static int
check_data(const dst_private_t *priv, const unsigned int alg,
isc_boolean_t old)
{
/* XXXVIX this switch statement is too sparse to gen a jump table. */
switch (alg) {
case DST_ALG_RSAMD5:
case DST_ALG_RSASHA1:
return (check_rsa(priv));
case DST_ALG_DH:
return (check_dh(priv));
case DST_ALG_DSA:
return (check_dsa(priv));
case DST_ALG_HMACMD5:
return (check_hmac_md5(priv, old));
case DST_ALG_HMACSHA1:
return (check_hmac_sha(priv, HMACSHA1_NTAGS, alg));
case DST_ALG_HMACSHA224:
return (check_hmac_sha(priv, HMACSHA224_NTAGS, alg));
case DST_ALG_HMACSHA256:
return (check_hmac_sha(priv, HMACSHA256_NTAGS, alg));
case DST_ALG_HMACSHA384:
return (check_hmac_sha(priv, HMACSHA384_NTAGS, alg));
case DST_ALG_HMACSHA512:
return (check_hmac_sha(priv, HMACSHA512_NTAGS, alg));
default:
return (DST_R_UNSUPPORTEDALG);
}
}
void doit(void)
{
if (check_x509_privkey() != 0) {
fail("error in privkey check\n");
exit(1);
}
if (check_privkey_import_export() != 0) {
fail("error in privkey import/export check\n");
exit(1);
}
if (check_dsa() != 0) {
fail("error in DSA check\n");
exit(1);
}
if (check_rsa() != 0) {
fail("error in RSA check\n");
exit(1);
}
if (check_ecc() != 0) {
fail("error in ecdsa check\n");
}
if (check_ed25519() != 0) {
fail("error in ed25519 check\n");
}
if (check_gost() != 0) {
fail("error in gost check\n");
}
}
static int
check_data(const dst_private_t *priv, const unsigned int alg) {
/* XXXVIX this switch statement is too sparse to gen a jump table. */
switch (alg) {
case DST_ALG_RSAMD5:
case DST_ALG_RSASHA1:
return (check_rsa(priv));
case DST_ALG_DH:
return (check_dh(priv));
case DST_ALG_DSA:
return (check_dsa(priv));
case DST_ALG_HMACMD5:
return (check_hmac_md5(priv));
default:
return (DST_R_UNSUPPORTEDALG);
}
}
int
main(int argc, char **argv)
{
ENGINE *engine = NULL;
int i, j, idx = 0;
RSA *rsa;
setprogname(argv[0]);
/*
if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &idx))
usage(1);
if (help_flag)
usage(0);
if(version_flag){
print_version(NULL);
exit(0);
}
*/
while(1) {
int c = getopt_long(argc, argv, "hq", args, &idx);
if (c == -1)
break;
switch (c) {
case 'q':
verbose = 0;
break;
case 'h':
usage(0);
break;
case '?':
default:
usage(-1);
break;
}
}
/*
argc -= idx;
argv += idx;
*/
if (verbose) printf("[TEST] RSA\n");
/* OpenSSL_add_all_algorithms(); */
#ifdef OPENSSL
ENGINE_load_openssl();
#endif
ENGINE_load_builtin_engines();
/*
if (argc == 0) {
engine = ENGINE_by_id("builtin");
} else {
engine = ENGINE_by_id(argv[0]);
if (engine == NULL)
engine = ENGINE_by_dso(argv[0], id_flag);
}
if (engine == NULL) {
fprintf(stderr, "ENGINE_by_dso failed"\n);
return 76;
}
if (ENGINE_get_RSA(engine) == NULL)
return 77;
printf("rsa %s\n", ENGINE_get_RSA(engine)->name);
*/
if (time_keygen) {
struct timeval tv1, tv2;
BIGNUM *e;
rsa = RSA_new_method(engine);
if (!key_blinding)
rsa->flags |= RSA_FLAG_NO_BLINDING;
e = BN_new();
BN_set_word(e, 0x10001);
printf("running keygen with %d loops\n", loops);
gettimeofday(&tv1, NULL);
for (i = 0; i < loops; i++) {
rsa = RSA_new_method(engine);
if (RSA_generate_key_ex(rsa, 1024, e, NULL) != 1) {
RSA_free(rsa);
fprintf(stderr, "RSA_generate_key_ex");
fail++;
return 1;
}
RSA_free(rsa);
}
gettimeofday(&tv2, NULL);
timevalsub(&tv2, &tv1);
printf("time %lu.%06lu\n",
(unsigned long)tv2.tv_sec,
(unsigned long)tv2.tv_usec);
BN_free(e);
/*
ENGINE_finish(engine);
*/
return 0;
}
/*
if (time_key) {
const int size = 20;
struct timeval tv1, tv2;
unsigned char *p;
if (strcmp(time_key, "generate") == 0) {
BIGNUM *e;
rsa = RSA_new_method(engine);
if (!key_blinding)
rsa->flags |= RSA_FLAG_NO_BLINDING;
e = BN_new();
BN_set_word(e, 0x10001);
if (RSA_generate_key_ex(rsa, 1024, e, NULL) != 1) {
fprintf(stderr, "RSA_generate_key_ex");
fail++;
return (1);
}
} else {
rsa = read_key(engine, time_key);
}
p = emalloc(loops * size);
CCRandomCopyBytes(kCCRandomDefault, p, loops * size);
gettimeofday(&tv1, NULL);
for (i = 0; i < loops; i++)
check_rsa(p + (i * size), size, rsa, RSA_PKCS1_PADDING);
gettimeofday(&tv2, NULL);
timevalsub(&tv2, &tv1);
printf("time %lu.%06lu\n",
(unsigned long)tv2.tv_sec,
(unsigned long)tv2.tv_usec);
RSA_free(rsa);
ENGINE_finish(engine);
return 0;
}
*/
if (rsa_key) {
rsa = read_key(engine, rsa_key);
/*
* Assuming that you use the RSA key in the distribution, this
* test will generate a signature have a starting zero and thus
* will generate a checksum that is 127 byte instead of the
* checksum that is 128 byte (like the key).
*/
{
const unsigned char sha1[20] = {
0x6d, 0x33, 0xf9, 0x40, 0x75, 0x5b, 0x4e, 0xc5, 0x90, 0x35,
0x48, 0xab, 0x75, 0x02, 0x09, 0x76, 0x9a, 0xb4, 0x7d, 0x6b
};
check_rsa(sha1, sizeof(sha1), rsa, RSA_PKCS1_PADDING);
}
for (i = 0; i < 128; i++) {
unsigned char sha1[20];
CCRandomCopyBytes(kCCRandomDefault, sha1, sizeof(sha1));
check_rsa(sha1, sizeof(sha1), rsa, RSA_PKCS1_PADDING);
}
for (i = 0; i < 128; i++) {
unsigned char des3[21];
CCRandomCopyBytes(kCCRandomDefault, des3, sizeof(des3));
check_rsa(des3, sizeof(des3), rsa, RSA_PKCS1_PADDING);
}
for (i = 0; i < 128; i++) {
unsigned char aes[32];
CCRandomCopyBytes(kCCRandomDefault, aes, sizeof(aes));
check_rsa(aes, sizeof(aes), rsa, RSA_PKCS1_PADDING);
}
RSA_free(rsa);
}
if (verbose) {
printf("[BEGIN] RSA loops\n");
printf("Running %d loops\n", loops);
}
total++;
for (i = 0; i < loops; i++) {
BN_GENCB cb;
BIGNUM *e;
unsigned int n;
rsa = RSA_new_method(engine);
if (!key_blinding)
rsa->flags |= RSA_FLAG_NO_BLINDING;
e = BN_new();
BN_set_word(e, 0x10001);
BN_GENCB_set(&cb, cb_func, NULL);
CCRandomCopyBytes(kCCRandomDefault, &n, sizeof(n));
n &= 0x1ff;
n += 1024;
if (RSA_generate_key_ex(rsa, n, e, &cb) != 1) {
fprintf(stderr, "RSA_generate_key_ex");
fail++;
return 1;
}
BN_free(e);
for (j = 0; j < 8; j++) {
unsigned char sha1[20];
CCRandomCopyBytes(kCCRandomDefault, sha1, sizeof(sha1));
check_rsa(sha1, sizeof(sha1), rsa, RSA_PKCS1_PADDING);
}
RSA_free(rsa);
}
if (verbose) printf("[PASS] RSA loops\n");
pass++;
if (verbose) {
printf("[SUMMARY]\n");
printf("total: %d\n", total);
printf("passed: %d\n", pass);
printf("failed: %d\n", fail);
}
/* ENGINE_finish(engine); */
return (fail);
}
int main(int argc, char** argv)
{
int ret;
int i;
(void)argc;
(void)argv;
#if defined(MICROCHIP_PIC32)
init_serial() ; /* initialize PIC32MZ serial I/O */
SYSTEMConfigPerformance(80000000);
DBINIT();
#endif
/* align key, iv pointers */
key = (byte*)XMALLOC(32, NULL, DYNAMIC_TYPE_KEY);
if (key == NULL) {
printf("mcapi key alloc failed\n");
return -1;
}
iv = (byte*)XMALLOC(16, NULL, DYNAMIC_TYPE_KEY);
if (iv == NULL) {
printf("mcapi iv alloc failed\n");
return -1;
}
for (i = 0; i < OUR_DATA_SIZE; i++)
ourData[i] = (byte)i;
ret = check_md5();
if (ret != 0) {
printf("mcapi check_md5 failed\n");
return -1;
}
ret = check_sha();
if (ret != 0) {
printf("mcapi check_sha failed\n");
return -1;
}
ret = check_sha256();
if (ret != 0) {
printf("mcapi check_sha256 failed\n");
return -1;
}
ret = check_sha384();
if (ret != 0) {
printf("mcapi check_sha384 failed\n");
return -1;
}
ret = check_sha512();
if (ret != 0) {
printf("mcapi check_sha512 failed\n");
return -1;
}
ret = check_hmac();
if (ret != 0) {
printf("mcapi check_hmac failed\n");
return -1;
}
ret = check_compress();
if (ret != 0) {
printf("mcapi check_compress failed\n");
return -1;
}
ret = check_rng();
if (ret != 0) {
printf("mcapi check_rng failed\n");
return -1;
}
ret = check_des3();
if (ret != 0) {
printf("mcapi check_des3 failed\n");
return -1;
}
ret = check_aescbc();
if (ret != 0) {
printf("mcapi check_aes cbc failed\n");
return -1;
}
ret = check_aesctr();
if (ret != 0) {
printf("mcapi check_aes ctr failed\n");
return -1;
}
ret = check_aesdirect();
if (ret != 0) {
printf("mcapi check_aes direct failed\n");
return -1;
}
ret = check_rsa();
if (ret != 0) {
printf("mcapi check_rsa failed\n");
return -1;
}
ret = check_ecc();
if (ret != 0) {
printf("mcapi check_ecc failed\n");
return -1;
}
XFREE(iv, NULL, DYNAMIC_TYPE_KEY);
XFREE(key, NULL, DYNAMIC_TYPE_KEY);
return 0;
}
int
main(int argc, char **argv)
{
ENGINE *engine = NULL;
int i, j, idx = 0;
RSA *rsa;
setprogname(argv[0]);
if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &idx))
usage(1);
if (help_flag)
usage(0);
if(version_flag){
print_version(NULL);
exit(0);
}
argc -= idx;
argv += idx;
OpenSSL_add_all_algorithms();
#ifdef OPENSSL
ENGINE_load_openssl();
#endif
ENGINE_load_builtin_engines();
if (argc == 0) {
engine = ENGINE_by_id("builtin");
} else {
engine = ENGINE_by_id(argv[0]);
if (engine == NULL)
engine = ENGINE_by_dso(argv[0], id_flag);
}
if (engine == NULL)
errx(1, "ENGINE_by_dso failed");
if (ENGINE_get_RSA(engine) == NULL)
return 77;
printf("rsa %s\n", ENGINE_get_RSA(engine)->name);
if (RAND_status() != 1)
errx(77, "no functional random device, refusing to run tests");
if (time_keygen) {
struct timeval tv1, tv2;
BIGNUM *e;
rsa = RSA_new_method(engine);
if (!key_blinding)
rsa->flags |= RSA_FLAG_NO_BLINDING;
e = BN_new();
BN_set_word(e, 0x10001);
printf("running keygen with %d loops\n", loops);
gettimeofday(&tv1, NULL);
for (i = 0; i < loops; i++) {
rsa = RSA_new_method(engine);
if (RSA_generate_key_ex(rsa, 1024, e, NULL) != 1)
errx(1, "RSA_generate_key_ex");
RSA_free(rsa);
}
gettimeofday(&tv2, NULL);
timevalsub(&tv2, &tv1);
printf("time %lu.%06lu\n",
(unsigned long)tv2.tv_sec,
(unsigned long)tv2.tv_usec);
BN_free(e);
ENGINE_finish(engine);
return 0;
}
if (time_key) {
const int size = 20;
struct timeval tv1, tv2;
unsigned char *p;
if (strcmp(time_key, "generate") == 0) {
BIGNUM *e;
rsa = RSA_new_method(engine);
if (!key_blinding)
rsa->flags |= RSA_FLAG_NO_BLINDING;
e = BN_new();
BN_set_word(e, 0x10001);
if (RSA_generate_key_ex(rsa, 1024, e, NULL) != 1)
errx(1, "RSA_generate_key_ex");
} else {
rsa = read_key(engine, time_key);
}
p = emalloc(loops * size);
RAND_bytes(p, loops * size);
gettimeofday(&tv1, NULL);
for (i = 0; i < loops; i++)
check_rsa(p + (i * size), size, rsa, RSA_PKCS1_PADDING);
gettimeofday(&tv2, NULL);
timevalsub(&tv2, &tv1);
printf("time %lu.%06lu\n",
(unsigned long)tv2.tv_sec,
(unsigned long)tv2.tv_usec);
RSA_free(rsa);
ENGINE_finish(engine);
return 0;
}
if (rsa_key) {
rsa = read_key(engine, rsa_key);
/*
* Assuming that you use the RSA key in the distribution, this
* test will generate a signature have a starting zero and thus
* will generate a checksum that is 127 byte instead of the
* checksum that is 128 byte (like the key).
*/
{
const unsigned char sha1[20] = {
0x6d, 0x33, 0xf9, 0x40, 0x75, 0x5b, 0x4e, 0xc5, 0x90, 0x35,
0x48, 0xab, 0x75, 0x02, 0x09, 0x76, 0x9a, 0xb4, 0x7d, 0x6b
};
check_rsa(sha1, sizeof(sha1), rsa, RSA_PKCS1_PADDING);
}
for (i = 0; i < 128; i++) {
unsigned char sha1[20];
RAND_bytes(sha1, sizeof(sha1));
check_rsa(sha1, sizeof(sha1), rsa, RSA_PKCS1_PADDING);
}
for (i = 0; i < 128; i++) {
unsigned char des3[21];
RAND_bytes(des3, sizeof(des3));
check_rsa(des3, sizeof(des3), rsa, RSA_PKCS1_PADDING);
}
for (i = 0; i < 128; i++) {
unsigned char aes[32];
RAND_bytes(aes, sizeof(aes));
check_rsa(aes, sizeof(aes), rsa, RSA_PKCS1_PADDING);
}
RSA_free(rsa);
}
for (i = 0; i < loops; i++) {
BN_GENCB cb;
BIGNUM *e;
unsigned int n;
rsa = RSA_new_method(engine);
if (!key_blinding)
rsa->flags |= RSA_FLAG_NO_BLINDING;
e = BN_new();
BN_set_word(e, 0x10001);
BN_GENCB_set(&cb, cb_func, NULL);
RAND_bytes(&n, sizeof(n));
n &= 0x1ff;
n += 1024;
if (RSA_generate_key_ex(rsa, n, e, &cb) != 1)
errx(1, "RSA_generate_key_ex");
BN_free(e);
for (j = 0; j < 8; j++) {
unsigned char sha1[20];
RAND_bytes(sha1, sizeof(sha1));
check_rsa(sha1, sizeof(sha1), rsa, RSA_PKCS1_PADDING);
}
RSA_free(rsa);
}
ENGINE_finish(engine);
return 0;
}
