blapitest.c

来自「支持SSL v2/v3, TLS, PKCS #5, PKCS #7, PKCS」· C语言 代码 · 共 1,834 行 · 第 1/4 页

/*
 * The contents of this file are subject to the Mozilla Public
 * License Version 1.1 (the "License"); you may not use this file
 * except in compliance with the License. You may obtain a copy of
 * the License at http://www.mozilla.org/MPL/
 * 
 * Software distributed under the License is distributed on an "AS
 * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
 * implied. See the License for the specific language governing
 * rights and limitations under the License.
 * 
 * The Original Code is the Netscape security libraries.
 * 
 * The Initial Developer of the Original Code is Netscape
 * Communications Corporation.  Portions created by Netscape are 
 * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
 * Rights Reserved.
 * 
 * Contributor(s):
 * 
 * Alternatively, the contents of this file may be used under the
 * terms of the GNU General Public License Version 2 or later (the
 * "GPL"), in which case the provisions of the GPL are applicable 
 * instead of those above.  If you wish to allow use of your 
 * version of this file only under the terms of the GPL and not to
 * allow others to use your version of this file under the MPL,
 * indicate your decision by deleting the provisions above and
 * replace them with the notice and other provisions required by
 * the GPL.  If you do not delete the provisions above, a recipient
 * may use your version of this file under either the MPL or the
 * GPL.
 */

#include <stdio.h>
#include <stdlib.h>

#include "blapi.h"
#include "prmem.h"
#include "prprf.h"
#include "prtime.h"
#include "prsystem.h"
#include "plstr.h"
#include "nssb64.h"
#include "secutil.h"
#include "plgetopt.h"
#include "softoken.h"

char *progName;
char *testdir = ".";

#define CHECKERROR(rv, ln) \
	if (rv) { \
		char *errtxt = NULL; \
		if (PR_GetError() != 0) { \
		errtxt = PORT_Alloc(PR_GetErrorTextLength()); \
		PR_GetErrorText(errtxt); \
		} \
		PR_fprintf(PR_STDERR, "%s: ERR (%s) at line %d.\n", progName, \
		                       (errtxt) ? "" : errtxt, ln); \
		exit(-1); \
	}

static void Usage()
{
#define PRINTUSAGE(subject, option, predicate) \
	fprintf(stderr, "%10s %s\t%s\n", subject, option, predicate);
	fprintf(stderr, "\n");
	PRINTUSAGE(progName, "[-DEHSV] -m", "List available cipher modes.");
	fprintf(stderr, "\n");
	PRINTUSAGE(progName, "-E -m mode ", "Encrypt a buffer.");
	PRINTUSAGE("",      "", "[-i plaintext] [-o ciphertext] [-k key] [-v iv]");
	PRINTUSAGE("",      "", "[-b bufsize] [-g keysize] [-erw]");
	PRINTUSAGE("",      "", "[-p repetitions]");
	PRINTUSAGE("",      "-m", "cipher mode to use.");
	PRINTUSAGE("",      "-i", "file which contains input buffer.");
	PRINTUSAGE("",      "-o", "file for output buffer.");
	PRINTUSAGE("",      "-k", "file which contains key.");
	PRINTUSAGE("",      "-v", "file which contains initialization vector.");
	PRINTUSAGE("",      "-b", "size of input buffer.");
	PRINTUSAGE("",      "-g", "key size (in bytes).");
	PRINTUSAGE("",      "-p", "do performance test.");
	PRINTUSAGE("(rsa)", "-e", "rsa public exponent.");
#if NSS_SOFTOKEN_DOES_RC5
	PRINTUSAGE("(rc5)", "-r", "number of rounds.");
	PRINTUSAGE("(rc5)", "-w", "wordsize (32 or 64).");
#endif
	fprintf(stderr, "\n");
	PRINTUSAGE(progName, "-D -m mode", "Decrypt a buffer.");
	PRINTUSAGE("",      "", "[-i plaintext] [-o ciphertext] [-k key] [-v iv]");
	PRINTUSAGE("",      "", "[-p repetitions]");
	PRINTUSAGE("",      "-m", "cipher mode to use.");
	PRINTUSAGE("",      "-i", "file which contains input buffer.");
	PRINTUSAGE("",      "-o", "file for output buffer.");
	PRINTUSAGE("",      "-k", "file which contains key.");
	PRINTUSAGE("",      "-v", "file which contains initialization vector.");
	PRINTUSAGE("",      "-p", "do performance test.");
	fprintf(stderr, "\n");
	PRINTUSAGE(progName, "-H -m mode", "Hash a buffer.");
	PRINTUSAGE("",      "", "[-i plaintext] [-o hash]");
	PRINTUSAGE("",      "", "[-b bufsize]");
	PRINTUSAGE("",      "", "[-p repetitions]");
	PRINTUSAGE("",      "-m", "cipher mode to use.");
	PRINTUSAGE("",      "-i", "file which contains input buffer.");
	PRINTUSAGE("",      "-o", "file for hash.");
	PRINTUSAGE("",      "-b", "size of input buffer.");
	PRINTUSAGE("",      "-p", "do performance test.");
	fprintf(stderr, "\n");
	PRINTUSAGE(progName, "-S -m mode", "Sign a buffer.");
	PRINTUSAGE("",      "", "[-i plaintext] [-o signature] [-k key]");
	PRINTUSAGE("",      "", "[-b bufsize]");
	PRINTUSAGE("",      "", "[-p repetitions]");
	PRINTUSAGE("",      "-m", "cipher mode to use.");
	PRINTUSAGE("",      "-i", "file which contains input buffer.");
	PRINTUSAGE("",      "-o", "file for signature.");
	PRINTUSAGE("",      "-k", "file which contains key.");
	PRINTUSAGE("",      "-p", "do performance test.");
	fprintf(stderr, "\n");
	PRINTUSAGE(progName, "-V -m mode", "Verify a signed buffer.");
	PRINTUSAGE("",      "", "[-i plaintext] [-s signature] [-k key]");
	PRINTUSAGE("",      "", "[-p repetitions]");
	PRINTUSAGE("",      "-m", "cipher mode to use.");
	PRINTUSAGE("",      "-i", "file which contains input buffer.");
	PRINTUSAGE("",      "-s", "file which contains signature of input buffer.");
	PRINTUSAGE("",      "-k", "file which contains key.");
	PRINTUSAGE("",      "-p", "do performance test.");
	fprintf(stderr, "\n");
	PRINTUSAGE(progName, "-F", "Run the FIPS self-test.");
	fprintf(stderr, "\n");
	PRINTUSAGE(progName, "-T [mode1 mode2 ...]", "Run the BLAPI self-test.");
	fprintf(stderr, "\n");
	exit(1);
}

/*  Helper functions for ascii<-->binary conversion/reading/writing */

static PRInt32
get_binary(void *arg, const unsigned char *ibuf, PRInt32 size)
{
	SECItem *binary = arg;
	SECItem *tmp;
	int index;
	if (binary->data == NULL) {
		tmp = SECITEM_AllocItem(NULL, NULL, size);
		binary->data = tmp->data;
		binary->len = tmp->len;
		index = 0;
	} else {
		SECITEM_ReallocItem(NULL, binary, binary->len, binary->len + size);
		index = binary->len;
	}
	PORT_Memcpy(&binary->data[index], ibuf, size);
	return binary->len;
}

static PRInt32
get_ascii(void *arg, const char *ibuf, PRInt32 size)
{
	SECItem *ascii = arg;
	SECItem *tmp;
	int index;
	if (ascii->data == NULL) {
		tmp = SECITEM_AllocItem(NULL, NULL, size);
		ascii->data = tmp->data;
		ascii->len = tmp->len;
		index = 0;
	} else {
		SECITEM_ReallocItem(NULL, ascii, ascii->len, ascii->len + size);
		index = ascii->len;
	}
	PORT_Memcpy(&ascii->data[index], ibuf, size);
	return ascii->len;
}

static SECStatus
atob(SECItem *ascii, SECItem *binary)
{
	SECStatus status;
	NSSBase64Decoder *cx;
	int len;
	binary->data = NULL; 
	binary->len = 0;
	len = (strcmp(&ascii->data[ascii->len-2],"\r\n"))?ascii->len:ascii->len-2;
	cx = NSSBase64Decoder_Create(get_binary, binary);
	status = NSSBase64Decoder_Update(cx, (const char *)ascii->data, len);
	status = NSSBase64Decoder_Destroy(cx, PR_FALSE);
	return status;
}

static PRInt32
output_ascii(void *arg, const char *obuf, PRInt32 size)
{
	PRFileDesc *outfile = arg;
	PRInt32 nb = PR_Write(outfile, obuf, size);
	if (nb != size) {
		PORT_SetError(SEC_ERROR_IO);
		return -1;
	}
	return nb;
}

static SECStatus
btoa(SECItem *binary, SECItem *ascii)
{
	SECStatus status;
	NSSBase64Encoder *cx;
	ascii->data = NULL;
	ascii->len = 0;
	cx = NSSBase64Encoder_Create(get_ascii, ascii);
	status = NSSBase64Encoder_Update(cx, binary->data, binary->len);
	status = NSSBase64Encoder_Destroy(cx, PR_FALSE);
	return status;
}

static SECStatus
btoa_file(SECItem *binary, PRFileDesc *outfile)
{
	SECStatus status;
	NSSBase64Encoder *cx;
	SECItem ascii;
	ascii.data = NULL; 
	ascii.len = 0;
	if (binary->len == 0) 
		return SECSuccess;
	cx = NSSBase64Encoder_Create(output_ascii, outfile);
	status = NSSBase64Encoder_Update(cx, binary->data, binary->len);
	status = NSSBase64Encoder_Destroy(cx, PR_FALSE);
	status = PR_Write(outfile, "\r\n", 2);
	return status;
}

static SECStatus
get_and_write_random_bytes(SECItem *item, PRInt32 numbytes, char *filename)
{
	SECStatus rv;
	PRFileDesc *file;
	item->len = numbytes;
	item->data = (unsigned char *)PORT_ZAlloc(numbytes);
	RNG_GenerateGlobalRandomBytes(item->data + 1, numbytes - 1);
	file = PR_Open(filename, PR_WRONLY|PR_CREATE_FILE, 00660);
	rv = btoa_file(item, file);
	CHECKERROR((rv < 0), __LINE__);
	return (rv < 0);
}

static RSAPrivateKey *
rsakey_from_filedata(SECItem *filedata)
{
	PRArenaPool *arena;
	RSAPrivateKey *key;
	unsigned char *buf = filedata->data;
	int fpos = 0;
	int i;
	SECItem *item;
	/*  Allocate space for key structure. */
	arena = PORT_NewArena(2048);
	key = (RSAPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(RSAPrivateKey));
	key->arena = arena;
	item = &key->version;
	for (i=0; i<9; i++) {
		item->len  = (buf[fpos++] & 0xff) << 24;
		item->len |= (buf[fpos++] & 0xff) << 16;
		item->len |= (buf[fpos++] & 0xff) <<  8;
		item->len |= (buf[fpos++] & 0xff);
		if (item->len > 0) {
			item->data = PORT_ArenaAlloc(arena, item->len);
			PORT_Memcpy(item->data, &buf[fpos], item->len);
		} else {
			item->data = NULL;
		}
		fpos += item->len;
		item++;
	}
	return key;
}

static void
rsakey_to_file(RSAPrivateKey *key, char *filename)
{
	PRFileDesc *file;
	SECItem *item;
	unsigned char len[4];
	int i;
	SECStatus status;
	NSSBase64Encoder *cx;
	SECItem ascii;
	ascii.data = NULL; 
	ascii.len = 0;
	file  = PR_Open(filename, PR_WRONLY|PR_CREATE_FILE, 00660);
	cx = NSSBase64Encoder_Create(output_ascii, file);
	item = &key->version;
	for (i=0; i<9; i++) {
		len[0] = (item->len >> 24) & 0xff;
		len[1] = (item->len >> 16) & 0xff;
		len[2] = (item->len >>  8) & 0xff;
		len[3] = (item->len & 0xff);
		status = NSSBase64Encoder_Update(cx, len, 4);
		status = NSSBase64Encoder_Update(cx, item->data, item->len);
		item++;
	}
	status = NSSBase64Encoder_Destroy(cx, PR_FALSE);
	status = PR_Write(file, "\r\n", 2);
	PR_Close(file);
}

static PQGParams *
pqg_from_filedata(SECItem *filedata)
{
	PRArenaPool *arena;
	PQGParams *pqg;
	unsigned char *buf = filedata->data;
	int fpos = 0;
	int i;
	SECItem *item;
	/*  Allocate space for key structure. */
	arena = PORT_NewArena(2048);
	pqg = (PQGParams *)PORT_ArenaZAlloc(arena, sizeof(PQGParams));
	pqg->arena = arena;
	item = &pqg->prime;
	for (i=0; i<3; i++) {
		item->len  = (buf[fpos++] & 0xff) << 24;
		item->len |= (buf[fpos++] & 0xff) << 16;
		item->len |= (buf[fpos++] & 0xff) <<  8;
		item->len |= (buf[fpos++] & 0xff);
		if (item->len > 0) {
			item->data = PORT_ArenaAlloc(arena, item->len);
			PORT_Memcpy(item->data, &buf[fpos], item->len);
		} else {
			item->data = NULL;
		}
		fpos += item->len;
		item++;
	}
	return pqg;
}

static DSAPrivateKey *
dsakey_from_filedata(SECItem *filedata)
{
	PRArenaPool *arena;
	DSAPrivateKey *key;
	unsigned char *buf = filedata->data;
	int fpos = 0;
	int i;
	SECItem *item;
	/*  Allocate space for key structure. */
	arena = PORT_NewArena(2048);
	key = (DSAPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(DSAPrivateKey));
	key->params.arena = arena;
	item = &key->params.prime;
	for (i=0; i<5; i++) {
		item->len  = (buf[fpos++] & 0xff) << 24;
		item->len |= (buf[fpos++] & 0xff) << 16;
		item->len |= (buf[fpos++] & 0xff) <<  8;
		item->len |= (buf[fpos++] & 0xff);
		if (item->len > 0) {
			item->data = PORT_ArenaAlloc(arena, item->len);
			PORT_Memcpy(item->data, &buf[fpos], item->len);
		} else {
			item->data = NULL;
		}
		fpos += item->len;
		item++;
	}
	return key;
}

static void
pqg_to_file(PQGParams *params, char *filename)
{
	PRFileDesc *file;
	SECItem *item;
	unsigned char len[4];
	int i;
	SECStatus status;
	NSSBase64Encoder *cx;
	SECItem ascii;
	ascii.data = NULL; 
	ascii.len = 0;
	file  = PR_Open(filename, PR_WRONLY|PR_CREATE_FILE, 00660);
	cx = NSSBase64Encoder_Create(output_ascii, file);
	item = &params->prime;
	for (i=0; i<3; i++) {
		len[0] = (item->len >> 24) & 0xff;
		len[1] = (item->len >> 16) & 0xff;
		len[2] = (item->len >>  8) & 0xff;
		len[3] = (item->len & 0xff);
		status = NSSBase64Encoder_Update(cx, len, 4);
		status = NSSBase64Encoder_Update(cx, item->data, item->len);
		item++;
	}
	status = NSSBase64Encoder_Destroy(cx, PR_FALSE);
	status = PR_Write(file, "\r\n", 2);
}

static void
dsakey_to_file(DSAPrivateKey *key, char *filename)
{
	PRFileDesc *file;
	SECItem *item;
	unsigned char len[4];
	int i;
	SECStatus status;
	NSSBase64Encoder *cx;
	SECItem ascii;
	ascii.data = NULL; 
	ascii.len = 0;
	file  = PR_Open(filename, PR_WRONLY|PR_CREATE_FILE, 00660);
	cx = NSSBase64Encoder_Create(output_ascii, file);
	item = &key->params.prime;
	for (i=0; i<5; i++) {
		len[0] = (item->len >> 24) & 0xff;
		len[1] = (item->len >> 16) & 0xff;
		len[2] = (item->len >>  8) & 0xff;
		len[3] = (item->len & 0xff);
		status = NSSBase64Encoder_Update(cx, len, 4);
		status = NSSBase64Encoder_Update(cx, item->data, item->len);
		item++;
	}
	status = NSSBase64Encoder_Destroy(cx, PR_FALSE);
	status = PR_Write(file, "\r\n", 2);
}

static void
dump_pqg(PQGParams *pqg)
{
	SECU_PrintInteger(stdout, &pqg->prime, "PRIME:", 0);
	SECU_PrintInteger(stdout, &pqg->subPrime, "SUBPRIME:", 0);
	SECU_PrintInteger(stdout, &pqg->base, "BASE:", 0);
}

static void
dump_dsakey(DSAPrivateKey *key)
{
	dump_pqg(&key->params);
	SECU_PrintInteger(stdout, &key->publicValue, "PUBLIC VALUE:", 0);
	SECU_PrintInteger(stdout, &key->privateValue, "PRIVATE VALUE:", 0);
}

/*  Multi-purpose crypto information */
typedef struct 
{
	PRBool  encrypt;
	PRBool  decrypt;
	PRBool  sign;
	PRBool  verify;
	PRBool  hash;
	SECItem seed;
	SECItem pqg;
	SECItem key;
   	SECItem iv;
   	SECItem in;
   	SECItem out;
	SECItem sigseed;
	PRInt32 keysize;
	PRInt32 bufsize;
	PRBool  useseed;
	PRBool  usesigseed;
	PRBool  performance;
	PRBool  multihash;