Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:GA
openssl-1_0_0.21954
openssl-fips_cavs_aes_keywrap.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openssl-fips_cavs_aes_keywrap.patch of Package openssl-1_0_0.21954
Index: openssl-1.0.2j/crypto/fips/fips_kwvs.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ openssl-1.0.2j/crypto/fips/fips_kwvs.c 2017-05-12 14:14:26.561672018 +0200 @@ -0,0 +1,137 @@ +/* + * Crude test driver for processing the VST and MCT testvector files + * generated by the CMVP RNGVS product. + * + * Note the input files are assumed to have a _very_ specific format + * as described in the NIST document "The Random Number Generator + * Validation System (RNGVS)", May 25, 2004. + * + */ +#include <openssl/opensslconf.h> + +#include <openssl/bn.h> +#include <openssl/fips.h> +#include <openssl/err.h> +#include <openssl/modes.h> +#include <string.h> +#include <ctype.h> + +#include "fips_utl.h" + +void die(char *mes) +{ + fprintf(stderr, mes); + exit(1); +} + +void process(char *req, char *rsp) +{ + char buf[2048], lbuf[2048]; + unsigned char result[2048]; + unsigned char *K = NULL; + unsigned char *P = NULL; + unsigned char *C = NULL; + unsigned plaintext_len, ciphertext_len; + unsigned key_len; + char *end; + AES_KEY aes_key; + char *keyword, *value; + long l; + int length; + int inverse = 0; + block128_f f; + + FILE *in = fopen(req, "r"); + FILE *out = fopen(rsp, "w"); + + if (!in || !out) { + die("Can't open input or output file\n"); + } + + while(fgets(buf, sizeof(buf), in) != NULL) + { + fputs(buf,out); + + if (!parse_line(&keyword, &value, lbuf, buf)) { + /* might be a header, check if inverse cipher function is requested */ + if(strstr(buf, "inverse")) { + inverse = 1; + } + continue; + } + + if(!strcmp(keyword, "[PLAINTEXT LENGTH")) + { + end = value + strlen(value) - 1; + /* remove trailing ] */ + if (*end == ']') + *end = 0; + plaintext_len = atoi(value) / 8; + ciphertext_len = plaintext_len + 8; + } + /* key */ + else if(!strcmp(keyword, "K")) + { + K = hex2bin_m(value, &l); + key_len = strlen(value) / 2; + } + /* plaintext */ + else if(!strcmp(keyword, "P")) + { + /* Wrap, we have a key and a plaintext */ + P = hex2bin_m(value, &l); + if (inverse) { + if (AES_set_decrypt_key(K, key_len*8, &aes_key)) + die("Can't set AES decrypt key.\n"); + f = (block128_f)AES_decrypt; + } else { + if (AES_set_encrypt_key(K, key_len*8, &aes_key)) + die("Can't set AES encrypt key.\n"); + f = (block128_f)AES_encrypt; + } + length = CRYPTO_128_wrap(&aes_key, NULL, result, P, plaintext_len, f); + if (!length) + die("Wrapping failed.\n"); + OutputValue("C", result, length, out, 0); + } + /* ciphertext */ + else if(!strcmp(keyword, "C")) + { + /* Unwrap, we have a key and a ciphertext */ + C = hex2bin_m(value, &l); + if (inverse) { + if (AES_set_encrypt_key(K, key_len*8, &aes_key)) + die("Can't set AES encrypt key.\n"); + f = (block128_f)AES_encrypt; + } else { + if (AES_set_decrypt_key(K, key_len*8, &aes_key)) + die("Can't set AES decrypt key.\n"); + f = (block128_f)AES_decrypt; + } + length = CRYPTO_128_unwrap(&aes_key, NULL, result, C, ciphertext_len, f); + if (!length) { + fprintf(out, "FAIL" RESP_EOL); + } else { + OutputValue("P", result, length, out, 0); + } + } + } +} + +int main(int argc,char **argv) +{ + if(argc != 3) + { + fprintf(stderr,"%s Req Rsp\n",argv[0]); + exit(1); + } + if(!FIPS_mode_set(1)) + { + do_print_errors(); + exit(1); + } + + process(argv[1], argv[2]); + + return 0; +} Index: openssl-1.0.2j/crypto/fips/Makefile =================================================================== --- openssl-1.0.2j.orig/crypto/fips/Makefile 2017-05-11 16:56:02.495668727 +0200 +++ openssl-1.0.2j/crypto/fips/Makefile 2017-05-11 16:56:02.531669302 +0200 @@ -19,15 +19,15 @@ APPS= PROGRAM= fips_standalone_hmac EXE= $(PROGRAM)$(EXE_EXT) -CAVS_PROGRAMS= fips_aesavs fips_cmactest fips_desmovs fips_dhvs fips_drbgvs \ +CAVS_PROGRAMS= fips_kwvs fips_aesavs fips_cmactest fips_desmovs fips_dhvs fips_drbgvs \ fips_ecdhvs fips_ecdsavs fips_rngvs fips_rsagtest fips_rsastest \ fips_rsavtest fips_shatest fips_gcmtest fips_dssvs fips_tlsvs fips_hmactest -CAVS_SRC= fips_aesavs.c fips_cmactest.c fips_desmovs.c fips_dhvs.c fips_drbgvs.c fips_dssvs.c \ +CAVS_SRC= fips_kwvs.c fips_aesavs.c fips_cmactest.c fips_desmovs.c fips_dhvs.c fips_drbgvs.c fips_dssvs.c \ fips_ecdhvs.c fips_ecdsavs.c fips_gcmtest.c fips_rngvs.c fips_rsagtest.c fips_rsastest.c \ fips_rsavtest.c fips_shatest.c fips_tlsvs.c fips_hmactest.c -CAVS_OBJ= fips_aesavs.o fips_cmactest.o fips_desmovs.o fips_dhvs.o fips_drbgvs.o \ +CAVS_OBJ= fips_kwvs.o fips_aesavs.o fips_cmactest.o fips_desmovs.o fips_dhvs.o fips_drbgvs.o \ fips_ecdhvs.o fips_ecdsavs.o fips_gcmtest.o fips_rngvs.o fips_rsagtest.o fips_rsastest.o \ fips_rsavtest.o fips_shatest.o fips_dssvs.o fips_tlsvs.o fips_hmactest.o @@ -454,6 +454,19 @@ fips_aesavs.o: ../../include/openssl/ope fips_aesavs.o: ../../include/openssl/ossl_typ.h fips_aesavs.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h fips_aesavs.o: ../../include/openssl/symhacks.h fips_utl.h fips_aesavs.c +fips_kwvs.o: ../../e_os.h ../../include/openssl/aes.h +fips_kwvs.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +fips_kwvs.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +fips_kwvs.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +fips_kwvs.o: ../../include/openssl/err.h ../../include/openssl/evp.h +fips_kwvs.o: ../../include/openssl/fips.h ../../include/openssl/fips_rand.h +fips_kwvs.o: ../../include/openssl/hmac.h ../../include/openssl/lhash.h +fips_kwvs.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +fips_kwvs.o: ../../include/openssl/opensslconf.h +fips_kwvs.o: ../../include/openssl/opensslv.h +fips_kwvs.o: ../../include/openssl/ossl_typ.h +fips_kwvs.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +fips_kwvs.o: ../../include/openssl/symhacks.h fips_utl.h fips_kwvs.c fips_gcmtest.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h fips_gcmtest.o: ../../include/openssl/bio.h ../../include/openssl/bn.h fips_gcmtest.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor