void DigestFile(const char *filename) { MD5 md5; SHA sha; RIPEMD160 ripemd; SHA256 sha256; HashFilter md5Filter(md5), shaFilter(sha), ripemdFilter(ripemd), sha256Filter(sha256); auto_ptr<ChannelSwitch> channelSwitch(new ChannelSwitch); channelSwitch->AddDefaultRoute(md5Filter); channelSwitch->AddDefaultRoute(shaFilter); channelSwitch->AddDefaultRoute(ripemdFilter); channelSwitch->AddDefaultRoute(sha256Filter); FileSource(filename, true, channelSwitch.release()); HexEncoder encoder(new FileSink(cout), false); cout << "\nMD5: "; md5Filter.TransferTo(encoder); cout << "\nSHA-1: "; shaFilter.TransferTo(encoder); cout << "\nRIPEMD-160: "; ripemdFilter.TransferTo(encoder); cout << "\nSHA-256: "; sha256Filter.TransferTo(encoder); }
void AES_CTR_Encrypt(const char *hexKey, const char *hexIV, const char *infile, const char *outfile) { SecByteBlock key = HexDecodeString(hexKey); SecByteBlock iv = HexDecodeString(hexIV); CTR_Mode<AES>::Encryption aes(key, key.size(), iv); FileSource(infile, true, new StreamTransformationFilter(aes, new FileSink(outfile))); }
void DigestFile(const char *filename) { SHA1 sha; RIPEMD160 ripemd; SHA256 sha256; Tiger tiger; SHA512 sha512; Whirlpool whirlpool; vector_member_ptrs<HashFilter> filters(6); filters[0].reset(new HashFilter(sha)); filters[1].reset(new HashFilter(ripemd)); filters[2].reset(new HashFilter(tiger)); filters[3].reset(new HashFilter(sha256)); filters[4].reset(new HashFilter(sha512)); filters[5].reset(new HashFilter(whirlpool)); auto_ptr<ChannelSwitch> channelSwitch(new ChannelSwitch); size_t i; for (i=0; i<filters.size(); i++) channelSwitch->AddDefaultRoute(*filters[i]); FileSource(filename, true, channelSwitch.release()); HexEncoder encoder(new FileSink(cout), false); for (i=0; i<filters.size(); i++) { cout << filters[i]->AlgorithmName() << ": "; filters[i]->TransferTo(encoder); cout << "\n"; } }
/* * Description: use the same key to decrypt the 'decFilename' and create recoverFile * Input: * decFilename: the encrypted file name * recoverFilename: the decrypted file name * OutPut: * if decrypted the file successful, return true, else return false * Others: we should also delete the file 'decFilename' */ bool MyAES::DecryptFile(const string & decFilename, const string & recoverFilename) { // check if the file 'decFilename' exists! if (access(decFilename.c_str(), 0) == -1) { cout << "The file " << decFilename << " is not exist! " << endl; return false; } // exist , then decrypt the file CBC_Mode<AES>::Decryption aesDecryptor(key, key_length, iv); FileSource(decFilename.c_str(), true, new StreamTransformationFilter(aesDecryptor, new FileSink(recoverFilename.c_str()))); return true; }
void HmacFile(const char *hexKey, const char *file) { member_ptr<MessageAuthenticationCode> mac; if (strcmp(hexKey, "selftest") == 0) { cerr << "Computing HMAC/SHA1 value for self test.\n"; mac.reset(NewIntegrityCheckingMAC()); } else { std::string decodedKey; StringSource(hexKey, true, new HexDecoder(new StringSink(decodedKey))); mac.reset(new HMAC<SHA1>((const byte *)decodedKey.data(), decodedKey.size())); } FileSource(file, true, new HashFilter(*mac, new HexEncoder(new FileSink(cout)))); }
/* * Description: use the key to encrypt the 'inFilename' and store the cipher in 'outFilname' * Input: * inFilename: the file need to be encrypted! * outFilename: the encrypted file * OutPut: * if encrypt success, return true, or return false * Others: the function should delete the file : 'inFilename', however I note it */ bool MyAES::EncryptFile(const string & inFilename, const string & outFilename) { // check if the file 'inFilename' exists. if (access(inFilename.c_str(), 0) == -1) { cout << "The file " << inFilename << " is not exist! " << endl; return false; } // file exists, the encrypt the file CBC_Mode<AES>::Encryption aesEncryptor(key, key_length, iv); FileSource(inFilename.c_str(), true, new StreamTransformationFilter(aesEncryptor, new FileSink(outFilename.c_str()))); // remove the file 'inFilename' // if(remove(inFilename) == 0) cout << "remove file succeed! " << endl; // else cout << "fail to remove the file " << inFilname << endl; // use function remove(), you have to add #include <cstdio> in the .h file return true; }
int main (int argc, const char* argv[]) { string toSign; FileSource(argv[1], true, new StringSink(toSign)); AutoSeededRandomPool rng; //Read private key CryptoPP::ByteQueue bytes; FileSource file(argv[2], true, new Base64Decoder); file.TransferTo(bytes); bytes.MessageEnd(); RSA::PrivateKey privateKey; privateKey.Load(bytes); //Sign message RSASSA_PKCS1v15_SHA_Signer signer(privateKey); SecByteBlock signature(signer.SignatureLength()); signer.SignMessage( rng, (byte const*) toSign.data(), toSign.size(), signature); //Print string of signature HexEncoder encoder; string signatureString; encoder.Put(signature.data(), signature.size()); encoder.MessageEnd(); word64 signatureSize = encoder.MaxRetrievable(); if (signatureSize) { signatureString.resize(signatureSize); encoder.Get((byte*) signatureString.data(), signatureString.size()); } cout << signatureString << endl; }
void DoPowerUpSelfTest(const char *moduleFilename, const byte *expectedModuleSha1Digest) { g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_NOT_DONE; SetPowerUpSelfTestInProgressOnThisThread(true); try { if (FIPS_140_2_ComplianceEnabled() || moduleFilename != NULL) { // integrity test SHA1 sha; HashVerifier verifier(sha); verifier.Put(expectedModuleSha1Digest, sha.DigestSize()); FileStore(moduleFilename).TransferAllTo(verifier); if (!verifier.GetLastResult()) { #ifdef CRYPTOPP_WIN32_AVAILABLE std::string actualDigest; FileSource(moduleFilename, true, new HashFilter(sha, new HexEncoder(new StringSink(actualDigest)))); OutputDebugString(("Crypto++ EDC test failed. Actual digest is: " + actualDigest + "\n").c_str()); #endif throw 0; // throw here so we break in the debugger, this will be caught right away } } // algorithm tests X917RNG_KnownAnswerTest<DES_EDE3>( "48851090B4992453E83CDA86416534E53EA2FCE1A0B3A40C", // key "7D00BD0A79F6B0F5", // seed "22B590B08B53363AEB89AD65F81A5B6FB83F326CE06BF35751E6C41B43B729C4", // output 1489728269); // time vector SymmetricEncryptionKnownAnswerTest<DES>( "0123456789abcdef", // key "1234567890abcdef", // IV "4e6f77206973207468652074696d6520666f7220616c6c20", // plaintext "3fa40e8a984d48156a271787ab8883f9893d51ec4b563b53", // ecb "E5C7CDDE872BF27C43E934008C389C0F683788499A7C05F6", // cbc "F3096249C7F46E51A69E839B1A92F78403467133898EA622", // cfb "f3096249c7f46e5135f24a242eeb3d3f3d6d5be3255af8c3", // ofb "F3096249C7F46E51163A8CA0FFC94C27FA2F80F480B86F75");// ctr SymmetricEncryptionKnownAnswerTest<DES_EDE3>( "385D7189A5C3D485E1370AA5D408082B5CCCCB5E19F2D90E", "C141B5FCCD28DC8A", "6E1BD7C6120947A464A6AAB293A0F89A563D8D40D3461B68", "64EAAD4ACBB9CEAD6C7615E7C7E4792FE587D91F20C7D2F4", "6235A461AFD312973E3B4F7AA7D23E34E03371F8E8C376C9", "E26BA806A59B0330DE40CA38E77A3E494BE2B212F6DD624B", "E26BA806A59B03307DE2BCC25A08BA40A8BA335F5D604C62", "E26BA806A59B03303C62C2EFF32D3ACDD5D5F35EBCC53371"); SymmetricEncryptionKnownAnswerTest<SKIPJACK>( "1555E5531C3A169B2D65", "6EC9795701F49864", "00AFA48E9621E52E8CBDA312660184EDDB1F33D9DACDA8DA", "DBEC73562EFCAEB56204EB8AE9557EBF77473FBB52D17CD1", "0C7B0B74E21F99B8F2C8DF37879F6C044967F42A796DCA8B", "79FDDA9724E36CC2E023E9A5C717A8A8A7FDA465CADCBF63", "79FDDA9724E36CC26CACBD83C1ABC06EAF5B249BE5B1E040", "79FDDA9724E36CC211B0AEC607B95A96BCDA318440B82F49"); SymmetricEncryptionKnownAnswerTest<AES>( "2b7e151628aed2a6abf7158809cf4f3c", "000102030405060708090a0b0c0d0e0f", "6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710", // plaintext "3ad77bb40d7a3660a89ecaf32466ef97f5d3d58503b9699de785895a96fdbaaf43b1cd7f598ece23881b00e3ed0306887b0c785e27e8ad3f8223207104725dd4", // ecb "7649abac8119b246cee98e9b12e9197d5086cb9b507219ee95db113a917678b273bed6b8e3c1743b7116e69e222295163ff1caa1681fac09120eca307586e1a7", // cbc "3b3fd92eb72dad20333449f8e83cfb4ac8a64537a0b3a93fcde3cdad9f1ce58b26751f67a3cbb140b1808cf187a4f4dfc04b05357c5d1c0eeac4c66f9ff7f2e6", // cfb "3b3fd92eb72dad20333449f8e83cfb4a7789508d16918f03f53c52dac54ed8259740051e9c5fecf64344f7a82260edcc304c6528f659c77866a510d9c1d6ae5e", // ofb NULL); SymmetricEncryptionKnownAnswerTest<AES>( "2b7e151628aed2a6abf7158809cf4f3c", "f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff", "6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710", NULL, NULL, NULL, NULL, "874d6191b620e3261bef6864990db6ce9806f66b7970fdff8617187bb9fffdff5ae4df3edbd5d35e5b4f09020db03eab1e031dda2fbe03d1792170a0f3009cee"); // ctr SecureHashKnownAnswerTest<SHA>( "abc", "A9993E364706816ABA3E25717850C26C9CD0D89D"); MAC_KnownAnswerTest<HMAC<SHA> >( "303132333435363738393a3b3c3d3e3f40414243", "Sample #2", "0922d3405faa3d194f82a45830737d5cc6c75d24"); SignatureKnownAnswerTest<RSASS<PKCS1v15, SHA> >( "30820150020100300d06092a864886f70d01010105000482013a3082013602010002400a66791dc6988168de7ab77419bb7fb0" "c001c62710270075142942e19a8d8c51d053b3e3782a1de5dc5af4ebe99468170114a1dfe67cdc9a9af55d655620bbab0203010001" "02400123c5b61ba36edb1d3679904199a89ea80c09b9122e1400c09adcf7784676d01d23356a7d44d6bd8bd50e94bfc723fa" "87d8862b75177691c11d757692df8881022033d48445c859e52340de704bcdda065fbb4058d740bd1d67d29e9c146c11cf61" "0220335e8408866b0fd38dc7002d3f972c67389a65d5d8306566d5c4f2a5aa52628b0220045ec90071525325d3d46db79695e9af" "acc4523964360e02b119baa366316241022015eb327360c7b60d12e5e2d16bdcd97981d17fba6b70db13b20b436e24eada590220" "2ca6366d72781dfa24d34a9a24cbc2ae927a9958af426563ff63fb11658a461d", "Everyone gets Friday off.", "0610761F95FFD1B8F29DA34212947EC2AA0E358866A722F03CC3C41487ADC604A48FF54F5C6BEDB9FB7BD59F82D6E55D8F3174BA361B2214B2D74E8825E04E81"); SignaturePairwiseConsistencyTest<DSA>( "3082014A0201003082012B06072A8648CE3804013082011E02818100F468699A6F6EBCC0120D3B34C8E007F125EC7D81F763B8D0F33869AE3BD6B9F2ECCC7DF34DF84C0307449E9B85D30D57194BCCEB310F48141914DD13A077AAF9B624A6CBE666BBA1D7EBEA95B5BA6F54417FD5D4E4220C601E071D316A24EA814E8B0122DBF47EE8AEEFD319EBB01DD95683F10DBB4FEB023F8262A07EAEB7FD02150082AD4E034DA6EEACDFDAE68C36F2BAD614F9E53B02818071AAF73361A26081529F7D84078ADAFCA48E031DB54AD57FB1A833ADBD8672328AABAA0C756247998D7A5B10DACA359D231332CE8120B483A784FE07D46EEBFF0D7D374A10691F78653E6DC29E27CCB1B174923960DFE5B959B919B2C3816C19251832AFD8E35D810E598F82877ABF7D40A041565168BD7F0E21E3FE2A8D8C1C0416021426EBA66E846E755169F84A1DA981D86502405DDF"); SignaturePairwiseConsistencyTest<ECDSA<EC2N, SHA> >( "302D020100301006072A8648CE3D020106052B8104000404163014020101040F0070337065E1E196980A9D00E37211"); SignaturePairwiseConsistencyTest<ECDSA<ECP, SHA> >( "3039020100301306072A8648CE3D020106082A8648CE3D030101041F301D02010104182BB8A13C8B867010BD9471D9E81FDB01ABD0538C64D6249A"); } catch (...) { g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_FAILED; goto done; } g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_PASSED; done: SetPowerUpSelfTestInProgressOnThisThread(false); return; }
int main(int argc, char *argv[]) #endif { #ifdef _CRTDBG_LEAK_CHECK_DF // Turn on leak-checking int tempflag = _CrtSetDbgFlag( _CRTDBG_REPORT_FLAG ); tempflag |= _CRTDBG_LEAK_CHECK_DF; _CrtSetDbgFlag( tempflag ); #endif #if defined(__MWERKS__) && defined(macintosh) argc = ccommand(&argv); #endif try { std::string command, executableName, edcFilename; if (argc < 2) command = 'h'; else command = argv[1]; if (FIPS_140_2_ComplianceEnabled()) { edcFilename = "edc.dat"; #ifdef CRYPTOPP_WIN32_AVAILABLE TCHAR filename[MAX_PATH]; GetModuleFileName(GetModuleHandle(NULL), filename, sizeof(filename)); executableName = filename; std::string::size_type pos = executableName.rfind('\\'); if (pos != std::string::npos) edcFilename = executableName.substr(0, pos+1) + edcFilename; #else executableName = argv[0]; #endif if (command.substr(0, 4) != "fips") { byte expectedModuleDigest[SHA1::DIGESTSIZE]; FileSource(edcFilename.c_str(), true, new HexDecoder(new ArraySink(expectedModuleDigest, sizeof(expectedModuleDigest)))); DoPowerUpSelfTest(executableName.c_str(), expectedModuleDigest); } } switch (command[0]) { case 'g': { char seed[1024], privFilename[128], pubFilename[128]; unsigned int keyLength; cout << "Key length in bits: "; cin >> keyLength; cout << "\nSave private key to file: "; cin >> privFilename; cout << "\nSave public key to file: "; cin >> pubFilename; cout << "\nRandom Seed: "; ws(cin); cin.getline(seed, 1024); GenerateRSAKey(keyLength, privFilename, pubFilename, seed); return 0; } case 'r': { switch (argv[1][1]) { case 's': RSASignFile(argv[2], argv[3], argv[4]); return 0; case 'v': { bool verified = RSAVerifyFile(argv[2], argv[3], argv[4]); cout << (verified ? "valid signature" : "invalid signature") << endl; return 0; } default: { char privFilename[128], pubFilename[128]; char seed[1024], message[1024]; cout << "Private key file: "; cin >> privFilename; cout << "\nPublic key file: "; cin >> pubFilename; cout << "\nRandom Seed: "; ws(cin); cin.getline(seed, 1024); cout << "\nMessage: "; cin.getline(message, 1024); string ciphertext = RSAEncryptString(pubFilename, seed, message); cout << "\nCiphertext: " << ciphertext << endl; string decrypted = RSADecryptString(privFilename, ciphertext.c_str()); cout << "\nDecrypted: " << decrypted << endl; return 0; } } } case 'm': DigestFile(argv[2]); return 0; case 't': { if (command == "tv") { return !RunTestDataFile(argv[2]); } // VC60 workaround: use char array instead of std::string to workaround MSVC's getline bug char passPhrase[MAX_PHRASE_LENGTH], plaintext[1024]; cout << "Passphrase: "; cin.getline(passPhrase, MAX_PHRASE_LENGTH); cout << "\nPlaintext: "; cin.getline(plaintext, 1024); string ciphertext = EncryptString(plaintext, passPhrase); cout << "\nCiphertext: " << ciphertext << endl; string decrypted = DecryptString(ciphertext.c_str(), passPhrase); cout << "\nDecrypted: " << decrypted << endl; return 0; } case 'e': case 'd': if (command == "e64") Base64Encode(argv[2], argv[3]); else if (command == "d64") Base64Decode(argv[2], argv[3]); else if (command == "e16") HexEncode(argv[2], argv[3]); else if (command == "d16") HexDecode(argv[2], argv[3]); else { char passPhrase[MAX_PHRASE_LENGTH]; cout << "Passphrase: "; cin.getline(passPhrase, MAX_PHRASE_LENGTH); if (command == "e") EncryptFile(argv[2], argv[3], passPhrase); else DecryptFile(argv[2], argv[3], passPhrase); } return 0; case 's': if (argv[1][1] == 's') { char seed[1024]; cout << "\nRandom Seed: "; ws(cin); cin.getline(seed, 1024); SecretShareFile(atoi(argv[2]), atoi(argv[3]), argv[4], seed); } else SecretRecoverFile(argc-3, argv[2], argv+3); return 0; case 'i': if (argv[1][1] == 'd') InformationDisperseFile(atoi(argv[2]), atoi(argv[3]), argv[4]); else InformationRecoverFile(argc-3, argv[2], argv+3); return 0; case 'v': return !Validate(argc>2 ? atoi(argv[2]) : 0, argv[1][1] == 'v', argc>3 ? argv[3] : NULL); case 'b': if (argc<3) BenchMarkAll(); else BenchMarkAll((float)atof(argv[2])); return 0; case 'z': GzipFile(argv[3], argv[4], argv[2][0]-'0'); return 0; case 'u': GunzipFile(argv[2], argv[3]); return 0; case 'f': if (command == "fips") FIPS140_SampleApplication(executableName.c_str(), edcFilename.c_str()); else if (command == "fips-rand") FIPS140_GenerateRandomFiles(); else if (command == "ft") ForwardTcpPort(argv[2], argv[3], argv[4]); return 0; case 'a': if (AdhocTest) return (*AdhocTest)(argc, argv); else return 0; default: FileSource usage("usage.dat", true, new FileSink(cout)); return 1; } } catch(CryptoPP::Exception &e) { cout << "\nCryptoPP::Exception caught: " << e.what() << endl; return -1; } catch(std::exception &e) { cout << "\nstd::exception caught: " << e.what() << endl; return -2; } }
void HexDecode(const char *in, const char *out) { FileSource(in, true, new HexDecoder(new FileSink(out))); }
void Base64Decode(const char *in, const char *out) { FileSource(in, true, new Base64Decoder(new FileSink(out))); }
void GunzipFile(const char *in, const char *out) { FileSource(in, true, new Gunzip(new FileSink(out))); }
void FIPS140_SampleApplication(const char *moduleFilename, const char *edcFilename) { if (!FIPS_140_2_ComplianceEnabled()) { cerr << "FIPS-140-2 compliance was turned off at compile time.\n"; abort(); } // try to use a crypto algorithm before doing a self test try { // trying to use a crypto algorithm before power-up self test will result in an exception DES::Encryption des; // should not be here cerr << "Use of DES before power-up test failed to cause an exception.\n"; abort(); } catch (SelfTestFailure &e) { cout << "0. Caught expected exception. Exception message follows: "; cout << e.what() << endl; } // simulate a power-up self test error SimulatePowerUpSelfTestFailure(); try { // trying to use a crypto algorithm after power-up self test error will result in an exception DES::Encryption des; // should not be here cerr << "Use of DES failed to cause an exception after power-up self test error.\n"; abort(); } catch (SelfTestFailure &e) { cout << "1. Caught expected exception when simulating self test failure. Exception message follows: "; cout << e.what() << endl; } // clear the self test error state and do power-up self test byte expectedModuleDigest[SHA1::DIGESTSIZE]; FileSource(edcFilename, true, new HexDecoder(new ArraySink(expectedModuleDigest, sizeof(expectedModuleDigest)))); DoPowerUpSelfTest(moduleFilename, expectedModuleDigest); if (GetPowerUpSelfTestStatus() != POWER_UP_SELF_TEST_PASSED) { cerr << "Power-up self test failed.\n"; abort(); } cout << "2. Power-up self test passed.\n"; // encrypt and decrypt const byte key[] = {0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef}; const byte iv[] = {0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef}; const byte plaintext[] = { // "Now is the time for all " without tailing 0 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20}; byte ciphertext[24]; byte decrypted[24]; CBC_Mode<DES>::Encryption encryption_DES_CBC; encryption_DES_CBC.SetKeyWithIV(key, 8, iv); encryption_DES_CBC.ProcessString(ciphertext, plaintext, 24); CBC_Mode<DES>::Decryption decryption_DES_CBC; decryption_DES_CBC.SetKeyWithIV(key, 8, iv); decryption_DES_CBC.ProcessString(decrypted, ciphertext, 24); if (memcmp(plaintext, decrypted, 24) != 0) { cerr << "DES-CBC Encryption/decryption failed.\n"; abort(); } cout << "3. DES-CBC Encryption/decryption succeeded.\n"; // hash const byte message[] = {'a', 'b', 'c'}; const byte expectedDigest[] = {0xA9,0x99,0x3E,0x36,0x47,0x06,0x81,0x6A,0xBA,0x3E,0x25,0x71,0x78,0x50,0xC2,0x6C,0x9C,0xD0,0xD8,0x9D}; byte digest[20]; SHA1 sha; sha.Update(message, 3); sha.Final(digest); if (memcmp(digest, expectedDigest, 20) != 0) { cerr << "SHA-1 hash failed.\n"; abort(); } cout << "4. SHA-1 hash succeeded.\n"; // create auto-seeded X9.17 RNG object, if available #ifdef OS_RNG_AVAILABLE AutoSeededX917RNG<DES_EDE3> rng; #else // this is used to allow this function to compile on platforms that don't have auto-seeded RNGs RandomNumberGenerator &rng(NullRNG()); #endif // generate DSA key DSA::PrivateKey dsaPrivateKey; dsaPrivateKey.GenerateRandomWithKeySize(rng, 1024); DSA::PublicKey dsaPublicKey; dsaPublicKey.AssignFrom(dsaPrivateKey); if (!dsaPrivateKey.Validate(rng, 3) || !dsaPublicKey.Validate(rng, 3)) { cerr << "DSA key generation failed.\n"; abort(); } cout << "5. DSA key generation succeeded.\n"; // encode DSA key std::string encodedDsaPublicKey, encodedDsaPrivateKey; dsaPublicKey.DEREncode(StringSink(encodedDsaPublicKey).Ref()); dsaPrivateKey.DEREncode(StringSink(encodedDsaPrivateKey).Ref()); // decode DSA key DSA::PrivateKey decodedDsaPrivateKey; decodedDsaPrivateKey.BERDecode(StringStore(encodedDsaPrivateKey).Ref()); DSA::PublicKey decodedDsaPublicKey; decodedDsaPublicKey.BERDecode(StringStore(encodedDsaPublicKey).Ref()); if (!decodedDsaPrivateKey.Validate(rng, 3) || !decodedDsaPublicKey.Validate(rng, 3)) { cerr << "DSA key encode/decode failed.\n"; abort(); } cout << "6. DSA key encode/decode succeeded.\n"; // sign and verify byte signature[40]; DSA::Signer signer(dsaPrivateKey); assert(signer.SignatureLength() == 40); signer.SignMessage(rng, message, 3, signature); DSA::Verifier verifier(dsaPublicKey); if (!verifier.VerifyMessage(message, 3, signature, 40)) { cerr << "DSA signature and verification failed.\n"; abort(); } cout << "7. DSA signature and verification succeeded.\n"; // try to verify an invalid signature signature[0] ^= 1; if (verifier.VerifyMessage(message, 3, signature, 40)) { cerr << "DSA signature verification failed to detect bad signature.\n"; abort(); } cout << "8. DSA signature verification successfully detected bad signature.\n"; // try to use an invalid key length try { encryption_DES_CBC.SetKey(key, 5); // should not be here cerr << "DES implementation did not detect use of invalid key length.\n"; abort(); } catch (InvalidArgument &e) { cout << "9. Caught expected exception when using invalid key length. Exception message follows: "; cout << e.what() << endl; } cout << "\nFIPS 140-2 Sample Application completed normally.\n"; }