Annotation of embedaddon/strongswan/src/libstrongswan/tests/suites/test_hasher.c, revision 1.1.1.1
1.1 misho 1: /*
2: * Copyright (C) 2013-2015 Andreas Steffen
3: * HSR Hochschule fuer Technik Rapperswil
4: *
5: * This program is free software; you can redistribute it and/or modify it
6: * under the terms of the GNU General Public License as published by the
7: * Free Software Foundation; either version 2 of the License, or (at your
8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9: *
10: * This program is distributed in the hope that it will be useful, but
11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13: * for more details.
14: */
15:
16: #include "test_suite.h"
17:
18: #include <crypto/hashers/hasher.h>
19: #include <crypto/prfs/prf.h>
20: #include <crypto/signers/signer.h>
21: #include <asn1/oid.h>
22: #include <utils/test.h>
23:
24: typedef struct {
25: int oid;
26: hash_algorithm_t alg;
27: key_type_t key;
28: }hasher_oid_t;
29:
30: static hasher_oid_t oids[] = {
31: { OID_MD2, HASH_MD2, KEY_ANY }, /* 0 */
32: { OID_MD5, HASH_MD5, KEY_ANY }, /* 1 */
33: { OID_SHA1, HASH_SHA1, KEY_ANY }, /* 2 */
34: { OID_SHA224, HASH_SHA224, KEY_ANY }, /* 3 */
35: { OID_SHA256, HASH_SHA256, KEY_ANY }, /* 4 */
36: { OID_SHA384, HASH_SHA384, KEY_ANY }, /* 5 */
37: { OID_SHA512, HASH_SHA512, KEY_ANY }, /* 6 */
38: { OID_SHA3_224, HASH_SHA3_224, KEY_ANY }, /* 7 */
39: { OID_SHA3_256, HASH_SHA3_256, KEY_ANY }, /* 8 */
40: { OID_SHA3_384, HASH_SHA3_384, KEY_ANY }, /* 9 */
41: { OID_SHA3_512, HASH_SHA3_512, KEY_ANY }, /* 10 */
42: { OID_UNKNOWN, HASH_UNKNOWN, KEY_ANY }, /* 11 */
43: { OID_MD2_WITH_RSA, HASH_MD2, KEY_RSA }, /* 12 */
44: { OID_MD5_WITH_RSA, HASH_MD5, KEY_RSA }, /* 13 */
45: { OID_SHA1_WITH_RSA, HASH_SHA1, KEY_RSA }, /* 14 */
46: { OID_SHA224_WITH_RSA, HASH_SHA224, KEY_RSA }, /* 15 */
47: { OID_SHA256_WITH_RSA, HASH_SHA256, KEY_RSA }, /* 16 */
48: { OID_SHA384_WITH_RSA, HASH_SHA384, KEY_RSA }, /* 17 */
49: { OID_SHA512_WITH_RSA, HASH_SHA512, KEY_RSA }, /* 18 */
50: { OID_RSASSA_PKCS1V15_WITH_SHA3_224, HASH_SHA3_224, KEY_RSA }, /* 19 */
51: { OID_RSASSA_PKCS1V15_WITH_SHA3_256, HASH_SHA3_256, KEY_RSA }, /* 20 */
52: { OID_RSASSA_PKCS1V15_WITH_SHA3_384, HASH_SHA3_384, KEY_RSA }, /* 21 */
53: { OID_RSASSA_PKCS1V15_WITH_SHA3_512, HASH_SHA3_512, KEY_RSA }, /* 22 */
54: { OID_UNKNOWN, HASH_UNKNOWN, KEY_RSA }, /* 23 */
55: { OID_ED25519, HASH_IDENTITY, KEY_ED25519 }, /* 24 */
56: { OID_UNKNOWN, HASH_UNKNOWN, KEY_ED25519 }, /* 25 */
57: { OID_ED448, HASH_IDENTITY, KEY_ED448 }, /* 26 */
58: { OID_UNKNOWN, HASH_UNKNOWN, KEY_ED448 }, /* 27 */
59: { OID_ECDSA_WITH_SHA1, HASH_SHA1, KEY_ECDSA }, /* 28 */
60: { OID_ECDSA_WITH_SHA256, HASH_SHA256, KEY_ECDSA }, /* 29 */
61: { OID_ECDSA_WITH_SHA384, HASH_SHA384, KEY_ECDSA }, /* 30 */
62: { OID_ECDSA_WITH_SHA512, HASH_SHA512, KEY_ECDSA }, /* 31 */
63: { OID_UNKNOWN, HASH_UNKNOWN, KEY_ECDSA }, /* 32 */
64: { OID_BLISS_WITH_SHA2_256, HASH_SHA256, KEY_BLISS }, /* 33 */
65: { OID_BLISS_WITH_SHA2_384, HASH_SHA384, KEY_BLISS }, /* 34 */
66: { OID_BLISS_WITH_SHA2_512, HASH_SHA512, KEY_BLISS }, /* 35 */
67: { OID_BLISS_WITH_SHA3_256, HASH_SHA3_256, KEY_BLISS }, /* 36 */
68: { OID_BLISS_WITH_SHA3_384, HASH_SHA3_384, KEY_BLISS }, /* 37 */
69: { OID_BLISS_WITH_SHA3_512, HASH_SHA3_512, KEY_BLISS }, /* 38 */
70: { OID_UNKNOWN, HASH_UNKNOWN, KEY_BLISS }, /* 39 */
71:
72: };
73:
74: START_TEST(test_hasher_from_oid)
75: {
76: ck_assert(hasher_algorithm_from_oid(oids[_i].oid) == oids[_i].alg);
77: }
78: END_TEST
79:
80: START_TEST(test_hasher_to_oid)
81: {
82: ck_assert(hasher_algorithm_to_oid(oids[_i].alg) == oids[_i].oid);
83: }
84: END_TEST
85:
86: START_TEST(test_hasher_sig_to_oid)
87: {
88: ck_assert(hasher_signature_algorithm_to_oid(oids[_i].alg,
89: oids[_i].key) == oids[_i].oid);
90: }
91: END_TEST
92:
93: static struct {
94: signature_scheme_t scheme;
95: hash_algorithm_t alg;
96: } sig_schemes[] = {
97: { SIGN_UNKNOWN, HASH_UNKNOWN },
98: { SIGN_RSA_EMSA_PKCS1_NULL, HASH_UNKNOWN },
99: { SIGN_RSA_EMSA_PKCS1_MD5, HASH_MD5 },
100: { SIGN_RSA_EMSA_PKCS1_SHA1, HASH_SHA1 },
101: { SIGN_RSA_EMSA_PKCS1_SHA2_224, HASH_SHA224 },
102: { SIGN_RSA_EMSA_PKCS1_SHA2_256, HASH_SHA256 },
103: { SIGN_RSA_EMSA_PKCS1_SHA2_384, HASH_SHA384 },
104: { SIGN_RSA_EMSA_PKCS1_SHA2_512, HASH_SHA512 },
105: { SIGN_RSA_EMSA_PKCS1_SHA3_224, HASH_SHA3_224 },
106: { SIGN_RSA_EMSA_PKCS1_SHA3_256, HASH_SHA3_256 },
107: { SIGN_RSA_EMSA_PKCS1_SHA3_384, HASH_SHA3_384 },
108: { SIGN_RSA_EMSA_PKCS1_SHA3_512, HASH_SHA3_512 },
109: { SIGN_RSA_EMSA_PSS, HASH_UNKNOWN },
110: { SIGN_ECDSA_WITH_SHA1_DER, HASH_SHA1 },
111: { SIGN_ECDSA_WITH_SHA256_DER, HASH_SHA256 },
112: { SIGN_ECDSA_WITH_SHA384_DER, HASH_SHA384 },
113: { SIGN_ECDSA_WITH_SHA512_DER, HASH_SHA512 },
114: { SIGN_ECDSA_WITH_NULL, HASH_UNKNOWN },
115: { SIGN_ECDSA_256, HASH_SHA256 },
116: { SIGN_ECDSA_384, HASH_SHA384 },
117: { SIGN_ECDSA_521, HASH_SHA512 },
118: { SIGN_BLISS_WITH_SHA2_256, HASH_SHA256 },
119: { SIGN_BLISS_WITH_SHA2_384, HASH_SHA384 },
120: { SIGN_BLISS_WITH_SHA2_512, HASH_SHA512 },
121: { SIGN_BLISS_WITH_SHA3_256, HASH_SHA3_256 },
122: { SIGN_BLISS_WITH_SHA3_384, HASH_SHA3_384 },
123: { SIGN_BLISS_WITH_SHA3_512, HASH_SHA3_512 },
124: { SIGN_ED25519, HASH_IDENTITY },
125: { SIGN_ED448, HASH_IDENTITY },
126: { 30, HASH_UNKNOWN },
127: };
128:
129: START_TEST(test_hasher_from_sig_scheme)
130: {
131: ck_assert(hasher_from_signature_scheme(sig_schemes[_i].scheme, NULL) ==
132: sig_schemes[_i].alg);
133: }
134: END_TEST
135:
136: static struct {
137: signature_scheme_t scheme;
138: union {
139: rsa_pss_params_t pss;
140: } p;
141: hash_algorithm_t alg;
142: } sig_schemes_params[] = {
143: { SIGN_RSA_EMSA_PSS, .p.pss = { .hash = HASH_SHA256 }, HASH_SHA256 },
144: { SIGN_RSA_EMSA_PSS, .p.pss = { .hash = HASH_SHA512 }, HASH_SHA512 },
145: { SIGN_RSA_EMSA_PKCS1_SHA2_256, .p.pss = { .hash = HASH_SHA512 }, HASH_SHA256 },
146: };
147:
148: START_TEST(test_hasher_from_sig_scheme_params)
149: {
150: ck_assert(hasher_from_signature_scheme(sig_schemes_params[_i].scheme,
151: &sig_schemes_params[_i].p) == sig_schemes_params[_i].alg);
152: }
153: END_TEST
154:
155: typedef struct {
156: pseudo_random_function_t prf;
157: hash_algorithm_t alg;
158: }hasher_prf_t;
159:
160: static hasher_prf_t prfs[] = {
161: { PRF_HMAC_MD5, HASH_MD5 },
162: { PRF_HMAC_SHA1, HASH_SHA1 },
163: { PRF_FIPS_SHA1_160, HASH_SHA1 },
164: { PRF_KEYED_SHA1, HASH_SHA1 },
165: { PRF_HMAC_SHA2_256, HASH_SHA256 },
166: { PRF_HMAC_SHA2_384, HASH_SHA384 },
167: { PRF_HMAC_SHA2_512, HASH_SHA512 },
168: { PRF_HMAC_TIGER, HASH_UNKNOWN },
169: { PRF_AES128_XCBC, HASH_UNKNOWN },
170: { PRF_AES128_CMAC, HASH_UNKNOWN },
171: { PRF_FIPS_DES, HASH_UNKNOWN },
172: { PRF_CAMELLIA128_XCBC, HASH_UNKNOWN },
173: { PRF_UNDEFINED, HASH_UNKNOWN },
174: { 0, HASH_UNKNOWN }
175: };
176:
177: START_TEST(test_hasher_from_prf)
178: {
179: ck_assert(hasher_algorithm_from_prf(prfs[_i].prf) == prfs[_i].alg);
180: }
181: END_TEST
182:
183: typedef struct {
184: integrity_algorithm_t auth;
185: hash_algorithm_t alg;
186: size_t length;
187: }hasher_auth_t;
188:
189: static hasher_auth_t auths[] = {
190: { AUTH_UNDEFINED, HASH_MD2, 0 },
191: { AUTH_UNDEFINED, HASH_MD4, 0 },
192: { AUTH_UNDEFINED, HASH_SHA224, 0 },
193: { AUTH_UNDEFINED, 9, 0 },
194: { AUTH_UNDEFINED, HASH_UNKNOWN, 0 },
195: { AUTH_HMAC_MD5_96, HASH_MD5, 12 },
196: { AUTH_HMAC_SHA1_96, HASH_SHA1, 12 },
197: { AUTH_HMAC_SHA2_256_96, HASH_SHA256, 12 },
198: { AUTH_HMAC_MD5_128, HASH_MD5, 16 },
199: { AUTH_HMAC_SHA1_128, HASH_SHA1, 16 },
200: { AUTH_HMAC_SHA2_256_128, HASH_SHA256, 16 },
201: { AUTH_HMAC_SHA1_160, HASH_SHA1, 20 },
202: { AUTH_HMAC_SHA2_384_192, HASH_SHA384, 24 },
203: { AUTH_HMAC_SHA2_256_256, HASH_SHA256, 32 },
204: { AUTH_HMAC_SHA2_512_256, HASH_SHA512, 32 },
205: { AUTH_HMAC_SHA2_384_384, HASH_SHA384, 48 },
206: { AUTH_HMAC_SHA2_512_512, HASH_SHA512, 64 },
207: { AUTH_AES_CMAC_96, HASH_UNKNOWN, 0 },
208: { AUTH_AES_128_GMAC, HASH_UNKNOWN, 0 },
209: { AUTH_AES_192_GMAC, HASH_UNKNOWN, 0 },
210: { AUTH_AES_256_GMAC, HASH_UNKNOWN, 0 },
211: { AUTH_AES_XCBC_96, HASH_UNKNOWN, 0 },
212: { AUTH_DES_MAC, HASH_UNKNOWN, 0 },
213: { AUTH_CAMELLIA_XCBC_96, HASH_UNKNOWN, 0 },
214: { 0, HASH_UNKNOWN, 0 }
215: };
216:
217: START_TEST(test_hasher_from_integrity)
218: {
219: size_t length;
220:
221: length = 0;
222: ck_assert(hasher_algorithm_from_integrity(auths[_i].auth, NULL) ==
223: auths[_i].alg);
224: ck_assert(hasher_algorithm_from_integrity(auths[_i].auth, &length) ==
225: auths[_i].alg);
226: ck_assert(length == auths[_i].length);
227: }
228: END_TEST
229:
230: START_TEST(test_hasher_to_integrity)
231: {
232: ck_assert(hasher_algorithm_to_integrity(
233: auths[_i].alg, auths[_i].length) == auths[_i].auth);
234: ck_assert(hasher_algorithm_to_integrity(
235: auths[_i].alg, 0) == AUTH_UNDEFINED);
236: }
237: END_TEST
238:
239:
240: typedef struct {
241: hash_algorithm_t alg;
242: bool ikev2;
243: }hasher_ikev2_t;
244:
245: static hasher_ikev2_t ikev2[] = {
246: { HASH_IDENTITY, TRUE },
247: { HASH_SHA1, FALSE },
248: { HASH_SHA256, TRUE },
249: { HASH_SHA384, TRUE },
250: { HASH_SHA512, TRUE },
251: { HASH_UNKNOWN, FALSE },
252: { HASH_MD2, FALSE },
253: { HASH_MD4, FALSE },
254: { HASH_MD5, FALSE },
255: { HASH_SHA224, FALSE },
256: { HASH_SHA3_224, FALSE },
257: { HASH_SHA3_256, FALSE },
258: { HASH_SHA3_384, FALSE },
259: { HASH_SHA3_512, FALSE },
260: { 30, FALSE }
261: };
262:
263: START_TEST(test_hasher_for_ikev2)
264: {
265: ck_assert(hasher_algorithm_for_ikev2(ikev2[_i].alg) == ikev2[_i].ikev2);
266: }
267: END_TEST
268:
269: Suite *hasher_suite_create()
270: {
271: Suite *s;
272: TCase *tc;
273:
274: s = suite_create("hasher");
275:
276: tc = tcase_create("from_oid");
277: tcase_add_loop_test(tc, test_hasher_from_oid, 0, 28);
278: suite_add_tcase(s, tc);
279:
280: tc = tcase_create("to_oid");
281: tcase_add_loop_test(tc, test_hasher_to_oid, 0, 12);
282: suite_add_tcase(s, tc);
283:
284: tc = tcase_create("sig_to_oid");
285: tcase_add_loop_test(tc, test_hasher_sig_to_oid, 11, countof(oids));
286: suite_add_tcase(s, tc);
287:
288: tc = tcase_create("from_sig_scheme");
289: tcase_add_loop_test(tc, test_hasher_from_sig_scheme, 0, countof(sig_schemes));
290: tcase_add_loop_test(tc, test_hasher_from_sig_scheme_params, 0, countof(sig_schemes_params));
291: suite_add_tcase(s, tc);
292:
293: tc = tcase_create("from_prf");
294: tcase_add_loop_test(tc, test_hasher_from_prf, 0, countof(prfs));
295: suite_add_tcase(s, tc);
296:
297: tc = tcase_create("from_integrity");
298: tcase_add_loop_test(tc, test_hasher_from_integrity, 4, countof(auths));
299: suite_add_tcase(s, tc);
300:
301: tc = tcase_create("to_integrity");
302: tcase_add_loop_test(tc, test_hasher_to_integrity, 0, 17);
303: suite_add_tcase(s, tc);
304:
305: tc = tcase_create("for_ikev2");
306: tcase_add_loop_test(tc, test_hasher_for_ikev2, 0, countof(ikev2));
307: suite_add_tcase(s, tc);
308:
309: return s;
310: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>