63 lines
1.7 KiB
C
63 lines
1.7 KiB
C
#ifndef H_FIPS
|
|
#define H_FIPS
|
|
|
|
#include <openssl/rsa.h>
|
|
#include <openssl/pem.h>
|
|
#include <openssl/bn.h>
|
|
#include <openssl/err.h>
|
|
#include <math.h>
|
|
#include "audit.h"
|
|
|
|
#define TYPE_RSA 0x01
|
|
#define TYPE_X509 0x02
|
|
|
|
#define RSA_FORMAT_PKCS1 0x1
|
|
#define RSA_FORMAT_SPKI 0x2
|
|
|
|
#define BUF_SIZE_RESULT 256
|
|
|
|
#define ALGO_RSA 0x01
|
|
#define ALGO_EC 0x02
|
|
|
|
struct audit_fips{
|
|
struct st_audit audit_keysize;
|
|
struct st_audit audit_exponent;
|
|
};
|
|
|
|
struct rsa{
|
|
RSA *rsa;
|
|
BIO *bio;
|
|
#if OPENSSL_VERSION_NUMBER > 0x03000000f
|
|
EVP_PKEY *evp;
|
|
#endif
|
|
};
|
|
|
|
struct keyinfo{
|
|
int keysize;
|
|
unsigned long exponent;
|
|
int format;
|
|
char *key;
|
|
int algo;
|
|
};
|
|
|
|
int fips(const char *, struct audit_fips *, struct keyinfo *, const int, const int, const int);
|
|
/* RSA */
|
|
static int fips_pubkey_rsa(struct audit_fips *, struct keyinfo *, const char *, const int);
|
|
static int fips_privkey_rsa(struct audit_fips *, struct keyinfo *, const char *, const int);
|
|
static int loadkeys_rsa_v1(struct rsa **, const char *, int *format);
|
|
static int loadkeys_rsa_v3(struct rsa **, const char *, int *format);
|
|
static int load_priv_rsa_keys_v1(struct rsa **, const char *);
|
|
static int load_priv_rsa_keys_v3(struct rsa **, const char *);
|
|
static void audit_rsa_keys(struct rsa *, struct audit_fips *, struct keyinfo *, const char *);
|
|
|
|
/* X509 */
|
|
static int fips_x509_v1(struct audit_fips *, struct keyinfo *, const char *, const int);
|
|
static int fips_x509_v3(struct audit_fips *, struct keyinfo *, const char *, const int);
|
|
|
|
static int check_exponent(const BIGNUM *, char *, unsigned long *);
|
|
static void clean_rsa_st(struct rsa *);
|
|
static int openssl_version();
|
|
static void print_error();
|
|
|
|
#endif
|