Mercurial > illumos > illumos-gate

changeset 13024:c176c071a066

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
6972233 Panic is seen when fips-140 mode is enabled and rebooted
author Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
date Wed, 04 Aug 2010 11:39:52 -0700
parents dc5824d1233f
children 3c7681e3e323
files usr/src/common/crypto/fips/fips_dsa_util.c usr/src/uts/common/crypto/core/kcf.c
diffstat 2 files changed, 22 insertions(+), 23 deletions(-) [+]
line wrap: on
line diff
--- a/usr/src/common/crypto/fips/fips_dsa_util.c	Wed Aug 04 10:44:20 2010 -0600
+++ b/usr/src/common/crypto/fips/fips_dsa_util.c	Wed Aug 04 11:39:52 2010 -0700
@@ -93,9 +93,13 @@
 /*
  * DSA Known Random Values (known random key block is 160-bits)
  * and (known random signature block is 160-bits).
+ * Note: known random key block must be numerically smaller than
+ * dsa_Q even after bignum_random() turns on the MSB.
  */
 static uint8_t dsa_known_random_key_block[] = {
-	"This is DSA RNG key!"
+	0x91, 0x22, 0x59, 0xdf, 0xe5, 0xec, 0x4c, 0x6e,
+	0xf9, 0x43, 0xf0, 0x4b, 0x2d, 0x50, 0x51, 0xc6,
+	0x91, 0x99, 0x8b, 0xcf
 };
 
 static uint8_t dsa_known_random_signature_block[] = {
@@ -160,19 +164,13 @@
 	if (sha1_context == NULL)
 		return (CKR_HOST_MEMORY);
 
+	/* hash the message: context is freed by the function */
 	rv = fips_sha1_hash(sha1_context, in, inlen, sha1_computed_digest);
 	if (rv != CKR_OK)
-		goto clean1;
-
-	rv = dsa_sign(bkey, sha1_computed_digest, FIPS_DSA_DIGEST_LENGTH, out);
+		return (rv);
 
-clean1:
-#ifdef _KERNEL
-	kmem_free(sha1_context, sizeof (SHA1_CTX));
-#else
-	free(sha1_context);
-#endif
-	return (rv);
+	return (dsa_sign(bkey, sha1_computed_digest,
+	    FIPS_DSA_DIGEST_LENGTH, out));
 }
 
 int
@@ -186,20 +184,13 @@
 	if (sha1_context == NULL)
 		return (CKR_HOST_MEMORY);
 
+	/* hash the message: context is freed by the function */
 	rv = fips_sha1_hash(sha1_context, data, FIPS_DSA_DIGEST_LENGTH,
 	    sha1_computed_digest);
 	if (rv != CKR_OK)
-		goto clean1;
-
-	rv = dsa_verify(bkey, sha1_computed_digest, sig);
+		return (rv);
 
-clean1:
-#ifdef _KERNEL
-	kmem_free(sha1_context, sizeof (SHA1_CTX));
-#else
-	free(sha1_context);
-#endif
-	return (rv);
+	return (dsa_verify(bkey, sha1_computed_digest, sig));
 }
 
 /*
@@ -211,6 +202,8 @@
 	DSAbytekey dsa_params;
 	CK_RV rv;
 	uint8_t dsa_computed_signature[FIPS_DSA_SIGNATURE_LENGTH];
+	uint8_t pubvalue[FIPS_DSA_PRIME_LENGTH];
+	uint8_t	privalue[FIPS_DSA_SUBPRIME_LENGTH];
 
 	/*
 	 * Generate a DSA public/private key pair.
@@ -222,6 +215,12 @@
 	dsa_params.base = dsa_G;
 	dsa_params.base_bytes = FIPS_DSA_BASE_LENGTH;
 
+	/* Output from DSA key pair generation */
+	dsa_params.private_x = privalue;
+	dsa_params.private_x_bits = CRYPTO_BYTES2BITS(sizeof (privalue));
+	dsa_params.public_y = pubvalue;
+	dsa_params.public_y_bits = CRYPTO_BYTES2BITS(sizeof (pubvalue));
+
 	dsa_params.rfunc = fips_dsa_random_func;
 
 	rv = fips_dsa_genkey_pair(&dsa_params);
--- a/usr/src/uts/common/crypto/core/kcf.c	Wed Aug 04 10:44:20 2010 -0600
+++ b/usr/src/uts/common/crypto/core/kcf.c	Wed Aug 04 11:39:52 2010 -0700
@@ -247,7 +247,7 @@
 {
 	door_arg_t darg;
 	door_handle_t ldh;
-	kcf_door_arg_t *kda = { 0 }, *rkda;
+	kcf_door_arg_t *kda = { 0 }, *rkda = NULL;
 	int ret = 0;
 
 	KCF_FRMWRK_DEBUG(1, ("Starting IC check"));
@@ -294,7 +294,7 @@
 	KCF_FRMWRK_DEBUG(1, ("Integrity Check succeeds.\n"));
 
 exit:
-	if (rkda != kda)
+	if ((rkda != NULL) && (rkda != kda))
 		kmem_free(rkda, darg.rsize);
 
 	kmem_free(kda, sizeof (kcf_door_arg_t));