diff options
Diffstat (limited to 'openssl/fips/hmac')
| -rw-r--r-- | openssl/fips/hmac/Makefile | 123 | ||||
| -rw-r--r-- | openssl/fips/hmac/fips_hmac.c | 191 | ||||
| -rw-r--r-- | openssl/fips/hmac/fips_hmac_selftest.c | 135 | ||||
| -rw-r--r-- | openssl/fips/hmac/fips_hmactest.c | 328 | 
4 files changed, 0 insertions, 777 deletions
| diff --git a/openssl/fips/hmac/Makefile b/openssl/fips/hmac/Makefile deleted file mode 100644 index be230ade9..000000000 --- a/openssl/fips/hmac/Makefile +++ /dev/null @@ -1,123 +0,0 @@ -# -# OpenSSL/fips/hmac/Makefile -# - -DIR=	hmac -TOP=	../.. -CC=	cc -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR=     /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG=	makedepend -MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE=	Makefile -AR=		ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST=fips_hmactest.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=fips_hmac.c fips_hmac_selftest.c -LIBOBJ=fips_hmac.o fips_hmac_selftest.o - -SRC= $(LIBSRC) - -EXHEADER= -HEADER=	$(EXHEADER) - -ALL=    $(GENERAL) $(SRC) $(HEADER) - -top: -	(cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all) - -all:	lib - -lib:	$(LIBOBJ) -	@echo $(LIBOBJ) > lib - -files: -	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - -links: -	@$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER) -	@$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST) -	@$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS) - -install: -	@headerlist="$(EXHEADER)"; for i in $$headerlist; \ -	do \ -	  (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ -	  chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ -	done - -tags: -	ctags $(SRC) - -tests: - -Q=../testvectors/hmac/req -A=../testvectors/hmac/rsp - -fips_test: -	-rm -rf $(A) -	mkdir $(A) -	if [ -f $(Q)/HMAC.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_hmactest < $(Q)/HMAC.req > $(A)/HMAC.rsp; fi - -lint: -	lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: -	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(SRC) $(TEST) - -dclean: -	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new -	mv -f Makefile.new $(MAKEFILE) - -clean: -	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff -# DO NOT DELETE THIS LINE -- make depend depends on it. - -fips_hmac.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -fips_hmac.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -fips_hmac.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -fips_hmac.o: ../../include/openssl/hmac.h ../../include/openssl/obj_mac.h -fips_hmac.o: ../../include/openssl/objects.h -fips_hmac.o: ../../include/openssl/opensslconf.h -fips_hmac.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -fips_hmac.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -fips_hmac.o: ../../include/openssl/symhacks.h fips_hmac.c -fips_hmac_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -fips_hmac_selftest.o: ../../include/openssl/crypto.h -fips_hmac_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -fips_hmac_selftest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -fips_hmac_selftest.o: ../../include/openssl/hmac.h -fips_hmac_selftest.o: ../../include/openssl/lhash.h -fips_hmac_selftest.o: ../../include/openssl/obj_mac.h -fips_hmac_selftest.o: ../../include/openssl/objects.h -fips_hmac_selftest.o: ../../include/openssl/opensslconf.h -fips_hmac_selftest.o: ../../include/openssl/opensslv.h -fips_hmac_selftest.o: ../../include/openssl/ossl_typ.h -fips_hmac_selftest.o: ../../include/openssl/safestack.h -fips_hmac_selftest.o: ../../include/openssl/stack.h -fips_hmac_selftest.o: ../../include/openssl/symhacks.h fips_hmac_selftest.c -fips_hmactest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -fips_hmactest.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -fips_hmactest.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -fips_hmactest.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -fips_hmactest.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -fips_hmactest.o: ../../include/openssl/err.h ../../include/openssl/evp.h -fips_hmactest.o: ../../include/openssl/fips.h ../../include/openssl/hmac.h -fips_hmactest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -fips_hmactest.o: ../../include/openssl/objects.h -fips_hmactest.o: ../../include/openssl/opensslconf.h -fips_hmactest.o: ../../include/openssl/opensslv.h -fips_hmactest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -fips_hmactest.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -fips_hmactest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -fips_hmactest.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -fips_hmactest.o: ../../include/openssl/x509v3.h ../fips_utl.h fips_hmactest.c diff --git a/openssl/fips/hmac/fips_hmac.c b/openssl/fips/hmac/fips_hmac.c deleted file mode 100644 index 7c49c9882..000000000 --- a/openssl/fips/hmac/fips_hmac.c +++ /dev/null @@ -1,191 +0,0 @@ -/* crypto/hmac/hmac.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - *  - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to.  The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code.  The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - *  - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - *  - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - *    notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - *    notice, this list of conditions and the following disclaimer in the - *    documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - *    must display the following acknowledgement: - *    "This product includes cryptographic software written by - *     Eric Young (eay@cryptsoft.com)" - *    The word 'cryptographic' can be left out if the rouines from the library - *    being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from  - *    the apps directory (application code) you must include an acknowledgement: - *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - *  - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - *  - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed.  i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <openssl/hmac.h> -#include <openssl/fips.h> - -#ifdef OPENSSL_FIPS - -void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, -		  const EVP_MD *md, ENGINE *impl) -	{ -	int i,j,reset=0; -	unsigned char pad[HMAC_MAX_MD_CBLOCK]; - -	if (md != NULL) -		{ -		reset=1; -		ctx->md=md; -		} -	else -		md=ctx->md; - -	if (key != NULL) -		{ -		if (FIPS_mode() && !(md->flags & EVP_MD_FLAG_FIPS) -		&& (!(ctx->md_ctx.flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW) -		 || !(ctx->i_ctx.flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW) -		 || !(ctx->o_ctx.flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW))) -		OpenSSLDie(__FILE__,__LINE__, -			"HMAC: digest not allowed in FIPS mode"); -		 -		reset=1; -		j=M_EVP_MD_block_size(md); -		OPENSSL_assert(j <= sizeof ctx->key); -		if (j < len) -			{ -			EVP_DigestInit_ex(&ctx->md_ctx,md, impl); -			EVP_DigestUpdate(&ctx->md_ctx,key,len); -			EVP_DigestFinal_ex(&(ctx->md_ctx),ctx->key, -				&ctx->key_length); -			} -		else -			{ -			OPENSSL_assert(len <= sizeof ctx->key); -			memcpy(ctx->key,key,len); -			ctx->key_length=len; -			} -		if(ctx->key_length != HMAC_MAX_MD_CBLOCK) -			memset(&ctx->key[ctx->key_length], 0, -				HMAC_MAX_MD_CBLOCK - ctx->key_length); -		} - -	if (reset)	 -		{ -		for (i=0; i<HMAC_MAX_MD_CBLOCK; i++) -			pad[i]=0x36^ctx->key[i]; -		EVP_DigestInit_ex(&ctx->i_ctx,md, impl); -		EVP_DigestUpdate(&ctx->i_ctx,pad,M_EVP_MD_block_size(md)); - -		for (i=0; i<HMAC_MAX_MD_CBLOCK; i++) -			pad[i]=0x5c^ctx->key[i]; -		EVP_DigestInit_ex(&ctx->o_ctx,md, impl); -		EVP_DigestUpdate(&ctx->o_ctx,pad,M_EVP_MD_block_size(md)); -		} -	EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->i_ctx); -	} - -void HMAC_Init(HMAC_CTX *ctx, const void *key, int len, -	       const EVP_MD *md) -	{ -	if(key && md) -	    HMAC_CTX_init(ctx); -	HMAC_Init_ex(ctx,key,len,md, NULL); -	} - -void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len) -	{ -	EVP_DigestUpdate(&ctx->md_ctx,data,len); -	} - -void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len) -	{ -	int j; -	unsigned int i; -	unsigned char buf[EVP_MAX_MD_SIZE]; - -	j=M_EVP_MD_block_size(ctx->md); - -	EVP_DigestFinal_ex(&ctx->md_ctx,buf,&i); -	EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->o_ctx); -	EVP_DigestUpdate(&ctx->md_ctx,buf,i); -	EVP_DigestFinal_ex(&ctx->md_ctx,md,len); -	} - -void HMAC_CTX_init(HMAC_CTX *ctx) -	{ -	EVP_MD_CTX_init(&ctx->i_ctx); -	EVP_MD_CTX_init(&ctx->o_ctx); -	EVP_MD_CTX_init(&ctx->md_ctx); -	} - -void HMAC_CTX_cleanup(HMAC_CTX *ctx) -	{ -	EVP_MD_CTX_cleanup(&ctx->i_ctx); -	EVP_MD_CTX_cleanup(&ctx->o_ctx); -	EVP_MD_CTX_cleanup(&ctx->md_ctx); -	memset(ctx,0,sizeof *ctx); -	} - -unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, -		    const unsigned char *d, size_t n, unsigned char *md, -		    unsigned int *md_len) -	{ -	HMAC_CTX c; -	static unsigned char m[EVP_MAX_MD_SIZE]; - -	if (md == NULL) md=m; -	HMAC_CTX_init(&c); -	HMAC_Init(&c,key,key_len,evp_md); -	HMAC_Update(&c,d,n); -	HMAC_Final(&c,md,md_len); -	HMAC_CTX_cleanup(&c); -	return(md); -	} - -void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags) -	{ -	M_EVP_MD_CTX_set_flags(&ctx->i_ctx, flags); -	M_EVP_MD_CTX_set_flags(&ctx->o_ctx, flags); -	M_EVP_MD_CTX_set_flags(&ctx->md_ctx, flags); -	} - -#endif - diff --git a/openssl/fips/hmac/fips_hmac_selftest.c b/openssl/fips/hmac/fips_hmac_selftest.c deleted file mode 100644 index a69777073..000000000 --- a/openssl/fips/hmac/fips_hmac_selftest.c +++ /dev/null @@ -1,135 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2005 The OpenSSL Project.  All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - *    notice, this list of conditions and the following disclaimer.  - * - * 2. Redistributions in binary form must reproduce the above copyright - *    notice, this list of conditions and the following disclaimer in - *    the documentation and/or other materials provided with the - *    distribution. - * - * 3. All advertising materials mentioning features or use of this - *    software must display the following acknowledgment: - *    "This product includes software developed by the OpenSSL Project - *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - *    endorse or promote products derived from this software without - *    prior written permission. For written permission, please contact - *    openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - *    nor may "OpenSSL" appear in their names without prior written - *    permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - *    acknowledgment: - *    "This product includes software developed by the OpenSSL Project - *    for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - -#include <string.h> -#include <openssl/err.h> -#include <openssl/fips.h> -#include <openssl/hmac.h> - -#ifdef OPENSSL_FIPS -typedef struct { -	const EVP_MD *(*alg)(void); -	const char *key, *iv; -	unsigned char kaval[EVP_MAX_MD_SIZE]; -} HMAC_KAT; - -static const HMAC_KAT vector[] = { -    {	EVP_sha1, -	/* from http://csrc.nist.gov/publications/fips/fips198/fips-198a.pdf */ -	"0123456789:;<=>?@ABC", -	"Sample #2", -	{ 0x09,0x22,0xd3,0x40,0x5f,0xaa,0x3d,0x19, -	  0x4f,0x82,0xa4,0x58,0x30,0x73,0x7d,0x5c, -	  0xc6,0xc7,0x5d,0x24 } -    }, -    {	EVP_sha224, -	/* just keep extending the above... */ -	"0123456789:;<=>?@ABC", -	"Sample #2", -	{ 0xdd,0xef,0x0a,0x40,0xcb,0x7d,0x50,0xfb, -	  0x6e,0xe6,0xce,0xa1,0x20,0xba,0x26,0xaa, -	  0x08,0xf3,0x07,0x75,0x87,0xb8,0xad,0x1b, -	  0x8c,0x8d,0x12,0xc7 } -    }, -    {	EVP_sha256, -	"0123456789:;<=>?@ABC", -	"Sample #2", -	{ 0xb8,0xf2,0x0d,0xb5,0x41,0xea,0x43,0x09, -	  0xca,0x4e,0xa9,0x38,0x0c,0xd0,0xe8,0x34, -	  0xf7,0x1f,0xbe,0x91,0x74,0xa2,0x61,0x38, -	  0x0d,0xc1,0x7e,0xae,0x6a,0x34,0x51,0xd9 } -    }, -    {	EVP_sha384, -	"0123456789:;<=>?@ABC", -	"Sample #2", -	{ 0x08,0xbc,0xb0,0xda,0x49,0x1e,0x87,0xad, -	  0x9a,0x1d,0x6a,0xce,0x23,0xc5,0x0b,0xf6, -	  0xb7,0x18,0x06,0xa5,0x77,0xcd,0x49,0x04, -	  0x89,0xf1,0xe6,0x23,0x44,0x51,0x51,0x9f, -	  0x85,0x56,0x80,0x79,0x0c,0xbd,0x4d,0x50, -	  0xa4,0x5f,0x29,0xe3,0x93,0xf0,0xe8,0x7f } -    }, -    {	EVP_sha512, -	"0123456789:;<=>?@ABC", -	"Sample #2", -	{ 0x80,0x9d,0x44,0x05,0x7c,0x5b,0x95,0x41, -	  0x05,0xbd,0x04,0x13,0x16,0xdb,0x0f,0xac, -	  0x44,0xd5,0xa4,0xd5,0xd0,0x89,0x2b,0xd0, -	  0x4e,0x86,0x64,0x12,0xc0,0x90,0x77,0x68, -	  0xf1,0x87,0xb7,0x7c,0x4f,0xae,0x2c,0x2f, -	  0x21,0xa5,0xb5,0x65,0x9a,0x4f,0x4b,0xa7, -	  0x47,0x02,0xa3,0xde,0x9b,0x51,0xf1,0x45, -	  0xbd,0x4f,0x25,0x27,0x42,0x98,0x99,0x05 } -    }, -}; - -int FIPS_selftest_hmac() -    { -    int n; -    unsigned int    outlen; -    unsigned char   out[EVP_MAX_MD_SIZE]; -    const EVP_MD   *md; -    const HMAC_KAT *t; - -    for(n=0,t=vector; n<sizeof(vector)/sizeof(vector[0]); n++,t++) -	{ -	md = (*t->alg)(); -	HMAC(md,t->key,strlen(t->key), -		(const unsigned char *)t->iv,strlen(t->iv), -		out,&outlen); - -	if(memcmp(out,t->kaval,outlen)) -	    { -	    FIPSerr(FIPS_F_FIPS_SELFTEST_HMAC,FIPS_R_SELFTEST_FAILED); -	    return 0; -	    } -	} -    return 1; -    } -#endif diff --git a/openssl/fips/hmac/fips_hmactest.c b/openssl/fips/hmac/fips_hmactest.c deleted file mode 100644 index 69ebf6862..000000000 --- a/openssl/fips/hmac/fips_hmactest.c +++ /dev/null @@ -1,328 +0,0 @@ -/* fips_hmactest.c */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2005. - */ -/* ==================================================================== - * Copyright (c) 2005 The OpenSSL Project.  All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - *    notice, this list of conditions and the following disclaimer.  - * - * 2. Redistributions in binary form must reproduce the above copyright - *    notice, this list of conditions and the following disclaimer in - *    the documentation and/or other materials provided with the - *    distribution. - * - * 3. All advertising materials mentioning features or use of this - *    software must display the following acknowledgment: - *    "This product includes software developed by the OpenSSL Project - *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - *    endorse or promote products derived from this software without - *    prior written permission. For written permission, please contact - *    licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - *    nor may "OpenSSL" appear in their names without prior written - *    permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - *    acknowledgment: - *    "This product includes software developed by the OpenSSL Project - *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com).  This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include <stdio.h> -#include <ctype.h> -#include <string.h> -#include <openssl/bio.h> -#include <openssl/evp.h> -#include <openssl/hmac.h> -#include <openssl/err.h> -#include <openssl/bn.h> - -#include <openssl/x509v3.h> - -#ifndef OPENSSL_FIPS - -int main(int argc, char *argv[]) -{ -    printf("No FIPS HMAC support\n"); -    return(0); -} - -#else - -#include <openssl/fips.h> -#include "fips_utl.h" - -static int hmac_test(const EVP_MD *md, FILE *out, FILE *in); -static int print_hmac(const EVP_MD *md, FILE *out, -		unsigned char *Key, int Klen, -		unsigned char *Msg, int Msglen, int Tlen); - -int main(int argc, char **argv) -	{ -	FILE *in = NULL, *out = NULL; - -	int ret = 1; - -	if(!FIPS_mode_set(1)) -		{ -		do_print_errors(); -		goto end; -		} - -	if (argc == 1) -		in = stdin; -	else -		in = fopen(argv[1], "r"); - -	if (argc < 2) -		out = stdout; -	else -		out = fopen(argv[2], "w"); - -	if (!in) -		{ -		fprintf(stderr, "FATAL input initialization error\n"); -		goto end; -		} - -	if (!out) -		{ -		fprintf(stderr, "FATAL output initialization error\n"); -		goto end; -		} - -	if (!hmac_test(EVP_sha1(), out, in)) -		{ -		fprintf(stderr, "FATAL hmac file processing error\n"); -		goto end; -		} -	else -		ret = 0; - -	end: - -	if (ret) -		do_print_errors(); - -	if (in && (in != stdin)) -		fclose(in); -	if (out && (out != stdout)) -		fclose(out); - -	return ret; - -	} - -#define HMAC_TEST_MAXLINELEN	1024 - -int hmac_test(const EVP_MD *md, FILE *out, FILE *in) -	{ -	char *linebuf, *olinebuf, *p, *q; -	char *keyword, *value; -	unsigned char *Key = NULL, *Msg = NULL; -	int Count, Klen, Tlen; -	long Keylen, Msglen; -	int ret = 0; -	int lnum = 0; - -	olinebuf = OPENSSL_malloc(HMAC_TEST_MAXLINELEN); -	linebuf = OPENSSL_malloc(HMAC_TEST_MAXLINELEN); - -	if (!linebuf || !olinebuf) -		goto error; - -	Count = -1; -	Klen = -1; -	Tlen = -1; - -	while (fgets(olinebuf, HMAC_TEST_MAXLINELEN, in)) -		{ -		lnum++; -		strcpy(linebuf, olinebuf); -		keyword = linebuf; -		/* Skip leading space */ -		while (isspace((unsigned char)*keyword)) -			keyword++; - -		/* Look for = sign */ -		p = strchr(linebuf, '='); - -		/* If no = or starts with [ (for [L=20] line) just copy */ -		if (!p) -			{ -			if (fputs(olinebuf, out) < 0) -				goto error; -			continue; -			} - -		q = p - 1; - -		/* Remove trailing space */ -		while (isspace((unsigned char)*q)) -			*q-- = 0; - -		*p = 0; -		value = p + 1; - -		/* Remove leading space from value */ -		while (isspace((unsigned char)*value)) -			value++; - -		/* Remove trailing space from value */ -		p = value + strlen(value) - 1; - -		while (*p == '\n' || isspace((unsigned char)*p)) -			*p-- = 0; - -		if (!strcmp(keyword,"[L") && *p==']') -			{ -			switch (atoi(value)) -				{ -				case 20: md=EVP_sha1();   break; -				case 28: md=EVP_sha224(); break; -				case 32: md=EVP_sha256(); break; -				case 48: md=EVP_sha384(); break; -				case 64: md=EVP_sha512(); break; -				default: goto parse_error; -				} -			} -		else if (!strcmp(keyword, "Count")) -			{ -			if (Count != -1) -				goto parse_error; -			Count = atoi(value); -			if (Count < 0) -				goto parse_error; -			} -		else if (!strcmp(keyword, "Klen")) -			{ -			if (Klen != -1) -				goto parse_error; -			Klen = atoi(value); -			if (Klen < 0) -				goto parse_error; -			} -		else if (!strcmp(keyword, "Tlen")) -			{ -			if (Tlen != -1) -				goto parse_error; -			Tlen = atoi(value); -			if (Tlen < 0) -				goto parse_error; -			} -		else if (!strcmp(keyword, "Msg")) -			{ -			if (Msg) -				goto parse_error; -			Msg = hex2bin_m(value, &Msglen); -			if (!Msg) -				goto parse_error; -			} -		else if (!strcmp(keyword, "Key")) -			{ -			if (Key) -				goto parse_error; -			Key = hex2bin_m(value, &Keylen); -			if (!Key) -				goto parse_error; -			} -		else if (!strcmp(keyword, "Mac")) -			continue; -		else -			goto parse_error; - -		fputs(olinebuf, out); - -		if (Key && Msg && (Tlen > 0) && (Klen > 0)) -			{ -			if (!print_hmac(md, out, Key, Klen, Msg, Msglen, Tlen)) -				goto error; -			OPENSSL_free(Key); -			Key = NULL; -			OPENSSL_free(Msg); -			Msg = NULL; -			Klen = -1; -			Tlen = -1; -			Count = -1; -			} - -		} - - -	ret = 1; - - -	error: - -	if (olinebuf) -		OPENSSL_free(olinebuf); -	if (linebuf) -		OPENSSL_free(linebuf); -	if (Key) -		OPENSSL_free(Key); -	if (Msg) -		OPENSSL_free(Msg); - -	return ret; - -	parse_error: - -	fprintf(stderr, "FATAL parse error processing line %d\n", lnum); - -	goto error; - -	} - -static int print_hmac(const EVP_MD *emd, FILE *out, -		unsigned char *Key, int Klen, -		unsigned char *Msg, int Msglen, int Tlen) -	{ -	int i, mdlen; -	unsigned char md[EVP_MAX_MD_SIZE]; -	if (!HMAC(emd, Key, Klen, Msg, Msglen, md, -						(unsigned int *)&mdlen)) -		{ -		fputs("Error calculating HMAC\n", stderr); -		return 0; -		} -	if (Tlen > mdlen) -		{ -		fputs("Parameter error, Tlen > HMAC length\n", stderr); -		return 0; -		} -	fputs("Mac = ", out); -	for (i = 0; i < Tlen; i++) -		fprintf(out, "%02x", md[i]); -	fputs("\n", out); -	return 1; -	} - -#endif | 
