345502 RNG power up selftest r=wtc

git-svn-id: svn://10.0.0.236/trunk@203488 18797224-902f-48f8-a5cc-f745e15eee43

mozilla/security/nss/lib/softoken/fipstest.c

@@ -36,7 +36,7 @@
  * the terms of any one of the MPL, the GPL or the LGPL.
  *
  * ***** END LICENSE BLOCK ***** */
-/* $Id: fipstest.c,v 1.15 2006-05-08 18:20:28 wtchang%redhat.com Exp $ */
+/* $Id: fipstest.c,v 1.16 2006-07-24 03:54:09 glen.beasley%sun.com Exp $ */
 
 #include "softoken.h"   /* Required for RC2-ECB, RC2-CBC, RC4, DES-ECB,  */
                         /*              DES-CBC, DES3-ECB, DES3-CBC, RSA */
@@ -1767,6 +1767,69 @@ sftk_fips_DSA_PowerUpSelfTest( void )
 
 }
 
+static CK_RV
+sftk_fips_RNG_PowerUpSelfTest( void )
+{
+   PRUint8 XKey[] = {0x8d,0xf2,0xa4,0x94,0x49,0x22,0x76,0xaa,
+                     0x3d,0x25,0x75,0x9b,0xb0,0x68,0x69,0xcb,
+                     0xea,0xc0,0xd8,0x3a,0xfb,0x8d,0x0c,0xf7,
+                     0xcb,0xb8,0x32,0x4f,0x0d,0x78,0x82,0xe5,
+                     0xd0,0x76,0x2f,0xc5,0xb7,0x21,0x0e,0xaf,
+                     0xc2,0xe9,0xad,0xac,0x32,0xab,0x7a,0xac,
+                     0x49,0x69,0x3d,0xfb,0xf8,0x37,0x24,0xc2,
+                     0xec,0x07,0x36,0xee,0x31,0xc8,0x02,0x91};
+   static const PRUint8 XSeed[] = {
+                     0xea,0xc0,0xd8,0x3a,0xfb,0x8d,0x0c,0xf7,
+                     0xcb,0xb8,0x32,0x4f,0x0d,0x78,0x82,0xe5,
+                     0xd0,0x76,0x2f,0xc5,0xb7,0x21,0x0e,0xaf,
+                     0xc2,0xe9,0xad,0xac,0x32,0xab,0x7a,0xac,
+                     0x8d,0xf2,0xa4,0x94,0x49,0x22,0x76,0xaa,
+                     0x3d,0x25,0x75,0x9b,0xb0,0x68,0x69,0xcb,
+                     0x49,0x69,0x3d,0xfb,0xf8,0x37,0x24,0xc2,
+                     0xec,0x07,0x36,0xee,0x31,0xc8,0x02,0x91};
+   static const PRUint8 Q[] = {   0x85,0x89,0x9c,0x77,0xa3,0x79,0xff,0x1a,
+                     0x86,0x6f,0x2f,0x3e,0x2e,0xf9,0x8c,0x9c,
+                     0x9d,0xef,0xeb,0xed};
+   static const PRUint8 rng_known_GENX[] = {
+                     0x65,0x48,0xe3,0xca,0xac,0x64,0x2d,0xf7,
+                     0x7b,0xd3,0x4e,0x79,0xc9,0x7d,0xa6,0xa8,
+                     0xa2,0xc2,0x1f,0x8f,0xe9,0xb9,0xd3,0xa1,
+                     0x3f,0xf7,0x0c,0xcd,0xa6,0xca,0xbf,0xce,
+                     0x84,0x0e,0xb6,0xf1,0x0d,0xbe,0xa9,0xa3};
+   static const PRUint8 rng_known_DSAX[] = {
+                     0x7a,0x86,0xf1,0x7f,0xbd,0x4e,0x6e,0xd9,
+                     0x0a,0x26,0x21,0xd0,0x19,0xcb,0x86,0x73,
+                     0x10,0x1f,0x60,0xd7,0x65,0x48,0xe3,0xca};
+
+   SECStatus rng_status = SECSuccess;
+   PRUint8 GENX[2*SHA1_LENGTH];
+   PRUint8 DSAX[DSA_SUBPRIME_LEN];
+
+   /*******************************************/
+   /* Generate X with a known seed.           */
+   /*******************************************/
+   rng_status = FIPS186Change_GenerateX(XKey, XSeed, GENX);
+
+   /* Verify GENX to perform the RNG integrity check */
+   if( ( rng_status != SECSuccess ) ||
+       ( PORT_Memcmp( GENX, rng_known_GENX,
+                      (2*SHA1_LENGTH) ) != 0 ) )
+       return( CKR_DEVICE_ERROR );
+
+   /*******************************************/
+   /* Generate DSAX fow given Q.              */
+   /*******************************************/
+
+   rng_status = FIPS186Change_ReduceModQForDSA(GENX, Q, DSAX);
+
+   /* Verify DSAX to perform the RNG integrity check */
+   if( ( rng_status != SECSuccess ) ||
+       ( PORT_Memcmp( DSAX, rng_known_DSAX,
+                      (DSA_SUBPRIME_LEN) ) != 0 ) )
+       return( CKR_DEVICE_ERROR );
+       
+   return( CKR_OK ); 
+}
 
 CK_RV
 sftk_fipsPowerUpSelfTest( void )
@@ -1850,6 +1913,12 @@ sftk_fipsPowerUpSelfTest( void )
 
     if( rv != CKR_OK )
         return rv;
+
+    /* RNG Power-Up SelfTest(s). */
+    rv = sftk_fips_RNG_PowerUpSelfTest();
+
+    if( rv != CKR_OK )
+        return rv;
     
 #ifdef NSS_ENABLE_ECC
     /* ECDSA Power-Up SelfTest(s). */