X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=qemu%2Froms%2Fipxe%2Fsrc%2Ftests%2Fpubkey_test.h;fp=qemu%2Froms%2Fipxe%2Fsrc%2Ftests%2Fpubkey_test.h;h=7678453a94673dd69b37c19c4695cb91e55fd7ef;hb=e44e3482bdb4d0ebde2d8b41830ac2cdb07948fb;hp=0000000000000000000000000000000000000000;hpb=9ca8dbcc65cfc63d6f5ef3312a33184e1d726e00;p=kvmfornfv.git diff --git a/qemu/roms/ipxe/src/tests/pubkey_test.h b/qemu/roms/ipxe/src/tests/pubkey_test.h new file mode 100644 index 000000000..7678453a9 --- /dev/null +++ b/qemu/roms/ipxe/src/tests/pubkey_test.h @@ -0,0 +1,175 @@ +#ifndef _PUBKEY_TEST_H +#define _PUBKEY_TEST_H + +FILE_LICENCE ( GPL2_OR_LATER ); + +#include +#include +#include + +/** + * Report public key decryption test result + * + * @v pubkey Public key algorithm + * @v key Key + * @v key_len Key length + * @v ciphertext Ciphertext + * @v ciphertext_len Ciphertext length + * @v expected Expected plaintext + * @v expected_len Expected plaintext length + */ +#define pubkey_decrypt_ok( pubkey, key, key_len, ciphertext, \ + ciphertext_len, expected, expected_len ) do {\ + uint8_t ctx[ (pubkey)->ctxsize ]; \ + \ + ok ( pubkey_init ( (pubkey), ctx, (key), (key_len) ) == 0 ); \ + { \ + size_t max_len = pubkey_max_len ( (pubkey), ctx ); \ + uint8_t decrypted[ max_len ]; \ + int decrypted_len; \ + \ + decrypted_len = pubkey_decrypt ( (pubkey), ctx, \ + (ciphertext), \ + (ciphertext_len), \ + decrypted ); \ + ok ( decrypted_len == ( ( int ) (expected_len) ) ); \ + ok ( memcmp ( decrypted, (expected), \ + (expected_len) ) == 0 ); \ + } \ + pubkey_final ( (pubkey), ctx ); \ + } while ( 0 ) + +/** + * Report public key encryption and decryption test result + * + * @v pubkey Public key algorithm + * @v encrypt_key Encryption key + * @v encrypt_key_len Encryption key length + * @v decrypt_key Decryption key + * @v decrypt_key_len Decryption key length + * @v plaintext Plaintext + * @v plaintext_len Plaintext length + */ +#define pubkey_encrypt_ok( pubkey, encrypt_key, encrypt_key_len, \ + decrypt_key, decrypt_key_len, plaintext, \ + plaintext_len ) do { \ + uint8_t ctx[ (pubkey)->ctxsize ]; \ + \ + ok ( pubkey_init ( (pubkey), ctx, (encrypt_key), \ + (encrypt_key_len) ) == 0 ); \ + { \ + size_t max_len = pubkey_max_len ( (pubkey), ctx ); \ + uint8_t encrypted[ max_len ]; \ + int encrypted_len; \ + \ + encrypted_len = pubkey_encrypt ( (pubkey), ctx, \ + (plaintext), \ + (plaintext_len), \ + encrypted ); \ + ok ( encrypted_len >= 0 ); \ + pubkey_decrypt_ok ( (pubkey), (decrypt_key), \ + (decrypt_key_len), encrypted, \ + encrypted_len, (plaintext), \ + (plaintext_len) ); \ + } \ + pubkey_final ( (pubkey), ctx ); \ + } while ( 0 ) + +/** + * Report public key signature test result + * + * @v pubkey Public key algorithm + * @v key Key + * @v key_len Key length + * @v digest Digest algorithm + * @v plaintext Plaintext + * @v plaintext_len Plaintext length + * @v expected Expected signature + * @v expected_len Expected signature length + */ +#define pubkey_sign_ok( pubkey, key, key_len, digest, plaintext, \ + plaintext_len, expected, expected_len ) do { \ + uint8_t ctx[ (pubkey)->ctxsize ]; \ + uint8_t digestctx[ (digest)->ctxsize ]; \ + uint8_t digestout[ (digest)->digestsize ]; \ + \ + digest_init ( (digest), digestctx ); \ + digest_update ( (digest), digestctx, (plaintext), \ + (plaintext_len) ); \ + digest_final ( (digest), digestctx, digestout ); \ + \ + ok ( pubkey_init ( (pubkey), ctx, (key), (key_len) ) == 0 ); \ + { \ + size_t max_len = pubkey_max_len ( (pubkey), ctx ); \ + uint8_t signature[ max_len ]; \ + int signature_len; \ + \ + signature_len = pubkey_sign ( (pubkey), ctx, (digest), \ + digestout, signature ); \ + ok ( signature_len == ( ( int ) (expected_len) ) ); \ + ok ( memcmp ( signature, (expected), \ + (expected_len) ) == 0 ); \ + } \ + pubkey_final ( (pubkey), ctx ); \ + } while ( 0 ) + +/** + * Report public key verification test result + * + * @v pubkey Public key algorithm + * @v key Key + * @v key_len Key length + * @v digest Digest algorithm + * @v plaintext Plaintext + * @v plaintext_len Plaintext length + * @v signature Signature + * @v signature_len Signature length + */ +#define pubkey_verify_ok( pubkey, key, key_len, digest, plaintext, \ + plaintext_len, signature, signature_len ) do {\ + uint8_t ctx[ (pubkey)->ctxsize ]; \ + uint8_t digestctx[ (digest)->ctxsize ]; \ + uint8_t digestout[ (digest)->digestsize ]; \ + \ + digest_init ( (digest), digestctx ); \ + digest_update ( (digest), digestctx, (plaintext), \ + (plaintext_len) ); \ + digest_final ( (digest), digestctx, digestout ); \ + \ + ok ( pubkey_init ( (pubkey), ctx, (key), (key_len) ) == 0 ); \ + ok ( pubkey_verify ( (pubkey), ctx, (digest), digestout, \ + (signature), (signature_len) ) == 0 ); \ + pubkey_final ( (pubkey), ctx ); \ + } while ( 0 ) + +/** + * Report public key verification test result + * + * @v pubkey Public key algorithm + * @v key Key + * @v key_len Key length + * @v digest Digest algorithm + * @v plaintext Plaintext + * @v plaintext_len Plaintext length + * @v signature Signature + * @v signature_len Signature length + */ +#define pubkey_verify_fail_ok( pubkey, key, key_len, digest, plaintext, \ + plaintext_len, signature, \ + signature_len ) do { \ + uint8_t ctx[ (pubkey)->ctxsize ]; \ + uint8_t digestctx[ (digest)->ctxsize ]; \ + uint8_t digestout[ (digest)->digestsize ]; \ + \ + digest_init ( (digest), digestctx ); \ + digest_update ( (digest), digestctx, (plaintext), \ + (plaintext_len) ); \ + digest_final ( (digest), digestctx, digestout ); \ + \ + ok ( pubkey_init ( (pubkey), ctx, (key), (key_len) ) == 0 ); \ + ok ( pubkey_verify ( (pubkey), ctx, (digest), digestout, \ + (signature), (signature_len) ) != 0 ); \ + pubkey_final ( (pubkey), ctx ); \ + } while ( 0 ) + +#endif /* _PUBKEY_TEST_H */