PolarSSL v1.2.8
test_suite_dhm.c
Go to the documentation of this file.
1 #include "fct.h"
2 #include <polarssl/config.h>
3 
4 #include <polarssl/dhm.h>
5 
6 #ifdef _MSC_VER
7 #include <basetsd.h>
8 typedef UINT32 uint32_t;
9 #else
10 #include <inttypes.h>
11 #endif
12 
13 /*
14  * 32-bit integer manipulation macros (big endian)
15  */
16 #ifndef GET_UINT32_BE
17 #define GET_UINT32_BE(n,b,i) \
18 { \
19  (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
20  | ( (uint32_t) (b)[(i) + 1] << 16 ) \
21  | ( (uint32_t) (b)[(i) + 2] << 8 ) \
22  | ( (uint32_t) (b)[(i) + 3] ); \
23 }
24 #endif
25 
26 #ifndef PUT_UINT32_BE
27 #define PUT_UINT32_BE(n,b,i) \
28 { \
29  (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
30  (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
31  (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
32  (b)[(i) + 3] = (unsigned char) ( (n) ); \
33 }
34 #endif
35 
36 int unhexify(unsigned char *obuf, const char *ibuf)
37 {
38  unsigned char c, c2;
39  int len = strlen(ibuf) / 2;
40  assert(!(strlen(ibuf) %1)); // must be even number of bytes
41 
42  while (*ibuf != 0)
43  {
44  c = *ibuf++;
45  if( c >= '0' && c <= '9' )
46  c -= '0';
47  else if( c >= 'a' && c <= 'f' )
48  c -= 'a' - 10;
49  else if( c >= 'A' && c <= 'F' )
50  c -= 'A' - 10;
51  else
52  assert( 0 );
53 
54  c2 = *ibuf++;
55  if( c2 >= '0' && c2 <= '9' )
56  c2 -= '0';
57  else if( c2 >= 'a' && c2 <= 'f' )
58  c2 -= 'a' - 10;
59  else if( c2 >= 'A' && c2 <= 'F' )
60  c2 -= 'A' - 10;
61  else
62  assert( 0 );
63 
64  *obuf++ = ( c << 4 ) | c2;
65  }
66 
67  return len;
68 }
69 
70 void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
71 {
72  unsigned char l, h;
73 
74  while (len != 0)
75  {
76  h = (*ibuf) / 16;
77  l = (*ibuf) % 16;
78 
79  if( h < 10 )
80  *obuf++ = '0' + h;
81  else
82  *obuf++ = 'a' + h - 10;
83 
84  if( l < 10 )
85  *obuf++ = '0' + l;
86  else
87  *obuf++ = 'a' + l - 10;
88 
89  ++ibuf;
90  len--;
91  }
92 }
93 
103 static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len )
104 {
105  size_t i;
106 
107  if( rng_state != NULL )
108  rng_state = NULL;
109 
110  for( i = 0; i < len; ++i )
111  output[i] = rand();
112 
113  return( 0 );
114 }
115 
121 static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len )
122 {
123  if( rng_state != NULL )
124  rng_state = NULL;
125 
126  memset( output, 0, len );
127 
128  return( 0 );
129 }
130 
131 typedef struct
132 {
133  unsigned char *buf;
134  size_t length;
135 } rnd_buf_info;
136 
148 static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len )
149 {
150  rnd_buf_info *info = (rnd_buf_info *) rng_state;
151  size_t use_len;
152 
153  if( rng_state == NULL )
154  return( rnd_std_rand( NULL, output, len ) );
155 
156  use_len = len;
157  if( len > info->length )
158  use_len = info->length;
159 
160  if( use_len )
161  {
162  memcpy( output, info->buf, use_len );
163  info->buf += use_len;
164  info->length -= use_len;
165  }
166 
167  if( len - use_len > 0 )
168  return( rnd_std_rand( NULL, output + use_len, len - use_len ) );
169 
170  return( 0 );
171 }
172 
180 typedef struct
181 {
182  uint32_t key[16];
183  uint32_t v0, v1;
185 
194 static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len )
195 {
196  rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state;
197  uint32_t i, *k, sum, delta=0x9E3779B9;
198  unsigned char result[4];
199 
200  if( rng_state == NULL )
201  return( rnd_std_rand( NULL, output, len ) );
202 
203  k = info->key;
204 
205  while( len > 0 )
206  {
207  size_t use_len = ( len > 4 ) ? 4 : len;
208  sum = 0;
209 
210  for( i = 0; i < 32; i++ )
211  {
212  info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]);
213  sum += delta;
214  info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]);
215  }
216 
217  PUT_UINT32_BE( info->v0, result, 0 );
218  memcpy( output, result, use_len );
219  len -= use_len;
220  }
221 
222  return( 0 );
223 }
224 
225 
227 {
228 #ifdef POLARSSL_DHM_C
229 #ifdef POLARSSL_BIGNUM_C
230 
231 
232  FCT_SUITE_BGN(test_suite_dhm)
233  {
234 
235  FCT_TEST_BGN(diffie_hellman_full_exchange_1)
236  {
237  dhm_context ctx_srv;
238  dhm_context ctx_cli;
239  unsigned char ske[1000];
240  unsigned char *p = ske;
241  unsigned char pub_cli[1000];
242  unsigned char sec_srv[1000];
243  unsigned char sec_cli[1000];
244  size_t ske_len = 0;
245  size_t pub_cli_len = 0;
246  size_t sec_srv_len = 1000;
247  size_t sec_cli_len = 1000;
248  int x_size;
249  rnd_pseudo_info rnd_info;
250 
251  memset( &ctx_srv, 0x00, sizeof( dhm_context ) );
252  memset( &ctx_cli, 0x00, sizeof( dhm_context ) );
253  memset( ske, 0x00, 1000 );
254  memset( pub_cli, 0x00, 1000 );
255  memset( sec_srv, 0x00, 1000 );
256  memset( sec_cli, 0x00, 1000 );
257  memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) );
258 
259  fct_chk( mpi_read_string( &ctx_srv.P, 10, "23" ) == 0 );
260  fct_chk( mpi_read_string( &ctx_srv.G, 10, "5" ) == 0 );
261  x_size = mpi_size( &ctx_srv.P );
262 
263  fct_chk( dhm_make_params( &ctx_srv, x_size, ske, &ske_len, &rnd_pseudo_rand, &rnd_info ) == 0 );
264  ske[ske_len++] = 0;
265  ske[ske_len++] = 0;
266  fct_chk( dhm_read_params( &ctx_cli, &p, ske + ske_len ) == 0 );
267 
268  pub_cli_len = x_size;
269  fct_chk( dhm_make_public( &ctx_cli, x_size, pub_cli, pub_cli_len, &rnd_pseudo_rand, &rnd_info ) == 0 );
270 
271  fct_chk( dhm_read_public( &ctx_srv, pub_cli, pub_cli_len ) == 0 );
272 
273  fct_chk( dhm_calc_secret( &ctx_srv, sec_srv, &sec_srv_len ) == 0 );
274  fct_chk( dhm_calc_secret( &ctx_cli, sec_cli, &sec_cli_len ) == 0 );
275 
276  fct_chk( sec_srv_len == sec_cli_len );
277  fct_chk( sec_srv_len != 0 );
278  fct_chk( memcmp( sec_srv, sec_cli, sec_srv_len ) == 0 );
279 
280  dhm_free( &ctx_srv );
281  dhm_free( &ctx_cli );
282  }
283  FCT_TEST_END();
284 
285 
286  FCT_TEST_BGN(diffie_hellman_full_exchange_2)
287  {
288  dhm_context ctx_srv;
289  dhm_context ctx_cli;
290  unsigned char ske[1000];
291  unsigned char *p = ske;
292  unsigned char pub_cli[1000];
293  unsigned char sec_srv[1000];
294  unsigned char sec_cli[1000];
295  size_t ske_len = 0;
296  size_t pub_cli_len = 0;
297  size_t sec_srv_len = 1000;
298  size_t sec_cli_len = 1000;
299  int x_size;
300  rnd_pseudo_info rnd_info;
301 
302  memset( &ctx_srv, 0x00, sizeof( dhm_context ) );
303  memset( &ctx_cli, 0x00, sizeof( dhm_context ) );
304  memset( ske, 0x00, 1000 );
305  memset( pub_cli, 0x00, 1000 );
306  memset( sec_srv, 0x00, 1000 );
307  memset( sec_cli, 0x00, 1000 );
308  memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) );
309 
310  fct_chk( mpi_read_string( &ctx_srv.P, 10, "93450983094850938450983409623" ) == 0 );
311  fct_chk( mpi_read_string( &ctx_srv.G, 10, "9345098304850938450983409622" ) == 0 );
312  x_size = mpi_size( &ctx_srv.P );
313 
314  fct_chk( dhm_make_params( &ctx_srv, x_size, ske, &ske_len, &rnd_pseudo_rand, &rnd_info ) == 0 );
315  ske[ske_len++] = 0;
316  ske[ske_len++] = 0;
317  fct_chk( dhm_read_params( &ctx_cli, &p, ske + ske_len ) == 0 );
318 
319  pub_cli_len = x_size;
320  fct_chk( dhm_make_public( &ctx_cli, x_size, pub_cli, pub_cli_len, &rnd_pseudo_rand, &rnd_info ) == 0 );
321 
322  fct_chk( dhm_read_public( &ctx_srv, pub_cli, pub_cli_len ) == 0 );
323 
324  fct_chk( dhm_calc_secret( &ctx_srv, sec_srv, &sec_srv_len ) == 0 );
325  fct_chk( dhm_calc_secret( &ctx_cli, sec_cli, &sec_cli_len ) == 0 );
326 
327  fct_chk( sec_srv_len == sec_cli_len );
328  fct_chk( sec_srv_len != 0 );
329  fct_chk( memcmp( sec_srv, sec_cli, sec_srv_len ) == 0 );
330 
331  dhm_free( &ctx_srv );
332  dhm_free( &ctx_cli );
333  }
334  FCT_TEST_END();
335 
336 
337  FCT_TEST_BGN(diffie_hellman_full_exchange_2)
338  {
339  dhm_context ctx_srv;
340  dhm_context ctx_cli;
341  unsigned char ske[1000];
342  unsigned char *p = ske;
343  unsigned char pub_cli[1000];
344  unsigned char sec_srv[1000];
345  unsigned char sec_cli[1000];
346  size_t ske_len = 0;
347  size_t pub_cli_len = 0;
348  size_t sec_srv_len = 1000;
349  size_t sec_cli_len = 1000;
350  int x_size;
351  rnd_pseudo_info rnd_info;
352 
353  memset( &ctx_srv, 0x00, sizeof( dhm_context ) );
354  memset( &ctx_cli, 0x00, sizeof( dhm_context ) );
355  memset( ske, 0x00, 1000 );
356  memset( pub_cli, 0x00, 1000 );
357  memset( sec_srv, 0x00, 1000 );
358  memset( sec_cli, 0x00, 1000 );
359  memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) );
360 
361  fct_chk( mpi_read_string( &ctx_srv.P, 10, "93450983094850938450983409623982317398171298719873918739182739712938719287391879381271" ) == 0 );
362  fct_chk( mpi_read_string( &ctx_srv.G, 10, "9345098309485093845098340962223981329819812792137312973297123912791271" ) == 0 );
363  x_size = mpi_size( &ctx_srv.P );
364 
365  fct_chk( dhm_make_params( &ctx_srv, x_size, ske, &ske_len, &rnd_pseudo_rand, &rnd_info ) == 0 );
366  ske[ske_len++] = 0;
367  ske[ske_len++] = 0;
368  fct_chk( dhm_read_params( &ctx_cli, &p, ske + ske_len ) == 0 );
369 
370  pub_cli_len = x_size;
371  fct_chk( dhm_make_public( &ctx_cli, x_size, pub_cli, pub_cli_len, &rnd_pseudo_rand, &rnd_info ) == 0 );
372 
373  fct_chk( dhm_read_public( &ctx_srv, pub_cli, pub_cli_len ) == 0 );
374 
375  fct_chk( dhm_calc_secret( &ctx_srv, sec_srv, &sec_srv_len ) == 0 );
376  fct_chk( dhm_calc_secret( &ctx_cli, sec_cli, &sec_cli_len ) == 0 );
377 
378  fct_chk( sec_srv_len == sec_cli_len );
379  fct_chk( sec_srv_len != 0 );
380  fct_chk( memcmp( sec_srv, sec_cli, sec_srv_len ) == 0 );
381 
382  dhm_free( &ctx_srv );
383  dhm_free( &ctx_cli );
384  }
385  FCT_TEST_END();
386 
387  }
388  FCT_SUITE_END();
389 
390 #endif /* POLARSSL_DHM_C */
391 #endif /* POLARSSL_BIGNUM_C */
392 
393 }
394 FCT_END();
395