ext-cryptopp/validate.h

278 lines
6.3 KiB
C
Raw Normal View History

// validate.h - originally written and placed in the public domain by Wei Dai
// CryptoPP::Test namespace added by JW in February 2017
2015-11-05 06:59:46 +00:00
#ifndef CRYPTOPP_VALIDATE_H
#define CRYPTOPP_VALIDATE_H
#include "cryptlib.h"
#include "integer.h"
#include "misc.h"
#include <iostream>
#include <sstream>
#include <iomanip>
#include <ctime>
#include <cctype>
2015-11-05 06:59:46 +00:00
NAMESPACE_BEGIN(CryptoPP)
NAMESPACE_BEGIN(Test)
2015-11-05 06:59:46 +00:00
bool ValidateAll(bool thorough);
bool TestSettings();
bool TestOS_RNG();
// bool TestSecRandom();
2017-05-10 05:28:52 +00:00
bool TestRandomPool();
#if !defined(NO_OS_DEPENDENCE)
2016-01-03 17:53:46 +00:00
bool TestAutoSeededX917();
#endif
#if (CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64)
2015-11-05 06:59:46 +00:00
bool TestRDRAND();
bool TestRDSEED();
2017-08-19 19:41:45 +00:00
bool TestPadlockRNG();
#endif
bool ValidateBaseCode();
bool ValidateEncoder();
2015-11-05 06:59:46 +00:00
bool ValidateCRC32();
bool ValidateCRC32C();
2015-11-05 06:59:46 +00:00
bool ValidateAdler32();
bool ValidateMD2();
bool ValidateMD4();
bool ValidateMD5();
bool ValidateSHA();
bool ValidateSHA2();
bool ValidateTiger();
bool ValidateRIPEMD();
bool ValidatePanama();
bool ValidateWhirlpool();
2016-11-27 20:31:50 +00:00
2017-11-24 04:19:09 +00:00
bool ValidateSM3();
2016-04-18 06:39:10 +00:00
bool ValidateBLAKE2s();
bool ValidateBLAKE2b();
bool ValidatePoly1305();
bool ValidateSipHash();
2015-11-05 06:59:46 +00:00
bool ValidateHMAC();
bool ValidateTTMAC();
bool ValidateCipherModes();
bool ValidatePBKDF();
bool ValidateHKDF();
bool ValidateScrypt();
2015-11-05 06:59:46 +00:00
bool ValidateDES();
bool ValidateIDEA();
bool ValidateSAFER();
bool ValidateRC2();
bool ValidateARC4();
bool ValidateRC5();
bool ValidateBlowfish();
bool ValidateThreeWay();
bool ValidateGOST();
bool ValidateSHARK();
bool ValidateSEAL();
bool ValidateCAST();
bool ValidateSquare();
bool ValidateSKIPJACK();
bool ValidateRC6();
bool ValidateMARS();
bool ValidateRijndael();
bool ValidateTwofish();
bool ValidateSerpent();
bool ValidateSHACAL2();
bool ValidateARIA();
2018-06-30 12:25:32 +00:00
bool ValidateSIMECK();
bool ValidateCHAM();
bool ValidateHIGHT();
bool ValidateLEA();
2015-11-05 06:59:46 +00:00
bool ValidateCamellia();
2018-07-05 04:29:07 +00:00
bool ValidateHC128();
2018-07-05 10:43:04 +00:00
bool ValidateHC256();
2018-07-04 07:47:28 +00:00
bool ValidateRabbit();
2018-07-05 04:29:07 +00:00
bool ValidateSalsa();
2015-11-05 06:59:46 +00:00
bool ValidateSosemanuk();
2018-07-05 04:29:07 +00:00
2015-11-05 06:59:46 +00:00
bool ValidateVMAC();
bool ValidateCCM();
bool ValidateGCM();
bool ValidateCMAC();
bool ValidateBBS();
bool ValidateDH();
bool ValidateMQV();
2016-07-04 17:05:38 +00:00
bool ValidateHMQV();
bool ValidateFHMQV();
2015-11-05 06:59:46 +00:00
bool ValidateRSA();
bool ValidateElGamal();
bool ValidateDLIES();
bool ValidateNR();
bool ValidateDSA(bool thorough);
bool ValidateLUC();
bool ValidateLUC_DL();
bool ValidateLUC_DH();
bool ValidateXTR_DH();
bool ValidateRabin();
bool ValidateRW();
bool ValidateECP();
bool ValidateEC2N();
bool ValidateECDSA();
bool ValidateECDSA_RFC6979();
2017-11-25 08:27:07 +00:00
bool ValidateECGDSA(bool thorough);
2015-11-05 06:59:46 +00:00
bool ValidateESIGN();
bool ValidateHashDRBG();
bool ValidateHmacDRBG();
Add interface to TweetNaCl library (#566) TweetNaCl is a compact reimplementation of the NaCl library by Daniel J. Bernstein, Bernard van Gastel, Wesley Janssen, Tanja Lange, Peter Schwabe and Sjaak Smetsers. The library is less than 20 KB in size and provides 25 of the NaCl library functions. The compact library uses curve25519, XSalsa20, Poly1305 and SHA-512 as default primitives, and includes both x25519 key exchange and ed25519 signatures. The complete list of functions can be found in TweetNaCl: A crypto library in 100 tweets (20140917), Table 1, page 5. Crypto++ retained the function names and signatures but switched to data types provided by <stdint.h> to promote interoperability with Crypto++ and avoid size problems on platforms like Cygwin. For example, NaCl typdef'd u64 as an unsigned long long, but Cygwin, MinGW and MSYS are LP64 systems (not LLP64 systems). In addition, Crypto++ was missing NaCl's signed 64-bit integer i64. Crypto++ enforces the 0-key restriction due to small points. The TweetNaCl library allowed the 0-keys to small points. Also see RFC 7748, Elliptic Curves for Security, Section 6. TweetNaCl is well written but not well optimized. It runs 2x to 3x slower than optimized routines from libsodium. However, the library is still 2x to 4x faster than the algorithms NaCl was designed to replace. The Crypto++ wrapper for TweetNaCl requires OS features. That is, NO_OS_DEPENDENCE cannot be defined. It is due to TweetNaCl's internal function randombytes. Crypto++ used DefaultAutoSeededRNG within randombytes, so OS integration must be enabled. You can use another generator like RDRAND to avoid the restriction.
2018-01-18 03:02:09 +00:00
bool ValidateNaCl();
// If CRYPTOPP_DEBUG or CRYPTOPP_COVERAGE is in effect, then perform additional tests
#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE) || defined(CRYPTOPP_VALGRIND)) && !defined(CRYPTOPP_IMPORTS)
# define CRYPTOPP_EXTENDED_VALIDATION 1
#endif
#if defined(CRYPTOPP_EXTENDED_VALIDATION)
// http://github.com/weidai11/cryptopp/issues/92
bool TestSecBlock();
// http://github.com/weidai11/cryptopp/issues/64
bool TestPolynomialMod2();
// http://github.com/weidai11/cryptopp/issues/336
2016-12-07 01:56:57 +00:00
bool TestIntegerBitops();
// http://github.com/weidai11/cryptopp/issues/602
bool TestIntegerOps();
// http://github.com/weidai11/cryptopp/issues/360
bool TestRounding();
// http://github.com/weidai11/cryptopp/issues/242
2016-08-21 07:18:26 +00:00
bool TestHuffmanCodes();
// http://github.com/weidai11/cryptopp/issues/346
bool TestASN1Parse();
// Additional tests due to no coverage
bool TestCompressors();
bool TestEncryptors();
bool TestMersenne();
bool TestSharing();
#endif
#if 1
// Coverity findings in benchmark and validation routines
class StreamState
{
public:
StreamState(std::ostream& out)
2017-03-18 12:18:05 +00:00
: m_out(out), m_prec(out.precision()), m_width(out.width()), m_fmt(out.flags()), m_fill(out.fill())
{
}
~StreamState()
{
m_out.fill(m_fill);
2017-03-18 12:18:05 +00:00
m_out.flags(m_fmt);
m_out.width(m_width);
m_out.precision(m_prec);
}
private:
std::ostream& m_out;
std::streamsize m_prec;
2017-03-18 12:18:05 +00:00
std::streamsize m_width;
std::ios_base::fmtflags m_fmt;
std::ostream::char_type m_fill;
};
#endif
#if 0
class StreamState
{
public:
StreamState(std::ostream& out)
: m_out(out), m_state(NULLPTR)
{
m_state.copyfmt(m_out);
}
~StreamState()
{
m_out.copyfmt(m_state);
}
private:
std::ostream& m_out;
std::ios m_state;
};
#endif
// Safer functions on Windows for C&A, http://github.com/weidai11/cryptopp/issues/55
inline std::string TimeToString(const time_t& t)
{
#if (CRYPTOPP_MSC_VERSION >= 1400)
tm localTime = {};
char timeBuf[64];
errno_t err;
err = ::localtime_s(&localTime, &t);
CRYPTOPP_ASSERT(err == 0);
err = ::asctime_s(timeBuf, sizeof(timeBuf), &localTime);
CRYPTOPP_ASSERT(err == 0);
std::string str(timeBuf);
#else
std::string str(::asctime(::localtime(&t)));
#endif
// Cleanup whitespace
std::string::size_type pos = 0;
while (!str.empty() && std::isspace(*(str.end()-1)))
{str.erase(str.end()-1);}
while (!str.empty() && std::string::npos != (pos = str.find(" ", pos)))
{ str.erase(pos, 1); }
return str;
}
// Coverity finding
template <class T, bool NON_NEGATIVE>
inline T StringToValue(const std::string& str)
{
std::istringstream iss(str);
// Arbitrary, but we need to clear a Coverity finding TAINTED_SCALAR
if (iss.str().length() > 25)
throw InvalidArgument(str + "' is too long");
T value;
iss >> std::noskipws >> value;
// Use fail(), not bad()
if (iss.fail() || !iss.eof())
throw InvalidArgument(str + "' is not a value");
if (NON_NEGATIVE && value < 0)
throw InvalidArgument(str + "' is negative");
return value;
}
// Coverity finding
template<>
inline int StringToValue<int, true>(const std::string& str)
{
Integer n(str.c_str());
long l = n.ConvertToLong();
int r;
if (!SafeConvert(l, r))
throw InvalidArgument(str + "' is not an integer value");
return r;
}
// Functions that need a RNG; uses AES inf CFB mode with Seed.
2015-11-05 06:59:46 +00:00
CryptoPP::RandomNumberGenerator & GlobalRNG();
2015-11-05 06:59:46 +00:00
bool RunTestDataFile(const char *filename, const CryptoPP::NameValuePairs &overrideParameters=CryptoPP::g_nullNameValuePairs, bool thorough=true);
NAMESPACE_END // Test
NAMESPACE_END // CryptoPP
2015-11-05 06:59:46 +00:00
#endif