From bbb6e1e88b171a1f29d16e1721d8443dbb91db10 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Tue, 22 Dec 2015 21:44:27 -0500 Subject: Test code for ASN.1 public key functions. --- .gitignore | 1 + tests/.gitignore | 1 - tests/test-ecdsa.c | 53 ++++++++++++++++++-- tests/test-rsa.c | 145 +++++++++++++++++++++++++++-------------------------- 4 files changed, 124 insertions(+), 76 deletions(-) delete mode 100644 tests/.gitignore diff --git a/.gitignore b/.gitignore index 32df1cd..670e1d2 100644 --- a/.gitignore +++ b/.gitignore @@ -8,6 +8,7 @@ config.status tests/test-aes-key-wrap tests/test-bus tests/test-ecdsa +tests/test-ecdsa-*.der tests/test-hash tests/test-pbkdf2 tests/test-rsa diff --git a/tests/.gitignore b/tests/.gitignore deleted file mode 100644 index 0e3ba34..0000000 --- a/tests/.gitignore +++ /dev/null @@ -1 +0,0 @@ -test-aes-key-wrap diff --git a/tests/test-ecdsa.c b/tests/test-ecdsa.c index 7201648..bdcfca6 100644 --- a/tests/test-ecdsa.c +++ b/tests/test-ecdsa.c @@ -49,6 +49,7 @@ #include #include #include +#include #include @@ -103,7 +104,9 @@ static void set_next_random(const uint8_t * const data, const size_t length) static int test_against_static_vectors(const ecdsa_tc_t * const tc) { + char fn[sizeof("test-ecdsa-private-key-xxxxxx.der")]; hal_error_t err; + FILE *f; printf("Starting static test vector tests for P-%lu\n", (unsigned long) (tc->d_len * 8)); @@ -130,16 +133,30 @@ static int test_against_static_vectors(const ecdsa_tc_t * const tc) if (hal_ecdsa_private_key_to_der_len(key1) != tc->key_len) return printf("DER Key length mismatch\n"), 0; - uint8_t keyder[tc->key_len]; - size_t keyder_len; + uint8_t der[tc->key_len]; + size_t der_len; - if ((err = hal_ecdsa_private_key_to_der(key1, keyder, &keyder_len, sizeof(keyder))) != HAL_OK) + err = hal_ecdsa_private_key_to_der(key1, der, &der_len, sizeof(der)); + + snprintf(fn, sizeof(fn), "test-ecdsa-private-key-p%u.der", (unsigned) tc->d_len * 8); + + if ((f = fopen(fn, "wb")) == NULL) + return printf("Couldn't open %s: %s\n", fn, strerror(errno)), 0; + + if (fwrite(der, der_len, 1, f) != 1) + return printf("Length mismatch writing %s\n", fn), 0; + + if (fclose(f) == EOF) + return printf("Couldn't close %s: %s\n", fn, strerror(errno)), 0; + + /* Deferred error from hal_ecdsa_private_key_to_der() */ + if (err != HAL_OK) return printf("hal_ecdsa_private_key_to_der() failed: %s\n", hal_error_string(err)), 0; uint8_t keybuf2[hal_ecdsa_key_t_size]; hal_ecdsa_key_t *key2 = NULL; - if ((err = hal_ecdsa_private_key_from_der(&key2, keybuf2, sizeof(keybuf2), keyder, keyder_len)) != HAL_OK) + if ((err = hal_ecdsa_private_key_from_der(&key2, keybuf2, sizeof(keybuf2), der, der_len)) != HAL_OK) return printf("hal_ecdsa_private_key_from_der() failed: %s\n", hal_error_string(err)), 0; if (memcmp(key1, key2, hal_ecdsa_key_t_size) != 0) @@ -192,7 +209,33 @@ static int test_against_static_vectors(const ecdsa_tc_t * const tc) return printf("hal_ecdsa_key_from_point() failed: %s\n", hal_error_string(err)), 0; if (memcmp(key1, key2, hal_ecdsa_key_t_size) != 0) - return printf("Public key mismatch after read/write cycle\n"), 0; + return printf("Public key mismatch after first read/write cycle\n"), 0; + + hal_ecdsa_key_clear(key2); + key2 = NULL; + + err = hal_ecdsa_public_key_to_der(key1, der, &der_len, sizeof(der)); + + snprintf(fn, sizeof(fn), "test-ecdsa-public-key-p%u.der", (unsigned) tc->d_len * 8); + + if ((f = fopen(fn, "wb")) == NULL) + return printf("Couldn't open %s: %s\n", fn, strerror(errno)), 0; + + if (fwrite(der, der_len, 1, f) != 1) + return printf("Length mismatch writing %s\n", fn), 0; + + if (fclose(f) == EOF) + return printf("Couldn't close %s: %s\n", fn, strerror(errno)), 0; + + /* Deferred error from hal_ecdsa_public_key_to_der() */ + if (err != HAL_OK) + return printf("hal_ecdsa_public_key_to_der() failed: %s\n", hal_error_string(err)), 0; + + if (memcmp(key1, key2, hal_ecdsa_key_t_size) != 0) + return printf("Public key mismatch after second read/write cycle\n"), 0; + + hal_ecdsa_key_clear(key1); + hal_ecdsa_key_clear(key2); return 1; } diff --git a/tests/test-rsa.c b/tests/test-rsa.c index 2872250..737387c 100644 --- a/tests/test-rsa.c +++ b/tests/test-rsa.c @@ -1,13 +1,7 @@ /* * test-rsa.c * ---------- - * First stumblings towards a test harness for RSA using Cryptech - * ModExp core. - * - * For the moment this just does modular exponentiation tests using - * RSA keys and pre-formatted data-to-be-signed, without attempting - * CRT or any of the other clever stuff we should be doing. This is - * not usable for any sane purpose other than testing. + * Test harness for RSA using Cryptech ModExp core. * * Authors: Rob Austein * Copyright (c) 2015, NORDUnet A/S @@ -67,15 +61,11 @@ static int test_modexp(const hal_core_t *core, printf("%s test for %lu-bit RSA key\n", kind, (unsigned long) tc->size); if (hal_modexp(core, msg->val, msg->len, exp->val, exp->len, - tc->n.val, tc->n.len, result, sizeof(result)) != HAL_OK) { - printf("ModExp failed\n"); - return 0; - } + tc->n.val, tc->n.len, result, sizeof(result)) != HAL_OK) + return printf("ModExp failed\n"), 0; - if (memcmp(result, val->val, val->len)) { - printf("MISMATCH\n"); - return 0; - } + if (memcmp(result, val->val, val->len)) + return printf("MISMATCH\n"), 0; return 1; } @@ -103,10 +93,8 @@ static int test_decrypt(const hal_core_t *core, tc->q.val, tc->q.len, tc->u.val, tc->u.len, tc->dP.val, tc->dP.len, - tc->dQ.val, tc->dQ.len)) != HAL_OK) { - printf("RSA CRT key load failed: %s\n", hal_error_string(err)); - return 0; - } + tc->dQ.val, tc->dQ.len)) != HAL_OK) + return printf("RSA CRT key load failed: %s\n", hal_error_string(err)), 0; uint8_t result[tc->n.len]; @@ -133,7 +121,7 @@ static int test_gen(const hal_core_t *core, { printf("%s test for %lu-bit RSA key\n", kind, (unsigned long) tc->size); - char fn[sizeof("test-rsa-key-xxxxxx.der")]; + char fn[sizeof("test-rsa-private-key-xxxxxx.der")]; uint8_t keybuf1[hal_rsa_key_t_size], keybuf2[hal_rsa_key_t_size]; hal_rsa_key_t *key1 = NULL, *key2 = NULL; hal_error_t err = HAL_OK; @@ -141,52 +129,39 @@ static int test_gen(const hal_core_t *core, const uint8_t f4[] = { 0x01, 0x00, 0x01 }; - if ((err = hal_rsa_key_gen(core, &key1, keybuf1, sizeof(keybuf1), bitsToBytes(tc->size), f4, sizeof(f4))) != HAL_OK) { - printf("RSA key generation failed: %s\n", hal_error_string(err)); - return 0; - } + if ((err = hal_rsa_key_gen(core, &key1, keybuf1, sizeof(keybuf1), bitsToBytes(tc->size), f4, sizeof(f4))) != HAL_OK) + return printf("RSA key generation failed: %s\n", hal_error_string(err)), 0; size_t der_len = 0; - if ((err = hal_rsa_private_key_to_der(key1, NULL, &der_len, 0)) != HAL_OK) { - printf("Getting DER length of RSA key failed: %s\n", hal_error_string(err)); - return 0; - } + if ((err = hal_rsa_private_key_to_der(key1, NULL, &der_len, 0)) != HAL_OK) + return printf("Getting DER length of RSA key failed: %s\n", hal_error_string(err)), 0; uint8_t der[der_len]; - if ((err = hal_rsa_private_key_to_der(key1, der, &der_len, sizeof(der))) != HAL_OK) { - printf("Converting RSA key to DER failed: %s\n", hal_error_string(err)); - return 0; - } + err = hal_rsa_private_key_to_der(key1, der, &der_len, sizeof(der)); - if ((err = hal_rsa_private_key_from_der(&key2, keybuf2, sizeof(keybuf2), der, sizeof(der))) != HAL_OK) { - printf("Converting RSA key back from DER failed: %s\n", hal_error_string(err)); - return 0; - } + snprintf(fn, sizeof(fn), "test-rsa-private-key-%04lu.der", (unsigned long) tc->size); + printf("Writing %s\n", fn); - if (memcmp(keybuf1, keybuf2, hal_rsa_key_t_size) != 0) { - printf("RSA key mismatch after conversion to and back from DER\n"); - return 0; - } + if ((f = fopen(fn, "wb")) == NULL) + return printf("Couldn't open %s: %s\n", fn, strerror(errno)), 0; - snprintf(fn, sizeof(fn), "test-rsa-key-%04lu.der", (unsigned long) tc->size); - printf("Writing %s\n", fn); + if (fwrite(der, der_len, 1, f) != 1) + return printf("Length mismatch writing %s\n", fn), 0; - if ((f = fopen(fn, "wb")) == NULL) { - printf("Couldn't open %s: %s\n", fn, strerror(errno)); - return 0; - } + if (fclose(f) == EOF) + return printf("Couldn't close %s: %s\n", fn, strerror(errno)), 0; - if (fwrite(der, der_len, 1, f) != 1) { - printf("Length mismatch writing %s\n", fn); - return 0; - } + /* Deferred error from hal_rsa_private_key_to_der() */ + if (err != HAL_OK) + return printf("Converting RSA private key to DER failed: %s\n", hal_error_string(err)), 0; - if (fclose(f) == EOF) { - printf("Couldn't close %s: %s\n", fn, strerror(errno)); - return 0; - } + if ((err = hal_rsa_private_key_from_der(&key2, keybuf2, sizeof(keybuf2), der, sizeof(der))) != HAL_OK) + return printf("Converting RSA key back from DER failed: %s\n", hal_error_string(err)), 0; + + if (memcmp(keybuf1, keybuf2, hal_rsa_key_t_size) != 0) + return printf("RSA key mismatch after conversion to and back from DER\n"), 0; uint8_t result[tc->n.len]; @@ -196,31 +171,61 @@ static int test_gen(const hal_core_t *core, snprintf(fn, sizeof(fn), "test-rsa-sig-%04lu.der", (unsigned long) tc->size); printf("Writing %s\n", fn); - if ((f = fopen(fn, "wb")) == NULL) { - printf("Couldn't open %s: %s\n", fn, strerror(errno)); - return 0; - } + if ((f = fopen(fn, "wb")) == NULL) + return printf("Couldn't open %s: %s\n", fn, strerror(errno)), 0; - if (fwrite(result, sizeof(result), 1, f) != 1) { - printf("Length mismatch writing %s key\n", fn); - return 0; - } + if (fwrite(result, sizeof(result), 1, f) != 1) + return printf("Length mismatch writing %s key\n", fn), 0; - if (fclose(f) == EOF) { - printf("Couldn't close %s: %s\n", fn, strerror(errno)); - return 0; - } + if (fclose(f) == EOF) + return printf("Couldn't close %s: %s\n", fn, strerror(errno)), 0; if (err != HAL_OK) /* Deferred failure from hal_rsa_decrypt(), above */ return 0; if ((err = hal_rsa_encrypt(core, key1, result, sizeof(result), result, sizeof(result))) != HAL_OK) - printf("RSA signature check failed: %s\n", hal_error_string(err)); + printf("First RSA signature check failed: %s\n", hal_error_string(err)); - const int mismatch = (err == HAL_OK && memcmp(result, tc->m.val, tc->m.len) != 0); + int mismatch = 0; - if (mismatch) - printf("MISMATCH\n"); + if (err == HAL_OK && memcmp(result, tc->m.val, tc->m.len) != 0) + mismatch = (printf("MISMATCH\n"), 1); + + hal_rsa_key_clear(key2); + key2 = NULL; + + err = hal_rsa_public_key_to_der(key1, der, &der_len, sizeof(der)); + + snprintf(fn, sizeof(fn), "test-rsa-public-key-%04lu.der", (unsigned long) tc->size); + printf("Writing %s\n", fn); + + if ((f = fopen(fn, "wb")) == NULL) + return printf("Couldn't open %s: %s\n", fn, strerror(errno)), 0; + + if (fwrite(der, der_len, 1, f) != 1) + return printf("Length mismatch writing %s\n", fn), 0; + + if (fclose(f) == EOF) + return printf("Couldn't close %s: %s\n", fn, strerror(errno)), 0; + + /* Deferred error from hal_rsa_public_key_to_der() */ + if (err != HAL_OK) + return printf("Converting RSA public key to DER failed: %s\n", hal_error_string(err)), 0; + + if ((err = hal_rsa_private_key_from_der(&key2, keybuf2, sizeof(keybuf2), der, sizeof(der))) != HAL_OK) + return printf("Converting RSA key back from DER failed: %s\n", hal_error_string(err)), 0; + + /* + * Can't directly compare private key with public key. We could + * extract and compare the public key components, not much point if + * the public key passes the signature verification test below. + */ + + if ((err = hal_rsa_encrypt(core, key2, result, sizeof(result), result, sizeof(result))) != HAL_OK) + return printf("Second RSA signature check failed: %s\n", hal_error_string(err)), 0; + + if (err == HAL_OK && memcmp(result, tc->m.val, tc->m.len) != 0) + mismatch = (printf("MISMATCH\n"), 1); hal_rsa_key_clear(key1); hal_rsa_key_clear(key2); -- cgit v1.2.3