]>
Commit | Line | Data |
---|---|---|
58964a49 | 1 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
d02b48c6 RE |
2 | * All rights reserved. |
3 | * | |
4 | * This package is an SSL implementation written | |
5 | * by Eric Young (eay@cryptsoft.com). | |
6 | * The implementation was written so as to conform with Netscapes SSL. | |
0f113f3e | 7 | * |
d02b48c6 RE |
8 | * This library is free for commercial and non-commercial use as long as |
9 | * the following conditions are aheared to. The following conditions | |
10 | * apply to all code found in this distribution, be it the RC4, RSA, | |
11 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | |
12 | * included with this distribution is covered by the same copyright terms | |
13 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | |
0f113f3e | 14 | * |
d02b48c6 RE |
15 | * Copyright remains Eric Young's, and as such any Copyright notices in |
16 | * the code are not to be removed. | |
17 | * If this package is used in a product, Eric Young should be given attribution | |
18 | * as the author of the parts of the library used. | |
19 | * This can be in the form of a textual message at program startup or | |
20 | * in documentation (online or textual) provided with the package. | |
0f113f3e | 21 | * |
d02b48c6 RE |
22 | * Redistribution and use in source and binary forms, with or without |
23 | * modification, are permitted provided that the following conditions | |
24 | * are met: | |
25 | * 1. Redistributions of source code must retain the copyright | |
26 | * notice, this list of conditions and the following disclaimer. | |
27 | * 2. Redistributions in binary form must reproduce the above copyright | |
28 | * notice, this list of conditions and the following disclaimer in the | |
29 | * documentation and/or other materials provided with the distribution. | |
30 | * 3. All advertising materials mentioning features or use of this software | |
31 | * must display the following acknowledgement: | |
32 | * "This product includes cryptographic software written by | |
33 | * Eric Young (eay@cryptsoft.com)" | |
34 | * The word 'cryptographic' can be left out if the rouines from the library | |
35 | * being used are not cryptographic related :-). | |
0f113f3e | 36 | * 4. If you include any Windows specific code (or a derivative thereof) from |
d02b48c6 RE |
37 | * the apps directory (application code) you must include an acknowledgement: |
38 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | |
0f113f3e | 39 | * |
d02b48c6 RE |
40 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
41 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
42 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
43 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |
44 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
45 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
46 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
48 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
49 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
50 | * SUCH DAMAGE. | |
0f113f3e | 51 | * |
d02b48c6 RE |
52 | * The licence and distribution terms for any publically available version or |
53 | * derivative of this code cannot be changed. i.e. this code cannot simply be | |
54 | * copied and put under another distribution licence | |
55 | * [including the GNU Public Licence.] | |
56 | */ | |
57 | ||
58 | #include <stdio.h> | |
59 | #include <stdlib.h> | |
60 | #include <string.h> | |
55f78baf RL |
61 | |
62 | #include "../e_os.h" | |
63 | ||
ec577822 BM |
64 | #include <openssl/crypto.h> |
65 | #include <openssl/bio.h> | |
66 | #include <openssl/bn.h> | |
b0bb2b91 | 67 | #include <openssl/rand.h> |
cb78486d | 68 | #include <openssl/err.h> |
f5d7a031 | 69 | |
cf1b7d96 | 70 | #ifdef OPENSSL_NO_DH |
f5d7a031 UM |
71 | int main(int argc, char *argv[]) |
72 | { | |
73 | printf("No DH support\n"); | |
0f113f3e | 74 | return (0); |
f5d7a031 UM |
75 | } |
76 | #else | |
0f113f3e | 77 | # include <openssl/dh.h> |
d02b48c6 | 78 | |
6d23cf97 | 79 | static int cb(int p, int n, BN_GENCB *arg); |
d02b48c6 | 80 | |
0f113f3e MC |
81 | static const char rnd_seed[] = |
82 | "string to make the random number generator think it has entropy"; | |
7d388202 | 83 | |
20bee968 DSH |
84 | static int run_rfc5114_tests(void); |
85 | ||
6b691a5c | 86 | int main(int argc, char *argv[]) |
0f113f3e | 87 | { |
f562aeda | 88 | BN_GENCB *_cb = NULL; |
0f113f3e MC |
89 | DH *a = NULL; |
90 | DH *b = NULL; | |
0aeddcfa MC |
91 | BIGNUM *ap = NULL, *ag = NULL, *bp = NULL, *bg = NULL, *apub_key = NULL; |
92 | BIGNUM *bpub_key = NULL, *priv_key = NULL; | |
f562aeda HZ |
93 | char buf[12] = {0}; |
94 | unsigned char *abuf = NULL; | |
95 | unsigned char *bbuf = NULL; | |
96 | int i, alen, blen, aout, bout; | |
97 | int ret = 1; | |
98 | BIO *out = NULL; | |
0f113f3e | 99 | |
bbd86bf5 | 100 | CRYPTO_set_mem_debug(1); |
0f113f3e MC |
101 | CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); |
102 | ||
0f113f3e MC |
103 | RAND_seed(rnd_seed, sizeof rnd_seed); |
104 | ||
105 | out = BIO_new(BIO_s_file()); | |
106 | if (out == NULL) | |
107 | EXIT(1); | |
0f81f5f7 | 108 | BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT); |
0f113f3e MC |
109 | |
110 | _cb = BN_GENCB_new(); | |
f562aeda | 111 | if (_cb == NULL) |
0f113f3e MC |
112 | goto err; |
113 | BN_GENCB_set(_cb, &cb, out); | |
f562aeda HZ |
114 | if (((a = DH_new()) == NULL) |
115 | || (!DH_generate_parameters_ex(a, 64, DH_GENERATOR_5, _cb))) | |
0f113f3e MC |
116 | goto err; |
117 | ||
118 | if (!DH_check(a, &i)) | |
119 | goto err; | |
120 | if (i & DH_CHECK_P_NOT_PRIME) | |
121 | BIO_puts(out, "p value is not prime\n"); | |
122 | if (i & DH_CHECK_P_NOT_SAFE_PRIME) | |
123 | BIO_puts(out, "p value is not a safe prime\n"); | |
124 | if (i & DH_UNABLE_TO_CHECK_GENERATOR) | |
125 | BIO_puts(out, "unable to check the generator value\n"); | |
126 | if (i & DH_NOT_SUITABLE_GENERATOR) | |
127 | BIO_puts(out, "the g value is not a generator\n"); | |
128 | ||
0aeddcfa | 129 | DH_get0_pqg(a, &ap, NULL, &ag); |
0f113f3e | 130 | BIO_puts(out, "\np ="); |
0aeddcfa | 131 | BN_print(out, ap); |
0f113f3e | 132 | BIO_puts(out, "\ng ="); |
0aeddcfa | 133 | BN_print(out, ag); |
0f113f3e MC |
134 | BIO_puts(out, "\n"); |
135 | ||
136 | b = DH_new(); | |
137 | if (b == NULL) | |
138 | goto err; | |
139 | ||
0aeddcfa MC |
140 | bp = BN_dup(ap); |
141 | bg = BN_dup(ag); | |
142 | if ((bp == NULL) || (bg == NULL) || !DH_set0_pqg(b, bp, NULL, bg)) | |
0f113f3e | 143 | goto err; |
0aeddcfa | 144 | bp = bg = NULL; |
0f113f3e MC |
145 | |
146 | /* Set a to run with normal modexp and b to use constant time */ | |
0aeddcfa MC |
147 | DH_clear_flags(a, DH_FLAG_NO_EXP_CONSTTIME); |
148 | DH_set_flags(b, DH_FLAG_NO_EXP_CONSTTIME); | |
0f113f3e MC |
149 | |
150 | if (!DH_generate_key(a)) | |
151 | goto err; | |
0aeddcfa | 152 | DH_get0_key(a, &apub_key, &priv_key); |
0f113f3e | 153 | BIO_puts(out, "pri 1="); |
0aeddcfa | 154 | BN_print(out, priv_key); |
0f113f3e | 155 | BIO_puts(out, "\npub 1="); |
0aeddcfa | 156 | BN_print(out, apub_key); |
0f113f3e MC |
157 | BIO_puts(out, "\n"); |
158 | ||
159 | if (!DH_generate_key(b)) | |
160 | goto err; | |
0aeddcfa | 161 | DH_get0_key(b, &bpub_key, &priv_key); |
0f113f3e | 162 | BIO_puts(out, "pri 2="); |
0aeddcfa | 163 | BN_print(out, priv_key); |
0f113f3e | 164 | BIO_puts(out, "\npub 2="); |
0aeddcfa | 165 | BN_print(out, bpub_key); |
0f113f3e MC |
166 | BIO_puts(out, "\n"); |
167 | ||
168 | alen = DH_size(a); | |
b196e7d9 | 169 | abuf = OPENSSL_malloc(alen); |
f562aeda HZ |
170 | if (abuf == NULL) |
171 | goto err; | |
172 | ||
0aeddcfa | 173 | aout = DH_compute_key(abuf, bpub_key, a); |
0f113f3e MC |
174 | |
175 | BIO_puts(out, "key1 ="); | |
176 | for (i = 0; i < aout; i++) { | |
177 | sprintf(buf, "%02X", abuf[i]); | |
178 | BIO_puts(out, buf); | |
179 | } | |
180 | BIO_puts(out, "\n"); | |
181 | ||
182 | blen = DH_size(b); | |
b196e7d9 | 183 | bbuf = OPENSSL_malloc(blen); |
f562aeda HZ |
184 | if (bbuf == NULL) |
185 | goto err; | |
186 | ||
0aeddcfa | 187 | bout = DH_compute_key(bbuf, apub_key, b); |
0f113f3e MC |
188 | |
189 | BIO_puts(out, "key2 ="); | |
190 | for (i = 0; i < bout; i++) { | |
191 | sprintf(buf, "%02X", bbuf[i]); | |
192 | BIO_puts(out, buf); | |
193 | } | |
194 | BIO_puts(out, "\n"); | |
195 | if ((aout < 4) || (bout != aout) || (memcmp(abuf, bbuf, aout) != 0)) { | |
196 | fprintf(stderr, "Error in DH routines\n"); | |
197 | ret = 1; | |
198 | } else | |
199 | ret = 0; | |
200 | if (!run_rfc5114_tests()) | |
201 | ret = 1; | |
202 | err: | |
f0e1fe7c | 203 | (void)BIO_flush(out); |
0f113f3e MC |
204 | ERR_print_errors_fp(stderr); |
205 | ||
b548a1f1 RS |
206 | OPENSSL_free(abuf); |
207 | OPENSSL_free(bbuf); | |
d6407083 RS |
208 | DH_free(b); |
209 | DH_free(a); | |
0aeddcfa MC |
210 | BN_free(bp); |
211 | BN_free(bg); | |
23a1d5e9 | 212 | BN_GENCB_free(_cb); |
0f113f3e | 213 | BIO_free(out); |
f0e1fe7c F |
214 | |
215 | #ifndef OPENSSL_NO_CRYPTO_MDEBUG | |
216 | if (CRYPTO_mem_leaks_fp(stderr) <= 0) | |
217 | ret = 1; | |
218 | #endif | |
219 | ||
0f113f3e | 220 | EXIT(ret); |
0f113f3e | 221 | } |
d02b48c6 | 222 | |
6d23cf97 | 223 | static int cb(int p, int n, BN_GENCB *arg) |
0f113f3e MC |
224 | { |
225 | char c = '*'; | |
226 | ||
227 | if (p == 0) | |
228 | c = '.'; | |
229 | if (p == 1) | |
230 | c = '+'; | |
231 | if (p == 2) | |
232 | c = '*'; | |
233 | if (p == 3) | |
234 | c = '\n'; | |
235 | BIO_write(BN_GENCB_get_arg(arg), &c, 1); | |
236 | (void)BIO_flush(BN_GENCB_get_arg(arg)); | |
237 | return 1; | |
238 | } | |
20bee968 DSH |
239 | |
240 | /* Test data from RFC 5114 */ | |
241 | ||
242 | static const unsigned char dhtest_1024_160_xA[] = { | |
0f113f3e MC |
243 | 0xB9, 0xA3, 0xB3, 0xAE, 0x8F, 0xEF, 0xC1, 0xA2, 0x93, 0x04, 0x96, 0x50, |
244 | 0x70, 0x86, 0xF8, 0x45, 0x5D, 0x48, 0x94, 0x3E | |
20bee968 | 245 | }; |
0f113f3e | 246 | |
20bee968 | 247 | static const unsigned char dhtest_1024_160_yA[] = { |
0f113f3e MC |
248 | 0x2A, 0x85, 0x3B, 0x3D, 0x92, 0x19, 0x75, 0x01, 0xB9, 0x01, 0x5B, 0x2D, |
249 | 0xEB, 0x3E, 0xD8, 0x4F, 0x5E, 0x02, 0x1D, 0xCC, 0x3E, 0x52, 0xF1, 0x09, | |
250 | 0xD3, 0x27, 0x3D, 0x2B, 0x75, 0x21, 0x28, 0x1C, 0xBA, 0xBE, 0x0E, 0x76, | |
251 | 0xFF, 0x57, 0x27, 0xFA, 0x8A, 0xCC, 0xE2, 0x69, 0x56, 0xBA, 0x9A, 0x1F, | |
252 | 0xCA, 0x26, 0xF2, 0x02, 0x28, 0xD8, 0x69, 0x3F, 0xEB, 0x10, 0x84, 0x1D, | |
253 | 0x84, 0xA7, 0x36, 0x00, 0x54, 0xEC, 0xE5, 0xA7, 0xF5, 0xB7, 0xA6, 0x1A, | |
254 | 0xD3, 0xDF, 0xB3, 0xC6, 0x0D, 0x2E, 0x43, 0x10, 0x6D, 0x87, 0x27, 0xDA, | |
255 | 0x37, 0xDF, 0x9C, 0xCE, 0x95, 0xB4, 0x78, 0x75, 0x5D, 0x06, 0xBC, 0xEA, | |
256 | 0x8F, 0x9D, 0x45, 0x96, 0x5F, 0x75, 0xA5, 0xF3, 0xD1, 0xDF, 0x37, 0x01, | |
257 | 0x16, 0x5F, 0xC9, 0xE5, 0x0C, 0x42, 0x79, 0xCE, 0xB0, 0x7F, 0x98, 0x95, | |
258 | 0x40, 0xAE, 0x96, 0xD5, 0xD8, 0x8E, 0xD7, 0x76 | |
20bee968 | 259 | }; |
0f113f3e | 260 | |
20bee968 | 261 | static const unsigned char dhtest_1024_160_xB[] = { |
0f113f3e MC |
262 | 0x93, 0x92, 0xC9, 0xF9, 0xEB, 0x6A, 0x7A, 0x6A, 0x90, 0x22, 0xF7, 0xD8, |
263 | 0x3E, 0x72, 0x23, 0xC6, 0x83, 0x5B, 0xBD, 0xDA | |
20bee968 | 264 | }; |
0f113f3e | 265 | |
20bee968 | 266 | static const unsigned char dhtest_1024_160_yB[] = { |
0f113f3e MC |
267 | 0x71, 0x7A, 0x6C, 0xB0, 0x53, 0x37, 0x1F, 0xF4, 0xA3, 0xB9, 0x32, 0x94, |
268 | 0x1C, 0x1E, 0x56, 0x63, 0xF8, 0x61, 0xA1, 0xD6, 0xAD, 0x34, 0xAE, 0x66, | |
269 | 0x57, 0x6D, 0xFB, 0x98, 0xF6, 0xC6, 0xCB, 0xF9, 0xDD, 0xD5, 0xA5, 0x6C, | |
270 | 0x78, 0x33, 0xF6, 0xBC, 0xFD, 0xFF, 0x09, 0x55, 0x82, 0xAD, 0x86, 0x8E, | |
271 | 0x44, 0x0E, 0x8D, 0x09, 0xFD, 0x76, 0x9E, 0x3C, 0xEC, 0xCD, 0xC3, 0xD3, | |
272 | 0xB1, 0xE4, 0xCF, 0xA0, 0x57, 0x77, 0x6C, 0xAA, 0xF9, 0x73, 0x9B, 0x6A, | |
273 | 0x9F, 0xEE, 0x8E, 0x74, 0x11, 0xF8, 0xD6, 0xDA, 0xC0, 0x9D, 0x6A, 0x4E, | |
274 | 0xDB, 0x46, 0xCC, 0x2B, 0x5D, 0x52, 0x03, 0x09, 0x0E, 0xAE, 0x61, 0x26, | |
275 | 0x31, 0x1E, 0x53, 0xFD, 0x2C, 0x14, 0xB5, 0x74, 0xE6, 0xA3, 0x10, 0x9A, | |
276 | 0x3D, 0xA1, 0xBE, 0x41, 0xBD, 0xCE, 0xAA, 0x18, 0x6F, 0x5C, 0xE0, 0x67, | |
277 | 0x16, 0xA2, 0xB6, 0xA0, 0x7B, 0x3C, 0x33, 0xFE | |
20bee968 | 278 | }; |
0f113f3e | 279 | |
20bee968 | 280 | static const unsigned char dhtest_1024_160_Z[] = { |
0f113f3e MC |
281 | 0x5C, 0x80, 0x4F, 0x45, 0x4D, 0x30, 0xD9, 0xC4, 0xDF, 0x85, 0x27, 0x1F, |
282 | 0x93, 0x52, 0x8C, 0x91, 0xDF, 0x6B, 0x48, 0xAB, 0x5F, 0x80, 0xB3, 0xB5, | |
283 | 0x9C, 0xAA, 0xC1, 0xB2, 0x8F, 0x8A, 0xCB, 0xA9, 0xCD, 0x3E, 0x39, 0xF3, | |
284 | 0xCB, 0x61, 0x45, 0x25, 0xD9, 0x52, 0x1D, 0x2E, 0x64, 0x4C, 0x53, 0xB8, | |
285 | 0x07, 0xB8, 0x10, 0xF3, 0x40, 0x06, 0x2F, 0x25, 0x7D, 0x7D, 0x6F, 0xBF, | |
286 | 0xE8, 0xD5, 0xE8, 0xF0, 0x72, 0xE9, 0xB6, 0xE9, 0xAF, 0xDA, 0x94, 0x13, | |
287 | 0xEA, 0xFB, 0x2E, 0x8B, 0x06, 0x99, 0xB1, 0xFB, 0x5A, 0x0C, 0xAC, 0xED, | |
288 | 0xDE, 0xAE, 0xAD, 0x7E, 0x9C, 0xFB, 0xB3, 0x6A, 0xE2, 0xB4, 0x20, 0x83, | |
289 | 0x5B, 0xD8, 0x3A, 0x19, 0xFB, 0x0B, 0x5E, 0x96, 0xBF, 0x8F, 0xA4, 0xD0, | |
290 | 0x9E, 0x34, 0x55, 0x25, 0x16, 0x7E, 0xCD, 0x91, 0x55, 0x41, 0x6F, 0x46, | |
291 | 0xF4, 0x08, 0xED, 0x31, 0xB6, 0x3C, 0x6E, 0x6D | |
20bee968 | 292 | }; |
0f113f3e | 293 | |
20bee968 | 294 | static const unsigned char dhtest_2048_224_xA[] = { |
0f113f3e MC |
295 | 0x22, 0xE6, 0x26, 0x01, 0xDB, 0xFF, 0xD0, 0x67, 0x08, 0xA6, 0x80, 0xF7, |
296 | 0x47, 0xF3, 0x61, 0xF7, 0x6D, 0x8F, 0x4F, 0x72, 0x1A, 0x05, 0x48, 0xE4, | |
297 | 0x83, 0x29, 0x4B, 0x0C | |
20bee968 | 298 | }; |
0f113f3e | 299 | |
20bee968 | 300 | static const unsigned char dhtest_2048_224_yA[] = { |
0f113f3e MC |
301 | 0x1B, 0x3A, 0x63, 0x45, 0x1B, 0xD8, 0x86, 0xE6, 0x99, 0xE6, 0x7B, 0x49, |
302 | 0x4E, 0x28, 0x8B, 0xD7, 0xF8, 0xE0, 0xD3, 0x70, 0xBA, 0xDD, 0xA7, 0xA0, | |
303 | 0xEF, 0xD2, 0xFD, 0xE7, 0xD8, 0xF6, 0x61, 0x45, 0xCC, 0x9F, 0x28, 0x04, | |
304 | 0x19, 0x97, 0x5E, 0xB8, 0x08, 0x87, 0x7C, 0x8A, 0x4C, 0x0C, 0x8E, 0x0B, | |
305 | 0xD4, 0x8D, 0x4A, 0x54, 0x01, 0xEB, 0x1E, 0x87, 0x76, 0xBF, 0xEE, 0xE1, | |
306 | 0x34, 0xC0, 0x38, 0x31, 0xAC, 0x27, 0x3C, 0xD9, 0xD6, 0x35, 0xAB, 0x0C, | |
307 | 0xE0, 0x06, 0xA4, 0x2A, 0x88, 0x7E, 0x3F, 0x52, 0xFB, 0x87, 0x66, 0xB6, | |
308 | 0x50, 0xF3, 0x80, 0x78, 0xBC, 0x8E, 0xE8, 0x58, 0x0C, 0xEF, 0xE2, 0x43, | |
309 | 0x96, 0x8C, 0xFC, 0x4F, 0x8D, 0xC3, 0xDB, 0x08, 0x45, 0x54, 0x17, 0x1D, | |
310 | 0x41, 0xBF, 0x2E, 0x86, 0x1B, 0x7B, 0xB4, 0xD6, 0x9D, 0xD0, 0xE0, 0x1E, | |
311 | 0xA3, 0x87, 0xCB, 0xAA, 0x5C, 0xA6, 0x72, 0xAF, 0xCB, 0xE8, 0xBD, 0xB9, | |
312 | 0xD6, 0x2D, 0x4C, 0xE1, 0x5F, 0x17, 0xDD, 0x36, 0xF9, 0x1E, 0xD1, 0xEE, | |
313 | 0xDD, 0x65, 0xCA, 0x4A, 0x06, 0x45, 0x5C, 0xB9, 0x4C, 0xD4, 0x0A, 0x52, | |
314 | 0xEC, 0x36, 0x0E, 0x84, 0xB3, 0xC9, 0x26, 0xE2, 0x2C, 0x43, 0x80, 0xA3, | |
315 | 0xBF, 0x30, 0x9D, 0x56, 0x84, 0x97, 0x68, 0xB7, 0xF5, 0x2C, 0xFD, 0xF6, | |
316 | 0x55, 0xFD, 0x05, 0x3A, 0x7E, 0xF7, 0x06, 0x97, 0x9E, 0x7E, 0x58, 0x06, | |
317 | 0xB1, 0x7D, 0xFA, 0xE5, 0x3A, 0xD2, 0xA5, 0xBC, 0x56, 0x8E, 0xBB, 0x52, | |
318 | 0x9A, 0x7A, 0x61, 0xD6, 0x8D, 0x25, 0x6F, 0x8F, 0xC9, 0x7C, 0x07, 0x4A, | |
319 | 0x86, 0x1D, 0x82, 0x7E, 0x2E, 0xBC, 0x8C, 0x61, 0x34, 0x55, 0x31, 0x15, | |
320 | 0xB7, 0x0E, 0x71, 0x03, 0x92, 0x0A, 0xA1, 0x6D, 0x85, 0xE5, 0x2B, 0xCB, | |
321 | 0xAB, 0x8D, 0x78, 0x6A, 0x68, 0x17, 0x8F, 0xA8, 0xFF, 0x7C, 0x2F, 0x5C, | |
322 | 0x71, 0x64, 0x8D, 0x6F | |
20bee968 | 323 | }; |
0f113f3e | 324 | |
20bee968 | 325 | static const unsigned char dhtest_2048_224_xB[] = { |
0f113f3e MC |
326 | 0x4F, 0xF3, 0xBC, 0x96, 0xC7, 0xFC, 0x6A, 0x6D, 0x71, 0xD3, 0xB3, 0x63, |
327 | 0x80, 0x0A, 0x7C, 0xDF, 0xEF, 0x6F, 0xC4, 0x1B, 0x44, 0x17, 0xEA, 0x15, | |
328 | 0x35, 0x3B, 0x75, 0x90 | |
20bee968 | 329 | }; |
0f113f3e | 330 | |
20bee968 | 331 | static const unsigned char dhtest_2048_224_yB[] = { |
0f113f3e MC |
332 | 0x4D, 0xCE, 0xE9, 0x92, 0xA9, 0x76, 0x2A, 0x13, 0xF2, 0xF8, 0x38, 0x44, |
333 | 0xAD, 0x3D, 0x77, 0xEE, 0x0E, 0x31, 0xC9, 0x71, 0x8B, 0x3D, 0xB6, 0xC2, | |
334 | 0x03, 0x5D, 0x39, 0x61, 0x18, 0x2C, 0x3E, 0x0B, 0xA2, 0x47, 0xEC, 0x41, | |
335 | 0x82, 0xD7, 0x60, 0xCD, 0x48, 0xD9, 0x95, 0x99, 0x97, 0x06, 0x22, 0xA1, | |
336 | 0x88, 0x1B, 0xBA, 0x2D, 0xC8, 0x22, 0x93, 0x9C, 0x78, 0xC3, 0x91, 0x2C, | |
337 | 0x66, 0x61, 0xFA, 0x54, 0x38, 0xB2, 0x07, 0x66, 0x22, 0x2B, 0x75, 0xE2, | |
338 | 0x4C, 0x2E, 0x3A, 0xD0, 0xC7, 0x28, 0x72, 0x36, 0x12, 0x95, 0x25, 0xEE, | |
339 | 0x15, 0xB5, 0xDD, 0x79, 0x98, 0xAA, 0x04, 0xC4, 0xA9, 0x69, 0x6C, 0xAC, | |
340 | 0xD7, 0x17, 0x20, 0x83, 0xA9, 0x7A, 0x81, 0x66, 0x4E, 0xAD, 0x2C, 0x47, | |
341 | 0x9E, 0x44, 0x4E, 0x4C, 0x06, 0x54, 0xCC, 0x19, 0xE2, 0x8D, 0x77, 0x03, | |
342 | 0xCE, 0xE8, 0xDA, 0xCD, 0x61, 0x26, 0xF5, 0xD6, 0x65, 0xEC, 0x52, 0xC6, | |
343 | 0x72, 0x55, 0xDB, 0x92, 0x01, 0x4B, 0x03, 0x7E, 0xB6, 0x21, 0xA2, 0xAC, | |
344 | 0x8E, 0x36, 0x5D, 0xE0, 0x71, 0xFF, 0xC1, 0x40, 0x0A, 0xCF, 0x07, 0x7A, | |
345 | 0x12, 0x91, 0x3D, 0xD8, 0xDE, 0x89, 0x47, 0x34, 0x37, 0xAB, 0x7B, 0xA3, | |
346 | 0x46, 0x74, 0x3C, 0x1B, 0x21, 0x5D, 0xD9, 0xC1, 0x21, 0x64, 0xA7, 0xE4, | |
347 | 0x05, 0x31, 0x18, 0xD1, 0x99, 0xBE, 0xC8, 0xEF, 0x6F, 0xC5, 0x61, 0x17, | |
348 | 0x0C, 0x84, 0xC8, 0x7D, 0x10, 0xEE, 0x9A, 0x67, 0x4A, 0x1F, 0xA8, 0xFF, | |
349 | 0xE1, 0x3B, 0xDF, 0xBA, 0x1D, 0x44, 0xDE, 0x48, 0x94, 0x6D, 0x68, 0xDC, | |
350 | 0x0C, 0xDD, 0x77, 0x76, 0x35, 0xA7, 0xAB, 0x5B, 0xFB, 0x1E, 0x4B, 0xB7, | |
351 | 0xB8, 0x56, 0xF9, 0x68, 0x27, 0x73, 0x4C, 0x18, 0x41, 0x38, 0xE9, 0x15, | |
352 | 0xD9, 0xC3, 0x00, 0x2E, 0xBC, 0xE5, 0x31, 0x20, 0x54, 0x6A, 0x7E, 0x20, | |
353 | 0x02, 0x14, 0x2B, 0x6C | |
20bee968 | 354 | }; |
0f113f3e | 355 | |
20bee968 | 356 | static const unsigned char dhtest_2048_224_Z[] = { |
0f113f3e MC |
357 | 0x34, 0xD9, 0xBD, 0xDC, 0x1B, 0x42, 0x17, 0x6C, 0x31, 0x3F, 0xEA, 0x03, |
358 | 0x4C, 0x21, 0x03, 0x4D, 0x07, 0x4A, 0x63, 0x13, 0xBB, 0x4E, 0xCD, 0xB3, | |
359 | 0x70, 0x3F, 0xFF, 0x42, 0x45, 0x67, 0xA4, 0x6B, 0xDF, 0x75, 0x53, 0x0E, | |
360 | 0xDE, 0x0A, 0x9D, 0xA5, 0x22, 0x9D, 0xE7, 0xD7, 0x67, 0x32, 0x28, 0x6C, | |
361 | 0xBC, 0x0F, 0x91, 0xDA, 0x4C, 0x3C, 0x85, 0x2F, 0xC0, 0x99, 0xC6, 0x79, | |
362 | 0x53, 0x1D, 0x94, 0xC7, 0x8A, 0xB0, 0x3D, 0x9D, 0xEC, 0xB0, 0xA4, 0xE4, | |
363 | 0xCA, 0x8B, 0x2B, 0xB4, 0x59, 0x1C, 0x40, 0x21, 0xCF, 0x8C, 0xE3, 0xA2, | |
364 | 0x0A, 0x54, 0x1D, 0x33, 0x99, 0x40, 0x17, 0xD0, 0x20, 0x0A, 0xE2, 0xC9, | |
365 | 0x51, 0x6E, 0x2F, 0xF5, 0x14, 0x57, 0x79, 0x26, 0x9E, 0x86, 0x2B, 0x0F, | |
366 | 0xB4, 0x74, 0xA2, 0xD5, 0x6D, 0xC3, 0x1E, 0xD5, 0x69, 0xA7, 0x70, 0x0B, | |
367 | 0x4C, 0x4A, 0xB1, 0x6B, 0x22, 0xA4, 0x55, 0x13, 0x53, 0x1E, 0xF5, 0x23, | |
368 | 0xD7, 0x12, 0x12, 0x07, 0x7B, 0x5A, 0x16, 0x9B, 0xDE, 0xFF, 0xAD, 0x7A, | |
369 | 0xD9, 0x60, 0x82, 0x84, 0xC7, 0x79, 0x5B, 0x6D, 0x5A, 0x51, 0x83, 0xB8, | |
370 | 0x70, 0x66, 0xDE, 0x17, 0xD8, 0xD6, 0x71, 0xC9, 0xEB, 0xD8, 0xEC, 0x89, | |
371 | 0x54, 0x4D, 0x45, 0xEC, 0x06, 0x15, 0x93, 0xD4, 0x42, 0xC6, 0x2A, 0xB9, | |
372 | 0xCE, 0x3B, 0x1C, 0xB9, 0x94, 0x3A, 0x1D, 0x23, 0xA5, 0xEA, 0x3B, 0xCF, | |
373 | 0x21, 0xA0, 0x14, 0x71, 0xE6, 0x7E, 0x00, 0x3E, 0x7F, 0x8A, 0x69, 0xC7, | |
374 | 0x28, 0xBE, 0x49, 0x0B, 0x2F, 0xC8, 0x8C, 0xFE, 0xB9, 0x2D, 0xB6, 0xA2, | |
375 | 0x15, 0xE5, 0xD0, 0x3C, 0x17, 0xC4, 0x64, 0xC9, 0xAC, 0x1A, 0x46, 0xE2, | |
376 | 0x03, 0xE1, 0x3F, 0x95, 0x29, 0x95, 0xFB, 0x03, 0xC6, 0x9D, 0x3C, 0xC4, | |
377 | 0x7F, 0xCB, 0x51, 0x0B, 0x69, 0x98, 0xFF, 0xD3, 0xAA, 0x6D, 0xE7, 0x3C, | |
378 | 0xF9, 0xF6, 0x38, 0x69 | |
20bee968 | 379 | }; |
0f113f3e | 380 | |
20bee968 | 381 | static const unsigned char dhtest_2048_256_xA[] = { |
0f113f3e MC |
382 | 0x08, 0x81, 0x38, 0x2C, 0xDB, 0x87, 0x66, 0x0C, 0x6D, 0xC1, 0x3E, 0x61, |
383 | 0x49, 0x38, 0xD5, 0xB9, 0xC8, 0xB2, 0xF2, 0x48, 0x58, 0x1C, 0xC5, 0xE3, | |
384 | 0x1B, 0x35, 0x45, 0x43, 0x97, 0xFC, 0xE5, 0x0E | |
20bee968 | 385 | }; |
0f113f3e | 386 | |
20bee968 | 387 | static const unsigned char dhtest_2048_256_yA[] = { |
0f113f3e MC |
388 | 0x2E, 0x93, 0x80, 0xC8, 0x32, 0x3A, 0xF9, 0x75, 0x45, 0xBC, 0x49, 0x41, |
389 | 0xDE, 0xB0, 0xEC, 0x37, 0x42, 0xC6, 0x2F, 0xE0, 0xEC, 0xE8, 0x24, 0xA6, | |
390 | 0xAB, 0xDB, 0xE6, 0x6C, 0x59, 0xBE, 0xE0, 0x24, 0x29, 0x11, 0xBF, 0xB9, | |
391 | 0x67, 0x23, 0x5C, 0xEB, 0xA3, 0x5A, 0xE1, 0x3E, 0x4E, 0xC7, 0x52, 0xBE, | |
392 | 0x63, 0x0B, 0x92, 0xDC, 0x4B, 0xDE, 0x28, 0x47, 0xA9, 0xC6, 0x2C, 0xB8, | |
393 | 0x15, 0x27, 0x45, 0x42, 0x1F, 0xB7, 0xEB, 0x60, 0xA6, 0x3C, 0x0F, 0xE9, | |
394 | 0x15, 0x9F, 0xCC, 0xE7, 0x26, 0xCE, 0x7C, 0xD8, 0x52, 0x3D, 0x74, 0x50, | |
395 | 0x66, 0x7E, 0xF8, 0x40, 0xE4, 0x91, 0x91, 0x21, 0xEB, 0x5F, 0x01, 0xC8, | |
396 | 0xC9, 0xB0, 0xD3, 0xD6, 0x48, 0xA9, 0x3B, 0xFB, 0x75, 0x68, 0x9E, 0x82, | |
397 | 0x44, 0xAC, 0x13, 0x4A, 0xF5, 0x44, 0x71, 0x1C, 0xE7, 0x9A, 0x02, 0xDC, | |
398 | 0xC3, 0x42, 0x26, 0x68, 0x47, 0x80, 0xDD, 0xDC, 0xB4, 0x98, 0x59, 0x41, | |
399 | 0x06, 0xC3, 0x7F, 0x5B, 0xC7, 0x98, 0x56, 0x48, 0x7A, 0xF5, 0xAB, 0x02, | |
400 | 0x2A, 0x2E, 0x5E, 0x42, 0xF0, 0x98, 0x97, 0xC1, 0xA8, 0x5A, 0x11, 0xEA, | |
401 | 0x02, 0x12, 0xAF, 0x04, 0xD9, 0xB4, 0xCE, 0xBC, 0x93, 0x7C, 0x3C, 0x1A, | |
402 | 0x3E, 0x15, 0xA8, 0xA0, 0x34, 0x2E, 0x33, 0x76, 0x15, 0xC8, 0x4E, 0x7F, | |
403 | 0xE3, 0xB8, 0xB9, 0xB8, 0x7F, 0xB1, 0xE7, 0x3A, 0x15, 0xAF, 0x12, 0xA3, | |
404 | 0x0D, 0x74, 0x6E, 0x06, 0xDF, 0xC3, 0x4F, 0x29, 0x0D, 0x79, 0x7C, 0xE5, | |
405 | 0x1A, 0xA1, 0x3A, 0xA7, 0x85, 0xBF, 0x66, 0x58, 0xAF, 0xF5, 0xE4, 0xB0, | |
406 | 0x93, 0x00, 0x3C, 0xBE, 0xAF, 0x66, 0x5B, 0x3C, 0x2E, 0x11, 0x3A, 0x3A, | |
407 | 0x4E, 0x90, 0x52, 0x69, 0x34, 0x1D, 0xC0, 0x71, 0x14, 0x26, 0x68, 0x5F, | |
408 | 0x4E, 0xF3, 0x7E, 0x86, 0x8A, 0x81, 0x26, 0xFF, 0x3F, 0x22, 0x79, 0xB5, | |
409 | 0x7C, 0xA6, 0x7E, 0x29 | |
20bee968 | 410 | }; |
0f113f3e | 411 | |
20bee968 | 412 | static const unsigned char dhtest_2048_256_xB[] = { |
0f113f3e MC |
413 | 0x7D, 0x62, 0xA7, 0xE3, 0xEF, 0x36, 0xDE, 0x61, 0x7B, 0x13, 0xD1, 0xAF, |
414 | 0xB8, 0x2C, 0x78, 0x0D, 0x83, 0xA2, 0x3B, 0xD4, 0xEE, 0x67, 0x05, 0x64, | |
415 | 0x51, 0x21, 0xF3, 0x71, 0xF5, 0x46, 0xA5, 0x3D | |
20bee968 | 416 | }; |
0f113f3e | 417 | |
20bee968 | 418 | static const unsigned char dhtest_2048_256_yB[] = { |
0f113f3e MC |
419 | 0x57, 0x5F, 0x03, 0x51, 0xBD, 0x2B, 0x1B, 0x81, 0x74, 0x48, 0xBD, 0xF8, |
420 | 0x7A, 0x6C, 0x36, 0x2C, 0x1E, 0x28, 0x9D, 0x39, 0x03, 0xA3, 0x0B, 0x98, | |
421 | 0x32, 0xC5, 0x74, 0x1F, 0xA2, 0x50, 0x36, 0x3E, 0x7A, 0xCB, 0xC7, 0xF7, | |
422 | 0x7F, 0x3D, 0xAC, 0xBC, 0x1F, 0x13, 0x1A, 0xDD, 0x8E, 0x03, 0x36, 0x7E, | |
423 | 0xFF, 0x8F, 0xBB, 0xB3, 0xE1, 0xC5, 0x78, 0x44, 0x24, 0x80, 0x9B, 0x25, | |
424 | 0xAF, 0xE4, 0xD2, 0x26, 0x2A, 0x1A, 0x6F, 0xD2, 0xFA, 0xB6, 0x41, 0x05, | |
425 | 0xCA, 0x30, 0xA6, 0x74, 0xE0, 0x7F, 0x78, 0x09, 0x85, 0x20, 0x88, 0x63, | |
426 | 0x2F, 0xC0, 0x49, 0x23, 0x37, 0x91, 0xAD, 0x4E, 0xDD, 0x08, 0x3A, 0x97, | |
427 | 0x8B, 0x88, 0x3E, 0xE6, 0x18, 0xBC, 0x5E, 0x0D, 0xD0, 0x47, 0x41, 0x5F, | |
428 | 0x2D, 0x95, 0xE6, 0x83, 0xCF, 0x14, 0x82, 0x6B, 0x5F, 0xBE, 0x10, 0xD3, | |
429 | 0xCE, 0x41, 0xC6, 0xC1, 0x20, 0xC7, 0x8A, 0xB2, 0x00, 0x08, 0xC6, 0x98, | |
430 | 0xBF, 0x7F, 0x0B, 0xCA, 0xB9, 0xD7, 0xF4, 0x07, 0xBE, 0xD0, 0xF4, 0x3A, | |
431 | 0xFB, 0x29, 0x70, 0xF5, 0x7F, 0x8D, 0x12, 0x04, 0x39, 0x63, 0xE6, 0x6D, | |
432 | 0xDD, 0x32, 0x0D, 0x59, 0x9A, 0xD9, 0x93, 0x6C, 0x8F, 0x44, 0x13, 0x7C, | |
433 | 0x08, 0xB1, 0x80, 0xEC, 0x5E, 0x98, 0x5C, 0xEB, 0xE1, 0x86, 0xF3, 0xD5, | |
434 | 0x49, 0x67, 0x7E, 0x80, 0x60, 0x73, 0x31, 0xEE, 0x17, 0xAF, 0x33, 0x80, | |
435 | 0xA7, 0x25, 0xB0, 0x78, 0x23, 0x17, 0xD7, 0xDD, 0x43, 0xF5, 0x9D, 0x7A, | |
436 | 0xF9, 0x56, 0x8A, 0x9B, 0xB6, 0x3A, 0x84, 0xD3, 0x65, 0xF9, 0x22, 0x44, | |
437 | 0xED, 0x12, 0x09, 0x88, 0x21, 0x93, 0x02, 0xF4, 0x29, 0x24, 0xC7, 0xCA, | |
438 | 0x90, 0xB8, 0x9D, 0x24, 0xF7, 0x1B, 0x0A, 0xB6, 0x97, 0x82, 0x3D, 0x7D, | |
439 | 0xEB, 0x1A, 0xFF, 0x5B, 0x0E, 0x8E, 0x4A, 0x45, 0xD4, 0x9F, 0x7F, 0x53, | |
440 | 0x75, 0x7E, 0x19, 0x13 | |
20bee968 | 441 | }; |
0f113f3e | 442 | |
20bee968 | 443 | static const unsigned char dhtest_2048_256_Z[] = { |
0f113f3e MC |
444 | 0x86, 0xC7, 0x0B, 0xF8, 0xD0, 0xBB, 0x81, 0xBB, 0x01, 0x07, 0x8A, 0x17, |
445 | 0x21, 0x9C, 0xB7, 0xD2, 0x72, 0x03, 0xDB, 0x2A, 0x19, 0xC8, 0x77, 0xF1, | |
446 | 0xD1, 0xF1, 0x9F, 0xD7, 0xD7, 0x7E, 0xF2, 0x25, 0x46, 0xA6, 0x8F, 0x00, | |
447 | 0x5A, 0xD5, 0x2D, 0xC8, 0x45, 0x53, 0xB7, 0x8F, 0xC6, 0x03, 0x30, 0xBE, | |
448 | 0x51, 0xEA, 0x7C, 0x06, 0x72, 0xCA, 0xC1, 0x51, 0x5E, 0x4B, 0x35, 0xC0, | |
449 | 0x47, 0xB9, 0xA5, 0x51, 0xB8, 0x8F, 0x39, 0xDC, 0x26, 0xDA, 0x14, 0xA0, | |
450 | 0x9E, 0xF7, 0x47, 0x74, 0xD4, 0x7C, 0x76, 0x2D, 0xD1, 0x77, 0xF9, 0xED, | |
451 | 0x5B, 0xC2, 0xF1, 0x1E, 0x52, 0xC8, 0x79, 0xBD, 0x95, 0x09, 0x85, 0x04, | |
452 | 0xCD, 0x9E, 0xEC, 0xD8, 0xA8, 0xF9, 0xB3, 0xEF, 0xBD, 0x1F, 0x00, 0x8A, | |
453 | 0xC5, 0x85, 0x30, 0x97, 0xD9, 0xD1, 0x83, 0x7F, 0x2B, 0x18, 0xF7, 0x7C, | |
454 | 0xD7, 0xBE, 0x01, 0xAF, 0x80, 0xA7, 0xC7, 0xB5, 0xEA, 0x3C, 0xA5, 0x4C, | |
455 | 0xC0, 0x2D, 0x0C, 0x11, 0x6F, 0xEE, 0x3F, 0x95, 0xBB, 0x87, 0x39, 0x93, | |
456 | 0x85, 0x87, 0x5D, 0x7E, 0x86, 0x74, 0x7E, 0x67, 0x6E, 0x72, 0x89, 0x38, | |
457 | 0xAC, 0xBF, 0xF7, 0x09, 0x8E, 0x05, 0xBE, 0x4D, 0xCF, 0xB2, 0x40, 0x52, | |
458 | 0xB8, 0x3A, 0xEF, 0xFB, 0x14, 0x78, 0x3F, 0x02, 0x9A, 0xDB, 0xDE, 0x7F, | |
459 | 0x53, 0xFA, 0xE9, 0x20, 0x84, 0x22, 0x40, 0x90, 0xE0, 0x07, 0xCE, 0xE9, | |
460 | 0x4D, 0x4B, 0xF2, 0xBA, 0xCE, 0x9F, 0xFD, 0x4B, 0x57, 0xD2, 0xAF, 0x7C, | |
461 | 0x72, 0x4D, 0x0C, 0xAA, 0x19, 0xBF, 0x05, 0x01, 0xF6, 0xF1, 0x7B, 0x4A, | |
462 | 0xA1, 0x0F, 0x42, 0x5E, 0x3E, 0xA7, 0x60, 0x80, 0xB4, 0xB9, 0xD6, 0xB3, | |
463 | 0xCE, 0xFE, 0xA1, 0x15, 0xB2, 0xCE, 0xB8, 0x78, 0x9B, 0xB8, 0xA3, 0xB0, | |
464 | 0xEA, 0x87, 0xFE, 0xBE, 0x63, 0xB6, 0xC8, 0xF8, 0x46, 0xEC, 0x6D, 0xB0, | |
465 | 0xC2, 0x6C, 0x5D, 0x7C | |
20bee968 DSH |
466 | }; |
467 | ||
e729aac1 MC |
468 | static const unsigned char dhtest_rfc5114_2048_224_bad_y[] = { |
469 | 0x45, 0x32, 0x5F, 0x51, 0x07, 0xE5, 0xDF, 0x1C, 0xD6, 0x02, 0x82, 0xB3, | |
470 | 0x32, 0x8F, 0xA4, 0x0F, 0x87, 0xB8, 0x41, 0xFE, 0xB9, 0x35, 0xDE, 0xAD, | |
471 | 0xC6, 0x26, 0x85, 0xB4, 0xFF, 0x94, 0x8C, 0x12, 0x4C, 0xBF, 0x5B, 0x20, | |
472 | 0xC4, 0x46, 0xA3, 0x26, 0xEB, 0xA4, 0x25, 0xB7, 0x68, 0x8E, 0xCC, 0x67, | |
473 | 0xBA, 0xEA, 0x58, 0xD0, 0xF2, 0xE9, 0xD2, 0x24, 0x72, 0x60, 0xDA, 0x88, | |
474 | 0x18, 0x9C, 0xE0, 0x31, 0x6A, 0xAD, 0x50, 0x6D, 0x94, 0x35, 0x8B, 0x83, | |
475 | 0x4A, 0x6E, 0xFA, 0x48, 0x73, 0x0F, 0x83, 0x87, 0xFF, 0x6B, 0x66, 0x1F, | |
476 | 0xA8, 0x82, 0xC6, 0x01, 0xE5, 0x80, 0xB5, 0xB0, 0x52, 0xD0, 0xE9, 0xD8, | |
477 | 0x72, 0xF9, 0x7D, 0x5B, 0x8B, 0xA5, 0x4C, 0xA5, 0x25, 0x95, 0x74, 0xE2, | |
478 | 0x7A, 0x61, 0x4E, 0xA7, 0x8F, 0x12, 0xE2, 0xD2, 0x9D, 0x8C, 0x02, 0x70, | |
479 | 0x34, 0x44, 0x32, 0xC7, 0xB2, 0xF3, 0xB9, 0xFE, 0x17, 0x2B, 0xD6, 0x1F, | |
480 | 0x8B, 0x7E, 0x4A, 0xFA, 0xA3, 0xB5, 0x3E, 0x7A, 0x81, 0x9A, 0x33, 0x66, | |
481 | 0x62, 0xA4, 0x50, 0x18, 0x3E, 0xA2, 0x5F, 0x00, 0x07, 0xD8, 0x9B, 0x22, | |
482 | 0xE4, 0xEC, 0x84, 0xD5, 0xEB, 0x5A, 0xF3, 0x2A, 0x31, 0x23, 0xD8, 0x44, | |
483 | 0x22, 0x2A, 0x8B, 0x37, 0x44, 0xCC, 0xC6, 0x87, 0x4B, 0xBE, 0x50, 0x9D, | |
484 | 0x4A, 0xC4, 0x8E, 0x45, 0xCF, 0x72, 0x4D, 0xC0, 0x89, 0xB3, 0x72, 0xED, | |
485 | 0x33, 0x2C, 0xBC, 0x7F, 0x16, 0x39, 0x3B, 0xEB, 0xD2, 0xDD, 0xA8, 0x01, | |
486 | 0x73, 0x84, 0x62, 0xB9, 0x29, 0xD2, 0xC9, 0x51, 0x32, 0x9E, 0x7A, 0x6A, | |
487 | 0xCF, 0xC1, 0x0A, 0xDB, 0x0E, 0xE0, 0x62, 0x77, 0x6F, 0x59, 0x62, 0x72, | |
488 | 0x5A, 0x69, 0xA6, 0x5B, 0x70, 0xCA, 0x65, 0xC4, 0x95, 0x6F, 0x9A, 0xC2, | |
489 | 0xDF, 0x72, 0x6D, 0xB1, 0x1E, 0x54, 0x7B, 0x51, 0xB4, 0xEF, 0x7F, 0x89, | |
490 | 0x93, 0x74, 0x89, 0x59 | |
491 | }; | |
492 | ||
0f113f3e MC |
493 | typedef struct { |
494 | DH *(*get_param) (void); | |
495 | const unsigned char *xA; | |
496 | size_t xA_len; | |
497 | const unsigned char *yA; | |
498 | size_t yA_len; | |
499 | const unsigned char *xB; | |
500 | size_t xB_len; | |
501 | const unsigned char *yB; | |
502 | size_t yB_len; | |
503 | const unsigned char *Z; | |
504 | size_t Z_len; | |
505 | } rfc5114_td; | |
506 | ||
507 | # define make_rfc5114_td(pre) { \ | |
508 | DH_get_##pre, \ | |
509 | dhtest_##pre##_xA, sizeof(dhtest_##pre##_xA), \ | |
510 | dhtest_##pre##_yA, sizeof(dhtest_##pre##_yA), \ | |
511 | dhtest_##pre##_xB, sizeof(dhtest_##pre##_xB), \ | |
512 | dhtest_##pre##_yB, sizeof(dhtest_##pre##_yB), \ | |
513 | dhtest_##pre##_Z, sizeof(dhtest_##pre##_Z) \ | |
514 | } | |
20bee968 DSH |
515 | |
516 | static const rfc5114_td rfctd[] = { | |
0f113f3e MC |
517 | make_rfc5114_td(1024_160), |
518 | make_rfc5114_td(2048_224), | |
519 | make_rfc5114_td(2048_256) | |
20bee968 DSH |
520 | }; |
521 | ||
522 | static int run_rfc5114_tests(void) | |
0f113f3e MC |
523 | { |
524 | int i; | |
f562aeda HZ |
525 | DH *dhA = NULL; |
526 | DH *dhB = NULL; | |
527 | unsigned char *Z1 = NULL; | |
528 | unsigned char *Z2 = NULL; | |
529 | const rfc5114_td *td = NULL; | |
0aeddcfa | 530 | BIGNUM *bady = NULL, *priv_key = NULL, *pub_key = NULL; |
f562aeda | 531 | |
bdcb1a2c | 532 | for (i = 0; i < (int)OSSL_NELEM(rfctd); i++) { |
f562aeda | 533 | td = rfctd + i; |
0f113f3e MC |
534 | /* Set up DH structures setting key components */ |
535 | dhA = td->get_param(); | |
536 | dhB = td->get_param(); | |
f562aeda | 537 | if ((dhA == NULL) || (dhB == NULL)) |
0f113f3e MC |
538 | goto bad_err; |
539 | ||
0aeddcfa MC |
540 | priv_key = BN_bin2bn(td->xA, td->xA_len, NULL); |
541 | pub_key = BN_bin2bn(td->yA, td->yA_len, NULL); | |
542 | if (priv_key == NULL || pub_key == NULL | |
543 | || !DH_set0_key(dhA, pub_key, priv_key)) | |
544 | goto bad_err; | |
0f113f3e | 545 | |
0aeddcfa MC |
546 | priv_key = BN_bin2bn(td->xB, td->xB_len, NULL); |
547 | pub_key = BN_bin2bn(td->yB, td->yB_len, NULL); | |
0f113f3e | 548 | |
0aeddcfa MC |
549 | if (priv_key == NULL || pub_key == NULL |
550 | || !DH_set0_key(dhB, pub_key, priv_key)) | |
0f113f3e | 551 | goto bad_err; |
0aeddcfa | 552 | priv_key = pub_key = NULL; |
0f113f3e MC |
553 | |
554 | if ((td->Z_len != (size_t)DH_size(dhA)) | |
555 | || (td->Z_len != (size_t)DH_size(dhB))) | |
556 | goto err; | |
557 | ||
558 | Z1 = OPENSSL_malloc(DH_size(dhA)); | |
559 | Z2 = OPENSSL_malloc(DH_size(dhB)); | |
f562aeda HZ |
560 | if ((Z1 == NULL) || (Z2 == NULL)) |
561 | goto bad_err; | |
0f113f3e MC |
562 | /* |
563 | * Work out shared secrets using both sides and compare with expected | |
564 | * values. | |
565 | */ | |
0aeddcfa MC |
566 | DH_get0_key(dhB, &pub_key, NULL); |
567 | if (DH_compute_key(Z1, pub_key, dhA) == -1) { | |
568 | pub_key = NULL; | |
0f113f3e | 569 | goto bad_err; |
0aeddcfa MC |
570 | } |
571 | DH_get0_key(dhA, &pub_key, NULL); | |
572 | if (DH_compute_key(Z2, pub_key, dhB) == -1) { | |
573 | pub_key = NULL; | |
0f113f3e | 574 | goto bad_err; |
0aeddcfa MC |
575 | } |
576 | pub_key = NULL; | |
0f113f3e MC |
577 | |
578 | if (memcmp(Z1, td->Z, td->Z_len)) | |
579 | goto err; | |
580 | if (memcmp(Z2, td->Z, td->Z_len)) | |
581 | goto err; | |
582 | ||
583 | printf("RFC5114 parameter test %d OK\n", i + 1); | |
584 | ||
585 | DH_free(dhA); | |
586 | DH_free(dhB); | |
587 | OPENSSL_free(Z1); | |
588 | OPENSSL_free(Z2); | |
e729aac1 MC |
589 | dhA = NULL; |
590 | dhB = NULL; | |
591 | Z1 = NULL; | |
592 | Z2 = NULL; | |
593 | } | |
0f113f3e | 594 | |
e729aac1 MC |
595 | /* Now i == OSSL_NELEM(rfctd) */ |
596 | /* RFC5114 uses unsafe primes, so now test an invalid y value */ | |
597 | dhA = DH_get_2048_224(); | |
598 | if (dhA == NULL) | |
599 | goto bad_err; | |
600 | Z1 = OPENSSL_malloc(DH_size(dhA)); | |
601 | if (Z1 == NULL) | |
602 | goto bad_err; | |
603 | ||
604 | bady = BN_bin2bn(dhtest_rfc5114_2048_224_bad_y, | |
605 | sizeof(dhtest_rfc5114_2048_224_bad_y), NULL); | |
606 | if (bady == NULL) | |
607 | goto bad_err; | |
608 | ||
609 | if (!DH_generate_key(dhA)) | |
610 | goto bad_err; | |
611 | ||
612 | if (DH_compute_key(Z1, bady, dhA) != -1) { | |
613 | /* | |
614 | * DH_compute_key should fail with -1. If we get here we unexpectedly | |
615 | * allowed an invalid y value | |
616 | */ | |
617 | goto err; | |
0f113f3e | 618 | } |
e729aac1 MC |
619 | /* We'll have a stale error on the queue from the above test so clear it */ |
620 | ERR_clear_error(); | |
621 | ||
622 | printf("RFC5114 parameter test %d OK\n", i + 1); | |
623 | ||
624 | BN_free(bady); | |
625 | DH_free(dhA); | |
626 | OPENSSL_free(Z1); | |
627 | ||
0f113f3e MC |
628 | return 1; |
629 | bad_err: | |
e729aac1 | 630 | BN_free(bady); |
f562aeda HZ |
631 | DH_free(dhA); |
632 | DH_free(dhB); | |
0aeddcfa MC |
633 | BN_free(pub_key); |
634 | BN_free(priv_key); | |
f562aeda HZ |
635 | OPENSSL_free(Z1); |
636 | OPENSSL_free(Z2); | |
637 | ||
8483a003 | 638 | fprintf(stderr, "Initialisation error RFC5114 set %d\n", i + 1); |
0f113f3e MC |
639 | ERR_print_errors_fp(stderr); |
640 | return 0; | |
641 | err: | |
e729aac1 | 642 | BN_free(bady); |
f562aeda HZ |
643 | DH_free(dhA); |
644 | DH_free(dhB); | |
645 | OPENSSL_free(Z1); | |
646 | OPENSSL_free(Z2); | |
647 | ||
0f113f3e MC |
648 | fprintf(stderr, "Test failed RFC5114 set %d\n", i + 1); |
649 | return 0; | |
650 | } | |
20bee968 | 651 | |
f5d7a031 | 652 | #endif |