crypto/dist/heimdal/lib/hcrypto/test_engine_dso.c

   1 /*
   2  * Copyright (c) 2006 Kungliga Tekniska Högskolan
   3  * (Royal Institute of Technology, Stockholm, Sweden).
   4  * All rights reserved.
   5  *
   6  * Redistribution and use in source and binary forms, with or without
   7  * modification, are permitted provided that the following conditions
   8  * are met:
   9  *
  10  * 1. Redistributions of source code must retain the above copyright
  11  *    notice, this list of conditions and the following disclaimer.
  12  *
  13  * 2. Redistributions in binary form must reproduce the above copyright
  14  *    notice, this list of conditions and the following disclaimer in the
  15  *    documentation and/or other materials provided with the distribution.
  16  *
  17  * 3. Neither the name of the Institute nor the names of its contributors
  18  *    may be used to endorse or promote products derived from this software
  19  *    without specific prior written permission.
  20  *
  21  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
  22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
  25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  31  * SUCH DAMAGE.
  32  */
  33
  34 #ifdef HAVE_CONFIG_H
  35 #include <config.h>
  36 #endif
  37
  38 #ifdef RCSID
  39 __RCSID("$Heimdal: test_engine_dso.c 21044 2007-06-10 08:03:13Z lha $"
  40         "$NetBSD$");
  41 #endif
  42
  43 #include <stdio.h>
  44
  45 #include <roken.h>
  46 #include <getarg.h>
  47
  48 #include <engine.h>
  49 #include <evp.h>
  50
  51 struct {
  52     const char *cpriv;
  53     const char *cpub;
  54     const char *spriv;
  55     const char *spub;
  56 } dhtests[] = {
  57     {
  58         "5C0946275D07223AEAF04301D964498F3285946057B4C50D13B4FE12C88DFD8D499DD3CC00C1BC17C0D343F2FE053C9F53389110551715B1EDF261A0314485C4835D01F7B8894027D534A2D81D63619D2F58C9864AC9816086B3FF75C01B3FAFF355425AB7369A6ABDC8B633F0A0DC4D29B50F364E7594B297183D14E5CDC05D",
  59         "2D66DC5998B7AEE3332DC1061C6E6F6CF0FCCD74534187E2CDC9ACBCADF0FC9D5900451F44832A762F01E9CEEF1CBD7D69D020AC524D09FAD087DFADEAC36C845157B83937B51C8DB7F500C3C54FB2A05E074E40BA982186E7FEB2534EDDB387D5480AAA355B398CCAD0886F3952C3718490B7884FA67BD8B6943CDDA20134C6",
  60         "42644BA7CF74689E18BA72BF80FCA674D1A2ADF81795EB3828E67C30E42ABD07A8E90E27F046189FAC122D915276870B72427388EAAB5D06994FC38885BBACCEA1CFC45951B730D73C1A8F83208CD1351746601648C11D70BC95B817C86E4A5C40D633654615041C7934BB3CAF4E02754D542033DB024E94C7E561A29ED0C6EC",
  61         "C233633AB116E2DB20B4E08DA42DE8766293E6D9042F7A2C2A2F34F18FE66010B074CCF3C9B03EF27B14F0746B738AF22776224161D767D96AEC230A1DFA6DECFFCE9FED23B96F50CCB0093E59817AD0CEAEB7993AB5764679948BFB1293C9560B07AA3DFA229E341EB17C9FAE0B1D483082461D2DDBCEEE6FE7C0A34D96F66D"
  62     },
  63     {
  64         "76295C1280B890970F0F7EB01BBD9C5DF9BB8F590EB384A39EBF85CD141451407F955FD1D39012AA1F8BA53FD6A5A37CB2835CEDB27D1EBF1FE8AC9F2FFD628BD9BF7B8DD77CB80C8DC0A75F4567C7700442B26972833EB9738A8728A1FC274C59CED5E3ADA224B46711112AAA1CB831D2D6125E183ADA4F805A05024C9C6DDB",
  65         "1E0AB5EBAAC7985FE67A574447FAE58AE4CB95416278D4C239A789D4532FA8E6F82BA10BE411D8A0A06B9E1DECE704466B3523496A8A4165B97FBCFB9CE9C4FF2DEEE786BA046E8C270FA8A9055D2F6E42EDDB32C73CF7875551A56EB69C0F14A3745745845B81C347401B27D074C60C5177BA9C14BBB1C8C219B78E15126EF8",
  66         "68D84A8F92082F113542CFD990DEEFAD9C7EFA545268F8B3EBDF4CCBAF2865CF03EF60044EB4AF4154E6804CC2BDD673B801507446CEFC692DA577B6DC6E0272B7B081A1BEFDC2A4FAC83DB8845E3DA0D1B64DB33AA2164FEDB08A01E815336BD58F4E6DE6A265468E61C8C988B8AEC0D52DB714448DDC007E7C3382C07357DB",
  67         "393815D507A2EF80DE2D0F2A55AAB1C25B870ACA3FC97438B4336CBF979BF9A4F8DA1B61C667129F9123045E07E24976040EC5E2368DD4EF70690102D74E900B260D3826256FD473733A7569BF514652AB78C48C334FDCA26C44ABF322643AF15BFF693A37BB2C19CA9FE5F1537FCFE2B24CF74D4E57060D35ABF115B4B6CD21"
  68     },
  69     {
  70         "7307D6C3CB874327A95F7A6A91C336CEAA086736525DF3F8EC49497CF444C68D264EB70CD6904FE56E240EEF34E6C5177911C478A7F250A0F54183BCBE64B42BAB5D019E73E2F17C095C211E4815E6BA5FDD72786AF987ABBC9109ECEEF439AF9E2141D5222CE7DC0152D8E9A6CCCE301D21A7D1D6ACB9B91B5E28379C91890D",
  71         "83FBD7BFFDF415BBB7E21D399CB2F36A61AFDBAFC542E428E444C66AA03617C0C55C639FE2428905B57035892AE1BD2C4060E807D9E003B0C204FFC8FDD69CC8ADE7A8E18DCBFFF64E3EF9DA2C117390374241466E48A020A1B2F575AE42C233F8BD357B8331CC203E0345DFC19C73E6F1F70B6C2786E681D73BF48B15FE9992",
  72         "61BCF748BB05A48861578B8CB1855200B2E62A40E126BD7323E5B714645A54A2C8761EE39EE39BA6D2FE19B688168EDEA6DC5056400B5315ED299E7926176B887012E58634D78F05D7BCF0E1B81B1B41F5F8EF0B0711D3A64F9A317DD183AE039A4D3BE02A515892362F8C7BB6EB6434BB25418A438ED33D50C475122CBBE862",
  73         "7DB8D69D1605D9812B7F2F3E92BCEEB3426FEEE3265A174D71B2B6E16B332B43DF0B3C2FA152E48DE2FAC110D8CECE122C3398558E7987B27CACE12722C0032AC7E7766A9BCC881BA35B9DB9E751BD4E51F7683DE092F6C1D4DD937CDCE9C16E6F7D77CC6AAD806E4082E8E22E28592C4D78256354393FE831E811E03ED0A81A"
  74     },
  75     {
  76         "60C18B62F786DE6A4A8B13EB6DA2380B4C6731F861C715D9496DCF4A9F01CD33DDB52F1AB4D1F820FAF7AD4EFEB66586F7F08135714B13D77FE652B9EEAB2C543596A9ED307C1629CF535DD14AB22F081AE4ADF7A3E0BC7B33E0EC7A7306F9A737F55807974B5E1B7B6394BD0373917128B43A17757B34BAE1B600763E957F75",
  77         "0DEDA337C38EA005D5B8567EAB681CE91892C2C62C9D42BF748FBFE681E11F25D98280E42E1539A10EEE9177EF2F40216987936AF19D9B5EBE22EEAC27242D77CE3A5061F2E5CFACF15CD0F80E736AE8642252FE91E129DE3C78CFB85A0B1BB87B059CBB24483444F8A07244F4E89370BA78D58BD409DFBB3D41921B8879B9C7",
  78         "462C0707CF3366C2242A808CFDB79B77E8B3AF9D796583EB9CCD7BF4E8792AB0A818E49FFE53CA241F56988F825B366BF1E78481F8086A123259B9D83AC643E85845BF6B2C5412FFDDFAA8C9ED203CA4B3C1BFD777286099976472FA15B3CCC8418CF162F03C0C3E85D7EFC5CF5ACB9B2C039CCF3A1A9C6BB6B9C09C18D86CBD",
  79         "56DB382EDB8C2D95934D20261CE1A37090B0802D451E647DB1DA3B73CDB5A878EAD598A8817302449370F9D45E34F5C45F73D02BF4EB2B3712A8665F446F5D2B774039E5444AB74807859FA58DF9EBA4B12BA4545ACED827E4ED64CC71F937D64A1033BC43403F2490C1B715A74822B8D50A72A102213F0CF7A1B98B771B34C4"
  80     },
  81     {
  82         "61B7321207F4A73646E43E99221F902D2F38095E84CE7346A1510FE71BA7B9B34DCB6609E4DDDA8C82426E82D1C23F1E761130ECE4638D77554A7618E1608625049328FCC1F8845CA9A88E847106B01BD31EF6500E3C7EE81A048924BEAA3EDF367E5F4575341206C7A76427571898294B07BD918D4C2642854CC89D439042E5",
  83         "29AA38E63E4DD7C651E25DEC7A5A53E48114F52813793D36A9DBDD4F7C06FC38406E330764E0B2AFD811C39D857EA5F904105360E06856DC0780C7D61C53165833F0AEA15CB54732DE113F44C8FCFB86F4A876DD42D7A55356D91C0173F2B012680FB54C13EF54B65DF4AEDE2E13419B1316435187CEF07D44DB3DF57C4703FD",
  84         "5ED5AFB04CBFEE43EF3D9B60A57080831563648A2380D98F1EA4A96CF153903A40A2E564DED87E7254DF3270568AB952BF6F400681DD6AD919C9B06AC0F45F0646BCF37B217191AA0B7B7BED226B61F48B46DEA2E5A09E41F316583823A38A60FFD79085F43F60D98871ECA1A0F667701425094E88885A81DE9DA6C293E95060",
  85         "4DE4F24EAA3E2790FBCB1B13C2ED0EFD846EC33154DBEBBEFD895E1399B3617D55EC2CE8D71CF380B55D93636FEF741328D6B1E224D46F8A8B60A41D08DD86E88DE806AA781791364E6D88BF68571BF5D8C35CB04BA302227B7E4CB6A67AB7510ACBCDBF2F8A95EB5DEE693CCA5CC425A0F1CA2D18C369A767906A2477E32704"
  86     }
  87 };
  88
  89 static void
  90 dh_test(DH *server, DH *client)
  91 {
  92     void *skey, *ckey;
  93     int ssize, csize;
  94
  95     skey = emalloc(DH_size(server));
  96     ckey = emalloc(DH_size(client));
  97
  98     ssize = DH_compute_key(skey, client->pub_key, server);
  99     if (ssize == -1)
 100         errx(1, "DH_compute_key failed for server");
 101     csize = DH_compute_key(ckey, server->pub_key, client);
 102     if (csize == -1)
 103         errx(1, "DH_compute_key failed for client");
 104
 105     if (ssize != csize)
 106         errx(1, "DH_compute_key size mismatch");
 107
 108     if (memcmp(skey, ckey, csize) != 0)
 109         errx(1, "DH_compute_key key mismatch");
 110
 111     free(skey);
 112     free(ckey);
 113 }
 114
 115
 116 static int version_flag;
 117 static int help_flag;
 118 static char *id_flag;
 119 static char *rsa_flag;
 120 static int dh_flag = 1;
 121 static int test_random_flag;
 122
 123 static struct getargs args[] = {
 124     { "id",             0,      arg_string,     &id_flag,
 125       "selects the engine id",  "engine-id" },
 126     { "rsa",            0,      arg_string,     &rsa_flag,
 127       "tests RSA modes",        "private-rsa-der-file" },
 128     { "dh",             0,      arg_negative_flag,      &dh_flag,
 129       "test dh", NULL },
 130     { "test-random",    0,      arg_flag,       &test_random_flag,
 131       "test if there is a random device", NULL },
 132     { "version",        0,      arg_flag,       &version_flag,
 133       "print version", NULL },
 134     { "help",           0,      arg_flag,       &help_flag,
 135       NULL,     NULL }
 136 };
 137
 138 static void
 139 usage (int ret)
 140 {
 141     arg_printusage (args,
 142                     sizeof(args)/sizeof(*args),
 143                     NULL,
 144                     "filename.so");
 145     exit (ret);
 146 }
 147
 148 int
 149 main(int argc, char **argv)
 150 {
 151     ENGINE *engine = NULL;
 152     int idx = 0;
 153     int have_rsa, have_dh;
 154
 155     setprogname(argv[0]);
 156
 157     if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &idx))
 158         usage(1);
 159
 160     if (help_flag)
 161         usage(0);
 162
 163     if(version_flag){
 164         print_version(NULL);
 165         exit(0);
 166     }
 167
 168     argc -= idx;
 169     argv += idx;
 170
 171     OpenSSL_add_all_algorithms();
 172
 173     if (argc == 0) {
 174         OpenSSL_add_all_algorithms();
 175         ENGINE_load_builtin_engines();
 176         engine = ENGINE_by_id("builtin");
 177     } else {
 178         engine = ENGINE_by_dso(argv[0], id_flag);
 179     }
 180     if (engine == NULL)
 181         errx(1, "ENGINE_by_dso failed");
 182
 183     printf("name: %s\n", ENGINE_get_name(engine));
 184     printf("id: %s\n", ENGINE_get_id(engine));
 185     have_rsa = ENGINE_get_RSA(engine) != NULL;
 186     have_dh = ENGINE_get_DH(engine) != NULL;
 187     printf("RSA: %s", have_rsa ? "yes," : "no");
 188     if (have_rsa)
 189         printf(" %s", ENGINE_get_RSA(engine)->name);
 190     printf("\n");
 191     printf("DH: %s", have_dh ? "yes," : "no");
 192     if (have_dh)
 193         printf(" %s", ENGINE_get_DH(engine)->name);
 194     printf("\n");
 195
 196     if (RAND_status() != 1)
 197         errx(77, "no functional random device, can't execute tests");
 198     if (test_random_flag)
 199         exit(0);
 200
 201     if (rsa_flag && have_rsa) {
 202         unsigned char buf[1024 * 4];
 203         const unsigned char *p;
 204         size_t size;
 205         int keylen;
 206         RSA *rsa;
 207         FILE *f;
 208
 209         f = fopen(rsa_flag, "r");
 210         if (f == NULL)
 211             err(1, "could not open file %s", rsa_flag);
 212
 213         size = fread(buf, 1, sizeof(buf), f);
 214         if (size == 0)
 215             err(1, "failed to read file %s", rsa_flag);
 216         if (size == sizeof(buf))
 217             err(1, "key too long in file %s!", rsa_flag);
 218         fclose(f);
 219
 220         p = buf;
 221         rsa = d2i_RSAPrivateKey(NULL, &p, size);
 222         if (rsa == NULL)
 223             err(1, "failed to parse key in file %s", rsa_flag);
 224
 225         RSA_set_method(rsa, ENGINE_get_RSA(engine));
 226
 227         /*
 228          * try rsa signing
 229          */
 230
 231         memcpy(buf, "hejsan", 7);
 232         keylen = RSA_private_encrypt(7, buf, buf, rsa, RSA_PKCS1_PADDING);
 233         if (keylen <= 0)
 234             errx(1, "failed to private encrypt");
 235
 236         keylen = RSA_public_decrypt(keylen, buf, buf, rsa, RSA_PKCS1_PADDING);
 237         if (keylen <= 0)
 238             errx(1, "failed to public decrypt");
 239
 240         if (keylen != 7)
 241             errx(1, "output buffer not same length: %d", (int)keylen);
 242
 243         if (memcmp(buf, "hejsan", 7) != 0)
 244             errx(1, "string not the same after decryption");
 245
 246         /*
 247          * try rsa encryption
 248          */
 249
 250         memcpy(buf, "hejsan", 7);
 251         keylen = RSA_public_encrypt(7, buf, buf, rsa, RSA_PKCS1_PADDING);
 252         if (keylen <= 0)
 253             errx(1, "failed to public encrypt");
 254
 255         keylen = RSA_private_decrypt(keylen, buf, buf, rsa, RSA_PKCS1_PADDING);
 256         if (keylen <= 0)
 257             errx(1, "failed to private decrypt");
 258
 259         if (keylen != 7)
 260             errx(1, "output buffer not same length: %d", (int)keylen);
 261
 262         if (memcmp(buf, "hejsan", 7) != 0)
 263             errx(1, "string not the same after decryption");
 264
 265         RSA_free(rsa);
 266
 267         printf("rsa test passed\n");
 268
 269     }
 270
 271     if (dh_flag) {
 272         DH *server, *client;
 273         int i;
 274
 275         /* RFC2412-MODP-group2 */
 276         const char *p =
 277             "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"
 278             "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD"
 279             "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245"
 280             "E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED"
 281             "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE65381"
 282             "FFFFFFFF" "FFFFFFFF";
 283         const char *g = "02";
 284
 285         /*
 286          * Try generated keys
 287          */
 288
 289         for (i = 0; i < 10; i++) {
 290             server = DH_new_method(engine);
 291             client = DH_new_method(engine);
 292
 293             BN_hex2bn(&server->p, p);
 294             BN_hex2bn(&client->p, p);
 295             BN_hex2bn(&server->g, g);
 296             BN_hex2bn(&client->g, g);
 297
 298             if (!DH_generate_key(server))
 299                 errx(1, "DH_generate_key failed for server");
 300             if (!DH_generate_key(client))
 301                 errx(1, "DH_generate_key failed for client");
 302
 303             dh_test(server, client);
 304
 305             DH_free(server);
 306             DH_free(client);
 307         }
 308         /*
 309          * Try known result
 310          */
 311
 312         for (i = 0; i < sizeof(dhtests)/sizeof(dhtests[0]); i++) {
 313
 314             server = DH_new_method(engine);
 315             client = DH_new_method(engine);
 316
 317             BN_hex2bn(&server->p, p);
 318             BN_hex2bn(&client->p, p);
 319             BN_hex2bn(&server->g, g);
 320             BN_hex2bn(&client->g, g);
 321
 322             BN_hex2bn(&client->priv_key, dhtests[i].cpriv);
 323             BN_hex2bn(&client->pub_key, dhtests[i].cpub);
 324             BN_hex2bn(&server->priv_key, dhtests[i].spriv);
 325             BN_hex2bn(&server->pub_key, dhtests[i].spub);
 326
 327             dh_test(server, client);
 328
 329             DH_free(server);
 330             DH_free(client);
 331         }
 332
 333         printf("DH test passed\n");
 334     }
 335
 336     ENGINE_finish(engine);
 337
 338     return 0;
 339 }