff] [blame]776 exstr = lookup_id(keytype);
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]777 }
778 idstr = "Pairwise Consistency";
779 break;
780
781 case FIPS_TEST_CONTINUOUS:
782 idstr = "Continuous PRNG";
783 break;
784
785 default:
786 idstr = "Unknown";
787 break;
788
789 }
790
791 switch(op)
792 {
793 case FIPS_POST_BEGIN:
794 printf("\tPOST started\n");
795 break;
796
797 case FIPS_POST_END:
798 printf("\tPOST %s\n", id ? "Success" : "Failed");
799 break;
800
801 case FIPS_POST_STARTED:
Dr. Stephen Henson9338f292011-04-14 16:14:41 +0000[diff] [blame]802 printf("\t\t%s %s test started\n", idstr, exstr);
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]803 break;
804
805 case FIPS_POST_SUCCESS:
Dr. Stephen Henson9338f292011-04-14 16:14:41 +0000[diff] [blame]806 printf("\t\t%s %s test OK\n", idstr, exstr);
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]807 break;
808
809 case FIPS_POST_FAIL:
Dr. Stephen Henson9338f292011-04-14 16:14:41 +0000[diff] [blame]810 printf("\t\t%s %s test FAILED!!\n", idstr, exstr);
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]811 break;
812
813 case FIPS_POST_CORRUPT:
814 if (fail_id == id
815 && (fail_key == -1 || fail_key == keytype)
816 && (fail_sub == -1 || fail_sub == subid))
817 {
Dr. Stephen Henson9338f292011-04-14 16:14:41 +0000[diff] [blame]818 printf("\t\t%s %s test failure induced\n", idstr, exstr);
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]819 return 0;
820 }
821 break;
822
823 }
824 return 1;
825 }
826
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]827int main(int argc,char **argv)
828 {
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]829 int bad_rsa = 0, bad_dsa = 0;
830 int do_rng_stick = 0;
Dr. Stephen Hensonded19992011-04-04 14:47:31 +0000[diff] [blame]831 int do_drbg_stick = 0;
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]832 int no_exit = 0;
833
Dr. Stephen Henson011c8652011-04-01 14:46:07 +0000[diff] [blame]834 fips_algtest_init_nofips();
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]835
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]836 FIPS_post_set_callback(post_cb);
837
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]838 printf("\tFIPS-mode test application\n\n");
839
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]840 if (argv[1]) {
841 /* Corrupted KAT tests */
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]842 if (!strcmp(argv[1], "integrity")) {
843 fail_id = FIPS_TEST_INTEGRITY;
844 } else if (!strcmp(argv[1], "aes")) {
845 fail_id = FIPS_TEST_CIPHER;
846 fail_sub = NID_aes_128_ecb;
Dr. Stephen Hensonacf254f2011-02-18 17:09:33 +0000[diff] [blame]847 } else if (!strcmp(argv[1], "aes-gcm")) {
Dr. Stephen Henson80385112011-04-14 13:10:00 +0000[diff] [blame]848 fail_id = FIPS_TEST_GCM;
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]849 } else if (!strcmp(argv[1], "des")) {
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]850 fail_id = FIPS_TEST_CIPHER;
851 fail_sub = NID_des_ede3_ecb;
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]852 } else if (!strcmp(argv[1], "dsa")) {
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]853 fail_id = FIPS_TEST_SIGNATURE;
854 fail_key = EVP_PKEY_DSA;
Dr. Stephen Henson947ff112011-02-18 17:25:00 +0000[diff] [blame]855 } else if (!strcmp(argv[1], "ecdsa")) {
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]856 fail_id = FIPS_TEST_SIGNATURE;
857 fail_key = EVP_PKEY_EC;
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]858 } else if (!strcmp(argv[1], "rsa")) {
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]859 fail_id = FIPS_TEST_SIGNATURE;
860 fail_key = EVP_PKEY_RSA;
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]861 } else if (!strcmp(argv[1], "rsakey")) {
862 printf("RSA key generation and signature validation with corrupted key...\n");
863 bad_rsa = 1;
864 no_exit = 1;
865 } else if (!strcmp(argv[1], "rsakeygen")) {
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]866 fail_id = FIPS_TEST_PAIRWISE;
867 fail_key = EVP_PKEY_RSA;
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]868 no_exit = 1;
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]869 } else if (!strcmp(argv[1], "dsakey")) {
870 printf("DSA key generation and signature validation with corrupted key...\n");
871 bad_dsa = 1;
872 no_exit = 1;
873 } else if (!strcmp(argv[1], "dsakeygen")) {
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]874 fail_id = FIPS_TEST_PAIRWISE;
875 fail_key = EVP_PKEY_DSA;
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]876 no_exit = 1;
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]877 } else if (!strcmp(argv[1], "sha1")) {
Dr. Stephen Hensonac892b72011-04-14 11:15:10 +0000[diff] [blame]878 fail_id = FIPS_TEST_DIGEST;
Dr. Stephen Henson80385112011-04-14 13:10:00 +0000[diff] [blame]879 } else if (!strcmp(argv[1], "hmac")) {
880 fail_id = FIPS_TEST_HMAC;
Dr. Stephen Henson8f331992011-04-14 16:38:20 +0000[diff] [blame^]881 } else if (!strcmp(argv[1], "cmac")) {
882 fail_id = FIPS_TEST_CMAC;
Dr. Stephen Hensonfbbabb62011-03-16 15:52:12 +0000[diff] [blame]883 } else if (!strcmp(argv[1], "drbg")) {
884 FIPS_corrupt_drbg();
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]885 } else if (!strcmp(argv[1], "rng")) {
Dr. Stephen Hensoncab05952011-04-05 12:42:31 +0000[diff] [blame]886 FIPS_corrupt_x931();
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]887 } else if (!strcmp(argv[1], "rngstick")) {
888 do_rng_stick = 1;
889 no_exit = 1;
890 printf("RNG test with stuck continuous test...\n");
Dr. Stephen Hensonded19992011-04-04 14:47:31 +0000[diff] [blame]891 } else if (!strcmp(argv[1], "drbgstick")) {
892 do_drbg_stick = 1;
893 no_exit = 1;
894 printf("DRBG test with stuck continuous test...\n");
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]895 } else {
896 printf("Bad argument \"%s\"\n", argv[1]);
897 exit(1);
898 }
899 if (!no_exit) {
900 if (!FIPS_mode_set(1)) {
901 printf("Power-up self test failed\n");
902 exit(1);
903 }
904 printf("Power-up self test successful\n");
905 exit(0);
906 }
907 }
908
909 /* Non-Approved cryptographic operation
910 */
911 printf("1. Non-Approved cryptographic operation test...\n");
912 test_msg("\ta. Included algorithm (D-H)...", dh_test());
913
914 /* Power-up self test
915 */
916 ERR_clear_error();
917 test_msg("2. Automatic power-up self test", FIPS_mode_set(1));
918 if (!FIPS_mode())
919 exit(1);
Dr. Stephen Hensonded19992011-04-04 14:47:31 +0000[diff] [blame]920 if (do_drbg_stick)
921 FIPS_drbg_stick();
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]922 if (do_rng_stick)
Dr. Stephen Hensoncab05952011-04-05 12:42:31 +0000[diff] [blame]923 FIPS_x931_stick();
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]924
925 /* AES encryption/decryption
926 */
Dr. Stephen Hensonacf254f2011-02-18 17:09:33 +0000[diff] [blame]927 test_msg("3a. AES encryption/decryption", FIPS_aes_test());
928 /* AES GCM encryption/decryption
929 */
930 test_msg("3b. AES-GCM encryption/decryption", FIPS_aes_gcm_test());
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]931
932 /* RSA key generation and encryption/decryption
933 */
934 test_msg("4. RSA key generation and encryption/decryption",
935 FIPS_rsa_test(bad_rsa));
936
937 /* DES-CBC encryption/decryption
938 */
939 test_msg("5. DES-ECB encryption/decryption", FIPS_des3_test());
940
941 /* DSA key generation and signature validation
942 */
943 test_msg("6. DSA key generation and signature validation",
944 FIPS_dsa_test(bad_dsa));
945
946 /* SHA-1 hash
947 */
948 test_msg("7a. SHA-1 hash", FIPS_sha1_test());
949
950 /* SHA-256 hash
951 */
952 test_msg("7b. SHA-256 hash", FIPS_sha256_test());
953
954 /* SHA-512 hash
955 */
956 test_msg("7c. SHA-512 hash", FIPS_sha512_test());
957
958 /* HMAC-SHA-1 hash
959 */
960 test_msg("7d. HMAC-SHA-1 hash", FIPS_hmac_sha1_test());
961
962 /* HMAC-SHA-224 hash
963 */
964 test_msg("7e. HMAC-SHA-224 hash", FIPS_hmac_sha224_test());
965
966 /* HMAC-SHA-256 hash
967 */
968 test_msg("7f. HMAC-SHA-256 hash", FIPS_hmac_sha256_test());
969
970 /* HMAC-SHA-384 hash
971 */
972 test_msg("7g. HMAC-SHA-384 hash", FIPS_hmac_sha384_test());
973
974 /* HMAC-SHA-512 hash
975 */
976 test_msg("7h. HMAC-SHA-512 hash", FIPS_hmac_sha512_test());
977
Richard Levitte37942b92011-03-24 22:57:52 +0000[diff] [blame]978 /* CMAC-AES-128 hash
979 */
980 test_msg("8a. CMAC-AES-128 hash", FIPS_cmac_aes128_test());
981
982 /* CMAC-AES-192 hash
983 */
984 test_msg("8b. CMAC-AES-192 hash", FIPS_cmac_aes192_test());
985
986 /* CMAC-AES-256 hash
987 */
988 test_msg("8c. CMAC-AES-256 hash", FIPS_cmac_aes256_test());
989
990# if 0 /* Not a FIPS algorithm */
991 /* CMAC-TDEA-2 hash
992 */
993 test_msg("8d. CMAC-TDEA-2 hash", FIPS_cmac_tdea2_test());
994#endif
995
996 /* CMAC-TDEA-3 hash
997 */
998 test_msg("8e. CMAC-TDEA-3 hash", FIPS_cmac_tdea3_test());
999
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]1000 /* Non-Approved cryptographic operation
1001 */
Richard Levitte37942b92011-03-24 22:57:52 +0000[diff] [blame]1002 printf("9. Non-Approved cryptographic operation test...\n");
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]1003 printf("\ta. Included algorithm (D-H)...%s\n",
1004 dh_test() ? "successful as expected"
1005 : Fail("failed INCORRECTLY!") );
1006
1007 /* Zeroization
1008 */
Richard Levitte37942b92011-03-24 22:57:52 +0000[diff] [blame]1009 printf("10. Zero-ization...\n\t%s\n",
Dr. Stephen Henson2b4b28d2011-01-26 00:56:19 +0000[diff] [blame]1010 Zeroize() ? "successful as expected"
1011 : Fail("failed INCORRECTLY!") );
1012
1013 printf("\nAll tests completed with %d errors\n", Error);
1014 return Error ? 1 : 0;
1015 }
1016
1017#endif