PolarSSL v1.3.2
test_suite_dhm.c
Go to the documentation of this file.
1 #include <polarssl/config.h>
2 
3 #ifdef POLARSSL_DHM_C
4 #ifdef POLARSSL_BIGNUM_C
5 
6 #include <polarssl/dhm.h>
7 #endif /* POLARSSL_DHM_C */
8 #endif /* POLARSSL_BIGNUM_C */
9 
10 
11 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
12 #include "polarssl/memory.h"
13 #endif
14 
15 #if defined(WANT_NOT_RND_MPI)
16 #if defined(POLARSSL_BIGNUM_C)
17 #include "polarssl/bignum.h"
18 #else
19 #error "not_rnd_mpi() need bignum.c"
20 #endif
21 #endif
22 
23 #ifdef _MSC_VER
24 #include <basetsd.h>
25 typedef UINT32 uint32_t;
26 #else
27 #include <inttypes.h>
28 #endif
29 
30 #include <assert.h>
31 #include <stdlib.h>
32 #include <string.h>
33 
34 /*
35  * 32-bit integer manipulation macros (big endian)
36  */
37 #ifndef GET_UINT32_BE
38 #define GET_UINT32_BE(n,b,i) \
39 { \
40  (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
41  | ( (uint32_t) (b)[(i) + 1] << 16 ) \
42  | ( (uint32_t) (b)[(i) + 2] << 8 ) \
43  | ( (uint32_t) (b)[(i) + 3] ); \
44 }
45 #endif
46 
47 #ifndef PUT_UINT32_BE
48 #define PUT_UINT32_BE(n,b,i) \
49 { \
50  (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
51  (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
52  (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
53  (b)[(i) + 3] = (unsigned char) ( (n) ); \
54 }
55 #endif
56 
57 static int unhexify(unsigned char *obuf, const char *ibuf)
58 {
59  unsigned char c, c2;
60  int len = strlen(ibuf) / 2;
61  assert(!(strlen(ibuf) %1)); // must be even number of bytes
62 
63  while (*ibuf != 0)
64  {
65  c = *ibuf++;
66  if( c >= '0' && c <= '9' )
67  c -= '0';
68  else if( c >= 'a' && c <= 'f' )
69  c -= 'a' - 10;
70  else if( c >= 'A' && c <= 'F' )
71  c -= 'A' - 10;
72  else
73  assert( 0 );
74 
75  c2 = *ibuf++;
76  if( c2 >= '0' && c2 <= '9' )
77  c2 -= '0';
78  else if( c2 >= 'a' && c2 <= 'f' )
79  c2 -= 'a' - 10;
80  else if( c2 >= 'A' && c2 <= 'F' )
81  c2 -= 'A' - 10;
82  else
83  assert( 0 );
84 
85  *obuf++ = ( c << 4 ) | c2;
86  }
87 
88  return len;
89 }
90 
91 static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
92 {
93  unsigned char l, h;
94 
95  while (len != 0)
96  {
97  h = (*ibuf) / 16;
98  l = (*ibuf) % 16;
99 
100  if( h < 10 )
101  *obuf++ = '0' + h;
102  else
103  *obuf++ = 'a' + h - 10;
104 
105  if( l < 10 )
106  *obuf++ = '0' + l;
107  else
108  *obuf++ = 'a' + l - 10;
109 
110  ++ibuf;
111  len--;
112  }
113 }
114 
124 static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len )
125 {
126  size_t i;
127 
128  if( rng_state != NULL )
129  rng_state = NULL;
130 
131  for( i = 0; i < len; ++i )
132  output[i] = rand();
133 
134  return( 0 );
135 }
136 
142 static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len )
143 {
144  if( rng_state != NULL )
145  rng_state = NULL;
146 
147  memset( output, 0, len );
148 
149  return( 0 );
150 }
151 
152 typedef struct
153 {
154  unsigned char *buf;
155  size_t length;
156 } rnd_buf_info;
157 
169 static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len )
170 {
171  rnd_buf_info *info = (rnd_buf_info *) rng_state;
172  size_t use_len;
173 
174  if( rng_state == NULL )
175  return( rnd_std_rand( NULL, output, len ) );
176 
177  use_len = len;
178  if( len > info->length )
179  use_len = info->length;
180 
181  if( use_len )
182  {
183  memcpy( output, info->buf, use_len );
184  info->buf += use_len;
185  info->length -= use_len;
186  }
187 
188  if( len - use_len > 0 )
189  return( rnd_std_rand( NULL, output + use_len, len - use_len ) );
190 
191  return( 0 );
192 }
193 
201 typedef struct
202 {
203  uint32_t key[16];
204  uint32_t v0, v1;
206 
215 static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len )
216 {
217  rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state;
218  uint32_t i, *k, sum, delta=0x9E3779B9;
219  unsigned char result[4];
220 
221  if( rng_state == NULL )
222  return( rnd_std_rand( NULL, output, len ) );
223 
224  k = info->key;
225 
226  while( len > 0 )
227  {
228  size_t use_len = ( len > 4 ) ? 4 : len;
229  sum = 0;
230 
231  for( i = 0; i < 32; i++ )
232  {
233  info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]);
234  sum += delta;
235  info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]);
236  }
237 
238  PUT_UINT32_BE( info->v0, result, 0 );
239  memcpy( output, result, use_len );
240  len -= use_len;
241  }
242 
243  return( 0 );
244 }
245 
246 #if defined(WANT_NOT_RND_MPI)
247 
255 #define ciL (sizeof(t_uint)) /* chars in limb */
256 #define CHARS_TO_LIMBS(i) (((i) + ciL - 1) / ciL)
257 static int not_rnd_mpi( void *in, unsigned char *out, size_t len )
258 {
259  char *str = (char *) in;
260  mpi X;
261 
262  /*
263  * The 'in' pointer we get is from an MPI prepared by mpi_fill_random(),
264  * just reconstruct the rest in order to be able to call mpi_read_string()
265  */
266  X.s = 1;
267  X.p = (t_uint *) out;
268  X.n = CHARS_TO_LIMBS( len );
269 
270  /*
271  * If str is too long, mpi_read_string() will try to allocate a new buffer
272  * for X.p, which we want to avoid at all costs.
273  */
274  assert( strlen( str ) / 2 == len );
275 
276  return( mpi_read_string( &X, 16, str ) );
277 }
278 #endif /* WANT_NOT_RND_MPI */
279 
280 
281 #include <stdio.h>
282 #include <string.h>
283 
284 static int test_errors = 0;
285 
286 #ifdef POLARSSL_DHM_C
287 #ifdef POLARSSL_BIGNUM_C
288 
289 #define TEST_SUITE_ACTIVE
290 
291 static int test_assert( int correct, char *test )
292 {
293  if( correct )
294  return( 0 );
295 
296  test_errors++;
297  if( test_errors == 1 )
298  printf( "FAILED\n" );
299  printf( " %s\n", test );
300 
301  return( 1 );
302 }
303 
304 #define TEST_ASSERT( TEST ) \
305  do { test_assert( (TEST) ? 1 : 0, #TEST ); \
306  if( test_errors) return; \
307  } while (0)
308 
309 int verify_string( char **str )
310 {
311  if( (*str)[0] != '"' ||
312  (*str)[strlen( *str ) - 1] != '"' )
313  {
314  printf( "Expected string (with \"\") for parameter and got: %s\n", *str );
315  return( -1 );
316  }
317 
318  (*str)++;
319  (*str)[strlen( *str ) - 1] = '\0';
320 
321  return( 0 );
322 }
323 
324 int verify_int( char *str, int *value )
325 {
326  size_t i;
327  int minus = 0;
328  int digits = 1;
329  int hex = 0;
330 
331  for( i = 0; i < strlen( str ); i++ )
332  {
333  if( i == 0 && str[i] == '-' )
334  {
335  minus = 1;
336  continue;
337  }
338 
339  if( ( ( minus && i == 2 ) || ( !minus && i == 1 ) ) &&
340  str[i - 1] == '0' && str[i] == 'x' )
341  {
342  hex = 1;
343  continue;
344  }
345 
346  if( str[i] < '0' || str[i] > '9' )
347  {
348  digits = 0;
349  break;
350  }
351  }
352 
353  if( digits )
354  {
355  if( hex )
356  *value = strtol( str, NULL, 16 );
357  else
358  *value = strtol( str, NULL, 10 );
359 
360  return( 0 );
361  }
362 
363 
364 
365  printf( "Expected integer for parameter and got: %s\n", str );
366  return( -1 );
367 }
368 
369 void test_suite_dhm_do_dhm( int radix_P, char *input_P,
370  int radix_G, char *input_G )
371 {
372  dhm_context ctx_srv;
373  dhm_context ctx_cli;
374  unsigned char ske[1000];
375  unsigned char *p = ske;
376  unsigned char pub_cli[1000];
377  unsigned char sec_srv[1000];
378  unsigned char sec_cli[1000];
379  size_t ske_len = 0;
380  size_t pub_cli_len = 0;
381  size_t sec_srv_len = 1000;
382  size_t sec_cli_len = 1000;
383  int x_size, i;
384  rnd_pseudo_info rnd_info;
385 
386  memset( &ctx_srv, 0x00, sizeof( dhm_context ) );
387  memset( &ctx_cli, 0x00, sizeof( dhm_context ) );
388  memset( ske, 0x00, 1000 );
389  memset( pub_cli, 0x00, 1000 );
390  memset( sec_srv, 0x00, 1000 );
391  memset( sec_cli, 0x00, 1000 );
392  memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) );
393 
394  /*
395  * Set params
396  */
397  TEST_ASSERT( mpi_read_string( &ctx_srv.P, radix_P, input_P ) == 0 );
398  TEST_ASSERT( mpi_read_string( &ctx_srv.G, radix_G, input_G ) == 0 );
399  x_size = mpi_size( &ctx_srv.P );
400  pub_cli_len = x_size;
401 
402  /*
403  * First key exchange
404  */
405  TEST_ASSERT( dhm_make_params( &ctx_srv, x_size, ske, &ske_len, &rnd_pseudo_rand, &rnd_info ) == 0 );
406  ske[ske_len++] = 0;
407  ske[ske_len++] = 0;
408  TEST_ASSERT( dhm_read_params( &ctx_cli, &p, ske + ske_len ) == 0 );
409 
410  TEST_ASSERT( dhm_make_public( &ctx_cli, x_size, pub_cli, pub_cli_len, &rnd_pseudo_rand, &rnd_info ) == 0 );
411  TEST_ASSERT( dhm_read_public( &ctx_srv, pub_cli, pub_cli_len ) == 0 );
412 
413  TEST_ASSERT( dhm_calc_secret( &ctx_srv, sec_srv, &sec_srv_len, &rnd_pseudo_rand, &rnd_info ) == 0 );
414  TEST_ASSERT( dhm_calc_secret( &ctx_cli, sec_cli, &sec_cli_len, NULL, NULL ) == 0 );
415 
416  TEST_ASSERT( sec_srv_len == sec_cli_len );
417  TEST_ASSERT( sec_srv_len != 0 );
418  TEST_ASSERT( memcmp( sec_srv, sec_cli, sec_srv_len ) == 0 );
419 
420  /* Re-do calc_secret on server a few times to test update of blinding values */
421  for( i = 0; i < 3; i++ )
422  {
423  sec_srv_len = 1000;
424  TEST_ASSERT( dhm_calc_secret( &ctx_srv, sec_srv, &sec_srv_len, &rnd_pseudo_rand, &rnd_info ) == 0 );
425 
426  TEST_ASSERT( sec_srv_len == sec_cli_len );
427  TEST_ASSERT( sec_srv_len != 0 );
428  TEST_ASSERT( memcmp( sec_srv, sec_cli, sec_srv_len ) == 0 );
429  }
430 
431  /*
432  * Second key exchange to test change of blinding values on server
433  */
434  sec_cli_len = 1000;
435  sec_srv_len = 1000;
436  p = ske;
437 
438  TEST_ASSERT( dhm_make_params( &ctx_srv, x_size, ske, &ske_len, &rnd_pseudo_rand, &rnd_info ) == 0 );
439  ske[ske_len++] = 0;
440  ske[ske_len++] = 0;
441  TEST_ASSERT( dhm_read_params( &ctx_cli, &p, ske + ske_len ) == 0 );
442 
443  TEST_ASSERT( dhm_make_public( &ctx_cli, x_size, pub_cli, pub_cli_len, &rnd_pseudo_rand, &rnd_info ) == 0 );
444  TEST_ASSERT( dhm_read_public( &ctx_srv, pub_cli, pub_cli_len ) == 0 );
445 
446  TEST_ASSERT( dhm_calc_secret( &ctx_srv, sec_srv, &sec_srv_len, &rnd_pseudo_rand, &rnd_info ) == 0 );
447  TEST_ASSERT( dhm_calc_secret( &ctx_cli, sec_cli, &sec_cli_len, NULL, NULL ) == 0 );
448 
449  TEST_ASSERT( sec_srv_len == sec_cli_len );
450  TEST_ASSERT( sec_srv_len != 0 );
451  TEST_ASSERT( memcmp( sec_srv, sec_cli, sec_srv_len ) == 0 );
452 
453  dhm_free( &ctx_srv );
454  dhm_free( &ctx_cli );
455 }
456 
457 #ifdef POLARSSL_SELF_TEST
458 void test_suite_dhm_selftest()
459 {
460  TEST_ASSERT( dhm_self_test( 0 ) == 0 );
461 }
462 #endif /* POLARSSL_SELF_TEST */
463 
464 
465 #endif /* POLARSSL_DHM_C */
466 #endif /* POLARSSL_BIGNUM_C */
467 
468 
469 int dep_check( char *str )
470 {
471  if( str == NULL )
472  return( 1 );
473 
474 
475 
476  return( 1 );
477 }
478 
479 int dispatch_test(int cnt, char *params[50])
480 {
481  int ret;
482  ((void) cnt);
483  ((void) params);
484 
485 #if defined(TEST_SUITE_ACTIVE)
486  if( strcmp( params[0], "dhm_do_dhm" ) == 0 )
487  {
488 
489  int param1;
490  char *param2 = params[2];
491  int param3;
492  char *param4 = params[4];
493 
494  if( cnt != 5 )
495  {
496  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 5 );
497  return( 2 );
498  }
499 
500  if( verify_int( params[1], &param1 ) != 0 ) return( 2 );
501  if( verify_string( &param2 ) != 0 ) return( 2 );
502  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
503  if( verify_string( &param4 ) != 0 ) return( 2 );
504 
505  test_suite_dhm_do_dhm( param1, param2, param3, param4 );
506  return ( 0 );
507 
508  return ( 3 );
509  }
510  else
511  if( strcmp( params[0], "dhm_selftest" ) == 0 )
512  {
513  #ifdef POLARSSL_SELF_TEST
514 
515 
516  if( cnt != 1 )
517  {
518  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 1 );
519  return( 2 );
520  }
521 
522 
523  test_suite_dhm_selftest( );
524  return ( 0 );
525  #endif /* POLARSSL_SELF_TEST */
526 
527  return ( 3 );
528  }
529  else
530 
531  {
532  fprintf( stdout, "FAILED\nSkipping unknown test function '%s'\n", params[0] );
533  fflush( stdout );
534  return( 1 );
535  }
536 #else
537  return( 3 );
538 #endif
539  return( ret );
540 }
541 
542 int get_line( FILE *f, char *buf, size_t len )
543 {
544  char *ret;
545 
546  ret = fgets( buf, len, f );
547  if( ret == NULL )
548  return( -1 );
549 
550  if( strlen( buf ) && buf[strlen(buf) - 1] == '\n' )
551  buf[strlen(buf) - 1] = '\0';
552  if( strlen( buf ) && buf[strlen(buf) - 1] == '\r' )
553  buf[strlen(buf) - 1] = '\0';
554 
555  return( 0 );
556 }
557 
558 int parse_arguments( char *buf, size_t len, char *params[50] )
559 {
560  int cnt = 0, i;
561  char *cur = buf;
562  char *p = buf, *q;
563 
564  params[cnt++] = cur;
565 
566  while( *p != '\0' && p < buf + len )
567  {
568  if( *p == '\\' )
569  {
570  *p++;
571  *p++;
572  continue;
573  }
574  if( *p == ':' )
575  {
576  if( p + 1 < buf + len )
577  {
578  cur = p + 1;
579  params[cnt++] = cur;
580  }
581  *p = '\0';
582  }
583 
584  *p++;
585  }
586 
587  // Replace newlines, question marks and colons in strings
588  for( i = 0; i < cnt; i++ )
589  {
590  p = params[i];
591  q = params[i];
592 
593  while( *p != '\0' )
594  {
595  if( *p == '\\' && *(p + 1) == 'n' )
596  {
597  p += 2;
598  *(q++) = '\n';
599  }
600  else if( *p == '\\' && *(p + 1) == ':' )
601  {
602  p += 2;
603  *(q++) = ':';
604  }
605  else if( *p == '\\' && *(p + 1) == '?' )
606  {
607  p += 2;
608  *(q++) = '?';
609  }
610  else
611  *(q++) = *(p++);
612  }
613  *q = '\0';
614  }
615 
616  return( cnt );
617 }
618 
619 int main()
620 {
621  int ret, i, cnt, total_errors = 0, total_tests = 0, total_skipped = 0;
622  const char *filename = "/tmp/B.6b9404fc-5e27-486e-9bbd-77463d7343ee/BUILD/polarssl-1.3.2/tests/suites/test_suite_dhm.data";
623  FILE *file;
624  char buf[5000];
625  char *params[50];
626 
627 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
628  unsigned char alloc_buf[1000000];
629  memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
630 #endif
631 
632  file = fopen( filename, "r" );
633  if( file == NULL )
634  {
635  fprintf( stderr, "Failed to open\n" );
636  return( 1 );
637  }
638 
639  while( !feof( file ) )
640  {
641  int skip = 0;
642 
643  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
644  break;
645  fprintf( stdout, "%s%.66s", test_errors ? "\n" : "", buf );
646  fprintf( stdout, " " );
647  for( i = strlen( buf ) + 1; i < 67; i++ )
648  fprintf( stdout, "." );
649  fprintf( stdout, " " );
650  fflush( stdout );
651 
652  total_tests++;
653 
654  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
655  break;
656  cnt = parse_arguments( buf, strlen(buf), params );
657 
658  if( strcmp( params[0], "depends_on" ) == 0 )
659  {
660  for( i = 1; i < cnt; i++ )
661  if( dep_check( params[i] ) != 0 )
662  skip = 1;
663 
664  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
665  break;
666  cnt = parse_arguments( buf, strlen(buf), params );
667  }
668 
669  if( skip == 0 )
670  {
671  test_errors = 0;
672  ret = dispatch_test( cnt, params );
673  }
674 
675  if( skip == 1 || ret == 3 )
676  {
677  total_skipped++;
678  fprintf( stdout, "----\n" );
679  fflush( stdout );
680  }
681  else if( ret == 0 && test_errors == 0 )
682  {
683  fprintf( stdout, "PASS\n" );
684  fflush( stdout );
685  }
686  else if( ret == 2 )
687  {
688  fprintf( stderr, "FAILED: FATAL PARSE ERROR\n" );
689  fclose(file);
690  exit( 2 );
691  }
692  else
693  total_errors++;
694 
695  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
696  break;
697  if( strlen(buf) != 0 )
698  {
699  fprintf( stderr, "Should be empty %d\n", (int) strlen(buf) );
700  return( 1 );
701  }
702  }
703  fclose(file);
704 
705  fprintf( stdout, "\n----------------------------------------------------------------------------\n\n");
706  if( total_errors == 0 )
707  fprintf( stdout, "PASSED" );
708  else
709  fprintf( stdout, "FAILED" );
710 
711  fprintf( stdout, " (%d / %d tests (%d skipped))\n",
712  total_tests - total_errors, total_tests, total_skipped );
713 
714 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
715 #if defined(POLARSSL_MEMORY_DEBUG)
716  memory_buffer_alloc_status();
717 #endif
718  memory_buffer_alloc_free();
719 #endif
720 
721  return( total_errors != 0 );
722 }
723 
724 
static int rnd_pseudo_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a pseudo random function.
mpi P
Definition: dhm.h:146
Memory allocation layer.
uint32_t t_uint
Definition: bignum.h:149
Info structure for the pseudo random function.
DHM context structure.
Definition: dhm.h:143
int s
Definition: bignum.h:173
int dhm_self_test(int verbose)
Checkup routine.
Configuration options (set of defines)
MPI structure.
Definition: bignum.h:171
static int test_assert(int correct, char *test)
int main(int argc, char *argv[])
Multi-precision integer library.
int dep_check(char *str)
static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
#define TEST_ASSERT(TEST)
int dhm_read_params(dhm_context *ctx, unsigned char **p, const unsigned char *end)
Parse the ServerKeyExchange parameters.
mpi G
Definition: dhm.h:147
#define PUT_UINT32_BE(n, b, i)
Diffie-Hellman-Merkle key exchange.
int parse_arguments(char *buf, size_t len, char *params[50])
static int rnd_buffer_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a buffer it receives.
static int test_errors
int mpi_read_string(mpi *X, int radix, const char *s)
Import from an ASCII string.
t_uint * p
Definition: bignum.h:175
static int rnd_zero_rand(void *rng_state, unsigned char *output, size_t len)
This function only returns zeros.
int verify_string(char **str)
int dhm_make_public(dhm_context *ctx, int x_size, unsigned char *output, size_t olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Create own private value X and export G^X.
size_t mpi_size(const mpi *X)
Return the total size in bytes.
int dispatch_test(int cnt, char *params[50])
static int unhexify(unsigned char *obuf, const char *ibuf)
size_t n
Definition: bignum.h:174
static int rnd_std_rand(void *rng_state, unsigned char *output, size_t len)
This function just returns data from rand().
unsigned char * buf
void dhm_free(dhm_context *ctx)
Free the components of a DHM key.
int verify_int(char *str, int *value)
int dhm_make_params(dhm_context *ctx, int x_size, unsigned char *output, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Setup and write the ServerKeyExchange parameters.
int dhm_read_public(dhm_context *ctx, const unsigned char *input, size_t ilen)
Import the peer&#39;s public value G^Y.
int get_line(FILE *f, char *buf, size_t len)
int dhm_calc_secret(dhm_context *ctx, unsigned char *output, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Derive and export the shared secret (G^Y)^X mod P.