← Back to branch summary

~ubuntu-branches/ubuntu/lucid/openssl/lucid-proposed

« back to all changes in this revision

Viewing changes to fips/des/fips_des_selftest.c

  • Committer: Bazaar Package Importer
  • Author(s): Nicolas Valcárcel Scerpella (Canonical)
  • Date: 2009-12-06 20:16:24 UTC
  • mfrom: (11.1.9 sid)
  • Revision ID: james.westby@ubuntu.com-20091206201624-u126qjpqm2n2uuhu
Tags: 0.9.8k-7ubuntu1
https://launchpad.net/bugs/493392
* Merge from debian unstable, remaining changes (LP: #493392):
  - Link using -Bsymbolic-functions
  - Add support for lpia
  - Disable SSLv2 during compile
  - Ship documentation in openssl-doc, suggested by the package.
  - Use a different priority for libssl0.9.8/restart-services
    depending on whether a desktop, or server dist-upgrade is being
    performed.
  - Display a system restart required notification bubble on libssl0.9.8
    upgrade.
  - Replace duplicate files in the doc directory with symlinks.
  - Move runtime libraries to /lib, for the benefit of wpasupplicant
* Strip the patches out of the source into quilt patches
* Disable CVE-2009-3555.patch

Show diffs side-by-side

added added

removed removed

Lines of Context:
fips/des/fips_des_selftest.c
 
1
/* ====================================================================
 
2
 * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
 
3
 *
 
4
 * Redistribution and use in source and binary forms, with or without
 
5
 * modification, are permitted provided that the following conditions
 
6
 * are met:
 
7
 *
 
8
 * 1. Redistributions of source code must retain the above copyright
 
9
 *    notice, this list of conditions and the following disclaimer. 
 
10
 *
 
11
 * 2. Redistributions in binary form must reproduce the above copyright
 
12
 *    notice, this list of conditions and the following disclaimer in
 
13
 *    the documentation and/or other materials provided with the
 
14
 *    distribution.
 
15
 *
 
16
 * 3. All advertising materials mentioning features or use of this
 
17
 *    software must display the following acknowledgment:
 
18
 *    "This product includes software developed by the OpenSSL Project
 
19
 *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
 
20
 *
 
21
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 
22
 *    endorse or promote products derived from this software without
 
23
 *    prior written permission. For written permission, please contact
 
24
 *    openssl-core@openssl.org.
 
25
 *
 
26
 * 5. Products derived from this software may not be called "OpenSSL"
 
27
 *    nor may "OpenSSL" appear in their names without prior written
 
28
 *    permission of the OpenSSL Project.
 
29
 *
 
30
 * 6. Redistributions of any form whatsoever must retain the following
 
31
 *    acknowledgment:
 
32
 *    "This product includes software developed by the OpenSSL Project
 
33
 *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
 
34
 *
 
35
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 
36
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 
37
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 
38
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 
39
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 
40
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 
41
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 
42
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 
43
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 
44
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 
45
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 
46
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 
47
 *
 
48
 */
 
49
 
 
50
#include <string.h>
 
51
#include <openssl/err.h>
 
52
#include <openssl/fips.h>
 
53
#include <openssl/evp.h>
 
54
#include <openssl/opensslconf.h>
 
55
 
 
56
#ifdef OPENSSL_FIPS
 
57
 
 
58
static struct
 
59
    {
 
60
    unsigned char key[16];
 
61
    unsigned char plaintext[8];
 
62
    unsigned char ciphertext[8];
 
63
    } tests2[]=
 
64
        {
 
65
        {
 
66
        { 0x7c,0x4f,0x6e,0xf7,0xa2,0x04,0x16,0xec,
 
67
          0x0b,0x6b,0x7c,0x9e,0x5e,0x19,0xa7,0xc4 },
 
68
        { 0x06,0xa7,0xd8,0x79,0xaa,0xce,0x69,0xef },
 
69
        { 0x4c,0x11,0x17,0x55,0xbf,0xc4,0x4e,0xfd }
 
70
        },
 
71
        {
 
72
        { 0x5d,0x9e,0x01,0xd3,0x25,0xc7,0x3e,0x34,
 
73
          0x01,0x16,0x7c,0x85,0x23,0xdf,0xe0,0x68 },
 
74
        { 0x9c,0x50,0x09,0x0f,0x5e,0x7d,0x69,0x7e },
 
75
        { 0xd2,0x0b,0x18,0xdf,0xd9,0x0d,0x9e,0xff },
 
76
        }
 
77
        };
 
78
 
 
79
static struct
 
80
    {
 
81
    unsigned char key[24];
 
82
    unsigned char plaintext[8];
 
83
    unsigned char ciphertext[8];
 
84
    } tests3[]=
 
85
        {
 
86
        {
 
87
        { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
 
88
          0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10,
 
89
          0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0 },
 
90
        { 0x8f,0x8f,0xbf,0x9b,0x5d,0x48,0xb4,0x1c },
 
91
        { 0x59,0x8c,0xe5,0xd3,0x6c,0xa2,0xea,0x1b },
 
92
        },
 
93
        {
 
94
        { 0xDC,0xBA,0x98,0x76,0x54,0x32,0x10,0xFE,
 
95
          0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
 
96
          0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4 },
 
97
        { 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF },
 
98
        { 0x11,0x25,0xb0,0x35,0xbe,0xa0,0x82,0x86 },
 
99
        },
 
100
        };
 
101
 
 
102
void FIPS_corrupt_des()
 
103
    {
 
104
    tests2[0].plaintext[0]++;
 
105
    }
 
106
 
 
107
int FIPS_selftest_des()
 
108
    {
 
109
    int n, ret = 0;
 
110
    EVP_CIPHER_CTX ctx;
 
111
    EVP_CIPHER_CTX_init(&ctx);
 
112
    /* Encrypt/decrypt with 2-key 3DES and compare to known answers */
 
113
    for(n=0 ; n < 2 ; ++n)
 
114
        {
 
115
        if (!fips_cipher_test(&ctx, EVP_des_ede_ecb(),
 
116
                                tests2[n].key, NULL,
 
117
                                tests2[n].plaintext, tests2[n].ciphertext, 8))
 
118
                goto err;
 
119
        }
 
120
 
 
121
    /* Encrypt/decrypt with 3DES and compare to known answers */
 
122
    for(n=0 ; n < 2 ; ++n)
 
123
        {
 
124
        if (!fips_cipher_test(&ctx, EVP_des_ede3_ecb(),
 
125
                                tests3[n].key, NULL,
 
126
                                tests3[n].plaintext, tests3[n].ciphertext, 8))
 
127
                goto err;
 
128
        }
 
129
    ret = 1;
 
130
    err:
 
131
    EVP_CIPHER_CTX_cleanup(&ctx);
 
132
    if (ret == 0)
 
133
            FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED);
 
134
 
 
135
    return ret;
 
136
    }
 
137
#endif