diff options
Diffstat (limited to 'fips')
-rw-r--r-- | fips/fips.c | 48 | ||||
-rw-r--r-- | fips/fips.h | 13 | ||||
-rw-r--r-- | fips/fips_test_suite.c | 3 | ||||
-rw-r--r-- | fips/fips_utl.h | 1 | ||||
-rw-r--r-- | fips/rand/Makefile | 4 | ||||
-rw-r--r-- | fips/rand/fips_drbg_rand.c | 18 | ||||
-rw-r--r-- | fips/rand/fips_rand.c | 2 | ||||
-rw-r--r-- | fips/rand/fips_rand.h | 1 | ||||
-rw-r--r-- | fips/rand/fips_rand_lib.c | 140 | ||||
-rw-r--r-- | fips/rand/fips_rand_selftest.c | 4 |
10 files changed, 164 insertions, 70 deletions
diff --git a/fips/fips.c b/fips/fips.c index 42f4003119..7ca24924dd 100644 --- a/fips/fips.c +++ b/fips/fips.c @@ -73,7 +73,6 @@ static int fips_selftest_fail; static int fips_mode; static int fips_started = 0; -static const void *fips_rand_check; static int fips_is_owning_thread(void); static int fips_set_owning_thread(void); @@ -97,18 +96,6 @@ static void fips_set_mode(int onoff) } } -static void fips_set_rand_check(const void *rand_check) - { - int owning_thread = fips_is_owning_thread(); - - if (fips_started) - { - if (!owning_thread) fips_w_lock(); - fips_rand_check = rand_check; - if (!owning_thread) fips_w_unlock(); - } - } - int FIPS_mode(void) { int ret = 0; @@ -123,20 +110,6 @@ int FIPS_mode(void) return ret; } -const void *FIPS_rand_check(void) - { - const void *ret = 0; - int owning_thread = fips_is_owning_thread(); - - if (fips_started) - { - if (!owning_thread) fips_r_lock(); - ret = fips_rand_check; - if (!owning_thread) fips_r_unlock(); - } - return ret; - } - int FIPS_selftest_failed(void) { int ret = 0; @@ -329,28 +302,7 @@ int FIPS_mode_set(int onoff) ret = 0; goto end; } -#if 0 - /* automagically seed PRNG if not already seeded */ - if(!FIPS_rand_status()) - { - unsigned char buf[48]; - if(RAND_bytes(buf,sizeof buf) <= 0) - { - fips_selftest_fail = 1; - ret = 0; - goto end; - } - FIPS_rand_set_key(buf,32); - FIPS_rand_seed(buf+32,16); - } - /* now switch into FIPS mode */ - fips_set_rand_check(FIPS_rand_method()); - RAND_set_rand_method(FIPS_rand_method()); -#else - fips_set_rand_check(FIPS_drbg_method()); - RAND_set_rand_method(FIPS_drbg_method()); -#endif if(FIPS_selftest()) fips_set_mode(1); else diff --git a/fips/fips.h b/fips/fips.h index e4c32664df..53bc12fe9a 100644 --- a/fips/fips.h +++ b/fips/fips.h @@ -177,6 +177,12 @@ void FIPS_set_malloc_callbacks( #define ecdsa_check fips_ecdsa_check #define ecdh_check fips_ecdh_check +#define RAND_bytes FIPS_rand_bytes +#define RAND_pseudo_bytes FIPS_rand_pseudo_bytes +#define RAND_add FIPS_rand_add +#define RAND_seed FIPS_rand_seed +#define RAND_status FIPS_rand_status + #endif /* BEGIN ERROR CODES */ @@ -214,6 +220,12 @@ void ERR_load_FIPS_strings(void); #define FIPS_F_FIPS_DSA_CHECK 107 #define FIPS_F_FIPS_MODE_SET 108 #define FIPS_F_FIPS_PKEY_SIGNATURE_TEST 109 +#define FIPS_F_FIPS_RAND_ADD 143 +#define FIPS_F_FIPS_RAND_BYTES 144 +#define FIPS_F_FIPS_RAND_PSEUDO_BYTES 145 +#define FIPS_F_FIPS_RAND_SEED 148 +#define FIPS_F_FIPS_RAND_SET_METHOD 146 +#define FIPS_F_FIPS_RAND_STATUS 147 #define FIPS_F_FIPS_SELFTEST_AES 110 #define FIPS_F_FIPS_SELFTEST_AES_GCM 130 #define FIPS_F_FIPS_SELFTEST_CMAC 139 @@ -223,6 +235,7 @@ void ERR_load_FIPS_strings(void); #define FIPS_F_FIPS_SELFTEST_HMAC 113 #define FIPS_F_FIPS_SELFTEST_RNG 114 #define FIPS_F_FIPS_SELFTEST_SHA1 115 +#define FIPS_F_FIPS_SELFTEST_X931 149 #define FIPS_F_HASH_FINAL 123 #define FIPS_F_RSA_BUILTIN_KEYGEN 116 #define FIPS_F_RSA_EAY_PRIVATE_DECRYPT 117 diff --git a/fips/fips_test_suite.c b/fips/fips_test_suite.c index c82dffea88..2cfd5ef930 100644 --- a/fips/fips_test_suite.c +++ b/fips/fips_test_suite.c @@ -678,9 +678,6 @@ int main(int argc,char **argv) printf("\tFIPS-mode test application\n\n"); - /* Load entropy from external file, if any */ - RAND_load_file(".rnd", 1024); - if (argv[1]) { /* Corrupted KAT tests */ if (!strcmp(argv[1], "aes")) { diff --git a/fips/fips_utl.h b/fips/fips_utl.h index 4810566c2f..91cbea25c5 100644 --- a/fips/fips_utl.h +++ b/fips/fips_utl.h @@ -118,6 +118,7 @@ static void fips_algtest_init_nofips(void) FIPS_drbg_init(ctx, NID_aes_256_ctr, DRBG_FLAG_CTR_USE_DF); FIPS_drbg_set_callbacks(ctx, dummy_cb, 0, dummy_cb, 0); FIPS_drbg_instantiate(ctx, dummy_entropy, 10); + FIPS_rand_set_method(FIPS_drbg_method()); } void fips_algtest_init(void) diff --git a/fips/rand/Makefile b/fips/rand/Makefile index 8147951ca5..bcf68dcb81 100644 --- a/fips/rand/Makefile +++ b/fips/rand/Makefile @@ -24,10 +24,10 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC= fips_rand.c fips_rand_selftest.c \ fips_drbg_lib.c fips_drbg_hash.c fips_drbg_ctr.c fips_drbg_selftest.c \ - fips_drbg_rand.c + fips_drbg_rand.c fips_rand_lib.c LIBOBJ= fips_rand.o fips_rand_selftest.o \ fips_drbg_lib.o fips_drbg_hash.o fips_drbg_ctr.o fips_drbg_selftest.o \ - fips_drbg_rand.o + fips_drbg_rand.o fips_rand_lib.o SRC= $(LIBSRC) diff --git a/fips/rand/fips_drbg_rand.c b/fips/rand/fips_drbg_rand.c index 1863026bd5..8872ba2992 100644 --- a/fips/rand/fips_drbg_rand.c +++ b/fips/rand/fips_drbg_rand.c @@ -145,28 +145,18 @@ static void fips_drbg_cleanup(void) static int fips_drbg_seed(const void *seed, int seedlen) { DRBG_CTX *dctx = &ossl_dctx; - int rv = 1; if (dctx->rand_seed_cb) - { - CRYPTO_w_lock(CRYPTO_LOCK_RAND); - rv = dctx->rand_seed_cb(dctx, seed, seedlen); - CRYPTO_w_unlock(CRYPTO_LOCK_RAND); - } - return rv; + return dctx->rand_seed_cb(dctx, seed, seedlen); + return 1; } static int fips_drbg_add(const void *seed, int seedlen, double add_entropy) { DRBG_CTX *dctx = &ossl_dctx; - int rv = 1; if (dctx->rand_add_cb) - { - CRYPTO_w_lock(CRYPTO_LOCK_RAND); - rv = dctx->rand_add_cb(dctx, seed, seedlen, add_entropy); - CRYPTO_w_unlock(CRYPTO_LOCK_RAND); - } - return rv; + return dctx->rand_add_cb(dctx, seed, seedlen, add_entropy); + return 1; } static const RAND_METHOD rand_drbg_meth = diff --git a/fips/rand/fips_rand.c b/fips/rand/fips_rand.c index d56b940a6d..a8ebdb85c0 100644 --- a/fips/rand/fips_rand.c +++ b/fips/rand/fips_rand.c @@ -214,7 +214,7 @@ int FIPS_x931_set_dt(unsigned char *dt) { if (!sctx.test_mode) { - RANDerr(RAND_F_FIPS_RAND_SET_DT,RAND_R_NOT_IN_TEST_MODE); + RANDerr(RAND_F_FIPS_X931_SET_DT,RAND_R_NOT_IN_TEST_MODE); return 0; } memcpy(sctx.DT, dt, AES_BLOCK_LENGTH); diff --git a/fips/rand/fips_rand.h b/fips/rand/fips_rand.h index a691e14359..1a57edd06e 100644 --- a/fips/rand/fips_rand.h +++ b/fips/rand/fips_rand.h @@ -112,6 +112,7 @@ int FIPS_drbg_get_strength(DRBG_CTX *dctx); DRBG_CTX *FIPS_get_default_drbg(void); const RAND_METHOD *FIPS_drbg_method(void); +int FIPS_rand_set_method(const RAND_METHOD *meth); #ifdef __cplusplus } diff --git a/fips/rand/fips_rand_lib.c b/fips/rand/fips_rand_lib.c new file mode 100644 index 0000000000..2d198f9cd8 --- /dev/null +++ b/fips/rand/fips_rand_lib.c @@ -0,0 +1,140 @@ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#define OPENSSL_FIPSAPI + +#include <openssl/crypto.h> +#include <openssl/rand.h> +#include <openssl/err.h> +#include <openssl/fips.h> +#include <openssl/fips_rand.h> +#include "e_os.h" + +/* FIPS API for PRNG use. Similar to RAND functionality but without + * ENGINE and additional checking for non-FIPS rand methods. + */ + +static const RAND_METHOD *fips_rand_meth = NULL; +static int fips_approved_rand_meth = 0; + +int FIPS_rand_set_method(const RAND_METHOD *meth) + { + if (meth == FIPS_drbg_method()) + fips_approved_rand_meth = 1; + else if (meth == FIPS_x931_method()) + fips_approved_rand_meth = 2; + else + fips_approved_rand_meth = 0; + + if (!fips_approved_rand_meth && FIPS_mode()) + { + FIPSerr(FIPS_F_FIPS_RAND_SET_METHOD, FIPS_R_NON_FIPS_METHOD); + return 0; + } + fips_rand_meth = meth; + return 1; + } + +void FIPS_rand_seed(const void *buf, int num) + { + if (!fips_approved_rand_meth && FIPS_mode()) + { + FIPSerr(FIPS_F_FIPS_RAND_SEED, FIPS_R_NON_FIPS_METHOD); + return; + } + if (fips_rand_meth && fips_rand_meth->seed) + fips_rand_meth->seed(buf,num); + } + +void FIPS_rand_add(const void *buf, int num, double entropy) + { + if (!fips_approved_rand_meth && FIPS_mode()) + { + FIPSerr(FIPS_F_FIPS_RAND_ADD, FIPS_R_NON_FIPS_METHOD); + return; + } + if (fips_rand_meth && fips_rand_meth->add) + fips_rand_meth->add(buf,num,entropy); + } + +int FIPS_rand_bytes(unsigned char *buf, int num) + { + if (!fips_approved_rand_meth && FIPS_mode()) + { + FIPSerr(FIPS_F_FIPS_RAND_BYTES, FIPS_R_NON_FIPS_METHOD); + return 0; + } + if (fips_rand_meth && fips_rand_meth->bytes) + return fips_rand_meth->bytes(buf,num); + return 0; + } + +int FIPS_rand_pseudo_bytes(unsigned char *buf, int num) + { + if (!fips_approved_rand_meth && FIPS_mode()) + { + FIPSerr(FIPS_F_FIPS_RAND_PSEUDO_BYTES, FIPS_R_NON_FIPS_METHOD); + return 0; + } + if (fips_rand_meth && fips_rand_meth->pseudorand) + return fips_rand_meth->pseudorand(buf,num); + return -1; + } + +int FIPS_rand_status(void) + { + if (!fips_approved_rand_meth && FIPS_mode()) + { + FIPSerr(FIPS_F_FIPS_RAND_STATUS, FIPS_R_NON_FIPS_METHOD); + return 0; + } + if (fips_rand_meth && fips_rand_meth->status) + return fips_rand_meth->status(); + return 0; + } diff --git a/fips/rand/fips_rand_selftest.c b/fips/rand/fips_rand_selftest.c index ee5f320e0e..afab1fa40b 100644 --- a/fips/rand/fips_rand_selftest.c +++ b/fips/rand/fips_rand_selftest.c @@ -356,14 +356,14 @@ int FIPS_selftest_x931() FIPS_x931_reset(); if (!FIPS_x931_test_mode()) { - FIPSerr(FIPS_F_FIPS_SELFTEST_RNG,FIPS_R_SELFTEST_FAILED); + FIPSerr(FIPS_F_FIPS_SELFTEST_X931,FIPS_R_SELFTEST_FAILED); return 0; } if (!fips_x931_test(aes_128_key,aes_128_tv) || !fips_x931_test(aes_192_key, aes_192_tv) || !fips_x931_test(aes_256_key, aes_256_tv)) { - FIPSerr(FIPS_F_FIPS_SELFTEST_RNG,FIPS_R_SELFTEST_FAILED); + FIPSerr(FIPS_F_FIPS_SELFTEST_X931,FIPS_R_SELFTEST_FAILED); return 0; } FIPS_x931_reset(); |