t_dst.c revision 19ce0d25d31e716a737674c4e04a88c33b222fe4
499b34cea04a46823d003d4c0520c8b03e8513cbBrian Wellington * Copyright (C) 1999, 2000 Internet Software Consortium.
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington * Permission to use, copy, modify, and distribute this software for any
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington * purpose with or without fee is hereby granted, provided that the above
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington * copyright notice and this permission notice appear in all copies.
15a44745412679c30a6d022733925af70a38b715David Lawrence * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
15a44745412679c30a6d022733925af70a38b715David Lawrence * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
15a44745412679c30a6d022733925af70a38b715David Lawrence * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
15a44745412679c30a6d022733925af70a38b715David Lawrence * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
15a44745412679c30a6d022733925af70a38b715David Lawrence * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
15a44745412679c30a6d022733925af70a38b715David Lawrence * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
15a44745412679c30a6d022733925af70a38b715David Lawrence * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
15a44745412679c30a6d022733925af70a38b715David Lawrence * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington/* $Id: t_dst.c,v 1.42 2000/11/15 00:20:34 tale Exp $ */
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington#include <sys/types.h> /* Required for dirent.h */
0e5d6900bdfcbeef8919e6fb453ca6c44f62ccd8Brian Wellington * Adapted from the original dst_test.c program.
0e5d6900bdfcbeef8919e6fb453ca6c44f62ccd8Brian Wellington * XXXDCL should use isc_dir_*.
4755b174df8221dff7e872f21d42b3572a74bf2fAndreas Gustafsson t_info("opendir(%s) failed %d\n", path, opendir);
4755b174df8221dff7e872f21d42b3572a74bf2fAndreas Gustafsson t_info("remove(%s) failed %d\n", fullname, errno);
a00c5e2151cc03c06bae5cdd3b40a5de05664059Brian Wellington t_info("rmdir(%s) failed %d\n", path, errno);
4755b174df8221dff7e872f21d42b3572a74bf2fAndreas Gustafssonuse(dst_key_t *key, isc_mem_t *mctx, isc_result_t exp_result, int *nfails) {
0e5d6900bdfcbeef8919e6fb453ca6c44f62ccd8Brian Wellington isc_buffer_init(&sigbuf, sig, sizeof(sig));
76c8294c81fb48b1da6e1fc5b83322a4cedb8e58Andreas Gustafsson t_info("dst_context_create(%d) returned (%s) expected (%s)\n",
76c8294c81fb48b1da6e1fc5b83322a4cedb8e58Andreas Gustafsson dst_key_alg(key), dst_result_totext(ret),
020ebf119089ef68070d6a0df2def3142f1eeff4Brian Wellington t_info("dst_context_adddata(%d) returned (%s)\n",
020ebf119089ef68070d6a0df2def3142f1eeff4Brian Wellington t_info("dst_context_sign(%d) returned (%s)\n",
a00c5e2151cc03c06bae5cdd3b40a5de05664059Brian Wellington isc_buffer_remainingregion(&sigbuf, &sigreg);
3f6dc1703f76a24b34ed3bc839447291c33ca837Brian Wellington t_info("dst_context_create(%d) returned (%s)\n",
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington t_info("dst_context_adddata(%d) returned (%s)\n",
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington t_info("dst_context_verify(%d) returned (%s) expected (%s)\n",
a00c5e2151cc03c06bae5cdd3b40a5de05664059Brian Wellingtondh(dns_name_t *name1, int id1, dns_name_t *name2, int id2, isc_mem_t *mctx,
ff7b9eede951083d1f8a1ad919611659c3e20b34Brian Wellington isc_result_t exp_result, int *nfails, int *nprobs)
ff7b9eede951083d1f8a1ad919611659c3e20b34Brian Wellington int type = DST_TYPE_PUBLIC|DST_TYPE_PRIVATE;
f2338a0d6aa0327372eb20ab5dc29502bc8c71efBrian Wellington ret = dst_key_fromfile(name1, id1, alg, type, current, mctx, &key1);
1f1d36a87b65186d9f89aac7f456ab1fd2a39ef6Andreas Gustafsson t_info("dst_key_fromfile(%d) returned: %s\n",
d598338952797df77417e69fcb8782b73651f9a9Brian Wellington ret = dst_key_fromfile(name2, id2, alg, type, current, mctx, &key2);
d598338952797df77417e69fcb8782b73651f9a9Brian Wellington t_info("dst_key_fromfile(%d) returned: %s\n",
d598338952797df77417e69fcb8782b73651f9a9Brian Wellington ret = isc_file_mktemplate("/tmp/", tmp, sizeof(tmp));
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington t_info("dst_key_tofile(%d) returned: %s\n",
26a5f97dd8770ced729025488091b77d8beb0ab6Brian Wellington isc_buffer_init(&b1, array1, sizeof(array1));
26a5f97dd8770ced729025488091b77d8beb0ab6Brian Wellington ret = dst_key_computesecret(key1, key2, &b1);
b6666e61dc9b91f4ac6af3aa1172bfd8a5f2d6ffBrian Wellington t_info("dst_computesecret() returned: %s\n",
f2338a0d6aa0327372eb20ab5dc29502bc8c71efBrian Wellington isc_buffer_init(&b2, array2, sizeof(array2));
f2338a0d6aa0327372eb20ab5dc29502bc8c71efBrian Wellington ret = dst_key_computesecret(key2, key1, &b2);
f2338a0d6aa0327372eb20ab5dc29502bc8c71efBrian Wellington t_info("dst_computesecret() returned: %s\n",
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington if (r1.length != r2.length || memcmp(r1.base, r2.base, r1.length) != 0)
a00c5e2151cc03c06bae5cdd3b40a5de05664059Brian Wellingtonio(dns_name_t *name, int id, int alg, int type, isc_mem_t *mctx,
a00c5e2151cc03c06bae5cdd3b40a5de05664059Brian Wellington isc_result_t exp_result, int *nfails, int *nprobs)
a00c5e2151cc03c06bae5cdd3b40a5de05664059Brian Wellington ret = dst_key_fromfile(name, id, alg, type, current, mctx, &key);
a00c5e2151cc03c06bae5cdd3b40a5de05664059Brian Wellington t_info("dst_key_fromfile(%d) returned: %s\n",
a00c5e2151cc03c06bae5cdd3b40a5de05664059Brian Wellington ret = isc_file_mktemplate("/tmp/", tmp, sizeof(tmp));
af602636644fdfaabc331bd926b0aabb9432e152Brian Wellington t_info("dst_key_tofile(%d) returned: %s\n",
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellingtongenerate(int alg, isc_mem_t *mctx, int size, int *nfails) {
100d0d2ec64ab1a85f8c0d2da9b47ae411a10b21Brian Wellington ret = dst_key_generate(dns_rootname, alg, size, 0, 0, 0,
a49acbf201a411a47e18d136b38bbea8cf283adaBrian Wellington t_info("dst_key_generate(%d) returned: %s\n", alg,
a49acbf201a411a47e18d136b38bbea8cf283adaBrian Wellingtonstatic const char *a1 =
a49acbf201a411a47e18d136b38bbea8cf283adaBrian Wellington "the dst module provides the capability to "
a49acbf201a411a47e18d136b38bbea8cf283adaBrian Wellington "generate, store and retrieve public and private keys, "
a49acbf201a411a47e18d136b38bbea8cf283adaBrian Wellington "sign and verify data using the RSA, DSA and MD5 algorithms, "
a49acbf201a411a47e18d136b38bbea8cf283adaBrian Wellington "and compute Diffie-Hellman shared secrets.";
d1cbf714097e900ed1703529584d3e1a50e8a4a8Brian Wellington isc_result = isc_entropy_create(mctx, &ectx);
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington result = isc_entropy_createfilesource(ectx, "randomfile");
fe0e3c7707580da885bb6819e4f307986eb60cd0Brian Wellington isc_result = dst_lib_init(mctx, ectx, ISC_ENTROPY_BLOCKING);
7e8dd00fce7057d1da8158b65395a09ced43a892Brian Wellington t_info("testing use of stored keys [1]\n");
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington dns_name_fromtext(name, &b, NULL, ISC_FALSE, NULL);
58aaab3687aac838542ee4ef65a9c094a5d34ab0Michael Graff io(name, 6204, DST_ALG_DSA, DST_TYPE_PRIVATE|DST_TYPE_PUBLIC,
7e8dd00fce7057d1da8158b65395a09ced43a892Brian Wellington t_info("testing use of stored keys [2]\n");
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington io(name, 54622, DST_ALG_RSAMD5, DST_TYPE_PRIVATE|DST_TYPE_PUBLIC,
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington io(name, 0, DST_ALG_DSA, DST_TYPE_PRIVATE|DST_TYPE_PUBLIC,
7e8dd00fce7057d1da8158b65395a09ced43a892Brian Wellington t_info("testing use of stored keys [4]\n");
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington io(name, 0, DST_ALG_RSAMD5, DST_TYPE_PRIVATE|DST_TYPE_PUBLIC,
7e8dd00fce7057d1da8158b65395a09ced43a892Brian Wellington dns_name_fromtext(name, &b, NULL, ISC_FALSE, NULL);
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington dh(name, 18088, name, 48443, mctx, ISC_R_SUCCESS, &nfails, &nprobs);
1e2749dba8aae3233b8962f1efe15385e92a77d9Brian Wellington generate(DST_ALG_RSAMD5, mctx, 512, &nfails);
1e2749dba8aae3233b8962f1efe15385e92a77d9Brian Wellington * This one uses a constant.
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington generate(DST_ALG_HMACMD5, mctx, 512, &nfails);
4fe8755480c108a1232b7189fd5434ab35a6b623Brian Wellington#undef NEWSIG /* Define NEWSIG to generate the original signature file. */
0f80bfec687db08a6e6ce945ef1d818da06c7ca9Brian Wellington * Write a sig in buf to file at path.
d84ce5d5c69a7e144fb90fd4b3c349e88e4dcdddBrian Wellington unsigned char c;
d84ce5d5c69a7e144fb90fd4b3c349e88e4dcdddBrian Wellington unsigned char val;
4fe8755480c108a1232b7189fd5434ab35a6b623Brian Wellington fd = open(path, O_CREAT|O_TRUNC|O_WRONLY, S_IRWXU|S_IRWXO|S_IRWXG);
4fe8755480c108a1232b7189fd5434ab35a6b623Brian Wellington c = (unsigned char) isc_buffer_getuint8(buf);
4fe8755480c108a1232b7189fd5434ab35a6b623Brian Wellington t_info("write failed %d %d\n", rval, errno);
c7f13217d11f26739a79f0dab391ec372b49b96bBrian Wellington t_info("write failed %d %d\n", rval, errno);
c7f13217d11f26739a79f0dab391ec372b49b96bBrian Wellington#endif /* NEWSIG */
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington * Read sig in file at path to buf.
1a69a1a78cfaa86f3b68bbc965232b7876d4da2aDavid Lawrencesig_fromfile(char *path, isc_buffer_t *iscbuf) {
7e8dd00fce7057d1da8158b65395a09ced43a892Brian Wellington unsigned char val;
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington t_info("stat %s failed, errno == %d\n", path, errno);
a00c5e2151cc03c06bae5cdd3b40a5de05664059Brian Wellington buf = (char *) malloc((sb.st_size + 1) * sizeof(unsigned char));
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington t_info("malloc failed, errno == %d\n", errno);
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington t_info("open failed, errno == %d\n", errno);
0dc4e6a6aef01175b8cdd71cb757f09ba1e69c49Brian Wellington t_info("read failed %d, errno == %d\n", rval, errno);
7e8dd00fce7057d1da8158b65395a09ced43a892Brian Wellington if (*p == '\n') {
d1cbf714097e900ed1703529584d3e1a50e8a4a8Brian Wellingtont2_sigchk(char *datapath, char *sigpath, char *keyname,
d1cbf714097e900ed1703529584d3e1a50e8a4a8Brian Wellington unsigned char *p;
2c12fc4d63f1d5f9d55fc0ecb198d582da6fd7d3Brian Wellington unsigned char *data;
b984520acca2532d048eae929dc0682dd334c7a3Brian Wellington * Read data from file in a form usable by dst_verify.
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington t_info("t2_sigchk: stat (%s) failed %d\n", datapath, errno);
d692d9991a731d60b63e6389da1ebf2b2839cfabBrian Wellington data = (unsigned char *) malloc(sb.st_size * sizeof(char));
af602636644fdfaabc331bd926b0aabb9432e152Brian Wellington t_info("t2_sigchk: malloc failed %d\n", errno);
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington t_info("t2_sigchk: open failed %d\n", errno);
05b6b2e6802d503a9e131415b4720f35ab9f08d1Brian Wellington * Read key from file in a form usable by dst_verify.
05b6b2e6802d503a9e131415b4720f35ab9f08d1Brian Wellington isc_buffer_init(&b, keyname, strlen(keyname));
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington dns_name_fromtext(name, &b, dns_rootname, ISC_FALSE, NULL);
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington isc_result = dst_key_fromfile(name, id, alg, type, NULL, mctx, &key);
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington isc_buffer_init(&databuf, data, sb.st_size);
fe0e3c7707580da885bb6819e4f307986eb60cd0Brian Wellington * If we're generating a signature for the first time,
0f80bfec687db08a6e6ce945ef1d818da06c7ca9Brian Wellington * sign the data and save the signature to a file
0f80bfec687db08a6e6ce945ef1d818da06c7ca9Brian Wellington isc_buffer_init(&sigbuf, sig, sizeof(sig));
0f80bfec687db08a6e6ce945ef1d818da06c7ca9Brian Wellington isc_result = dst_context_create(key, mctx, &ctx);
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington isc_result = dst_context_adddata(ctx, &datareg);
020ebf119089ef68070d6a0df2def3142f1eeff4Brian Wellington t_info("dst_context_adddata(%d) failed %s\n",
fb01226bcd598c36b5edc566489c890c39f03ed3Brian Wellington isc_result = dst_context_sign(ctx, &sigbuf);
0f0162e6297ddf5e4abe848d27f3bcdb373189daBrian Wellington#endif /* NEWSIG */
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington isc_buffer_init(&sigbuf, sig, sizeof(sig));
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington * Read precomputed signature from file in a form usable by dst_verify.
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington * Verify that the key signed the data.
0f80bfec687db08a6e6ce945ef1d818da06c7ca9Brian Wellington isc_buffer_remainingregion(&sigbuf, &sigreg);
1e2749dba8aae3233b8962f1efe15385e92a77d9Brian Wellington isc_result = dst_context_create(key, mctx, &ctx);
4fe8755480c108a1232b7189fd5434ab35a6b623Brian Wellington isc_result = dst_context_adddata(ctx, &datareg);
4fe8755480c108a1232b7189fd5434ab35a6b623Brian Wellington t_info("dst_context_adddata returned %s\n",
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington isc_result = dst_context_verify(ctx, &sigreg);
4fe8755480c108a1232b7189fd5434ab35a6b623Brian Wellington if ( ((exp_res == 0) && (isc_result != ISC_R_SUCCESS)) ||
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington ((exp_res != 0) && (isc_result == ISC_R_SUCCESS))) {
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington t_info("dst_context_verify returned %s, expected %s\n",
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington * The astute observer will note that t1() signs then verifies data
1a69a1a78cfaa86f3b68bbc965232b7876d4da2aDavid Lawrence * during the test but that t2() verifies data that has been
1a69a1a78cfaa86f3b68bbc965232b7876d4da2aDavid Lawrence * signed at some earlier time, possibly with an entire different
1a69a1a78cfaa86f3b68bbc965232b7876d4da2aDavid Lawrence * version or implementation of the DSA and RSA algorithms
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellingtonstatic const char *a2 =
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington "the dst module provides the capability to "
1a69a1a78cfaa86f3b68bbc965232b7876d4da2aDavid Lawrence "verify data signed with the RSA and DSA algorithms";
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington * av == datafile, sigpath, keyname, keyid, alg, exp_result.
6d4886fa7430889a96dbf9b88a2a4eb6f9d04674Brian Wellington else if (! strcasecmp(alg, "DST_ALG_RSAMD5"))
4fe8755480c108a1232b7189fd5434ab35a6b623Brian Wellington isc_result = isc_entropy_create(mctx, &ectx);
0f80bfec687db08a6e6ce945ef1d818da06c7ca9Brian Wellington result = isc_entropy_createfilesource(ectx, "randomfile");
4fe8755480c108a1232b7189fd5434ab35a6b623Brian Wellington isc_result = dst_lib_init(mctx, ectx, ISC_ENTROPY_BLOCKING);
4fe8755480c108a1232b7189fd5434ab35a6b623Brian Wellington datapath, sigpath, keyname, key, alg, exp_result);