summaryrefslogtreecommitdiffstats
path: root/fips
diff options
context:
space:
mode:
authorDr. Stephen Henson <steve@openssl.org>2011-11-02 01:57:22 +0100
committerDr. Stephen Henson <steve@openssl.org>2011-11-02 01:57:22 +0100
commit3ec9dceb15bfe2f45215e459454211fdc7a20c29 (patch)
treef64255d894ab0451d9c7ad03bbd64ec5951eb5fc /fips
parentTypo... (diff)
downloadopenssl-3ec9dceb15bfe2f45215e459454211fdc7a20c29.tar.xz
openssl-3ec9dceb15bfe2f45215e459454211fdc7a20c29.zip
Add fips_algvs utility (from FIPS 2.0 stable branch).
Diffstat (limited to 'fips')
-rw-r--r--fips/aes/fips_aesavs.c9
-rw-r--r--fips/aes/fips_gcmtest.c6
-rw-r--r--fips/cmac/fips_cmactest.c4
-rw-r--r--fips/des/fips_desmovs.c52
-rw-r--r--fips/dh/fips_dhvs.c8
-rw-r--r--fips/dsa/fips_dssvs.c6
-rw-r--r--fips/ecdh/fips_ecdhvs.c10
-rw-r--r--fips/ecdsa/fips_ecdsavs.c15
-rw-r--r--fips/fips_test_suite.c14
-rw-r--r--fips/fips_utl.h5
-rw-r--r--fips/hmac/fips_hmactest.c4
-rw-r--r--fips/rand/fips_drbgvs.c12
-rw-r--r--fips/rand/fips_rngvs.c6
-rw-r--r--fips/rsa/fips_rsagtest.c4
-rw-r--r--fips/rsa/fips_rsastest.c4
-rw-r--r--fips/rsa/fips_rsavtest.c10
-rw-r--r--fips/sha/fips_shatest.c4
17 files changed, 120 insertions, 53 deletions
diff --git a/fips/aes/fips_aesavs.c b/fips/aes/fips_aesavs.c
index 84bcbac32a..9a09964221 100644
--- a/fips/aes/fips_aesavs.c
+++ b/fips/aes/fips_aesavs.c
@@ -780,7 +780,7 @@ static int proc_file(char *rqfile, char *rspfile)
if(do_mct(amode, akeysz, aKey, iVec,
dir, (unsigned char*)plaintext, len,
rfp) < 0)
- EXIT(1);
+ err = 1;
}
else
{
@@ -862,7 +862,11 @@ static int proc_file(char *rqfile, char *rspfile)
aes_test -d xxxxx.xxx
The default is: -d req.txt
--------------------------------------------------*/
+#ifdef FIPS_ALGVS
+int fips_aesavs_main(int argc, char **argv)
+#else
int main(int argc, char **argv)
+#endif
{
char *rqlist = "req.txt", *rspfile = NULL;
FILE *fp = NULL;
@@ -915,7 +919,7 @@ int main(int argc, char **argv)
if (proc_file(rfn, rspfile))
{
printf(">>> Processing failed for: %s <<<\n", rfn);
- EXIT(1);
+ return 1;
}
}
fclose(fp);
@@ -929,7 +933,6 @@ int main(int argc, char **argv)
printf(">>> Processing failed for: %s <<<\n", fn);
}
}
- EXIT(0);
return 0;
}
diff --git a/fips/aes/fips_gcmtest.c b/fips/aes/fips_gcmtest.c
index 3839de8f8a..a7c787368a 100644
--- a/fips/aes/fips_gcmtest.c
+++ b/fips/aes/fips_gcmtest.c
@@ -496,7 +496,11 @@ static void ccmtest(FILE *in, FILE *out)
FIPS_cipher_ctx_cleanup(&ctx);
}
-int main(int argc,char **argv)
+#ifdef FIPS_ALGVS
+int fips_gcmtest_main(int argc, char **argv)
+#else
+int main(int argc, char **argv)
+#endif
{
int encrypt;
int xts = 0, ccm = 0;
diff --git a/fips/cmac/fips_cmactest.c b/fips/cmac/fips_cmactest.c
index 6d799f2d5f..2c8c7664e9 100644
--- a/fips/cmac/fips_cmactest.c
+++ b/fips/cmac/fips_cmactest.c
@@ -92,7 +92,11 @@ static int print_cmac_ver(const EVP_CIPHER *cipher, FILE *out,
unsigned char *Mac, int Maclen,
int Tlen);
+#ifdef FIPS_ALGVS
+int fips_cmactest_main(int argc, char **argv)
+#else
int main(int argc, char **argv)
+#endif
{
FILE *in = NULL, *out = NULL;
int mode = 0; /* 0 => Generate, 1 => Verify */
diff --git a/fips/des/fips_desmovs.c b/fips/des/fips_desmovs.c
index e8766561ce..29035f08c7 100644
--- a/fips/des/fips_desmovs.c
+++ b/fips/des/fips_desmovs.c
@@ -102,7 +102,7 @@ static int DESTest(EVP_CIPHER_CTX *ctx,
if (akeysz != 192)
{
printf("Invalid key size: %d\n", akeysz);
- EXIT(1);
+ return 0;
}
if (fips_strcasecmp(amode, "CBC") == 0)
@@ -120,7 +120,7 @@ static int DESTest(EVP_CIPHER_CTX *ctx,
else
{
printf("Unknown mode: %s\n", amode);
- EXIT(1);
+ return 0;
}
if (FIPS_cipherinit(ctx, cipher, aKey, iVec, dir) <= 0)
@@ -155,12 +155,12 @@ static void shiftin(unsigned char *dst,unsigned char *src,int nbits)
}
/*-----------------------------------------------*/
-char *t_tag[2] = {"PLAINTEXT", "CIPHERTEXT"};
-char *t_mode[6] = {"CBC","ECB","OFB","CFB1","CFB8","CFB64"};
-enum Mode {CBC, ECB, OFB, CFB1, CFB8, CFB64};
+char *tdes_t_tag[2] = {"PLAINTEXT", "CIPHERTEXT"};
+char *tdes_t_mode[6] = {"CBC","ECB","OFB","CFB1","CFB8","CFB64"};
+enum tdes_Mode {TCBC, TECB, TOFB, TCFB1, TCFB8, TCFB64};
int Sizes[6]={64,64,64,1,8,64};
-static void do_mct(char *amode,
+static int do_tmct(char *amode,
int akeysz, int numkeys, unsigned char *akey,unsigned char *ivec,
int dir, unsigned char *text, int len,
FILE *rfp)
@@ -170,12 +170,12 @@ static void do_mct(char *amode,
unsigned char text0[8];
for (imode=0 ; imode < 6 ; ++imode)
- if(!strcmp(amode,t_mode[imode]))
+ if(!strcmp(amode,tdes_t_mode[imode]))
break;
if (imode == 6)
{
printf("Unrecognized mode: %s\n", amode);
- EXIT(1);
+ return 0;
}
for(i=0 ; i < 400 ; ++i)
{
@@ -196,12 +196,12 @@ static void do_mct(char *amode,
OutputValue("",akey+n*8,8,rfp,0);
}
- if(imode != ECB)
+ if(imode != TECB)
OutputValue("IV",ivec,8,rfp,0);
- OutputValue(t_tag[dir^1],text,len,rfp,imode == CFB1);
+ OutputValue(tdes_t_tag[dir^1],text,len,rfp,imode == TCFB1);
#if 0
/* compensate for endianness */
- if(imode == CFB1)
+ if(imode == TCFB1)
text[0]<<=7;
#endif
memcpy(text0,text,8);
@@ -223,18 +223,18 @@ static void do_mct(char *amode,
}
if(j == 9999)
{
- OutputValue(t_tag[dir],text,len,rfp,imode == CFB1);
+ OutputValue(tdes_t_tag[dir],text,len,rfp,imode == TCFB1);
/* memcpy(ivec,text,8); */
}
/* DebugValue("iv",ctx.iv,8); */
/* accumulate material for the next key */
shiftin(nk,text,Sizes[imode]);
/* DebugValue("nk",nk,24);*/
- if((dir && (imode == CFB1 || imode == CFB8 || imode == CFB64
- || imode == CBC)) || imode == OFB)
+ if((dir && (imode == TCFB1 || imode == TCFB8
+ || imode == TCFB64 || imode == TCBC)) || imode == TOFB)
memcpy(text,old_iv,8);
- if(!dir && (imode == CFB1 || imode == CFB8 || imode == CFB64))
+ if(!dir && (imode == TCFB1 || imode == TCFB8 || imode == TCFB64))
{
/* the test specifies using the output of the raw DES operation
which we don't have, so reconstruct it... */
@@ -260,13 +260,14 @@ static void do_mct(char *amode,
/* pointless exercise - the final text doesn't depend on the
initial text in OFB mode, so who cares what it is? (Who
designed these tests?) */
- if(imode == OFB)
+ if(imode == TOFB)
for(n=0 ; n < 8 ; ++n)
text[n]=text0[n]^old_iv[n];
}
+ return 1;
}
-static int proc_file(char *rqfile, char *rspfile)
+static int tproc_file(char *rqfile, char *rspfile)
{
char afn[256], rfn[256];
FILE *afp = NULL, *rfp = NULL;
@@ -546,7 +547,9 @@ static int proc_file(char *rqfile, char *rspfile)
PrintValue("PLAINTEXT", (unsigned char*)plaintext, len);
if (strcmp(atest, "Monte") == 0) /* Monte Carlo Test */
{
- do_mct(amode,akeysz,numkeys,aKey,iVec,dir,plaintext,len,rfp);
+ if (!do_tmct(amode,akeysz,numkeys,aKey,iVec,
+ dir,plaintext,len,rfp))
+ return -1;
}
else
{
@@ -585,7 +588,7 @@ static int proc_file(char *rqfile, char *rspfile)
PrintValue("CIPHERTEXT", ciphertext, len);
if (strcmp(atest, "Monte") == 0) /* Monte Carlo Test */
{
- do_mct(amode, akeysz, numkeys, aKey, iVec,
+ do_tmct(amode, akeysz, numkeys, aKey, iVec,
dir, ciphertext, len, rfp);
}
else
@@ -631,7 +634,11 @@ static int proc_file(char *rqfile, char *rspfile)
aes_test -d xxxxx.xxx
The default is: -d req.txt
--------------------------------------------------*/
+#ifdef FIPS_ALGVS
+int fips_desmovs_main(int argc, char **argv)
+#else
int main(int argc, char **argv)
+#endif
{
char *rqlist = "req.txt", *rspfile = NULL;
FILE *fp = NULL;
@@ -680,10 +687,10 @@ int main(int argc, char **argv)
strtok(fn, "\r\n");
strcpy(rfn, fn);
printf("Processing: %s\n", rfn);
- if (proc_file(rfn, rspfile))
+ if (tproc_file(rfn, rspfile))
{
printf(">>> Processing failed for: %s <<<\n", rfn);
- EXIT(1);
+ return -1;
}
}
fclose(fp);
@@ -692,12 +699,11 @@ int main(int argc, char **argv)
{
if (VERBOSE)
printf("Processing: %s\n", fn);
- if (proc_file(fn, rspfile))
+ if (tproc_file(fn, rspfile))
{
printf(">>> Processing failed for: %s <<<\n", fn);
}
}
- EXIT(0);
return 0;
}
diff --git a/fips/dh/fips_dhvs.c b/fips/dh/fips_dhvs.c
index ad760c8aaa..3ba1977862 100644
--- a/fips/dh/fips_dhvs.c
+++ b/fips/dh/fips_dhvs.c
@@ -145,8 +145,12 @@ static void output_Zhash(FILE *out, int exout,
OPENSSL_cleanse(Z, Zlen);
OPENSSL_free(Z);
}
-
-int main(int argc,char **argv)
+
+#ifdef FIPS_ALGVS
+int fips_dhvs_main(int argc, char **argv)
+#else
+int main(int argc, char **argv)
+#endif
{
char **args = argv + 1;
int argn = argc - 1;
diff --git a/fips/dsa/fips_dssvs.c b/fips/dsa/fips_dssvs.c
index 45bca7c155..706babf050 100644
--- a/fips/dsa/fips_dssvs.c
+++ b/fips/dsa/fips_dssvs.c
@@ -717,7 +717,11 @@ static void sigver(FILE *in, FILE *out)
}
}
-int main(int argc,char **argv)
+#ifdef FIPS_ALGVS
+int fips_dssvs_main(int argc, char **argv)
+#else
+int main(int argc, char **argv)
+#endif
{
FILE *in, *out;
if (argc == 4)
diff --git a/fips/ecdh/fips_ecdhvs.c b/fips/ecdh/fips_ecdhvs.c
index 72ebe815dd..821821a96d 100644
--- a/fips/ecdh/fips_ecdhvs.c
+++ b/fips/ecdh/fips_ecdhvs.c
@@ -76,7 +76,7 @@ int main(int argc, char **argv)
#include "fips_utl.h"
-static const EVP_MD *parse_md(char *line)
+static const EVP_MD *eparse_md(char *line)
{
char *p;
if (line[0] != '[' || line[1] != 'E')
@@ -301,7 +301,11 @@ static void ec_output_Zhash(FILE *out, int exout, EC_GROUP *group,
EC_POINT_free(peerkey);
}
-int main(int argc,char **argv)
+#ifdef FIPS_ALGVS
+int fips_ecdhvs_main(int argc, char **argv)
+#else
+int main(int argc, char **argv)
+#endif
{
char **args = argv + 1;
int argn = argc - 1;
@@ -412,7 +416,7 @@ int main(int argc,char **argv)
if (strlen(buf) > 6 && !strncmp(buf, "[E", 2))
{
- md = parse_md(buf);
+ md = eparse_md(buf);
if (md == NULL)
goto parse_error;
continue;
diff --git a/fips/ecdsa/fips_ecdsavs.c b/fips/ecdsa/fips_ecdsavs.c
index 898951a2c8..50b1b7ca5d 100644
--- a/fips/ecdsa/fips_ecdsavs.c
+++ b/fips/ecdsa/fips_ecdsavs.c
@@ -75,7 +75,7 @@ int main(int argc, char **argv)
#include <openssl/objects.h>
-static int lookup_curve(char *in, char *curve_name, const EVP_MD **pmd)
+static int elookup_curve(char *in, char *curve_name, const EVP_MD **pmd)
{
char *cname, *p;
/* Copy buffer as we will change it */
@@ -200,7 +200,7 @@ static int KeyPair(FILE *in, FILE *out)
if (*buf == '[' && buf[2] == '-')
{
if (buf[2] == '-')
- curve_nid = lookup_curve(buf, lbuf, NULL);
+ curve_nid = elookup_curve(buf, lbuf, NULL);
fputs(buf, out);
continue;
}
@@ -260,7 +260,7 @@ static int PKV(FILE *in, FILE *out)
fputs(buf, out);
if (*buf == '[' && buf[2] == '-')
{
- curve_nid = lookup_curve(buf, lbuf, NULL);
+ curve_nid = elookup_curve(buf, lbuf, NULL);
if (curve_nid == NID_undef)
return 0;
@@ -314,7 +314,7 @@ static int SigGen(FILE *in, FILE *out)
fputs(buf, out);
if (*buf == '[')
{
- curve_nid = lookup_curve(buf, lbuf, &digest);
+ curve_nid = elookup_curve(buf, lbuf, &digest);
if (curve_nid == NID_undef)
return 0;
}
@@ -390,7 +390,7 @@ static int SigVer(FILE *in, FILE *out)
fputs(buf, out);
if (*buf == '[')
{
- curve_nid = lookup_curve(buf, lbuf, &digest);
+ curve_nid = elookup_curve(buf, lbuf, &digest);
if (curve_nid == NID_undef)
return 0;
}
@@ -459,8 +459,11 @@ static int SigVer(FILE *in, FILE *out)
}
return 1;
}
-
+#ifdef FIPS_ALGVS
+int fips_ecdsavs_main(int argc, char **argv)
+#else
int main(int argc, char **argv)
+#endif
{
FILE *in = NULL, *out = NULL;
const char *cmd = argv[1];
diff --git a/fips/fips_test_suite.c b/fips/fips_test_suite.c
index b7aea4e9cd..1344b1108d 100644
--- a/fips/fips_test_suite.c
+++ b/fips/fips_test_suite.c
@@ -995,7 +995,11 @@ static int post_cb(int op, int id, int subid, void *ex)
return 1;
}
-int main(int argc,char **argv)
+#ifdef FIPS_ALGVS
+int fips_test_suite_main(int argc, char **argv)
+#else
+int main(int argc, char **argv)
+#endif
{
int bad_rsa = 0, bad_dsa = 0;
int do_rng_stick = 0;
@@ -1088,16 +1092,16 @@ int main(int argc,char **argv)
pass = "";
} else {
printf("Bad argument \"%s\"\n", argv[1]);
- exit(1);
+ return 1;
}
if (!no_exit) {
fips_algtest_init_nofips();
if (!FIPS_module_mode_set(1, pass)) {
printf("Power-up self test failed\n");
- exit(1);
+ return 1;
}
printf("Power-up self test successful\n");
- exit(0);
+ return 0;
}
}
@@ -1116,7 +1120,7 @@ int main(int argc,char **argv)
ERR_clear_error();
test_msg("2. Automatic power-up self test", FIPS_module_mode_set(1, pass));
if (!FIPS_module_mode())
- exit(1);
+ return 1;
if (do_drbg_stick)
FIPS_drbg_stick();
if (do_rng_stick)
diff --git a/fips/fips_utl.h b/fips/fips_utl.h
index 1ed133c5c9..491bc2ace9 100644
--- a/fips/fips_utl.h
+++ b/fips/fips_utl.h
@@ -47,6 +47,9 @@
*
*/
+#ifndef FIPS_UTL_H
+#define FIPS_UTL_H
+
#define OPENSSL_FIPSAPI
#include <openssl/fips_rand.h>
@@ -487,3 +490,5 @@ int fips_strcasecmp(const char *str1, const char *str2)
return fips_strncasecmp(str1, str2, (size_t)-1);
}
+
+#endif
diff --git a/fips/hmac/fips_hmactest.c b/fips/hmac/fips_hmactest.c
index 07c18bfdfa..da9c8d7926 100644
--- a/fips/hmac/fips_hmactest.c
+++ b/fips/hmac/fips_hmactest.c
@@ -85,7 +85,11 @@ static int print_hmac(const EVP_MD *md, FILE *out,
unsigned char *Key, int Klen,
unsigned char *Msg, int Msglen, int Tlen);
+#ifdef FIPS_ALGVS
+int fips_hmactest_main(int argc, char **argv)
+#else
int main(int argc, char **argv)
+#endif
{
FILE *in = NULL, *out = NULL;
diff --git a/fips/rand/fips_drbgvs.c b/fips/rand/fips_drbgvs.c
index 4d3f0cfee0..bcdfa6dac3 100644
--- a/fips/rand/fips_drbgvs.c
+++ b/fips/rand/fips_drbgvs.c
@@ -76,7 +76,7 @@ int main(int argc, char **argv)
#include "fips_utl.h"
-static int parse_md(char *str)
+static int dparse_md(char *str)
{
switch(atoi(str + 5))
{
@@ -115,7 +115,7 @@ static int parse_ec(char *str)
curve_nid = NID_secp521r1;
else
return NID_undef;
- md_nid = parse_md(md);
+ md_nid = dparse_md(md);
if (md_nid == NID_undef)
return NID_undef;
return (curve_nid << 16) | md_nid;
@@ -170,9 +170,11 @@ static size_t test_nonce(DRBG_CTX *dctx, unsigned char **pout,
return t->noncelen;
}
-
-
+#ifdef FIPS_ALGVS
+int fips_drbgvs_main(int argc,char **argv)
+#else
int main(int argc,char **argv)
+#endif
{
FILE *in, *out;
DRBG_CTX *dctx = NULL;
@@ -240,7 +242,7 @@ int main(int argc,char **argv)
}
if (strlen(buf) > 4 && !strncmp(buf, "[SHA-", 5))
{
- nid = parse_md(buf);
+ nid = dparse_md(buf);
if (nid == NID_undef)
exit(1);
if (drbg_type == DRBG_HMAC)
diff --git a/fips/rand/fips_rngvs.c b/fips/rand/fips_rngvs.c
index ac0a526573..9e1f070602 100644
--- a/fips/rand/fips_rngvs.c
+++ b/fips/rand/fips_rngvs.c
@@ -198,7 +198,11 @@ static void mct(FILE *in, FILE *out)
}
}
-int main(int argc,char **argv)
+#ifdef FIPS_ALGVS
+int fips_rngvs_main(int argc, char **argv)
+#else
+int main(int argc, char **argv)
+#endif
{
FILE *in, *out;
if (argc == 4)
diff --git a/fips/rsa/fips_rsagtest.c b/fips/rsa/fips_rsagtest.c
index 78b4531398..8342f615fb 100644
--- a/fips/rsa/fips_rsagtest.c
+++ b/fips/rsa/fips_rsagtest.c
@@ -88,7 +88,11 @@ static int rsa_printkey1(FILE *out, RSA *rsa,
static int rsa_printkey2(FILE *out, RSA *rsa,
BIGNUM *Xq1, BIGNUM *Xq2, BIGNUM *Xq);
+#ifdef FIPS_ALGVS
+int fips_rsagtest_main(int argc, char **argv)
+#else
int main(int argc, char **argv)
+#endif
{
FILE *in = NULL, *out = NULL;
diff --git a/fips/rsa/fips_rsastest.c b/fips/rsa/fips_rsastest.c
index e0dbe2a0d7..d11b06316b 100644
--- a/fips/rsa/fips_rsastest.c
+++ b/fips/rsa/fips_rsastest.c
@@ -85,7 +85,11 @@ static int rsa_stest(FILE *out, FILE *in, int Saltlen);
static int rsa_printsig(FILE *out, RSA *rsa, const EVP_MD *dgst,
unsigned char *Msg, long Msglen, int Saltlen);
+#ifdef FIPS_ALGVS
+int fips_rsastest_main(int argc, char **argv)
+#else
int main(int argc, char **argv)
+#endif
{
FILE *in = NULL, *out = NULL;
diff --git a/fips/rsa/fips_rsavtest.c b/fips/rsa/fips_rsavtest.c
index df33842691..7685c74ef0 100644
--- a/fips/rsa/fips_rsavtest.c
+++ b/fips/rsa/fips_rsavtest.c
@@ -82,14 +82,18 @@ int main(int argc, char *argv[])
#include "fips_utl.h"
-int rsa_test(FILE *out, FILE *in, int saltlen);
+int rsa_vtest(FILE *out, FILE *in, int saltlen);
static int rsa_printver(FILE *out,
BIGNUM *n, BIGNUM *e,
const EVP_MD *dgst,
unsigned char *Msg, long Msglen,
unsigned char *S, long Slen, int Saltlen);
+#ifdef FIPS_ALGVS
+int fips_rsavtest_main(int argc, char **argv)
+#else
int main(int argc, char **argv)
+#endif
{
FILE *in = NULL, *out = NULL;
@@ -138,7 +142,7 @@ int main(int argc, char **argv)
goto end;
}
- if (!rsa_test(out, in, Saltlen))
+ if (!rsa_vtest(out, in, Saltlen))
{
fprintf(stderr, "FATAL RSAVTEST file processing error\n");
goto end;
@@ -159,7 +163,7 @@ int main(int argc, char **argv)
#define RSA_TEST_MAXLINELEN 10240
-int rsa_test(FILE *out, FILE *in, int Saltlen)
+int rsa_vtest(FILE *out, FILE *in, int Saltlen)
{
char *linebuf, *olinebuf, *p, *q;
char *keyword, *value;
diff --git a/fips/sha/fips_shatest.c b/fips/sha/fips_shatest.c
index c14df16601..3954777a64 100644
--- a/fips/sha/fips_shatest.c
+++ b/fips/sha/fips_shatest.c
@@ -86,7 +86,11 @@ static int print_dgst(const EVP_MD *md, FILE *out,
static int print_monte(const EVP_MD *md, FILE *out,
unsigned char *Seed, int SeedLen);
+#ifdef FIPS_ALGVS
+int fips_shatest_main(int argc, char **argv)
+#else
int main(int argc, char **argv)
+#endif
{
FILE *in = NULL, *out = NULL;