Skip to content

Commit

Permalink
Make SHA3 (not SHAKE) Approved for EVP_DigestSign/Verify, RSA and ECDSA.
Browse files Browse the repository at this point in the history
  • Loading branch information
nebeid committed Aug 30, 2024
1 parent 173bd09 commit b041f9a
Show file tree
Hide file tree
Showing 3 changed files with 81 additions and 75 deletions.
32 changes: 20 additions & 12 deletions crypto/fipsmodule/service_indicator/service_indicator.c
Original file line number Diff line number Diff line change
Expand Up @@ -174,14 +174,18 @@ static int is_md_fips_approved_for_signing(int md_type, int pkey_type) {
case NID_sha256:
case NID_sha384:
case NID_sha512:
return 1;
case NID_sha512_224:
case NID_sha512_256:
// Truncated SHA512 is only approved for signing with RSA PSS
if (pkey_type == EVP_PKEY_RSA_PSS) {
return 1;
}
return 0;
case NID_sha3_224:
case NID_sha3_256:
case NID_sha3_384:
case NID_sha3_512:
return 1;

// [TODO] SHAKE is only approved for signing with RSA PSS
// if (pkey_type == EVP_PKEY_RSA_PSS) // This will be needed when SHAKE is added
// return 1;
//}
default:
return 0;
}
Expand All @@ -196,14 +200,18 @@ static int is_md_fips_approved_for_verifying(int md_type, int pkey_type) {
case NID_sha256:
case NID_sha384:
case NID_sha512:
return 1;
case NID_sha512_224:
case NID_sha512_256:
// Truncated SHA512 is only approved for verifying with RSA PSS
if (pkey_type == EVP_PKEY_RSA_PSS) {
return 1;
}
return 0;
case NID_sha3_224:
case NID_sha3_256:
case NID_sha3_384:
case NID_sha3_512:
return 1;

// [TODO] SHAKE is only approved for signing with RSA PSS
// if (pkey_type == EVP_PKEY_RSA_PSS) // This will be needed when SHAKE is added
// return 1;
//}
default:
return 0;
}
Expand Down
112 changes: 55 additions & 57 deletions crypto/fipsmodule/service_indicator/service_indicator_test.cc
Original file line number Diff line number Diff line change
Expand Up @@ -2099,14 +2099,6 @@ struct RSATestVector kRSATestVectors[] = {
{ 3071, &EVP_sha512, true, AWSLC_NOT_APPROVED, AWSLC_NOT_APPROVED },
{ 4096, &EVP_md5, false, AWSLC_NOT_APPROVED, AWSLC_NOT_APPROVED },

// PKCS1v1.5 with truncated SHA512 are not FIPS approved
{ 2048, &EVP_sha512_224, false, AWSLC_NOT_APPROVED, AWSLC_NOT_APPROVED },
{ 3072, &EVP_sha512_224, false, AWSLC_NOT_APPROVED, AWSLC_NOT_APPROVED },
{ 4096, &EVP_sha512_224, false, AWSLC_NOT_APPROVED, AWSLC_NOT_APPROVED },
{ 2048, &EVP_sha512_256, false, AWSLC_NOT_APPROVED, AWSLC_NOT_APPROVED },
{ 3072, &EVP_sha512_256, false, AWSLC_NOT_APPROVED, AWSLC_NOT_APPROVED },
{ 4096, &EVP_sha512_256, false, AWSLC_NOT_APPROVED, AWSLC_NOT_APPROVED },

// RSA test cases that are approved.
{ 1024, &EVP_sha1, false, AWSLC_NOT_APPROVED, AWSLC_APPROVED },
{ 1024, &EVP_sha224, false, AWSLC_NOT_APPROVED, AWSLC_APPROVED },
Expand All @@ -2126,6 +2118,8 @@ struct RSATestVector kRSATestVectors[] = {
{ 2048, &EVP_sha256, false, AWSLC_APPROVED, AWSLC_APPROVED },
{ 2048, &EVP_sha384, false, AWSLC_APPROVED, AWSLC_APPROVED },
{ 2048, &EVP_sha512, false, AWSLC_APPROVED, AWSLC_APPROVED },
{ 2048, &EVP_sha512_224, false, AWSLC_APPROVED, AWSLC_APPROVED },
{ 2048, &EVP_sha512_256, false, AWSLC_APPROVED, AWSLC_APPROVED },

{ 2048, &EVP_sha1, true, AWSLC_NOT_APPROVED, AWSLC_APPROVED },
{ 2048, &EVP_sha224, true, AWSLC_APPROVED, AWSLC_APPROVED },
Expand All @@ -2140,6 +2134,8 @@ struct RSATestVector kRSATestVectors[] = {
{ 3072, &EVP_sha256, false, AWSLC_APPROVED, AWSLC_APPROVED },
{ 3072, &EVP_sha384, false, AWSLC_APPROVED, AWSLC_APPROVED },
{ 3072, &EVP_sha512, false, AWSLC_APPROVED, AWSLC_APPROVED },
{ 3072, &EVP_sha512_224, false, AWSLC_APPROVED, AWSLC_APPROVED },
{ 3072, &EVP_sha512_256, false, AWSLC_APPROVED, AWSLC_APPROVED },

{ 3072, &EVP_sha1, true, AWSLC_NOT_APPROVED, AWSLC_APPROVED },
{ 3072, &EVP_sha224, true, AWSLC_APPROVED, AWSLC_APPROVED },
Expand All @@ -2154,6 +2150,8 @@ struct RSATestVector kRSATestVectors[] = {
{ 4096, &EVP_sha256, false, AWSLC_APPROVED, AWSLC_APPROVED },
{ 4096, &EVP_sha384, false, AWSLC_APPROVED, AWSLC_APPROVED },
{ 4096, &EVP_sha512, false, AWSLC_APPROVED, AWSLC_APPROVED },
{ 4096, &EVP_sha512_224, false, AWSLC_APPROVED, AWSLC_APPROVED },
{ 4096, &EVP_sha512_256, false, AWSLC_APPROVED, AWSLC_APPROVED },

{ 4096, &EVP_sha1, true, AWSLC_NOT_APPROVED, AWSLC_APPROVED },
{ 4096, &EVP_sha224, true, AWSLC_APPROVED, AWSLC_APPROVED },
Expand Down Expand Up @@ -2439,7 +2437,7 @@ struct ECDSATestVector {
const int nid;
// md_func is the digest to test.
const EVP_MD *(*func)();
// expected to be approved or not for signature generation.
// expected to be approved or not for key generation.
const FIPSStatus key_check_expect_approved;
// expected to be approved or not for signature generation.
const FIPSStatus sig_gen_expect_approved;
Expand All @@ -2461,18 +2459,18 @@ static const struct ECDSATestVector kECDSATestVectors[] = {
AWSLC_APPROVED},
{NID_secp224r1, &EVP_sha512, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},
{NID_secp224r1, &EVP_sha512_224, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_NOT_APPROVED},
{NID_secp224r1, &EVP_sha512_256, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_NOT_APPROVED},
{NID_secp224r1, &EVP_sha3_224, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_NOT_APPROVED},
{NID_secp224r1, &EVP_sha3_256, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_NOT_APPROVED},
{NID_secp224r1, &EVP_sha3_384, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_NOT_APPROVED},
{NID_secp224r1, &EVP_sha3_512, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_NOT_APPROVED},
{NID_secp224r1, &EVP_sha512_224, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},
{NID_secp224r1, &EVP_sha512_256, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},
{NID_secp224r1, &EVP_sha3_224, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},
{NID_secp224r1, &EVP_sha3_256, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},
{NID_secp224r1, &EVP_sha3_384, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},
{NID_secp224r1, &EVP_sha3_512, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},

{NID_X9_62_prime256v1, &EVP_sha1, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_APPROVED},
Expand All @@ -2484,18 +2482,18 @@ static const struct ECDSATestVector kECDSATestVectors[] = {
AWSLC_APPROVED},
{NID_X9_62_prime256v1, &EVP_sha512, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},
{NID_X9_62_prime256v1, &EVP_sha512_224, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_NOT_APPROVED},
{NID_X9_62_prime256v1, &EVP_sha512_256, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_NOT_APPROVED},
{NID_X9_62_prime256v1, &EVP_sha3_224, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_NOT_APPROVED},
{NID_X9_62_prime256v1, &EVP_sha3_256, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_NOT_APPROVED},
{NID_X9_62_prime256v1, &EVP_sha3_384, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_NOT_APPROVED},
{NID_X9_62_prime256v1, &EVP_sha3_512, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_NOT_APPROVED},
{NID_X9_62_prime256v1, &EVP_sha512_224, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},
{NID_X9_62_prime256v1, &EVP_sha512_256, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},
{NID_X9_62_prime256v1, &EVP_sha3_224, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},
{NID_X9_62_prime256v1, &EVP_sha3_256, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},
{NID_X9_62_prime256v1, &EVP_sha3_384, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},
{NID_X9_62_prime256v1, &EVP_sha3_512, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},

{NID_secp384r1, &EVP_sha1, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_APPROVED},
Expand All @@ -2507,18 +2505,18 @@ static const struct ECDSATestVector kECDSATestVectors[] = {
AWSLC_APPROVED},
{NID_secp384r1, &EVP_sha512, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},
{NID_secp384r1, &EVP_sha512_224, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_NOT_APPROVED},
{NID_secp384r1, &EVP_sha512_256, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_NOT_APPROVED},
{NID_secp384r1, &EVP_sha3_224, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_NOT_APPROVED},
{NID_secp384r1, &EVP_sha3_256, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_NOT_APPROVED},
{NID_secp384r1, &EVP_sha3_384, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_NOT_APPROVED},
{NID_secp384r1, &EVP_sha3_512, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_NOT_APPROVED},
{NID_secp384r1, &EVP_sha512_224, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},
{NID_secp384r1, &EVP_sha512_256, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},
{NID_secp384r1, &EVP_sha3_224, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},
{NID_secp384r1, &EVP_sha3_256, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},
{NID_secp384r1, &EVP_sha3_384, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},
{NID_secp384r1, &EVP_sha3_512, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},

{NID_secp521r1, &EVP_sha1, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_APPROVED},
Expand All @@ -2530,18 +2528,18 @@ static const struct ECDSATestVector kECDSATestVectors[] = {
AWSLC_APPROVED},
{NID_secp521r1, &EVP_sha512, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},
{NID_secp521r1, &EVP_sha512_224, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_NOT_APPROVED},
{NID_secp521r1, &EVP_sha512_256, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_NOT_APPROVED},
{NID_secp521r1, &EVP_sha3_224, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_NOT_APPROVED},
{NID_secp521r1, &EVP_sha3_256, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_NOT_APPROVED},
{NID_secp521r1, &EVP_sha3_384, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_NOT_APPROVED},
{NID_secp521r1, &EVP_sha3_512, AWSLC_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_NOT_APPROVED},
{NID_secp521r1, &EVP_sha512_224, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},
{NID_secp521r1, &EVP_sha512_256, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},
{NID_secp521r1, &EVP_sha3_224, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},
{NID_secp521r1, &EVP_sha3_256, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},
{NID_secp521r1, &EVP_sha3_384, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},
{NID_secp521r1, &EVP_sha3_512, AWSLC_APPROVED, AWSLC_APPROVED,
AWSLC_APPROVED},

{NID_secp256k1, &EVP_sha1, AWSLC_NOT_APPROVED, AWSLC_NOT_APPROVED,
AWSLC_NOT_APPROVED},
Expand Down
12 changes: 6 additions & 6 deletions crypto/fipsmodule/sha/sha3.c
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ uint8_t *SHA3_224(const uint8_t *data, size_t len,
uint8_t out[SHA3_224_DIGEST_LENGTH]) {
FIPS_service_indicator_lock_state();
KECCAK1600_CTX ctx;
int ok = (SHA3_Init(&ctx, SHA3_PAD_CHAR, SHA3_224_DIGEST_BITLENGTH) &&
int ok = (SHA3_Init(&ctx, SHA3_PAD_CHAR, SHA3_224_DIGEST_BITLENGTH) &&
SHA3_Update(&ctx, data, len) &&
SHA3_Final(out, &ctx));

Expand All @@ -32,7 +32,7 @@ uint8_t *SHA3_256(const uint8_t *data, size_t len,
uint8_t out[SHA3_256_DIGEST_LENGTH]) {
FIPS_service_indicator_lock_state();
KECCAK1600_CTX ctx;
int ok = (SHA3_Init(&ctx, SHA3_PAD_CHAR, SHA3_256_DIGEST_BITLENGTH) &&
int ok = (SHA3_Init(&ctx, SHA3_PAD_CHAR, SHA3_256_DIGEST_BITLENGTH) &&
SHA3_Update(&ctx, data, len) &&
SHA3_Final(out, &ctx));

Expand All @@ -49,7 +49,7 @@ uint8_t *SHA3_384(const uint8_t *data, size_t len,
uint8_t out[SHA3_384_DIGEST_LENGTH]) {
FIPS_service_indicator_lock_state();
KECCAK1600_CTX ctx;
int ok = (SHA3_Init(&ctx, SHA3_PAD_CHAR, SHA3_384_DIGEST_BITLENGTH) &&
int ok = (SHA3_Init(&ctx, SHA3_PAD_CHAR, SHA3_384_DIGEST_BITLENGTH) &&
SHA3_Update(&ctx, data, len) &&
SHA3_Final(out, &ctx));

Expand All @@ -66,7 +66,7 @@ uint8_t *SHA3_512(const uint8_t *data, size_t len,
uint8_t out[SHA3_512_DIGEST_LENGTH]) {
FIPS_service_indicator_lock_state();
KECCAK1600_CTX ctx;
int ok = (SHA3_Init(&ctx, SHA3_PAD_CHAR, SHA3_512_DIGEST_BITLENGTH) &&
int ok = (SHA3_Init(&ctx, SHA3_PAD_CHAR, SHA3_512_DIGEST_BITLENGTH) &&
SHA3_Update(&ctx, data, len) &&
SHA3_Final(out, &ctx));

Expand Down Expand Up @@ -144,7 +144,7 @@ int SHA3_Init(KECCAK1600_CTX *ctx, uint8_t pad, size_t bit_len) {
} else {
return 0;
}

if (block_size <= sizeof(ctx->buf)) {
SHA3_Reset(ctx);
ctx->block_size = block_size;
Expand All @@ -166,7 +166,7 @@ int SHA3_Update(KECCAK1600_CTX *ctx, const void *data, size_t len) {

// Process intermediate buffer.
num = ctx->buf_load;
if (num != 0) {
if (num != 0) {
rem = block_size - num;
if (len < rem) {
memcpy(ctx->buf + num, data_ptr_copy, len);
Expand Down

0 comments on commit b041f9a

Please sign in to comment.