11 #if defined( __MVS__ ) || defined( __VMCMS__ )
13 #pragma convlit( suspend )
15 #if defined( __ILEC400__ )
21 #define TESTBUFFER_SIZE 256
39 #if defined( TEST_LOWLEVEL ) || defined( TEST_KEYSET )
63 printf(
"crypt%sQueryCapability() reports algorithm %d is not "
64 "available, status = %d.\n", isDevice ?
"Device" :
"",
68 #ifdef UNICODE_STRINGS
69 printf(
"cryptQueryCapability() reports availability of %S algorithm "
70 "with\n block size %d bits", cryptQueryInfo.
algoName,
73 printf(
"cryptQueryCapability() reports availability of %s algorithm "
74 "with\n block size %d bits", cryptQueryInfo.
algoName,
79 printf(
", keysize %d-%d bits (recommended = %d bits)",
91 static void initTestBuffers(
BYTE *buffer1,
BYTE *buffer2,
const int length )
93 #if defined( __MVS__ ) || defined( __VMCMS__ )
94 #pragma convlit( resume )
96 #if defined( __ILEC400__ )
97 #pragma convert( 819 )
100 memset( buffer1,
'*', length );
101 memcpy( buffer1,
"12345678", 8 );
102 if( buffer2 != NULL )
103 memcpy( buffer2, buffer1, length );
104 #if defined( __MVS__ ) || defined( __VMCMS__ )
105 #pragma convlit( suspend )
107 #if defined( __ILEC400__ )
112 static BOOLEAN checkTestBuffers(
const BYTE *buffer1,
const BYTE *buffer2 )
117 puts(
"Error: Decrypted data != original plaintext." );
120 if( !memcmp( buffer1,
"12345678****", 12 ) )
122 puts(
"\t\bIt looks like there's a problem with block chaining." );
127 if( !memcmp( buffer1,
"4321", 4 ) )
129 puts(
"\t\bIt looks like the 32-bit word endianness is reversed." );
132 if( !memcmp( buffer1,
"2143", 4 ) )
134 puts(
"\t\bIt looks like the 16-bit word endianness is reversed." );
137 if( buffer1[ 0 ] >=
'1' && buffer1[ 0 ] <=
'9' )
139 puts(
"\t\bIt looks like there's some sort of endianness problem "
140 "which is\n\t more complex than just a reversal." );
143 puts(
"\t\bIt's probably more than just an endianness problem." );
153 const BYTE *
key,
const int length )
171 printf(
"crypt%sCreateContext() failed with error code %d, "
172 "line %d.\n", isDevice ?
"Device" :
"", status, __LINE__ );
188 printf(
"Encryption mode %d selection failed with status %d, "
189 "line %d.\n", cryptMode, status, __LINE__ );
203 puts(
" Load of full-length key failed, using shorter 128-"
210 printf(
"Encryption key load failed with error code %d, "
211 "line %d.\n", status, __LINE__ );
215 if( decryptContext == NULL )
226 printf(
"crypt%sCreateContext() failed with error code %d, "
228 "Device" :
"", status, __LINE__ );
244 printf(
"Encryption mode %d selection failed with status %d, "
245 "line %d.\n", cryptMode, status, __LINE__ );
252 key, adjustKey ? 16 : length );
255 printf(
"Decryption key load failed with error code %d, "
256 "line %d.\n", status, __LINE__ );
277 buffer = localBuffer;
294 printf(
"Couldn't encrypt data, status = %d, line %d.\n",
309 printf(
"Couldn't retrieve IV after encryption, status = %d, "
310 "line %d.\n", status, __LINE__ );
317 printf(
"Couldn't load IV for decryption, status = %d, "
318 "line %d.\n", status, __LINE__ );
330 printf(
"Couldn't decrypt data, status = %d, line %d.\n",
348 printf(
"Couldn't encrypt data, status = %d, line %d.\n",
362 printf(
"Couldn't retrieve IV after encryption, status = %d, "
363 "line %d.\n", status, __LINE__ );
367 printf(
"Couldn't load IV for decryption, status = %d, "
368 "line %d.\n", status, __LINE__ );
378 printf(
"Couldn't decrypt data, status = %d, line %d.\n",
408 printf(
"Couldn't perform DH/ECDH key agreement, status = %d, "
409 "line %d.\n", status, __LINE__ );
419 "\x4E\x1F\x2F\x10\xA9\xFB\x4F\xD9\xC1\x25\x79\x7A\x36\x00\x58\xD0"
420 "\x9E\x8B\x9F\xBA\xC7\x04\x10\x77\xDB\xBC\xC9\xD1\x70\xCD\xF6\x86"
421 "\xA4\xDC\x39\xA9\x57\xD7\xC7\xE0\x87\xF2\x31\xDF\x83\x7d\x27\x0E"
422 "\xB4\xA6\x93\x3D\x11\xEB\xA5\x0E\x42\x66\x7B\x30\x50\x84\xC1\x81";
424 "\x84\x8E\x00\x3E\x49\x11\x0D\x42\x4C\x71\x6B\xB4\xCF\x13\xDD\xCD"
425 "\x12\x30\x56\xC2\x4A\x55\x3B\xD8\x30\xA2\xB8\x73\xA7\xAB\xF0\x7A"
426 "\x2E\x07\x20\xCC\xBE\xEA\x58\x03\x56\xF6\x18\x27\x28\x4F\xE1\x02"
427 "\xC6\x49\x79\x6C\xB4\x7E\x6C\xC6\x93\x2E\xF1\x46\x83\x15\x5A\xB7"
428 "\x7D\xCC\x21\xEE\x4E\x3E\x0B\x8B\x85\xEE\x08\x21\xE6\xA7\x31\x53"
429 "\x2E\x92\x3D\x2D\xB0\xD4\xA1\x30\xF4\xE9\xEB\x37\xBF\xCD\x2F\xE1"
430 "\x60\x89\x19\xB6\x8C\x01\xFB\xD8\xAC\xF5\xC7\x4B\xB4\x74\x8A\x35"
431 "\x79\xE6\xE0\x48\xBD\x9C\x9F\xD7\x4A\x1C\x8A\x58\xAB\xA9\x3C\x44";
450 memcpy( tmpBuffer, buffer, 18 );
453 memcpy( buffer,
"\x00\x02\xA5\xA5\xA5\xA5\xA5\xA5"
454 "\xA5\xA5\xA5\xA5\xA5\xA5\xA5\xA5"
466 printf(
"Couldn't encrypt data, status = %d, line %d.\n",
471 !isDevice && buffer != localBuffer && \
472 memcmp( buffer, ( length == 64 ) ? rsa512Value : rsa1024Value,
480 puts(
"The actual encrypted value doesn't match the expected value." );
483 status =
cryptDecrypt( decryptContext, buffer, length );
490 printf(
"Couldn't decrypt data even though the "
491 "encrypted input data was valid,\nstatus = "
492 "%d, line %d.\n", status, __LINE__ );
496 printf(
"Couldn't decrypt data, probably because the "
497 "data produced by the encrypt step\nwas "
498 "invalid, status = %d, line %d.\n", status,
505 memcpy( buffer, tmpBuffer, 18 );
507 buffer[ 0 ] = tmpBuffer[ 0 ];
510 if( memcmp( buffer, testBuffer, length ) )
517 puts(
"Decryption failed even though encryption produced "
518 "valid data. The RSA\ndecryption step is broken." );
522 puts(
"Decryption failed because the encryption step "
523 "produced invalid data. The RSA\nencryption step is "
531 puts(
"Decryption succeeded even though encryption produced "
532 "invalid data. The RSA\nimplementation is broken." );
552 printf(
"Couldn't %s data, status = %d, line %d.\n",
561 if( cryptContext == decryptContext )
573 printf(
"Couldn't %s data, status = %d, line %d.\n",
582 printf(
"Unknown encryption algorithm/mode %d.\n", cryptAlgo );
601 BOOLEAN modesTested[ 8 ] = { 0 }, testSucceeded =
FALSE;
608 if( !checkLowlevelInfo( cryptDevice, cryptAlgo ) )
634 status = loadContexts( &cryptContext, &decryptContext,
635 cryptDevice, cryptAlgo, cryptMode,
636 (
BYTE * )
"12345678", 8 );
641 status = loadContexts( &cryptContext, &decryptContext,
642 cryptDevice, cryptAlgo, cryptMode,
643 (
BYTE * )
"1234567887654321", 16 );
647 status = loadContexts( &cryptContext, &decryptContext,
648 cryptDevice, cryptAlgo, cryptMode,
649 (
BYTE * )
"123456788765432112345678", 24 );
660 status = loadContexts( &cryptContext, &decryptContext,
661 cryptDevice, cryptAlgo, cryptMode,
662 (
BYTE * )
"1234567890098765432112345678900987654321", 40 );
669 status = loadContexts( &cryptContext, &decryptContext,
676 status =
loadDHKey( cryptDevice, &cryptContext );
700 status = loadECDHKey( cryptDevice, &cryptContext );
705 printf(
"Unknown encryption algorithm ID %d, cannot perform "
706 "encryption test, line %d.\n", cryptAlgo, __LINE__ );
729 status =
testCrypt( cryptContext, decryptContext, buffer, isDevice,
747 puts(
"The crypto device reported that this operation isn't "
748 "available even though it\nsupports the use of "
749 "encryption objects that implement this algorithm. "
750 "This\nis probably a bare-bones device that only "
751 "supports minimal functionality (eg\nprivate-key "
752 "decryption but not encryption)." );
762 int length1, length2;
770 printf(
"Couldn't get hash information, status = %d, "
771 "line %d.\n", status, __LINE__ );
775 if( ( length1 != length2 ) || memcmp( hash1, hash2, length1 ) )
777 puts(
"Error: Hash value of identical buffers differs." );
781 if( !memcmp( hash1,
"\x00\x00\x00\x00\x00\x00\x00\x00", 8 ) || \
782 !memcmp( hash2,
"\x00\x00\x00\x00\x00\x00\x00\x00", 8 ) )
784 puts(
"Error: Hash contains all zeroes." );
798 printf(
"Deletion of hash/MAC value failed with status %d, "
799 "line %d.\n", status, __LINE__ );
804 buffer, isDevice,
FALSE ) ) )
813 printf(
"Couldn't get hash information for re-hashed data, "
814 "status = %d, line %d.\n", status, __LINE__ );
818 if( ( length1 != length2 ) || memcmp( hash1, hash2, length1 ) )
820 puts(
"Error: Hash value of re-hashed data differs." );
830 !checkTestBuffers( buffer, testBuffer ) )
838 testSucceeded =
TRUE;
840 modesTested[ cryptMode++ ] =
TRUE;
852 printf(
" Encryption modes tested:" );
869 puts(
"No processing modes were found for this algorithm.\n" );
885 puts(
"Testing ability to recover CRT components for RSA private key..." );
906 puts(
"RSA CRT component recovery test succeeded." );
920 #if defined( __WINDOWS__ ) && defined( _MSC_VER ) && ( _MSC_VER >= 1100 )
926 static unsigned long timeDiff(
unsigned long startTime )
928 unsigned long timeLSB;
931 LARGE_INTEGER performanceCount;
934 QueryPerformanceCounter( &performanceCount );
935 timeLSB = performanceCount.LowPart;
937 FILETIME dummyTime, kernelTime, userTime;
941 GetThreadTimes( GetCurrentThread(), &dummyTime, &dummyTime,
942 &kernelTime, &userTime );
943 timeLSB = userTime.dwLowDateTime;
948 if( startTime < timeLSB )
949 return( timeLSB - startTime );
950 return( ( 0xFFFFFFFF - startTime ) + 1 + timeLSB );
970 static void printTimes(
long times[ NO_TESTS + 1 ][ 8 ] )
974 for( i = 0; i < 7; i++ )
976 long timeSum = 0, timeAvg, timeDelta;
977 long timeMin = 1000000L, timeCorrSum10 = 0, timeCorrSumSD = 0;
981 int j, timesCount10 = 0, timesCountSD = 0;
984 for( j = 1; j < NO_TESTS + 1; j++ )
985 timeSum += times[ j ][ i ];
986 timeAvg = timeSum / NO_TESTS;
987 timeDelta = timeSum / 10;
997 for( j = 1; j < NO_TESTS + 1; j++ )
998 if( times[ j ][ i ] < timeMin )
999 timeMin = times[ j ][ i ];
1003 for( j = 1; j < NO_TESTS + 1; j++ )
1004 if( times[ j ][ i ] > timeAvg - timeDelta && \
1005 times[ j ][ i ] < timeAvg + timeDelta )
1007 timeCorrSum10 += times[ j ][ i ];
1010 printf(
"%6d", timeCorrSum10 / timesCount10 );
1012 printf(
"(%4d)", ( timeCorrSum10 / timesCount10 ) - timeMin );
1017 for( j = 1; j < NO_TESTS + 1; j++ )
1019 const long timeDev = times[ j ][ i ] - timeAvg;
1021 timeCorrSumSD += ( timeDev * timeDev );
1023 stdDev = timeCorrSumSD / NO_TESTS;
1024 stdDev = sqrt( stdDev );
1029 timeDelta = ( long ) stdDev * 2;
1030 for( j = 1; j < NO_TESTS + 1; j++ )
1031 if( times[ j ][ i ] > timeAvg - timeDelta && \
1032 times[ j ][ i ] < timeAvg + timeDelta )
1034 timeCorrSumSD += times[ j ][ i ];
1037 if( timesCountSD == 0 )
1039 printf(
"%6d", timeCorrSumSD / timesCountSD );
1043 printf(
" (dF = %4d, dM = %4d)\n",
1044 ( timeCorrSumSD / timesCountSD ) - timeMin,
1045 abs( ( timeCorrSumSD / timesCountSD ) - \
1046 ( timeCorrSum10 / timesCount10 ) ) );
1059 memset( buffer,
'*', length );
1060 timeVal = timeDiff( 0 );
1062 return( timeDiff( timeVal ) );
1072 encOne( cryptContext, buffer, 8 ) : 0;
1073 times[ index++ ] = encOne( cryptContext, buffer, 16 );
1074 times[ index++ ] = encOne( cryptContext, buffer, 64 );
1075 times[ index++ ] = encOne( cryptContext, buffer, 1024 );
1076 times[ index++ ] = encOne( cryptContext, buffer, 4096 );
1077 times[ index++ ] = encOne( cryptContext, buffer, 8192 );
1078 times[ index++ ] = encOne( cryptContext, buffer, 65536L );
1088 unsigned long times[ NO_TESTS + 1 ][ 8 ],
timeVal, timeSum = 0;
1091 memset( buffer, 0, 100000L );
1094 if( !checkLowlevelInfo( cryptDevice, cryptAlgo ) )
1096 for( i = 0; i < 10; i++ )
1098 timeVal = timeDiff( 0 );
1099 status = loadContexts( &cryptContext, NULL, cryptDevice,
1100 cryptAlgo, cryptMode,
1101 (
BYTE * )
"12345678901234567890",
1106 timeVal = timeDiff( timeVal );
1113 printf(
"Setup time = %d ticks.\n", timeSum / 10 );
1114 puts(
" 8 16 64 1K 4K 8K 64K" );
1115 puts(
" ---- ---- ---- ---- ---- ---- ----" );
1119 for( i = 0; i < NO_TESTS + 1; i++ )
1120 encTest( cryptContext, cryptAlgo, buffer, times[ i ] );
1121 printTimes( times );
1124 for( i = 0; i < NO_TESTS + 1; i++ )
1125 encTest( cryptContext, cryptAlgo, buffer + 1, times[ i ] );
1126 printTimes( times );
1129 for( i = 0; i < NO_TESTS + 1; i++ )
1130 encTest( cryptContext, cryptAlgo, buffer + 4, times[ i ] );
1131 printTimes( times );
1135 for( i = 0; i < 1000; i++ )
1136 timeVal += encOne( cryptContext, buffer, 1024 );
1137 printf(
"Aligned: %d ", timeVal / 1000 );
1139 for( i = 0; i < 1000; i++ )
1140 timeVal += encOne( cryptContext, buffer + 1, 1024 );
1141 printf(
"misaligned + 1: %d ", timeVal / 1000 );
1143 for( i = 0; i < 1000; i++ )
1144 timeVal += encOne( cryptContext, buffer + 4, 1024 );
1145 printf(
"misaligned + 4: %d.\n", timeVal / 1000 );
1150 void performanceTests(
const CRYPT_DEVICE cryptDevice )
1152 LARGE_INTEGER performanceCount;
1155 QueryPerformanceFrequency( &performanceCount );
1156 printf(
"Clock ticks %d times per second.\n", performanceCount.LowPart );
1157 if( ( buffer = malloc( 100000L ) ) == NULL )
1159 puts(
"Couldn't 100K allocate test buffer." );