From: Nikos Mavrogiannopoulos Date: Thu, 11 Feb 2016 09:34:52 +0000 (+0100) Subject: tests: added check for gnutls_dh_params_import_dsa X-Git-Tag: gnutls_3_5_0~369 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5ee3b2e7b30dea08092fdf866d5a74123679a555;p=thirdparty%2Fgnutls.git tests: added check for gnutls_dh_params_import_dsa --- diff --git a/tests/Makefile.am b/tests/Makefile.am index 31865ca3b9..94897aacdd 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -94,7 +94,8 @@ ctests = mini-record-2 simple gc set_pkcs12_cred certder certuniqueid \ mini-x509-dual mini-x509-kx global-init-override tlsext-decoding \ rehandshake-switch-cert rehandshake-switch-cert-allow rehandshake-switch-cert-client \ rehandshake-switch-cert-client-allow handshake-versions dtls-handshake-versions \ - dtls-max-record tls-max-record alpn-server-prec ocsp-filename-memleak + dtls-max-record tls-max-record alpn-server-prec ocsp-filename-memleak \ + dh-params if HAVE_SECCOMP_TESTS ctests += dtls-with-seccomp tls-with-seccomp dtls-client-with-seccomp tls-client-with-seccomp diff --git a/tests/cert-common.h b/tests/cert-common.h index 6584a3c948..91b301d6fd 100644 --- a/tests/cert-common.h +++ b/tests/cert-common.h @@ -355,3 +355,20 @@ static unsigned char key_pem[] = "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n" "-----END RSA PRIVATE KEY-----\n"; const gnutls_datum_t cli_key = { key_pem, sizeof(key_pem) - 1}; + +static char dsa_key_pem[] = + "-----BEGIN DSA PRIVATE KEY-----\n" + "MIIBugIBAAKBgQC5hPVagb4aDcWKc48Mmy+btg5Lw3Qaf2StnfMoxaBHvJtXVvGX\n" + "1X43A+nyTPTji38wo10vu6GiN8LqNY8fsV+mol8B8SM2K+RPLy3dndU6pjmvelF8\n" + "0iWOl3TPHsV7S3ZDgQcfBhS4blgS4ZDiN2/SG+xoxVji5jDgal4sY3jsBwIVAJ9W\n" + "jEhkL/6NqnptltsEXRbvCKVxAoGAYgZ+5Fx2CLdGGl3Xl9QqIfsfMcnS9Po52CfR\n" + "m/wnXacKpxr8U8EvQ8I3yIV/PUyrXYEy+x1eHlQRFiDGgFrZjJtD8N1roPTD8oqc\n" + "OdIcew/v+iiTj9KhIuvc4IqLrSgOz+8Jhek2vYt6UNV79yUNbGARxO9wkM/WG+u7\n" + "jsY+OpcCgYAPiodX8tHC3KzfS4sPi7op9+ED5FX6spgH1v0SsYC89bq0UNR/oA5D\n" + "55/JeBFf5eQMLGtqpDXcvVTlYDaaMdGKWW5rHLq9LrrrfIfv2sjdoeukg+aLrfr6\n" + "jlvXN8gyPpbCPvRD2n2RAg+3vPjvj/dBAF6W3w8IltzqsukGgq/SLwIUS5/r/2ya\n" + "AoNBXjeBjgCGMei2m8E=\n" "-----END DSA PRIVATE KEY-----\n"; + +const gnutls_datum_t dsa_key = { (void*)dsa_key_pem, + sizeof(dsa_key_pem) +}; diff --git a/tests/dh-params.c b/tests/dh-params.c new file mode 100644 index 0000000000..b8dc12cf82 --- /dev/null +++ b/tests/dh-params.c @@ -0,0 +1,109 @@ +/* + * Copyright (C) 2016 Red Hat, Inc. + * + * Author: Nikos Mavrogiannopoulos + * + * This file is part of GnuTLS. + * + * GnuTLS is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * GnuTLS is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with GnuTLS; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +/* This program tests functionality in gnutls_dh_params structure */ + +#ifdef HAVE_CONFIG_H +#include +#endif + +#include +#include +#include +#include +#include +#include "cert-common.h" +#include "utils.h" + +static int compare(gnutls_datum_t *d1, gnutls_datum_t *d2) +{ + gnutls_datum_t t1, t2; + t1.data = d1->data; + t1.size = d1->size; + t2.data = d2->data; + t2.size = d2->size; + + /* skip any differences due to zeros */ + while (t1.data[0] == 0) { + t1.data++; + t1.size--; + } + + while (t2.data[0] == 0) { + t2.data++; + t2.size--; + } + + if (t1.size != t2.size) + return -1; + if (memcmp(t1.data, t2.data, t1.size) != 0) + return -1; + return 0; +} + +void doit(void) +{ + gnutls_dh_params_t dh_params; + gnutls_x509_privkey_t privkey; + gnutls_datum_t p1, g1, p2, g2, q; + unsigned bits = 0; + int ret; + + /* import DH parameters from DSA key and verify they are the same */ + gnutls_dh_params_init(&dh_params); + gnutls_x509_privkey_init(&privkey); + + ret = gnutls_x509_privkey_import(privkey, &dsa_key, GNUTLS_X509_FMT_PEM); + if (ret < 0) + fail("error in %s: %d\n", __FILE__, __LINE__); + + ret = gnutls_dh_params_import_dsa(dh_params, privkey); + if (ret < 0) + fail("error in %s: %d\n", __FILE__, __LINE__); + + ret = gnutls_dh_params_export_raw(dh_params, &p1, &g1, &bits); + if (ret < 0) + fail("error in %s: %d\n", __FILE__, __LINE__); + + ret = gnutls_x509_privkey_export_dsa_raw(privkey, &p2, &q, &g2, NULL, NULL); + if (ret < 0) + fail("error in %s: %d\n", __FILE__, __LINE__); + + if (bits > q.size*8 || bits < q.size*8-8) + fail("error in %s: %d\n", __FILE__, __LINE__); + + if (compare(&p1, &p2) != 0) + fail("error in %s: %d\n", __FILE__, __LINE__); + + if (compare(&g1, &g2) != 0) + fail("error in %s: %d\n", __FILE__, __LINE__); + + gnutls_free(p1.data); + gnutls_free(g1.data); + gnutls_free(p2.data); + gnutls_free(g2.data); + gnutls_free(q.data); + + gnutls_dh_params_deinit(dh_params); + gnutls_x509_privkey_deinit(privkey); + success("all ok\n"); +}