From 50cd0f0eb330887729865873a86fe55000c15b6d Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Wed, 15 Aug 2007 15:29:43 +0000 Subject: Delete old files. --- fips-1.0/.cvsignore | 8 - fips-1.0/Makefile | 218 ------- fips-1.0/aes/.cvsignore | 4 - fips-1.0/aes/Makefile | 112 ---- fips-1.0/aes/fips_aes_selftest.c | 101 --- fips-1.0/aes/fips_aesavs.c | 927 --------------------------- fips-1.0/des/.cvsignore | 4 - fips-1.0/des/Makefile | 111 ---- fips-1.0/des/fips_des_selftest.c | 165 ----- fips-1.0/des/fips_desmovs.c | 697 -------------------- fips-1.0/dh/.cvsignore | 4 - fips-1.0/dh/Makefile | 114 ---- fips-1.0/dh/dh_gen.c | 179 ------ fips-1.0/dh/fips_dh_check.c | 147 ----- fips-1.0/dh/fips_dh_gen.c | 192 ------ fips-1.0/dh/fips_dh_key.c | 270 -------- fips-1.0/dh/fips_dh_lib.c | 94 --- fips-1.0/dsa/.cvsignore | 4 - fips-1.0/dsa/Makefile | 176 ------ fips-1.0/dsa/fips_dsa_gen.c | 332 ---------- fips-1.0/dsa/fips_dsa_key.c | 154 ----- fips-1.0/dsa/fips_dsa_lib.c | 94 --- fips-1.0/dsa/fips_dsa_ossl.c | 434 ------------- fips-1.0/dsa/fips_dsa_selftest.c | 179 ------ fips-1.0/dsa/fips_dsa_sign.c | 255 -------- fips-1.0/dsa/fips_dsatest.c | 274 -------- fips-1.0/dsa/fips_dssvs.c | 333 ---------- fips-1.0/fips-lib.com | 1196 ----------------------------------- fips-1.0/fips-nodiff.txt | 7 - fips-1.0/fips.c | 509 --------------- fips-1.0/fips.h | 154 ----- fips-1.0/fips_canister.c | 186 ------ fips-1.0/fips_locl.h | 73 --- fips-1.0/fips_premain.c | 176 ------ fips-1.0/fips_premain.c.sha1 | 1 - fips-1.0/fips_test_suite.c | 545 ---------------- fips-1.0/fips_utl.h | 343 ---------- fips-1.0/fipsld | 194 ------ fips-1.0/fipstests.bat | 213 ------- fips-1.0/fipstests.sh | 373 ----------- fips-1.0/hmac/.cvsignore | 4 - fips-1.0/hmac/Makefile | 123 ---- fips-1.0/hmac/fips_hmac.c | 191 ------ fips-1.0/hmac/fips_hmac_selftest.c | 135 ---- fips-1.0/hmac/fips_hmactest.c | 326 ---------- fips-1.0/install.com | 57 -- fips-1.0/mkfipsscr.pl | 497 --------------- fips-1.0/openssl_fips_fingerprint | 31 - fips-1.0/rand/.cvsignore | 4 - fips-1.0/rand/Makefile | 149 ----- fips-1.0/rand/fips_rand.c | 401 ------------ fips-1.0/rand/fips_rand.h | 77 --- fips-1.0/rand/fips_rand_selftest.c | 371 ----------- fips-1.0/rand/fips_randtest.c | 248 -------- fips-1.0/rand/fips_rngvs.c | 229 ------- fips-1.0/rsa/.cvsignore | 4 - fips-1.0/rsa/Makefile | 211 ------ fips-1.0/rsa/fips_rsa_eay.c | 934 --------------------------- fips-1.0/rsa/fips_rsa_gen.c | 300 --------- fips-1.0/rsa/fips_rsa_lib.c | 100 --- fips-1.0/rsa/fips_rsa_selftest.c | 431 ------------- fips-1.0/rsa/fips_rsa_sign.c | 554 ---------------- fips-1.0/rsa/fips_rsa_x931g.c | 280 -------- fips-1.0/rsa/fips_rsagtest.c | 388 ------------ fips-1.0/rsa/fips_rsastest.c | 368 ----------- fips-1.0/rsa/fips_rsavtest.c | 375 ----------- fips-1.0/sha/.cvsignore | 5 - fips-1.0/sha/Makefile | 160 ----- fips-1.0/sha/SHAmix.fax | 129 ---- fips-1.0/sha/SHAmix.req | 99 --- fips-1.0/sha/fips_sha1_selftest.c | 97 --- fips-1.0/sha/fips_shatest.c | 387 ------------ fips-1.0/sha/fips_standalone_sha1.c | 173 ----- 73 files changed, 17390 deletions(-) delete mode 100644 fips-1.0/.cvsignore delete mode 100644 fips-1.0/Makefile delete mode 100644 fips-1.0/aes/.cvsignore delete mode 100644 fips-1.0/aes/Makefile delete mode 100644 fips-1.0/aes/fips_aes_selftest.c delete mode 100644 fips-1.0/aes/fips_aesavs.c delete mode 100644 fips-1.0/des/.cvsignore delete mode 100644 fips-1.0/des/Makefile delete mode 100644 fips-1.0/des/fips_des_selftest.c delete mode 100644 fips-1.0/des/fips_desmovs.c delete mode 100644 fips-1.0/dh/.cvsignore delete mode 100644 fips-1.0/dh/Makefile delete mode 100644 fips-1.0/dh/dh_gen.c delete mode 100644 fips-1.0/dh/fips_dh_check.c delete mode 100644 fips-1.0/dh/fips_dh_gen.c delete mode 100644 fips-1.0/dh/fips_dh_key.c delete mode 100644 fips-1.0/dh/fips_dh_lib.c delete mode 100644 fips-1.0/dsa/.cvsignore delete mode 100644 fips-1.0/dsa/Makefile delete mode 100644 fips-1.0/dsa/fips_dsa_gen.c delete mode 100644 fips-1.0/dsa/fips_dsa_key.c delete mode 100644 fips-1.0/dsa/fips_dsa_lib.c delete mode 100644 fips-1.0/dsa/fips_dsa_ossl.c delete mode 100644 fips-1.0/dsa/fips_dsa_selftest.c delete mode 100644 fips-1.0/dsa/fips_dsa_sign.c delete mode 100644 fips-1.0/dsa/fips_dsatest.c delete mode 100644 fips-1.0/dsa/fips_dssvs.c delete mode 100644 fips-1.0/fips-lib.com delete mode 100644 fips-1.0/fips-nodiff.txt delete mode 100644 fips-1.0/fips.c delete mode 100644 fips-1.0/fips.h delete mode 100644 fips-1.0/fips_canister.c delete mode 100644 fips-1.0/fips_locl.h delete mode 100644 fips-1.0/fips_premain.c delete mode 100644 fips-1.0/fips_premain.c.sha1 delete mode 100644 fips-1.0/fips_test_suite.c delete mode 100644 fips-1.0/fips_utl.h delete mode 100755 fips-1.0/fipsld delete mode 100644 fips-1.0/fipstests.bat delete mode 100644 fips-1.0/fipstests.sh delete mode 100644 fips-1.0/hmac/.cvsignore delete mode 100644 fips-1.0/hmac/Makefile delete mode 100644 fips-1.0/hmac/fips_hmac.c delete mode 100644 fips-1.0/hmac/fips_hmac_selftest.c delete mode 100644 fips-1.0/hmac/fips_hmactest.c delete mode 100644 fips-1.0/install.com delete mode 100644 fips-1.0/mkfipsscr.pl delete mode 100755 fips-1.0/openssl_fips_fingerprint delete mode 100644 fips-1.0/rand/.cvsignore delete mode 100644 fips-1.0/rand/Makefile delete mode 100644 fips-1.0/rand/fips_rand.c delete mode 100644 fips-1.0/rand/fips_rand.h delete mode 100644 fips-1.0/rand/fips_rand_selftest.c delete mode 100644 fips-1.0/rand/fips_randtest.c delete mode 100644 fips-1.0/rand/fips_rngvs.c delete mode 100644 fips-1.0/rsa/.cvsignore delete mode 100644 fips-1.0/rsa/Makefile delete mode 100644 fips-1.0/rsa/fips_rsa_eay.c delete mode 100644 fips-1.0/rsa/fips_rsa_gen.c delete mode 100644 fips-1.0/rsa/fips_rsa_lib.c delete mode 100644 fips-1.0/rsa/fips_rsa_selftest.c delete mode 100644 fips-1.0/rsa/fips_rsa_sign.c delete mode 100644 fips-1.0/rsa/fips_rsa_x931g.c delete mode 100644 fips-1.0/rsa/fips_rsagtest.c delete mode 100644 fips-1.0/rsa/fips_rsastest.c delete mode 100644 fips-1.0/rsa/fips_rsavtest.c delete mode 100644 fips-1.0/sha/.cvsignore delete mode 100644 fips-1.0/sha/Makefile delete mode 100644 fips-1.0/sha/SHAmix.fax delete mode 100644 fips-1.0/sha/SHAmix.req delete mode 100644 fips-1.0/sha/fips_sha1_selftest.c delete mode 100644 fips-1.0/sha/fips_shatest.c delete mode 100644 fips-1.0/sha/fips_standalone_sha1.c (limited to 'fips-1.0') diff --git a/fips-1.0/.cvsignore b/fips-1.0/.cvsignore deleted file mode 100644 index 34f2408d13..0000000000 --- a/fips-1.0/.cvsignore +++ /dev/null @@ -1,8 +0,0 @@ -lib -Makefile.save -fips_test_suite -fips_premain_dso -fips_test_suite.sha1 -fipscanister.o.sha1 -*.flc -semantic.cache diff --git a/fips-1.0/Makefile b/fips-1.0/Makefile deleted file mode 100644 index dfca537178..0000000000 --- a/fips-1.0/Makefile +++ /dev/null @@ -1,218 +0,0 @@ -# -# OpenSSL/crypto/Makefile -# - -DIR= fips-1.0 -TOP= .. -CC= cc -INCLUDE= -I. -I$(TOP) -I../include -# INCLUDES targets sudbirs! -INCLUDES= -I.. -I../.. -I../../include -CFLAG= -g -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile -RM= rm -f -AR= ar r -ARD= ar d -TEST= fips_test_suite.c -FIPS_TVDIR= testvectors -FIPS_TVOK= $$HOME/fips/tv.ok - -FIPSCANLOC= $(FIPSLIBDIR)fipscanister.o - -RECURSIVE_MAKE= [ -n "$(FDIRS)" ] && for i in $(FDIRS) ; do \ - (cd $$i && echo "making $$target in $(DIR)/$$i..." && \ - $(MAKE) -e TOP=../.. DIR=$$i INCLUDES='${INCLUDES}' $$target ) || exit 1; \ - done; - -PEX_LIBS= -EX_LIBS= - -CFLAGS= $(INCLUDE) $(CFLAG) -DHMAC_EXT=\"$${HMAC_EXT:-sha1}\" -ASFLAGS= $(INCLUDE) $(ASFLAG) -AFLAGS=$(ASFLAGS) - -LIBS= - -FDIRS=sha rand des aes dsa rsa dh hmac - -GENERAL=Makefile README fips-lib.com install.com - -LIB= $(TOP)/libcrypto.a -SHARED_LIB= $(FIPSCANLIB)$(SHLIB_EXT) -LIBSRC=fips.c -LIBOBJ=fips.o - -FIPS_OBJ_LISTS=sha/lib hmac/lib rand/lib des/lib aes/lib dsa/lib rsa/lib dh/lib - -SRC= $(LIBSRC) - -EXHEADER=fips.h -HEADER=$(EXHEADER) fips_utl.h fips_locl.h -EXE=fipsld - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - @(cd ..; $(MAKE) DIRS=$(DIR) all) - -testapps: - @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi - -all: - @if [ -z "$(FIPSLIBDIR)" ]; then \ - $(MAKE) -e subdirs lib fips_premain_dso$(EXE_EXT); \ - else \ - $(MAKE) -e lib fips_premain_dso$(EXE_EXT) fips_standalone_sha1$(EXE_EXT); \ - fi - -# Idea behind fipscanister.o is to "seize" the sequestered code between -# known symbols for fingerprinting purposes, which would be commonly -# done with ld -r start.o ... end.o. The latter however presents a minor -# challenge on multi-ABI platforms. As just implied, we'd rather use ld, -# but the trouble is that we don't generally know how ABI-selection -# compiler flag is translated to corresponding linker flag. All compiler -# drivers seem to recognize -r flag and pass it down to linker, but some -# of them, including gcc, erroneously add -lc, as well as run-time -# components, such as crt1.o and alike. Fortunately among those vendor -# compilers which were observed to misinterpret -r flag multi-ABI ones -# are equipped with smart linkers, which don't require any ABI-selection -# flag and simply assume that all objects are of the same type as first -# one in command line. So the idea is to identify gcc and deficient -# vendor compiler drivers... - -fipscanister.o: fips_start.o $(LIBOBJ) $(FIPS_OBJ_LISTS) fips_end.o - FIPS_ASM=""; \ - list="$(BN_ASM)"; for i in $$list; do FIPS_ASM="$$FIPS_ASM ../crypto/bn/$$i" ; done; \ - list="$(AES_ASM_OBJ)"; for i in $$list; do FIPS_ASM="$$FIPS_ASM ../crypto/aes/$$i" ; done; \ - list="$(DES_ENC)"; for i in $$list; do FIPS_ASM="$$FIPS_ASM ../crypto/des/$$i" ; done; \ - list="$(SHA1_ASM_OBJ)"; for i in $$list; do FIPS_ASM="$$FIPS_ASM ../crypto/sha/$$i" ; done; \ - if [ -n "$(CPUID_OBJ)" ]; then \ - CPUID=../crypto/$(CPUID_OBJ) ; \ - else \ - CPUID="" ; \ - fi ; \ - objs="fips_start.o $(LIBOBJ) $(FIPS_EX_OBJ) $$CPUID $$FIPS_ASM"; \ - for i in $(FIPS_OBJ_LISTS); do \ - dir=`dirname $$i`; script="s|^|$$dir/|;s| | $$dir/|g"; \ - objs="$$objs `sed "$$script" $$i`"; \ - done; \ - objs="$$objs fips_end.o" ; \ - os="`(uname -s) 2>/dev/null`"; cflags="$(CFLAGS)"; \ - [ "$$os" = "AIX" ] && cflags="$$cflags -Wl,-bnoobjreorder"; \ - if [ -n "${FIPS_SITE_LD}" ]; then \ - set -x; ${FIPS_SITE_LD} -r -o $@ $$objs; \ - elif $(CC) -dumpversion >/dev/null 2>&1; then \ - set -x; $(CC) $$cflags -r -nostdlib -o $@ $$objs ; \ - else case "$$os" in \ - HP-UX|OSF1|SunOS) set -x; /usr/ccs/bin/ld -r -o $@ $$objs ;; \ - *) set -x; $(CC) $$cflags -r -o $@ $$objs ;; \ - esac fi - ./fips_standalone_sha1 fipscanister.o > fipscanister.o.sha1 - -# If another exception is immediately required, assign approprite -# site-specific ld command to FIPS_SITE_LD environment variable. - -fips_start.o: fips_canister.c - $(CC) $(CFLAGS) -DFIPS_START -c -o $@ fips_canister.c -fips_end.o: fips_canister.c - $(CC) $(CFLAGS) -DFIPS_END -c -o $@ fips_canister.c -fips_premain_dso$(EXE_EXT): fips_premain.c - $(CC) $(CFLAGS) -DFINGERPRINT_PREMAIN_DSO_LOAD -o $@ fips_premain.c \ - $(FIPSLIBDIR)fipscanister.o ../libcrypto.a $(EX_LIBS) -# this is executed only when linking with external fipscanister.o -fips_standalone_sha1$(EXE_EXT): sha/fips_standalone_sha1.c - $(CC) $(CFLAGS) -DFIPSCANISTER_O -o $@ sha/fips_standalone_sha1.c $(FIPSLIBDIR)fipscanister.o - -subdirs: - @target=all; $(RECURSIVE_MAKE) - -files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - @target=files; $(RECURSIVE_MAKE) - -links: - @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../test $(TEST) - @target=links; $(RECURSIVE_MAKE) - -# lib: and $(LIB): are splitted to avoid end-less loop -lib: $(LIB) - @touch lib - -$(LIB): $(FIPSLIBDIR)fipscanister.o - $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o - $(RANLIB) $(LIB) || echo Never mind. - -$(FIPSCANLIB): $(FIPSCANLOC) - $(AR) ../$(FIPSCANLIB).a $(FIPSCANLOC) - if [ "$(FIPSCANLIB)" = "libfips" ]; then \ - $(AR) $(LIB) $(FIPSCANLOC) ; \ - $(RANLIB) $(LIB) || echo Never Mind. ; \ - fi - $(RANLIB) ../$(FIPSCANLIB).a || echo Never mind. - @touch lib - -shared: lib subdirs fips_premain_dso$(EXE_EXT) - -libs: - @target=lib; $(RECURSIVE_MAKE) - -fips_test: top - @target=fips_test; $(RECURSIVE_MAKE) - -fips_test_diff: - @if diff -b -B -I '^\#' -cr -X fips-nodiff.txt $(FIPS_TVDIR) $(FIPS_TVOK) ; then \ - echo "FIPS diff OK" ; \ - else \ - echo "***FIPS DIFF ERROR***" ; exit 1 ; \ - fi - - -install: - @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... - @headerlist="$(EXHEADER)"; for i in $$headerlist ;\ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - @target=install; $(RECURSIVE_MAKE) - @cp -p -f fipscanister.o fipscanister.o.sha1 fips_premain.c \ - fips_premain.c.sha1 \ - $(INSTALL_PREFIX)$(INSTALLTOP)/lib/; \ - chmod 0444 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/fips* - -lint: - @target=lint; $(RECURSIVE_MAKE) - -depend: - @[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDE) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - @[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) ) - @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi - -clean: - rm -f fipscanister.o.sha1 fips_premain_dso$(EXE_EXT) fips_standalone_sha1$(EXE_EXT) \ - *.s *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - @target=clean; $(RECURSIVE_MAKE) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - @target=dclean; $(RECURSIVE_MAKE) - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -fips.o: ../include/openssl/asn1.h ../include/openssl/bio.h -fips.o: ../include/openssl/crypto.h ../include/openssl/des.h -fips.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h -fips.o: ../include/openssl/err.h ../include/openssl/evp.h -fips.o: ../include/openssl/fips.h ../include/openssl/fips_rand.h -fips.o: ../include/openssl/hmac.h ../include/openssl/lhash.h -fips.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -fips.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -fips.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h -fips.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -fips.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -fips.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h fips.c -fips.o: fips_locl.h diff --git a/fips-1.0/aes/.cvsignore b/fips-1.0/aes/.cvsignore deleted file mode 100644 index 439e6d3eb6..0000000000 --- a/fips-1.0/aes/.cvsignore +++ /dev/null @@ -1,4 +0,0 @@ -lib -Makefile.save -*.flc -semantic.cache diff --git a/fips-1.0/aes/Makefile b/fips-1.0/aes/Makefile deleted file mode 100644 index 42782325cd..0000000000 --- a/fips-1.0/aes/Makefile +++ /dev/null @@ -1,112 +0,0 @@ -# -# OpenSSL/fips-1.0/aes/Makefile -# - -DIR= aes -TOP= ../.. -CC= cc -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile -AR= ar r - -ASFLAGS= $(INCLUDES) $(ASFLAG) -AFLAGS= $(ASFLAGS) - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST=fips_aesavs.c -TESTDATA=fips_aes_data -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=fips_aes_selftest.c -LIBOBJ=fips_aes_selftest.o - -SRC= $(LIBSRC) - -EXHEADER= -HEADER= - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd $(TOP); $(MAKE) DIRS=fips-1.0 FDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - @echo $(LIBOBJ) > lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - -links: - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TESTDATA) - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS) - -install: - @headerlist="$(EXHEADER)"; for i in $$headerlist; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done - -tags: - ctags $(SRC) - -tests: - -fips_test: - -find ../testvectors/aes/req -name '*.req' > testlist - -rm -rf ../testvectors/aes/rsp - mkdir ../testvectors/aes/rsp - if [ -s testlist ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_aesavs -d testlist; fi - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) \ - $(SRC) $(TEST) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff testlist -# DO NOT DELETE THIS LINE -- make depend depends on it. - -fips_aes_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -fips_aes_selftest.o: ../../include/openssl/crypto.h -fips_aes_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -fips_aes_selftest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -fips_aes_selftest.o: ../../include/openssl/lhash.h -fips_aes_selftest.o: ../../include/openssl/obj_mac.h -fips_aes_selftest.o: ../../include/openssl/objects.h -fips_aes_selftest.o: ../../include/openssl/opensslconf.h -fips_aes_selftest.o: ../../include/openssl/opensslv.h -fips_aes_selftest.o: ../../include/openssl/ossl_typ.h -fips_aes_selftest.o: ../../include/openssl/safestack.h -fips_aes_selftest.o: ../../include/openssl/stack.h -fips_aes_selftest.o: ../../include/openssl/symhacks.h fips_aes_selftest.c -fips_aesavs.o: ../../e_os.h ../../include/openssl/aes.h -fips_aesavs.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -fips_aesavs.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -fips_aesavs.o: ../../include/openssl/err.h ../../include/openssl/evp.h -fips_aesavs.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -fips_aesavs.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -fips_aesavs.o: ../../include/openssl/opensslconf.h -fips_aesavs.o: ../../include/openssl/opensslv.h -fips_aesavs.o: ../../include/openssl/ossl_typ.h -fips_aesavs.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -fips_aesavs.o: ../../include/openssl/symhacks.h ../fips_utl.h fips_aesavs.c diff --git a/fips-1.0/aes/fips_aes_selftest.c b/fips-1.0/aes/fips_aes_selftest.c deleted file mode 100644 index 441bbc18e7..0000000000 --- a/fips-1.0/aes/fips_aes_selftest.c +++ /dev/null @@ -1,101 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - -#include -#include -#include -#include - -#ifdef OPENSSL_FIPS -static struct - { - unsigned char key[16]; - unsigned char plaintext[16]; - unsigned char ciphertext[16]; - } tests[]= - { - { - { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07, - 0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F }, - { 0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77, - 0x88,0x99,0xAA,0xBB,0xCC,0xDD,0xEE,0xFF }, - { 0x69,0xC4,0xE0,0xD8,0x6A,0x7B,0x04,0x30, - 0xD8,0xCD,0xB7,0x80,0x70,0xB4,0xC5,0x5A }, - }, - }; - -void FIPS_corrupt_aes() - { - tests[0].key[0]++; - } - -int FIPS_selftest_aes() - { - int n; - int ret = 0; - EVP_CIPHER_CTX ctx; - EVP_CIPHER_CTX_init(&ctx); - - for(n=0 ; n < 1 ; ++n) - { - if (fips_cipher_test(&ctx, EVP_aes_128_ecb(), - tests[n].key, NULL, - tests[n].plaintext, - tests[n].ciphertext, - 16) <= 0) - goto err; - } - ret = 1; - err: - EVP_CIPHER_CTX_cleanup(&ctx); - if (ret == 0) - FIPSerr(FIPS_F_FIPS_SELFTEST_AES,FIPS_R_SELFTEST_FAILED); - return ret; - } -#endif diff --git a/fips-1.0/aes/fips_aesavs.c b/fips-1.0/aes/fips_aesavs.c deleted file mode 100644 index 5344aba124..0000000000 --- a/fips-1.0/aes/fips_aesavs.c +++ /dev/null @@ -1,927 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ -/*--------------------------------------------- - NIST AES Algorithm Validation Suite - Test Program - - Donated to OpenSSL by: - V-ONE Corporation - 20250 Century Blvd, Suite 300 - Germantown, MD 20874 - U.S.A. - ----------------------------------------------*/ - -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include "e_os.h" - -#ifndef OPENSSL_FIPS - -int main(int argc, char *argv[]) -{ - printf("No FIPS AES support\n"); - return(0); -} - -#else - -#include "fips_utl.h" - -#define AES_BLOCK_SIZE 16 - -#define VERBOSE 0 - -/*-----------------------------------------------*/ - -int AESTest(EVP_CIPHER_CTX *ctx, - char *amode, int akeysz, unsigned char *aKey, - unsigned char *iVec, - int dir, /* 0 = decrypt, 1 = encrypt */ - unsigned char *plaintext, unsigned char *ciphertext, int len) - { - const EVP_CIPHER *cipher = NULL; - - if (strcasecmp(amode, "CBC") == 0) - { - switch (akeysz) - { - case 128: - cipher = EVP_aes_128_cbc(); - break; - - case 192: - cipher = EVP_aes_192_cbc(); - break; - - case 256: - cipher = EVP_aes_256_cbc(); - break; - } - - } - else if (strcasecmp(amode, "ECB") == 0) - { - switch (akeysz) - { - case 128: - cipher = EVP_aes_128_ecb(); - break; - - case 192: - cipher = EVP_aes_192_ecb(); - break; - - case 256: - cipher = EVP_aes_256_ecb(); - break; - } - } - else if (strcasecmp(amode, "CFB128") == 0) - { - switch (akeysz) - { - case 128: - cipher = EVP_aes_128_cfb128(); - break; - - case 192: - cipher = EVP_aes_192_cfb128(); - break; - - case 256: - cipher = EVP_aes_256_cfb128(); - break; - } - - } - else if (strncasecmp(amode, "OFB", 3) == 0) - { - switch (akeysz) - { - case 128: - cipher = EVP_aes_128_ofb(); - break; - - case 192: - cipher = EVP_aes_192_ofb(); - break; - - case 256: - cipher = EVP_aes_256_ofb(); - break; - } - } - else if(!strcasecmp(amode,"CFB1")) - { - switch (akeysz) - { - case 128: - cipher = EVP_aes_128_cfb1(); - break; - - case 192: - cipher = EVP_aes_192_cfb1(); - break; - - case 256: - cipher = EVP_aes_256_cfb1(); - break; - } - } - else if(!strcasecmp(amode,"CFB8")) - { - switch (akeysz) - { - case 128: - cipher = EVP_aes_128_cfb8(); - break; - - case 192: - cipher = EVP_aes_192_cfb8(); - break; - - case 256: - cipher = EVP_aes_256_cfb8(); - break; - } - } - else - { - printf("Unknown mode: %s\n", amode); - return 0; - } - if (!cipher) - { - printf("Invalid key size: %d\n", akeysz); - return 0; - } - if (EVP_CipherInit_ex(ctx, cipher, NULL, aKey, iVec, dir) <= 0) - return 0; - if (dir) - EVP_Cipher(ctx, ciphertext, plaintext, len); - else - EVP_Cipher(ctx, plaintext, ciphertext, len); - return 1; - } - -/*-----------------------------------------------*/ -char *t_tag[2] = {"PLAINTEXT", "CIPHERTEXT"}; -char *t_mode[6] = {"CBC","ECB","OFB","CFB1","CFB8","CFB128"}; -enum Mode {CBC, ECB, OFB, CFB1, CFB8, CFB128}; -enum XCrypt {XDECRYPT, XENCRYPT}; - -/*=============================*/ -/* Monte Carlo Tests */ -/*-----------------------------*/ - -/*#define gb(a,b) (((a)[(b)/8] >> ((b)%8))&1)*/ -/*#define sb(a,b,v) ((a)[(b)/8]=((a)[(b)/8]&~(1 << ((b)%8)))|(!!(v) << ((b)%8)))*/ - -#define gb(a,b) (((a)[(b)/8] >> (7-(b)%8))&1) -#define sb(a,b,v) ((a)[(b)/8]=((a)[(b)/8]&~(1 << (7-(b)%8)))|(!!(v) << (7-(b)%8))) - -int do_mct(char *amode, - int akeysz, unsigned char *aKey,unsigned char *iVec, - int dir, unsigned char *text, int len, - FILE *rfp) - { - int ret = 0; - unsigned char key[101][32]; - unsigned char iv[101][AES_BLOCK_SIZE]; - unsigned char ptext[1001][32]; - unsigned char ctext[1001][32]; - unsigned char ciphertext[64+4]; - int i, j, n, n1, n2; - int imode = 0, nkeysz = akeysz/8; - EVP_CIPHER_CTX ctx; - EVP_CIPHER_CTX_init(&ctx); - - if (len > 32) - { - printf("\n>>>> Length exceeds 32 for %s %d <<<<\n\n", - amode, akeysz); - return -1; - } - for (imode = 0; imode < 6; ++imode) - if (strcmp(amode, t_mode[imode]) == 0) - break; - if (imode == 6) - { - printf("Unrecognized mode: %s\n", amode); - return -1; - } - - memcpy(key[0], aKey, nkeysz); - if (iVec) - memcpy(iv[0], iVec, AES_BLOCK_SIZE); - if (dir == XENCRYPT) - memcpy(ptext[0], text, len); - else - memcpy(ctext[0], text, len); - for (i = 0; i < 100; ++i) - { - /* printf("Iteration %d\n", i); */ - if (i > 0) - { - fprintf(rfp,"COUNT = %d\n",i); - OutputValue("KEY",key[i],nkeysz,rfp,0); - if (imode != ECB) /* ECB */ - OutputValue("IV",iv[i],AES_BLOCK_SIZE,rfp,0); - /* Output Ciphertext | Plaintext */ - OutputValue(t_tag[dir^1],dir ? ptext[0] : ctext[0],len,rfp, - imode == CFB1); - } - for (j = 0; j < 1000; ++j) - { - switch (imode) - { - case ECB: - if (j == 0) - { /* set up encryption */ - ret = AESTest(&ctx, amode, akeysz, key[i], NULL, - dir, /* 0 = decrypt, 1 = encrypt */ - ptext[j], ctext[j], len); - if (dir == XENCRYPT) - memcpy(ptext[j+1], ctext[j], len); - else - memcpy(ctext[j+1], ptext[j], len); - } - else - { - if (dir == XENCRYPT) - { - EVP_Cipher(&ctx, ctext[j], ptext[j], len); - memcpy(ptext[j+1], ctext[j], len); - } - else - { - EVP_Cipher(&ctx, ptext[j], ctext[j], len); - memcpy(ctext[j+1], ptext[j], len); - } - } - break; - - case CBC: - case OFB: - case CFB128: - if (j == 0) - { - ret = AESTest(&ctx, amode, akeysz, key[i], iv[i], - dir, /* 0 = decrypt, 1 = encrypt */ - ptext[j], ctext[j], len); - if (dir == XENCRYPT) - memcpy(ptext[j+1], iv[i], len); - else - memcpy(ctext[j+1], iv[i], len); - } - else - { - if (dir == XENCRYPT) - { - EVP_Cipher(&ctx, ctext[j], ptext[j], len); - memcpy(ptext[j+1], ctext[j-1], len); - } - else - { - EVP_Cipher(&ctx, ptext[j], ctext[j], len); - memcpy(ctext[j+1], ptext[j-1], len); - } - } - break; - - case CFB8: - if (j == 0) - { - ret = AESTest(&ctx, amode, akeysz, key[i], iv[i], - dir, /* 0 = decrypt, 1 = encrypt */ - ptext[j], ctext[j], len); - } - else - { - if (dir == XENCRYPT) - EVP_Cipher(&ctx, ctext[j], ptext[j], len); - else - EVP_Cipher(&ctx, ptext[j], ctext[j], len); - } - if (dir == XENCRYPT) - { - if (j < 16) - memcpy(ptext[j+1], &iv[i][j], len); - else - memcpy(ptext[j+1], ctext[j-16], len); - } - else - { - if (j < 16) - memcpy(ctext[j+1], &iv[i][j], len); - else - memcpy(ctext[j+1], ptext[j-16], len); - } - break; - - case CFB1: - if(j == 0) - { - /* compensate for wrong endianness of input file */ - if(i == 0) - ptext[0][0]<<=7; - ret = AESTest(&ctx,amode,akeysz,key[i],iv[i],dir, - ptext[j], ctext[j], len); - } - else - { - if (dir == XENCRYPT) - EVP_Cipher(&ctx, ctext[j], ptext[j], len); - else - EVP_Cipher(&ctx, ptext[j], ctext[j], len); - - } - if(dir == XENCRYPT) - { - if(j < 128) - sb(ptext[j+1],0,gb(iv[i],j)); - else - sb(ptext[j+1],0,gb(ctext[j-128],0)); - } - else - { - if(j < 128) - sb(ctext[j+1],0,gb(iv[i],j)); - else - sb(ctext[j+1],0,gb(ptext[j-128],0)); - } - break; - } - } - --j; /* reset to last of range */ - /* Output Ciphertext | Plaintext */ - OutputValue(t_tag[dir],dir ? ctext[j] : ptext[j],len,rfp, - imode == CFB1); - fprintf(rfp, "\n"); /* add separator */ - - /* Compute next KEY */ - if (dir == XENCRYPT) - { - if (imode == CFB8) - { /* ct = CT[j-15] || CT[j-14] || ... || CT[j] */ - for (n1 = 0, n2 = nkeysz-1; n1 < nkeysz; ++n1, --n2) - ciphertext[n1] = ctext[j-n2][0]; - } - else if(imode == CFB1) - { - for(n1=0,n2=akeysz-1 ; n1 < akeysz ; ++n1,--n2) - sb(ciphertext,n1,gb(ctext[j-n2],0)); - } - else - switch (akeysz) - { - case 128: - memcpy(ciphertext, ctext[j], 16); - break; - case 192: - memcpy(ciphertext, ctext[j-1]+8, 8); - memcpy(ciphertext+8, ctext[j], 16); - break; - case 256: - memcpy(ciphertext, ctext[j-1], 16); - memcpy(ciphertext+16, ctext[j], 16); - break; - } - } - else - { - if (imode == CFB8) - { /* ct = CT[j-15] || CT[j-14] || ... || CT[j] */ - for (n1 = 0, n2 = nkeysz-1; n1 < nkeysz; ++n1, --n2) - ciphertext[n1] = ptext[j-n2][0]; - } - else if(imode == CFB1) - { - for(n1=0,n2=akeysz-1 ; n1 < akeysz ; ++n1,--n2) - sb(ciphertext,n1,gb(ptext[j-n2],0)); - } - else - switch (akeysz) - { - case 128: - memcpy(ciphertext, ptext[j], 16); - break; - case 192: - memcpy(ciphertext, ptext[j-1]+8, 8); - memcpy(ciphertext+8, ptext[j], 16); - break; - case 256: - memcpy(ciphertext, ptext[j-1], 16); - memcpy(ciphertext+16, ptext[j], 16); - break; - } - } - /* Compute next key: Key[i+1] = Key[i] xor ct */ - for (n = 0; n < nkeysz; ++n) - key[i+1][n] = key[i][n] ^ ciphertext[n]; - - /* Compute next IV and text */ - if (dir == XENCRYPT) - { - switch (imode) - { - case ECB: - memcpy(ptext[0], ctext[j], AES_BLOCK_SIZE); - break; - case CBC: - case OFB: - case CFB128: - memcpy(iv[i+1], ctext[j], AES_BLOCK_SIZE); - memcpy(ptext[0], ctext[j-1], AES_BLOCK_SIZE); - break; - case CFB8: - /* IV[i+1] = ct */ - for (n1 = 0, n2 = 15; n1 < 16; ++n1, --n2) - iv[i+1][n1] = ctext[j-n2][0]; - ptext[0][0] = ctext[j-16][0]; - break; - case CFB1: - for(n1=0,n2=127 ; n1 < 128 ; ++n1,--n2) - sb(iv[i+1],n1,gb(ctext[j-n2],0)); - ptext[0][0]=ctext[j-128][0]&0x80; - break; - } - } - else - { - switch (imode) - { - case ECB: - memcpy(ctext[0], ptext[j], AES_BLOCK_SIZE); - break; - case CBC: - case OFB: - case CFB128: - memcpy(iv[i+1], ptext[j], AES_BLOCK_SIZE); - memcpy(ctext[0], ptext[j-1], AES_BLOCK_SIZE); - break; - case CFB8: - for (n1 = 0, n2 = 15; n1 < 16; ++n1, --n2) - iv[i+1][n1] = ptext[j-n2][0]; - ctext[0][0] = ptext[j-16][0]; - break; - case CFB1: - for(n1=0,n2=127 ; n1 < 128 ; ++n1,--n2) - sb(iv[i+1],n1,gb(ptext[j-n2],0)); - ctext[0][0]=ptext[j-128][0]&0x80; - break; - } - } - } - - return ret; - } - -/*================================================*/ -/*---------------------------- - # Config info for v-one - # AESVS MMT test data for ECB - # State : Encrypt and Decrypt - # Key Length : 256 - # Fri Aug 30 04:07:22 PM - ----------------------------*/ - -int proc_file(char *rqfile) - { - char afn[256], rfn[256]; - FILE *afp = NULL, *rfp = NULL; - char ibuf[2048]; - char tbuf[2048]; - int ilen, len, ret = 0; - char algo[8] = ""; - char amode[8] = ""; - char atest[8] = ""; - int akeysz = 0; - unsigned char iVec[20], aKey[40]; - int dir = -1, err = 0, step = 0; - unsigned char plaintext[2048]; - unsigned char ciphertext[2048]; - char *rp; - EVP_CIPHER_CTX ctx; - EVP_CIPHER_CTX_init(&ctx); - - if (!rqfile || !(*rqfile)) - { - printf("No req file\n"); - return -1; - } - strcpy(afn, rqfile); - - if ((afp = fopen(afn, "r")) == NULL) - { - printf("Cannot open file: %s, %s\n", - afn, strerror(errno)); - return -1; - } - strcpy(rfn,afn); - rp=strstr(rfn,"req/"); -#ifdef OPENSSL_SYS_WIN32 - if (!rp) - rp=strstr(rfn,"req\\"); -#endif - assert(rp); - memcpy(rp,"rsp",3); - rp = strstr(rfn, ".req"); - memcpy(rp, ".rsp", 4); - if ((rfp = fopen(rfn, "w")) == NULL) - { - printf("Cannot open file: %s, %s\n", - rfn, strerror(errno)); - fclose(afp); - afp = NULL; - return -1; - } - while (!err && (fgets(ibuf, sizeof(ibuf), afp)) != NULL) - { - tidy_line(tbuf, ibuf); - ilen = strlen(ibuf); - /* printf("step=%d ibuf=%s",step,ibuf); */ - switch (step) - { - case 0: /* read preamble */ - if (ibuf[0] == '\n') - { /* end of preamble */ - if ((*algo == '\0') || - (*amode == '\0') || - (akeysz == 0)) - { - printf("Missing Algorithm, Mode or KeySize (%s/%s/%d)\n", - algo,amode,akeysz); - err = 1; - } - else - { - fputs(ibuf, rfp); - ++ step; - } - } - else if (ibuf[0] != '#') - { - printf("Invalid preamble item: %s\n", ibuf); - err = 1; - } - else - { /* process preamble */ - char *xp, *pp = ibuf+2; - int n; - if (akeysz) - { /* insert current time & date */ - time_t rtim = time(0); - fprintf(rfp, "# %s", ctime(&rtim)); - } - else - { - fputs(ibuf, rfp); - if (strncmp(pp, "AESVS ", 6) == 0) - { - strcpy(algo, "AES"); - /* get test type */ - pp += 6; - xp = strchr(pp, ' '); - n = xp-pp; - strncpy(atest, pp, n); - atest[n] = '\0'; - /* get mode */ - xp = strrchr(pp, ' '); /* get mode" */ - n = strlen(xp+1)-1; - strncpy(amode, xp+1, n); - amode[n] = '\0'; - /* amode[3] = '\0'; */ - if (VERBOSE) - printf("Test = %s, Mode = %s\n", atest, amode); - } - else if (strncasecmp(pp, "Key Length : ", 13) == 0) - { - akeysz = atoi(pp+13); - if (VERBOSE) - printf("Key size = %d\n", akeysz); - } - } - } - break; - - case 1: /* [ENCRYPT] | [DECRYPT] */ - if (ibuf[0] == '[') - { - fputs(ibuf, rfp); - ++step; - if (strncasecmp(ibuf, "[ENCRYPT]", 9) == 0) - dir = 1; - else if (strncasecmp(ibuf, "[DECRYPT]", 9) == 0) - dir = 0; - else - { - printf("Invalid keyword: %s\n", ibuf); - err = 1; - } - break; - } - else if (dir == -1) - { - err = 1; - printf("Missing ENCRYPT/DECRYPT keyword\n"); - break; - } - else - step = 2; - - case 2: /* KEY = xxxx */ - fputs(ibuf, rfp); - if(*ibuf == '\n') - break; - if(!strncasecmp(ibuf,"COUNT = ",8)) - break; - - if (strncasecmp(ibuf, "KEY = ", 6) != 0) - { - printf("Missing KEY\n"); - err = 1; - } - else - { - len = hex2bin((char*)ibuf+6, aKey); - if (len < 0) - { - printf("Invalid KEY\n"); - err =1; - break; - } - PrintValue("KEY", aKey, len); - if (strcmp(amode, "ECB") == 0) - { - memset(iVec, 0, sizeof(iVec)); - step = (dir)? 4: 5; /* no ivec for ECB */ - } - else - ++step; - } - break; - - case 3: /* IV = xxxx */ - fputs(ibuf, rfp); - if (strncasecmp(ibuf, "IV = ", 5) != 0) - { - printf("Missing IV\n"); - err = 1; - } - else - { - len = hex2bin((char*)ibuf+5, iVec); - if (len < 0) - { - printf("Invalid IV\n"); - err =1; - break; - } - PrintValue("IV", iVec, len); - step = (dir)? 4: 5; - } - break; - - case 4: /* PLAINTEXT = xxxx */ - fputs(ibuf, rfp); - if (strncasecmp(ibuf, "PLAINTEXT = ", 12) != 0) - { - printf("Missing PLAINTEXT\n"); - err = 1; - } - else - { - int nn = strlen(ibuf+12); - if(!strcmp(amode,"CFB1")) - len=bint2bin(ibuf+12,nn-1,plaintext); - else - len=hex2bin(ibuf+12, plaintext); - if (len < 0) - { - printf("Invalid PLAINTEXT: %s", ibuf+12); - err =1; - break; - } - if (len >= sizeof(plaintext)) - { - printf("Buffer overflow\n"); - } - PrintValue("PLAINTEXT", (unsigned char*)plaintext, len); - if (strcmp(atest, "MCT") == 0) /* Monte Carlo Test */ - { - if(do_mct(amode, akeysz, aKey, iVec, - dir, (unsigned char*)plaintext, len, - rfp) < 0) - EXIT(1); - } - else - { - ret = AESTest(&ctx, amode, akeysz, aKey, iVec, - dir, /* 0 = decrypt, 1 = encrypt */ - plaintext, ciphertext, len); - OutputValue("CIPHERTEXT",ciphertext,len,rfp, - !strcmp(amode,"CFB1")); - } - step = 6; - } - break; - - case 5: /* CIPHERTEXT = xxxx */ - fputs(ibuf, rfp); - if (strncasecmp(ibuf, "CIPHERTEXT = ", 13) != 0) - { - printf("Missing KEY\n"); - err = 1; - } - else - { - if(!strcmp(amode,"CFB1")) - len=bint2bin(ibuf+13,strlen(ibuf+13)-1,ciphertext); - else - len = hex2bin(ibuf+13,ciphertext); - if (len < 0) - { - printf("Invalid CIPHERTEXT\n"); - err =1; - break; - } - - PrintValue("CIPHERTEXT", ciphertext, len); - if (strcmp(atest, "MCT") == 0) /* Monte Carlo Test */ - { - do_mct(amode, akeysz, aKey, iVec, - dir, ciphertext, len, rfp); - } - else - { - ret = AESTest(&ctx, amode, akeysz, aKey, iVec, - dir, /* 0 = decrypt, 1 = encrypt */ - plaintext, ciphertext, len); - OutputValue("PLAINTEXT",(unsigned char *)plaintext,len,rfp, - !strcmp(amode,"CFB1")); - } - step = 6; - } - break; - - case 6: - if (ibuf[0] != '\n') - { - err = 1; - printf("Missing terminator\n"); - } - else if (strcmp(atest, "MCT") != 0) - { /* MCT already added terminating nl */ - fputs(ibuf, rfp); - } - step = 1; - break; - } - } - if (rfp) - fclose(rfp); - if (afp) - fclose(afp); - return err; - } - -/*-------------------------------------------------- - Processes either a single file or - a set of files whose names are passed in a file. - A single file is specified as: - aes_test -f xxx.req - A set of files is specified as: - aes_test -d xxxxx.xxx - The default is: -d req.txt ---------------------------------------------------*/ -int main(int argc, char **argv) - { - char *rqlist = "req.txt"; - FILE *fp = NULL; - char fn[250] = "", rfn[256] = ""; - int f_opt = 0, d_opt = 1; - -#ifdef OPENSSL_FIPS - if(!FIPS_mode_set(1)) - { - do_print_errors(); - EXIT(1); - } -#endif - if (argc > 1) - { - if (strcasecmp(argv[1], "-d") == 0) - { - d_opt = 1; - } - else if (strcasecmp(argv[1], "-f") == 0) - { - f_opt = 1; - d_opt = 0; - } - else - { - printf("Invalid parameter: %s\n", argv[1]); - return 0; - } - if (argc < 3) - { - printf("Missing parameter\n"); - return 0; - } - if (d_opt) - rqlist = argv[2]; - else - strcpy(fn, argv[2]); - } - if (d_opt) - { /* list of files (directory) */ - if (!(fp = fopen(rqlist, "r"))) - { - printf("Cannot open req list file\n"); - return -1; - } - while (fgets(fn, sizeof(fn), fp)) - { - strtok(fn, "\r\n"); - strcpy(rfn, fn); - if (VERBOSE) - printf("Processing: %s\n", rfn); - if (proc_file(rfn)) - { - printf(">>> Processing failed for: %s <<<\n", rfn); - EXIT(1); - } - } - fclose(fp); - } - else /* single file */ - { - if (VERBOSE) - printf("Processing: %s\n", fn); - if (proc_file(fn)) - { - printf(">>> Processing failed for: %s <<<\n", fn); - } - } - EXIT(0); - return 0; - } - -#endif diff --git a/fips-1.0/des/.cvsignore b/fips-1.0/des/.cvsignore deleted file mode 100644 index 439e6d3eb6..0000000000 --- a/fips-1.0/des/.cvsignore +++ /dev/null @@ -1,4 +0,0 @@ -lib -Makefile.save -*.flc -semantic.cache diff --git a/fips-1.0/des/Makefile b/fips-1.0/des/Makefile deleted file mode 100644 index 3adfd7389f..0000000000 --- a/fips-1.0/des/Makefile +++ /dev/null @@ -1,111 +0,0 @@ -# -# OpenSSL/fips-1.0/des/Makefile -# - -DIR= des -TOP= ../.. -CC= cc -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile -AR= ar r - -ASFLAGS= $(INCLUDES) $(ASFLAG) -AFLAGS= $(ASFLAGS) - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST= fips_desmovs.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=fips_des_selftest.c -LIBOBJ=fips_des_selftest.o - -SRC= $(LIBSRC) - -EXHEADER= -HEADER= - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - @echo $(LIBOBJ) > lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - -links: - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS) - -install: - @headerlist="$(EXHEADER)"; for i in $$headerlist; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done - -tags: - ctags $(SRC) - -tests: - -fips_test: - -find ../testvectors/tdes/req -name '*.req' > testlist - -rm -rf ../testvectors/tdes/rsp - mkdir ../testvectors/tdes/rsp - if [ -s testlist ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_desmovs -d testlist; fi - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) \ - $(SRC) $(TEST) -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff testlist -# DO NOT DELETE THIS LINE -- make depend depends on it. - -fips_des_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -fips_des_selftest.o: ../../include/openssl/crypto.h -fips_des_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -fips_des_selftest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -fips_des_selftest.o: ../../include/openssl/lhash.h -fips_des_selftest.o: ../../include/openssl/obj_mac.h -fips_des_selftest.o: ../../include/openssl/objects.h -fips_des_selftest.o: ../../include/openssl/opensslconf.h -fips_des_selftest.o: ../../include/openssl/opensslv.h -fips_des_selftest.o: ../../include/openssl/ossl_typ.h -fips_des_selftest.o: ../../include/openssl/safestack.h -fips_des_selftest.o: ../../include/openssl/stack.h -fips_des_selftest.o: ../../include/openssl/symhacks.h fips_des_selftest.c -fips_desmovs.o: ../../e_os.h ../../include/openssl/asn1.h -fips_desmovs.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -fips_desmovs.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -fips_desmovs.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -fips_desmovs.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -fips_desmovs.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -fips_desmovs.o: ../../include/openssl/objects.h -fips_desmovs.o: ../../include/openssl/opensslconf.h -fips_desmovs.o: ../../include/openssl/opensslv.h -fips_desmovs.o: ../../include/openssl/ossl_typ.h -fips_desmovs.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -fips_desmovs.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -fips_desmovs.o: ../../include/openssl/ui_compat.h ../fips_utl.h fips_desmovs.c diff --git a/fips-1.0/des/fips_des_selftest.c b/fips-1.0/des/fips_des_selftest.c deleted file mode 100644 index 8ae215f131..0000000000 --- a/fips-1.0/des/fips_des_selftest.c +++ /dev/null @@ -1,165 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - -#include -#include -#include -#include -#include - -#ifdef OPENSSL_FIPS -static struct - { - unsigned char key[8]; - unsigned char plaintext[8]; - unsigned char ciphertext[8]; - } tests[]= - { - { - { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }, - { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }, - { 0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7 } - }, - { - { 0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10 }, - { 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF }, - { 0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4 }, - }, - }; - -static struct - { - unsigned char key[16]; - unsigned char plaintext[8]; - unsigned char ciphertext[8]; - } tests2[]= - { - { - { 0x7c,0x4f,0x6e,0xf7,0xa2,0x04,0x16,0xec, - 0x0b,0x6b,0x7c,0x9e,0x5e,0x19,0xa7,0xc4 }, - { 0x06,0xa7,0xd8,0x79,0xaa,0xce,0x69,0xef }, - { 0x4c,0x11,0x17,0x55,0xbf,0xc4,0x4e,0xfd } - }, - { - { 0x5d,0x9e,0x01,0xd3,0x25,0xc7,0x3e,0x34, - 0x01,0x16,0x7c,0x85,0x23,0xdf,0xe0,0x68 }, - { 0x9c,0x50,0x09,0x0f,0x5e,0x7d,0x69,0x7e }, - { 0xd2,0x0b,0x18,0xdf,0xd9,0x0d,0x9e,0xff }, - } - }; - -static struct - { - unsigned char key[24]; - unsigned char plaintext[8]; - unsigned char ciphertext[8]; - } tests3[]= - { - { - { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10, - 0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0 }, - { 0x8f,0x8f,0xbf,0x9b,0x5d,0x48,0xb4,0x1c }, - { 0x59,0x8c,0xe5,0xd3,0x6c,0xa2,0xea,0x1b }, - }, - { - { 0xDC,0xBA,0x98,0x76,0x54,0x32,0x10,0xFE, - 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF, - 0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4 }, - { 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF }, - { 0x11,0x25,0xb0,0x35,0xbe,0xa0,0x82,0x86 }, - }, - }; - -void FIPS_corrupt_des() - { - tests[0].plaintext[0]++; - } - -int FIPS_selftest_des() - { - int n, ret = 0; - EVP_CIPHER_CTX ctx; - EVP_CIPHER_CTX_init(&ctx); -#if 0 - /* Encrypt/decrypt with DES and compare to known answers */ - for(n=0 ; n < 2 ; ++n) - { - if (!fips_cipher_test(&ctx, EVP_des_ecb(), - tests[n].key, NULL, - tests[n].plaintext, tests[n].ciphertext, 8)) - goto err; - } -#endif - /* Encrypt/decrypt with 2-key 3DES and compare to known answers */ - for(n=0 ; n < 2 ; ++n) - { - if (!fips_cipher_test(&ctx, EVP_des_ede_ecb(), - tests2[n].key, NULL, - tests2[n].plaintext, tests2[n].ciphertext, 8)) - goto err; - } - - /* Encrypt/decrypt with 3DES and compare to known answers */ - for(n=0 ; n < 2 ; ++n) - { - if (!fips_cipher_test(&ctx, EVP_des_ede3_ecb(), - tests3[n].key, NULL, - tests3[n].plaintext, tests3[n].ciphertext, 8)) - goto err; - } - ret = 1; - err: - EVP_CIPHER_CTX_cleanup(&ctx); - if (ret == 0) - FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED); - - return ret; - } -#endif diff --git a/fips-1.0/des/fips_desmovs.c b/fips-1.0/des/fips_desmovs.c deleted file mode 100644 index 836c4a0b09..0000000000 --- a/fips-1.0/des/fips_desmovs.c +++ /dev/null @@ -1,697 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ -/*--------------------------------------------- - NIST DES Modes of Operation Validation System - Test Program - - Based on the AES Validation Suite, which was: - Donated to OpenSSL by: - V-ONE Corporation - 20250 Century Blvd, Suite 300 - Germantown, MD 20874 - U.S.A. - ----------------------------------------------*/ - -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include "e_os.h" - -#ifndef OPENSSL_FIPS - -int main(int argc, char *argv[]) -{ - printf("No FIPS DES support\n"); - return(0); -} - -#else - -#include "fips_utl.h" - -#define DES_BLOCK_SIZE 8 - -#define VERBOSE 0 - -int DESTest(EVP_CIPHER_CTX *ctx, - char *amode, int akeysz, unsigned char *aKey, - unsigned char *iVec, - int dir, /* 0 = decrypt, 1 = encrypt */ - unsigned char *out, unsigned char *in, int len) - { - const EVP_CIPHER *cipher = NULL; - - if (akeysz != 192) - { - printf("Invalid key size: %d\n", akeysz); - EXIT(1); - } - - if (strcasecmp(amode, "CBC") == 0) - cipher = EVP_des_ede3_cbc(); - else if (strcasecmp(amode, "ECB") == 0) - cipher = EVP_des_ede3_ecb(); - else if (strcasecmp(amode, "CFB64") == 0) - cipher = EVP_des_ede3_cfb64(); - else if (strncasecmp(amode, "OFB", 3) == 0) - cipher = EVP_des_ede3_ofb(); -#if 0 - else if(!strcasecmp(amode,"CFB1")) - { - ctx->cbits = 1; - ctx->cmode = EVP_CIPH_CFB_MODE; - } -#endif - else if(!strcasecmp(amode,"CFB8")) - cipher = EVP_des_ede3_cfb8(); - else - { - printf("Unknown mode: %s\n", amode); - EXIT(1); - } - - if (EVP_CipherInit_ex(ctx, cipher, NULL, aKey, iVec, dir) <= 0) - return 0; - EVP_Cipher(ctx, out, in, len); - - return 1; - } - -void DebugValue(char *tag, unsigned char *val, int len) - { - char obuf[2048]; - int olen; - olen = bin2hex(val, len, obuf); - printf("%s = %.*s\n", tag, olen, obuf); - } - -void shiftin(unsigned char *dst,unsigned char *src,int nbits) - { - int n; - - /* move the bytes... */ - memmove(dst,dst+nbits/8,3*8-nbits/8); - /* append new data */ - memcpy(dst+3*8-nbits/8,src,(nbits+7)/8); - /* left shift the bits */ - if(nbits%8) - for(n=0 ; n < 3*8 ; ++n) - dst[n]=(dst[n] << (nbits%8))|(dst[n+1] >> (8-nbits%8)); - } - -/*-----------------------------------------------*/ -char *t_tag[2] = {"PLAINTEXT", "CIPHERTEXT"}; -char *t_mode[6] = {"CBC","ECB","OFB","CFB1","CFB8","CFB64"}; -enum Mode {CBC, ECB, OFB, CFB1, CFB8, CFB64}; -int Sizes[6]={64,64,64,1,8,64}; - -void do_mct(char *amode, - int akeysz, int numkeys, unsigned char *akey,unsigned char *ivec, - int dir, unsigned char *text, int len, - FILE *rfp) - { - int i,imode; - unsigned char nk[4*8]; /* longest key+8 */ - unsigned char text0[8]; - - for (imode=0 ; imode < 6 ; ++imode) - if(!strcmp(amode,t_mode[imode])) - break; - if (imode == 6) - { - printf("Unrecognized mode: %s\n", amode); - EXIT(1); - } - - for(i=0 ; i < 400 ; ++i) - { - int j; - int n; - int kp=akeysz/64; - unsigned char old_iv[8]; - EVP_CIPHER_CTX ctx; - EVP_CIPHER_CTX_init(&ctx); - - fprintf(rfp,"\nCOUNT = %d\n",i); - if(kp == 1) - OutputValue("KEY",akey,8,rfp,0); - else - for(n=0 ; n < kp ; ++n) - { - fprintf(rfp,"KEY%d",n+1); - OutputValue("",akey+n*8,8,rfp,0); - } - - if(imode != ECB) - OutputValue("IV",ivec,8,rfp,0); - OutputValue(t_tag[dir^1],text,len,rfp,imode == CFB1); - - /* compensate for endianness */ - if(imode == CFB1) - text[0]<<=7; - - memcpy(text0,text,8); - - for(j=0 ; j < 10000 ; ++j) - { - unsigned char old_text[8]; - - memcpy(old_text,text,8); - if(j == 0) - { - memcpy(old_iv,ivec,8); - DESTest(&ctx,amode,akeysz,akey,ivec,dir,text,text,len); - } - else - { - memcpy(old_iv,ctx.iv,8); - EVP_Cipher(&ctx,text,text,len); - } - if(j == 9999) - { - OutputValue(t_tag[dir],text,len,rfp,imode == CFB1); - /* memcpy(ivec,text,8); */ - } - /* DebugValue("iv",ctx.iv,8); */ - /* accumulate material for the next key */ - shiftin(nk,text,Sizes[imode]); - /* DebugValue("nk",nk,24);*/ - if((dir && (imode == CFB1 || imode == CFB8 || imode == CFB64 - || imode == CBC)) || imode == OFB) - memcpy(text,old_iv,8); - - if(!dir && (imode == CFB1 || imode == CFB8 || imode == CFB64)) - { - /* the test specifies using the output of the raw DES operation - which we don't have, so reconstruct it... */ - for(n=0 ; n < 8 ; ++n) - text[n]^=old_text[n]; - } - } - for(n=0 ; n < 8 ; ++n) - akey[n]^=nk[16+n]; - for(n=0 ; n < 8 ; ++n) - akey[8+n]^=nk[8+n]; - for(n=0 ; n < 8 ; ++n) - akey[16+n]^=nk[n]; - if(numkeys < 3) - memcpy(&akey[2*8],akey,8); - if(numkeys < 2) - memcpy(&akey[8],akey,8); - DES_set_odd_parity((DES_cblock *)akey); - DES_set_odd_parity((DES_cblock *)(akey+8)); - DES_set_odd_parity((DES_cblock *)(akey+16)); - memcpy(ivec,ctx.iv,8); - - /* pointless exercise - the final text doesn't depend on the - initial text in OFB mode, so who cares what it is? (Who - designed these tests?) */ - if(imode == OFB) - for(n=0 ; n < 8 ; ++n) - text[n]=text0[n]^old_iv[n]; - } - } - -int proc_file(char *rqfile) - { - char afn[256], rfn[256]; - FILE *afp = NULL, *rfp = NULL; - char ibuf[2048], tbuf[2048]; - int ilen, len, ret = 0; - char amode[8] = ""; - char atest[100] = ""; - int akeysz=0; - unsigned char iVec[20], aKey[40]; - int dir = -1, err = 0, step = 0; - unsigned char plaintext[2048]; - unsigned char ciphertext[2048]; - char *rp; - EVP_CIPHER_CTX ctx; - int numkeys=1; - EVP_CIPHER_CTX_init(&ctx); - - if (!rqfile || !(*rqfile)) - { - printf("No req file\n"); - return -1; - } - strcpy(afn, rqfile); - - if ((afp = fopen(afn, "r")) == NULL) - { - printf("Cannot open file: %s, %s\n", - afn, strerror(errno)); - return -1; - } - strcpy(rfn,afn); - rp=strstr(rfn,"req/"); -#ifdef OPENSSL_SYS_WIN32 - if (!rp) - rp=strstr(rfn,"req\\"); -#endif - assert(rp); - memcpy(rp,"rsp",3); - rp = strstr(rfn, ".req"); - memcpy(rp, ".rsp", 4); - if ((rfp = fopen(rfn, "w")) == NULL) - { - printf("Cannot open file: %s, %s\n", - rfn, strerror(errno)); - fclose(afp); - afp = NULL; - return -1; - } - while (!err && (fgets(ibuf, sizeof(ibuf), afp)) != NULL) - { - tidy_line(tbuf, ibuf); - ilen = strlen(ibuf); - /* printf("step=%d ibuf=%s",step,ibuf);*/ - if(step == 3 && !strcmp(amode,"ECB")) - { - memset(iVec, 0, sizeof(iVec)); - step = (dir)? 4: 5; /* no ivec for ECB */ - } - switch (step) - { - case 0: /* read preamble */ - if (ibuf[0] == '\n') - { /* end of preamble */ - if (*amode == '\0') - { - printf("Missing Mode\n"); - err = 1; - } - else - { - fputs(ibuf, rfp); - ++ step; - } - } - else if (ibuf[0] != '#') - { - printf("Invalid preamble item: %s\n", ibuf); - err = 1; - } - else - { /* process preamble */ - char *xp, *pp = ibuf+2; - int n; - if(*amode) - { /* insert current time & date */ - time_t rtim = time(0); - fprintf(rfp, "# %s", ctime(&rtim)); - } - else - { - fputs(ibuf, rfp); - if(!strncmp(pp,"INVERSE ",8) || !strncmp(pp,"DES ",4) - || !strncmp(pp,"TDES ",5) - || !strncmp(pp,"PERMUTATION ",12) - || !strncmp(pp,"SUBSTITUTION ",13) - || !strncmp(pp,"VARIABLE ",9)) - { - /* get test type */ - if(!strncmp(pp,"DES ",4)) - pp+=4; - else if(!strncmp(pp,"TDES ",5)) - pp+=5; - xp = strchr(pp, ' '); - n = xp-pp; - strncpy(atest, pp, n); - atest[n] = '\0'; - /* get mode */ - xp = strrchr(pp, ' '); /* get mode" */ - n = strlen(xp+1)-1; - strncpy(amode, xp+1, n); - amode[n] = '\0'; - /* amode[3] = '\0'; */ - if (VERBOSE) - printf("Test=%s, Mode=%s\n",atest,amode); - } - } - } - break; - - case 1: /* [ENCRYPT] | [DECRYPT] */ - if(ibuf[0] == '\n') - break; - if (ibuf[0] == '[') - { - fputs(ibuf, rfp); - ++step; - if (strncasecmp(ibuf, "[ENCRYPT]", 9) == 0) - dir = 1; - else if (strncasecmp(ibuf, "[DECRYPT]", 9) == 0) - dir = 0; - else - { - printf("Invalid keyword: %s\n", ibuf); - err = 1; - } - break; - } - else if (dir == -1) - {