← Back to branch summary

~andersk/ubuntu/oneiric/openssl/spurious-reboot

« back to all changes in this revision

Viewing changes to fips/des/fips_des_selftest.c

  • Committer: Bazaar Package Importer
  • Author(s): Colin Watson
  • Date: 2011-05-01 23:51:53 UTC
  • mfrom: (11.1.20 sid)
  • Revision ID: james.westby@ubuntu.com-20110501235153-bjcxitndquaezb68
Tags: 1.0.0d-2ubuntu1
https://launchpad.net/bugs/675566
* Resynchronise with Debian (LP: #675566).  Remaining changes:
  - debian/libssl1.0.0.postinst:
    + Display a system restart required notification bubble on libssl1.0.0
      upgrade.
    + Use a different priority for libssl1.0.0/restart-services depending
      on whether a desktop, or server dist-upgrade is being performed.
  - debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
    libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
    in Debian).
  - debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
    rules}: Move runtime libraries to /lib, for the benefit of
    wpasupplicant.
  - debian/patches/aesni.patch: Backport Intel AES-NI support, now from
    http://rt.openssl.org/Ticket/Display.html?id=2065 rather than the
    0.9.8 variant.
  - debian/patches/Bsymbolic-functions.patch: Link using
    -Bsymbolic-functions.
  - debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
    .pc.
  - debian/rules:
    + Don't run 'make test' when cross-building.
    + Use host compiler when cross-building.  Patch from Neil Williams.
    + Don't build for processors no longer supported: i486, i586 (on
      i386), v8 (on sparc).
    + Fix Makefile to properly clean up libs/ dirs in clean target.
    + Replace duplicate files in the doc directory with symlinks.
* Update architectures affected by Bsymbolic-functions.patch.
* Drop debian/patches/no-sslv2.patch; Debian now adds the 'no-ssl2'
  configure option, which compiles out SSLv2 support entirely, so this is
  no longer needed.
* Drop openssl-doc in favour of the libssl-doc package introduced by
  Debian.  Add Conflicts/Replaces until the next LTS release.

Show diffs side-by-side

added added

removed removed

Lines of Context:
fips/des/fips_des_selftest.c
1
 
/* ====================================================================
2
 
 * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
3
 
 *
4
 
 * Redistribution and use in source and binary forms, with or without
5
 
 * modification, are permitted provided that the following conditions
6
 
 * are met:
7
 
 *
8
 
 * 1. Redistributions of source code must retain the above copyright
9
 
 *    notice, this list of conditions and the following disclaimer. 
10
 
 *
11
 
 * 2. Redistributions in binary form must reproduce the above copyright
12
 
 *    notice, this list of conditions and the following disclaimer in
13
 
 *    the documentation and/or other materials provided with the
14
 
 *    distribution.
15
 
 *
16
 
 * 3. All advertising materials mentioning features or use of this
17
 
 *    software must display the following acknowledgment:
18
 
 *    "This product includes software developed by the OpenSSL Project
19
 
 *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
20
 
 *
21
 
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22
 
 *    endorse or promote products derived from this software without
23
 
 *    prior written permission. For written permission, please contact
24
 
 *    openssl-core@openssl.org.
25
 
 *
26
 
 * 5. Products derived from this software may not be called "OpenSSL"
27
 
 *    nor may "OpenSSL" appear in their names without prior written
28
 
 *    permission of the OpenSSL Project.
29
 
 *
30
 
 * 6. Redistributions of any form whatsoever must retain the following
31
 
 *    acknowledgment:
32
 
 *    "This product includes software developed by the OpenSSL Project
33
 
 *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
34
 
 *
35
 
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36
 
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37
 
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38
 
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
39
 
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40
 
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41
 
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42
 
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43
 
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44
 
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45
 
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46
 
 * OF THE POSSIBILITY OF SUCH DAMAGE.
47
 
 *
48
 
 */
49
 
 
50
 
#include <string.h>
51
 
#include <openssl/err.h>
52
 
#include <openssl/fips.h>
53
 
#include <openssl/evp.h>
54
 
#include <openssl/opensslconf.h>
55
 
 
56
 
#ifdef OPENSSL_FIPS
57
 
 
58
 
static struct
59
 
    {
60
 
    unsigned char key[16];
61
 
    unsigned char plaintext[8];
62
 
    unsigned char ciphertext[8];
63
 
    } tests2[]=
64
 
        {
65
 
        {
66
 
        { 0x7c,0x4f,0x6e,0xf7,0xa2,0x04,0x16,0xec,
67
 
          0x0b,0x6b,0x7c,0x9e,0x5e,0x19,0xa7,0xc4 },
68
 
        { 0x06,0xa7,0xd8,0x79,0xaa,0xce,0x69,0xef },
69
 
        { 0x4c,0x11,0x17,0x55,0xbf,0xc4,0x4e,0xfd }
70
 
        },
71
 
        {
72
 
        { 0x5d,0x9e,0x01,0xd3,0x25,0xc7,0x3e,0x34,
73
 
          0x01,0x16,0x7c,0x85,0x23,0xdf,0xe0,0x68 },
74
 
        { 0x9c,0x50,0x09,0x0f,0x5e,0x7d,0x69,0x7e },
75
 
        { 0xd2,0x0b,0x18,0xdf,0xd9,0x0d,0x9e,0xff },
76
 
        }
77
 
        };
78
 
 
79
 
static struct
80
 
    {
81
 
    unsigned char key[24];
82
 
    unsigned char plaintext[8];
83
 
    unsigned char ciphertext[8];
84
 
    } tests3[]=
85
 
        {
86
 
        {
87
 
        { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
88
 
          0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10,
89
 
          0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0 },
90
 
        { 0x8f,0x8f,0xbf,0x9b,0x5d,0x48,0xb4,0x1c },
91
 
        { 0x59,0x8c,0xe5,0xd3,0x6c,0xa2,0xea,0x1b },
92
 
        },
93
 
        {
94
 
        { 0xDC,0xBA,0x98,0x76,0x54,0x32,0x10,0xFE,
95
 
          0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
96
 
          0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4 },
97
 
        { 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF },
98
 
        { 0x11,0x25,0xb0,0x35,0xbe,0xa0,0x82,0x86 },
99
 
        },
100
 
        };
101
 
 
102
 
void FIPS_corrupt_des()
103
 
    {
104
 
    tests2[0].plaintext[0]++;
105
 
    }
106
 
 
107
 
int FIPS_selftest_des()
108
 
    {
109
 
    int n, ret = 0;
110
 
    EVP_CIPHER_CTX ctx;
111
 
    EVP_CIPHER_CTX_init(&ctx);
112
 
    /* Encrypt/decrypt with 2-key 3DES and compare to known answers */
113
 
    for(n=0 ; n < 2 ; ++n)
114
 
        {
115
 
        if (!fips_cipher_test(&ctx, EVP_des_ede_ecb(),
116
 
                                tests2[n].key, NULL,
117
 
                                tests2[n].plaintext, tests2[n].ciphertext, 8))
118
 
                goto err;
119
 
        }
120
 
 
121
 
    /* Encrypt/decrypt with 3DES and compare to known answers */
122
 
    for(n=0 ; n < 2 ; ++n)
123
 
        {
124
 
        if (!fips_cipher_test(&ctx, EVP_des_ede3_ecb(),
125
 
                                tests3[n].key, NULL,
126
 
                                tests3[n].plaintext, tests3[n].ciphertext, 8))
127
 
                goto err;
128
 
        }
129
 
    ret = 1;
130
 
    err:
131
 
    EVP_CIPHER_CTX_cleanup(&ctx);
132
 
    if (ret == 0)
133
 
            FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED);
134
 
 
135
 
    return ret;
136
 
    }
137
 
#endif