1 /*	$NetBSD: eaytest.c,v 1.7.6.2 2008/07/15 00:55:48 mgrooms Exp $	*/
2 
3 /* Id: eaytest.c,v 1.22 2005/06/19 18:02:54 manubsd Exp */
4 
5 /*
6  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
7  * All rights reserved.
8  *
9  * Redistribution and use in source and binary forms, with or without
10  * modification, are permitted provided that the following conditions
11  * are met:
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  * 2. Redistributions in binary form must reproduce the above copyright
15  *    notice, this list of conditions and the following disclaimer in the
16  *    documentation and/or other materials provided with the distribution.
17  * 3. Neither the name of the project nor the names of its contributors
18  *    may be used to endorse or promote products derived from this software
19  *    without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31  * SUCH DAMAGE.
32  */
33 
34 #include "config.h"
35 
36 #include <sys/types.h>
37 #include <sys/stat.h>
38 #include <sys/socket.h>
39 
40 #include <netinet/in.h>
41 
42 #include <stdlib.h>
43 #include <stdio.h>
44 #include <string.h>
45 #include <limits.h>
46 #include <dirent.h>
47 #include <fcntl.h>
48 #include <unistd.h>
49 #include <err.h>
50 
51 #include <openssl/bio.h>
52 #include <openssl/pem.h>
53 
54 #include "var.h"
55 #include "vmbuf.h"
56 #include "misc.h"
57 #include "debug.h"
58 #include "str2val.h"
59 #include "plog.h"
60 
61 #include "oakley.h"
62 #include "dhgroup.h"
63 #include "crypto_openssl.h"
64 #include "gnuc.h"
65 
66 #include "package_version.h"
67 
68 #define PVDUMP(var) racoon_hexdump((var)->v, (var)->l)
69 
70 /*#define CERTTEST_BROKEN */
71 
72 /* prototype */
73 
74 static vchar_t *pem_read_buf __P((char *));
75 void Usage __P((void));
76 
77 int rsatest __P((int, char **));
78 int ciphertest __P((int, char **));
79 int hmactest __P((int, char **));
80 int sha1test __P((int, char **));
81 int md5test __P((int, char **));
82 int dhtest __P((int, char **));
83 int bntest __P((int, char **));
84 #ifndef CERTTEST_BROKEN
85 static char **getcerts __P((char *));
86 int certtest __P((int, char **));
87 #endif
88 
89 /* test */
90 
91 static int
rsa_verify_with_pubkey(src,sig,pubkey_txt)92 rsa_verify_with_pubkey(src, sig, pubkey_txt)
93 	vchar_t *src, *sig;
94 	char *pubkey_txt;
95 {
96 	BIO *bio;
97 	EVP_PKEY *evp;
98 	int error;
99 
100 	bio = BIO_new_mem_buf(pubkey_txt, strlen(pubkey_txt));
101 	evp = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
102 	if (! evp) {
103 		printf ("PEM_read_PUBKEY(): %s\n", eay_strerror());
104 		return -1;
105 	}
106 	error = eay_check_rsasign(src, sig, evp->pkey.rsa);
107 
108 	return error;
109 }
110 
111 int
rsatest(ac,av)112 rsatest(ac, av)
113 	int ac;
114 	char **av;
115 {
116 	char *text = "this is test.";
117 	vchar_t src;
118 	vchar_t *priv, *sig;
119 	int loglevel_saved;
120 
121 	char *pkcs1 =
122 "-----BEGIN RSA PRIVATE KEY-----\n"
123 "MIICXQIBAAKBgQChe5/Fzk9SA0vCKBOcu9jBcLb9oLv50PeuEfQojhakY+OH8A3Q\n"
124 "M8A0qIDG6uhTNGPvzCWb/+mKeOB48n5HJpLxlDFyP3kyd2yXHIZ/MN8g1nh4FsB0\n"
125 "iTkk8QUCJkkan6FCOBrIeLEsGA5AdodzuR+khnCMt8vO+NFHZYKAQeynyQIDAQAB\n"
126 "AoGAOfDcnCHxjhDGrwyoNNWl6Yqi7hAtQm67YAbrH14UO7nnmxAENM9MyNgpFLaW\n"
127 "07v5m8IZQIcradcDXAJOUwNBN8E06UflwEYCaScIwndvr5UpVlN3e2NC6Wyg2yC7\n"
128 "GarxQput3zj35XNR5bK42UneU0H6zDxpHWqI1SwE+ToAHu0CQQDNl9gUJTpg0L09\n"
129 "HkbE5jeb8bA5I20nKqBOBP0v5tnzpwu41umQwk9I7Ru0ucD7j+DW4k8otadW+FnI\n"
130 "G1M1MpSjAkEAyRMt4bN8otfpOpsOQWzw4jQtouohOxRFCrQTntHhU20PrQnQLZWs\n"
131 "pOVzqCjRytYtkPEUA1z8QK5gGcVPcOQsowJBALmt2rwPB1NrEo5Bat7noO+Zb3Ob\n"
132 "WDiYWeE8xkHd95gDlSWiC53ur9aINo6ZeP556jGIgL+el/yHHecJLrQL84sCQH48\n"
133 "zUxq/C/cb++8UzneJGlPqusiJNTLiAENR1gpmlZfHT1c8Nb9phMsfu0vG29GAfuC\n"
134 "bzchVLljALCNQK+2gRMCQQCNIgN+R9mRWZhFAcC1sq++YnuSBlw4VwdL/fd1Yg9e\n"
135 "Ul+U98yPl/NXt8Rs4TRBFcOZjkFI8xv0hQtevTgTmgz+\n"
136 "-----END RSA PRIVATE KEY-----\n\n";
137 	char *pubkey =
138 "-----BEGIN PUBLIC KEY-----\n"
139 "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQChe5/Fzk9SA0vCKBOcu9jBcLb9\n"
140 "oLv50PeuEfQojhakY+OH8A3QM8A0qIDG6uhTNGPvzCWb/+mKeOB48n5HJpLxlDFy\n"
141 "P3kyd2yXHIZ/MN8g1nh4FsB0iTkk8QUCJkkan6FCOBrIeLEsGA5AdodzuR+khnCM\n"
142 "t8vO+NFHZYKAQeynyQIDAQAB\n"
143 "-----END PUBLIC KEY-----\n\n";
144 	char *pubkey_wrong =
145 "-----BEGIN PUBLIC KEY-----\n"
146 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDncG2tSokRBhK8la1mO\n"
147 "QnUpxg6KvpoFUjEyRiIE1GRap5V6jCCEOmA9ZAz4Oa/97oxewwMWtchIxSBZVCia\n"
148 "H9oGasbOFzrtSR+MKl6Cb/Ow3Fu+PKbHTsnfTk/nOOWyaQh91PRD7fdwHe8L9P7w\n"
149 "2kFPmDW6+RNKIR4OErhXf1O0eSShPe0TO3vx43O7dWqhmh3Kgr4Jq7zAGqHtwu0B\n"
150 "RFZnmsocOnVZb2yAHndp51/Mk1H37ThHwN7qMx7RqrS3ru3XtchpJd9IQJPBIRfY\n"
151 "VYQ68u5ix/Z80Y6VkRf0qnAvel8B6D3N3Zyq5u7G60PfvvtCybeMn7nVrSMxqMW/\n"
152 "xwIDAQAB\n"
153 "-----END PUBLIC KEY-----\n\n";
154 
155 	printf ("%s", pkcs1);
156 	printf ("%s", pubkey);
157 	priv = pem_read_buf(pkcs1);
158 
159 	src.v = text;
160 	src.l = strlen(text);
161 
162 	/* sign */
163 	sig = eay_get_x509sign(&src, priv);
164 	if (sig == NULL) {
165 		printf("sign failed. %s\n", eay_strerror());
166 		return -1;
167 	}
168 
169 	printf("RSA signed data.\n");
170 	PVDUMP(sig);
171 
172 	printf("Verification with correct pubkey: ");
173 	if (rsa_verify_with_pubkey (&src, sig, pubkey) != 0) {
174 		printf ("Failed.\n");
175 		return -1;
176 	}
177 	else
178 		printf ("Verified. Good.\n");
179 
180 	loglevel_saved = loglevel;
181 	loglevel = 0;
182 	printf("Verification with wrong pubkey: ");
183 	if (rsa_verify_with_pubkey (&src, sig, pubkey_wrong) != 0)
184 		printf ("Not verified. Good.\n");
185 	else {
186 		printf ("Verified. This is bad...\n");
187 		loglevel = loglevel_saved;
188 		return -1;
189 	}
190 	loglevel = loglevel_saved;
191 
192 	return 0;
193 }
194 
195 static vchar_t *
pem_read_buf(buf)196 pem_read_buf(buf)
197 	char *buf;
198 {
199 	BIO *bio;
200 	char *nm = NULL, *header = NULL;
201 	unsigned char *data = NULL;
202 	long len;
203 	vchar_t *ret;
204 	int error;
205 
206 	bio = BIO_new_mem_buf(buf, strlen(buf));
207 	error = PEM_read_bio(bio, &nm, &header, &data, &len);
208 	if (error == 0)
209 		errx(1, "%s", eay_strerror());
210 	ret = vmalloc(len);
211 	if (ret == NULL)
212 		err(1, "vmalloc");
213 	memcpy(ret->v, data, len);
214 
215 	return ret;
216 }
217 
218 #ifndef CERTTEST_BROKEN
219 int
certtest(ac,av)220 certtest(ac, av)
221 	int ac;
222 	char **av;
223 {
224 	char *certpath;
225 	char **certs;
226 	int type;
227 	int error;
228 
229 	printf("\n**Test for Certificate.**\n");
230 
231     {
232 	vchar_t *asn1dn = NULL, asn1dn0;
233 #ifdef ORIG_DN
234 	char dnstr[] = "C=JP, ST=Kanagawa, L=Fujisawa, O=WIDE Project, OU=KAME Project, CN=Shoichi Sakane/Email=sakane@kame.net";
235 	char *dnstr_w1 = NULL;
236 	char *dnstr_w2 = NULL;
237 	char dn0[] = {
238 		0x30,0x81,0x9a,0x31,0x0b,0x30,0x09,0x06,
239 		0x03,0x55,0x04,0x06,0x13,0x02,0x4a,0x50,
240 		0x31,0x11,0x30,0x0f,0x06,0x03,0x55,0x04,
241 		0x08,0x13,0x08,0x4b,0x61,0x6e,0x61,0x67,
242 		0x61,0x77,0x61,0x31,0x11,0x30,0x0f,0x06,
243 		0x03,0x55,0x04,0x07,0x13,0x08,0x46,0x75,
244 		0x6a,0x69,0x73,0x61,0x77,0x61,0x31,0x15,
245 		0x30,0x13,0x06,0x03,0x55,0x04,0x0a,0x13,
246 		0x0c,0x57,0x49,0x44,0x45,0x20,0x50,0x72,
247 		0x6f,0x6a,0x65,0x63,0x74,0x31,0x15,0x30,
248 		0x13,0x06,0x03,0x55,0x04,0x0b,0x13,0x0c,
249 		0x4b,0x41,0x4d,0x45,0x20,0x50,0x72,0x6f,
250 		0x6a,0x65,0x63,0x74,0x31,0x17,0x30,0x15,
251 		0x06,0x03,0x55,0x04,0x03,0x13,0x0e,0x53,
252 		0x68,0x6f,0x69,0x63,0x68,0x69,0x20,0x53,
253 		0x61,0x6b,0x61,0x6e,0x65,0x31,0x1e,0x30,
254 		0x1c,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,
255 		0x0d,0x01,0x09,0x01,
256 		0x0c,	/* <== XXX */
257 		0x0f,0x73,0x61,
258 		0x6b,0x61,0x6e,0x65,0x40,0x6b,0x61,0x6d,
259 		0x65,0x2e,0x6e,0x65,0x74,
260 	};
261 #else /* not ORIG_DN */
262 	char dnstr[] = "C=JP, ST=Kanagawa, L=Fujisawa, O=WIDE Project, OU=KAME Project, CN=Shoichi Sakane";
263 	char dnstr_w1[] = "C=JP, ST=Kanagawa, L=Fujisawa, O=WIDE Project, OU=*, CN=Shoichi Sakane";
264 	char dnstr_w2[] = "C=JP, ST=Kanagawa, L=Fujisawa, O=WIDE Project, OU=KAME Project, CN=*";
265 	char dn0[] = {
266 		0x30,0x7a,0x31,0x0b,0x30,0x09,0x06,0x03,
267 		0x55,0x04,0x06,0x13,0x02,0x4a,0x50,0x31,
268 		0x11,0x30,0x0f,0x06,0x03,0x55,0x04,0x08,
269 		0x13,0x08,0x4b,0x61,0x6e,0x61,0x67,0x61,
270 		0x77,0x61,0x31,0x11,0x30,0x0f,0x06,0x03,
271 		0x55,0x04,0x07,0x13,0x08,0x46,0x75,0x6a,
272 		0x69,0x73,0x61,0x77,0x61,0x31,0x15,0x30,
273 		0x13,0x06,0x03,0x55,0x04,0x0a,0x13,0x0c,
274 		0x57,0x49,0x44,0x45,0x20,0x50,0x72,0x6f,
275 		0x6a,0x65,0x63,0x74,0x31,0x15,0x30,0x13,
276 		0x06,0x03,0x55,0x04,0x0b,0x13,0x0c,0x4b,
277 		0x41,0x4d,0x45,0x20,0x50,0x72,0x6f,0x6a,
278 		0x65,0x63,0x74,0x31,0x17,0x30,0x15,0x06,
279 		0x03,0x55,0x04,0x03,0x13,0x0e,0x53,0x68,
280 		0x6f,0x69,0x63,0x68,0x69,0x20,0x53,0x61,
281 		0x6b,0x61,0x6e,0x65,
282 	};
283 #endif /* ORIG_DN */
284 
285 	printf("check to convert the string into subjectName.\n");
286 	printf("%s\n", dnstr);
287 
288 	asn1dn0.v = dn0;
289 	asn1dn0.l = sizeof(dn0);
290 
291 	asn1dn = eay_str2asn1dn(dnstr, strlen(dnstr));
292 	if (asn1dn == NULL || asn1dn->l != asn1dn0.l)
293 #ifdef OUTPUT_VALID_ASN1DN
294 	{
295 		unsigned char *cp; int  i;
296 		printf("asn1dn length mismatched (%zu != %zu).\n", asn1dn ? asn1dn->l : -1, asn1dn0.l);
297 		for (cp = asn1dn->v, i = 0; i < asn1dn->l; i++)
298 		    printf ("0x%02x,", *cp++);
299 		exit (1);
300 	}
301 #else
302 		errx(1, "asn1dn length mismatched (%zu != %zu).\n", asn1dn ? asn1dn->l : -1, asn1dn0.l);
303 #endif
304 
305 	/*
306 	 * NOTE: The value pointed by "<==" above is different from the
307 	 * return of eay_str2asn1dn().  but eay_cmp_asn1dn() can distinguish
308 	 * both of the names are same name.
309 	 */
310 	if (eay_cmp_asn1dn(&asn1dn0,  asn1dn))
311 		errx(1, "asn1dn mismatched.\n");
312 	vfree(asn1dn);
313 
314 	printf("exact match: succeed.\n");
315 
316 	if (dnstr_w1 != NULL) {
317 		asn1dn = eay_str2asn1dn(dnstr_w1, strlen(dnstr_w1));
318 		if (asn1dn == NULL || asn1dn->l == asn1dn0.l)
319 			errx(1, "asn1dn length wrong for wildcard 1\n");
320 		if (eay_cmp_asn1dn(&asn1dn0,  asn1dn))
321 			errx(1, "asn1dn mismatched for wildcard 1.\n");
322 		vfree(asn1dn);
323 		printf("wildcard 1 match: succeed.\n");
324 	}
325 
326 	if (dnstr_w1 != NULL) {
327 		asn1dn = eay_str2asn1dn(dnstr_w2, strlen(dnstr_w2));
328 		if (asn1dn == NULL || asn1dn->l == asn1dn0.l)
329 			errx(1, "asn1dn length wrong for wildcard 2\n");
330 		if (eay_cmp_asn1dn(&asn1dn0,  asn1dn))
331 			errx(1, "asn1dn mismatched for wildcard 2.\n");
332 		vfree(asn1dn);
333 		printf("wildcard 2 match: succeed.\n");
334 	}
335 
336     }
337 	eay_init();
338 
339 	/* get certs */
340 	if (ac > 1) {
341 		certpath = *(av + 1);
342 		certs = getcerts(certpath);
343 	} else {
344 #ifdef ORIG_DN
345 		printf("\nCAUTION: These certificates are probably invalid "
346 			"on your environment because you don't have their "
347 			"issuer's certs in your environment.\n\n");
348 
349 		certpath = "/usr/local/openssl/certs";
350 		certs = getcerts(NULL);
351 #else
352 		printf("\nWARNING: The main certificates are probably invalid "
353 			"on your environment\nbecause you don't have their "
354 			"issuer's certs in your environment\nso not doing "
355 			"this test.\n\n");
356 		return (0);
357 #endif
358 	}
359 
360 	while (*certs != NULL) {
361 
362 		vchar_t c;
363 		char *str;
364 		vchar_t *vstr;
365 
366 		printf("===CERT===\n");
367 
368 		c.v = *certs;
369 		c.l = strlen(*certs);
370 
371 		/* print text */
372 		str = eay_get_x509text(&c);
373 		printf("%s", str);
374 		racoon_free(str);
375 
376 		/* print ASN.1 of subject name */
377 		vstr = eay_get_x509asn1subjectname(&c);
378 		if (!vstr)
379 			return 0;
380 		PVDUMP(vstr);
381 		printf("\n");
382 		vfree(vstr);
383 
384 		/* print subject alt name */
385 	    {
386 		int pos;
387 		for (pos = 1; ; pos++) {
388 			error = eay_get_x509subjectaltname(&c, &str, &type, pos);
389 			if (error) {
390 				printf("no subjectaltname found.\n");
391 				break;
392 			}
393 			if (!str)
394 				break;
395 			printf("SubjectAltName: %d: %s\n", type, str);
396 			racoon_free(str);
397 		}
398 	    }
399 
400 		/* NULL => name of the certificate file */
401 		error = eay_check_x509cert(&c, certpath, NULL, 1);
402 		if (error)
403 			printf("ERROR: cert is invalid.\n");
404 		printf("\n");
405 
406 		certs++;
407 	}
408 	return 0;
409 }
410 
411 static char **
getcerts(path)412 getcerts(path)
413 	char *path;
414 {
415 	char **certs = NULL, **p;
416 	DIR *dirp;
417 	struct dirent *dp;
418 	struct stat sb;
419 	char buf[512];
420 	int len;
421 	int n;
422 	int fd;
423 
424 	static char *samplecerts[] = {
425 /* self signed */
426 "-----BEGIN CERTIFICATE-----\n"
427 "MIICpTCCAg4CAQAwDQYJKoZIhvcNAQEEBQAwgZoxCzAJBgNVBAYTAkpQMREwDwYD\n"
428 "VQQIEwhLYW5hZ2F3YTERMA8GA1UEBxMIRnVqaXNhd2ExFTATBgNVBAoTDFdJREUg\n"
429 "UHJvamVjdDEVMBMGA1UECxMMS0FNRSBQcm9qZWN0MRcwFQYDVQQDEw5TaG9pY2hp\n"
430 "IFNha2FuZTEeMBwGCSqGSIb3DQEJARYPc2FrYW5lQGthbWUubmV0MB4XDTAwMDgy\n"
431 "NDAxMzc0NFoXDTAwMDkyMzAxMzc0NFowgZoxCzAJBgNVBAYTAkpQMREwDwYDVQQI\n"
432 "EwhLYW5hZ2F3YTERMA8GA1UEBxMIRnVqaXNhd2ExFTATBgNVBAoTDFdJREUgUHJv\n"
433 "amVjdDEVMBMGA1UECxMMS0FNRSBQcm9qZWN0MRcwFQYDVQQDEw5TaG9pY2hpIFNh\n"
434 "a2FuZTEeMBwGCSqGSIb3DQEJARYPc2FrYW5lQGthbWUubmV0MIGfMA0GCSqGSIb3\n"
435 "DQEBAQUAA4GNADCBiQKBgQCpIQG/H3zn4czAmPBcbkDrYxE1A9vcpghpib3Of0Op\n"
436 "SsiWIBOyIMiVAzK/I/JotWp3Vdn5fzGp/7DGAbWXAALas2xHkNmTMPpu6qhmNQ57\n"
437 "kJHZHal24mgc1hwbrI9fb5olvIexx9a1riNPnKMRVHzXYizsyMbf+lJJmZ8QFhWN\n"
438 "twIDAQABMA0GCSqGSIb3DQEBBAUAA4GBACKs6X/BYycuHI3iop403R3XWMHHnNBN\n"
439 "5XTHVWiWgR1cMWkq/dp51gn+nPftpdAaYGpqGkiHGhZcXLoBaX9uON3p+7av+sQN\n"
440 "plXwnvUf2Zsgu+fojskS0gKcDlYiq1O8TOaBgJouFZgr1q6PiYjVEJGogAP28+HN\n"
441 "M4o+GBFbFoqK\n"
442 "-----END CERTIFICATE-----\n\n",
443 /* signed by SSH testing CA + CA1 + CA2 */
444 "-----BEGIN X509 CERTIFICATE-----\n"
445 "MIICtTCCAj+gAwIBAgIEOaR8NjANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJG\n"
446 "STEkMCIGA1UEChMbU1NIIENvbW11bmljYXRpb25zIFNlY3VyaXR5MREwDwYDVQQL\n"
447 "EwhXZWIgdGVzdDEbMBkGA1UEAxMSVGVzdCBDQSAxIHN1YiBjYSAyMB4XDTAwMDgy\n"
448 "NDAwMDAwMFoXDTAwMTAwMTAwMDAwMFowgZoxCzAJBgNVBAYTAkpQMREwDwYDVQQI\n"
449 "EwhLYW5hZ2F3YTERMA8GA1UEBxMIRnVqaXNhd2ExFTATBgNVBAoTDFdJREUgUHJv\n"
450 "amVjdDEVMBMGA1UECxMMS0FNRSBQcm9qZWN0MRcwFQYDVQQDEw5TaG9pY2hpIFNh\n"
451 "a2FuZTEeMBwGCSqGSIb3DQEJAQwPc2FrYW5lQGthbWUubmV0MIGfMA0GCSqGSIb3\n"
452 "DQEBAQUAA4GNADCBiQKBgQCpIQG/H3zn4czAmPBcbkDrYxE1A9vcpghpib3Of0Op\n"
453 "SsiWIBOyIMiVAzK/I/JotWp3Vdn5fzGp/7DGAbWXAALas2xHkNmTMPpu6qhmNQ57\n"
454 "kJHZHal24mgc1hwbrI9fb5olvIexx9a1riNPnKMRVHzXYizsyMbf+lJJmZ8QFhWN\n"
455 "twIDAQABo18wXTALBgNVHQ8EBAMCBaAwGgYDVR0RBBMwEYEPc2FrYW5lQGthbWUu\n"
456 "bmV0MDIGA1UdHwQrMCkwJ6AloCOGIWh0dHA6Ly9sZGFwLnNzaC5maS9jcmxzL2Nh\n"
457 "MS0yLmNybDANBgkqhkiG9w0BAQUFAANhADtaqual41OWshF/rwCTuR6zySBJysGp\n"
458 "+qjkp5efCiYKhAu1L4WXlMsV/SNdzspui5tHasPBvUw8gzFsU/VW/B2zuQZkimf1\n"
459 "u6ZPjUb/vt8vLOPScP5MeH7xrTk9iigsqQ==\n"
460 "-----END X509 CERTIFICATE-----\n\n",
461 /* VP100 */
462 "-----BEGIN CERTIFICATE-----\n"
463 "MIICXzCCAcigAwIBAgIEOXGBIzANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJG\n"
464 "STEkMCIGA1UEChMbU1NIIENvbW11bmljYXRpb25zIFNlY3VyaXR5MREwDwYDVQQL\n"
465 "EwhXZWIgdGVzdDESMBAGA1UEAxMJVGVzdCBDQSAxMB4XDTAwMDcxNjAwMDAwMFoX\n"
466 "DTAwMDkwMTAwMDAwMFowNTELMAkGA1UEBhMCanAxETAPBgNVBAoTCHRhaGl0ZXN0\n"
467 "MRMwEQYDVQQDEwpmdXJ1a2F3YS0xMIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKB\n"
468 "gQDUmI2RaAuoLvtRDbASwRhbkj/Oq0BBIKgAqbFknc/EanJSQwZQu82gD88nf7gG\n"
469 "VEioWmKPLDuEjz5JCuM+k5f7HYHI1wWmz1KFr7UA+avZm4Kp6YKnhuH7soZp7kBL\n"
470 "hTiZEpL0jdmCWLW3ZXoro55rmPrBsCd+bt8VU6tRZm5dUwIBKaNZMFcwCwYDVR0P\n"
471 "BAQDAgWgMBYGA1UdEQQPMA2CBVZQMTAwhwQKFIaFMDAGA1UdHwQpMCcwJaAjoCGG\n"
472 "H2h0dHA6Ly9sZGFwLnNzaC5maS9jcmxzL2NhMS5jcmwwDQYJKoZIhvcNAQEFBQAD\n"
473 "gYEAKJ/2Co/KYW65mwpGG3CBvsoRL8xyUMHGt6gQpFLHiiHuAdix1ADTL6uoFuYi\n"
474 "4sE5omQm1wKVv2ZhS03zDtUfKoVEv0HZ7IY3AU/FZT/M5gQvbt43Dki/ma3ock2I\n"
475 "PPhbLsvXm+GCVh3jvkYGk1zr7VERVeTPtmT+hW63lcxfFp4=\n"
476 "-----END CERTIFICATE-----\n\n",
477 /* IKED */
478 "-----BEGIN CERTIFICATE-----\n"
479 "MIIEFTCCA7+gAwIBAgIKYU5X6AAAAAAACTANBgkqhkiG9w0BAQUFADCBljEpMCcG\n"
480 "CSqGSIb3DQEJARYaeS13YXRhbmFAc2RsLmhpdGFjaGkuY28uanAxCzAJBgNVBAYT\n"
481 "AkpQMREwDwYDVQQIEwhLQU5BR0FXQTERMA8GA1UEBxMIWW9rb2hhbWExEDAOBgNV\n"
482 "BAoTB0hJVEFDSEkxDDAKBgNVBAsTA1NETDEWMBQGA1UEAxMNSVBzZWMgVGVzdCBD\n"
483 "QTAeFw0wMDA3MTUwMjUxNDdaFw0wMTA3MTUwMzAxNDdaMEUxCzAJBgNVBAYTAkpQ\n"
484 "MREwDwYDVQQIEwhLQU5BR0FXQTEQMA4GA1UEChMHSElUQUNISTERMA8GA1UEAxMI\n"
485 "V0FUQU5BQkUwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA6Wja5A7Ldzrtx+rMWHEB\n"
486 "Cyt+/ZoG0qdFQbuuUiU1vOSq+1f+ZSCYAdTq13Lrr6Xfz3jDVFEZLPID9PSTFwq+\n"
487 "yQIDAQABo4ICPTCCAjkwDgYDVR0PAQH/BAQDAgTwMBMGA1UdJQQMMAoGCCsGAQUF\n"
488 "CAICMB0GA1UdDgQWBBTkv7/MH5Ra+S1zBAmnUIH5w8ZTUTCB0gYDVR0jBIHKMIHH\n"
489 "gBQsF2qoaTl5F3GFLKrttaxPJ8j4faGBnKSBmTCBljEpMCcGCSqGSIb3DQEJARYa\n"
490 "eS13YXRhbmFAc2RsLmhpdGFjaGkuY28uanAxCzAJBgNVBAYTAkpQMREwDwYDVQQI\n"
491 "EwhLQU5BR0FXQTERMA8GA1UEBxMIWW9rb2hhbWExEDAOBgNVBAoTB0hJVEFDSEkx\n"
492 "DDAKBgNVBAsTA1NETDEWMBQGA1UEAxMNSVBzZWMgVGVzdCBDQYIQeccIf4GYDIBA\n"
493 "rS6HSUt8XjB7BgNVHR8EdDByMDagNKAyhjBodHRwOi8vZmxvcmEyMjAvQ2VydEVu\n"
494 "cm9sbC9JUHNlYyUyMFRlc3QlMjBDQS5jcmwwOKA2oDSGMmZpbGU6Ly9cXGZsb3Jh\n"
495 "MjIwXENlcnRFbnJvbGxcSVBzZWMlMjBUZXN0JTIwQ0EuY3JsMIGgBggrBgEFBQcB\n"
496 "AQSBkzCBkDBFBggrBgEFBQcwAoY5aHR0cDovL2Zsb3JhMjIwL0NlcnRFbnJvbGwv\n"
497 "ZmxvcmEyMjBfSVBzZWMlMjBUZXN0JTIwQ0EuY3J0MEcGCCsGAQUFBzAChjtmaWxl\n"
498 "Oi8vXFxmbG9yYTIyMFxDZXJ0RW5yb2xsXGZsb3JhMjIwX0lQc2VjJTIwVGVzdCUy\n"
499 "MENBLmNydDANBgkqhkiG9w0BAQUFAANBAG8yZAWHb6g3zba453Hw5loojVDZO6fD\n"
500 "9lCsyaxeo9/+7x1JEEcdZ6qL7KKqe7ZBwza+hIN0ITkp2WEWo22gTz4=\n"
501 "-----END CERTIFICATE-----\n\n",
502 /* From Entrust */
503 "-----BEGIN CERTIFICATE-----\n"
504 "MIIDXTCCAsagAwIBAgIEOb6khTANBgkqhkiG9w0BAQUFADA4MQswCQYDVQQGEwJV\n"
505 "UzEQMA4GA1UEChMHRW50cnVzdDEXMBUGA1UECxMOVlBOIEludGVyb3AgUk8wHhcN\n"
506 "MDAwOTE4MjMwMDM3WhcNMDMwOTE4MjMzMDM3WjBTMQswCQYDVQQGEwJVUzEQMA4G\n"
507 "A1UEChMHRW50cnVzdDEXMBUGA1UECxMOVlBOIEludGVyb3AgUk8xGTAXBgNVBAMT\n"
508 "EFNob2ljaGkgU2FrYW5lIDIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKj3\n"
509 "eXSt1qXxFXzpa265B/NQYk5BZN7pNJg0tlTKBTVV3UgpQ92Bx5DoNfZh11oIv0Sw\n"
510 "6YnG5p9F9ma36U9HDoD3hVTjAvQKy4ssCsnU1y6v5XOU1QvYQo6UTzgsXUTaIau4\n"
511 "Lrccl+nyoiNzy3lG51tLR8CxuA+3OOAK9xPjszClAgMBAAGjggFXMIIBUzBABgNV\n"
512 "HREEOTA3gQ9zYWthbmVAa2FtZS5uZXSHBM6vIHWCHjIwNi0xNzUtMzItMTE3LnZw\n"
513 "bndvcmtzaG9wLmNvbTATBgNVHSUEDDAKBggrBgEFBQgCAjALBgNVHQ8EBAMCAKAw\n"
514 "KwYDVR0QBCQwIoAPMjAwMDA5MTgyMzAwMzdagQ8yMDAyMTAyNTExMzAzN1owWgYD\n"
515 "VR0fBFMwUTBPoE2gS6RJMEcxCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFbnRydXN0\n"
516 "MRcwFQYDVQQLEw5WUE4gSW50ZXJvcCBSTzENMAsGA1UEAxMEQ1JMMTAfBgNVHSME\n"
517 "GDAWgBTzVmhu0tBoWKwkZE5mXpooE9630DAdBgNVHQ4EFgQUEgBHPtXggJqei5Xz\n"
518 "92CrWXTJxfAwCQYDVR0TBAIwADAZBgkqhkiG9n0HQQAEDDAKGwRWNS4wAwIEsDAN\n"
519 "BgkqhkiG9w0BAQUFAAOBgQCIFriNGMUE8GH5LuDrTJfA8uGx8vLy2seljuo694TR\n"
520 "et/ojp9QnfOJ1PF9iAdGaEaSLfkwhY4fZNZzxic5HBoHLeo9BXLP7i7FByXjvOZC\n"
521 "Y8++0dC8NVvendIILcJBM5nbDq1TqIbb8K3SP80XhO5JLVJkoZiQftAMjo0peZPO\n"
522 "EQ==\n"
523 "-----END CERTIFICATE-----\n\n",
524 	NULL,
525 	};
526 
527 	if (path == NULL)
528 		return (char **)&samplecerts;
529 
530 	stat(path, &sb);
531 	if (!(sb.st_mode & S_IFDIR)) {
532 		printf("ERROR: %s is not directory.\n", path);
533 		exit(0);
534 	}
535 
536 	dirp = opendir(path);
537 	if (dirp == NULL) {
538 		printf("opendir failed.\n");
539 		exit(0);
540 	}
541 
542 	n = 0;
543 	while ((dp = readdir(dirp)) != NULL) {
544 		if (dp->d_type != DT_REG)
545 			continue;
546 		if (strcmp(dp->d_name + strlen(dp->d_name) - 4, "cert"))
547 			continue;
548 		snprintf(buf, sizeof(buf), "%s/%s", path, dp->d_name);
549 		stat(buf, &sb);
550 
551 		p = (char **)realloc(certs, (n + 1) * sizeof(certs));
552 		if (p == NULL)
553 			err(1, "realloc");
554 		certs = p;
555 
556 		certs[n] = malloc(sb.st_size + 1);
557 		if (certs[n] == NULL)
558 			err(1, "malloc");
559 
560 		fd = open(buf, O_RDONLY);
561 		if (fd == -1)
562 			err(1, "open");
563 		len = read(fd, certs[n], sb.st_size);
564 		if (len == -1)
565 			err(1, "read");
566 		if (len != sb.st_size)
567 			errx(1, "read: length mismatch");
568 		certs[n][sb.st_size] = '\0';
569 		close(fd);
570 
571 		printf("%s: %d\n", dp->d_name, (int)sb.st_size);
572 
573 		n++;
574 	}
575 
576 	p = (char **)realloc(certs, (n + 1) * sizeof(certs));
577 	if (p == NULL)
578 		err(1, "realloc");
579 	certs = p;
580 	certs[n] = NULL;
581 
582 	return certs;
583 }
584 #endif /* CERTTEST_BROKEN */
585 
586 typedef vchar_t* (eay_func) (vchar_t *, vchar_t *, vchar_t *);
587 
588 static int
ciphertest_1(const char * name,vchar_t * data,size_t data_align,vchar_t * key,size_t min_keysize,vchar_t * iv0,size_t iv_length,eay_func encrypt,eay_func decrypt)589 ciphertest_1 (const char *name,
590 	      vchar_t *data,
591 	      size_t data_align,
592 	      vchar_t *key,
593 	      size_t min_keysize,
594 	      vchar_t *iv0,
595 	      size_t iv_length,
596 	      eay_func encrypt,
597 	      eay_func decrypt)
598 {
599 	int padlen;
600 	vchar_t *buf, *iv, *res1, *res2;
601 	iv = vmalloc(iv_length);
602 
603 	printf("Test for cipher %s\n", name);
604 	printf("data:\n");
605 	PVDUMP(data);
606 
607 	if (data_align <= 1 || (data->l % data_align) == 0)
608 	  padlen = 0;
609 	else
610 	  padlen = data_align - data->l % data_align;
611 
612 	buf = vmalloc(data->l + padlen);
613 	memcpy(buf->v, data->v, data->l);
614 
615 	memcpy(iv->v, iv0->v, iv_length);
616 	res1 = (encrypt)(buf, key, iv);
617 	if (res1 == NULL) {
618 		printf("%s encryption failed.\n", name);
619 		return -1;
620 	}
621 	printf("encrypted:\n");
622 	PVDUMP(res1);
623 
624 	memcpy(iv->v, iv0->v, iv_length);
625 	res2 = (decrypt)(res1, key, iv);
626 	if (res2 == NULL) {
627 		printf("%s decryption failed.\n", name);
628 		return -1;
629 	}
630 	printf("decrypted:\n");
631 	PVDUMP(res2);
632 
633 	if (memcmp(data->v, res2->v, data->l)) {
634 		printf("XXXX NG (%s) XXXX\n", name);
635 		return -1;
636 	}
637 	else
638 		printf("%s cipher verified.\n", name);
639 	vfree(res1);
640 	vfree(res2);
641 	vfree(buf);
642 	vfree(iv);
643 
644 	return 0;
645 }
646 
647 int
ciphertest(ac,av)648 ciphertest(ac, av)
649 	int ac;
650 	char **av;
651 {
652 	vchar_t data;
653 	vchar_t key;
654 	vchar_t iv0;
655 
656 	printf("\n**Testing CIPHERS**\n");
657 
658 	data.v = str2val("\
659 06000017 03000000 73616b61 6e65406b 616d652e 6e657409 0002c104 308202b8 \
660 04f05a90 \
661 	", 16, &data.l);
662 	key.v = str2val("f59bd70f 81b9b9cc 2a32c7fd 229a4b37", 16, &key.l);
663 	iv0.v = str2val("26b68c90 9467b4ab 7ec29fa0 0b696b55", 16, &iv0.l);
664 
665 	if (ciphertest_1 ("DES",
666 			  &data, 8,
667 			  &key, 8,
668 			  &iv0, 8,
669 			  eay_des_encrypt, eay_des_decrypt) < 0)
670 	  return -1;
671 
672 	if (ciphertest_1 ("3DES",
673 			  &data, 8,
674 			  &key, 24,
675 			  &iv0, 8,
676 			  eay_3des_encrypt, eay_3des_decrypt) < 0)
677 	  return -1;
678 
679 	if (ciphertest_1 ("AES",
680 			  &data, 16,
681 			  &key, key.l,
682 			  &iv0, 16,
683 			  eay_aes_encrypt, eay_aes_decrypt) < 0)
684 	  return -1;
685 
686 	if (ciphertest_1 ("BLOWFISH",
687 			  &data, 8,
688 			  &key, key.l,
689 			  &iv0, 8,
690 			  eay_bf_encrypt, eay_bf_decrypt) < 0)
691 	  return -1;
692 
693 	if (ciphertest_1 ("CAST",
694 			  &data, 8,
695 			  &key, key.l,
696 			  &iv0, 8,
697 			  eay_cast_encrypt, eay_cast_decrypt) < 0)
698 	  return -1;
699 
700 #ifdef HAVE_OPENSSL_IDEA_H
701 	if (ciphertest_1 ("IDEA",
702 			  &data, 8,
703 			  &key, key.l,
704 			  &iv0, 8,
705 			  eay_idea_encrypt, eay_idea_decrypt) < 0)
706 	  return -1;
707 #endif
708 
709 #ifdef HAVE_OPENSSL_RC5_H
710 	if (ciphertest_1 ("RC5",
711 			  &data, 8,
712 			  &key, key.l,
713 			  &iv0, 8,
714 			  eay_rc5_encrypt, eay_rc5_decrypt) < 0)
715 	  return -1;
716 #endif
717 #if defined(HAVE_OPENSSL_CAMELLIA_H)
718 	if (ciphertest_1 ("CAMELLIA",
719 			  &data, 16,
720 			  &key, key.l,
721 			  &iv0, 16,
722 			  eay_camellia_encrypt, eay_camellia_decrypt) < 0)
723 	  return -1;
724 #endif
725 	return 0;
726 }
727 
728 int
hmactest(ac,av)729 hmactest(ac, av)
730 	int ac;
731 	char **av;
732 {
733 	char *keyword = "hehehe test secret!";
734 	char *object  = "d7e6a6c1876ef0488bb74958b9fee94e";
735 	char *object1 = "d7e6a6c1876ef048";
736 	char *object2 =                 "8bb74958b9fee94e";
737 	char *r_hmd5  = "5702d7d1 fd1bfc7e 210fc9fa cda7d02c";
738 	char *r_hsha1 = "309999aa 9779a43e ebdea839 1b4e7ee1 d8646874";
739 #ifdef WITH_SHA2
740 	char *r_hsha2 = "d47262d8 a5b6f39d d8686939 411b3e79 ed2e27f9 2c4ea89f dd0a06ae 0c0aa396";
741 #endif
742 	vchar_t *key, *data, *data1, *data2, *res;
743 	vchar_t mod;
744 	caddr_t ctx;
745 
746 #ifdef WITH_SHA2
747 	printf("\n**Test for HMAC MD5, SHA1, and SHA256.**\n");
748 #else
749 	printf("\n**Test for HMAC MD5 & SHA1.**\n");
750 #endif
751 
752 	key = vmalloc(strlen(keyword));
753 	memcpy(key->v, keyword, key->l);
754 
755 	data = vmalloc(strlen(object));
756 	data1 = vmalloc(strlen(object1));
757 	data2 = vmalloc(strlen(object2));
758 	memcpy(data->v, object, data->l);
759 	memcpy(data1->v, object1, data1->l);
760 	memcpy(data2->v, object2, data2->l);
761 
762 	/* HMAC MD5 */
763 	printf("HMAC MD5 by eay_hmacmd5_one()\n");
764 	res = eay_hmacmd5_one(key, data);
765 	PVDUMP(res);
766 	mod.v = str2val(r_hmd5, 16, &mod.l);
767 	if (memcmp(res->v, mod.v, mod.l)) {
768 		printf(" XXX NG XXX\n");
769 		return -1;
770 	}
771 	free(mod.v);
772 	vfree(res);
773 
774 	/* HMAC MD5 */
775 	printf("HMAC MD5 by eay_hmacmd5_xxx()\n");
776 	ctx = eay_hmacmd5_init(key);
777 	eay_hmacmd5_update(ctx, data1);
778 	eay_hmacmd5_update(ctx, data2);
779 	res = eay_hmacmd5_final(ctx);
780 	PVDUMP(res);
781 	mod.v = str2val(r_hmd5, 16, &mod.l);
782 	if (memcmp(res->v, mod.v, mod.l)) {
783 		printf(" XXX NG XXX\n");
784 		return -1;
785 	}
786 	free(mod.v);
787 	vfree(res);
788 
789 	/* HMAC SHA1 */
790 	printf("HMAC SHA1 by eay_hmacsha1_one()\n");
791 	res = eay_hmacsha1_one(key, data);
792 	PVDUMP(res);
793 	mod.v = str2val(r_hsha1, 16, &mod.l);
794 	if (memcmp(res->v, mod.v, mod.l)) {
795 		printf(" XXX NG XXX\n");
796 		return -1;
797 	}
798 	free(mod.v);
799 	vfree(res);
800 
801 	/* HMAC SHA1 */
802 	printf("HMAC SHA1 by eay_hmacsha1_xxx()\n");
803 	ctx = eay_hmacsha1_init(key);
804 	eay_hmacsha1_update(ctx, data1);
805 	eay_hmacsha1_update(ctx, data2);
806 	res = eay_hmacsha1_final(ctx);
807 	PVDUMP(res);
808 	mod.v = str2val(r_hsha1, 16, &mod.l);
809 	if (memcmp(res->v, mod.v, mod.l)) {
810 		printf(" XXX NG XXX\n");
811 		return -1;
812 	}
813 	free(mod.v);
814 	vfree(res);
815 
816 #ifdef WITH_SHA2
817 	/* HMAC SHA2 */
818 	printf("HMAC SHA2 by eay_hmacsha2_256_one()\n");
819 	res = eay_hmacsha2_256_one(key, data);
820 	PVDUMP(res);
821 	mod.v = str2val(r_hsha2, 16, &mod.l);
822 	if (memcmp(res->v, mod.v, mod.l)) {
823 		printf(" XXX NG XXX\n");
824 		return -1;
825 	}
826 	free(mod.v);
827 	vfree(res);
828 #endif
829 
830 	vfree(data);
831 	vfree(data1);
832 	vfree(data2);
833 	vfree(key);
834 
835 	return 0;
836 }
837 
838 int
sha1test(ac,av)839 sha1test(ac, av)
840 	int ac;
841 	char **av;
842 {
843 	char *word1 = "1234567890", *word2 = "12345678901234567890";
844 	caddr_t ctx;
845 	vchar_t *buf, *res;
846 
847 	printf("\n**Test for SHA1.**\n");
848 
849 	ctx = eay_sha1_init();
850 	buf = vmalloc(strlen(word1));
851 	memcpy(buf->v, word1, buf->l);
852 	eay_sha1_update(ctx, buf);
853 	eay_sha1_update(ctx, buf);
854 	res = eay_sha1_final(ctx);
855 	PVDUMP(res);
856 	vfree(res);
857 	vfree(buf);
858 
859 	ctx = eay_sha1_init();
860 	buf = vmalloc(strlen(word2));
861 	memcpy(buf->v, word2, buf->l);
862 	eay_sha1_update(ctx, buf);
863 	res = eay_sha1_final(ctx);
864 	PVDUMP(res);
865 	vfree(res);
866 
867 	res = eay_sha1_one(buf);
868 	PVDUMP(res);
869 	vfree(res);
870 	vfree(buf);
871 
872 	return 0;
873 }
874 
875 int
md5test(ac,av)876 md5test(ac, av)
877 	int ac;
878 	char **av;
879 {
880 	char *word1 = "1234567890", *word2 = "12345678901234567890";
881 	caddr_t ctx;
882 	vchar_t *buf, *res;
883 
884 	printf("\n**Test for MD5.**\n");
885 
886 	ctx = eay_md5_init();
887 	buf = vmalloc(strlen(word1));
888 	memcpy(buf->v, word1, buf->l);
889 	eay_md5_update(ctx, buf);
890 	eay_md5_update(ctx, buf);
891 	res = eay_md5_final(ctx);
892 	PVDUMP(res);
893 	vfree(res);
894 	vfree(buf);
895 
896 	ctx = eay_md5_init();
897 	buf = vmalloc(strlen(word2));
898 	memcpy(buf->v, word2, buf->l);
899 	eay_md5_update(ctx, buf);
900 	res = eay_md5_final(ctx);
901 	PVDUMP(res);
902 	vfree(res);
903 
904 	res = eay_md5_one(buf);
905 	PVDUMP(res);
906 	vfree(res);
907 	vfree(buf);
908 
909 	return 0;
910 }
911 
912 int
dhtest(ac,av)913 dhtest(ac, av)
914 	int ac;
915 	char **av;
916 {
917 	static struct {
918 		char *name;
919 		char *p;
920 	} px[] = {
921 		{ "modp768",	OAKLEY_PRIME_MODP768, },
922 		{ "modp1024",	OAKLEY_PRIME_MODP1024, },
923 		{ "modp1536",	OAKLEY_PRIME_MODP1536, },
924 		{ "modp2048",	OAKLEY_PRIME_MODP2048, },
925 		{ "modp3072",	OAKLEY_PRIME_MODP3072, },
926 		{ "modp4096",	OAKLEY_PRIME_MODP4096, },
927 		{ "modp6144",	OAKLEY_PRIME_MODP6144, },
928 		{ "modp8192",	OAKLEY_PRIME_MODP8192, },
929 	};
930 	vchar_t p1, *pub1, *priv1, *gxy1;
931 	vchar_t p2, *pub2, *priv2, *gxy2;
932 	int i;
933 
934 	printf("\n**Test for DH.**\n");
935 
936 	for (i = 0; i < sizeof(px)/sizeof(px[0]); i++) {
937 		printf("\n**Test for DH %s.**\n", px[i].name);
938 
939 		p1.v = str2val(px[i].p, 16, &p1.l);
940 		p2.v = str2val(px[i].p, 16, &p2.l);
941 		printf("prime number = \n"); PVDUMP(&p1);
942 
943 		if (eay_dh_generate(&p1, 2, 96, &pub1, &priv1) < 0) {
944 			printf("error\n");
945 			return -1;
946 		}
947 		printf("private key for user 1 = \n"); PVDUMP(priv1);
948 		printf("public key for user 1  = \n"); PVDUMP(pub1);
949 
950 		if (eay_dh_generate(&p2, 2, 96, &pub2, &priv2) < 0) {
951 			printf("error\n");
952 			return -1;
953 		}
954 		printf("private key for user 2 = \n"); PVDUMP(priv2);
955 		printf("public key for user 2  = \n"); PVDUMP(pub2);
956 
957 		/* process to generate key for user 1 */
958 		gxy1 = vmalloc(p1.l);
959 		memset(gxy1->v, 0, gxy1->l);
960 		eay_dh_compute(&p1, 2, pub1, priv1, pub2, &gxy1);
961 		printf("sharing gxy1 of user 1 = \n"); PVDUMP(gxy1);
962 
963 		/* process to generate key for user 2 */
964 		gxy2 = vmalloc(p1.l);
965 		memset(gxy2->v, 0, gxy2->l);
966 		eay_dh_compute(&p2, 2, pub2, priv2, pub1, &gxy2);
967 		printf("sharing gxy2 of user 2 = \n"); PVDUMP(gxy2);
968 
969 		if (memcmp(gxy1->v, gxy2->v, gxy1->l)) {
970 			printf("ERROR: sharing gxy mismatched.\n");
971 			return -1;
972 		}
973 
974 		vfree(pub1);
975 		vfree(pub2);
976 		vfree(priv1);
977 		vfree(priv2);
978 		vfree(gxy1);
979 		vfree(gxy2);
980 	}
981 
982 	return 0;
983 }
984 
985 int
bntest(ac,av)986 bntest(ac, av)
987 	int ac;
988 	char **av;
989 {
990 	vchar_t *rn;
991 
992 	printf("\n**Test for generate a random number.**\n");
993 
994 	rn = eay_set_random((u_int32_t)96);
995 	PVDUMP(rn);
996 	vfree(rn);
997 
998 	return 0;
999 }
1000 
1001 struct {
1002 	char *name;
1003 	int (*func) __P((int, char **));
1004 } func[] = {
1005 	{ "random", bntest, },
1006 	{ "dh", dhtest, },
1007 	{ "md5", md5test, },
1008 	{ "sha1", sha1test, },
1009 	{ "hmac", hmactest, },
1010 	{ "cipher", ciphertest, },
1011 #ifndef CERTTEST_BROKEN
1012 	{ "cert", certtest, },
1013 #endif
1014 	{ "rsa", rsatest, },
1015 };
1016 
1017 int
main(ac,av)1018 main(ac, av)
1019 	int ac;
1020 	char **av;
1021 {
1022 	int i;
1023 	int len = sizeof(func)/sizeof(func[0]);
1024 
1025 	f_foreground = 1;
1026 	ploginit();
1027 
1028 	printf ("\nTestsuite of the %s\nlinked with %s\n\n", TOP_PACKAGE_STRING, eay_version());
1029 
1030 	if (strcmp(*av, "-h") == 0)
1031 		Usage();
1032 
1033 	ac--;
1034 	av++;
1035 
1036 	for (i = 0; i < len; i++) {
1037 		if ((ac == 0) || (strcmp(*av, func[i].name) == 0)) {
1038 			if ((func[i].func)(ac, av) != 0) {
1039 				printf ("\n!!!!! Test '%s' failed. !!!!!\n\n", func[i].name);
1040 				exit(1);
1041 			}
1042 			if (ac)
1043 				break;
1044 		}
1045 	}
1046 	if (ac && i == len)
1047 		Usage();
1048 
1049 	printf ("\n===== All tests passed =====\n\n");
1050 	exit(0);
1051 }
1052 
1053 void
Usage()1054 Usage()
1055 {
1056 	int i;
1057 	int len = sizeof(func)/sizeof(func[0]);
1058 
1059 	printf("Usage: eaytest [");
1060 	for (i = 0; i < len; i++)
1061 		printf("%s%s", func[i].name, (i<len-1)?"|":"");
1062 	printf("]\n");
1063 #ifndef CERTTEST_BROKEN
1064 	printf("       eaytest cert [cert_directory]\n");
1065 #endif
1066 	exit(1);
1067 }
1068 
1069