fips_hmactest.c 7.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320
  1. /* fips_hmactest.c */
  2. /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  3. * project 2005.
  4. */
  5. /* ====================================================================
  6. * Copyright (c) 2005 The OpenSSL Project. All rights reserved.
  7. *
  8. * Redistribution and use in source and binary forms, with or without
  9. * modification, are permitted provided that the following conditions
  10. * are met:
  11. *
  12. * 1. Redistributions of source code must retain the above copyright
  13. * notice, this list of conditions and the following disclaimer.
  14. *
  15. * 2. Redistributions in binary form must reproduce the above copyright
  16. * notice, this list of conditions and the following disclaimer in
  17. * the documentation and/or other materials provided with the
  18. * distribution.
  19. *
  20. * 3. All advertising materials mentioning features or use of this
  21. * software must display the following acknowledgment:
  22. * "This product includes software developed by the OpenSSL Project
  23. * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
  24. *
  25. * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  26. * endorse or promote products derived from this software without
  27. * prior written permission. For written permission, please contact
  28. * licensing@OpenSSL.org.
  29. *
  30. * 5. Products derived from this software may not be called "OpenSSL"
  31. * nor may "OpenSSL" appear in their names without prior written
  32. * permission of the OpenSSL Project.
  33. *
  34. * 6. Redistributions of any form whatsoever must retain the following
  35. * acknowledgment:
  36. * "This product includes software developed by the OpenSSL Project
  37. * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
  38. *
  39. * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  40. * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  41. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  42. * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
  43. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  44. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  45. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  46. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  47. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  48. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  49. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  50. * OF THE POSSIBILITY OF SUCH DAMAGE.
  51. * ====================================================================
  52. *
  53. * This product includes cryptographic software written by Eric Young
  54. * (eay@cryptsoft.com). This product includes software written by Tim
  55. * Hudson (tjh@cryptsoft.com).
  56. *
  57. */
  58. #define OPENSSL_FIPSAPI
  59. #include <stdio.h>
  60. #include <ctype.h>
  61. #include <string.h>
  62. #include <openssl/bio.h>
  63. #include <openssl/evp.h>
  64. #include <openssl/hmac.h>
  65. #include <openssl/err.h>
  66. #include <openssl/bn.h>
  67. #ifndef OPENSSL_FIPS
  68. int main(int argc, char *argv[])
  69. {
  70. printf("No FIPS HMAC support\n");
  71. return(0);
  72. }
  73. #else
  74. #include <openssl/fips.h>
  75. #include "fips_utl.h"
  76. static int hmac_test(const EVP_MD *md, FILE *out, FILE *in);
  77. static int print_hmac(const EVP_MD *md, FILE *out,
  78. unsigned char *Key, int Klen,
  79. unsigned char *Msg, int Msglen, int Tlen);
  80. int main(int argc, char **argv)
  81. {
  82. FILE *in = NULL, *out = NULL;
  83. int ret = 1;
  84. fips_algtest_init();
  85. if (argc == 1)
  86. in = stdin;
  87. else
  88. in = fopen(argv[1], "r");
  89. if (argc < 2)
  90. out = stdout;
  91. else
  92. out = fopen(argv[2], "w");
  93. if (!in)
  94. {
  95. fprintf(stderr, "FATAL input initialization error\n");
  96. goto end;
  97. }
  98. if (!out)
  99. {
  100. fprintf(stderr, "FATAL output initialization error\n");
  101. goto end;
  102. }
  103. if (!hmac_test(EVP_sha1(), out, in))
  104. {
  105. fprintf(stderr, "FATAL hmac file processing error\n");
  106. goto end;
  107. }
  108. else
  109. ret = 0;
  110. end:
  111. if (in && (in != stdin))
  112. fclose(in);
  113. if (out && (out != stdout))
  114. fclose(out);
  115. return ret;
  116. }
  117. #define HMAC_TEST_MAXLINELEN 1024
  118. int hmac_test(const EVP_MD *md, FILE *out, FILE *in)
  119. {
  120. char *linebuf, *olinebuf, *p, *q;
  121. char *keyword, *value;
  122. unsigned char *Key = NULL, *Msg = NULL;
  123. int Count, Klen, Tlen;
  124. long Keylen, Msglen;
  125. int ret = 0;
  126. int lnum = 0;
  127. olinebuf = OPENSSL_malloc(HMAC_TEST_MAXLINELEN);
  128. linebuf = OPENSSL_malloc(HMAC_TEST_MAXLINELEN);
  129. if (!linebuf || !olinebuf)
  130. goto error;
  131. Count = -1;
  132. Klen = -1;
  133. Tlen = -1;
  134. while (fgets(olinebuf, HMAC_TEST_MAXLINELEN, in))
  135. {
  136. lnum++;
  137. strcpy(linebuf, olinebuf);
  138. keyword = linebuf;
  139. /* Skip leading space */
  140. while (isspace((unsigned char)*keyword))
  141. keyword++;
  142. /* Look for = sign */
  143. p = strchr(linebuf, '=');
  144. /* If no = or starts with [ (for [L=20] line) just copy */
  145. if (!p)
  146. {
  147. if (fputs(olinebuf, out) < 0)
  148. goto error;
  149. continue;
  150. }
  151. q = p - 1;
  152. /* Remove trailing space */
  153. while (isspace((unsigned char)*q))
  154. *q-- = 0;
  155. *p = 0;
  156. value = p + 1;
  157. /* Remove leading space from value */
  158. while (isspace((unsigned char)*value))
  159. value++;
  160. /* Remove trailing space from value */
  161. p = value + strlen(value) - 1;
  162. while (*p == '\n' || isspace((unsigned char)*p))
  163. *p-- = 0;
  164. if (!strcmp(keyword,"[L") && *p==']')
  165. {
  166. switch (atoi(value))
  167. {
  168. case 20: md=EVP_sha1(); break;
  169. case 28: md=EVP_sha224(); break;
  170. case 32: md=EVP_sha256(); break;
  171. case 48: md=EVP_sha384(); break;
  172. case 64: md=EVP_sha512(); break;
  173. default: goto parse_error;
  174. }
  175. }
  176. else if (!strcmp(keyword, "Count"))
  177. {
  178. if (Count != -1)
  179. goto parse_error;
  180. Count = atoi(value);
  181. if (Count < 0)
  182. goto parse_error;
  183. }
  184. else if (!strcmp(keyword, "Klen"))
  185. {
  186. if (Klen != -1)
  187. goto parse_error;
  188. Klen = atoi(value);
  189. if (Klen < 0)
  190. goto parse_error;
  191. }
  192. else if (!strcmp(keyword, "Tlen"))
  193. {
  194. if (Tlen != -1)
  195. goto parse_error;
  196. Tlen = atoi(value);
  197. if (Tlen < 0)
  198. goto parse_error;
  199. }
  200. else if (!strcmp(keyword, "Msg"))
  201. {
  202. if (Msg)
  203. goto parse_error;
  204. Msg = hex2bin_m(value, &Msglen);
  205. if (!Msg)
  206. goto parse_error;
  207. }
  208. else if (!strcmp(keyword, "Key"))
  209. {
  210. if (Key)
  211. goto parse_error;
  212. Key = hex2bin_m(value, &Keylen);
  213. if (!Key)
  214. goto parse_error;
  215. }
  216. else if (!strcmp(keyword, "Mac"))
  217. continue;
  218. else
  219. goto parse_error;
  220. fputs(olinebuf, out);
  221. if (Key && Msg && (Tlen > 0) && (Klen > 0))
  222. {
  223. if (!print_hmac(md, out, Key, Klen, Msg, Msglen, Tlen))
  224. goto error;
  225. OPENSSL_free(Key);
  226. Key = NULL;
  227. OPENSSL_free(Msg);
  228. Msg = NULL;
  229. Klen = -1;
  230. Tlen = -1;
  231. Count = -1;
  232. }
  233. }
  234. ret = 1;
  235. error:
  236. if (olinebuf)
  237. OPENSSL_free(olinebuf);
  238. if (linebuf)
  239. OPENSSL_free(linebuf);
  240. if (Key)
  241. OPENSSL_free(Key);
  242. if (Msg)
  243. OPENSSL_free(Msg);
  244. return ret;
  245. parse_error:
  246. fprintf(stderr, "FATAL parse error processing line %d\n", lnum);
  247. goto error;
  248. }
  249. static int print_hmac(const EVP_MD *emd, FILE *out,
  250. unsigned char *Key, int Klen,
  251. unsigned char *Msg, int Msglen, int Tlen)
  252. {
  253. int i, mdlen;
  254. unsigned char md[EVP_MAX_MD_SIZE];
  255. if (!HMAC(emd, Key, Klen, Msg, Msglen, md,
  256. (unsigned int *)&mdlen))
  257. {
  258. fputs("Error calculating HMAC\n", stderr);
  259. return 0;
  260. }
  261. if (Tlen > mdlen)
  262. {
  263. fputs("Parameter error, Tlen > HMAC length\n", stderr);
  264. return 0;
  265. }
  266. fputs("Mac = ", out);
  267. for (i = 0; i < Tlen; i++)
  268. fprintf(out, "%02x", md[i]);
  269. fputs("\n", out);
  270. return 1;
  271. }
  272. #endif