ciphertest.c

PGP SDK 包括大范围的标准加密、数字签名和编解码技术

/*____________________________________________________________________________
CipherTest.c

Copyright (C) 2005 PGP Corporation
All rights reserved.

CipherTest.c - This file contains functions which are used to demo
the various symmetric cipher  encryption functions. It runs a 
seriers of known-answer test for a cipher in  ECB, CBC, and CFB modes
 and then decrypt the block and tests against original plain-text

$Id: CipherTest.c 48493 2006-10-12 21:19:56Z vinnie $
____________________________________________________________________________*/

 
   
#include <stdio.h>
#include <string.h>

#include "pgpErrors.h"
#include "pgpUtilities.h"
#include "pgpFeatures.h"
#include "pgpSymmetricCipher.h"
#include "pgpCBC.h"
#include "pgpCFB.h"

#include "optest.h"

 typedef struct  {
	PGPCipherAlgorithm	algor;
		PGPByte	*	key;
		PGPByte*	PT;			/* Plaintext			*/
		PGPSize		PTlen;
		PGPByte*	IV;			/* Init Vector			*/
		PGPByte*	EBC;		/* EBC	Known Answer	*/
		PGPSize		EBClen;
		PGPByte*	CBC;		/* CBC Known Answer		*/
		PGPSize		CBClen;
		PGPByte*	CFB;		/* CFB Known Answer		*/
		PGPSize		CFBlen;
	} katvector;


static 	char  *cipherModeTxt[] = {"ECB","CBC","CFB"};
typedef enum  {kCipherModeECB, kCipherModeCBC, kCipherModeCFB} CipherMode;
 
  
static PGPError 
	RunCipherKAT(PGPContextRef context, katvector *kat)
 
{
	PGPSymmetricCipherContextRef cipher		= kInvalidPGPSymmetricCipherContextRef;
	PGPSymmetricCipherContextRef cipher1	= kInvalidPGPSymmetricCipherContextRef;
	PGPCFBContextRef			cfb			= kInvalidPGPCFBContextRef;
	PGPCBCContextRef			cbc			= kInvalidPGPCBCContextRef;
	PGPCFBContextRef			cfb1		= kInvalidPGPCFBContextRef;
	PGPCBCContextRef			cbc1		= kInvalidPGPCBCContextRef;
	PGPError					err 		= kPGPError_NoErr;
	CipherMode					mode;
 	PGPByte						*out		= NULL;
 	PGPSize						keySize; 
	PGPSize						blockSize;
	PGPUInt32					i;	

	OPTESTPrintF("\t%-8s ", cipher_algor_table(kat->algor));
 	
	out = PGPNewSecureData( PGPPeekContextMemoryMgr(context), 
			MAX( MAX(kat->EBClen, kat->CBClen), kat->CFBlen),
			kPGPMemoryMgrFlags_None); CKNULL(out);
 
	/* create and setup the  cipher */
	err = PGPNewSymmetricCipherContext(context, kat->algor, &cipher); CKERR;
 	
	/*  Get information about the cipher */
	err = PGPGetSymmetricCipherSizes(cipher, &keySize, &blockSize); CKERR;
 	
	for(mode = kCipherModeECB; mode <= kCipherModeCFB; mode++)
	{
		PGPByte		*expected	= NULL;
		PGPSize		expectedLen = 0;
 
		/* create and setup the  cipher, init keys and IV */
		switch(mode)
		{
			case kCipherModeECB:
				if(!kat->EBC || !kat->EBClen) continue; 
				expected	=  kat->EBC;
				expectedLen =  kat->EBClen;
  				err = PGPInitSymmetricCipher(cipher, kat->key); CKERR;
 				break;
			
			case kCipherModeCBC:
  				if(!kat->CBC || !kat->CBClen) continue; 
				expected	=  kat->CBC;
				expectedLen =  kat->CBClen;
				/* create new CBC context */
				err = PGPCopySymmetricCipherContext(cipher, &cipher1); CKERR;
				err = PGPNewCBCContext(cipher1, &cbc); CKERR;
				err = PGPCBCGetSymmetricCipher(cbc, &cipher1); CKERR;
				cipher1	= kInvalidPGPSymmetricCipherContextRef;
				/* init CBC with IV and Key */
				err = PGPInitCBC(cbc,  kat->key,  kat->IV); CKERR;
				/* Save a copy for decryption later */
				err = PGPCopyCBCContext(cbc, &cbc1);
 				break;
				
			case kCipherModeCFB:
 				if(!kat->CFB || !kat->CFBlen) continue; 
				expected	=  kat->CFB;
				expectedLen =  kat->CFBlen;
				/* create new CFB context */
				err = PGPCopySymmetricCipherContext(cipher, &cipher1); CKERR;
				err = PGPNewCFBContext(cipher1, 1, &cfb); CKERR;
				err = PGPCFBGetSymmetricCipher(cfb, &cipher1); CKERR;
				cipher1	= kInvalidPGPSymmetricCipherContextRef;
				/* init CFB with IV and Key */
 				err = PGPInitCFB(cfb,  kat->key, kat->IV); CKERR;
				/* Save a copy for decryption later */
				err = PGPCopyCFBContext(cfb, &cfb1);
  				break;
 		}

		OPTESTPrintF("%6s ", cipherModeTxt[mode]);

		/* Perform Encryption according to mode */
 		for(i = 0; i < kat->PTlen; i += blockSize)
 			switch(mode)
			{
				case kCipherModeECB:
					err = PGPSymmetricCipherEncrypt(cipher, kat->PT + i, out + i);  CKERR;
					break;
				
				case kCipherModeCBC:
					err = PGPCBCEncrypt(cbc, kat->PT + i,blockSize,  out + i);  CKERR; 
					break;
					
				case kCipherModeCFB:
					err = PGPCFBEncrypt(cfb, kat->PT + i, blockSize,  out + i);  CKERR;
					break;
			}

	  /* check against know-answer */
		err =  pgpMemoryEqual(out, expected, expectedLen) ? kPGPError_NoErr : kPGPError_SelfTestFailed;  
		if( IsPGPError(err) )
		{	
			OPTESTPrintF("\n\t\tEncrypt FAILED\n\t\t   expected:\n" );
			dumpLong((PGPByte*)expected, (int)expectedLen);
			OPTESTPrintF("\t\t   calculated:\n");
			dumpLong(out,  (int)kat->PTlen);
			OPTESTPrintF("\n");
			goto done;
		}
 
		/* Perform Decryption according to mode */
 		for(i = 0; i < kat->PTlen; i += blockSize)
 			switch(mode)
			{
				case kCipherModeECB:
					err = PGPSymmetricCipherDecrypt(cipher, out + i, out + i);  CKERR;
					break;
				
				case kCipherModeCBC:
					err = PGPCBCDecrypt(cbc1, out + i, blockSize,  out + i);  CKERR; 
					break;
					
				case kCipherModeCFB:
					err =  PGPCFBDecrypt(cfb1, out + i, blockSize,  out + i);  CKERR;
					break;
			}

 	  /* check against orginal plain-text  */
		err = pgpMemoryEqual(out, kat->PT, kat->PTlen) ? kPGPError_NoErr : kPGPError_SelfTestFailed;  
		if( IsPGPError(err) )
		{	
			OPTESTPrintF("\n\t\tDecrypt  FAILED\n\t\t   expected:\n" );
			dumpLong((PGPByte*)kat->PT, (int)kat->PTlen);
			OPTESTPrintF("\t\t   calculated:\n");
			dumpLong(out, (int)kat->PTlen);
			OPTESTPrintF("\n");
			goto done;
		}
   	}
  
/* Additional Function tests */	
	err = PGPCFBSync(cfb);	 CKERR;

/*  PGPSymmetricCipherRollback only avail in arc4-128 (non-FIPS) */
	if( PGPSymmetricCipherRollback(cipher, 64) != kPGPError_BadCipherNumber)
		err = kPGPError_SelfTestFailed;
 
	err = PGPWipeSymmetricCipher(cipher); CKERR;
	
done:
	OPTESTPrintF("\n");
	
 	if(out) 
		PGPFreeData(out);

	if( PGPSymmetricCipherContextRefIsValid( cipher ) )
			(void) PGPFreeSymmetricCipherContext( cipher );
	
	if( PGPSymmetricCipherContextRefIsValid( cipher1 ) )
			(void) PGPFreeSymmetricCipherContext( cipher1 );

	if( PGPCFBContextRefIsValid( cfb ) )
		(void) PGPFreeCFBContext(cfb);
		
	if( PGPCFBContextRefIsValid( cfb1 ) )
		(void) PGPFreeCFBContext(cfb1);
	
	if( PGPCBCContextRefIsValid( cbc ) )
		(void) PGPFreeCBCContext(cbc);
		
	if( PGPCBCContextRefIsValid( cbc1 ) )
		(void) PGPFreeCBCContext(cbc1);
			
	return err;

}


PGPError TestCiphers(PGPContextRef context)
{
	PGPError			err		= kPGPError_NoErr;
	PGPError			err1 	= kPGPError_NoErr;
	PGPAlgorithmInfo	info;
	PGPFlags			flags;
	PGPBoolean			fipsMode = FALSE;
	unsigned int		i;

	 PGPByte P1[] = {
		0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 
		0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 
		0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 
		0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,0x38, 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0x3E, 0x3F
	};


/* Test vectors for ECB known answer test */
/* AES 128 bit key */
	 PGPByte K1[] = {