📄 optest.c
字号:
/*____________________________________________________________________________
optest.c
Copyright (C) 2003, 2004 PGP Corporation
All rights reserved.
FIPS 140-2 Operational Test
$Id: optest.c 48493 2006-10-12 21:19:56Z vinnie $
____________________________________________________________________________*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <errno.h> /* For errno */
#include <time.h>
#include <sys/types.h>
#include <sys/stat.h> /* For struct stat */
#if PGP_SYMBIAN
#include <sys/unistd.h>
#endif
#include "pgpFeatures.h"
#include "pgpErrors.h"
#include "pgpUtilities.h"
#include "pgpKeyServer.h"
#include "pgpRandomPool.h"
#include "optest.h"
#if PGP_UNIX
#include <sys/utsname.h>
#endif
#if PGP_MOBILE
#define STAT_FILE _stati64
#define STAT_STRUCT struct _stati64
#elif PGP_WIN32
#define STAT_FILE _stat
#define STAT_STRUCT struct _stat
#else
#define STAT_FILE stat
#define STAT_STRUCT struct stat
#endif
#if PGP_OSX
/* support for weak linking */
extern PGPError PGPsdkInit( PGPFlags options ) __attribute__((weak_import));
#endif
PGPFlags sSDKintFlags = kPGPFlags_ForceLocalExecution | kPGPFlags_SuppressCacheThread;
TokenTestFlags sTokenTestFlags = 0;
static char BORDER_TEXT[] = "-------------------------------------------------------------------------\n";
/*---------------------------------------------------------------------------------------
Globals
---------------------------------------------------------------------------------------*/
PGPBoolean gVerbose_flag = FALSE;
PGPBoolean gDebug_flag = FALSE;
char* gOutputDirectory = NULL;
char* gTestVectorsDirectory = NULL;
char* gTestKeysPath = NULL;
char* gP11Module = NULL;
char* gTokenSOPIN = NULL;
char* gTokenUserPIN = NULL;
PGPUInt32 gTokNumber = 0;
/*---------------------------------------------------------------------------------------
Test Mode Support
---------------------------------------------------------------------------------------*/
typedef enum
{
kTest_Invalid = 0,
kTest_FipsMode,
kTest_FailReset,
kTest_SelfTests,
kTest_RNG,
kTest_SHA,
kTest_Hmac,
kTest_Ciphers,
kTest_KeyCert,
kTest_KeyGen,
kTest_Encode,
kTest_Expire,
kTest_KeyUsage,
kTest_Tar,
kTest_KeyMgmt,
kTest_Share,
kTest_X931,
kTest_Tokens,
kTest_TokensKeys,
kTest_Keyserver,
kTest_X509,
kTest_Recon,
kTest_FIPSValidation,
kTest_All,
} PGPTest;
typedef enum
{
kArg_Invalid = 0,
kArg_TestID,
kArg_TestSet,
kArg_Boolean,
kArg_String,
kArg_UInt,
kArg_Other,
} ArgType;
typedef struct
{
PGPBoolean enable;
ArgType type;
void* argument;
PGPTest testID;
char* shortName;
char* longName;
} TestTable;
/*---------------------------------------------------------------------------------------
pre-set test sets
---------------------------------------------------------------------------------------*/
static PGPTest sDefaultTests[] =
{
#if PGP_SYMBIAN
kTest_RNG,
kTest_SHA,
kTest_Hmac,
kTest_Ciphers,
kTest_KeyCert,
kTest_KeyGen,
kTest_Encode,
kTest_Expire,
kTest_KeyUsage,
kTest_KeyMgmt,
kTest_Share,
kTest_X931,
#else
kTest_RNG,
kTest_SHA,
kTest_Hmac,
kTest_Ciphers,
kTest_KeyCert,
kTest_KeyGen,
kTest_Encode,
kTest_Expire,
kTest_KeyUsage,
kTest_KeyMgmt,
kTest_Share,
kTest_X931,
kTest_Tar,
kTest_Keyserver,
kTest_X509,
// kTest_Tokens,
kTest_Recon,
#endif
kTest_Invalid // null terminated
};
static PGPTest sFIPSTests[] =
{
kTest_FipsMode,
kTest_FailReset,
kTest_SelfTests,
kTest_RNG,
kTest_SHA,
kTest_Hmac,
kTest_Ciphers,
kTest_KeyCert,
kTest_KeyGen,
kTest_Encode,
kTest_Expire,
kTest_KeyUsage,
kTest_KeyMgmt,
kTest_Tar,
kTest_Share,
kTest_X931,
kTest_X509,
kTest_Invalid // null terminated
};
/*---------------------------------------------------------------------------------------
Command line arguments
---------------------------------------------------------------------------------------*/
static TestTable sOpTestTable[] =
{
{ 0, kArg_TestID, NULL, kTest_FipsMode, "fipsmode", "Enable FIPS 140-2 mode"},
{ 0, kArg_TestID, NULL, kTest_FailReset, "fail", "FIPS 140-2 mode self-test fail/reset"},
{ 0, kArg_TestID, NULL, kTest_SelfTests, "selftest", "Module self-tests"},
{ 0, kArg_TestID, NULL, kTest_RNG, "RNG", "Random Number Generator" },
{ 0, kArg_TestID, NULL, kTest_SHA, "SHA", "Secure Hash Algorithm" },
{ 0, kArg_TestID, NULL, kTest_Hmac, "HMAC", "Keyed-Hashing for Message Authentication" },
{ 0, kArg_TestID, NULL, kTest_Ciphers, "ciphers", "Low Level Encryption" },
{ 0, kArg_TestID, NULL, kTest_KeyCert, "keycert", "Key Certificate" },
{ 0, kArg_TestID, NULL, kTest_KeyGen, "keygen", "Key Generation" },
{ 0, kArg_TestID, NULL, kTest_Encode, "encode", "High Level Encryption" },
{ 0, kArg_TestID, NULL, kTest_Expire, "expire", "Key Expiration" },
{ 0, kArg_TestID, NULL, kTest_KeyUsage, "usage", "Key Usage" },
{ 0, kArg_TestID, NULL, kTest_Tar, "tar", "PGP Zip" },
{ 0, kArg_TestID, NULL, kTest_KeyMgmt, "mgmt", "Key Management" },
{ 0, kArg_TestID, NULL, kTest_Share, "share", "Secret Sharing / Key Split" },
{ 0, kArg_TestID, NULL, kTest_X931, "x931", "X.931 RNG " },
{ 0, kArg_TestID, NULL, kTest_Tokens, "token", "List Token/Smartcard" },
{ 0, kArg_TestID, NULL, kTest_Keyserver, "keyserver","Key Server" },
{ 0, kArg_TestID, NULL, kTest_X509, "x509", "X.509 functionality" },
{ 0, kArg_TestID, NULL, kTest_Recon, "recon", "Key Reconstruction" },
{ 0, kArg_TestID, NULL, kTest_Invalid, "none", NULL },
/* arguments/modifiers */
{ 0, kArg_Boolean, &gVerbose_flag, kTest_Invalid, "verbose", "Enables verbose output" },
{ 0, kArg_Boolean, &gDebug_flag, kTest_Invalid, "debug", "Enables debug output" },
{ 0, kArg_String, &gOutputDirectory,kTest_Invalid, "out", "Output directory for test results" },
{ 0, kArg_String, &gTestKeysPath,kTest_Invalid, "testkeys", "path for test keys" },
{ 0, kArg_String, &gTestVectorsDirectory ,kTest_Invalid, "vectors", "path for test vectors" },
{ 0, kArg_Other, NULL ,kTest_Invalid, "local", "local SDK only" },
{ 0, kArg_Other, NULL ,kTest_Invalid, "agent", "pgp-agent backend enabled" },
{ 0, kArg_Other, NULL ,kTest_Invalid, "cache", "Enable passphrase cache thread" },
{ 0, kArg_Other, NULL ,kTest_Invalid, "nocache", "Disable passphrase cache thread" },
{ 0, kArg_Other, NULL, kTest_Invalid, "token-keys", "Token/Smartcard Crypto Key" },
{ 0, kArg_Other, NULL, kTest_Invalid, "token-format", "Token/Smartcard Format" },
{ 0, kArg_Other, NULL, kTest_Invalid, "token-gen", "Token/Smartcard Generate Key" },
{ 0, kArg_Other, NULL, kTest_Invalid, "token-export", "Token/Smartcard Export Key" },
{ 0, kArg_Other, NULL, kTest_Invalid, "token-delete", "Token/Smartcard Delete Keys" },
{ 0, kArg_Other, NULL, kTest_Invalid, "token-wipe", "Token/Smartcard Wipe Keys" },
{ 0, kArg_String, &gP11Module, kTest_Invalid, "p11", "pkcs11 module for Token/Smartcard tests" },
{ 0, kArg_String, &gTokenUserPIN, kTest_Invalid, "pin", "user PIN for Token/Smartcard tests" },
{ 0, kArg_String, &gTokenSOPIN, kTest_Invalid, "SO", "SO PIN for Token/Smartcard tests" },
{ 0, kArg_UInt, &gTokNumber, kTest_Invalid, "toknum", "optional token number" },
/* preload test sets */
{ 0, kArg_TestSet, &sFIPSTests, kTest_FIPSValidation , "FIPS", "FIPS-140-2 operational test set" },
{ 0, kArg_TestSet, &sDefaultTests, kTest_All , "default", "Default test set" },
};
#define OptestTableEntries ((int)(sizeof(sOpTestTable) / sizeof(TestTable)))
/*---------------------------------------------------------------------------------------
Utilities
---------------------------------------------------------------------------------------*/
/* try to find file at . ../ and ../../ */
static int makeTestPath( char *inPath, char** outPath)
{
char* temp = malloc(strlen(inPath)+7);
STAT_STRUCT st;
int err = 0;
strcpy(temp, inPath);
if( STAT_FILE(temp, &st) < 0 )
{
strcpy(temp, "../");
strcat(temp, inPath);
if( STAT_FILE(temp, &st) < 0 )
{
strcpy(temp, "../../");
strcat(temp, inPath);
if( STAT_FILE(temp, &st) < 0 )
err = errno;
}
};
if(err)
{
free(temp);
temp = NULL;
}
else
{
*outPath = temp;
}
return err;
}
/*---------------------------------------------------------------------------------------
Command line processing
---------------------------------------------------------------------------------------*/
static int sLoadTestSet(PGPTest* testSet)
{
int count, j;
for(count = 0; *testSet; testSet++)
for( j = 0; j < OptestTableEntries; j ++)
if ( *testSet == sOpTestTable[j].testID )
{
sOpTestTable[j].enable = 1;
count++;
}
return count;
}
static TestTable* sFindTest(PGPTest id)
{
int j;
for( j = 0; j < OptestTableEntries; j ++)
if ( sOpTestTable[j].testID == id)
{
return &sOpTestTable[j];
}
return NULL;
}
static char* sGetTestName(PGPTest id)
{
TestTable* test = sFindTest(id);
return( test?test->shortName: NULL);
}
static void sUsage()
{
int j;
fprintf (stderr, "\nPGP SDK FIPS 140-2 Operational Test\n\nusage: optest [options] ..\nOptions: \n ");
OPTESTPrintF("\tTests:\n" );
for( j = 0; j < OptestTableEntries; j ++)
if( (sOpTestTable[j].type == kArg_TestID) && sOpTestTable[j].longName)
OPTESTPrintF("\t--%-15s Test %s\n", sOpTestTable[j].shortName, sOpTestTable[j].longName);
OPTESTPrintF("\n");
OPTESTPrintF("\tTest Sets:\n" );
for( j = 0; j < OptestTableEntries; j ++)
if( (sOpTestTable[j].type == kArg_TestSet) && sOpTestTable[j].longName)
{
PGPTest *p;
int i;
OPTESTPrintF("\t--%-15s %s", sOpTestTable[j].shortName, sOpTestTable[j].longName);
for (i = 0, p = sOpTestTable[j].argument; *p; p++, i++)
{
if((i & 3) == 0) OPTESTPrintF("\n\t%-20s","");
OPTESTPrintF("%-10s", sGetTestName(*p));
}
OPTESTPrintF("\n\n");
}
OPTESTPrintF("\tOptions:\n" );
for( j = 0; j < OptestTableEntries; j ++)
if( ((sOpTestTable[j].type == kArg_Boolean)
|| (sOpTestTable[j].type == kArg_String)
|| (sOpTestTable[j].type == kArg_Other))
&& sOpTestTable[j].longName)
OPTESTPrintF("\t--%-15s %s\n", sOpTestTable[j].shortName, sOpTestTable[j].longName);
}
/* Setup requested tests & arguments */
static void sSetupTestOptions (int argc, char **argv)
{
#if PGP_MOBILE
#define kDefaultTestDirectory "\\optest_temp"
#define kDefaultTestKeyFile "\\optest_keys.asc"
#define kDefaultTestVectors "\\intar"
#else
#define kDefaultTestDirectory "optest_temp"
#define kDefaultTestKeyFile "optest_keys.asc"
#define kDefaultTestVectors "intar"
#endif // PGP_MOBILE
int i, j;
int testCount = 0;
int temp;
if(argc > 1)
{
for (i = 1; i < argc; i++)
{
PGPBoolean found = FALSE;
for( j = 0; j < OptestTableEntries; j ++)
if ((strncmp(argv[i], "--", 2) == 0)
&& (STRICMP(argv[i] + 2, sOpTestTable[j].shortName) == 0))
{
found = TRUE;
switch(sOpTestTable[j].type)
{
case kArg_TestID:
sOpTestTable[j].enable = 1;
testCount++;
break;
case kArg_TestSet:
testCount += sLoadTestSet(sOpTestTable[j].argument);
break;
case kArg_Boolean:
if(IsNull(sOpTestTable[j].argument)) continue;
*((PGPBoolean*)sOpTestTable[j].argument) = TRUE;
break;
case kArg_String:
if(IsNull(sOpTestTable[j].argument)) continue;
temp = strlen(argv[++i]);
*((char**)sOpTestTable[j].argument) = malloc(temp + 2);
strcpy(*((char**)sOpTestTable[j].argument), argv[i]);
break;
case kArg_UInt:
if(IsNull(sOpTestTable[j].argument)) continue;
if( sscanf(argv[++i],"%u",&temp) == 1)
*((PGPUInt32*)sOpTestTable[j].argument) = temp;
break;
case kArg_Other:
if(strcmp(argv[i], "--local") == 0)
{
sSDKintFlags |= kPGPFlags_ForceLocalExecution;
}
else if(strcmp(argv[i], "--agent") == 0)
{
sSDKintFlags &= ~kPGPFlags_ForceLocalExecution;
}
else if(strcmp(argv[i], "--nocache") == 0)
{
sSDKintFlags |= kPGPFlags_SuppressCacheThread;
}
else if(strcmp(argv[i], "--cache") == 0)
{
sSDKintFlags &= ~ kPGPFlags_SuppressCacheThread;
}
else if(strcmp(argv[i], "--token-keys") == 0)
{
sTokenTestFlags |= kTokenTestFlags_KeyTest;
}
else if(strcmp(argv[i], "--token-format") == 0)
{
sTokenTestFlags |= kTokenTestFlags_Format;
}
else if(strcmp(argv[i], "--token-gen") == 0)
{
sTokenTestFlags |= kTokenTestFlags_Generate;
}
else if(strcmp(argv[i], "--token-export") == 0)
{
sTokenTestFlags |= kTokenTestFlags_Export;
}
else if(strcmp(argv[i], "--token-delete") == 0)
{
sTokenTestFlags |= kTokenTestFlags_Delete;
}
else if(strcmp(argv[i], "--token-wipe") == 0)
{
sTokenTestFlags |= kTokenTestFlags_Wipe;
}
default:;
}
}
if(!found)
{
sUsage();
exit(1);
}
}
}
/* post processing for token test flags */
if(sTokenTestFlags)
{
TestTable* test = sFindTest(kTest_Tokens);
if(!test->enable)
{
test->enable = TRUE;
testCount++;
}
}
/* use default tests for this platform */
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -