diff options
| author | steve <steve> | 2005-01-26 20:00:21 +0000 |
|---|---|---|
| committer | steve <steve> | 2005-01-26 20:00:21 +0000 |
| commit | 5a764214308e0058c7ac5aff8a62a8a5647da256 (patch) | |
| tree | b6140536b5261fd1806e4bdf245e5cdfcee24973 | |
| parent | 9bab33fef30019a4b6771cbd9305e751ae48e439 (diff) | |
| download | openssl-5a764214308e0058c7ac5aff8a62a8a5647da256.tar.gz | |
FIPS algorithm blocking.
Non FIPS algorithms are not normally allowed in FIPS mode.
Any attempt to use them via high level functions will return an error.
The low level non-FIPS algorithm functions cannot return errors so they
produce assertion failures. HMAC also has to give an assertion error because
it (erroneously) can't return an error either.
There are exceptions (such as MD5 in TLS and non cryptographic use of
algorithms) and applications can override the blocking and use non FIPS
algorithms anyway.
For low level functions the override is perfomed by prefixing the algorithm
initalization function with "private_" for example private_MD5_Init().
For high level functions an override is performed by setting a flag in
the context.
53 files changed, 818 insertions, 372 deletions
diff --git a/apps/dgst.c b/apps/dgst.c index ad32877a0..9106b13fd 100644 --- a/apps/dgst.c +++ b/apps/dgst.c @@ -108,6 +108,7 @@ int MAIN(int argc, char **argv) char *engine=NULL; #endif char *hmac_key=NULL; + int non_fips_allow = 0; apps_startup(); @@ -192,6 +193,8 @@ int MAIN(int argc, char **argv) out_bin = 1; else if (strcmp(*argv,"-d") == 0) debug=1; + else if (strcmp(*argv,"-non-fips-allow") == 0) + non_fips_allow=1; else if (!strcmp(*argv,"-hmac")) { if (--argc < 1) @@ -342,6 +345,13 @@ int MAIN(int argc, char **argv) } } + if (non_fips_allow) + { + EVP_MD_CTX *md_ctx; + BIO_get_md_ctx(bmd,&md_ctx); + EVP_MD_CTX_set_flags(md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); + } + /* we use md as a filter, reading from 'in' */ if (!BIO_set_md(bmd,md)) { diff --git a/apps/pkcs12.c b/apps/pkcs12.c index eac28e54d..c961e6b57 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -109,7 +109,7 @@ int MAIN(int argc, char **argv) int maciter = PKCS12_DEFAULT_ITER; int twopass = 0; int keytype = 0; - int cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC; + int cert_pbe; int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; int ret = 1; int macver = 1; @@ -126,6 +126,13 @@ int MAIN(int argc, char **argv) apps_startup(); +#ifdef OPENSSL_FIPS + if (FIPS_mode()) + cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; + else +#endif + cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC; + enc = EVP_des_ede3_cbc(); if (bio_err == NULL ) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE); diff --git a/crypto/bf/bf_skey.c b/crypto/bf/bf_skey.c index 86574c0ac..fc5bebefc 100644 --- a/crypto/bf/bf_skey.c +++ b/crypto/bf/bf_skey.c @@ -58,21 +58,19 @@ #include <stdio.h> #include <string.h> -#include "blowfish.h" +#include <openssl/crypto.h> +#include <openssl/blowfish.h> #include "bf_locl.h" #include "bf_pi.h" -void BF_set_key(key,len,data) -BF_KEY *key; -int len; -unsigned char *data; +FIPS_NON_FIPS_VCIPHER_Init(BF) { int i; BF_LONG *p,ri,in[2]; - unsigned char *d,*end; + const unsigned char *d,*end; - memcpy((char *)key,(char *)&bf_init,sizeof(BF_KEY)); + memcpy(key,&bf_init,sizeof(BF_KEY)); p=key->P; if (len > ((BF_ROUNDS+2)*4)) len=(BF_ROUNDS+2)*4; diff --git a/crypto/bf/blowfish.h b/crypto/bf/blowfish.h index c4a8085a2..b4d877496 100644 --- a/crypto/bf/blowfish.h +++ b/crypto/bf/blowfish.h @@ -59,18 +59,41 @@ #ifndef HEADER_BLOWFISH_H #define HEADER_BLOWFISH_H +#include <openssl/e_os2.h> + #ifdef __cplusplus extern "C" { #endif +#ifdef OPENSSL_NO_BF +#error BF is disabled. +#endif + #define BF_ENCRYPT 1 #define BF_DECRYPT 0 -/* If you make this 'unsigned int' the pointer variants will work on - * the Alpha, otherwise they will not. Strangly using the '8 byte' - * BF_LONG and the default 'non-pointer' inner loop is the best configuration - * for the Alpha */ +/* + * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + * ! BF_LONG has to be at least 32 bits wide. If it's wider, then ! + * ! BF_LONG_LOG2 has to be defined along. ! + * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + */ + +#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__) +#define BF_LONG unsigned long +#elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__) #define BF_LONG unsigned long +#define BF_LONG_LOG2 3 +/* + * _CRAY note. I could declare short, but I have no idea what impact + * does it have on performance on none-T3E machines. I could declare + * int, but at least on C90 sizeof(int) can be chosen at compile time. + * So I've chosen long... + * <appro@fy.chalmers.se> + */ +#else +#define BF_LONG unsigned int +#endif #define BF_ROUNDS 16 #define BF_BLOCK 8 @@ -81,33 +104,24 @@ typedef struct bf_key_st BF_LONG S[4*256]; } BF_KEY; -#ifndef NOPROTO - -void BF_set_key(BF_KEY *key, int len, unsigned char *data); -void BF_ecb_encrypt(unsigned char *in,unsigned char *out,BF_KEY *key, - int enc); -void BF_encrypt(BF_LONG *data,BF_KEY *key); -void BF_decrypt(BF_LONG *data,BF_KEY *key); -void BF_cbc_encrypt(unsigned char *in, unsigned char *out, long length, - BF_KEY *ks, unsigned char *iv, int enc); -void BF_cfb64_encrypt(unsigned char *in, unsigned char *out, long length, - BF_KEY *schedule, unsigned char *ivec, int *num, int enc); -void BF_ofb64_encrypt(unsigned char *in, unsigned char *out, long length, - BF_KEY *schedule, unsigned char *ivec, int *num); -char *BF_options(void); -#else +#ifdef OPENSSL_FIPS +void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data); +#endif +void BF_set_key(BF_KEY *key, int len, const unsigned char *data); -void BF_set_key(); -void BF_ecb_encrypt(); -void BF_encrypt(); -void BF_decrypt(); -void BF_cbc_encrypt(); -void BF_cfb64_encrypt(); -void BF_ofb64_encrypt(); -char *BF_options(); +void BF_encrypt(BF_LONG *data,const BF_KEY *key); +void BF_decrypt(BF_LONG *data,const BF_KEY *key); -#endif +void BF_ecb_encrypt(const unsigned char *in, unsigned char *out, + const BF_KEY *key, int enc); +void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, + const BF_KEY *schedule, unsigned char *ivec, int enc); +void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length, + const BF_KEY *schedule, unsigned char *ivec, int *num, int enc); +void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length, + const BF_KEY *schedule, unsigned char *ivec, int *num); +const char *BF_options(void); #ifdef __cplusplus } diff --git a/crypto/cast/c_skey.c b/crypto/cast/c_skey.c index 2fc3363dc..dc4791a8c 100644 --- a/crypto/cast/c_skey.c +++ b/crypto/cast/c_skey.c @@ -56,7 +56,9 @@ * [including the GNU Public Licence.] */ -#include "cast.h" +#include <openssl/crypto.h> +#include <openssl/cast.h> + #include "cast_lcl.h" #include "cast_s.h" @@ -72,10 +74,7 @@ #define S6 CAST_S_table6 #define S7 CAST_S_table7 -void CAST_set_key(key,len,data) -CAST_KEY *key; -int len; -unsigned char *data; +FIPS_NON_FIPS_VCIPHER_Init(CAST) { CAST_LONG x[16]; CAST_LONG z[16]; @@ -88,6 +87,10 @@ unsigned char *data; if (len > 16) len=16; for (i=0; i<len; i++) x[i]=data[i]; + if(len <= 10) + key->short_key=1; + else + key->short_key=0; K= &k[0]; X[0]=((x[ 0]<<24)|(x[ 1]<<16)|(x[ 2]<<8)|x[ 3])&0xffffffffL; diff --git a/crypto/cast/cast.h b/crypto/cast/cast.h index 528cb7c82..9e300178d 100644 --- a/crypto/cast/cast.h +++ b/crypto/cast/cast.h @@ -63,6 +63,10 @@ extern "C" { #endif +#ifdef OPENSSL_NO_CAST +#error CAST is disabled. +#endif + #define CAST_ENCRYPT 1 #define CAST_DECRYPT 0 @@ -74,33 +78,26 @@ extern "C" { typedef struct cast_key_st { CAST_LONG data[32]; + int short_key; /* Use reduced rounds for short key */ } CAST_KEY; -#ifndef NOPROTO - -void CAST_set_key(CAST_KEY *key, int len, unsigned char *data); -void CAST_ecb_encrypt(unsigned char *in,unsigned char *out,CAST_KEY *key, - int enc); -void CAST_encrypt(CAST_LONG *data,CAST_KEY *key); -void CAST_decrypt(CAST_LONG *data,CAST_KEY *key); -void CAST_cbc_encrypt(unsigned char *in, unsigned char *out, long length, - CAST_KEY *ks, unsigned char *iv, int enc); -void CAST_cfb64_encrypt(unsigned char *in, unsigned char *out, long length, - CAST_KEY *schedule, unsigned char *ivec, int *num, int enc); -void CAST_ofb64_encrypt(unsigned char *in, unsigned char *out, long length, - CAST_KEY *schedule, unsigned char *ivec, int *num); - -#else - -void CAST_set_key(); -void CAST_ecb_encrypt(); -void CAST_encrypt(); -void CAST_decrypt(); -void CAST_cbc_encrypt(); -void CAST_cfb64_encrypt(); -void CAST_ofb64_encrypt(); +#ifdef OPENSSL_FIPS +void private_CAST_set_key(CAST_KEY *key, int len, const unsigned char *data); #endif +void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data); +void CAST_ecb_encrypt(const unsigned char *in,unsigned char *out,CAST_KEY *key, + int enc); +void CAST_encrypt(CAST_LONG *data,CAST_KEY *key); +void CAST_decrypt(CAST_LONG *data,CAST_KEY *key); +void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, + CAST_KEY *ks, unsigned char *iv, int enc); +void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out, + long length, CAST_KEY *schedule, unsigned char *ivec, + int *num, int enc); +void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out, + long length, CAST_KEY *schedule, unsigned char *ivec, + int *num); #ifdef __cplusplus } diff --git a/crypto/crypto.h b/crypto/crypto.h index b779a14d1..383090c32 100644 --- a/crypto/crypto.h +++ b/crypto/crypto.h @@ -439,6 +439,55 @@ void OpenSSLDie(const char *file,int line,const char *assertion); #ifdef OPENSSL_FIPS int FIPS_mode(void); void *FIPS_rand_check(void); + +#define FIPS_BAD_ABORT(alg) OpenSSLDie(__FILE__, __LINE__, \ + #alg " Algorithm forbidden in FIPS mode"); + +#ifdef OPENSSL_FIPS_STRICT +#define FIPS_BAD_ALGORITHM(alg) FIPS_BAD_ABORT(alg) +#else +#define FIPS_BAD_ALGORITHM(alg) \ + { \ + FIPSerr(FIPS_F_HASH_FINAL,FIPS_R_NON_FIPS_METHOD); \ + ERR_add_error_data(2, "Algorithm=", #alg); \ + return 0; \ + } +#endif + +/* Low level digest API blocking macro */ + +#define FIPS_NON_FIPS_MD_Init(alg) \ + int alg##_Init(alg##_CTX *c) \ + { \ + if (FIPS_mode()) \ + FIPS_BAD_ALGORITHM(alg) \ + return private_##alg##_Init(c); \ + } \ + int private_##alg##_Init(alg##_CTX *c) + +/* For ciphers the API often varies from cipher to cipher and each needs to + * be treated as a special case. Variable key length ciphers (Blowfish, RC4, + * CAST) however are very similar and can use a blocking macro. + */ + +#define FIPS_NON_FIPS_VCIPHER_Init(alg) \ + void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data) \ + { \ + if (FIPS_mode()) \ + FIPS_BAD_ABORT(alg) \ + private_##alg##_set_key(key, len, data); \ + } \ + void private_##alg##_set_key(alg##_KEY *key, int len, \ + const unsigned char *data) + +#else + +#define FIPS_NON_FIPS_VCIPHER_Init(alg) \ + void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data) + +#define FIPS_NON_FIPS_MD_Init(alg) \ + int alg##_Init(alg##_CTX *c) + #endif /* def OPENSSL_FIPS */ /* BEGIN ERROR CODES */ diff --git a/crypto/evp/bio_md.c b/crypto/evp/bio_md.c index e4a4d663c..f4aa41ac4 100644 --- a/crypto/evp/bio_md.c +++ b/crypto/evp/bio_md.c @@ -192,13 +192,8 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr) ret=0; break; case BIO_C_GET_MD_CTX: - if (b->init) - { - pctx=ptr; - *pctx=ctx; - } - else - ret=0; + pctx=ptr; + *pctx=ctx; break; case BIO_C_SET_MD_CTX: if (b->init) diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index 0623ddf1f..2b6480fdd 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -195,6 +195,17 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) #endif if (ctx->digest != type) { +#ifdef OPENSSL_FIPS + if (FIPS_mode()) + { + if (!(type->flags & EVP_MD_FLAG_FIPS) + && !(ctx->flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)) + { + EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_DISABLED_FOR_FIPS); + return 0; + } + } +#endif if (ctx->digest && ctx->digest->ctx_size) OPENSSL_free(ctx->md_data); ctx->digest=type; diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c index 9844d7f9b..f35036c9d 100644 --- a/crypto/evp/e_aes.c +++ b/crypto/evp/e_aes.c @@ -67,32 +67,32 @@ typedef struct IMPLEMENT_BLOCK_CIPHER(aes_128, ks, AES, EVP_AES_KEY, NID_aes_128, 16, 16, 16, 128, - 0, aes_init_key, NULL, + EVP_CIPH_FLAG_FIPS, aes_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) IMPLEMENT_BLOCK_CIPHER(aes_192, ks, AES, EVP_AES_KEY, NID_aes_192, 16, 24, 16, 128, - 0, aes_init_key, NULL, + EVP_CIPH_FLAG_FIPS, aes_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY, NID_aes_256, 16, 32, 16, 128, - 0, aes_init_key, NULL, + EVP_CIPH_FLAG_FIPS, aes_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) -#define IMPLEMENT_AES_CFBR(ksize,cbits) IMPLEMENT_CFBR(aes,AES,EVP_AES_KEY,ks,ksize,cbits,16) +#define IMPLEMENT_AES_CFBR(ksize,cbits,flags) IMPLEMENT_CFBR(aes,AES,EVP_AES_KEY,ks,ksize,cbits,16,flags) -IMPLEMENT_AES_CFBR(128,1) -IMPLEMENT_AES_CFBR(192,1) -IMPLEMENT_AES_CFBR(256,1) +IMPLEMENT_AES_CFBR(128,1,0) +IMPLEMENT_AES_CFBR(192,1,0) +IMPLEMENT_AES_CFBR(256,1,0) -IMPLEMENT_AES_CFBR(128,8) -IMPLEMENT_AES_CFBR(192,8) -IMPLEMENT_AES_CFBR(256,8) +IMPLEMENT_AES_CFBR(128,8,EVP_CIPH_FLAG_FIPS) +IMPLEMENT_AES_CFBR(192,8,EVP_CIPH_FLAG_FIPS) +IMPLEMENT_AES_CFBR(256,8,EVP_CIPH_FLAG_FIPS) static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) diff --git a/crypto/evp/e_des.c b/crypto/evp/e_des.c index f2554ecc6..46e289982 100644 --- a/crypto/evp/e_des.c +++ b/crypto/evp/e_des.c @@ -127,16 +127,18 @@ static int des_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, } BLOCK_CIPHER_defs(des, DES_key_schedule, NID_des, 8, 8, 8, 64, - 0, des_init_key, NULL, + EVP_CIPH_FLAG_FIPS, des_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) -BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,1,0,des_init_key,NULL, +BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,1, + EVP_CIPH_FLAG_FIPS,des_init_key,NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv,NULL) -BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,8,0,des_init_key,NULL, +BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,8, + EVP_CIPH_FLAG_FIPS,des_init_key,NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv,NULL) diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c index b462d7c6a..677322bf0 100644 --- a/crypto/evp/e_des3.c +++ b/crypto/evp/e_des3.c @@ -160,7 +160,7 @@ static int des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, } BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64, - 0, des_ede_init_key, NULL, + EVP_CIPH_FLAG_FIPS, des_ede_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) @@ -171,18 +171,18 @@ BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64, #define des_ede3_ecb_cipher des_ede_ecb_cipher BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64, - 0, des_ede3_init_key, NULL, + EVP_CIPH_FLAG_FIPS, des_ede3_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) -BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,1,0, - des_ede3_init_key,NULL, +BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,1, + EVP_CIPH_FLAG_FIPS, des_ede3_init_key,NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv,NULL) -BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,8,0, - des_ede3_init_key,NULL, +BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,8, + EVP_CIPH_FLAG_FIPS, des_ede3_init_key,NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv,NULL) diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index 115878ff1..8aab0a5cb 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -117,6 +117,10 @@ #include <openssl/aes.h> #endif +#ifdef OPENSSL_FIPS +#include <openssl/fips.h> +#endif + /* #define EVP_RC2_KEY_SIZE 16 #define EVP_RC4_KEY_SIZE 16 @@ -290,6 +294,7 @@ struct env_md_st #define EVP_MD_FLAG_ONESHOT 0x0001 /* digest can only handle a single * block */ +#define EVP_MD_FLAG_FIPS 0x0400 /* Note if suitable for use in FIPS mode */ #define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0} @@ -332,6 +337,9 @@ struct env_md_ctx_st #define EVP_MD_CTX_FLAG_REUSE 0x0004 /* Don't free up ctx->md_data * in EVP_MD_CTX_cleanup */ +#define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008 /* Allow use of non FIPS digest + * in FIPS mode */ + struct evp_cipher_st { int nid; @@ -373,6 +381,10 @@ struct evp_cipher_st #define EVP_CIPH_CUSTOM_KEY_LENGTH 0x80 /* Don't use standard block padding */ #define EVP_CIPH_NO_PADDING 0x100 +/* Note if suitable for use in FIPS mode */ +#define EVP_CIPH_FLAG_FIPS 0x400 +/* Allow non FIPS cipher in FIPS mode */ +#define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x800 /* ctrl() values */ @@ -853,12 +865,16 @@ void ERR_load_EVP_strings(void); /* Function codes. */ #define EVP_F_AES_INIT_KEY 129 #define EVP_F_D2I_PKEY 100 +#define EVP_F_EVP_ADD_CIPHER 130 +#define EVP_F_EVP_ADD_DIGEST 131 #define EVP_F_EVP_CIPHERINIT 123 #define EVP_F_EVP_CIPHER_CTX_CTRL 124 #define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122 #define EVP_F_EVP_DECRYPTFINAL 101 #define EVP_F_EVP_DIGESTINIT 128 #define EVP_F_EVP_ENCRYPTFINAL 127 +#define EVP_F_EVP_GET_CIPHERBYNAME 132 +#define EVP_F_EVP_GET_DIGESTBYNAME 133 #define EVP_F_EVP_MD_CTX_COPY 110 #define EVP_F_EVP_OPENINIT 102 #define EVP_F_EVP_PBE_ALG_ADD 115 @@ -894,6 +910,7 @@ void ERR_load_EVP_strings(void); #define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138 #define EVP_R_DECODE_ERROR 114 #define EVP_R_DIFFERENT_KEY_TYPES 101 +#define EVP_R_DISABLED_FOR_FIPS 141 #define EVP_R_ENCODE_ERROR 115 #define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119 #define EVP_R_EXPECTING_AN_RSA_KEY 127 diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index 8ea5aa935..d8ff552d3 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -146,7 +146,18 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp else ctx->engine = NULL; #endif - +#ifdef OPENSSL_FIPS + if (FIPS_mode()) + { + if (!(cipher->flags & EVP_CIPH_FLAG_FIPS) + & !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW)) + { + EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_DISABLED_FOR_FIPS); + ERR_add_error_data(2, "cipher=", EVP_CIPHER_name(cipher)); + return 0; + } + } +#endif ctx->cipher=cipher; if (ctx->cipher->ctx_size) { @@ -271,6 +282,9 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, int i,j,bl; OPENSSL_assert(inl > 0); +#ifdef OPENSSL_FIPS + OPENSSL_assert(!FIPS_mode() || ctx->cipher->flags & EVP_CIPH_FLAG_FIPS); +#endif if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0) { if(ctx->cipher->do_cipher(ctx,out,in,inl)) diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c index be6d44252..40135d072 100644 --- a/crypto/evp/evp_err.c +++ b/crypto/evp/evp_err.c @@ -1,6 +1,6 @@ /* crypto/evp/evp_err.c */ /* ==================================================================== - * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -68,12 +68,16 @@ static ERR_STRING_DATA EVP_str_functs[]= { {ERR_PACK(0,EVP_F_AES_INIT_KEY,0), "AES_INIT_KEY"}, {ERR_PACK(0,EVP_F_D2I_PKEY,0), "D2I_PKEY"}, +{ERR_PACK(0,EVP_F_EVP_ADD_CIPHER,0), "EVP_add_cipher"}, +{ERR_PACK(0,EVP_F_EVP_ADD_DIGEST,0), "EVP_add_digest"}, {ERR_PACK(0,EVP_F_EVP_CIPHERINIT,0), "EVP_CipherInit"}, {ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_CTRL,0), "EVP_CIPHER_CTX_ctrl"}, {ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,0), "EVP_CIPHER_CTX_set_key_length"}, {ERR_PACK(0,EVP_F_EVP_DECRYPTFINAL,0), "EVP_DecryptFinal"}, {ERR_PACK(0,EVP_F_EVP_DIGESTINIT,0), "EVP_DigestInit"}, {ERR_PACK(0,EVP_F_EVP_ENCRYPTFINAL,0), "EVP_EncryptFinal"}, +{ERR_PACK(0,EVP_F_EVP_GET_CIPHERBYNAME,0), "EVP_get_cipherbyname"}, +{ERR_PACK(0,EVP_F_EVP_GET_DIGESTBYNAME,0), "EVP_get_digestbyname"}, {ERR_PACK(0,EVP_F_EVP_MD_CTX_COPY,0), "EVP_MD_CTX_copy"}, {ERR_PACK(0,EVP_F_EVP_OPENINIT,0), "EVP_OpenInit"}, {ERR_PACK(0,EVP_F_EVP_PBE_ALG_ADD,0), "EVP_PBE_alg_add"}, @@ -112,6 +116,7 @@ static ERR_STRING_DATA EVP_str_reasons[]= {EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH ,"data not multiple of block length"}, {EVP_R_DECODE_ERROR ,"decode error"}, {EVP_R_DIFFERENT_KEY_TYPES ,"different key types"}, +{EVP_R_DISABLED_FOR_FIPS ,"disabled for fips"}, {EVP_R_ENCODE_ERROR ,"encode error"}, {EVP_R_EVP_PBE_CIPHERINIT_ERROR ,"evp pbe cipherinit error"}, {EVP_R_EXPECTING_AN_RSA_KEY ,"expecting an rsa key"}, diff --git a/crypto/evp/evp_locl.h b/crypto/evp/evp_locl.h index 2204e345a..845f222ee 100644 --- a/crypto/evp/evp_locl.h +++ b/crypto/evp/evp_locl.h @@ -226,11 +226,26 @@ const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; } #define EVP_C_DATA(kstruct, ctx) ((kstruct *)(ctx)->cipher_data) -#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len) \ +#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len,flags) \ BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \ BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \ NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \ - 0, cipher##_init_key, NULL, \ + flags, cipher##_init_key, NULL, \ EVP_CIPHER_set_asn1_iv, \ EVP_CIPHER_get_asn1_iv, \ NULL) + +#ifdef OPENSSL_FIPS +#define RC2_set_key private_RC2_set_key +#define RC4_set_key private_RC4_set_key +#define CAST_set_key private_CAST_set_key +#define RC5_32_set_key private_RC5_32_set_key +#define BF_set_key private_BF_set_key + +#define MD5_Init private_MD5_Init +#define MD4_Init private_MD4_Init +#define MD2_Init private_MD2_Init +#define MDC2_Init private_MDC2_Init +#define SHA_Init private_SHA_Init + +#endif diff --git a/crypto/evp/m_dss.c b/crypto/evp/m_dss.c index 3549b1699..d393eb340 100644 --- a/crypto/evp/m_dss.c +++ b/crypto/evp/m_dss.c @@ -58,25 +58,38 @@ #include <stdio.h> #include "cryptlib.h" -#include "evp.h" -#include "objects.h" -#include "x509.h" +#include <openssl/evp.h> +#include <openssl/objects.h> +#include <openssl/x509.h> -static EVP_MD dsa_md= +#ifndef OPENSSL_NO_SHA +static int init(EVP_MD_CTX *ctx) + { return SHA1_Init(ctx->md_data); } + +static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) + { return SHA1_Update(ctx->md_data,data,count); } + +static int final(EVP_MD_CTX *ctx,unsigned char *md) + { return SHA1_Final(md,ctx->md_data); } + +static const EVP_MD dsa_md= { NID_dsaWithSHA, NID_dsaWithSHA, SHA_DIGEST_LENGTH, - SHA1_Init, - SHA1_Update, - SHA1_Final, + EVP_MD_FLAG_FIPS, + init, + update, + final, + NULL, + NULL, EVP_PKEY_DSA_method, SHA_CBLOCK, sizeof(EVP_MD *)+sizeof(SHA_CTX), }; -EVP_MD *EVP_dss() +const EVP_MD *EVP_dss(void) { return(&dsa_md); } - +#endif diff --git a/crypto/evp/m_md2.c b/crypto/evp/m_md2.c index 220941614..0df48e519 100644 --- a/crypto/evp/m_md2.c +++ b/crypto/evp/m_md2.c @@ -56,27 +56,42 @@ * [including the GNU Public Licence.] */ +#ifndef OPENSSL_NO_MD2 #include <stdio.h> #include "cryptlib.h" -#include "evp.h" -#include "objects.h" -#include "x509.h" +#include <openssl/evp.h> +#include "evp_locl.h" +#include <openssl/objects.h> +#include <openssl/x509.h> +#include <openssl/md2.h> -static EVP_MD md2_md= +static int init(EVP_MD_CTX *ctx) + { return MD2_Init(ctx->md_data); } + +static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) + { return MD2_Update(ctx->md_data,data,count); } + +static int final(EVP_MD_CTX *ctx,unsigned char *md) + { return MD2_Final(md,ctx->md_data); } + +static const EVP_MD md2_md= { NID_md2, NID_md2WithRSAEncryption, MD2_DIGEST_LENGTH, - MD2_Init, - MD2_Update, - MD2_Final, + 0, + init, + update, + final, + NULL, + NULL, EVP_PKEY_RSA_method, MD2_BLOCK, sizeof(EVP_MD *)+sizeof(MD2_CTX), }; -EVP_MD *EVP_md2() +const EVP_MD *EVP_md2(void) { return(&md2_md); } - +#endif diff --git a/crypto/evp/m_md4.c b/crypto/evp/m_md4.c new file mode 100644 index 000000000..0605e4b70 --- /dev/null +++ b/crypto/evp/m_md4.c @@ -0,0 +1,97 @@ +/* crypto/evp/m_md4.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef OPENSSL_NO_MD4 +#include <stdio.h> +#include "cryptlib.h" +#include <openssl/evp.h> +#include "evp_locl.h" +#include <openssl/objects.h> +#include <openssl/x509.h> +#include <openssl/md4.h> + +static int init(EVP_MD_CTX *ctx) + { return MD4_Init(ctx->md_data); } + +static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) + { return MD4_Update(ctx->md_data,data,count); } + +static int final(EVP_MD_CTX *ctx,unsigned char *md) + { return MD4_Final(md,ctx->md_data); } + +static const EVP_MD md4_md= + { + NID_md4, + NID_md4WithRSAEncryption, + MD4_DIGEST_LENGTH, + 0, + init, + update, + final, + NULL, + NULL, + EVP_PKEY_RSA_method, + MD4_CBLOCK, + sizeof(EVP_MD *)+sizeof(MD4_CTX), + }; + +const EVP_MD *EVP_md4(void) + { + return(&md4_md); + } +#endif diff --git a/crypto/evp/m_md5.c b/crypto/evp/m_md5.c index d65db9aa1..752615d47 100644 --- a/crypto/evp/m_md5.c +++ b/crypto/evp/m_md5.c @@ -56,26 +56,42 @@ * [including the GNU Public Licence.] */ +#ifndef OPENSSL_NO_MD5 #include <stdio.h> #include "cryptlib.h" -#include "evp.h" -#include "objects.h" -#include "x509.h" +#include <openssl/evp.h> +#include "evp_locl.h" +#include <openssl/objects.h> +#include <openssl/x509.h> +#include <openssl/md5.h> -static EVP_MD md5_md= +static int init(EVP_MD_CTX *ctx) + { return MD5_Init(ctx->md_data); } + +static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) + { return MD5_Update(ctx->md_data,data,count); } + +static int final(EVP_MD_CTX *ctx,unsigned char *md) + { return MD5_Final(md,ctx->md_data); } + +static const EVP_MD md5_md= { NID_md5, NID_md5WithRSAEncryption, MD5_DIGEST_LENGTH, - MD5_Init, - MD5_Update, - MD5_Final, + 0, + init, + update, + final, + NULL, + NULL, EVP_PKEY_RSA_method, MD5_CBLOCK, sizeof(EVP_MD *)+sizeof(MD5_CTX), }; -EVP_MD *EVP_md5() +const EVP_MD *EVP_md5(void) { return(&md5_md); } +#endif diff --git a/crypto/evp/m_mdc2.c b/crypto/evp/m_mdc2.c index 64a853eb7..62de1336b 100644 --- a/crypto/evp/m_mdc2.c +++ b/crypto/evp/m_mdc2.c @@ -56,26 +56,42 @@ * [including the GNU Public Licence.] */ +#ifndef OPENSSL_NO_MDC2 #include <stdio.h> #include "cryptlib.h" -#include "evp.h" -#include "objects.h" -#include "x509.h" +#include <openssl/evp.h> +#include "evp_locl.h" +#include <openssl/objects.h> +#include <openssl/x509.h> +#include <openssl/mdc2.h> -static EVP_MD mdc2_md= +static int init(EVP_MD_CTX *ctx) + { return MDC2_Init(ctx->md_data); } + +static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) + { return MDC2_Update(ctx->md_data,data,count); } + +static int final(EVP_MD_CTX *ctx,unsigned char *md) + { return MDC2_Final(md,ctx->md_data); } + +static const EVP_MD mdc2_md= { NID_mdc2, NID_mdc2WithRSA, MDC2_DIGEST_LENGTH, - MDC2_Init, - MDC2_Update, - MDC2_Final, + 0, + init, + update, + final, + NULL, + NULL, EVP_PKEY_RSA_ASN1_OCTET_STRING_method, MDC2_BLOCK, sizeof(EVP_MD *)+sizeof(MDC2_CTX), }; -EVP_MD *EVP_mdc2() +const EVP_MD *EVP_mdc2(void) { return(&mdc2_md); } +#endif diff --git a/crypto/evp/m_sha.c b/crypto/evp/m_sha.c index ada740653..d1785e5f7 100644 --- a/crypto/evp/m_sha.c +++ b/crypto/evp/m_sha.c @@ -60,6 +60,7 @@ #include <stdio.h> #include "cryptlib.h" #include <openssl/evp.h> +#include "evp_locl.h" #include <openssl/objects.h> #include <openssl/x509.h> diff --git a/crypto/evp/m_sha1.c b/crypto/evp/m_sha1.c index 87135a9cf..fe4402389 100644 --- a/crypto/evp/m_sha1.c +++ b/crypto/evp/m_sha1.c @@ -56,26 +56,40 @@ * [including the GNU Public Licence.] */ +#ifndef OPENSSL_NO_SHA #include <stdio.h> #include "cryptlib.h" -#include "evp.h" -#include "objects.h" -#include "x509.h" +#include <openssl/evp.h> +#include <openssl/objects.h> +#include <openssl/x509.h> -static EVP_MD sha1_md= +static int init(EVP_MD_CTX *ctx) + { return SHA1_Init(ctx->md_data); } + +static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count) + { return SHA1_Update(ctx->md_data,data,count); } + +static int final(EVP_MD_CTX *ctx,unsigned char *md) + { return SHA1_Final(md,ctx->md_data); } + +static const EVP_MD sha1_md= { NID_sha1, NID_sha1WithRSAEncryption, SHA_DIGEST_LENGTH, - SHA1_Init, - SHA1_Update, - SHA1_Final, + EVP_MD_FLAG_FIPS, + init, + update, + final, + NULL, + NULL, EVP_PKEY_RSA_method, SHA_CBLOCK, sizeof(EVP_MD *)+sizeof(SHA_CTX), }; -EVP_MD *EVP_sha1() +const EVP_MD *EVP_sha1(void) { return(&sha1_md); } +#endif diff --git a/crypto/evp/names.c b/crypto/evp/names.c index 4cc715606..771245304 100644 --- a/crypto/evp/names.c +++ b/crypto/evp/names.c @@ -58,11 +58,14 @@ #include <stdio.h> #include "cryptlib.h" -#include "evp.h" -#include "objects.h" +#include <openssl/evp.h> +#include <openssl/objects.h> +#include <openssl/x509.h> +#ifdef OPENSSL_FIPS +#include <openssl/fips.h> +#endif -int EVP_add_cipher(c) -EVP_CIPHER *c; +int EVP_add_cipher(const EVP_CIPHER *c) { int r; @@ -72,11 +75,10 @@ EVP_CIPHER *c; return(r); } -int EVP_add_digest(md) -EVP_MD *md; +int EVP_add_digest(const EVP_MD *md) { int r; - char *name; + const char *name; name=OBJ_nid2sn(md->type); r=OBJ_NAME_add(name,OBJ_NAME_TYPE_MD_METH,(char *)md); @@ -95,26 +97,30 @@ EVP_MD *md; return(r); } -EVP_CIPHER *EVP_get_cipherbyname(name) -char *name; +const EVP_CIPHER *EVP_get_cipherbyname(const char *name) { - EVP_CIPHER *cp; + const EVP_CIPHER *cp; - cp=(EVP_CIPHER *)OBJ_NAME_get(name,OBJ_NAME_TYPE_CIPHER_METH); + cp=(const EVP_CIPHER *)OBJ_NAME_get(name,OBJ_NAME_TYPE_CIPHER_METH); return(cp); } -EVP_MD *EVP_get_digestbyname(name) -char *name; +const EVP_MD *EVP_get_digestbyname(const char *name) { - EVP_MD *cp; + const EVP_MD *cp; - cp=(EVP_MD *)OBJ_NAME_get(name,OBJ_NAME_TYPE_MD_METH); + cp=(const EVP_MD *)OBJ_NAME_get(name,OBJ_NAME_TYPE_MD_METH); return(cp); } -void EVP_cleanup() +void EVP_cleanup(void) { OBJ_NAME_cleanup(OBJ_NAME_TYPE_CIPHER_METH); OBJ_NAME_cleanup(OBJ_NAME_TYPE_MD_METH); + /* The above calls will only clean out the contents of the name + hash table, but not the hash table itself. The following line + does that part. -- Richard Levitte */ + OBJ_NAME_cleanup(-1); + + EVP_PBE_cleanup(); } diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c index 4c91f919d..f4ea6ab29 100644 --- a/crypto/hmac/hmac.c +++ b/crypto/hmac/hmac.c @@ -171,3 +171,10 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, return(md); } +void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags) + { + EVP_MD_CTX_set_flags(&ctx->i_ctx, flags); + EVP_MD_CTX_set_flags(&ctx->o_ctx, flags); + EVP_MD_CTX_set_flags(&ctx->md_ctx, flags); + } + diff --git a/crypto/hmac/hmac.h b/crypto/hmac/hmac.h index 0364a1fcb..294ab3b36 100644 --- a/crypto/hmac/hmac.h +++ b/crypto/hmac/hmac.h @@ -98,6 +98,7 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, const unsigned char *d, int n, unsigned char *md, unsigned int *md_len); +void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags); #ifdef __cplusplus } diff --git a/crypto/idea/i_skey.c b/crypto/idea/i_skey.c index 00fcc1e58..794d1258e 100644 --- a/crypto/idea/i_skey.c +++ b/crypto/idea/i_skey.c @@ -56,18 +56,24 @@ * [including the GNU Public Licence.] */ -#include "idea.h" +#include <openssl/idea.h> +#include <openssl/crypto.h> #include "idea_lcl.h" -#ifndef NOPROTO static IDEA_INT inverse(unsigned int xin); + +#ifdef OPENSSL_FIPS +void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks) + { + if (FIPS_mode()) + FIPS_BAD_ABORT(IDEA) + private_idea_set_encrypt_key(key, ks); + } +void private_idea_set_encrypt_key(const unsigned char *key, + IDEA_KEY_SCHEDULE *ks) #else -static IDEA_INT inverse(); +void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks) #endif - -void idea_set_encrypt_key(key, ks) -unsigned char *key; -IDEA_KEY_SCHEDULE *ks; { int i; register IDEA_INT *kt,*kf,r0,r1,r2; @@ -101,9 +107,7 @@ IDEA_KEY_SCHEDULE *ks; } } -void idea_set_decrypt_key(ek, dk) -IDEA_KEY_SCHEDULE *ek; -IDEA_KEY_SCHEDULE *dk; +void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk) { int r; register IDEA_INT *fp,*tp,t; @@ -133,8 +137,7 @@ IDEA_KEY_SCHEDULE *dk; } /* taken directly from the 'paper' I'll have a look at it later */ -static IDEA_INT inverse(xin) -unsigned int xin; +static IDEA_INT inverse(unsigned int xin) { long n1,n2,q,r,b1,b2,t; diff --git a/crypto/idea/idea.h b/crypto/idea/idea.h index e0eb4e0d6..bf41844fd 100644 --- a/crypto/idea/idea.h +++ b/crypto/idea/idea.h @@ -1,4 +1,4 @@ -/* crypto/idea/idea.org */ +/* crypto/idea/idea.h */ /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -56,59 +56,46 @@ * [including the GNU Public Licence.] */ -/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING - * - * Always modify idea.org since idea.h is automatically generated from - * it during SSLeay configuration. - * - * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING - */ - - #ifndef HEADER_IDEA_H #define HEADER_IDEA_H -#ifdef __cplusplus -extern "C" { +#ifdef OPENSSL_NO_IDEA +#error IDEA is disabled. #endif #define IDEA_ENCRYPT 1 #define IDEA_DECRYPT 0 -#define IDEA_INT unsigned int +#include <openssl/opensslconf.h> /* IDEA_INT */ #define IDEA_BLOCK 8 #define IDEA_KEY_LENGTH 16 +#ifdef __cplusplus +extern "C" { +#endif + typedef struct idea_key_st { IDEA_INT data[9][6]; } IDEA_KEY_SCHEDULE; -#ifndef NOPROTO -char *idea_options(void); -void idea_ecb_encrypt(unsigned char *in, unsigned char *out, +const char *idea_options(void); +void idea_ecb_encrypt(const unsigned char *in, unsigned char *out, IDEA_KEY_SCHEDULE *ks); -void idea_set_encrypt_key(unsigned char *key, IDEA_KEY_SCHEDULE *ks); +#ifdef OPENSSL_FIPS +void private_idea_set_encrypt_key(const unsigned char *key, + IDEA_KEY_SCHEDULE *ks); +#endif +void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks); void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk); -void idea_cbc_encrypt(unsigned char *in, unsigned char *out, +void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,int enc); -void idea_cfb64_encrypt(unsigned char *in, unsigned char *out, +void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int *num,int enc); -void idea_ofb64_encrypt(unsigned char *in, unsigned char *out, +void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int *num); void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks); -#else -char *idea_options(); -void idea_ecb_encrypt(); -void idea_set_encrypt_key(); -void idea_set_decrypt_key(); -void idea_cbc_encrypt(); -void idea_cfb64_encrypt(); -void idea_ofb64_encrypt(); -void idea_encrypt(); -#endif - #ifdef __cplusplus } #endif diff --git a/crypto/md2/md2.h b/crypto/md2/md2.h index 9f3993379..d0ef9da08 100644 --- a/crypto/md2/md2.h +++ b/crypto/md2/md2.h @@ -1,4 +1,4 @@ -/* crypto/md/md2.org */ +/* crypto/md/md2.h */ /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -56,26 +56,20 @@ * [including the GNU Public Licence.] */ -/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING - * - * Always modify md2.org since md2.h is automatically generated from - * it during SSLeay configuration. - * - * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING - */ - - #ifndef HEADER_MD2_H #define HEADER_MD2_H -#ifdef __cplusplus -extern "C" { +#ifdef OPENSSL_NO_MD2 +#error MD2 is disabled. #endif #define MD2_DIGEST_LENGTH 16 #define MD2_BLOCK 16 +#include <openssl/opensslconf.h> /* MD2_INT */ -#define MD2_INT unsigned int +#ifdef __cplusplus +extern "C" { +#endif typedef struct MD2state_st { @@ -85,20 +79,14 @@ typedef struct MD2state_st MD2_INT state[MD2_BLOCK]; } MD2_CTX; -#ifndef NOPROTO -char *MD2_options(void); -void MD2_Init(MD2_CTX *c); -void MD2_Update(MD2_CTX *c, register unsigned char *data, unsigned long len); -void MD2_Final(unsigned char *md, MD2_CTX *c); -unsigned char *MD2(unsigned char *d, unsigned long n,unsigned char *md); -#else -char *MD2_options(); -void MD2_Init(); -void MD2_Update(); -void MD2_Final(); -unsigned char *MD2(); +const char *MD2_options(void); +#ifdef OPENSSL_FIPS +int private_MD2_Init(MD2_CTX *c); #endif - +int MD2_Init(MD2_CTX *c); +int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len); +int MD2_Final(unsigned char *md, MD2_CTX *c); +unsigned char *MD2(const unsigned char *d, unsigned long n,unsigned char *md); #ifdef __cplusplus } #endif diff --git a/crypto/md2/md2_dgst.c b/crypto/md2/md2_dgst.c index ecb64f0ec..8124acd68 100644 --- a/crypto/md2/md2_dgst.c +++ b/crypto/md2/md2_dgst.c @@ -62,6 +62,8 @@ #include <openssl/md2.h> #include <openssl/opensslv.h> #include <openssl/crypto.h> +#include <openssl/fips.h> +#include <openssl/err.h> const char *MD2_version="MD2" OPENSSL_VERSION_PTEXT; @@ -116,7 +118,7 @@ const char *MD2_options(void) return("md2(int)"); } -int MD2_Init(MD2_CTX *c) +FIPS_NON_FIPS_MD_Init(MD2) { c->num=0; memset(c->state,0,sizeof c->state); diff --git a/crypto/md32_common.h b/crypto/md32_common.h index fe157a173..733da6aca 100644 --- a/crypto/md32_common.h +++ b/crypto/md32_common.h @@ -559,7 +559,7 @@ int HASH_FINAL (unsigned char *md, HASH_CTX *c) static const unsigned char end[4]={0x80,0x00,0x00,0x00}; const unsigned char *cp=end; -#ifdef OPENSSL_FIPS +#if 0 if(FIPS_mode() && !FIPS_md5_allowed()) { FIPSerr(FIPS_F_HASH_FINAL,FIPS_R_NON_FIPS_METHOD); diff --git a/crypto/md4/md4.h b/crypto/md4/md4.h new file mode 100644 index 000000000..7e761efb6 --- /dev/null +++ b/crypto/md4/md4.h @@ -0,0 +1,119 @@ +/* crypto/md4/md4.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_MD4_H +#define HEADER_MD4_H + +#include <openssl/e_os2.h> + +#ifdef __cplusplus +extern "C" { +#endif + +#ifdef OPENSSL_NO_MD4 +#error MD4 is disabled. +#endif + +/* + * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + * ! MD4_LONG has to be at least 32 bits wide. If it's wider, then ! + * ! MD4_LONG_LOG2 has to be defined along. ! + * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + */ + +#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__) +#define MD4_LONG unsigned long +#elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__) +#define MD4_LONG unsigned long +#define MD4_LONG_LOG2 3 +/* + * _CRAY note. I could declare short, but I have no idea what impact + * does it have on performance on none-T3E machines. I could declare + * int, but at least on C90 sizeof(int) can be chosen at compile time. + * So I've chosen long... + * <appro@fy.chalmers.se> + */ +#else +#define MD4_LONG unsigned int +#endif + +#define MD4_CBLOCK 64 +#define MD4_LBLOCK (MD4_CBLOCK/4) +#define MD4_DIGEST_LENGTH 16 + +typedef struct MD4state_st + { + MD4_LONG A,B,C,D; + MD4_LONG Nl,Nh; + MD4_LONG data[MD4_LBLOCK]; + int num; + } MD4_CTX; + +#ifdef OPENSSL_FIPS +int private_MD4_Init(MD4_CTX *c); +#endif +int MD4_Init(MD4_CTX *c); +int MD4_Update(MD4_CTX *c, const void *data, unsigned long len); +int MD4_Final(unsigned char *md, MD4_CTX *c); +unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md); +void MD4_Transform(MD4_CTX *c, const unsigned char *b); +#ifdef __cplusplus +} +#endif + +#endif diff --git a/crypto/md4/md4_dgst.c b/crypto/md4/md4_dgst.c index 7afb7185b..ee7cc7226 100644 --- a/crypto/md4/md4_dgst.c +++ b/crypto/md4/md4_dgst.c @@ -70,7 +70,7 @@ const char *MD4_version="MD4" OPENSSL_VERSION_PTEXT; #define INIT_DATA_C (unsigned long)0x98badcfeL #define INIT_DATA_D (unsigned long)0x10325476L -int MD4_Init(MD4_CTX *c) +FIPS_NON_FIPS_MD_Init(MD4) { c->A=INIT_DATA_A; c->B=INIT_DATA_B; diff --git a/crypto/md5/md5.h b/crypto/md5/md5.h index a252e0211..c663dd181 100644 --- a/crypto/md5/md5.h +++ b/crypto/md5/md5.h @@ -104,6 +104,9 @@ typedef struct MD5state_st int num; } MD5_CTX; +#ifdef OPENSSL_FIPS +int private_MD5_Init(MD5_CTX *c); +#endif int MD5_Init(MD5_CTX *c); int MD5_Update(MD5_CTX *c, const void *data, unsigned long len); int MD5_Final(unsigned char *md, MD5_CTX *c); diff --git a/crypto/md5/md5_dgst.c b/crypto/md5/md5_dgst.c index 9c7abc369..54b33c650 100644 --- a/crypto/md5/md5_dgst.c +++ b/crypto/md5/md5_dgst.c @@ -70,7 +70,7 @@ const char *MD5_version="MD5" OPENSSL_VERSION_PTEXT; #define INIT_DATA_C (unsigned long)0x98badcfeL #define INIT_DATA_D (unsigned long)0x10325476L -int MD5_Init(MD5_CTX *c) +FIPS_NON_FIPS_MD_Init(MD5) { c->A=INIT_DATA_A; c->B=INIT_DATA_B; diff --git a/crypto/mdc2/mdc2.h b/crypto/mdc2/mdc2.h index 0b104be18..4cba101f3 100644 --- a/crypto/mdc2/mdc2.h +++ b/crypto/mdc2/mdc2.h @@ -59,11 +59,15 @@ #ifndef HEADER_MDC2_H #define HEADER_MDC2_H +#include <openssl/des.h> + #ifdef __cplusplus extern "C" { #endif -#include "des.h" +#ifdef OPENSSL_NO_MDC2 +#error MDC2 is disabled. +#endif #define MDC2_BLOCK 8 #define MDC2_DIGEST_LENGTH 16 @@ -72,25 +76,18 @@ typedef struct mdc2_ctx_st { int num; unsigned char data[MDC2_BLOCK]; - des_cblock h,hh; + DES_cblock h,hh; int pad_type; /* either 1 or 2, default 1 */ } MDC2_CTX; -#ifndef NOPROTO - -void MDC2_Init(MDC2_CTX *c); -void MDC2_Update(MDC2_CTX *c, unsigned char *data, unsigned long len); -void MDC2_Final(unsigned char *md, MDC2_CTX *c); -unsigned char *MDC2(unsigned char *d, unsigned long n, unsigned char *md); - -#else - -void MDC2_Init(); -void MDC2_Update(); -void MDC2_Final(); -unsigned char *MDC2(); - +#ifdef OPENSSL_FIPS +int private_MDC2_Init(MDC2_CTX *c); #endif +int MDC2_Init(MDC2_CTX *c); +int MDC2_Update(MDC2_CTX *c, const unsigned char *data, unsigned long len); +int MDC2_Final(unsigned char *md, MDC2_CTX *c); +unsigned char *MDC2(const unsigned char *d, unsigned long n, + unsigned char *md); #ifdef __cplusplus } diff --git a/crypto/mdc2/mdc2dgst.c b/crypto/mdc2/mdc2dgst.c index 2a086c061..20d1a6e6c 100644 --- a/crypto/mdc2/mdc2dgst.c +++ b/crypto/mdc2/mdc2dgst.c @@ -59,8 +59,10 @@ #include <stdio.h> #include <stdlib.h> #include <string.h> -#include "des.h" -#include "mdc2.h" +#include <openssl/des.h> +#include <openssl/fips.h> +#include <openssl/err.h> +#include <openssl/mdc2.h> #undef c2l #define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \ @@ -74,25 +76,17 @@ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ *((c)++)=(unsigned char)(((l)>>24L)&0xff)) -#ifndef NOPROTO -static void mdc2_body(MDC2_CTX *c, unsigned char *in, unsigned int len); -#else -static void mdc2_body(); -#endif - -void MDC2_Init(c) -MDC2_CTX *c; +static void mdc2_body(MDC2_CTX *c, const unsigned char *in, unsigned int len); +FIPS_NON_FIPS_MD_Init(MDC2) { c->num=0; c->pad_type=1; memset(&(c->h[0]),0x52,MDC2_BLOCK); memset(&(c->hh[0]),0x25,MDC2_BLOCK); + return 1; } -void MDC2_Update(c,in,len) -MDC2_CTX *c; -register unsigned char *in; -unsigned long len; +int MDC2_Update(MDC2_CTX *c, const unsigned char *in, unsigned long len) { int i,j; @@ -104,7 +98,7 @@ unsigned long len; /* partial block */ memcpy(&(c->data[i]),in,(int)len); c->num+=(int)len; - return; + return 1; } else { @@ -125,56 +119,48 @@ unsigned long len; memcpy(&(c->data[0]),&(in[i]),j); c->num=j; } + return 1; } -static void mdc2_body(c,in,len) -MDC2_CTX *c; -unsigned char *in; -unsigned int len; +static void mdc2_body(MDC2_CTX *c, const unsigned char *in, unsigned int len) { register DES_LONG tin0,tin1; register DES_LONG ttin0,ttin1; DES_LONG d[2],dd[2]; - des_cblock *h,*hh; - des_key_schedule k; + DES_key_schedule k; unsigned char *p; unsigned int i; - h= (des_cblock *)&(c->h[0]); - hh= (des_cblock *)&(c->hh[0]); - for (i=0; i<len; i+=8) { c2l(in,tin0); d[0]=dd[0]=tin0; c2l(in,tin1); d[1]=dd[1]=tin1; - (*h)[0]=((*h)[0]&0x9f)|0x40; - (*hh)[0]=((*hh)[0]&0x9f)|0x20; + c->h[0]=(c->h[0]&0x9f)|0x40; + c->hh[0]=(c->hh[0]&0x9f)|0x20; - des_set_odd_parity(h); - des_set_key(h,k); - des_encrypt((DES_LONG *)d,k,1); + DES_set_odd_parity(&c->h); + DES_set_key_unchecked(&c->h,&k); + DES_encrypt1(d,&k,1); - des_set_odd_parity(hh); - des_set_key(hh,k); - des_encrypt((DES_LONG *)dd,k,1); + DES_set_odd_parity(&c->hh); + DES_set_key_unchecked(&c->hh,&k); + DES_encrypt1(dd,&k,1); ttin0=tin0^dd[0]; ttin1=tin1^dd[1]; tin0^=d[0]; tin1^=d[1]; - p=(unsigned char *)h; + p=c->h; l2c(tin0,p); l2c(ttin1,p); - p=(unsigned char *)hh; + p=c->hh; l2c(ttin0,p); l2c(tin1,p); } } -void MDC2_Final(md,c) -unsigned char *md; -MDC2_CTX *c; +int MDC2_Final(unsigned char *md, MDC2_CTX *c) { int i,j; @@ -189,6 +175,7 @@ MDC2_CTX *c; } memcpy(md,(char *)c->h,MDC2_BLOCK); memcpy(&(md[MDC2_BLOCK]),(char *)c->hh,MDC2_BLOCK); + return 1; } #undef TEST diff --git a/crypto/rc2/rc2.h b/crypto/rc2/rc2.h index 9232bbd56..71788158d 100644 --- a/crypto/rc2/rc2.h +++ b/crypto/rc2/rc2.h @@ -1,4 +1,4 @@ -/* crypto/rc2/rc2.org */ +/* crypto/rc2/rc2.h */ /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -56,60 +56,46 @@ * [including the GNU Public Licence.] */ -/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING - * - * Always modify rc2.org since rc2.h is automatically generated from - * it during SSLeay configuration. - * - * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING - */ - #ifndef HEADER_RC2_H #define HEADER_RC2_H -#ifdef __cplusplus -extern "C" { +#ifdef OPENSSL_NO_RC2 +#error RC2 is disabled. #endif #define RC2_ENCRYPT 1 #define RC2_DECRYPT 0 -/* I need to put in a mod for the alpha - eay */ -#define RC2_INT unsigned int - +#include <openssl/opensslconf.h> /* RC2_INT */ #define RC2_BLOCK 8 #define RC2_KEY_LENGTH 16 +#ifdef __cplusplus +extern "C" { +#endif + typedef struct rc2_key_st { RC2_INT data[64]; } RC2_KEY; -#ifndef NOPROTO - -void RC2_set_key(RC2_KEY *key, int len, unsigned char *data,int bits); -void RC2_ecb_encrypt(unsigned char *in,unsigned char *out,RC2_KEY *key, - int enc); +#ifdef OPENSSL_FIPS +void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, + int bits); +#endif +void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits); +void RC2_ecb_encrypt(const unsigned char *in,unsigned char *out,RC2_KEY *key, + int enc); void RC2_encrypt(unsigned long *data,RC2_KEY *key); void RC2_decrypt(unsigned long *data,RC2_KEY *key); -void RC2_cbc_encrypt(unsigned char *in, unsigned char *out, long length, +void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, RC2_KEY *ks, unsigned char *iv, int enc); -void RC2_cfb64_encrypt(unsigned char *in, unsigned char *out, long length, - RC2_KEY *schedule, unsigned char *ivec, int *num, int enc); -void RC2_ofb64_encrypt(unsigned char *in, unsigned char *out, long length, - RC2_KEY *schedule, unsigned char *ivec, int *num); - -#else - -void RC2_set_key(); -void RC2_ecb_encrypt(); -void RC2_encrypt(); -void RC2_decrypt(); -void RC2_cbc_encrypt(); -void RC2_cfb64_encrypt(); -void RC2_ofb64_encrypt(); - -#endif +void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out, + long length, RC2_KEY *schedule, unsigned char *ivec, + int *num, int enc); +void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out, + long length, RC2_KEY *schedule, unsigned char *ivec, + int *num); #ifdef __cplusplus } diff --git a/crypto/rc2/rc2_skey.c b/crypto/rc2/rc2_skey.c index 0f1f25339..22f372f85 100644 --- a/crypto/rc2/rc2_skey.c +++ b/crypto/rc2/rc2_skey.c @@ -56,7 +56,8 @@ * [including the GNU Public Licence.] */ -#include "rc2.h" +#include <openssl/rc2.h> +#include <openssl/crypto.h> #include "rc2_locl.h" static unsigned char key_table[256]={ @@ -90,11 +91,19 @@ static unsigned char key_table[256]={ * BSAFE uses the 'retarded' version. What I previously shipped is * the same as specifying 1024 for the 'bits' parameter. Bsafe uses * a version where the bits parameter is the same as len*8 */ -void RC2_set_key(key,len,data,bits) -RC2_KEY *key; -int len; -unsigned char *data; -int bits; + +#ifdef OPENSSL_FIPS +void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) + { + if (FIPS_mode()) + FIPS_BAD_ABORT(RC2) + private_RC2_set_key(key, len, data, bits); + } +void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, + int bits) +#else +void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) +#endif { int i,j; unsigned char *k; diff --git a/crypto/rc4/rc4.h b/crypto/rc4/rc4.h index 6878abc5e..dd90d9fde 100644 --- a/crypto/rc4/rc4.h +++ b/crypto/rc4/rc4.h @@ -81,6 +81,9 @@ typedef struct rc4_key_st const char *RC4_options(void); +#ifdef OPENSSL_FIPS +void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); +#endif void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, unsigned char *outdata); diff --git a/crypto/rc4/rc4_skey.c b/crypto/rc4/rc4_skey.c index ca69a5a7e..07234f061 100644 --- a/crypto/rc4/rc4_skey.c +++ b/crypto/rc4/rc4_skey.c @@ -57,6 +57,7 @@ */ #include <openssl/rc4.h> +#include <openssl/crypto.h> #include "rc4_locl.h" #include <openssl/opensslv.h> @@ -85,7 +86,7 @@ const char *RC4_options(void) * Date: Wed, 14 Sep 1994 06:35:31 GMT */ -void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) +FIPS_NON_FIPS_VCIPHER_Init(RC4) { register RC4_INT tmp; register int id1,id2; diff --git a/crypto/rc5/rc5.h b/crypto/rc5/rc5.h index 5fd64e3f1..aa3f26920 100644 --- a/crypto/rc5/rc5.h +++ b/crypto/rc5/rc5.h @@ -63,6 +63,10 @@ extern "C" { #endif +#ifdef OPENSSL_NO_RC5 +#error RC5 is disabled. +#endif + #define RC5_ENCRYPT 1 #define RC5_DECRYPT 0 @@ -88,32 +92,25 @@ typedef struct rc5_key_st RC5_32_INT data[2*(RC5_16_ROUNDS+1)]; } RC5_32_KEY; -#ifndef NOPROTO - -void RC5_32_set_key(RC5_32_KEY *key, int len, unsigned char *data, +#ifdef OPENSSL_FIPS +void private_RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, + int rounds); +#endif +void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, int rounds); -void RC5_32_ecb_encrypt(unsigned char *in,unsigned char *out,RC5_32_KEY *key, +void RC5_32_ecb_encrypt(const unsigned char *in,unsigned char *out,RC5_32_KEY *key, int enc); void RC5_32_encrypt(unsigned long *data,RC5_32_KEY *key); void RC5_32_decrypt(unsigned long *data,RC5_32_KEY *key); -void RC5_32_cbc_encrypt(unsigned char *in, unsigned char *out, long length, - RC5_32_KEY *ks, unsigned char *iv, int enc); -void RC5_32_cfb64_encrypt(unsigned char *in, unsigned char *out, long length, - RC5_32_KEY *schedule, unsigned char *ivec, int *num, int enc); -void RC5_32_ofb64_encrypt(unsigned char *in, unsigned char *out, long length, - RC5_32_KEY *schedule, unsigned char *ivec, int *num); - -#else - -void RC5_32_set_key(); -void RC5_32_ecb_encrypt(); -void RC5_32_encrypt(); -void RC5_32_decrypt(); -void RC5_32_cbc_encrypt(); -void RC5_32_cfb64_encrypt(); -void RC5_32_ofb64_encrypt(); - -#endif +void RC5_32_cbc_encrypt(const unsigned char *in, unsigned char *out, + long length, RC5_32_KEY *ks, unsigned char *iv, + int enc); +void RC5_32_cfb64_encrypt(const unsigned char *in, unsigned char *out, + long length, RC5_32_KEY *schedule, + unsigned char *ivec, int *num, int enc); +void RC5_32_ofb64_encrypt(const unsigned char *in, unsigned char *out, + long length, RC5_32_KEY *schedule, + unsigned char *ivec, int *num); #ifdef __cplusplus } diff --git a/crypto/rc5/rc5_skey.c b/crypto/rc5/rc5_skey.c index 5753390d0..f259ab712 100644 --- a/crypto/rc5/rc5_skey.c +++ b/crypto/rc5/rc5_skey.c @@ -56,14 +56,25 @@ * [including the GNU Public Licence.] */ -#include "rc5.h" +#include <openssl/crypto.h> +#include <openssl/rc5.h> #include "rc5_locl.h" -void RC5_32_set_key(key,len,data,rounds) -RC5_32_KEY *key; -int len; -unsigned char *data; -int rounds; + +#ifdef OPENSSL_FIPS +void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, + int rounds) + { + if (FIPS_mode()) + FIPS_BAD_ABORT(RC5) + private_RC5_32_set_key(key, len, data, rounds); + } +void private_RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, + int rounds) +#else +void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, + int rounds) +#endif { RC5_32_INT L[64],l,ll,A,B,*S,k; int i,j,m,c,t,ii,jj; diff --git a/crypto/ripemd/ripemd.h b/crypto/ripemd/ripemd.h index a3bc6e3ab..7d0d99818 100644 --- a/crypto/ripemd/ripemd.h +++ b/crypto/ripemd/ripemd.h @@ -59,39 +59,46 @@ #ifndef HEADER_RIPEMD_H #define HEADER_RIPEMD_H +#include <openssl/e_os2.h> + #ifdef __cplusplus extern "C" { #endif +#ifdef OPENSSL_NO_RIPEMD +#error RIPEMD is disabled. +#endif + +#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__) +#define RIPEMD160_LONG unsigned long +#elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__) +#define RIPEMD160_LONG unsigned long +#define RIPEMD160_LONG_LOG2 3 +#else +#define RIPEMD160_LONG unsigned int +#endif + #define RIPEMD160_CBLOCK 64 -#define RIPEMD160_LBLOCK 16 -#define RIPEMD160_BLOCK 16 -#define RIPEMD160_LAST_BLOCK 56 -#define RIPEMD160_LENGTH_BLOCK 8 +#define RIPEMD160_LBLOCK (RIPEMD160_CBLOCK/4) #define RIPEMD160_DIGEST_LENGTH 20 typedef struct RIPEMD160state_st { - unsigned long A,B,C,D,E; - unsigned long Nl,Nh; - unsigned long data[RIPEMD160_LBLOCK]; + RIPEMD160_LONG A,B,C,D,E; + RIPEMD160_LONG Nl,Nh; + RIPEMD160_LONG data[RIPEMD160_LBLOCK]; int num; } RIPEMD160_CTX; -#ifndef NOPROTO -void RIPEMD160_Init(RIPEMD160_CTX *c); -void RIPEMD160_Update(RIPEMD160_CTX *c, unsigned char *data, unsigned long len); -void RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c); -unsigned char *RIPEMD160(unsigned char *d, unsigned long n, unsigned char *md); -void RIPEMD160_Transform(RIPEMD160_CTX *c, unsigned char *b); -#else -void RIPEMD160_Init(); -void RIPEMD160_Update(); -void RIPEMD160_Final(); -unsigned char *RIPEMD160(); -void RIPEMD160_Transform(); +#ifdef OPENSSL_FIPS +int private_RIPEMD160_Init(RIPEMD160_CTX *c); #endif - +int RIPEMD160_Init(RIPEMD160_CTX *c); +int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, unsigned long len); +int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c); +unsigned char *RIPEMD160(const unsigned char *d, unsigned long n, + unsigned char *md); +void RIPEMD160_Transform(RIPEMD160_CTX *c, const unsigned char *b); #ifdef __cplusplus } #endif diff --git a/crypto/ripemd/rmd_dgst.c b/crypto/ripemd/rmd_dgst.c index f351f00ee..5dff6bafa 100644 --- a/crypto/ripemd/rmd_dgst.c +++ b/crypto/ripemd/rmd_dgst.c @@ -58,6 +58,7 @@ #include <stdio.h> #include "rmd_locl.h" +#include <openssl/fips.h> #include <openssl/opensslv.h> const char *RMD160_version="RIPE-MD160" OPENSSL_VERSION_PTEXT; @@ -69,7 +70,7 @@ const char *RMD160_version="RIPE-MD160" OPENSSL_VERSION_PTEXT; void ripemd160_block(RIPEMD160_CTX *c, unsigned long *p,int num); # endif -int RIPEMD160_Init(RIPEMD160_CTX *c) +FIPS_NON_FIPS_MD_Init(RIPEMD160) { c->A=RIPEMD160_A; c->B=RIPEMD160_B; diff --git a/crypto/sha/sha.h b/crypto/sha/sha.h index a26ed5ddc..79c07b0fd 100644 --- a/crypto/sha/sha.h +++ b/crypto/sha/sha.h @@ -105,6 +105,9 @@ typedef struct SHAstate_st } SHA_CTX; #ifndef OPENSSL_NO_SHA0 +#ifdef OPENSSL_FIPS +int private_SHA_Init(SHA_CTX *c); +#endif int SHA_Init(SHA_CTX *c); int SHA_Update(SHA_CTX *c, const void *data, unsigned long len); int SHA_Final(unsigned char *md, SHA_CTX *c); diff --git a/crypto/sha/sha_locl.h b/crypto/sha/sha_locl.h index 7a25c70bf..a3623f72d 100644 --- a/crypto/sha/sha_locl.h +++ b/crypto/sha/sha_locl.h @@ -143,7 +143,11 @@ #define INIT_DATA_h3 0x10325476UL #define INIT_DATA_h4 0xc3d2e1f0UL +#if defined(SHA_0) && defined(OPENSSL_FIPS) +FIPS_NON_FIPS_MD_Init(SHA) +#else int HASH_INIT (SHA_CTX *c) +#endif { c->h0=INIT_DATA_h0; c->h1=INIT_DATA_h1; diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c index 4e71ade1a..030d0966f 100644 --- a/crypto/x509/x509_cmp.c +++ b/crypto/x509/x509_cmp.c @@ -322,10 +322,16 @@ unsigned long X509_NAME_hash(X509_NAME *x) { unsigned long ret=0; unsigned char md[16]; + EVP_MD_CTX md_ctx; /* Make sure X509_NAME structure contains valid cached encoding */ i2d_X509_NAME(x,NULL); - EVP_Digest(x->bytes->data, x->bytes->length, md, NULL, EVP_md5(), NULL); + EVP_MD_CTX_init(&md_ctx); + EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); + EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL); + EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length); + EVP_DigestFinal_ex(&md_ctx,md,NULL); + EVP_MD_CTX_cleanup(&md_ctx); ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 8c61ea0cb..e60055c34 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -365,7 +365,7 @@ static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) else return 0; } - + /* Check a certificate chains extensions for consistency * with the supplied purpose diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 6b4dc3e67..a18be3e2f 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -1162,6 +1162,8 @@ static int ssl3_get_key_exchange(SSL *s) q=md_buf; for (num=2; num > 0; num--) { + EVP_MD_CTX_set_flags(&md_ctx, + EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); EVP_DigestInit_ex(&md_ctx,(num == 2) ?s->ctx->md5:s->ctx->sha1, NULL); EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 92efb9597..beb6c64b9 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -146,6 +146,7 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num) #endif k=0; EVP_MD_CTX_init(&m5); + EVP_MD_CTX_set_flags(&m5, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); EVP_MD_CTX_init(&s1); for (i=0; i<num; i+=MD5_DIGEST_LENGTH) { @@ -501,6 +502,8 @@ int ssl3_enc(SSL *s, int send) void ssl3_init_finished_mac(SSL *s) { + EVP_MD_CTX_set_flags(&(s->s3->finish_dgst1), + EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); EVP_DigestInit_ex(&(s->s3->finish_dgst1),s->ctx->md5, NULL); EVP_DigestInit_ex(&(s->s3->finish_dgst2),s->ctx->sha1, NULL); } diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 44248ba55..a7184891c 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -1213,6 +1213,8 @@ static int ssl3_send_server_key_exchange(SSL *s) j=0; for (num=2; num > 0; num--) { + EVP_MD_CTX_set_flags(&md_ctx, + EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); EVP_DigestInit_ex(&md_ctx,(num == 2) ?s->ctx->md5:s->ctx->sha1, NULL); EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index ac224ddfa..3dec4099c 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -132,6 +132,8 @@ static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec, HMAC_CTX_init(&ctx); HMAC_CTX_init(&ctx_tmp); + HMAC_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); + HMAC_CTX_set_flags(&ctx_tmp, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); HMAC_Init_ex(&ctx,sec,sec_len,md, NULL); HMAC_Init_ex(&ctx_tmp,sec,sec_len,md, NULL); HMAC_Update(&ctx,seed,seed_len); |