5 #define CRYPTOPP_ENABLE_NAMESPACE_WEAK 1
47 #if (CRYPTOPP_MSC_VERSION >= 1410)
48 # pragma strict_gs_check (on)
52 #if CRYPTOPP_MSC_VERSION
53 # pragma warning(disable: 4996)
56 #if CRYPTOPP_GCC_DIAGNOSTIC_AVAILABLE
57 # pragma GCC diagnostic ignored "-Wdeprecated-declarations"
70 m_source.Get(output, size);
79 cout <<
"\nBlumBlumShub validation suite running...\n\n";
81 Integer p(
"212004934506826557583707108431463840565872545889679278744389317666981496005411448865750399674653351");
82 Integer q(
"100677295735404212434355574418077394581488455772477016953458064183204108039226017738610663984508231");
83 Integer seed(
"63239752671357255800299643604761065219897634268887145610573595874544114193025997412441121667211431");
85 bool pass =
true, fail;
88 static const byte output1[] = {
89 0x49,0xEA,0x2C,0xFD,0xB0,0x10,0x64,0xA0,0xBB,0xB9,
90 0x2A,0xF1,0x01,0xDA,0xC1,0x8A,0x94,0xF7,0xB7,0xCE};
91 static const byte output2[] = {
92 0x74,0x45,0x48,0xAE,0xAC,0xB7,0x0E,0xDF,0xAF,0xD7,
93 0xD5,0x0E,0x8E,0x29,0x83,0x75,0x6B,0x27,0x46,0xA1};
99 bbs.GenerateBlock(buf, 20);
100 fail = memcmp(output1, buf, 20) != 0;
101 pass = pass && !fail;
103 cout << (fail ?
"FAILED " :
"passed ");
105 cout << setw(2) << setfill(
'0') << hex << (int)buf[j];
109 bbs.GenerateBlock(buf, 10);
110 fail = memcmp(output1+10, buf, 10) != 0;
111 pass = pass && !fail;
113 cout << (fail ?
"FAILED " :
"passed ");
115 cout << setw(2) << setfill(
'0') << hex << (int)buf[j];
119 bbs.GenerateBlock(buf, 20);
120 fail = memcmp(output2, buf, 20) != 0;
121 pass = pass && !fail;
123 cout << (fail ?
"FAILED " :
"passed ");
125 cout << setw(2) << setfill(
'0') << hex << (int)buf[j];
133 bool pass =
true, fail;
136 pass = pass && !fail;
138 cout << (fail ?
"FAILED " :
"passed ");
139 cout <<
"signature key validation\n";
141 const byte *message = (
byte *)
"test message";
142 const int messageLen = 12;
145 size_t signatureLength = priv.
SignMessage(GlobalRNG(), message, messageLen, signature);
146 fail = !pub.
VerifyMessage(message, messageLen, signature, signatureLength);
147 pass = pass && !fail;
149 cout << (fail ?
"FAILED " :
"passed ");
150 cout <<
"signature and verification\n";
153 fail = pub.
VerifyMessage(message, messageLen, signature, signatureLength);
154 pass = pass && !fail;
156 cout << (fail ?
"FAILED " :
"passed ");
157 cout <<
"checking invalid signature" << endl;
165 pass = pass && !fail;
167 cout << (fail ?
"FAILED " :
"passed ");
168 cout <<
"signature and verification with recovery" << endl;
171 result = pub.
RecoverMessage(recovered, NULL, 0, signature, signatureLength);
173 pass = pass && !fail;
175 cout << (fail ?
"FAILED " :
"passed ");
176 cout <<
"recovery with invalid signature" << endl;
184 bool pass =
true, fail;
187 pass = pass && !fail;
189 cout << (fail ?
"FAILED " :
"passed ");
190 cout <<
"cryptosystem key validation\n";
192 const byte *message = (
byte *)
"test message";
193 const int messageLen = 12;
197 pub.
Encrypt(GlobalRNG(), message, messageLen, ciphertext);
199 fail = fail || memcmp(message, plaintext, messageLen);
200 pass = pass && !fail;
202 cout << (fail ?
"FAILED " :
"passed ");
203 cout <<
"encryption and decryption\n";
210 if (d.GetCryptoParameters().Validate(GlobalRNG(), 3))
211 cout <<
"passed simple key agreement domain parameters validation" << endl;
214 cout <<
"FAILED simple key agreement domain parameters invalid" << endl;
218 SecByteBlock priv1(d.PrivateKeyLength()), priv2(d.PrivateKeyLength());
219 SecByteBlock pub1(d.PublicKeyLength()), pub2(d.PublicKeyLength());
220 SecByteBlock val1(d.AgreedValueLength()), val2(d.AgreedValueLength());
222 d.GenerateKeyPair(GlobalRNG(), priv1, pub1);
223 d.GenerateKeyPair(GlobalRNG(), priv2, pub2);
225 memset(val1.begin(), 0x10, val1.size());
226 memset(val2.begin(), 0x11, val2.size());
228 if (!(d.Agree(val1, priv1, pub2) && d.Agree(val2, priv2, pub1)))
230 cout <<
"FAILED simple key agreement failed" << endl;
234 if (memcmp(val1.begin(), val2.begin(), d.AgreedValueLength()))
236 cout <<
"FAILED simple agreed values not equal" << endl;
240 cout <<
"passed simple key agreement" << endl;
246 if (d.GetCryptoParameters().Validate(GlobalRNG(), 3))
247 cout <<
"passed authenticated key agreement domain parameters validation" << endl;
250 cout <<
"FAILED authenticated key agreement domain parameters invalid" << endl;
254 SecByteBlock spriv1(d.StaticPrivateKeyLength()), spriv2(d.StaticPrivateKeyLength());
255 SecByteBlock epriv1(d.EphemeralPrivateKeyLength()), epriv2(d.EphemeralPrivateKeyLength());
256 SecByteBlock spub1(d.StaticPublicKeyLength()), spub2(d.StaticPublicKeyLength());
257 SecByteBlock epub1(d.EphemeralPublicKeyLength()), epub2(d.EphemeralPublicKeyLength());
258 SecByteBlock val1(d.AgreedValueLength()), val2(d.AgreedValueLength());
260 d.GenerateStaticKeyPair(GlobalRNG(), spriv1, spub1);
261 d.GenerateStaticKeyPair(GlobalRNG(), spriv2, spub2);
262 d.GenerateEphemeralKeyPair(GlobalRNG(), epriv1, epub1);
263 d.GenerateEphemeralKeyPair(GlobalRNG(), epriv2, epub2);
265 memset(val1.begin(), 0x10, val1.size());
266 memset(val2.begin(), 0x11, val2.size());
268 if (!(d.Agree(val1, spriv1, epriv1, spub2, epub2) && d.Agree(val2, spriv2, epriv2, spub1, epub1)))
270 cout <<
"FAILED authenticated key agreement failed" << endl;
274 if (memcmp(val1.begin(), val2.begin(), d.AgreedValueLength()))
276 cout <<
"FAILED authenticated agreed values not equal" << endl;
280 cout <<
"passed authenticated key agreement" << endl;
286 cout <<
"\nRSA validation suite running...\n\n";
288 byte out[100], outPlain[100];
289 bool pass =
true, fail;
292 const char *plain =
"Everyone gets Friday off.";
293 static const byte signature[] =
294 "\x05\xfa\x6a\x81\x2f\xc7\xdf\x8b\xf4\xf2\x54\x25\x09\xe0\x3e\x84"
295 "\x6e\x11\xb9\xc6\x20\xbe\x20\x09\xef\xb4\x40\xef\xbc\xc6\x69\x21"
296 "\x69\x94\xac\x04\xf3\x41\xb5\x7d\x05\x20\x2d\x42\x8f\xb2\xa2\x7b"
297 "\x5c\x77\xdf\xd9\xb1\x5b\xfc\x3d\x55\x93\x53\x50\x34\x10\xc1\xe1";
303 size_t signatureLength = rsaPriv.SignMessage(GlobalRNG(), (
byte *)plain, strlen(plain), out);
304 fail = memcmp(signature, out, 64) != 0;
305 pass = pass && !fail;
307 cout << (fail ?
"FAILED " :
"passed ");
308 cout <<
"signature check against test vector\n";
310 fail = !rsaPub.VerifyMessage((
byte *)plain, strlen(plain), out, signatureLength);
311 pass = pass && !fail;
313 cout << (fail ?
"FAILED " :
"passed ");
314 cout <<
"verification check against test vector\n";
317 fail = rsaPub.VerifyMessage((
byte *)plain, strlen(plain), out, signatureLength);
318 pass = pass && !fail;
320 cout << (fail ?
"FAILED " :
"passed ");
321 cout <<
"invalid signature verification\n";
328 pass = CryptoSystemValidate(rsaPriv, rsaPub) && pass;
334 pass = CryptoSystemValidate(rsaPriv, rsaPub) && pass;
337 byte *plain = (
byte *)
338 "\x54\x85\x9b\x34\x2c\x49\xea\x2a";
339 static const byte encrypted[] =
340 "\x14\xbd\xdd\x28\xc9\x83\x35\x19\x23\x80\xe8\xe5\x49\xb1\x58\x2a"
341 "\x8b\x40\xb4\x48\x6d\x03\xa6\xa5\x31\x1f\x1f\xd5\xf0\xa1\x80\xe4"
342 "\x17\x53\x03\x29\xa9\x34\x90\x74\xb1\x52\x13\x54\x29\x08\x24\x52"
344 static const byte oaepSeed[] =
345 "\xaa\xfd\x12\xf6\x59\xca\xe6\x34\x89\xb4\x79\xe5\x07\x6d\xde\xc2"
348 bq.
Put(oaepSeed, 20);
354 rsaPriv.AccessKey().BERDecodePrivateKey(privFile,
false, 0);
358 memset(outPlain, 0, 8);
359 rsaPub.Encrypt(rng, plain, 8, out);
360 DecodingResult result = rsaPriv.FixedLengthDecrypt(GlobalRNG(), encrypted, outPlain);
362 pass = pass && !fail;
364 cout << (fail ?
"FAILED " :
"passed ");
365 cout <<
"PKCS 2.0 encryption and decryption\n";
373 cout <<
"\nDH validation suite running...\n\n";
377 return SimpleKeyAgreementValidate(dh);
382 cout <<
"\nMQV validation suite running...\n\n";
386 return AuthenticatedKeyAgreementValidate(mqv);
391 std::cout <<
"\nHMQV validation suite running...\n\n";
398 hmqvB.AccessGroupParameters().BERDecode(f256);
400 std::cout <<
"HMQV with NIST P-256 and SHA-256:" << std::endl;
402 if (hmqvB.GetCryptoParameters().Validate(GlobalRNG(), 3))
403 std::cout <<
"passed authenticated key agreement domain parameters validation (server)" << std::endl;
406 std::cout <<
"FAILED authenticated key agreement domain parameters invalid (server)" << std::endl;
410 const OID oid = ASN1::secp256r1();
413 if (hmqvA.GetCryptoParameters().Validate(GlobalRNG(), 3))
414 std::cout <<
"passed authenticated key agreement domain parameters validation (client)" << std::endl;
417 std::cout <<
"FAILED authenticated key agreement domain parameters invalid (client)" << std::endl;
421 SecByteBlock sprivA(hmqvA.StaticPrivateKeyLength()), sprivB(hmqvB.StaticPrivateKeyLength());
422 SecByteBlock eprivA(hmqvA.EphemeralPrivateKeyLength()), eprivB(hmqvB.EphemeralPrivateKeyLength());
423 SecByteBlock spubA(hmqvA.StaticPublicKeyLength()), spubB(hmqvB.StaticPublicKeyLength());
424 SecByteBlock epubA(hmqvA.EphemeralPublicKeyLength()), epubB(hmqvB.EphemeralPublicKeyLength());
425 SecByteBlock valA(hmqvA.AgreedValueLength()), valB(hmqvB.AgreedValueLength());
427 hmqvA.GenerateStaticKeyPair(GlobalRNG(), sprivA, spubA);
428 hmqvB.GenerateStaticKeyPair(GlobalRNG(), sprivB, spubB);
429 hmqvA.GenerateEphemeralKeyPair(GlobalRNG(), eprivA, epubA);
430 hmqvB.GenerateEphemeralKeyPair(GlobalRNG(), eprivB, epubB);
432 memset(valA.begin(), 0x00, valA.size());
433 memset(valB.begin(), 0x11, valB.size());
435 if (!(hmqvA.Agree(valA, sprivA, eprivA, spubB, epubB) && hmqvB.Agree(valB, sprivB, eprivB, spubA, epubA)))
437 std::cout <<
"FAILED authenticated key agreement failed" << std::endl;
441 if (memcmp(valA.begin(), valB.begin(), hmqvA.AgreedValueLength()))
443 std::cout <<
"FAILED authenticated agreed values not equal" << std::endl;
447 std::cout <<
"passed authenticated key agreement" << std::endl;
451 std::cout <<
"HMQV with NIST P-384 and SHA-384:" << std::endl;
454 hmqvB384.AccessGroupParameters().BERDecode(f384);
456 if (hmqvB384.GetCryptoParameters().Validate(GlobalRNG(), 3))
457 std::cout <<
"passed authenticated key agreement domain parameters validation (server)" << std::endl;
460 std::cout <<
"FAILED authenticated key agreement domain parameters invalid (server)" << std::endl;
464 const OID oid384 = ASN1::secp384r1();
467 if (hmqvA384.GetCryptoParameters().Validate(GlobalRNG(), 3))
468 std::cout <<
"passed authenticated key agreement domain parameters validation (client)" << std::endl;
471 std::cout <<
"FAILED authenticated key agreement domain parameters invalid (client)" << std::endl;
475 SecByteBlock sprivA384(hmqvA384.StaticPrivateKeyLength()), sprivB384(hmqvB384.StaticPrivateKeyLength());
476 SecByteBlock eprivA384(hmqvA384.EphemeralPrivateKeyLength()), eprivB384(hmqvB384.EphemeralPrivateKeyLength());
477 SecByteBlock spubA384(hmqvA384.StaticPublicKeyLength()), spubB384(hmqvB384.StaticPublicKeyLength());
478 SecByteBlock epubA384(hmqvA384.EphemeralPublicKeyLength()), epubB384(hmqvB384.EphemeralPublicKeyLength());
479 SecByteBlock valA384(hmqvA384.AgreedValueLength()), valB384(hmqvB384.AgreedValueLength());
481 hmqvA384.GenerateStaticKeyPair(GlobalRNG(), sprivA384, spubA384);
482 hmqvB384.GenerateStaticKeyPair(GlobalRNG(), sprivB384, spubB384);
483 hmqvA384.GenerateEphemeralKeyPair(GlobalRNG(), eprivA384, epubA384);
484 hmqvB384.GenerateEphemeralKeyPair(GlobalRNG(), eprivB384, epubB384);
486 memset(valA384.begin(), 0x00, valA384.size());
487 memset(valB384.begin(), 0x11, valB384.size());
489 if (!(hmqvA384.Agree(valA384, sprivA384, eprivA384, spubB384, epubB384) && hmqvB384.Agree(valB384, sprivB384, eprivB384, spubA384, epubA384)))
491 std::cout <<
"FAILED authenticated key agreement failed" << std::endl;
495 if (memcmp(valA384.begin(), valB384.begin(), hmqvA384.AgreedValueLength()))
497 std::cout <<
"FAILED authenticated agreed values not equal" << std::endl;
501 std::cout <<
"passed authenticated key agreement" << std::endl;
508 std::cout <<
"\nFHMQV validation suite running...\n\n";
515 fhmqvB.AccessGroupParameters().BERDecode(f256);
517 std::cout <<
"FHMQV with NIST P-256 and SHA-256:" << std::endl;
519 if (fhmqvB.GetCryptoParameters().Validate(GlobalRNG(), 3))
520 std::cout <<
"passed authenticated key agreement domain parameters validation (server)" << std::endl;
523 std::cout <<
"FAILED authenticated key agreement domain parameters invalid (server)" << std::endl;
527 const OID oid = ASN1::secp256r1();
530 if (fhmqvA.GetCryptoParameters().Validate(GlobalRNG(), 3))
531 std::cout <<
"passed authenticated key agreement domain parameters validation (client)" << std::endl;
534 std::cout <<
"FAILED authenticated key agreement domain parameters invalid (client)" << std::endl;
538 SecByteBlock sprivA(fhmqvA.StaticPrivateKeyLength()), sprivB(fhmqvB.StaticPrivateKeyLength());
539 SecByteBlock eprivA(fhmqvA.EphemeralPrivateKeyLength()), eprivB(fhmqvB.EphemeralPrivateKeyLength());
540 SecByteBlock spubA(fhmqvA.StaticPublicKeyLength()), spubB(fhmqvB.StaticPublicKeyLength());
541 SecByteBlock epubA(fhmqvA.EphemeralPublicKeyLength()), epubB(fhmqvB.EphemeralPublicKeyLength());
542 SecByteBlock valA(fhmqvA.AgreedValueLength()), valB(fhmqvB.AgreedValueLength());
544 fhmqvA.GenerateStaticKeyPair(GlobalRNG(), sprivA, spubA);
545 fhmqvB.GenerateStaticKeyPair(GlobalRNG(), sprivB, spubB);
546 fhmqvA.GenerateEphemeralKeyPair(GlobalRNG(), eprivA, epubA);
547 fhmqvB.GenerateEphemeralKeyPair(GlobalRNG(), eprivB, epubB);
549 memset(valA.begin(), 0x00, valA.size());
550 memset(valB.begin(), 0x11, valB.size());
552 if (!(fhmqvA.Agree(valA, sprivA, eprivA, spubB, epubB) && fhmqvB.Agree(valB, sprivB, eprivB, spubA, epubA)))
554 std::cout <<
"FAILED authenticated key agreement failed" << std::endl;
558 if (memcmp(valA.begin(), valB.begin(), fhmqvA.AgreedValueLength()))
560 std::cout <<
"FAILED authenticated agreed values not equal" << std::endl;
564 std::cout <<
"passed authenticated key agreement" << std::endl;
568 std::cout <<
"FHMQV with NIST P-384 and SHA-384:" << std::endl;
571 fhmqvB384.AccessGroupParameters().BERDecode(f384);
573 if (fhmqvB384.GetCryptoParameters().Validate(GlobalRNG(), 3))
574 std::cout <<
"passed authenticated key agreement domain parameters validation (server)" << std::endl;
577 std::cout <<
"FAILED authenticated key agreement domain parameters invalid (server)" << std::endl;
581 const OID oid384 = ASN1::secp384r1();
584 if (fhmqvA384.GetCryptoParameters().Validate(GlobalRNG(), 3))
585 std::cout <<
"passed authenticated key agreement domain parameters validation (client)" << std::endl;
588 std::cout <<
"FAILED authenticated key agreement domain parameters invalid (client)" << std::endl;
592 SecByteBlock sprivA384(fhmqvA384.StaticPrivateKeyLength()), sprivB384(fhmqvB384.StaticPrivateKeyLength());
593 SecByteBlock eprivA384(fhmqvA384.EphemeralPrivateKeyLength()), eprivB384(fhmqvB384.EphemeralPrivateKeyLength());
594 SecByteBlock spubA384(fhmqvA384.StaticPublicKeyLength()), spubB384(fhmqvB384.StaticPublicKeyLength());
595 SecByteBlock epubA384(fhmqvA384.EphemeralPublicKeyLength()), epubB384(fhmqvB384.EphemeralPublicKeyLength());
596 SecByteBlock valA384(fhmqvA384.AgreedValueLength()), valB384(fhmqvB384.AgreedValueLength());
598 fhmqvA384.GenerateStaticKeyPair(GlobalRNG(), sprivA384, spubA384);
599 fhmqvB384.GenerateStaticKeyPair(GlobalRNG(), sprivB384, spubB384);
600 fhmqvA384.GenerateEphemeralKeyPair(GlobalRNG(), eprivA384, epubA384);
601 fhmqvB384.GenerateEphemeralKeyPair(GlobalRNG(), eprivB384, epubB384);
603 memset(valA384.begin(), 0x00, valA384.size());
604 memset(valB384.begin(), 0x11, valB384.size());
606 if (!(fhmqvA384.Agree(valA384, sprivA384, eprivA384, spubB384, epubB384) && fhmqvB384.Agree(valB384, sprivB384, eprivB384, spubA384, epubA384)))
608 std::cout <<
"FAILED authenticated key agreement failed" << std::endl;
612 if (memcmp(valA384.begin(), valB384.begin(), fhmqvA384.AgreedValueLength()))
614 std::cout <<
"FAILED authenticated agreed values not equal" << std::endl;
618 std::cout <<
"passed authenticated key agreement" << std::endl;
623 bool ValidateLUC_DH()
625 cout <<
"\nLUC-DH validation suite running...\n\n";
629 return SimpleKeyAgreementValidate(dh);
632 bool ValidateXTR_DH()
634 cout <<
"\nXTR-DH validation suite running...\n\n";
638 return SimpleKeyAgreementValidate(dh);
641 bool ValidateElGamal()
643 cout <<
"\nElGamal validation suite running...\n\n";
649 privC.AccessKey().Precompute();
651 privC.AccessKey().SavePrecomputation(queue);
652 privC.AccessKey().LoadPrecomputation(queue);
654 pass = CryptoSystemValidate(privC, pubC) && pass;
661 cout <<
"\nDLIES validation suite running...\n\n";
667 pass = CryptoSystemValidate(privC, pubC) && pass;
670 cout <<
"Generating new encryption key..." << endl;
674 decryptor.AccessKey().GenerateRandom(GlobalRNG(), gp);
677 pass = CryptoSystemValidate(decryptor, encryptor) && pass;
684 cout <<
"\nNR validation suite running...\n\n";
689 privS.AccessKey().Precompute();
692 pass = SignatureValidate(privS, pubS) && pass;
695 cout <<
"Generating new signature key..." << endl;
699 pass = SignatureValidate(privS, pubS) && pass;
704 bool ValidateDSA(
bool thorough)
706 cout <<
"\nDSA validation suite running...\n\n";
710 DSA::Signer priv(fs1);
711 DSA::Verifier pub(priv);
713 DSA::Verifier pub1(fs2);
714 assert(pub.GetKey() == pub1.GetKey());
715 pass = SignatureValidate(priv, pub, thorough) && pass;
716 pass = RunTestDataFile(CRYPTOPP_DATA_DIR
"TestVectors/dsa.txt",
g_nullNameValuePairs, thorough) && pass;
723 cout <<
"\nLUC validation suite running...\n\n";
730 pass = SignatureValidate(priv, pub) && pass;
735 pass = CryptoSystemValidate(priv, pub) && pass;
740 bool ValidateLUC_DL()
742 cout <<
"\nLUC-HMP validation suite running...\n\n";
747 bool pass = SignatureValidate(privS, pubS);
749 cout <<
"\nLUC-IES validation suite running...\n\n";
754 pass = CryptoSystemValidate(privC, pubC) && pass;
761 cout <<
"\nRabin validation suite running...\n\n";
768 pass = SignatureValidate(priv, pub) && pass;
773 pass = CryptoSystemValidate(priv, pub) && pass;
780 cout <<
"\nRW validation suite running...\n\n";
786 return SignatureValidate(priv, pub);
802 #if !defined(NDEBUG) && !defined(CRYPTOPP_IMPORTS)
804 bool TestPolynomialMod2()
806 bool pass1 =
true, pass2 =
true, pass3 =
true;
808 cout <<
"\nTesting PolynomialMod2 bit operations...\n\n";
810 static const unsigned int start = 0;
811 static const unsigned int stop = 4 * WORD_BITS + 1;
813 for (
unsigned int i=start; i < stop; i++)
821 std::ostringstream oss1;
824 std::string str1, str2;
828 str1.erase(std::remove(str1.begin(), str1.end(),
','), str1.end());
831 str1.erase(str1.end() - 1);
836 pass1 &= (str1 == str2);
839 for (
unsigned int i=start; i < stop; i++)
849 std::ostringstream oss1;
852 std::string str1, str2;
856 str1.erase(std::remove(str1.begin(), str1.end(),
','), str1.end());
859 str1.erase(str1.end() - 1);
864 pass2 &= (str1 == str2);
868 for (
unsigned int i=start; i < stop; i++)
879 std::ostringstream oss1;
882 std::string str1, str2;
886 str1.erase(std::remove(str1.begin(), str1.end(),
','), str1.end());
889 str1.erase(str1.end() - 1);
896 cout <<
" Oops..." <<
"\n";
897 cout <<
" random: " << std::hex << n << std::dec <<
"\n";
898 cout <<
" str1: " << str1 <<
"\n";
899 cout <<
" str2: " << str2 <<
"\n";
902 pass3 &= (str1 == str2);
905 cout << (!pass1 ?
"FAILED" :
"passed") <<
": " <<
"1 shifted over range [" << dec << start <<
"," << stop <<
"]" <<
"\n";
906 cout << (!pass2 ?
"FAILED" :
"passed") <<
": " <<
"0x" << hex << word(
SIZE_MAX) << dec <<
" shifted over range [" << start <<
"," << stop <<
"]" <<
"\n";
907 cout << (!pass3 ?
"FAILED" :
"passed") <<
": " <<
"random values shifted over range [" << dec << start <<
"," << stop <<
"]" <<
"\n";
909 if (!(pass1 && pass2 && pass3))
912 return pass1 && pass2 && pass3;
918 cout <<
"\nECP validation suite running...\n\n";
923 cpriv.GetKey().DEREncode(bq);
924 cpub.AccessKey().AccessGroupParameters().SetEncodeAsOID(
true);
925 cpub.GetKey().DEREncode(bq);
931 spriv.AccessKey().Precompute();
933 spriv.AccessKey().SavePrecomputation(queue);
934 spriv.AccessKey().LoadPrecomputation(queue);
936 bool pass = SignatureValidate(spriv, spub);
937 cpub.AccessKey().Precompute();
938 cpriv.AccessKey().Precompute();
939 pass = CryptoSystemValidate(cpriv, cpub) && pass;
940 pass = SimpleKeyAgreementValidate(ecdhc) && pass;
941 pass = AuthenticatedKeyAgreementValidate(ecmqvc) && pass;
943 cout <<
"Turning on point compression..." << endl;
944 cpriv.AccessKey().AccessGroupParameters().SetPointCompression(
true);
945 cpub.AccessKey().AccessGroupParameters().SetPointCompression(
true);
946 ecdhc.AccessGroupParameters().SetPointCompression(
true);
947 ecmqvc.AccessGroupParameters().SetPointCompression(
true);
948 pass = CryptoSystemValidate(cpriv, cpub) && pass;
949 pass = SimpleKeyAgreementValidate(ecdhc) && pass;
950 pass = AuthenticatedKeyAgreementValidate(ecmqvc) && pass;
952 cout <<
"Testing SEC 2, NIST, and Brainpool recommended curves..." << endl;
957 bool fail = !params.Validate(GlobalRNG(), 2);
958 cout << (fail ?
"FAILED" :
"passed") <<
" " << dec << params.GetCurve().GetField().MaxElementBitLength() <<
" bits" << endl;
959 pass = pass && !fail;
967 cout <<
"\nEC2N validation suite running...\n\n";
973 cpub.AccessKey().AccessGroupParameters().SetEncodeAsOID(
true);
980 spriv.AccessKey().Precompute();
982 spriv.AccessKey().SavePrecomputation(queue);
983 spriv.AccessKey().LoadPrecomputation(queue);
985 bool pass = SignatureValidate(spriv, spub);
986 pass = CryptoSystemValidate(cpriv, cpub) && pass;
987 pass = SimpleKeyAgreementValidate(ecdhc) && pass;
988 pass = AuthenticatedKeyAgreementValidate(ecmqvc) && pass;
990 cout <<
"Turning on point compression..." << endl;
991 cpriv.AccessKey().AccessGroupParameters().SetPointCompression(
true);
992 cpub.AccessKey().AccessGroupParameters().SetPointCompression(
true);
993 ecdhc.AccessGroupParameters().SetPointCompression(
true);
994 ecmqvc.AccessGroupParameters().SetPointCompression(
true);
995 pass = CryptoSystemValidate(cpriv, cpub) && pass;
996 pass = SimpleKeyAgreementValidate(ecdhc) && pass;
997 pass = AuthenticatedKeyAgreementValidate(ecmqvc) && pass;
999 #if 0 // TODO: turn this back on when I make EC2N faster for pentanomial basis
1000 cout <<
"Testing SEC 2 recommended curves..." << endl;
1005 bool fail = !params.Validate(GlobalRNG(), 2);
1006 cout << (fail ?
"FAILED" :
"passed") <<
" " << params.GetCurve().GetField().MaxElementBitLength() <<
" bits" << endl;
1007 pass = pass && !fail;
1014 bool ValidateECDSA()
1016 cout <<
"\nECDSA validation suite running...\n\n";
1019 GF2NT gf2n(191, 9, 0);
1020 byte a[]=
"\x28\x66\x53\x7B\x67\x67\x52\x63\x6A\x68\xF5\x65\x54\xE1\x26\x40\x27\x6B\x64\x9E\xF7\x52\x62\x67";
1021 byte b[]=
"\x2E\x45\xEF\x57\x1F\x00\x78\x6F\x67\xB0\x08\x1B\x94\x95\xA3\xD9\x54\x62\xF5\xDE\x0A\xA1\x85\xEC";
1025 ec.DecodePoint(P, (
byte *)
"\x04\x36\xB3\xDA\xF8\xA2\x32\x06\xF9\xC4\xF2\x99\xD7\xB2\x1A\x9C\x36\x91\x37\xF2\xC8\x4A\xE1\xAA\x0D"
1026 "\x76\x5B\xE7\x34\x33\xB3\xF9\x5E\x33\x29\x32\xE7\x0E\xA2\x45\xCA\x24\x18\xEA\x0E\xF9\x80\x18\xFB", ec.EncodedPointSize());
1027 Integer n(
"40000000000000000000000004a20e90c39067c893bbb9a5H");
1028 Integer d(
"340562e1dda332f9d2aec168249b5696ee39d0ed4d03760fH");
1033 Integer h(
"A9993E364706816ABA3E25717850C26C9CD0D89DH");
1034 Integer k(
"3eeace72b4919d991738d521879f787cb590aff8189d2b69H");
1035 static const byte sig[]=
"\x03\x8e\x5a\x11\xfb\x55\xe4\xc6\x54\x71\xdc\xd4\x99\x84\x52\xb1\xe0\x2d\x8a\xf7\x09\x9b\xb9\x30"
1036 "\x0c\x9a\x08\xc3\x44\x68\xc2\x44\xb4\xe5\xd6\xb2\x1b\x3c\x68\x36\x28\x07\x41\x60\x20\x32\x8b\x6e";
1041 bool fail, pass=
true;
1043 priv.RawSign(k, h, rOut, sOut);
1044 fail = (rOut != r) || (sOut != s);
1045 pass = pass && !fail;
1047 cout << (fail ?
"FAILED " :
"passed ");
1048 cout <<
"signature check against test vector\n";
1050 fail = !pub.VerifyMessage((
byte *)
"abc", 3, sig,
sizeof(sig));
1051 pass = pass && !fail;
1053 cout << (fail ?
"FAILED " :
"passed ");
1054 cout <<
"verification check against test vector\n";
1056 fail = pub.VerifyMessage((
byte *)
"xyz", 3, sig,
sizeof(sig));
1057 pass = pass && !fail;
1059 pass = SignatureValidate(priv, pub) && pass;
1064 bool ValidateESIGN()
1066 cout <<
"\nESIGN validation suite running...\n\n";
1068 bool pass =
true, fail;
1070 static const char plain[] =
"test";
1071 static const byte signature[] =
1072 "\xA3\xE3\x20\x65\xDE\xDA\xE7\xEC\x05\xC1\xBF\xCD\x25\x79\x7D\x99\xCD\xD5\x73\x9D\x9D\xF3\xA4\xAA\x9A\xA4\x5A\xC8\x23\x3D\x0D\x37\xFE\xBC\x76\x3F\xF1\x84\xF6\x59"
1073 "\x14\x91\x4F\x0C\x34\x1B\xAE\x9A\x5C\x2E\x2E\x38\x08\x78\x77\xCB\xDC\x3C\x7E\xA0\x34\x44\x5B\x0F\x67\xD9\x35\x2A\x79\x47\x1A\x52\x37\x71\xDB\x12\x67\xC1\xB6\xC6"
1074 "\x66\x73\xB3\x40\x2E\xD6\xF2\x1A\x84\x0A\xB6\x7B\x0F\xEB\x8B\x88\xAB\x33\xDD\xE4\x83\x21\x90\x63\x2D\x51\x2A\xB1\x6F\xAB\xA7\x5C\xFD\x77\x99\xF2\xE1\xEF\x67\x1A"
1075 "\x74\x02\x37\x0E\xED\x0A\x06\xAD\xF4\x15\x65\xB8\xE1\xD1\x45\xAE\x39\x19\xB4\xFF\x5D\xF1\x45\x7B\xE0\xFE\x72\xED\x11\x92\x8F\x61\x41\x4F\x02\x00\xF2\x76\x6F\x7C"
1076 "\x79\xA2\xE5\x52\x20\x5D\x97\x5E\xFE\x39\xAE\x21\x10\xFB\x35\xF4\x80\x81\x41\x13\xDD\xE8\x5F\xCA\x1E\x4F\xF8\x9B\xB2\x68\xFB\x28";
1082 fail = !SignatureValidate(signer, verifier);
1083 pass = pass && !fail;
1085 fail = !verifier.VerifyMessage((
byte *)plain, strlen(plain), signature, verifier.SignatureLength());
1086 pass = pass && !fail;
1088 cout << (fail ?
"FAILED " :
"passed ");
1089 cout <<
"verification check against test vector\n";
1091 cout <<
"Generating signature key from seed..." << endl;
1095 fail = !SignatureValidate(signer, verifier);
1096 pass = pass && !fail;