man: More accurately describe features of the new parser in ipsec.conf(5)
[strongswan.git] / src / libstrongswan / tests / suites / test_mgf1.c
1 /*
2 * Copyright (C) 2014 Andreas Steffen
3 * HSR Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "test_suite.h"
17
18 #include <tests/utils/test_rng.h>
19 #include <utils/test.h>
20 #include <crypto/mgf1/mgf1.h>
21 #include <crypto/mgf1/mgf1_bitspender.h>
22
23 typedef struct {
24 hash_algorithm_t alg;
25 size_t hash_size;
26 size_t ml1, ml2, ml3, seed_len;
27 chunk_t seed;
28 chunk_t hashed_seed;
29 chunk_t mask;
30 uint32_t bits[22];
31 } mgf1_test_t;
32
33 /**
34 * MGF1 Mask Generation Function Test Vectors
35 */
36 mgf1_test_t mgf1_tests[] = {
37 { HASH_SHA1, 20, 60, 20, 15, 24,
38 chunk_from_chars(
39 0xED, 0xA5, 0xC3, 0xBC, 0xAF, 0xB3, 0x20, 0x7D,
40 0x14, 0xA1, 0x54, 0xF7, 0x8B, 0x37, 0xF2, 0x8D,
41 0x8C, 0x9B, 0xD5, 0x63, 0x57, 0x38, 0x11, 0xC2,
42 0xB5, 0xCA, 0xBF, 0x06, 0x43, 0x45, 0x19, 0xD5,
43 0xE7, 0x36, 0xD0, 0x29, 0x21, 0xDA, 0x02, 0x20,
44 0x45, 0xF6, 0x5F, 0x0F, 0x10, 0x04, 0x2A, 0xE3,
45 0x6A, 0x1D, 0xD5, 0x9F, 0x1D, 0x66, 0x44, 0x8F,
46 0xFA, 0xC6, 0xCA, 0xA4, 0x6E, 0x3B, 0x00, 0x66,
47 0xA6, 0xC9, 0x80, 0x5C, 0xF5, 0x2D, 0xD7, 0x72,
48 0xC6, 0xD4, 0x4F, 0x30, 0x72, 0xA2, 0xAD, 0xE0,
49 0x33, 0xE8, 0x55, 0xD5, 0xE6, 0xD6, 0x00, 0x1D,
50 0xA8, 0x68, 0xFF, 0x97, 0x36, 0x8A, 0xF4, 0xD6,
51 0xF1, 0xB6, 0x7E, 0x1F, 0x06, 0xCB, 0x57, 0xCB,
52 0x35, 0x38, 0xF2, 0x2D, 0xF6, 0x20),
53 chunk_from_chars(
54 0xF3, 0x9B, 0x0B, 0xB4, 0x97, 0x50, 0xB5, 0xA7,
55 0xE6, 0xBD, 0xDA, 0xD0, 0x9A, 0x52, 0xBE, 0xA0,
56 0x21, 0xC4, 0x90, 0xB6),
57 chunk_from_chars(
58 0x10, 0x43, 0x76, 0x72, 0x6C, 0xDE, 0xA0, 0x0E,
59 0x77, 0x51, 0xFB, 0x58, 0x39, 0x8A, 0x36, 0xE1,
60 0x63, 0x2B, 0xC9, 0x17, 0x56, 0x0C, 0x4B, 0x46,
61 0xA4, 0x07, 0xA4, 0x3B, 0x8E, 0x33, 0x4D, 0xD1,
62 0x65, 0xF1, 0xAC, 0xC8, 0x59, 0x21, 0x32, 0x16,
63 0x44, 0x2B, 0x7F, 0xB2, 0xA8, 0xA7, 0x26, 0x5D,
64 0xE8, 0x02, 0xBE, 0x8E, 0xDC, 0x34, 0xEB, 0x10,
65 0x76, 0x16, 0x8C, 0xDD, 0x90, 0x92, 0x3D, 0x29,
66 0x90, 0x98, 0x46, 0x11, 0x73, 0x53, 0x47, 0xB1,
67 0x2C, 0xD4, 0x83, 0x78, 0x9B, 0x93, 0x2F, 0x5B,
68 0xFC, 0x26, 0xFF, 0x42, 0x08, 0x1F, 0x70, 0x66,
69 0x40, 0x4B, 0xE7, 0x22, 0x3A, 0x56, 0x10, 0x6D,
70 0x4D, 0x29, 0x0B, 0xCE, 0xA6, 0x21, 0xB5, 0x5C,
71 0x71, 0x66, 0x2F, 0x70, 0x35, 0xD8, 0x8A, 0x92,
72 0x33, 0xF0, 0x16, 0xD4, 0x0E, 0x43, 0x8A, 0x14),
73 { 0, 0, 0, 4, 1, 1, 46, 103, 38, 411, 848, 57, 3540, 4058, 12403,
74 0x63, 0x2B, 0xC9, 0x17, 0x56, 669409, 0xA407A43B },
75 },
76 { HASH_SHA256, 32, 64, 32, 33, 40,
77 chunk_from_chars(
78 0x52, 0xC5, 0xDD, 0x1E, 0xEF, 0x76, 0x1B, 0x53,
79 0x08, 0xE4, 0x86, 0x3F, 0x91, 0x12, 0x98, 0x69,
80 0xC5, 0x9D, 0xDE, 0xF6, 0xFC, 0xFA, 0x93, 0xCE,
81 0x32, 0x52, 0x66, 0xF9, 0xC9, 0x97, 0xF6, 0x42,
82 0x00, 0x2C, 0x64, 0xED, 0x1A, 0x6B, 0x14, 0x0A,
83 0x4B, 0x04, 0xCF, 0x6D, 0x2D, 0x82, 0x0A, 0x07,
84 0xA2, 0x3B, 0xDE, 0xCE, 0x19, 0x8A, 0x39, 0x43,
85 0x16, 0x61, 0x29, 0x98, 0x68, 0xEA, 0xE5, 0xCC,
86 0x0A, 0xF8, 0xE9, 0x71, 0x26, 0xF1, 0x07, 0x36,
87 0x2C, 0x07, 0x1E, 0xEB, 0xE4, 0x28, 0xA2, 0xF4,
88 0xA8, 0x12, 0xC0, 0xC8, 0x20, 0x37, 0xF8, 0xF2,
89 0x6C, 0xAF, 0xDC, 0x6F, 0x2E, 0xD0, 0x62, 0x58,
90 0xD2, 0x37, 0x03, 0x6D, 0xFA, 0x6E, 0x1A, 0xAC,
91 0x9F, 0xCA, 0x56, 0xC6, 0xA4, 0x52, 0x41, 0xE8,
92 0x0F, 0x1B, 0x0C, 0xB9, 0xE6, 0xBA, 0xDE, 0xE1,
93 0x03, 0x5E, 0xC2, 0xE5, 0xF8, 0xF4, 0xF3, 0x46,
94 0x3A, 0x12, 0xC0, 0x1F, 0x3A, 0x00, 0xD0, 0x91,
95 0x18, 0xDD, 0x53, 0xE4, 0x22, 0xF5, 0x26, 0xA4,
96 0x54, 0xEE, 0x20, 0xF0, 0x80),
97 chunk_from_chars(
98 0x76, 0x89, 0x8B, 0x1B, 0x60, 0xEC, 0x10, 0x9D,
99 0x8F, 0x13, 0xF2, 0xFE, 0xD9, 0x85, 0xC1, 0xAB,
100 0x7E, 0xEE, 0xB1, 0x31, 0xDD, 0xF7, 0x7F, 0x0C,
101 0x7D, 0xF9, 0x6B, 0x7B, 0x19, 0x80, 0xBD, 0x28),
102 chunk_from_chars(
103 0xF1, 0x19, 0x02, 0x4F, 0xDA, 0x58, 0x05, 0x9A,
104 0x07, 0xDF, 0x61, 0x81, 0x22, 0x0E, 0x15, 0x46,
105 0xCB, 0x35, 0x3C, 0xDC, 0xAD, 0x20, 0xD9, 0x3F,
106 0x0D, 0xD1, 0xAA, 0x64, 0x66, 0x5C, 0xFA, 0x4A,
107 0xFE, 0xD6, 0x8F, 0x55, 0x57, 0x15, 0xB2, 0xA6,
108 0xA0, 0xE6, 0xA8, 0xC6, 0xBD, 0x28, 0xB4, 0xD5,
109 0x6E, 0x5B, 0x4B, 0xB0, 0x97, 0x09, 0xF5, 0xAC,
110 0x57, 0x65, 0x13, 0x97, 0x71, 0x2C, 0x45, 0x13,
111 0x3D, 0xEE, 0xFB, 0xBF, 0xFE, 0xAF, 0xBB, 0x4B,
112 0x0D, 0x5C, 0x45, 0xD4, 0x2F, 0x17, 0x92, 0x07,
113 0x66, 0x11, 0xF5, 0x46, 0xF8, 0x0C, 0x03, 0x92,
114 0xF5, 0xF5, 0xFF, 0xA4, 0xF3, 0x52, 0xF4, 0x08,
115 0x2C, 0x49, 0x32, 0x1A, 0x93, 0x51, 0x98, 0xB6,
116 0x94, 0x83, 0x39, 0xCF, 0x6B, 0x1F, 0x2F, 0xFC,
117 0x2B, 0xFF, 0x10, 0x71, 0x7D, 0x35, 0x6C, 0xEA,
118 0xC5, 0x66, 0xC7, 0x26, 0x7D, 0x9E, 0xAC, 0xDD,
119 0x35, 0xD7, 0x06, 0x3F, 0x40, 0x82, 0xDA, 0xC3,
120 0x2B, 0x3C, 0x91, 0x3A, 0x32, 0xF8, 0xB2, 0xC6,
121 0x44, 0x4D, 0xCD, 0xB6, 0x54, 0x5F, 0x81, 0x95,
122 0x59, 0xA1, 0xE5, 0x4E, 0xA5, 0x0A, 0x4A, 0x42),
123 { 0, 1, 3, 4, 4, 12, 32, 36, 253, 331, 2, 1640, 503, 6924, 580,
124 0xCB, 0x35, 0x3C, 0xDC, 0xAD, 922950, 0x0DD1AA64 }
125 }
126 };
127
128 START_TEST(mgf1_test_mgf1)
129 {
130 mgf1_t *mgf1;
131 chunk_t mask, mask1, mask2, mask3;
132
133 mask1 = mgf1_tests[_i].mask;
134 mask2 = chunk_skip(mask1, mgf1_tests[_i].ml1);
135 mask3 = chunk_skip(mask2, mgf1_tests[_i].ml2);
136 mask1.len = mgf1_tests[_i].ml1;
137 mask2.len = mgf1_tests[_i].ml2;
138 mask3.len = mgf1_tests[_i].ml3;
139
140 mgf1 = mgf1_create(HASH_UNKNOWN, mgf1_tests[_i].seed, TRUE);
141 ck_assert(mgf1 == NULL);
142
143 mgf1 = mgf1_create(mgf1_tests[_i].alg, chunk_empty, TRUE);
144 ck_assert(mgf1 == NULL);
145
146 /* return mask in allocated chunk */
147 mgf1 = mgf1_create(mgf1_tests[_i].alg, mgf1_tests[_i].seed, TRUE);
148 ck_assert(mgf1);
149
150 /* check hash size */
151 ck_assert(mgf1->get_hash_size(mgf1) == mgf1_tests[_i].hash_size);
152
153 /* get zero number of octets */
154 ck_assert(mgf1->allocate_mask(mgf1, 0, &mask));
155 ck_assert(mask.len == 0 && mask.ptr == NULL);
156
157 /* get non-zero number of octets */
158 ck_assert(mgf1->allocate_mask(mgf1, mgf1_tests[_i].mask.len, &mask));
159 ck_assert(chunk_equals(mask, mgf1_tests[_i].mask));
160 mgf1->destroy(mgf1);
161
162 /* copy mask to pre-allocated buffer */
163 mgf1 = mgf1_create(mgf1_tests[_i].alg, mgf1_tests[_i].seed, TRUE);
164 ck_assert(mgf1);
165 ck_assert(mgf1->get_mask(mgf1, mgf1_tests[_i].mask.len, mask.ptr));
166 ck_assert(chunk_equals(mask, mgf1_tests[_i].mask));
167 mgf1->destroy(mgf1);
168
169 /* get mask in batches without hashing the seed */
170 mgf1 = mgf1_create(mgf1_tests[_i].alg, mgf1_tests[_i].hashed_seed, FALSE);
171 ck_assert(mgf1);
172
173 /* first batch */
174 ck_assert(mgf1->get_mask(mgf1, mask1.len, mask.ptr));
175 mask.len = mask1.len;
176 ck_assert(chunk_equals(mask, mask1));
177
178 /* second batch */
179 ck_assert(mgf1->get_mask(mgf1, mask2.len, mask.ptr));
180 mask.len = mask2.len;
181 ck_assert(chunk_equals(mask, mask2));
182
183 /* third batch */
184 ck_assert(mgf1->get_mask(mgf1, mask3.len, mask.ptr));
185 mask.len = mask3.len;
186 ck_assert(chunk_equals(mask, mask3));
187
188 mgf1->destroy(mgf1);
189 chunk_free(&mask);
190 }
191 END_TEST
192
193 START_TEST(mgf1_test_bitspender)
194 {
195 mgf1_bitspender_t *bitspender;
196 uint32_t bits;
197 uint8_t byte;
198 int j;
199
200 bitspender = mgf1_bitspender_create(HASH_UNKNOWN,
201 mgf1_tests[_i].hashed_seed, FALSE);
202 ck_assert(bitspender == NULL);
203
204 bitspender = mgf1_bitspender_create(mgf1_tests[_i].alg,
205 mgf1_tests[_i].hashed_seed, FALSE);
206 ck_assert(bitspender);
207
208 for (j = 0; j < 15; j++)
209 {
210 ck_assert(bitspender->get_bits(bitspender, j, &bits));
211 DBG1(DBG_LIB, "bits[%d] = %u, bits = %u", j, mgf1_tests[_i].bits[j],
212 bits);
213 ck_assert(bits == mgf1_tests[_i].bits[j]);
214 }
215 ck_assert(!bitspender->get_bits(bitspender, 33, &bits));
216
217 for (j = 15; j < 20; j++)
218 {
219 ck_assert(bitspender->get_byte(bitspender, &byte));
220 DBG1(DBG_LIB, "bits[%d] = 0x%02x, byte = 0x%02x", j,
221 mgf1_tests[_i].bits[j], byte);
222 ck_assert(byte == mgf1_tests[_i].bits[j]);
223 }
224
225 j = 20; /* 23 remaining bits */
226 ck_assert(bitspender->get_bits(bitspender, 23, &bits));
227 DBG1(DBG_LIB, "bits[%d] = %u, bits = %u", j,
228 mgf1_tests[_i].bits[j], bits);
229 ck_assert(bits == mgf1_tests[_i].bits[j]);
230
231 j = 21; /* 32 aligned bits */
232 ck_assert(bitspender->get_bits(bitspender, 32, &bits));
233 DBG1(DBG_LIB, "bits[%d] = 0x%08x, bits = 0x%08x", j,
234 mgf1_tests[_i].bits[j], bits);
235 ck_assert(bits == mgf1_tests[_i].bits[j]);
236
237 bitspender->destroy(bitspender);
238 }
239 END_TEST
240
241
242 Suite *mgf1_suite_create()
243 {
244 Suite *s;
245 TCase *tc;
246
247 s = suite_create("mgf1");
248
249 tc = tcase_create("mgf1");
250 tcase_add_loop_test(tc, mgf1_test_mgf1, 0, countof(mgf1_tests));
251 suite_add_tcase(s, tc);
252
253 tc = tcase_create("bitspender");
254 tcase_add_loop_test(tc, mgf1_test_bitspender, 0, countof(mgf1_tests));
255 suite_add_tcase(s, tc);
256
257 return s;
258 }