]> git.saurik.com Git - apple/network_cmds.git/blob - eaytest.tproj/eaytest.c
projects / apple / network_cmds.git / blob
? search:


0f046d437b9f866a7132881348ab3e762295741a
[apple/network_cmds.git] / eaytest.tproj / eaytest.c
1 /* $KAME: eaytest.c,v 1.38 2001/11/16 04:12:59 sakane Exp $ */
2
3 /*
4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the project nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32 #include <sys/types.h>
33 #include <sys/stat.h>
34 #include <sys/socket.h>
35
36 #include <netinet/in.h>
37
38 #include <stdlib.h>
39 #include <stdio.h>
40 #include <string.h>
41 #include <limits.h>
42 #include <dirent.h>
43 #include <fcntl.h>
44 #include <unistd.h>
45 #include <err.h>
46
47 #include <openssl/bio.h>
48 #include <openssl/pem.h>
49
50 #include "var.h"
51 #include "vmbuf.h"
52 #include "misc.h"
53 #include "debug.h"
54 #include "str2val.h"
55
56 #include "oakley.h"
57 #include "dhgroup.h"
58 #include "crypto_openssl.h"
59
60 #define PVDUMP(var) hexdump((var)->v, (var)->l)
61
62 u_int32_t loglevel = 4;
63
64 /* prototype */
65
66 void rsatest __P((int, char **));
67 static vchar_t *pem_read_buf __P((char *));
68 void certtest __P((int, char **));
69 static char **getcerts __P((char *));
70 void ciphertest __P((int, char **));
71 void hmactest __P((int, char **));
72 void sha2test __P((int, char **));
73 void sha1test __P((int, char **));
74 void md5test __P((int, char **));
75 void dhtest __P((int, char **));
76 void bntest __P((int, char **));
77 void Usage __P((void));
78
79 /* test */
80
81 void
82 rsatest(ac, av)
83 int ac;
84 char **av;
85 {
86 char *text = "this is test.";
87 vchar_t src;
88 vchar_t *priv, *pub, *sig;
89 int error;
90
91 char *pkcs1 =
92 "-----BEGIN RSA PRIVATE KEY-----\n"
93 "MIICXQIBAAKBgQChe5/Fzk9SA0vCKBOcu9jBcLb9oLv50PeuEfQojhakY+OH8A3Q\n"
94 "M8A0qIDG6uhTNGPvzCWb/+mKeOB48n5HJpLxlDFyP3kyd2yXHIZ/MN8g1nh4FsB0\n"
95 "iTkk8QUCJkkan6FCOBrIeLEsGA5AdodzuR+khnCMt8vO+NFHZYKAQeynyQIDAQAB\n"
96 "AoGAOfDcnCHxjhDGrwyoNNWl6Yqi7hAtQm67YAbrH14UO7nnmxAENM9MyNgpFLaW\n"
97 "07v5m8IZQIcradcDXAJOUwNBN8E06UflwEYCaScIwndvr5UpVlN3e2NC6Wyg2yC7\n"
98 "GarxQput3zj35XNR5bK42UneU0H6zDxpHWqI1SwE+ToAHu0CQQDNl9gUJTpg0L09\n"
99 "HkbE5jeb8bA5I20nKqBOBP0v5tnzpwu41umQwk9I7Ru0ucD7j+DW4k8otadW+FnI\n"
100 "G1M1MpSjAkEAyRMt4bN8otfpOpsOQWzw4jQtouohOxRFCrQTntHhU20PrQnQLZWs\n"
101 "pOVzqCjRytYtkPEUA1z8QK5gGcVPcOQsowJBALmt2rwPB1NrEo5Bat7noO+Zb3Ob\n"
102 "WDiYWeE8xkHd95gDlSWiC53ur9aINo6ZeP556jGIgL+el/yHHecJLrQL84sCQH48\n"
103 "zUxq/C/cb++8UzneJGlPqusiJNTLiAENR1gpmlZfHT1c8Nb9phMsfu0vG29GAfuC\n"
104 "bzchVLljALCNQK+2gRMCQQCNIgN+R9mRWZhFAcC1sq++YnuSBlw4VwdL/fd1Yg9e\n"
105 "Ul+U98yPl/NXt8Rs4TRBFcOZjkFI8xv0hQtevTgTmgz+\n"
106 "-----END RSA PRIVATE KEY-----\n\n";
107 char *pubkey =
108 "-----BEGIN PUBLIC KEY-----\n"
109 "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQChe5/Fzk9SA0vCKBOcu9jBcLb9\n"
110 "oLv50PeuEfQojhakY+OH8A3QM8A0qIDG6uhTNGPvzCWb/+mKeOB48n5HJpLxlDFy\n"
111 "P3kyd2yXHIZ/MN8g1nh4FsB0iTkk8QUCJkkan6FCOBrIeLEsGA5AdodzuR+khnCM\n"
112 "t8vO+NFHZYKAQeynyQIDAQAB\n"
113 "-----END PUBLIC KEY-----\n\n";
114
115 priv = pem_read_buf(pkcs1);
116
117 src.v = text;
118 src.l = strlen(text);
119
120 /* sign */
121 sig = eay_rsa_sign(&src, priv);
122 if (sig == NULL)
123 printf("sign failed. %s\n", eay_strerror());
124 printf("RSA signed data.\n");
125 PVDUMP(sig);
126
127 /* verify */
128 pub = pem_read_buf(pubkey);
129 error = eay_rsa_verify(&src, sig, pub);
130 if (error)
131 printf("verifying failed.\n");
132 else
133 printf("verified.\n");
134 }
135
136 static vchar_t *
137 pem_read_buf(buf)
138 char *buf;
139 {
140 BIO *bio;
141 char *nm = NULL, *header = NULL;
142 unsigned char *data = NULL;
143 long len;
144 vchar_t *ret;
145 int error;
146
147 bio = BIO_new_mem_buf(buf, strlen(buf));
148 error = PEM_read_bio(bio, &nm, &header, &data, &len);
149 if (error == 0)
150 errx(1, "%s", eay_strerror());
151 ret = vmalloc(len);
152 if (ret == NULL)
153 err(1, "vmalloc");
154 memcpy(ret->v, data, len);
155
156 return ret;
157 }
158
159 void
160 certtest(ac, av)
161 int ac;
162 char **av;
163 {
164 char *certpath;
165 char **certs;
166 int type;
167 int error;
168
169 printf("\n**Test for Certificate.**\n");
170
171 {
172 char dnstr[] = "C=JP, ST=Kanagawa, L=Fujisawa, O=WIDE Project, OU=KAME Project, CN=Shoichi Sakane/Email=sakane@kame.net";
173 vchar_t *asn1dn = NULL, asn1dn0;
174 char dn0[] = {
175 0x30,0x81,0x9a,0x31,0x0b,0x30,0x09,0x06,
176 0x03,0x55,0x04,0x06,0x13,0x02,0x4a,0x50,
177 0x31,0x11,0x30,0x0f,0x06,0x03,0x55,0x04,
178 0x08,0x13,0x08,0x4b,0x61,0x6e,0x61,0x67,
179 0x61,0x77,0x61,0x31,0x11,0x30,0x0f,0x06,
180 0x03,0x55,0x04,0x07,0x13,0x08,0x46,0x75,
181 0x6a,0x69,0x73,0x61,0x77,0x61,0x31,0x15,
182 0x30,0x13,0x06,0x03,0x55,0x04,0x0a,0x13,
183 0x0c,0x57,0x49,0x44,0x45,0x20,0x50,0x72,
184 0x6f,0x6a,0x65,0x63,0x74,0x31,0x15,0x30,
185 0x13,0x06,0x03,0x55,0x04,0x0b,0x13,0x0c,
186 0x4b,0x41,0x4d,0x45,0x20,0x50,0x72,0x6f,
187 0x6a,0x65,0x63,0x74,0x31,0x17,0x30,0x15,
188 0x06,0x03,0x55,0x04,0x03,0x13,0x0e,0x53,
189 0x68,0x6f,0x69,0x63,0x68,0x69,0x20,0x53,
190 0x61,0x6b,0x61,0x6e,0x65,0x31,0x1e,0x30,
191 0x1c,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,
192 0x0d,0x01,0x09,0x01,
193 0x0c, /* <== XXX */
194 0x0f,0x73,0x61,
195 0x6b,0x61,0x6e,0x65,0x40,0x6b,0x61,0x6d,
196 0x65,0x2e,0x6e,0x65,0x74,
197 };
198
199 printf("check to convert the string into subjectName.\n");
200 printf("%s\n", dnstr);
201
202 asn1dn0.v = dn0;
203 asn1dn0.l = sizeof(dn0);
204
205 asn1dn = eay_str2asn1dn(dnstr, sizeof(dnstr));
206 if (asn1dn == NULL || asn1dn->l != asn1dn0.l)
207 errx(1, "asn1dn length mismatched.\n");
208
209 /*
210 * NOTE: The value pointed by "<==" above is different from the
211 * return of eay_str2asn1dn(). but eay_cmp_asn1dn() can distinguish
212 * both of the names are same name.
213 */
214 if (eay_cmp_asn1dn(&asn1dn0, asn1dn))
215 errx(1, "asn1dn mismatched.\n");
216 vfree(asn1dn);
217
218 printf("succeed.\n");
219 }
220
221 eay_init_error();
222
223 /* get certs */
224 if (ac > 1) {
225 certpath = *(av + 1);
226 certs = getcerts(certpath);
227 } else {
228 printf("\nCAUTION: These certificates are probably invalid "
229 "on your environment because you don't have their "
230 "issuer's certs in your environment.\n\n");
231
232 certpath = "/usr/local/openssl/certs";
233 certs = getcerts(NULL);
234 }
235
236 while (*certs != NULL) {
237
238 vchar_t c;
239 char *str;
240 vchar_t *vstr;
241
242 printf("===CERT===\n");
243
244 c.v = *certs;
245 c.l = strlen(*certs);
246
247 /* print text */
248 str = eay_get_x509text(&c);
249 printf("%s", str);
250 racoon_free(str);
251
252 /* print ASN.1 of subject name */
253 vstr = eay_get_x509asn1subjectname(&c);
254 if (!vstr)
255 return;
256 PVDUMP(vstr);
257 printf("\n");
258 vfree(vstr);
259
260 /* print subject alt name */
261 {
262 int pos;
263 for (pos = 1; ; pos++) {
264 error = eay_get_x509subjectaltname(&c, &str, &type, pos);
265 if (error) {
266 printf("no subjectaltname found.\n");
267 break;
268 }
269 if (!str)
270 break;
271 printf("SubjectAltName: %d: %s\n", type, str);
272 racoon_free(str);
273 }
274 }
275
276 error = eay_check_x509cert(&c, certpath);
277 if (error)
278 printf("ERROR: cert is invalid.\n");
279 printf("\n");
280
281 certs++;
282 }
283 }
284
285 static char **
286 getcerts(path)
287 char *path;
288 {
289 char **certs = NULL, **p;
290 DIR *dirp;
291 struct dirent *dp;
292 struct stat sb;
293 char buf[512];
294 int len;
295 int n;
296 int fd;
297
298 static char *samplecerts[] = {
299 /* self signed */
300 "-----BEGIN CERTIFICATE-----\n"
301 "MIICpTCCAg4CAQAwDQYJKoZIhvcNAQEEBQAwgZoxCzAJBgNVBAYTAkpQMREwDwYD\n"
302 "VQQIEwhLYW5hZ2F3YTERMA8GA1UEBxMIRnVqaXNhd2ExFTATBgNVBAoTDFdJREUg\n"
303 "UHJvamVjdDEVMBMGA1UECxMMS0FNRSBQcm9qZWN0MRcwFQYDVQQDEw5TaG9pY2hp\n"
304 "IFNha2FuZTEeMBwGCSqGSIb3DQEJARYPc2FrYW5lQGthbWUubmV0MB4XDTAwMDgy\n"
305 "NDAxMzc0NFoXDTAwMDkyMzAxMzc0NFowgZoxCzAJBgNVBAYTAkpQMREwDwYDVQQI\n"
306 "EwhLYW5hZ2F3YTERMA8GA1UEBxMIRnVqaXNhd2ExFTATBgNVBAoTDFdJREUgUHJv\n"
307 "amVjdDEVMBMGA1UECxMMS0FNRSBQcm9qZWN0MRcwFQYDVQQDEw5TaG9pY2hpIFNh\n"
308 "a2FuZTEeMBwGCSqGSIb3DQEJARYPc2FrYW5lQGthbWUubmV0MIGfMA0GCSqGSIb3\n"
309 "DQEBAQUAA4GNADCBiQKBgQCpIQG/H3zn4czAmPBcbkDrYxE1A9vcpghpib3Of0Op\n"
310 "SsiWIBOyIMiVAzK/I/JotWp3Vdn5fzGp/7DGAbWXAALas2xHkNmTMPpu6qhmNQ57\n"
311 "kJHZHal24mgc1hwbrI9fb5olvIexx9a1riNPnKMRVHzXYizsyMbf+lJJmZ8QFhWN\n"
312 "twIDAQABMA0GCSqGSIb3DQEBBAUAA4GBACKs6X/BYycuHI3iop403R3XWMHHnNBN\n"
313 "5XTHVWiWgR1cMWkq/dp51gn+nPftpdAaYGpqGkiHGhZcXLoBaX9uON3p+7av+sQN\n"
314 "plXwnvUf2Zsgu+fojskS0gKcDlYiq1O8TOaBgJouFZgr1q6PiYjVEJGogAP28+HN\n"
315 "M4o+GBFbFoqK\n"
316 "-----END CERTIFICATE-----\n\n",
317 /* signed by SSH testing CA + CA1 + CA2 */
318 "-----BEGIN X509 CERTIFICATE-----\n"
319 "MIICtTCCAj+gAwIBAgIEOaR8NjANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJG\n"
320 "STEkMCIGA1UEChMbU1NIIENvbW11bmljYXRpb25zIFNlY3VyaXR5MREwDwYDVQQL\n"
321 "EwhXZWIgdGVzdDEbMBkGA1UEAxMSVGVzdCBDQSAxIHN1YiBjYSAyMB4XDTAwMDgy\n"
322 "NDAwMDAwMFoXDTAwMTAwMTAwMDAwMFowgZoxCzAJBgNVBAYTAkpQMREwDwYDVQQI\n"
323 "EwhLYW5hZ2F3YTERMA8GA1UEBxMIRnVqaXNhd2ExFTATBgNVBAoTDFdJREUgUHJv\n"
324 "amVjdDEVMBMGA1UECxMMS0FNRSBQcm9qZWN0MRcwFQYDVQQDEw5TaG9pY2hpIFNh\n"
325 "a2FuZTEeMBwGCSqGSIb3DQEJAQwPc2FrYW5lQGthbWUubmV0MIGfMA0GCSqGSIb3\n"
326 "DQEBAQUAA4GNADCBiQKBgQCpIQG/H3zn4czAmPBcbkDrYxE1A9vcpghpib3Of0Op\n"
327 "SsiWIBOyIMiVAzK/I/JotWp3Vdn5fzGp/7DGAbWXAALas2xHkNmTMPpu6qhmNQ57\n"
328 "kJHZHal24mgc1hwbrI9fb5olvIexx9a1riNPnKMRVHzXYizsyMbf+lJJmZ8QFhWN\n"
329 "twIDAQABo18wXTALBgNVHQ8EBAMCBaAwGgYDVR0RBBMwEYEPc2FrYW5lQGthbWUu\n"
330 "bmV0MDIGA1UdHwQrMCkwJ6AloCOGIWh0dHA6Ly9sZGFwLnNzaC5maS9jcmxzL2Nh\n"
331 "MS0yLmNybDANBgkqhkiG9w0BAQUFAANhADtaqual41OWshF/rwCTuR6zySBJysGp\n"
332 "+qjkp5efCiYKhAu1L4WXlMsV/SNdzspui5tHasPBvUw8gzFsU/VW/B2zuQZkimf1\n"
333 "u6ZPjUb/vt8vLOPScP5MeH7xrTk9iigsqQ==\n"
334 "-----END X509 CERTIFICATE-----\n\n",
335 /* VP100 */
336 "-----BEGIN CERTIFICATE-----\n"
337 "MIICXzCCAcigAwIBAgIEOXGBIzANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJG\n"
338 "STEkMCIGA1UEChMbU1NIIENvbW11bmljYXRpb25zIFNlY3VyaXR5MREwDwYDVQQL\n"
339 "EwhXZWIgdGVzdDESMBAGA1UEAxMJVGVzdCBDQSAxMB4XDTAwMDcxNjAwMDAwMFoX\n"
340 "DTAwMDkwMTAwMDAwMFowNTELMAkGA1UEBhMCanAxETAPBgNVBAoTCHRhaGl0ZXN0\n"
341 "MRMwEQYDVQQDEwpmdXJ1a2F3YS0xMIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKB\n"
342 "gQDUmI2RaAuoLvtRDbASwRhbkj/Oq0BBIKgAqbFknc/EanJSQwZQu82gD88nf7gG\n"
343 "VEioWmKPLDuEjz5JCuM+k5f7HYHI1wWmz1KFr7UA+avZm4Kp6YKnhuH7soZp7kBL\n"
344 "hTiZEpL0jdmCWLW3ZXoro55rmPrBsCd+bt8VU6tRZm5dUwIBKaNZMFcwCwYDVR0P\n"
345 "BAQDAgWgMBYGA1UdEQQPMA2CBVZQMTAwhwQKFIaFMDAGA1UdHwQpMCcwJaAjoCGG\n"
346 "H2h0dHA6Ly9sZGFwLnNzaC5maS9jcmxzL2NhMS5jcmwwDQYJKoZIhvcNAQEFBQAD\n"
347 "gYEAKJ/2Co/KYW65mwpGG3CBvsoRL8xyUMHGt6gQpFLHiiHuAdix1ADTL6uoFuYi\n"
348 "4sE5omQm1wKVv2ZhS03zDtUfKoVEv0HZ7IY3AU/FZT/M5gQvbt43Dki/ma3ock2I\n"
349 "PPhbLsvXm+GCVh3jvkYGk1zr7VERVeTPtmT+hW63lcxfFp4=\n"
350 "-----END CERTIFICATE-----\n\n",
351 /* IKED */
352 "-----BEGIN CERTIFICATE-----\n"
353 "MIIEFTCCA7+gAwIBAgIKYU5X6AAAAAAACTANBgkqhkiG9w0BAQUFADCBljEpMCcG\n"
354 "CSqGSIb3DQEJARYaeS13YXRhbmFAc2RsLmhpdGFjaGkuY28uanAxCzAJBgNVBAYT\n"
355 "AkpQMREwDwYDVQQIEwhLQU5BR0FXQTERMA8GA1UEBxMIWW9rb2hhbWExEDAOBgNV\n"
356 "BAoTB0hJVEFDSEkxDDAKBgNVBAsTA1NETDEWMBQGA1UEAxMNSVBzZWMgVGVzdCBD\n"
357 "QTAeFw0wMDA3MTUwMjUxNDdaFw0wMTA3MTUwMzAxNDdaMEUxCzAJBgNVBAYTAkpQ\n"
358 "MREwDwYDVQQIEwhLQU5BR0FXQTEQMA4GA1UEChMHSElUQUNISTERMA8GA1UEAxMI\n"
359 "V0FUQU5BQkUwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA6Wja5A7Ldzrtx+rMWHEB\n"
360 "Cyt+/ZoG0qdFQbuuUiU1vOSq+1f+ZSCYAdTq13Lrr6Xfz3jDVFEZLPID9PSTFwq+\n"
361 "yQIDAQABo4ICPTCCAjkwDgYDVR0PAQH/BAQDAgTwMBMGA1UdJQQMMAoGCCsGAQUF\n"
362 "CAICMB0GA1UdDgQWBBTkv7/MH5Ra+S1zBAmnUIH5w8ZTUTCB0gYDVR0jBIHKMIHH\n"
363 "gBQsF2qoaTl5F3GFLKrttaxPJ8j4faGBnKSBmTCBljEpMCcGCSqGSIb3DQEJARYa\n"
364 "eS13YXRhbmFAc2RsLmhpdGFjaGkuY28uanAxCzAJBgNVBAYTAkpQMREwDwYDVQQI\n"
365 "EwhLQU5BR0FXQTERMA8GA1UEBxMIWW9rb2hhbWExEDAOBgNVBAoTB0hJVEFDSEkx\n"
366 "DDAKBgNVBAsTA1NETDEWMBQGA1UEAxMNSVBzZWMgVGVzdCBDQYIQeccIf4GYDIBA\n"
367 "rS6HSUt8XjB7BgNVHR8EdDByMDagNKAyhjBodHRwOi8vZmxvcmEyMjAvQ2VydEVu\n"
368 "cm9sbC9JUHNlYyUyMFRlc3QlMjBDQS5jcmwwOKA2oDSGMmZpbGU6Ly9cXGZsb3Jh\n"
369 "MjIwXENlcnRFbnJvbGxcSVBzZWMlMjBUZXN0JTIwQ0EuY3JsMIGgBggrBgEFBQcB\n"
370 "AQSBkzCBkDBFBggrBgEFBQcwAoY5aHR0cDovL2Zsb3JhMjIwL0NlcnRFbnJvbGwv\n"
371 "ZmxvcmEyMjBfSVBzZWMlMjBUZXN0JTIwQ0EuY3J0MEcGCCsGAQUFBzAChjtmaWxl\n"
372 "Oi8vXFxmbG9yYTIyMFxDZXJ0RW5yb2xsXGZsb3JhMjIwX0lQc2VjJTIwVGVzdCUy\n"
373 "MENBLmNydDANBgkqhkiG9w0BAQUFAANBAG8yZAWHb6g3zba453Hw5loojVDZO6fD\n"
374 "9lCsyaxeo9/+7x1JEEcdZ6qL7KKqe7ZBwza+hIN0ITkp2WEWo22gTz4=\n"
375 "-----END CERTIFICATE-----\n\n",
376 /* From Entrust */
377 "-----BEGIN CERTIFICATE-----\n"
378 "MIIDXTCCAsagAwIBAgIEOb6khTANBgkqhkiG9w0BAQUFADA4MQswCQYDVQQGEwJV\n"
379 "UzEQMA4GA1UEChMHRW50cnVzdDEXMBUGA1UECxMOVlBOIEludGVyb3AgUk8wHhcN\n"
380 "MDAwOTE4MjMwMDM3WhcNMDMwOTE4MjMzMDM3WjBTMQswCQYDVQQGEwJVUzEQMA4G\n"
381 "A1UEChMHRW50cnVzdDEXMBUGA1UECxMOVlBOIEludGVyb3AgUk8xGTAXBgNVBAMT\n"
382 "EFNob2ljaGkgU2FrYW5lIDIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKj3\n"
383 "eXSt1qXxFXzpa265B/NQYk5BZN7pNJg0tlTKBTVV3UgpQ92Bx5DoNfZh11oIv0Sw\n"
384 "6YnG5p9F9ma36U9HDoD3hVTjAvQKy4ssCsnU1y6v5XOU1QvYQo6UTzgsXUTaIau4\n"
385 "Lrccl+nyoiNzy3lG51tLR8CxuA+3OOAK9xPjszClAgMBAAGjggFXMIIBUzBABgNV\n"
386 "HREEOTA3gQ9zYWthbmVAa2FtZS5uZXSHBM6vIHWCHjIwNi0xNzUtMzItMTE3LnZw\n"
387 "bndvcmtzaG9wLmNvbTATBgNVHSUEDDAKBggrBgEFBQgCAjALBgNVHQ8EBAMCAKAw\n"
388 "KwYDVR0QBCQwIoAPMjAwMDA5MTgyMzAwMzdagQ8yMDAyMTAyNTExMzAzN1owWgYD\n"
389 "VR0fBFMwUTBPoE2gS6RJMEcxCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFbnRydXN0\n"
390 "MRcwFQYDVQQLEw5WUE4gSW50ZXJvcCBSTzENMAsGA1UEAxMEQ1JMMTAfBgNVHSME\n"
391 "GDAWgBTzVmhu0tBoWKwkZE5mXpooE9630DAdBgNVHQ4EFgQUEgBHPtXggJqei5Xz\n"
392 "92CrWXTJxfAwCQYDVR0TBAIwADAZBgkqhkiG9n0HQQAEDDAKGwRWNS4wAwIEsDAN\n"
393 "BgkqhkiG9w0BAQUFAAOBgQCIFriNGMUE8GH5LuDrTJfA8uGx8vLy2seljuo694TR\n"
394 "et/ojp9QnfOJ1PF9iAdGaEaSLfkwhY4fZNZzxic5HBoHLeo9BXLP7i7FByXjvOZC\n"
395 "Y8++0dC8NVvendIILcJBM5nbDq1TqIbb8K3SP80XhO5JLVJkoZiQftAMjo0peZPO\n"
396 "EQ==\n"
397 "-----END CERTIFICATE-----\n\n",
398 NULL,
399 };
400
401 if (path == NULL)
402 return (char **)&samplecerts;
403
404 stat(path, &sb);
405 if (!(sb.st_mode & S_IFDIR)) {
406 printf("ERROR: %s is not directory.\n", path);
407 exit(0);
408 }
409
410 dirp = opendir(path);
411 if (dirp == NULL) {
412 printf("opendir failed.\n");
413 exit(0);
414 }
415
416 n = 0;
417 while ((dp = readdir(dirp)) != NULL) {
418 if (dp->d_type != DT_REG)
419 continue;
420 if (strcmp(dp->d_name + dp->d_namlen - 4, "cert"))
421 continue;
422 snprintf(buf, sizeof(buf), "%s/%s", path, dp->d_name);
423 stat(buf, &sb);
424
425 p = (char **)realloc(certs, (n + 1) * sizeof(certs));
426 if (p == NULL)
427 err(1, "realloc");
428 certs = p;
429
430 certs[n] = malloc(sb.st_size + 1);
431 if (certs[n] == NULL)
432 err(1, "malloc");
433
434 fd = open(buf, O_RDONLY);
435 if (fd == -1)
436 err(1, "open");
437 len = read(fd, certs[n], sb.st_size);
438 if (len == -1)
439 err(1, "read");
440 if (len != sb.st_size)
441 errx(1, "read: length mismatch");
442 certs[n][sb.st_size] = '\0';
443 close(fd);
444
445 printf("%s: %d\n", dp->d_name, (int)sb.st_size);
446
447 n++;
448 }
449
450 p = (char **)realloc(certs, (n + 1) * sizeof(certs));
451 if (p == NULL)
452 err(1, "realloc");
453 certs = p;
454 certs[n] = NULL;
455
456 return certs;
457 }
458
459 void
460 ciphertest(ac, av)
461 int ac;
462 char **av;
463 {
464 vchar_t data;
465 vchar_t key;
466 vchar_t iv0;
467 vchar_t *res1, *res2, *iv;
468
469 printf("\n**Test for CIPHER.**\n");
470
471 data.v = str2val("\
472 06000017 03000000 73616b61 6e65406b 616d652e 6e657409 0002c104 308202b8 \
473 04f05a90 \
474 ", 16, &data.l);
475 key.v = str2val("f59bd70f 81b9b9cc 2a32c7fd 229a4b37", 16, &key.l);
476 iv0.v = str2val("26b68c90 9467b4ab 7ec29fa0 0b696b55", 16, &iv0.l);
477
478 iv = vmalloc(8);
479
480 /* des */
481 printf("DES\n");
482 printf("data:\n");
483 PVDUMP(&data);
484
485 memcpy(iv->v, iv0.v, 8);
486 res1 = eay_des_encrypt(&data, &key, iv);
487 printf("encrypto:\n");
488 PVDUMP(res1);
489
490 memcpy(iv->v, iv0.v, 8);
491 res2 = eay_des_decrypt(res1, &key, iv);
492 printf("decrypto:\n");
493 PVDUMP(res2);
494
495 if (memcmp(data.v, res2->v, data.l))
496 printf("XXX NG XXX\n");
497 vfree(res1);
498 vfree(res2);
499
500 #ifdef HAVE_OPENSSL_IDEA_H
501 /* idea */
502 printf("IDEA\n");
503 printf("data:\n");
504 PVDUMP(&data);
505
506 memcpy(iv->v, iv0.v, 8);
507 res1 = eay_idea_encrypt(&data, &key, iv);
508 printf("encrypto:\n");
509 PVDUMP(res1);
510
511 memcpy(iv->v, iv0.v, 8);
512 res2 = eay_idea_decrypt(res1, &key, iv);
513 printf("decrypto:\n");
514 PVDUMP(res2);
515
516 if (memcmp(data.v, res2->v, data.l))
517 printf("XXX NG XXX\n");
518 vfree(res1);
519 vfree(res2);
520 #endif
521
522 /* blowfish */
523 printf("BLOWFISH\n");
524 printf("data:\n");
525 PVDUMP(&data);
526
527 memcpy(iv->v, iv0.v, 8);
528 res1 = eay_bf_encrypt(&data, &key, iv);
529 printf("encrypto:\n");
530 PVDUMP(res1);
531
532 memcpy(iv->v, iv0.v, 8);
533 res2 = eay_bf_decrypt(res1, &key, iv);
534 printf("decrypto:\n");
535 PVDUMP(res2);
536
537 if (memcmp(data.v, res2->v, data.l))
538 printf("XXX NG XXX\n");
539 vfree(res1);
540 vfree(res2);
541
542 #ifdef HAVE_OPENSSL_RC5_H
543 /* rc5 */
544 printf("RC5\n");
545 printf("data:\n");
546 PVDUMP(&data);
547
548 memcpy(iv->v, iv0.v, 8);
549 res1 = eay_bf_encrypt(&data, &key, iv);
550 printf("encrypto:\n");
551 PVDUMP(res1);
552
553 memcpy(iv->v, iv0.v, 8);
554 res2 = eay_bf_decrypt(res1, &key, iv);
555 printf("decrypto:\n");
556 PVDUMP(res2);
557
558 if (memcmp(data.v, res2->v, data.l))
559 printf("XXX NG XXX\n");
560 vfree(res1);
561 vfree(res2);
562 #endif
563
564 /* 3des */
565 printf("3DES\n");
566 printf("data:\n");
567 PVDUMP(&data);
568
569 memcpy(iv->v, iv0.v, 8);
570 res1 = eay_3des_encrypt(&data, &key, iv);
571 printf("encrypto:\n");
572 if (res1)
573 PVDUMP(res1);
574
575 memcpy(iv->v, iv0.v, 8);
576 res2 = eay_3des_decrypt(res1, &key, iv);
577 printf("decrypto:\n");
578 if (res1)
579 PVDUMP(res2);
580
581 if (res2 && memcmp(data.v, res2->v, data.l))
582 printf("XXX NG XXX\n");
583 vfree(res1);
584 vfree(res2);
585
586 /* cast */
587 printf("CAST\n");
588 printf("data:\n");
589 PVDUMP(&data);
590
591 memcpy(iv->v, iv0.v, 8);
592 res1 = eay_cast_encrypt(&data, &key, iv);
593 printf("encrypto:\n");
594 PVDUMP(res1);
595
596 memcpy(iv->v, iv0.v, 8);
597 res2 = eay_cast_decrypt(res1, &key, iv);
598 printf("decrypto:\n");
599 PVDUMP(res2);
600
601 if (memcmp(data.v, res2->v, data.l))
602 printf("XXX NG XXX\n");
603 vfree(res1);
604 vfree(res2);
605
606 /* aes */
607 iv = vrealloc(iv, 16);
608
609 printf("AES\n");
610 printf("data:\n");
611 PVDUMP(&data);
612
613 {
614 vchar_t *buf;
615 int padlen = 16 - data.l % 16;
616 buf = vmalloc(data.l + padlen);
617 memcpy(buf->v, data.v, data.l);
618
619 memcpy(iv->v, iv0.v, 16);
620 res1 = eay_aes_encrypt(buf, &key, iv);
621 printf("encrypto:\n");
622 PVDUMP(res1);
623
624 memcpy(iv->v, iv0.v, 16);
625 res2 = eay_aes_decrypt(res1, &key, iv);
626 printf("decrypto:\n");
627 PVDUMP(res2);
628
629 if (memcmp(data.v, res2->v, data.l))
630 printf("XXX NG XXX\n");
631 vfree(res1);
632 vfree(res2);
633 }
634 }
635
636 void
637 hmactest(ac, av)
638 int ac;
639 char **av;
640 {
641 char *keyword = "hehehe test secret!";
642 char *object = "d7e6a6c1876ef0488bb74958b9fee94e";
643 char *object1 = "d7e6a6c1876ef048";
644 char *object2 = "8bb74958b9fee94e";
645 char *r_hmd5 = "5702d7d1 fd1bfc7e 210fc9fa cda7d02c";
646 char *r_hsha1 = "309999aa 9779a43e ebdea839 1b4e7ee1 d8646874";
647 char *r_hsha2 = "d47262d8 a5b6f39d d8686939 411b3e79 ed2e27f9 2c4ea89f dd0a06ae 0c0aa396";
648 vchar_t *key, *data, *data1, *data2, *res;
649 vchar_t mod;
650 caddr_t ctx;
651
652 printf("\n**Test for HMAC MD5 & SHA1.**\n");
653
654 key = vmalloc(strlen(keyword));
655 memcpy(key->v, keyword, key->l);
656
657 data = vmalloc(strlen(object));
658 data1 = vmalloc(strlen(object1));
659 data2 = vmalloc(strlen(object2));
660 memcpy(data->v, object, data->l);
661 memcpy(data1->v, object1, data1->l);
662 memcpy(data2->v, object2, data2->l);
663
664 /* HMAC MD5 */
665 printf("HMAC MD5 by eay_hmacmd5_one()\n");
666 res = eay_hmacmd5_one(key, data);
667 PVDUMP(res);
668 mod.v = str2val(r_hmd5, 16, &mod.l);
669 if (memcmp(res->v, mod.v, mod.l))
670 printf(" XXX NG XXX\n");
671 free(mod.v);
672 vfree(res);
673
674 /* HMAC MD5 */
675 printf("HMAC MD5 by eay_hmacmd5_xxx()\n");
676 ctx = eay_hmacmd5_init(key);
677 eay_hmacmd5_update(ctx, data1);
678 eay_hmacmd5_update(ctx, data2);
679 res = eay_hmacmd5_final(ctx);
680 PVDUMP(res);
681 mod.v = str2val(r_hmd5, 16, &mod.l);
682 if (memcmp(res->v, mod.v, mod.l))
683 printf(" XXX NG XXX\n");
684 free(mod.v);
685 vfree(res);
686
687 /* HMAC SHA2 */
688 printf("HMAC SHA2 by eay_hmacsha2_256_one()\n");
689 res = eay_hmacsha2_256_one(key, data);
690 PVDUMP(res);
691 mod.v = str2val(r_hsha2, 16, &mod.l);
692 if (memcmp(res->v, mod.v, mod.l))
693 printf(" XXX NG XXX\n");
694 free(mod.v);
695 vfree(res);
696
697 /* HMAC SHA1 */
698 printf("HMAC SHA1 by eay_hmacsha1_one()\n");
699 res = eay_hmacsha1_one(key, data);
700 PVDUMP(res);
701 mod.v = str2val(r_hsha1, 16, &mod.l);
702 if (memcmp(res->v, mod.v, mod.l))
703 printf(" XXX NG XXX\n");
704 free(mod.v);
705 vfree(res);
706
707 /* HMAC MD5 */
708 printf("HMAC SHA1 by eay_hmacsha1_xxx()\n");
709 ctx = eay_hmacsha1_init(key);
710 eay_hmacsha1_update(ctx, data1);
711 eay_hmacsha1_update(ctx, data2);
712 res = eay_hmacsha1_final(ctx);
713 PVDUMP(res);
714 mod.v = str2val(r_hsha1, 16, &mod.l);
715 if (memcmp(res->v, mod.v, mod.l))
716 printf(" XXX NG XXX\n");
717 free(mod.v);
718 vfree(res);
719
720 vfree(data);
721 vfree(data1);
722 vfree(data2);
723 vfree(key);
724 }
725
726 void
727 sha1test(ac, av)
728 int ac;
729 char **av;
730 {
731 char *word1 = "1234567890", *word2 = "12345678901234567890";
732 caddr_t ctx;
733 vchar_t *buf, *res;
734
735 printf("\n**Test for SHA1.**\n");
736
737 ctx = eay_sha1_init();
738 buf = vmalloc(strlen(word1));
739 memcpy(buf->v, word1, buf->l);
740 eay_sha1_update(ctx, buf);
741 eay_sha1_update(ctx, buf);
742 res = eay_sha1_final(ctx);
743 PVDUMP(res);
744 vfree(res);
745 vfree(buf);
746
747 ctx = eay_sha1_init();
748 buf = vmalloc(strlen(word2));
749 memcpy(buf->v, word2, buf->l);
750 eay_sha1_update(ctx, buf);
751 res = eay_sha1_final(ctx);
752 PVDUMP(res);
753 vfree(res);
754
755 res = eay_sha1_one(buf);
756 PVDUMP(res);
757 vfree(res);
758 vfree(buf);
759 }
760
761 void
762 md5test(ac, av)
763 int ac;
764 char **av;
765 {
766 char *word1 = "1234567890", *word2 = "12345678901234567890";
767 caddr_t ctx;
768 vchar_t *buf, *res;
769
770 printf("\n**Test for MD5.**\n");
771
772 ctx = eay_md5_init();
773 buf = vmalloc(strlen(word1));
774 memcpy(buf->v, word1, buf->l);
775 eay_md5_update(ctx, buf);
776 eay_md5_update(ctx, buf);
777 res = eay_md5_final(ctx);
778 PVDUMP(res);
779 vfree(res);
780 vfree(buf);
781
782 ctx = eay_md5_init();
783 buf = vmalloc(strlen(word2));
784 memcpy(buf->v, word2, buf->l);
785 eay_md5_update(ctx, buf);
786 res = eay_md5_final(ctx);
787 PVDUMP(res);
788 vfree(res);
789
790 res = eay_md5_one(buf);
791 PVDUMP(res);
792 vfree(res);
793 vfree(buf);
794 }
795
796 void
797 dhtest(ac, av)
798 int ac;
799 char **av;
800 {
801 static struct {
802 char *name;
803 char *p;
804 } px[] = {
805 { "modp768", OAKLEY_PRIME_MODP768, },
806 { "modp1024", OAKLEY_PRIME_MODP1024, },
807 { "modp1536", OAKLEY_PRIME_MODP1536, },
808 { "modp2048", OAKLEY_PRIME_MODP2048, },
809 { "modp3072", OAKLEY_PRIME_MODP3072, },
810 { "modp4096", OAKLEY_PRIME_MODP4096, },
811 { "modp6144", OAKLEY_PRIME_MODP6144, },
812 { "modp8192", OAKLEY_PRIME_MODP8192, },
813 };
814 vchar_t p1, *pub1, *priv1, *gxy1;
815 vchar_t p2, *pub2, *priv2, *gxy2;
816 int i;
817
818 printf("\n**Test for DH.**\n");
819
820 for (i = 0; i < sizeof(px)/sizeof(px[0]); i++) {
821 printf("\n**Test for DH %s.**\n", px[i].name);
822
823 p1.v = str2val(px[i].p, 16, &p1.l);
824 p2.v = str2val(px[i].p, 16, &p2.l);
825 printf("prime number = \n"); PVDUMP(&p1);
826
827 if (eay_dh_generate(&p1, 2, 96, &pub1, &priv1) < 0) {
828 printf("error\n");
829 return;
830 }
831 printf("private key for user 1 = \n"); PVDUMP(priv1);
832 printf("public key for user 1 = \n"); PVDUMP(pub1);
833
834 if (eay_dh_generate(&p2, 2, 96, &pub2, &priv2) < 0) {
835 printf("error\n");
836 return;
837 }
838 printf("private key for user 2 = \n"); PVDUMP(priv2);
839 printf("public key for user 2 = \n"); PVDUMP(pub2);
840
841 /* process to generate key for user 1 */
842 gxy1 = vmalloc(p1.l);
843 memset(gxy1->v, 0, gxy1->l);
844 eay_dh_compute(&p1, 2, pub1, priv1, pub2, &gxy1);
845 printf("sharing gxy1 of user 1 = \n"); PVDUMP(gxy1);
846
847 /* process to generate key for user 2 */
848 gxy2 = vmalloc(p1.l);
849 memset(gxy2->v, 0, gxy2->l);
850 eay_dh_compute(&p2, 2, pub2, priv2, pub1, &gxy2);
851 printf("sharing gxy2 of user 2 = \n"); PVDUMP(gxy2);
852
853 if (memcmp(gxy1->v, gxy2->v, gxy1->l))
854 printf("ERROR: sharing gxy mismatched.\n");
855
856 vfree(pub1);
857 vfree(pub2);
858 vfree(priv1);
859 vfree(priv2);
860 vfree(gxy1);
861 vfree(gxy2);
862 }
863
864 return;
865 }
866
867 void
868 bntest(ac, av)
869 int ac;
870 char **av;
871 {
872 vchar_t *rn;
873
874 printf("\n**Test for generate a random number.**\n");
875
876 rn = eay_set_random((u_int32_t)96);
877 PVDUMP(rn);
878 vfree(rn);
879 }
880
881 struct {
882 char *name;
883 void (*func) __P((int, char **));
884 } func[] = {
885 { "random", bntest, },
886 { "dh", dhtest, },
887 { "md5", md5test, },
888 { "sha1", sha1test, },
889 { "hmac", hmactest, },
890 { "cipher", ciphertest, },
891 { "cert", certtest, },
892 { "rsa", rsatest, },
893 };
894
895 int
896 main(ac, av)
897 int ac;
898 char **av;
899 {
900 int i;
901 int len = sizeof(func)/sizeof(func[0]);
902
903 if (strcmp(*av, "-h") == 0) {
904 printf("Usage: eaytest [");
905 for (i = 0; i < len; i++) {
906 printf("%s", func[i].name);
907 if (i != len)
908 printf("|");
909 }
910 printf("]\n");
911 Usage();
912 }
913
914 ac--;
915 av++;
916
917 if (ac == 0) {
918 for (i = 0; i < len; i++)
919 (func[i].func)(ac, av);
920 } else {
921 for (i = 0; i < len; i++) {
922 if (strcmp(*av, func[i].name) == 0) {
923 (func[i].func)(ac, av);
924 break;
925 }
926 }
927 if (i == len)
928 Usage();
929 }
930
931 exit(0);
932 }
933
934 void
935 Usage()
936 {
937 printf("Usage: eaytest [dh|md5|sha1|hmac|cipher]\n");
938 printf(" eaytest cert [cert_directory]\n");
939 exit(0);
940 }
mirror of network_cmds