Main Page | Namespace List | Class Hierarchy | Alphabetical List | Class List | File List | Namespace Members | Class Members | File Members

fipstest.cpp

00001 // fipstest.cpp - written and placed in the public domain by Wei Dai
00002 
00003 #include "pch.h"
00004 #include "fips140.h"
00005 #include "sha.h"
00006 #include "files.h"
00007 #include "hex.h"
00008 #include "rsa.h"
00009 #include "dsa.h"
00010 #include "mqueue.h"
00011 #include "channels.h"
00012 #include "osrng.h"
00013 #include "des.h"
00014 #include "eccrypto.h"
00015 #include "ec2n.h"
00016 #include "ecp.h"
00017 #include "modes.h"
00018 #include "aes.h"
00019 #include "skipjack.h"
00020 #include "trdlocal.h"   // needs to be included last for cygwin
00021 
00022 NAMESPACE_BEGIN(CryptoPP)
00023 
00024 extern PowerUpSelfTestStatus g_powerUpSelfTestStatus;
00025 
00026 void KnownAnswerTest(RandomNumberGenerator &rng, const char *output)
00027 {
00028         EqualityComparisonFilter comparison;
00029 
00030         RandomNumberStore(rng, strlen(output)/2).TransferAllTo(comparison, "0");
00031         StringSource(output, true, new HexDecoder(new ChannelSwitch(comparison, "1")));
00032 
00033         comparison.ChannelMessageSeriesEnd("0");
00034         comparison.ChannelMessageSeriesEnd("1");
00035 }
00036 
00037 template <class CIPHER>
00038 void X917RNG_KnownAnswerTest(
00039         const char *key, 
00040         const char *seed, 
00041         const char *output,
00042         unsigned int deterministicTimeVector,
00043         CIPHER *dummy = NULL)
00044 {
00045         std::string decodedKey, decodedSeed;
00046         StringSource(key, true, new HexDecoder(new StringSink(decodedKey)));
00047         StringSource(seed, true, new HexDecoder(new StringSink(decodedSeed)));
00048 
00049         AutoSeededX917RNG<CIPHER> rng;
00050         rng.Reseed((const byte *)decodedKey.data(), decodedKey.size(), (const byte *)decodedSeed.data(), deterministicTimeVector);
00051         KnownAnswerTest(rng, output);
00052 }
00053 
00054 void KnownAnswerTest(StreamTransformation &encryption, StreamTransformation &decryption, const char *plaintext, const char *ciphertext)
00055 {
00056         EqualityComparisonFilter comparison;
00057 
00058         StringSource(plaintext, true, new HexDecoder(new StreamTransformationFilter(encryption, new ChannelSwitch(comparison, "0"), StreamTransformationFilter::NO_PADDING)));
00059         StringSource(ciphertext, true, new HexDecoder(new ChannelSwitch(comparison, "1")));
00060 
00061         StringSource(ciphertext, true, new HexDecoder(new StreamTransformationFilter(decryption, new ChannelSwitch(comparison, "0"), StreamTransformationFilter::NO_PADDING)));
00062         StringSource(plaintext, true, new HexDecoder(new ChannelSwitch(comparison, "1")));
00063 
00064         comparison.ChannelMessageSeriesEnd("0");
00065         comparison.ChannelMessageSeriesEnd("1");
00066 }
00067 
00068 template <class CIPHER>
00069 void SymmetricEncryptionKnownAnswerTest(
00070         const char *key, 
00071         const char *hexIV, 
00072         const char *plaintext, 
00073         const char *ecb,
00074         const char *cbc,
00075         const char *cfb,
00076         const char *ofb,
00077         const char *ctr,
00078         CIPHER *dummy = NULL)
00079 {
00080         std::string decodedKey;
00081         StringSource(key, true, new HexDecoder(new StringSink(decodedKey)));
00082 
00083         typename CIPHER::Encryption encryption((const byte *)decodedKey.data(), decodedKey.size());
00084         typename CIPHER::Decryption decryption((const byte *)decodedKey.data(), decodedKey.size());
00085 
00086         SecByteBlock iv(encryption.BlockSize());
00087         StringSource(hexIV, true, new HexDecoder(new ArraySink(iv, iv.size())));
00088 
00089         if (ecb)
00090                 KnownAnswerTest(ECB_Mode_ExternalCipher::Encryption(encryption).Ref(), ECB_Mode_ExternalCipher::Decryption(decryption).Ref(), plaintext, ecb);
00091         if (cbc)
00092                 KnownAnswerTest(CBC_Mode_ExternalCipher::Encryption(encryption, iv).Ref(), CBC_Mode_ExternalCipher::Decryption(decryption, iv).Ref(), plaintext, cbc);
00093         if (cfb)
00094                 KnownAnswerTest(CFB_Mode_ExternalCipher::Encryption(encryption, iv).Ref(), CFB_Mode_ExternalCipher::Decryption(encryption, iv).Ref(), plaintext, cfb);
00095         if (ofb)
00096                 KnownAnswerTest(OFB_Mode_ExternalCipher::Encryption(encryption, iv).Ref(), OFB_Mode_ExternalCipher::Decryption(encryption, iv).Ref(), plaintext, ofb);
00097         if (ctr)
00098                 KnownAnswerTest(CTR_Mode_ExternalCipher::Encryption(encryption, iv).Ref(), CTR_Mode_ExternalCipher::Decryption(encryption, iv).Ref(), plaintext, ctr);
00099 }
00100 
00101 void KnownAnswerTest(HashTransformation &hash, const char *message, const char *digest)
00102 {
00103         EqualityComparisonFilter comparison;
00104         StringSource(message, true, new HashFilter(hash, new ChannelSwitch(comparison, "0")));
00105         StringSource(digest, true, new HexDecoder(new ChannelSwitch(comparison, "1")));
00106 
00107         comparison.ChannelMessageSeriesEnd("0");
00108         comparison.ChannelMessageSeriesEnd("1");
00109 }
00110 
00111 template <class HASH>
00112 void SecureHashKnownAnswerTest(const char *message, const char *digest)
00113 {
00114         HASH hash;
00115         KnownAnswerTest(hash, message, digest);
00116 }
00117 
00118 template <class MAC>
00119 void MAC_KnownAnswerTest(const char *key, const char *message, const char *digest)
00120 {
00121         std::string decodedKey;
00122         StringSource(key, true, new HexDecoder(new StringSink(decodedKey)));
00123 
00124         MAC mac((const byte *)decodedKey.data(), decodedKey.size());
00125         KnownAnswerTest(mac, message, digest);
00126 }
00127 
00128 template <class SCHEME>
00129 void SignatureKnownAnswerTest(const char *key, const char *message, const char *signature, SCHEME *dummy = NULL)
00130 {
00131         typename SCHEME::Signer signer(StringSource(key, true, new HexDecoder).Ref());
00132         typename SCHEME::Verifier verifier(signer);
00133 
00134         EqualityComparisonFilter comparison;
00135 
00136         StringSource(message, true, new SignerFilter(NullRNG(), signer, new ChannelSwitch(comparison, "0")));
00137         StringSource(signature, true, new HexDecoder(new ChannelSwitch(comparison, "1")));
00138 
00139         comparison.ChannelMessageSeriesEnd("0");
00140         comparison.ChannelMessageSeriesEnd("1");
00141 
00142         VerifierFilter verifierFilter(verifier, NULL, VerifierFilter::SIGNATURE_AT_BEGIN | VerifierFilter::THROW_EXCEPTION);
00143         StringSource(signature, true, new HexDecoder(new Redirector(verifierFilter, false)));
00144         StringSource(message, true, new Redirector(verifierFilter));
00145 }
00146 
00147 void EncryptionPairwiseConsistencyTest(const PK_Encryptor &encryptor, const PK_Decryptor &decryptor)
00148 {
00149         try
00150         {
00151 #ifdef OS_RNG_AVAILABLE
00152                 AutoSeededX917RNG<DES_EDE3> rng;
00153 #else
00154                 RandomNumberGenerator &rng = NullRNG();
00155 #endif
00156                 const char *testMessage ="test message";
00157 
00158                 EqualityComparisonFilter comparison;
00159                 comparison.ChannelPutMessageEnd("0", (const byte *)testMessage, strlen(testMessage));
00160 
00161                 StringSource(
00162                         testMessage, 
00163                         true, 
00164                         new PK_EncryptorFilter(
00165                                 rng, 
00166                                 encryptor, 
00167                                 new PK_DecryptorFilter(rng, decryptor, new ChannelSwitch(comparison, "1"))));
00168 
00169                 comparison.ChannelMessageSeriesEnd("0");
00170                 comparison.ChannelMessageSeriesEnd("1");
00171         }
00172         catch (...)
00173         {
00174                 throw SelfTestFailure(encryptor.AlgorithmName() + ": pairwise consistency test failed");
00175         }
00176 }
00177 
00178 void SignaturePairwiseConsistencyTest(const PK_Signer &signer, const PK_Verifier &verifier)
00179 {
00180         try
00181         {
00182 #ifdef OS_RNG_AVAILABLE
00183                 AutoSeededX917RNG<DES_EDE3> rng;
00184 #else
00185                 RandomNumberGenerator &rng = NullRNG();
00186 #endif
00187 
00188                 StringSource(
00189                         "test message", 
00190                         true, 
00191                         new SignerFilter(
00192                                 rng, 
00193                                 signer, 
00194                                 new VerifierFilter(verifier, NULL, VerifierFilter::THROW_EXCEPTION),
00195                                 true));
00196         }
00197         catch (...)
00198         {
00199                 throw SelfTestFailure(signer.AlgorithmName() + ": pairwise consistency test failed");
00200         }
00201 }
00202 
00203 template <class SCHEME>
00204 void SignaturePairwiseConsistencyTest(const char *key, SCHEME *dummy = NULL)
00205 {
00206         typename SCHEME::Signer signer(StringSource(key, true, new HexDecoder).Ref());
00207         typename SCHEME::Verifier verifier(signer);
00208 
00209         SignaturePairwiseConsistencyTest(signer, verifier);
00210 }
00211 
00212 void DoPowerUpSelfTest(const char *moduleFilename, const byte *expectedModuleSha1Digest)
00213 {
00214         g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_NOT_DONE;
00215         SetPowerUpSelfTestInProgressOnThisThread(true);
00216 
00217         try
00218         {
00219                 if (FIPS_140_2_ComplianceEnabled() || moduleFilename != NULL)
00220                 {
00221                         // integrity test
00222                         SHA1 sha;
00223                         HashVerifier verifier(sha);
00224                         verifier.Put(expectedModuleSha1Digest, sha.DigestSize());
00225                         FileStore(moduleFilename).TransferAllTo(verifier);
00226                         if (!verifier.GetLastResult())
00227                         {
00228 #ifdef CRYPTOPP_WIN32_AVAILABLE
00229                                 std::string actualDigest;
00230                                 FileSource(moduleFilename, true, new HashFilter(sha, new HexEncoder(new StringSink(actualDigest))));
00231                                 OutputDebugString(("Crypto++ EDC test failed. Actual digest is: " + actualDigest + "\n").c_str());
00232 #endif
00233                                 throw 0;        // throw here so we break in the debugger, this will be caught right away
00234                         }
00235                 }
00236 
00237                 // algorithm tests
00238 
00239                 X917RNG_KnownAnswerTest<DES_EDE3>(
00240                         "48851090B4992453E83CDA86416534E53EA2FCE1A0B3A40C",                                             // key
00241                         "7D00BD0A79F6B0F5",                                                                                                             // seed
00242                         "22B590B08B53363AEB89AD65F81A5B6FB83F326CE06BF35751E6C41B43B729C4",             // output
00243                         1489728269);                                                                                                                    // time vector
00244 
00245                 SymmetricEncryptionKnownAnswerTest<DES>(
00246                         "0123456789abcdef",     // key
00247                         "1234567890abcdef",     // IV
00248                         "4e6f77206973207468652074696d6520666f7220616c6c20",     // plaintext
00249                         "3fa40e8a984d48156a271787ab8883f9893d51ec4b563b53",     // ecb
00250                         "E5C7CDDE872BF27C43E934008C389C0F683788499A7C05F6",     // cbc
00251                         "F3096249C7F46E51A69E839B1A92F78403467133898EA622", // cfb
00252                         "f3096249c7f46e5135f24a242eeb3d3f3d6d5be3255af8c3", // ofb
00253                         "F3096249C7F46E51163A8CA0FFC94C27FA2F80F480B86F75");// ctr
00254 
00255                 SymmetricEncryptionKnownAnswerTest<DES_EDE3>(
00256                         "385D7189A5C3D485E1370AA5D408082B5CCCCB5E19F2D90E",
00257                         "C141B5FCCD28DC8A",
00258                         "6E1BD7C6120947A464A6AAB293A0F89A563D8D40D3461B68",
00259                         "64EAAD4ACBB9CEAD6C7615E7C7E4792FE587D91F20C7D2F4",
00260                         "6235A461AFD312973E3B4F7AA7D23E34E03371F8E8C376C9",
00261                         "E26BA806A59B0330DE40CA38E77A3E494BE2B212F6DD624B",
00262                         "E26BA806A59B03307DE2BCC25A08BA40A8BA335F5D604C62",
00263                         "E26BA806A59B03303C62C2EFF32D3ACDD5D5F35EBCC53371");
00264 
00265                 SymmetricEncryptionKnownAnswerTest<SKIPJACK>(
00266                         "1555E5531C3A169B2D65",
00267                         "6EC9795701F49864",
00268                         "00AFA48E9621E52E8CBDA312660184EDDB1F33D9DACDA8DA",
00269                         "DBEC73562EFCAEB56204EB8AE9557EBF77473FBB52D17CD1",
00270                         "0C7B0B74E21F99B8F2C8DF37879F6C044967F42A796DCA8B",
00271                         "79FDDA9724E36CC2E023E9A5C717A8A8A7FDA465CADCBF63",
00272                         "79FDDA9724E36CC26CACBD83C1ABC06EAF5B249BE5B1E040",
00273                         "79FDDA9724E36CC211B0AEC607B95A96BCDA318440B82F49");
00274 
00275                 SymmetricEncryptionKnownAnswerTest<AES>(
00276                         "2b7e151628aed2a6abf7158809cf4f3c",
00277                         "000102030405060708090a0b0c0d0e0f",
00278                         "6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710",     // plaintext
00279                         "3ad77bb40d7a3660a89ecaf32466ef97f5d3d58503b9699de785895a96fdbaaf43b1cd7f598ece23881b00e3ed0306887b0c785e27e8ad3f8223207104725dd4", // ecb
00280                         "7649abac8119b246cee98e9b12e9197d5086cb9b507219ee95db113a917678b273bed6b8e3c1743b7116e69e222295163ff1caa1681fac09120eca307586e1a7",     // cbc
00281                         "3b3fd92eb72dad20333449f8e83cfb4ac8a64537a0b3a93fcde3cdad9f1ce58b26751f67a3cbb140b1808cf187a4f4dfc04b05357c5d1c0eeac4c66f9ff7f2e6", // cfb
00282                         "3b3fd92eb72dad20333449f8e83cfb4a7789508d16918f03f53c52dac54ed8259740051e9c5fecf64344f7a82260edcc304c6528f659c77866a510d9c1d6ae5e", // ofb
00283                         NULL);
00284 
00285                 SymmetricEncryptionKnownAnswerTest<AES>(
00286                         "2b7e151628aed2a6abf7158809cf4f3c",
00287                         "f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff",
00288                         "6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710",
00289                         NULL,
00290                         NULL,
00291                         NULL,
00292                         NULL,
00293                         "874d6191b620e3261bef6864990db6ce9806f66b7970fdff8617187bb9fffdff5ae4df3edbd5d35e5b4f09020db03eab1e031dda2fbe03d1792170a0f3009cee"); // ctr
00294 
00295 
00296                 SecureHashKnownAnswerTest<SHA>(
00297                         "abc",
00298                         "A9993E364706816ABA3E25717850C26C9CD0D89D");
00299 
00300                 MAC_KnownAnswerTest<HMAC<SHA> >(
00301                         "303132333435363738393a3b3c3d3e3f40414243",
00302                         "Sample #2",
00303                         "0922d3405faa3d194f82a45830737d5cc6c75d24");
00304 
00305                 SignatureKnownAnswerTest<RSASS<PKCS1v15, SHA> >(
00306                         "30820150020100300d06092a864886f70d01010105000482013a3082013602010002400a66791dc6988168de7ab77419bb7fb0"
00307                         "c001c62710270075142942e19a8d8c51d053b3e3782a1de5dc5af4ebe99468170114a1dfe67cdc9a9af55d655620bbab0203010001"
00308                         "02400123c5b61ba36edb1d3679904199a89ea80c09b9122e1400c09adcf7784676d01d23356a7d44d6bd8bd50e94bfc723fa"
00309                         "87d8862b75177691c11d757692df8881022033d48445c859e52340de704bcdda065fbb4058d740bd1d67d29e9c146c11cf61"
00310                         "0220335e8408866b0fd38dc7002d3f972c67389a65d5d8306566d5c4f2a5aa52628b0220045ec90071525325d3d46db79695e9af"
00311                         "acc4523964360e02b119baa366316241022015eb327360c7b60d12e5e2d16bdcd97981d17fba6b70db13b20b436e24eada590220"
00312                         "2ca6366d72781dfa24d34a9a24cbc2ae927a9958af426563ff63fb11658a461d",
00313                         "Everyone gets Friday off.",
00314                         "0610761F95FFD1B8F29DA34212947EC2AA0E358866A722F03CC3C41487ADC604A48FF54F5C6BEDB9FB7BD59F82D6E55D8F3174BA361B2214B2D74E8825E04E81");
00315 
00316                 SignaturePairwiseConsistencyTest<DSA>(
00317                         "3082014A0201003082012B06072A8648CE3804013082011E02818100F468699A6F6EBCC0120D3B34C8E007F125EC7D81F763B8D0F33869AE3BD6B9F2ECCC7DF34DF84C0307449E9B85D30D57194BCCEB310F48141914DD13A077AAF9B624A6CBE666BBA1D7EBEA95B5BA6F54417FD5D4E4220C601E071D316A24EA814E8B0122DBF47EE8AEEFD319EBB01DD95683F10DBB4FEB023F8262A07EAEB7FD02150082AD4E034DA6EEACDFDAE68C36F2BAD614F9E53B02818071AAF73361A26081529F7D84078ADAFCA48E031DB54AD57FB1A833ADBD8672328AABAA0C756247998D7A5B10DACA359D231332CE8120B483A784FE07D46EEBFF0D7D374A10691F78653E6DC29E27CCB1B174923960DFE5B959B919B2C3816C19251832AFD8E35D810E598F82877ABF7D40A041565168BD7F0E21E3FE2A8D8C1C0416021426EBA66E846E755169F84A1DA981D86502405DDF");
00318 
00319                 SignaturePairwiseConsistencyTest<ECDSA<EC2N, SHA> >(
00320                         "302D020100301006072A8648CE3D020106052B8104000404163014020101040F0070337065E1E196980A9D00E37211");
00321 
00322                 SignaturePairwiseConsistencyTest<ECDSA<ECP, SHA> >(
00323                         "3039020100301306072A8648CE3D020106082A8648CE3D030101041F301D02010104182BB8A13C8B867010BD9471D9E81FDB01ABD0538C64D6249A");
00324         }
00325         catch (...)
00326         {
00327                 g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_FAILED;
00328                 goto done;
00329         }
00330 
00331         g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_PASSED;
00332 
00333 done:
00334         SetPowerUpSelfTestInProgressOnThisThread(false);
00335         return;
00336 }
00337 
00338 NAMESPACE_END

Generated on Sun Mar 14 20:44:26 2004 for Crypto++ by doxygen 1.3.6-20040222