mirror of
https://github.com/openssl/openssl.git
synced 2025-01-27 04:14:10 +08:00
Remove several of the old obsolete FIPS_corrupt_*() functions.
This commit is contained in:
Dr. Stephen Henson
parent
ac892b7aa6
commit
a6311f856b
@ -71,13 +71,6 @@
|
||||
#include <openssl/fips.h>
|
||||
#include <openssl/evp.h>
|
||||
|
||||
static int fips_dsa_pairwise_fail = 0;
|
||||
|
||||
void FIPS_corrupt_dsa_keygen(void)
|
||||
{
|
||||
fips_dsa_pairwise_fail = 1;
|
||||
}
|
||||
|
||||
static int fips_check_dsa(DSA *dsa)
|
||||
{
|
||||
EVP_PKEY pk;
|
||||
@ -159,8 +152,6 @@ static int dsa_builtin_keygen(DSA *dsa)
|
||||
dsa->priv_key=priv_key;
|
||||
dsa->pub_key=pub_key;
|
||||
#ifdef OPENSSL_FIPS
|
||||
if (fips_dsa_pairwise_fail)
|
||||
BN_add_word(dsa->pub_key, 1);
|
||||
if(!fips_check_dsa(dsa))
|
||||
{
|
||||
dsa->pub_key = NULL;
|
||||
|
||||
@ -236,13 +236,6 @@ int EC_KEY_up_ref(EC_KEY *r)
|
||||
|
||||
#include <openssl/evp.h>
|
||||
|
||||
static int fips_ec_pairwise_fail = 0;
|
||||
|
||||
void FIPS_corrupt_ec_keygen(void)
|
||||
{
|
||||
fips_ec_pairwise_fail = 1;
|
||||
}
|
||||
|
||||
static int fips_check_ec(EC_KEY *key)
|
||||
{
|
||||
EVP_PKEY pk;
|
||||
@ -311,8 +304,6 @@ int EC_KEY_generate_key(EC_KEY *eckey)
|
||||
eckey->pub_key = pub_key;
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
if (fips_ec_pairwise_fail)
|
||||
BN_add_word(eckey->priv_key, 1);
|
||||
if(!fips_check_ec(eckey))
|
||||
{
|
||||
eckey->priv_key = NULL;
|
||||
|
||||
@ -76,13 +76,6 @@
|
||||
#include <openssl/fips.h>
|
||||
#include <openssl/evp.h>
|
||||
|
||||
static int fips_rsa_pairwise_fail = 0;
|
||||
|
||||
void FIPS_corrupt_rsa_keygen(void)
|
||||
{
|
||||
fips_rsa_pairwise_fail = 1;
|
||||
}
|
||||
|
||||
int fips_check_rsa(RSA *rsa)
|
||||
{
|
||||
const unsigned char tbs[] = "RSA Pairwise Check Data";
|
||||
@ -290,9 +283,6 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
|
||||
if (!BN_mod_inverse(rsa->iqmp,rsa->q,p,ctx)) goto err;
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
if (fips_rsa_pairwise_fail)
|
||||
BN_add_word(rsa->n, 1);
|
||||
|
||||
if(!fips_check_rsa(rsa))
|
||||
goto err;
|
||||
#endif
|
||||
|
||||
@ -57,9 +57,9 @@
|
||||
#ifdef OPENSSL_FIPS
|
||||
static struct
|
||||
{
|
||||
unsigned char key[16];
|
||||
unsigned char plaintext[16];
|
||||
unsigned char ciphertext[16];
|
||||
const unsigned char key[16];
|
||||
const unsigned char plaintext[16];
|
||||
const unsigned char ciphertext[16];
|
||||
} tests[]=
|
||||
{
|
||||
{
|
||||
@ -72,11 +72,6 @@ static struct
|
||||
},
|
||||
};
|
||||
|
||||
void FIPS_corrupt_aes()
|
||||
{
|
||||
tests[0].key[0]++;
|
||||
}
|
||||
|
||||
int FIPS_selftest_aes()
|
||||
{
|
||||
int n;
|
||||
|
||||
@ -59,30 +59,9 @@
|
||||
|
||||
static struct
|
||||
{
|
||||
unsigned char key[16];
|
||||
unsigned char plaintext[8];
|
||||
unsigned char ciphertext[8];
|
||||
} tests2[]=
|
||||
{
|
||||
{
|
||||
{ 0x7c,0x4f,0x6e,0xf7,0xa2,0x04,0x16,0xec,
|
||||
0x0b,0x6b,0x7c,0x9e,0x5e,0x19,0xa7,0xc4 },
|
||||
{ 0x06,0xa7,0xd8,0x79,0xaa,0xce,0x69,0xef },
|
||||
{ 0x4c,0x11,0x17,0x55,0xbf,0xc4,0x4e,0xfd }
|
||||
},
|
||||
{
|
||||
{ 0x5d,0x9e,0x01,0xd3,0x25,0xc7,0x3e,0x34,
|
||||
0x01,0x16,0x7c,0x85,0x23,0xdf,0xe0,0x68 },
|
||||
{ 0x9c,0x50,0x09,0x0f,0x5e,0x7d,0x69,0x7e },
|
||||
{ 0xd2,0x0b,0x18,0xdf,0xd9,0x0d,0x9e,0xff },
|
||||
}
|
||||
};
|
||||
|
||||
static struct
|
||||
{
|
||||
unsigned char key[24];
|
||||
unsigned char plaintext[8];
|
||||
unsigned char ciphertext[8];
|
||||
const unsigned char key[24];
|
||||
const unsigned char plaintext[8];
|
||||
const unsigned char ciphertext[8];
|
||||
} tests3[]=
|
||||
{
|
||||
{
|
||||
@ -101,11 +80,6 @@ static struct
|
||||
},
|
||||
};
|
||||
|
||||
void FIPS_corrupt_des()
|
||||
{
|
||||
tests2[0].plaintext[0]++;
|
||||
}
|
||||
|
||||
int FIPS_selftest_des()
|
||||
{
|
||||
int n, ret = 0;
|
||||
|
||||
@ -84,7 +84,7 @@ static const unsigned char dsa_test_2048_p[] = {
|
||||
0x2c,0x8d,0x74,0x69,0xdb,0x02,0xe2,0x4d,0x59,0x23,0x94,0xa7,
|
||||
0xdb,0xa0,0x69,0xe9
|
||||
};
|
||||
static unsigned char dsa_test_2048_q[] = {
|
||||
static const unsigned char dsa_test_2048_q[] = {
|
||||
0xd2,0x77,0x04,0x4e,0x50,0xf5,0xa4,0xe3,0xf5,0x10,0xa5,0x0a,
|
||||
0x0b,0x84,0xfd,0xff,0xbc,0xa0,0x47,0xed,0x27,0x60,0x20,0x56,
|
||||
0x74,0x41,0xa0,0xa5
|
||||
@ -144,11 +144,6 @@ static const unsigned char dsa_test_2048_priv_key[] = {
|
||||
0xec,0x55,0xf6,0xcc
|
||||
};
|
||||
|
||||
void FIPS_corrupt_dsa()
|
||||
{
|
||||
++dsa_test_2048_q[0];
|
||||
}
|
||||
|
||||
int FIPS_selftest_dsa()
|
||||
{
|
||||
DSA *dsa=NULL;
|
||||
|
||||
@ -67,7 +67,7 @@
|
||||
|
||||
static const char P_384_name[] = "ECDSA P-384";
|
||||
|
||||
static unsigned char P_384_d[] = {
|
||||
static const unsigned char P_384_d[] = {
|
||||
0x1d,0x84,0x42,0xde,0xa2,0x35,0x29,0xbd,0x9f,0xe2,0x6e,0x6d,
|
||||
0x01,0x26,0x30,0x79,0x33,0x57,0x01,0xf3,0x97,0x88,0x41,0xb3,
|
||||
0x82,0x07,0x08,0x5e,0x63,0x8e,0x1a,0xa6,0x9b,0x08,0xb6,0xe2,
|
||||
@ -86,11 +86,6 @@ static const unsigned char P_384_qy[] = {
|
||||
0xfc,0x03,0xe5,0x12,0x50,0x17,0x98,0x7f,0x14,0x7e,0x95,0x17
|
||||
};
|
||||
|
||||
void FIPS_corrupt_ecdsa()
|
||||
{
|
||||
P_384_d[0]++;
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_NO_EC2M
|
||||
|
||||
static const char K_409_name[] = "ECDSA K-409";
|
||||
|
||||
@ -72,23 +72,14 @@ const void *FIPS_rand_check(void);
|
||||
int FIPS_selftest(void);
|
||||
int FIPS_selftest_failed(void);
|
||||
void FIPS_selftest_check(void);
|
||||
void FIPS_corrupt_sha1(void);
|
||||
int FIPS_selftest_sha1(void);
|
||||
void FIPS_corrupt_aes(void);
|
||||
int FIPS_selftest_aes_gcm(void);
|
||||
void FIPS_corrupt_aes_gcm(void);
|
||||
int FIPS_selftest_aes(void);
|
||||
void FIPS_corrupt_des(void);
|
||||
int FIPS_selftest_des(void);
|
||||
void FIPS_corrupt_rsa(void);
|
||||
void FIPS_corrupt_rsa_keygen(void);
|
||||
int FIPS_selftest_rsa(void);
|
||||
void FIPS_corrupt_dsa(void);
|
||||
void FIPS_corrupt_dsa_keygen(void);
|
||||
int FIPS_selftest_dsa(void);
|
||||
int FIPS_selftest_ecdsa(void);
|
||||
void FIPS_corrupt_ecdsa(void);
|
||||
void FIPS_corrupt_ec_keygen(void);
|
||||
void FIPS_corrupt_x931(void);
|
||||
void FIPS_corrupt_drbg(void);
|
||||
void FIPS_x931_stick(void);
|
||||
|
||||
@ -826,8 +826,6 @@ static int post_cb(int op, int id, int subid, void *ex)
|
||||
|
||||
int main(int argc,char **argv)
|
||||
{
|
||||
|
||||
int do_corrupt_rsa_keygen = 0, do_corrupt_dsa_keygen = 0;
|
||||
int bad_rsa = 0, bad_dsa = 0;
|
||||
int do_rng_stick = 0;
|
||||
int do_drbg_stick = 0;
|
||||
@ -917,10 +915,6 @@ int main(int argc,char **argv)
|
||||
test_msg("2. Automatic power-up self test", FIPS_mode_set(1));
|
||||
if (!FIPS_mode())
|
||||
exit(1);
|
||||
if (do_corrupt_dsa_keygen)
|
||||
FIPS_corrupt_dsa_keygen();
|
||||
if (do_corrupt_rsa_keygen)
|
||||
FIPS_corrupt_rsa_keygen();
|
||||
if (do_drbg_stick)
|
||||
FIPS_drbg_stick();
|
||||
if (do_rng_stick)
|
||||
|
||||
@ -61,7 +61,7 @@
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
|
||||
static unsigned char rsa_test_2048_n[] = {
|
||||
static const unsigned char rsa_test_2048_n[] = {
|
||||
0xDB,0x10,0x1A,0xC2,0xA3,0xF1,0xDC,0xFF,0x13,0x6B,0xED,0x44,
|
||||
0xDF,0xF0,0x02,0x6D,0x13,0xC7,0x88,0xDA,0x70,0x6B,0x54,0xF1,
|
||||
0xE8,0x27,0xDC,0xC3,0x0F,0x99,0x6A,0xFA,0xC6,0x67,0xFF,0x1D,
|
||||
@ -193,11 +193,6 @@ static int setrsakey(RSA *k)
|
||||
return 0;
|
||||
}
|
||||
|
||||
void FIPS_corrupt_rsa()
|
||||
{
|
||||
rsa_test_2048_n[0]++;
|
||||
}
|
||||
|
||||
/* Known Answer Test (KAT) data for the above RSA private key signing
|
||||
* kat_tbs.
|
||||
*/
|
||||
|
||||
@ -56,7 +56,7 @@
|
||||
#include <openssl/sha.h>
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
static unsigned char test[][60]=
|
||||
static const unsigned char test[][60]=
|
||||
{
|
||||
"",
|
||||
"abc",
|
||||
@ -73,11 +73,6 @@ static const unsigned char ret[][SHA_DIGEST_LENGTH]=
|
||||
0x4a,0xa1,0xf9,0x51,0x29,0xe5,0xe5,0x46,0x70,0xf1 },
|
||||
};
|
||||
|
||||
void FIPS_corrupt_sha1()
|
||||
{
|
||||
test[2][0]++;
|
||||
}
|
||||
|
||||
int FIPS_selftest_sha1()
|
||||
{
|
||||
int rv = 1;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user