Changeset View
Changeset View
Standalone View
Standalone View
b/cipher/rsa.c
Context not available. | |||||
}; | }; | ||||
/* A sample 1024 bit RSA key used for the selftests. */ | /* A sample 2048 bit RSA key used for the selftests. */ | ||||
static const char sample_secret_key[] = | static const char sample_secret_key[] = | ||||
"(private-key" | " (private-key" | ||||
" (rsa" | " (rsa" | ||||
" (n #00e0ce96f90b6c9e02f3922beada93fe50a875eac6bcc18bb9a9cf2e84965caa" | " (n #009F56231A3D82E3E7D613D59D53E9AB921BEF9F08A782AED0B6E46ADBC853EC" | ||||
" 2d1ff95a7f542465c6c0c19d276e4526ce048868a7a914fd343cc3a87dd74291" | " 7C71C422435A3CD8FA0DB9EFD55CD3295BADC4E8E2E2B94E15AE82866AB8ADE8" | ||||
" ffc565506d5bbb25cbac6a0e2dd1f8bcaab0d4a29c2f37c950f363484bf269f7" | " 7E469FAE76DC3577DE87F1F419C4EB41123DFAF8D16922D5EDBAD6E9076D5A1C" | ||||
" 891440464baf79827e03a36e70b814938eebdc63e964247be75dc58b014b7ea251#)" | " 958106F0AE5E2E9193C6B49124C64C2A241C4075D4AF16299EB87A6585BAE917" | ||||
" (e #010001#)" | " DEF27FCDD165764D069BC18D16527B29DAAB549F7BBED4A7C6A842D203ED6613" | ||||
" (d #046129f2489d71579be0a75fe029bd6cdb574ebf57ea8a5b0fda942cab943b11" | " 6E2411744E432CD26D940132F25874483DCAEECDFD95744819CBCF1EA810681C" | ||||
" 7d7bb95e5d28875e0f9fc5fcc06a72f6d502464dabded78ef6b716177b83d5bd" | " 42907EBCB1C7EAFBE75C87EC32C5413EA10476545D3FC7B2ADB1B66B7F200918" | ||||
" c543dc5d3fed932e59f5897e92e6f58a0f33424106a3b6fa2cbf877510e4ac21" | " 664B0E5261C2895AA28B0DE321E921B3F877172CCCAB81F43EF98002916156F6CB#)" | ||||
" c3ee47851e97d12996222ac3566d4ccb0b83d164074abf7de655fc2446da1781#)" | " (e #010001#)" | ||||
" (p #00e861b700e17e8afe6837e7512e35b6ca11d0ae47d8b85161c67baf64377213" | " (d #07EF82500C403899934FE993AC5A36F14FF2DF38CF1EF315F205EE4C83EDAA19" | ||||
" fe52d772f2035b3ca830af41d8a4120e1c1c70d12cc22f00d28d31dd48a8d424f1#)" | " 8890FC23DE9AA933CAFB37B6A8A8DBA675411958337287310D3FF2F1DDC0CB93" | ||||
" (q #00f7a7ca5367c661f8e62df34f0d05c10c88e5492348dd7bddc942c9a8f369f9" | " 7E70F57F75F833C021852B631D2B9A520E4431A03C5C3FCB5742DCD841D9FB12" | ||||
" 35a07785d2db805215ed786e4285df1658eed3ce84f469b81b50d358407b4ad361#)" | " 771AA1620DCEC3F1583426066ED9DC3F7028C5B59202C88FDF20396E2FA0EC4F" | ||||
" (u #304559a9ead56d2309d203811a641bb1a09626bc8eb36fffa23c968ec5bd891e" | " 5A22D9008F3043673931BC14A5046D6327398327900867E39CC61B2D1AFE2F48" | ||||
" ebbafc73ae666e01ba7c8990bae06cc2bbe10b75e69fcacb353a6473079d8e9b#)))"; | " EC8E1E3861C68D257D7425F4E6F99ABD77D61F10CA100EFC14389071831B33DD" | ||||
/* A sample 1024 bit RSA key used for the selftests (public only). */ | " 69CC8EABEF860D1DC2AAA84ABEAE5DFC91BC124DAF0F4C8EF5BBEA436751DE84" | ||||
" 3A8063E827A024466F44C28614F93B0732A100D4A0D86D532FE1E22C7725E401#)" | |||||
" (p #00C29D438F115825779631CD665A5739367F3E128ADC29766483A46CA80897E0" | |||||
" 79B32881860B8F9A6A04C2614A904F6F2578DAE13EA67CD60AE3D0AA00A1FF9B" | |||||
" 441485E44B2DC3D0B60260FBFE073B5AC72FAF67964DE15C8212C389D20DB9CF" | |||||
" 54AF6AEF5C4196EAA56495DD30CF709F499D5AB30CA35E086C2A1589D6283F1783#)" | |||||
" (q #00D1984135231CB243FE959C0CBEF551EDD986AD7BEDF71EDF447BE3DA27AF46" | |||||
" 79C974A6FA69E4D52FE796650623DE70622862713932AA2FD9F2EC856EAEAA77" | |||||
" 88B4EA6084DC81C902F014829B18EA8B2666EC41586818E0589E18876065F97E" | |||||
" 8D22CE2DA53A05951EC132DCEF41E70A9C35F4ACC268FFAC2ADF54FA1DA110B919#)" | |||||
" (u #67CF0FD7635205DD80FA814EE9E9C267C17376BF3209FB5D1BC42890D2822A04" | |||||
" 479DAF4D5B6ED69D0F8D1AF94164D07F8CD52ECEFE880641FA0F41DDAB1785E4" | |||||
" A37A32F997A516480B4CD4F6482B9466A1765093ED95023CA32D5EDC1E34CEE9" | |||||
" AF595BC51FE43C4BF810FA225AF697FB473B83815966188A4312C048B885E3F7#)))"; | |||||
/* A sample 2048 bit RSA key used for the selftests (public only). */ | |||||
static const char sample_public_key[] = | static const char sample_public_key[] = | ||||
"(public-key" | " (public-key" | ||||
" (rsa" | " (rsa" | ||||
" (n #00e0ce96f90b6c9e02f3922beada93fe50a875eac6bcc18bb9a9cf2e84965caa" | " (n #009F56231A3D82E3E7D613D59D53E9AB921BEF9F08A782AED0B6E46ADBC853EC" | ||||
" 2d1ff95a7f542465c6c0c19d276e4526ce048868a7a914fd343cc3a87dd74291" | " 7C71C422435A3CD8FA0DB9EFD55CD3295BADC4E8E2E2B94E15AE82866AB8ADE8" | ||||
" ffc565506d5bbb25cbac6a0e2dd1f8bcaab0d4a29c2f37c950f363484bf269f7" | " 7E469FAE76DC3577DE87F1F419C4EB41123DFAF8D16922D5EDBAD6E9076D5A1C" | ||||
" 891440464baf79827e03a36e70b814938eebdc63e964247be75dc58b014b7ea251#)" | " 958106F0AE5E2E9193C6B49124C64C2A241C4075D4AF16299EB87A6585BAE917" | ||||
" (e #010001#)))"; | " DEF27FCDD165764D069BC18D16527B29DAAB549F7BBED4A7C6A842D203ED6613" | ||||
" 6E2411744E432CD26D940132F25874483DCAEECDFD95744819CBCF1EA810681C" | |||||
" 42907EBCB1C7EAFBE75C87EC32C5413EA10476545D3FC7B2ADB1B66B7F200918" | |||||
" 664B0E5261C2895AA28B0DE321E921B3F877172CCCAB81F43EF98002916156F6CB#)" | |||||
" (e #010001#)))"; | |||||
␌ | ␌ | ||||
static int test_keys (RSA_secret_key *sk, unsigned nbits); | static int test_keys (RSA_secret_key *sk, unsigned nbits); | ||||
Context not available. | |||||
gcry_mpi_t f; | gcry_mpi_t f; | ||||
gcry_random_level_t random_level; | gcry_random_level_t random_level; | ||||
if (fips_mode ()) | if (fips_mode ()) // FIXME: fips mode doesn't actually use this function!? | ||||
{ | { | ||||
if (nbits < 1024) | if (nbits < 1024) | ||||
return GPG_ERR_INV_VALUE; | return GPG_ERR_INV_VALUE; | ||||
Context not available. | |||||
gen_x931_parm_xp (unsigned int nbits) | gen_x931_parm_xp (unsigned int nbits) | ||||
{ | { | ||||
gcry_mpi_t xp; | gcry_mpi_t xp; | ||||
gcry_mpi_t low; | |||||
gcry_mpi_t l1; | |||||
xp = mpi_snew (nbits); | xp = mpi_snew (nbits); | ||||
_gcry_mpi_randomize (xp, nbits, GCRY_VERY_STRONG_RANDOM); | l1 = mpi_new (nbits); | ||||
low = mpi_new (nbits); | |||||
/* The requirement for Xp is: | /* The requirement for Xp is: | ||||
sqrt{2}*2^{nbits-1} <= xp <= 2^{nbits} - 1 | sqrt{2}*2^{nbits-1} <= xp <= 2^{nbits} - 1 | ||||
We set the two high order bits to 1 to satisfy the lower bound. | sqrt(2)*2^31 = 3037000499.9760 => 3037000500 = 0xb504f334 | ||||
By using mpi_set_highbit we make sure that the upper bound is | |||||
satisfied as well. */ | We can use that as approximate lower bound by shifting it by | ||||
mpi_set_highbit (xp, nbits-1); | the amount of remaining bits to the left. | ||||
mpi_set_bit (xp, nbits-2); | |||||
0xb is 0b1011 so the first bit is set always. | |||||
mpi_set_highbit sets one bits and clears the ones above. So we | |||||
use that as upper bound. | |||||
*/ | |||||
_gcry_mpi_set_ui(l1, 0xb504f334); | |||||
_gcry_mpi_lshift(low, l1, nbits-32); | |||||
while (1) { | |||||
/* 4.2 */ | |||||
_gcry_mpi_randomize (xp, nbits, GCRY_VERY_STRONG_RANDOM); | |||||
mpi_set_highbit (xp, nbits-1); | |||||
/* 4.4 */ | |||||
if (_gcry_mpi_cmp(xp, low) >= 0) | |||||
break; | |||||
} | |||||
gcry_assert ( mpi_get_nbits (xp) == nbits ); | gcry_assert ( mpi_get_nbits (xp) == nbits ); | ||||
/* 4.3 must be odd */ | |||||
mpi_set_bit (xp, 0); | |||||
_gcry_mpi_release(l1); | |||||
_gcry_mpi_release(low); | |||||
return xp; | return xp; | ||||
} | } | ||||
Context not available. | |||||
} | } | ||||
static gpg_err_code_t | |||||
fips_186_4_prime_check(gcry_mpi_t x, unsigned int nbits, gcry_mpi_t e) | |||||
{ | |||||
gpg_err_code_t rc = GPG_ERR_NO_PRIME; | |||||
gcry_mpi_t g = mpi_snew (nbits); | |||||
gcry_mpi_t pm1 = mpi_snew (nbits); | |||||
mpi_sub_ui (pm1, x, 1); | |||||
if (mpi_gcd (g, pm1, e)) /* 4.5 */ | |||||
{ | |||||
/* 4.6 _gcry_prime_check uses 64 rounds which is waaay more | |||||
* than the required 4 or 5 but the internal check_prime is | |||||
* not exposed otherwise */ | |||||
if (_gcry_prime_check(x, 0) == 0) | |||||
rc = GPG_ERR_NO_ERROR; | |||||
} | |||||
_gcry_mpi_release (g); | |||||
_gcry_mpi_release (pm1); | |||||
return rc; | |||||
} | |||||
/* Variant of the standard key generation code using the algorithm | /* Variant of the standard key generation code using the algorithm | ||||
from X9.31. Using this algorithm has the advantage that the | from X9.31. Using this algorithm has the advantage that the | ||||
Context not available. | |||||
if (nbits < 1024 || (nbits % 256)) | if (nbits < 1024 || (nbits % 256)) | ||||
return GPG_ERR_INV_VALUE; | return GPG_ERR_INV_VALUE; | ||||
if (fips_mode()) | |||||
{ | |||||
/* SP 800-57 only allows to generate 2048 and 3072 bit keys after 2014 */ | |||||
if (nbits != 2048 && nbits != 3072) | |||||
return GPG_ERR_INV_VALUE; | |||||
/* according to FIPS.186-4 e must be > 2^16 (B 3.1 pg 52) */ | |||||
if (e_value <= 1<<16) | |||||
return GPG_ERR_INV_VALUE; | |||||
} | |||||
else | |||||
{ | |||||
/* Point 2: 2 <= bitlength(e) < 2^{k-2} | /* Point 2: 2 <= bitlength(e) < 2^{k-2} | ||||
Note that we do not need to check the upper bound because we use | Note that we do not need to check the upper bound because we use | ||||
an unsigned long for E and thus there is no way for E to reach | an unsigned long for E and thus there is no way for E to reach | ||||
that limit. */ | that limit. */ | ||||
if (e_value < 3) | if (e_value < 3) | ||||
return GPG_ERR_INV_VALUE; | return GPG_ERR_INV_VALUE; | ||||
} | |||||
/* Our implementaion requires E to be odd. */ | /* Our implementaion requires E to be odd. */ | ||||
if (!(e_value & 1)) | if (!(e_value & 1)) | ||||
Context not available. | |||||
/* Point 3: e > 0 or e 0 if it is to be randomly generated. | /* Point 3: e > 0 or e 0 if it is to be randomly generated. | ||||
We support only a fixed E and thus there is no need for an extra test. */ | We support only a fixed E and thus there is no need for an extra test. */ | ||||
e = mpi_alloc_set_ui (e_value); | |||||
/* Compute or extract the derive parameters. */ | /* Compute or extract the derive parameters. */ | ||||
do | |||||
{ | { | ||||
gcry_mpi_t xp1 = NULL; | gcry_mpi_t xp1 = NULL; | ||||
gcry_mpi_t xp2 = NULL; | gcry_mpi_t xp2 = NULL; | ||||
Context not available. | |||||
if (!deriveparms) | if (!deriveparms) | ||||
{ | { | ||||
/* Not given: Generate them. */ | /* Not given: Generate them. */ | ||||
xp = gen_x931_parm_xp (nbits/2); | unsigned i = 0; | ||||
while(1) | |||||
{ | |||||
_gcry_mpi_release (xp); | |||||
xp = gen_x931_parm_xp (nbits/2); | |||||
if (!fips_mode()) | |||||
break; | |||||
if (fips_186_4_prime_check(xp, nbits/2, e) == GPG_ERR_NO_ERROR) | |||||
break; | |||||
++i; | |||||
if (i >= 5*(nbits/2)) { | |||||
_gcry_mpi_release (xp); | |||||
_gcry_mpi_release (e); | |||||
return GPG_ERR_NO_PRIME; | |||||
} | |||||
} | |||||
/* Make sure that |xp - xq| > 2^{nbits - 100} holds. */ | /* Make sure that |xp - xq| > 2^{nbits - 100} holds. */ | ||||
tmpval = mpi_snew (nbits/2); | tmpval = mpi_snew (nbits/2); | ||||
do | while(1) | ||||
{ | { | ||||
_gcry_mpi_release (xq); | do | ||||
xq = gen_x931_parm_xp (nbits/2); | { | ||||
mpi_sub (tmpval, xp, xq); | _gcry_mpi_release (xq); | ||||
} | xq = gen_x931_parm_xp (nbits/2); | ||||
while (mpi_get_nbits (tmpval) <= (nbits/2 - 100)); | mpi_sub (tmpval, xp, xq); | ||||
} | |||||
while (mpi_get_nbits (tmpval) <= (nbits/2 - 100)); | |||||
if (!fips_mode()) | |||||
break; | |||||
if (fips_186_4_prime_check(xq, nbits/2, e) == GPG_ERR_NO_ERROR) | |||||
break; | |||||
++i; | |||||
if (i >= 5*(nbits/2)) { | |||||
_gcry_mpi_release (xp); | |||||
_gcry_mpi_release (xq); | |||||
_gcry_mpi_release (e); | |||||
return GPG_ERR_NO_PRIME; | |||||
} | |||||
} | |||||
_gcry_mpi_release (tmpval); | _gcry_mpi_release (tmpval); | ||||
xp1 = gen_x931_parm_xi (); | if (fips_mode()) | ||||
xp2 = gen_x931_parm_xi (); | { | ||||
xq1 = gen_x931_parm_xi (); | p = xp; xp = NULL; | ||||
xq2 = gen_x931_parm_xi (); | q = xq; xq = NULL; | ||||
break; | |||||
} | |||||
else | |||||
{ | |||||
xp1 = gen_x931_parm_xi (); | |||||
xp2 = gen_x931_parm_xi (); | |||||
xq1 = gen_x931_parm_xi (); | |||||
xq2 = gen_x931_parm_xi (); | |||||
} | |||||
} | } | ||||
else | else | ||||
{ | { | ||||
Context not available. | |||||
/* At least one parameter is missing. */ | /* At least one parameter is missing. */ | ||||
for (idx=0; tbl[idx].name; idx++) | for (idx=0; tbl[idx].name; idx++) | ||||
_gcry_mpi_release (*tbl[idx].value); | _gcry_mpi_release (*tbl[idx].value); | ||||
_gcry_mpi_release (e); | |||||
return GPG_ERR_MISSING_VALUE; | return GPG_ERR_MISSING_VALUE; | ||||
} | } | ||||
} | } | ||||
e = mpi_alloc_set_ui (e_value); | /* only used in non-fips mode */ | ||||
/* Find two prime numbers. */ | /* Find two prime numbers. */ | ||||
p = _gcry_derive_x931_prime (xp, xp1, xp2, e, NULL, NULL); | p = _gcry_derive_x931_prime (xp, xp1, xp2, e, NULL, NULL); | ||||
q = _gcry_derive_x931_prime (xq, xq1, xq2, e, NULL, NULL); | q = _gcry_derive_x931_prime (xq, xq1, xq2, e, NULL, NULL); | ||||
Context not available. | |||||
return GPG_ERR_NO_PRIME; | return GPG_ERR_NO_PRIME; | ||||
} | } | ||||
} | } | ||||
while(0); | |||||
/* Compute the public modulus. We make sure that p is smaller than | /* Compute the public modulus. We make sure that p is smaller than | ||||
Context not available. | |||||
*/ | */ | ||||
static const char * | static const char * | ||||
selftest_sign_1024 (gcry_sexp_t pkey, gcry_sexp_t skey) | selftest_sign_2048 (gcry_sexp_t pkey, gcry_sexp_t skey) | ||||
{ | { | ||||
static const char sample_data[] = | static const char sample_data[] = | ||||
"(data (flags pkcs1)" | "(data (flags pkcs1)" | ||||
" (hash sha1 #11223344556677889900aabbccddeeff10203040#))"; | " (hash sha256 #11223344556677889900aabbccddeeff102030405060708090a0b0c0d0f01121#))"; | ||||
static const char sample_data_bad[] = | static const char sample_data_bad[] = | ||||
"(data (flags pkcs1)" | "(data (flags pkcs1)" | ||||
" (hash sha1 #11223344556677889900aabbccddeeff80203040#))"; | " (hash sha256 #11223344556677889900aabbccddeeff802030405060708090a0b0c0d0f01121#))"; | ||||
const char *errtxt = NULL; | const char *errtxt = NULL; | ||||
gcry_error_t err; | gcry_error_t err; | ||||
gcry_sexp_t data = NULL; | gcry_sexp_t data = NULL; | ||||
gcry_sexp_t data_bad = NULL; | gcry_sexp_t data_bad = NULL; | ||||
gcry_sexp_t sig = NULL; | gcry_sexp_t sig = NULL; | ||||
/* raw signature data reference */ | |||||
const char ref_data[] = | |||||
"6252a19a11e1d5155ed9376036277193d644fa239397fff03e9b92d6f86415d6" | |||||
"d30da9273775f290e580d038295ff8ff89522becccfa6ae870bf76b76df402a8" | |||||
"54f69347e3db3de8e1e7d4dada281ec556810c7a8ecd0b5f51f9b1c0e7aa7557" | |||||
"61aa2b8ba5f811304acc6af0eca41fe49baf33bf34eddaf44e21e036ac7f0b68" | |||||
"03cdef1c60021fb7b5b97ebacdd88ab755ce29af568dbc5728cc6e6eff42618d" | |||||
"62a0386ca8beed46402bdeeef29b6a3feded906bace411a06a39192bf516ae10" | |||||
"67e4320fa8ea113968525f4574d022a3ceeaafdc41079efe1f22cc94bf59d8d3" | |||||
"328085da9674857db56de5978a62394aab48aa3b72e23a1b16260cfd9daafe65"; | |||||
gcry_mpi_t ref_mpi = NULL; | |||||
gcry_mpi_t sig_mpi = NULL; | |||||
err = sexp_sscan (&data, NULL, sample_data, strlen (sample_data)); | err = sexp_sscan (&data, NULL, sample_data, strlen (sample_data)); | ||||
if (!err) | if (!err) | ||||
Context not available. | |||||
errtxt = "signing failed"; | errtxt = "signing failed"; | ||||
goto leave; | goto leave; | ||||
} | } | ||||
err = _gcry_mpi_scan(&ref_mpi, GCRYMPI_FMT_HEX, ref_data, 0, NULL); | |||||
if (err) | |||||
{ | |||||
errtxt = "converting ref_data to mpi failed"; | |||||
goto leave; | |||||
} | |||||
err = _gcry_sexp_extract_param(sig, "sig-val!rsa", "s", &sig_mpi, NULL); | |||||
if (err) | |||||
{ | |||||
errtxt = "extracting signature data failed"; | |||||
goto leave; | |||||
} | |||||
if (mpi_cmp (sig_mpi, ref_mpi)) | |||||
{ | |||||
errtxt = "signature does not match reference data"; | |||||
goto leave; | |||||
} | |||||
err = _gcry_pk_verify (sig, data, pkey); | err = _gcry_pk_verify (sig, data, pkey); | ||||
if (err) | if (err) | ||||
{ | { | ||||
Context not available. | |||||
sexp_release (sig); | sexp_release (sig); | ||||
sexp_release (data_bad); | sexp_release (data_bad); | ||||
sexp_release (data); | sexp_release (data); | ||||
_gcry_mpi_release (ref_mpi); | |||||
return errtxt; | return errtxt; | ||||
} | } | ||||
Context not available. | |||||
static const char * | static const char * | ||||
selftest_encr_1024 (gcry_sexp_t pkey, gcry_sexp_t skey) | selftest_encr_2048 (gcry_sexp_t pkey, gcry_sexp_t skey) | ||||
{ | { | ||||
const char *errtxt = NULL; | const char *errtxt = NULL; | ||||
gcry_error_t err; | gcry_error_t err; | ||||
const unsigned int nbits = 1000; /* Encrypt 1000 random bits. */ | const char plaintext[] = "Jim quickly realized that the beautiful gowns are expensive."; | ||||
gcry_mpi_t plaintext = NULL; | |||||
gcry_sexp_t plain = NULL; | gcry_sexp_t plain = NULL; | ||||
gcry_sexp_t encr = NULL; | gcry_sexp_t encr = NULL; | ||||
gcry_mpi_t ciphertext = NULL; | gcry_mpi_t ciphertext = NULL; | ||||
gcry_sexp_t decr = NULL; | gcry_sexp_t decr = NULL; | ||||
gcry_mpi_t decr_plaintext = NULL; | char *decr_plaintext = NULL; | ||||
gcry_sexp_t tmplist = NULL; | gcry_sexp_t tmplist = NULL; | ||||
/* expected result of encrypting the plaintext with sample_secret_key */ | |||||
/* Create plaintext. The plaintext is actually a big integer number. */ | const char ref_data[] = | ||||
plaintext = mpi_new (nbits); | "18022e2593a402a737caaa93b4c7e750e20ca265452980e1d6b7710fbd3e" | ||||
_gcry_mpi_randomize (plaintext, nbits, GCRY_WEAK_RANDOM); | "7dce72be5c2110fb47691cb38f42170ee3b4a37f2498d4a51567d762585e" | ||||
"4cb81d04fbc7df4144f8e5eac2d4b8688521b64011f11d7ad53f4c874004" | |||||
"819856f2e2a6f83d1c9c4e73ac26089789c14482b0b8d44139133c88c4a5" | |||||
"2dba9dd6d6ffc622666b7d129168333d999706af30a2d7d272db7734e5ed" | |||||
"fb8c64ea3018af3ad20f4a013a5060cb0f5e72753967bebe294280a6ed0d" | |||||
"dbd3c4f11d0a8696e9d32a0dc03deb0b5e49b2cbd1503392642d4e1211f3" | |||||
"e8e2ee38abaa3671ccd57fcde8ca76e85fd2cb77c35706a970a213a27352" | |||||
"cec92a9604d543ddb5fc478ff50e0622"; | |||||
gcry_mpi_t ref_mpi = NULL; | |||||
/* Put the plaintext into an S-expression. */ | /* Put the plaintext into an S-expression. */ | ||||
err = sexp_build (&plain, NULL, "(data (flags raw) (value %m))", plaintext); | err = sexp_build (&plain, NULL, "(data (flags raw) (value %s))", plaintext); | ||||
if (err) | if (err) | ||||
{ | { | ||||
errtxt = "converting data failed"; | errtxt = "converting data failed"; | ||||
Context not available. | |||||
goto leave; | goto leave; | ||||
} | } | ||||
err = _gcry_mpi_scan(&ref_mpi, GCRYMPI_FMT_HEX, ref_data, 0, NULL); | |||||
if (err) | |||||
{ | |||||
errtxt = "converting encrydata to mpi failed"; | |||||
goto leave; | |||||
} | |||||
/* Extraxt the ciphertext from the returned S-expression. */ | /* Extraxt the ciphertext from the returned S-expression. */ | ||||
/*sexp_dump (encr);*/ | /*sexp_dump (encr);*/ | ||||
ciphertext = extract_a_from_sexp (encr); | ciphertext = extract_a_from_sexp (encr); | ||||
Context not available. | |||||
/* Check that the ciphertext does no match the plaintext. */ | /* Check that the ciphertext does no match the plaintext. */ | ||||
/* _gcry_log_printmpi ("plaintext", plaintext); */ | /* _gcry_log_printmpi ("plaintext", plaintext); */ | ||||
/* _gcry_log_printmpi ("ciphertxt", ciphertext); */ | /* _gcry_log_printmpi ("ciphertxt", ciphertext); */ | ||||
if (!mpi_cmp (plaintext, ciphertext)) | if (mpi_cmp (ref_mpi, ciphertext)) | ||||
{ | { | ||||
errtxt = "ciphertext matches plaintext"; | errtxt = "ciphertext doesn't match reference data"; | ||||
goto leave; | goto leave; | ||||
} | } | ||||
Context not available. | |||||
take care of it anyway. */ | take care of it anyway. */ | ||||
tmplist = sexp_find_token (decr, "value", 0); | tmplist = sexp_find_token (decr, "value", 0); | ||||
if (tmplist) | if (tmplist) | ||||
decr_plaintext = sexp_nth_mpi (tmplist, 1, GCRYMPI_FMT_USG); | decr_plaintext = sexp_nth_string (tmplist, 1); | ||||
else | else | ||||
decr_plaintext = sexp_nth_mpi (decr, 0, GCRYMPI_FMT_USG); | decr_plaintext = sexp_nth_string (decr, 0); | ||||
if (!decr_plaintext) | if (!decr_plaintext) | ||||
{ | { | ||||
errtxt = "decrypt returned no plaintext"; | errtxt = "decrypt returned no plaintext"; | ||||
Context not available. | |||||
} | } | ||||
/* Check that the decrypted plaintext matches the original plaintext. */ | /* Check that the decrypted plaintext matches the original plaintext. */ | ||||
if (mpi_cmp (plaintext, decr_plaintext)) | if (strcmp (plaintext, decr_plaintext)) | ||||
{ | { | ||||
errtxt = "mismatch"; | errtxt = "mismatch"; | ||||
goto leave; | goto leave; | ||||
Context not available. | |||||
leave: | leave: | ||||
sexp_release (tmplist); | sexp_release (tmplist); | ||||
_gcry_mpi_release (decr_plaintext); | free (decr_plaintext); | ||||
sexp_release (decr); | sexp_release (decr); | ||||
_gcry_mpi_release (ciphertext); | _gcry_mpi_release (ciphertext); | ||||
_gcry_mpi_release (ref_mpi); | |||||
sexp_release (encr); | sexp_release (encr); | ||||
sexp_release (plain); | sexp_release (plain); | ||||
_gcry_mpi_release (plaintext); | |||||
return errtxt; | return errtxt; | ||||
} | } | ||||
Context not available. | |||||
} | } | ||||
what = "sign"; | what = "sign"; | ||||
errtxt = selftest_sign_1024 (pkey, skey); | errtxt = selftest_sign_2048 (pkey, skey); | ||||
if (errtxt) | if (errtxt) | ||||
goto failed; | goto failed; | ||||
what = "encrypt"; | what = "encrypt"; | ||||
errtxt = selftest_encr_1024 (pkey, skey); | errtxt = selftest_encr_2048 (pkey, skey); | ||||
if (errtxt) | if (errtxt) | ||||
goto failed; | goto failed; | ||||
Context not available. |