static int test_answer(const struct ccdigest_info *di, test_vector *vector, void*answer) {
uint8_t *correct_answer = NULL;
if(ccdigest_oid_equal(di, (ccoid_t) CC_DIGEST_OID_MD2)) correct_answer = vector->md2_answer;
else if(ccdigest_oid_equal(di, (ccoid_t) CC_DIGEST_OID_MD4)) correct_answer = vector->md4_answer;
else if(ccdigest_oid_equal(di, (ccoid_t) CC_DIGEST_OID_MD5)) correct_answer = vector->md5_answer;
else if(ccdigest_oid_equal(di, (ccoid_t) CC_DIGEST_OID_SHA1)) correct_answer = vector->sha1_answer;
else if(ccdigest_oid_equal(di, (ccoid_t) CC_DIGEST_OID_SHA224)) correct_answer = vector->sha224_answer;
else if(ccdigest_oid_equal(di, (ccoid_t) CC_DIGEST_OID_SHA256)) correct_answer = vector->sha256_answer;
else if(ccdigest_oid_equal(di, (ccoid_t) CC_DIGEST_OID_SHA384)) correct_answer = vector->sha384_answer;
else if(ccdigest_oid_equal(di, (ccoid_t) CC_DIGEST_OID_SHA512)) correct_answer = vector->sha512_answer;
else if(ccdigest_oid_equal(di, (ccoid_t) CC_DIGEST_OID_RMD128)) correct_answer = vector->rmd128_answer;
else if(ccdigest_oid_equal(di, (ccoid_t) CC_DIGEST_OID_RMD160)) correct_answer = vector->rmd160_answer;
else if(ccdigest_oid_equal(di, (ccoid_t) CC_DIGEST_OID_RMD256)) correct_answer = vector->rmd256_answer;
else correct_answer = vector->rmd320_answer; // hack
byteBuffer answer_bb = bytesToBytes(answer, di->output_size);
if(correct_answer == NULL) {
printByteBuffer(answer_bb, "Answer Provided");
return 1;
}
byteBuffer correct_answer_bb = hexStringToBytes((char *) correct_answer);
ok(bytesAreEqual(correct_answer_bb, answer_bb), "compare memory of answer");
if(bytesAreEqual(correct_answer_bb, answer_bb) == 0) {
printByteBuffer(correct_answer_bb, "Correct Answer");
printByteBuffer(answer_bb, "Provided Answer");
}
free(correct_answer_bb);
free(answer_bb);
return 1;
}
static int test_discreet(const struct ccmode_cbc *cbc, char *mode_name, test_vector *vector) {
uint8_t answer[CMAC_BLOCKSIZE];
uint8_t ctxfrontguard[4096];
cccmac_mode_decl(cbc, cmac);
uint8_t ctxrearguard[4096];
memset(ctxfrontguard, 0xee, 4096);
memset(ctxrearguard, 0xee, 4096);
byteBuffer key = hexStringToBytes(vector->keyStr);
byteBuffer in = hexStringToBytes(vector->inStr);
size_t nblocks = in->len/CMAC_BLOCKSIZE;
size_t partial = in->len%CMAC_BLOCKSIZE;
uint8_t *data = in->bytes;
if(nblocks < 2) nblocks = 0; // must have >= 1 block for final
else if(!partial) nblocks--; // have to have data for final
cccmac_init(cbc, cmac, key->bytes);
ok(guard_ok(ctxfrontguard, 0xee, 4096), "context is safe");
ok(guard_ok(ctxrearguard, 0xee, 4096), "context is safe");
byteBuffer correct_answer_k1 = hexStringToBytes(vector->k1Str);
byteBuffer correct_answer_k2 = hexStringToBytes(vector->k2Str);
byteBuffer answer_k1 = bytesToBytes(cccmac_k1(cmac), 16);
byteBuffer answer_k2 = bytesToBytes(cccmac_k2(cmac), 16);
showBytesAreEqual(correct_answer_k1, answer_k1, "Subkey K1 is correct");
showBytesAreEqual(correct_answer_k2, answer_k2, "Subkey K2 is correct");
for(size_t i=0; i<nblocks; i++) {
cccmac_block_update(cbc, cmac, 1, data);
data+=CMAC_BLOCKSIZE;
}
ok(guard_ok(ctxfrontguard, 0xee, 4096), "context is safe");
ok(guard_ok(ctxrearguard, 0xee, 4096), "context is safe");
cccmac_final(cbc, cmac, in->len - nblocks * CMAC_BLOCKSIZE, data, answer);
ok(guard_ok(ctxfrontguard, 0xee, 4096), "context is safe");
ok(guard_ok(ctxrearguard, 0xee, 4096), "context is safe");
ok(test_answer(mode_name, vector, answer, "discreet calls"), "check answer");
return 1;
}
static int test_answer(char *mode_name, test_vector *vector, void*answer, char *test_type) {
byteBuffer answer_bb = bytesToBytes(answer, CMAC_BLOCKSIZE);
if(vector->outStr == NULL) {
diag("/* CMAC-128 test %d */", vector->cnt);
diag("\t\t\"%s\",\n", bytesToHexString(answer_bb));
return 1;
}
byteBuffer correct_answer_bb = hexStringToBytes((char *) vector->outStr);
ok(bytesAreEqual(correct_answer_bb, answer_bb), "compare memory of answer");
if(bytesAreEqual(correct_answer_bb, answer_bb) == 0) {
diag("Failed Test (%d) for CMAC-128-%s %s\n", vector->cnt, mode_name, test_type);
printByteBuffer(correct_answer_bb, "Correct Answer");
printByteBuffer(answer_bb, "Provided Answer");
}
free(correct_answer_bb);
free(answer_bb);
return 1;
}
int CommonEC(int argc, char *const *argv) {
CCCryptorStatus retval;
size_t keysize;
CCECCryptorRef publicKey, privateKey;
CCECCryptorRef publicKey2;
// byteBuffer keydata, dekeydata;
byteBuffer hash;
char encryptedKey[8192];
size_t encryptedKeyLen = 8192;
// char decryptedKey[8192];
// size_t decryptedKeyLen = 8192;
char signature[8192];
size_t signatureLen = 8192;
char importexport[8192];
size_t importexportLen = 8192;
uint32_t valid;
int accum = 0;
int debug = 0;
plan_tests(kTestTestCount);
keysize = 256;
retval = CCECCryptorGeneratePair(keysize, &publicKey, &privateKey);
if(debug) printf("Keys Generated\n");
ok(retval == 0, "Generate an EC Key Pair");
accum |= retval;
#ifdef ECDH
keydata = hexStringToBytes("000102030405060708090a0b0c0d0e0f");
retval = CCECCryptorWrapKey(publicKey, keydata->bytes, keydata->len, encryptedKey, &encryptedKeyLen, kCCDigestSHA1);
ok(retval == 0, "Wrap Key Data with EC Encryption - ccPKCS1Padding");
accum |= retval;
retval = CCECCryptorUnwrapKey(privateKey, encryptedKey, encryptedKeyLen,
decryptedKey, &decryptedKeyLen);
ok(retval == 0, "Unwrap Key Data with EC Encryption - ccPKCS1Padding");
accum |= retval;
dekeydata = bytesToBytes(decryptedKey, decryptedKeyLen);
ok(bytesAreEqual(dekeydata, keydata), "Round Trip CCECCryptorWrapKey/CCECCryptorUnwrapKey");
accum |= retval;
#endif
hash = hexStringToBytes("000102030405060708090a0b0c0d0e0f");
retval = CCECCryptorSignHash(privateKey,
hash->bytes, hash->len,
signature, &signatureLen);
ok(retval == 0, "EC Signing");
valid = 0;
accum |= retval;
if(debug) printf("Signing Complete\n");
retval = CCECCryptorVerifyHash(publicKey,
hash->bytes, hash->len,
signature, signatureLen, &valid);
ok(retval == 0, "EC Verifying");
accum |= retval;
ok(valid, "EC Validity");
accum |= retval;
if(debug) printf("Verify Complete\n");
// Mess with the sig - see what happens
signature[signatureLen-3] += 3;
retval = CCECCryptorVerifyHash(publicKey,
hash->bytes, hash->len,
signature, signatureLen, &valid);
ok(retval == 0, "EC Verifying");
accum |= retval;
ok(!valid, "EC Invalid Signature");
accum |= retval;
if(debug) printf("Verify2 Complete\n");
encryptedKeyLen = 8192;
retval = CCECCryptorExportPublicKey(publicKey, importexport, &importexportLen);
ok(retval == 0, "EC Export Public Key");
accum |= retval;
retval = CCECCryptorImportPublicKey(importexport, importexportLen, &publicKey2);
ok(retval == 0, "EC Import Public Key");
accum |= retval;
encryptedKeyLen = 8192;
retval = CCECCryptorComputeSharedSecret(privateKey, publicKey, encryptedKey, &encryptedKeyLen);
ok(retval == 0, "EC Shared Secret");
accum |= retval;
return accum;
}
