static int test_signature()
{
char *private_key, *public_key;
int ret;
private_key = str_or_die("%s/private.pem", test_dir);
public_key = str_or_die("%s/public.pem", test_dir);
// Create a good key
ret = run_command("/usr/bin/openssl", "req", "-x509", "-sha256",
"-nodes", "-days", "365", "-newkey", "rsa:4096",
"-keyout", private_key, "-out", public_key,
"-subj", "/C=US/ST=Oregon/L=Portland/O=Company Name/OU=Org/CN=localhost", NULL);
if (ret != 0) {
return -1;
}
ret = test_sign(private_key, public_key, true);
//TODO: Add tests with invalid signatures - expired, OCSP
free(private_key);
free(public_key);
return ret;
}
int
test_main(void)
{
test_sign("DSA signing",
S("{KDM6ZHNhKDE6cDEyOToAg9mnws4qkXn0PNs7/+feDw7vJt1d+uRNUxvA3kVj"
"TSwHy5KbDb4Q2lgAcOar+7hBXES/9XC4rXed9lOq2X3HveuBXX6IED5hYG7T"
"2KKV+/00DS1J4iCDPrrOVRHiLE8Cl+01HplI+oSOnI+tt7R7zEfe9CVbXh1e"
"ECFbO1WguF8pKDE6cTIxOgCCZuDer0YCC6SNQQylgPOpeGKbXSkoMTpnMTI4"
"OjDTS7nzdr7JRxVK/kB2vH01nJ0y9Ucd276NapQcR/qdxPMlcxUdu0qlnrmJ"
"t0rDa7YxCl6LWAUBZV2R85PaoZOuEwMEm4f+uwk9wEBLU7TF2iRjMA+cWxVt"
"eIxKzo7Lud0AwY2ZU38lWsAl0HTYlKYHy+MCOhJ271VpFqM/feVDKSgxOnkx"
"Mjg6ZEAgSLJ/OfQEpUaoSQnJwOni3RU6hJlGEGKJJZjTCvJ64878K3APttB3"
"OQqDvcrXihKZSHyWI7tirwyFo9+e8e4sDWZljh/TKDtUB/bNMO5+YVT61Bpq"
"iw9chsWszBEnv3yaXWutywEhgMtipVxeF9bTUozb4ALM7hMcG4aGf3opKDE6"
"eDIwOlbG76+HjQbu8h3AcPq3HabsHjCmKSk=}"),
S("Needs some randomness."),
NULL);
SUCCESS();
}
int
test_main(void)
{
test_sign("RSA signing",
S("{KDE0OnJzYS1wa2NzMS1zaGExKDE6bjI1MzoBFRr6hWOxSyj4UOuRSv2TgnQT"
"RIbT+XhBCCuC0delL8hCt9SKN8QYGn9eSfJaMknWXZdbiATciNWXtC6BInC5"
"PiIyCwZP21u4x/UYNq7EpYRWfOr2GeFtgqAgjLCPiNcDmaje5RI6HltB1t69"
"gyRlgmTEGedjfCVUksR9HCa/YHO4Qj6nfGL43suz0qzbw90fo52pJQAFVsob"
"8uNXcIkKEIUF6iaCcFxz5chlmUDDuWZsu0CN2hwTVcNEODo2h4K9UZSJ1q5r"
"flh3Yd2hKeQDY4g1em/4faS43lvhkV+PqXNyaV5/9Oo5PfPhuVbppOvhV3fU"
"6GsPNH2rmaSnKSgxOmU0Og8eiqcpKDE6ZDI1MzoBALlbGgNWW/Iobv5Zm17I"
"lj8Vwg3DgYucIlNkKs4z+G5I1J5wSLlsSJp5mDixgy2meph8Zo7kRM8DXNbQ"
"FxPrx184sRHI+zQlcd61ldDSiy+U55cw99k+AW9xPGiSlIwfGFJb8+ihimFr"
"LD4bpJTjZmWFMza4W4EqovJZar2Lk8j1ahEClrVZxmClMwGViQf6sezat9eD"
"ccA3D1J7lbCqhhZ4/zO7M97VifRfcvzJCRsQUgf3fdsY6BFp0/jkx+7y0ZgC"
"IfBx7JJPPAe90wNIG7s+XXE4A0M3txusqFE3gpIZ+H84xD/as/h/CAkDnZDK"
"xTjaeL9KEMXaJDlXKSgxOnAxMjc6AMDrJe3pnACcCkZDTxmNifj/107wgUsy"
"qCX097sHwkRKRn4OGJYg1V8odSIBXiGVO9HvDqEZKwZQ7ck83IHavaJIEnTy"
"7vrSH3wS3x60PmQHINlqd3CnJISIKsvBnULrU8P892gxqTpqCEvpoo1ZnQzZ"
"qYNiAf5kj47TqJN2lykoMTpxMTI3OgFvtvQgJp9z2OJ+jJRPY3xPxK1wkymR"
"YSBAEjSTxfs7CiUjQ7cdWXlZoF/P9NGRVQErNkknFpVEC2Mh1qpIw4wN1ES/"
"Z54XTgshkibn2+wtDpD0Vj5r5S3UIta6iCn39SJbAUQSuMuuLLj5jwCfq8d/"
"V7BaU7aO58244vcFlHEpKDE6YTEyNjoiG57+FA/nD4jGoPHo5LPNSxecFmC8"
"YlC9r0ATzEB3xFW6g7qY8QYw2h/zmarUqO5KQVDxHwk+kJ24BIqMxDyqFdhj"
"r7c3bg7jSBv3MqSGfNWu/awoQ5rffKPDKN8TzWjrUJHYKQBjODfzmZuuWAsH"
"eEb4u7E4K8f3NLs14nMpKDE6YjEyNjouubKPLYPvxC3dj4WlXwRhfRgD2F/D"
"k2T00eEyJst/LLHFvNQ8H5/iB1FmUGWVcZAheYNFp2RzNU2+MoOgskKFQJ4q"
"VqX/A9mH9BULiEXMG1MC7hFT0O/w2bFBz6dFtpb50nPfO09J/G+DON1TnoOj"
"IxJ0RLy5Uq45jx9vPGcpKDE6YzEyNzoAs20M6PMchs+bdN/hiVdzD0PG5eOF"
"BCjR1tUbzRvhcA9zRW1ze0ozDyF1ZuqIqnoniHMz5Tm7P9swIioNNgrWys/S"
"k1nyPdDw6zkEj8mtW2RUyXb8FK+rgtE9UjTwTj2gZEsj8TjPE5WuaagBKe2K"
"tQ/OuMsYG7bMADddMRv4KSk=}"),
S("The magic words are squeamish ossifrage"),
NULL);
SUCCESS();
}
int
main (int argc, char *argv[])
{
mpfr_t x, c, s, c2, s2;
tests_start_mpfr ();
check_regression ();
check_nans ();
/* worst case from PhD thesis of Vincent Lefe`vre: x=8980155785351021/2^54 */
check53 ("4.984987858808754279e-1", "4.781075595393330379e-1", MPFR_RNDN);
check53 ("4.984987858808754279e-1", "4.781075595393329824e-1", MPFR_RNDD);
check53 ("4.984987858808754279e-1", "4.781075595393329824e-1", MPFR_RNDZ);
check53 ("4.984987858808754279e-1", "4.781075595393330379e-1", MPFR_RNDU);
check53 ("1.00031274099908640274", "8.416399183372403892e-1", MPFR_RNDN);
check53 ("1.00229256850978698523", "8.427074524447979442e-1", MPFR_RNDZ);
check53 ("1.00288304857059840103", "8.430252033025980029e-1", MPFR_RNDZ);
check53 ("1.00591265847407274059", "8.446508805292128885e-1", MPFR_RNDN);
/* Other worst cases showing a bug introduced on 2005-01-29 in rev 3248 */
check53b ("1.0111001111010111010111111000010011010001110001111011e-21",
"1.0111001111010111010111111000010011010001101001110001e-21",
MPFR_RNDU);
check53b ("1.1011101111111010000001010111000010000111100100101101",
"1.1111100100101100001111100000110011110011010001010101e-1",
MPFR_RNDU);
mpfr_init2 (x, 2);
mpfr_set_str (x, "0.5", 10, MPFR_RNDN);
test_sin (x, x, MPFR_RNDD);
if (mpfr_cmp_ui_2exp (x, 3, -3)) /* x != 0.375 = 3/8 */
{
printf ("mpfr_sin(0.5, MPFR_RNDD) failed with precision=2\n");
exit (1);
}
/* bug found by Kevin Ryde */
mpfr_const_pi (x, MPFR_RNDN);
mpfr_mul_ui (x, x, 3L, MPFR_RNDN);
mpfr_div_ui (x, x, 2L, MPFR_RNDN);
test_sin (x, x, MPFR_RNDN);
if (mpfr_cmp_ui (x, 0) >= 0)
{
printf ("Error: wrong sign for sin(3*Pi/2)\n");
exit (1);
}
/* Can fail on an assert */
mpfr_set_prec (x, 53);
mpfr_set_str (x, "77291789194529019661184401408", 10, MPFR_RNDN);
mpfr_init2 (c, 4); mpfr_init2 (s, 42);
mpfr_init2 (c2, 4); mpfr_init2 (s2, 42);
test_sin (s, x, MPFR_RNDN);
mpfr_cos (c, x, MPFR_RNDN);
mpfr_sin_cos (s2, c2, x, MPFR_RNDN);
if (mpfr_cmp (c2, c))
{
printf("cos differs for x=77291789194529019661184401408");
exit (1);
}
if (mpfr_cmp (s2, s))
{
printf("sin differs for x=77291789194529019661184401408");
exit (1);
}
mpfr_set_str_binary (x, "1.1001001000011111101101010100010001000010110100010011");
test_sin (x, x, MPFR_RNDZ);
if (mpfr_cmp_str (x, "1.1111111111111111111111111111111111111111111111111111e-1", 2, MPFR_RNDN))
{
printf ("Error for x= 1.1001001000011111101101010100010001000010110100010011\nGot ");
mpfr_dump (x);
exit (1);
}
mpfr_set_prec (s, 9);
mpfr_set_prec (x, 190);
mpfr_const_pi (x, MPFR_RNDN);
mpfr_sin (s, x, MPFR_RNDZ);
if (mpfr_cmp_str (s, "0.100000101e-196", 2, MPFR_RNDN))
{
printf ("Error for x ~= pi\n");
mpfr_dump (s);
exit (1);
}
mpfr_clear (s2);
mpfr_clear (c2);
mpfr_clear (s);
mpfr_clear (c);
mpfr_clear (x);
test_generic (2, 100, 15);
test_generic (MPFR_SINCOS_THRESHOLD-1, MPFR_SINCOS_THRESHOLD+1, 2);
test_sign ();
check_tiny ();
data_check ("data/sin", mpfr_sin, "mpfr_sin");
bad_cases (mpfr_sin, mpfr_asin, "mpfr_sin", 256, -40, 0, 4, 128, 800, 50);
tests_end_mpfr ();
return 0;
}
int main (int argc, char **argv)
{
#ifdef ENABLE_CRYPTO
const char *datadir = "data/pgp";
GMimeStream *istream, *ostream;
GMimeFilterOpenPGP *filter;
GMimeCryptoContext *ctx;
const char *what;
char *gpg, *key;
struct stat st;
int i;
g_mime_init ();
testsuite_init (argc, argv);
if (!(gpg = g_find_program_in_path ("gpg2")))
if (!(gpg = g_find_program_in_path ("gpg")))
return EXIT_FAILURE;
if (testsuite_setup_gpghome (gpg) != 0)
return EXIT_FAILURE;
g_free (gpg);
for (i = 1; i < argc; i++) {
if (argv[i][0] != '-') {
datadir = argv[i];
break;
}
}
if (i < argc && (stat (datadir, &st) == -1 || !S_ISDIR (st.st_mode)))
return 0;
testsuite_start ("GnuPG crypto context");
ctx = g_mime_gpg_context_new ();
g_mime_crypto_context_set_request_password (ctx, request_passwd);
testsuite_check ("GMimeGpgContext::import");
try {
key = g_build_filename (datadir, "gmime.gpg.pub", NULL);
import_key (ctx, key);
g_free (key);
key = g_build_filename (datadir, "gmime.gpg.sec", NULL);
import_key (ctx, key);
g_free (key);
testsuite_check_passed ();
} catch (ex) {
testsuite_check_failed ("GMimeGpgContext::import failed: %s", ex->message);
return EXIT_FAILURE;
} finally;
key = g_build_filename (datadir, "gmime.gpg.pub", NULL);
testsuite_check ("GMimeGpgContext::export");
try {
test_export (ctx, key);
testsuite_check_passed ();
} catch (ex) {
testsuite_check_failed ("GMimeGpgContext::export failed: %s", ex->message);
} finally;
g_free (key);
istream = g_mime_stream_mem_new ();
ostream = g_mime_stream_mem_new ();
g_mime_stream_write_string (istream, "this is some cleartext\r\n");
g_mime_stream_reset (istream);
what = "GMimeGpgContext::sign";
testsuite_check ("%s", what);
try {
test_sign (ctx, FALSE, istream, ostream);
testsuite_check_passed ();
what = "GMimeGpgContext::verify";
testsuite_check ("%s", what);
g_mime_stream_reset (istream);
g_mime_stream_reset (ostream);
test_verify (ctx, istream, ostream);
testsuite_check_passed ();
} catch (ex) {
testsuite_check_failed ("%s failed: %s", what, ex->message);
} finally;
g_object_unref (ostream);
g_mime_stream_reset (istream);
ostream = g_mime_stream_mem_new ();
what = "GMimeGpgContext::sign (detached)";
testsuite_check ("%s", what);
try {
test_sign (ctx, TRUE, istream, ostream);
testsuite_check_passed ();
what = "GMimeGpgContext::verify (detached)";
testsuite_check ("%s", what);
g_mime_stream_reset (istream);
g_mime_stream_reset (ostream);
test_verify_detached (ctx, istream, ostream);
testsuite_check_passed ();
} catch (ex) {
testsuite_check_failed ("%s failed: %s", what, ex->message);
} finally;
g_object_unref (ostream);
g_mime_stream_reset (istream);
ostream = g_mime_stream_mem_new ();
what = "GMimeGpgContext::encrypt";
testsuite_check ("%s", what);
try {
test_encrypt (ctx, FALSE, istream, ostream);
testsuite_check_passed ();
what = "GMimeGpgContext::decrypt";
testsuite_check ("%s", what);
g_mime_stream_reset (istream);
g_mime_stream_reset (ostream);
test_decrypt (ctx, FALSE, istream, ostream);
testsuite_check_passed ();
} catch (ex) {
testsuite_check_failed ("%s failed: %s", what, ex->message);
} finally;
g_object_unref (ostream);
g_mime_stream_reset (istream);
ostream = g_mime_stream_mem_new ();
what = "GMimeGpgContext::encrypt+sign";
testsuite_check ("%s", what);
try {
test_encrypt (ctx, TRUE, istream, ostream);
testsuite_check_passed ();
what = "GMimeGpgContext::decrypt+verify";
testsuite_check ("%s", what);
g_mime_stream_reset (istream);
g_mime_stream_reset (ostream);
test_decrypt (ctx, TRUE, istream, ostream);
testsuite_check_passed ();
} catch (ex) {
testsuite_check_failed ("%s failed: %s", what, ex->message);
} finally;
g_object_unref (istream);
g_object_unref (ostream);
g_object_unref (ctx);
filter = (GMimeFilterOpenPGP *) g_mime_filter_openpgp_new ();
what = "GMimeFilterOpenPGP::public key block";
testsuite_check ("%s", what);
try {
key = g_build_filename (datadir, "gmime.gpg.pub", NULL);
test_openpgp_filter (filter, key, GMIME_OPENPGP_DATA_PUBLIC_KEY, 0, 1720);
g_free (key);
testsuite_check_passed ();
} catch (ex) {
testsuite_check_failed ("%s failed: %s", what, ex->message);
} finally;
g_mime_filter_reset ((GMimeFilter *) filter);
what = "GMimeFilterOpenPGP::private key block";
testsuite_check ("%s", what);
try {
key = g_build_filename (datadir, "gmime.gpg.sec", NULL);
test_openpgp_filter (filter, key, GMIME_OPENPGP_DATA_PRIVATE_KEY, 0, 1928);
g_free (key);
testsuite_check_passed ();
} catch (ex) {
testsuite_check_failed ("%s failed: %s", what, ex->message);
} finally;
g_mime_filter_reset ((GMimeFilter *) filter);
what = "GMimeFilterOpenPGP::signed message block";
testsuite_check ("%s", what);
try {
key = g_build_filename (datadir, "signed-message.txt", NULL);
test_openpgp_filter (filter, key, GMIME_OPENPGP_DATA_SIGNED, 162, 440);
g_free (key);
testsuite_check_passed ();
} catch (ex) {
testsuite_check_failed ("%s failed: %s", what, ex->message);
} finally;
g_mime_filter_reset ((GMimeFilter *) filter);
what = "GMimeFilterOpenPGP::encrypted message block";
testsuite_check ("%s", what);
try {
key = g_build_filename (datadir, "encrypted-message.txt", NULL);
test_openpgp_filter (filter, key, GMIME_OPENPGP_DATA_ENCRYPTED, 165, 1084);
g_free (key);
testsuite_check_passed ();
} catch (ex) {
testsuite_check_failed ("%s failed: %s", what, ex->message);
} finally;
g_object_unref (filter);
testsuite_end ();
g_mime_shutdown ();
if (testsuite_destroy_gpghome () != 0)
return EXIT_FAILURE;
return testsuite_exit ();
#else
fprintf (stderr, "PGP support not enabled in this build.\n");
return EXIT_SUCCESS;
#endif
}
static void test_sign(dnssec_key_t *p11_key, dnssec_key_t *soft_key)
{
int r;
static const dnssec_binary_t input = {
.data = (uint8_t *)"So Long, and Thanks for All the Fish.",
.size = 37
};
dnssec_binary_t sign = { 0 };
// usage constraints
ok(dnssec_key_can_sign(p11_key), MSG_PKCS11 " dnssec_key_can_sign()");
ok(dnssec_key_can_verify(p11_key), MSG_PKCS11 " dnssec_key_can_verify()");
ok(!dnssec_key_can_sign(soft_key), MSG_SOFTWARE " dnssec_key_can_sign()");
ok(dnssec_key_can_verify(soft_key), MSG_SOFTWARE " dnssec_key_can_verify()");
// PKCS #11 key signature
dnssec_sign_ctx_t *ctx = NULL;
r = dnssec_sign_new(&ctx, p11_key);
ok(r == DNSSEC_EOK, MSG_PKCS11 " dnssec_sign_init() ");
r = dnssec_sign_add(ctx, &input);
ok(r == DNSSEC_EOK, MSG_PKCS11 " dnssec_sign_add()");
r = dnssec_sign_write(ctx, &sign);
ok(r == DNSSEC_EOK, MSG_PKCS11 " dnssec_sign_write()");
// PKCS #11 key verification
r = dnssec_sign_init(ctx);
ok(r == DNSSEC_EOK, MSG_PKCS11 " dnssec_sign_init()");
r = dnssec_sign_add(ctx, &input);
ok(r == DNSSEC_EOK, MSG_PKCS11 " dnssec_sign_add()");
r = dnssec_sign_verify(ctx, &sign);
ok(r == DNSSEC_EOK, MSG_PKCS11 " dnssec_sign_verify()");
// software verification
dnssec_sign_free(ctx);
ctx = NULL;
r = dnssec_sign_new(&ctx, soft_key);
ok(r == DNSSEC_EOK, MSG_SOFTWARE " dnssec_sign_init()");
r = dnssec_sign_add(ctx, &input);
ok(r == DNSSEC_EOK, MSG_SOFTWARE " dnssec_sign_add()");
r = dnssec_sign_verify(ctx, &sign);
ok(r == DNSSEC_EOK, MSG_SOFTWARE " dnssec_sign_verify()");
dnssec_binary_free(&sign);
dnssec_sign_free(ctx);
}
static void test_key_use(dnssec_keystore_t *store,
dnssec_key_algorithm_t algorithm,
const char *keyid)
{
dnssec_key_t *p11_key = NULL;
dnssec_key_t *soft_key = NULL;
create_dnskeys(store, algorithm, keyid, &p11_key, &soft_key);
test_sign(p11_key, soft_key);
dnssec_key_free(p11_key);
dnssec_key_free(soft_key);
}
