]>
Commit | Line | Data |
---|---|---|
d02b48c6 | 1 | /* crypto/dh/dhtest.c */ |
58964a49 | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
d02b48c6 RE |
3 | * All rights reserved. |
4 | * | |
5 | * This package is an SSL implementation written | |
6 | * by Eric Young (eay@cryptsoft.com). | |
7 | * The implementation was written so as to conform with Netscapes SSL. | |
8 | * | |
9 | * This library is free for commercial and non-commercial use as long as | |
10 | * the following conditions are aheared to. The following conditions | |
11 | * apply to all code found in this distribution, be it the RC4, RSA, | |
12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | |
13 | * included with this distribution is covered by the same copyright terms | |
14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | |
15 | * | |
16 | * Copyright remains Eric Young's, and as such any Copyright notices in | |
17 | * the code are not to be removed. | |
18 | * If this package is used in a product, Eric Young should be given attribution | |
19 | * as the author of the parts of the library used. | |
20 | * This can be in the form of a textual message at program startup or | |
21 | * in documentation (online or textual) provided with the package. | |
22 | * | |
23 | * Redistribution and use in source and binary forms, with or without | |
24 | * modification, are permitted provided that the following conditions | |
25 | * are met: | |
26 | * 1. Redistributions of source code must retain the copyright | |
27 | * notice, this list of conditions and the following disclaimer. | |
28 | * 2. Redistributions in binary form must reproduce the above copyright | |
29 | * notice, this list of conditions and the following disclaimer in the | |
30 | * documentation and/or other materials provided with the distribution. | |
31 | * 3. All advertising materials mentioning features or use of this software | |
32 | * must display the following acknowledgement: | |
33 | * "This product includes cryptographic software written by | |
34 | * Eric Young (eay@cryptsoft.com)" | |
35 | * The word 'cryptographic' can be left out if the rouines from the library | |
36 | * being used are not cryptographic related :-). | |
37 | * 4. If you include any Windows specific code (or a derivative thereof) from | |
38 | * the apps directory (application code) you must include an acknowledgement: | |
39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | |
40 | * | |
41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | |
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
51 | * SUCH DAMAGE. | |
52 | * | |
53 | * The licence and distribution terms for any publically available version or | |
54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | |
55 | * copied and put under another distribution licence | |
56 | * [including the GNU Public Licence.] | |
57 | */ | |
58 | ||
e9224c71 GT |
59 | /* Until the key-gen callbacks are modified to use newer prototypes, we allow |
60 | * deprecated functions for openssl-internal code */ | |
61 | #ifdef OPENSSL_NO_DEPRECATED | |
62 | #undef OPENSSL_NO_DEPRECATED | |
63 | #endif | |
64 | ||
d02b48c6 RE |
65 | #include <stdio.h> |
66 | #include <stdlib.h> | |
67 | #include <string.h> | |
55f78baf RL |
68 | |
69 | #include "../e_os.h" | |
70 | ||
ec577822 BM |
71 | #include <openssl/crypto.h> |
72 | #include <openssl/bio.h> | |
73 | #include <openssl/bn.h> | |
b0bb2b91 | 74 | #include <openssl/rand.h> |
cb78486d | 75 | #include <openssl/err.h> |
f5d7a031 | 76 | |
cf1b7d96 | 77 | #ifdef OPENSSL_NO_DH |
f5d7a031 UM |
78 | int main(int argc, char *argv[]) |
79 | { | |
80 | printf("No DH support\n"); | |
81 | return(0); | |
82 | } | |
83 | #else | |
ec577822 | 84 | #include <openssl/dh.h> |
d02b48c6 | 85 | |
bc36ee62 | 86 | #ifdef OPENSSL_SYS_WIN16 |
d02b48c6 RE |
87 | #define MS_CALLBACK _far _loadds |
88 | #else | |
89 | #define MS_CALLBACK | |
90 | #endif | |
91 | ||
2aaec9cc | 92 | static int MS_CALLBACK cb(int p, int n, BN_GENCB *arg); |
d02b48c6 | 93 | |
7d388202 BM |
94 | static const char rnd_seed[] = "string to make the random number generator think it has entropy"; |
95 | ||
20bee968 DSH |
96 | static int run_rfc5114_tests(void); |
97 | ||
6b691a5c | 98 | int main(int argc, char *argv[]) |
d02b48c6 | 99 | { |
2aaec9cc | 100 | BN_GENCB _cb; |
95fdc5ee BL |
101 | DH *a; |
102 | DH *b=NULL; | |
d02b48c6 RE |
103 | char buf[12]; |
104 | unsigned char *abuf=NULL,*bbuf=NULL; | |
105 | int i,alen,blen,aout,bout,ret=1; | |
79875776 | 106 | BIO *out; |
d02b48c6 | 107 | |
cb78486d GT |
108 | CRYPTO_malloc_debug_init(); |
109 | CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL); | |
110 | CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); | |
111 | ||
bc36ee62 | 112 | #ifdef OPENSSL_SYS_WIN32 |
d02b48c6 RE |
113 | CRYPTO_malloc_init(); |
114 | #endif | |
115 | ||
7d388202 BM |
116 | RAND_seed(rnd_seed, sizeof rnd_seed); |
117 | ||
d02b48c6 | 118 | out=BIO_new(BIO_s_file()); |
55f78baf | 119 | if (out == NULL) EXIT(1); |
d02b48c6 RE |
120 | BIO_set_fp(out,stdout,BIO_NOCLOSE); |
121 | ||
2aaec9cc GT |
122 | BN_GENCB_set(&_cb, &cb, out); |
123 | if(((a = DH_new()) == NULL) || !DH_generate_parameters_ex(a, 64, | |
124 | DH_GENERATOR_5, &_cb)) | |
125 | goto err; | |
d02b48c6 | 126 | |
82652aaf BM |
127 | if (!DH_check(a, &i)) goto err; |
128 | if (i & DH_CHECK_P_NOT_PRIME) | |
129 | BIO_puts(out, "p value is not prime\n"); | |
130 | if (i & DH_CHECK_P_NOT_SAFE_PRIME) | |
131 | BIO_puts(out, "p value is not a safe prime\n"); | |
132 | if (i & DH_UNABLE_TO_CHECK_GENERATOR) | |
133 | BIO_puts(out, "unable to check the generator value\n"); | |
134 | if (i & DH_NOT_SUITABLE_GENERATOR) | |
135 | BIO_puts(out, "the g value is not a generator\n"); | |
136 | ||
d02b48c6 RE |
137 | BIO_puts(out,"\np ="); |
138 | BN_print(out,a->p); | |
139 | BIO_puts(out,"\ng ="); | |
140 | BN_print(out,a->g); | |
141 | BIO_puts(out,"\n"); | |
142 | ||
143 | b=DH_new(); | |
144 | if (b == NULL) goto err; | |
145 | ||
146 | b->p=BN_dup(a->p); | |
147 | b->g=BN_dup(a->g); | |
148 | if ((b->p == NULL) || (b->g == NULL)) goto err; | |
149 | ||
46a64376 BM |
150 | /* Set a to run with normal modexp and b to use constant time */ |
151 | a->flags &= ~DH_FLAG_NO_EXP_CONSTTIME; | |
152 | b->flags |= DH_FLAG_NO_EXP_CONSTTIME; | |
153 | ||
d02b48c6 RE |
154 | if (!DH_generate_key(a)) goto err; |
155 | BIO_puts(out,"pri 1="); | |
156 | BN_print(out,a->priv_key); | |
157 | BIO_puts(out,"\npub 1="); | |
158 | BN_print(out,a->pub_key); | |
159 | BIO_puts(out,"\n"); | |
160 | ||
161 | if (!DH_generate_key(b)) goto err; | |
162 | BIO_puts(out,"pri 2="); | |
163 | BN_print(out,b->priv_key); | |
164 | BIO_puts(out,"\npub 2="); | |
165 | BN_print(out,b->pub_key); | |
166 | BIO_puts(out,"\n"); | |
167 | ||
168 | alen=DH_size(a); | |
26a3a48d | 169 | abuf=(unsigned char *)OPENSSL_malloc(alen); |
d02b48c6 RE |
170 | aout=DH_compute_key(abuf,b->pub_key,a); |
171 | ||
172 | BIO_puts(out,"key1 ="); | |
173 | for (i=0; i<aout; i++) | |
174 | { | |
175 | sprintf(buf,"%02X",abuf[i]); | |
176 | BIO_puts(out,buf); | |
177 | } | |
178 | BIO_puts(out,"\n"); | |
179 | ||
180 | blen=DH_size(b); | |
26a3a48d | 181 | bbuf=(unsigned char *)OPENSSL_malloc(blen); |
d02b48c6 RE |
182 | bout=DH_compute_key(bbuf,a->pub_key,b); |
183 | ||
184 | BIO_puts(out,"key2 ="); | |
185 | for (i=0; i<bout; i++) | |
186 | { | |
187 | sprintf(buf,"%02X",bbuf[i]); | |
188 | BIO_puts(out,buf); | |
189 | } | |
190 | BIO_puts(out,"\n"); | |
191 | if ((aout < 4) || (bout != aout) || (memcmp(abuf,bbuf,aout) != 0)) | |
192 | { | |
193 | fprintf(stderr,"Error in DH routines\n"); | |
194 | ret=1; | |
195 | } | |
196 | else | |
197 | ret=0; | |
20bee968 DSH |
198 | if (!run_rfc5114_tests()) |
199 | ret = 1; | |
d02b48c6 | 200 | err: |
82652aaf BM |
201 | ERR_print_errors_fp(stderr); |
202 | ||
26a3a48d RL |
203 | if (abuf != NULL) OPENSSL_free(abuf); |
204 | if (bbuf != NULL) OPENSSL_free(bbuf); | |
79875776 BM |
205 | if(b != NULL) DH_free(b); |
206 | if(a != NULL) DH_free(a); | |
207 | BIO_free(out); | |
4d8743f4 RL |
208 | #ifdef OPENSSL_SYS_NETWARE |
209 | if (ret) printf("ERROR: %d\n", ret); | |
210 | #endif | |
55f78baf | 211 | EXIT(ret); |
d02b48c6 RE |
212 | return(ret); |
213 | } | |
214 | ||
2aaec9cc | 215 | static int MS_CALLBACK cb(int p, int n, BN_GENCB *arg) |
d02b48c6 RE |
216 | { |
217 | char c='*'; | |
218 | ||
219 | if (p == 0) c='.'; | |
220 | if (p == 1) c='+'; | |
221 | if (p == 2) c='*'; | |
222 | if (p == 3) c='\n'; | |
2aaec9cc GT |
223 | BIO_write(arg->arg,&c,1); |
224 | (void)BIO_flush(arg->arg); | |
d02b48c6 RE |
225 | #ifdef LINT |
226 | p=n; | |
227 | #endif | |
2aaec9cc | 228 | return 1; |
d02b48c6 | 229 | } |
20bee968 DSH |
230 | |
231 | /* Test data from RFC 5114 */ | |
232 | ||
233 | static const unsigned char dhtest_1024_160_xA[] = { | |
234 | 0xB9,0xA3,0xB3,0xAE,0x8F,0xEF,0xC1,0xA2,0x93,0x04,0x96,0x50, | |
235 | 0x70,0x86,0xF8,0x45,0x5D,0x48,0x94,0x3E | |
236 | }; | |
237 | static const unsigned char dhtest_1024_160_yA[] = { | |
238 | 0x2A,0x85,0x3B,0x3D,0x92,0x19,0x75,0x01,0xB9,0x01,0x5B,0x2D, | |
239 | 0xEB,0x3E,0xD8,0x4F,0x5E,0x02,0x1D,0xCC,0x3E,0x52,0xF1,0x09, | |
240 | 0xD3,0x27,0x3D,0x2B,0x75,0x21,0x28,0x1C,0xBA,0xBE,0x0E,0x76, | |
241 | 0xFF,0x57,0x27,0xFA,0x8A,0xCC,0xE2,0x69,0x56,0xBA,0x9A,0x1F, | |
242 | 0xCA,0x26,0xF2,0x02,0x28,0xD8,0x69,0x3F,0xEB,0x10,0x84,0x1D, | |
243 | 0x84,0xA7,0x36,0x00,0x54,0xEC,0xE5,0xA7,0xF5,0xB7,0xA6,0x1A, | |
244 | 0xD3,0xDF,0xB3,0xC6,0x0D,0x2E,0x43,0x10,0x6D,0x87,0x27,0xDA, | |
245 | 0x37,0xDF,0x9C,0xCE,0x95,0xB4,0x78,0x75,0x5D,0x06,0xBC,0xEA, | |
246 | 0x8F,0x9D,0x45,0x96,0x5F,0x75,0xA5,0xF3,0xD1,0xDF,0x37,0x01, | |
247 | 0x16,0x5F,0xC9,0xE5,0x0C,0x42,0x79,0xCE,0xB0,0x7F,0x98,0x95, | |
248 | 0x40,0xAE,0x96,0xD5,0xD8,0x8E,0xD7,0x76 | |
249 | }; | |
250 | static const unsigned char dhtest_1024_160_xB[] = { | |
251 | 0x93,0x92,0xC9,0xF9,0xEB,0x6A,0x7A,0x6A,0x90,0x22,0xF7,0xD8, | |
252 | 0x3E,0x72,0x23,0xC6,0x83,0x5B,0xBD,0xDA | |
253 | }; | |
254 | static const unsigned char dhtest_1024_160_yB[] = { | |
255 | 0x71,0x7A,0x6C,0xB0,0x53,0x37,0x1F,0xF4,0xA3,0xB9,0x32,0x94, | |
256 | 0x1C,0x1E,0x56,0x63,0xF8,0x61,0xA1,0xD6,0xAD,0x34,0xAE,0x66, | |
257 | 0x57,0x6D,0xFB,0x98,0xF6,0xC6,0xCB,0xF9,0xDD,0xD5,0xA5,0x6C, | |
258 | 0x78,0x33,0xF6,0xBC,0xFD,0xFF,0x09,0x55,0x82,0xAD,0x86,0x8E, | |
259 | 0x44,0x0E,0x8D,0x09,0xFD,0x76,0x9E,0x3C,0xEC,0xCD,0xC3,0xD3, | |
260 | 0xB1,0xE4,0xCF,0xA0,0x57,0x77,0x6C,0xAA,0xF9,0x73,0x9B,0x6A, | |
261 | 0x9F,0xEE,0x8E,0x74,0x11,0xF8,0xD6,0xDA,0xC0,0x9D,0x6A,0x4E, | |
262 | 0xDB,0x46,0xCC,0x2B,0x5D,0x52,0x03,0x09,0x0E,0xAE,0x61,0x26, | |
263 | 0x31,0x1E,0x53,0xFD,0x2C,0x14,0xB5,0x74,0xE6,0xA3,0x10,0x9A, | |
264 | 0x3D,0xA1,0xBE,0x41,0xBD,0xCE,0xAA,0x18,0x6F,0x5C,0xE0,0x67, | |
265 | 0x16,0xA2,0xB6,0xA0,0x7B,0x3C,0x33,0xFE | |
266 | }; | |
267 | static const unsigned char dhtest_1024_160_Z[] = { | |
268 | 0x5C,0x80,0x4F,0x45,0x4D,0x30,0xD9,0xC4,0xDF,0x85,0x27,0x1F, | |
269 | 0x93,0x52,0x8C,0x91,0xDF,0x6B,0x48,0xAB,0x5F,0x80,0xB3,0xB5, | |
270 | 0x9C,0xAA,0xC1,0xB2,0x8F,0x8A,0xCB,0xA9,0xCD,0x3E,0x39,0xF3, | |
271 | 0xCB,0x61,0x45,0x25,0xD9,0x52,0x1D,0x2E,0x64,0x4C,0x53,0xB8, | |
272 | 0x07,0xB8,0x10,0xF3,0x40,0x06,0x2F,0x25,0x7D,0x7D,0x6F,0xBF, | |
273 | 0xE8,0xD5,0xE8,0xF0,0x72,0xE9,0xB6,0xE9,0xAF,0xDA,0x94,0x13, | |
274 | 0xEA,0xFB,0x2E,0x8B,0x06,0x99,0xB1,0xFB,0x5A,0x0C,0xAC,0xED, | |
275 | 0xDE,0xAE,0xAD,0x7E,0x9C,0xFB,0xB3,0x6A,0xE2,0xB4,0x20,0x83, | |
276 | 0x5B,0xD8,0x3A,0x19,0xFB,0x0B,0x5E,0x96,0xBF,0x8F,0xA4,0xD0, | |
277 | 0x9E,0x34,0x55,0x25,0x16,0x7E,0xCD,0x91,0x55,0x41,0x6F,0x46, | |
278 | 0xF4,0x08,0xED,0x31,0xB6,0x3C,0x6E,0x6D | |
279 | }; | |
280 | static const unsigned char dhtest_2048_224_xA[] = { | |
281 | 0x22,0xE6,0x26,0x01,0xDB,0xFF,0xD0,0x67,0x08,0xA6,0x80,0xF7, | |
282 | 0x47,0xF3,0x61,0xF7,0x6D,0x8F,0x4F,0x72,0x1A,0x05,0x48,0xE4, | |
283 | 0x83,0x29,0x4B,0x0C | |
284 | }; | |
285 | static const unsigned char dhtest_2048_224_yA[] = { | |
286 | 0x1B,0x3A,0x63,0x45,0x1B,0xD8,0x86,0xE6,0x99,0xE6,0x7B,0x49, | |
287 | 0x4E,0x28,0x8B,0xD7,0xF8,0xE0,0xD3,0x70,0xBA,0xDD,0xA7,0xA0, | |
288 | 0xEF,0xD2,0xFD,0xE7,0xD8,0xF6,0x61,0x45,0xCC,0x9F,0x28,0x04, | |
289 | 0x19,0x97,0x5E,0xB8,0x08,0x87,0x7C,0x8A,0x4C,0x0C,0x8E,0x0B, | |
290 | 0xD4,0x8D,0x4A,0x54,0x01,0xEB,0x1E,0x87,0x76,0xBF,0xEE,0xE1, | |
291 | 0x34,0xC0,0x38,0x31,0xAC,0x27,0x3C,0xD9,0xD6,0x35,0xAB,0x0C, | |
292 | 0xE0,0x06,0xA4,0x2A,0x88,0x7E,0x3F,0x52,0xFB,0x87,0x66,0xB6, | |
293 | 0x50,0xF3,0x80,0x78,0xBC,0x8E,0xE8,0x58,0x0C,0xEF,0xE2,0x43, | |
294 | 0x96,0x8C,0xFC,0x4F,0x8D,0xC3,0xDB,0x08,0x45,0x54,0x17,0x1D, | |
295 | 0x41,0xBF,0x2E,0x86,0x1B,0x7B,0xB4,0xD6,0x9D,0xD0,0xE0,0x1E, | |
296 | 0xA3,0x87,0xCB,0xAA,0x5C,0xA6,0x72,0xAF,0xCB,0xE8,0xBD,0xB9, | |
297 | 0xD6,0x2D,0x4C,0xE1,0x5F,0x17,0xDD,0x36,0xF9,0x1E,0xD1,0xEE, | |
298 | 0xDD,0x65,0xCA,0x4A,0x06,0x45,0x5C,0xB9,0x4C,0xD4,0x0A,0x52, | |
299 | 0xEC,0x36,0x0E,0x84,0xB3,0xC9,0x26,0xE2,0x2C,0x43,0x80,0xA3, | |
300 | 0xBF,0x30,0x9D,0x56,0x84,0x97,0x68,0xB7,0xF5,0x2C,0xFD,0xF6, | |
301 | 0x55,0xFD,0x05,0x3A,0x7E,0xF7,0x06,0x97,0x9E,0x7E,0x58,0x06, | |
302 | 0xB1,0x7D,0xFA,0xE5,0x3A,0xD2,0xA5,0xBC,0x56,0x8E,0xBB,0x52, | |
303 | 0x9A,0x7A,0x61,0xD6,0x8D,0x25,0x6F,0x8F,0xC9,0x7C,0x07,0x4A, | |
304 | 0x86,0x1D,0x82,0x7E,0x2E,0xBC,0x8C,0x61,0x34,0x55,0x31,0x15, | |
305 | 0xB7,0x0E,0x71,0x03,0x92,0x0A,0xA1,0x6D,0x85,0xE5,0x2B,0xCB, | |
306 | 0xAB,0x8D,0x78,0x6A,0x68,0x17,0x8F,0xA8,0xFF,0x7C,0x2F,0x5C, | |
307 | 0x71,0x64,0x8D,0x6F | |
308 | }; | |
309 | static const unsigned char dhtest_2048_224_xB[] = { | |
310 | 0x4F,0xF3,0xBC,0x96,0xC7,0xFC,0x6A,0x6D,0x71,0xD3,0xB3,0x63, | |
311 | 0x80,0x0A,0x7C,0xDF,0xEF,0x6F,0xC4,0x1B,0x44,0x17,0xEA,0x15, | |
312 | 0x35,0x3B,0x75,0x90 | |
313 | }; | |
314 | static const unsigned char dhtest_2048_224_yB[] = { | |
315 | 0x4D,0xCE,0xE9,0x92,0xA9,0x76,0x2A,0x13,0xF2,0xF8,0x38,0x44, | |
316 | 0xAD,0x3D,0x77,0xEE,0x0E,0x31,0xC9,0x71,0x8B,0x3D,0xB6,0xC2, | |
317 | 0x03,0x5D,0x39,0x61,0x18,0x2C,0x3E,0x0B,0xA2,0x47,0xEC,0x41, | |
318 | 0x82,0xD7,0x60,0xCD,0x48,0xD9,0x95,0x99,0x97,0x06,0x22,0xA1, | |
319 | 0x88,0x1B,0xBA,0x2D,0xC8,0x22,0x93,0x9C,0x78,0xC3,0x91,0x2C, | |
320 | 0x66,0x61,0xFA,0x54,0x38,0xB2,0x07,0x66,0x22,0x2B,0x75,0xE2, | |
321 | 0x4C,0x2E,0x3A,0xD0,0xC7,0x28,0x72,0x36,0x12,0x95,0x25,0xEE, | |
322 | 0x15,0xB5,0xDD,0x79,0x98,0xAA,0x04,0xC4,0xA9,0x69,0x6C,0xAC, | |
323 | 0xD7,0x17,0x20,0x83,0xA9,0x7A,0x81,0x66,0x4E,0xAD,0x2C,0x47, | |
324 | 0x9E,0x44,0x4E,0x4C,0x06,0x54,0xCC,0x19,0xE2,0x8D,0x77,0x03, | |
325 | 0xCE,0xE8,0xDA,0xCD,0x61,0x26,0xF5,0xD6,0x65,0xEC,0x52,0xC6, | |
326 | 0x72,0x55,0xDB,0x92,0x01,0x4B,0x03,0x7E,0xB6,0x21,0xA2,0xAC, | |
327 | 0x8E,0x36,0x5D,0xE0,0x71,0xFF,0xC1,0x40,0x0A,0xCF,0x07,0x7A, | |
328 | 0x12,0x91,0x3D,0xD8,0xDE,0x89,0x47,0x34,0x37,0xAB,0x7B,0xA3, | |
329 | 0x46,0x74,0x3C,0x1B,0x21,0x5D,0xD9,0xC1,0x21,0x64,0xA7,0xE4, | |
330 | 0x05,0x31,0x18,0xD1,0x99,0xBE,0xC8,0xEF,0x6F,0xC5,0x61,0x17, | |
331 | 0x0C,0x84,0xC8,0x7D,0x10,0xEE,0x9A,0x67,0x4A,0x1F,0xA8,0xFF, | |
332 | 0xE1,0x3B,0xDF,0xBA,0x1D,0x44,0xDE,0x48,0x94,0x6D,0x68,0xDC, | |
333 | 0x0C,0xDD,0x77,0x76,0x35,0xA7,0xAB,0x5B,0xFB,0x1E,0x4B,0xB7, | |
334 | 0xB8,0x56,0xF9,0x68,0x27,0x73,0x4C,0x18,0x41,0x38,0xE9,0x15, | |
335 | 0xD9,0xC3,0x00,0x2E,0xBC,0xE5,0x31,0x20,0x54,0x6A,0x7E,0x20, | |
336 | 0x02,0x14,0x2B,0x6C | |
337 | }; | |
338 | static const unsigned char dhtest_2048_224_Z[] = { | |
339 | 0x34,0xD9,0xBD,0xDC,0x1B,0x42,0x17,0x6C,0x31,0x3F,0xEA,0x03, | |
340 | 0x4C,0x21,0x03,0x4D,0x07,0x4A,0x63,0x13,0xBB,0x4E,0xCD,0xB3, | |
341 | 0x70,0x3F,0xFF,0x42,0x45,0x67,0xA4,0x6B,0xDF,0x75,0x53,0x0E, | |
342 | 0xDE,0x0A,0x9D,0xA5,0x22,0x9D,0xE7,0xD7,0x67,0x32,0x28,0x6C, | |
343 | 0xBC,0x0F,0x91,0xDA,0x4C,0x3C,0x85,0x2F,0xC0,0x99,0xC6,0x79, | |
344 | 0x53,0x1D,0x94,0xC7,0x8A,0xB0,0x3D,0x9D,0xEC,0xB0,0xA4,0xE4, | |
345 | 0xCA,0x8B,0x2B,0xB4,0x59,0x1C,0x40,0x21,0xCF,0x8C,0xE3,0xA2, | |
346 | 0x0A,0x54,0x1D,0x33,0x99,0x40,0x17,0xD0,0x20,0x0A,0xE2,0xC9, | |
347 | 0x51,0x6E,0x2F,0xF5,0x14,0x57,0x79,0x26,0x9E,0x86,0x2B,0x0F, | |
348 | 0xB4,0x74,0xA2,0xD5,0x6D,0xC3,0x1E,0xD5,0x69,0xA7,0x70,0x0B, | |
349 | 0x4C,0x4A,0xB1,0x6B,0x22,0xA4,0x55,0x13,0x53,0x1E,0xF5,0x23, | |
350 | 0xD7,0x12,0x12,0x07,0x7B,0x5A,0x16,0x9B,0xDE,0xFF,0xAD,0x7A, | |
351 | 0xD9,0x60,0x82,0x84,0xC7,0x79,0x5B,0x6D,0x5A,0x51,0x83,0xB8, | |
352 | 0x70,0x66,0xDE,0x17,0xD8,0xD6,0x71,0xC9,0xEB,0xD8,0xEC,0x89, | |
353 | 0x54,0x4D,0x45,0xEC,0x06,0x15,0x93,0xD4,0x42,0xC6,0x2A,0xB9, | |
354 | 0xCE,0x3B,0x1C,0xB9,0x94,0x3A,0x1D,0x23,0xA5,0xEA,0x3B,0xCF, | |
355 | 0x21,0xA0,0x14,0x71,0xE6,0x7E,0x00,0x3E,0x7F,0x8A,0x69,0xC7, | |
356 | 0x28,0xBE,0x49,0x0B,0x2F,0xC8,0x8C,0xFE,0xB9,0x2D,0xB6,0xA2, | |
357 | 0x15,0xE5,0xD0,0x3C,0x17,0xC4,0x64,0xC9,0xAC,0x1A,0x46,0xE2, | |
358 | 0x03,0xE1,0x3F,0x95,0x29,0x95,0xFB,0x03,0xC6,0x9D,0x3C,0xC4, | |
359 | 0x7F,0xCB,0x51,0x0B,0x69,0x98,0xFF,0xD3,0xAA,0x6D,0xE7,0x3C, | |
360 | 0xF9,0xF6,0x38,0x69 | |
361 | }; | |
362 | static const unsigned char dhtest_2048_256_xA[] = { | |
363 | 0x08,0x81,0x38,0x2C,0xDB,0x87,0x66,0x0C,0x6D,0xC1,0x3E,0x61, | |
364 | 0x49,0x38,0xD5,0xB9,0xC8,0xB2,0xF2,0x48,0x58,0x1C,0xC5,0xE3, | |
365 | 0x1B,0x35,0x45,0x43,0x97,0xFC,0xE5,0x0E | |
366 | }; | |
367 | static const unsigned char dhtest_2048_256_yA[] = { | |
368 | 0x2E,0x93,0x80,0xC8,0x32,0x3A,0xF9,0x75,0x45,0xBC,0x49,0x41, | |
369 | 0xDE,0xB0,0xEC,0x37,0x42,0xC6,0x2F,0xE0,0xEC,0xE8,0x24,0xA6, | |
370 | 0xAB,0xDB,0xE6,0x6C,0x59,0xBE,0xE0,0x24,0x29,0x11,0xBF,0xB9, | |
371 | 0x67,0x23,0x5C,0xEB,0xA3,0x5A,0xE1,0x3E,0x4E,0xC7,0x52,0xBE, | |
372 | 0x63,0x0B,0x92,0xDC,0x4B,0xDE,0x28,0x47,0xA9,0xC6,0x2C,0xB8, | |
373 | 0x15,0x27,0x45,0x42,0x1F,0xB7,0xEB,0x60,0xA6,0x3C,0x0F,0xE9, | |
374 | 0x15,0x9F,0xCC,0xE7,0x26,0xCE,0x7C,0xD8,0x52,0x3D,0x74,0x50, | |
375 | 0x66,0x7E,0xF8,0x40,0xE4,0x91,0x91,0x21,0xEB,0x5F,0x01,0xC8, | |
376 | 0xC9,0xB0,0xD3,0xD6,0x48,0xA9,0x3B,0xFB,0x75,0x68,0x9E,0x82, | |
377 | 0x44,0xAC,0x13,0x4A,0xF5,0x44,0x71,0x1C,0xE7,0x9A,0x02,0xDC, | |
378 | 0xC3,0x42,0x26,0x68,0x47,0x80,0xDD,0xDC,0xB4,0x98,0x59,0x41, | |
379 | 0x06,0xC3,0x7F,0x5B,0xC7,0x98,0x56,0x48,0x7A,0xF5,0xAB,0x02, | |
380 | 0x2A,0x2E,0x5E,0x42,0xF0,0x98,0x97,0xC1,0xA8,0x5A,0x11,0xEA, | |
381 | 0x02,0x12,0xAF,0x04,0xD9,0xB4,0xCE,0xBC,0x93,0x7C,0x3C,0x1A, | |
382 | 0x3E,0x15,0xA8,0xA0,0x34,0x2E,0x33,0x76,0x15,0xC8,0x4E,0x7F, | |
383 | 0xE3,0xB8,0xB9,0xB8,0x7F,0xB1,0xE7,0x3A,0x15,0xAF,0x12,0xA3, | |
384 | 0x0D,0x74,0x6E,0x06,0xDF,0xC3,0x4F,0x29,0x0D,0x79,0x7C,0xE5, | |
385 | 0x1A,0xA1,0x3A,0xA7,0x85,0xBF,0x66,0x58,0xAF,0xF5,0xE4,0xB0, | |
386 | 0x93,0x00,0x3C,0xBE,0xAF,0x66,0x5B,0x3C,0x2E,0x11,0x3A,0x3A, | |
387 | 0x4E,0x90,0x52,0x69,0x34,0x1D,0xC0,0x71,0x14,0x26,0x68,0x5F, | |
388 | 0x4E,0xF3,0x7E,0x86,0x8A,0x81,0x26,0xFF,0x3F,0x22,0x79,0xB5, | |
389 | 0x7C,0xA6,0x7E,0x29 | |
390 | }; | |
391 | static const unsigned char dhtest_2048_256_xB[] = { | |
392 | 0x7D,0x62,0xA7,0xE3,0xEF,0x36,0xDE,0x61,0x7B,0x13,0xD1,0xAF, | |
393 | 0xB8,0x2C,0x78,0x0D,0x83,0xA2,0x3B,0xD4,0xEE,0x67,0x05,0x64, | |
394 | 0x51,0x21,0xF3,0x71,0xF5,0x46,0xA5,0x3D | |
395 | }; | |
396 | static const unsigned char dhtest_2048_256_yB[] = { | |
397 | 0x57,0x5F,0x03,0x51,0xBD,0x2B,0x1B,0x81,0x74,0x48,0xBD,0xF8, | |
398 | 0x7A,0x6C,0x36,0x2C,0x1E,0x28,0x9D,0x39,0x03,0xA3,0x0B,0x98, | |
399 | 0x32,0xC5,0x74,0x1F,0xA2,0x50,0x36,0x3E,0x7A,0xCB,0xC7,0xF7, | |
400 | 0x7F,0x3D,0xAC,0xBC,0x1F,0x13,0x1A,0xDD,0x8E,0x03,0x36,0x7E, | |
401 | 0xFF,0x8F,0xBB,0xB3,0xE1,0xC5,0x78,0x44,0x24,0x80,0x9B,0x25, | |
402 | 0xAF,0xE4,0xD2,0x26,0x2A,0x1A,0x6F,0xD2,0xFA,0xB6,0x41,0x05, | |
403 | 0xCA,0x30,0xA6,0x74,0xE0,0x7F,0x78,0x09,0x85,0x20,0x88,0x63, | |
404 | 0x2F,0xC0,0x49,0x23,0x37,0x91,0xAD,0x4E,0xDD,0x08,0x3A,0x97, | |
405 | 0x8B,0x88,0x3E,0xE6,0x18,0xBC,0x5E,0x0D,0xD0,0x47,0x41,0x5F, | |
406 | 0x2D,0x95,0xE6,0x83,0xCF,0x14,0x82,0x6B,0x5F,0xBE,0x10,0xD3, | |
407 | 0xCE,0x41,0xC6,0xC1,0x20,0xC7,0x8A,0xB2,0x00,0x08,0xC6,0x98, | |
408 | 0xBF,0x7F,0x0B,0xCA,0xB9,0xD7,0xF4,0x07,0xBE,0xD0,0xF4,0x3A, | |
409 | 0xFB,0x29,0x70,0xF5,0x7F,0x8D,0x12,0x04,0x39,0x63,0xE6,0x6D, | |
410 | 0xDD,0x32,0x0D,0x59,0x9A,0xD9,0x93,0x6C,0x8F,0x44,0x13,0x7C, | |
411 | 0x08,0xB1,0x80,0xEC,0x5E,0x98,0x5C,0xEB,0xE1,0x86,0xF3,0xD5, | |
412 | 0x49,0x67,0x7E,0x80,0x60,0x73,0x31,0xEE,0x17,0xAF,0x33,0x80, | |
413 | 0xA7,0x25,0xB0,0x78,0x23,0x17,0xD7,0xDD,0x43,0xF5,0x9D,0x7A, | |
414 | 0xF9,0x56,0x8A,0x9B,0xB6,0x3A,0x84,0xD3,0x65,0xF9,0x22,0x44, | |
415 | 0xED,0x12,0x09,0x88,0x21,0x93,0x02,0xF4,0x29,0x24,0xC7,0xCA, | |
416 | 0x90,0xB8,0x9D,0x24,0xF7,0x1B,0x0A,0xB6,0x97,0x82,0x3D,0x7D, | |
417 | 0xEB,0x1A,0xFF,0x5B,0x0E,0x8E,0x4A,0x45,0xD4,0x9F,0x7F,0x53, | |
418 | 0x75,0x7E,0x19,0x13 | |
419 | }; | |
420 | static const unsigned char dhtest_2048_256_Z[] = { | |
421 | 0x86,0xC7,0x0B,0xF8,0xD0,0xBB,0x81,0xBB,0x01,0x07,0x8A,0x17, | |
422 | 0x21,0x9C,0xB7,0xD2,0x72,0x03,0xDB,0x2A,0x19,0xC8,0x77,0xF1, | |
423 | 0xD1,0xF1,0x9F,0xD7,0xD7,0x7E,0xF2,0x25,0x46,0xA6,0x8F,0x00, | |
424 | 0x5A,0xD5,0x2D,0xC8,0x45,0x53,0xB7,0x8F,0xC6,0x03,0x30,0xBE, | |
425 | 0x51,0xEA,0x7C,0x06,0x72,0xCA,0xC1,0x51,0x5E,0x4B,0x35,0xC0, | |
426 | 0x47,0xB9,0xA5,0x51,0xB8,0x8F,0x39,0xDC,0x26,0xDA,0x14,0xA0, | |
427 | 0x9E,0xF7,0x47,0x74,0xD4,0x7C,0x76,0x2D,0xD1,0x77,0xF9,0xED, | |
428 | 0x5B,0xC2,0xF1,0x1E,0x52,0xC8,0x79,0xBD,0x95,0x09,0x85,0x04, | |
429 | 0xCD,0x9E,0xEC,0xD8,0xA8,0xF9,0xB3,0xEF,0xBD,0x1F,0x00,0x8A, | |
430 | 0xC5,0x85,0x30,0x97,0xD9,0xD1,0x83,0x7F,0x2B,0x18,0xF7,0x7C, | |
431 | 0xD7,0xBE,0x01,0xAF,0x80,0xA7,0xC7,0xB5,0xEA,0x3C,0xA5,0x4C, | |
432 | 0xC0,0x2D,0x0C,0x11,0x6F,0xEE,0x3F,0x95,0xBB,0x87,0x39,0x93, | |
433 | 0x85,0x87,0x5D,0x7E,0x86,0x74,0x7E,0x67,0x6E,0x72,0x89,0x38, | |
434 | 0xAC,0xBF,0xF7,0x09,0x8E,0x05,0xBE,0x4D,0xCF,0xB2,0x40,0x52, | |
435 | 0xB8,0x3A,0xEF,0xFB,0x14,0x78,0x3F,0x02,0x9A,0xDB,0xDE,0x7F, | |
436 | 0x53,0xFA,0xE9,0x20,0x84,0x22,0x40,0x90,0xE0,0x07,0xCE,0xE9, | |
437 | 0x4D,0x4B,0xF2,0xBA,0xCE,0x9F,0xFD,0x4B,0x57,0xD2,0xAF,0x7C, | |
438 | 0x72,0x4D,0x0C,0xAA,0x19,0xBF,0x05,0x01,0xF6,0xF1,0x7B,0x4A, | |
439 | 0xA1,0x0F,0x42,0x5E,0x3E,0xA7,0x60,0x80,0xB4,0xB9,0xD6,0xB3, | |
440 | 0xCE,0xFE,0xA1,0x15,0xB2,0xCE,0xB8,0x78,0x9B,0xB8,0xA3,0xB0, | |
441 | 0xEA,0x87,0xFE,0xBE,0x63,0xB6,0xC8,0xF8,0x46,0xEC,0x6D,0xB0, | |
442 | 0xC2,0x6C,0x5D,0x7C | |
443 | }; | |
444 | ||
445 | typedef struct | |
446 | { | |
447 | DH * (*get_param)(void); | |
448 | const unsigned char *xA; | |
449 | size_t xA_len; | |
450 | const unsigned char *yA; | |
451 | size_t yA_len; | |
452 | const unsigned char *xB; | |
453 | size_t xB_len; | |
454 | const unsigned char *yB; | |
455 | size_t yB_len; | |
456 | const unsigned char *Z; | |
457 | size_t Z_len; | |
458 | } rfc5114_td; | |
459 | ||
460 | #define make_rfc5114_td(pre) { \ | |
461 | DH_get_##pre, \ | |
462 | dhtest_##pre##_xA, sizeof(dhtest_##pre##_xA), \ | |
463 | dhtest_##pre##_yA, sizeof(dhtest_##pre##_yA), \ | |
464 | dhtest_##pre##_xB, sizeof(dhtest_##pre##_xB), \ | |
465 | dhtest_##pre##_yB, sizeof(dhtest_##pre##_yB), \ | |
466 | dhtest_##pre##_Z, sizeof(dhtest_##pre##_Z) \ | |
467 | } | |
468 | ||
469 | static const rfc5114_td rfctd[] = { | |
470 | make_rfc5114_td(1024_160), | |
471 | make_rfc5114_td(2048_224), | |
472 | make_rfc5114_td(2048_256) | |
473 | }; | |
474 | ||
475 | static int run_rfc5114_tests(void) | |
476 | { | |
477 | int i; | |
478 | for (i = 0; i < (int)(sizeof(rfctd)/sizeof(rfc5114_td)); i++) | |
479 | { | |
480 | DH *dhA, *dhB; | |
481 | unsigned char *Z1 = NULL, *Z2 = NULL; | |
482 | const rfc5114_td *td = rfctd + i; | |
483 | /* Set up DH structures setting key components */ | |
484 | dhA = td->get_param(); | |
485 | dhB = td->get_param(); | |
486 | if (!dhA || !dhB) | |
487 | goto bad_err; | |
488 | ||
489 | dhA->priv_key = BN_bin2bn(td->xA, td->xA_len, NULL); | |
490 | dhA->pub_key = BN_bin2bn(td->yA, td->yA_len, NULL); | |
491 | ||
492 | dhB->priv_key = BN_bin2bn(td->xB, td->xB_len, NULL); | |
493 | dhB->pub_key = BN_bin2bn(td->yB, td->yB_len, NULL); | |
494 | ||
495 | if (!dhA->priv_key || !dhA->pub_key | |
496 | || !dhB->priv_key || !dhB->pub_key) | |
497 | goto bad_err; | |
498 | ||
499 | if ((td->Z_len != (size_t)DH_size(dhA)) | |
500 | || (td->Z_len != (size_t)DH_size(dhB))) | |
501 | goto err; | |
502 | ||
503 | Z1 = OPENSSL_malloc(DH_size(dhA)); | |
504 | Z2 = OPENSSL_malloc(DH_size(dhB)); | |
505 | /* Work out shared secrets using both sides and compare | |
506 | * with expected values. | |
507 | */ | |
508 | if (!DH_compute_key(Z1, dhB->pub_key, dhA)) | |
509 | goto bad_err; | |
510 | if (!DH_compute_key(Z2, dhA->pub_key, dhB)) | |
511 | goto bad_err; | |
512 | ||
513 | if (memcmp(Z1, td->Z, td->Z_len)) | |
514 | goto err; | |
515 | if (memcmp(Z2, td->Z, td->Z_len)) | |
516 | goto err; | |
517 | ||
518 | printf("RFC5114 parameter test %d OK\n", i + 1); | |
519 | ||
520 | DH_free(dhA); | |
521 | DH_free(dhB); | |
522 | OPENSSL_free(Z1); | |
523 | OPENSSL_free(Z2); | |
524 | ||
525 | } | |
526 | return 1; | |
527 | bad_err: | |
528 | fprintf(stderr, "Initalisation error RFC5114 set %d\n", i + 1); | |
529 | ERR_print_errors_fp(stderr); | |
530 | return 0; | |
531 | err: | |
532 | fprintf(stderr, "Test failed RFC5114 set %d\n", i + 1); | |
533 | return 0; | |
534 | } | |
535 | ||
f5d7a031 | 536 | #endif |