Example #1
0
int main(int argc, char **argv)
{

    int do_corrupt_rsa_keygen = 0, do_corrupt_dsa_keygen = 0;
    int bad_rsa = 0, bad_dsa = 0;
    int do_rng_stick = 0;
    int no_exit = 0;

    printf("\tFIPS-mode test application\n\n");

    /* Load entropy from external file, if any */
    RAND_load_file(".rnd", 1024);

    if (argv[1]) {
        /* Corrupted KAT tests */
        if (!strcmp(argv[1], "aes")) {
            FIPS_corrupt_aes();
            printf("AES encryption/decryption with corrupted KAT...\n");
        } else if (!strcmp(argv[1], "des")) {
            FIPS_corrupt_des();
            printf("DES3-ECB encryption/decryption with corrupted KAT...\n");
        } else if (!strcmp(argv[1], "dsa")) {
            FIPS_corrupt_dsa();
            printf
            ("DSA key generation and signature validation with corrupted KAT...\n");
        } else if (!strcmp(argv[1], "rsa")) {
            FIPS_corrupt_rsa();
            printf
            ("RSA key generation and signature validation with corrupted KAT...\n");
        } else if (!strcmp(argv[1], "rsakey")) {
            printf
            ("RSA key generation and signature validation with corrupted key...\n");
            bad_rsa = 1;
            no_exit = 1;
        } else if (!strcmp(argv[1], "rsakeygen")) {
            do_corrupt_rsa_keygen = 1;
            no_exit = 1;
            printf
            ("RSA key generation and signature validation with corrupted keygen...\n");
        } else if (!strcmp(argv[1], "dsakey")) {
            printf
            ("DSA key generation and signature validation with corrupted key...\n");
            bad_dsa = 1;
            no_exit = 1;
        } else if (!strcmp(argv[1], "dsakeygen")) {
            do_corrupt_dsa_keygen = 1;
            no_exit = 1;
            printf
            ("DSA key generation and signature validation with corrupted keygen...\n");
        } else if (!strcmp(argv[1], "sha1")) {
            FIPS_corrupt_sha1();
            printf("SHA-1 hash with corrupted KAT...\n");
        } else if (!strcmp(argv[1], "rng")) {
            FIPS_corrupt_rng();
        } else if (!strcmp(argv[1], "rngstick")) {
            do_rng_stick = 1;
            no_exit = 1;
            printf("RNG test with stuck continuous test...\n");
        } else {
            printf("Bad argument \"%s\"\n", argv[1]);
            exit(1);
        }
        if (!no_exit) {
            if (!FIPS_mode_set(1)) {
                do_print_errors();
                printf("Power-up self test failed\n");
                exit(1);
            }
            printf("Power-up self test successful\n");
            exit(0);
        }
    }

    /* Non-Approved cryptographic operation
     */
    printf("1. Non-Approved cryptographic operation test...\n");
    printf("\ta. Included algorithm (D-H)...");
    printf(dh_test()? "successful\n" : Fail("FAILED!\n"));

    /* Power-up self test
     */
    ERR_clear_error();
    printf("2. Automatic power-up self test...");
    if (!FIPS_mode_set(1)) {
        do_print_errors();
        printf(Fail("FAILED!\n"));
        exit(1);
    }
    printf("successful\n");
    if (do_corrupt_dsa_keygen)
        FIPS_corrupt_dsa_keygen();
    if (do_corrupt_rsa_keygen)
        FIPS_corrupt_rsa_keygen();
    if (do_rng_stick)
        FIPS_rng_stick();

    /* AES encryption/decryption
     */
    printf("3. AES encryption/decryption...");
    printf(FIPS_aes_test()? "successful\n" : Fail("FAILED!\n"));

    /* RSA key generation and encryption/decryption
     */
    printf("4. RSA key generation and encryption/decryption...");
    printf(FIPS_rsa_test(bad_rsa) ? "successful\n" : Fail("FAILED!\n"));

    /* DES-CBC encryption/decryption
     */
    printf("5. DES-ECB encryption/decryption...");
    printf(FIPS_des3_test()? "successful\n" : Fail("FAILED!\n"));

    /* DSA key generation and signature validation
     */
    printf("6. DSA key generation and signature validation...");
    printf(FIPS_dsa_test(bad_dsa) ? "successful\n" : Fail("FAILED!\n"));

    /* SHA-1 hash
     */
    printf("7a. SHA-1 hash...");
    printf(FIPS_sha1_test()? "successful\n" : Fail("FAILED!\n"));

    /* SHA-256 hash
     */
    printf("7b. SHA-256 hash...");
    printf(FIPS_sha256_test()? "successful\n" : Fail("FAILED!\n"));

    /* SHA-512 hash
     */
    printf("7c. SHA-512 hash...");
    printf(FIPS_sha512_test()? "successful\n" : Fail("FAILED!\n"));

    /* HMAC-SHA-1 hash
     */
    printf("7d. HMAC-SHA-1 hash...");
    printf(FIPS_hmac_sha1_test()? "successful\n" : Fail("FAILED!\n"));

    /* HMAC-SHA-224 hash
     */
    printf("7e. HMAC-SHA-224 hash...");
    printf(FIPS_hmac_sha224_test()? "successful\n" : Fail("FAILED!\n"));

    /* HMAC-SHA-256 hash
     */
    printf("7f. HMAC-SHA-256 hash...");
    printf(FIPS_hmac_sha256_test()? "successful\n" : Fail("FAILED!\n"));

    /* HMAC-SHA-384 hash
     */
    printf("7g. HMAC-SHA-384 hash...");
    printf(FIPS_hmac_sha384_test()? "successful\n" : Fail("FAILED!\n"));

    /* HMAC-SHA-512 hash
     */
    printf("7h. HMAC-SHA-512 hash...");
    printf(FIPS_hmac_sha512_test()? "successful\n" : Fail("FAILED!\n"));

    /* Non-Approved cryptographic operation
     */
    printf("8. Non-Approved cryptographic operation test...\n");
    printf("\ta. Included algorithm (D-H)...");
    printf(dh_test()? "successful as expected\n"
           : Fail("failed INCORRECTLY!\n"));

    /* Zeroization
     */
    printf("9. Zero-ization...\n");
    printf(Zeroize()? "\tsuccessful as expected\n"
           : Fail("\tfailed INCORRECTLY!\n"));

    printf("\nAll tests completed with %d errors\n", Error);
    return Error ? 1 : 0;
}
Example #2
0
int main(int argc,char **argv)
    {

    printf("\tFIPS-mode test application\n\n");

    /* Load entropy from external file, if any */
    RAND_load_file(".rnd", 1024);

    if (argv[1]) {
        /* Corrupted KAT tests */
        if (!strcmp(argv[1], "aes")) {
            FIPS_corrupt_aes();
            printf("AES encryption/decryption with corrupted KAT...\n");
        } else if (!strcmp(argv[1], "des")) {
            FIPS_corrupt_des();
            printf("DES-ECB encryption/decryption with corrupted KAT...\n");
        } else if (!strcmp(argv[1], "dsa")) {
            FIPS_corrupt_dsa();
            printf("DSA key generation and signature validation with corrupted KAT...\n");
        } else if (!strcmp(argv[1], "rsa")) {
            FIPS_corrupt_rsa();
            printf("RSA key generation and encryption/decryption with corrupted KAT...\n");
        } else if (!strcmp(argv[1], "sha1")) {
            FIPS_corrupt_sha1();
            printf("SHA-1 hash with corrupted KAT...\n");
	} else if (!strcmp(argv[1], "rng")) {
	    FIPS_corrupt_rng();
	    printf("RNG test with corrupted KAT...\n");
        } else {
            printf("Bad argument \"%s\"\n", argv[1]);
            exit(1);
        }
        if (!FIPS_mode_set(1))
   	    {
	    ERR_load_crypto_strings();
	    ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
            printf("Power-up self test failed\n");
	    exit(1);
	}
        printf("Power-up self test successful\n");
        exit(0);
    }

    /* Non-Approved cryptographic operation
    */
    printf("1. Non-Approved cryptographic operation test...\n");
    printf("\ta. Excluded algorithm (MD5)...");
    printf( md5_test() ? "successful\n" :  Fail("FAILED!\n") );
    printf("\tb. Included algorithm (D-H)...");
    printf( dh_test() ? "successful\n" :  Fail("FAILED!\n") );

    /* Power-up self test
    */
    ERR_clear_error();
    printf("2. Automatic power-up self test...");
    if (!FIPS_mode_set(1))
	{
	ERR_load_crypto_strings();
	ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
        printf(Fail("FAILED!\n"));
	exit(1);
	}
    printf("successful\n");

    /* AES encryption/decryption
    */
    printf("3. AES encryption/decryption...");
    printf( FIPS_aes_test() ? "successful\n" :  Fail("FAILED!\n") );

    /* RSA key generation and encryption/decryption
    */
    printf("4. RSA key generation and encryption/decryption...");
    printf( FIPS_rsa_test() ? "successful\n" :  Fail("FAILED!\n") );

    /* DES-CBC encryption/decryption
    */
    printf("5. DES-ECB encryption/decryption...");
    printf( FIPS_des_test() ? "successful\n" :  Fail("FAILED!\n") );

    /* DSA key generation and signature validation
    */
    printf("6. DSA key generation and signature validation...");
    printf( FIPS_dsa_test() ? "successful\n" :  Fail("FAILED!\n") );

    /* SHA-1 hash
    */
    printf("7a. SHA-1 hash...");
    printf( FIPS_sha1_test() ? "successful\n" :  Fail("FAILED!\n") );

    /* SHA-256 hash
    */
    printf("7b. SHA-256 hash...");
    printf( FIPS_sha256_test() ? "successful\n" :  Fail("FAILED!\n") );

    /* SHA-512 hash
    */
    printf("7c. SHA-512 hash...");
    printf( FIPS_sha512_test() ? "successful\n" :  Fail("FAILED!\n") );

    /* HMAC-SHA-1 hash
    */
    printf("7d. SHA-1 hash...");
    printf( FIPS_hmac_sha1_test() ? "successful\n" :  Fail("FAILED!\n") );

    /* HMAC-SHA-224 hash
    */
    printf("7e. SHA-224 hash...");
    printf( FIPS_hmac_sha224_test() ? "successful\n" :  Fail("FAILED!\n") );

    /* HMAC-SHA-256 hash
    */
    printf("7f. SHA-256 hash...");
    printf( FIPS_hmac_sha256_test() ? "successful\n" :  Fail("FAILED!\n") );

    /* HMAC-SHA-384 hash
    */
    printf("7g. SHA-384 hash...");
    printf( FIPS_hmac_sha384_test() ? "successful\n" :  Fail("FAILED!\n") );

    /* HMAC-SHA-512 hash
    */
    printf("7h. SHA-512 hash...");
    printf( FIPS_hmac_sha512_test() ? "successful\n" :  Fail("FAILED!\n") );

    /* Non-Approved cryptographic operation
    */
    printf("8. Non-Approved cryptographic operation test...\n");
    printf("\ta. Excluded algorithm (MD5)...");
    printf( md5_test() ? Fail("passed INCORRECTLY!\n")
	    : "failed as expected\n" );
    printf("\tb. Included algorithm (D-H)...");
    printf( dh_test() ? "successful as expected\n"
	    : Fail("failed INCORRECTLY!\n") );

    /* Zeroization
    */
    printf("9. Zero-ization...\n");
    Zeroize();

    printf("\nAll tests completed with %d errors\n", Error);
    return 0;
    }