search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
K2.6 patches and update.
[tomato.git] / release / src / router / cyassl / ctaocrypt / test / test.c
blob50fecd38c4292684b90f0303ead90355c8e2ffc0
1 /* test.c */
2
3
4 #include <string.h>
5 #include <stdio.h>
6 #include <stdlib.h>
7
8 #include "ctc_md5.h"
9 #include "ctc_md4.h"
10 #include "ctc_sha.h"
11 #include "sha256.h"
12 #include "sha512.h"
13 #include "arc4.h"
14 #include "random.h"
15 #include "coding.h"
16 #include "asn.h"
17 #include "des3.h"
18 #include "ctc_aes.h"
19 #include "ctc_hmac.h"
20 #include "ctc_dh.h"
21 #include "ctc_dsa.h"
22 #include "hc128.h"
23 #include "rabbit.h"
24 #include "pwdbased.h"
25 #include "ctc_ripemd.h"
26 #ifdef HAVE_ECC
27 #include "ctc_ecc.h"
28 #endif
29
30 #ifdef _MSC_VER
31 /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
32 #pragma warning(disable: 4996)
33 #endif
34
35 #ifdef OPENSSL_EXTRA
36 #include "evp.h"
37 #include "rand.h"
38 #include "hmac.h"
39 #include "des.h"
40 #endif
41
42 #ifdef HAVE_NTRU
43 #include "crypto_ntru.h"
44 #endif
45
46
47 #ifdef THREADX
48 /* since just testing, use THREADX log printf instead */
49 int dc_log_printf(char*, ...);
50 #undef printf
51 #define printf dc_log_printf
52 #endif
53
54
55 typedef struct testVector {
56 char* input;
57 char* output;
58 size_t inLen;
59 size_t outLen;
60 } testVector;
61
62 int md5_test();
63 int md4_test();
64 int sha_test();
65 int sha256_test();
66 int sha512_test();
67 int hmac_test();
68 int arc4_test();
69 int hc128_test();
70 int rabbit_test();
71 int des_test();
72 int des3_test();
73 int aes_test();
74 int rsa_test();
75 int dh_test();
76 int dsa_test();
77 int random_test();
78 int pwdbased_test();
79 int ripemd_test();
80 int openssl_test(); /* test mini api */
81 #ifdef HAVE_ECC
82 int ecc_test();
83 #endif
84
85 int PemToDer(const char* inName, const char* outName);
86
87
88 void err_sys(const char* msg, int es)
89 {
90 printf("%s error = %d\n", msg, es);
91 #ifndef THREADX
92 exit(es);
93 #endif
94 }
95
96 /* func_args from cyassl_test.h, so don't have to pull in other junk */
97 typedef struct func_args {
98 int argc;
99 char** argv;
100 int return_code;
101 } func_args;
102
103
104 void ctaocrypt_test(void* args)
105 {
106 int ret = 0;
107
108 ((func_args*)args)->return_code = -1; /* error state */
109
110 if ( (ret = md5_test()) )
111 err_sys("MD5 test failed!\n", ret);
112 else
113 printf( "MD5 test passed!\n");
114
115 #ifndef NO_MD4
116 if ( (ret = md4_test()) )
117 err_sys("MD4 test failed!\n", ret);
118 else
119 printf( "MD4 test passed!\n");
120 #endif
121
122 if ( (ret = sha_test()) )
123 err_sys("SHA test failed!\n", ret);
124 else
125 printf( "SHA test passed!\n");
126
127 #ifndef NO_SHA256
128 if ( (ret = sha256_test()) )
129 err_sys("SHA-256 test failed!\n", ret);
130 else
131 printf( "SHA-256 test passed!\n");
132 #endif
133
134 #ifdef CYASSL_SHA512
135 if ( (ret = sha512_test()) )
136 err_sys("SHA-512 test failed!\n", ret);
137 else
138 printf( "SHA-512 test passed!\n");
139 #endif
140
141 #ifdef CYASSL_RIPEMD
142 if ( (ret = ripemd_test()) )
143 err_sys("RIPEMD test failed!\n", ret);
144 else
145 printf( "RIPEMD test passed!\n");
146 #endif
147
148 #ifndef NO_HMAC
149 if ( (ret = hmac_test()) )
150 err_sys("HMAC test failed!\n", ret);
151 else
152 printf( "HMAC test passed!\n");
153 #endif
154
155 if ( (ret = arc4_test()) )
156 err_sys("ARC4 test failed!\n", ret);
157 else
158 printf( "ARC4 test passed!\n");
159
160 #ifndef NO_HC128
161 if ( (ret = hc128_test()) )
162 err_sys("HC-128 test failed!\n", ret);
163 else
164 printf( "HC-128 test passed!\n");
165 #endif
166
167 #ifndef NO_RABBIT
168 if ( (ret = rabbit_test()) )
169 err_sys("Rabbit test failed!\n", ret);
170 else
171 printf( "Rabbit test passed!\n");
172 #endif
173
174 #ifndef NO_DES3
175 if ( (ret = des_test()) )
176 err_sys("DES test failed!\n", ret);
177 else
178 printf( "DES test passed!\n");
179 #endif
180
181 #ifndef NO_DES3
182 if ( (ret = des3_test()) )
183 err_sys("DES3 test failed!\n", ret);
184 else
185 printf( "DES3 test passed!\n");
186 #endif
187
188 #ifndef NO_AES
189 if ( (ret = aes_test()) )
190 err_sys("AES test failed!\n", ret);
191 else
192 printf( "AES test passed!\n");
193 #endif
194
195 if ( (ret = random_test()) )
196 err_sys("RANDOM test failed!\n", ret);
197 else
198 printf( "RANDOM test passed!\n");
199
200 if ( (ret = rsa_test()) )
201 err_sys("RSA test failed!\n", ret);
202 else
203 printf( "RSA test passed!\n");
204
205 #ifndef NO_DH
206 if ( (ret = dh_test()) )
207 err_sys("DH test failed!\n", ret);
208 else
209 printf( "DH test passed!\n");
210 #endif
211
212 #ifndef NO_DSA
213 if ( (ret = dsa_test()) )
214 err_sys("DSA test failed!\n", ret);
215 else
216 printf( "DSA test passed!\n");
217 #endif
218
219 #ifndef NO_PWDBASED
220 if ( (ret = pwdbased_test()) )
221 err_sys("PWDBASED test failed!\n", ret);
222 else
223 printf( "PWDBASED test passed!\n");
224 #endif
225
226 #ifdef OPENSSL_EXTRA
227 if ( (ret = openssl_test()) )
228 err_sys("OPENSSL test failed!\n", ret);
229 else
230 printf( "OPENSSL test passed!\n");
231 #endif
232
233 #ifdef HAVE_ECC
234 if ( (ret = ecc_test()) )
235 err_sys("ECC test failed!\n", ret);
236 else
237 printf( "ECC test passed!\n");
238 #endif
239
240 ((func_args*)args)->return_code = ret;
241 }
242
243
244 /* so overall tests can pull in test function */
245 #ifndef NO_MAIN_DRIVER
246
247 int main(int argc, char** argv)
248 {
249 func_args args;
250
251 args.argc = argc;
252 args.argv = argv;
253
254 ctaocrypt_test(&args);
255 return args.return_code;
256 }
257
258 #endif /* NO_MAIN_DRIVER */
259
260
261 int md5_test()
262 {
263 Md5 md5;
264 byte hash[MD5_DIGEST_SIZE];
265
266 testVector a, b, c, d, e;
267 testVector test_md5[5];
268 int times = sizeof(test_md5) / sizeof(testVector), i;
269
270 a.input = "abc";
271 a.output = "\x90\x01\x50\x98\x3c\xd2\x4f\xb0\xd6\x96\x3f\x7d\x28\xe1\x7f"
272 "\x72";
273 a.inLen = strlen(a.input);
274 a.outLen = strlen(a.output);
275
276 b.input = "message digest";
277 b.output = "\xf9\x6b\x69\x7d\x7c\xb7\x93\x8d\x52\x5a\x2f\x31\xaa\xf1\x61"
278 "\xd0";
279 b.inLen = strlen(b.input);
280 b.outLen = strlen(b.output);
281
282 c.input = "abcdefghijklmnopqrstuvwxyz";
283 c.output = "\xc3\xfc\xd3\xd7\x61\x92\xe4\x00\x7d\xfb\x49\x6c\xca\x67\xe1"
284 "\x3b";
285 c.inLen = strlen(c.input);
286 c.outLen = strlen(c.output);
287
288 d.input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345"
289 "6789";
290 d.output = "\xd1\x74\xab\x98\xd2\x77\xd9\xf5\xa5\x61\x1c\x2c\x9f\x41\x9d"
291 "\x9f";
292 d.inLen = strlen(d.input);
293 d.outLen = strlen(d.output);
294
295 e.input = "1234567890123456789012345678901234567890123456789012345678"
296 "9012345678901234567890";
297 e.output = "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6"
298 "\x7a";
299 e.inLen = strlen(e.input);
300 e.outLen = strlen(e.output);
301
302 test_md5[0] = a;
303 test_md5[1] = b;
304 test_md5[2] = c;
305 test_md5[3] = d;
306 test_md5[4] = e;
307
308 InitMd5(&md5);
309
310 for (i = 0; i < times; ++i) {
311 Md5Update(&md5, (byte*)test_md5[i].input, (word32)test_md5[i].inLen);
312 Md5Final(&md5, hash);
313
314 if (memcmp(hash, test_md5[i].output, MD5_DIGEST_SIZE) != 0)
315 return -5 - i;
316 }
317
318 return 0;
319 }
320
321
322 #ifndef NO_MD4
323
324 int md4_test()
325 {
326 Md4 md4;
327 byte hash[MD4_DIGEST_SIZE];
328
329 testVector a, b, c, d, e, f, g;
330 testVector test_md4[7];
331 int times = sizeof(test_md4) / sizeof(testVector), i;
332
333 a.input = "";
334 a.output = "\x31\xd6\xcf\xe0\xd1\x6a\xe9\x31\xb7\x3c\x59\xd7\xe0\xc0\x89"
335 "\xc0";
336 a.inLen = strlen(a.input);
337 a.outLen = strlen(a.output);
338
339 b.input = "a";
340 b.output = "\xbd\xe5\x2c\xb3\x1d\xe3\x3e\x46\x24\x5e\x05\xfb\xdb\xd6\xfb"
341 "\x24";
342 b.inLen = strlen(b.input);
343 b.outLen = strlen(b.output);
344
345 c.input = "abc";
346 c.output = "\xa4\x48\x01\x7a\xaf\x21\xd8\x52\x5f\xc1\x0a\xe8\x7a\xa6\x72"
347 "\x9d";
348 c.inLen = strlen(c.input);
349 c.outLen = strlen(c.output);
350
351 d.input = "message digest";
352 d.output = "\xd9\x13\x0a\x81\x64\x54\x9f\xe8\x18\x87\x48\x06\xe1\xc7\x01"
353 "\x4b";
354 d.inLen = strlen(d.input);
355 d.outLen = strlen(d.output);
356
357 e.input = "abcdefghijklmnopqrstuvwxyz";
358 e.output = "\xd7\x9e\x1c\x30\x8a\xa5\xbb\xcd\xee\xa8\xed\x63\xdf\x41\x2d"
359 "\xa9";
360 e.inLen = strlen(e.input);
361 e.outLen = strlen(e.output);
362
363 f.input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345"
364 "6789";
365 f.output = "\x04\x3f\x85\x82\xf2\x41\xdb\x35\x1c\xe6\x27\xe1\x53\xe7\xf0"
366 "\xe4";
367 f.inLen = strlen(f.input);
368 f.outLen = strlen(f.output);
369
370 g.input = "1234567890123456789012345678901234567890123456789012345678"
371 "9012345678901234567890";
372 g.output = "\xe3\x3b\x4d\xdc\x9c\x38\xf2\x19\x9c\x3e\x7b\x16\x4f\xcc\x05"
373 "\x36";
374 g.inLen = strlen(g.input);
375 g.outLen = strlen(g.output);
376
377 test_md4[0] = a;
378 test_md4[1] = b;
379 test_md4[2] = c;
380 test_md4[3] = d;
381 test_md4[4] = e;
382 test_md4[5] = f;
383 test_md4[6] = g;
384
385 InitMd4(&md4);
386
387 for (i = 0; i < times; ++i) {
388 Md4Update(&md4, (byte*)test_md4[i].input, (word32)test_md4[i].inLen);
389 Md4Final(&md4, hash);
390
391 if (memcmp(hash, test_md4[i].output, MD4_DIGEST_SIZE) != 0)
392 return -205 - i;
393 }
394
395 return 0;
396 }
397
398 #endif /* NO_MD4 */
399
400 int sha_test()
401 {
402 Sha sha;
403 byte hash[SHA_DIGEST_SIZE];
404
405 testVector a, b, c, d;
406 testVector test_sha[4];
407 int times = sizeof(test_sha) / sizeof(struct testVector), i;
408
409 a.input = "abc";
410 a.output = "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2"
411 "\x6C\x9C\xD0\xD8\x9D";
412 a.inLen = strlen(a.input);
413 a.outLen = strlen(a.output);
414
415 b.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
416 b.output = "\x84\x98\x3E\x44\x1C\x3B\xD2\x6E\xBA\xAE\x4A\xA1\xF9\x51\x29"
417 "\xE5\xE5\x46\x70\xF1";
418 b.inLen = strlen(b.input);
419 b.outLen = strlen(b.output);
420
421 c.input = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
422 "aaaaaa";
423 c.output = "\x00\x98\xBA\x82\x4B\x5C\x16\x42\x7B\xD7\xA1\x12\x2A\x5A\x44"
424 "\x2A\x25\xEC\x64\x4D";
425 c.inLen = strlen(c.input);
426 c.outLen = strlen(c.output);
427
428 d.input = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
429 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
430 "aaaaaaaaaa";
431 d.output = "\xAD\x5B\x3F\xDB\xCB\x52\x67\x78\xC2\x83\x9D\x2F\x15\x1E\xA7"
432 "\x53\x99\x5E\x26\xA0";
433 d.inLen = strlen(d.input);
434 d.outLen = strlen(d.output);
435
436 test_sha[0] = a;
437 test_sha[1] = b;
438 test_sha[2] = c;
439 test_sha[3] = d;
440
441 InitSha(&sha);
442
443 for (i = 0; i < times; ++i) {
444 ShaUpdate(&sha, (byte*)test_sha[i].input, (word32)test_sha[i].inLen);
445 ShaFinal(&sha, hash);
446
447 if (memcmp(hash, test_sha[i].output, SHA_DIGEST_SIZE) != 0)
448 return -10 - i;
449 }
450
451 return 0;
452 }
453
454
455 #ifdef CYASSL_RIPEMD
456 int ripemd_test()
457 {
458 RipeMd ripemd;
459 byte hash[RIPEMD_DIGEST_SIZE];
460
461 testVector a, b, c, d;
462 testVector test_ripemd[4];
463 int times = sizeof(test_ripemd) / sizeof(struct testVector), i;
464
465 a.input = "abc";
466 a.output = "\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04\x4a\x8e\x98\xc6"
467 "\xb0\x87\xf1\x5a\x0b\xfc";
468 a.inLen = strlen(a.input);
469 a.outLen = strlen(a.output);
470
471 b.input = "message digest";
472 b.output = "\x5d\x06\x89\xef\x49\xd2\xfa\xe5\x72\xb8\x81\xb1\x23\xa8"
473 "\x5f\xfa\x21\x59\x5f\x36";
474 b.inLen = strlen(b.input);
475 b.outLen = strlen(b.output);
476
477 c.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
478 c.output = "\x12\xa0\x53\x38\x4a\x9c\x0c\x88\xe4\x05\xa0\x6c\x27\xdc"
479 "\xf4\x9a\xda\x62\xeb\x2b";
480 c.inLen = strlen(c.input);
481 c.outLen = strlen(c.output);
482
483 d.input = "12345678901234567890123456789012345678901234567890123456"
484 "789012345678901234567890";
485 d.output = "\x9b\x75\x2e\x45\x57\x3d\x4b\x39\xf4\xdb\xd3\x32\x3c\xab"
486 "\x82\xbf\x63\x32\x6b\xfb";
487 d.inLen = strlen(d.input);
488 d.outLen = strlen(d.output);
489
490 test_ripemd[0] = a;
491 test_ripemd[1] = b;
492 test_ripemd[2] = c;
493 test_ripemd[3] = d;
494
495 InitRipeMd(&ripemd);
496
497 for (i = 0; i < times; ++i) {
498 RipeMdUpdate(&ripemd, (byte*)test_ripemd[i].input,
499 (word32)test_ripemd[i].inLen);
500 RipeMdFinal(&ripemd, hash);
501
502 if (memcmp(hash, test_ripemd[i].output, RIPEMD_DIGEST_SIZE) != 0)
503 return -10 - i;
504 }
505
506 return 0;
507 }
508 #endif /* CYASSL_RIPEMD */
509
510
511 #ifndef NO_SHA256
512 int sha256_test()
513 {
514 Sha256 sha;
515 byte hash[SHA256_DIGEST_SIZE];
516
517 testVector a, b;
518 testVector test_sha[2];
519 int times = sizeof(test_sha) / sizeof(struct testVector), i;
520
521 a.input = "abc";
522 a.output = "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22"
523 "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00"
524 "\x15\xAD";
525 a.inLen = strlen(a.input);
526 a.outLen = strlen(a.output);
527
528 b.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
529 b.output = "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60"
530 "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB"
531 "\x06\xC1";
532 b.inLen = strlen(b.input);
533 b.outLen = strlen(b.output);
534
535 test_sha[0] = a;
536 test_sha[1] = b;
537
538 InitSha256(&sha);
539
540 for (i = 0; i < times; ++i) {
541 Sha256Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen);
542 Sha256Final(&sha, hash);
543
544 if (memcmp(hash, test_sha[i].output, SHA256_DIGEST_SIZE) != 0)
545 return -10 - i;
546 }
547
548 return 0;
549 }
550 #endif
551
552
553 #ifdef CYASSL_SHA512
554 int sha512_test()
555 {
556 Sha512 sha;
557 byte hash[SHA512_DIGEST_SIZE];
558
559 testVector a, b;
560 testVector test_sha[2];
561 int times = sizeof(test_sha) / sizeof(struct testVector), i;
562
563 a.input = "abc";
564 a.output = "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41"
565 "\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b\x55"
566 "\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c\x23\xa3"
567 "\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a\x9a\xc9\x4f"
568 "\xa5\x4c\xa4\x9f";
569 a.inLen = strlen(a.input);
570 a.outLen = strlen(a.output);
571
572 b.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
573 "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
574 b.output = "\x8e\x95\x9b\x75\xda\xe3\x13\xda\x8c\xf4\xf7\x28\x14\xfc\x14"
575 "\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88"
576 "\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4"
577 "\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b"
578 "\x87\x4b\xe9\x09";
579 b.inLen = strlen(b.input);
580 b.outLen = strlen(b.output);
581
582 test_sha[0] = a;
583 test_sha[1] = b;
584
585 InitSha512(&sha);
586
587 for (i = 0; i < times; ++i) {
588 Sha512Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen);
589 Sha512Final(&sha, hash);
590
591 if (memcmp(hash, test_sha[i].output, SHA512_DIGEST_SIZE) != 0)
592 return -10 - i;
593 }
594
595 return 0;
596 }
597 #endif
598
599
600 #ifndef NO_HMAC
601 int hmac_test()
602 {
603 Hmac hmac;
604 byte hash[MD5_DIGEST_SIZE];
605
606 const char* keys[]=
607 {
608 "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b",
609 "Jefe",
610 "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
611 };
612
613 testVector a, b, c;
614 testVector test_hmac[3];
615
616 int times = sizeof(test_hmac) / sizeof(testVector), i;
617
618 a.input = "Hi There";
619 a.output = "\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc"
620 "\x9d";
621 a.inLen = strlen(a.input);
622 a.outLen = strlen(a.output);
623
624 b.input = "what do ya want for nothing?";
625 b.output = "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7"
626 "\x38";
627 b.inLen = strlen(b.input);
628 b.outLen = strlen(b.output);
629
630 c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
631 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
632 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
633 "\xDD\xDD\xDD\xDD\xDD\xDD";
634 c.output = "\x56\xbe\x34\x52\x1d\x14\x4c\x88\xdb\xb8\xc7\x33\xf0\xe8\xb3"
635 "\xf6";
636 c.inLen = strlen(c.input);
637 c.outLen = strlen(c.output);
638
639 test_hmac[0] = a;
640 test_hmac[1] = b;
641 test_hmac[2] = c;
642
643 for (i = 0; i < times; ++i) {
644 HmacSetKey(&hmac, MD5, (byte*)keys[i], (word32)strlen(keys[i]));
645 HmacUpdate(&hmac, (byte*)test_hmac[i].input,
646 (word32)test_hmac[i].inLen);
647 HmacFinal(&hmac, hash);
648
649 if (memcmp(hash, test_hmac[i].output, MD5_DIGEST_SIZE) != 0)
650 return -20 - i;
651 }
652
653 return 0;
654 }
655 #endif
656
657
658 int arc4_test()
659 {
660 byte cipher[16];
661 byte plain[16];
662
663 const char* keys[] =
664 {
665 "\x01\x23\x45\x67\x89\xab\xcd\xef",
666 "\x01\x23\x45\x67\x89\xab\xcd\xef",
667 "\x00\x00\x00\x00\x00\x00\x00\x00",
668 "\xef\x01\x23\x45"
669 };
670
671 testVector a, b, c, d;
672 testVector test_arc4[4];
673
674 int times = sizeof(test_arc4) / sizeof(testVector), i;
675
676 a.input = "\x01\x23\x45\x67\x89\xab\xcd\xef";
677 a.output = "\x75\xb7\x87\x80\x99\xe0\xc5\x96";
678 a.inLen = strlen(a.input);
679 a.outLen = strlen(a.output);
680
681 b.input = "\x00\x00\x00\x00\x00\x00\x00\x00";
682 b.output = "\x74\x94\xc2\xe7\x10\x4b\x08\x79";
683 b.inLen = strlen(b.input);
684 b.outLen = strlen(b.output);
685
686 c.input = "\x00\x00\x00\x00\x00\x00\x00\x00";
687 c.output = "\xde\x18\x89\x41\xa3\x37\x5d\x3a";
688 c.inLen = strlen(c.input);
689 c.outLen = strlen(c.output);
690
691 d.input = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
692 d.output = "\xd6\xa1\x41\xa7\xec\x3c\x38\xdf\xbd\x61";
693 d.inLen = strlen(d.input);
694 d.outLen = strlen(d.output);
695
696 test_arc4[0] = a;
697 test_arc4[1] = b;
698 test_arc4[2] = c;
699 test_arc4[3] = d;
700
701 for (i = 0; i < times; ++i) {
702 Arc4 enc;
703 Arc4 dec;
704
705 Arc4SetKey(&enc, (byte*)keys[i], (word32)strlen(keys[i]));
706 Arc4SetKey(&dec, (byte*)keys[i], (word32)strlen(keys[i]));
707
708 Arc4Process(&enc, cipher, (byte*)test_arc4[i].input,
709 (word32)test_arc4[i].outLen);
710 Arc4Process(&dec, plain, cipher, (word32)test_arc4[i].outLen);
711
712 if (memcmp(plain, test_arc4[i].input, test_arc4[i].outLen))
713 return -20 - i;
714
715 if (memcmp(cipher, test_arc4[i].output, test_arc4[i].outLen))
716 return -20 - 5 - i;
717 }
718
719 return 0;
720 }
721
722
723 #ifndef NO_HC128
724 int hc128_test()
725 {
726 byte cipher[16];
727 byte plain[16];
728
729 const char* keys[] =
730 {
731 "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
732 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
733 "\x00\x53\xA6\xF9\x4C\x9F\xF2\x45\x98\xEB\x3E\x91\xE4\x37\x8A\xDD",
734 "\x0F\x62\xB5\x08\x5B\xAE\x01\x54\xA7\xFA\x4D\xA0\xF3\x46\x99\xEC"
735 };
736
737 const char* ivs[] =
738 {
739 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
740 "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
741 "\x0D\x74\xDB\x42\xA9\x10\x77\xDE\x45\xAC\x13\x7A\xE1\x48\xAF\x16",
742 "\x28\x8F\xF6\x5D\xC4\x2B\x92\xF9\x60\xC7\x2E\x95\xFC\x63\xCA\x31"
743 };
744
745
746 testVector a, b, c, d;
747 testVector test_hc128[4];
748
749 int times = sizeof(test_hc128) / sizeof(testVector), i;
750
751 a.input = "\x00\x00\x00\x00\x00\x00\x00\x00";
752 a.output = "\x37\x86\x02\xB9\x8F\x32\xA7\x48";
753 a.inLen = strlen(a.input);
754 a.outLen = strlen(a.output);
755
756 b.input = "\x00\x00\x00\x00\x00\x00\x00\x00";
757 b.output = "\x33\x7F\x86\x11\xC6\xED\x61\x5F";
758 b.inLen = strlen(b.input);
759 b.outLen = strlen(b.output);
760
761 c.input = "\x00\x00\x00\x00\x00\x00\x00\x00";
762 c.output = "\x2E\x1E\xD1\x2A\x85\x51\xC0\x5A";
763 c.inLen = strlen(c.input);
764 c.outLen = strlen(c.output);
765
766 d.input = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
767 d.output = "\x1C\xD8\xAE\xDD\xFE\x52\xE2\x17\xE8\x35\xD0\xB7\xE8\x4E\x29";
768 d.inLen = strlen(d.input);
769 d.outLen = strlen(d.output);
770
771 test_hc128[0] = a;
772 test_hc128[1] = b;
773 test_hc128[2] = c;
774 test_hc128[3] = d;
775
776 for (i = 0; i < times; ++i) {
777 HC128 enc;
778 HC128 dec;
779
780 Hc128_SetKey(&enc, (byte*)keys[i], (byte*)ivs[i]);
781 Hc128_SetKey(&dec, (byte*)keys[i], (byte*)ivs[i]);
782
783 Hc128_Process(&enc, cipher, (byte*)test_hc128[i].input,
784 (word32)test_hc128[i].outLen);
785 Hc128_Process(&dec, plain, cipher, (word32)test_hc128[i].outLen);
786
787 if (memcmp(plain, test_hc128[i].input, test_hc128[i].outLen))
788 return -120 - i;
789
790 if (memcmp(cipher, test_hc128[i].output, test_hc128[i].outLen))
791 return -120 - 5 - i;
792 }
793
794 return 0;
795 }
796 #endif /* NO_HC128 */
797
798
799 #ifndef NO_RABBIT
800 int rabbit_test()
801 {
802 byte cipher[16];
803 byte plain[16];
804
805 const char* keys[] =
806 {
807 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
808 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
809 "\xAC\xC3\x51\xDC\xF1\x62\xFC\x3B\xFE\x36\x3D\x2E\x29\x13\x28\x91"
810 };
811
812 const char* ivs[] =
813 {
814 "\x00\x00\x00\x00\x00\x00\x00\x00",
815 "\x59\x7E\x26\xC1\x75\xF5\x73\xC3",
816 0
817 };
818
819
820 testVector a, b, c;
821 testVector test_rabbit[3];
822
823 int times = sizeof(test_rabbit) / sizeof(testVector), i;
824
825 a.input = "\x00\x00\x00\x00\x00\x00\x00\x00";
826 a.output = "\xED\xB7\x05\x67\x37\x5D\xCD\x7C";
827 a.inLen = strlen(a.input);
828 a.outLen = strlen(a.output);
829
830 b.input = "\x00\x00\x00\x00\x00\x00\x00\x00";
831 b.output = "\x6D\x7D\x01\x22\x92\xCC\xDC\xE0";
832 b.inLen = strlen(b.input);
833 b.outLen = strlen(b.output);
834
835 c.input = "\x00\x00\x00\x00\x00\x00\x00\x00";
836 c.output = "\x9C\x51\xE2\x87\x84\xC3\x7F\xE9";
837 c.inLen = strlen(c.input);
838 c.outLen = strlen(c.output);
839
840 test_rabbit[0] = a;
841 test_rabbit[1] = b;
842 test_rabbit[2] = c;
843
844 for (i = 0; i < times; ++i) {
845 Rabbit enc;
846 Rabbit dec;
847
848 RabbitSetKey(&enc, (byte*)keys[i], (byte*)ivs[i]);
849 RabbitSetKey(&dec, (byte*)keys[i], (byte*)ivs[i]);
850
851 RabbitProcess(&enc, cipher, (byte*)test_rabbit[i].input,
852 (word32)test_rabbit[i].outLen);
853 RabbitProcess(&dec, plain, cipher, (word32)test_rabbit[i].outLen);
854
855 if (memcmp(plain, test_rabbit[i].input, test_rabbit[i].outLen))
856 return -130 - i;
857
858 if (memcmp(cipher, test_rabbit[i].output, test_rabbit[i].outLen))
859 return -130 - 5 - i;
860 }
861
862 return 0;
863 }
864 #endif /* NO_RABBIT */
865
866
867 #ifndef NO_DES3
868 int des_test()
869 {
870 const byte vector[] = { /* "now is the time for all " w/o trailing 0 */
871 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
872 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
873 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
874 };
875
876 byte plain[24];
877 byte cipher[24];
878
879 Des enc;
880 Des dec;
881
882 const byte key[] =
883 {
884 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef
885 };
886
887 const byte iv[] =
888 {
889 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef
890 };
891
892 const byte verify[] =
893 {
894 0x8b,0x7c,0x52,0xb0,0x01,0x2b,0x6c,0xb8,
895 0x4f,0x0f,0xeb,0xf3,0xfb,0x5f,0x86,0x73,
896 0x15,0x85,0xb3,0x22,0x4b,0x86,0x2b,0x4b
897 };
898
899
900 Des_SetKey(&enc, key, iv, DES_ENCRYPTION);
901 Des_CbcEncrypt(&enc, cipher, vector, sizeof(vector));
902 Des_SetKey(&dec, key, iv, DES_DECRYPTION);
903 Des_CbcDecrypt(&dec, plain, cipher, sizeof(cipher));
904
905 if (memcmp(plain, vector, sizeof(plain)))
906 return -31;
907
908 if (memcmp(cipher, verify, sizeof(cipher)))
909 return -32;
910
911 return 0;
912 }
913 #endif /* NO_DES3 */
914
915
916 #ifndef NO_DES3
917 int des3_test()
918 {
919 const byte vector[] = { /* "Now is the time for all " w/o trailing 0 */
920 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
921 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
922 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
923 };
924
925 byte plain[24];
926 byte cipher[24];
927
928 Des3 enc;
929 Des3 dec;
930
931 const byte key3[] =
932 {
933 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
934 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
935 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
936 };
937 const byte iv3[] =
938 {
939 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
940 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
941 0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
942
943 };
944
945 const byte verify3[] =
946 {
947 0x43,0xa0,0x29,0x7e,0xd1,0x84,0xf8,0x0e,
948 0x89,0x64,0x84,0x32,0x12,0xd5,0x08,0x98,
949 0x18,0x94,0x15,0x74,0x87,0x12,0x7d,0xb0
950 };
951
952
953 Des3_SetKey(&enc, key3, iv3, DES_ENCRYPTION);
954 Des3_CbcEncrypt(&enc, cipher, vector, sizeof(vector));
955 Des3_SetKey(&dec, key3, iv3, DES_DECRYPTION);
956 Des3_CbcDecrypt(&dec, plain, cipher, sizeof(cipher));
957
958 if (memcmp(plain, vector, sizeof(plain)))
959 return -33;
960
961 if (memcmp(cipher, verify3, sizeof(cipher)))
962 return -34;
963
964 return 0;
965 }
966 #endif /* NO_DES */
967
968
969 #ifndef NO_AES
970 int aes_test()
971 {
972 Aes enc;
973 Aes dec;
974
975 const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */
976 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
977 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
978 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
979 };
980
981 const byte verify[] =
982 {
983 0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53,
984 0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb
985 };
986
987 byte key[] = "0123456789abcdef "; /* align */
988 byte iv[] = "1234567890abcdef "; /* align */
989
990 byte cipher[AES_BLOCK_SIZE];
991 byte plain [AES_BLOCK_SIZE];
992
993 AesSetKey(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION);
994 AesSetKey(&dec, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION);
995
996 AesCbcEncrypt(&enc, cipher, msg, AES_BLOCK_SIZE);
997 AesCbcDecrypt(&dec, plain, cipher, AES_BLOCK_SIZE);
998
999 if (memcmp(plain, msg, AES_BLOCK_SIZE))
1000 return -60;
1001
1002 if (memcmp(cipher, verify, AES_BLOCK_SIZE))
1003 return -61;
1004
1005 return 0;
1006 }
1007 #endif /* NO_AES */
1008
1009
1010 int random_test()
1011 {
1012 RNG rng;
1013 byte block[32];
1014 int ret = InitRng(&rng);
1015 if (ret != 0) return -39;
1016
1017 RNG_GenerateBlock(&rng, block, sizeof(block));
1018
1019 return 0;
1020 }
1021
1022
1023 #ifndef NO_MAIN_DRIVER
1024 static const char* clientKey = "../../certs/client-key.der";
1025 static const char* clientCert = "../../certs/client-cert.der";
1026 #ifdef CYASSL_CERT_GEN
1027 static const char* caKeyFile = "../../certs/ca-key.der";
1028 static const char* caCertFile = "../../certs/ca-cert.pem";
1029 #endif
1030 #else
1031 static const char* clientKey = "../certs/client-key.der";
1032 static const char* clientCert = "../certs/client-cert.der";
1033 #ifdef CYASSL_CERT_GEN
1034 static const char* caKeyFile = "../certs/ca-key.der";
1035 static const char* caCertFile = "../certs/ca-cert.pem";
1036 #endif
1037 #endif
1038
1039
1040 #ifdef HAVE_NTRU
1041
1042 static byte GetEntropy(ENTROPY_CMD cmd, byte* out)
1043 {
1044 static RNG rng;
1045
1046 if (cmd == INIT) {
1047 int ret = InitRng(&rng);
1048 if (ret == 0)
1049 return 1;
1050 else
1051 return 0;
1052 }
1053
1054 if (out == NULL)
1055 return 0;
1056
1057 if (cmd == GET_BYTE_OF_ENTROPY) {
1058 RNG_GenerateBlock(&rng, out, 1);
1059 return 1;
1060 }
1061
1062 if (cmd == GET_NUM_BYTES_PER_BYTE_OF_ENTROPY) {
1063 *out = 1;
1064 return 1;
1065 }
1066
1067 return 0;
1068 }
1069
1070 #endif /* HAVE_NTRU */
1071
1072 int rsa_test()
1073 {
1074 byte tmp[2048], tmp2[2048];
1075 size_t bytes, bytes2;
1076 RsaKey key;
1077 RNG rng;
1078 word32 idx = 0;
1079 int ret;
1080 byte in[] = "Everyone gets Friday off.";
1081 word32 inLen = (word32)strlen((char*)in);
1082 byte out[256];
1083 byte plain[256];
1084 DecodedCert cert;
1085
1086 FILE* file = fopen(clientKey, "rb"), * file2;
1087
1088 if (!file)
1089 return -40;
1090
1091 bytes = fread(tmp, 1, sizeof(tmp), file);
1092
1093 InitRsaKey(&key, 0);
1094 ret = RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes);
1095 if (ret != 0) return -41;
1096
1097 ret = InitRng(&rng);
1098 if (ret != 0) return -42;
1099
1100 ret = RsaPublicEncrypt(in, inLen, out, sizeof(out), &key, &rng);
1101
1102 ret = RsaPrivateDecrypt(out, ret, plain, sizeof(plain), &key);
1103
1104 if (memcmp(plain, in, inLen)) return -45;
1105
1106 ret = RsaSSL_Sign(in, inLen, out, sizeof(out), &key, &rng);
1107 memset(plain, 0, sizeof(plain));
1108 ret = RsaSSL_Verify(out, ret, plain, sizeof(plain), &key);
1109
1110 if (memcmp(plain, in, ret)) return -46;
1111
1112 file2 = fopen(clientCert, "rb");
1113 if (!file2)
1114 return -47;
1115
1116 bytes2 = fread(tmp2, 1, sizeof(tmp2), file2);
1117
1118 InitDecodedCert(&cert, (byte*)&tmp2, 0);
1119
1120 ret = ParseCert(&cert, (word32)bytes2, CERT_TYPE, NO_VERIFY, 0);
1121 if (ret != 0) return -48;
1122
1123 FreeDecodedCert(&cert);
1124
1125 fclose(file2);
1126 fclose(file);
1127
1128 #ifdef CYASSL_KEY_GEN
1129 {
1130 byte der[4096];
1131 byte pem[4096];
1132 word32 derSz = 0;
1133 word32 pemSz = 0;
1134 RsaKey derIn;
1135 RsaKey genKey;
1136 FILE* keyFile;
1137 FILE* pemFile;
1138
1139 InitRsaKey(&genKey, 0);
1140 ret = MakeRsaKey(&genKey, 1024, 65537, &rng);
1141 if (ret != 0)
1142 return -301;
1143
1144 derSz = RsaKeyToDer(&genKey, der, sizeof(der));
1145 if (derSz < 0)
1146 return -302;
1147
1148 keyFile = fopen("./ker.der", "wb");
1149 if (!keyFile)
1150 return -303;
1151 ret = fwrite(der, derSz, 1, keyFile);
1152 fclose(keyFile);
1153
1154 pemSz = DerToPem(der, derSz, pem, sizeof(pem), PRIVATEKEY_TYPE);
1155 if (pemSz < 0)
1156 return -304;
1157
1158 pemFile = fopen("./key.pem", "wb");
1159 if (!pemFile)
1160 return -305;
1161 ret = fwrite(pem, pemSz, 1, pemFile);
1162 fclose(pemFile);
1163
1164 InitRsaKey(&derIn, 0);
1165 idx = 0;
1166 ret = RsaPrivateKeyDecode(der, &idx, &derIn, derSz);
1167 if (ret != 0)
1168 return -306;
1169
1170 FreeRsaKey(&derIn);
1171 FreeRsaKey(&genKey);
1172 }
1173 #endif /* CYASSL_KEY_GEN */
1174
1175
1176 #ifdef CYASSL_CERT_GEN
1177 /* self signed */
1178 {
1179 Cert myCert;
1180 byte derCert[4096];
1181 byte pem[4096];
1182 DecodedCert decode;
1183 FILE* derFile;
1184 FILE* pemFile;
1185 int certSz;
1186 int pemSz;
1187
1188 InitCert(&myCert);
1189
1190 strncpy(myCert.subject.country, "US", NAME_SIZE);
1191 strncpy(myCert.subject.state, "OR", NAME_SIZE);
1192 strncpy(myCert.subject.locality, "Portland", NAME_SIZE);
1193 strncpy(myCert.subject.org, "yaSSL", NAME_SIZE);
1194 strncpy(myCert.subject.unit, "Development", NAME_SIZE);
1195 strncpy(myCert.subject.commonName, "www.yassl.com", NAME_SIZE);
1196 strncpy(myCert.subject.email, "info@yassl.com", NAME_SIZE);
1197
1198 certSz = MakeSelfCert(&myCert, derCert, sizeof(derCert), &key, &rng);
1199 if (certSz < 0)
1200 return -401;
1201
1202 InitDecodedCert(&decode, derCert, 0);
1203 ret = ParseCert(&decode, certSz, CERT_TYPE, NO_VERIFY, 0);
1204 if (ret != 0)
1205 return -402;
1206
1207 derFile = fopen("./cert.der", "wb");
1208 if (!derFile)
1209 return -403;
1210 ret = fwrite(derCert, certSz, 1, derFile);
1211 fclose(derFile);
1212
1213 pemSz = DerToPem(derCert, certSz, pem, sizeof(pem), CERT_TYPE);
1214 if (pemSz < 0)
1215 return -404;
1216
1217 pemFile = fopen("./cert.pem", "wb");
1218 if (!pemFile)
1219 return -405;
1220 ret = fwrite(pem, pemSz, 1, pemFile);
1221 fclose(pemFile);
1222
1223 FreeDecodedCert(&decode);
1224
1225 }
1226 /* CA style */
1227 {
1228 RsaKey caKey;
1229 Cert myCert;
1230 byte derCert[4096];
1231 byte pem[4096];
1232 DecodedCert decode;
1233 FILE* derFile;
1234 FILE* pemFile;
1235 int certSz;
1236 int pemSz;
1237 byte tmp[2048];
1238 size_t bytes;
1239 word32 idx = 0;
1240
1241 FILE* file = fopen(caKeyFile, "rb");
1242
1243 if (!file)
1244 return -412;
1245
1246 bytes = fread(tmp, 1, sizeof(tmp), file);
1247
1248 InitRsaKey(&caKey, 0);
1249 ret = RsaPrivateKeyDecode(tmp, &idx, &caKey, (word32)bytes);
1250 if (ret != 0) return -413;
1251
1252 InitCert(&myCert);
1253
1254 strncpy(myCert.subject.country, "US", NAME_SIZE);
1255 strncpy(myCert.subject.state, "OR", NAME_SIZE);
1256 strncpy(myCert.subject.locality, "Portland", NAME_SIZE);
1257 strncpy(myCert.subject.org, "yaSSL", NAME_SIZE);
1258 strncpy(myCert.subject.unit, "Development", NAME_SIZE);
1259 strncpy(myCert.subject.commonName, "www.yassl.com", NAME_SIZE);
1260 strncpy(myCert.subject.email, "info@yassl.com", NAME_SIZE);
1261
1262 ret = SetIssuer(&myCert, caCertFile);
1263 if (ret < 0)
1264 return -406;
1265
1266 certSz = MakeCert(&myCert, derCert, sizeof(derCert), &key, &rng);
1267 if (certSz < 0)
1268 return -407;
1269
1270 certSz = SignCert(&myCert, derCert, sizeof(derCert), &caKey, &rng);
1271 if (certSz < 0)
1272 return -408;
1273
1274
1275 InitDecodedCert(&decode, derCert, 0);
1276 ret = ParseCert(&decode, certSz, CERT_TYPE, NO_VERIFY, 0);
1277 if (ret != 0)
1278 return -409;
1279
1280 derFile = fopen("./othercert.der", "wb");
1281 if (!derFile)
1282 return -410;
1283 ret = fwrite(derCert, certSz, 1, derFile);
1284 fclose(derFile);
1285
1286 pemSz = DerToPem(derCert, certSz, pem, sizeof(pem), CERT_TYPE);
1287 if (pemSz < 0)
1288 return -411;
1289
1290 pemFile = fopen("./othercert.pem", "wb");
1291 if (!pemFile)
1292 return -412;
1293 ret = fwrite(pem, pemSz, 1, pemFile);
1294 fclose(pemFile);
1295
1296 FreeDecodedCert(&decode);
1297
1298 }
1299 #ifdef HAVE_NTRU
1300 {
1301 RsaKey caKey;
1302 Cert myCert;
1303 byte derCert[4096];
1304 byte pem[4096];
1305 DecodedCert decode;
1306 FILE* derFile;
1307 FILE* pemFile;
1308 FILE* caFile;
1309 FILE* ntruPrivFile;
1310 int certSz;
1311 int pemSz;
1312 byte tmp[2048];
1313 size_t bytes;
1314 word32 idx = 0;
1315
1316 byte public_key[557]; /* sized for EES401EP2 */
1317 word16 public_key_len; /* no. of octets in public key */
1318 byte private_key[607]; /* sized for EES401EP2 */
1319 word16 private_key_len; /* no. of octets in private key */
1320 DRBG_HANDLE drbg;
1321 static uint8_t const pers_str[] = {
1322 'C', 'y', 'a', 'S', 'S', 'L', ' ', 't', 'e', 's', 't'
1323 };
1324 word32 rc = crypto_drbg_instantiate(112, pers_str, sizeof(pers_str),
1325 GetEntropy, &drbg);
1326 if (rc != DRBG_OK)
1327 return -450;
1328
1329 rc = crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len,
1330 NULL, &private_key_len, NULL);
1331 if (rc != NTRU_OK)
1332 return -451;
1333
1334 rc = crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len,
1335 public_key, &private_key_len, private_key);
1336 crypto_drbg_uninstantiate(drbg);
1337
1338 if (rc != NTRU_OK)
1339 return -452;
1340
1341 caFile = fopen(caKeyFile, "rb");
1342
1343 if (!caFile)
1344 return -453;
1345
1346 bytes = fread(tmp, 1, sizeof(tmp), caFile);
1347 fclose(caFile);
1348
1349 InitRsaKey(&caKey, 0);
1350 ret = RsaPrivateKeyDecode(tmp, &idx, &caKey, (word32)bytes);
1351 if (ret != 0) return -454;
1352
1353 InitCert(&myCert);
1354
1355 strncpy(myCert.subject.country, "US", NAME_SIZE);
1356 strncpy(myCert.subject.state, "OR", NAME_SIZE);
1357 strncpy(myCert.subject.locality, "Portland", NAME_SIZE);
1358 strncpy(myCert.subject.org, "yaSSL", NAME_SIZE);
1359 strncpy(myCert.subject.unit, "Development", NAME_SIZE);
1360 strncpy(myCert.subject.commonName, "www.yassl.com", NAME_SIZE);
1361 strncpy(myCert.subject.email, "info@yassl.com", NAME_SIZE);
1362
1363 ret = SetIssuer(&myCert, caCertFile);
1364 if (ret < 0)
1365 return -455;
1366
1367 certSz = MakeNtruCert(&myCert, derCert, sizeof(derCert), public_key,
1368 public_key_len, &rng);
1369 if (certSz < 0)
1370 return -456;
1371
1372 certSz = SignCert(&myCert, derCert, sizeof(derCert), &caKey, &rng);
1373 if (certSz < 0)
1374 return -457;
1375
1376
1377 InitDecodedCert(&decode, derCert, 0);
1378 ret = ParseCert(&decode, certSz, CERT_TYPE, NO_VERIFY, 0);
1379 if (ret != 0)
1380 return -458;
1381
1382 derFile = fopen("./ntru-cert.der", "wb");
1383 if (!derFile)
1384 return -459;
1385 ret = fwrite(derCert, certSz, 1, derFile);
1386 fclose(derFile);
1387
1388 pemSz = DerToPem(derCert, certSz, pem, sizeof(pem), CERT_TYPE);
1389 if (pemSz < 0)
1390 return -460;
1391
1392 pemFile = fopen("./ntru-cert.pem", "wb");
1393 if (!pemFile)
1394 return -461;
1395 ret = fwrite(pem, pemSz, 1, pemFile);
1396 fclose(pemFile);
1397
1398 ntruPrivFile = fopen("./ntru-key.raw", "wb");
1399 if (!ntruPrivFile)
1400 return -462;
1401 ret = fwrite(private_key, private_key_len, 1, ntruPrivFile);
1402 fclose(ntruPrivFile);
1403
1404
1405
1406 FreeDecodedCert(&decode);
1407 }
1408 #endif /* HAVE_NTRU */
1409 #endif /* CYASSL_CERT_GEN */
1410
1411 FreeRsaKey(&key);
1412
1413 return 0;
1414 }
1415
1416
1417 #ifndef NO_MAIN_DRIVER
1418 static const char* dhKey = "../../certs/dh1024.der";
1419 #else
1420 static const char* dhKey = "../certs/dh1024.der";
1421 #endif
1422
1423 #ifndef NO_DH
1424
1425 int dh_test()
1426 {
1427 int ret;
1428 word32 bytes;
1429 word32 idx = 0, privSz, pubSz, privSz2, pubSz2, agreeSz, agreeSz2;
1430 byte tmp[1024];
1431 byte priv[128];
1432 byte pub[128];
1433 byte priv2[128];
1434 byte pub2[128];
1435 byte agree[128];
1436 byte agree2[128];
1437 DhKey key;
1438 DhKey key2;
1439 RNG rng;
1440 FILE* file = fopen(dhKey, "rb");
1441
1442 if (!file)
1443 return -50;
1444
1445 bytes = (word32) fread(tmp, 1, sizeof(tmp), file);
1446
1447 InitDhKey(&key);
1448 InitDhKey(&key2);
1449 ret = DhKeyDecode(tmp, &idx, &key, bytes);
1450 if (ret != 0)
1451 return -51;
1452
1453 idx = 0;
1454 ret = DhKeyDecode(tmp, &idx, &key2, bytes);
1455 if (ret != 0)
1456 return -52;
1457
1458 ret = InitRng(&rng);
1459 if (ret != 0)
1460 return -53;
1461
1462 ret = DhGenerateKeyPair(&key, &rng, priv, &privSz, pub, &pubSz);
1463 ret = DhGenerateKeyPair(&key2, &rng, priv2, &privSz2, pub2, &pubSz2);
1464 if (ret != 0)
1465 return -54;
1466
1467 ret = DhAgree(&key, agree, &agreeSz, priv, privSz, pub2, pubSz2);
1468 ret = DhAgree(&key2, agree2, &agreeSz2, priv2, privSz2, pub, pubSz);
1469 if (ret != 0)
1470 return -55;
1471
1472 if (memcmp(agree, agree2, agreeSz))
1473 return -56;
1474
1475 FreeDhKey(&key);
1476 FreeDhKey(&key2);
1477 fclose(file);
1478
1479 return 0;
1480 }
1481
1482 #endif /* NO_DH */
1483
1484
1485 #ifndef NO_MAIN_DRIVER
1486 static const char* dsaKey = "../../certs/dsa512.der";
1487 #else
1488 static const char* dsaKey = "../certs/dsa512.der";
1489 #endif
1490
1491 #ifndef NO_DSA
1492
1493 int dsa_test()
1494 {
1495 int ret, answer;
1496 word32 bytes;
1497 word32 idx = 0;
1498 byte tmp[1024];
1499 DsaKey key;
1500 RNG rng;
1501 FILE* file = fopen(dsaKey, "rb");
1502 Sha sha;
1503 byte hash[SHA_DIGEST_SIZE];
1504 byte signature[40];
1505
1506 if (!file)
1507 return -60;
1508
1509 bytes = (word32) fread(tmp, 1, sizeof(tmp), file);
1510
1511 InitSha(&sha);
1512 ShaUpdate(&sha, tmp, bytes);
1513 ShaFinal(&sha, hash);
1514
1515 InitDsaKey(&key);
1516 ret = DsaPrivateKeyDecode(tmp, &idx, &key, bytes);
1517 if (ret != 0) return -61;
1518
1519 ret = InitRng(&rng);
1520 if (ret != 0) return -62;
1521
1522 ret = DsaSign(hash, signature, &key, &rng);
1523 if (ret != 0) return -63;
1524
1525 ret = DsaVerify(hash, signature, &key, &answer);
1526 if (ret != 0) return -64;
1527 if (answer != 1) return -65;
1528
1529 FreeDsaKey(&key);
1530 fclose(file);
1531
1532 return 0;
1533 }
1534
1535 #endif /* NO_DSA */
1536
1537
1538 #ifdef OPENSSL_EXTRA
1539
1540 int openssl_test()
1541 {
1542 EVP_MD_CTX md_ctx;
1543 testVector a, b, c;
1544 byte hash[SHA_DIGEST_SIZE];
1545
1546 a.input = "1234567890123456789012345678901234567890123456789012345678"
1547 "9012345678901234567890";
1548 a.output = "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6"
1549 "\x7a";
1550 a.inLen = strlen(a.input);
1551 a.outLen = strlen(a.output);
1552
1553 EVP_MD_CTX_init(&md_ctx);
1554 EVP_DigestInit(&md_ctx, EVP_md5());
1555
1556 EVP_DigestUpdate(&md_ctx, a.input, a.inLen);
1557 EVP_DigestFinal(&md_ctx, hash, 0);
1558
1559 if (memcmp(hash, a.output, MD5_DIGEST_SIZE) != 0)
1560 return -71;
1561
1562 b.input = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
1563 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
1564 "aaaaaaaaaa";
1565 b.output = "\xAD\x5B\x3F\xDB\xCB\x52\x67\x78\xC2\x83\x9D\x2F\x15\x1E\xA7"
1566 "\x53\x99\x5E\x26\xA0";
1567 b.inLen = strlen(b.input);
1568 b.outLen = strlen(b.output);
1569
1570 EVP_MD_CTX_init(&md_ctx);
1571 EVP_DigestInit(&md_ctx, EVP_sha1());
1572
1573 EVP_DigestUpdate(&md_ctx, b.input, b.inLen);
1574 EVP_DigestFinal(&md_ctx, hash, 0);
1575
1576 if (memcmp(hash, b.output, SHA_DIGEST_SIZE) != 0)
1577 return -72;
1578
1579 if (RAND_bytes(hash, sizeof(hash)) != 1)
1580 return -73;
1581
1582 c.input = "what do ya want for nothing?";
1583 c.output = "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7"
1584 "\x38";
1585 c.inLen = strlen(c.input);
1586 c.outLen = strlen(c.output);
1587
1588 HMAC(EVP_md5(), "Jefe", 4, (byte*)c.input, (int)c.inLen, hash, 0);
1589
1590 if (memcmp(hash, c.output, MD5_DIGEST_SIZE) != 0)
1591 return -74;
1592
1593 { /* des test */
1594 const byte vector[] = { /* "now is the time for all " w/o trailing 0 */
1595 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
1596 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
1597 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
1598 };
1599
1600 byte plain[24];
1601 byte cipher[24];
1602
1603 const_DES_cblock key =
1604 {
1605 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef
1606 };
1607
1608 DES_cblock iv =
1609 {
1610 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef
1611 };
1612
1613 DES_key_schedule sched;
1614
1615 const byte verify[] =
1616 {
1617 0x8b,0x7c,0x52,0xb0,0x01,0x2b,0x6c,0xb8,
1618 0x4f,0x0f,0xeb,0xf3,0xfb,0x5f,0x86,0x73,
1619 0x15,0x85,0xb3,0x22,0x4b,0x86,0x2b,0x4b
1620 };
1621
1622 DES_key_sched(&key, &sched);
1623
1624 DES_cbc_encrypt(vector, cipher, sizeof(vector), &sched, &iv, DES_ENCRYPT);
1625 DES_cbc_encrypt(cipher, plain, sizeof(vector), &sched, &iv, DES_DECRYPT);
1626
1627 if (memcmp(plain, vector, sizeof(vector)) != 0)
1628 return -75;
1629
1630 if (memcmp(cipher, verify, sizeof(verify)) != 0)
1631 return -76;
1632
1633 /* test changing iv */
1634 DES_ncbc_encrypt(vector, cipher, 8, &sched, &iv, DES_ENCRYPT);
1635 DES_ncbc_encrypt(vector + 8, cipher + 8, 16, &sched, &iv, DES_ENCRYPT);
1636
1637 if (memcmp(cipher, verify, sizeof(verify)) != 0)
1638 return -77;
1639
1640 } /* end des test */
1641
1642 return 0;
1643 }
1644
1645 #endif /* OPENSSL_EXTRA */
1646
1647
1648 #ifndef NO_PWDBASED
1649
1650 int pbkdf2_test()
1651 {
1652 char passwd[] = "password";
1653 const byte salt[] = { 0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 };
1654 int iterations = 2048;
1655 int kLen = 24;
1656
1657 const byte verify[] = {
1658 0xBF, 0xDE, 0x6B, 0xE9, 0x4D, 0xF7, 0xE1, 0x1D, 0xD4, 0x09, 0xBC, 0xE2,
1659 0x0A, 0x02, 0x55, 0xEC, 0x32, 0x7C, 0xB9, 0x36, 0xFF, 0xE9, 0x36, 0x43
1660
1661 };
1662
1663 return 0;
1664 }
1665
1666
1667 int pbkdf1_test()
1668 {
1669 char passwd[] = "password";
1670 const byte salt[] = { 0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 };
1671 int iterations = 1000;
1672 int kLen = 16;
1673 byte derived[16];
1674
1675 const byte verify[] = {
1676 0xDC, 0x19, 0x84, 0x7E, 0x05, 0xC6, 0x4D, 0x2F, 0xAF, 0x10, 0xEB, 0xFB,
1677 0x4A, 0x3D, 0x2A, 0x20
1678 };
1679
1680 PBKDF1(derived, (byte*)passwd, strlen(passwd), salt, 8, iterations, kLen,
1681 SHA);
1682
1683 if (memcmp(derived, verify, sizeof(verify)) != 0)
1684 return -101;
1685
1686 return 0;
1687 }
1688
1689
1690 int pwdbased_test()
1691 {
1692 return pbkdf1_test();
1693 }
1694
1695 #endif /* NO_PWDBASED */
1696
1697
1698 #ifdef HAVE_ECC
1699
1700 int ecc_test()
1701 {
1702 RNG rng;
1703 byte sharedA[1024];
1704 byte sharedB[1024];
1705 byte sig[1024];
1706 byte digest[20];
1707 byte export[1024];
1708 word32 x, y;
1709 int i, verify, ret;
1710 ecc_key userA, userB, pubKey;
1711
1712 ret = InitRng(&rng);
1713 if (ret != 0)
1714 return -1001;
1715
1716 ecc_init(&userA);
1717 ecc_init(&userB);
1718 ecc_init(&pubKey);
1719
1720 ret = ecc_make_key(&rng, 32, &userA);
1721 ret = ecc_make_key(&rng, 32, &userB);
1722
1723 if (ret != 0)
1724 return -1002;
1725
1726 x = sizeof(sharedA);
1727 ret = ecc_shared_secret(&userA, &userB, sharedA, &x);
1728
1729 y = sizeof(sharedB);
1730 ret = ecc_shared_secret(&userB, &userA, sharedB, &y);
1731
1732 if (ret != 0)
1733 return -1003;
1734
1735 if (y != x)
1736 return -1004;
1737
1738 if (memcmp(sharedA, sharedB, x))
1739 return -1005;
1740
1741 x = sizeof(export);
1742 ret = ecc_export_x963(&userA, export, &x);
1743 if (ret != 0)
1744 return -1006;
1745
1746 ret = ecc_import_x963(export, x, &pubKey);
1747
1748 if (ret != 0)
1749 return -1007;
1750
1751 y = sizeof(sharedB);
1752 ret = ecc_shared_secret(&userB, &pubKey, sharedB, &y);
1753
1754 if (ret != 0)
1755 return -1008;
1756
1757 if (memcmp(sharedA, sharedB, y))
1758 return -1010;
1759
1760 /* test DSA sign hash */
1761 for (i = 0; i < sizeof(digest); i++)
1762 digest[i] = i;
1763
1764 x = sizeof(sig);
1765 ret = ecc_sign_hash(digest, sizeof(digest), sig, &x, &rng, &userA);
1766
1767 verify = 0;
1768 ret = ecc_verify_hash(sig, x, digest, sizeof(digest), &verify, &userA);
1769
1770 if (ret != 0)
1771 return -1011;
1772
1773 if (verify != 1)
1774 return -1012;
1775
1776 ecc_free(&pubKey);
1777 ecc_free(&userB);
1778 ecc_free(&userA);
1779
1780 return 0;
1781 }
1782
1783 #endif /* HAVE_ECC */
Tomato firmware and modifications.