+++ /dev/null
-/*
- * symReference.c - write keys and ciphertext blobs, read them back
- * and decrypt on (possibly) a different platfrom.
- * Intended for use in testing multiplatform
- * compatibility (e.g. encrypt on 32 bit G4, decrypt
- * on 64-bit G5).
- *
- * Created by Doug Mitchell 10/31/05.
- */
-
-#include <stdlib.h>
-#include <stdio.h>
-#include <time.h>
-#include <Security/cssm.h>
-#include <Security/cssmapple.h>
-#include "cspwrap.h"
-#include <security_cdsa_utils/cuFileIo.h>
-#include "common.h"
-#include <string.h>
-#include "cspdlTesting.h"
-#include <unistd.h>
-
-/*
- * Defaults.
- */
-#define LOOPS_DEF 200
-#define PTEXT_SIZE_DEF 256
-#define BLOCK_SIZE_MAX 32 /* bytes */
-
-/*
- * Enumerate algs our own way to allow iteration.
- */
-typedef enum {
- ALG_ASC = 0, /* first must be 0 */
- ALG_DES,
- ALG_RC2,
- ALG_RC4,
- ALG_RC5,
- ALG_3DES,
- ALG_AES,
- ALG_AES192,
- ALG_AES256,
- ALG_BFISH,
- ALG_CAST
-} SymAlg;
-
-#define ALG_FIRST ALG_ASC
-#define ALG_LAST ALG_CAST
-
-static void usage(char **argv)
-{
- printf("usage: %s e|d dirName [options]\n", argv[0]);
- printf(" e=encrypt, d=decrypt; blobs read/written in dirName\n");
- printf(" Options:\n");
- printf(" a=algorithm (d=DES; 3=3DES3; 2=RC2; 4=RC4; 5=RC5; a=AES; b=Blowfish; \n");
- printf(" c=CAST; s=ASC, default=all)\n");
- printf(" p=ptextSize (default=%d)\n", PTEXT_SIZE_DEF);
- printf(" D (CSP/DL; default = bare CSP)\n");
- printf(" v(erbose)\n");
- printf(" q(uiet)\n");
- printf(" h(elp)\n");
- exit(1);
-}
-
-/*
- * map SymAlg to test params
- */
-typedef struct {
- SymAlg alg;
- const char *algStr;
- CSSM_ALGORITHMS cssmAlg;
- CSSM_ENCRYPT_MODE mode;
- CSSM_PADDING padding;
- CSSM_SIZE keySizeBits;
- CSSM_SIZE ivLen; // in bytes
-} SymAlgParams;
-
-static const SymAlgParams symAlgParams[] =
-{
- { ALG_ASC, "ASC", CSSM_ALGID_ASC, CSSM_ALGMODE_NONE, CSSM_PADDING_NONE,
- CSP_ASC_KEY_SIZE_DEFAULT, 0 },
- { ALG_DES, "DES", CSSM_ALGID_DES, CSSM_ALGMODE_CBCPadIV8, CSSM_PADDING_PKCS5,
- CSP_DES_KEY_SIZE_DEFAULT, 8 },
- { ALG_RC2, "RC2", CSSM_ALGID_RC2, CSSM_ALGMODE_CBCPadIV8, CSSM_PADDING_PKCS5,
- CSP_RC2_KEY_SIZE_DEFAULT, 8 },
- { ALG_RC4, "RC4", CSSM_ALGID_RC4, CSSM_ALGMODE_NONE, CSSM_PADDING_NONE,
- CSP_RC4_KEY_SIZE_DEFAULT, 0 },
- { ALG_RC5, "RC5", CSSM_ALGID_RC5, CSSM_ALGMODE_CBCPadIV8, CSSM_PADDING_PKCS5,
- CSP_RC5_KEY_SIZE_DEFAULT, 8 },
- { ALG_3DES, "3DES", CSSM_ALGID_3DES_3KEY_EDE, CSSM_ALGMODE_CBCPadIV8, CSSM_PADDING_PKCS5,
- CSP_DES3_KEY_SIZE_DEFAULT, 8 },
- { ALG_AES, "AES", CSSM_ALGID_AES, CSSM_ALGMODE_CBCPadIV8, CSSM_PADDING_PKCS5,
- CSP_AES_KEY_SIZE_DEFAULT, 16 },
- { ALG_AES192, "AES192", CSSM_ALGID_AES, CSSM_ALGMODE_CBCPadIV8, CSSM_PADDING_PKCS5,
- 192, 24 },
- { ALG_AES256, "AES256", CSSM_ALGID_AES, CSSM_ALGMODE_CBCPadIV8, CSSM_PADDING_PKCS5,
- 256, 32 },
- { ALG_BFISH, "Blowfish", CSSM_ALGID_BLOWFISH, CSSM_ALGMODE_CBCPadIV8, CSSM_PADDING_PKCS5,
- CSP_BFISH_KEY_SIZE_DEFAULT, 8 },
- { ALG_CAST, "CAST", CSSM_ALGID_CAST, CSSM_ALGMODE_CBCPadIV8, CSSM_PADDING_PKCS5,
- CSP_CAST_KEY_SIZE_DEFAULT, 8 }
-};
-
-static void genFileNames(
- const char *algStr,
- char *keyFile,
- char *ptextFile,
- char *ctextFile,
- char *ivFile)
-{
- sprintf(keyFile, "key_%s", algStr);
- sprintf(ptextFile, "ptext_%s", algStr);
- sprintf(ctextFile, "ctext_%s", algStr);
- sprintf(ivFile, "iv_%s", algStr);
-}
-
-/* encrypt, write blobs (key, plaintext, ciphertext, optional IV) to disk */
-static int doEncrypt(
- CSSM_CSP_HANDLE cspHand,
- const SymAlgParams *algParams,
- CSSM_DATA *ptext, // mallocd, length valid, we fill data
- CSSM_BOOL quiet,
- CSSM_BOOL verbose)
-{
- CSSM_KEY_PTR symKey = NULL;
- CSSM_KEY rawKey;
- CSSM_RETURN crtn;
- CSSM_DATA ctext = {0, NULL};
- uint8 iv[BLOCK_SIZE_MAX];
- CSSM_DATA ivd = {BLOCK_SIZE_MAX, iv};
- CSSM_DATA *ivp = NULL;
- uint32 blockSize = 0;
- char keyFile[FILENAME_MAX];
- char ptextFile[FILENAME_MAX];
- char ctextFile[FILENAME_MAX];
- char ivFile[FILENAME_MAX];
-
- if(!quiet) {
- printf("...encrypting, alg %s\n", algParams->algStr);
- }
-
- /* generate reference key (works with CSPDL) */
- symKey = cspGenSymKey(cspHand, algParams->cssmAlg,
- "noLabel", 7,
- CSSM_KEYUSE_ANY, algParams->keySizeBits, CSSM_TRUE);
- if(symKey == NULL) {
- printf("***Error generating key for alg %s size %u bits\n",
- algParams->algStr, (unsigned)algParams->keySizeBits);
- return testError(quiet);
- }
-
- /* get key in raw format (to get the raw blob we write to disk) */
- crtn = cspRefKeyToRaw(cspHand, symKey, &rawKey);
- if(crtn) {
- printf("***Error generating raw key for alg %s size %u bits\n",
- algParams->algStr, (unsigned)algParams->keySizeBits);
- return testError(quiet);
- }
-
- appGetRandomBytes(ptext->Data, (unsigned)ptext->Length);
-
- /*
- * Hack: we only need to specify block size for AES192 and AES256, which
- * we detect by their having an ivLen of greater than 16.
- */
- if(algParams->ivLen > 16) {
- blockSize = algParams->ivLen;
- }
- if(algParams->ivLen) {
- appGetRandomBytes(iv, algParams->ivLen);
- ivd.Length = algParams->ivLen;
- ivp = &ivd;
- }
-
- crtn = cspStagedEncrypt(cspHand,
- algParams->cssmAlg, algParams->mode, algParams->padding,
- symKey, NULL,
- 0, blockSize, 0,
- ivp, ptext,
- &ctext,
- CSSM_FALSE);
- if(crtn) {
- printf("***Error encrypting for alg %s size %u bits\n",
- algParams->algStr, (unsigned)algParams->keySizeBits);
- return testError(quiet);
- }
-
- /* write: key, IV, ptext, ctext */
- genFileNames(algParams->algStr, keyFile, ptextFile, ctextFile, ivFile);
- if(writeFile(keyFile, rawKey.KeyData.Data, (unsigned)rawKey.KeyData.Length) ||
- writeFile(ptextFile, ptext->Data, (unsigned)ptext->Length) ||
- writeFile(ctextFile, ctext.Data, (unsigned)ctext.Length)) {
- printf("***Error writing result of alg %s size %u bits\n",
- algParams->algStr, (unsigned)algParams->keySizeBits);
- return testError(quiet);
- }
- if(ivp != NULL) {
- if(writeFile(ivFile, ivp->Data, (unsigned)ivp->Length)) {
- printf("***Error writing IV for alg %s size %u bits\n",
- algParams->algStr, (unsigned)algParams->keySizeBits);
- return testError(quiet);
- }
- }
-
- /* Free resources */
- CSSM_FreeKey(cspHand, NULL, symKey, CSSM_FALSE);
- CSSM_FreeKey(cspHand, NULL, &rawKey, CSSM_FALSE);
- CSSM_FREE(ctext.Data);
- return 0;
-}
-
-/* read blobs (key, plaintext, ciphertext, optional IV) from disk, decrypt, compare plaintext */
-static int doDecrypt(
- CSSM_CSP_HANDLE cspHand,
- const SymAlgParams *algParams,
- CSSM_BOOL quiet,
- CSSM_BOOL verbose)
-{
- CSSM_KEY symKey;
- uint8 *symKeyBits;
- unsigned symKeyLen; // in bytes
- CSSM_DATA symKeyData;
- CSSM_RETURN crtn;
- uint8 *ctextChars;
- unsigned ctextLen = 0;
- CSSM_DATA ctext;
- CSSM_DATA rptext = {0, NULL}; // recovered/decrytped
- uint8 *refPTextChars;
- unsigned refPtextLen;
- CSSM_DATA refPtext = {0, NULL}; // expected
- uint8 *iv = NULL;
- unsigned ivLen;
- CSSM_DATA ivd = {BLOCK_SIZE_MAX, iv};
- CSSM_DATA *ivp = NULL;
- uint32 blockSize = 0;
- char keyFile[FILENAME_MAX];
- char ptextFile[FILENAME_MAX];
- char ctextFile[FILENAME_MAX];
- char ivFile[FILENAME_MAX];
-
- if(!quiet) {
- printf("...decrypting, alg %s\n", algParams->algStr);
- }
-
- /*
- * Hack: we only need to specify block size for AES192 and AES256, which
- * we detect by their having an ivLen of greater than 16.
- */
- if(algParams->ivLen > 16) {
- blockSize = algParams->ivLen;
- }
- if(algParams->ivLen) {
- ivp = &ivd;
- ivd.Length = algParams->ivLen;
- }
-
- /* read: key, IV, ptext, ctext */
- genFileNames(algParams->algStr, keyFile, ptextFile, ctextFile, ivFile);
- if(readFile(keyFile, &symKeyBits, &symKeyLen) ||
- readFile(ptextFile, &refPTextChars, &refPtextLen) ||
- readFile(ctextFile, &ctextChars, &ctextLen)) {
- printf("***Error reading reference blobs for alg %s size %u bits\n",
- algParams->algStr, (unsigned)algParams->keySizeBits);
- return testError(quiet);
- }
- if(ivp != NULL) {
- if(readFile(ivFile, &iv, &ivLen)) {
- printf("***Error writing IV for alg %s size %u bits\n",
- algParams->algStr, (unsigned)algParams->keySizeBits);
- return testError(quiet);
- }
- if(ivLen != algParams->ivLen) {
- printf("***Unexpected IV length: expect %u found %u\n",
- (unsigned)algParams->ivLen, (unsigned)ivLen);
- if(testError(quiet)) {
- return 1;
- }
- }
- ivd.Data = iv;
- }
- ctext.Data = ctextChars;
- ctext.Length = ctextLen;
- refPtext.Data = refPTextChars;
- refPtext.Length = refPtextLen;
-
- /* generate key */
- symKeyData.Data = symKeyBits;
- symKeyData.Length = symKeyLen;
-
- crtn = cspGenSymKeyWithBits(cspHand, algParams->cssmAlg,
- CSSM_KEYUSE_ANY, &symKeyData, symKeyLen, &symKey);
- if(crtn) {
- printf("***Error creating key for alg %s keySize %u\n",
- algParams->algStr, (unsigned)algParams->keySizeBits);
- return testError(quiet);
- }
-
- crtn = cspStagedDecrypt(cspHand,
- algParams->cssmAlg, algParams->mode, algParams->padding,
- &symKey, NULL,
- 0, blockSize, 0,
- ivp, &ctext,
- &rptext,
- CSSM_FALSE);
- if(crtn) {
- printf("***Error decrypting for alg %s size %u bits\n",
- algParams->algStr, (unsigned)algParams->keySizeBits);
- return testError(quiet);
- }
-
- /* moment of truth */
- if(!appCompareCssmData(&rptext, &refPtext)) {
- printf("***DATA MISCOMPARE AFTER DECRYPT alg %s size %u bits\n",
- algParams->algStr, (unsigned)algParams->keySizeBits);
- return testError(quiet);
- }
-
- /* Free resources */
- CSSM_FreeKey(cspHand, NULL, &symKey, CSSM_FALSE);
- free(symKeyBits); // mallocd by readFile()
- free(refPTextChars);
- free(ctextChars);
- CSSM_FREE(rptext.Data); // mallocd by CSP
- if(iv) {
- free(iv);
- }
- return 0;
-}
-
-
-int main(int argc, char **argv)
-{
- int arg;
- char *argp;
- CSSM_DATA ptext;
- CSSM_CSP_HANDLE cspHand;
- unsigned currAlg; // ALG_xxx
- int rtn = 0;
-
- /*
- * User-spec'd params
- */
- unsigned minAlg = ALG_FIRST;
- unsigned maxAlg = ALG_LAST;
- CSSM_BOOL verbose = CSSM_FALSE;
- CSSM_BOOL quiet = CSSM_FALSE;
- CSSM_BOOL bareCsp = CSSM_TRUE;
- bool encrypt = false;
- unsigned ptextSize = PTEXT_SIZE_DEF;
- char *dirName;
-
- if(argc < 3) {
- usage(argv);
- }
- switch(argv[1][0]) {
- case 'e':
- encrypt = true;
- break;
- case 'd':
- encrypt = false;
- break;
- default:
- usage(argv);
- }
- dirName = argv[2];
-
- for(arg=3; arg<argc; arg++) {
- argp = argv[arg];
- switch(argp[0]) {
- case 'a':
- if(argp[1] != '=') {
- usage(argv);
- }
- switch(argp[2]) {
- case 's':
- minAlg = maxAlg = ALG_ASC;
- break;
- case 'd':
- minAlg = maxAlg = ALG_DES;
- break;
- case '3':
- minAlg = maxAlg = ALG_3DES;
- break;
- case '2':
- minAlg = maxAlg = ALG_RC2;
- break;
- case '4':
- minAlg = maxAlg = ALG_RC4;
- break;
- case '5':
- minAlg = maxAlg = ALG_RC5;
- break;
- case 'a':
- minAlg = maxAlg = ALG_AES;
- break;
- case 'b':
- minAlg = maxAlg = ALG_BFISH;
- break;
- case 'c':
- minAlg = maxAlg = ALG_CAST;
- break;
- default:
- usage(argv);
- }
- break;
- case 'v':
- verbose = CSSM_TRUE;
- break;
- case 'D':
- bareCsp = CSSM_FALSE;
- break;
- case 'p':
- ptextSize = atoi(&argp[2]);
- break;
- case 'q':
- quiet = CSSM_TRUE;
- break;
- case 'h':
- default:
- usage(argv);
- }
- }
- ptext.Data = (uint8 *)CSSM_MALLOC(ptextSize);
- if(ptext.Data == NULL) {
- printf("Insufficient heap space\n");
- exit(1);
- }
- ptext.Length = ptextSize;
-
- testStartBanner("symReference", argc, argv);
-
- cspHand = cspDlDbStartup(bareCsp, NULL);
- if(cspHand == 0) {
- exit(1);
- }
-
- if(chdir(dirName)) {
- perror(dirName);
- printf("Error accessing directory %s. Aborting.\n", dirName);
- exit(1);
- }
- for(currAlg=minAlg; currAlg<=maxAlg; currAlg++) {
- const SymAlgParams *algParams = &symAlgParams[currAlg];
-
- if(encrypt) {
- rtn = doEncrypt(cspHand, algParams, &ptext, quiet, verbose);
- }
- else {
- rtn = doDecrypt(cspHand, algParams, quiet, verbose);
- }
- if(rtn) {
- break;
- }
- } /* for algs */
-
- cspShutdown(cspHand, bareCsp);
- if((rtn == 0) && !quiet) {
- printf("%s test complete\n", argv[0]);
- }
- CSSM_FREE(ptext.Data);
- return rtn;
-}
-
-
projects / apple / security.git / blobdiff