bool_t beltTest()
{
octet buf[48];
octet buf1[48];
octet mac[8];
octet mac1[8];
octet hash[32];
octet hash1[32];
u32 key[8];
octet level[12];
octet state[1024];
// создать стек
ASSERT(sizeof(state) >= beltECB_keep());
ASSERT(sizeof(state) >= beltCBC_keep());
ASSERT(sizeof(state) >= beltCFB_keep());
ASSERT(sizeof(state) >= beltCTR_keep());
ASSERT(sizeof(state) >= beltMAC_keep());
ASSERT(sizeof(state) >= beltDWP_keep());
ASSERT(sizeof(state) >= beltKWP_keep());
ASSERT(sizeof(state) >= beltHash_keep());
ASSERT(sizeof(state) >= beltKRP_keep());
ASSERT(sizeof(state) >= beltHMAC_keep());
// тест A.1
memCopy(buf, beltH(), 16);
beltKeyExpand2(key, beltH() + 128, 32);
beltBlockEncr(buf, key);
if (!hexEq(buf,
"69CCA1C93557C9E3D66BC3E0FA88FA6E"))
return FALSE;
// тест A.4
memCopy(buf, beltH() + 64, 16);
beltKeyExpand2(key, beltH() + 128 + 32, 32);
beltBlockDecr(buf, key);
if (!hexEq(buf,
"0DC5300600CAB840B38448E5E993F421"))
return FALSE;
// тест A.6
memCopy(buf, beltH(), 48);
beltECBStart(state, beltH() + 128, 32);
beltECBStepE(buf, 32, state);
beltECBStepE(buf + 32, 48 - 32, state);
if (!hexEq(buf,
"69CCA1C93557C9E3D66BC3E0FA88FA6E"
"5F23102EF109710775017F73806DA9DC"
"46FB2ED2CE771F26DCB5E5D1569F9AB0"))
return FALSE;
beltECBEncr(buf1, beltH(), 48, beltH() + 128, 32);
if (!memEq(buf, buf1, 48))
return FALSE;
// тест A.7
memCopy(buf, beltH(), 47);
beltECBStart(state, beltH() + 128, 32);
beltECBStepE(buf, 16, state);
beltECBStepE(buf + 16, 47 - 16, state);
if (!hexEq(buf,
"69CCA1C93557C9E3D66BC3E0FA88FA"
"6E36F00CFED6D1CA1498C12798F4BE"
"B2075F23102EF109710775017F7380"
"6DA9"))
return FALSE;
beltECBEncr(buf1, beltH(), 47, beltH() + 128, 32);
if (!memEq(buf, buf1, 47))
return FALSE;
// тест A.8
memCopy(buf, beltH() + 64, 48);
beltECBStart(state, beltH() + 128 + 32, 32);
beltECBStepD(buf, 16, state);
beltECBStepD(buf + 16, 48 - 16, state);
if (!hexEq(buf,
"0DC5300600CAB840B38448E5E993F421"
"E55A239F2AB5C5D5FDB6E81B40938E2A"
"54120CA3E6E19C7AD750FC3531DAEAB7"))
return FALSE;
beltECBDecr(buf1, beltH() + 64, 48, beltH() + 128 + 32, 32);
if (!memEq(buf, buf1, 48))
return FALSE;
// тест A.9
memCopy(buf, beltH() + 64, 36);
beltECBStart(state, beltH() + 128 + 32, 32);
beltECBStepD(buf, 36, state);
if (!hexEq(buf,
"0DC5300600CAB840B38448E5E993F421"
"5780A6E2B69EAFBB258726D7B6718523"
"E55A239F"))
return FALSE;
beltECBDecr(buf1, beltH() + 64, 36, beltH() + 128 + 32, 32);
if (!memEq(buf, buf1, 36))
return FALSE;
// тест A.10
memCopy(buf, beltH(), 48);
beltCBCStart(state, beltH() + 128, 32, beltH() + 192);
beltCBCStepE(buf, 32, state);
beltCBCStepE(buf + 32, 48 - 32, state);
if (!hexEq(buf,
"10116EFAE6AD58EE14852E11DA1B8A74"
"5CF2480E8D03F1C19492E53ED3A70F60"
"657C1EE8C0E0AE5B58388BF8A68E3309"))
return FALSE;
beltCBCEncr(buf1, beltH(), 48, beltH() + 128, 32, beltH() + 192);
if (!memEq(buf, buf1, 48))
return FALSE;
// тест A.11
memCopy(buf, beltH(), 36);
beltCBCStart(state, beltH() + 128, 32, beltH() + 192);
beltCBCStepE(buf, 16, state);
beltCBCStepE(buf + 16, 36 - 16, state);
if (!hexEq(buf,
"10116EFAE6AD58EE14852E11DA1B8A74"
"6A9BBADCAF73F968F875DEDC0A44F6B1"
"5CF2480E"))
return FALSE;
beltCBCEncr(buf1, beltH(), 36, beltH() + 128, 32, beltH() + 192);
if (!memEq(buf, buf1, 36))
return FALSE;
// тест A.12
memCopy(buf, beltH() + 64, 48);
beltCBCStart(state, beltH() + 128 + 32, 32, beltH() + 192 + 16);
beltCBCStepD(buf, 16, state);
beltCBCStepD(buf + 16, 48 - 16, state);
if (!hexEq(buf,
"730894D6158E17CC1600185A8F411CAB"
"0471FF85C83792398D8924EBD57D03DB"
"95B97A9B7907E4B020960455E46176F8"))
return FALSE;
beltCBCDecr(buf1, beltH() + 64, 48, beltH() + 128 + 32, 32,
beltH() + 192 + 16);
if (!memEq(buf, buf1, 48))
return FALSE;
// тест A.13
memCopy(buf, beltH() + 64, 36);
beltCBCStart(state, beltH() + 128 + 32, 32, beltH() + 192 + 16);
beltCBCStepD(buf, 16, state);
beltCBCStepD(buf + 16, 36 - 16, state);
if (!hexEq(buf,
"730894D6158E17CC1600185A8F411CAB"
"B6AB7AF8541CF85755B8EA27239F08D2"
"166646E4"))
return FALSE;
beltCBCDecr(buf1, beltH() + 64, 36, beltH() + 128 + 32, 32,
beltH() + 192 + 16);
if (!memEq(buf, buf1, 36))
return FALSE;
// тест A.14
memCopy(buf, beltH(), 48);
beltCFBStart(state, beltH() + 128, 32, beltH() + 192);
beltCFBStepE(buf, 16, state);
beltCFBStepE(buf + 16, 3, state);
beltCFBStepE(buf + 16 + 3, 48 - 16 - 3, state);
if (!hexEq(buf,
"C31E490A90EFA374626CC99E4B7B8540"
"A6E48685464A5A06849C9CA769A1B0AE"
"55C2CC5939303EC832DD2FE16C8E5A1B"))
return FALSE;
beltCFBEncr(buf1, beltH(), 48, beltH() + 128, 32, beltH() + 192);
if (!memEq(buf, buf1, 48))
return FALSE;
// тест A.15
memCopy(buf, beltH() + 64, 48);
beltCFBStart(state, beltH() + 128 + 32, 32, beltH() + 192 + 16);
beltCFBStepD(buf, 15, state);
beltCFBStepD(buf + 15, 7, state);
beltCFBStepD(buf + 15 + 7, 48 - 15 - 7, state);
if (!hexEq(buf,
"FA9D107A86F375EE65CD1DB881224BD0"
"16AFF814938ED39B3361ABB0BF0851B6"
"52244EB06842DD4C94AA4500774E40BB"))
return FALSE;
beltCFBDecr(buf1, beltH() + 64, 48, beltH() + 128 + 32, 32,
beltH() + 192 + 16);
if (!memEq(buf, buf1, 48))
return FALSE;
// тест A.16
memCopy(buf, beltH(), 48);
beltCTRStart(state, beltH() + 128, 32, beltH() + 192);
beltCTRStepE(buf, 15, state);
beltCTRStepE(buf + 15, 7, state);
beltCTRStepE(buf + 15 + 7, 48 - 15 - 7, state);
if (!hexEq(buf,
"52C9AF96FF50F64435FC43DEF56BD797"
"D5B5B1FF79FB41257AB9CDF6E63E81F8"
"F00341473EAE409833622DE05213773A"))
return FALSE;
beltCTR(buf1, beltH(), 48, beltH() + 128, 32, beltH() + 192);
if (!memEq(buf, buf1, 48))
return FALSE;
// тест A.17
beltMACStart(state, beltH() + 128, 32);
beltMACStepA(beltH(), 13, state);
hexTo(buf, "7260DA60138F96C9");
if (!beltMACStepV(buf, state))
return FALSE;
beltMAC(buf1, beltH(), 13, beltH() + 128, 32);
if (!memEq(buf, buf1, 8))
return FALSE;
// тест A.18 [+ инкрементальность]
beltMACStart(state, beltH() + 128, 32);
beltMACStepA(beltH(), 27, state);
beltMACStepG(buf, state);
beltMACStepA(beltH() + 27, 48 - 27, state);
beltMACStepG2(buf, 4, state);
hexTo(buf, "2DAB59771B4B16D0");
if (!beltMACStepV(buf, state) || !beltMACStepV2(buf, 3, state))
return FALSE;
beltMAC(buf1, beltH(), 48, beltH() + 128, 32);
if (!memEq(buf, buf1, 8))
return FALSE;
// тест A.20
beltDWPStart(state, beltH() + 128, 32, beltH() + 192);
memCopy(buf, beltH(), 16);
beltDWPStepE(buf, 16, state);
beltDWPStepI(beltH() + 16, 32, state);
beltDWPStepA(buf, 16, state);
beltDWPStepG(mac, state);
if (!hexEq(buf,
"52C9AF96FF50F64435FC43DEF56BD797"))
return FALSE;
if (!hexEq(mac,
"3B2E0AEB2B91854B"))
return FALSE;
beltDWPWrap(buf1, mac1, beltH(), 16, beltH() + 16, 32,
beltH() + 128, 32, beltH() + 192);
if (!memEq(buf, buf1, 16) || !memEq(mac, mac1, 8))
return FALSE;
// тест A.21
beltDWPStart(state, beltH() + 128 + 32, 32, beltH() + 192 + 16);
memCopy(buf, beltH() + 64, 16);
beltDWPStepI(beltH() + 64 + 16, 32, state);
beltDWPStepA(buf, 16, state);
beltDWPStepD(buf, 16, state);
beltDWPStepG(mac, state);
if (!hexEq(buf,
"DF181ED008A20F43DCBBB93650DAD34B"))
return FALSE;
if (!hexEq(mac,
"6A2C2C94C4150DC0"))
return FALSE;
if (beltDWPUnwrap(buf1, beltH() + 64, 16, beltH() + 64 + 16, 32,
mac, beltH() + 128 + 32, 32, beltH() + 192 + 16) != ERR_OK ||
!memEq(buf, buf1, 16))
return FALSE;
// тест A.22
beltKWPStart(state, beltH() + 128, 32);
memCopy(buf, beltH(), 32);
memCopy(buf + 32, beltH() + 32, 16);
beltKWPStepE(buf, 48, state);
if (!hexEq(buf,
"49A38EE108D6C742E52B774F00A6EF98"
"B106CBD13EA4FB0680323051BC04DF76"
"E487B055C69BCF541176169F1DC9F6C8"))
return FALSE;
beltKWPWrap(buf1, beltH(), 32, beltH() + 32, beltH() + 128, 32);
if (!memEq(buf, buf1, 48))
return FALSE;
// тест A.23
beltKWPStart(state, beltH() + 128 + 32, 32);
memCopy(buf, beltH() + 64, 48);
beltKWPStepD(buf, 48, state);
if (!hexEq(buf,
"92632EE0C21AD9E09A39343E5C07DAA4"
"889B03F2E6847EB152EC99F7A4D9F154"))
return FALSE;
if (!hexEq(buf + 32,
"B5EF68D8E4A39E567153DE13D72254EE"))
return FALSE;
if (beltKWPUnwrap(buf1, beltH() + 64, 48, (octet*)buf + 32,
beltH() + 128 + 32, 32) != ERR_OK ||
!memEq(buf, buf1, 32))
return FALSE;
// тест A.24
beltHashStart(state);
beltHashStepH(beltH(), 13, state);
beltHashStepG(hash, state);
if (!hexEq(hash,
"ABEF9725D4C5A83597A367D14494CC25"
"42F20F659DDFECC961A3EC550CBA8C75"))
return FALSE;
beltHash(hash1, beltH(), 13);
if (!memEq(hash, hash1, 32))
return FALSE;
// тест A.25
beltHashStart(state);
beltHashStepH(beltH(), 32, state);
hexTo(hash,
"749E4C3653AECE5E48DB4761227742EB"
"6DBE13F4A80F7BEFF1A9CF8D10EE7786");
if (!beltHashStepV(hash, state) || !beltHashStepV2(hash, 13, state))
return FALSE;
beltHash(hash1, beltH(), 32);
if (!memEq(hash, hash1, 32))
return FALSE;
// тест A.26 [+ инкрементальность]
beltHashStart(state);
beltHashStepH(beltH(), 11, state);
beltHashStepG2(hash, 32, state);
beltHashStepH(beltH() + 11, 48 - 11, state);
hexTo(hash,
"9D02EE446FB6A29FE5C982D4B13AF9D3"
"E90861BC4CEF27CF306BFB0B174A154A");
if (!beltHashStepV2(hash, 32, state))
return FALSE;
beltHash(hash1, beltH(), 48);
if (!memEq(hash, hash1, 32))
return FALSE;
// тест A.29
memSetZero(level, 12);
level[0] = 1;
beltKRPStart(state, beltH() + 128, 32, level);
beltKRPStepG(buf, 16, beltH() + 32, state);
if (!hexEq(buf,
"6BBBC2336670D31AB83DAA90D52C0541"))
return FALSE;
beltKRP(buf1, 16, beltH() + 128, 32, level, beltH() + 32);
if (!memEq(buf, buf1, 16))
return FALSE;
// тест A.30
beltKRPStepG(buf, 24, beltH() + 32, state);
if (!hexEq(buf,
"9A2532A18CBAF145398D5A95FEEA6C82"
"5B9C197156A00275"))
return FALSE;
beltKRP(buf1, 24, beltH() + 128, 32, level, beltH() + 32);
if (!memEq(buf, buf1, 24))
return FALSE;
// тест A.31
beltKRPStepG(buf, 32, beltH() + 32, state);
if (!hexEq(buf,
"76E166E6AB21256B6739397B672B8796"
"14B81CF05955FC3AB09343A745C48F77"))
return FALSE;
beltKRP(buf1, 32, beltH() + 128, 32, level, beltH() + 32);
if (!memEq(buf, buf1, 32))
return FALSE;
// тест Б.1-1
beltHMACStart(state, beltH() + 128, 29);
beltHMACStepA(beltH() + 128 + 64, 32, state);
beltHMACStepG(hash, state);
if (!hexEq(hash,
"D4828E6312B08BB83C9FA6535A463554"
"9E411FD11C0D8289359A1130E930676B"))
return FALSE;
beltHMAC(hash1, beltH() + 128 + 64, 32, beltH() + 128, 29);
if (!memEq(hash, hash1, 32))
return FALSE;
// тест Б.1-2
beltHMACStart(state, beltH() + 128, 32);
beltHMACStepA(beltH() + 128 + 64, 32, state);
hexTo(hash,
"41FFE8645AEC0612E952D2CDF8DD508F"
"3E4A1D9B53F6A1DB293B19FE76B1879F");
if (!beltHMACStepV(hash, state))
return FALSE;
beltHMAC(hash1, beltH() + 128 + 64, 32, beltH() + 128, 32);
if (!memEq(hash, hash1, 32))
return FALSE;
// тест Б.1-3 [+ икрементальность]
beltHMACStart(state, beltH() + 128, 42);
beltHMACStepA(beltH() + 128 + 64, 17, state);
beltHMACStepG(hash, state);
beltHMACStepG2(hash, 17, state);
beltHMACStepA(beltH() + 128 + 64 + 17, 32 - 17, state);
hexTo(hash,
"7D01B84D2315C332277B3653D7EC6470"
"7EBA7CDFF7FF70077B1DECBD68F2A144");
if (!beltHMACStepV(hash, state) || !beltHMACStepV2(hash, 23, state))
return FALSE;
beltHMAC(hash1, beltH() + 128 + 64, 32, beltH() + 128, 42);
if (!memEq(hash, hash1, 32))
return FALSE;
// все нормально
return TRUE;
}
bool_t g12sTest()
{
g12s_params params[1];
octet buf[G12S_ORDER_SIZE];
octet privkey[G12S_ORDER_SIZE];
octet pubkey[2 * G12S_FIELD_SIZE];
octet hash[64];
octet sig[2 * G12S_ORDER_SIZE];
octet echo[64];
// тест A.1 [загрузка параметров]
if (g12sStdParams(params, "1.2.643.2.2.35.0") != ERR_OK ||
g12sValParams(params) != ERR_OK)
return FALSE;
// тест A.1 [генерация ключей]
hexToRev(buf,
"7A929ADE789BB9BE10ED359DD39A72C1"
"1B60961F49397EEE1D19CE9891EC3B28");
ASSERT(sizeof(echo) >= prngEcho_keep());
prngEchoStart(echo, buf, 32);
if (g12sGenKeypair(privkey, pubkey, params, prngEchoStepR, echo)
!= ERR_OK ||
!hexEqRev(privkey,
"7A929ADE789BB9BE10ED359DD39A72C1"
"1B60961F49397EEE1D19CE9891EC3B28") ||
!hexEqRev(pubkey,
"26F1B489D6701DD185C8413A977B3CBB"
"AF64D1C593D26627DFFB101A87FF77DA"
"7F2B49E270DB6D90D8595BEC458B50C5"
"8585BA1D4E9B788F6689DBD8E56FD80B"))
return FALSE;
// тест A.1 [выработка ЭЦП]
hexTo(hash,
"2DFBC1B372D89A1188C09C52E0EEC61F"
"CE52032AB1022E8E67ECE6672B043EE5");
hexToRev(buf,
"77105C9B20BCD3122823C8CF6FCC7B95"
"6DE33814E95B7FE64FED924594DCEAB3");
if (g12sSign(sig, params, hash, privkey, prngEchoStepR, echo) != ERR_OK ||
!hexEq(sig,
"41AA28D2F1AB148280CD9ED56FEDA419"
"74053554A42767B83AD043FD39DC0493"
"01456C64BA4642A1653C235A98A60249"
"BCD6D3F746B631DF928014F6C5BF9C40"))
return FALSE;
// тест A.1 [проверка ЭЦП]
if (g12sVerify(params, hash, sig, pubkey) != ERR_OK ||
(sig[0] ^= 1, g12sVerify(params, hash, sig, pubkey) == ERR_OK))
return FALSE;
// тест A.2 [загрузка параметров]
if (g12sStdParams(params, "1.2.643.7.1.2.1.2.0") != ERR_OK ||
g12sValParams(params) != ERR_OK)
return FALSE;
// тест A.2 [генерация ключей]
hexToRev(buf,
"0BA6048AADAE241BA40936D47756D7C9"
"3091A0E8514669700EE7508E508B1020"
"72E8123B2200A0563322DAD2827E2714"
"A2636B7BFD18AADFC62967821FA18DD4");
ASSERT(sizeof(echo) >= prngEcho_keep());
prngEchoStart(echo, buf, 64);
if (g12sGenKeypair(privkey, pubkey, params, prngEchoStepR, echo)
!= ERR_OK ||
!hexEqRev(privkey,
"0BA6048AADAE241BA40936D47756D7C9"
"3091A0E8514669700EE7508E508B1020"
"72E8123B2200A0563322DAD2827E2714"
"A2636B7BFD18AADFC62967821FA18DD4") ||
!hexEqRev(pubkey,
"37C7C90CD40B0F5621DC3AC1B751CFA0"
"E2634FA0503B3D52639F5D7FB72AFD61"
"EA199441D943FFE7F0C70A2759A3CDB8"
"4C114E1F9339FDF27F35ECA93677BEEC"
"115DC5BC96760C7B48598D8AB9E740D4"
"C4A85A65BE33C1815B5C320C854621DD"
"5A515856D13314AF69BC5B924C8B4DDF"
"F75C45415C1D9DD9DD33612CD530EFE1"))
return FALSE;
// тест A.2 [выработка ЭЦП]
hexTo(hash,
"3754F3CFACC9E0615C4F4A7C4D8DAB53"
"1B09B6F9C170C533A71D147035B0C591"
"7184EE536593F4414339976C647C5D5A"
"407ADEDB1D560C4FC6777D2972075B8C");
hexToRev(buf,
"0359E7F4B1410FEACC570456C6801496"
"946312120B39D019D455986E364F3658"
"86748ED7A44B3E794434006011842286"
"212273A6D14CF70EA3AF71BB1AE679F1");
if (g12sSign(sig, params, hash, privkey, prngEchoStepR, echo)
!= ERR_OK ||
!hexEq(sig,
"2F86FA60A081091A23DD795E1E3C689E"
"E512A3C82EE0DCC2643C78EEA8FCACD3"
"5492558486B20F1C9EC197C906998502"
"60C93BCBCD9C5C3317E19344E173AE36"
"1081B394696FFE8E6585E7A9362D26B6"
"325F56778AADBC081C0BFBE933D52FF5"
"823CE288E8C4F362526080DF7F70CE40"
"6A6EEB1F56919CB92A9853BDE73E5B4A"))
return FALSE;
// тест A.2 [проверка ЭЦП]
if (g12sVerify(params, hash, sig, pubkey) != ERR_OK ||
(sig[0] ^= 1, g12sVerify(params, hash, sig, pubkey) == ERR_OK))
return FALSE;
// проверить кривую cryptoproA
if (g12sStdParams(params, "1.2.643.2.2.35.1") != ERR_OK ||
g12sValParams(params) != ERR_OK)
return FALSE;
// проверить кривую cryptoproB
if (g12sStdParams(params, "1.2.643.2.2.35.2") != ERR_OK ||
g12sValParams(params) != ERR_OK)
return FALSE;
// проверить кривую cryptoproC
if (g12sStdParams(params, "1.2.643.2.2.35.3") != ERR_OK ||
g12sValParams(params) != ERR_OK)
return FALSE;
// проверить кривую cryptocom
if (g12sStdParams(params, "1.2.643.2.9.1.8.1") != ERR_OK ||
g12sValParams(params) != ERR_OK)
return FALSE;
// проверить кривую paramsetA512
if (g12sStdParams(params, "1.2.643.7.1.2.1.2.1") != ERR_OK ||
g12sValParams(params) != ERR_OK)
return FALSE;
// проверить кривую paramsetB512
if (g12sStdParams(params, "1.2.643.7.1.2.1.2.2") != ERR_OK ||
g12sValParams(params) != ERR_OK)
return FALSE;
// все нормально
return TRUE;
}
bool_t bakeDemo()
{
bign_params params[1];
octet randa[48];
octet randb[48];
octet echoa[64];
octet echob[64];
bake_settings settingsa[1];
bake_settings settingsb[1];
octet da[32];
octet db[32];
octet certdataa[5 + 64];
octet certdatab[3 + 64];
bake_cert certa[1];
bake_cert certb[1];
octet file_data[1024];
file_st filea[1];
file_st fileb[1];
const char pwd[] = "8086";
octet keya[32];
octet keyb[32];
// загрузить долговременные параметры
if (bignStdParams(params, "1.2.112.0.2.0.34.101.45.3.1") != ERR_OK)
return FALSE;
// настроить генераторы
ASSERT(prngEcho_keep() <= sizeof(echoa));
// задать настройки
memSetZero(settingsa, sizeof(bake_settings));
memSetZero(settingsb, sizeof(bake_settings));
settingsa->kca = settingsa->kcb = TRUE;
settingsb->kca = settingsb->kcb = TRUE;
settingsa->rng = settingsb->rng = prngEchoStepR;
settingsa->rng_state = echoa;
settingsb->rng_state = echob;
// загрузить личные ключи
hexTo(da, _da);
hexTo(db, _db);
// загрузить сертификаты
hexTo(certdataa, _certa);
hexTo(certdatab, _certb);
certa->data = certdataa;
certa->len = strLen(_certa) / 2;
certb->data = certdatab;
certb->len = strLen(_certb) / 2;
certa->val = certb->val = certVal;
// тест Б.2
hexTo(randa, _bmqv_randa);
hexTo(randb, _bmqv_randb);
ASSERT(sizeof(file_data) >= sizeof(_bmqv_data) / 2);
hexTo(file_data, _bmqv_data);
if (fileCreate(filea, file_data, strlen(_bmqv_data) / 2) != ERR_OK ||
fileCreate(fileb, file_data, strlen(_bmqv_data) / 2) != ERR_OK)
return FALSE;
prngEchoStart(echoa, randa, strLen(_bmqv_randb) / 2);
prngEchoStart(echob, randb, strLen(_bmqv_randb) / 2);
if (bakeBMQVRunB(keyb, params, settingsb, db, certb, certa,
fileRead, fileWrite, fileb) != ERR_OK ||
bakeBMQVRunA(keya, params, settingsa, da, certa, certb,
fileRead, fileWrite, filea))
return FALSE;
if (!memEq(keya, keyb, 32) ||
!hexEq(keya,
"C6F86D0E468D5EF1A9955B2EE0CF0581"
"050C81D1B47727092408E863C7EEB48C"))
return FALSE;
// тест Б.3
hexTo(randa, _bsts_randa);
hexTo(randb, _bsts_randb);
ASSERT(sizeof(file_data) >= strlen(_bsts_data) / 2);
hexTo(file_data, _bsts_data);
if (fileCreate(filea, file_data, strlen(_bsts_data) / 2) != ERR_OK ||
fileCreate(fileb, file_data, strlen(_bsts_data) / 2) != ERR_OK)
return FALSE;
prngEchoStart(echoa, randa, strLen(_bsts_randb) / 2);
prngEchoStart(echob, randb, strLen(_bsts_randb) / 2);
if (bakeBSTSRunB(keyb, params, settingsb, db, certb, certVal,
fileRead, fileWrite, fileb) != ERR_OK ||
bakeBSTSRunA(keya, params, settingsa, da, certa, certVal,
fileRead, fileWrite, filea))
return FALSE;
if (!memEq(keya, keyb, 32) ||
!hexEq(keya,
"78EF2C56BD6DA2116BB5BEE80CEE5C05"
"394E7609183CF7F76DF0C2DCFB25C4AD"))
return FALSE;
// тест Б.4
hexTo(randa, _bpace_randa);
hexTo(randb, _bpace_randb);
ASSERT(sizeof(file_data) >= strlen(_bsts_data) / 2);
hexTo(file_data, _bpace_data);
if (fileCreate(filea, file_data, strlen(_bpace_data) / 2) != ERR_OK ||
fileCreate(fileb, file_data, strlen(_bpace_data) / 2) != ERR_OK)
return FALSE;
prngEchoStart(echoa, randa, strLen(_bpace_randb) / 2);
prngEchoStart(echob, randb, strLen(_bpace_randb) / 2);
if (bakeBPACERunB(keyb, params, settingsb, (octet*)pwd, strLen(pwd),
fileRead, fileWrite, fileb) != ERR_OK ||
bakeBPACERunA(keya, params, settingsa, (octet*)pwd, strLen(pwd),
fileRead, fileWrite, filea))
return FALSE;
if (!memEq(keya, keyb, 32) ||
!hexEq(keya,
"DAC4D8F411F9C523D28BBAAB32A5270E"
"4DFA1F0F757EF8E0F30AF08FBDE1E7F4"))
return FALSE;
// все нормально
return TRUE;
}
bool_t bakeTest()
{
err_t codea;
err_t codeb;
bign_params params[1];
octet randa[48];
octet randb[48];
octet echoa[64];
octet echob[64];
bake_settings settingsa[1];
bake_settings settingsb[1];
octet da[32];
octet db[32];
octet certdataa[5 /* Alice */ + 64 + 3 /* align */];
octet certdatab[3 /* Bob */ + 64 + 5 /* align */];
bake_cert certa[1];
bake_cert certb[1];
file_msg_st filea[1];
file_msg_st fileb[1];
const char pwd[] = "8086";
octet keya[32];
octet keyb[32];
octet secret[32];
octet iv[64];
// загрузить долговременные параметры
if (bignStdParams(params, "1.2.112.0.2.0.34.101.45.3.1") != ERR_OK)
return FALSE;
// настроить генераторы
ASSERT(prngEcho_keep() <= sizeof(echoa));
// задать настройки
memSetZero(settingsa, sizeof(bake_settings));
memSetZero(settingsb, sizeof(bake_settings));
settingsa->kca = settingsa->kcb = TRUE;
settingsb->kca = settingsb->kcb = TRUE;
settingsa->rng = settingsb->rng = prngEchoStepR;
settingsa->rng_state = echoa;
settingsb->rng_state = echob;
// загрузить личные ключи
hexTo(da, _da);
hexTo(db, _db);
// загрузить сертификаты
hexTo(certdataa, _certa);
hexTo(certdatab, _certb);
certa->data = certdataa;
certa->len = strLen(_certa) / 2;
certb->data = certdatab;
certb->len = strLen(_certb) / 2;
certa->val = certb->val = bakeTestCertVal;
// тест Б.2
hexTo(randa, _bmqv_randa);
hexTo(randb, _bmqv_randb);
fileMsgFlash();
do
{
filea->i = filea->offset = 0;
fileb->i = fileb->offset = 0;
prngEchoStart(echoa, randa, strLen(_bmqv_randb) / 2);
prngEchoStart(echob, randb, strLen(_bmqv_randb) / 2);
codeb = bakeBMQVRunB(keyb, params, settingsb, db, certb, certa,
fileMsgRead, fileMsgWrite, fileb);
if (codeb != ERR_OK && codeb != ERR_FILE_NOT_FOUND)
return FALSE;
codea = bakeBMQVRunA(keya, params, settingsa, da, certa, certb,
fileMsgRead, fileMsgWrite, filea);
if (codea != ERR_OK && codea != ERR_FILE_NOT_FOUND)
return FALSE;
}
while (codea == ERR_FILE_NOT_FOUND || codeb == ERR_FILE_NOT_FOUND);
if (!memEq(keya, keyb, 32) ||
!hexEq(keya,
"C6F86D0E468D5EF1A9955B2EE0CF0581"
"050C81D1B47727092408E863C7EEB48C"))
return FALSE;
// тест Б.3
hexTo(randa, _bsts_randa);
hexTo(randb, _bsts_randb);
fileMsgFlash();
do
{
filea->i = filea->offset = 0;
fileb->i = fileb->offset = 0;
prngEchoStart(echoa, randa, strLen(_bsts_randb) / 2);
prngEchoStart(echob, randb, strLen(_bsts_randb) / 2);
codeb = bakeBSTSRunB(keyb, params, settingsb, db, certb,
bakeTestCertVal, fileMsgRead, fileMsgWrite, fileb);
if (codeb != ERR_OK && codeb != ERR_FILE_NOT_FOUND)
return FALSE;
codea = bakeBSTSRunA(keya, params, settingsa, da, certa,
bakeTestCertVal, fileMsgRead, fileMsgWrite, filea);
if (codea != ERR_OK && codea != ERR_FILE_NOT_FOUND)
return FALSE;
}
while (codea == ERR_FILE_NOT_FOUND || codeb == ERR_FILE_NOT_FOUND);
if (!memEq(keya, keyb, 32) ||
!hexEq(keya,
"78EF2C56BD6DA2116BB5BEE80CEE5C05"
"394E7609183CF7F76DF0C2DCFB25C4AD"))
return FALSE;
// тест Б.4
hexTo(randa, _bpace_randa);
hexTo(randb, _bpace_randb);
fileMsgFlash();
do
{
filea->i = filea->offset = 0;
fileb->i = fileb->offset = 0;
prngEchoStart(echoa, randa, strLen(_bpace_randb) / 2);
prngEchoStart(echob, randb, strLen(_bpace_randb) / 2);
codeb = bakeBPACERunB(keyb, params, settingsb, (const octet*)pwd,
strLen(pwd), fileMsgRead, fileMsgWrite, fileb);
if (codeb != ERR_OK && codeb != ERR_FILE_NOT_FOUND)
return FALSE;
codea = bakeBPACERunA(keya, params, settingsa, (const octet*)pwd,
strLen(pwd), fileMsgRead, fileMsgWrite, filea);
if (codea != ERR_OK && codea != ERR_FILE_NOT_FOUND)
return FALSE;
}
while (codea == ERR_FILE_NOT_FOUND || codeb == ERR_FILE_NOT_FOUND);
if (!memEq(keya, keyb, 32) ||
!hexEq(keya,
"DAC4D8F411F9C523D28BBAAB32A5270E"
"4DFA1F0F757EF8E0F30AF08FBDE1E7F4"))
return FALSE;
// тест bakeKDF (по данным из теста Б.4)
hexTo(secret,
"723356E335ED70620FFB1842752092C3"
"2603EB666040920587D800575BECFC42");
hexTo(iv,
"6B13ACBB086FB87618BCC2EF20A3FA89"
"475654CB367E670A2441730B24B8AB31"
"CD3D6487DC4EEB23456978186A069C71"
"375D75C2DF198BAD1E61EEA0DBBFF737");
if (bakeKDF(keya, secret, 32, iv, 64, 0) != ERR_OK ||
bakeKDF(keyb, secret, 32, iv, 64, 1) != ERR_OK ||
!hexEq(keya,
"DAC4D8F411F9C523D28BBAAB32A5270E"
"4DFA1F0F757EF8E0F30AF08FBDE1E7F4") ||
!hexEq(keyb,
"54AC058284D679CF4C47D3D72651F3E4"
"EF0D61D1D0ED5BAF8FF30B8924E599D8"))
return FALSE;
// тест bakeSWU (по данным из теста Б.4)
hexTo(secret,
"AD1362A8F9A3D42FBE1B8E6F1C88AAD5"
"0F51D91347617C20BD4AB07AEF4F26A1");
if (bakeSWU(iv, params, secret) != ERR_OK ||
!hexEq(iv,
"014417D3355557317D2E2AB6D0875487"
"8D19E8D97B71FDC95DBB2A9B894D16D7"
"7704A0B5CAA9CDA10791E4760671E105"
"0DDEAB7083A7458447866ADB01473810"))
return FALSE;
// все нормально
return TRUE;
}
bool_t oidTest()
{
octet buf[1024];
char str[2048];
char str1[2048];
size_t count;
// length octet 0x00
hexTo(buf, "060000");
if (oidFromDER(0, buf, 3) != SIZE_MAX)
return FALSE;
// length octet 0x80
hexTo(buf, "068000");
if (oidFromDER(0, buf, 3) != SIZE_MAX)
return FALSE;
// length octet 0xFF
hexTo(buf, "06FF00");
if (oidFromDER(0, buf, 3) != SIZE_MAX)
return FALSE;
// invalid type
hexTo(buf, "080100");
if (oidFromDER(0, buf, 3) != SIZE_MAX)
return FALSE;
// illegal padding
hexTo(buf, "06070180808080807F");
if (oidFromDER(0, buf, 9) != SIZE_MAX)
return FALSE;
hexTo(buf, "06028001");
if (oidFromDER(0, buf, 4) != SIZE_MAX)
return FALSE;
hexTo(buf, "0602807F");
if (oidFromDER(0, buf, 4) != SIZE_MAX)
return FALSE;
// MacOS errors
hexTo(buf, "06028100");
if (oidFromDER(str, buf, 4) == SIZE_MAX || !strEq(str, "2.48"))
return FALSE;
hexTo(buf, "06028101");
if (oidFromDER(str, buf, 4) == SIZE_MAX || !strEq(str, "2.49"))
return FALSE;
hexTo(buf, "06028837");
if (oidFromDER(str, buf, 4) == SIZE_MAX || !strEq(str, "2.999"))
return FALSE;
// OpenSSL errors
count = oidToDER(buf, "2.65500");
if (count == SIZE_MAX || oidFromDER(str, buf, count) == SIZE_MAX ||
!strEq(str, "2.65500"))
return FALSE;
// overflow
hexTo(buf, "060981B1D1AF85ECA8804F");
if (oidFromDER(0, buf, 11) != SIZE_MAX)
return FALSE;
if (oidIsValid("2.5.4.4294967299"))
return FALSE;
// belt-hash
count = oidToDER(buf, "1.2.112.0.2.0.34.101.31.81");
if (count != 11 || !hexEq(buf, "06092A7000020022651F51"))
return FALSE;
if (oidFromDER(str, buf, count - 1) != SIZE_MAX)
return FALSE;
if (oidFromDER(0, buf, count + 1) != SIZE_MAX)
return FALSE;
// длинная длина
strCopy(str1, "1.2.3456.78910.11121314.15161718.19202122.23242526."
"27282930.31323334.35363738.1.2.3.4.5.6.7.8.9.10.11.12.13.14.15.16.17.18."
"19.20.21.22.23.24.25.26.27.28.29.30.31.32.33.34.35.36.37.38.39.40.41.42."
"43.44.45.46.47.48.49.50.51.52.53.54.55.56.57.58.59.60.61.62.63.64.65.66."
"19.20.21.22.23.24.25.26.27.28.29.30.31.32.33.34.35.36.37.38.39.40.41.42."
"43.44.45.46.47.48.49.50.51.52.53.54.55.56.57.58.59.60.61.62.63.64.65.66."
"19.20.21.22.23.24.25.26.27.28.29.30.31.32.33.34.35.36.37.38.39.40.41.42."
"43.44.45.46.47.48.49.50.51.52.53.54.55.56.57.58.59.60.61.62.63.64.65.66");
count = oidToDER(buf, str1);
oidFromDER(str, buf, count);
if (!strEq(str, str1))
return FALSE;
str1[strLen(str1)] = '.';
strCopy(str1 + strLen(str) + 1, str);
count = oidToDER(buf, str1);
oidFromDER(str, buf, count);
if (!strEq(str, str1))
return FALSE;
// все нормально
return TRUE;
}
