summaryrefslogtreecommitdiffstats
path: root/SoftHSMv2/src/lib/crypto/test/GOSTTests.cpp
diff options
context:
space:
mode:
authorNingSun <ning.sun@intel.com>2018-02-08 08:34:03 -0800
committerNingSun <ning.sun@intel.com>2018-02-08 09:14:52 -0800
commit0c89b3ccba7c9b7332ab67ae1936aff51ca62367 (patch)
tree70c1b1d160d4c6d0a83395ca9a87c1264d0d3439 /SoftHSMv2/src/lib/crypto/test/GOSTTests.cpp
parent945613b4db4e07f75d2bc7463db580ddfaa700fd (diff)
Initial sshsm project structure
Issue-ID: AAF-94 Change-Id: I5e82fff418e7567b161acf9b98013a9b85ffc5b4 Signed-off-by: NingSun <ning.sun@intel.com>
Diffstat (limited to 'SoftHSMv2/src/lib/crypto/test/GOSTTests.cpp')
-rw-r--r--SoftHSMv2/src/lib/crypto/test/GOSTTests.cpp304
1 files changed, 304 insertions, 0 deletions
diff --git a/SoftHSMv2/src/lib/crypto/test/GOSTTests.cpp b/SoftHSMv2/src/lib/crypto/test/GOSTTests.cpp
new file mode 100644
index 0000000..91f6876
--- /dev/null
+++ b/SoftHSMv2/src/lib/crypto/test/GOSTTests.cpp
@@ -0,0 +1,304 @@
+/*
+ * Copyright (c) 2010 SURFnet bv
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
+ * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
+ * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*****************************************************************************
+ GOSTTests.cpp
+
+ Contains test cases to test the GOST implementations
+ *****************************************************************************/
+
+#include <stdlib.h>
+#include <cppunit/extensions/HelperMacros.h>
+#include "GOSTTests.h"
+#include "CryptoFactory.h"
+#include <stdio.h>
+#include "AsymmetricAlgorithm.h"
+#include "AsymmetricKeyPair.h"
+#include "HashAlgorithm.h"
+#include "MacAlgorithm.h"
+#include "RNG.h"
+#ifdef WITH_GOST
+#include "ECParameters.h"
+#include "GOSTPublicKey.h"
+#include "GOSTPrivateKey.h"
+
+CPPUNIT_TEST_SUITE_REGISTRATION(GOSTTests);
+
+void GOSTTests::setUp()
+{
+ hash = NULL;
+ mac = NULL;
+ gost = NULL;
+ rng = NULL;
+
+ gost = CryptoFactory::i()->getAsymmetricAlgorithm(AsymAlgo::GOST);
+
+ // Check the GOST object
+ CPPUNIT_ASSERT(gost != NULL);
+}
+
+void GOSTTests::tearDown()
+{
+ if (hash != NULL)
+ {
+ CryptoFactory::i()->recycleHashAlgorithm(hash);
+ }
+
+ if (mac != NULL)
+ {
+ CryptoFactory::i()->recycleMacAlgorithm(mac);
+ }
+
+ if (gost != NULL)
+ {
+ CryptoFactory::i()->recycleAsymmetricAlgorithm(gost);
+ }
+
+ fflush(stdout);
+}
+
+void GOSTTests::testHash()
+{
+ char testData[4096] = "FE5A773751EAB2F18921C04806D6907444557B4469CDA7C822288E5065DA58F448A27FA0B4C8786853F246B093E3DBFDC332759D7764B6D057895184D9B82E626DF70AEB99B969EA35E5BE4D50C7406EA4A7450AC063933F96F77960EE711A445593119CF69061702CB4797F214FA440C94127E3DCD92F2C71B39D354C6F4284E030DCBFCB91EA5E543E0E3560ECD355091850BA080287BD87B74BB84A8892E0F2172F136D187305179F23EB8296BF1798405BAB52E201F22BCA5B793C5BA6F2CA15F154598EEC73E7E61B405262F6FE5FDC0F9AE0528801C3F965956C79A6C6805EDD0C6515AEA27D1DB9D70A56B0F13A544429C448FB6DB390C0E367EDF997E0B681ADE3846D77D1898F06FB60CB2384015F3749BD1E8163E532529E4D3BB8B200BBE79DA76D4865621FF2E583A1A1F8EBFB7A51B65DC9152B173A7DF91C6943F2FE497CDBC306827146199ADA925DD42B8A48429F5B6E3670AA85A44BDFAB3D273EA6711B996B5C27E04949BE61ED9ECB932F429ADCF31A2E0E9F83FCB1CE6BC0EE81627D1F9D08ECD599F16A1D68B256B002E90A8B4E5830A049ECE9ADF1D50C027EC537DD5412AA1509E91CEF358B2D495D3B37651987F51D9643A5AF2E0EF3D8C02E6023BB76FF8F1EB5CD018FA32BD7886A1A46A7D5CA15E4E0CDB793F0C1986EF4480305801A518B1D4596AAA741C093FC7AD075B637B1B2CC4DA33B6EB6D549001B33E1753C9C4358FB541FDE6541238BD011CD8ACAFB4CFF15B289872956DFBCC732593E838B6300E48ED3455CD101920114640A5B7C1250E419B7D771EC65934F53176BBD7A61A36D6D3D64A1F29C3D41745993636F812930E2936E9ED34E92A3C31239176ED3F78461EE80C54D92CBD9EF9F5746F8069809A38549FC7A8FD99FB350C27230966D6001D3136114A7BDCDEE495B72E4A633845BC88400DEDADC2FA2CD8640049CDB4F8F695C45EACF24FD573E1FB1670F688C9D7706A9AE9EB30E0DFDD54C7F3F3EE6F9BBFBBED6DB6E7C7B979E677DCD8457949DC271BD6ACB445B16247D8DAC1B59D45B8FFBBFDAEA20A5C450E0F93B399AE69887E1C721B0EF86C8CD37FC7514C4F2B70AA1E757DE95DCC3B74C6E18E51D272D433330826435B7CBA6C099558B51E408B1BFE60E876141A74195A00BF914F2536D92170FB43E078D98F784E6F150ED2B16DB5B629EBABF16444639C87A544050E03FB7CCD538DA29C45CE764F68682B48BF8AE5ED43064E833338A88605B1743FEB025D5F5607BB13A2078A99924A2D4818CD582ACDC1556FAEBA70959DE8498F3FCBF85BD269A7DF23A3AD5704908978031667C7BF4A85D1EF42F3ED144670E6EEB5D8213DB43B0B7B43767FD4277EF0EC52B5718A7D187A003DE8E5DFF9C3A3CD520615FB9B52281506E5BB033818E0912980A8BCAA54E21C5630B9E863C83";
+ char testResult[512] = "3EC65819A084AD30712C4B3EB69CE130A8C7221EA3D8A9996D4BA6F298BC39F9";
+
+ // Get a GOST R 34.11-94 hash instance
+ CPPUNIT_ASSERT((hash = CryptoFactory::i()->getHashAlgorithm(HashAlgo::GOST)) != NULL);
+
+ ByteString b(testData);
+ ByteString osslHash(testResult), gostHash;
+
+ // Now recreate the hash using our implementation in a single operation
+ CPPUNIT_ASSERT(hash->hashInit());
+ CPPUNIT_ASSERT(hash->hashUpdate(b));
+ CPPUNIT_ASSERT(hash->hashFinal(gostHash));
+
+ CPPUNIT_ASSERT(osslHash == gostHash);
+
+ // Now recreate the hash in a single part operation
+ gostHash.wipe();
+
+ CPPUNIT_ASSERT(hash->hashInit());
+ CPPUNIT_ASSERT(hash->hashUpdate(b.substr(0, 567)));
+ CPPUNIT_ASSERT(hash->hashUpdate(b.substr(567, 989)));
+ CPPUNIT_ASSERT(hash->hashUpdate(b.substr(567 + 989)));
+ CPPUNIT_ASSERT(hash->hashFinal(gostHash));
+
+ CPPUNIT_ASSERT(osslHash == gostHash);
+
+ CryptoFactory::i()->recycleHashAlgorithm(hash);
+
+ hash = NULL;
+ rng = NULL;
+}
+
+void GOSTTests::testHmac()
+{
+ char testData[4096] = "1450414E94B2CEA9E202B8ACC9C358EBA5334C20CF1B7D13E8B79BE63A0A938A340CF710D539262F406787AF7188990C7D75780C265E37750510FA6AAA742D01C753548219C20B1283CCA9D30AA5A8650D0C5EE63FE10268F9CD5996F8DB0158C6FAD147AE41C0E565F6FBC85115E17BB0B448208075D1CF79CF70574098E7116A5C5EFFDB05DCD83E71DB4860B3AEC2612FB9DE1B010229A413055724AB07F4131B04800286D3C4895A158E7B1301F8010E718C76CC69B34C643D2B1EACC00F9CD0DEBC83425256B2524B34D61EBA32FE5F79FE0A1F9360E3CFB4C88CE7CC3C36E969A37827AD5FD79BFAC08CCA1786F30F34ADC605545F04BA96CA4A4E3DF7FEC36E43406E9CD68D708CBAC4C54B2E18E38535BD1A8029FD7393B5462AB688F8146445295E5473B15B26EC129A24C78B7198D558209E827C38426D747FB0D2B04F1EE7B142B7B736EFF4B819B5420F4642E77181617BEC8074109B463F4C53A6F3507A0B4419B2D7CC0B6CF89FAA2CAEAC17BF19E6A94E0BF346D0F77C47EDB29CBD204483E53853401779AEA0998B993E39EA4C5003326C017A5A3BD0C5591D4F822641FAE9DBDF78B15DC5BA326150F89C864774A8DBF6464B259A29C00D9BCC63F61B3B45FF19E6FD0CDA2BE17608488B0E5C6CC5C596F035C8E580C30FC7C6FE2428F3509511B9D7FE77CF53C5B0E8E66BB573B3D467B74B5493A4E8EA49A79B7E2D36A6C0A600C6B13DC617C3FAF927B2CB251279CFF4228254CB6022AE9D97A36894EBCB305B179284E5D2F330266B2B600E248D3C4B8121A8D698183A38BFB5A40C5E85CB08EF0BFB0242E418D11DD648B9B84E072A70D3FBA8A9B0CEE05BFD71AC945543E306824F9A4DCBA05BBE0027B475A020BD764B53AA5A187C089A2DEF8F3A96D38491A61CE5F3DA625F7F4EF38130B0F5DAA14E2236F4CD95FF0C31E7D6C1CC15CDE7D9D4F95326AE721812458D413CD6C758671C9A85D10F7692CE31A600483F6444F45E74C45B7CF886E63D0158E19C0B87BE6CD9FC4B74D72CB004D3BD7ADF60E162F4967E5EF3BCA0AF2DD7ED1DDE4097B5BA250281DB7E46C22A25A49ABDB1B2D148710128DC1F1A18CD0D762A1D2EB5D5D602336EE3F0A0095592E938A79BDEE72CF801015AD5871A8D907298E13F960A1417FDFA87C3FE3DA9490B73B45326C3161D9DE6460E37208665FDC90CF894A0301198F5FAA5A315FC562B2837194662A58DA13065760571172D42306BB57ECCFA578E9C927C211A1F7C1983DE1AE1EAB0A264AFDC18CD56F14E0429E80B0DDE9A5AF527952A7B6ABECFCB64CBDA3C3E7A024FC5CA3B655FAF5A2787FDB22C1DD3160827C886A119FD2833DA87E60F18B6A969916D35F559BCEA40D6E5E53F84FA5C46DD5DD09D0802A21F64F00EA755F95234AF913DBFB380CC370754448E46EDFC7CCC";
+ char testResult[512] = "8D9D660D7BCAB705F14A90CB9A31F7B5206F9936E1B56F2489DA188A90C49CA3";
+
+ // Get an HMAC GOST R34.11-94 instance
+ CPPUNIT_ASSERT((mac = CryptoFactory::i()->getMacAlgorithm(MacAlgo::HMAC_GOST)) != NULL);
+
+ // Key
+ char pk[] = "a_key_for_HMAC-GOST_R-34.11-94_test";
+ ByteString k((unsigned char *)pk, sizeof(pk));
+ SymmetricKey key;
+ CPPUNIT_ASSERT(key.setKeyBits(k));
+
+ ByteString b(testData);
+ ByteString osslMac(testResult), shsmMac;
+
+ // Now verify the MAC using our implementation in a single operation
+ CPPUNIT_ASSERT(mac->verifyInit(&key));
+ CPPUNIT_ASSERT(mac->verifyUpdate(b));
+ CPPUNIT_ASSERT(mac->verifyFinal(osslMac));
+
+ // Now verify the MAC in a multiple part operation
+ CPPUNIT_ASSERT(mac->verifyInit(&key));
+ CPPUNIT_ASSERT(mac->verifyUpdate(b.substr(0, 567)));
+ CPPUNIT_ASSERT(mac->verifyUpdate(b.substr(567, 989)));
+ CPPUNIT_ASSERT(mac->verifyUpdate(b.substr(567 + 989)));
+ CPPUNIT_ASSERT(mac->verifyFinal(osslMac));
+
+ // Now recreate the MAC in a single part operation
+ CPPUNIT_ASSERT(mac->signInit(&key));
+ CPPUNIT_ASSERT(mac->signUpdate(b));
+ CPPUNIT_ASSERT(mac->signFinal(shsmMac));
+
+ CPPUNIT_ASSERT(osslMac == shsmMac);
+
+ // Now recreate the MAC in a multiple part operation
+ shsmMac.wipe();
+
+ CPPUNIT_ASSERT(mac->signInit(&key));
+ CPPUNIT_ASSERT(mac->signUpdate(b.substr(0, 567)));
+ CPPUNIT_ASSERT(mac->signUpdate(b.substr(567, 989)));
+ CPPUNIT_ASSERT(mac->signUpdate(b.substr(567 + 989)));
+ CPPUNIT_ASSERT(mac->signFinal(shsmMac));
+
+ CPPUNIT_ASSERT(osslMac == shsmMac);
+
+ // Check if bad key is refused
+ osslMac[10] ^= 0x11;
+ CPPUNIT_ASSERT(mac->verifyInit(&key));
+ CPPUNIT_ASSERT(mac->verifyUpdate(b));
+ CPPUNIT_ASSERT(!mac->verifyFinal(osslMac));
+
+ CryptoFactory::i()->recycleMacAlgorithm(mac);
+
+ mac = NULL;
+}
+
+void GOSTTests::testHashKnownVector()
+{
+ CPPUNIT_ASSERT((hash = CryptoFactory::i()->getHashAlgorithm(HashAlgo::GOST)) != NULL);
+
+ // Message to hash for test #1
+ ByteString msg = "6d65737361676520646967657374"; // "message digest"
+ ByteString expected = "bc6041dd2aa401ebfa6e9886734174febdb4729aa972d60f549ac39b29721ba0";
+ ByteString result;
+
+ // Test #1
+ CPPUNIT_ASSERT(hash->hashInit());
+ CPPUNIT_ASSERT(hash->hashUpdate(msg));
+ CPPUNIT_ASSERT(hash->hashFinal(result));
+
+ CPPUNIT_ASSERT(result == expected);
+
+ CryptoFactory::i()->recycleHashAlgorithm(hash);
+ hash = NULL;
+}
+
+void GOSTTests::testKeyGeneration()
+{
+ AsymmetricKeyPair* kp;
+
+ // Set domain parameters
+ ByteString curve = "06072a850302022301";
+ ECParameters* p = new ECParameters;
+ p->setEC(curve);
+
+ // Generate key-pair
+ CPPUNIT_ASSERT(gost->generateKeyPair(&kp, p));
+
+ GOSTPublicKey* pub = (GOSTPublicKey*) kp->getPublicKey();
+ GOSTPrivateKey* priv = (GOSTPrivateKey*) kp->getPrivateKey();
+
+ CPPUNIT_ASSERT(pub->getQ().size() == 64);
+ CPPUNIT_ASSERT(priv->getD().size() == 32);
+
+ gost->recycleParameters(p);
+ gost->recycleKeyPair(kp);
+}
+
+void GOSTTests::testSerialisation()
+{
+ // Get GOST R 34.10-2001 params-A domain parameters
+ ECParameters* p = new ECParameters;
+ p->setEC(ByteString("06072a850302022301"));
+
+ // Serialise the parameters
+ ByteString serialisedParams = p->serialise();
+
+ // Deserialise the parameters
+ AsymmetricParameters* dEC;
+
+ CPPUNIT_ASSERT(gost->reconstructParameters(&dEC, serialisedParams));
+
+ CPPUNIT_ASSERT(dEC->areOfType(ECParameters::type));
+
+ ECParameters* ddEC = (ECParameters*) dEC;
+
+ CPPUNIT_ASSERT(p->getEC() == ddEC->getEC());
+
+ // Generate a key-pair
+ AsymmetricKeyPair* kp;
+
+ CPPUNIT_ASSERT(gost->generateKeyPair(&kp, dEC));
+
+ // Serialise the key-pair
+ ByteString serialisedKP = kp->serialise();
+
+ // Deserialise the key-pair
+ AsymmetricKeyPair* dKP;
+
+ CPPUNIT_ASSERT(gost->reconstructKeyPair(&dKP, serialisedKP));
+
+ // Check the deserialised key-pair
+ GOSTPrivateKey* privKey = (GOSTPrivateKey*) kp->getPrivateKey();
+ GOSTPublicKey* pubKey = (GOSTPublicKey*) kp->getPublicKey();
+
+ GOSTPrivateKey* dPrivKey = (GOSTPrivateKey*) dKP->getPrivateKey();
+ GOSTPublicKey* dPubKey = (GOSTPublicKey*) dKP->getPublicKey();
+
+ CPPUNIT_ASSERT(privKey->getD() == dPrivKey->getD());
+ CPPUNIT_ASSERT(pubKey->getQ() == dPubKey->getQ());
+
+ gost->recycleParameters(p);
+ gost->recycleParameters(dEC);
+ gost->recycleKeyPair(kp);
+ gost->recycleKeyPair(dKP);
+}
+
+void GOSTTests::testSigningVerifying()
+{
+ AsymmetricKeyPair* kp;
+ ECParameters *p;
+ ByteString curve = "06072a850302022301";
+
+ // Get parameters
+ p = new ECParameters;
+ CPPUNIT_ASSERT(p != NULL);
+ p->setEC(curve);
+
+ // Generate key-pair
+ CPPUNIT_ASSERT(gost->generateKeyPair(&kp, p));
+
+ // Generate some data to sign
+ ByteString dataToSign;
+
+ RNG* rng = CryptoFactory::i()->getRNG();
+ CPPUNIT_ASSERT(rng != NULL);
+
+ CPPUNIT_ASSERT(rng->generateRandom(dataToSign, 567));
+
+ // Sign the data
+ ByteString sig;
+ CPPUNIT_ASSERT(gost->sign(kp->getPrivateKey(), dataToSign, sig, AsymMech::GOST_GOST));
+
+ // And verify it
+ CPPUNIT_ASSERT(gost->verify(kp->getPublicKey(), dataToSign, sig, AsymMech::GOST_GOST));
+
+ gost->recycleKeyPair(kp);
+ gost->recycleParameters(p);
+}
+
+void GOSTTests::testSignVerifyKnownVector()
+{
+ // TODO
+}
+#endif