提交 9dd346c9 编写于 作者: D Dr. Stephen Henson

Experimental incomplete AES GCM algorithm test program.

上级 9770924f
......@@ -21,7 +21,7 @@ AFLAGS= $(ASFLAGS)
CFLAGS= $(INCLUDES) $(CFLAG)
GENERAL=Makefile
TEST=fips_aesavs.c
TEST=fips_aesavs.c fips_gcmtest.c
APPS=
LIB=$(TOP)/libcrypto.a
......
/* fips/aes/fips_gcmtest.c */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
*/
/* ====================================================================
* Copyright (c) 2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#define OPENSSL_FIPSAPI
#include <openssl/opensslconf.h>
#ifndef OPENSSL_FIPS
#include <stdio.h>
int main(int argc, char **argv)
{
printf("No FIPS GCM support\n");
return(0);
}
#else
#include <openssl/bn.h>
#include <openssl/dsa.h>
#include <openssl/fips.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <string.h>
#include <ctype.h>
#include "fips_utl.h"
static void gcmtest(int encrypt)
{
char buf[2048];
char lbuf[2048];
char *keyword, *value;
int keylen = -1, ivlen = -1, aadlen = -1, taglen = -1, ptlen = -1;
int rv;
long l;
unsigned char *key = NULL, *iv = NULL, *aad = NULL, *tag = NULL;
unsigned char *ct = NULL, *pt = NULL;
EVP_CIPHER_CTX ctx;
const EVP_CIPHER *gcm;
EVP_CIPHER_CTX_init(&ctx);
while(fgets(buf,sizeof buf,stdin) != NULL)
{
fputs(buf,stdout);
if (!parse_line(&keyword, &value, lbuf, buf))
continue;
if(!strcmp(keyword,"[Keylen"))
{
keylen = atoi(value);
if (keylen == 128)
gcm = EVP_aes_128_gcm();
else if (keylen == 192)
gcm = EVP_aes_192_gcm();
else if (keylen == 256)
gcm = EVP_aes_256_gcm();
else
{
fprintf(stderr, "Unsupported keylen %d\n",
keylen);
}
keylen >>= 3;
}
else if (!strcmp(keyword, "[IVlen"))
ivlen = atoi(value) >> 3;
else if (!strcmp(keyword, "[AADlen"))
aadlen = atoi(value) >> 3;
else if (!strcmp(keyword, "[Taglen"))
taglen = atoi(value) >> 3;
else if (!strcmp(keyword, "[PTlen"))
ptlen = atoi(value) >> 3;
else if(!strcmp(keyword,"Key"))
{
key = hex2bin_m(value, &l);
if (l != keylen)
{
fprintf(stderr, "Inconsistent Key length\n");
exit(1);
}
}
else if(!strcmp(keyword,"IV"))
{
iv = hex2bin_m(value, &l);
if (l != ivlen)
{
fprintf(stderr, "Inconsistent IV length\n");
exit(1);
}
}
else if(!strcmp(keyword,"CT"))
{
ct = hex2bin_m(value, &l);
if (l != ptlen)
{
fprintf(stderr, "Inconsistent CT length\n");
exit(1);
}
}
else if(!strcmp(keyword,"AAD"))
{
aad = hex2bin_m(value, &l);
if (l != aadlen)
{
fprintf(stderr, "Inconsistent AAD length\n");
exit(1);
}
}
else if(!strcmp(keyword,"Tag"))
{
tag = hex2bin_m(value, &l);
if (l != taglen)
{
fprintf(stderr, "Inconsistent Tag length\n");
exit(1);
}
if (encrypt)
{
fprintf(stderr, "Parse Error for Encrypt\n");
exit(1);
}
EVP_CipherInit_ex(&ctx, gcm, NULL, NULL, NULL, 0);
EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN, ivlen, 0);
EVP_CipherInit_ex(&ctx, NULL, NULL, key, iv, 0);
EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_TAG, taglen, tag);
if (aadlen)
EVP_Cipher(&ctx, NULL, aad, aadlen);
if (ptlen)
{
pt = OPENSSL_malloc(ptlen);
rv = EVP_Cipher(&ctx, pt, ct, ptlen);
}
rv = EVP_Cipher(&ctx, NULL, NULL, 0);
if (rv < 0)
printf("FAIL\n");
else
OutputValue("PT", pt, ptlen, stdout, 0);
if (iv)
OPENSSL_free(iv);
if (aad)
OPENSSL_free(aad);
if (ct)
OPENSSL_free(ct);
if (pt)
OPENSSL_free(pt);
if (key)
OPENSSL_free(key);
if (tag)
OPENSSL_free(tag);
}
}
}
int main(int argc,char **argv)
{
int encrypt;
if(argc != 2)
{
fprintf(stderr,"%s [-encrypt|-decrypt]\n",argv[0]);
exit(1);
}
fips_set_error_print();
if(!FIPS_mode_set(1))
exit(1);
if(!strcmp(argv[1],"-encrypt"))
encrypt = 1;
else if(!strcmp(argv[1],"-decrypt"))
encrypt = 0;
else
{
fprintf(stderr,"Don't know how to %s.\n",argv[1]);
exit(1);
}
gcmtest(encrypt);
return 0;
}
#endif
......@@ -134,6 +134,11 @@ int hex2bin(const char *in, unsigned char *out)
unsigned char *hex2bin_m(const char *in, long *plen)
{
unsigned char *p;
if (strlen(in) == 0)
{
*plen = 0;
return OPENSSL_malloc(1);
}
p = OPENSSL_malloc((strlen(in) + 1)/2);
*plen = hex2bin(in, p);
return p;
......
......@@ -66,6 +66,7 @@ FIPS_SHATEST= fips_shatest
FIPS_DESTEST= fips_desmovs
FIPS_RANDTEST= fips_randtest
FIPS_AESTEST= fips_aesavs
FIPS_GCMTEST= fips_gcmtest
FIPS_HMACTEST= fips_hmactest
FIPS_RSAVTEST= fips_rsavtest
FIPS_RSASTEST= fips_rsastest
......@@ -90,7 +91,8 @@ EXE= $(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT) $(ECDSATEST)$(EXE_EXT) $(ECDHTEST)
$(FIPS_HMACTEST)$(EXE_EXT) $(FIPS_RSAVTEST)$(EXE_EXT) \
$(FIPS_RSASTEST)$(EXE_EXT) $(FIPS_RSAGTEST)$(EXE_EXT) \
$(FIPS_DSSVS)$(EXE_EXT) $(FIPS_DSATEST)$(EXE_EXT) \
$(FIPS_RNGVS)$(EXE_EXT) $(FIPS_TEST_SUITE)$(EXE_EXT)
$(FIPS_RNGVS)$(EXE_EXT) $(FIPS_TEST_SUITE)$(EXE_EXT) \
$(FIPS_GCMTEST)$(EXE_EXT)
# $(METHTEST)$(EXE_EXT)
......@@ -104,7 +106,7 @@ OBJ= $(BNTEST).o $(ECTEST).o $(ECDSATEST).o $(ECDHTEST).o $(IDEATEST).o \
$(BFTEST).o $(SSLTEST).o $(DSATEST).o $(EXPTEST).o $(RSATEST).o \
$(FIPS_SHATEST).o $(FIPS_DESTEST).o $(FIPS_RANDTEST).o \
$(FIPS_AESTEST).o $(FIPS_HMACTEST).o $(FIPS_RSAVTEST).o \
$(FIPS_RSASTEST).o $(FIPS_RSAGTEST).o \
$(FIPS_RSASTEST).o $(FIPS_RSAGTEST).o $(FIPS_GCMTEST).o \
$(FIPS_DSSVS).o $(FIPS_DSATEST).o $(FIPS_RNGVS).o $(FIPS_TEST_SUITE).o \
$(EVPTEST).o $(IGETEST).o $(JPAKETEST).o
SRC= $(BNTEST).c $(ECTEST).c $(ECDSATEST).c $(ECDHTEST).c $(IDEATEST).c \
......@@ -116,7 +118,7 @@ SRC= $(BNTEST).c $(ECTEST).c $(ECDSATEST).c $(ECDHTEST).c $(IDEATEST).c \
$(BFTEST).c $(SSLTEST).c $(DSATEST).c $(EXPTEST).c $(RSATEST).c \
$(FIPS_SHATEST).c $(FIPS_DESTEST).c $(FIPS_RANDTEST).c \
$(FIPS_AESTEST).c $(FIPS_HMACTEST).c $(FIPS_RSAVTEST).c \
$(FIPS_RSASTEST).c $(FIPS_RSAGTEST).c \
$(FIPS_RSASTEST).c $(FIPS_RSAGTEST).c $(FIPS_GCMTEST).c \
$(FIPS_DSSVS).c $(FIPS_DSATEST).c $(FIPS_RNGVS).c $(FIPS_TEST_SUITE).c \
$(EVPTEST).c $(IGETEST).c $(JPAKETEST).c
......@@ -434,6 +436,9 @@ $(FIPS_SHATEST)$(EXE_EXT): $(FIPS_SHATEST).o $(DLIBCRYPTO)
$(FIPS_AESTEST)$(EXE_EXT): $(FIPS_AESTEST).o $(DLIBCRYPTO)
@target=$(FIPS_AESTEST); $(FIPS_BUILD_CMD)
$(FIPS_GCMTEST)$(EXE_EXT): $(FIPS_GCMTEST).o $(DLIBCRYPTO)
@target=$(FIPS_GCMTEST); $(FIPS_BUILD_CMD)
$(FIPS_DESTEST)$(EXE_EXT): $(FIPS_DESTEST).o $(DLIBCRYPTO)
@target=$(FIPS_DESTEST); $(FIPS_BUILD_CMD)
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册