virtual bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
{
TestData::const_iterator i = m_data.find(name);
if (i == m_data.end())
return false;
const std::string &value = i->second;
if (valueType == typeid(int))
*reinterpret_cast<int *>(pValue) = atoi(value.c_str());
else if (valueType == typeid(Integer))
*reinterpret_cast<Integer *>(pValue) = Integer((std::string(value) + "h").c_str());
else if (valueType == typeid(ConstByteArrayParameter))
{
m_temp.resize(0);
PutDecodedDatumInto(m_data, name, StringSink(m_temp).Ref());
reinterpret_cast<ConstByteArrayParameter *>(pValue)->Assign((const byte *)m_temp.data(), m_temp.size(), true);
}
else if (valueType == typeid(const byte *))
{
m_temp.resize(0);
PutDecodedDatumInto(m_data, name, StringSink(m_temp).Ref());
*reinterpret_cast<const byte * *>(pValue) = (const byte *)m_temp.data();
}
else
throw ValueTypeMismatch(name, typeid(std::string), valueType);
return true;
}
ustring PubAddr::getPubOfPriv(ustring priv)
{
OID CURVE = secp256k1();
ECIES < ECP >::PrivateKey privK;
Integer x;
x.Decode(priv.c_str(), priv.size());
privK.Initialize(CURVE, x);
ECIES<ECP>::PublicKey pub;
privK.MakePublicKey(pub);
string encoded;
int len = pub.GetPublicElement().x.MinEncodedSize();
pub.GetPublicElement().x.Encode(StringSink(encoded).Ref(), len);
len = pub.GetPublicElement().y.MinEncodedSize();
pub.GetPublicElement().y.Encode(StringSink(encoded).Ref(), len);
ustring ret;
ret += 0x04;
ret.fromString(encoded);
return ret;
}
std::string GetOptionalDecodedDatum(const TestData &data, const char *name)
{
std::string s;
if (DataExists(data, name))
PutDecodedDatumInto(data, name, StringSink(s).Ref());
return s;
}
std::string GetDecodedDatum(const TestData &data, const char *name)
{
std::string s;
PutDecodedDatumInto(data, name, StringSink(s).Ref());
return s;
}
void FIPS140_SampleApplication()
{
if (!FIPS_140_2_ComplianceEnabled())
{
cerr << "FIPS 140-2 compliance was turned off at compile time.\n";
abort();
}
// check self test status
if (GetPowerUpSelfTestStatus() != POWER_UP_SELF_TEST_PASSED)
{
cerr << "Automatic power-up self test failed.\n";
abort();
}
cout << "0. Automatic power-up self test passed.\n";
// simulate a power-up self test error
SimulatePowerUpSelfTestFailure();
try
{
// trying to use a crypto algorithm after power-up self test error will result in an exception
AES::Encryption aes;
// should not be here
cerr << "Use of AES failed to cause an exception after power-up self test error.\n";
abort();
}
catch (SelfTestFailure &e)
{
cout << "1. Caught expected exception when simulating self test failure. Exception message follows: ";
cout << e.what() << endl;
}
// clear the self test error state and redo power-up self test
DoDllPowerUpSelfTest();
if (GetPowerUpSelfTestStatus() != POWER_UP_SELF_TEST_PASSED)
{
cerr << "Re-do power-up self test failed.\n";
abort();
}
cout << "2. Re-do power-up self test passed.\n";
// encrypt and decrypt
const byte key[] = {0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
const byte iv[] = {0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef};
const byte plaintext[] = { // "Now is the time for all " without tailing 0
0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20};
byte ciphertext[24];
byte decrypted[24];
CFB_FIPS_Mode<DES_EDE3>::Encryption encryption_DES_EDE3_CFB;
encryption_DES_EDE3_CFB.SetKeyWithIV(key, sizeof(key), iv);
encryption_DES_EDE3_CFB.ProcessString(ciphertext, plaintext, 23);
CFB_FIPS_Mode<DES_EDE3>::Decryption decryption_DES_EDE3_CFB;
decryption_DES_EDE3_CFB.SetKeyWithIV(key, sizeof(key), iv);
decryption_DES_EDE3_CFB.ProcessString(decrypted, ciphertext, 24);
if (memcmp(plaintext, decrypted, 24) != 0)
{
cerr << "DES-EDE3-CFB Encryption/decryption failed.\n";
abort();
}
cout << "3. DES-EDE3-CFB Encryption/decryption succeeded.\n";
// hash
const byte message[] = {'a', 'b', 'c'};
const byte expectedDigest[] = {0xA9,0x99,0x3E,0x36,0x47,0x06,0x81,0x6A,0xBA,0x3E,0x25,0x71,0x78,0x50,0xC2,0x6C,0x9C,0xD0,0xD8,0x9D};
byte digest[20];
SHA1 sha;
sha.Update(message, 3);
sha.Final(digest);
if (memcmp(digest, expectedDigest, 20) != 0)
{
cerr << "SHA-1 hash failed.\n";
abort();
}
cout << "4. SHA-1 hash succeeded.\n";
// create auto-seeded X9.17 RNG object, if available
#ifdef OS_RNG_AVAILABLE
AutoSeededX917RNG<DES_EDE3> rng;
#else
// this is used to allow this function to compile on platforms that don't have auto-seeded RNGs
RandomNumberGenerator &rng(NullRNG());
#endif
// generate DSA key
DSA::PrivateKey dsaPrivateKey;
dsaPrivateKey.GenerateRandomWithKeySize(rng, 1024);
DSA::PublicKey dsaPublicKey;
dsaPublicKey.AssignFrom(dsaPrivateKey);
if (!dsaPrivateKey.Validate(rng, 3) || !dsaPublicKey.Validate(rng, 3))
{
cerr << "DSA key generation failed.\n";
abort();
}
cout << "5. DSA key generation succeeded.\n";
// encode DSA key
std::string encodedDsaPublicKey, encodedDsaPrivateKey;
dsaPublicKey.DEREncode(StringSink(encodedDsaPublicKey).Ref());
dsaPrivateKey.DEREncode(StringSink(encodedDsaPrivateKey).Ref());
// decode DSA key
DSA::PrivateKey decodedDsaPrivateKey;
decodedDsaPrivateKey.BERDecode(StringStore(encodedDsaPrivateKey).Ref());
DSA::PublicKey decodedDsaPublicKey;
decodedDsaPublicKey.BERDecode(StringStore(encodedDsaPublicKey).Ref());
if (!decodedDsaPrivateKey.Validate(rng, 3) || !decodedDsaPublicKey.Validate(rng, 3))
{
cerr << "DSA key encode/decode failed.\n";
abort();
}
cout << "6. DSA key encode/decode succeeded.\n";
// sign and verify
byte signature[40];
DSA::Signer signer(dsaPrivateKey);
assert(signer.SignatureLength() == 40);
signer.SignMessage(rng, message, 3, signature);
DSA::Verifier verifier(dsaPublicKey);
if (!verifier.VerifyMessage(message, 3, signature, sizeof(signature)))
{
cerr << "DSA signature and verification failed.\n";
abort();
}
cout << "7. DSA signature and verification succeeded.\n";
// try to verify an invalid signature
signature[0] ^= 1;
if (verifier.VerifyMessage(message, 3, signature, sizeof(signature)))
{
cerr << "DSA signature verification failed to detect bad signature.\n";
abort();
}
cout << "8. DSA signature verification successfully detected bad signature.\n";
// try to use an invalid key length
try
{
ECB_Mode<DES_EDE3>::Encryption encryption_DES_EDE3_ECB;
encryption_DES_EDE3_ECB.SetKey(key, 5);
// should not be here
cerr << "DES-EDE3 implementation did not detect use of invalid key length.\n";
abort();
}
catch (InvalidArgument &e)
{
cout << "9. Caught expected exception when using invalid key length. Exception message follows: ";
cout << e.what() << endl;
}
cout << "\nFIPS 140-2 Sample Application completed normally.\n";
}
int Addr::generateDeterministic(ustring passphrase, int nonce)
{
int nonce_old = nonce;
int stream = 1;
int version = 4;
OID CURVE = secp256k1();
AutoSeededRandomPool rng;
ECIES<ECP>::PrivateKey privE, privS;
ustring pubSKey;
ustring pubEKey;
string encoded;
size_t len;
byte digest2[CryptoPP::RIPEMD160::DIGESTSIZE];
int zeros = 0;
do
{
CryptoPP::SHA512 hash;
byte digest[CryptoPP::SHA512::DIGESTSIZE];
ustring passP = passphrase;
passP.appendVarInt_B(nonce++);
hash.CalculateDigest(digest, (byte*)passP.c_str(), passP.size());
Integer x;
x.Decode(digest, 32); //first 32 bytes
privS.Initialize(CURVE, x);
passP = passphrase;
passP.appendVarInt_B(nonce++);
hash.CalculateDigest(digest, (byte*)passP.c_str(), passP.size());
x.Decode(digest, 32);
privE.Initialize(CURVE, x);
ECIES<ECP>::PublicKey pubE, pubS;
privE.MakePublicKey(pubE);
privS.MakePublicKey(pubS);
encoded.clear();
len = pubE.GetPublicElement().x.MinEncodedSize();
pubE.GetPublicElement().x.Encode(StringSink(encoded).Ref(), len);
len = pubE.GetPublicElement().y.MinEncodedSize();
pubE.GetPublicElement().y.Encode(StringSink(encoded).Ref(), len);
pubEKey.clear();
pubEKey += 0x04;
pubEKey.fromString(encoded);
encoded.clear();
len = pubS.GetPublicElement().x.MinEncodedSize();
pubS.GetPublicElement().x.Encode(StringSink(encoded).Ref(), len);
len = pubS.GetPublicElement().y.MinEncodedSize();
pubS.GetPublicElement().y.Encode(StringSink(encoded).Ref(), len);
pubSKey.clear();
pubSKey += 0x04;
pubSKey.fromString(encoded);
memset(digest, 0, SHA512::DIGESTSIZE);
ustring buffer;
buffer += pubSKey;
buffer += pubEKey;
hash.CalculateDigest(digest, (byte*)buffer.c_str(), buffer.length());
CryptoPP::RIPEMD160 hash2;
memset(digest2, 0x00, 20);
hash2.CalculateDigest(digest2, digest, sizeof digest);
while (digest2[zeros] == 0x00)
zeros++;
} while (zeros == 0);
encoded.clear();
len = privE.GetPrivateExponent().MinEncodedSize();
privE.GetPrivateExponent().Encode(StringSink(encoded).Ref(), len);
ustring privEKey;
privEKey.fromString(encoded);
encoded.clear();
len = privS.GetPrivateExponent().MinEncodedSize();
privS.GetPrivateExponent().Encode(StringSink(encoded).Ref(), len);
ustring privSKey;
privSKey.fromString(encoded);
if (!this->loadKeys(pubEKey, pubSKey, privEKey, privSKey, stream, version))
return nonce_old;
return nonce;
}
bool Addr::generateRandom()
{
int stream = 1;
int version = 4;
OID CURVE = secp256k1();
AutoSeededRandomPool rng;
ECIES<ECP>::PrivateKey privE, privS;
ustring pubSKey;
ustring pubEKey;
string encoded;
size_t len;
byte digest2[CryptoPP::RIPEMD160::DIGESTSIZE];
int zeros = 0;
do
{
privE.Initialize(rng, CURVE);
privS.Initialize(rng, CURVE);
ECIES<ECP>::PublicKey pubE, pubS;
privE.MakePublicKey(pubE);
privS.MakePublicKey(pubS);
encoded.clear();
len = pubE.GetPublicElement().x.MinEncodedSize();
pubE.GetPublicElement().x.Encode(StringSink(encoded).Ref(), len);
len = pubE.GetPublicElement().y.MinEncodedSize();
pubE.GetPublicElement().y.Encode(StringSink(encoded).Ref(), len);
pubEKey.clear();
pubEKey += 0x04;
pubEKey.fromString(encoded);
encoded.clear();
len = pubS.GetPublicElement().x.MinEncodedSize();
pubS.GetPublicElement().x.Encode(StringSink(encoded).Ref(), len);
len = pubS.GetPublicElement().y.MinEncodedSize();
pubS.GetPublicElement().y.Encode(StringSink(encoded).Ref(), len);
pubSKey.clear();
pubSKey += 0x04;
pubSKey.fromString(encoded);
CryptoPP::SHA512 hash;
byte digest[CryptoPP::SHA512::DIGESTSIZE];
ustring buffer;
buffer += pubSKey;
buffer += pubEKey;
hash.CalculateDigest(digest, (byte*)buffer.c_str(), buffer.length());
CryptoPP::RIPEMD160 hash2;
memset(digest2, 0x00, 20);
hash2.CalculateDigest(digest2, digest, sizeof digest);
while (digest2[zeros] == 0x00)
zeros++;
} while (zeros == 0);
encoded.clear();
len = privE.GetPrivateExponent().MinEncodedSize();
privE.GetPrivateExponent().Encode(StringSink(encoded).Ref(), len);
ustring privEKey;
privEKey.fromString(encoded);
encoded.clear();
len = privS.GetPrivateExponent().MinEncodedSize();
privS.GetPrivateExponent().Encode(StringSink(encoded).Ref(), len);
ustring privSKey;
privSKey.fromString(encoded);
if (!this->loadKeys(pubEKey, pubSKey, privEKey, privSKey, stream, version))
return false;
return true;
}
