/[smeserver]/rpms/openssl/sme8/openssl-fips-0.9.8e-sha2test.patch
ViewVC logotype

Contents of /rpms/openssl/sme8/openssl-fips-0.9.8e-sha2test.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Tue Feb 18 03:03:10 2014 UTC (10 years, 9 months ago) by wellsi
Branch: MAIN
CVS Tags: openssl-0_9_8e-28_el5_sme, openssl-0_9_8e-33_1_el5_sme, openssl-0_9_8e-32_1_el5_sme, openssl-0_9_8e-27_1_el5_sme, openssl-0_9_8e-27_el5_10_1, openssl-0_9_8e-31_1_el5_sme, HEAD
Branch point for: upstream
Initial import

1 diff -up openssl-fips-0.9.8e/fips/fips.c.sha2test openssl-fips-0.9.8e/fips/fips.c
2 --- openssl-fips-0.9.8e/fips/fips.c.sha2test 2011-04-04 16:40:28.000000000 +0200
3 +++ openssl-fips-0.9.8e/fips/fips.c 2011-10-18 16:30:21.000000000 +0200
4 @@ -56,6 +56,7 @@
5 #include <openssl/bio.h>
6 #include <openssl/hmac.h>
7 #include <openssl/rsa.h>
8 +#include <openssl/sha.h>
9 #include <string.h>
10 #include <limits.h>
11 #include <dlfcn.h>
12 @@ -161,6 +162,7 @@ int FIPS_selftest()
13 {
14
15 return FIPS_selftest_sha1()
16 + && FIPS_selftest_sha2()
17 && FIPS_selftest_hmac()
18 && FIPS_selftest_aes()
19 && FIPS_selftest_des()
20 @@ -401,6 +403,8 @@ FIPSCHECK_verify(const char *libname, co
21 return 0;
22
23 hmacpath = make_hmac_path(path);
24 + if (hmacpath == NULL)
25 + return 0;
26
27 hf = fopen(hmacpath, "r");
28 if (hf == NULL) {
29 @@ -712,6 +716,45 @@ int fips_cipher_test(EVP_CIPHER_CTX *ctx
30 return 1;
31 }
32
33 +static const unsigned char msg_sha256[] = { 0xfa, 0x48, 0x59, 0x2a, 0xe1, 0xae, 0x1f, 0x30,
34 + 0xfc };
35 +static const unsigned char dig_sha256[] = { 0xf7, 0x26, 0xd8, 0x98, 0x47, 0x91, 0x68, 0x5b,
36 + 0x9e, 0x39, 0xb2, 0x58, 0xbb, 0x75, 0xbf, 0x01,
37 + 0x17, 0x0c, 0x84, 0x00, 0x01, 0x7a, 0x94, 0x83,
38 + 0xf3, 0x0b, 0x15, 0x84, 0x4b, 0x69, 0x88, 0x8a };
39 +
40 +static const unsigned char msg_sha512[] = { 0x37, 0xd1, 0x35, 0x9d, 0x18, 0x41, 0xe9, 0xb7,
41 + 0x6d, 0x9a, 0x13, 0xda, 0x5f, 0xf3, 0xbd };
42 +static const unsigned char dig_sha512[] = { 0x11, 0x13, 0xc4, 0x19, 0xed, 0x2b, 0x1d, 0x16,
43 + 0x11, 0xeb, 0x9b, 0xbe, 0xf0, 0x7f, 0xcf, 0x44,
44 + 0x8b, 0xd7, 0x57, 0xbd, 0x8d, 0xa9, 0x25, 0xb0,
45 + 0x47, 0x25, 0xd6, 0x6c, 0x9a, 0x54, 0x7f, 0x8f,
46 + 0x0b, 0x53, 0x1a, 0x10, 0x68, 0x32, 0x03, 0x38,
47 + 0x82, 0xc4, 0x87, 0xc4, 0xea, 0x0e, 0xd1, 0x04,
48 + 0xa9, 0x98, 0xc1, 0x05, 0xa3, 0xf3, 0xf8, 0xb1,
49 + 0xaf, 0xbc, 0xd9, 0x78, 0x7e, 0xee, 0x3d, 0x43 };
50 +
51 +int FIPS_selftest_sha2(void)
52 + {
53 + unsigned char md[SHA512_DIGEST_LENGTH];
54 +
55 + EVP_Digest(msg_sha256, sizeof(msg_sha256), md, NULL, EVP_sha256(), NULL);
56 + if(memcmp(dig_sha256, md, sizeof(dig_sha256)))
57 + {
58 + FIPSerr(FIPS_F_FIPS_MODE_SET, FIPS_R_SELFTEST_FAILED);
59 + return 0;
60 + }
61 +
62 + EVP_Digest(msg_sha512, sizeof(msg_sha512), md, NULL, EVP_sha512(), NULL);
63 + if(memcmp(dig_sha512, md, sizeof(dig_sha512)))
64 + {
65 + FIPSerr(FIPS_F_FIPS_MODE_SET, FIPS_R_SELFTEST_FAILED);
66 + return 0;
67 + }
68 +
69 + return 1;
70 + }
71 +
72 #if 0
73 /* The purpose of this is to ensure the error code exists and the function
74 * name is to keep the error checking script quiet
75 diff -up openssl-fips-0.9.8e/fips/fips.h.sha2test openssl-fips-0.9.8e/fips/fips.h
76 --- openssl-fips-0.9.8e/fips/fips.h.sha2test 2007-09-12 19:46:03.000000000 +0200
77 +++ openssl-fips-0.9.8e/fips/fips.h 2011-09-26 10:43:08.000000000 +0200
78 @@ -68,6 +68,7 @@ int FIPS_selftest_failed(void);
79 void FIPS_selftest_check(void);
80 void FIPS_corrupt_sha1(void);
81 int FIPS_selftest_sha1(void);
82 +int FIPS_selftest_sha2(void);
83 void FIPS_corrupt_aes(void);
84 int FIPS_selftest_aes(void);
85 void FIPS_corrupt_des(void);

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed