// server Side DH, client's view
DiffieHellman::DiffieHellman(const byte* p, unsigned int pSz, const byte* g,
unsigned int gSz, const byte* pub,
unsigned int pubSz, const RandomPool& random)
: pimpl_(NEW_YS DHImpl(random.pimpl_->RNG_))
{
using TaoCrypt::Integer;
pimpl_->dh_.Initialize(Integer(p, pSz).Ref(), Integer(g, gSz).Ref());
pimpl_->publicKey_ = NEW_YS opaque[pubSz];
memcpy(pimpl_->publicKey_, pub, pubSz);
}
int pkcs12_test()
{
Source cert;
FileSource("../certs/server-cert.pem", cert);
if (cert.size() == 0) {
FileSource("../../certs/server-cert.pem", cert); // for testsuite
if (cert.size() == 0) {
FileSource("../../../certs/server-cert.pem", cert); // Debug dir
if (cert.size() == 0)
err_sys("where's your certs dir?", -109);
}
}
if (GetCert(cert) != 0)
return -110;
Source source;
FileSource("../certs/server.p12", source);
if (source.size() == 0) {
FileSource("../../certs/server.p12", source); // for testsuite
if (source.size() == 0) {
FileSource("../../../certs/server.p12", source); // Debug dir
if (source.size() == 0)
err_sys("where's your certs dir?", -111);
}
}
if (GetPKCS_Cert("password", source) != 0)
return -112;
return 0;
}
int dsa_test()
{
Source source;
FileSource("../certs/dsa512.der", source);
if (source.size() == 0) {
FileSource("../../certs/dsa512.der", source); // for testsuite
if (source.size() == 0) {
FileSource("../../../certs/dsa512.der", source); // win32 Debug dir
if (source.size() == 0)
err_sys("where's your certs dir?", -89);
}
}
const char msg[] = "this is the message";
byte signature[40];
DSA_PrivateKey priv(source);
DSA_Signer signer(priv);
SHA sha;
byte digest[SHA::DIGEST_SIZE];
sha.Update((byte*)msg, sizeof(msg));
sha.Final(digest);
signer.Sign(digest, signature, rng);
byte encoded[sizeof(signature) + 6];
byte decoded[40];
word32 encSz = EncodeDSA_Signature(signer.GetR(), signer.GetS(), encoded);
DecodeDSA_Signature(decoded, encoded, encSz);
DSA_PublicKey pub(priv);
DSA_Verifier verifier(pub);
if (!verifier.Verify(digest, decoded))
return -90;
return 0;
}
int dh_test()
{
Source source;
FileSource("../certs/dh1024.dat", source);
if (source.size() == 0) {
FileSource("../../certs/dh1024.dat", source); // for testsuite
if (source.size() == 0) {
FileSource("../../../certs/dh1024.dat", source); // win32 Debug dir
if (source.size() == 0)
err_sys("where's your certs dir?", -79);
}
}
HexDecoder hDec(source);
DH dh(source);
byte pub[128];
byte priv[128];
byte agree[128];
byte pub2[128];
byte priv2[128];
byte agree2[128];
DH dh2(dh);
dh.GenerateKeyPair(rng, priv, pub);
dh2.GenerateKeyPair(rng, priv2, pub2);
dh.Agree(agree, priv, pub2);
dh2.Agree(agree2, priv2, pub);
if ( memcmp(agree, agree2, dh.GetByteLength()) )
return -80;
return 0;
}
int rsa_test()
{
Source source;
FileSource("../certs/client-key.der", source);
if (source.size() == 0) {
FileSource("../../certs/client-key.der", source); // for testsuite
if (source.size() == 0) {
FileSource("../../../certs/client-key.der", source); // Debug dir
if (source.size() == 0)
err_sys("where's your certs dir?", -79);
}
}
RSA_PrivateKey priv(source);
RSAES_Encryptor enc(priv);
byte message[] = "Everyone gets Friday off.";
const word32 len = (word32)strlen((char*)message);
byte cipher[64];
enc.Encrypt(message, len, cipher, rng);
RSAES_Decryptor dec(priv);
byte plain[64];
dec.Decrypt(cipher, sizeof(plain), plain, rng);
if (memcmp(plain, message, len))
return -70;
dec.SSL_Sign(message, len, cipher, rng);
if (!enc.SSL_Verify(message, len, cipher))
return -71;
// test decode
Source source2;
FileSource("../certs/client-cert.der", source2);
if (source2.size() == 0) {
FileSource("../../certs/client-cert.der", source2); // for testsuite
if (source2.size() == 0) {
FileSource("../../../certs/client-cert.der", source2); // Debug dir
if (source2.size() == 0)
err_sys("where's your certs dir?", -79);
}
}
CertDecoder cd(source2, true, 0, false, CertDecoder::CA);
if (cd.GetError().What())
err_sys("cert error", -80);
Source source3(cd.GetPublicKey().GetKey(), cd.GetPublicKey().size());
RSA_PublicKey pub(source3);
return 0;
}
void taocrypt_test(void* args)
{
((func_args*)args)->return_code = -1; // error state
msg = NEW_TC byte[24];
plain = NEW_TC byte[24];
cipher = NEW_TC byte[24];
memcpy(msg, msgTmp, 24);
int ret = 0;
if ( (ret = sha_test()) )
err_sys("SHA test failed!\n", ret);
else
printf( "SHA test passed!\n");
if ( (ret = sha256_test()) )
err_sys("SHA-256 test failed!\n", ret);
else
printf( "SHA-256 test passed!\n");
if ( (ret = sha224_test()) )
err_sys("SHA-224 test failed!\n", ret);
else
printf( "SHA-224 test passed!\n");
#ifdef WORD64_AVAILABLE
if ( (ret = sha512_test()) )
err_sys("SHA-512 test failed!\n", ret);
else
printf( "SHA-512 test passed!\n");
if ( (ret = sha384_test()) )
err_sys("SHA-384 test failed!\n", ret);
else
printf( "SHA-384 test passed!\n");
#endif
if ( (ret = md5_test()) )
err_sys("MD5 test failed!\n", ret);
else
printf( "MD5 test passed!\n");
if ( (ret = md2_test()) )
err_sys("MD2 test failed!\n", ret);
else
printf( "MD2 test passed!\n");
if ( (ret = md4_test()) )
err_sys("MD4 test failed!\n", ret);
else
printf( "MD4 test passed!\n");
if ( (ret = ripemd_test()) )
err_sys("RIPEMD test failed!\n", ret);
else
printf( "RIPEMD test passed!\n");
if ( ( ret = hmac_test()) )
err_sys("HMAC test failed!\n", ret);
else
printf( "HMAC test passed!\n");
if ( (ret = arc4_test()) )
err_sys("ARC4 test failed!\n", ret);
else
printf( "ARC4 test passed!\n");
if ( (ret = des_test()) )
err_sys("DES test failed!\n", ret);
else
printf( "DES test passed!\n");
if ( (ret = aes_test()) )
err_sys("AES test failed!\n", ret);
else
printf( "AES test passed!\n");
if ( (ret = twofish_test()) )
err_sys("Twofish test failed!\n", ret);
else
printf( "Twofish test passed!\n");
if ( (ret = blowfish_test()) )
err_sys("Blowfish test failed!\n", ret);
else
printf( "Blowfish test passed!\n");
if ( (ret = rsa_test()) )
err_sys("RSA test failed!\n", ret);
else
printf( "RSA test passed!\n");
if ( (ret = dh_test()) )
err_sys("DH test failed!\n", ret);
else
printf( "DH test passed!\n");
if ( (ret = dsa_test()) )
err_sys("DSA test failed!\n", ret);
else
printf( "DSA test passed!\n");
if ( (ret = pwdbased_test()) )
err_sys("PBKDF2 test failed!\n", ret);
else
printf( "PBKDF2 test passed!\n");
/* not ready yet
if ( (ret = pkcs12_test()) )
err_sys("PKCS12 test failed!\n", ret);
else
printf( "PKCS12 test passed!\n");
*/
tcArrayDelete(cipher);
tcArrayDelete(plain);
tcArrayDelete(msg);
((func_args*)args)->return_code = ret;
}
