static void test_fuzz(void) { /* Fuzz a round-trip through both encoder and decoder */ struct base64_encode_ctx encode; struct base64_decode_ctx decode; unsigned i; size_t length; uint8_t input[1024]; struct knuth_lfib_ctx rand_ctx; knuth_lfib_init(&rand_ctx, 39854); for (i = 0; i < 10000; i++) { length = i % sizeof(input); /* length could be 0, which is fine we need to test that case too */ knuth_lfib_random(&rand_ctx, length, input); base64_encode_init(&encode); base64_decode_init(&decode); test_fuzz_once(&encode, &decode, length, input); base64url_encode_init(&encode); base64url_decode_init(&decode); test_fuzz_once(&encode, &decode, length, input); } }
static void test_cfb8_bulk(void) { struct knuth_lfib_ctx random; uint8_t clear[CFB8_BULK_DATA]; uint8_t cipher[CFB8_BULK_DATA + 1]; const uint8_t *key = H("966c7bf00bebe6dc 8abd37912384958a" "743008105a08657d dcaad4128eee38b3"); const uint8_t *start_iv = H("11adbff119749103 207619cfa0e8d13a"); const uint8_t *end_iv = H("f84bfd48206f5803 6ef86f4e69e9aec0"); struct CFB8_CTX(struct aes256_ctx, AES_BLOCK_SIZE) aes; knuth_lfib_init(&random, CFB8_BULK_DATA); knuth_lfib_random(&random, CFB8_BULK_DATA, clear); /* Byte that should not be overwritten */ cipher[CFB8_BULK_DATA] = 17; aes256_set_encrypt_key(&aes.ctx, key); CFB8_SET_IV(&aes, start_iv); CFB8_ENCRYPT(&aes, aes256_encrypt, CFB8_BULK_DATA, cipher, clear); ASSERT(cipher[CFB8_BULK_DATA] == 17); if (verbose) { printf("IV after bulk encryption: "); print_hex(AES_BLOCK_SIZE, aes.iv); printf("\n"); } ASSERT(MEMEQ(AES_BLOCK_SIZE, aes.iv, end_iv)); /* Decrypt, in place */ aes256_set_encrypt_key(&aes.ctx, key); CFB8_SET_IV(&aes, start_iv); CFB8_DECRYPT(&aes, aes256_encrypt, CFB8_BULK_DATA, cipher, cipher); ASSERT(cipher[CFB8_BULK_DATA] == 17); if (verbose) { printf("IV after bulk decryption: "); print_hex(AES_BLOCK_SIZE, aes.iv); printf("\n"); } ASSERT (MEMEQ(AES_BLOCK_SIZE, aes.iv, end_iv)); ASSERT (MEMEQ(CFB8_BULK_DATA, clear, cipher)); }
static void test_cbc_bulk(void) { struct knuth_lfib_ctx random; uint8_t clear[CBC_BULK_DATA]; uint8_t cipher[CBC_BULK_DATA + 1]; const uint8_t *key = H("966c7bf00bebe6dc 8abd37912384958a" "743008105a08657d dcaad4128eee38b3"); const uint8_t *start_iv = H("11adbff119749103 207619cfa0e8d13a"); const uint8_t *end_iv = H("c7a42a569b421224 d0c23e52f46f97f5"); struct CBC_CTX(struct aes_ctx, AES_BLOCK_SIZE) aes; knuth_lfib_init(&random, CBC_BULK_DATA); knuth_lfib_random(&random, CBC_BULK_DATA, clear); /* Byte that should not be overwritten */ cipher[CBC_BULK_DATA] = 17; aes_set_encrypt_key(&aes.ctx, 32, key); CBC_SET_IV(&aes, start_iv); CBC_ENCRYPT(&aes, aes_encrypt, CBC_BULK_DATA, cipher, clear); ASSERT(cipher[CBC_BULK_DATA] == 17); if (verbose) { printf("IV after bulk encryption: "); print_hex(AES_BLOCK_SIZE, aes.iv); printf("\n"); } ASSERT(MEMEQ(AES_BLOCK_SIZE, aes.iv, end_iv)); /* Decrypt, in place */ aes_set_decrypt_key(&aes.ctx, 32, key); CBC_SET_IV(&aes, start_iv); CBC_DECRYPT(&aes, aes_decrypt, CBC_BULK_DATA, cipher, cipher); ASSERT(cipher[CBC_BULK_DATA] == 17); if (verbose) { printf("IV after bulk decryption: "); print_hex(AES_BLOCK_SIZE, aes.iv); printf("\n"); } ASSERT (MEMEQ(AES_BLOCK_SIZE, aes.iv, end_iv)); ASSERT (MEMEQ(CBC_BULK_DATA, clear, cipher)); }
void test_dsa160(const struct dsa_public_key *pub, const struct dsa_private_key *key, const struct dsa_signature *expected) { struct sha1_ctx sha1; struct dsa_signature signature; struct knuth_lfib_ctx lfib; sha1_init(&sha1); dsa_signature_init(&signature); knuth_lfib_init(&lfib, 1111); sha1_update(&sha1, LDATA("The magic words are squeamish ossifrage")); ASSERT (dsa_sha1_sign(pub, key, &lfib, (nettle_random_func *) knuth_lfib_random, &sha1, &signature)); if (verbose) { fprintf(stderr, "dsa160 signature: "); mpz_out_str(stderr, 16, signature.r); fprintf(stderr, ", "); mpz_out_str(stderr, 16, signature.s); fprintf(stderr, "\n"); } if (expected) ASSERT (mpz_cmp (signature.r, expected->r) == 0 && mpz_cmp (signature.s, expected->s) == 0); /* Try bad data */ ASSERT (!DSA_VERIFY(pub, sha1, "The magick words are squeamish ossifrage", &signature)); /* Try correct data */ ASSERT (DSA_VERIFY(pub, sha1, "The magic words are squeamish ossifrage", &signature)); /* Try bad signature */ mpz_togglebit(signature.r, 17); ASSERT (!DSA_VERIFY(pub, sha1, "The magic words are squeamish ossifrage", &signature)); dsa_signature_clear(&signature); }
static void bench_curve25519 (void) { double mul_g; double mul; struct knuth_lfib_ctx lfib; struct curve25519_ctx ctx; knuth_lfib_init (&lfib, 2); knuth_lfib_random (&lfib, sizeof(ctx.s), ctx.s); curve25519_mul_g (ctx.x, ctx.s); mul_g = time_function (bench_curve25519_mul_g, &ctx); mul = time_function (bench_curve25519_mul, &ctx); printf("%16s %4d %9.4f %9.4f\n", "curve25519", 255, 1e-3/mul_g, 1e-3/mul); }
static void * bench_dsa_init (unsigned size) { struct dsa_ctx *ctx; struct sexp_iterator i; unsigned char dsa1024[] = "{KDExOnByaXZhdGUta2V5KDM6ZHNhKDE6cDEyOToA2q4hOXEClLMXXMOl9xaPcGC/GeGmCMv" " VCaaW0uWc50DvvmJDPQPdCehyfZr/1dv2UDbx06TC7ls/IFd+BsDzGBRxqIQ44J20cn+0gt" " NMIXAocE1QhCCFaT5gXrk8zMlqBEGaP3RdpgxNanEXkTj2Wma8r1GtrLX3HPafio62jicpK" " DE6cTIxOgDN9pcW3exdVAesC9WsxwCGoJK24ykoMTpnMTI5OgCJr9DmKdiE0WJZB7HACESv" " Tpg1qZgc8E15byQ+OsHUyOTRrJRTcrgKZJW7dFRJ9cXmyi7XYCd3bJtu/2HRHLY1vd4qMvU" " 7Y8x08ooCoABGV7nGqcmdQfEho1OY6TZh2NikmPKZLeur3PZFpcZ8Dl+KVWtwC55plNC7Om" " iAQy8MaCkoMTp5MTI5OgDakk0LOUQwzOKt9FHOBmBKrWsvTm7549eScTUqH4OMm3btjUsXz" " MmlqEe+imwQCOW/AE3Xw9pXZeETWK0jlLe8k5vnKcNskerFwZ1eQKtOPPQty8IqQ9PEfF6B" " 0oVQiJg2maHUDWFnDkIBd7ZR1z8FnZMUxH9mH4kEUo6YQgtCdykoMTp4MjA6cOl3ijiiMjI" " pesFD8jxESWb2mn8pKSk=}"; ctx = xalloc(sizeof(*ctx)); dsa_params_init (&ctx->params); mpz_init (ctx->pub); mpz_init (ctx->key); dsa_signature_init (&ctx->s); knuth_lfib_init (&ctx->lfib, 1); if (size != 1024) die ("Internal error.\n"); if (! (sexp_transport_iterator_first (&i, sizeof(dsa1024) - 1, dsa1024) && sexp_iterator_check_type (&i, "private-key") && sexp_iterator_check_type (&i, "dsa") && dsa_keypair_from_sexp_alist (&ctx->params, ctx->pub, ctx->key, 0, DSA_SHA1_Q_BITS, &i)) ) die ("Internal error.\n"); ctx->digest = hash_string (&nettle_sha1, "foo"); dsa_sign (&ctx->params, ctx->key, &ctx->lfib, (nettle_random_func *)knuth_lfib_random, SHA1_DIGEST_SIZE, ctx->digest, &ctx->s); return ctx; }
int test_main(void) { struct knuth_lfib_ctx ctx; uint32_t a[2009]; uint32_t x; unsigned m; knuth_lfib_init(&ctx, 310952); for (m = 0; m<2009; m++) knuth_lfib_get_array(&ctx, 1009, a); x = knuth_lfib_get(&ctx); if (x != 461390032) FAIL(); SUCCESS(); }
int main(int argc, char **argv) { struct knuth_lfib_ctx ctx; uint32_t seed; if (argc == 1) seed = time(NULL); else if (argc == 2) { seed = atoi(argv[1]); if (!seed) { usage(); return EXIT_FAILURE; } } else { usage(); return EXIT_FAILURE; } knuth_lfib_init(&ctx, seed); for (;;) { char buffer[BUFSIZE]; knuth_lfib_random(&ctx, BUFSIZE, buffer); if (fwrite(buffer, 1, BUFSIZE, stdout) < BUFSIZE || fflush(stdout) < 0) return EXIT_FAILURE; } /* Not reached. This program is usually terminated by SIGPIPE */ }
void test_main(void) { uint8_t src[MAX_SIZE]; uint8_t dst[MAX_SIZE]; uint8_t res[MAX_SIZE]; struct knuth_lfib_ctx random_ctx; knuth_lfib_init (&random_ctx, 11); size_t size; for (size = 1; size < 50; size++) { knuth_lfib_random (&random_ctx, size, src); knuth_lfib_random (&random_ctx, size, dst); memcpy (res, dst, size); cnd_memcpy_for_test (0, res, src, size); ASSERT (memcmp (res, dst, size) == 0); cnd_memcpy_for_test (1, res, src, size); ASSERT (memcmp (res, src, size) == 0); } }
void test_main(void) { struct knuth_lfib_ctx lfib; mpz_t p; unsigned bits; knuth_lfib_init(&lfib, 17); mpz_init(p); for (bits = 6; bits < 1000; bits = bits + 1 + bits/20) { if (verbose) fprintf(stderr, "bits = %d\n", bits); nettle_random_prime(p, bits, 0, &lfib, (nettle_random_func *) knuth_lfib_random, NULL, NULL); ASSERT (mpz_sizeinbase (p, 2) == bits); ASSERT (mpz_probab_prime_p(p, 25)); } mpz_clear(p); }
static void * bench_ecdsa_init (unsigned size) { struct ecdsa_ctx *ctx; const struct ecc_curve *ecc; const char *xs; const char *ys; const char *zs; mpz_t x, y, z; ctx = xalloc (sizeof(*ctx)); dsa_signature_init (&ctx->s); knuth_lfib_init (&ctx->rctx, 17); switch (size) { case 192: ecc = &_nettle_secp_192r1; xs = "8e8e07360350fb6b7ad8370cfd32fa8c6bba785e6e200599"; ys = "7f82ddb58a43d59ff8dc66053002b918b99bd01bd68d6736"; zs = "f2e620e086d658b4b507996988480917640e4dc107808bdd"; ctx->digest = hash_string (&nettle_sha1, "abc"); ctx->digest_size = 20; break; case 224: ecc = &_nettle_secp_224r1; xs = "993bf363f4f2bc0f255f22563980449164e9c894d9efd088d7b77334"; ys = "b75fff9849997d02d135140e4d0030944589586e22df1fc4b629082a"; zs = "cdfd01838247f5de3cc70b688418046f10a2bfaca6de9ec836d48c27"; ctx->digest = hash_string (&nettle_sha224, "abc"); ctx->digest_size = 28; break; /* From RFC 4754 */ case 256: ecc = &_nettle_secp_256r1; xs = "2442A5CC 0ECD015F A3CA31DC 8E2BBC70 BF42D60C BCA20085 E0822CB0 4235E970"; ys = "6FC98BD7 E50211A4 A27102FA 3549DF79 EBCB4BF2 46B80945 CDDFE7D5 09BBFD7D"; zs = "DC51D386 6A15BACD E33D96F9 92FCA99D A7E6EF09 34E70975 59C27F16 14C88A7F"; ctx->digest = hash_string (&nettle_sha256, "abc"); ctx->digest_size = 32; break; case 384: ecc = &_nettle_secp_384r1; xs = "96281BF8 DD5E0525 CA049C04 8D345D30 82968D10 FEDF5C5A CA0C64E6 465A97EA" "5CE10C9D FEC21797 41571072 1F437922"; ys = "447688BA 94708EB6 E2E4D59F 6AB6D7ED FF9301D2 49FE49C3 3096655F 5D502FAD" "3D383B91 C5E7EDAA 2B714CC9 9D5743CA"; zs = "0BEB6466 34BA8773 5D77AE48 09A0EBEA 865535DE 4C1E1DCB 692E8470 8E81A5AF" "62E528C3 8B2A81B3 5309668D 73524D9F"; ctx->digest = hash_string (&nettle_sha384, "abc"); ctx->digest_size = 48; break; case 521: ecc = &_nettle_secp_521r1; xs = "0151518F 1AF0F563 517EDD54 85190DF9 5A4BF57B 5CBA4CF2 A9A3F647 4725A35F" "7AFE0A6D DEB8BEDB CD6A197E 592D4018 8901CECD 650699C9 B5E456AE A5ADD190" "52A8"; ys = "006F3B14 2EA1BFFF 7E2837AD 44C9E4FF 6D2D34C7 3184BBAD 90026DD5 E6E85317" "D9DF45CA D7803C6C 20035B2F 3FF63AFF 4E1BA64D 1C077577 DA3F4286 C58F0AEA" "E643"; zs = "0065FDA3 409451DC AB0A0EAD 45495112 A3D813C1 7BFD34BD F8C1209D 7DF58491" "20597779 060A7FF9 D704ADF7 8B570FFA D6F062E9 5C7E0C5D 5481C5B1 53B48B37" "5FA1"; ctx->digest = hash_string (&nettle_sha512, "abc"); ctx->digest_size = 64; break; default: die ("Internal error.\n"); } ecc_point_init (&ctx->pub, ecc); ecc_scalar_init (&ctx->key, ecc); mpz_init_set_str (x, xs, 16); mpz_init_set_str (y, ys, 16); mpz_init_set_str (z, zs, 16); ecc_point_set (&ctx->pub, x, y); ecc_scalar_set (&ctx->key, z); mpz_clear (x); mpz_clear (y); mpz_clear (z); ecdsa_sign (&ctx->key, &ctx->rctx, (nettle_random_func *) knuth_lfib_random, ctx->digest_size, ctx->digest, &ctx->s); return ctx; }
static void * bench_rsa_init (unsigned size) { unsigned char rsa1024[] = "{KDExOnByaXZhdGUta2V5KDE0OnJzYS1wa2NzMS1zaGExKDE6bjEyOToA90+K5EmjbFJBeJD" " xP2KD2Df+0Twc9425uB+vhqTrVijtd2PnwEQDfR2VoducgkKcXJzYYyCNILQJbFAi2Km/sD" " jImERBqDtaI217Ze+tOKEmImexYTAgFuqEptp2F3M4DqgRQ7s/3nJQ/bPE5Hfi1OZhJSShu" " I80ATTU4fUgrPspKDE6ZTM6AQABKSgxOmQxMjk6APAhKckzvxxkWfHJOpXDACWnaSKcbbvo" " vtWK3pGr/F2ya7CrLtE+uOx5F1sLs9G+/7flCy5k4uNILIYg4VTirZ1zQ8fNKPrjK1VMRls" " JiRRU/0VAs9d7HdncJfs6rbvRQbCRSRYURo4hWir3Lq8V3UUQVBprc4dO+uWmplvwQ5qxKS" " gxOnA2NToA+8aIVkdbk8Jg8dJOuzc7m/hZnwkKSs6eVDw4N/2T0CJKGJYT+B3Ct+fPkxhUR" " ggd2DQ9OpkTra7SXHTNkzdPVSkoMTpxNjU6APt11P8vXNnGYF0OC/cPsR8zhSYuFmtRuX6G" " ES+DdG0VCU07UeNQkok1UoW5sXqY0IGr1jkJq8AMSgKoNbLQ6w8pKDE6YTY0Ohzkxsan/8F" " wQDHgQbrIduXKVXaj0fONzKu8EXOTfUAYf0pdBsOlnq/+QVsPIrS6v7oNHK253YFEG84SdX" " kcktUpKDE6YjY1OgCR+cRtY3RWY+f6/TWK9gwPndv03xpasLWrMm71ky1aSbT9pasS9+opR" " tAiGzthfSbFsBiLQgb3VOr+AeIybT+XKSgxOmM2NDojigqARWN5u1CVDVuD2L2ManpoGiM6" " kQ6FaJjqRjxeRRKFrQxGJa9tM1hqStxokC1oJidgaOLGnn60iwzToug9KSkp}"; unsigned char rsa2048[] = "{KDExOnByaXZhdGUta2V5KDE0OnJzYS1wa2NzMS1zaGExKDE6bjI1NzoAtxWXiglIdunDK48" " 8I0vW0wTqnh/riW9pLk8n1F8MUPBFdhvkkl0bDQqSJPUvSHy+w4fLVwcEzeI4qFyo3b2Avz" " JK20MFbt/WfHD1TbxuK8rNqXyqmqjJ9vgjtV9nPzAz7CM9ogs3/RJHpcfZPQF15ifizleUZ" " aQT0GAXHZL7cePj10yGI2u3hgTkokVzdNC/1T34guKYpErg0pt0B/KejWpsFTb84z3tkR+B" " YVx07p/OoByZwoABgncS/uALl31fRS8jyJ2JqUiZOqe7XoO9hkDHYNCWUGUfNGQ7ZgVp9+e" " NQpracSjrp6Jnrj7r/oxJUx5ZDVNi18AzQadE/oKOrSkoMTplMzoBAAEpKDE6ZDI1NjogBT" " C5vaHk2kF+LtDvw2XRBj0aZq7FHK0ioklvBSicR0l+vKYfSxVeFIk22YLphJfAjtFraRjYA" " Uaze3E1Rt1rkxoweupKV++lWAQvElOaaR/LErirz/Vysjdck1D1ZjLOi+NNofSq2DWbsvY1" " iznZhQRP3lVf6XBls0iXrYs4gb0pBZqXLQW+j9Ihx6eantf1/6ZMKPgCkzcAZ0ABsCfaFSg" " ouNCzilblsgFEspEbb8QqrNQoStS3F/gMwWgDsr3+vQzBqt+7ykWoCJ9wctbYy9kEPq+hX3" " GP0hG6HdS81r9E8pgdf3wloNNMzYUHwn7poXGpOi8tG0pmR56TqD/BKSgxOnAxMjk6AN4AJ" " TiGPm9We2ga3Y0jpTfA3mWpUbhYgaXYLWA1/riniwq16fqxRIkWQT/O2KKpBVe6WSvNYq9u" " lM8N6bdPtDytJs6AOXy0X5vtJ953ZYVMhHbhmUxhIL9I+s0O1+LxMF8b9U4CrFyaTxd8Un/" " FXP1BvYJRrkoup6HYvOlGx36lKSgxOnExMjk6ANMfrfH6z/3o7K56aW6kSiloDDbKZQ0+W5" " 8LzP2ZOBLf6LX6jLhN3olU1Z0KGTM0S/1AxvwGjuRqhu+LcOJ7oUCUH3uusR5c5nSnArYPq" " +0wbco4BQngot/HmGN7U0EDsIWqPt/qoa/b8bCk+TOwJlknNq/PnZU26SPj48XS05lpKSgx" " OmExMjk6AJM2n3gLNW3ZeH5BindkktQU9qWNkV5geqDCaNyrEZ3bpI1WsrEGSj9p3Zz1ipz" " a3msdbLJqQS26c72WKUzg8tFltR0s1HJInjolGtIgdNbfNdwrn9+RbQjL2VyPokOg0wXO4W" " 14wlmqDhax33dRJmfe50964MvaglkGA8fhorrtKSgxOmIxMjk6AKMe+vrX2xRHf3dfxU5jS" " ZmsdqNuxZzx7UB5kazvUU/kCJ1yNH/CSoq5LULkpovVgFDwV84qEwWQ+SjkCBg1hWWsDJc3" " ZkobZUQENigM+72LiYiQt/PlyHI2eRuEEdNN0nm0DFhdpQeHXLoq/RBerYJ8tdgpBYxgnMn" " KLhaOykbhKSgxOmMxMjg6MVlKj2bjb7qFQVkLO1OPg28jSrtRpnQCR+qegN4ZmNam/qbest" " 8yn0JQ6gxX7PvP382+jx7uHHWHYYqPq/Flf8gqtOOcjqS5TJgVHz3F3xHWquo1ZofGtCMro" " Dd2c0xjRjIVGvLV6Ngs+HRdljRav40vRpTyEoEdlzHBQiILesopKSk=}"; struct rsa_ctx *ctx; struct sexp_iterator i; int res; ctx = xalloc(sizeof(*ctx)); rsa_public_key_init (&ctx->pub); rsa_private_key_init (&ctx->key); mpz_init (ctx->s); knuth_lfib_init (&ctx->lfib, 1); /* NOTE: Base64-decodes the strings in-place */ if (size == 1024) res = sexp_transport_iterator_first (&i, sizeof(rsa1024) - 1, rsa1024); else if (size == 2048) res = sexp_transport_iterator_first (&i, sizeof(rsa2048) - 1, rsa2048); else die ("Internal error.\n"); if (! (res && sexp_iterator_check_type (&i, "private-key") && sexp_iterator_check_type (&i, "rsa-pkcs1-sha1") && rsa_keypair_from_sexp_alist (&ctx->pub, &ctx->key, 0, &i))) die ("Internal error.\n"); ctx->digest = hash_string (&nettle_sha256, "foo"); rsa_sha256_sign_digest (&ctx->key, ctx->digest, ctx->s); return ctx; }
void test_main (void) { unsigned i; struct knuth_lfib_ctx rctx; struct dsa_signature signature; struct tstring *digest; knuth_lfib_init (&rctx, 4711); dsa_signature_init (&signature); digest = SHEX (/* sha256("abc") */ "BA7816BF 8F01CFEA 414140DE 5DAE2223" "B00361A3 96177A9C B410FF61 F20015AD"); for (i = 0; ecc_curves[i]; i++) { const struct ecc_curve *ecc = ecc_curves[i]; struct ecc_point pub; struct ecc_scalar key; if (verbose) fprintf (stderr, "Curve %d\n", ecc->bit_size); ecc_point_init (&pub, ecc); ecc_scalar_init (&key, ecc); ecdsa_generate_keypair (&pub, &key, &rctx, (nettle_random_func *) knuth_lfib_random); if (verbose) { gmp_fprintf (stderr, "Public key:\nx = %Nx\ny = %Nx\n", pub.p, ecc->size, pub.p + ecc->size, ecc->size); gmp_fprintf (stderr, "Private key: %Nx\n", key.p, ecc->size); } if (!ecc_valid_p (&pub)) die ("ecdsa_generate_keypair produced an invalid point.\n"); ecdsa_sign (&key, &rctx, (nettle_random_func *) knuth_lfib_random, digest->length, digest->data, &signature); if (!ecdsa_verify (&pub, digest->length, digest->data, &signature)) die ("ecdsa_verify failed.\n"); digest->data[3] ^= 17; if (ecdsa_verify (&pub, digest->length, digest->data, &signature)) die ("ecdsa_verify returned success with invalid digest.\n"); digest->data[3] ^= 17; mpz_combit (signature.r, 117); if (ecdsa_verify (&pub, digest->length, digest->data, &signature)) die ("ecdsa_verify returned success with invalid signature.r.\n"); mpz_combit (signature.r, 117); mpz_combit (signature.s, 93); if (ecdsa_verify (&pub, digest->length, digest->data, &signature)) die ("ecdsa_verify returned success with invalid signature.s.\n"); ecc_point_clear (&pub); ecc_scalar_clear (&key); } dsa_signature_clear (&signature); }
void test_main(void) { struct rsa_public_key pub; struct rsa_private_key key; struct knuth_lfib_ctx lfib; /* FIXME: How is this spelled? */ const uint8_t *msg = "Squemish ossifrage"; size_t msg_length; uint8_t *decrypted; size_t decrypted_length; uint8_t after; mpz_t gibberish; rsa_private_key_init(&key); rsa_public_key_init(&pub); mpz_init(gibberish); knuth_lfib_init(&lfib, 17); test_rsa_set_key_1(&pub, &key); msg_length = strlen(msg); if (verbose) fprintf(stderr, "msg: `%s', length = %d\n", msg, (int) msg_length); ASSERT(rsa_encrypt(&pub, &lfib, (nettle_random_func *) knuth_lfib_random, msg_length, msg, gibberish)); if (verbose) { fprintf(stderr, "encrypted: "); mpz_out_str(stderr, 10, gibberish); } decrypted = xalloc(msg_length + 1); knuth_lfib_random (&lfib, msg_length + 1, decrypted); after = decrypted[msg_length]; decrypted_length = msg_length - 1; ASSERT(!rsa_decrypt(&key, &decrypted_length, decrypted, gibberish)); decrypted_length = msg_length; ASSERT(rsa_decrypt(&key, &decrypted_length, decrypted, gibberish)); ASSERT(decrypted_length == msg_length); ASSERT(MEMEQ(msg_length, msg, decrypted)); ASSERT(decrypted[msg_length] == after); knuth_lfib_random (&lfib, msg_length + 1, decrypted); after = decrypted[msg_length]; decrypted_length = key.size; ASSERT(rsa_decrypt(&key, &decrypted_length, decrypted, gibberish)); ASSERT(decrypted_length == msg_length); ASSERT(MEMEQ(msg_length, msg, decrypted)); ASSERT(decrypted[msg_length] == after); knuth_lfib_random (&lfib, msg_length + 1, decrypted); after = decrypted[msg_length]; decrypted_length = msg_length; ASSERT(rsa_decrypt_tr(&pub, &key, &lfib, (nettle_random_func *) knuth_lfib_random, &decrypted_length, decrypted, gibberish)); ASSERT(decrypted_length == msg_length); ASSERT(MEMEQ(msg_length, msg, decrypted)); ASSERT(decrypted[msg_length] == after); /* Test invalid key. */ mpz_add_ui (key.q, key.q, 2); decrypted_length = key.size; ASSERT(!rsa_decrypt_tr(&pub, &key, &lfib, (nettle_random_func *) knuth_lfib_random, &decrypted_length, decrypted, gibberish)); rsa_private_key_clear(&key); rsa_public_key_clear(&pub); mpz_clear(gibberish); free(decrypted); }