Codebase list libcryptx-perl / 7e15d5d
wycheproof tests Karel Miko 6 years ago
2 changed file(s) with 247 addition(s) and 206 deletion(s). Raw diff Collapse all Expand all
+0
-206
t/wycheproof/test.pl less more
0 ###XXX-FIXME unfinished
1
2 # rm -f src/liballinone.a && touch CryptX.xs && make && perl -Mblib t/wycheproof/test.pl
3
4 use strict;
5 use warnings;
6
7 use Test::More;
8
9 plan skip_all => "No JSON::* module installed" unless eval { require JSON::PP } || eval { require JSON::XS } || eval { require Cpanel::JSON::XS };
10 plan tests => 716;
11
12 use CryptX;
13 use Crypt::Misc 'read_rawfile';
14
15 if (1) {
16 use Crypt::AuthEnc::GCM qw(gcm_encrypt_authenticate gcm_decrypt_verify);
17
18 my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/aes_gcm_test.json';
19 for my $g (@{$tests->{testGroups}}) {
20 my $type = $g->{type};
21 for my $t (@{$g->{tests}}) {
22 my $tcId = $t->{tcId}; # 1
23 my $comment = $t->{comment}; # ""
24 my $result = $t->{result}; # "valid"
25 my $aad = pack "H*", $t->{aad}; # "6578616d706c65"
26 my $ct = pack "H*", $t->{ct}; # "5d349ead175ef6b1def6fd"
27 my $iv = pack "H*", $t->{iv}; # "752abad3e0afb5f434dc4310"
28 my $key = pack "H*", $t->{key}; # "ee8e1ed9ff2540ae8f2ba9f50bc2f27c"
29 my $msg = pack "H*", $t->{msg}; # "48656c6c6f20776f726c64"
30 my $tag = pack "H*", $t->{tag}; # "4fbcdeb7e4793f4a1d7e4faa70100af1"
31 # do the test
32 my ($ct2, $tag2) = eval { gcm_encrypt_authenticate('AES', $key, $iv, $aad, $msg) };
33 my $pt2 = eval { gcm_decrypt_verify('AES', $key, $iv, $aad, $ct, $tag) };
34 my $testname = "type=$type tcId=$tcId comment='$comment' expected-result=$result";
35 if ($result eq 'valid') {
36 is(unpack("H*", $ct2), $t->{ct}, "$testname CT-v");
37 is(unpack("H*", $tag2), $t->{tag}, "$testname TAG-v");
38 is(unpack("H*", $pt2), $t->{msg}, "$testname PT-v");
39 }
40 else {
41 #isnt(unpack("H*", $ct2), $t->{ct}, "$testname CT-i");
42 #isnt(unpack("H*", $tag2), $t->{tag}, "$testname TAG-i");
43 is($pt2, undef, "$testname PT-i");
44 }
45 }
46 }
47 }
48
49 if (1) {
50 use Crypt::PK::RSA;
51
52 my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/rsa_signature_test.json';
53 for my $g (@{$tests->{testGroups}}) {
54 my $type = $g->{type};
55 my $keyDer = pack "H*", $g->{keyDer};
56 my $keyPem = $g->{keyPem};
57 my $sha = $g->{sha};
58 $sha =~ s/-//g; # SHA-1 >> SHA1
59 ok(Crypt::PK::RSA->new( \$keyDer ), "Crypt::PK::RSA->new + DER type: $type/$sha");
60 ok(Crypt::PK::RSA->new( \$keyPem ), "Crypt::PK::RSA->new + PEM type: $type/$sha");
61 for my $t (@{$g->{tests}}) {
62 my $tcId = $t->{tcId};
63 my $comment = $t->{comment};
64 my $result = $t->{result};
65 my $message = pack "H*", $t->{message};
66 my $sig = pack "H*", $t->{sig};
67 # do the test
68 my $testname = "type=$type/$sha tcId=$tcId comment='$comment' expected-result=$result";
69 my $pk = Crypt::PK::RSA->new( \$keyPem );
70 my $valid = $pk->verify_message($sig, $message, $sha,"v1.5");
71 if ($result =~ /^(valid|acceptable)$/) {
72 ok($valid, $testname);
73 }
74 else {
75 ok(!$valid, $testname);
76 }
77
78 }
79 }
80 }
81
82 if (1) {
83 use Crypt::PK::DSA;
84
85 my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/dsa_test.json';
86 for my $g (@{$tests->{testGroups}}) {
87 my $type = $g->{type}; # "DSAVer"
88 my $keyDer = pack "H*", $g->{keyDer};
89 my $keyPem = $g->{keyPem};
90 my $sha = $g->{sha}; # "SHA-1"
91 $sha =~ s/-//g; # SHA-1 >> SHA1
92 ok(Crypt::PK::DSA->new( \$keyDer ), "Crypt::PK::DSA->new + DER type=$type/$sha");
93 ok(Crypt::PK::DSA->new( \$keyPem ), "Crypt::PK::DSA->new + PEM type=$type/$sha");
94 for my $t (@{$g->{tests}}) {
95 my $tcId = $t->{tcId};
96 my $comment = $t->{comment};
97 my $result = $t->{result};
98 my $message = pack "H*", $t->{message};
99 my $sig = pack "H*", $t->{sig};
100 # do the test
101 my $testname = "type=$type/$sha tcId=$tcId comment='$comment' expected-result=$result";
102 my $pk = Crypt::PK::DSA->new( \$keyPem );
103 my $valid = $pk->verify_message($sig, $message, $sha);
104 if ($result =~ /^(valid|acceptable)$/) {
105 ok($valid, $testname);
106 }
107 else {
108 ok(!$valid, $testname);
109 }
110 }
111 }
112 }
113
114 if (0) {
115 use Crypt::PK::ECC;
116
117 my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/ecdsa_test.json';
118 for my $g (@{$tests->{testGroups}}) {
119 my $type = $g->{type};
120 my $keyDer = pack "H*", $g->{keyDer};
121 my $keyPem = $g->{keyPem};
122 my $sha = $g->{sha};
123 $sha =~ s/-//g; # SHA-1 >> SHA1
124 ok(Crypt::PK::ECC->new( \$keyDer ), "Crypt::PK::ECC->new + DER type=$type/$sha");
125 ok(Crypt::PK::ECC->new( \$keyPem ), "Crypt::PK::ECC->new + PEM type=$type/$sha");
126 for my $t (@{$g->{tests}}) {
127 my $tcId = $t->{tcId};
128 my $comment = $t->{comment};
129 my $result = $t->{result};
130 my $message = pack "H*", $t->{message};
131 my $sig = pack "H*", $t->{sig};
132 # do the test
133 my $testname = "type=$type/$sha tcId=$tcId comment='$comment' expected-result=$result";
134 my $pk = Crypt::PK::ECC->new( \$keyPem );
135 my $valid = $pk->verify_message($sig, $message, $sha);
136 if ($result =~ /^(valid|acceptable)$/) {
137 ok($valid, "$testname verify_message=$valid");
138 }
139 else {
140 ok(!$valid, "$testname verify_message=$valid");
141 }
142 }
143 }
144 }
145
146 if (0) {
147 use Crypt::PK::ECC;
148
149 my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/ecdsa_webcrypto_test.json';
150 for my $g (@{$tests->{testGroups}}) {
151 my $type = $g->{type};
152 my $keyDer = pack "H*", $g->{keyDer};
153 my $keyPem = $g->{keyPem};
154 my $sha = $g->{sha};
155 my $jwk = $g->{jwk};
156 $sha =~ s/-//g; # SHA-1 >> SHA1
157 ok(Crypt::PK::ECC->new( \$keyDer ), "Crypt::PK::ECC->new + DER type=$type/$sha");
158 ok(Crypt::PK::ECC->new( \$keyPem ), "Crypt::PK::ECC->new + PEM type=$type/$sha");
159 ok(Crypt::PK::ECC->new( $jwk ), "Crypt::PK::ECC->new + JWK type=$type/$sha");
160 for my $t (@{$g->{tests}}) {
161 my $tcId = $t->{tcId};
162 my $comment = $t->{comment};
163 my $result = $t->{result};
164 my $message = pack "H*", $t->{message};
165 my $sig = pack "H*", $t->{sig};
166 # do the test
167 my $testname = "type=$type/$sha tcId=$tcId comment='$comment' expected-result=$result";
168 my $pk = Crypt::PK::ECC->new( \$keyPem );
169 my $valid = $pk->verify_message($sig, $message, $sha);
170 if ($result =~ /^(valid|acceptable)$/) {
171 ok($valid, "$testname verify_message=$valid");
172 }
173 else {
174 ok(!$valid, "$testname verify_message=$valid");
175 }
176 }
177 }
178 }
179
180 if (0) {
181 use Crypt::PK::ECC;
182
183 my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/ecdh_webcrypto_test.json';
184 for my $g (@{$tests->{testGroups}}) {
185 my $type = $g->{type};
186 for my $t (@{$g->{tests}}) {
187 my $tcId = $t->{tcId};
188 my $comment = $t->{comment};
189 my $name = $t->{name};
190 my $result = $t->{result};
191 my $shared = pack "H*", $t->{shared};
192 # do the test
193 my $testname = "type=$type/$name tcId=$tcId comment='$comment' expected-result=$result";
194 my $pub = Crypt::PK::ECC->new( $t->{public} );
195 my $pri = Crypt::PK::ECC->new( $t->{private} );
196 my $shared_hex = unpack "H*", $pri->shared_secret($pub);
197 if ($result =~ /^(valid|acceptable)$/) {
198 is($shared_hex, $t->{shared}, $testname);
199 }
200 else {
201 isnt($shared_hex, $t->{shared}, $testname);
202 }
203 }
204 }
205 }
+247
-0
t/wycheproof.t less more
0 # rebuild:
1 # rm -f src/liballinone.a && touch CryptX.xs && make && perl -Mblib t/wycheproof.t
2
3 use strict;
4 use warnings;
5
6 use Test::More;
7
8 plan skip_all => "No JSON::* module installed" unless eval { require JSON::PP } || eval { require JSON::XS } || eval { require Cpanel::JSON::XS };
9 plan tests => 762;
10
11 use CryptX;
12 use Crypt::Misc 'read_rawfile';
13
14 if (1) {
15 use Crypt::AuthEnc::GCM qw(gcm_encrypt_authenticate gcm_decrypt_verify);
16
17 my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/aes_gcm_test.json';
18 for my $g (@{$tests->{testGroups}}) {
19 my $type = $g->{type};
20 for my $t (@{$g->{tests}}) {
21 my $tcId = $t->{tcId}; # 1
22 my $comment = $t->{comment}; # ""
23 my $result = $t->{result}; # "valid"
24 my $aad = pack "H*", $t->{aad}; # "6578616d706c65"
25 my $ct = pack "H*", $t->{ct}; # "5d349ead175ef6b1def6fd"
26 my $iv = pack "H*", $t->{iv}; # "752abad3e0afb5f434dc4310"
27 my $key = pack "H*", $t->{key}; # "ee8e1ed9ff2540ae8f2ba9f50bc2f27c"
28 my $msg = pack "H*", $t->{msg}; # "48656c6c6f20776f726c64"
29 my $tag = pack "H*", $t->{tag}; # "4fbcdeb7e4793f4a1d7e4faa70100af1"
30 # do the test
31 my ($ct2, $tag2) = eval { gcm_encrypt_authenticate('AES', $key, $iv, $aad, $msg) };
32 my $pt2 = eval { gcm_decrypt_verify('AES', $key, $iv, $aad, $ct, $tag) };
33 my $testname = "type=$type tcId=$tcId comment='$comment' expected-result=$result";
34 if ($result eq 'valid') {
35 is(unpack("H*", $ct2), $t->{ct}, "$testname CT-v");
36 is(unpack("H*", $tag2), $t->{tag}, "$testname TAG-v");
37 is(unpack("H*", $pt2), $t->{msg}, "$testname PT-v");
38 }
39 elsif ($result eq 'invalid') {
40 #isnt(unpack("H*", $ct2), $t->{ct}, "$testname CT-i");
41 #isnt(unpack("H*", $tag2), $t->{tag}, "$testname TAG-i");
42 is($pt2, undef, "$testname PT-i");
43 }
44 else {
45 ok(0, "UNEXPECTED result=$result");
46 }
47 }
48 }
49 }
50
51 if (1) {
52 use Crypt::PK::RSA;
53
54 my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/rsa_signature_test.json';
55 for my $g (@{$tests->{testGroups}}) {
56 my $type = $g->{type};
57 my $keyDer = pack "H*", $g->{keyDer};
58 my $keyPem = $g->{keyPem};
59 my $sha = $g->{sha};
60 $sha =~ s/-//g; # SHA-1 >> SHA1
61 ok(Crypt::PK::RSA->new( \$keyDer ), "Crypt::PK::RSA->new + DER type: $type/$sha");
62 ok(Crypt::PK::RSA->new( \$keyPem ), "Crypt::PK::RSA->new + PEM type: $type/$sha");
63 for my $t (@{$g->{tests}}) {
64 my $tcId = $t->{tcId};
65 my $comment = $t->{comment};
66 my $result = $t->{result};
67 my $message = pack "H*", $t->{message};
68 my $sig = pack "H*", $t->{sig};
69 # do the test
70 my $testname = "type=$type/$sha tcId=$tcId comment='$comment' expected-result=$result";
71 my $pk = Crypt::PK::RSA->new( \$keyPem );
72 my $valid = $pk->verify_message($sig, $message, $sha,"v1.5");
73 if ($result eq 'valid' || $result eq 'acceptable') {
74 ok($valid, $testname);
75 }
76 elsif ($result eq 'invalid') {
77 ok(!$valid, $testname);
78 }
79 else {
80 ok(0, "UNEXPECTED result=$result");
81 }
82 }
83 }
84 }
85
86 if (1) {
87 use Crypt::PK::DSA;
88
89 my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/dsa_test.json';
90 for my $g (@{$tests->{testGroups}}) {
91 my $type = $g->{type}; # "DSAVer"
92 my $keyDer = pack "H*", $g->{keyDer};
93 my $keyPem = $g->{keyPem};
94 my $sha = $g->{sha}; # "SHA-1"
95 $sha =~ s/-//g; # SHA-1 >> SHA1
96 ok(Crypt::PK::DSA->new( \$keyDer ), "Crypt::PK::DSA->new + DER type=$type/$sha");
97 ok(Crypt::PK::DSA->new( \$keyPem ), "Crypt::PK::DSA->new + PEM type=$type/$sha");
98 for my $t (@{$g->{tests}}) {
99 my $tcId = $t->{tcId};
100 my $comment = $t->{comment};
101 my $result = $t->{result};
102 my $message = pack "H*", $t->{message};
103 my $sig = pack "H*", $t->{sig};
104 # skip unsupported tests:
105 next if $tcId==12 && $result eq 'acceptable' && $comment eq "Legacy:ASN encoding of s misses leading 0";
106 next if $tcId==13 && $result eq 'acceptable' && $comment eq "BER:long form encoding of length";
107 next if $tcId==14 && $result eq 'acceptable' && $comment eq "BER:long form encoding of length";
108 next if $tcId==15 && $result eq 'acceptable' && $comment eq "BER:long form encoding of length";
109 next if $tcId==16 && $result eq 'acceptable' && $comment eq "BER:length contains leading 0";
110 next if $tcId==17 && $result eq 'acceptable' && $comment eq "BER:length contains leading 0";
111 next if $tcId==18 && $result eq 'acceptable' && $comment eq "BER:length contains leading 0";
112 next if $tcId==19 && $result eq 'acceptable' && $comment eq "BER:indefinite length";
113 next if $tcId==20 && $result eq 'acceptable' && $comment eq "BER:prepending 0's to integer";
114 next if $tcId==21 && $result eq 'acceptable' && $comment eq "BER:prepending 0's to integer";
115 # do the test
116 my $testname = "type=$type/$sha tcId=$tcId comment='$comment' expected-result=$result";
117 my $pk = Crypt::PK::DSA->new( \$keyPem );
118 my $valid = $pk->verify_message($sig, $message, $sha);
119 if ($result eq 'valid' || $result eq 'acceptable') {
120 ok($valid, $testname);
121 }
122 elsif ($result eq 'invalid') {
123 ok(!$valid, $testname);
124 }
125 else {
126 ok(0, "UNEXPECTED result=$result");
127 }
128 }
129 }
130 }
131
132 if (0) {
133 #XXX-TODO:
134 # not ok 749 - type=ECDSAVer/SHA256 tcId=50 comment='appending unused 0's' expected-result=invalid verify_message=1
135 # not ok 819 - type=ECDSAVer/SHA256 tcId=120 comment='Modified r or s, e.g. by adding or subtracting the order of the group' expected-result=invalid verify_message=1
136 # not ok 820 - type=ECDSAVer/SHA256 tcId=121 comment='Modified r or s, e.g. by adding or subtracting the order of the group' expected-result=invalid verify_message=1
137 # not ok 821 - type=ECDSAVer/SHA256 tcId=122 comment='Modified r or s, e.g. by adding or subtracting the order of the group' expected-result=invalid verify_message=1
138
139 use Crypt::PK::ECC;
140
141 my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/ecdsa_test.json';
142 for my $g (@{$tests->{testGroups}}) {
143 my $type = $g->{type};
144 my $keyDer = pack "H*", $g->{keyDer};
145 my $keyPem = $g->{keyPem};
146 my $sha = $g->{sha};
147 $sha =~ s/-//g; # SHA-1 >> SHA1
148 ok(Crypt::PK::ECC->new( \$keyDer ), "Crypt::PK::ECC->new + DER type=$type/$sha");
149 ok(Crypt::PK::ECC->new( \$keyPem ), "Crypt::PK::ECC->new + PEM type=$type/$sha");
150 for my $t (@{$g->{tests}}) {
151 my $tcId = $t->{tcId};
152 my $comment = $t->{comment};
153 my $result = $t->{result};
154 my $message = pack "H*", $t->{message};
155 my $sig = pack "H*", $t->{sig};
156 # do the test
157 my $testname = "type=$type/$sha tcId=$tcId comment='$comment' expected-result=$result";
158 my $pk = Crypt::PK::ECC->new( \$keyPem );
159 my $valid = $pk->verify_message($sig, $message, $sha);
160 if ($result eq 'valid') {
161 ok($valid, "$testname verify_message=$valid");
162 }
163 elsif ($result eq 'acceptable') {
164 #XXX-TODO
165 #ok($valid, "$testname verify_message=$valid");
166 }
167 elsif ($result eq 'invalid') {
168 ok(!$valid, "$testname verify_message=$valid");
169 }
170 else {
171 ok(0, "UNEXPECTED result=$result");
172 }
173 }
174 }
175 }
176
177 if (0) {
178 use Crypt::PK::ECC;
179
180 my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/ecdsa_webcrypto_test.json';
181 for my $g (@{$tests->{testGroups}}) {
182 my $type = $g->{type};
183 my $keyDer = pack "H*", $g->{keyDer};
184 my $keyPem = $g->{keyPem};
185 my $sha = $g->{sha};
186 my $jwk = $g->{jwk};
187 $sha =~ s/-//g; # SHA-1 >> SHA1
188 ok(Crypt::PK::ECC->new( \$keyDer ), "Crypt::PK::ECC->new + DER type=$type/$sha");
189 ok(Crypt::PK::ECC->new( \$keyPem ), "Crypt::PK::ECC->new + PEM type=$type/$sha");
190 ok(Crypt::PK::ECC->new( $jwk ), "Crypt::PK::ECC->new + JWK type=$type/$sha");
191 for my $t (@{$g->{tests}}) {
192 my $tcId = $t->{tcId};
193 my $comment = $t->{comment};
194 my $result = $t->{result};
195 my $message = pack "H*", $t->{message};
196 my $sig = pack "H*", $t->{sig};
197 # do the test
198 my $testname = "type=$type/$sha tcId=$tcId comment='$comment' expected-result=$result";
199 my $pk = Crypt::PK::ECC->new( \$keyPem );
200 my $valid = $pk->verify_message($sig, $message, $sha);
201 if ($result eq 'valid') {
202 ok($valid, "$testname verify_message=$valid");
203 }
204 elsif ($result eq 'acceptable') {
205 #XXX-TODO
206 #ok($valid, "$testname verify_message=$valid");
207 }
208 elsif ($result eq 'invalid') {
209 ok(!$valid, "$testname verify_message=$valid");
210 }
211 else {
212 ok(0, "UNEXPECTED result=$result");
213 }
214 }
215 }
216 }
217
218 if (1) {
219 use Crypt::PK::ECC;
220
221 my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/ecdh_webcrypto_test.json';
222 for my $g (@{$tests->{testGroups}}) {
223 my $type = $g->{type};
224 for my $t (@{$g->{tests}}) {
225 my $tcId = $t->{tcId};
226 my $comment = $t->{comment};
227 my $name = $t->{name};
228 my $result = $t->{result};
229 my $shared = pack "H*", $t->{shared};
230 # do the test
231 my $testname = "type=$type/$name tcId=$tcId comment='$comment' expected-result=$result";
232 my $pub = Crypt::PK::ECC->new( $t->{public} );
233 my $pri = Crypt::PK::ECC->new( $t->{private} );
234 my $shared_hex = unpack "H*", $pri->shared_secret($pub);
235 if ($result eq 'valid' || $result eq 'acceptable') {
236 is($shared_hex, $t->{shared}, $testname);
237 }
238 elsif ($result eq 'invalid') {
239 isnt($shared_hex, $t->{shared}, $testname);
240 }
241 else {
242 ok(0, "UNEXPECTED result=$result");
243 }
244 }
245 }
246 }