void ECDSATests::testSigningVerifying() { AsymmetricKeyPair* kp; ECParameters *p; // Curves/Hashes to test std::vector<std::pair<ByteString, const char*> > totest; // Add X9.62 prime256v1 totest.push_back(std::make_pair(ByteString("06082a8648ce3d030107"), "sha256")); // Add secp384r1 totest.push_back(std::make_pair(ByteString("06052b81040022"), "sha384")); for (std::vector<std::pair<ByteString, const char*> >::iterator k = totest.begin(); k != totest.end(); k++) { // Get parameters p = new ECParameters; CPPUNIT_ASSERT(p != NULL); p->setEC(k->first); HashAlgorithm *hash; hash = CryptoFactory::i()->getHashAlgorithm(k->second); CPPUNIT_ASSERT(hash != NULL); // Generate key-pair CPPUNIT_ASSERT(ecdsa->generateKeyPair(&kp, p)); // Generate some data to sign ByteString dataToSign; RNG* rng = CryptoFactory::i()->getRNG(); CPPUNIT_ASSERT(rng != NULL); CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 567)); // Sign the data CPPUNIT_ASSERT(hash->hashInit()); CPPUNIT_ASSERT(hash->hashUpdate(dataToSign)); ByteString hResult; CPPUNIT_ASSERT(hash->hashFinal(hResult)); ByteString sig; CPPUNIT_ASSERT(ecdsa->sign(kp->getPrivateKey(), hResult, sig, "ECDSA")); // And verify it CPPUNIT_ASSERT(ecdsa->verify(kp->getPublicKey(), hResult, sig, "ECDSA")); ecdsa->recycleKeyPair(kp); ecdsa->recycleParameters(p); CryptoFactory::i()->recycleHashAlgorithm(hash); } }
void EDDSATests::testSigningVerifying() { AsymmetricKeyPair* kp; ECParameters *p; // Curves to test std::vector<ByteString> curves; // Add ed25519 curves.push_back(ByteString("06032b6570")); for (std::vector<ByteString>::iterator c = curves.begin(); c != curves.end(); c++) { // Get parameters p = new ECParameters; CPPUNIT_ASSERT(p != NULL); p->setEC(*c); // Generate key-pair CPPUNIT_ASSERT(eddsa->generateKeyPair(&kp, p)); // Generate some data to sign ByteString dataToSign; RNG* rng = CryptoFactory::i()->getRNG(); CPPUNIT_ASSERT(rng != NULL); CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 567)); // Sign the data ByteString sig; CPPUNIT_ASSERT(eddsa->sign(kp->getPrivateKey(), dataToSign, sig, AsymMech::EDDSA)); // And verify it CPPUNIT_ASSERT(eddsa->verify(kp->getPublicKey(), dataToSign, sig, AsymMech::EDDSA)); eddsa->recycleKeyPair(kp); eddsa->recycleParameters(p); } }
void GOSTTests::testSigningVerifying() { AsymmetricKeyPair* kp; ECParameters *p; ByteString curve = "06072a850302022301"; CPPUNIT_ASSERT((gost = CryptoFactory::i()->getAsymmetricAlgorithm("gost"))); // Get parameters p = new ECParameters; CPPUNIT_ASSERT(p != NULL); p->setEC(curve); // Generate key-pair CPPUNIT_ASSERT(gost->generateKeyPair(&kp, p)); // Generate some data to sign ByteString dataToSign; RNG* rng = CryptoFactory::i()->getRNG(); CPPUNIT_ASSERT(rng != NULL); CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 567)); // Sign the data ByteString sig; CPPUNIT_ASSERT(gost->sign(kp->getPrivateKey(), dataToSign, sig, "gost-gost")); // And verify it CPPUNIT_ASSERT(gost->verify(kp->getPublicKey(), dataToSign, sig, "gost-gost")); gost->recycleKeyPair(kp); gost->recycleParameters(p); CryptoFactory::i()->recycleAsymmetricAlgorithm(gost); gost = NULL; }
void FileTests::testWriteRead() { // Generate some test data RNG* rng = CryptoFactory::i()->getRNG(); ByteString testData1; CPPUNIT_ASSERT(rng->generateRandom(testData1, 187)); // More test data std::string testString = "This is a test of the File class"; std::set<CK_MECHANISM_TYPE> testSet; testSet.insert(CKM_RSA_PKCS); testSet.insert(CKM_SHA256_RSA_PKCS); // Create a file for writing { #ifndef _WIN32 File newFile("testdir/newFile", false, true); #else File newFile("testdir\\newFile", false, true); #endif CPPUNIT_ASSERT(newFile.isValid()); // Write two booleans into the file CPPUNIT_ASSERT(newFile.writeBool(true)); CPPUNIT_ASSERT(newFile.writeBool(false)); // Write an ulong into the file CPPUNIT_ASSERT(newFile.writeULong(0x12345678)); // Write a ByteString into the file CPPUNIT_ASSERT(newFile.writeByteString(testData1)); // Write a string into the file CPPUNIT_ASSERT(newFile.writeString(testString)); // Write a set into the file CPPUNIT_ASSERT(newFile.writeMechanismTypeSet(testSet)); } CPPUNIT_ASSERT(exists("newFile")); // Read the created file back { #ifndef _WIN32 File newFile("testdir/newFile"); #else File newFile("testdir\\newFile"); #endif CPPUNIT_ASSERT(newFile.isValid()); // Read back the two booleans bool b1, b2; CPPUNIT_ASSERT(newFile.readBool(b1) && newFile.readBool(b2)); CPPUNIT_ASSERT(b1 && !b2); // Read back the ulong unsigned long ulongValue; CPPUNIT_ASSERT(newFile.readULong(ulongValue)); CPPUNIT_ASSERT(ulongValue == 0x12345678); // Read back the byte string ByteString bsValue; CPPUNIT_ASSERT(newFile.readByteString(bsValue)); CPPUNIT_ASSERT(bsValue == testData1); // Read back the string value std::string stringVal; CPPUNIT_ASSERT(newFile.readString(stringVal)); CPPUNIT_ASSERT(!testString.compare(stringVal)); // Read back the set value std::set<CK_MECHANISM_TYPE> setVal; CPPUNIT_ASSERT(newFile.readMechanismTypeSet(setVal)); CPPUNIT_ASSERT(setVal == testSet); // Check for EOF CPPUNIT_ASSERT(!newFile.readBool(b1)); CPPUNIT_ASSERT(newFile.isEOF()); } }
void DSATests::testSigningVerifying() { AsymmetricKeyPair* kp; // Key sizes to test std::vector<size_t> keySizes; #ifndef WITH_FIPS keySizes.push_back(512); keySizes.push_back(768); keySizes.push_back(1024); keySizes.push_back(1536); #else keySizes.push_back(1024); #endif #ifndef WITH_BOTAN keySizes.push_back(2048); #endif // Mechanisms to test std::vector<AsymMech::Type> mechanisms; mechanisms.push_back(AsymMech::DSA_SHA1); mechanisms.push_back(AsymMech::DSA_SHA224); mechanisms.push_back(AsymMech::DSA_SHA256); for (std::vector<size_t>::iterator k = keySizes.begin(); k != keySizes.end(); k++) { // Generate parameters AsymmetricParameters* p; CPPUNIT_ASSERT(dsa->generateParameters(&p, (void*) *k)); // Generate key-pair CPPUNIT_ASSERT(dsa->generateKeyPair(&kp, p)); // Generate some data to sign ByteString dataToSign; RNG* rng = CryptoFactory::i()->getRNG(); CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 567)); // Test mechanisms that perform internal hashing for (std::vector<AsymMech::Type>::iterator m = mechanisms.begin(); m != mechanisms.end(); m++) { ByteString blockSignature, singlePartSignature; // Sign the data in blocks CPPUNIT_ASSERT(dsa->signInit(kp->getPrivateKey(), *m)); CPPUNIT_ASSERT(dsa->signUpdate(dataToSign.substr(0, 134))); CPPUNIT_ASSERT(dsa->signUpdate(dataToSign.substr(134, 289))); CPPUNIT_ASSERT(dsa->signUpdate(dataToSign.substr(134 + 289))); CPPUNIT_ASSERT(dsa->signFinal(blockSignature)); // Sign the data in one pass CPPUNIT_ASSERT(dsa->sign(kp->getPrivateKey(), dataToSign, singlePartSignature, *m)); // Now perform multi-pass verification CPPUNIT_ASSERT(dsa->verifyInit(kp->getPublicKey(), *m)); CPPUNIT_ASSERT(dsa->verifyUpdate(dataToSign.substr(0, 125))); CPPUNIT_ASSERT(dsa->verifyUpdate(dataToSign.substr(125, 247))); CPPUNIT_ASSERT(dsa->verifyUpdate(dataToSign.substr(125 + 247))); CPPUNIT_ASSERT(dsa->verifyFinal(blockSignature)); // And single-pass verification CPPUNIT_ASSERT(dsa->verify(kp->getPublicKey(), dataToSign, singlePartSignature, *m)); } // Test mechanisms that do not perform internal hashing CPPUNIT_ASSERT(rng->generateRandom(dataToSign, *k >= 2048 ? 32 : 20)); // Sign the data ByteString signature; CPPUNIT_ASSERT(dsa->sign(kp->getPrivateKey(), dataToSign, signature, AsymMech::DSA)); // Verify the signature CPPUNIT_ASSERT(dsa->verify(kp->getPublicKey(), dataToSign, signature, AsymMech::DSA)); dsa->recycleKeyPair(kp); dsa->recycleParameters(p); } }
void RSATests::testSigningVerifying() { AsymmetricKeyPair* kp; RSAParameters p; // Public exponents to test std::vector<ByteString> exponents; exponents.push_back("010001"); exponents.push_back("03"); exponents.push_back("0B"); exponents.push_back("11"); // Key sizes to test std::vector<size_t> keySizes; keySizes.push_back(1024); keySizes.push_back(1280); keySizes.push_back(2048); //keySizes.push_back(4096); // Mechanisms to test std::vector<AsymMech::Type> mechanisms; #ifndef WITH_FIPS mechanisms.push_back(AsymMech::RSA_MD5_PKCS); #endif mechanisms.push_back(AsymMech::RSA_SHA1_PKCS); mechanisms.push_back(AsymMech::RSA_SHA224_PKCS); mechanisms.push_back(AsymMech::RSA_SHA256_PKCS); mechanisms.push_back(AsymMech::RSA_SHA384_PKCS); mechanisms.push_back(AsymMech::RSA_SHA512_PKCS); mechanisms.push_back(AsymMech::RSA_SHA1_PKCS_PSS); mechanisms.push_back(AsymMech::RSA_SHA224_PKCS_PSS); mechanisms.push_back(AsymMech::RSA_SHA256_PKCS_PSS); mechanisms.push_back(AsymMech::RSA_SHA384_PKCS_PSS); mechanisms.push_back(AsymMech::RSA_SHA512_PKCS_PSS); #ifndef WITH_FIPS mechanisms.push_back(AsymMech::RSA_SSL); #endif /* Max salt length for SHA512 and 1024-bit RSA is 62 bytes */ RSA_PKCS_PSS_PARAMS pssParams[] = { { HashAlgo::SHA1, AsymRSAMGF::MGF1_SHA1, 20 }, { HashAlgo::SHA224, AsymRSAMGF::MGF1_SHA224, 0 }, { HashAlgo::SHA256, AsymRSAMGF::MGF1_SHA256, 0 }, { HashAlgo::SHA384, AsymRSAMGF::MGF1_SHA384, 48 }, { HashAlgo::SHA512, AsymRSAMGF::MGF1_SHA512, 62 } }; for (std::vector<ByteString>::iterator e = exponents.begin(); e != exponents.end(); e++) { for (std::vector<size_t>::iterator k = keySizes.begin(); k != keySizes.end(); k++) { p.setE(*e); p.setBitLength(*k); // Generate key-pair CPPUNIT_ASSERT(rsa->generateKeyPair(&kp, &p)); // Generate some data to sign ByteString dataToSign; RNG* rng = CryptoFactory::i()->getRNG(); CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 567)); // Test mechanisms that perform internal hashing for (std::vector<AsymMech::Type>::iterator m = mechanisms.begin(); m != mechanisms.end(); m++) { ByteString blockSignature, singlePartSignature; void* param = NULL; size_t paramLen = 0; bool isPSS = false; switch (*m) { case AsymMech::RSA_SHA1_PKCS_PSS: param = &pssParams[0]; paramLen = sizeof(pssParams[0]); isPSS = true; break; case AsymMech::RSA_SHA224_PKCS_PSS: param = &pssParams[1]; paramLen = sizeof(pssParams[1]); isPSS = true; break; case AsymMech::RSA_SHA256_PKCS_PSS: param = &pssParams[2]; paramLen = sizeof(pssParams[2]); isPSS = true; break; case AsymMech::RSA_SHA384_PKCS_PSS: param = &pssParams[3]; paramLen = sizeof(pssParams[3]); isPSS = true; break; case AsymMech::RSA_SHA512_PKCS_PSS: param = &pssParams[4]; paramLen = sizeof(pssParams[4]); isPSS = true; break; default: break; } // Sign the data in blocks CPPUNIT_ASSERT(rsa->signInit(kp->getPrivateKey(), *m, param, paramLen)); CPPUNIT_ASSERT(rsa->signUpdate(dataToSign.substr(0, 134))); CPPUNIT_ASSERT(rsa->signUpdate(dataToSign.substr(134, 289))); CPPUNIT_ASSERT(rsa->signUpdate(dataToSign.substr(134 + 289))); CPPUNIT_ASSERT(rsa->signFinal(blockSignature)); // Sign the data in one pass CPPUNIT_ASSERT(rsa->sign(kp->getPrivateKey(), dataToSign, singlePartSignature, *m, param, paramLen)); // If it is not a PSS signature, check if the two signatures match if (!isPSS) { // Check if the two signatures match CPPUNIT_ASSERT(blockSignature == singlePartSignature); } // Now perform multi-pass verification CPPUNIT_ASSERT(rsa->verifyInit(kp->getPublicKey(), *m, param, paramLen)); CPPUNIT_ASSERT(rsa->verifyUpdate(dataToSign.substr(0, 125))); CPPUNIT_ASSERT(rsa->verifyUpdate(dataToSign.substr(125, 247))); CPPUNIT_ASSERT(rsa->verifyUpdate(dataToSign.substr(125 + 247))); CPPUNIT_ASSERT(rsa->verifyFinal(blockSignature)); // And single-pass verification CPPUNIT_ASSERT(rsa->verify(kp->getPublicKey(), dataToSign, singlePartSignature, *m, param, paramLen)); } // Test mechanisms that do not perform internal hashing // Test PKCS #1 signing CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 35)); // Sign the data ByteString signature; CPPUNIT_ASSERT(rsa->sign(kp->getPrivateKey(), dataToSign, signature, AsymMech::RSA_PKCS)); // Verify the signature CPPUNIT_ASSERT(rsa->verify(kp->getPublicKey(), dataToSign, signature, AsymMech::RSA_PKCS)); // Test raw RSA signing size_t byteSize = *k >> 3; CPPUNIT_ASSERT(rng->generateRandom(dataToSign, byteSize)); // Strip the topmost bit dataToSign[0] &= 0x7F; // Sign the data CPPUNIT_ASSERT(rsa->sign(kp->getPrivateKey(), dataToSign, signature, AsymMech::RSA)); // Verify the signature CPPUNIT_ASSERT(rsa->verify(kp->getPublicKey(), dataToSign, signature, AsymMech::RSA)); #ifdef WITH_RAW_PSS // Test raw (SHA1) PKCS PSS signing CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 20)); CPPUNIT_ASSERT(rsa->sign(kp->getPrivateKey(), dataToSign, signature, AsymMech::RSA_PKCS_PSS, &pssParams[0], sizeof(pssParams[0]))); CPPUNIT_ASSERT(rsa->verify(kp->getPublicKey(), dataToSign, signature, AsymMech::RSA_PKCS_PSS, &pssParams[0], sizeof(pssParams[0]))); // Test raw (SHA224) PKCS PSS signing CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 28)); CPPUNIT_ASSERT(rsa->sign(kp->getPrivateKey(), dataToSign, signature, AsymMech::RSA_PKCS_PSS, &pssParams[1], sizeof(pssParams[1]))); CPPUNIT_ASSERT(rsa->verify(kp->getPublicKey(), dataToSign, signature, AsymMech::RSA_PKCS_PSS, &pssParams[1], sizeof(pssParams[1]))); // Test raw (SHA256) PKCS PSS signing CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 32)); CPPUNIT_ASSERT(rsa->sign(kp->getPrivateKey(), dataToSign, signature, AsymMech::RSA_PKCS_PSS, &pssParams[2], sizeof(pssParams[2]))); CPPUNIT_ASSERT(rsa->verify(kp->getPublicKey(), dataToSign, signature, AsymMech::RSA_PKCS_PSS, &pssParams[2], sizeof(pssParams[2]))); // Test raw (SHA384) PKCS PSS signing CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 48)); CPPUNIT_ASSERT(rsa->sign(kp->getPrivateKey(), dataToSign, signature, AsymMech::RSA_PKCS_PSS, &pssParams[3], sizeof(pssParams[3]))); CPPUNIT_ASSERT(rsa->verify(kp->getPublicKey(), dataToSign, signature, AsymMech::RSA_PKCS_PSS, &pssParams[3], sizeof(pssParams[3]))); // Test raw (SHA512) PKCS PSS signing CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 64)); CPPUNIT_ASSERT(rsa->sign(kp->getPrivateKey(), dataToSign, signature, AsymMech::RSA_PKCS_PSS, &pssParams[4], sizeof(pssParams[4]))); CPPUNIT_ASSERT(rsa->verify(kp->getPublicKey(), dataToSign, signature, AsymMech::RSA_PKCS_PSS, &pssParams[4], sizeof(pssParams[4]))); #endif rsa->recycleKeyPair(kp); } } }