diff options
Diffstat (limited to 'providers/common/provider_util.c')
| -rw-r--r-- | providers/common/provider_util.c | 120 |
1 files changed, 0 insertions, 120 deletions
diff --git a/providers/common/provider_util.c b/providers/common/provider_util.c index f27171a830..4259d7167a 100644 --- a/providers/common/provider_util.c +++ b/providers/common/provider_util.c @@ -296,123 +296,3 @@ void ossl_prov_cache_exported_algorithms(const OSSL_ALGORITHM_CAPABLE *in, out[j++] = in[i].alg; } } - -/* - * Internal library code deals with NIDs, so we need to translate from a name. - * We do so using EVP_MD_is_a(), and therefore need a name to NID map. - */ -int ossl_prov_digest_md_to_nid(const EVP_MD *md, const OSSL_ITEM *it, - size_t it_len) -{ - size_t i; - int mdnid = NID_undef; - - if (md == NULL) - goto end; - - for (i = 0; i < it_len; i++) { - if (EVP_MD_is_a(md, it[i].ptr)) { - mdnid = (int)it[i].id; - break; - } - } - end: - return mdnid; -} - -/* - * Retrieve one of the FIPs approved hash algorithms by nid. - * See FIPS 180-4 "Secure Hash Standard" and - * FIPS 202 - SHA-3. - * - * NOTE: For some operations SHA1 is not allowed. This check is only enabled - * for the FIPS_MODULE. - */ -int ossl_prov_digest_get_approved_nid(const EVP_MD *md, int sha1_allowed) -{ - int mdnid; - - static const OSSL_ITEM name_to_nid[] = { - { NID_sha1, OSSL_DIGEST_NAME_SHA1 }, - { NID_sha224, OSSL_DIGEST_NAME_SHA2_224 }, - { NID_sha256, OSSL_DIGEST_NAME_SHA2_256 }, - { NID_sha384, OSSL_DIGEST_NAME_SHA2_384 }, - { NID_sha512, OSSL_DIGEST_NAME_SHA2_512 }, - { NID_sha512_224, OSSL_DIGEST_NAME_SHA2_512_224 }, - { NID_sha512_256, OSSL_DIGEST_NAME_SHA2_512_256 }, - { NID_sha3_224, OSSL_DIGEST_NAME_SHA3_224 }, - { NID_sha3_256, OSSL_DIGEST_NAME_SHA3_256 }, - { NID_sha3_384, OSSL_DIGEST_NAME_SHA3_384 }, - { NID_sha3_512, OSSL_DIGEST_NAME_SHA3_512 }, - }; - - mdnid = ossl_prov_digest_md_to_nid(md, name_to_nid, OSSL_NELEM(name_to_nid)); -#ifdef FIPS_MODULE - if (mdnid == NID_sha1 && !sha1_allowed) - mdnid = NID_undef; -#endif - return mdnid; -} - -/* - * In FIPS mode: - * protect should be 1 for any operations that need 112 bits of security - * strength (such as signing, and key exchange), or 0 for operations that allow - * a lower security strength (such as verify). - * - * For ECDH key agreement refer to SP800-56A - * https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf - * "Appendix D" - * - * For ECDSA signatures refer to - * https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf - * "Table 2" - */ -int ossl_prov_ec_check(const EC_KEY *ec, int protect) -{ -#ifdef FIPS_MODULE - int nid, strength; - const char *curve_name; - const EC_GROUP *group = EC_KEY_get0_group(ec); - - if (group == NULL) { - ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_CURVE, "No group"); - return 0; - } - nid = EC_GROUP_get_curve_name(group); - if (nid == NID_undef) { - ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_CURVE, - "Explicit curves are not allowed in fips mode"); - return 0; - } - - curve_name = EC_curve_nid2nist(nid); - if (curve_name == NULL) { - ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_CURVE, - "Curve %s is not approved in FIPS mode", curve_name); - return 0; - } - - /* - * For EC the security strength is the (order_bits / 2) - * e.g. P-224 is 112 bits. - */ - strength = EC_GROUP_order_bits(group) / 2; - /* The min security strength allowed for legacy verification is 80 bits */ - if (strength < 80) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_CURVE); - return 0; - } - - /* - * For signing/or key agreement only allow curves with at least 112 bits of - * security strength - */ - if (protect && strength < 112) { - ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_CURVE, - "Curve %s cannot be used for signing", curve_name); - return 0; - } -#endif - return 1; -} |