aboutsummaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
authorPaul Selkirk <paul@psgd.org>2018-02-27 18:04:39 +0100
committerPaul Selkirk <paul@psgd.org>2018-04-19 18:59:01 -0400
commita478fe1230efae768c72b8cdb29e2887e4226312 (patch)
tree4803bc024458a0e4904ee1546e4f9b454f92c27f /tests
parentefc47f47581bb164440b86e9e57382972a32dbe8 (diff)
Implement hash-based signatures, per draft-mcgrew-hash-sigs-08.txt
Diffstat (limited to 'tests')
-rw-r--r--tests/Makefile4
-rw-r--r--tests/test-hashsig.h392
-rw-r--r--tests/test-rpc_hashsig.c528
3 files changed, 923 insertions, 1 deletions
diff --git a/tests/Makefile b/tests/Makefile
index d64728f..d186000 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -45,7 +45,7 @@ CFLAGS ?= -g3 -Wall -fPIC -std=c99 -I${LIBHAL_SRC} -I${LIBTFM_BLD}
CORE_TESTS = test-aes-key-wrap test-hash test-pbkdf2 test-ecdsa test-bus test-trng test-rsa test-mkmif
SERVER_TESTS = test-rpc_server
-CLIENT_TESTS = test-rpc_hash test-rpc_pkey test-rpc_get_version test-rpc_get_random test-rpc_login test-rpc_bighash test-xdr
+CLIENT_TESTS = test-rpc_hash test-rpc_pkey test-rpc_get_version test-rpc_get_random test-rpc_login test-rpc_bighash test-xdr test-rpc_hashsig
ALL_TESTS = ${CORE_TESTS} ${SERVER_TESTS} ${CLIENT_TESTS}
@@ -78,3 +78,5 @@ ${BIN}: %: %.o ${LIBS}
%.o: %.c ${LBHAL_SRC}/*.h ${LIBTFM_BLD}/tfm.h
${CC} ${CFLAGS} -c -o $@ $<
+
+test-rpc_hashsig.o: test-hashsig.h
diff --git a/tests/test-hashsig.h b/tests/test-hashsig.h
new file mode 100644
index 0000000..b76f9b1
--- /dev/null
+++ b/tests/test-hashsig.h
@@ -0,0 +1,392 @@
+/*
+ * draft-mcgrew Test Case 1
+ */
+
+/* Test Case 1 Public Key */
+
+static uint8_t tc1_key[] = {
+ 0x00, 0x00, 0x00, 0x02,
+ 0x00, 0x00, 0x00, 0x05,
+ 0x00, 0x00, 0x00, 0x04,
+ 0x61, 0xa5, 0xd5, 0x7d, 0x37, 0xf5, 0xe4, 0x6b,
+ 0xfb, 0x75, 0x20, 0x80, 0x6b, 0x07, 0xa1, 0xb8,
+ 0x50, 0x65, 0x0e, 0x3b, 0x31, 0xfe, 0x4a, 0x77,
+ 0x3e, 0xa2, 0x9a, 0x07, 0xf0, 0x9c, 0xf2, 0xea,
+ 0x30, 0xe5, 0x79, 0xf0, 0xdf, 0x58, 0xef, 0x8e,
+ 0x29, 0x8d, 0xa0, 0x43, 0x4c, 0xb2, 0xb8, 0x78,
+};
+
+/* Test Case 1 Message */
+
+static uint8_t tc1_msg[] = {
+ 0x54, 0x68, 0x65, 0x20, 0x70, 0x6f, 0x77, 0x65,
+ 0x72, 0x73, 0x20, 0x6e, 0x6f, 0x74, 0x20, 0x64,
+ 0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, 0x64,
+ 0x20, 0x74, 0x6f, 0x20, 0x74, 0x68, 0x65, 0x20,
+ 0x55, 0x6e, 0x69, 0x74, 0x65, 0x64, 0x20, 0x53,
+ 0x74, 0x61, 0x74, 0x65, 0x73, 0x20, 0x62, 0x79,
+ 0x20, 0x74, 0x68, 0x65, 0x20, 0x43, 0x6f, 0x6e,
+ 0x73, 0x74, 0x69, 0x74, 0x75, 0x74, 0x69, 0x6f,
+ 0x6e, 0x2c, 0x20, 0x6e, 0x6f, 0x72, 0x20, 0x70,
+ 0x72, 0x6f, 0x68, 0x69, 0x62, 0x69, 0x74, 0x65,
+ 0x64, 0x20, 0x62, 0x79, 0x20, 0x69, 0x74, 0x20,
+ 0x74, 0x6f, 0x20, 0x74, 0x68, 0x65, 0x20, 0x53,
+ 0x74, 0x61, 0x74, 0x65, 0x73, 0x2c, 0x20, 0x61,
+ 0x72, 0x65, 0x20, 0x72, 0x65, 0x73, 0x65, 0x72,
+ 0x76, 0x65, 0x64, 0x20, 0x74, 0x6f, 0x20, 0x74,
+ 0x68, 0x65, 0x20, 0x53, 0x74, 0x61, 0x74, 0x65,
+ 0x73, 0x20, 0x72, 0x65, 0x73, 0x70, 0x65, 0x63,
+ 0x74, 0x69, 0x76, 0x65, 0x6c, 0x79, 0x2c, 0x20,
+ 0x6f, 0x72, 0x20, 0x74, 0x6f, 0x20, 0x74, 0x68,
+ 0x65, 0x20, 0x70, 0x65, 0x6f, 0x70, 0x6c, 0x65,
+ 0x2e, 0x0a,
+};
+
+/* Test Case 1 Signature */
+
+static uint8_t tc1_sig[] = {
+ 0x00, 0x00, 0x00, 0x01,
+ 0x00, 0x00, 0x00, 0x05,
+ 0x00, 0x00, 0x00, 0x04,
+ 0xd3, 0x2b, 0x56, 0x67, 0x1d, 0x7e, 0xb9, 0x88,
+ 0x33, 0xc4, 0x9b, 0x43, 0x3c, 0x27, 0x25, 0x86,
+ 0xbc, 0x4a, 0x1c, 0x8a, 0x89, 0x70, 0x52, 0x8f,
+ 0xfa, 0x04, 0xb9, 0x66, 0xf9, 0x42, 0x6e, 0xb9,
+ 0x96, 0x5a, 0x25, 0xbf, 0xd3, 0x7f, 0x19, 0x6b,
+ 0x90, 0x73, 0xf3, 0xd4, 0xa2, 0x32, 0xfe, 0xb6,
+ 0x91, 0x28, 0xec, 0x45, 0x14, 0x6f, 0x86, 0x29,
+ 0x2f, 0x9d, 0xff, 0x96, 0x10, 0xa7, 0xbf, 0x95,
+ 0xa6, 0x4c, 0x7f, 0x60, 0xf6, 0x26, 0x1a, 0x62,
+ 0x04, 0x3f, 0x86, 0xc7, 0x03, 0x24, 0xb7, 0x70,
+ 0x7f, 0x5b, 0x4a, 0x8a, 0x6e, 0x19, 0xc1, 0x14,
+ 0xc7, 0xbe, 0x86, 0x6d, 0x48, 0x87, 0x78, 0xa0,
+ 0xe0, 0x5f, 0xd5, 0xc6, 0x50, 0x9a, 0x6e, 0x61,
+ 0xd5, 0x59, 0xcf, 0x1a, 0x77, 0xa9, 0x70, 0xde,
+ 0x92, 0x7d, 0x60, 0xc7, 0x0d, 0x3d, 0xe3, 0x1a,
+ 0x7f, 0xa0, 0x10, 0x09, 0x94, 0xe1, 0x62, 0xa2,
+ 0x58, 0x2e, 0x8f, 0xf1, 0xb1, 0x0c, 0xd9, 0x9d,
+ 0x4e, 0x8e, 0x41, 0x3e, 0xf4, 0x69, 0x55, 0x9f,
+ 0x7d, 0x7e, 0xd1, 0x2c, 0x83, 0x83, 0x42, 0xf9,
+ 0xb9, 0xc9, 0x6b, 0x83, 0xa4, 0x94, 0x3d, 0x16,
+ 0x81, 0xd8, 0x4b, 0x15, 0x35, 0x7f, 0xf4, 0x8c,
+ 0xa5, 0x79, 0xf1, 0x9f, 0x5e, 0x71, 0xf1, 0x84,
+ 0x66, 0xf2, 0xbb, 0xef, 0x4b, 0xf6, 0x60, 0xc2,
+ 0x51, 0x8e, 0xb2, 0x0d, 0xe2, 0xf6, 0x6e, 0x3b,
+ 0x14, 0x78, 0x42, 0x69, 0xd7, 0xd8, 0x76, 0xf5,
+ 0xd3, 0x5d, 0x3f, 0xbf, 0xc7, 0x03, 0x9a, 0x46,
+ 0x2c, 0x71, 0x6b, 0xb9, 0xf6, 0x89, 0x1a, 0x7f,
+ 0x41, 0xad, 0x13, 0x3e, 0x9e, 0x1f, 0x6d, 0x95,
+ 0x60, 0xb9, 0x60, 0xe7, 0x77, 0x7c, 0x52, 0xf0,
+ 0x60, 0x49, 0x2f, 0x2d, 0x7c, 0x66, 0x0e, 0x14,
+ 0x71, 0xe0, 0x7e, 0x72, 0x65, 0x55, 0x62, 0x03,
+ 0x5a, 0xbc, 0x9a, 0x70, 0x1b, 0x47, 0x3e, 0xcb,
+ 0xc3, 0x94, 0x3c, 0x6b, 0x9c, 0x4f, 0x24, 0x05,
+ 0xa3, 0xcb, 0x8b, 0xf8, 0xa6, 0x91, 0xca, 0x51,
+ 0xd3, 0xf6, 0xad, 0x2f, 0x42, 0x8b, 0xab, 0x6f,
+ 0x3a, 0x30, 0xf5, 0x5d, 0xd9, 0x62, 0x55, 0x63,
+ 0xf0, 0xa7, 0x5e, 0xe3, 0x90, 0xe3, 0x85, 0xe3,
+ 0xae, 0x0b, 0x90, 0x69, 0x61, 0xec, 0xf4, 0x1a,
+ 0xe0, 0x73, 0xa0, 0x59, 0x0c, 0x2e, 0xb6, 0x20,
+ 0x4f, 0x44, 0x83, 0x1c, 0x26, 0xdd, 0x76, 0x8c,
+ 0x35, 0xb1, 0x67, 0xb2, 0x8c, 0xe8, 0xdc, 0x98,
+ 0x8a, 0x37, 0x48, 0x25, 0x52, 0x30, 0xce, 0xf9,
+ 0x9e, 0xbf, 0x14, 0xe7, 0x30, 0x63, 0x2f, 0x27,
+ 0x41, 0x44, 0x89, 0x80, 0x8a, 0xfa, 0xb1, 0xd1,
+ 0xe7, 0x83, 0xed, 0x04, 0x51, 0x6d, 0xe0, 0x12,
+ 0x49, 0x86, 0x82, 0x21, 0x2b, 0x07, 0x81, 0x05,
+ 0x79, 0xb2, 0x50, 0x36, 0x59, 0x41, 0xbc, 0xc9,
+ 0x81, 0x42, 0xda, 0x13, 0x60, 0x9e, 0x97, 0x68,
+ 0xaa, 0xf6, 0x5d, 0xe7, 0x62, 0x0d, 0xab, 0xec,
+ 0x29, 0xeb, 0x82, 0xa1, 0x7f, 0xde, 0x35, 0xaf,
+ 0x15, 0xad, 0x23, 0x8c, 0x73, 0xf8, 0x1b, 0xdb,
+ 0x8d, 0xec, 0x2f, 0xc0, 0xe7, 0xf9, 0x32, 0x70,
+ 0x10, 0x99, 0x76, 0x2b, 0x37, 0xf4, 0x3c, 0x4a,
+ 0x3c, 0x20, 0x01, 0x0a, 0x3d, 0x72, 0xe2, 0xf6,
+ 0x06, 0xbe, 0x10, 0x8d, 0x31, 0x0e, 0x63, 0x9f,
+ 0x09, 0xce, 0x72, 0x86, 0x80, 0x0d, 0x9e, 0xf8,
+ 0xa1, 0xa4, 0x02, 0x81, 0xcc, 0x5a, 0x7e, 0xa9,
+ 0x8d, 0x2a, 0xdc, 0x7c, 0x74, 0x00, 0xc2, 0xfe,
+ 0x5a, 0x10, 0x15, 0x52, 0xdf, 0x4e, 0x3c, 0xcc,
+ 0xfd, 0x0c, 0xbf, 0x2d, 0xdf, 0x5d, 0xc6, 0x77,
+ 0x9c, 0xbb, 0xc6, 0x8f, 0xee, 0x0c, 0x3e, 0xfe,
+ 0x4e, 0xc2, 0x2b, 0x83, 0xa2, 0xca, 0xa3, 0xe4,
+ 0x8e, 0x08, 0x09, 0xa0, 0xa7, 0x50, 0xb7, 0x3c,
+ 0xcd, 0xcf, 0x3c, 0x79, 0xe6, 0x58, 0x0c, 0x15,
+ 0x4f, 0x8a, 0x58, 0xf7, 0xf2, 0x43, 0x35, 0xee,
+ 0xc5, 0xc5, 0xeb, 0x5e, 0x0c, 0xf0, 0x1d, 0xcf,
+ 0x44, 0x39, 0x42, 0x40, 0x95, 0xfc, 0xeb, 0x07,
+ 0x7f, 0x66, 0xde, 0xd5, 0xbe, 0xc7, 0x3b, 0x27,
+ 0xc5, 0xb9, 0xf6, 0x4a, 0x2a, 0x9a, 0xf2, 0xf0,
+ 0x7c, 0x05, 0xe9, 0x9e, 0x5c, 0xf8, 0x0f, 0x00,
+ 0x25, 0x2e, 0x39, 0xdb, 0x32, 0xf6, 0xc1, 0x96,
+ 0x74, 0xf1, 0x90, 0xc9, 0xfb, 0xc5, 0x06, 0xd8,
+ 0x26, 0x85, 0x77, 0x13, 0xaf, 0xd2, 0xca, 0x6b,
+ 0xb8, 0x5c, 0xd8, 0xc1, 0x07, 0x34, 0x75, 0x52,
+ 0xf3, 0x05, 0x75, 0xa5, 0x41, 0x78, 0x16, 0xab,
+ 0x4d, 0xb3, 0xf6, 0x03, 0xf2, 0xdf, 0x56, 0xfb,
+ 0xc4, 0x13, 0xe7, 0xd0, 0xac, 0xd8, 0xbd, 0xd8,
+ 0x13, 0x52, 0xb2, 0x47, 0x1f, 0xc1, 0xbc, 0x4f,
+ 0x1e, 0xf2, 0x96, 0xfe, 0xa1, 0x22, 0x04, 0x03,
+ 0x46, 0x6b, 0x1a, 0xfe, 0x78, 0xb9, 0x4f, 0x7e,
+ 0xcf, 0x7c, 0xc6, 0x2f, 0xb9, 0x2b, 0xe1, 0x4f,
+ 0x18, 0xc2, 0x19, 0x23, 0x84, 0xeb, 0xce, 0xaf,
+ 0x88, 0x01, 0xaf, 0xdf, 0x94, 0x7f, 0x69, 0x8c,
+ 0xe9, 0xc6, 0xce, 0xb6, 0x96, 0xed, 0x70, 0xe9,
+ 0xe8, 0x7b, 0x01, 0x44, 0x41, 0x7e, 0x8d, 0x7b,
+ 0xaf, 0x25, 0xeb, 0x5f, 0x70, 0xf0, 0x9f, 0x01,
+ 0x6f, 0xc9, 0x25, 0xb4, 0xdb, 0x04, 0x8a, 0xb8,
+ 0xd8, 0xcb, 0x2a, 0x66, 0x1c, 0xe3, 0xb5, 0x7a,
+ 0xda, 0x67, 0x57, 0x1f, 0x5d, 0xd5, 0x46, 0xfc,
+ 0x22, 0xcb, 0x1f, 0x97, 0xe0, 0xeb, 0xd1, 0xa6,
+ 0x59, 0x26, 0xb1, 0x23, 0x4f, 0xd0, 0x4f, 0x17,
+ 0x1c, 0xf4, 0x69, 0xc7, 0x6b, 0x88, 0x4c, 0xf3,
+ 0x11, 0x5c, 0xce, 0x6f, 0x79, 0x2c, 0xc8, 0x4e,
+ 0x36, 0xda, 0x58, 0x96, 0x0c, 0x5f, 0x1d, 0x76,
+ 0x0f, 0x32, 0xc1, 0x2f, 0xae, 0xf4, 0x77, 0xe9,
+ 0x4c, 0x92, 0xeb, 0x75, 0x62, 0x5b, 0x6a, 0x37,
+ 0x1e, 0xfc, 0x72, 0xd6, 0x0c, 0xa5, 0xe9, 0x08,
+ 0xb3, 0xa7, 0xdd, 0x69, 0xfe, 0xf0, 0x24, 0x91,
+ 0x50, 0xe3, 0xee, 0xbd, 0xfe, 0xd3, 0x9c, 0xbd,
+ 0xc3, 0xce, 0x97, 0x04, 0x88, 0x2a, 0x20, 0x72,
+ 0xc7, 0x5e, 0x13, 0x52, 0x7b, 0x7a, 0x58, 0x1a,
+ 0x55, 0x61, 0x68, 0x78, 0x3d, 0xc1, 0xe9, 0x75,
+ 0x45, 0xe3, 0x18, 0x65, 0xdd, 0xc4, 0x6b, 0x3c,
+ 0x95, 0x78, 0x35, 0xda, 0x25, 0x2b, 0xb7, 0x32,
+ 0x8d, 0x3e, 0xe2, 0x06, 0x24, 0x45, 0xdf, 0xb8,
+ 0x5e, 0xf8, 0xc3, 0x5f, 0x8e, 0x1f, 0x33, 0x71,
+ 0xaf, 0x34, 0x02, 0x3c, 0xef, 0x62, 0x6e, 0x0a,
+ 0xf1, 0xe0, 0xbc, 0x01, 0x73, 0x51, 0xaa, 0xe2,
+ 0xab, 0x8f, 0x5c, 0x61, 0x2e, 0xad, 0x0b, 0x72,
+ 0x9a, 0x1d, 0x05, 0x9d, 0x02, 0xbf, 0xe1, 0x8e,
+ 0xfa, 0x97, 0x1b, 0x73, 0x00, 0xe8, 0x82, 0x36,
+ 0x0a, 0x93, 0xb0, 0x25, 0xff, 0x97, 0xe9, 0xe0,
+ 0xee, 0xc0, 0xf3, 0xf3, 0xf1, 0x30, 0x39, 0xa1,
+ 0x7f, 0x88, 0xb0, 0xcf, 0x80, 0x8f, 0x48, 0x84,
+ 0x31, 0x60, 0x6c, 0xb1, 0x3f, 0x92, 0x41, 0xf4,
+ 0x0f, 0x44, 0xe5, 0x37, 0xd3, 0x02, 0xc6, 0x4a,
+ 0x4f, 0x1f, 0x4a, 0xb9, 0x49, 0xb9, 0xfe, 0xef,
+ 0xad, 0xcb, 0x71, 0xab, 0x50, 0xef, 0x27, 0xd6,
+ 0xd6, 0xca, 0x85, 0x10, 0xf1, 0x50, 0xc8, 0x5f,
+ 0xb5, 0x25, 0xbf, 0x25, 0x70, 0x3d, 0xf7, 0x20,
+ 0x9b, 0x60, 0x66, 0xf0, 0x9c, 0x37, 0x28, 0x0d,
+ 0x59, 0x12, 0x8d, 0x2f, 0x0f, 0x63, 0x7c, 0x7d,
+ 0x7d, 0x7f, 0xad, 0x4e, 0xd1, 0xc1, 0xea, 0x04,
+ 0xe6, 0x28, 0xd2, 0x21, 0xe3, 0xd8, 0xdb, 0x77,
+ 0xb7, 0xc8, 0x78, 0xc9, 0x41, 0x1c, 0xaf, 0xc5,
+ 0x07, 0x1a, 0x34, 0xa0, 0x0f, 0x4c, 0xf0, 0x77,
+ 0x38, 0x91, 0x27, 0x53, 0xdf, 0xce, 0x48, 0xf0,
+ 0x75, 0x76, 0xf0, 0xd4, 0xf9, 0x4f, 0x42, 0xc6,
+ 0xd7, 0x6f, 0x7c, 0xe9, 0x73, 0xe9, 0x36, 0x70,
+ 0x95, 0xba, 0x7e, 0x9a, 0x36, 0x49, 0xb7, 0xf4,
+ 0x61, 0xd9, 0xf9, 0xac, 0x13, 0x32, 0xa4, 0xd1,
+ 0x04, 0x4c, 0x96, 0xae, 0xfe, 0xe6, 0x76, 0x76,
+ 0x40, 0x1b, 0x64, 0x45, 0x7c, 0x54, 0xd6, 0x5f,
+ 0xef, 0x65, 0x00, 0xc5, 0x9c, 0xdf, 0xb6, 0x9a,
+ 0xf7, 0xb6, 0xdd, 0xdf, 0xcb, 0x0f, 0x08, 0x62,
+ 0x78, 0xdd, 0x8a, 0xd0, 0x68, 0x60, 0x78, 0xdf,
+ 0xb0, 0xf3, 0xf7, 0x9c, 0xd8, 0x93, 0xd3, 0x14,
+ 0x16, 0x86, 0x48, 0x49, 0x98, 0x98, 0xfb, 0xc0,
+ 0xce, 0xd5, 0xf9, 0x5b, 0x74, 0xe8, 0xff, 0x14,
+ 0xd7, 0x35, 0xcd, 0xea, 0x96, 0x8b, 0xee, 0x74,
+ 0x00, 0x00, 0x00, 0x05,
+ 0xd8, 0xb8, 0x11, 0x2f, 0x92, 0x00, 0xa5, 0xe5,
+ 0x0c, 0x4a, 0x26, 0x21, 0x65, 0xbd, 0x34, 0x2c,
+ 0xd8, 0x00, 0xb8, 0x49, 0x68, 0x10, 0xbc, 0x71,
+ 0x62, 0x77, 0x43, 0x5a, 0xc3, 0x76, 0x72, 0x8d,
+ 0x12, 0x9a, 0xc6, 0xed, 0xa8, 0x39, 0xa6, 0xf3,
+ 0x57, 0xb5, 0xa0, 0x43, 0x87, 0xc5, 0xce, 0x97,
+ 0x38, 0x2a, 0x78, 0xf2, 0xa4, 0x37, 0x29, 0x17,
+ 0xee, 0xfc, 0xbf, 0x93, 0xf6, 0x3b, 0xb5, 0x91,
+ 0x12, 0xf5, 0xdb, 0xe4, 0x00, 0xbd, 0x49, 0xe4,
+ 0x50, 0x1e, 0x85, 0x9f, 0x88, 0x5b, 0xf0, 0x73,
+ 0x6e, 0x90, 0xa5, 0x09, 0xb3, 0x0a, 0x26, 0xbf,
+ 0xac, 0x8c, 0x17, 0xb5, 0x99, 0x1c, 0x15, 0x7e,
+ 0xb5, 0x97, 0x11, 0x15, 0xaa, 0x39, 0xef, 0xd8,
+ 0xd5, 0x64, 0xa6, 0xb9, 0x02, 0x82, 0xc3, 0x16,
+ 0x8a, 0xf2, 0xd3, 0x0e, 0xf8, 0x9d, 0x51, 0xbf,
+ 0x14, 0x65, 0x45, 0x10, 0xa1, 0x2b, 0x8a, 0x14,
+ 0x4c, 0xca, 0x18, 0x48, 0xcf, 0x7d, 0xa5, 0x9c,
+ 0xc2, 0xb3, 0xd9, 0xd0, 0x69, 0x2d, 0xd2, 0xa2,
+ 0x0b, 0xa3, 0x86, 0x34, 0x80, 0xe2, 0x5b, 0x1b,
+ 0x85, 0xee, 0x86, 0x0c, 0x62, 0xbf, 0x51, 0x36,
+ 0x00, 0x00, 0x00, 0x05,
+ 0x00, 0x00, 0x00, 0x04,
+ 0xd2, 0xf1, 0x4f, 0xf6, 0x34, 0x6a, 0xf9, 0x64,
+ 0x56, 0x9f, 0x7d, 0x6c, 0xb8, 0x80, 0xa1, 0xb6,
+ 0x6c, 0x50, 0x04, 0x91, 0x7d, 0xa6, 0xea, 0xfe,
+ 0x4d, 0x9e, 0xf6, 0xc6, 0x40, 0x7b, 0x3d, 0xb0,
+ 0xe5, 0x48, 0x5b, 0x12, 0x2d, 0x9e, 0xbe, 0x15,
+ 0xcd, 0xa9, 0x3c, 0xfe, 0xc5, 0x82, 0xd7, 0xab,
+ 0x00, 0x00, 0x00, 0x0a,
+ 0x00, 0x00, 0x00, 0x04,
+ 0x07, 0x03, 0xc4, 0x91, 0xe7, 0x55, 0x8b, 0x35,
+ 0x01, 0x1e, 0xce, 0x35, 0x92, 0xea, 0xa5, 0xda,
+ 0x4d, 0x91, 0x87, 0x86, 0x77, 0x12, 0x33, 0xe8,
+ 0x35, 0x3b, 0xc4, 0xf6, 0x23, 0x23, 0x18, 0x5c,
+ 0x95, 0xca, 0xe0, 0x5b, 0x89, 0x9e, 0x35, 0xdf,
+ 0xfd, 0x71, 0x70, 0x54, 0x70, 0x62, 0x09, 0x98,
+ 0x8e, 0xbf, 0xdf, 0x6e, 0x37, 0x96, 0x0b, 0xb5,
+ 0xc3, 0x8d, 0x76, 0x57, 0xe8, 0xbf, 0xfe, 0xef,
+ 0x9b, 0xc0, 0x42, 0xda, 0x4b, 0x45, 0x25, 0x65,
+ 0x04, 0x85, 0xc6, 0x6d, 0x0c, 0xe1, 0x9b, 0x31,
+ 0x75, 0x87, 0xc6, 0xba, 0x4b, 0xff, 0xcc, 0x42,
+ 0x8e, 0x25, 0xd0, 0x89, 0x31, 0xe7, 0x2d, 0xfb,
+ 0x6a, 0x12, 0x0c, 0x56, 0x12, 0x34, 0x42, 0x58,
+ 0xb8, 0x5e, 0xfd, 0xb7, 0xdb, 0x1d, 0xb9, 0xe1,
+ 0x86, 0x5a, 0x73, 0xca, 0xf9, 0x65, 0x57, 0xeb,
+ 0x39, 0xed, 0x3e, 0x3f, 0x42, 0x69, 0x33, 0xac,
+ 0x9e, 0xed, 0xdb, 0x03, 0xa1, 0xd2, 0x37, 0x4a,
+ 0xf7, 0xbf, 0x77, 0x18, 0x55, 0x77, 0x45, 0x62,
+ 0x37, 0xf9, 0xde, 0x2d, 0x60, 0x11, 0x3c, 0x23,
+ 0xf8, 0x46, 0xdf, 0x26, 0xfa, 0x94, 0x20, 0x08,
+ 0xa6, 0x98, 0x99, 0x4c, 0x08, 0x27, 0xd9, 0x0e,
+ 0x86, 0xd4, 0x3e, 0x0d, 0xf7, 0xf4, 0xbf, 0xcd,
+ 0xb0, 0x9b, 0x86, 0xa3, 0x73, 0xb9, 0x82, 0x88,
+ 0xb7, 0x09, 0x4a, 0xd8, 0x1a, 0x01, 0x85, 0xac,
+ 0x10, 0x0e, 0x4f, 0x2c, 0x5f, 0xc3, 0x8c, 0x00,
+ 0x3c, 0x1a, 0xb6, 0xfe, 0xa4, 0x79, 0xeb, 0x2f,
+ 0x5e, 0xbe, 0x48, 0xf5, 0x84, 0xd7, 0x15, 0x9b,
+ 0x8a, 0xda, 0x03, 0x58, 0x6e, 0x65, 0xad, 0x9c,
+ 0x96, 0x9f, 0x6a, 0xec, 0xbf, 0xe4, 0x4c, 0xf3,
+ 0x56, 0x88, 0x8a, 0x7b, 0x15, 0xa3, 0xff, 0x07,
+ 0x4f, 0x77, 0x17, 0x60, 0xb2, 0x6f, 0x9c, 0x04,
+ 0x88, 0x4e, 0xe1, 0xfa, 0xa3, 0x29, 0xfb, 0xf4,
+ 0xe6, 0x1a, 0xf2, 0x3a, 0xee, 0x7f, 0xa5, 0xd4,
+ 0xd9, 0xa5, 0xdf, 0xcf, 0x43, 0xc4, 0xc2, 0x6c,
+ 0xe8, 0xae, 0xa2, 0xce, 0x8a, 0x29, 0x90, 0xd7,
+ 0xba, 0x7b, 0x57, 0x10, 0x8b, 0x47, 0xda, 0xbf,
+ 0xbe, 0xad, 0xb2, 0xb2, 0x5b, 0x3c, 0xac, 0xc1,
+ 0xac, 0x0c, 0xef, 0x34, 0x6c, 0xbb, 0x90, 0xfb,
+ 0x04, 0x4b, 0xee, 0xe4, 0xfa, 0xc2, 0x60, 0x3a,
+ 0x44, 0x2b, 0xdf, 0x7e, 0x50, 0x72, 0x43, 0xb7,
+ 0x31, 0x9c, 0x99, 0x44, 0xb1, 0x58, 0x6e, 0x89,
+ 0x9d, 0x43, 0x1c, 0x7f, 0x91, 0xbc, 0xcc, 0xc8,
+ 0x69, 0x0d, 0xbf, 0x59, 0xb2, 0x83, 0x86, 0xb2,
+ 0x31, 0x5f, 0x3d, 0x36, 0xef, 0x2e, 0xaa, 0x3c,
+ 0xf3, 0x0b, 0x2b, 0x51, 0xf4, 0x8b, 0x71, 0xb0,
+ 0x03, 0xdf, 0xb0, 0x82, 0x49, 0x48, 0x42, 0x01,
+ 0x04, 0x3f, 0x65, 0xf5, 0xa3, 0xef, 0x6b, 0xbd,
+ 0x61, 0xdd, 0xfe, 0xe8, 0x1a, 0xca, 0x9c, 0xe6,
+ 0x00, 0x81, 0x26, 0x2a, 0x00, 0x00, 0x04, 0x80,
+ 0xdc, 0xbc, 0x9a, 0x3d, 0xa6, 0xfb, 0xef, 0x5c,
+ 0x1c, 0x0a, 0x55, 0xe4, 0x8a, 0x0e, 0x72, 0x9f,
+ 0x91, 0x84, 0xfc, 0xb1, 0x40, 0x7c, 0x31, 0x52,
+ 0x9d, 0xb2, 0x68, 0xf6, 0xfe, 0x50, 0x03, 0x2a,
+ 0x36, 0x3c, 0x98, 0x01, 0x30, 0x68, 0x37, 0xfa,
+ 0xfa, 0xbd, 0xf9, 0x57, 0xfd, 0x97, 0xea, 0xfc,
+ 0x80, 0xdb, 0xd1, 0x65, 0xe4, 0x35, 0xd0, 0xe2,
+ 0xdf, 0xd8, 0x36, 0xa2, 0x8b, 0x35, 0x40, 0x23,
+ 0x92, 0x4b, 0x6f, 0xb7, 0xe4, 0x8b, 0xc0, 0xb3,
+ 0xed, 0x95, 0xee, 0xa6, 0x4c, 0x2d, 0x40, 0x2f,
+ 0x4d, 0x73, 0x4c, 0x8d, 0xc2, 0x6f, 0x3a, 0xc5,
+ 0x91, 0x82, 0x5d, 0xae, 0xf0, 0x1e, 0xae, 0x3c,
+ 0x38, 0xe3, 0x32, 0x8d, 0x00, 0xa7, 0x7d, 0xc6,
+ 0x57, 0x03, 0x4f, 0x28, 0x7c, 0xcb, 0x0f, 0x0e,
+ 0x1c, 0x9a, 0x7c, 0xbd, 0xc8, 0x28, 0xf6, 0x27,
+ 0x20, 0x5e, 0x47, 0x37, 0xb8, 0x4b, 0x58, 0x37,
+ 0x65, 0x51, 0xd4, 0x4c, 0x12, 0xc3, 0xc2, 0x15,
+ 0xc8, 0x12, 0xa0, 0x97, 0x07, 0x89, 0xc8, 0x3d,
+ 0xe5, 0x1d, 0x6a, 0xd7, 0x87, 0x27, 0x19, 0x63,
+ 0x32, 0x7f, 0x0a, 0x5f, 0xbb, 0x6b, 0x59, 0x07,
+ 0xde, 0xc0, 0x2c, 0x9a, 0x90, 0x93, 0x4a, 0xf5,
+ 0xa1, 0xc6, 0x3b, 0x72, 0xc8, 0x26, 0x53, 0x60,
+ 0x5d, 0x1d, 0xcc, 0xe5, 0x15, 0x96, 0xb3, 0xc2,
+ 0xb4, 0x56, 0x96, 0x68, 0x9f, 0x2e, 0xb3, 0x82,
+ 0x00, 0x74, 0x97, 0x55, 0x76, 0x92, 0xca, 0xac,
+ 0x4d, 0x57, 0xb5, 0xde, 0x9f, 0x55, 0x69, 0xbc,
+ 0x2a, 0xd0, 0x13, 0x7f, 0xd4, 0x7f, 0xb4, 0x7e,
+ 0x66, 0x4f, 0xcb, 0x6d, 0xb4, 0x97, 0x1f, 0x5b,
+ 0x3e, 0x07, 0xac, 0xed, 0xa9, 0xac, 0x13, 0x0e,
+ 0x9f, 0x38, 0x18, 0x2d, 0xe9, 0x94, 0xcf, 0xf1,
+ 0x92, 0xec, 0x0e, 0x82, 0xfd, 0x6d, 0x4c, 0xb7,
+ 0xf3, 0xfe, 0x00, 0x81, 0x25, 0x89, 0xb7, 0xa7,
+ 0xce, 0x51, 0x54, 0x40, 0x45, 0x64, 0x33, 0x01,
+ 0x6b, 0x84, 0xa5, 0x9b, 0xec, 0x66, 0x19, 0xa1,
+ 0xc6, 0xc0, 0xb3, 0x7d, 0xd1, 0x45, 0x0e, 0xd4,
+ 0xf2, 0xd8, 0xb5, 0x84, 0x41, 0x0c, 0xed, 0xa8,
+ 0x02, 0x5f, 0x5d, 0x2d, 0x8d, 0xd0, 0xd2, 0x17,
+ 0x6f, 0xc1, 0xcf, 0x2c, 0xc0, 0x6f, 0xa8, 0xc8,
+ 0x2b, 0xed, 0x4d, 0x94, 0x4e, 0x71, 0x33, 0x9e,
+ 0xce, 0x78, 0x0f, 0xd0, 0x25, 0xbd, 0x41, 0xec,
+ 0x34, 0xeb, 0xff, 0x9d, 0x42, 0x70, 0xa3, 0x22,
+ 0x4e, 0x01, 0x9f, 0xcb, 0x44, 0x44, 0x74, 0xd4,
+ 0x82, 0xfd, 0x2d, 0xbe, 0x75, 0xef, 0xb2, 0x03,
+ 0x89, 0xcc, 0x10, 0xcd, 0x60, 0x0a, 0xbb, 0x54,
+ 0xc4, 0x7e, 0xde, 0x93, 0xe0, 0x8c, 0x11, 0x4e,
+ 0xdb, 0x04, 0x11, 0x7d, 0x71, 0x4d, 0xc1, 0xd5,
+ 0x25, 0xe1, 0x1b, 0xed, 0x87, 0x56, 0x19, 0x2f,
+ 0x92, 0x9d, 0x15, 0x46, 0x2b, 0x93, 0x9f, 0xf3,
+ 0xf5, 0x2f, 0x22, 0x52, 0xda, 0x2e, 0xd6, 0x4d,
+ 0x8f, 0xae, 0x88, 0x81, 0x8b, 0x1e, 0xfa, 0x2c,
+ 0x7b, 0x08, 0xc8, 0x79, 0x4f, 0xb1, 0xb2, 0x14,
+ 0xaa, 0x23, 0x3d, 0xb3, 0x16, 0x28, 0x33, 0x14,
+ 0x1e, 0xa4, 0x38, 0x3f, 0x1a, 0x6f, 0x12, 0x0b,
+ 0xe1, 0xdb, 0x82, 0xce, 0x36, 0x30, 0xb3, 0x42,
+ 0x91, 0x14, 0x46, 0x31, 0x57, 0xa6, 0x4e, 0x91,
+ 0x23, 0x4d, 0x47, 0x5e, 0x2f, 0x79, 0xcb, 0xf0,
+ 0x5e, 0x4d, 0xb6, 0xa9, 0x40, 0x7d, 0x72, 0xc6,
+ 0xbf, 0xf7, 0xd1, 0x19, 0x8b, 0x5c, 0x4d, 0x6a,
+ 0xad, 0x28, 0x31, 0xdb, 0x61, 0x27, 0x49, 0x93,
+ 0x71, 0x5a, 0x01, 0x82, 0xc7, 0xdc, 0x80, 0x89,
+ 0xe3, 0x2c, 0x85, 0x31, 0xde, 0xed, 0x4f, 0x74,
+ 0x31, 0xc0, 0x7c, 0x02, 0x19, 0x5e, 0xba, 0x2e,
+ 0xf9, 0x1e, 0xfb, 0x56, 0x13, 0xc3, 0x7a, 0xf7,
+ 0xae, 0x0c, 0x06, 0x6b, 0xab, 0xc6, 0x93, 0x69,
+ 0x70, 0x0e, 0x1d, 0xd2, 0x6e, 0xdd, 0xc0, 0xd2,
+ 0x16, 0xc7, 0x81, 0xd5, 0x6e, 0x4c, 0xe4, 0x7e,
+ 0x33, 0x03, 0xfa, 0x73, 0x00, 0x7f, 0xf7, 0xb9,
+ 0x49, 0xef, 0x23, 0xbe, 0x2a, 0xa4, 0xdb, 0xf2,
+ 0x52, 0x06, 0xfe, 0x45, 0xc2, 0x0d, 0xd8, 0x88,
+ 0x39, 0x5b, 0x25, 0x26, 0x39, 0x1a, 0x72, 0x49,
+ 0x96, 0xa4, 0x41, 0x56, 0xbe, 0xac, 0x80, 0x82,
+ 0x12, 0x85, 0x87, 0x92, 0xbf, 0x8e, 0x74, 0xcb,
+ 0xa4, 0x9d, 0xee, 0x5e, 0x88, 0x12, 0xe0, 0x19,
+ 0xda, 0x87, 0x45, 0x4b, 0xff, 0x9e, 0x84, 0x7e,
+ 0xd8, 0x3d, 0xb0, 0x7a, 0xf3, 0x13, 0x74, 0x30,
+ 0x82, 0xf8, 0x80, 0xa2, 0x78, 0xf6, 0x82, 0xc2,
+ 0xbd, 0x0a, 0xd6, 0x88, 0x7c, 0xb5, 0x9f, 0x65,
+ 0x2e, 0x15, 0x59, 0x87, 0xd6, 0x1b, 0xbf, 0x6a,
+ 0x88, 0xd3, 0x6e, 0xe9, 0x3b, 0x60, 0x72, 0xe6,
+ 0x65, 0x6d, 0x9c, 0xcb, 0xaa, 0xe3, 0xd6, 0x55,
+ 0x85, 0x2e, 0x38, 0xde, 0xb3, 0xa2, 0xdc, 0xf8,
+ 0x05, 0x8d, 0xc9, 0xfb, 0x6f, 0x2a, 0xb3, 0xd3,
+ 0xb3, 0x53, 0x9e, 0xb7, 0x7b, 0x24, 0x8a, 0x66,
+ 0x10, 0x91, 0xd0, 0x5e, 0xb6, 0xe2, 0xf2, 0x97,
+ 0x77, 0x4f, 0xe6, 0x05, 0x35, 0x98, 0x45, 0x7c,
+ 0xc6, 0x19, 0x08, 0x31, 0x8d, 0xe4, 0xb8, 0x26,
+ 0xf0, 0xfc, 0x86, 0xd4, 0xbb, 0x11, 0x7d, 0x33,
+ 0xe8, 0x65, 0xaa, 0x80, 0x50, 0x09, 0xcc, 0x29,
+ 0x18, 0xd9, 0xc2, 0xf8, 0x40, 0xc4, 0xda, 0x43,
+ 0xa7, 0x03, 0xad, 0x9f, 0x5b, 0x58, 0x06, 0x16,
+ 0x3d, 0x71, 0x61, 0x69, 0x6b, 0x5a, 0x0a, 0xdc,
+ 0x00, 0x00, 0x00, 0x05,
+ 0xd5, 0xc0, 0xd1, 0xbe, 0xbb, 0x06, 0x04, 0x8e,
+ 0xd6, 0xfe, 0x2e, 0xf2, 0xc6, 0xce, 0xf3, 0x05,
+ 0xb3, 0xed, 0x63, 0x39, 0x41, 0xeb, 0xc8, 0xb3,
+ 0xbe, 0xc9, 0x73, 0x87, 0x54, 0xcd, 0xdd, 0x60,
+ 0xe1, 0x92, 0x0a, 0xda, 0x52, 0xf4, 0x3d, 0x05,
+ 0x5b, 0x50, 0x31, 0xce, 0xe6, 0x19, 0x25, 0x20,
+ 0xd6, 0xa5, 0x11, 0x55, 0x14, 0x85, 0x1c, 0xe7,
+ 0xfd, 0x44, 0x8d, 0x4a, 0x39, 0xfa, 0xe2, 0xab,
+ 0x23, 0x35, 0xb5, 0x25, 0xf4, 0x84, 0xe9, 0xb4,
+ 0x0d, 0x6a, 0x4a, 0x96, 0x93, 0x94, 0x84, 0x3b,
+ 0xdc, 0xf6, 0xd1, 0x4c, 0x48, 0xe8, 0x01, 0x5e,
+ 0x08, 0xab, 0x92, 0x66, 0x2c, 0x05, 0xc6, 0xe9,
+ 0xf9, 0x0b, 0x65, 0xa7, 0xa6, 0x20, 0x16, 0x89,
+ 0x99, 0x9f, 0x32, 0xbf, 0xd3, 0x68, 0xe5, 0xe3,
+ 0xec, 0x9c, 0xb7, 0x0a, 0xc7, 0xb8, 0x39, 0x90,
+ 0x03, 0xf1, 0x75, 0xc4, 0x08, 0x85, 0x08, 0x1a,
+ 0x09, 0xab, 0x30, 0x34, 0x91, 0x1f, 0xe1, 0x25,
+ 0x63, 0x10, 0x51, 0xdf, 0x04, 0x08, 0xb3, 0x94,
+ 0x6b, 0x0b, 0xde, 0x79, 0x09, 0x11, 0xe8, 0x97,
+ 0x8b, 0xa0, 0x7d, 0xd5, 0x6c, 0x73, 0xe7, 0xee,
+};
+
+typedef struct { const uint8_t *val; size_t len; } hashsig_tc_bn_t;
+typedef struct { hashsig_tc_bn_t key, msg, sig; } hashsig_tc_t;
+
+static const hashsig_tc_t hashsig_tc[] = {
+ { { tc1_key, sizeof(tc1_key) },
+ { tc1_msg, sizeof(tc1_msg) },
+ { tc1_sig, sizeof(tc1_sig) } }
+};
diff --git a/tests/test-rpc_hashsig.c b/tests/test-rpc_hashsig.c
new file mode 100644
index 0000000..d9dd0e7
--- /dev/null
+++ b/tests/test-rpc_hashsig.c
@@ -0,0 +1,528 @@
+/*
+ * test-rpc_hashsig.c
+ * ------------------
+ * Test code for RPC interface to Cryptech public key operations.
+ *
+ * Authors: Rob Austein, Paul Selkirk
+ * Copyright (c) 2015-2018, NORDUnet A/S
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ * - Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * - Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * - Neither the name of the NORDUnet nor the names of its contributors may
+ * be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* Parts of this may eventually get folded into test-rpc_pkey.c,
+ * but for now I'd rather do it stand-alone.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <getopt.h>
+#include <assert.h>
+
+#include <hal.h>
+#include <hashsig.h>
+#include "test-hashsig.h"
+
+#include <sys/time.h>
+/* not included in my glibc, sigh... */
+void timersub(struct timeval *a, struct timeval *b, struct timeval *res)
+{
+ res->tv_sec = a->tv_sec - b->tv_sec;
+ res->tv_usec = a->tv_usec - b->tv_usec;
+ if (res->tv_usec < 0) {
+ res->tv_usec += 1000000;
+ --res->tv_sec;
+ }
+ if (res->tv_usec > 1000000) {
+ res->tv_usec -= 1000000;
+ ++res->tv_sec;
+ }
+}
+
+static int debug = 0;
+static int info = 0;
+
+#define lose(...) do { printf(__VA_ARGS__); goto fail; } while (0)
+
+static int test_hashsig_testvec_local(const hashsig_tc_t * const tc, hal_key_flags_t flags)
+{
+ hal_error_t err;
+
+ assert(tc != NULL);
+
+ printf("Starting local hashsig test vector test\n");
+
+ uint8_t tc_keybuf[hal_hashsig_key_t_size];
+ hal_hashsig_key_t *tc_key = NULL;
+
+ if ((err = hal_hashsig_key_load_public_xdr(&tc_key,
+ tc_keybuf, sizeof(tc_keybuf),
+ tc->key.val, tc->key.len)) != HAL_OK)
+ lose("Could not load public key from test vector: %s\n", hal_error_string(err));
+
+ if ((err = hal_hashsig_verify(NULL, tc_key, tc->msg.val, tc->msg.len, tc->sig.val, tc->sig.len)) != HAL_OK)
+ lose("Verify failed: %s\n", hal_error_string(err));
+
+ printf("OK\n");
+ return 1;
+
+fail:
+ return 0;
+}
+
+static int test_hashsig_testvec_remote(const hashsig_tc_t * const tc, hal_key_flags_t flags)
+{
+ const hal_client_handle_t client = {HAL_HANDLE_NONE};
+ const hal_session_handle_t session = {HAL_HANDLE_NONE};
+ hal_pkey_handle_t public_key = {HAL_HANDLE_NONE};
+ hal_error_t err;
+ size_t len;
+
+ assert(tc != NULL);
+
+ {
+ flags |= HAL_KEY_FLAG_USAGE_DIGITALSIGNATURE;
+
+ printf("Starting remote hashsig test vector test, flags 0x%lx\n", (unsigned long) flags);
+
+ uint8_t tc_keybuf[hal_hashsig_key_t_size];
+ hal_hashsig_key_t *tc_key = NULL;
+
+ if ((err = hal_hashsig_key_load_public_xdr(&tc_key,
+ tc_keybuf, sizeof(tc_keybuf),
+ tc->key.val, tc->key.len)) != HAL_OK)
+ lose("Could not load public key from test vector: %s\n", hal_error_string(err));
+
+ hal_uuid_t public_name;
+
+ uint8_t public_der[hal_hashsig_public_key_to_der_len(tc_key)];
+
+ if ((err = hal_hashsig_public_key_to_der(tc_key, public_der, &len, sizeof(public_der))) != HAL_OK)
+ lose("Could not DER encode public key from test vector: %s\n", hal_error_string(err));
+
+ assert(len == sizeof(public_der));
+
+ if ((err = hal_rpc_pkey_load(client, session, &public_key, &public_name,
+ public_der, sizeof(public_der), flags)) != HAL_OK)
+ lose("Could not load public key into RPC: %s\n", hal_error_string(err));
+
+ if ((err = hal_rpc_pkey_verify(public_key, hal_hash_handle_none,
+ tc->msg.val, tc->msg.len, tc->sig.val, tc->sig.len)) != HAL_OK)
+ lose("Could not verify: %s\n", hal_error_string(err));
+
+ if ((err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
+ lose("Could not delete public key: %s\n", hal_error_string(err));
+
+ printf("OK\n");
+ return 1;
+ }
+
+fail:
+ if (public_key.handle != HAL_HANDLE_NONE &&
+ (err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
+ printf("Warning: could not delete public key: %s\n", hal_error_string(err));
+
+ return 0;
+}
+
+static void hexdump(const char * const label, const uint8_t * const buf, const size_t len)
+{
+ printf("%-15s ", label);
+
+ for (size_t i = 0; i < len; ++i) {
+ printf("%02x", buf[i]);
+ if ((i & 0x0f) == 0x0f) {
+ printf("\n");
+ if (i < len - 1)
+ printf(" ");
+ }
+ }
+ if ((len & 0x0f) != 0)
+ printf("\n");
+}
+
+static inline size_t lms_type_to_h(const lms_algorithm_t lms_type)
+{
+ switch (lms_type) {
+ case lms_sha256_n32_h5: return 5;
+ case lms_sha256_n32_h10: return 10;
+ case lms_sha256_n32_h15: return 15;
+ case lms_sha256_n32_h20: return 20;
+ case lms_sha256_n32_h25: return 25;
+ default: return 0;
+ }
+}
+
+static inline size_t two_to_the(const size_t n)
+{
+ if (n % 5 != 0)
+ return 0;
+
+ size_t result, i;
+ for (result = 1, i = 0; i < n; i += 5)
+ result *= 32;
+
+ return result;
+}
+
+static inline size_t lms_type_to_h2(const lms_algorithm_t lms_type)
+{
+ switch (lms_type) {
+ case lms_sha256_n32_h5: return two_to_the(5);
+ case lms_sha256_n32_h10: return two_to_the(10);
+ case lms_sha256_n32_h15: return two_to_the(15);
+ case lms_sha256_n32_h20: return two_to_the(20);
+ case lms_sha256_n32_h25: return two_to_the(25);
+ default: return 0;
+ }
+}
+
+static inline size_t lmots_type_to_w(const lmots_algorithm_t lmots_type)
+{
+ switch (lmots_type) {
+ case lmots_sha256_n32_w1: return 1;
+ case lmots_sha256_n32_w2: return 2;
+ case lmots_sha256_n32_w4: return 4;
+ case lmots_sha256_n32_w8: return 8;
+ default: return 0;
+ }
+}
+
+static inline size_t lmots_type_to_p(const lmots_algorithm_t lmots_type)
+{
+ switch (lmots_type) {
+ case lmots_sha256_n32_w1: return 265;
+ case lmots_sha256_n32_w2: return 133;
+ case lmots_sha256_n32_w4: return 67;
+ case lmots_sha256_n32_w8: return 34;
+ default: return 0;
+ }
+}
+
+#include <xdr_internal.h>
+
+static hal_error_t dump_hss_signature(const uint8_t * const sig, const size_t len)
+{
+ const uint8_t *sigptr = sig;
+ const uint8_t * const siglim = sig + len;
+ hal_error_t err;
+
+ hexdump("Nspk", sigptr, 4);
+ uint32_t Nspk;
+ if ((err = hal_xdr_decode_int(&sigptr, siglim, &Nspk)) != HAL_OK) return err;
+
+ for (size_t i = 0; i < Nspk + 1; ++i) {
+ printf("--------------------------------------------\nsig[%lu]\n", i);
+ hexdump("q", sigptr, 4); sigptr += 4;
+
+ {
+ hexdump("lmots type", sigptr, 4);
+ uint32_t lmots_type;
+ if ((err = hal_xdr_decode_int(&sigptr, siglim, &lmots_type)) != HAL_OK) return err;
+ hexdump("C", sigptr, 32); sigptr += 32;
+ size_t p = lmots_type_to_p((const lmots_algorithm_t)lmots_type);
+ for (size_t j = 0; j < p; ++j) {
+ char label[16];
+ sprintf(label, "y[%lu]", j);
+ hexdump(label, sigptr, 32); sigptr += 32;
+ }
+ }
+
+ hexdump("lms type", sigptr, 4);
+ uint32_t lms_type;
+ if ((err = hal_xdr_decode_int(&sigptr, siglim, &lms_type)) != HAL_OK) return err;
+ size_t h = lms_type_to_h((const lms_algorithm_t)lms_type);
+ for (size_t j = 0; j < h; ++j) {
+ char label[16];
+ sprintf(label, "path[%lu]", j);
+ hexdump(label, sigptr, 32); sigptr += 32;
+ }
+
+ if (i == Nspk)
+ break;
+
+ printf("--------------------------------------------\npubkey[%lu]\n", i + 1);
+ hexdump("lms type", sigptr, 4); sigptr += 4;
+ hexdump("lmots type", sigptr, 4); sigptr += 4;
+ hexdump("I", sigptr, 16); sigptr += 16;
+ hexdump("T[1]", sigptr, 32); sigptr += 32;
+ }
+
+ if (sigptr < siglim) {
+ printf("--------------------------------------------\nextra\n");
+ hexdump("", sigptr, siglim - sigptr);
+ }
+
+ return HAL_OK;
+}
+
+static int test_hashsig_sign(const size_t L,
+ const lms_algorithm_t lms_type,
+ const lmots_algorithm_t lmots_type,
+ size_t iterations)
+{
+ const hal_client_handle_t client = {HAL_HANDLE_NONE};
+ const hal_session_handle_t session = {HAL_HANDLE_NONE};
+ hal_pkey_handle_t private_key = {HAL_HANDLE_NONE};
+ hal_pkey_handle_t public_key = {HAL_HANDLE_NONE};
+ hal_error_t err;
+ size_t len;
+
+ {
+ hal_key_flags_t flags = HAL_KEY_FLAG_USAGE_DIGITALSIGNATURE;
+
+ printf("Starting hashsig key test: L %lu, lms type %u (h=%lu), lmots type %u (w=%lu)\n",
+ L, lms_type, lms_type_to_h(lms_type), lmots_type, lmots_type_to_w(lmots_type));
+
+ if (info)
+ printf("Info: signature length %lu, lmots private key length %lu\n",
+ hal_hashsig_signature_len(L, lms_type, lmots_type),
+ hal_hashsig_lmots_private_key_len(lmots_type));
+
+ hal_uuid_t private_name, public_name;
+ struct timeval tv_start, tv_end, tv_diff;
+
+ size_t Lh2 = two_to_the(L * lms_type_to_h(lms_type));
+ size_t h2 = lms_type_to_h2(lms_type);
+
+ if (info)
+ gettimeofday(&tv_start, NULL);
+ if ((err = hal_rpc_pkey_generate_hashsig(client, session, &private_key, &private_name,
+ L, lms_type, lmots_type, flags)) != HAL_OK)
+ lose("Could not generate hashsig private key: %s\n", hal_error_string(err));
+ if (info) {
+ gettimeofday(&tv_end, NULL);
+ timersub(&tv_end, &tv_start, &tv_diff);
+ long per_key = (tv_diff.tv_sec * 1000000 + tv_diff.tv_usec) / (L * h2);
+ printf("Info: %ldm%ld.%03lds to generate key (%ld.%03lds per lmots key)\n",
+ tv_diff.tv_sec / 60, tv_diff.tv_sec % 60, tv_diff.tv_usec / 1000,
+ per_key / 1000000, (per_key % 1000000) / 1000);
+ }
+
+ uint8_t public_der[hal_rpc_pkey_get_public_key_len(private_key)];
+
+ if ((err = hal_rpc_pkey_get_public_key(private_key, public_der, &len, sizeof(public_der))) != HAL_OK)
+ lose("Could not DER encode RPC hashsig public key from RPC hashsig private key: %s\n", hal_error_string(err));
+
+ assert(len == sizeof(public_der));
+
+ if ((err = hal_rpc_pkey_load(client, session, &public_key, &public_name,
+ public_der, sizeof(public_der), flags)) != HAL_OK)
+ lose("Could not load public key into RPC: %s\n", hal_error_string(err));
+
+ if (iterations > 0) {
+ uint8_t sig[hal_hashsig_signature_len(L, lms_type, lmots_type)];
+
+ if (info)
+ gettimeofday(&tv_start, NULL);
+ int i;
+ for (i = 0; i < iterations; ++i) {
+ if ((err = hal_rpc_pkey_sign(private_key, hal_hash_handle_none,
+ tc1_msg, sizeof(tc1_msg), sig, &len, sizeof(sig))) == HAL_OK) {
+ assert(len == sizeof(sig));
+ if (debug) {
+ printf("Debug: received signature:\n");
+ dump_hss_signature(sig, len);
+ }
+ }
+ else {
+ if (i == Lh2 && err == HAL_ERROR_HASHSIG_KEY_EXHAUSTED)
+ break;
+ else
+ lose("Could not sign (%d): %s\n", i, hal_error_string(err));
+ }
+ }
+ if (info) {
+ gettimeofday(&tv_end, NULL);
+ timersub(&tv_end, &tv_start, &tv_diff);
+ long per_sig = (tv_diff.tv_sec * 1000000 + tv_diff.tv_usec) / i;
+ printf("Info: %ldm%ld.%03lds to generate %d signatures (%ld.%03lds per signature)\n",
+ tv_diff.tv_sec / 60, tv_diff.tv_sec % 60, tv_diff.tv_usec / 1000, i,
+ per_sig / 1000000, (per_sig % 1000000) / 1000);
+ }
+
+ if (info)
+ gettimeofday(&tv_start, NULL);
+ if ((err = hal_rpc_pkey_verify(public_key, hal_hash_handle_none,
+ tc1_msg, sizeof(tc1_msg), sig, len)) != HAL_OK)
+ lose("Could not verify: %s\n", hal_error_string(err));
+ if (info) {
+ gettimeofday(&tv_end, NULL);
+ timersub(&tv_end, &tv_start, &tv_diff);
+ printf("Info: %ldm%ld.%03lds to verify 1 signature\n",
+ tv_diff.tv_sec / 60, tv_diff.tv_sec % 60, tv_diff.tv_usec / 1000);
+ }
+ }
+
+ if ((err = hal_rpc_pkey_delete(private_key)) != HAL_OK)
+ lose("Could not delete private key: %s\n", hal_error_string(err));
+
+ if ((err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
+ lose("Could not delete public key: %s\n", hal_error_string(err));
+
+ printf("OK\n");
+ return 1;
+ }
+
+fail:
+ if (private_key.handle != HAL_HANDLE_NONE &&
+ (err = hal_rpc_pkey_delete(private_key)) != HAL_OK)
+ printf("Warning: could not delete private key: %s\n", hal_error_string(err));
+
+ if (public_key.handle != HAL_HANDLE_NONE &&
+ (err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
+ printf("Warning: could not delete public key: %s\n", hal_error_string(err));
+
+ return 0;
+}
+
+int main(int argc, char *argv[])
+{
+ const hal_client_handle_t client = {HAL_HANDLE_NONE};
+ char *pin = "fnord";
+ int do_default = 1;
+ int do_testvec = 0;
+ size_t iterations = 1;
+ size_t L_lo = 0, L_hi = 0;
+ size_t lms_lo = 5, lms_hi = 0;
+ size_t lmots_lo = 3, lmots_hi = 0;
+ char *p;
+ hal_error_t err;
+ int ok = 1;
+
+char usage[] = "\
+Usage: %s [-d] [-i] [-p pin] [-t] [-L n] [-l n] [-o n] [-n n]\n\
+ -d: enable debugging - hexdump signatures\n\
+ -i: enable informational messages - runtimes and signature lengths\n\
+ -p: user PIN\n\
+ -t: verify test vectors\n\
+ -L: number of levels in the HSS scheme (1..8)\n\
+ -l: LMS type (5..9)\n\
+ -o: LM-OTS type (1..4)\n\
+ -n: number of signatures to generate (0..'max')\n\
+Numeric arguments can be a single number or a range, e.g. '1..4'\n";
+
+ int opt;
+ while ((opt = getopt(argc, argv, "ditp:L:l:o:n:h?")) != -1) {
+ switch (opt) {
+ case 'd':
+ debug = 1;
+ break;
+ case 'i':
+ info = 1;
+ break;
+ case 't':
+ do_testvec = 1;
+ do_default = 0;
+ break;
+ case 'p':
+ pin = optarg;
+ break;
+ case 'n':
+ if (strcmp(optarg, "max") == 0)
+ iterations = (size_t)-1;
+ else
+ iterations = (size_t)atoi(optarg);
+ do_default = 0;
+ break;
+ case 'L':
+ if ((p = strtok(optarg, ".")) != NULL)
+ L_lo = (size_t)atoi(p);
+ if ((p = strtok(NULL, ".")) != NULL)
+ L_hi = (size_t)atoi(p);
+ do_default = 0;
+ break;
+ case 'l':
+ if ((p = strtok(optarg, ".")) != NULL)
+ lms_lo = (size_t)atoi(p);
+ if ((p = strtok(NULL, ".")) != NULL)
+ lms_hi = (size_t)atoi(p);
+ do_default = 0;
+ break;
+ case 'o':
+ if ((p = strtok(optarg, ".")) != NULL)
+ lmots_lo = (size_t)atoi(p);
+ if ((p = strtok(NULL, ".")) != NULL)
+ lmots_hi = (size_t)atoi(p);
+ do_default = 0;
+ break;
+ case 'h':
+ case '?':
+ fprintf(stdout, usage, argv[0]);
+ exit(EXIT_SUCCESS);
+ default:
+ fprintf(stderr, usage, argv[0]);
+ exit(EXIT_FAILURE);
+ }
+ }
+
+ if (do_default) {
+ do_testvec = 1;
+ L_lo = 1;
+ }
+
+ if (L_hi < L_lo) L_hi = L_lo;
+ if (lms_hi < lms_lo) lms_hi = lms_lo;
+ if (lmots_hi < lmots_lo) lmots_hi = lmots_lo;
+
+ if ((err = hal_rpc_client_init()) != HAL_OK)
+ printf("Warning: Trouble initializing RPC client: %s\n", hal_error_string(err));
+
+ if ((err = hal_rpc_login(client, HAL_USER_NORMAL, pin, strlen(pin))) != HAL_OK)
+ printf("Warning: Trouble logging into HSM: %s\n", hal_error_string(err));
+
+ if (do_testvec) {
+ for (int i = 0; i < (sizeof(hashsig_tc)/sizeof(*hashsig_tc)); i++)
+ ok &= test_hashsig_testvec_local(&hashsig_tc[i], 0);
+
+ for (int i = 0; i < (sizeof(hashsig_tc)/sizeof(*hashsig_tc)); i++)
+ for (int j = 0; j < 2; j++)
+ ok &= test_hashsig_testvec_remote(&hashsig_tc[i], j * HAL_KEY_FLAG_TOKEN);
+ }
+
+ /* signing/performance tests: run with -i */
+ /* A single test would be of the form '-L 2 -l 5 -o 3 -n 1' */
+ /* A range test of just keygen would be of the form '-o 1..4 -n 0' */
+ /* A test to key exhaustion would be of the form '-n max' */
+ if (L_lo > 0) {
+ for (size_t L = L_lo; L <= L_hi; ++L) {
+ for (lms_algorithm_t lms_type = lms_lo; lms_type <= lms_hi; ++lms_type) {
+ for (lmots_algorithm_t lmots_type = lmots_lo; lmots_type <= lmots_hi; ++lmots_type) {
+ ok &= test_hashsig_sign(L, lms_type, lmots_type, iterations);
+ }
+ }
+ }
+ }
+
+ if ((err = hal_rpc_logout(client)) != HAL_OK)
+ printf("Warning: Trouble logging out of HSM: %s\n", hal_error_string(err));
+
+ if ((err = hal_rpc_client_close()) != HAL_OK)
+ printf("Warning: Trouble shutting down RPC client: %s\n", hal_error_string(err));
+
+ return !ok;
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-18 18:38:29 +0000