Annotation of embedaddon/ipsec-tools/src/racoon/eaytest.c, revision 1.1
1.1 ! misho 1: /* $NetBSD: eaytest.c,v 1.10 2010/01/17 23:02:48 wiz Exp $ */
! 2:
! 3: /* Id: eaytest.c,v 1.22 2005/06/19 18:02:54 manubsd Exp */
! 4:
! 5: /*
! 6: * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
! 7: * All rights reserved.
! 8: *
! 9: * Redistribution and use in source and binary forms, with or without
! 10: * modification, are permitted provided that the following conditions
! 11: * are met:
! 12: * 1. Redistributions of source code must retain the above copyright
! 13: * notice, this list of conditions and the following disclaimer.
! 14: * 2. Redistributions in binary form must reproduce the above copyright
! 15: * notice, this list of conditions and the following disclaimer in the
! 16: * documentation and/or other materials provided with the distribution.
! 17: * 3. Neither the name of the project nor the names of its contributors
! 18: * may be used to endorse or promote products derived from this software
! 19: * without specific prior written permission.
! 20: *
! 21: * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
! 22: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
! 23: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
! 24: * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
! 25: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
! 26: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
! 27: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
! 28: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
! 29: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
! 30: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
! 31: * SUCH DAMAGE.
! 32: */
! 33:
! 34: #include "config.h"
! 35:
! 36: #include <sys/types.h>
! 37: #include <sys/stat.h>
! 38: #include <sys/socket.h>
! 39:
! 40: #include <netinet/in.h>
! 41:
! 42: #include <stdlib.h>
! 43: #include <stdio.h>
! 44: #include <string.h>
! 45: #include <limits.h>
! 46: #include <dirent.h>
! 47: #include <fcntl.h>
! 48: #include <unistd.h>
! 49: #include <err.h>
! 50:
! 51: #include <openssl/bio.h>
! 52: #include <openssl/pem.h>
! 53:
! 54: #include "var.h"
! 55: #include "vmbuf.h"
! 56: #include "misc.h"
! 57: #include "debug.h"
! 58: #include "str2val.h"
! 59: #include "plog.h"
! 60:
! 61: #include "oakley.h"
! 62: #include "dhgroup.h"
! 63: #include "crypto_openssl.h"
! 64: #include "gnuc.h"
! 65:
! 66: #include "package_version.h"
! 67:
! 68: #define PVDUMP(var) racoon_hexdump((var)->v, (var)->l)
! 69:
! 70: /*#define CERTTEST_BROKEN */
! 71:
! 72: /* prototype */
! 73:
! 74: static vchar_t *pem_read_buf __P((char *));
! 75: void Usage __P((void));
! 76:
! 77: int rsatest __P((int, char **));
! 78: int ciphertest __P((int, char **));
! 79: int hmactest __P((int, char **));
! 80: int sha1test __P((int, char **));
! 81: int md5test __P((int, char **));
! 82: int dhtest __P((int, char **));
! 83: int bntest __P((int, char **));
! 84: #ifndef CERTTEST_BROKEN
! 85: static char **getcerts __P((char *));
! 86: int certtest __P((int, char **));
! 87: #endif
! 88:
! 89: /* test */
! 90:
! 91: static int
! 92: rsa_verify_with_pubkey(src, sig, pubkey_txt)
! 93: vchar_t *src, *sig;
! 94: char *pubkey_txt;
! 95: {
! 96: BIO *bio;
! 97: EVP_PKEY *evp;
! 98: int error;
! 99:
! 100: bio = BIO_new_mem_buf(pubkey_txt, strlen(pubkey_txt));
! 101: evp = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
! 102: if (! evp) {
! 103: printf ("PEM_read_PUBKEY(): %s\n", eay_strerror());
! 104: return -1;
! 105: }
! 106: error = eay_check_rsasign(src, sig, evp->pkey.rsa);
! 107:
! 108: return error;
! 109: }
! 110:
! 111: int
! 112: rsatest(ac, av)
! 113: int ac;
! 114: char **av;
! 115: {
! 116: char *text = "this is test.";
! 117: vchar_t src;
! 118: vchar_t *priv, *sig;
! 119: int loglevel_saved;
! 120:
! 121: char *pkcs1 =
! 122: "-----BEGIN RSA PRIVATE KEY-----\n"
! 123: "MIICXQIBAAKBgQChe5/Fzk9SA0vCKBOcu9jBcLb9oLv50PeuEfQojhakY+OH8A3Q\n"
! 124: "M8A0qIDG6uhTNGPvzCWb/+mKeOB48n5HJpLxlDFyP3kyd2yXHIZ/MN8g1nh4FsB0\n"
! 125: "iTkk8QUCJkkan6FCOBrIeLEsGA5AdodzuR+khnCMt8vO+NFHZYKAQeynyQIDAQAB\n"
! 126: "AoGAOfDcnCHxjhDGrwyoNNWl6Yqi7hAtQm67YAbrH14UO7nnmxAENM9MyNgpFLaW\n"
! 127: "07v5m8IZQIcradcDXAJOUwNBN8E06UflwEYCaScIwndvr5UpVlN3e2NC6Wyg2yC7\n"
! 128: "GarxQput3zj35XNR5bK42UneU0H6zDxpHWqI1SwE+ToAHu0CQQDNl9gUJTpg0L09\n"
! 129: "HkbE5jeb8bA5I20nKqBOBP0v5tnzpwu41umQwk9I7Ru0ucD7j+DW4k8otadW+FnI\n"
! 130: "G1M1MpSjAkEAyRMt4bN8otfpOpsOQWzw4jQtouohOxRFCrQTntHhU20PrQnQLZWs\n"
! 131: "pOVzqCjRytYtkPEUA1z8QK5gGcVPcOQsowJBALmt2rwPB1NrEo5Bat7noO+Zb3Ob\n"
! 132: "WDiYWeE8xkHd95gDlSWiC53ur9aINo6ZeP556jGIgL+el/yHHecJLrQL84sCQH48\n"
! 133: "zUxq/C/cb++8UzneJGlPqusiJNTLiAENR1gpmlZfHT1c8Nb9phMsfu0vG29GAfuC\n"
! 134: "bzchVLljALCNQK+2gRMCQQCNIgN+R9mRWZhFAcC1sq++YnuSBlw4VwdL/fd1Yg9e\n"
! 135: "Ul+U98yPl/NXt8Rs4TRBFcOZjkFI8xv0hQtevTgTmgz+\n"
! 136: "-----END RSA PRIVATE KEY-----\n\n";
! 137: char *pubkey =
! 138: "-----BEGIN PUBLIC KEY-----\n"
! 139: "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQChe5/Fzk9SA0vCKBOcu9jBcLb9\n"
! 140: "oLv50PeuEfQojhakY+OH8A3QM8A0qIDG6uhTNGPvzCWb/+mKeOB48n5HJpLxlDFy\n"
! 141: "P3kyd2yXHIZ/MN8g1nh4FsB0iTkk8QUCJkkan6FCOBrIeLEsGA5AdodzuR+khnCM\n"
! 142: "t8vO+NFHZYKAQeynyQIDAQAB\n"
! 143: "-----END PUBLIC KEY-----\n\n";
! 144: char *pubkey_wrong =
! 145: "-----BEGIN PUBLIC KEY-----\n"
! 146: "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDncG2tSokRBhK8la1mO\n"
! 147: "QnUpxg6KvpoFUjEyRiIE1GRap5V6jCCEOmA9ZAz4Oa/97oxewwMWtchIxSBZVCia\n"
! 148: "H9oGasbOFzrtSR+MKl6Cb/Ow3Fu+PKbHTsnfTk/nOOWyaQh91PRD7fdwHe8L9P7w\n"
! 149: "2kFPmDW6+RNKIR4OErhXf1O0eSShPe0TO3vx43O7dWqhmh3Kgr4Jq7zAGqHtwu0B\n"
! 150: "RFZnmsocOnVZb2yAHndp51/Mk1H37ThHwN7qMx7RqrS3ru3XtchpJd9IQJPBIRfY\n"
! 151: "VYQ68u5ix/Z80Y6VkRf0qnAvel8B6D3N3Zyq5u7G60PfvvtCybeMn7nVrSMxqMW/\n"
! 152: "xwIDAQAB\n"
! 153: "-----END PUBLIC KEY-----\n\n";
! 154:
! 155: printf ("%s", pkcs1);
! 156: printf ("%s", pubkey);
! 157: priv = pem_read_buf(pkcs1);
! 158:
! 159: src.v = text;
! 160: src.l = strlen(text);
! 161:
! 162: /* sign */
! 163: sig = eay_get_x509sign(&src, priv);
! 164: if (sig == NULL) {
! 165: printf("sign failed. %s\n", eay_strerror());
! 166: return -1;
! 167: }
! 168:
! 169: printf("RSA signed data.\n");
! 170: PVDUMP(sig);
! 171:
! 172: printf("Verification with correct pubkey: ");
! 173: if (rsa_verify_with_pubkey (&src, sig, pubkey) != 0) {
! 174: printf ("Failed.\n");
! 175: return -1;
! 176: }
! 177: else
! 178: printf ("Verified. Good.\n");
! 179:
! 180: loglevel_saved = loglevel;
! 181: loglevel = 0;
! 182: printf("Verification with wrong pubkey: ");
! 183: if (rsa_verify_with_pubkey (&src, sig, pubkey_wrong) != 0)
! 184: printf ("Not verified. Good.\n");
! 185: else {
! 186: printf ("Verified. This is bad...\n");
! 187: loglevel = loglevel_saved;
! 188: return -1;
! 189: }
! 190: loglevel = loglevel_saved;
! 191:
! 192: return 0;
! 193: }
! 194:
! 195: static vchar_t *
! 196: pem_read_buf(buf)
! 197: char *buf;
! 198: {
! 199: BIO *bio;
! 200: char *nm = NULL, *header = NULL;
! 201: unsigned char *data = NULL;
! 202: long len;
! 203: vchar_t *ret;
! 204: int error;
! 205:
! 206: bio = BIO_new_mem_buf(buf, strlen(buf));
! 207: error = PEM_read_bio(bio, &nm, &header, &data, &len);
! 208: if (error == 0)
! 209: errx(1, "%s", eay_strerror());
! 210: ret = vmalloc(len);
! 211: if (ret == NULL)
! 212: err(1, "vmalloc");
! 213: memcpy(ret->v, data, len);
! 214:
! 215: return ret;
! 216: }
! 217:
! 218: #ifndef CERTTEST_BROKEN
! 219: int
! 220: certtest(ac, av)
! 221: int ac;
! 222: char **av;
! 223: {
! 224: char *certpath;
! 225: char **certs;
! 226: int type;
! 227: int error;
! 228:
! 229: printf("\n**Test for Certificate.**\n");
! 230:
! 231: {
! 232: vchar_t *asn1dn = NULL, asn1dn0;
! 233: #ifdef ORIG_DN
! 234: char dnstr[] = "C=JP, ST=Kanagawa, L=Fujisawa, O=WIDE Project, OU=KAME Project, CN=Shoichi Sakane/Email=sakane@kame.net";
! 235: char *dnstr_w1 = NULL;
! 236: char *dnstr_w2 = NULL;
! 237: char dn0[] = {
! 238: 0x30,0x81,0x9a,0x31,0x0b,0x30,0x09,0x06,
! 239: 0x03,0x55,0x04,0x06,0x13,0x02,0x4a,0x50,
! 240: 0x31,0x11,0x30,0x0f,0x06,0x03,0x55,0x04,
! 241: 0x08,0x13,0x08,0x4b,0x61,0x6e,0x61,0x67,
! 242: 0x61,0x77,0x61,0x31,0x11,0x30,0x0f,0x06,
! 243: 0x03,0x55,0x04,0x07,0x13,0x08,0x46,0x75,
! 244: 0x6a,0x69,0x73,0x61,0x77,0x61,0x31,0x15,
! 245: 0x30,0x13,0x06,0x03,0x55,0x04,0x0a,0x13,
! 246: 0x0c,0x57,0x49,0x44,0x45,0x20,0x50,0x72,
! 247: 0x6f,0x6a,0x65,0x63,0x74,0x31,0x15,0x30,
! 248: 0x13,0x06,0x03,0x55,0x04,0x0b,0x13,0x0c,
! 249: 0x4b,0x41,0x4d,0x45,0x20,0x50,0x72,0x6f,
! 250: 0x6a,0x65,0x63,0x74,0x31,0x17,0x30,0x15,
! 251: 0x06,0x03,0x55,0x04,0x03,0x13,0x0e,0x53,
! 252: 0x68,0x6f,0x69,0x63,0x68,0x69,0x20,0x53,
! 253: 0x61,0x6b,0x61,0x6e,0x65,0x31,0x1e,0x30,
! 254: 0x1c,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,
! 255: 0x0d,0x01,0x09,0x01,
! 256: 0x0c, /* <== XXX */
! 257: 0x0f,0x73,0x61,
! 258: 0x6b,0x61,0x6e,0x65,0x40,0x6b,0x61,0x6d,
! 259: 0x65,0x2e,0x6e,0x65,0x74,
! 260: };
! 261: #else /* not ORIG_DN */
! 262: char dnstr[] = "C=JP, ST=Kanagawa, L=Fujisawa, O=WIDE Project, OU=KAME Project, CN=Shoichi Sakane";
! 263: char dnstr_w1[] = "C=JP, ST=Kanagawa, L=Fujisawa, O=WIDE Project, OU=*, CN=Shoichi Sakane";
! 264: char dnstr_w2[] = "C=JP, ST=Kanagawa, L=Fujisawa, O=WIDE Project, OU=KAME Project, CN=*";
! 265: char dn0[] = {
! 266: 0x30,0x7a,0x31,0x0b,0x30,0x09,0x06,0x03,
! 267: 0x55,0x04,0x06,0x13,0x02,0x4a,0x50,0x31,
! 268: 0x11,0x30,0x0f,0x06,0x03,0x55,0x04,0x08,
! 269: 0x13,0x08,0x4b,0x61,0x6e,0x61,0x67,0x61,
! 270: 0x77,0x61,0x31,0x11,0x30,0x0f,0x06,0x03,
! 271: 0x55,0x04,0x07,0x13,0x08,0x46,0x75,0x6a,
! 272: 0x69,0x73,0x61,0x77,0x61,0x31,0x15,0x30,
! 273: 0x13,0x06,0x03,0x55,0x04,0x0a,0x13,0x0c,
! 274: 0x57,0x49,0x44,0x45,0x20,0x50,0x72,0x6f,
! 275: 0x6a,0x65,0x63,0x74,0x31,0x15,0x30,0x13,
! 276: 0x06,0x03,0x55,0x04,0x0b,0x13,0x0c,0x4b,
! 277: 0x41,0x4d,0x45,0x20,0x50,0x72,0x6f,0x6a,
! 278: 0x65,0x63,0x74,0x31,0x17,0x30,0x15,0x06,
! 279: 0x03,0x55,0x04,0x03,0x13,0x0e,0x53,0x68,
! 280: 0x6f,0x69,0x63,0x68,0x69,0x20,0x53,0x61,
! 281: 0x6b,0x61,0x6e,0x65,
! 282: };
! 283: #endif /* ORIG_DN */
! 284:
! 285: printf("check to convert the string into subjectName.\n");
! 286: printf("%s\n", dnstr);
! 287:
! 288: asn1dn0.v = dn0;
! 289: asn1dn0.l = sizeof(dn0);
! 290:
! 291: asn1dn = eay_str2asn1dn(dnstr, strlen(dnstr));
! 292: if (asn1dn == NULL || asn1dn->l != asn1dn0.l)
! 293: #ifdef OUTPUT_VALID_ASN1DN
! 294: {
! 295: unsigned char *cp; int i;
! 296: printf("asn1dn length mismatched (%zu != %zu).\n", asn1dn ? asn1dn->l : -1, asn1dn0.l);
! 297: for (cp = asn1dn->v, i = 0; i < asn1dn->l; i++)
! 298: printf ("0x%02x,", *cp++);
! 299: exit (1);
! 300: }
! 301: #else
! 302: errx(1, "asn1dn length mismatched (%zu != %zu).\n", asn1dn ? asn1dn->l : -1, asn1dn0.l);
! 303: #endif
! 304:
! 305: /*
! 306: * NOTE: The value pointed by "<==" above is different from the
! 307: * return of eay_str2asn1dn(). but eay_cmp_asn1dn() can distinguish
! 308: * both of the names are same name.
! 309: */
! 310: if (eay_cmp_asn1dn(&asn1dn0, asn1dn))
! 311: errx(1, "asn1dn mismatched.\n");
! 312: vfree(asn1dn);
! 313:
! 314: printf("exact match: succeed.\n");
! 315:
! 316: if (dnstr_w1 != NULL) {
! 317: asn1dn = eay_str2asn1dn(dnstr_w1, strlen(dnstr_w1));
! 318: if (asn1dn == NULL || asn1dn->l == asn1dn0.l)
! 319: errx(1, "asn1dn length wrong for wildcard 1\n");
! 320: if (eay_cmp_asn1dn(&asn1dn0, asn1dn))
! 321: errx(1, "asn1dn mismatched for wildcard 1.\n");
! 322: vfree(asn1dn);
! 323: printf("wildcard 1 match: succeed.\n");
! 324: }
! 325:
! 326: if (dnstr_w1 != NULL) {
! 327: asn1dn = eay_str2asn1dn(dnstr_w2, strlen(dnstr_w2));
! 328: if (asn1dn == NULL || asn1dn->l == asn1dn0.l)
! 329: errx(1, "asn1dn length wrong for wildcard 2\n");
! 330: if (eay_cmp_asn1dn(&asn1dn0, asn1dn))
! 331: errx(1, "asn1dn mismatched for wildcard 2.\n");
! 332: vfree(asn1dn);
! 333: printf("wildcard 2 match: succeed.\n");
! 334: }
! 335:
! 336: }
! 337: eay_init();
! 338:
! 339: /* get certs */
! 340: if (ac > 1) {
! 341: certpath = *(av + 1);
! 342: certs = getcerts(certpath);
! 343: } else {
! 344: #ifdef ORIG_DN
! 345: printf("\nCAUTION: These certificates are probably invalid "
! 346: "on your environment because you don't have their "
! 347: "issuer's certs in your environment.\n\n");
! 348:
! 349: certpath = "/usr/local/openssl/certs";
! 350: certs = getcerts(NULL);
! 351: #else
! 352: printf("\nWARNING: The main certificates are probably invalid "
! 353: "on your environment\nbecause you don't have their "
! 354: "issuer's certs in your environment\nso not doing "
! 355: "this test.\n\n");
! 356: return (0);
! 357: #endif
! 358: }
! 359:
! 360: while (*certs != NULL) {
! 361:
! 362: vchar_t c;
! 363: char *str;
! 364: vchar_t *vstr;
! 365:
! 366: printf("===CERT===\n");
! 367:
! 368: c.v = *certs;
! 369: c.l = strlen(*certs);
! 370:
! 371: /* print text */
! 372: str = eay_get_x509text(&c);
! 373: printf("%s", str);
! 374: racoon_free(str);
! 375:
! 376: /* print ASN.1 of subject name */
! 377: vstr = eay_get_x509asn1subjectname(&c);
! 378: if (!vstr)
! 379: return 0;
! 380: PVDUMP(vstr);
! 381: printf("\n");
! 382: vfree(vstr);
! 383:
! 384: /* print subject alt name */
! 385: {
! 386: int pos;
! 387: for (pos = 1; ; pos++) {
! 388: error = eay_get_x509subjectaltname(&c, &str, &type, pos);
! 389: if (error) {
! 390: printf("no subjectaltname found.\n");
! 391: break;
! 392: }
! 393: if (!str)
! 394: break;
! 395: printf("SubjectAltName: %d: %s\n", type, str);
! 396: racoon_free(str);
! 397: }
! 398: }
! 399:
! 400: /* NULL => name of the certificate file */
! 401: error = eay_check_x509cert(&c, certpath, NULL, 1);
! 402: if (error)
! 403: printf("ERROR: cert is invalid.\n");
! 404: printf("\n");
! 405:
! 406: certs++;
! 407: }
! 408: return 0;
! 409: }
! 410:
! 411: static char **
! 412: getcerts(path)
! 413: char *path;
! 414: {
! 415: char **certs = NULL, **p;
! 416: DIR *dirp;
! 417: struct dirent *dp;
! 418: struct stat sb;
! 419: char buf[512];
! 420: int len;
! 421: int n;
! 422: int fd;
! 423:
! 424: static char *samplecerts[] = {
! 425: /* self signed */
! 426: "-----BEGIN CERTIFICATE-----\n"
! 427: "MIICpTCCAg4CAQAwDQYJKoZIhvcNAQEEBQAwgZoxCzAJBgNVBAYTAkpQMREwDwYD\n"
! 428: "VQQIEwhLYW5hZ2F3YTERMA8GA1UEBxMIRnVqaXNhd2ExFTATBgNVBAoTDFdJREUg\n"
! 429: "UHJvamVjdDEVMBMGA1UECxMMS0FNRSBQcm9qZWN0MRcwFQYDVQQDEw5TaG9pY2hp\n"
! 430: "IFNha2FuZTEeMBwGCSqGSIb3DQEJARYPc2FrYW5lQGthbWUubmV0MB4XDTAwMDgy\n"
! 431: "NDAxMzc0NFoXDTAwMDkyMzAxMzc0NFowgZoxCzAJBgNVBAYTAkpQMREwDwYDVQQI\n"
! 432: "EwhLYW5hZ2F3YTERMA8GA1UEBxMIRnVqaXNhd2ExFTATBgNVBAoTDFdJREUgUHJv\n"
! 433: "amVjdDEVMBMGA1UECxMMS0FNRSBQcm9qZWN0MRcwFQYDVQQDEw5TaG9pY2hpIFNh\n"
! 434: "a2FuZTEeMBwGCSqGSIb3DQEJARYPc2FrYW5lQGthbWUubmV0MIGfMA0GCSqGSIb3\n"
! 435: "DQEBAQUAA4GNADCBiQKBgQCpIQG/H3zn4czAmPBcbkDrYxE1A9vcpghpib3Of0Op\n"
! 436: "SsiWIBOyIMiVAzK/I/JotWp3Vdn5fzGp/7DGAbWXAALas2xHkNmTMPpu6qhmNQ57\n"
! 437: "kJHZHal24mgc1hwbrI9fb5olvIexx9a1riNPnKMRVHzXYizsyMbf+lJJmZ8QFhWN\n"
! 438: "twIDAQABMA0GCSqGSIb3DQEBBAUAA4GBACKs6X/BYycuHI3iop403R3XWMHHnNBN\n"
! 439: "5XTHVWiWgR1cMWkq/dp51gn+nPftpdAaYGpqGkiHGhZcXLoBaX9uON3p+7av+sQN\n"
! 440: "plXwnvUf2Zsgu+fojskS0gKcDlYiq1O8TOaBgJouFZgr1q6PiYjVEJGogAP28+HN\n"
! 441: "M4o+GBFbFoqK\n"
! 442: "-----END CERTIFICATE-----\n\n",
! 443: /* signed by SSH testing CA + CA1 + CA2 */
! 444: "-----BEGIN X509 CERTIFICATE-----\n"
! 445: "MIICtTCCAj+gAwIBAgIEOaR8NjANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJG\n"
! 446: "STEkMCIGA1UEChMbU1NIIENvbW11bmljYXRpb25zIFNlY3VyaXR5MREwDwYDVQQL\n"
! 447: "EwhXZWIgdGVzdDEbMBkGA1UEAxMSVGVzdCBDQSAxIHN1YiBjYSAyMB4XDTAwMDgy\n"
! 448: "NDAwMDAwMFoXDTAwMTAwMTAwMDAwMFowgZoxCzAJBgNVBAYTAkpQMREwDwYDVQQI\n"
! 449: "EwhLYW5hZ2F3YTERMA8GA1UEBxMIRnVqaXNhd2ExFTATBgNVBAoTDFdJREUgUHJv\n"
! 450: "amVjdDEVMBMGA1UECxMMS0FNRSBQcm9qZWN0MRcwFQYDVQQDEw5TaG9pY2hpIFNh\n"
! 451: "a2FuZTEeMBwGCSqGSIb3DQEJAQwPc2FrYW5lQGthbWUubmV0MIGfMA0GCSqGSIb3\n"
! 452: "DQEBAQUAA4GNADCBiQKBgQCpIQG/H3zn4czAmPBcbkDrYxE1A9vcpghpib3Of0Op\n"
! 453: "SsiWIBOyIMiVAzK/I/JotWp3Vdn5fzGp/7DGAbWXAALas2xHkNmTMPpu6qhmNQ57\n"
! 454: "kJHZHal24mgc1hwbrI9fb5olvIexx9a1riNPnKMRVHzXYizsyMbf+lJJmZ8QFhWN\n"
! 455: "twIDAQABo18wXTALBgNVHQ8EBAMCBaAwGgYDVR0RBBMwEYEPc2FrYW5lQGthbWUu\n"
! 456: "bmV0MDIGA1UdHwQrMCkwJ6AloCOGIWh0dHA6Ly9sZGFwLnNzaC5maS9jcmxzL2Nh\n"
! 457: "MS0yLmNybDANBgkqhkiG9w0BAQUFAANhADtaqual41OWshF/rwCTuR6zySBJysGp\n"
! 458: "+qjkp5efCiYKhAu1L4WXlMsV/SNdzspui5tHasPBvUw8gzFsU/VW/B2zuQZkimf1\n"
! 459: "u6ZPjUb/vt8vLOPScP5MeH7xrTk9iigsqQ==\n"
! 460: "-----END X509 CERTIFICATE-----\n\n",
! 461: /* VP100 */
! 462: "-----BEGIN CERTIFICATE-----\n"
! 463: "MIICXzCCAcigAwIBAgIEOXGBIzANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJG\n"
! 464: "STEkMCIGA1UEChMbU1NIIENvbW11bmljYXRpb25zIFNlY3VyaXR5MREwDwYDVQQL\n"
! 465: "EwhXZWIgdGVzdDESMBAGA1UEAxMJVGVzdCBDQSAxMB4XDTAwMDcxNjAwMDAwMFoX\n"
! 466: "DTAwMDkwMTAwMDAwMFowNTELMAkGA1UEBhMCanAxETAPBgNVBAoTCHRhaGl0ZXN0\n"
! 467: "MRMwEQYDVQQDEwpmdXJ1a2F3YS0xMIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKB\n"
! 468: "gQDUmI2RaAuoLvtRDbASwRhbkj/Oq0BBIKgAqbFknc/EanJSQwZQu82gD88nf7gG\n"
! 469: "VEioWmKPLDuEjz5JCuM+k5f7HYHI1wWmz1KFr7UA+avZm4Kp6YKnhuH7soZp7kBL\n"
! 470: "hTiZEpL0jdmCWLW3ZXoro55rmPrBsCd+bt8VU6tRZm5dUwIBKaNZMFcwCwYDVR0P\n"
! 471: "BAQDAgWgMBYGA1UdEQQPMA2CBVZQMTAwhwQKFIaFMDAGA1UdHwQpMCcwJaAjoCGG\n"
! 472: "H2h0dHA6Ly9sZGFwLnNzaC5maS9jcmxzL2NhMS5jcmwwDQYJKoZIhvcNAQEFBQAD\n"
! 473: "gYEAKJ/2Co/KYW65mwpGG3CBvsoRL8xyUMHGt6gQpFLHiiHuAdix1ADTL6uoFuYi\n"
! 474: "4sE5omQm1wKVv2ZhS03zDtUfKoVEv0HZ7IY3AU/FZT/M5gQvbt43Dki/ma3ock2I\n"
! 475: "PPhbLsvXm+GCVh3jvkYGk1zr7VERVeTPtmT+hW63lcxfFp4=\n"
! 476: "-----END CERTIFICATE-----\n\n",
! 477: /* IKED */
! 478: "-----BEGIN CERTIFICATE-----\n"
! 479: "MIIEFTCCA7+gAwIBAgIKYU5X6AAAAAAACTANBgkqhkiG9w0BAQUFADCBljEpMCcG\n"
! 480: "CSqGSIb3DQEJARYaeS13YXRhbmFAc2RsLmhpdGFjaGkuY28uanAxCzAJBgNVBAYT\n"
! 481: "AkpQMREwDwYDVQQIEwhLQU5BR0FXQTERMA8GA1UEBxMIWW9rb2hhbWExEDAOBgNV\n"
! 482: "BAoTB0hJVEFDSEkxDDAKBgNVBAsTA1NETDEWMBQGA1UEAxMNSVBzZWMgVGVzdCBD\n"
! 483: "QTAeFw0wMDA3MTUwMjUxNDdaFw0wMTA3MTUwMzAxNDdaMEUxCzAJBgNVBAYTAkpQ\n"
! 484: "MREwDwYDVQQIEwhLQU5BR0FXQTEQMA4GA1UEChMHSElUQUNISTERMA8GA1UEAxMI\n"
! 485: "V0FUQU5BQkUwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA6Wja5A7Ldzrtx+rMWHEB\n"
! 486: "Cyt+/ZoG0qdFQbuuUiU1vOSq+1f+ZSCYAdTq13Lrr6Xfz3jDVFEZLPID9PSTFwq+\n"
! 487: "yQIDAQABo4ICPTCCAjkwDgYDVR0PAQH/BAQDAgTwMBMGA1UdJQQMMAoGCCsGAQUF\n"
! 488: "CAICMB0GA1UdDgQWBBTkv7/MH5Ra+S1zBAmnUIH5w8ZTUTCB0gYDVR0jBIHKMIHH\n"
! 489: "gBQsF2qoaTl5F3GFLKrttaxPJ8j4faGBnKSBmTCBljEpMCcGCSqGSIb3DQEJARYa\n"
! 490: "eS13YXRhbmFAc2RsLmhpdGFjaGkuY28uanAxCzAJBgNVBAYTAkpQMREwDwYDVQQI\n"
! 491: "EwhLQU5BR0FXQTERMA8GA1UEBxMIWW9rb2hhbWExEDAOBgNVBAoTB0hJVEFDSEkx\n"
! 492: "DDAKBgNVBAsTA1NETDEWMBQGA1UEAxMNSVBzZWMgVGVzdCBDQYIQeccIf4GYDIBA\n"
! 493: "rS6HSUt8XjB7BgNVHR8EdDByMDagNKAyhjBodHRwOi8vZmxvcmEyMjAvQ2VydEVu\n"
! 494: "cm9sbC9JUHNlYyUyMFRlc3QlMjBDQS5jcmwwOKA2oDSGMmZpbGU6Ly9cXGZsb3Jh\n"
! 495: "MjIwXENlcnRFbnJvbGxcSVBzZWMlMjBUZXN0JTIwQ0EuY3JsMIGgBggrBgEFBQcB\n"
! 496: "AQSBkzCBkDBFBggrBgEFBQcwAoY5aHR0cDovL2Zsb3JhMjIwL0NlcnRFbnJvbGwv\n"
! 497: "ZmxvcmEyMjBfSVBzZWMlMjBUZXN0JTIwQ0EuY3J0MEcGCCsGAQUFBzAChjtmaWxl\n"
! 498: "Oi8vXFxmbG9yYTIyMFxDZXJ0RW5yb2xsXGZsb3JhMjIwX0lQc2VjJTIwVGVzdCUy\n"
! 499: "MENBLmNydDANBgkqhkiG9w0BAQUFAANBAG8yZAWHb6g3zba453Hw5loojVDZO6fD\n"
! 500: "9lCsyaxeo9/+7x1JEEcdZ6qL7KKqe7ZBwza+hIN0ITkp2WEWo22gTz4=\n"
! 501: "-----END CERTIFICATE-----\n\n",
! 502: /* From Entrust */
! 503: "-----BEGIN CERTIFICATE-----\n"
! 504: "MIIDXTCCAsagAwIBAgIEOb6khTANBgkqhkiG9w0BAQUFADA4MQswCQYDVQQGEwJV\n"
! 505: "UzEQMA4GA1UEChMHRW50cnVzdDEXMBUGA1UECxMOVlBOIEludGVyb3AgUk8wHhcN\n"
! 506: "MDAwOTE4MjMwMDM3WhcNMDMwOTE4MjMzMDM3WjBTMQswCQYDVQQGEwJVUzEQMA4G\n"
! 507: "A1UEChMHRW50cnVzdDEXMBUGA1UECxMOVlBOIEludGVyb3AgUk8xGTAXBgNVBAMT\n"
! 508: "EFNob2ljaGkgU2FrYW5lIDIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKj3\n"
! 509: "eXSt1qXxFXzpa265B/NQYk5BZN7pNJg0tlTKBTVV3UgpQ92Bx5DoNfZh11oIv0Sw\n"
! 510: "6YnG5p9F9ma36U9HDoD3hVTjAvQKy4ssCsnU1y6v5XOU1QvYQo6UTzgsXUTaIau4\n"
! 511: "Lrccl+nyoiNzy3lG51tLR8CxuA+3OOAK9xPjszClAgMBAAGjggFXMIIBUzBABgNV\n"
! 512: "HREEOTA3gQ9zYWthbmVAa2FtZS5uZXSHBM6vIHWCHjIwNi0xNzUtMzItMTE3LnZw\n"
! 513: "bndvcmtzaG9wLmNvbTATBgNVHSUEDDAKBggrBgEFBQgCAjALBgNVHQ8EBAMCAKAw\n"
! 514: "KwYDVR0QBCQwIoAPMjAwMDA5MTgyMzAwMzdagQ8yMDAyMTAyNTExMzAzN1owWgYD\n"
! 515: "VR0fBFMwUTBPoE2gS6RJMEcxCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFbnRydXN0\n"
! 516: "MRcwFQYDVQQLEw5WUE4gSW50ZXJvcCBSTzENMAsGA1UEAxMEQ1JMMTAfBgNVHSME\n"
! 517: "GDAWgBTzVmhu0tBoWKwkZE5mXpooE9630DAdBgNVHQ4EFgQUEgBHPtXggJqei5Xz\n"
! 518: "92CrWXTJxfAwCQYDVR0TBAIwADAZBgkqhkiG9n0HQQAEDDAKGwRWNS4wAwIEsDAN\n"
! 519: "BgkqhkiG9w0BAQUFAAOBgQCIFriNGMUE8GH5LuDrTJfA8uGx8vLy2seljuo694TR\n"
! 520: "et/ojp9QnfOJ1PF9iAdGaEaSLfkwhY4fZNZzxic5HBoHLeo9BXLP7i7FByXjvOZC\n"
! 521: "Y8++0dC8NVvendIILcJBM5nbDq1TqIbb8K3SP80XhO5JLVJkoZiQftAMjo0peZPO\n"
! 522: "EQ==\n"
! 523: "-----END CERTIFICATE-----\n\n",
! 524: NULL,
! 525: };
! 526:
! 527: if (path == NULL)
! 528: return (char **)&samplecerts;
! 529:
! 530: stat(path, &sb);
! 531: if (!(sb.st_mode & S_IFDIR)) {
! 532: printf("ERROR: %s is not directory.\n", path);
! 533: exit(0);
! 534: }
! 535:
! 536: dirp = opendir(path);
! 537: if (dirp == NULL) {
! 538: printf("opendir failed.\n");
! 539: exit(0);
! 540: }
! 541:
! 542: n = 0;
! 543: while ((dp = readdir(dirp)) != NULL) {
! 544: if (dp->d_type != DT_REG)
! 545: continue;
! 546: if (strcmp(dp->d_name + strlen(dp->d_name) - 4, "cert"))
! 547: continue;
! 548: snprintf(buf, sizeof(buf), "%s/%s", path, dp->d_name);
! 549: stat(buf, &sb);
! 550:
! 551: p = (char **)realloc(certs, (n + 1) * sizeof(certs));
! 552: if (p == NULL)
! 553: err(1, "realloc");
! 554: certs = p;
! 555:
! 556: certs[n] = malloc(sb.st_size + 1);
! 557: if (certs[n] == NULL)
! 558: err(1, "malloc");
! 559:
! 560: fd = open(buf, O_RDONLY);
! 561: if (fd == -1)
! 562: err(1, "open");
! 563: len = read(fd, certs[n], sb.st_size);
! 564: if (len == -1)
! 565: err(1, "read");
! 566: if (len != sb.st_size)
! 567: errx(1, "read: length mismatch");
! 568: certs[n][sb.st_size] = '\0';
! 569: close(fd);
! 570:
! 571: printf("%s: %d\n", dp->d_name, (int)sb.st_size);
! 572:
! 573: n++;
! 574: }
! 575: closedir(dirp);
! 576:
! 577: p = (char **)realloc(certs, (n + 1) * sizeof(certs));
! 578: if (p == NULL)
! 579: err(1, "realloc");
! 580: certs = p;
! 581: certs[n] = NULL;
! 582:
! 583: return certs;
! 584: }
! 585: #endif /* CERTTEST_BROKEN */
! 586:
! 587: typedef vchar_t* (eay_func) (vchar_t *, vchar_t *, vchar_t *);
! 588:
! 589: static int
! 590: ciphertest_1 (const char *name,
! 591: vchar_t *data,
! 592: size_t data_align,
! 593: vchar_t *key,
! 594: size_t min_keysize,
! 595: vchar_t *iv0,
! 596: size_t iv_length,
! 597: eay_func encrypt,
! 598: eay_func decrypt)
! 599: {
! 600: int padlen;
! 601: vchar_t *buf, *iv, *res1, *res2;
! 602: iv = vmalloc(iv_length);
! 603:
! 604: printf("Test for cipher %s\n", name);
! 605: printf("data:\n");
! 606: PVDUMP(data);
! 607:
! 608: if (data_align <= 1 || (data->l % data_align) == 0)
! 609: padlen = 0;
! 610: else
! 611: padlen = data_align - data->l % data_align;
! 612:
! 613: buf = vmalloc(data->l + padlen);
! 614: memcpy(buf->v, data->v, data->l);
! 615:
! 616: memcpy(iv->v, iv0->v, iv_length);
! 617: res1 = (encrypt)(buf, key, iv);
! 618: if (res1 == NULL) {
! 619: printf("%s encryption failed.\n", name);
! 620: return -1;
! 621: }
! 622: printf("encrypted:\n");
! 623: PVDUMP(res1);
! 624:
! 625: memcpy(iv->v, iv0->v, iv_length);
! 626: res2 = (decrypt)(res1, key, iv);
! 627: if (res2 == NULL) {
! 628: printf("%s decryption failed.\n", name);
! 629: return -1;
! 630: }
! 631: printf("decrypted:\n");
! 632: PVDUMP(res2);
! 633:
! 634: if (memcmp(data->v, res2->v, data->l)) {
! 635: printf("XXXX NG (%s) XXXX\n", name);
! 636: return -1;
! 637: }
! 638: else
! 639: printf("%s cipher verified.\n", name);
! 640: vfree(res1);
! 641: vfree(res2);
! 642: vfree(buf);
! 643: vfree(iv);
! 644:
! 645: return 0;
! 646: }
! 647:
! 648: int
! 649: ciphertest(ac, av)
! 650: int ac;
! 651: char **av;
! 652: {
! 653: vchar_t data;
! 654: vchar_t key;
! 655: vchar_t iv0;
! 656:
! 657: printf("\n**Testing CIPHERS**\n");
! 658:
! 659: data.v = str2val("\
! 660: 06000017 03000000 73616b61 6e65406b 616d652e 6e657409 0002c104 308202b8 \
! 661: 04f05a90 \
! 662: ", 16, &data.l);
! 663: key.v = str2val("f59bd70f 81b9b9cc 2a32c7fd 229a4b37", 16, &key.l);
! 664: iv0.v = str2val("26b68c90 9467b4ab 7ec29fa0 0b696b55", 16, &iv0.l);
! 665:
! 666: if (ciphertest_1 ("DES",
! 667: &data, 8,
! 668: &key, 8,
! 669: &iv0, 8,
! 670: eay_des_encrypt, eay_des_decrypt) < 0)
! 671: return -1;
! 672:
! 673: if (ciphertest_1 ("3DES",
! 674: &data, 8,
! 675: &key, 24,
! 676: &iv0, 8,
! 677: eay_3des_encrypt, eay_3des_decrypt) < 0)
! 678: return -1;
! 679:
! 680: if (ciphertest_1 ("AES",
! 681: &data, 16,
! 682: &key, key.l,
! 683: &iv0, 16,
! 684: eay_aes_encrypt, eay_aes_decrypt) < 0)
! 685: return -1;
! 686:
! 687: if (ciphertest_1 ("BLOWFISH",
! 688: &data, 8,
! 689: &key, key.l,
! 690: &iv0, 8,
! 691: eay_bf_encrypt, eay_bf_decrypt) < 0)
! 692: return -1;
! 693:
! 694: if (ciphertest_1 ("CAST",
! 695: &data, 8,
! 696: &key, key.l,
! 697: &iv0, 8,
! 698: eay_cast_encrypt, eay_cast_decrypt) < 0)
! 699: return -1;
! 700:
! 701: #ifdef HAVE_OPENSSL_IDEA_H
! 702: if (ciphertest_1 ("IDEA",
! 703: &data, 8,
! 704: &key, key.l,
! 705: &iv0, 8,
! 706: eay_idea_encrypt, eay_idea_decrypt) < 0)
! 707: return -1;
! 708: #endif
! 709:
! 710: #ifdef HAVE_OPENSSL_RC5_H
! 711: if (ciphertest_1 ("RC5",
! 712: &data, 8,
! 713: &key, key.l,
! 714: &iv0, 8,
! 715: eay_rc5_encrypt, eay_rc5_decrypt) < 0)
! 716: return -1;
! 717: #endif
! 718: #if defined(HAVE_OPENSSL_CAMELLIA_H)
! 719: if (ciphertest_1 ("CAMELLIA",
! 720: &data, 16,
! 721: &key, key.l,
! 722: &iv0, 16,
! 723: eay_camellia_encrypt, eay_camellia_decrypt) < 0)
! 724: return -1;
! 725: #endif
! 726: return 0;
! 727: }
! 728:
! 729: int
! 730: hmactest(ac, av)
! 731: int ac;
! 732: char **av;
! 733: {
! 734: char *keyword = "hehehe test secret!";
! 735: char *object = "d7e6a6c1876ef0488bb74958b9fee94e";
! 736: char *object1 = "d7e6a6c1876ef048";
! 737: char *object2 = "8bb74958b9fee94e";
! 738: char *r_hmd5 = "5702d7d1 fd1bfc7e 210fc9fa cda7d02c";
! 739: char *r_hsha1 = "309999aa 9779a43e ebdea839 1b4e7ee1 d8646874";
! 740: #ifdef WITH_SHA2
! 741: char *r_hsha2 = "d47262d8 a5b6f39d d8686939 411b3e79 ed2e27f9 2c4ea89f dd0a06ae 0c0aa396";
! 742: #endif
! 743: vchar_t *key, *data, *data1, *data2, *res;
! 744: vchar_t mod;
! 745: caddr_t ctx;
! 746:
! 747: #ifdef WITH_SHA2
! 748: printf("\n**Test for HMAC MD5, SHA1, and SHA256.**\n");
! 749: #else
! 750: printf("\n**Test for HMAC MD5 & SHA1.**\n");
! 751: #endif
! 752:
! 753: key = vmalloc(strlen(keyword));
! 754: memcpy(key->v, keyword, key->l);
! 755:
! 756: data = vmalloc(strlen(object));
! 757: data1 = vmalloc(strlen(object1));
! 758: data2 = vmalloc(strlen(object2));
! 759: memcpy(data->v, object, data->l);
! 760: memcpy(data1->v, object1, data1->l);
! 761: memcpy(data2->v, object2, data2->l);
! 762:
! 763: /* HMAC MD5 */
! 764: printf("HMAC MD5 by eay_hmacmd5_one()\n");
! 765: res = eay_hmacmd5_one(key, data);
! 766: PVDUMP(res);
! 767: mod.v = str2val(r_hmd5, 16, &mod.l);
! 768: if (memcmp(res->v, mod.v, mod.l)) {
! 769: printf(" XXX NG XXX\n");
! 770: return -1;
! 771: }
! 772: free(mod.v);
! 773: vfree(res);
! 774:
! 775: /* HMAC MD5 */
! 776: printf("HMAC MD5 by eay_hmacmd5_xxx()\n");
! 777: ctx = eay_hmacmd5_init(key);
! 778: eay_hmacmd5_update(ctx, data1);
! 779: eay_hmacmd5_update(ctx, data2);
! 780: res = eay_hmacmd5_final(ctx);
! 781: PVDUMP(res);
! 782: mod.v = str2val(r_hmd5, 16, &mod.l);
! 783: if (memcmp(res->v, mod.v, mod.l)) {
! 784: printf(" XXX NG XXX\n");
! 785: return -1;
! 786: }
! 787: free(mod.v);
! 788: vfree(res);
! 789:
! 790: /* HMAC SHA1 */
! 791: printf("HMAC SHA1 by eay_hmacsha1_one()\n");
! 792: res = eay_hmacsha1_one(key, data);
! 793: PVDUMP(res);
! 794: mod.v = str2val(r_hsha1, 16, &mod.l);
! 795: if (memcmp(res->v, mod.v, mod.l)) {
! 796: printf(" XXX NG XXX\n");
! 797: return -1;
! 798: }
! 799: free(mod.v);
! 800: vfree(res);
! 801:
! 802: /* HMAC SHA1 */
! 803: printf("HMAC SHA1 by eay_hmacsha1_xxx()\n");
! 804: ctx = eay_hmacsha1_init(key);
! 805: eay_hmacsha1_update(ctx, data1);
! 806: eay_hmacsha1_update(ctx, data2);
! 807: res = eay_hmacsha1_final(ctx);
! 808: PVDUMP(res);
! 809: mod.v = str2val(r_hsha1, 16, &mod.l);
! 810: if (memcmp(res->v, mod.v, mod.l)) {
! 811: printf(" XXX NG XXX\n");
! 812: return -1;
! 813: }
! 814: free(mod.v);
! 815: vfree(res);
! 816:
! 817: #ifdef WITH_SHA2
! 818: /* HMAC SHA2 */
! 819: printf("HMAC SHA2 by eay_hmacsha2_256_one()\n");
! 820: res = eay_hmacsha2_256_one(key, data);
! 821: PVDUMP(res);
! 822: mod.v = str2val(r_hsha2, 16, &mod.l);
! 823: if (memcmp(res->v, mod.v, mod.l)) {
! 824: printf(" XXX NG XXX\n");
! 825: return -1;
! 826: }
! 827: free(mod.v);
! 828: vfree(res);
! 829: #endif
! 830:
! 831: vfree(data);
! 832: vfree(data1);
! 833: vfree(data2);
! 834: vfree(key);
! 835:
! 836: return 0;
! 837: }
! 838:
! 839: int
! 840: sha1test(ac, av)
! 841: int ac;
! 842: char **av;
! 843: {
! 844: char *word1 = "1234567890", *word2 = "12345678901234567890";
! 845: caddr_t ctx;
! 846: vchar_t *buf, *res;
! 847:
! 848: printf("\n**Test for SHA1.**\n");
! 849:
! 850: ctx = eay_sha1_init();
! 851: buf = vmalloc(strlen(word1));
! 852: memcpy(buf->v, word1, buf->l);
! 853: eay_sha1_update(ctx, buf);
! 854: eay_sha1_update(ctx, buf);
! 855: res = eay_sha1_final(ctx);
! 856: PVDUMP(res);
! 857: vfree(res);
! 858: vfree(buf);
! 859:
! 860: ctx = eay_sha1_init();
! 861: buf = vmalloc(strlen(word2));
! 862: memcpy(buf->v, word2, buf->l);
! 863: eay_sha1_update(ctx, buf);
! 864: res = eay_sha1_final(ctx);
! 865: PVDUMP(res);
! 866: vfree(res);
! 867:
! 868: res = eay_sha1_one(buf);
! 869: PVDUMP(res);
! 870: vfree(res);
! 871: vfree(buf);
! 872:
! 873: return 0;
! 874: }
! 875:
! 876: int
! 877: md5test(ac, av)
! 878: int ac;
! 879: char **av;
! 880: {
! 881: char *word1 = "1234567890", *word2 = "12345678901234567890";
! 882: caddr_t ctx;
! 883: vchar_t *buf, *res;
! 884:
! 885: printf("\n**Test for MD5.**\n");
! 886:
! 887: ctx = eay_md5_init();
! 888: buf = vmalloc(strlen(word1));
! 889: memcpy(buf->v, word1, buf->l);
! 890: eay_md5_update(ctx, buf);
! 891: eay_md5_update(ctx, buf);
! 892: res = eay_md5_final(ctx);
! 893: PVDUMP(res);
! 894: vfree(res);
! 895: vfree(buf);
! 896:
! 897: ctx = eay_md5_init();
! 898: buf = vmalloc(strlen(word2));
! 899: memcpy(buf->v, word2, buf->l);
! 900: eay_md5_update(ctx, buf);
! 901: res = eay_md5_final(ctx);
! 902: PVDUMP(res);
! 903: vfree(res);
! 904:
! 905: res = eay_md5_one(buf);
! 906: PVDUMP(res);
! 907: vfree(res);
! 908: vfree(buf);
! 909:
! 910: return 0;
! 911: }
! 912:
! 913: int
! 914: dhtest(ac, av)
! 915: int ac;
! 916: char **av;
! 917: {
! 918: static struct {
! 919: char *name;
! 920: char *p;
! 921: } px[] = {
! 922: { "modp768", OAKLEY_PRIME_MODP768, },
! 923: { "modp1024", OAKLEY_PRIME_MODP1024, },
! 924: { "modp1536", OAKLEY_PRIME_MODP1536, },
! 925: { "modp2048", OAKLEY_PRIME_MODP2048, },
! 926: { "modp3072", OAKLEY_PRIME_MODP3072, },
! 927: { "modp4096", OAKLEY_PRIME_MODP4096, },
! 928: { "modp6144", OAKLEY_PRIME_MODP6144, },
! 929: { "modp8192", OAKLEY_PRIME_MODP8192, },
! 930: };
! 931: vchar_t p1, *pub1, *priv1, *gxy1;
! 932: vchar_t p2, *pub2, *priv2, *gxy2;
! 933: int i;
! 934:
! 935: printf("\n**Test for DH.**\n");
! 936:
! 937: for (i = 0; i < sizeof(px)/sizeof(px[0]); i++) {
! 938: printf("\n**Test for DH %s.**\n", px[i].name);
! 939:
! 940: p1.v = str2val(px[i].p, 16, &p1.l);
! 941: p2.v = str2val(px[i].p, 16, &p2.l);
! 942: printf("prime number = \n"); PVDUMP(&p1);
! 943:
! 944: if (eay_dh_generate(&p1, 2, 96, &pub1, &priv1) < 0) {
! 945: printf("error\n");
! 946: return -1;
! 947: }
! 948: printf("private key for user 1 = \n"); PVDUMP(priv1);
! 949: printf("public key for user 1 = \n"); PVDUMP(pub1);
! 950:
! 951: if (eay_dh_generate(&p2, 2, 96, &pub2, &priv2) < 0) {
! 952: printf("error\n");
! 953: return -1;
! 954: }
! 955: printf("private key for user 2 = \n"); PVDUMP(priv2);
! 956: printf("public key for user 2 = \n"); PVDUMP(pub2);
! 957:
! 958: /* process to generate key for user 1 */
! 959: gxy1 = vmalloc(p1.l);
! 960: memset(gxy1->v, 0, gxy1->l);
! 961: eay_dh_compute(&p1, 2, pub1, priv1, pub2, &gxy1);
! 962: printf("sharing gxy1 of user 1 = \n"); PVDUMP(gxy1);
! 963:
! 964: /* process to generate key for user 2 */
! 965: gxy2 = vmalloc(p1.l);
! 966: memset(gxy2->v, 0, gxy2->l);
! 967: eay_dh_compute(&p2, 2, pub2, priv2, pub1, &gxy2);
! 968: printf("sharing gxy2 of user 2 = \n"); PVDUMP(gxy2);
! 969:
! 970: if (memcmp(gxy1->v, gxy2->v, gxy1->l)) {
! 971: printf("ERROR: sharing gxy mismatched.\n");
! 972: return -1;
! 973: }
! 974:
! 975: vfree(pub1);
! 976: vfree(pub2);
! 977: vfree(priv1);
! 978: vfree(priv2);
! 979: vfree(gxy1);
! 980: vfree(gxy2);
! 981: }
! 982:
! 983: return 0;
! 984: }
! 985:
! 986: int
! 987: bntest(ac, av)
! 988: int ac;
! 989: char **av;
! 990: {
! 991: vchar_t *rn;
! 992:
! 993: printf("\n**Test for generate a random number.**\n");
! 994:
! 995: rn = eay_set_random((u_int32_t)96);
! 996: PVDUMP(rn);
! 997: vfree(rn);
! 998:
! 999: return 0;
! 1000: }
! 1001:
! 1002: struct {
! 1003: char *name;
! 1004: int (*func) __P((int, char **));
! 1005: } func[] = {
! 1006: { "random", bntest, },
! 1007: { "dh", dhtest, },
! 1008: { "md5", md5test, },
! 1009: { "sha1", sha1test, },
! 1010: { "hmac", hmactest, },
! 1011: { "cipher", ciphertest, },
! 1012: #ifndef CERTTEST_BROKEN
! 1013: { "cert", certtest, },
! 1014: #endif
! 1015: { "rsa", rsatest, },
! 1016: };
! 1017:
! 1018: int
! 1019: main(ac, av)
! 1020: int ac;
! 1021: char **av;
! 1022: {
! 1023: int i;
! 1024: int len = sizeof(func)/sizeof(func[0]);
! 1025:
! 1026: f_foreground = 1;
! 1027: ploginit();
! 1028:
! 1029: printf ("\nTestsuite of the %s\nlinked with %s\n\n", TOP_PACKAGE_STRING, eay_version());
! 1030:
! 1031: if (strcmp(*av, "-h") == 0)
! 1032: Usage();
! 1033:
! 1034: ac--;
! 1035: av++;
! 1036:
! 1037: for (i = 0; i < len; i++) {
! 1038: if ((ac == 0) || (strcmp(*av, func[i].name) == 0)) {
! 1039: if ((func[i].func)(ac, av) != 0) {
! 1040: printf ("\n!!!!! Test '%s' failed. !!!!!\n\n", func[i].name);
! 1041: exit(1);
! 1042: }
! 1043: if (ac)
! 1044: break;
! 1045: }
! 1046: }
! 1047: if (ac && i == len)
! 1048: Usage();
! 1049:
! 1050: printf ("\n===== All tests passed =====\n\n");
! 1051: exit(0);
! 1052: }
! 1053:
! 1054: void
! 1055: Usage()
! 1056: {
! 1057: int i;
! 1058: int len = sizeof(func)/sizeof(func[0]);
! 1059:
! 1060: printf("Usage: eaytest [");
! 1061: for (i = 0; i < len; i++)
! 1062: printf("%s%s", func[i].name, (i<len-1)?"|":"");
! 1063: printf("]\n");
! 1064: #ifndef CERTTEST_BROKEN
! 1065: printf(" eaytest cert [cert_directory]\n");
! 1066: #endif
! 1067: exit(1);
! 1068: }
! 1069:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to eaytest.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / ipsec-tools / src / racoon