microsoft
/
SymCrypt
зеркало из https://github.com/microsoft/SymCrypt.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Addressed more comments, cleanup

This commit is contained in:
Mitch Lindgren 2021-06-15 17:04:10 -07:00
Родитель c61dc63cad
Коммит a3c69b1531
13 изменённых файлов: 461 добавлений и 364 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

1
CMakeLists.txt
Просмотреть файл

@ -119,7 +119,6 @@ endif()
if(CMAKE_BUILD_TYPE MATCHES Release)
message("Release mode")
add_compile_options(-DDBG=0)
else()
message("Debug mode")
add_compile_options(-DDBG=1)

7
inc/symcrypt.h
Просмотреть файл

@ -6034,7 +6034,7 @@ SymCryptRsaPssVerify(
VOID
SYMCRYPT_CALL
SymCryptRsaPairwiseSelftest( );
SymCryptRsaSelftest( );
//
// FIPS self-test for RSA sign/verify. If the self-test fails, SymCryptFatal will be called to
// fastfail.
@ -6089,8 +6089,7 @@ SymCryptDsaVerify(
VOID
SYMCRYPT_CALL
SymCryptDsaPairwiseSelftest(
_In_ PCSYMCRYPT_DLKEY pkCallerKey );
SymCryptDsaSelftest( );
//
// FIPS self-test for DSA sign/verify. If the self-test fails, SymCryptFatal will be called to
// fastfail.
@ -6207,7 +6206,7 @@ SymCryptEcDsaVerify(
VOID
SYMCRYPT_CALL
SymCryptEcDsaPairwiseSelftest( );
SymCryptEcDsaSelftest( );
//
// FIPS self-test for ECDSA sign/verify. If the self-test fails, SymCryptFatal will be called to
// fastfail.

17
inc/symcrypt_internal.h
Просмотреть файл

@ -20,6 +20,11 @@
#pragma warning(disable:4068)
#endif
#if defined(DBG)
#define SYMCRYPT_DEBUG 1
#else
#define SYMCRYPT_DEBUG 0
#endif
//==============================================================================================
// COMPILER DETECTION
@ -34,12 +39,6 @@
#undef SYMCRYPT_MS_VC
#define SYMCRYPT_MS_VC 1
#if defined(DBG) && DBG
#define SYMCRYPT_DEBUG 1
#else
#define SYMCRYPT_DEBUG 0
#endif
// This should go somewhere else. Same in the other #if branches.
#define SYMCRYPT_ANYSIZE_ARRAY 1
#define SYMCRYPT_NOINLINE __declspec(noinline)
@ -74,12 +73,6 @@
// Suppress the SAL annotations
#include "symcrypt_no_sal.h"
#if defined(DBG) && DBG
#define SYMCRYPT_DEBUG 1
#else
#define SYMCRYPT_DEBUG 0
#endif
// Ignore the multi-character character constant warnings
#pragma GCC diagnostic ignored "-Wmultichar"

2
lib/CMakeLists.txt
Просмотреть файл

@ -120,7 +120,7 @@ function(process_cppasm filepath outformat archdefine)
set(output_asm ${rootpath}/${filestem}.asm)
endif()
set(dbg_definition "-DDBG=0")
set(dbg_definition "")
if(CMAKE_BUILD_TYPE MATCHES (Debug|Sanitize))
set(dbg_definition "-DDBG=1")
endif()

14
lib/dh.c
Просмотреть файл

@ -105,21 +105,11 @@ SymCryptDhSecretAgreement(
UINT32 nBitsOfExp = 0;
if( SYMCRYPT_DO_FIPS_SELFTESTS &&
((flags & SYMCRYPT_FLAG_BYPASS_FIPS_SELFTEST) == 0) &&
((g_SymCryptFipsSelftestsPerformed & SYMCRYPT_SELFTEST_DH_SECRET_AGREEMENT) == 0) )
{
SymCryptDhSecretAgreementSelftest( );
ATOMIC_OR32( &g_SymCryptFipsSelftestsPerformed, SYMCRYPT_SELFTEST_DH_SECRET_AGREEMENT );
}
// Reset SYMCRYPT_FLAG_BYPASS_FIPS_SELFTEST, if it was set, so the below check succeeds
flags &= ~SYMCRYPT_FLAG_BYPASS_FIPS_SELFTEST;
SYMCRYPT_ON_DEMAND_SELFTEST(SymCryptDhSecretAgreementSelftest, SYMCRYPT_SELFTEST_DH_SECRET_AGREEMENT);
// Make sure we only specify the correct flags and that
// there is a private key
if ( ((flags & ~SYMCRYPT_FLAG_KEY_MINIMAL_VALIDATION) != 0) || (!pkPrivate->fHasPrivateKey) )
if ( (flags != 0) || (!pkPrivate->fHasPrivateKey) )
{
scError = SYMCRYPT_INVALID_ARGUMENT;
goto cleanup;

12
lib/dlkey.c
Просмотреть файл

@ -279,6 +279,8 @@ SymCryptDlkeyGenerate(
UINT32 nBytesPriv = 0;
UINT32 cntr;
SYMCRYPT_ON_DEMAND_SELFTEST(SymCryptDsaSelftest, SYMCRYPT_SELFTEST_DSA);
// Make sure only the correct flags are specified
// Check if a flag with bits outside of the expected flags is specified
// Check if a flag is specified using bits expected, but not one of the expected flags
@ -432,14 +434,6 @@ SymCryptDlkeyGenerate(
// Set the fHasPrivateKey flag
pkDlkey->fHasPrivateKey = TRUE;
if( SYMCRYPT_DO_FIPS_SELFTESTS &&
((g_SymCryptFipsSelftestsPerformed & SYMCRYPT_SELFTEST_DSA) == 0) )
{
SymCryptDsaPairwiseSelftest( pkDlkey );
ATOMIC_OR32( &g_SymCryptFipsSelftestsPerformed, SYMCRYPT_SELFTEST_DSA );
}
cleanup:
if (pbScratch!=NULL)
{
@ -477,6 +471,8 @@ SymCryptDlkeySetValue(
BOOLEAN performRangeValidation = FALSE;
SYMCRYPT_ON_DEMAND_SELFTEST(SymCryptDsaSelftest, SYMCRYPT_SELFTEST_DSA);
if ( ((pbPrivateKey==NULL) && (cbPrivateKey!=0)) ||
((pbPublicKey==NULL) && (cbPublicKey!=0)) ||
((pbPrivateKey==NULL) && (pbPublicKey==NULL)) )

14
lib/ec_dh.c
Просмотреть файл

@ -32,20 +32,10 @@ SymCryptEcDhSecretAgreement(
UINT32 cbQ = 0;
UINT32 cbX = 0;
if( SYMCRYPT_DO_FIPS_SELFTESTS &&
((flags & SYMCRYPT_FLAG_BYPASS_FIPS_SELFTEST) == 0) &&
((g_SymCryptFipsSelftestsPerformed & SYMCRYPT_SELFTEST_ECDH_SECRET_AGREEMENT) == 0) )
{
SymCryptEcDhSecretAgreementSelftest( );
ATOMIC_OR32( &g_SymCryptFipsSelftestsPerformed, SYMCRYPT_SELFTEST_ECDH_SECRET_AGREEMENT );
}
// Reset SYMCRYPT_FLAG_BYPASS_FIPS_SELFTEST, if it was set, so the below check succeeds
flags &= ~SYMCRYPT_FLAG_BYPASS_FIPS_SELFTEST;
SYMCRYPT_ON_DEMAND_SELFTEST(SymCryptEcDhSecretAgreementSelftest, SYMCRYPT_SELFTEST_ECDH_SECRET_AGREEMENT);
// Make sure we only specify the correct flags
if ( (flags & ~SYMCRYPT_FLAG_KEY_MINIMAL_VALIDATION) != 0 )
if (flags != 0)
{
scError = SYMCRYPT_INVALID_ARGUMENT;
goto cleanup;

11
lib/eckey.c
Просмотреть файл

@ -269,7 +269,8 @@ SymCryptEckeySetValue(
BOOLEAN performRangeValidation = FALSE;
// dcl - again, we require the results of these functions below, so why not check them in release?
SYMCRYPT_ON_DEMAND_SELFTEST(SymCryptEcDsaSelftest, SYMCRYPT_SELFTEST_ECDSA);
SYMCRYPT_ASSERT( (cbPrivateKey==0) || (cbPrivateKey == SymCryptEcurveSizeofScalarMultiplier( pEckey->pCurve )) );
SYMCRYPT_ASSERT( (cbPublicKey==0) || (cbPublicKey == SymCryptEckeySizeofPublicKey( pEckey, ecPointFormat)) );
@ -694,13 +695,7 @@ SymCryptEckeySetRandom(
UINT32 highBitRestrictionPosition = pCurve->HighBitRestrictionPosition;
if( SYMCRYPT_DO_FIPS_SELFTESTS &&
((g_SymCryptFipsSelftestsPerformed & SYMCRYPT_SELFTEST_ECDSA) == 0) )
{
SymCryptEcDsaPairwiseSelftest( );
ATOMIC_OR32( &g_SymCryptFipsSelftestsPerformed, SYMCRYPT_SELFTEST_ECDSA );
}
SYMCRYPT_ON_DEMAND_SELFTEST(SymCryptEcDsaSelftest, SYMCRYPT_SELFTEST_ECDSA);
// Ensure only the correct flags are specified
// Check if a flag with bits outside of the expected flags is specified

657
lib/fips_selftest.c
Просмотреть файл

@ -8,125 +8,24 @@
SYMCRYPT_FIPS_SELFTEST g_SymCryptFipsSelftestsPerformed = SYMCRYPT_SELFTEST_NONE;
const BYTE rgbDh2048Modulus[] =
{
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
};
//
// Convenience structs for selftest data
//
const BYTE rgbDh2048Generator[] =
typedef struct _SYMCRYPT_SELFTEST_DLKEY_2048
{
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02
};
BYTE public[256];
BYTE private[32];
} SYMCRYPT_SELFTEST_DLKEY_2048;
const BYTE rgbDh2048PublicKey1[] =
typedef struct _SYMCRYPT_SELFTEST_DLGROUP_2048
{
0xC7, 0xCF, 0x6A, 0xA3, 0x34, 0x61, 0x7A, 0x6B, 0x65, 0x2E, 0xE3, 0x73, 0xD8, 0x59, 0x5E, 0x0C,
0x35, 0x7D, 0x22, 0x5C, 0xC3, 0x9E, 0x3E, 0xAC, 0x81, 0x85, 0x8C, 0x19, 0x86, 0xCC, 0xB4, 0x33,
0x26, 0x72, 0x6B, 0xD3, 0xE7, 0x6F, 0x99, 0x7A, 0x65, 0x28, 0x10, 0xC9, 0x75, 0xF2, 0x57, 0x45,
0xD3, 0x4A, 0x9E, 0x00, 0xB7, 0x8F, 0xA7, 0xDA, 0xBF, 0x1D, 0x5C, 0xBD, 0xF6, 0xEA, 0xAB, 0x66,
0x25, 0x26, 0x74, 0x67, 0xC5, 0x79, 0xEA, 0x69, 0x56, 0x89, 0x89, 0xCE, 0x11, 0x9F, 0xA1, 0xE3,
0x0B, 0x61, 0x63, 0x10, 0x89, 0x75, 0x0D, 0xAB, 0x1A, 0x59, 0x5E, 0xEF, 0xDC, 0xDD, 0x24, 0x49,
0xF3, 0x0C, 0x13, 0x04, 0x60, 0x4C, 0xCD, 0x25, 0x82, 0x07, 0xD5, 0x9B, 0x7A, 0x99, 0x86, 0x86,
0x4F, 0xC6, 0x43, 0x87, 0x55, 0xB2, 0x52, 0x90, 0x8B, 0xB3, 0xDA, 0x71, 0x51, 0x8D, 0x5A, 0xBD,
0x24, 0xE1, 0x4E, 0x9B, 0xDF, 0xBB, 0xAD, 0x0F, 0xFF, 0x4A, 0xE8, 0xFA, 0xD8, 0xE7, 0x52, 0x10,
0x65, 0x91, 0x61, 0x0D, 0x09, 0x09, 0xE2, 0x2E, 0x20, 0xC9, 0x0C, 0x76, 0x61, 0x5E, 0xA7, 0xDA,
0xD0, 0x08, 0x7A, 0xD7, 0x4F, 0xAD, 0x37, 0x57, 0x45, 0x92, 0x38, 0x83, 0x17, 0xF1, 0x04, 0xA9,
0x38, 0x45, 0xD2, 0xA6, 0xC0, 0xDA, 0x2B, 0xD0, 0xBA, 0x81, 0xD6, 0xF0, 0x2A, 0x0F, 0x03, 0xD6,
0xD4, 0x31, 0x54, 0x49, 0x0D, 0x87, 0x04, 0x53, 0x51, 0xED, 0xF1, 0x96, 0x65, 0xEA, 0xA1, 0x28,
0x60, 0x9D, 0xB7, 0x50, 0xA8, 0x66, 0x22, 0x70, 0x74, 0x51, 0x28, 0x81, 0xB2, 0xCA, 0x37, 0x83,
0xDC, 0x55, 0x4D, 0xF2, 0xBB, 0xBB, 0xD6, 0x33, 0xA4, 0xD4, 0x2A, 0x01, 0xEF, 0xD8, 0xDA, 0xC2,
0xE1, 0x20, 0xD8, 0xAE, 0x41, 0xEF, 0x5A, 0x63, 0x0D, 0x2B, 0x05, 0xD2, 0x21, 0xCC, 0x2A, 0xCC
};
const BYTE rgbDh2048PrivateKey1[] =
{
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x04, 0x5A, 0x39, 0xD6, 0x42, 0xB3, 0xEE, 0xD0, 0x12, 0x2C, 0x47, 0xB3, 0x52, 0xC1, 0xC5, 0x00,
0x21, 0xAD, 0x3F, 0x1B, 0xFA, 0x3D, 0x9A, 0xD3, 0x6D, 0x28, 0x5C, 0xDE, 0x08, 0xA5, 0xA5, 0xF6,
0xCA, 0xD0, 0x22, 0xD1, 0x4F, 0x85, 0xF4, 0x49, 0x9F, 0x04, 0x84, 0x8D, 0x72, 0xEA, 0xD8, 0x3F,
0xE4, 0x2E, 0xE1, 0xF8, 0xE4, 0x7C, 0x4F, 0xDC, 0x16, 0xF6, 0x3D, 0x28, 0x2E, 0x79, 0x8F, 0xC5
};
const BYTE rgbDh2048PublicKey2[] =
{
0x4F, 0x43, 0xD9, 0x96, 0x07, 0xFE, 0x75, 0x0A, 0xB9, 0x70, 0x6A, 0x45, 0xB9, 0xCF, 0xA6, 0xA9,
0x1D, 0x56, 0x7A, 0x2A, 0x87, 0xA1, 0xE6, 0xFF, 0x77, 0xDD, 0x9E, 0x87, 0x45, 0x1E, 0xEC, 0x8D,
0x6A, 0x31, 0x84, 0xB9, 0x79, 0x9A, 0x1E, 0xFE, 0xEF, 0x4C, 0x3A, 0xF8, 0xA0, 0xEB, 0xCE, 0xA4,
0x8A, 0xA1, 0x93, 0x55, 0x54, 0x2B, 0x52, 0x9E, 0xF3, 0xE0, 0x61, 0x42, 0x8E, 0x77, 0x7E, 0x2C,
0xB7, 0x6A, 0xC1, 0x1F, 0xB2, 0xAF, 0x63, 0x48, 0xDC, 0xB6, 0x5D, 0xCB, 0x6B, 0x73, 0xD8, 0x39,
0x88, 0xFC, 0xC0, 0xCA, 0x90, 0x0A, 0x47, 0x84, 0xA2, 0xC8, 0xB7, 0x43, 0x63, 0x19, 0x4B, 0x8F,
0x1E, 0x06, 0x77, 0x75, 0x94, 0xF4, 0xD5, 0x50, 0x4B, 0x32, 0xA4, 0xB8, 0xC2, 0xF0, 0xA3, 0xE1,
0xED, 0x08, 0x7B, 0x52, 0xFF, 0x6D, 0x99, 0xD2, 0x93, 0xD1, 0x7F, 0xA8, 0xF3, 0x01, 0x2D, 0x0B,
0x4E, 0x51, 0xA3, 0x23, 0x7E, 0xC1, 0x97, 0x30, 0x15, 0xF2, 0xEC, 0x4C, 0x29, 0x0D, 0xEF, 0xF5,
0xCA, 0x02, 0x0F, 0x46, 0x56, 0xF5, 0xC6, 0xE0, 0x82, 0xBB, 0x4F, 0x9C, 0xC3, 0x35, 0x04, 0x4A,
0x58, 0x63, 0xA4, 0x4E, 0x23, 0x1B, 0x86, 0xA2, 0x1D, 0x1F, 0x7A, 0x34, 0x3B, 0x9C, 0x81, 0x2F,
0x9E, 0xFF, 0x9B, 0x32, 0x6B, 0x18, 0x9C, 0xAA, 0xC4, 0x0E, 0x63, 0xAD, 0x56, 0x4A, 0x3A, 0x02,
0x3F, 0xE9, 0x8A, 0xA1, 0x87, 0xF9, 0xCE, 0x39, 0xEB, 0x47, 0x3A, 0xC2, 0x82, 0x65, 0x7D, 0xC6,
0x52, 0x33, 0x8B, 0x56, 0xCB, 0x18, 0xD9, 0x08, 0x13, 0xA1, 0xC8, 0x4D, 0xB2, 0x93, 0x1F, 0x4F,
0x81, 0xBF, 0xD6, 0x5F, 0x58, 0x39, 0x2D, 0xE9, 0xF3, 0x44, 0xC1, 0x46, 0x48, 0x2E, 0xC3, 0x59,
0xAD, 0xC4, 0x40, 0xED, 0x8D, 0x2C, 0xC4, 0x62, 0x43, 0xA8, 0x42, 0xE1, 0x72, 0xAC, 0xDE, 0x11
};
const BYTE rgbDh2048PrivateKey2[] =
{
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xCE, 0x80, 0x11, 0x1E, 0x79, 0xCA, 0xBC, 0x8E, 0xBE, 0x82, 0x57, 0xF9, 0x13, 0x17, 0x89, 0x47,
0xE7, 0xED, 0x1A, 0x0A, 0x29, 0x8E, 0x7A, 0x40, 0xB5, 0xF4, 0x1E, 0xF0, 0x4B, 0x13, 0x28, 0x77,
0x9B, 0xBF, 0x15, 0xFE, 0xD4, 0xF2, 0x4B, 0x2A, 0x65, 0x40, 0x64, 0xC3, 0x75, 0x16, 0xF8, 0x21,
0x30, 0x47, 0x08, 0x55, 0x94, 0xD7, 0x4B, 0x9A, 0x26, 0x38, 0xAC, 0x71, 0x44, 0x39, 0x64, 0x8F
};
BYTE primeP[256];
BYTE primeQ[32];
BYTE generator[256];
BYTE seed[32];
UINT32 counter;
} SYMCRYPT_SELFTEST_DLGROUP_2048;
typedef struct _SYMCRYPT_SELFTEST_ECKEY_P256
{
@ -135,6 +34,303 @@ typedef struct _SYMCRYPT_SELFTEST_ECKEY_P256
BYTE d[32];
} SYMCRYPT_SELFTEST_ECKEY_P256;
typedef struct _SYMCRYPT_SELFTEST_RSAKEY_2048
{
UINT64 publicExp;
BYTE modulus[256];
BYTE prime1[128];
BYTE prime2[128];
} SYMCRYPT_SELFTEST_RSAKEY_2048;
//
// DL groups and keys for DH secret agreement selftest
//
// Generator for the DL group used with the two following DH keys
const BYTE dhGenerator = 2;
// Keys generated from Oakley group 14 (IKE group mod p2048 from RFC 3526)
// aka SymCryptDlgroupDhSafePrimeParamsModp2048
const SYMCRYPT_SELFTEST_DLKEY_2048 dhKey1 =
{
// Public key
{
0x7d, 0xca, 0xed, 0x67, 0x30, 0x4a, 0x28, 0xcb,
0x6b, 0x18, 0x21, 0xb9, 0xdc, 0x82, 0xf5, 0xef,
0xfe, 0x77, 0x35, 0xf2, 0xed, 0x91, 0x95, 0x9e,
0x1f, 0xb6, 0xf9, 0x60, 0x84, 0x4f, 0x9f, 0xba,
0x20, 0xc3, 0x1a, 0x66, 0xa2, 0x34, 0x42, 0x19,
0x82, 0x52, 0xea, 0x53, 0x4f, 0x24, 0x93, 0x24,
0xef, 0x4d, 0xba, 0x65, 0x49, 0x7f, 0x8d, 0x56,
0x1c, 0x2f, 0xa6, 0x24, 0x26, 0x8c, 0xca, 0xad,
0x28, 0x9d, 0x50, 0x2a, 0x41, 0xa0, 0x64, 0xfa,
0xe6, 0x55, 0x43, 0xed, 0xdd, 0x6c, 0x3e, 0x45,
0xad, 0xa4, 0x07, 0x8d, 0x71, 0x76, 0xc0, 0x99,
0x85, 0x72, 0x33, 0x04, 0xdc, 0xee, 0x4e, 0xac,
0x39, 0x8e, 0x49, 0x45, 0xbb, 0x50, 0xcb, 0x3e,
0x03, 0xbc, 0x23, 0x6f, 0x63, 0x6f, 0xef, 0x9f,
0xd8, 0xe4, 0x7f, 0xe7, 0x0f, 0x7d, 0x34, 0x0f,
0x6a, 0xc3, 0x45, 0x3a, 0x5b, 0xa7, 0x07, 0x23,
0xd5, 0x32, 0x28, 0xe4, 0x69, 0xa4, 0xd2, 0xdd,
0x4a, 0x9e, 0x0f, 0xfa, 0x38, 0xeb, 0x8d, 0xbe,
0xa9, 0x31, 0x39, 0x70, 0xdc, 0x1d, 0xf6, 0x0b,
0x51, 0x0c, 0x6c, 0x27, 0x6c, 0x4a, 0x52, 0x6b,
0x84, 0xc4, 0x57, 0xb8, 0x47, 0x0c, 0x4c, 0x80,
0xb0, 0x2b, 0x2e, 0x83, 0x78, 0x83, 0x55, 0xe6,
0x12, 0x94, 0x79, 0x9b, 0x13, 0x7d, 0xd1, 0x93,
0x6a, 0xec, 0x76, 0x73, 0xba, 0x92, 0x44, 0xab,
0x2b, 0xec, 0xc2, 0xbc, 0x77, 0xce, 0x20, 0xa3,
0x21, 0x33, 0x06, 0x80, 0xf6, 0x1b, 0x2b, 0xe0,
0x90, 0x23, 0xde, 0x74, 0x57, 0x04, 0xcc, 0x27,
0xed, 0x4e, 0x3e, 0x7f, 0x0d, 0x7b, 0x48, 0xfa,
0x45, 0x2f, 0x84, 0x67, 0xe8, 0x1c, 0x89, 0xaa,
0xbd, 0x85, 0x53, 0x7f, 0xe6, 0xdf, 0x27, 0x75,
0x92, 0x84, 0x0b, 0x6f, 0x9c, 0xfd, 0x95, 0x0d,
0xb5, 0xdb, 0x17, 0x38, 0xc9, 0x78, 0xde, 0xa5
},
// Private key
{
0x17, 0xcd, 0x0e, 0x82, 0xa3, 0x2f, 0x0e, 0x38,
0x4c, 0xec, 0x69, 0xb2, 0xec, 0x46, 0xc9, 0xaa,
0xa3, 0xca, 0x41, 0x33, 0xcc, 0xb4, 0x1a, 0xac,
0x3d, 0x66, 0x0c, 0xa5, 0xb7, 0x79, 0xa6, 0x6e
}
};
const SYMCRYPT_SELFTEST_DLKEY_2048 dhKey2 =
{
// Public key
{
0x51, 0x7f, 0x01, 0xa6, 0xe7, 0x95, 0x2c, 0xb7,
0x0e, 0x3c, 0x09, 0x6e, 0x31, 0xfb, 0x14, 0x87,
0xaa, 0x27, 0x7f, 0xe0, 0x61, 0xed, 0xd7, 0x09,
0x07, 0xb4, 0x40, 0xb8, 0xdf, 0xff, 0x05, 0x64,
0x36, 0xc6, 0x0e, 0x50, 0x11, 0xd6, 0xac, 0x3f,
0xc2, 0x5d, 0x52, 0x39, 0x44, 0xec, 0xdf, 0x86,
0xde, 0x32, 0x9c, 0xde, 0x4e, 0x43, 0x30, 0x46,
0x32, 0x68, 0x5b, 0xb6, 0x2c, 0xda, 0x04, 0x13,
0x75, 0xa9, 0x80, 0x7a, 0x30, 0xf0, 0x83, 0xc4,
0x94, 0xf7, 0x59, 0x3e, 0x91, 0xd1, 0x53, 0x74,
0xde, 0xa6, 0x9a, 0xdf, 0x1d, 0x0a, 0xc7, 0x20,
0x9e, 0xef, 0x38, 0x0b, 0xd6, 0x20, 0x50, 0x6e,
0x5b, 0x5e, 0x66, 0x3d, 0xda, 0xd8, 0xbe, 0xea,
0x50, 0xee, 0x18, 0x54, 0xa9, 0x87, 0x3c, 0x1f,
0x38, 0x95, 0x27, 0xfd, 0xe2, 0xb6, 0x98, 0x9f,
0x50, 0x44, 0x7f, 0x66, 0x79, 0x17, 0x3f, 0x20,
0x45, 0xba, 0x9c, 0x43, 0x74, 0x0c, 0xda, 0x89,
0x80, 0x4b, 0x93, 0x02, 0x1b, 0x10, 0x1c, 0x3c,
0x20, 0x80, 0x1e, 0xa2, 0xc4, 0x08, 0x10, 0xd3,
0xda, 0xf3, 0x78, 0xc0, 0x06, 0x47, 0xed, 0x0d,
0xa4, 0xf8, 0x14, 0xeb, 0xd2, 0xbc, 0xf5, 0xe2,
0x56, 0x41, 0x48, 0x6a, 0xd5, 0x90, 0xb6, 0x15,
0x5d, 0x47, 0xc0, 0xb8, 0x10, 0x8b, 0xd5, 0x56,
0x8f, 0x95, 0xc2, 0xde, 0x8c, 0x9e, 0xc8, 0xa9,
0x9f, 0xfd, 0x6b, 0xff, 0x3e, 0xe8, 0x71, 0xf1,
0xb8, 0x01, 0xf0, 0x36, 0x07, 0x5b, 0xe5, 0x0a,
0xfc, 0xe4, 0x42, 0xab, 0x11, 0xd3, 0x91, 0x68,
0x5f, 0xba, 0x61, 0xa9, 0x2f, 0x69, 0x55, 0x15,
0x1d, 0xde, 0x7c, 0x2c, 0xc1, 0x05, 0x34, 0x13,
0x84, 0x48, 0xe0, 0xce, 0xfd, 0xa9, 0xfe, 0xd9,
0x76, 0x94, 0x07, 0xde, 0x0f, 0xe4, 0x98, 0x46,
0xbc, 0x32, 0x3b, 0xd7, 0xce, 0x16, 0xae, 0x71
},
// Private key
{
0xad, 0xcb, 0x1d, 0xab, 0xa7, 0xc3, 0x78, 0xdb,
0x37, 0x0f, 0x0b, 0x9c, 0xcd, 0x4f, 0x05, 0x5f,
0x0e, 0x2b, 0xc3, 0xee, 0xa9, 0xb4, 0xd3, 0xb9,
0x77, 0xd8, 0x89, 0xbd, 0xf6, 0x0e, 0xd7, 0x18
}
};
// Shared secret generated from the two above keys
const BYTE rgbDhKnownSecret[] =
{
0xa8, 0xf4, 0x48, 0xa2, 0x9f, 0xe0, 0xae, 0x75,
0xf1, 0xec, 0x1f, 0x65, 0x93, 0x72, 0x25, 0xf2,
0x3d, 0x9f, 0x8b, 0x74, 0xee, 0x9c, 0x60, 0x1c,
0xae, 0x8c, 0x8f, 0x61, 0x62, 0xa7, 0xa9, 0xa0,
0xaa, 0xe3, 0x85, 0x11, 0xcc, 0xe4, 0x97, 0x3d,
0xbc, 0x59, 0x74, 0x57, 0x70, 0x45, 0xe9, 0x1f,
0x82, 0x14, 0x8f, 0xb1, 0x51, 0x3c, 0x79, 0x51,
0x06, 0xe8, 0xed, 0xc0, 0xe9, 0xd0, 0xde, 0xb0,
0xd2, 0x06, 0xf1, 0x15, 0x81, 0x7a, 0x26, 0x80,
0x89, 0x26, 0x77, 0xda, 0x50, 0xdd, 0x86, 0x90,
0x82, 0x06, 0x35, 0x81, 0x82, 0xfd, 0x19, 0x25,
0xdf, 0x7f, 0xa2, 0xde, 0xd0, 0x40, 0x2c, 0x5c,
0x74, 0x5e, 0x0c, 0xbc, 0xea, 0x65, 0x7a, 0x7e,
0xbc, 0x93, 0xf3, 0xdd, 0x62, 0x10, 0x68, 0x0b,
0xb3, 0x7e, 0x5c, 0xd0, 0xd0, 0x74, 0x7e, 0xa5,
0xfc, 0xd4, 0xc8, 0xdc, 0x00, 0xde, 0x10, 0x53,
0x9b, 0xa0, 0x26, 0x6b, 0x57, 0xe6, 0x50, 0x69,
0x03, 0x18, 0xef, 0xe9, 0x3d, 0xc1, 0x08, 0x74,
0xdb, 0x1e, 0x02, 0x9d, 0x6c, 0x03, 0x04, 0xdc,
0x0c, 0xad, 0x68, 0x23, 0x08, 0x6e, 0x9c, 0x8a,
0x2b, 0xb8, 0xa3, 0xca, 0xf1, 0x3e, 0x16, 0x17,
0x43, 0xa4, 0x64, 0xf3, 0x64, 0x75, 0x54, 0xdd,
0x25, 0x19, 0x37, 0xf4, 0x7b, 0x14, 0x12, 0xa7,
0x62, 0xa7, 0xc5, 0x27, 0x46, 0xd6, 0xda, 0xe8,
0x4e, 0xcb, 0xf4, 0x80, 0x7e, 0x8c, 0xa6, 0xb4,
0x52, 0x0a, 0x1d, 0xf6, 0x24, 0xf2, 0x13, 0xe3,
0x4a, 0xcc, 0x86, 0x27, 0x26, 0x57, 0x06, 0xfa,
0xfa, 0x9d, 0xb2, 0x4c, 0x0c, 0xa4, 0xad, 0x07,
0x47, 0x13, 0xbb, 0x80, 0x63, 0x37, 0x37, 0x6c,
0xa4, 0x2e, 0xb7, 0xd5, 0x74, 0x37, 0xb7, 0x95,
0xe1, 0xc4, 0xbe, 0x25, 0x33, 0xcc, 0x0e, 0xdf,
0x53, 0xa6, 0xf9, 0x6f, 0xbc, 0x7b, 0xa6, 0x5c
};
//
// DL group and keys for DSA selftest
//
const SYMCRYPT_SELFTEST_DLGROUP_2048 dsaDlgroup =
{
// Prime P
{
0x8a, 0x09, 0xf1, 0x3b, 0xb4, 0xce, 0xc7, 0xb9,
0x73, 0x36, 0xae, 0xb2, 0x45, 0xee, 0x9d, 0x7d,
0x3b, 0xef, 0xaf, 0x78, 0xb7, 0x8c, 0x62, 0xdb,
0xd1, 0x86, 0x60, 0xac, 0xef, 0xa6, 0x3f, 0x14,
0x19, 0xa8, 0x02, 0xf4, 0xf3, 0xaa, 0x44, 0x91,
0x4a, 0xc9, 0xa8, 0xf8, 0x70, 0xb0, 0x95, 0x96,
0xbc, 0x52, 0x6c, 0x0c, 0x46, 0x42, 0x2c, 0x4a,
0x12, 0xce, 0xfb, 0x28, 0x3d, 0x3a, 0x0c, 0x53,
0x48, 0x8b, 0x6c, 0x2a, 0x43, 0x55, 0x64, 0xb2,
0x60, 0x5e, 0x54, 0xdc, 0x72, 0x35, 0x33, 0xec,
0x1b, 0xd6, 0x6d, 0x8f, 0xd5, 0xaf, 0x6d, 0x12,
0xf0, 0x26, 0xef, 0x1d, 0xd7, 0x49, 0xf5, 0x5c,
0xf6, 0xd8, 0xc8, 0x39, 0xcd, 0xb3, 0xc8, 0xa6,
0xb1, 0x9c, 0xac, 0x52, 0x89, 0xce, 0xe4, 0x54,
0xf7, 0x0e, 0xe8, 0xdc, 0xbc, 0x32, 0x75, 0x53,
0xcf, 0xe8, 0xe3, 0x29, 0x03, 0xbf, 0xa1, 0x56,
0x0d, 0xce, 0xfa, 0xd1, 0x8b, 0x55, 0x0c, 0xdd,
0x94, 0xe2, 0xfa, 0xf0, 0x52, 0xaf, 0x4b, 0xcb,
0x38, 0xb3, 0x6a, 0xb9, 0x5a, 0x75, 0x6f, 0xf2,
0xbb, 0x5d, 0xcb, 0x47, 0x8a, 0xb0, 0x86, 0x85,
0xdd, 0x49, 0x47, 0xbc, 0xa9, 0xa5, 0x7b, 0xd2,
0xba, 0x0e, 0x23, 0x41, 0xea, 0x12, 0xb6, 0x0f,
0x5e, 0x0b, 0xb0, 0x07, 0x63, 0x34, 0x65, 0x66,
0x07, 0x98, 0xa1, 0x9a, 0x12, 0x75, 0x25, 0x2f,
0xd2, 0x3b, 0x1e, 0x89, 0xb8, 0x70, 0xfd, 0x89,
0xfd, 0x95, 0x17, 0x9a, 0xe3, 0xb8, 0xbb, 0x1c,
0x93, 0x87, 0x4a, 0x3b, 0x5f, 0xdf, 0xca, 0x09,
0xd7, 0xc6, 0xca, 0xaf, 0x7b, 0xcf, 0x03, 0x58,
0x89, 0xb1, 0x1e, 0x4d, 0x5d, 0x89, 0x10, 0xa8,
0x53, 0xf4, 0x12, 0x56, 0x8b, 0x85, 0xe2, 0xcc,
0x02, 0x86, 0x82, 0x77, 0x2e, 0x0f, 0x30, 0x86,
0x1b, 0x6e, 0xd1, 0xda, 0x15, 0x05, 0x5f, 0x93
},
// Prime Q
{
0xb8, 0x0e, 0xd4, 0x3a, 0xe1, 0x2a, 0x6a, 0xb7,
0xd5, 0x6d, 0x3f, 0x8c, 0x86, 0xb9, 0xb9, 0x9d,
0xb4, 0x28, 0xa3, 0x96, 0x61, 0xab, 0x19, 0x8a,
0x92, 0xe1, 0xc2, 0xaa, 0x7e, 0x10, 0x03, 0x13
},
// Generator
{
0x1a, 0xe8, 0x38, 0xbe, 0xe7, 0xd0, 0xc5, 0x52,
0x89, 0x0d, 0x7a, 0x45, 0x31, 0x83, 0x9a, 0xed,
0xa5, 0x4e, 0x13, 0x15, 0xba, 0xb7, 0x01, 0xa1,
0xf5, 0x86, 0x6a, 0x43, 0x88, 0x75, 0xdb, 0xed,
0xe9, 0xa3, 0xa3, 0x43, 0x78, 0x4c, 0x01, 0x18,
0x4d, 0x56, 0x3a, 0x49, 0x3c, 0xa7, 0x10, 0xba,
0x0b, 0x1b, 0x11, 0x11, 0xef, 0x2d, 0xee, 0x12,
0x76, 0x8c, 0xc2, 0xa8, 0xe2, 0x9d, 0xc6, 0x3f,
0xb5, 0xe5, 0x91, 0x76, 0x0f, 0xd8, 0xf6, 0xff,
0x59, 0x06, 0xb7, 0x4e, 0xcc, 0xb3, 0x75, 0x50,
0x47, 0x6c, 0x61, 0xf6, 0x3f, 0xe7, 0x9f, 0x80,
0x4c, 0x04, 0x84, 0xac, 0xfd, 0xab, 0x63, 0xa3,
0x99, 0x61, 0x62, 0x26, 0x5d, 0x1c, 0xc3, 0x11,
0x31, 0x2e, 0x4c, 0xf1, 0x81, 0xc6, 0x45, 0xd4,
0x3a, 0x3d, 0x17, 0x48, 0x8e, 0x84, 0x38, 0xde,
0xc1, 0x55, 0x42, 0xca, 0xf8, 0xb0, 0x76, 0x54,
0x90, 0xac, 0xf8, 0x0f, 0x38, 0xdd, 0x81, 0x70,
0xa9, 0xb8, 0x6f, 0xcb, 0x3e, 0xba, 0xf7, 0x1e,
0x5d, 0xaa, 0xa0, 0xcb, 0x7c, 0x37, 0xa1, 0x87,
0xb0, 0x34, 0x6e, 0x78, 0x62, 0x7e, 0x17, 0xe6,
0xae, 0xc3, 0x4e, 0x0c, 0xeb, 0x4f, 0x25, 0x76,
0x4a, 0xb6, 0xe5, 0xc6, 0x23, 0x77, 0xfb, 0xa8,
0xb2, 0x0c, 0xa1, 0xc0, 0x56, 0xe9, 0x22, 0x2d,
0x3f, 0x44, 0x43, 0x31, 0xdf, 0x2f, 0x5f, 0x57,
0x22, 0x6e, 0x8a, 0xf1, 0x64, 0xb1, 0x3c, 0xd3,
0x22, 0x78, 0x8a, 0xe3, 0x12, 0xbd, 0x47, 0x20,
0xd3, 0x19, 0x22, 0xb7, 0xc7, 0xc7, 0x6a, 0xb8,
0x7e, 0x13, 0x34, 0x13, 0x41, 0x47, 0x56, 0xd4,
0xff, 0x4f, 0x37, 0xd2, 0x8d, 0x58, 0x8f, 0xe3,
0xea, 0x04, 0x0a, 0x13, 0x3f, 0x3b, 0x8f, 0x71,
0x5a, 0xbe, 0xf8, 0x90, 0x8d, 0x3b, 0xd5, 0xeb,
0x97, 0x6f, 0xeb, 0xb1, 0xe1, 0xed, 0x1c, 0x6f
},
// Seed
{
0xe7, 0x53, 0x59, 0xd5, 0xca, 0x3a, 0x7c, 0xe1,
0x83, 0x68, 0x7a, 0x79, 0xff, 0x65, 0xad, 0x40,
0x38, 0x69, 0x59, 0x10, 0x5a, 0x18, 0x4d, 0xc5,
0x3a, 0xd2, 0x7e, 0x95, 0x23, 0xa3, 0x7b, 0x3d
},
// Counter
3394
};
const SYMCRYPT_SELFTEST_DLKEY_2048 dsaKey =
{
// Public key
{
0x24, 0xaa, 0x5c, 0x6a, 0x72, 0x54, 0x3a, 0x40,
0x8a, 0xd7, 0xa4, 0xd2, 0x59, 0x7d, 0xfc, 0x9d,
0x93, 0xc3, 0x9f, 0x84, 0x50, 0x4e, 0x03, 0x17,
0x87, 0x19, 0x35, 0xf0, 0x17, 0x17, 0x22, 0xb8,
0x08, 0xca, 0xe4, 0x22, 0xd3, 0xb5, 0x52, 0x92,
0xf0, 0xa9, 0x83, 0x45, 0xe4, 0x2c, 0x1f, 0xa7,
0xb1, 0x9f, 0x8e, 0x35, 0xfe, 0x26, 0x1f, 0xe0,
0xda, 0x74, 0xe4, 0xa4, 0xa0, 0xf6, 0x17, 0x0b,
0x04, 0x86, 0xc7, 0x5e, 0x2e, 0xc0, 0x52, 0xfe,
0x29, 0x12, 0x48, 0x3a, 0x16, 0x12, 0xfb, 0xbe,
0xd9, 0x71, 0xf2, 0x65, 0x44, 0xef, 0x41, 0xf4,
0x67, 0x7c, 0x8b, 0xeb, 0xb8, 0xb6, 0x58, 0x5d,
0xd0, 0xbb, 0x42, 0xf9, 0xc7, 0x32, 0xcc, 0x44,
0x46, 0x93, 0x8f, 0x2e, 0xe2, 0xd7, 0x6c, 0xa6,
0x53, 0x4d, 0xc9, 0x12, 0xbb, 0xc9, 0xee, 0xb2,
0xba, 0xc0, 0x0e, 0xc2, 0x7e, 0x61, 0x61, 0x29,
0x2d, 0x70, 0x70, 0x86, 0x10, 0xd8, 0x24, 0x6d,
0x6e, 0x4c, 0x7d, 0xb2, 0xc9, 0x10, 0x0a, 0x3c,
0xf8, 0x46, 0x91, 0xeb, 0xb7, 0xc2, 0x31, 0x32,
0xf9, 0x5b, 0x29, 0x53, 0x38, 0x75, 0x27, 0x88,
0x53, 0x2a, 0xe2, 0xae, 0x61, 0x7d, 0xe0, 0xd1,
0xb1, 0x9a, 0x43, 0xcf, 0xf1, 0x91, 0x19, 0x11,
0x4d, 0x7c, 0xf8, 0x5a, 0x37, 0x9c, 0x2b, 0x0c,
0x40, 0x74, 0x40, 0xee, 0xef, 0x5b, 0x1f, 0x3b,
0xa1, 0xb8, 0x06, 0x2e, 0x5d, 0x1d, 0x23, 0xd8,
0x05, 0x08, 0xc4, 0x1a, 0x70, 0x96, 0x96, 0x29,
0x6a, 0x12, 0x3a, 0x96, 0x68, 0x94, 0x8e, 0x3a,
0xfe, 0x2d, 0x71, 0x0c, 0x54, 0x28, 0x67, 0xbf,
0x95, 0x69, 0x68, 0x73, 0xee, 0xe6, 0x5d, 0x65,
0x79, 0x57, 0xe5, 0x45, 0x08, 0xbd, 0xf1, 0x8c,
0x59, 0x45, 0x97, 0xa9, 0x43, 0xd6, 0xbd, 0xb5,
0x34, 0xf0, 0x6a, 0x0a, 0x52, 0x6e, 0x47, 0xa6
},
// Private key
{
0x0f, 0x3f, 0xab, 0x80, 0xf1, 0x29, 0x5d, 0x41,
0xf7, 0xbb, 0xff, 0xa6, 0x0a, 0x28, 0x9d, 0x46,
0x56, 0x28, 0x7c, 0x9b, 0x3e, 0x4a, 0x06, 0x95,
0x7d, 0xea, 0x04, 0x1e, 0xab, 0x9a, 0x78, 0x17
}
};
//
// ECDH/ECDSA keys
//
const SYMCRYPT_SELFTEST_ECKEY_P256 eckey1 =
{
// Qx
@ -185,26 +381,18 @@ const SYMCRYPT_SELFTEST_ECKEY_P256 eckey2 =
}
};
// Hashed from: {0x61, 0x62, 0x63} using SHA256
const BYTE rgbRsaSignVerifyHash[] =
// Shared secret generated from the two keys above
BYTE rgbEcdhKnownSecret[] =
{
0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
0x16, 0x94, 0xc8, 0xb3, 0xe9, 0xbe, 0x65, 0x41,
0x75, 0xba, 0x71, 0x5d, 0x0a, 0xab, 0x6f, 0x6d,
0xeb, 0xdb, 0x70, 0x75, 0xd1, 0x9e, 0x90, 0x7f,
0xb6, 0x08, 0x32, 0x29, 0x34, 0x40, 0x1e, 0xd4
};
//
// KAT from http://csrc.nist.gov/cryptval/dss/RSAExample.zip.
// Key from http://csrc.nist.gov/cryptval/dss/RSAExample.zip.
//
typedef struct _SYMCRYPT_SELFTEST_RSAKEY_2048
{
UINT64 publicExp;
BYTE modulus[256];
BYTE prime1[128];
BYTE prime2[128];
} SYMCRYPT_SELFTEST_RSAKEY_2048;
const SYMCRYPT_SELFTEST_RSAKEY_2048 rsakey =
{
// publicExp
@ -284,40 +472,14 @@ const SYMCRYPT_SELFTEST_RSAKEY_2048 rsakey =
}
};
const BYTE rgbKnownSignature [] =
// SHA256 hash for DSA, ECDSA, RSA sign/verify tests
// Hashed from: { 0x61, 0x62, 0x63 }
const BYTE rgbSha256Hash[] =
{
0x8c, 0x01, 0x48, 0x38, 0x1a, 0x8f, 0xa9, 0xae,
0x55, 0xa6, 0xad, 0x04, 0x5f, 0x78, 0x1a, 0xf5,
0xae, 0xf4, 0x09, 0x5d, 0x9c, 0x3a, 0xe2, 0x13,
0xf2, 0x04, 0xd8, 0x8a, 0xf7, 0x58, 0x4f, 0xe5,
0xb0, 0xcc, 0xea, 0xd8, 0xd0, 0xc4, 0x57, 0xd1,
0x9e, 0x61, 0xa8, 0x62, 0xb3, 0x39, 0x03, 0xf6,
0x13, 0x45, 0x6f, 0x88, 0x1a, 0x14, 0x33, 0x07,
0x20, 0x17, 0xab, 0xe1, 0x00, 0x93, 0x69, 0x03,
0x37, 0x69, 0xbb, 0x0e, 0x0f, 0x63, 0x57, 0xed,
0xb7, 0x56, 0x3a, 0x5d, 0xf1, 0x93, 0xd3, 0x76,
0x90, 0xf3, 0xed, 0x25, 0x6f, 0xc5, 0xc8, 0xcb,
0x1a, 0xd7, 0xce, 0x02, 0x80, 0x28, 0xa3, 0x5f,
0x02, 0x6b, 0xf1, 0xfa, 0x94, 0x08, 0xbb, 0x79,
0xfd, 0x51, 0x37, 0xf1, 0x48, 0xe9, 0x55, 0xaa,
0x0f, 0xb0, 0xaf, 0x5d, 0x5f, 0xe9, 0x28, 0x7f,
0xb2, 0x67, 0x96, 0x6d, 0x91, 0x7c, 0x98, 0x0d,
0x60, 0x27, 0xea, 0x62, 0xf5, 0x22, 0x60, 0x0a,
0xbd, 0xfe, 0x9d, 0xd5, 0x96, 0xa6, 0x02, 0xbb,
0x6c, 0x51, 0x36, 0x74, 0x92, 0x23, 0xb9, 0x4b,
0x87, 0xf4, 0xef, 0x2b, 0x00, 0x34, 0xe3, 0xfb,
0x10, 0x1b, 0xcc, 0xab, 0xc4, 0xe5, 0xda, 0x27,
0xf5, 0xf2, 0x55, 0x18, 0x65, 0x59, 0x8b, 0xed,
0x8e, 0x52, 0x78, 0x5a, 0xc7, 0x4b, 0x6b, 0x1b,
0x66, 0x67, 0xe6, 0xc0, 0xd7, 0x5a, 0x2a, 0xab,
0xce, 0x1d, 0xf2, 0xdf, 0x92, 0xe0, 0xdb, 0xf7,
0x34, 0xe3, 0x05, 0x10, 0xe4, 0x13, 0x7b, 0x29,
0x14, 0xa5, 0x41, 0xcb, 0x6e, 0x81, 0x33, 0xd0,
0xf9, 0x93, 0xa8, 0x85, 0xd1, 0xf4, 0xea, 0xfc,
0xaf, 0x5d, 0x7b, 0xc7, 0xf4, 0xff, 0x6c, 0x1e,
0x76, 0x18, 0xc6, 0x09, 0xe9, 0x8a, 0xa4, 0x57,
0xe6, 0x6b, 0x3e, 0x32, 0x36, 0xb4, 0xfd, 0x6a,
0xea, 0x87, 0xe0, 0xe6, 0x42, 0x3e, 0xdc, 0x58
0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
};
VOID
@ -330,19 +492,18 @@ SymCryptDhSecretAgreementSelftest()
PSYMCRYPT_DLKEY pkKey1 = NULL;
PSYMCRYPT_DLKEY pkKey2 = NULL;
BYTE rgbSecret1[sizeof(rgbDh2048PublicKey1)];
BYTE rgbSecret2[sizeof(rgbDh2048PublicKey1)];
BYTE rgbSecret[sizeof(dhKey1.public)];
pDlgroup = SymCryptDlgroupAllocate( sizeof(rgbDh2048PublicKey1) * 8, 0 );
pDlgroup = SymCryptDlgroupAllocate( sizeof(dhKey1.public) * 8, 0 );
SYMCRYPT_FIPS_ASSERT(pDlgroup != NULL);
scError = SymCryptDlgroupSetValue(
rgbDh2048Modulus,
sizeof(rgbDh2048Modulus),
SymCryptDlgroupDhSafePrimeParamsModp2048->pcbPrimeP,
SymCryptDlgroupDhSafePrimeParamsModp2048->nBitsOfP / 8,
NULL, // pbPrimeQ
0, // cbPrimeQ
rgbDh2048Generator,
sizeof(rgbDh2048Generator),
(PBYTE) &dhGenerator,
sizeof(dhGenerator),
SYMCRYPT_NUMBER_FORMAT_MSB_FIRST,
NULL, // pHashAlgorithm
NULL, // pbSeed
@ -356,12 +517,14 @@ SymCryptDhSecretAgreementSelftest()
SYMCRYPT_FIPS_ASSERT( pkKey1 != NULL );
scError = SymCryptDlkeySetValue(
rgbDh2048PrivateKey1,
sizeof(rgbDh2048PrivateKey1),
rgbDh2048PublicKey1,
sizeof(rgbDh2048PublicKey1),
dhKey1.private,
sizeof(dhKey1.private),
dhKey1.public,
sizeof(dhKey1.public),
SYMCRYPT_NUMBER_FORMAT_MSB_FIRST,
0,
SYMCRYPT_FLAG_KEY_RANGE_AND_PUBLIC_KEY_ORDER_VALIDATION |
SYMCRYPT_FLAG_KEY_KEYPAIR_REGENERATION_VALIDATION |
SYMCRYPT_FLAG_BYPASS_FIPS_SELFTEST,
pkKey1 );
SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR );
@ -369,37 +532,29 @@ SymCryptDhSecretAgreementSelftest()
SYMCRYPT_FIPS_ASSERT( pkKey2 != NULL );
scError = SymCryptDlkeySetValue(
rgbDh2048PrivateKey2,
sizeof(rgbDh2048PrivateKey2),
rgbDh2048PublicKey2,
sizeof(rgbDh2048PublicKey2),
dhKey2.private,
sizeof(dhKey2.private),
dhKey2.public,
sizeof(dhKey2.public),
SYMCRYPT_NUMBER_FORMAT_MSB_FIRST,
0,
SYMCRYPT_FLAG_KEY_RANGE_AND_PUBLIC_KEY_ORDER_VALIDATION |
SYMCRYPT_FLAG_KEY_KEYPAIR_REGENERATION_VALIDATION |
SYMCRYPT_FLAG_BYPASS_FIPS_SELFTEST,
pkKey2 );
SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR );
// Calculate secret 1 using private key 1 and public key 2
// Calculate secret using private key 1 and public key 2
scError = SymCryptDhSecretAgreement(
pkKey1,
pkKey2,
SYMCRYPT_NUMBER_FORMAT_MSB_FIRST,
SYMCRYPT_FLAG_BYPASS_FIPS_SELFTEST,
rgbSecret1,
sizeof(rgbSecret1) );
rgbSecret,
sizeof(rgbSecret) );
SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR );
// Calculate secret 2 using private key 2 and public key 1
scError = SymCryptDhSecretAgreement(
pkKey2,
pkKey1,
SYMCRYPT_NUMBER_FORMAT_MSB_FIRST,
SYMCRYPT_FLAG_BYPASS_FIPS_SELFTEST,
rgbSecret2,
sizeof(rgbSecret2) );
SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR );
// Verify that secret1 == secret2
SYMCRYPT_FIPS_ASSERT( memcmp( rgbSecret1, rgbSecret2, sizeof(rgbSecret1) ) == 0 );
SYMCRYPT_FIPS_ASSERT( sizeof(rgbSecret) == sizeof(rgbDhKnownSecret) );
SYMCRYPT_FIPS_ASSERT( memcmp( rgbSecret, rgbDhKnownSecret, sizeof(rgbDhKnownSecret) ) == 0 );
SymCryptDlkeyFree( pkKey2 );
SymCryptDlkeyFree( pkKey1 );
@ -433,7 +588,9 @@ SymCryptEcDhSecretAgreementSelftest( )
sizeof(eckey1.Qx) + sizeof(eckey1.Qy),
SYMCRYPT_NUMBER_FORMAT_MSB_FIRST,
SYMCRYPT_ECPOINT_FORMAT_XY,
0, // flags
SYMCRYPT_FLAG_KEY_RANGE_AND_PUBLIC_KEY_ORDER_VALIDATION |
SYMCRYPT_FLAG_KEY_KEYPAIR_REGENERATION_VALIDATION |
SYMCRYPT_FLAG_BYPASS_FIPS_SELFTEST,
pkKey1);
SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR );
@ -447,7 +604,9 @@ SymCryptEcDhSecretAgreementSelftest( )
sizeof(eckey2.Qx) + sizeof(eckey2.Qy),
SYMCRYPT_NUMBER_FORMAT_MSB_FIRST,
SYMCRYPT_ECPOINT_FORMAT_XY,
0, // flags
SYMCRYPT_FLAG_KEY_RANGE_AND_PUBLIC_KEY_ORDER_VALIDATION |
SYMCRYPT_FLAG_KEY_KEYPAIR_REGENERATION_VALIDATION |
SYMCRYPT_FLAG_BYPASS_FIPS_SELFTEST,
pkKey2);
SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR );
@ -472,6 +631,7 @@ SymCryptEcDhSecretAgreementSelftest( )
SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR );
// Verify secret 1 == secret 2
SYMCRYPT_FIPS_ASSERT( memcmp(rgbSecret1, rgbEcdhKnownSecret, sizeof(rgbSecret1)) == 0);
SYMCRYPT_FIPS_ASSERT( memcmp(rgbSecret1, rgbSecret2, sizeof(rgbSecret1)) == 0 );
SymCryptEckeyFree( pkKey2 );
@ -481,57 +641,84 @@ SymCryptEcDhSecretAgreementSelftest( )
VOID
SYMCRYPT_CALL
SymCryptDsaPairwiseSelftest(
_In_ PCSYMCRYPT_DLKEY pkCallerKey )
SymCryptDsaSelftest( )
{
SYMCRYPT_ERROR scError = SYMCRYPT_NO_ERROR;
BYTE rbHashValue[SYMCRYPT_SHA256_RESULT_SIZE];
SIZE_T cbHashValue = sizeof(rbHashValue);
PSYMCRYPT_DLGROUP pDlgroup = NULL;
PSYMCRYPT_DLKEY pkDlkey = NULL;
PBYTE pbSignature = NULL;
SIZE_T cbSignature = 0;
BYTE rgbSignature[2 * sizeof(dsaKey.private)];
scError = SymCryptCallbackRandom( rbHashValue, cbHashValue );
pDlgroup = SymCryptDlgroupAllocate(
sizeof(dsaDlgroup.primeP) * 8,
sizeof(dsaDlgroup.primeQ) * 8);
SYMCRYPT_FIPS_ASSERT(pDlgroup != NULL);
scError = SymCryptDlgroupSetValue(
dsaDlgroup.primeP,
sizeof(dsaDlgroup.primeP),
dsaDlgroup.primeQ,
sizeof(dsaDlgroup.primeQ),
dsaDlgroup.generator,
sizeof(dsaDlgroup.generator),
SYMCRYPT_NUMBER_FORMAT_MSB_FIRST,
SymCryptSha256Algorithm,
dsaDlgroup.seed,
sizeof(dsaDlgroup.seed),
dsaDlgroup.counter,
SYMCRYPT_DLGROUP_FIPS_LATEST,
pDlgroup);
SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR );
cbSignature = 2 * SymCryptDlkeySizeofPrivateKey( pkCallerKey );
pbSignature = SymCryptCallbackAlloc( cbSignature );
SYMCRYPT_FIPS_ASSERT( pbSignature != NULL );
pkDlkey = SymCryptDlkeyAllocate( pDlgroup );
SYMCRYPT_FIPS_ASSERT( pkDlkey != NULL );
scError = SymCryptDlkeySetValue(
dsaKey.private,
sizeof(dsaKey.private),
dsaKey.public,
sizeof(dsaKey.public),
SYMCRYPT_NUMBER_FORMAT_MSB_FIRST,
SYMCRYPT_FLAG_KEY_RANGE_AND_PUBLIC_KEY_ORDER_VALIDATION |
SYMCRYPT_FLAG_KEY_KEYPAIR_REGENERATION_VALIDATION |
SYMCRYPT_FLAG_BYPASS_FIPS_SELFTEST,
pkDlkey );
SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR );
scError = SymCryptDsaSign(
pkCallerKey,
rbHashValue,
cbHashValue,
pkDlkey,
rgbSha256Hash,
sizeof(rgbSha256Hash),
SYMCRYPT_NUMBER_FORMAT_MSB_FIRST,
0,
pbSignature,
cbSignature );
rgbSignature,
sizeof(rgbSignature) );
SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR );
scError = SymCryptDsaVerify(
pkCallerKey,
rbHashValue,
cbHashValue,
pbSignature,
cbSignature,
pkDlkey,
rgbSha256Hash,
sizeof(rgbSha256Hash),
rgbSignature,
sizeof(rgbSignature),
SYMCRYPT_NUMBER_FORMAT_MSB_FIRST,
0 );
SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR );
SymCryptCallbackFree( pbSignature );
SymCryptDlkeyFree( pkDlkey );
SymCryptDlgroupFree( pDlgroup );
}
VOID
SYMCRYPT_CALL
SymCryptEcDsaPairwiseSelftest( )
SymCryptEcDsaSelftest( )
{
SYMCRYPT_ERROR scError = SYMCRYPT_NO_ERROR;
PSYMCRYPT_ECURVE pCurve = NULL;
PSYMCRYPT_ECKEY pkEckey = NULL;
BYTE rgbHashValue[SYMCRYPT_SHA256_RESULT_SIZE];
BYTE rgbSignature[2 * SymCryptEcurveParamsNistP256->cbFieldLength];
pCurve = SymCryptEcurveAllocate( SymCryptEcurveParamsNistP256, 0 );
@ -547,17 +734,16 @@ SymCryptEcDsaPairwiseSelftest( )
sizeof(eckey1.Qx) + sizeof(eckey1.Qy),
SYMCRYPT_NUMBER_FORMAT_MSB_FIRST,
SYMCRYPT_ECPOINT_FORMAT_XY,
0, // flags
SYMCRYPT_FLAG_KEY_RANGE_AND_PUBLIC_KEY_ORDER_VALIDATION |
SYMCRYPT_FLAG_KEY_KEYPAIR_REGENERATION_VALIDATION |
SYMCRYPT_FLAG_BYPASS_FIPS_SELFTEST,
pkEckey);
SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR );
scError = SymCryptCallbackRandom( rgbHashValue, sizeof(rgbHashValue) );
SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR );
scError = SymCryptEcDsaSign(
pkEckey,
rgbHashValue,
sizeof(rgbHashValue),
rgbSha256Hash,
sizeof(rgbSha256Hash),
SYMCRYPT_NUMBER_FORMAT_MSB_FIRST,
0,
rgbSignature,
@ -566,8 +752,8 @@ SymCryptEcDsaPairwiseSelftest( )
scError = SymCryptEcDsaVerify(
pkEckey,
rgbHashValue,
sizeof(rgbHashValue),
rgbSha256Hash,
sizeof(rgbSha256Hash),
rgbSignature,
sizeof(rgbSignature),
SYMCRYPT_NUMBER_FORMAT_MSB_FIRST,
@ -580,7 +766,7 @@ SymCryptEcDsaPairwiseSelftest( )
VOID
SYMCRYPT_CALL
SymCryptRsaPairwiseSelftest( )
SymCryptRsaSelftest( )
{
SYMCRYPT_ERROR scError = SYMCRYPT_NO_ERROR;
@ -610,14 +796,14 @@ SymCryptRsaPairwiseSelftest( )
cbPrimes,
sizeof(cbPrimes) / sizeof(cbPrimes[0]),
SYMCRYPT_NUMBER_FORMAT_MSB_FIRST,
0,
SYMCRYPT_FLAG_BYPASS_FIPS_SELFTEST,
pkRsakey );
SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR );
scError = SymCryptRsaPkcs1Sign(
pkRsakey,
rgbRsaSignVerifyHash,
sizeof(rgbRsaSignVerifyHash),
rgbSha256Hash,
sizeof(rgbSha256Hash),
SymCryptSha256OidList,
SYMCRYPT_SHA256_OID_COUNT,
0,
@ -627,13 +813,10 @@ SymCryptRsaPairwiseSelftest( )
&cbSignature );
SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR );
SYMCRYPT_FIPS_ASSERT( cbSignature == sizeof(rgbKnownSignature) );
SYMCRYPT_FIPS_ASSERT( memcmp(rgbSignature, rgbKnownSignature, cbSignature ) == 0);
scError = SymCryptRsaPkcs1Verify(
pkRsakey,
rgbRsaSignVerifyHash,
sizeof(rgbRsaSignVerifyHash),
rgbSha256Hash,
sizeof(rgbSha256Hash),
rgbSignature,
cbSignature,
SYMCRYPT_NUMBER_FORMAT_MSB_FIRST,

10
lib/rsakey.c
Просмотреть файл

@ -516,13 +516,7 @@ SymCryptRsakeyGenerate(
UNREFERENCED_PARAMETER( flags );
if( SYMCRYPT_DO_FIPS_SELFTESTS &&
((g_SymCryptFipsSelftestsPerformed & SYMCRYPT_SELFTEST_RSA) == 0) )
{
SymCryptRsaPairwiseSelftest( );
ATOMIC_OR32( &g_SymCryptFipsSelftestsPerformed, SYMCRYPT_SELFTEST_RSA );
}
SYMCRYPT_ON_DEMAND_SELFTEST(SymCryptRsaSelftest, SYMCRYPT_SELFTEST_RSA);
// Handle the default exponent case
if( pu64PubExp == NULL && nPubExp == 0 )
@ -752,6 +746,8 @@ SymCryptRsakeySetValue(
UNREFERENCED_PARAMETER( flags );
SYMCRYPT_ON_DEMAND_SELFTEST(SymCryptRsaSelftest, SYMCRYPT_SELFTEST_RSA);
// Check if the arguments are correct
if ( (pbModulus==NULL) || (cbModulus==0) || // Modulus is needed
(nPubExp != 1) || (pu64PubExp==NULL) || // Exactly 1 public exponent is needed

12
lib/sc_lib.h
Просмотреть файл

@ -3010,6 +3010,18 @@ SymCryptFdefMontgomeryReduceMulx1024(
// SymCryptDhSecretAgreementSelftest which calls SymCryptDhSecretAgreement.)
#define SYMCRYPT_FLAG_BYPASS_FIPS_SELFTEST (1 << 31)
// Macro for executing a selftest and setting the corresponding flag
#define SYMCRYPT_ON_DEMAND_SELFTEST(SelftestFunction, SelftestFlag) \
if( SYMCRYPT_DO_FIPS_SELFTESTS && \
((flags & SYMCRYPT_FLAG_BYPASS_FIPS_SELFTEST) == 0) && \
((g_SymCryptFipsSelftestsPerformed & SelftestFlag) == 0) ) \
{ \
SelftestFunction( ); \
\
ATOMIC_OR32( &g_SymCryptFipsSelftestsPerformed, SYMCRYPT_SELFTEST_DH_SECRET_AGREEMENT );\
}\
flags &= ~SYMCRYPT_FLAG_BYPASS_FIPS_SELFTEST;
typedef struct _SYMCRYPT_DLGROUP_DH_SAFEPRIME_PARAMS {
SYMCRYPT_DLGROUP_DH_SAFEPRIMETYPE eDhSafePrimeType;

6
module/oe_full/exports.ver
Просмотреть файл

@ -100,12 +100,12 @@ VERSION_100.17 {
SymCryptDlkeySizeofPrivateKey;
SymCryptDlkeySizeofPublicKey;
SymCryptDlkeyWipe;
SymCryptDsaPairwiseSelftest;
SymCryptDsaSelftest;
SymCryptDsaSign;
SymCryptDsaVerify;
SymCryptEcDhSecretAgreement;
SymCryptEcDhSecretAgreementSelftest;
SymCryptEcDsaPairwiseSelftest;
SymCryptEcDsaSelftest;
SymCryptEcDsaSign;
SymCryptEcDsaSignDeterministic;
SymCryptEcDsaSignEx;
@ -415,7 +415,7 @@ VERSION_100.17 {
SymCryptRoundUpPow2Sizet;
SymCryptRsaOaepDecrypt;
SymCryptRsaOaepEncrypt;
SymCryptRsaPairwiseSelftest;
SymCryptRsaSelftest;
SymCryptRsaPkcs1Decrypt;
SymCryptRsaPkcs1Encrypt;
SymCryptRsaPkcs1Sign;

62
unittest/exe_moduletest/moduletest.cpp
Просмотреть файл

@ -20,62 +20,6 @@ SymCryptFatal(UINT32 fatalCode)
abort();
}
VOID
SymCryptModuleTestDsaPairwise()
{
SYMCRYPT_ERROR scError = SYMCRYPT_NO_ERROR;
PSYMCRYPT_DLGROUP pDlgroup = NULL;
PSYMCRYPT_DLKEY pkDlkey = NULL;
pDlgroup = SymCryptDlgroupAllocate(
2048,
0 );
SYMCRYPT_FIPS_ASSERT( pDlgroup != NULL );
scError = SymCryptDlgroupGenerate( SymCryptSha256Algorithm, SYMCRYPT_DLGROUP_FIPS_LATEST, pDlgroup );
SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR );
pkDlkey = SymCryptDlkeyAllocate( pDlgroup );
SYMCRYPT_FIPS_ASSERT( pkDlkey != NULL );
// SymCryptDlkeyGenerate will call the selftest
scError = SymCryptDlkeyGenerate( 0, pkDlkey );
SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR );
// Verify that the selftest flag was set
SYMCRYPT_FIPS_ASSERT( (g_SymCryptFipsSelftestsPerformed & SYMCRYPT_SELFTEST_DSA) != 0);
SymCryptDlkeyFree( pkDlkey );
SymCryptDlgroupFree( pDlgroup );
}
/*
VOID
SymCryptModuleTestEcDsaPairwise()
{
SYMCRYPT_ERROR scError = SYMCRYPT_NO_ERROR;
PSYMCRYPT_ECURVE pCurve = NULL;
PSYMCRYPT_ECKEY pkKey = NULL;
pCurve = SymCryptEcurveAllocate( SymCryptEcurveParamsNistP256, 0 );
SYMCRYPT_FIPS_ASSERT( pCurve != NULL );
pkKey = SymCryptEckeyAllocate( pCurve );
SYMCRYPT_FIPS_ASSERT( pkKey != NULL );
// SymCryptEckeySetRandom will call the selftest
scError = SymCryptEckeySetRandom( 0, pkKey );
SYMCRYPT_FIPS_ASSERT( scError == SYMCRYPT_NO_ERROR );
// Verify that the selftest flag was set
SYMCRYPT_FIPS_ASSERT( (g_SymCryptFipsSelftestsPerformed & SYMCRYPT_SELFTEST_ECDSA) != 0 );
SymCryptEckeyFree( pkKey );
SymCryptEcurveFree( pCurve );
}
*/
int
main( int argc, _In_reads_( argc ) char * argv[] )
{
@ -93,9 +37,9 @@ main( int argc, _In_reads_( argc ) char * argv[] )
SymCryptDhSecretAgreementSelftest();
SymCryptEcDhSecretAgreementSelftest();
SymCryptModuleTestDsaPairwise();
SymCryptEcDsaPairwiseSelftest();
SymCryptRsaPairwiseSelftest();
SymCryptDsaSelftest();
SymCryptEcDsaSelftest();
SymCryptRsaSelftest();
}
printf( "Success!\n" );