diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2013-11-11 14:51:35 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2013-11-27 11:41:05 +0100 |
commit | 8b03afa66a73aa981cd0098520a464ad3089535a (patch) | |
tree | a9141bd6d0e6d30d89a7f0213af3b94359a23e21 /lib/crypto-selftests-pk.c | |
parent | bf52c2f7e63de4c276f26f3452c9770ddbb72d93 (diff) | |
download | gnutls-8b03afa66a73aa981cd0098520a464ad3089535a.tar.gz |
indented code
Diffstat (limited to 'lib/crypto-selftests-pk.c')
-rw-r--r-- | lib/crypto-selftests-pk.c | 387 |
1 files changed, 224 insertions, 163 deletions
diff --git a/lib/crypto-selftests-pk.c b/lib/crypto-selftests-pk.c index b89576096f..46a060a490 100644 --- a/lib/crypto-selftests-pk.c +++ b/lib/crypto-selftests-pk.c @@ -30,22 +30,21 @@ #define DATASTR "Hello there!" static const gnutls_datum_t signed_data = { - .data = (void*)DATASTR, - .size = sizeof(DATASTR)-1 + .data = (void *) DATASTR, + .size = sizeof(DATASTR) - 1 }; static const gnutls_datum_t bad_data = { - .data = (void*)DATASTR, - .size = sizeof(DATASTR)-2 + .data = (void *) DATASTR, + .size = sizeof(DATASTR) - 2 }; -static int test_rsa_enc(gnutls_pk_algorithm_t pk, - unsigned bits, - gnutls_digest_algorithm_t ign) +static int test_rsa_enc(gnutls_pk_algorithm_t pk, + unsigned bits, gnutls_digest_algorithm_t ign) { int ret; - gnutls_datum_t enc = {NULL, 0}; - gnutls_datum_t dec = {NULL, 0}; + gnutls_datum_t enc = { NULL, 0 }; + gnutls_datum_t dec = { NULL, 0 }; gnutls_privkey_t key; gnutls_pubkey_t pub = NULL; @@ -58,7 +57,7 @@ static int test_rsa_enc(gnutls_pk_algorithm_t pk, gnutls_assert(); goto cleanup; } - + ret = gnutls_privkey_generate(key, pk, bits, 0); if (ret < 0) { gnutls_assert(); @@ -76,46 +75,51 @@ static int test_rsa_enc(gnutls_pk_algorithm_t pk, gnutls_assert(); goto cleanup; } - + ret = gnutls_privkey_decrypt_data(key, 0, &enc, &dec); if (ret < 0) { gnutls_assert(); goto cleanup; } - - if (dec.size != signed_data.size || memcmp(dec.data, signed_data.data, dec.size) != 0) { + + if (dec.size != signed_data.size + || memcmp(dec.data, signed_data.data, dec.size) != 0) { ret = GNUTLS_E_SELF_TEST_ERROR; gnutls_assert(); goto cleanup; } ret = 0; -cleanup: - if (pub != NULL) gnutls_pubkey_deinit(pub); + cleanup: + if (pub != NULL) + gnutls_pubkey_deinit(pub); gnutls_privkey_deinit(key); gnutls_free(enc.data); gnutls_free(dec.data); if (ret == 0) - _gnutls_debug_log("%s-%u-enc self test succeeded\n", gnutls_pk_get_name(pk), bits); + _gnutls_debug_log("%s-%u-enc self test succeeded\n", + gnutls_pk_get_name(pk), bits); else - _gnutls_debug_log("%s-%u-enc self test failed\n", gnutls_pk_get_name(pk), bits); + _gnutls_debug_log("%s-%u-enc self test failed\n", + gnutls_pk_get_name(pk), bits); return ret; } -static int test_sig(gnutls_pk_algorithm_t pk, - unsigned bits, - gnutls_digest_algorithm_t dig) +static int test_sig(gnutls_pk_algorithm_t pk, + unsigned bits, gnutls_digest_algorithm_t dig) { int ret; - gnutls_datum_t sig = {NULL, 0}; + gnutls_datum_t sig = { NULL, 0 }; gnutls_privkey_t key; gnutls_pubkey_t pub = NULL; char param_name[32]; - + if (pk == GNUTLS_PK_EC) { - snprintf(param_name, sizeof(param_name), "%s", gnutls_ecc_curve_get_name(GNUTLS_BITS_TO_CURVE(bits))); + snprintf(param_name, sizeof(param_name), "%s", + gnutls_ecc_curve_get_name(GNUTLS_BITS_TO_CURVE + (bits))); } else { snprintf(param_name, sizeof(param_name), "%u", bits); } @@ -129,7 +133,7 @@ static int test_sig(gnutls_pk_algorithm_t pk, gnutls_assert(); goto cleanup; } - + ret = gnutls_privkey_generate(key, pk, bits, 0); if (ret < 0) { gnutls_assert(); @@ -147,127 +151,142 @@ static int test_sig(gnutls_pk_algorithm_t pk, gnutls_assert(); goto cleanup; } - - ret = gnutls_pubkey_verify_data2(pub, gnutls_pk_to_sign(pk, dig), 0, - &signed_data, &sig); + + ret = + gnutls_pubkey_verify_data2(pub, gnutls_pk_to_sign(pk, dig), 0, + &signed_data, &sig); if (ret < 0) { ret = GNUTLS_E_SELF_TEST_ERROR; gnutls_assert(); goto cleanup; } - - ret = gnutls_pubkey_verify_data2(pub, gnutls_pk_to_sign(pk, dig), 0, - &bad_data, &sig); - + + ret = + gnutls_pubkey_verify_data2(pub, gnutls_pk_to_sign(pk, dig), 0, + &bad_data, &sig); + if (ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) { ret = GNUTLS_E_SELF_TEST_ERROR; gnutls_assert(); goto cleanup; } - + ret = 0; -cleanup: - if (pub != NULL) gnutls_pubkey_deinit(pub); + cleanup: + if (pub != NULL) + gnutls_pubkey_deinit(pub); gnutls_privkey_deinit(key); gnutls_free(sig.data); if (ret == 0) - _gnutls_debug_log("%s-%s-sig self test succeeded\n", gnutls_pk_get_name(pk), param_name); + _gnutls_debug_log("%s-%s-sig self test succeeded\n", + gnutls_pk_get_name(pk), param_name); else - _gnutls_debug_log("%s-%s-sig self test failed\n", gnutls_pk_get_name(pk), param_name); + _gnutls_debug_log("%s-%s-sig self test failed\n", + gnutls_pk_get_name(pk), param_name); return ret; } static const char rsa_privkey[] = "-----BEGIN RSA PRIVATE KEY-----\n" -"MIIBOwIBAAJBAOY5i7i6V/xreyZAXihowgsU7iZ1xXdJFLvMMCOTmXDCfgcLOuRn\n" -"jSokU7Lpaef7VGuE3mOqVeTdUGe15JSTcdsCAwEAAQJBAKvYDFjIjuBVAckdhqq2\n" -"9w/6gYCnq8tL+3PqB4ymoYOt3nG7wyj3/dS5wBqoVXDOTrxvqRuyPICzqFFInnxH\n" -"6zECIQD6598eMoBdHNKwxNfvISVZwmIp2a7/O7OhZPlf7JYgzQIhAOrmLmDuwnzs\n" -"t8up1byAFWtBXmCJy/yvlqJvfSUPnb1HAiBsAyfdAxaZfxAAgy0GR7mhk3nY1Fpu\n" -"jA//ec2VCu9yPQIgY4FSkDlUJftY+GtfYVSYvjCYvChjQw1WsESuLK7q0S0CIQD6\n" -"ReydpDFBsMxPewC/5By9yMNDbif/1j6j/8I+eqmzMA==\n" -"-----END RSA PRIVATE KEY-----\n"; + "MIIBOwIBAAJBAOY5i7i6V/xreyZAXihowgsU7iZ1xXdJFLvMMCOTmXDCfgcLOuRn\n" + "jSokU7Lpaef7VGuE3mOqVeTdUGe15JSTcdsCAwEAAQJBAKvYDFjIjuBVAckdhqq2\n" + "9w/6gYCnq8tL+3PqB4ymoYOt3nG7wyj3/dS5wBqoVXDOTrxvqRuyPICzqFFInnxH\n" + "6zECIQD6598eMoBdHNKwxNfvISVZwmIp2a7/O7OhZPlf7JYgzQIhAOrmLmDuwnzs\n" + "t8up1byAFWtBXmCJy/yvlqJvfSUPnb1HAiBsAyfdAxaZfxAAgy0GR7mhk3nY1Fpu\n" + "jA//ec2VCu9yPQIgY4FSkDlUJftY+GtfYVSYvjCYvChjQw1WsESuLK7q0S0CIQD6\n" + "ReydpDFBsMxPewC/5By9yMNDbif/1j6j/8I+eqmzMA==\n" + "-----END RSA PRIVATE KEY-----\n"; /* A precomputed RSA-SHA1 signature using the key above */ -static const char rsa_sig[] = "\xc8\x3a\x61\xfe\x27\x67\x23\x84\xfc\x8f\x2a\xd8\x05\x00\x83\xcd\xfd\x89\xe8\xa6\x5a\x01\x41\x4b\xaf\x5b\x37\x8e\x2e\xa9\xf0\xf3\x3e\xd2\xa9\x2f\xf1\x48\xa2\xdd\x3e\xe9\x7f\x7c\x02\xe8\x05\x4d\x2a\x3b\xeb\x74\x19\x01\x1d\x1b\x83\xc9\x45\x1b\x4b\x3c\x43\x3e"; +static const char rsa_sig[] = + "\xc8\x3a\x61\xfe\x27\x67\x23\x84\xfc\x8f\x2a\xd8\x05\x00\x83\xcd\xfd\x89\xe8\xa6\x5a\x01\x41\x4b\xaf\x5b\x37\x8e\x2e\xa9\xf0\xf3\x3e\xd2\xa9\x2f\xf1\x48\xa2\xdd\x3e\xe9\x7f\x7c\x02\xe8\x05\x4d\x2a\x3b\xeb\x74\x19\x01\x1d\x1b\x83\xc9\x45\x1b\x4b\x3c\x43\x3e"; /* ECDSA key and signature */ -static const char ecdsa_secp256r1_privkey[] = "-----BEGIN EC PRIVATE KEY-----\n" -"MHcCAQEEIPAKWV7+pZe9c5EubMNfAEKWRQtP/MvlO9HehwHmJssNoAoGCCqGSM49\n" -"AwEHoUQDQgAE2CNONRio3ciuXtoomJKs3MdbzLbd44VPhtzJN30VLFm5gvnfiCj2\n" -"zzz7pl9Cv0ECHl6yedNI8QEKdcwCDgEmkQ==\n" -"-----END EC PRIVATE KEY-----\n"; +static const char ecdsa_secp256r1_privkey[] = + "-----BEGIN EC PRIVATE KEY-----\n" + "MHcCAQEEIPAKWV7+pZe9c5EubMNfAEKWRQtP/MvlO9HehwHmJssNoAoGCCqGSM49\n" + "AwEHoUQDQgAE2CNONRio3ciuXtoomJKs3MdbzLbd44VPhtzJN30VLFm5gvnfiCj2\n" + "zzz7pl9Cv0ECHl6yedNI8QEKdcwCDgEmkQ==\n" + "-----END EC PRIVATE KEY-----\n"; -static const char ecdsa_secp256r1_sig[] = "\x30\x45\x02\x21\x00\x9b\x8f\x60\xed\x9e\x40\x8d\x74\x82\x73\xab\x20\x1a\x69\xfc\xf9\xee\x3c\x41\x80\xc0\x39\xdd\x21\x1a\x64\xfd\xbf\x7e\xaa\x43\x70\x02\x20\x44\x28\x05\xdd\x30\x47\x58\x96\x18\x39\x94\x18\xba\xe7\x7a\xf6\x1e\x2d\xba\xb1\xe0\x7d\x73\x9e\x2f\x58\xee\x0c\x2a\x89\xe8\x35"; +static const char ecdsa_secp256r1_sig[] = + "\x30\x45\x02\x21\x00\x9b\x8f\x60\xed\x9e\x40\x8d\x74\x82\x73\xab\x20\x1a\x69\xfc\xf9\xee\x3c\x41\x80\xc0\x39\xdd\x21\x1a\x64\xfd\xbf\x7e\xaa\x43\x70\x02\x20\x44\x28\x05\xdd\x30\x47\x58\x96\x18\x39\x94\x18\xba\xe7\x7a\xf6\x1e\x2d\xba\xb1\xe0\x7d\x73\x9e\x2f\x58\xee\x0c\x2a\x89\xe8\x35"; /* sha256 */ -static const char ecdsa_secp192r1_privkey[] = "-----BEGIN EC PRIVATE KEY-----" -"MF8CAQEEGLjezFcbgDMeApVrdtZHvu/k1a8/tVZ41KAKBggqhkjOPQMBAaE0AzIA" -"BO1lciKdgxeRH8k64vxcaV1OYIK9akVrW02Dw21MXhRLP0l0wzCw6LGSr5rS6AaL" -"Fg==" -"-----END EC PRIVATE KEY-----"; - -static const char ecdsa_secp192r1_sig[] = "\x30\x34\x02\x18\x5f\xb3\x10\x4b\x4d\x44\x48\x29\x4b\xfd\xa7\x8e\xce\x57\xac\x36\x38\x54\xab\x73\xdb\xed\xb8\x5f\x02\x18\x0b\x8b\xf3\xae\x49\x50\x0e\x47\xca\x89\x1a\x00\xca\x23\xf5\x8d\xd6\xe3\xce\x9a\xff\x2e\x4f\x5c"; - -static const char ecdsa_secp224r1_privkey[] = "-----BEGIN EC PRIVATE KEY-----" -"MGgCAQEEHOKWJFdWdrR/CgVrUeTeawOrJ9GozE9KKx2a8PmgBwYFK4EEACGhPAM6" -"AAQKQj3YpenWT7lFR41SnBvmj/+Bj+kgzQnaF65qWAtPRJsZXFlLTu3/IUNqSRu9" -"DqPsk8xBHAB7pA==" -"-----END EC PRIVATE KEY-----"; - -static const char ecdsa_secp224r1_sig[] = "\x30\x3d\x02\x1c\x76\x03\x8d\x74\xf4\xd3\x09\x2a\xb5\xdf\x6b\x5b\xf4\x4b\x86\xb8\x62\x81\x5d\x7b\x7a\xbb\x37\xfc\xf1\x46\x1c\x2b\x02\x1d\x00\xa0\x98\x5d\x80\x43\x89\xe5\xee\x1a\xec\x46\x08\x04\x55\xbc\x50\xfa\x2a\xd5\xa6\x18\x92\x19\xdb\x68\xa0\x2a\xda"; - -static const char ecdsa_secp384r1_privkey[] = "-----BEGIN EC PRIVATE KEY-----" -"MIGkAgEBBDDevshD6gb+4rZpC9vwFcIwNs4KmGzdqCxyyN40a8uOWRbyf7aHdiSS" -"03oAyKtc4JCgBwYFK4EEACKhZANiAARO1KkPMno2tnNXx1S9EZkp8SOpDCZ4aobH" -"IYv8RHnSmKf8I3OKD6TaoeR+1MwJmNJUH90Bj45WXla68/vsPiFcfVKboxsZYe/n" -"pv8e4ugXagVQVBXNZJ859iYPdJR24vo=" -"-----END EC PRIVATE KEY-----"; - -static const char ecdsa_secp384r1_sig[] = "\x30\x66\x02\x31\x00\xbb\x4d\x25\x30\x13\x1b\x3b\x75\x60\x07\xed\x53\x8b\x52\xee\xd8\x6e\xf1\x9d\xa8\x36\x0e\x2e\x20\x31\x51\x11\x48\x78\xdd\xaf\x24\x38\x64\x81\x71\x6b\xa6\xb7\x29\x58\x28\x82\x32\xba\x29\x29\xd9\x02\x31\x00\xeb\x70\x09\x87\xac\x7b\x78\x0d\x4c\x4f\x08\x2b\x86\x27\xe2\x60\x1f\xc9\x11\x9f\x1d\xf5\x82\x4c\xc7\x3d\xb0\x27\xc8\x93\x29\xc7\xd0\x0e\x88\x02\x09\x93\xc2\x72\xce\xa5\x74\x8c\x3d\xe0\x8c\xad"; - -static const char ecdsa_secp521r1_privkey[] = "-----BEGIN EC PRIVATE KEY-----" -"MIHbAgEBBEGO2n7NN363qSCvJVdlQtCvudtaW4o0fEufXRjE1AsCrle+VXX0Zh0w" -"Y1slSeDHMndpakoiF+XkQ+bhcB867UV6aKAHBgUrgQQAI6GBiQOBhgAEAQb6jDpo" -"byy1tF8Zucg0TMGUzIN2DK+RZJ3QQRdWdirO25OIC3FoFi1Yird6rpoB6HlNyJ7R" -"0bNG9Uv34bSHMn8yAFoiqxUCdJZQbEenMoZsi6COaePe3e0QqvDMr0hEWT23Sr3t" -"LpEV7eZGFfFIJw5wSUp2KOcs+O9WjmoukTWtDKNV" -"-----END EC PRIVATE KEY-----"; - -static const char ecdsa_secp521r1_sig[] = "\x30\x81\x87\x02\x42\x01\xb8\xcb\x52\x9e\x10\xa8\x49\x3f\xe1\x9e\x14\x0a\xcf\x96\xed\x7e\xab\x7d\x0c\xe1\x9b\xa4\x97\xdf\x01\xf5\x35\x42\x5f\x5b\x28\x15\x24\x33\x6e\x59\x6c\xaf\x10\x8b\x98\x8e\xe9\x4c\x23\x0d\x76\x92\x03\xdd\x6d\x8d\x08\x47\x15\x5b\xf8\x66\x75\x75\x40\xe8\xf4\xa0\x52\x02\x41\x15\x27\x7c\x5f\xa6\x33\xa6\x29\x68\x3f\x55\x8d\x7f\x1d\x4f\x88\xc6\x61\x6e\xac\x21\xdf\x2b\x7b\xde\x76\x9a\xdc\xe6\x3b\x94\x3f\x03\x9c\xa2\xa6\xa3\x63\x39\x48\xbd\x79\x70\x21\xf2\x6b\xff\x58\x66\xf1\x58\xc2\x58\xad\x4f\x84\x14\x5d\x05\x12\x83\xd0\x87\xbd\xf3"; +static const char ecdsa_secp192r1_privkey[] = + "-----BEGIN EC PRIVATE KEY-----" + "MF8CAQEEGLjezFcbgDMeApVrdtZHvu/k1a8/tVZ41KAKBggqhkjOPQMBAaE0AzIA" + "BO1lciKdgxeRH8k64vxcaV1OYIK9akVrW02Dw21MXhRLP0l0wzCw6LGSr5rS6AaL" + "Fg==" "-----END EC PRIVATE KEY-----"; + +static const char ecdsa_secp192r1_sig[] = + "\x30\x34\x02\x18\x5f\xb3\x10\x4b\x4d\x44\x48\x29\x4b\xfd\xa7\x8e\xce\x57\xac\x36\x38\x54\xab\x73\xdb\xed\xb8\x5f\x02\x18\x0b\x8b\xf3\xae\x49\x50\x0e\x47\xca\x89\x1a\x00\xca\x23\xf5\x8d\xd6\xe3\xce\x9a\xff\x2e\x4f\x5c"; + +static const char ecdsa_secp224r1_privkey[] = + "-----BEGIN EC PRIVATE KEY-----" + "MGgCAQEEHOKWJFdWdrR/CgVrUeTeawOrJ9GozE9KKx2a8PmgBwYFK4EEACGhPAM6" + "AAQKQj3YpenWT7lFR41SnBvmj/+Bj+kgzQnaF65qWAtPRJsZXFlLTu3/IUNqSRu9" + "DqPsk8xBHAB7pA==" "-----END EC PRIVATE KEY-----"; + +static const char ecdsa_secp224r1_sig[] = + "\x30\x3d\x02\x1c\x76\x03\x8d\x74\xf4\xd3\x09\x2a\xb5\xdf\x6b\x5b\xf4\x4b\x86\xb8\x62\x81\x5d\x7b\x7a\xbb\x37\xfc\xf1\x46\x1c\x2b\x02\x1d\x00\xa0\x98\x5d\x80\x43\x89\xe5\xee\x1a\xec\x46\x08\x04\x55\xbc\x50\xfa\x2a\xd5\xa6\x18\x92\x19\xdb\x68\xa0\x2a\xda"; + +static const char ecdsa_secp384r1_privkey[] = + "-----BEGIN EC PRIVATE KEY-----" + "MIGkAgEBBDDevshD6gb+4rZpC9vwFcIwNs4KmGzdqCxyyN40a8uOWRbyf7aHdiSS" + "03oAyKtc4JCgBwYFK4EEACKhZANiAARO1KkPMno2tnNXx1S9EZkp8SOpDCZ4aobH" + "IYv8RHnSmKf8I3OKD6TaoeR+1MwJmNJUH90Bj45WXla68/vsPiFcfVKboxsZYe/n" + "pv8e4ugXagVQVBXNZJ859iYPdJR24vo=" "-----END EC PRIVATE KEY-----"; + +static const char ecdsa_secp384r1_sig[] = + "\x30\x66\x02\x31\x00\xbb\x4d\x25\x30\x13\x1b\x3b\x75\x60\x07\xed\x53\x8b\x52\xee\xd8\x6e\xf1\x9d\xa8\x36\x0e\x2e\x20\x31\x51\x11\x48\x78\xdd\xaf\x24\x38\x64\x81\x71\x6b\xa6\xb7\x29\x58\x28\x82\x32\xba\x29\x29\xd9\x02\x31\x00\xeb\x70\x09\x87\xac\x7b\x78\x0d\x4c\x4f\x08\x2b\x86\x27\xe2\x60\x1f\xc9\x11\x9f\x1d\xf5\x82\x4c\xc7\x3d\xb0\x27\xc8\x93\x29\xc7\xd0\x0e\x88\x02\x09\x93\xc2\x72\xce\xa5\x74\x8c\x3d\xe0\x8c\xad"; + +static const char ecdsa_secp521r1_privkey[] = + "-----BEGIN EC PRIVATE KEY-----" + "MIHbAgEBBEGO2n7NN363qSCvJVdlQtCvudtaW4o0fEufXRjE1AsCrle+VXX0Zh0w" + "Y1slSeDHMndpakoiF+XkQ+bhcB867UV6aKAHBgUrgQQAI6GBiQOBhgAEAQb6jDpo" + "byy1tF8Zucg0TMGUzIN2DK+RZJ3QQRdWdirO25OIC3FoFi1Yird6rpoB6HlNyJ7R" + "0bNG9Uv34bSHMn8yAFoiqxUCdJZQbEenMoZsi6COaePe3e0QqvDMr0hEWT23Sr3t" + "LpEV7eZGFfFIJw5wSUp2KOcs+O9WjmoukTWtDKNV" + "-----END EC PRIVATE KEY-----"; + +static const char ecdsa_secp521r1_sig[] = + "\x30\x81\x87\x02\x42\x01\xb8\xcb\x52\x9e\x10\xa8\x49\x3f\xe1\x9e\x14\x0a\xcf\x96\xed\x7e\xab\x7d\x0c\xe1\x9b\xa4\x97\xdf\x01\xf5\x35\x42\x5f\x5b\x28\x15\x24\x33\x6e\x59\x6c\xaf\x10\x8b\x98\x8e\xe9\x4c\x23\x0d\x76\x92\x03\xdd\x6d\x8d\x08\x47\x15\x5b\xf8\x66\x75\x75\x40\xe8\xf4\xa0\x52\x02\x41\x15\x27\x7c\x5f\xa6\x33\xa6\x29\x68\x3f\x55\x8d\x7f\x1d\x4f\x88\xc6\x61\x6e\xac\x21\xdf\x2b\x7b\xde\x76\x9a\xdc\xe6\x3b\x94\x3f\x03\x9c\xa2\xa6\xa3\x63\x39\x48\xbd\x79\x70\x21\xf2\x6b\xff\x58\x66\xf1\x58\xc2\x58\xad\x4f\x84\x14\x5d\x05\x12\x83\xd0\x87\xbd\xf3"; /* DSA key and signature */ static const char dsa_privkey[] = "-----BEGIN DSA PRIVATE KEY-----\n" -"MIIBuwIBAAKBgQCMBOoV479SAPxFHL6Ty9DNCZ08nlxCWkfgSjt77Lc51tEkNlrl\n" -"Bx8Mid4uXPL7PDQ74YWdqDWL4In2lMkOQXZ/7B8xLqjuxZqisbyqgrYbu9/yatwo\n" -"hNa23vkXrd6duVasjoWOSkj1fVPqy8Pl1jik3BwWyRqXBn+ajbmyDGOsDQIVALBp\n" -"lrRgiO4jHfH1C8gP1CheHROrAoGBAIint1PE9y23u0Is9qEf6i/4hki+5pRCZv/K\n" -"VG5JGDBW+hEgVj6Rx62jFP0jkTtxJdmv1SsoccFSE42tbRkWWypOLIJKZ7nIIrHY\n" -"vMt3Z1S0m18mYE1G/3h9PNgbY8/Ag3YqYLwVfkthnBcTpDhSSAIo/dCwNV+3AxpS\n" -"v5hE0L+1AoGAYMeZCjvVWODKDMJPJ/d8pURroeudhB+p7d5BMZTq+mYUCm9uVVgu\n" -"doLo/RiWcs1mhrOQM9cHgKO1Hwd8NNjtj4KE8FTU1irpKbobgOViLHE5sM2Tfzc5\n" -"Gif2fh8SlQdrhkOnZQkGDuTFx24K9/TTCDkVmB0T+xJfQ8HIshGw7kQCFHUDZ/g5\n" -"K0FjzkSbhgOXhhKNTFFA\n" -"-----END DSA PRIVATE KEY-----\n"; - -static const char dsa_sig[] = "\x30\x2d\x02\x15\x00\xaf\x2a\x27\xcb\x93\xed\x33\x21\x9d\x01\x5f\x44\x8c\x80\x06\xa7\xe2\x9d\x73\x8d\x02\x14\x19\xb9\xf7\x73\x26\x62\x7a\xc7\x7f\x18\x5a\x69\x83\xc1\xa0\x1f\xbd\x9b\xe2\x92"; + "MIIBuwIBAAKBgQCMBOoV479SAPxFHL6Ty9DNCZ08nlxCWkfgSjt77Lc51tEkNlrl\n" + "Bx8Mid4uXPL7PDQ74YWdqDWL4In2lMkOQXZ/7B8xLqjuxZqisbyqgrYbu9/yatwo\n" + "hNa23vkXrd6duVasjoWOSkj1fVPqy8Pl1jik3BwWyRqXBn+ajbmyDGOsDQIVALBp\n" + "lrRgiO4jHfH1C8gP1CheHROrAoGBAIint1PE9y23u0Is9qEf6i/4hki+5pRCZv/K\n" + "VG5JGDBW+hEgVj6Rx62jFP0jkTtxJdmv1SsoccFSE42tbRkWWypOLIJKZ7nIIrHY\n" + "vMt3Z1S0m18mYE1G/3h9PNgbY8/Ag3YqYLwVfkthnBcTpDhSSAIo/dCwNV+3AxpS\n" + "v5hE0L+1AoGAYMeZCjvVWODKDMJPJ/d8pURroeudhB+p7d5BMZTq+mYUCm9uVVgu\n" + "doLo/RiWcs1mhrOQM9cHgKO1Hwd8NNjtj4KE8FTU1irpKbobgOViLHE5sM2Tfzc5\n" + "Gif2fh8SlQdrhkOnZQkGDuTFx24K9/TTCDkVmB0T+xJfQ8HIshGw7kQCFHUDZ/g5\n" + "K0FjzkSbhgOXhhKNTFFA\n" "-----END DSA PRIVATE KEY-----\n"; + +static const char dsa_sig[] = + "\x30\x2d\x02\x15\x00\xaf\x2a\x27\xcb\x93\xed\x33\x21\x9d\x01\x5f\x44\x8c\x80\x06\xa7\xe2\x9d\x73\x8d\x02\x14\x19\xb9\xf7\x73\x26\x62\x7a\xc7\x7f\x18\x5a\x69\x83\xc1\xa0\x1f\xbd\x9b\xe2\x92"; static int test_known_sig(gnutls_pk_algorithm_t pk, unsigned bits, - gnutls_digest_algorithm_t dig, - const void* privkey, size_t privkey_size, - const void* stored_sig, size_t stored_sig_size, - unsigned deterministic_sigs) + gnutls_digest_algorithm_t dig, + const void *privkey, size_t privkey_size, + const void *stored_sig, size_t stored_sig_size, + unsigned deterministic_sigs) { int ret; - gnutls_datum_t sig = {NULL, 0}; + gnutls_datum_t sig = { NULL, 0 }; gnutls_datum_t t, ssig; gnutls_pubkey_t pub = NULL; gnutls_privkey_t key; char param_name[32]; - + if (pk == GNUTLS_PK_EC) { - snprintf(param_name, sizeof(param_name), "%s", gnutls_ecc_curve_get_name(GNUTLS_BITS_TO_CURVE(bits))); + snprintf(param_name, sizeof(param_name), "%s", + gnutls_ecc_curve_get_name(GNUTLS_BITS_TO_CURVE + (bits))); } else { snprintf(param_name, sizeof(param_name), "%u", bits); } @@ -282,41 +301,46 @@ static int test_known_sig(gnutls_pk_algorithm_t pk, unsigned bits, return ret; } - t.data = (void*)privkey; + t.data = (void *) privkey; t.size = privkey_size; - - ret = gnutls_privkey_import_x509_raw(key, &t, GNUTLS_X509_FMT_PEM, NULL, 0); + + ret = + gnutls_privkey_import_x509_raw(key, &t, GNUTLS_X509_FMT_PEM, + NULL, 0); if (ret < 0) { gnutls_assert(); goto cleanup; } - - if (pk != (unsigned)gnutls_privkey_get_pk_algorithm(key, NULL)) { + + if (pk != (unsigned) gnutls_privkey_get_pk_algorithm(key, NULL)) { ret = GNUTLS_E_SELF_TEST_ERROR; goto cleanup; } /* Test if the signature we generate matches the stored */ - ssig.data = (void*)stored_sig; + ssig.data = (void *) stored_sig; ssig.size = stored_sig_size; - if (deterministic_sigs != 0) { /* do not compare against stored signature if not provided */ - ret = gnutls_privkey_sign_data(key, dig, 0, &signed_data, &sig); + if (deterministic_sigs != 0) { /* do not compare against stored signature if not provided */ + ret = + gnutls_privkey_sign_data(key, dig, 0, &signed_data, + &sig); if (ret < 0) { gnutls_assert(); goto cleanup; } - if (sig.size != ssig.size || memcmp(sig.data, ssig.data, sig.size) != 0) { + if (sig.size != ssig.size + || memcmp(sig.data, ssig.data, sig.size) != 0) { ret = GNUTLS_E_SELF_TEST_ERROR; -unsigned i; -fprintf(stderr, "\nstored[%d]: ", ssig.size); -for (i=0;i<ssig.size;i++) - fprintf(stderr, "%.2x", ssig.data[i]); + unsigned i; + fprintf(stderr, "\nstored[%d]: ", ssig.size); + for (i = 0; i < ssig.size; i++) + fprintf(stderr, "%.2x", ssig.data[i]); -fprintf(stderr, "\ngenerated[%d]: ", sig.size); -for (i=0;i<sig.size;i++) - fprintf(stderr, "%.2x", sig.data[i]); + fprintf(stderr, "\ngenerated[%d]: ", sig.size); + for (i = 0; i < sig.size; i++) + fprintf(stderr, "%.2x", sig.data[i]); gnutls_assert(); goto cleanup; @@ -331,8 +355,9 @@ for (i=0;i<sig.size;i++) goto cleanup; } - ret = gnutls_pubkey_verify_data2(pub, gnutls_pk_to_sign(pk, dig), 0, - &signed_data, &ssig); + ret = + gnutls_pubkey_verify_data2(pub, gnutls_pk_to_sign(pk, dig), 0, + &signed_data, &ssig); if (ret < 0) { ret = GNUTLS_E_SELF_TEST_ERROR; gnutls_assert(); @@ -341,25 +366,29 @@ for (i=0;i<sig.size;i++) /* Test if a broken signature will cause verification error */ - ret = gnutls_pubkey_verify_data2(pub, gnutls_pk_to_sign(pk, dig), 0, - &bad_data, &ssig); + ret = + gnutls_pubkey_verify_data2(pub, gnutls_pk_to_sign(pk, dig), 0, + &bad_data, &ssig); if (ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) { ret = GNUTLS_E_SELF_TEST_ERROR; gnutls_assert(); goto cleanup; } - + ret = 0; -cleanup: - if (pub != 0) gnutls_pubkey_deinit(pub); + cleanup: + if (pub != 0) + gnutls_pubkey_deinit(pub); gnutls_privkey_deinit(key); if (ret == 0) - _gnutls_debug_log("%s-%s-known-sig self test succeeded\n", gnutls_pk_get_name(pk), param_name); + _gnutls_debug_log("%s-%s-known-sig self test succeeded\n", + gnutls_pk_get_name(pk), param_name); else - _gnutls_debug_log("%s-%s-known-sig self test failed\n", gnutls_pk_get_name(pk), param_name); + _gnutls_debug_log("%s-%s-known-sig self test failed\n", + gnutls_pk_get_name(pk), param_name); return ret; } @@ -395,45 +424,77 @@ cleanup: **/ int gnutls_pk_self_test(unsigned all, gnutls_pk_algorithm_t pk) { -int ret; - + int ret; + if (all != 0) pk = GNUTLS_PK_UNKNOWN; - switch(pk) { - case GNUTLS_PK_UNKNOWN: - - case GNUTLS_PK_RSA: - PK_KNOWN_TEST(GNUTLS_PK_RSA, 1, 512, GNUTLS_DIG_SHA1, rsa_privkey, rsa_sig); - PK_TEST(GNUTLS_PK_RSA, test_rsa_enc, 512, 0); - PK_TEST(GNUTLS_PK_RSA, test_sig, 512, GNUTLS_DIG_SHA1); - case GNUTLS_PK_DSA: - PK_KNOWN_TEST(GNUTLS_PK_DSA, 0, 1024, GNUTLS_DIG_SHA1, dsa_privkey, dsa_sig); - PK_TEST(GNUTLS_PK_DSA, test_sig, 1024, GNUTLS_DIG_SHA1); - case GNUTLS_PK_EC: /* Testing ECDSA */ - PK_KNOWN_TEST(GNUTLS_PK_EC, 0, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP192R1), GNUTLS_DIG_SHA256, ecdsa_secp192r1_privkey, ecdsa_secp192r1_sig); - PK_TEST(GNUTLS_PK_EC, test_sig, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP192R1), GNUTLS_DIG_SHA256); - - PK_KNOWN_TEST(GNUTLS_PK_EC, 0, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP224R1), GNUTLS_DIG_SHA256, ecdsa_secp224r1_privkey, ecdsa_secp224r1_sig); - PK_TEST(GNUTLS_PK_EC, test_sig, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP224R1), GNUTLS_DIG_SHA256); - - PK_KNOWN_TEST(GNUTLS_PK_EC, 0, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP256R1), GNUTLS_DIG_SHA256, ecdsa_secp256r1_privkey, ecdsa_secp256r1_sig); - PK_TEST(GNUTLS_PK_EC, test_sig, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP256R1), GNUTLS_DIG_SHA256); - - PK_KNOWN_TEST(GNUTLS_PK_EC, 0, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP384R1), GNUTLS_DIG_SHA256, ecdsa_secp384r1_privkey, ecdsa_secp384r1_sig); - PK_TEST(GNUTLS_PK_EC, test_sig, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP384R1), GNUTLS_DIG_SHA384); - - PK_KNOWN_TEST(GNUTLS_PK_EC, 0, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP521R1), GNUTLS_DIG_SHA512, ecdsa_secp521r1_privkey, ecdsa_secp521r1_sig); - PK_TEST(GNUTLS_PK_EC, test_sig, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP521R1), GNUTLS_DIG_SHA512); - - break; - - default: - return gnutls_assert_val(GNUTLS_E_NO_SELF_TEST); + switch (pk) { + case GNUTLS_PK_UNKNOWN: + + case GNUTLS_PK_RSA: + PK_KNOWN_TEST(GNUTLS_PK_RSA, 1, 512, GNUTLS_DIG_SHA1, + rsa_privkey, rsa_sig); + PK_TEST(GNUTLS_PK_RSA, test_rsa_enc, 512, 0); + PK_TEST(GNUTLS_PK_RSA, test_sig, 512, GNUTLS_DIG_SHA1); + case GNUTLS_PK_DSA: + PK_KNOWN_TEST(GNUTLS_PK_DSA, 0, 1024, GNUTLS_DIG_SHA1, + dsa_privkey, dsa_sig); + PK_TEST(GNUTLS_PK_DSA, test_sig, 1024, GNUTLS_DIG_SHA1); + case GNUTLS_PK_EC: /* Testing ECDSA */ + PK_KNOWN_TEST(GNUTLS_PK_EC, 0, + GNUTLS_CURVE_TO_BITS + (GNUTLS_ECC_CURVE_SECP192R1), + GNUTLS_DIG_SHA256, ecdsa_secp192r1_privkey, + ecdsa_secp192r1_sig); + PK_TEST(GNUTLS_PK_EC, test_sig, + GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP192R1), + GNUTLS_DIG_SHA256); + + PK_KNOWN_TEST(GNUTLS_PK_EC, 0, + GNUTLS_CURVE_TO_BITS + (GNUTLS_ECC_CURVE_SECP224R1), + GNUTLS_DIG_SHA256, ecdsa_secp224r1_privkey, + ecdsa_secp224r1_sig); + PK_TEST(GNUTLS_PK_EC, test_sig, + GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP224R1), + GNUTLS_DIG_SHA256); + + PK_KNOWN_TEST(GNUTLS_PK_EC, 0, + GNUTLS_CURVE_TO_BITS + (GNUTLS_ECC_CURVE_SECP256R1), + GNUTLS_DIG_SHA256, ecdsa_secp256r1_privkey, + ecdsa_secp256r1_sig); + PK_TEST(GNUTLS_PK_EC, test_sig, + GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP256R1), + GNUTLS_DIG_SHA256); + + PK_KNOWN_TEST(GNUTLS_PK_EC, 0, + GNUTLS_CURVE_TO_BITS + (GNUTLS_ECC_CURVE_SECP384R1), + GNUTLS_DIG_SHA256, ecdsa_secp384r1_privkey, + ecdsa_secp384r1_sig); + PK_TEST(GNUTLS_PK_EC, test_sig, + GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP384R1), + GNUTLS_DIG_SHA384); + + PK_KNOWN_TEST(GNUTLS_PK_EC, 0, + GNUTLS_CURVE_TO_BITS + (GNUTLS_ECC_CURVE_SECP521R1), + GNUTLS_DIG_SHA512, ecdsa_secp521r1_privkey, + ecdsa_secp521r1_sig); + PK_TEST(GNUTLS_PK_EC, test_sig, + GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP521R1), + GNUTLS_DIG_SHA512); + + break; + + default: + return gnutls_assert_val(GNUTLS_E_NO_SELF_TEST); } ret = 0; -cleanup: + cleanup: return ret; } |