bool BlockTransformationTest(const CipherFactory &cg, BufferedTransformation &valdata, unsigned int tuples = 0xffff)
{
HexEncoder output(new FileSink(std::cout));
SecByteBlock plain(cg.BlockSize()), cipher(cg.BlockSize()), out(cg.BlockSize()), outplain(cg.BlockSize());
SecByteBlock key(cg.KeyLength());
bool pass=true, fail;
while (valdata.MaxRetrievable() && tuples--)
{
valdata.Get(key, cg.KeyLength());
valdata.Get(plain, cg.BlockSize());
valdata.Get(cipher, cg.BlockSize());
auto_ptr<BlockTransformation> transE = cg.NewEncryption(key);
transE->ProcessBlock(plain, out);
fail = !VerifyBufsEqual(out, cipher, cg.BlockSize());
auto_ptr<BlockTransformation> transD = cg.NewDecryption(key);
transD->ProcessBlock(out, outplain);
fail=fail || !VerifyBufsEqual(outplain, plain, cg.BlockSize());
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ");
output.Put(key, cg.KeyLength());
std::cout << " ";
output.Put(outplain, cg.BlockSize());
std::cout << " ";
output.Put(out, cg.BlockSize());
std::cout << std::endl;
}
return pass;
}
bool ValidateBlowfish()
{
std::cout << "\nBlowfish validation suite running...\n\n";
HexEncoder output(new FileSink(std::cout));
static const char *key[]={"abcdefghijklmnopqrstuvwxyz", "Who is John Galt?"};
byte *plain[]={(byte *)"BLOWFISH", (byte *)"\xfe\xdc\xba\x98\x76\x54\x32\x10"};
byte *cipher[]={(byte *)"\x32\x4e\xd0\xfe\xf4\x13\xa2\x03", (byte *)"\xcc\x91\x73\x2b\x80\x22\xf6\x84"};
byte out[8], outplain[8];
bool pass=true, fail;
for (int i=0; i<2; i++)
{
ECB_Mode<Blowfish>::Encryption enc((byte *)key[i], strlen(key[i]));
enc.ProcessData(out, plain[i], 8);
fail = !VerifyBufsEqual(out, cipher[i], 8);
ECB_Mode<Blowfish>::Decryption dec((byte *)key[i], strlen(key[i]));
dec.ProcessData(outplain, cipher[i], 8);
fail = fail || !VerifyBufsEqual(outplain, plain[i], 8);
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ");
std::cout << '\"' << key[i] << '\"';
for (int j=0; j<(signed int)(30-strlen(key[i])); j++)
std::cout << ' ';
output.Put(outplain, 8);
std::cout << " ";
output.Put(out, 8);
std::cout << std::endl;
}
return pass;
}
bool ValidateBBS()
{
cout << "\nBlumBlumShub validation suite running...\n\n";
Integer p("212004934506826557583707108431463840565872545889679278744389317666981496005411448865750399674653351");
Integer q("100677295735404212434355574418077394581488455772477016953458064183204108039226017738610663984508231");
Integer seed("63239752671357255800299643604761065219897634268887145610573595874544114193025997412441121667211431");
BlumBlumShub bbs(p, q, seed);
bool pass = true, fail;
int j;
static const byte output1[] = {
0x49,0xEA,0x2C,0xFD,0xB0,0x10,0x64,0xA0,0xBB,0xB9,
0x2A,0xF1,0x01,0xDA,0xC1,0x8A,0x94,0xF7,0xB7,0xCE};
static const byte output2[] = {
0x74,0x45,0x48,0xAE,0xAC,0xB7,0x0E,0xDF,0xAF,0xD7,
0xD5,0x0E,0x8E,0x29,0x83,0x75,0x6B,0x27,0x46,0xA1};
byte buf[20];
bbs.GenerateBlock(buf, 20);
fail = !VerifyBufsEqual(output1, buf, 20);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
for (j=0;j<20;j++)
cout << setw(2) << setfill('0') << hex << (int)buf[j];
cout << endl;
bbs.Seek(10);
bbs.GenerateBlock(buf, 10);
fail = !VerifyBufsEqual(output1+10, buf, 10);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
for (j=0;j<10;j++)
cout << setw(2) << setfill('0') << hex << (int)buf[j];
cout << endl;
bbs.Seek(1234567);
bbs.GenerateBlock(buf, 20);
fail = !VerifyBufsEqual(output2, buf, 20);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
for (j=0;j<20;j++)
cout << setw(2) << setfill('0') << hex << (int)buf[j];
cout << endl;
return pass;
}
bool TestHKDF(KeyDerivationFunction &kdf, const HKDF_TestTuple *testSet, unsigned int testSetSize)
{
bool pass = true;
for (unsigned int i=0; i<testSetSize; i++)
{
const HKDF_TestTuple &tuple = testSet[i];
string secret, context, salt, derivedKey;
StringSource(tuple.hexSecret, true, new HexDecoder(new StringSink(secret)));
StringSource(tuple.hexSalt ? tuple.hexSalt : "", true, new HexDecoder(new StringSink(salt)));
StringSource(tuple.hexContext ? tuple.hexContext : "", true, new HexDecoder(new StringSink(context)));
StringSource(tuple.hexDerivedKey, true, new HexDecoder(new StringSink(derivedKey)));
SecByteBlock derived(derivedKey.size());
unsigned int ret = kdf.DeriveKey(derived, derived.size(),
reinterpret_cast<const unsigned char*>(secret.data()), secret.size(),
reinterpret_cast<const unsigned char*>(salt.data()), salt.size(),
reinterpret_cast<const unsigned char*>(context.data()), context.size());
pass = pass && (ret == tuple.len);
bool fail = !VerifyBufsEqual(derived, reinterpret_cast<const unsigned char*>(derivedKey.data()), derived.size());
pass = pass && !fail;
HexEncoder enc(new FileSink(cout));
cout << (fail ? "FAILED " : "passed ");
cout << " " << tuple.hexSecret << " " << (tuple.hexSalt ? tuple.hexSalt : "<NO SALT>");
cout << " " << (tuple.hexContext ? tuple.hexContext : "<NO CTX>") << " ";
enc.Put(derived, derived.size());
cout << endl;
}
return pass;
}
bool ValidateSEAL()
{
byte input[] = {0x37,0xa0,0x05,0x95,0x9b,0x84,0xc4,0x9c,0xa4,0xbe,0x1e,0x05,0x06,0x73,0x53,0x0f,0x5f,0xb0,0x97,0xfd,0xf6,0xa1,0x3f,0xbd,0x6c,0x2c,0xde,0xcd,0x81,0xfd,0xee,0x7c};
byte output[32];
byte key[] = {0x67, 0x45, 0x23, 0x01, 0xef, 0xcd, 0xab, 0x89, 0x98, 0xba, 0xdc, 0xfe, 0x10, 0x32, 0x54, 0x76, 0xc3, 0xd2, 0xe1, 0xf0};
byte iv[] = {0x01, 0x35, 0x77, 0xaf};
std::cout << "\nSEAL validation suite running...\n\n";
SEAL<>::Encryption seal(key, sizeof(key), iv);
unsigned int size = sizeof(input);
bool pass = true;
memset(output, 1, size);
seal.ProcessString(output, input, size);
for (unsigned int i=0; i<size; i++)
if (output[i] != 0)
pass = false;
seal.Seek(1);
output[1] = seal.ProcessByte(output[1]);
seal.ProcessString(output+2, size-2);
pass = pass && VerifyBufsEqual(output+1, input+1, size-1);
std::cout << (pass ? "passed" : "FAILED") << std::endl;
return pass;
}
bool SimpleKeyAgreementValidate(SimpleKeyAgreementDomain &d)
{
if (d.GetCryptoParameters().Validate(GlobalRNG(), 3))
cout << "passed simple key agreement domain parameters validation" << endl;
else
{
cout << "FAILED simple key agreement domain parameters invalid" << endl;
return false;
}
SecByteBlock priv1(d.PrivateKeyLength()), priv2(d.PrivateKeyLength());
SecByteBlock pub1(d.PublicKeyLength()), pub2(d.PublicKeyLength());
SecByteBlock val1(d.AgreedValueLength()), val2(d.AgreedValueLength());
d.GenerateKeyPair(GlobalRNG(), priv1, pub1);
d.GenerateKeyPair(GlobalRNG(), priv2, pub2);
memset(val1.begin(), 0x10, val1.size());
memset(val2.begin(), 0x11, val2.size());
if (!(d.Agree(val1, priv1, pub2) && d.Agree(val2, priv2, pub1)))
{
cout << "FAILED simple key agreement failed" << endl;
return false;
}
if (!VerifyBufsEqual(val1.begin(), val2.begin(), d.AgreedValueLength()))
{
cout << "FAILED simple agreed values not equal" << endl;
return false;
}
cout << "passed simple key agreement" << endl;
return true;
}
bool TestPBKDF(PasswordBasedKeyDerivationFunction &pbkdf, const PBKDF_TestTuple *testSet, unsigned int testSetSize)
{
bool pass = true;
for (unsigned int i=0; i<testSetSize; i++)
{
const PBKDF_TestTuple &tuple = testSet[i];
string password, salt, derivedKey;
StringSource(tuple.hexPassword, true, new HexDecoder(new StringSink(password)));
StringSource(tuple.hexSalt, true, new HexDecoder(new StringSink(salt)));
StringSource(tuple.hexDerivedKey, true, new HexDecoder(new StringSink(derivedKey)));
SecByteBlock derived(derivedKey.size());
pbkdf.DeriveKey(derived, derived.size(), tuple.purpose, (byte *)password.data(), password.size(), (byte *)salt.data(), salt.size(), tuple.iterations);
bool fail = !VerifyBufsEqual(derived, reinterpret_cast<const unsigned char*>(derivedKey.data()), derived.size());
pass = pass && !fail;
HexEncoder enc(new FileSink(cout));
cout << (fail ? "FAILED " : "passed ");
enc.Put(tuple.purpose);
cout << " " << tuple.iterations;
cout << " " << tuple.hexPassword << " " << tuple.hexSalt << " ";
enc.Put(derived, derived.size());
cout << endl;
}
return pass;
}
bool HashModuleTest(HashTransformation &md, const HashTestTuple *testSet, unsigned int testSetSize)
{
bool pass=true, fail;
SecByteBlock digest(md.DigestSize());
for (unsigned int i=0; i<testSetSize; i++)
{
unsigned j;
for (j=0; j<testSet[i].repeatTimes; j++)
md.Update(testSet[i].input, testSet[i].inputLen);
md.Final(digest);
fail = !VerifyBufsEqual(digest, testSet[i].output, md.DigestSize());
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
for (j=0; j<md.DigestSize(); j++)
cout << setw(2) << setfill('0') << hex << (int)digest[j];
cout << " \"" << (char *)testSet[i].input << '\"';
if (testSet[i].repeatTimes != 1)
cout << " repeated " << dec << testSet[i].repeatTimes << " times";
cout << endl;
}
return pass;
}
bool HashTransformation::TruncatedVerify(const byte *digestIn, size_t digestLength)
{
ThrowIfInvalidTruncatedSize(digestLength);
SecByteBlock digest(digestLength);
TruncatedFinal(digest, digestLength);
return VerifyBufsEqual(digest, digestIn, digestLength);
}
bool CryptoSystemValidate(PK_Decryptor &priv, PK_Encryptor &pub, bool thorough = false)
{
bool pass = true, fail;
fail = !pub.GetMaterial().Validate(GlobalRNG(), thorough ? 3 : 2) || !priv.GetMaterial().Validate(GlobalRNG(), thorough ? 3 : 2);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "cryptosystem key validation\n";
static const byte message[] = "test message";
const int messageLen = COUNTOF(message);
SecByteBlock ciphertext(priv.CiphertextLength(messageLen));
SecByteBlock plaintext(priv.MaxPlaintextLength(ciphertext.size()));
pub.Encrypt(GlobalRNG(), message, messageLen, ciphertext);
fail = priv.Decrypt(GlobalRNG(), ciphertext, priv.CiphertextLength(messageLen), plaintext) != DecodingResult(messageLen);
fail = fail || !VerifyBufsEqual(message, plaintext, messageLen);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "encryption and decryption\n";
return pass;
}
bool ValidateMD5MAC()
{
static const byte keys[2][MD5MAC::KEYLENGTH]={
{0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x88,0x99,0xaa,0xbb,0xcc,0xdd,0xee,0xff},
{0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10}};
static const char *TestVals[7]={
"",
"a",
"abc",
"message digest",
"abcdefghijklmnopqrstuvwxyz",
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
"12345678901234567890123456789012345678901234567890123456789012345678901234567890"};
static const byte output[2][7][MD5MAC::DIGESTSIZE]={
{{0x1f,0x1e,0xf2,0x37,0x5c,0xc0,0xe0,0x84,0x4f,0x98,0xe7,0xe8,0x11,0xa3,0x4d,0xa8},
{0x7a,0x76,0xee,0x64,0xca,0x71,0xef,0x23,0x7e,0x26,0x29,0xed,0x94,0x52,0x73,0x65},
{0xe8,0x01,0x3c,0x11,0xf7,0x20,0x9d,0x13,0x28,0xc0,0xca,0xa0,0x4f,0xd0,0x12,0xa6},
{0xc8,0x95,0x53,0x4f,0x22,0xa1,0x74,0xbc,0x3e,0x6a,0x25,0xa2,0xb2,0xef,0xd6,0x30},
{0x91,0x72,0x86,0x7e,0xb6,0x00,0x17,0x88,0x4c,0x6f,0xa8,0xcc,0x88,0xeb,0xe7,0xc9},
{0x3b,0xd0,0xe1,0x1d,0x5e,0x09,0x4c,0xb7,0x1e,0x35,0x44,0xac,0xa9,0xb8,0xbf,0xa2},
{0x93,0x37,0x16,0x64,0x44,0xcc,0x95,0x35,0xb7,0xd5,0xb8,0x0f,0x91,0xe5,0x29,0xcb}},
{{0x2f,0x6e,0x73,0x13,0xbf,0xbb,0xbf,0xcc,0x3a,0x2d,0xde,0x26,0x8b,0x59,0xcc,0x4d},
{0x69,0xf6,0xca,0xff,0x40,0x25,0x36,0xd1,0x7a,0xe1,0x38,0x03,0x2c,0x0c,0x5f,0xfd},
{0x56,0xd3,0x2b,0x6c,0x34,0x76,0x65,0xd9,0x74,0xd6,0xf7,0x5c,0x3f,0xc6,0xf0,0x40},
{0xb8,0x02,0xb2,0x15,0x4e,0x59,0x8b,0x6f,0x87,0x60,0x56,0xc7,0x85,0x46,0x2c,0x0b},
{0x5a,0xde,0xf4,0xbf,0xf8,0x04,0xbe,0x08,0x58,0x7e,0x94,0x41,0xcf,0x6d,0xbd,0x57},
{0x18,0xe3,0x49,0xa5,0x24,0x44,0xb3,0x0e,0x5e,0xba,0x5a,0xdd,0xdc,0xd9,0xf1,0x8d},
{0xf2,0xb9,0x06,0xa5,0xb8,0x4b,0x9b,0x4b,0xbe,0x95,0xed,0x32,0x56,0x4e,0xe7,0xeb}}};
byte digest[MD5MAC::DIGESTSIZE];
bool pass=true, fail;
cout << "\nMD5MAC validation suite running...\n";
for (int k=0; k<2; k++)
{
MD5MAC mac(keys[k]);
cout << "\nKEY: ";
for (int j=0;j<MD5MAC::KEYLENGTH;j++)
cout << setw(2) << setfill('0') << hex << (int)keys[k][j];
cout << endl << endl;
for (int i=0;i<7;i++)
{
mac.Update((byte *)TestVals[i], strlen(TestVals[i]));
mac.Final(digest);
fail = !VerifyBufsEqual(digest, output[k][i], MD5MAC::DIGESTSIZE)
|| !mac.VerifyDigest(output[k][i], (byte *)TestVals[i], strlen(TestVals[i]));
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
for (int j=0;j<MD5MAC::DIGESTSIZE;j++)
cout << setw(2) << setfill('0') << hex << (int)digest[j];
cout << " \"" << TestVals[i] << '\"' << endl;
}
}
return pass;
}
bool PK_DeterministicSignatureMessageEncodingMethod::VerifyMessageRepresentative(
HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
byte *representative, size_t representativeBitLength) const
{
SecByteBlock computedRepresentative(BitsToBytes(representativeBitLength));
ComputeMessageRepresentative(NullRNG(), NULL, 0, hash, hashIdentifier, messageEmpty, computedRepresentative, representativeBitLength);
return VerifyBufsEqual(representative, computedRepresentative, computedRepresentative.size());
}
DecodingResult PSSR_MEM_Base::RecoverMessageFromRepresentative(
HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
byte *representative, size_t representativeBitLength,
byte *recoverableMessage) const
{
assert(representativeBitLength >= MinRepresentativeBitLength(hashIdentifier.second, hash.DigestSize()));
const size_t u = hashIdentifier.second + 1;
const size_t representativeByteLength = BitsToBytes(representativeBitLength);
const size_t digestSize = hash.DigestSize();
const size_t saltSize = SaltLen(digestSize);
const byte *const h = representative + representativeByteLength - u - digestSize;
SecByteBlock digest(digestSize);
hash.Final(digest);
DecodingResult result(0);
bool &valid = result.isValidCoding;
size_t &recoverableMessageLength = result.messageLength;
valid = (representative[representativeByteLength - 1] == (hashIdentifier.second ? 0xcc : 0xbc)) && valid;
valid = VerifyBufsEqual(representative + representativeByteLength - u, hashIdentifier.first, hashIdentifier.second) && valid;
GetMGF().GenerateAndMask(hash, representative, representativeByteLength - u - digestSize, h, digestSize);
if (representativeBitLength % 8 != 0)
representative[0] = (byte)Crop(representative[0], representativeBitLength % 8);
// extract salt and recoverableMessage from DB = 00 ... || 01 || M || salt
byte *salt = representative + representativeByteLength - u - digestSize - saltSize;
byte *M = std::find_if(representative, salt-1, std::bind2nd(std::not_equal_to<byte>(), 0));
recoverableMessageLength = salt-M-1;
if (*M == 0x01
&& (size_t)(M - representative - (representativeBitLength % 8 != 0)) >= MinPadLen(digestSize)
&& recoverableMessageLength <= MaxRecoverableLength(representativeBitLength, hashIdentifier.second, digestSize))
{
memcpy(recoverableMessage, M+1, recoverableMessageLength);
}
else
{
recoverableMessageLength = 0;
valid = false;
}
// verify H = hash of M'
byte c[8];
PutWord(false, BIG_ENDIAN_ORDER, c, (word32)SafeRightShift<29>(recoverableMessageLength));
PutWord(false, BIG_ENDIAN_ORDER, c+4, word32(recoverableMessageLength << 3));
hash.Update(c, 8);
hash.Update(recoverableMessage, recoverableMessageLength);
hash.Update(digest, digestSize);
hash.Update(salt, saltSize);
valid = hash.Verify(h) && valid;
if (!AllowRecovery() && valid && recoverableMessageLength != 0)
{throw NotImplemented("PSSR_MEM: message recovery disabled");}
return result;
}
bool ValidateRC2()
{
std::cout << "\nRC2 validation suite running...\n\n";
FileSource valdata("TestData/rc2val.dat", true, new HexDecoder);
HexEncoder output(new FileSink(std::cout));
SecByteBlock plain(RC2Encryption::BLOCKSIZE), cipher(RC2Encryption::BLOCKSIZE), out(RC2Encryption::BLOCKSIZE), outplain(RC2Encryption::BLOCKSIZE);
SecByteBlock key(128);
bool pass=true, fail;
while (valdata.MaxRetrievable())
{
byte keyLen, effectiveLen;
valdata.Get(keyLen);
valdata.Get(effectiveLen);
valdata.Get(key, keyLen);
valdata.Get(plain, RC2Encryption::BLOCKSIZE);
valdata.Get(cipher, RC2Encryption::BLOCKSIZE);
auto_ptr<BlockTransformation> transE(new RC2Encryption(key, keyLen, effectiveLen));
transE->ProcessBlock(plain, out);
fail = !VerifyBufsEqual(out, cipher, RC2Encryption::BLOCKSIZE);
auto_ptr<BlockTransformation> transD(new RC2Decryption(key, keyLen, effectiveLen));
transD->ProcessBlock(out, outplain);
fail=fail || !VerifyBufsEqual(outplain, plain, RC2Encryption::BLOCKSIZE);
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ");
output.Put(key, keyLen);
std::cout << " ";
output.Put(outplain, RC2Encryption::BLOCKSIZE);
std::cout << " ";
output.Put(out, RC2Encryption::BLOCKSIZE);
std::cout << std::endl;
}
return pass;
}
bool SignatureValidate(PK_Signer &priv, PK_Verifier &pub, bool thorough = false)
{
bool pass = true, fail;
fail = !pub.GetMaterial().Validate(GlobalRNG(), thorough ? 3 : 2) || !priv.GetMaterial().Validate(GlobalRNG(), thorough ? 3 : 2);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "signature key validation\n";
static const byte message[] = "test message";
const unsigned int messageLen = COUNTOF(message);
SecByteBlock signature(priv.MaxSignatureLength());
size_t signatureLength = priv.SignMessage(GlobalRNG(), message, messageLen, signature);
fail = !pub.VerifyMessage(message, messageLen, signature, signatureLength);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "signature and verification\n";
++signature[0];
fail = pub.VerifyMessage(message, messageLen, signature, signatureLength);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "checking invalid signature" << endl;
if (priv.MaxRecoverableLength() > 0)
{
signatureLength = priv.SignMessageWithRecovery(GlobalRNG(), message, messageLen, NULL, 0, signature);
SecByteBlock recovered(priv.MaxRecoverableLengthFromSignatureLength(signatureLength));
DecodingResult result = pub.RecoverMessage(recovered, NULL, 0, signature, signatureLength);
fail = !(result.isValidCoding && result.messageLength == messageLen && VerifyBufsEqual(recovered, message, messageLen));
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "signature and verification with recovery" << endl;
++signature[0];
result = pub.RecoverMessage(recovered, NULL, 0, signature, signatureLength);
fail = result.isValidCoding;
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "recovery with invalid signature" << endl;
}
return pass;
}
bool ValidateTTMAC()
{
static const byte key[TTMAC::KEYLENGTH]={
0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x88,0x99,
0xaa,0xbb,0xcc,0xdd,0xee,0xff,0x01,0x23,0x45,0x67};
static const char *TestVals[8]={
"",
"a",
"abc",
"message digest",
"abcdefghijklmnopqrstuvwxyz",
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
"12345678901234567890123456789012345678901234567890123456789012345678901234567890"};
static const byte output[8][TTMAC::DIGESTSIZE]={
{0x2d,0xec,0x8e,0xd4,0xa0,0xfd,0x71,0x2e,0xd9,0xfb,0xf2,0xab,0x46,0x6e,0xc2,0xdf,0x21,0x21,0x5e,0x4a},
{0x58,0x93,0xe3,0xe6,0xe3,0x06,0x70,0x4d,0xd7,0x7a,0xd6,0xe6,0xed,0x43,0x2c,0xde,0x32,0x1a,0x77,0x56},
{0x70,0xbf,0xd1,0x02,0x97,0x97,0xa5,0xc1,0x6d,0xa5,0xb5,0x57,0xa1,0xf0,0xb2,0x77,0x9b,0x78,0x49,0x7e},
{0x82,0x89,0xf4,0xf1,0x9f,0xfe,0x4f,0x2a,0xf7,0x37,0xde,0x4b,0xd7,0x1c,0x82,0x9d,0x93,0xa9,0x72,0xfa},
{0x21,0x86,0xca,0x09,0xc5,0x53,0x31,0x98,0xb7,0x37,0x1f,0x24,0x52,0x73,0x50,0x4c,0xa9,0x2b,0xae,0x60},
{0x8a,0x7b,0xf7,0x7a,0xef,0x62,0xa2,0x57,0x84,0x97,0xa2,0x7c,0x0d,0x65,0x18,0xa4,0x29,0xe7,0xc1,0x4d},
{0x54,0xba,0xc3,0x92,0xa8,0x86,0x80,0x6d,0x16,0x95,0x56,0xfc,0xbb,0x67,0x89,0xb5,0x4f,0xb3,0x64,0xfb},
{0x0c,0xed,0x2c,0x9f,0x8f,0x0d,0x9d,0x03,0x98,0x1a,0xb5,0xc8,0x18,0x4b,0xac,0x43,0xdd,0x54,0xc4,0x84}};
byte digest[TTMAC::DIGESTSIZE];
bool pass=true, fail;
cout << "\nTwo-Track-MAC validation suite running...\n";
TTMAC mac(key, sizeof(key));
for (size_t k=0; k<COUNTOF(TestVals); k++)
{
mac.Update((byte *)TestVals[k], strlen(TestVals[k]));
mac.Final(digest);
fail = !VerifyBufsEqual(digest, output[k], TTMAC::DIGESTSIZE)
|| !mac.VerifyDigest(output[k], (byte *)TestVals[k], strlen(TestVals[k]));
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
for (int j=0;j<TTMAC::DIGESTSIZE;j++)
cout << setw(2) << setfill('0') << hex << (int)digest[j];
cout << " \"" << TestVals[k] << '\"' << endl;
}
return true;
}
bool AuthenticatedKeyAgreementValidate(AuthenticatedKeyAgreementDomain &d)
{
if (d.GetCryptoParameters().Validate(GlobalRNG(), 3))
cout << "passed authenticated key agreement domain parameters validation" << endl;
else
{
cout << "FAILED authenticated key agreement domain parameters invalid" << endl;
return false;
}
SecByteBlock spriv1(d.StaticPrivateKeyLength()), spriv2(d.StaticPrivateKeyLength());
SecByteBlock epriv1(d.EphemeralPrivateKeyLength()), epriv2(d.EphemeralPrivateKeyLength());
SecByteBlock spub1(d.StaticPublicKeyLength()), spub2(d.StaticPublicKeyLength());
SecByteBlock epub1(d.EphemeralPublicKeyLength()), epub2(d.EphemeralPublicKeyLength());
SecByteBlock val1(d.AgreedValueLength()), val2(d.AgreedValueLength());
d.GenerateStaticKeyPair(GlobalRNG(), spriv1, spub1);
d.GenerateStaticKeyPair(GlobalRNG(), spriv2, spub2);
d.GenerateEphemeralKeyPair(GlobalRNG(), epriv1, epub1);
d.GenerateEphemeralKeyPair(GlobalRNG(), epriv2, epub2);
memset(val1.begin(), 0x10, val1.size());
memset(val2.begin(), 0x11, val2.size());
if (!(d.Agree(val1, spriv1, epriv1, spub2, epub2) && d.Agree(val2, spriv2, epriv2, spub1, epub1)))
{
cout << "FAILED authenticated key agreement failed" << endl;
return false;
}
if (!VerifyBufsEqual(val1.begin(), val2.begin(), d.AgreedValueLength()))
{
cout << "FAILED authenticated agreed values not equal" << endl;
return false;
}
cout << "passed authenticated key agreement" << endl;
return true;
}
bool TestHKDF(KeyDerivationFunction &kdf, const HKDF_TestTuple *testSet, unsigned int testSetSize)
{
bool pass = true;
for (unsigned int i=0; i<testSetSize; i++)
{
const HKDF_TestTuple &tuple = testSet[i];
std::string secret, salt, info, expected;
StringSource(tuple.hexSecret, true, new HexDecoder(new StringSink(secret)));
StringSource(tuple.hexSalt ? tuple.hexSalt : "", true, new HexDecoder(new StringSink(salt)));
StringSource(tuple.hexInfo ? tuple.hexInfo : "", true, new HexDecoder(new StringSink(info)));
StringSource(tuple.hexExpected, true, new HexDecoder(new StringSink(expected)));
SecByteBlock derived(expected.size());
unsigned int ret = kdf.DeriveKey(derived, derived.size(),
reinterpret_cast<const unsigned char*>(secret.data()), secret.size(),
(tuple.hexSalt ? reinterpret_cast<const unsigned char*>(salt.data()) : NULL), salt.size(),
(tuple.hexInfo ? reinterpret_cast<const unsigned char*>(info.data()) : NULL), info.size());
bool fail = !VerifyBufsEqual(derived, reinterpret_cast<const unsigned char*>(expected.data()), derived.size());
pass = pass && (ret == tuple.len) && !fail;
HexEncoder enc(new FileSink(std::cout));
std::cout << (fail ? "FAILED " : "passed ");
std::cout << " " << tuple.hexSecret << " ";
std::cout << (tuple.hexSalt ? (strlen(tuple.hexSalt) ? tuple.hexSalt : "<0-LEN SALT>") : "<NO SALT>");
std::cout << " ";
std::cout << (tuple.hexInfo ? (strlen(tuple.hexInfo) ? tuple.hexInfo : "<0-LEN INFO>") : "<NO INFO>");
std::cout << " ";
enc.Put(derived, derived.size());
std::cout << std::endl;
}
return pass;
}
bool ValidateXMACC()
{
typedef XMACC<MD5> XMACC_MD5;
static const byte keys[2][XMACC_MD5::KEYLENGTH]={
{0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x88,0x99,0xaa,0xbb},
{0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,0xfe,0xdc,0xba,0x98}};
static const word32 counters[2]={0xccddeeff, 0x76543210};
static const char *TestVals[7]={
"",
"a",
"abc",
"message digest",
"abcdefghijklmnopqrstuvwxyz",
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
"12345678901234567890123456789012345678901234567890123456789012345678901234567890"};
static const byte output[2][7][XMACC_MD5::DIGESTSIZE]={
{{0xcc,0xdd,0xef,0x00,0xfa,0x89,0x54,0x92,0x86,0x32,0xda,0x2a,0x3f,0x29,0xc5,0x52,0xa0,0x0d,0x05,0x13},
{0xcc,0xdd,0xef,0x01,0xae,0xdb,0x8b,0x7b,0x69,0x71,0xc7,0x91,0x71,0x48,0x9d,0x18,0xe7,0xdf,0x9d,0x5a},
{0xcc,0xdd,0xef,0x02,0x5e,0x01,0x2e,0x2e,0x4b,0xc3,0x83,0x62,0xc2,0xf4,0xe6,0x18,0x1c,0x44,0xaf,0xca},
{0xcc,0xdd,0xef,0x03,0x3e,0xa9,0xf1,0xe0,0x97,0x91,0xf8,0xe2,0xbe,0xe0,0xdf,0xf3,0x41,0x03,0xb3,0x5a},
{0xcc,0xdd,0xef,0x04,0x2e,0x6a,0x8d,0xb9,0x72,0xe3,0xce,0x9f,0xf4,0x28,0x45,0xe7,0xbc,0x80,0xa9,0xc7},
{0xcc,0xdd,0xef,0x05,0x1a,0xd5,0x40,0x78,0xfb,0x16,0x37,0xfc,0x7a,0x1d,0xce,0xb4,0x77,0x10,0xb2,0xa0},
{0xcc,0xdd,0xef,0x06,0x13,0x2f,0x11,0x47,0xd7,0x1b,0xb5,0x52,0x36,0x51,0x26,0xb0,0x96,0xd7,0x60,0x81}},
{{0x76,0x54,0x32,0x11,0xe9,0xcb,0x74,0x32,0x07,0x93,0xfe,0x01,0xdd,0x27,0xdb,0xde,0x6b,0x77,0xa4,0x56},
{0x76,0x54,0x32,0x12,0xcd,0x55,0x87,0x5c,0xc0,0x35,0x85,0x99,0x44,0x02,0xa5,0x0b,0x8c,0xe7,0x2c,0x68},
{0x76,0x54,0x32,0x13,0xac,0xfd,0x87,0x50,0xc3,0x8f,0xcd,0x58,0xaa,0xa5,0x7e,0x7a,0x25,0x63,0x26,0xd1},
{0x76,0x54,0x32,0x14,0xe3,0x30,0xf5,0xdd,0x27,0x2b,0x76,0x22,0x7f,0xaa,0x90,0x73,0x6a,0x48,0xdb,0x00},
{0x76,0x54,0x32,0x15,0xfc,0x57,0x00,0x20,0x7c,0x9d,0xf6,0x30,0x6f,0xbd,0x46,0x3e,0xfb,0x8a,0x2c,0x60},
{0x76,0x54,0x32,0x16,0xfb,0x0f,0xd3,0xdf,0x4c,0x4b,0xc3,0x05,0x9d,0x63,0x1e,0xba,0x25,0x2b,0xbe,0x35},
{0x76,0x54,0x32,0x17,0xc6,0xfe,0xe6,0x5f,0xb1,0x35,0x8a,0xf5,0x32,0x7a,0x80,0xbd,0xb8,0x72,0xee,0xae}}};
byte digest[XMACC_MD5::DIGESTSIZE];
bool pass=true, fail;
cout << "\nXMACC/MD5 validation suite running...\n";
for (int k=0; k<2; k++)
{
XMACC_MD5 mac(keys[k], counters[k]);
cout << "\nKEY: ";
for (int j=0;j<XMACC_MD5::KEYLENGTH;j++)
cout << setw(2) << setfill('0') << hex << (int)keys[k][j];
cout << " COUNTER: 0x" << hex << counters[k] << endl << endl;
for (int i=0;i<7;i++)
{
mac.Update((byte *)TestVals[i], strlen(TestVals[i]));
mac.Final(digest);
fail = !VerifyBufsEqual(digest, output[k][i], XMACC_MD5::DIGESTSIZE)
|| !mac.VerifyDigest(output[k][i], (byte *)TestVals[i], strlen(TestVals[i]));
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
for (int j=0;j<XMACC_MD5::DIGESTSIZE;j++)
cout << setw(2) << setfill('0') << hex << (int)digest[j];
cout << " \"" << TestVals[i] << '\"' << endl;
}
}
return pass;
}
bool ValidateCipherModes()
{
std::cout << "\nTesting DES modes...\n\n";
static const byte key[] = {0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
static const byte iv[] = {0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef};
static const byte plain[] = { // "Now is the time for all " without tailing 0
0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20};
DESEncryption desE(key);
DESDecryption desD(key);
bool pass=true, fail;
{
// from FIPS 81
static const byte encrypted[] = {
0x3f, 0xa4, 0x0e, 0x8a, 0x98, 0x4d, 0x48, 0x15,
0x6a, 0x27, 0x17, 0x87, 0xab, 0x88, 0x83, 0xf9,
0x89, 0x3d, 0x51, 0xec, 0x4b, 0x56, 0x3b, 0x53};
ECB_Mode_ExternalCipher::Encryption modeE(desE);
fail = !TestFilter(StreamTransformationFilter(modeE, NULL, StreamTransformationFilter::NO_PADDING).Ref(),
plain, sizeof(plain), encrypted, sizeof(encrypted));
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "ECB encryption" << std::endl;
ECB_Mode_ExternalCipher::Decryption modeD(desD);
fail = !TestFilter(StreamTransformationFilter(modeD, NULL, StreamTransformationFilter::NO_PADDING).Ref(),
encrypted, sizeof(encrypted), plain, sizeof(plain));
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "ECB decryption" << std::endl;
}
{
// from FIPS 81
static const byte encrypted[] = {
0xE5, 0xC7, 0xCD, 0xDE, 0x87, 0x2B, 0xF2, 0x7C,
0x43, 0xE9, 0x34, 0x00, 0x8C, 0x38, 0x9C, 0x0F,
0x68, 0x37, 0x88, 0x49, 0x9A, 0x7C, 0x05, 0xF6};
CBC_Mode_ExternalCipher::Encryption modeE(desE, iv);
fail = !TestFilter(StreamTransformationFilter(modeE, NULL, StreamTransformationFilter::NO_PADDING).Ref(),
plain, sizeof(plain), encrypted, sizeof(encrypted));
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "CBC encryption with no padding" << std::endl;
CBC_Mode_ExternalCipher::Decryption modeD(desD, iv);
fail = !TestFilter(StreamTransformationFilter(modeD, NULL, StreamTransformationFilter::NO_PADDING).Ref(),
encrypted, sizeof(encrypted), plain, sizeof(plain));
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "CBC decryption with no padding" << std::endl;
fail = !TestModeIV(modeE, modeD);
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "CBC mode IV generation" << std::endl;
}
{
// generated with Crypto++, matches FIPS 81
// but has extra 8 bytes as result of padding
static const byte encrypted[] = {
0xE5, 0xC7, 0xCD, 0xDE, 0x87, 0x2B, 0xF2, 0x7C,
0x43, 0xE9, 0x34, 0x00, 0x8C, 0x38, 0x9C, 0x0F,
0x68, 0x37, 0x88, 0x49, 0x9A, 0x7C, 0x05, 0xF6,
0x62, 0xC1, 0x6A, 0x27, 0xE4, 0xFC, 0xF2, 0x77};
CBC_Mode_ExternalCipher::Encryption modeE(desE, iv);
fail = !TestFilter(StreamTransformationFilter(modeE).Ref(),
plain, sizeof(plain), encrypted, sizeof(encrypted));
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "CBC encryption with PKCS #7 padding" << std::endl;
CBC_Mode_ExternalCipher::Decryption modeD(desD, iv);
fail = !TestFilter(StreamTransformationFilter(modeD).Ref(),
encrypted, sizeof(encrypted), plain, sizeof(plain));
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "CBC decryption with PKCS #7 padding" << std::endl;
}
{
// generated with Crypto++ 5.2, matches FIPS 81
// but has extra 8 bytes as result of padding
static const byte encrypted[] = {
0xE5, 0xC7, 0xCD, 0xDE, 0x87, 0x2B, 0xF2, 0x7C,
0x43, 0xE9, 0x34, 0x00, 0x8C, 0x38, 0x9C, 0x0F,
0x68, 0x37, 0x88, 0x49, 0x9A, 0x7C, 0x05, 0xF6,
0xcf, 0xb7, 0xc7, 0x64, 0x0e, 0x7c, 0xd9, 0xa7};
CBC_Mode_ExternalCipher::Encryption modeE(desE, iv);
fail = !TestFilter(StreamTransformationFilter(modeE, NULL, StreamTransformationFilter::ONE_AND_ZEROS_PADDING).Ref(),
plain, sizeof(plain), encrypted, sizeof(encrypted));
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "CBC encryption with one-and-zeros padding" << std::endl;
CBC_Mode_ExternalCipher::Decryption modeD(desD, iv);
fail = !TestFilter(StreamTransformationFilter(modeD, NULL, StreamTransformationFilter::ONE_AND_ZEROS_PADDING).Ref(),
encrypted, sizeof(encrypted), plain, sizeof(plain));
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "CBC decryption with one-and-zeros padding" << std::endl;
}
{
static const byte plain[] = {'a', 0, 0, 0, 0, 0, 0, 0};
// generated with Crypto++
static const byte encrypted[] = {
0x9B, 0x47, 0x57, 0x59, 0xD6, 0x9C, 0xF6, 0xD0};
CBC_Mode_ExternalCipher::Encryption modeE(desE, iv);
fail = !TestFilter(StreamTransformationFilter(modeE, NULL, StreamTransformationFilter::ZEROS_PADDING).Ref(),
plain, 1, encrypted, sizeof(encrypted));
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "CBC encryption with zeros padding" << std::endl;
CBC_Mode_ExternalCipher::Decryption modeD(desD, iv);
fail = !TestFilter(StreamTransformationFilter(modeD, NULL, StreamTransformationFilter::ZEROS_PADDING).Ref(),
encrypted, sizeof(encrypted), plain, sizeof(plain));
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "CBC decryption with zeros padding" << std::endl;
}
{
// generated with Crypto++, matches FIPS 81
// but with last two blocks swapped as result of CTS
static const byte encrypted[] = {
0xE5, 0xC7, 0xCD, 0xDE, 0x87, 0x2B, 0xF2, 0x7C,
0x68, 0x37, 0x88, 0x49, 0x9A, 0x7C, 0x05, 0xF6,
0x43, 0xE9, 0x34, 0x00, 0x8C, 0x38, 0x9C, 0x0F};
CBC_CTS_Mode_ExternalCipher::Encryption modeE(desE, iv);
fail = !TestFilter(StreamTransformationFilter(modeE).Ref(),
plain, sizeof(plain), encrypted, sizeof(encrypted));
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "CBC encryption with ciphertext stealing (CTS)" << std::endl;
CBC_CTS_Mode_ExternalCipher::Decryption modeD(desD, iv);
fail = !TestFilter(StreamTransformationFilter(modeD).Ref(),
encrypted, sizeof(encrypted), plain, sizeof(plain));
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "CBC decryption with ciphertext stealing (CTS)" << std::endl;
fail = !TestModeIV(modeE, modeD);
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "CBC CTS IV generation" << std::endl;
}
{
// generated with Crypto++
static const byte decryptionIV[] = {0x4D, 0xD0, 0xAC, 0x8F, 0x47, 0xCF, 0x79, 0xCE};
static const byte encrypted[] = {0x12, 0x34, 0x56};
byte stolenIV[8];
CBC_CTS_Mode_ExternalCipher::Encryption modeE(desE, iv);
modeE.SetStolenIV(stolenIV);
fail = !TestFilter(StreamTransformationFilter(modeE).Ref(),
plain, 3, encrypted, sizeof(encrypted));
fail = !VerifyBufsEqual(stolenIV, decryptionIV, 8) || fail;
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "CBC encryption with ciphertext and IV stealing" << std::endl;
CBC_CTS_Mode_ExternalCipher::Decryption modeD(desD, stolenIV);
fail = !TestFilter(StreamTransformationFilter(modeD).Ref(),
encrypted, sizeof(encrypted), plain, 3);
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "CBC decryption with ciphertext and IV stealing" << std::endl;
}
{
static const byte encrypted[] = { // from FIPS 81
0xF3,0x09,0x62,0x49,0xC7,0xF4,0x6E,0x51,
0xA6,0x9E,0x83,0x9B,0x1A,0x92,0xF7,0x84,
0x03,0x46,0x71,0x33,0x89,0x8E,0xA6,0x22};
CFB_Mode_ExternalCipher::Encryption modeE(desE, iv);
fail = !TestFilter(StreamTransformationFilter(modeE).Ref(),
plain, sizeof(plain), encrypted, sizeof(encrypted));
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "CFB encryption" << std::endl;
CFB_Mode_ExternalCipher::Decryption modeD(desE, iv);
fail = !TestFilter(StreamTransformationFilter(modeD).Ref(),
encrypted, sizeof(encrypted), plain, sizeof(plain));
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "CFB decryption" << std::endl;
fail = !TestModeIV(modeE, modeD);
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "CFB mode IV generation" << std::endl;
}
{
static const byte plain[] = { // "Now is the." without tailing 0
0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,0x68,0x65};
static const byte encrypted[] = { // from FIPS 81
0xf3,0x1f,0xda,0x07,0x01,0x14,0x62,0xee,0x18,0x7f};
CFB_Mode_ExternalCipher::Encryption modeE(desE, iv, 1);
fail = !TestFilter(StreamTransformationFilter(modeE).Ref(),
plain, sizeof(plain), encrypted, sizeof(encrypted));
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "CFB (8-bit feedback) encryption" << std::endl;
CFB_Mode_ExternalCipher::Decryption modeD(desE, iv, 1);
fail = !TestFilter(StreamTransformationFilter(modeD).Ref(),
encrypted, sizeof(encrypted), plain, sizeof(plain));
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "CFB (8-bit feedback) decryption" << std::endl;
fail = !TestModeIV(modeE, modeD);
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "CFB (8-bit feedback) IV generation" << std::endl;
}
{
static const byte encrypted[] = { // from Eric Young's libdes
0xf3,0x09,0x62,0x49,0xc7,0xf4,0x6e,0x51,
0x35,0xf2,0x4a,0x24,0x2e,0xeb,0x3d,0x3f,
0x3d,0x6d,0x5b,0xe3,0x25,0x5a,0xf8,0xc3};
OFB_Mode_ExternalCipher::Encryption modeE(desE, iv);
fail = !TestFilter(StreamTransformationFilter(modeE).Ref(),
plain, sizeof(plain), encrypted, sizeof(encrypted));
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "OFB encryption" << std::endl;
OFB_Mode_ExternalCipher::Decryption modeD(desE, iv);
fail = !TestFilter(StreamTransformationFilter(modeD).Ref(),
encrypted, sizeof(encrypted), plain, sizeof(plain));
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "OFB decryption" << std::endl;
fail = !TestModeIV(modeE, modeD);
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "OFB IV generation" << std::endl;
}
{
static const byte encrypted[] = { // generated with Crypto++
0xF3, 0x09, 0x62, 0x49, 0xC7, 0xF4, 0x6E, 0x51,
0x16, 0x3A, 0x8C, 0xA0, 0xFF, 0xC9, 0x4C, 0x27,
0xFA, 0x2F, 0x80, 0xF4, 0x80, 0xB8, 0x6F, 0x75};
CTR_Mode_ExternalCipher::Encryption modeE(desE, iv);
fail = !TestFilter(StreamTransformationFilter(modeE).Ref(),
plain, sizeof(plain), encrypted, sizeof(encrypted));
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "Counter Mode encryption" << std::endl;
CTR_Mode_ExternalCipher::Decryption modeD(desE, iv);
fail = !TestFilter(StreamTransformationFilter(modeD).Ref(),
encrypted, sizeof(encrypted), plain, sizeof(plain));
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "Counter Mode decryption" << std::endl;
fail = !TestModeIV(modeE, modeD);
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "Counter Mode IV generation" << std::endl;
}
{
static const byte plain[] = { // "7654321 Now is the time for "
0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x20,
0x4e, 0x6f, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74,
0x68, 0x65, 0x20, 0x74, 0x69, 0x6d, 0x65, 0x20,
0x66, 0x6f, 0x72, 0x20};
static const byte mac1[] = { // from FIPS 113
0xf1, 0xd3, 0x0f, 0x68, 0x49, 0x31, 0x2c, 0xa4};
static const byte mac2[] = { // generated with Crypto++
0x35, 0x80, 0xC5, 0xC4, 0x6B, 0x81, 0x24, 0xE2};
CBC_MAC<DES> cbcmac(key);
HashFilter cbcmacFilter(cbcmac);
fail = !TestFilter(cbcmacFilter, plain, sizeof(plain), mac1, sizeof(mac1));
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "CBC MAC" << std::endl;
DMAC<DES> dmac(key);
HashFilter dmacFilter(dmac);
fail = !TestFilter(dmacFilter, plain, sizeof(plain), mac2, sizeof(mac2));
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "DMAC" << std::endl;
}
{
CTR_Mode<AES>::Encryption modeE(plain, 16, plain);
CTR_Mode<AES>::Decryption modeD(plain, 16, plain);
fail = !TestModeIV(modeE, modeD);
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "AES CTR Mode" << std::endl;
}
{
OFB_Mode<AES>::Encryption modeE(plain, 16, plain);
OFB_Mode<AES>::Decryption modeD(plain, 16, plain);
fail = !TestModeIV(modeE, modeD);
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "AES OFB Mode" << std::endl;
}
{
CFB_Mode<AES>::Encryption modeE(plain, 16, plain);
CFB_Mode<AES>::Decryption modeD(plain, 16, plain);
fail = !TestModeIV(modeE, modeD);
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "AES CFB Mode" << std::endl;
}
{
CBC_Mode<AES>::Encryption modeE(plain, 16, plain);
CBC_Mode<AES>::Decryption modeD(plain, 16, plain);
fail = !TestModeIV(modeE, modeD);
pass = pass && !fail;
std::cout << (fail ? "FAILED " : "passed ") << "AES CBC Mode" << std::endl;
}
return pass;
}
bool ValidateRSA()
{
cout << "\nRSA validation suite running...\n\n";
byte out[100], outPlain[100];
bool pass = true, fail;
{
static const char plain[] = "Everyone gets Friday off.";
byte *signature = (byte *)
"\x05\xfa\x6a\x81\x2f\xc7\xdf\x8b\xf4\xf2\x54\x25\x09\xe0\x3e\x84"
"\x6e\x11\xb9\xc6\x20\xbe\x20\x09\xef\xb4\x40\xef\xbc\xc6\x69\x21"
"\x69\x94\xac\x04\xf3\x41\xb5\x7d\x05\x20\x2d\x42\x8f\xb2\xa2\x7b"
"\x5c\x77\xdf\xd9\xb1\x5b\xfc\x3d\x55\x93\x53\x50\x34\x10\xc1\xe1";
FileSource keys("TestData/rsa512a.dat", true, new HexDecoder);
Weak::RSASSA_PKCS1v15_MD2_Signer rsaPriv(keys);
Weak::RSASSA_PKCS1v15_MD2_Verifier rsaPub(rsaPriv);
size_t signatureLength = rsaPriv.SignMessage(GlobalRNG(), (byte *)plain, strlen(plain), out);
fail = !VerifyBufsEqual(signature, out, 64);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "signature check against test vector\n";
fail = !rsaPub.VerifyMessage((byte *)plain, strlen(plain), out, signatureLength);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "verification check against test vector\n";
out[10]++;
fail = rsaPub.VerifyMessage((byte *)plain, strlen(plain), out, signatureLength);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "invalid signature verification\n";
}
{
FileSource keys("TestData/rsa1024.dat", true, new HexDecoder);
RSAES_PKCS1v15_Decryptor rsaPriv(keys);
RSAES_PKCS1v15_Encryptor rsaPub(rsaPriv);
pass = CryptoSystemValidate(rsaPriv, rsaPub) && pass;
}
{
RSAES<OAEP<SHA> >::Decryptor rsaPriv(GlobalRNG(), 512);
RSAES<OAEP<SHA> >::Encryptor rsaPub(rsaPriv);
pass = CryptoSystemValidate(rsaPriv, rsaPub) && pass;
}
{
byte *plain = (byte *)
"\x54\x85\x9b\x34\x2c\x49\xea\x2a";
byte *encrypted = (byte *)
"\x14\xbd\xdd\x28\xc9\x83\x35\x19\x23\x80\xe8\xe5\x49\xb1\x58\x2a"
"\x8b\x40\xb4\x48\x6d\x03\xa6\xa5\x31\x1f\x1f\xd5\xf0\xa1\x80\xe4"
"\x17\x53\x03\x29\xa9\x34\x90\x74\xb1\x52\x13\x54\x29\x08\x24\x52"
"\x62\x51";
byte *oaepSeed = (byte *)
"\xaa\xfd\x12\xf6\x59\xca\xe6\x34\x89\xb4\x79\xe5\x07\x6d\xde\xc2"
"\xf0\x6c\xb5\x8f";
ByteQueue bq;
bq.Put(oaepSeed, 20);
FixedRNG rng(bq);
FileSource privFile("TestData/rsa400pv.dat", true, new HexDecoder);
FileSource pubFile("TestData/rsa400pb.dat", true, new HexDecoder);
RSAES_OAEP_SHA_Decryptor rsaPriv;
rsaPriv.AccessKey().BERDecodePrivateKey(privFile, false, 0);
RSAES_OAEP_SHA_Encryptor rsaPub(pubFile);
memset(out, 0, 50);
memset(outPlain, 0, 8);
rsaPub.Encrypt(rng, plain, 8, out);
DecodingResult result = rsaPriv.FixedLengthDecrypt(GlobalRNG(), encrypted, outPlain);
fail = !result.isValidCoding || (result.messageLength!=8) || !VerifyBufsEqual(out, encrypted, 50) || !VerifyBufsEqual(plain, outPlain, 8);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "PKCS 2.0 encryption and decryption\n";
}
return pass;
}
bool IntegrityCheckModule(const char *moduleFilename, const byte *expectedModuleMac, SecByteBlock *pActualMac, unsigned long *pMacFileLocation)
{
std::auto_ptr<MessageAuthenticationCode> mac(NewIntegrityCheckingMAC());
unsigned int macSize = mac->DigestSize();
SecByteBlock tempMac;
SecByteBlock &actualMac = pActualMac ? *pActualMac : tempMac;
actualMac.resize(macSize);
unsigned long tempLocation;
unsigned long &macFileLocation = pMacFileLocation ? *pMacFileLocation : tempLocation;
macFileLocation = 0;
MeterFilter verifier(new HashFilter(*mac, new ArraySink(actualMac, actualMac.size())));
// MeterFilter verifier(new FileSink("c:\\dt.tmp"));
std::ifstream moduleStream;
#ifdef CRYPTOPP_WIN32_AVAILABLE
HMODULE h;
{
char moduleFilenameBuf[MAX_PATH] = "";
if (moduleFilename == NULL)
{
#if (_MSC_VER >= 1400 && !defined(_STLPORT_VERSION)) // ifstream doesn't support wide filename on other compilers
wchar_t wideModuleFilename[MAX_PATH];
if (GetModuleFileNameW(s_hModule, wideModuleFilename, MAX_PATH) > 0)
{
moduleStream.open(wideModuleFilename, std::ios::in | std::ios::binary);
h = GetModuleHandleW(wideModuleFilename);
}
else
#endif
{
GetModuleFileNameA(s_hModule, moduleFilenameBuf, MAX_PATH);
moduleFilename = moduleFilenameBuf;
}
}
#endif
if (moduleFilename != NULL)
{
moduleStream.open(moduleFilename, std::ios::in | std::ios::binary);
#ifdef CRYPTOPP_WIN32_AVAILABLE
h = GetModuleHandleA(moduleFilename);
moduleFilename = NULL;
}
#endif
}
if (!moduleStream)
{
#ifdef CRYPTOPP_WIN32_AVAILABLE
OutputDebugString(L"Crypto++ DLL integrity check failed. Cannot open file for reading.");
//OutputDebugString("Crypto++ DLL integrity check failed. Cannot open file for reading.");
#endif
return false;
}
FileStore file(moduleStream);
#ifdef CRYPTOPP_WIN32_AVAILABLE
// try to hash from memory first
const byte *memBase = (const byte *)h;
const IMAGE_DOS_HEADER *ph = (IMAGE_DOS_HEADER *)memBase;
const IMAGE_NT_HEADERS *phnt = (IMAGE_NT_HEADERS *)(memBase + ph->e_lfanew);
const IMAGE_SECTION_HEADER *phs = IMAGE_FIRST_SECTION(phnt);
DWORD nSections = phnt->FileHeader.NumberOfSections;
size_t currentFilePos = 0;
size_t checksumPos = (byte *)&phnt->OptionalHeader.CheckSum - memBase;
size_t checksumSize = sizeof(phnt->OptionalHeader.CheckSum);
size_t certificateTableDirectoryPos = (byte *)&phnt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_SECURITY] - memBase;
size_t certificateTableDirectorySize = sizeof(phnt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_SECURITY]);
size_t certificateTablePos = phnt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_SECURITY].VirtualAddress;
size_t certificateTableSize = phnt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_SECURITY].Size;
verifier.AddRangeToSkip(0, checksumPos, checksumSize);
verifier.AddRangeToSkip(0, certificateTableDirectoryPos, certificateTableDirectorySize);
verifier.AddRangeToSkip(0, certificateTablePos, certificateTableSize);
while (nSections--)
{
switch (phs->Characteristics)
{
default:
break;
case IMAGE_SCN_CNT_CODE | IMAGE_SCN_MEM_EXECUTE | IMAGE_SCN_MEM_READ:
case IMAGE_SCN_CNT_INITIALIZED_DATA | IMAGE_SCN_MEM_READ:
unsigned int sectionSize = STDMIN(phs->SizeOfRawData, phs->Misc.VirtualSize);
const byte *sectionMemStart = memBase + phs->VirtualAddress;
unsigned int sectionFileStart = phs->PointerToRawData;
size_t subSectionStart = 0, nextSubSectionStart;
do
{
const byte *subSectionMemStart = sectionMemStart + subSectionStart;
size_t subSectionFileStart = sectionFileStart + subSectionStart;
size_t subSectionSize = sectionSize - subSectionStart;
nextSubSectionStart = 0;
unsigned int entriesToReadFromDisk[] = {IMAGE_DIRECTORY_ENTRY_IMPORT, IMAGE_DIRECTORY_ENTRY_IAT};
for (unsigned int i=0; i<sizeof(entriesToReadFromDisk)/sizeof(entriesToReadFromDisk[0]); i++)
{
const IMAGE_DATA_DIRECTORY &entry = phnt->OptionalHeader.DataDirectory[entriesToReadFromDisk[i]];
const byte *entryMemStart = memBase + entry.VirtualAddress;
if (subSectionMemStart <= entryMemStart && entryMemStart < subSectionMemStart + subSectionSize)
{
subSectionSize = entryMemStart - subSectionMemStart;
nextSubSectionStart = entryMemStart - sectionMemStart + entry.Size;
}
}
#if defined(_MSC_VER) && _MSC_VER >= 1400
// first byte of _CRT_DEBUGGER_HOOK gets modified in memory by the debugger invisibly, so read it from file
if (IsDebuggerPresent())
{
if (subSectionMemStart <= (byte *)&_CRT_DEBUGGER_HOOK && (byte *)&_CRT_DEBUGGER_HOOK < subSectionMemStart + subSectionSize)
{
subSectionSize = (byte *)&_CRT_DEBUGGER_HOOK - subSectionMemStart;
nextSubSectionStart = (byte *)&_CRT_DEBUGGER_HOOK - sectionMemStart + 1;
}
}
#endif
if (subSectionMemStart <= expectedModuleMac && expectedModuleMac < subSectionMemStart + subSectionSize)
{
// found stored MAC
macFileLocation = (unsigned long)(subSectionFileStart + (expectedModuleMac - subSectionMemStart));
verifier.AddRangeToSkip(0, macFileLocation, macSize);
}
file.TransferTo(verifier, subSectionFileStart - currentFilePos);
verifier.Put(subSectionMemStart, subSectionSize);
file.Skip(subSectionSize);
currentFilePos = subSectionFileStart + subSectionSize;
subSectionStart = nextSubSectionStart;
} while (nextSubSectionStart != 0);
}
phs++;
}
#endif
file.TransferAllTo(verifier);
#ifdef CRYPTOPP_WIN32_AVAILABLE
// if that fails (could be caused by debug breakpoints or DLL base relocation modifying image in memory),
// hash from disk instead
if (!VerifyBufsEqual(expectedModuleMac, actualMac, macSize))
{
OutputDebugString(L"In memory integrity check failed. This may be caused by debug breakpoints or DLL relocation.\n");
//OutputDebugString("In memory integrity check failed. This may be caused by debug breakpoints or DLL relocation.\n");
moduleStream.clear();
moduleStream.seekg(0);
verifier.Initialize(MakeParameters(Name::OutputBuffer(), ByteArrayParameter(actualMac, (unsigned int)actualMac.size())));
// verifier.Initialize(MakeParameters(Name::OutputFileName(), (const char *)"c:\\dt2.tmp"));
verifier.AddRangeToSkip(0, checksumPos, checksumSize);
verifier.AddRangeToSkip(0, certificateTableDirectoryPos, certificateTableDirectorySize);
verifier.AddRangeToSkip(0, certificateTablePos, certificateTableSize);
verifier.AddRangeToSkip(0, macFileLocation, macSize);
FileStore(moduleStream).TransferAllTo(verifier);
}
#endif
if (VerifyBufsEqual(expectedModuleMac, actualMac, macSize))
return true;
#ifdef CRYPTOPP_WIN32_AVAILABLE
// std::string hexMac;
// HexEncoder(new StringSink(hexMac)).PutMessageEnd(actualMac, actualMac.size());
// OutputDebugString((("Crypto++ DLL integrity check failed. Actual MAC is: " + hexMac) + "\n").c_str());
#endif
return false;
}
bool ValidateARC4()
{
unsigned char Key0[] = {0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef };
unsigned char Input0[]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
unsigned char Output0[] = {0x75,0xb7,0x87,0x80,0x99,0xe0,0xc5,0x96};
unsigned char Key1[]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
unsigned char Input1[]={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
unsigned char Output1[]={0x74,0x94,0xc2,0xe7,0x10,0x4b,0x08,0x79};
unsigned char Key2[]={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
unsigned char Input2[]={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
unsigned char Output2[]={0xde,0x18,0x89,0x41,0xa3,0x37,0x5d,0x3a};
unsigned char Key3[]={0xef,0x01,0x23,0x45};
unsigned char Input3[]={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
unsigned char Output3[]={0xd6,0xa1,0x41,0xa7,0xec,0x3c,0x38,0xdf,0xbd,0x61};
unsigned char Key4[]={ 0x01,0x23,0x45,0x67,0x89,0xab, 0xcd,0xef };
unsigned char Input4[] =
{0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01};
unsigned char Output4[]= {
0x75,0x95,0xc3,0xe6,0x11,0x4a,0x09,0x78,0x0c,0x4a,0xd4,
0x52,0x33,0x8e,0x1f,0xfd,0x9a,0x1b,0xe9,0x49,0x8f,
0x81,0x3d,0x76,0x53,0x34,0x49,0xb6,0x77,0x8d,0xca,
0xd8,0xc7,0x8a,0x8d,0x2b,0xa9,0xac,0x66,0x08,0x5d,
0x0e,0x53,0xd5,0x9c,0x26,0xc2,0xd1,0xc4,0x90,0xc1,
0xeb,0xbe,0x0c,0xe6,0x6d,0x1b,0x6b,0x1b,0x13,0xb6,
0xb9,0x19,0xb8,0x47,0xc2,0x5a,0x91,0x44,0x7a,0x95,
0xe7,0x5e,0x4e,0xf1,0x67,0x79,0xcd,0xe8,0xbf,0x0a,
0x95,0x85,0x0e,0x32,0xaf,0x96,0x89,0x44,0x4f,0xd3,
0x77,0x10,0x8f,0x98,0xfd,0xcb,0xd4,0xe7,0x26,0x56,
0x75,0x00,0x99,0x0b,0xcc,0x7e,0x0c,0xa3,0xc4,0xaa,
0xa3,0x04,0xa3,0x87,0xd2,0x0f,0x3b,0x8f,0xbb,0xcd,
0x42,0xa1,0xbd,0x31,0x1d,0x7a,0x43,0x03,0xdd,0xa5,
0xab,0x07,0x88,0x96,0xae,0x80,0xc1,0x8b,0x0a,0xf6,
0x6d,0xff,0x31,0x96,0x16,0xeb,0x78,0x4e,0x49,0x5a,
0xd2,0xce,0x90,0xd7,0xf7,0x72,0xa8,0x17,0x47,0xb6,
0x5f,0x62,0x09,0x3b,0x1e,0x0d,0xb9,0xe5,0xba,0x53,
0x2f,0xaf,0xec,0x47,0x50,0x83,0x23,0xe6,0x71,0x32,
0x7d,0xf9,0x44,0x44,0x32,0xcb,0x73,0x67,0xce,0xc8,
0x2f,0x5d,0x44,0xc0,0xd0,0x0b,0x67,0xd6,0x50,0xa0,
0x75,0xcd,0x4b,0x70,0xde,0xdd,0x77,0xeb,0x9b,0x10,
0x23,0x1b,0x6b,0x5b,0x74,0x13,0x47,0x39,0x6d,0x62,
0x89,0x74,0x21,0xd4,0x3d,0xf9,0xb4,0x2e,0x44,0x6e,
0x35,0x8e,0x9c,0x11,0xa9,0xb2,0x18,0x4e,0xcb,0xef,
0x0c,0xd8,0xe7,0xa8,0x77,0xef,0x96,0x8f,0x13,0x90,
0xec,0x9b,0x3d,0x35,0xa5,0x58,0x5c,0xb0,0x09,0x29,
0x0e,0x2f,0xcd,0xe7,0xb5,0xec,0x66,0xd9,0x08,0x4b,
0xe4,0x40,0x55,0xa6,0x19,0xd9,0xdd,0x7f,0xc3,0x16,
0x6f,0x94,0x87,0xf7,0xcb,0x27,0x29,0x12,0x42,0x64,
0x45,0x99,0x85,0x14,0xc1,0x5d,0x53,0xa1,0x8c,0x86,
0x4c,0xe3,0xa2,0xb7,0x55,0x57,0x93,0x98,0x81,0x26,
0x52,0x0e,0xac,0xf2,0xe3,0x06,0x6e,0x23,0x0c,0x91,
0xbe,0xe4,0xdd,0x53,0x04,0xf5,0xfd,0x04,0x05,0xb3,
0x5b,0xd9,0x9c,0x73,0x13,0x5d,0x3d,0x9b,0xc3,0x35,
0xee,0x04,0x9e,0xf6,0x9b,0x38,0x67,0xbf,0x2d,0x7b,
0xd1,0xea,0xa5,0x95,0xd8,0xbf,0xc0,0x06,0x6f,0xf8,
0xd3,0x15,0x09,0xeb,0x0c,0x6c,0xaa,0x00,0x6c,0x80,
0x7a,0x62,0x3e,0xf8,0x4c,0x3d,0x33,0xc1,0x95,0xd2,
0x3e,0xe3,0x20,0xc4,0x0d,0xe0,0x55,0x81,0x57,0xc8,
0x22,0xd4,0xb8,0xc5,0x69,0xd8,0x49,0xae,0xd5,0x9d,
0x4e,0x0f,0xd7,0xf3,0x79,0x58,0x6b,0x4b,0x7f,0xf6,
0x84,0xed,0x6a,0x18,0x9f,0x74,0x86,0xd4,0x9b,0x9c,
0x4b,0xad,0x9b,0xa2,0x4b,0x96,0xab,0xf9,0x24,0x37,
0x2c,0x8a,0x8f,0xff,0xb1,0x0d,0x55,0x35,0x49,0x00,
0xa7,0x7a,0x3d,0xb5,0xf2,0x05,0xe1,0xb9,0x9f,0xcd,
0x86,0x60,0x86,0x3a,0x15,0x9a,0xd4,0xab,0xe4,0x0f,
0xa4,0x89,0x34,0x16,0x3d,0xdd,0xe5,0x42,0xa6,0x58,
0x55,0x40,0xfd,0x68,0x3c,0xbf,0xd8,0xc0,0x0f,0x12,
0x12,0x9a,0x28,0x4d,0xea,0xcc,0x4c,0xde,0xfe,0x58,
0xbe,0x71,0x37,0x54,0x1c,0x04,0x71,0x26,0xc8,0xd4,
0x9e,0x27,0x55,0xab,0x18,0x1a,0xb7,0xe9,0x40,0xb0,
0xc0};
auto_ptr<Weak::ARC4> arc4;
bool pass=true, fail;
size_t i;
std::cout << "\nARC4 validation suite running...\n\n";
arc4.reset(new Weak::ARC4(Key0, sizeof(Key0)));
arc4->ProcessString(Input0, sizeof(Input0));
fail = !VerifyBufsEqual(Input0, Output0, sizeof(Input0));
std::cout << (fail ? "FAILED" : "passed") << " Test 0" << std::endl;
pass = pass && !fail;
arc4.reset(new Weak::ARC4(Key1, sizeof(Key1)));
arc4->ProcessString(Key1, Input1, sizeof(Key1));
fail = !VerifyBufsEqual(Output1, Key1, sizeof(Key1));
std::cout << (fail ? "FAILED" : "passed") << " Test 1" << std::endl;
pass = pass && !fail;
arc4.reset(new Weak::ARC4(Key2, sizeof(Key2)));
for (i=0, fail=false; i<sizeof(Input2); i++)
if (arc4->ProcessByte(Input2[i]) != Output2[i])
fail = true;
std::cout << (fail ? "FAILED" : "passed") << " Test 2" << std::endl;
pass = pass && !fail;
arc4.reset(new Weak::ARC4(Key3, sizeof(Key3)));
for (i=0, fail=false; i<sizeof(Input3); i++)
if (arc4->ProcessByte(Input3[i]) != Output3[i])
fail = true;
std::cout << (fail ? "FAILED" : "passed") << " Test 3" << std::endl;
pass = pass && !fail;
arc4.reset(new Weak::ARC4(Key4, sizeof(Key4)));
for (i=0, fail=false; i<sizeof(Input4); i++)
if (arc4->ProcessByte(Input4[i]) != Output4[i])
fail = true;
std::cout << (fail ? "FAILED" : "passed") << " Test 4" << std::endl;
pass = pass && !fail;
return pass;
}
