1 /*        $NetBSD: eaytest.c,v 1.11 2025/03/07 15:55:29 christos Exp $          */
2 
3 /* Id: eaytest.c,v 1.22 2005/06/19 18:02:54 manubsd Exp */
4 
5 /*
6  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
7  * All rights reserved.
8  *
9  * Redistribution and use in source and binary forms, with or without
10  * modification, are permitted provided that the following conditions
11  * are met:
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  * 2. Redistributions in binary form must reproduce the above copyright
15  *    notice, this list of conditions and the following disclaimer in the
16  *    documentation and/or other materials provided with the distribution.
17  * 3. Neither the name of the project nor the names of its contributors
18  *    may be used to endorse or promote products derived from this software
19  *    without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31  * SUCH DAMAGE.
32  */
33 
34 #include "config.h"
35 
36 #include <sys/types.h>
37 #include <sys/stat.h>
38 #include <sys/socket.h>
39 
40 #include <netinet/in.h>
41 
42 #include <stdlib.h>
43 #include <stdio.h>
44 #include <string.h>
45 #include <limits.h>
46 #include <dirent.h>
47 #include <fcntl.h>
48 #include <unistd.h>
49 #include <err.h>
50 
51 #include <openssl/bio.h>
52 #include <openssl/pem.h>
53 
54 #include "var.h"
55 #include "vmbuf.h"
56 #include "misc.h"
57 #include "debug.h"
58 #include "str2val.h"
59 #include "plog.h"
60 
61 #include "oakley.h"
62 #include "dhgroup.h"
63 #include "crypto_openssl.h"
64 #include "gnuc.h"
65 
66 #include "package_version.h"
67 
68 #define PVDUMP(var) racoon_hexdump((var)->v, (var)->l)
69 
70 /*#define CERTTEST_BROKEN */
71 
72 /* prototype */
73 
74 static vchar_t *pem_read_buf(char *);
75 void Usage(void);
76 
77 int rsatest(int, char **);
78 int ciphertest(int, char **);
79 int hmactest(int, char **);
80 int sha1test(int, char **);
81 int md5test(int, char **);
82 int dhtest(int, char **);
83 int bntest(int, char **);
84 #ifndef CERTTEST_BROKEN
85 static char **getcerts(char *);
86 int certtest(int, char **);
87 #endif
88 
89 /* test */
90 
91 static int
rsa_verify_with_pubkey(src,sig,pubkey_txt)92 rsa_verify_with_pubkey(src, sig, pubkey_txt)
93           vchar_t *src, *sig;
94           char *pubkey_txt;
95 {
96           BIO *bio;
97           EVP_PKEY *evp;
98           int error;
99 
100           bio = BIO_new_mem_buf(pubkey_txt, strlen(pubkey_txt));
101           evp = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
102           if (! evp) {
103                     printf ("PEM_read_PUBKEY(): %s\n", eay_strerror());
104                     return -1;
105           }
106           error = eay_check_rsasign(src, sig, evp->pkey.rsa);
107 
108           return error;
109 }
110 
111 int
rsatest(ac,av)112 rsatest(ac, av)
113           int ac;
114           char **av;
115 {
116           char *text = "this is test.";
117           vchar_t src;
118           vchar_t *priv, *sig;
119           int loglevel_saved;
120 
121           char *pkcs1 =
122 "-----BEGIN RSA PRIVATE KEY-----\n"
123 "MIICXQIBAAKBgQChe5/Fzk9SA0vCKBOcu9jBcLb9oLv50PeuEfQojhakY+OH8A3Q\n"
124 "M8A0qIDG6uhTNGPvzCWb/+mKeOB48n5HJpLxlDFyP3kyd2yXHIZ/MN8g1nh4FsB0\n"
125 "iTkk8QUCJkkan6FCOBrIeLEsGA5AdodzuR+khnCMt8vO+NFHZYKAQeynyQIDAQAB\n"
126 "AoGAOfDcnCHxjhDGrwyoNNWl6Yqi7hAtQm67YAbrH14UO7nnmxAENM9MyNgpFLaW\n"
127 "07v5m8IZQIcradcDXAJOUwNBN8E06UflwEYCaScIwndvr5UpVlN3e2NC6Wyg2yC7\n"
128 "GarxQput3zj35XNR5bK42UneU0H6zDxpHWqI1SwE+ToAHu0CQQDNl9gUJTpg0L09\n"
129 "HkbE5jeb8bA5I20nKqBOBP0v5tnzpwu41umQwk9I7Ru0ucD7j+DW4k8otadW+FnI\n"
130 "G1M1MpSjAkEAyRMt4bN8otfpOpsOQWzw4jQtouohOxRFCrQTntHhU20PrQnQLZWs\n"
131 "pOVzqCjRytYtkPEUA1z8QK5gGcVPcOQsowJBALmt2rwPB1NrEo5Bat7noO+Zb3Ob\n"
132 "WDiYWeE8xkHd95gDlSWiC53ur9aINo6ZeP556jGIgL+el/yHHecJLrQL84sCQH48\n"
133 "zUxq/C/cb++8UzneJGlPqusiJNTLiAENR1gpmlZfHT1c8Nb9phMsfu0vG29GAfuC\n"
134 "bzchVLljALCNQK+2gRMCQQCNIgN+R9mRWZhFAcC1sq++YnuSBlw4VwdL/fd1Yg9e\n"
135 "Ul+U98yPl/NXt8Rs4TRBFcOZjkFI8xv0hQtevTgTmgz+\n"
136 "-----END RSA PRIVATE KEY-----\n\n";
137           char *pubkey =
138 "-----BEGIN PUBLIC KEY-----\n"
139 "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQChe5/Fzk9SA0vCKBOcu9jBcLb9\n"
140 "oLv50PeuEfQojhakY+OH8A3QM8A0qIDG6uhTNGPvzCWb/+mKeOB48n5HJpLxlDFy\n"
141 "P3kyd2yXHIZ/MN8g1nh4FsB0iTkk8QUCJkkan6FCOBrIeLEsGA5AdodzuR+khnCM\n"
142 "t8vO+NFHZYKAQeynyQIDAQAB\n"
143 "-----END PUBLIC KEY-----\n\n";
144           char *pubkey_wrong =
145 "-----BEGIN PUBLIC KEY-----\n"
146 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDncG2tSokRBhK8la1mO\n"
147 "QnUpxg6KvpoFUjEyRiIE1GRap5V6jCCEOmA9ZAz4Oa/97oxewwMWtchIxSBZVCia\n"
148 "H9oGasbOFzrtSR+MKl6Cb/Ow3Fu+PKbHTsnfTk/nOOWyaQh91PRD7fdwHe8L9P7w\n"
149 "2kFPmDW6+RNKIR4OErhXf1O0eSShPe0TO3vx43O7dWqhmh3Kgr4Jq7zAGqHtwu0B\n"
150 "RFZnmsocOnVZb2yAHndp51/Mk1H37ThHwN7qMx7RqrS3ru3XtchpJd9IQJPBIRfY\n"
151 "VYQ68u5ix/Z80Y6VkRf0qnAvel8B6D3N3Zyq5u7G60PfvvtCybeMn7nVrSMxqMW/\n"
152 "xwIDAQAB\n"
153 "-----END PUBLIC KEY-----\n\n";
154 
155           printf ("%s", pkcs1);
156           printf ("%s", pubkey);
157           priv = pem_read_buf(pkcs1);
158 
159           src.v = text;
160           src.l = strlen(text);
161 
162           /* sign */
163           sig = eay_get_x509sign(&src, priv);
164           if (sig == NULL) {
165                     printf("sign failed. %s\n", eay_strerror());
166                     return -1;
167           }
168 
169           printf("RSA signed data.\n");
170           PVDUMP(sig);
171 
172           printf("Verification with correct pubkey: ");
173           if (rsa_verify_with_pubkey (&src, sig, pubkey) != 0) {
174                     printf ("Failed.\n");
175                     return -1;
176           }
177           else
178                     printf ("Verified. Good.\n");
179 
180           loglevel_saved = loglevel;
181           loglevel = 0;
182           printf("Verification with wrong pubkey: ");
183           if (rsa_verify_with_pubkey (&src, sig, pubkey_wrong) != 0)
184                     printf ("Not verified. Good.\n");
185           else {
186                     printf ("Verified. This is bad...\n");
187                     loglevel = loglevel_saved;
188                     return -1;
189           }
190           loglevel = loglevel_saved;
191 
192           return 0;
193 }
194 
195 static vchar_t *
pem_read_buf(buf)196 pem_read_buf(buf)
197           char *buf;
198 {
199           BIO *bio;
200           char *nm = NULL, *header = NULL;
201           unsigned char *data = NULL;
202           long len;
203           vchar_t *ret;
204           int error;
205 
206           bio = BIO_new_mem_buf(buf, strlen(buf));
207           error = PEM_read_bio(bio, &nm, &header, &data, &len);
208           if (error == 0)
209                     errx(1, "%s", eay_strerror());
210           ret = vmalloc(len);
211           if (ret == NULL)
212                     err(1, "vmalloc");
213           memcpy(ret->v, data, len);
214 
215           return ret;
216 }
217 
218 #ifndef CERTTEST_BROKEN
219 int
certtest(ac,av)220 certtest(ac, av)
221           int ac;
222           char **av;
223 {
224           char *certpath;
225           char **certs;
226           int type;
227           int error;
228 
229           printf("\n**Test for Certificate.**\n");
230 
231     {
232           vchar_t *asn1dn = NULL, asn1dn0;
233 #ifdef ORIG_DN
234           char dnstr[] = "C=JP, ST=Kanagawa, L=Fujisawa, O=WIDE Project, OU=KAME Project, CN=Shoichi Sakane/Email=sakane@kame.net";
235           char *dnstr_w1 = NULL;
236           char *dnstr_w2 = NULL;
237           char dn0[] = {
238                     0x30,0x81,0x9a,0x31,0x0b,0x30,0x09,0x06,
239                     0x03,0x55,0x04,0x06,0x13,0x02,0x4a,0x50,
240                     0x31,0x11,0x30,0x0f,0x06,0x03,0x55,0x04,
241                     0x08,0x13,0x08,0x4b,0x61,0x6e,0x61,0x67,
242                     0x61,0x77,0x61,0x31,0x11,0x30,0x0f,0x06,
243                     0x03,0x55,0x04,0x07,0x13,0x08,0x46,0x75,
244                     0x6a,0x69,0x73,0x61,0x77,0x61,0x31,0x15,
245                     0x30,0x13,0x06,0x03,0x55,0x04,0x0a,0x13,
246                     0x0c,0x57,0x49,0x44,0x45,0x20,0x50,0x72,
247                     0x6f,0x6a,0x65,0x63,0x74,0x31,0x15,0x30,
248                     0x13,0x06,0x03,0x55,0x04,0x0b,0x13,0x0c,
249                     0x4b,0x41,0x4d,0x45,0x20,0x50,0x72,0x6f,
250                     0x6a,0x65,0x63,0x74,0x31,0x17,0x30,0x15,
251                     0x06,0x03,0x55,0x04,0x03,0x13,0x0e,0x53,
252                     0x68,0x6f,0x69,0x63,0x68,0x69,0x20,0x53,
253                     0x61,0x6b,0x61,0x6e,0x65,0x31,0x1e,0x30,
254                     0x1c,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,
255                     0x0d,0x01,0x09,0x01,
256                     0x0c,     /* <== XXX */
257                     0x0f,0x73,0x61,
258                     0x6b,0x61,0x6e,0x65,0x40,0x6b,0x61,0x6d,
259                     0x65,0x2e,0x6e,0x65,0x74,
260           };
261 #else /* not ORIG_DN */
262           char dnstr[] = "C=JP, ST=Kanagawa, L=Fujisawa, O=WIDE Project, OU=KAME Project, CN=Shoichi Sakane";
263           char dnstr_w1[] = "C=JP, ST=Kanagawa, L=Fujisawa, O=WIDE Project, OU=*, CN=Shoichi Sakane";
264           char dnstr_w2[] = "C=JP, ST=Kanagawa, L=Fujisawa, O=WIDE Project, OU=KAME Project, CN=*";
265           char dn0[] = {
266                     0x30,0x7a,0x31,0x0b,0x30,0x09,0x06,0x03,
267                     0x55,0x04,0x06,0x13,0x02,0x4a,0x50,0x31,
268                     0x11,0x30,0x0f,0x06,0x03,0x55,0x04,0x08,
269                     0x13,0x08,0x4b,0x61,0x6e,0x61,0x67,0x61,
270                     0x77,0x61,0x31,0x11,0x30,0x0f,0x06,0x03,
271                     0x55,0x04,0x07,0x13,0x08,0x46,0x75,0x6a,
272                     0x69,0x73,0x61,0x77,0x61,0x31,0x15,0x30,
273                     0x13,0x06,0x03,0x55,0x04,0x0a,0x13,0x0c,
274                     0x57,0x49,0x44,0x45,0x20,0x50,0x72,0x6f,
275                     0x6a,0x65,0x63,0x74,0x31,0x15,0x30,0x13,
276                     0x06,0x03,0x55,0x04,0x0b,0x13,0x0c,0x4b,
277                     0x41,0x4d,0x45,0x20,0x50,0x72,0x6f,0x6a,
278                     0x65,0x63,0x74,0x31,0x17,0x30,0x15,0x06,
279                     0x03,0x55,0x04,0x03,0x13,0x0e,0x53,0x68,
280                     0x6f,0x69,0x63,0x68,0x69,0x20,0x53,0x61,
281                     0x6b,0x61,0x6e,0x65,
282           };
283 #endif /* ORIG_DN */
284 
285           printf("check to convert the string into subjectName.\n");
286           printf("%s\n", dnstr);
287 
288           asn1dn0.v = dn0;
289           asn1dn0.l = sizeof(dn0);
290 
291           asn1dn = eay_str2asn1dn(dnstr, strlen(dnstr));
292           if (asn1dn == NULL || asn1dn->l != asn1dn0.l)
293 #ifdef OUTPUT_VALID_ASN1DN
294           {
295                     unsigned char *cp; int  i;
296                     printf("asn1dn length mismatched (%zu != %zu).\n", asn1dn ? asn1dn->l : -1, asn1dn0.l);
297                     for (cp = asn1dn->v, i = 0; i < asn1dn->l; i++)
298                         printf ("0x%02x,", *cp++);
299                     exit (1);
300           }
301 #else
302                     errx(1, "asn1dn length mismatched (%zu != %zu).\n", asn1dn ? asn1dn->l : -1, asn1dn0.l);
303 #endif
304 
305           /*
306            * NOTE: The value pointed by "<==" above is different from the
307            * return of eay_str2asn1dn().  but eay_cmp_asn1dn() can distinguish
308            * both of the names are same name.
309            */
310           if (eay_cmp_asn1dn(&asn1dn0,  asn1dn))
311                     errx(1, "asn1dn mismatched.\n");
312           vfree(asn1dn);
313 
314           printf("exact match: succeed.\n");
315 
316           if (dnstr_w1 != NULL) {
317                     asn1dn = eay_str2asn1dn(dnstr_w1, strlen(dnstr_w1));
318                     if (asn1dn == NULL || asn1dn->l == asn1dn0.l)
319                               errx(1, "asn1dn length wrong for wildcard 1\n");
320                     if (eay_cmp_asn1dn(&asn1dn0,  asn1dn))
321                               errx(1, "asn1dn mismatched for wildcard 1.\n");
322                     vfree(asn1dn);
323                     printf("wildcard 1 match: succeed.\n");
324           }
325 
326           if (dnstr_w1 != NULL) {
327                     asn1dn = eay_str2asn1dn(dnstr_w2, strlen(dnstr_w2));
328                     if (asn1dn == NULL || asn1dn->l == asn1dn0.l)
329                               errx(1, "asn1dn length wrong for wildcard 2\n");
330                     if (eay_cmp_asn1dn(&asn1dn0,  asn1dn))
331                               errx(1, "asn1dn mismatched for wildcard 2.\n");
332                     vfree(asn1dn);
333                     printf("wildcard 2 match: succeed.\n");
334           }
335 
336     }
337           eay_init();
338 
339           /* get certs */
340           if (ac > 1) {
341                     certpath = *(av + 1);
342                     certs = getcerts(certpath);
343           } else {
344 #ifdef ORIG_DN
345                     printf("\nCAUTION: These certificates are probably invalid "
346                               "on your environment because you don't have their "
347                               "issuer's certs in your environment.\n\n");
348 
349                     certpath = "/usr/local/openssl/certs";
350                     certs = getcerts(NULL);
351 #else
352                     printf("\nWARNING: The main certificates are probably invalid "
353                               "on your environment\nbecause you don't have their "
354                               "issuer's certs in your environment\nso not doing "
355                               "this test.\n\n");
356                     return (0);
357 #endif
358           }
359 
360           while (*certs != NULL) {
361 
362                     vchar_t c;
363                     char *str;
364                     vchar_t *vstr;
365 
366                     printf("===CERT===\n");
367 
368                     c.v = *certs;
369                     c.l = strlen(*certs);
370 
371                     /* print text */
372                     str = eay_get_x509text(&c);
373                     printf("%s", str);
374                     racoon_free(str);
375 
376                     /* print ASN.1 of subject name */
377                     vstr = eay_get_x509asn1subjectname(&c);
378                     if (!vstr)
379                               return 0;
380                     PVDUMP(vstr);
381                     printf("\n");
382                     vfree(vstr);
383 
384                     /* print subject alt name */
385               {
386                     int pos;
387                     for (pos = 1; ; pos++) {
388                               error = eay_get_x509subjectaltname(&c, &str, &type, pos);
389                               if (error) {
390                                         printf("no subjectaltname found.\n");
391                                         break;
392                               }
393                               if (!str)
394                                         break;
395                               printf("SubjectAltName: %d: %s\n", type, str);
396                               racoon_free(str);
397                     }
398               }
399 
400                     /* NULL => name of the certificate file */
401                     error = eay_check_x509cert(&c, certpath, NULL, 1);
402                     if (error)
403                               printf("ERROR: cert is invalid.\n");
404                     printf("\n");
405 
406                     certs++;
407           }
408           return 0;
409 }
410 
411 static char **
getcerts(path)412 getcerts(path)
413           char *path;
414 {
415           char **certs = NULL, **p;
416           DIR *dirp;
417           struct dirent *dp;
418           struct stat sb;
419           char buf[512];
420           int len;
421           int n;
422           int fd;
423 
424           static char *samplecerts[] = {
425 /* self signed */
426 "-----BEGIN CERTIFICATE-----\n"
427 "MIICpTCCAg4CAQAwDQYJKoZIhvcNAQEEBQAwgZoxCzAJBgNVBAYTAkpQMREwDwYD\n"
428 "VQQIEwhLYW5hZ2F3YTERMA8GA1UEBxMIRnVqaXNhd2ExFTATBgNVBAoTDFdJREUg\n"
429 "UHJvamVjdDEVMBMGA1UECxMMS0FNRSBQcm9qZWN0MRcwFQYDVQQDEw5TaG9pY2hp\n"
430 "IFNha2FuZTEeMBwGCSqGSIb3DQEJARYPc2FrYW5lQGthbWUubmV0MB4XDTAwMDgy\n"
431 "NDAxMzc0NFoXDTAwMDkyMzAxMzc0NFowgZoxCzAJBgNVBAYTAkpQMREwDwYDVQQI\n"
432 "EwhLYW5hZ2F3YTERMA8GA1UEBxMIRnVqaXNhd2ExFTATBgNVBAoTDFdJREUgUHJv\n"
433 "amVjdDEVMBMGA1UECxMMS0FNRSBQcm9qZWN0MRcwFQYDVQQDEw5TaG9pY2hpIFNh\n"
434 "a2FuZTEeMBwGCSqGSIb3DQEJARYPc2FrYW5lQGthbWUubmV0MIGfMA0GCSqGSIb3\n"
435 "DQEBAQUAA4GNADCBiQKBgQCpIQG/H3zn4czAmPBcbkDrYxE1A9vcpghpib3Of0Op\n"
436 "SsiWIBOyIMiVAzK/I/JotWp3Vdn5fzGp/7DGAbWXAALas2xHkNmTMPpu6qhmNQ57\n"
437 "kJHZHal24mgc1hwbrI9fb5olvIexx9a1riNPnKMRVHzXYizsyMbf+lJJmZ8QFhWN\n"
438 "twIDAQABMA0GCSqGSIb3DQEBBAUAA4GBACKs6X/BYycuHI3iop403R3XWMHHnNBN\n"
439 "5XTHVWiWgR1cMWkq/dp51gn+nPftpdAaYGpqGkiHGhZcXLoBaX9uON3p+7av+sQN\n"
440 "plXwnvUf2Zsgu+fojskS0gKcDlYiq1O8TOaBgJouFZgr1q6PiYjVEJGogAP28+HN\n"
441 "M4o+GBFbFoqK\n"
442 "-----END CERTIFICATE-----\n\n",
443 /* signed by SSH testing CA + CA1 + CA2 */
444 "-----BEGIN X509 CERTIFICATE-----\n"
445 "MIICtTCCAj+gAwIBAgIEOaR8NjANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJG\n"
446 "STEkMCIGA1UEChMbU1NIIENvbW11bmljYXRpb25zIFNlY3VyaXR5MREwDwYDVQQL\n"
447 "EwhXZWIgdGVzdDEbMBkGA1UEAxMSVGVzdCBDQSAxIHN1YiBjYSAyMB4XDTAwMDgy\n"
448 "NDAwMDAwMFoXDTAwMTAwMTAwMDAwMFowgZoxCzAJBgNVBAYTAkpQMREwDwYDVQQI\n"
449 "EwhLYW5hZ2F3YTERMA8GA1UEBxMIRnVqaXNhd2ExFTATBgNVBAoTDFdJREUgUHJv\n"
450 "amVjdDEVMBMGA1UECxMMS0FNRSBQcm9qZWN0MRcwFQYDVQQDEw5TaG9pY2hpIFNh\n"
451 "a2FuZTEeMBwGCSqGSIb3DQEJAQwPc2FrYW5lQGthbWUubmV0MIGfMA0GCSqGSIb3\n"
452 "DQEBAQUAA4GNADCBiQKBgQCpIQG/H3zn4czAmPBcbkDrYxE1A9vcpghpib3Of0Op\n"
453 "SsiWIBOyIMiVAzK/I/JotWp3Vdn5fzGp/7DGAbWXAALas2xHkNmTMPpu6qhmNQ57\n"
454 "kJHZHal24mgc1hwbrI9fb5olvIexx9a1riNPnKMRVHzXYizsyMbf+lJJmZ8QFhWN\n"
455 "twIDAQABo18wXTALBgNVHQ8EBAMCBaAwGgYDVR0RBBMwEYEPc2FrYW5lQGthbWUu\n"
456 "bmV0MDIGA1UdHwQrMCkwJ6AloCOGIWh0dHA6Ly9sZGFwLnNzaC5maS9jcmxzL2Nh\n"
457 "MS0yLmNybDANBgkqhkiG9w0BAQUFAANhADtaqual41OWshF/rwCTuR6zySBJysGp\n"
458 "+qjkp5efCiYKhAu1L4WXlMsV/SNdzspui5tHasPBvUw8gzFsU/VW/B2zuQZkimf1\n"
459 "u6ZPjUb/vt8vLOPScP5MeH7xrTk9iigsqQ==\n"
460 "-----END X509 CERTIFICATE-----\n\n",
461 /* VP100 */
462 "-----BEGIN CERTIFICATE-----\n"
463 "MIICXzCCAcigAwIBAgIEOXGBIzANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJG\n"
464 "STEkMCIGA1UEChMbU1NIIENvbW11bmljYXRpb25zIFNlY3VyaXR5MREwDwYDVQQL\n"
465 "EwhXZWIgdGVzdDESMBAGA1UEAxMJVGVzdCBDQSAxMB4XDTAwMDcxNjAwMDAwMFoX\n"
466 "DTAwMDkwMTAwMDAwMFowNTELMAkGA1UEBhMCanAxETAPBgNVBAoTCHRhaGl0ZXN0\n"
467 "MRMwEQYDVQQDEwpmdXJ1a2F3YS0xMIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKB\n"
468 "gQDUmI2RaAuoLvtRDbASwRhbkj/Oq0BBIKgAqbFknc/EanJSQwZQu82gD88nf7gG\n"
469 "VEioWmKPLDuEjz5JCuM+k5f7HYHI1wWmz1KFr7UA+avZm4Kp6YKnhuH7soZp7kBL\n"
470 "hTiZEpL0jdmCWLW3ZXoro55rmPrBsCd+bt8VU6tRZm5dUwIBKaNZMFcwCwYDVR0P\n"
471 "BAQDAgWgMBYGA1UdEQQPMA2CBVZQMTAwhwQKFIaFMDAGA1UdHwQpMCcwJaAjoCGG\n"
472 "H2h0dHA6Ly9sZGFwLnNzaC5maS9jcmxzL2NhMS5jcmwwDQYJKoZIhvcNAQEFBQAD\n"
473 "gYEAKJ/2Co/KYW65mwpGG3CBvsoRL8xyUMHGt6gQpFLHiiHuAdix1ADTL6uoFuYi\n"
474 "4sE5omQm1wKVv2ZhS03zDtUfKoVEv0HZ7IY3AU/FZT/M5gQvbt43Dki/ma3ock2I\n"
475 "PPhbLsvXm+GCVh3jvkYGk1zr7VERVeTPtmT+hW63lcxfFp4=\n"
476 "-----END CERTIFICATE-----\n\n",
477 /* IKED */
478 "-----BEGIN CERTIFICATE-----\n"
479 "MIIEFTCCA7+gAwIBAgIKYU5X6AAAAAAACTANBgkqhkiG9w0BAQUFADCBljEpMCcG\n"
480 "CSqGSIb3DQEJARYaeS13YXRhbmFAc2RsLmhpdGFjaGkuY28uanAxCzAJBgNVBAYT\n"
481 "AkpQMREwDwYDVQQIEwhLQU5BR0FXQTERMA8GA1UEBxMIWW9rb2hhbWExEDAOBgNV\n"
482 "BAoTB0hJVEFDSEkxDDAKBgNVBAsTA1NETDEWMBQGA1UEAxMNSVBzZWMgVGVzdCBD\n"
483 "QTAeFw0wMDA3MTUwMjUxNDdaFw0wMTA3MTUwMzAxNDdaMEUxCzAJBgNVBAYTAkpQ\n"
484 "MREwDwYDVQQIEwhLQU5BR0FXQTEQMA4GA1UEChMHSElUQUNISTERMA8GA1UEAxMI\n"
485 "V0FUQU5BQkUwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA6Wja5A7Ldzrtx+rMWHEB\n"
486 "Cyt+/ZoG0qdFQbuuUiU1vOSq+1f+ZSCYAdTq13Lrr6Xfz3jDVFEZLPID9PSTFwq+\n"
487 "yQIDAQABo4ICPTCCAjkwDgYDVR0PAQH/BAQDAgTwMBMGA1UdJQQMMAoGCCsGAQUF\n"
488 "CAICMB0GA1UdDgQWBBTkv7/MH5Ra+S1zBAmnUIH5w8ZTUTCB0gYDVR0jBIHKMIHH\n"
489 "gBQsF2qoaTl5F3GFLKrttaxPJ8j4faGBnKSBmTCBljEpMCcGCSqGSIb3DQEJARYa\n"
490 "eS13YXRhbmFAc2RsLmhpdGFjaGkuY28uanAxCzAJBgNVBAYTAkpQMREwDwYDVQQI\n"
491 "EwhLQU5BR0FXQTERMA8GA1UEBxMIWW9rb2hhbWExEDAOBgNVBAoTB0hJVEFDSEkx\n"
492 "DDAKBgNVBAsTA1NETDEWMBQGA1UEAxMNSVBzZWMgVGVzdCBDQYIQeccIf4GYDIBA\n"
493 "rS6HSUt8XjB7BgNVHR8EdDByMDagNKAyhjBodHRwOi8vZmxvcmEyMjAvQ2VydEVu\n"
494 "cm9sbC9JUHNlYyUyMFRlc3QlMjBDQS5jcmwwOKA2oDSGMmZpbGU6Ly9cXGZsb3Jh\n"
495 "MjIwXENlcnRFbnJvbGxcSVBzZWMlMjBUZXN0JTIwQ0EuY3JsMIGgBggrBgEFBQcB\n"
496 "AQSBkzCBkDBFBggrBgEFBQcwAoY5aHR0cDovL2Zsb3JhMjIwL0NlcnRFbnJvbGwv\n"
497 "ZmxvcmEyMjBfSVBzZWMlMjBUZXN0JTIwQ0EuY3J0MEcGCCsGAQUFBzAChjtmaWxl\n"
498 "Oi8vXFxmbG9yYTIyMFxDZXJ0RW5yb2xsXGZsb3JhMjIwX0lQc2VjJTIwVGVzdCUy\n"
499 "MENBLmNydDANBgkqhkiG9w0BAQUFAANBAG8yZAWHb6g3zba453Hw5loojVDZO6fD\n"
500 "9lCsyaxeo9/+7x1JEEcdZ6qL7KKqe7ZBwza+hIN0ITkp2WEWo22gTz4=\n"
501 "-----END CERTIFICATE-----\n\n",
502 /* From Entrust */
503 "-----BEGIN CERTIFICATE-----\n"
504 "MIIDXTCCAsagAwIBAgIEOb6khTANBgkqhkiG9w0BAQUFADA4MQswCQYDVQQGEwJV\n"
505 "UzEQMA4GA1UEChMHRW50cnVzdDEXMBUGA1UECxMOVlBOIEludGVyb3AgUk8wHhcN\n"
506 "MDAwOTE4MjMwMDM3WhcNMDMwOTE4MjMzMDM3WjBTMQswCQYDVQQGEwJVUzEQMA4G\n"
507 "A1UEChMHRW50cnVzdDEXMBUGA1UECxMOVlBOIEludGVyb3AgUk8xGTAXBgNVBAMT\n"
508 "EFNob2ljaGkgU2FrYW5lIDIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKj3\n"
509 "eXSt1qXxFXzpa265B/NQYk5BZN7pNJg0tlTKBTVV3UgpQ92Bx5DoNfZh11oIv0Sw\n"
510 "6YnG5p9F9ma36U9HDoD3hVTjAvQKy4ssCsnU1y6v5XOU1QvYQo6UTzgsXUTaIau4\n"
511 "Lrccl+nyoiNzy3lG51tLR8CxuA+3OOAK9xPjszClAgMBAAGjggFXMIIBUzBABgNV\n"
512 "HREEOTA3gQ9zYWthbmVAa2FtZS5uZXSHBM6vIHWCHjIwNi0xNzUtMzItMTE3LnZw\n"
513 "bndvcmtzaG9wLmNvbTATBgNVHSUEDDAKBggrBgEFBQgCAjALBgNVHQ8EBAMCAKAw\n"
514 "KwYDVR0QBCQwIoAPMjAwMDA5MTgyMzAwMzdagQ8yMDAyMTAyNTExMzAzN1owWgYD\n"
515 "VR0fBFMwUTBPoE2gS6RJMEcxCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFbnRydXN0\n"
516 "MRcwFQYDVQQLEw5WUE4gSW50ZXJvcCBSTzENMAsGA1UEAxMEQ1JMMTAfBgNVHSME\n"
517 "GDAWgBTzVmhu0tBoWKwkZE5mXpooE9630DAdBgNVHQ4EFgQUEgBHPtXggJqei5Xz\n"
518 "92CrWXTJxfAwCQYDVR0TBAIwADAZBgkqhkiG9n0HQQAEDDAKGwRWNS4wAwIEsDAN\n"
519 "BgkqhkiG9w0BAQUFAAOBgQCIFriNGMUE8GH5LuDrTJfA8uGx8vLy2seljuo694TR\n"
520 "et/ojp9QnfOJ1PF9iAdGaEaSLfkwhY4fZNZzxic5HBoHLeo9BXLP7i7FByXjvOZC\n"
521 "Y8++0dC8NVvendIILcJBM5nbDq1TqIbb8K3SP80XhO5JLVJkoZiQftAMjo0peZPO\n"
522 "EQ==\n"
523 "-----END CERTIFICATE-----\n\n",
524           NULL,
525           };
526 
527           if (path == NULL)
528                     return (char **)&samplecerts;
529 
530           stat(path, &sb);
531           if (!(sb.st_mode & S_IFDIR)) {
532                     printf("ERROR: %s is not directory.\n", path);
533                     exit(0);
534           }
535 
536           dirp = opendir(path);
537           if (dirp == NULL) {
538                     printf("opendir failed.\n");
539                     exit(0);
540           }
541 
542           n = 0;
543           while ((dp = readdir(dirp)) != NULL) {
544                     if (dp->d_type != DT_REG)
545                               continue;
546                     if (strcmp(dp->d_name + strlen(dp->d_name) - 4, "cert"))
547                               continue;
548                     snprintf(buf, sizeof(buf), "%s/%s", path, dp->d_name);
549                     stat(buf, &sb);
550 
551                     p = (char **)realloc(certs, (n + 1) * sizeof(certs));
552                     if (p == NULL)
553                               err(1, "realloc");
554                     certs = p;
555 
556                     certs[n] = malloc(sb.st_size + 1);
557                     if (certs[n] == NULL)
558                               err(1, "malloc");
559 
560                     fd = open(buf, O_RDONLY);
561                     if (fd == -1)
562                               err(1, "open");
563                     len = read(fd, certs[n], sb.st_size);
564                     if (len == -1)
565                               err(1, "read");
566                     if (len != sb.st_size)
567                               errx(1, "read: length mismatch");
568                     certs[n][sb.st_size] = '\0';
569                     close(fd);
570 
571                     printf("%s: %d\n", dp->d_name, (int)sb.st_size);
572 
573                     n++;
574           }
575           closedir(dirp);
576 
577           p = (char **)realloc(certs, (n + 1) * sizeof(certs));
578           if (p == NULL)
579                     err(1, "realloc");
580           certs = p;
581           certs[n] = NULL;
582 
583           return certs;
584 }
585 #endif /* CERTTEST_BROKEN */
586 
587 typedef vchar_t* (eay_func) (vchar_t *, vchar_t *, vchar_t *);
588 
589 static int
ciphertest_1(const char * name,vchar_t * data,size_t data_align,vchar_t * key,size_t min_keysize,vchar_t * iv0,size_t iv_length,eay_func encrypt,eay_func decrypt)590 ciphertest_1 (const char *name,
591                 vchar_t *data,
592                 size_t data_align,
593                 vchar_t *key,
594                 size_t min_keysize,
595                 vchar_t *iv0,
596                 size_t iv_length,
597                 eay_func encrypt,
598                 eay_func decrypt)
599 {
600           int padlen;
601           vchar_t *buf, *iv, *res1, *res2;
602           iv = vmalloc(iv_length);
603 
604           printf("Test for cipher %s\n", name);
605           printf("data:\n");
606           PVDUMP(data);
607 
608           if (data_align <= 1 || (data->l % data_align) == 0)
609             padlen = 0;
610           else
611             padlen = data_align - data->l % data_align;
612 
613           buf = vmalloc(data->l + padlen);
614           memcpy(buf->v, data->v, data->l);
615 
616           memcpy(iv->v, iv0->v, iv_length);
617           res1 = (encrypt)(buf, key, iv);
618           if (res1 == NULL) {
619                     printf("%s encryption failed.\n", name);
620                     return -1;
621           }
622           printf("encrypted:\n");
623           PVDUMP(res1);
624 
625           memcpy(iv->v, iv0->v, iv_length);
626           res2 = (decrypt)(res1, key, iv);
627           if (res2 == NULL) {
628                     printf("%s decryption failed.\n", name);
629                     return -1;
630           }
631           printf("decrypted:\n");
632           PVDUMP(res2);
633 
634           if (memcmp(data->v, res2->v, data->l)) {
635                     printf("XXXX NG (%s) XXXX\n", name);
636                     return -1;
637           }
638           else
639                     printf("%s cipher verified.\n", name);
640           vfree(res1);
641           vfree(res2);
642           vfree(buf);
643           vfree(iv);
644 
645           return 0;
646 }
647 
648 int
ciphertest(ac,av)649 ciphertest(ac, av)
650           int ac;
651           char **av;
652 {
653           vchar_t data;
654           vchar_t key;
655           vchar_t iv0;
656 
657           printf("\n**Testing CIPHERS**\n");
658 
659           data.v = str2val("\
660 06000017 03000000 73616b61 6e65406b 616d652e 6e657409 0002c104 308202b8 \
661 04f05a90 \
662           ", 16, &data.l);
663           key.v = str2val("f59bd70f 81b9b9cc 2a32c7fd 229a4b37", 16, &key.l);
664           iv0.v = str2val("26b68c90 9467b4ab 7ec29fa0 0b696b55", 16, &iv0.l);
665 
666           if (ciphertest_1 ("DES",
667                                 &data, 8,
668                                 &key, 8,
669                                 &iv0, 8,
670                                 eay_des_encrypt, eay_des_decrypt) < 0)
671             return -1;
672 
673           if (ciphertest_1 ("3DES",
674                                 &data, 8,
675                                 &key, 24,
676                                 &iv0, 8,
677                                 eay_3des_encrypt, eay_3des_decrypt) < 0)
678             return -1;
679 
680           if (ciphertest_1 ("AES",
681                                 &data, 16,
682                                 &key, key.l,
683                                 &iv0, 16,
684                                 eay_aes_encrypt, eay_aes_decrypt) < 0)
685             return -1;
686 
687           if (ciphertest_1 ("BLOWFISH",
688                                 &data, 8,
689                                 &key, key.l,
690                                 &iv0, 8,
691                                 eay_bf_encrypt, eay_bf_decrypt) < 0)
692             return -1;
693 
694           if (ciphertest_1 ("CAST",
695                                 &data, 8,
696                                 &key, key.l,
697                                 &iv0, 8,
698                                 eay_cast_encrypt, eay_cast_decrypt) < 0)
699             return -1;
700 
701 #ifdef HAVE_OPENSSL_IDEA_H
702           if (ciphertest_1 ("IDEA",
703                                 &data, 8,
704                                 &key, key.l,
705                                 &iv0, 8,
706                                 eay_idea_encrypt, eay_idea_decrypt) < 0)
707             return -1;
708 #endif
709 
710 #ifdef HAVE_OPENSSL_RC5_H
711           if (ciphertest_1 ("RC5",
712                                 &data, 8,
713                                 &key, key.l,
714                                 &iv0, 8,
715                                 eay_rc5_encrypt, eay_rc5_decrypt) < 0)
716             return -1;
717 #endif
718 #if defined(HAVE_OPENSSL_CAMELLIA_H)
719           if (ciphertest_1 ("CAMELLIA",
720                                 &data, 16,
721                                 &key, key.l,
722                                 &iv0, 16,
723                                 eay_camellia_encrypt, eay_camellia_decrypt) < 0)
724             return -1;
725 #endif
726           return 0;
727 }
728 
729 int
hmactest(ac,av)730 hmactest(ac, av)
731           int ac;
732           char **av;
733 {
734           char *keyword = "hehehe test secret!";
735           char *object  = "d7e6a6c1876ef0488bb74958b9fee94e";
736           char *object1 = "d7e6a6c1876ef048";
737           char *object2 =                 "8bb74958b9fee94e";
738           char *r_hmd5  = "5702d7d1 fd1bfc7e 210fc9fa cda7d02c";
739           char *r_hsha1 = "309999aa 9779a43e ebdea839 1b4e7ee1 d8646874";
740 #ifdef WITH_SHA2
741           char *r_hsha2 = "d47262d8 a5b6f39d d8686939 411b3e79 ed2e27f9 2c4ea89f dd0a06ae 0c0aa396";
742 #endif
743           vchar_t *key, *data, *data1, *data2, *res;
744           vchar_t mod;
745           caddr_t ctx;
746 
747 #ifdef WITH_SHA2
748           printf("\n**Test for HMAC MD5, SHA1, and SHA256.**\n");
749 #else
750           printf("\n**Test for HMAC MD5 & SHA1.**\n");
751 #endif
752 
753           key = vmalloc(strlen(keyword));
754           memcpy(key->v, keyword, key->l);
755 
756           data = vmalloc(strlen(object));
757           data1 = vmalloc(strlen(object1));
758           data2 = vmalloc(strlen(object2));
759           memcpy(data->v, object, data->l);
760           memcpy(data1->v, object1, data1->l);
761           memcpy(data2->v, object2, data2->l);
762 
763           /* HMAC MD5 */
764           printf("HMAC MD5 by eay_hmacmd5_one()\n");
765           res = eay_hmacmd5_one(key, data);
766           PVDUMP(res);
767           mod.v = str2val(r_hmd5, 16, &mod.l);
768           if (memcmp(res->v, mod.v, mod.l)) {
769                     printf(" XXX NG XXX\n");
770                     return -1;
771           }
772           free(mod.v);
773           vfree(res);
774 
775           /* HMAC MD5 */
776           printf("HMAC MD5 by eay_hmacmd5_xxx()\n");
777           ctx = eay_hmacmd5_init(key);
778           eay_hmacmd5_update(ctx, data1);
779           eay_hmacmd5_update(ctx, data2);
780           res = eay_hmacmd5_final(ctx);
781           PVDUMP(res);
782           mod.v = str2val(r_hmd5, 16, &mod.l);
783           if (memcmp(res->v, mod.v, mod.l)) {
784                     printf(" XXX NG XXX\n");
785                     return -1;
786           }
787           free(mod.v);
788           vfree(res);
789 
790           /* HMAC SHA1 */
791           printf("HMAC SHA1 by eay_hmacsha1_one()\n");
792           res = eay_hmacsha1_one(key, data);
793           PVDUMP(res);
794           mod.v = str2val(r_hsha1, 16, &mod.l);
795           if (memcmp(res->v, mod.v, mod.l)) {
796                     printf(" XXX NG XXX\n");
797                     return -1;
798           }
799           free(mod.v);
800           vfree(res);
801 
802           /* HMAC SHA1 */
803           printf("HMAC SHA1 by eay_hmacsha1_xxx()\n");
804           ctx = eay_hmacsha1_init(key);
805           eay_hmacsha1_update(ctx, data1);
806           eay_hmacsha1_update(ctx, data2);
807           res = eay_hmacsha1_final(ctx);
808           PVDUMP(res);
809           mod.v = str2val(r_hsha1, 16, &mod.l);
810           if (memcmp(res->v, mod.v, mod.l)) {
811                     printf(" XXX NG XXX\n");
812                     return -1;
813           }
814           free(mod.v);
815           vfree(res);
816 
817 #ifdef WITH_SHA2
818           /* HMAC SHA2 */
819           printf("HMAC SHA2 by eay_hmacsha2_256_one()\n");
820           res = eay_hmacsha2_256_one(key, data);
821           PVDUMP(res);
822           mod.v = str2val(r_hsha2, 16, &mod.l);
823           if (memcmp(res->v, mod.v, mod.l)) {
824                     printf(" XXX NG XXX\n");
825                     return -1;
826           }
827           free(mod.v);
828           vfree(res);
829 #endif
830 
831           vfree(data);
832           vfree(data1);
833           vfree(data2);
834           vfree(key);
835 
836           return 0;
837 }
838 
839 int
sha1test(ac,av)840 sha1test(ac, av)
841           int ac;
842           char **av;
843 {
844           char *word1 = "1234567890", *word2 = "12345678901234567890";
845           caddr_t ctx;
846           vchar_t *buf, *res;
847 
848           printf("\n**Test for SHA1.**\n");
849 
850           ctx = eay_sha1_init();
851           buf = vmalloc(strlen(word1));
852           memcpy(buf->v, word1, buf->l);
853           eay_sha1_update(ctx, buf);
854           eay_sha1_update(ctx, buf);
855           res = eay_sha1_final(ctx);
856           PVDUMP(res);
857           vfree(res);
858           vfree(buf);
859 
860           ctx = eay_sha1_init();
861           buf = vmalloc(strlen(word2));
862           memcpy(buf->v, word2, buf->l);
863           eay_sha1_update(ctx, buf);
864           res = eay_sha1_final(ctx);
865           PVDUMP(res);
866           vfree(res);
867 
868           res = eay_sha1_one(buf);
869           PVDUMP(res);
870           vfree(res);
871           vfree(buf);
872 
873           return 0;
874 }
875 
876 int
md5test(ac,av)877 md5test(ac, av)
878           int ac;
879           char **av;
880 {
881           char *word1 = "1234567890", *word2 = "12345678901234567890";
882           caddr_t ctx;
883           vchar_t *buf, *res;
884 
885           printf("\n**Test for MD5.**\n");
886 
887           ctx = eay_md5_init();
888           buf = vmalloc(strlen(word1));
889           memcpy(buf->v, word1, buf->l);
890           eay_md5_update(ctx, buf);
891           eay_md5_update(ctx, buf);
892           res = eay_md5_final(ctx);
893           PVDUMP(res);
894           vfree(res);
895           vfree(buf);
896 
897           ctx = eay_md5_init();
898           buf = vmalloc(strlen(word2));
899           memcpy(buf->v, word2, buf->l);
900           eay_md5_update(ctx, buf);
901           res = eay_md5_final(ctx);
902           PVDUMP(res);
903           vfree(res);
904 
905           res = eay_md5_one(buf);
906           PVDUMP(res);
907           vfree(res);
908           vfree(buf);
909 
910           return 0;
911 }
912 
913 int
dhtest(ac,av)914 dhtest(ac, av)
915           int ac;
916           char **av;
917 {
918           static struct {
919                     char *name;
920                     char *p;
921           } px[] = {
922                     { "modp768",        OAKLEY_PRIME_MODP768, },
923                     { "modp1024",       OAKLEY_PRIME_MODP1024, },
924                     { "modp1536",       OAKLEY_PRIME_MODP1536, },
925                     { "modp2048",       OAKLEY_PRIME_MODP2048, },
926                     { "modp3072",       OAKLEY_PRIME_MODP3072, },
927                     { "modp4096",       OAKLEY_PRIME_MODP4096, },
928                     { "modp6144",       OAKLEY_PRIME_MODP6144, },
929                     { "modp8192",       OAKLEY_PRIME_MODP8192, },
930           };
931           vchar_t p1, *pub1, *priv1, *gxy1;
932           vchar_t p2, *pub2, *priv2, *gxy2;
933           int i;
934 
935           printf("\n**Test for DH.**\n");
936 
937           for (i = 0; i < sizeof(px)/sizeof(px[0]); i++) {
938                     printf("\n**Test for DH %s.**\n", px[i].name);
939 
940                     p1.v = str2val(px[i].p, 16, &p1.l);
941                     p2.v = str2val(px[i].p, 16, &p2.l);
942                     printf("prime number = \n"); PVDUMP(&p1);
943 
944                     if (eay_dh_generate(&p1, 2, 96, &pub1, &priv1) < 0) {
945                               printf("error\n");
946                               return -1;
947                     }
948                     printf("private key for user 1 = \n"); PVDUMP(priv1);
949                     printf("public key for user 1  = \n"); PVDUMP(pub1);
950 
951                     if (eay_dh_generate(&p2, 2, 96, &pub2, &priv2) < 0) {
952                               printf("error\n");
953                               return -1;
954                     }
955                     printf("private key for user 2 = \n"); PVDUMP(priv2);
956                     printf("public key for user 2  = \n"); PVDUMP(pub2);
957 
958                     /* process to generate key for user 1 */
959                     gxy1 = vmalloc(p1.l);
960                     memset(gxy1->v, 0, gxy1->l);
961                     eay_dh_compute(&p1, 2, pub1, priv1, pub2, &gxy1);
962                     printf("sharing gxy1 of user 1 = \n"); PVDUMP(gxy1);
963 
964                     /* process to generate key for user 2 */
965                     gxy2 = vmalloc(p1.l);
966                     memset(gxy2->v, 0, gxy2->l);
967                     eay_dh_compute(&p2, 2, pub2, priv2, pub1, &gxy2);
968                     printf("sharing gxy2 of user 2 = \n"); PVDUMP(gxy2);
969 
970                     if (memcmp(gxy1->v, gxy2->v, gxy1->l)) {
971                               printf("ERROR: sharing gxy mismatched.\n");
972                               return -1;
973                     }
974 
975                     vfree(pub1);
976                     vfree(pub2);
977                     vfree(priv1);
978                     vfree(priv2);
979                     vfree(gxy1);
980                     vfree(gxy2);
981           }
982 
983           return 0;
984 }
985 
986 int
bntest(ac,av)987 bntest(ac, av)
988           int ac;
989           char **av;
990 {
991           vchar_t *rn;
992 
993           printf("\n**Test for generate a random number.**\n");
994 
995           rn = eay_set_random((uint32_t)96);
996           PVDUMP(rn);
997           vfree(rn);
998 
999           return 0;
1000 }
1001 
1002 struct {
1003           char *name;
1004           int (*func)(int, char **);
1005 } func[] = {
1006           { "random", bntest, },
1007           { "dh", dhtest, },
1008           { "md5", md5test, },
1009           { "sha1", sha1test, },
1010           { "hmac", hmactest, },
1011           { "cipher", ciphertest, },
1012 #ifndef CERTTEST_BROKEN
1013           { "cert", certtest, },
1014 #endif
1015           { "rsa", rsatest, },
1016 };
1017 
1018 int
main(ac,av)1019 main(ac, av)
1020           int ac;
1021           char **av;
1022 {
1023           int i;
1024           int len = sizeof(func)/sizeof(func[0]);
1025 
1026           f_foreground = 1;
1027           ploginit();
1028 
1029           printf ("\nTestsuite of the %s\nlinked with %s\n\n", TOP_PACKAGE_STRING, eay_version());
1030 
1031           if (strcmp(*av, "-h") == 0)
1032                     Usage();
1033 
1034           ac--;
1035           av++;
1036 
1037           for (i = 0; i < len; i++) {
1038                     if ((ac == 0) || (strcmp(*av, func[i].name) == 0)) {
1039                               if ((func[i].func)(ac, av) != 0) {
1040                                         printf ("\n!!!!! Test '%s' failed. !!!!!\n\n", func[i].name);
1041                                         exit(1);
1042                               }
1043                               if (ac)
1044                                         break;
1045                     }
1046           }
1047           if (ac && i == len)
1048                     Usage();
1049 
1050           printf ("\n===== All tests passed =====\n\n");
1051           exit(0);
1052 }
1053 
1054 void
Usage()1055 Usage()
1056 {
1057           int i;
1058           int len = sizeof(func)/sizeof(func[0]);
1059 
1060           printf("Usage: eaytest [");
1061           for (i = 0; i < len; i++)
1062                     printf("%s%s", func[i].name, (i<len-1)?"|":"");
1063           printf("]\n");
1064 #ifndef CERTTEST_BROKEN
1065           printf("       eaytest cert [cert_directory]\n");
1066 #endif
1067           exit(1);
1068 }
1069 
1070