int doAsymTests( CSSM_CSP_HANDLE cspHand, privAlg palg, CSSM_BOOL refKeys, CSSM_BOOL quiet) { CSSM_ALGORITHMS keyAlg; CSSM_ALGORITHMS sigAlg; CSSM_ALGORITHMS encrAlg; CSSM_ENCRYPT_MODE encrMode; CSSM_PADDING encrPad; uint32 keySizeInBits; const char *keyAlgStr; privAlgToCssm(palg, &keyAlg, &sigAlg, &encrAlg, &encrMode, &encrPad, &keySizeInBits, &keyAlgStr); CSSM_KEY pubKey; CSSM_KEY privKey; int irtn; CSSM_KEYATTR_FLAGS pubKeyAttr = CSSM_KEYATTR_EXTRACTABLE; CSSM_KEYATTR_FLAGS privKeyAttr = CSSM_KEYATTR_EXTRACTABLE; if(refKeys) { pubKeyAttr |= CSSM_KEYATTR_RETURN_REF; privKeyAttr |= CSSM_KEYATTR_RETURN_REF; } else { pubKeyAttr |= CSSM_KEYATTR_RETURN_DATA; privKeyAttr |= CSSM_KEYATTR_RETURN_DATA; } if(!quiet) { printf("...testing %s with %s keys\n", keyAlgStr, refKeys ? "Ref" : "Raw"); printf(" ...verifying empty Dates\n"); } irtn = genKeyPair(cspHand, keyAlg, keyAlgStr, keySizeInBits, &pubKey, pubKeyAttr, CSSM_KEYUSE_ANY, &privKey, privKeyAttr, CSSM_KEYUSE_ANY, quiet, CSSM_FALSE, 0, // no StartDate CSSM_FALSE, 0); // no EndDate if(irtn) { return irtn; } irtn = doEncrypt(cspHand, keyAlgStr, &pubKey, encrAlg, encrMode, encrPad, CSSM_OK, quiet); if(irtn) { printf("***Failure on encrypting with empty Key Dates\n"); return irtn; } irtn = doDecrypt(cspHand, keyAlgStr, &privKey, encrAlg, encrMode, encrPad, DR_BadData, quiet); if(irtn) { printf("***Failure on decrypting with empty Key Dates\n"); return irtn; } irtn = doSign(cspHand, keyAlgStr, &privKey, sigAlg, CSSM_OK, quiet); if(irtn) { printf("***Failure on signing with empty Key Dates\n"); return irtn; } irtn = doVerify(cspHand, keyAlgStr, &pubKey, sigAlg, KD_VERIFY_FAIL_ERR, quiet); if(irtn) { printf("***Failure on verifying with empty Key Dates\n"); return irtn; } cspFreeKey(cspHand, &pubKey); cspFreeKey(cspHand, &privKey); if(!quiet) { printf(" ...verifying Good Dates\n"); } irtn = genKeyPair(cspHand, keyAlg, keyAlgStr, keySizeInBits, &pubKey, pubKeyAttr, CSSM_KEYUSE_ANY, &privKey, privKeyAttr, CSSM_KEYUSE_ANY, quiet, CSSM_TRUE, 0, // StartDate = today CSSM_TRUE, 1); // EndDate = tomorrow if(irtn) { return irtn; } irtn = doEncrypt(cspHand, keyAlgStr, &pubKey, encrAlg, encrMode, encrPad, CSSM_OK, quiet); if(irtn) { printf("***Failure on encrypting with good Key Dates\n"); return irtn; } irtn = doDecrypt(cspHand, keyAlgStr, &privKey, encrAlg, encrMode, encrPad, DR_BadData, quiet); if(irtn) { printf("***Failure on decrypting with Good Key Dates\n"); return irtn; } irtn = doSign(cspHand, keyAlgStr, &privKey, sigAlg, CSSM_OK, quiet); if(irtn) { printf("***Failure on signing with Good Key Dates\n"); return irtn; } irtn = doVerify(cspHand, keyAlgStr, &pubKey, sigAlg, KD_VERIFY_FAIL_ERR, quiet); if(irtn) { printf("***Failure on verifying with Good Key Dates\n"); return irtn; } cspFreeKey(cspHand, &pubKey); cspFreeKey(cspHand, &privKey); if(!quiet) { printf(" ...verifying Bad StartDate\n"); } irtn = genKeyPair(cspHand, keyAlg, keyAlgStr, keySizeInBits, &pubKey, pubKeyAttr, CSSM_KEYUSE_ANY, &privKey, privKeyAttr, CSSM_KEYUSE_ANY, quiet, CSSM_TRUE, 1, // StartDate = tomorrow CSSM_TRUE, 1); // EndDate = tomorrow if(irtn) { return irtn; } irtn = doEncrypt(cspHand, keyAlgStr, &pubKey, encrAlg, encrMode, encrPad, CSSMERR_CSP_APPLE_INVALID_KEY_START_DATE, quiet); if(irtn) { printf("***Failure on encrypting with bad StartDate\n"); return irtn; } irtn = doDecrypt(cspHand, keyAlgStr, &privKey, encrAlg, encrMode, encrPad, DR_BadStartDate, quiet); if(irtn) { printf("***Failure on decrypting with bad StartDate\n"); return irtn; } irtn = doSign(cspHand, keyAlgStr, &privKey, sigAlg, CSSMERR_CSP_APPLE_INVALID_KEY_START_DATE, quiet); if(irtn) { printf("***Failure on signing with bad StartDate\n"); return irtn; } irtn = doVerify(cspHand, keyAlgStr, &pubKey, sigAlg, CSSMERR_CSP_APPLE_INVALID_KEY_START_DATE, quiet); if(irtn) { printf("***Failure on verifying with bad StartDate\n"); return irtn; } cspFreeKey(cspHand, &pubKey); cspFreeKey(cspHand, &privKey); if(!quiet) { printf(" ...verifying Bad EndDate\n"); } irtn = genKeyPair(cspHand, keyAlg, keyAlgStr, keySizeInBits, &pubKey, pubKeyAttr, CSSM_KEYUSE_ANY, &privKey, privKeyAttr, CSSM_KEYUSE_ANY, quiet, CSSM_TRUE, 0, // StartDate = today CSSM_TRUE, -1); // EndDate = yesterday if(irtn) { return irtn; } irtn = doEncrypt(cspHand, keyAlgStr, &pubKey, encrAlg, encrMode, encrPad, CSSMERR_CSP_APPLE_INVALID_KEY_END_DATE, quiet); if(irtn) { printf("***Failure on encrypting with bad EndDate\n"); return irtn; } irtn = doDecrypt(cspHand, keyAlgStr, &privKey, encrAlg, encrMode, encrPad, DR_BadEndDate, quiet); if(irtn) { printf("***Failure on decrypting with bad EndDate\n"); return irtn; } irtn = doSign(cspHand, keyAlgStr, &privKey, sigAlg, CSSMERR_CSP_APPLE_INVALID_KEY_END_DATE, quiet); if(irtn) { printf("***Failure on signing with bad EndDate\n"); return irtn; } irtn = doVerify(cspHand, keyAlgStr, &pubKey, sigAlg, CSSMERR_CSP_APPLE_INVALID_KEY_END_DATE, quiet); if(irtn) { printf("***Failure on verifying with bad EndDate\n"); return irtn; } cspFreeKey(cspHand, &pubKey); cspFreeKey(cspHand, &privKey); return 0; }
int main(int argc, char* argv[]) { int rounds = DEFAULT_ROUNDS, chrTblIndex = 0, c; char *outFile = NULL; char *inFile = NULL; char *encKey = NULL; enum ENCTASK encTask = ENC_ENCRYPT; while ( ( c = getopt(argc, argv, "n:o:t:ved") ) != -1 ) { switch(c) { case 'e': encTask = ENC_ENCRYPT; break; case 'd': encTask = ENC_DECRYPT; break; case 'n': rounds = atoi(optarg); if (rounds < 1) { fprintf(stderr, "Rounds need to be a positive number.\n"); exit(1); } break; case 't': chrTblIndex = atoi(optarg); if (chrTblIndex < 0) { fprintf(stderr, "Character table index cannot be a negative number.\n"); exit(1); } break; case 'o': outFile = (char*) malloc(sizeof(char) * strlen(optarg) + 1); strncpy(outFile, optarg, strlen(optarg)); break; case 'v': verbose = 1; break; case ':': fprintf(stderr, "The option %c requires an argument.\n", optopt); exit(1); break; case '?': showUsage(argv[0]); break; } } if (argv[optind] != NULL) { inFile = (char*) malloc(sizeof(char) * strlen(argv[optind]) + 1); strncpy(inFile, argv[optind], strlen(argv[optind])); } genRandKey(&encKey); doEncrypt(inFile, outFile, rounds, encKey, encTask); if (verbose) { fprintf(stderr, "%s %ld characters out of %ld characters (%ld%%).\n", (encTask == ENC_ENCRYPT) ? "Encrypted" : "Decrypted", cryptedChrCnt, totalChrCnt, (cryptedChrCnt * 100) / totalChrCnt); } if (outFile != NULL) free(outFile); if (inFile != NULL) free(inFile); if (encKey != NULL) free(encKey); return 0; }
int doStoreTests( CSSM_CSP_HANDLE cspHand, // must be CSPDL CSSM_DL_DB_HANDLE dlDbHand, privAlg palg, CSSM_BOOL isAsym, CSSM_BOOL quiet) { CSSM_ALGORITHMS keyAlg; CSSM_ALGORITHMS signAlg; CSSM_ALGORITHMS encrAlg; CSSM_ENCRYPT_MODE encrMode; CSSM_PADDING encrPad; uint32 keySizeInBits; const char *keyAlgStr; privAlgToCssm(palg, &keyAlg, &signAlg, &encrAlg, &encrMode, &encrPad, &keySizeInBits, &keyAlgStr); CSSM_KEY symKey; CSSM_KEY privKey; CSSM_KEY pubKey; int irtn; CSSM_KEY_PTR lookupKey = NULL; // obtained from DB CSSM_KEY_PTR compareKey; // &symKey or &pubKey CT_KeyType lookupType; CSSM_KEYATTR_FLAGS pubKeyAttr = CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE | CSSM_KEYATTR_PERMANENT; CSSM_KEYATTR_FLAGS privKeyAttr = CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_PERMANENT; if(!quiet) { printf("...testing %s key storage\n", keyAlgStr); printf(" ...verifying empty Dates\n"); } if(isAsym) { lookupType = CKT_Public; compareKey = &pubKey; irtn = genKeyPair(cspHand, keyAlg, keyAlgStr, keySizeInBits, &pubKey, pubKeyAttr, CSSM_KEYUSE_ANY, &privKey, privKeyAttr, CSSM_KEYUSE_ANY, quiet, CSSM_FALSE, 0, // no StartDate CSSM_FALSE, 0, // no EndDate &dlDbHand); } else { lookupType = CKT_Session; compareKey = &symKey; irtn = genSymKey(cspHand, &symKey, keyAlg, keyAlgStr, keySizeInBits, CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_PERMANENT, CSSM_KEYUSE_ANY, quiet, CSSM_FALSE, 0, // no StartDate CSSM_FALSE, 0, // no EndDate &dlDbHand); } if(irtn) { return irtn; } /* * fetch stored key from DB, ensure it has same start/end date */ if(fetchStoredKey(dlDbHand, lookupType, compareKey, "Store key with empty Dates", quiet, &lookupKey)) { return 1; } /* quickie test, use it for encrypt */ irtn = doEncrypt(cspHand, keyAlgStr, lookupKey, encrAlg, encrMode, encrPad, CSSM_OK, quiet); if(irtn) { printf("***Failure on encrypt, lookup with empty Key Dates\n"); return irtn; } /* free and delete everything */ if(isAsym) { cspDeleteKey(cspHand, dlDbHand.DLHandle, dlDbHand.DBHandle, &keyLabelData, &pubKey); cspDeleteKey(cspHand, dlDbHand.DLHandle, dlDbHand.DBHandle, &keyLabelData, &privKey); } else { cspDeleteKey(cspHand, dlDbHand.DLHandle, dlDbHand.DBHandle, &keyLabelData, &symKey); } cspFreeKey(cspHand, lookupKey); /*********************/ if(!quiet) { printf(" ...verifying Good Dates\n"); } if(isAsym) { lookupType = CKT_Public; compareKey = &pubKey; irtn = genKeyPair(cspHand, keyAlg, keyAlgStr, keySizeInBits, &pubKey, pubKeyAttr, CSSM_KEYUSE_ANY, &privKey, privKeyAttr, CSSM_KEYUSE_ANY, quiet, CSSM_TRUE, 0, // StartDate = today CSSM_TRUE, 1, // EndDate = tomorrow &dlDbHand); } else { lookupType = CKT_Session; compareKey = &symKey; irtn = genSymKey(cspHand, &symKey, keyAlg, keyAlgStr, keySizeInBits, CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_PERMANENT, CSSM_KEYUSE_ANY, quiet, CSSM_TRUE, 0, // StartDate = today CSSM_TRUE, 1, // EndDate = tomorrow &dlDbHand); } if(irtn) { return irtn; } /* * fetch stored key from DB, ensure it has same start/end date */ if(fetchStoredKey(dlDbHand, lookupType, compareKey, "Store key with Good Dates", quiet, &lookupKey)) { return 1; } /* quickie test, use it for encrypt */ irtn = doEncrypt(cspHand, keyAlgStr, lookupKey, encrAlg, encrMode, encrPad, CSSM_OK, quiet); if(irtn) { printf("***Failure on encrypt, lookup with Good Key Dates\n"); return irtn; } /* free and delete everything */ if(isAsym) { cspDeleteKey(cspHand, dlDbHand.DLHandle, dlDbHand.DBHandle, &keyLabelData, &pubKey); cspDeleteKey(cspHand, dlDbHand.DLHandle, dlDbHand.DBHandle, &keyLabelData, &privKey); } else { cspDeleteKey(cspHand, dlDbHand.DLHandle, dlDbHand.DBHandle, &keyLabelData, &symKey); } cspFreeKey(cspHand, lookupKey); /*********************/ if(!quiet) { printf(" ...verifying Bad StartDate\n"); } if(isAsym) { lookupType = CKT_Public; compareKey = &pubKey; irtn = genKeyPair(cspHand, keyAlg, keyAlgStr, keySizeInBits, &pubKey, pubKeyAttr, CSSM_KEYUSE_ANY, &privKey, privKeyAttr, CSSM_KEYUSE_ANY, quiet, CSSM_TRUE, 1, // StartDate = tomorrow CSSM_TRUE, 1, // EndDate = tomorrow &dlDbHand); } else { lookupType = CKT_Session; compareKey = &symKey; irtn = genSymKey(cspHand, &symKey, keyAlg, keyAlgStr, keySizeInBits, CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_PERMANENT, CSSM_KEYUSE_ANY, quiet, CSSM_TRUE, 1, // StartDate = tomorrow CSSM_TRUE, 1, // EndDate = tomorrow &dlDbHand); } if(irtn) { return irtn; } /* * fetch stored key from DB, ensure it has same start/end date */ if(fetchStoredKey(dlDbHand, lookupType, compareKey, "Store key with Bad StartDate", quiet, &lookupKey)) { return 1; } /* quickie test, use it for encrypt */ irtn = doEncrypt(cspHand, keyAlgStr, lookupKey, encrAlg, encrMode, encrPad, CSSMERR_CSP_APPLE_INVALID_KEY_START_DATE, quiet); if(irtn) { printf("***Failure on encrypt, lookup with Bad Start Dates\n"); return irtn; } /* free and delete everything */ if(isAsym) { cspDeleteKey(cspHand, dlDbHand.DLHandle, dlDbHand.DBHandle, &keyLabelData, &pubKey); cspDeleteKey(cspHand, dlDbHand.DLHandle, dlDbHand.DBHandle, &keyLabelData, &privKey); } else { cspDeleteKey(cspHand, dlDbHand.DLHandle, dlDbHand.DBHandle, &keyLabelData, &symKey); } cspFreeKey(cspHand, lookupKey); /*********************/ if(!quiet) { printf(" ...verifying Bad EndDate\n"); } if(isAsym) { lookupType = CKT_Public; compareKey = &pubKey; irtn = genKeyPair(cspHand, keyAlg, keyAlgStr, keySizeInBits, &pubKey, pubKeyAttr, CSSM_KEYUSE_ANY, &privKey, privKeyAttr, CSSM_KEYUSE_ANY, quiet, CSSM_TRUE, 0, // StartDate = today CSSM_TRUE, -1, // EndDate = yesterday &dlDbHand); } else { lookupType = CKT_Session; compareKey = &symKey; irtn = genSymKey(cspHand, &symKey, keyAlg, keyAlgStr, keySizeInBits, CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_PERMANENT, CSSM_KEYUSE_ANY, quiet, CSSM_TRUE, 0, // StartDate = today CSSM_TRUE, -1, // EndDate = yesterday &dlDbHand); } if(irtn) { return irtn; } /* * fetch stored key from DB, ensure it has same start/end date */ if(fetchStoredKey(dlDbHand, lookupType, compareKey, "Store key with Bad EndDate", quiet, &lookupKey)) { return 1; } /* quickie test, use it for encrypt */ irtn = doEncrypt(cspHand, keyAlgStr, lookupKey, encrAlg, encrMode, encrPad, CSSMERR_CSP_APPLE_INVALID_KEY_END_DATE, quiet); if(irtn) { printf("***Failure on encrypt, lookup with Bad End Dates\n"); return irtn; } /* free and delete everything */ if(isAsym) { cspDeleteKey(cspHand, dlDbHand.DLHandle, dlDbHand.DBHandle, &keyLabelData, &pubKey); cspDeleteKey(cspHand, dlDbHand.DLHandle, dlDbHand.DBHandle, &keyLabelData, &privKey); } else { cspDeleteKey(cspHand, dlDbHand.DLHandle, dlDbHand.DBHandle, &keyLabelData, &symKey); } cspFreeKey(cspHand, lookupKey); return 0; }