+++ /dev/null
-/* Copyright (c) 1998,2003-2006,2008 Apple Inc.
- *
- * asymTest.c - test CSP asymmetric encrypt/decrypt.
- *
- * Revision History
- * ----------------
- * 10 May 2000 Doug Mitchell
- * Ported to X/CDSA2.
- * 14 May 1998 Doug Mitchell at Apple
- * Created.
- */
-
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
-#include <time.h>
-#include <Security/cssm.h>
-#include "cspwrap.h"
-#include "common.h"
-#include "cspdlTesting.h"
-
-#define USAGE_NAME "noUsage"
-#define USAGE_NAME_LEN (strlen(USAGE_NAME))
-#define USAGE2_NAME "noUsage2"
-#define USAGE2_NAME_LEN (strlen(USAGE2_NAME))
-#define LOOPS_DEF 10
-#define MIN_EXP 2 /* for data size 10**exp */
-#define DEFAULT_MAX_EXP 2
-#define MAX_EXP 4
-
-/*
- * Enumerate algs our own way to allow iteration.
- */
-#define ALG_RSA 1
-#define ALG_FEED 2
-#define ALG_FEEDEXP 3
-#define ALG_FEE_CFILE 4
-#define ALG_FIRST ALG_RSA
-#define ALG_LAST ALG_FEEDEXP
-#define MAX_DATA_SIZE (10000 + 100) /* bytes */
-#define FEE_PASSWD_LEN 32 /* private data length in bytes, FEE only */
-
-#define DUMP_KEY_DATA 0
-
-/*
- * RSA encryption now allows arbitrary plaintext size. BSAFE was limited to
- * primeSize - 11.
- */
-#define RSA_PLAINTEXT_LIMIT 0
-
-static void usage(char **argv)
-{
- printf("usage: %s [options]\n", argv[0]);
- printf(" Options:\n");
- printf(" a=algorithm (f=FEED; x=FEEDExp; c=FEE_Cfile; r=RSA; default=all)\n");
- printf(" l=loops (default=%d; 0=forever)\n", LOOPS_DEF);
- printf(" n=minExp (default=%d)\n", MIN_EXP);
- printf(" x=maxExp (default=%d, max=%d)\n", DEFAULT_MAX_EXP, MAX_EXP);
- printf(" k=keySize\n");
- printf(" P=primeType (m=Mersenne, f=FEE, g=general; FEE only)\n");
- printf(" C=curveType (m=Montgomery, w=Weierstrass, g=general; FEE only)\n");
- printf(" e(xport)\n");
- printf(" r(eference keys only)\n");
- printf(" K (skip decrypt)\n");
- printf(" N(o padding, RSA only)\n");
- printf(" S (no staging)\n");
- printf(" D (CSP/DL; default = bare CSP)\n");
- printf(" p (pause on each loop)\n");
- printf(" u (quick; small keys)\n");
- printf(" t=plainTextSize; default=random\n");
- printf(" z(ero data)\n");
- printf(" v(erbose)\n");
- printf(" q(uiet)\n");
- printf(" h(elp)\n");
- exit(1);
-}
-
-static int doTest(CSSM_CSP_HANDLE cspHand,
- CSSM_ALGORITHMS alg, // CSSM_ALGID_xxx
- CSSM_PADDING padding,
- CSSM_DATA_PTR ptext,
- CSSM_BOOL verbose,
- CSSM_BOOL quiet,
- uint32 keySizeInBits, // may be 0, i.e., default per alg
- uint32 primeType, // FEE only
- uint32 curveType, // ditto
- CSSM_BOOL pubIsRef,
- CSSM_KEYBLOB_FORMAT rawPubForm,
- CSSM_BOOL privIsRef,
- CSSM_KEYBLOB_FORMAT rawPrivForm,
- CSSM_BOOL secondPubIsRaw, // FEED via CSPDL: 2nd key must be raw
- CSSM_BOOL stagedEncr,
- CSSM_BOOL stagedDecr,
- CSSM_BOOL mallocPtext, // only meaningful if !stagedDecr
- CSSM_BOOL mallocCtext, // only meaningful if !stagedEncr
- CSSM_BOOL skipDecrypt,
- CSSM_BOOL genSeed) // FEE keys only
-{
- // these two are always generated
- CSSM_KEY recvPubKey;
- CSSM_KEY recvPrivKey;
- // these two are for two-key FEE algorithms only
- CSSM_KEY sendPubKey;
- CSSM_KEY sendPrivKey;
- // these two are optionally created by cspRefKeyToRaw if (FEED && secondPubIsRaw)
- CSSM_KEY sendPubKeyRaw;
- CSSM_KEY recvPubKeyRaw;
- CSSM_BOOL rawPubKeysCreated = CSSM_FALSE;
-
- /* two-key FEE, CSP : &{send,recv}PubKey
- * two-key FEE, CSPDL: &{send,recv}PubKeyRaw
- * else : NULL, &recvPubKey
- */
- CSSM_KEY_PTR sendPubKeyPtr = NULL;
- CSSM_KEY_PTR recvPubKeyPtr = NULL;
-
- CSSM_DATA ctext = {0, NULL};
- CSSM_DATA rptext = {0, NULL};
- CSSM_RETURN crtn;
- int rtn = 0;
- uint32 keyGenAlg;
- uint32 mode = CSSM_ALGMODE_NONE; // FIXME - does this need testing?
- CSSM_BOOL twoKeys = CSSM_FALSE;
-
- switch(alg) {
- case CSSM_ALGID_FEED:
- case CSSM_ALGID_FEECFILE:
- twoKeys = CSSM_TRUE;
- /* drop thru */
- case CSSM_ALGID_FEEDEXP:
- keyGenAlg = CSSM_ALGID_FEE;
- break;
- case CSSM_ALGID_RSA:
- keyGenAlg = CSSM_ALGID_RSA;
- break;
- default:
- printf("bogus algorithm\n");
- return 1;
- }
-
- /* one key pair for all algs except CFILE and FEED, which need two */
- if(keyGenAlg == CSSM_ALGID_FEE) {
- uint8 passwd[FEE_PASSWD_LEN];
- CSSM_DATA pwdData = {FEE_PASSWD_LEN, passwd};
- CSSM_DATA_PTR pwdDataPtr;
- if(genSeed) {
- simpleGenData(&pwdData, FEE_PASSWD_LEN, FEE_PASSWD_LEN);
- pwdDataPtr = &pwdData;
- }
- else {
- pwdDataPtr = NULL;
- }
- /*
- * Note we always generate public keys per the pubIsRef argument, even if
- * secondPubIsRaw is true, 'cause the CSPDL can't generate raw keys.
- */
- rtn = cspGenFEEKeyPair(cspHand,
- USAGE_NAME,
- USAGE_NAME_LEN,
- keySizeInBits,
- primeType,
- curveType,
- &recvPubKey,
- pubIsRef,
- CSSM_KEYUSE_ANY,
- CSSM_KEYBLOB_RAW_FORMAT_NONE,
- &recvPrivKey,
- privIsRef,
- CSSM_KEYUSE_ANY,
- CSSM_KEYBLOB_RAW_FORMAT_NONE,
- pwdDataPtr);
- if(rtn) {
- /* leak */
- return testError(quiet);
- }
- if(twoKeys) {
- rtn = cspGenFEEKeyPair(cspHand,
- USAGE2_NAME,
- USAGE2_NAME_LEN,
- keySizeInBits,
- primeType,
- curveType,
- &sendPubKey,
- pubIsRef,
- CSSM_KEYUSE_ANY,
- CSSM_KEYBLOB_RAW_FORMAT_NONE,
- &sendPrivKey,
- privIsRef,
- CSSM_KEYUSE_ANY,
- CSSM_KEYBLOB_RAW_FORMAT_NONE,
- pwdDataPtr);
- if(rtn) {
- /* leak recv*Key */
- return testError(quiet);
- }
- }
- if(twoKeys) {
- if(secondPubIsRaw && pubIsRef) {
- /*
- * Convert ref public keys to raw - they're going into a Context; the
- * SecurityServer doesn't deal with ref keys there.
- * Leak all sorts of stuff on any error here.
- */
- crtn = cspRefKeyToRaw(cspHand, &sendPubKey, &sendPubKeyRaw);
- if(crtn) {
- return testError(quiet);
- }
- crtn = cspRefKeyToRaw(cspHand, &recvPubKey, &recvPubKeyRaw);
- if(crtn) {
- return testError(quiet);
- }
- /* two keys, CSPDL */
- sendPubKeyPtr = &sendPubKeyRaw;
- recvPubKeyPtr = &recvPubKeyRaw;
- rawPubKeysCreated = CSSM_TRUE;
- }
- else {
- /* two keys, CSP */
- sendPubKeyPtr = &sendPubKey;
- recvPubKeyPtr = &recvPubKey;
- }
- }
- else {
- /* one key pair, standard config */
- sendPubKeyPtr = NULL;
- recvPubKeyPtr = &recvPubKey;
- }
- }
- else {
- CSSM_KEYBLOB_FORMAT expectPubForm = rawPubForm;
- CSSM_KEYBLOB_FORMAT expectPrivForm = rawPrivForm;
-
- rtn = cspGenKeyPair(cspHand,
- keyGenAlg,
- USAGE_NAME,
- USAGE_NAME_LEN,
- keySizeInBits,
- &recvPubKey,
- pubIsRef,
- twoKeys ? CSSM_KEYUSE_ANY : CSSM_KEYUSE_ENCRYPT,
- rawPubForm,
- &recvPrivKey,
- privIsRef,
- twoKeys ? CSSM_KEYUSE_ANY : CSSM_KEYUSE_DECRYPT,
- rawPrivForm,
- genSeed);
- if(rtn) {
- return testError(quiet);
- }
- /* one key pair, standard config */
- sendPubKeyPtr = NULL;
- recvPubKeyPtr = &recvPubKey;
-
- /* verify defaults - only for RSA */
- if(!pubIsRef) {
- if(rawPubForm == CSSM_KEYBLOB_RAW_FORMAT_NONE) {
- expectPubForm = CSSM_KEYBLOB_RAW_FORMAT_PKCS1;
- }
- if(recvPubKey.KeyHeader.Format != expectPubForm) {
- printf("***Bad raw RSA pub key format - exp %u got %u\n",
- (unsigned)expectPubForm,
- (unsigned)recvPubKey.KeyHeader.Format);
- if(testError(quiet)) {
- return 1;
- }
- }
- }
- if(!privIsRef) {
- if(rawPrivForm == CSSM_KEYBLOB_RAW_FORMAT_NONE) {
- expectPrivForm = CSSM_KEYBLOB_RAW_FORMAT_PKCS8;
- }
- if(recvPrivKey.KeyHeader.Format != expectPrivForm) {
- printf("***Bad raw RSA priv key format - exp %u got %u\n",
- (unsigned)expectPrivForm,
- (unsigned)recvPrivKey.KeyHeader.Format);
- if(testError(quiet)) {
- return 1;
- }
- }
- }
- }
- #if DUMP_KEY_DATA
- dumpBuffer("Pub Key Data", recvPubKey.KeyData.Data, recvPubKey.KeyData.Length);
- dumpBuffer("Priv Key Data", recvPrivKey.KeyData.Data, recvPrivKey.KeyData.Length);
- #endif
- if(stagedEncr) {
- crtn = cspStagedEncrypt(cspHand,
- alg,
- mode,
- padding,
- /* Two keys: second must be pub */
- twoKeys ? &sendPrivKey : &recvPubKey,
- twoKeys ? recvPubKeyPtr : NULL,
- 0, // effectiveKeySize
- 0, // cipherBlockSize
- 0, // rounds
- NULL, // initVector
- ptext,
- &ctext,
- CSSM_TRUE); // multi
- }
- else {
- crtn = cspEncrypt(cspHand,
- alg,
- mode,
- padding,
- /* Two keys: second must be pub */
- twoKeys ? &sendPrivKey : &recvPubKey,
- twoKeys ? recvPubKeyPtr : NULL,
- 0, // effectiveKeySize
- 0, // rounds
- NULL, // initVector
- ptext,
- &ctext,
- mallocCtext);
- }
- if(crtn) {
- rtn = testError(quiet);
- goto abort;
- }
- if(verbose) {
- printf(" ..ptext size %lu ctext size %lu\n",
- (unsigned long)ptext->Length, (unsigned long)ctext.Length);
- }
- if(skipDecrypt) {
- goto abort;
- }
- if(stagedDecr) {
- crtn = cspStagedDecrypt(cspHand,
- alg,
- mode,
- padding,
- /* Two keys: second must be pub */
- &recvPrivKey,
- sendPubKeyPtr,
- 0, // effectiveKeySize
- 0, // cipherBlockSize
- 0, // rounds
- NULL, // initVector
- &ctext,
- &rptext,
- CSSM_TRUE); // multi
- }
- else {
- crtn = cspDecrypt(cspHand,
- alg,
- mode,
- padding,
- &recvPrivKey,
- sendPubKeyPtr,
- 0, // effectiveKeySize
- 0, // rounds
- NULL, // initVector
- &ctext,
- &rptext,
- mallocPtext);
- }
- if(crtn) {
- rtn = testError(quiet);
- goto abort;
- }
- /* compare ptext, rptext */
- if(ptext->Length != rptext.Length) {
- printf("Ptext length mismatch: expect %lu, got %lu\n",
- (unsigned long)ptext->Length, (unsigned long)rptext.Length);
- rtn = testError(quiet);
- if(rtn) {
- goto abort;
- }
- }
- if(memcmp(ptext->Data, rptext.Data, ptext->Length)) {
- printf("***data miscompare\n");
- rtn = testError(quiet);
- }
-abort:
- /* free keys */
- if(cspFreeKey(cspHand, &recvPubKey)) {
- printf("Error freeing recvPubKey\n");
- rtn = 1;
- }
- if(cspFreeKey(cspHand, &recvPrivKey)) {
- printf("Error freeing recvPrivKey\n");
- rtn = 1;
- }
- if(twoKeys) {
- if(cspFreeKey(cspHand, &sendPubKey)) {
- printf("Error freeing sendPubKey\n");
- rtn = 1;
- }
- if(cspFreeKey(cspHand, &sendPrivKey)) {
- printf("Error freeing sendPrivKey\n");
- rtn = 1;
- }
- if(rawPubKeysCreated) {
- if(cspFreeKey(cspHand, &sendPubKeyRaw)) {
- printf("Error freeing sendPubKeyRaw\n");
- rtn = 1;
- }
- if(cspFreeKey(cspHand, &recvPubKeyRaw)) {
- printf("Error freeing recvPubKeyRaw\n");
- rtn = 1;
- }
- }
- }
- /* free rptext, ctext */
- appFreeCssmData(&rptext, CSSM_FALSE);
- appFreeCssmData(&ctext, CSSM_FALSE);
- return rtn;
-}
-
-static const char *formStr(
- CSSM_KEYBLOB_FORMAT form)
-{
- switch(form) {
- case CSSM_KEYBLOB_RAW_FORMAT_NONE: return "NONE";
- case CSSM_KEYBLOB_RAW_FORMAT_PKCS1: return "PKCS1";
- case CSSM_KEYBLOB_RAW_FORMAT_PKCS8: return "PKCS8";
- case CSSM_KEYBLOB_RAW_FORMAT_X509: return "X509";
- case CSSM_KEYBLOB_RAW_FORMAT_OPENSSH: return "SSH1";
- case CSSM_KEYBLOB_RAW_FORMAT_OPENSSH2: return "SSH2";
- default:
- printf("***BRRRZAP! formStr needs work\n");
- exit(1);
- }
-}
-
-int main(int argc, char **argv)
-{
- int arg;
- char *argp;
- unsigned loop;
- CSSM_DATA ptext;
- CSSM_CSP_HANDLE cspHand;
- CSSM_BOOL pubIsRef = CSSM_TRUE;
- CSSM_BOOL privIsRef = CSSM_TRUE;
- CSSM_BOOL stagedEncr;
- CSSM_BOOL stagedDecr;
- const char *algStr;
- uint32 encAlg; // CSSM_ALGID_xxx
- unsigned currAlg; // ALG_xxx
- int i;
- CSSM_BOOL mallocCtext;
- CSSM_BOOL mallocPtext;
- int rtn = 0;
- CSSM_BOOL genSeed; // for FEE key gen
- CSSM_PADDING padding;
- CSSM_KEYBLOB_FORMAT rawPubFormat = CSSM_KEYBLOB_RAW_FORMAT_NONE;
- CSSM_KEYBLOB_FORMAT rawPrivFormat = CSSM_KEYBLOB_RAW_FORMAT_NONE;
-
- /*
- * User-spec'd params
- */
- unsigned loops = LOOPS_DEF;
- CSSM_BOOL verbose = CSSM_FALSE;
- unsigned minExp = MIN_EXP;
- unsigned maxExp = DEFAULT_MAX_EXP;
- CSSM_BOOL quiet = CSSM_FALSE;
- uint32 keySizeInBits = CSP_KEY_SIZE_DEFAULT;
- CSSM_BOOL keySizeSpec = CSSM_FALSE;
- unsigned minAlg = ALG_FIRST;
- uint32 maxAlg = ALG_LAST;
- CSSM_BOOL skipDecrypt = CSSM_FALSE;
- CSSM_BOOL bareCsp = CSSM_TRUE;
- CSSM_BOOL doPause = CSSM_FALSE;
- CSSM_BOOL smallKeys = CSSM_FALSE;
- uint32 primeType = CSSM_FEE_PRIME_TYPE_DEFAULT; // FEE only
- uint32 curveType = CSSM_FEE_CURVE_TYPE_DEFAULT; // FEE only
- uint32 ptextSize = 0; // 0 means random
- dataType dtype = DT_Random;
- CSSM_BOOL refKeysOnly = CSSM_FALSE;
- CSSM_BOOL noPadding = CSSM_FALSE;
- CSSM_BOOL stagingEnabled = CSSM_TRUE;
-
- for(arg=1; arg<argc; arg++) {
- argp = argv[arg];
- switch(argp[0]) {
- case 'a':
- if(argp[1] != '=') {
- usage(argv);
- }
- switch(argp[2]) {
- case 'f':
- minAlg = maxAlg = ALG_FEED;
- break;
- case 'x':
- minAlg = maxAlg = ALG_FEEDEXP;
- break;
- case 'c':
- minAlg = maxAlg = ALG_FEE_CFILE;
- break;
- case 'r':
- minAlg = maxAlg = ALG_RSA;
- break;
- case 'a':
- minAlg = ALG_FIRST;
- maxAlg = ALG_LAST;
- break;
- default:
- usage(argv);
- }
- break;
- case 'l':
- loops = atoi(&argp[2]);
- break;
- case 'n':
- minExp = atoi(&argp[2]);
- break;
- case 'x':
- maxExp = atoi(&argp[2]);
- if(maxExp > MAX_EXP) {
- usage(argv);
- }
- break;
- case 'k':
- keySizeInBits = atoi(&argv[arg][2]);
- keySizeSpec = CSSM_TRUE;
- break;
- case 'K':
- skipDecrypt = CSSM_TRUE;
- break;
- case 't':
- ptextSize = atoi(&argp[2]);
- break;
- case 'D':
- bareCsp = CSSM_FALSE;
- #if CSPDL_ALL_KEYS_ARE_REF
- refKeysOnly = CSSM_TRUE;
- #endif
- break;
- case 'u':
- smallKeys = CSSM_TRUE;
- break;
- case 'N':
- noPadding = CSSM_TRUE;
- break;
- case 'z':
- dtype = DT_Zero;
- break;
- case 'v':
- verbose = CSSM_TRUE;
- break;
- case 'r':
- refKeysOnly = CSSM_TRUE;
- break;
- case 'S':
- stagingEnabled = CSSM_FALSE;
- break;
- case 'p':
- doPause = CSSM_TRUE;
- break;
- case 'q':
- quiet = CSSM_TRUE;
- break;
- case 'C':
- switch(argp[2]) {
- case 'm':
- curveType = CSSM_FEE_CURVE_TYPE_MONTGOMERY;
- break;
- case 'w':
- curveType = CSSM_FEE_CURVE_TYPE_WEIERSTRASS;
- break;
- default:
- usage(argv);
- }
- break;
- case 'P':
- switch(argp[2]) {
- case 'm':
- primeType = CSSM_FEE_PRIME_TYPE_MERSENNE;
- break;
- case 'f':
- primeType = CSSM_FEE_PRIME_TYPE_FEE;
- break;
- case 'g':
- primeType = CSSM_FEE_PRIME_TYPE_GENERAL;
- break;
- default:
- usage(argv);
- }
- break;
- case 'h':
- default:
- usage(argv);
- }
- }
- ptext.Data = (uint8 *)CSSM_MALLOC(MAX_DATA_SIZE);
-
- /* length set in test loop */
- if(ptext.Data == NULL) {
- printf("Insufficient heap\n");
- exit(1);
- }
- if(noPadding) {
- if(ptextSize == 0) {
- printf("**WARNING NoPad mode will fail with random plaintext size\n");
- }
- if(!keySizeSpec) {
- printf("**WARNING NoPad mode will fail with random key size\n");
- }
- else {
- uint32 keyBytes = keySizeInBits / 8;
- if(ptextSize != keyBytes) {
- /*
- * FIXME: I actually do not understand why this fails, but
- * doing raw RSA encryption with ptextSize != keySize results
- * in random-looking failures, probably based on the plaintext
- * itself (it doesn't fail with zero data).
- */
- printf("***WARNING NoPad mode requires plaintext size = key size\n");
- }
- }
- }
- printf("Starting asymTest; args: ");
- for(i=1; i<argc; i++) {
- printf("%s ", argv[i]);
- }
- printf("\n");
- cspHand = cspDlDbStartup(bareCsp, NULL);
- if(cspHand == 0) {
- exit(1);
- }
- for(currAlg=minAlg; currAlg<=maxAlg; currAlg++) {
- switch(currAlg) {
- case ALG_FEED:
- encAlg = CSSM_ALGID_FEED;
- algStr = "FEED";
- padding = CSSM_PADDING_NONE;
- break;
- case ALG_FEEDEXP:
- encAlg = CSSM_ALGID_FEEDEXP;
- algStr = "FEEDExp";
- padding = CSSM_PADDING_NONE;
- break;
- case ALG_FEE_CFILE:
- encAlg = CSSM_ALGID_FEECFILE;
- algStr = "FEE_CFILE";
- padding = CSSM_PADDING_NONE;
- break;
- case ALG_RSA:
- encAlg = CSSM_ALGID_RSA;
- algStr = "RSA";
- if(noPadding) {
- padding = CSSM_PADDING_NONE;
- }
- else {
- padding = CSSM_PADDING_PKCS1;
- }
- break;
- }
- if(!quiet) {
- printf("Testing alg %s\n", algStr);
- }
- for(loop=1; ; loop++) {
- if(doPause) {
- fpurge(stdin);
- printf("Top of loop; hit CR to proceed: ");
- getchar();
- }
- if(ptextSize) {
- if(dtype == DT_Zero) {
- memset(ptext.Data, 0, ptextSize);
- ptext.Length = ptextSize;
- }
- else {
- simpleGenData(&ptext, ptextSize, ptextSize);
- }
- }
- else {
- ptext.Length = genData(ptext.Data, minExp, maxExp, dtype);
- }
-
- /* raw RSA, no padding, ensure top two bits are zero */
- if((encAlg == CSSM_ALGID_RSA) && (padding == CSSM_PADDING_NONE)) {
- ptext.Data[0] &= 0x3f;
- }
-
- if(!keySizeSpec) {
- /* random per alg unless user overrides */
- if(encAlg == CSSM_ALGID_RSA) {
- if(smallKeys) {
- keySizeInBits = CSP_RSA_KEY_SIZE_DEFAULT;
- }
- else {
- keySizeInBits = randKeySizeBits(CSSM_ALGID_RSA, OT_Encrypt);
- }
- }
- else {
- /* FEED, FEEDExp */
- if(smallKeys) {
- keySizeInBits = 127;
- /* default curveType = Weierstrass */
- }
- else {
- randFeeKeyParams(encAlg,
- &keySizeInBits,
- &primeType,
- &curveType);
- }
- }
- }
- #if RSA_PLAINTEXT_LIMIT
- if(encAlg == CSSM_ALGID_RSA) {
- /* total ptext size can't exceed (modulus size - 11) */
- /* we should probably get this from the CSP, but this
- * whole thing is such a kludge. What's the point?
- * Only RSA encrypt/decrypt has a max total size.
- */
- unsigned modSize;
- unsigned maxSize;
- if(keySizeInBits == CSP_KEY_SIZE_DEFAULT) {
- modSize = CSP_RSA_KEY_SIZE_DEFAULT / 8;
- }
- else {
- modSize = keySizeInBits / 8;
- }
- maxSize = modSize - 11;
- ptext.Length = genRand(1, maxSize);
- }
- #endif
- if(!quiet) {
- if(encAlg == CSSM_ALGID_RSA) {
- printf("..loop %d text size %lu keySize %u\n",
- loop, (unsigned long)ptext.Length, (unsigned)keySizeInBits);
- }
- else {
- printf("..loop %d text size %lu keySize %u primeType %s "
- "curveType %s\n",
- loop, (unsigned long)ptext.Length, (unsigned)keySizeInBits,
- primeTypeStr(primeType), curveTypeStr(curveType));
- }
- }
-
- /* mix up some ref and data keys, as well as staging and mallocing */
- if(!refKeysOnly) {
- pubIsRef = (loop & 1) ? CSSM_TRUE : CSSM_FALSE;
- privIsRef = (loop & 8) ? CSSM_TRUE : CSSM_FALSE;
- }
- if((currAlg == ALG_FEE_CFILE) || !stagingEnabled) {
- /* staged ops unsupported */
- stagedEncr = CSSM_FALSE;
- stagedDecr = CSSM_FALSE;
- }
- else {
- stagedEncr = (loop & 2) ? CSSM_TRUE : CSSM_FALSE;
- stagedDecr = (loop & 4) ? CSSM_TRUE : CSSM_FALSE;
- }
- if(!stagedEncr) {
- mallocCtext = (ptext.Data[0] & 1) ? CSSM_TRUE : CSSM_FALSE;
- }
- else {
- mallocCtext = CSSM_FALSE;
- }
- if(!stagedDecr) {
- mallocPtext = (ptext.Data[0] & 2) ? CSSM_TRUE : CSSM_FALSE;
- }
- else {
- mallocPtext = CSSM_FALSE;
- }
- switch(currAlg) {
- case ALG_FEED:
- case ALG_FEEDEXP:
- genSeed = (ptext.Data[0] & 4) ? CSSM_TRUE : CSSM_FALSE;
- break;
- default:
- genSeed = CSSM_FALSE;
- }
- rawPubFormat = rawPrivFormat = CSSM_KEYBLOB_RAW_FORMAT_NONE;
- if(currAlg == ALG_RSA) {
- /* mix up raw key formats */
- unsigned die;
- if(!pubIsRef) {
- /* five formats */
- die = ptext.Data[1] % 5;
- switch(die) {
- case 0:
- rawPubFormat = CSSM_KEYBLOB_RAW_FORMAT_NONE;
- break;
- case 1:
- rawPubFormat = CSSM_KEYBLOB_RAW_FORMAT_PKCS1;
- break;
- case 2:
- rawPubFormat = CSSM_KEYBLOB_RAW_FORMAT_OPENSSH;
- break;
- case 3:
- rawPubFormat = CSSM_KEYBLOB_RAW_FORMAT_OPENSSH2;
- break;
- default:
- rawPubFormat = CSSM_KEYBLOB_RAW_FORMAT_X509;
- break;
- }
- }
- if(!privIsRef) {
- /* four formats */
- die = ptext.Data[2] % 4;
- switch(die) {
- case 0:
- rawPrivFormat = CSSM_KEYBLOB_RAW_FORMAT_NONE;
- break;
- case 1:
- rawPrivFormat = CSSM_KEYBLOB_RAW_FORMAT_PKCS1;
- break;
- case 2:
- rawPrivFormat = CSSM_KEYBLOB_RAW_FORMAT_OPENSSH;
- break;
- default:
- rawPrivFormat = CSSM_KEYBLOB_RAW_FORMAT_PKCS8;
- break;
- }
- }
- }
- #if 0
- if(encAlg == CSSM_ALGID_RSA) {
- /* FIXME - another restriction - the MS bits of each block
- * of plaintext must be zero, to make the numerical value of the
- * block less than the modulus!
- * Aug 7 1998: Now that we're using AI_PKCS_RSA{Public,Private}, the
- * numerical value of the data no longer has to be less than
- * the modulus.
- */
- stagedEncr = stagedDecr = CSSM_TRUE;
- }
- #endif
-
- if(!quiet) {
- printf(" pubRef %d privRef %d stgEncr %d stgdDecr %d "
- "malPtext %d malCtext %d genSeed %d pubForm %s privForm %s\n",
- (int)pubIsRef, (int)privIsRef, (int)stagedEncr, (int)stagedDecr,
- (int)mallocPtext, (int)mallocCtext, (int)genSeed,
- formStr(rawPubFormat), formStr(rawPrivFormat));
- }
- if(doTest(cspHand,
- encAlg,
- padding,
- &ptext,
- verbose,
- quiet,
- keySizeInBits,
- primeType,
- curveType,
- pubIsRef,
- rawPubFormat,
- privIsRef,
- rawPrivFormat,
- #if CSPDL_2ND_PUB_KEY_IS_RAW
- /* secondPubIsRaw */
- bareCsp ? CSSM_FALSE : CSSM_TRUE,
- #else
- CSSM_FALSE,
- #endif
- stagedEncr,
- stagedDecr,
- mallocCtext,
- mallocPtext,
- skipDecrypt,
- genSeed)) {
- rtn = 1;
- goto testDone;
- }
- if(loops && (loop == loops)) {
- break;
- }
- } /* for loop */
- } /* for alg */
-testDone:
- CSSM_ModuleDetach(cspHand);
- if((rtn == 0) && !quiet) {
- printf("%s test complete\n", argv[0]);
- }
- return rtn;
-}
projects / apple / security.git / blobdiff