int main(int argc, char **argv)
{
int do_corrupt_rsa_keygen = 0, do_corrupt_dsa_keygen = 0;
int bad_rsa = 0, bad_dsa = 0;
int do_rng_stick = 0;
int no_exit = 0;
printf("\tFIPS-mode test application\n\n");
/* Load entropy from external file, if any */
RAND_load_file(".rnd", 1024);
if (argv[1]) {
/* Corrupted KAT tests */
if (!strcmp(argv[1], "aes")) {
FIPS_corrupt_aes();
printf("AES encryption/decryption with corrupted KAT...\n");
} else if (!strcmp(argv[1], "des")) {
FIPS_corrupt_des();
printf("DES3-ECB encryption/decryption with corrupted KAT...\n");
} else if (!strcmp(argv[1], "dsa")) {
FIPS_corrupt_dsa();
printf
("DSA key generation and signature validation with corrupted KAT...\n");
} else if (!strcmp(argv[1], "rsa")) {
FIPS_corrupt_rsa();
printf
("RSA key generation and signature validation with corrupted KAT...\n");
} else if (!strcmp(argv[1], "rsakey")) {
printf
("RSA key generation and signature validation with corrupted key...\n");
bad_rsa = 1;
no_exit = 1;
} else if (!strcmp(argv[1], "rsakeygen")) {
do_corrupt_rsa_keygen = 1;
no_exit = 1;
printf
("RSA key generation and signature validation with corrupted keygen...\n");
} else if (!strcmp(argv[1], "dsakey")) {
printf
("DSA key generation and signature validation with corrupted key...\n");
bad_dsa = 1;
no_exit = 1;
} else if (!strcmp(argv[1], "dsakeygen")) {
do_corrupt_dsa_keygen = 1;
no_exit = 1;
printf
("DSA key generation and signature validation with corrupted keygen...\n");
} else if (!strcmp(argv[1], "sha1")) {
FIPS_corrupt_sha1();
printf("SHA-1 hash with corrupted KAT...\n");
} else if (!strcmp(argv[1], "rng")) {
FIPS_corrupt_rng();
} else if (!strcmp(argv[1], "rngstick")) {
do_rng_stick = 1;
no_exit = 1;
printf("RNG test with stuck continuous test...\n");
} else {
printf("Bad argument \"%s\"\n", argv[1]);
exit(1);
}
if (!no_exit) {
if (!FIPS_mode_set(1)) {
do_print_errors();
printf("Power-up self test failed\n");
exit(1);
}
printf("Power-up self test successful\n");
exit(0);
}
}
/* Non-Approved cryptographic operation
*/
printf("1. Non-Approved cryptographic operation test...\n");
printf("\ta. Included algorithm (D-H)...");
printf(dh_test()? "successful\n" : Fail("FAILED!\n"));
/* Power-up self test
*/
ERR_clear_error();
printf("2. Automatic power-up self test...");
if (!FIPS_mode_set(1)) {
do_print_errors();
printf(Fail("FAILED!\n"));
exit(1);
}
printf("successful\n");
if (do_corrupt_dsa_keygen)
FIPS_corrupt_dsa_keygen();
if (do_corrupt_rsa_keygen)
FIPS_corrupt_rsa_keygen();
if (do_rng_stick)
FIPS_rng_stick();
/* AES encryption/decryption
*/
printf("3. AES encryption/decryption...");
printf(FIPS_aes_test()? "successful\n" : Fail("FAILED!\n"));
/* RSA key generation and encryption/decryption
*/
printf("4. RSA key generation and encryption/decryption...");
printf(FIPS_rsa_test(bad_rsa) ? "successful\n" : Fail("FAILED!\n"));
/* DES-CBC encryption/decryption
*/
printf("5. DES-ECB encryption/decryption...");
printf(FIPS_des3_test()? "successful\n" : Fail("FAILED!\n"));
/* DSA key generation and signature validation
*/
printf("6. DSA key generation and signature validation...");
printf(FIPS_dsa_test(bad_dsa) ? "successful\n" : Fail("FAILED!\n"));
/* SHA-1 hash
*/
printf("7a. SHA-1 hash...");
printf(FIPS_sha1_test()? "successful\n" : Fail("FAILED!\n"));
/* SHA-256 hash
*/
printf("7b. SHA-256 hash...");
printf(FIPS_sha256_test()? "successful\n" : Fail("FAILED!\n"));
/* SHA-512 hash
*/
printf("7c. SHA-512 hash...");
printf(FIPS_sha512_test()? "successful\n" : Fail("FAILED!\n"));
/* HMAC-SHA-1 hash
*/
printf("7d. HMAC-SHA-1 hash...");
printf(FIPS_hmac_sha1_test()? "successful\n" : Fail("FAILED!\n"));
/* HMAC-SHA-224 hash
*/
printf("7e. HMAC-SHA-224 hash...");
printf(FIPS_hmac_sha224_test()? "successful\n" : Fail("FAILED!\n"));
/* HMAC-SHA-256 hash
*/
printf("7f. HMAC-SHA-256 hash...");
printf(FIPS_hmac_sha256_test()? "successful\n" : Fail("FAILED!\n"));
/* HMAC-SHA-384 hash
*/
printf("7g. HMAC-SHA-384 hash...");
printf(FIPS_hmac_sha384_test()? "successful\n" : Fail("FAILED!\n"));
/* HMAC-SHA-512 hash
*/
printf("7h. HMAC-SHA-512 hash...");
printf(FIPS_hmac_sha512_test()? "successful\n" : Fail("FAILED!\n"));
/* Non-Approved cryptographic operation
*/
printf("8. Non-Approved cryptographic operation test...\n");
printf("\ta. Included algorithm (D-H)...");
printf(dh_test()? "successful as expected\n"
: Fail("failed INCORRECTLY!\n"));
/* Zeroization
*/
printf("9. Zero-ization...\n");
printf(Zeroize()? "\tsuccessful as expected\n"
: Fail("\tfailed INCORRECTLY!\n"));
printf("\nAll tests completed with %d errors\n", Error);
return Error ? 1 : 0;
}
int main(int argc,char **argv)
{
printf("\tFIPS-mode test application\n\n");
/* Load entropy from external file, if any */
RAND_load_file(".rnd", 1024);
if (argv[1]) {
/* Corrupted KAT tests */
if (!strcmp(argv[1], "aes")) {
FIPS_corrupt_aes();
printf("AES encryption/decryption with corrupted KAT...\n");
} else if (!strcmp(argv[1], "des")) {
FIPS_corrupt_des();
printf("DES-ECB encryption/decryption with corrupted KAT...\n");
} else if (!strcmp(argv[1], "dsa")) {
FIPS_corrupt_dsa();
printf("DSA key generation and signature validation with corrupted KAT...\n");
} else if (!strcmp(argv[1], "rsa")) {
FIPS_corrupt_rsa();
printf("RSA key generation and encryption/decryption with corrupted KAT...\n");
} else if (!strcmp(argv[1], "sha1")) {
FIPS_corrupt_sha1();
printf("SHA-1 hash with corrupted KAT...\n");
} else if (!strcmp(argv[1], "rng")) {
FIPS_corrupt_rng();
printf("RNG test with corrupted KAT...\n");
} else {
printf("Bad argument \"%s\"\n", argv[1]);
exit(1);
}
if (!FIPS_mode_set(1))
{
ERR_load_crypto_strings();
ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
printf("Power-up self test failed\n");
exit(1);
}
printf("Power-up self test successful\n");
exit(0);
}
/* Non-Approved cryptographic operation
*/
printf("1. Non-Approved cryptographic operation test...\n");
printf("\ta. Excluded algorithm (MD5)...");
printf( md5_test() ? "successful\n" : Fail("FAILED!\n") );
printf("\tb. Included algorithm (D-H)...");
printf( dh_test() ? "successful\n" : Fail("FAILED!\n") );
/* Power-up self test
*/
ERR_clear_error();
printf("2. Automatic power-up self test...");
if (!FIPS_mode_set(1))
{
ERR_load_crypto_strings();
ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
printf(Fail("FAILED!\n"));
exit(1);
}
printf("successful\n");
/* AES encryption/decryption
*/
printf("3. AES encryption/decryption...");
printf( FIPS_aes_test() ? "successful\n" : Fail("FAILED!\n") );
/* RSA key generation and encryption/decryption
*/
printf("4. RSA key generation and encryption/decryption...");
printf( FIPS_rsa_test() ? "successful\n" : Fail("FAILED!\n") );
/* DES-CBC encryption/decryption
*/
printf("5. DES-ECB encryption/decryption...");
printf( FIPS_des_test() ? "successful\n" : Fail("FAILED!\n") );
/* DSA key generation and signature validation
*/
printf("6. DSA key generation and signature validation...");
printf( FIPS_dsa_test() ? "successful\n" : Fail("FAILED!\n") );
/* SHA-1 hash
*/
printf("7a. SHA-1 hash...");
printf( FIPS_sha1_test() ? "successful\n" : Fail("FAILED!\n") );
/* SHA-256 hash
*/
printf("7b. SHA-256 hash...");
printf( FIPS_sha256_test() ? "successful\n" : Fail("FAILED!\n") );
/* SHA-512 hash
*/
printf("7c. SHA-512 hash...");
printf( FIPS_sha512_test() ? "successful\n" : Fail("FAILED!\n") );
/* HMAC-SHA-1 hash
*/
printf("7d. SHA-1 hash...");
printf( FIPS_hmac_sha1_test() ? "successful\n" : Fail("FAILED!\n") );
/* HMAC-SHA-224 hash
*/
printf("7e. SHA-224 hash...");
printf( FIPS_hmac_sha224_test() ? "successful\n" : Fail("FAILED!\n") );
/* HMAC-SHA-256 hash
*/
printf("7f. SHA-256 hash...");
printf( FIPS_hmac_sha256_test() ? "successful\n" : Fail("FAILED!\n") );
/* HMAC-SHA-384 hash
*/
printf("7g. SHA-384 hash...");
printf( FIPS_hmac_sha384_test() ? "successful\n" : Fail("FAILED!\n") );
/* HMAC-SHA-512 hash
*/
printf("7h. SHA-512 hash...");
printf( FIPS_hmac_sha512_test() ? "successful\n" : Fail("FAILED!\n") );
/* Non-Approved cryptographic operation
*/
printf("8. Non-Approved cryptographic operation test...\n");
printf("\ta. Excluded algorithm (MD5)...");
printf( md5_test() ? Fail("passed INCORRECTLY!\n")
: "failed as expected\n" );
printf("\tb. Included algorithm (D-H)...");
printf( dh_test() ? "successful as expected\n"
: Fail("failed INCORRECTLY!\n") );
/* Zeroization
*/
printf("9. Zero-ization...\n");
Zeroize();
printf("\nAll tests completed with %d errors\n", Error);
return 0;
}