summaryrefslogtreecommitdiff
path: root/cp/test/src/test_secu.c
diff options
context:
space:
mode:
authorGuillaume2007-08-27 16:12:46 +0000
committerGuillaume2007-08-27 16:12:46 +0000
commit5c2b349a7f434843c82794ea61bb5378fb7d2f23 (patch)
treebc7383aafa9544b0de0090b4df552e1a4cf3f491 /cp/test/src/test_secu.c
parentef68d46930377e2b373321b9a9934be5433da140 (diff)
Creation of modules :
cp/interf cp/msg cp/test and of file : cp/cp_types.h git-svn-id: svn+ssh://pessac/svn/cesar/trunk@619 017c9cb6-072f-447c-8318-d5b54f68fe89
Diffstat (limited to 'cp/test/src/test_secu.c')
-rw-r--r--cp/test/src/test_secu.c479
1 files changed, 479 insertions, 0 deletions
diff --git a/cp/test/src/test_secu.c b/cp/test/src/test_secu.c
new file mode 100644
index 0000000000..dff7d0943b
--- /dev/null
+++ b/cp/test/src/test_secu.c
@@ -0,0 +1,479 @@
+/* Cesar project {{{
+ *
+ * Copyright (C) 2007 Spidcom
+ *
+ * <<<Licence>>>
+ *
+ * }}} */
+/**
+ * \file cp/test/test_secu.c
+ * \brief unit tests for secu module
+ * \ingroup cp_test
+ */
+
+#include "common/std.h"
+#include "cp/test/test_secu.h"
+
+/*
+ * Déclaration des fonctions locales
+ */
+ int sha2_self_test(void);
+ int sha2_self_test_wikipedia(void);
+ int CheckPasswordValidity_test(void);
+ int pbkdf1_test(void);
+ int aes_self_test(void);
+ int aes_avs_test(void);
+ int SECU_Init_Test(void);
+ int SECU_Hash_Test(void);
+ int SECU_GenAESKey_Test(void);
+ int SECU_GenNonce_Test(void);
+ int SECU_ProtocolRun_Test(void);
+
+
+/*
+ * Test de la fonction sha2
+ */
+
+/*
+ * FIPS-180-2 test vectors
+ */
+
+//static const char sha2_test_str[3][57] =
+static char sha2_test_str[3][57] =
+{
+ { "abc" },
+ { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
+ { "" }
+};
+
+static const unsigned char sha2_test_sum[6][32] =
+{
+ /*
+ * SHA-224 test vectors
+ */
+ { 0x23, 0x09, 0x7D, 0x22, 0x34, 0x05, 0xD8, 0x22,
+ 0x86, 0x42, 0xA4, 0x77, 0xBD, 0xA2, 0x55, 0xB3,
+ 0x2A, 0xAD, 0xBC, 0xE4, 0xBD, 0xA0, 0xB3, 0xF7,
+ 0xE3, 0x6C, 0x9D, 0xA7 },
+ { 0x75, 0x38, 0x8B, 0x16, 0x51, 0x27, 0x76, 0xCC,
+ 0x5D, 0xBA, 0x5D, 0xA1, 0xFD, 0x89, 0x01, 0x50,
+ 0xB0, 0xC6, 0x45, 0x5C, 0xB4, 0xF5, 0x8B, 0x19,
+ 0x52, 0x52, 0x25, 0x25 },
+ { 0x20, 0x79, 0x46, 0x55, 0x98, 0x0C, 0x91, 0xD8,
+ 0xBB, 0xB4, 0xC1, 0xEA, 0x97, 0x61, 0x8A, 0x4B,
+ 0xF0, 0x3F, 0x42, 0x58, 0x19, 0x48, 0xB2, 0xEE,
+ 0x4E, 0xE7, 0xAD, 0x67 },
+
+ /*
+ * SHA-256 test vectors
+ */
+ { 0xBA, 0x78, 0x16, 0xBF, 0x8F, 0x01, 0xCF, 0xEA,
+ 0x41, 0x41, 0x40, 0xDE, 0x5D, 0xAE, 0x22, 0x23,
+ 0xB0, 0x03, 0x61, 0xA3, 0x96, 0x17, 0x7A, 0x9C,
+ 0xB4, 0x10, 0xFF, 0x61, 0xF2, 0x00, 0x15, 0xAD },
+ { 0x24, 0x8D, 0x6A, 0x61, 0xD2, 0x06, 0x38, 0xB8,
+ 0xE5, 0xC0, 0x26, 0x93, 0x0C, 0x3E, 0x60, 0x39,
+ 0xA3, 0x3C, 0xE4, 0x59, 0x64, 0xFF, 0x21, 0x67,
+ 0xF6, 0xEC, 0xED, 0xD4, 0x19, 0xDB, 0x06, 0xC1 },
+ { 0xCD, 0xC7, 0x6E, 0x5C, 0x99, 0x14, 0xFB, 0x92,
+ 0x81, 0xA1, 0xC7, 0xE2, 0x84, 0xD7, 0x3E, 0x67,
+ 0xF1, 0x80, 0x9A, 0x48, 0xA4, 0x97, 0x20, 0x0E,
+ 0x04, 0x6D, 0x39, 0xCC, 0xC7, 0x11, 0x2C, 0xD0 }
+};
+
+/*
+ * Checkup routine
+ */
+int
+sha2_self_test(void)
+{
+ //int verbose = 0;
+ int i, j, k;
+ unsigned char buf[1000];
+ unsigned char sha2sum[32];
+ sha2_context ctx;
+
+ memset( buf, 'a', 1000 );
+
+ for( i = 0; i < 6; i++ )
+ {
+ j = i % 3;
+ k = i < 3;
+
+ sha2_starts( &ctx, k );
+ if( j < 2 ) sha2_update( &ctx, (unsigned char *)sha2_test_str[j], strlen( sha2_test_str[j] ) );
+ else
+ {
+ for( j = 0; j < 1000; j++ ) sha2_update( &ctx, buf, 1000 );
+ }
+ sha2_finish( &ctx, sha2sum );
+ if( memcmp( sha2sum, sha2_test_sum[i], 32 - k * 4 ) != 0 )
+ {
+ return( 1 );
+ }
+ }
+ return( 0 );
+}
+
+
+int
+sha2_self_test_wikipedia(void)
+{
+ unsigned int i;
+ int j, errcount = 0;
+ unsigned char output[SHA256OutputSize];
+ unsigned char samples[3][44] =
+ {
+ {"The quick brown fox jumps over the lazy dog"},
+ {"The quick brown fox jumps over the lazy cog"},
+ {""}
+ };
+ unsigned char samplesres[3][SHA256OutputSize] =
+ {
+ {0xd7, 0xa8, 0xfb, 0xb3, 0x07, 0xd7, 0x80, 0x94 , 0x69, 0xca, 0x9a, 0xbc, 0xb0, 0x08, 0x2e, 0x4f, 0x8d, 0x56, 0x51, 0xe4, 0x6d, 0x3c, 0xdb, 0x76, 0x2d, 0x02, 0xd0, 0xbf ,0x37, 0xc9, 0xe5, 0x92},
+ {0xe4, 0xc4, 0xd8, 0xf3 , 0xbf, 0x76, 0xb6, 0x92 , 0xde, 0x79, 0x1a, 0x17 , 0x3e, 0x05, 0x32, 0x11 , 0x50, 0xf7, 0xa3, 0x45 , 0xb4, 0x64, 0x84, 0xfe, 0x42, 0x7f, 0x6a, 0xcc, 0x7e, 0xcc, 0x81, 0xbe},
+ {0xe3, 0xb0, 0xc4, 0x42 , 0x98, 0xfc, 0x1c, 0x14 , 0x9a, 0xfb, 0xf4, 0xc8 , 0x99, 0x6f, 0xb9, 0x24 , 0x27, 0xae, 0x41, 0xe4 , 0x64, 0x9b, 0x93, 0x4c , 0xa4, 0x95, 0x99, 0x1b , 0x78, 0x52, 0xb8, 0x55}
+ };
+
+ for(i=0 ; i<COUNT(samples) ; i++)
+ {
+ if(i!=2) sha2(samples[i], 43, output, 0);
+ else sha2(samples[i], 0, output, 0);
+ for(j=0 ; j<32 ; j++)
+ {
+ if(output[j] != samplesres[i][j]) errcount++;
+ }
+ }
+ return(errcount);
+}
+
+
+/*
+ * Test de la fonction CheckPasswordValidity
+ */
+struct T_PwdTest
+{
+ E_PWDType PWDType;
+ unsigned char Password[MaxPwdSize+1];
+ unsigned int ExpResult;
+};
+
+int CheckPasswordValidity_test(void)
+{
+ struct T_PwdTest PwdTest[]=
+ {
+ {0x32, "abcd efgh ijkl mnop", Failure}, // type de mot de passe incorrect
+ {PWD_DPW, "abcd efgh ijkl m", Success}, // le plus petit mot de passe DPW
+ {PWD_NPW, "abcd efg", Success}, // le plus petit mot de passe NPW
+ {PWD_DPW, "abcd abcd abcd abcd abcd abcd abcd abcd abcd abcd abcd abcd abcd", Success}, // le plus grand mot de passe
+ {PWD_DPW, "abcd efgh ijkl ", PWD_WrongSize}, // mot de passe DPW trop petit
+ {PWD_NPW, "abcd ef", PWD_WrongSize}, // mot de passe NPW trop petit
+ {PWD_DPW, "abcd efgh ijkl m\x1F", PWD_ForbidenChar}, // mot de passe avec caractère incorrect
+ {PWD_DPW, "abcd efgh ijkl m\x80", PWD_ForbidenChar} // mot de passe avec caractère incorrect
+ };
+ unsigned int i;
+ for(i=0 ; i<COUNT(PwdTest) ; i++)
+ {
+ if(CheckPasswordValidity(PwdTest[i].PWDType, PwdTest[i].Password) != PwdTest[i].ExpResult) return Failure;
+ }
+ return Success;
+}
+
+/*
+ * Test de la fonction pbkdf1
+ */
+struct T_pbkdf1Test
+{
+ u8 Password[MaxPwdSize+1];
+ u8 Salt[8];
+ int ItCount;
+ u8 ExpOutputKey[OutputKeySize];
+};
+
+int pbkdf1_test(void)
+{
+ unsigned int i;
+ unsigned char OutputKey[OutputKeySize];
+ struct T_pbkdf1Test pbkdf1Test[]=
+ {
+ {
+ "hello world how are you?",
+ { 0x58, 0x56, 0x52, 0xf6, 0x9c, 0x04, 0xb5, 0x72},
+ 999,
+ {0x84, 0x33, 0x45, 0x96, 0xab, 0xe5, 0x1e, 0x60, 0x7e, 0x63, 0x8f, 0x4b, 0x2d, 0x8c, 0x51, 0x68}
+ }, //
+ };
+ for(i=0 ; i<COUNT(pbkdf1Test) ; i++)
+ {
+ pbkdf1(pbkdf1Test[i].Password, pbkdf1Test[i].Salt, pbkdf1Test[i].ItCount, OutputKey);
+ if(memcmp( OutputKey, pbkdf1Test[i].ExpOutputKey, OutputKeySize)) return Failure;
+ }
+ return Success;
+
+}
+
+/*
+ * Test des fonctions AES
+ */
+
+/*
+ * AES-ECB test vectors (source: NIST, rijndael-vals.zip)
+ */
+
+/*
+ * Checkup routine
+ */
+int aes_self_test(void)
+{
+ //int verbose = 0;
+ int i, j, u, v;
+ aes_context ctx;
+ unsigned char buf[32];
+
+ uint8 aes_enc_test[3][16] =
+ {
+ { 0xC3, 0x4C, 0x05, 0x2C, 0xC0, 0xDA, 0x8D, 0x73,
+ 0x45, 0x1A, 0xFE, 0x5F, 0x03, 0xBE, 0x29, 0x7F },
+ { 0xF3, 0xF6, 0x75, 0x2A, 0xE8, 0xD7, 0x83, 0x11,
+ 0x38, 0xF0, 0x41, 0x56, 0x06, 0x31, 0xB1, 0x14 },
+ { 0x8B, 0x79, 0xEE, 0xCC, 0x93, 0xA0, 0xEE, 0x5D,
+ 0xFF, 0x30, 0xB4, 0xEA, 0x21, 0x63, 0x6D, 0xA4 }
+ };
+
+ uint8 aes_dec_test[3][16] =
+ {
+ { 0x44, 0x41, 0x6A, 0xC2, 0xD1, 0xF5, 0x3C, 0x58,
+ 0x33, 0x03, 0x91, 0x7E, 0x6B, 0xE9, 0xEB, 0xE0 },
+ { 0x48, 0xE3, 0x1E, 0x9E, 0x25, 0x67, 0x18, 0xF2,
+ 0x92, 0x29, 0x31, 0x9C, 0x19, 0xF1, 0x5B, 0xA4 },
+ { 0x05, 0x8C, 0xCF, 0xFD, 0xBB, 0xCB, 0x38, 0x2D,
+ 0x1F, 0x6F, 0x56, 0x58, 0x5D, 0x8A, 0x4A, 0xDE }
+ };
+
+ for( i = 0; i < 6; i++ )
+ {
+ u = i >> 1;
+ v = i & 1;
+
+ memset( buf, 0, 32 );
+ aes_set_key( &ctx, buf, 128 + u * 64 );
+ for( j = 0; j < 10000; j++ )
+ {
+ if( v == 0 ) aes_encrypt( &ctx, buf, buf );
+ if( v == 1 ) aes_decrypt( &ctx, buf, buf );
+ }
+ if( ( v == 0 && memcmp( buf, aes_enc_test[u], 16 ) != 0 ) ||
+ ( v == 1 && memcmp( buf, aes_dec_test[u], 16 ) != 0 ) )
+ {
+ return( 1 );
+ }
+ }
+ return( 0 );
+}
+/*
+ * test la fonction aes avec d'autres vecteurs de test fournis par le NIS
+ */
+#define AES_TEXT_SIZE 112
+struct T_aes_test
+{
+ unsigned char Key[AESKeySize];
+ unsigned char IV[16];
+ unsigned char PlainText[AES_TEXT_SIZE];
+ int len;
+ unsigned char CypherText[AES_TEXT_SIZE];
+};
+
+int aes_avs_test(void)
+{
+ aes_context ctx;
+ unsigned char AESOutput[AES_TEXT_SIZE];
+ unsigned char tmp[AES_TEXT_SIZE];
+ unsigned int i;
+ int nbfailed = 0;
+ struct T_aes_test aes_test[]=
+ {
+ { // élément de test http://www.faqs.org/rfcs/rfc3602.html case #1
+ {0x06, 0xa9, 0x21, 0x40, 0x36, 0xb8, 0xa1, 0x5b, 0x51, 0x2e, 0x03, 0xd5, 0x34, 0x12, 0x00, 0x06},
+ {0x3d, 0xaf, 0xba, 0x42, 0x9d, 0x9e, 0xb4, 0x30, 0xb4, 0x22, 0xda, 0x80, 0x2c, 0x9f, 0xac, 0x41},
+ {"Single block msg"},
+ 16,
+ {0xe3, 0x53, 0x77, 0x9c, 0x10, 0x79, 0xae, 0xb8, 0x27, 0x08, 0x94, 0x2d, 0xbe, 0x77, 0x18, 0x1a}
+ },
+
+ { // élément de test http://www.faqs.org/rfcs/rfc3602.html case #4
+ {0x56, 0xe4, 0x7a, 0x38, 0xc5, 0x59, 0x89, 0x74, 0xbc, 0x46, 0x90, 0x3d, 0xba, 0x29, 0x03, 0x49},
+ {0x8c, 0xe8, 0x2e, 0xef, 0xbe, 0xa0, 0xda, 0x3c, 0x44, 0x69, 0x9e, 0xd7, 0xdb, 0x51, 0xb7, 0xd9},
+ {0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf,
+ 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
+ 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf,
+ 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf},
+ 64,
+ {0xc3, 0x0e, 0x32, 0xff, 0xed, 0xc0, 0x77, 0x4e, 0x6a, 0xff, 0x6a, 0xf0, 0x86, 0x9f, 0x71, 0xaa,
+ 0x0f, 0x3a, 0xf0, 0x7a, 0x9a, 0x31, 0xa9, 0xc6, 0x84, 0xdb, 0x20, 0x7e, 0xb0, 0xef, 0x8e, 0x4e,
+ 0x35, 0x90, 0x7a, 0xa6, 0x32, 0xc3, 0xff, 0xdf, 0x86, 0x8b, 0xb7, 0xb2, 0x9d, 0x3d, 0x46, 0xad,
+ 0x83, 0xce, 0x9f, 0x9a, 0x10, 0x2e, 0xe9, 0x9d, 0x49, 0xa5, 0x3e, 0x87, 0xf4, 0xc3, 0xda, 0x55}
+ }
+
+ };
+ // teste une valeur de clé incorrecte
+ aes_set_key( &ctx, aes_test[0].Key, 1);
+
+ // vérifie le fonctionnement de l'encryptage/décryptage AES
+ aes_set_key( &ctx, aes_test[0].Key, AESKeySize*8);
+ aes_encrypt( &ctx, aes_test[0].PlainText, AESOutput);
+ aes_decrypt( &ctx, AESOutput, tmp);
+ if(memcmp(tmp, aes_test[0].PlainText, aes_test[0].len) != 0)
+ {
+ nbfailed++;
+ }
+
+ // test du mode CBC
+ for(i=0 ; i<COUNT(aes_test) ; i++)
+ {
+ aes_set_key( &ctx, aes_test[i].Key, AESKeySize*8);
+ aes_cbc_encrypt(&ctx, aes_test[i].IV, aes_test[i].PlainText, AESOutput, aes_test[i].len);
+ if(memcmp(aes_test[i].CypherText, AESOutput, aes_test[i].len) != 0)
+ {
+ nbfailed++;
+ break;
+ }
+
+ aes_set_key( &ctx, aes_test[i].Key, AESKeySize*8);
+ aes_cbc_decrypt(&ctx, aes_test[i].IV, aes_test[i].CypherText, tmp, aes_test[i].len);
+ if(memcmp(aes_test[i].PlainText, tmp, aes_test[i].len) != 0)
+ {
+ nbfailed++;
+ //break;
+ }
+ }
+ return nbfailed;
+}
+
+/*
+ * test de void SECU_Init(T_SEC *p_sec)
+ */
+int
+SECU_Init_Test(void)
+{
+ T_SEC sec;
+
+ SECU_Init(&sec);
+
+ return Success;
+}
+/*
+ * test de E_SecuErrCode SECU_Hash(E_PWDType PWDType, u8 in[], u8 out[])
+ */
+int SECU_Hash_Test(void)
+{
+ u8 out[AESKeySize];
+ u8 Pwd[] = "Hello world! what's up ?";
+ return SECU_Hash(PWD_DPW, Pwd , out);
+}
+
+/*
+ * test de E_SecuErrCode SECU_GenAESKey(u8 Key[])
+ */
+int SECU_GenAESKey_Test(void)
+{
+ u8 key[AESKeySize];
+ E_ErrCode r;
+ unsigned int i;
+ u8 ExpRes[] = {0x18, 0x72, 0xce, 0x0, 0x56, 0xcb, 0xf2, 0xdf, 0x33, 0x5a, 0x6, 0x9c, 0x6b, 0x41, 0x2d, 0x26 };
+
+ r = SECU_GenAESKey(key);
+ if(r != Success) return r;
+ for(i=0 ; i<COUNT(ExpRes) ; i++) if(key[i] != ExpRes[i]) return Failure;
+ return Success;
+}
+
+/*
+ * test de E_SecuErrCode SECU_GenNonce(T_SEC *p_sec)
+ */
+int SECU_GenNonce_Test(void)
+{
+ T_SEC sec;
+ SECU_Init(&sec);
+ SECU_GenNonce(&sec);
+ if(sec.ProtocolRun.Nonce == 0xce7218) return Success; // résultat obtenu avec la clé par défaut de SECU_GenAESKey()
+ else return Failure;
+}
+
+/*
+ * test des protocol-run
+ */
+int SECU_ProtocolRun_Test(void)
+{
+ T_SEC STA_sec, CCO_sec;
+ T_ProtocolRun Msg;
+ E_PID PID = ProvStaWithNMKuUKE;
+
+ SECU_Init(&STA_sec);
+ SECU_Init(&CCO_sec);
+
+ // le CCO démarre un nouveau protocol-run
+ if(SECU_StartNewProtocolRun(&CCO_sec, PID) != Success) return Failure;
+ // on vérifie que les paramètres sont initialisés correctement
+ if(CCO_sec.ProtocolRun.PID != 0x3) return Failure;
+ //if(CCO_sec.ProtocolRun.PRN != 0xce7218) return Failure; // résultat obtenu avec la clé par défaut de SECU_GenAESKey()
+
+ // le CCO demande les paramètres du pr en cours
+ if(SECU_GenProtocolRunParam(&CCO_sec, &Msg, false) != Success) return Failure;
+ // la STA reçoit le premier message du pr
+ if(SECU_CheckProtocolRunParam(&STA_sec, Msg) != Success) return Failure;
+ // la STA génère un nouveau message
+ if(SECU_GenProtocolRunParam(&STA_sec, &Msg, false) != Success) return Failure;
+ // et le renvoie au CCO
+ if(SECU_CheckProtocolRunParam(&CCO_sec, Msg) != Success) return Failure;
+ // le CCO refait un message
+ if(SECU_GenProtocolRunParam(&CCO_sec, &Msg, false) != Success) return Failure;
+ // et le renvoie à la STA
+ if(SECU_CheckProtocolRunParam(&STA_sec, Msg) != Success) return Failure;
+ // la STA génère le dernier message du protocol run
+ if(SECU_GenProtocolRunParam(&STA_sec, &Msg, true) != Success) return Failure;
+ // et le renvoie au CCO
+ if(SECU_CheckProtocolRunParam(&CCO_sec, Msg) != Success) return Failure;
+ // le CCO ne peut plus renvoyer de messages
+ if(SECU_GenProtocolRunParam(&CCO_sec, &Msg, false) != PRN_NotInitialised) return Failure;
+
+ return Success;
+}
+
+
+
+
+
+struct T_SecuTest
+{
+ int(*func)(void);
+ char FuncName[30];
+};
+
+void SECU_Test(void)
+{
+ unsigned int i;
+ int res;
+ struct T_SecuTest SecuTest[]=
+ {
+ {sha2_self_test, "sha2 (1)"},
+ {sha2_self_test_wikipedia, "sha2 (2)"},
+ {CheckPasswordValidity_test,"CheckPasswordValidity"},
+ {pbkdf1_test, "pbkdf1"},
+ {aes_self_test, "aes (1)"},
+ {aes_avs_test, "aes (2)"},
+ {SECU_Init_Test, "SECU_Init"},
+ {SECU_Hash_Test, "SECU_Hash"},
+ {SECU_GenAESKey_Test, "SECU_GenAESKey"},
+ {SECU_GenNonce_Test, "SECU_GenNonce"},
+ {SECU_ProtocolRun_Test, "SECU_ProtocolRun"}
+ };
+
+ printf("test du module SECU\n");
+ for(i=0 ; i<COUNT(SecuTest) ; i++)
+ {
+ res = SecuTest[i].func();
+ printf(" %-50s", SecuTest[i].FuncName);
+ if(res == Success) printf("OK\n");
+ else printf("FAILED : %i\n", res);
+ }
+}