diff options
Diffstat (limited to 'roms/ipxe/src/tests/pubkey_test.h')
-rw-r--r-- | roms/ipxe/src/tests/pubkey_test.h | 175 |
1 files changed, 175 insertions, 0 deletions
diff --git a/roms/ipxe/src/tests/pubkey_test.h b/roms/ipxe/src/tests/pubkey_test.h new file mode 100644 index 000000000..7678453a9 --- /dev/null +++ b/roms/ipxe/src/tests/pubkey_test.h @@ -0,0 +1,175 @@ +#ifndef _PUBKEY_TEST_H +#define _PUBKEY_TEST_H + +FILE_LICENCE ( GPL2_OR_LATER ); + +#include <stdint.h> +#include <ipxe/crypto.h> +#include <ipxe/test.h> + +/** + * Report public key decryption test result + * + * @v pubkey Public key algorithm + * @v key Key + * @v key_len Key length + * @v ciphertext Ciphertext + * @v ciphertext_len Ciphertext length + * @v expected Expected plaintext + * @v expected_len Expected plaintext length + */ +#define pubkey_decrypt_ok( pubkey, key, key_len, ciphertext, \ + ciphertext_len, expected, expected_len ) do {\ + uint8_t ctx[ (pubkey)->ctxsize ]; \ + \ + ok ( pubkey_init ( (pubkey), ctx, (key), (key_len) ) == 0 ); \ + { \ + size_t max_len = pubkey_max_len ( (pubkey), ctx ); \ + uint8_t decrypted[ max_len ]; \ + int decrypted_len; \ + \ + decrypted_len = pubkey_decrypt ( (pubkey), ctx, \ + (ciphertext), \ + (ciphertext_len), \ + decrypted ); \ + ok ( decrypted_len == ( ( int ) (expected_len) ) ); \ + ok ( memcmp ( decrypted, (expected), \ + (expected_len) ) == 0 ); \ + } \ + pubkey_final ( (pubkey), ctx ); \ + } while ( 0 ) + +/** + * Report public key encryption and decryption test result + * + * @v pubkey Public key algorithm + * @v encrypt_key Encryption key + * @v encrypt_key_len Encryption key length + * @v decrypt_key Decryption key + * @v decrypt_key_len Decryption key length + * @v plaintext Plaintext + * @v plaintext_len Plaintext length + */ +#define pubkey_encrypt_ok( pubkey, encrypt_key, encrypt_key_len, \ + decrypt_key, decrypt_key_len, plaintext, \ + plaintext_len ) do { \ + uint8_t ctx[ (pubkey)->ctxsize ]; \ + \ + ok ( pubkey_init ( (pubkey), ctx, (encrypt_key), \ + (encrypt_key_len) ) == 0 ); \ + { \ + size_t max_len = pubkey_max_len ( (pubkey), ctx ); \ + uint8_t encrypted[ max_len ]; \ + int encrypted_len; \ + \ + encrypted_len = pubkey_encrypt ( (pubkey), ctx, \ + (plaintext), \ + (plaintext_len), \ + encrypted ); \ + ok ( encrypted_len >= 0 ); \ + pubkey_decrypt_ok ( (pubkey), (decrypt_key), \ + (decrypt_key_len), encrypted, \ + encrypted_len, (plaintext), \ + (plaintext_len) ); \ + } \ + pubkey_final ( (pubkey), ctx ); \ + } while ( 0 ) + +/** + * Report public key signature test result + * + * @v pubkey Public key algorithm + * @v key Key + * @v key_len Key length + * @v digest Digest algorithm + * @v plaintext Plaintext + * @v plaintext_len Plaintext length + * @v expected Expected signature + * @v expected_len Expected signature length + */ +#define pubkey_sign_ok( pubkey, key, key_len, digest, plaintext, \ + plaintext_len, expected, expected_len ) do { \ + uint8_t ctx[ (pubkey)->ctxsize ]; \ + uint8_t digestctx[ (digest)->ctxsize ]; \ + uint8_t digestout[ (digest)->digestsize ]; \ + \ + digest_init ( (digest), digestctx ); \ + digest_update ( (digest), digestctx, (plaintext), \ + (plaintext_len) ); \ + digest_final ( (digest), digestctx, digestout ); \ + \ + ok ( pubkey_init ( (pubkey), ctx, (key), (key_len) ) == 0 ); \ + { \ + size_t max_len = pubkey_max_len ( (pubkey), ctx ); \ + uint8_t signature[ max_len ]; \ + int signature_len; \ + \ + signature_len = pubkey_sign ( (pubkey), ctx, (digest), \ + digestout, signature ); \ + ok ( signature_len == ( ( int ) (expected_len) ) ); \ + ok ( memcmp ( signature, (expected), \ + (expected_len) ) == 0 ); \ + } \ + pubkey_final ( (pubkey), ctx ); \ + } while ( 0 ) + +/** + * Report public key verification test result + * + * @v pubkey Public key algorithm + * @v key Key + * @v key_len Key length + * @v digest Digest algorithm + * @v plaintext Plaintext + * @v plaintext_len Plaintext length + * @v signature Signature + * @v signature_len Signature length + */ +#define pubkey_verify_ok( pubkey, key, key_len, digest, plaintext, \ + plaintext_len, signature, signature_len ) do {\ + uint8_t ctx[ (pubkey)->ctxsize ]; \ + uint8_t digestctx[ (digest)->ctxsize ]; \ + uint8_t digestout[ (digest)->digestsize ]; \ + \ + digest_init ( (digest), digestctx ); \ + digest_update ( (digest), digestctx, (plaintext), \ + (plaintext_len) ); \ + digest_final ( (digest), digestctx, digestout ); \ + \ + ok ( pubkey_init ( (pubkey), ctx, (key), (key_len) ) == 0 ); \ + ok ( pubkey_verify ( (pubkey), ctx, (digest), digestout, \ + (signature), (signature_len) ) == 0 ); \ + pubkey_final ( (pubkey), ctx ); \ + } while ( 0 ) + +/** + * Report public key verification test result + * + * @v pubkey Public key algorithm + * @v key Key + * @v key_len Key length + * @v digest Digest algorithm + * @v plaintext Plaintext + * @v plaintext_len Plaintext length + * @v signature Signature + * @v signature_len Signature length + */ +#define pubkey_verify_fail_ok( pubkey, key, key_len, digest, plaintext, \ + plaintext_len, signature, \ + signature_len ) do { \ + uint8_t ctx[ (pubkey)->ctxsize ]; \ + uint8_t digestctx[ (digest)->ctxsize ]; \ + uint8_t digestout[ (digest)->digestsize ]; \ + \ + digest_init ( (digest), digestctx ); \ + digest_update ( (digest), digestctx, (plaintext), \ + (plaintext_len) ); \ + digest_final ( (digest), digestctx, digestout ); \ + \ + ok ( pubkey_init ( (pubkey), ctx, (key), (key_len) ) == 0 ); \ + ok ( pubkey_verify ( (pubkey), ctx, (digest), digestout, \ + (signature), (signature_len) ) != 0 ); \ + pubkey_final ( (pubkey), ctx ); \ + } while ( 0 ) + +#endif /* _PUBKEY_TEST_H */ |