### File nss-CC-DSA_2k_selftest.patch of Package mozilla-nss.972

# HG changeset patch # Parent 45b2c6c66ca7a7856ccfc3a58ba497e7a3edb1ed Perform DSA selftest with 2048 bit keys bsc#921781 diff --git a/lib/softoken/fipstest.c b/lib/softoken/fipstest.c --- a/lib/softoken/fipstest.c +++ b/lib/softoken/fipstest.c @@ -73,16 +73,21 @@ /* FIPS preprocessor directives for DSA. */ #define FIPS_DSA_TYPE siBuffer #define FIPS_DSA_DIGEST_LENGTH 20 /* 160-bits */ #define FIPS_DSA_SUBPRIME_LENGTH 20 /* 160-bits */ #define FIPS_DSA_SIGNATURE_LENGTH 40 /* 320-bits */ #define FIPS_DSA_PRIME_LENGTH 128 /* 1024-bits */ #define FIPS_DSA_BASE_LENGTH 128 /* 1024-bits */ +#define FIPS_DSA2_DIGEST_LENGTH 32 /* 256-bits */ +#define FIPS_DSA2_SUBPRIME_LENGTH 32 /* 256-bits */ +#define FIPS_DSA2_SIGNATURE_LENGTH 64 /* 512-bits */ +#define FIPS_DSA2_PRIME_LENGTH 256 /* 2048-bits */ +#define FIPS_DSA2_BASE_LENGTH 256 /* 2048-bits */ /* FIPS preprocessor directives for RNG. */ #define FIPS_RNG_XKEY_LENGTH 32 /* 256-bits */ /* Do not test algorithms not approved for use in FIPS 140-2 - it adds * unnecessary time and code overhead for no noticable gain. * Build with -DRUN_ALL_SELFTESTS to compile the tests in */ @@ -1816,85 +1821,121 @@ sftk_fips_ECDSA_PowerUpSelfTest() { #endif /* NSS_DISABLE_ECC */ static CK_RV sftk_fips_DSA_PowerUpSelfTest( void ) { /* DSA Known P (1024-bits), Q (160-bits), and G (1024-bits) Values. */ static const PRUint8 dsa_P[] = { - 0x80,0xb0,0xd1,0x9d,0x6e,0xa4,0xf3,0x28, - 0x9f,0x24,0xa9,0x8a,0x49,0xd0,0x0c,0x63, - 0xe8,0x59,0x04,0xf9,0x89,0x4a,0x5e,0xc0, - 0x6d,0xd2,0x67,0x6b,0x37,0x81,0x83,0x0c, - 0xfe,0x3a,0x8a,0xfd,0xa0,0x3b,0x08,0x91, - 0x1c,0xcb,0xb5,0x63,0xb0,0x1c,0x70,0xd0, - 0xae,0xe1,0x60,0x2e,0x12,0xeb,0x54,0xc7, - 0xcf,0xc6,0xcc,0xae,0x97,0x52,0x32,0x63, - 0xd3,0xeb,0x55,0xea,0x2f,0x4c,0xd5,0xd7, - 0x3f,0xda,0xec,0x49,0x27,0x0b,0x14,0x56, - 0xc5,0x09,0xbe,0x4d,0x09,0x15,0x75,0x2b, - 0xa3,0x42,0x0d,0x03,0x71,0xdf,0x0f,0xf4, - 0x0e,0xe9,0x0c,0x46,0x93,0x3d,0x3f,0xa6, - 0x6c,0xdb,0xca,0xe5,0xac,0x96,0xc8,0x64, - 0x5c,0xec,0x4b,0x35,0x65,0xfc,0xfb,0x5a, - 0x1b,0x04,0x1b,0xa1,0x0e,0xfd,0x88,0x15}; + 0xdc,0x81,0x2b,0x62,0xa3,0xfe,0xd8,0x5f, + 0x08,0x79,0x9d,0xf6,0x1c,0x62,0xf9,0xab, + 0x0d,0x01,0xf0,0x1f,0x5a,0x99,0x68,0xbe, + 0x9e,0xa8,0x38,0x9b,0xea,0x41,0x85,0x98, + 0x55,0x80,0x22,0x78,0x39,0x8b,0xc5,0xb2, + 0x69,0x14,0x6c,0x4c,0x09,0x22,0x1c,0xea, + 0x46,0x39,0x3e,0xc0,0xdc,0x41,0x02,0xa1, + 0x08,0x11,0x12,0xb3,0x58,0xe1,0x46,0x98, + 0xf3,0x80,0x46,0xa6,0xb3,0x66,0xaf,0x61, + 0xbc,0xbc,0x43,0x2e,0x15,0x08,0xfc,0x44, + 0xa8,0xfb,0x5c,0x7f,0x1d,0xfd,0x4c,0xcb, + 0xac,0xec,0x71,0xb8,0x78,0x4a,0x25,0xaa, + 0xc8,0xd4,0xde,0x4f,0x90,0x51,0xfc,0x83, + 0xff,0x73,0x9c,0xda,0xea,0x36,0x37,0xd1, + 0x3f,0x14,0xa1,0x1e,0xef,0x85,0x7c,0x8b, + 0xab,0xa0,0x18,0x97,0x68,0x31,0x97,0xcb, + 0x74,0x91,0x5d,0xee,0x72,0x2b,0xbf,0x1e, + 0x2e,0xce,0xfd,0x27,0x09,0x19,0x98,0x60, + 0x8c,0x23,0x62,0xe9,0x17,0xfc,0xcd,0xa2, + 0x59,0xd4,0xb7,0x34,0xf7,0x74,0x8f,0x19, + 0xc9,0x77,0x2c,0xaf,0x53,0x22,0x40,0x33, + 0x03,0xb8,0x5d,0xef,0xe9,0x15,0xd4,0x75, + 0x03,0x53,0x2f,0xa8,0x7c,0x8b,0xad,0xfd, + 0xd3,0xc1,0xbf,0x9b,0xca,0xa3,0xef,0x06, + 0x75,0x8d,0x23,0x60,0x4c,0x87,0x76,0x8e, + 0xda,0x22,0x5d,0xe4,0x8a,0x50,0xb2,0xcf, + 0x53,0x0d,0x82,0xe0,0xf2,0x36,0xdd,0x8a, + 0x89,0xbf,0xbb,0x66,0x35,0x31,0x7d,0xf4, + 0x34,0x26,0xf6,0x0e,0xe1,0x0a,0xc7,0x7a, + 0x37,0xf7,0xf8,0x0d,0x7d,0x9e,0xb0,0xb8, + 0xbd,0xc3,0xe0,0x83,0x46,0xb8,0x99,0x8f, + 0x92,0x9c,0xa5,0xc2,0xb5,0xe7,0xd9,0xb5}; static const PRUint8 dsa_Q[] = { - 0xad,0x22,0x59,0xdf,0xe5,0xec,0x4c,0x6e, - 0xf9,0x43,0xf0,0x4b,0x2d,0x50,0x51,0xc6, - 0x91,0x99,0x8b,0xcf}; + 0xb6,0x69,0xf2,0x1c,0xd7,0x41,0xb4,0x8b, + 0x99,0x10,0x11,0x28,0xc8,0xbf,0xbb,0x73, + 0x24,0xe1,0x4f,0x1d,0x43,0x2e,0x1b,0x29, + 0x25,0x7e,0x4e,0xdd,0xf0,0xba,0x6b,0xd1}; static const PRUint8 dsa_G[] = { - 0x78,0x6e,0xa9,0xd8,0xcd,0x4a,0x85,0xa4, - 0x45,0xb6,0x6e,0x5d,0x21,0x50,0x61,0xf6, - 0x5f,0xdf,0x5c,0x7a,0xde,0x0d,0x19,0xd3, - 0xc1,0x3b,0x14,0xcc,0x8e,0xed,0xdb,0x17, - 0xb6,0xca,0xba,0x86,0xa9,0xea,0x51,0x2d, - 0xc1,0xa9,0x16,0xda,0xf8,0x7b,0x59,0x8a, - 0xdf,0xcb,0xa4,0x67,0x00,0x44,0xea,0x24, - 0x73,0xe5,0xcb,0x4b,0xaf,0x2a,0x31,0x25, - 0x22,0x28,0x3f,0x16,0x10,0x82,0xf7,0xeb, - 0x94,0x0d,0xdd,0x09,0x22,0x14,0x08,0x79, - 0xba,0x11,0x0b,0xf1,0xff,0x2d,0x67,0xac, - 0xeb,0xb6,0x55,0x51,0x69,0x97,0xa7,0x25, - 0x6b,0x9c,0xa0,0x9b,0xd5,0x08,0x9b,0x27, - 0x42,0x1c,0x7a,0x69,0x57,0xe6,0x2e,0xed, - 0xa9,0x5b,0x25,0xe8,0x1f,0xd2,0xed,0x1f, - 0xdf,0xe7,0x80,0x17,0xba,0x0d,0x4d,0x38}; + 0xd1,0xbe,0xb6,0xe3,0x2b,0x90,0x5e,0xef, + 0x23,0xd0,0x21,0x90,0x58,0xb2,0xaf,0xb1, + 0xb9,0xc7,0x3b,0x6a,0xc2,0xdd,0x09,0x7f, + 0x26,0x81,0xdd,0xa9,0xb4,0x25,0x1f,0xab, + 0x8e,0x57,0x5e,0x8a,0x2e,0x75,0xd2,0x00, + 0xf5,0x18,0xd8,0xa5,0x5e,0x93,0x48,0x8a, + 0x9f,0xbd,0xa5,0x4a,0xb8,0xde,0x31,0xd0, + 0xea,0xeb,0x6a,0x02,0xc1,0x58,0xdb,0xdb, + 0xb7,0xec,0xe8,0xe1,0xf1,0xbd,0x47,0xec, + 0x89,0x15,0x09,0x80,0xa7,0x77,0x34,0x5d, + 0x8f,0x45,0xc2,0x53,0x9d,0x2d,0xba,0xbb, + 0x0d,0xed,0xd0,0x45,0xff,0x8c,0xbd,0xe9, + 0xa9,0x84,0xa6,0x77,0xa6,0x8a,0x42,0x2a, + 0xae,0xed,0xd6,0x45,0x7f,0x9a,0xca,0x12, + 0x13,0x6c,0x6e,0x1a,0x60,0xf6,0x05,0x94, + 0x51,0xef,0xd5,0x11,0xd1,0x44,0xe1,0x79, + 0xa8,0x99,0x22,0xe6,0x96,0x77,0x69,0x34, + 0xb6,0x76,0xf2,0xd8,0xfe,0xe2,0xee,0x40, + 0x4c,0x90,0x3d,0x66,0xd3,0x7e,0x41,0xb5, + 0x9b,0x3a,0x79,0xa7,0x8b,0x0e,0x20,0x6f, + 0x3d,0x90,0x11,0x9a,0x0e,0x3d,0x6d,0x8a, + 0x02,0x8d,0x01,0x15,0x56,0x8a,0x49,0xf6, + 0x3d,0xdb,0x9e,0xbc,0xfe,0xd6,0x04,0xf8, + 0x71,0x53,0x7e,0x46,0x42,0xce,0x4e,0xe1, + 0x2c,0x1c,0xe6,0x87,0x05,0x9c,0xf4,0xa0, + 0x17,0xde,0xdb,0xa6,0xe5,0x22,0x4d,0xc1, + 0xdc,0xf4,0x15,0x96,0x17,0x59,0xea,0x4d, + 0x0b,0x8c,0x99,0x8f,0xb4,0x9e,0x82,0xe6, + 0x97,0xf6,0x6d,0xf4,0x02,0xc8,0x83,0x1e, + 0xb6,0x57,0x96,0x45,0x2b,0x1f,0xbf,0x20, + 0x3d,0x5e,0x8d,0x2e,0x55,0x0c,0x4f,0xed, + 0x42,0x9f,0x35,0xf1,0x0f,0x69,0x4b,0xca}; /* DSA Known Random Values (known random key block is 160-bits) */ /* and (known random signature block is 160-bits). */ static const PRUint8 dsa_known_random_key_block[] = { - "Mozilla Rules World!"}; + "Mozilla Rules World Forever Now."}; static const PRUint8 dsa_known_random_signature_block[] = { - "Random DSA Signature"}; + "Random 256bit long DSA Signature"}; /* DSA Known Digest (160-bits) */ - static const PRUint8 dsa_known_digest[] = { "DSA Signature Digest" }; + static const PRUint8 dsa_known_digest[] = { "Long enough DSA Signature Digest" }; /* DSA Known Signature (320-bits). */ static const PRUint8 dsa_known_signature[] = { - 0x25,0x7c,0x3a,0x79,0x32,0x45,0xb7,0x32, - 0x70,0xca,0x62,0x63,0x2b,0xf6,0x29,0x2c, - 0x22,0x2a,0x03,0xce,0x48,0x15,0x11,0x72, - 0x7b,0x7e,0xf5,0x7a,0xf3,0x10,0x3b,0xde, - 0x34,0xc1,0x9e,0xd7,0x27,0x9e,0x77,0x38}; + 0x36,0xab,0x18,0x27,0x00,0x9c,0x0c,0x1c, + 0x54,0x88,0xf3,0x4c,0x51,0x3d,0x7d,0x2c, + 0xc9,0x1b,0x35,0x02,0xe3,0x0b,0xc6,0x18, + 0xd1,0x04,0xad,0x2d,0x4e,0x2a,0x75,0xdb, + 0x1c,0x37,0x0d,0x14,0xea,0x5b,0x32,0x86, + 0x26,0x00,0x30,0x30,0x8e,0xfa,0x51,0x44, + 0xb5,0x23,0x41,0xd6,0x39,0xc3,0x8c,0x9c, + 0x32,0x41,0x15,0xe0,0xb3,0xbf,0x59,0x5e}; /* DSA variables. */ DSAPrivateKey * dsa_private_key; SECStatus dsa_status; SECItem dsa_signature_item; SECItem dsa_digest_item; DSAPublicKey dsa_public_key; - PRUint8 dsa_computed_signature[FIPS_DSA_SIGNATURE_LENGTH]; + PRUint8 dsa_computed_signature[FIPS_DSA2_SIGNATURE_LENGTH]; static const PQGParams dsa_pqg = { NULL, - { FIPS_DSA_TYPE, (unsigned char *)dsa_P, FIPS_DSA_PRIME_LENGTH }, - { FIPS_DSA_TYPE, (unsigned char *)dsa_Q, FIPS_DSA_SUBPRIME_LENGTH }, - { FIPS_DSA_TYPE, (unsigned char *)dsa_G, FIPS_DSA_BASE_LENGTH }}; + { FIPS_DSA_TYPE, (unsigned char *)dsa_P, FIPS_DSA2_PRIME_LENGTH }, + { FIPS_DSA_TYPE, (unsigned char *)dsa_Q, FIPS_DSA2_SUBPRIME_LENGTH }, + { FIPS_DSA_TYPE, (unsigned char *)dsa_G, FIPS_DSA2_BASE_LENGTH }}; /*******************************************/ /* Generate a DSA public/private key pair. */ /*******************************************/ /* Generate a DSA public/private key pair. */ dsa_status = DSA_NewKeyFromSeed(&dsa_pqg, dsa_known_random_key_block, &dsa_private_key); @@ -1918,19 +1959,19 @@ sftk_fips_DSA_PowerUpSelfTest( void ) /* Perform DSA signature process. */ dsa_status = DSA_SignDigestWithSeed( dsa_private_key, &dsa_signature_item, &dsa_digest_item, dsa_known_random_signature_block ); if( ( dsa_status != SECSuccess ) || - ( dsa_signature_item.len != FIPS_DSA_SIGNATURE_LENGTH ) || + ( dsa_signature_item.len != FIPS_DSA2_SIGNATURE_LENGTH ) || ( PORT_Memcmp( dsa_computed_signature, dsa_known_signature, - FIPS_DSA_SIGNATURE_LENGTH ) != 0 ) ) { + FIPS_DSA2_SIGNATURE_LENGTH ) != 0 ) ) { dsa_status = SECFailure; } else { /****************************************************/ /* DSA Single-Round Known Answer Verification Test. */ /****************************************************/ /* Perform DSA verification process. */