aboutsummaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
Diffstat (limited to 'tests')
-rw-r--r--tests/Makefile16
-rwxr-xr-xtests/parallel-signatures.py63
-rw-r--r--tests/test-rpc_hashsig.c524
-rw-r--r--tests/test-xdr.c4
4 files changed, 367 insertions, 240 deletions
diff --git a/tests/Makefile b/tests/Makefile
index d186000..515c662 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -1,4 +1,4 @@
-# Copyright (c) 2015, NORDUnet A/S
+# Copyright (c) 2015-2018, NORDUnet A/S
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
@@ -27,15 +27,9 @@
# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-ifndef CRYPTECH_ROOT
- CRYPTECH_ROOT := $(abspath ../../..)
-endif
-
-LIBTFM_SRC ?= ${CRYPTECH_ROOT}/sw/thirdparty/libtfm
-LIBTFM_BLD ?= ${LIBTFM_SRC}
-
-LIBHAL_SRC ?= ${CRYPTECH_ROOT}/sw/libhal
+LIBHAL_SRC ?= ..
LIBHAL_BLD ?= ${LIBHAL_SRC}
+LIBTFM_BLD ?= ../../thirdparty/libtfm
LIBS = ${LIBHAL_BLD}/libhal.a ${LIBTFM_BLD}/libtfm.a
@@ -63,8 +57,6 @@ else
endif
-$(info Building libhal with configuration IO_BUS=${IO_BUS} RPC_MODE=${RPC_MODE} KS=${KS} RPC_TRANSPORT=${RPC_TRANSPORT} MODEXP_CORE=${MODEXP_CORE})
-
all: ${BIN}
test: all
@@ -76,7 +68,7 @@ clean distclean:
${BIN}: %: %.o ${LIBS}
${CC} ${CFLAGS} -o $@ $^ ${LDFLAGS}
-%.o: %.c ${LBHAL_SRC}/*.h ${LIBTFM_BLD}/tfm.h
+%.o: %.c ${LIBHAL_SRC}/*.h ${LIBTFM_BLD}/tfm.h
${CC} ${CFLAGS} -c -o $@ $<
test-rpc_hashsig.o: test-hashsig.h
diff --git a/tests/parallel-signatures.py b/tests/parallel-signatures.py
index 8d98460..980f759 100755
--- a/tests/parallel-signatures.py
+++ b/tests/parallel-signatures.py
@@ -64,6 +64,12 @@ from Crypto.Hash.SHA256 import SHA256Hash as SHA256
from Crypto.Hash.SHA384 import SHA384Hash as SHA384
from Crypto.Hash.SHA512 import SHA512Hash as SHA512
+try:
+ import statistics
+ statistics_loaded = True
+except ImportError:
+ statistics_loaded = False
+
logger = logging.getLogger(__name__)
@@ -254,6 +260,8 @@ class Result(object):
self.args = args
self.name = name
self.sum = datetime.timedelta(seconds = 0)
+ if statistics_loaded:
+ self.readings = [None] * args.iterations
self.t0 = None
self.t1 = None
self.n = 0
@@ -264,14 +272,32 @@ class Result(object):
self.t1 = t1
delta = t1 - t0
self.sum += delta
+ if statistics_loaded:
+ self.readings[self.n] = delta.total_seconds()
self.n += 1
if not self.args.quiet:
sys.stdout.write("\r{:4d} {}".format(self.n, delta))
sys.stdout.flush()
- @property
- def mean(self):
- return self.sum / self.n
+ if statistics_loaded:
+
+ @property
+ def mean(self):
+ return statistics.mean(self.readings)
+
+ @property
+ def median(self):
+ return statistics.median(self.readings)
+
+ @property
+ def stdev(self):
+ return statistics.pstdev(self.readings)
+
+ else:
+
+ @property
+ def mean(self):
+ return self.sum / self.n
@property
def secs_per_sig(self):
@@ -286,15 +312,28 @@ class Result(object):
return self.sum.total_seconds() / (self.t1 - self.t0).total_seconds()
def report(self):
- sys.stdout.write(("\r{0.name} "
- "sigs/sec {0.sigs_per_sec} "
- "secs/sig {0.secs_per_sig} "
- "mean {0.mean} "
- "speedup {0.speedup} "
- "(n {0.n}, "
- "c {0.args.clients} "
- "t0 {0.t0} "
- "t1 {0.t1})\n").format(self))
+ if statistics_loaded:
+ sys.stdout.write(("\r{0.name} "
+ "sigs/sec {0.sigs_per_sec} "
+ "secs/sig {0.secs_per_sig} "
+ "mean {0.mean} "
+ "median {0.median} "
+ "stdev {0.stdev} "
+ "speedup {0.speedup} "
+ "(n {0.n}, "
+ "c {0.args.clients} "
+ "t0 {0.t0} "
+ "t1 {0.t1})\n").format(self))
+ else:
+ sys.stdout.write(("\r{0.name} "
+ "sigs/sec {0.sigs_per_sec} "
+ "secs/sig {0.secs_per_sig} "
+ "mean {0.mean} "
+ "speedup {0.speedup} "
+ "(n {0.n}, "
+ "c {0.args.clients} "
+ "t0 {0.t0} "
+ "t1 {0.t1})\n").format(self))
sys.stdout.flush()
diff --git a/tests/test-rpc_hashsig.c b/tests/test-rpc_hashsig.c
index 00728c3..1c5765b 100644
--- a/tests/test-rpc_hashsig.c
+++ b/tests/test-rpc_hashsig.c
@@ -48,26 +48,22 @@
#include <unistd.h>
#include <hal.h>
-#include <hashsig.h>
#include "test-hashsig.h"
#include <sys/time.h>
-/* not included in my glibc, sigh... */
-void timersub(struct timeval *a, struct timeval *b, struct timeval *res)
-{
- res->tv_sec = a->tv_sec - b->tv_sec;
- res->tv_usec = a->tv_usec - b->tv_usec;
- if (res->tv_usec < 0) {
- res->tv_usec += 1000000;
- --res->tv_sec;
- }
- if (res->tv_usec > 1000000) {
- res->tv_usec -= 1000000;
- ++res->tv_sec;
- }
-}
-static int debug = 0;
+#ifndef timersub
+#define timersub(a, b, res) \
+ do { \
+ (res)->tv_sec = (a)->tv_sec - (b)->tv_sec; \
+ (res)->tv_usec = (a)->tv_usec - (b)->tv_usec; \
+ if ((res)->tv_usec < 0) { \
+ (res)->tv_usec += 1000000; \
+ --(res)->tv_sec; \
+ } \
+ } while (0)
+#endif
+
static int info = 0;
#define lose(...) do { printf(__VA_ARGS__); goto fail; } while (0)
@@ -86,10 +82,10 @@ static int test_hashsig_testvec_local(const hashsig_tc_t * const tc, hal_key_fla
if ((err = hal_hashsig_key_load_public_xdr(&tc_key,
tc_keybuf, sizeof(tc_keybuf),
tc->key.val, tc->key.len)) != HAL_OK)
- lose("Could not load public key from test vector: %s\n", hal_error_string(err));
+ lose("Error loading public key from test vector: %s\n", hal_error_string(err));
if ((err = hal_hashsig_verify(NULL, tc_key, tc->msg.val, tc->msg.len, tc->sig.val, tc->sig.len)) != HAL_OK)
- lose("Verify failed: %s\n", hal_error_string(err));
+ lose("Error verifying: %s\n", hal_error_string(err));
printf("OK\n");
return 1;
@@ -119,27 +115,27 @@ static int test_hashsig_testvec_remote(const hashsig_tc_t * const tc, hal_key_fl
if ((err = hal_hashsig_key_load_public_xdr(&tc_key,
tc_keybuf, sizeof(tc_keybuf),
tc->key.val, tc->key.len)) != HAL_OK)
- lose("Could not load public key from test vector: %s\n", hal_error_string(err));
+ lose("Error loading public key from test vector: %s\n", hal_error_string(err));
hal_uuid_t public_name;
uint8_t public_der[hal_hashsig_public_key_to_der_len(tc_key)];
if ((err = hal_hashsig_public_key_to_der(tc_key, public_der, &len, sizeof(public_der))) != HAL_OK)
- lose("Could not DER encode public key from test vector: %s\n", hal_error_string(err));
+ lose("Error DER encoding public key from test vector: %s\n", hal_error_string(err));
assert(len == sizeof(public_der));
if ((err = hal_rpc_pkey_load(client, session, &public_key, &public_name,
public_der, sizeof(public_der), flags)) != HAL_OK)
- lose("Could not load public key into RPC: %s\n", hal_error_string(err));
+ lose("Error loading public key: %s\n", hal_error_string(err));
if ((err = hal_rpc_pkey_verify(public_key, hal_hash_handle_none,
tc->msg.val, tc->msg.len, tc->sig.val, tc->sig.len)) != HAL_OK)
- lose("Could not verify: %s\n", hal_error_string(err));
+ lose("Error verifying: %s\n", hal_error_string(err));
if ((err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
- lose("Could not delete public key: %s\n", hal_error_string(err));
+ goto fail_out;
printf("OK\n");
return 1;
@@ -148,7 +144,8 @@ static int test_hashsig_testvec_remote(const hashsig_tc_t * const tc, hal_key_fl
fail:
if (public_key.handle != HAL_HANDLE_NONE &&
(err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
- printf("Warning: could not delete public key: %s\n", hal_error_string(err));
+ fail_out:
+ printf("Error deleting public key: %s\n", hal_error_string(err));
return 0;
}
@@ -169,36 +166,36 @@ static void hexdump(const char * const label, const uint8_t * const buf, const s
printf("\n");
}
-static inline size_t lms_type_to_h(const lms_algorithm_t lms_type)
+static inline size_t lms_type_to_h(const hal_lms_algorithm_t lms_type)
{
switch (lms_type) {
- case lms_sha256_n32_h5: return 5;
- case lms_sha256_n32_h10: return 10;
- case lms_sha256_n32_h15: return 15;
- case lms_sha256_n32_h20: return 20;
- case lms_sha256_n32_h25: return 25;
+ case HAL_LMS_SHA256_N32_H5: return 5;
+ case HAL_LMS_SHA256_N32_H10: return 10;
+ case HAL_LMS_SHA256_N32_H15: return 15;
+ case HAL_LMS_SHA256_N32_H20: return 20;
+ case HAL_LMS_SHA256_N32_H25: return 25;
default: return 0;
}
}
-static inline size_t lmots_type_to_w(const lmots_algorithm_t lmots_type)
+static inline size_t lmots_type_to_w(const hal_lmots_algorithm_t lmots_type)
{
switch (lmots_type) {
- case lmots_sha256_n32_w1: return 1;
- case lmots_sha256_n32_w2: return 2;
- case lmots_sha256_n32_w4: return 4;
- case lmots_sha256_n32_w8: return 8;
+ case HAL_LMOTS_SHA256_N32_W1: return 1;
+ case HAL_LMOTS_SHA256_N32_W2: return 2;
+ case HAL_LMOTS_SHA256_N32_W4: return 4;
+ case HAL_LMOTS_SHA256_N32_W8: return 8;
default: return 0;
}
}
-static inline size_t lmots_type_to_p(const lmots_algorithm_t lmots_type)
+static inline size_t lmots_type_to_p(const hal_lmots_algorithm_t lmots_type)
{
switch (lmots_type) {
- case lmots_sha256_n32_w1: return 265;
- case lmots_sha256_n32_w2: return 133;
- case lmots_sha256_n32_w4: return 67;
- case lmots_sha256_n32_w8: return 34;
+ case HAL_LMOTS_SHA256_N32_W1: return 265;
+ case HAL_LMOTS_SHA256_N32_W2: return 133;
+ case HAL_LMOTS_SHA256_N32_W4: return 67;
+ case HAL_LMOTS_SHA256_N32_W8: return 34;
default: return 0;
}
}
@@ -224,7 +221,7 @@ static hal_error_t dump_hss_signature(const uint8_t * const sig, const size_t le
uint32_t lmots_type;
if ((err = hal_xdr_decode_int(&sigptr, siglim, &lmots_type)) != HAL_OK) return err;
hexdump("C", sigptr, 32); sigptr += 32;
- size_t p = lmots_type_to_p((const lmots_algorithm_t)lmots_type);
+ size_t p = lmots_type_to_p((const hal_lmots_algorithm_t)lmots_type);
for (size_t j = 0; j < p; ++j) {
char label[16];
sprintf(label, "y[%lu]", j);
@@ -235,7 +232,7 @@ static hal_error_t dump_hss_signature(const uint8_t * const sig, const size_t le
hexdump("lms type", sigptr, 4);
uint32_t lms_type;
if ((err = hal_xdr_decode_int(&sigptr, siglim, &lms_type)) != HAL_OK) return err;
- size_t h = lms_type_to_h((const lms_algorithm_t)lms_type);
+ size_t h = lms_type_to_h((const hal_lms_algorithm_t)lms_type);
for (size_t j = 0; j < h; ++j) {
char label[16];
sprintf(label, "path[%lu]", j);
@@ -260,166 +257,176 @@ static hal_error_t dump_hss_signature(const uint8_t * const sig, const size_t le
return HAL_OK;
}
-static int test_hashsig_sign(const size_t L,
- const lms_algorithm_t lms_type,
- const lmots_algorithm_t lmots_type,
- size_t iterations,
- int save, int keep)
+static int test_hashsig_generate(const size_t L,
+ const hal_lms_algorithm_t lms_type,
+ const hal_lmots_algorithm_t lmots_type,
+ hal_key_flags_t flags,
+ const int keep,
+ hal_pkey_handle_t *handle)
{
const hal_client_handle_t client = {HAL_HANDLE_NONE};
const hal_session_handle_t session = {HAL_HANDLE_NONE};
hal_pkey_handle_t private_key = {HAL_HANDLE_NONE};
- hal_pkey_handle_t public_key = {HAL_HANDLE_NONE};
hal_error_t err;
- size_t len;
-
- {
- char save_name[16];
- if (save) {
- sprintf(save_name, "L%d.lms%d.ots%d", (int)L, (int)lms_type, (int)lmots_type);
- FILE *fp;
- if ((fp = fopen(save_name, "wb")) == NULL)
- lose("Error opening %s: %s\n", save_name, strerror(errno));
- size_t len1;
- if ((len1 = fwrite(tc1_msg, 1, sizeof(tc1_msg), fp)) != sizeof(tc1_msg))
- lose("Wrote %lu bytes to %s, expected %lu\n", len1, save_name, sizeof(tc1_msg));
- if (fclose(fp) != 0)
- lose("Error closing %s: %s\n", save_name, strerror(errno));
- }
+ hal_uuid_t private_name;
+ struct timeval tv_start, tv_end, tv_diff;
+
+ if (info) {
+ printf("Info: signature length %lu, lmots private key length %lu\n",
+ hal_hashsig_signature_len(L, lms_type, lmots_type),
+ hal_hashsig_lmots_private_key_len(lmots_type));
+ gettimeofday(&tv_start, NULL);
+ }
- hal_key_flags_t flags = HAL_KEY_FLAG_USAGE_DIGITALSIGNATURE | HAL_KEY_FLAG_TOKEN;
-
- printf("Starting hashsig key test: L %lu, lms type %u (h=%lu), lmots type %u (w=%lu)\n",
- L, lms_type, lms_type_to_h(lms_type), lmots_type, lmots_type_to_w(lmots_type));
-
- if (info)
- printf("Info: signature length %lu, lmots private key length %lu\n",
- hal_hashsig_signature_len(L, lms_type, lmots_type),
- hal_hashsig_lmots_private_key_len(lmots_type));
-
- hal_uuid_t private_name, public_name;
- struct timeval tv_start, tv_end, tv_diff;
-
- size_t h = lms_type_to_h(lms_type);
-
- if (info)
- gettimeofday(&tv_start, NULL);
- if ((err = hal_rpc_pkey_generate_hashsig(client, session, &private_key, &private_name,
- L, lms_type, lmots_type, flags)) != HAL_OK)
- lose("Could not generate hashsig private key: %s\n", hal_error_string(err));
- if (info) {
- gettimeofday(&tv_end, NULL);
- timersub(&tv_end, &tv_start, &tv_diff);
- long per_key = (tv_diff.tv_sec * 1000000 + tv_diff.tv_usec) / (L * (1 << h));
- printf("Info: %ldm%ld.%03lds to generate key (%ld.%03lds per lmots key)\n",
- tv_diff.tv_sec / 60, tv_diff.tv_sec % 60, tv_diff.tv_usec / 1000,
- per_key / 1000000, (per_key % 1000000) / 1000);
- }
+ if ((err = hal_rpc_pkey_generate_hashsig(client, session, &private_key, &private_name,
+ L, lms_type, lmots_type, flags)) != HAL_OK)
+ lose("Error generating private key: %s\n", hal_error_string(err));
+
+ if (info) {
+ gettimeofday(&tv_end, NULL);
+ timersub(&tv_end, &tv_start, &tv_diff);
+ long per_key = (tv_diff.tv_sec * 1000000 + tv_diff.tv_usec) / (L * (1 << lms_type_to_h(lms_type)));
+ printf("Info: %ldm%ld.%03lds to generate key (%ld.%03lds per lmots key)\n",
+ (long)tv_diff.tv_sec / 60, (long)tv_diff.tv_sec % 60, (long)tv_diff.tv_usec / 1000,
+ (long)per_key / 1000000, ((long)per_key % 1000000) / 1000);
+ }
- uint8_t public_der[hal_rpc_pkey_get_public_key_len(private_key)];
+ if (keep) {
+ char name_str[HAL_UUID_TEXT_SIZE];
+ if ((err = hal_uuid_format(&private_name, name_str, sizeof(name_str))) != HAL_OK)
+ lose("Error formatting private key name: %s\n", hal_error_string(err));
+ printf("Private key name: %s\n", name_str);
+ }
- if ((err = hal_rpc_pkey_get_public_key(private_key, public_der, &len, sizeof(public_der))) != HAL_OK)
- lose("Could not DER encode public key from private key: %s\n", hal_error_string(err));
+ *handle = private_key;
+ printf("OK\n");
+ return 1;
- assert(len == sizeof(public_der));
+fail:
+ if (private_key.handle != HAL_HANDLE_NONE &&
+ (err = hal_rpc_pkey_delete(private_key)) != HAL_OK)
+ printf("Error deleting private key: %s\n", hal_error_string(err));
- if ((err = hal_rpc_pkey_load(client, session, &public_key, &public_name,
- public_der, sizeof(public_der), flags)) != HAL_OK)
- lose("Could not load public key into RPC: %s\n", hal_error_string(err));
+ handle->handle = HAL_HANDLE_NONE;
+ return 0;
+}
- if (save) {
- char fn[strlen(save_name) + 5];
- sprintf(fn, "%s.pub", save_name);
- FILE *fp;
- if ((fp = fopen(fn, "wb")) == NULL)
- lose("Error opening %s: %s\n", fn, strerror(errno));
- uint8_t pub[60];
- if ((err = hal_hashsig_public_key_der_to_xdr(public_der, sizeof(public_der), pub, &len, sizeof(pub))) != HAL_OK)
- lose("Could not XDR encode public key: %s\n", hal_error_string(err));
- size_t len1;
- if ((len1 = fwrite(pub, 1, len, fp)) != len)
- lose("Wrote %lu bytes to %s, expected %lu\n", len1, fn, len);
- if (fclose(fp) != 0)
- lose("Error closing %s: %s\n", fn, strerror(errno));
+static int test_hashsig_sign(const hal_pkey_handle_t private_key,
+ const uint8_t * const msg, const size_t msg_len,
+ const size_t iterations,
+ const char * const save_name,
+ uint8_t *sig, size_t *sig_len, const size_t sig_max)
+{
+ hal_error_t err;
+ struct timeval tv_start, tv_end, tv_diff;
+ int i;
+
+ if (info)
+ gettimeofday(&tv_start, NULL);
+
+ for (i = 0; i < iterations; ++i) {
+ if ((err = hal_rpc_pkey_sign(private_key, hal_hash_handle_none,
+ msg, msg_len,
+ sig, sig_len, sig_max)) != HAL_OK) {
+ if (i > 0 && err == HAL_ERROR_HASHSIG_KEY_EXHAUSTED)
+ break;
+ else
+ lose("Error signing (%d): %s\n", i, hal_error_string(err));
}
+ }
- if (iterations > 0) {
- uint8_t sig[hal_hashsig_signature_len(L, lms_type, lmots_type)];
-
- if (info)
- gettimeofday(&tv_start, NULL);
- int i;
- for (i = 0; i < iterations; ++i) {
- if ((err = hal_rpc_pkey_sign(private_key, hal_hash_handle_none,
- tc1_msg, sizeof(tc1_msg), sig, &len, sizeof(sig))) == HAL_OK) {
- assert(len == sizeof(sig));
- if (debug) {
- printf("Debug: received signature:\n");
- dump_hss_signature(sig, len);
- }
- }
- else {
- if (i == (1 << (L * h)) && err == HAL_ERROR_HASHSIG_KEY_EXHAUSTED)
- break;
- else
- lose("Could not sign (%d): %s\n", i, hal_error_string(err));
- }
- if (save) {
- char fn[strlen(save_name) + 16];
- sprintf(fn, "%s.%d.sig", save_name, i);
- FILE *fp;
- if ((fp = fopen(fn, "wb")) == NULL)
- lose("Error opening %s: %s\n", fn, strerror(errno));
- size_t len1;
- if ((len1 = fwrite(sig, 1, len, fp)) != len)
- lose("Wrote %lu bytes to %s, expected %lu\n", len1, fn, len);
- if (fclose(fp) != 0)
- lose("Error closing %s: %s\n", fn, strerror(errno));
- }
- }
- if (info) {
- gettimeofday(&tv_end, NULL);
- timersub(&tv_end, &tv_start, &tv_diff);
- long per_sig = (tv_diff.tv_sec * 1000000 + tv_diff.tv_usec) / i;
- printf("Info: %ldm%ld.%03lds to generate %d signatures (%ld.%03lds per signature)\n",
- tv_diff.tv_sec / 60, tv_diff.tv_sec % 60, tv_diff.tv_usec / 1000, i,
- per_sig / 1000000, (per_sig % 1000000) / 1000);
- }
+ if (info) {
+ gettimeofday(&tv_end, NULL);
+ timersub(&tv_end, &tv_start, &tv_diff);
+ long per_sig = (tv_diff.tv_sec * 1000000 + tv_diff.tv_usec) / i;
+ printf("Info: %ldm%ld.%03lds to generate %d signatures (%ld.%03lds per signature)\n",
+ (long)tv_diff.tv_sec / 60, (long)tv_diff.tv_sec % 60, (long)tv_diff.tv_usec / 1000, i,
+ (long)per_sig / 1000000, ((long)per_sig % 1000000) / 1000);
+ }
- if (info)
- gettimeofday(&tv_start, NULL);
- if ((err = hal_rpc_pkey_verify(public_key, hal_hash_handle_none,
- tc1_msg, sizeof(tc1_msg), sig, len)) != HAL_OK)
- lose("Could not verify: %s\n", hal_error_string(err));
- if (info) {
- gettimeofday(&tv_end, NULL);
- timersub(&tv_end, &tv_start, &tv_diff);
- printf("Info: %ldm%ld.%03lds to verify 1 signature\n",
- tv_diff.tv_sec / 60, tv_diff.tv_sec % 60, tv_diff.tv_usec / 1000);
- }
- }
+ if (*save_name) {
+ /* save the signature for interop verification */
+ char fn[strlen(save_name) + 5];
+ sprintf(fn, "%s.sig", save_name);
+ FILE *fp;
+ if ((fp = fopen(fn, "wb")) == NULL)
+ lose("Error opening %s: %s\n", fn, strerror(errno));
+ size_t len;
+ if ((len = fwrite(sig, 1, *sig_len, fp)) != *sig_len)
+ lose("Error: wrote %lu bytes to %s, expected %lu\n", len, fn, *sig_len);
+ if (fclose(fp) != 0)
+ lose("Error closing %s: %s\n", fn, strerror(errno));
+ }
- if (!keep) {
- if ((err = hal_rpc_pkey_delete(private_key)) != HAL_OK)
- lose("Could not delete private key: %s\n", hal_error_string(err));
- }
+ printf("OK\n");
+ return 1;
- if ((err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
- lose("Could not delete public key: %s\n", hal_error_string(err));
+fail:
+ return 0;
+}
- printf("OK\n");
- return 1;
+static int test_hashsig_verify(const hal_pkey_handle_t private_key,
+ const uint8_t * const msg, const size_t msg_len,
+ const char * const save_name,
+ uint8_t *sig, size_t sig_len)
+{
+ const hal_client_handle_t client = {HAL_HANDLE_NONE};
+ const hal_session_handle_t session = {HAL_HANDLE_NONE};
+ hal_error_t err;
+
+ hal_pkey_handle_t public_key = {HAL_HANDLE_NONE};
+ hal_uuid_t public_name;
+ uint8_t public_der[hal_rpc_pkey_get_public_key_len(private_key)];
+ size_t der_len;
+
+ if ((err = hal_rpc_pkey_get_public_key(private_key, public_der, &der_len, sizeof(public_der))) != HAL_OK)
+ lose("Error DER encoding public key from private key: %s\n", hal_error_string(err));
+ assert(der_len == sizeof(public_der));
+
+ if ((err = hal_rpc_pkey_load(client, session, &public_key, &public_name,
+ public_der, sizeof(public_der), HAL_KEY_FLAG_USAGE_DIGITALSIGNATURE)) != HAL_OK)
+ lose("Error loading public key: %s\n", hal_error_string(err));
+
+ if (*save_name) {
+ /* save the public key for interop verification */
+ char fn[strlen(save_name) + 5];
+ sprintf(fn, "%s.pub", save_name);
+ FILE *fp;
+ if ((fp = fopen(fn, "wb")) == NULL)
+ lose("Error opening %s: %s\n", fn, strerror(errno));
+ uint8_t pub[60];
+ size_t xdr_len;
+ if ((err = hal_hashsig_public_key_der_to_xdr(public_der, sizeof(public_der), pub, &xdr_len, sizeof(pub))) != HAL_OK)
+ lose("Error XDR encoding public key: %s\n", hal_error_string(err));
+ size_t write_len;
+ if ((write_len = fwrite(pub, 1, xdr_len, fp)) != xdr_len)
+ lose("Wrote %lu bytes to %s, expected %lu\n", write_len, fn, xdr_len);
+ if (fclose(fp) != 0)
+ lose("Error closing %s: %s\n", fn, strerror(errno));
}
-fail:
- if (private_key.handle != HAL_HANDLE_NONE &&
- (err = hal_rpc_pkey_delete(private_key)) != HAL_OK)
- printf("Warning: could not delete private key: %s\n", hal_error_string(err));
+ struct timeval tv_start, tv_end, tv_diff;
+ if (info)
+ gettimeofday(&tv_start, NULL);
- if (public_key.handle != HAL_HANDLE_NONE &&
- (err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
- printf("Warning: could not delete public key: %s\n", hal_error_string(err));
+ if ((err = hal_rpc_pkey_verify(public_key, hal_hash_handle_none,
+ msg, msg_len, sig, sig_len)) != HAL_OK)
+ lose("Error verifying: %s\n", hal_error_string(err));
+
+ if (info) {
+ gettimeofday(&tv_end, NULL);
+ timersub(&tv_end, &tv_start, &tv_diff);
+ printf("Info: %ldm%ld.%03lds to verify 1 signature\n",
+ (long)tv_diff.tv_sec / 60, (long)tv_diff.tv_sec % 60, (long)tv_diff.tv_usec / 1000);
+ }
+ if ((err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
+ lose("Error deleting public key: %s\n", hal_error_string(err));
+
+ printf("OK\n");
+ return 1;
+
+fail:
return 0;
}
@@ -437,7 +444,7 @@ static int read_sig(char *fn)
uint8_t sig[statbuf.st_size];
size_t len;
if ((len = fread(sig, 1, sizeof(sig), fp)) != sizeof(sig))
- lose("Read %lu bytes from %s, expected %lu\n", len, fn, sizeof(sig));
+ lose("Error: read %lu bytes from %s, expected %lu\n", len, fn, sizeof(sig));
if (fclose(fp) != 0)
lose("Error closing %s: %s\n", fn, strerror(errno));
@@ -455,21 +462,24 @@ fail:
int main(int argc, char *argv[])
{
const hal_client_handle_t client = {HAL_HANDLE_NONE};
+ const hal_session_handle_t session = {HAL_HANDLE_NONE};
char *pin = "fnord";
- int do_default = 1;
int do_testvec = 0;
- size_t iterations = 1;
+ size_t iterations = 0;
size_t L_lo = 0, L_hi = 0;
size_t lms_lo = 5, lms_hi = 0;
size_t lmots_lo = 3, lmots_hi = 0;
- int save = 0, keep = 0;
+ int save = 0, keep = 0, verify = 0;
+ char *name = NULL;
+ hal_key_flags_t flags = HAL_KEY_FLAG_USAGE_DIGITALSIGNATURE | HAL_KEY_FLAG_TOKEN;
char *p;
hal_error_t err;
int ok = 1;
+ uint8_t *msg = tc1_msg;
+ size_t msg_len = sizeof(tc1_msg);
char usage[] = "\
-Usage: %s [-d] [-i] [-p pin] [-t] [-L n] [-l n] [-o n] [-n n] [-s] [-r file]\n\
- -d: enable debugging - hexdump signatures\n\
+Usage: %s [-i] [-p pin] [-t] [-L #] [-l #] [-o #] [-n #] [-s] [-r file] [-m file] [-x] [-v]\n\
-i: enable informational messages - runtimes and signature lengths\n\
-p: user PIN\n\
-t: verify test vectors\n\
@@ -477,23 +487,23 @@ Usage: %s [-d] [-i] [-p pin] [-t] [-L n] [-l n] [-o n] [-n n] [-s] [-r file]\n\
-l: LMS type (5..9)\n\
-o: LM-OTS type (1..4)\n\
-n: number of signatures to generate (0..'max')\n\
- -s: save generated public key and signatures\n\
-k: keep (don't delete) the generated keys on the hsm\n\
+ -K: use named key for signing (don't generate)\n\
+ -s: save generated public key and signatures for interop verification\n\
-r: read and pretty-print a saved signature file\n\
+ -m: use file as message to be signed\n\
+ -x: mark key as exportable\n\
+ -v: verify generated signature\n\
Numeric arguments can be a single number or a range, e.g. '1..4'\n";
int opt;
- while ((opt = getopt(argc, argv, "ditp:L:l:o:n:skr:h?")) != -1) {
+ while ((opt = getopt(argc, argv, "itp:L:l:o:n:skK:r:xvm:h?")) != -1) {
switch (opt) {
- case 'd':
- debug = 1;
- break;
case 'i':
info = 1;
break;
case 't':
do_testvec = 1;
- do_default = 0;
break;
case 'p':
pin = optarg;
@@ -503,28 +513,24 @@ Numeric arguments can be a single number or a range, e.g. '1..4'\n";
iterations = (size_t)-1;
else
iterations = (size_t)atoi(optarg);
- do_default = 0;
break;
case 'L':
if ((p = strtok(optarg, ".")) != NULL)
L_lo = (size_t)atoi(p);
if ((p = strtok(NULL, ".")) != NULL)
L_hi = (size_t)atoi(p);
- do_default = 0;
break;
case 'l':
if ((p = strtok(optarg, ".")) != NULL)
lms_lo = (size_t)atoi(p);
if ((p = strtok(NULL, ".")) != NULL)
lms_hi = (size_t)atoi(p);
- do_default = 0;
break;
case 'o':
if ((p = strtok(optarg, ".")) != NULL)
lmots_lo = (size_t)atoi(p);
if ((p = strtok(NULL, ".")) != NULL)
lmots_hi = (size_t)atoi(p);
- do_default = 0;
break;
case's':
save = 1;
@@ -532,34 +538,57 @@ Numeric arguments can be a single number or a range, e.g. '1..4'\n";
case 'k':
keep = 1;
break;
+ case 'K':
+ name = optarg;
+ break;
case 'r':
ok &= read_sig(optarg);
- do_default = 0;
break;
+ case 'x':
+ flags |= HAL_KEY_FLAG_EXPORTABLE;
+ break;
+ case 'v':
+ verify = 1;
+ if (iterations == 0)
+ iterations = 1;
+ break;
+ case 'm':
+ {
+ FILE *fp;
+ struct stat statbuf;
+ if (stat(optarg, &statbuf) != 0)
+ lose("Error statting %s: %s\n", optarg, strerror(errno));
+ msg_len = statbuf.st_size;
+ if ((msg = malloc(msg_len)) == NULL)
+ lose("Error allocating message buffer: %s\n", strerror(errno));
+ if ((fp = fopen(optarg, "rb")) == NULL)
+ lose("Error opening %s: %s\n", optarg, strerror(errno));
+ size_t len;
+ if ((len = fread(msg, 1, msg_len, fp)) != msg_len)
+ lose("Error: read %lu bytes from %s, expected %lu\n", len, optarg, msg_len);
+ if (fclose(fp) != 0)
+ lose("Error closing %s: %s\n", optarg, strerror(errno));
+ break;
+ }
case 'h':
case '?':
fprintf(stdout, usage, argv[0]);
- exit(EXIT_SUCCESS);
+ return EXIT_SUCCESS;
default:
fprintf(stderr, usage, argv[0]);
- exit(EXIT_FAILURE);
+ return EXIT_FAILURE;
}
}
- if (do_default) {
- do_testvec = 1;
- L_lo = 1;
- }
-
if (L_hi < L_lo) L_hi = L_lo;
if (lms_hi < lms_lo) lms_hi = lms_lo;
if (lmots_hi < lmots_lo) lmots_hi = lmots_lo;
if ((err = hal_rpc_client_init()) != HAL_OK)
- printf("Warning: Trouble initializing RPC client: %s\n", hal_error_string(err));
+ lose("Error initializing RPC client: %s\n", hal_error_string(err));
if ((err = hal_rpc_login(client, HAL_USER_NORMAL, pin, strlen(pin))) != HAL_OK)
- printf("Warning: Trouble logging into HSM: %s\n", hal_error_string(err));
+ lose("Error logging into HSM: %s\n", hal_error_string(err));
if (do_testvec) {
for (int i = 0; i < (sizeof(hashsig_tc)/sizeof(*hashsig_tc)); i++)
@@ -574,21 +603,88 @@ Numeric arguments can be a single number or a range, e.g. '1..4'\n";
/* A single test would be of the form '-L 2 -l 5 -o 3 -n 1' */
/* A range test of just keygen would be of the form '-o 1..4 -n 0' */
/* A test to key exhaustion would be of the form '-n max' */
- if (L_lo > 0) {
- for (size_t L = L_lo; L <= L_hi; ++L) {
- for (lms_algorithm_t lms_type = lms_lo; lms_type <= lms_hi; ++lms_type) {
- for (lmots_algorithm_t lmots_type = lmots_lo; lmots_type <= lmots_hi; ++lmots_type) {
- ok &= test_hashsig_sign(L, lms_type, lmots_type, iterations, save, keep);
+
+ if (name != NULL) {
+ hal_uuid_t uuid;
+ hal_pkey_handle_t private_key = {HAL_HANDLE_NONE};
+
+ if ((err = hal_uuid_parse(&uuid, name)) != HAL_OK)
+ lose("Error parsing private key name: %s\n", hal_error_string(err));
+
+ else if ((err = hal_rpc_pkey_open(client, session, &private_key, &uuid)) != HAL_OK)
+ lose("Error opening private key: %s\n", hal_error_string(err));
+
+ if (save) {
+ /* save the message for interop verification */
+ FILE *fp;
+ if ((fp = fopen(name, "wb")) == NULL)
+ lose("Error opening %s: %s\n", name, strerror(errno));
+ size_t write_len;
+ if ((write_len = fwrite(msg, 1, msg_len, fp)) != msg_len)
+ lose("Error: wrote %lu bytes to %s, expected %lu\n", write_len, name, msg_len);
+ if (fclose(fp) != 0)
+ lose("Error closing %s: %s\n", name, strerror(errno));
+ }
+
+ uint8_t sig[16000];
+ size_t sig_len;
+ if (iterations > 0)
+ ok &= test_hashsig_sign(private_key, msg, msg_len, iterations,
+ save ? name : "", sig, &sig_len, sizeof(sig));
+
+ if (ok && verify)
+ ok &= test_hashsig_verify(private_key, msg, msg_len, save ? name : "", sig, sig_len);
+
+ /* implicitly keep the key */
+ }
+
+ else {
+ if (L_lo) {
+ for (size_t L = L_lo; L <= L_hi; ++L) {
+ for (hal_lms_algorithm_t lms_type = lms_lo; lms_type <= lms_hi; ++lms_type) {
+ for (hal_lmots_algorithm_t lmots_type = lmots_lo; lmots_type <= lmots_hi; ++lmots_type) {
+ printf("Starting hashsig key test: L %lu, lms type %u (h=%lu), lmots type %u (w=%lu)\n",
+ L, lms_type, lms_type_to_h(lms_type), lmots_type, lmots_type_to_w(lmots_type));
+
+ char save_name[16] = "";
+ if (save) {
+ /* save the message for interop verification */
+ sprintf(save_name, "L%d.lms%d.ots%d", (int)L, (int)lms_type, (int)lmots_type);
+ FILE *fp;
+ if ((fp = fopen(save_name, "wb")) == NULL)
+ lose("Error opening %s: %s\n", save_name, strerror(errno));
+ size_t write_len;
+ if ((write_len = fwrite(msg, 1, msg_len, fp)) != msg_len)
+ lose("Error: wrote %lu bytes to %s, expected %lu\n", write_len, save_name, msg_len);
+ if (fclose(fp) != 0)
+ lose("Error closing %s: %s\n", save_name, strerror(errno));
+ }
+
+ hal_pkey_handle_t private_key = {HAL_HANDLE_NONE};
+ ok &= test_hashsig_generate(L, lms_type, lmots_type, flags, keep, &private_key);
+
+ uint8_t sig[hal_hashsig_signature_len(L, lms_type, lmots_type)];
+ size_t sig_len;
+ if (ok && iterations > 0)
+ ok &= test_hashsig_sign(private_key, msg, msg_len, iterations, save_name, sig, &sig_len, sizeof(sig));
+
+ if (ok && verify)
+ ok &= test_hashsig_verify(private_key, msg, msg_len, save_name, sig, sig_len);
+
+ if (!keep && ((err = hal_rpc_pkey_delete(private_key)) != HAL_OK))
+ lose("Error deleting private key: %s\n", hal_error_string(err));
+ }
}
}
}
}
if ((err = hal_rpc_logout(client)) != HAL_OK)
- printf("Warning: Trouble logging out of HSM: %s\n", hal_error_string(err));
+ lose("Error logging out of HSM: %s\n", hal_error_string(err));
if ((err = hal_rpc_client_close()) != HAL_OK)
- printf("Warning: Trouble shutting down RPC client: %s\n", hal_error_string(err));
+ lose("Error shutting down RPC client: %s\n", hal_error_string(err));
+fail:
return !ok;
}
diff --git a/tests/test-xdr.c b/tests/test-xdr.c
index eedf48d..f084e01 100644
--- a/tests/test-xdr.c
+++ b/tests/test-xdr.c
@@ -95,8 +95,8 @@ int main(int argc, char *argv[])
printf("\nhal_xdr_decode_variable_opaque:\n");
readptr = buf;
while (readptr < bufptr) {
- size_t len = bufptr - readptr;
- if ((ret = hal_xdr_decode_variable_opaque(&readptr, limit, readbuf, &len)) != HAL_OK) {
+ size_t len;
+ if ((ret = hal_xdr_decode_variable_opaque(&readptr, limit, readbuf, &len, bufptr - readptr)) != HAL_OK) {
printf("%s\n", hal_error_string(ret));
break;
}