self-test

2024-10-25 11:15:34 +00:00 · 2000-05-26 07:53:38 +00:00 · 2000-05-26 07:53:38 +00:00 · d5c80d5666
commit d5c80d5666
parent c2de81c270
35 changed files with 65 additions and 0 deletions
--- a/security/nss/cmd/bltest/tests/README
+++ b/security/nss/cmd/bltest/tests/README
@ -0,0 +1,26 @@
+This directory contains a set of tests for each cipher supported by BLAPI.  Each subdirectory contains known plaintext and ciphertext pairs (and keys and/or iv's if needed).  The tests can be run as a full set with:
+bltest -T
+or as subsets, for example:
+bltest -T des_ecb rc2 rsa
+
+In each subdirectory, the plaintext, key, and iv are ascii, and treated as such.  The ciphertext is base64-encoded to avoid the hassle of binary files.
+
+To add a test, incremement the value in the numtests file.  Create a plaintext, key, and iv file, such that the name of the file is incrememted one from the last set of tests.  For example, if you are adding the second test, put your data in files named plaintext1, key1, and iv1 (ignoring key and iv if they are not needed, of course).  Make sure your key and iv are the correct number of bytes for your cipher (a trailing \n is okay, but any other trailing bytes will be used!).  Once you have your input data, create output data by running bltest on a trusted implementation.  For example, for a new DES ECB test, run
+bltest -E -m des_ecb -i plaintext1 -k key1 -o ciphertext1 -a
+in the tests/des_ecb directory.  Then run
+bltest -T des_ecb
+from the cmd/bltest directory in the tree of the implementation you want to test.
+
+Note that the -a option above is important, it tells bltest to expect the input to be straight ASCII, and not base64 encoded binary!
+
+Special cases:
+
+RC5:
+RC5 can take additional parameters, the number of rounds to perform and the wordsize to use.  The number of rounds is between is between 0 and 255, and the wordsize is either is either 16, 32, or 64 bits (at this time only 32-bit is supported).  These parameters are specified in a paramsN file, where N is an index as above.  The format of the file is "rounds=R\nwordsize=W\n".
+
+public key modes (RSA and DSA):
+Asymmetric key ciphers use keys with special properties, so creating a key file with "Mozilla!" in it will not get you very far!  To create a public key, run bltest with the plaintext you want to encrypt, using a trusted implementation.  bltest will generate a key and store it in "tmp.key", rename that file to keyN.  For example:
+bltest -E -m rsa -i plaintext0 -o ciphertext0 -e 65537 -g 32 -a
+mv tmp.key key0
+
+[note: specifying a keysize (-g) when using RSA is important!]
--- a/security/nss/cmd/bltest/tests/md5/ciphertext0
+++ b/security/nss/cmd/bltest/tests/md5/ciphertext0
@ -0,0 +1 @@
+XN8lnQuWAiMqmSGfvd8Hdw==
--- a/security/nss/cmd/bltest/tests/md5/numtests
+++ b/security/nss/cmd/bltest/tests/md5/numtests
@ -0,0 +1 @@
+1
--- a/security/nss/cmd/bltest/tests/md5/plaintext0
+++ b/security/nss/cmd/bltest/tests/md5/plaintext0
@ -0,0 +1 @@
+63-byte input to MD5 can be a bit tricky, but no problems here.
--- a/security/nss/cmd/bltest/tests/rc2_cbc/ciphertext0
+++ b/security/nss/cmd/bltest/tests/rc2_cbc/ciphertext0
@ -0,0 +1 @@
+3ki6eVsWpY8=
--- a/security/nss/cmd/bltest/tests/rc2_cbc/iv0
+++ b/security/nss/cmd/bltest/tests/rc2_cbc/iv0
@ -0,0 +1 @@
+12345678
--- a/security/nss/cmd/bltest/tests/rc2_cbc/key0
+++ b/security/nss/cmd/bltest/tests/rc2_cbc/key0
@ -0,0 +1 @@
+zyxwvuts
--- a/security/nss/cmd/bltest/tests/rc2_cbc/numtests
+++ b/security/nss/cmd/bltest/tests/rc2_cbc/numtests
@ -0,0 +1 @@
+1
--- a/security/nss/cmd/bltest/tests/rc2_cbc/plaintext0
+++ b/security/nss/cmd/bltest/tests/rc2_cbc/plaintext0
@ -0,0 +1 @@
+Mozilla!
--- a/security/nss/cmd/bltest/tests/rc2_ecb/ciphertext0
+++ b/security/nss/cmd/bltest/tests/rc2_ecb/ciphertext0
@ -0,0 +1 @@
+WT+tc4fANhQ=
--- a/security/nss/cmd/bltest/tests/rc2_ecb/key0
+++ b/security/nss/cmd/bltest/tests/rc2_ecb/key0
@ -0,0 +1 @@
+zyxwvuts
--- a/security/nss/cmd/bltest/tests/rc2_ecb/numtests
+++ b/security/nss/cmd/bltest/tests/rc2_ecb/numtests
@ -0,0 +1 @@
+1
--- a/security/nss/cmd/bltest/tests/rc2_ecb/plaintext0
+++ b/security/nss/cmd/bltest/tests/rc2_ecb/plaintext0
@ -0,0 +1 @@
+Mozilla!
--- a/security/nss/cmd/bltest/tests/rc4/ciphertext0
+++ b/security/nss/cmd/bltest/tests/rc4/ciphertext0
@ -0,0 +1 @@
+34sTZJtr20k=
--- a/security/nss/cmd/bltest/tests/rc4/key0
+++ b/security/nss/cmd/bltest/tests/rc4/key0
@ -0,0 +1 @@
+zyxwvuts
--- a/security/nss/cmd/bltest/tests/rc4/numtests
+++ b/security/nss/cmd/bltest/tests/rc4/numtests
@ -0,0 +1 @@
+1
--- a/security/nss/cmd/bltest/tests/rc4/plaintext0
+++ b/security/nss/cmd/bltest/tests/rc4/plaintext0
@ -0,0 +1 @@
+Mozilla!
--- a/security/nss/cmd/bltest/tests/rc5_cbc/ciphertext0
+++ b/security/nss/cmd/bltest/tests/rc5_cbc/ciphertext0
@ -0,0 +1 @@
+qsv4Fn2J6d0=
--- a/security/nss/cmd/bltest/tests/rc5_cbc/iv0
+++ b/security/nss/cmd/bltest/tests/rc5_cbc/iv0
@ -0,0 +1 @@
+12345678
--- a/security/nss/cmd/bltest/tests/rc5_cbc/key0
+++ b/security/nss/cmd/bltest/tests/rc5_cbc/key0
@ -0,0 +1 @@
+zyxwvuts
--- a/security/nss/cmd/bltest/tests/rc5_cbc/numtests
+++ b/security/nss/cmd/bltest/tests/rc5_cbc/numtests
@ -0,0 +1 @@
+1
--- a/security/nss/cmd/bltest/tests/rc5_cbc/params0
+++ b/security/nss/cmd/bltest/tests/rc5_cbc/params0
@ -0,0 +1,2 @@
+rounds=10
+wordsize=4
--- a/security/nss/cmd/bltest/tests/rc5_cbc/plaintext0
+++ b/security/nss/cmd/bltest/tests/rc5_cbc/plaintext0
@ -0,0 +1 @@
+Mozilla!
--- a/security/nss/cmd/bltest/tests/rc5_ecb/ciphertext0
+++ b/security/nss/cmd/bltest/tests/rc5_ecb/ciphertext0
@ -0,0 +1 @@
+4ZKK/1v5Ohc=
--- a/security/nss/cmd/bltest/tests/rc5_ecb/key0
+++ b/security/nss/cmd/bltest/tests/rc5_ecb/key0
@ -0,0 +1 @@
+zyxwvuts
--- a/security/nss/cmd/bltest/tests/rc5_ecb/numtests
+++ b/security/nss/cmd/bltest/tests/rc5_ecb/numtests
@ -0,0 +1 @@
+1
--- a/security/nss/cmd/bltest/tests/rc5_ecb/params0
+++ b/security/nss/cmd/bltest/tests/rc5_ecb/params0
@ -0,0 +1,2 @@
+rounds=10
+wordsize=4
--- a/security/nss/cmd/bltest/tests/rc5_ecb/plaintext0
+++ b/security/nss/cmd/bltest/tests/rc5_ecb/plaintext0
@ -0,0 +1 @@
+Mozilla!
--- a/security/nss/cmd/bltest/tests/rsa/ciphertext0
+++ b/security/nss/cmd/bltest/tests/rsa/ciphertext0
@ -0,0 +1 @@
+qPVrXv0y3SC5rY44bIi6GE4Aec8uDpHH7/cCg0FU5as=
--- a/security/nss/cmd/bltest/tests/rsa/key0
+++ b/security/nss/cmd/bltest/tests/rsa/key0
@ -0,0 +1,4 @@
+AAAAAAAAACC5lyu2K2ro8YGnvOCKaL1sFX1HEIblIVbuMXsa8oeFSwAAAAERAAAA
+IBXVjKwFG6LvPG4WOIjBBzmxGNpkQwDs3W5qZcXVzqahAAAAEOEOH/WnhZCJyM39
+oNfhf18AAAAQ0xvmxqXXs3L62xxogUl9lQAAABAaeiHgqkvy4wiQtG1Gkv/tAAAA
+EMaw2TNu6SFdKFXAYluQdjEAAAAQi0u+IlgKCt/hatGAsTrfzQ==
--- a/security/nss/cmd/bltest/tests/rsa/numtests
+++ b/security/nss/cmd/bltest/tests/rsa/numtests
@ -0,0 +1 @@
+1
--- a/security/nss/cmd/bltest/tests/rsa/plaintext0
+++ b/security/nss/cmd/bltest/tests/rsa/plaintext0
@ -0,0 +1 @@
+512bitsforRSAPublicKeyEncryption
--- a/security/nss/cmd/bltest/tests/sha1/ciphertext0
+++ b/security/nss/cmd/bltest/tests/sha1/ciphertext0
@ -0,0 +1 @@
+cDSMAygXMPIJZC5bntZ4ZhecQ9g=
--- a/security/nss/cmd/bltest/tests/sha1/numtests
+++ b/security/nss/cmd/bltest/tests/sha1/numtests
@ -0,0 +1 @@
+1
--- a/security/nss/cmd/bltest/tests/sha1/plaintext0
+++ b/security/nss/cmd/bltest/tests/sha1/plaintext0
@ -0,0 +1 @@
+A cage went in search of a bird.
				`@ -0,0 +1 @@`
				`63-byte input to MD5 can be a bit tricky, but no problems here.`
				`@ -0,0 +1 @@`
				`qPVrXv0y3SC5rY44bIi6GE4Aec8uDpHH7/cCg0FU5as=`