Annotation of embedaddon/strongswan/src/libstrongswan/tests/suites/test_hasher.c, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (C) 2013-2015 Andreas Steffen
! 3: * HSR Hochschule fuer Technik Rapperswil
! 4: *
! 5: * This program is free software; you can redistribute it and/or modify it
! 6: * under the terms of the GNU General Public License as published by the
! 7: * Free Software Foundation; either version 2 of the License, or (at your
! 8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
! 9: *
! 10: * This program is distributed in the hope that it will be useful, but
! 11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
! 12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
! 13: * for more details.
! 14: */
! 15:
! 16: #include "test_suite.h"
! 17:
! 18: #include <crypto/hashers/hasher.h>
! 19: #include <crypto/prfs/prf.h>
! 20: #include <crypto/signers/signer.h>
! 21: #include <asn1/oid.h>
! 22: #include <utils/test.h>
! 23:
! 24: typedef struct {
! 25: int oid;
! 26: hash_algorithm_t alg;
! 27: key_type_t key;
! 28: }hasher_oid_t;
! 29:
! 30: static hasher_oid_t oids[] = {
! 31: { OID_MD2, HASH_MD2, KEY_ANY }, /* 0 */
! 32: { OID_MD5, HASH_MD5, KEY_ANY }, /* 1 */
! 33: { OID_SHA1, HASH_SHA1, KEY_ANY }, /* 2 */
! 34: { OID_SHA224, HASH_SHA224, KEY_ANY }, /* 3 */
! 35: { OID_SHA256, HASH_SHA256, KEY_ANY }, /* 4 */
! 36: { OID_SHA384, HASH_SHA384, KEY_ANY }, /* 5 */
! 37: { OID_SHA512, HASH_SHA512, KEY_ANY }, /* 6 */
! 38: { OID_SHA3_224, HASH_SHA3_224, KEY_ANY }, /* 7 */
! 39: { OID_SHA3_256, HASH_SHA3_256, KEY_ANY }, /* 8 */
! 40: { OID_SHA3_384, HASH_SHA3_384, KEY_ANY }, /* 9 */
! 41: { OID_SHA3_512, HASH_SHA3_512, KEY_ANY }, /* 10 */
! 42: { OID_UNKNOWN, HASH_UNKNOWN, KEY_ANY }, /* 11 */
! 43: { OID_MD2_WITH_RSA, HASH_MD2, KEY_RSA }, /* 12 */
! 44: { OID_MD5_WITH_RSA, HASH_MD5, KEY_RSA }, /* 13 */
! 45: { OID_SHA1_WITH_RSA, HASH_SHA1, KEY_RSA }, /* 14 */
! 46: { OID_SHA224_WITH_RSA, HASH_SHA224, KEY_RSA }, /* 15 */
! 47: { OID_SHA256_WITH_RSA, HASH_SHA256, KEY_RSA }, /* 16 */
! 48: { OID_SHA384_WITH_RSA, HASH_SHA384, KEY_RSA }, /* 17 */
! 49: { OID_SHA512_WITH_RSA, HASH_SHA512, KEY_RSA }, /* 18 */
! 50: { OID_RSASSA_PKCS1V15_WITH_SHA3_224, HASH_SHA3_224, KEY_RSA }, /* 19 */
! 51: { OID_RSASSA_PKCS1V15_WITH_SHA3_256, HASH_SHA3_256, KEY_RSA }, /* 20 */
! 52: { OID_RSASSA_PKCS1V15_WITH_SHA3_384, HASH_SHA3_384, KEY_RSA }, /* 21 */
! 53: { OID_RSASSA_PKCS1V15_WITH_SHA3_512, HASH_SHA3_512, KEY_RSA }, /* 22 */
! 54: { OID_UNKNOWN, HASH_UNKNOWN, KEY_RSA }, /* 23 */
! 55: { OID_ED25519, HASH_IDENTITY, KEY_ED25519 }, /* 24 */
! 56: { OID_UNKNOWN, HASH_UNKNOWN, KEY_ED25519 }, /* 25 */
! 57: { OID_ED448, HASH_IDENTITY, KEY_ED448 }, /* 26 */
! 58: { OID_UNKNOWN, HASH_UNKNOWN, KEY_ED448 }, /* 27 */
! 59: { OID_ECDSA_WITH_SHA1, HASH_SHA1, KEY_ECDSA }, /* 28 */
! 60: { OID_ECDSA_WITH_SHA256, HASH_SHA256, KEY_ECDSA }, /* 29 */
! 61: { OID_ECDSA_WITH_SHA384, HASH_SHA384, KEY_ECDSA }, /* 30 */
! 62: { OID_ECDSA_WITH_SHA512, HASH_SHA512, KEY_ECDSA }, /* 31 */
! 63: { OID_UNKNOWN, HASH_UNKNOWN, KEY_ECDSA }, /* 32 */
! 64: { OID_BLISS_WITH_SHA2_256, HASH_SHA256, KEY_BLISS }, /* 33 */
! 65: { OID_BLISS_WITH_SHA2_384, HASH_SHA384, KEY_BLISS }, /* 34 */
! 66: { OID_BLISS_WITH_SHA2_512, HASH_SHA512, KEY_BLISS }, /* 35 */
! 67: { OID_BLISS_WITH_SHA3_256, HASH_SHA3_256, KEY_BLISS }, /* 36 */
! 68: { OID_BLISS_WITH_SHA3_384, HASH_SHA3_384, KEY_BLISS }, /* 37 */
! 69: { OID_BLISS_WITH_SHA3_512, HASH_SHA3_512, KEY_BLISS }, /* 38 */
! 70: { OID_UNKNOWN, HASH_UNKNOWN, KEY_BLISS }, /* 39 */
! 71:
! 72: };
! 73:
! 74: START_TEST(test_hasher_from_oid)
! 75: {
! 76: ck_assert(hasher_algorithm_from_oid(oids[_i].oid) == oids[_i].alg);
! 77: }
! 78: END_TEST
! 79:
! 80: START_TEST(test_hasher_to_oid)
! 81: {
! 82: ck_assert(hasher_algorithm_to_oid(oids[_i].alg) == oids[_i].oid);
! 83: }
! 84: END_TEST
! 85:
! 86: START_TEST(test_hasher_sig_to_oid)
! 87: {
! 88: ck_assert(hasher_signature_algorithm_to_oid(oids[_i].alg,
! 89: oids[_i].key) == oids[_i].oid);
! 90: }
! 91: END_TEST
! 92:
! 93: static struct {
! 94: signature_scheme_t scheme;
! 95: hash_algorithm_t alg;
! 96: } sig_schemes[] = {
! 97: { SIGN_UNKNOWN, HASH_UNKNOWN },
! 98: { SIGN_RSA_EMSA_PKCS1_NULL, HASH_UNKNOWN },
! 99: { SIGN_RSA_EMSA_PKCS1_MD5, HASH_MD5 },
! 100: { SIGN_RSA_EMSA_PKCS1_SHA1, HASH_SHA1 },
! 101: { SIGN_RSA_EMSA_PKCS1_SHA2_224, HASH_SHA224 },
! 102: { SIGN_RSA_EMSA_PKCS1_SHA2_256, HASH_SHA256 },
! 103: { SIGN_RSA_EMSA_PKCS1_SHA2_384, HASH_SHA384 },
! 104: { SIGN_RSA_EMSA_PKCS1_SHA2_512, HASH_SHA512 },
! 105: { SIGN_RSA_EMSA_PKCS1_SHA3_224, HASH_SHA3_224 },
! 106: { SIGN_RSA_EMSA_PKCS1_SHA3_256, HASH_SHA3_256 },
! 107: { SIGN_RSA_EMSA_PKCS1_SHA3_384, HASH_SHA3_384 },
! 108: { SIGN_RSA_EMSA_PKCS1_SHA3_512, HASH_SHA3_512 },
! 109: { SIGN_RSA_EMSA_PSS, HASH_UNKNOWN },
! 110: { SIGN_ECDSA_WITH_SHA1_DER, HASH_SHA1 },
! 111: { SIGN_ECDSA_WITH_SHA256_DER, HASH_SHA256 },
! 112: { SIGN_ECDSA_WITH_SHA384_DER, HASH_SHA384 },
! 113: { SIGN_ECDSA_WITH_SHA512_DER, HASH_SHA512 },
! 114: { SIGN_ECDSA_WITH_NULL, HASH_UNKNOWN },
! 115: { SIGN_ECDSA_256, HASH_SHA256 },
! 116: { SIGN_ECDSA_384, HASH_SHA384 },
! 117: { SIGN_ECDSA_521, HASH_SHA512 },
! 118: { SIGN_BLISS_WITH_SHA2_256, HASH_SHA256 },
! 119: { SIGN_BLISS_WITH_SHA2_384, HASH_SHA384 },
! 120: { SIGN_BLISS_WITH_SHA2_512, HASH_SHA512 },
! 121: { SIGN_BLISS_WITH_SHA3_256, HASH_SHA3_256 },
! 122: { SIGN_BLISS_WITH_SHA3_384, HASH_SHA3_384 },
! 123: { SIGN_BLISS_WITH_SHA3_512, HASH_SHA3_512 },
! 124: { SIGN_ED25519, HASH_IDENTITY },
! 125: { SIGN_ED448, HASH_IDENTITY },
! 126: { 30, HASH_UNKNOWN },
! 127: };
! 128:
! 129: START_TEST(test_hasher_from_sig_scheme)
! 130: {
! 131: ck_assert(hasher_from_signature_scheme(sig_schemes[_i].scheme, NULL) ==
! 132: sig_schemes[_i].alg);
! 133: }
! 134: END_TEST
! 135:
! 136: static struct {
! 137: signature_scheme_t scheme;
! 138: union {
! 139: rsa_pss_params_t pss;
! 140: } p;
! 141: hash_algorithm_t alg;
! 142: } sig_schemes_params[] = {
! 143: { SIGN_RSA_EMSA_PSS, .p.pss = { .hash = HASH_SHA256 }, HASH_SHA256 },
! 144: { SIGN_RSA_EMSA_PSS, .p.pss = { .hash = HASH_SHA512 }, HASH_SHA512 },
! 145: { SIGN_RSA_EMSA_PKCS1_SHA2_256, .p.pss = { .hash = HASH_SHA512 }, HASH_SHA256 },
! 146: };
! 147:
! 148: START_TEST(test_hasher_from_sig_scheme_params)
! 149: {
! 150: ck_assert(hasher_from_signature_scheme(sig_schemes_params[_i].scheme,
! 151: &sig_schemes_params[_i].p) == sig_schemes_params[_i].alg);
! 152: }
! 153: END_TEST
! 154:
! 155: typedef struct {
! 156: pseudo_random_function_t prf;
! 157: hash_algorithm_t alg;
! 158: }hasher_prf_t;
! 159:
! 160: static hasher_prf_t prfs[] = {
! 161: { PRF_HMAC_MD5, HASH_MD5 },
! 162: { PRF_HMAC_SHA1, HASH_SHA1 },
! 163: { PRF_FIPS_SHA1_160, HASH_SHA1 },
! 164: { PRF_KEYED_SHA1, HASH_SHA1 },
! 165: { PRF_HMAC_SHA2_256, HASH_SHA256 },
! 166: { PRF_HMAC_SHA2_384, HASH_SHA384 },
! 167: { PRF_HMAC_SHA2_512, HASH_SHA512 },
! 168: { PRF_HMAC_TIGER, HASH_UNKNOWN },
! 169: { PRF_AES128_XCBC, HASH_UNKNOWN },
! 170: { PRF_AES128_CMAC, HASH_UNKNOWN },
! 171: { PRF_FIPS_DES, HASH_UNKNOWN },
! 172: { PRF_CAMELLIA128_XCBC, HASH_UNKNOWN },
! 173: { PRF_UNDEFINED, HASH_UNKNOWN },
! 174: { 0, HASH_UNKNOWN }
! 175: };
! 176:
! 177: START_TEST(test_hasher_from_prf)
! 178: {
! 179: ck_assert(hasher_algorithm_from_prf(prfs[_i].prf) == prfs[_i].alg);
! 180: }
! 181: END_TEST
! 182:
! 183: typedef struct {
! 184: integrity_algorithm_t auth;
! 185: hash_algorithm_t alg;
! 186: size_t length;
! 187: }hasher_auth_t;
! 188:
! 189: static hasher_auth_t auths[] = {
! 190: { AUTH_UNDEFINED, HASH_MD2, 0 },
! 191: { AUTH_UNDEFINED, HASH_MD4, 0 },
! 192: { AUTH_UNDEFINED, HASH_SHA224, 0 },
! 193: { AUTH_UNDEFINED, 9, 0 },
! 194: { AUTH_UNDEFINED, HASH_UNKNOWN, 0 },
! 195: { AUTH_HMAC_MD5_96, HASH_MD5, 12 },
! 196: { AUTH_HMAC_SHA1_96, HASH_SHA1, 12 },
! 197: { AUTH_HMAC_SHA2_256_96, HASH_SHA256, 12 },
! 198: { AUTH_HMAC_MD5_128, HASH_MD5, 16 },
! 199: { AUTH_HMAC_SHA1_128, HASH_SHA1, 16 },
! 200: { AUTH_HMAC_SHA2_256_128, HASH_SHA256, 16 },
! 201: { AUTH_HMAC_SHA1_160, HASH_SHA1, 20 },
! 202: { AUTH_HMAC_SHA2_384_192, HASH_SHA384, 24 },
! 203: { AUTH_HMAC_SHA2_256_256, HASH_SHA256, 32 },
! 204: { AUTH_HMAC_SHA2_512_256, HASH_SHA512, 32 },
! 205: { AUTH_HMAC_SHA2_384_384, HASH_SHA384, 48 },
! 206: { AUTH_HMAC_SHA2_512_512, HASH_SHA512, 64 },
! 207: { AUTH_AES_CMAC_96, HASH_UNKNOWN, 0 },
! 208: { AUTH_AES_128_GMAC, HASH_UNKNOWN, 0 },
! 209: { AUTH_AES_192_GMAC, HASH_UNKNOWN, 0 },
! 210: { AUTH_AES_256_GMAC, HASH_UNKNOWN, 0 },
! 211: { AUTH_AES_XCBC_96, HASH_UNKNOWN, 0 },
! 212: { AUTH_DES_MAC, HASH_UNKNOWN, 0 },
! 213: { AUTH_CAMELLIA_XCBC_96, HASH_UNKNOWN, 0 },
! 214: { 0, HASH_UNKNOWN, 0 }
! 215: };
! 216:
! 217: START_TEST(test_hasher_from_integrity)
! 218: {
! 219: size_t length;
! 220:
! 221: length = 0;
! 222: ck_assert(hasher_algorithm_from_integrity(auths[_i].auth, NULL) ==
! 223: auths[_i].alg);
! 224: ck_assert(hasher_algorithm_from_integrity(auths[_i].auth, &length) ==
! 225: auths[_i].alg);
! 226: ck_assert(length == auths[_i].length);
! 227: }
! 228: END_TEST
! 229:
! 230: START_TEST(test_hasher_to_integrity)
! 231: {
! 232: ck_assert(hasher_algorithm_to_integrity(
! 233: auths[_i].alg, auths[_i].length) == auths[_i].auth);
! 234: ck_assert(hasher_algorithm_to_integrity(
! 235: auths[_i].alg, 0) == AUTH_UNDEFINED);
! 236: }
! 237: END_TEST
! 238:
! 239:
! 240: typedef struct {
! 241: hash_algorithm_t alg;
! 242: bool ikev2;
! 243: }hasher_ikev2_t;
! 244:
! 245: static hasher_ikev2_t ikev2[] = {
! 246: { HASH_IDENTITY, TRUE },
! 247: { HASH_SHA1, FALSE },
! 248: { HASH_SHA256, TRUE },
! 249: { HASH_SHA384, TRUE },
! 250: { HASH_SHA512, TRUE },
! 251: { HASH_UNKNOWN, FALSE },
! 252: { HASH_MD2, FALSE },
! 253: { HASH_MD4, FALSE },
! 254: { HASH_MD5, FALSE },
! 255: { HASH_SHA224, FALSE },
! 256: { HASH_SHA3_224, FALSE },
! 257: { HASH_SHA3_256, FALSE },
! 258: { HASH_SHA3_384, FALSE },
! 259: { HASH_SHA3_512, FALSE },
! 260: { 30, FALSE }
! 261: };
! 262:
! 263: START_TEST(test_hasher_for_ikev2)
! 264: {
! 265: ck_assert(hasher_algorithm_for_ikev2(ikev2[_i].alg) == ikev2[_i].ikev2);
! 266: }
! 267: END_TEST
! 268:
! 269: Suite *hasher_suite_create()
! 270: {
! 271: Suite *s;
! 272: TCase *tc;
! 273:
! 274: s = suite_create("hasher");
! 275:
! 276: tc = tcase_create("from_oid");
! 277: tcase_add_loop_test(tc, test_hasher_from_oid, 0, 28);
! 278: suite_add_tcase(s, tc);
! 279:
! 280: tc = tcase_create("to_oid");
! 281: tcase_add_loop_test(tc, test_hasher_to_oid, 0, 12);
! 282: suite_add_tcase(s, tc);
! 283:
! 284: tc = tcase_create("sig_to_oid");
! 285: tcase_add_loop_test(tc, test_hasher_sig_to_oid, 11, countof(oids));
! 286: suite_add_tcase(s, tc);
! 287:
! 288: tc = tcase_create("from_sig_scheme");
! 289: tcase_add_loop_test(tc, test_hasher_from_sig_scheme, 0, countof(sig_schemes));
! 290: tcase_add_loop_test(tc, test_hasher_from_sig_scheme_params, 0, countof(sig_schemes_params));
! 291: suite_add_tcase(s, tc);
! 292:
! 293: tc = tcase_create("from_prf");
! 294: tcase_add_loop_test(tc, test_hasher_from_prf, 0, countof(prfs));
! 295: suite_add_tcase(s, tc);
! 296:
! 297: tc = tcase_create("from_integrity");
! 298: tcase_add_loop_test(tc, test_hasher_from_integrity, 4, countof(auths));
! 299: suite_add_tcase(s, tc);
! 300:
! 301: tc = tcase_create("to_integrity");
! 302: tcase_add_loop_test(tc, test_hasher_to_integrity, 0, 17);
! 303: suite_add_tcase(s, tc);
! 304:
! 305: tc = tcase_create("for_ikev2");
! 306: tcase_add_loop_test(tc, test_hasher_for_ikev2, 0, countof(ikev2));
! 307: suite_add_tcase(s, tc);
! 308:
! 309: return s;
! 310: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>