Mercurial > dropbear

comparison libtomcrypt/testprof/rsa_test.c @ 285:1b9e69c058d2

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3) to branch 'au.asn.ucc.matt.dropbear' (head fdf4a7a3b97ae5046139915de7e40399cceb2c01)
author Matt Johnston <matt@ucc.asn.au>
date Wed, 08 Mar 2006 13:23:58 +0000
parents
children 0cbe8f6dbf9e
comparison
equal deleted inserted replaced
281:997e6f7dc01e 285:1b9e69c058d2
1 #include <tomcrypt_test.h>
2
3 #ifdef MRSA
4
5 #define RSA_MSGSIZE 78
6
7 /* These are test keys [see file test.key] that I use to test my import/export against */
8 static const unsigned char openssl_private_rsa[] = {
9 0x30, 0x82, 0x02, 0x5e, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xcf, 0x9a, 0xde, 0x64, 0x8a,
10 0xda, 0xc8, 0x33, 0x20, 0xa9, 0xd7, 0x83, 0x31, 0x19, 0x54, 0xb2, 0x9a, 0x85, 0xa7, 0xa1, 0xb7,
11 0x75, 0x33, 0xb6, 0xa9, 0xac, 0x84, 0x24, 0xb3, 0xde, 0xdb, 0x7d, 0x85, 0x2d, 0x96, 0x65, 0xe5,
12 0x3f, 0x72, 0x95, 0x24, 0x9f, 0x28, 0x68, 0xca, 0x4f, 0xdb, 0x44, 0x1c, 0x3e, 0x60, 0x12, 0x8a,
13 0xdd, 0x26, 0xa5, 0xeb, 0xff, 0x0b, 0x5e, 0xd4, 0x88, 0x38, 0x49, 0x2a, 0x6e, 0x5b, 0xbf, 0x12,
14 0x37, 0x47, 0xbd, 0x05, 0x6b, 0xbc, 0xdb, 0xf3, 0xee, 0xe4, 0x11, 0x8e, 0x41, 0x68, 0x7c, 0x61,
15 0x13, 0xd7, 0x42, 0xc8, 0x80, 0xbe, 0x36, 0x8f, 0xdc, 0x08, 0x8b, 0x4f, 0xac, 0xa4, 0xe2, 0x76,
16 0x0c, 0xc9, 0x63, 0x6c, 0x49, 0x58, 0x93, 0xed, 0xcc, 0xaa, 0xdc, 0x25, 0x3b, 0x0a, 0x60, 0x3f,
17 0x8b, 0x54, 0x3a, 0xc3, 0x4d, 0x31, 0xe7, 0x94, 0xa4, 0x44, 0xfd, 0x02, 0x03, 0x01, 0x00, 0x01,
18 0x02, 0x81, 0x81, 0x00, 0xc8, 0x62, 0xb9, 0xea, 0xde, 0x44, 0x53, 0x1d, 0x56, 0x97, 0xd9, 0x97,
19 0x9e, 0x1a, 0xcf, 0x30, 0x1e, 0x0a, 0x88, 0x45, 0x86, 0x29, 0x30, 0xa3, 0x4d, 0x9f, 0x61, 0x65,
20 0x73, 0xe0, 0xd6, 0x87, 0x8f, 0xb6, 0xf3, 0x06, 0xa3, 0x82, 0xdc, 0x7c, 0xac, 0xfe, 0x9b, 0x28,
21 0x9a, 0xae, 0xfd, 0xfb, 0xfe, 0x2f, 0x0e, 0xd8, 0x97, 0x04, 0xe3, 0xbb, 0x1f, 0xd1, 0xec, 0x0d,
22 0xba, 0xa3, 0x49, 0x7f, 0x47, 0xac, 0x8a, 0x44, 0x04, 0x7e, 0x86, 0xb7, 0x39, 0x42, 0x3f, 0xad,
23 0x1e, 0xb7, 0x0e, 0xa5, 0x51, 0xf4, 0x40, 0x63, 0x1e, 0xfd, 0xbd, 0xea, 0x9f, 0x41, 0x9f, 0xa8,
24 0x90, 0x1d, 0x6f, 0x0a, 0x5a, 0x95, 0x13, 0x11, 0x0d, 0x80, 0xaf, 0x5f, 0x64, 0x98, 0x8a, 0x2c,
25 0x78, 0x68, 0x65, 0xb0, 0x2b, 0x8b, 0xa2, 0x53, 0x87, 0xca, 0xf1, 0x64, 0x04, 0xab, 0xf2, 0x7b,
26 0xdb, 0x83, 0xc8, 0x81, 0x02, 0x41, 0x00, 0xf7, 0xbe, 0x5e, 0x23, 0xc3, 0x32, 0x3f, 0xbf, 0x8b,
27 0x8e, 0x3a, 0xee, 0xfc, 0xfc, 0xcb, 0xe5, 0xf7, 0xf1, 0x0b, 0xbc, 0x42, 0x82, 0xae, 0xd5, 0x7a,
28 0x3e, 0xca, 0xf7, 0xd5, 0x69, 0x3f, 0x64, 0x25, 0xa2, 0x1f, 0xb7, 0x75, 0x75, 0x05, 0x92, 0x42,
29 0xeb, 0xb8, 0xf1, 0xf3, 0x0a, 0x05, 0xe3, 0x94, 0xd1, 0x55, 0x78, 0x35, 0xa0, 0x36, 0xa0, 0x9b,
30 0x7c, 0x92, 0x84, 0x6c, 0xdd, 0xdc, 0x4d, 0x02, 0x41, 0x00, 0xd6, 0x86, 0x0e, 0x85, 0x42, 0x0b,
31 0x04, 0x08, 0x84, 0x21, 0x60, 0xf0, 0x0e, 0x0d, 0x88, 0xfd, 0x1e, 0x36, 0x10, 0x65, 0x4f, 0x1e,
32 0x53, 0xb4, 0x08, 0x72, 0x80, 0x5c, 0x3f, 0x59, 0x66, 0x17, 0xe6, 0x98, 0xf2, 0xe9, 0x6c, 0x7a,
33 0x06, 0x4c, 0xac, 0x76, 0x3d, 0xed, 0x8c, 0xa1, 0xce, 0xad, 0x1b, 0xbd, 0xb4, 0x7d, 0x28, 0xbc,
34 0xe3, 0x0e, 0x38, 0x8d, 0x99, 0xd8, 0x05, 0xb5, 0xa3, 0x71, 0x02, 0x40, 0x6d, 0xeb, 0xc3, 0x2d,
35 0x2e, 0xf0, 0x5e, 0xa4, 0x88, 0x31, 0x05, 0x29, 0x00, 0x8a, 0xd1, 0x95, 0x29, 0x9b, 0x83, 0xcf,
36 0x75, 0xdb, 0x31, 0xe3, 0x7a, 0x27, 0xde, 0x3a, 0x74, 0x30, 0x0c, 0x76, 0x4c, 0xd4, 0x50, 0x2a,
37 0x40, 0x2d, 0x39, 0xd9, 0x99, 0x63, 0xa9, 0x5d, 0x80, 0xae, 0x53, 0xca, 0x94, 0x3f, 0x05, 0x23,
38 0x1e, 0xf8, 0x05, 0x04, 0xe1, 0xb8, 0x35, 0xf2, 0x17, 0xb3, 0xa0, 0x89, 0x02, 0x41, 0x00, 0xab,
39 0x90, 0x88, 0xfa, 0x60, 0x08, 0x29, 0x50, 0x9a, 0x43, 0x8b, 0xa0, 0x50, 0xcc, 0xd8, 0x5a, 0xfe,
40 0x97, 0x64, 0x63, 0x71, 0x74, 0x22, 0xa3, 0x20, 0x02, 0x5a, 0xcf, 0xeb, 0xc6, 0x16, 0x95, 0x54,
41 0xd1, 0xcb, 0xab, 0x8d, 0x1a, 0xc6, 0x00, 0xfa, 0x08, 0x92, 0x9c, 0x71, 0xd5, 0x52, 0x52, 0x35,
42 0x96, 0x71, 0x4b, 0x8b, 0x92, 0x0c, 0xd0, 0xe9, 0xbf, 0xad, 0x63, 0x0b, 0xa5, 0xe9, 0xb1, 0x02,
43 0x41, 0x00, 0xdc, 0xcc, 0x27, 0xc8, 0xe4, 0xdc, 0x62, 0x48, 0xd5, 0x9b, 0xaf, 0xf5, 0xab, 0x60,
44 0xf6, 0x21, 0xfd, 0x53, 0xe2, 0xb7, 0x5d, 0x09, 0xc9, 0x1a, 0xa1, 0x04, 0xa9, 0xfc, 0x61, 0x2c,
45 0x5d, 0x04, 0x58, 0x3a, 0x5a, 0x39, 0xf1, 0x4a, 0x21, 0x56, 0x67, 0xfd, 0xcc, 0x20, 0xa3, 0x8f,
46 0x78, 0x18, 0x5a, 0x79, 0x3d, 0x2e, 0x8e, 0x7e, 0x86, 0x0a, 0xe6, 0xa8, 0x33, 0xc1, 0x04, 0x17,
47 0x4a, 0x9f, };
48
49
50 /*** NOTE: OpenSSL seems to have more to their public key format. I've stripped the extra headers... */
51 static const unsigned char openssl_public_rsa[] = {
52 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xcf, 0x9a, 0xde,
53 0x64, 0x8a, 0xda, 0xc8, 0x33, 0x20, 0xa9, 0xd7, 0x83, 0x31, 0x19, 0x54, 0xb2, 0x9a, 0x85, 0xa7,
54 0xa1, 0xb7, 0x75, 0x33, 0xb6, 0xa9, 0xac, 0x84, 0x24, 0xb3, 0xde, 0xdb, 0x7d, 0x85, 0x2d, 0x96,
55 0x65, 0xe5, 0x3f, 0x72, 0x95, 0x24, 0x9f, 0x28, 0x68, 0xca, 0x4f, 0xdb, 0x44, 0x1c, 0x3e, 0x60,
56 0x12, 0x8a, 0xdd, 0x26, 0xa5, 0xeb, 0xff, 0x0b, 0x5e, 0xd4, 0x88, 0x38, 0x49, 0x2a, 0x6e, 0x5b,
57 0xbf, 0x12, 0x37, 0x47, 0xbd, 0x05, 0x6b, 0xbc, 0xdb, 0xf3, 0xee, 0xe4, 0x11, 0x8e, 0x41, 0x68,
58 0x7c, 0x61, 0x13, 0xd7, 0x42, 0xc8, 0x80, 0xbe, 0x36, 0x8f, 0xdc, 0x08, 0x8b, 0x4f, 0xac, 0xa4,
59 0xe2, 0x76, 0x0c, 0xc9, 0x63, 0x6c, 0x49, 0x58, 0x93, 0xed, 0xcc, 0xaa, 0xdc, 0x25, 0x3b, 0x0a,
60 0x60, 0x3f, 0x8b, 0x54, 0x3a, 0xc3, 0x4d, 0x31, 0xe7, 0x94, 0xa4, 0x44, 0xfd, 0x02, 0x03, 0x01,
61 0x00, 0x01, };
62
63 static int rsa_compat_test(void)
64 {
65 rsa_key key;
66 unsigned char buf[1024];
67 unsigned long len;
68
69 /* try reading the key */
70 DO(rsa_import(openssl_private_rsa, sizeof(openssl_private_rsa), &key));
71
72 /* now try to export private/public and compare */
73 len = sizeof(buf);
74 DO(rsa_export(buf, &len, PK_PRIVATE, &key));
75 if (len != sizeof(openssl_private_rsa) || memcmp(buf, openssl_private_rsa, len)) {
76 fprintf(stderr, "RSA private export failed to match OpenSSL output, %lu, %lu\n", len, sizeof(openssl_private_rsa));
77
78
79 {
80 int x;
81 printf("\n\n");
82 for (x = 0; x < len; ) { if (buf[x] == openssl_private_rsa[x]) printf("-- "); else printf("%02x ", buf[x]^openssl_private_rsa[x]); if (!(++x & 15)) printf("\n"); }
83 }
84 printf("\n\n");
85
86 return 1;
87 }
88
89 len = sizeof(buf);
90 DO(rsa_export(buf, &len, PK_PUBLIC, &key));
91 if (len != sizeof(openssl_public_rsa) || memcmp(buf, openssl_public_rsa, len)) {
92 fprintf(stderr, "RSA(private) public export failed to match OpenSSL output\n");
93 return 1;
94 }
95 rsa_free(&key);
96
97 /* try reading the public key */
98 DO(rsa_import(openssl_public_rsa, sizeof(openssl_public_rsa), &key));
99 len = sizeof(buf);
100 DO(rsa_export(buf, &len, PK_PUBLIC, &key));
101 if (len != sizeof(openssl_public_rsa) || memcmp(buf, openssl_public_rsa, len)) {
102 fprintf(stderr, "RSA(public) public export failed to match OpenSSL output\n");
103 return 1;
104 }
105 rsa_free(&key);
106
107 return 0;
108 }
109
110 int rsa_test(void)
111 {
112 unsigned char in[1024], out[1024], tmp[1024];
113 rsa_key key, privKey, pubKey;
114 int hash_idx, prng_idx, stat, stat2;
115 unsigned long rsa_msgsize, len, len2, cnt;
116 static unsigned char lparam[] = { 0x01, 0x02, 0x03, 0x04 };
117
118 if (rsa_compat_test() != 0) {
119 return 1;
120 }
121
122 hash_idx = find_hash("sha1");
123 prng_idx = find_prng("yarrow");
124 if (hash_idx == -1 || prng_idx == -1) {
125 fprintf(stderr, "rsa_test requires SHA1 and yarrow");
126 return 1;
127 }
128
129 /* make 10 random key */
130 for (cnt = 0; cnt < 10; cnt++) {
131 DO(rsa_make_key(&yarrow_prng, prng_idx, 1024/8, 65537, &key));
132 if (mp_count_bits(&key.N) != 1024) {
133 fprintf(stderr, "rsa_1024 key modulus has %d bits\n", mp_count_bits(&key.N));
134
135 len = mp_unsigned_bin_size(&key.N);
136 mp_to_unsigned_bin(&key.N, tmp);
137 fprintf(stderr, "N == \n");
138 for (cnt = 0; cnt < len; ) {
139 fprintf(stderr, "%02x ", tmp[cnt]);
140 if (!(++cnt & 15)) fprintf(stderr, "\n");
141 }
142
143 len = mp_unsigned_bin_size(&key.p);
144 mp_to_unsigned_bin(&key.p, tmp);
145 fprintf(stderr, "p == \n");
146 for (cnt = 0; cnt < len; ) {
147 fprintf(stderr, "%02x ", tmp[cnt]);
148 if (!(++cnt & 15)) fprintf(stderr, "\n");
149 }
150
151 len = mp_unsigned_bin_size(&key.q);
152 mp_to_unsigned_bin(&key.q, tmp);
153 fprintf(stderr, "\nq == \n");
154 for (cnt = 0; cnt < len; ) {
155 fprintf(stderr, "%02x ", tmp[cnt]);
156 if (!(++cnt & 15)) fprintf(stderr, "\n");
157 }
158 fprintf(stderr, "\n");
159
160
161 return 1;
162 }
163 if (cnt != 9) {
164 rsa_free(&key);
165 }
166 }
167
168 /* encrypt the key (without lparam) */
169 for (cnt = 0; cnt < 4; cnt++) {
170 for (rsa_msgsize = 1; rsa_msgsize <= 86; rsa_msgsize++) {
171 /* make a random key/msg */
172 yarrow_read(in, rsa_msgsize, &yarrow_prng);
173
174 len = sizeof(out);
175 len2 = rsa_msgsize;
176
177 DO(rsa_encrypt_key(in, rsa_msgsize, out, &len, NULL, 0, &yarrow_prng, prng_idx, hash_idx, &key));
178 /* change a byte */
179 out[8] ^= 1;
180 DO(rsa_decrypt_key(out, len, tmp, &len2, NULL, 0, hash_idx, &stat2, &key));
181 /* change a byte back */
182 out[8] ^= 1;
183 if (len2 != rsa_msgsize) {
184 fprintf(stderr, "\nrsa_decrypt_key mismatch len %lu (first decrypt)", len2);
185 return 1;
186 }
187
188 len2 = rsa_msgsize;
189 DO(rsa_decrypt_key(out, len, tmp, &len2, NULL, 0, hash_idx, &stat, &key));
190 if (!(stat == 1 && stat2 == 0)) {
191 fprintf(stderr, "rsa_decrypt_key failed");
192 return 1;
193 }
194 if (len2 != rsa_msgsize || memcmp(tmp, in, rsa_msgsize)) {
195 unsigned long x;
196 fprintf(stderr, "\nrsa_decrypt_key mismatch, len %lu (second decrypt)\n", len2);
197 fprintf(stderr, "Original contents: \n");
198 for (x = 0; x < rsa_msgsize; ) {
199 fprintf(stderr, "%02x ", in[x]);
200 if (!(++x % 16)) {
201 fprintf(stderr, "\n");
202 }
203 }
204 fprintf(stderr, "\n");
205 fprintf(stderr, "Output contents: \n");
206 for (x = 0; x < rsa_msgsize; ) {
207 fprintf(stderr, "%02x ", out[x]);
208 if (!(++x % 16)) {
209 fprintf(stderr, "\n");
210 }
211 }
212 fprintf(stderr, "\n");
213 return 1;
214 }
215 }
216 }
217
218 /* encrypt the key (with lparam) */
219 for (rsa_msgsize = 1; rsa_msgsize <= 86; rsa_msgsize++) {
220 len = sizeof(out);
221 len2 = rsa_msgsize;
222 DO(rsa_encrypt_key(in, rsa_msgsize, out, &len, lparam, sizeof(lparam), &yarrow_prng, prng_idx, hash_idx, &key));
223 /* change a byte */
224 out[8] ^= 1;
225 DO(rsa_decrypt_key(out, len, tmp, &len2, lparam, sizeof(lparam), hash_idx, &stat2, &key));
226 if (len2 != rsa_msgsize) {
227 fprintf(stderr, "\nrsa_decrypt_key mismatch len %lu (first decrypt)", len2);
228 return 1;
229 }
230 /* change a byte back */
231 out[8] ^= 1;
232
233 len2 = rsa_msgsize;
234 DO(rsa_decrypt_key(out, len, tmp, &len2, lparam, sizeof(lparam), hash_idx, &stat, &key));
235 if (!(stat == 1 && stat2 == 0)) {
236 fprintf(stderr, "rsa_decrypt_key failed");
237 return 1;
238 }
239 if (len2 != rsa_msgsize || memcmp(tmp, in, rsa_msgsize)) {
240 fprintf(stderr, "rsa_decrypt_key mismatch len %lu", len2);
241 return 1;
242 }
243 }
244
245 /* sign a message (unsalted, lower cholestorol and Atkins approved) now */
246 len = sizeof(out);
247 DO(rsa_sign_hash(in, 20, out, &len, &yarrow_prng, prng_idx, hash_idx, 0, &key));
248
249 /* export key and import as both private and public */
250 len2 = sizeof(tmp);
251 DO(rsa_export(tmp, &len2, PK_PRIVATE, &key));
252 DO(rsa_import(tmp, len2, &privKey));
253 len2 = sizeof(tmp);
254 DO(rsa_export(tmp, &len2, PK_PUBLIC, &key));
255 DO(rsa_import(tmp, len2, &pubKey));
256
257 /* verify with original */
258 DO(rsa_verify_hash(out, len, in, 20, hash_idx, 0, &stat, &key));
259 /* change a byte */
260 in[0] ^= 1;
261 DO(rsa_verify_hash(out, len, in, 20, hash_idx, 0, &stat2, &key));
262
263 if (!(stat == 1 && stat2 == 0)) {
264 fprintf(stderr, "rsa_verify_hash (unsalted, origKey) failed, %d, %d", stat, stat2);
265 rsa_free(&key);
266 rsa_free(&pubKey);
267 rsa_free(&privKey);
268 return 1;
269 }
270
271 /* verify with privKey */
272 /* change a byte */
273 in[0] ^= 1;
274 DO(rsa_verify_hash(out, len, in, 20, hash_idx, 0, &stat, &privKey));
275 /* change a byte */
276 in[0] ^= 1;
277 DO(rsa_verify_hash(out, len, in, 20, hash_idx, 0, &stat2, &privKey));
278
279 if (!(stat == 1 && stat2 == 0)) {
280 fprintf(stderr, "rsa_verify_hash (unsalted, privKey) failed, %d, %d", stat, stat2);
281 rsa_free(&key);
282 rsa_free(&pubKey);
283 rsa_free(&privKey);
284 return 1;
285 }
286
287 /* verify with pubKey */
288 /* change a byte */
289 in[0] ^= 1;
290 DO(rsa_verify_hash(out, len, in, 20, hash_idx, 0, &stat, &pubKey));
291 /* change a byte */
292 in[0] ^= 1;
293 DO(rsa_verify_hash(out, len, in, 20, hash_idx, 0, &stat2, &pubKey));
294
295 if (!(stat == 1 && stat2 == 0)) {
296 fprintf(stderr, "rsa_verify_hash (unsalted, pubkey) failed, %d, %d", stat, stat2);
297 rsa_free(&key);
298 rsa_free(&pubKey);
299 rsa_free(&privKey);
300 return 1;
301 }
302
303 /* sign a message (salted) now (use privKey to make, pubKey to verify) */
304 len = sizeof(out);
305 DO(rsa_sign_hash(in, 20, out, &len, &yarrow_prng, prng_idx, hash_idx, 8, &privKey));
306 DO(rsa_verify_hash(out, len, in, 20, hash_idx, 8, &stat, &pubKey));
307 /* change a byte */
308 in[0] ^= 1;
309 DO(rsa_verify_hash(out, len, in, 20, hash_idx, 8, &stat2, &pubKey));
310
311 if (!(stat == 1 && stat2 == 0)) {
312 fprintf(stderr, "rsa_verify_hash (salted) failed, %d, %d", stat, stat2);
313 rsa_free(&key);
314 rsa_free(&pubKey);
315 rsa_free(&privKey);
316 return 1;
317 }
318
319 /* free the key and return */
320 rsa_free(&key);
321 rsa_free(&pubKey);
322 rsa_free(&privKey);
323 return 0;
324 }
325
326 #else
327
328 int rsa_test(void)
329 {
330 fprintf(stderr, "NOP");
331 return 0;
332 }
333
334 #endif
335
336 /* $Source: /cvs/libtom/libtomcrypt/testprof/rsa_test.c,v $ */
337 /* $Revision: 1.10 $ */
338 /* $Date: 2005/06/03 19:18:33 $ */