Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
libgcrypt.20076
libgcrypt-fips_KAT_keygen_test.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libgcrypt-fips_KAT_keygen_test.patch of Package libgcrypt.20076
Index: libgcrypt-1.6.1/Makefile.am =================================================================== --- libgcrypt-1.6.1.orig/Makefile.am 2015-02-02 17:15:29.429281092 +0100 +++ libgcrypt-1.6.1/Makefile.am 2015-02-02 17:18:07.098674810 +0100 @@ -36,11 +36,14 @@ EXTRA_DIST = autogen.sh autogen.rc READM DISTCLEANFILES = -bin_PROGRAMS = fipsdrv drbg_test +bin_PROGRAMS = fipsdrv drbg_test gcrypt_rsagtest fipsdrv_SOURCES = tests/fipsdrv.c fipsdrv_LDADD = src/libgcrypt.la $(DL_LIBS) $(GPG_ERROR_LIBS) +gcrypt_rsagtest_SOURCES = tests/gcrypt_rsagtest.c +gcrypt_rsagtest_LDADD = src/libgcrypt.la $(DL_LIBS) + drbg_test_CPPFLAGS = -I../src -I$(top_srcdir)/src drbg_test_SOURCES = src/gcrypt.h tests/drbg_test.c drbg_test_LDADD = src/libgcrypt.la $(DL_LIBS) $(GPG_ERROR_LIBS) Index: libgcrypt-1.6.1/tests/gcrypt_rsagtest.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ libgcrypt-1.6.1/tests/gcrypt_rsagtest.c 2015-02-02 17:15:29.458281349 +0100 @@ -0,0 +1,332 @@ +/* fips_rsagtest.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL + * project 2005. + */ +/* ==================================================================== + * Copyright (c) 2005,2007 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +#include <stdio.h> +#include <ctype.h> +#include <string.h> +#include <stdlib.h> +#include <unistd.h> + +int rsa_PrimeKAT(FILE *out, FILE *in); + +int main(int argc, char **argv) + { + FILE *in = NULL, *out = NULL; + const char *cmd = argv[1]; + + int ret = 1; + + if (!cmd) + { + fprintf(stderr, "gcrypt_rsagtest [KeyGen|PrimeKAT|PrimeGen]\n"); + goto end; + } + + if (argc == 2) + in = stdin; + else + in = fopen(argv[2], "r"); + + if (argc <= 3) + out = stdout; + else + out = fopen(argv[3], "w"); + + if (!in) + { + fprintf(stderr, "FATAL input initialization error\n"); + goto end; + } + + if (!out) + { + fprintf(stderr, "FATAL output initialization error\n"); + goto end; + } + + if (!strcmp(cmd, "PrimeKAT")) + ret = rsa_PrimeKAT(out, in); + else + { + fprintf(stderr, "Unknown command %s\n", cmd); + goto end; + } + + if (!ret) + { + fprintf(stderr, "FATAL RSAGTEST file processing error in %s\n", cmd); + goto end; + } + + end: + + if (in && (in != stdin)) + fclose(in); + if (out && (out != stdout)) + fclose(out); + + return ret; + + } + +#define RSA_TEST_MAXLINELEN 10240 + +int do_prime_test(int mod, char *e, char *prandom, char *qrandom) +{ + char sexp[8192]; + char answer[1024]; + char fipsdrv[] = "/usr/lib/libgcrypt/cavs/fipsdrv"; + int to[2]; + int from[2]; + + if (!qrandom) + { + qrandom = strdup("01"); + } + + int written = snprintf(sexp, 8192, "(genkey(rsa(nbits 4:%d)(test-parms(e #%s#)(p #%s#)(q #%s#))))\0", + mod, e, prandom, qrandom); + + if (pipe(from) || pipe(to)) + { + fprintf(stderr, "Can't create pipe\n"); + return -1; + } + + /* fipsdrv expects the data from its standard input + * and we need to read its stdout, so we need to perform + * some pipe trickery */ + switch(fork()) + { + case -1: + fprintf(stderr, "Can't fork\n"); + return -1; + case 0: /* fipsdrv process */ + close(to[1]); + close(from[0]); + /* set stdin and stdout to the correct pipes */ + dup2(to[0], 0); + dup2(from[1], 1); + execlp(fipsdrv, fipsdrv, "rsa-keygen-kat", (char *)NULL); + default: /* parent collecting output from fipsdrv */ + close(from[1]); + close(to[0]); + /* write the sexp to fipsdrv's input */ + write(to[1], sexp, written); + close(to[1]); + /* read the fipsdrv's result */ + read(from[0], answer, 1024); + close(from[0]); + + return !strcmp(answer, "P\n"); + } +} + + +int rsa_PrimeKAT(FILE *out, FILE *in) + { + char *linebuf, *olinebuf, *p, *q; + char *keyword, *value; + char *prandom = NULL, *qrandom = NULL; + char *e = NULL; + int mod = 0; + int result = 0; + int ret = 0; + int lnum = 0; + + olinebuf = malloc(RSA_TEST_MAXLINELEN); + linebuf = malloc(RSA_TEST_MAXLINELEN); + + if (!linebuf || !olinebuf) + goto error; + + while (fgets(olinebuf, RSA_TEST_MAXLINELEN, in)) + { + /* Test tool emits a 0xff at the end of the file */ + if (((unsigned char*)olinebuf)[0] == 0xff) + break; + lnum++; + strcpy(linebuf, olinebuf); + keyword = linebuf; + /* Skip leading space */ + while (isspace((unsigned char)*keyword)) + keyword++; + + /* Look for = sign */ + p = strchr(linebuf, '='); + + /* If no =, just copy */ + if (!p) + { + fputs(olinebuf, out); + continue; + } + + if (*keyword == '[') + keyword++; + + q = p - 1; + + /* Remove trailing space */ + while (isspace((unsigned char)*q)) + *q-- = 0; + + *p = 0; + value = p + 1; + + /* Remove leading space from value */ + while (isspace((unsigned char)*value)) + value++; + + /* Remove trailing space from value */ + p = value + strlen(value) - 1; + + while (*p == '\n' || isspace((unsigned char)*p)) + *p-- = 0; + /* For [things], remove trailing ] and whitespace */ + if (*linebuf == '[') + { + while (isspace((unsigned char)*p) || *p == ']') + *p-- = 0; + } + + /* collected e, prandom and next thing is not qrandom -> trigger test */ + if (e && prandom && (qrandom || strcmp(keyword, "qrandom"))) + { + result = do_prime_test(mod, e, prandom, qrandom); + free(prandom); + free(qrandom); + free(e); + prandom = NULL; + qrandom = NULL; + e = NULL; + if (result == -1) + goto error; + fprintf(out, "Result = %c\n\n", result ? 'P' : 'F'); + } + + if (!strcmp(keyword, "mod")) + { + mod = atoi(value); + if (!mod) + goto parse_error; + } + else if (!strcmp(keyword, "prandom")) + { + if (prandom || !(prandom = strdup(value))) + goto parse_error; + } + else if (!strcmp(keyword, "qrandom")) + { + if (qrandom || !(qrandom = strdup(value))) + goto parse_error; + } + else if (!strcmp(keyword, "e")) + { + if (!(e = strdup(value))) + goto parse_error; + } + else if (*linebuf == '[') + { + /* just copy */ + } + else + goto parse_error; + + fputs(olinebuf, out); + + } + + /* trigger last test -- the test should be abstracted out into a function */ + if (e && prandom) + { + result = do_prime_test(mod, e, prandom, qrandom); + free(e); + prandom = NULL; + qrandom = NULL; + e = NULL; + if (result == -1) + goto error; + fprintf(out, "Result = %c\n\n", result ? 'P' : 'F'); + } + + ret = 1; + + error: + + if (olinebuf) + free(olinebuf); + if (linebuf) + free(linebuf); + + if (prandom) + free(prandom); + if (qrandom) + free(qrandom); + if (e) + free(e); + + return ret; + + parse_error: + + fprintf(stderr, "FATAL parse error processing line %d\n", lnum); + + goto error; + + }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor