Commit 0224b3a8 authored by glen.beasley%sun.com's avatar glen.beasley%sun.com
Browse files

318970 wtc fix for RSA fipstest using RSA_HashSign r=neilW sr= brelyea

parent dc37a48f
Loading
Loading
Loading
Loading
+40 −26
Original line number Diff line number Diff line
@@ -42,8 +42,8 @@
#include "blapi.h"
#include "nss.h"
#include "secerr.h"
#include "secdert.h"
#include "secoidt.h"
#include "secder.h"
#include "secdig.h"
#include "keythi.h"
#include "ec.h"
#include "hasht.h"
@@ -3999,6 +3999,7 @@ rsa_siggen_test(char *reqfn)
    unsigned char  sha[HASH_LENGTH_MAX];    /* SHA digest */
    unsigned int   shaLength = 0;           /* length of SHA */
    HASH_HashType  shaAlg = HASH_AlgNULL;   /* type of SHA Alg */
    SECOidTag      shaOid = SEC_OID_UNKNOWN;
    int modulus;                                /* the Modulus size */
    int  publicExponent  = DEFAULT_RSA_PUBLIC_EXPONENT;
    SECItem pe = {0, 0, 0 };
@@ -4014,10 +4015,10 @@ rsa_siggen_test(char *reqfn)

    /* calculate the exponent */
    for (i=0; i < 4; i++) {
        if (peCount || (publicExponent & ((unsigned long)0xff000000L >>
            (i*8)))) {
            pubEx[peCount] =  (unsigned char)((publicExponent >>
            (3-i)*8) & 0xff);
        if (peCount || (publicExponent &
                ((unsigned long)0xff000000L >> (i*8)))) {
            pubEx[peCount] =
                (unsigned char)((publicExponent >> (3-i)*8) & 0xff);
            peCount++;
        }
    }
@@ -4059,7 +4060,7 @@ rsa_siggen_test(char *reqfn)

            to_hex_str(buf, rsaBlapiPrivKey->modulus.data,
                       rsaBlapiPrivKey->modulus.len);
            fprintf(rsaresp, "n = %s\n\n", buf);
            fprintf(rsaresp, "\nn = %s\n\n", buf);
            to_hex_str(buf, rsaBlapiPrivKey->publicExponent.data,
                       rsaBlapiPrivKey->publicExponent.len);
            fprintf(rsaresp, "e = %s\n", buf);
@@ -4140,38 +4141,44 @@ rsa_siggen_test(char *reqfn)
                     goto loser;
                }
                shaLength = SHA1_LENGTH;
                shaOid = SEC_OID_SHA1;
            } else if (shaAlg == HASH_AlgSHA256) {
                if (SHA256_HashBuf(sha, msg, j) != SECSuccess) {
                     fprintf(rsaresp, "ERROR: Unable to generate SHA256");
                     goto loser;
                }
                shaLength = SHA256_LENGTH;
                shaOid = SEC_OID_SHA256;
            } else if (shaAlg == HASH_AlgSHA384) {
                if (SHA384_HashBuf(sha, msg, j) != SECSuccess) {
                     fprintf(rsaresp, "ERROR: Unable to generate SHA384");
                     goto loser;
                }
                shaLength = SHA384_LENGTH;
                shaOid = SEC_OID_SHA384;
            } else if (shaAlg == HASH_AlgSHA512) {
                if (SHA512_HashBuf(sha, msg, j) != SECSuccess) {
                     fprintf(rsaresp, "ERROR: Unable to generate SHA512");
                     goto loser;
                }
                shaLength = SHA512_LENGTH;
                shaOid = SEC_OID_SHA512;
            } else {
                fprintf(rsaresp, "ERROR: SHAAlg not defined.");
                goto loser;
            }

            /* Perform RSA signature with the RSA private key. */
            rv = RSA_Sign( rsa_private_key, rsa_computed_signature,
            rv = RSA_HashSign( shaOid,
                               rsa_private_key,
                               rsa_computed_signature,
                               &rsa_bytes_signed,
                               nsslowkey_PrivateModulusLen(rsa_private_key),
                               sha,
                               shaLength);

            if( rv != SECSuccess ) {
                 fprintf(rsaresp, "ERROR: RSA_Sign failed");
                 fprintf(rsaresp, "ERROR: RSA_HashSign failed");
                 goto loser;
            }

@@ -4181,13 +4188,14 @@ rsa_siggen_test(char *reqfn)
            fprintf(rsaresp, "S = %s\n", buf);

            /* Perform RSA verification with the RSA public key. */
            rv = RSA_CheckSign( rsa_public_key,
            rv = RSA_HashCheckSign( shaOid,
                                    rsa_public_key,
                                    rsa_computed_signature,
                                    rsa_bytes_signed,
                                    sha,
                                    shaLength);
            if( rv != SECSuccess ) {
                 fprintf(rsaresp, "ERROR: RSA_CheckSign failed");
                 fprintf(rsaresp, "ERROR: RSA_HashCheckSign failed");
                 goto loser;
            }
            continue;
@@ -4225,6 +4233,7 @@ rsa_sigver_test(char *reqfn)
    unsigned char   sha[HASH_LENGTH_MAX];   /* SHA digest */
    unsigned int    shaLength = 0;              /* actual length of the digest */
    HASH_HashType   shaAlg = HASH_AlgNULL;
    SECOidTag       shaOid = SEC_OID_UNKNOWN;
    int modulus = 0;                            /* the Modulus size */
    unsigned char   signature[513];    /* largest signature size + '\n' */
    unsigned int    signatureLength = 0;   /* actual length of the signature */
@@ -4376,24 +4385,28 @@ rsa_sigver_test(char *reqfn)
                     goto loser;
                }
                shaLength = SHA1_LENGTH;
                shaOid = SEC_OID_SHA1;
            } else if (shaAlg == HASH_AlgSHA256) {
                if (SHA256_HashBuf(sha, msg, j) != SECSuccess) {
                     fprintf(rsaresp, "ERROR: Unable to generate SHA256");
                     goto loser;
                }
                shaLength = SHA256_LENGTH;
                shaOid = SEC_OID_SHA256;
            } else if (shaAlg == HASH_AlgSHA384) {
                if (SHA384_HashBuf(sha, msg, j) != SECSuccess) {
                     fprintf(rsaresp, "ERROR: Unable to generate SHA384");
                     goto loser;
                }
                shaLength = SHA384_LENGTH;
                shaOid = SEC_OID_SHA384;
            } else if (shaAlg == HASH_AlgSHA512) {
                if (SHA512_HashBuf(sha, msg, j) != SECSuccess) {
                     fprintf(rsaresp, "ERROR: Unable to generate SHA512");
                     goto loser;
                }
                shaLength = SHA512_LENGTH;
                shaOid = SEC_OID_SHA512;
            } else {
                fprintf(rsaresp, "ERROR: SHAAlg not defined.");
                goto loser;
@@ -4429,7 +4442,8 @@ rsa_sigver_test(char *reqfn)
            fputs(buf, rsaresp);

            /* Perform RSA verification with the RSA public key. */
            rv = RSA_CheckSign( rsa_public_key,
            rv = RSA_HashCheckSign( shaOid,
                                    rsa_public_key,
                                    signature,
                                    signatureLength,
                                    sha,
+25 −7
Original line number Diff line number Diff line
@@ -1593,6 +1593,15 @@ static SECStatus
sftk_HashSign(SFTKHashSignInfo *info,unsigned char *sig,unsigned int *sigLen,
		unsigned int maxLen,unsigned char *hash, unsigned int hashLen)
{
    return RSA_HashSign(info->hashOid,info->key,sig,sigLen,maxLen,
							hash,hashLen);
}

SECStatus
RSA_HashSign(SECOidTag hashOid, NSSLOWKEYPrivateKey *key,
		unsigned char *sig, unsigned int *sigLen, unsigned int maxLen,
		unsigned char *hash, unsigned int hashLen)
{
    
    SECStatus rv = SECFailure;
    SECItem digder;
@@ -1605,7 +1614,7 @@ sftk_HashSign(SFTKHashSignInfo *info,unsigned char *sig,unsigned int *sigLen,
    if ( !arena ) { goto loser; }
    
    /* Construct digest info */
    di = SGN_CreateDigestInfo(info->hashOid, hash, hashLen);
    di = SGN_CreateDigestInfo(hashOid, hash, hashLen);
    if (!di) { goto loser; }

    /* Der encode the digest as a DigestInfo */
@@ -1618,7 +1627,7 @@ sftk_HashSign(SFTKHashSignInfo *info,unsigned char *sig,unsigned int *sigLen,
    ** Encrypt signature after constructing appropriate PKCS#1 signature
    ** block
    */
    rv = RSA_Sign(info->key,sig,sigLen,maxLen,digder.data,digder.len);
    rv = RSA_Sign(key,sig,sigLen,maxLen,digder.data,digder.len);

  loser:
    SGN_DestroyDigestInfo(di);
@@ -2100,11 +2109,20 @@ CK_RV NSC_SignRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
 ************** Crypto Functions:     verify  ************************
 */

/* Handle RSA Signature formating */
/* Handle RSA Signature formatting */
static SECStatus
sftk_hashCheckSign(SFTKHashVerifyInfo *info, unsigned char *sig, 
	unsigned int sigLen, unsigned char *digest, unsigned int digestLen)
{
    return RSA_HashCheckSign(info->hashOid, info->key, sig, sigLen,
						digest, digestLen);
}

SECStatus
RSA_HashCheckSign(SECOidTag hashOid, NSSLOWKEYPublicKey *key,
	unsigned char *sig, unsigned int sigLen,
	unsigned char *digest, unsigned int digestLen)
{

    SECItem it;
    SGNDigestInfo *di = NULL;
@@ -2112,16 +2130,16 @@ sftk_hashCheckSign(SFTKHashVerifyInfo *info, unsigned char *sig,
    
    it.data = NULL;

    if (info->key == NULL) goto loser;
    if (key == NULL) goto loser;

    it.len = nsslowkey_PublicModulusLen(info->key); 
    it.len = nsslowkey_PublicModulusLen(key); 
    if (!it.len) goto loser;

    it.data = (unsigned char *) PORT_Alloc(it.len);
    if (it.data == NULL) goto loser;

    /* decrypt the block */
    rv = RSA_CheckSignRecover(info->key, it.data, &it.len, it.len, sig, sigLen);
    rv = RSA_CheckSignRecover(key, it.data, &it.len, it.len, sig, sigLen);
    if (rv != SECSuccess) goto loser;

    di = SGN_DecodeDigestInfo(&it);
@@ -2129,7 +2147,7 @@ sftk_hashCheckSign(SFTKHashVerifyInfo *info, unsigned char *sig,
    if (di->digest.len != digestLen)  goto loser; 

    /* make sure the tag is OK */
    if (SECOID_GetAlgorithmTag(&di->digestAlgorithm) != info->hashOid) {
    if (SECOID_GetAlgorithmTag(&di->digestAlgorithm) != hashOid) {
	goto loser;
    }
    /* Now check the signature */
+12 −2
Original line number Diff line number Diff line
@@ -36,7 +36,7 @@
 * the terms of any one of the MPL, the GPL or the LGPL.
 *
 * ***** END LICENSE BLOCK ***** */
/* $Id: softoken.h,v 1.10 2006/03/21 19:33:52 rrelyea%redhat.com Exp $ */
/* $Id: softoken.h,v 1.11 2006/03/25 23:45:23 glen.beasley%sun.com Exp $ */

#ifndef _SOFTOKEN_H_
#define _SOFTOKEN_H_
@@ -81,7 +81,7 @@ extern unsigned char *RSA_FormatOneBlock(unsigned int modulusLen,
/*
 * convenience wrappers for doing single RSA operations. They create the
 * RSA context internally and take care of the formatting
 * requirements. Blinding happens automagically within RSA_SignHash and
 * requirements. Blinding happens automagically within RSA_Sign and
 * RSA_DecryptBlock.
 */
extern
@@ -89,10 +89,20 @@ SECStatus RSA_Sign(NSSLOWKEYPrivateKey *key, unsigned char *output,
		       unsigned int *outputLen, unsigned int maxOutputLen,
		       unsigned char *input, unsigned int inputLen);
extern
SECStatus RSA_HashSign(SECOidTag hashOid,
			NSSLOWKEYPrivateKey *key, unsigned char *sig,
			unsigned int *sigLen, unsigned int maxLen,
			unsigned char *hash, unsigned int hashLen);
extern
SECStatus RSA_CheckSign(NSSLOWKEYPublicKey *key, unsigned char *sign,
			    unsigned int signLength, unsigned char *hash,
			    unsigned int hashLength);
extern
SECStatus RSA_HashCheckSign(SECOidTag hashOid,
			    NSSLOWKEYPublicKey *key, unsigned char *sig,
			    unsigned int sigLen, unsigned char *digest,
			    unsigned int digestLen);
extern
SECStatus RSA_CheckSignRecover(NSSLOWKEYPublicKey *key, unsigned char *data,
    			    unsigned int *data_len,unsigned int max_output_len, 
			    unsigned char *sign, unsigned int sign_len);