void ECDSATests::testPKCS8() { // Get prime256v1 domain parameters ECParameters* p = new ECParameters; p->setEC(ByteString("06082a8648ce3d030107")); // Generate a key-pair AsymmetricKeyPair* kp; CPPUNIT_ASSERT(ecdsa->generateKeyPair(&kp, p)); CPPUNIT_ASSERT(kp != NULL); ECPrivateKey* priv = (ECPrivateKey*) kp->getPrivateKey(); CPPUNIT_ASSERT(priv != NULL); // Encode and decode the private key ByteString pkcs8 = priv->PKCS8Encode(); CPPUNIT_ASSERT(pkcs8.size() != 0); ECPrivateKey* dPriv = (ECPrivateKey*) ecdsa->newPrivateKey(); CPPUNIT_ASSERT(dPriv != NULL); CPPUNIT_ASSERT(dPriv->PKCS8Decode(pkcs8)); CPPUNIT_ASSERT(priv->getEC() == dPriv->getEC()); CPPUNIT_ASSERT(priv->getD() == dPriv->getD()); ecdsa->recycleParameters(p); ecdsa->recycleKeyPair(kp); ecdsa->recyclePrivateKey(dPriv); }
void EDDSATests::testPKCS8() { // Get ed25519 domain parameters ECParameters* p = new ECParameters; p->setEC(ByteString("06032b6570")); // Generate a key-pair AsymmetricKeyPair* kp; CPPUNIT_ASSERT(eddsa->generateKeyPair(&kp, p)); CPPUNIT_ASSERT(kp != NULL); EDPrivateKey* priv = (EDPrivateKey*) kp->getPrivateKey(); CPPUNIT_ASSERT(priv != NULL); // Encode and decode the private key ByteString pkcs8 = priv->PKCS8Encode(); CPPUNIT_ASSERT(pkcs8.size() != 0); EDPrivateKey* dPriv = (EDPrivateKey*) eddsa->newPrivateKey(); CPPUNIT_ASSERT(dPriv != NULL); CPPUNIT_ASSERT(dPriv->PKCS8Decode(pkcs8)); CPPUNIT_ASSERT(priv->getEC() == dPriv->getEC()); CPPUNIT_ASSERT(priv->getK() == dPriv->getK()); eddsa->recycleParameters(p); eddsa->recycleKeyPair(kp); eddsa->recyclePrivateKey(dPriv); }
void EDDSATests::testKeyGeneration() { AsymmetricKeyPair* kp; // Curves to test std::vector<ByteString> curves; // Add x25519 curves.push_back(ByteString("06032b656e")); // Add ed25519 curves.push_back(ByteString("06032b6570")); for (std::vector<ByteString>::iterator c = curves.begin(); c != curves.end(); c++) { // Set domain parameters ECParameters* p = new ECParameters; p->setEC(*c); // Generate key-pair CPPUNIT_ASSERT(eddsa->generateKeyPair(&kp, p)); EDPublicKey* pub = (EDPublicKey*) kp->getPublicKey(); EDPrivateKey* priv = (EDPrivateKey*) kp->getPrivateKey(); CPPUNIT_ASSERT(pub->getEC() == *c); CPPUNIT_ASSERT(priv->getEC() == *c); eddsa->recycleParameters(p); eddsa->recycleKeyPair(kp); } }
void ECDSATests::testKeyGeneration() { AsymmetricKeyPair* kp; // Curves to test std::vector<ByteString> curves; // Add X9.62 prime256v1 curves.push_back(ByteString("06082a8648ce3d030107")); // Add secp384r1 curves.push_back(ByteString("06052b81040022")); for (std::vector<ByteString>::iterator c = curves.begin(); c != curves.end(); c++) { // Set domain parameters ECParameters* p = new ECParameters; p->setEC(*c); // Generate key-pair CPPUNIT_ASSERT(ecdsa->generateKeyPair(&kp, p)); ECPublicKey* pub = (ECPublicKey*) kp->getPublicKey(); ECPrivateKey* priv = (ECPrivateKey*) kp->getPrivateKey(); CPPUNIT_ASSERT(pub->getEC() == *c); CPPUNIT_ASSERT(priv->getEC() == *c); ecdsa->recycleParameters(p); ecdsa->recycleKeyPair(kp); } }
void DSATests::testPKCS8() { // Generate 1024-bit parameters for testing AsymmetricParameters* p; CPPUNIT_ASSERT(dsa->generateParameters(&p, (void*) 1024)); // Generate a key-pair AsymmetricKeyPair* kp; CPPUNIT_ASSERT(dsa->generateKeyPair(&kp, p)); CPPUNIT_ASSERT(kp != NULL); DSAPrivateKey* priv = (DSAPrivateKey*) kp->getPrivateKey(); CPPUNIT_ASSERT(priv != NULL); // Encode and decode the private key ByteString pkcs8 = priv->PKCS8Encode(); CPPUNIT_ASSERT(pkcs8.size() != 0); DSAPrivateKey* dPriv = (DSAPrivateKey*) dsa->newPrivateKey(); CPPUNIT_ASSERT(dPriv != NULL); CPPUNIT_ASSERT(dPriv->PKCS8Decode(pkcs8)); CPPUNIT_ASSERT(priv->getP() == dPriv->getP()); CPPUNIT_ASSERT(priv->getQ() == dPriv->getQ()); CPPUNIT_ASSERT(priv->getG() == dPriv->getG()); CPPUNIT_ASSERT(priv->getX() == dPriv->getX()); dsa->recycleParameters(p); dsa->recycleKeyPair(kp); dsa->recyclePrivateKey(dPriv); }
void GOSTTests::testKeyGeneration() { AsymmetricKeyPair* kp; CPPUNIT_ASSERT((gost = CryptoFactory::i()->getAsymmetricAlgorithm("gost"))); // Set domain parameters ByteString curve = "06072a850302022301"; ECParameters* p = new ECParameters; p->setEC(curve); // Generate key-pair CPPUNIT_ASSERT(gost->generateKeyPair(&kp, p)); GOSTPublicKey* pub = (GOSTPublicKey*) kp->getPublicKey(); GOSTPrivateKey* priv = (GOSTPrivateKey*) kp->getPrivateKey(); CPPUNIT_ASSERT(pub->getQ().size() == 64); CPPUNIT_ASSERT(priv->getD().size() == 32); gost->recycleParameters(p); gost->recycleKeyPair(kp); CryptoFactory::i()->recycleAsymmetricAlgorithm(gost); gost = NULL; }
void ECDSATests::testSigningVerifying() { AsymmetricKeyPair* kp; ECParameters *p; // Curves/Hashes to test std::vector<std::pair<ByteString, const char*> > totest; // Add X9.62 prime256v1 totest.push_back(std::make_pair(ByteString("06082a8648ce3d030107"), "sha256")); // Add secp384r1 totest.push_back(std::make_pair(ByteString("06052b81040022"), "sha384")); for (std::vector<std::pair<ByteString, const char*> >::iterator k = totest.begin(); k != totest.end(); k++) { // Get parameters p = new ECParameters; CPPUNIT_ASSERT(p != NULL); p->setEC(k->first); HashAlgorithm *hash; hash = CryptoFactory::i()->getHashAlgorithm(k->second); CPPUNIT_ASSERT(hash != NULL); // Generate key-pair CPPUNIT_ASSERT(ecdsa->generateKeyPair(&kp, p)); // Generate some data to sign ByteString dataToSign; RNG* rng = CryptoFactory::i()->getRNG(); CPPUNIT_ASSERT(rng != NULL); CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 567)); // Sign the data CPPUNIT_ASSERT(hash->hashInit()); CPPUNIT_ASSERT(hash->hashUpdate(dataToSign)); ByteString hResult; CPPUNIT_ASSERT(hash->hashFinal(hResult)); ByteString sig; CPPUNIT_ASSERT(ecdsa->sign(kp->getPrivateKey(), hResult, sig, "ECDSA")); // And verify it CPPUNIT_ASSERT(ecdsa->verify(kp->getPublicKey(), hResult, sig, "ECDSA")); ecdsa->recycleKeyPair(kp); ecdsa->recycleParameters(p); CryptoFactory::i()->recycleHashAlgorithm(hash); } }
void DHTests::testKeyGeneration() { AsymmetricKeyPair* kp; // Key sizes to test std::vector<size_t> keySizes; #ifdef WITH_FIPS keySizes.push_back(1024); #else keySizes.push_back(512); //keySizes.push_back(768); //keySizes.push_back(1024); #endif for (std::vector<size_t>::iterator k = keySizes.begin(); k != keySizes.end(); k++) { // Generate parameters DHParameters* p; AsymmetricParameters** ap = (AsymmetricParameters**) &p; CPPUNIT_ASSERT(dh->generateParameters(ap, (void*) *k)); // Generate key-pair CPPUNIT_ASSERT(dh->generateKeyPair(&kp, p)); DHPublicKey* pub = (DHPublicKey*) kp->getPublicKey(); DHPrivateKey* priv = (DHPrivateKey*) kp->getPrivateKey(); CPPUNIT_ASSERT(pub->getBitLength() == *k); CPPUNIT_ASSERT(priv->getBitLength() == *k); dh->recycleKeyPair(kp); // Generate key-pair with a fixed private value length p->setXBitLength(128); CPPUNIT_ASSERT(dh->generateKeyPair(&kp, p)); priv = (DHPrivateKey*) kp->getPrivateKey(); CPPUNIT_ASSERT(priv->getX().bits() == 128); dh->recycleParameters(p); dh->recycleKeyPair(kp); } }
void DSATests::testSerialisation() { // Generate 1024-bit parameters for testing DSAParameters* p; AsymmetricParameters** ap = (AsymmetricParameters**) &p; CPPUNIT_ASSERT(dsa->generateParameters(ap, (void*) 1024)); // Serialise the parameters ByteString serialisedParams = p->serialise(); // Deserialise the parameters AsymmetricParameters* dP; CPPUNIT_ASSERT(dsa->reconstructParameters(&dP, serialisedParams)); CPPUNIT_ASSERT(dP->areOfType(DSAParameters::type)); DSAParameters* ddP = (DSAParameters*) dP; CPPUNIT_ASSERT(p->getP() == ddP->getP()); CPPUNIT_ASSERT(p->getQ() == ddP->getQ()); CPPUNIT_ASSERT(p->getG() == ddP->getG()); // Generate a key-pair AsymmetricKeyPair* kp; CPPUNIT_ASSERT(dsa->generateKeyPair(&kp, dP)); // Serialise the key-pair ByteString serialisedKP = kp->serialise(); // Deserialise the key-pair AsymmetricKeyPair* dKP; CPPUNIT_ASSERT(dsa->reconstructKeyPair(&dKP, serialisedKP)); // Check the deserialised key-pair DSAPrivateKey* privKey = (DSAPrivateKey*) kp->getPrivateKey(); DSAPublicKey* pubKey = (DSAPublicKey*) kp->getPublicKey(); DSAPrivateKey* dPrivKey = (DSAPrivateKey*) dKP->getPrivateKey(); DSAPublicKey* dPubKey = (DSAPublicKey*) dKP->getPublicKey(); CPPUNIT_ASSERT(privKey->getP() == dPrivKey->getP()); CPPUNIT_ASSERT(privKey->getQ() == dPrivKey->getQ()); CPPUNIT_ASSERT(privKey->getG() == dPrivKey->getG()); CPPUNIT_ASSERT(privKey->getX() == dPrivKey->getX()); CPPUNIT_ASSERT(pubKey->getP() == dPubKey->getP()); CPPUNIT_ASSERT(pubKey->getQ() == dPubKey->getQ()); CPPUNIT_ASSERT(pubKey->getG() == dPubKey->getG()); CPPUNIT_ASSERT(pubKey->getY() == dPubKey->getY()); dsa->recycleParameters(p); dsa->recycleParameters(dP); dsa->recycleKeyPair(kp); dsa->recycleKeyPair(dKP); }
void RSATests::testKeyGeneration() { AsymmetricKeyPair* kp; RSAParameters p; // Public exponents to test std::vector<ByteString> exponents; exponents.push_back("010001"); exponents.push_back("03"); exponents.push_back("0B"); exponents.push_back("11"); // Key sizes to test std::vector<size_t> keySizes; keySizes.push_back(1024); #ifndef WITH_FIPS keySizes.push_back(1025); #endif keySizes.push_back(1280); keySizes.push_back(2048); //keySizes.push_back(4096); for (std::vector<ByteString>::iterator e = exponents.begin(); e != exponents.end(); e++) { for (std::vector<size_t>::iterator k = keySizes.begin(); k != keySizes.end(); k++) { p.setE(*e); p.setBitLength(*k); // Generate key-pair CPPUNIT_ASSERT(rsa->generateKeyPair(&kp, &p)); RSAPublicKey* pub = (RSAPublicKey*) kp->getPublicKey(); RSAPrivateKey* priv = (RSAPrivateKey*) kp->getPrivateKey(); CPPUNIT_ASSERT(pub->getBitLength() == *k); CPPUNIT_ASSERT(priv->getBitLength() == *k); CPPUNIT_ASSERT(pub->getE() == *e); CPPUNIT_ASSERT(priv->getE() == *e); rsa->recycleKeyPair(kp); } } }
void DHTests::testPKCS8() { // Generate 1024-bit parameters for testing AsymmetricParameters* p; //CPPUNIT_ASSERT(dh->generateParameters(&p, (void*) 1024)); // changed for 512-bit for speed... #ifndef WITH_BOTAN CPPUNIT_ASSERT(dh->generateParameters(&p, (void*) 1024)); #else CPPUNIT_ASSERT(dh->generateParameters(&p, (void*) 512)); #endif // Generate a key-pair AsymmetricKeyPair* kp; CPPUNIT_ASSERT(dh->generateKeyPair(&kp, p)); CPPUNIT_ASSERT(kp != NULL); DHPrivateKey* priv = (DHPrivateKey*) kp->getPrivateKey(); CPPUNIT_ASSERT(priv != NULL); // Encode and decode the private key ByteString pkcs8 = priv->PKCS8Encode(); CPPUNIT_ASSERT(pkcs8.size() != 0); DHPrivateKey* dPriv = (DHPrivateKey*) dh->newPrivateKey(); CPPUNIT_ASSERT(dPriv != NULL); CPPUNIT_ASSERT(dPriv->PKCS8Decode(pkcs8)); CPPUNIT_ASSERT(priv->getP() == dPriv->getP()); CPPUNIT_ASSERT(priv->getG() == dPriv->getG()); CPPUNIT_ASSERT(priv->getX() == dPriv->getX()); dh->recycleParameters(p); dh->recycleKeyPair(kp); dh->recyclePrivateKey(dPriv); }
void EDDSATests::testSigningVerifying() { AsymmetricKeyPair* kp; ECParameters *p; // Curves to test std::vector<ByteString> curves; // Add ed25519 curves.push_back(ByteString("06032b6570")); for (std::vector<ByteString>::iterator c = curves.begin(); c != curves.end(); c++) { // Get parameters p = new ECParameters; CPPUNIT_ASSERT(p != NULL); p->setEC(*c); // Generate key-pair CPPUNIT_ASSERT(eddsa->generateKeyPair(&kp, p)); // Generate some data to sign ByteString dataToSign; RNG* rng = CryptoFactory::i()->getRNG(); CPPUNIT_ASSERT(rng != NULL); CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 567)); // Sign the data ByteString sig; CPPUNIT_ASSERT(eddsa->sign(kp->getPrivateKey(), dataToSign, sig, AsymMech::EDDSA)); // And verify it CPPUNIT_ASSERT(eddsa->verify(kp->getPublicKey(), dataToSign, sig, AsymMech::EDDSA)); eddsa->recycleKeyPair(kp); eddsa->recycleParameters(p); } }
void DSATests::testKeyGeneration() { AsymmetricKeyPair* kp; // Key sizes to test std::vector<size_t> keySizes; #ifndef WITH_FIPS keySizes.push_back(512); keySizes.push_back(768); keySizes.push_back(1024); keySizes.push_back(1536); #else keySizes.push_back(1024); #endif #ifndef WITH_BOTAN keySizes.push_back(2048); #endif for (std::vector<size_t>::iterator k = keySizes.begin(); k != keySizes.end(); k++) { // Generate parameters DSAParameters* p; AsymmetricParameters** ap = (AsymmetricParameters**) &p; CPPUNIT_ASSERT(dsa->generateParameters(ap, (void*) *k)); // Generate key-pair CPPUNIT_ASSERT(dsa->generateKeyPair(&kp, p)); DSAPublicKey* pub = (DSAPublicKey*) kp->getPublicKey(); DSAPrivateKey* priv = (DSAPrivateKey*) kp->getPrivateKey(); CPPUNIT_ASSERT(pub->getBitLength() == *k); CPPUNIT_ASSERT(priv->getBitLength() == *k); dsa->recycleParameters(p); dsa->recycleKeyPair(kp); } }
void GOSTTests::testSerialisation() { CPPUNIT_ASSERT((gost = CryptoFactory::i()->getAsymmetricAlgorithm("gost"))); // Get GOST R 34.10-2001 params-A domain parameters ECParameters* p = new ECParameters; p->setEC(ByteString("06072a850302022301")); // Serialise the parameters ByteString serialisedParams = p->serialise(); // Deserialise the parameters AsymmetricParameters* dEC; CPPUNIT_ASSERT(gost->reconstructParameters(&dEC, serialisedParams)); CPPUNIT_ASSERT(dEC->areOfType(ECParameters::type)); ECParameters* ddEC = (ECParameters*) dEC; CPPUNIT_ASSERT(p->getEC() == ddEC->getEC()); // Generate a key-pair AsymmetricKeyPair* kp; CPPUNIT_ASSERT(gost->generateKeyPair(&kp, dEC)); // Serialise the key-pair ByteString serialisedKP = kp->serialise(); // Deserialise the key-pair AsymmetricKeyPair* dKP; CPPUNIT_ASSERT(gost->reconstructKeyPair(&dKP, serialisedKP)); // Check the deserialised key-pair GOSTPrivateKey* privKey = (GOSTPrivateKey*) kp->getPrivateKey(); GOSTPublicKey* pubKey = (GOSTPublicKey*) kp->getPublicKey(); GOSTPrivateKey* dPrivKey = (GOSTPrivateKey*) dKP->getPrivateKey(); GOSTPublicKey* dPubKey = (GOSTPublicKey*) dKP->getPublicKey(); CPPUNIT_ASSERT(privKey->getD() == dPrivKey->getD()); CPPUNIT_ASSERT(pubKey->getQ() == dPubKey->getQ()); gost->recycleParameters(p); gost->recycleParameters(dEC); gost->recycleKeyPair(kp); gost->recycleKeyPair(dKP); CryptoFactory::i()->recycleAsymmetricAlgorithm(gost); gost = NULL; }
void GOSTTests::testSigningVerifying() { AsymmetricKeyPair* kp; ECParameters *p; ByteString curve = "06072a850302022301"; CPPUNIT_ASSERT((gost = CryptoFactory::i()->getAsymmetricAlgorithm("gost"))); // Get parameters p = new ECParameters; CPPUNIT_ASSERT(p != NULL); p->setEC(curve); // Generate key-pair CPPUNIT_ASSERT(gost->generateKeyPair(&kp, p)); // Generate some data to sign ByteString dataToSign; RNG* rng = CryptoFactory::i()->getRNG(); CPPUNIT_ASSERT(rng != NULL); CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 567)); // Sign the data ByteString sig; CPPUNIT_ASSERT(gost->sign(kp->getPrivateKey(), dataToSign, sig, "gost-gost")); // And verify it CPPUNIT_ASSERT(gost->verify(kp->getPublicKey(), dataToSign, sig, "gost-gost")); gost->recycleKeyPair(kp); gost->recycleParameters(p); CryptoFactory::i()->recycleAsymmetricAlgorithm(gost); gost = NULL; }
void ECDSATests::testSerialisation() { // Get prime256v1 domain parameters ECParameters* p = new ECParameters; p->setEC(ByteString("06082a8648ce3d030107")); // Serialise the parameters ByteString serialisedParams = p->serialise(); // Deserialise the parameters AsymmetricParameters* dEC; CPPUNIT_ASSERT(ecdsa->reconstructParameters(&dEC, serialisedParams)); CPPUNIT_ASSERT(dEC->areOfType(ECParameters::type)); ECParameters* ddEC = (ECParameters*) dEC; CPPUNIT_ASSERT(p->getEC() == ddEC->getEC()); // Generate a key-pair AsymmetricKeyPair* kp; CPPUNIT_ASSERT(ecdsa->generateKeyPair(&kp, dEC)); // Serialise the key-pair ByteString serialisedKP = kp->serialise(); // Deserialise the key-pair AsymmetricKeyPair* dKP; CPPUNIT_ASSERT(ecdsa->reconstructKeyPair(&dKP, serialisedKP)); // Check the deserialised key-pair ECPrivateKey* privKey = (ECPrivateKey*) kp->getPrivateKey(); ECPublicKey* pubKey = (ECPublicKey*) kp->getPublicKey(); ECPrivateKey* dPrivKey = (ECPrivateKey*) dKP->getPrivateKey(); ECPublicKey* dPubKey = (ECPublicKey*) dKP->getPublicKey(); CPPUNIT_ASSERT(privKey->getEC() == dPrivKey->getEC()); CPPUNIT_ASSERT(privKey->getD() == dPrivKey->getD()); CPPUNIT_ASSERT(pubKey->getEC() == dPubKey->getEC()); CPPUNIT_ASSERT(pubKey->getQ() == dPubKey->getQ()); ecdsa->recycleParameters(p); ecdsa->recycleParameters(dEC); ecdsa->recycleKeyPair(kp); ecdsa->recycleKeyPair(dKP); }
void RSATests::testPKCS8() { // Generate a 1024-bit key-pair for testing AsymmetricKeyPair* kp; RSAParameters p; p.setE("010001"); p.setBitLength(1024); CPPUNIT_ASSERT(rsa->generateKeyPair(&kp, &p)); CPPUNIT_ASSERT(kp != NULL); RSAPrivateKey* priv = (RSAPrivateKey*) kp->getPrivateKey(); CPPUNIT_ASSERT(priv != NULL); // Encode and decode the private key ByteString pkcs8 = priv->PKCS8Encode(); CPPUNIT_ASSERT(pkcs8.size() != 0); RSAPrivateKey* dPriv = (RSAPrivateKey*) rsa->newPrivateKey(); CPPUNIT_ASSERT(dPriv != NULL); CPPUNIT_ASSERT(dPriv->PKCS8Decode(pkcs8)); CPPUNIT_ASSERT(priv->getP() == dPriv->getP()); CPPUNIT_ASSERT(priv->getQ() == dPriv->getQ()); CPPUNIT_ASSERT(priv->getPQ() == dPriv->getPQ()); CPPUNIT_ASSERT(priv->getDP1() == dPriv->getDP1()); CPPUNIT_ASSERT(priv->getDQ1() == dPriv->getDQ1()); CPPUNIT_ASSERT(priv->getD() == dPriv->getD()); CPPUNIT_ASSERT(priv->getN() == dPriv->getN()); CPPUNIT_ASSERT(priv->getE() == dPriv->getE()); rsa->recycleKeyPair(kp); rsa->recyclePrivateKey(dPriv); }
void DHTests::testDerivation() { AsymmetricKeyPair* kpa; AsymmetricKeyPair* kpb; // Key sizes to test std::vector<size_t> keySizes; #ifdef WITH_FIPS keySizes.push_back(1024); #else keySizes.push_back(512); //keySizes.push_back(768); //keySizes.push_back(1024); #endif for (std::vector<size_t>::iterator k = keySizes.begin(); k != keySizes.end(); k++) { // Generate parameters AsymmetricParameters* p; CPPUNIT_ASSERT(dh->generateParameters(&p, (void*) *k)); // Generate key-pairs CPPUNIT_ASSERT(dh->generateKeyPair(&kpa, p)); CPPUNIT_ASSERT(dh->generateKeyPair(&kpb, p)); // Derive secrets SymmetricKey* sa; CPPUNIT_ASSERT(dh->deriveKey(&sa, kpb->getPublicKey(), kpa->getPrivateKey())); SymmetricKey* sb; CPPUNIT_ASSERT(dh->deriveKey(&sb, kpa->getPublicKey(), kpb->getPrivateKey())); // Must be the same CPPUNIT_ASSERT(sa->getKeyBits() == sb->getKeyBits()); // Clean up dh->recycleSymmetricKey(sa); dh->recycleSymmetricKey(sb); dh->recycleKeyPair(kpa); dh->recycleKeyPair(kpb); dh->recycleParameters(p); } }
void ECDHTests::testDerivation() { AsymmetricKeyPair* kpa; AsymmetricKeyPair* kpb; ECParameters* p; // Curves to test std::vector<ByteString> curves; // Add X9.62 prime256v1 curves.push_back(ByteString("06082a8648ce3d030107")); // Add secp384r1 curves.push_back(ByteString("06052b81040022")); for (std::vector<ByteString>::iterator c = curves.begin(); c != curves.end(); c++) { // Get parameters p = new ECParameters; CPPUNIT_ASSERT(p != NULL); p->setEC(*c); // Generate key-pairs CPPUNIT_ASSERT(ecdh->generateKeyPair(&kpa, p)); CPPUNIT_ASSERT(ecdh->generateKeyPair(&kpb, p)); // Derive secrets SymmetricKey* sa; CPPUNIT_ASSERT(ecdh->deriveKey(&sa, kpb->getPublicKey(), kpa->getPrivateKey())); SymmetricKey* sb; CPPUNIT_ASSERT(ecdh->deriveKey(&sb, kpa->getPublicKey(), kpb->getPrivateKey())); // Must be the same CPPUNIT_ASSERT(sa->getKeyBits() == sb->getKeyBits()); // Clean up ecdh->recycleSymmetricKey(sa); ecdh->recycleSymmetricKey(sb); ecdh->recycleKeyPair(kpa); ecdh->recycleKeyPair(kpb); ecdh->recycleParameters(p); } }
void EDDSATests::testDerivation() { AsymmetricKeyPair* kpa; AsymmetricKeyPair* kpb; ECParameters* p; // Curves to test std::vector<ByteString> curves; // Add x25519 curves.push_back(ByteString("06032b656e")); for (std::vector<ByteString>::iterator c = curves.begin(); c != curves.end(); c++) { // Get parameters p = new ECParameters; CPPUNIT_ASSERT(p != NULL); p->setEC(*c); // Generate key-pairs CPPUNIT_ASSERT(eddsa->generateKeyPair(&kpa, p)); CPPUNIT_ASSERT(eddsa->generateKeyPair(&kpb, p)); // Derive secrets SymmetricKey* sa; CPPUNIT_ASSERT(eddsa->deriveKey(&sa, kpb->getPublicKey(), kpa->getPrivateKey())); SymmetricKey* sb; CPPUNIT_ASSERT(eddsa->deriveKey(&sb, kpa->getPublicKey(), kpb->getPrivateKey())); // Must be the same CPPUNIT_ASSERT(sa->getKeyBits() == sb->getKeyBits()); // Clean up eddsa->recycleSymmetricKey(sa); eddsa->recycleSymmetricKey(sb); eddsa->recycleKeyPair(kpa); eddsa->recycleKeyPair(kpb); eddsa->recycleParameters(p); } }
void DHTests::testSerialisation() { // Generate 1024-bit parameters for testing DHParameters* p; AsymmetricParameters** ap = (AsymmetricParameters**) &p; //CPPUNIT_ASSERT(dh->generateParameters(ap, (void*) 1024)); // changed for 512-bit for speed... #ifndef WITH_BOTAN CPPUNIT_ASSERT(dh->generateParameters(ap, (void*) 1024)); #else CPPUNIT_ASSERT(dh->generateParameters(ap, (void*) 512)); #endif // Set a fixed private value length p->setXBitLength(128); // Serialise the parameters ByteString serialisedParams = p->serialise(); // Deserialise the parameters AsymmetricParameters* dP; CPPUNIT_ASSERT(dh->reconstructParameters(&dP, serialisedParams)); CPPUNIT_ASSERT(dP->areOfType(DHParameters::type)); DHParameters* ddP = (DHParameters*) dP; CPPUNIT_ASSERT(p->getP() == ddP->getP()); CPPUNIT_ASSERT(p->getG() == ddP->getG()); CPPUNIT_ASSERT(p->getXBitLength() == ddP->getXBitLength()); // Generate a key-pair AsymmetricKeyPair* kp; CPPUNIT_ASSERT(dh->generateKeyPair(&kp, dP)); // Serialise the key-pair ByteString serialisedKP = kp->serialise(); // Deserialise the key-pair AsymmetricKeyPair* dKP; CPPUNIT_ASSERT(dh->reconstructKeyPair(&dKP, serialisedKP)); // Check the deserialised key-pair DHPrivateKey* privKey = (DHPrivateKey*) kp->getPrivateKey(); DHPublicKey* pubKey = (DHPublicKey*) kp->getPublicKey(); DHPrivateKey* dPrivKey = (DHPrivateKey*) dKP->getPrivateKey(); DHPublicKey* dPubKey = (DHPublicKey*) dKP->getPublicKey(); CPPUNIT_ASSERT(privKey->getP() == dPrivKey->getP()); CPPUNIT_ASSERT(privKey->getG() == dPrivKey->getG()); CPPUNIT_ASSERT(privKey->getX() == dPrivKey->getX()); CPPUNIT_ASSERT(pubKey->getP() == dPubKey->getP()); CPPUNIT_ASSERT(pubKey->getG() == dPubKey->getG()); CPPUNIT_ASSERT(pubKey->getY() == dPubKey->getY()); dh->recycleParameters(p); dh->recycleParameters(dP); dh->recycleKeyPair(kp); dh->recycleKeyPair(dKP); }
void RSATests::testSerialisation() { // Generate a 1024-bit key-pair for testing AsymmetricKeyPair* kp; RSAParameters p; p.setE("010001"); p.setBitLength(1024); CPPUNIT_ASSERT(rsa->generateKeyPair(&kp, &p)); CPPUNIT_ASSERT(kp != NULL); // Serialise the parameters ByteString serialisedParams = p.serialise(); // Deserialise the parameters AsymmetricParameters* dP; CPPUNIT_ASSERT(rsa->reconstructParameters(&dP, serialisedParams)); CPPUNIT_ASSERT(dP->areOfType(RSAParameters::type)); RSAParameters* ddP = (RSAParameters*) dP; CPPUNIT_ASSERT(p.getE() == ddP->getE()); CPPUNIT_ASSERT(p.getBitLength() == ddP->getBitLength()); rsa->recycleParameters(dP); // Serialise the key-pair ByteString serialisedKP = kp->serialise(); CPPUNIT_ASSERT(serialisedKP.size() != 0); // Deserialise the key-pair AsymmetricKeyPair* dKP; CPPUNIT_ASSERT(rsa->reconstructKeyPair(&dKP, serialisedKP)); CPPUNIT_ASSERT(serialisedKP.size() == 0); CPPUNIT_ASSERT(dKP != NULL); RSAPublicKey* pub = (RSAPublicKey*) kp->getPublicKey(); RSAPrivateKey* priv = (RSAPrivateKey*) kp->getPrivateKey(); RSAPublicKey* dPub = (RSAPublicKey*) dKP->getPublicKey(); RSAPrivateKey* dPriv = (RSAPrivateKey*) dKP->getPrivateKey(); CPPUNIT_ASSERT(pub->getN() == dPub->getN()); CPPUNIT_ASSERT(pub->getE() == dPub->getE()); CPPUNIT_ASSERT(priv->getP() == dPriv->getP()); CPPUNIT_ASSERT(priv->getQ() == dPriv->getQ()); CPPUNIT_ASSERT(priv->getPQ() == dPriv->getPQ()); CPPUNIT_ASSERT(priv->getDP1() == dPriv->getDP1()); CPPUNIT_ASSERT(priv->getDQ1() == dPriv->getDQ1()); CPPUNIT_ASSERT(priv->getD() == dPriv->getD()); CPPUNIT_ASSERT(priv->getN() == dPriv->getN()); CPPUNIT_ASSERT(priv->getE() == dPriv->getE()); // Serialise and deserialise the public key ByteString serialisedPub = pub->serialise(); RSAPublicKey* desPub; CPPUNIT_ASSERT(rsa->reconstructPublicKey((PublicKey**) &desPub, serialisedPub)); CPPUNIT_ASSERT(serialisedPub.size() == 0); CPPUNIT_ASSERT(desPub != NULL); CPPUNIT_ASSERT(pub->getN() == desPub->getN()); CPPUNIT_ASSERT(pub->getE() == desPub->getE()); // Serialise and deserialise the private key ByteString serialisedPriv = priv->serialise(); RSAPrivateKey* desPriv; CPPUNIT_ASSERT(rsa->reconstructPrivateKey((PrivateKey**) &desPriv, serialisedPriv)); CPPUNIT_ASSERT(serialisedPriv.size() == 0); CPPUNIT_ASSERT(desPriv != NULL); CPPUNIT_ASSERT(priv->getP() == desPriv->getP()); CPPUNIT_ASSERT(priv->getQ() == desPriv->getQ()); CPPUNIT_ASSERT(priv->getPQ() == desPriv->getPQ()); CPPUNIT_ASSERT(priv->getDP1() == desPriv->getDP1()); CPPUNIT_ASSERT(priv->getDQ1() == desPriv->getDQ1()); CPPUNIT_ASSERT(priv->getD() == desPriv->getD()); CPPUNIT_ASSERT(priv->getN() == desPriv->getN()); CPPUNIT_ASSERT(priv->getE() == desPriv->getE()); rsa->recycleKeyPair(kp); rsa->recycleKeyPair(dKP); rsa->recyclePublicKey(desPub); rsa->recyclePrivateKey(desPriv); }
void DSATests::testSigningVerifying() { AsymmetricKeyPair* kp; // Key sizes to test std::vector<size_t> keySizes; #ifndef WITH_FIPS keySizes.push_back(512); keySizes.push_back(768); keySizes.push_back(1024); keySizes.push_back(1536); #else keySizes.push_back(1024); #endif #ifndef WITH_BOTAN keySizes.push_back(2048); #endif // Mechanisms to test std::vector<AsymMech::Type> mechanisms; mechanisms.push_back(AsymMech::DSA_SHA1); mechanisms.push_back(AsymMech::DSA_SHA224); mechanisms.push_back(AsymMech::DSA_SHA256); for (std::vector<size_t>::iterator k = keySizes.begin(); k != keySizes.end(); k++) { // Generate parameters AsymmetricParameters* p; CPPUNIT_ASSERT(dsa->generateParameters(&p, (void*) *k)); // Generate key-pair CPPUNIT_ASSERT(dsa->generateKeyPair(&kp, p)); // Generate some data to sign ByteString dataToSign; RNG* rng = CryptoFactory::i()->getRNG(); CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 567)); // Test mechanisms that perform internal hashing for (std::vector<AsymMech::Type>::iterator m = mechanisms.begin(); m != mechanisms.end(); m++) { ByteString blockSignature, singlePartSignature; // Sign the data in blocks CPPUNIT_ASSERT(dsa->signInit(kp->getPrivateKey(), *m)); CPPUNIT_ASSERT(dsa->signUpdate(dataToSign.substr(0, 134))); CPPUNIT_ASSERT(dsa->signUpdate(dataToSign.substr(134, 289))); CPPUNIT_ASSERT(dsa->signUpdate(dataToSign.substr(134 + 289))); CPPUNIT_ASSERT(dsa->signFinal(blockSignature)); // Sign the data in one pass CPPUNIT_ASSERT(dsa->sign(kp->getPrivateKey(), dataToSign, singlePartSignature, *m)); // Now perform multi-pass verification CPPUNIT_ASSERT(dsa->verifyInit(kp->getPublicKey(), *m)); CPPUNIT_ASSERT(dsa->verifyUpdate(dataToSign.substr(0, 125))); CPPUNIT_ASSERT(dsa->verifyUpdate(dataToSign.substr(125, 247))); CPPUNIT_ASSERT(dsa->verifyUpdate(dataToSign.substr(125 + 247))); CPPUNIT_ASSERT(dsa->verifyFinal(blockSignature)); // And single-pass verification CPPUNIT_ASSERT(dsa->verify(kp->getPublicKey(), dataToSign, singlePartSignature, *m)); } // Test mechanisms that do not perform internal hashing CPPUNIT_ASSERT(rng->generateRandom(dataToSign, *k >= 2048 ? 32 : 20)); // Sign the data ByteString signature; CPPUNIT_ASSERT(dsa->sign(kp->getPrivateKey(), dataToSign, signature, AsymMech::DSA)); // Verify the signature CPPUNIT_ASSERT(dsa->verify(kp->getPublicKey(), dataToSign, signature, AsymMech::DSA)); dsa->recycleKeyPair(kp); dsa->recycleParameters(p); } }
void RSATests::testSigningVerifying() { AsymmetricKeyPair* kp; RSAParameters p; // Public exponents to test std::vector<ByteString> exponents; exponents.push_back("010001"); exponents.push_back("03"); exponents.push_back("0B"); exponents.push_back("11"); // Key sizes to test std::vector<size_t> keySizes; keySizes.push_back(1024); keySizes.push_back(1280); keySizes.push_back(2048); //keySizes.push_back(4096); // Mechanisms to test std::vector<AsymMech::Type> mechanisms; #ifndef WITH_FIPS mechanisms.push_back(AsymMech::RSA_MD5_PKCS); #endif mechanisms.push_back(AsymMech::RSA_SHA1_PKCS); mechanisms.push_back(AsymMech::RSA_SHA224_PKCS); mechanisms.push_back(AsymMech::RSA_SHA256_PKCS); mechanisms.push_back(AsymMech::RSA_SHA384_PKCS); mechanisms.push_back(AsymMech::RSA_SHA512_PKCS); mechanisms.push_back(AsymMech::RSA_SHA1_PKCS_PSS); mechanisms.push_back(AsymMech::RSA_SHA224_PKCS_PSS); mechanisms.push_back(AsymMech::RSA_SHA256_PKCS_PSS); mechanisms.push_back(AsymMech::RSA_SHA384_PKCS_PSS); mechanisms.push_back(AsymMech::RSA_SHA512_PKCS_PSS); #ifndef WITH_FIPS mechanisms.push_back(AsymMech::RSA_SSL); #endif /* Max salt length for SHA512 and 1024-bit RSA is 62 bytes */ RSA_PKCS_PSS_PARAMS pssParams[] = { { HashAlgo::SHA1, AsymRSAMGF::MGF1_SHA1, 20 }, { HashAlgo::SHA224, AsymRSAMGF::MGF1_SHA224, 0 }, { HashAlgo::SHA256, AsymRSAMGF::MGF1_SHA256, 0 }, { HashAlgo::SHA384, AsymRSAMGF::MGF1_SHA384, 48 }, { HashAlgo::SHA512, AsymRSAMGF::MGF1_SHA512, 62 } }; for (std::vector<ByteString>::iterator e = exponents.begin(); e != exponents.end(); e++) { for (std::vector<size_t>::iterator k = keySizes.begin(); k != keySizes.end(); k++) { p.setE(*e); p.setBitLength(*k); // Generate key-pair CPPUNIT_ASSERT(rsa->generateKeyPair(&kp, &p)); // Generate some data to sign ByteString dataToSign; RNG* rng = CryptoFactory::i()->getRNG(); CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 567)); // Test mechanisms that perform internal hashing for (std::vector<AsymMech::Type>::iterator m = mechanisms.begin(); m != mechanisms.end(); m++) { ByteString blockSignature, singlePartSignature; void* param = NULL; size_t paramLen = 0; bool isPSS = false; switch (*m) { case AsymMech::RSA_SHA1_PKCS_PSS: param = &pssParams[0]; paramLen = sizeof(pssParams[0]); isPSS = true; break; case AsymMech::RSA_SHA224_PKCS_PSS: param = &pssParams[1]; paramLen = sizeof(pssParams[1]); isPSS = true; break; case AsymMech::RSA_SHA256_PKCS_PSS: param = &pssParams[2]; paramLen = sizeof(pssParams[2]); isPSS = true; break; case AsymMech::RSA_SHA384_PKCS_PSS: param = &pssParams[3]; paramLen = sizeof(pssParams[3]); isPSS = true; break; case AsymMech::RSA_SHA512_PKCS_PSS: param = &pssParams[4]; paramLen = sizeof(pssParams[4]); isPSS = true; break; default: break; } // Sign the data in blocks CPPUNIT_ASSERT(rsa->signInit(kp->getPrivateKey(), *m, param, paramLen)); CPPUNIT_ASSERT(rsa->signUpdate(dataToSign.substr(0, 134))); CPPUNIT_ASSERT(rsa->signUpdate(dataToSign.substr(134, 289))); CPPUNIT_ASSERT(rsa->signUpdate(dataToSign.substr(134 + 289))); CPPUNIT_ASSERT(rsa->signFinal(blockSignature)); // Sign the data in one pass CPPUNIT_ASSERT(rsa->sign(kp->getPrivateKey(), dataToSign, singlePartSignature, *m, param, paramLen)); // If it is not a PSS signature, check if the two signatures match if (!isPSS) { // Check if the two signatures match CPPUNIT_ASSERT(blockSignature == singlePartSignature); } // Now perform multi-pass verification CPPUNIT_ASSERT(rsa->verifyInit(kp->getPublicKey(), *m, param, paramLen)); CPPUNIT_ASSERT(rsa->verifyUpdate(dataToSign.substr(0, 125))); CPPUNIT_ASSERT(rsa->verifyUpdate(dataToSign.substr(125, 247))); CPPUNIT_ASSERT(rsa->verifyUpdate(dataToSign.substr(125 + 247))); CPPUNIT_ASSERT(rsa->verifyFinal(blockSignature)); // And single-pass verification CPPUNIT_ASSERT(rsa->verify(kp->getPublicKey(), dataToSign, singlePartSignature, *m, param, paramLen)); } // Test mechanisms that do not perform internal hashing // Test PKCS #1 signing CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 35)); // Sign the data ByteString signature; CPPUNIT_ASSERT(rsa->sign(kp->getPrivateKey(), dataToSign, signature, AsymMech::RSA_PKCS)); // Verify the signature CPPUNIT_ASSERT(rsa->verify(kp->getPublicKey(), dataToSign, signature, AsymMech::RSA_PKCS)); // Test raw RSA signing size_t byteSize = *k >> 3; CPPUNIT_ASSERT(rng->generateRandom(dataToSign, byteSize)); // Strip the topmost bit dataToSign[0] &= 0x7F; // Sign the data CPPUNIT_ASSERT(rsa->sign(kp->getPrivateKey(), dataToSign, signature, AsymMech::RSA)); // Verify the signature CPPUNIT_ASSERT(rsa->verify(kp->getPublicKey(), dataToSign, signature, AsymMech::RSA)); #ifdef WITH_RAW_PSS // Test raw (SHA1) PKCS PSS signing CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 20)); CPPUNIT_ASSERT(rsa->sign(kp->getPrivateKey(), dataToSign, signature, AsymMech::RSA_PKCS_PSS, &pssParams[0], sizeof(pssParams[0]))); CPPUNIT_ASSERT(rsa->verify(kp->getPublicKey(), dataToSign, signature, AsymMech::RSA_PKCS_PSS, &pssParams[0], sizeof(pssParams[0]))); // Test raw (SHA224) PKCS PSS signing CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 28)); CPPUNIT_ASSERT(rsa->sign(kp->getPrivateKey(), dataToSign, signature, AsymMech::RSA_PKCS_PSS, &pssParams[1], sizeof(pssParams[1]))); CPPUNIT_ASSERT(rsa->verify(kp->getPublicKey(), dataToSign, signature, AsymMech::RSA_PKCS_PSS, &pssParams[1], sizeof(pssParams[1]))); // Test raw (SHA256) PKCS PSS signing CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 32)); CPPUNIT_ASSERT(rsa->sign(kp->getPrivateKey(), dataToSign, signature, AsymMech::RSA_PKCS_PSS, &pssParams[2], sizeof(pssParams[2]))); CPPUNIT_ASSERT(rsa->verify(kp->getPublicKey(), dataToSign, signature, AsymMech::RSA_PKCS_PSS, &pssParams[2], sizeof(pssParams[2]))); // Test raw (SHA384) PKCS PSS signing CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 48)); CPPUNIT_ASSERT(rsa->sign(kp->getPrivateKey(), dataToSign, signature, AsymMech::RSA_PKCS_PSS, &pssParams[3], sizeof(pssParams[3]))); CPPUNIT_ASSERT(rsa->verify(kp->getPublicKey(), dataToSign, signature, AsymMech::RSA_PKCS_PSS, &pssParams[3], sizeof(pssParams[3]))); // Test raw (SHA512) PKCS PSS signing CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 64)); CPPUNIT_ASSERT(rsa->sign(kp->getPrivateKey(), dataToSign, signature, AsymMech::RSA_PKCS_PSS, &pssParams[4], sizeof(pssParams[4]))); CPPUNIT_ASSERT(rsa->verify(kp->getPublicKey(), dataToSign, signature, AsymMech::RSA_PKCS_PSS, &pssParams[4], sizeof(pssParams[4]))); #endif rsa->recycleKeyPair(kp); } } }