PolarSSL v1.1.4
|
00001 #include "fct.h" 00002 00003 #include <polarssl/dhm.h> 00004 00005 #include <polarssl/config.h> 00006 00007 #ifdef _MSC_VER 00008 #include <basetsd.h> 00009 typedef UINT32 uint32_t; 00010 #else 00011 #include <inttypes.h> 00012 #endif 00013 00014 /* 00015 * 32-bit integer manipulation macros (big endian) 00016 */ 00017 #ifndef GET_ULONG_BE 00018 #define GET_ULONG_BE(n,b,i) \ 00019 { \ 00020 (n) = ( (unsigned long) (b)[(i) ] << 24 ) \ 00021 | ( (unsigned long) (b)[(i) + 1] << 16 ) \ 00022 | ( (unsigned long) (b)[(i) + 2] << 8 ) \ 00023 | ( (unsigned long) (b)[(i) + 3] ); \ 00024 } 00025 #endif 00026 00027 #ifndef PUT_ULONG_BE 00028 #define PUT_ULONG_BE(n,b,i) \ 00029 { \ 00030 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ 00031 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ 00032 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ 00033 (b)[(i) + 3] = (unsigned char) ( (n) ); \ 00034 } 00035 #endif 00036 00037 int unhexify(unsigned char *obuf, const char *ibuf) 00038 { 00039 unsigned char c, c2; 00040 int len = strlen(ibuf) / 2; 00041 assert(!(strlen(ibuf) %1)); // must be even number of bytes 00042 00043 while (*ibuf != 0) 00044 { 00045 c = *ibuf++; 00046 if( c >= '0' && c <= '9' ) 00047 c -= '0'; 00048 else if( c >= 'a' && c <= 'f' ) 00049 c -= 'a' - 10; 00050 else if( c >= 'A' && c <= 'F' ) 00051 c -= 'A' - 10; 00052 else 00053 assert( 0 ); 00054 00055 c2 = *ibuf++; 00056 if( c2 >= '0' && c2 <= '9' ) 00057 c2 -= '0'; 00058 else if( c2 >= 'a' && c2 <= 'f' ) 00059 c2 -= 'a' - 10; 00060 else if( c2 >= 'A' && c2 <= 'F' ) 00061 c2 -= 'A' - 10; 00062 else 00063 assert( 0 ); 00064 00065 *obuf++ = ( c << 4 ) | c2; 00066 } 00067 00068 return len; 00069 } 00070 00071 void hexify(unsigned char *obuf, const unsigned char *ibuf, int len) 00072 { 00073 unsigned char l, h; 00074 00075 while (len != 0) 00076 { 00077 h = (*ibuf) / 16; 00078 l = (*ibuf) % 16; 00079 00080 if( h < 10 ) 00081 *obuf++ = '0' + h; 00082 else 00083 *obuf++ = 'a' + h - 10; 00084 00085 if( l < 10 ) 00086 *obuf++ = '0' + l; 00087 else 00088 *obuf++ = 'a' + l - 10; 00089 00090 ++ibuf; 00091 len--; 00092 } 00093 } 00094 00104 static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len ) 00105 { 00106 size_t i; 00107 00108 if( rng_state != NULL ) 00109 rng_state = NULL; 00110 00111 for( i = 0; i < len; ++i ) 00112 output[i] = rand(); 00113 00114 return( 0 ); 00115 } 00116 00122 static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len ) 00123 { 00124 if( rng_state != NULL ) 00125 rng_state = NULL; 00126 00127 memset( output, 0, len ); 00128 00129 return( 0 ); 00130 } 00131 00132 typedef struct 00133 { 00134 unsigned char *buf; 00135 size_t length; 00136 } rnd_buf_info; 00137 00149 static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len ) 00150 { 00151 rnd_buf_info *info = (rnd_buf_info *) rng_state; 00152 size_t use_len; 00153 00154 if( rng_state == NULL ) 00155 return( rnd_std_rand( NULL, output, len ) ); 00156 00157 use_len = len; 00158 if( len > info->length ) 00159 use_len = info->length; 00160 00161 if( use_len ) 00162 { 00163 memcpy( output, info->buf, use_len ); 00164 info->buf += use_len; 00165 info->length -= use_len; 00166 } 00167 00168 if( len - use_len > 0 ) 00169 return( rnd_std_rand( NULL, output + use_len, len - use_len ) ); 00170 00171 return( 0 ); 00172 } 00173 00181 typedef struct 00182 { 00183 uint32_t key[16]; 00184 uint32_t v0, v1; 00185 } rnd_pseudo_info; 00186 00195 static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len ) 00196 { 00197 rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state; 00198 uint32_t i, *k, sum, delta=0x9E3779B9; 00199 unsigned char result[4]; 00200 00201 if( rng_state == NULL ) 00202 return( rnd_std_rand( NULL, output, len ) ); 00203 00204 k = info->key; 00205 00206 while( len > 0 ) 00207 { 00208 size_t use_len = ( len > 4 ) ? 4 : len; 00209 sum = 0; 00210 00211 for( i = 0; i < 32; i++ ) 00212 { 00213 info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]); 00214 sum += delta; 00215 info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]); 00216 } 00217 00218 PUT_ULONG_BE( info->v0, result, 0 ); 00219 memcpy( output, result, use_len ); 00220 len -= use_len; 00221 } 00222 00223 return( 0 ); 00224 } 00225 00226 00227 FCT_BGN() 00228 { 00229 #ifdef POLARSSL_DHM_C 00230 #ifdef POLARSSL_BIGNUM_C 00231 00232 00233 FCT_SUITE_BGN(test_suite_dhm) 00234 { 00235 00236 FCT_TEST_BGN(diffie_hellman_full_exchange_1) 00237 { 00238 dhm_context ctx_srv; 00239 dhm_context ctx_cli; 00240 unsigned char ske[1000]; 00241 unsigned char *p = ske; 00242 unsigned char pub_cli[1000]; 00243 unsigned char sec_srv[1000]; 00244 unsigned char sec_cli[1000]; 00245 size_t ske_len = 0; 00246 size_t pub_cli_len = 0; 00247 size_t sec_srv_len = 1000; 00248 size_t sec_cli_len = 1000; 00249 int x_size; 00250 rnd_pseudo_info rnd_info; 00251 00252 memset( &ctx_srv, 0x00, sizeof( dhm_context ) ); 00253 memset( &ctx_cli, 0x00, sizeof( dhm_context ) ); 00254 memset( ske, 0x00, 1000 ); 00255 memset( pub_cli, 0x00, 1000 ); 00256 memset( sec_srv, 0x00, 1000 ); 00257 memset( sec_cli, 0x00, 1000 ); 00258 memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) ); 00259 00260 fct_chk( mpi_read_string( &ctx_srv.P, 10, "23" ) == 0 ); 00261 fct_chk( mpi_read_string( &ctx_srv.G, 10, "5" ) == 0 ); 00262 x_size = mpi_size( &ctx_srv.P ); 00263 00264 fct_chk( dhm_make_params( &ctx_srv, x_size, ske, &ske_len, &rnd_pseudo_rand, &rnd_info ) == 0 ); 00265 ske[ske_len++] = 0; 00266 ske[ske_len++] = 0; 00267 fct_chk( dhm_read_params( &ctx_cli, &p, ske + ske_len ) == 0 ); 00268 00269 pub_cli_len = x_size; 00270 fct_chk( dhm_make_public( &ctx_cli, x_size, pub_cli, pub_cli_len, &rnd_pseudo_rand, &rnd_info ) == 0 ); 00271 00272 fct_chk( dhm_read_public( &ctx_srv, pub_cli, pub_cli_len ) == 0 ); 00273 00274 fct_chk( dhm_calc_secret( &ctx_srv, sec_srv, &sec_srv_len ) == 0 ); 00275 fct_chk( dhm_calc_secret( &ctx_cli, sec_cli, &sec_cli_len ) == 0 ); 00276 00277 fct_chk( sec_srv_len == sec_cli_len ); 00278 fct_chk( sec_srv_len != 0 ); 00279 fct_chk( memcmp( sec_srv, sec_cli, sec_srv_len ) == 0 ); 00280 00281 dhm_free( &ctx_srv ); 00282 dhm_free( &ctx_cli ); 00283 } 00284 FCT_TEST_END(); 00285 00286 00287 FCT_TEST_BGN(diffie_hellman_full_exchange_2) 00288 { 00289 dhm_context ctx_srv; 00290 dhm_context ctx_cli; 00291 unsigned char ske[1000]; 00292 unsigned char *p = ske; 00293 unsigned char pub_cli[1000]; 00294 unsigned char sec_srv[1000]; 00295 unsigned char sec_cli[1000]; 00296 size_t ske_len = 0; 00297 size_t pub_cli_len = 0; 00298 size_t sec_srv_len = 1000; 00299 size_t sec_cli_len = 1000; 00300 int x_size; 00301 rnd_pseudo_info rnd_info; 00302 00303 memset( &ctx_srv, 0x00, sizeof( dhm_context ) ); 00304 memset( &ctx_cli, 0x00, sizeof( dhm_context ) ); 00305 memset( ske, 0x00, 1000 ); 00306 memset( pub_cli, 0x00, 1000 ); 00307 memset( sec_srv, 0x00, 1000 ); 00308 memset( sec_cli, 0x00, 1000 ); 00309 memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) ); 00310 00311 fct_chk( mpi_read_string( &ctx_srv.P, 10, "93450983094850938450983409623" ) == 0 ); 00312 fct_chk( mpi_read_string( &ctx_srv.G, 10, "9345098304850938450983409622" ) == 0 ); 00313 x_size = mpi_size( &ctx_srv.P ); 00314 00315 fct_chk( dhm_make_params( &ctx_srv, x_size, ske, &ske_len, &rnd_pseudo_rand, &rnd_info ) == 0 ); 00316 ske[ske_len++] = 0; 00317 ske[ske_len++] = 0; 00318 fct_chk( dhm_read_params( &ctx_cli, &p, ske + ske_len ) == 0 ); 00319 00320 pub_cli_len = x_size; 00321 fct_chk( dhm_make_public( &ctx_cli, x_size, pub_cli, pub_cli_len, &rnd_pseudo_rand, &rnd_info ) == 0 ); 00322 00323 fct_chk( dhm_read_public( &ctx_srv, pub_cli, pub_cli_len ) == 0 ); 00324 00325 fct_chk( dhm_calc_secret( &ctx_srv, sec_srv, &sec_srv_len ) == 0 ); 00326 fct_chk( dhm_calc_secret( &ctx_cli, sec_cli, &sec_cli_len ) == 0 ); 00327 00328 fct_chk( sec_srv_len == sec_cli_len ); 00329 fct_chk( sec_srv_len != 0 ); 00330 fct_chk( memcmp( sec_srv, sec_cli, sec_srv_len ) == 0 ); 00331 00332 dhm_free( &ctx_srv ); 00333 dhm_free( &ctx_cli ); 00334 } 00335 FCT_TEST_END(); 00336 00337 00338 FCT_TEST_BGN(diffie_hellman_full_exchange_2) 00339 { 00340 dhm_context ctx_srv; 00341 dhm_context ctx_cli; 00342 unsigned char ske[1000]; 00343 unsigned char *p = ske; 00344 unsigned char pub_cli[1000]; 00345 unsigned char sec_srv[1000]; 00346 unsigned char sec_cli[1000]; 00347 size_t ske_len = 0; 00348 size_t pub_cli_len = 0; 00349 size_t sec_srv_len = 1000; 00350 size_t sec_cli_len = 1000; 00351 int x_size; 00352 rnd_pseudo_info rnd_info; 00353 00354 memset( &ctx_srv, 0x00, sizeof( dhm_context ) ); 00355 memset( &ctx_cli, 0x00, sizeof( dhm_context ) ); 00356 memset( ske, 0x00, 1000 ); 00357 memset( pub_cli, 0x00, 1000 ); 00358 memset( sec_srv, 0x00, 1000 ); 00359 memset( sec_cli, 0x00, 1000 ); 00360 memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) ); 00361 00362 fct_chk( mpi_read_string( &ctx_srv.P, 10, "93450983094850938450983409623982317398171298719873918739182739712938719287391879381271" ) == 0 ); 00363 fct_chk( mpi_read_string( &ctx_srv.G, 10, "9345098309485093845098340962223981329819812792137312973297123912791271" ) == 0 ); 00364 x_size = mpi_size( &ctx_srv.P ); 00365 00366 fct_chk( dhm_make_params( &ctx_srv, x_size, ske, &ske_len, &rnd_pseudo_rand, &rnd_info ) == 0 ); 00367 ske[ske_len++] = 0; 00368 ske[ske_len++] = 0; 00369 fct_chk( dhm_read_params( &ctx_cli, &p, ske + ske_len ) == 0 ); 00370 00371 pub_cli_len = x_size; 00372 fct_chk( dhm_make_public( &ctx_cli, x_size, pub_cli, pub_cli_len, &rnd_pseudo_rand, &rnd_info ) == 0 ); 00373 00374 fct_chk( dhm_read_public( &ctx_srv, pub_cli, pub_cli_len ) == 0 ); 00375 00376 fct_chk( dhm_calc_secret( &ctx_srv, sec_srv, &sec_srv_len ) == 0 ); 00377 fct_chk( dhm_calc_secret( &ctx_cli, sec_cli, &sec_cli_len ) == 0 ); 00378 00379 fct_chk( sec_srv_len == sec_cli_len ); 00380 fct_chk( sec_srv_len != 0 ); 00381 fct_chk( memcmp( sec_srv, sec_cli, sec_srv_len ) == 0 ); 00382 00383 dhm_free( &ctx_srv ); 00384 dhm_free( &ctx_cli ); 00385 } 00386 FCT_TEST_END(); 00387 00388 } 00389 FCT_SUITE_END(); 00390 00391 #endif /* POLARSSL_DHM_C */ 00392 #endif /* POLARSSL_BIGNUM_C */ 00393 00394 } 00395 FCT_END(); 00396