static gnutls_x509_privkey generate_private_key(void)
{
int ret;
gnutls_x509_privkey key;
ret = gnutls_x509_privkey_init(&key);
if ( ret < 0 ) {
fprintf(stderr, "error initializing private key: %s.\n", gnutls_strerror(ret));
return NULL;
}
gcry_set_progress_handler(entropy_progress_cb, NULL);
fprintf(stderr, "Generating %d bits RSA private key... This might take a very long time.\n", generated_key_size);
fprintf(stderr, "[Increasing system activity will speed-up the process].\n");
fprintf(stderr, "Generation in progress... ");
fflush(stderr);
ret = gnutls_x509_privkey_generate(key, GNUTLS_PK_RSA, generated_key_size, 0);
if ( ret < 0 ) {
fprintf(stderr, "error generating private RSA key: %s\n", gnutls_strerror(ret));
gnutls_x509_privkey_deinit(key);
return NULL;
}
fprintf(stderr, "\n\n");
return key;
}
GNUNET_CRYPTO_random_fini ()
{
gcry_set_progress_handler (NULL, NULL);
#ifdef GCRYCTL_CLOSE_RANDOM_DEVICE
(void) gcry_control (GCRYCTL_CLOSE_RANDOM_DEVICE, 0);
#endif
}
void
set_status_fd ( int fd )
{
static int last_fd = -1;
if ( fd != -1 && last_fd == fd )
return;
if ( statusfp && statusfp != stdout && statusfp != stderr )
fclose (statusfp);
statusfp = NULL;
if ( fd == -1 )
return;
if( fd == 1 )
statusfp = stdout;
else if( fd == 2 )
statusfp = stderr;
else
statusfp = fdopen( fd, "w" );
if( !statusfp ) {
log_fatal("can't open fd %d for status output: %s\n",
fd, strerror(errno));
}
last_fd = fd;
gcry_set_progress_handler ( progress_cb, NULL );
}
int
main (int argc, char **argv)
{
int debug = 0;
if (argc > 1 && !strcmp (argv[1], "--verbose"))
verbose = 1;
else if (argc > 1 && !strcmp (argv[1], "--debug"))
verbose = debug = 1;
if (!gcry_check_version (GCRYPT_VERSION))
die ("version mismatch\n");
gcry_set_progress_handler (progress_handler, NULL);
gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
if (debug)
gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u, 0);
gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
check_ciphers ();
check_aes128_cbc_cts_cipher ();
check_cbc_mac_cipher ();
check_ctr_cipher ();
check_digests ();
check_pubkey ();
return error_count ? 1 : 0;
}
int
main (int argc, char **argv)
{
int last_argc = -1;
int with_progress = 0;
if (argc)
{
argc--;
argv++;
}
while (argc && last_argc != argc )
{
last_argc = argc;
if (!strcmp (*argv, "--"))
{
argc--;
argv++;
break;
}
else if (!strcmp (*argv, "--help"))
{
usage (0);
exit (0);
}
else if (!strcmp (*argv, "--verbose"))
{
verbose++;
argc--;
argv++;
}
else if (!strcmp (*argv, "--debug"))
{
verbose += 2;
debug++;
argc--;
argv++;
}
else if (!strcmp (*argv, "--progress"))
{
argc--;
argv++;
with_progress = 1;
}
else if (!strncmp (*argv, "--", 2))
die ("unknown option '%s'", *argv);
else
break;
}
if (!gcry_check_version (GCRYPT_VERSION))
die ("version mismatch\n");
gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
if (debug)
gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u , 0);
/* No valuable keys are create, so we can speed up our RNG. */
gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
if (with_progress)
gcry_set_progress_handler (progress_cb, NULL);
if (!argc)
{
check_rsa_keys ();
check_elg_keys ();
check_dsa_keys ();
check_ecc_keys ();
check_nonce ();
}
else
{
for (; argc; argc--, argv++)
if (!strcmp (*argv, "rsa"))
check_rsa_keys ();
else if (!strcmp (*argv, "elg"))
check_elg_keys ();
else if (!strcmp (*argv, "dsa"))
check_dsa_keys ();
else if (!strcmp (*argv, "ecc"))
check_ecc_keys ();
else if (!strcmp (*argv, "nonce"))
check_nonce ();
else
usage (1);
}
return error_count? 1:0;
}
int
main (int argc, char **argv)
{
int last_argc = -1;
int early_rng = 0;
int in_recursion = 0;
const char *program = NULL;
if (argc)
{
program = *argv;
argc--; argv++;
}
else
die ("argv[0] missing\n");
while (argc && last_argc != argc )
{
last_argc = argc;
if (!strcmp (*argv, "--"))
{
argc--; argv++;
break;
}
else if (!strcmp (*argv, "--help"))
{
fputs ("usage: random [options]\n", stdout);
exit (0);
}
else if (!strcmp (*argv, "--verbose"))
{
verbose = 1;
argc--; argv++;
}
else if (!strcmp (*argv, "--debug"))
{
debug = verbose = 1;
argc--; argv++;
}
else if (!strcmp (*argv, "--progress"))
{
argc--; argv++;
with_progress = 1;
}
else if (!strcmp (*argv, "--in-recursion"))
{
in_recursion = 1;
argc--; argv++;
}
else if (!strcmp (*argv, "--early-rng-check"))
{
early_rng = 1;
argc--; argv++;
}
else if (!strcmp (*argv, "--prefer-standard-rng"))
{
/* This is anyway the default, but we may want to use it for
debugging. */
gcry_control (GCRYCTL_SET_PREFERRED_RNG_TYPE, GCRY_RNG_TYPE_STANDARD);
argc--; argv++;
}
else if (!strcmp (*argv, "--prefer-fips-rng"))
{
gcry_control (GCRYCTL_SET_PREFERRED_RNG_TYPE, GCRY_RNG_TYPE_FIPS);
argc--; argv++;
}
else if (!strcmp (*argv, "--prefer-system-rng"))
{
gcry_control (GCRYCTL_SET_PREFERRED_RNG_TYPE, GCRY_RNG_TYPE_SYSTEM);
argc--; argv++;
}
}
#ifndef HAVE_W32_SYSTEM
signal (SIGPIPE, SIG_IGN);
#endif
if (early_rng)
{
/* Don't switch RNG in fips mode. */
if (!gcry_fips_mode_active())
check_early_rng_type_switching ();
}
gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
if (!gcry_check_version (GCRYPT_VERSION))
die ("version mismatch\n");
if (with_progress)
gcry_set_progress_handler (progress_cb, NULL);
gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
if (debug)
gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u, 0);
if (!in_recursion)
{
check_forking ();
check_nonce_forking ();
check_close_random_device ();
}
/* For now we do not run the drgb_reinit check from "make check" due
to its high requirement for entropy. */
if (!getenv ("GCRYPT_IN_REGRESSION_TEST"))
check_drbg_reinit ();
/* Don't switch RNG in fips mode. */
if (!gcry_fips_mode_active())
check_rng_type_switching ();
if (!in_recursion)
run_all_rng_tests (program);
return 0;
}
int
main( int argc, char **argv )
{
int last_argc = -1;
int no_blinding = 0;
int use_random_daemon = 0;
int with_progress = 0;
buffer_alignment = 1;
if (argc)
{ argc--; argv++; }
while (argc && last_argc != argc )
{
last_argc = argc;
if (!strcmp (*argv, "--"))
{
argc--; argv++;
break;
}
else if (!strcmp (*argv, "--help"))
{
fputs ("usage: benchmark "
"[md|cipher|random|mpi|rsa|dsa|ecc [algonames]]\n",
stdout);
exit (0);
}
else if (!strcmp (*argv, "--verbose"))
{
verbose++;
argc--; argv++;
}
else if (!strcmp (*argv, "--use-random-daemon"))
{
use_random_daemon = 1;
argc--; argv++;
}
else if (!strcmp (*argv, "--prefer-standard-rng"))
{
/* This is anyway the default, but we may want to use it for
debugging. */
gcry_control (GCRYCTL_SET_PREFERRED_RNG_TYPE, GCRY_RNG_TYPE_STANDARD);
argc--; argv++;
}
else if (!strcmp (*argv, "--prefer-fips-rng"))
{
gcry_control (GCRYCTL_SET_PREFERRED_RNG_TYPE, GCRY_RNG_TYPE_FIPS);
argc--; argv++;
}
else if (!strcmp (*argv, "--prefer-system-rng"))
{
gcry_control (GCRYCTL_SET_PREFERRED_RNG_TYPE, GCRY_RNG_TYPE_SYSTEM);
argc--; argv++;
}
else if (!strcmp (*argv, "--no-blinding"))
{
no_blinding = 1;
argc--; argv++;
}
else if (!strcmp (*argv, "--large-buffers"))
{
large_buffers = 1;
argc--; argv++;
}
else if (!strcmp (*argv, "--cipher-repetitions"))
{
argc--; argv++;
if (argc)
{
cipher_repetitions = atoi(*argv);
argc--; argv++;
}
}
else if (!strcmp (*argv, "--cipher-with-keysetup"))
{
cipher_with_keysetup = 1;
argc--; argv++;
}
else if (!strcmp (*argv, "--hash-repetitions"))
{
argc--; argv++;
if (argc)
{
hash_repetitions = atoi(*argv);
argc--; argv++;
}
}
else if (!strcmp (*argv, "--alignment"))
{
argc--; argv++;
if (argc)
{
buffer_alignment = atoi(*argv);
argc--; argv++;
}
}
else if (!strcmp (*argv, "--disable-hwf"))
{
argc--; argv++;
if (argc)
{
if (gcry_control (GCRYCTL_DISABLE_HWF, *argv, NULL))
fprintf (stderr, PGM ": unknown hardware feature `%s'"
" - option ignored\n", *argv);
argc--; argv++;
}
}
else if (!strcmp (*argv, "--fips"))
{
argc--; argv++;
/* This command needs to be called before gcry_check_version. */
gcry_control (GCRYCTL_FORCE_FIPS_MODE, 0);
}
else if (!strcmp (*argv, "--progress"))
{
argc--; argv++;
with_progress = 1;
}
}
if (buffer_alignment < 1 || buffer_alignment > 16)
die ("value for --alignment must be in the range 1 to 16\n");
gcry_control (GCRYCTL_SET_VERBOSITY, (int)verbose);
if (!gcry_check_version (GCRYPT_VERSION))
{
fprintf (stderr, PGM ": version mismatch; pgm=%s, library=%s\n",
GCRYPT_VERSION, gcry_check_version (NULL));
exit (1);
}
if (gcry_fips_mode_active ())
in_fips_mode = 1;
else
gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
if (use_random_daemon)
gcry_control (GCRYCTL_USE_RANDOM_DAEMON, 1);
if (with_progress)
gcry_set_progress_handler (progress_cb, NULL);
gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
if (cipher_repetitions < 1)
cipher_repetitions = 1;
if (hash_repetitions < 1)
hash_repetitions = 1;
if ( !argc )
{
gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
md_bench (NULL);
putchar ('\n');
cipher_bench (NULL);
putchar ('\n');
rsa_bench (100, 1, no_blinding);
dsa_bench (100, 0);
ecc_bench (100, 0);
putchar ('\n');
mpi_bench ();
putchar ('\n');
random_bench (0);
}
else if ( !strcmp (*argv, "random") || !strcmp (*argv, "strongrandom"))
{
if (argc == 1)
random_bench ((**argv == 's'));
else if (argc == 2)
{
gcry_control (GCRYCTL_SET_RANDOM_SEED_FILE, argv[1]);
random_bench ((**argv == 's'));
gcry_control (GCRYCTL_UPDATE_RANDOM_SEED_FILE);
}
else
fputs ("usage: benchmark [strong]random [seedfile]\n", stdout);
}
else if ( !strcmp (*argv, "md"))
{
if (argc == 1)
md_bench (NULL);
else
for (argc--, argv++; argc; argc--, argv++)
md_bench ( *argv );
}
else if ( !strcmp (*argv, "cipher"))
{
if (argc == 1)
cipher_bench (NULL);
else
for (argc--, argv++; argc; argc--, argv++)
cipher_bench ( *argv );
}
else if ( !strcmp (*argv, "mpi"))
{
mpi_bench ();
}
else if ( !strcmp (*argv, "rsa"))
{
gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
rsa_bench (100, 1, no_blinding);
}
else if ( !strcmp (*argv, "dsa"))
{
gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
dsa_bench (100, 1);
}
else if ( !strcmp (*argv, "ecc"))
{
gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
ecc_bench (100, 1);
}
else
{
fprintf (stderr, PGM ": bad arguments\n");
return 1;
}
if (in_fips_mode && !gcry_fips_mode_active ())
fprintf (stderr, PGM ": FIPS mode is not anymore active\n");
return 0;
}
