CHECK_RETVAL \ static int selfTest( void ) { CONTEXT_INFO contextInfo; PKC_INFO contextData, *pkcInfo = &contextData; int status; /* Initialise the key components */ status = staticInitContext( &contextInfo, CONTEXT_PKC, getDHCapability(), &contextData, sizeof( PKC_INFO ), NULL ); if( cryptStatusError( status ) ) return( CRYPT_ERROR_FAILED ); status = importBignum( &pkcInfo->dlpParam_p, dlpTestKey.p, dlpTestKey.pLen, DLPPARAM_MIN_P, DLPPARAM_MAX_P, NULL, KEYSIZE_CHECK_PKC ); if( cryptStatusOK( status ) ) status = importBignum( &pkcInfo->dlpParam_g, dlpTestKey.g, dlpTestKey.gLen, DLPPARAM_MIN_G, DLPPARAM_MAX_G, &pkcInfo->dlpParam_p, KEYSIZE_CHECK_NONE ); if( cryptStatusOK( status ) ) status = importBignum( &pkcInfo->dlpParam_q, dlpTestKey.q, dlpTestKey.qLen, DLPPARAM_MIN_Q, DLPPARAM_MAX_Q, &pkcInfo->dlpParam_p, KEYSIZE_CHECK_NONE ); if( cryptStatusOK( status ) ) status = importBignum( &pkcInfo->dlpParam_y, dlpTestKey.y, dlpTestKey.yLen, DLPPARAM_MIN_Y, DLPPARAM_MAX_Y, &pkcInfo->dlpParam_p, KEYSIZE_CHECK_NONE ); if( cryptStatusOK( status ) ) status = importBignum( &pkcInfo->dlpParam_x, dlpTestKey.x, dlpTestKey.xLen, DLPPARAM_MIN_X, DLPPARAM_MAX_X, &pkcInfo->dlpParam_p, KEYSIZE_CHECK_NONE ); if( cryptStatusError( status ) ) { staticDestroyContext( &contextInfo ); retIntError(); } ENSURES( sanityCheckPKCInfo( pkcInfo ) ); /* Perform the test key exchange on a block of data */ status = contextInfo.capabilityInfo->initKeyFunction( &contextInfo, NULL, 0 ); if( cryptStatusOK( status ) && \ !pairwiseConsistencyTest( &contextInfo ) ) status = CRYPT_ERROR_FAILED; /* Clean up */ staticDestroyContext( &contextInfo ); return( status ); }
CHECK_RETVAL \ static int selfTest( void ) { CONTEXT_INFO contextInfo; PKC_INFO contextData, *pkcInfo = &contextData; const CAPABILITY_INFO *capabilityInfoPtr; int status; /* Initialise the key components */ status = staticInitContext( &contextInfo, CONTEXT_PKC, getECDHCapability(), &contextData, sizeof( PKC_INFO ), NULL ); if( cryptStatusError( status ) ) return( CRYPT_ERROR_FAILED ); pkcInfo->curveType = CRYPT_ECCCURVE_P256; status = importBignum( &pkcInfo->eccParam_qx, ecdhTestKey.qx, ecdhTestKey.qxLen, ECCPARAM_MIN_QX, ECCPARAM_MAX_QX, NULL, KEYSIZE_CHECK_ECC ); if( cryptStatusOK( status ) ) status = importBignum( &pkcInfo->eccParam_qy, ecdhTestKey.qy, ecdhTestKey.qyLen, ECCPARAM_MIN_QY, ECCPARAM_MAX_QY, NULL, KEYSIZE_CHECK_NONE ); if( cryptStatusOK( status ) ) status = importBignum( &pkcInfo->eccParam_d, ecdhTestKey.d, ecdhTestKey.dLen, ECCPARAM_MIN_D, ECCPARAM_MAX_D, NULL, KEYSIZE_CHECK_NONE ); if( cryptStatusError( status ) ) { staticDestroyContext( &contextInfo ); retIntError(); } capabilityInfoPtr = contextInfo.capabilityInfo; /* Perform the test key exchange on a block of data */ status = capabilityInfoPtr->initKeyFunction( &contextInfo, NULL, 0 ); if( cryptStatusError( status ) || \ !pairwiseConsistencyTest( &contextInfo ) ) { staticDestroyContext( &contextInfo ); return( CRYPT_ERROR_FAILED ); } /* Clean up */ staticDestroyContext( &contextInfo ); return( CRYPT_OK ); }
CHECK_RETVAL \ static int selfTest( void ) { CONTEXT_INFO contextInfo; PKC_INFO contextData, *pkcInfo = &contextData; const CAPABILITY_INFO *capabilityInfoPtr; DLP_PARAMS dlpParams; BYTE buffer[ ( CRYPT_MAX_PKCSIZE * 2 ) + 32 + 8 ]; int status; /* Initialise the key components */ status = staticInitContext( &contextInfo, CONTEXT_PKC, getElgamalCapability(), &contextData, sizeof( PKC_INFO ), NULL ); if( cryptStatusError( status ) ) return( status ); status = importBignum( &pkcInfo->dlpParam_p, dlpTestKey.p, dlpTestKey.pLen, DLPPARAM_MIN_P, DLPPARAM_MAX_P, NULL, KEYSIZE_CHECK_PKC ); if( cryptStatusOK( status ) ) status = importBignum( &pkcInfo->dlpParam_g, dlpTestKey.g, dlpTestKey.gLen, DLPPARAM_MIN_G, DLPPARAM_MAX_G, &pkcInfo->dlpParam_p, KEYSIZE_CHECK_NONE ); if( cryptStatusOK( status ) ) status = importBignum( &pkcInfo->dlpParam_q, dlpTestKey.q, dlpTestKey.qLen, DLPPARAM_MIN_Q, DLPPARAM_MAX_Q, &pkcInfo->dlpParam_p, KEYSIZE_CHECK_NONE ); if( cryptStatusOK( status ) ) status = importBignum( &pkcInfo->dlpParam_y, dlpTestKey.y, dlpTestKey.yLen, DLPPARAM_MIN_Y, DLPPARAM_MAX_Y, &pkcInfo->dlpParam_p, KEYSIZE_CHECK_NONE ); if( cryptStatusOK( status ) ) status = importBignum( &pkcInfo->dlpParam_x, dlpTestKey.x, dlpTestKey.xLen, DLPPARAM_MIN_X, DLPPARAM_MAX_X, &pkcInfo->dlpParam_p, KEYSIZE_CHECK_NONE ); if( cryptStatusError( status ) ) { staticDestroyContext( &contextInfo ); retIntError(); } capabilityInfoPtr = contextInfo.capabilityInfo; ENSURES( sanityCheckPKCInfo( pkcInfo ) ); /* Perform a test a sig generation/check and test en/decryption */ #if 0 /* See comment in sig.code */ memset( buffer, '*', 20 ); status = capabilityInfoPtr->signFunction( &contextInfoPtr, buffer, -1 ); if( !cryptStatusError( status ) ) { memmove( buffer + 20, buffer, status ); memset( buffer, '*', 20 ); status = capabilityInfoPtr->sigCheckFunction( &contextInfoPtr, buffer, 20 + status ); } if( status != CRYPT_OK ) status = CRYPT_ERROR_FAILED; #endif /* 0 */ status = capabilityInfoPtr->initKeyFunction( &contextInfo, NULL, 0 ); if( cryptStatusError( status ) || \ !pairwiseConsistencyTest( &contextInfo, FALSE ) ) { staticDestroyContext( &contextInfo ); return( CRYPT_ERROR_FAILED ); } /* Finally, make sure that the memory fault-detection is working */ pkcInfo->dlpParam_p.d[ 8 ] ^= 0x0011; memset( buffer, 0, CRYPT_MAX_PKCSIZE ); memcpy( buffer + 1, "abcde", 5 ); setDLPParams( &dlpParams, buffer, bitsToBytes( contextInfo.ctxPKC->keySizeBits ), buffer, ( CRYPT_MAX_PKCSIZE * 2 ) + 32 ); status = capabilityInfoPtr->encryptFunction( &contextInfo, ( BYTE * ) &dlpParams, sizeof( DLP_PARAMS ) ); if( cryptStatusOK( status ) ) { /* The fault-detection couldn't detect a bit-flip, there's a problem */ staticDestroyContext( &contextInfo ); return( CRYPT_ERROR_FAILED ); } /* Clean up */ staticDestroyContext( &contextInfo ); return( CRYPT_OK ); }
CHECK_RETVAL \ static int selfTest( void ) { CONTEXT_INFO contextInfo; PKC_INFO contextData, *pkcInfo = &contextData; const CAPABILITY_INFO *capabilityInfoPtr; BYTE buffer[ 128 + 8 ]; int status; /* Initialise the key components */ status = initContext( &contextInfo, pkcInfo ); if( cryptStatusError( status ) ) return( status ); /* Perform the test en/decryption of a block of data */ capabilityInfoPtr = contextInfo.capabilityInfo; status = capabilityInfoPtr->initKeyFunction( &contextInfo, NULL, 0 ); if( cryptStatusError( status ) || \ !pairwiseConsistencyTest( &contextInfo ) ) { staticDestroyContext( &contextInfo ); return( CRYPT_ERROR_FAILED ); } staticDestroyContext( &contextInfo ); /* Try it again with blinding enabled. Note that this uses the randomness subsystem, which can significantly slow down the self-test if it's being performed before the polling has completed. Since we're still using the same key but changing the way that it's used, we have to call initKeyFunction() on the existing data, which isn't normally done. Because the re-init with blinding changed the bignum state, we reset the checksums to force them to be re- calculated */ memcpy( buffer, "abcde", 5 ); memset( buffer + 5, 0, rsaTestKey.nLen - 5 ); status = initContext( &contextInfo, pkcInfo ); if( cryptStatusError( status ) ) return( status ); contextInfo.flags |= CONTEXT_FLAG_SIDECHANNELPROTECTION; status = capabilityInfoPtr->initKeyFunction( &contextInfo, NULL, 0 ); if( cryptStatusOK( status ) ) status = capabilityInfoPtr->encryptFunction( &contextInfo, buffer, rsaTestKey.nLen ); if( cryptStatusOK( status ) ) status = capabilityInfoPtr->decryptFunction( &contextInfo, buffer, rsaTestKey.nLen ); if( cryptStatusError( status ) || memcmp( buffer, "abcde", 5 ) ) { staticDestroyContext( &contextInfo ); return( CRYPT_ERROR_FAILED ); } /* And one last time to ensure that the blinding value update works */ memcpy( buffer, "fghij", 5 ); memset( buffer + 5, 0, rsaTestKey.nLen - 5 ); status = capabilityInfoPtr->encryptFunction( &contextInfo, buffer, rsaTestKey.nLen ); if( cryptStatusOK( status ) ) status = capabilityInfoPtr->decryptFunction( &contextInfo, buffer, rsaTestKey.nLen ); if( cryptStatusError( status ) || memcmp( buffer, "fghij", 5 ) ) { staticDestroyContext( &contextInfo ); return( CRYPT_ERROR_FAILED ); } /* Finally, make sure that the memory fault-detection is working */ pkcInfo->rsaParam_n.d[ 8 ] ^= 0x0100; status = capabilityInfoPtr->encryptFunction( &contextInfo, buffer, rsaTestKey.nLen ); if( cryptStatusOK( status ) ) { /* The fault-detection couldn't detect a bit-flip, there's a problem */ staticDestroyContext( &contextInfo ); return( CRYPT_ERROR_FAILED ); } /* Clean up */ staticDestroyContext( &contextInfo ); return( CRYPT_OK ); }