gmp: Support of SHA-3 RSA signatures
[strongswan.git] / src / libstrongswan / tests / suites / test_hasher.c
1 /*
2 * Copyright (C) 2013-2015 Andreas Steffen
3 * HSR Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "test_suite.h"
17
18 #include <crypto/hashers/hasher.h>
19 #include <crypto/prfs/prf.h>
20 #include <crypto/signers/signer.h>
21 #include <asn1/oid.h>
22 #include <utils/test.h>
23
24 typedef struct {
25 int oid;
26 hash_algorithm_t alg;
27 key_type_t key;
28 }hasher_oid_t;
29
30 static hasher_oid_t oids[] = {
31 { OID_MD2, HASH_MD2, KEY_ANY }, /* 0 */
32 { OID_MD5, HASH_MD5, KEY_ANY }, /* 1 */
33 { OID_SHA1, HASH_SHA1, KEY_ANY }, /* 2 */
34 { OID_SHA224, HASH_SHA224, KEY_ANY }, /* 3 */
35 { OID_SHA256, HASH_SHA256, KEY_ANY }, /* 4 */
36 { OID_SHA384, HASH_SHA384, KEY_ANY }, /* 5 */
37 { OID_SHA512, HASH_SHA512, KEY_ANY }, /* 6 */
38 { OID_SHA3_224, HASH_SHA3_224, KEY_ANY }, /* 7 */
39 { OID_SHA3_256, HASH_SHA3_256, KEY_ANY }, /* 8 */
40 { OID_SHA3_384, HASH_SHA3_384, KEY_ANY }, /* 9 */
41 { OID_SHA3_512, HASH_SHA3_512, KEY_ANY }, /* 10 */
42 { OID_UNKNOWN, HASH_UNKNOWN, KEY_ANY }, /* 11 */
43 { OID_MD2_WITH_RSA, HASH_MD2, KEY_RSA }, /* 12 */
44 { OID_MD5_WITH_RSA, HASH_MD5, KEY_RSA }, /* 13 */
45 { OID_SHA1_WITH_RSA, HASH_SHA1, KEY_RSA }, /* 14 */
46 { OID_SHA224_WITH_RSA, HASH_SHA224, KEY_RSA }, /* 15 */
47 { OID_SHA256_WITH_RSA, HASH_SHA256, KEY_RSA }, /* 16 */
48 { OID_SHA384_WITH_RSA, HASH_SHA384, KEY_RSA }, /* 17 */
49 { OID_SHA512_WITH_RSA, HASH_SHA512, KEY_RSA }, /* 18 */
50 { OID_UNKNOWN, HASH_UNKNOWN, KEY_RSA }, /* 19 */
51 { OID_ECDSA_WITH_SHA1, HASH_SHA1, KEY_ECDSA }, /* 20 */
52 { OID_ECDSA_WITH_SHA256, HASH_SHA256, KEY_ECDSA }, /* 21 */
53 { OID_ECDSA_WITH_SHA384, HASH_SHA384, KEY_ECDSA }, /* 22 */
54 { OID_ECDSA_WITH_SHA512, HASH_SHA512, KEY_ECDSA }, /* 23 */
55 { OID_UNKNOWN, HASH_UNKNOWN, KEY_ECDSA }, /* 24 */
56 { OID_BLISS_WITH_SHA2_256, HASH_SHA256, KEY_BLISS }, /* 25 */
57 { OID_BLISS_WITH_SHA2_384, HASH_SHA384, KEY_BLISS }, /* 26 */
58 { OID_BLISS_WITH_SHA2_512, HASH_SHA512, KEY_BLISS }, /* 27 */
59 { OID_BLISS_WITH_SHA3_256, HASH_SHA3_256, KEY_BLISS }, /* 28 */
60 { OID_BLISS_WITH_SHA3_384, HASH_SHA3_384, KEY_BLISS }, /* 29 */
61 { OID_BLISS_WITH_SHA3_512, HASH_SHA3_512, KEY_BLISS }, /* 30 */
62 { OID_UNKNOWN, HASH_UNKNOWN, KEY_BLISS } /* 31 */
63 };
64
65 START_TEST(test_hasher_from_oid)
66 {
67 ck_assert(hasher_algorithm_from_oid(oids[_i].oid) == oids[_i].alg);
68 }
69 END_TEST
70
71 START_TEST(test_hasher_to_oid)
72 {
73 ck_assert(hasher_algorithm_to_oid(oids[_i].alg) == oids[_i].oid);
74 }
75 END_TEST
76
77 START_TEST(test_hasher_sig_to_oid)
78 {
79 ck_assert(hasher_signature_algorithm_to_oid(oids[_i].alg,
80 oids[_i].key) == oids[_i].oid);
81 }
82 END_TEST
83
84 typedef struct {
85 signature_scheme_t scheme;
86 hash_algorithm_t alg;
87 }hasher_sig_scheme_t;
88
89 static hasher_sig_scheme_t sig_schemes[] = {
90 { SIGN_UNKNOWN, HASH_UNKNOWN },
91 { SIGN_RSA_EMSA_PKCS1_NULL, HASH_UNKNOWN },
92 { SIGN_RSA_EMSA_PKCS1_MD5, HASH_MD5 },
93 { SIGN_RSA_EMSA_PKCS1_SHA1, HASH_SHA1 },
94 { SIGN_RSA_EMSA_PKCS1_SHA2_224, HASH_SHA224 },
95 { SIGN_RSA_EMSA_PKCS1_SHA2_256, HASH_SHA256 },
96 { SIGN_RSA_EMSA_PKCS1_SHA2_384, HASH_SHA384 },
97 { SIGN_RSA_EMSA_PKCS1_SHA2_512, HASH_SHA512 },
98 { SIGN_RSA_EMSA_PKCS1_SHA3_224, HASH_SHA3_224 },
99 { SIGN_RSA_EMSA_PKCS1_SHA3_256, HASH_SHA3_256 },
100 { SIGN_RSA_EMSA_PKCS1_SHA3_384, HASH_SHA3_384 },
101 { SIGN_RSA_EMSA_PKCS1_SHA3_512, HASH_SHA3_512 },
102 { SIGN_ECDSA_WITH_SHA1_DER, HASH_SHA1 },
103 { SIGN_ECDSA_WITH_SHA256_DER, HASH_SHA256 },
104 { SIGN_ECDSA_WITH_SHA384_DER, HASH_SHA384 },
105 { SIGN_ECDSA_WITH_SHA512_DER, HASH_SHA512 },
106 { SIGN_ECDSA_WITH_NULL, HASH_UNKNOWN },
107 { SIGN_ECDSA_256, HASH_SHA256 },
108 { SIGN_ECDSA_384, HASH_SHA384 },
109 { SIGN_ECDSA_521, HASH_SHA512 },
110 { SIGN_BLISS_WITH_SHA2_256, HASH_SHA256 },
111 { SIGN_BLISS_WITH_SHA2_384, HASH_SHA384 },
112 { SIGN_BLISS_WITH_SHA2_512, HASH_SHA512 },
113 { SIGN_BLISS_WITH_SHA3_256, HASH_SHA3_256 },
114 { SIGN_BLISS_WITH_SHA3_384, HASH_SHA3_384 },
115 { SIGN_BLISS_WITH_SHA3_512, HASH_SHA3_512 },
116 { 30, HASH_UNKNOWN }
117 };
118
119 START_TEST(test_hasher_from_sig_scheme)
120 {
121 ck_assert(hasher_from_signature_scheme(sig_schemes[_i].scheme) ==
122 sig_schemes[_i].alg);
123 }
124 END_TEST
125
126 typedef struct {
127 pseudo_random_function_t prf;
128 hash_algorithm_t alg;
129 }hasher_prf_t;
130
131 static hasher_prf_t prfs[] = {
132 { PRF_HMAC_MD5, HASH_MD5 },
133 { PRF_HMAC_SHA1, HASH_SHA1 },
134 { PRF_FIPS_SHA1_160, HASH_SHA1 },
135 { PRF_KEYED_SHA1, HASH_SHA1 },
136 { PRF_HMAC_SHA2_256, HASH_SHA256 },
137 { PRF_HMAC_SHA2_384, HASH_SHA384 },
138 { PRF_HMAC_SHA2_512, HASH_SHA512 },
139 { PRF_HMAC_TIGER, HASH_UNKNOWN },
140 { PRF_AES128_XCBC, HASH_UNKNOWN },
141 { PRF_AES128_CMAC, HASH_UNKNOWN },
142 { PRF_FIPS_DES, HASH_UNKNOWN },
143 { PRF_CAMELLIA128_XCBC, HASH_UNKNOWN },
144 { PRF_UNDEFINED, HASH_UNKNOWN },
145 { 0, HASH_UNKNOWN }
146 };
147
148 START_TEST(test_hasher_from_prf)
149 {
150 ck_assert(hasher_algorithm_from_prf(prfs[_i].prf) == prfs[_i].alg);
151 }
152 END_TEST
153
154 typedef struct {
155 integrity_algorithm_t auth;
156 hash_algorithm_t alg;
157 size_t length;
158 }hasher_auth_t;
159
160 static hasher_auth_t auths[] = {
161 { AUTH_UNDEFINED, HASH_MD2, 0 },
162 { AUTH_UNDEFINED, HASH_MD4, 0 },
163 { AUTH_UNDEFINED, HASH_SHA224, 0 },
164 { AUTH_UNDEFINED, 9, 0 },
165 { AUTH_UNDEFINED, HASH_UNKNOWN, 0 },
166 { AUTH_HMAC_MD5_96, HASH_MD5, 12 },
167 { AUTH_HMAC_SHA1_96, HASH_SHA1, 12 },
168 { AUTH_HMAC_SHA2_256_96, HASH_SHA256, 12 },
169 { AUTH_HMAC_MD5_128, HASH_MD5, 16 },
170 { AUTH_HMAC_SHA1_128, HASH_SHA1, 16 },
171 { AUTH_HMAC_SHA2_256_128, HASH_SHA256, 16 },
172 { AUTH_HMAC_SHA1_160, HASH_SHA1, 20 },
173 { AUTH_HMAC_SHA2_384_192, HASH_SHA384, 24 },
174 { AUTH_HMAC_SHA2_256_256, HASH_SHA256, 32 },
175 { AUTH_HMAC_SHA2_512_256, HASH_SHA512, 32 },
176 { AUTH_HMAC_SHA2_384_384, HASH_SHA384, 48 },
177 { AUTH_HMAC_SHA2_512_512, HASH_SHA512, 64 },
178 { AUTH_AES_CMAC_96, HASH_UNKNOWN, 0 },
179 { AUTH_AES_128_GMAC, HASH_UNKNOWN, 0 },
180 { AUTH_AES_192_GMAC, HASH_UNKNOWN, 0 },
181 { AUTH_AES_256_GMAC, HASH_UNKNOWN, 0 },
182 { AUTH_AES_XCBC_96, HASH_UNKNOWN, 0 },
183 { AUTH_DES_MAC, HASH_UNKNOWN, 0 },
184 { AUTH_CAMELLIA_XCBC_96, HASH_UNKNOWN, 0 },
185 { 0, HASH_UNKNOWN, 0 }
186 };
187
188 START_TEST(test_hasher_from_integrity)
189 {
190 size_t length;
191
192 length = 0;
193 ck_assert(hasher_algorithm_from_integrity(auths[_i].auth, NULL) ==
194 auths[_i].alg);
195 ck_assert(hasher_algorithm_from_integrity(auths[_i].auth, &length) ==
196 auths[_i].alg);
197 ck_assert(length == auths[_i].length);
198 }
199 END_TEST
200
201 START_TEST(test_hasher_to_integrity)
202 {
203 ck_assert(hasher_algorithm_to_integrity(
204 auths[_i].alg, auths[_i].length) == auths[_i].auth);
205 ck_assert(hasher_algorithm_to_integrity(
206 auths[_i].alg, 0) == AUTH_UNDEFINED);
207 }
208 END_TEST
209
210
211 typedef struct {
212 hash_algorithm_t alg;
213 bool ikev2;
214 }hasher_ikev2_t;
215
216 static hasher_ikev2_t ikev2[] = {
217 { HASH_SHA1, TRUE },
218 { HASH_SHA256, TRUE },
219 { HASH_SHA384, TRUE },
220 { HASH_SHA512, TRUE },
221 { HASH_UNKNOWN, FALSE },
222 { HASH_MD2, FALSE },
223 { HASH_MD4, FALSE },
224 { HASH_MD5, FALSE },
225 { HASH_SHA224, FALSE },
226 { HASH_SHA3_224, FALSE },
227 { HASH_SHA3_256, FALSE },
228 { HASH_SHA3_384, FALSE },
229 { HASH_SHA3_512, FALSE },
230 { 30, FALSE }
231 };
232
233 START_TEST(test_hasher_for_ikev2)
234 {
235 ck_assert(hasher_algorithm_for_ikev2(ikev2[_i].alg) == ikev2[_i].ikev2);
236 }
237 END_TEST
238
239 Suite *hasher_suite_create()
240 {
241 Suite *s;
242 TCase *tc;
243
244 s = suite_create("hasher");
245
246 tc = tcase_create("from_oid");
247 tcase_add_loop_test(tc, test_hasher_from_oid, 0, 15);
248 suite_add_tcase(s, tc);
249
250 tc = tcase_create("to_oid");
251 tcase_add_loop_test(tc, test_hasher_to_oid, 0, 12);
252 suite_add_tcase(s, tc);
253
254 tc = tcase_create("sig_to_oid");
255 tcase_add_loop_test(tc, test_hasher_sig_to_oid, 11, countof(oids));
256 suite_add_tcase(s, tc);
257
258 tc = tcase_create("from_sig_scheme");
259 tcase_add_loop_test(tc, test_hasher_from_sig_scheme, 0, countof(sig_schemes));
260 suite_add_tcase(s, tc);
261
262 tc = tcase_create("from_prf");
263 tcase_add_loop_test(tc, test_hasher_from_prf, 0, countof(prfs));
264 suite_add_tcase(s, tc);
265
266 tc = tcase_create("from_integrity");
267 tcase_add_loop_test(tc, test_hasher_from_integrity, 4, countof(auths));
268 suite_add_tcase(s, tc);
269
270 tc = tcase_create("to_integrity");
271 tcase_add_loop_test(tc, test_hasher_to_integrity, 0, 17);
272 suite_add_tcase(s, tc);
273
274 tc = tcase_create("for_ikev2");
275 tcase_add_loop_test(tc, test_hasher_for_ikev2, 0, countof(ikev2));
276 suite_add_tcase(s, tc);
277
278 return s;
279 }