diff options
author | Daiki Ueno <ueno@gnu.org> | 2021-11-23 15:23:34 +0100 |
---|---|---|
committer | Daiki Ueno <ueno@gnu.org> | 2022-01-08 09:12:44 +0100 |
commit | 7444ef11aae836b793e38d1504ac07f005fb4f03 (patch) | |
tree | 67a86b9878b317ce5fb4403454398cdd1d63d07d /tests | |
parent | 57e860bb55902078c2ee8321fefb6c94299ac5d7 (diff) | |
download | gnutls-7444ef11aae836b793e38d1504ac07f005fb4f03.tar.gz |
fips: plumb service indicator to symmetric key crypto operations
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Co-authored-by: Pedro Monreal <pmonrealgonzalez@suse.de>
Diffstat (limited to 'tests')
-rw-r--r-- | tests/fips-test.c | 37 | ||||
-rw-r--r-- | tests/kdf-api.c | 38 |
2 files changed, 75 insertions, 0 deletions
diff --git a/tests/fips-test.c b/tests/fips-test.c index bf6ec26435..d72b5d2bce 100644 --- a/tests/fips-test.c +++ b/tests/fips-test.c @@ -125,6 +125,7 @@ void doit(void) gnutls_fips140_operation_state_t fips_state; gnutls_datum_t signature; unsigned int bits; + uint8_t hmac[64]; fprintf(stderr, "Please note that if in FIPS140 mode, you need to assure the library's integrity prior to running this test\n"); @@ -201,6 +202,42 @@ void doit(void) fail("gnutls_hmac_init succeeded for md5\n"); } + /* HMAC with key equal to or longer than 112 bits: approved */ + FIPS_PUSH_CONTEXT(); + ret = gnutls_hmac_init(&mh, GNUTLS_MAC_SHA256, key.data, key.size); + if (ret < 0) { + fail("gnutls_hmac_init failed\n"); + } + gnutls_hmac_deinit(mh, NULL); + FIPS_POP_CONTEXT(APPROVED); + + /* HMAC with key shorter than 112 bits: not approved */ + FIPS_PUSH_CONTEXT(); + ret = gnutls_hmac_init(&mh, GNUTLS_MAC_SHA256, key.data, 13); + if (ret < 0) { + fail("gnutls_hmac_init failed\n"); + } + gnutls_hmac_deinit(mh, NULL); + FIPS_POP_CONTEXT(NOT_APPROVED); + + /* HMAC with key equal to or longer than 112 bits: approved */ + FIPS_PUSH_CONTEXT(); + ret = gnutls_hmac_fast(GNUTLS_MAC_SHA256, key.data, key.size, + data.data, data.size, hmac); + if (ret < 0) { + fail("gnutls_hmac_fast failed\n"); + } + FIPS_POP_CONTEXT(APPROVED); + + /* HMAC with key shorter than 112 bits: not approved */ + FIPS_PUSH_CONTEXT(); + ret = gnutls_hmac_fast(GNUTLS_MAC_SHA256, key.data, 13, + data.data, data.size, hmac); + if (ret < 0) { + fail("gnutls_hmac_fast failed\n"); + } + FIPS_POP_CONTEXT(NOT_APPROVED); + ret = gnutls_rnd(GNUTLS_RND_NONCE, key16, sizeof(key16)); if (ret < 0) { fail("gnutls_rnd failed\n"); diff --git a/tests/kdf-api.c b/tests/kdf-api.c index ec74f44ce8..25fbc6a81f 100644 --- a/tests/kdf-api.c +++ b/tests/kdf-api.c @@ -32,6 +32,32 @@ #define MAX_BUF 1024 +static gnutls_fips140_context_t fips_context; +static gnutls_fips140_operation_state_t fips_state; + +#define FIPS_PUSH_CONTEXT() do { \ + if (gnutls_fips140_mode_enabled()) { \ + ret = gnutls_fips140_push_context(fips_context); \ + if (ret < 0) { \ + fail("gnutls_fips140_push_context failed\n"); \ + } \ + } \ +} while (0) + +#define FIPS_POP_CONTEXT(state) do { \ + if (gnutls_fips140_mode_enabled()) { \ + ret = gnutls_fips140_pop_context(); \ + if (ret < 0) { \ + fail("gnutls_fips140_context_pop failed\n"); \ + } \ + fips_state = gnutls_fips140_get_operation_state(fips_context); \ + if (fips_state != GNUTLS_FIPS140_OP_ ## state) { \ + fail("operation state is not " # state " (%d)\n", \ + fips_state); \ + } \ + } \ +} while (0) + static void test_hkdf(gnutls_mac_algorithm_t mac, const char *ikm_hex, @@ -48,6 +74,7 @@ test_hkdf(gnutls_mac_algorithm_t mac, gnutls_datum_t prk; gnutls_datum_t okm; uint8_t buf[MAX_BUF]; + int ret; success("HKDF test with %s\n", gnutls_mac_get_name(mac)); @@ -60,7 +87,9 @@ test_hkdf(gnutls_mac_algorithm_t mac, hex.size = strlen(salt_hex); assert(gnutls_hex_decode2(&hex, &salt) >= 0); + FIPS_PUSH_CONTEXT(); assert(gnutls_hkdf_extract(mac, &ikm, &salt, buf) >= 0); + FIPS_POP_CONTEXT(NOT_APPROVED); gnutls_free(ikm.data); gnutls_free(salt.data); @@ -79,7 +108,9 @@ test_hkdf(gnutls_mac_algorithm_t mac, hex.size = strlen(info_hex); assert(gnutls_hex_decode2(&hex, &info) >= 0); + FIPS_PUSH_CONTEXT(); assert(gnutls_hkdf_expand(mac, &prk, &info, buf, length) >= 0); + FIPS_POP_CONTEXT(NOT_APPROVED); gnutls_free(info.data); okm.data = buf; @@ -106,6 +137,7 @@ test_pbkdf2(gnutls_mac_algorithm_t mac, gnutls_datum_t salt; gnutls_datum_t okm; uint8_t buf[MAX_BUF]; + int ret; success("PBKDF2 test with %s\n", gnutls_mac_get_name(mac)); @@ -117,7 +149,9 @@ test_pbkdf2(gnutls_mac_algorithm_t mac, hex.size = strlen(salt_hex); assert(gnutls_hex_decode2(&hex, &salt) >= 0); + FIPS_PUSH_CONTEXT(); assert(gnutls_pbkdf2(mac, &ikm, &salt, iter_count, buf, length) >= 0); + FIPS_POP_CONTEXT(APPROVED); gnutls_free(ikm.data); gnutls_free(salt.data); @@ -135,6 +169,8 @@ test_pbkdf2(gnutls_mac_algorithm_t mac, void doit(void) { + assert(gnutls_fips140_context_init(&fips_context) >= 0); + /* Test vector from RFC 5869. More thorough testing is done * in nettle. */ test_hkdf(GNUTLS_MAC_SHA256, @@ -157,4 +193,6 @@ doit(void) 4096, 20, "4b007901b765489abead49d926f721d065a429c1"); + + gnutls_fips140_context_deinit(fips_context); } |