File nss-CC-DSA_2k_selftest.patch of Package mozilla-nss.972
# HG changeset patch
# Parent 45b2c6c66ca7a7856ccfc3a58ba497e7a3edb1ed
Perform DSA selftest with 2048 bit keys
bsc#921781
diff --git a/lib/softoken/fipstest.c b/lib/softoken/fipstest.c
--- a/lib/softoken/fipstest.c
+++ b/lib/softoken/fipstest.c
@@ -73,16 +73,21 @@
/* FIPS preprocessor directives for DSA. */
#define FIPS_DSA_TYPE siBuffer
#define FIPS_DSA_DIGEST_LENGTH 20 /* 160-bits */
#define FIPS_DSA_SUBPRIME_LENGTH 20 /* 160-bits */
#define FIPS_DSA_SIGNATURE_LENGTH 40 /* 320-bits */
#define FIPS_DSA_PRIME_LENGTH 128 /* 1024-bits */
#define FIPS_DSA_BASE_LENGTH 128 /* 1024-bits */
+#define FIPS_DSA2_DIGEST_LENGTH 32 /* 256-bits */
+#define FIPS_DSA2_SUBPRIME_LENGTH 32 /* 256-bits */
+#define FIPS_DSA2_SIGNATURE_LENGTH 64 /* 512-bits */
+#define FIPS_DSA2_PRIME_LENGTH 256 /* 2048-bits */
+#define FIPS_DSA2_BASE_LENGTH 256 /* 2048-bits */
/* FIPS preprocessor directives for RNG. */
#define FIPS_RNG_XKEY_LENGTH 32 /* 256-bits */
/* Do not test algorithms not approved for use in FIPS 140-2 - it adds
* unnecessary time and code overhead for no noticable gain.
* Build with -DRUN_ALL_SELFTESTS to compile the tests in
*/
@@ -1816,85 +1821,121 @@ sftk_fips_ECDSA_PowerUpSelfTest() {
#endif /* NSS_DISABLE_ECC */
static CK_RV
sftk_fips_DSA_PowerUpSelfTest( void )
{
/* DSA Known P (1024-bits), Q (160-bits), and G (1024-bits) Values. */
static const PRUint8 dsa_P[] = {
- 0x80,0xb0,0xd1,0x9d,0x6e,0xa4,0xf3,0x28,
- 0x9f,0x24,0xa9,0x8a,0x49,0xd0,0x0c,0x63,
- 0xe8,0x59,0x04,0xf9,0x89,0x4a,0x5e,0xc0,
- 0x6d,0xd2,0x67,0x6b,0x37,0x81,0x83,0x0c,
- 0xfe,0x3a,0x8a,0xfd,0xa0,0x3b,0x08,0x91,
- 0x1c,0xcb,0xb5,0x63,0xb0,0x1c,0x70,0xd0,
- 0xae,0xe1,0x60,0x2e,0x12,0xeb,0x54,0xc7,
- 0xcf,0xc6,0xcc,0xae,0x97,0x52,0x32,0x63,
- 0xd3,0xeb,0x55,0xea,0x2f,0x4c,0xd5,0xd7,
- 0x3f,0xda,0xec,0x49,0x27,0x0b,0x14,0x56,
- 0xc5,0x09,0xbe,0x4d,0x09,0x15,0x75,0x2b,
- 0xa3,0x42,0x0d,0x03,0x71,0xdf,0x0f,0xf4,
- 0x0e,0xe9,0x0c,0x46,0x93,0x3d,0x3f,0xa6,
- 0x6c,0xdb,0xca,0xe5,0xac,0x96,0xc8,0x64,
- 0x5c,0xec,0x4b,0x35,0x65,0xfc,0xfb,0x5a,
- 0x1b,0x04,0x1b,0xa1,0x0e,0xfd,0x88,0x15};
+ 0xdc,0x81,0x2b,0x62,0xa3,0xfe,0xd8,0x5f,
+ 0x08,0x79,0x9d,0xf6,0x1c,0x62,0xf9,0xab,
+ 0x0d,0x01,0xf0,0x1f,0x5a,0x99,0x68,0xbe,
+ 0x9e,0xa8,0x38,0x9b,0xea,0x41,0x85,0x98,
+ 0x55,0x80,0x22,0x78,0x39,0x8b,0xc5,0xb2,
+ 0x69,0x14,0x6c,0x4c,0x09,0x22,0x1c,0xea,
+ 0x46,0x39,0x3e,0xc0,0xdc,0x41,0x02,0xa1,
+ 0x08,0x11,0x12,0xb3,0x58,0xe1,0x46,0x98,
+ 0xf3,0x80,0x46,0xa6,0xb3,0x66,0xaf,0x61,
+ 0xbc,0xbc,0x43,0x2e,0x15,0x08,0xfc,0x44,
+ 0xa8,0xfb,0x5c,0x7f,0x1d,0xfd,0x4c,0xcb,
+ 0xac,0xec,0x71,0xb8,0x78,0x4a,0x25,0xaa,
+ 0xc8,0xd4,0xde,0x4f,0x90,0x51,0xfc,0x83,
+ 0xff,0x73,0x9c,0xda,0xea,0x36,0x37,0xd1,
+ 0x3f,0x14,0xa1,0x1e,0xef,0x85,0x7c,0x8b,
+ 0xab,0xa0,0x18,0x97,0x68,0x31,0x97,0xcb,
+ 0x74,0x91,0x5d,0xee,0x72,0x2b,0xbf,0x1e,
+ 0x2e,0xce,0xfd,0x27,0x09,0x19,0x98,0x60,
+ 0x8c,0x23,0x62,0xe9,0x17,0xfc,0xcd,0xa2,
+ 0x59,0xd4,0xb7,0x34,0xf7,0x74,0x8f,0x19,
+ 0xc9,0x77,0x2c,0xaf,0x53,0x22,0x40,0x33,
+ 0x03,0xb8,0x5d,0xef,0xe9,0x15,0xd4,0x75,
+ 0x03,0x53,0x2f,0xa8,0x7c,0x8b,0xad,0xfd,
+ 0xd3,0xc1,0xbf,0x9b,0xca,0xa3,0xef,0x06,
+ 0x75,0x8d,0x23,0x60,0x4c,0x87,0x76,0x8e,
+ 0xda,0x22,0x5d,0xe4,0x8a,0x50,0xb2,0xcf,
+ 0x53,0x0d,0x82,0xe0,0xf2,0x36,0xdd,0x8a,
+ 0x89,0xbf,0xbb,0x66,0x35,0x31,0x7d,0xf4,
+ 0x34,0x26,0xf6,0x0e,0xe1,0x0a,0xc7,0x7a,
+ 0x37,0xf7,0xf8,0x0d,0x7d,0x9e,0xb0,0xb8,
+ 0xbd,0xc3,0xe0,0x83,0x46,0xb8,0x99,0x8f,
+ 0x92,0x9c,0xa5,0xc2,0xb5,0xe7,0xd9,0xb5};
static const PRUint8 dsa_Q[] = {
- 0xad,0x22,0x59,0xdf,0xe5,0xec,0x4c,0x6e,
- 0xf9,0x43,0xf0,0x4b,0x2d,0x50,0x51,0xc6,
- 0x91,0x99,0x8b,0xcf};
+ 0xb6,0x69,0xf2,0x1c,0xd7,0x41,0xb4,0x8b,
+ 0x99,0x10,0x11,0x28,0xc8,0xbf,0xbb,0x73,
+ 0x24,0xe1,0x4f,0x1d,0x43,0x2e,0x1b,0x29,
+ 0x25,0x7e,0x4e,0xdd,0xf0,0xba,0x6b,0xd1};
static const PRUint8 dsa_G[] = {
- 0x78,0x6e,0xa9,0xd8,0xcd,0x4a,0x85,0xa4,
- 0x45,0xb6,0x6e,0x5d,0x21,0x50,0x61,0xf6,
- 0x5f,0xdf,0x5c,0x7a,0xde,0x0d,0x19,0xd3,
- 0xc1,0x3b,0x14,0xcc,0x8e,0xed,0xdb,0x17,
- 0xb6,0xca,0xba,0x86,0xa9,0xea,0x51,0x2d,
- 0xc1,0xa9,0x16,0xda,0xf8,0x7b,0x59,0x8a,
- 0xdf,0xcb,0xa4,0x67,0x00,0x44,0xea,0x24,
- 0x73,0xe5,0xcb,0x4b,0xaf,0x2a,0x31,0x25,
- 0x22,0x28,0x3f,0x16,0x10,0x82,0xf7,0xeb,
- 0x94,0x0d,0xdd,0x09,0x22,0x14,0x08,0x79,
- 0xba,0x11,0x0b,0xf1,0xff,0x2d,0x67,0xac,
- 0xeb,0xb6,0x55,0x51,0x69,0x97,0xa7,0x25,
- 0x6b,0x9c,0xa0,0x9b,0xd5,0x08,0x9b,0x27,
- 0x42,0x1c,0x7a,0x69,0x57,0xe6,0x2e,0xed,
- 0xa9,0x5b,0x25,0xe8,0x1f,0xd2,0xed,0x1f,
- 0xdf,0xe7,0x80,0x17,0xba,0x0d,0x4d,0x38};
+ 0xd1,0xbe,0xb6,0xe3,0x2b,0x90,0x5e,0xef,
+ 0x23,0xd0,0x21,0x90,0x58,0xb2,0xaf,0xb1,
+ 0xb9,0xc7,0x3b,0x6a,0xc2,0xdd,0x09,0x7f,
+ 0x26,0x81,0xdd,0xa9,0xb4,0x25,0x1f,0xab,
+ 0x8e,0x57,0x5e,0x8a,0x2e,0x75,0xd2,0x00,
+ 0xf5,0x18,0xd8,0xa5,0x5e,0x93,0x48,0x8a,
+ 0x9f,0xbd,0xa5,0x4a,0xb8,0xde,0x31,0xd0,
+ 0xea,0xeb,0x6a,0x02,0xc1,0x58,0xdb,0xdb,
+ 0xb7,0xec,0xe8,0xe1,0xf1,0xbd,0x47,0xec,
+ 0x89,0x15,0x09,0x80,0xa7,0x77,0x34,0x5d,
+ 0x8f,0x45,0xc2,0x53,0x9d,0x2d,0xba,0xbb,
+ 0x0d,0xed,0xd0,0x45,0xff,0x8c,0xbd,0xe9,
+ 0xa9,0x84,0xa6,0x77,0xa6,0x8a,0x42,0x2a,
+ 0xae,0xed,0xd6,0x45,0x7f,0x9a,0xca,0x12,
+ 0x13,0x6c,0x6e,0x1a,0x60,0xf6,0x05,0x94,
+ 0x51,0xef,0xd5,0x11,0xd1,0x44,0xe1,0x79,
+ 0xa8,0x99,0x22,0xe6,0x96,0x77,0x69,0x34,
+ 0xb6,0x76,0xf2,0xd8,0xfe,0xe2,0xee,0x40,
+ 0x4c,0x90,0x3d,0x66,0xd3,0x7e,0x41,0xb5,
+ 0x9b,0x3a,0x79,0xa7,0x8b,0x0e,0x20,0x6f,
+ 0x3d,0x90,0x11,0x9a,0x0e,0x3d,0x6d,0x8a,
+ 0x02,0x8d,0x01,0x15,0x56,0x8a,0x49,0xf6,
+ 0x3d,0xdb,0x9e,0xbc,0xfe,0xd6,0x04,0xf8,
+ 0x71,0x53,0x7e,0x46,0x42,0xce,0x4e,0xe1,
+ 0x2c,0x1c,0xe6,0x87,0x05,0x9c,0xf4,0xa0,
+ 0x17,0xde,0xdb,0xa6,0xe5,0x22,0x4d,0xc1,
+ 0xdc,0xf4,0x15,0x96,0x17,0x59,0xea,0x4d,
+ 0x0b,0x8c,0x99,0x8f,0xb4,0x9e,0x82,0xe6,
+ 0x97,0xf6,0x6d,0xf4,0x02,0xc8,0x83,0x1e,
+ 0xb6,0x57,0x96,0x45,0x2b,0x1f,0xbf,0x20,
+ 0x3d,0x5e,0x8d,0x2e,0x55,0x0c,0x4f,0xed,
+ 0x42,0x9f,0x35,0xf1,0x0f,0x69,0x4b,0xca};
/* DSA Known Random Values (known random key block is 160-bits) */
/* and (known random signature block is 160-bits). */
static const PRUint8 dsa_known_random_key_block[] = {
- "Mozilla Rules World!"};
+ "Mozilla Rules World Forever Now."};
static const PRUint8 dsa_known_random_signature_block[] = {
- "Random DSA Signature"};
+ "Random 256bit long DSA Signature"};
/* DSA Known Digest (160-bits) */
- static const PRUint8 dsa_known_digest[] = { "DSA Signature Digest" };
+ static const PRUint8 dsa_known_digest[] = { "Long enough DSA Signature Digest" };
/* DSA Known Signature (320-bits). */
static const PRUint8 dsa_known_signature[] = {
- 0x25,0x7c,0x3a,0x79,0x32,0x45,0xb7,0x32,
- 0x70,0xca,0x62,0x63,0x2b,0xf6,0x29,0x2c,
- 0x22,0x2a,0x03,0xce,0x48,0x15,0x11,0x72,
- 0x7b,0x7e,0xf5,0x7a,0xf3,0x10,0x3b,0xde,
- 0x34,0xc1,0x9e,0xd7,0x27,0x9e,0x77,0x38};
+ 0x36,0xab,0x18,0x27,0x00,0x9c,0x0c,0x1c,
+ 0x54,0x88,0xf3,0x4c,0x51,0x3d,0x7d,0x2c,
+ 0xc9,0x1b,0x35,0x02,0xe3,0x0b,0xc6,0x18,
+ 0xd1,0x04,0xad,0x2d,0x4e,0x2a,0x75,0xdb,
+ 0x1c,0x37,0x0d,0x14,0xea,0x5b,0x32,0x86,
+ 0x26,0x00,0x30,0x30,0x8e,0xfa,0x51,0x44,
+ 0xb5,0x23,0x41,0xd6,0x39,0xc3,0x8c,0x9c,
+ 0x32,0x41,0x15,0xe0,0xb3,0xbf,0x59,0x5e};
/* DSA variables. */
DSAPrivateKey * dsa_private_key;
SECStatus dsa_status;
SECItem dsa_signature_item;
SECItem dsa_digest_item;
DSAPublicKey dsa_public_key;
- PRUint8 dsa_computed_signature[FIPS_DSA_SIGNATURE_LENGTH];
+ PRUint8 dsa_computed_signature[FIPS_DSA2_SIGNATURE_LENGTH];
static const PQGParams dsa_pqg = { NULL,
- { FIPS_DSA_TYPE, (unsigned char *)dsa_P, FIPS_DSA_PRIME_LENGTH },
- { FIPS_DSA_TYPE, (unsigned char *)dsa_Q, FIPS_DSA_SUBPRIME_LENGTH },
- { FIPS_DSA_TYPE, (unsigned char *)dsa_G, FIPS_DSA_BASE_LENGTH }};
+ { FIPS_DSA_TYPE, (unsigned char *)dsa_P, FIPS_DSA2_PRIME_LENGTH },
+ { FIPS_DSA_TYPE, (unsigned char *)dsa_Q, FIPS_DSA2_SUBPRIME_LENGTH },
+ { FIPS_DSA_TYPE, (unsigned char *)dsa_G, FIPS_DSA2_BASE_LENGTH }};
/*******************************************/
/* Generate a DSA public/private key pair. */
/*******************************************/
/* Generate a DSA public/private key pair. */
dsa_status = DSA_NewKeyFromSeed(&dsa_pqg, dsa_known_random_key_block,
&dsa_private_key);
@@ -1918,19 +1959,19 @@ sftk_fips_DSA_PowerUpSelfTest( void )
/* Perform DSA signature process. */
dsa_status = DSA_SignDigestWithSeed( dsa_private_key,
&dsa_signature_item,
&dsa_digest_item,
dsa_known_random_signature_block );
if( ( dsa_status != SECSuccess ) ||
- ( dsa_signature_item.len != FIPS_DSA_SIGNATURE_LENGTH ) ||
+ ( dsa_signature_item.len != FIPS_DSA2_SIGNATURE_LENGTH ) ||
( PORT_Memcmp( dsa_computed_signature, dsa_known_signature,
- FIPS_DSA_SIGNATURE_LENGTH ) != 0 ) ) {
+ FIPS_DSA2_SIGNATURE_LENGTH ) != 0 ) ) {
dsa_status = SECFailure;
} else {
/****************************************************/
/* DSA Single-Round Known Answer Verification Test. */
/****************************************************/
/* Perform DSA verification process. */
