ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

removed crypto tests form unit tester, all gone to test-vector plugin

This commit is contained in:
Martin Willi 2009-06-12 10:43:25 +02:00
parent 272c81134c
commit 0897ff21e7
5 changed files with 0 additions and 759 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/charon/plugins/unit_tester/Makefile.am
View File

@ -8,7 +8,6 @@ plugin_LTLIBRARIES = libstrongswan-unit-tester.la
libstrongswan_unit_tester_la_SOURCES = unit_tester.c unit_tester.h tests.h \
tests/test_enumerator.c \
tests/test_auth_info.c \
tests/test_fips_prf.c \
tests/test_curl.c \
tests/test_mysql.c \
tests/test_sqlite.c \
@ -16,11 +15,9 @@ libstrongswan_unit_tester_la_SOURCES = unit_tester.c unit_tester.h tests.h \
tests/test_rsa_gen.c \
tests/test_cert.c \
tests/test_med_db.c \
tests/test_aes.c \
tests/test_chunk.c \
tests/test_pool.c \
tests/test_agent.c \
tests/test_rng.c \
tests/test_id.c
libstrongswan_unit_tester_la_LDFLAGS = -module

4
src/charon/plugins/unit_tester/tests.h
View File

@ -24,7 +24,6 @@ DEFINE_TEST("nested enumerator", test_enumerate_nested, FALSE)
DEFINE_TEST("filtered enumerator", test_enumerate_filtered, FALSE)
DEFINE_TEST("token enumerator", test_enumerate_token, FALSE)
DEFINE_TEST("auth cfg", test_auth_cfg, FALSE)
DEFINE_TEST("FIPS PRF", fips_prf_test, FALSE)
DEFINE_TEST("CURL get", test_curl_get, FALSE)
DEFINE_TEST("MySQL operations", test_mysql, FALSE)
DEFINE_TEST("SQLite operations", test_sqlite, FALSE)
@ -33,12 +32,9 @@ DEFINE_TEST("RSA key generation", test_rsa_gen, FALSE)
DEFINE_TEST("RSA subjectPublicKeyInfo loading", test_rsa_load_any, FALSE)
DEFINE_TEST("X509 certificate", test_cert_x509, FALSE)
DEFINE_TEST("Mediation database key fetch", test_med_db, FALSE)
DEFINE_TEST("AES-128 encryption", test_aes128, FALSE)
DEFINE_TEST("AES-XCBC", test_aes_xcbc, FALSE)
DEFINE_TEST("Base64 converter", test_chunk_base64, FALSE)
DEFINE_TEST("IP pool", test_pool, FALSE)
DEFINE_TEST("SSH agent", test_agent, FALSE)
DEFINE_TEST("RNG quality", test_rng, FALSE)
DEFINE_TEST("ID parts", test_id_parts, FALSE)
/** @}*/

467
src/charon/plugins/unit_tester/tests/test_aes.c
View File

@ -1,467 +0,0 @@
/*
* Copyright (C) 2008 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#include <daemon.h>
#include <library.h>
#include <utils/mutex.h>
#include <unistd.h>
#include <sched.h>
#include <pthread.h>
/**
* run a test using given values
*/
static bool do_aes_test(u_char *key, int keysize, u_char *iv,
u_char *plain, u_char *cipher, int len)
{
crypter_t *crypter;
chunk_t enc, dec;
bool good = TRUE;
crypter = lib->crypto->create_crypter(lib->crypto, ENCR_AES_CBC, keysize);
if (!crypter)
{
return FALSE;
}
crypter->set_key(crypter, chunk_create(key, keysize));
crypter->encrypt(crypter,
chunk_create(plain, len), chunk_create(iv, 16), &enc);
if (!memeq(enc.ptr, cipher, len))
{
good = FALSE;
}
crypter->decrypt(crypter, enc, chunk_create(iv, 16), &dec);
if (!memeq(dec.ptr, plain, len))
{
good = FALSE;
}
free(enc.ptr);
free(dec.ptr);
crypter->destroy(crypter);
return good;
}
/*******************************************************************************
* AES-128 test
******************************************************************************/
bool test_aes128()
{
/*
* Test 1 of RFC3602
* Key : 0x06a9214036b8a15b512e03d534120006
* IV : 0x3dafba429d9eb430b422da802c9fac41
* Plaintext : "Single block msg"
* Ciphertext: 0xe353779c1079aeb82708942dbe77181a
*/
u_char key1[] = {
0x06,0xa9,0x21,0x40,0x36,0xb8,0xa1,0x5b,
0x51,0x2e,0x03,0xd5,0x34,0x12,0x00,0x06
};
u_char iv1[] = {
0x3d,0xaf,0xba,0x42,0x9d,0x9e,0xb4,0x30,
0xb4,0x22,0xda,0x80,0x2c,0x9f,0xac,0x41
};
u_char plain1[] = {
'S','i','n','g','l','e',' ','b','l','o','c','k',' ','m','s','g'
};
u_char cipher1[] = {
0xe3,0x53,0x77,0x9c,0x10,0x79,0xae,0xb8,
0x27,0x08,0x94,0x2d,0xbe,0x77,0x18,0x1a
};
if (!do_aes_test(key1, 16, iv1, plain1, cipher1, sizeof(plain1)))
{
return FALSE;
}
/*
* Test 2 of RFC3602
* Key : 0xc286696d887c9aa0611bbb3e2025a45a
* IV : 0x562e17996d093d28ddb3ba695a2e6f58
* Plaintext : 0x000102030405060708090a0b0c0d0e0f
* 101112131415161718191a1b1c1d1e1f
* Ciphertext: 0xd296cd94c2cccf8a3a863028b5e1dc0a
* 7586602d253cfff91b8266bea6d61ab1
*/
u_char key2[] = {
0xc2,0x86,0x69,0x6d,0x88,0x7c,0x9a,0xa0,
0x61,0x1b,0xbb,0x3e,0x20,0x25,0xa4,0x5a
};
u_char iv2[] = {
0x56,0x2e,0x17,0x99,0x6d,0x09,0x3d,0x28,
0xdd,0xb3,0xba,0x69,0x5a,0x2e,0x6f,0x58
};
u_char plain2[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,
0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,
0x18,0x19,0x1a,0x1b,0x1c,0x1d,0x1e,0x1f
};
u_char cipher2[] = {
0xd2,0x96,0xcd,0x94,0xc2,0xcc,0xcf,0x8a,
0x3a,0x86,0x30,0x28,0xb5,0xe1,0xdc,0x0a,
0x75,0x86,0x60,0x2d,0x25,0x3c,0xff,0xf9,
0x1b,0x82,0x66,0xbe,0xa6,0xd6,0x1a,0xb1
};
if (!do_aes_test(key2, 16, iv2, plain2, cipher2, sizeof(plain2)))
{
return FALSE;
}
/*
* Test 3 of RFC3603
* Key : 0x56e47a38c5598974bc46903dba290349
* IV : 0x8ce82eefbea0da3c44699ed7db51b7d9
* Plaintext : 0xa0a1a2a3a4a5a6a7a8a9aaabacadaeaf
* b0b1b2b3b4b5b6b7b8b9babbbcbdbebf
* c0c1c2c3c4c5c6c7c8c9cacbcccdcecf
* d0d1d2d3d4d5d6d7d8d9dadbdcdddedf
* Ciphertext: 0xc30e32ffedc0774e6aff6af0869f71aa
* 0f3af07a9a31a9c684db207eb0ef8e4e
* 35907aa632c3ffdf868bb7b29d3d46ad
* 83ce9f9a102ee99d49a53e87f4c3da55
*/
u_char key3[] = {
0x56,0xe4,0x7a,0x38,0xc5,0x59,0x89,0x74,
0xbc,0x46,0x90,0x3d,0xba,0x29,0x03,0x49
};
u_char iv3[] = {
0x8c,0xe8,0x2e,0xef,0xbe,0xa0,0xda,0x3c,
0x44,0x69,0x9e,0xd7,0xdb,0x51,0xb7,0xd9
};
u_char plain3[] = {
0xa0,0xa1,0xa2,0xa3,0xa4,0xa5,0xa6,0xa7,
0xa8,0xa9,0xaa,0xab,0xac,0xad,0xae,0xaf,
0xb0,0xb1,0xb2,0xb3,0xb4,0xb5,0xb6,0xb7,
0xb8,0xb9,0xba,0xbb,0xbc,0xbd,0xbe,0xbf,
0xc0,0xc1,0xc2,0xc3,0xc4,0xc5,0xc6,0xc7,
0xc8,0xc9,0xca,0xcb,0xcc,0xcd,0xce,0xcf,
0xd0,0xd1,0xd2,0xd3,0xd4,0xd5,0xd6,0xd7,
0xd8,0xd9,0xda,0xdb,0xdc,0xdd,0xde,0xdf
};
u_char cipher3[] = {
0xc3,0x0e,0x32,0xff,0xed,0xc0,0x77,0x4e,
0x6a,0xff,0x6a,0xf0,0x86,0x9f,0x71,0xaa,
0x0f,0x3a,0xf0,0x7a,0x9a,0x31,0xa9,0xc6,
0x84,0xdb,0x20,0x7e,0xb0,0xef,0x8e,0x4e,
0x35,0x90,0x7a,0xa6,0x32,0xc3,0xff,0xdf,
0x86,0x8b,0xb7,0xb2,0x9d,0x3d,0x46,0xad,
0x83,0xce,0x9f,0x9a,0x10,0x2e,0xe9,0x9d,
0x49,0xa5,0x3e,0x87,0xf4,0xc3,0xda,0x55
};
if (!do_aes_test(key3, 16, iv3, plain3, cipher3, sizeof(plain3)))
{
return FALSE;
}
return TRUE;
}
/**
* run a single xcbc test for prf and signer
*/
static bool do_xcbc_test(u_int8_t *key, size_t keylen, u_int8_t *mac,
u_int8_t *plain, size_t len)
{
signer_t *signer;
prf_t *prf;
u_int8_t res[16];
prf = lib->crypto->create_prf(lib->crypto, PRF_AES128_XCBC);
if (!prf)
{
return FALSE;
}
prf->set_key(prf, chunk_create(key, keylen));
prf->get_bytes(prf, chunk_create(plain, len), res);
if (!memeq(res, mac, 16))
{
DBG1(DBG_CFG, "expected %b\ngot %b", mac, 16, res, 16);
prf->destroy(prf);
return FALSE;
}
prf->destroy(prf);
signer = lib->crypto->create_signer(lib->crypto, AUTH_AES_XCBC_96);
if (!signer)
{
return FALSE;
}
signer->set_key(signer, chunk_create(key, keylen));
if (!signer->verify_signature(signer, chunk_create(plain, len),
chunk_create(mac, 12)))
{
return FALSE;
}
signer->destroy(signer);
return TRUE;
}
/*******************************************************************************
* AES_XCBC mac test
******************************************************************************/
bool test_aes_xcbc()
{
/* Vectors from RFC 3566 */
/* Test Case #1 : AES-XCBC-MAC-96 with 0-byte input
* Key (K) : 000102030405060708090a0b0c0d0e0f
* Message (M) : <empty string>
* AES-XCBC-MAC : 75f0251d528ac01c4573dfd584d79f29
* AES-XCBC-MAC-96: 75f0251d528ac01c4573dfd5
*/
u_char key1[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f
};
u_char plain1[] = {
};
u_char mac1[] = {
0x75,0xf0,0x25,0x1d,0x52,0x8a,0xc0,0x1c,
0x45,0x73,0xdf,0xd5,0x84,0xd7,0x9f,0x29
};
if (!do_xcbc_test(key1, 16, mac1, plain1, sizeof(plain1)))
{
return FALSE;
}
/*
* Test Case #2 : AES-XCBC-MAC-96 with 3-byte input
* Key (K) : 000102030405060708090a0b0c0d0e0f
* Message (M) : 000102
* AES-XCBC-MAC : 5b376580ae2f19afe7219ceef172756f
* AES-XCBC-MAC-96: 5b376580ae2f19afe7219cee
*/
u_char key2[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f
};
u_char plain2[] = {
0x00,0x01,0x02
};
u_char mac2[] = {
0x5b,0x37,0x65,0x80,0xae,0x2f,0x19,0xaf,
0xe7,0x21,0x9c,0xee,0xf1,0x72,0x75,0x6f
};
if (!do_xcbc_test(key2, 16, mac2, plain2, sizeof(plain2)))
{
return FALSE;
}
/* Test Case #3 : AES-XCBC-MAC-96 with 16-byte input
* Key (K) : 000102030405060708090a0b0c0d0e0f
* Message (M) : 000102030405060708090a0b0c0d0e0f
* AES-XCBC-MAC : d2a246fa349b68a79998a4394ff7a263
* AES-XCBC-MAC-96: d2a246fa349b68a79998a439
*/
u_char key3[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f
};
u_char plain3[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f
};
u_char mac3[] = {
0xd2,0xa2,0x46,0xfa,0x34,0x9b,0x68,0xa7,
0x99,0x98,0xa4,0x39,0x4f,0xf7,0xa2,0x63
};
if (!do_xcbc_test(key3, 16, mac3, plain3, sizeof(plain3)))
{
return FALSE;
}
/* Test Case #4 : AES-XCBC-MAC-96 with 20-byte input
* Key (K) : 000102030405060708090a0b0c0d0e0f
* Message (M) : 000102030405060708090a0b0c0d0e0f10111213
* AES-XCBC-MAC : 47f51b4564966215b8985c63055ed308
* AES-XCBC-MAC-96: 47f51b4564966215b8985c63
*/
u_char key4[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f
};
u_char plain4[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,
0x10,0x11,0x12,0x13
};
u_char mac4[] = {
0x47,0xf5,0x1b,0x45,0x64,0x96,0x62,0x15,
0xb8,0x98,0x5c,0x63,0x05,0x5e,0xd3,0x08
};
if (!do_xcbc_test(key4, 16, mac4, plain4, sizeof(plain4)))
{
return FALSE;
}
/* Test Case #5 : AES-XCBC-MAC-96 with 32-byte input
* Key (K) : 000102030405060708090a0b0c0d0e0f
* Message (M) : 000102030405060708090a0b0c0d0e0f10111213141516171819
* 1a1b1c1d1e1f
* AES-XCBC-MAC : f54f0ec8d2b9f3d36807734bd5283fd4
* AES-XCBC-MAC-96: f54f0ec8d2b9f3d36807734b
*/
u_char key5[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f
};
u_char plain5[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,
0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,
0x18,0x19,0x1a,0x1b,0x1c,0x1d,0x1e,0x1f
};
u_char mac5[] = {
0xf5,0x4f,0x0e,0xc8,0xd2,0xb9,0xf3,0xd3,
0x68,0x07,0x73,0x4b,0xd5,0x28,0x3f,0xd4
};
if (!do_xcbc_test(key5, 16, mac5, plain5, sizeof(plain5)))
{
return FALSE;
}
/* Test Case #7 : AES-XCBC-MAC-96 with 1000-byte input
* Key (K) : 000102030405060708090a0b0c0d0e0f
* Message (M) : 00000000000000000000 ... 00000000000000000000
* [1000 bytes]
* AES-XCBC-MAC : f0dafee895db30253761103b5d84528f
* AES-XCBC-MAC-96: f0dafee895db30253761103b
*/
u_char key7[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f
};
u_char plain7[1000];
memset(plain7, 0, 1000);
u_char mac7[] = {
0xf0,0xda,0xfe,0xe8,0x95,0xdb,0x30,0x25,
0x37,0x61,0x10,0x3b,0x5d,0x84,0x52,0x8f
};
if (!do_xcbc_test(key7, 16, mac7, plain7, sizeof(plain7)))
{
return FALSE;
}
/* variable key test, RFC4434 */
/* Test Case AES-XCBC-PRF-128 with 20-byte input
* Key : 00010203040506070809
* Message : 000102030405060708090a0b0c0d0e0f10111213
* PRF Output : 0fa087af7d866e7653434e602fdde835
*/
u_char key8[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x08,0x09,
};
u_char plain8[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,
0x10,0x11,0x12,0x13
};
u_char mac8[] = {
0x0f,0xa0,0x87,0xaf,0x7d,0x86,0x6e,0x76,
0x53,0x43,0x4e,0x60,0x2f,0xdd,0xe8,0x35
};
if (!do_xcbc_test(key8, 10, mac8, plain8, sizeof(plain8)))
{
return FALSE;
}
/* Test Case AES-XCBC-PRF-128 with 20-byte input
* Key : 000102030405060708090a0b0c0d0e0fedcb
* Message : 000102030405060708090a0b0c0d0e0f10111213
* PRF Output : 8cd3c93ae598a9803006ffb67c40e9e4
*/
u_char key9[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,
0xed,0xcb
};
u_char plain9[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,
0x10,0x11,0x12,0x13
};
u_char mac9[] = {
0x8c,0xd3,0xc9,0x3a,0xe5,0x98,0xa9,0x80,
0x30,0x06,0xff,0xb6,0x7c,0x40,0xe9,0xe4
};
if (!do_xcbc_test(key9, 18, mac9, plain9, sizeof(plain9)))
{
return FALSE;
}
/* Test Case #10 : AES-XCBC-MAC-96 with 32-byte input using append mode
* Key (K) : 000102030405060708090a0b0c0d0e0f
* Message (M) : 000102030405060708090a0b0c0d0e0f10111213141516171819
* 1a1b1c1d1e1f
* AES-XCBC-MAC : f54f0ec8d2b9f3d36807734bd5283fd4
* AES-XCBC-MAC-96: f54f0ec8d2b9f3d36807734b
*/
u_char key10[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f
};
u_char plain10[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,
0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,
0x18,0x19,0x1a,0x1b,0x1c,0x1d,0x1e,0x1f
};
u_char mac10[] = {
0xf5,0x4f,0x0e,0xc8,0xd2,0xb9,0xf3,0xd3,
0x68,0x07,0x73,0x4b,0xd5,0x28,0x3f,0xd4
};
int i;
prf_t *prf = lib->crypto->create_prf(lib->crypto, PRF_AES128_XCBC);
u_char res[16];
if (!prf)
{
return FALSE;
}
prf->set_key(prf, chunk_create(key10, sizeof(key10)));
for (i = 0; i < 4; i++)
{ /* bytes 0 - 3, 1 byte at once */
prf->get_bytes(prf, chunk_create(plain10 + i, 1), NULL);
}
for (i = 4; i < 5; i+=8)
{ /* bytes 4 - 11, at once */
prf->get_bytes(prf, chunk_create(plain10 + i, 8), NULL);
}
for (i = 12; i < 24; i+=4)
{ /* bytes 12 - 23, in blocks of 4 */
prf->get_bytes(prf, chunk_create(plain10 + i, 4), NULL);
}
for (i = 0; i < 4; i++)
{ /* 4 zero blobs */
prf->get_bytes(prf, chunk_create(NULL, 0), NULL);
}
for (i = 24; i < 25; i+=8)
{ /* bytes 24 - 32, at once */
prf->get_bytes(prf, chunk_create(plain10 + i, 8), res);
}
if (!memeq(res, mac10, 16))
{
DBG1(DBG_CFG, "expected %b\ngot %b", mac10, 16, res, 16);
prf->destroy(prf);
return FALSE;
}
prf->destroy(prf);
return TRUE;
}

64
src/charon/plugins/unit_tester/tests/test_fips_prf.c
View File

@ -1,64 +0,0 @@
/*
* Copyright (C) 2007 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#include <utils/linked_list.h>
#include <daemon.h>
/*******************************************************************************
* fips prf known value test
******************************************************************************/
bool fips_prf_test()
{
prf_t *prf;
u_int8_t key_buf[] = {
0xbd, 0x02, 0x9b, 0xbe, 0x7f, 0x51, 0x96, 0x0b,
0xcf, 0x9e, 0xdb, 0x2b, 0x61, 0xf0, 0x6f, 0x0f,
0xeb, 0x5a, 0x38, 0xb6
};
u_int8_t seed_buf[] = {
0x00
};
u_int8_t result_buf[] = {
0x20, 0x70, 0xb3, 0x22, 0x3d, 0xba, 0x37, 0x2f,
0xde, 0x1c, 0x0f, 0xfc, 0x7b, 0x2e, 0x3b, 0x49,
0x8b, 0x26, 0x06, 0x14, 0x3c, 0x6c, 0x18, 0xba,
0xcb, 0x0f, 0x6c, 0x55, 0xba, 0xbb, 0x13, 0x78,
0x8e, 0x20, 0xd7, 0x37, 0xa3, 0x27, 0x51, 0x16
};
chunk_t key = chunk_from_buf(key_buf);
chunk_t seed = chunk_from_buf(seed_buf);
chunk_t expected = chunk_from_buf(result_buf);
chunk_t result;
prf = lib->crypto->create_prf(lib->crypto, PRF_FIPS_SHA1_160);
if (prf == NULL)
{
DBG1(DBG_CFG, "FIPS PRF implementation not found");
return FALSE;
}
prf->set_key(prf, key);
prf->allocate_bytes(prf, seed, &result);
prf->destroy(prf);
if (!chunk_equals(result, expected))
{
DBG1(DBG_CFG, "FIPS PRF result invalid:\nexpected: %Bresult: %B",
&expected, &result);
chunk_free(&result);
return FALSE;
}
chunk_free(&result);
return TRUE;
}

221
src/charon/plugins/unit_tester/tests/test_rng.c
View File

@ -1,221 +0,0 @@
/*
* Copyright (C) 2008 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#include <daemon.h>
#include <library.h>
#include <utils/mutex.h>
#include <unistd.h>
#include <sched.h>
#include <pthread.h>
static bool test_monobit(chunk_t data)
{
int i, j, bits = 0;
for (i = 0; i < data.len; i++)
{
for (j = 0; j < 8; j++)
{
if (data.ptr[i] & (1<<j))
{
bits++;
}
}
}
DBG1(DBG_CFG, " Monobit: %d/%d bits set", bits, data.len * 8);
if (bits > 9654 && bits < 10346)
{
return TRUE;
}
return FALSE;
}
static bool test_poker(chunk_t data)
{
int i, counter[16];
double sum = 0.0;
memset(counter, 0, sizeof(counter));
for (i = 0; i < data.len; i++)
{
counter[data.ptr[i] & 0x0F]++;
counter[(data.ptr[i] & 0xF0) >> 4]++;
}
for (i = 0; i < countof(counter); i++)
{
sum += (counter[i] * counter[i]) / 5000.0 * 16.0;
}
sum -= 5000.0;
DBG1(DBG_CFG, " Poker: %f", sum);
if (sum > 1.03 && sum < 57.4)
{
return TRUE;
}
return FALSE;
}
static bool test_runs(chunk_t data)
{
int i, j, zero_runs[7], one_runs[7], zero = 0, one = 0, longrun = 0;
bool ok = TRUE;
memset(one_runs, 0, sizeof(zero_runs));
memset(zero_runs, 0, sizeof(one_runs));
for (i = 0; i < data.len; i++)
{
for (j = 0; j < 8; j++)
{
if (data.ptr[i] & (1<<j))
{
if (one)
{
if (++one >= 34)
{
longrun++;
break;
}
}
else
{
zero_runs[min(6, zero)]++;
zero = 0;
one = 1;
}
}
else
{
if (zero)
{
if (++zero >= 34)
{
longrun++;
break;
}
}
else
{
one_runs[min(6, one)]++;
one = 0;
zero = 1;
}
}
}
}
DBG1(DBG_CFG, " Runs: zero: %d/%d/%d/%d/%d/%d, one: %d/%d/%d/%d/%d/%d, "
"longruns: %d",
zero_runs[1], zero_runs[2], zero_runs[3],
zero_runs[4], zero_runs[5], zero_runs[6],
one_runs[1], one_runs[2], one_runs[3],
one_runs[4], one_runs[5], one_runs[6],
longrun);
if (longrun)
{
return FALSE;
}
for (i = 1; i < countof(zero_runs); i++)
{
switch (i)
{
case 1:
ok &= zero_runs[i] > 2267 && zero_runs[i] < 2733;
ok &= one_runs[i] > 2267 && one_runs[i] < 2733;
break;
case 2:
ok &= zero_runs[i] > 1079 && zero_runs[i] < 1421;
ok &= one_runs[i] > 1079 && one_runs[i] < 1421;
break;
case 3:
ok &= zero_runs[i] > 502 && zero_runs[i] < 748;
ok &= one_runs[i] > 502 && one_runs[i] < 748;
break;
case 4:
ok &= zero_runs[i] > 223 && zero_runs[i] < 402;
ok &= one_runs[i] > 223 && one_runs[i] < 402;
break;
case 5:
ok &= zero_runs[i] > 90 && zero_runs[i] < 223;
ok &= one_runs[i] > 90 && one_runs[i] < 223;
break;
case 6:
ok &= zero_runs[i] > 90 && zero_runs[i] < 223;
ok &= one_runs[i] > 90 && one_runs[i] < 223;
break;
}
if (!ok)
{
return FALSE;
}
}
return TRUE;
}
static bool test_rng_quality(rng_quality_t quality)
{
rng_t *rng;
chunk_t chunk;
rng = lib->crypto->create_rng(lib->crypto, quality);
if (!rng)
{
return FALSE;
}
DBG1(DBG_CFG, "%N", rng_quality_names, quality);
rng->allocate_bytes(rng, 2500, &chunk);
if (!test_monobit(chunk))
{
return FALSE;
}
if (!test_poker(chunk))
{
return FALSE;
}
if (!test_runs(chunk))
{
return FALSE;
}
free(chunk.ptr);
rng->destroy(rng);
return TRUE;
}
/**
* run a test using given values
*/
bool test_rng()
{
if (!test_rng_quality(RNG_WEAK))
{
return FALSE;
}
if (!test_rng_quality(RNG_STRONG))
{
return FALSE;
}
if (!test_rng_quality(RNG_TRUE))
{
return FALSE;
}
return TRUE;
}