/** Verify a signature
@param hashname [in] String naming the hash
@param keydatalen [in] The length of the public key
@param keydata [in] The public key of the signer
@param sigdatalen [in] The length of the signature data
@param sigdata [in] The signature data
@param filedatalen [in] The length of the file in octets
@param filedata [in] The contents of the file being verified
@param ... [in] Additional len,data pairs until len is 0
@return nonzero on error [or invalid], 0 on success
If
*/
int verify_data(
char *hashname,
unsigned long keydatalen,
unsigned char *keydata,
unsigned long sigdatalen,
unsigned char *sigdata,
unsigned long filedatalen,
const unsigned char *filedata, ...)
{
rsa_key rsakey;
unsigned char rsabuf[2048], md[MAXBLOCKSIZE];
unsigned long rsalen, mdlen;
int stat;
int res;
va_list args;
const unsigned char *dataptr;
unsigned long datalen;
hash_state hs;
struct ltc_hash_descriptor *hd;
int hashid;
heap_start(heap_mem, HEAP_SIZE);
if (strcmp(hashname,"des") == 0) {
symmetric_key skey;
DO(des_setup(keydata, keydatalen, 0, &skey),0x400000);
DO(des_ecb_encrypt(filedata, sigdata, &skey),0x500000);
return res;
}
register_hash(&sha256_desc);
// register_hash(&sha512_desc);
// register_hash(&whirlpool_desc);
register_hash(&rmd160_desc);
register_hash(&md4_desc);
register_hash(<c_md5_desc);
register_hash(&sha1_desc);
ltc_mp = tfm_desc;
hashid = find_hash(hashname);
if ((res = hash_is_valid(hashid)) != CRYPT_OK)
return res;
hd = &hash_descriptor[hashid];
if ((res = hd->init(&hs)) != CRYPT_OK)
return res;
va_start(args, filedata);
dataptr = filedata;
datalen = filedatalen;
for(;;) {
if((res = hd->process(&hs, dataptr, datalen)) != 0)
return res;
if((datalen = va_arg(args, unsigned long)) == 0)
break;
if((dataptr = va_arg(args, unsigned char *)) == NULL)
break;
}
va_end(args);
if (keydatalen == 0) {
res = hd->done(&hs, sigdata);
*keydata = hd->hashsize;
return res+0x100000;
}
if((res = hd->done(&hs, md)) != 0)
return res+0x200000;
mdlen = hd->hashsize;
DO(rsa_import(keydata, keydatalen, &rsakey),0x300000);
DO(rsa_verify_hash(sigdata, sigdatalen, md, mdlen, find_hash(hashname), 8, &stat, &rsakey),0x400000);
rsa_free(&rsakey);
return (stat == 0) ? -1 : 0;
}
/**
Initialize the CHC state with a given cipher
@param cipher The index of the cipher you wish to bind
@return CRYPT_OK if successful
*/
int chc_register(int cipher)
{
int err, kl, idx;
if ((err = cipher_is_valid(cipher)) != CRYPT_OK) {
return err;
}
/* will it be valid? */
kl = cipher_descriptor[cipher].block_length;
/* must be >64 bit block */
if (kl <= 8) {
return CRYPT_INVALID_CIPHER;
}
/* can we use the ideal keysize? */
if ((err = cipher_descriptor[cipher].keysize(&kl)) != CRYPT_OK) {
return err;
}
/* we require that key size == block size be a valid choice */
if (kl != cipher_descriptor[cipher].block_length) {
return CRYPT_INVALID_CIPHER;
}
/* determine if chc_hash has been register_hash'ed already */
if ((err = hash_is_valid(idx = find_hash("chc_hash"))) != CRYPT_OK) {
return err;
}
/* store into descriptor */
hash_descriptor[idx].hashsize =
hash_descriptor[idx].blocksize = cipher_descriptor[cipher].block_length;
/* store the idx and block size */
cipher_idx = cipher;
cipher_blocksize = cipher_descriptor[cipher].block_length;
return CRYPT_OK;
}
int main(void)
{
unsigned char buffer[100], hash[MAXBLOCKSIZE];
int idx, x;
hash_state md;
/* register hashes .... */
if (register_hash(&md5_desc) == -1) {
printf("Error registering MD5.\n");
return -1;
}
/* register other hashes ... */
/* prompt for name and strip newline */
printf("Enter hash name: \n");
fgets(buffer, sizeof(buffer), stdin);
buffer[strlen(buffer) - 1] = 0;
/* get hash index */
idx = find_hash(buffer);
if (idx == -1) {
printf("Invalid hash name!\n");
return -1;
}
/* hash input until blank line */
hash_descriptor[idx].init(&md);
while (fgets(buffer, sizeof(buffer), stdin) != NULL)
hash_descriptor[idx].process(&md, buffer, strlen(buffer));
hash_descriptor[idx].done(&md, hash);
/* dump to screen */
for (x = 0; x < hash_descriptor[idx].hashsize; x++)
printf("%02x ", hash[x]);
printf("\n");
return 0;
}
static
int rpmltcVerifyRSA(pgpDig dig)
/*@*/
{
rpmltc ltc = dig->impl;
int rc = 0; /* assume failure. */
int _padding = LTC_LTC_PKCS_1_V1_5;
int hash_idx = find_hash("sha1");
unsigned long saltlen = 0;
unsigned char sig[2048];
unsigned long siglen = sizeof(sig);
unsigned char digest[2048];
unsigned long digestlen = sizeof(digest);
int xx;
#ifdef DYING
rpmltcDumpRSA(__FUNCTION__, ltc);
#endif
if (ltc->digest == NULL || ltc->digestlen == 0) goto exit;
xx = mp_to_unsigned_bin_n(ltc->c, sig, &siglen);
memcpy(digest, ltc->digest, ltc->digestlen);
#ifndef NOTYET
rc = rpmltcErr(ltc, "rsa_verify_hash_ex",
rsa_verify_hash_ex(sig, siglen,
ltc->digest, ltc->digestlen,
_padding, hash_idx, saltlen, &rc, <c->rsa));
#else
rc = rpmltcErr(ltc, "rsa_decrypt_key_ex",
rsa_decrypt_key_ex(sig, siglen, digest, &digestlen,
NULL, 0, hash_idx, _padding, &rc, <c->rsa));
#endif
exit:
SPEW(!rc, rc, dig);
return rc;
}
/**
* The application entry point under Linux and Windows.
*
* @param argc number of arguments including the program name
* @param argv program arguments including the program name
* @return program exit code
*/
int main(int argc, char *argv[])
{
/* rhash_transmit(RMSG_SET_OPENSSL_MASK, 0, RHASH_ALL_HASHES, 0); */
#ifndef USE_RHASH_DLL
rhash_library_init();
#endif
test_generic_assumptions();
if(argc > 1) {
if(strcmp(argv[1], "--speed") == 0) {
unsigned hash_id = (argc > 2 ? find_hash(argv[2]) : RHASH_SHA1);
if(hash_id == 0) {
fprintf(stderr, "error: unknown hash_id: %s\n", argv[2]);
return 1;
}
test_known_strings(hash_id);
rhash_run_benchmark(hash_id, 0, stdout);
} else if(strcmp(argv[1], "--flags") == 0) {
printf("%s", compiler_flags);
} else {
printf("Options: [--speed [HASH_NAME]| --flags]\n");
}
} else {
test_all_known_strings();
test_long_strings();
test_alignment();
test_results_consistency();
test_magnet();
if(g_errors == 0) printf("All sums are working properly!\n");
fflush(stdout);
}
if(g_errors > 0) printf("%s", compiler_flags);
return (g_errors == 0 ? 0 : 1);
}
UCHAR *
FileRecordNumber :: get_empty_record( int recno, UINT32& magic )
{
frn_record * x;
x = find_hash( recno );
if ( x != NULL )
{
delete_lru( x );
}
else
{
x = new( record_length ) frn_record( recno );
add_hash( x );
}
x->dirty = 1;
x->clean = -1;
magic = (UINT32)x;
return x->dat;
}
*/int find_hash_any(const char *name, int digestlen)
{
int x, y, z;
LTC_ARGCHK(name != NULL);
x = find_hash(name);
if (x != -1) return x;
LTC_MUTEX_LOCK(<c_hash_mutex);
y = MAXBLOCKSIZE+1;
z = -1;
for (x = 0; x < TAB_SIZE; x++) {
if (hash_descriptor[x].name == NULL) {
continue;
}
if ((int)hash_descriptor[x].hashsize >= digestlen && (int)hash_descriptor[x].hashsize < y) {
z = x;
y = hash_descriptor[x].hashsize;
}
}
LTC_MUTEX_UNLOCK(<c_hash_mutex);
return z;
}
int main() {
ltc_mp = ltm_desc;
rsa_key priv_key, pub_key;
int hash_idx, prng_idx;
int ret = rsa_import(openssl_private_rsa, sizeof(openssl_private_rsa), &priv_key);
ret = rsa_import(openssl_public_rsa, sizeof(openssl_public_rsa), &pub_key);
if (register_hash(&sha1_desc) == -1) {
printf("Error registering SHA1\n");
return -1;
}
hash_idx = find_hash("sha1");
register_prng(&sprng_desc);
prng_idx = find_prng("sprng");
prng_state prng;
int err;
if ((err = yarrow_start(&prng)) != CRYPT_OK) {
printf("Start error: %s\n", error_to_string(err));
}
/* add entropy */
if ((err = yarrow_add_entropy("hello world", 11, &prng))
!= CRYPT_OK) {
printf("Add_entropy error: %s\n", error_to_string(err));
}
int stat;
unsigned char buf[1024];
long size = 1024;
//ret = rsa_decrypt_key(sig, strlen(sig), buf, &size, 0, 0, hash_idx, &stat, &key);
ret = rsa_sign_hash(hash, strlen(hash), buf, &size, &prng, prng_idx, hash_idx, 0, &priv_key);
ret = rsa_verify_hash(sig, strlen(sig), hash, strlen(hash), hash_idx, 0, &stat, &pub_key);
printf("status is : %d\n", ret);
//load stuff!
return 0;
}
/*
* Computes a HMAC SHA-1 keyed hash of 'input' using the key 'key'
*/
bool hmacSha1(const unsigned char* key,
const size_t keyLen,
const unsigned char* input,
const size_t inputLen,
unsigned char* output,
unsigned int* outputLen) {
if (!key || !input || !output) {
return false;
}
static int hashId = -1;
if (hashId == -1) {
register_hash(&sha1_desc);
hashId = find_hash("sha1");
}
unsigned long sha1HashLen = 20;
if (hmac_memory(hashId, key, keyLen, input, inputLen, output, &sha1HashLen) != CRYPT_OK) {
return false;
}
*outputLen = sha1HashLen;
return true;
}
dbref
lookup_player(const char *name)
{
hash_data *hd;
if (*name == '#') {
name++;
if (!OkObj(atoi(name)) || Typeof(atoi(name)) != TYPE_PLAYER)
return NOTHING;
else
return atoi(name);
} else {
if (*name == '*')
name++;
if ((hd = find_hash(name, player_list, PLAYER_HASH_SIZE)) == NULL) {
/* secondary check - is there an exact @alias? this will return
* NOTHING if no alias was found. */
return lookup_alias(name, 0);
} else {
return (hd->dbval);
}
}
}
void*
mmc_map( char* filename, struct stat* sbP )
{
struct stat sb;
Map* m;
int fd;
/* Stat the file if necessary. */
if ( sbP != (struct stat*) 0 )
sb = *sbP;
else
{
if ( stat( filename, &sb ) != 0 )
{
syslog( LOG_ERR, "stat - %m" );
return (void*) 0;
}
}
/* See if we have it mapped already, via the hash table. */
if ( check_hash_size() < 0 )
{
syslog( LOG_ERR, "check_hash_size() failure" );
return (void*) 0;
}
m = find_hash( sb.st_ino, sb.st_dev, sb.st_size, sb.st_mtime );
if ( m != (Map*) 0 )
{
/* Yep. */
++m->refcount;
return m->addr;
}
/* Nope. Open the file. */
fd = open( filename, O_RDONLY );
if ( fd < 0 )
{
syslog( LOG_ERR, "open - %m" );
return (void*) 0;
}
/* Find a free Map entry or make a new one. */
if ( free_maps != (Map*) 0 )
{
m = free_maps;
free_maps = m->next;
--free_count;
}
else
{
m = (Map*) malloc( sizeof(Map) );
if ( m == (Map*) 0 )
{
(void) close( fd );
return (void*) 0;
}
}
/* Fill in the Map entry. */
m->ino = sb.st_ino;
m->dev = sb.st_dev;
m->size = sb.st_size;
m->mtime = sb.st_mtime;
m->refcount = 1;
/* Avoid doing anything for zero-length files; some systems don't like
** to mmap them, other systems dislike mallocing zero bytes.
*/
if ( m->size == 0 )
m->addr = (void*) 1; /* arbitrary non-NULL address */
else
{
#ifdef HAVE_MMAP
/* Map the file into memory. */
m->addr = mmap( 0, m->size, PROT_READ, MAP_SHARED, fd, 0 );
if ( m->addr == (void*) -1 )
{
syslog( LOG_ERR, "mmap - %m" );
(void) close( fd );
free( (void*) m );
return (void*) 0;
}
#else /* HAVE_MMAP */
/* Read the file into memory. */
m->addr = (void*) malloc( m->size );
if ( m->addr == (void*) 0 )
{
syslog( LOG_ERR, "not enough memory" );
(void) close( fd );
free( (void*) m );
return (void*) 0;
}
if ( read( fd, m->addr, m->size ) != m->size )
{
syslog( LOG_ERR, "read - %m" );
(void) close( fd );
free( (void*) m );
return (void*) 0;
}
#endif /* HAVE_MMAP */
}
(void) close( fd );
/* Put the Map into the hash table. */
if ( add_hash( m ) < 0 )
{
syslog( LOG_ERR, "add_hash() failure" );
free( (void*) m );
return (void*) 0;
}
/* Put the Map on the active list. */
m->next = maps;
maps = m;
++map_count;
/* And return the address. */
return m->addr;
}
int ecc_tests (void)
{
unsigned char buf[4][4096];
unsigned long x, y, z, s;
int stat, stat2;
ecc_key usera, userb, pubKey, privKey;
DO(ecc_test ());
DO(ecc_test ());
DO(ecc_test ());
DO(ecc_test ());
DO(ecc_test ());
for (s = 0; s < (sizeof(sizes)/sizeof(sizes[0])); s++) {
/* make up two keys */
DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &usera));
DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &userb));
/* make the shared secret */
x = sizeof(buf[0]);
DO(ecc_shared_secret (&usera, &userb, buf[0], &x));
y = sizeof(buf[1]);
DO(ecc_shared_secret (&userb, &usera, buf[1], &y));
if (y != x) {
fprintf(stderr, "ecc Shared keys are not same size.");
return 1;
}
if (memcmp (buf[0], buf[1], x)) {
fprintf(stderr, "ecc Shared keys not same contents.");
return 1;
}
/* now export userb */
y = sizeof(buf[0]);
DO(ecc_export (buf[1], &y, PK_PUBLIC, &userb));
ecc_free (&userb);
/* import and make the shared secret again */
DO(ecc_import (buf[1], y, &userb));
z = sizeof(buf[0]);
DO(ecc_shared_secret (&usera, &userb, buf[2], &z));
if (z != x) {
fprintf(stderr, "failed. Size don't match?");
return 1;
}
if (memcmp (buf[0], buf[2], x)) {
fprintf(stderr, "Failed. Contents didn't match.");
return 1;
}
/* export with ANSI X9.63 */
y = sizeof(buf[1]);
DO(ecc_ansi_x963_export(&userb, buf[1], &y));
ecc_free (&userb);
/* now import the ANSI key */
DO(ecc_ansi_x963_import(buf[1], y, &userb));
/* shared secret */
z = sizeof(buf[0]);
DO(ecc_shared_secret (&usera, &userb, buf[2], &z));
if (z != x) {
fprintf(stderr, "failed. Size don't match?");
return 1;
}
if (memcmp (buf[0], buf[2], x)) {
fprintf(stderr, "Failed. Contents didn't match.");
return 1;
}
ecc_free (&usera);
ecc_free (&userb);
/* test encrypt_key */
DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &usera));
/* export key */
x = sizeof(buf[0]);
DO(ecc_export(buf[0], &x, PK_PUBLIC, &usera));
DO(ecc_import(buf[0], x, &pubKey));
x = sizeof(buf[0]);
DO(ecc_export(buf[0], &x, PK_PRIVATE, &usera));
DO(ecc_import(buf[0], x, &privKey));
for (x = 0; x < 32; x++) {
buf[0][x] = x;
}
y = sizeof (buf[1]);
DO(ecc_encrypt_key (buf[0], 32, buf[1], &y, &yarrow_prng, find_prng ("yarrow"), find_hash ("sha256"), &pubKey));
zeromem (buf[0], sizeof (buf[0]));
x = sizeof (buf[0]);
DO(ecc_decrypt_key (buf[1], y, buf[0], &x, &privKey));
if (x != 32) {
fprintf(stderr, "Failed (length)");
return 1;
}
for (x = 0; x < 32; x++) {
if (buf[0][x] != x) {
fprintf(stderr, "Failed (contents)");
return 1;
}
}
/* test sign_hash */
for (x = 0; x < 16; x++) {
buf[0][x] = x;
}
x = sizeof (buf[1]);
DO(ecc_sign_hash (buf[0], 16, buf[1], &x, &yarrow_prng, find_prng ("yarrow"), &privKey));
DO(ecc_verify_hash (buf[1], x, buf[0], 16, &stat, &pubKey));
buf[0][0] ^= 1;
DO(ecc_verify_hash (buf[1], x, buf[0], 16, &stat2, &privKey));
if (!(stat == 1 && stat2 == 0)) {
fprintf(stderr, "ecc_verify_hash failed %d, %d, ", stat, stat2);
return 1;
}
ecc_free (&usera);
ecc_free (&pubKey);
ecc_free (&privKey);
}
#ifdef LTC_ECC_SHAMIR
return ecc_test_shamir();
#else
return 0;
#endif
}
int rsa_test(void)
{
unsigned char in[1024], out[1024], tmp[1024];
rsa_key key, privKey, pubKey;
int hash_idx, prng_idx, stat, stat2;
unsigned long rsa_msgsize, len, len2, cnt;
static unsigned char lparam[] = { 0x01, 0x02, 0x03, 0x04 };
if (rsa_compat_test() != 0) {
return 1;
}
hash_idx = find_hash("sha1");
prng_idx = find_prng("yarrow");
if (hash_idx == -1 || prng_idx == -1) {
fprintf(stderr, "rsa_test requires LTC_SHA1 and yarrow");
return 1;
}
/* make 10 random key */
for (cnt = 0; cnt < 10; cnt++) {
DO(rsa_make_key(&yarrow_prng, prng_idx, 1024/8, 65537, &key));
if (mp_count_bits(key.N) != 1024) {
fprintf(stderr, "rsa_1024 key modulus has %d bits\n", mp_count_bits(key.N));
len = mp_unsigned_bin_size(key.N);
mp_to_unsigned_bin(key.N, tmp);
fprintf(stderr, "N == \n");
for (cnt = 0; cnt < len; ) {
fprintf(stderr, "%02x ", tmp[cnt]);
if (!(++cnt & 15)) fprintf(stderr, "\n");
}
len = mp_unsigned_bin_size(key.p);
mp_to_unsigned_bin(key.p, tmp);
fprintf(stderr, "p == \n");
for (cnt = 0; cnt < len; ) {
fprintf(stderr, "%02x ", tmp[cnt]);
if (!(++cnt & 15)) fprintf(stderr, "\n");
}
len = mp_unsigned_bin_size(key.q);
mp_to_unsigned_bin(key.q, tmp);
fprintf(stderr, "\nq == \n");
for (cnt = 0; cnt < len; ) {
fprintf(stderr, "%02x ", tmp[cnt]);
if (!(++cnt & 15)) fprintf(stderr, "\n");
}
fprintf(stderr, "\n");
return 1;
}
if (cnt != 9) {
rsa_free(&key);
}
}
/* encrypt the key (without lparam) */
for (cnt = 0; cnt < 4; cnt++) {
for (rsa_msgsize = 1; rsa_msgsize <= 86; rsa_msgsize++) {
/* make a random key/msg */
yarrow_read(in, rsa_msgsize, &yarrow_prng);
len = sizeof(out);
len2 = rsa_msgsize;
DO(rsa_encrypt_key(in, rsa_msgsize, out, &len, NULL, 0, &yarrow_prng, prng_idx, hash_idx, &key));
/* change a byte */
out[8] ^= 1;
DO(rsa_decrypt_key(out, len, tmp, &len2, NULL, 0, hash_idx, &stat2, &key));
/* change a byte back */
out[8] ^= 1;
if (len2 != rsa_msgsize) {
fprintf(stderr, "\nrsa_decrypt_key mismatch len %lu (first decrypt)", len2);
return 1;
}
len2 = rsa_msgsize;
DO(rsa_decrypt_key(out, len, tmp, &len2, NULL, 0, hash_idx, &stat, &key));
if (!(stat == 1 && stat2 == 0)) {
fprintf(stderr, "rsa_decrypt_key failed");
return 1;
}
if (len2 != rsa_msgsize || memcmp(tmp, in, rsa_msgsize)) {
unsigned long x;
fprintf(stderr, "\nrsa_decrypt_key mismatch, len %lu (second decrypt)\n", len2);
fprintf(stderr, "Original contents: \n");
for (x = 0; x < rsa_msgsize; ) {
fprintf(stderr, "%02x ", in[x]);
if (!(++x % 16)) {
fprintf(stderr, "\n");
}
}
fprintf(stderr, "\n");
fprintf(stderr, "Output contents: \n");
for (x = 0; x < rsa_msgsize; ) {
fprintf(stderr, "%02x ", out[x]);
if (!(++x % 16)) {
fprintf(stderr, "\n");
}
}
fprintf(stderr, "\n");
return 1;
}
}
}
/* encrypt the key (with lparam) */
for (rsa_msgsize = 1; rsa_msgsize <= 86; rsa_msgsize++) {
len = sizeof(out);
len2 = rsa_msgsize;
DO(rsa_encrypt_key(in, rsa_msgsize, out, &len, lparam, sizeof(lparam), &yarrow_prng, prng_idx, hash_idx, &key));
/* change a byte */
out[8] ^= 1;
DO(rsa_decrypt_key(out, len, tmp, &len2, lparam, sizeof(lparam), hash_idx, &stat2, &key));
if (len2 != rsa_msgsize) {
fprintf(stderr, "\nrsa_decrypt_key mismatch len %lu (first decrypt)", len2);
return 1;
}
/* change a byte back */
out[8] ^= 1;
len2 = rsa_msgsize;
DO(rsa_decrypt_key(out, len, tmp, &len2, lparam, sizeof(lparam), hash_idx, &stat, &key));
if (!(stat == 1 && stat2 == 0)) {
fprintf(stderr, "rsa_decrypt_key failed");
return 1;
}
if (len2 != rsa_msgsize || memcmp(tmp, in, rsa_msgsize)) {
fprintf(stderr, "rsa_decrypt_key mismatch len %lu", len2);
return 1;
}
}
/* encrypt the key LTC_PKCS #1 v1.5 (payload from 1 to 117 bytes) */
for (rsa_msgsize = 1; rsa_msgsize <= 117; rsa_msgsize++) {
len = sizeof(out);
len2 = rsa_msgsize;
DO(rsa_encrypt_key_ex(in, rsa_msgsize, out, &len, NULL, 0, &yarrow_prng, prng_idx, 0, LTC_PKCS_1_V1_5, &key));
len2 = rsa_msgsize;
DO(rsa_decrypt_key_ex(out, len, tmp, &len2, NULL, 0, 0, LTC_PKCS_1_V1_5, &stat, &key));
if (!(stat == 1 && stat2 == 0)) {
fprintf(stderr, "rsa_decrypt_key_ex failed, %d, %d", stat, stat2);
return 1;
}
if (len2 != rsa_msgsize || memcmp(tmp, in, rsa_msgsize)) {
fprintf(stderr, "rsa_decrypt_key_ex mismatch len %lu", len2);
return 1;
}
}
/* sign a message (unsalted, lower cholestorol and Atkins approved) now */
len = sizeof(out);
DO(rsa_sign_hash(in, 20, out, &len, &yarrow_prng, prng_idx, hash_idx, 0, &key));
/* export key and import as both private and public */
len2 = sizeof(tmp);
DO(rsa_export(tmp, &len2, PK_PRIVATE, &key));
DO(rsa_import(tmp, len2, &privKey));
len2 = sizeof(tmp);
DO(rsa_export(tmp, &len2, PK_PUBLIC, &key));
DO(rsa_import(tmp, len2, &pubKey));
/* verify with original */
DO(rsa_verify_hash(out, len, in, 20, hash_idx, 0, &stat, &key));
/* change a byte */
in[0] ^= 1;
DO(rsa_verify_hash(out, len, in, 20, hash_idx, 0, &stat2, &key));
if (!(stat == 1 && stat2 == 0)) {
fprintf(stderr, "rsa_verify_hash (unsalted, origKey) failed, %d, %d", stat, stat2);
rsa_free(&key);
rsa_free(&pubKey);
rsa_free(&privKey);
return 1;
}
/* verify with privKey */
/* change a byte */
in[0] ^= 1;
DO(rsa_verify_hash(out, len, in, 20, hash_idx, 0, &stat, &privKey));
/* change a byte */
in[0] ^= 1;
DO(rsa_verify_hash(out, len, in, 20, hash_idx, 0, &stat2, &privKey));
if (!(stat == 1 && stat2 == 0)) {
fprintf(stderr, "rsa_verify_hash (unsalted, privKey) failed, %d, %d", stat, stat2);
rsa_free(&key);
rsa_free(&pubKey);
rsa_free(&privKey);
return 1;
}
/* verify with pubKey */
/* change a byte */
in[0] ^= 1;
DO(rsa_verify_hash(out, len, in, 20, hash_idx, 0, &stat, &pubKey));
/* change a byte */
in[0] ^= 1;
DO(rsa_verify_hash(out, len, in, 20, hash_idx, 0, &stat2, &pubKey));
if (!(stat == 1 && stat2 == 0)) {
fprintf(stderr, "rsa_verify_hash (unsalted, pubkey) failed, %d, %d", stat, stat2);
rsa_free(&key);
rsa_free(&pubKey);
rsa_free(&privKey);
return 1;
}
/* sign a message (salted) now (use privKey to make, pubKey to verify) */
len = sizeof(out);
DO(rsa_sign_hash(in, 20, out, &len, &yarrow_prng, prng_idx, hash_idx, 8, &privKey));
DO(rsa_verify_hash(out, len, in, 20, hash_idx, 8, &stat, &pubKey));
/* change a byte */
in[0] ^= 1;
DO(rsa_verify_hash(out, len, in, 20, hash_idx, 8, &stat2, &pubKey));
if (!(stat == 1 && stat2 == 0)) {
fprintf(stderr, "rsa_verify_hash (salted) failed, %d, %d", stat, stat2);
rsa_free(&key);
rsa_free(&pubKey);
rsa_free(&privKey);
return 1;
}
/* sign a message with LTC_PKCS #1 v1.5 */
len = sizeof(out);
DO(rsa_sign_hash_ex(in, 20, out, &len, LTC_PKCS_1_V1_5, &yarrow_prng, prng_idx, hash_idx, 8, &privKey));
DO(rsa_verify_hash_ex(out, len, in, 20, LTC_PKCS_1_V1_5, hash_idx, 8, &stat, &pubKey));
/* change a byte */
in[0] ^= 1;
DO(rsa_verify_hash_ex(out, len, in, 20, LTC_PKCS_1_V1_5, hash_idx, 8, &stat2, &pubKey));
if (!(stat == 1 && stat2 == 0)) {
fprintf(stderr, "rsa_verify_hash_ex failed, %d, %d", stat, stat2);
rsa_free(&key);
rsa_free(&pubKey);
rsa_free(&privKey);
return 1;
}
/* free the key and return */
rsa_free(&key);
rsa_free(&pubKey);
rsa_free(&privKey);
return 0;
}
void
ponder_move( int side_to_move, int book, int mid, int exact, int wld ) {
EvaluationType eval_info;
HashEntry entry;
double move_start_time, move_stop_time;
int i, j;
int this_move, hash_move;
int expect_count;
int stored_echo;
int best_pv_depth;
int expect_list[64];
int best_pv[61];
/* Disable all time control mechanisms as it's the opponent's
time we're using */
toggle_abort_check( FALSE );
toggle_midgame_abort_check( FALSE );
start_move( 0, 0, disc_count( BLACKSQ ) + disc_count( WHITESQ ) );
clear_ponder_times();
determine_hash_values( side_to_move, board );
reset_counter( &nodes );
/* Find the scores for the moves available to the opponent. */
hash_move = 0;
find_hash( &entry, ENDGAME_MODE );
if ( entry.draft != NO_HASH_MOVE )
hash_move = entry.move[0];
else {
find_hash( &entry, MIDGAME_MODE );
if ( entry.draft != NO_HASH_MOVE )
hash_move = entry.move[0];
}
stored_echo = echo;
echo = FALSE;
(void) compute_move( side_to_move, FALSE, 0, 0, FALSE, FALSE,
MIN( PONDER_DEPTH, mid ), 0, 0, FALSE, &eval_info );
echo = stored_echo;
/* Sort the opponents on the score and push the table move (if any)
to the front of the list */
if ( force_return )
expect_count = 0;
else {
sort_moves( move_count[disks_played] );
(void) float_move( hash_move, move_count[disks_played] );
expect_count = move_count[disks_played];
for ( i = 0; i < expect_count; i++ )
expect_list[i] = move_list[disks_played][i];
#if TEXT_BASED
printf( "%s=%d\n", HASH_MOVE_TEXT, hash_move );
for ( i = 0; i < expect_count; i++ ) {
printf( "%c%c %-6.2f ", TO_SQUARE( move_list[disks_played][i] ),
evals[disks_played][move_list[disks_played][i]] / 128.0 );
if ( (i % 7 == 6) || (i == expect_count - 1) )
puts( "" );
}
#endif
}
/* Go through the expected moves in order and prepare responses. */
best_pv_depth = 0;
for ( i = 0; !force_return && (i < expect_count); i++ ) {
move_start_time = get_real_timer();
set_ponder_move( expect_list[i] );
this_move = expect_list[i];
prefix_move = this_move;
(void) make_move( side_to_move, this_move, TRUE );
(void) compute_move( OPP( side_to_move ), FALSE, 0, 0, TRUE, FALSE,
mid, exact, wld, FALSE, &eval_info );
unmake_move( side_to_move, this_move );
clear_ponder_move();
move_stop_time = get_real_timer();
add_ponder_time( expect_list[i], move_stop_time - move_start_time );
ponder_depth[expect_list[i]] =
MAX( ponder_depth[expect_list[i]], max_depth_reached - 1 );
if ( (i == 0) && !force_return ) { /* Store the PV for the first move */
best_pv_depth = pv_depth[0];
for ( j = 0; j < pv_depth[0]; j++ )
best_pv[j] = pv[0][j];
}
}
/* Make sure the PV looks reasonable when leaving - either by
clearing it altogether or, preferrably, using the stored PV for
the first move if it is available. */
max_depth_reached++;
prefix_move = 0;
if ( best_pv_depth == 0 )
pv_depth[0] = 0;
else {
pv_depth[0] = best_pv_depth + 1;
pv[0][0] = expect_list[0];
for ( i = 0; i < best_pv_depth; i++ )
pv[0][i + 1] = best_pv[i];
}
/* Don't forget to enable the time control mechanisms when leaving */
toggle_abort_check( TRUE );
toggle_midgame_abort_check( TRUE );
}
/**
PKCS #5 self-test
@return CRYPT_OK if successful, CRYPT_NOP if tests have been disabled.
*/
int pkcs_5_test (void)
{
#ifndef LTC_TEST
return CRYPT_NOP;
#else
typedef struct {
const char* P;
unsigned long P_len;
const char* S;
unsigned long S_len;
int c;
unsigned long dkLen;
unsigned char DK[40];
} case_item;
static const case_item cases_5_2[] = {
{
"password",
8,
"salt",
4,
1,
20,
{ 0x0c, 0x60, 0xc8, 0x0f, 0x96, 0x1f, 0x0e, 0x71,
0xf3, 0xa9, 0xb5, 0x24, 0xaf, 0x60, 0x12, 0x06,
0x2f, 0xe0, 0x37, 0xa6 }
},
{
"password",
8,
"salt",
4,
2,
20,
{ 0xea, 0x6c, 0x01, 0x4d, 0xc7, 0x2d, 0x6f, 0x8c,
0xcd, 0x1e, 0xd9, 0x2a, 0xce, 0x1d, 0x41, 0xf0,
0xd8, 0xde, 0x89, 0x57 }
},
#ifdef LTC_TEST_EXT
{
"password",
8,
"salt",
4,
4096,
20,
{ 0x4b, 0x00, 0x79, 0x01, 0xb7, 0x65, 0x48, 0x9a,
0xbe, 0xad, 0x49, 0xd9, 0x26, 0xf7, 0x21, 0xd0,
0x65, 0xa4, 0x29, 0xc1 }
},
{
"password",
8,
"salt",
4,
16777216,
20,
{ 0xee, 0xfe, 0x3d, 0x61, 0xcd, 0x4d, 0xa4, 0xe4,
0xe9, 0x94, 0x5b, 0x3d, 0x6b, 0xa2, 0x15, 0x8c,
0x26, 0x34, 0xe9, 0x84 }
},
{
"passwordPASSWORDpassword",
25,
"saltSALTsaltSALTsaltSALTsaltSALTsalt",
36,
4096,
25,
{ 0x3d, 0x2e, 0xec, 0x4f, 0xe4, 0x1c, 0x84, 0x9b,
0x80, 0xc8, 0xd8, 0x36, 0x62, 0xc0, 0xe4, 0x4a,
0x8b, 0x29, 0x1a, 0x96, 0x4c, 0xf2, 0xf0, 0x70,
0x38 }
},
{
"pass\0word",
9,
"sa\0lt",
5,
4096,
16,
{ 0x56, 0xfa, 0x6a, 0xa7, 0x55, 0x48, 0x09, 0x9d,
0xcc, 0x37, 0xd7, 0xf0, 0x34, 0x25, 0xe0, 0xc3 }
},
#endif /* LTC_TEST_EXT */
};
static const case_item cases_5_1[] = {
{
"password",
8,
"saltsalt", /* must be 8 octects */
8, /* ignored by alg1 */
1,
20,
{ 0xca, 0xb8, 0x6d, 0xd6, 0x26, 0x17, 0x10, 0x89, 0x1e, 0x8c,
0xb5, 0x6e, 0xe3, 0x62, 0x56, 0x91, 0xa7, 0x5d, 0xf3, 0x44 }
},
};
static const case_item cases_5_1o[] = {
{
"password",
8,
"saltsalt", /* must be 8 octects */
8, /* ignored by alg1_openssl */
1,
20,
{ 0xca, 0xb8, 0x6d, 0xd6, 0x26, 0x17, 0x10, 0x89, 0x1e, 0x8c,
0xb5, 0x6e, 0xe3, 0x62, 0x56, 0x91, 0xa7, 0x5d, 0xf3, 0x44 }
},
{
"password",
8,
"saltsalt", /* must be 8 octects */
8, /* ignored by alg1_openssl */
1,
30,
{ 0xca, 0xb8, 0x6d, 0xd6, 0x26, 0x17, 0x10, 0x89, 0x1e, 0x8c,
0xb5, 0x6e, 0xe3, 0x62, 0x56, 0x91, 0xa7, 0x5d, 0xf3, 0x44,
0xf0, 0xbf, 0xf4, 0xc1, 0x2c, 0xf3, 0x59, 0x6f, 0xc0, 0x0b }
}
};
unsigned char DK[40];
unsigned long dkLen;
int i, err;
int tested=0, failed=0;
int hash = find_hash("sha1");
if (hash == -1)
{
#ifdef LTC_TEST_DBG
printf("PKCS#5 test failed: 'sha1' hash not found\n");
#endif
return CRYPT_ERROR;
}
/* testing alg 2 */
for(i=0; i < (int)(sizeof(cases_5_2) / sizeof(cases_5_2[0])); i++) {
++tested;
dkLen = cases_5_2[i].dkLen;
if((err = pkcs_5_alg2((unsigned char*)cases_5_2[i].P, cases_5_2[i].P_len,
(unsigned char*)cases_5_2[i].S, cases_5_2[i].S_len,
cases_5_2[i].c, hash,
DK, &dkLen)) != CRYPT_OK) {
#ifdef LTC_TEST_DBG
printf("\npkcs_5_alg2() #%d: Failed/1 (%s)\n", i, error_to_string(err));
#endif
++failed;
}
else if (compare_testvector(DK, dkLen, cases_5_2[i].DK, cases_5_2[i].dkLen, "PKCS#5_2", i)) {
++failed;
}
}
/* testing alg 1 */
for(i=0; i < (int)(sizeof(cases_5_1) / sizeof(case_item)); i++, tested++) {
dkLen = cases_5_1[i].dkLen;
if((err = pkcs_5_alg1((unsigned char*)cases_5_1[i].P, cases_5_1[i].P_len,
(unsigned char*)cases_5_1[i].S,
cases_5_1[i].c, hash,
DK, &dkLen)) != CRYPT_OK) {
#ifdef LTC_TEST_DBG
printf("\npkcs_5_alg1() #%d: Failed/1 (%s)\n", i, error_to_string(err));
#endif
++failed;
}
else if (compare_testvector(DK, dkLen, cases_5_1[i].DK, cases_5_1[i].dkLen, "PKCS#5_1", i)) {
++failed;
}
}
/* testing alg 1_openssl */
for(i = 0; i < (int)(sizeof(cases_5_1o) / sizeof(cases_5_1o[0])); i++, tested++) {
dkLen = cases_5_1o[i].dkLen;
if ((err = pkcs_5_alg1_openssl((unsigned char*)cases_5_1o[i].P, cases_5_1o[i].P_len,
(unsigned char*)cases_5_1o[i].S,
cases_5_1o[i].c, hash,
DK, &dkLen)) != CRYPT_OK) {
#ifdef LTC_TEST_DBG
printf("\npkcs_5_alg1_openssl() #%d: Failed/1 (%s)\n", i, error_to_string(err));
#endif
++failed;
}
else if (compare_testvector(DK, dkLen, cases_5_1o[i].DK, cases_5_1o[i].dkLen, "PKCS#5_1o", i)) {
++failed;
}
}
return (failed != 0) ? CRYPT_FAIL_TESTVECTOR : CRYPT_OK;
#endif
}
static int sqlcipher_ltc_get_hmac_sz(void *ctx) {
int hash_idx = find_hash("sha1");
return hash_descriptor[hash_idx].hashsize;
}
int dh_tests (void)
{
unsigned char buf[3][4096];
unsigned long x, y, z;
int stat, stat2;
dh_key usera, userb;
DO(dh_test());
/* make up two keys */
DO(dh_make_key (&test_yarrow, find_prng ("yarrow"), 96, &usera));
DO(dh_make_key (&test_yarrow, find_prng ("yarrow"), 96, &userb));
/* make the shared secret */
x = 4096;
DO(dh_shared_secret (&usera, &userb, buf[0], &x));
y = 4096;
DO(dh_shared_secret (&userb, &usera, buf[1], &y));
if (y != x) {
printf ("DH Shared keys are not same size.\n");
return 1;
}
if (memcmp (buf[0], buf[1], x)) {
printf ("DH Shared keys not same contents.\n");
return 1;
}
/* now export userb */
y = 4096;
DO(dh_export (buf[1], &y, PK_PUBLIC, &userb));
dh_free (&userb);
/* import and make the shared secret again */
DO(dh_import (buf[1], y, &userb));
z = 4096;
DO(dh_shared_secret (&usera, &userb, buf[2], &z));
if (z != x) {
printf ("failed. Size don't match?\n");
return 1;
}
if (memcmp (buf[0], buf[2], x)) {
printf ("Failed. Content didn't match.\n");
return 1;
}
dh_free (&usera);
dh_free (&userb);
/* test encrypt_key */
dh_make_key (&test_yarrow, find_prng ("yarrow"), 128, &usera);
for (x = 0; x < 16; x++) {
buf[0][x] = x;
}
y = sizeof (buf[1]);
DO(dh_encrypt_key (buf[0], 16, buf[1], &y, &test_yarrow, find_prng ("yarrow"), find_hash ("md5"), &usera));
zeromem (buf[0], sizeof (buf[0]));
x = sizeof (buf[0]);
DO(dh_decrypt_key (buf[1], y, buf[0], &x, &usera));
if (x != 16) {
printf ("Failed (length)\n");
return 1;
}
for (x = 0; x < 16; x++)
if (buf[0][x] != x) {
printf ("Failed (contents)\n");
return 1;
}
/* test sign_hash */
for (x = 0; x < 16; x++) {
buf[0][x] = x;
}
x = sizeof (buf[1]);
DO(dh_sign_hash (buf[0], 16, buf[1], &x, &test_yarrow , find_prng ("yarrow"), &usera));
DO(dh_verify_hash (buf[1], x, buf[0], 16, &stat, &usera));
buf[0][0] ^= 1;
DO(dh_verify_hash (buf[1], x, buf[0], 16, &stat2, &usera));
if (!(stat == 1 && stat2 == 0)) {
printf("dh_sign/verify_hash %d %d", stat, stat2);
return 1;
}
dh_free (&usera);
return 0;
}
int main(int argc, char **argv)
{
rsa_key rsakey;
char fname[256];
char *hashname;
char expiry[256];
unsigned char buf[4096], rsabuf[2048], md[MAXBLOCKSIZE], sig[512];
unsigned long buflen, rsalen, mdlen, siglen;
FILE *infile;
int i;
int opt_v2 = 0;
int opt_fullkey = 0;
int argoffset = 0;
if (argc < 3) {
fprintf(stderr, "Usage: %s [--fullkey] [--v2 expiry] hashname key_file_name [signed_file_name]\n", argv[0]);
return EXIT_FAILURE;
}
LTC_ARGCHK(register_hash(&sha256_desc) != -1);
LTC_ARGCHK(register_hash(&sha512_desc) != -1);
LTC_ARGCHK(register_hash(&rmd160_desc) != -1);
LTC_ARGCHK(register_hash(&whirlpool_desc) != -1);
LTC_ARGCHK(register_prng(&sprng_desc) != -1);
ltc_mp = tfm_desc;
for ( i=1; i < argc; i++) {
if (strcmp(argv[i], OPT_V2)==0) {
opt_v2 = 1;
strncpy(expiry, argv[i+1], 256);
i++;
argoffset=argoffset+2;
continue;
}
if (strcmp(argv[i], OPT_FULLKEY)==0) {
opt_fullkey = 1;
argoffset++;
continue;
}
/* done! get out softly */
i=argc;
}
hashname = argv[1+argoffset];
/* get hashes of file */
mdlen = sizeof(md);
if ( argc - argoffset > 3) {
DO(hash_file(find_hash(argv[1+argoffset]), argv[3+argoffset], md, &mdlen));
} else {
DO(hash_filehandle(find_hash(argv[1+argoffset]), stdin, md, &mdlen));
}
/* read keyblob and import key from it */
strncpy(fname, argv[2+argoffset], 256);
strncat(fname, ".private", 256);
infile = fopen(fname, "rb");
LTC_ARGCHK(infile != NULL);
buflen = fread(buf, 1, sizeof(buf), infile);
fclose(infile);
/* now try to import the RSA key */
DO(rsa_import(buf, buflen, &rsakey));
/* now sign the hashes */
siglen = sizeof(sig);
DO(rsa_sign_hash(md, mdlen, sig, &siglen, NULL, find_prng("sprng"), find_hash(hashname), 8, &rsakey));
/* open output file */
if (opt_v2==1) {
fprintf(stdout, "sig02: %s ", hashname);
} else {
fprintf(stdout, "sig01: %s ", hashname);
}
/* read keyblob and import key from it */
strncpy(fname, argv[2+argoffset], 256);
strncat(fname, ".public", 256);
infile = fopen(fname, "rb");
LTC_ARGCHK(infile != NULL);
buflen = fread(buf, 1, sizeof(buf), infile);
fclose(infile);
if (opt_fullkey==1) {
i = 0;
} else {
i = buflen-32;
}
for ( ; i < buflen; i++)
fprintf(stdout, "%02x", buf[i]);
fprintf(stdout, " ");
if (opt_v2==1) {
fprintf(stdout, expiry);
fprintf(stdout, " ");
}
for (i = 0; i < siglen; i++)
fprintf(stdout, "%02x", sig[i]);
fprintf(stdout, "\n");
rsa_free(&rsakey);
return EXIT_SUCCESS;
}
/**doc
$TOC_MEMBER $INAME
$INAME( cipherName, hashName [, prngObject] [, PKCSVersion = 1_OAEP] )
Creates a new Asymmetric Cipher object.
$H arguments
$ARG $STR cipherName: is a string that contains the name of the Asymmetric Cipher algorithm:
* rsa
* ecc
* dsa
* katja
$ARG $STR hashName: is the hash that will be used to create the PSS (Probabilistic Signature Scheme) encoding. It should be the same as the hash used to hash the message being signed. See Hash class for available names.
$ARG $OBJ prngObject: is an instantiated Prng object. Its current state will be used for key creation, data encryption/decryption, data signature/signature check. This argument can be ommited if you aim to decrypt data only.
$ARG $STR PKCSVersion: is a string that contains the padding version used by RSA to encrypt/decrypd data:
* 1_V1_5 (for PKCS#1 v1.5 padding)
* 1_OAEP (for PKCS#1 v2.0 encryption padding)
If omitted, the default value is 1_OAEP.
Only RSA use this argument.
$H note
When performing v1.5 encryption, the hash and lparam parameters are totally ignored.
**/
DEFINE_CONSTRUCTOR() { // ( cipherName [, hashName] [, prngObject] [, PKCSVersion] )
JL_DEFINE_ARGS;
AsymmetricCipherPrivate *pv = NULL;
JL_ASSERT_ARGC_MIN( 3 );
JL_ASSERT_CONSTRUCTING();
JL_DEFINE_CONSTRUCTOR_OBJ;
AsymmetricCipherType asymmetricCipher;
{
jl::StrData asymmetricCipherName(cx);
JL_CHK( jl::getValue(cx, JL_ARG(1), &asymmetricCipherName) );
if ( asymmetricCipherName.equals("RSA") )
asymmetricCipher = rsa;
else
if ( asymmetricCipherName.equals("DSA") )
asymmetricCipher = dsa;
else
if ( asymmetricCipherName.equals("ECC") )
asymmetricCipher = ecc;
#ifdef MKAT
else
if ( asymmetricCipherName.equals("KATJA") )
asymmetricCipher = katja;
#endif
else
JL_ERR( E_ARG, E_NUM(1), E_INVALID, E_SEP, E_NAME(asymmetricCipherName), E_NOTSUPPORTED );
}
pv = (AsymmetricCipherPrivate *)jl_malloc(sizeof(AsymmetricCipherPrivate));
JL_CHK( pv );
pv->cipher = asymmetricCipher;
if ( JL_ARG_ISDEF(2) ) {
jl::StrData hashName(cx);
JL_CHK( jl::getValue(cx, JL_ARG(2), &hashName) );
pv->hashIndex = find_hash(hashName);
} else {
pv->hashIndex = -1;
}
if ( argc >= 3 ) {
JL_ASSERT_ARG_IS_OBJECT(3);
JS::RootedObject prngObj(cx, &JL_ARG(3).toObject());
JL_ASSERT_INSTANCE( prngObj, JL_CLASS(Prng) );
JL_CHK( JL_SetReservedSlot( JL_OBJ, ASYMMETRIC_CIPHER_PRNG_SLOT, JL_ARG(3)) );
} else {
JL_CHK( JL_SetReservedSlot(JL_OBJ, ASYMMETRIC_CIPHER_PRNG_SLOT, JL_UNDEFINED) );
}
if ( asymmetricCipher == rsa ) {
if ( JL_ARGC >= 4 && !JL_ARG(4).isUndefined() ) {
jl::StrData paddingName(cx);
JL_CHK( jl::getValue(cx, JL_ARG(4), &paddingName) );
if ( paddingName.equals("1_OAEP") ) {
pv->padding = LTC_LTC_PKCS_1_OAEP;
} else
if ( paddingName.equals("1_V1_5") ) {
pv->padding = LTC_LTC_PKCS_1_V1_5;
} else
JL_ERR( E_ARG, E_NUM(4), E_INVALID, E_SEP, E_NAME(paddingName), E_NOTSUPPORTED );
} else {
pv->padding = LTC_LTC_PKCS_1_OAEP; // default
}
} else {
JL_ASSERT_ARGC_MAX( 3 );
}
pv->hasKey = false;
JL_SetPrivate(JL_OBJ, pv);
return true;
bad:
jl_free(pv);
return false;
}
int pkcs_1_test(void)
{
unsigned char buf[3][128];
int res1, res2, res3, prng_idx, hash_idx;
unsigned long x, y, l1, l2, l3, i1, i2, lparamlen, saltlen, modlen;
static const unsigned char lparam[] = { 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16 };
/* get hash/prng */
hash_idx = find_hash("sha1");
prng_idx = find_prng("yarrow");
if (hash_idx == -1 || prng_idx == -1) {
fprintf(stderr, "pkcs_1 tests require sha1/yarrow");
return 1;
}
/* do many tests */
for (x = 0; x < 100; x++) {
zeromem(buf, sizeof(buf));
/* make a dummy message (of random length) */
l3 = (rand() & 31) + 8;
for (y = 0; y < l3; y++) buf[0][y] = rand() & 255;
/* random modulus len (v1.5 must be multiple of 8 though arbitrary sizes seem to work) */
modlen = 800 + 8 * (abs(rand()) % 28);
/* pick a random lparam len [0..16] */
lparamlen = abs(rand()) % 17;
/* pick a random saltlen 0..16 */
saltlen = abs(rand()) % 17;
/* PKCS #1 v2.0 supports modlens not multiple of 8 */
modlen = 800 + (abs(rand()) % 224);
/* encode it */
l1 = sizeof(buf[1]);
DO(pkcs_1_oaep_encode(buf[0], l3, lparam, lparamlen, modlen, &yarrow_prng, prng_idx, hash_idx, buf[1], &l1));
/* decode it */
l2 = sizeof(buf[2]);
DO(pkcs_1_oaep_decode(buf[1], l1, lparam, lparamlen, modlen, hash_idx, buf[2], &l2, &res1));
if (res1 != 1 || l2 != l3 || memcmp(buf[2], buf[0], l3) != 0) {
fprintf(stderr, "Outsize == %lu, should have been %lu, res1 = %d, lparamlen = %lu, msg contents follow.\n", l2, l3, res1, lparamlen);
fprintf(stderr, "ORIGINAL:\n");
for (x = 0; x < l3; x++) {
fprintf(stderr, "%02x ", buf[0][x]);
}
fprintf(stderr, "\nRESULT:\n");
for (x = 0; x < l2; x++) {
fprintf(stderr, "%02x ", buf[2][x]);
}
fprintf(stderr, "\n\n");
return 1;
}
/* test PSS */
l1 = sizeof(buf[1]);
DO(pkcs_1_pss_encode(buf[0], l3, saltlen, &yarrow_prng, prng_idx, hash_idx, modlen, buf[1], &l1));
DO(pkcs_1_pss_decode(buf[0], l3, buf[1], l1, saltlen, hash_idx, modlen, &res1));
buf[0][i1 = abs(rand()) % l3] ^= 1;
DO(pkcs_1_pss_decode(buf[0], l3, buf[1], l1, saltlen, hash_idx, modlen, &res2));
buf[0][i1] ^= 1;
buf[1][i2 = abs(rand()) % l1] ^= 1;
DO(pkcs_1_pss_decode(buf[0], l3, buf[1], l1, saltlen, hash_idx, modlen, &res3));
if (!(res1 == 1 && res2 == 0 && res3 == 0)) {
fprintf(stderr, "PSS failed: %d, %d, %d, %lu, %lu\n", res1, res2, res3, l3, saltlen);
return 1;
}
}
return 0;
}
int main(int argc, char *argv[])
{
unsigned char plaintext[512],ciphertext[512];
unsigned char tmpkey[512], key[MAXBLOCKSIZE], IV[MAXBLOCKSIZE];
unsigned char inbuf[512]; /* i/o block size */
unsigned long outlen, y, ivsize, x, decrypt;
symmetric_CTR ctr;
int cipher_idx, hash_idx, ks;
char *infile, *outfile, *cipher;
prng_state prng;
FILE *fdin, *fdout;
/* register algs, so they can be printed */
register_algs();
if (argc < 4) {
return usage(argv[0]);
}
if (!strcmp(argv[1], "-d")) {
decrypt = 1;
cipher = argv[2];
infile = argv[3];
outfile = argv[4];
} else {
decrypt = 0;
cipher = argv[1];
infile = argv[2];
outfile = argv[3];
}
/* file handles setup */
fdin = fopen(infile,"rb");
if (fdin == NULL) {
perror("Can't open input for reading");
exit(-1);
}
fdout = fopen(outfile,"wb");
if (fdout == NULL) {
perror("Can't open output for writing");
exit(-1);
}
cipher_idx = find_cipher(cipher);
if (cipher_idx == -1) {
printf("Invalid cipher entered on command line.\n");
exit(-1);
}
hash_idx = find_hash("sha256");
if (hash_idx == -1) {
printf("LTC_SHA256 not found...?\n");
exit(-1);
}
ivsize = cipher_descriptor[cipher_idx].block_length;
ks = hash_descriptor[hash_idx].hashsize;
if (cipher_descriptor[cipher_idx].keysize(&ks) != CRYPT_OK) {
printf("Invalid keysize???\n");
exit(-1);
}
printf("\nEnter key: ");
fgets((char *)tmpkey,sizeof(tmpkey), stdin);
outlen = sizeof(key);
if ((errno = hash_memory(hash_idx,tmpkey,strlen((char *)tmpkey),key,&outlen)) != CRYPT_OK) {
printf("Error hashing key: %s\n", error_to_string(errno));
exit(-1);
}
if (decrypt) {
/* Need to read in IV */
if (fread(IV,1,ivsize,fdin) != ivsize) {
printf("Error reading IV from input.\n");
exit(-1);
}
if ((errno = ctr_start(cipher_idx,IV,key,ks,0,CTR_COUNTER_LITTLE_ENDIAN,&ctr)) != CRYPT_OK) {
printf("ctr_start error: %s\n",error_to_string(errno));
exit(-1);
}
/* IV done */
do {
y = fread(inbuf,1,sizeof(inbuf),fdin);
if ((errno = ctr_decrypt(inbuf,plaintext,y,&ctr)) != CRYPT_OK) {
printf("ctr_decrypt error: %s\n", error_to_string(errno));
exit(-1);
}
if (fwrite(plaintext,1,y,fdout) != y) {
printf("Error writing to file.\n");
exit(-1);
}
} while (y == sizeof(inbuf));
fclose(fdin);
fclose(fdout);
} else { /* encrypt */
/* Setup yarrow for random bytes for IV */
if ((errno = rng_make_prng(128, find_prng("yarrow"), &prng, NULL)) != CRYPT_OK) {
printf("Error setting up PRNG, %s\n", error_to_string(errno));
}
/* You can use rng_get_bytes on platforms that support it */
/* x = rng_get_bytes(IV,ivsize,NULL);*/
x = yarrow_read(IV,ivsize,&prng);
if (x != ivsize) {
printf("Error reading PRNG for IV required.\n");
exit(-1);
}
if (fwrite(IV,1,ivsize,fdout) != ivsize) {
printf("Error writing IV to output.\n");
exit(-1);
}
if ((errno = ctr_start(cipher_idx,IV,key,ks,0,CTR_COUNTER_LITTLE_ENDIAN,&ctr)) != CRYPT_OK) {
printf("ctr_start error: %s\n",error_to_string(errno));
exit(-1);
}
do {
y = fread(inbuf,1,sizeof(inbuf),fdin);
if ((errno = ctr_encrypt(inbuf,ciphertext,y,&ctr)) != CRYPT_OK) {
printf("ctr_encrypt error: %s\n", error_to_string(errno));
exit(-1);
}
if (fwrite(ciphertext,1,y,fdout) != y) {
printf("Error writing to output.\n");
exit(-1);
}
} while (y == sizeof(inbuf));
fclose(fdout);
fclose(fdin);
}
return 0;
}
/**
* Given the id, return the default length
* @param hash the id
* @returns the default length of that hash
*/
int mh_hash_default_length(int hash) {
const struct hash_info *info = find_hash(hash);
return (info != NULL) ? info->length : MH_E_UNKNOWN_CODE;
}
/**
* Given the id, return the hash name
* @param hash the id (such as MH_H_SHA1)
* @returns the name as text, such as "sha1"
*/
const char *mh_hash_name(int hash) {
const struct hash_info *info = find_hash(hash);
return (info != NULL) ? info->name : NULL;
}
// export hash, return result as JSON string
std::string scan_manager_t::export_hash_json(
const std::string& block_hash) const {
// hash fields
uint64_t k_entropy;
std::string block_label;
uint64_t unused_count;
hashdb::source_offsets_t* source_offsets = new hashdb::source_offsets_t;
// scan
bool found_hash = find_hash(block_hash, k_entropy, block_label,
unused_count, *source_offsets);
std::string json_hash_string;
if (found_hash) {
// prepare JSON
rapidjson::Document json_doc;
rapidjson::Document::AllocatorType& allocator = json_doc.GetAllocator();
json_doc.SetObject();
// put in hash data
std::string hex_block_hash = hashdb::bin_to_hex(block_hash);
json_doc.AddMember("block_hash", v(hex_block_hash, allocator), allocator);
json_doc.AddMember("k_entropy", k_entropy, allocator);
json_doc.AddMember("block_label", v(block_label, allocator), allocator);
// put in source_offsets as triplets of file hash, sub_count, offset list
rapidjson::Value json_source_offsets(rapidjson::kArrayType);
for (hashdb::source_offsets_t::const_iterator it =
source_offsets->begin(); it != source_offsets->end(); ++it) {
// file hash
json_source_offsets.PushBack(
v(hashdb::bin_to_hex(it->file_hash), allocator), allocator);
// sub_count
json_source_offsets.PushBack(it->sub_count, allocator);
// file offset array
rapidjson::Value json_file_offsets(rapidjson::kArrayType);
for (std::set<uint64_t>::const_iterator it2 =
it->file_offsets.begin(); it2 != it->file_offsets.end(); ++it2) {
json_file_offsets.PushBack(*it2, allocator);
}
json_source_offsets.PushBack(json_file_offsets, allocator);
}
json_doc.AddMember("source_offsets", json_source_offsets, allocator);
// write JSON text
rapidjson::StringBuffer strbuf;
rapidjson::Writer<rapidjson::StringBuffer> writer(strbuf);
json_doc.Accept(writer);
json_hash_string = strbuf.GetString();
} else {
// clear the source offset pairs string
json_hash_string = "";
}
delete source_offsets;
return json_hash_string;
}
///
/// Search for the provided fdt in the hashlist and return the status of the match.
/// Match on name if possible; otherwise match on just the hash codes.
///
hashlist::searchstatus_t hashlist::search(const file_data_hasher_t *fdht,
file_data_t ** matched_,
bool case_sensitive)
{
// Iterate through each of the hashes in the haslist until we find a match.
for (int alg = 0 ; alg < NUM_ALGORITHMS ; ++alg)
{
// Only search hash functions that are in use and hashes that are in the fdt
if (hashes[alg].inuse==0 || fdht->hash_hex[alg].size()==0)
{
continue;
}
// Find the best match using find_hash
file_data_t *matched = find_hash((hashid_t)alg,
fdht->hash_hex[alg],
fdht->file_name,
fdht->file_number);
if (not matched)
{
// No match
continue;
}
if (matched_)
*matched_ = matched; // note the match
// Verify that all of the other hash functions for *it match fdt as well,
// but only for the cases when we have a hash for both the master file
// and the target file.
for (int j=0 ; j<NUM_ALGORITHMS ; j++)
{
if (hashes[j].inuse and
j != alg and
fdht->hash_hex[j].size() and
matched->hash_hex[j].size())
{
if (fdht->hash_hex[j] != matched->hash_hex[j])
{
// We have found a hash collision for one algorithm, but not all
// of them. For example, MD5(A) == MD5(B), but SHA1(A) != SHA1(B).
// See http://www.win.tue.nl/hashclash/ for a program to create these.
return status_partial_match;
}
}
}
// If we got here we matched on all of the hashes.
// Which is to be expected.
// Check to see if the sizes are the same.
if (fdht->file_bytes != matched->file_bytes)
{
// Amazing. We found two files that have the same hash but different
// file sizes. This has never happened before in the history of the world.
// Call the newspapers!
return status_file_size_mismatch;
}
// See if the hashes are the same but the name changed.
if (case_sensitive)
{
if (fdht->file_name != matched->file_name)
return status_file_name_mismatch;
}
else
{
if (strcasecmp(fdht->file_name.c_str(), matched->file_name.c_str()))
return status_file_name_mismatch;
}
// If we get here, then all of the hash matches for all of the
// algorithms have been checked and found to be equal if present.
return status_match;
}
// If we get here, nothing ever matched.
return status_no_match;
}
int GIF_LZW_compressor(DIB *srcimg,unsigned int numColors,FILE *handle,int interlace)
{
int xdim,ydim,clear,EOI,code,bits,pre,suf,x,y,i,max,bits_color,done,rasterlen;
static short int rasters[768];
stat_bits = 0;
code_in_progress = 0;
LZWpos = 1;
for (i = 0; i < hash; i++)
{
hashtree[i][0] = hashtree[i][1] = hashtree[i][2] = -1;
}
if (handle==NULL)
return 0;
xdim = srcimg->width;
ydim = srcimg->height;
bits_color = max_bits(numColors)-1;
clear = (1 << (bits_color+1)); //powers2[bits_color+2]
EOI = clear+1;
code = EOI+1;
bits = bits_color+2;
max = (1 << bits); //powers2[bits+1]
if (code==max)
{
clear = 4;
EOI = 5;
code = 6;
bits++;
max *= 2;
}
fputc(bits-1, handle);
write_code(handle, bits, clear);
rasterlen = 0;
if (interlace)
{
for (int e=1; e<=5; e+=4)
{
for (int f=e; f<=ydim; f+=8)
{
rasters[rasterlen++] = f;
}
}
for (int e=3; e<=ydim; e+=4)
{
rasters[rasterlen++] = e;
}
for (int e=2; e<=ydim; e+=2)
{
rasters[rasterlen++] = e;
}
}
else
{
for (int e=1; e<=ydim; e++)
rasters[rasterlen++] = e - 1;
}
pre = srcimg->bits[rasters[0] * xdim];
x=1; y=0; done=0;
if (x>=xdim)
{
y++; x=0;
}
while (1)
{
while (1)
{
if (!done)
{
suf = srcimg->bits[rasters[y] * xdim + x];
x++;
if (x>=xdim)
{
y++;
x=0;
if (y>=ydim)
done = 1;
}
i = find_hash(pre,suf);
if (hashtree[i][0]==-1)
break;
else
pre = hashtree[i][0];
}
else
{
write_code(handle,bits,pre);
write_code(handle,bits,EOI);
if (stat_bits)
write_code(handle,bits,0);
LZW[0] = LZWpos - 1;
fwrite(LZW, 1, LZWpos, handle);
fputc(0, handle);
return 1;
}
}
write_code(handle,bits,pre);
hashtree[i][0] = code; hashtree[i][1] = pre; hashtree[i][2] = suf;
pre = suf;
code++;
if (code == max+1)
{
max *= 2;
if (bits == 12)
{
write_code(handle,bits,clear);
for (i = 0; i < hash; i++)
{
hashtree[i][0] = hashtree[i][1] = hashtree[i][2] = -1;
}
code = EOI+1;
bits = bits_color+2;
max = 1 << bits;
if (bits == 2)
{
clear = 4;
EOI = 5;
code = 6;
bits = 3;
max *= 2;
}
}
else
bits++;
}
}
return 0;
}
void*
mmc_map( char* filename, struct stat* sbP, struct timeval* nowP )
{
time_t now;
struct stat sb;
Map* m;
int fd;
/* Stat the file, if necessary. */
if ( sbP != (struct stat*) 0 )
sb = *sbP;
else
{
if ( stat( filename, &sb ) != 0 )
{
syslog( LOG_ERR, "stat - %m" );
return (void*) 0;
}
}
/* Get the current time, if necessary. */
if ( nowP != (struct timeval*) 0 )
now = nowP->tv_sec;
else
now = time( (time_t*) 0 );
/* See if we have it mapped already, via the hash table. */
if ( check_hash_size() < 0 )
{
syslog( LOG_ERR, "check_hash_size() failure" );
return (void*) 0;
}
m = find_hash( sb.st_ino, sb.st_dev, sb.st_size, sb.st_ctime );
if ( m != (Map*) 0 )
{
/* Yep. Just return the existing map */
++m->refcount;
m->reftime = now;
return m->addr;
}
/* Open the file. */
fd = open( filename, O_RDONLY );
if ( fd < 0 )
{
syslog( LOG_ERR, "open - %m" );
return (void*) 0;
}
/* Find a free Map entry or make a new one. */
if ( free_maps != (Map*) 0 )
{
m = free_maps;
free_maps = m->next;
--free_count;
}
else
{
m = (Map*) malloc( sizeof(Map) );
if ( m == (Map*) 0 )
{
(void) close( fd );
syslog( LOG_ERR, "out of memory allocating a Map" );
return (void*) 0;
}
++alloc_count;
}
/* Fill in the Map entry. */
m->ino = sb.st_ino;
m->dev = sb.st_dev;
m->size = sb.st_size;
m->ctime = sb.st_ctime;
m->refcount = 1;
m->reftime = now;
/* Avoid doing anything for zero-length files; some systems don't like
** to mmap them, other systems dislike mallocing zero bytes.
*/
if ( m->size == 0 )
m->addr = (void*) 1; /* arbitrary non-NULL address */
else
{
size_t size_size = (size_t) m->size; /* loses on files >2GB */
#ifdef HAVE_MMAP
/* Map the file into memory. */
m->addr = mmap( 0, size_size, PROT_READ, MAP_PRIVATE, fd, 0 );
if ( m->addr == (void*) -1 && errno == ENOMEM )
{
/* Ooo, out of address space. Free all unreferenced maps
** and try again.
*/
panic();
m->addr = mmap( 0, size_size, PROT_READ, MAP_PRIVATE, fd, 0 );
}
if ( m->addr == (void*) -1 )
{
syslog( LOG_ERR, "mmap - %m" );
(void) close( fd );
free( (void*) m );
--alloc_count;
return (void*) 0;
}
#else /* HAVE_MMAP */
/* Read the file into memory. */
m->addr = (void*) malloc( size_size );
if ( m->addr == (void*) 0 )
{
/* Ooo, out of memory. Free all unreferenced maps
** and try again.
*/
panic();
m->addr = (void*) malloc( size_size );
}
if ( m->addr == (void*) 0 )
{
syslog( LOG_ERR, "out of memory storing a file" );
(void) close( fd );
free( (void*) m );
--alloc_count;
return (void*) 0;
}
if ( httpd_read_fully( fd, m->addr, size_size ) != size_size )
{
syslog( LOG_ERR, "read - %m" );
(void) close( fd );
free( (void*) m );
--alloc_count;
return (void*) 0;
}
#endif /* HAVE_MMAP */
}
(void) close( fd );
/* Put the Map into the hash table. */
if ( add_hash( m ) < 0 )
{
syslog( LOG_ERR, "add_hash() failure" );
free( (void*) m );
--alloc_count;
return (void*) 0;
}
/* Put the Map on the active list. */
m->next = maps;
maps = m;
++map_count;
/* Update the total byte count. */
mapped_bytes += m->size;
/* And return the address. */
return m->addr;
}
int hmac_test(void)
{
#ifndef LTC_TEST
return CRYPT_NOP;
#else
unsigned char digest[MAXBLOCKSIZE];
int i;
static const struct hmac_test_case {
int num;
char *algo;
unsigned char key[128];
unsigned long keylen;
unsigned char data[128];
unsigned long datalen;
unsigned char digest[MAXBLOCKSIZE];
} cases[] = {
/*
3. Test Cases for HMAC-SHA-1
test_case = 1
key = 0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
key_len = 20
data = "Hi Ther 20
digest = 0x4c1a03424b55e07fe7f27be1d58bb9324a9a5a04
digest-96 = 0x4c1a03424b55e07fe7f27be1
*/
{ 5, "sha1",
{0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
0x0c, 0x0c, 0x0c, 0x0c}, 20,
"Test With Truncation", 20,
{0x4c, 0x1a, 0x03, 0x42, 0x4b, 0x55, 0xe0, 0x7f, 0xe7, 0xf2,
0x7b, 0xe1, 0xd5, 0x8b, 0xb9, 0x32, 0x4a, 0x9a, 0x5a, 0x04} },
/*
test_case = 6
key = 0xaa repeated 80 times
key_len = 80
data = "Test Using Larger Than Block-Size Key - Hash Key First"
data_len = 54
digest = 0xaa4ae5e15272d00e95705637ce8a3b55ed402112
*/
{ 6, "sha1",
{0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa}, 80,
"Test Using Larger Than Block-Size Key - Hash Key First", 54,
{0xaa, 0x4a, 0xe5, 0xe1, 0x52, 0x72, 0xd0, 0x0e,
0x95, 0x70, 0x56, 0x37, 0xce, 0x8a, 0x3b, 0x55,
0xed, 0x40, 0x21, 0x12} },
/*
test_case = 7
key = 0xaa repeated 80 times
key_len = 80
data = "Test Using Larger Than Block-Size Key and Larger
Than One Block-Size Data"
data_len = 73
digest = 0xe8e99d0f45237d786d6bbaa7965c7808bbff1a91
*/
{ 7, "sha1",
{0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa}, 80,
"Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data", 73,
{0xe8, 0xe9, 0x9d, 0x0f, 0x45, 0x23, 0x7d, 0x78, 0x6d,
0x6b, 0xba, 0xa7, 0x96, 0x5c, 0x78, 0x08, 0xbb, 0xff, 0x1a, 0x91} },
/*
2. Test Cases for HMAC-MD5
test_case = 1
key = 0x0b 0b 0b 0b
0b 0b 0b 0b
0b 0b 0b 0b
0b 0b 0b 0b
key_len = 16
data = "Hi There"
data_len = 8
digest = 0x92 94 72 7a
36 38 bb 1c
13 f4 8e f8
15 8b fc 9d
*/
{ 1, "md5",
{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 16,
"Hi There", 8,
{0x92, 0x94, 0x72, 0x7a, 0x36, 0x38, 0xbb, 0x1c,
0x13, 0xf4, 0x8e, 0xf8, 0x15, 0x8b, 0xfc, 0x9d} },
/*
test_case = 2
key = "Jefe"
key_len = 4
data = "what do ya want for nothing?"
data_len = 28
digest = 0x750c783e6ab0b503eaa86e310a5db738
*/
{ 2, "md5",
"Jefe", 4,
"what do ya want for nothing?", 28,
{0x75, 0x0c, 0x78, 0x3e, 0x6a, 0xb0, 0xb5, 0x03,
0xea, 0xa8, 0x6e, 0x31, 0x0a, 0x5d, 0xb7, 0x38} },
/*
test_case = 3
key = 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
key_len 16
data = 0xdd repeated 50 times
data_len = 50
digest = 0x56be34521d144c88dbb8c733f0e8b3f6
*/
{ 3, "md5",
{0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa}, 16,
{0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd}, 50,
{0x56, 0xbe, 0x34, 0x52, 0x1d, 0x14, 0x4c, 0x88,
0xdb, 0xb8, 0xc7, 0x33, 0xf0, 0xe8, 0xb3, 0xf6} },
/*
test_case = 4
key = 0x0102030405060708090a0b0c0d0e0f10111213141516171819
key_len 25
data = 0xcd repeated 50 times
data_len = 50
digest = 0x697eaf0aca3a3aea3a75164746ffaa79
*/
{ 4, "md5",
{0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a,
0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14,
0x15, 0x16, 0x17, 0x18, 0x19}, 25,
{0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd}, 50,
{0x69, 0x7e, 0xaf, 0x0a, 0xca, 0x3a, 0x3a, 0xea,
0x3a, 0x75, 0x16, 0x47, 0x46, 0xff, 0xaa, 0x79} },
/*
test_case = 5
key = 0x0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
key_len = 16
data = "Test With Truncation"
data_len = 20
digest = 0x56461ef2342edc00f9bab995690efd4c
digest-96 0x56461ef2342edc00f9bab995
*/
{ 5, "md5",
{0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c,
0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c}, 16,
"Test With Truncation", 20,
{0x56, 0x46, 0x1e, 0xf2, 0x34, 0x2e, 0xdc, 0x00,
0xf9, 0xba, 0xb9, 0x95, 0x69, 0x0e, 0xfd, 0x4c} },
/*
test_case = 6
key = 0xaa repeated 80 times
key_len = 80
data = "Test Using Larger Than Block-Size Key - Hash
Key First"
data_len = 54
digest = 0x6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd
*/
{ 6, "md5",
{0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa}, 80,
"Test Using Larger Than Block-Size Key - Hash Key First", 54,
{0x6b, 0x1a, 0xb7, 0xfe, 0x4b, 0xd7, 0xbf, 0x8f,
0x0b, 0x62, 0xe6, 0xce, 0x61, 0xb9, 0xd0, 0xcd} },
/*
test_case = 7
key = 0xaa repeated 80 times
key_len = 80
data = "Test Using Larger Than Block-Size Key and Larger
Than One Block-Size Data"
data_len = 73
digest = 0x6f630fad67cda0ee1fb1f562db3aa53e
*/
{ 7, "md5",
{0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa}, 80,
"Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data", 73,
{0x6f, 0x63, 0x0f, 0xad, 0x67, 0xcd, 0xa0, 0xee,
0x1f, 0xb1, 0xf5, 0x62, 0xdb, 0x3a, 0xa5, 0x3e} }
};
unsigned long outlen;
int err;
int tested=0,failed=0;
for(i=0; i < (int)(sizeof(cases) / sizeof(cases[0])); i++) {
int hash = find_hash(cases[i].algo);
if (hash == -1) continue;
++tested;
outlen = sizeof(digest);
if((err = hmac_memory(hash, cases[i].key, cases[i].keylen, cases[i].data, cases[i].datalen, digest, &outlen)) != CRYPT_OK) {
#if 0
printf("HMAC-%s test #%d\n", cases[i].algo, cases[i].num);
#endif
return err;
}
if(memcmp(digest, cases[i].digest, (size_t)hash_descriptor[hash].hashsize) != 0) {
#if 0
unsigned int j;
printf("\nHMAC-%s test #%d:\n", cases[i].algo, cases[i].num);
printf( "Result: 0x");
for(j=0; j < hash_descriptor[hash].hashsize; j++) {
printf("%2x ", digest[j]);
}
printf("\nCorrect: 0x");
for(j=0; j < hash_descriptor[hash].hashsize; j++) {
printf("%2x ", cases[i].digest[j]);
}
printf("\n");
#endif
failed++;
//return CRYPT_ERROR;
} else {
/* printf("HMAC-%s test #%d: Passed\n", cases[i].algo, cases[i].num); */
}
}
if (failed != 0) {
return CRYPT_FAIL_TESTVECTOR;
} else if (tested == 0) {
return CRYPT_NOP;
} else {
return CRYPT_OK;
}
#endif
}
int dsa_test(void)
{
unsigned char msg[16], out[1024], out2[1024];
unsigned long x, y;
int stat1, stat2;
dsa_key key, key2;
/* make a random key */
DO(dsa_make_key(&yarrow_prng, find_prng("yarrow"), 20, 128, &key));
/* verify it */
DO(dsa_verify_key(&key, &stat1));
if (stat1 == 0) { fprintf(stderr, "dsa_verify_key "); return 1; }
/* encrypt a message */
for (x = 0; x < 16; x++) { msg[x] = x; }
x = sizeof(out);
DO(dsa_encrypt_key(msg, 16, out, &x, &yarrow_prng, find_prng("yarrow"), find_hash("sha1"), &key));
/* decrypt */
y = sizeof(out2);
DO(dsa_decrypt_key(out, x, out2, &y, &key));
if (y != 16 || memcmp(out2, msg, 16)) {
fprintf(stderr, "dsa_decrypt failed, y == %lu\n", y);
return 1;
}
/* sign the message */
x = sizeof(out);
DO(dsa_sign_hash(msg, sizeof(msg), out, &x, &yarrow_prng, find_prng("yarrow"), &key));
/* verify it once */
DO(dsa_verify_hash(out, x, msg, sizeof(msg), &stat1, &key));
/* Modify and verify again */
msg[0] ^= 1;
DO(dsa_verify_hash(out, x, msg, sizeof(msg), &stat2, &key));
msg[0] ^= 1;
if (!(stat1 == 1 && stat2 == 0)) { fprintf(stderr, "dsa_verify %d %d", stat1, stat2); return 1; }
/* test exporting it */
x = sizeof(out2);
DO(dsa_export(out2, &x, PK_PRIVATE, &key));
DO(dsa_import(out2, x, &key2));
/* verify a signature with it */
DO(dsa_verify_hash(out, x, msg, sizeof(msg), &stat1, &key2));
if (stat1 == 0) { fprintf(stderr, "dsa_verify (import private) %d ", stat1); return 1; }
dsa_free(&key2);
/* export as public now */
x = sizeof(out2);
DO(dsa_export(out2, &x, PK_PUBLIC, &key));
DO(dsa_import(out2, x, &key2));
/* verify a signature with it */
DO(dsa_verify_hash(out, x, msg, sizeof(msg), &stat1, &key2));
if (stat1 == 0) { fprintf(stderr, "dsa_verify (import public) %d ", stat1); return 1; }
dsa_free(&key2);
dsa_free(&key);
return 0;
}
int multi_test(void)
{
unsigned char key[32] = { 0 };
unsigned char buf[2][MAXBLOCKSIZE];
unsigned long len, len2;
/* register algos */
register_hash(&sha256_desc);
register_cipher(&aes_desc);
/* HASH testing */
len = sizeof(buf[0]);
hash_memory(find_hash("sha256"), (unsigned char*)"hello", 5, buf[0], &len);
len2 = sizeof(buf[0]);
hash_memory_multi(find_hash("sha256"), buf[1], &len2, (unsigned char*)"hello", 5, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
len2 = sizeof(buf[0]);
hash_memory_multi(find_hash("sha256"), buf[1], &len2, (unsigned char*)"he", 2UL, "llo", 3UL, NULL, 0);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
len2 = sizeof(buf[0]);
hash_memory_multi(find_hash("sha256"), buf[1], &len2, (unsigned char*)"h", 1UL, "e", 1UL, "l", 1UL, "l", 1UL, "o", 1UL, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
#ifdef LTC_HMAC
len = sizeof(buf[0]);
hmac_memory(find_hash("sha256"), key, 16, (unsigned char*)"hello", 5, buf[0], &len);
len2 = sizeof(buf[0]);
hmac_memory_multi(find_hash("sha256"), key, 16, buf[1], &len2, (unsigned char*)"hello", 5UL, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
len2 = sizeof(buf[0]);
hmac_memory_multi(find_hash("sha256"), key, 16, buf[1], &len2, (unsigned char*)"he", 2UL, "llo", 3UL, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
len2 = sizeof(buf[0]);
hmac_memory_multi(find_hash("sha256"), key, 16, buf[1], &len2, (unsigned char*)"h", 1UL, "e", 1UL, "l", 1UL, "l", 1UL, "o", 1UL, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
#endif
#ifdef LTC_OMAC
len = sizeof(buf[0]);
omac_memory(find_cipher("aes"), key, 16, (unsigned char*)"hello", 5, buf[0], &len);
len2 = sizeof(buf[0]);
omac_memory_multi(find_cipher("aes"), key, 16, buf[1], &len2, (unsigned char*)"hello", 5UL, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
len2 = sizeof(buf[0]);
omac_memory_multi(find_cipher("aes"), key, 16, buf[1], &len2, (unsigned char*)"he", 2UL, "llo", 3UL, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
len2 = sizeof(buf[0]);
omac_memory_multi(find_cipher("aes"), key, 16, buf[1], &len2, (unsigned char*)"h", 1UL, "e", 1UL, "l", 1UL, "l", 1UL, "o", 1UL, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
#endif
#ifdef LTC_PMAC
len = sizeof(buf[0]);
pmac_memory(find_cipher("aes"), key, 16, (unsigned char*)"hello", 5, buf[0], &len);
len2 = sizeof(buf[0]);
pmac_memory_multi(find_cipher("aes"), key, 16, buf[1], &len2, (unsigned char*)"hello", 5, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
len2 = sizeof(buf[0]);
pmac_memory_multi(find_cipher("aes"), key, 16, buf[1], &len2, (unsigned char*)"he", 2UL, "llo", 3UL, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
len2 = sizeof(buf[0]);
pmac_memory_multi(find_cipher("aes"), key, 16, buf[1], &len2, (unsigned char*)"h", 1UL, "e", 1UL, "l", 1UL, "l", 1UL, "o", 1UL, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
#endif
#ifdef LTC_XCBC
len = sizeof(buf[0]);
xcbc_memory(find_cipher("aes"), key, 16, (unsigned char*)"hello", 5, buf[0], &len);
len2 = sizeof(buf[0]);
xcbc_memory_multi(find_cipher("aes"), key, 16, buf[1], &len2, (unsigned char*)"hello", 5, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
len2 = sizeof(buf[0]);
xcbc_memory_multi(find_cipher("aes"), key, 16, buf[1], &len2, (unsigned char*)"he", 2UL, "llo", 3UL, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
len2 = sizeof(buf[0]);
xcbc_memory_multi(find_cipher("aes"), key, 16, buf[1], &len2, (unsigned char*)"h", 1UL, "e", 1UL, "l", 1UL, "l", 1UL, "o", 1UL, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
#endif
#ifdef LTC_F9
len = sizeof(buf[0]);
f9_memory(find_cipher("aes"), key, 16, (unsigned char*)"hello", 5, buf[0], &len);
len2 = sizeof(buf[0]);
f9_memory_multi(find_cipher("aes"), key, 16, buf[1], &len2, (unsigned char*)"hello", 5, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
len2 = sizeof(buf[0]);
f9_memory_multi(find_cipher("aes"), key, 16, buf[1], &len2, (unsigned char*)"he", 2UL, "llo", 3UL, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
len2 = sizeof(buf[0]);
f9_memory_multi(find_cipher("aes"), key, 16, buf[1], &len2, (unsigned char*)"h", 1UL, "e", 1UL, "l", 1UL, "l", 1UL, "o", 1UL, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
#endif
#ifdef LTC_PELICAN
/* TODO: there is no pelican_memory_multi(..) */
#endif
#ifdef LTC_POLY1305
len = sizeof(buf[0]);
poly1305_memory(key, 32, (unsigned char*)"hello", 5, buf[0], &len);
len2 = sizeof(buf[0]);
poly1305_memory_multi(key, 32, buf[1], &len2, (unsigned char*)"hello", 5, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
len2 = sizeof(buf[0]);
poly1305_memory_multi(key, 32, buf[1], &len2, (unsigned char*)"he", 2UL, "llo", 3UL, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
len2 = sizeof(buf[0]);
poly1305_memory_multi(key, 32, buf[1], &len2, (unsigned char*)"h", 1UL, "e", 1UL, "l", 1UL, "l", 1UL, "o", 1UL, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
#endif
#ifdef LTC_BLAKE2SMAC
len = 32;
blake2smac_memory(key, 16, (unsigned char*)"hello", 5, buf[0], &len);
len2 = 32;
blake2smac_memory_multi(key, 16, buf[1], &len2, (unsigned char*)"hello", 5, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
len2 = 32;
blake2smac_memory_multi(key, 16, buf[1], &len2, (unsigned char*)"he", 2UL, "llo", 3UL, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
len2 = 32;
blake2smac_memory_multi(key, 16, buf[1], &len2, (unsigned char*)"h", 1UL, "e", 1UL, "l", 1UL, "l", 1UL, "o", 1UL, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
#endif
#ifdef LTC_BLAKE2BMAC
len = 64;
blake2bmac_memory(key, 16, (unsigned char*)"hello", 5, buf[0], &len);
len2 = 64;
blake2bmac_memory_multi(key, 16, buf[1], &len2, (unsigned char*)"hello", 5, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
len2 = 64;
blake2bmac_memory_multi(key, 16, buf[1], &len2, (unsigned char*)"he", 2UL, "llo", 3UL, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
len2 = 64;
blake2bmac_memory_multi(key, 16, buf[1], &len2, (unsigned char*)"h", 1UL, "e", 1UL, "l", 1UL, "l", 1UL, "o", 1UL, NULL);
if (len != len2 || memcmp(buf[0], buf[1], len)) {
printf("Failed: %d %lu %lu\n", __LINE__, len, len2);
return CRYPT_FAIL_TESTVECTOR;
}
#endif
return CRYPT_OK;
}
