int generateRandom(unsigned char *array, unsigned long len)
{
int err, x;
prng_state prng;
if (register_prng(&yarrow_desc) == -1) {
return ERROR_PRNG;
}
if ((err = rng_make_prng(128, find_prng("yarrow"), &prng, NULL)) != CRYPT_OK) {
return err;
}
x = yarrow_read(array, len, &prng);
if (x != len) {
return ERROR_READ_IV;
}
sprng_done(&prng);
return CRYPT_OK;
}
/**
Export the PRNG state
@param out [out] Destination
@param outlen [in/out] Max size and resulting size of the state
@param prng The PRNG to export
@return CRYPT_OK if successful
*/
int yarrow_export(unsigned char *out, unsigned long *outlen, prng_state *prng)
{
LTC_ARGCHK(out != NULL);
LTC_ARGCHK(outlen != NULL);
LTC_ARGCHK(prng != NULL);
/* we'll write 64 bytes for s&g's */
if (*outlen < 64) {
return CRYPT_BUFFER_OVERFLOW;
}
if (yarrow_read(out, 64, prng) != 64) {
return CRYPT_ERROR_READPRNG;
}
*outlen = 64;
return CRYPT_OK;
}
int base64_test(void)
{
unsigned char in[64], out[256], tmp[64];
unsigned long x, l1, l2;
for (x = 0; x < 64; x++) {
yarrow_read(in, x, &test_yarrow);
l1 = sizeof(out);
DO(base64_encode(in, x, out, &l1));
l2 = sizeof(tmp);
DO(base64_decode(out, l1, tmp, &l2));
if (l2 != x || memcmp(tmp, in, x)) {
printf("base64 failed %lu %lu %lu", x, l1, l2);
return 1;
}
}
return 0;
}
int ecc_test_shamir(void)
{
void *modulus, *mp, *kA, *kB, *rA, *rB;
ecc_point *G, *A, *B, *C1, *C2;
int x, y, z;
unsigned char buf[ECC_BUF_SIZE];
DO(mp_init_multi(&kA, &kB, &rA, &rB, &modulus, NULL));
LTC_ARGCHK((G = ltc_ecc_new_point()) != NULL);
LTC_ARGCHK((A = ltc_ecc_new_point()) != NULL);
LTC_ARGCHK((B = ltc_ecc_new_point()) != NULL);
LTC_ARGCHK((C1 = ltc_ecc_new_point()) != NULL);
LTC_ARGCHK((C2 = ltc_ecc_new_point()) != NULL);
for (x = 0; x < (int)(sizeof(sizes)/sizeof(sizes[0])); x++) {
/* get the base point */
for (z = 0; ltc_ecc_sets[z].name; z++) {
if (sizes[z] < ltc_ecc_sets[z].size) break;
}
LTC_ARGCHK(ltc_ecc_sets[z].name != NULL);
/* load it */
DO(mp_read_radix(G->x, ltc_ecc_sets[z].Gx, 16));
DO(mp_read_radix(G->y, ltc_ecc_sets[z].Gy, 16));
DO(mp_set(G->z, 1));
DO(mp_read_radix(modulus, ltc_ecc_sets[z].prime, 16));
DO(mp_montgomery_setup(modulus, &mp));
/* do 100 random tests */
for (y = 0; y < 100; y++) {
/* pick a random r1, r2 */
LTC_ARGCHK(yarrow_read(buf, sizes[x], &yarrow_prng) == sizes[x]);
DO(mp_read_unsigned_bin(rA, buf, sizes[x]));
LTC_ARGCHK(yarrow_read(buf, sizes[x], &yarrow_prng) == sizes[x]);
DO(mp_read_unsigned_bin(rB, buf, sizes[x]));
/* compute rA * G = A */
DO(ltc_mp.ecc_ptmul(rA, G, A, modulus, 1));
/* compute rB * G = B */
DO(ltc_mp.ecc_ptmul(rB, G, B, modulus, 1));
/* pick a random kA, kB */
LTC_ARGCHK(yarrow_read(buf, sizes[x], &yarrow_prng) == sizes[x]);
DO(mp_read_unsigned_bin(kA, buf, sizes[x]));
LTC_ARGCHK(yarrow_read(buf, sizes[x], &yarrow_prng) == sizes[x]);
DO(mp_read_unsigned_bin(kB, buf, sizes[x]));
/* now, compute kA*A + kB*B = C1 using the older method */
DO(ltc_mp.ecc_ptmul(kA, A, C1, modulus, 0));
DO(ltc_mp.ecc_ptmul(kB, B, C2, modulus, 0));
DO(ltc_mp.ecc_ptadd(C1, C2, C1, modulus, mp));
DO(ltc_mp.ecc_map(C1, modulus, mp));
/* now compute using mul2add */
DO(ltc_mp.ecc_mul2add(A, kA, B, kB, C2, modulus));
/* is they the sames? */
if ((mp_cmp(C1->x, C2->x) != LTC_MP_EQ) || (mp_cmp(C1->y, C2->y) != LTC_MP_EQ) || (mp_cmp(C1->z, C2->z) != LTC_MP_EQ)) {
fprintf(stderr, "ECC failed shamir test: size=%d, testno=%d\n", sizes[x], y);
return 1;
}
}
mp_montgomery_free(mp);
}
ltc_ecc_del_point(C2);
ltc_ecc_del_point(C1);
ltc_ecc_del_point(B);
ltc_ecc_del_point(A);
ltc_ecc_del_point(G);
mp_clear_multi(kA, kB, rA, rB, modulus, NULL);
return 0;
}
int rsa_test(void)
{
unsigned char in[1024], out[1024], tmp[1024];
rsa_key key, privKey, pubKey;
int hash_idx, prng_idx, stat, stat2;
unsigned long rsa_msgsize, len, len2, cnt;
static unsigned char lparam[] = { 0x01, 0x02, 0x03, 0x04 };
if (rsa_compat_test() != 0) {
return 1;
}
hash_idx = find_hash("sha1");
prng_idx = find_prng("yarrow");
if (hash_idx == -1 || prng_idx == -1) {
fprintf(stderr, "rsa_test requires LTC_SHA1 and yarrow");
return 1;
}
/* make 10 random key */
for (cnt = 0; cnt < 10; cnt++) {
DO(rsa_make_key(&yarrow_prng, prng_idx, 1024/8, 65537, &key));
if (mp_count_bits(key.N) != 1024) {
fprintf(stderr, "rsa_1024 key modulus has %d bits\n", mp_count_bits(key.N));
len = mp_unsigned_bin_size(key.N);
mp_to_unsigned_bin(key.N, tmp);
fprintf(stderr, "N == \n");
for (cnt = 0; cnt < len; ) {
fprintf(stderr, "%02x ", tmp[cnt]);
if (!(++cnt & 15)) fprintf(stderr, "\n");
}
len = mp_unsigned_bin_size(key.p);
mp_to_unsigned_bin(key.p, tmp);
fprintf(stderr, "p == \n");
for (cnt = 0; cnt < len; ) {
fprintf(stderr, "%02x ", tmp[cnt]);
if (!(++cnt & 15)) fprintf(stderr, "\n");
}
len = mp_unsigned_bin_size(key.q);
mp_to_unsigned_bin(key.q, tmp);
fprintf(stderr, "\nq == \n");
for (cnt = 0; cnt < len; ) {
fprintf(stderr, "%02x ", tmp[cnt]);
if (!(++cnt & 15)) fprintf(stderr, "\n");
}
fprintf(stderr, "\n");
return 1;
}
if (cnt != 9) {
rsa_free(&key);
}
}
/* encrypt the key (without lparam) */
for (cnt = 0; cnt < 4; cnt++) {
for (rsa_msgsize = 1; rsa_msgsize <= 86; rsa_msgsize++) {
/* make a random key/msg */
yarrow_read(in, rsa_msgsize, &yarrow_prng);
len = sizeof(out);
len2 = rsa_msgsize;
DO(rsa_encrypt_key(in, rsa_msgsize, out, &len, NULL, 0, &yarrow_prng, prng_idx, hash_idx, &key));
/* change a byte */
out[8] ^= 1;
DO(rsa_decrypt_key(out, len, tmp, &len2, NULL, 0, hash_idx, &stat2, &key));
/* change a byte back */
out[8] ^= 1;
if (len2 != rsa_msgsize) {
fprintf(stderr, "\nrsa_decrypt_key mismatch len %lu (first decrypt)", len2);
return 1;
}
len2 = rsa_msgsize;
DO(rsa_decrypt_key(out, len, tmp, &len2, NULL, 0, hash_idx, &stat, &key));
if (!(stat == 1 && stat2 == 0)) {
fprintf(stderr, "rsa_decrypt_key failed");
return 1;
}
if (len2 != rsa_msgsize || memcmp(tmp, in, rsa_msgsize)) {
unsigned long x;
fprintf(stderr, "\nrsa_decrypt_key mismatch, len %lu (second decrypt)\n", len2);
fprintf(stderr, "Original contents: \n");
for (x = 0; x < rsa_msgsize; ) {
fprintf(stderr, "%02x ", in[x]);
if (!(++x % 16)) {
fprintf(stderr, "\n");
}
}
fprintf(stderr, "\n");
fprintf(stderr, "Output contents: \n");
for (x = 0; x < rsa_msgsize; ) {
fprintf(stderr, "%02x ", out[x]);
if (!(++x % 16)) {
fprintf(stderr, "\n");
}
}
fprintf(stderr, "\n");
return 1;
}
}
}
/* encrypt the key (with lparam) */
for (rsa_msgsize = 1; rsa_msgsize <= 86; rsa_msgsize++) {
len = sizeof(out);
len2 = rsa_msgsize;
DO(rsa_encrypt_key(in, rsa_msgsize, out, &len, lparam, sizeof(lparam), &yarrow_prng, prng_idx, hash_idx, &key));
/* change a byte */
out[8] ^= 1;
DO(rsa_decrypt_key(out, len, tmp, &len2, lparam, sizeof(lparam), hash_idx, &stat2, &key));
if (len2 != rsa_msgsize) {
fprintf(stderr, "\nrsa_decrypt_key mismatch len %lu (first decrypt)", len2);
return 1;
}
/* change a byte back */
out[8] ^= 1;
len2 = rsa_msgsize;
DO(rsa_decrypt_key(out, len, tmp, &len2, lparam, sizeof(lparam), hash_idx, &stat, &key));
if (!(stat == 1 && stat2 == 0)) {
fprintf(stderr, "rsa_decrypt_key failed");
return 1;
}
if (len2 != rsa_msgsize || memcmp(tmp, in, rsa_msgsize)) {
fprintf(stderr, "rsa_decrypt_key mismatch len %lu", len2);
return 1;
}
}
/* encrypt the key LTC_PKCS #1 v1.5 (payload from 1 to 117 bytes) */
for (rsa_msgsize = 1; rsa_msgsize <= 117; rsa_msgsize++) {
len = sizeof(out);
len2 = rsa_msgsize;
DO(rsa_encrypt_key_ex(in, rsa_msgsize, out, &len, NULL, 0, &yarrow_prng, prng_idx, 0, LTC_PKCS_1_V1_5, &key));
len2 = rsa_msgsize;
DO(rsa_decrypt_key_ex(out, len, tmp, &len2, NULL, 0, 0, LTC_PKCS_1_V1_5, &stat, &key));
if (!(stat == 1 && stat2 == 0)) {
fprintf(stderr, "rsa_decrypt_key_ex failed, %d, %d", stat, stat2);
return 1;
}
if (len2 != rsa_msgsize || memcmp(tmp, in, rsa_msgsize)) {
fprintf(stderr, "rsa_decrypt_key_ex mismatch len %lu", len2);
return 1;
}
}
/* sign a message (unsalted, lower cholestorol and Atkins approved) now */
len = sizeof(out);
DO(rsa_sign_hash(in, 20, out, &len, &yarrow_prng, prng_idx, hash_idx, 0, &key));
/* export key and import as both private and public */
len2 = sizeof(tmp);
DO(rsa_export(tmp, &len2, PK_PRIVATE, &key));
DO(rsa_import(tmp, len2, &privKey));
len2 = sizeof(tmp);
DO(rsa_export(tmp, &len2, PK_PUBLIC, &key));
DO(rsa_import(tmp, len2, &pubKey));
/* verify with original */
DO(rsa_verify_hash(out, len, in, 20, hash_idx, 0, &stat, &key));
/* change a byte */
in[0] ^= 1;
DO(rsa_verify_hash(out, len, in, 20, hash_idx, 0, &stat2, &key));
if (!(stat == 1 && stat2 == 0)) {
fprintf(stderr, "rsa_verify_hash (unsalted, origKey) failed, %d, %d", stat, stat2);
rsa_free(&key);
rsa_free(&pubKey);
rsa_free(&privKey);
return 1;
}
/* verify with privKey */
/* change a byte */
in[0] ^= 1;
DO(rsa_verify_hash(out, len, in, 20, hash_idx, 0, &stat, &privKey));
/* change a byte */
in[0] ^= 1;
DO(rsa_verify_hash(out, len, in, 20, hash_idx, 0, &stat2, &privKey));
if (!(stat == 1 && stat2 == 0)) {
fprintf(stderr, "rsa_verify_hash (unsalted, privKey) failed, %d, %d", stat, stat2);
rsa_free(&key);
rsa_free(&pubKey);
rsa_free(&privKey);
return 1;
}
/* verify with pubKey */
/* change a byte */
in[0] ^= 1;
DO(rsa_verify_hash(out, len, in, 20, hash_idx, 0, &stat, &pubKey));
/* change a byte */
in[0] ^= 1;
DO(rsa_verify_hash(out, len, in, 20, hash_idx, 0, &stat2, &pubKey));
if (!(stat == 1 && stat2 == 0)) {
fprintf(stderr, "rsa_verify_hash (unsalted, pubkey) failed, %d, %d", stat, stat2);
rsa_free(&key);
rsa_free(&pubKey);
rsa_free(&privKey);
return 1;
}
/* sign a message (salted) now (use privKey to make, pubKey to verify) */
len = sizeof(out);
DO(rsa_sign_hash(in, 20, out, &len, &yarrow_prng, prng_idx, hash_idx, 8, &privKey));
DO(rsa_verify_hash(out, len, in, 20, hash_idx, 8, &stat, &pubKey));
/* change a byte */
in[0] ^= 1;
DO(rsa_verify_hash(out, len, in, 20, hash_idx, 8, &stat2, &pubKey));
if (!(stat == 1 && stat2 == 0)) {
fprintf(stderr, "rsa_verify_hash (salted) failed, %d, %d", stat, stat2);
rsa_free(&key);
rsa_free(&pubKey);
rsa_free(&privKey);
return 1;
}
/* sign a message with LTC_PKCS #1 v1.5 */
len = sizeof(out);
DO(rsa_sign_hash_ex(in, 20, out, &len, LTC_PKCS_1_V1_5, &yarrow_prng, prng_idx, hash_idx, 8, &privKey));
DO(rsa_verify_hash_ex(out, len, in, 20, LTC_PKCS_1_V1_5, hash_idx, 8, &stat, &pubKey));
/* change a byte */
in[0] ^= 1;
DO(rsa_verify_hash_ex(out, len, in, 20, LTC_PKCS_1_V1_5, hash_idx, 8, &stat2, &pubKey));
if (!(stat == 1 && stat2 == 0)) {
fprintf(stderr, "rsa_verify_hash_ex failed, %d, %d", stat, stat2);
rsa_free(&key);
rsa_free(&pubKey);
rsa_free(&privKey);
return 1;
}
/* free the key and return */
rsa_free(&key);
rsa_free(&pubKey);
rsa_free(&privKey);
return 0;
}
/* Test store/load macros with offsets */
int store_test(void)
{
unsigned char buf[256];
int y;
ulong32 L, L1;
ulong64 LL, LL1;
#ifdef LTC_FAST
int x, z;
#endif
for (y = 0; y < 4; y++) {
L = 0x12345678UL;
L1 = 0;
STORE32L(L, buf + y);
LOAD32L(L1, buf + y);
if (L1 != L) {
fprintf(stderr, "\n32L failed at offset %d\n", y);
return 1;
}
STORE32H(L, buf + y);
LOAD32H(L1, buf + y);
if (L1 != L) {
fprintf(stderr, "\n32H failed at offset %d\n", y);
return 1;
}
}
for (y = 0; y < 8; y++) {
LL = CONST64 (0x01020304050607);
LL1 = 0;
STORE64L(LL, buf + y);
LOAD64L(LL1, buf + y);
if (LL1 != LL) {
fprintf(stderr, "\n64L failed at offset %d\n", y);
return 1;
}
STORE64H(LL, buf + y);
LOAD64H(LL1, buf + y);
if (LL1 != LL) {
fprintf(stderr, "\n64H failed at offset %d\n", y);
return 1;
}
}
/* test LTC_FAST */
#ifdef LTC_FAST
y = 16;
for (z = 0; z < y; z++) {
/* fill y bytes with random */
yarrow_read(buf+z, y, &yarrow_prng);
yarrow_read(buf+z+y, y, &yarrow_prng);
/* now XOR it byte for byte */
for (x = 0; x < y; x++) {
buf[2*y+z+x] = buf[z+x] ^ buf[z+y+x];
}
/* now XOR it word for word */
for (x = 0; x < y; x += sizeof(LTC_FAST_TYPE)) {
*((LTC_FAST_TYPE*)(&buf[3*y+z+x])) = *((LTC_FAST_TYPE*)(&buf[z+x])) ^ *((LTC_FAST_TYPE*)(&buf[z+y+x]));
}
if (memcmp(&buf[2*y+z], &buf[3*y+z], y)) {
fprintf(stderr, "\nLTC_FAST failed at offset %d\n", z);
return 1;
}
}
#endif
return 0;
}
int main(int argc, char *argv[])
{
unsigned char plaintext[512],ciphertext[512];
unsigned char tmpkey[512], key[MAXBLOCKSIZE], IV[MAXBLOCKSIZE];
unsigned char inbuf[512]; /* i/o block size */
unsigned long outlen, y, ivsize, x, decrypt;
symmetric_CTR ctr;
int cipher_idx, hash_idx, ks;
char *infile, *outfile, *cipher;
prng_state prng;
FILE *fdin, *fdout;
/* register algs, so they can be printed */
register_algs();
if (argc < 4) {
return usage(argv[0]);
}
if (!strcmp(argv[1], "-d")) {
decrypt = 1;
cipher = argv[2];
infile = argv[3];
outfile = argv[4];
} else {
decrypt = 0;
cipher = argv[1];
infile = argv[2];
outfile = argv[3];
}
/* file handles setup */
fdin = fopen(infile,"rb");
if (fdin == NULL) {
perror("Can't open input for reading");
exit(-1);
}
fdout = fopen(outfile,"wb");
if (fdout == NULL) {
perror("Can't open output for writing");
exit(-1);
}
cipher_idx = find_cipher(cipher);
if (cipher_idx == -1) {
printf("Invalid cipher entered on command line.\n");
exit(-1);
}
hash_idx = find_hash("sha256");
if (hash_idx == -1) {
printf("LTC_SHA256 not found...?\n");
exit(-1);
}
ivsize = cipher_descriptor[cipher_idx].block_length;
ks = hash_descriptor[hash_idx].hashsize;
if (cipher_descriptor[cipher_idx].keysize(&ks) != CRYPT_OK) {
printf("Invalid keysize???\n");
exit(-1);
}
printf("\nEnter key: ");
fgets((char *)tmpkey,sizeof(tmpkey), stdin);
outlen = sizeof(key);
if ((errno = hash_memory(hash_idx,tmpkey,strlen((char *)tmpkey),key,&outlen)) != CRYPT_OK) {
printf("Error hashing key: %s\n", error_to_string(errno));
exit(-1);
}
if (decrypt) {
/* Need to read in IV */
if (fread(IV,1,ivsize,fdin) != ivsize) {
printf("Error reading IV from input.\n");
exit(-1);
}
if ((errno = ctr_start(cipher_idx,IV,key,ks,0,CTR_COUNTER_LITTLE_ENDIAN,&ctr)) != CRYPT_OK) {
printf("ctr_start error: %s\n",error_to_string(errno));
exit(-1);
}
/* IV done */
do {
y = fread(inbuf,1,sizeof(inbuf),fdin);
if ((errno = ctr_decrypt(inbuf,plaintext,y,&ctr)) != CRYPT_OK) {
printf("ctr_decrypt error: %s\n", error_to_string(errno));
exit(-1);
}
if (fwrite(plaintext,1,y,fdout) != y) {
printf("Error writing to file.\n");
exit(-1);
}
} while (y == sizeof(inbuf));
fclose(fdin);
fclose(fdout);
} else { /* encrypt */
/* Setup yarrow for random bytes for IV */
if ((errno = rng_make_prng(128, find_prng("yarrow"), &prng, NULL)) != CRYPT_OK) {
printf("Error setting up PRNG, %s\n", error_to_string(errno));
}
/* You can use rng_get_bytes on platforms that support it */
/* x = rng_get_bytes(IV,ivsize,NULL);*/
x = yarrow_read(IV,ivsize,&prng);
if (x != ivsize) {
printf("Error reading PRNG for IV required.\n");
exit(-1);
}
if (fwrite(IV,1,ivsize,fdout) != ivsize) {
printf("Error writing IV to output.\n");
exit(-1);
}
if ((errno = ctr_start(cipher_idx,IV,key,ks,0,CTR_COUNTER_LITTLE_ENDIAN,&ctr)) != CRYPT_OK) {
printf("ctr_start error: %s\n",error_to_string(errno));
exit(-1);
}
do {
y = fread(inbuf,1,sizeof(inbuf),fdin);
if ((errno = ctr_encrypt(inbuf,ciphertext,y,&ctr)) != CRYPT_OK) {
printf("ctr_encrypt error: %s\n", error_to_string(errno));
exit(-1);
}
if (fwrite(ciphertext,1,y,fdout) != y) {
printf("Error writing to output.\n");
exit(-1);
}
} while (y == sizeof(inbuf));
fclose(fdout);
fclose(fdin);
}
return 0;
}
int der_tests(void)
{
unsigned long x, y, z, zz, oid[2][32];
unsigned char buf[3][2048];
mp_int a, b, c, d, e, f, g;
static const unsigned char rsa_oid_der[] = { 0x06, 0x06, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d };
static const unsigned long rsa_oid[] = { 1, 2, 840, 113549 };
static const unsigned char rsa_ia5[] = "*****@*****.**";
static const unsigned char rsa_ia5_der[] = { 0x16, 0x0d, 0x74, 0x65, 0x73, 0x74, 0x31,
0x40, 0x72, 0x73, 0x61, 0x2e, 0x63, 0x6f, 0x6d };
static const unsigned char rsa_printable[] = "Test User 1";
static const unsigned char rsa_printable_der[] = { 0x13, 0x0b, 0x54, 0x65, 0x73, 0x74, 0x20, 0x55,
0x73, 0x65, 0x72, 0x20, 0x31 };
static const ltc_utctime rsa_time1 = { 91, 5, 6, 16, 45, 40, 1, 7, 0 };
static const ltc_utctime rsa_time2 = { 91, 5, 6, 23, 45, 40, 0, 0, 0 };
ltc_utctime tmp_time;
static const unsigned char rsa_time1_der[] = { 0x17, 0x11, 0x39, 0x31, 0x30, 0x35, 0x30, 0x36, 0x31, 0x36, 0x34, 0x35, 0x34, 0x30, 0x2D, 0x30, 0x37, 0x30, 0x30 };
static const unsigned char rsa_time2_der[] = { 0x17, 0x0d, 0x39, 0x31, 0x30, 0x35, 0x30, 0x36, 0x32, 0x33, 0x34, 0x35, 0x34, 0x30, 0x5a };
DO(mpi_to_ltc_error(mp_init_multi(&a, &b, &c, &d, &e, &f, &g, NULL)));
for (zz = 0; zz < 16; zz++) {
for (z = 0; z < 1024; z++) {
if (yarrow_read(buf[0], z, &yarrow_prng) != z) {
fprintf(stderr, "Failed to read %lu bytes from yarrow\n", z);
return 1;
}
DO(mpi_to_ltc_error(mp_read_unsigned_bin(&a, buf[0], z)));
if (mp_iszero(&a) == MP_NO) { a.sign = buf[0][0] & 1 ? MP_ZPOS : MP_NEG; }
x = sizeof(buf[0]);
DO(der_encode_integer(&a, buf[0], &x));
DO(der_length_integer(&a, &y));
if (y != x) { fprintf(stderr, "DER INTEGER size mismatch\n"); return 1; }
mp_zero(&b);
DO(der_decode_integer(buf[0], y, &b));
if (y != x || mp_cmp(&a, &b) != MP_EQ) {
fprintf(stderr, "%lu: %lu vs %lu\n", z, x, y);
#ifdef BN_MP_TORADIX_C
mp_todecimal(&a, buf[0]);
mp_todecimal(&b, buf[1]);
fprintf(stderr, "a == %s\nb == %s\n", buf[0], buf[1]);
#endif
mp_clear_multi(&a, &b, &c, &d, &e, &f, &g, NULL);
return 1;
}
}
}
/* test short integer */
for (zz = 0; zz < 256; zz++) {
for (z = 1; z < 4; z++) {
if (yarrow_read(buf[0], z, &yarrow_prng) != z) {
fprintf(stderr, "Failed to read %lu bytes from yarrow\n", z);
return 1;
}
/* encode with normal */
DO(mpi_to_ltc_error(mp_read_unsigned_bin(&a, buf[0], z)));
x = sizeof(buf[0]);
DO(der_encode_integer(&a, buf[0], &x));
/* encode with short */
y = sizeof(buf[1]);
DO(der_encode_short_integer(mp_get_int(&a), buf[1], &y));
if (x != y || memcmp(buf[0], buf[1], x)) {
fprintf(stderr, "DER INTEGER short encoding failed, %lu, %lu\n", x, y);
for (z = 0; z < x; z++) fprintf(stderr, "%02x ", buf[0][z]); fprintf(stderr, "\n");
for (z = 0; z < y; z++) fprintf(stderr, "%02x ", buf[1][z]); fprintf(stderr, "\n");
mp_clear_multi(&a, &b, &c, &d, &e, &f, &g, NULL);
return 1;
}
/* decode it */
x = 0;
DO(der_decode_short_integer(buf[1], y, &x));
if (x != mp_get_int(&a)) {
fprintf(stderr, "DER INTEGER short decoding failed, %lu, %lu\n", x, mp_get_int(&a));
mp_clear_multi(&a, &b, &c, &d, &e, &f, &g, NULL);
return 1;
}
}
}
mp_clear_multi(&a, &b, &c, &d, &e, &f, &g, NULL);
/* Test bit string */
for (zz = 1; zz < 1536; zz++) {
yarrow_read(buf[0], zz, &yarrow_prng);
for (z = 0; z < zz; z++) {
buf[0][z] &= 0x01;
}
x = sizeof(buf[1]);
DO(der_encode_bit_string(buf[0], zz, buf[1], &x));
DO(der_length_bit_string(zz, &y));
if (y != x) {
fprintf(stderr, "\nDER BIT STRING length of encoded not match expected : %lu, %lu, %lu\n", z, x, y);
return 1;
}
y = sizeof(buf[2]);
DO(der_decode_bit_string(buf[1], x, buf[2], &y));
if (y != zz || memcmp(buf[0], buf[2], zz)) {
fprintf(stderr, "%lu, %lu, %d\n", y, zz, memcmp(buf[0], buf[2], zz));
return 1;
}
}
/* Test octet string */
for (zz = 1; zz < 1536; zz++) {
yarrow_read(buf[0], zz, &yarrow_prng);
x = sizeof(buf[1]);
DO(der_encode_octet_string(buf[0], zz, buf[1], &x));
DO(der_length_octet_string(zz, &y));
if (y != x) {
fprintf(stderr, "\nDER OCTET STRING length of encoded not match expected : %lu, %lu, %lu\n", z, x, y);
return 1;
}
y = sizeof(buf[2]);
DO(der_decode_octet_string(buf[1], x, buf[2], &y));
if (y != zz || memcmp(buf[0], buf[2], zz)) {
fprintf(stderr, "%lu, %lu, %d\n", y, zz, memcmp(buf[0], buf[2], zz));
return 1;
}
}
/* test OID */
x = sizeof(buf[0]);
DO(der_encode_object_identifier(rsa_oid, sizeof(rsa_oid)/sizeof(rsa_oid[0]), buf[0], &x));
if (x != sizeof(rsa_oid_der) || memcmp(rsa_oid_der, buf[0], x)) {
fprintf(stderr, "rsa_oid_der encode failed to match, %lu, ", x);
for (y = 0; y < x; y++) fprintf(stderr, "%02x ", buf[0][y]);
fprintf(stderr, "\n");
return 1;
}
y = sizeof(oid[0])/sizeof(oid[0][0]);
DO(der_decode_object_identifier(buf[0], x, oid[0], &y));
if (y != sizeof(rsa_oid)/sizeof(rsa_oid[0]) || memcmp(rsa_oid, oid[0], sizeof(rsa_oid))) {
fprintf(stderr, "rsa_oid_der decode failed to match, %lu, ", y);
for (z = 0; z < y; z++) fprintf(stderr, "%lu ", oid[0][z]);
fprintf(stderr, "\n");
return 1;
}
/* do random strings */
for (zz = 0; zz < 5000; zz++) {
/* pick a random number of words */
yarrow_read(buf[0], 4, &yarrow_prng);
LOAD32L(z, buf[0]);
z = 2 + (z % ((sizeof(oid[0])/sizeof(oid[0][0])) - 2));
/* fill them in */
oid[0][0] = buf[0][0] % 3;
oid[0][1] = buf[0][1] % 40;
for (y = 2; y < z; y++) {
yarrow_read(buf[0], 4, &yarrow_prng);
LOAD32L(oid[0][y], buf[0]);
}
/* encode it */
x = sizeof(buf[0]);
DO(der_encode_object_identifier(oid[0], z, buf[0], &x));
DO(der_length_object_identifier(oid[0], z, &y));
if (x != y) {
fprintf(stderr, "Random OID %lu test failed, length mismatch: %lu, %lu\n", z, x, y);
for (x = 0; x < z; x++) fprintf(stderr, "%lu\n", oid[0][x]);
return 1;
}
/* decode it */
y = sizeof(oid[0])/sizeof(oid[0][0]);
DO(der_decode_object_identifier(buf[0], x, oid[1], &y));
if (y != z) {
fprintf(stderr, "Random OID %lu test failed, decode length mismatch: %lu, %lu\n", z, x, y);
return 1;
}
if (memcmp(oid[0], oid[1], sizeof(oid[0][0]) * z)) {
fprintf(stderr, "Random OID %lu test failed, decoded values wrong\n", z);
for (x = 0; x < z; x++) fprintf(stderr, "%lu\n", oid[0][x]); fprintf(stderr, "\n\n Got \n\n");
for (x = 0; x < z; x++) fprintf(stderr, "%lu\n", oid[1][x]);
return 1;
}
}
/* IA5 string */
x = sizeof(buf[0]);
DO(der_encode_ia5_string(rsa_ia5, strlen(rsa_ia5), buf[0], &x));
if (x != sizeof(rsa_ia5_der) || memcmp(buf[0], rsa_ia5_der, x)) {
fprintf(stderr, "IA5 encode failed: %lu, %lu\n", x, (unsigned long)sizeof(rsa_ia5_der));
return 1;
}
DO(der_length_ia5_string(rsa_ia5, strlen(rsa_ia5), &y));
if (y != x) {
fprintf(stderr, "IA5 length failed to match: %lu, %lu\n", x, y);
return 1;
}
y = sizeof(buf[1]);
DO(der_decode_ia5_string(buf[0], x, buf[1], &y));
if (y != strlen(rsa_ia5) || memcmp(buf[1], rsa_ia5, strlen(rsa_ia5))) {
fprintf(stderr, "DER IA5 failed test vector\n");
return 1;
}
/* Printable string */
x = sizeof(buf[0]);
DO(der_encode_printable_string(rsa_printable, strlen(rsa_printable), buf[0], &x));
if (x != sizeof(rsa_printable_der) || memcmp(buf[0], rsa_printable_der, x)) {
fprintf(stderr, "PRINTABLE encode failed: %lu, %lu\n", x, (unsigned long)sizeof(rsa_printable_der));
return 1;
}
DO(der_length_printable_string(rsa_printable, strlen(rsa_printable), &y));
if (y != x) {
fprintf(stderr, "printable length failed to match: %lu, %lu\n", x, y);
return 1;
}
y = sizeof(buf[1]);
DO(der_decode_printable_string(buf[0], x, buf[1], &y));
if (y != strlen(rsa_printable) || memcmp(buf[1], rsa_printable, strlen(rsa_printable))) {
fprintf(stderr, "DER printable failed test vector\n");
return 1;
}
/* Test UTC time */
x = sizeof(buf[0]);
DO(der_encode_utctime(&rsa_time1, buf[0], &x));
if (x != sizeof(rsa_time1_der) || memcmp(buf[0], rsa_time1_der, x)) {
fprintf(stderr, "UTCTIME encode of rsa_time1 failed: %lu, %lu\n", x, (unsigned long)sizeof(rsa_time1_der));
fprintf(stderr, "\n\n");
for (y = 0; y < x; y++) fprintf(stderr, "%02x ", buf[0][y]); printf("\n");
return 1;
}
DO(der_length_utctime(&rsa_time1, &y));
if (y != x) {
fprintf(stderr, "UTCTIME length failed to match for rsa_time1: %lu, %lu\n", x, y);
return 1;
}
DO(der_decode_utctime(buf[0], &y, &tmp_time));
if (y != x || memcmp(&rsa_time1, &tmp_time, sizeof(ltc_utctime))) {
fprintf(stderr, "UTCTIME decode failed for rsa_time1: %lu %lu\n", x, y);
fprintf(stderr, "\n\n%u %u %u %u %u %u %u %u %u\n\n",
tmp_time.YY,
tmp_time.MM,
tmp_time.DD,
tmp_time.hh,
tmp_time.mm,
tmp_time.ss,
tmp_time.off_dir,
tmp_time.off_mm,
tmp_time.off_hh);
return 1;
}
x = sizeof(buf[0]);
DO(der_encode_utctime(&rsa_time2, buf[0], &x));
if (x != sizeof(rsa_time2_der) || memcmp(buf[0], rsa_time2_der, x)) {
fprintf(stderr, "UTCTIME encode of rsa_time2 failed: %lu, %lu\n", x, (unsigned long)sizeof(rsa_time1_der));
fprintf(stderr, "\n\n");
for (y = 0; y < x; y++) fprintf(stderr, "%02x ", buf[0][y]); printf("\n");
return 1;
}
DO(der_length_utctime(&rsa_time2, &y));
if (y != x) {
fprintf(stderr, "UTCTIME length failed to match for rsa_time2: %lu, %lu\n", x, y);
return 1;
}
DO(der_decode_utctime(buf[0], &y, &tmp_time));
if (y != x || memcmp(&rsa_time2, &tmp_time, sizeof(ltc_utctime))) {
fprintf(stderr, "UTCTIME decode failed for rsa_time2: %lu %lu\n", x, y);
fprintf(stderr, "\n\n%u %u %u %u %u %u %u %u %u\n\n",
tmp_time.YY,
tmp_time.MM,
tmp_time.DD,
tmp_time.hh,
tmp_time.mm,
tmp_time.ss,
tmp_time.off_dir,
tmp_time.off_mm,
tmp_time.off_hh);
return 1;
}
return der_choice_test();
}
int modes_test(void)
{
unsigned char pt[64], ct[64], tmp[64], key[16], iv[16], iv2[16];
int cipher_idx;
#ifdef LTC_CBC_MODE
symmetric_CBC cbc;
#endif
#ifdef LTC_CFB_MODE
symmetric_CFB cfb;
#endif
#ifdef LTC_OFB_MODE
symmetric_OFB ofb;
#endif
unsigned long l;
/* make a random pt, key and iv */
yarrow_read(pt, 64, &yarrow_prng);
yarrow_read(key, 16, &yarrow_prng);
yarrow_read(iv, 16, &yarrow_prng);
/* get idx of AES handy */
cipher_idx = find_cipher("aes");
if (cipher_idx == -1) {
fprintf(stderr, "test requires AES");
return 1;
}
#ifdef LTC_F8_MODE
DO(f8_test_mode());
#endif
#ifdef LTC_LRW_MODE
DO(lrw_test());
#endif
#ifdef LTC_CBC_MODE
/* test CBC mode */
/* encode the block */
DO(cbc_start(cipher_idx, iv, key, 16, 0, &cbc));
l = sizeof(iv2);
DO(cbc_getiv(iv2, &l, &cbc));
if (l != 16 || memcmp(iv2, iv, 16)) {
fprintf(stderr, "cbc_getiv failed");
return 1;
}
DO(cbc_encrypt(pt, ct, 64, &cbc));
/* decode the block */
DO(cbc_setiv(iv2, l, &cbc));
zeromem(tmp, sizeof(tmp));
DO(cbc_decrypt(ct, tmp, 64, &cbc));
if (memcmp(tmp, pt, 64) != 0) {
fprintf(stderr, "CBC failed");
return 1;
}
#endif
#ifdef LTC_CFB_MODE
/* test CFB mode */
/* encode the block */
DO(cfb_start(cipher_idx, iv, key, 16, 0, &cfb));
l = sizeof(iv2);
DO(cfb_getiv(iv2, &l, &cfb));
/* note we don't memcmp iv2/iv since cfb_start processes the IV for the first block */
if (l != 16) {
fprintf(stderr, "cfb_getiv failed");
return 1;
}
DO(cfb_encrypt(pt, ct, 64, &cfb));
/* decode the block */
DO(cfb_setiv(iv, l, &cfb));
zeromem(tmp, sizeof(tmp));
DO(cfb_decrypt(ct, tmp, 64, &cfb));
if (memcmp(tmp, pt, 64) != 0) {
fprintf(stderr, "CFB failed");
return 1;
}
#endif
#ifdef LTC_OFB_MODE
/* test OFB mode */
/* encode the block */
DO(ofb_start(cipher_idx, iv, key, 16, 0, &ofb));
l = sizeof(iv2);
DO(ofb_getiv(iv2, &l, &ofb));
if (l != 16 || memcmp(iv2, iv, 16)) {
fprintf(stderr, "ofb_getiv failed");
return 1;
}
DO(ofb_encrypt(pt, ct, 64, &ofb));
/* decode the block */
DO(ofb_setiv(iv2, l, &ofb));
zeromem(tmp, sizeof(tmp));
DO(ofb_decrypt(ct, tmp, 64, &ofb));
if (memcmp(tmp, pt, 64) != 0) {
fprintf(stderr, "OFB failed");
return 1;
}
#endif
#ifdef LTC_CTR_MODE
DO(ctr_test());
#endif
return 0;
}
int modes_test(void)
{
unsigned char pt[64], ct[64], tmp[64], key[16], iv[16], iv2[16];
int x, cipher_idx;
symmetric_CBC cbc;
symmetric_CFB cfb;
symmetric_OFB ofb;
symmetric_CTR ctr;
unsigned long l;
/* make a random pt, key and iv */
yarrow_read(pt, 64, &test_yarrow);
yarrow_read(key, 16, &test_yarrow);
yarrow_read(iv, 16, &test_yarrow);
/* get idx of AES handy */
cipher_idx = find_cipher("aes");
if (cipher_idx == -1) {
printf("test requires AES");
return 1;
}
/* test CBC mode */
/* encode the block */
DO(cbc_start(cipher_idx, iv, key, 16, 0, &cbc));
l = sizeof(iv2);
DO(cbc_getiv(iv2, &l, &cbc));
if (l != 16 || memcmp(iv2, iv, 16)) {
printf("cbc_getiv failed");
return 1;
}
for (x = 0; x < 4; x++) {
DO(cbc_encrypt(pt+x*16, ct+x*16, &cbc));
}
/* decode the block */
DO(cbc_setiv(iv2, l, &cbc));
zeromem(tmp, sizeof(tmp));
for (x = 0; x < 4; x++) {
DO(cbc_decrypt(ct+x*16, tmp+x*16, &cbc));
}
if (memcmp(tmp, pt, 64) != 0) {
printf("CBC failed");
return 1;
}
/* test CFB mode */
/* encode the block */
DO(cfb_start(cipher_idx, iv, key, 16, 0, &cfb));
l = sizeof(iv2);
DO(cfb_getiv(iv2, &l, &cfb));
/* note we don't memcmp iv2/iv since cfb_start processes the IV for the first block */
if (l != 16) {
printf("cfb_getiv failed");
return 1;
}
DO(cfb_encrypt(pt, ct, 64, &cfb));
/* decode the block */
DO(cfb_setiv(iv, l, &cfb));
zeromem(tmp, sizeof(tmp));
DO(cfb_decrypt(ct, tmp, 64, &cfb));
if (memcmp(tmp, pt, 64) != 0) {
printf("CFB failed");
return 1;
}
/* test OFB mode */
/* encode the block */
DO(ofb_start(cipher_idx, iv, key, 16, 0, &ofb));
l = sizeof(iv2);
DO(ofb_getiv(iv2, &l, &ofb));
if (l != 16 || memcmp(iv2, iv, 16)) {
printf("ofb_getiv failed");
return 1;
}
DO(ofb_encrypt(pt, ct, 64, &ofb));
/* decode the block */
DO(ofb_setiv(iv2, l, &ofb));
zeromem(tmp, sizeof(tmp));
DO(ofb_decrypt(ct, tmp, 64, &ofb));
if (memcmp(tmp, pt, 64) != 0) {
printf("OFB failed");
return 1;
}
/* test CTR mode */
/* encode the block */
DO(ctr_start(cipher_idx, iv, key, 16, 0, &ctr));
l = sizeof(iv2);
DO(ctr_getiv(iv2, &l, &ctr));
if (l != 16 || memcmp(iv2, iv, 16)) {
printf("ctr_getiv failed");
return 1;
}
DO(ctr_encrypt(pt, ct, 64, &ctr));
/* decode the block */
DO(ctr_setiv(iv2, l, &ctr));
zeromem(tmp, sizeof(tmp));
DO(ctr_decrypt(ct, tmp, 64, &ctr));
if (memcmp(tmp, pt, 64) != 0) {
printf("CTR failed");
return 1;
}
return 0;
}
