summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGarrett D'Amore <garrett@nexenta.com>2010-09-12 10:25:50 -0700
committerGarrett D'Amore <garrett@nexenta.com>2010-09-12 10:25:50 -0700
commit6ea3c0609e50782557505b88bb391b786bca32c9 (patch)
treee5aa493b37991b2e12f8cdbeca325b8ab1c39c3f
parentfe4be5acd083aa938dc37365d54b7fc4c0544d43 (diff)
downloadillumos-gate-6ea3c0609e50782557505b88bb391b786bca32c9.tar.gz
6 Need open kcfd
Reviewed by: gwr@nexenta.com, richlowe@richlowe.net, matt@greenviolet.net Approved by: richlowe@richlowe.net
-rw-r--r--usr/src/cmd/cmd-crypto/cryptoadm/Makefile3
-rw-r--r--usr/src/cmd/cmd-crypto/cryptoadm/adm_fips_hw.c328
-rw-r--r--usr/src/cmd/cmd-crypto/cryptoadm/adm_kef.c15
-rw-r--r--usr/src/cmd/cmd-crypto/cryptoadm/adm_kef_ioctl.c155
-rw-r--r--usr/src/cmd/cmd-crypto/cryptoadm/adm_uef.c44
-rw-r--r--usr/src/cmd/cmd-crypto/cryptoadm/cryptoadm.c108
-rw-r--r--usr/src/cmd/cmd-crypto/cryptoadm/cryptoadm.h12
-rw-r--r--usr/src/cmd/cmd-crypto/cryptoadm/start_stop.c100
-rw-r--r--usr/src/cmd/cmd-crypto/scripts/cryptosvc.xml8
-rw-r--r--usr/src/common/bignum/bignum.h5
-rw-r--r--usr/src/common/crypto/aes/aes_impl.h60
-rw-r--r--usr/src/common/crypto/des/des_impl.h52
-rw-r--r--usr/src/common/crypto/dsa/dsa_impl.h22
-rw-r--r--usr/src/common/crypto/fips/fips_addchecksum.c256
-rw-r--r--usr/src/common/crypto/fips/fips_aes_util.c1361
-rw-r--r--usr/src/common/crypto/fips/fips_checksum.c346
-rw-r--r--usr/src/common/crypto/fips/fips_checksum.h70
-rw-r--r--usr/src/common/crypto/fips/fips_des_util.c660
-rw-r--r--usr/src/common/crypto/fips/fips_dsa_util.c259
-rw-r--r--usr/src/common/crypto/fips/fips_ecc_util.c282
-rw-r--r--usr/src/common/crypto/fips/fips_post.h63
-rw-r--r--usr/src/common/crypto/fips/fips_random_util.c89
-rw-r--r--usr/src/common/crypto/fips/fips_rsa_util.c675
-rw-r--r--usr/src/common/crypto/fips/fips_sha1_util.c327
-rw-r--r--usr/src/common/crypto/fips/fips_sha2_util.c792
-rw-r--r--usr/src/common/crypto/fips/fips_test_vectors.c1594
-rw-r--r--usr/src/common/crypto/fips/fips_test_vectors.h246
-rw-r--r--usr/src/common/crypto/rsa/rsa_impl.h34
-rw-r--r--usr/src/common/crypto/sha1/sha1_impl.h21
-rw-r--r--usr/src/common/crypto/sha2/sha2_impl.h23
-rw-r--r--usr/src/lib/libcryptoutil/common/config_parsing.c62
-rw-r--r--usr/src/lib/libcryptoutil/common/cryptoutil.h5
-rw-r--r--usr/src/lib/libcryptoutil/common/mapfile-vers1
-rw-r--r--usr/src/lib/pkcs11/libpkcs11/common/pkcs11Conf.c265
-rw-r--r--usr/src/lib/pkcs11/pkcs11_softtoken/Makefile.com26
-rw-r--r--usr/src/lib/pkcs11/pkcs11_softtoken/common/softFipsPost.c160
-rw-r--r--usr/src/lib/pkcs11/pkcs11_softtoken/common/softFipsPostUtil.c175
-rw-r--r--usr/src/lib/pkcs11/pkcs11_softtoken/common/softGeneral.c12
-rw-r--r--usr/src/lib/pkcs11/pkcs11_softtoken/common/softGlobal.h3
-rw-r--r--usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeysUtil.c29
-rw-r--r--usr/src/pkg/manifests/SUNWcs.mf1
-rw-r--r--usr/src/tools/Makefile3
-rw-r--r--usr/src/tools/fips_addchecksum/Makefile65
-rw-r--r--usr/src/tools/scripts/nightly.sh335
-rw-r--r--usr/src/uts/Makefile.uts6
-rw-r--r--usr/src/uts/common/Makefile.files16
-rw-r--r--usr/src/uts/common/Makefile.rules7
-rw-r--r--usr/src/uts/common/bignum/bignum_mod.c12
-rw-r--r--usr/src/uts/common/crypto/api/kcf_random.c49
-rw-r--r--usr/src/uts/common/crypto/core/kcf.c604
-rw-r--r--usr/src/uts/common/crypto/core/kcf_prov_tabs.c52
-rw-r--r--usr/src/uts/common/crypto/core/kcf_sched.c335
-rw-r--r--usr/src/uts/common/crypto/io/aes.c38
-rw-r--r--usr/src/uts/common/crypto/io/cryptoadm.c162
-rw-r--r--usr/src/uts/common/crypto/io/ecc.c97
-rw-r--r--usr/src/uts/common/crypto/io/rsa.c24
-rw-r--r--usr/src/uts/common/crypto/io/sha1_mod.c19
-rw-r--r--usr/src/uts/common/crypto/io/sha2_mod.c19
-rw-r--r--usr/src/uts/common/crypto/io/swrand.c19
-rw-r--r--usr/src/uts/common/crypto/spi/kcf_spi.c72
-rw-r--r--usr/src/uts/common/des/des_crypt.c21
-rw-r--r--usr/src/uts/common/sys/crypto/elfsign.h24
-rw-r--r--usr/src/uts/common/sys/crypto/impl.h12
-rw-r--r--usr/src/uts/common/sys/crypto/sched_impl.h32
-rw-r--r--usr/src/uts/common/sys/random.h11
-rw-r--r--usr/src/uts/sparc/bignum/Makefile6
-rw-r--r--usr/src/uts/sun4v/n2rng/Makefile5
67 files changed, 190 insertions, 10604 deletions
diff --git a/usr/src/cmd/cmd-crypto/cryptoadm/Makefile b/usr/src/cmd/cmd-crypto/cryptoadm/Makefile
index 96626326eb..e2cf6ee838 100644
--- a/usr/src/cmd/cmd-crypto/cryptoadm/Makefile
+++ b/usr/src/cmd/cmd-crypto/cryptoadm/Makefile
@@ -20,6 +20,7 @@
#
# Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
#
+# Copyright 2010 Nexenta Systems, Inc. All rights reserved.
PROG = cryptoadm
@@ -28,9 +29,7 @@ OBJS = cryptoadm.o \
adm_kef.o \
adm_kef_ioctl.o \
adm_kef_util.o \
- adm_fips_hw.o \
adm_util.o \
- start_stop.o \
adm_metaslot.o
SRCS = $(OBJS:.o=.c)
diff --git a/usr/src/cmd/cmd-crypto/cryptoadm/adm_fips_hw.c b/usr/src/cmd/cmd-crypto/cryptoadm/adm_fips_hw.c
deleted file mode 100644
index 58daa5303c..0000000000
--- a/usr/src/cmd/cmd-crypto/cryptoadm/adm_fips_hw.c
+++ /dev/null
@@ -1,328 +0,0 @@
-/*
- * CDDL HEADER START
- *
- * The contents of this file are subject to the terms of the
- * Common Development and Distribution License (the "License").
- * You may not use this file except in compliance with the License.
- *
- * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
- * or http://www.opensolaris.org/os/licensing.
- * See the License for the specific language governing permissions
- * and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL HEADER in each
- * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
- * If applicable, add the following below this CDDL HEADER, with the
- * fields enclosed by brackets "[]" replaced with your own identifying
- * information: Portions Copyright [yyyy] [name of copyright owner]
- *
- * CDDL HEADER END
- */
-/*
- * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
- */
-
-#include <fcntl.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <strings.h>
-#include <unistd.h>
-#include <locale.h>
-#include <libgen.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <zone.h>
-#include <sys/crypto/ioctladmin.h>
-#include "cryptoadm.h"
-
-#define HW_CONF_DIR "/platform/sun4v/kernel/drv"
-
-
-/* Get FIPS-140 status from .conf */
-int
-fips_hw_status(char *filename, char *property, int *hw_fips_mode)
-{
- FILE *pfile;
- char buffer[BUFSIZ];
- char *str = NULL;
- char *cursor = NULL;
-
- /* Open the .conf file */
- if ((pfile = fopen(filename, "r")) == NULL) {
- cryptodebug("failed to open %s for write.", filename);
- return (FAILURE);
- }
-
- while (fgets(buffer, BUFSIZ, pfile) != NULL) {
- if (buffer[0] == '#') {
- /* skip comments */
- continue;
- }
-
- /* find the property string */
- if ((str = strstr(buffer, property)) == NULL) {
- /* didn't find the property string in this line */
- continue;
- }
-
- cursor = strtok(str, "= ;");
- cursor = strtok(NULL, "= ;");
- if (cursor == NULL) {
- cryptoerror(LOG_STDERR, gettext(
- "Invalid config file contents: %s."), filename);
- (void) fclose(pfile);
- return (FAILURE);
- }
- *hw_fips_mode = atoi(cursor);
- (void) fclose(pfile);
- return (SUCCESS);
- }
-
- /*
- * If the fips property is not found in the config file,
- * FIPS mode is false by default.
- */
- *hw_fips_mode = CRYPTO_FIPS_MODE_DISABLED;
- (void) fclose(pfile);
-
- return (SUCCESS);
-}
-
-/*
- * Update the HW .conf file with the updated entry.
- */
-int
-fips_update_hw_conf(char *filename, char *property, int action)
-{
- FILE *pfile;
- FILE *pfile_tmp;
- char buffer[BUFSIZ];
- char buffer2[BUFSIZ];
- char *tmpfile_name = NULL;
- char *str = NULL;
- char *cursor = NULL;
- int rc = SUCCESS;
- boolean_t found = B_FALSE;
-
- /* Open the .conf file */
- if ((pfile = fopen(filename, "r+")) == NULL) {
- cryptoerror(LOG_STDERR,
- gettext("failed to update the configuration - %s"),
- strerror(errno));
- cryptodebug("failed to open %s for write.", filename);
- return (FAILURE);
- }
-
- /* Lock the .conf file */
- if (lockf(fileno(pfile), F_TLOCK, 0) == -1) {
- cryptoerror(LOG_STDERR,
- gettext("failed to update the configuration - %s"),
- strerror(errno));
- cryptodebug(gettext("failed to lock %s"), filename);
- (void) fclose(pfile);
- return (FAILURE);
- }
-
- /*
- * Create a temporary file to save updated configuration file first.
- */
- tmpfile_name = tempnam(HW_CONF_DIR, NULL);
- if ((pfile_tmp = fopen(tmpfile_name, "w")) == NULL) {
- cryptoerror(LOG_STDERR, gettext("failed to open %s - %s"),
- tmpfile_name, strerror(errno));
- free(tmpfile_name);
- (void) fclose(pfile);
- return (FAILURE);
- }
-
-
- /*
- * Loop thru entire .conf file, update the entry to be
- * updated and save the updated file to the temporary file first.
- */
- while (fgets(buffer, BUFSIZ, pfile) != NULL) {
- if (buffer[0] == '#') {
- /* comments: write to the file without modification */
- goto write_to_tmp;
- }
-
- (void) strlcpy(buffer2, buffer, BUFSIZ);
-
- /* find the property string */
- if ((str = strstr(buffer2, property)) == NULL) {
- /*
- * Didn't find the property string in this line.
- * Write to the file without modification.
- */
- goto write_to_tmp;
- }
-
- found = B_TRUE;
-
- cursor = strtok(str, "= ;");
- cursor = strtok(NULL, "= ;");
- if (cursor == NULL) {
- cryptoerror(LOG_STDERR, gettext(
- "Invalid config file contents %s: %s."),
- filename, strerror(errno));
- goto errorexit;
- }
-
- cursor = buffer + (cursor - buffer2);
- *cursor = (action == FIPS140_ENABLE) ? '1' : '0';
-
-write_to_tmp:
-
- if (fputs(buffer, pfile_tmp) == EOF) {
- cryptoerror(LOG_STDERR, gettext(
- "failed to write to a temp file: %s."),
- strerror(errno));
- goto errorexit;
- }
- }
-
- /* if the fips mode property is not specified, FALSE by default */
- if (found == B_FALSE) {
- (void) snprintf(buffer, BUFSIZ, "%s=%c;\n",
- property, (action == FIPS140_ENABLE) ? '1' : '0');
- if (fputs(buffer, pfile_tmp) == EOF) {
- cryptoerror(LOG_STDERR, gettext(
- "failed to write to a tmp file: %s."),
- strerror(errno));
- goto errorexit;
- }
- }
-
- (void) fclose(pfile);
- if (fclose(pfile_tmp) != 0) {
- cryptoerror(LOG_STDERR,
- gettext("failed to close %s: %s"), tmpfile_name,
- strerror(errno));
- free(tmpfile_name);
- return (FAILURE);
- }
-
- /* Copy the temporary file to the .conf file */
- if (rename(tmpfile_name, filename) == -1) {
- cryptoerror(LOG_STDERR,
- gettext("failed to update the configuration - %s"),
- strerror(errno));
- cryptodebug("failed to rename %s to %s: %s", tmpfile_name,
- filename, strerror(errno));
- rc = FAILURE;
- } else if (chmod(filename,
- S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH) == -1) {
- cryptoerror(LOG_STDERR,
- gettext("failed to update the configuration - %s"),
- strerror(errno));
- cryptodebug("failed to chmod to %s: %s", filename,
- strerror(errno));
- rc = FAILURE;
- } else {
- rc = SUCCESS;
- }
-
- if ((rc == FAILURE) && (unlink(tmpfile_name) != 0)) {
- cryptoerror(LOG_STDERR, gettext(
- "(Warning) failed to remove %s: %s"),
- tmpfile_name, strerror(errno));
- }
-
- free(tmpfile_name);
- return (rc);
-
-errorexit:
- (void) fclose(pfile);
- (void) fclose(pfile_tmp);
- free(tmpfile_name);
-
- return (FAILURE);
-}
-
-
-/*
- * Perform the FIPS related actions
- */
-int
-do_fips_hw_actions(int action, int provider)
-{
- int rc = SUCCESS;
- int fips_mode = 0;
- char *filename;
- char *propname;
- char *provname;
-
- switch (provider) {
- case HW_PROVIDER_NCP:
- filename = "/platform/sun4v/kernel/drv/ncp.conf";
- propname = "ncp-fips-140";
- provname = "ncp";
- break;
- case HW_PROVIDER_N2CP:
- filename = "/platform/sun4v/kernel/drv/n2cp.conf";
- propname = "n2cp-fips-140";
- provname = "n2cp";
- break;
- case HW_PROVIDER_N2RNG:
- filename = "/platform/sun4v/kernel/drv/n2rng.conf";
- propname = "n2rng-fips-140";
- provname = "n2rng";
- break;
- default:
- (void) printf(gettext("Internal Error: Invalid HW "
- "provider [%d] specified.\n"));
- return (FAILURE);
- }
-
- /* Get FIPS-140 status from .conf */
- if (fips_hw_status(filename, propname, &fips_mode) != SUCCESS) {
- return (FAILURE);
- }
-
- if (action == FIPS140_STATUS) {
- if (fips_mode == CRYPTO_FIPS_MODE_ENABLED)
- (void) printf(gettext(
- "%s: FIPS-140 mode is enabled.\n"), provname);
- else
- (void) printf(gettext(
- "%s: FIPS-140 mode is disabled.\n"), provname);
- return (SUCCESS);
- }
-
- /* Is it a duplicate operation? */
- if ((action == FIPS140_ENABLE) &&
- (fips_mode == CRYPTO_FIPS_MODE_ENABLED)) {
- (void) printf(
- gettext("%s: FIPS-140 mode has already been enabled.\n"),
- provname);
- return (FAILURE);
- }
-
- if ((action == FIPS140_DISABLE) &&
- (fips_mode == CRYPTO_FIPS_MODE_DISABLED)) {
- (void) printf(
- gettext("%s: FIPS-140 mode has already been disabled.\n"),
- provname);
- return (FAILURE);
- }
-
- if ((action == FIPS140_ENABLE) || (action == FIPS140_DISABLE)) {
- /* Update .conf */
- if ((rc = fips_update_hw_conf(filename, propname, action))
- != SUCCESS)
- return (rc);
- }
-
- /* No need to inform kernel */
- if (action == FIPS140_ENABLE) {
- (void) printf(gettext(
- "%s: FIPS-140 mode was enabled successfully.\n"),
- provname);
- } else {
- (void) printf(gettext(
- "%s: FIPS-140 mode was disabled successfully.\n"),
- provname);
- }
-
- return (SUCCESS);
-}
diff --git a/usr/src/cmd/cmd-crypto/cryptoadm/adm_kef.c b/usr/src/cmd/cmd-crypto/cryptoadm/adm_kef.c
index 370eeab5ae..cd3737cc24 100644
--- a/usr/src/cmd/cmd-crypto/cryptoadm/adm_kef.c
+++ b/usr/src/cmd/cmd-crypto/cryptoadm/adm_kef.c
@@ -1195,21 +1195,6 @@ refresh(void)
}
}
- /*
- * handle fips_status=enabled|disabled
- */
- {
- int pkcs11_fips_mode = 0;
-
- /* Get FIPS-140 status from pkcs11.conf */
- fips_status_pkcs11conf(&pkcs11_fips_mode);
- if (pkcs11_fips_mode == CRYPTO_FIPS_MODE_ENABLED) {
- rc = do_fips_actions(FIPS140_ENABLE, REFRESH);
- } else {
- rc = do_fips_actions(FIPS140_DISABLE, REFRESH);
- }
- }
-
(void) close(fd);
return (rc);
}
diff --git a/usr/src/cmd/cmd-crypto/cryptoadm/adm_kef_ioctl.c b/usr/src/cmd/cmd-crypto/cryptoadm/adm_kef_ioctl.c
index 13f03f4d61..a65316abbc 100644
--- a/usr/src/cmd/cmd-crypto/cryptoadm/adm_kef_ioctl.c
+++ b/usr/src/cmd/cmd-crypto/cryptoadm/adm_kef_ioctl.c
@@ -21,6 +21,9 @@
/*
* Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
*/
+/*
+ * Copyright 2010 Nexenta Systems, Inc. All rights reserved.
+ */
#include <fcntl.h>
#include <stdio.h>
@@ -38,44 +41,8 @@
#define DEFAULT_DEV_NUM 5
#define DEFAULT_SOFT_NUM 10
-#define NUM_FIPS_SW_PROV \
- (sizeof (fips_sw_providers) / sizeof (char *))
-
-static char *fips_sw_providers[] = {
- "des",
- "aes",
- "ecc",
- "sha1",
- "sha2",
- "rsa",
- "swrand"
-};
-
static crypto_get_soft_info_t *setup_get_soft_info(char *, int);
-static void
-fips_sw_printf(const char *format, ...)
-{
- va_list ap;
- char message[1024];
- int i;
-
- va_start(ap, format);
- (void) snprintf(message, sizeof (message), format, ap);
- va_end(ap);
-
- (void) printf(gettext("\nUser-level providers:\n"));
- (void) printf(gettext("=====================\n"));
- (void) printf(gettext("/usr/lib/security/$ISA/pkcs11_softtoken: %s\n"),
- message);
- (void) printf(gettext("\nKernel software providers:\n"));
- (void) printf(gettext("==========================\n"));
- for (i = 0; i < NUM_FIPS_SW_PROV; i++) {
- (void) printf(gettext("%s: %s\n"),
- fips_sw_providers[i], message);
- }
-}
-
/*
* Prepare the argument for the LOAD_SOFT_CONFIG ioctl call for the
* provider pointed by pent. Return NULL if out of memory.
@@ -641,119 +608,3 @@ get_soft_list(crypto_get_soft_list_t **ppsoftlist)
(void) close(fd);
return (SUCCESS);
}
-
-/*
- * Perform the FIPS related actions
- */
-int
-do_fips_actions(int action, int caller)
-{
-
- crypto_fips140_t fips_info;
- int fd;
- int rc = SUCCESS;
- int pkcs11_fips_mode = 0;
-
- /* Get FIPS-140 status from pkcs11.conf */
- fips_status_pkcs11conf(&pkcs11_fips_mode);
-
- if (action == FIPS140_STATUS) {
- if (pkcs11_fips_mode == CRYPTO_FIPS_MODE_ENABLED)
- fips_sw_printf(gettext("FIPS-140 mode is enabled."));
- else
- fips_sw_printf(gettext("FIPS-140 mode is disabled."));
- return (SUCCESS);
- }
-
- if (caller == NOT_REFRESH) {
- /* Is it a duplicate operation? */
- if ((action == FIPS140_ENABLE) &&
- (pkcs11_fips_mode == CRYPTO_FIPS_MODE_ENABLED)) {
- fips_sw_printf(gettext("FIPS-140 mode has already "
- "been enabled."));
- return (FAILURE);
- }
-
- if ((action == FIPS140_DISABLE) &&
- (pkcs11_fips_mode == CRYPTO_FIPS_MODE_DISABLED)) {
- fips_sw_printf(gettext("FIPS-140 mode has already "
- "been disabled."));
- return (FAILURE);
- }
-
- if ((action == FIPS140_ENABLE) || (action == FIPS140_DISABLE)) {
- /* Update pkcs11.conf */
- if ((rc = fips_update_pkcs11conf(action)) != SUCCESS)
- return (rc);
- }
-
- /* No need to inform kernel */
- if (action == FIPS140_ENABLE) {
- fips_sw_printf(gettext("FIPS-140 mode was enabled "
- "successfully."));
- } else {
- fips_sw_printf(gettext("FIPS-140 mode was disabled "
- "successfully."));
- }
-
- return (SUCCESS);
-
- }
-
- /* This is refresh, need to inform kernel */
- (void) memset(&fips_info, 0, sizeof (crypto_fips140_t));
-
- if ((fd = open(ADMIN_IOCTL_DEVICE, O_RDONLY)) == -1) {
- cryptoerror(LOG_STDERR, gettext("failed to open %s: %s"),
- ADMIN_IOCTL_DEVICE, strerror(errno));
- return (FAILURE);
- }
-
- switch (action) {
- case FIPS140_ENABLE:
- /* make CRYPTO_FIPS_SET ioctl call */
- fips_info.fips140_op = FIPS140_ENABLE;
- if ((rc = ioctl(fd, CRYPTO_FIPS140_SET, &fips_info)) == -1) {
- cryptodebug("CRYPTO_FIPS140_ENABLE ioctl failed: %s",
- strerror(errno));
- rc = FAILURE;
- goto out;
- }
-
- if (fips_info.fips140_return_value != CRYPTO_SUCCESS) {
- cryptodebug("CRYPTO_FIPS140_ENABLE ioctl failed, "
- "return_value = %d",
- fips_info.fips140_return_value);
- rc = FAILURE;
- }
-
- break;
-
- case FIPS140_DISABLE:
- /* make CRYPTO_FIPS140_SET ioctl call */
- fips_info.fips140_op = FIPS140_DISABLE;
- if ((rc = ioctl(fd, CRYPTO_FIPS140_SET, &fips_info)) == -1) {
- cryptodebug("CRYPTO_FIPS140_DISABLE ioctl failed: %s",
- strerror(errno));
- rc = FAILURE;
- goto out;
- }
-
- if (fips_info.fips140_return_value != CRYPTO_SUCCESS) {
- cryptodebug("CRYPTO_FIPS140_DISABLE ioctl failed, "
- "return_value = %d",
- fips_info.fips140_return_value);
- rc = FAILURE;
- }
-
- break;
-
- default:
- rc = FAILURE;
- break;
- };
-
-out:
- (void) close(fd);
- return (rc);
-}
diff --git a/usr/src/cmd/cmd-crypto/cryptoadm/adm_uef.c b/usr/src/cmd/cmd-crypto/cryptoadm/adm_uef.c
index 88f3787aa4..47d0ab51f0 100644
--- a/usr/src/cmd/cmd-crypto/cryptoadm/adm_uef.c
+++ b/usr/src/cmd/cmd-crypto/cryptoadm/adm_uef.c
@@ -21,6 +21,9 @@
/*
* Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
*/
+/*
+ * Copyright 2010 Nexenta Systems, Inc. All rights resrved.
+ */
#include <cryptoutil.h>
#include <fcntl.h>
@@ -1661,44 +1664,3 @@ display_verbose_mech_header()
"- - - - - - - - - - - - - -\n",
gettext("----------------------------"));
}
-
-int
-fips_update_pkcs11conf(int action)
-{
-
- char *str;
-
- if (action == FIPS140_ENABLE)
- str = "fips-140:fips_status=enabled\n";
- else
- str = "fips-140:fips_status=disabled\n";
-
- if (update_conf(_PATH_PKCS11_CONF, str) != SUCCESS)
- return (FAILURE);
-
- return (SUCCESS);
-}
-
-void
-fips_status_pkcs11conf(int *status)
-{
-
- uentry_t *puent = NULL;
-
- if ((puent = getent_uef(FIPS_KEYWORD)) == NULL) {
- /*
- * By default (no fips-140 entry), we assume fips-140
- * mode is disabled.
- */
- *status = CRYPTO_FIPS_MODE_DISABLED;
- return;
- }
-
- if (puent->flag_fips_enabled)
- *status = CRYPTO_FIPS_MODE_ENABLED;
- else
- *status = CRYPTO_FIPS_MODE_DISABLED;
-
- return;
-
-}
diff --git a/usr/src/cmd/cmd-crypto/cryptoadm/cryptoadm.c b/usr/src/cmd/cmd-crypto/cryptoadm/cryptoadm.c
index 7c1a5778e2..989eae315a 100644
--- a/usr/src/cmd/cmd-crypto/cryptoadm/cryptoadm.c
+++ b/usr/src/cmd/cmd-crypto/cryptoadm/cryptoadm.c
@@ -207,8 +207,6 @@ usage(void)
" [mechanism=<%s>]\n",
gettext("provider-name"), gettext("mechanism-list"));
(void) fprintf(stderr,
- " cryptoadm list fips-140\n");
- (void) fprintf(stderr,
" cryptoadm disable provider=<%s>"
" mechanism=<%s> | random | all\n",
gettext("provider-name"), gettext("mechanism-list"));
@@ -217,8 +215,6 @@ usage(void)
" [auto-key-migrate] [mechanism=<%s>]\n",
gettext("mechanism-list"));
(void) fprintf(stderr,
- " cryptoadm disable fips-140\n");
- (void) fprintf(stderr,
" cryptoadm enable provider=<%s>"
" mechanism=<%s> | random | all\n",
gettext("provider-name"), gettext("mechanism-list"));
@@ -229,8 +225,6 @@ usage(void)
gettext("mechanism-list"), gettext("token-label"),
gettext("slot-description"));
(void) fprintf(stderr,
- " cryptoadm enable fips-140\n");
- (void) fprintf(stderr,
" cryptoadm install provider=<%s>\n",
gettext("provider-name"));
(void) fprintf(stderr,
@@ -547,30 +541,6 @@ do_list(int argc, char **argv)
cryptoadm_provider_t *prov = NULL;
int rc = SUCCESS;
- if ((argc == 3) && (strncmp(argv[2], FIPS_KEYWORD,
- strlen(FIPS_KEYWORD))) == 0) {
- int success_count = 0;
- /*
- * cryptoadm list fips-140
- */
- rc = do_fips_actions(FIPS140_STATUS, NOT_REFRESH);
- if (rc == SUCCESS)
- success_count++;
- (void) printf(gettext("\nKernel hardware providers:\n"));
- (void) printf(gettext("=========================:\n"));
- rc = do_fips_hw_actions(FIPS140_STATUS, HW_PROVIDER_NCP);
- if (rc == SUCCESS)
- success_count++;
- rc = do_fips_hw_actions(FIPS140_STATUS, HW_PROVIDER_N2CP);
- if (rc == SUCCESS)
- success_count++;
- rc = do_fips_hw_actions(FIPS140_STATUS, HW_PROVIDER_N2RNG);
- if (rc == SUCCESS)
- success_count++;
- /* succeed to get status from config file? */
- return ((success_count > 0) ? SUCCESS: FAILURE);
- }
-
argc -= 1;
argv += 1;
@@ -753,38 +723,6 @@ do_disable(int argc, char **argv)
int rc = SUCCESS;
boolean_t auto_key_migrate_flag = B_FALSE;
- if ((argc == 3) && (strncmp(argv[2], FIPS_KEYWORD,
- strlen(FIPS_KEYWORD))) == 0) {
- int success_count = 0;
- /*
- * cryptoadm disable fips-140
- */
- rc = do_fips_actions(FIPS140_DISABLE, NOT_REFRESH);
- if (rc == SUCCESS)
- success_count++;
- (void) printf(gettext("\nKernel hardware providers:\n"));
- (void) printf(gettext("=========================:\n"));
- rc = do_fips_hw_actions(FIPS140_DISABLE, HW_PROVIDER_NCP);
- if (rc == SUCCESS)
- success_count++;
- rc = do_fips_hw_actions(FIPS140_DISABLE, HW_PROVIDER_N2CP);
- if (rc == SUCCESS)
- success_count++;
- rc = do_fips_hw_actions(FIPS140_DISABLE, HW_PROVIDER_N2RNG);
- if (rc == SUCCESS)
- success_count++;
-
- if (success_count > 0) {
- (void) printf(gettext(
- "\nThe FIPS-140 mode has changed.\n"));
- (void) printf(gettext(
- "The system will require a reboot.\n"));
- return (SUCCESS);
- } else {
- return (FAILURE);
- }
- }
-
if ((argc < 3) || (argc > 5)) {
usage();
return (ERROR_USAGE);
@@ -904,38 +842,6 @@ do_enable(int argc, char **argv)
boolean_t use_default = B_FALSE;
boolean_t auto_key_migrate_flag = B_FALSE;
- if ((argc == 3) && (strncmp(argv[2], FIPS_KEYWORD,
- strlen(FIPS_KEYWORD))) == 0) {
- int success_count = 0;
- /*
- * cryptoadm enable fips-140
- */
- rc = do_fips_actions(FIPS140_ENABLE, NOT_REFRESH);
- if (rc == SUCCESS)
- success_count++;
- (void) printf(gettext("\nKernel hardware providers:\n"));
- (void) printf(gettext("=========================:\n"));
- rc = do_fips_hw_actions(FIPS140_ENABLE, HW_PROVIDER_NCP);
- if (rc == SUCCESS)
- success_count++;
- rc = do_fips_hw_actions(FIPS140_ENABLE, HW_PROVIDER_N2CP);
- if (rc == SUCCESS)
- success_count++;
- rc = do_fips_hw_actions(FIPS140_ENABLE, HW_PROVIDER_N2RNG);
- if (rc == SUCCESS)
- success_count++;
-
- if (success_count > 0) {
- (void) printf(gettext(
- "\nThe FIPS-140 mode has changed.\n"));
- (void) printf(gettext(
- "The system will require a reboot.\n"));
- return (SUCCESS);
- } else {
- return (FAILURE);
- }
- }
-
if ((argc < 3) || (argc > 6)) {
usage();
return (ERROR_USAGE);
@@ -1302,26 +1208,24 @@ do_refresh(int argc)
/*
* The top level function for the "cryptoadm start" subcommand.
+ * This used to start up kcfd, but now all it does is load up the
+ * initial providers.
*/
static int
do_start(int argc)
{
- int ret;
-
if (argc != 2) {
usage();
return (ERROR_USAGE);
}
- ret = do_refresh(argc);
- if (ret != SUCCESS)
- return (ret);
-
- return (start_daemon());
+ return (do_refresh(argc));
}
/*
* The top level function for the "cryptoadm stop" subcommand.
+ * This no longer does anything useful, but we leave it here
+ * for compatibility.
*/
static int
do_stop(int argc)
@@ -1331,7 +1235,7 @@ do_stop(int argc)
return (ERROR_USAGE);
}
- return (stop_daemon());
+ return (SUCCESS);
}
diff --git a/usr/src/cmd/cmd-crypto/cryptoadm/cryptoadm.h b/usr/src/cmd/cmd-crypto/cryptoadm/cryptoadm.h
index d01f21275e..4f42dd1627 100644
--- a/usr/src/cmd/cmd-crypto/cryptoadm/cryptoadm.h
+++ b/usr/src/cmd/cmd-crypto/cryptoadm/cryptoadm.h
@@ -21,6 +21,9 @@
/*
* Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
*/
+/*
+ * Copyright 2010 Nexenta Systems, Inc. All rights reserved.
+ */
#ifndef _CRYPTOADM_H
#define _CRYPTOADM_H
@@ -34,7 +37,6 @@
extern "C" {
#endif
-#define _PATH_KCFD "/lib/crypto/kcfd"
#define TMPFILE_TEMPLATE "/etc/crypto/admXXXXXX"
#define ERROR_USAGE 2
@@ -99,8 +101,6 @@ extern void free_mechlist(mechlist_t *);
/* adm_kef_util */
extern boolean_t is_device(char *);
-extern int fips_update_pkcs11conf(int);
-extern void fips_status_pkcs11conf(int *);
extern char *ent2str(entry_t *);
extern entry_t *getent_kef(char *provname,
entrylist_t *pdevlist, entrylist_t *psoftlist);
@@ -159,8 +159,6 @@ extern int install_kef(char *, mechlist_t *);
extern int uninstall_kef(char *);
extern int unload_kef_soft(char *provname);
extern int refresh(void);
-extern int start_daemon(void);
-extern int stop_daemon(void);
/* adm_ioctl */
extern crypto_load_soft_config_t *setup_soft_conf(entry_t *);
@@ -172,7 +170,6 @@ extern int get_dev_list(crypto_get_dev_list_t **);
extern int get_soft_info(char *provname, mechlist_t **ppmechlist,
entrylist_t *phardlist, entrylist_t *psoftlist);
extern int get_soft_list(crypto_get_soft_list_t **);
-extern int do_fips_actions(int, int);
/* adm_metaslot */
extern int list_metaslot_info(boolean_t, boolean_t, mechlist_t *);
@@ -181,9 +178,6 @@ extern int disable_metaslot(mechlist_t *, boolean_t, boolean_t);
extern int enable_metaslot(char *, char *, boolean_t, mechlist_t *, boolean_t,
boolean_t);
-/* adm_hw */
-extern int do_fips_hw_actions(int, int);
-
#ifdef __cplusplus
}
#endif
diff --git a/usr/src/cmd/cmd-crypto/cryptoadm/start_stop.c b/usr/src/cmd/cmd-crypto/cryptoadm/start_stop.c
deleted file mode 100644
index 8551230012..0000000000
--- a/usr/src/cmd/cmd-crypto/cryptoadm/start_stop.c
+++ /dev/null
@@ -1,100 +0,0 @@
-/*
- * CDDL HEADER START
- *
- * The contents of this file are subject to the terms of the
- * Common Development and Distribution License, Version 1.0 only
- * (the "License"). You may not use this file except in compliance
- * with the License.
- *
- * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
- * or http://www.opensolaris.org/os/licensing.
- * See the License for the specific language governing permissions
- * and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL HEADER in each
- * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
- * If applicable, add the following below this CDDL HEADER, with the
- * fields enclosed by brackets "[]" replaced with your own identifying
- * information: Portions Copyright [yyyy] [name of copyright owner]
- *
- * CDDL HEADER END
- */
-/*
- * Copyright 2005 Sun Microsystems, Inc. All rights reserved.
- * Use is subject to license terms.
- */
-#pragma ident "%Z%%M% %I% %E% SMI"
-
-#include <fcntl.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <door.h>
-#include <libintl.h>
-#include <string.h>
-#include <errno.h>
-#include <signal.h>
-#include <libscf.h>
-
-#include <cryptoutil.h>
-#include <sys/crypto/elfsign.h>
-#include "cryptoadm.h"
-
-int
-start_daemon(void)
-{
- closefrom(0);
- (void) open("/dev/null", O_RDONLY);
- (void) open("/dev/null", O_WRONLY);
- (void) dup(1);
- (void) setsid();
-
- return (execl(_PATH_KCFD, _PATH_KCFD, (char *)0));
-}
-
-int
-stop_daemon(void)
-{
- int fd = -1;
- int err = 0;
- struct door_info dinfo;
-
- /* read PID of kcfd process from kcfd lock file */
- if ((fd = open(_PATH_KCFD_DOOR, O_RDONLY)) == -1) {
- err = errno;
- cryptodebug("Can not open %s: %s", _PATH_KCFD_DOOR,
- strerror(err));
- goto stop_fail;
- }
-
- if (door_info(fd, &dinfo) == -1 || dinfo.di_target == -1) {
- err = ENOENT; /* no errno if di_target == -1 */
- cryptodebug("no door server listening on %s", _PATH_KCFD_DOOR);
- goto stop_fail;
- }
-
- cryptodebug("Sending SIGINT to %d", dinfo.di_target);
- /* send a signal to kcfd process */
- if ((kill(dinfo.di_target, SIGINT)) != 0) {
- err = errno;
- cryptodebug("failed to send a signal to kcfd: %s",
- strerror(errno));
- goto stop_fail;
- }
-
-stop_fail:
- if (fd != -1)
- (void) close(fd);
-
- if (err != 0) {
- cryptoerror(LOG_STDERR, gettext(
- "no kcfd available to stop - %s."),
- strerror(err));
- /*
- * We return with SMF_EXIT_OK because this was a request
- * to stop something that wasn't running.
- */
- return (SMF_EXIT_OK);
- }
-
- return (SMF_EXIT_OK);
-}
diff --git a/usr/src/cmd/cmd-crypto/scripts/cryptosvc.xml b/usr/src/cmd/cmd-crypto/scripts/cryptosvc.xml
index 0c7dc7f27a..578520a142 100644
--- a/usr/src/cmd/cmd-crypto/scripts/cryptosvc.xml
+++ b/usr/src/cmd/cmd-crypto/scripts/cryptosvc.xml
@@ -4,6 +4,8 @@
Copyright 2009 Sun Microsystems, Inc. All rights reserved.
Use is subject to license terms.
+ Copyright 2010 Nexenta Systems, Inc. All rights reserved.
+
CDDL HEADER START
The contents of this file are subject to the terms of the
@@ -73,6 +75,10 @@
exec='/sbin/cryptoadm %m'
timeout_seconds='60' />
+ <property_group name='startd' type='framework'>
+ <propval name='duration' type='astring' value='transient' />
+ </property_group>
+
<instance name='default' enabled='false' />
<stability value='Unstable' />
@@ -86,8 +92,6 @@
<documentation>
<manpage title='cryptoadm' section='1M'
manpath='/usr/share/man' />
- <manpage title='kcfd' section='1M'
- manpath='/usr/share/man' />
</documentation>
</template>
diff --git a/usr/src/common/bignum/bignum.h b/usr/src/common/bignum/bignum.h
index fa659e244c..f2389cb5b7 100644
--- a/usr/src/common/bignum/bignum.h
+++ b/usr/src/common/bignum/bignum.h
@@ -173,11 +173,6 @@ int big_is_zero(BIGNUM *n);
BIG_CHUNK_TYPE big_n0(BIG_CHUNK_TYPE n);
-/*
- * Kernel bignum module: module integrity test
- */
-extern int bignum_fips_check(void);
-
#if defined(HWCAP)
#if (BIG_CHUNK_SIZE != 32)
diff --git a/usr/src/common/crypto/aes/aes_impl.h b/usr/src/common/crypto/aes/aes_impl.h
index c512d8470d..d44e261dda 100644
--- a/usr/src/common/crypto/aes/aes_impl.h
+++ b/usr/src/common/crypto/aes/aes_impl.h
@@ -149,20 +149,7 @@ extern int aes_decrypt_contiguous_blocks(void *ctx, char *data, size_t length,
/*
* The following definitions and declarations are only used by AES FIPS POST
*/
-#ifdef _AES_FIPS_POST
-
-#include <fips/fips_post.h>
-
-/*
- * FIPS preprocessor directives for AES-ECB and AES-CBC.
- */
-#define FIPS_AES_BLOCK_SIZE 16 /* 128-bits */
-#define FIPS_AES_ENCRYPT_LENGTH 16 /* 128-bits */
-#define FIPS_AES_DECRYPT_LENGTH 16 /* 128-bits */
-#define FIPS_AES_128_KEY_SIZE 16 /* 128-bits */
-#define FIPS_AES_192_KEY_SIZE 24 /* 192-bits */
-#define FIPS_AES_256_KEY_SIZE 32 /* 256-bits */
-
+#ifdef _AES_IMPL
#ifdef _KERNEL
typedef enum aes_mech_type {
@@ -175,51 +162,8 @@ typedef enum aes_mech_type {
AES_GMAC_MECH_INFO_TYPE /* SUN_CKM_AES_GMAC */
} aes_mech_type_t;
-#undef CKM_AES_ECB
-#undef CKM_AES_CBC
-#undef CKM_AES_CTR
-
-#define CKM_AES_ECB AES_ECB_MECH_INFO_TYPE
-#define CKM_AES_CBC AES_CBC_MECH_INFO_TYPE
-#define CKM_AES_CTR AES_CTR_MECH_INFO_TYPE
-
-typedef struct soft_aes_ctx {
- void *key_sched; /* pointer to key schedule */
- size_t keysched_len; /* Length of the key schedule */
- uint8_t ivec[AES_BLOCK_LEN]; /* initialization vector */
- uint8_t data[AES_BLOCK_LEN]; /* for use by update */
- size_t remain_len; /* for use by update */
- void *aes_cbc; /* to be used by CBC mode */
-} soft_aes_ctx_t;
-#endif
-
-/* AES FIPS functions */
-extern int fips_aes_post(int);
-
-#ifdef _AES_IMPL
-#ifndef _KERNEL
-struct soft_aes_ctx;
-extern void fips_aes_free_context(struct soft_aes_ctx *);
-extern struct soft_aes_ctx *fips_aes_build_context(uint8_t *, int,
- uint8_t *, CK_MECHANISM_TYPE);
-extern CK_RV fips_aes_encrypt(struct soft_aes_ctx *, CK_BYTE_PTR,
- CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR, CK_MECHANISM_TYPE);
-extern CK_RV fips_aes_decrypt(struct soft_aes_ctx *, CK_BYTE_PTR,
- CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR, CK_MECHANISM_TYPE);
-
-#else
-extern void fips_aes_free_context(soft_aes_ctx_t *);
-extern void *aes_cbc_ctx_init(void *, size_t, uint8_t *);
-extern soft_aes_ctx_t *fips_aes_build_context(uint8_t *, int,
- uint8_t *, aes_mech_type_t, boolean_t);
-extern int fips_aes_encrypt(soft_aes_ctx_t *, uchar_t *,
- ulong_t, uchar_t *, ulong_t *, aes_mech_type_t);
-extern int fips_aes_decrypt(soft_aes_ctx_t *, uchar_t *,
- ulong_t, uchar_t *, ulong_t *, aes_mech_type_t);
-
-#endif /* _KERNEL */
+#endif /* _KERNEL */
#endif /* _AES_IMPL */
-#endif /* _AES_FIPS_POST */
#ifdef __cplusplus
}
diff --git a/usr/src/common/crypto/des/des_impl.h b/usr/src/common/crypto/des/des_impl.h
index 65509804ce..88fce15ef0 100644
--- a/usr/src/common/crypto/des/des_impl.h
+++ b/usr/src/common/crypto/des/des_impl.h
@@ -104,19 +104,7 @@ extern int des3_encrypt_block(const void *, const uint8_t *, uint8_t *);
extern int des_decrypt_block(const void *, const uint8_t *, uint8_t *);
extern int des3_decrypt_block(const void *, const uint8_t *, uint8_t *);
-/*
- * The following definitions and declarations are only used by DES FIPS POST
- */
-#ifdef _DES_FIPS_POST
-
-#include <modes/modes.h>
-#include <fips/fips_post.h>
-
-/* DES FIPS Declarations */
-#define FIPS_DES_ENCRYPT_LENGTH 8 /* 64-bits */
-#define FIPS_DES_DECRYPT_LENGTH 8 /* 64-bits */
-#define FIPS_DES3_ENCRYPT_LENGTH 8 /* 64-bits */
-#define FIPS_DES3_DECRYPT_LENGTH 8 /* 64-bits */
+#ifdef _DES_IMPL
#ifdef _KERNEL
typedef enum des_mech_type {
@@ -128,42 +116,8 @@ typedef enum des_mech_type {
DES3_CFB_MECH_INFO_TYPE /* SUN_CKM_DES3_CFB */
} des_mech_type_t;
-
-#undef CKM_DES_ECB
-#undef CKM_DES3_ECB
-#undef CKM_DES_CBC
-#undef CKM_DES3_CBC
-
-#define CKM_DES_ECB DES_ECB_MECH_INFO_TYPE
-#define CKM_DES3_ECB DES3_ECB_MECH_INFO_TYPE
-#define CKM_DES_CBC DES_CBC_MECH_INFO_TYPE
-#define CKM_DES3_CBC DES3_CBC_MECH_INFO_TYPE
-#endif
-
-/* DES3 FIPS functions */
-extern int fips_des3_post(void);
-
-#ifndef _KERNEL
-#ifdef _DES_IMPL
-struct soft_des_ctx;
-extern struct soft_des_ctx *des_build_context(uint8_t *, uint8_t *,
- CK_KEY_TYPE, CK_MECHANISM_TYPE);
-extern void fips_des_free_context(struct soft_des_ctx *);
-extern CK_RV fips_des_encrypt(struct soft_des_ctx *, CK_BYTE_PTR,
- CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR, CK_MECHANISM_TYPE);
-extern CK_RV fips_des_decrypt(struct soft_des_ctx *, CK_BYTE_PTR,
- CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR, CK_MECHANISM_TYPE);
-#endif /* _DES_IMPL */
-#else
-extern des_ctx_t *des_build_context(uint8_t *, uint8_t *,
- des_mech_type_t);
-extern void fips_des_free_context(des_ctx_t *);
-extern int fips_des_encrypt(des_ctx_t *, uint8_t *,
- ulong_t, uint8_t *, ulong_t *, des_mech_type_t);
-extern int fips_des_decrypt(des_ctx_t *, uint8_t *,
- ulong_t, uint8_t *, ulong_t *, des_mech_type_t);
-#endif /* _KERNEL */
-#endif /* _DES_FIPS_POST */
+#endif /* _KERNEL */
+#endif /* _DES_IMPL */
#ifdef __cplusplus
}
diff --git a/usr/src/common/crypto/dsa/dsa_impl.h b/usr/src/common/crypto/dsa/dsa_impl.h
index c550aaf517..39758d60b0 100644
--- a/usr/src/common/crypto/dsa/dsa_impl.h
+++ b/usr/src/common/crypto/dsa/dsa_impl.h
@@ -107,28 +107,6 @@ CK_RV dsa_sign(DSAbytekey *bkey, uchar_t *msg, uint32_t msglen, uchar_t *sig);
CK_RV dsa_verify(DSAbytekey *bkey, uchar_t *msg, uchar_t *sig);
-
-/*
- * The following definitions and declarations are only used by DSA FIPS POST
- */
-#ifdef _DSA_FIPS_POST
-
-/* DSA FIPS Declarations */
-#define FIPS_DSA_PRIME_LENGTH 128 /* 1024-bits */
-#define FIPS_DSA_SUBPRIME_LENGTH 20 /* 160-bits */
-#define FIPS_DSA_BASE_LENGTH 128 /* 1024-bits */
-#define FIPS_DSA_SEED_LENGTH 20 /* 160-bits */
-#define FIPS_DSA_DIGEST_LENGTH 20 /* 160-bits */
-#define FIPS_DSA_SIGNATURE_LENGTH 40 /* 320-bits */
-
-/* DSA FIPS functions */
-extern int fips_dsa_post(void);
-extern int fips_dsa_genkey_pair(DSAbytekey *);
-extern int fips_dsa_digest_sign(DSAbytekey *, uint8_t *, uint32_t, uint8_t *);
-extern int fips_dsa_verify(DSAbytekey *, uint8_t *, uint8_t *);
-
-#endif /* _DSA_FIPS_POST */
-
#ifdef __cplusplus
}
#endif
diff --git a/usr/src/common/crypto/fips/fips_addchecksum.c b/usr/src/common/crypto/fips/fips_addchecksum.c
deleted file mode 100644
index 76045ff4b7..0000000000
--- a/usr/src/common/crypto/fips/fips_addchecksum.c
+++ /dev/null
@@ -1,256 +0,0 @@
-/*
- * CDDL HEADER START
- *
- * The contents of this file are subject to the terms of the
- * Common Development and Distribution License (the "License").
- * You may not use this file except in compliance with the License.
- *
- * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
- * or http://www.opensolaris.org/os/licensing.
- * See the License for the specific language governing permissions
- * and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL HEADER in each
- * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
- * If applicable, add the following below this CDDL HEADER, with the
- * fields enclosed by brackets "[]" replaced with your own identifying
- * information: Portions Copyright [yyyy] [name of copyright owner]
- *
- * CDDL HEADER END
- */
-
-/*
- * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
- */
-
-#include <ctype.h>
-#include <unistd.h>
-#include <sys/types.h>
-#include <fcntl.h>
-#include <stdio.h>
-#include <libelf.h>
-#include <gelf.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sha1.h>
-#include <sys/elf_SPARC.h>
-#include <fips/fips_checksum.h>
-
-
-#define FAIL_EXIT \
- (void) fprintf(stderr, "failure at line %d\n", __LINE__); \
- return (-1)
-
-static const char fips_section_name[] = ".SUNW_fips";
-
-static int
-add_fips_section(int fd)
-{
- Elf64_Ehdr *ehdrp;
- Elf64_Shdr *section;
- Elf *elf;
- Elf_Scn *scn, *shstrtab_scn, *fips_scn = NULL;
- Elf_Data *shstrtab_data;
- Elf_Data *sdata;
- unsigned int cnt, old_size, new_size;
- char *sname, *newbuf;
-
- /* Obtain the ELF descriptor */
- (void) elf_version(EV_CURRENT);
- if ((elf = elf_begin(fd, ELF_C_RDWR, NULL)) == NULL) {
- FAIL_EXIT;
- }
-
- if ((ehdrp = elf64_getehdr(elf)) == NULL) {
- FAIL_EXIT;
- } else if ((shstrtab_scn = elf_getscn(elf, ehdrp->e_shstrndx)) ==
- NULL) {
- FAIL_EXIT;
- } else if ((shstrtab_data = elf_getdata(shstrtab_scn, NULL)) == NULL) {
- FAIL_EXIT;
- }
-
- /* Traverse input file to see if the fips section already exists */
- for (cnt = 1, scn = NULL; scn = elf_nextscn(elf, scn); cnt++) {
- if ((section = elf64_getshdr(scn)) == NULL) {
- FAIL_EXIT;
- }
- sname = (char *)shstrtab_data->d_buf + section->sh_name;
- if (strcmp(sname, fips_section_name) == 0) {
- /*
- * If the fips section already exists, make sure that
- * the section is large enough.
- */
- fips_scn = scn;
- if ((sdata = elf_getdata(scn, NULL)) == NULL) {
- FAIL_EXIT;
- }
- if (sdata->d_size < SHA1_DIGEST_LENGTH) {
- newbuf = malloc(SHA1_DIGEST_LENGTH);
- sdata->d_size = SHA1_DIGEST_LENGTH;
- sdata->d_buf = newbuf;
- }
- (void) elf_flagdata(sdata, ELF_C_SET, ELF_F_DIRTY);
- (void) elf_flagscn(scn, ELF_C_SET, ELF_F_DIRTY);
- (void) elf_flagelf(elf, ELF_C_SET, ELF_F_DIRTY);
- }
- }
-
- /* If the fips section does not exist, allocate the section. */
- if (fips_scn == NULL) {
- Elf64_Shdr *shdr;
-
- /* add the section name at the end of the .shstrtab section */
- old_size = shstrtab_data->d_size;
- new_size = old_size + strlen(fips_section_name) + 1;
- if ((newbuf = malloc(new_size)) == NULL) {
- FAIL_EXIT;
- }
-
- (void) memcpy(newbuf, shstrtab_data->d_buf, old_size);
- (void) strlcpy(newbuf + old_size, fips_section_name,
- new_size - old_size);
- shstrtab_data->d_buf = newbuf;
- shstrtab_data->d_size = new_size;
- shstrtab_data->d_align = 1;
- if ((fips_scn = elf_newscn(elf)) == 0) {
- FAIL_EXIT;
- }
-
- /* Initialize the fips section */
- if ((shdr = elf64_getshdr(fips_scn)) == NULL) {
- FAIL_EXIT;
- }
- /*
- * sh_name is the starting position of the name
- * within the shstrtab_data->d_buf buffer
- */
- shdr->sh_name = old_size;
- shdr->sh_type = SHT_SUNW_SIGNATURE;
- shdr->sh_flags = SHF_EXCLUDE;
- shdr->sh_addr = 0;
- shdr->sh_link = 0;
- shdr->sh_info = 0;
- shdr->sh_size = 0;
- shdr->sh_offset = 0;
- shdr->sh_addralign = 1;
-
- if ((sdata = elf_newdata(fips_scn)) == NULL) {
- FAIL_EXIT;
- }
- if (sdata->d_size < SHA1_DIGEST_LENGTH) {
- newbuf = malloc(SHA1_DIGEST_LENGTH);
- sdata->d_size = SHA1_DIGEST_LENGTH;
- sdata->d_buf = newbuf;
- }
- (void) elf_flagdata(sdata, ELF_C_SET, ELF_F_DIRTY);
- (void) elf_flagscn(fips_scn, ELF_C_SET, ELF_F_DIRTY);
- (void) elf_flagelf(elf, ELF_C_SET, ELF_F_DIRTY);
- }
- (void) elf_update(elf, ELF_C_WRITE);
- (void) elf_end(elf);
- (void) close(fd);
-
- return (0);
-}
-
-int
-main(int argc, char **argv)
-{
- Elf64_Ehdr ehdr;
- Elf64_Ehdr *ehdrp;
- Elf64_Shdr *section;
- Elf *elf;
- Elf_Scn *scn, *shstrtab_scn;
- Elf_Data *shstrtab_data, *sdata;
- int fd;
- unsigned int size, i, cnt;
- char sha1buf[SHA1_DIGEST_LENGTH];
- char *sname, *newbuf;
-
- if (argc != 2) {
- (void) fprintf(stderr, "Usage: %s [filename]\n", argv[0]);
- return (-1);
- }
-
- /* Open the driver file */
- if ((fd = open(argv[1], O_RDWR)) == -1) {
- goto errorexit;
- }
-
- /* Read the ELF header */
- size = sizeof (ehdr);
- if (fips_read_file(fd, (char *)(&ehdr), size, 0) < 0) {
- goto errorexit;
- }
-
- /* check if it is an ELF file */
- for (i = 0; i < SELFMAG; i++) {
- if (ehdr.e_ident[i] != ELFMAG[i]) {
- (void) fprintf(stderr, "%s not an elf file\n", argv[1]);
- goto errorexit;
- }
- }
-
- if (add_fips_section(fd) < 0) { /* closes fd on success */
- goto errorexit;
- }
-
- if ((fd = open(argv[1], O_RDWR)) == -1) {
- FAIL_EXIT;
- }
- if (fips_read_file(fd, (char *)(&ehdr), size, 0) < 0) {
- goto errorexit;
- }
-
- /* calculate the file checksum */
- if (fips_calc_checksum(fd, &ehdr, sha1buf) < 0) {
- goto errorexit;
- }
-
- (void) elf_version(EV_CURRENT);
- if ((elf = elf_begin(fd, ELF_C_RDWR, NULL)) == NULL) {
- goto errorexit;
- }
-
- if ((ehdrp = elf64_getehdr(elf)) == NULL) {
- goto errorexit;
- } else if ((shstrtab_scn = elf_getscn(elf, ehdrp->e_shstrndx)) ==
- NULL) {
- goto errorexit;
- } else if ((shstrtab_data = elf_getdata(shstrtab_scn, NULL)) == NULL) {
- goto errorexit;
- }
-
- /* Add the checksum to the fips section */
- for (cnt = 1, scn = NULL; scn = elf_nextscn(elf, scn); cnt++) {
- if ((section = elf64_getshdr(scn)) == NULL) {
- goto errorexit;
- }
-
- sname = (char *)shstrtab_data->d_buf + section->sh_name;
- if (strcmp(sname, fips_section_name) == 0) {
- if ((sdata = elf_getdata(scn, NULL)) == NULL) {
- goto errorexit;
- }
-
- newbuf = sdata->d_buf;
- (void) memcpy(newbuf, sha1buf, SHA1_DIGEST_LENGTH);
- (void) elf_flagdata(sdata, ELF_C_SET, ELF_F_DIRTY);
- (void) elf_flagscn(scn, ELF_C_SET, ELF_F_DIRTY);
- (void) elf_flagelf(elf, ELF_C_SET, ELF_F_DIRTY);
- }
- }
- (void) elf_update(elf, ELF_C_WRITE);
- (void) elf_end(elf);
- (void) close(fd);
-
- return (0);
-
-
-errorexit:
-
- (void) close(fd);
-
- FAIL_EXIT;
-}
diff --git a/usr/src/common/crypto/fips/fips_aes_util.c b/usr/src/common/crypto/fips/fips_aes_util.c
deleted file mode 100644
index 7b6248dba2..0000000000
--- a/usr/src/common/crypto/fips/fips_aes_util.c
+++ /dev/null
@@ -1,1361 +0,0 @@
-/*
- * CDDL HEADER START
- *
- * The contents of this file are subject to the terms of the
- * Common Development and Distribution License (the "License").
- * You may not use this file except in compliance with the License.
- *
- * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
- * or http://www.opensolaris.org/os/licensing.
- * See the License for the specific language governing permissions
- * and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL HEADER in each
- * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
- * If applicable, add the following below this CDDL HEADER, with the
- * fields enclosed by brackets "[]" replaced with your own identifying
- * information: Portions Copyright [yyyy] [name of copyright owner]
- *
- * CDDL HEADER END
- */
-/*
- * Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
- */
-
-#include <sys/types.h>
-#include <sys/param.h>
-#include <sys/cmn_err.h>
-#include <sys/errno.h>
-#include <sys/kmem.h>
-#include <sys/systm.h>
-#include <sys/crypto/common.h>
-#include <modes/modes.h>
-#define _AES_FIPS_POST
-#include <fips/fips_test_vectors.h>
-#ifndef _KERNEL
-#include <stdlib.h>
-#include <string.h>
-#include <strings.h>
-#include <stdio.h>
-#include <security/cryptoki.h>
-#include <cryptoutil.h>
-#include "softCrypt.h"
-#else
-#define _AES_IMPL
-#include <aes/aes_impl.h>
-#endif
-
-
-#ifdef _KERNEL
-void *
-aes_cbc_ctx_init(void *key_sched, size_t size, uint8_t *ivec)
-{
-
- cbc_ctx_t *cbc_ctx;
-
- if ((cbc_ctx = kmem_zalloc(sizeof (cbc_ctx_t), KM_SLEEP)) == NULL)
- return (NULL);
-
- cbc_ctx->cbc_keysched = key_sched;
- cbc_ctx->cbc_keysched_len = size;
-
- (void) memcpy(&cbc_ctx->cbc_iv[0], ivec, AES_BLOCK_LEN);
-
- cbc_ctx->cbc_lastp = (uint8_t *)cbc_ctx->cbc_iv;
- cbc_ctx->cbc_flags |= CBC_MODE;
-
- return (cbc_ctx);
-}
-
-/*
- * Allocate and initialize a context for AES CTR mode of operation.
- */
-void *
-aes_ctr_ctx_init(void *key_sched, size_t size, uint8_t *param)
-{
-
- ctr_ctx_t *ctr_ctx;
- CK_AES_CTR_PARAMS *pp;
-
- /* LINTED: pointer alignment */
- pp = (CK_AES_CTR_PARAMS *)param;
-
- if ((ctr_ctx = kmem_zalloc(sizeof (ctr_ctx_t), KM_SLEEP)) == NULL)
- return (NULL);
-
- ctr_ctx->ctr_keysched = key_sched;
- ctr_ctx->ctr_keysched_len = size;
-
- if (ctr_init_ctx(ctr_ctx, pp->ulCounterBits, pp->cb,
- aes_copy_block) != CRYPTO_SUCCESS) {
- kmem_free(ctr_ctx, sizeof (ctr_ctx_t));
- return (NULL);
- }
- ctr_ctx->ctr_flags |= CTR_MODE;
-
- return (ctr_ctx);
-}
-
-/*
- * Allocate and initialize a context for AES CCM mode of operation.
- */
-void *
-aes_ccm_ctx_init(void *key_sched, size_t size, uint8_t *param,
- boolean_t is_encrypt_init)
-{
-
- ccm_ctx_t *ccm_ctx;
-
- if ((ccm_ctx = kmem_zalloc(sizeof (ccm_ctx_t), KM_SLEEP)) == NULL)
- return (NULL);
-
- ccm_ctx->ccm_keysched = key_sched;
- ccm_ctx->ccm_keysched_len = size;
-
- if (ccm_init_ctx(ccm_ctx, (char *)param, KM_SLEEP,
- is_encrypt_init, AES_BLOCK_LEN, aes_encrypt_block,
- aes_xor_block) != CRYPTO_SUCCESS) {
- kmem_free(ccm_ctx, sizeof (ccm_ctx_t));
- return (NULL);
- }
- ccm_ctx->ccm_flags |= CCM_MODE;
-
- return (ccm_ctx);
-}
-
-/*
- * Allocate and initialize a context for AES CCM mode of operation.
- */
-void *
-aes_gcm_ctx_init(void *key_sched, size_t size, uint8_t *param)
-{
-
- gcm_ctx_t *gcm_ctx;
-
- if ((gcm_ctx = kmem_zalloc(sizeof (gcm_ctx_t), KM_SLEEP)) == NULL)
- return (NULL);
-
- gcm_ctx->gcm_keysched = key_sched;
- gcm_ctx->gcm_keysched_len = size;
-
- if (gcm_init_ctx(gcm_ctx, (char *)param, AES_BLOCK_LEN,
- aes_encrypt_block, aes_copy_block,
- aes_xor_block) != CRYPTO_SUCCESS) {
- kmem_free(gcm_ctx, sizeof (gcm_ctx_t));
- return (NULL);
- }
- gcm_ctx->gcm_flags |= GCM_MODE;
-
- return (gcm_ctx);
-}
-
-void *
-aes_gmac_ctx_init(void *key_sched, size_t size, uint8_t *param)
-{
-
- gcm_ctx_t *gcm_ctx;
-
- if ((gcm_ctx = kmem_zalloc(sizeof (gcm_ctx_t), KM_SLEEP)) == NULL)
- return (NULL);
-
- gcm_ctx->gcm_keysched = key_sched;
- gcm_ctx->gcm_keysched_len = size;
-
- if (gmac_init_ctx(gcm_ctx, (char *)param, AES_BLOCK_LEN,
- aes_encrypt_block, aes_copy_block,
- aes_xor_block) != CRYPTO_SUCCESS) {
- kmem_free(gcm_ctx, sizeof (gcm_ctx_t));
- return (NULL);
- }
- gcm_ctx->gcm_flags |= GMAC_MODE;
-
- return (gcm_ctx);
-}
-#endif
-
-
-/*
- * Allocate context for the active encryption or decryption operation, and
- * generate AES key schedule to speed up the operation.
- */
-soft_aes_ctx_t *
-#ifdef _KERNEL
-fips_aes_build_context(uint8_t *key, int key_len, uint8_t *iv,
- aes_mech_type_t mechanism, boolean_t is_encrypt_init)
-#else
-fips_aes_build_context(uint8_t *key, int key_len, uint8_t *iv,
- CK_MECHANISM_TYPE mechanism)
-#endif
-{
- size_t size;
- soft_aes_ctx_t *soft_aes_ctx;
- CK_AES_CTR_PARAMS pp;
-
-#ifdef _KERNEL
- if ((soft_aes_ctx = kmem_zalloc(sizeof (soft_aes_ctx_t),
- KM_SLEEP)) == NULL)
-#else
- if ((soft_aes_ctx = calloc(1, sizeof (soft_aes_ctx_t)))
- == NULL)
-#endif
- return (NULL);
-
-
- soft_aes_ctx->key_sched = aes_alloc_keysched(&size, 0);
-
- if (soft_aes_ctx->key_sched == NULL) {
-#ifdef _KERNEL
- kmem_free(soft_aes_ctx, sizeof (soft_aes_ctx_t));
-#else
- free(soft_aes_ctx);
-#endif
- return (NULL);
- }
-
- soft_aes_ctx->keysched_len = size;
-
-#ifdef __sparcv9
- aes_init_keysched(key, (uint_t)(key_len * 8),
- soft_aes_ctx->key_sched);
-#else /* !__sparcv9 */
- aes_init_keysched(key, (key_len * 8),
- soft_aes_ctx->key_sched);
-#endif /* __sparcv9 */
-
- switch (mechanism) {
-
- case CKM_AES_CBC:
-
- /* Save Initialization Vector (IV) in the context. */
- (void) memcpy(soft_aes_ctx->ivec, iv, AES_BLOCK_LEN);
- /* Allocate a context for AES cipher-block chaining. */
- soft_aes_ctx->aes_cbc = (void *)aes_cbc_ctx_init(
- soft_aes_ctx->key_sched,
- soft_aes_ctx->keysched_len,
- soft_aes_ctx->ivec);
- break;
-
- case CKM_AES_CTR:
-
- pp.ulCounterBits = 16;
- (void) memcpy(pp.cb, iv, AES_BLOCK_LEN);
- soft_aes_ctx->aes_cbc = aes_ctr_ctx_init(
- soft_aes_ctx->key_sched,
- soft_aes_ctx->keysched_len,
- (uint8_t *)&pp);
- break;
-
-#ifdef _KERNEL
- case AES_CCM_MECH_INFO_TYPE:
- soft_aes_ctx->aes_cbc = aes_ccm_ctx_init(
- soft_aes_ctx->key_sched,
- soft_aes_ctx->keysched_len, iv,
- is_encrypt_init);
- break;
-
- case AES_GCM_MECH_INFO_TYPE:
- soft_aes_ctx->aes_cbc = aes_gcm_ctx_init(
- soft_aes_ctx->key_sched,
- soft_aes_ctx->keysched_len, iv);
- break;
-
- case AES_GMAC_MECH_INFO_TYPE:
- soft_aes_ctx->aes_cbc = aes_gmac_ctx_init(
- soft_aes_ctx->key_sched,
- soft_aes_ctx->keysched_len, iv);
- break;
-#endif
- default:
- return (soft_aes_ctx);
- }
-
- if (soft_aes_ctx->aes_cbc == NULL) {
- bzero(soft_aes_ctx->key_sched,
- soft_aes_ctx->keysched_len);
-#ifdef _KERNEL
- kmem_free(soft_aes_ctx->key_sched, size);
-#else
- free(soft_aes_ctx->key_sched);
-#endif
- return (NULL);
- }
-
- return (soft_aes_ctx);
-}
-
-#ifdef _KERNEL
-void
-fips_aes_free_context(soft_aes_ctx_t *soft_aes_ctx)
-{
-
- common_ctx_t *aes_ctx;
-
- aes_ctx = (common_ctx_t *)soft_aes_ctx->aes_cbc;
-
- if (aes_ctx != NULL) {
- bzero(aes_ctx->cc_keysched, aes_ctx->cc_keysched_len);
- kmem_free(aes_ctx->cc_keysched,
- aes_ctx->cc_keysched_len);
- crypto_free_mode_ctx(aes_ctx);
- } else {
- /* ECB MODE */
- bzero(soft_aes_ctx->key_sched, soft_aes_ctx->keysched_len);
- kmem_free(soft_aes_ctx->key_sched, soft_aes_ctx->keysched_len);
- }
-
- kmem_free(soft_aes_ctx, sizeof (soft_aes_ctx_t));
-
-}
-
-#else
-void
-fips_aes_free_context(soft_aes_ctx_t *soft_aes_ctx)
-{
-
- common_ctx_t *aes_ctx;
-
- aes_ctx = (common_ctx_t *)soft_aes_ctx->aes_cbc;
-
- if (aes_ctx != NULL) {
- bzero(aes_ctx->cc_keysched, aes_ctx->cc_keysched_len);
- free(aes_ctx->cc_keysched);
- free(soft_aes_ctx->aes_cbc);
- } else {
- /* ECB MODE */
- bzero(soft_aes_ctx->key_sched, soft_aes_ctx->keysched_len);
- free(soft_aes_ctx->key_sched);
- }
-
- free(soft_aes_ctx);
-
-}
-#endif
-
-/*
- * fips_aes_encrypt()
- *
- * Arguments:
- * soft_aes_ctx: pointer to AES context
- * in_buf: pointer to the input data to be encrypted
- * ulDataLen: length of the input data
- * out_buf: pointer to the output data after encryption
- * pulEncryptedLen: pointer to the length of the output data
- * mechanism: CKM_AES_ECB or CKM_AES_CBC
- *
- * Description:
- * This function calls the corresponding low-level encrypt
- * routine based on the mechanism.
- *
- */
-#ifdef _KERNEL
-int
-fips_aes_encrypt(soft_aes_ctx_t *soft_aes_ctx, uchar_t *in_buf,
- ulong_t ulDataLen, uchar_t *out_buf,
- ulong_t *pulEncryptedLen, aes_mech_type_t mechanism)
-#else
-CK_RV
-fips_aes_encrypt(soft_aes_ctx_t *soft_aes_ctx, CK_BYTE_PTR in_buf,
- CK_ULONG ulDataLen, CK_BYTE_PTR out_buf,
- CK_ULONG_PTR pulEncryptedLen, CK_MECHANISM_TYPE mechanism)
-#endif
-{
-
- int rc = 0;
- CK_RV rv = CKR_OK;
- ulong_t out_len;
-
- /*
- * AES only takes input length that is a multiple of 16-byte
- */
- if ((ulDataLen % AES_BLOCK_LEN) != 0)
- return (CKR_DATA_LEN_RANGE);
-
- /*
- * For non-padding mode, the output length will
- * be same as the input length.
- */
- out_len = ulDataLen;
-
- /*
- * Begin Encryption now.
- */
- switch (mechanism) {
-
- case CKM_AES_ECB:
- {
-
- ulong_t i;
- uint8_t *tmp_inbuf;
- uint8_t *tmp_outbuf;
-
- for (i = 0; i < out_len; i += AES_BLOCK_LEN) {
- tmp_inbuf = &in_buf[i];
- tmp_outbuf = &out_buf[i];
- /* Crunch one block of data for AES. */
- (void) aes_encrypt_block(soft_aes_ctx->key_sched,
- tmp_inbuf, tmp_outbuf);
- }
-
- *pulEncryptedLen = out_len;
-
- break;
- }
-
- case CKM_AES_CBC:
- {
- crypto_data_t out;
-
- out.cd_format = CRYPTO_DATA_RAW;
- out.cd_offset = 0;
- out.cd_length = out_len;
- out.cd_raw.iov_base = (char *)out_buf;
- out.cd_raw.iov_len = out_len;
-
- /* Encrypt multiple blocks of data. */
- rc = aes_encrypt_contiguous_blocks(
- (aes_ctx_t *)soft_aes_ctx->aes_cbc,
- (char *)in_buf, out_len, &out);
-
- if (rc != 0)
- goto encrypt_failed;
-
- if (rc == 0) {
- *pulEncryptedLen = out_len;
- break;
- }
-encrypt_failed:
- *pulEncryptedLen = 0;
- return (CKR_DEVICE_ERROR);
- }
-
- case CKM_AES_CTR:
- {
- crypto_data_t out;
-
- out.cd_format = CRYPTO_DATA_RAW;
- out.cd_offset = 0;
- out.cd_length = out_len;
- out.cd_raw.iov_base = (char *)out_buf;
- out.cd_raw.iov_len = out_len;
-
- rc = aes_encrypt_contiguous_blocks(soft_aes_ctx->aes_cbc,
- (char *)in_buf, out_len, &out);
-
- if (rc != 0) {
- *pulEncryptedLen = 0;
- return (CKR_DEVICE_ERROR);
- }
- /*
- * Since AES counter mode is a stream cipher, we call
- * aes_counter_final() to pick up any remaining bytes.
- * It is an internal function that does not destroy
- * the context like *normal* final routines.
- */
- if (((aes_ctx_t *)soft_aes_ctx->aes_cbc)->ac_remainder_len
- > 0) {
- rc = ctr_mode_final(soft_aes_ctx->aes_cbc, &out,
- aes_encrypt_block);
- if (rc != 0) {
- *pulEncryptedLen = 0;
- return (CKR_DEVICE_ERROR);
- }
- }
-
- *pulEncryptedLen = out_len;
- break;
- }
-
-#ifdef _KERNEL
- case AES_CCM_MECH_INFO_TYPE:
- {
- crypto_data_t out;
- size_t saved_length, length_needed;
- aes_ctx_t *aes_ctx = soft_aes_ctx->aes_cbc;
- ccm_ctx_t *ccm_ctx = soft_aes_ctx->aes_cbc;
-
- length_needed = ulDataLen + aes_ctx->ac_mac_len;
-
- out.cd_format = CRYPTO_DATA_RAW;
- out.cd_offset = 0;
- out.cd_length = length_needed;
- out.cd_raw.iov_base = (char *)out_buf;
- out.cd_raw.iov_len = length_needed;
-
- saved_length = out.cd_length;
-
- rc = aes_encrypt_contiguous_blocks(aes_ctx,
- (char *)in_buf, ulDataLen, &out);
-
- if (rc != 0) {
- *pulEncryptedLen = 0;
- return (rc);
- }
-
- /*
- * ccm_encrypt_final() will compute the MAC and append
- * it to existing ciphertext. So, need to adjust the left over
- * length value accordingly
- */
-
- /* order of following 2 lines MUST not be reversed */
- out.cd_offset = ccm_ctx->ccm_processed_data_len;
- out.cd_length = saved_length - ccm_ctx->ccm_processed_data_len;
-
- rc = ccm_encrypt_final((ccm_ctx_t *)aes_ctx, &out,
- AES_BLOCK_LEN, aes_encrypt_block, aes_xor_block);
-
- if (rc != CRYPTO_SUCCESS) {
- *pulEncryptedLen = 0;
- return (rc);
- }
-
- *pulEncryptedLen = length_needed;
- break;
- }
-
- case AES_GCM_MECH_INFO_TYPE:
- {
- crypto_data_t out;
- size_t saved_length, length_needed;
- aes_ctx_t *aes_ctx = soft_aes_ctx->aes_cbc;
- gcm_ctx_t *gcm_ctx = soft_aes_ctx->aes_cbc;
-
- /*
- * Output:
- * A ciphertext, denoted C, whose bit length is the same as
- * that of the plaintext.
- * An authentication tag, or tag, for short, denoted T.
- */
-
- length_needed = ulDataLen + aes_ctx->ac_tag_len;
-
- out.cd_format = CRYPTO_DATA_RAW;
- out.cd_offset = 0;
- out.cd_length = length_needed;
- out.cd_raw.iov_base = (char *)out_buf;
- out.cd_raw.iov_len = length_needed;
-
- saved_length = out.cd_length;
-
- rc = aes_encrypt_contiguous_blocks(aes_ctx,
- (char *)in_buf, ulDataLen, &out);
-
- if (rc != 0) {
- *pulEncryptedLen = 0;
- return (rc);
- }
-
- /*
- * ccm_encrypt_final() will compute the MAC and append
- * it to existing ciphertext. So, need to adjust the left over
- * length value accordingly
- */
-
- /* order of following 2 lines MUST not be reversed */
- out.cd_offset = gcm_ctx->gcm_processed_data_len;
- out.cd_length = saved_length - gcm_ctx->gcm_processed_data_len;
-
- rc = gcm_encrypt_final((gcm_ctx_t *)aes_ctx, &out,
- AES_BLOCK_LEN, aes_encrypt_block, aes_copy_block,
- aes_xor_block);
-
- if (rc != CRYPTO_SUCCESS) {
- *pulEncryptedLen = 0;
- return (rc);
- }
-
- *pulEncryptedLen = length_needed;
- break;
- }
-
- case AES_GMAC_MECH_INFO_TYPE:
- {
- crypto_data_t out;
- size_t length_needed;
- aes_ctx_t *aes_ctx = soft_aes_ctx->aes_cbc;
-
- length_needed = aes_ctx->ac_tag_len;
-
- out.cd_format = CRYPTO_DATA_RAW;
- out.cd_offset = 0;
- out.cd_length = length_needed;
- out.cd_raw.iov_base = (char *)out_buf;
- out.cd_raw.iov_len = length_needed;
-
- rc = gcm_encrypt_final((gcm_ctx_t *)aes_ctx, &out,
- AES_BLOCK_LEN, aes_encrypt_block, aes_copy_block,
- aes_xor_block);
-
- if (rc != CRYPTO_SUCCESS) {
- *pulEncryptedLen = 0;
- return (rc);
- }
-
- *pulEncryptedLen = length_needed;
- break;
- }
-#endif /* _KERNEL */
- } /* end switch */
-
- return (rv);
-}
-
-/*
- * fips_aes_decrypt()
- *
- * Arguments:
- * soft_aes_ctx: pointer to AES context
- * in_buf: pointer to the input data to be decrypted
- * ulEncryptedLen: length of the input data
- * out_buf: pointer to the output data
- * pulDataLen: pointer to the length of the output data
- * mechanism: CKM_AES_ECB or CKM_AES_CBC
- *
- * Description:
- * This function calls the corresponding low-level decrypt
- * function based on the mechanism.
- *
- */
-#ifdef _KERNEL
-int
-fips_aes_decrypt(soft_aes_ctx_t *soft_aes_ctx, uchar_t *in_buf,
- ulong_t ulEncryptedLen, uchar_t *out_buf,
- ulong_t *pulDataLen, aes_mech_type_t mechanism)
-#else
-CK_RV
-fips_aes_decrypt(soft_aes_ctx_t *soft_aes_ctx, CK_BYTE_PTR in_buf,
- CK_ULONG ulEncryptedLen, CK_BYTE_PTR out_buf,
- CK_ULONG_PTR pulDataLen, CK_MECHANISM_TYPE mechanism)
-#endif
-{
-
- int rc = 0;
- CK_RV rv = CKR_OK;
- ulong_t out_len;
-
- /*
- * AES only takes input length that is a multiple of 16 bytes
- */
- if ((ulEncryptedLen % AES_BLOCK_LEN) != 0)
- return (CKR_ENCRYPTED_DATA_LEN_RANGE);
-
- /*
- * For non-padding mode, the output length will
- * be same as the input length.
- */
- out_len = ulEncryptedLen;
-
- /*
- * Begin Decryption.
- */
- switch (mechanism) {
-
- case CKM_AES_ECB:
- {
-
- ulong_t i;
- uint8_t *tmp_inbuf;
- uint8_t *tmp_outbuf;
-
- for (i = 0; i < out_len; i += AES_BLOCK_LEN) {
- tmp_inbuf = &in_buf[i];
- tmp_outbuf = &out_buf[i];
- /* Crunch one block of data for AES. */
- (void) aes_decrypt_block(soft_aes_ctx->key_sched,
- tmp_inbuf, tmp_outbuf);
- }
-
- *pulDataLen = out_len;
-
- break;
- }
-
- case CKM_AES_CBC:
- {
- crypto_data_t out;
-
- out.cd_format = CRYPTO_DATA_RAW;
- out.cd_offset = 0;
- out.cd_length = out_len;
- out.cd_raw.iov_base = (char *)out_buf;
- out.cd_raw.iov_len = out_len;
-
- /* Decrypt multiple blocks of data. */
- rc = aes_decrypt_contiguous_blocks(
- (aes_ctx_t *)soft_aes_ctx->aes_cbc,
- (char *)in_buf, out_len, &out);
-
- if (rc != 0)
- goto decrypt_failed;
-
-
- *pulDataLen = out_len;
-
- if (rc == 0)
- break;
-decrypt_failed:
- *pulDataLen = 0;
- return (CKR_DEVICE_ERROR);
- }
-
- case CKM_AES_CTR:
- {
- crypto_data_t out;
-
- out.cd_format = CRYPTO_DATA_RAW;
- out.cd_offset = 0;
- out.cd_length = *pulDataLen;
- out.cd_raw.iov_base = (char *)out_buf;
- out.cd_raw.iov_len = *pulDataLen;
-
- rc = aes_decrypt_contiguous_blocks(soft_aes_ctx->aes_cbc,
- (char *)in_buf, out_len, &out);
-
- if (rc != 0) {
- *pulDataLen = 0;
- return (CKR_DEVICE_ERROR);
- }
-
- /*
- * Since AES counter mode is a stream cipher, we call
- * aes_counter_final() to pick up any remaining bytes.
- * It is an internal function that does not destroy
- * the context like *normal* final routines.
- */
- if (((aes_ctx_t *)soft_aes_ctx->aes_cbc)->ac_remainder_len
- > 0) {
- rc = ctr_mode_final(soft_aes_ctx->aes_cbc, &out,
- aes_encrypt_block);
-
- if (rc == CKR_DATA_LEN_RANGE)
- return (CKR_ENCRYPTED_DATA_LEN_RANGE);
- }
-
- *pulDataLen = out_len;
- break;
- }
-
-#ifdef _KERNEL
- case AES_CCM_MECH_INFO_TYPE:
- {
- crypto_data_t out;
- size_t length_needed;
- aes_ctx_t *aes_ctx = soft_aes_ctx->aes_cbc;
- ccm_ctx_t *ccm_ctx = soft_aes_ctx->aes_cbc;
-
- length_needed = ulEncryptedLen + ccm_ctx->ccm_mac_len;
-
- out.cd_format = CRYPTO_DATA_RAW;
- out.cd_offset = 0;
- out.cd_length = ulEncryptedLen;
- out.cd_raw.iov_base = (char *)out_buf;
- out.cd_raw.iov_len = ulEncryptedLen;
-
- rc = aes_decrypt_contiguous_blocks(aes_ctx,
- (char *)in_buf, length_needed, &out);
-
- if (rc != 0) {
- *pulDataLen = 0;
- return (CRYPTO_FAILED);
- }
-
- /* order of following 2 lines MUST not be reversed */
- out.cd_offset = 0;
- out.cd_length = ulEncryptedLen;
-
- rc = ccm_decrypt_final((ccm_ctx_t *)aes_ctx, &out,
- AES_BLOCK_LEN, aes_encrypt_block, aes_copy_block,
- aes_xor_block);
-
- if (rc != CRYPTO_SUCCESS) {
- *pulDataLen = 0;
- return (CRYPTO_FAILED);
- }
-
- *pulDataLen = ulEncryptedLen;
-
- break;
- }
-
- case AES_GCM_MECH_INFO_TYPE:
- {
- crypto_data_t out;
- size_t length_needed;
- aes_ctx_t *aes_ctx = soft_aes_ctx->aes_cbc;
-
- length_needed = ulEncryptedLen + aes_ctx->ac_tag_len;
-
- out.cd_format = CRYPTO_DATA_RAW;
- out.cd_offset = 0;
- out.cd_length = ulEncryptedLen;
- out.cd_raw.iov_base = (char *)out_buf;
- out.cd_raw.iov_len = ulEncryptedLen;
-
- rc = aes_decrypt_contiguous_blocks(aes_ctx,
- (char *)in_buf, length_needed, &out);
-
- if (rc != 0) {
- *pulDataLen = 0;
- return (CRYPTO_FAILED);
- }
-
- /* order of following 2 lines MUST not be reversed */
- out.cd_offset = 0;
- out.cd_length = aes_ctx->ac_tag_len;
-
- rc = gcm_decrypt_final((gcm_ctx_t *)aes_ctx, &out,
- AES_BLOCK_LEN, aes_encrypt_block,
- aes_xor_block);
-
- if (rc != CRYPTO_SUCCESS) {
- *pulDataLen = 0;
- return (CRYPTO_FAILED);
- }
-
- *pulDataLen = ulEncryptedLen;
-
- break;
- }
-
- case AES_GMAC_MECH_INFO_TYPE:
- {
- crypto_data_t out;
- size_t length_needed;
- aes_ctx_t *aes_ctx = soft_aes_ctx->aes_cbc;
-
- length_needed = aes_ctx->ac_tag_len;
-
- out.cd_format = CRYPTO_DATA_RAW;
- out.cd_offset = 0;
- out.cd_length = 0;
- out.cd_raw.iov_base = (char *)NULL;
- out.cd_raw.iov_len = 0;
-
- rc = aes_decrypt_contiguous_blocks(aes_ctx,
- (char *)in_buf, length_needed, &out);
-
- if (rc != 0) {
- *pulDataLen = 0;
- return (CRYPTO_FAILED);
- }
-
- /* order of following 2 lines MUST not be reversed */
- out.cd_format = CRYPTO_DATA_RAW;
- out.cd_offset = 0;
- out.cd_length = 0;
- out.cd_raw.iov_base = (char *)NULL;
- out.cd_raw.iov_len = 0;
-
- rc = gcm_decrypt_final((gcm_ctx_t *)aes_ctx, &out,
- AES_BLOCK_LEN, aes_encrypt_block,
- aes_xor_block);
-
- if (rc != CRYPTO_SUCCESS) {
- *pulDataLen = 0;
- return (CRYPTO_FAILED);
- }
-
- *pulDataLen = 0;
-
- break;
- }
-#endif
- } /* end switch */
-
- return (rv);
-}
-
-/* AES self-test for 128-bit, 192-bit, or 256-bit key sizes */
-int
-fips_aes_post(int aes_key_size)
-{
- uint8_t *aes_ecb_known_ciphertext =
- (aes_key_size == FIPS_AES_128_KEY_SIZE) ?
- aes_ecb128_known_ciphertext :
- (aes_key_size == FIPS_AES_192_KEY_SIZE) ?
- aes_ecb192_known_ciphertext :
- aes_ecb256_known_ciphertext;
-
- uint8_t *aes_cbc_known_ciphertext =
- (aes_key_size == FIPS_AES_128_KEY_SIZE) ?
- aes_cbc128_known_ciphertext :
- (aes_key_size == FIPS_AES_192_KEY_SIZE) ?
- aes_cbc192_known_ciphertext :
- aes_cbc256_known_ciphertext;
-
- uint8_t *aes_ctr_known_ciphertext =
- (aes_key_size == FIPS_AES_128_KEY_SIZE) ?
- aes_ctr128_known_ciphertext :
- (aes_key_size == FIPS_AES_192_KEY_SIZE) ?
- aes_ctr192_known_ciphertext :
- aes_ctr256_known_ciphertext;
-
- uint8_t *aes_ctr_known_key =
- (aes_key_size == FIPS_AES_128_KEY_SIZE) ?
- aes_ctr128_known_key :
- (aes_key_size == FIPS_AES_192_KEY_SIZE) ?
- aes_ctr192_known_key :
- aes_ctr256_known_key;
-
-#ifdef _KERNEL
- uint8_t *aes_ccm_known_plaintext =
- (aes_key_size == FIPS_AES_128_KEY_SIZE) ?
- aes_ccm128_known_plaintext :
- (aes_key_size == FIPS_AES_192_KEY_SIZE) ?
- aes_ccm192_known_plaintext :
- aes_ccm256_known_plaintext;
-
- uint8_t *aes_ccm_known_ciphertext =
- (aes_key_size == FIPS_AES_128_KEY_SIZE) ?
- aes_ccm128_known_ciphertext :
- (aes_key_size == FIPS_AES_192_KEY_SIZE) ?
- aes_ccm192_known_ciphertext :
- aes_ccm256_known_ciphertext;
-
- uint8_t *aes_ccm_known_key =
- (aes_key_size == FIPS_AES_128_KEY_SIZE) ?
- aes_ccm128_known_key :
- (aes_key_size == FIPS_AES_192_KEY_SIZE) ?
- aes_ccm192_known_key :
- aes_ccm256_known_key;
-
- uint8_t *aes_ccm_known_adata =
- (aes_key_size == FIPS_AES_128_KEY_SIZE) ?
- aes_ccm128_known_adata :
- (aes_key_size == FIPS_AES_192_KEY_SIZE) ?
- aes_ccm192_known_adata :
- aes_ccm256_known_adata;
-
- uint8_t *aes_ccm_known_nonce =
- (aes_key_size == FIPS_AES_128_KEY_SIZE) ?
- aes_ccm128_known_nonce :
- (aes_key_size == FIPS_AES_192_KEY_SIZE) ?
- aes_ccm192_known_nonce :
- aes_ccm256_known_nonce;
-
- uint8_t *aes_gcm_known_key =
- (aes_key_size == FIPS_AES_128_KEY_SIZE) ?
- aes_gcm128_known_key :
- (aes_key_size == FIPS_AES_192_KEY_SIZE) ?
- aes_gcm192_known_key :
- aes_gcm256_known_key;
-
- uint8_t *aes_gcm_known_iv =
- (aes_key_size == FIPS_AES_128_KEY_SIZE) ?
- aes_gcm128_known_iv :
- (aes_key_size == FIPS_AES_192_KEY_SIZE) ?
- aes_gcm192_known_iv :
- aes_gcm256_known_iv;
-
- uint8_t *aes_gcm_known_plaintext =
- (aes_key_size == FIPS_AES_128_KEY_SIZE) ?
- aes_gcm128_known_plaintext :
- (aes_key_size == FIPS_AES_192_KEY_SIZE) ?
- aes_gcm192_known_plaintext :
- aes_gcm256_known_plaintext;
-
- uint8_t *aes_gcm_known_ciphertext =
- (aes_key_size == FIPS_AES_128_KEY_SIZE) ?
- aes_gcm128_known_ciphertext :
- (aes_key_size == FIPS_AES_192_KEY_SIZE) ?
- aes_gcm192_known_ciphertext :
- aes_gcm256_known_ciphertext;
-
- uint8_t *aes_gcm_known_adata =
- (aes_key_size == FIPS_AES_128_KEY_SIZE) ?
- aes_gcm128_known_adata :
- (aes_key_size == FIPS_AES_192_KEY_SIZE) ?
- aes_gcm192_known_adata :
- aes_gcm256_known_adata;
-
- uint8_t *aes_gmac_known_key =
- (aes_key_size == FIPS_AES_128_KEY_SIZE) ?
- aes_gmac128_known_key :
- (aes_key_size == FIPS_AES_192_KEY_SIZE) ?
- aes_gmac192_known_key :
- aes_gmac256_known_key;
-
- uint8_t *aes_gmac_known_iv =
- (aes_key_size == FIPS_AES_128_KEY_SIZE) ?
- aes_gmac128_known_iv :
- (aes_key_size == FIPS_AES_192_KEY_SIZE) ?
- aes_gmac192_known_iv :
- aes_gmac256_known_iv;
-
- uint8_t *aes_gmac_known_tag =
- (aes_key_size == FIPS_AES_128_KEY_SIZE) ?
- aes_gmac128_known_tag :
- (aes_key_size == FIPS_AES_192_KEY_SIZE) ?
- aes_gmac192_known_tag :
- aes_gmac256_known_tag;
-
- uint8_t *aes_gmac_known_adata =
- (aes_key_size == FIPS_AES_128_KEY_SIZE) ?
- aes_gmac128_known_adata :
- (aes_key_size == FIPS_AES_192_KEY_SIZE) ?
- aes_gmac192_known_adata :
- aes_gmac256_known_adata;
-
- /* AES variables. */
- uint8_t aes_ccm_computed_ciphertext[3*FIPS_AES_ENCRYPT_LENGTH];
- uint8_t aes_ccm_computed_plaintext[2*FIPS_AES_DECRYPT_LENGTH];
- uint8_t aes_gcm_computed_ciphertext[2*FIPS_AES_ENCRYPT_LENGTH];
- uint8_t aes_gcm_computed_plaintext[FIPS_AES_DECRYPT_LENGTH];
- uint8_t aes_gmac_computed_tag[FIPS_AES_ENCRYPT_LENGTH];
- CK_AES_CCM_PARAMS ccm_param;
- CK_AES_GCM_PARAMS gcm_param;
- CK_AES_GMAC_PARAMS gmac_param;
-#endif
-
- uint8_t aes_computed_ciphertext[FIPS_AES_ENCRYPT_LENGTH];
- uint8_t aes_computed_plaintext[FIPS_AES_DECRYPT_LENGTH];
- soft_aes_ctx_t *aes_context;
- ulong_t aes_bytes_encrypted;
- ulong_t aes_bytes_decrypted;
- int rv;
-
- /* check if aes_key_size is 128, 192, or 256 bits */
- if ((aes_key_size != FIPS_AES_128_KEY_SIZE) &&
- (aes_key_size != FIPS_AES_192_KEY_SIZE) &&
- (aes_key_size != FIPS_AES_256_KEY_SIZE))
- return (CKR_DEVICE_ERROR);
-
- /*
- * AES-ECB Known Answer Encryption Test
- */
-#ifdef _KERNEL
- aes_context = fips_aes_build_context(aes_known_key,
- aes_key_size, NULL, AES_ECB_MECH_INFO_TYPE, B_FALSE);
-#else
- aes_context = fips_aes_build_context(aes_known_key,
- aes_key_size, NULL, CKM_AES_ECB);
-#endif
-
- if (aes_context == NULL) {
- return (CKR_HOST_MEMORY);
- }
-
- rv = fips_aes_encrypt(aes_context, aes_known_plaintext,
- FIPS_AES_ENCRYPT_LENGTH, aes_computed_ciphertext,
- &aes_bytes_encrypted, CKM_AES_ECB);
-
- fips_aes_free_context(aes_context);
-
- if ((rv != CKR_OK) ||
- (aes_bytes_encrypted != FIPS_AES_ENCRYPT_LENGTH) ||
- (memcmp(aes_computed_ciphertext, aes_ecb_known_ciphertext,
- FIPS_AES_ENCRYPT_LENGTH) != 0))
- return (CKR_DEVICE_ERROR);
-
- /*
- * AES-ECB Known Answer Decryption Test
- */
-#ifdef _KERNEL
- aes_context = fips_aes_build_context(aes_known_key,
- aes_key_size, NULL, AES_ECB_MECH_INFO_TYPE, B_FALSE);
-#else
- aes_context = fips_aes_build_context(aes_known_key,
- aes_key_size, NULL, CKM_AES_ECB);
-#endif
-
- if (aes_context == NULL) {
- return (CKR_HOST_MEMORY);
- }
-
- rv = fips_aes_decrypt(aes_context, aes_ecb_known_ciphertext,
- FIPS_AES_DECRYPT_LENGTH, aes_computed_plaintext,
- &aes_bytes_decrypted, CKM_AES_ECB);
-
- fips_aes_free_context(aes_context);
-
- if ((rv != CKR_OK) ||
- (aes_bytes_decrypted != FIPS_AES_DECRYPT_LENGTH) ||
- (memcmp(aes_computed_plaintext, aes_known_plaintext,
- FIPS_AES_DECRYPT_LENGTH) != 0))
- return (CKR_DEVICE_ERROR);
-
- /*
- * AES-CBC Known Answer Encryption Test
- */
-#ifdef _KERNEL
- aes_context = fips_aes_build_context(aes_known_key,
- aes_key_size, aes_cbc_known_initialization_vector,
- AES_CBC_MECH_INFO_TYPE, B_FALSE);
-#else
- aes_context = fips_aes_build_context(aes_known_key,
- aes_key_size, aes_cbc_known_initialization_vector,
- CKM_AES_CBC);
-#endif
-
- if (aes_context == NULL) {
- return (CKR_HOST_MEMORY);
- }
-
- rv = fips_aes_encrypt(aes_context, aes_known_plaintext,
- FIPS_AES_ENCRYPT_LENGTH, aes_computed_ciphertext,
- &aes_bytes_encrypted, CKM_AES_CBC);
-
- fips_aes_free_context(aes_context);
-
- if ((rv != CKR_OK) ||
- (aes_bytes_encrypted != FIPS_AES_ENCRYPT_LENGTH) ||
- (memcmp(aes_computed_ciphertext, aes_cbc_known_ciphertext,
- FIPS_AES_ENCRYPT_LENGTH) != 0))
- return (CKR_DEVICE_ERROR);
-
- /*
- * AES-CBC Known Answer Decryption Test
- */
-#ifdef _KERNEL
- aes_context = fips_aes_build_context(aes_known_key,
- aes_key_size, aes_cbc_known_initialization_vector,
- AES_CBC_MECH_INFO_TYPE, B_FALSE);
-#else
- aes_context = fips_aes_build_context(aes_known_key,
- aes_key_size, aes_cbc_known_initialization_vector,
- CKM_AES_CBC);
-#endif
-
- if (aes_context == NULL)
- return (CRYPTO_HOST_MEMORY);
-
- rv = fips_aes_decrypt(aes_context, aes_cbc_known_ciphertext,
- FIPS_AES_DECRYPT_LENGTH, aes_computed_plaintext,
- &aes_bytes_decrypted, CKM_AES_CBC);
-
- fips_aes_free_context(aes_context);
-
- if ((rv != CKR_OK) ||
- (aes_bytes_decrypted != FIPS_AES_DECRYPT_LENGTH) ||
- (memcmp(aes_computed_plaintext, aes_known_plaintext,
- FIPS_AES_DECRYPT_LENGTH) != 0))
- return (CKR_DEVICE_ERROR);
-
- /*
- * AES-CTR Known Answer Encryption Test
- */
-#ifdef _KERNEL
- aes_context = fips_aes_build_context(aes_ctr_known_key,
- aes_key_size, aes_ctr_known_counter,
- AES_CTR_MECH_INFO_TYPE, B_FALSE);
-#else
- aes_context = fips_aes_build_context(aes_ctr_known_key,
- aes_key_size, aes_ctr_known_counter, CKM_AES_CTR);
-#endif
-
- if (aes_context == NULL) {
- return (CKR_HOST_MEMORY);
- }
-
- rv = fips_aes_encrypt(aes_context, aes_ctr_known_plaintext,
- FIPS_AES_ENCRYPT_LENGTH, aes_computed_ciphertext,
- &aes_bytes_encrypted, CKM_AES_CTR);
-
- fips_aes_free_context(aes_context);
-
- if ((rv != CKR_OK) ||
- (aes_bytes_encrypted != FIPS_AES_ENCRYPT_LENGTH) ||
- (memcmp(aes_computed_ciphertext, aes_ctr_known_ciphertext,
- FIPS_AES_ENCRYPT_LENGTH) != 0))
- return (CKR_DEVICE_ERROR);
-
- /*
- * AES-CTR Known Answer Decryption Test
- */
-#ifdef _KERNEL
- aes_context = fips_aes_build_context(aes_ctr_known_key,
- aes_key_size, aes_ctr_known_counter,
- AES_CTR_MECH_INFO_TYPE, B_FALSE);
-#else
- aes_context = fips_aes_build_context(aes_ctr_known_key,
- aes_key_size, aes_ctr_known_counter,
- CKM_AES_CTR);
-#endif
- if (aes_context == NULL) {
- return (CKR_HOST_MEMORY);
- }
-
- rv = fips_aes_decrypt(aes_context, aes_ctr_known_ciphertext,
- FIPS_AES_DECRYPT_LENGTH, aes_computed_plaintext,
- &aes_bytes_decrypted, CKM_AES_CTR);
-
- fips_aes_free_context(aes_context);
-
- if ((rv != CKR_OK) ||
- (aes_bytes_decrypted != FIPS_AES_DECRYPT_LENGTH) ||
- (memcmp(aes_computed_plaintext, aes_ctr_known_plaintext,
- FIPS_AES_DECRYPT_LENGTH) != 0))
- return (CKR_DEVICE_ERROR);
-
- /*
- * The following POSTs are only available in Kernel
- *
- * CCM, GCM, and GMAC
- */
-#ifdef _KERNEL
-
- /*
- * AES-CCM Known Answer Encryption Test
- */
- ccm_param.ulMACSize = 16; /* Tlen */
- ccm_param.ulNonceSize = 7; /* Nlen */
- ccm_param.ulAuthDataSize = 30; /* Alen */
- ccm_param.ulDataSize = 32; /* Plen or Clen */
- ccm_param.nonce = aes_ccm_known_nonce;
- ccm_param.authData = aes_ccm_known_adata;
-
- aes_context = fips_aes_build_context(aes_ccm_known_key,
- aes_key_size, (uint8_t *)&ccm_param,
- AES_CCM_MECH_INFO_TYPE, B_TRUE);
-
- if (aes_context == NULL) {
- return (CRYPTO_HOST_MEMORY);
- }
-
- rv = fips_aes_encrypt(aes_context, aes_ccm_known_plaintext,
- 2*FIPS_AES_ENCRYPT_LENGTH, aes_ccm_computed_ciphertext,
- &aes_bytes_encrypted, AES_CCM_MECH_INFO_TYPE);
-
- fips_aes_free_context(aes_context);
-
- if ((rv != CRYPTO_SUCCESS) ||
- (aes_bytes_encrypted != 3*FIPS_AES_ENCRYPT_LENGTH) ||
- (memcmp(aes_ccm_computed_ciphertext, aes_ccm_known_ciphertext,
- 3*FIPS_AES_ENCRYPT_LENGTH) != 0))
- return (CRYPTO_DEVICE_ERROR);
-
- /*
- * AES-CCM Known Answer Decryption Test
- */
- ccm_param.ulMACSize = 16; /* Tlen */
- ccm_param.ulNonceSize = 7; /* Nlen */
- ccm_param.ulAuthDataSize = 30; /* Alen */
- ccm_param.ulDataSize = 48; /* Plen or Clen */
- ccm_param.nonce = aes_ccm_known_nonce;
- ccm_param.authData = aes_ccm_known_adata;
-
- aes_context = fips_aes_build_context(aes_ccm_known_key,
- aes_key_size, (uint8_t *)&ccm_param,
- AES_CCM_MECH_INFO_TYPE, B_FALSE);
-
- if (aes_context == NULL) {
- return (CRYPTO_HOST_MEMORY);
- }
-
- rv = fips_aes_decrypt(aes_context, aes_ccm_known_ciphertext,
- 2*FIPS_AES_DECRYPT_LENGTH, aes_ccm_computed_plaintext,
- &aes_bytes_decrypted, AES_CCM_MECH_INFO_TYPE);
-
- fips_aes_free_context(aes_context);
-
- if ((rv != CRYPTO_SUCCESS) ||
- (aes_bytes_decrypted != 2*FIPS_AES_DECRYPT_LENGTH) ||
- (memcmp(aes_ccm_computed_plaintext, aes_ccm_known_plaintext,
- 2*FIPS_AES_DECRYPT_LENGTH) != 0))
- return (CRYPTO_DEVICE_ERROR);
-
- /*
- * AES-GCM Known Answer Encryption Test
- */
- gcm_param.pIv = aes_gcm_known_iv;
- gcm_param.ulIvLen = AES_GMAC_IV_LEN; /* IVlen = 96 bits */
- gcm_param.ulTagBits = AES_GMAC_TAG_BITS; /* Taglen = 128 bits */
- gcm_param.ulAADLen = 16;
- gcm_param.pAAD = aes_gcm_known_adata;
-
- aes_context = fips_aes_build_context(aes_gcm_known_key,
- aes_key_size, (uint8_t *)&gcm_param,
- AES_GCM_MECH_INFO_TYPE, B_TRUE);
-
- if (aes_context == NULL) {
- return (CRYPTO_HOST_MEMORY);
- }
-
- rv = fips_aes_encrypt(aes_context, aes_gcm_known_plaintext,
- FIPS_AES_ENCRYPT_LENGTH, aes_gcm_computed_ciphertext,
- &aes_bytes_encrypted, AES_GCM_MECH_INFO_TYPE);
-
- fips_aes_free_context(aes_context);
-
- if ((rv != CRYPTO_SUCCESS) ||
- (aes_bytes_encrypted != 2*FIPS_AES_ENCRYPT_LENGTH) ||
- (memcmp(aes_gcm_computed_ciphertext, aes_gcm_known_ciphertext,
- 2*FIPS_AES_ENCRYPT_LENGTH) != 0))
- return (CRYPTO_DEVICE_ERROR);
-
- /*
- * AES-GCM Known Answer Decryption Test
- */
- aes_context = fips_aes_build_context(aes_gcm_known_key,
- aes_key_size, (uint8_t *)&gcm_param,
- AES_GCM_MECH_INFO_TYPE, B_FALSE);
-
- if (aes_context == NULL) {
- return (CRYPTO_HOST_MEMORY);
- }
-
- rv = fips_aes_decrypt(aes_context, aes_gcm_known_ciphertext,
- FIPS_AES_DECRYPT_LENGTH, aes_gcm_computed_plaintext,
- &aes_bytes_decrypted, AES_GCM_MECH_INFO_TYPE);
-
- fips_aes_free_context(aes_context);
-
- if ((rv != CRYPTO_SUCCESS) ||
- (aes_bytes_decrypted != FIPS_AES_DECRYPT_LENGTH) ||
- (memcmp(aes_gcm_computed_plaintext, aes_gcm_known_plaintext,
- FIPS_AES_DECRYPT_LENGTH) != 0))
- return (CRYPTO_DEVICE_ERROR);
-
- /*
- * AES-GMAC Known Answer Encryption Test
- */
- gmac_param.pIv = aes_gmac_known_iv;
- gmac_param.ulAADLen = 16;
- gmac_param.pAAD = aes_gmac_known_adata;
-
- aes_context = fips_aes_build_context(aes_gmac_known_key,
- aes_key_size, (uint8_t *)&gmac_param,
- AES_GMAC_MECH_INFO_TYPE, B_TRUE);
-
- if (aes_context == NULL) {
- return (CRYPTO_HOST_MEMORY);
- }
-
- rv = fips_aes_encrypt(aes_context, NULL,
- 0, aes_gmac_computed_tag,
- &aes_bytes_encrypted, AES_GMAC_MECH_INFO_TYPE);
-
- fips_aes_free_context(aes_context);
-
- if ((rv != CRYPTO_SUCCESS) ||
- (aes_bytes_encrypted != FIPS_AES_ENCRYPT_LENGTH) ||
- (memcmp(aes_gmac_computed_tag, aes_gmac_known_tag,
- FIPS_AES_ENCRYPT_LENGTH) != 0))
- return (CRYPTO_DEVICE_ERROR);
-
- /*
- * AES-GMAC Known Answer Decryption Test
- */
-
- aes_context = fips_aes_build_context(aes_gmac_known_key,
- aes_key_size, (uint8_t *)&gmac_param,
- AES_GMAC_MECH_INFO_TYPE, B_FALSE);
-
- if (aes_context == NULL) {
- return (CRYPTO_HOST_MEMORY);
- }
-
- rv = fips_aes_decrypt(aes_context, aes_gmac_known_tag,
- FIPS_AES_DECRYPT_LENGTH, NULL,
- &aes_bytes_decrypted, AES_GMAC_MECH_INFO_TYPE);
-
- fips_aes_free_context(aes_context);
-
- if ((rv != CRYPTO_SUCCESS) ||
- (aes_bytes_decrypted != 0))
- return (CRYPTO_DEVICE_ERROR);
-
-#endif /* _KERNEL */
-
- return (CRYPTO_SUCCESS);
-}
diff --git a/usr/src/common/crypto/fips/fips_checksum.c b/usr/src/common/crypto/fips/fips_checksum.c
deleted file mode 100644
index 0072b2a8b7..0000000000
--- a/usr/src/common/crypto/fips/fips_checksum.c
+++ /dev/null
@@ -1,346 +0,0 @@
-/*
- * CDDL HEADER START
- *
- * The contents of this file are subject to the terms of the
- * Common Development and Distribution License (the "License").
- * You may not use this file except in compliance with the License.
- *
- * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
- * or http://www.opensolaris.org/os/licensing.
- * See the License for the specific language governing permissions
- * and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL HEADER in each
- * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
- * If applicable, add the following below this CDDL HEADER, with the
- * fields enclosed by brackets "[]" replaced with your own identifying
- * information: Portions Copyright [yyyy] [name of copyright owner]
- *
- * CDDL HEADER END
- */
-/*
- * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
- */
-
-
-#include <fips/fips_checksum.h>
-
-
-#ifdef _KERNEL
-#define FIPS_ALLOC(size) kmem_alloc(size, KM_SLEEP)
-#define FIPS_FREE(buf, size) kmem_free(buf, size)
-#define FIPS_READ_FILE kobj_read_file
-#define ERRLOG0(str) cmn_err(CE_NOTE, str)
-#define ERRLOG1(fmt, arg) cmn_err(CE_NOTE, fmt, arg)
-#include <sys/sunddi.h>
-
-struct _buf *kobj_open_file(char *name);
-int kobj_read_file(struct _buf *file, char *buf, uint_t size, uint_t off);
-#else
-
-#define FIPS_ALLOC(size) malloc(size)
-#define FIPS_FREE(buf, size) free(buf)
-#define FIPS_READ_FILE fips_read_file
-#define ERRLOG0(str) (void) printf(str)
-#define ERRLOG1(fmt, arg) (void) printf(fmt, arg)
-#endif
-
-#define NUM_SECTIONS (sizeof (checked_sec_names) / sizeof (char *))
-
-static char *checked_sec_names[] = {
- ".strtab",
- ".dynamic",
- ".compcom",
- ".comment",
- ".dynstr",
- ".shstrtab",
- ".rela.text",
- ".rela.data",
- ".text",
- ".rodata",
- ".rodata1",
- ".data",
- ".symtab",
- ".SUNW_ctf",
- ".bss"
-};
-
-
-static int
-#ifdef _KERNEL
-process_section(SHA1_CTX *shactx, Elf64_Shdr *section, struct _buf *file,
- char *shstrtab)
-#else
-process_section(SHA1_CTX *shactx, Elf64_Shdr *section, int file,
- char *shstrtab)
-#endif
-{
- size_t size, offs;
- char *name;
- int doit = 0;
- char *buf;
- int i;
-
- size = section->sh_size;
- offs = section->sh_offset;
- name = shstrtab + section->sh_name;
- for (i = 0; i < NUM_SECTIONS; i++) {
- if (strncmp(name, checked_sec_names[i],
- strlen(checked_sec_names[i]) + 1) == 0) {
- doit++;
- break;
- }
- }
-
- if (!doit) {
- return (0);
- }
-
- /* hash the size of .bss section */
- if (strcmp(name, ".bss") == 0) {
- char szstr[32];
- (void) snprintf(szstr, sizeof (szstr), "%ld", size);
- SHA1Update(shactx, szstr, strlen(szstr));
- return (0);
- }
-
-
- /* hash the contents of the section */
- if ((buf = FIPS_ALLOC(size)) == NULL) {
- ERRLOG1("Not enough memory for section %s\n", name);
- return (-1);
- }
-
- if (FIPS_READ_FILE(file, buf, size, offs) < 0) {
- FIPS_FREE(buf, size);
- return (-2);
- }
-
- SHA1Update(shactx, buf, size);
-
- FIPS_FREE(buf, size);
-
- return (0);
-}
-
-int
-#ifdef _KERNEL
-fips_calc_checksum(struct _buf *file, Elf64_Ehdr *ehdr, char *sha1buf)
-#else
-fips_calc_checksum(int file, Elf64_Ehdr *ehdr, char *sha1buf)
-#endif
-{
- unsigned int size, numsec;
- Elf64_Shdr *shdrs;
- Elf64_Shdr *section;
- SHA1_CTX sha1ctx;
- char *shstrtab;
- int i;
-
- numsec = ehdr->e_shnum;
- size = ehdr->e_shentsize * numsec;
- if ((shdrs = (Elf64_Shdr *)FIPS_ALLOC(size)) == NULL) {
- ERRLOG0("Not enough memory for shdrs\n");
- return (FAILURE);
- }
- if (FIPS_READ_FILE(file, (char *)shdrs, size, ehdr->e_shoff) < 0) {
- return (FAILURE);
- }
-
- /* Obtain the .shstrtab data buffer */
- section = &(shdrs[ehdr->e_shstrndx]);
- size = section->sh_size;
- if ((shstrtab = (char *)FIPS_ALLOC(size)) == NULL) {
- ERRLOG0("Not enough memory for shstrtab\n");
- return (FAILURE);
- }
- if (FIPS_READ_FILE(file, shstrtab, size, section->sh_offset) < 0) {
- return (FAILURE);
- }
-
- SHA1Init(&sha1ctx);
- for (i = 0; i < numsec; i++) {
- if (process_section(&sha1ctx, &(shdrs[i]),
- file, shstrtab) < 0) {
- return (FAILURE);
- }
- }
- SHA1Final(sha1buf, &sha1ctx);
-
- return (0);
-}
-
-
-#ifndef _KERNEL
-
-int
-fips_read_file(int fd, char *buf, int size, int offs)
-{
- int i;
-
- if (lseek(fd, offs, SEEK_SET) == (off_t)(-1)) {
- (void) fprintf(stderr,
- "lseek returned an error for file %d\n", fd);
- return (-1);
- }
- while ((i = read(fd, buf, size)) >= 0) {
- if (size == i) {
- break;
- } else {
- size -= i;
- buf += i;
- }
- }
- if (i < 0) {
- (void) fprintf(stderr, "read failed for file %d\n", fd);
- return (-2);
- }
-
- return (0);
-}
-
-#else
-
-static int
-get_fips_section(Elf64_Ehdr *ehdr, struct _buf *file, char *expected_checksum)
-{
- unsigned int shdrssz, shstrtabsz, numsec;
- Elf64_Shdr *shdrs = NULL;
- Elf64_Shdr *section;
- char *shstrtab = NULL;
- char *name;
- int rv = FAILURE;
- int i;
-
- numsec = ehdr->e_shnum;
- shdrssz = ehdr->e_shentsize * numsec;
- if ((shdrs = (Elf64_Shdr *)FIPS_ALLOC(shdrssz)) == NULL) {
- ERRLOG0("Not enough memory for shdrs\n");
- return (FAILURE);
- }
- if (FIPS_READ_FILE(file, (char *)shdrs, shdrssz, ehdr->e_shoff) < 0) {
- goto exit;
- }
-
- /* Obtain the .shstrtab data buffer */
- section = &(shdrs[ehdr->e_shstrndx]);
- shstrtabsz = section->sh_size;
- if ((shstrtab = (char *)FIPS_ALLOC(shstrtabsz)) == NULL) {
- ERRLOG0("Not enough memory for shstrtab\n");
- goto exit;
- }
- if (FIPS_READ_FILE(file, shstrtab, shstrtabsz,
- section->sh_offset) < 0) {
- goto exit;
- }
-
- for (i = 0; i < numsec; i++) {
- section = &shdrs[i];
- name = shstrtab + section->sh_name;
- /* Get the checksum stored in the .SUNW_fips section */
- if (strcmp(name, ".SUNW_fips") == 0) {
- if (section->sh_size != SHA1_DIGEST_LENGTH) {
- goto exit;
- }
- if (FIPS_READ_FILE(file, expected_checksum,
- section->sh_size, section->sh_offset) < 0) {
- goto exit;
- }
- rv = 0;
- goto exit;
- }
- }
-
-
-exit:
- if (shdrs != NULL) {
- FIPS_FREE(shdrs, shdrssz);
- }
- if (shstrtab != NULL) {
- FIPS_FREE(shstrtab, shstrtabsz);
- }
-
- return (rv);
-}
-
-
-int
-fips_check_module(char *modname, void *_initaddr)
-{
- struct modctl *modctlp = NULL;
- struct module *mp = NULL;
- struct _buf *file;
- char *filename;
- Elf64_Ehdr ehdr;
- unsigned int size, i;
- char sha1buf[SHA1_DIGEST_LENGTH];
- char expected_checksum[SHA1_DIGEST_LENGTH];
-
- modctlp = mod_find_by_filename(NULL, modname);
- if (modctlp == NULL) {
- ERRLOG1("module with modname %s not found\n", modname);
- return (FAILURE);
- }
- mp = (struct module *)modctlp->mod_mp;
- if (mp != NULL && mp->filename != NULL) {
- filename = mp->filename;
- } else {
- /* filename does not exist */
- return (FAILURE);
- }
- if ((mp->text > (char *)_initaddr) ||
- (mp->text + mp->text_size < (char *)_initaddr)) {
- ERRLOG1("_init() is not in module %s\n", modname);
- return (FAILURE);
- }
-
- if ((file = kobj_open_file(filename)) == (struct _buf *)-1) {
- ERRLOG1("Cannot open %s\n", filename);
- return (FAILURE);
- }
- /* Read the ELF header */
- size = sizeof (ehdr);
- if (kobj_read_file(file, (char *)(&ehdr), size, 0) < 0) {
- goto fail_exit;
- }
-
- /* check if it is an ELF file */
- for (i = 0; i < SELFMAG; i++) {
- if (ehdr.e_ident[i] != ELFMAG[i]) {
- ERRLOG1("%s not an elf file\n", filename);
- goto fail_exit;
- }
- }
-
- /* check if it is relocatable */
- if (ehdr.e_type != ET_REL) {
- ERRLOG1("%s isn't a relocatable (ET_REL) "
- "module\n", filename);
- goto fail_exit;
- }
-
- if (fips_calc_checksum(file, &ehdr, sha1buf) < 0) {
- goto fail_exit;
- }
-
- if (get_fips_section(&ehdr, file, expected_checksum) < 0) {
- goto fail_exit;
- }
-
- if (memcmp(sha1buf, expected_checksum, SHA1_DIGEST_LENGTH) != 0) {
- goto fail_exit;
- }
-
- kobj_close_file(file);
-
- return (SUCCESS);
-
-fail_exit:
-
- kobj_close_file(file);
-
- return (FAILURE);
-
-}
-
-#endif
diff --git a/usr/src/common/crypto/fips/fips_checksum.h b/usr/src/common/crypto/fips/fips_checksum.h
deleted file mode 100644
index 4288634673..0000000000
--- a/usr/src/common/crypto/fips/fips_checksum.h
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * CDDL HEADER START
- *
- * The contents of this file are subject to the terms of the
- * Common Development and Distribution License (the "License").
- * You may not use this file except in compliance with the License.
- *
- * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
- * or http://www.opensolaris.org/os/licensing.
- * See the License for the specific language governing permissions
- * and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL HEADER in each
- * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
- * If applicable, add the following below this CDDL HEADER, with the
- * fields enclosed by brackets "[]" replaced with your own identifying
- * information: Portions Copyright [yyyy] [name of copyright owner]
- *
- * CDDL HEADER END
- */
-/*
- * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
- */
-
-#ifndef _SYS_CRYPTO_FIPS_H
-#define _SYS_CRYPTO_FIPS_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#ifdef _KERNEL
-#include <sys/elf.h>
-#include <sys/modctl.h>
-#include <sys/kobj.h>
-#include <sys/kmem.h>
-#include <sys/sha1.h>
-#include <sys/ddi.h>
-#else
-#include <ctype.h>
-#include <unistd.h>
-#include <sys/types.h>
-#include <fcntl.h>
-#include <stdio.h>
-#include <libelf.h>
-#include <gelf.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sha1.h>
-#include <sys/elf_SPARC.h>
-#endif
-
-
-#define FAILURE -1
-#define SUCCESS 0
-
-#ifdef _KERNEL
-extern int fips_calc_checksum(struct _buf *, Elf64_Ehdr *, char *);
-extern int fips_check_module(char *modname, void *_initaddr);
-#else
-extern int fips_read_file(int, char *, int, int);
-extern int fips_calc_checksum(int, Elf64_Ehdr *, char *);
-#endif
-
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* _SYS_CRYPTO_FIPS_H */
diff --git a/usr/src/common/crypto/fips/fips_des_util.c b/usr/src/common/crypto/fips/fips_des_util.c
deleted file mode 100644
index 484bf2d8eb..0000000000
--- a/usr/src/common/crypto/fips/fips_des_util.c
+++ /dev/null
@@ -1,660 +0,0 @@
-/*
- * CDDL HEADER START
- *
- * The contents of this file are subject to the terms of the
- * Common Development and Distribution License (the "License").
- * You may not use this file except in compliance with the License.
- *
- * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
- * or http://www.opensolaris.org/os/licensing.
- * See the License for the specific language governing permissions
- * and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL HEADER in each
- * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
- * If applicable, add the following below this CDDL HEADER, with the
- * fields enclosed by brackets "[]" replaced with your own identifying
- * information: Portions Copyright [yyyy] [name of copyright owner]
- *
- * CDDL HEADER END
- */
-/*
- * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
- * Use is subject to license terms.
- */
-
-#include <sys/types.h>
-#include <sys/errno.h>
-#include <sys/kmem.h>
-#include <sys/systm.h>
-#include <sys/crypto/common.h>
-#include <sys/cmn_err.h>
-#include <modes/modes.h>
-#define _DES_FIPS_POST
-#ifndef _KERNEL
-#include <stdlib.h>
-#include <string.h>
-#include <strings.h>
-#include <stdio.h>
-#include <security/cryptoki.h>
-#include <cryptoutil.h>
-#include "softCrypt.h"
-#else
-#define _DES_IMPL
-#include <des/des_impl.h>
-#endif
-
-#ifndef _KERNEL
-/*
- * Allocate context for the DES encryption or decryption operation, and
- * generate DES or DES3 key schedule to speed up the operation.
- */
-soft_des_ctx_t *
-des_build_context(uint8_t *key, uint8_t *iv, CK_KEY_TYPE key_type,
- CK_MECHANISM_TYPE mechanism)
-{
-
- size_t size;
- soft_des_ctx_t *soft_des_ctx;
-
- soft_des_ctx = calloc(1, sizeof (soft_des_ctx_t));
- if (soft_des_ctx == NULL) {
- return (NULL);
- }
-
- /* Allocate key schedule for DES or DES3 based on key type. */
- if (key_type == CKK_DES) {
- soft_des_ctx->key_sched = des_alloc_keysched(&size, DES, 0);
- if (soft_des_ctx->key_sched == NULL) {
- free(soft_des_ctx);
- return (NULL);
- }
- des_init_keysched(key, DES, soft_des_ctx->key_sched);
- } else {
- soft_des_ctx->key_sched = des_alloc_keysched(&size, DES3, 0);
- if (soft_des_ctx->key_sched == NULL) {
- free(soft_des_ctx);
- return (NULL);
- }
- des_init_keysched(key, DES3, soft_des_ctx->key_sched);
- }
-
- soft_des_ctx->keysched_len = size;
- soft_des_ctx->key_type = key_type;
-
- if ((mechanism == CKM_DES_CBC) || (mechanism == CKM_DES3_CBC)) {
- /* Save Initialization Vector (IV) in the context. */
- (void) memcpy(soft_des_ctx->ivec, iv, DES_BLOCK_LEN);
-
- /* Allocate a context for DES cipher-block chaining. */
- soft_des_ctx->des_cbc = (void *)des_cbc_ctx_init(
- soft_des_ctx->key_sched, soft_des_ctx->keysched_len,
- soft_des_ctx->ivec, soft_des_ctx->key_type);
-
- if (soft_des_ctx->des_cbc == NULL) {
- bzero(soft_des_ctx->key_sched,
- soft_des_ctx->keysched_len);
- free(soft_des_ctx->key_sched);
- return (NULL);
- }
- }
-
- return (soft_des_ctx);
-}
-
-/*
- * Free the DES context.
- */
-void
-fips_des_free_context(soft_des_ctx_t *soft_des_ctx)
-{
-
- des_ctx_t *des_ctx;
-
- des_ctx = (des_ctx_t *)soft_des_ctx->des_cbc;
- if (des_ctx != NULL) {
- bzero(des_ctx->dc_keysched, des_ctx->dc_keysched_len);
- free(soft_des_ctx->des_cbc);
- }
-
- bzero(soft_des_ctx->key_sched, soft_des_ctx->keysched_len);
- free(soft_des_ctx->key_sched);
- free(soft_des_ctx);
-}
-#else
-
-static void
-des_copy_block64(uint8_t *in, uint64_t *out)
-{
- if (IS_P2ALIGNED(in, sizeof (uint64_t))) {
- /* LINTED: pointer alignment */
- out[0] = *(uint64_t *)&in[0];
- } else {
- uint64_t tmp64;
-
-#ifdef _BIG_ENDIAN
- tmp64 = (((uint64_t)in[0] << 56) |
- ((uint64_t)in[1] << 48) |
- ((uint64_t)in[2] << 40) |
- ((uint64_t)in[3] << 32) |
- ((uint64_t)in[4] << 24) |
- ((uint64_t)in[5] << 16) |
- ((uint64_t)in[6] << 8) |
- (uint64_t)in[7]);
-#else
- tmp64 = (((uint64_t)in[7] << 56) |
- ((uint64_t)in[6] << 48) |
- ((uint64_t)in[5] << 40) |
- ((uint64_t)in[4] << 32) |
- ((uint64_t)in[3] << 24) |
- ((uint64_t)in[2] << 16) |
- ((uint64_t)in[1] << 8) |
- (uint64_t)in[0]);
-#endif /* _BIG_ENDIAN */
-
- out[0] = tmp64;
- }
-}
-
-des_ctx_t *
-des_build_context(uint8_t *key, uint8_t *iv,
- des_mech_type_t mech_type)
-{
- int rv = CRYPTO_SUCCESS;
- void *keysched;
- size_t size;
- des_ctx_t *des_ctx = NULL;
- des_strength_t strength;
-
- switch (mech_type) {
- case DES_ECB_MECH_INFO_TYPE:
- des_ctx = ecb_alloc_ctx(KM_SLEEP);
- /* FALLTHRU */
- case DES_CBC_MECH_INFO_TYPE:
- strength = DES;
- if (des_ctx == NULL)
- des_ctx = cbc_alloc_ctx(KM_SLEEP);
- break;
- case DES3_ECB_MECH_INFO_TYPE:
- des_ctx = ecb_alloc_ctx(KM_SLEEP);
- /* FALLTHRU */
- case DES3_CBC_MECH_INFO_TYPE:
- strength = DES3;
- if (des_ctx == NULL)
- des_ctx = cbc_alloc_ctx(KM_SLEEP);
- break;
- default:
- return (NULL);
- }
-
- if ((keysched = des_alloc_keysched(&size, strength,
- KM_SLEEP)) == NULL)
- return (NULL);
-
- /*
- * Initialize key schedule.
- * Key length is stored in the key.
- */
- des_init_keysched(key, strength, keysched);
-
- des_ctx->dc_flags |= PROVIDER_OWNS_KEY_SCHEDULE;
- des_ctx->dc_keysched_len = size;
- des_ctx->dc_keysched = keysched;
-
- if (strength == DES3) {
- des_ctx->dc_flags |= DES3_STRENGTH;
- }
-
- switch (mech_type) {
- case DES_CBC_MECH_INFO_TYPE:
- case DES3_CBC_MECH_INFO_TYPE:
- /* Save Initialization Vector (IV) in the context. */
- rv = cbc_init_ctx((cbc_ctx_t *)des_ctx, (char *)iv,
- DES_BLOCK_LEN, DES_BLOCK_LEN, des_copy_block64);
- break;
- case DES_ECB_MECH_INFO_TYPE:
- case DES3_ECB_MECH_INFO_TYPE:
- des_ctx->dc_flags |= ECB_MODE;
- }
-
- if (rv != CRYPTO_SUCCESS) {
- if (des_ctx->dc_flags & PROVIDER_OWNS_KEY_SCHEDULE) {
- bzero(keysched, size);
- kmem_free(keysched, size);
- }
- }
-
- return (des_ctx);
-}
-
-void
-fips_des_free_context(des_ctx_t *des_ctx)
-{
-
- if (des_ctx != NULL) {
- if (des_ctx->dc_flags & PROVIDER_OWNS_KEY_SCHEDULE) {
- ASSERT(des_ctx->dc_keysched_len != 0);
- bzero(des_ctx->dc_keysched, des_ctx->dc_keysched_len);
- kmem_free(des_ctx->dc_keysched,
- des_ctx->dc_keysched_len);
- }
- bzero(des_ctx, sizeof (des_ctx_t));
- kmem_free(des_ctx, sizeof (des_ctx_t));
- }
-}
-#endif
-
-/*
- * fips_des_encrypt()
- *
- * Arguments:
- * soft_des_ctx: pointer to DES context
- * in_buf: pointer to the input data to be encrypted
- * ulDataLen: length of the input data
- * out_buf: pointer to the output data after encryption
- * pulEncryptedLen: pointer to the length of the output data
- * mechanism: CKM_DES_ECB, CKM_DES3_ECB, CKM_DES_CBC, CKM_DES3_CBC
- *
- * Description:
- * This function calls the corresponding DES low-level encrypt
- * routine based on the mechanism.
- *
- */
-#ifndef _KERNEL
-CK_RV
-fips_des_encrypt(soft_des_ctx_t *soft_des_ctx, CK_BYTE_PTR in_buf,
- CK_ULONG ulDataLen, CK_BYTE_PTR out_buf,
- CK_ULONG_PTR pulEncryptedLen, CK_MECHANISM_TYPE mechanism)
-#else
-int
-fips_des_encrypt(des_ctx_t *des_ctx, uint8_t *in_buf,
- ulong_t ulDataLen, uint8_t *out_buf,
- ulong_t *pulEncryptedLen, des_mech_type_t mechanism)
-#endif
-{
-
- CK_RV rv = CKR_OK;
- int rc = 0;
- ulong_t out_len;
-
- /*
- * DES only takes input length that is a multiple of blocksize
- * with the mechanism CKM_DES<n>_ECB or CKM_DES<n>_CBC.
- */
- if ((ulDataLen % DES_BLOCK_LEN) != 0) {
- return (CKR_DATA_LEN_RANGE);
- }
-
- /*
- * For non-padding mode, the output length will
- * be same as the input length.
- */
- out_len = ulDataLen;
-
- /*
- * Begin Encryption now.
- */
- switch (mechanism) {
- case CKM_DES_ECB:
- case CKM_DES3_ECB:
- {
-
- ulong_t i;
- uint8_t *tmp_inbuf;
- uint8_t *tmp_outbuf;
-
- for (i = 0; i < out_len; i += DES_BLOCK_LEN) {
- tmp_inbuf = &in_buf[i];
- tmp_outbuf = &out_buf[i];
- /* Crunch one block of data for DES. */
-#ifndef _KERNEL
- if (soft_des_ctx->key_type == CKK_DES)
- (void) des_crunch_block(
- soft_des_ctx->key_sched,
- tmp_inbuf, tmp_outbuf, B_FALSE);
- else
- (void) des3_crunch_block(
- soft_des_ctx->key_sched,
- tmp_inbuf, tmp_outbuf, B_FALSE);
-#else
- if (mechanism == DES_ECB_MECH_INFO_TYPE)
- (void) des_crunch_block(des_ctx->dc_keysched,
- tmp_inbuf, tmp_outbuf, B_FALSE);
- else
- (void) des3_crunch_block(des_ctx->dc_keysched,
- tmp_inbuf, tmp_outbuf, B_FALSE);
-#endif
- }
-
- *pulEncryptedLen = out_len;
- break;
- }
-
- case CKM_DES_CBC:
- case CKM_DES3_CBC:
- {
- crypto_data_t out;
-
- out.cd_format = CRYPTO_DATA_RAW;
- out.cd_offset = 0;
- out.cd_length = out_len;
- out.cd_raw.iov_base = (char *)out_buf;
- out.cd_raw.iov_len = out_len;
-
- /* Encrypt multiple blocks of data. */
- rc = des_encrypt_contiguous_blocks(
-#ifndef _KERNEL
- (des_ctx_t *)soft_des_ctx->des_cbc,
-#else
- des_ctx,
-#endif
- (char *)in_buf, out_len, &out);
-
- if (rc != 0)
- goto encrypt_failed;
-
- if (rc == 0) {
- *pulEncryptedLen = out_len;
- break;
- }
-encrypt_failed:
- *pulEncryptedLen = 0;
-
- return (CKR_DEVICE_ERROR);
-
- }
- } /* end switch */
-
- return (rv);
-}
-
-/*
- * fips_des_decrypt()
- *
- * Arguments:
- * soft_des_ctx: pointer to DES context
- * in_buf: pointer to the input data to be decrypted
- * ulEncryptedLen: length of the input data
- * out_buf: pointer to the output data
- * pulDataLen: pointer to the length of the output data
- * mechanism: CKM_DES_ECB, CKM_DES3_ECB, CKM_DES_CBC, CKM_DES3_CBC
- *
- * Description:
- * This function calls the corresponding DES low-level decrypt
- * function based on the mechanism.
- *
- */
-#ifndef _KERNEL
-CK_RV
-fips_des_decrypt(soft_des_ctx_t *soft_des_ctx, CK_BYTE_PTR in_buf,
- CK_ULONG ulEncryptedLen, CK_BYTE_PTR out_buf,
- CK_ULONG_PTR pulDataLen, CK_MECHANISM_TYPE mechanism)
-#else
-int
-fips_des_decrypt(des_ctx_t *des_ctx, uint8_t *in_buf,
- ulong_t ulEncryptedLen, uint8_t *out_buf,
- ulong_t *pulDataLen, des_mech_type_t mechanism)
-#endif
-{
-
- CK_RV rv = CKR_OK;
- int rc = 0;
- ulong_t out_len;
-
- /*
- * DES only takes input length that is a multiple of 8 bytes
- * with the mechanism CKM_DES<n>_ECB, CKM_DES<n>_CBC or
- * CKM_DES<n>_CBC_PAD.
- */
- if ((ulEncryptedLen % DES_BLOCK_LEN) != 0) {
- return (CKR_DATA_LEN_RANGE);
- }
-
- /* Set output length same as input length. */
- out_len = ulEncryptedLen;
-
- /*
- * Begin Decryption.
- */
- switch (mechanism) {
- case CKM_DES_ECB:
- case CKM_DES3_ECB:
- {
- uint8_t *tmp_inbuf;
- uint8_t *tmp_outbuf;
- ulong_t i;
-
- for (i = 0; i < out_len; i += DES_BLOCK_LEN) {
- tmp_inbuf = &in_buf[i];
- tmp_outbuf = &out_buf[i];
- /* Crunch one block of data for DES. */
-#ifndef _KERNEL
- if (soft_des_ctx->key_type == CKK_DES)
- (void) des_crunch_block(
- soft_des_ctx->key_sched,
- tmp_inbuf, tmp_outbuf, B_TRUE);
- else
- (void) des3_crunch_block(
- soft_des_ctx->key_sched,
- tmp_inbuf, tmp_outbuf, B_TRUE);
-#else
- if (mechanism == DES_ECB_MECH_INFO_TYPE)
- (void) des_crunch_block(des_ctx->dc_keysched,
- tmp_inbuf, tmp_outbuf, B_TRUE);
- else
- (void) des3_crunch_block(des_ctx->dc_keysched,
- tmp_inbuf, tmp_outbuf, B_TRUE);
-#endif
- }
-
- *pulDataLen = out_len;
- break;
- }
-
- case CKM_DES_CBC:
- case CKM_DES3_CBC:
- {
- crypto_data_t out;
- out.cd_format = CRYPTO_DATA_RAW;
- out.cd_offset = 0;
- out.cd_length = out_len;
- out.cd_raw.iov_base = (char *)out_buf;
- out.cd_raw.iov_len = out_len;
-
- /* Decrypt multiple blocks of data. */
- rc = des_decrypt_contiguous_blocks(
-#ifndef _KERNEL
- (des_ctx_t *)soft_des_ctx->des_cbc,
-#else
- des_ctx,
-#endif
- (char *)in_buf, out_len, &out);
-
- if (rc != 0)
- goto decrypt_failed;
-
- *pulDataLen = out_len;
-
- if (rc == 0)
- break;
-decrypt_failed:
- *pulDataLen = 0;
-
- return (CKR_DEVICE_ERROR);
-
- }
- } /* end switch */
-
- return (rv);
-}
-
-/*
- * DES3 Power-On SelfTest(s).
- */
-int
-fips_des3_post(void)
-{
-
- /* DES3 Known Key. */
- static uint8_t des3_known_key[] = { "ANSI Triple-DES Key Data" };
-
- /* DES3-CBC Known Initialization Vector (64-bits). */
- static uint8_t des3_cbc_known_iv[] = { "Security" };
-
- /* DES3 Known Plaintext (64-bits). */
- static uint8_t des3_ecb_known_plaintext[] = { "Solaris!" };
- static uint8_t des3_cbc_known_plaintext[] = { "Solaris!" };
-
- /* DES3 Known Ciphertext (64-bits). */
- static uint8_t des3_ecb_known_ciphertext[] = {
- 0x17, 0x0d, 0x1f, 0x13, 0xd3, 0xa0, 0x3a, 0x63
- };
-
- static uint8_t des3_cbc_known_ciphertext[] = {
- 0x7f, 0x62, 0x44, 0xb3, 0xf8, 0x77, 0xf8, 0xf8
- };
-
- /* DES3 variables. */
- uint8_t des3_computed_ciphertext[FIPS_DES3_ENCRYPT_LENGTH];
- uint8_t des3_computed_plaintext[FIPS_DES3_DECRYPT_LENGTH];
-
-#ifdef _KERNEL
- des_ctx_t *des3_context;
-#else
- soft_des_ctx_t *des3_context;
-#endif
-
- ulong_t des3_bytes_encrypted;
- ulong_t des3_bytes_decrypted;
- int rv;
-
- /*
- * DES3 ECB Known Answer Encryption Test
- */
-#ifdef _KERNEL
- des3_context = des_build_context(des3_known_key, NULL,
- DES3_ECB_MECH_INFO_TYPE);
-#else
- des3_context = des_build_context(des3_known_key, NULL,
- CKK_DES3, CKM_DES3_ECB);
-#endif
-
- if (des3_context == NULL)
- return (CKR_HOST_MEMORY);
-
-#ifdef _KERNEL
- rv = fips_des_encrypt(des3_context, des3_ecb_known_plaintext,
- FIPS_DES3_ENCRYPT_LENGTH, des3_computed_ciphertext,
- &des3_bytes_encrypted, DES3_ECB_MECH_INFO_TYPE);
-#else
- rv = fips_des_encrypt(des3_context, des3_ecb_known_plaintext,
- FIPS_DES3_ENCRYPT_LENGTH, des3_computed_ciphertext,
- &des3_bytes_encrypted, CKM_DES3_ECB);
-#endif
-
- fips_des_free_context(des3_context);
-
- if ((rv != CRYPTO_SUCCESS) ||
- (des3_bytes_encrypted != FIPS_DES3_ENCRYPT_LENGTH) ||
- (memcmp(des3_computed_ciphertext, des3_ecb_known_ciphertext,
- FIPS_DES3_ENCRYPT_LENGTH) != 0))
- return (CKR_DEVICE_ERROR);
-
- /*
- * DES3 ECB Known Answer Decryption Test
- */
-#ifdef _KERNEL
- des3_context = des_build_context(des3_known_key, NULL,
- DES3_ECB_MECH_INFO_TYPE);
-#else
- des3_context = des_build_context(des3_known_key, NULL,
- CKK_DES3, CKM_DES3_ECB);
-#endif
-
- if (des3_context == NULL)
- return (CKR_HOST_MEMORY);
-
-#ifdef _KERNEL
- rv = fips_des_decrypt(des3_context, des3_ecb_known_ciphertext,
- FIPS_DES3_DECRYPT_LENGTH, des3_computed_plaintext,
- &des3_bytes_decrypted, DES3_ECB_MECH_INFO_TYPE);
-#else
- rv = fips_des_decrypt(des3_context, des3_ecb_known_ciphertext,
- FIPS_DES3_DECRYPT_LENGTH, des3_computed_plaintext,
- &des3_bytes_decrypted, CKM_DES3_ECB);
-#endif
-
- fips_des_free_context(des3_context);
-
- if ((rv != CRYPTO_SUCCESS) ||
- (des3_bytes_decrypted != FIPS_DES3_DECRYPT_LENGTH) ||
- (memcmp(des3_computed_plaintext, des3_ecb_known_plaintext,
- FIPS_DES3_DECRYPT_LENGTH) != 0))
- return (CKR_DEVICE_ERROR);
-
- /*
- * DES3 CBC Known Answer Encryption Test
- */
-#ifdef _KERNEL
- des3_context = des_build_context(des3_known_key, des3_cbc_known_iv,
- DES3_CBC_MECH_INFO_TYPE);
-#else
- des3_context = des_build_context(des3_known_key, des3_cbc_known_iv,
- CKK_DES3, CKM_DES3_CBC);
-#endif
-
- if (des3_context == NULL)
- return (CKR_HOST_MEMORY);
-
-#ifdef _KERNEL
- rv = fips_des_encrypt(des3_context, des3_cbc_known_plaintext,
- FIPS_DES3_ENCRYPT_LENGTH, des3_computed_ciphertext,
- &des3_bytes_encrypted, DES3_CBC_MECH_INFO_TYPE);
-#else
- rv = fips_des_encrypt(des3_context, des3_cbc_known_plaintext,
- FIPS_DES3_ENCRYPT_LENGTH, des3_computed_ciphertext,
- &des3_bytes_encrypted, CKM_DES3_CBC);
-#endif
-
- fips_des_free_context(des3_context);
-
- if ((rv != CRYPTO_SUCCESS) ||
- (des3_bytes_encrypted != FIPS_DES3_ENCRYPT_LENGTH) ||
- (memcmp(des3_computed_ciphertext, des3_cbc_known_ciphertext,
- FIPS_DES3_ENCRYPT_LENGTH) != 0))
- return (CKR_DEVICE_ERROR);
-
- /*
- * DES3 CBC Known Answer Decryption Test
- */
-#ifdef _KERNEL
- des3_context = des_build_context(des3_known_key, des3_cbc_known_iv,
- DES3_CBC_MECH_INFO_TYPE);
-#else
- des3_context = des_build_context(des3_known_key, des3_cbc_known_iv,
- CKK_DES3, CKM_DES3_CBC);
-#endif
-
- if (des3_context == NULL)
- return (CKR_HOST_MEMORY);
-
-#ifdef _KERNEL
- rv = fips_des_decrypt(des3_context, des3_cbc_known_ciphertext,
- FIPS_DES3_DECRYPT_LENGTH, des3_computed_plaintext,
- &des3_bytes_decrypted, DES3_CBC_MECH_INFO_TYPE);
-#else
- rv = fips_des_decrypt(des3_context, des3_cbc_known_ciphertext,
- FIPS_DES3_DECRYPT_LENGTH, des3_computed_plaintext,
- &des3_bytes_decrypted, CKM_DES3_CBC);
-#endif
-
- fips_des_free_context(des3_context);
-
- if ((rv != CRYPTO_SUCCESS) ||
- (des3_bytes_decrypted != FIPS_DES3_DECRYPT_LENGTH) ||
- (memcmp(des3_computed_plaintext, des3_cbc_known_plaintext,
- FIPS_DES3_DECRYPT_LENGTH) != 0))
- return (CKR_DEVICE_ERROR);
-
- return (CKR_OK);
-}
diff --git a/usr/src/common/crypto/fips/fips_dsa_util.c b/usr/src/common/crypto/fips/fips_dsa_util.c
deleted file mode 100644
index 9434c5ebf9..0000000000
--- a/usr/src/common/crypto/fips/fips_dsa_util.c
+++ /dev/null
@@ -1,259 +0,0 @@
-/*
- * CDDL HEADER START
- *
- * The contents of this file are subject to the terms of the
- * Common Development and Distribution License (the "License").
- * You may not use this file except in compliance with the License.
- *
- * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
- * or http://www.opensolaris.org/os/licensing.
- * See the License for the specific language governing permissions
- * and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL HEADER in each
- * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
- * If applicable, add the following below this CDDL HEADER, with the
- * fields enclosed by brackets "[]" replaced with your own identifying
- * information: Portions Copyright [yyyy] [name of copyright owner]
- *
- * CDDL HEADER END
- */
-
-/*
- * Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
- */
-
-#include <sys/types.h>
-#include <sys/sha1.h>
-#define _SHA2_IMPL
-#include <sys/sha2.h>
-
-#ifdef _KERNEL
-#include <sys/param.h>
-#include <sys/kmem.h>
-#else
-#include <strings.h>
-#include <cryptoutil.h>
-#include "softMAC.h"
-#endif
-
-#include <security/cryptoki.h>
-#include <sys/crypto/common.h>
-
-#include <sha1/sha1_impl.h>
-#define _DSA_FIPS_POST
-#include <dsa/dsa_impl.h>
-
-
-/* DSA Known P (1024-bits), Q (160-bits), and G (1024-bits) Values. */
-static uint8_t dsa_P[] = {
- 0x80, 0xb0, 0xd1, 0x9d, 0x6e, 0xa4, 0xf3, 0x28,
- 0x9f, 0x24, 0xa9, 0x8a, 0x49, 0xd0, 0x0c, 0x63,
- 0xe8, 0x59, 0x04, 0xf9, 0x89, 0x4a, 0x5e, 0xc0,
- 0x6d, 0xd2, 0x67, 0x6b, 0x37, 0x81, 0x83, 0x0c,
- 0xfe, 0x3a, 0x8a, 0xfd, 0xa0, 0x3b, 0x08, 0x91,
- 0x1c, 0xcb, 0xb5, 0x63, 0xb0, 0x1c, 0x70, 0xd0,
- 0xae, 0xe1, 0x60, 0x2e, 0x12, 0xeb, 0x54, 0xc7,
- 0xcf, 0xc6, 0xcc, 0xae, 0x97, 0x52, 0x32, 0x63,
- 0xd3, 0xeb, 0x55, 0xea, 0x2f, 0x4c, 0xd5, 0xd7,
- 0x3f, 0xda, 0xec, 0x49, 0x27, 0x0b, 0x14, 0x56,
- 0xc5, 0x09, 0xbe, 0x4d, 0x09, 0x15, 0x75, 0x2b,
- 0xa3, 0x42, 0x0d, 0x03, 0x71, 0xdf, 0x0f, 0xf4,
- 0x0e, 0xe9, 0x0c, 0x46, 0x93, 0x3d, 0x3f, 0xa6,
- 0x6c, 0xdb, 0xca, 0xe5, 0xac, 0x96, 0xc8, 0x64,
- 0x5c, 0xec, 0x4b, 0x35, 0x65, 0xfc, 0xfb, 0x5a,
- 0x1b, 0x04, 0x1b, 0xa1, 0x0e, 0xfd, 0x88, 0x15
-};
-
-static uint8_t dsa_Q[] = {
- 0xad, 0x22, 0x59, 0xdf, 0xe5, 0xec, 0x4c, 0x6e,
- 0xf9, 0x43, 0xf0, 0x4b, 0x2d, 0x50, 0x51, 0xc6,
- 0x91, 0x99, 0x8b, 0xcf
-};
-
-static uint8_t dsa_G[] = {
- 0x78, 0x6e, 0xa9, 0xd8, 0xcd, 0x4a, 0x85, 0xa4,
- 0x45, 0xb6, 0x6e, 0x5d, 0x21, 0x50, 0x61, 0xf6,
- 0x5f, 0xdf, 0x5c, 0x7a, 0xde, 0x0d, 0x19, 0xd3,
- 0xc1, 0x3b, 0x14, 0xcc, 0x8e, 0xed, 0xdb, 0x17,
- 0xb6, 0xca, 0xba, 0x86, 0xa9, 0xea, 0x51, 0x2d,
- 0xc1, 0xa9, 0x16, 0xda, 0xf8, 0x7b, 0x59, 0x8a,
- 0xdf, 0xcb, 0xa4, 0x67, 0x00, 0x44, 0xea, 0x24,
- 0x73, 0xe5, 0xcb, 0x4b, 0xaf, 0x2a, 0x31, 0x25,
- 0x22, 0x28, 0x3f, 0x16, 0x10, 0x82, 0xf7, 0xeb,
- 0x94, 0x0d, 0xdd, 0x09, 0x22, 0x14, 0x08, 0x79,
- 0xba, 0x11, 0x0b, 0xf1, 0xff, 0x2d, 0x67, 0xac,
- 0xeb, 0xb6, 0x55, 0x51, 0x69, 0x97, 0xa7, 0x25,
- 0x6b, 0x9c, 0xa0, 0x9b, 0xd5, 0x08, 0x9b, 0x27,
- 0x42, 0x1c, 0x7a, 0x69, 0x57, 0xe6, 0x2e, 0xed,
- 0xa9, 0x5b, 0x25, 0xe8, 0x1f, 0xd2, 0xed, 0x1f,
- 0xdf, 0xe7, 0x80, 0x17, 0xba, 0x0d, 0x4d, 0x38
-};
-
-/*
- * DSA Known Random Values (known random key block is 160-bits)
- * and (known random signature block is 160-bits).
- * Note: known random key block must be numerically smaller than
- * dsa_Q even after bignum_random() turns on the MSB.
- */
-static uint8_t dsa_known_random_key_block[] = {
- 0x91, 0x22, 0x59, 0xdf, 0xe5, 0xec, 0x4c, 0x6e,
- 0xf9, 0x43, 0xf0, 0x4b, 0x2d, 0x50, 0x51, 0xc6,
- 0x91, 0x99, 0x8b, 0xcf
-};
-
-static uint8_t dsa_known_random_signature_block[] = {
- "Random DSA Signature"
-};
-
-/* DSA Known Digest (160-bits) */
-static uint8_t dsa_known_digest[] = {
- "DSA Signature Digest"
-};
-
-/* DSA Known Signature (320-bits). */
-static uint8_t dsa_known_signature[] = {
- 0x25, 0x7c, 0x3a, 0x79, 0x32, 0x45, 0xb7, 0x32,
- 0x70, 0xca, 0x62, 0x63, 0x2b, 0xf6, 0x29, 0x2c,
- 0x22, 0x2a, 0x03, 0xce, 0x65, 0x02, 0x72, 0x5a,
- 0x66, 0x29, 0xcf, 0x56, 0xe6, 0xdf, 0xb0, 0xcc,
- 0x53, 0x72, 0x56, 0x70, 0x92, 0xb5, 0x45, 0x75
-
-};
-
-
-static int
-fips_dsa_random_func(void *buf, size_t buflen)
-{
- /* should not happen */
- if (buflen != FIPS_DSA_SEED_LENGTH)
- return (-1);
-
- (void) memcpy(buf, dsa_known_random_key_block,
- FIPS_DSA_SEED_LENGTH);
- return (0);
-}
-
-static int
-fips_dsa_signature_func(void *buf, size_t buflen)
-{
- /* should not happen */
- if (buflen != FIPS_DSA_SEED_LENGTH)
- return (-1);
-
- (void) memcpy(buf, dsa_known_random_signature_block,
- FIPS_DSA_SEED_LENGTH);
- return (0);
-}
-
-int
-fips_dsa_genkey_pair(DSAbytekey *bkey)
-{
- return (dsa_genkey_pair(bkey));
-}
-
-int
-fips_dsa_digest_sign(DSAbytekey *bkey,
- uint8_t *in, uint32_t inlen, uint8_t *out)
-{
- CK_RV rv;
- SHA1_CTX *sha1_context;
- uint8_t sha1_computed_digest[FIPS_DSA_DIGEST_LENGTH];
-
- sha1_context = fips_sha1_build_context();
- if (sha1_context == NULL)
- return (CKR_HOST_MEMORY);
-
- /* hash the message: context is freed by the function */
- rv = fips_sha1_hash(sha1_context, in, inlen, sha1_computed_digest);
- if (rv != CKR_OK)
- return (rv);
-
- return (dsa_sign(bkey, sha1_computed_digest,
- FIPS_DSA_DIGEST_LENGTH, out));
-}
-
-int
-fips_dsa_verify(DSAbytekey *bkey, uint8_t *data, uint8_t *sig)
-{
- CK_RV rv;
- SHA1_CTX *sha1_context;
- uint8_t sha1_computed_digest[FIPS_DSA_DIGEST_LENGTH];
-
- sha1_context = fips_sha1_build_context();
- if (sha1_context == NULL)
- return (CKR_HOST_MEMORY);
-
- /* hash the message: context is freed by the function */
- rv = fips_sha1_hash(sha1_context, data, FIPS_DSA_DIGEST_LENGTH,
- sha1_computed_digest);
- if (rv != CKR_OK)
- return (rv);
-
- return (dsa_verify(bkey, sha1_computed_digest, sig));
-}
-
-/*
- * DSA Power-On SelfTest(s).
- */
-int
-fips_dsa_post(void)
-{
- DSAbytekey dsa_params;
- CK_RV rv;
- uint8_t dsa_computed_signature[FIPS_DSA_SIGNATURE_LENGTH];
- uint8_t pubvalue[FIPS_DSA_PRIME_LENGTH];
- uint8_t privalue[FIPS_DSA_SUBPRIME_LENGTH];
-
- /*
- * Generate a DSA public/private key pair.
- */
- dsa_params.prime = dsa_P;
- dsa_params.prime_bits = CRYPTO_BYTES2BITS(FIPS_DSA_PRIME_LENGTH);
- dsa_params.subprime = dsa_Q;
- dsa_params.subprime_bits = CRYPTO_BYTES2BITS(FIPS_DSA_SUBPRIME_LENGTH);
- dsa_params.base = dsa_G;
- dsa_params.base_bytes = FIPS_DSA_BASE_LENGTH;
-
- /* Output from DSA key pair generation */
- dsa_params.private_x = privalue;
- dsa_params.private_x_bits = CRYPTO_BYTES2BITS(sizeof (privalue));
- dsa_params.public_y = pubvalue;
- dsa_params.public_y_bits = CRYPTO_BYTES2BITS(sizeof (pubvalue));
-
- dsa_params.rfunc = fips_dsa_random_func;
-
- rv = fips_dsa_genkey_pair(&dsa_params);
- if (rv != CKR_OK)
- return (CKR_DEVICE_ERROR);
-
- /*
- * DSA Known Answer Signature Test
- */
-
- dsa_params.rfunc = fips_dsa_signature_func;
-
- /* Perform DSA signature process. */
- rv = fips_dsa_digest_sign(&dsa_params,
- dsa_known_digest, FIPS_DSA_DIGEST_LENGTH, dsa_computed_signature);
-
- if ((rv != CKR_OK) ||
- (memcmp(dsa_computed_signature, dsa_known_signature,
- FIPS_DSA_SIGNATURE_LENGTH) != 0)) {
- goto clean;
- }
-
- /*
- * DSA Known Answer Verification Test
- */
-
- /* Perform DSA verification process. */
- rv = fips_dsa_verify(&dsa_params,
- dsa_known_digest, dsa_computed_signature);
-
-clean:
- if (rv != CKR_OK)
- return (CKR_DEVICE_ERROR);
- else
- return (CKR_OK);
-}
diff --git a/usr/src/common/crypto/fips/fips_ecc_util.c b/usr/src/common/crypto/fips/fips_ecc_util.c
deleted file mode 100644
index 44fb03b703..0000000000
--- a/usr/src/common/crypto/fips/fips_ecc_util.c
+++ /dev/null
@@ -1,282 +0,0 @@
-/*
- * CDDL HEADER START
- *
- * The contents of this file are subject to the terms of the
- * Common Development and Distribution License (the "License").
- * You may not use this file except in compliance with the License.
- *
- * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
- * or http://www.opensolaris.org/os/licensing.
- * See the License for the specific language governing permissions
- * and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL HEADER in each
- * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
- * If applicable, add the following below this CDDL HEADER, with the
- * fields enclosed by brackets "[]" replaced with your own identifying
- * information: Portions Copyright [yyyy] [name of copyright owner]
- *
- * CDDL HEADER END
- */
-/*
- * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
- * Use is subject to license terms.
- */
-
-#include <sys/types.h>
-#include <sys/errno.h>
-#include <sys/fcntl.h>
-#include <sys/time.h>
-#include <sys/unistd.h>
-#include <sys/kmem.h>
-#include <sys/systm.h>
-#include <sys/sysmacros.h>
-#include <sys/crypto/common.h>
-#include <sys/cmn_err.h>
-#include <sys/sha1.h>
-#ifndef _KERNEL
-#include <stdlib.h>
-#include <string.h>
-#include <strings.h>
-#include <stdio.h>
-#include <security/cryptoki.h>
-#include "softMAC.h"
-#include "softEC.h"
-#endif
-#include <fips/fips_post.h>
-#include <ecc/ecc_impl.h>
-
-
-#define MAX_ECKEY_LEN 72
-#define SHA1_DIGEST_SIZE 20
-
-static void free_ecparams(ECParams *, boolean_t);
-static void free_ecprivkey(ECPrivateKey *);
-static void free_ecpubkey(ECPublicKey *);
-
-static int
-fips_ecdsa_sign_verify(uint8_t *encodedParams,
- unsigned int encodedParamsLen,
- uint8_t *knownSignature,
- unsigned int knownSignatureLen) {
-
- /* ECDSA Known Seed info for curves nistp256 */
- static uint8_t ecdsa_Known_Seed[] = {
- 0x6a, 0x9b, 0xf6, 0xf7, 0xce, 0xed, 0x79, 0x11,
- 0xf0, 0xc7, 0xc8, 0x9a, 0xa5, 0xd1, 0x57, 0xb1,
- 0x7b, 0x5a, 0x3b, 0x76, 0x4e, 0x7b, 0x7c, 0xbc,
- 0xf2, 0x76, 0x1c, 0x1c, 0x7f, 0xc5, 0x53, 0x2f
- };
-
- static uint8_t msg[] = {
- "Sun Microsystems Solaris is awesome!"
- };
-
- unsigned char sha1[SHA1_DIGEST_SIZE]; /* SHA-1 hash (160 bits) */
- unsigned char sig[2*MAX_ECKEY_LEN];
- SECItem signature, digest;
- SECItem encodedparams;
- ECParams *ecparams = NULL;
- ECPrivateKey *ecdsa_private_key = NULL;
- ECPublicKey ecdsa_public_key;
- SECStatus ecdsaStatus = SECSuccess;
- SHA1_CTX *sha1_context = NULL;
- int rv = CKR_DEVICE_ERROR;
-
- (void) memset(&ecdsa_public_key, 0, sizeof (ECPublicKey));
- /* construct the ECDSA private/public key pair */
- encodedparams.type = siBuffer;
- encodedparams.data = (unsigned char *) encodedParams;
- encodedparams.len = encodedParamsLen;
-
- if (EC_DecodeParams(&encodedparams, &ecparams, 0) != SECSuccess) {
- return (CKR_ARGUMENTS_BAD);
- }
-
- /*
- * Generates a new EC key pair. The private key is a supplied
- * random value (in seed) and the public key is the result of
- * performing a scalar point multiplication of that value with
- * the curve's base point.
- */
-
- ecdsaStatus = ec_NewKey(ecparams, &ecdsa_private_key,
- ecdsa_Known_Seed, sizeof (ecdsa_Known_Seed), 0);
-
- if (ecdsaStatus != SECSuccess) {
- goto loser;
- }
-
- /* construct public key from private key. */
- ecdsaStatus = EC_CopyParams(ecdsa_private_key->ecParams.arena,
- &ecdsa_public_key.ecParams, &ecdsa_private_key->ecParams);
-
- if (ecdsaStatus != SECSuccess) {
- goto loser;
- }
-
- ecdsa_public_key.publicValue = ecdsa_private_key->publicValue;
-
- /* validate public key value */
- ecdsaStatus = EC_ValidatePublicKey(&ecdsa_public_key.ecParams,
- &ecdsa_public_key.publicValue, 0);
-
- if (ecdsaStatus != SECSuccess) {
- goto loser;
- }
-
- /* validate public key value */
- ecdsaStatus = EC_ValidatePublicKey(&ecdsa_private_key->ecParams,
- &ecdsa_private_key->publicValue, 0);
-
- if (ecdsaStatus != SECSuccess) {
- goto loser;
- }
-
- /*
- * ECDSA Known Answer Signature Test.
- */
-#ifdef _KERNEL
- if ((sha1_context = kmem_zalloc(sizeof (SHA1_CTX),
- KM_SLEEP)) == NULL) {
-#else
- if ((sha1_context = malloc(sizeof (SHA1_CTX))) == NULL) {
-#endif
- ecdsaStatus = SECFailure;
- rv = CKR_HOST_MEMORY;
- goto loser;
- }
-
- SHA1Init(sha1_context);
-
-#ifdef __sparcv9
- SHA1Update(sha1_context, msg, (uint_t)sizeof (msg));
-#else /* !__sparcv9 */
- SHA1Update(sha1_context, msg, sizeof (msg));
-#endif /* __sparcv9 */
- SHA1Final(sha1, sha1_context);
-
- digest.type = siBuffer;
- digest.data = sha1;
- digest.len = SHA1_DIGEST_SIZE;
-
- (void) memset(sig, 0, sizeof (sig));
- signature.type = siBuffer;
- signature.data = sig;
- signature.len = sizeof (sig);
-
- ecdsaStatus = ECDSA_SignDigestWithSeed(ecdsa_private_key, &signature,
- &digest, ecdsa_Known_Seed, sizeof (ecdsa_Known_Seed), 0);
-
- if (ecdsaStatus != SECSuccess) {
- goto loser;
- }
-
- if ((signature.len != knownSignatureLen) ||
- (memcmp(signature.data, knownSignature,
- knownSignatureLen) != 0)) {
- ecdsaStatus = SECFailure;
- goto loser;
- }
-
- /*
- * ECDSA Known Answer Verification Test.
- */
- ecdsaStatus = ECDSA_VerifyDigest(&ecdsa_public_key, &signature,
- &digest, 0);
-
-loser:
- if (ecdsa_public_key.publicValue.data != NULL)
- free_ecpubkey(&ecdsa_public_key);
- if (ecdsa_private_key != NULL)
- free_ecprivkey(ecdsa_private_key);
- free_ecparams(ecparams, B_TRUE);
-
- if (sha1_context != NULL)
-#ifdef _KERNEL
- kmem_free(sha1_context, sizeof (SHA1_CTX));
-#else
- free(sha1_context);
-#endif
-
- if (ecdsaStatus != SECSuccess) {
- return (rv);
- }
-
- return (CKR_OK);
-}
-
-int
-fips_ecdsa_post() {
-
- /* ECDSA Known curve nistp256 == SEC_OID_SECG_EC_SECP256R1 params */
- static uint8_t ecdsa_known_P256_EncodedParams[] = {
- 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03,
- 0x01, 0x07
- };
-
- static uint8_t ecdsa_known_P256_signature[] = {
- 0x07, 0xb1, 0xcb, 0x57, 0x20, 0xa7, 0x10, 0xd6,
- 0x9d, 0x37, 0x4b, 0x1c, 0xdc, 0x35, 0x90, 0xff,
- 0x1a, 0x2d, 0x98, 0x95, 0x1b, 0x2f, 0xeb, 0x7f,
- 0xbb, 0x81, 0xca, 0xc0, 0x69, 0x75, 0xea, 0xc5,
- 0x2b, 0xdb, 0x86, 0x76, 0xe7, 0x32, 0xba, 0x13,
- 0x03, 0x7f, 0x7f, 0x92, 0x77, 0xd8, 0x35, 0xfe,
- 0x99, 0xb4, 0xb7, 0x85, 0x5a, 0xfb, 0xfb, 0xce,
- 0x5d, 0x0e, 0xbc, 0x01, 0xfa, 0x44, 0x97, 0x7e
- };
-
- int rv;
-
- /* ECDSA GF(p) prime field curve test */
- rv = fips_ecdsa_sign_verify(ecdsa_known_P256_EncodedParams,
- sizeof (ecdsa_known_P256_EncodedParams),
- ecdsa_known_P256_signature,
- sizeof (ecdsa_known_P256_signature));
-
- if (rv != CKR_OK) {
- return (CKR_DEVICE_ERROR);
- }
-
- return (CKR_OK);
-}
-
-static void
-free_ecparams(ECParams *params, boolean_t freeit)
-{
- SECITEM_FreeItem(&params->fieldID.u.prime, B_FALSE);
- SECITEM_FreeItem(&params->curve.a, B_FALSE);
- SECITEM_FreeItem(&params->curve.b, B_FALSE);
- SECITEM_FreeItem(&params->curve.seed, B_FALSE);
- SECITEM_FreeItem(&params->base, B_FALSE);
- SECITEM_FreeItem(&params->order, B_FALSE);
- SECITEM_FreeItem(&params->DEREncoding, B_FALSE);
- SECITEM_FreeItem(&params->curveOID, B_FALSE);
- if (freeit)
-#ifdef _KERNEL
- kmem_free(params, sizeof (ECParams));
-#else
- free(params);
-#endif
-}
-
-static void
-free_ecprivkey(ECPrivateKey *key)
-{
- free_ecparams(&key->ecParams, B_FALSE);
- SECITEM_FreeItem(&key->publicValue, B_FALSE);
- bzero(key->privateValue.data, key->privateValue.len);
- SECITEM_FreeItem(&key->privateValue, B_FALSE);
- SECITEM_FreeItem(&key->version, B_FALSE);
-#ifdef _KERNEL
- kmem_free(key, sizeof (ECPrivateKey));
-#else
- free(key);
-#endif
-}
-
-static void
-free_ecpubkey(ECPublicKey *key)
-{
- free_ecparams(&key->ecParams, B_FALSE);
-}
diff --git a/usr/src/common/crypto/fips/fips_post.h b/usr/src/common/crypto/fips/fips_post.h
deleted file mode 100644
index 9ffce87838..0000000000
--- a/usr/src/common/crypto/fips/fips_post.h
+++ /dev/null
@@ -1,63 +0,0 @@
-/*
- * CDDL HEADER START
- *
- * The contents of this file are subject to the terms of the
- * Common Development and Distribution License (the "License").
- * You may not use this file except in compliance with the License.
- *
- * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
- * or http://www.opensolaris.org/os/licensing.
- * See the License for the specific language governing permissions
- * and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL HEADER in each
- * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
- * If applicable, add the following below this CDDL HEADER, with the
- * fields enclosed by brackets "[]" replaced with your own identifying
- * information: Portions Copyright [yyyy] [name of copyright owner]
- *
- * CDDL HEADER END
- */
-
-/*
- * Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
- */
-
-#ifndef _FIPS_POST_H
-#define _FIPS_POST_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define FIPS_KNOWN_HMAC_MESSAGE_LENGTH 64 /* 512-bits */
-
-#ifdef _KERNEL
-
-#define CK_BYTE uchar_t
-#define CK_ULONG ulong_t
-#define CK_RV int
-
-#define CKR_OK CRYPTO_SUCCESS
-#define CKR_HOST_MEMORY CRYPTO_HOST_MEMORY
-#define CKR_DEVICE_ERROR CRYPTO_DEVICE_ERROR
-#define CKR_DATA_LEN_RANGE CRYPTO_DATA_LEN_RANGE
-#define CKR_ENCRYPTED_DATA_LEN_RANGE CRYPTO_ENCRYPTED_DATA_LEN_RANGE
-#define CKR_ENCRYPTED_DATA_INVALID CRYPTO_ENCRYPTED_DATA_INVALID
-#define CKR_SIGNATURE_INVALID CRYPTO_SIGNATURE_INVALID
-#define CKR_SIGNATURE_LEN_RANGE CRYPTO_SIGNATURE_LEN_RANGE
-#define CKR_ARGUMENTS_BAD CRYPTO_ARGUMENTS_BAD
-
-#else
-
-#define FIPS_RNG_XKEY_LENGTH 32 /* 256-bits */
-#define PAIRWISE_DIGEST_LENGTH 20 /* 160-bits */
-#define PAIRWISE_MESSAGE_LENGTH 20 /* 160-bits */
-
-#endif /* _KERNEL */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* _FIPS_POST_H */
diff --git a/usr/src/common/crypto/fips/fips_random_util.c b/usr/src/common/crypto/fips/fips_random_util.c
deleted file mode 100644
index 3a162d4dcb..0000000000
--- a/usr/src/common/crypto/fips/fips_random_util.c
+++ /dev/null
@@ -1,89 +0,0 @@
-/*
- * CDDL HEADER START
- *
- * The contents of this file are subject to the terms of the
- * Common Development and Distribution License (the "License").
- * You may not use this file except in compliance with the License.
- *
- * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
- * or http://www.opensolaris.org/os/licensing.
- * See the License for the specific language governing permissions
- * and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL HEADER in each
- * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
- * If applicable, add the following below this CDDL HEADER, with the
- * fields enclosed by brackets "[]" replaced with your own identifying
- * information: Portions Copyright [yyyy] [name of copyright owner]
- *
- * CDDL HEADER END
- */
-/*
- * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
- * Use is subject to license terms.
- */
-
-#include <sys/types.h>
-#include <sys/param.h>
-#include <sys/errno.h>
-#include <sys/kmem.h>
-#include <sys/systm.h>
-#include <sys/sha1.h>
-#include <sys/crypto/common.h>
-#include <sys/cmn_err.h>
-#ifndef _KERNEL
-#include <stdlib.h>
-#include <string.h>
-#include <strings.h>
-#include <stdio.h>
-#include <security/cryptoki.h>
-#include <cryptoutil.h>
-#include "softMAC.h"
-#endif
-#include <rng/fips_random.h>
-
-
-int
-fips_rng_post(void)
-{
- static uint8_t XKeyValue[] = {
- 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00
- };
-
- static uint8_t XSeed[] = {
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00
- };
-
- static uint8_t rng_known_GENX[] = {
- 0xda, 0x39, 0xa3, 0xee, 0x5e, 0x6b, 0x4b, 0x0d,
- 0x32, 0x55, 0xbf, 0xef, 0x95, 0x60, 0x18, 0x90,
- 0xaf, 0xd8, 0x07, 0x09
- };
-
- uint8_t GENX[SHA1_HASH_SIZE];
- uint8_t XKey[SHA1_HASH_SIZE];
-
- (void) memcpy(XKey, XKeyValue, SHA1_HASH_SIZE);
-
- /* Generate X with a known seed. */
- fips_random_inner(
- /* LINTED E_BAD_PTR_CAST_ALIGN */
- (uint32_t *)
- XKey,
- /* LINTED E_BAD_PTR_CAST_ALIGN */
- (uint32_t *)
- GENX,
- /* LINTED E_BAD_PTR_CAST_ALIGN */
- (uint32_t *)
- XSeed);
-
- /* Verify GENX to perform the RNG integrity check */
- if ((memcmp(GENX, rng_known_GENX, (SHA1_HASH_SIZE)) != 0))
- return (CKR_DEVICE_ERROR);
- else
- return (CKR_OK);
-}
diff --git a/usr/src/common/crypto/fips/fips_rsa_util.c b/usr/src/common/crypto/fips/fips_rsa_util.c
deleted file mode 100644
index 7cb121b92f..0000000000
--- a/usr/src/common/crypto/fips/fips_rsa_util.c
+++ /dev/null
@@ -1,675 +0,0 @@
-/*
- * CDDL HEADER START
- *
- * The contents of this file are subject to the terms of the
- * Common Development and Distribution License (the "License").
- * You may not use this file except in compliance with the License.
- *
- * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
- * or http://www.opensolaris.org/os/licensing.
- * See the License for the specific language governing permissions
- * and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL HEADER in each
- * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
- * If applicable, add the following below this CDDL HEADER, with the
- * fields enclosed by brackets "[]" replaced with your own identifying
- * information: Portions Copyright [yyyy] [name of copyright owner]
- *
- * CDDL HEADER END
- */
-
-/*
- * Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
- */
-
-#include <sys/types.h>
-#include <sys/sha1.h>
-#define _SHA2_IMPL
-#include <sys/sha2.h>
-
-#ifdef _KERNEL
-
-#include <sys/param.h>
-#include <sys/kmem.h>
-
-#else
-
-#include <strings.h>
-#include <cryptoutil.h>
-#include "softMAC.h"
-
-#include <security/cryptoki.h>
-#include <sys/crypto/common.h>
-
-#endif
-
-#include <padding/padding.h>
-#include <sha2/sha2_impl.h>
-#define _RSA_FIPS_POST
-#include <rsa/rsa_impl.h>
-
-int
-fips_rsa_encrypt(RSAPrivateKey_t *key, uint8_t *in, int in_len, uint8_t *out)
-{
- return (rsa_encrypt(&(key->bkey), in, in_len, out));
-}
-
-int
-fips_rsa_decrypt(RSAPrivateKey_t *key, uint8_t *in, int in_len,
- uint8_t *out)
-{
- return (rsa_decrypt(&(key->bkey), in, in_len, out));
-}
-
-static CK_RV
-#ifdef _KERNEL
-fips_rsa_sign_verify_test(sha2_mech_t mechanism,
-#else
-fips_rsa_sign_verify_test(CK_MECHANISM_TYPE mechanism,
-#endif
- RSAPrivateKey_t *rsa_private_key,
- unsigned char *rsa_known_msg,
- unsigned int rsa_msg_length,
- unsigned char *rsa_computed_signature,
- unsigned char *der_data, int sign)
-
-{
- unsigned char hash[SHA512_DIGEST_LENGTH]; /* SHA digest */
- SHA1_CTX *sha1_context = NULL;
- SHA2_CTX *sha2_context = NULL;
- int hash_len;
- CK_RV rv;
- CK_ULONG der_len;
- CK_BYTE *der_prefix;
- CK_ULONG der_data_len;
- CK_BYTE plain_data[MAX_RSA_KEYLENGTH_IN_BYTES];
- uint32_t modulus_len;
-
- switch (mechanism) {
-#ifdef _KERNEL
- case SHA1_TYPE:
-#else
- case CKM_SHA_1:
-#endif
- {
-
-#ifdef _KERNEL
- if ((sha1_context = kmem_zalloc(sizeof (SHA1_CTX),
- KM_SLEEP)) == NULL)
-#else
- if ((sha1_context = malloc(sizeof (SHA1_CTX))) == NULL)
-#endif
- return (CKR_HOST_MEMORY);
-
- SHA1Init(sha1_context);
-
-#ifdef __sparcv9
- SHA1Update(sha1_context, rsa_known_msg,
- (uint_t)rsa_msg_length);
-#else /* !__sparcv9 */
- SHA1Update(sha1_context, rsa_known_msg, rsa_msg_length);
-#endif /* __sparcv9 */
- SHA1Final(hash, sha1_context);
-
- hash_len = SHA1_DIGEST_LENGTH;
-
- /*
- * Prepare the DER encoding of the DigestInfo value
- * by setting it to:
- * <MECH>_DER_PREFIX || H
- */
- der_len = SHA1_DER_PREFIX_Len;
- der_prefix = (CK_BYTE *)SHA1_DER_PREFIX;
- (void) memcpy(der_data, der_prefix, der_len);
- (void) memcpy(der_data + der_len, hash, hash_len);
- der_data_len = der_len + hash_len;
-#ifdef _KERNEL
- kmem_free(sha1_context, sizeof (SHA1_CTX));
-#else
- free(sha1_context);
-#endif
- break;
- }
-
-#ifdef _KERNEL
- case SHA256_TYPE:
-#else
- case CKM_SHA256:
-#endif
- {
-
- sha2_context = fips_sha2_build_context(mechanism);
- if (sha2_context == NULL)
- return (CKR_HOST_MEMORY);
-
- rv = fips_sha2_hash(sha2_context, rsa_known_msg,
- rsa_msg_length, hash);
- hash_len = SHA256_DIGEST_LENGTH;
-
- /*
- * Prepare the DER encoding of the DigestInfo value
- * by setting it to:
- * <MECH>_DER_PREFIX || H
- */
- (void) memcpy(der_data, SHA256_DER_PREFIX,
- SHA2_DER_PREFIX_Len);
- (void) memcpy(der_data + SHA2_DER_PREFIX_Len, hash, hash_len);
- der_data_len = SHA2_DER_PREFIX_Len + hash_len;
- break;
- }
-#ifdef _KERNEL
- case SHA384_TYPE:
-#else
- case CKM_SHA384:
-#endif
- {
-
- sha2_context = fips_sha2_build_context(mechanism);
- if (sha2_context == NULL)
- return (CKR_HOST_MEMORY);
-
- rv = fips_sha2_hash(sha2_context, rsa_known_msg,
- rsa_msg_length, hash);
- hash_len = SHA384_DIGEST_LENGTH;
-
- /*
- * Prepare the DER encoding of the DigestInfo value
- * by setting it to:
- * <MECH>_DER_PREFIX || H
- */
- (void) memcpy(der_data, SHA384_DER_PREFIX,
- SHA2_DER_PREFIX_Len);
- (void) memcpy(der_data + SHA2_DER_PREFIX_Len, hash, hash_len);
- der_data_len = SHA2_DER_PREFIX_Len + hash_len;
- break;
- }
-#ifdef _KERNEL
- case SHA512_TYPE:
-#else
- case CKM_SHA512:
-#endif
- {
-
- sha2_context = fips_sha2_build_context(mechanism);
- if (sha2_context == NULL)
- return (CKR_HOST_MEMORY);
-
- rv = fips_sha2_hash(sha2_context, rsa_known_msg,
- rsa_msg_length, hash);
- hash_len = SHA512_DIGEST_LENGTH;
-
- /*
- * Prepare the DER encoding of the DigestInfo value
- * by setting it to:
- * <MECH>_DER_PREFIX || H
- */
- (void) memcpy(der_data, SHA512_DER_PREFIX,
- SHA2_DER_PREFIX_Len);
- (void) memcpy(der_data + SHA2_DER_PREFIX_Len, hash, hash_len);
- der_data_len = SHA2_DER_PREFIX_Len + hash_len;
- break;
- }
- }
-
- modulus_len = CRYPTO_BITS2BYTES(rsa_private_key->bkey.modulus_bits);
-
- if (sign) {
- rv = pkcs1_encode(PKCS1_SIGN, der_data, der_data_len,
- plain_data, modulus_len);
-
- if (rv != CKR_OK) {
- return (CKR_DEVICE_ERROR);
- }
-
- /* Sign operation uses decryption with private key */
- rv = fips_rsa_decrypt(rsa_private_key, plain_data, modulus_len,
- rsa_computed_signature);
-
- if (rv != CKR_OK) {
- return (CKR_DEVICE_ERROR);
- }
- } else {
- /*
- * Perform RSA decryption with the signer's RSA public key
- * for verification process.
- */
- rv = fips_rsa_encrypt(rsa_private_key, rsa_computed_signature,
- modulus_len, plain_data);
-
- if (rv == CKR_OK) {
-
- /*
- * Strip off the encoded padding bytes in front of the
- * recovered data, then compare the recovered data with
- * the original data.
- */
- size_t data_len = modulus_len;
-
- rv = pkcs1_decode(PKCS1_VERIFY, plain_data, &data_len);
- if (rv != CKR_OK) {
- return (CKR_DEVICE_ERROR);
- }
-
- if ((CK_ULONG)data_len != der_data_len) {
- return (CKR_SIGNATURE_LEN_RANGE);
- } else if (memcmp(der_data,
- &plain_data[modulus_len - data_len],
- data_len) != 0) {
- return (CKR_SIGNATURE_INVALID);
- }
- } else {
-
- return (CKR_DEVICE_ERROR);
- }
- }
- return (CKR_OK);
-}
-
-
-/*
- * RSA Power-On SelfTest(s).
- */
-int
-fips_rsa_post(void)
-{
- /*
- * RSA Known Modulus used in both Public/Private Key Values (1024-bits).
- */
- static uint8_t rsa_modulus[FIPS_RSA_MODULUS_LENGTH] = {
- 0xd5, 0x84, 0x95, 0x07, 0xf4, 0xd0, 0x1f, 0x82,
- 0xf3, 0x79, 0xf4, 0x99, 0x48, 0x10, 0xe1, 0x71,
- 0xa5, 0x62, 0x22, 0xa3, 0x4b, 0x00, 0xe3, 0x5b,
- 0x3a, 0xcc, 0x10, 0x83, 0xe0, 0xaf, 0x61, 0x13,
- 0x54, 0x6a, 0xa2, 0x6a, 0x2c, 0x5e, 0xb3, 0xcc,
- 0xa3, 0x71, 0x9a, 0xb2, 0x3e, 0x78, 0xec, 0xb5,
- 0x0e, 0x6e, 0x31, 0x3b, 0x77, 0x1f, 0x6e, 0x94,
- 0x41, 0x60, 0xd5, 0x6e, 0xd9, 0xc6, 0xf9, 0x29,
- 0xc3, 0x40, 0x36, 0x25, 0xdb, 0xea, 0x0b, 0x07,
- 0xae, 0x76, 0xfd, 0x99, 0x29, 0xf4, 0x22, 0xc1,
- 0x1a, 0x8f, 0x05, 0xfe, 0x98, 0x09, 0x07, 0x05,
- 0xc2, 0x0f, 0x0b, 0x11, 0x83, 0x39, 0xca, 0xc7,
- 0x43, 0x63, 0xff, 0x33, 0x80, 0xe7, 0xc3, 0x78,
- 0xae, 0xf1, 0x73, 0x52, 0x98, 0x1d, 0xde, 0x5c,
- 0x53, 0x6e, 0x01, 0x73, 0x0d, 0x12, 0x7e, 0x77,
- 0x03, 0xf1, 0xef, 0x1b, 0xc8, 0xa8, 0x0f, 0x97
- };
-
- /* RSA Known Public Key Values (24-bits). */
- static uint8_t rsa_public_exponent[FIPS_RSA_PUBLIC_EXPONENT_LENGTH] = {
- 0x01, 0x00, 0x01
- };
-
- /*
- * RSA Known Private Key Values (version is 8-bits),
- * (private exponent is 1024-bits),
- * (private prime0 is 512-bits),
- * (private prime1 is 512-bits),
- * (private prime exponent0 is 512-bits),
- * (private prime exponent1 is 512-bits),
- * and (private coefficient is 512-bits).
- */
- static uint8_t rsa_version[] = { 0x00 };
-
- static uint8_t rsa_private_exponent[FIPS_RSA_PRIVATE_EXPONENT_LENGTH]
- = {
- 0x85, 0x27, 0x47, 0x61, 0x4c, 0xd4, 0xb5, 0xb2,
- 0x0e, 0x70, 0x91, 0x8f, 0x3d, 0x97, 0xf9, 0x5f,
- 0xcc, 0x09, 0x65, 0x1c, 0x7c, 0x5b, 0xb3, 0x6d,
- 0x63, 0x3f, 0x7b, 0x55, 0x22, 0xbb, 0x7c, 0x48,
- 0x77, 0xae, 0x80, 0x56, 0xc2, 0x10, 0xd5, 0x03,
- 0xdb, 0x31, 0xaf, 0x8d, 0x54, 0xd4, 0x48, 0x99,
- 0xa8, 0xc4, 0x23, 0x43, 0xb8, 0x48, 0x0b, 0xc7,
- 0xbc, 0xf5, 0xcc, 0x64, 0x72, 0xbf, 0x59, 0x06,
- 0x04, 0x1c, 0x32, 0xf5, 0x14, 0x2e, 0x6e, 0xe2,
- 0x0f, 0x5c, 0xde, 0x36, 0x3c, 0x6e, 0x7c, 0x4d,
- 0xcc, 0xd3, 0x00, 0x6e, 0xe5, 0x45, 0x46, 0xef,
- 0x4d, 0x25, 0x46, 0x6d, 0x7f, 0xed, 0xbb, 0x4f,
- 0x4d, 0x9f, 0xda, 0x87, 0x47, 0x8f, 0x74, 0x44,
- 0xb7, 0xbe, 0x9d, 0xf5, 0xdd, 0xd2, 0x4c, 0xa5,
- 0xab, 0x74, 0xe5, 0x29, 0xa1, 0xd2, 0x45, 0x3b,
- 0x33, 0xde, 0xd5, 0xae, 0xf7, 0x03, 0x10, 0x21
- };
-
- static uint8_t rsa_prime0[FIPS_RSA_PRIME0_LENGTH] = {
- 0xf9, 0x74, 0x8f, 0x16, 0x02, 0x6b, 0xa0, 0xee,
- 0x7f, 0x28, 0x97, 0x91, 0xdc, 0xec, 0xc0, 0x7c,
- 0x49, 0xc2, 0x85, 0x76, 0xee, 0x66, 0x74, 0x2d,
- 0x1a, 0xb8, 0xf7, 0x2f, 0x11, 0x5b, 0x36, 0xd8,
- 0x46, 0x33, 0x3b, 0xd8, 0xf3, 0x2d, 0xa1, 0x03,
- 0x83, 0x2b, 0xec, 0x35, 0x43, 0x32, 0xff, 0xdd,
- 0x81, 0x7c, 0xfd, 0x65, 0x13, 0x04, 0x7c, 0xfc,
- 0x03, 0x97, 0xf0, 0xd5, 0x62, 0xdc, 0x0d, 0xbf
- };
-
- static uint8_t rsa_prime1[FIPS_RSA_PRIME1_LENGTH] = {
- 0xdb, 0x1e, 0xa7, 0x3d, 0xe7, 0xfa, 0x8b, 0x04,
- 0x83, 0x48, 0xf3, 0xa5, 0x31, 0x9d, 0x35, 0x5e,
- 0x4d, 0x54, 0x77, 0xcc, 0x84, 0x09, 0xf3, 0x11,
- 0x0d, 0x54, 0xed, 0x85, 0x39, 0xa9, 0xca, 0xa8,
- 0xea, 0xae, 0x19, 0x9c, 0x75, 0xdb, 0x88, 0xb8,
- 0x04, 0x8d, 0x54, 0xc6, 0xa4, 0x80, 0xf8, 0x93,
- 0xf0, 0xdb, 0x19, 0xef, 0xd7, 0x87, 0x8a, 0x8f,
- 0x5a, 0x09, 0x2e, 0x54, 0xf3, 0x45, 0x24, 0x29
- };
-
- static uint8_t rsa_exponent0[FIPS_RSA_EXPONENT0_LENGTH] = {
- 0x6a, 0xd1, 0x25, 0x80, 0x18, 0x33, 0x3c, 0x2b,
- 0x44, 0x19, 0xfe, 0xa5, 0x40, 0x03, 0xc4, 0xfc,
- 0xb3, 0x9c, 0xef, 0x07, 0x99, 0x58, 0x17, 0xc1,
- 0x44, 0xa3, 0x15, 0x7d, 0x7b, 0x22, 0x22, 0xdf,
- 0x03, 0x58, 0x66, 0xf5, 0x24, 0x54, 0x52, 0x91,
- 0x2d, 0x76, 0xfe, 0x63, 0x64, 0x4e, 0x0f, 0x50,
- 0x2b, 0x65, 0x79, 0x1f, 0xf1, 0xbf, 0xc7, 0x41,
- 0x26, 0xcc, 0xc6, 0x1c, 0xa9, 0x83, 0x6f, 0x03
- };
-
- static uint8_t rsa_exponent1[FIPS_RSA_EXPONENT1_LENGTH] = {
- 0x12, 0x84, 0x1a, 0x99, 0xce, 0x9a, 0x8b, 0x58,
- 0xcc, 0x47, 0x43, 0xdf, 0x77, 0xbb, 0xd3, 0x20,
- 0xae, 0xe4, 0x2e, 0x63, 0x67, 0xdc, 0xf7, 0x5f,
- 0x3f, 0x83, 0x27, 0xb7, 0x14, 0x52, 0x56, 0xbf,
- 0xc3, 0x65, 0x06, 0xe1, 0x03, 0xcc, 0x93, 0x57,
- 0x09, 0x7b, 0x6f, 0xe8, 0x81, 0x4a, 0x2c, 0xb7,
- 0x43, 0xa9, 0x20, 0x1d, 0xf6, 0x56, 0x8b, 0xcc,
- 0xe5, 0x4c, 0xd5, 0x4f, 0x74, 0x67, 0x29, 0x51
- };
-
- static uint8_t rsa_coefficient[FIPS_RSA_COEFFICIENT_LENGTH] = {
- 0x23, 0xab, 0xf4, 0x03, 0x2f, 0x29, 0x95, 0x74,
- 0xac, 0x1a, 0x33, 0x96, 0x62, 0xed, 0xf7, 0xf6,
- 0xae, 0x07, 0x2a, 0x2e, 0xe8, 0xab, 0xfb, 0x1e,
- 0xb9, 0xb2, 0x88, 0x1e, 0x85, 0x05, 0x42, 0x64,
- 0x03, 0xb2, 0x8b, 0xc1, 0x81, 0x75, 0xd7, 0xba,
- 0xaa, 0xd4, 0x31, 0x3c, 0x8a, 0x96, 0x23, 0x9d,
- 0x3f, 0x06, 0x3e, 0x44, 0xa9, 0x62, 0x2f, 0x61,
- 0x5a, 0x51, 0x82, 0x2c, 0x04, 0x85, 0x73, 0xd1
- };
-
- /* RSA Known Plaintext Message (1024-bits). */
- static uint8_t rsa_known_plaintext_msg[FIPS_RSA_MESSAGE_LENGTH] = {
- "Known plaintext message utilized"
- "for RSA Encryption & Decryption"
- "block, SHA1, SHA256, SHA384 and"
- "SHA512 RSA Signature KAT tests."
- };
-
- /* RSA Known Ciphertext (1024-bits). */
- static uint8_t rsa_known_ciphertext[] = {
- 0x1e, 0x7e, 0x12, 0xbb, 0x15, 0x62, 0xd0, 0x23,
- 0x53, 0x4c, 0x51, 0x97, 0x77, 0x06, 0xa0, 0xbb,
- 0x26, 0x99, 0x9a, 0x8f, 0x39, 0xad, 0x88, 0x5c,
- 0xc4, 0xce, 0x33, 0x40, 0x94, 0x92, 0xb4, 0x0e,
- 0xab, 0x71, 0xa9, 0x5d, 0x9a, 0x37, 0xe3, 0x9a,
- 0x24, 0x95, 0x13, 0xea, 0x0f, 0xbb, 0xf7, 0xff,
- 0xdf, 0x31, 0x33, 0x23, 0x1d, 0xce, 0x26, 0x9e,
- 0xd1, 0xde, 0x98, 0x40, 0xde, 0x57, 0x86, 0x12,
- 0xf1, 0xe6, 0x5a, 0x3f, 0x08, 0x02, 0x81, 0x85,
- 0xe0, 0xd9, 0xad, 0x3c, 0x8c, 0x71, 0xf8, 0xcf,
- 0x0a, 0x98, 0xc5, 0x08, 0xdc, 0xc4, 0xca, 0x8c,
- 0x23, 0x1b, 0x4d, 0x9b, 0xb5, 0x13, 0x44, 0xe1,
- 0x5f, 0xf9, 0x30, 0x80, 0x25, 0xe0, 0x1e, 0x94,
- 0xa3, 0x0c, 0xdc, 0x82, 0x2e, 0xfb, 0x30, 0xbe,
- 0x89, 0xba, 0x76, 0xb6, 0x23, 0xf7, 0xda, 0x7c,
- 0xca, 0xe6, 0x02, 0xbd, 0x92, 0xce, 0x64, 0xfc
- };
-
- /* RSA Known Signed Hash (1024-bits). */
- static uint8_t rsa_known_sha1_signature[] = {
- 0xd2, 0xa4, 0xe0, 0x2b, 0xc7, 0x03, 0x7f, 0xc6,
- 0x06, 0x9e, 0xa2, 0x82, 0x19, 0xe9, 0x2b, 0xaf,
- 0xe3, 0x48, 0x88, 0xc1, 0xf3, 0xb5, 0x0d, 0xe4,
- 0x52, 0x9e, 0xad, 0xd5, 0x58, 0xb5, 0x9f, 0xe8,
- 0x40, 0xe9, 0xb7, 0x2e, 0xc6, 0x71, 0x58, 0x56,
- 0x04, 0xac, 0xb0, 0xf3, 0x3a, 0x42, 0x38, 0x08,
- 0xc4, 0x43, 0x39, 0xba, 0x19, 0xce, 0xb1, 0x99,
- 0xf1, 0x8d, 0x89, 0xd8, 0x50, 0x07, 0x14, 0x3d,
- 0xcf, 0xd0, 0xb6, 0x79, 0xde, 0x9c, 0x89, 0x32,
- 0xb0, 0x73, 0x3f, 0xed, 0x03, 0x0b, 0xdf, 0x6d,
- 0x7e, 0xc9, 0x1c, 0x39, 0xe8, 0x2b, 0x16, 0x09,
- 0xbb, 0x5f, 0x99, 0x2f, 0xeb, 0xf3, 0x37, 0x73,
- 0x0d, 0x0e, 0xcc, 0x95, 0xad, 0x90, 0x80, 0x03,
- 0x1d, 0x80, 0x55, 0x37, 0xa1, 0x2a, 0x71, 0x76,
- 0x23, 0x87, 0x8c, 0x9b, 0x41, 0x07, 0xc6, 0x3d,
- 0xc6, 0xa3, 0x7d, 0x1b, 0xff, 0x4e, 0x11, 0x19
- };
-
- /* RSA Known Signed Hash (1024-bits). */
- static uint8_t rsa_known_sha256_signature[] = {
- 0x27, 0x35, 0xdd, 0xc4, 0xf8, 0xe2, 0x0b, 0xa3,
- 0xef, 0x63, 0x57, 0x3b, 0xe1, 0x58, 0x9a, 0xbc,
- 0x20, 0x9c, 0x25, 0x12, 0x01, 0xbf, 0xbb, 0x29,
- 0x80, 0x1a, 0xb1, 0x37, 0x9c, 0xcd, 0x67, 0xc7,
- 0x0d, 0xf8, 0x64, 0x10, 0x9f, 0xe2, 0xa1, 0x9b,
- 0x21, 0x90, 0xcc, 0xda, 0x8b, 0x76, 0x5e, 0x79,
- 0x00, 0x9d, 0x58, 0x8b, 0x8a, 0xb3, 0xc3, 0xb5,
- 0xf1, 0x54, 0xc5, 0x8c, 0x72, 0xba, 0xde, 0x51,
- 0x3c, 0x6b, 0x94, 0xd6, 0xf3, 0x1b, 0xa2, 0x53,
- 0xe6, 0x1a, 0x46, 0x1d, 0x7f, 0x14, 0x86, 0xcc,
- 0xa6, 0x30, 0x92, 0x96, 0xc0, 0x96, 0x24, 0xf0,
- 0x42, 0x53, 0x4c, 0xdd, 0x27, 0xdf, 0x1d, 0x2e,
- 0x8b, 0x83, 0xbe, 0xed, 0x85, 0x1d, 0x50, 0x46,
- 0xa3, 0x7d, 0x20, 0xea, 0x3e, 0x91, 0xfb, 0xf6,
- 0x86, 0x51, 0xfd, 0x8c, 0xe5, 0x31, 0xe6, 0x7e,
- 0x60, 0x08, 0x0e, 0xec, 0xa6, 0xea, 0x24, 0x8d
- };
-
- /* RSA Known Signed Hash (1024-bits). */
- static uint8_t rsa_known_sha384_signature[] = {
- 0x0b, 0x03, 0x94, 0x4f, 0x94, 0x78, 0x9b, 0x96,
- 0x76, 0xeb, 0x72, 0x58, 0xe1, 0xc5, 0xc7, 0x5f,
- 0x85, 0x01, 0xa8, 0xc4, 0xf6, 0x1a, 0xb5, 0x2c,
- 0xd1, 0xd8, 0x87, 0xde, 0x3a, 0x9c, 0x9f, 0x57,
- 0x81, 0x2a, 0x1e, 0x23, 0x07, 0x70, 0xb0, 0xf9,
- 0x28, 0x3d, 0xfa, 0xe5, 0x2e, 0x1b, 0x9a, 0x72,
- 0xc3, 0x74, 0xb3, 0x42, 0x1c, 0x9a, 0x13, 0xdc,
- 0xc9, 0xd6, 0xd5, 0x88, 0xc9, 0x9c, 0x46, 0xf1,
- 0x0c, 0xa6, 0xf7, 0xd8, 0x06, 0xa3, 0x1b, 0xdf,
- 0x55, 0xb3, 0x1b, 0x7b, 0x58, 0x1d, 0xff, 0x19,
- 0xc7, 0xe0, 0xdd, 0x59, 0xac, 0x2f, 0x78, 0x71,
- 0xe7, 0xe0, 0x17, 0xa3, 0x1c, 0x5c, 0x92, 0xef,
- 0xb6, 0x75, 0xed, 0xbe, 0x18, 0x39, 0x6b, 0xd7,
- 0xc9, 0x08, 0x62, 0x55, 0x62, 0xac, 0x5d, 0xa1,
- 0x9b, 0xd5, 0xb8, 0x98, 0x15, 0xc0, 0xf5, 0x41,
- 0x85, 0x44, 0x96, 0xca, 0x10, 0xdc, 0x57, 0x21
- };
-
- /* RSA Known Signed Hash (1024-bits). */
- static uint8_t rsa_known_sha512_signature[] = {
- 0xa5, 0xd0, 0x80, 0x04, 0x22, 0xfc, 0x80, 0x73,
- 0x7d, 0x46, 0xc8, 0x7b, 0xac, 0x44, 0x7b, 0xe6,
- 0x07, 0xe5, 0x61, 0x4c, 0x33, 0x7f, 0x6f, 0x46,
- 0x7c, 0x30, 0xe3, 0x75, 0x59, 0x4b, 0x42, 0xf3,
- 0x9f, 0x35, 0x3c, 0x10, 0x56, 0xdb, 0xd2, 0x69,
- 0x43, 0xcb, 0x77, 0xe9, 0x7d, 0xcd, 0x07, 0x43,
- 0xc5, 0xd4, 0x0c, 0x9d, 0xf5, 0x92, 0xbd, 0x0e,
- 0x3b, 0xb7, 0x68, 0x88, 0x84, 0xca, 0xae, 0x0d,
- 0xab, 0x71, 0x10, 0xad, 0xab, 0x27, 0xe4, 0xa3,
- 0x24, 0x41, 0xeb, 0x1c, 0xa6, 0x5f, 0xf1, 0x85,
- 0xd0, 0xf6, 0x22, 0x74, 0x3d, 0x81, 0xbe, 0xdd,
- 0x1b, 0x2a, 0x4c, 0xd1, 0x6c, 0xb5, 0x6d, 0x7a,
- 0xbb, 0x99, 0x69, 0x01, 0xa6, 0xc0, 0x98, 0xfa,
- 0x97, 0xa3, 0xd1, 0xb0, 0xdf, 0x09, 0xe3, 0x3d,
- 0x88, 0xee, 0x90, 0xf3, 0x10, 0x41, 0x0f, 0x06,
- 0x31, 0xe9, 0x60, 0x2d, 0xbf, 0x63, 0x7b, 0xf8
- };
-
- RSAPrivateKey_t rsa_private_key;
- CK_RV rv;
- uint8_t rsa_computed_ciphertext[FIPS_RSA_ENCRYPT_LENGTH];
- uint8_t rsa_computed_plaintext[FIPS_RSA_DECRYPT_LENGTH];
- uint8_t rsa_computed_signature[FIPS_RSA_SIGNATURE_LENGTH];
- CK_BYTE der_data[SHA512_DIGEST_LENGTH + SHA2_DER_PREFIX_Len];
-
- /*
- * RSA Known Answer Encryption Test.
- */
- rsa_private_key.bkey.modulus = rsa_modulus;
- rsa_private_key.bkey.modulus_bits =
- CRYPTO_BYTES2BITS(FIPS_RSA_MODULUS_LENGTH);
- rsa_private_key.bkey.pubexpo = rsa_public_exponent;
- rsa_private_key.bkey.pubexpo_bytes = FIPS_RSA_PUBLIC_EXPONENT_LENGTH;
- rsa_private_key.bkey.rfunc = NULL;
-
- /* Perform RSA Public Key Encryption. */
- rv = fips_rsa_encrypt(&rsa_private_key,
- rsa_known_plaintext_msg, FIPS_RSA_MESSAGE_LENGTH,
- rsa_computed_ciphertext);
-
- if ((rv != CKR_OK) ||
- (memcmp(rsa_computed_ciphertext, rsa_known_ciphertext,
- FIPS_RSA_ENCRYPT_LENGTH) != 0))
- return (CKR_DEVICE_ERROR);
-
- /*
- * RSA Known Answer Decryption Test.
- */
- rsa_private_key.version = rsa_version;
- rsa_private_key.version_len = FIPS_RSA_PRIVATE_VERSION_LENGTH;
- rsa_private_key.bkey.modulus = rsa_modulus;
- rsa_private_key.bkey.modulus_bits =
- CRYPTO_BYTES2BITS(FIPS_RSA_MODULUS_LENGTH);
- rsa_private_key.bkey.pubexpo = rsa_public_exponent;
- rsa_private_key.bkey.pubexpo_bytes = FIPS_RSA_PUBLIC_EXPONENT_LENGTH;
- rsa_private_key.bkey.privexpo = rsa_private_exponent;
- rsa_private_key.bkey.privexpo_bytes = FIPS_RSA_PRIVATE_EXPONENT_LENGTH;
- rsa_private_key.bkey.prime1 = rsa_prime0;
- rsa_private_key.bkey.prime1_bytes = FIPS_RSA_PRIME0_LENGTH;
- rsa_private_key.bkey.prime2 = rsa_prime1;
- rsa_private_key.bkey.prime2_bytes = FIPS_RSA_PRIME1_LENGTH;
- rsa_private_key.bkey.expo1 = rsa_exponent0;
- rsa_private_key.bkey.expo1_bytes = FIPS_RSA_EXPONENT0_LENGTH;
- rsa_private_key.bkey.expo2 = rsa_exponent1;
- rsa_private_key.bkey.expo2_bytes = FIPS_RSA_EXPONENT1_LENGTH;
- rsa_private_key.bkey.coeff = rsa_coefficient;
- rsa_private_key.bkey.coeff_bytes = FIPS_RSA_COEFFICIENT_LENGTH;
-
- /* Perform RSA Private Key Decryption. */
- rv = fips_rsa_decrypt(&rsa_private_key, rsa_known_ciphertext,
- FIPS_RSA_MESSAGE_LENGTH, rsa_computed_plaintext);
-
- if ((rv != CKR_OK) ||
- (memcmp(rsa_computed_plaintext, rsa_known_plaintext_msg,
- FIPS_RSA_DECRYPT_LENGTH) != 0))
- return (CKR_DEVICE_ERROR);
-
- /* SHA-1 Sign/Verify */
-#ifdef _KERNEL
- rv = fips_rsa_sign_verify_test(SHA1_TYPE, &rsa_private_key,
- rsa_known_plaintext_msg, FIPS_RSA_MESSAGE_LENGTH,
- rsa_computed_signature, der_data, 1);
-#else
- rv = fips_rsa_sign_verify_test(CKM_SHA_1, &rsa_private_key,
- rsa_known_plaintext_msg, FIPS_RSA_MESSAGE_LENGTH,
- rsa_computed_signature, der_data, 1);
-#endif
-
- if ((rv != CKR_OK) ||
- (memcmp(rsa_computed_signature, rsa_known_sha1_signature,
- FIPS_RSA_SIGNATURE_LENGTH) != 0))
- return (CKR_DEVICE_ERROR);
-
-#ifdef _KERNEL
- rv = fips_rsa_sign_verify_test(SHA1_TYPE, &rsa_private_key,
- rsa_known_plaintext_msg, FIPS_RSA_MESSAGE_LENGTH,
- rsa_computed_signature, der_data, 0);
-#else
- rv = fips_rsa_sign_verify_test(CKM_SHA_1, &rsa_private_key,
- rsa_known_plaintext_msg, FIPS_RSA_MESSAGE_LENGTH,
- rsa_computed_signature, der_data, 0);
-#endif
-
- if (rv != CKR_OK)
- goto rsa_loser;
-
- /* SHA256 Sign/Verify */
-#ifdef _KERNEL
- rv = fips_rsa_sign_verify_test(SHA256_TYPE, &rsa_private_key,
- rsa_known_plaintext_msg, FIPS_RSA_MESSAGE_LENGTH,
- rsa_computed_signature, der_data, 1);
-#else
- rv = fips_rsa_sign_verify_test(CKM_SHA256, &rsa_private_key,
- rsa_known_plaintext_msg, FIPS_RSA_MESSAGE_LENGTH,
- rsa_computed_signature, der_data, 1);
-#endif
-
- if ((rv != CKR_OK) ||
- (memcmp(rsa_computed_signature, rsa_known_sha256_signature,
- FIPS_RSA_SIGNATURE_LENGTH) != 0))
- return (CKR_DEVICE_ERROR);
-
-#ifdef _KERNEL
- rv = fips_rsa_sign_verify_test(SHA256_TYPE, &rsa_private_key,
- rsa_known_plaintext_msg, FIPS_RSA_MESSAGE_LENGTH,
- rsa_computed_signature, der_data, 0);
-#else
- rv = fips_rsa_sign_verify_test(CKM_SHA256, &rsa_private_key,
- rsa_known_plaintext_msg, FIPS_RSA_MESSAGE_LENGTH,
- rsa_computed_signature, der_data, 0);
-#endif
-
- if (rv != CKR_OK)
- goto rsa_loser;
-
- /* SHA384 Sign/Verify */
-#ifdef _KERNEL
- rv = fips_rsa_sign_verify_test(SHA384_TYPE, &rsa_private_key,
- rsa_known_plaintext_msg, FIPS_RSA_MESSAGE_LENGTH,
- rsa_computed_signature, der_data, 1);
-#else
- rv = fips_rsa_sign_verify_test(CKM_SHA384, &rsa_private_key,
- rsa_known_plaintext_msg, FIPS_RSA_MESSAGE_LENGTH,
- rsa_computed_signature, der_data, 1);
-#endif
-
- if ((rv != CKR_OK) ||
- (memcmp(rsa_computed_signature, rsa_known_sha384_signature,
- FIPS_RSA_SIGNATURE_LENGTH) != 0))
- return (CKR_DEVICE_ERROR);
-
-#ifdef _KERNEL
- rv = fips_rsa_sign_verify_test(SHA384_TYPE, &rsa_private_key,
- rsa_known_plaintext_msg, FIPS_RSA_MESSAGE_LENGTH,
- rsa_computed_signature, der_data, 0);
-#else
- rv = fips_rsa_sign_verify_test(CKM_SHA384, &rsa_private_key,
- rsa_known_plaintext_msg, FIPS_RSA_MESSAGE_LENGTH,
- rsa_computed_signature, der_data, 0);
-#endif
-
- if (rv != CKR_OK)
- goto rsa_loser;
-
- /* SHA512 Sign/Verify */
-#ifdef _KERNEL
- rv = fips_rsa_sign_verify_test(SHA512_TYPE, &rsa_private_key,
- rsa_known_plaintext_msg, FIPS_RSA_MESSAGE_LENGTH,
- rsa_computed_signature, der_data, 1);
-#else
- rv = fips_rsa_sign_verify_test(CKM_SHA512, &rsa_private_key,
- rsa_known_plaintext_msg, FIPS_RSA_MESSAGE_LENGTH,
- rsa_computed_signature, der_data, 1);
-#endif
-
- if ((rv != CKR_OK) ||
- (memcmp(rsa_computed_signature, rsa_known_sha512_signature,
- FIPS_RSA_SIGNATURE_LENGTH) != 0))
- return (CKR_DEVICE_ERROR);
-
-#ifdef _KERNEL
- rv = fips_rsa_sign_verify_test(SHA512_TYPE, &rsa_private_key,
- rsa_known_plaintext_msg, FIPS_RSA_MESSAGE_LENGTH,
- rsa_computed_signature, der_data, 0);
-#else
- rv = fips_rsa_sign_verify_test(CKM_SHA512, &rsa_private_key,
- rsa_known_plaintext_msg, FIPS_RSA_MESSAGE_LENGTH,
- rsa_computed_signature, der_data, 0);
-#endif
-
-rsa_loser:
- if (rv != CKR_OK)
- return (CKR_DEVICE_ERROR);
- else
- return (CKR_OK);
-
-}
diff --git a/usr/src/common/crypto/fips/fips_sha1_util.c b/usr/src/common/crypto/fips/fips_sha1_util.c
deleted file mode 100644
index 1671ce904b..0000000000
--- a/usr/src/common/crypto/fips/fips_sha1_util.c
+++ /dev/null
@@ -1,327 +0,0 @@
-/*
- * CDDL HEADER START
- *
- * The contents of this file are subject to the terms of the
- * Common Development and Distribution License (the "License").
- * You may not use this file except in compliance with the License.
- *
- * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
- * or http://www.opensolaris.org/os/licensing.
- * See the License for the specific language governing permissions
- * and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL HEADER in each
- * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
- * If applicable, add the following below this CDDL HEADER, with the
- * fields enclosed by brackets "[]" replaced with your own identifying
- * information: Portions Copyright [yyyy] [name of copyright owner]
- *
- * CDDL HEADER END
- */
-/*
- * Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
- */
-
-#include <sys/types.h>
-#include <sys/param.h>
-#include <sys/errno.h>
-#include <sys/kmem.h>
-#include <sys/systm.h>
-#include <sys/sha1.h>
-#include <sys/crypto/common.h>
-#include <sys/cmn_err.h>
-#ifndef _KERNEL
-#include <stdlib.h>
-#include <string.h>
-#include <strings.h>
-#include <stdio.h>
-#include <security/cryptoki.h>
-#include <cryptoutil.h>
-#include "softMAC.h"
-#endif
-#include <sha1/sha1_impl.h>
-#define _SHA1_FIPS_POST
-#include <fips/fips_test_vectors.h>
-
-/*
- * fips_sha1_build_context()
- *
- * Description:
- * This function allocates and initializes SHA1 context
- * context.
- */
-SHA1_CTX *
-fips_sha1_build_context(void)
-{
- SHA1_CTX *sha1_context;
-
-
-#ifndef _KERNEL
- if ((sha1_context = malloc(sizeof (SHA1_CTX))) == NULL)
-#else
- if ((sha1_context = kmem_zalloc(sizeof (SHA1_CTX),
- KM_SLEEP)) == NULL)
-#endif
- return (NULL);
-
- SHA1Init(sha1_context);
-
- return (sha1_context);
-
-}
-
-/*
- * fips_sha1_hash()
- *
- * Arguments:
- * sha1_context: pointer to SHA1 context
- * in: pointer to the input data to be hashed
- * inlen: length of the input data
- * out: pointer to the output data after hashing
- *
- * Description:
- * This function calls the low-level SHA1 routines for hashing.
- *
- */
-int
-fips_sha1_hash(SHA1_CTX *sha1_context, uchar_t *in, ulong_t inlen, uchar_t *out)
-{
-
- int rv;
-
- if (in != NULL) {
-#ifdef __sparcv9
- SHA1Update((SHA1_CTX *)sha1_context, in, (uint_t)inlen);
-#else /* !__sparcv9 */
- SHA1Update((SHA1_CTX *)sha1_context, in, inlen);
-#endif /* __sparcv9 */
- SHA1Final(out, (SHA1_CTX *)sha1_context);
- rv = CKR_OK;
- } else
- rv = CKR_ARGUMENTS_BAD;
-
- if (sha1_context)
-#ifdef _KERNEL
- kmem_free(sha1_context, sizeof (SHA1_CTX));
-#else
- free(sha1_context);
-#endif
- return (rv);
-}
-
-
-#ifndef _KERNEL
-soft_hmac_ctx_t *
-fips_sha1_hmac_build_context(uint8_t *secret_key,
- unsigned int secret_key_length)
-{
-
- soft_hmac_ctx_t *hmac_ctx;
- uint32_t sha1_ipad[SHA1_HMAC_INTS_PER_BLOCK];
- uint32_t sha1_opad[SHA1_HMAC_INTS_PER_BLOCK];
-
- hmac_ctx = malloc(sizeof (soft_hmac_ctx_t));
-
- if (hmac_ctx == NULL) {
- return (NULL);
- }
-
- hmac_ctx->hmac_len = SHA1_HASH_SIZE;
- bzero(sha1_ipad, SHA1_HMAC_BLOCK_SIZE);
- bzero(sha1_opad, SHA1_HMAC_BLOCK_SIZE);
-
- (void) memcpy(sha1_ipad, secret_key, secret_key_length);
- (void) memcpy(sha1_opad, secret_key, secret_key_length);
-
- sha1_hmac_ctx_init(&hmac_ctx->hc_ctx_u.sha1_ctx, sha1_ipad,
- sha1_opad);
-
- return (hmac_ctx);
-
-}
-
-CK_RV
-fips_hmac_sha1_hash(unsigned char *hmac_computed,
- uint8_t *secret_key,
- unsigned int secret_key_length,
- uint8_t *message,
- unsigned int message_length)
-{
-
- soft_hmac_ctx_t *hmac_ctx = NULL;
-
- hmac_ctx = fips_sha1_hmac_build_context(secret_key,
- secret_key_length);
-
- if (hmac_ctx == NULL)
- return (CKR_HOST_MEMORY);
-
- if (message != NULL) {
- SOFT_MAC_UPDATE(SHA1, &(hmac_ctx->hc_ctx_u.sha1_ctx),
- message, message_length);
- }
-
- SOFT_MAC_FINAL(SHA1, &(hmac_ctx->hc_ctx_u.sha1_ctx), hmac_computed);
-
- free(hmac_ctx);
- return (CKR_OK);
-}
-
-#else /* _KERNEL */
-
-/*
- * Initialize a SHA1-HMAC context.
- */
-void
-sha1_mac_init_ctx(sha1_hmac_ctx_t *ctx, void *keyval, uint_t length_in_bytes)
-{
- uint32_t ipad[SHA1_HMAC_INTS_PER_BLOCK];
- uint32_t opad[SHA1_HMAC_INTS_PER_BLOCK];
- uint_t i;
-
- bzero(ipad, SHA1_HMAC_BLOCK_SIZE);
- bzero(opad, SHA1_HMAC_BLOCK_SIZE);
-
- bcopy(keyval, ipad, length_in_bytes);
- bcopy(keyval, opad, length_in_bytes);
-
- /* XOR key with ipad (0x36) and opad (0x5c) */
- for (i = 0; i < SHA1_HMAC_INTS_PER_BLOCK; i++) {
- ipad[i] ^= 0x36363636;
- opad[i] ^= 0x5c5c5c5c;
- }
-
- /* perform SHA1 on ipad */
- SHA1Init(&ctx->hc_icontext);
- SHA1Update(&ctx->hc_icontext, (uint8_t *)ipad, SHA1_HMAC_BLOCK_SIZE);
-
- /* perform SHA1 on opad */
- SHA1Init(&ctx->hc_ocontext);
- SHA1Update(&ctx->hc_ocontext, (uint8_t *)opad, SHA1_HMAC_BLOCK_SIZE);
-}
-
-sha1_hmac_ctx_t *
-fips_sha1_hmac_build_context(uint8_t *secret_key,
- unsigned int secret_key_length)
-{
- sha1_hmac_ctx_t *sha1_hmac_ctx_tmpl;
-
-
- /*
- * Allocate and initialize SHA1 context.
- */
- sha1_hmac_ctx_tmpl = kmem_alloc(sizeof (sha1_hmac_ctx_t),
- KM_SLEEP);
- if (sha1_hmac_ctx_tmpl == NULL)
- return (NULL);
-
- /*
- * initialize ctx->hc_icontext and ctx->hc_ocontext
- */
- sha1_mac_init_ctx(sha1_hmac_ctx_tmpl, secret_key,
- secret_key_length);
-
-
- sha1_hmac_ctx_tmpl->hc_mech_type = SHA1_HMAC_MECH_INFO_TYPE;
-
-
- return (sha1_hmac_ctx_tmpl);
-}
-
-void
-fips_hmac_sha1_hash(sha1_hmac_ctx_t *sha1_hmac_ctx,
- uint8_t *message, uint32_t message_len,
- uint8_t *hmac_computed)
-{
-
- /* do a SHA1 update of the inner context using the specified data */
- SHA1Update(&((sha1_hmac_ctx)->hc_icontext), message,
- message_len);
-
- /*
- * Do a SHA1 final on the inner context.
- */
- SHA1Final(hmac_computed, &((sha1_hmac_ctx)->hc_icontext));
-
- /*
- * Do an SHA1 update on the outer context, feeding the inner
- * digest as data.
- */
- SHA1Update(&((sha1_hmac_ctx)->hc_ocontext), hmac_computed,
- SHA1_HASH_SIZE);
-
- /*
- * Do a SHA1 final on the outer context, storing the computed
- * digest in the caller's buffer.
- */
- SHA1Final(hmac_computed, &((sha1_hmac_ctx)->hc_ocontext));
-
- kmem_free(sha1_hmac_ctx, sizeof (sha1_hmac_ctx_t));
-}
-
-#endif
-
-/*
- * SHA1 Power-On SelfTest(s).
- */
-int
-fips_sha1_post(void)
-{
- static uint8_t HMAC_known_secret_key_length
- = sizeof (HMAC_known_secret_key);
-
- /* SHA-1 variables. */
- uint8_t sha1_computed_digest[SHA1_DIGEST_LENGTH];
- uint8_t hmac_computed[SHA1_HMAC_BLOCK_SIZE];
- SHA1_CTX *sha1_context = NULL;
-
-#ifdef _KERNEL
- sha1_hmac_ctx_t *sha1_hmac_ctx = NULL;
-#endif
-
- int rv;
-
- /* SHA-1 Known Answer Hashing Test. */
- sha1_context = fips_sha1_build_context();
- if (sha1_context == NULL)
- return (CKR_HOST_MEMORY);
-
- rv = fips_sha1_hash(sha1_context, sha1_known_hash_message,
- FIPS_KNOWN_HMAC_MESSAGE_LENGTH, sha1_computed_digest);
-
- if ((rv != CKR_OK) ||
- (memcmp(sha1_computed_digest, sha1_known_digest,
- SHA1_DIGEST_LENGTH) != 0))
- return (CKR_DEVICE_ERROR);
-
-#ifdef _KERNEL
- /* SHA-1 HMAC Known Answer Hashing Test */
- sha1_hmac_ctx = fips_sha1_hmac_build_context(HMAC_known_secret_key,
- HMAC_known_secret_key_length);
-
- if (sha1_hmac_ctx == NULL)
- return (CKR_HOST_MEMORY);
-
- fips_hmac_sha1_hash(sha1_hmac_ctx, hmac_sha1_known_hash_message,
- sizeof (hmac_sha1_known_hash_message), hmac_computed);
-#else
- rv = fips_hmac_sha1_hash(hmac_computed, HMAC_known_secret_key,
- HMAC_known_secret_key_length, hmac_sha1_known_hash_message,
- sizeof (hmac_sha1_known_hash_message));
-
-#endif
-
-#ifdef _KERNEL
- if (memcmp(hmac_computed, known_SHA1_hmac,
- sizeof (known_SHA1_hmac)) != 0)
- return (CKR_DEVICE_ERROR);
-#else
- if ((rv != CKR_OK) ||
- (memcmp(hmac_computed, known_SHA1_hmac,
- sizeof (known_SHA1_hmac)) != 0))
- return (CKR_DEVICE_ERROR);
-#endif
-
- return (rv);
-
-}
diff --git a/usr/src/common/crypto/fips/fips_sha2_util.c b/usr/src/common/crypto/fips/fips_sha2_util.c
deleted file mode 100644
index 149b3c39f1..0000000000
--- a/usr/src/common/crypto/fips/fips_sha2_util.c
+++ /dev/null
@@ -1,792 +0,0 @@
-/*
- * CDDL HEADER START
- *
- * The contents of this file are subject to the terms of the
- * Common Development and Distribution License (the "License").
- * You may not use this file except in compliance with the License.
- *
- * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
- * or http://www.opensolaris.org/os/licensing.
- * See the License for the specific language governing permissions
- * and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL HEADER in each
- * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
- * If applicable, add the following below this CDDL HEADER, with the
- * fields enclosed by brackets "[]" replaced with your own identifying
- * information: Portions Copyright [yyyy] [name of copyright owner]
- *
- * CDDL HEADER END
- */
-/*
- * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
- * Use is subject to license terms.
- */
-
-#include <sys/types.h>
-#include <sys/errno.h>
-#include <sys/kmem.h>
-#include <sys/systm.h>
-#define _SHA2_IMPL
-#include <sys/sha2.h>
-#include <sys/crypto/common.h>
-#include <sys/cmn_err.h>
-#ifndef _KERNEL
-#include <stdlib.h>
-#include <string.h>
-#include <strings.h>
-#include <stdio.h>
-#include <security/cryptoki.h>
-#include <cryptoutil.h>
-#include "softMAC.h"
-#endif
-#include <sha2/sha2_impl.h>
-
-
-/*
- * fips_sha2_build_context()
- *
- * Description:
- * This function allocates and initializes SHA2 context.
- */
-#ifndef _KERNEL
-SHA2_CTX *
-fips_sha2_build_context(CK_MECHANISM_TYPE mechanism)
-{
- SHA2_CTX *sha2_context;
-
- if ((sha2_context = malloc(sizeof (SHA2_CTX))) == NULL)
- return (NULL);
-
- switch (mechanism) {
- case CKM_SHA256:
- SHA2Init(SHA256, sha2_context);
- break;
-
- case CKM_SHA384:
- SHA2Init(SHA384, sha2_context);
- break;
-
- case CKM_SHA512:
- SHA2Init(SHA512, sha2_context);
- break;
- }
-
- return (sha2_context);
-}
-
-#else
-SHA2_CTX *
-fips_sha2_build_context(sha2_mech_t mechanism)
-{
- SHA2_CTX *sha2_context;
-
- if ((sha2_context = kmem_zalloc(sizeof (SHA2_CTX),
- KM_SLEEP)) == NULL)
- return (NULL);
-
- switch (mechanism) {
- case SHA256_TYPE:
- SHA2Init(SHA256, sha2_context);
- break;
-
- case SHA384_TYPE:
- SHA2Init(SHA384, sha2_context);
- break;
-
- case SHA512_TYPE:
- SHA2Init(SHA512, sha2_context);
- break;
- }
-
- return (sha2_context);
-}
-#endif
-
-/*
- * fips_sha2_hash()
- *
- * Arguments:
- * sha2_context: pointer to SHA2 context
- * in: pointer to the input data to be hashed
- * inlen: length of the input data
- * out: pointer to the output data after hashing
- *
- * Description:
- * This function calls the low-level SHA2 routines for hashing.
- *
- */
-int
-fips_sha2_hash(SHA2_CTX *sha2_context, uchar_t *in,
- ulong_t inlen, uchar_t *out)
-{
-
- int rv;
-
- if (in != NULL) {
- SHA2Update((SHA2_CTX *)sha2_context, in, inlen);
- SHA2Final(out, (SHA2_CTX *)sha2_context);
- rv = CKR_OK;
- } else {
- rv = CKR_ARGUMENTS_BAD;
- }
-
- if (sha2_context)
-#ifdef _KERNEL
- kmem_free(sha2_context, sizeof (SHA2_CTX));
-#else
- free(sha2_context);
-#endif
- return (rv);
-
-}
-
-#ifndef _KERNEL
-soft_hmac_ctx_t *
-fips_sha2_hmac_build_context(CK_MECHANISM_TYPE mechanism,
- uint8_t *secret_key,
- unsigned int secret_key_length)
-{
-
- soft_hmac_ctx_t *hmac_ctx;
-
- hmac_ctx = malloc(sizeof (soft_hmac_ctx_t));
-
- if (hmac_ctx == NULL) {
- return (NULL);
- }
-
- switch (mechanism) {
- case CKM_SHA256_HMAC:
- {
- uint64_t sha_ipad[SHA256_HMAC_INTS_PER_BLOCK];
- uint64_t sha_opad[SHA256_HMAC_INTS_PER_BLOCK];
-
- hmac_ctx->hmac_len = SHA256_DIGEST_LENGTH;
- bzero(sha_ipad, SHA256_HMAC_BLOCK_SIZE);
- bzero(sha_opad, SHA256_HMAC_BLOCK_SIZE);
-
- (void) memcpy(sha_ipad, secret_key, secret_key_length);
- (void) memcpy(sha_opad, secret_key, secret_key_length);
-
- sha2_hmac_ctx_init(CKM_TO_SHA2(mechanism),
- &hmac_ctx->hc_ctx_u.sha2_ctx,
- sha_ipad, sha_opad,
- SHA256_HMAC_INTS_PER_BLOCK,
- SHA256_HMAC_BLOCK_SIZE);
-
- break;
- }
-
- case CKM_SHA384_HMAC:
- {
- uint64_t sha_ipad[SHA512_HMAC_INTS_PER_BLOCK];
- uint64_t sha_opad[SHA512_HMAC_INTS_PER_BLOCK];
-
- hmac_ctx->hmac_len = SHA384_DIGEST_LENGTH;
- bzero(sha_ipad, SHA512_HMAC_BLOCK_SIZE);
- bzero(sha_opad, SHA512_HMAC_BLOCK_SIZE);
-
- (void) memcpy(sha_ipad, secret_key, secret_key_length);
- (void) memcpy(sha_opad, secret_key, secret_key_length);
-
- sha2_hmac_ctx_init(CKM_TO_SHA2(mechanism),
- &hmac_ctx->hc_ctx_u.sha2_ctx,
- sha_ipad, sha_opad,
- SHA512_HMAC_INTS_PER_BLOCK,
- SHA512_HMAC_BLOCK_SIZE);
- break;
- }
-
- case CKM_SHA512_HMAC:
- {
- uint64_t sha_ipad[SHA512_HMAC_INTS_PER_BLOCK];
- uint64_t sha_opad[SHA512_HMAC_INTS_PER_BLOCK];
-
- hmac_ctx->hmac_len = SHA512_DIGEST_LENGTH;
- bzero(sha_ipad, SHA512_HMAC_BLOCK_SIZE);
- bzero(sha_opad, SHA512_HMAC_BLOCK_SIZE);
-
- (void) memcpy(sha_ipad, secret_key, secret_key_length);
- (void) memcpy(sha_opad, secret_key, secret_key_length);
-
- sha2_hmac_ctx_init(CKM_TO_SHA2(mechanism),
- &hmac_ctx->hc_ctx_u.sha2_ctx,
- sha_ipad, sha_opad,
- SHA512_HMAC_INTS_PER_BLOCK,
- SHA512_HMAC_BLOCK_SIZE);
-
- break;
- }
- }
-
- return (hmac_ctx);
-}
-
-CK_RV
-fips_hmac_sha2_hash(unsigned char *hmac_computed,
- uint8_t *secret_key,
- unsigned int secret_key_length,
- uint8_t *message,
- unsigned int message_length,
- CK_MECHANISM_TYPE mechanism)
-{
-
- soft_hmac_ctx_t *hmac_ctx = NULL;
-
- hmac_ctx = fips_sha2_hmac_build_context(mechanism,
- secret_key, secret_key_length);
-
- if (hmac_ctx == NULL)
- return (CKR_HOST_MEMORY);
-
- switch (mechanism) {
- case CKM_SHA256_HMAC:
- if (message != NULL)
- SHA2Update(&(hmac_ctx->hc_ctx_u.sha2_ctx.hc_icontext),
- message, message_length);
-
- SOFT_MAC_FINAL_2(SHA256, &(hmac_ctx->hc_ctx_u.sha2_ctx),
- hmac_computed);
- break;
-
- case CKM_SHA384_HMAC:
- if (message != NULL)
- SHA2Update(&(hmac_ctx->hc_ctx_u.sha2_ctx.hc_icontext),
- message, message_length);
-
- SOFT_MAC_FINAL_2(SHA384, &(hmac_ctx->hc_ctx_u.sha2_ctx),
- hmac_computed);
- break;
-
- case CKM_SHA512_HMAC:
- if (message != NULL)
- SHA2Update(&(hmac_ctx->hc_ctx_u.sha2_ctx.hc_icontext),
- message, message_length);
-
- SOFT_MAC_FINAL_2(SHA512, &(hmac_ctx->hc_ctx_u.sha2_ctx),
- hmac_computed);
- break;
- }
-
- free(hmac_ctx);
- return (CKR_OK);
-}
-
-#else
-
-/*
- * Initialize a SHA2-HMAC context.
- */
-void
-sha2_mac_init_ctx(sha2_hmac_ctx_t *ctx, void *keyval, uint_t length_in_bytes)
-{
- uint64_t ipad[SHA512_HMAC_BLOCK_SIZE / sizeof (uint64_t)];
- uint64_t opad[SHA512_HMAC_BLOCK_SIZE / sizeof (uint64_t)];
- int i, block_size, blocks_per_int64;
-
- /* Determine the block size */
- if (ctx->hc_mech_type <= SHA256_HMAC_GEN_MECH_INFO_TYPE) {
- block_size = SHA256_HMAC_BLOCK_SIZE;
- blocks_per_int64 = SHA256_HMAC_BLOCK_SIZE / sizeof (uint64_t);
- } else {
- block_size = SHA512_HMAC_BLOCK_SIZE;
- blocks_per_int64 = SHA512_HMAC_BLOCK_SIZE / sizeof (uint64_t);
- }
-
- (void) bzero(ipad, block_size);
- (void) bzero(opad, block_size);
- (void) bcopy(keyval, ipad, length_in_bytes);
- (void) bcopy(keyval, opad, length_in_bytes);
-
- /* XOR key with ipad (0x36) and opad (0x5c) */
- for (i = 0; i < blocks_per_int64; i ++) {
- ipad[i] ^= 0x3636363636363636;
- opad[i] ^= 0x5c5c5c5c5c5c5c5c;
- }
-
- /* perform SHA2 on ipad */
- SHA2Init(ctx->hc_mech_type, &ctx->hc_icontext);
- SHA2Update(&ctx->hc_icontext, (uint8_t *)ipad, block_size);
-
- /* perform SHA2 on opad */
- SHA2Init(ctx->hc_mech_type, &ctx->hc_ocontext);
- SHA2Update(&ctx->hc_ocontext, (uint8_t *)opad, block_size);
-
-}
-
-sha2_hmac_ctx_t *
-fips_sha2_hmac_build_context(sha2_mech_t mechanism,
- uint8_t *secret_key,
- unsigned int secret_key_length)
-{
- sha2_hmac_ctx_t *sha2_hmac_ctx_tmpl;
-
- /*
- * Allocate and initialize SHA2 context.
- */
- sha2_hmac_ctx_tmpl = kmem_alloc(sizeof (sha2_hmac_ctx_t),
- KM_SLEEP);
- if (sha2_hmac_ctx_tmpl == NULL)
- return (NULL);
-
- switch (mechanism) {
- case SHA256_TYPE:
- sha2_hmac_ctx_tmpl->hc_mech_type =
- SHA256_HMAC_MECH_INFO_TYPE;
- break;
-
- case SHA384_TYPE:
- sha2_hmac_ctx_tmpl->hc_mech_type =
- SHA384_HMAC_MECH_INFO_TYPE;
- break;
-
- case SHA512_TYPE:
- sha2_hmac_ctx_tmpl->hc_mech_type =
- SHA512_HMAC_MECH_INFO_TYPE;
- break;
- }
-
- /*
- * initialize ctx->hc_icontext and ctx->hc_ocontext
- */
- sha2_mac_init_ctx(sha2_hmac_ctx_tmpl, secret_key,
- secret_key_length);
-
- return (sha2_hmac_ctx_tmpl);
-}
-
-void
-fips_hmac_sha2_hash(sha2_hmac_ctx_t *sha2_hmac_ctx,
- uint8_t *message,
- uint32_t message_len,
- uint8_t *hmac_computed,
- sha2_mech_t mechanism)
-
-{
-
- SHA2Update(&((sha2_hmac_ctx)->hc_icontext), message,
- message_len);
- SHA2Final(hmac_computed, &((sha2_hmac_ctx)->hc_icontext));
-
- switch (mechanism) {
- case SHA256_TYPE:
- SHA2Update(&((sha2_hmac_ctx)->hc_ocontext),
- hmac_computed, SHA256_DIGEST_LENGTH);
- break;
-
- case SHA384_TYPE:
- SHA2Update(&((sha2_hmac_ctx)->hc_ocontext),
- hmac_computed, SHA384_DIGEST_LENGTH);
- break;
-
- case SHA512_TYPE:
- SHA2Update(&((sha2_hmac_ctx)->hc_ocontext),
- hmac_computed, SHA512_DIGEST_LENGTH);
- break;
- }
-
- SHA2Final(hmac_computed, &((sha2_hmac_ctx)->hc_ocontext));
-
- kmem_free(sha2_hmac_ctx, sizeof (sha2_hmac_ctx_t));
-}
-
-#endif
-
-/*
- * SHA2 Power-On SelfTest(s).
- */
-int
-fips_sha2_post(void)
-{
-
- /*
- * SHA-256 Known Hash Message (512-bits).
- * Source from NIST SHA256ShortMsg (Len = 512)
- */
- static uint8_t sha256_known_hash_message[] = {
- 0x35, 0x92, 0xec, 0xfd, 0x1e, 0xac, 0x61, 0x8f,
- 0xd3, 0x90, 0xe7, 0xa9, 0xc2, 0x4b, 0x65, 0x65,
- 0x32, 0x50, 0x93, 0x67, 0xc2, 0x1a, 0x0e, 0xac,
- 0x12, 0x12, 0xac, 0x83, 0xc0, 0xb2, 0x0c, 0xd8,
- 0x96, 0xeb, 0x72, 0xb8, 0x01, 0xc4, 0xd2, 0x12,
- 0xc5, 0x45, 0x2b, 0xbb, 0xf0, 0x93, 0x17, 0xb5,
- 0x0c, 0x5c, 0x9f, 0xb1, 0x99, 0x75, 0x53, 0xd2,
- 0xbb, 0xc2, 0x9b, 0xb4, 0x2f, 0x57, 0x48, 0xad
- };
-
- /* known SHA256 Digest Message (32 bytes) */
- static uint8_t known_sha256_digest[] = {
- 0x10, 0x5a, 0x60, 0x86, 0x58, 0x30, 0xac, 0x3a,
- 0x37, 0x1d, 0x38, 0x43, 0x32, 0x4d, 0x4b, 0xb5,
- 0xfa, 0x8e, 0xc0, 0xe0, 0x2d, 0xda, 0xa3, 0x89,
- 0xad, 0x8d, 0xa4, 0xf1, 0x02, 0x15, 0xc4, 0x54
- };
-
- /*
- * SHA-384 Known Hash Message (512-bits).
- * Source from NIST SHA384ShortMsg (Len = 512)
- */
- static uint8_t sha384_known_hash_message[] = {
- 0x58, 0xbe, 0xab, 0xf9, 0x79, 0xab, 0x35, 0xab,
- 0xba, 0x29, 0x37, 0x6d, 0x5d, 0xc2, 0x27, 0xab,
- 0xb3, 0xd2, 0xff, 0x4d, 0x90, 0x30, 0x49, 0x82,
- 0xfc, 0x10, 0x79, 0xbc, 0x2b, 0x28, 0x80, 0xfc,
- 0xb0, 0x12, 0x9e, 0x4f, 0xed, 0xf2, 0x78, 0x98,
- 0xce, 0x58, 0x6a, 0x91, 0xb7, 0x68, 0x1e, 0x0d,
- 0xba, 0x38, 0x5e, 0x80, 0x0e, 0x79, 0x26, 0xc0,
- 0xbc, 0x5a, 0xfe, 0x0d, 0x9c, 0xa9, 0x86, 0x50
- };
-
- /* known SHA384 Digest Message (48 bytes) */
- static uint8_t known_sha384_digest[] = {
- 0xa0, 0x88, 0x8e, 0x1c, 0x4d, 0x7e, 0x80, 0xcb,
- 0xaa, 0xaf, 0xa8, 0xbb, 0x1c, 0xa1, 0xca, 0x91,
- 0x2a, 0x93, 0x21, 0x75, 0xc2, 0xef, 0x98, 0x2c,
- 0xe1, 0xf1, 0x23, 0xa8, 0xc1, 0xae, 0xe9, 0x63,
- 0x5a, 0xd7, 0x5b, 0xe5, 0x25, 0x90, 0xa9, 0x24,
- 0xbe, 0xd3, 0xf5, 0xec, 0x36, 0xc3, 0x56, 0x90
- };
-
- /*
- * SHA-512 Known Hash Message (512-bits).
- * Source from NIST SHA512ShortMsg (Len = 512)
- */
- static uint8_t sha512_known_hash_message[] = {
- 0x09, 0x5c, 0x7f, 0x30, 0x82, 0x4f, 0xc9, 0x28,
- 0x58, 0xcc, 0x93, 0x47, 0xc0, 0x85, 0xd5, 0x78,
- 0x88, 0x5f, 0xf3, 0x61, 0x4d, 0xd3, 0x8e, 0xe7,
- 0xee, 0x94, 0xa0, 0xf4, 0x40, 0x72, 0xc8, 0x77,
- 0x04, 0x7e, 0xe2, 0xad, 0x16, 0x6f, 0xdb, 0xa0,
- 0xe7, 0x44, 0xc3, 0xed, 0x2c, 0x2b, 0x24, 0xc9,
- 0xd8, 0xa2, 0x93, 0x46, 0x48, 0xdc, 0x84, 0xd3,
- 0xbe, 0x66, 0x63, 0x02, 0x11, 0x0a, 0xe0, 0x8f
- };
-
- /* known SHA512 Digest Message (64 bytes) */
- static uint8_t known_sha512_digest[] = {
- 0xd5, 0xcd, 0xaf, 0x83, 0xbb, 0x4a, 0x27, 0xea,
- 0xad, 0x8d, 0x8f, 0x18, 0xe4, 0xbe, 0xe9, 0xc2,
- 0x5b, 0xe9, 0x49, 0xa7, 0x61, 0xa0, 0xfd, 0x0f,
- 0xb2, 0x28, 0x4c, 0xab, 0x14, 0x3c, 0xad, 0x60,
- 0xbe, 0xb5, 0x68, 0x87, 0x34, 0xb2, 0xf8, 0x1e,
- 0x9e, 0x2d, 0x64, 0x0b, 0x42, 0x5f, 0xd3, 0x2c,
- 0xcb, 0x3d, 0x20, 0xd0, 0x2d, 0x63, 0xc2, 0xc9,
- 0x4c, 0x03, 0xab, 0x3d, 0x9e, 0x7d, 0x9b, 0x4a
- };
-
- /* SHA-2 HMAC Test Vectors */
-
- /*
- * SHA-256 HMAC Known Hash Message (512-bits).
- */
- static uint8_t sha256_hmac_known_hash_message[] = {
- 0x54, 0x68, 0x65, 0x20, 0x74, 0x65, 0x73, 0x74,
- 0x20, 0x6D, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65,
- 0x20, 0x66, 0x6F, 0x72, 0x20, 0x74, 0x68, 0x65,
- 0x20, 0x4D, 0x44, 0x32, 0x2C, 0x20, 0x4D, 0x44,
- 0x35, 0x2C, 0x20, 0x61, 0x6E, 0x64, 0x20, 0x53,
- 0x48, 0x41, 0x2D, 0x31, 0x20, 0x68, 0x61, 0x73,
- 0x68, 0x69, 0x6E, 0x67, 0x20, 0x61, 0x6C, 0x67,
- 0x6F, 0x72, 0x69, 0x74, 0x68, 0x6D, 0x73, 0x2E
- };
-
- static uint8_t sha256_hmac_known_secret_key[] = {
- 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
- 0x74, 0x68, 0x65, 0x20, 0x53, 0x48, 0x41, 0x2D,
- 0x32, 0x35, 0x36, 0x20, 0x48, 0x4D, 0x41, 0x43,
- 0x20, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x20,
- 0x6B, 0x65, 0x79, 0x21
- };
-
- static uint8_t sha256_hmac_known_secret_key_length
- = sizeof (sha256_hmac_known_secret_key);
-
-
- /* known SHA256 hmac (32 bytes) */
- static uint8_t known_sha256_hmac[] = {
- 0x02, 0x87, 0x21, 0x93, 0x84, 0x8a, 0x35, 0xae,
- 0xdb, 0xb6, 0x79, 0x26, 0x96, 0xf0, 0x50, 0xeb,
- 0x33, 0x49, 0x57, 0xf1, 0xb2, 0x32, 0xd3, 0x63,
- 0x03, 0x65, 0x57, 0xa2, 0xba, 0xa2, 0x5f, 0x35
- };
-
- /*
- * SHA-384 HMAC Known Hash Message (512-bits).
- * Source from NIST HMAC.txt (Count = 15, Klen = 16, Tlen = 48)
- */
- static uint8_t sha384_hmac_known_secret_key[] = {
- 0x01, 0xac, 0x59, 0xf4, 0x2f, 0x8b, 0xb9, 0x1d,
- 0x1b, 0xd1, 0x0f, 0xe6, 0x99, 0x0d, 0x7a, 0x87
- };
-
- static uint8_t sha384_hmac_known_secret_key_length
- = sizeof (sha384_hmac_known_secret_key);
-
- static uint8_t sha384_hmac_known_hash_message[] = {
- 0x3c, 0xaf, 0x18, 0xc4, 0x76, 0xed, 0xd5, 0x61,
- 0x5f, 0x34, 0x3a, 0xc7, 0xb7, 0xd3, 0xa9, 0xda,
- 0x9e, 0xfa, 0xde, 0x75, 0x56, 0x72, 0xd5, 0xba,
- 0x4b, 0x8a, 0xe8, 0xa7, 0x50, 0x55, 0x39, 0xea,
- 0x2c, 0x12, 0x4f, 0xf7, 0x55, 0xec, 0x04, 0x57,
- 0xfb, 0xe4, 0x9e, 0x43, 0x48, 0x0b, 0x3c, 0x71,
- 0xe7, 0xf4, 0x74, 0x2e, 0xc3, 0x69, 0x3a, 0xad,
- 0x11, 0x5d, 0x03, 0x9f, 0x90, 0x22, 0x2b, 0x03,
- 0x0f, 0xdc, 0x94, 0x40, 0x31, 0x36, 0x91, 0x71,
- 0x6d, 0x53, 0x02, 0x00, 0x58, 0x08, 0xc0, 0x76,
- 0x27, 0x48, 0x3b, 0x91, 0x6f, 0xdf, 0x61, 0x98,
- 0x30, 0x63, 0xc2, 0xeb, 0x12, 0x68, 0xf2, 0xde,
- 0xee, 0xf4, 0x2f, 0xc7, 0x90, 0x33, 0x44, 0x56,
- 0xbc, 0x6b, 0xad, 0x25, 0x6e, 0x31, 0xfc, 0x90,
- 0x66, 0xde, 0x7c, 0xc7, 0xe4, 0x3d, 0x13, 0x21,
- 0xb1, 0x86, 0x6d, 0xb4, 0x5e, 0x90, 0x56, 0x22
- };
-
- /* known SHA384 hmac (48 bytes) */
- static uint8_t known_sha384_hmac[] = {
- 0x19, 0x85, 0xfa, 0x21, 0x63, 0xa5, 0x94, 0x3f,
- 0xc5, 0xd9, 0x2f, 0x1f, 0xe8, 0x83, 0x12, 0x15,
- 0xe7, 0xe9, 0x1f, 0x0b, 0xff, 0x53, 0x32, 0xbc,
- 0x71, 0x3a, 0x07, 0x2b, 0xdb, 0x3a, 0x8f, 0x9e,
- 0x5c, 0x51, 0x57, 0x46, 0x3a, 0x3b, 0xfe, 0xb3,
- 0x62, 0x31, 0x41, 0x6e, 0x65, 0x97, 0x3e, 0x64
- };
-
- /*
- * SHA-512 HMAC Known Hash Message (512-bits).
- * Source from NIST HMAC.txt (Count = 30, Klen = 20, Tlen = 64)
- */
- static uint8_t sha512_hmac_known_secret_key[] = {
- 0xa7, 0x36, 0xf2, 0x74, 0xfd, 0xa6, 0x8e, 0x1b,
- 0xd5, 0xf9, 0x47, 0x1e, 0x85, 0xfd, 0x41, 0x5d,
- 0x7f, 0x2b, 0xa1, 0xbc
- };
-
- static uint8_t sha512_hmac_known_secret_key_length
- = sizeof (sha512_hmac_known_secret_key);
-
- static uint8_t sha512_hmac_known_hash_message[] = {
- 0xa6, 0xcc, 0xc3, 0x55, 0x2c, 0x33, 0xe9, 0x17,
- 0x8b, 0x6b, 0x82, 0xc6, 0x53, 0xd6, 0x3d, 0xe2,
- 0x54, 0x0f, 0x17, 0x08, 0x07, 0xc3, 0xd9, 0x6a,
- 0x2a, 0xc2, 0xe2, 0x7d, 0xab, 0x55, 0x26, 0xf1,
- 0xc7, 0xd3, 0x77, 0xe6, 0x73, 0x6f, 0x04, 0x5d,
- 0xfb, 0x54, 0x1f, 0xec, 0xe9, 0xf4, 0x43, 0xb7,
- 0x28, 0x9c, 0x55, 0x9b, 0x69, 0x4c, 0x2a, 0xac,
- 0xc6, 0xc7, 0x4a, 0xe2, 0xa5, 0xe6, 0xf3, 0x0f,
- 0xe0, 0x31, 0x61, 0x14, 0x23, 0xb0, 0x4d, 0x55,
- 0x95, 0xff, 0xb4, 0x6a, 0xba, 0xa1, 0xd9, 0x18,
- 0x98, 0x96, 0x8d, 0x7f, 0x18, 0x30, 0xae, 0x94,
- 0xb0, 0x22, 0xee, 0xd2, 0x3f, 0xda, 0xd5, 0x2d,
- 0x38, 0x11, 0x0a, 0x48, 0x03, 0xa0, 0xce, 0xe7,
- 0xa0, 0x95, 0xc9, 0xa7, 0x8e, 0x86, 0x09, 0xed,
- 0xeb, 0x25, 0x48, 0x1c, 0xdc, 0x15, 0x6d, 0x0b,
- 0x2f, 0xfc, 0x56, 0xb6, 0x3f, 0xda, 0xd5, 0x33
- };
-
- /* known SHA512 hmac (64 bytes) */
- static uint8_t known_sha512_hmac[] = {
- 0xf7, 0x18, 0x03, 0x43, 0x1e, 0x07, 0xa5, 0xa6,
- 0xe5, 0xfd, 0x4a, 0xe4, 0xcf, 0xc2, 0x75, 0x3b,
- 0xc8, 0x0d, 0x26, 0xe1, 0x67, 0x23, 0xd9, 0xe8,
- 0x8b, 0x40, 0x5a, 0x02, 0x34, 0x8e, 0xf4, 0xb9,
- 0x67, 0x92, 0xc9, 0x9c, 0xed, 0x64, 0xdc, 0x70,
- 0xea, 0x47, 0x53, 0x78, 0xb7, 0x46, 0x6a, 0xc2,
- 0xca, 0xf4, 0xa4, 0x20, 0xb0, 0x1f, 0xf6, 0x1e,
- 0x72, 0xc5, 0xb5, 0xee, 0x8e, 0xaa, 0xd4, 0xd4
- };
-
- /* SHA-2 variables. */
- uint8_t sha256_computed_digest[SHA256_DIGEST_LENGTH];
- uint8_t sha384_computed_digest[SHA384_DIGEST_LENGTH];
- uint8_t sha512_computed_digest[SHA512_DIGEST_LENGTH];
-
- uint8_t hmac_computed[SHA512_DIGEST_LENGTH];
- SHA2_CTX *sha2_context = NULL;
-
-#ifdef _KERNEL
- sha2_hmac_ctx_t *sha2_hmac_ctx;
-#endif
-
- int rv;
-
- /*
- * SHA-2 Known Answer Hashing Test.
- */
-
- /* SHA-256 POST */
-
-#ifdef _KERNEL
- sha2_context = fips_sha2_build_context(SHA256_TYPE);
-#else
- sha2_context = fips_sha2_build_context(CKM_SHA256);
-#endif
-
- if (sha2_context == NULL)
- return (CKR_HOST_MEMORY);
-
- rv = fips_sha2_hash(sha2_context,
- sha256_known_hash_message,
- FIPS_KNOWN_HMAC_MESSAGE_LENGTH,
- sha256_computed_digest);
-
- if ((rv != CKR_OK) ||
- (memcmp(sha256_computed_digest, known_sha256_digest,
- SHA256_DIGEST_LENGTH) != 0))
- return (CKR_DEVICE_ERROR);
-
- /* SHA-384 POST */
-
-#ifdef _KERNEL
- sha2_context = fips_sha2_build_context(SHA384_TYPE);
-#else
- sha2_context = fips_sha2_build_context(CKM_SHA384);
-#endif
-
- if (sha2_context == NULL)
- return (CKR_HOST_MEMORY);
-
- rv = fips_sha2_hash(sha2_context,
- sha384_known_hash_message,
- FIPS_KNOWN_HMAC_MESSAGE_LENGTH,
- sha384_computed_digest);
-
- if ((rv != CKR_OK) ||
- (memcmp(sha384_computed_digest, known_sha384_digest,
- SHA384_DIGEST_LENGTH) != 0))
- return (CKR_DEVICE_ERROR);
-
- /* SHA-512 POST */
-
-#ifdef _KERNEL
- sha2_context = fips_sha2_build_context(SHA512_TYPE);
-#else
- sha2_context = fips_sha2_build_context(CKM_SHA512);
-#endif
-
- if (sha2_context == NULL)
- return (CKR_HOST_MEMORY);
-
- rv = fips_sha2_hash(sha2_context,
- sha512_known_hash_message,
- FIPS_KNOWN_HMAC_MESSAGE_LENGTH,
- sha512_computed_digest);
-
- if ((rv != CKR_OK) ||
- (memcmp(sha512_computed_digest, known_sha512_digest,
- SHA512_DIGEST_LENGTH) != 0))
- return (CKR_DEVICE_ERROR);
-
- /*
- * SHA-2 HMAC Known Answer Hashing Test.
- */
-
- /* HMAC SHA-256 POST */
-
-#ifdef _KERNEL
- sha2_hmac_ctx = fips_sha2_hmac_build_context(
- SHA256_TYPE,
- sha256_hmac_known_secret_key,
- sha256_hmac_known_secret_key_length);
-
- if (sha2_hmac_ctx == NULL)
- return (CKR_HOST_MEMORY);
-
- fips_hmac_sha2_hash(sha2_hmac_ctx,
- sha256_hmac_known_hash_message,
- FIPS_KNOWN_HMAC_MESSAGE_LENGTH,
- hmac_computed,
- SHA256_TYPE);
-
- if (memcmp(hmac_computed, known_sha256_hmac,
- SHA256_DIGEST_LENGTH) != 0)
- return (CKR_DEVICE_ERROR);
-
-#else
- rv = fips_hmac_sha2_hash(hmac_computed,
- sha256_hmac_known_secret_key,
- sha256_hmac_known_secret_key_length,
- sha256_hmac_known_hash_message,
- FIPS_KNOWN_HMAC_MESSAGE_LENGTH,
- CKM_SHA256_HMAC);
-
- if ((rv != CKR_OK) ||
- (memcmp(hmac_computed, known_sha256_hmac,
- SHA256_DIGEST_LENGTH) != 0))
- return (CKR_DEVICE_ERROR);
-
-#endif
-
- /* HMAC SHA-384 POST */
-
-#ifdef _KERNEL
- sha2_hmac_ctx = fips_sha2_hmac_build_context(
- SHA384_TYPE,
- sha384_hmac_known_secret_key,
- sha384_hmac_known_secret_key_length);
-
- if (sha2_hmac_ctx == NULL)
- return (CKR_HOST_MEMORY);
-
- fips_hmac_sha2_hash(sha2_hmac_ctx,
- sha384_hmac_known_hash_message,
- sizeof (sha384_hmac_known_hash_message),
- hmac_computed,
- SHA384_TYPE);
-
- if (memcmp(hmac_computed, known_sha384_hmac,
- SHA384_DIGEST_LENGTH) != 0)
- return (CKR_DEVICE_ERROR);
-#else
- rv = fips_hmac_sha2_hash(hmac_computed,
- sha384_hmac_known_secret_key,
- sha384_hmac_known_secret_key_length,
- sha384_hmac_known_hash_message,
- sizeof (sha384_hmac_known_hash_message),
- CKM_SHA384_HMAC);
-
- if ((rv != CKR_OK) ||
- (memcmp(hmac_computed, known_sha384_hmac,
- SHA384_DIGEST_LENGTH) != 0))
- return (CKR_DEVICE_ERROR);
-
-#endif
-
- /* HMAC SHA-512 POST */
-
-#ifdef _KERNEL
- sha2_hmac_ctx = fips_sha2_hmac_build_context(
- SHA512_TYPE,
- sha512_hmac_known_secret_key,
- sha512_hmac_known_secret_key_length);
-
- if (sha2_hmac_ctx == NULL)
- return (CKR_HOST_MEMORY);
-
- fips_hmac_sha2_hash(sha2_hmac_ctx,
- sha512_hmac_known_hash_message,
- sizeof (sha512_hmac_known_hash_message),
- hmac_computed,
- SHA512_TYPE);
-
- if (memcmp(hmac_computed, known_sha512_hmac,
- SHA512_DIGEST_LENGTH) != 0)
- return (CKR_DEVICE_ERROR);
-
-#else
- rv = fips_hmac_sha2_hash(hmac_computed,
- sha512_hmac_known_secret_key,
- sha512_hmac_known_secret_key_length,
- sha512_hmac_known_hash_message,
- sizeof (sha512_hmac_known_hash_message),
- CKM_SHA512_HMAC);
-
- if ((rv != CKR_OK) ||
- (memcmp(hmac_computed, known_sha512_hmac,
- SHA512_DIGEST_LENGTH) != 0))
- return (CKR_DEVICE_ERROR);
-
-#endif
-
- return (CKR_OK);
-}
diff --git a/usr/src/common/crypto/fips/fips_test_vectors.c b/usr/src/common/crypto/fips/fips_test_vectors.c
deleted file mode 100644
index ef833cb392..0000000000
--- a/usr/src/common/crypto/fips/fips_test_vectors.c
+++ /dev/null
@@ -1,1594 +0,0 @@
-/*
- * CDDL HEADER START
- *
- * The contents of this file are subject to the terms of the
- * Common Development and Distribution License (the "License").
- * You may not use this file except in compliance with the License.
- *
- * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
- * or http://www.opensolaris.org/os/licensing.
- * See the License for the specific language governing permissions
- * and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL HEADER in each
- * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
- * If applicable, add the following below this CDDL HEADER, with the
- * fields enclosed by brackets "[]" replaced with your own identifying
- * information: Portions Copyright [yyyy] [name of copyright owner]
- *
- * CDDL HEADER END
- */
-
-/*
- * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
- */
-
-#include <sys/types.h>
-
-/*
- * AES ECB/CBC test vectors
- */
-
-/* AES Known Key (up to 256-bits). */
-uint8_t aes_known_key[] = {
- 'A', 'E', 'S', '-', '1', '2', '8', ' ',
- 'R', 'I', 'J', 'N', 'D', 'A', 'E', 'L',
- 'L', 'E', 'A', 'D', 'N', 'J', 'I', 'R',
- ' ', '8', '2', '1', '-', 'S', 'E', 'A'
-};
-
-/* AES-CBC Known Initialization Vector (128-bits). */
-uint8_t aes_cbc_known_initialization_vector[] = {
- 'S', 'e', 'c', 'u', 'r', 'i', 't', 'y',
- 'y', 't', 'i', 'r', 'u', 'c', 'e', 'S'
-};
-
-/* AES Known Plaintext (128-bits). (blocksize is 128-bits) */
-uint8_t aes_known_plaintext[] = {
- 'S', 'u', 'n', ' ', 'O', 'p', 'e', 'n',
- ' ', 'S', 'o', 'l', 'a', 'r', 'i', 's'
-};
-
-/* AES Known Ciphertext (128-bit key). */
-uint8_t aes_ecb128_known_ciphertext[] = {
- 0xcc, 0xd1, 0xd0, 0xf3, 0xfd, 0x44, 0xb1, 0x4d,
- 0xfe, 0x33, 0x20, 0x72, 0x3c, 0xf3, 0x4d, 0x27
-};
-
-uint8_t aes_cbc128_known_ciphertext[] = {
- 0x59, 0x34, 0x55, 0xd1, 0x89, 0x9b, 0xf4, 0xa5,
- 0x16, 0x2c, 0x4c, 0x14, 0xd3, 0xe2, 0xe5, 0xed
-};
-
-/* AES Known Ciphertext (192-bit key). */
-uint8_t aes_ecb192_known_ciphertext[] = {
- 0xa3, 0x78, 0x10, 0x44, 0xd8, 0xee, 0x8a, 0x98,
- 0x41, 0xa4, 0xeb, 0x96, 0x57, 0xd8, 0xa0, 0xc5
-};
-
-uint8_t aes_cbc192_known_ciphertext[] = {
- 0x22, 0x9c, 0x68, 0xc6, 0x86, 0x68, 0xcc, 0x6a,
- 0x56, 0x2c, 0xb8, 0xe0, 0x16, 0x4e, 0x8b, 0x78
-};
-
-/* AES Known Ciphertext (256-bit key). */
-uint8_t aes_ecb256_known_ciphertext[] = {
- 0xe4, 0x65, 0x92, 0x7f, 0xd0, 0xdd, 0x59, 0x49,
- 0x79, 0xc3, 0xac, 0x96, 0x30, 0xad, 0x32, 0x52
-};
-
-uint8_t aes_cbc256_known_ciphertext[] = {
- 0xd9, 0x44, 0x43, 0xe8, 0xdb, 0x60, 0x6b, 0xde,
- 0xc2, 0x84, 0xbf, 0xb9, 0xaf, 0x43, 0x3f, 0x51
-};
-
-/* AES-CTR Known Key (128-bits). */
-uint8_t aes_ctr128_known_key[] = {
- 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
- 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
-};
-
-/* AES-CTR Known Key (192-bits). */
-uint8_t aes_ctr192_known_key[] = {
- 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
- 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
- 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b
-};
-
-/* AES-CTR Known Key (256-bits). */
-uint8_t aes_ctr256_known_key[] = {
- 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
- 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
- 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
- 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
-};
-
-/* AES-CTR Known Initialization Counter (128-bits). */
-uint8_t aes_ctr_known_counter[] = {
- 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
- 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
-};
-
-/* AES-CTR Known Plaintext (128-bits). */
-uint8_t aes_ctr_known_plaintext[] = {
- 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
- 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
-};
-
-/* AES-CTR Known Ciphertext. */
-uint8_t aes_ctr128_known_ciphertext[] = {
- 0x87, 0x4d, 0x61, 0x91, 0xb6, 0x20, 0xe3, 0x26,
- 0x1b, 0xef, 0x68, 0x64, 0x99, 0x0d, 0xb6, 0xce
-};
-
-uint8_t aes_ctr192_known_ciphertext[] = {
- 0x1a, 0xbc, 0x93, 0x24, 0x17, 0x52, 0x1c, 0xa2,
- 0x4f, 0x2b, 0x04, 0x59, 0xfe, 0x7e, 0x6e, 0x0b
-};
-
-uint8_t aes_ctr256_known_ciphertext[] = {
- 0x60, 0x1e, 0xc3, 0x13, 0x77, 0x57, 0x89, 0xa5,
- 0xb7, 0xa7, 0xf5, 0x04, 0xbb, 0xf3, 0xd2, 0x28
-};
-
-/* AES-CCM Known Key (128-bits). */
-uint8_t aes_ccm128_known_key[] = {
- 0x06, 0xfd, 0xf0, 0x83, 0xb5, 0xcb, 0x3b, 0xc7,
- 0xc0, 0x6d, 0x4d, 0xe5, 0xa6, 0x34, 0xc6, 0x50
-};
-
-/* AES-CCM Known Key (192-bits). */
-uint8_t aes_ccm192_known_key[] = {
- 0xde, 0x91, 0x08, 0x63, 0xbe, 0x59, 0xb8, 0x7a,
- 0x45, 0x9b, 0xa6, 0xce, 0x2d, 0x7e, 0x71, 0x56,
- 0x1c, 0x5c, 0x15, 0xea, 0x1b, 0x6b, 0x05, 0x06
-};
-
-/* AES-CCM Known Key (256-bits). */
-uint8_t aes_ccm256_known_key[] = {
- 0x84, 0x9c, 0x1d, 0xeb, 0x80, 0xf8, 0x5b, 0x7d,
- 0x25, 0x33, 0x64, 0x75, 0x4b, 0xdc, 0x5d, 0xf0,
- 0xe8, 0x1c, 0x98, 0x8a, 0x78, 0x8f, 0x15, 0xd1,
- 0xa2, 0x52, 0x49, 0xfa, 0x18, 0x5e, 0x1f, 0xd3
-};
-
-/* AES-CCM Known Nonce Nlen = 7 bytes (for 128-bits key). */
-uint8_t aes_ccm128_known_nonce[] = {
- 0xfd, 0xe2, 0xd5, 0x4c, 0x65, 0x4e, 0xe4
-};
-
-/* AES-CCM Known Nonce Nlen = 7 bytes (192-bits). */
-uint8_t aes_ccm192_known_nonce[] = {
- 0xcf, 0xb3, 0x48, 0xfa, 0x04, 0x36, 0xa2
-};
-
-/* AES-CCM Known Nonce Nlen = 7 bytes (256-bits). */
-uint8_t aes_ccm256_known_nonce[] = {
- 0x75, 0xa5, 0x5b, 0x58, 0x33, 0x9d, 0x1c
-};
-
-/* AES-CCM Known Adata Alen = 30 bytes (128-bits). */
-uint8_t aes_ccm128_known_adata[] = {
- 0xe0, 0xdf, 0xfc, 0x4c, 0x92, 0x90, 0xd8, 0x28,
- 0xef, 0xe7, 0xc6, 0xbe, 0x4a, 0xbc, 0xd1, 0x3e,
- 0x23, 0x61, 0x92, 0x2f, 0xfa, 0x27, 0xa4, 0x0e,
- 0x61, 0x24, 0x58, 0x38, 0x55, 0x33
-};
-
-/* AES-CCM Known Adata Alen = 30 bytes (192-bits). */
-uint8_t aes_ccm192_known_adata[] = {
- 0x4c, 0x5b, 0x4f, 0xfe, 0x80, 0xba, 0x7a, 0xe5,
- 0xd3, 0xe8, 0xbc, 0xf6, 0x55, 0x83, 0xcf, 0x58,
- 0xa2, 0x82, 0x59, 0x65, 0xba, 0xbd, 0x63, 0x53,
- 0x0c, 0xb0, 0x0c, 0x14, 0xd4, 0x7b
-};
-
-/* AES-CCM Known Adata Alen = 30 bytes (256-bits). */
-uint8_t aes_ccm256_known_adata[] = {
- 0x27, 0xb7, 0xec, 0x91, 0x08, 0xe1, 0x4d, 0x12,
- 0xd3, 0xd3, 0xb8, 0x49, 0x09, 0xde, 0xd0, 0x9a,
- 0x8f, 0x23, 0xbf, 0xd6, 0x02, 0x9b, 0x2a, 0x5e,
- 0x4a, 0x5a, 0x63, 0x8c, 0x72, 0x14
-};
-/* AES-CCM Known Payload Plen = 32 bytes (128-bits). */
-uint8_t aes_ccm128_known_plaintext[] = {
- 0x77, 0xca, 0xdf, 0xa5, 0xb1, 0x23, 0xfe, 0x07,
- 0x8d, 0xca, 0x94, 0xe2, 0x66, 0x3f, 0x73, 0xd0,
- 0x3f, 0x0b, 0x4d, 0xc8, 0x05, 0xf6, 0x1c, 0xef,
- 0x13, 0x79, 0xc0, 0xb1, 0xfc, 0x76, 0xea, 0x11
-};
-
-/* AES-CCM Known Payload Plen = 32 bytes (192-bits). */
-uint8_t aes_ccm192_known_plaintext[] = {
- 0xf9, 0x8a, 0x58, 0x59, 0x44, 0x2d, 0x2a, 0xf9,
- 0x65, 0x03, 0x36, 0x6d, 0x8a, 0x58, 0x29, 0xf9,
- 0xef, 0x47, 0x44, 0x30, 0xf4, 0x7e, 0x0d, 0xcd,
- 0x73, 0x41, 0x45, 0xdf, 0x50, 0xb2, 0x1b, 0x29
-};
-
-/* AES-CCM Known Payload Plen = 32 bytes (256-bits). */
-uint8_t aes_ccm256_known_plaintext[] = {
- 0x25, 0x28, 0x3f, 0x05, 0x41, 0xd6, 0x66, 0x3b,
- 0xdb, 0x8f, 0xe9, 0xe7, 0x7b, 0x06, 0xc0, 0xee,
- 0xfe, 0xf6, 0xc9, 0x8b, 0x45, 0x08, 0x18, 0x4e,
- 0x2e, 0xf7, 0x8e, 0x64, 0xc3, 0xf2, 0xad, 0x18
-};
-
-/*
- * AES-CCM Known Ciphertext
- * Clen = 32 bytes + Tlen = 16 bytes (128-bits).
- */
-uint8_t aes_ccm128_known_ciphertext[] = {
- 0x33, 0x50, 0x58, 0xbb, 0x5f, 0x13, 0x8d, 0xc9,
- 0x5b, 0x2c, 0xa4, 0x50, 0x1d, 0x7f, 0xd4, 0xa5,
- 0xb9, 0xb8, 0x71, 0x83, 0x8f, 0x82, 0x27, 0x5f,
- 0x75, 0x3e, 0x30, 0xf9, 0x9d, 0xad, 0xc2, 0xe9,
- 0x66, 0x93, 0x56, 0x98, 0x01, 0x1e, 0x3c, 0x11,
- 0x74, 0xdb, 0x9b, 0xca, 0xce, 0x0f, 0xc3, 0x35
-};
-
-/*
- * AES-CCM Known Ciphertext
- * Clen = 32 bytes + Tlen = 16 bytes (192-bits).
- */
-uint8_t aes_ccm192_known_ciphertext[] = {
- 0xa7, 0x40, 0xd0, 0x25, 0xbd, 0x3e, 0x8f, 0xd5,
- 0x28, 0x3e, 0xee, 0xaa, 0xf9, 0xa7, 0xfc, 0xf2,
- 0x33, 0xf6, 0x69, 0xb8, 0xdc, 0x9c, 0x74, 0xb1,
- 0x46, 0xf4, 0xd6, 0xcc, 0x0a, 0x16, 0x12, 0x0c,
- 0x7c, 0x3c, 0x43, 0x76, 0x94, 0xf6, 0x9a, 0x14,
- 0xa0, 0xfb, 0xab, 0x9c, 0x2c, 0xd3, 0x5c, 0x09
-};
-
-/*
- * AES-CCM Known Ciphertext
- * Clen = 32 bytes + Tlen = 16 bytes (256-bits).
- */
-uint8_t aes_ccm256_known_ciphertext[] = {
- 0xf6, 0x4d, 0x24, 0x69, 0x0e, 0xde, 0xc9, 0xc0,
- 0x1e, 0x42, 0xc0, 0x78, 0x29, 0xcf, 0xdb, 0xfe,
- 0xab, 0x52, 0x9a, 0xb1, 0x07, 0xe4, 0xac, 0xdf,
- 0x48, 0x46, 0x46, 0xc1, 0xe2, 0xb2, 0x0f, 0x36,
- 0x5f, 0xeb, 0x44, 0xcf, 0xa8, 0x80, 0x80, 0x23,
- 0xc9, 0xee, 0xc7, 0x56, 0x24, 0x63, 0x6e, 0x7e
-};
-
-/* AES-GCM Known Key (128-bits). */
-uint8_t aes_gcm128_known_key[] = {
- 0x7d, 0xf9, 0x9c, 0xdf, 0x7d, 0x00, 0xd9, 0xea,
- 0xd3, 0x85, 0x17, 0x1b, 0x29, 0xae, 0xcf, 0xbc
-};
-
-/* AES-GCM Known Key (192-bits). */
-uint8_t aes_gcm192_known_key[] = {
- 0x85, 0xf4, 0x34, 0x7a, 0xf5, 0x98, 0x1e, 0xd9,
- 0x89, 0x85, 0x98, 0x1a, 0x53, 0xfc, 0xc5, 0xbf,
- 0x53, 0x6c, 0x91, 0x4b, 0x18, 0x3c, 0xe8, 0x12
-};
-
-/* AES-GCM Known Key (256-bits). */
-uint8_t aes_gcm256_known_key[] = {
- 0xee, 0xbc, 0x1f, 0x57, 0x48, 0x7f, 0x51, 0x92,
- 0x1c, 0x04, 0x65, 0x66, 0x5f, 0x8a, 0xe6, 0xd1,
- 0x65, 0x8b, 0xb2, 0x6d, 0xe6, 0xf8, 0xa0, 0x69,
- 0xa3, 0x52, 0x02, 0x93, 0xa5, 0x72, 0x07, 0x8f
-};
-
-/* AES-GCM Known Initialization Vector (128-bits). */
-uint8_t aes_gcm128_known_iv[] = {
- 0x27, 0x4c, 0x4e, 0xae, 0xfe, 0xef, 0xae, 0x26,
- 0x80, 0xb0, 0xef, 0xd5
-};
-
-/* AES-GCM Known Initialization Vector (192-bits). */
-uint8_t aes_gcm192_known_iv[] = {
- 0xd4, 0xfb, 0x33, 0xc6, 0x51, 0xc8, 0x86, 0xff,
- 0x28, 0x80, 0xef, 0x96
-};
-
-/* AES-GCM Known Initialization Vector (256-bits). */
-uint8_t aes_gcm256_known_iv[] = {
- 0x99, 0xaa, 0x3e, 0x68, 0xed, 0x81, 0x73, 0xa0,
- 0xee, 0xd0, 0x66, 0x84
-};
-
-/* AES-GCM Known AAD Alen = 16 bytes (128-bits). */
-uint8_t aes_gcm128_known_adata[] = {
- 0x60, 0xe8, 0xb0, 0x37, 0xec, 0xdf, 0x4d, 0x82,
- 0x8c, 0x83, 0x0d, 0xcf, 0xc5, 0xce, 0xd4, 0x9c
-};
-
-/* AES-GCM Known AAD Alen = 16 bytes (192-bits). */
-uint8_t aes_gcm192_known_adata[] = {
- 0x44, 0x3a, 0xdf, 0xad, 0xbb, 0x29, 0xd6, 0x8c,
- 0x55, 0xe2, 0x02, 0x2d, 0xca, 0x62, 0x9b, 0x51
-};
-
-/* AES-GCM Known AAD Alen = 16 bytes (256-bits). */
-uint8_t aes_gcm256_known_adata[] = {
- 0x4d, 0x23, 0xc3, 0xce, 0xc3, 0x34, 0xb4, 0x9b,
- 0xdb, 0x37, 0x0c, 0x43, 0x7f, 0xec, 0x78, 0xde
-};
-
-/* AES-GCM Known Payload Plen = 16 bytes (128-bits). */
-uint8_t aes_gcm128_known_plaintext[] = {
- 0x99, 0x66, 0x7d, 0xc9, 0x62, 0xb3, 0x9f, 0x14,
- 0x8c, 0xdd, 0xfe, 0x68, 0xf9, 0x0a, 0x43, 0xf9
-};
-/* AES-GCM Known Payload Plen = 16 bytes (192-bits). */
-uint8_t aes_gcm192_known_plaintext[] = {
- 0x7f, 0x9c, 0x08, 0x1d, 0x6a, 0xcc, 0xa8, 0xab,
- 0x71, 0x75, 0xcb, 0xd0, 0x49, 0x42, 0xba, 0xad
-};
-/* AES-GCM Known Payload Plen = 16 bytes (256-bits). */
-uint8_t aes_gcm256_known_plaintext[] = {
- 0xf5, 0x6e, 0x87, 0x05, 0x5b, 0xc3, 0x2d, 0x0e,
- 0xeb, 0x31, 0xb2, 0xea, 0xcc, 0x2b, 0xf2, 0xa5
-};
-
-/* AES-GCM Known Ciphertext Clen = 16 bytes (128-bits) + tag */
-uint8_t aes_gcm128_known_ciphertext[] = {
- 0x2b, 0x5f, 0x57, 0xf2, 0x62, 0x27, 0xe0, 0x94,
- 0xe7, 0xf8, 0x01, 0x23, 0xf9, 0xed, 0xbd, 0xe8,
- 0x16, 0xee, 0x08, 0xb4, 0xd8, 0x07, 0xe5, 0xdb,
- 0xd5, 0x70, 0x3c, 0xb3, 0xcf, 0x53, 0x8c, 0x14
-};
-
-/* AES-GCM Known Ciphertext Clen = 16 bytes (192-bits) + tag */
-uint8_t aes_gcm192_known_ciphertext[] = {
- 0xdd, 0x7e, 0x7e, 0x45, 0x5b, 0x21, 0xd8, 0x84,
- 0x3d, 0x7b, 0xc3, 0x1f, 0x21, 0x07, 0xf9, 0x55,
- 0x9f, 0x0e, 0x8d, 0xe2, 0x6d, 0xb4, 0x95, 0xf5,
- 0x91, 0x1f, 0xb6, 0x0c, 0xf5, 0xf2, 0x3a, 0xf9
-};
-
-/* AES-GCM Known Ciphertext Clen = 16 bytes (256-bits)+ tag */
-uint8_t aes_gcm256_known_ciphertext[] = {
- 0xf7, 0x26, 0x44, 0x13, 0xa8, 0x4c, 0x0e, 0x7c,
- 0xd5, 0x36, 0x86, 0x7e, 0xb9, 0xf2, 0x17, 0x36,
- 0x67, 0xba, 0x05, 0x10, 0x26, 0x2a, 0xe4, 0x87,
- 0xd7, 0x37, 0xee, 0x62, 0x98, 0xf7, 0x7e, 0x0c
-};
-
-/*
- * Source: NIST gcmEncryptExtIV128.txt
- * Count = 0, [Keylen = 128], [IVlen = 96], [PTlen = 0],
- * [AADlen = 128], [Taglen = 128]
- *
- * Source: NIST gcmEncryptExtIV192.txt
- * Count = 0, [Keylen = 192], [IVlen = 96], [PTlen = 0],
- * [AADlen = 128], [Taglen = 128]
- *
- * Source: NIST gcmEncryptExtIV256.txt
- * Count = 0, [Keylen = 256], [IVlen = 96], [PTlen = 0],
- * [AADlen = 128], [Taglen = 128]
- */
-
-/* AES-GMAC Known Key (128-bits). */
-uint8_t aes_gmac128_known_key[] = {
- 0x7d, 0x70, 0xd2, 0x32, 0x48, 0xc4, 0x7e, 0xb3,
- 0xd2, 0x73, 0xdf, 0x81, 0xed, 0x30, 0x24, 0xbd
-};
-
-/* AES-GMAC Known Key (192-bits). */
-uint8_t aes_gmac192_known_key[] = {
- 0x03, 0x60, 0x22, 0xfe, 0x26, 0x9a, 0xdc, 0xad,
- 0xb5, 0x73, 0x11, 0xa4, 0xa0, 0xed, 0x2a, 0x84,
- 0x18, 0x34, 0xb8, 0xb6, 0xd8, 0xa0, 0x7f, 0x41
-};
-
-/* AES-GMAC Known Key (256-bits). */
-uint8_t aes_gmac256_known_key[] = {
- 0xbb, 0x10, 0x10, 0x06, 0x4f, 0xb8, 0x35, 0x23,
- 0xea, 0x9d, 0xf3, 0x2b, 0xad, 0x9f, 0x1f, 0x2a,
- 0x4f, 0xce, 0xfc, 0x0f, 0x21, 0x07, 0xc0, 0xaa,
- 0xba, 0xd9, 0xb7, 0x56, 0xd8, 0x09, 0x21, 0x9d
-};
-
-/* AES-GMAC Known Initialization Vector (128-bits). */
-uint8_t aes_gmac128_known_iv[] = {
- 0xab, 0x53, 0x23, 0x33, 0xd6, 0x76, 0x51, 0x20,
- 0x8b, 0x8c, 0x34, 0x85
-};
-
-/* AES-GMAC Known Initialization Vector (192-bits). */
-uint8_t aes_gmac192_known_iv[] = {
- 0x85, 0x65, 0xb2, 0x15, 0x3a, 0x3f, 0x34, 0x9a,
- 0x07, 0x31, 0x06, 0x79
-};
-
-/* AES-GMAC Known Initialization Vector (256-bits). */
-uint8_t aes_gmac256_known_iv[] = {
- 0x2f, 0x9a, 0xd0, 0x12, 0xad, 0xfc, 0x12, 0x73,
- 0x43, 0xfb, 0xe0, 0x56
-};
-
-/* AES-GMAC Known Tag (128-bits). */
-uint8_t aes_gmac128_known_tag[] = {
- 0xcf, 0x89, 0x50, 0xa3, 0x10, 0xf5, 0xab, 0x8b,
- 0x69, 0xd5, 0x00, 0x11, 0x1a, 0x44, 0xb0, 0x96
-};
-
-/* AES-GMAC Known Tag (192-bits). */
-uint8_t aes_gmac192_known_tag[] = {
- 0x90, 0x21, 0xaf, 0x4c, 0xa0, 0x8d, 0x01, 0xef,
- 0x82, 0x5a, 0x42, 0xf9, 0xbe, 0x3a, 0xb3, 0xe9
-};
-
-/* AES-GMAC Known Tag (256-bits). */
-uint8_t aes_gmac256_known_tag[] = {
- 0xef, 0x06, 0xd5, 0x4d, 0xfd, 0x00, 0x02, 0x1d,
- 0x75, 0x27, 0xdf, 0xf2, 0x6f, 0xc9, 0xd4, 0x84
-};
-
-/* AES-GMAC Known AAD Alen = 16 bytes (128-bits). */
-uint8_t aes_gmac128_known_adata[] = {
- 0x7d, 0x1d, 0x42, 0xe8, 0x94, 0x60, 0xe9, 0x44,
- 0xbf, 0xa4, 0x83, 0xdb, 0xe6, 0x92, 0xf0, 0x8d
-};
-
-/* AES-GMAC Known AAD Alen = 16 bytes (192-bits). */
-uint8_t aes_gmac192_known_adata[] = {
- 0xad, 0xcf, 0x4f, 0xbb, 0xa0, 0xe0, 0x6a, 0x63,
- 0x70, 0x71, 0x1a, 0x57, 0xf8, 0xdc, 0xd0, 0xc9
-};
-
-/* AES-GMAC Known AAD Alen = 16 bytes (256-bits). */
-uint8_t aes_gmac256_known_adata[] = {
- 0xdb, 0x98, 0xd9, 0x0d, 0x1b, 0x69, 0x5c, 0xdb,
- 0x74, 0x7a, 0x34, 0x3f, 0xbb, 0xc9, 0xf1, 0x41
-};
-
-/* DES3 Known Key. */
-uint8_t des3_known_key[] = {
- 'A', 'N', 'S', 'I', ' ', 'T', 'r', 'i',
- 'p', 'l', 'e', '-', 'D', 'E', 'S', ' ',
- 'K', 'e', 'y', ' ', 'D', 'a', 't', 'a'
-};
-
-/* DES3-CBC Known Initialization Vector (64-bits). */
-uint8_t des3_cbc_known_iv[] = {
- 'S', 'e', 'c', 'u', 'r', 'i', 't', 'y'
-};
-
-/* DES3 Known Plaintext (64-bits). */
-uint8_t des3_ecb_known_plaintext[] = {
- 'S', 'o', 'l', 'a', 'r', 'i', 's', '!'
-};
-uint8_t des3_cbc_known_plaintext[] = {
- 'S', 'o', 'l', 'a', 'r', 'i', 's', '!'
-};
-
-/* DES3 Known Ciphertext (64-bits). */
-uint8_t des3_ecb_known_ciphertext[] = {
- 0x17, 0x0d, 0x1f, 0x13, 0xd3, 0xa0, 0x3a, 0x63
-};
-
-uint8_t des3_cbc_known_ciphertext[] = {
- 0x7f, 0x62, 0x44, 0xb3, 0xf8, 0x77, 0xf8, 0xf8
-};
-
-
-
-/*
- * SHA-1 Known Hash Message
- * Source from NIST SHA1ShortMsg (L = 512-bits).
- */
-uint8_t sha1_known_hash_message[] = {
- 0x7e, 0x3a, 0x4c, 0x32, 0x5c, 0xb9, 0xc5, 0x2b,
- 0x88, 0x38, 0x7f, 0x93, 0xd0, 0x1a, 0xe8, 0x6d,
- 0x42, 0x09, 0x8f, 0x5e, 0xfa, 0x7f, 0x94, 0x57,
- 0x38, 0x8b, 0x5e, 0x74, 0xb6, 0xd2, 0x8b, 0x24,
- 0x38, 0xd4, 0x2d, 0x8b, 0x64, 0x70, 0x33, 0x24,
- 0xd4, 0xaa, 0x25, 0xab, 0x6a, 0xad, 0x15, 0x3a,
- 0xe3, 0x0c, 0xd2, 0xb2, 0xaf, 0x4d, 0x5e, 0x5c,
- 0x00, 0xa8, 0xa2, 0xd0, 0x22, 0x0c, 0x61, 0x16
-};
-
-/* SHA-1 Known Digest Message (160-bits). */
-uint8_t sha1_known_digest[] = {
- 0xa3, 0x05, 0x44, 0x27, 0xcd, 0xb1, 0x3f, 0x16,
- 0x4a, 0x61, 0x0b, 0x34, 0x87, 0x02, 0x72, 0x4c,
- 0x80, 0x8a, 0x0d, 0xcc
-};
-
-/* Source from NIST HMAC.txt Count = 0 */
-uint8_t HMAC_known_secret_key[] = {
- 0x7b, 0x10, 0xf4, 0x12, 0x4b, 0x15, 0xc8, 0x2e
-};
-
-/* known SHA1 hmac - truncated (10 bytes) */
-uint8_t known_SHA1_hmac[] = {
- 0x4e, 0xad, 0x12, 0xc2, 0xfe, 0x3d, 0x6e, 0xa4,
- 0x3a, 0xcb
-};
-
-uint8_t hmac_sha1_known_hash_message[] = {
- 0x27, 0xdc, 0xb5, 0xb1, 0xda, 0xf6, 0x0c, 0xfd,
- 0x3e, 0x2f, 0x73, 0xd4, 0xd6, 0x4c, 0xa9, 0xc6,
- 0x84, 0xf8, 0xbf, 0x71, 0xfc, 0x68, 0x2a, 0x46,
- 0x79, 0x3b, 0x17, 0x90, 0xaf, 0xa4, 0xfe, 0xb1,
- 0x00, 0xca, 0x7a, 0xaf, 0xf2, 0x6f, 0x58, 0xf0,
- 0xe1, 0xd0, 0xed, 0x42, 0xf1, 0xcd, 0xad, 0x1f,
- 0x47, 0x4a, 0xfa, 0x2e, 0x79, 0xd5, 0x3a, 0x0c,
- 0x42, 0x89, 0x2c, 0x4d, 0x7b, 0x32, 0x7c, 0xbe,
- 0x46, 0xb2, 0x95, 0xed, 0x8d, 0xa3, 0xb6, 0xec,
- 0xab, 0x3d, 0x48, 0x51, 0x68, 0x7a, 0x6f, 0x81,
- 0x2b, 0x79, 0xdf, 0x2f, 0x6b, 0x20, 0xf1, 0x1f,
- 0x67, 0x06, 0xf5, 0x30, 0x17, 0x90, 0xca, 0x99,
- 0x62, 0x5a, 0xad, 0x73, 0x91, 0xd8, 0x4f, 0x78,
- 0x04, 0x3d, 0x2a, 0x0a, 0x23, 0x9b, 0x14, 0x77,
- 0x98, 0x4c, 0x15, 0x7b, 0xbc, 0x92, 0x76, 0x06,
- 0x4e, 0x7a, 0x1a, 0x40, 0x6b, 0x06, 0x12, 0xca
-};
-
-/*
- * SHA-1 HMAC Known MAC (Case 2)
- * Source from FIPS PUB 198 (A.2)
- */
-uint8_t sha1_hmac_known_secret_key_2[] = {
- 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
- 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
- 0x40, 0x41, 0x42, 0x43
-};
-
-uint8_t sha1_hmac_known_hash_message_2[] = {
- 'S', 'a', 'm', 'p', 'l', 'e', ' ', '#', '2'
-};
-
-uint8_t sha1_known_hmac_2[] = {
- 0x09, 0x22, 0xd3, 0x40, 0x5f, 0xaa, 0x3d, 0x19,
- 0x4f, 0x82, 0xa4, 0x58, 0x30, 0x73, 0x7d, 0x5c,
- 0xc6, 0xc7, 0x5d, 0x24
-};
-
-/*
- * SHA-256 Known Hash Message (512-bits).
- * Source from NIST SHA256ShortMsg (Len = 512)
- */
-uint8_t sha256_known_hash_message[] = {
- 0x35, 0x92, 0xec, 0xfd, 0x1e, 0xac, 0x61, 0x8f,
- 0xd3, 0x90, 0xe7, 0xa9, 0xc2, 0x4b, 0x65, 0x65,
- 0x32, 0x50, 0x93, 0x67, 0xc2, 0x1a, 0x0e, 0xac,
- 0x12, 0x12, 0xac, 0x83, 0xc0, 0xb2, 0x0c, 0xd8,
- 0x96, 0xeb, 0x72, 0xb8, 0x01, 0xc4, 0xd2, 0x12,
- 0xc5, 0x45, 0x2b, 0xbb, 0xf0, 0x93, 0x17, 0xb5,
- 0x0c, 0x5c, 0x9f, 0xb1, 0x99, 0x75, 0x53, 0xd2,
- 0xbb, 0xc2, 0x9b, 0xb4, 0x2f, 0x57, 0x48, 0xad
-};
-
-/* known SHA256 Digest Message (32 bytes) */
-uint8_t known_sha256_digest[] = {
- 0x10, 0x5a, 0x60, 0x86, 0x58, 0x30, 0xac, 0x3a,
- 0x37, 0x1d, 0x38, 0x43, 0x32, 0x4d, 0x4b, 0xb5,
- 0xfa, 0x8e, 0xc0, 0xe0, 0x2d, 0xda, 0xa3, 0x89,
- 0xad, 0x8d, 0xa4, 0xf1, 0x02, 0x15, 0xc4, 0x54
-};
-
-/*
- * SHA-384 Known Hash Message (512-bits).
- * Source from NIST SHA384ShortMsg (Len = 512)
- */
-uint8_t sha384_known_hash_message[] = {
- 0x58, 0xbe, 0xab, 0xf9, 0x79, 0xab, 0x35, 0xab,
- 0xba, 0x29, 0x37, 0x6d, 0x5d, 0xc2, 0x27, 0xab,
- 0xb3, 0xd2, 0xff, 0x4d, 0x90, 0x30, 0x49, 0x82,
- 0xfc, 0x10, 0x79, 0xbc, 0x2b, 0x28, 0x80, 0xfc,
- 0xb0, 0x12, 0x9e, 0x4f, 0xed, 0xf2, 0x78, 0x98,
- 0xce, 0x58, 0x6a, 0x91, 0xb7, 0x68, 0x1e, 0x0d,
- 0xba, 0x38, 0x5e, 0x80, 0x0e, 0x79, 0x26, 0xc0,
- 0xbc, 0x5a, 0xfe, 0x0d, 0x9c, 0xa9, 0x86, 0x50
-};
-
-/* known SHA384 Digest Message (48 bytes) */
-uint8_t known_sha384_digest[] = {
- 0xa0, 0x88, 0x8e, 0x1c, 0x4d, 0x7e, 0x80, 0xcb,
- 0xaa, 0xaf, 0xa8, 0xbb, 0x1c, 0xa1, 0xca, 0x91,
- 0x2a, 0x93, 0x21, 0x75, 0xc2, 0xef, 0x98, 0x2c,
- 0xe1, 0xf1, 0x23, 0xa8, 0xc1, 0xae, 0xe9, 0x63,
- 0x5a, 0xd7, 0x5b, 0xe5, 0x25, 0x90, 0xa9, 0x24,
- 0xbe, 0xd3, 0xf5, 0xec, 0x36, 0xc3, 0x56, 0x90
-};
-
-/*
- * SHA-512 Known Hash Message (512-bits).
- * Source from NIST SHA512ShortMsg (Len = 512)
- */
-uint8_t sha512_known_hash_message[] = {
- 0x09, 0x5c, 0x7f, 0x30, 0x82, 0x4f, 0xc9, 0x28,
- 0x58, 0xcc, 0x93, 0x47, 0xc0, 0x85, 0xd5, 0x78,
- 0x88, 0x5f, 0xf3, 0x61, 0x4d, 0xd3, 0x8e, 0xe7,
- 0xee, 0x94, 0xa0, 0xf4, 0x40, 0x72, 0xc8, 0x77,
- 0x04, 0x7e, 0xe2, 0xad, 0x16, 0x6f, 0xdb, 0xa0,
- 0xe7, 0x44, 0xc3, 0xed, 0x2c, 0x2b, 0x24, 0xc9,
- 0xd8, 0xa2, 0x93, 0x46, 0x48, 0xdc, 0x84, 0xd3,
- 0xbe, 0x66, 0x63, 0x02, 0x11, 0x0a, 0xe0, 0x8f
-};
-
-/* known SHA512 Digest Message (64 bytes) */
-uint8_t known_sha512_digest[] = {
- 0xd5, 0xcd, 0xaf, 0x83, 0xbb, 0x4a, 0x27, 0xea,
- 0xad, 0x8d, 0x8f, 0x18, 0xe4, 0xbe, 0xe9, 0xc2,
- 0x5b, 0xe9, 0x49, 0xa7, 0x61, 0xa0, 0xfd, 0x0f,
- 0xb2, 0x28, 0x4c, 0xab, 0x14, 0x3c, 0xad, 0x60,
- 0xbe, 0xb5, 0x68, 0x87, 0x34, 0xb2, 0xf8, 0x1e,
- 0x9e, 0x2d, 0x64, 0x0b, 0x42, 0x5f, 0xd3, 0x2c,
- 0xcb, 0x3d, 0x20, 0xd0, 0x2d, 0x63, 0xc2, 0xc9,
- 0x4c, 0x03, 0xab, 0x3d, 0x9e, 0x7d, 0x9b, 0x4a
-};
-
-/* SHA-2 HMAC Test Vectors */
-
-/*
- * SHA-256 HMAC Known Hash Message (512-bits).
- * (Not used by HW provider because of the key size limitation
- */
-uint8_t sha256_hmac_known_hash_message[] = {
- 0x54, 0x68, 0x65, 0x20, 0x74, 0x65, 0x73, 0x74,
- 0x20, 0x6D, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65,
- 0x20, 0x66, 0x6F, 0x72, 0x20, 0x74, 0x68, 0x65,
- 0x20, 0x4D, 0x44, 0x32, 0x2C, 0x20, 0x4D, 0x44,
- 0x35, 0x2C, 0x20, 0x61, 0x6E, 0x64, 0x20, 0x53,
- 0x48, 0x41, 0x2D, 0x31, 0x20, 0x68, 0x61, 0x73,
- 0x68, 0x69, 0x6E, 0x67, 0x20, 0x61, 0x6C, 0x67,
- 0x6F, 0x72, 0x69, 0x74, 0x68, 0x6D, 0x73, 0x2E
-};
-
-uint8_t sha256_hmac_known_secret_key[] = {
- 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
- 0x74, 0x68, 0x65, 0x20, 0x53, 0x48, 0x41, 0x2D,
- 0x32, 0x35, 0x36, 0x20, 0x48, 0x4D, 0x41, 0x43,
- 0x20, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x20,
- 0x6B, 0x65, 0x79, 0x21
-};
-
-/* known SHA256 hmac (32 bytes) */
-uint8_t known_sha256_hmac[] = {
- 0x02, 0x87, 0x21, 0x93, 0x84, 0x8a, 0x35, 0xae,
- 0xdb, 0xb6, 0x79, 0x26, 0x96, 0xf0, 0x50, 0xeb,
- 0x33, 0x49, 0x57, 0xf1, 0xb2, 0x32, 0xd3, 0x63,
- 0x03, 0x65, 0x57, 0xa2, 0xba, 0xa2, 0x5f, 0x35
-};
-
-/*
- * SHA-256 HMAC Known Hash Message from RFC 4231
- * Test Case 2 and 4
- */
-uint8_t sha256_hmac_known_hash_message_1[] = {
- 0x77, 0x68, 0x61, 0x74, 0x20, 0x64, 0x6f, 0x20,
- 0x79, 0x61, 0x20, 0x77, 0x61, 0x6e, 0x74, 0x20,
- 0x66, 0x6f, 0x72, 0x20, 0x6e, 0x6f, 0x74, 0x68,
- 0x69, 0x6e, 0x67, 0x3f
-};
-uint8_t sha256_hmac_known_secret_key_1[] = {
- 0x4a, 0x65, 0x66, 0x65
-};
-uint8_t sha256_known_hmac_1[] = {
- 0x5b, 0xdc, 0xc1, 0x46, 0xbf, 0x60, 0x75, 0x4e,
- 0x6a, 0x04, 0x24, 0x26, 0x08, 0x95, 0x75, 0xc7,
- 0x5a, 0x00, 0x3f, 0x08, 0x9d, 0x27, 0x39, 0x83,
- 0x9d, 0xec, 0x58, 0xb9, 0x64, 0xec, 0x38, 0x43
-};
-
-uint8_t sha256_hmac_known_hash_message_2[] = {
- 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
- 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
- 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
- 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
- 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
- 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
- 0xcd, 0xcd
-};
-uint8_t sha256_hmac_known_secret_key_2[] = {
- 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
- 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
- 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
- 0x19
-};
-uint8_t sha256_known_hmac_2[] = {
- 0x82, 0x55, 0x8a, 0x38, 0x9a, 0x44, 0x3c, 0x0e,
- 0xa4, 0xcc, 0x81, 0x98, 0x99, 0xf2, 0x08, 0x3a,
- 0x85, 0xf0, 0xfa, 0xa3, 0xe5, 0x78, 0xf8, 0x07,
- 0x7a, 0x2e, 0x3f, 0xf4, 0x67, 0x29, 0x66, 0x5b
-};
-
-/*
- * SHA-384 HMAC Known Hash Message (512-bits).
- * Source from NIST HMAC.txt (Count = 15, Klen = 16, Tlen = 48)
- */
-uint8_t sha384_hmac_known_secret_key[] = {
- 0x01, 0xac, 0x59, 0xf4, 0x2f, 0x8b, 0xb9, 0x1d,
- 0x1b, 0xd1, 0x0f, 0xe6, 0x99, 0x0d, 0x7a, 0x87
-};
-
-uint8_t sha384_hmac_known_hash_message[] = {
- 0x3c, 0xaf, 0x18, 0xc4, 0x76, 0xed, 0xd5, 0x61,
- 0x5f, 0x34, 0x3a, 0xc7, 0xb7, 0xd3, 0xa9, 0xda,
- 0x9e, 0xfa, 0xde, 0x75, 0x56, 0x72, 0xd5, 0xba,
- 0x4b, 0x8a, 0xe8, 0xa7, 0x50, 0x55, 0x39, 0xea,
- 0x2c, 0x12, 0x4f, 0xf7, 0x55, 0xec, 0x04, 0x57,
- 0xfb, 0xe4, 0x9e, 0x43, 0x48, 0x0b, 0x3c, 0x71,
- 0xe7, 0xf4, 0x74, 0x2e, 0xc3, 0x69, 0x3a, 0xad,
- 0x11, 0x5d, 0x03, 0x9f, 0x90, 0x22, 0x2b, 0x03,
- 0x0f, 0xdc, 0x94, 0x40, 0x31, 0x36, 0x91, 0x71,
- 0x6d, 0x53, 0x02, 0x00, 0x58, 0x08, 0xc0, 0x76,
- 0x27, 0x48, 0x3b, 0x91, 0x6f, 0xdf, 0x61, 0x98,
- 0x30, 0x63, 0xc2, 0xeb, 0x12, 0x68, 0xf2, 0xde,
- 0xee, 0xf4, 0x2f, 0xc7, 0x90, 0x33, 0x44, 0x56,
- 0xbc, 0x6b, 0xad, 0x25, 0x6e, 0x31, 0xfc, 0x90,
- 0x66, 0xde, 0x7c, 0xc7, 0xe4, 0x3d, 0x13, 0x21,
- 0xb1, 0x86, 0x6d, 0xb4, 0x5e, 0x90, 0x56, 0x22
-};
-
-/* known SHA384 hmac (48 bytes) */
-uint8_t known_sha384_hmac[] = {
- 0x19, 0x85, 0xfa, 0x21, 0x63, 0xa5, 0x94, 0x3f,
- 0xc5, 0xd9, 0x2f, 0x1f, 0xe8, 0x83, 0x12, 0x15,
- 0xe7, 0xe9, 0x1f, 0x0b, 0xff, 0x53, 0x32, 0xbc,
- 0x71, 0x3a, 0x07, 0x2b, 0xdb, 0x3a, 0x8f, 0x9e,
- 0x5c, 0x51, 0x57, 0x46, 0x3a, 0x3b, 0xfe, 0xb3,
- 0x62, 0x31, 0x41, 0x6e, 0x65, 0x97, 0x3e, 0x64
-};
-
-/*
- * SHA-512 HMAC Known Hash Message (512-bits).
- * Source from NIST HMAC.txt (Count = 30, Klen = 20, Tlen = 64)
- */
-uint8_t sha512_hmac_known_secret_key[] = {
- 0xa7, 0x36, 0xf2, 0x74, 0xfd, 0xa6, 0x8e, 0x1b,
- 0xd5, 0xf9, 0x47, 0x1e, 0x85, 0xfd, 0x41, 0x5d,
- 0x7f, 0x2b, 0xa1, 0xbc
-};
-
-uint8_t sha512_hmac_known_hash_message[] = {
- 0xa6, 0xcc, 0xc3, 0x55, 0x2c, 0x33, 0xe9, 0x17,
- 0x8b, 0x6b, 0x82, 0xc6, 0x53, 0xd6, 0x3d, 0xe2,
- 0x54, 0x0f, 0x17, 0x08, 0x07, 0xc3, 0xd9, 0x6a,
- 0x2a, 0xc2, 0xe2, 0x7d, 0xab, 0x55, 0x26, 0xf1,
- 0xc7, 0xd3, 0x77, 0xe6, 0x73, 0x6f, 0x04, 0x5d,
- 0xfb, 0x54, 0x1f, 0xec, 0xe9, 0xf4, 0x43, 0xb7,
- 0x28, 0x9c, 0x55, 0x9b, 0x69, 0x4c, 0x2a, 0xac,
- 0xc6, 0xc7, 0x4a, 0xe2, 0xa5, 0xe6, 0xf3, 0x0f,
- 0xe0, 0x31, 0x61, 0x14, 0x23, 0xb0, 0x4d, 0x55,
- 0x95, 0xff, 0xb4, 0x6a, 0xba, 0xa1, 0xd9, 0x18,
- 0x98, 0x96, 0x8d, 0x7f, 0x18, 0x30, 0xae, 0x94,
- 0xb0, 0x22, 0xee, 0xd2, 0x3f, 0xda, 0xd5, 0x2d,
- 0x38, 0x11, 0x0a, 0x48, 0x03, 0xa0, 0xce, 0xe7,
- 0xa0, 0x95, 0xc9, 0xa7, 0x8e, 0x86, 0x09, 0xed,
- 0xeb, 0x25, 0x48, 0x1c, 0xdc, 0x15, 0x6d, 0x0b,
- 0x2f, 0xfc, 0x56, 0xb6, 0x3f, 0xda, 0xd5, 0x33
-};
-
-/* known SHA512 hmac (64 bytes) */
-uint8_t known_sha512_hmac[] = {
- 0xf7, 0x18, 0x03, 0x43, 0x1e, 0x07, 0xa5, 0xa6,
- 0xe5, 0xfd, 0x4a, 0xe4, 0xcf, 0xc2, 0x75, 0x3b,
- 0xc8, 0x0d, 0x26, 0xe1, 0x67, 0x23, 0xd9, 0xe8,
- 0x8b, 0x40, 0x5a, 0x02, 0x34, 0x8e, 0xf4, 0xb9,
- 0x67, 0x92, 0xc9, 0x9c, 0xed, 0x64, 0xdc, 0x70,
- 0xea, 0x47, 0x53, 0x78, 0xb7, 0x46, 0x6a, 0xc2,
- 0xca, 0xf4, 0xa4, 0x20, 0xb0, 0x1f, 0xf6, 0x1e,
- 0x72, 0xc5, 0xb5, 0xee, 0x8e, 0xaa, 0xd4, 0xd4
-};
-
-/*
- * RSA: 1024-bit RSA known key
- */
-uint8_t rsa_modulus_1024[] = {
- 0x94, 0x32, 0xb9, 0x12, 0x1d, 0x68, 0x2c, 0xda,
- 0x2b, 0xe0, 0xe4, 0x97, 0x1b, 0x4d, 0xdc, 0x43,
- 0xdf, 0x38, 0x6e, 0x7b, 0x9f, 0x07, 0x58, 0xae,
- 0x9d, 0x82, 0x1e, 0xc7, 0xbc, 0x92, 0xbf, 0xd3,
- 0xce, 0x00, 0xbb, 0x91, 0xc9, 0x79, 0x06, 0x03,
- 0x1f, 0xbc, 0x9f, 0x94, 0x75, 0x29, 0x5f, 0xd7,
- 0xc5, 0xf3, 0x73, 0x8a, 0xa4, 0x35, 0x43, 0x7a,
- 0x00, 0x32, 0x97, 0x3e, 0x86, 0xef, 0x70, 0x6f,
- 0x18, 0x56, 0x15, 0xaa, 0x6a, 0x87, 0xe7, 0x8d,
- 0x7d, 0xdd, 0x1f, 0xa4, 0xe4, 0x31, 0xd4, 0x7a,
- 0x8c, 0x0e, 0x20, 0xd2, 0x23, 0xf5, 0x57, 0x3c,
- 0x1b, 0xa8, 0x44, 0xa4, 0x57, 0x8f, 0x33, 0x52,
- 0xad, 0x83, 0xae, 0x4a, 0x97, 0xa6, 0x1e, 0xa6,
- 0x2b, 0xfa, 0xea, 0xeb, 0x6e, 0x71, 0xb8, 0xb6,
- 0x0a, 0x36, 0xed, 0x83, 0xce, 0xb0, 0xdf, 0xc1,
- 0xd4, 0x3a, 0xe9, 0x99, 0x6f, 0xf3, 0x96, 0xb7
-};
-uint8_t rsa_public_exponent_1024[] = {0x01, 0x00, 0x01};
-uint8_t rsa_private_exponent_1024[] = {
- 0x8e, 0xc9, 0x70, 0x57, 0x6b, 0xcd, 0xfb, 0xa9,
- 0x19, 0xad, 0xcd, 0x91, 0x69, 0xd5, 0x52, 0xec,
- 0x72, 0x1e, 0x45, 0x15, 0x06, 0xdc, 0x65, 0x2d,
- 0x98, 0xc4, 0xce, 0x33, 0x54, 0x15, 0x70, 0x8d,
- 0xfa, 0x65, 0xea, 0x53, 0x44, 0xf3, 0x3e, 0x3f,
- 0xb4, 0x4c, 0x60, 0xd5, 0x01, 0x2d, 0xa4, 0x12,
- 0x99, 0xbf, 0x3f, 0x0b, 0xcd, 0xbb, 0x24, 0x10,
- 0x60, 0x30, 0x5e, 0x58, 0xf8, 0x59, 0xaa, 0xd1,
- 0x63, 0x3b, 0xbc, 0xcb, 0x94, 0x58, 0x38, 0x24,
- 0xfc, 0x65, 0x25, 0xc5, 0xa6, 0x51, 0xa2, 0x2e,
- 0xf1, 0x5e, 0xf5, 0xc1, 0xf5, 0x46, 0xf7, 0xbd,
- 0xc7, 0x62, 0xa8, 0xe2, 0x27, 0xd6, 0x94, 0x5b,
- 0xd3, 0xa2, 0xb5, 0x76, 0x42, 0x67, 0x6b, 0x86,
- 0x91, 0x97, 0x4d, 0x07, 0x92, 0x00, 0x4a, 0xdf,
- 0x0b, 0x65, 0x64, 0x05, 0x03, 0x48, 0x27, 0xeb,
- 0xce, 0x9a, 0x49, 0x7f, 0x3e, 0x10, 0xe0, 0x01
-};
-uint8_t rsa_prime1_1024[] = {
- 0xe4, 0xe7, 0x50, 0x8c, 0x48, 0x2b, 0x0a, 0xda,
- 0xb1, 0xf0, 0xd5, 0x1e, 0x0b, 0xf3, 0xdc, 0xfc,
- 0xa9, 0x60, 0x20, 0x73, 0xa0, 0x89, 0x20, 0xa8,
- 0x2e, 0x1a, 0x50, 0x95, 0xdc, 0x45, 0xef, 0x29,
- 0x21, 0x69, 0x22, 0xca, 0x3f, 0x2c, 0xfe, 0x6e,
- 0xb3, 0xc9, 0xee, 0x2d, 0xb1, 0xb9, 0xbd, 0x6c,
- 0xdd, 0x89, 0xbb, 0x0a, 0x9a, 0x0e, 0x14, 0xa1,
- 0x88, 0x4a, 0x56, 0x5d, 0xb5, 0x0f, 0xd2, 0x01
-};
-uint8_t rsa_prime2_1024[] = {
- 0xa5, 0xbd, 0xb6, 0xb8, 0x49, 0x97, 0x9d, 0x2c,
- 0x04, 0x06, 0x5b, 0xee, 0xae, 0x5f, 0x78, 0x06,
- 0x49, 0xa2, 0x11, 0xbf, 0xff, 0x40, 0x4f, 0x56,
- 0x88, 0xc7, 0xe9, 0x55, 0x79, 0xeb, 0xc6, 0x68,
- 0x1c, 0xb3, 0x13, 0x9f, 0x41, 0x6c, 0x10, 0x3c,
- 0x26, 0xd2, 0xd6, 0x68, 0xb3, 0x1e, 0x6b, 0x93,
- 0x08, 0x86, 0xfe, 0x15, 0x47, 0xa7, 0x52, 0x3a,
- 0xb4, 0x28, 0x43, 0x78, 0xef, 0x34, 0x78, 0xb7
-};
-uint8_t rsa_exponent1_1024[] = {
- 0x58, 0x83, 0x51, 0xd4, 0x4c, 0xfb, 0xc7, 0xe0,
- 0xb5, 0x3a, 0x09, 0x4e, 0xeb, 0x14, 0x4b, 0x79,
- 0xb0, 0x0d, 0x29, 0xbf, 0x4c, 0x6e, 0x7a, 0x20,
- 0x4e, 0x63, 0x82, 0x91, 0xd0, 0x71, 0x82, 0x7f,
- 0x87, 0x19, 0xde, 0x88, 0x12, 0x51, 0xd5, 0xb8,
- 0xfc, 0xf0, 0xb2, 0x97, 0x1c, 0xc8, 0x54, 0x05,
- 0x4a, 0xcd, 0x3d, 0x74, 0x66, 0x09, 0xd7, 0xd4,
- 0x76, 0x9d, 0x38, 0x34, 0x58, 0x15, 0x5c, 0x01
-};
-uint8_t rsa_exponent2_1024[] = {
- 0x4a, 0xc6, 0x27, 0x6c, 0x47, 0x0f, 0x56, 0xc2,
- 0x67, 0xe2, 0x72, 0x91, 0x61, 0x2c, 0x03, 0x1b,
- 0x5b, 0x16, 0xfa, 0x49, 0x13, 0xa0, 0x70, 0xea,
- 0xca, 0x74, 0xde, 0x89, 0x48, 0xa3, 0x1d, 0x75,
- 0x15, 0x15, 0x99, 0x91, 0xac, 0xd3, 0x53, 0x13,
- 0xc0, 0x34, 0x38, 0xb5, 0x2d, 0xb2, 0x58, 0xb8,
- 0x12, 0x0d, 0xcd, 0x0d, 0xce, 0xb0, 0xe7, 0x41,
- 0x42, 0xcc, 0x33, 0x7c, 0x98, 0xf6, 0xa4, 0x4b
-};
-uint8_t rsa_coefficient_1024[] = {
- 0x60, 0x6a, 0x6c, 0x5a, 0xf1, 0x55, 0xe9, 0xe4,
- 0x67, 0x72, 0x2f, 0x99, 0x03, 0x6a, 0x56, 0xa1,
- 0xed, 0xf2, 0x59, 0xfa, 0xec, 0x88, 0xc5, 0xb7,
- 0xa8, 0x71, 0x4a, 0x5f, 0xab, 0x86, 0xb0, 0x50,
- 0x93, 0x3c, 0xe3, 0x70, 0xf9, 0xf2, 0x72, 0xe6,
- 0xd2, 0xb5, 0x30, 0x3e, 0x60, 0x29, 0x70, 0xd4,
- 0xf0, 0x31, 0x15, 0x36, 0x3a, 0x27, 0xb6, 0xdf,
- 0x18, 0xb0, 0xf0, 0x32, 0xef, 0xa3, 0x84, 0xcb
-};
-
-
-/*
- * RSA: 2048-bit RSA known key
- */
-uint8_t rsa_modulus_2048[] = {
- 0x7f, 0xf1, 0xed, 0x5a, 0xa0, 0xe2, 0x97, 0x05,
- 0x03, 0xc0, 0xf3, 0xcf, 0x86, 0x4a, 0x01, 0x15,
- 0xc3, 0x4f, 0x32, 0xf4, 0xf7, 0xbe, 0x57, 0x4a,
- 0xe1, 0x87, 0xf2, 0x1c, 0xd3, 0xa5, 0x96, 0xc1,
- 0x54, 0xe5, 0x97, 0x19, 0x7d, 0xf1, 0x13, 0xc3,
- 0x4d, 0xcf, 0x5a, 0x08, 0x76, 0xfc, 0x6c, 0x93,
- 0x87, 0x71, 0x20, 0x66, 0xb7, 0xbf, 0x37, 0xbb,
- 0xc9, 0xf5, 0x16, 0xf4, 0x9c, 0x5c, 0x64, 0x58,
- 0xc4, 0x9e, 0x17, 0x0e, 0x99, 0x6d, 0x3f, 0x7d,
- 0x4f, 0xf1, 0x01, 0xde, 0x76, 0x55, 0xa9, 0xfe,
- 0xa0, 0xa4, 0x95, 0xd1, 0x4e, 0xc6, 0x8b, 0x0a,
- 0x86, 0x5b, 0x60, 0x40, 0xf1, 0x74, 0x91, 0x26,
- 0xcf, 0xc4, 0xf7, 0x7a, 0x86, 0xd7, 0x72, 0x47,
- 0x25, 0x9e, 0x3e, 0x5a, 0xbd, 0x7f, 0x11, 0x9a,
- 0x28, 0x9e, 0x00, 0x8d, 0xfb, 0x9d, 0x93, 0x8e,
- 0xb4, 0xcc, 0x7f, 0x22, 0x00, 0x8a, 0x3b, 0xbb,
- 0xca, 0x45, 0x8e, 0x93, 0xd3, 0xe4, 0x89, 0x96,
- 0xe1, 0xb8, 0x5f, 0xdf, 0x75, 0x94, 0x89, 0xa5,
- 0xad, 0x39, 0x76, 0x43, 0xa7, 0xdf, 0xe4, 0x62,
- 0x39, 0x01, 0x56, 0x31, 0x46, 0x2b, 0xf4, 0x05,
- 0xa9, 0xa9, 0x33, 0x96, 0x16, 0x75, 0x3f, 0xf2,
- 0xcd, 0x6b, 0x0d, 0xa9, 0xf2, 0x9b, 0x30, 0x6d,
- 0x17, 0xec, 0x1a, 0x5a, 0x14, 0x5a, 0x8e, 0xaa,
- 0x52, 0x35, 0x83, 0x0a, 0x59, 0xbc, 0x56, 0x96,
- 0x18, 0x08, 0xbf, 0x91, 0xf7, 0x69, 0x81, 0x66,
- 0xda, 0x13, 0xb6, 0x77, 0xb9, 0x6a, 0x4a, 0x71,
- 0xd9, 0xae, 0x43, 0x0d, 0xad, 0xb4, 0x5f, 0x11,
- 0x87, 0x91, 0x84, 0xc6, 0x59, 0xfe, 0xb0, 0x05,
- 0x83, 0x21, 0x66, 0x7a, 0x70, 0xeb, 0x15, 0xbb,
- 0xc3, 0x40, 0x37, 0xce, 0xbc, 0xe7, 0x4f, 0x95,
- 0xf1, 0x83, 0xcf, 0x89, 0xdd, 0xdc, 0xea, 0x01,
- 0xe1, 0x42, 0xe9, 0x52, 0x8b, 0x1f, 0x91, 0x25};
-uint8_t rsa_public_exponent_2048[] = { 0x3 };
-uint8_t rsa_private_exponent_2048[] = {
- 0x55, 0x4b, 0xf3, 0x91, 0xc0, 0x97, 0x0f, 0x58,
- 0xad, 0x2b, 0x4d, 0x35, 0x04, 0x31, 0x56, 0x0e,
- 0x82, 0x34, 0xcc, 0xa3, 0x4f, 0xd4, 0x3a, 0x31,
- 0xeb, 0xaf, 0xf6, 0xbd, 0xe2, 0x6e, 0x64, 0x80,
- 0xe3, 0x43, 0xba, 0x10, 0xfe, 0xa0, 0xb7, 0xd7,
- 0x89, 0x34, 0xe6, 0xb0, 0x4f, 0x52, 0xf3, 0x0d,
- 0x04, 0xf6, 0x15, 0x99, 0xcf, 0xd4, 0xcf, 0xd2,
- 0x86, 0xa3, 0x64, 0xa3, 0x12, 0xe8, 0x42, 0xe5,
- 0xd8, 0x69, 0x64, 0xb4, 0x66, 0x48, 0xd4, 0xfe,
- 0x35, 0x4b, 0x56, 0x94, 0x4e, 0xe3, 0xc6, 0xa9,
- 0xc0, 0x6d, 0xb9, 0x36, 0x34, 0x84, 0x5c, 0xb1,
- 0xae, 0xe7, 0x95, 0x80, 0xa0, 0xf8, 0x60, 0xc4,
- 0x8a, 0x83, 0x4f, 0xa7, 0x04, 0x8f, 0xa1, 0x84,
- 0xc3, 0xbe, 0xd4, 0x3c, 0x7e, 0x54, 0xb6, 0x66,
- 0xc5, 0xbe, 0xab, 0x09, 0x52, 0x69, 0x0d, 0x09,
- 0xcd, 0xdd, 0xaa, 0x16, 0xab, 0x06, 0xd2, 0x7c,
- 0x3c, 0x58, 0x7d, 0x53, 0x4b, 0x14, 0x41, 0x35,
- 0x9a, 0x78, 0x74, 0xf5, 0x8e, 0x67, 0x50, 0x52,
- 0xc5, 0x17, 0xcd, 0xfd, 0x7a, 0xe4, 0x9b, 0xbb,
- 0xaf, 0x4b, 0x17, 0xa7, 0x3c, 0x09, 0x1d, 0xd6,
- 0xa1, 0x11, 0x06, 0x36, 0x68, 0x83, 0x66, 0xd6,
- 0x49, 0x44, 0x9f, 0x0b, 0xe3, 0x17, 0x1a, 0xc5,
- 0xd7, 0x9a, 0x65, 0x5d, 0x15, 0x81, 0x6a, 0x5d,
- 0xdd, 0xd7, 0xf4, 0x54, 0xa3, 0x6f, 0x1e, 0x60,
- 0x87, 0x2a, 0x59, 0xaa, 0x73, 0xf0, 0xdd, 0xdb,
- 0x66, 0xa8, 0x19, 0x31, 0xfd, 0x00, 0x09, 0x8f,
- 0xce, 0x9a, 0xec, 0xff, 0x88, 0x5c, 0x4e, 0x67,
- 0x55, 0xa0, 0x14, 0xdf, 0x28, 0x61, 0x5f, 0x47,
- 0x8d, 0x49, 0xb3, 0xee, 0x5e, 0xfc, 0xc8, 0x41,
- 0x75, 0x59, 0x93, 0xa4, 0x24, 0x69, 0xc0, 0x1a,
- 0x18, 0x04, 0xda, 0x38, 0x0e, 0xf3, 0xa5, 0x04,
- 0xbf, 0xe3, 0xf9, 0xf3, 0x7c, 0xe5, 0x82, 0xeb};
-uint8_t rsa_prime1_2048[] = {
- 0x97, 0x5e, 0xb8, 0x7b, 0x74, 0xe6, 0xe3, 0x7b,
- 0x4b, 0xdf, 0x5b, 0xb8, 0x0f, 0xe6, 0xa1, 0xcc,
- 0x1c, 0x84, 0xc9, 0x60, 0x5d, 0x80, 0x17, 0x6d,
- 0x61, 0xc2, 0x4d, 0x14, 0x0c, 0x71, 0xda, 0x02,
- 0x74, 0x6f, 0x1f, 0x85, 0x4f, 0xb9, 0x69, 0xb9,
- 0x3c, 0x23, 0x74, 0x60, 0x14, 0xc2, 0xb2, 0x44,
- 0x0c, 0x18, 0xde, 0xfa, 0x12, 0x2c, 0xb8, 0x68,
- 0x71, 0x62, 0x07, 0x8c, 0x02, 0xe3, 0x08, 0xf9,
- 0x49, 0xc1, 0x15, 0x13, 0x0f, 0x76, 0x50, 0xd6,
- 0x6e, 0xd3, 0x7b, 0xfa, 0x68, 0x0e, 0x75, 0x07,
- 0x0b, 0xee, 0x2c, 0xd7, 0x34, 0xc9, 0x98, 0x33,
- 0x16, 0xca, 0x60, 0x54, 0x36, 0x12, 0x65, 0xc4,
- 0x1c, 0xf1, 0xe5, 0x7c, 0x6a, 0x6a, 0x0f, 0x11,
- 0x45, 0xbb, 0x60, 0xa0, 0x35, 0x97, 0xaa, 0x25,
- 0x58, 0x29, 0x1b, 0xf8, 0x4d, 0xb5, 0x86, 0x58,
- 0x68, 0x19, 0x30, 0x6d, 0x07, 0x78, 0x1d, 0x9d};
-uint8_t rsa_prime2_2048[] = {
- 0xd8, 0x62, 0x1a, 0x1b, 0x6e, 0x5f, 0x44, 0x4b,
- 0x2e, 0x24, 0x54, 0xb7, 0x10, 0x12, 0xef, 0x5d,
- 0x69, 0x10, 0xf7, 0xe7, 0x12, 0x08, 0xe3, 0x5b,
- 0x50, 0x4e, 0x65, 0xa2, 0x5f, 0xac, 0x6d, 0x41,
- 0x43, 0xa0, 0x8a, 0xbf, 0x29, 0xf6, 0xbb, 0xf8,
- 0x23, 0x60, 0xaa, 0xb8, 0x09, 0x35, 0xd6, 0x00,
- 0x48, 0x6b, 0xa3, 0x54, 0x61, 0xeb, 0xb6, 0xb5,
- 0x14, 0x0f, 0x8c, 0xff, 0x61, 0xb2, 0xa0, 0x0c,
- 0x03, 0x88, 0x23, 0xff, 0x3a, 0x09, 0xe3, 0xc7,
- 0x51, 0x44, 0x14, 0xb2, 0x55, 0xdb, 0xc7, 0x13,
- 0x17, 0xd7, 0xb2, 0xb7, 0x2c, 0x60, 0x51, 0x43,
- 0x70, 0x57, 0x05, 0x23, 0x67, 0x5a, 0x3b, 0x56,
- 0x12, 0x40, 0xf3, 0x18, 0x78, 0x05, 0xda, 0x48,
- 0x4d, 0x7e, 0x79, 0xb8, 0x50, 0xb1, 0x05, 0x49,
- 0x75, 0x53, 0x6c, 0x3d, 0x79, 0xb9, 0xec, 0x22,
- 0x59, 0x53, 0xc1, 0xf8, 0x48, 0x4f, 0x2f, 0x29};
-uint8_t rsa_exponent1_2048[] = {
- 0x64, 0xe9, 0xd0, 0x52, 0x4d, 0xef, 0x42, 0x52,
- 0x32, 0x94, 0xe7, 0xd0, 0x0a, 0x99, 0xc1, 0x32,
- 0xbd, 0xad, 0xdb, 0x95, 0x93, 0xaa, 0xba, 0x48,
- 0xeb, 0xd6, 0xde, 0x0d, 0x5d, 0xa1, 0x3c, 0x01,
- 0xa2, 0xf4, 0xbf, 0xae, 0x35, 0x26, 0x46, 0x7b,
- 0x7d, 0x6c, 0xf8, 0x40, 0x0d, 0xd7, 0x21, 0x82,
- 0xb2, 0xbb, 0x3f, 0x51, 0x61, 0x73, 0x25, 0x9a,
- 0xf6, 0x41, 0x5a, 0x5d, 0x57, 0x42, 0x05, 0xfb,
- 0x86, 0x80, 0xb8, 0xb7, 0x5f, 0xa4, 0x35, 0xe4,
- 0x49, 0xe2, 0x52, 0xa6, 0xf0, 0x09, 0xa3, 0x5a,
- 0x07, 0xf4, 0x1d, 0xe4, 0xcd, 0xdb, 0xba, 0xcc,
- 0xb9, 0xdc, 0x40, 0x38, 0x24, 0x0c, 0x43, 0xd8,
- 0x13, 0x4b, 0xee, 0x52, 0xf1, 0x9c, 0x0a, 0x0b,
- 0x83, 0xd2, 0x40, 0x6a, 0xce, 0x65, 0x1c, 0x18,
- 0xe5, 0x70, 0xbd, 0x50, 0x33, 0xce, 0x59, 0x90,
- 0x45, 0x66, 0x20, 0x48, 0xaf, 0xa5, 0x69, 0x13};
-uint8_t rsa_exponent2_2048[] = {
- 0x90, 0x41, 0x66, 0xbc, 0xf4, 0x3f, 0x82, 0xdc,
- 0xc9, 0x6d, 0x8d, 0xcf, 0x60, 0x0c, 0x9f, 0x93,
- 0x9b, 0x60, 0xa5, 0x44, 0xb6, 0xb0, 0x97, 0x92,
- 0x35, 0x89, 0x99, 0x16, 0xea, 0x72, 0xf3, 0x80,
- 0xd7, 0xc0, 0x5c, 0x7f, 0x71, 0x4f, 0x27, 0xfa,
- 0xc2, 0x40, 0x71, 0xd0, 0x06, 0x23, 0xe4, 0x00,
- 0x30, 0x47, 0xc2, 0x38, 0x41, 0x47, 0xcf, 0x23,
- 0x62, 0xb5, 0x08, 0xaa, 0x41, 0x21, 0xc0, 0x08,
- 0x02, 0x5a, 0xc2, 0xaa, 0x26, 0xb1, 0x42, 0x84,
- 0xe0, 0xd8, 0x0d, 0xcc, 0x39, 0x3d, 0x2f, 0x62,
- 0x0f, 0xe5, 0x21, 0xcf, 0x72, 0xea, 0xe0, 0xd7,
- 0xa0, 0x3a, 0x03, 0x6c, 0xef, 0x91, 0x7c, 0xe4,
- 0x0c, 0x2b, 0x4c, 0xba, 0xfa, 0xae, 0x91, 0x85,
- 0x88, 0xfe, 0xfb, 0xd0, 0x35, 0xcb, 0x58, 0xdb,
- 0xa3, 0x8c, 0xf2, 0xd3, 0xa6, 0x7b, 0xf2, 0xc1,
- 0x90, 0xe2, 0x81, 0x50, 0x30, 0x34, 0xca, 0x1b};
-uint8_t rsa_coefficient_2048[] = {
- 0x86, 0xfd, 0x64, 0x2c, 0x28, 0x72, 0x4e, 0x59,
- 0x2a, 0x29, 0xcd, 0xe2, 0xd1, 0xf6, 0x19, 0xc8,
- 0xf8, 0xf0, 0x69, 0x77, 0x94, 0x03, 0x70, 0x0d,
- 0x87, 0x27, 0x37, 0x4d, 0xe8, 0xed, 0x56, 0x9f,
- 0x15, 0x99, 0x14, 0x3f, 0xf8, 0x35, 0x2f, 0x7c,
- 0x01, 0x11, 0x82, 0x99, 0x90, 0x5f, 0x6d, 0xf8,
- 0x2c, 0x81, 0x74, 0x22, 0xa1, 0x5c, 0x87, 0x93,
- 0xc4, 0xa4, 0x0a, 0xd2, 0xf2, 0xe6, 0x51, 0x4d,
- 0x3a, 0x24, 0x16, 0x7a, 0x8a, 0x36, 0xca, 0x03,
- 0x58, 0xd7, 0xce, 0x5b, 0x16, 0x3f, 0x65, 0xf7,
- 0xe8, 0xdc, 0x91, 0xee, 0x0b, 0x80, 0x20, 0x5d,
- 0x12, 0x75, 0x0d, 0xe1, 0xe2, 0x78, 0x13, 0xcc,
- 0x3d, 0xe6, 0x84, 0x56, 0x66, 0xa4, 0x69, 0x20,
- 0x9f, 0x55, 0xf3, 0xcd, 0x48, 0x84, 0x93, 0xc0,
- 0x4d, 0xf9, 0xa7, 0xb3, 0xfa, 0xf3, 0x31, 0x27,
- 0x23, 0x70, 0x19, 0x6a, 0xf3, 0x02, 0x7f, 0x9d};
-
-/*
- * RSA: 1024-bit and 2048-bit known plaintext and signatures
- */
-/* Plaintext message: 1024-bit including NULL termination */
-uint8_t rsa_known_plaintext_msg[] = {
- 0x42, 0xad, 0xcb, 0xba, 0x92, 0x41, 0x72, 0xf3,
- 0x3e, 0x7c, 0xc0, 0xf7, 0x2b, 0xbe, 0x30, 0xdf,
- 0x97, 0xa2, 0x11, 0xd1, 0xa6, 0x43, 0x33, 0x22,
- 0xc9, 0x14, 0xec, 0x07, 0x69, 0x4c, 0xa8, 0xbc,
- 0xb9, 0x87, 0x54, 0xe1, 0x26, 0x2a, 0x9e, 0xfd,
- 0xf7, 0xa2, 0x3b, 0xee, 0x77, 0x93, 0xff, 0xa8,
- 0x34, 0xf5, 0x89, 0xef, 0xa4, 0xb9, 0x00, 0x86,
- 0x46, 0x63, 0x07, 0x5a, 0x8f, 0x87, 0xb4, 0x6e,
- 0x0d, 0xd6, 0xb2, 0x32, 0x21, 0x50, 0xab, 0x18,
- 0xc0, 0x9c, 0x1e, 0xa1, 0x8a, 0x4e, 0xf3, 0x1f,
- 0xe1, 0x4e, 0xf0, 0xe3, 0x9b, 0x9d, 0x33, 0x84,
- 0x6d, 0x4b, 0x6f, 0x52, 0x65, 0x2c, 0xc1, 0x41,
- 0x6a, 0x13, 0x10, 0xc2, 0xf6, 0x2f, 0xc6, 0xaf,
- 0x35, 0xb4, 0xf2, 0xbf, 0x21, 0x16, 0x2b, 0x45,
- 0x61, 0x97, 0xcf, 0x4f, 0xa0, 0x1d, 0x99, 0x9d,
- 0xa0, 0x92, 0x11, 0x6d, 0x34, 0x63, 0x19, 0x73
-};
-
-uint8_t rsa_x509_known_signature_1024[] = {
- 0x43, 0xA3, 0x73, 0x60, 0xD7, 0x6F, 0xAB, 0x76,
- 0x8C, 0xF7, 0x7C, 0xDD, 0x26, 0x59, 0x75, 0x91,
- 0x0F, 0x06, 0x95, 0x4A, 0x3A, 0x02, 0x9A, 0x19,
- 0x33, 0xF0, 0x98, 0x4E, 0x9A, 0x97, 0xEA, 0xFE,
- 0x45, 0xB5, 0x94, 0xE0, 0x42, 0x46, 0xC7, 0x74,
- 0x65, 0xE6, 0x0F, 0x81, 0xD0, 0x95, 0x17, 0x8F,
- 0x82, 0xF6, 0x36, 0x02, 0x59, 0xE9, 0x20, 0x08,
- 0x38, 0x70, 0x68, 0x67, 0xFE, 0x9B, 0xEA, 0xF8,
- 0xBA, 0xD0, 0x00, 0x3F, 0x75, 0x2A, 0x2F, 0x7A,
- 0xC7, 0xE9, 0x44, 0xA4, 0x39, 0xB6, 0x94, 0x85,
- 0xA7, 0x8A, 0x3A, 0x97, 0x83, 0x93, 0x18, 0x93,
- 0x99, 0xAC, 0xF7, 0x21, 0xD5, 0x76, 0x30, 0xA5,
- 0xA1, 0xE5, 0x3B, 0x50, 0x2D, 0x10, 0xBE, 0xD1,
- 0x96, 0x41, 0x9D, 0xD9, 0xCD, 0x68, 0xD4, 0x49,
- 0x96, 0x78, 0xBB, 0x62, 0x7D, 0xEC, 0x0D, 0x09,
- 0xA4, 0x84, 0x6B, 0x6F, 0xA8, 0x41, 0x03, 0x37
-};
-
-uint8_t rsa_pkcs_known_signature_1024[] = {
- 0x7B, 0x9C, 0x75, 0x6D, 0x45, 0xC3, 0xED, 0x9F,
- 0xFA, 0xE9, 0x9C, 0xFA, 0x8B, 0x1A, 0xAF, 0x86,
- 0x25, 0x45, 0x52, 0x21, 0x81, 0x94, 0x2C, 0x87,
- 0x51, 0x65, 0x77, 0x2F, 0x25, 0xA8, 0x6C, 0x85,
- 0x06, 0xA8, 0xA3, 0xF6, 0x3B, 0xA6, 0xC8, 0x44,
- 0xF5, 0xBF, 0xE8, 0xE0, 0xF8, 0x20, 0xB5, 0x84,
- 0xF3, 0xAE, 0x1B, 0x24, 0xA6, 0x19, 0xC5, 0x63,
- 0xFD, 0x54, 0xFA, 0x88, 0xA2, 0x2D, 0x2C, 0x39,
- 0x38, 0x4B, 0x68, 0x70, 0xF7, 0xD3, 0x8D, 0xE1,
- 0x90, 0xE7, 0x41, 0x8D, 0x03, 0x75, 0x39, 0x38,
- 0x3B, 0x96, 0x47, 0xFF, 0xA7, 0x9B, 0x72, 0x08,
- 0x76, 0x7D, 0x00, 0x61, 0xD4, 0x07, 0x47, 0xED,
- 0xB3, 0x62, 0x4D, 0xFD, 0x79, 0x44, 0xD5, 0xF5,
- 0xDA, 0xDE, 0xE5, 0x89, 0xFB, 0x57, 0xA8, 0x0A,
- 0x92, 0x41, 0x92, 0x3A, 0x47, 0x85, 0x1D, 0x72,
- 0xAF, 0x58, 0x85, 0x9D, 0x46, 0x4A, 0xD2, 0x7D
-};
-
-uint8_t rsa_x509_known_signature_2048[] = {
- 0x74, 0xEB, 0x2F, 0x01, 0x93, 0xF0, 0xB9, 0x64,
- 0x12, 0xD6, 0xD6, 0x75, 0xF0, 0x6C, 0xDC, 0x44,
- 0x5F, 0x09, 0xAC, 0x98, 0x6C, 0xF9, 0x23, 0x7E,
- 0xBB, 0x44, 0xCB, 0x9A, 0x3C, 0xE9, 0x76, 0x7B,
- 0x81, 0xAA, 0x69, 0xA6, 0x77, 0x34, 0x85, 0x8E,
- 0xDB, 0x13, 0x9A, 0xE3, 0xD0, 0xBF, 0x2A, 0x3C,
- 0x8B, 0x50, 0x3E, 0x8A, 0x95, 0xF7, 0x09, 0x39,
- 0xED, 0x3F, 0x5A, 0x52, 0x68, 0xA1, 0xF3, 0x42,
- 0xA8, 0x09, 0x13, 0xAE, 0xFD, 0x9F, 0x40, 0x0C,
- 0x3D, 0x84, 0x68, 0x07, 0xFF, 0x30, 0x0F, 0x6B,
- 0x6F, 0xB7, 0x1F, 0x09, 0x11, 0x8E, 0x7B, 0x3F,
- 0x88, 0xF5, 0x41, 0x07, 0xE1, 0x5C, 0x71, 0x28,
- 0xAE, 0x71, 0x51, 0xAE, 0xC3, 0xC9, 0xCB, 0xED,
- 0xAC, 0x87, 0x32, 0xAB, 0xD0, 0x2F, 0x65, 0xA3,
- 0x7D, 0x90, 0xDC, 0xFF, 0x7A, 0x9D, 0xCE, 0xBC,
- 0xCA, 0x00, 0x6E, 0x65, 0x3C, 0x99, 0x2F, 0x00,
- 0x8A, 0x5A, 0xD9, 0x5A, 0x01, 0x83, 0x99, 0x1D,
- 0x8D, 0xD7, 0x10, 0x3B, 0xE2, 0x9C, 0x9C, 0x49,
- 0xCA, 0x9C, 0xF6, 0x42, 0x0E, 0x4D, 0xCD, 0x11,
- 0x70, 0x0C, 0xCC, 0x2C, 0x8F, 0xAA, 0xA5, 0x7C,
- 0xA8, 0x1D, 0xBD, 0x99, 0x63, 0x6E, 0x44, 0x9D,
- 0xE6, 0xC0, 0x55, 0x2F, 0x0F, 0x27, 0x43, 0xA3,
- 0x3C, 0x46, 0xC4, 0x52, 0x59, 0x4F, 0xD4, 0x07,
- 0xAD, 0xE2, 0xBA, 0x19, 0x23, 0x23, 0xB6, 0x78,
- 0xFE, 0x65, 0x6D, 0x0D, 0x62, 0x0E, 0xAB, 0xE5,
- 0x5A, 0x58, 0x28, 0x17, 0xE9, 0x1D, 0x2F, 0x3E,
- 0x04, 0xED, 0x01, 0x56, 0x0B, 0xB9, 0x4E, 0x2D,
- 0xF8, 0xC9, 0x7D, 0x12, 0xFE, 0x8A, 0x00, 0x3E,
- 0x72, 0x9F, 0x28, 0x77, 0x92, 0x58, 0x6E, 0x11,
- 0x75, 0xF1, 0x31, 0x5B, 0x43, 0xF4, 0x95, 0xD3,
- 0x59, 0x31, 0xA7, 0xD1, 0x8B, 0x91, 0xED, 0xDE,
- 0xD9, 0xC0, 0x04, 0xBA, 0x1F, 0x4E, 0x1D, 0xB6
-};
-
-uint8_t rsa_pkcs_known_signature_2048[] = {
- 0x77, 0x5A, 0x7C, 0x5B, 0x95, 0xB8, 0x02, 0xB5,
- 0xF7, 0xDF, 0x8A, 0x3F, 0x90, 0x7D, 0x32, 0x6E,
- 0x3B, 0x79, 0x0F, 0x74, 0xAD, 0x4D, 0xE1, 0x61,
- 0xCD, 0x5D, 0x32, 0x4C, 0x4A, 0x94, 0x90, 0xB2,
- 0xDB, 0xB0, 0xCE, 0x0E, 0xC8, 0xC2, 0x2D, 0x8B,
- 0x26, 0x49, 0xE8, 0x0F, 0x37, 0x85, 0x64, 0xF0,
- 0x2B, 0x94, 0xA5, 0x05, 0xC7, 0x32, 0x4C, 0xFD,
- 0xE8, 0x1F, 0x5B, 0x3C, 0x74, 0x08, 0x16, 0x02,
- 0xAE, 0xB6, 0xB8, 0xF1, 0x4A, 0x2F, 0x3F, 0x92,
- 0xCD, 0x8B, 0x82, 0xCA, 0xCC, 0xB4, 0x8E, 0x68,
- 0xD6, 0x2F, 0x21, 0x8C, 0x4C, 0x63, 0xA4, 0xEA,
- 0xDE, 0xE5, 0xF2, 0x8A, 0x3F, 0x9B, 0x81, 0x50,
- 0x12, 0x30, 0x05, 0xF2, 0x63, 0x64, 0xB2, 0x41,
- 0x8A, 0x77, 0xAF, 0x07, 0xC1, 0x91, 0x6E, 0x32,
- 0x43, 0xEC, 0x3B, 0xB2, 0xE5, 0xAE, 0x95, 0x81,
- 0xEE, 0x34, 0x4C, 0xAF, 0x26, 0x8C, 0x14, 0x7D,
- 0xB3, 0x0D, 0x47, 0x95, 0x46, 0xFF, 0x5E, 0x12,
- 0xCC, 0x02, 0x68, 0x52, 0x58, 0x90, 0xE8, 0x38,
- 0xC5, 0x7F, 0x6F, 0x6A, 0xA6, 0x1C, 0x92, 0xDB,
- 0x43, 0x82, 0x13, 0x2A, 0x33, 0x0F, 0xEB, 0xEC,
- 0xF3, 0x52, 0x47, 0x06, 0x0B, 0xB0, 0x38, 0x52,
- 0xB7, 0x60, 0xB5, 0x4D, 0xC3, 0xF8, 0x26, 0x60,
- 0x99, 0x67, 0xFA, 0x5C, 0x40, 0x3A, 0x71, 0x8F,
- 0x30, 0x04, 0xEF, 0xD2, 0xBD, 0x31, 0xA3, 0x1F,
- 0x9A, 0x5D, 0xAA, 0x0C, 0x8E, 0xA1, 0x87, 0x78,
- 0x62, 0xFD, 0x15, 0x8C, 0xB4, 0xF5, 0xAF, 0x84,
- 0xFB, 0x26, 0xC9, 0xDA, 0x58, 0x67, 0x55, 0x27,
- 0x1C, 0x20, 0xEA, 0xDD, 0x5E, 0xC0, 0xBE, 0x88,
- 0x46, 0x9C, 0xEF, 0x70, 0x75, 0x91, 0x31, 0x44,
- 0x40, 0xCD, 0x61, 0x3F, 0xB6, 0x9C, 0x18, 0x6D,
- 0xCD, 0x16, 0x07, 0x89, 0x7D, 0x73, 0x03, 0xE3,
- 0x54, 0x22, 0x11, 0x76, 0xF5, 0xE6, 0x4F, 0xF0
-};
-
-
-uchar_t dsa_base_1024[] = {
- 0x34, 0x32, 0xEF, 0xA6, 0x81, 0x0E, 0xF7, 0xA2,
- 0x6F, 0x0C, 0x05, 0xB8, 0x6F, 0xE4, 0x0B, 0xD7,
- 0xB4, 0x5B, 0x77, 0x3E, 0x0D, 0x6D, 0xA9, 0x37,
- 0x39, 0x69, 0xEC, 0x26, 0x58, 0xDD, 0xE5, 0xF7,
- 0x26, 0x2A, 0x8C, 0xBD, 0x47, 0x7B, 0x53, 0x12,
- 0x65, 0xD5, 0x86, 0x7C, 0xAA, 0x47, 0x8D, 0x2C,
- 0xBD, 0x8A, 0x82, 0x5B, 0x5E, 0xEB, 0x94, 0xAE,
- 0x79, 0x1D, 0x76, 0x64, 0x9E, 0x3E, 0x33, 0x5A,
- 0xFC, 0xB6, 0x86, 0x83, 0x6A, 0xAF, 0x7D, 0xC4,
- 0x50, 0x56, 0x60, 0xEF, 0x57, 0x86, 0x6C, 0xD9,
- 0x44, 0x72, 0xF2, 0x19, 0xB0, 0x46, 0x52, 0x04,
- 0xC3, 0x92, 0xF4, 0xF1, 0x36, 0xEF, 0xFA, 0xAF,
- 0xFA, 0x86, 0xBB, 0x2B, 0x07, 0x04, 0x9F, 0xF5,
- 0xD4, 0xEC, 0xB5, 0x60, 0x81, 0x8A, 0x6E, 0x5F,
- 0x96, 0x4C, 0x84, 0x9E, 0xD0, 0x9E, 0xA9, 0x28,
- 0x95, 0xF9, 0x17, 0x5E, 0x95, 0x4F, 0xA8, 0x45
-};
-uchar_t dsa_prime_1024[] = {
- 0xB6, 0x6F, 0x0C, 0xED, 0xAF, 0x2C, 0x79, 0x76,
- 0x03, 0xC1, 0xB6, 0x4A, 0x60, 0x24, 0x89, 0x6D,
- 0xFC, 0x8A, 0x8C, 0x4F, 0x0A, 0x61, 0x4B, 0x55,
- 0xB2, 0x4E, 0xDC, 0x2E, 0xB7, 0xFA, 0xFF, 0x9A,
- 0xF7, 0xA4, 0x86, 0x71, 0x0E, 0xBF, 0x2A, 0xBB,
- 0x60, 0x64, 0x49, 0xFB, 0xB8, 0x8C, 0x86, 0xA1,
- 0x92, 0xBC, 0x0A, 0xF8, 0xF3, 0x62, 0x5E, 0x0D,
- 0x40, 0xA7, 0x61, 0xCB, 0x45, 0x21, 0x90, 0xF0,
- 0x3F, 0xC9, 0x25, 0x79, 0x5B, 0x3A, 0xDE, 0x4E,
- 0xAE, 0xFA, 0x21, 0x74, 0x6F, 0x9A, 0x09, 0xED,
- 0xA6, 0x7D, 0x6C, 0x89, 0x5A, 0x3E, 0x28, 0xE8,
- 0x5D, 0x31, 0x20, 0xD9, 0xAF, 0xE8, 0x9F, 0xA4,
- 0xA6, 0xD7, 0xFE, 0x2F, 0x26, 0x4E, 0x85, 0x61,
- 0x9B, 0xE6, 0x5E, 0x67, 0x90, 0xF5, 0xDA, 0x8F,
- 0xE2, 0xD1, 0x26, 0xB1, 0x66, 0xC6, 0xB0, 0xCA,
- 0x7C, 0xE8, 0x08, 0x85, 0x57, 0xE5, 0xAD, 0x01
-};
-uchar_t dsa_subprime_1024[] = {
- 0x80, 0xBD, 0xBC, 0x1F, 0x32, 0x59, 0x51, 0xC6,
- 0xE0, 0x36, 0xC7, 0x74, 0x47, 0x16, 0xCF, 0x06,
- 0xDC, 0x8A, 0xA9, 0x07
-};
-uchar_t dsa_privalue_1024[] = {
- 0x3F, 0x02, 0xC5, 0xA7, 0x0C, 0x35, 0xAE, 0xF9,
- 0x9B, 0xED, 0xF4, 0x93, 0xB4, 0x10, 0x09, 0x68,
- 0x83, 0x2F, 0xCB, 0x9C
-};
-uchar_t dsa_pubvalue_1024[] = {
- 0x10, 0xEF, 0xCB, 0x38, 0x16, 0xCC, 0xCA, 0x91,
- 0x13, 0x6C, 0x56, 0x54, 0x67, 0xBF, 0x14, 0x98,
- 0xB7, 0x9B, 0x67, 0x91, 0xC9, 0x43, 0x6E, 0x04,
- 0x79, 0x85, 0x0D, 0x74, 0x4C, 0x8B, 0x0E, 0x33,
- 0x8E, 0x2C, 0xF4, 0x47, 0x4D, 0x2C, 0x3D, 0xE3,
- 0x50, 0x28, 0x0B, 0x19, 0x8E, 0x7F, 0x25, 0x85,
- 0xD9, 0xF8, 0x75, 0xE3, 0xE8, 0xE7, 0xDF, 0xAE,
- 0x6D, 0xC5, 0x63, 0x25, 0x1E, 0x4E, 0x69, 0xBF,
- 0xCE, 0xA1, 0x9A, 0xEA, 0xDB, 0xC5, 0x73, 0x20,
- 0x41, 0x9C, 0x1D, 0xCE, 0x28, 0x1D, 0xFE, 0x87,
- 0x0C, 0x6A, 0x1D, 0x44, 0xF0, 0x56, 0x01, 0x0D,
- 0xF7, 0x1D, 0x82, 0xFD, 0x8D, 0x20, 0xF2, 0xA3,
- 0x83, 0x28, 0xD3, 0xED, 0x40, 0x36, 0x0A, 0x4C,
- 0xAB, 0x2A, 0xB4, 0x9F, 0xA7, 0x9C, 0x53, 0x69,
- 0xBB, 0xC6, 0xB8, 0x78, 0x5E, 0xAF, 0x8F, 0x4E,
- 0xFF, 0xCB, 0x2C, 0xB7, 0xD3, 0x53, 0x6D, 0x0A
-};
-
-uchar_t dsa_known_data[] = {
- '0', '1', '2', '3', '4', '5', '6', '7', '8', '9',
- 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J'
-};
-
-/*
- * NIST-Approved Curves
- */
-
-/* P-192 */
-uchar_t ec_param_oid_secp192r1[] = /* prime192v1/P192 */
- {0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x3, 0x1, 0x1};
-uchar_t ec_point_p192r1[] = {
- 0x04, 0xa8, 0x57, 0x22, 0x30, 0x43, 0x82, 0xa4,
- 0x80, 0x2c, 0x46, 0x79, 0x23, 0x8b, 0xe5, 0x08,
- 0x02, 0xf7, 0xc6, 0x86, 0xda, 0xe8, 0x9b, 0x7b,
- 0x8c, 0x79, 0xa5, 0x6e, 0x0c, 0x1c, 0x37, 0x47,
- 0x1d, 0x51, 0x67, 0xe3, 0xdd, 0x2a, 0xc3, 0x1a,
- 0x29, 0xec, 0xd3, 0xbc, 0xf6, 0x95, 0xeb, 0x22,
- 0xe0
-};
-uchar_t ec_value_p192r1[] = {
- 0x52, 0x9b, 0x30, 0x58, 0x69, 0x72, 0x1b, 0x57,
- 0x9c, 0xe5, 0x29, 0xa1, 0x52, 0x70, 0xb9, 0xbe,
- 0xf4, 0x3a, 0x63, 0xdd, 0x89, 0xc0, 0xd0, 0xa8
-};
-
-/* P-224 */
-uchar_t ec_param_oid_secp224r1[] =
- {0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x21};
-uchar_t ec_point_p224r1[] = {
- 0x04,
- 0x2B, 0xFF, 0xAF, 0xA1, 0xAA, 0x9A, 0x05, 0x44,
- 0xBC, 0xC8, 0xD4, 0xAF, 0xC8, 0x53, 0x92, 0xD8,
- 0xC5, 0x01, 0x70, 0xF2, 0x97, 0x5B, 0x7A, 0x23,
- 0x7D, 0x39, 0x6A, 0xCD, 0x32, 0xF3, 0x3C, 0x69,
- 0x8F, 0x42, 0x00, 0xD6, 0x38, 0x0A, 0xF4, 0xCE,
- 0x6D, 0x43, 0x98, 0xDF, 0x2E, 0x62, 0x90, 0x6E,
- 0xAD, 0xF7, 0x4E, 0x6C, 0x67, 0x83, 0xC5, 0x69
- };
-uchar_t ec_value_p224r1[] = {
- 0x91, 0xE9, 0x9A, 0xA5, 0x6F, 0xA7, 0x9D, 0x90,
- 0xED, 0x41, 0x25, 0x42, 0xA8, 0x31, 0x4E, 0xE2,
- 0xEB, 0x95, 0x14, 0x89, 0x6D, 0x78, 0xA0, 0x14,
- 0x45, 0x8B, 0x85, 0x0E
-};
-
-
-/* P-256 */
-uchar_t ec_param_oid_secp256r1[] =
- {0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x3, 0x1, 0x7};
-uchar_t ec_point_p256r1[] = {
- 0x04, 0xa0, 0x90, 0x62, 0x74, 0x7d, 0x00, 0x6a,
- 0x84, 0x01, 0xcd, 0x7b, 0x29, 0xf6, 0x53, 0xe3,
- 0xd3, 0x2b, 0xb7, 0x1f, 0x51, 0x8a, 0x0c, 0xba,
- 0xe9, 0x3e, 0xd6, 0xa4, 0x90, 0xd3, 0x3a, 0x70,
- 0x29, 0x11, 0x70, 0xac, 0x03, 0x8b, 0xb0, 0x11,
- 0xd7, 0x05, 0xd5, 0xce, 0x17, 0x4d, 0x1e, 0x50,
- 0xdc, 0xea, 0x3b, 0x42, 0x0b, 0x94, 0xcb, 0xda,
- 0x4a, 0x07, 0xc9, 0xe6, 0x8e, 0x1d, 0x59, 0xd2, 0x77
-};
-uchar_t ec_value_p256r1[] = {
- 0xf3, 0x58, 0xee, 0xc7, 0xec, 0x32, 0x1c, 0x1a,
- 0xc6, 0x10, 0xb2, 0x97, 0x15, 0x4e, 0x84, 0x5b,
- 0xed, 0x36, 0x94, 0xc1, 0xa0, 0xaa, 0x8b, 0x91,
- 0xba, 0x26, 0x73, 0xeb, 0x6b, 0x2d, 0x4c, 0xde
-};
-
-/* P-384 */
-uchar_t ec_param_oid_secp384r1[] =
- {0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22};
-uchar_t ec_point_p384r1[] = {
- 0x04, 0x2a, 0x87, 0x73, 0x17, 0x2f, 0x61, 0xf6,
- 0xbc, 0xd1, 0x8b, 0x31, 0x3d, 0xa1, 0x37, 0x4b,
- 0x39, 0xa6, 0x1e, 0xe1, 0x8a, 0x88, 0x17, 0x2b,
- 0x86, 0x1a, 0x36, 0xd1, 0x1c, 0x0f, 0x53, 0xd9,
- 0xc7, 0x48, 0x31, 0x64, 0xcd, 0x20, 0x38, 0x14,
- 0xdd, 0x16, 0xde, 0x8d, 0xf7, 0xf6, 0x89, 0x43,
- 0xa0, 0x34, 0x15, 0x5f, 0x70, 0x99, 0x96, 0x55,
- 0x03, 0x26, 0x7c, 0x34, 0x9f, 0xe4, 0xfe, 0xaa,
- 0xcc, 0xbb, 0xa1, 0x91, 0x2c, 0xbd, 0xe8, 0xc6,
- 0x7b, 0xef, 0x17, 0x87, 0x2d, 0x9f, 0xe3, 0x2b,
- 0x99, 0x17, 0x6d, 0x96, 0xed, 0x44, 0x55, 0x28,
- 0x53, 0xce, 0xcd, 0x31, 0x8c, 0x3d, 0x90, 0x2f, 0xcf
-};
-uchar_t ec_value_p384r1[] = {
- 0xfc, 0xcb, 0x14, 0xdd, 0x5f, 0x86, 0x31, 0x74,
- 0x27, 0xef, 0x19, 0x18, 0x6c, 0x02, 0x2b, 0x94,
- 0xbf, 0x56, 0x9f, 0x36, 0x5e, 0x38, 0x6b, 0x82,
- 0x91, 0x70, 0xc4, 0x0f, 0xd6, 0xbe, 0x32, 0x5c,
- 0x4d, 0xe3, 0x75, 0x98, 0x05, 0x8c, 0x61, 0xe8,
- 0x70, 0x32, 0x6f, 0xbc, 0xc9, 0x85, 0x0a, 0x34
-};
-
-/* P-521 */
-uchar_t ec_param_oid_secp521r1[] =
- {0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x23};
-uchar_t ec_point_p521r1[] = {
- 0x04, 0x01, 0x41, 0x65, 0x78, 0xe4, 0xbd, 0x99,
- 0x50, 0xc8, 0x2e, 0x4a, 0x82, 0xac, 0x6c, 0x20,
- 0xcf, 0xf8, 0x2e, 0x72, 0x40, 0x1d, 0x5f, 0x51,
- 0x5f, 0xcc, 0xb3, 0xa8, 0x52, 0x8c, 0xa6, 0x41,
- 0x43, 0xd6, 0xd8, 0x13, 0xfd, 0xd8, 0xbb, 0xd9,
- 0x7c, 0xa7, 0xbf, 0xa8, 0xa8, 0x65, 0x0f, 0xc8,
- 0xb9, 0x60, 0x13, 0xbc, 0xd3, 0x16, 0x6a, 0x5f,
- 0xf0, 0x52, 0x49, 0xce, 0x61, 0x8f, 0x1a, 0xf3,
- 0x6d, 0xe6, 0xce, 0x01, 0x15, 0x98, 0xb0, 0x2f,
- 0xa0, 0x28, 0x4b, 0x2b, 0xf1, 0xf4, 0xd0, 0x9e,
- 0xbd, 0xa2, 0xf5, 0xad, 0x04, 0x23, 0xf6, 0x55,
- 0xdb, 0x08, 0x45, 0x7b, 0xde, 0x6e, 0x7b, 0xce,
- 0x1d, 0x26, 0x08, 0xc3, 0x01, 0xfd, 0xb1, 0xe1,
- 0x56, 0xd3, 0xcc, 0x38, 0x38, 0x93, 0x4d, 0x6e,
- 0xb1, 0x95, 0xd1, 0x9c, 0x91, 0x65, 0x4c, 0x85,
- 0xe7, 0x64, 0x4f, 0xe5, 0x27, 0x48, 0x81, 0x02,
- 0x2f, 0x58, 0x29, 0x17, 0x6b
-};
-uchar_t ec_value_p521r1[] = {
- 0x01, 0x74, 0x8a, 0x92, 0xca, 0x6f, 0x31, 0x1f,
- 0x45, 0x22, 0x84, 0x9f, 0x33, 0x20, 0x56, 0xb0,
- 0x5a, 0xdd, 0xda, 0x73, 0x89, 0xb3, 0x21, 0xab,
- 0xe5, 0xe0, 0xac, 0xe1, 0x6c, 0xa5, 0x59, 0x1b,
- 0x54, 0x56, 0xd6, 0x45, 0xcb, 0xcf, 0x9f, 0xbd,
- 0xec, 0x26, 0x43, 0xe8, 0xc4, 0x84, 0xec, 0xa6,
- 0xdf, 0x09, 0xfc, 0xe3, 0xe3, 0xcb, 0x89, 0x01,
- 0xce, 0x19, 0x12, 0x3d, 0x61, 0x10, 0x1d, 0x6a,
- 0xca, 0x39
-};
-
-
-/* K-163 */
-uchar_t ec_param_oid_sect163k1[] =
- {0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01};
-uchar_t ec_point_t163k1[] = {
- 0x04, 0x05, 0x95, 0xe3, 0x64, 0xed, 0x0b, 0xf5,
- 0x0b, 0x28, 0x20, 0x31, 0xb5, 0x25, 0x35, 0x0d,
- 0xc0, 0x5b, 0x16, 0x64, 0x18, 0x7d, 0x01, 0xe4,
- 0x11, 0xda, 0xa4, 0x1e, 0x79, 0x7b, 0xcd, 0x5a,
- 0x29, 0xed, 0xdf, 0xec, 0xa0, 0xc2, 0xb5, 0xf7,
- 0xf3, 0xf6, 0x5a
-};
-uchar_t ec_value_t163k1[] = {
- 0x03, 0x0d, 0x02, 0xa7, 0xb7, 0x7b, 0x86, 0xe1,
- 0x6a, 0x4e, 0xea, 0xd5, 0xa5, 0x01, 0x5c, 0x7c,
- 0x73, 0x60, 0x5b, 0x44, 0x80
-};
-
-/* K-233 */
-uchar_t ec_param_oid_sect233k1[] =
- {0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x1a};
-uchar_t ec_point_t233k1[] = {
- 0x04, 0x00, 0xf1, 0x3e, 0x3d, 0xd9, 0xbf, 0x5c,
- 0x68, 0x9d, 0xb3, 0x2a, 0x4f, 0x0e, 0xb0, 0xfa,
- 0x97, 0x1a, 0x50, 0xbc, 0xbb, 0x5f, 0x86, 0x05,
- 0xe3, 0x60, 0x04, 0x81, 0x4b, 0xce, 0x62, 0x01,
- 0xe7, 0x57, 0xeb, 0xe2, 0x52, 0xc8, 0x4b, 0x84,
- 0x46, 0xd4, 0xca, 0xce, 0x1d, 0xf8, 0x07, 0x0c,
- 0x5b, 0x8c, 0x56, 0xce, 0x08, 0xdb, 0x4e, 0x1b,
- 0xf7, 0xed, 0x56, 0x19, 0x13
-};
-uchar_t ec_value_t233k1[] = {
- 0x00, 0x61, 0xba, 0xcf, 0x3f, 0x7c, 0x0c, 0x16,
- 0x81, 0x84, 0x7a, 0x2b, 0x07, 0x88, 0x86, 0x83,
- 0xc7, 0xdb, 0xc0, 0xc6, 0xc7, 0xb9, 0x55, 0x80,
- 0x7d, 0x9b, 0x89, 0x0f, 0x6f, 0x9d
-};
-
-
-/* K-283 */
-uchar_t ec_param_oid_sect283k1[] =
- {0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x10};
-uchar_t ec_point_t283k1[] = {
- 0x04, 0x03, 0x63, 0x96, 0xa4, 0xdd, 0x64, 0xf6,
- 0x9a, 0x76, 0x4e, 0x46, 0x64, 0x39, 0x3f, 0x6d,
- 0xb6, 0xcc, 0xf8, 0xa8, 0x85, 0xea, 0xd4, 0x59,
- 0x38, 0xf5, 0xce, 0xb4, 0x57, 0xf3, 0x68, 0xd9,
- 0x3a, 0x11, 0xd6, 0x88, 0x2f, 0x03, 0x7f, 0x23,
- 0x70, 0x4a, 0x11, 0x3f, 0x4d, 0x04, 0x57, 0x48,
- 0xa0, 0x31, 0xd7, 0x0f, 0xec, 0x35, 0x57, 0x4c,
- 0x01, 0x11, 0xe5, 0xf0, 0x71, 0xa9, 0x69, 0x44,
- 0xc9, 0xf1, 0xc1, 0xf9, 0xe8, 0xb3, 0x90, 0xae, 0x7f
-};
-uchar_t ec_value_t283k1[] = {
- 0x01, 0x4d, 0x29, 0x14, 0xf0, 0xed, 0xd5, 0x7d,
- 0x44, 0x23, 0xc8, 0xa0, 0xc3, 0x4c, 0x90, 0x54,
- 0x52, 0xaa, 0x30, 0x90, 0xd9, 0x85, 0xc1, 0x45,
- 0xbf, 0x1d, 0xd6, 0x2b, 0x91, 0x47, 0x87, 0x40,
- 0xcf, 0x76, 0xa7, 0xa4
-};
-
-/* K-409 */
-uchar_t ec_param_oid_sect409k1[] =
- {0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x24};
-uchar_t ec_point_t409k1[] = {
- 0x04, 0x00, 0xed, 0xe7, 0xa4, 0xe0, 0xe6, 0x06,
- 0xd5, 0xc7, 0x39, 0x08, 0xf3, 0x35, 0xe4, 0x20,
- 0xd3, 0xb8, 0xbb, 0x24, 0x41, 0x6a, 0x7a, 0xa6,
- 0x47, 0x72, 0x29, 0xc8, 0x57, 0x59, 0x3d, 0xc3,
- 0x53, 0xac, 0x0e, 0xeb, 0x00, 0x48, 0xe4, 0x9b,
- 0xa3, 0xc6, 0x05, 0x01, 0x7f, 0xa7, 0x81, 0xff,
- 0x18, 0x48, 0xf6, 0x3b, 0x2a, 0x01, 0xb8, 0xef,
- 0x75, 0x39, 0x2b, 0xb5, 0x3d, 0x80, 0x54, 0xef,
- 0xee, 0x37, 0xc8, 0x59, 0xdb, 0xad, 0xff, 0xad,
- 0x52, 0x42, 0x40, 0x2b, 0xcc, 0xdd, 0xa1, 0xd7,
- 0x83, 0xd0, 0x7d, 0x21, 0xab, 0xc7, 0xbf, 0xb2,
- 0x1a, 0x4e, 0xb4, 0xe6, 0xb4, 0x1c, 0xe5, 0x9b,
- 0xbb, 0xb9, 0xef, 0x68, 0x5c, 0xbf, 0x0d, 0xfd, 0x42
-};
-uchar_t ec_value_t409k1[] = {
- 0x00, 0x74, 0xa9, 0xea, 0x4e, 0xeb, 0x48, 0x7d,
- 0xc4, 0x7c, 0xd6, 0x09, 0xf9, 0x1d, 0x06, 0x0c,
- 0xbf, 0x61, 0xa8, 0x8a, 0x70, 0x11, 0x2c, 0xca,
- 0x2d, 0xb8, 0x0b, 0x3a, 0x83, 0x22, 0x9b, 0x69,
- 0x22, 0x25, 0x13, 0xe3, 0x4c, 0xe1, 0xed, 0x4e,
- 0xdd, 0xe4, 0x27, 0x38, 0xc0, 0x75, 0x91, 0xb7,
- 0xfd, 0x6a, 0x73, 0x1c
-};
-
-
-/* K-571 */
-uchar_t ec_param_oid_sect571k1[] =
- {0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x26};
-uchar_t ec_point_t571k1[] = {
- 0x04, 0x02, 0x90, 0x9c, 0xfe, 0x4f, 0x09, 0x18,
- 0x38, 0x71, 0xdc, 0x84, 0xda, 0x80, 0x1d, 0xa5,
- 0xba, 0xad, 0x52, 0xce, 0x72, 0x19, 0x42, 0xb8,
- 0x6f, 0xa4, 0x31, 0x68, 0xb6, 0xb2, 0x59, 0x4e,
- 0x49, 0x73, 0x6e, 0xb6, 0xf7, 0x04, 0x19, 0x6d,
- 0x78, 0x5b, 0x28, 0x5a, 0xf6, 0x9b, 0x33, 0x6b,
- 0xac, 0x58, 0x1a, 0xcb, 0x52, 0xab, 0xb8, 0x51,
- 0xe1, 0x27, 0x6e, 0x55, 0x2b, 0xaa, 0x78, 0xd8,
- 0x27, 0x19, 0x2f, 0x3b, 0xfd, 0x5d, 0x4d, 0xa7,
- 0x17, 0x05, 0x8a, 0x27, 0xfa, 0x9f, 0xd5, 0xf0,
- 0xfe, 0xf7, 0x01, 0x7b, 0x2d, 0x53, 0xc5, 0x4a,
- 0x82, 0xc9, 0xae, 0xb3, 0xde, 0xf8, 0x93, 0xc7,
- 0x10, 0x2a, 0x95, 0x43, 0x3f, 0x1f, 0xdd, 0xcb,
- 0x59, 0xf8, 0xc8, 0x2d, 0xa3, 0xce, 0x7e, 0x65,
- 0x39, 0x85, 0x61, 0x01, 0xb3, 0x25, 0x11, 0xc8,
- 0x7a, 0xed, 0x15, 0xc4, 0x9d, 0x60, 0x8e, 0xc7,
- 0x34, 0x6e, 0x15, 0xa1, 0x0f, 0x9c, 0x86, 0x3d,
- 0x8d, 0x2f, 0xdc, 0x9e, 0xb3, 0xfd, 0xb7, 0x1c, 0x98
-};
-uchar_t ec_value_t571k1[] = {
- 0x00, 0x18, 0xf8, 0xad, 0x6b, 0x49, 0xa4, 0x31,
- 0x97, 0x4b, 0xcf, 0x23, 0xa0, 0x7f, 0xf4, 0x66,
- 0x81, 0x7d, 0xa2, 0x72, 0x11, 0x7d, 0x5b, 0xe1,
- 0xab, 0x9f, 0xf1, 0xb7, 0xee, 0xea, 0x88, 0xee,
- 0xd6, 0x20, 0x18, 0xfd, 0x51, 0xb2, 0xa4, 0x06,
- 0xdc, 0x35, 0x13, 0x32, 0x93, 0x56, 0xbe, 0x55,
- 0x01, 0xf3, 0xd3, 0x8c, 0xba, 0x8c, 0xcd, 0xd0,
- 0xa2, 0x49, 0x9c, 0x7d, 0xac, 0x50, 0x4a, 0x17,
- 0xca, 0xbc, 0x52, 0x39, 0x97, 0xf5, 0xfe, 0xc8
-};
-
-/* B-163 */
-uchar_t ec_param_oid_sect163r2[] =
- {0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x0f};
-uchar_t ec_point_t163r2[] = {
- 0x04, 0x05, 0xe7, 0xb8, 0x3c, 0xd5, 0x6b, 0xc1,
- 0xeb, 0x43, 0x0b, 0xbc, 0xc1, 0xd7, 0xc2, 0xf9,
- 0xa2, 0xc5, 0x88, 0x4d, 0x48, 0x46, 0x04, 0xd2,
- 0x80, 0x2f, 0x35, 0x35, 0x38, 0xda, 0x85, 0xab,
- 0x23, 0xce, 0x85, 0xe5, 0x89, 0xcf, 0x00, 0x5d,
- 0xf5, 0x39, 0xfc
-};
-uchar_t ec_value_t163r2[] = {
- 0x01, 0x4d, 0xbd, 0x26, 0x63, 0xc4, 0x6a, 0xec,
- 0x6d, 0xa5, 0x46, 0x8d, 0xa2, 0x65, 0x64, 0x20,
- 0xb5, 0x05, 0x8a, 0x94, 0x24
-};
-
-
-/* B-233 */
-uchar_t ec_param_oid_sect233r1[] =
- {0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x1b};
-uchar_t ec_point_t233r1[] = {
- 0x04, 0x01, 0x68, 0x1d, 0x09, 0x0b, 0x67, 0xe4,
- 0x9c, 0xc1, 0xd9, 0xac, 0x98, 0xec, 0x26, 0x91,
- 0x0a, 0x08, 0x3b, 0xeb, 0x48, 0xc1, 0xea, 0x79,
- 0x37, 0xff, 0xc5, 0x3d, 0xad, 0xe9, 0xea, 0x01,
- 0xab, 0x06, 0x22, 0x4f, 0xb3, 0xfa, 0x23, 0xe3,
- 0x15, 0xf3, 0x7d, 0xa0, 0x5a, 0xff, 0x1d, 0x00,
- 0xe0, 0xa2, 0x70, 0xbc, 0x31, 0xef, 0xa0, 0xc9,
- 0xd4, 0xba, 0xa5, 0x16, 0x62
-};
-uchar_t ec_value_t233r1[] = {
- 0x00, 0x88, 0x3e, 0x26, 0x83, 0x08, 0x9c, 0xd9,
- 0x7a, 0x46, 0xae, 0xf8, 0x6d, 0xd3, 0x9c, 0xee,
- 0xd8, 0xae, 0xf9, 0xd0, 0x5d, 0x96, 0x7e, 0xf9,
- 0xb0, 0x1c, 0x21, 0x26, 0x9d, 0x64
-};
-
-
-/* B-283 */
-uchar_t ec_param_oid_sect283r1[] =
- {0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x11};
-uchar_t ec_point_t283r1[] = {
- 0x04, 0x03, 0x78, 0x8d, 0x40, 0xd6, 0x34, 0xb6,
- 0xa0, 0x54, 0x66, 0x23, 0x9d, 0xc0, 0x60, 0x65,
- 0x7f, 0xeb, 0x6d, 0xe1, 0x9e, 0xee, 0xc3, 0x7a,
- 0xce, 0x50, 0x4f, 0x66, 0x45, 0x49, 0xcd, 0xbf,
- 0x5a, 0x8c, 0x84, 0xa7, 0x30, 0x07, 0xc6, 0xbf,
- 0x90, 0x6b, 0x6d, 0x9b, 0x50, 0x24, 0x66, 0x7b,
- 0xd2, 0xc9, 0xfe, 0x27, 0xdd, 0xd3, 0xef, 0x15,
- 0x2e, 0xca, 0x09, 0x93, 0x38, 0x4d, 0x90, 0x9c,
- 0x0e, 0x6b, 0xad, 0x5b, 0x79, 0xef, 0x45, 0xb0, 0xef
-};
-uchar_t ec_value_t283r1[] = {
- 0x00, 0xa1, 0xbb, 0x28, 0x7a, 0xc8, 0x63, 0x2a,
- 0xd4, 0x5e, 0xe1, 0xe2, 0x29, 0x33, 0x74, 0x0f,
- 0xbb, 0x26, 0x06, 0x36, 0x4f, 0xab, 0x14, 0x35,
- 0x87, 0x40, 0xb3, 0x99, 0x67, 0xe2, 0x83, 0xcd,
- 0x44, 0xdf, 0xac, 0xff
-};
-
-/* B-409 */
-uchar_t ec_param_oid_sect409r1[] =
- {0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x25};
-uchar_t ec_point_t409r1[] = {
- 0x04, 0x01, 0x28, 0x3c, 0x30, 0xa0, 0x5f, 0x13,
- 0x3e, 0x72, 0xf5, 0x5f, 0xf6, 0xe9, 0x78, 0x20,
- 0xb2, 0x8e, 0x81, 0xdd, 0x62, 0xa6, 0x8a, 0x57,
- 0xaf, 0x94, 0xab, 0x0a, 0x7e, 0xef, 0xb5, 0xda,
- 0xfe, 0xcf, 0x6f, 0x7f, 0xa7, 0x6d, 0x2c, 0xa6,
- 0xe4, 0xca, 0x32, 0x7e, 0x7f, 0x45, 0xaa, 0xc8,
- 0x88, 0x7a, 0x67, 0x36, 0x07, 0x00, 0xdc, 0x7d,
- 0x11, 0xc7, 0x6e, 0x49, 0xc5, 0x57, 0x80, 0xf2,
- 0x49, 0xf5, 0xce, 0x62, 0x7b, 0xad, 0xb8, 0xae,
- 0x24, 0x8d, 0x1d, 0x77, 0xbf, 0x83, 0xd6, 0xc3,
- 0xf3, 0xa9, 0xb9, 0xe3, 0xa6, 0x47, 0x1a, 0x4a,
- 0x91, 0x11, 0xd1, 0x4a, 0x48, 0x21, 0x10, 0x16,
- 0x85, 0x49, 0xb4, 0x45, 0x7f, 0xdf, 0x0f, 0x34, 0x8a
-};
-uchar_t ec_value_t409r1[] = {
- 0x00, 0xef, 0x9d, 0x02, 0xa8, 0xef, 0xe4, 0xa2,
- 0xe7, 0x5b, 0x6e, 0x3f, 0x15, 0x2f, 0x64, 0x5b,
- 0x55, 0xc8, 0xbf, 0xec, 0xca, 0x3a, 0xeb, 0x1c,
- 0xdd, 0x97, 0x4f, 0x3f, 0xb0, 0x08, 0xfb, 0x4e,
- 0x1d, 0xd3, 0x40, 0x83, 0x75, 0x82, 0x56, 0x27,
- 0x6b, 0xfd, 0x83, 0xa8, 0xb7, 0xb6, 0x27, 0xc2,
- 0x85, 0x22, 0x4f, 0x34
-};
-
-/* B-571 */
-uchar_t ec_param_oid_sect571r1[] =
- {0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x27};
-uchar_t ec_point_t571r1[] = {
- 0x04, 0x04, 0x30, 0x6c, 0xfe, 0x2b, 0xff, 0x12,
- 0x23, 0x8a, 0x3b, 0xe0, 0x07, 0x19, 0x8b, 0xd1,
- 0xf9, 0x8c, 0x14, 0x3e, 0xea, 0x5f, 0x85, 0x7f,
- 0x03, 0x20, 0x89, 0x9f, 0x9f, 0x6d, 0xde, 0xcd,
- 0x35, 0x24, 0xa1, 0x83, 0xf7, 0xb9, 0xd1, 0x4b,
- 0x4f, 0x20, 0xa8, 0x91, 0x36, 0xa4, 0x75, 0x5e,
- 0xee, 0x5a, 0x0e, 0x47, 0xf0, 0xa9, 0xff, 0xb6,
- 0x62, 0x65, 0x2b, 0x85, 0x01, 0x49, 0x59, 0x5f,
- 0x1d, 0x37, 0x54, 0xf5, 0xdc, 0x61, 0x37, 0x48,
- 0xbd, 0x02, 0xf2, 0xa2, 0x7d, 0x73, 0x00, 0xfb,
- 0x15, 0x6c, 0x4e, 0x16, 0x22, 0x82, 0xdb, 0x9d,
- 0xed, 0x6e, 0xa6, 0x5d, 0x97, 0x19, 0xbb, 0x30,
- 0x13, 0x22, 0x71, 0x04, 0xc7, 0xd3, 0x83, 0xc2,
- 0x2c, 0xcf, 0x2f, 0xf9, 0x90, 0xe2, 0x9a, 0xca,
- 0x97, 0x6b, 0x3c, 0x1d, 0x22, 0xf1, 0x38, 0x6c,
- 0x14, 0x4e, 0xa9, 0x8d, 0x37, 0xf5, 0x51, 0xbc,
- 0x2b, 0xc8, 0x03, 0x47, 0x25, 0xd5, 0x30, 0x9b,
- 0x64, 0xfc, 0x7e, 0x80, 0x70, 0x63, 0xc1, 0x34, 0x86
-};
-uchar_t ec_value_t571r1[] = {
- 0x03, 0xa0, 0xb6, 0xf6, 0x40, 0x71, 0x56, 0xd8,
- 0x88, 0xf4, 0x08, 0x13, 0xa1, 0x20, 0x8b, 0x03,
- 0x04, 0xae, 0x67, 0xc0, 0x7d, 0x1f, 0x19, 0x4b,
- 0x40, 0xab, 0x75, 0x65, 0x5f, 0x61, 0x0b, 0x0b,
- 0x72, 0x1d, 0xc3, 0xdf, 0x5c, 0xd2, 0x41, 0xf7,
- 0x74, 0xe2, 0x26, 0x4d, 0xba, 0xab, 0xcb, 0x6e,
- 0xcd, 0x86, 0x57, 0x48, 0x7f, 0x3f, 0x2b, 0x91,
- 0xab, 0x50, 0x61, 0xd0, 0x01, 0xd9, 0x1a, 0xec,
- 0x7b, 0xb8, 0xcb, 0x3c, 0x72, 0xa7, 0xd5, 0x39
-};
diff --git a/usr/src/common/crypto/fips/fips_test_vectors.h b/usr/src/common/crypto/fips/fips_test_vectors.h
deleted file mode 100644
index 451ae64bb9..0000000000
--- a/usr/src/common/crypto/fips/fips_test_vectors.h
+++ /dev/null
@@ -1,246 +0,0 @@
-/*
- * CDDL HEADER START
- *
- * The contents of this file are subject to the terms of the
- * Common Development and Distribution License (the "License").
- * You may not use this file except in compliance with the License.
- *
- * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
- * or http://www.opensolaris.org/os/licensing.
- * See the License for the specific language governing permissions
- * and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL HEADER in each
- * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
- * If applicable, add the following below this CDDL HEADER, with the
- * fields enclosed by brackets "[]" replaced with your own identifying
- * information: Portions Copyright [yyyy] [name of copyright owner]
- *
- * CDDL HEADER END
- */
-
-/*
- * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
- */
-
-#ifndef _FIPS_TEST_VECTORS_H
-#define _FIPS_TEST_VECTORS_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define DES3_KEY_SZ 24
-#define DES_IV_LEN 8
-#define DES_BLOCK_SZ 8
-
-#define AES_BLOCK_SZ 16
-#define AES_MAX_KEY_SZ 32
-
-#define AES_CCM_TLEN 16
-#define AES_CCM_NONCE_SZ 7
-#define AES_CCM_AUTHDATA_SZ 30
-#define AES_CCM_DATA_SZ 32 /* Payload size */
-#define AES_CCM_CIPHER_SZ (AES_CCM_DATA_SZ + AES_CCM_TLEN)
-
-#define AES_GCM_IV_LEN 12
-#define AES_GCM_AAD_LEN 16
-#define AES_GCM_DATA_SZ 16
-#define AES_GCM_CIPHER_SZ ((AES_GCM_DATA_SZ) + ((AES_GMAC_TAG_BITS) / 8))
-
-#define AES_GMAC_IV_LEN 12
-#define AES_GMAC_AAD_LEN 16
-#define AES_GMAC_TAG_BITS 128
-#define AES_GMAC_TAG_SZ ((AES_GMAC_TAG_BITS) / 8)
-#define AES_GMAC_CIPHER_SZ (AES_GMAC_TAG_SZ)
-
-#define SHA1_HASH_SZ 20
-#define SHA256_HASH_SZ 32
-#define SHA384_HASH_SZ 48
-#define SHA512_HASH_SZ 64
-
-
-extern uint8_t des3_known_key[DES3_KEY_SZ];
-extern uint8_t des3_cbc_known_iv[DES_IV_LEN];
-extern uint8_t des3_ecb_known_plaintext[DES_BLOCK_SZ];
-extern uint8_t des3_cbc_known_plaintext[DES_BLOCK_SZ];
-extern uint8_t des3_ecb_known_ciphertext[DES_BLOCK_SZ];
-extern uint8_t des3_cbc_known_ciphertext[DES_BLOCK_SZ];
-
-extern uint8_t aes_known_key[AES_MAX_KEY_SZ];
-extern uint8_t aes_cbc_known_initialization_vector[AES_BLOCK_SZ];
-extern uint8_t aes_known_plaintext[AES_BLOCK_SZ];
-extern uint8_t aes_ecb128_known_ciphertext[AES_BLOCK_SZ];
-extern uint8_t aes_cbc128_known_ciphertext[AES_BLOCK_SZ];
-extern uint8_t aes_ecb192_known_ciphertext[AES_BLOCK_SZ];
-extern uint8_t aes_cbc192_known_ciphertext[AES_BLOCK_SZ];
-extern uint8_t aes_ecb256_known_ciphertext[AES_BLOCK_SZ];
-extern uint8_t aes_cbc256_known_ciphertext[AES_BLOCK_SZ];
-
-extern uint8_t aes_ctr128_known_key[16];
-extern uint8_t aes_ctr192_known_key[24];
-extern uint8_t aes_ctr256_known_key[32];
-extern uint8_t aes_ctr_known_counter[AES_BLOCK_SZ];
-extern uint8_t aes_ctr_known_plaintext[AES_BLOCK_SZ];
-extern uint8_t aes_ctr128_known_ciphertext[AES_BLOCK_SZ];
-extern uint8_t aes_ctr192_known_ciphertext[AES_BLOCK_SZ];
-extern uint8_t aes_ctr256_known_ciphertext[AES_BLOCK_SZ];
-
-extern uint8_t aes_ccm128_known_key[16];
-extern uint8_t aes_ccm192_known_key[24];
-extern uint8_t aes_ccm256_known_key[32];
-extern uint8_t aes_ccm128_known_nonce[AES_CCM_NONCE_SZ];
-extern uint8_t aes_ccm192_known_nonce[AES_CCM_NONCE_SZ];
-extern uint8_t aes_ccm256_known_nonce[AES_CCM_NONCE_SZ];
-extern uint8_t aes_ccm128_known_adata[AES_CCM_AUTHDATA_SZ];
-extern uint8_t aes_ccm192_known_adata[AES_CCM_AUTHDATA_SZ];
-extern uint8_t aes_ccm256_known_adata[AES_CCM_AUTHDATA_SZ];
-extern uint8_t aes_ccm128_known_plaintext[AES_CCM_DATA_SZ];
-extern uint8_t aes_ccm192_known_plaintext[AES_CCM_DATA_SZ];
-extern uint8_t aes_ccm256_known_plaintext[AES_CCM_DATA_SZ];
-extern uint8_t aes_ccm128_known_ciphertext[AES_CCM_CIPHER_SZ];
-extern uint8_t aes_ccm192_known_ciphertext[AES_CCM_CIPHER_SZ];
-extern uint8_t aes_ccm256_known_ciphertext[AES_CCM_CIPHER_SZ];
-
-extern uint8_t aes_gcm128_known_key[16];
-extern uint8_t aes_gcm192_known_key[24];
-extern uint8_t aes_gcm256_known_key[32];
-extern uint8_t aes_gcm128_known_iv[AES_GCM_IV_LEN];
-extern uint8_t aes_gcm192_known_iv[AES_GCM_IV_LEN];
-extern uint8_t aes_gcm256_known_iv[AES_GCM_IV_LEN];
-extern uint8_t aes_gcm128_known_adata[AES_GCM_AAD_LEN];
-extern uint8_t aes_gcm192_known_adata[AES_GCM_AAD_LEN];
-extern uint8_t aes_gcm256_known_adata[AES_GCM_AAD_LEN];
-extern uint8_t aes_gcm128_known_plaintext[AES_BLOCK_SZ];
-extern uint8_t aes_gcm192_known_plaintext[AES_BLOCK_SZ];
-extern uint8_t aes_gcm256_known_plaintext[AES_BLOCK_SZ];
-extern uint8_t aes_gcm128_known_ciphertext[32];
-extern uint8_t aes_gcm192_known_ciphertext[32];
-extern uint8_t aes_gcm256_known_ciphertext[32];
-
-extern uint8_t aes_gmac128_known_key[16];
-extern uint8_t aes_gmac192_known_key[24];
-extern uint8_t aes_gmac256_known_key[32];
-extern uint8_t aes_gmac128_known_iv[AES_GMAC_IV_LEN];
-extern uint8_t aes_gmac192_known_iv[AES_GMAC_IV_LEN];
-extern uint8_t aes_gmac256_known_iv[AES_GMAC_IV_LEN];
-extern uint8_t aes_gmac128_known_tag[AES_GMAC_TAG_SZ];
-extern uint8_t aes_gmac192_known_tag[AES_GMAC_TAG_SZ];
-extern uint8_t aes_gmac256_known_tag[AES_GMAC_TAG_SZ];
-extern uint8_t aes_gmac128_known_adata[AES_GMAC_AAD_LEN];
-extern uint8_t aes_gmac192_known_adata[AES_GMAC_AAD_LEN];
-extern uint8_t aes_gmac256_known_adata[AES_GMAC_AAD_LEN];
-
-
-extern uint8_t sha1_known_hash_message[64];
-extern uint8_t sha1_known_digest[SHA1_HASH_SZ];
-extern uint8_t HMAC_known_secret_key[8];
-extern uint8_t known_SHA1_hmac[10];
-extern uint8_t hmac_sha1_known_hash_message[128];
-extern uint8_t sha1_hmac_known_secret_key_2[SHA1_HASH_SZ];
-extern uint8_t sha1_hmac_known_hash_message_2[9];
-extern uint8_t sha1_known_hmac_2[SHA1_HASH_SZ];
-
-extern uint8_t sha256_known_hash_message[64];
-extern uint8_t known_sha256_digest[SHA256_HASH_SZ];
-extern uint8_t sha384_known_hash_message[64];
-extern uint8_t known_sha384_digest[SHA384_HASH_SZ];
-extern uint8_t sha512_known_hash_message[64];
-extern uint8_t known_sha512_digest[SHA512_HASH_SZ];
-extern uint8_t sha256_hmac_known_hash_message[64];
-extern uint8_t sha256_hmac_known_secret_key[36];
-extern uint8_t known_sha256_hmac[SHA256_HASH_SZ];
-extern uint8_t sha256_hmac_known_hash_message_1[28];
-extern uint8_t sha256_hmac_known_secret_key_1[4];
-extern uint8_t sha256_known_hmac_1[SHA256_HASH_SZ];
-extern uint8_t sha256_hmac_known_hash_message_2[50];
-extern uint8_t sha256_hmac_known_secret_key_2[25];
-extern uint8_t sha256_known_hmac_2[SHA256_HASH_SZ];
-extern uint8_t sha384_hmac_known_secret_key[16];
-extern uint8_t sha384_hmac_known_hash_message[128];
-extern uint8_t known_sha384_hmac[SHA384_HASH_SZ];
-extern uint8_t sha512_hmac_known_secret_key[20];
-extern uint8_t sha512_hmac_known_hash_message[128];
-extern uint8_t known_sha512_hmac[SHA512_HASH_SZ];
-
-
-extern uint8_t rsa_modulus_1024[128];
-extern uint8_t rsa_public_exponent_1024[3];
-extern uint8_t rsa_private_exponent_1024[128];
-extern uint8_t rsa_prime1_1024[64];
-extern uint8_t rsa_prime2_1024[64];
-extern uint8_t rsa_exponent1_1024[64];
-extern uint8_t rsa_exponent2_1024[64];
-extern uint8_t rsa_coefficient_1024[64];
-extern uint8_t rsa_modulus_2048[256];
-extern uint8_t rsa_public_exponent_2048[1];
-extern uint8_t rsa_private_exponent_2048[256];
-extern uint8_t rsa_prime1_2048[128];
-extern uint8_t rsa_prime2_2048[128];
-extern uint8_t rsa_exponent1_2048[128];
-extern uint8_t rsa_exponent2_2048[128];
-extern uint8_t rsa_coefficient_2048[128];
-extern uint8_t rsa_known_plaintext_msg[128];
-extern uint8_t rsa_x509_known_signature_1024[128];
-extern uint8_t rsa_pkcs_known_signature_1024[128];
-extern uint8_t rsa_x509_known_signature_2048[256];
-extern uint8_t rsa_pkcs_known_signature_2048[256];
-
-extern uint8_t dsa_base_1024[128];
-extern uint8_t dsa_prime_1024[128];
-extern uint8_t dsa_subprime_1024[20];
-extern uint8_t dsa_privalue_1024[20];
-extern uint8_t dsa_pubvalue_1024[128];
-extern uint8_t dsa_known_data[20];
-
-extern uint8_t ec_param_oid_secp192r1[10];
-extern uint8_t ec_point_p192r1[49];
-extern uint8_t ec_value_p192r1[24];
-extern uint8_t ec_param_oid_secp224r1[7];
-extern uint8_t ec_point_p224r1[57];
-extern uint8_t ec_value_p224r1[28];
-extern uint8_t ec_param_oid_secp256r1[10];
-extern uint8_t ec_point_p256r1[65];
-extern uint8_t ec_value_p256r1[32];
-extern uint8_t ec_param_oid_secp384r1[7];
-extern uint8_t ec_point_p384r1[97];
-extern uint8_t ec_value_p384r1[48];
-extern uint8_t ec_param_oid_secp521r1[7];
-extern uint8_t ec_point_p521r1[133];
-extern uint8_t ec_value_p521r1[66];
-extern uint8_t ec_param_oid_sect163k1[7];
-extern uint8_t ec_point_t163k1[43];
-extern uint8_t ec_value_t163k1[21];
-extern uint8_t ec_param_oid_sect233k1[7];
-extern uint8_t ec_point_t233k1[61];
-extern uint8_t ec_value_t233k1[30];
-extern uint8_t ec_param_oid_sect283k1[7];
-extern uint8_t ec_point_t283k1[73];
-extern uint8_t ec_value_t283k1[36];
-extern uint8_t ec_param_oid_sect409k1[7];
-extern uint8_t ec_point_t409k1[105];
-extern uint8_t ec_value_t409k1[52];
-extern uint8_t ec_param_oid_sect571k1[7];
-extern uint8_t ec_point_t571k1[145];
-extern uint8_t ec_value_t571k1[72];
-extern uint8_t ec_param_oid_sect163r2[7];
-extern uint8_t ec_point_t163r2[43];
-extern uint8_t ec_value_t163r2[21];
-extern uint8_t ec_param_oid_sect233r1[7];
-extern uint8_t ec_point_t233r1[61];
-extern uint8_t ec_value_t233r1[30];
-extern uint8_t ec_param_oid_sect283r1[7];
-extern uint8_t ec_point_t283r1[73];
-extern uint8_t ec_value_t283r1[36];
-extern uint8_t ec_param_oid_sect409r1[7];
-extern uint8_t ec_point_t409r1[105];
-extern uint8_t ec_value_t409r1[52];
-extern uint8_t ec_param_oid_sect571r1[7];
-extern uint8_t ec_point_t571r1[145];
-extern uint8_t ec_value_t571r1[72];
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* _FIPS_TEST_VECTORS_H */
diff --git a/usr/src/common/crypto/rsa/rsa_impl.h b/usr/src/common/crypto/rsa/rsa_impl.h
index 60aba07d72..695a08a764 100644
--- a/usr/src/common/crypto/rsa/rsa_impl.h
+++ b/usr/src/common/crypto/rsa/rsa_impl.h
@@ -129,40 +129,6 @@ CK_RV rsa_decrypt(RSAbytekey *bkey,
#define rsa_sign(key, msg, len, sig) rsa_decrypt((key), (msg), (len), (sig))
#define rsa_verify(key, msg, len, sig) rsa_encrypt((key), (msg), (len), (sig))
-/*
- * The following definitions and declarations are only used by RSA FIPS POST
- */
-#ifdef _RSA_FIPS_POST
-
-/* RSA FIPS Declarations */
-#define FIPS_RSA_PUBLIC_EXPONENT_LENGTH 3 /* 24-bits */
-#define FIPS_RSA_PRIVATE_VERSION_LENGTH 1 /* 8-bits */
-#define FIPS_RSA_MESSAGE_LENGTH 128 /* 1024-bits */
-#define FIPS_RSA_COEFFICIENT_LENGTH 64 /* 512-bits */
-#define FIPS_RSA_PRIME0_LENGTH 64 /* 512-bits */
-#define FIPS_RSA_PRIME1_LENGTH 64 /* 512-bits */
-#define FIPS_RSA_EXPONENT0_LENGTH 64 /* 512-bits */
-#define FIPS_RSA_EXPONENT1_LENGTH 64 /* 512-bits */
-#define FIPS_RSA_PRIVATE_EXPONENT_LENGTH 128 /* 1024-bits */
-#define FIPS_RSA_ENCRYPT_LENGTH 128 /* 1024-bits */
-#define FIPS_RSA_DECRYPT_LENGTH 128 /* 1024-bits */
-#define FIPS_RSA_SIGNATURE_LENGTH 128 /* 1024-bits */
-#define FIPS_RSA_MODULUS_LENGTH 128 /* 1024-bits */
-#define MAX_KEY_ATTR_BUFLEN 1024
-
-typedef struct RSAPrivateKey_s {
- uint8_t *version;
- int version_len;
- RSAbytekey bkey;
-} RSAPrivateKey_t;
-
-/* RSA FIPS functions */
-extern int fips_rsa_post(void);
-extern int fips_rsa_encrypt(RSAPrivateKey_t *, uint8_t *, int, uint8_t *);
-extern int fips_rsa_decrypt(RSAPrivateKey_t *, uint8_t *, int, uint8_t *);
-
-#endif /* _RSA_FIPS_POST */
-
#ifdef __cplusplus
}
#endif
diff --git a/usr/src/common/crypto/sha1/sha1_impl.h b/usr/src/common/crypto/sha1/sha1_impl.h
index 0dba1f0bcd..9353668e83 100644
--- a/usr/src/common/crypto/sha1/sha1_impl.h
+++ b/usr/src/common/crypto/sha1/sha1_impl.h
@@ -31,8 +31,6 @@
extern "C" {
#endif
-#include <fips/fips_post.h>
-
#ifdef _KERNEL
#define SHA1_HASH_SIZE 20 /* SHA_1 digest length in bytes */
#define SHA1_DIGEST_LENGTH 20 /* SHA1 digest length in bytes */
@@ -70,25 +68,6 @@ typedef struct sha1_hmac_ctx {
#endif
-extern int fips_sha1_post(void);
-
-/* SHA1 funtions */
-extern SHA1_CTX *fips_sha1_build_context(void);
-extern int fips_sha1_hash(SHA1_CTX *, uchar_t *, ulong_t, uchar_t *);
-
-/* SHA1 HMAC functions */
-#ifndef _KERNEL
-extern soft_hmac_ctx_t *fips_sha1_hmac_build_context(uint8_t *,
- unsigned int);
-extern CK_RV fips_hmac_sha1_hash(unsigned char *, uint8_t *,
- unsigned int, uint8_t *, unsigned int);
-#else
-extern sha1_hmac_ctx_t *fips_sha1_hmac_build_context(uint8_t *,
- unsigned int);
-extern void fips_hmac_sha1_hash(sha1_hmac_ctx_t *, uint8_t *,
- uint32_t, uint8_t *);
-#endif
-
#ifdef __cplusplus
}
#endif
diff --git a/usr/src/common/crypto/sha2/sha2_impl.h b/usr/src/common/crypto/sha2/sha2_impl.h
index 521eca6e11..1b34fe1913 100644
--- a/usr/src/common/crypto/sha2/sha2_impl.h
+++ b/usr/src/common/crypto/sha2/sha2_impl.h
@@ -30,8 +30,6 @@
extern "C" {
#endif
-#include <fips/fips_post.h>
-
typedef enum {
SHA1_TYPE,
SHA256_TYPE,
@@ -61,27 +59,6 @@ typedef struct sha2_hmac_ctx {
#endif
-extern int fips_sha2_post(void);
-extern int fips_sha2_hash(SHA2_CTX *, uchar_t *, ulong_t, uchar_t *);
-
-#ifndef _KERNEL
-/* SHA2 funtions */
-extern SHA2_CTX *fips_sha2_build_context(CK_MECHANISM_TYPE);
-
-/* SHA2 HMAC functions */
-extern soft_hmac_ctx_t *fips_sha2_hmac_build_context(CK_MECHANISM_TYPE,
- uint8_t *, unsigned int);
-extern CK_RV fips_hmac_sha2_hash(unsigned char *, uint8_t *,
- unsigned int, uint8_t *, unsigned int, CK_MECHANISM_TYPE);
-#else
-
-extern SHA2_CTX *fips_sha2_build_context(sha2_mech_t);
-extern sha2_hmac_ctx_t *fips_sha2_hmac_build_context(sha2_mech_t,
- uint8_t *, unsigned int);
-extern void fips_hmac_sha2_hash(sha2_hmac_ctx_t *, uint8_t *, uint32_t,
- uint8_t *, sha2_mech_t);
-#endif
-
#ifdef __cplusplus
}
#endif
diff --git a/usr/src/lib/libcryptoutil/common/config_parsing.c b/usr/src/lib/libcryptoutil/common/config_parsing.c
index b2c8f7f05a..83e5cd9a3f 100644
--- a/usr/src/lib/libcryptoutil/common/config_parsing.c
+++ b/usr/src/lib/libcryptoutil/common/config_parsing.c
@@ -599,65 +599,3 @@ is_fips(char *name)
return (B_FALSE);
}
}
-
-CK_RV
-get_fips_mode(int *mode)
-{
- FILE *pfile = NULL;
- char buffer[BUFSIZ];
- int len;
- CK_RV rc = CKR_OK;
- int found = 0;
- char *token1;
- boolean_t fips_mode = B_FALSE;
-
- if ((pfile = fopen(_PATH_PKCS11_CONF, "r")) == NULL) {
- cryptoerror(LOG_DEBUG,
- "failed to open the pkcs11.conf file for read only.");
- *mode = CRYPTO_FIPS_MODE_DISABLED;
- return (CKR_OK);
- }
-
- while (fgets(buffer, BUFSIZ, pfile) != NULL) {
- if (buffer[0] == '#' || buffer[0] == ' ' ||
- buffer[0] == '\n'|| buffer[0] == '\t') {
- continue; /* ignore comment lines */
- }
-
- len = strlen(buffer);
- if (buffer[len - 1] == '\n') { /* get rid of trailing '\n' */
- len--;
- }
- buffer[len] = '\0';
-
- /* Get provider name */
- if ((token1 = strtok(buffer, SEP_COLON)) ==
- NULL) { /* buf is NULL */
- return (CKR_FUNCTION_FAILED);
- };
-
- if (is_fips(token1)) {
- if ((rc = parse_fips_mode(buffer + strlen(token1) + 1,
- &fips_mode)) != CKR_OK) {
- goto out;
- } else {
- found++;
- if (fips_mode == B_TRUE)
- *mode = CRYPTO_FIPS_MODE_ENABLED;
- else
- *mode = CRYPTO_FIPS_MODE_DISABLED;
- break;
- }
- } else {
- continue;
- }
- }
-
- if (!found) {
- *mode = CRYPTO_FIPS_MODE_DISABLED;
- }
-
-out:
- (void) fclose(pfile);
- return (rc);
-}
diff --git a/usr/src/lib/libcryptoutil/common/cryptoutil.h b/usr/src/lib/libcryptoutil/common/cryptoutil.h
index cca77d3f87..b5aad833f7 100644
--- a/usr/src/lib/libcryptoutil/common/cryptoutil.h
+++ b/usr/src/lib/libcryptoutil/common/cryptoutil.h
@@ -20,6 +20,9 @@
*
* Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
*/
+/*
+ * Copyright 2010 Nexenta Systems, Inc. All rights reserved.
+ */
#ifndef _CRYPTOUTIL_H
#define _CRYPTOUTIL_H
@@ -223,8 +226,6 @@ extern ssize_t readn_nointr(int fd, void *dbuf, size_t dlen);
extern ssize_t writen_nointr(int fd, void *dbuf, size_t dlen);
extern int update_conf(char *conf_file, char *entry);
-extern CK_RV get_fips_mode(int *);
-
extern int pkcs11_parse_uri(const char *str, pkcs11_uri_t *uri);
extern void pkcs11_free_uri(pkcs11_uri_t *uri);
diff --git a/usr/src/lib/libcryptoutil/common/mapfile-vers b/usr/src/lib/libcryptoutil/common/mapfile-vers
index 0c99085fc3..5d3c214b55 100644
--- a/usr/src/lib/libcryptoutil/common/mapfile-vers
+++ b/usr/src/lib/libcryptoutil/common/mapfile-vers
@@ -49,7 +49,6 @@ SYMBOL_VERSION SUNWprivate {
free_uentrylist;
free_umechlist;
getent_uef;
- get_fips_mode;
get_fullpath;
get_metaslot_info;
get_pkcs11conf_info;
diff --git a/usr/src/lib/pkcs11/libpkcs11/common/pkcs11Conf.c b/usr/src/lib/pkcs11/libpkcs11/common/pkcs11Conf.c
index b2f06f7da1..36ef98d6d7 100644
--- a/usr/src/lib/pkcs11/libpkcs11/common/pkcs11Conf.c
+++ b/usr/src/lib/pkcs11/libpkcs11/common/pkcs11Conf.c
@@ -21,6 +21,9 @@
/*
* Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
*/
+/*
+ * Copyright 2010 Nexenta Systems, Inc. All rights reserved.
+ */
#include <sys/types.h>
#include <sys/stat.h>
@@ -31,7 +34,6 @@
#include <stdlib.h>
#include <strings.h>
#include <errno.h>
-#include <door.h>
#include <pthread.h>
#include <sys/mman.h>
#include <libscf.h>
@@ -65,9 +67,6 @@ cipher_mechs_threshold_t meta_mechs_threshold[MAX_NUM_THRESHOLD];
static const char *conf_err = "See cryptoadm(1M). Skipping this plug-in.";
-#define CRYPTOSVC_DEFAULT_INSTANCE_FMRI "svc:/system/cryptosvc:default"
-#define MAX_CRYPTOSVC_ONLINE_TRIES 5
-
/*
* Set up metaslot for the framework using either user configuration
* or system wide configuration options
@@ -232,189 +231,6 @@ cleanup:
}
/*
- * cryptosvc_is_online()
- *
- * Determine if the SMF service instance is in the online state or
- * not. A number of operations depend on this state.
- */
-static boolean_t
-cryptosvc_is_online(void)
-{
- char *str;
- boolean_t ret = B_FALSE;
-
- if ((str = smf_get_state(CRYPTOSVC_DEFAULT_INSTANCE_FMRI)) != NULL) {
- ret = (strcmp(str, SCF_STATE_STRING_ONLINE) == 0);
- free(str);
- }
- return (ret);
-}
-
-/*
- * cryptosvc_is_down()
- *
- * Determine if the SMF service instance is in the disabled state or
- * maintenance state. A number of operations depend on this state.
- */
-static boolean_t
-cryptosvc_is_down(void)
-{
- char *str;
- boolean_t ret = B_FALSE;
-
- if ((str = smf_get_state(CRYPTOSVC_DEFAULT_INSTANCE_FMRI)) != NULL) {
- ret = ((strcmp(str, SCF_STATE_STRING_DISABLED) == 0) ||
- (strcmp(str, SCF_STATE_STRING_MAINT) == 0));
- free(str);
- }
- return (ret);
-}
-
-
-/* Generic function for all door calls to kcfd. */
-ELFsign_status_t
-kcfd_door_call(char *fullpath, boolean_t fips140, CK_RV *rv)
-{
- boolean_t try_door_open_again = B_FALSE;
- int kcfdfd = -1;
- door_arg_t darg;
- kcf_door_arg_t *kda = NULL;
- kcf_door_arg_t *rkda = NULL;
- int r;
- int is_cryptosvc_up_count = 0;
- int door_errno = 0;
- ELFsign_status_t estatus = ELFSIGN_UNKNOWN;
-
-open_door_file:
- while ((kcfdfd = open(_PATH_KCFD_DOOR, O_RDONLY)) == -1) {
- /* save errno and test for EINTR or EAGAIN */
- door_errno = errno;
- if (door_errno == EINTR ||
- door_errno == EAGAIN)
- continue;
- /* if disabled or maintenance mode - bail */
- if (cryptosvc_is_down())
- break;
- /* exceeded our number of tries? */
- if (is_cryptosvc_up_count > MAX_CRYPTOSVC_ONLINE_TRIES)
- break;
- /* any other state, try again up to 1/2 minute */
- (void) sleep(5);
- is_cryptosvc_up_count++;
- }
- if (kcfdfd == -1) {
- if (!cryptosvc_is_online()) {
- cryptoerror(LOG_ERR, "libpkcs11: unable to communicate"
- " with kcfd, door_file %s: %s. %s is not online."
- " (see svcs -xv for details).",
- _PATH_KCFD_DOOR, strerror(door_errno),
- CRYPTOSVC_DEFAULT_INSTANCE_FMRI);
- } else {
- cryptoerror(LOG_ERR, "libpkcs11: unable to open"
- " kcfd door_file %s: %s.", _PATH_KCFD_DOOR,
- strerror(door_errno));
- }
- *rv = CKR_CRYPTOKI_NOT_INITIALIZED;
- estatus = ELFSIGN_UNAVAILABLE;
- goto verifycleanup;
- }
-
- /* Mark the door "close on exec" */
- (void) fcntl(kcfdfd, F_SETFD, FD_CLOEXEC);
-
- if ((kda = malloc(sizeof (kcf_door_arg_t))) == NULL) {
- cryptoerror(LOG_ERR, "libpkcs11: malloc of kda "
- "failed: %s", strerror(errno));
- goto verifycleanup;
- }
-
- if (fips140 == B_TRUE)
- kda->da_version = KCFD_FIPS140_INTCHECK;
- else {
- kda->da_version = KCF_KCFD_VERSION1;
- (void) strlcpy(kda->da_u.filename, fullpath,
- strlen(fullpath) + 1);
- }
-
- kda->da_iskernel = B_FALSE;
-
- darg.data_ptr = (char *)kda;
- darg.data_size = sizeof (kcf_door_arg_t);
- darg.desc_ptr = NULL;
- darg.desc_num = 0;
- darg.rbuf = (char *)kda;
- darg.rsize = sizeof (kcf_door_arg_t);
-
- while ((r = door_call(kcfdfd, &darg)) != 0) {
- /* save errno and test for certain errors */
- door_errno = errno;
- if (door_errno == EINTR || door_errno == EAGAIN)
- continue;
- /* if disabled or maintenance mode - bail */
- if (cryptosvc_is_down())
- break;
- /* exceeded our number of tries? */
- if (is_cryptosvc_up_count > MAX_CRYPTOSVC_ONLINE_TRIES)
- break;
- /* if stale door_handle, retry the open */
- if (door_errno == EBADF) {
- try_door_open_again = B_TRUE;
- is_cryptosvc_up_count++;
- (void) sleep(5);
- goto verifycleanup;
- } else
- break;
- }
-
- if (r != 0) {
- if (!cryptosvc_is_online()) {
- cryptoerror(LOG_ERR, "%s is not online "
- " - unable to utilize cryptographic "
- "services. (see svcs -xv for details).",
- CRYPTOSVC_DEFAULT_INSTANCE_FMRI);
- } else {
- cryptoerror(LOG_ERR, "libpkcs11: door_call "
- "of door_file %s failed with error %s.",
- _PATH_KCFD_DOOR, strerror(door_errno));
- }
- *rv = CKR_CRYPTOKI_NOT_INITIALIZED;
- estatus = ELFSIGN_UNAVAILABLE;
- goto verifycleanup;
- }
-
- /*LINTED*/
- rkda = (kcf_door_arg_t *)darg.rbuf;
- if ((fips140 == B_FALSE && rkda->da_version != KCF_KCFD_VERSION1) ||
- (fips140 == B_TRUE && rkda->da_version != KCFD_FIPS140_INTCHECK)) {
- cryptoerror(LOG_ERR,
- "libpkcs11: kcfd and libelfsign versions "
- "don't match: got %d expected %d", rkda->da_version,
- (fips140) ? KCFD_FIPS140_INTCHECK : KCF_KCFD_VERSION1);
- goto verifycleanup;
- }
- estatus = rkda->da_u.result.status;
-verifycleanup:
- if (kcfdfd != -1) {
- (void) close(kcfdfd);
- }
- if (rkda != NULL && rkda != kda)
- (void) munmap((char *)rkda, darg.rsize);
- if (kda != NULL) {
- bzero(kda, sizeof (kda));
- free(kda);
- kda = NULL;
- rkda = NULL; /* rkda is an alias of kda */
- }
- if (try_door_open_again) {
- try_door_open_again = B_FALSE;
- goto open_door_file;
- }
-
- return (estatus);
-}
-
-
-/*
* For each provider found in pkcs11.conf: expand $ISA if necessary,
* verify the module is signed, load the provider, find all of its
* slots, and store the function list and disabled policy.
@@ -454,21 +270,6 @@ pkcs11_slot_mapping(uentrylist_t *pplist, CK_VOID_PTR pInitArgs)
/* number of slots in the framework, not including metaslot */
uint_t slot_count = 0;
- ELFsign_status_t estatus = ELFSIGN_UNKNOWN;
- char *estatus_str = NULL;
- int fips140_mode = CRYPTO_FIPS_MODE_DISABLED;
-
- /* Check FIPS 140 configuration and execute check if enabled */
- (void) get_fips_mode(&fips140_mode);
- if (fips140_mode) {
- estatus = kcfd_door_call(NULL, B_TRUE, &rv);
- if (estatus != ELFSIGN_SUCCESS) {
- cryptoerror(LOG_ERR, "libpkcs11: failed FIPS 140 "
- "integrity check.");
- return (CKR_GENERAL_ERROR);
- }
- }
-
phead = pplist;
/* Loop through all of the provider listed in pkcs11.conf */
@@ -684,63 +485,6 @@ pkcs11_slot_mapping(uentrylist_t *pplist, CK_VOID_PTR pInitArgs)
goto contparse;
}
- /*
- * Verify that the module is signed correctly.
- *
- * NOTE: there is a potential race condition here,
- * since the module is verified well after we have
- * opened the provider via dlopen(). This could be
- * resolved by a variant of dlopen() that would take a
- * file descriptor as an argument and by changing the
- * kcfd libelfsign door protocol to use and fd instead
- * of a path - but that wouldn't work in the kernel case.
- */
- estatus = kcfd_door_call(fullpath, B_FALSE, &rv);
-
- switch (estatus) {
- case ELFSIGN_SUCCESS:
- break;
- case ELFSIGN_NOTSIGNED:
- estatus_str = "not a signed provider.";
- break;
- case ELFSIGN_FAILED:
- estatus_str = "signature verification failed.";
- break;
- case ELFSIGN_UNAVAILABLE:
- estatus_str = "kcfd(1m) is not available for "
- "signature verification. Cannot continue loading "
- "the cryptographic framework.";
- break;
- default:
- estatus_str = "unexpected failure in ELF "
- "signature verification.";
- }
- if (estatus_str != NULL) {
- if (estatus != ELFSIGN_UNAVAILABLE) {
- cryptoerror(LOG_ERR, "libpkcs11: %s %s %s",
- fullpath, estatus_str,
- estatus == ELFSIGN_UNKNOWN ?
- "See cryptoadm (1M). "
- "Cannot continue parsing "
- _PATH_PKCS11_CONF : conf_err);
- } else {
- cryptoerror(LOG_ERR, "libpkcs11: %s",
- estatus_str);
- }
-
- (void) prov_funcs->C_Finalize(NULL);
- (void) dlclose(dldesc);
- estatus_str = NULL;
- if (estatus == ELFSIGN_UNKNOWN ||
- estatus == ELFSIGN_UNAVAILABLE) {
- prov_funcs = NULL;
- dldesc = NULL;
- rv = CKR_GENERAL_ERROR;
- goto conferror;
- }
- goto contparse;
- }
-
/* Allocate memory for the slot list */
prov_slots = calloc(prov_slot_count, sizeof (CK_SLOT_ID));
@@ -987,8 +731,7 @@ config_complete:
conferror:
/*
* This cleanup code is only exercised when a major,
- * unrecoverable error like "out of memory" or
- * kcfd is not reachable occurs.
+ * unrecoverable error like "out of memory".
*/
if (prov_funcs != NULL) {
(void) prov_funcs->C_Finalize(NULL);
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/Makefile.com b/usr/src/lib/pkcs11/pkcs11_softtoken/Makefile.com
index eeba64cf59..dd6ad1a7c7 100644
--- a/usr/src/lib/pkcs11/pkcs11_softtoken/Makefile.com
+++ b/usr/src/lib/pkcs11/pkcs11_softtoken/Makefile.com
@@ -21,6 +21,8 @@
#
# Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
#
+# Copyright 2010 Nexenta Systems, Inc. All rights reserved.
+#
# lib/pkcs11/pkcs11_softtoken/Makefile.com
#
@@ -61,9 +63,7 @@ LCL_OBJECTS = \
softSSL.o \
softASN1.o \
softBlowfishCrypt.o \
- softEC.o \
- softFipsPost.o \
- softFipsPostUtil.o
+ softEC.o
ASFLAGS = $(AS_PICFLAGS) -P -D__STDC__ -D_ASM $(CPPFLAGS)
@@ -76,23 +76,16 @@ ECC_COBJECTS = \
MPI_COBJECTS = mp_gf2m.o mpi.o mplogic.o mpmontg.o mpprime.o
RNG_COBJECTS = fips_random.o
-FIPS_COBJECTS = fips_aes_util.o fips_des_util.o \
- fips_sha1_util.o fips_sha2_util.o \
- fips_dsa_util.o fips_rsa_util.o \
- fips_ecc_util.o fips_random_util.o \
- fips_test_vectors.o
ECC_OBJECTS = $(ECC_COBJECTS) $(ECC_PSR_OBJECTS)
MPI_OBJECTS = $(MPI_COBJECTS) $(MPI_PSR_OBJECTS)
RNG_OBJECTS = $(RNG_COBJECTS)
-FIPS_OBJECTS = $(FIPS_COBJECTS)
BER_OBJECTS = bprint.o decode.o encode.o io.o
OBJECTS = \
$(LCL_OBJECTS) \
$(MPI_OBJECTS) \
$(RNG_OBJECTS) \
- $(FIPS_OBJECTS) \
$(BIGNUM_OBJECTS) \
$(BER_OBJECTS) \
$(ECC_OBJECTS)
@@ -107,7 +100,6 @@ ECCDIR= $(SRC)/common/crypto/ecc
MPIDIR= $(SRC)/common/mpi
RSADIR= $(SRC)/common/crypto/rsa
RNGDIR= $(SRC)/common/crypto/rng
-FIPSDIR= $(SRC)/common/crypto/fips
SHA1DIR= $(SRC)/common/crypto/sha1
SHA2DIR= $(SRC)/common/crypto/sha2
BIGNUMDIR= $(SRC)/common/bignum
@@ -125,8 +117,7 @@ SRCS = \
$(LCL_OBJECTS:%.o=$(SRCDIR)/%.c) \
$(MPI_COBJECTS:%.o=$(MPIDIR)/%.c) \
$(ECC_COBJECTS:%.o=$(ECCDIR)/%.c) \
- $(RNG_COBJECTS:%.o=$(RNGDIR)/%.c) \
- $(FIPS_COBJECTS:%.o=$(FIPSDIR)/%.c)
+ $(RNG_COBJECTS:%.o=$(RNGDIR)/%.c)
# libelfsign needs a static pkcs11_softtoken
LIBS = $(DYNLIB)
@@ -137,7 +128,7 @@ CFLAGS += $(CCVERBOSE)
CPPFLAGS += -I$(AESDIR) -I$(BLOWFISHDIR) -I$(ARCFOURDIR) -I$(DESDIR) \
-I$(DHDIR) -I$(DSADIR) -I$(ECCDIR) -I$(SRC)/common/crypto \
-I$(MPIDIR) -I$(RSADIR) -I$(RNGDIR) \
- -I$(FIPSDIR) -I$(SHA1DIR) -I$(SHA2DIR) -I$(SRCDIR) \
+ -I$(SHA1DIR) -I$(SHA2DIR) -I$(SRCDIR) \
-I$(BIGNUMDIR) -I$(PADDIR) -D_POSIX_PTHREAD_SEMANTICS \
-DMP_API_COMPATIBLE -DNSS_ECC_MORE_THAN_SUITE_B
@@ -148,8 +139,7 @@ ROOTLIBDIR64= $(ROOT)/usr/lib/security/$(MACH64)
LINTSRC = \
$(LCL_OBJECTS:%.o=$(SRCDIR)/%.c) \
- $(RNG_COBJECTS:%.o=$(RNGDIR)/%.c) \
- $(FIPS_COBJECTS:%.o=$(FIPSDIR)/%.c)
+ $(RNG_COBJECTS:%.o=$(RNGDIR)/%.c)
.KEEP_STATE:
@@ -175,8 +165,4 @@ pics/%.o: $(RNGDIR)/%.c
$(COMPILE.c) -o $@ $<
$(POST_PROCESS_O)
-pics/%.o: $(FIPSDIR)/%.c
- $(COMPILE.c) -o $@ $<
- $(POST_PROCESS_O)
-
include $(SRC)/lib/Makefile.targ
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softFipsPost.c b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softFipsPost.c
deleted file mode 100644
index 7fdec8d5cf..0000000000
--- a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softFipsPost.c
+++ /dev/null
@@ -1,160 +0,0 @@
-/*
- * CDDL HEADER START
- *
- * The contents of this file are subject to the terms of the
- * Common Development and Distribution License (the "License").
- * You may not use this file except in compliance with the License.
- *
- * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
- * or http://www.opensolaris.org/os/licensing.
- * See the License for the specific language governing permissions
- * and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL HEADER in each
- * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
- * If applicable, add the following below this CDDL HEADER, with the
- * fields enclosed by brackets "[]" replaced with your own identifying
- * information: Portions Copyright [yyyy] [name of copyright owner]
- *
- * CDDL HEADER END
- */
-
-/*
- * Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
- */
-
-#include <stdlib.h>
-#include <string.h>
-#include <strings.h>
-#include <stdio.h>
-#include <sys/types.h>
-#include <security/cryptoki.h>
-#include <sys/sha1.h>
-#include <sys/sha2.h>
-#include "softMAC.h"
-#define _AES_FIPS_POST
-#define _DES_FIPS_POST
-#include "softCrypt.h"
-#define _DSA_FIPS_POST
-#include <dsa_impl.h>
-#define _RSA_FIPS_POST
-#include <rsa_impl.h>
-#include <sha1_impl.h>
-#include <sha2_impl.h>
-#include <fips_random.h>
-
-
-extern int fips_ecdsa_post(void);
-
-
-/*
- * FIPS Power-on SelfTest for the supported FIPS ciphers and
- * components.
- */
-CK_RV
-soft_fips_post(void)
-{
- CK_RV rv;
-
- /*
- * SHA-1 Power-On SelfTest.
- *
- * 1. SHA-1 POST
- * 2. HMAC SHA-1 POST
- */
- rv = fips_sha1_post();
- if (rv != CKR_OK)
- return (rv);
-
- /*
- * SHA-2 Power-On SelfTest.
- *
- * 1. SHA-256 POST
- * 2. SHA-384 POST
- * 3. SHA-512 POST
- * 4. HMAC SHA-256 POST
- * 5. HMAC SHA-384 POST
- * 6. HMAC SHA-512 POST
- */
- rv = fips_sha2_post();
-
- if (rv != CKR_OK)
- return (rv);
-
-
- /*
- * Triple DES Power-On SelfTest.
- *
- * 1. DES3 ECB Encryption/Decryption
- * 2. DES3 CBC Encryption/Decryption
- */
- rv = fips_des3_post();
-
- if (rv != CKR_OK)
- return (rv);
-
- /* AES Power-On SelfTest for 128-bit key. */
- rv = fips_aes_post(FIPS_AES_128_KEY_SIZE);
-
- if (rv != CKR_OK)
- return (rv);
-
- /* AES Power-On SelfTest for 192-bit key. */
- rv = fips_aes_post(FIPS_AES_192_KEY_SIZE);
-
- if (rv != CKR_OK)
- return (rv);
-
- /* AES Power-On SelfTest for 256-bit key. */
- rv = fips_aes_post(FIPS_AES_256_KEY_SIZE);
-
- if (rv != CKR_OK)
- return (rv);
-
- /*
- * ECDSA Power-Up SelfTest
- *
- * 1. ECC Signature
- * 2. ECC Verification
- */
- rv = fips_ecdsa_post();
-
- if (rv != CKR_OK)
- return (rv);
-
- /*
- * RSA Power-On SelfTest
- *
- * 1. RSA Encryption
- * 2. RSA Decryption
- * 3. RSA SHA-1 Sign/Verify
- * 4. RSA SHA-256 Sign/Verify
- * 5. RSA SHA-384 Sign/Verify
- * 6. RSA SHA-512 Sign/Verify
- *
- */
- rv = fips_rsa_post();
-
- if (rv != CKR_OK)
- return (rv);
-
- /*
- * DSA Power-On SelfTest
- *
- * 1. DSA Sign on SHA-1 digest
- * 2. DSA Verification
- */
- rv = fips_dsa_post();
-
- if (rv != CKR_OK)
- return (rv);
-
- /* RNG Power-On SelfTest. */
- rv = fips_rng_post();
-
- if (rv != CKR_OK)
- return (rv);
-
- /* Passed Power-On SelfTest. */
- return (CKR_OK);
-}
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softFipsPostUtil.c b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softFipsPostUtil.c
deleted file mode 100644
index 7cdb65edc8..0000000000
--- a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softFipsPostUtil.c
+++ /dev/null
@@ -1,175 +0,0 @@
-/*
- * CDDL HEADER START
- *
- * The contents of this file are subject to the terms of the
- * Common Development and Distribution License (the "License").
- * You may not use this file except in compliance with the License.
- *
- * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
- * or http://www.opensolaris.org/os/licensing.
- * See the License for the specific language governing permissions
- * and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL HEADER in each
- * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
- * If applicable, add the following below this CDDL HEADER, with the
- * fields enclosed by brackets "[]" replaced with your own identifying
- * information: Portions Copyright [yyyy] [name of copyright owner]
- *
- * CDDL HEADER END
- */
-
-/*
- * Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
- */
-
-#include <sys/types.h>
-#include <sys/errno.h>
-#include <sys/fcntl.h>
-#include <sys/time.h>
-#include <sys/unistd.h>
-#include <sys/kmem.h>
-#include <sys/systm.h>
-#include <sys/sysmacros.h>
-#include <sys/sha1.h>
-#define _SHA2_IMPL
-#include <sys/sha2.h>
-#include <sys/crypto/common.h>
-#include <modes/modes.h>
-#include <stdlib.h>
-#include <string.h>
-#include <strings.h>
-#include <stdio.h>
-#include <security/cryptoki.h>
-#include <cryptoutil.h>
-#include "softCrypt.h"
-#include "softGlobal.h"
-#include "softRSA.h"
-#include "softDSA.h"
-#include "softOps.h"
-#include "softMAC.h"
-#include <fips_post.h>
-
-#define MAX_ECKEY_LEN 72
-
-
-/*
- * FIPS 140-2 pairwise consistency check utilized to validate key pair.
- *
- * This function returns
- * CKR_OK if pairwise consistency check passed
- * CKR_GENERAL_ERROR if pairwise consistency check failed
- * other error codes if pairwise consistency check could not be
- * performed, for example, CKR_HOST_MEMORY.
- *
- * Key type Mechanism type
- * --------------------------------
- *
- * For sign/verify: CKK_RSA => CKM_SHA1_RSA_PKCS
- * CKK_DSA => CKM_DSA_SHA1
- * CKK_EC => CKM_ECDSA_SHA1
- * others => CKM_INVALID_MECHANISM
- *
- * None of these mechanisms has a parameter.
- */
-CK_RV
-fips_pairwise_check(soft_session_t *session_p,
- soft_object_t *publicKey, soft_object_t *privateKey,
- CK_KEY_TYPE keyType)
-{
-
- CK_MECHANISM mech = {0, NULL, 0};
- uchar_t modulus[MAX_KEY_ATTR_BUFLEN];
- uint32_t modulus_len = sizeof (modulus);
- boolean_t can_sign_verify = B_FALSE;
- CK_RV rv;
-
- /* Variables used for Signature/Verification functions. */
- /* always uses SHA-1 digest */
- unsigned char *known_digest = (unsigned char *)"OpenSolarisCommunity";
- unsigned char *signature;
- CK_ULONG signature_length;
-
- if (keyType == CKK_RSA) {
- /* Get modulus length of private key. */
- rv = soft_get_private_value(privateKey, CKA_MODULUS,
- modulus, &modulus_len);
- if (rv != CKR_OK) {
- return (CKR_DEVICE_ERROR);
- }
- }
-
- /*
- * Pairwise Consistency Check of Sign/Verify
- */
-
- /* Check to see if key object supports signature. */
- can_sign_verify = (privateKey->bool_attr_mask & SIGN_BOOL_ON);
-
- if (can_sign_verify) {
- /* Determine length of signature. */
- switch (keyType) {
- case CKK_RSA:
- signature_length = modulus_len;
- mech.mechanism = CKM_SHA1_RSA_PKCS;
- break;
-
- case CKK_DSA:
- signature_length = FIPS_DSA_SIGNATURE_LENGTH;
- mech.mechanism = CKM_DSA_SHA1;
- break;
-
- case CKK_EC:
- signature_length = MAX_ECKEY_LEN * 2;
- mech.mechanism = CKM_ECDSA_SHA1;
- break;
-
- default:
- return (CKR_DEVICE_ERROR);
- }
-
- /* Allocate space for signature data. */
- signature = (unsigned char *) calloc(1, signature_length);
- if (signature == NULL) {
- return (CKR_HOST_MEMORY);
- }
-
- /* Sign the known hash using the private key. */
- rv = soft_sign_init(session_p, &mech, privateKey);
- if (rv != CKR_OK) {
- free(signature);
- return (rv);
- }
-
- rv = soft_sign(session_p, known_digest, PAIRWISE_DIGEST_LENGTH,
- signature, &signature_length);
- if (rv != CKR_OK) {
- free(signature);
- return (rv);
- }
-
- /* Verify the known hash using the public key. */
- rv = soft_verify_init(session_p, &mech, publicKey);
- if (rv != CKR_OK) {
- free(signature);
- return (rv);
- }
-
- rv = soft_verify(session_p, known_digest,
- PAIRWISE_DIGEST_LENGTH, signature,
- signature_length);
-
- /* Free signature data. */
- free(signature);
- if ((rv == CKR_SIGNATURE_LEN_RANGE) ||
- (rv == CKR_SIGNATURE_INVALID)) {
- return (CKR_GENERAL_ERROR);
- }
-
- if (rv != CKR_OK) {
- return (rv);
- }
- }
-
- return (CKR_OK);
-}
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softGeneral.c b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softGeneral.c
index d8a36a7b3f..396a3c5bf4 100644
--- a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softGeneral.c
+++ b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softGeneral.c
@@ -129,9 +129,6 @@ ses_to_be_freed_list_t ses_delay_freed;
/* protects softtoken_initialized and access to C_Initialize/C_Finalize */
pthread_mutex_t soft_giant_mutex = PTHREAD_MUTEX_INITIALIZER;
-/* fips mode setting */
-int softtoken_fips_mode = CRYPTO_FIPS_MODE_DISABLED;
-
static CK_RV finalize_common(boolean_t force, CK_VOID_PTR pReserved);
static void softtoken_init();
static void softtoken_fini();
@@ -278,15 +275,6 @@ C_Initialize(CK_VOID_PTR pInitArgs)
ses_delay_freed.first = NULL;
ses_delay_freed.last = NULL;
- /*
- * Perform POST when fips mode is enabled.
- */
- if ((rv = get_fips_mode(&softtoken_fips_mode)) == CKR_OK) {
- if (softtoken_fips_mode == CRYPTO_FIPS_MODE_ENABLED) {
- rv = soft_fips_post();
- }
- }
-
if (rv != CKR_OK) {
(void) pthread_mutex_destroy(
&ses_delay_freed.ses_to_be_free_mutex);
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softGlobal.h b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softGlobal.h
index a9cb8ab446..bbb4d73152 100644
--- a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softGlobal.h
+++ b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softGlobal.h
@@ -41,7 +41,6 @@ extern pthread_mutex_t soft_giant_mutex;
extern struct slot soft_slot;
extern struct obj_to_be_freed_list obj_delay_freed;
extern struct ses_to_be_freed_list ses_delay_freed;
-extern int softtoken_fips_mode;
#define SOFTTOKEN_SLOTID 1
@@ -71,8 +70,6 @@ extern int softtoken_fips_mode;
CKF_DUAL_CRYPTO_OPERATIONS|\
CKF_TOKEN_INITIALIZED
-extern CK_RV soft_fips_post(void);
-
#ifdef __cplusplus
}
#endif
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeysUtil.c b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeysUtil.c
index 778f63d3e6..a48ade7224 100644
--- a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeysUtil.c
+++ b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeysUtil.c
@@ -52,9 +52,6 @@
#define local_min(a, b) ((a) < (b) ? (a) : (b))
-extern CK_RV fips_pairwise_check(soft_session_t *,
- soft_object_t *, soft_object_t *, CK_KEY_TYPE);
-
static CK_RV
soft_pkcs12_pbe(soft_session_t *, CK_MECHANISM_PTR, soft_object_t *);
@@ -519,32 +516,6 @@ soft_genkey_pair(soft_session_t *session_p, CK_MECHANISM_PTR pMechanism,
return (rv);
}
- /*
- * FIPS 140-2 pairwise consistency check utilized to
- * validate key pair
- */
- if ((key_type == CKK_RSA) || (key_type == CKK_DSA) ||
- (key_type == CKK_EC)) {
- if (softtoken_fips_mode == CRYPTO_FIPS_MODE_ENABLED) {
- rv = fips_pairwise_check(session_p, public_key,
- private_key, key_type);
- if (rv != CKR_OK) {
- if (IS_TOKEN_OBJECT(public_key)) {
- soft_delete_token_object(public_key,
- B_FALSE, B_FALSE);
- soft_delete_token_object(private_key,
- B_FALSE, B_FALSE);
- } else {
- soft_delete_object(session_p,
- public_key, B_FALSE, B_FALSE);
- soft_delete_object(session_p,
- private_key, B_FALSE, B_FALSE);
- }
- return (rv);
- }
- }
- }
-
if (IS_TOKEN_OBJECT(public_key)) {
/*
* All the info has been filled, so we can write to
diff --git a/usr/src/pkg/manifests/SUNWcs.mf b/usr/src/pkg/manifests/SUNWcs.mf
index b2d0f88e52..0c4f9a851b 100644
--- a/usr/src/pkg/manifests/SUNWcs.mf
+++ b/usr/src/pkg/manifests/SUNWcs.mf
@@ -500,7 +500,6 @@ file path=etc/ttysrch group=sys preserve=true
file path=etc/user_attr group=sys preserve=true timestamp=19700101T000000Z
file path=etc/user_attr.d/SUNWcs group=sys
file path=etc/vfstab group=sys preserve=true
-file path=lib/crypto/kcfd mode=0555
file path=lib/inet/in.mpathd mode=0555
file path=lib/inet/ipmgmtd mode=0555
file path=lib/inet/netcfgd mode=0555
diff --git a/usr/src/tools/Makefile b/usr/src/tools/Makefile
index e0ed863986..028ae314e0 100644
--- a/usr/src/tools/Makefile
+++ b/usr/src/tools/Makefile
@@ -53,8 +53,7 @@ COMMON_SUBDIRS= \
# special versions of commands for use only in build
#
UNSHIPPED_SUBDIRS = \
- elfsign \
- fips_addchecksum
+ elfsign
sparc_SUBDIRS= \
chk4ubin \
diff --git a/usr/src/tools/fips_addchecksum/Makefile b/usr/src/tools/fips_addchecksum/Makefile
deleted file mode 100644
index 1140379e38..0000000000
--- a/usr/src/tools/fips_addchecksum/Makefile
+++ /dev/null
@@ -1,65 +0,0 @@
-#
-# CDDL HEADER START
-#
-# The contents of this file are subject to the terms of the
-# Common Development and Distribution License (the "License").
-# You may not use this file except in compliance with the License.
-#
-# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
-# or http://www.opensolaris.org/os/licensing.
-# See the License for the specific language governing permissions
-# and limitations under the License.
-#
-# When distributing Covered Code, include this CDDL HEADER in each
-# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
-# If applicable, add the following below this CDDL HEADER, with the
-# fields enclosed by brackets "[]" replaced with your own identifying
-# information: Portions Copyright [yyyy] [name of copyright owner]
-#
-# CDDL HEADER END
-#
-#
-# Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
-#
-#
-
-CRYPTODIR = $(SRC)/common/crypto
-
-PROG = fips_addchecksum
-OBJS = fips_addchecksum.o fips_checksum.o
-SRCS = $(OBJS:.o=.c)
-LINTFILES = $(OBJS:.o=.ln)
-
-include ../Makefile.tools
-
-INCS += -I $(CRYPTODIR)
-
-CFLAGS += $(CCVERBOSE) $(INCS)
-LINTFLAGS += $(INCS)
-
-LDLIBS += -lmd -lelf
-
-.KEEP_STATE:
-
-all: $(PROG)
-
-$(PROG): $(OBJS)
- $(LINK.c) $(OBJS) -o $@ $(LDLIBS) $(DYNFLAGS)
- $(POST_PROCESS)
-
-%.o: $(CRYPTODIR)/fips/%.c
- $(COMPILE.c) $(CFLAGS) -o $@ -c $<
-
-
-install: all $(ROOTPROG)
-
-clean:
- $(RM) -f $(OBJS) $(PROG) $(LINTFILES)
-
-%.ln: $(CRYPTODIR)/fips/%.c
- $(LINT.c) -c $<
-
-lint: $(LINTFILES)
- $(LINT) $(LINTFLAGS) $(LINTFILES) $(LDLIBS)
-
-include $(SRC)/cmd/Makefile.targ
diff --git a/usr/src/tools/scripts/nightly.sh b/usr/src/tools/scripts/nightly.sh
index 8b3fc8d48b..ac20b31291 100644
--- a/usr/src/tools/scripts/nightly.sh
+++ b/usr/src/tools/scripts/nightly.sh
@@ -71,108 +71,6 @@ if [[ ! -x $WHICH_SCM ]]; then
fi
#
-# Datestamp for crypto tarballs. We don't use BUILD_DATE because it
-# doesn't sort right and it uses English abbreviations for the month.
-# We want to guarantee a consistent string, so just invoke date(1)
-# once and save the result in a global variable. YYYY-MM-DD is easier
-# to parse visually than YYYYMMDD.
-#
-cryptostamp=$(date +%Y-%m-%d)
-
-#
-# Echo the path for depositing a crypto tarball, creating the target
-# directory if it doesn't already exist.
-# usage: cryptodest suffix
-# where "suffix" is "" or "-nd".
-#
-function cryptodest {
- typeset suffix=$1
- #
- # $PKGARCHIVE gets wiped out with each build, so put the
- # tarball one level up.
- #
- typeset dir=$(dirname "$PKGARCHIVE")
- [ -d "$dir" ] || mkdir -p "$dir" >> "$LOGFILE" 2>&1
- #
- # Put the suffix after the datestamp to make it easier for
- # gatelings to use crypto from a specific date (no need to
- # copy and rename the gate tarball).
- #
- echo "$dir/on-crypto-$cryptostamp$suffix.$MACH.tar"
-}
-
-#
-# Create a non-stamped symlink to the given crypto tarball.
-# Return 0 on success, non-zero on failure.
-#
-function cryptolink {
- typeset targpath=$1
- typeset suffix=$2
- if [ ! -f "$targpath" ]; then
- echo "no crypto at $targpath"
- return 1
- fi
- typeset dir=$(dirname "$targpath")
- typeset targfile=$(basename "$targpath")
- typeset link=on-crypto$suffix.$MACH.tar.bz2
- (cd "$dir"; rm -f "$link")
- (cd "$dir"; ln -s "$targfile" "$link")
- return $?
-}
-
-#
-# Generate a crypto tarball from the proto area and put it in the
-# canonical location, along with the datestamp-free symlink.
-# Sets build_ok to "n" if there is a problem.
-#
-function crypto_from_proto {
- typeset label=$1
- typeset suffix=$2
- typeset -i stat
- typeset to
-
- echo "Creating $label crypto tarball..." >> "$LOGFILE"
-
- #
- # Generate the crypto THIRDPARTYLICENSE file. This needs to
- # be done after the build has finished and before we run
- # cryptodrop. We'll generate the file twice if we're building
- # both DEBUG and non-DEBUG, but it's a cheap operation and not
- # worth the complexity to only do once.
- #
- if [ -d ${ROOT}${suffix}/licenses/usr ]; then
- ( cd ${ROOT}${suffix}/licenses ; \
- mktpl -c $SRC/pkg/license-list ) >> "$LOGFILE" 2>&1
- if (( $? != 0 )) ; then
- echo "Couldn't create crypto THIRDPARTYLICENSE files" |
- tee -a "$mail_msg_file" >> "$LOGFILE"
- build_ok=n
- return
- fi
- else
- echo "No licenses found under ${ROOT}${suffix}/licenses" |
- tee -a "$mail_msg_file" >> "$LOGFILE"
- fi
-
- to=$(cryptodest "$suffix")
- if [ "$suffix" = "-nd" ]; then
- cryptodrop -n "$to" >> "$LOGFILE" 2>&1
- else
- cryptodrop "$to" >> "$LOGFILE" 2>&1
- fi
- if (( $? != 0 )) ; then
- echo "\nCould not create $label crypto tarball." |
- tee -a "$mail_msg_file" >> "$LOGFILE"
- build_ok=n
- else
- cryptolink "$to.bz2" "$suffix" >> "$LOGFILE" 2>&1
- if (( $? != 0 )) ; then
- build_ok=n
- fi
- fi
-}
-
-#
# Function to do a DEBUG and non-DEBUG build. Needed because we might
# need to do another for the source build, and since we only deliver DEBUG or
# non-DEBUG packages.
@@ -182,28 +80,20 @@ function crypto_from_proto {
function normal_build {
typeset orig_p_FLAG="$p_FLAG"
- typeset crypto_in="$ON_CRYPTO_BINS"
typeset crypto_signer="$CODESIGN_USER"
- typeset gencrypto=no
suffix=""
- [ -n "$CODESIGN_USER" ] && gencrypto=yes
# non-DEBUG build begins
if [ "$F_FLAG" = "n" ]; then
set_non_debug_build_flags
CODESIGN_USER="$crypto_signer" \
- build "non-DEBUG" "$suffix-nd" "-nd" "$MULTI_PROTO" \
- $(ndcrypto "$crypto_in")
+ build "non-DEBUG" "$suffix-nd" "-nd" "$MULTI_PROTO"
if [ "$build_ok" = "y" -a "$X_FLAG" = "y" -a \
"$p_FLAG" = "y" ]; then
copy_ihv_pkgs non-DEBUG -nd
fi
-
- if [[ "$gencrypto" = yes && "$build_ok" = y ]]; then
- crypto_from_proto non-DEBUG -nd
- fi
else
echo "\n==== No non-DEBUG $open_only build ====\n" >> "$LOGFILE"
fi
@@ -215,15 +105,11 @@ function normal_build {
if [ "$D_FLAG" = "y" ]; then
set_debug_build_flags
CODESIGN_USER="$crypto_signer" \
- build "DEBUG" "$suffix" "" "$MULTI_PROTO" "$crypto_in"
+ build "DEBUG" "$suffix" "" "$MULTI_PROTO"
if [ "$build_ok" = "y" -a "$X_FLAG" = "y" -a \
"$p_FLAG" = "y" ]; then
copy_ihv_pkgs DEBUG ""
fi
-
- if [[ "$gencrypto" = yes && "$build_ok" = y ]]; then
- crypto_from_proto DEBUG ""
- fi
else
echo "\n==== No DEBUG $open_only build ====\n" >> "$LOGFILE"
fi
@@ -584,48 +470,20 @@ function myheaders {
}
#
-# Unpack the crypto tarball into the proto area. We first extract the
-# tarball into a temp directory so that we can handle the non-DEBUG
-# tarball correctly with MULTI_PROTO=no.
-# Return 0 on success, non-zero on failure.
-#
-function unpack_crypto {
- typeset tarfile=$1
- typeset suffix=$2
- typeset ctop=$(mktemp -d /tmp/crypto.XXXXXX)
- [ -n "$ctop" ] || return 1
- typeset croot=$ctop/proto/root_$MACH$suffix
- echo "Unpacking crypto ($tarfile)..."
- bzcat "$tarfile" | (cd "$ctop"; tar xfBp -)
- if [[ $? -ne 0 || ! -d "$croot" ]]; then
- return 1
- fi
- #
- # We extract with -p so that we maintain permissions on directories.
- #
- (cd "$croot"; tar cf - *) | (cd "$ROOT"; tar xfBp -)
- typeset -i stat=$?
- rm -rf "$ctop"
- return $stat
-}
-
-#
# Function to do the build, including package generation.
-# usage: build LABEL SUFFIX ND MULTIPROTO CRYPTO
+# usage: build LABEL SUFFIX ND MULTIPROTO
# - LABEL is used to tag build output.
# - SUFFIX is used to distinguish files (e.g., DEBUG vs non-DEBUG,
# open-only vs full tree).
# - ND is "-nd" (non-DEBUG builds) or "" (DEBUG builds).
# - If MULTIPROTO is "yes", it means to name the proto area according to
# SUFFIX. Otherwise ("no"), (re)use the standard proto area.
-# - CRYPTO is the path to the crypto tarball, or null.
#
function build {
LABEL=$1
SUFFIX=$2
ND=$3
MULTIPROTO=$4
- CRYPTOPATH=$5
INSTALLOG=install${SUFFIX}-${MACH}
NOISE=noise${SUFFIX}-${MACH}
PKGARCHIVE=${PKGARCHIVE_ORIG}${SUFFIX}
@@ -676,16 +534,6 @@ function build {
this_build_ok=n
fi
- if [ -n "$CRYPTOPATH" ]; then
- unpack_crypto "$CRYPTOPATH" "$ND" >> "$LOGFILE" 2>&1
- if (( $? != 0 )) ; then
- echo "Could not unpack crypto ($CRYPTOPATH)" |
- tee -a "$mail_msg_file" >> "$LOGFILE"
- build_ok=n
- this_build_ok=n
- fi
- fi
-
if [ "$W_FLAG" = "n" ]; then
echo "\n==== Build warnings ($LABEL) ====\n" >>$mail_msg_file
egrep -i warning: $SRC/${INSTALLOG}.out \
@@ -1678,63 +1526,6 @@ fi
export PATH
export MAKE
-#
-# Make sure the crypto tarball is available if it's needed.
-#
-
-# Echo the non-DEBUG name corresponding to the given crypto tarball path.
-function ndcrypto {
- typeset dir file
-
- if [ -z "$1" ]; then
- echo ""
- return
- fi
-
- dir=$(dirname "$1")
- file=$(basename "$1" ".$MACH.tar.bz2")
-
- echo "$dir/$file-nd.$MACH.tar.bz2"
-}
-
-# Return 0 (success) if the required crypto tarball(s) are present.
-function crypto_is_present {
- if [ -z "$ON_CRYPTO_BINS" ]; then
- echo "ON_CRYPTO_BINS is null or not set."
- return 1
- fi
- if [ "$D_FLAG" = y ]; then
- if [ ! -f "$ON_CRYPTO_BINS" ]; then
- echo "DEBUG crypto tarball is unavailable."
- return 1
- fi
- fi
- if [ "$F_FLAG" = n ]; then
- if [ ! -f $(ndcrypto "$ON_CRYPTO_BINS") ]; then
- echo "Non-DEBUG crypto tarball is unavailable."
- return 1
- fi
- fi
-
- return 0
-}
-
-#
-# Canonicalize ON_CRYPTO_BINS, just in case it was set to the -nd
-# tarball.
-#
-if [ -n "$ON_CRYPTO_BINS" ]; then
- export ON_CRYPTO_BINS=$(echo "$ON_CRYPTO_BINS" |
- sed -e s/-nd.$MACH.tar/.$MACH.tar/)
-fi
-
-if [[ "$O_FLAG" = y && -z "$CODESIGN_USER" ]]; then
- if ! crypto_is_present; then
- echo "OpenSolaris deliveries need signed crypto."
- exit 1
- fi
-fi
-
if [[ "$O_FLAG" = y ]]; then
export TONICBUILD=""
else
@@ -2237,12 +2028,6 @@ yes|no) ;;
;;
esac
-# If CODESIGN_USER is set, we'll want the crypto that we just built.
-if [[ -n "$CODESIGN_USER" && -n "$ON_CRYPTO_BINS" ]]; then
- echo "Clearing ON_CRYPTO_BINS for signing build." >> "$LOGFILE"
- unset ON_CRYPTO_BINS
-fi
-
echo "\n==== Build version ====\n" | tee -a $mail_msg_file >> $LOGFILE
echo $VERSION | tee -a $mail_msg_file >> $LOGFILE
@@ -2708,27 +2493,6 @@ if [[ "$O_FLAG" = y && "$CLOSED_IS_PRESENT" != "yes" ]]; then
exit 1
fi
-if [ "$CLOSED_IS_PRESENT" = no ]; then
- #
- # Not all consolidations have a closed tree, and even if they
- # did, they wouldn't necessarily have signed crypto. But if
- # the current source base does have signed crypto and it can't
- # be generated, error out, rather than silently building
- # unusable binaries.
- #
- grep -s ELFSIGN_CRYPTO "$SRC/Makefile.master" > /dev/null
- if (( $? == 0 )); then
- crypto_is_present >> "$LOGFILE"
- if (( $? != 0 )); then
- build_ok=n
- echo "A crypto tarball must be provided when" \
- "there is no closed tree." |
- tee -a "$mail_msg_file" >> "$LOGFILE"
- exit 1
- fi
- fi
-fi
-
echo "\n==== Build environment ====\n" | tee -a $build_environ_file >> $LOGFILE
# System
@@ -3349,68 +3113,6 @@ fi
# steps need to come after findunref and are commented below.
#
-#
-# Copy an input crypto tarball to the canonical destination (with
-# datestamp), and point the non-stamped symlink at it.
-# Usage: copyin_crypto from_path suffix
-# Returns 0 if successful, non-zero if not.
-#
-function copyin_crypto {
- typeset from=$1
- typeset suffix=$2
- typeset to=$(cryptodest "$suffix").bz2
- typeset -i stat
- cp "$from" "$to"
- stat=$?
- if (( $stat == 0 )); then
- cryptolink "$to" "$suffix"
- stat=$?
- fi
- return $stat
-}
-
-#
-# Copy a crypto tarball to $CODEMGR_WS to go with the other
-# OpenSolaris deliverables.
-# Usage: copyout_crypto suffix
-# where $suffix is "" or "-nd".
-#
-function copyout_crypto {
- typeset suffix=$1
- typeset cryptof=on-crypto$suffix.$MACH.tar.bz2
- [ -f $cryptof ] && rm $cryptof
- cp $(cryptodest "$suffix").bz2 $cryptof
-}
-
-#
-# Pass through the crypto tarball(s) that we were given, putting it in
-# the same place that crypto_from_proto puts things.
-# Returns with non-zero status if there is a problem.
-#
-function crypto_passthrough {
- echo "Reusing $ON_CRYPTO_BINS for crypto tarball(s)..." >> "$LOGFILE"
- typeset -i stat=0
- if [ "$D_FLAG" = y ]; then
- copyin_crypto "$ON_CRYPTO_BINS" "" >> "$LOGFILE" 2>&1
- if (( $? != 0 )) ; then
- echo "Couldn't create DEBUG crypto tarball." |
- tee -a "$mail_msg_file" >> "$LOGFILE"
- stat=1
- fi
- fi
- if [ "$F_FLAG" = n ]; then
- copyin_crypto $(ndcrypto "$ON_CRYPTO_BINS") "-nd" \
- >> "$LOGFILE" 2>&1
- if (( $? != 0 )) ; then
- echo "Couldn't create non-DEBUG crypto tarball." |
- tee -a "$mail_msg_file" >> "$LOGFILE"
- stat=1
- fi
- fi
-
- return $stat
-}
-
# If we are doing an OpenSolaris _source_ build (-S O) then we do
# not have usr/closed available to us to generate closedbins from,
# so skip this part.
@@ -3456,37 +3158,6 @@ if [ "$SO_FLAG" = n -a "$O_FLAG" = y -a "$build_ok" = y ]; then
tee -a $mail_msg_file >> $LOGFILE
build_ok=n
fi
-
- typeset have_crypto=y
- if [ -n "$ON_CRYPTO_BINS" ]; then
- crypto_passthrough || have_crypto=n
- fi
- #
- # Make another copy of the crypto so that all the OpenSolaris
- # deliverables are in $CODEMGR_WS.
- #
- if [ "$have_crypto" != y ]; then
- build_ok=n
- else
- echo "Copying crypto tarball to $CODEMGR_WS" >> "$LOGFILE"
- if [ "$D_FLAG" = y ]; then
- copyout_crypto "" >> "$LOGFILE" 2>&1
- if (( $? != 0 )) ; then
- echo "Couldn't create DEBUG crypto tarball" |
- tee -a $mail_msg_file >> "$LOGFILE"
- build_ok=n
- fi
- fi
- if [ "$F_FLAG" = n ]; then
- copyout_crypto "-nd" >> "$LOGFILE" 2>&1
- if (( $? != 0 )) ; then
- echo "Couldn't create non-DEBUG" \
- "crypto tarball" |
- tee -a $mail_msg_file >> "$LOGFILE"
- build_ok=n
- fi
- fi
- fi
fi
# Verify that the usual lists of files, such as exception lists,
diff --git a/usr/src/uts/Makefile.uts b/usr/src/uts/Makefile.uts
index ce2148c475..bc90d534a2 100644
--- a/usr/src/uts/Makefile.uts
+++ b/usr/src/uts/Makefile.uts
@@ -674,9 +674,3 @@ PRIVS_DEF = $(SRC)/uts/common/os/priv_defs
#
USBDEVS_AWK = $(SRC)/uts/common/io/usb/usbdevs2h.awk
USBDEVS_DATA = $(SRC)/uts/common/io/usb/usbdevs
-
-#
-# FIPS140 Self Integrity Check Command for HW Crypto modules
-#
-FIPS140_CMDDIR = $(SRC)/tools/fips_addchecksum
-FIPS140_CHECK = $(FIPS140_CMDDIR)/fips_addchecksum $(BINARY)
diff --git a/usr/src/uts/common/Makefile.files b/usr/src/uts/common/Makefile.files
index ec08410b4f..102c449aa9 100644
--- a/usr/src/uts/common/Makefile.files
+++ b/usr/src/uts/common/Makefile.files
@@ -498,9 +498,9 @@ MD4_OBJS += md4.o md4_mod.o
MD5_OBJS += md5.o md5_mod.o
-SHA1_OBJS += sha1.o sha1_mod.o fips_sha1_util.o
+SHA1_OBJS += sha1.o sha1_mod.o
-SHA2_OBJS += sha2.o sha2_mod.o fips_sha2_util.o
+SHA2_OBJS += sha2.o sha2_mod.o
IPGPC_OBJS += classifierddi.o classifier.o filters.o trie.o table.o \
ba_table.o
@@ -1519,7 +1519,7 @@ KCF_OBJS += kcf.o kcf_callprov.o kcf_cbufcall.o kcf_cipher.o kcf_crypto.o \
kcf_object.o kcf_policy.o kcf_prov_lib.o kcf_prov_tabs.o \
kcf_sched.o kcf_session.o kcf_sign.o kcf_spi.o kcf_verify.o \
kcf_random.o modes.o ecb.o cbc.o ctr.o ccm.o gcm.o \
- fips_random.o fips_checksum.o fips_test_vectors.o
+ fips_random.o
CRYPTOADM_OBJS += cryptoadm.o
@@ -1530,7 +1530,7 @@ DPROV_OBJS += dprov.o
DCA_OBJS += dca.o dca_3des.o dca_debug.o dca_dsa.o dca_kstat.o dca_rng.o \
dca_rsa.o
-AESPROV_OBJS += aes.o aes_impl.o aes_modes.o fips_aes_util.o
+AESPROV_OBJS += aes.o aes_impl.o aes_modes.o
ARCFOURPROV_OBJS += arcfour.o arcfour_crypt.o
@@ -1541,11 +1541,11 @@ ECCPROV_OBJS += ecc.o ec.o ec2_163.o ec2_mont.o ecdecode.o ecl_mult.o \
ecp_jm.o ec2_233.o ecl_curve.o ecp_224.o ecp_aff.o \
ecp_mont.o ec2_aff.o ec_naf.o ecl_gf.o ecp_256.o mp_gf2m.o \
mpi.o mplogic.o mpmontg.o mpprime.o oid.o \
- secitem.o ec2_test.o ecp_test.o fips_ecc_util.o
+ secitem.o ec2_test.o ecp_test.o
-RSAPROV_OBJS += rsa.o rsa_impl.o pkcs1.o fips_rsa_util.o
+RSAPROV_OBJS += rsa.o rsa_impl.o pkcs1.o
-SWRANDPROV_OBJS += swrand.o fips_random_util.o
+SWRANDPROV_OBJS += swrand.o
#
# kernel SSL
@@ -1664,7 +1664,7 @@ KGSS_KRB5_OBJS += krb5mech.o \
$(CRYPTO_OLD) \
$(CRYPTO_RAW) $(K5_KRB) $(K5_OS)
-DES_OBJS += des_crypt.o des_impl.o des_ks.o des_soft.o fips_des_util.o
+DES_OBJS += des_crypt.o des_impl.o des_ks.o des_soft.o
DLBOOT_OBJS += bootparam_xdr.o nfs_dlinet.o scan.o
diff --git a/usr/src/uts/common/Makefile.rules b/usr/src/uts/common/Makefile.rules
index ae82eb96fe..c05da5b2ec 100644
--- a/usr/src/uts/common/Makefile.rules
+++ b/usr/src/uts/common/Makefile.rules
@@ -57,10 +57,6 @@ $(OBJS_DIR)/%.o: $(COMMONBASE)/crypto/ecc/%.c
$(COMPILE.c) -o $@ $<
$(CTFCONVERT_O)
-$(OBJS_DIR)/%.o: $(COMMONBASE)/crypto/fips/%.c
- $(COMPILE.c) -o $@ $<
- $(CTFCONVERT_O)
-
$(OBJS_DIR)/%.o: $(COMMONBASE)/crypto/modes/%.c
$(COMPILE.c) -o $@ $<
$(CTFCONVERT_O)
@@ -1561,9 +1557,6 @@ $(LINTS_DIR)/%.ln: $(COMMONBASE)/crypto/blowfish/%.c
$(LINTS_DIR)/%.ln: $(COMMONBASE)/crypto/ecc/%.c
@($(LHEAD) $(LINT.c) $< $(LTAIL))
-$(LINTS_DIR)/%.ln: $(COMMONBASE)/crypto/fips/%.c
- @($(LHEAD) $(LINT.c) $< $(LTAIL))
-
$(LINTS_DIR)/%.ln: $(COMMONBASE)/crypto/modes/%.c
@($(LHEAD) $(LINT.c) $< $(LTAIL))
diff --git a/usr/src/uts/common/bignum/bignum_mod.c b/usr/src/uts/common/bignum/bignum_mod.c
index 938eb50d48..1ef0b1e6d7 100644
--- a/usr/src/uts/common/bignum/bignum_mod.c
+++ b/usr/src/uts/common/bignum/bignum_mod.c
@@ -28,7 +28,6 @@
#include <sys/modctl.h>
#include <sys/cmn_err.h>
#include <sys/ddi.h>
-#include <fips/fips_checksum.h>
extern struct mod_ops mod_cryptoops;
@@ -61,14 +60,3 @@ _info(struct modinfo *modinfop)
{
return (mod_info(&modlinkage, modinfop));
}
-
-int
-bignum_fips_check()
-{
- if (fips_check_module("misc/bignum", (void *)_init) != 0) {
- cmn_err(CE_WARN, "bignum: FIPS-140 Software Integrity Test "
- "failed");
- return (EINVAL);
- }
- return (0);
-}
diff --git a/usr/src/uts/common/crypto/api/kcf_random.c b/usr/src/uts/common/crypto/api/kcf_random.c
index 976fd0df48..ffb2c61e62 100644
--- a/usr/src/uts/common/crypto/api/kcf_random.c
+++ b/usr/src/uts/common/crypto/api/kcf_random.c
@@ -21,6 +21,9 @@
/*
* Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved.
*/
+/*
+ * Copyright 2010 Nexenta Systems, Inc. All rights reserved.
+ */
/*
* This file implements the interfaces that the /dev/random
@@ -1050,49 +1053,3 @@ random_get_bytes(uint8_t *ptr, size_t len)
return (0);
return (kcf_rnd_get_bytes(ptr, len, B_TRUE));
}
-
-/*
- * The two functions below are identical to random_get_pseudo_bytes() and
- * random_get_bytes_fips, this function is called for consumers that want
- * FIPS 140-2. This function waits until the FIPS boundary can be verified.
- */
-
-/*
- * Get bytes from the /dev/urandom generator. This function
- * always succeeds. Returns 0.
- */
-int
-random_get_pseudo_bytes_fips140(uint8_t *ptr, size_t len)
-{
- ASSERT(!mutex_owned(&rndpool_lock));
-
- mutex_enter(&fips140_mode_lock);
- while (global_fips140_mode < FIPS140_MODE_ENABLED) {
- cv_wait(&cv_fips140, &fips140_mode_lock);
- }
- mutex_exit(&fips140_mode_lock);
-
- if (len < 1)
- return (0);
- return (kcf_rnd_get_pseudo_bytes(ptr, len));
-}
-
-/*
- * Get bytes from the /dev/random generator. Returns 0
- * on success. Returns EAGAIN if there is insufficient entropy.
- */
-int
-random_get_bytes_fips140(uint8_t *ptr, size_t len)
-{
- ASSERT(!mutex_owned(&rndpool_lock));
-
- mutex_enter(&fips140_mode_lock);
- while (global_fips140_mode < FIPS140_MODE_ENABLED) {
- cv_wait(&cv_fips140, &fips140_mode_lock);
- }
- mutex_exit(&fips140_mode_lock);
-
- if (len < 1)
- return (0);
- return (kcf_rnd_get_bytes(ptr, len, B_TRUE));
-}
diff --git a/usr/src/uts/common/crypto/core/kcf.c b/usr/src/uts/common/crypto/core/kcf.c
index 3ffaac033d..11cecf48e6 100644
--- a/usr/src/uts/common/crypto/core/kcf.c
+++ b/usr/src/uts/common/crypto/core/kcf.c
@@ -22,6 +22,9 @@
/*
* Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
*/
+/*
+ * Copyright 2010 Nexenta Systems, Inc. All rights reserved.
+ */
/*
* Core KCF (Kernel Cryptographic Framework). This file implements
@@ -55,29 +58,6 @@ int kcf_frmwrk_debug = 0;
#define KCF_FRMWRK_DEBUG(l, x)
#endif /* DEBUG */
-/*
- * Door to make upcalls to kcfd. kcfd will send us this
- * handle when it is coming up.
- */
-kmutex_t kcf_dh_lock;
-door_handle_t kcf_dh = NULL;
-
-/* Setup FIPS 140 support variables */
-uint32_t global_fips140_mode = FIPS140_MODE_UNSET;
-kmutex_t fips140_mode_lock;
-kcondvar_t cv_fips140;
-
-/*
- * Kernel FIPS140 boundary module list
- * NOTE: "swrand" must be the last entry. FIPS 140 shutdown functions stop
- * before getting to swrand as it is used for non-FIPS 140
- * operations to. The FIPS 140 random API separately controls access.
- */
-#define FIPS140_MODULES_MAX 7
-static char *fips140_module_list[FIPS140_MODULES_MAX] = {
- "aes", "des", "ecc", "sha1", "sha2", "rsa", "swrand"
-};
-
static struct modlmisc modlmisc = {
&mod_miscops, "Kernel Crypto Framework"
};
@@ -86,15 +66,11 @@ static struct modlinkage modlinkage = {
MODREV_1, (void *)&modlmisc, NULL
};
-static int rngtimer_started;
extern int sys_shutdown;
int
_init()
{
- mutex_init(&fips140_mode_lock, NULL, MUTEX_DEFAULT, NULL);
- cv_init(&cv_fips140, NULL, CV_DEFAULT, NULL);
-
/* initialize the mechanisms tables supported out-of-the-box */
kcf_init_mech_tabs();
@@ -114,9 +90,10 @@ _init()
kcf_sched_init();
/* initialize the RNG support structures */
- rngtimer_started = 0;
kcf_rnd_init();
+ kcf_rnd_schedule_timeout(B_TRUE);
+
return (mod_install(&modlinkage));
}
@@ -136,276 +113,6 @@ _fini(void)
}
-/* Returns the value of global_fips140_mode */
-int
-kcf_get_fips140_mode(void)
-{
- return (global_fips140_mode);
-}
-
-/*
- * If FIPS 140 has failed its tests. The providers must be disabled from the
- * framework.
- */
-void
-kcf_fips140_shutdown()
-{
- kcf_provider_desc_t *pd;
- int i;
-
- cmn_err(CE_WARN,
- "Shutting down FIPS 140 boundary as verification failed.");
-
- /* Disable FIPS 140 modules, but leave swrand alone */
- for (i = 0; i < (FIPS140_MODULES_MAX - 1); i++) {
- /*
- * Remove the predefined entries from the soft_config_list
- * so the framework does not report the providers.
- */
- remove_soft_config(fips140_module_list[i]);
-
- pd = kcf_prov_tab_lookup_by_name(fips140_module_list[i]);
- if (pd == NULL)
- continue;
-
- /* Allow the unneeded providers to be unloaded */
- pd->pd_mctlp->mod_loadflags &= ~(MOD_NOAUTOUNLOAD);
-
- /* Invalidate the FIPS 140 providers */
- mutex_enter(&pd->pd_lock);
- pd->pd_state = KCF_PROV_VERIFICATION_FAILED;
- mutex_exit(&pd->pd_lock);
- KCF_PROV_REFRELE(pd);
- undo_register_provider(pd, B_FALSE);
-
- }
-}
-
-/*
- * Activates the kernel providers
- *
- * If we are getting ready to enable FIPS 140 mode, then all providers should
- * be loaded and ready.
- *
- * If FIPS 140 is disabled, then we can skip any errors because some crypto
- * modules may not have been loaded.
- */
-void
-kcf_activate()
-{
- kcf_provider_desc_t *pd;
- int i;
-
- for (i = 0; i < (FIPS140_MODULES_MAX - 1); i++) {
- pd = kcf_prov_tab_lookup_by_name(fips140_module_list[i]);
- if (pd == NULL) {
- if (global_fips140_mode == FIPS140_MODE_DISABLED)
- continue;
-
- /* There should never be a NULL value in FIPS 140 */
- cmn_err(CE_WARN, "FIPS 140 activation: %s not in "
- "kernel provider table", fips140_module_list[i]);
- kcf_fips140_shutdown();
- break;
- }
-
- /*
- * Change the provider state so the verification functions
- * can signature verify, if necessary, and ready it.
- */
- if (pd->pd_state == KCF_PROV_UNVERIFIED_FIPS140) {
- mutex_enter(&pd->pd_lock);
- pd->pd_state = KCF_PROV_UNVERIFIED;
- mutex_exit(&pd->pd_lock);
- }
-
- KCF_PROV_REFRELE(pd);
- }
-
- /* If we are not in FIPS 140 mode, then exit */
- if (global_fips140_mode == FIPS140_MODE_DISABLED)
- return;
-
- /* If we in the process of validating FIPS 140, enable it */
- mutex_enter(&fips140_mode_lock);
- global_fips140_mode = FIPS140_MODE_ENABLED;
- cv_signal(&cv_fips140);
- mutex_exit(&fips140_mode_lock);
- cmn_err(CE_CONT, "?FIPS 140 enabled. Boundary check complete.");
-
- verify_unverified_providers();
-}
-
-
-/*
- * Perform a door call to kcfd to have it check the integrity of the
- * kernel boundary. Failure of the boundary will cause a FIPS 140
- * configuration to fail
- */
-int
-kcf_fips140_integrity_check()
-{
- door_arg_t darg;
- door_handle_t ldh;
- kcf_door_arg_t *kda = { 0 }, *rkda = NULL;
- int ret = 0;
-
- KCF_FRMWRK_DEBUG(1, ("Starting IC check"));
-
- mutex_enter(&kcf_dh_lock);
- if (kcf_dh == NULL) {
- mutex_exit(&kcf_dh_lock);
- cmn_err(CE_WARN, "FIPS 140 Integrity Check failed, Door not "
- "available\n");
- return (1);
- }
-
- ldh = kcf_dh;
- door_ki_hold(ldh);
- mutex_exit(&kcf_dh_lock);
-
- kda = kmem_alloc(sizeof (kcf_door_arg_t), KM_SLEEP);
- kda->da_version = KCFD_FIPS140_INTCHECK;
- kda->da_iskernel = B_TRUE;
-
- darg.data_ptr = (char *)kda;
- darg.data_size = sizeof (kcf_door_arg_t);
- darg.desc_ptr = NULL;
- darg.desc_num = 0;
- darg.rbuf = (char *)kda;
- darg.rsize = sizeof (kcf_door_arg_t);
-
- ret = door_ki_upcall_limited(ldh, &darg, NULL, SIZE_MAX, 0);
- if (ret != 0) {
- ret = 1;
- goto exit;
- }
-
- KCF_FRMWRK_DEBUG(1, ("Integrity Check door returned = %d\n", ret));
-
- rkda = (kcf_door_arg_t *)(void *)darg.rbuf;
- if (rkda->da_u.result.status != ELFSIGN_SUCCESS) {
- ret = 1;
- KCF_FRMWRK_DEBUG(1, ("Integrity Check failed = %d\n",
- rkda->da_u.result.status));
- goto exit;
- }
-
- KCF_FRMWRK_DEBUG(1, ("Integrity Check succeeds.\n"));
-
-exit:
- if ((rkda != NULL) && (rkda != kda))
- kmem_free(rkda, darg.rsize);
-
- kmem_free(kda, sizeof (kcf_door_arg_t));
- door_ki_rele(ldh);
- if (ret)
- cmn_err(CE_WARN, "FIPS 140 Integrity Check failed.\n");
- return (ret);
-}
-
-/*
- * If FIPS 140 is configured to be enabled, before it can be turned on, the
- * providers must run their Power On Self Test (POST) and we must wait to sure
- * userland has performed its validation tests.
- */
-void
-kcf_fips140_validate()
-{
- kcf_provider_desc_t *pd;
- kthread_t *post_thr;
- int post_rv[FIPS140_MODULES_MAX];
- kt_did_t post_t_did[FIPS140_MODULES_MAX];
- int ret = 0;
- int i;
-
- /*
- * Run POST tests for FIPS 140 modules, if they aren't loaded, load them
- */
- for (i = 0; i < FIPS140_MODULES_MAX; i++) {
- pd = kcf_prov_tab_lookup_by_name(fips140_module_list[i]);
- if (pd == NULL) {
- /* If the module isn't loaded, load it */
- ret = modload("crypto", fips140_module_list[i]);
- if (ret == -1) {
- cmn_err(CE_WARN, "FIPS 140 validation failed: "
- "error modloading module %s.",
- fips140_module_list[i]);
- goto error;
- }
-
- /* Try again to get provider desc */
- pd = kcf_prov_tab_lookup_by_name(
- fips140_module_list[i]);
- if (pd == NULL) {
- cmn_err(CE_WARN, "FIPS 140 validation failed: "
- "Could not find module %s.",
- fips140_module_list[i]);
- goto error;
- }
- }
-
- /* Make sure there are FIPS 140 entry points */
- if (KCF_PROV_FIPS140_OPS(pd) == NULL) {
- cmn_err(CE_WARN, "FIPS 140 validation failed: "
- "No POST function entry point in %s.",
- fips140_module_list[i]);
- goto error;
- }
-
- /* Make sure the module is not unloaded */
- pd->pd_mctlp->mod_loadflags |= MOD_NOAUTOUNLOAD;
-
- /*
- * With the FIPS 140 POST function provided by the module in
- * SPI v4, start a thread to run the function.
- */
- post_rv[i] = CRYPTO_OPERATION_NOT_INITIALIZED;
- post_thr = thread_create(NULL, 0,
- (*(KCF_PROV_FIPS140_OPS(pd)->fips140_post)), &post_rv[i],
- 0, &p0, TS_RUN, MAXCLSYSPRI);
- post_t_did[i] = post_thr->t_did;
- KCF_FRMWRK_DEBUG(1, ("kcf_fips140_validate: started POST "
- "for %s\n", fips140_module_list[i]));
- KCF_PROV_REFRELE(pd);
- }
-
- /* Do integrity check of kernel boundary */
- ret = kcf_fips140_integrity_check();
- if (ret == 1)
- goto error;
-
- /* Wait for POST threads to come back and verify results */
- for (i = 0; i < FIPS140_MODULES_MAX; i++) {
- /* If the POST has already returned a success, we can move on */
- if (post_rv[i] == CRYPTO_SUCCESS)
- continue;
-
- /* POST test is taking more time, need to wait for thread */
- if (post_rv[i] == CRYPTO_OPERATION_NOT_INITIALIZED &&
- post_t_did[i] != NULL)
- thread_join(post_t_did[i]);
-
- if (post_rv[i] != CRYPTO_SUCCESS) {
- cmn_err(CE_WARN, "FIPS 140 POST failed for %s. "
- "Error = 0x%x", fips140_module_list[i], post_rv[i]);
- goto error;
- }
- }
-
- kcf_activate();
- return;
-
-error:
- mutex_enter(&fips140_mode_lock);
- global_fips140_mode = FIPS140_MODE_SHUTDOWN;
- kcf_fips140_shutdown();
- cv_signal(&cv_fips140);
- mutex_exit(&fips140_mode_lock);
-
-}
-
-
/*
* Return a pointer to the modctl structure of the
* provider's module.
@@ -432,304 +139,3 @@ kcf_get_modctl(crypto_provider_info_t *pinfo)
return (mctlp);
}
-
-/* Check if this provider requires to be verified. */
-int
-verifiable_provider(crypto_ops_t *prov_ops)
-{
-
- if (prov_ops->co_cipher_ops == NULL && prov_ops->co_dual_ops == NULL &&
- prov_ops->co_dual_cipher_mac_ops == NULL &&
- prov_ops->co_key_ops == NULL && prov_ops->co_sign_ops == NULL &&
- prov_ops->co_verify_ops == NULL)
- return (0);
-
- return (1);
-}
-
-/*
- * With a given provider being registered, this looks through the FIPS 140
- * modules list and returns a 1 if it's part of the FIPS 140 boundary and
- * the framework registration must be delayed until we know the FIPS 140 mode
- * status. A zero mean the provider does not need to wait for the FIPS 140
- * boundary.
- *
- * If the provider in the boundary only provides random (like swrand), we
- * can let it register as the random API will block operations.
- */
-int
-kcf_need_fips140_verification(kcf_provider_desc_t *pd)
-{
- int i, ret = 0;
-
- if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER)
- return (0);
-
- mutex_enter(&fips140_mode_lock);
-
- if (global_fips140_mode >= FIPS140_MODE_ENABLED)
- goto exit;
-
- for (i = 0; i < FIPS140_MODULES_MAX; i++) {
- if (strcmp(fips140_module_list[i], pd->pd_name) != 0)
- continue;
-
- /* If this module is only random, we can let it register */
- if (KCF_PROV_RANDOM_OPS(pd) &&
- !verifiable_provider(pd->pd_ops_vector))
- break;
-
- if (global_fips140_mode == FIPS140_MODE_SHUTDOWN) {
- ret = -1;
- break;
- }
-
- ret = 1;
- break;
- }
-
-exit:
- mutex_exit(&fips140_mode_lock);
- return (ret);
-}
-
-
-/*
- * Check if signature verification is needed for a provider.
- *
- * Returns 0, if no verification is needed. Returns 1, if
- * verification is needed. Returns -1, if there is an
- * error.
- */
-int
-kcf_need_signature_verification(kcf_provider_desc_t *pd)
-{
- struct module *mp;
- struct modctl *mctlp = pd->pd_mctlp;
-
- if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER)
- return (0);
-
- if (mctlp == NULL || mctlp->mod_mp == NULL)
- return (-1);
-
- mp = (struct module *)mctlp->mod_mp;
-
- /*
- * Check if we need to verify this provider signature and if so,
- * make sure it has a signature section.
- */
- if (verifiable_provider(pd->pd_ops_vector) == 0)
- return (0);
-
- /* See if this module has its required signature section. */
- if (mp->sigdata == NULL)
- return (-1);
-
- return (1);
-}
-
-/*
- * Do the signature verification on the given module. This function can
- * be called from user context or kernel context.
- *
- * We call kcfd with the full pathname of the module to be
- * verified. kcfd will return success/fail, signature length
- * and the actual signature in the ELF section of the module. If
- * kcfd returns success, we compare the signature and the length
- * with the values that krtld stored in the module structure. We
- * log an error message in case of a failure.
- *
- * The provider state is changed to KCF_PROV_READY on success.
- */
-void
-kcf_verify_signature(void *arg)
-{
- int rv;
- int error = CRYPTO_MODVERIFICATION_FAILED;
- door_arg_t darg;
- door_handle_t ldh;
- kcf_door_arg_t *kda;
- char *filename;
- kcf_provider_desc_t *pd = arg;
- struct module *mp;
- boolean_t do_notify = B_FALSE;
- boolean_t modhold_done = B_FALSE;
- struct modctl *mctlp = pd->pd_mctlp;
-
- ASSERT(pd->pd_prov_type != CRYPTO_LOGICAL_PROVIDER);
- ASSERT(mctlp != NULL);
-
- /*
- * Because of FIPS 140 delays module loading, we may be running through
- * this code with a non-crypto signed module; therefore, another
- * check is necessary
- */
- if (verifiable_provider(pd->pd_ops_vector) == 0) {
- error = 0;
- goto setverify;
- }
-
- for (;;) {
- mutex_enter(&pd->pd_lock);
- /* No need to do verification */
- if (pd->pd_state != KCF_PROV_UNVERIFIED) {
- mutex_exit(&pd->pd_lock);
- goto out;
- }
- mutex_exit(&pd->pd_lock);
-
- mutex_enter(&mod_lock);
- if (mctlp->mod_mp == NULL) {
- mutex_exit(&mod_lock);
- goto out;
- }
-
- /*
- * This check is needed since a software provider can call
- * us directly from the _init->crypto_register_provider path.
- */
- if (pd->pd_prov_type == CRYPTO_SW_PROVIDER &&
- mctlp->mod_inprogress_thread == curthread) {
- mutex_exit(&mod_lock);
- modhold_done = B_FALSE;
- break;
- }
-
- /*
- * We could be in a race with the register thread or
- * the unregister thread. So, retry if register or
- * unregister is in progress. Note that we can't do
- * mod_hold_by_modctl without this check since that
- * could result in a deadlock with the other threads.
- */
- if (mctlp->mod_busy) {
- mutex_exit(&mod_lock);
- /* delay for 10ms and try again */
- delay(drv_usectohz(10000));
- continue;
- }
-
- (void) mod_hold_by_modctl(mctlp,
- MOD_WAIT_FOREVER | MOD_LOCK_HELD);
- mutex_exit(&mod_lock);
- modhold_done = B_TRUE;
- break;
- }
-
- /*
- * Check if the door is set up yet. This will be set when kcfd
- * comes up. If not, we return and leave the provider state unchanged
- * at KCF_PROV_UNVERIFIED. This will trigger the verification of
- * the module later when kcfd is up. This is safe as we NEVER use
- * a provider that has not been verified yet.
- */
- mutex_enter(&kcf_dh_lock);
- if (kcf_dh == NULL) {
- mutex_exit(&kcf_dh_lock);
- goto out;
- }
-
- ldh = kcf_dh;
- door_ki_hold(ldh);
- mutex_exit(&kcf_dh_lock);
-
- mp = (struct module *)mctlp->mod_mp;
- filename = mp->filename;
- KCF_FRMWRK_DEBUG(2, ("Verifying module: %s\n", filename));
-
- kda = kmem_alloc(sizeof (kcf_door_arg_t) + mp->sigsize, KM_SLEEP);
- kda->da_version = KCF_KCFD_VERSION1;
- kda->da_iskernel = B_TRUE;
- bcopy(filename, kda->da_u.filename, strlen(filename) + 1);
-
- darg.data_ptr = (char *)kda;
- darg.data_size = sizeof (kcf_door_arg_t) + mp->sigsize;
- darg.desc_ptr = NULL;
- darg.desc_num = 0;
- darg.rbuf = (char *)kda;
- darg.rsize = sizeof (kcf_door_arg_t);
-
- /*
- * Make door upcall. door_ki_upcall() checks for validity of the handle.
- */
- rv = door_ki_upcall_limited(ldh, &darg, NULL, SIZE_MAX, 0);
-
- if (rv == 0) {
- kcf_door_arg_t *rkda = (kcf_door_arg_t *)(void *)darg.rbuf;
-
- KCF_FRMWRK_DEBUG(2,
- ("passed: %d\n", rkda->da_u.result.status));
- KCF_FRMWRK_DEBUG(2,
- ("signature length: %d\n", rkda->da_u.result.siglen));
- KCF_FRMWRK_DEBUG(2,
- ("signature: %p\n", (void*)rkda->da_u.result.signature));
-
-
- /* Check kcfd result and compare against module struct fields */
- if ((rkda->da_u.result.status != ELFSIGN_SUCCESS) ||
- !(rkda->da_u.result.siglen == mp->sigsize) ||
- (bcmp(rkda->da_u.result.signature, mp->sigdata,
- mp->sigsize))) {
- cmn_err(CE_WARN, "Module verification failed for %s.",
- filename);
- } else {
- error = 0;
- }
-
- if (rkda != kda)
- kmem_free(rkda, darg.rsize);
-
- } else if (sys_shutdown == 0) {
- cmn_err(CE_WARN, "Unable to use door to kcfd during module "
- "verification of %s. (errno: 0x%x)", filename, rv);
- }
-
- kmem_free(kda, sizeof (kcf_door_arg_t) + mp->sigsize);
- door_ki_rele(ldh);
-
-setverify:
- mutex_enter(&pd->pd_lock);
- /* change state only if the original state is unchanged */
- if (pd->pd_state == KCF_PROV_UNVERIFIED) {
- if (error == 0) {
- pd->pd_state = KCF_PROV_READY;
- do_notify = B_TRUE;
- } else {
- pd->pd_state = KCF_PROV_VERIFICATION_FAILED;
- }
- }
- mutex_exit(&pd->pd_lock);
-
- if (do_notify) {
- /* Dispatch events for this new provider */
- kcf_do_notify(pd, B_TRUE);
- }
-
-out:
- if (modhold_done)
- mod_release_mod(mctlp);
- KCF_PROV_REFRELE(pd);
-}
-
-/* called from the CRYPTO_LOAD_DOOR ioctl */
-int
-crypto_load_door(uint_t did)
-{
- door_handle_t dh;
-
- mutex_enter(&kcf_dh_lock);
- dh = door_ki_lookup(did);
- if (dh != NULL)
- kcf_dh = dh;
- mutex_exit(&kcf_dh_lock);
-
- verify_unverified_providers();
-
- /* Start the timeout handler to get random numbers */
- if (rngtimer_started == 0) {
- kcf_rnd_schedule_timeout(B_TRUE);
- rngtimer_started = 1;
- }
- return (0);
-}
diff --git a/usr/src/uts/common/crypto/core/kcf_prov_tabs.c b/usr/src/uts/common/crypto/core/kcf_prov_tabs.c
index dd238b2a1c..1f69e2dd18 100644
--- a/usr/src/uts/common/crypto/core/kcf_prov_tabs.c
+++ b/usr/src/uts/common/crypto/core/kcf_prov_tabs.c
@@ -869,58 +869,6 @@ kcf_prov_tab_dump(char *message)
#endif /* DEBUG */
-/*
- * This function goes through the provider table and verifies
- * any KCF_PROV_UNVERIFIED providers.
- *
- * This is called when kcfd is up and the door handle is ready. It is
- * again called when the status of FIPS 140 has been determined, so providers
- * delayed by FIPS 140 can now be verified.
- */
-void
-verify_unverified_providers()
-{
- int i;
- kcf_provider_desc_t *pd;
- boolean_t need_verify;
-
- if (kcf_dh == NULL)
- return;
-
- mutex_enter(&prov_tab_mutex);
-
- for (i = 0; i < KCF_MAX_PROVIDERS; i++) {
- if ((pd = prov_tab[i]) == NULL)
- continue;
-
- if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER)
- continue;
-
- mutex_enter(&pd->pd_lock);
- need_verify = pd->pd_state == KCF_PROV_UNVERIFIED;
- mutex_exit(&pd->pd_lock);
-
- if (!need_verify)
- continue;
-
- KCF_PROV_REFHOLD(pd);
-
- /*
- * We need to drop this lock, since it could be
- * acquired by kcf_verify_signature().
- * This is safe, as any providers that are
- * added to the table after we dropped the
- * lock *will see* a non NULL kcf_dh and hence
- * would have been verified by other means.
- */
- mutex_exit(&prov_tab_mutex);
- /* This routine will release the above holds */
- kcf_verify_signature(pd);
- mutex_enter(&prov_tab_mutex);
- }
-
- mutex_exit(&prov_tab_mutex);
-}
/* protected by prov_tab_mutex */
boolean_t kcf_need_provtab_walk = B_FALSE;
diff --git a/usr/src/uts/common/crypto/core/kcf_sched.c b/usr/src/uts/common/crypto/core/kcf_sched.c
index 2e48aa29ee..f7bcc5a657 100644
--- a/usr/src/uts/common/crypto/core/kcf_sched.c
+++ b/usr/src/uts/common/crypto/core/kcf_sched.c
@@ -23,6 +23,10 @@
*/
/*
+ * Copyright 2010 Nexenta Systems, Inc. All rights reserved.
+ */
+
+/*
* This file contains the core framework routines for the
* kernel cryptographic framework. These routines are at the
* layer, between the kernel API/ioctls and the SPI.
@@ -89,14 +93,15 @@ static kcf_areq_node_t *kcf_areqnode_alloc(kcf_provider_desc_t *,
kcf_context_t *, crypto_call_req_t *, kcf_req_params_t *, boolean_t);
static int kcf_disp_sw_request(kcf_areq_node_t *);
static void process_req_hwp(void *);
-static kcf_areq_node_t *kcf_dequeue();
+static kcf_areq_node_t *kcf_dequeue(void);
static int kcf_enqueue(kcf_areq_node_t *);
-static void kcf_failover_thread();
-static void kcfpool_alloc();
+static void kcfpool_alloc(void);
static void kcf_reqid_delete(kcf_areq_node_t *areq);
static crypto_req_id_t kcf_reqid_insert(kcf_areq_node_t *areq);
static int kcf_misc_kstat_update(kstat_t *ksp, int rw);
-static void compute_min_max_threads();
+static void compute_min_max_threads(void);
+static void kcfpool_svc(void *);
+static void kcfpoold(void *);
/*
@@ -198,18 +203,12 @@ kcf_areqnode_alloc(kcf_provider_desc_t *pd, kcf_context_t *ictx,
/*
* Queue the request node and do one of the following:
* - If there is an idle thread signal it to run.
- * - If there is no idle thread and max running threads is not
- * reached, signal the creator thread for more threads.
- *
- * If the two conditions above are not met, we don't need to do
- * any thing. The request will be picked up by one of the
- * worker threads when it becomes available.
+ * - Else, signal the creator thread to possibly create more threads.
*/
static int
kcf_disp_sw_request(kcf_areq_node_t *areq)
{
int err;
- int cnt = 0;
if ((err = kcf_enqueue(areq)) != 0)
return (err);
@@ -223,29 +222,10 @@ kcf_disp_sw_request(kcf_areq_node_t *areq)
return (CRYPTO_QUEUED);
}
- /*
- * We keep the number of running threads to be at
- * kcf_minthreads to reduce gs_lock contention.
- */
- cnt = kcf_minthreads -
- (kcfpool->kp_threads - kcfpool->kp_blockedthreads);
- if (cnt > 0) {
- /*
- * The following ensures the number of threads in pool
- * does not exceed kcf_maxthreads.
- */
- cnt = min(cnt, kcf_maxthreads - kcfpool->kp_threads);
- if (cnt > 0) {
- /* Signal the creator thread for more threads */
- mutex_enter(&kcfpool->kp_user_lock);
- if (!kcfpool->kp_signal_create_thread) {
- kcfpool->kp_signal_create_thread = B_TRUE;
- kcfpool->kp_nthrs = cnt;
- cv_signal(&kcfpool->kp_user_cv);
- }
- mutex_exit(&kcfpool->kp_user_lock);
- }
- }
+ /* Signal the creator thread for more threads */
+ mutex_enter(&kcfpool->kp_lock);
+ cv_signal(&kcfpool->kp_cv);
+ mutex_exit(&kcfpool->kp_lock);
return (CRYPTO_QUEUED);
}
@@ -959,7 +939,7 @@ kcf_remove_node(kcf_areq_node_t *node)
* The caller must hold the queue lock.
*/
static kcf_areq_node_t *
-kcf_dequeue()
+kcf_dequeue(void)
{
kcf_areq_node_t *tnode = NULL;
@@ -1019,27 +999,12 @@ kcf_enqueue(kcf_areq_node_t *node)
}
/*
- * Decrement the thread pool count and signal the failover
- * thread if we are the last one out.
- */
-static void
-kcf_decrcnt_andsignal()
-{
- KCF_ATOMIC_DECR(kcfpool->kp_threads);
-
- mutex_enter(&kcfpool->kp_thread_lock);
- if (kcfpool->kp_threads == 0)
- cv_signal(&kcfpool->kp_nothr_cv);
- mutex_exit(&kcfpool->kp_thread_lock);
-}
-
-/*
* Function run by a thread from kcfpool to work on global software queue.
- * It is called from ioctl(CRYPTO_POOL_RUN, ...).
*/
-int
-kcf_svc_do_run(void)
+void
+kcfpool_svc(void *arg)
{
+ _NOTE(ARGUNUSED(arg));
int error = 0;
clock_t rv;
clock_t timeout_val = drv_usectohz(kcf_idlethr_timeout);
@@ -1054,33 +1019,25 @@ kcf_svc_do_run(void)
while ((req = kcf_dequeue()) == NULL) {
KCF_ATOMIC_INCR(kcfpool->kp_idlethreads);
- rv = cv_reltimedwait_sig(&gswq->gs_cv,
+ rv = cv_reltimedwait(&gswq->gs_cv,
&gswq->gs_lock, timeout_val, TR_CLOCK_TICK);
KCF_ATOMIC_DECR(kcfpool->kp_idlethreads);
switch (rv) {
case 0:
- /*
- * A signal (as in kill(2)) is pending. We did
- * not get any cv_signal().
- */
- kcf_decrcnt_andsignal();
- mutex_exit(&gswq->gs_lock);
- return (EINTR);
-
case -1:
/*
- * Timed out and we are not signaled. Let us
- * see if this thread should exit. We should
- * keep at least kcf_minthreads.
+ * Woke up with no work to do. Check
+ * if this thread should exit. We keep
+ * at least kcf_minthreads.
*/
if (kcfpool->kp_threads > kcf_minthreads) {
- kcf_decrcnt_andsignal();
+ KCF_ATOMIC_DECR(kcfpool->kp_threads);
mutex_exit(&gswq->gs_lock);
- return (0);
+ return;
}
- /* Resume the wait for work */
+ /* Resume the wait for work. */
break;
default:
@@ -1243,8 +1200,6 @@ kcf_sched_init(void)
sizeof (struct kcf_context), 64, kcf_context_cache_constructor,
kcf_context_cache_destructor, NULL, NULL, NULL, 0);
- mutex_init(&kcf_dh_lock, NULL, MUTEX_DEFAULT, NULL);
-
gswq = kmem_alloc(sizeof (kcf_global_swq_t), KM_SLEEP);
mutex_init(&gswq->gs_lock, NULL, MUTEX_DEFAULT, NULL);
@@ -1297,10 +1252,6 @@ kcf_sched_start(void)
if (kcf_sched_running)
return;
- /* Start the failover kernel thread for now */
- (void) thread_create(NULL, 0, &kcf_failover_thread, 0, 0, &p0,
- TS_RUN, minclsyspri);
-
/* Start the background processing thread. */
(void) thread_create(NULL, 0, &crypto_bufcall_service, 0, 0, &p0,
TS_RUN, minclsyspri);
@@ -1426,94 +1377,96 @@ kcf_aop_done(kcf_areq_node_t *areq, int error)
}
/*
- * Allocate the thread pool and initialize all the fields.
+ * kcfpool thread spawner. This runs as a process that never exits.
+ * Its a process so that the threads it owns can be manipulated via priocntl.
*/
static void
-kcfpool_alloc()
+kcfpoold(void *arg)
{
- kcfpool = kmem_alloc(sizeof (kcf_pool_t), KM_SLEEP);
-
- kcfpool->kp_threads = kcfpool->kp_idlethreads = 0;
- kcfpool->kp_blockedthreads = 0;
- kcfpool->kp_signal_create_thread = B_FALSE;
- kcfpool->kp_nthrs = 0;
- kcfpool->kp_user_waiting = B_FALSE;
-
- mutex_init(&kcfpool->kp_thread_lock, NULL, MUTEX_DEFAULT, NULL);
- cv_init(&kcfpool->kp_nothr_cv, NULL, CV_DEFAULT, NULL);
-
- mutex_init(&kcfpool->kp_user_lock, NULL, MUTEX_DEFAULT, NULL);
- cv_init(&kcfpool->kp_user_cv, NULL, CV_DEFAULT, NULL);
+ callb_cpr_t cprinfo;
+ user_t *pu = PTOU(curproc);
+ int cnt;
+ clock_t timeout_val = drv_usectohz(kcf_idlethr_timeout);
+ _NOTE(ARGUNUSED(arg));
- kcf_idlethr_timeout = KCF_DEFAULT_THRTIMEOUT;
-}
-
-/*
- * This function is run by the 'creator' thread in the pool.
- * It is called from ioctl(CRYPTO_POOL_WAIT, ...).
- */
-int
-kcf_svc_wait(int *nthrs)
-{
- clock_t rv;
- clock_t timeout_val = drv_usectohz(kcf_idlethr_timeout);
+ CALLB_CPR_INIT(&cprinfo, &kcfpool->kp_lock,
+ callb_generic_cpr, "kcfpool");
- if (kcfpool == NULL)
- return (ENOENT);
+ /* make our process "kcfpoold" */
+ (void) snprintf(pu->u_psargs, sizeof (pu->u_psargs), "kcfpoold");
+ (void) strlcpy(pu->u_comm, pu->u_psargs, sizeof (pu->u_comm));
- mutex_enter(&kcfpool->kp_user_lock);
- /* Check if there's already a user thread waiting on this kcfpool */
- if (kcfpool->kp_user_waiting) {
- mutex_exit(&kcfpool->kp_user_lock);
- *nthrs = 0;
- return (EBUSY);
- }
+ mutex_enter(&kcfpool->kp_lock);
- kcfpool->kp_user_waiting = B_TRUE;
+ /*
+ * Go to sleep, waiting for the signaled flag. Note that as
+ * we always do the same thing, and its always idempotent, we
+ * don't even need to have a real condition to check against.
+ */
+ for (;;) {
+ int rv;
+
+ CALLB_CPR_SAFE_BEGIN(&cprinfo);
+ rv = cv_reltimedwait(&kcfpool->kp_cv,
+ &kcfpool->kp_lock, timeout_val, TR_CLOCK_TICK);
+ CALLB_CPR_SAFE_END(&cprinfo, &kcfpool->kp_lock);
- /* Go to sleep, waiting for the signaled flag. */
- while (!kcfpool->kp_signal_create_thread) {
- rv = cv_reltimedwait_sig(&kcfpool->kp_user_cv,
- &kcfpool->kp_user_lock, timeout_val, TR_CLOCK_TICK);
switch (rv) {
- case 0:
- /* Interrupted, return to handle exit or signal */
- kcfpool->kp_user_waiting = B_FALSE;
- kcfpool->kp_signal_create_thread = B_FALSE;
- mutex_exit(&kcfpool->kp_user_lock);
- /*
- * kcfd is exiting. Release the door and
- * invalidate it.
- */
- mutex_enter(&kcf_dh_lock);
- if (kcf_dh != NULL) {
- door_ki_rele(kcf_dh);
- kcf_dh = NULL;
- }
- mutex_exit(&kcf_dh_lock);
- return (EINTR);
-
case -1:
/* Timed out. Recalculate the min/max threads */
compute_min_max_threads();
break;
default:
- /* Worker thread did a cv_signal() */
+ /* Someone may be looking for a worker thread */
break;
}
+
+ /*
+ * We keep the number of running threads to be at
+ * kcf_minthreads to reduce gs_lock contention.
+ */
+ cnt = kcf_minthreads -
+ (kcfpool->kp_threads - kcfpool->kp_blockedthreads);
+ if (cnt > 0) {
+ /*
+ * The following ensures the number of threads in pool
+ * does not exceed kcf_maxthreads.
+ */
+ cnt = min(cnt, kcf_maxthreads - kcfpool->kp_threads);
+ }
+
+ for (int i = 0; i < cnt; i++) {
+ (void) lwp_kernel_create(curproc,
+ kcfpool_svc, NULL, TS_RUN, curthread->t_pri);
+ }
}
+}
- kcfpool->kp_signal_create_thread = B_FALSE;
- kcfpool->kp_user_waiting = B_FALSE;
+/*
+ * Allocate the thread pool and initialize all the fields.
+ */
+static void
+kcfpool_alloc(void)
+{
+ kcfpool = kmem_alloc(sizeof (kcf_pool_t), KM_SLEEP);
+
+ kcfpool->kp_threads = kcfpool->kp_idlethreads = 0;
+ kcfpool->kp_blockedthreads = 0;
- *nthrs = kcfpool->kp_nthrs;
- mutex_exit(&kcfpool->kp_user_lock);
+ mutex_init(&kcfpool->kp_lock, NULL, MUTEX_DEFAULT, NULL);
+ cv_init(&kcfpool->kp_cv, NULL, CV_DEFAULT, NULL);
- /* Return to userland for possible thread creation. */
- return (0);
-}
+ kcf_idlethr_timeout = KCF_DEFAULT_THRTIMEOUT;
+ /*
+ * Create the daemon thread.
+ */
+ if (newproc(kcfpoold, NULL, syscid, minclsyspri,
+ NULL, 0) != 0) {
+ cmn_err(CE_PANIC, "unable to fork kcfpoold()");
+ }
+}
/*
* This routine introduces a locking order for gswq->gs_lock followed
@@ -1522,7 +1475,7 @@ kcf_svc_wait(int *nthrs)
* k-api routines.
*/
static void
-compute_min_max_threads()
+compute_min_max_threads(void)
{
mutex_enter(&gswq->gs_lock);
mutex_enter(&cpu_lock);
@@ -1534,96 +1487,6 @@ compute_min_max_threads()
}
/*
- * This is the main routine of the failover kernel thread.
- * If there are any threads in the pool we sleep. The last thread in the
- * pool to exit will signal us to get to work. We get back to sleep
- * once we detect that the pool has threads.
- *
- * Note that in the hand-off from us to a pool thread we get to run once.
- * Since this hand-off is a rare event this should be fine.
- */
-static void
-kcf_failover_thread()
-{
- int error = 0;
- kcf_context_t *ictx;
- kcf_areq_node_t *req;
- callb_cpr_t cpr_info;
- kmutex_t cpr_lock;
- static boolean_t is_logged = B_FALSE;
-
- mutex_init(&cpr_lock, NULL, MUTEX_DEFAULT, NULL);
- CALLB_CPR_INIT(&cpr_info, &cpr_lock, callb_generic_cpr,
- "kcf_failover_thread");
-
- for (;;) {
- /*
- * Wait if there are any threads are in the pool.
- */
- if (kcfpool->kp_threads > 0) {
- mutex_enter(&cpr_lock);
- CALLB_CPR_SAFE_BEGIN(&cpr_info);
- mutex_exit(&cpr_lock);
-
- mutex_enter(&kcfpool->kp_thread_lock);
- cv_wait(&kcfpool->kp_nothr_cv,
- &kcfpool->kp_thread_lock);
- mutex_exit(&kcfpool->kp_thread_lock);
-
- mutex_enter(&cpr_lock);
- CALLB_CPR_SAFE_END(&cpr_info, &cpr_lock);
- mutex_exit(&cpr_lock);
- is_logged = B_FALSE;
- }
-
- /*
- * Get the requests from the queue and wait if needed.
- */
- mutex_enter(&gswq->gs_lock);
-
- while ((req = kcf_dequeue()) == NULL) {
- mutex_enter(&cpr_lock);
- CALLB_CPR_SAFE_BEGIN(&cpr_info);
- mutex_exit(&cpr_lock);
-
- KCF_ATOMIC_INCR(kcfpool->kp_idlethreads);
- cv_wait(&gswq->gs_cv, &gswq->gs_lock);
- KCF_ATOMIC_DECR(kcfpool->kp_idlethreads);
-
- mutex_enter(&cpr_lock);
- CALLB_CPR_SAFE_END(&cpr_info, &cpr_lock);
- mutex_exit(&cpr_lock);
- }
-
- mutex_exit(&gswq->gs_lock);
-
- /*
- * We check the kp_threads since kcfd could have started
- * while we are waiting on the global software queue.
- */
- if ((kcfpool->kp_threads == 0) && !is_logged) {
- cmn_err(CE_WARN, "kcfd is not running. Please check "
- "and restart kcfd. Using the failover kernel "
- "thread for now.\n");
- is_logged = B_TRUE;
- }
-
- /*
- * Get to work on the request.
- */
- ictx = req->an_context;
- mutex_enter(&req->an_lock);
- req->an_state = REQ_INPROGRESS;
- mutex_exit(&req->an_lock);
-
- error = common_submit_request(req->an_provider, ictx ?
- &ictx->kc_glbl_ctx : NULL, &req->an_params, req);
-
- kcf_aop_done(req, error);
- }
-}
-
-/*
* Insert the async request in the hash table after assigning it
* an ID. Returns the ID.
*
@@ -1831,7 +1694,6 @@ crypto_cancel_ctx(crypto_context_t ctx)
static int
kcf_misc_kstat_update(kstat_t *ksp, int rw)
{
- uint_t tcnt;
kcf_stats_t *ks_data;
if (rw == KSTAT_WRITE)
@@ -1840,14 +1702,7 @@ kcf_misc_kstat_update(kstat_t *ksp, int rw)
ks_data = ksp->ks_data;
ks_data->ks_thrs_in_pool.value.ui32 = kcfpool->kp_threads;
- /*
- * The failover thread is counted in kp_idlethreads in
- * some corner cases. This is done to avoid doing more checks
- * when submitting a request. We account for those cases below.
- */
- if ((tcnt = kcfpool->kp_idlethreads) == (kcfpool->kp_threads + 1))
- tcnt--;
- ks_data->ks_idle_thrs.value.ui32 = tcnt;
+ ks_data->ks_idle_thrs.value.ui32 = kcfpool->kp_idlethreads;
ks_data->ks_minthrs.value.ui32 = kcf_minthreads;
ks_data->ks_maxthrs.value.ui32 = kcf_maxthreads;
ks_data->ks_swq_njobs.value.ui32 = gswq->gs_njobs;
diff --git a/usr/src/uts/common/crypto/io/aes.c b/usr/src/uts/common/crypto/io/aes.c
index 2c966064cd..626058cefa 100644
--- a/usr/src/uts/common/crypto/io/aes.c
+++ b/usr/src/uts/common/crypto/io/aes.c
@@ -37,7 +37,6 @@
#include <sys/sysmacros.h>
#include <sys/strsun.h>
#include <modes/modes.h>
-#define _AES_FIPS_POST
#define _AES_IMPL
#include <aes/aes_impl.h>
@@ -186,12 +185,6 @@ static crypto_ctx_ops_t aes_ctx_ops = {
aes_free_context
};
-static void aes_POST(int *);
-
-static crypto_fips140_ops_t aes_fips140_ops = {
- aes_POST
-};
-
static crypto_ops_t aes_crypto_ops = {
&aes_control_ops,
NULL,
@@ -209,7 +202,7 @@ static crypto_ops_t aes_crypto_ops = {
&aes_ctx_ops,
NULL,
NULL,
- &aes_fips140_ops
+ NULL,
};
static crypto_provider_info_t aes_prov_info = {
@@ -1530,32 +1523,3 @@ aes_mac_verify_atomic(crypto_provider_handle_t provider,
return (aes_decrypt_atomic(provider, session_id, &gcm_mech,
key, mac, &null_crypto_data, template, req));
}
-
-/*
- * AES Power-Up Self-Test
- */
-void
-aes_POST(int *rc)
-{
-
- int ret;
-
- /* AES Power-Up Self-Test for 128-bit key. */
- ret = fips_aes_post(FIPS_AES_128_KEY_SIZE);
-
- if (ret != CRYPTO_SUCCESS)
- goto out;
-
- /* AES Power-Up Self-Test for 192-bit key. */
- ret = fips_aes_post(FIPS_AES_192_KEY_SIZE);
-
- if (ret != CRYPTO_SUCCESS)
- goto out;
-
- /* AES Power-Up Self-Test for 256-bit key. */
- ret = fips_aes_post(FIPS_AES_256_KEY_SIZE);
-
-out:
- *rc = ret;
-
-}
diff --git a/usr/src/uts/common/crypto/io/cryptoadm.c b/usr/src/uts/common/crypto/io/cryptoadm.c
index bddc6d4778..1192f382d7 100644
--- a/usr/src/uts/common/crypto/io/cryptoadm.c
+++ b/usr/src/uts/common/crypto/io/cryptoadm.c
@@ -172,7 +172,6 @@ cryptoadm_attach(dev_info_t *dip, ddi_attach_cmd_t cmd)
return (DDI_FAILURE);
}
- mutex_init(&fips140_mode_lock, NULL, MUTEX_DEFAULT, NULL);
cryptoadm_dip = dip;
return (DDI_SUCCESS);
@@ -770,119 +769,10 @@ out2:
return (error);
}
-/*
- * This ioctl loads a door descriptor into the kernel. The descriptor
- * is used for module verification.
- */
-/* ARGSUSED */
-static int
-load_door(dev_t dev, caddr_t arg, int mode, int *rval)
-{
- crypto_load_door_t load_door;
- uint32_t rv;
- int error = 0;
-
- if (copyin(arg, &load_door, sizeof (crypto_load_door_t)) != 0) {
- error = EFAULT;
- goto out2;
- }
-
- if (crypto_load_door(load_door.ld_did) != 0) {
- rv = CRYPTO_FAILED;
- goto out;
- }
- rv = CRYPTO_SUCCESS;
-out:
- load_door.ld_return_value = rv;
-
- if (copyout(&load_door, arg, sizeof (crypto_load_door_t)) != 0)
- error = EFAULT;
-
-out2:
- if (AU_AUDITING())
- audit_cryptoadm(CRYPTO_LOAD_DOOR, NULL, NULL,
- 0, 0, rv, error);
- return (error);
-}
-
-/*
- * This function enables/disables FIPS140 mode or gets the current
- * FIPS 140 mode status.
- *
- * CRYPTO_FIPS140_STATUS: Returns back the value of global_fips140_mode.
- * CRYPTO_FIPS140_SET: Recognizes 2 operations from userland:
- * FIPS140_ENABLE or FIPS140_DISABLE. These can only be
- * called when global_fips140_mode is FIPS140_MODE_UNSET
- * as they are only operations that can be performed at
- * bootup.
- */
-/* ARGSUSED */
-static int
-fips140_actions(dev_t dev, caddr_t arg, int mode, int *rval, int cmd)
-{
- crypto_fips140_t fips140_info;
- uint32_t rv = CRYPTO_SUCCESS;
- int error = 0;
-
- if (copyin(arg, &fips140_info, sizeof (crypto_fips140_t)) != 0)
- return (EFAULT);
-
- switch (cmd) {
- case CRYPTO_FIPS140_STATUS:
- fips140_info.fips140_status = global_fips140_mode;
- break;
- case CRYPTO_FIPS140_SET:
- /* If the mode has been determined, there is nothing to set */
- mutex_enter(&fips140_mode_lock);
-
- if (fips140_info.fips140_op == FIPS140_ENABLE &&
- global_fips140_mode == FIPS140_MODE_UNSET) {
- /*
- * If FIPS 140 is enabled, all approriate modules
- * must be loaded and validated. This can be done in
- * the background as the rest of the OS comes up.
- */
- global_fips140_mode = FIPS140_MODE_VALIDATING;
- (void) thread_create(NULL, 0, kcf_fips140_validate,
- NULL, 0, &p0, TS_RUN, MAXCLSYSPRI);
- cv_signal(&cv_fips140);
-
- } else if (fips140_info.fips140_op == FIPS140_DISABLE &&
- global_fips140_mode == FIPS140_MODE_UNSET) {
- /*
- * If FIPS 140 is not enabled, any modules that are
- * waiting for validation must be released so they
- * can be verified.
- */
- global_fips140_mode = FIPS140_MODE_DISABLED;
- kcf_activate();
- cv_signal(&cv_fips140);
-
- } else if (fips140_info.fips140_op != FIPS140_DISABLE &&
- fips140_info.fips140_op != FIPS140_ENABLE) {
- rv = CRYPTO_ARGUMENTS_BAD;
- }
-
- mutex_exit(&fips140_mode_lock);
- break;
-
- default:
- rv = CRYPTO_ARGUMENTS_BAD;
- }
-
- fips140_info.fips140_return_value = rv;
-
- if (copyout(&fips140_info, arg, sizeof (crypto_fips140_t)) != 0)
- error = EFAULT;
-
- return (error);
-}
-
static int
cryptoadm_ioctl(dev_t dev, int cmd, intptr_t arg, int mode, cred_t *c,
int *rval)
{
- uint32_t auditing = AU_AUDITING();
int error;
#define ARG ((caddr_t)arg)
@@ -891,9 +781,6 @@ cryptoadm_ioctl(dev_t dev, int cmd, intptr_t arg, int mode, cred_t *c,
case CRYPTO_LOAD_SOFT_DISABLED:
case CRYPTO_LOAD_SOFT_CONFIG:
case CRYPTO_UNLOAD_SOFT_MODULE:
- case CRYPTO_POOL_CREATE:
- case CRYPTO_POOL_WAIT:
- case CRYPTO_POOL_RUN:
case CRYPTO_LOAD_DOOR:
case CRYPTO_FIPS140_SET:
if ((error = drv_priv(c)) != 0)
@@ -926,55 +813,6 @@ cryptoadm_ioctl(dev_t dev, int cmd, intptr_t arg, int mode, cred_t *c,
case CRYPTO_UNLOAD_SOFT_MODULE:
return (unload_soft_module(dev, ARG, mode, rval));
-
- case CRYPTO_POOL_CREATE:
- /*
- * The framework allocates and initializes the pool.
- * So, this is a no op. We are keeping this ioctl around
- * to be used for any future threadpool related work.
- */
- if (auditing)
- audit_cryptoadm(CRYPTO_POOL_CREATE, NULL, NULL,
- 0, 0, 0, 0);
- return (0);
-
- case CRYPTO_POOL_WAIT: {
- int nthrs = 0, err;
-
- if ((err = kcf_svc_wait(&nthrs)) == 0) {
- if (copyout((caddr_t)&nthrs, ARG, sizeof (int))
- == -1)
- err = EFAULT;
- }
- if (auditing)
- audit_cryptoadm(CRYPTO_POOL_WAIT, NULL, NULL,
- 0, 0, 0, err);
- return (err);
- }
-
- case CRYPTO_POOL_RUN: {
- int err;
-
- err = kcf_svc_do_run();
- if (auditing)
- audit_cryptoadm(CRYPTO_POOL_RUN, NULL, NULL,
- 0, 0, 0, err);
- return (err);
- }
-
- case CRYPTO_LOAD_DOOR:
- return (load_door(dev, ARG, mode, rval));
- case CRYPTO_FIPS140_STATUS:
- return (fips140_actions(dev, ARG, mode, rval, cmd));
- case CRYPTO_FIPS140_SET: {
- int err;
-
- err = fips140_actions(dev, ARG, mode, rval, cmd);
- if (auditing)
- audit_cryptoadm(CRYPTO_FIPS140_SET, NULL, NULL,
- 0, 0, 0, err);
- return (err);
- }
}
return (EINVAL);
diff --git a/usr/src/uts/common/crypto/io/ecc.c b/usr/src/uts/common/crypto/io/ecc.c
index 3d1a2c6317..40c878466f 100644
--- a/usr/src/uts/common/crypto/io/ecc.c
+++ b/usr/src/uts/common/crypto/io/ecc.c
@@ -22,6 +22,9 @@
* Copyright 2010 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
+/*
+ * Copyright 2010 Nexenta Systems, Inc. All rights reserved.
+ */
#include <sys/types.h>
#include <sys/systm.h>
@@ -188,13 +191,6 @@ static crypto_nostore_key_ops_t ecc_nostore_key_ops = {
ecc_nostore_key_derive
};
-static void ecc_POST(int *);
-
-static crypto_fips140_ops_t ecc_fips140_ops = {
- ecc_POST
-};
-
-
static crypto_ops_t ecc_crypto_ops = {
&ecc_control_ops,
NULL,
@@ -212,7 +208,7 @@ static crypto_ops_t ecc_crypto_ops = {
NULL,
NULL,
&ecc_nostore_key_ops,
- &ecc_fips140_ops
+ NULL,
};
static crypto_provider_info_t ecc_prov_info = {
@@ -239,10 +235,6 @@ static void ecc_free_context(crypto_ctx_t *);
static void free_ecparams(ECParams *, boolean_t);
static void free_ecprivkey(ECPrivateKey *);
-static int fips_pairwise_check(ECPrivateKey *);
-extern int fips_ecdsa_post(void);
-
-
int
_init(void)
{
@@ -406,7 +398,7 @@ ecc_knzero_random_generator(uint8_t *ran_out, size_t ran_len)
uint8_t extrarand[32];
size_t extrarand_len;
- if ((rv = random_get_pseudo_bytes_fips140(ran_out, ran_len)) != 0)
+ if ((rv = random_get_pseudo_bytes(ran_out, ran_len)) != 0)
return (rv);
/*
@@ -429,7 +421,7 @@ ecc_knzero_random_generator(uint8_t *ran_out, size_t ran_len)
if (ebc == 0) {
/* refresh extrarand */
extrarand_len = sizeof (extrarand);
- if ((rv = random_get_pseudo_bytes_fips140(extrarand,
+ if ((rv = random_get_pseudo_bytes(extrarand,
extrarand_len)) != 0) {
return (rv);
}
@@ -1167,13 +1159,6 @@ ecc_nostore_key_generate_pair(crypto_provider_handle_t provider,
bcopy(privKey->publicValue.data, point, xylen);
pub_out_template[point_idx].oa_value_len = xylen;
- if (kcf_get_fips140_mode() == FIPS140_MODE_ENABLED) {
- /* Pair-wise consistency test */
- if ((rv = fips_pairwise_check(privKey)) != CRYPTO_SUCCESS)
- cmn_err(CE_WARN, "ecc: fips_pairwise_check() "
- "failed (0x%x).", rv);
- }
-
out:
free_ecprivkey(privKey);
free_ecparams(ecparams, B_TRUE);
@@ -1334,73 +1319,3 @@ free_ecprivkey(ECPrivateKey *key)
SECITEM_FreeItem(&key->version, B_FALSE);
kmem_free(key, sizeof (ECPrivateKey));
}
-
-/*
- * Pair-wise Consistency Test
- */
-static int
-fips_pairwise_check(ECPrivateKey *ecdsa_private_key)
-{
-
- SECItem signature_item;
- SECItem digest_item;
- uchar_t signed_data[EC_MAX_SIG_LEN];
- uchar_t sha1[SHA1_DIGEST_SIZE];
- ECPublicKey ecdsa_public_key;
- SHA1_CTX *sha1_context;
- int rv;
- static uint8_t msg[] = {
- "OpenSolarisCommunity"
- };
-
- /* construct public key from private key. */
- if ((EC_CopyParams(ecdsa_private_key->ecParams.arena,
- &ecdsa_public_key.ecParams, &ecdsa_private_key->ecParams))
- != SECSuccess)
- return (CRYPTO_FAILED);
-
- ecdsa_public_key.publicValue = ecdsa_private_key->publicValue;
-
- if ((sha1_context = kmem_zalloc(sizeof (SHA1_CTX),
- KM_SLEEP)) == NULL)
- return (CRYPTO_HOST_MEMORY);
-
- SHA1Init(sha1_context);
- SHA1Update(sha1_context, msg, SHA1_DIGEST_SIZE);
- SHA1Final(sha1, sha1_context);
-
- digest_item.data = sha1;
- digest_item.len = SHA1_DIGEST_SIZE;
- signature_item.data = signed_data;
- signature_item.len = sizeof (signed_data);
-
- if ((ECDSA_SignDigest(ecdsa_private_key, &signature_item,
- &digest_item, 0)) != SECSuccess) {
- rv = CRYPTO_FAILED;
- goto loser;
- }
-
- if (ECDSA_VerifyDigest(&ecdsa_public_key, &signature_item,
- &digest_item, 0) != SECSuccess) {
- rv = CRYPTO_SIGNATURE_INVALID;
- } else {
- rv = CRYPTO_SUCCESS;
- }
-
-loser:
- kmem_free(sha1_context, sizeof (SHA1_CTX));
- return (rv);
-
-}
-
-
-/*
- * ECC Power-Up Self-Test
- */
-void
-ecc_POST(int *rc)
-{
-
- *rc = fips_ecdsa_post();
-
-}
diff --git a/usr/src/uts/common/crypto/io/rsa.c b/usr/src/uts/common/crypto/io/rsa.c
index eff25fa42a..6bb2f5b181 100644
--- a/usr/src/uts/common/crypto/io/rsa.c
+++ b/usr/src/uts/common/crypto/io/rsa.c
@@ -44,7 +44,6 @@
#include <sha1/sha1_impl.h>
#include <sha2/sha2_impl.h>
#include <padding/padding.h>
-#define _RSA_FIPS_POST
#include <rsa/rsa_impl.h>
extern struct mod_ops mod_cryptoops;
@@ -275,12 +274,6 @@ static crypto_ctx_ops_t rsa_ctx_ops = {
rsa_free_context
};
-static void rsa_POST(int *);
-
-static crypto_fips140_ops_t rsa_fips140_ops = {
- rsa_POST
-};
-
static crypto_ops_t rsa_crypto_ops = {
&rsa_control_ops,
NULL,
@@ -298,7 +291,7 @@ static crypto_ops_t rsa_crypto_ops = {
&rsa_ctx_ops,
NULL,
NULL,
- &rsa_fips140_ops
+ NULL,
};
static crypto_provider_info_t rsa_prov_info = {
@@ -432,7 +425,7 @@ knzero_random_generator(uint8_t *ran_out, size_t ran_len)
uint8_t extrarand[32];
size_t extrarand_len;
- if ((rv = random_get_pseudo_bytes_fips140(ran_out, ran_len)) != 0)
+ if ((rv = random_get_pseudo_bytes(ran_out, ran_len)) != 0)
return (rv);
/*
@@ -455,7 +448,7 @@ knzero_random_generator(uint8_t *ran_out, size_t ran_len)
if (ebc == 0) {
/* refresh extrarand */
extrarand_len = sizeof (extrarand);
- if ((rv = random_get_pseudo_bytes_fips140(extrarand,
+ if ((rv = random_get_pseudo_bytes(extrarand,
extrarand_len)) != 0) {
return (rv);
}
@@ -1599,14 +1592,3 @@ rsa_verify_recover_atomic(crypto_provider_handle_t provider,
return (rsa_verify_recover_common(mechanism->cm_type, key,
signature, data));
}
-
-/*
- * RSA Power-On Self-Test
- */
-void
-rsa_POST(int *rc)
-{
-
- *rc = fips_rsa_post();
-
-}
diff --git a/usr/src/uts/common/crypto/io/sha1_mod.c b/usr/src/uts/common/crypto/io/sha1_mod.c
index 001eec766b..576524403c 100644
--- a/usr/src/uts/common/crypto/io/sha1_mod.c
+++ b/usr/src/uts/common/crypto/io/sha1_mod.c
@@ -163,12 +163,6 @@ static crypto_ctx_ops_t sha1_ctx_ops = {
sha1_free_context
};
-static void sha1_POST(int *);
-
-static crypto_fips140_ops_t sha1_fips140_ops = {
- sha1_POST
-};
-
static crypto_ops_t sha1_crypto_ops = {
&sha1_control_ops,
&sha1_digest_ops,
@@ -186,7 +180,7 @@ static crypto_ops_t sha1_crypto_ops = {
&sha1_ctx_ops,
NULL,
NULL,
- &sha1_fips140_ops
+ NULL,
};
static crypto_provider_info_t sha1_prov_info = {
@@ -1447,14 +1441,3 @@ sha1_free_context(crypto_ctx_t *ctx)
return (CRYPTO_SUCCESS);
}
-
-/*
- * SHA-1 Power-Up Self-Test
- */
-void
-sha1_POST(int *rc)
-{
-
- *rc = fips_sha1_post();
-
-}
diff --git a/usr/src/uts/common/crypto/io/sha2_mod.c b/usr/src/uts/common/crypto/io/sha2_mod.c
index 2d353ae499..301a97c868 100644
--- a/usr/src/uts/common/crypto/io/sha2_mod.c
+++ b/usr/src/uts/common/crypto/io/sha2_mod.c
@@ -189,12 +189,6 @@ static crypto_ctx_ops_t sha2_ctx_ops = {
sha2_free_context
};
-static void sha2_POST(int *);
-
-static crypto_fips140_ops_t sha2_fips140_ops = {
- sha2_POST
-};
-
static crypto_ops_t sha2_crypto_ops = {
&sha2_control_ops,
&sha2_digest_ops,
@@ -212,7 +206,7 @@ static crypto_ops_t sha2_crypto_ops = {
&sha2_ctx_ops,
NULL,
NULL,
- &sha2_fips140_ops
+ NULL,
};
static crypto_provider_info_t sha2_prov_info = {
@@ -1616,14 +1610,3 @@ sha2_free_context(crypto_ctx_t *ctx)
return (CRYPTO_SUCCESS);
}
-
-/*
- * SHA-2 Power-Up Self-Test
- */
-void
-sha2_POST(int *rc)
-{
-
- *rc = fips_sha2_post();
-
-}
diff --git a/usr/src/uts/common/crypto/io/swrand.c b/usr/src/uts/common/crypto/io/swrand.c
index 4c5dd443dc..dec74a9d8f 100644
--- a/usr/src/uts/common/crypto/io/swrand.c
+++ b/usr/src/uts/common/crypto/io/swrand.c
@@ -162,12 +162,6 @@ static crypto_random_number_ops_t swrand_random_number_ops = {
swrand_generate_random
};
-static void swrand_POST(int *);
-
-static crypto_fips140_ops_t swrand_fips140_ops = {
- swrand_POST
-};
-
static crypto_ops_t swrand_crypto_ops = {
&swrand_control_ops,
NULL,
@@ -185,7 +179,7 @@ static crypto_ops_t swrand_crypto_ops = {
NULL,
NULL,
NULL,
- &swrand_fips140_ops
+ NULL,
};
static crypto_provider_info_t swrand_prov_info = {
@@ -912,14 +906,3 @@ rnd_handler(void *arg)
mutex_exit(&srndpool_lock);
}
-
-/*
- * Swrand Power-Up Self-Test
- */
-void
-swrand_POST(int *rc)
-{
-
- *rc = fips_rng_post();
-
-}
diff --git a/usr/src/uts/common/crypto/spi/kcf_spi.c b/usr/src/uts/common/crypto/spi/kcf_spi.c
index 826b4ab838..94c7f4a3bb 100644
--- a/usr/src/uts/common/crypto/spi/kcf_spi.c
+++ b/usr/src/uts/common/crypto/spi/kcf_spi.c
@@ -22,6 +22,9 @@
* Copyright 2010 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
+/*
+ * Copyright 2010 Nexenta Systems, Inc. All rights reserved.
+ */
/*
* This file is part of the core Kernel Cryptographic Framework.
@@ -57,7 +60,6 @@ static void process_logical_providers(crypto_provider_info_t *,
kcf_provider_desc_t *);
static int init_prov_mechs(crypto_provider_info_t *, kcf_provider_desc_t *);
static int kcf_prov_kstat_update(kstat_t *, int);
-static void undo_register_provider_extra(kcf_provider_desc_t *);
static void delete_kstat(kcf_provider_desc_t *);
static kcf_prov_stats_t kcf_stats_ks_data_template = {
@@ -129,7 +131,6 @@ int
crypto_register_provider(crypto_provider_info_t *info,
crypto_kcf_provider_handle_t *handle)
{
- int need_fips140_verify, need_verify = 1;
struct modctl *mcp;
char *name;
char ks_name[KSTAT_STRLEN];
@@ -250,21 +251,6 @@ crypto_register_provider(crypto_provider_info_t *info,
goto bail;
}
- if ((need_verify = kcf_need_signature_verification(prov_desc)) == -1) {
- undo_register_provider(prov_desc, B_TRUE);
- ret = CRYPTO_MODVERIFICATION_FAILED;
- goto bail;
- }
-
- if ((need_fips140_verify =
- kcf_need_fips140_verification(prov_desc)) == -1) {
- mutex_enter(&prov_desc->pd_lock);
- prov_desc->pd_state = KCF_PROV_VERIFICATION_FAILED;
- mutex_exit(&prov_desc->pd_lock);
- ret = CRYPTO_FIPS140_ERROR;
- goto bail;
- }
-
/*
* We create a taskq only for a hardware provider. The global
* software queue is used for software providers. We handle ordering
@@ -367,47 +353,10 @@ crypto_register_provider(crypto_provider_info_t *info,
if (prov_desc->pd_prov_type == CRYPTO_HW_PROVIDER)
process_logical_providers(info, prov_desc);
- /* This provider needs to wait until we know the FIPS 140 status */
- if (need_fips140_verify == 1) {
- mutex_enter(&prov_desc->pd_lock);
- prov_desc->pd_state = KCF_PROV_UNVERIFIED_FIPS140;
- mutex_exit(&prov_desc->pd_lock);
- goto exit;
- }
-
- /* This provider needs to have the signature verified */
- if (need_verify == 1) {
- mutex_enter(&prov_desc->pd_lock);
- prov_desc->pd_state = KCF_PROV_UNVERIFIED;
- mutex_exit(&prov_desc->pd_lock);
-
- /* kcf_verify_signature routine will release this hold */
- KCF_PROV_REFHOLD(prov_desc);
-
- if (prov_desc->pd_prov_type == CRYPTO_HW_PROVIDER) {
- /*
- * It is not safe to make the door upcall to kcfd from
- * this context since the kcfd thread could reenter
- * devfs. So, we dispatch a taskq job to do the
- * verification and return to the provider.
- */
- (void) taskq_dispatch(system_taskq,
- kcf_verify_signature, (void *)prov_desc, TQ_SLEEP);
- } else if (prov_desc->pd_prov_type == CRYPTO_SW_PROVIDER) {
- kcf_verify_signature(prov_desc);
- if (prov_desc->pd_state ==
- KCF_PROV_VERIFICATION_FAILED) {
- undo_register_provider_extra(prov_desc);
- ret = CRYPTO_MODVERIFICATION_FAILED;
- goto bail;
- }
- }
- } else {
- mutex_enter(&prov_desc->pd_lock);
- prov_desc->pd_state = KCF_PROV_READY;
- mutex_exit(&prov_desc->pd_lock);
- kcf_do_notify(prov_desc, B_TRUE);
- }
+ mutex_enter(&prov_desc->pd_lock);
+ prov_desc->pd_state = KCF_PROV_READY;
+ mutex_exit(&prov_desc->pd_lock);
+ kcf_do_notify(prov_desc, B_TRUE);
exit:
*handle = prov_desc->pd_kcf_prov_handle;
@@ -955,13 +904,6 @@ undo_register_provider(kcf_provider_desc_t *desc, boolean_t remove_prov)
(void) kcf_prov_tab_rem_provider(desc->pd_prov_id);
}
-static void
-undo_register_provider_extra(kcf_provider_desc_t *desc)
-{
- delete_kstat(desc);
- undo_register_provider(desc, B_TRUE);
-}
-
/*
* Utility routine called from crypto_load_soft_disabled(). Callers
* should have done a prior undo_register_provider().
diff --git a/usr/src/uts/common/des/des_crypt.c b/usr/src/uts/common/des/des_crypt.c
index 0a2d2a81de..9d489e4d74 100644
--- a/usr/src/uts/common/des/des_crypt.c
+++ b/usr/src/uts/common/des/des_crypt.c
@@ -48,7 +48,7 @@
#include <sys/strsun.h>
#include <sys/note.h>
#include <modes/modes.h>
-#define _DES_FIPS_POST
+#define _DES_IMPL
#include <des/des_impl.h>
/* EXPORT DELETE START */
@@ -221,12 +221,6 @@ static crypto_key_ops_t des_key_ops = {
des_key_check
};
-static void des_POST(int *);
-
-static crypto_fips140_ops_t des_fips140_ops = {
- des_POST
-};
-
static crypto_ops_t des_crypto_ops = {
&des_control_ops,
NULL,
@@ -244,7 +238,7 @@ static crypto_ops_t des_crypto_ops = {
&des_ctx_ops,
NULL,
NULL,
- &des_fips140_ops
+ NULL
};
static crypto_provider_info_t des_prov_info = {
@@ -1232,14 +1226,3 @@ des_common_init_ctx(des_ctx_t *des_ctx, crypto_spi_ctx_template_t *template,
return (rv);
}
-
-/*
- * Triple DES Power-Up Self-Test
- */
-void
-des_POST(int *rc)
-{
-
- *rc = fips_des3_post();
-
-}
diff --git a/usr/src/uts/common/sys/crypto/elfsign.h b/usr/src/uts/common/sys/crypto/elfsign.h
index 82f2afca2a..d3ddff685f 100644
--- a/usr/src/uts/common/sys/crypto/elfsign.h
+++ b/usr/src/uts/common/sys/crypto/elfsign.h
@@ -21,6 +21,9 @@
/*
* Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
*/
+/*
+ * Copyright 2010 Nexenta Systems, Inc. All rights reserved.
+ */
#ifndef _SYS_CRYPTO_ELFSIGN_H
#define _SYS_CRYPTO_ELFSIGN_H
@@ -52,29 +55,10 @@ typedef enum ELFsign_status_e {
} ELFsign_status_t;
-/* Version values for da_version in kcf_door_args_t */
-#define KCF_KCFD_VERSION1 1
-#define KCFD_FIPS140_INTCHECK 2
-
#define SIG_MAX_LENGTH 1024
#define ELF_SIGNATURE_SECTION ".SUNW_signature"
-typedef struct kcf_door_arg_s {
- short da_version;
- boolean_t da_iskernel;
-
- union {
- char filename[MAXPATHLEN]; /* For request */
-
- struct kcf_door_result_s { /* For response */
- ELFsign_status_t status;
- uint32_t siglen;
- uchar_t signature[1];
- } result;
- } da_u;
-} kcf_door_arg_t;
-
typedef uint32_t filesig_vers_t;
/*
@@ -134,8 +118,6 @@ struct filesignatures {
#ifndef _KERNEL
-#define _PATH_KCFD_DOOR "/etc/svc/volatile/kcfd_door"
-
#endif /* _KERNEL */
#ifdef __cplusplus
diff --git a/usr/src/uts/common/sys/crypto/impl.h b/usr/src/uts/common/sys/crypto/impl.h
index d01758fc25..a2cc9aee63 100644
--- a/usr/src/uts/common/sys/crypto/impl.h
+++ b/usr/src/uts/common/sys/crypto/impl.h
@@ -525,13 +525,6 @@ typedef struct crypto_session_data {
#define KCF_MAX_PIN_LEN 1024
-/* Global FIPS 140 mode variable */
-extern uint32_t global_fips140_mode;
-/* Global FIPS 140 mode lock */
-extern kmutex_t fips140_mode_lock;
-/* Conditional variable for kcf to wait until kcfd tells the FIPS mode status */
-extern kcondvar_t cv_fips140;
-
/*
* Per-minor info.
*
@@ -1409,11 +1402,6 @@ extern int kcf_policy_load_dev_disabled(char *, uint_t, uint_t,
crypto_mech_name_t *, uint_t *, crypto_mech_name_t **);
extern void remove_soft_config(char *);
-/* FIPS 140 functions */
-extern int kcf_get_fips140_mode(void);
-extern void kcf_fips140_validate();
-extern void kcf_activate();
-
#endif /* _KERNEL */
#ifdef __cplusplus
diff --git a/usr/src/uts/common/sys/crypto/sched_impl.h b/usr/src/uts/common/sys/crypto/sched_impl.h
index 9b4beb1baa..fd35cc3a54 100644
--- a/usr/src/uts/common/sys/crypto/sched_impl.h
+++ b/usr/src/uts/common/sys/crypto/sched_impl.h
@@ -22,6 +22,10 @@
* Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
*/
+/*
+ * Copyright 2010 Nexenta Systems, Inc. All rights reserved.
+ */
+
#ifndef _SYS_CRYPTO_SCHED_IMPL_H
#define _SYS_CRYPTO_SCHED_IMPL_H
@@ -371,23 +375,11 @@ typedef struct kcf_pool {
uint32_t kp_blockedthreads; /* Blocked threads in pool */
/*
- * cv & lock to monitor the condition when no threads
- * are around. In this case the failover thread kicks in.
+ * cv & lock for the condition where more threads need to be created.
*/
- kcondvar_t kp_nothr_cv;
- kmutex_t kp_thread_lock;
-
- /* Userspace thread creator variables. */
- boolean_t kp_signal_create_thread; /* Create requested flag */
- int kp_nthrs; /* # of threads to create */
- boolean_t kp_user_waiting; /* Thread waiting for work */
+ kcondvar_t kp_cv; /* Creator cond. variable */
+ kmutex_t kp_lock; /* Creator lock */
- /*
- * cv & lock for the condition where more threads need to be
- * created. kp_user_lock also protects the three fileds above.
- */
- kcondvar_t kp_user_cv; /* Creator cond. variable */
- kmutex_t kp_user_lock; /* Creator lock */
} kcf_pool_t;
@@ -467,10 +459,6 @@ extern kcf_global_swq_t *gswq;
extern int kcf_maxthreads;
extern int kcf_minthreads;
-/* Door handle for talking to kcfd */
-extern door_handle_t kcf_dh;
-extern kmutex_t kcf_dh_lock;
-
/*
* All pending crypto bufcalls are put on a list. cbuf_list_lock
* protects changes to this list.
@@ -516,13 +504,7 @@ extern int common_submit_request(kcf_provider_desc_t *,
crypto_ctx_t *, kcf_req_params_t *, crypto_req_handle_t);
extern void kcf_free_context(kcf_context_t *);
-extern int kcf_svc_wait(int *);
-extern int kcf_svc_do_run(void);
-extern int kcf_need_fips140_verification(kcf_provider_desc_t *);
-extern int kcf_need_signature_verification(kcf_provider_desc_t *);
-extern void kcf_verify_signature(void *);
extern struct modctl *kcf_get_modctl(crypto_provider_info_t *);
-extern void verify_unverified_providers();
extern void kcf_free_req(kcf_areq_node_t *areq);
extern void crypto_bufcall_service(void);
diff --git a/usr/src/uts/common/sys/random.h b/usr/src/uts/common/sys/random.h
index cbe0bbd40e..a38201456f 100644
--- a/usr/src/uts/common/sys/random.h
+++ b/usr/src/uts/common/sys/random.h
@@ -22,6 +22,9 @@
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
+/*
+ * Copyright 2010 Nexenta Systems, Inc. All rights reserved.
+ */
#ifndef _SYS_RANDOM_H
#define _SYS_RANDOM_H
@@ -60,14 +63,6 @@ extern int random_add_entropy(uint8_t *, size_t, uint_t);
extern int random_get_bytes(uint8_t *, size_t);
extern int random_get_pseudo_bytes(uint8_t *, size_t);
-/*
- * Functions for FIPS 140 validated random. Thesse functions should not be used
- * for early booting kernel modules as modules in a FIPS 140 boundary must wait
- * until the SMF service "cryptosvc" to run.
- */
-extern int random_get_bytes_fips140(uint8_t *, size_t);
-extern int random_get_pseudo_bytes_fips140(uint8_t *, size_t);
-
#endif /* _KERNEL */
#ifdef __cplusplus
diff --git a/usr/src/uts/sparc/bignum/Makefile b/usr/src/uts/sparc/bignum/Makefile
index 76892e18be..5fec2994f9 100644
--- a/usr/src/uts/sparc/bignum/Makefile
+++ b/usr/src/uts/sparc/bignum/Makefile
@@ -48,12 +48,6 @@ ROOTMODULE = $(ROOT_MISC_DIR)/$(MODULE)
include $(UTSBASE)/sparc/Makefile.sparc
#
-# FIPS-140 Self Integrity Test
-#
-POST_PROCESS += ; $(FIPS140_CHECK)
-
-
-#
# Define targets
#
ALL_TARGET = $(BINARY)
diff --git a/usr/src/uts/sun4v/n2rng/Makefile b/usr/src/uts/sun4v/n2rng/Makefile
index 5ef3bcc564..f5c3c7d52d 100644
--- a/usr/src/uts/sun4v/n2rng/Makefile
+++ b/usr/src/uts/sun4v/n2rng/Makefile
@@ -50,11 +50,6 @@ CONF_SRCDIR = $(UTSBASE)/sun4v/io/n2rng
include $(UTSBASE)/sun4v/Makefile.sun4v
#
-# FIPS-140 Self Integrity Test
-#
-POST_PROCESS += ; $(FIPS140_CHECK)
-
-#
# Override defaults to build a unique, local modstubs.o.
#
MODSTUBS_DIR = $(OBJS_DIR)