Merged additional tests and improved code coverage

Conflicts:
	ChangeLog
This commit is contained in:
Paul Bakker 2014-04-08 14:38:48 +02:00
commit 17b85cbd69
42 changed files with 1172 additions and 155 deletions

View file

@ -32,6 +32,11 @@ Bugfix
(found by Gergely Budai)
* Fix compile errors when POLARSSL_ERROR_STRERROR_BC is undefined (found by
Shuo Chen).
* oid_get_numeric_string() used to truncate the output without returning an
error if the output buffer was just 1 byte too small.
* dhm_parse_dhm() (hence dhm_parse_dhmfile()) did not set dhm->len.
* Calling pk_debug() on an RSA-alt key would segfault.
* pk_get_size() and pk_get_len() were off by a factor 8 for RSA-alt keys.
= PolarSSL 1.3.5 released on 2014-03-26
Features

View file

@ -621,12 +621,14 @@ int ecp_gen_keypair( ecp_group *grp, mpi *d, ecp_point *Q,
int ecp_gen_key( ecp_group_id grp_id, ecp_keypair *key,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
#if defined(POLARSSL_SELF_TEST)
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
* \return 0 if successful, or 1 if a test failed
*/
int ecp_self_test( int verbose );
#endif
#ifdef __cplusplus
}

View file

@ -60,7 +60,7 @@
* CAMELLIA 2 0x0024-0x0026
* XTEA 1 0x0028-0x0028
* BASE64 2 0x002A-0x002C
* OID 1 0x002E-0x002E
* OID 1 0x002E-0x002E 0x000B-0x000B
* PADLOCK 1 0x0030-0x0030
* DES 1 0x0032-0x0032
* CTR_DBRG 4 0x0034-0x003A

View file

@ -44,6 +44,7 @@
#endif
#define POLARSSL_ERR_OID_NOT_FOUND -0x002E /**< OID is not found. */
#define POLARSSL_ERR_OID_BUF_TOO_SMALL -0x000B /**< output buffer is too small */
/*
* Top level OID tuples
@ -376,7 +377,8 @@ typedef struct {
* \param size size of the buffer
* \param oid OID to translate
*
* \return POLARSSL_ERR_DEBUG_BUF_TOO_SMALL or actual length used
* \return Length of the string written (excluding final NULL) or
* POLARSSL_ERR_OID_BUF_TO_SMALL in case of error
*/
int oid_get_numeric_string( char *buf, size_t size, const asn1_buf *oid );

View file

@ -234,7 +234,7 @@ int pk_init_ctx( pk_context *ctx, const pk_info_t *info );
* \param key RSA key pointer
* \param decrypt_func Decryption function
* \param sign_func Signing function
* \param key_len_func Function returning key length
* \param key_len_func Function returning key length in bytes
*
* \return 0 on success, or POLARSSL_ERR_PK_BAD_INPUT_DATA if the
* context wasn't already initialized as RSA_ALT.

View file

@ -74,6 +74,15 @@ void set_alarm( int seconds );
*/
void m_sleep( int milliseconds );
#if defined(POLARSSL_SELF_TEST)
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if a test failed
*/
int timing_self_test( int verbose );
#endif
#ifdef __cplusplus
}
#endif

View file

@ -212,6 +212,8 @@ int x509_serial_gets( char *buf, size_t size, const x509_buf *serial );
/**
* \brief Give an known OID, return its descriptive string.
* (Deprecated. Use oid_get_extended_key_usage() instead.)
* Warning: only works for extended_key_usage OIDs!
*
* \param oid buffer containing the oid
*
@ -228,8 +230,8 @@ const char *x509_oid_get_description( x509_buf *oid );
* \param size Maximum size of buffer
* \param oid Buffer containing the OID
*
* \return The amount of data written to the buffer, or -1 in
* case of an error.
* \return Length of the string written (exluding final NULL) or
* POLARSSL_ERR_OID_BUF_TO_SMALL in case of error
*/
int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid );

View file

@ -460,6 +460,8 @@ int dhm_parse_dhm( dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen
ret = 0;
dhm->len = mpi_size( &dhm->P );
exit:
#if defined(POLARSSL_PEM_PARSE_C)
pem_free( &pem );

View file

@ -655,6 +655,8 @@ void polarssl_strerror( int ret, char *buf, size_t buflen )
#if defined(POLARSSL_OID_C)
if( use_ret == -(POLARSSL_ERR_OID_NOT_FOUND) )
snprintf( buf, buflen, "OID - OID is not found" );
if( use_ret == -(POLARSSL_ERR_OID_BUF_TOO_SMALL) )
snprintf( buf, buflen, "OID - output buffer is too small" );
#endif /* POLARSSL_OID_C */
#if defined(POLARSSL_PADLOCK_C)

View file

@ -590,16 +590,14 @@ static int compat_snprintf(char *str, size_t size, const char *format, ...)
#define snprintf compat_snprintf
#endif
#define POLARSSL_ERR_DEBUG_BUF_TOO_SMALL -2
#define SAFE_SNPRINTF() \
{ \
if( ret == -1 ) \
return( -1 ); \
return POLARSSL_ERR_OID_BUF_TOO_SMALL; \
\
if ( (unsigned int) ret > n ) { \
if ( (unsigned int) ret >= n ) { \
p[n - 1] = '\0'; \
return POLARSSL_ERR_DEBUG_BUF_TOO_SMALL;\
return POLARSSL_ERR_OID_BUF_TOO_SMALL; \
} \
\
n -= (unsigned int) ret; \
@ -630,7 +628,7 @@ int oid_get_numeric_string( char *buf, size_t size,
{
/* Prevent overflow in value. */
if ( ( ( value << 7 ) >> 7 ) != value )
return( POLARSSL_ERR_DEBUG_BUF_TOO_SMALL );
return( POLARSSL_ERR_OID_BUF_TOO_SMALL );
value <<= 7;
value += oid->p[i] & 0x7F;

View file

@ -258,6 +258,9 @@ int pk_debug( const pk_context *ctx, pk_debug_item *items )
if( ctx == NULL || ctx->pk_info == NULL )
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
if( ctx->pk_info->debug_func == NULL )
return( POLARSSL_ERR_PK_TYPE_MISMATCH );
ctx->pk_info->debug_func( ctx->pk_ctx, items );
return( 0 );
}

View file

@ -357,7 +357,7 @@ static size_t rsa_alt_get_size( const void *ctx )
{
const rsa_alt_context *rsa_alt = (const rsa_alt_context *) ctx;
return( rsa_alt->key_len_func( rsa_alt->key ) );
return( 8 * rsa_alt->key_len_func( rsa_alt->key ) );
}
static int rsa_alt_sign_wrap( void *ctx, md_type_t md_alg,

View file

@ -361,8 +361,12 @@ int pkcs5_self_test( int verbose )
if( ( ret = md_init_ctx( &sha1_ctx, info_sha1 ) ) != 0 )
return( 1 );
if( verbose != 0 )
polarssl_printf( " PBKDF2 warning: test #3 may be slow!\n" );
for( i = 0; i < MAX_TESTS; i++ )
{
if( verbose != 0 )
polarssl_printf( " PBKDF2 (SHA1) #%d: ", i );
ret = pkcs5_pbkdf2_hmac( &sha1_ctx, password[i], plen[i], salt[i],

View file

@ -25,6 +25,13 @@
#include "polarssl/config.h"
#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif
#if defined(POLARSSL_TIMING_C) && !defined(POLARSSL_TIMING_ALT)
#include "polarssl/timing.h"
@ -76,7 +83,7 @@ unsigned long hardclock( void )
unsigned long hardclock( void )
{
unsigned long lo, hi;
asm( "rdtsc" : "=a" (lo), "=d" (hi) );
asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) );
return( lo );
}
#endif
@ -89,7 +96,7 @@ unsigned long hardclock( void )
unsigned long hardclock( void )
{
unsigned long lo, hi;
asm( "rdtsc" : "=a" (lo), "=d" (hi) );
asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) );
return( lo | (hi << 32) );
}
#endif
@ -105,9 +112,9 @@ unsigned long hardclock( void )
do
{
asm( "mftbu %0" : "=r" (tbu0) );
asm( "mftb %0" : "=r" (tbl ) );
asm( "mftbu %0" : "=r" (tbu1) );
asm volatile( "mftbu %0" : "=r" (tbu0) );
asm volatile( "mftb %0" : "=r" (tbl ) );
asm volatile( "mftbu %0" : "=r" (tbu1) );
}
while( tbu0 != tbu1 );
@ -126,7 +133,7 @@ unsigned long hardclock( void )
unsigned long hardclock( void )
{
unsigned long tick;
asm( "rdpr %%tick, %0;" : "=&r" (tick) );
asm volatile( "rdpr %%tick, %0;" : "=&r" (tick) );
return( tick );
}
#endif
@ -140,8 +147,8 @@ unsigned long hardclock( void )
unsigned long hardclock( void )
{
unsigned long tick;
asm( ".byte 0x83, 0x41, 0x00, 0x00" );
asm( "mov %%g1, %0" : "=r" (tick) );
asm volatile( ".byte 0x83, 0x41, 0x00, 0x00" );
asm volatile( "mov %%g1, %0" : "=r" (tick) );
return( tick );
}
#endif
@ -154,7 +161,7 @@ unsigned long hardclock( void )
unsigned long hardclock( void )
{
unsigned long cc;
asm( "rpcc %0" : "=r" (cc) );
asm volatile( "rpcc %0" : "=r" (cc) );
return( cc & 0xFFFFFFFF );
}
#endif
@ -167,7 +174,7 @@ unsigned long hardclock( void )
unsigned long hardclock( void )
{
unsigned long itc;
asm( "mov %0 = ar.itc" : "=r" (itc) );
asm volatile( "mov %0 = ar.itc" : "=r" (itc) );
return( itc );
}
#endif
@ -254,7 +261,7 @@ void m_sleep( int milliseconds )
Sleep( milliseconds );
}
#else
#else /* _WIN32 && !EFIX64 && !EFI32 */
unsigned long get_timer( struct hr_time *val, int reset )
{
@ -282,7 +289,7 @@ void m_sleep( int milliseconds )
usleep( milliseconds * 1000 );
}
#else
#else /* INTEGRITY */
static void sighandler( int signum )
{
@ -308,6 +315,150 @@ void m_sleep( int milliseconds )
}
#endif /* INTEGRITY */
#endif /* _WIN32 && !EFIX64 && !EFI32 */
#if defined(POLARSSL_SELF_TEST)
/* To test net_usleep against our functions */
#if defined(POLARSSL_NET_C)
#include "polarssl/net.h"
#endif
/*
* Checkup routine
*/
int timing_self_test( int verbose )
{
unsigned long cycles, ratio;
unsigned long millisecs, secs;
int hardfail;
struct hr_time hires;
if( verbose != 0)
polarssl_printf( " TIMING tests warning: will take some time!\n" );
if( verbose != 0 )
polarssl_printf( " TIMING test #1 (m_sleep / get_timer): " );
for( secs = 1; secs <= 3; secs++ )
{
(void) get_timer( &hires, 1 );
m_sleep( 500 * secs );
millisecs = get_timer( &hires, 0 );
if( millisecs < 450 * secs || millisecs > 550 * secs )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
if( verbose != 0 )
polarssl_printf( " TIMING test #2 (set_alarm / get_timer): " );
for( secs = 1; secs <= 3; secs++ )
{
(void) get_timer( &hires, 1 );
set_alarm( secs );
while( !alarmed )
;
millisecs = get_timer( &hires, 0 );
if( millisecs < 900 * secs || millisecs > 1100 * secs )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
if( verbose != 0 )
polarssl_printf( " TIMING test #3 (hardclock / m_sleep ): " );
/*
* Allow one failure for possible counter wrapping.
* On a 4Ghz 32-bit machine the cycle counter wraps about once per second;
* since the whole test is about 10ms, it shouldn't happen twice in a row.
*/
hardfail = 0;
hard_test:
if( hardfail > 1 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
/* Get a reference ratio cycles/ms */
cycles = hardclock();
m_sleep( 1 );
cycles = hardclock() - cycles;
ratio = cycles / 1;
for( millisecs = 2; millisecs <= 4; millisecs++ )
{
cycles = hardclock();
m_sleep( millisecs );
cycles = hardclock() - cycles;
/* Allow variation up to 20% */
if( cycles / millisecs < ratio - ratio / 5 ||
cycles / millisecs > ratio + ratio / 5 )
{
hardfail++;
goto hard_test;
}
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
if( verbose != 0 )
polarssl_printf( "\n" );
#if defined(POLARSSL_NET_C)
if( verbose != 0 )
polarssl_printf( " TIMING test #4 (net_usleep/ get_timer): " );
for( secs = 1; secs <= 3; secs++ )
{
(void) get_timer( &hires, 1 );
net_usleep( 500000 * secs );
millisecs = get_timer( &hires, 0 );
if( millisecs < 450 * secs || millisecs > 550 * secs )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
#endif
return( 0 );
}
#endif /* POLARSSL_SELF_TEST */
#endif /* POLARSSL_TIMING_C && !POLARSSL_TIMING_ALT */

View file

@ -49,7 +49,9 @@
#include "polarssl/x509.h"
#include "polarssl/xtea.h"
#include "polarssl/pkcs5.h"
#include "polarssl/pbkdf2.h"
#include "polarssl/ecp.h"
#include "polarssl/timing.h"
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
#include "polarssl/memory.h"
@ -171,11 +173,6 @@ int main( int argc, char *argv[] )
return( ret );
#endif
#if defined(POLARSSL_PKCS5_C)
if( ( ret = pkcs5_self_test( v ) ) != 0 )
return( ret );
#endif
#if defined(POLARSSL_ECP_C)
if( ( ret = ecp_self_test( v ) ) != 0 )
return( ret );
@ -186,6 +183,23 @@ int main( int argc, char *argv[] )
return( ret );
#endif
/* Slow tests last */
#if defined(POLARSSL_PBKDF2_C)
if( ( ret = pbkdf2_self_test( v ) ) != 0 )
return( ret );
#else
#if defined(POLARSSL_PKCS5_C)
if( ( ret = pkcs5_self_test( v ) ) != 0 )
return( ret );
#endif
#endif
#if defined(POLARSSL_TIMING_C)
if( ( ret = timing_self_test( v ) ) != 0 )
return( ret );
#endif
#else
printf( " POLARSSL_SELF_TEST not defined.\n" );
#endif

View file

@ -4,6 +4,11 @@ test_suites
(reference test vectors, sanity checks, malformed input for parsing
functions, etc.) for all modules except the SSL modules.
selftests
The 'programs/test/selftest' program runs the 'XXX_self_test()' functions
of each individual module. Most of them are included in the respective
test suite, but some slower ones are only included here.
compat
The 'tests/compat.sh' script checks interoperability with OpenSSL and
GnuTLS (and ourselves!) for every common ciphersuite, in every TLS

View file

@ -5,16 +5,15 @@
# Check each common ciphersuite, with each version, both ways (client/server),
# with and without client authentication.
set -u
# test if those two are set in the environment before assigning defaults
if [ -n "$GNUTLS_CLI" -a -n "$GNUTLS_SERV" ]; then
if [ -n "${GNUTLS_CLI:-}" -a -n "${GNUTLS_SERV:-}" ]; then
GNUTLS_AVAILABLE=1
else
GNUTLS_AVAILABLE=0
fi
# catch undefined variables from now on
set -u
# initialise counters
let "tests = 0"
let "failed = 0"

View file

@ -0,0 +1,5 @@
-----BEGIN DH PARAMETERS-----
MIGHAoGBAJ419DBEOgmQTzo5qXl5fQcN9TN455wkOL7052HzxxRVMyhYmwQcgJvh
1sa18fyfR9OiVEMYglOpkqVoGLN7qd5aQNNi5W7/C+VBdHTBJcGZJyyP5B3qcz32
9mLJKudlVudV0Qxk5qUJaPZ/xupz0NyoVpviuiBOI1gNi8ovSXWzAgEC
-----END DH PARAMETERS-----

View file

@ -0,0 +1,17 @@
-----BEGIN CERTIFICATE REQUEST-----
MIICpTCCAY0CAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRow
GAYDVQQDExFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ
ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ
HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF
W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs
FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/
DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAkMCIGCSqGSIb3DQEJDjEV
MBMwEQYJYIZIAYb4QgEBBAQDAgBAMA0GCSqGSIb3DQEBBQUAA4IBAQB95Pkjpg/N
Jbgl5nZcAk8maGMpUFlrhJS4kGutQKZugNX9v8cfABW905IHYXV1dm6zxVcyeqZM
FiOgbV943fu5JbufoazdYXnnR2/iKMigqX4CzZrK3F5ZzegxkfDIfDrn/shC+rWb
SS5WBVLJ3QNj9vwn3/b66IRbp/ViOwHx7+9JT4K/rLId/ynjYf2T57AsmNd/jptc
Zs19fGgtrUXweWkliEZN2zE47Cc53jkx6+Li4TNs4Bjk5P/aXrCP0fBwgGt2K6YW
dQ/nr0PwIbXzVlgUukSTHkJJfhF4Y/WqcUfOPrRdw+zxOLusJ9nzJBR0FOohcBxM
kPBVna0dze/o
-----END CERTIFICATE REQUEST-----

View file

@ -0,0 +1,17 @@
-----BEGIN CERTIFICATE REQUEST-----
MIICnzCCAYcCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRow
GAYDVQQDExFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ
ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ
HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF
W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs
FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/
DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAeMBwGCSqGSIb3DQEJDjEP
MA0wCwYDVR0PBAQDAgHgMA0GCSqGSIb3DQEBBQUAA4IBAQCj6jCu0wE5OQ1JGQwZ
FNwPqZrvKntSq2yLIbgmGxwlvDLxOzn0KmidSFiKRqh0KXwj9siodlz5C0d9tUqq
7xUXg+j+wDHqUV8zo42Jke+UmWXFPpnXx/fDFGTITdLSn8ZDxkt31ESLTEVZvPFD
odm+C+zWJtKpyL+9op4KvyBQ1MZ9nWZpwMaK4g4mdtOIsz75gMa74w8ZT7VzhGMY
cZGmafsl7x++GDDtf0oCPgrj9xy+Ovv/GyUBaB+6lweflTfPDTRSoN0meFlP5ynF
vqcBM5JKH2FUQIizfc9o6Z8tKxe9FCov3x8szAuoMRA7bjhVngeQIrEkTcaQBvBY
NalC
-----END CERTIFICATE REQUEST-----

View file

@ -0,0 +1,17 @@
-----BEGIN CERTIFICATE REQUEST-----
MIICsjCCAZoCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRow
GAYDVQQDExFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ
ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ
HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF
W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs
FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/
DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAxMC8GCSqGSIb3DQEJDjEi
MCAwCwYDVR0PBAQDAgHgMBEGCWCGSAGG+EIBAQQEAwIAQDANBgkqhkiG9w0BAQUF
AAOCAQEANlNG9hW852OzVKj2Z8TtU9jxstAoSCH9yc9Coj4Vw2TTjs1zcuBWsMl1
2bf2I6ZvEH6ZhcQY7i7nyHQyPlqE4l6U9D8ct967QN7smuAHNY2HiQ2++eCBTHck
PdtGJAzIvNlXcoqNi8UC5fGepNtI1usNo41SKMvbg6nGA5gdcQKk7CVlk8lrD0qI
Xn/HvjSRoDE4ZGxAtNvPXWorGSxtgcy8EMPoXVUab5fNt8q//x/NQ4yEQKPrexmR
IuOiQ8VW8QZtkORGpZbGSvskU0WfKANui4zCcXYRc4mVR4Wf0C+fyHeihhjslSnT
RbC7nQn5HSHp31qJlr80QodywaK1Dg==
-----END CERTIFICATE REQUEST-----

View file

@ -0,0 +1,18 @@
-----BEGIN CERTIFICATE-----
MIIC9DCCAdygAwIBAAIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G
A1UEChMIUG9sYXJTU0wxGjAYBgNVBAMTEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/
uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD
d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf
CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr
lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w
bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB
owIwADANBgkqhkiG9w0BAQUFAAOCAQEAoZVuVi7bIslKgMJhejSFXiO+ICMz1fmK
b0tPN68mRYhI/gsjRT0cmX6GUNrg+U5mcBWhMwHgyvx1CARU4YToKZxcXGNL0DPd
Z1hF8nCrJCZBQvNuWE7s0ufw92xz5ZfuKkVxi94RYR529F6gzgl4rpX8UQVu2ym/
9pTlHKr4MKi9LNppyJMS89uRcb2FJFMdhAKbhNtbIjI9qGZ7x//0belAaWhq389u
6XWFnZt35PU6Zz6YbAQ5pjZYsTaohuufgrpOlFPUuc4uR+RfGHIQ6id12lZaQC2m
OFIBDcU0x1cFfPfMgVdBLf6klPt/v/tD77mwx0eztSp28NIf+ACw8A==
-----END CERTIFICATE-----

View file

@ -0,0 +1,8 @@
-----BEGIN CERTIFICATE REQUEST-----
MIIBFjCBvAIBADA8MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGjAY
BgNVBAMTEVBvbGFyU1NMIFNlcnZlciAxMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
QgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/6i/SNF1d
Fr2KiMJrdw1VzYoqDvoByLTt/6AeMBwGCSqGSIb3DQEJDjEPMA0wCwYDVR0PBAQD
AgHAMAsGByqGSM49BAEFAANIADBFAiBjnnD7nwsFnCL+MpPPFJE3K/Tgj+5rAgXj
e5UejDX2CAIhAKdbigWJL/ZatvG9CFHq7ykrRns2x8JEXehWu8DsXdx9
-----END CERTIFICATE REQUEST-----

View file

@ -74,6 +74,7 @@ cleanup
cmake -D CMAKE_BUILD_TYPE:String=ASan .
make
make test
programs/test/selftest
cd tests
./compat.sh
./ssl-opt.sh

View file

@ -10,6 +10,14 @@
set -u
# test if it is defined from the environment before assining default
# if yes, assume it means it's a build with all the options we need (SSLv2)
if [ -n "${OPENSSL_CMD:-}" ]; then
OPENSSL_OK=1
else
OPENSSL_OK=0
fi
# default values, can be overriden by the environment
: ${P_SRV:=../programs/ssl/ssl_server2}
: ${P_CLI:=../programs/ssl/ssl_client2}
@ -25,7 +33,11 @@ CONFIG_H='../include/polarssl/config.h'
MEMCHECK=0
FILTER='.*'
EXCLUDE='SSLv2' # disabled by default, needs OpenSSL compiled with SSLv2
if [ "$OPENSSL_OK" -gt 0 ]; then
EXCLUDE='^$'
else
EXCLUDE='SSLv2'
fi
print_usage() {
echo "Usage: $0 [options]"
@ -247,6 +259,8 @@ cleanup() {
# MAIN
#
get_options "$@"
# sanity checks, avoid an avalanche of errors
if [ ! -x "$P_SRV" ]; then
echo "Command '$P_SRV' is not an executable file"
@ -261,8 +275,6 @@ if which $OPENSSL_CMD >/dev/null 2>&1; then :; else
exit 1
fi
get_options "$@"
killall -q openssl ssl_server ssl_server2
trap cleanup INT TERM HUP

View file

@ -11,6 +11,16 @@
* END_DEPENDENCIES
*/
/* BEGIN_CASE */
void cipher_list( )
{
const int *cipher_type;
for( cipher_type = cipher_list(); *cipher_type != 0; cipher_type++ )
TEST_ASSERT( cipher_info_from_type( *cipher_type ) != NULL );
}
/* END_CASE */
/* BEGIN_CASE */
void enc_dec_buf( int cipher_id, char *cipher_string, int key_len,
int length_val, int pad_mode )

View file

@ -1,3 +1,6 @@
Cipher list
cipher_list:
Set padding with AES-CBC
depends_on:POLARSSL_AES_C:POLARSSL_CIPHER_MODE_CBC:POLARSSL_CIPHER_PADDING_PKCS7
set_padding:POLARSSL_CIPHER_AES_128_CBC:POLARSSL_PADDING_PKCS7:0

View file

@ -1,3 +1,15 @@
DES check weak key #1
des_check_weak:"0101010101010101":1
DES check weak key #2
des_check_weak:"FEE0FEE0FEF1FEF1":1
DES check weak key #3
des_check_weak:"0101010101010100":0
DES check weak key #4
des_check_weak:"EEE0FEE0FEF1FEF1":0
DES Encrypt OpenSSL Test Vector #1
des_encrypt_ecb:"0000000000000000":"0000000000000000":"8CA64DE9C1B123A7"

View file

@ -7,6 +7,19 @@
* END_DEPENDENCIES
*/
/* BEGIN_CASE */
void des_check_weak( char *key_hex, int ret )
{
unsigned char key[DES_KEY_SIZE];
memset( key, 0, sizeof key );
unhexify( key, key_hex );
TEST_ASSERT( des_key_check_weak( key ) == ret );
}
/* END_CASE */
/* BEGIN_CASE */
void des_encrypt_ecb( char *hex_key_string, char *hex_src_string,
char *hex_dst_string )

View file

@ -7,5 +7,8 @@ dhm_do_dhm:10:"93450983094850938450983409623":10:"9345098304850938450983409622"
Diffie-Hellman full exchange #3
dhm_do_dhm:10:"93450983094850938450983409623982317398171298719873918739182739712938719287391879381271":10:"9345098309485093845098340962223981329819812792137312973297123912791271"
Diffie-Hallman load parameters from file
dhm_file:"data_files/dhparams.pem":"9e35f430443a09904f3a39a979797d070df53378e79c2438bef4e761f3c714553328589b041c809be1d6c6b5f1fc9f47d3a25443188253a992a56818b37ba9de5a40d362e56eff0be5417474c125c199272c8fe41dea733df6f662c92ae76556e755d10c64e6a50968f67fc6ea73d0dca8569be2ba204e23580d8bca2f4975b3":"02":128
Diffie-Hellman selftest
dhm_selftest:

View file

@ -97,6 +97,29 @@ void dhm_do_dhm( int radix_P, char *input_P,
}
/* END_CASE */
/* BEGIN_CASE depends_on:POLARSSL_FS_IO */
void dhm_file( char *filename, char *p, char *g, int len )
{
dhm_context ctx;
mpi P, G;
memset( &ctx, 0, sizeof ctx );
mpi_init( &P ); mpi_init( &G );
TEST_ASSERT( mpi_read_string( &P, 16, p ) == 0 );
TEST_ASSERT( mpi_read_string( &G, 16, g ) == 0 );
TEST_ASSERT( dhm_parse_dhmfile( &ctx, filename ) == 0 );
TEST_ASSERT( ctx.len == (size_t) len );
TEST_ASSERT( mpi_cmp_mpi( &ctx.P, &P ) == 0 );
TEST_ASSERT( mpi_cmp_mpi( &ctx.G, &G ) == 0 );
mpi_free( &P ); mpi_free( &G );
dhm_free( &ctx );
}
/* END_CASE */
/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
void dhm_selftest()
{

View file

@ -12,8 +12,18 @@ void error_strerror( int code, char *result_str )
{
char buf[500];
memset( buf, 0, sizeof( buf ) );
polarssl_strerror( code, buf, 500 );
TEST_ASSERT( strcmp( buf, result_str ) == 0 );
#if defined(POLARSSL_ERROR_STRERROR_BC)
memset( buf, 0, sizeof( buf ) );
error_strerror( code, buf, 500 );
TEST_ASSERT( strcmp( buf, result_str ) == 0 );
#endif
}
/* END_CASE */

View file

@ -10,21 +10,51 @@ void sha1_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
{
unsigned char src_str[10000];
unsigned char key_str[10000];
unsigned char hash_str[10000];
unsigned char output[41];
unsigned char hash_str[41];
unsigned char output[20];
int key_len, src_len;
sha1_context ctx;
memset(src_str, 0x00, 10000);
memset(key_str, 0x00, 10000);
memset(hash_str, 0x00, 10000);
memset(output, 0x00, 41);
memset(src_str, 0x00, sizeof src_str);
memset(key_str, 0x00, sizeof key_str);
key_len = unhexify( key_str, hex_key_string );
src_len = unhexify( src_str, hex_src_string );
sha1_hmac( key_str, key_len, src_str, src_len, output );
hexify( hash_str, output, 20 );
/* Test the all-in-one interface */
memset(hash_str, 0x00, sizeof hash_str);
memset(output, 0x00, sizeof output);
sha1_hmac( key_str, key_len, src_str, src_len, output );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
/* Also test the "streaming" interface */
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
memset( &ctx, 0x00, sizeof ctx );
sha1_hmac_starts( &ctx, key_str, key_len );
sha1_hmac_update( &ctx, src_str, 0 );
sha1_hmac_update( &ctx, src_str, src_len / 2 );
sha1_hmac_update( &ctx, src_str + src_len / 2, src_len - src_len / 2 );
sha1_hmac_update( &ctx, src_str + src_len, 0 );
sha1_hmac_finish( &ctx, output );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
/* Again, to test hmac_reset() */
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
sha1_hmac_reset( &ctx );
sha1_hmac_update( &ctx, src_str, src_len / 2 );
sha1_hmac_update( &ctx, src_str + src_len / 2, src_len - src_len / 2 );
sha1_hmac_finish( &ctx, output );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
}
/* END_CASE */
@ -35,21 +65,51 @@ void sha224_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
{
unsigned char src_str[10000];
unsigned char key_str[10000];
unsigned char hash_str[10000];
unsigned char output[57];
unsigned char hash_str[57];
unsigned char output[28];
int key_len, src_len;
sha256_context ctx;
memset(src_str, 0x00, 10000);
memset(key_str, 0x00, 10000);
memset(hash_str, 0x00, 10000);
memset(output, 0x00, 57);
memset(src_str, 0x00, sizeof src_str);
memset(key_str, 0x00, sizeof key_str);
key_len = unhexify( key_str, hex_key_string );
src_len = unhexify( src_str, hex_src_string );
sha256_hmac( key_str, key_len, src_str, src_len, output, 1 );
hexify( hash_str, output, 28 );
/* Test the all-in-one interface */
memset(hash_str, 0x00, sizeof hash_str);
memset(output, 0x00, sizeof output);
sha256_hmac( key_str, key_len, src_str, src_len, output, 1 );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
/* Also test the "streaming" interface */
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
memset( &ctx, 0x00, sizeof ctx );
sha256_hmac_starts( &ctx, key_str, key_len, 1 );
sha256_hmac_update( &ctx, src_str, 0 );
sha256_hmac_update( &ctx, src_str, src_len / 2 );
sha256_hmac_update( &ctx, src_str + src_len / 2, src_len - src_len / 2 );
sha256_hmac_update( &ctx, src_str + src_len, 0 );
sha256_hmac_finish( &ctx, output );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
/* Again, to test hmac_reset() */
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
sha256_hmac_reset( &ctx );
sha256_hmac_update( &ctx, src_str, src_len / 2 );
sha256_hmac_update( &ctx, src_str + src_len / 2, src_len - src_len / 2 );
sha256_hmac_finish( &ctx, output );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
}
/* END_CASE */
@ -60,21 +120,51 @@ void sha256_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
{
unsigned char src_str[10000];
unsigned char key_str[10000];
unsigned char hash_str[10000];
unsigned char output[65];
unsigned char hash_str[65];
unsigned char output[32];
int key_len, src_len;
sha256_context ctx;
memset(src_str, 0x00, 10000);
memset(key_str, 0x00, 10000);
memset(hash_str, 0x00, 10000);
memset(output, 0x00, 65);
memset(src_str, 0x00, sizeof src_str);
memset(key_str, 0x00, sizeof key_str);
key_len = unhexify( key_str, hex_key_string );
src_len = unhexify( src_str, hex_src_string );
sha256_hmac( key_str, key_len, src_str, src_len, output, 0 );
hexify( hash_str, output, 32 );
/* Test the all-in-one interface */
memset(hash_str, 0x00, sizeof hash_str);
memset(output, 0x00, sizeof output);
sha256_hmac( key_str, key_len, src_str, src_len, output, 0 );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
/* Also test the "streaming" interface */
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
memset( &ctx, 0x00, sizeof ctx );
sha256_hmac_starts( &ctx, key_str, key_len, 0 );
sha256_hmac_update( &ctx, src_str, 0 );
sha256_hmac_update( &ctx, src_str, src_len / 2 );
sha256_hmac_update( &ctx, src_str + src_len / 2, src_len - src_len / 2 );
sha256_hmac_update( &ctx, src_str + src_len, 0 );
sha256_hmac_finish( &ctx, output );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
/* Again, to test hmac_reset() */
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
sha256_hmac_reset( &ctx );
sha256_hmac_update( &ctx, src_str, src_len / 2 );
sha256_hmac_update( &ctx, src_str + src_len / 2, src_len - src_len / 2 );
sha256_hmac_finish( &ctx, output );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
}
/* END_CASE */
@ -85,21 +175,51 @@ void sha384_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
{
unsigned char src_str[10000];
unsigned char key_str[10000];
unsigned char hash_str[10000];
unsigned char output[97];
unsigned char hash_str[97];
unsigned char output[48];
int key_len, src_len;
sha512_context ctx;
memset(src_str, 0x00, 10000);
memset(key_str, 0x00, 10000);
memset(hash_str, 0x00, 10000);
memset(output, 0x00, 97);
memset(src_str, 0x00, sizeof src_str);
memset(key_str, 0x00, sizeof key_str);
key_len = unhexify( key_str, hex_key_string );
src_len = unhexify( src_str, hex_src_string );
sha512_hmac( key_str, key_len, src_str, src_len, output, 1 );
hexify( hash_str, output, 48 );
/* Test the all-in-one interface */
memset(hash_str, 0x00, sizeof hash_str);
memset(output, 0x00, sizeof output);
sha512_hmac( key_str, key_len, src_str, src_len, output, 1 );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
/* Also test the "streaming" interface */
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
memset( &ctx, 0x00, sizeof ctx );
sha512_hmac_starts( &ctx, key_str, key_len, 1 );
sha512_hmac_update( &ctx, src_str, 0 );
sha512_hmac_update( &ctx, src_str, src_len / 2 );
sha512_hmac_update( &ctx, src_str + src_len / 2, src_len - src_len / 2 );
sha512_hmac_update( &ctx, src_str + src_len, 0 );
sha512_hmac_finish( &ctx, output );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
/* Again, to test hmac_reset() */
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
sha512_hmac_reset( &ctx );
sha512_hmac_update( &ctx, src_str, src_len / 2 );
sha512_hmac_update( &ctx, src_str + src_len / 2, src_len - src_len / 2 );
sha512_hmac_finish( &ctx, output );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
}
/* END_CASE */
@ -110,21 +230,51 @@ void sha512_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
{
unsigned char src_str[10000];
unsigned char key_str[10000];
unsigned char hash_str[10000];
unsigned char output[129];
unsigned char hash_str[129];
unsigned char output[64];
int key_len, src_len;
sha512_context ctx;
memset(src_str, 0x00, 10000);
memset(key_str, 0x00, 10000);
memset(hash_str, 0x00, 10000);
memset(output, 0x00, 129);
memset(src_str, 0x00, sizeof src_str);
memset(key_str, 0x00, sizeof key_str);
key_len = unhexify( key_str, hex_key_string );
src_len = unhexify( src_str, hex_src_string );
sha512_hmac( key_str, key_len, src_str, src_len, output, 0 );
hexify( hash_str, output, 64 );
/* Test the all-in-one interface */
memset(hash_str, 0x00, sizeof hash_str);
memset(output, 0x00, sizeof output);
sha512_hmac( key_str, key_len, src_str, src_len, output, 0 );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
/* Also test the "streaming" interface */
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
memset( &ctx, 0x00, sizeof ctx );
sha512_hmac_starts( &ctx, key_str, key_len, 0 );
sha512_hmac_update( &ctx, src_str, 0 );
sha512_hmac_update( &ctx, src_str, src_len / 2 );
sha512_hmac_update( &ctx, src_str + src_len / 2, src_len - src_len / 2 );
sha512_hmac_update( &ctx, src_str + src_len, 0 );
sha512_hmac_finish( &ctx, output );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
/* Again, to test hmac_reset() */
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
sha512_hmac_reset( &ctx );
sha512_hmac_update( &ctx, src_str, src_len / 2 );
sha512_hmac_update( &ctx, src_str + src_len / 2, src_len - src_len / 2 );
sha512_hmac_finish( &ctx, output );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
}
/* END_CASE */

View file

@ -1,3 +1,42 @@
MD process
md_process:
Information on MD2
depends_on:POLARSSL_MD2_C
md_info:POLARSSL_MD_MD2:"MD2":16
Information on MD4
depends_on:POLARSSL_MD4_C
md_info:POLARSSL_MD_MD4:"MD4":16
Information on MD5
depends_on:POLARSSL_MD5_C
md_info:POLARSSL_MD_MD5:"MD5":16
Information on RIPEMD160
depends_on:POLARSSL_RIPEMD160_C
md_info:POLARSSL_MD_RIPEMD160:"RIPEMD160":20
Information on SHA1
depends_on:POLARSSL_SHA1_C
md_info:POLARSSL_MD_SHA1:"SHA1":20
Information on SHA224
depends_on:POLARSSL_SHA256_C
md_info:POLARSSL_MD_SHA224:"SHA224":28
Information on SHA256
depends_on:POLARSSL_SHA256_C
md_info:POLARSSL_MD_SHA256:"SHA256":32
Information on SHA384
depends_on:POLARSSL_SHA512_C
md_info:POLARSSL_MD_SHA384:"SHA384":48
Information on SHA512
depends_on:POLARSSL_SHA512_C
md_info:POLARSSL_MD_SHA512:"SHA512":64
generic md2 Test vector RFC1319 #1
depends_on:POLARSSL_MD2_C
md_text:"md2":"":"8350e5a3e24c153df2275c9f80692773"
@ -82,35 +121,35 @@ generic md5 Test vector RFC1321 #7
depends_on:POLARSSL_MD5_C
md_text:"md5":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"57edf4a22be3c955ac49da2e2107b67a"
ripemd160 Test vector from paper #1
generic ripemd160 Test vector from paper #1
depends_on:POLARSSL_RIPEMD160_C
md_text:"ripemd160":"":"9c1185a5c5e9fc54612808977ee8f548b2258d31"
ripemd160 Test vector from paper #2
generic ripemd160 Test vector from paper #2
depends_on:POLARSSL_RIPEMD160_C
md_text:"ripemd160":"a":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe"
ripemd160 Test vector from paper #3
generic ripemd160 Test vector from paper #3
depends_on:POLARSSL_RIPEMD160_C
md_text:"ripemd160":"abc":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc"
ripemd160 Test vector from paper #4
generic ripemd160 Test vector from paper #4
depends_on:POLARSSL_RIPEMD160_C
md_text:"ripemd160":"message digest":"5d0689ef49d2fae572b881b123a85ffa21595f36"
ripemd160 Test vector from paper #5
generic ripemd160 Test vector from paper #5
depends_on:POLARSSL_RIPEMD160_C
md_text:"ripemd160":"abcdefghijklmnopqrstuvwxyz":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc"
ripemd160 Test vector from paper #6
generic ripemd160 Test vector from paper #6
depends_on:POLARSSL_RIPEMD160_C
md_text:"ripemd160":"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq":"12a053384a9c0c88e405a06c27dcf49ada62eb2b"
ripemd160 Test vector from paper #7
generic ripemd160 Test vector from paper #7
depends_on:POLARSSL_RIPEMD160_C
md_text:"ripemd160":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"b0e20b6e3116640286ed3a87a5713079b21f5189"
ripemd160 Test vector from paper #8
generic ripemd160 Test vector from paper #8
depends_on:POLARSSL_RIPEMD160_C
md_text:"ripemd160":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
@ -178,31 +217,31 @@ generic HMAC-MD5 Test Vector RFC2202 #7
depends_on:POLARSSL_MD5_C
md_hmac:"md5":16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"6f630fad67cda0ee1fb1f562db3aa53e"
HMAC-RIPEMD160 Test vector RFC 2286 #1
generic HMAC-RIPEMD160 Test vector RFC 2286 #1
depends_on:POLARSSL_RIPEMD160_C
md_hmac:"ripemd160":20:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"24cb4bd67d20fc1a5d2ed7732dcc39377f0a5668"
HMAC-RIPEMD160 Test vector RFC 2286 #2
generic HMAC-RIPEMD160 Test vector RFC 2286 #2
depends_on:POLARSSL_RIPEMD160_C
md_hmac:"ripemd160":20:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"dda6c0213a485a9e24f4742064a7f033b43c4069"
HMAC-RIPEMD160 Test vector RFC 2286 #3
generic HMAC-RIPEMD160 Test vector RFC 2286 #3
depends_on:POLARSSL_RIPEMD160_C
md_hmac:"ripemd160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"b0b105360de759960ab4f35298e116e295d8e7c1"
HMAC-RIPEMD160 Test vector RFC 2286 #4
generic HMAC-RIPEMD160 Test vector RFC 2286 #4
depends_on:POLARSSL_RIPEMD160_C
md_hmac:"ripemd160":20:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"d5ca862f4d21d5e610e18b4cf1beb97a4365ecf4"
HMAC-RIPEMD160 Test vector RFC 2286 #5
generic HMAC-RIPEMD160 Test vector RFC 2286 #5
depends_on:POLARSSL_RIPEMD160_C
md_hmac:"ripemd160":20:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"7619693978f91d90539ae786500ff3d8e0518e39"
HMAC-RIPEMD160 Test vector RFC 2286 #6
generic HMAC-RIPEMD160 Test vector RFC 2286 #6
depends_on:POLARSSL_RIPEMD160_C
md_hmac:"ripemd160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6466ca07ac5eac29e1bd523e5ada7605b791fd8b"
HMAC-RIPEMD160 Test vector RFC 2286 #7
generic HMAC-RIPEMD160 Test vector RFC 2286 #7
depends_on:POLARSSL_RIPEMD160_C
md_hmac:"ripemd160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"69ea60798d71616cce5fd0871e23754cd75d5a0a"
@ -290,6 +329,38 @@ generic multi step md5 Test vector RFC1321 #7
depends_on:POLARSSL_MD5_C
md_text_multi:"md5":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"57edf4a22be3c955ac49da2e2107b67a"
generic multi step ripemd160 Test vector from paper #1
depends_on:POLARSSL_RIPEMD160_C
md_text_multi:"ripemd160":"":"9c1185a5c5e9fc54612808977ee8f548b2258d31"
generic multi step ripemd160 Test vector from paper #2
depends_on:POLARSSL_RIPEMD160_C
md_text_multi:"ripemd160":"a":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe"
generic multi step ripemd160 Test vector from paper #3
depends_on:POLARSSL_RIPEMD160_C
md_text_multi:"ripemd160":"abc":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc"
generic multi step ripemd160 Test vector from paper #4
depends_on:POLARSSL_RIPEMD160_C
md_text_multi:"ripemd160":"message digest":"5d0689ef49d2fae572b881b123a85ffa21595f36"
generic multi step ripemd160 Test vector from paper #5
depends_on:POLARSSL_RIPEMD160_C
md_text_multi:"ripemd160":"abcdefghijklmnopqrstuvwxyz":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc"
generic multi step ripemd160 Test vector from paper #6
depends_on:POLARSSL_RIPEMD160_C
md_text_multi:"ripemd160":"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq":"12a053384a9c0c88e405a06c27dcf49ada62eb2b"
generic multi step ripemd160 Test vector from paper #7
depends_on:POLARSSL_RIPEMD160_C
md_text_multi:"ripemd160":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"b0e20b6e3116640286ed3a87a5713079b21f5189"
generic multi step ripemd160 Test vector from paper #8
depends_on:POLARSSL_RIPEMD160_C
md_text_multi:"ripemd160":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
generic multi step HMAC-MD2 Hash File OpenSSL test #1
depends_on:POLARSSL_MD2_C
md_hmac_multi:"md2":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d5732582f494f5ddf35efd166c85af9c"
@ -354,6 +425,34 @@ generic multi step HMAC-MD5 Test Vector RFC2202 #7
depends_on:POLARSSL_MD5_C
md_hmac_multi:"md5":16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"6f630fad67cda0ee1fb1f562db3aa53e"
generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #1
depends_on:POLARSSL_RIPEMD160_C
md_hmac_multi:"ripemd160":20:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"24cb4bd67d20fc1a5d2ed7732dcc39377f0a5668"
generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #2
depends_on:POLARSSL_RIPEMD160_C
md_hmac_multi:"ripemd160":20:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"dda6c0213a485a9e24f4742064a7f033b43c4069"
generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #3
depends_on:POLARSSL_RIPEMD160_C
md_hmac_multi:"ripemd160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"b0b105360de759960ab4f35298e116e295d8e7c1"
generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #4
depends_on:POLARSSL_RIPEMD160_C
md_hmac_multi:"ripemd160":20:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"d5ca862f4d21d5e610e18b4cf1beb97a4365ecf4"
generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #5
depends_on:POLARSSL_RIPEMD160_C
md_hmac_multi:"ripemd160":20:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"7619693978f91d90539ae786500ff3d8e0518e39"
generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #6
depends_on:POLARSSL_RIPEMD160_C
md_hmac_multi:"ripemd160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6466ca07ac5eac29e1bd523e5ada7605b791fd8b"
generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #7
depends_on:POLARSSL_RIPEMD160_C
md_hmac_multi:"ripemd160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"69ea60798d71616cce5fd0871e23754cd75d5a0a"
generic MD2 Hash file #1
depends_on:POLARSSL_MD2_C
md_file:"md2":"data_files/hash_file_1":"b593c098712d2e21628c8986695451a8"
@ -402,6 +501,26 @@ generic MD5 Hash file #4
depends_on:POLARSSL_MD5_C
md_file:"md5":"data_files/hash_file_4":"d41d8cd98f00b204e9800998ecf8427e"
generic RIPEMD160 Hash file #0 (from paper)
depends_on:POLARSSL_RIPEMD160_C
md_file:"ripemd160":"data_files/hash_file_5":"52783243c1697bdbe16d37f97f68f08325dc1528"
generic RIPEMD160 Hash file #1
depends_on:POLARSSL_RIPEMD160_C
md_file:"ripemd160":"data_files/hash_file_1":"82f1d072f0ec0c2b353703a7b575a04c113af1a6"
generic RIPEMD160 Hash file #2
depends_on:POLARSSL_RIPEMD160_C
md_file:"ripemd160":"data_files/hash_file_2":"996fbc8b79206ba7393ebcd246584069b1c08f0f"
generic RIPEMD160 Hash file #3
depends_on:POLARSSL_RIPEMD160_C
md_file:"ripemd160":"data_files/hash_file_3":"8653b46d65998fa8c8846efa17937e742533ae48"
generic RIPEMD160 Hash file #4
depends_on:POLARSSL_RIPEMD160_C
md_file:"ripemd160":"data_files/hash_file_4":"9c1185a5c5e9fc54612808977ee8f548b2258d31"
generic HMAC-SHA-1 Test Vector FIPS-198a #1
depends_on:POLARSSL_SHA1_C
md_hmac:"sha1":20:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":"53616d706c65202331":"4f4ca3d5d68ba7cc0a1208c9c61e9c5da0403c0a"
@ -1010,26 +1129,6 @@ generic multi step SHA-512 Test Vector NIST CAVS #8
depends_on:POLARSSL_SHA512_C
md_hex_multi:"sha512":"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
RIPEMD160 Hash file #0 (from paper)
depends_on:POLARSSL_RIPEMD160_C
md_file:"ripemd160":"data_files/hash_file_5":"52783243c1697bdbe16d37f97f68f08325dc1528"
RIPEMD160 Hash file #1
depends_on:POLARSSL_RIPEMD160_C
md_file:"ripemd160":"data_files/hash_file_1":"82f1d072f0ec0c2b353703a7b575a04c113af1a6"
RIPEMD160 Hash file #2
depends_on:POLARSSL_RIPEMD160_C
md_file:"ripemd160":"data_files/hash_file_2":"996fbc8b79206ba7393ebcd246584069b1c08f0f"
RIPEMD160 Hash file #3
depends_on:POLARSSL_RIPEMD160_C
md_file:"ripemd160":"data_files/hash_file_3":"8653b46d65998fa8c8846efa17937e742533ae48"
RIPEMD160 Hash file #4
depends_on:POLARSSL_RIPEMD160_C
md_file:"ripemd160":"data_files/hash_file_4":"9c1185a5c5e9fc54612808977ee8f548b2258d31"
generic SHA1 Hash file #1
depends_on:POLARSSL_SHA1_C
md_file:"sha1":"data_files/hash_file_1":"d21c965b1e768bd7a6aa6869f5f821901d255f9f"

View file

@ -7,6 +7,55 @@
* END_DEPENDENCIES
*/
/* BEGIN_CASE */
void md_process( )
{
const int *md_type_ptr;
const md_info_t *info;
md_context_t ctx;
unsigned char buf[150];
memset( &ctx, 0, sizeof ctx );
/*
* Very minimal testing of md_process, just make sure the various
* xxx_process_wrap() function pointers are valid. (Testing that they
* indeed do the right thing whould require messing with the internal
* state of the underlying md/sha context.)
*
* Also tests that md_list() only returns valid MDs.
*/
for( md_type_ptr = md_list(); *md_type_ptr != 0; md_type_ptr++ )
{
TEST_ASSERT( ( info = md_info_from_type( *md_type_ptr ) ) != NULL );
TEST_ASSERT( md_init_ctx( &ctx, info ) == 0 );
TEST_ASSERT( md_process( &ctx, buf ) == 0 );
TEST_ASSERT( md_free_ctx( &ctx ) == 0 );
}
}
/* END_CASE */
/* BEGIN_CASE */
void md_info( int md_type, char *md_name, int md_size )
{
const md_info_t *md_info;
const int *md_type_ptr;
int found;
TEST_ASSERT( ( md_info = md_info_from_type( md_type ) ) != NULL );
TEST_ASSERT( md_info == md_info_from_string( md_name ) );
TEST_ASSERT( md_get_type( md_info ) == (md_type_t) md_type );
TEST_ASSERT( md_get_size( md_info ) == (unsigned char) md_size );
found = 0;
for( md_type_ptr = md_list(); *md_type_ptr != 0; md_type_ptr++ )
if( *md_type_ptr == md_type )
found = 1;
TEST_ASSERT( found == 1 );
}
/* END_CASE */
/* BEGIN_CASE */
void md_text( char *text_md_name, char *text_src_string, char *hex_hash_string )
{
@ -197,11 +246,23 @@ void md_hmac_multi( char *text_md_name, int trunc_size, char *hex_key_string,
TEST_ASSERT ( ctx.md_ctx != NULL );
TEST_ASSERT ( 0 == md_hmac_update( &ctx, src_str, src_len ) );
TEST_ASSERT ( 0 == md_hmac_finish( &ctx, output ) );
hexify( hash_str, output, md_get_size(md_info) );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
/* Test again, for reset() */
memset(hash_str, 0x00, 10000);
memset(output, 0x00, 100);
TEST_ASSERT ( 0 == md_hmac_reset( &ctx ) );
TEST_ASSERT ( 0 == md_hmac_update( &ctx, src_str, src_len ) );
TEST_ASSERT ( 0 == md_hmac_finish( &ctx, output ) );
TEST_ASSERT ( 0 == md_free_ctx( &ctx ) );
hexify( hash_str, output, md_get_size(md_info) );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
TEST_ASSERT ( 0 == md_free_ctx( &ctx ) );
}
/* END_CASE */

View file

@ -94,18 +94,48 @@ void md2_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
unsigned char hash_str[33];
unsigned char output[16];
int key_len, src_len;
md2_context ctx;
memset( src_str, 0x00, sizeof src_str );
memset( key_str, 0x00, sizeof key_str );
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
key_len = unhexify( key_str, hex_key_string );
src_len = unhexify( src_str, hex_src_string );
md2_hmac( key_str, key_len, src_str, src_len, output );
hexify( hash_str, output, sizeof output );
/* Test the all-in-one interface */
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
md2_hmac( key_str, key_len, src_str, src_len, output );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
/* Also test the "streaming" interface */
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
memset( &ctx, 0x00, sizeof ctx );
md2_hmac_starts( &ctx, key_str, key_len );
md2_hmac_update( &ctx, src_str, 0 );
md2_hmac_update( &ctx, src_str, src_len / 2 );
md2_hmac_update( &ctx, src_str + src_len / 2, src_len - src_len / 2 );
md2_hmac_update( &ctx, src_str + src_len, 0 );
md2_hmac_finish( &ctx, output );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
/* Again, to test hmac_reset() */
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
md2_hmac_reset( &ctx );
md2_hmac_update( &ctx, src_str, src_len / 2 );
md2_hmac_update( &ctx, src_str + src_len / 2, src_len - src_len / 2 );
md2_hmac_finish( &ctx, output );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
}
/* END_CASE */
@ -119,18 +149,48 @@ void md4_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
unsigned char hash_str[33];
unsigned char output[16];
int key_len, src_len;
md4_context ctx;
memset( src_str, 0x00, sizeof src_str );
memset( key_str, 0x00, sizeof key_str );
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
key_len = unhexify( key_str, hex_key_string );
src_len = unhexify( src_str, hex_src_string );
md4_hmac( key_str, key_len, src_str, src_len, output );
hexify( hash_str, output, sizeof output );
/* Test the all-in-one interface */
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
md4_hmac( key_str, key_len, src_str, src_len, output );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
/* Also test the "streaming" interface */
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
memset( &ctx, 0x00, sizeof ctx );
md4_hmac_starts( &ctx, key_str, key_len );
md4_hmac_update( &ctx, src_str, 0 );
md4_hmac_update( &ctx, src_str, src_len / 2 );
md4_hmac_update( &ctx, src_str + src_len / 2, src_len - src_len / 2 );
md4_hmac_update( &ctx, src_str + src_len, 0 );
md4_hmac_finish( &ctx, output );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
/* Again, to test hmac_reset() */
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
md4_hmac_reset( &ctx );
md4_hmac_update( &ctx, src_str, src_len / 2 );
md4_hmac_update( &ctx, src_str + src_len / 2, src_len - src_len / 2 );
md4_hmac_finish( &ctx, output );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
}
/* END_CASE */
@ -144,18 +204,48 @@ void md5_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
unsigned char hash_str[33];
unsigned char output[16];
int key_len, src_len;
md5_context ctx;
memset( src_str, 0x00, sizeof src_str );
memset( key_str, 0x00, sizeof key_str );
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
key_len = unhexify( key_str, hex_key_string );
src_len = unhexify( src_str, hex_src_string );
md5_hmac( key_str, key_len, src_str, src_len, output );
hexify( hash_str, output, sizeof output );
/* Test the all-in-one interface */
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
md5_hmac( key_str, key_len, src_str, src_len, output );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
/* Also test the "streaming" interface */
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
memset( &ctx, 0x00, sizeof ctx );
md5_hmac_starts( &ctx, key_str, key_len );
md5_hmac_update( &ctx, src_str, 0 );
md5_hmac_update( &ctx, src_str, src_len / 2 );
md5_hmac_update( &ctx, src_str + src_len / 2, src_len - src_len / 2 );
md5_hmac_update( &ctx, src_str + src_len, 0 );
md5_hmac_finish( &ctx, output );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
/* Again, to test hmac_reset() */
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
md5_hmac_reset( &ctx );
md5_hmac_update( &ctx, src_str, src_len / 2 );
md5_hmac_update( &ctx, src_str + src_len / 2, src_len - src_len / 2 );
md5_hmac_finish( &ctx, output );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
}
/* END_CASE */
@ -169,18 +259,48 @@ void ripemd160_hmac( int trunc_size, char *hex_key_string, char *hex_src_string,
unsigned char hash_str[41];
unsigned char output[20];
int key_len, src_len;
ripemd160_context ctx;
memset( src_str, 0x00, sizeof src_str );
memset( key_str, 0x00, sizeof key_str );
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
key_len = unhexify( key_str, hex_key_string );
src_len = unhexify( src_str, hex_src_string );
ripemd160_hmac( key_str, key_len, src_str, src_len, output );
hexify( hash_str, output, sizeof output );
/* Test the all-in-one interface */
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
ripemd160_hmac( key_str, key_len, src_str, src_len, output );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
/* Also test the "streaming" interface */
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
memset( &ctx, 0x00, sizeof ctx );
ripemd160_hmac_starts( &ctx, key_str, key_len );
ripemd160_hmac_update( &ctx, src_str, 0 );
ripemd160_hmac_update( &ctx, src_str, src_len / 2 );
ripemd160_hmac_update( &ctx, src_str + src_len / 2, src_len - src_len / 2 );
ripemd160_hmac_update( &ctx, src_str + src_len, 0 );
ripemd160_hmac_finish( &ctx, output );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
/* Again, to test hmac_reset() */
memset( hash_str, 0x00, sizeof hash_str );
memset( output, 0x00, sizeof output );
ripemd160_hmac_reset( &ctx );
ripemd160_hmac_update( &ctx, src_str, src_len / 2 );
ripemd160_hmac_update( &ctx, src_str + src_len / 2, src_len - src_len / 2 );
ripemd160_hmac_finish( &ctx, output );
hexify( hash_str, output, sizeof output );
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
}
/* END_CASE */

View file

@ -77,3 +77,7 @@ pk_ec_nocrypt:POLARSSL_PK_ECKEY_DH
ECDSA nocrypt
depends_on:POLARSSL_ECDSA_C
pk_ec_nocrypt:POLARSSL_PK_ECDSA
RSA_ALT consistency
depends_on:POLARSSL_RSA_C:POLARSSL_PKCS1_V15:POLARSSL_GENPRIME
pk_rsa_alt:

View file

@ -3,13 +3,16 @@
static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len );
#define RSA_KEY_SIZE 512
#define RSA_KEY_LEN 64
static int pk_genkey( pk_context *pk )
{
((void) pk);
#if defined(POLARSSL_RSA_C) && defined(POLARSSL_GENPRIME)
if( pk_get_type( pk ) == POLARSSL_PK_RSA )
return rsa_gen_key( pk_rsa( *pk ), rnd_std_rand, NULL, 512, 3 );
return rsa_gen_key( pk_rsa( *pk ), rnd_std_rand, NULL, RSA_KEY_SIZE, 3 );
#endif
#if defined(POLARSSL_ECP_C)
if( pk_get_type( pk ) == POLARSSL_PK_ECKEY ||
@ -27,6 +30,28 @@ static int pk_genkey( pk_context *pk )
#endif
return( -1 );
}
#if defined(POLARSSL_RSA_C)
int rsa_decrypt_func( void *ctx, int mode, size_t *olen,
const unsigned char *input, unsigned char *output,
size_t output_max_len )
{
return( rsa_pkcs1_decrypt( (rsa_context *) ctx, NULL, NULL, mode, olen,
input, output, output_max_len ) );
}
int rsa_sign_func( void *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
int mode, md_type_t md_alg, unsigned int hashlen,
const unsigned char *hash, unsigned char *sig )
{
return( rsa_pkcs1_sign( (rsa_context *) ctx, f_rng, p_rng, mode,
md_alg, hashlen, hash, sig ) );
}
size_t rsa_key_len_func( void *ctx )
{
return( ((const rsa_context *) ctx)->len );
}
#endif /* POLARSSL_RSA_C */
/* END_HEADER */
/* BEGIN_DEPENDENCIES
@ -282,3 +307,77 @@ void pk_ec_nocrypt( int type )
pk_free( &pk );
}
/* END_CASE */
/* BEGIN_CASE depends_on:POLARSSL_RSA_C */
void pk_rsa_alt( )
{
/*
* An rsa_alt context can only do private operations (decrypt, sign).
* Test it against the public operations (encrypt, verify) of a
* corresponding rsa context.
*/
rsa_context raw;
pk_context rsa, alt;
pk_debug_item dbg_items[10];
unsigned char hash[50], sig[1000];
unsigned char msg[50], ciph[1000], test[1000];
size_t sig_len, ciph_len, test_len;
int ret = POLARSSL_ERR_PK_TYPE_MISMATCH;
rsa_init( &raw, RSA_PKCS_V15, POLARSSL_MD_NONE );
pk_init( &rsa ); pk_init( &alt );
memset( hash, 0x2a, sizeof hash );
memset( sig, 0, sizeof sig );
memset( msg, 0x2a, sizeof msg );
memset( ciph, 0, sizeof ciph );
memset( test, 0, sizeof test );
/* Initiliaze PK RSA context with random key */
TEST_ASSERT( pk_init_ctx( &rsa,
pk_info_from_type( POLARSSL_PK_RSA ) ) == 0 );
TEST_ASSERT( pk_genkey( &rsa ) == 0 );
/* Extract key to the raw rsa context */
TEST_ASSERT( rsa_copy( &raw, pk_rsa( rsa ) ) == 0 );
/* Initialize PK RSA_ALT context */
TEST_ASSERT( pk_init_ctx_rsa_alt( &alt, (void *) &raw,
rsa_decrypt_func, rsa_sign_func, rsa_key_len_func ) == 0 );
/* Test administrative functions */
TEST_ASSERT( pk_can_do( &alt, POLARSSL_PK_RSA ) );
TEST_ASSERT( pk_get_size( &alt ) == RSA_KEY_SIZE );
TEST_ASSERT( pk_get_len( &alt ) == RSA_KEY_LEN );
TEST_ASSERT( pk_get_type( &alt ) == POLARSSL_PK_RSA_ALT );
TEST_ASSERT( strcmp( pk_get_name( &alt ), "RSA-alt" ) == 0 );
/* Test signature */
TEST_ASSERT( pk_sign( &alt, POLARSSL_MD_NONE, hash, sizeof hash,
sig, &sig_len, rnd_std_rand, NULL ) == 0 );
TEST_ASSERT( sig_len == RSA_KEY_LEN );
TEST_ASSERT( pk_verify( &rsa, POLARSSL_MD_NONE,
hash, sizeof hash, sig, sig_len ) == 0 );
/* Test decrypt */
TEST_ASSERT( pk_encrypt( &rsa, msg, sizeof msg,
ciph, &ciph_len, sizeof ciph,
rnd_std_rand, NULL ) == 0 );
TEST_ASSERT( pk_decrypt( &alt, ciph, ciph_len,
test, &test_len, sizeof test,
rnd_std_rand, NULL ) == 0 );
TEST_ASSERT( test_len == sizeof msg );
TEST_ASSERT( memcmp( test, msg, test_len ) == 0 );
/* Test forbidden operations */
TEST_ASSERT( pk_encrypt( &alt, msg, sizeof msg,
ciph, &ciph_len, sizeof ciph,
rnd_std_rand, NULL ) == ret );
TEST_ASSERT( pk_verify( &alt, POLARSSL_MD_NONE,
hash, sizeof hash, sig, sig_len ) == ret );
TEST_ASSERT( pk_debug( &alt, dbg_items ) == ret );
rsa_free( &raw );
pk_free( &rsa ); pk_free( &alt );
}
/* END_CASE */

View file

@ -802,3 +802,27 @@ x509_crt_parse_path:"data_files/dir2":0:2
X509 CRT parse path #4 (two certs, one non-cert)
depends_on:POLARSSL_SHA1_C:POLARSSL_RSA_C:POLARSSL_SHA256_C:POLARSSL_ECDSA_C:POLARSSL_ECP_DP_SECP384R1_ENABLED
x509_crt_parse_path:"data_files/dir3":1:2
X509 OID description #1
x509_oid_desc:"2B06010505070301":"TLS Web Server Authentication"
X509 OID description #2
x509_oid_desc:"2B0601050507030f":"notfound"
X509 OID description #3
x509_oid_desc:"2B0601050507030100":"notfound"
X509 OID numstring #1 (wide buffer)
x509_oid_numstr:"2B06010505070301":"1.3.6.1.5.5.7.3.1":20:17
X509 OID numstring #2 (buffer just fits)
x509_oid_numstr:"2B06010505070301":"1.3.6.1.5.5.7.3.1":18:17
X509 OID numstring #3 (buffer too small)
x509_oid_numstr:"2B06010505070301":"1.3.6.1.5.5.7.3.1":17:POLARSSL_ERR_OID_BUF_TOO_SMALL
X509 OID numstring #4 (larger number)
x509_oid_numstr:"2A864886F70D":"1.2.840.113549":15:14
X509 OID numstring #5 (arithmetic overflow)
x509_oid_numstr:"2A8648F9F8F7F6F5F4F3F2F1F001":"":100:POLARSSL_ERR_OID_BUF_TOO_SMALL

View file

@ -265,6 +265,57 @@ void x509_crt_parse_path( char *crt_path, int ret, int nb_crt )
}
/* END_CASE */
/* BEGIN_CASE */
void x509_oid_desc( char *oid_str, char *ref_desc )
{
x509_buf oid;
const char *desc;
unsigned char buf[20];
memset( buf, 0, sizeof buf );
oid.tag = ASN1_OID;
oid.len = unhexify( buf, oid_str );
oid.p = buf;
desc = x509_oid_get_description( &oid );
if( strcmp( ref_desc, "notfound" ) == 0 )
TEST_ASSERT( desc == NULL );
else
{
TEST_ASSERT( desc != NULL );
TEST_ASSERT( strcmp( desc, ref_desc ) == 0 );
}
}
/* END_CASE */
/* BEGIN_CASE */
void x509_oid_numstr( char *oid_str, char *numstr, int blen, int ret )
{
x509_buf oid;
unsigned char oid_buf[20];
char num_buf[100];
memset( oid_buf, 0x00, sizeof oid_buf );
memset( num_buf, 0x2a, sizeof num_buf );
oid.tag = ASN1_OID;
oid.len = unhexify( oid_buf, oid_str );
oid.p = oid_buf;
TEST_ASSERT( (size_t) blen <= sizeof num_buf );
TEST_ASSERT( x509_oid_get_numeric_string( num_buf, blen, &oid ) == ret );
if( ret >= 0 )
{
TEST_ASSERT( num_buf[ret] == 0 );
TEST_ASSERT( strcmp( num_buf, numstr ) == 0 );
}
}
/* END_CASE */
/* BEGIN_CASE depends_on:POLARSSL_X509_CRT_PARSE_C:POLARSSL_SELF_TEST */
void x509_selftest()
{

View file

@ -1,31 +1,59 @@
Certificate Request check Server1 SHA1
depends_on:POLARSSL_SHA1_C:POLARSSL_RSA_C:POLARSSL_PKCS1_V15
x509_csr_check:"data_files/server1.key":POLARSSL_MD_SHA1:"data_files/server1.req.sha1"
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha1":POLARSSL_MD_SHA1:0:0
Certificate Request check Server1 SHA224
depends_on:POLARSSL_SHA256_C:POLARSSL_RSA_C:POLARSSL_PKCS1_V15
x509_csr_check:"data_files/server1.key":POLARSSL_MD_SHA224:"data_files/server1.req.sha224"
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha224":POLARSSL_MD_SHA224:0:0
Certificate Request check Server1 SHA256
depends_on:POLARSSL_SHA256_C:POLARSSL_RSA_C:POLARSSL_PKCS1_V15
x509_csr_check:"data_files/server1.key":POLARSSL_MD_SHA256:"data_files/server1.req.sha256"
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha256":POLARSSL_MD_SHA256:0:0
Certificate Request check Server1 SHA384
depends_on:POLARSSL_SHA512_C:POLARSSL_RSA_C:POLARSSL_PKCS1_V15
x509_csr_check:"data_files/server1.key":POLARSSL_MD_SHA384:"data_files/server1.req.sha384"
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha384":POLARSSL_MD_SHA384:0:0
Certificate Request check Server1 SHA512
depends_on:POLARSSL_SHA512_C:POLARSSL_RSA_C:POLARSSL_PKCS1_V15
x509_csr_check:"data_files/server1.key":POLARSSL_MD_SHA512:"data_files/server1.req.sha512"
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha512":POLARSSL_MD_SHA512:0:0
Certificate Request check Server1 MD4
depends_on:POLARSSL_MD4_C:POLARSSL_RSA_C:POLARSSL_PKCS1_V15
x509_csr_check:"data_files/server1.key":POLARSSL_MD_MD4:"data_files/server1.req.md4"
x509_csr_check:"data_files/server1.key":"data_files/server1.req.md4":POLARSSL_MD_MD4:0:0
Certificate Request check Server1 MD5
depends_on:POLARSSL_MD5_C:POLARSSL_RSA_C:POLARSSL_PKCS1_V15
x509_csr_check:"data_files/server1.key":POLARSSL_MD_MD5:"data_files/server1.req.md5"
x509_csr_check:"data_files/server1.key":"data_files/server1.req.md5":POLARSSL_MD_MD5:0:0
Certificate Request check Server1 key_usage
depends_on:POLARSSL_SHA1_C:POLARSSL_RSA_C:POLARSSL_PKCS1_V15
x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage":POLARSSL_MD_SHA1:KU_DIGITAL_SIGNATURE | KU_NON_REPUDIATION | KU_KEY_ENCIPHERMENT:0
Certificate Request check Server1 ns_cert_type
depends_on:POLARSSL_SHA1_C:POLARSSL_RSA_C:POLARSSL_PKCS1_V15
x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type":POLARSSL_MD_SHA1:0:NS_CERT_TYPE_SSL_SERVER
Certificate Request check Server1 key_usage + ns_cert_type
depends_on:POLARSSL_SHA1_C:POLARSSL_RSA_C:POLARSSL_PKCS1_V15
x509_csr_check:"data_files/server1.key":"data_files/server1.req.ku-ct":POLARSSL_MD_SHA1:KU_DIGITAL_SIGNATURE | KU_NON_REPUDIATION | KU_KEY_ENCIPHERMENT:NS_CERT_TYPE_SSL_SERVER
Certificate Request check Server5 ECDSA, key_usage
depends_on:POLARSSL_SHA1_C:POLARSSL_ECDSA_C:POLARSSL_ECDSA_DETERMINISTIC
x509_csr_check:"data_files/server5.key":"data_files/server5.req.ku.sha1":POLARSSL_MD_SHA1:KU_DIGITAL_SIGNATURE | KU_NON_REPUDIATION:0
Certificate write check Server1 SHA1
depends_on:POLARSSL_SHA1_C:POLARSSL_RSA_C:POLARSSL_PKCS1_V15:POLARSSL_DES_C:POLARSSL_CIPHER_MODE_CBC:POLARSSL_MD5_C
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":POLARSSL_MD_SHA1:"data_files/server1.crt"
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":POLARSSL_MD_SHA1:0:0:-1:"data_files/server1.crt"
Certificate write check Server1 SHA1, key_usage
depends_on:POLARSSL_SHA1_C:POLARSSL_RSA_C:POLARSSL_PKCS1_V15:POLARSSL_DES_C:POLARSSL_CIPHER_MODE_CBC:POLARSSL_MD5_C
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":POLARSSL_MD_SHA1:KU_DIGITAL_SIGNATURE | KU_NON_REPUDIATION | KU_KEY_ENCIPHERMENT:0:-1:"data_files/server1.key_usage.crt"
Certificate write check Server1 SHA1, ns_cert_type
depends_on:POLARSSL_SHA1_C:POLARSSL_RSA_C:POLARSSL_PKCS1_V15:POLARSSL_DES_C:POLARSSL_CIPHER_MODE_CBC:POLARSSL_MD5_C
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":POLARSSL_MD_SHA1:0:NS_CERT_TYPE_SSL_SERVER:-1:"data_files/server1.cert_type.crt"
Certificate write check Server1 SHA1, version 1
depends_on:POLARSSL_SHA1_C:POLARSSL_RSA_C:POLARSSL_PKCS1_V15:POLARSSL_DES_C:POLARSSL_CIPHER_MODE_CBC:POLARSSL_MD5_C
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":POLARSSL_MD_SHA1:0:0:X509_CRT_VERSION_1:"data_files/server1.v1.crt"

View file

@ -11,8 +11,8 @@
*/
/* BEGIN_CASE depends_on:POLARSSL_PEM_WRITE_C:POLARSSL_X509_CSR_WRITE_C */
void x509_csr_check( char *key_file, int md_type,
char *cert_req_check_file )
void x509_csr_check( char *key_file, char *cert_req_check_file,
int md_type, int key_usage, int cert_type )
{
pk_context key;
x509write_csr req;
@ -33,6 +33,10 @@ void x509_csr_check( char *key_file, int md_type,
x509write_csr_set_md_alg( &req, md_type );
x509write_csr_set_key( &req, &key );
TEST_ASSERT( x509write_csr_set_subject_name( &req, subject_name ) == 0 );
if( key_usage != 0 )
TEST_ASSERT( x509write_csr_set_key_usage( &req, key_usage ) == 0 );
if( cert_type != 0 )
TEST_ASSERT( x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 );
ret = x509write_csr_pem( &req, buf, sizeof(buf),
rnd_pseudo_rand, &rnd_info );
@ -58,7 +62,8 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd,
char *subject_name, char *issuer_key_file,
char *issuer_pwd, char *issuer_name,
char *serial_str, char *not_before, char *not_after,
int md_type, char *cert_check_file )
int md_type, int key_usage, int cert_type, int ver,
char *cert_check_file )
{
pk_context subject_key, issuer_key;
x509write_cert crt;
@ -82,7 +87,9 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd,
TEST_ASSERT( mpi_read_string( &serial, 10, serial_str ) == 0 );
x509write_crt_init( &crt );
x509write_crt_set_serial( &crt, &serial );
if( ver != -1 )
x509write_crt_set_version( &crt, ver );
TEST_ASSERT( x509write_crt_set_serial( &crt, &serial ) == 0 );
TEST_ASSERT( x509write_crt_set_validity( &crt, not_before,
not_after ) == 0 );
x509write_crt_set_md_alg( &crt, md_type );
@ -91,9 +98,16 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd,
x509write_crt_set_subject_key( &crt, &subject_key );
x509write_crt_set_issuer_key( &crt, &issuer_key );
if( crt.version >= X509_CRT_VERSION_3 )
{
TEST_ASSERT( x509write_crt_set_basic_constraints( &crt, 0, 0 ) == 0 );
TEST_ASSERT( x509write_crt_set_subject_key_identifier( &crt ) == 0 );
TEST_ASSERT( x509write_crt_set_authority_key_identifier( &crt ) == 0 );
if( key_usage != 0 )
TEST_ASSERT( x509write_crt_set_key_usage( &crt, key_usage ) == 0 );
if( cert_type != 0 )
TEST_ASSERT( x509write_crt_set_ns_cert_type( &crt, cert_type ) == 0 );
}
ret = x509write_crt_pem( &crt, buf, sizeof(buf),
rnd_pseudo_rand, &rnd_info );