OLD | NEW |
| (Empty) |
1 /* fips_hmactest.c */ | |
2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | |
3 * project 2005. | |
4 */ | |
5 /* ==================================================================== | |
6 * Copyright (c) 2005 The OpenSSL Project. All rights reserved. | |
7 * | |
8 * Redistribution and use in source and binary forms, with or without | |
9 * modification, are permitted provided that the following conditions | |
10 * are met: | |
11 * | |
12 * 1. Redistributions of source code must retain the above copyright | |
13 * notice, this list of conditions and the following disclaimer. | |
14 * | |
15 * 2. Redistributions in binary form must reproduce the above copyright | |
16 * notice, this list of conditions and the following disclaimer in | |
17 * the documentation and/or other materials provided with the | |
18 * distribution. | |
19 * | |
20 * 3. All advertising materials mentioning features or use of this | |
21 * software must display the following acknowledgment: | |
22 * "This product includes software developed by the OpenSSL Project | |
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | |
24 * | |
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | |
26 * endorse or promote products derived from this software without | |
27 * prior written permission. For written permission, please contact | |
28 * licensing@OpenSSL.org. | |
29 * | |
30 * 5. Products derived from this software may not be called "OpenSSL" | |
31 * nor may "OpenSSL" appear in their names without prior written | |
32 * permission of the OpenSSL Project. | |
33 * | |
34 * 6. Redistributions of any form whatsoever must retain the following | |
35 * acknowledgment: | |
36 * "This product includes software developed by the OpenSSL Project | |
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | |
38 * | |
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | |
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | |
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
50 * OF THE POSSIBILITY OF SUCH DAMAGE. | |
51 * ==================================================================== | |
52 * | |
53 * This product includes cryptographic software written by Eric Young | |
54 * (eay@cryptsoft.com). This product includes software written by Tim | |
55 * Hudson (tjh@cryptsoft.com). | |
56 * | |
57 */ | |
58 | |
59 #include <stdio.h> | |
60 #include <ctype.h> | |
61 #include <string.h> | |
62 #include <openssl/bio.h> | |
63 #include <openssl/evp.h> | |
64 #include <openssl/hmac.h> | |
65 #include <openssl/err.h> | |
66 #include <openssl/bn.h> | |
67 | |
68 #include <openssl/x509v3.h> | |
69 | |
70 #ifndef OPENSSL_FIPS | |
71 | |
72 int main(int argc, char *argv[]) | |
73 { | |
74 printf("No FIPS HMAC support\n"); | |
75 return(0); | |
76 } | |
77 | |
78 #else | |
79 | |
80 #include <openssl/fips.h> | |
81 #include "fips_utl.h" | |
82 | |
83 static int hmac_test(const EVP_MD *md, FILE *out, FILE *in); | |
84 static int print_hmac(const EVP_MD *md, FILE *out, | |
85 unsigned char *Key, int Klen, | |
86 unsigned char *Msg, int Msglen, int Tlen); | |
87 | |
88 int main(int argc, char **argv) | |
89 { | |
90 FILE *in = NULL, *out = NULL; | |
91 | |
92 int ret = 1; | |
93 | |
94 if(!FIPS_mode_set(1)) | |
95 { | |
96 do_print_errors(); | |
97 goto end; | |
98 } | |
99 | |
100 if (argc == 1) | |
101 in = stdin; | |
102 else | |
103 in = fopen(argv[1], "r"); | |
104 | |
105 if (argc < 2) | |
106 out = stdout; | |
107 else | |
108 out = fopen(argv[2], "w"); | |
109 | |
110 if (!in) | |
111 { | |
112 fprintf(stderr, "FATAL input initialization error\n"); | |
113 goto end; | |
114 } | |
115 | |
116 if (!out) | |
117 { | |
118 fprintf(stderr, "FATAL output initialization error\n"); | |
119 goto end; | |
120 } | |
121 | |
122 if (!hmac_test(EVP_sha1(), out, in)) | |
123 { | |
124 fprintf(stderr, "FATAL hmac file processing error\n"); | |
125 goto end; | |
126 } | |
127 else | |
128 ret = 0; | |
129 | |
130 end: | |
131 | |
132 if (ret) | |
133 do_print_errors(); | |
134 | |
135 if (in && (in != stdin)) | |
136 fclose(in); | |
137 if (out && (out != stdout)) | |
138 fclose(out); | |
139 | |
140 return ret; | |
141 | |
142 } | |
143 | |
144 #define HMAC_TEST_MAXLINELEN 1024 | |
145 | |
146 int hmac_test(const EVP_MD *md, FILE *out, FILE *in) | |
147 { | |
148 char *linebuf, *olinebuf, *p, *q; | |
149 char *keyword, *value; | |
150 unsigned char *Key = NULL, *Msg = NULL; | |
151 int Count, Klen, Tlen; | |
152 long Keylen, Msglen; | |
153 int ret = 0; | |
154 int lnum = 0; | |
155 | |
156 olinebuf = OPENSSL_malloc(HMAC_TEST_MAXLINELEN); | |
157 linebuf = OPENSSL_malloc(HMAC_TEST_MAXLINELEN); | |
158 | |
159 if (!linebuf || !olinebuf) | |
160 goto error; | |
161 | |
162 Count = -1; | |
163 Klen = -1; | |
164 Tlen = -1; | |
165 | |
166 while (fgets(olinebuf, HMAC_TEST_MAXLINELEN, in)) | |
167 { | |
168 lnum++; | |
169 strcpy(linebuf, olinebuf); | |
170 keyword = linebuf; | |
171 /* Skip leading space */ | |
172 while (isspace((unsigned char)*keyword)) | |
173 keyword++; | |
174 | |
175 /* Look for = sign */ | |
176 p = strchr(linebuf, '='); | |
177 | |
178 /* If no = or starts with [ (for [L=20] line) just copy */ | |
179 if (!p) | |
180 { | |
181 if (fputs(olinebuf, out) < 0) | |
182 goto error; | |
183 continue; | |
184 } | |
185 | |
186 q = p - 1; | |
187 | |
188 /* Remove trailing space */ | |
189 while (isspace((unsigned char)*q)) | |
190 *q-- = 0; | |
191 | |
192 *p = 0; | |
193 value = p + 1; | |
194 | |
195 /* Remove leading space from value */ | |
196 while (isspace((unsigned char)*value)) | |
197 value++; | |
198 | |
199 /* Remove trailing space from value */ | |
200 p = value + strlen(value) - 1; | |
201 | |
202 while (*p == '\n' || isspace((unsigned char)*p)) | |
203 *p-- = 0; | |
204 | |
205 if (!strcmp(keyword,"[L") && *p==']') | |
206 { | |
207 switch (atoi(value)) | |
208 { | |
209 case 20: md=EVP_sha1(); break; | |
210 case 28: md=EVP_sha224(); break; | |
211 case 32: md=EVP_sha256(); break; | |
212 case 48: md=EVP_sha384(); break; | |
213 case 64: md=EVP_sha512(); break; | |
214 default: goto parse_error; | |
215 } | |
216 } | |
217 else if (!strcmp(keyword, "Count")) | |
218 { | |
219 if (Count != -1) | |
220 goto parse_error; | |
221 Count = atoi(value); | |
222 if (Count < 0) | |
223 goto parse_error; | |
224 } | |
225 else if (!strcmp(keyword, "Klen")) | |
226 { | |
227 if (Klen != -1) | |
228 goto parse_error; | |
229 Klen = atoi(value); | |
230 if (Klen < 0) | |
231 goto parse_error; | |
232 } | |
233 else if (!strcmp(keyword, "Tlen")) | |
234 { | |
235 if (Tlen != -1) | |
236 goto parse_error; | |
237 Tlen = atoi(value); | |
238 if (Tlen < 0) | |
239 goto parse_error; | |
240 } | |
241 else if (!strcmp(keyword, "Msg")) | |
242 { | |
243 if (Msg) | |
244 goto parse_error; | |
245 Msg = hex2bin_m(value, &Msglen); | |
246 if (!Msg) | |
247 goto parse_error; | |
248 } | |
249 else if (!strcmp(keyword, "Key")) | |
250 { | |
251 if (Key) | |
252 goto parse_error; | |
253 Key = hex2bin_m(value, &Keylen); | |
254 if (!Key) | |
255 goto parse_error; | |
256 } | |
257 else if (!strcmp(keyword, "Mac")) | |
258 continue; | |
259 else | |
260 goto parse_error; | |
261 | |
262 fputs(olinebuf, out); | |
263 | |
264 if (Key && Msg && (Tlen > 0) && (Klen > 0)) | |
265 { | |
266 if (!print_hmac(md, out, Key, Klen, Msg, Msglen, Tlen)) | |
267 goto error; | |
268 OPENSSL_free(Key); | |
269 Key = NULL; | |
270 OPENSSL_free(Msg); | |
271 Msg = NULL; | |
272 Klen = -1; | |
273 Tlen = -1; | |
274 Count = -1; | |
275 } | |
276 | |
277 } | |
278 | |
279 | |
280 ret = 1; | |
281 | |
282 | |
283 error: | |
284 | |
285 if (olinebuf) | |
286 OPENSSL_free(olinebuf); | |
287 if (linebuf) | |
288 OPENSSL_free(linebuf); | |
289 if (Key) | |
290 OPENSSL_free(Key); | |
291 if (Msg) | |
292 OPENSSL_free(Msg); | |
293 | |
294 return ret; | |
295 | |
296 parse_error: | |
297 | |
298 fprintf(stderr, "FATAL parse error processing line %d\n", lnum); | |
299 | |
300 goto error; | |
301 | |
302 } | |
303 | |
304 static int print_hmac(const EVP_MD *emd, FILE *out, | |
305 unsigned char *Key, int Klen, | |
306 unsigned char *Msg, int Msglen, int Tlen) | |
307 { | |
308 int i, mdlen; | |
309 unsigned char md[EVP_MAX_MD_SIZE]; | |
310 if (!HMAC(emd, Key, Klen, Msg, Msglen, md, | |
311 (unsigned int *)&mdlen)) | |
312 { | |
313 fputs("Error calculating HMAC\n", stderr); | |
314 return 0; | |
315 } | |
316 if (Tlen > mdlen) | |
317 { | |
318 fputs("Parameter error, Tlen > HMAC length\n", stderr); | |
319 return 0; | |
320 } | |
321 fputs("Mac = ", out); | |
322 for (i = 0; i < Tlen; i++) | |
323 fprintf(out, "%02x", md[i]); | |
324 fputs("\n", out); | |
325 return 1; | |
326 } | |
327 | |
328 #endif | |
OLD | NEW |