diff options
| author | Werner Koch <wk@gnupg.org> | 2007-02-23 17:47:56 +0000 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2007-02-23 17:47:56 +0000 |
| commit | eaba8d58acda66f428870794115cb22c2590ec5e (patch) | |
| tree | 26b91c662001beff12e128f0b2c9ededc9e5a55b /tests | |
| parent | 1cfac9fd5f628c2d505b6c01d2cc0657840299ed (diff) | |
| download | libgcrypt-eaba8d58acda66f428870794115cb22c2590ec5e.tar.gz | |
Ported last changes from 1.2.
Updated some tests.
Support for passphrase generated Elgamal keys.
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/ChangeLog | 15 | ||||
| -rw-r--r-- | tests/Makefile.am | 10 | ||||
| -rw-r--r-- | tests/ac-data.c | 7 | ||||
| -rw-r--r-- | tests/pubkey.c | 76 | ||||
| -rw-r--r-- | tests/random.c | 255 |
5 files changed, 345 insertions, 18 deletions
diff --git a/tests/ChangeLog b/tests/ChangeLog index 07d5af04..f7811626 100644 --- a/tests/ChangeLog +++ b/tests/ChangeLog @@ -1,3 +1,18 @@ +2007-02-23 Werner Koch <wk@g10code.com> + + * Makefile.am (TEST): Run benchmark as last. + + * ac-data.c (check_sexp_conversion): Print label only in verbose + mode. + + * pubkey.c (main): Run test just 2 times instead of 10. + (get_elg_key_new): New. + (check_run): Also run tests with Elgamal keys. + (check_keys): New arg NBITS_DATA. + (get_elg_key_new): Use only 400 for the 512 bit Elgamal test. + + * random.c: New. + 2007-02-22 Werner Koch <wk@g10code.com> * basic.c (check_pubkey_sign): Also try signing using an OID. diff --git a/tests/Makefile.am b/tests/Makefile.am index 6539d885..b13e16b1 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -19,14 +19,18 @@ ## Process this file with automake to produce Makefile.in TESTS = t-mpi-bit prime register ac ac-schemes ac-data basic \ - tsexp keygen pubkey benchmark hmac keygrip + tsexp keygen pubkey hmac keygrip # pkbench uses mmap for no good reason. Needs to be fixed. Code for -# this can be found in libksba/tests. +# this can be found in libksba/tests. +# random tests forking thus no a test for W32 does not make any sense. if !HAVE_W32_SYSTEM -TESTS += pkbench +TESTS += pkbench random endif +# The last test to run. +TESTS += benchmark + # Need to include ../src in addition to top_srcdir because gcrypt.h is # a built header. diff --git a/tests/ac-data.c b/tests/ac-data.c index fc4be8a5..792c3dc5 100644 --- a/tests/ac-data.c +++ b/tests/ac-data.c @@ -78,8 +78,11 @@ check_sexp_conversion (gcry_ac_data_t data, const char **identifiers) assert_err (err); err = gcry_ac_data_get_index (data2, 0, i, &label2, &mpi2); assert_err (err); - fprintf (stderr, "Label1=`%s'\n", label1); - fprintf (stderr, "Label1=`%s'\n", label2); + if (verbose) + { + fprintf (stderr, "Label1=`%s'\n", label1); + fprintf (stderr, "Label2=`%s'\n", label2); + } assert (! strcmp (label1, label2)); assert (! gcry_mpi_cmp (mpi1, mpi2)); } diff --git a/tests/pubkey.c b/tests/pubkey.c index f71590d9..a2a1f32a 100644 --- a/tests/pubkey.c +++ b/tests/pubkey.c @@ -63,7 +63,6 @@ static const char sample_public_key_1[] = " )\n" ")\n"; -#define RANDOM_DATA_NBITS 800 static int verbose; @@ -134,15 +133,15 @@ check_keys_crypt (gcry_sexp_t pkey, gcry_sexp_t skey, } static void -check_keys (gcry_sexp_t pkey, gcry_sexp_t skey) +check_keys (gcry_sexp_t pkey, gcry_sexp_t skey, unsigned int nbits_data) { gcry_sexp_t plain; gcry_mpi_t x; int rc; /* Create plain text. */ - x = gcry_mpi_new (RANDOM_DATA_NBITS); - gcry_mpi_randomize (x, RANDOM_DATA_NBITS, GCRY_WEAK_RANDOM); + x = gcry_mpi_new (nbits_data); + gcry_mpi_randomize (x, nbits_data, GCRY_WEAK_RANDOM); rc = gcry_sexp_build (&plain, NULL, "(data (flags raw) (value %m))", x); if (rc) @@ -154,10 +153,11 @@ check_keys (gcry_sexp_t pkey, gcry_sexp_t skey) gcry_mpi_release (x); /* Create plain text. */ - x = gcry_mpi_new (RANDOM_DATA_NBITS); - gcry_mpi_randomize (x, RANDOM_DATA_NBITS, GCRY_WEAK_RANDOM); + x = gcry_mpi_new (nbits_data); + gcry_mpi_randomize (x, nbits_data, GCRY_WEAK_RANDOM); - rc = gcry_sexp_build (&plain, NULL, "(data (flags raw no-blinding) (value %m))", x); + rc = gcry_sexp_build (&plain, NULL, + "(data (flags raw no-blinding) (value %m))", x); if (rc) die ("converting data for encryption failed: %s\n", gcry_strerror (rc)); @@ -212,20 +212,70 @@ get_keys_new (gcry_sexp_t *pkey, gcry_sexp_t *skey) *skey = sec_key; } + +static void +get_elg_key_new (gcry_sexp_t *pkey, gcry_sexp_t *skey, int fixed_x) +{ + gcry_sexp_t key_spec, key, pub_key, sec_key; + int rc; + + rc = gcry_sexp_new + (&key_spec, + (fixed_x + ? "(genkey (elg (nbits 4:1024)(xvalue my.not-so-secret.key)))" + : "(genkey (elg (nbits 3:512)))"), + 0, 1); + + if (rc) + die ("error creating S-expression: %s\n", gcry_strerror (rc)); + rc = gcry_pk_genkey (&key, key_spec); + gcry_sexp_release (key_spec); + if (rc) + die ("error generating Elgamal key: %s\n", gcry_strerror (rc)); + + pub_key = gcry_sexp_find_token (key, "public-key", 0); + if (!pub_key) + die ("public part missing in key\n"); + + sec_key = gcry_sexp_find_token (key, "private-key", 0); + if (!sec_key) + die ("private part missing in key\n"); + + gcry_sexp_release (key); + *pkey = pub_key; + *skey = sec_key; +} + static void check_run (void) { gcry_sexp_t pkey, skey; - /* Check sample keys. */ + if (verbose) + fprintf (stderr, "Checking sample key.\n"); get_keys_sample (&pkey, &skey); - check_keys (pkey, skey); + check_keys (pkey, skey, 800); gcry_sexp_release (pkey); gcry_sexp_release (skey); - /* Check newly generated keys. */ + if (verbose) + fprintf (stderr, "Checking generated RSA key.\n"); get_keys_new (&pkey, &skey); - check_keys (pkey, skey); + check_keys (pkey, skey, 800); + gcry_sexp_release (pkey); + gcry_sexp_release (skey); + + if (verbose) + fprintf (stderr, "Checking generated Elgamal key.\n"); + get_elg_key_new (&pkey, &skey, 0); + check_keys (pkey, skey, 400 ); + gcry_sexp_release (pkey); + gcry_sexp_release (skey); + + if (verbose) + fprintf (stderr, "Checking passphrase generated Elgamal key.\n"); + get_elg_key_new (&pkey, &skey, 1); + check_keys (pkey, skey, 800); gcry_sexp_release (pkey); gcry_sexp_release (skey); } @@ -234,7 +284,7 @@ int main (int argc, char **argv) { int debug = 0; - int i = 10; + int i; if (argc > 1 && !strcmp (argv[1], "--verbose")) verbose = 1; @@ -250,7 +300,7 @@ main (int argc, char **argv) /* No valuable keys are create, so we can speed up our RNG. */ gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0); - for (; i > 0; i--) + for (i=0; i < 2; i++) check_run (); return 0; diff --git a/tests/random.c b/tests/random.c new file mode 100644 index 00000000..502a3758 --- /dev/null +++ b/tests/random.c @@ -0,0 +1,255 @@ +/* random.c - part of the Libgcrypt test suite. + Copyright (C) 2005 Free Software Foundation, Inc. + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 + USA. */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include <assert.h> +#include <stdio.h> +#include <string.h> +#include <stdlib.h> +#include <errno.h> +#include <signal.h> +#include <unistd.h> +#include <sys/wait.h> + +#include "../src/gcrypt.h" + +static int verbose; + +static void +die (const char *format, ...) +{ + va_list arg_ptr; + + va_start (arg_ptr, format); + vfprintf (stderr, format, arg_ptr); + va_end (arg_ptr); + exit (1); +} + + +static void +print_hex (const char *text, const void *buf, size_t n) +{ + const unsigned char *p = buf; + + fputs (text, stdout); + for (; n; n--, p++) + printf ("%02X", *p); + putchar ('\n'); +} + + +static int +writen (int fd, const void *buf, size_t nbytes) +{ + size_t nleft = nbytes; + int nwritten; + + while (nleft > 0) + { + nwritten = write (fd, buf, nleft); + if (nwritten < 0) + { + if (errno == EINTR) + nwritten = 0; + else + return -1; + } + nleft -= nwritten; + buf = (const char*)buf + nwritten; + } + + return 0; +} + +static int +readn (int fd, void *buf, size_t buflen, size_t *ret_nread) +{ + size_t nleft = buflen; + int nread; + char *p; + + p = buf; + while ( nleft > 0 ) + { + nread = read ( fd, buf, nleft ); + if (nread < 0) + { + if (nread == EINTR) + nread = 0; + else + return -1; + } + else if (!nread) + break; /* EOF */ + nleft -= nread; + buf = (char*)buf + nread; + } + if (ret_nread) + *ret_nread = buflen - nleft; + return 0; +} + + + +/* Check that forking won't return the same random. */ +static void +check_forking (void) +{ + pid_t pid; + int rp[2]; + int i, status; + size_t nread; + char tmp1[16], tmp1c[16], tmp1p[16]; + + /* We better make sure that the RNG has been initialzied. */ + gcry_randomize (tmp1, sizeof tmp1, GCRY_STRONG_RANDOM); + if (verbose) + print_hex ("initial random: ", tmp1, sizeof tmp1); + + if (pipe (rp) == -1) + die ("pipe failed: %s\n", strerror (errno)); + + pid = fork (); + if (pid == (pid_t)(-1)) + die ("fork failed: %s\n", strerror (errno)); + if (!pid) + { + gcry_randomize (tmp1c, sizeof tmp1c, GCRY_STRONG_RANDOM); + if (writen (rp[1], tmp1c, sizeof tmp1c)) + die ("write failed: %s\n", strerror (errno)); + if (verbose) + { + print_hex (" child random: ", tmp1c, sizeof tmp1c); + fflush (stdout); + } + _exit (0); + } + gcry_randomize (tmp1p, sizeof tmp1p, GCRY_STRONG_RANDOM); + if (verbose) + print_hex (" parent random: ", tmp1p, sizeof tmp1p); + + close (rp[1]); + if (readn (rp[0], tmp1c, sizeof tmp1c, &nread)) + die ("read failed: %s\n", strerror (errno)); + if (nread != sizeof tmp1c) + die ("read too short\n"); + + while ( (i=waitpid (pid, &status, 0)) == -1 && errno == EINTR) + ; + if (i != (pid_t)(-1) + && WIFEXITED (status) && !WEXITSTATUS (status)) + ; + else + die ("child failed\n"); + + if (!memcmp (tmp1p, tmp1c, sizeof tmp1c)) + die ("parent and child got the same random number\n"); +} + + + +/* Check that forking won't return the same nonce. */ +static void +check_nonce_forking (void) +{ + pid_t pid; + int rp[2]; + int i, status; + size_t nread; + char nonce1[10], nonce1c[10], nonce1p[10]; + + /* We won't get the same nonce back if we never initialized the + nonce subsystem, thus we get one nonce here and forget about + it. */ + gcry_create_nonce (nonce1, sizeof nonce1); + if (verbose) + print_hex ("initial nonce: ", nonce1, sizeof nonce1); + + if (pipe (rp) == -1) + die ("pipe failed: %s\n", strerror (errno)); + + pid = fork (); + if (pid == (pid_t)(-1)) + die ("fork failed: %s\n", strerror (errno)); + if (!pid) + { + gcry_create_nonce (nonce1c, sizeof nonce1c); + if (writen (rp[1], nonce1c, sizeof nonce1c)) + die ("write failed: %s\n", strerror (errno)); + if (verbose) + { + print_hex (" child nonce: ", nonce1c, sizeof nonce1c); + fflush (stdout); + } + _exit (0); + } + gcry_create_nonce (nonce1p, sizeof nonce1p); + if (verbose) + print_hex (" parent nonce: ", nonce1p, sizeof nonce1p); + + close (rp[1]); + if (readn (rp[0], nonce1c, sizeof nonce1c, &nread)) + die ("read failed: %s\n", strerror (errno)); + if (nread != sizeof nonce1c) + die ("read too short\n"); + + while ( (i=waitpid (pid, &status, 0)) == -1 && errno == EINTR) + ; + if (i != (pid_t)(-1) + && WIFEXITED (status) && !WEXITSTATUS (status)) + ; + else + die ("child failed\n"); + + if (!memcmp (nonce1p, nonce1c, sizeof nonce1c)) + die ("parent and child got the same nonce\n"); +} + + + + + + +int +main (int argc, char **argv) +{ + int debug = 0; + + if ((argc > 1) && (! strcmp (argv[1], "--verbose"))) + verbose = 1; + else if ((argc > 1) && (! strcmp (argv[1], "--debug"))) + verbose = debug = 1; + + signal (SIGPIPE, SIG_IGN); + + gcry_control (GCRYCTL_DISABLE_SECMEM, 0); + if (!gcry_check_version (GCRYPT_VERSION)) + die ("version mismatch\n"); + + gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0); + if (debug) + gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u, 0); + + check_forking (); + check_nonce_forking (); + + return 0; +} |