ext-cryptopp/validate.h

396 lines
11 KiB
C
Raw Normal View History

// validate.h - originally written and placed in the public domain by Wei Dai
// CryptoPP::Test namespace added by JW in February 2017
2015-11-05 06:59:46 +00:00
#ifndef CRYPTOPP_VALIDATE_H
#define CRYPTOPP_VALIDATE_H
#include "cryptlib.h"
#include "misc.h"
#include "files.h"
#include "argnames.h"
#include "algparam.h"
#include "hex.h"
#include <iostream>
#include <sstream>
#include <iomanip>
#include <ctime>
#include <cctype>
2015-11-05 06:59:46 +00:00
NAMESPACE_BEGIN(CryptoPP)
NAMESPACE_BEGIN(Test)
// A hint to help locate TestData/ and TestVectors/ after install. Due to
// execve the path can be malicious. If the path is ficticous then we move
// onto the next potential path. Also note we only read from the path; we
// never write through it. Storage for the string is in test.cpp.
extern std::string g_argvPathHint;
2015-11-05 06:59:46 +00:00
bool ValidateAll(bool thorough);
bool TestSettings();
bool TestOS_RNG();
// bool TestSecRandom();
2017-05-10 05:28:52 +00:00
bool TestRandomPool();
#if !defined(NO_OS_DEPENDENCE)
2016-01-03 17:53:46 +00:00
bool TestAutoSeededX917();
#endif
#if (CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64)
2015-11-05 06:59:46 +00:00
bool TestRDRAND();
bool TestRDSEED();
2017-08-19 19:41:45 +00:00
bool TestPadlockRNG();
#endif
#if (CRYPTOPP_BOOL_PPC32 || CRYPTOPP_BOOL_PPC64)
bool TestDARN();
#endif
bool ValidateBaseCode();
bool ValidateEncoder();
2015-11-05 06:59:46 +00:00
bool ValidateCRC32();
bool ValidateCRC32C();
2015-11-05 06:59:46 +00:00
bool ValidateAdler32();
bool ValidateMD2();
bool ValidateMD4();
bool ValidateMD5();
bool ValidateSHA();
bool ValidateSHA2();
bool ValidateSHA3();
bool ValidateSHAKE(); // output <= r, where r is blocksize
bool ValidateSHAKE_XOF(); // output > r, needs hand crafted tests
bool ValidateKeccak();
2015-11-05 06:59:46 +00:00
bool ValidateTiger();
bool ValidateRIPEMD();
bool ValidatePanama();
bool ValidateWhirlpool();
bool ValidateLSH();
2016-11-27 20:31:50 +00:00
2017-11-24 04:19:09 +00:00
bool ValidateSM3();
2016-04-18 06:39:10 +00:00
bool ValidateBLAKE2s();
bool ValidateBLAKE2b();
bool ValidatePoly1305();
bool ValidateSipHash();
2015-11-05 06:59:46 +00:00
bool ValidateHMAC();
bool ValidateTTMAC();
bool ValidateCipherModes();
bool ValidatePBKDF();
bool ValidateHKDF();
bool ValidateScrypt();
2015-11-05 06:59:46 +00:00
bool ValidateDES();
bool ValidateIDEA();
bool ValidateSAFER();
bool ValidateRC2();
bool ValidateARC4();
bool ValidateRC5();
bool ValidateBlowfish();
bool ValidateBlowfishCompat();
2015-11-05 06:59:46 +00:00
bool ValidateThreeWay();
bool ValidateGOST();
bool ValidateSHARK();
bool ValidateSEAL();
bool ValidateCAST();
bool ValidateSquare();
bool ValidateSKIPJACK();
bool ValidateRC6();
bool ValidateMARS();
bool ValidateRijndael();
bool ValidateTwofish();
bool ValidateSerpent();
bool ValidateSHACAL2();
bool ValidateARIA();
2018-06-30 12:25:32 +00:00
bool ValidateSIMECK();
bool ValidateCHAM();
bool ValidateHIGHT();
bool ValidateLEA();
bool ValidateSIMON();
bool ValidateSPECK();
2015-11-05 06:59:46 +00:00
bool ValidateCamellia();
2018-07-05 04:29:07 +00:00
bool ValidateHC128();
2018-07-05 10:43:04 +00:00
bool ValidateHC256();
2018-07-04 07:47:28 +00:00
bool ValidateRabbit();
2018-07-05 04:29:07 +00:00
bool ValidateSalsa();
2018-11-09 03:08:59 +00:00
bool ValidateChaCha();
bool ValidateChaChaTLS();
2015-11-05 06:59:46 +00:00
bool ValidateSosemanuk();
2018-07-05 04:29:07 +00:00
2015-11-05 06:59:46 +00:00
bool ValidateVMAC();
bool ValidateCCM();
bool ValidateGCM();
bool ValidateXTS();
2015-11-05 06:59:46 +00:00
bool ValidateCMAC();
bool ValidateBBS();
bool ValidateDH();
bool ValidateMQV();
2016-07-04 17:05:38 +00:00
bool ValidateHMQV();
bool ValidateFHMQV();
2015-11-05 06:59:46 +00:00
bool ValidateRSA();
bool ValidateElGamal();
bool ValidateDLIES();
bool ValidateNR();
bool ValidateDSA(bool thorough);
bool ValidateLUC();
bool ValidateLUC_DL();
bool ValidateLUC_DH();
bool ValidateXTR_DH();
bool ValidateRabin();
bool ValidateRW();
bool ValidateECP();
bool ValidateEC2N();
bool ValidateECDSA();
bool ValidateECDSA_RFC6979();
2017-11-25 08:27:07 +00:00
bool ValidateECGDSA(bool thorough);
2015-11-05 06:59:46 +00:00
bool ValidateESIGN();
bool ValidateHashDRBG();
bool ValidateHmacDRBG();
bool TestX25519();
bool TestEd25519();
bool ValidateX25519();
bool ValidateEd25519();
Add interface to TweetNaCl library (#566) TweetNaCl is a compact reimplementation of the NaCl library by Daniel J. Bernstein, Bernard van Gastel, Wesley Janssen, Tanja Lange, Peter Schwabe and Sjaak Smetsers. The library is less than 20 KB in size and provides 25 of the NaCl library functions. The compact library uses curve25519, XSalsa20, Poly1305 and SHA-512 as default primitives, and includes both x25519 key exchange and ed25519 signatures. The complete list of functions can be found in TweetNaCl: A crypto library in 100 tweets (20140917), Table 1, page 5. Crypto++ retained the function names and signatures but switched to data types provided by <stdint.h> to promote interoperability with Crypto++ and avoid size problems on platforms like Cygwin. For example, NaCl typdef'd u64 as an unsigned long long, but Cygwin, MinGW and MSYS are LP64 systems (not LLP64 systems). In addition, Crypto++ was missing NaCl's signed 64-bit integer i64. Crypto++ enforces the 0-key restriction due to small points. The TweetNaCl library allowed the 0-keys to small points. Also see RFC 7748, Elliptic Curves for Security, Section 6. TweetNaCl is well written but not well optimized. It runs 2x to 3x slower than optimized routines from libsodium. However, the library is still 2x to 4x faster than the algorithms NaCl was designed to replace. The Crypto++ wrapper for TweetNaCl requires OS features. That is, NO_OS_DEPENDENCE cannot be defined. It is due to TweetNaCl's internal function randombytes. Crypto++ used DefaultAutoSeededRNG within randombytes, so OS integration must be enabled. You can use another generator like RDRAND to avoid the restriction.
2018-01-18 03:02:09 +00:00
bool ValidateNaCl();
// If CRYPTOPP_DEBUG or CRYPTOPP_COVERAGE is in effect, then perform additional tests
#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
# define CRYPTOPP_EXTENDED_VALIDATION 1
#endif
#if defined(CRYPTOPP_EXTENDED_VALIDATION)
// http://github.com/weidai11/cryptopp/issues/92
bool TestSecBlock();
// http://github.com/weidai11/cryptopp/issues/64
bool TestPolynomialMod2();
// http://github.com/weidai11/cryptopp/issues/336
2016-12-07 01:56:57 +00:00
bool TestIntegerBitops();
// http://github.com/weidai11/cryptopp/issues/602
bool TestIntegerOps();
// http://github.com/weidai11/cryptopp/issues/360
bool TestRounding();
// http://github.com/weidai11/cryptopp/issues/242
2016-08-21 07:18:26 +00:00
bool TestHuffmanCodes();
// http://github.com/weidai11/cryptopp/issues/346
bool TestASN1Parse();
2021-03-21 08:06:38 +00:00
bool TestASN1Functions();
2018-09-09 01:52:14 +00:00
// https://github.com/weidai11/cryptopp/pull/334
bool TestStringSink();
// Additional tests due to no coverage
bool TestCompressors();
bool TestEncryptors();
bool TestMersenne();
bool TestSharing();
# if defined(CRYPTOPP_ALTIVEC_AVAILABLE)
bool TestAltivecOps();
# endif
#endif
class FixedRNG : public RandomNumberGenerator
{
public:
FixedRNG(BufferedTransformation &source) : m_source(source) {}
void GenerateBlock(byte *output, size_t size)
{
m_source.Get(output, size);
}
private:
BufferedTransformation &m_source;
};
// Safer functions on Windows for C&A, http://github.com/weidai11/cryptopp/issues/55
inline std::string TimeToString(const time_t& t)
{
#if (CRYPTOPP_MSC_VERSION >= 1400)
tm localTime;
char timeBuf[64];
errno_t err;
err = ::localtime_s(&localTime, &t);
CRYPTOPP_ASSERT(err == 0);
err = ::asctime_s(timeBuf, sizeof(timeBuf), &localTime);
CRYPTOPP_ASSERT(err == 0);
2019-06-03 09:41:58 +00:00
std::string str(err == 0 ? timeBuf : "");
#elif defined(__MINGW32__) || defined(__MINGW64__)
char* timeString = ::asctime(::localtime(&t));
std::string str(timeString ? timeString : "");
#elif (_POSIX_C_SOURCE >= 1 || _XOPEN_SOURCE || _BSD_SOURCE || _SVID_SOURCE || defined(_POSIX_SOURCE))
tm localTime;
2019-06-03 09:41:58 +00:00
char timeBuf[64];
char* timeString = ::asctime_r(::localtime_r(&t, &localTime), timeBuf);
std::string str(timeString ? timeString : "");
#else
2019-06-03 09:41:58 +00:00
char* timeString = ::asctime(::localtime(&t));
std::string str(timeString ? timeString : "");
#endif
// Cleanup whitespace
std::string::size_type pos = 0;
while (!str.empty() && std::isspace(str[str.length()-1]))
{str.erase(str.end()-1);}
while (!str.empty() && std::string::npos != (pos = str.find(" ", pos)))
{str.erase(pos, 1);}
return str;
}
// Coverity finding
template <class T, bool NON_NEGATIVE>
inline T StringToValue(const std::string& str)
{
std::istringstream iss(str);
// Arbitrary, but we need to clear a Coverity finding TAINTED_SCALAR
if (iss.str().length() > 25)
throw InvalidArgument(str + "' is too long");
T value;
iss >> std::noskipws >> value;
// Use fail(), not bad()
2018-12-08 13:08:08 +00:00
if (iss.fail())
throw InvalidArgument(str + "' is not a value");
if (NON_NEGATIVE && value < 0)
throw InvalidArgument(str + "' is negative");
return value;
}
// Coverity finding
template<>
inline int StringToValue<int, true>(const std::string& str)
{
Integer n(str.c_str());
long l = n.ConvertToLong();
int r;
if (!SafeConvert(l, r))
throw InvalidArgument(str + "' is not an integer value");
return r;
}
inline std::string AddSeparator(std::string str)
{
2019-02-02 05:29:36 +00:00
if (str.empty()) return "";
const char last = str[str.length()-1];
if (last != '/' && last != '\\')
return str + "/";
return str;
}
2019-02-02 05:47:56 +00:00
// Use CRYPTOPP_DATA_DIR last. The problem this sidesteps is, finding an
// old version of Crypto++ library in CRYPTOPP_DATA_DIR when the library
// has been staged in DESTDIR. Using CRYPTOPP_DATA_DIR first only works
// as expected when CRYPTOPP_DATA_DIR is empty before an install. We
// encountered this problem rather quickly during testing of Crypto++ 8.1
// when Crypto++ 8.0 was installed locally. It took some time to realize
// where the old test data was coming from.
static std::string GetDataDir()
{
std::ifstream file;
std::string name, filename = "TestData/usage.dat";
#ifndef CRYPTOPP_DISABLE_DATA_DIR_SEARCH
2019-02-02 05:47:56 +00:00
// Look in $ORIGIN/../share/. This is likely a Linux install directory.
name = AddSeparator(g_argvPathHint) + std::string("../share/cryptopp/") + filename;
file.open(name.c_str());
if (file.is_open())
2019-02-02 05:47:56 +00:00
return AddSeparator(g_argvPathHint) + std::string("../share/cryptopp/");
#endif
#ifndef CRYPTOPP_DISABLE_DATA_DIR_SEARCH
2019-02-02 05:47:56 +00:00
// Look in current working directory
name = AddSeparator(g_argvPathHint) + filename;
file.open(name.c_str());
if (file.is_open())
2019-02-02 05:47:56 +00:00
return AddSeparator(g_argvPathHint);
2019-02-02 05:29:36 +00:00
#endif
#ifdef CRYPTOPP_DATA_DIR
// Honor CRYPTOPP_DATA_DIR. This is likely an install directory if it is not "./".
name = AddSeparator(CRYPTOPP_DATA_DIR) + filename;
file.open(name.c_str());
if (file.is_open())
return AddSeparator(CRYPTOPP_DATA_DIR);
#endif
return "./";
}
inline std::string DataDir(const std::string& filename)
{
std::string name;
std::ifstream file;
#if CRYPTOPP_CXX11_STATIC_INIT
static std::string path = AddSeparator(GetDataDir());
name = path + filename;
file.open(name.c_str());
if (file.is_open())
return name;
#else
2019-01-02 17:02:32 +00:00
// Avoid static initialization problems
name = AddSeparator(GetDataDir()) + filename;
file.open(name.c_str());
if (file.is_open())
return name;
#endif
// This will cause the expected exception in the caller
return filename;
}
// Definition in test.cpp
RandomNumberGenerator& GlobalRNG();
// Definition in datatest.cpp
bool RunTestDataFile(const char *filename, const NameValuePairs &overrideParameters=g_nullNameValuePairs, bool thorough=true);
// Definitions in validat6.cpp
bool CryptoSystemValidate(PK_Decryptor &priv, PK_Encryptor &pub, bool thorough = false);
bool SimpleKeyAgreementValidate(SimpleKeyAgreementDomain &d);
bool AuthenticatedKeyAgreementWithRolesValidate(AuthenticatedKeyAgreementDomain &initiator, AuthenticatedKeyAgreementDomain &recipient);
bool AuthenticatedKeyAgreementValidate(AuthenticatedKeyAgreementDomain &d);
bool SignatureValidate(PK_Signer &priv, PK_Verifier &pub, bool thorough = false);
// Miscellaneous PK definitions in validat6.cpp
// Key Agreement definitions in validat7.cpp
// Encryption and Decryption definitions in validat8.cpp
// Sign and Verify definitions in validat9.cpp
bool ValidateECP();
bool ValidateEC2N();
bool ValidateRSA_Encrypt();
bool ValidateRSA_Sign();
bool ValidateLUC_Encrypt();
bool ValidateLUC_Sign();
bool ValidateLUC_DL_Encrypt();
bool ValidateLUC_DL_Sign();
bool ValidateRabin_Encrypt();
bool ValidateRabin_Sign();
bool ValidateECP();
bool ValidateECP_Agreement();
bool ValidateECP_Encrypt();
bool ValidateECP_Sign();
bool ValidateECP_Legacy_Encrypt();
bool ValidateEC2N_Legacy_Encrypt();
bool ValidateECP_NULLDigest_Encrypt();
bool ValidateEC2N();
bool ValidateEC2N_Agreement();
bool ValidateEC2N_Encrypt();
bool ValidateEC2N_Sign();
2015-11-05 06:59:46 +00:00
NAMESPACE_END // Test
NAMESPACE_END // CryptoPP
2015-11-05 06:59:46 +00:00
#endif