Beispiel #1
0
int sha_test()
{
    SHA  sha;
    byte hash[SHA::DIGEST_SIZE];

    testVector test_sha[] =
    {
        testVector("abc", 
                 "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2"
                 "\x6C\x9C\xD0\xD8\x9D"),
        testVector("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
                 "\x84\x98\x3E\x44\x1C\x3B\xD2\x6E\xBA\xAE\x4A\xA1\xF9\x51\x29"
                 "\xE5\xE5\x46\x70\xF1"),
        testVector("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
                 "aaaaaa", 
                 "\x00\x98\xBA\x82\x4B\x5C\x16\x42\x7B\xD7\xA1\x12\x2A\x5A\x44"
                 "\x2A\x25\xEC\x64\x4D"),
        testVector("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
                 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
                 "aaaaaaaaaa",
                 "\xAD\x5B\x3F\xDB\xCB\x52\x67\x78\xC2\x83\x9D\x2F\x15\x1E\xA7"
                 "\x53\x99\x5E\x26\xA0")  
    };

    int times( sizeof(test_sha) / sizeof(testVector) );
    for (int i = 0; i < times; ++i) {
        sha.Update(test_sha[i].input_, test_sha[i].inLen_);
        sha.Final(hash);

        if (memcmp(hash, test_sha[i].output_, SHA::DIGEST_SIZE) != 0)
            return -1 - i;
    }

    return 0;
}
Beispiel #2
0
int dsa_test()
{
    Source source;
    FileSource("../certs/dsa512.der", source);
    if (source.size() == 0) {
        FileSource("../../certs/dsa512.der", source);  // for testsuite
        if (source.size() == 0) {
            FileSource("../../../certs/dsa512.der", source); // win32 Debug dir
            if (source.size() == 0)
                err_sys("where's your certs dir?", -89);
        }
    }

    const char msg[] = "this is the message";
    byte signature[40];

    DSA_PrivateKey priv(source);
    DSA_Signer signer(priv);

    SHA sha;
    byte digest[SHA::DIGEST_SIZE];
    sha.Update((byte*)msg, sizeof(msg));
    sha.Final(digest);

    signer.Sign(digest, signature, rng);

    byte encoded[sizeof(signature) + 6];
    byte decoded[40];

    word32 encSz = EncodeDSA_Signature(signer.GetR(), signer.GetS(), encoded);
    DecodeDSA_Signature(decoded, encoded, encSz);

    DSA_PublicKey pub(priv);
    DSA_Verifier verifier(pub);

    if (!verifier.Verify(digest, decoded))
        return -90;

    return 0;
}
// process NAME, either issuer or subject
void CertDecoder::GetName(NameType nt)
{
    if (source_.GetError().What()) return;

    SHA    sha;
    word32 length = GetSequence();  // length of all distinguished names

    if (length >= ASN_NAME_MAX)
        goto err;
    length += source_.get_index();

    char *ptr, *buf_end;

    if (nt == ISSUER) {
        ptr= issuer_;
        buf_end= ptr + sizeof(issuer_) - 1;  // 1 byte for trailing 0
    }
    else {
        ptr= subject_;
        buf_end= ptr + sizeof(subject_) - 1;  // 1 byte for trailing 0
    }

    while (source_.get_index() < length) {
        GetSet();
        GetSequence();

        byte b = source_.next();
        if (b != OBJECT_IDENTIFIER) {
            source_.SetError(OBJECT_ID_E);
            return;
        }

        word32 oidSz = GetLength(source_);
        byte joint[2];
        memcpy(joint, source_.get_current(), sizeof(joint));

        // v1 name types
        if (joint[0] == 0x55 && joint[1] == 0x04) {
            source_.advance(2);
            byte   id      = source_.next();  
            b              = source_.next();    // strType
            word32 strLen  = GetLength(source_);

            switch (id) {
            case COMMON_NAME:
                if (!(ptr= AddTag(ptr, buf_end, "/CN=", 4, strLen)))
                  goto err;
                break;
            case SUR_NAME:
                if (!(ptr= AddTag(ptr, buf_end, "/SN=", 4, strLen)))
                  goto err;
                break;
            case COUNTRY_NAME:
                if (!(ptr= AddTag(ptr, buf_end, "/C=", 3, strLen)))
                  goto err;
                break;
            case LOCALITY_NAME:
                if (!(ptr= AddTag(ptr, buf_end, "/L=", 3, strLen)))
                  goto err;
                break;
            case STATE_NAME:
                if (!(ptr= AddTag(ptr, buf_end, "/ST=", 4, strLen)))
                  goto err;
                break;
            case ORG_NAME:
                if (!(ptr= AddTag(ptr, buf_end, "/O=", 3, strLen)))
                  goto err;
                break;
            case ORGUNIT_NAME:
                if (!(ptr= AddTag(ptr, buf_end, "/OU=", 4, strLen)))
                  goto err;
                break;
            }

            sha.Update(source_.get_current(), strLen);
            source_.advance(strLen);
        }
        else {
            bool email = false;
            if (joint[0] == 0x2a && joint[1] == 0x86)  // email id hdr
                email = true;

            source_.advance(oidSz + 1);
            word32 length = GetLength(source_);

            if (email && !(ptr= AddTag(ptr, buf_end, "/emailAddress=", 14, length)))
                goto err;

            source_.advance(length);
        }
    }
    *ptr= 0;

    sha.Final(nt == ISSUER ? issuerHash_ : subjectHash_);
        
    return;
    
err:
    source_.SetError(CONTENT_E);
}
Beispiel #4
0
// process NAME, either issuer or subject
void CertDecoder::GetName(NameType nt)
{
    if (source_.GetError().What()) return;

    SHA    sha;
    word32 length = GetSequence();  // length of all distinguished names

    if (length >= ASN_NAME_MAX)
        return;
    if (source_.IsLeft(length) == false) return;
    length += source_.get_index();
    
    char* ptr;
    char* buf_end;

    if (nt == ISSUER) {
        ptr = issuer_;
        buf_end = ptr + sizeof(issuer_) - 1;   // 1 byte for trailing 0
    }
    else {
        ptr = subject_;
        buf_end = ptr + sizeof(subject_) - 1;  // 1 byte for trailing 0
    }

    while (source_.get_index() < length) {
        GetSet();
        if (source_.GetError().What() == SET_E) {
            source_.SetError(NO_ERROR_E);  // extensions may only have sequence 
            source_.prev();
        }
        GetSequence();

        byte b = source_.next();
        if (b != OBJECT_IDENTIFIER) {
            source_.SetError(OBJECT_ID_E);
            return;
        }

        word32 oidSz = GetLength(source_);
        if (source_.IsLeft(oidSz) == false) return;

        byte joint[2];
        if (source_.IsLeft(sizeof(joint)) == false) return;
        memcpy(joint, source_.get_current(), sizeof(joint));

        // v1 name types
        if (joint[0] == 0x55 && joint[1] == 0x04) {
            source_.advance(2);
            byte   id      = source_.next();  
            b              = source_.next();    // strType
            word32 strLen  = GetLength(source_);

            if (source_.IsLeft(strLen) == false) return;

            switch (id) {
            case COMMON_NAME:
                if (!(ptr = AddTag(ptr, buf_end, "/CN=", 4, strLen)))
                    return;
                if (nt == ISSUER) {
                    issCnPos_ = (int)(ptr - strLen - issuer_);
                    issCnLen_ = (int)strLen;
                } else {
                    subCnPos_ = (int)(ptr - strLen - subject_);
                    subCnLen_ = (int)strLen;
                }
                break;
            case SUR_NAME:
                if (!(ptr = AddTag(ptr, buf_end, "/SN=", 4, strLen)))
                    return;
                break;
            case COUNTRY_NAME:
                if (!(ptr = AddTag(ptr, buf_end, "/C=", 3, strLen)))
                    return;
                break;
            case LOCALITY_NAME:
                if (!(ptr = AddTag(ptr, buf_end, "/L=", 3, strLen)))
                    return;
                break;
            case STATE_NAME:
                if (!(ptr = AddTag(ptr, buf_end, "/ST=", 4, strLen)))
                    return;
                break;
            case ORG_NAME:
                if (!(ptr = AddTag(ptr, buf_end, "/O=", 3, strLen)))
                    return;
                break;
            case ORGUNIT_NAME:
                if (!(ptr = AddTag(ptr, buf_end, "/OU=", 4, strLen)))
                    return;
                break;
            }

            sha.Update(source_.get_current(), strLen);
            source_.advance(strLen);
        }
        else { 
            bool email = false;
            if (joint[0] == 0x2a && joint[1] == 0x86)  // email id hdr
                email = true;

            source_.advance(oidSz + 1);
            word32 length = GetLength(source_);
            if (source_.IsLeft(length) == false) return;

            if (email) {
                if (!(ptr = AddTag(ptr, buf_end, "/emailAddress=", 14, length)))
                    return; 
            }

            source_.advance(length);
        }
    }

    *ptr = 0;

    if (nt == ISSUER)
        sha.Final(issuerHash_);
    else
        sha.Final(subjectHash_);
}