737 lines
20 KiB
C
737 lines
20 KiB
C
/* $KAME: eaytest.c,v 1.28 2001/08/16 21:44:50 sakane Exp $ */
|
|
|
|
/*
|
|
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
|
|
* All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
* 3. Neither the name of the project nor the names of its contributors
|
|
* may be used to endorse or promote products derived from this software
|
|
* without specific prior written permission.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
* SUCH DAMAGE.
|
|
*/
|
|
|
|
#include <sys/types.h>
|
|
|
|
#include <netinet/in.h>
|
|
|
|
#include <stdlib.h>
|
|
#include <stdio.h>
|
|
#include <string.h>
|
|
#include <limits.h>
|
|
|
|
#include "var.h"
|
|
#include "vmbuf.h"
|
|
#include "misc.h"
|
|
#include "debug.h"
|
|
#include "str2val.h"
|
|
|
|
#include "oakley.h"
|
|
#include "dhgroup.h"
|
|
#include "crypto_openssl.h"
|
|
|
|
#define PVDUMP(var) hexdump((var)->v, (var)->l)
|
|
|
|
u_int32_t loglevel = 4;
|
|
|
|
char *capath = "/usr/local/openssl/certs";
|
|
char *certs[] = {
|
|
/* self signed */
|
|
"-----BEGIN CERTIFICATE-----\n"
|
|
"MIICpTCCAg4CAQAwDQYJKoZIhvcNAQEEBQAwgZoxCzAJBgNVBAYTAkpQMREwDwYD\n"
|
|
"VQQIEwhLYW5hZ2F3YTERMA8GA1UEBxMIRnVqaXNhd2ExFTATBgNVBAoTDFdJREUg\n"
|
|
"UHJvamVjdDEVMBMGA1UECxMMS0FNRSBQcm9qZWN0MRcwFQYDVQQDEw5TaG9pY2hp\n"
|
|
"IFNha2FuZTEeMBwGCSqGSIb3DQEJARYPc2FrYW5lQGthbWUubmV0MB4XDTAwMDgy\n"
|
|
"NDAxMzc0NFoXDTAwMDkyMzAxMzc0NFowgZoxCzAJBgNVBAYTAkpQMREwDwYDVQQI\n"
|
|
"EwhLYW5hZ2F3YTERMA8GA1UEBxMIRnVqaXNhd2ExFTATBgNVBAoTDFdJREUgUHJv\n"
|
|
"amVjdDEVMBMGA1UECxMMS0FNRSBQcm9qZWN0MRcwFQYDVQQDEw5TaG9pY2hpIFNh\n"
|
|
"a2FuZTEeMBwGCSqGSIb3DQEJARYPc2FrYW5lQGthbWUubmV0MIGfMA0GCSqGSIb3\n"
|
|
"DQEBAQUAA4GNADCBiQKBgQCpIQG/H3zn4czAmPBcbkDrYxE1A9vcpghpib3Of0Op\n"
|
|
"SsiWIBOyIMiVAzK/I/JotWp3Vdn5fzGp/7DGAbWXAALas2xHkNmTMPpu6qhmNQ57\n"
|
|
"kJHZHal24mgc1hwbrI9fb5olvIexx9a1riNPnKMRVHzXYizsyMbf+lJJmZ8QFhWN\n"
|
|
"twIDAQABMA0GCSqGSIb3DQEBBAUAA4GBACKs6X/BYycuHI3iop403R3XWMHHnNBN\n"
|
|
"5XTHVWiWgR1cMWkq/dp51gn+nPftpdAaYGpqGkiHGhZcXLoBaX9uON3p+7av+sQN\n"
|
|
"plXwnvUf2Zsgu+fojskS0gKcDlYiq1O8TOaBgJouFZgr1q6PiYjVEJGogAP28+HN\n"
|
|
"M4o+GBFbFoqK\n"
|
|
"-----END CERTIFICATE-----\n\n",
|
|
/* signed by SSH testing CA + CA1 + CA2 */
|
|
"-----BEGIN X509 CERTIFICATE-----\n"
|
|
"MIICtTCCAj+gAwIBAgIEOaR8NjANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJG\n"
|
|
"STEkMCIGA1UEChMbU1NIIENvbW11bmljYXRpb25zIFNlY3VyaXR5MREwDwYDVQQL\n"
|
|
"EwhXZWIgdGVzdDEbMBkGA1UEAxMSVGVzdCBDQSAxIHN1YiBjYSAyMB4XDTAwMDgy\n"
|
|
"NDAwMDAwMFoXDTAwMTAwMTAwMDAwMFowgZoxCzAJBgNVBAYTAkpQMREwDwYDVQQI\n"
|
|
"EwhLYW5hZ2F3YTERMA8GA1UEBxMIRnVqaXNhd2ExFTATBgNVBAoTDFdJREUgUHJv\n"
|
|
"amVjdDEVMBMGA1UECxMMS0FNRSBQcm9qZWN0MRcwFQYDVQQDEw5TaG9pY2hpIFNh\n"
|
|
"a2FuZTEeMBwGCSqGSIb3DQEJAQwPc2FrYW5lQGthbWUubmV0MIGfMA0GCSqGSIb3\n"
|
|
"DQEBAQUAA4GNADCBiQKBgQCpIQG/H3zn4czAmPBcbkDrYxE1A9vcpghpib3Of0Op\n"
|
|
"SsiWIBOyIMiVAzK/I/JotWp3Vdn5fzGp/7DGAbWXAALas2xHkNmTMPpu6qhmNQ57\n"
|
|
"kJHZHal24mgc1hwbrI9fb5olvIexx9a1riNPnKMRVHzXYizsyMbf+lJJmZ8QFhWN\n"
|
|
"twIDAQABo18wXTALBgNVHQ8EBAMCBaAwGgYDVR0RBBMwEYEPc2FrYW5lQGthbWUu\n"
|
|
"bmV0MDIGA1UdHwQrMCkwJ6AloCOGIWh0dHA6Ly9sZGFwLnNzaC5maS9jcmxzL2Nh\n"
|
|
"MS0yLmNybDANBgkqhkiG9w0BAQUFAANhADtaqual41OWshF/rwCTuR6zySBJysGp\n"
|
|
"+qjkp5efCiYKhAu1L4WXlMsV/SNdzspui5tHasPBvUw8gzFsU/VW/B2zuQZkimf1\n"
|
|
"u6ZPjUb/vt8vLOPScP5MeH7xrTk9iigsqQ==\n"
|
|
"-----END X509 CERTIFICATE-----\n\n",
|
|
/* VP100 */
|
|
"-----BEGIN CERTIFICATE-----\n"
|
|
"MIICXzCCAcigAwIBAgIEOXGBIzANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJG\n"
|
|
"STEkMCIGA1UEChMbU1NIIENvbW11bmljYXRpb25zIFNlY3VyaXR5MREwDwYDVQQL\n"
|
|
"EwhXZWIgdGVzdDESMBAGA1UEAxMJVGVzdCBDQSAxMB4XDTAwMDcxNjAwMDAwMFoX\n"
|
|
"DTAwMDkwMTAwMDAwMFowNTELMAkGA1UEBhMCanAxETAPBgNVBAoTCHRhaGl0ZXN0\n"
|
|
"MRMwEQYDVQQDEwpmdXJ1a2F3YS0xMIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKB\n"
|
|
"gQDUmI2RaAuoLvtRDbASwRhbkj/Oq0BBIKgAqbFknc/EanJSQwZQu82gD88nf7gG\n"
|
|
"VEioWmKPLDuEjz5JCuM+k5f7HYHI1wWmz1KFr7UA+avZm4Kp6YKnhuH7soZp7kBL\n"
|
|
"hTiZEpL0jdmCWLW3ZXoro55rmPrBsCd+bt8VU6tRZm5dUwIBKaNZMFcwCwYDVR0P\n"
|
|
"BAQDAgWgMBYGA1UdEQQPMA2CBVZQMTAwhwQKFIaFMDAGA1UdHwQpMCcwJaAjoCGG\n"
|
|
"H2h0dHA6Ly9sZGFwLnNzaC5maS9jcmxzL2NhMS5jcmwwDQYJKoZIhvcNAQEFBQAD\n"
|
|
"gYEAKJ/2Co/KYW65mwpGG3CBvsoRL8xyUMHGt6gQpFLHiiHuAdix1ADTL6uoFuYi\n"
|
|
"4sE5omQm1wKVv2ZhS03zDtUfKoVEv0HZ7IY3AU/FZT/M5gQvbt43Dki/ma3ock2I\n"
|
|
"PPhbLsvXm+GCVh3jvkYGk1zr7VERVeTPtmT+hW63lcxfFp4=\n"
|
|
"-----END CERTIFICATE-----\n\n",
|
|
/* IKED */
|
|
"-----BEGIN CERTIFICATE-----\n"
|
|
"MIIEFTCCA7+gAwIBAgIKYU5X6AAAAAAACTANBgkqhkiG9w0BAQUFADCBljEpMCcG\n"
|
|
"CSqGSIb3DQEJARYaeS13YXRhbmFAc2RsLmhpdGFjaGkuY28uanAxCzAJBgNVBAYT\n"
|
|
"AkpQMREwDwYDVQQIEwhLQU5BR0FXQTERMA8GA1UEBxMIWW9rb2hhbWExEDAOBgNV\n"
|
|
"BAoTB0hJVEFDSEkxDDAKBgNVBAsTA1NETDEWMBQGA1UEAxMNSVBzZWMgVGVzdCBD\n"
|
|
"QTAeFw0wMDA3MTUwMjUxNDdaFw0wMTA3MTUwMzAxNDdaMEUxCzAJBgNVBAYTAkpQ\n"
|
|
"MREwDwYDVQQIEwhLQU5BR0FXQTEQMA4GA1UEChMHSElUQUNISTERMA8GA1UEAxMI\n"
|
|
"V0FUQU5BQkUwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA6Wja5A7Ldzrtx+rMWHEB\n"
|
|
"Cyt+/ZoG0qdFQbuuUiU1vOSq+1f+ZSCYAdTq13Lrr6Xfz3jDVFEZLPID9PSTFwq+\n"
|
|
"yQIDAQABo4ICPTCCAjkwDgYDVR0PAQH/BAQDAgTwMBMGA1UdJQQMMAoGCCsGAQUF\n"
|
|
"CAICMB0GA1UdDgQWBBTkv7/MH5Ra+S1zBAmnUIH5w8ZTUTCB0gYDVR0jBIHKMIHH\n"
|
|
"gBQsF2qoaTl5F3GFLKrttaxPJ8j4faGBnKSBmTCBljEpMCcGCSqGSIb3DQEJARYa\n"
|
|
"eS13YXRhbmFAc2RsLmhpdGFjaGkuY28uanAxCzAJBgNVBAYTAkpQMREwDwYDVQQI\n"
|
|
"EwhLQU5BR0FXQTERMA8GA1UEBxMIWW9rb2hhbWExEDAOBgNVBAoTB0hJVEFDSEkx\n"
|
|
"DDAKBgNVBAsTA1NETDEWMBQGA1UEAxMNSVBzZWMgVGVzdCBDQYIQeccIf4GYDIBA\n"
|
|
"rS6HSUt8XjB7BgNVHR8EdDByMDagNKAyhjBodHRwOi8vZmxvcmEyMjAvQ2VydEVu\n"
|
|
"cm9sbC9JUHNlYyUyMFRlc3QlMjBDQS5jcmwwOKA2oDSGMmZpbGU6Ly9cXGZsb3Jh\n"
|
|
"MjIwXENlcnRFbnJvbGxcSVBzZWMlMjBUZXN0JTIwQ0EuY3JsMIGgBggrBgEFBQcB\n"
|
|
"AQSBkzCBkDBFBggrBgEFBQcwAoY5aHR0cDovL2Zsb3JhMjIwL0NlcnRFbnJvbGwv\n"
|
|
"ZmxvcmEyMjBfSVBzZWMlMjBUZXN0JTIwQ0EuY3J0MEcGCCsGAQUFBzAChjtmaWxl\n"
|
|
"Oi8vXFxmbG9yYTIyMFxDZXJ0RW5yb2xsXGZsb3JhMjIwX0lQc2VjJTIwVGVzdCUy\n"
|
|
"MENBLmNydDANBgkqhkiG9w0BAQUFAANBAG8yZAWHb6g3zba453Hw5loojVDZO6fD\n"
|
|
"9lCsyaxeo9/+7x1JEEcdZ6qL7KKqe7ZBwza+hIN0ITkp2WEWo22gTz4=\n"
|
|
"-----END CERTIFICATE-----\n\n",
|
|
/* From Entrust */
|
|
"-----BEGIN CERTIFICATE-----\n"
|
|
"MIIDXTCCAsagAwIBAgIEOb6khTANBgkqhkiG9w0BAQUFADA4MQswCQYDVQQGEwJV\n"
|
|
"UzEQMA4GA1UEChMHRW50cnVzdDEXMBUGA1UECxMOVlBOIEludGVyb3AgUk8wHhcN\n"
|
|
"MDAwOTE4MjMwMDM3WhcNMDMwOTE4MjMzMDM3WjBTMQswCQYDVQQGEwJVUzEQMA4G\n"
|
|
"A1UEChMHRW50cnVzdDEXMBUGA1UECxMOVlBOIEludGVyb3AgUk8xGTAXBgNVBAMT\n"
|
|
"EFNob2ljaGkgU2FrYW5lIDIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKj3\n"
|
|
"eXSt1qXxFXzpa265B/NQYk5BZN7pNJg0tlTKBTVV3UgpQ92Bx5DoNfZh11oIv0Sw\n"
|
|
"6YnG5p9F9ma36U9HDoD3hVTjAvQKy4ssCsnU1y6v5XOU1QvYQo6UTzgsXUTaIau4\n"
|
|
"Lrccl+nyoiNzy3lG51tLR8CxuA+3OOAK9xPjszClAgMBAAGjggFXMIIBUzBABgNV\n"
|
|
"HREEOTA3gQ9zYWthbmVAa2FtZS5uZXSHBM6vIHWCHjIwNi0xNzUtMzItMTE3LnZw\n"
|
|
"bndvcmtzaG9wLmNvbTATBgNVHSUEDDAKBggrBgEFBQgCAjALBgNVHQ8EBAMCAKAw\n"
|
|
"KwYDVR0QBCQwIoAPMjAwMDA5MTgyMzAwMzdagQ8yMDAyMTAyNTExMzAzN1owWgYD\n"
|
|
"VR0fBFMwUTBPoE2gS6RJMEcxCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFbnRydXN0\n"
|
|
"MRcwFQYDVQQLEw5WUE4gSW50ZXJvcCBSTzENMAsGA1UEAxMEQ1JMMTAfBgNVHSME\n"
|
|
"GDAWgBTzVmhu0tBoWKwkZE5mXpooE9630DAdBgNVHQ4EFgQUEgBHPtXggJqei5Xz\n"
|
|
"92CrWXTJxfAwCQYDVR0TBAIwADAZBgkqhkiG9n0HQQAEDDAKGwRWNS4wAwIEsDAN\n"
|
|
"BgkqhkiG9w0BAQUFAAOBgQCIFriNGMUE8GH5LuDrTJfA8uGx8vLy2seljuo694TR\n"
|
|
"et/ojp9QnfOJ1PF9iAdGaEaSLfkwhY4fZNZzxic5HBoHLeo9BXLP7i7FByXjvOZC\n"
|
|
"Y8++0dC8NVvendIILcJBM5nbDq1TqIbb8K3SP80XhO5JLVJkoZiQftAMjo0peZPO\n"
|
|
"EQ==\n"
|
|
"-----END CERTIFICATE-----\n\n",
|
|
};
|
|
|
|
/* prototype */
|
|
|
|
void certtest __P((void));
|
|
void ciphertest __P((void));
|
|
void hmactest __P((void));
|
|
void sha2test __P((void));
|
|
void sha1test __P((void));
|
|
void md5test __P((void));
|
|
void dhtest __P((int));
|
|
void bntest __P((void));
|
|
|
|
/* test */
|
|
|
|
#include <sys/stat.h>
|
|
#include <unistd.h>
|
|
void
|
|
certtest()
|
|
{
|
|
vchar_t c;
|
|
char *str;
|
|
vchar_t *vstr;
|
|
int type;
|
|
int error;
|
|
int i;
|
|
|
|
printf("\n**Test for Certificate.**\n");
|
|
|
|
{
|
|
char dnstr[] = "C=JP, ST=Kanagawa, L=Fujisawa, O=WIDE Project, OU=KAME Project, CN=Shoichi Sakane/Email=sakane@kame.net";
|
|
vchar_t *asn1dn = NULL, asn1dn0;
|
|
char dn0[] = {
|
|
0x30,0x81,0x9a,0x31,0x0b,0x30,0x09,0x06,
|
|
0x03,0x55,0x04,0x06,0x13,0x02,0x4a,0x50,
|
|
0x31,0x11,0x30,0x0f,0x06,0x03,0x55,0x04,
|
|
0x08,0x13,0x08,0x4b,0x61,0x6e,0x61,0x67,
|
|
0x61,0x77,0x61,0x31,0x11,0x30,0x0f,0x06,
|
|
0x03,0x55,0x04,0x07,0x13,0x08,0x46,0x75,
|
|
0x6a,0x69,0x73,0x61,0x77,0x61,0x31,0x15,
|
|
0x30,0x13,0x06,0x03,0x55,0x04,0x0a,0x13,
|
|
0x0c,0x57,0x49,0x44,0x45,0x20,0x50,0x72,
|
|
0x6f,0x6a,0x65,0x63,0x74,0x31,0x15,0x30,
|
|
0x13,0x06,0x03,0x55,0x04,0x0b,0x13,0x0c,
|
|
0x4b,0x41,0x4d,0x45,0x20,0x50,0x72,0x6f,
|
|
0x6a,0x65,0x63,0x74,0x31,0x17,0x30,0x15,
|
|
0x06,0x03,0x55,0x04,0x03,0x13,0x0e,0x53,
|
|
0x68,0x6f,0x69,0x63,0x68,0x69,0x20,0x53,
|
|
0x61,0x6b,0x61,0x6e,0x65,0x31,0x1e,0x30,
|
|
0x1c,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,
|
|
0x0d,0x01,0x09,0x01,
|
|
0x0c, /* <== XXX */
|
|
0x0f,0x73,0x61,
|
|
0x6b,0x61,0x6e,0x65,0x40,0x6b,0x61,0x6d,
|
|
0x65,0x2e,0x6e,0x65,0x74,
|
|
};
|
|
|
|
printf("check to convert the string into subjectName.\n");
|
|
printf("%s\n", dnstr);
|
|
|
|
asn1dn0.v = dn0;
|
|
asn1dn0.l = sizeof(dn0);
|
|
|
|
asn1dn = eay_str2asn1dn(dnstr, sizeof(dnstr));
|
|
if (asn1dn == NULL || asn1dn->l != asn1dn0.l) {
|
|
printf("asn1dn length mismatched.\n");
|
|
exit(1);
|
|
}
|
|
/*
|
|
* NOTE: The value pointed by "<==" above is different from the
|
|
* return of eay_str2asn1dn(). but eay_cmp_asn1dn() can distinguish
|
|
* both of the names are same name.
|
|
*/
|
|
if (eay_cmp_asn1dn(&asn1dn0, asn1dn)) {
|
|
printf("asn1dn mismatched.\n");
|
|
exit(1);
|
|
}
|
|
vfree(asn1dn);
|
|
|
|
printf("succeed.\n");
|
|
}
|
|
|
|
printf("\nCAUTION: These certificates may be invalid on your "
|
|
"environment because it was signed by SSH test CA and you "
|
|
"may not own their issuer's certificates.\n\n");
|
|
|
|
eay_init_error();
|
|
|
|
for (i = 0; i < sizeof(certs)/sizeof(certs[0]); i++) {
|
|
|
|
printf("CERT[%d]===\n", i);
|
|
|
|
c.v = certs[i];
|
|
c.l = strlen(certs[i]);
|
|
|
|
/* print text */
|
|
str = eay_get_x509text(&c);
|
|
printf("%s", str);
|
|
racoon_free(str);
|
|
|
|
/* print ASN.1 of subject name */
|
|
vstr = eay_get_x509asn1subjectname(&c);
|
|
if (!vstr)
|
|
return;
|
|
PVDUMP(vstr);
|
|
printf("\n");
|
|
vfree(vstr);
|
|
|
|
/* print subject alt name */
|
|
{
|
|
int pos;
|
|
for (pos = 1; ; pos++) {
|
|
error = eay_get_x509subjectaltname(&c, &str, &type, pos);
|
|
if (error) {
|
|
printf("no subjectaltname found.\n");
|
|
break;
|
|
}
|
|
if (!str)
|
|
break;
|
|
printf("SubjectAltName: %d: %s\n", type, str);
|
|
racoon_free(str);
|
|
}
|
|
}
|
|
|
|
{
|
|
struct stat sb;
|
|
|
|
stat(capath, &sb);
|
|
if (!(sb.st_mode & S_IFDIR)) {
|
|
printf("ERROR: %s is not directory.\n", capath);
|
|
return;
|
|
}
|
|
}
|
|
|
|
error = eay_check_x509cert(&c, capath);
|
|
printf("cert is %s\n", error ? "invalid" : "valid");
|
|
printf("\n");
|
|
}
|
|
}
|
|
|
|
void
|
|
ciphertest()
|
|
{
|
|
vchar_t data;
|
|
vchar_t key;
|
|
vchar_t iv0;
|
|
vchar_t *res1, *res2, *iv;
|
|
|
|
printf("\n**Test for CIPHER.**\n");
|
|
|
|
data.v = str2val("\
|
|
06000017 03000000 73616b61 6e65406b 616d652e 6e657409 0002c104 308202b8 \
|
|
04f05a90 \
|
|
", 16, &data.l);
|
|
key.v = str2val("f59bd70f 81b9b9cc 2a32c7fd 229a4b37", 16, &key.l);
|
|
iv0.v = str2val("26b68c90 9467b4ab 7ec29fa0 0b696b55", 16, &iv0.l);
|
|
|
|
iv = vmalloc(8);
|
|
|
|
/* des */
|
|
printf("DES\n");
|
|
printf("data:\n");
|
|
PVDUMP(&data);
|
|
|
|
memcpy(iv->v, iv0.v, 8);
|
|
res1 = eay_des_encrypt(&data, &key, iv);
|
|
printf("encrypto:\n");
|
|
PVDUMP(res1);
|
|
|
|
memcpy(iv->v, iv0.v, 8);
|
|
res2 = eay_des_decrypt(res1, &key, iv);
|
|
printf("decrypto:\n");
|
|
PVDUMP(res2);
|
|
|
|
if (memcmp(data.v, res2->v, data.l))
|
|
printf("XXX NG XXX\n");
|
|
vfree(res1);
|
|
vfree(res2);
|
|
|
|
#ifdef HAVE_OPENSSL_IDEA_H
|
|
/* idea */
|
|
printf("IDEA\n");
|
|
printf("data:\n");
|
|
PVDUMP(&data);
|
|
|
|
memcpy(iv->v, iv0.v, 8);
|
|
res1 = eay_idea_encrypt(&data, &key, iv);
|
|
printf("encrypto:\n");
|
|
PVDUMP(res1);
|
|
|
|
memcpy(iv->v, iv0.v, 8);
|
|
res2 = eay_idea_decrypt(res1, &key, iv);
|
|
printf("decrypto:\n");
|
|
PVDUMP(res2);
|
|
|
|
if (memcmp(data.v, res2->v, data.l))
|
|
printf("XXX NG XXX\n");
|
|
vfree(res1);
|
|
vfree(res2);
|
|
#endif
|
|
|
|
/* blowfish */
|
|
printf("BLOWFISH\n");
|
|
printf("data:\n");
|
|
PVDUMP(&data);
|
|
|
|
memcpy(iv->v, iv0.v, 8);
|
|
res1 = eay_bf_encrypt(&data, &key, iv);
|
|
printf("encrypto:\n");
|
|
PVDUMP(res1);
|
|
|
|
memcpy(iv->v, iv0.v, 8);
|
|
res2 = eay_bf_decrypt(res1, &key, iv);
|
|
printf("decrypto:\n");
|
|
PVDUMP(res2);
|
|
|
|
if (memcmp(data.v, res2->v, data.l))
|
|
printf("XXX NG XXX\n");
|
|
vfree(res1);
|
|
vfree(res2);
|
|
|
|
#ifdef HAVE_OPENSSL_RC5_H
|
|
/* rc5 */
|
|
printf("RC5\n");
|
|
printf("data:\n");
|
|
PVDUMP(&data);
|
|
|
|
memcpy(iv->v, iv0.v, 8);
|
|
res1 = eay_bf_encrypt(&data, &key, iv);
|
|
printf("encrypto:\n");
|
|
PVDUMP(res1);
|
|
|
|
memcpy(iv->v, iv0.v, 8);
|
|
res2 = eay_bf_decrypt(res1, &key, iv);
|
|
printf("decrypto:\n");
|
|
PVDUMP(res2);
|
|
|
|
if (memcmp(data.v, res2->v, data.l))
|
|
printf("XXX NG XXX\n");
|
|
vfree(res1);
|
|
vfree(res2);
|
|
#endif
|
|
|
|
/* 3des */
|
|
printf("3DES\n");
|
|
printf("data:\n");
|
|
PVDUMP(&data);
|
|
|
|
memcpy(iv->v, iv0.v, 8);
|
|
res1 = eay_3des_encrypt(&data, &key, iv);
|
|
printf("encrypto:\n");
|
|
if (res1)
|
|
PVDUMP(res1);
|
|
|
|
memcpy(iv->v, iv0.v, 8);
|
|
res2 = eay_3des_decrypt(res1, &key, iv);
|
|
printf("decrypto:\n");
|
|
if (res1)
|
|
PVDUMP(res2);
|
|
|
|
if (res2 && memcmp(data.v, res2->v, data.l))
|
|
printf("XXX NG XXX\n");
|
|
vfree(res1);
|
|
vfree(res2);
|
|
|
|
/* cast */
|
|
printf("CAST\n");
|
|
printf("data:\n");
|
|
PVDUMP(&data);
|
|
|
|
memcpy(iv->v, iv0.v, 8);
|
|
res1 = eay_cast_encrypt(&data, &key, iv);
|
|
printf("encrypto:\n");
|
|
PVDUMP(res1);
|
|
|
|
memcpy(iv->v, iv0.v, 8);
|
|
res2 = eay_cast_decrypt(res1, &key, iv);
|
|
printf("decrypto:\n");
|
|
PVDUMP(res2);
|
|
|
|
if (memcmp(data.v, res2->v, data.l))
|
|
printf("XXX NG XXX\n");
|
|
vfree(res1);
|
|
vfree(res2);
|
|
|
|
/* aes */
|
|
iv = vrealloc(iv, 16);
|
|
|
|
printf("AES\n");
|
|
printf("data:\n");
|
|
PVDUMP(&data);
|
|
|
|
{
|
|
vchar_t *buf;
|
|
int padlen = 16 - data.l % 16;
|
|
buf = vmalloc(data.l + padlen);
|
|
memcpy(buf->v, data.v, data.l);
|
|
|
|
memcpy(iv->v, iv0.v, 16);
|
|
res1 = eay_aes_encrypt(buf, &key, iv);
|
|
printf("encrypto:\n");
|
|
PVDUMP(res1);
|
|
|
|
memcpy(iv->v, iv0.v, 16);
|
|
res2 = eay_aes_decrypt(res1, &key, iv);
|
|
printf("decrypto:\n");
|
|
PVDUMP(res2);
|
|
|
|
if (memcmp(data.v, res2->v, data.l))
|
|
printf("XXX NG XXX\n");
|
|
vfree(res1);
|
|
vfree(res2);
|
|
}
|
|
}
|
|
|
|
void
|
|
hmactest()
|
|
{
|
|
char *keyword = "hehehe test secret!";
|
|
char *object = "d7e6a6c1876ef0488bb74958b9fee94e";
|
|
char *object1 = "d7e6a6c1876ef048";
|
|
char *object2 = "8bb74958b9fee94e";
|
|
char *r_hmd5 = "5702d7d1 fd1bfc7e 210fc9fa cda7d02c";
|
|
char *r_hsha1 = "309999aa 9779a43e ebdea839 1b4e7ee1 d8646874";
|
|
char *r_hsha2 = "d47262d8 a5b6f39d d8686939 411b3e79 ed2e27f9 2c4ea89f dd0a06ae 0c0aa396";
|
|
vchar_t *key, *data, *data1, *data2, *res;
|
|
vchar_t mod;
|
|
caddr_t ctx;
|
|
|
|
printf("\n**Test for HMAC MD5 & SHA1.**\n");
|
|
|
|
key = vmalloc(strlen(keyword));
|
|
memcpy(key->v, keyword, key->l);
|
|
|
|
data = vmalloc(strlen(object));
|
|
data1 = vmalloc(strlen(object1));
|
|
data2 = vmalloc(strlen(object2));
|
|
memcpy(data->v, object, data->l);
|
|
memcpy(data1->v, object1, data1->l);
|
|
memcpy(data2->v, object2, data2->l);
|
|
|
|
/* HMAC MD5 */
|
|
printf("HMAC MD5 by eay_hmacmd5_one()\n");
|
|
res = eay_hmacmd5_one(key, data);
|
|
PVDUMP(res);
|
|
mod.v = str2val(r_hmd5, 16, &mod.l);
|
|
if (memcmp(res->v, mod.v, mod.l))
|
|
printf(" XXX NG XXX\n");
|
|
free(mod.v);
|
|
vfree(res);
|
|
|
|
/* HMAC MD5 */
|
|
printf("HMAC MD5 by eay_hmacmd5_xxx()\n");
|
|
ctx = eay_hmacmd5_init(key);
|
|
eay_hmacmd5_update(ctx, data1);
|
|
eay_hmacmd5_update(ctx, data2);
|
|
res = eay_hmacmd5_final(ctx);
|
|
PVDUMP(res);
|
|
mod.v = str2val(r_hmd5, 16, &mod.l);
|
|
if (memcmp(res->v, mod.v, mod.l))
|
|
printf(" XXX NG XXX\n");
|
|
free(mod.v);
|
|
vfree(res);
|
|
|
|
/* HMAC SHA2 */
|
|
printf("HMAC SHA2 by eay_hmacsha2_256_one()\n");
|
|
res = eay_hmacsha2_256_one(key, data);
|
|
PVDUMP(res);
|
|
mod.v = str2val(r_hsha2, 16, &mod.l);
|
|
if (memcmp(res->v, mod.v, mod.l))
|
|
printf(" XXX NG XXX\n");
|
|
free(mod.v);
|
|
vfree(res);
|
|
|
|
/* HMAC SHA1 */
|
|
printf("HMAC SHA1 by eay_hmacsha1_one()\n");
|
|
res = eay_hmacsha1_one(key, data);
|
|
PVDUMP(res);
|
|
mod.v = str2val(r_hsha1, 16, &mod.l);
|
|
if (memcmp(res->v, mod.v, mod.l))
|
|
printf(" XXX NG XXX\n");
|
|
free(mod.v);
|
|
vfree(res);
|
|
|
|
/* HMAC MD5 */
|
|
printf("HMAC SHA1 by eay_hmacsha1_xxx()\n");
|
|
ctx = eay_hmacsha1_init(key);
|
|
eay_hmacsha1_update(ctx, data1);
|
|
eay_hmacsha1_update(ctx, data2);
|
|
res = eay_hmacsha1_final(ctx);
|
|
PVDUMP(res);
|
|
mod.v = str2val(r_hsha1, 16, &mod.l);
|
|
if (memcmp(res->v, mod.v, mod.l))
|
|
printf(" XXX NG XXX\n");
|
|
free(mod.v);
|
|
vfree(res);
|
|
|
|
vfree(data);
|
|
vfree(data1);
|
|
vfree(data2);
|
|
vfree(key);
|
|
}
|
|
|
|
void
|
|
sha1test()
|
|
{
|
|
char *word1 = "1234567890", *word2 = "12345678901234567890";
|
|
caddr_t ctx;
|
|
vchar_t *buf, *res;
|
|
|
|
printf("\n**Test for SHA1.**\n");
|
|
|
|
ctx = eay_sha1_init();
|
|
buf = vmalloc(strlen(word1));
|
|
memcpy(buf->v, word1, buf->l);
|
|
eay_sha1_update(ctx, buf);
|
|
eay_sha1_update(ctx, buf);
|
|
res = eay_sha1_final(ctx);
|
|
PVDUMP(res);
|
|
vfree(res);
|
|
vfree(buf);
|
|
|
|
ctx = eay_sha1_init();
|
|
buf = vmalloc(strlen(word2));
|
|
memcpy(buf->v, word2, buf->l);
|
|
eay_sha1_update(ctx, buf);
|
|
res = eay_sha1_final(ctx);
|
|
PVDUMP(res);
|
|
vfree(res);
|
|
|
|
res = eay_sha1_one(buf);
|
|
PVDUMP(res);
|
|
vfree(res);
|
|
vfree(buf);
|
|
}
|
|
|
|
void
|
|
md5test()
|
|
{
|
|
char *word1 = "1234567890", *word2 = "12345678901234567890";
|
|
caddr_t ctx;
|
|
vchar_t *buf, *res;
|
|
|
|
printf("\n**Test for MD5.**\n");
|
|
|
|
ctx = eay_md5_init();
|
|
buf = vmalloc(strlen(word1));
|
|
memcpy(buf->v, word1, buf->l);
|
|
eay_md5_update(ctx, buf);
|
|
eay_md5_update(ctx, buf);
|
|
res = eay_md5_final(ctx);
|
|
PVDUMP(res);
|
|
vfree(res);
|
|
vfree(buf);
|
|
|
|
ctx = eay_md5_init();
|
|
buf = vmalloc(strlen(word2));
|
|
memcpy(buf->v, word2, buf->l);
|
|
eay_md5_update(ctx, buf);
|
|
res = eay_md5_final(ctx);
|
|
PVDUMP(res);
|
|
vfree(res);
|
|
|
|
res = eay_md5_one(buf);
|
|
PVDUMP(res);
|
|
vfree(res);
|
|
vfree(buf);
|
|
}
|
|
|
|
void
|
|
dhtest(f)
|
|
int f;
|
|
{
|
|
vchar_t p1, p2, *pub1, *priv1, *pub2, *priv2, *key;
|
|
|
|
printf("\n**Test for DH.**\n");
|
|
|
|
switch (f) {
|
|
case 0:
|
|
p1.v = str2val(OAKLEY_PRIME_MODP768, 16, &p1.l);
|
|
p2.v = str2val(OAKLEY_PRIME_MODP768, 16, &p2.l);
|
|
break;
|
|
case 1:
|
|
p1.v = str2val(OAKLEY_PRIME_MODP1024, 16, &p1.l);
|
|
p2.v = str2val(OAKLEY_PRIME_MODP1024, 16, &p2.l);
|
|
break;
|
|
case 2:
|
|
default:
|
|
p1.v = str2val(OAKLEY_PRIME_MODP1536, 16, &p1.l);
|
|
p2.v = str2val(OAKLEY_PRIME_MODP1536, 16, &p2.l);
|
|
break;
|
|
}
|
|
printf("prime number = \n"); PVDUMP(&p1);
|
|
|
|
key = vmalloc(p1.l);
|
|
|
|
if (eay_dh_generate(&p1, 2, 96, &pub1, &priv1) < 0) {
|
|
printf("error\n");
|
|
return;
|
|
}
|
|
|
|
printf("private key for user 1 = \n"); PVDUMP(priv1);
|
|
printf("public key for user 1 = \n"); PVDUMP(pub1);
|
|
|
|
if (eay_dh_generate(&p2, 2, 96, &pub2, &priv2) < 0) {
|
|
printf("error\n");
|
|
return;
|
|
}
|
|
|
|
printf("private key for user 2 = \n"); PVDUMP(priv2);
|
|
printf("public key for user 2 = \n"); PVDUMP(pub2);
|
|
|
|
/* process to generate key for user 1 */
|
|
memset(key->v, 0, key->l);
|
|
eay_dh_compute(&p1, 2, pub1, priv1, pub2, &key);
|
|
printf("sharing key of user 1 = \n"); PVDUMP(key);
|
|
|
|
/* process to generate key for user 2 */
|
|
memset(key->v, 0, key->l);
|
|
eay_dh_compute(&p2, 2, pub2, priv2, pub1, &key);
|
|
printf("sharing key of user 2 = \n"); PVDUMP(key);
|
|
|
|
vfree(pub1);
|
|
vfree(priv1);
|
|
vfree(priv2);
|
|
vfree(key);
|
|
|
|
return;
|
|
}
|
|
|
|
void
|
|
bntest()
|
|
{
|
|
vchar_t *rn;
|
|
|
|
printf("\n**Test for generate a random number.**\n");
|
|
|
|
rn = eay_set_random((u_int32_t)96);
|
|
PVDUMP(rn);
|
|
vfree(rn);
|
|
}
|
|
|
|
int
|
|
main(ac, av)
|
|
int ac;
|
|
char **av;
|
|
{
|
|
if (strcmp(*av, "-h") == 0) {
|
|
printf("Usage: eaytest [dh|md5|sha1|hmac|cipher|cert]\n");
|
|
exit(0);
|
|
}
|
|
|
|
if (ac == 1) {
|
|
bntest();
|
|
dhtest(0);
|
|
md5test();
|
|
sha1test();
|
|
hmactest();
|
|
ciphertest();
|
|
certtest();
|
|
} else {
|
|
for (av++; *av != '\0'; av++) {
|
|
if (strcmp(*av, "random") == 0)
|
|
bntest();
|
|
else if (strcmp(*av, "dh") == 0)
|
|
dhtest(0);
|
|
else if (strcmp(*av, "md5") == 0)
|
|
md5test();
|
|
else if (strcmp(*av, "sha1") == 0)
|
|
sha1test();
|
|
else if (strcmp(*av, "hmac") == 0)
|
|
hmactest();
|
|
else if (strcmp(*av, "cipher") == 0)
|
|
ciphertest();
|
|
else if (strcmp(*av, "cert") == 0)
|
|
certtest();
|
|
}
|
|
}
|
|
|
|
exit(0);
|
|
}
|