]> git.saurik.com Git - apple/security.git/blob - SecurityTests/cspxutils/dsaPartial/dsaPartial.cpp
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-57031.1.35.tar.gz
[apple/security.git] / SecurityTests / cspxutils / dsaPartial / dsaPartial.cpp
1 /*
2 * dsaPartial.cpp - test for partial DSA public handling
3 */
4 #include <stdlib.h>
5 #include <stdio.h>
6 #include <time.h>
7 #include <Security/cssm.h>
8 #include <Security/cssmapple.h>
9 #include <string.h>
10 #include "cspwrap.h"
11 #include "common.h"
12 #include <security_cdsa_utils/cuFileIo.h>
13 #include "nssAppUtils.h"
14
15 /*
16 * generate key pairs with one set of parameters, dsa1Priv and dsa1Pub;
17 * genenate another pair with a different set of params, dsa2Priv and
18 * dsa2Pub;
19 * manually cook up dsa1PubPartial from dsa1Pub;
20 * manually cook up dsa2PubPartial from dsa2Pub;
21 *
22 * with all legal and/or specified combos of {ref,raw} keys {
23 * sign with dsa1Priv;
24 * vfy with dsa1Pub;
25 * vfy with dsa1PubPartial: CSSMERR_CSP_APPLE_DSA_PUBLIC_KEY_INCOMPLETE
26 * vfy with dsa1PubPartial and dsa1Pub (attrs)
27 * vfy with dsa2PubPartial and dsa1Pub (attrs) --> vfy fail
28 * vfy with dsa1PubPartial and dsa2Pub (attrs) --> vfy fail
29 * merge dsa1PubPartial + dsa1Pub --> merged;
30 * vfy with merged, should be good
31 * merge dsa1PubPartial + dsa2Pub -->merged;
32 * vfy with merged; vfy fail;
33 * }
34 */
35
36 /*
37 * Static parameter files.
38 *
39 * Regenerate these every once in a while with rsatool:
40 *
41 * # rsatool g a=d k=/tmp/foo M=dsaParam512_1.der
42 */
43 #define PARAMS_512_1 "dsaParam512_1.der"
44 #define PARAMS_512_2 "dsaParam512_2.der"
45
46 #define MAX_PTEXT_SIZE 512
47 #define KEY_ALG CSSM_ALGID_DSA
48 #define SIG_ALG CSSM_ALGID_SHA1WithDSA
49 #define LOOPS_DEF 32
50 #define KEY_SIZE_DEF 512
51
52 static void usage(char **argv)
53 {
54 printf("Usage: %s [options]\n", argv[0]);
55 printf("Options:\n");
56 printf(" l=loops\n");
57 printf(" p(ause on loop)\n");
58 printf(" q(uiet)\n");
59 printf(" v(erbose)\n");
60 printf(" D (CSPDL)\n");
61 printf(" r (all keys are raw)\n");
62 printf(" f (all keys are ref)\n");
63 exit(1);
64 }
65
66 /*
67 * Generate DSA key pair with required alg parameters.
68 */
69 static CSSM_RETURN genDsaKeyPair(
70 CSSM_CSP_HANDLE cspHand,
71 uint32 keySize, // in bits
72 CSSM_KEY_PTR pubKey, // mallocd by caller
73 CSSM_BOOL pubIsRef, // true - reference key, false - data
74 CSSM_KEY_PTR privKey, // mallocd by caller
75 CSSM_BOOL privIsRef, // true - reference key, false - data
76 const CSSM_DATA *params)
77 {
78 CSSM_RETURN crtn;
79 CSSM_CC_HANDLE ccHand;
80 CSSM_DATA keyLabelData;
81 uint32 pubAttr;
82 uint32 privAttr;
83
84 if(params == NULL) {
85 return CSSMERR_CSSM_INVALID_POINTER;
86 }
87
88 keyLabelData.Data = (uint8 *)"foobar",
89 keyLabelData.Length = 6;
90 memset(pubKey, 0, sizeof(CSSM_KEY));
91 memset(privKey, 0, sizeof(CSSM_KEY));
92
93 crtn = CSSM_CSP_CreateKeyGenContext(cspHand,
94 CSSM_ALGID_DSA,
95 keySize,
96 NULL, // Seed
97 NULL, // Salt
98 NULL, // StartDate
99 NULL, // EndDate
100 params,
101 &ccHand);
102 if(crtn) {
103 printError("CSSM_CSP_CreateKeyGenContext", crtn);
104 return crtn;
105 }
106
107 /* cook up attribute bits */
108 if(pubIsRef) {
109 pubAttr = CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE;
110 }
111 else {
112 pubAttr = CSSM_KEYATTR_RETURN_DATA | CSSM_KEYATTR_EXTRACTABLE;
113 }
114 if(privIsRef) {
115 privAttr = CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE;
116 }
117 else {
118 privAttr = CSSM_KEYATTR_RETURN_DATA | CSSM_KEYATTR_EXTRACTABLE;
119 }
120
121 crtn = CSSM_GenerateKeyPair(ccHand,
122 CSSM_KEYUSE_VERIFY,
123 pubAttr,
124 &keyLabelData,
125 pubKey,
126 CSSM_KEYUSE_SIGN,
127 privAttr,
128 &keyLabelData, // same labels
129 NULL, // CredAndAclEntry
130 privKey);
131 if(crtn) {
132 printError("CSSM_GenerateKeyPair", crtn);
133 }
134 CSSM_DeleteContext(ccHand);
135 return crtn;
136 }
137
138
139 /*
140 * Create new public key by merging specified partial key and
141 * parameter-bearing key. All keys can be in any format (though
142 * it's the caller's responsibility to avoid using a ref paramKey
143 * with the CSPDL).
144 */
145 static CSSM_RETURN dsaMergeParams(
146 CSSM_CSP_HANDLE cspHand,
147 const CSSM_KEY *partialKey,
148 const CSSM_KEY *paramKey,
149 CSSM_KEY &fullKey, // RETURNED
150 bool fullIsRef) // ref/raw
151 {
152 /*
153 * First step is a null wrap or unwrap depending on
154 * format of partialKey.
155 */
156 CSSM_CC_HANDLE ccHand;
157 CSSM_RETURN crtn;
158 CSSM_ACCESS_CREDENTIALS creds;
159 CSSM_DATA label = {10, (uint8 *)"dummyLabel"};
160 CSSM_DATA descrData = {0, NULL};
161 const CSSM_KEYHEADER &hdr = partialKey->KeyHeader;
162
163 memset(&creds, 0, sizeof(CSSM_ACCESS_CREDENTIALS));
164 crtn = CSSM_CSP_CreateSymmetricContext(cspHand,
165 CSSM_ALGID_NONE,
166 CSSM_ALGMODE_NONE,
167 &creds,
168 NULL, // wrapping key
169 NULL, // initVector
170 CSSM_PADDING_NONE,
171 0, // Params
172 &ccHand);
173 if(crtn) {
174 printError("CSSM_CSP_CreateSymmetricContext", crtn);
175 return crtn;
176 }
177
178 /* add in paramKey */
179 crtn = AddContextAttribute(ccHand,
180 CSSM_ATTRIBUTE_PARAM_KEY,
181 sizeof(CSSM_KEY),
182 CAT_Ptr,
183 paramKey,
184 0);
185 if(crtn) {
186 printError("AddContextAttribute", crtn);
187 return crtn;
188 }
189
190 /* go */
191 CSSM_KEY targetKey;
192 memset(&targetKey, 0, sizeof(targetKey));
193 if(hdr.BlobType == CSSM_KEYBLOB_RAW) {
194 /* raw --> ref : null unwrap */
195 crtn = CSSM_UnwrapKey(ccHand,
196 NULL, // PublicKey
197 partialKey,
198 hdr.KeyUsage, // same as original
199 CSSM_KEYATTR_EXTRACTABLE |CSSM_KEYATTR_RETURN_REF,
200 &label,
201 NULL, // CredAndAclEntry
202 &targetKey,
203 &descrData); // required
204 if(crtn) {
205 printError("dsaMergeParams CSSM_UnwrapKey (1)", crtn);
206 return crtn;
207 }
208 }
209 else {
210 /* ref --> raw : null wrap */
211 crtn = CSSM_WrapKey(ccHand,
212 &creds,
213 partialKey,
214 NULL, // DescriptiveData
215 &targetKey);
216 if(crtn) {
217 printError("dsaMergeParams CSSM_WrapKey (1)", crtn);
218 return crtn;
219 }
220 }
221
222 if(targetKey.KeyHeader.KeyAttr & CSSM_KEYATTR_PARTIAL) {
223 printf("***merged key still has CSSM_KEYATTR_PARTIAL\n");
224 return CSSMERR_CSSM_INTERNAL_ERROR;
225 }
226
227 CSSM_KEYBLOB_TYPE targetBlob;
228 if(fullIsRef) {
229 targetBlob = CSSM_KEYBLOB_REFERENCE;
230 }
231 else {
232 targetBlob = CSSM_KEYBLOB_RAW;
233 }
234
235 if(targetKey.KeyHeader.BlobType == targetBlob) {
236 /* we're done */
237 fullKey = targetKey;
238 CSSM_DeleteContext(ccHand);
239 return CSSM_OK;
240 }
241
242 /*
243 * We're going to reuse the context, but since the parameter merge
244 * has already been done, remove the CSSM_ATTRIBUTE_PARAM_KEY
245 * attribute.
246 */
247 CSSM_CONTEXT_ATTRIBUTE attr;
248 memset(&attr, 0, sizeof(attr));
249 attr.AttributeType = CSSM_ATTRIBUTE_PARAM_KEY;
250 crtn = CSSM_DeleteContextAttributes(ccHand, 1, &attr);
251 if(crtn) {
252 printError("CSSM_DeleteContextAttributes", crtn);
253 return crtn;
254 }
255
256 /* one more conversion */
257 if(targetBlob == CSSM_KEYBLOB_REFERENCE) {
258 /* raw --> ref : null unwrap */
259 crtn = CSSM_UnwrapKey(ccHand,
260 NULL, // PublicKey
261 &targetKey,
262 hdr.KeyUsage, // same as original
263 CSSM_KEYATTR_EXTRACTABLE | CSSM_KEYATTR_RETURN_REF,
264 &label,
265 NULL, // CredAndAclEntry
266 &fullKey,
267 &descrData); // required
268 if(crtn) {
269 printError("dsaMergeParams CSSM_UnwrapKey (2)", crtn);
270 return crtn;
271 }
272 }
273 else {
274 /* ref --> raw : null wrap */
275 crtn = CSSM_WrapKey(ccHand,
276 &creds,
277 &targetKey,
278 NULL, // DescriptiveData
279 &fullKey);
280 if(crtn) {
281 printError("dsaMergeParams CSSM_WrapKey (2)", crtn);
282 return crtn;
283 }
284 }
285 CSSM_FreeKey(cspHand, NULL, &targetKey, CSSM_FALSE);
286 CSSM_DeleteContext(ccHand);
287 return CSSM_OK;
288 }
289
290 /*
291 * Custom cspSigVerify with optional CSSM_ATTRIBUTE_PARAM_KEY
292 */
293 CSSM_RETURN sigVerify(CSSM_CSP_HANDLE cspHand,
294 uint32 algorithm, // CSSM_ALGID_SHA1WithDSA, etc.
295 CSSM_KEY_PTR key, // public key
296 CSSM_KEY_PTR paramKey, // optional parameter key
297 const CSSM_DATA *ptext,
298 const CSSM_DATA *sig,
299 CSSM_RETURN expectResult,
300 const char *op,
301 CSSM_BOOL verbose)
302 {
303 CSSM_CC_HANDLE sigHand;
304 CSSM_RETURN ocrtn = CSSM_OK;
305 CSSM_RETURN crtn;
306
307 if(verbose) {
308 printf(" ...%s\n", op);
309 }
310 crtn = CSSM_CSP_CreateSignatureContext(cspHand,
311 algorithm,
312 NULL, // passPhrase
313 key,
314 &sigHand);
315 if(crtn) {
316 printError("CSSM_CSP_CreateSignatureContext", crtn);
317 return crtn;
318 }
319 if(paramKey) {
320 crtn = AddContextAttribute(sigHand,
321 CSSM_ATTRIBUTE_PARAM_KEY,
322 sizeof(CSSM_KEY),
323 CAT_Ptr,
324 paramKey,
325 0);
326 if(crtn) {
327 printError("AddContextAttribute", crtn);
328 return crtn;
329 }
330 }
331 crtn = CSSM_VerifyData(sigHand,
332 ptext,
333 1,
334 CSSM_ALGID_NONE,
335 sig);
336 if(crtn != expectResult) {
337 if(!crtn) {
338 printf("%s: Unexpected good Sig Verify (expect %s)\n",
339 op, cssmErrToStr(expectResult));
340 ocrtn = CSSMERR_CSSM_INTERNAL_ERROR;
341 }
342 else {
343 printError(op, crtn);
344 ocrtn = crtn;
345 }
346 }
347 CSSM_DeleteContext(sigHand);
348 return ocrtn;
349 }
350
351 static int doTest(
352 CSSM_CSP_HANDLE cspHand,
353 CSSM_KEY_PTR privKey_0,
354 CSSM_KEY_PTR pubKeyBase_0,
355 CSSM_KEY_PTR pubKeyPartial_0,
356 CSSM_KEY_PTR pubKeyParam_0, // full, raw format if CSPDL
357 CSSM_KEY_PTR pubKeyPartial_1,
358 CSSM_KEY_PTR pubKeyParam_1, // full, raw format if CSPDL
359 bool mergedIsRef,
360 CSSM_BOOL quiet,
361 CSSM_BOOL verbose)
362 {
363 uint8 ptextBuf[MAX_PTEXT_SIZE];
364 CSSM_DATA ptext = {0, ptextBuf};
365 simpleGenData(&ptext, 1, MAX_PTEXT_SIZE);
366 CSSM_DATA sig = {0, NULL};
367 CSSM_RETURN crtn;
368
369 /* the single sign op for this routine */
370 crtn = cspSign(cspHand, SIG_ALG, privKey_0, &ptext, &sig);
371 if(crtn) {
372 return testError(quiet);
373 }
374
375 /* normal verify with full key */
376 crtn = sigVerify(cspHand, SIG_ALG, pubKeyBase_0, NULL,
377 &ptext, &sig, CSSM_OK, "vfy with full key", verbose);
378 if(crtn) {
379 return testError(quiet);
380 }
381
382 /* good verify with partial key plus params */
383 crtn = sigVerify(cspHand, SIG_ALG, pubKeyPartial_0, pubKeyParam_0,
384 &ptext, &sig, CSSM_OK, "vfy with partial key and params",
385 verbose);
386 if(crtn) {
387 if(testError(quiet)) {
388 return 1;
389 }
390 }
391
392 /* partial key failure */
393 crtn = sigVerify(cspHand, SIG_ALG, pubKeyPartial_0, NULL,
394 &ptext, &sig,
395 CSSMERR_CSP_APPLE_PUBLIC_KEY_INCOMPLETE,
396 "vfy with partial key no params", verbose);
397 if(crtn) {
398 if(testError(quiet)) {
399 return 1;
400 }
401 }
402
403 /* partial key, wrong params */
404 crtn = sigVerify(cspHand, SIG_ALG, pubKeyPartial_0, pubKeyParam_1,
405 &ptext, &sig,
406 CSSMERR_CSP_VERIFY_FAILED,
407 "vfy with partial key wrong params", verbose);
408 if(crtn) {
409 if(testError(quiet)) {
410 return 1;
411 }
412 }
413
414 /* wrong partial key, good params */
415 crtn = sigVerify(cspHand, SIG_ALG, pubKeyPartial_1, pubKeyParam_0,
416 &ptext, &sig,
417 CSSMERR_CSP_VERIFY_FAILED,
418 "vfy with wrong partial key, good params", verbose);
419 if(crtn) {
420 if(testError(quiet)) {
421 return 1;
422 }
423 }
424
425 /*
426 * Test merge via wrap/unwrap.
427 * First, a good merged key.
428 */
429 CSSM_KEY merged;
430 crtn = dsaMergeParams(cspHand,
431 pubKeyPartial_0,
432 pubKeyParam_0,
433 merged,
434 mergedIsRef);
435 if(crtn) {
436 return testError(quiet);
437 }
438 crtn = sigVerify(cspHand, SIG_ALG, &merged, NULL,
439 &ptext, &sig, CSSM_OK, "vfy with good merged key", verbose);
440 if(crtn) {
441 return testError(quiet);
442 }
443 CSSM_FreeKey(cspHand, NULL, &merged, CSSM_FALSE);
444
445 /* now with a badly merged key (with the wrong params) */
446 crtn = dsaMergeParams(cspHand,
447 pubKeyPartial_0,
448 pubKeyParam_1,
449 merged,
450 mergedIsRef);
451 if(crtn) {
452 return testError(quiet);
453 }
454 crtn = sigVerify(cspHand, SIG_ALG, &merged, NULL,
455 &ptext, &sig,
456 CSSMERR_CSP_VERIFY_FAILED,
457 "vfy with merged key wrong params", verbose);
458 if(crtn) {
459 if(testError(quiet)) {
460 return 1;
461 }
462 }
463 CSSM_FreeKey(cspHand, NULL, &merged, CSSM_FALSE);
464
465 CSSM_FREE(sig.Data);
466 return CSSM_OK;
467 }
468
469
470 int main(int argc, char **argv)
471 {
472 char *argp;
473 CSSM_CSP_HANDLE cspHand;
474 CSSM_RETURN crtn;
475
476 /* user spec'd variables */
477 unsigned loops = LOOPS_DEF;
478 CSSM_BOOL doPause = CSSM_FALSE;
479 CSSM_BOOL quiet = CSSM_FALSE;
480 CSSM_BOOL rawCSP = CSSM_TRUE;
481 CSSM_BOOL verbose = CSSM_FALSE;
482 uint32 keySize = KEY_SIZE_DEF;
483 CSSM_BOOL allRaw = CSSM_FALSE;
484 CSSM_BOOL allRef = CSSM_FALSE;
485
486 for(int arg=1; arg<argc; arg++) {
487 argp = argv[arg];
488 switch(argp[0]) {
489 case 'l':
490 loops = atoi(&argp[2]);
491 break;
492 case 'q':
493 quiet = CSSM_TRUE;
494 break;
495 case 'p':
496 doPause = CSSM_TRUE;
497 break;
498 case 'v':
499 verbose = CSSM_TRUE;
500 break;
501 case 'D':
502 rawCSP = CSSM_FALSE;
503 break;
504 case 'r':
505 allRaw = CSSM_TRUE;
506 break;
507 case 'f':
508 allRef = CSSM_TRUE;
509 break;
510 default:
511 usage(argv);
512 }
513 }
514
515 if(!rawCSP && (allRaw || allRef)) {
516 printf("CSPDL inconsistent with allRef and allRaw\n");
517 usage(argv);
518 }
519 if(allRef && allRaw) {
520 printf("allRef and allRaw are mutually exclusive\n");
521 usage(argv);
522 }
523
524 /* read in params for two keypairs */
525 CSSM_DATA params1;
526 CSSM_DATA params2;
527 unsigned len;
528 if(readFile(PARAMS_512_1, (unsigned char **)&params1.Data, &len)) {
529 printf("***Error reading %s. Aborting.\n", PARAMS_512_1);
530 printf("***This test must be run from the cspxutils/dsaPartial directory.\n");
531 exit(1);
532 }
533 params1.Length = len;
534 if(readFile(PARAMS_512_2, (unsigned char **)&params2.Data, &len)) {
535 printf("***Error reading %s. Aborting.\n", PARAMS_512_2);
536 printf("***This test must be run from the cspxutils/dsaPartial directory.\n");
537 exit(1);
538 }
539 params2.Length = len;
540
541 printf("Starting dsaPartial; args: ");
542 for(int i=1; i<argc; i++) {
543 printf("%s ", argv[i]);
544 }
545 printf("\n");
546 cspHand = cspDlDbStartup(rawCSP, NULL);
547 if(cspHand == 0) {
548 exit(1);
549 }
550
551 /* generate two keypairs */
552 CSSM_KEY dsa1Priv;
553 CSSM_KEY dsa1Pub;
554 CSSM_KEY dsa2Priv;
555 CSSM_KEY dsa2Pub;
556
557 if(verbose) {
558 printf("...generating keys...\n");
559 }
560 CSSM_BOOL genRefKeys = CSSM_FALSE;
561 if(!rawCSP || allRef) {
562 genRefKeys = CSSM_TRUE;
563 }
564 crtn = genDsaKeyPair(cspHand, keySize,
565 &dsa1Pub, genRefKeys,
566 &dsa1Priv, genRefKeys,
567 &params1);
568 if(crtn) {
569 exit(1);
570 }
571 crtn = genDsaKeyPair(cspHand, keySize,
572 &dsa2Pub, genRefKeys,
573 &dsa2Priv, genRefKeys,
574 &params2);
575 if(crtn) {
576 exit(1);
577 }
578
579 /* CSPDL also requires separate raw parameter keys */
580 CSSM_KEY dsa1PubParam;
581 CSSM_KEY dsa2PubParam;
582 if(!rawCSP) {
583 if(cspRefKeyToRaw(cspHand, &dsa1Pub, &dsa1PubParam) ||
584 cspRefKeyToRaw(cspHand, &dsa2Pub, &dsa2PubParam)) {
585 exit(1);
586 }
587 }
588
589 /* generate partial pub keys in raw form */
590 CSSM_KEY dsa1PubPartial;
591 CSSM_KEY dsa2PubPartial;
592 crtn = extractDsaPartial(cspHand, &dsa1Pub, &dsa1PubPartial);
593 if(crtn) {
594 exit(1);
595 }
596 crtn = extractDsaPartial(cspHand, &dsa2Pub, &dsa2PubPartial);
597 if(crtn) {
598 exit(1);
599 }
600
601 /*
602 * Reference version of all 4 pub keys if we're going to mix & match
603 */
604 CSSM_KEY dsa1PubRef;
605 CSSM_KEY dsa2PubRef;
606 CSSM_KEY dsa1PubPartialRef;
607 CSSM_KEY dsa2PubPartialRef;
608 if(rawCSP && // CSPDL --> these were created as ref keys
609 !allRaw && // allRaw --> don't want ref keys
610 !allRef) { // allRef --> these were created as ref keys
611 if(cspRawKeyToRef(cspHand, &dsa1Pub, &dsa1PubRef) ||
612 cspRawKeyToRef(cspHand, &dsa2Pub, &dsa2PubRef)) {
613 exit(1);
614 }
615 }
616 if(!rawCSP || !allRaw) {
617 /* these were created in raw form unconditionally */
618 if(cspRawKeyToRef(cspHand, &dsa1PubPartial,
619 &dsa1PubPartialRef) ||
620 cspRawKeyToRef(cspHand, &dsa2PubPartial,
621 &dsa2PubPartialRef)) {
622 exit(1);
623 }
624
625 /* verify that these came back with the partial flag set */
626 if(!(dsa1PubPartialRef.KeyHeader.KeyAttr &
627 CSSM_KEYATTR_PARTIAL)) {
628 printf("***CSSM_KEYATTR_PARTIAL not set after null unwrap"
629 " of partial DSA key\n");
630 if(testError(quiet)) {
631 exit(1);
632 }
633 }
634 if(!(dsa2PubPartialRef.KeyHeader.KeyAttr &
635 CSSM_KEYATTR_PARTIAL)) {
636 printf("***CSSM_KEYATTR_PARTIAL not set after null unwrap"
637 " of partial DSA key\n");
638 if(testError(quiet)) {
639 exit(1);
640 }
641 }
642 }
643
644 int rtn = 0;
645 for(unsigned loop=0; loop<loops; loop++) {
646 /* four pub keys - raw or ref */
647 CSSM_KEY_PTR pubKey_a;
648 CSSM_KEY_PTR pubKey_b;
649 CSSM_KEY_PTR pubKeyPartial_a;
650 CSSM_KEY_PTR pubKeyPartial_b;
651 bool mergedIsRef;
652
653 if(allRef) {
654 /* raw CSP only - all ref keys */
655 /* base keys were generated as ref */
656 pubKey_a = &dsa1Pub;
657 pubKey_b = &dsa2Pub;
658 /* these alwasy generated as raw */
659 pubKeyPartial_a = &dsa1PubPartialRef;
660 pubKeyPartial_b = &dsa2PubPartialRef;
661 /* generated merged key ref too */
662 mergedIsRef = true;
663 }
664 else if(allRaw) {
665 /* raw CSP only - all raw keys */
666 pubKey_a = &dsa1Pub;
667 pubKey_b = &dsa2Pub;
668 pubKeyPartial_a = &dsa1PubPartial;
669 pubKeyPartial_b = &dsa2PubPartial;
670 /* generated merged key ref too */
671 mergedIsRef = false;
672 }
673 else if(!rawCSP) {
674 /* CSPDL - base keys are ref, partials are raw */
675 pubKey_a = &dsa1Pub;
676 pubKey_b = &dsa2Pub;
677 pubKeyPartial_a = &dsa1PubPartialRef;
678 pubKeyPartial_b = &dsa2PubPartialRef;
679 /* generated merged key ref too */
680 mergedIsRef = true;
681 }
682 else {
683 /* default: mix & match */
684 pubKey_a = (loop & 1) ? &dsa1Pub : &dsa1PubRef;
685 pubKey_b = (loop & 2) ? &dsa2Pub : &dsa2PubRef;
686 pubKeyPartial_a = (loop & 4) ?
687 &dsa1PubPartial : &dsa1PubPartialRef;
688 pubKeyPartial_b = (loop & 8) ?
689 &dsa2PubPartial : &dsa2PubPartialRef;
690 /* generated merged key different from partial_a*/
691 mergedIsRef = (loop & 2) ? true : false;
692 }
693
694 /* and two param keys - CSPDL requires raw, else the same as
695 * the "base" public key */
696 CSSM_KEY_PTR pubKeyParam_a = pubKey_a;
697 CSSM_KEY_PTR pubKeyParam_b = pubKey_b;
698 if(!rawCSP) {
699 pubKeyParam_a = &dsa1PubParam;
700 pubKeyParam_b = &dsa2PubParam;
701 }
702 if(!quiet) {
703 printf("...loop %u\n", loop);
704 }
705 rtn = doTest(cspHand, &dsa1Priv,
706 pubKey_a, pubKeyPartial_a, pubKeyParam_a,
707 pubKeyPartial_b, pubKeyParam_b,
708 mergedIsRef, quiet, verbose);
709 if(rtn) {
710 break;
711 }
712 if(doPause) {
713 fpurge(stdin);
714 printf("Hit CR to proceed, q to quit: ");
715 char inch = getchar();
716 if(inch == 'q') {
717 break;
718 }
719 }
720 }
721
722 /* cleanup */
723 return(rtn);
724 }
mirror of Security