summaryrefslogtreecommitdiffstats
path: root/netwerk/srtp/src/crypto/test
diff options
context:
space:
mode:
Diffstat (limited to 'netwerk/srtp/src/crypto/test')
-rw-r--r--netwerk/srtp/src/crypto/test/aes_calc.c154
-rw-r--r--netwerk/srtp/src/crypto/test/auth_driver.c200
-rw-r--r--netwerk/srtp/src/crypto/test/cipher_driver.c531
-rw-r--r--netwerk/srtp/src/crypto/test/datatypes_driver.c237
-rw-r--r--netwerk/srtp/src/crypto/test/env.c99
-rw-r--r--netwerk/srtp/src/crypto/test/kernel_driver.c126
-rw-r--r--netwerk/srtp/src/crypto/test/rand_gen.c140
-rw-r--r--netwerk/srtp/src/crypto/test/sha1_driver.c550
-rw-r--r--netwerk/srtp/src/crypto/test/stat_driver.c174
9 files changed, 2211 insertions, 0 deletions
diff --git a/netwerk/srtp/src/crypto/test/aes_calc.c b/netwerk/srtp/src/crypto/test/aes_calc.c
new file mode 100644
index 000000000..a5b390dd3
--- /dev/null
+++ b/netwerk/srtp/src/crypto/test/aes_calc.c
@@ -0,0 +1,154 @@
+/*
+ * aes_calc.c
+ *
+ * A simple AES calculator for generating AES encryption values
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+/*
+
+ Example usage (with first NIST FIPS 197 test case):
+
+[sh]$ test/aes_calc 000102030405060708090a0b0c0d0e0f 00112233445566778899aabbccddeeff -v
+ plaintext: 00112233445566778899aabbccddeeff
+ key: 000102030405060708090a0b0c0d0e0f
+ ciphertext: 69c4e0d86a7b0430d8cdb78070b4c55a
+
+ */
+
+#include "aes.h"
+#include <stdio.h>
+#include <string.h>
+
+void
+usage(char *prog_name) {
+ printf("usage: %s <key> <plaintext> [-v]\n", prog_name);
+ exit(255);
+}
+
+#define AES_MAX_KEY_LEN 32
+
+int
+main (int argc, char *argv[]) {
+ v128_t data;
+ uint8_t key[AES_MAX_KEY_LEN];
+ aes_expanded_key_t exp_key;
+ int key_len, len;
+ int verbose;
+ err_status_t status;
+
+ if (argc == 3) {
+ /* we're not in verbose mode */
+ verbose = 0;
+ } else if (argc == 4) {
+ if (strncmp(argv[3], "-v", 2) == 0) {
+ /* we're in verbose mode */
+ verbose = 1;
+ } else {
+ /* unrecognized flag, complain and exit */
+ usage(argv[0]);
+ }
+ } else {
+ /* we've been fed the wrong number of arguments - compain and exit */
+ usage(argv[0]);
+ }
+
+ /* read in key, checking length */
+ if (strlen(argv[1]) > AES_MAX_KEY_LEN*2) {
+ fprintf(stderr,
+ "error: too many digits in key "
+ "(should be at most %d hexadecimal digits, found %u)\n",
+ AES_MAX_KEY_LEN*2, (unsigned)strlen(argv[1]));
+ exit(1);
+ }
+ len = hex_string_to_octet_string((char*)key, argv[1], AES_MAX_KEY_LEN*2);
+ /* check that hex string is the right length */
+ if (len != 32 && len != 48 && len != 64) {
+ fprintf(stderr,
+ "error: bad number of digits in key "
+ "(should be 32/48/64 hexadecimal digits, found %d)\n",
+ len);
+ exit(1);
+ }
+ key_len = len/2;
+
+ /* read in plaintext, checking length */
+ if (strlen(argv[2]) > 16*2) {
+ fprintf(stderr,
+ "error: too many digits in plaintext "
+ "(should be %d hexadecimal digits, found %u)\n",
+ 16*2, (unsigned)strlen(argv[2]));
+ exit(1);
+ }
+ len = hex_string_to_octet_string((char *)(&data), argv[2], 16*2);
+ /* check that hex string is the right length */
+ if (len < 16*2) {
+ fprintf(stderr,
+ "error: too few digits in plaintext "
+ "(should be %d hexadecimal digits, found %d)\n",
+ 16*2, len);
+ exit(1);
+ }
+
+ if (verbose) {
+ /* print out plaintext */
+ printf("plaintext:\t%s\n", octet_string_hex_string((uint8_t *)&data, 16));
+ }
+
+ /* encrypt plaintext */
+ status = aes_expand_encryption_key(key, key_len, &exp_key);
+ if (status) {
+ fprintf(stderr,
+ "error: AES key expansion failed.\n");
+ exit(1);
+ }
+
+ aes_encrypt(&data, &exp_key);
+
+ /* write ciphertext to output */
+ if (verbose) {
+ printf("key:\t\t%s\n", octet_string_hex_string(key, key_len));
+ printf("ciphertext:\t");
+ }
+ printf("%s\n", v128_hex_string(&data));
+
+ return 0;
+}
+
diff --git a/netwerk/srtp/src/crypto/test/auth_driver.c b/netwerk/srtp/src/crypto/test/auth_driver.c
new file mode 100644
index 000000000..cd8a75dd0
--- /dev/null
+++ b/netwerk/srtp/src/crypto/test/auth_driver.c
@@ -0,0 +1,200 @@
+/*
+ * auth_driver.c
+ *
+ * a driver for auth functions
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include <stdio.h> /* for printf() */
+#include <stdlib.h> /* for xalloc() */
+#include <unistd.h> /* for getopt() */
+
+#include "auth.h"
+#include "null_auth.h"
+
+#define PRINT_DEBUG_DATA 0
+
+extern auth_type_t tmmhv2;
+
+const uint16_t msg0[9] = {
+ 0x6015, 0xf141, 0x5ba1, 0x29a0, 0xf604, 0xd1c, 0x2d9, 0xaa8a, 0x7931
+};
+
+/* key1 is for TAG_WORDS = 2 */
+
+const uint16_t key1[47] = {
+ 0xe627, 0x6a01, 0x5ea7, 0xf27a, 0xc536, 0x2192, 0x11be, 0xea35,
+ 0xdb9d, 0x63d6, 0xfa8a, 0xfc45, 0xe08b, 0xd216, 0xced2, 0x7853,
+ 0x1a82, 0x22f5, 0x90fb, 0x1c29, 0x708e, 0xd06f, 0x82c3, 0xbee6,
+ 0x4f21, 0x6f33, 0x65c0, 0xd211, 0xc25e, 0x9138, 0x4fa3, 0x7c1f,
+ 0x61ac, 0x3489, 0x2976, 0x8c19, 0x8252, 0xddbf, 0xcad3, 0xc28f,
+ 0x68d6, 0x58dd, 0x504f, 0x2bbf, 0x0278, 0x70b7, 0xcfca
+};
+
+double
+auth_bits_per_second(auth_t *h, int msg_len);
+
+
+void
+usage(char *prog_name) {
+ printf("usage: %s [ -t | -v ]\n", prog_name);
+ exit(255);
+}
+
+#define MAX_MSG_LEN 2048
+
+int
+main (int argc, char *argv[]) {
+ auth_t *a = NULL;
+ err_status_t status;
+ int i;
+ int c;
+ unsigned do_timing_test = 0;
+ unsigned do_validation = 0;
+
+ /* process input arguments */
+ while (1) {
+ c = getopt(argc, argv, "tv");
+ if (c == -1)
+ break;
+ switch (c) {
+ case 't':
+ do_timing_test = 1;
+ break;
+ case 'v':
+ do_validation = 1;
+ break;
+ default:
+ usage(argv[0]);
+ }
+ }
+
+ printf("auth driver\nDavid A. McGrew\nCisco Systems, Inc.\n");
+
+ if (!do_validation && !do_timing_test)
+ usage(argv[0]);
+
+ if (do_validation) {
+ printf("running self-test for %s...", tmmhv2.description);
+ status = tmmhv2_add_big_test();
+ if (status) {
+ printf("tmmhv2_add_big_test failed with error code %d\n", status);
+ exit(status);
+ }
+ status = auth_type_self_test(&tmmhv2);
+ if (status) {
+ printf("failed with error code %d\n", status);
+ exit(status);
+ }
+ printf("passed\n");
+ }
+
+ if (do_timing_test) {
+
+ /* tmmhv2 timing test */
+ status = auth_type_alloc(&tmmhv2, &a, 94, 4);
+ if (status) {
+ fprintf(stderr, "can't allocate tmmhv2\n");
+ exit(status);
+ }
+ status = auth_init(a, (uint8_t *)key1);
+ if (status) {
+ printf("error initializaing auth function\n");
+ exit(status);
+ }
+
+ printf("timing %s (tag length %d)\n",
+ tmmhv2.description, auth_get_tag_length(a));
+ for (i=8; i <= MAX_MSG_LEN; i *= 2)
+ printf("msg len: %d\tgigabits per second: %f\n",
+ i, auth_bits_per_second(a, i) / 1E9);
+
+ status = auth_dealloc(a);
+ if (status) {
+ printf("error deallocating auth function\n");
+ exit(status);
+ }
+
+ }
+
+ return 0;
+}
+
+#define NUM_TRIALS 100000
+
+#include <time.h>
+
+double
+auth_bits_per_second(auth_t *a, int msg_len_octets) {
+ int i;
+ clock_t timer;
+ uint8_t *result;
+ int msg_len = (msg_len_octets + 1)/2;
+ uint16_t *msg_string;
+
+ /* create random message */
+ msg_string = (uint16_t *) crypto_alloc(msg_len_octets);
+ if (msg_string == NULL)
+ return 0.0; /* indicate failure */
+ for (i=0; i < msg_len; i++)
+ msg_string[i] = (uint16_t) random();
+
+ /* allocate temporary storage for authentication tag */
+ result = crypto_alloc(auth_get_tag_length(a));
+ if (result == NULL) {
+ free(msg_string);
+ return 0.0; /* indicate failure */
+ }
+
+ timer = clock();
+ for (i=0; i < NUM_TRIALS; i++) {
+ auth_compute(a, (uint8_t *)msg_string, msg_len_octets, (uint8_t *)result);
+ }
+ timer = clock() - timer;
+
+ free(msg_string);
+ free(result);
+
+ return (double) NUM_TRIALS * 8 * msg_len_octets * CLOCKS_PER_SEC / timer;
+}
+
+
diff --git a/netwerk/srtp/src/crypto/test/cipher_driver.c b/netwerk/srtp/src/crypto/test/cipher_driver.c
new file mode 100644
index 000000000..ea41ff5a4
--- /dev/null
+++ b/netwerk/srtp/src/crypto/test/cipher_driver.c
@@ -0,0 +1,531 @@
+/*
+ * cipher_driver.c
+ *
+ * A driver for the generic cipher type
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <stdio.h> /* for printf() */
+#include <stdlib.h> /* for rand() */
+#include <string.h> /* for memset() */
+#include <unistd.h> /* for getopt() */
+#include "cipher.h"
+#include "aes_icm.h"
+#include "null_cipher.h"
+
+#define PRINT_DEBUG 0
+
+void
+cipher_driver_test_throughput(cipher_t *c);
+
+err_status_t
+cipher_driver_self_test(cipher_type_t *ct);
+
+
+/*
+ * cipher_driver_test_buffering(ct) tests the cipher's output
+ * buffering for correctness by checking the consistency of succesive
+ * calls
+ */
+
+err_status_t
+cipher_driver_test_buffering(cipher_t *c);
+
+
+/*
+ * functions for testing cipher cache thrash
+ */
+err_status_t
+cipher_driver_test_array_throughput(cipher_type_t *ct,
+ int klen, int num_cipher);
+
+void
+cipher_array_test_throughput(cipher_t *ca[], int num_cipher);
+
+uint64_t
+cipher_array_bits_per_second(cipher_t *cipher_array[], int num_cipher,
+ unsigned octets_in_buffer, int num_trials);
+
+err_status_t
+cipher_array_delete(cipher_t *cipher_array[], int num_cipher);
+
+err_status_t
+cipher_array_alloc_init(cipher_t ***cipher_array, int num_ciphers,
+ cipher_type_t *ctype, int klen);
+
+void
+usage(char *prog_name) {
+ printf("usage: %s [ -t | -v | -a ]\n", prog_name);
+ exit(255);
+}
+
+void
+check_status(err_status_t s) {
+ if (s) {
+ printf("error (code %d)\n", s);
+ exit(s);
+ }
+ return;
+}
+
+/*
+ * null_cipher, aes_icm, and aes_cbc are the cipher meta-objects
+ * defined in the files in crypto/cipher subdirectory. these are
+ * declared external so that we can use these cipher types here
+ */
+
+extern cipher_type_t null_cipher;
+extern cipher_type_t aes_icm;
+extern cipher_type_t aes_cbc;
+
+int
+main(int argc, char *argv[]) {
+ cipher_t *c = NULL;
+ err_status_t status;
+ unsigned char test_key[48] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
+ 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
+ };
+ int q;
+ unsigned do_timing_test = 0;
+ unsigned do_validation = 0;
+ unsigned do_array_timing_test = 0;
+
+ /* process input arguments */
+ while (1) {
+ q = getopt(argc, argv, "tva");
+ if (q == -1)
+ break;
+ switch (q) {
+ case 't':
+ do_timing_test = 1;
+ break;
+ case 'v':
+ do_validation = 1;
+ break;
+ case 'a':
+ do_array_timing_test = 1;
+ break;
+ default:
+ usage(argv[0]);
+ }
+ }
+
+ printf("cipher test driver\n"
+ "David A. McGrew\n"
+ "Cisco Systems, Inc.\n");
+
+ if (!do_validation && !do_timing_test && !do_array_timing_test)
+ usage(argv[0]);
+
+ /* arry timing (cache thrash) test */
+ if (do_array_timing_test) {
+ int max_num_cipher = 1 << 16; /* number of ciphers in cipher_array */
+ int num_cipher;
+
+ for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8)
+ cipher_driver_test_array_throughput(&null_cipher, 0, num_cipher);
+
+ for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8)
+ cipher_driver_test_array_throughput(&aes_icm, 30, num_cipher);
+
+ for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8)
+ cipher_driver_test_array_throughput(&aes_icm, 46, num_cipher);
+
+ for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8)
+ cipher_driver_test_array_throughput(&aes_cbc, 16, num_cipher);
+
+ for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8)
+ cipher_driver_test_array_throughput(&aes_cbc, 32, num_cipher);
+ }
+
+ if (do_validation) {
+ cipher_driver_self_test(&null_cipher);
+ cipher_driver_self_test(&aes_icm);
+ cipher_driver_self_test(&aes_cbc);
+ }
+
+ /* do timing and/or buffer_test on null_cipher */
+ status = cipher_type_alloc(&null_cipher, &c, 0);
+ check_status(status);
+
+ status = cipher_init(c, NULL, direction_encrypt);
+ check_status(status);
+
+ if (do_timing_test)
+ cipher_driver_test_throughput(c);
+ if (do_validation) {
+ status = cipher_driver_test_buffering(c);
+ check_status(status);
+ }
+ status = cipher_dealloc(c);
+ check_status(status);
+
+
+ /* run the throughput test on the aes_icm cipher (128-bit key) */
+ status = cipher_type_alloc(&aes_icm, &c, 30);
+ if (status) {
+ fprintf(stderr, "error: can't allocate cipher\n");
+ exit(status);
+ }
+
+ status = cipher_init(c, test_key, direction_encrypt);
+ check_status(status);
+
+ if (do_timing_test)
+ cipher_driver_test_throughput(c);
+
+ if (do_validation) {
+ status = cipher_driver_test_buffering(c);
+ check_status(status);
+ }
+
+ status = cipher_dealloc(c);
+ check_status(status);
+
+ /* repeat the tests with 256-bit keys */
+ status = cipher_type_alloc(&aes_icm, &c, 46);
+ if (status) {
+ fprintf(stderr, "error: can't allocate cipher\n");
+ exit(status);
+ }
+
+ status = cipher_init(c, test_key, direction_encrypt);
+ check_status(status);
+
+ if (do_timing_test)
+ cipher_driver_test_throughput(c);
+
+ if (do_validation) {
+ status = cipher_driver_test_buffering(c);
+ check_status(status);
+ }
+
+ status = cipher_dealloc(c);
+ check_status(status);
+
+ return 0;
+}
+
+void
+cipher_driver_test_throughput(cipher_t *c) {
+ int i;
+ int min_enc_len = 32;
+ int max_enc_len = 2048; /* should be a power of two */
+ int num_trials = 1000000;
+
+ printf("timing %s throughput, key length %d:\n", c->type->description, c->key_len);
+ fflush(stdout);
+ for (i=min_enc_len; i <= max_enc_len; i = i * 2)
+ printf("msg len: %d\tgigabits per second: %f\n",
+ i, cipher_bits_per_second(c, i, num_trials) / 1e9);
+
+}
+
+err_status_t
+cipher_driver_self_test(cipher_type_t *ct) {
+ err_status_t status;
+
+ printf("running cipher self-test for %s...", ct->description);
+ status = cipher_type_self_test(ct);
+ if (status) {
+ printf("failed with error code %d\n", status);
+ exit(status);
+ }
+ printf("passed\n");
+
+ return err_status_ok;
+}
+
+/*
+ * cipher_driver_test_buffering(ct) tests the cipher's output
+ * buffering for correctness by checking the consistency of succesive
+ * calls
+ */
+
+err_status_t
+cipher_driver_test_buffering(cipher_t *c) {
+ int i, j, num_trials = 1000;
+ unsigned len, buflen = 1024;
+ uint8_t buffer0[buflen], buffer1[buflen], *current, *end;
+ uint8_t idx[16] = {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0x34
+ };
+ err_status_t status;
+
+ printf("testing output buffering for cipher %s...",
+ c->type->description);
+
+ for (i=0; i < num_trials; i++) {
+
+ /* set buffers to zero */
+ for (j=0; j < buflen; j++)
+ buffer0[j] = buffer1[j] = 0;
+
+ /* initialize cipher */
+ status = cipher_set_iv(c, idx);
+ if (status)
+ return status;
+
+ /* generate 'reference' value by encrypting all at once */
+ status = cipher_encrypt(c, buffer0, &buflen);
+ if (status)
+ return status;
+
+ /* re-initialize cipher */
+ status = cipher_set_iv(c, idx);
+ if (status)
+ return status;
+
+ /* now loop over short lengths until buffer1 is encrypted */
+ current = buffer1;
+ end = buffer1 + buflen;
+ while (current < end) {
+
+ /* choose a short length */
+ len = rand() & 0x01f;
+
+ /* make sure that len doesn't cause us to overreach the buffer */
+ if (current + len > end)
+ len = end - current;
+
+ status = cipher_encrypt(c, current, &len);
+ if (status)
+ return status;
+
+ /* advance pointer into buffer1 to reflect encryption */
+ current += len;
+
+ /* if buffer1 is all encrypted, break out of loop */
+ if (current == end)
+ break;
+ }
+
+ /* compare buffers */
+ for (j=0; j < buflen; j++)
+ if (buffer0[j] != buffer1[j]) {
+#if PRINT_DEBUG
+ printf("test case %d failed at byte %d\n", i, j);
+ printf("computed: %s\n", octet_string_hex_string(buffer1, buflen));
+ printf("expected: %s\n", octet_string_hex_string(buffer0, buflen));
+#endif
+ return err_status_algo_fail;
+ }
+ }
+
+ printf("passed\n");
+
+ return err_status_ok;
+}
+
+
+/*
+ * The function cipher_test_throughput_array() tests the effect of CPU
+ * cache thrash on cipher throughput.
+ *
+ * cipher_array_alloc_init(ctype, array, num_ciphers) creates an array
+ * of cipher_t of type ctype
+ */
+
+err_status_t
+cipher_array_alloc_init(cipher_t ***ca, int num_ciphers,
+ cipher_type_t *ctype, int klen) {
+ int i, j;
+ err_status_t status;
+ uint8_t *key;
+ cipher_t **cipher_array;
+ /* pad klen allocation, to handle aes_icm reading 16 bytes for the
+ 14-byte salt */
+ int klen_pad = ((klen + 15) >> 4) << 4;
+
+ /* allocate array of pointers to ciphers */
+ cipher_array = (cipher_t **) malloc(sizeof(cipher_t *) * num_ciphers);
+ if (cipher_array == NULL)
+ return err_status_alloc_fail;
+
+ /* set ca to location of cipher_array */
+ *ca = cipher_array;
+
+ /* allocate key */
+ key = crypto_alloc(klen_pad);
+ if (key == NULL) {
+ free(cipher_array);
+ return err_status_alloc_fail;
+ }
+
+ /* allocate and initialize an array of ciphers */
+ for (i=0; i < num_ciphers; i++) {
+
+ /* allocate cipher */
+ status = cipher_type_alloc(ctype, cipher_array, klen);
+ if (status)
+ return status;
+
+ /* generate random key and initialize cipher */
+ for (j=0; j < klen; j++)
+ key[j] = (uint8_t) rand();
+ for (; j < klen_pad; j++)
+ key[j] = 0;
+ status = cipher_init(*cipher_array, key, direction_encrypt);
+ if (status)
+ return status;
+
+/* printf("%dth cipher is at %p\n", i, *cipher_array); */
+/* printf("%dth cipher description: %s\n", i, */
+/* (*cipher_array)->type->description); */
+
+ /* advance cipher array pointer */
+ cipher_array++;
+ }
+
+ crypto_free(key);
+
+ return err_status_ok;
+}
+
+err_status_t
+cipher_array_delete(cipher_t *cipher_array[], int num_cipher) {
+ int i;
+
+ for (i=0; i < num_cipher; i++) {
+ cipher_dealloc(cipher_array[i]);
+ }
+
+ free(cipher_array);
+
+ return err_status_ok;
+}
+
+
+/*
+ * cipher_array_bits_per_second(c, l, t) computes (an estimate of) the
+ * number of bits that a cipher implementation can encrypt in a second
+ * when distinct keys are used to encrypt distinct messages
+ *
+ * c is a cipher (which MUST be allocated an initialized already), l
+ * is the length in octets of the test data to be encrypted, and t is
+ * the number of trials
+ *
+ * if an error is encountered, the value 0 is returned
+ */
+
+uint64_t
+cipher_array_bits_per_second(cipher_t *cipher_array[], int num_cipher,
+ unsigned octets_in_buffer, int num_trials) {
+ int i;
+ v128_t nonce;
+ clock_t timer;
+ unsigned char *enc_buf;
+ int cipher_index = rand() % num_cipher;
+
+ /* Over-alloc, for NIST CBC padding */
+ enc_buf = crypto_alloc(octets_in_buffer+17);
+ if (enc_buf == NULL)
+ return 0; /* indicate bad parameters by returning null */
+ memset(enc_buf, 0, octets_in_buffer);
+
+ /* time repeated trials */
+ v128_set_to_zero(&nonce);
+ timer = clock();
+ for(i=0; i < num_trials; i++, nonce.v32[3] = i) {
+ /* length parameter to cipher_encrypt is in/out -- out is total, padded
+ * length -- so reset it each time. */
+ unsigned octets_to_encrypt = octets_in_buffer;
+
+ /* encrypt buffer with cipher */
+ cipher_set_iv(cipher_array[cipher_index], &nonce);
+ cipher_encrypt(cipher_array[cipher_index], enc_buf, &octets_to_encrypt);
+
+ /* choose a cipher at random from the array*/
+ cipher_index = (*((uint32_t *)enc_buf)) % num_cipher;
+ }
+ timer = clock() - timer;
+
+ free(enc_buf);
+
+ if (timer == 0) {
+ /* Too fast! */
+ return 0;
+ }
+
+ return (uint64_t)CLOCKS_PER_SEC * num_trials * 8 * octets_in_buffer / timer;
+}
+
+void
+cipher_array_test_throughput(cipher_t *ca[], int num_cipher) {
+ int i;
+ int min_enc_len = 16;
+ int max_enc_len = 2048; /* should be a power of two */
+ int num_trials = 1000000;
+
+ printf("timing %s throughput with key length %d, array size %d:\n",
+ (ca[0])->type->description, (ca[0])->key_len, num_cipher);
+ fflush(stdout);
+ for (i=min_enc_len; i <= max_enc_len; i = i * 4)
+ printf("msg len: %d\tgigabits per second: %f\n", i,
+ cipher_array_bits_per_second(ca, num_cipher, i, num_trials) / 1e9);
+
+}
+
+err_status_t
+cipher_driver_test_array_throughput(cipher_type_t *ct,
+ int klen, int num_cipher) {
+ cipher_t **ca = NULL;
+ err_status_t status;
+
+ status = cipher_array_alloc_init(&ca, num_cipher, ct, klen);
+ if (status) {
+ printf("error: cipher_array_alloc_init() failed with error code %d\n",
+ status);
+ return status;
+ }
+
+ cipher_array_test_throughput(ca, num_cipher);
+
+ cipher_array_delete(ca, num_cipher);
+
+ return err_status_ok;
+}
diff --git a/netwerk/srtp/src/crypto/test/datatypes_driver.c b/netwerk/srtp/src/crypto/test/datatypes_driver.c
new file mode 100644
index 000000000..f1866524c
--- /dev/null
+++ b/netwerk/srtp/src/crypto/test/datatypes_driver.c
@@ -0,0 +1,237 @@
+/*
+ * datatypes_driver.c
+ *
+ * a test driver for crypto/math datatypes
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include <stdio.h> /* for printf() */
+#include <string.h> /* for strlen() */
+#include "datatypes.h"
+
+void
+byte_order(void);
+
+void
+test_hex_string_funcs(void);
+
+void
+print_string(char *s);
+
+void
+test_bswap(void);
+
+int
+main (void) {
+
+ /*
+ * this program includes various and sundry tests for fundamental
+ * datatypes. it's a grab-bag of throwaway code, retained only in
+ * case of future problems
+ */
+
+ int i, j;
+ v128_t x;
+ char *r =
+ "The Moving Finger writes; and, having writ,\n"
+ "Moves on: nor all thy Piety nor Wit\n"
+ "Shall lure it back to cancel half a Line,\n"
+ "Nor all thy Tears wash out a Word of it.";
+ char *s = "incomplet";
+
+ print_string(r);
+ print_string(s);
+
+ byte_order();
+ test_hex_string_funcs();
+
+ for (j=0; j < 128; j++) {
+ v128_set_to_zero(&x);
+ /* x.v32[0] = (1 << j); */
+ v128_set_bit(&x, j);
+ printf("%s\n", v128_bit_string(&x));
+ v128_clear_bit(&x, j);
+ printf("%s\n", v128_bit_string(&x));
+
+ }
+
+ printf("----------------------------------------------\n");
+ v128_set_to_zero(&x);
+ for (i=0; i < 128; i++) {
+ v128_set_bit(&x, i);
+ }
+ printf("%s\n", v128_bit_string(&x));
+
+ printf("----------------------------------------------\n");
+ v128_set_to_zero(&x);
+ v128_set_bit(&x, 0);
+ for (i=0; i < 128; i++) {
+ printf("%s\n", v128_bit_string(&x));
+ v128_right_shift(&x, 1);
+ }
+ printf("----------------------------------------------\n");
+ v128_set_to_zero(&x);
+ v128_set_bit(&x, 127);
+ for (i=0; i < 128; i++) {
+ printf("%s\n", v128_bit_string(&x));
+ v128_left_shift(&x, 1);
+ }
+ printf("----------------------------------------------\n");
+ for (i=0; i < 128; i++) {
+ v128_set_to_zero(&x);
+ v128_set_bit(&x, 127);
+ v128_left_shift(&x, i);
+ printf("%s\n", v128_bit_string(&x));
+ }
+ printf("----------------------------------------------\n");
+ v128_set_to_zero(&x);
+ for (i=0; i < 128; i+=2) {
+ v128_set_bit(&x, i);
+ }
+ printf("bit_string: { %s }\n", v128_bit_string(&x));
+ printf("get_bit: { ");
+ for (i=0; i < 128; i++) {
+ if (v128_get_bit(&x, i) == 1)
+ printf("1");
+ else
+ printf("0");
+ }
+ printf(" } \n");
+
+ test_bswap();
+
+ return 0;
+}
+
+
+/* byte_order() prints out byte ordering of datatypes */
+
+void
+byte_order(void) {
+ int i;
+ v128_t e;
+#if 0
+ v16_t b;
+ v32_t c;
+ v64_t d;
+
+ for (i=0; i < sizeof(b); i++)
+ b.octet[i] = i;
+ for (i=0; i < sizeof(c); i++)
+ c.octet[i] = i;
+ for (i=0; i < sizeof(d); i++)
+ d.octet[i] = i;
+
+ printf("v128_t:\t%s\n", v128_hex_string(&e));
+ printf("v64_t:\t%s\n", v64_hex_string(&d));
+ printf("v32_t:\t%s\n", v32_hex_string(c));
+ printf("v16_t:\t%s\n", v16_hex_string(b));
+
+ c.value = 0x01020304;
+ printf("v32_t:\t%s\n", v32_hex_string(c));
+ b.value = 0x0102;
+ printf("v16_t:\t%s\n", v16_hex_string(b));
+
+ printf("uint16_t ordering:\n");
+
+ c.value = 0x00010002;
+ printf("v32_t:\t%x%x\n", c.v16[0], c.v16[1]);
+#endif
+
+ printf("byte ordering of crypto/math datatypes:\n");
+ for (i=0; i < sizeof(e); i++)
+ e.v8[i] = i;
+ printf("v128_t: %s\n", v128_hex_string(&e));
+
+}
+
+void
+test_hex_string_funcs(void) {
+ char hex1[] = "abadcafe";
+ char hex2[] = "0123456789abcdefqqqqq";
+ char raw[10];
+ int len;
+
+ len = hex_string_to_octet_string(raw, hex1, strlen(hex1));
+ printf("computed length: %d\tstring: %s\n", len,
+ octet_string_hex_string(raw, len/2));
+ printf("expected length: %u\tstring: %s\n", (unsigned)strlen(hex1), hex1);
+
+ len = hex_string_to_octet_string(raw, hex2, strlen(hex2));
+ printf("computed length: %d\tstring: %s\n", len,
+ octet_string_hex_string(raw, len/2));
+ printf("expected length: %d\tstring: %s\n", 16, "0123456789abcdef");
+
+}
+
+void
+print_string(char *s) {
+ int i;
+ printf("%s\n", s);
+ printf("strlen(s) = %u\n", (unsigned)strlen(s));
+ printf("{ ");
+ for (i=0; i < strlen(s); i++) {
+ printf("0x%x, ", s[i]);
+ if (((i+1) % 8) == 0)
+ printf("\n ");
+ }
+ printf("}\n");
+}
+
+void
+test_bswap(void) {
+ uint32_t x = 0x11223344;
+ uint64_t y = 0x1122334455667788LL;
+
+ printf("before: %0x\nafter: %0x\n", x, be32_to_cpu(x));
+ printf("before: %0llx\nafter: %0llx\n", (unsigned long long)y,
+ (unsigned long long)be64_to_cpu(y));
+
+ y = 1234;
+
+ printf("1234: %0llx\n", (unsigned long long)y);
+ printf("as octet string: %s\n",
+ octet_string_hex_string((uint8_t *) &y, 8));
+ y = be64_to_cpu(y);
+ printf("bswapped octet string: %s\n",
+ octet_string_hex_string((uint8_t *) &y, 8));
+}
diff --git a/netwerk/srtp/src/crypto/test/env.c b/netwerk/srtp/src/crypto/test/env.c
new file mode 100644
index 000000000..37a6e2731
--- /dev/null
+++ b/netwerk/srtp/src/crypto/test/env.c
@@ -0,0 +1,99 @@
+/*
+ * env.c
+ *
+ * prints out a brief report on the build environment
+ *
+ * David McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <stdio.h>
+#include <string.h> /* for srtcmp() */
+#include "config.h"
+
+int
+main(void) {
+ int err_count = 0;
+ char *str;
+
+#ifdef WORDS_BIGENDIAN
+ printf("CPU set to big-endian\t\t\t(WORDS_BIGENDIAN == 1)\n");
+#else
+ printf("CPU set to little-endian\t\t(WORDS_BIGENDIAN == 0)\n");
+#endif
+
+#ifdef CPU_RISC
+ printf("CPU set to RISC\t\t\t\t(CPU_RISC == 1)\n");
+#elif defined(CPU_CISC)
+ printf("CPU set to CISC\t\t\t\t(CPU_CISC == 1)\n");
+#else
+ printf("CPU set to an unknown type, probably due to a configuration error\n");
+ err_count++;
+#endif
+
+#ifdef CPU_ALTIVEC
+ printf("CPU set to ALTIVEC\t\t\t\t(CPU_ALTIVEC == 0)\n");
+#endif
+
+#ifndef NO_64BIT_MATH
+ printf("using native 64-bit type\t\t(NO_64_BIT_MATH == 0)\n");
+#else
+ printf("using built-in 64-bit math\t\t(NO_64_BIT_MATH == 1)\n");
+#endif
+
+#ifdef ERR_REPORTING_STDOUT
+ printf("using stdout for error reporting\t(ERR_REPORTING_STDOUT == 1)\n");
+#endif
+
+#ifdef DEV_URANDOM
+ str = DEV_URANDOM;
+#else
+ str = "";
+#endif
+ printf("using %s as a random source\t(DEV_URANDOM == %s)\n",
+ str, str);
+ if (strcmp("", str) == 0) {
+ err_count++;
+ }
+
+ if (err_count)
+ printf("warning: configuration is probably in error "
+ "(found %d problems)\n", err_count);
+
+ return err_count;
+}
diff --git a/netwerk/srtp/src/crypto/test/kernel_driver.c b/netwerk/srtp/src/crypto/test/kernel_driver.c
new file mode 100644
index 000000000..8ef8a5f4b
--- /dev/null
+++ b/netwerk/srtp/src/crypto/test/kernel_driver.c
@@ -0,0 +1,126 @@
+/*
+ * kernel_driver.c
+ *
+ * a test driver for the crypto_kernel
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include <stdio.h> /* for printf() */
+#include <unistd.h> /* for getopt() */
+#include "crypto_kernel.h"
+
+void
+usage(char *prog_name) {
+ printf("usage: %s [ -v ][ -d debug_module ]*\n", prog_name);
+ exit(255);
+}
+
+int
+main (int argc, char *argv[]) {
+ extern char *optarg;
+ int q;
+ int do_validation = 0;
+ err_status_t status;
+
+ if (argc == 1)
+ usage(argv[0]);
+
+ /* initialize kernel - we need to do this before anything else */
+ status = crypto_kernel_init();
+ if (status) {
+ printf("error: crypto_kernel init failed\n");
+ exit(1);
+ }
+ printf("crypto_kernel successfully initalized\n");
+
+ /* process input arguments */
+ while (1) {
+ q = getopt(argc, argv, "vd:");
+ if (q == -1)
+ break;
+ switch (q) {
+ case 'v':
+ do_validation = 1;
+ break;
+ case 'd':
+ status = crypto_kernel_set_debug_module(optarg, 1);
+ if (status) {
+ printf("error: set debug module (%s) failed\n", optarg);
+ exit(1);
+ }
+ break;
+ default:
+ usage(argv[0]);
+ }
+ }
+
+ if (do_validation) {
+ printf("checking crypto_kernel status...\n");
+ status = crypto_kernel_status();
+ if (status) {
+ printf("failed\n");
+ exit(1);
+ }
+ printf("crypto_kernel passed self-tests\n");
+ }
+
+ status = crypto_kernel_shutdown();
+ if (status) {
+ printf("error: crypto_kernel shutdown failed\n");
+ exit(1);
+ }
+ printf("crypto_kernel successfully shut down\n");
+
+ return 0;
+}
+
+/*
+ * crypto_kernel_cipher_test() is a test of the cipher interface
+ * of the crypto_kernel
+ */
+
+err_status_t
+crypto_kernel_cipher_test(void) {
+
+ /* not implemented yet! */
+
+ return err_status_ok;
+}
diff --git a/netwerk/srtp/src/crypto/test/rand_gen.c b/netwerk/srtp/src/crypto/test/rand_gen.c
new file mode 100644
index 000000000..ccea097f2
--- /dev/null
+++ b/netwerk/srtp/src/crypto/test/rand_gen.c
@@ -0,0 +1,140 @@
+/*
+ * rand_gen.c
+ *
+ * a random source (random number generator)
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright(c) 2001-2006 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include <stdio.h> /* for printf() */
+#include <unistd.h> /* for getopt() */
+#include "crypto_kernel.h"
+
+/*
+ * MAX_PRINT_STRING_LEN is defined in datatypes.h, and is the length
+ * of the largest hexadecimal string that can be generated by the
+ * function octet_string_hex_string().
+ */
+
+#define BUF_LEN (MAX_PRINT_STRING_LEN/2)
+
+void
+usage(char *prog_name) {
+ printf("usage: %s -n <num_bytes> [-l][ -d debug_module ]*\n"
+ " -n <num> output <num> random bytes, where <num>"
+ " is between zero and %d\n"
+ " -l list the avaliable debug modules\n"
+ " -d <mod> turn on debugging module <mod>\n",
+ prog_name, BUF_LEN);
+ exit(255);
+}
+
+int
+main (int argc, char *argv[]) {
+ extern char *optarg;
+ int q;
+ int num_octets = 0;
+ unsigned do_list_mods = 0;
+ err_status_t status;
+
+ if (argc == 1)
+ usage(argv[0]);
+
+ /* initialize kernel - we need to do this before anything else */
+ status = crypto_kernel_init();
+ if (status) {
+ printf("error: crypto_kernel init failed\n");
+ exit(1);
+ }
+
+ /* process input arguments */
+ while (1) {
+ q = getopt(argc, argv, "ld:n:");
+ if (q == -1)
+ break;
+ switch (q) {
+ case 'd':
+ status = crypto_kernel_set_debug_module(optarg, 1);
+ if (status) {
+ printf("error: set debug module (%s) failed\n", optarg);
+ exit(1);
+ }
+ break;
+ case 'l':
+ do_list_mods = 1;
+ break;
+ case 'n':
+ num_octets = atoi(optarg);
+ if (num_octets < 0 || num_octets > BUF_LEN)
+ usage(argv[0]);
+ break;
+ default:
+ usage(argv[0]);
+ }
+ }
+
+ if (do_list_mods) {
+ status = crypto_kernel_list_debug_modules();
+ if (status) {
+ printf("error: list of debug modules failed\n");
+ exit(1);
+ }
+ }
+
+ if (num_octets > 0) {
+ uint8_t buffer[BUF_LEN];
+
+ status = crypto_get_random(buffer, num_octets);
+ if (status) {
+ printf("error: failure in random source\n");
+ } else {
+ printf("%s\n", octet_string_hex_string(buffer, num_octets));
+ }
+ }
+
+ status = crypto_kernel_shutdown();
+ if (status) {
+ printf("error: crypto_kernel shutdown failed\n");
+ exit(1);
+ }
+
+ return 0;
+}
+
diff --git a/netwerk/srtp/src/crypto/test/sha1_driver.c b/netwerk/srtp/src/crypto/test/sha1_driver.c
new file mode 100644
index 000000000..6036022e9
--- /dev/null
+++ b/netwerk/srtp/src/crypto/test/sha1_driver.c
@@ -0,0 +1,550 @@
+/*
+ * sha1_driver.c
+ *
+ * a test driver for SHA-1
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <stdio.h>
+#include "sha1.h"
+
+#define SHA_PASS 0
+#define SHA_FAIL 1
+
+#define MAX_HASH_DATA_LEN 1024
+#define MAX_HASH_OUT_LEN 20
+
+typedef struct hash_test_case_t {
+ unsigned data_len; /* number of octets in data */
+ unsigned hash_len; /* number of octets output by hash */
+ uint8_t data[MAX_HASH_DATA_LEN]; /* message data */
+ uint8_t hash[MAX_HASH_OUT_LEN]; /* expected hash output */
+ struct hash_test_case_t *next_test_case;
+} hash_test_case_t;
+
+hash_test_case_t *sha1_test_case_list;
+
+err_status_t
+hash_test_case_add(hash_test_case_t **list_ptr,
+ char *hex_data,
+ unsigned data_len,
+ char *hex_hash,
+ unsigned hash_len) {
+ hash_test_case_t *list_head = *list_ptr;
+ hash_test_case_t *test_case;
+ unsigned tmp_len;
+
+ test_case = malloc(sizeof(hash_test_case_t));
+ if (test_case == NULL)
+ return err_status_alloc_fail;
+
+ tmp_len = hex_string_to_octet_string((char *)test_case->data, hex_data, data_len*2);
+ if (tmp_len != data_len*2)
+ return err_status_parse_err;
+
+ tmp_len = hex_string_to_octet_string((char *)test_case->hash, hex_hash, hash_len*2);
+ if (tmp_len != hash_len*2)
+ return err_status_parse_err;
+
+ test_case->data_len = data_len;
+ test_case->hash_len = hash_len;
+
+ /* add the new test case to the head of the list */
+ test_case->next_test_case = list_head;
+ *list_ptr = test_case;
+
+ return err_status_ok;
+}
+
+err_status_t
+sha1_test_case_validate(const hash_test_case_t *test_case) {
+ sha1_ctx_t ctx;
+ uint32_t hash_value[5];
+
+ if (test_case == NULL)
+ return err_status_bad_param;
+
+ if (test_case->hash_len != 20)
+ return err_status_bad_param;
+ if (test_case->data_len > MAX_HASH_DATA_LEN)
+ return err_status_bad_param;
+
+ sha1_init(&ctx);
+ sha1_update(&ctx, test_case->data, test_case->data_len);
+ sha1_final(&ctx, hash_value);
+ if (0 == memcmp(test_case->hash, hash_value, 20)) {
+#if VERBOSE
+ printf("PASSED: reference value: %s\n",
+ octet_string_hex_string((const uint8_t *)test_case->hash, 20));
+ printf("PASSED: computed value: %s\n",
+ octet_string_hex_string((const uint8_t *)hash_value, 20));
+#endif
+ return err_status_ok;
+ }
+
+ printf("reference value: %s\n",
+ octet_string_hex_string((const uint8_t *)test_case->hash, 20));
+ printf("computed value: %s\n",
+ octet_string_hex_string((const uint8_t *)hash_value, 20));
+
+ return err_status_algo_fail;
+
+}
+
+struct hex_sha1_test_case_t {
+ unsigned bit_len;
+ char hex_data[MAX_HASH_DATA_LEN*2];
+ char hex_hash[40];
+};
+
+err_status_t
+sha1_add_test_cases(void) {
+ int i;
+ err_status_t err;
+
+ /*
+ * these test cases are taken from the "SHA-1 Sample Vectors"
+ * provided by NIST at http://csrc.nist.gov/cryptval/shs.html
+ */
+
+ struct hex_sha1_test_case_t tc[] = {
+ {
+ 0,
+ "",
+ "da39a3ee5e6b4b0d3255bfef95601890afd80709"
+ },
+ {
+ 8,
+ "a8",
+ "99f2aa95e36f95c2acb0eaf23998f030638f3f15"
+ },
+ {
+ 16,
+ "3000",
+ "f944dcd635f9801f7ac90a407fbc479964dec024"
+ },
+ {
+ 24,
+ "42749e",
+ "a444319e9b6cc1e8464c511ec0969c37d6bb2619"
+ },
+ {
+ 32,
+ "9fc3fe08",
+ "16a0ff84fcc156fd5d3ca3a744f20a232d172253"
+ },
+ {
+ 40,
+ "b5c1c6f1af",
+ "fec9deebfcdedaf66dda525e1be43597a73a1f93"
+ },
+ {
+ 48,
+ "e47571e5022e",
+ "8ce051181f0ed5e9d0c498f6bc4caf448d20deb5"
+ },
+ {
+ 56,
+ "3e1b28839fb758",
+ "67da53837d89e03bf652ef09c369a3415937cfd3"
+ },
+ {
+ 64,
+ "a81350cbb224cb90",
+ "305e4ff9888ad855a78573cddf4c5640cce7e946"
+ },
+ {
+ 72, "c243d167923dec3ce1",
+ "5902b77b3265f023f9bbc396ba1a93fa3509bde7"
+ },
+ {
+ 80,
+ "50ac18c59d6a37a29bf4",
+ "fcade5f5d156bf6f9af97bdfa9c19bccfb4ff6ab"
+ },
+ {
+ 88,
+ "98e2b611ad3b1cccf634f6",
+ "1d20fbe00533c10e3cbd6b27088a5de0c632c4b5"
+ },
+ {
+ 96,
+ "73fe9afb68e1e8712e5d4eec",
+ "7e1b7e0f7a8f3455a9c03e9580fd63ae205a2d93"
+ },
+ {
+ 104,
+ "9e701ed7d412a9226a2a130e66",
+ "706f0677146307b20bb0e8d6311e329966884d13"
+ },
+ {
+ 112,
+ "6d3ee90413b0a7cbf69e5e6144ca",
+ "a7241a703aaf0d53fe142f86bf2e849251fa8dff"
+ },
+ {
+ 120,
+ "fae24d56514efcb530fd4802f5e71f",
+ "400f53546916d33ad01a5e6df66822dfbdc4e9e6"
+ },
+ {
+ 128,
+ "c5a22dd6eda3fe2bdc4ddb3ce6b35fd1",
+ "fac8ab93c1ae6c16f0311872b984f729dc928ccd"
+ },
+ {
+ 136,
+ "d98cded2adabf08fda356445c781802d95",
+ "fba6d750c18da58f6e2aab10112b9a5ef3301b3b"
+ },
+ {
+ 144,
+ "bcc6d7087a84f00103ccb32e5f5487a751a2",
+ "29d27c2d44c205c8107f0351b05753ac708226b6"
+ },
+ {
+ 152,
+ "36ecacb1055434190dbbc556c48bafcb0feb0d",
+ "b971bfc1ebd6f359e8d74cb7ecfe7f898d0ba845"
+ },
+ {
+ 160,
+ "5ff9edb69e8f6bbd498eb4537580b7fba7ad31d0",
+ "96d08c430094b9fcc164ad2fb6f72d0a24268f68"
+ },
+ {
+ 168, "c95b441d8270822a46a798fae5defcf7b26abace36",
+ "a287ea752a593d5209e287881a09c49fa3f0beb1"
+ },
+ {
+ 176,
+ "83104c1d8a55b28f906f1b72cb53f68cbb097b44f860",
+ "a06c713779cbd88519ed4a585ac0cb8a5e9d612b"
+ },
+ {
+ 184,
+ "755175528d55c39c56493d697b790f099a5ce741f7754b",
+ "bff7d52c13a3688132a1d407b1ab40f5b5ace298"
+ },
+ {
+ 192,
+ "088fc38128bbdb9fd7d65228b3184b3faac6c8715f07272f",
+ "c7566b91d7b6f56bdfcaa9781a7b6841aacb17e9"
+ },
+ {
+ 200,
+ "a4a586eb9245a6c87e3adf1009ac8a49f46c07e14185016895",
+ "ffa30c0b5c550ea4b1e34f8a60ec9295a1e06ac1"
+ },
+ {
+ 208,
+ "8e7c555270c006092c2a3189e2a526b873e2e269f0fb28245256",
+ "29e66ed23e914351e872aa761df6e4f1a07f4b81"
+ },
+ {
+ 216,
+ "a5f3bfa6bb0ba3b59f6b9cbdef8a558ec565e8aa3121f405e7f2f0",
+ "b28cf5e5b806a01491d41f69bd9248765c5dc292"
+ },
+ {
+ 224,
+ "589054f0d2bd3c2c85b466bfd8ce18e6ec3e0b87d944cd093ba36469",
+ "60224fb72c46069652cd78bcd08029ef64da62f3"
+ },
+ {
+ 232,
+ "a0abb12083b5bbc78128601bf1cbdbc0fdf4b862b24d899953d8da0ff3",
+ "b72c4a86f72608f24c05f3b9088ef92fba431df7"
+ },
+ {
+ 240,
+ "82143f4cea6fadbf998e128a8811dc75301cf1db4f079501ea568da68eeb",
+ "73779ad5d6b71b9b8328ef7220ff12eb167076ac"
+ },
+ {
+ 248,
+ "9f1231dd6df1ff7bc0b0d4f989d048672683ce35d956d2f57913046267e6f3",
+ "a09671d4452d7cf50015c914a1e31973d20cc1a0"
+ },
+ {
+ 256,
+ "041c512b5eed791f80d3282f3a28df263bb1df95e1239a7650e5670fc2187919",
+ "e88cdcd233d99184a6fd260b8fca1b7f7687aee0"
+ },
+ {
+ 264,
+ "17e81f6ae8c2e5579d69dafa6e070e7111461552d314b691e7a3e7a4feb3fae418",
+ "010def22850deb1168d525e8c84c28116cb8a269"
+ },
+ {
+ 272,
+ "d15976b23a1d712ad28fad04d805f572026b54dd64961fda94d5355a0cc98620cf77",
+ "aeaa40ba1717ed5439b1e6ea901b294ba500f9ad"
+ },
+ {
+ 280,
+ "09fce4d434f6bd32a44e04b848ff50ec9f642a8a85b37a264dc73f130f22838443328f",
+ "c6433791238795e34f080a5f1f1723f065463ca0"
+ },
+ {
+ 288, "f17af27d776ec82a257d8d46d2b46b639462c56984cc1be9c1222eadb8b26594a25c709d",
+ "e21e22b89c1bb944a32932e6b2a2f20d491982c3"
+ },
+ {
+ 296,
+ "b13ce635d6f8758143ffb114f2f601cb20b6276951416a2f94fbf4ad081779d79f4f195b22",
+ "575323a9661f5d28387964d2ba6ab92c17d05a8a"
+ },
+ {
+ 304,
+ "5498793f60916ff1c918dde572cdea76da8629ba4ead6d065de3dfb48de94d234cc1c5002910",
+ "feb44494af72f245bfe68e86c4d7986d57c11db7"
+ },
+ {
+ 312,
+ "498a1e0b39fa49582ae688cd715c86fbaf8a81b8b11b4d1594c49c902d197c8ba8a621fd6e3be5",
+ "cff2290b3648ba2831b98dde436a72f9ebf51eee"
+ },
+ {
+ 320,
+ "3a36ae71521f9af628b3e34dcb0d4513f84c78ee49f10416a98857150b8b15cb5c83afb4b570376e",
+ "9b4efe9d27b965905b0c3dab67b8d7c9ebacd56c"
+ },
+ {
+ 328,
+ "dcc76b40ae0ea3ba253e92ac50fcde791662c5b6c948538cffc2d95e9de99cac34dfca38910db2678f",
+ "afedb0ff156205bcd831cbdbda43db8b0588c113"
+ },
+ {
+ 336,
+ "5b5ec6ec4fd3ad9c4906f65c747fd4233c11a1736b6b228b92e90cddabb0c7c2fcf9716d3fad261dff33",
+ "8deb1e858f88293a5e5e4d521a34b2a4efa70fc4"
+ },
+ {
+ 344,
+ "df48a37b29b1d6de4e94717d60cdb4293fcf170bba388bddf7a9035a15d433f20fd697c3e4c8b8c5f590ab",
+ "95cbdac0f74afa69cebd0e5c7defbc6faf0cbeaf"
+ },
+ {
+ 352,
+ "1f179b3b82250a65e1b0aee949e218e2f45c7a8dbfd6ba08de05c55acfc226b48c68d7f7057e5675cd96fcfc",
+ "f0307bcb92842e5ae0cd4f4f14f3df7f877fbef2"
+ },
+ {
+ 360,
+ "ee3d72da3a44d971578972a8e6780ce64941267e0f7d0179b214fa97855e1790e888e09fbe3a70412176cb3b54",
+ "7b13bb0dbf14964bd63b133ac85e22100542ef55"
+ },
+ {
+ 368,
+ "d4d4c7843d312b30f610b3682254c8be96d5f6684503f8fbfbcd15774fc1b084d3741afb8d24aaa8ab9c104f7258",
+ "c314d2b6cf439be678d2a74e890d96cfac1c02ed"
+ },
+ {
+ 376,
+ "32c094944f5936a190a0877fb9178a7bf60ceae36fd530671c5b38c5dbd5e6a6c0d615c2ac8ad04b213cc589541cf6",
+ "4d0be361e410b47a9d67d8ce0bb6a8e01c53c078"
+ },
+ {
+ 384,
+ "e5d3180c14bf27a5409fa12b104a8fd7e9639609bfde6ee82bbf9648be2546d29688a65e2e3f3da47a45ac14343c9c02",
+ "e5353431ffae097f675cbf498869f6fbb6e1c9f2"
+ },
+ {
+ 392,
+ "e7b6e4b69f724327e41e1188a37f4fe38b1dba19cbf5a7311d6e32f1038e97ab506ee05aebebc1eed09fc0e357109818b9",
+ "b8720a7068a085c018ab18961de2765aa6cd9ac4"
+ },
+ {
+ 400,
+ "bc880cb83b8ac68ef2fedc2da95e7677ce2aa18b0e2d8b322701f67af7d5e7a0d96e9e33326ccb7747cfff0852b961bfd475",
+ "b0732181568543ba85f2b6da602b4b065d9931aa"
+ },
+ {
+ 408,
+ "235ea9c2ba7af25400f2e98a47a291b0bccdaad63faa2475721fda5510cc7dad814bce8dabb611790a6abe56030b798b75c944",
+ "9c22674cf3222c3ba921672694aafee4ce67b96b"
+ },
+ {
+ 416,
+ "07e3e29fed63104b8410f323b975fd9fba53f636af8c4e68a53fb202ca35dd9ee07cb169ec5186292e44c27e5696a967f5e67709",
+ "d128335f4cecca9066cdae08958ce656ff0b4cfc"
+ },
+ {
+ 424,
+ "65d2a1dd60a517eb27bfbf530cf6a5458f9d5f4730058bd9814379547f34241822bf67e6335a6d8b5ed06abf8841884c636a25733f",
+ "0b67c57ac578de88a2ae055caeaec8bb9b0085a0"
+ },
+ {
+ 432,
+ "dcc86b3bd461615bab739d8daafac231c0f462e819ad29f9f14058f3ab5b75941d4241ea2f17ebb8a458831b37a9b16dead4a76a9b0e",
+ "c766f912a89d4ccda88e0cce6a713ef5f178b596"
+ },
+ {
+ 440,
+ "4627d54f0568dc126b62a8c35fb46a9ac5024400f2995e51635636e1afc4373dbb848eb32df23914230560b82477e9c3572647a7f2bb92",
+ "9aa3925a9dcb177b15ccff9b78e70cf344858779"
+ },
+ {
+ 448,
+ "ba531affd4381168ef24d8b275a84d9254c7f5cc55fded53aa8024b2c5c5c8aa7146fe1d1b83d62b70467e9a2e2cb67b3361830adbab28d7",
+ "4811fa30042fc076acf37c8e2274d025307e5943"
+ },
+ {
+ 456,
+ "8764dcbcf89dcf4282eb644e3d568bdccb4b13508bfa7bfe0ffc05efd1390be22109969262992d377691eb4f77f3d59ea8466a74abf57b2ef4",
+ "6743018450c9730761ee2b130df9b91c1e118150"
+ },
+ {
+ 464,
+ "497d9df9ddb554f3d17870b1a31986c1be277bc44feff713544217a9f579623d18b5ffae306c25a45521d2759a72c0459b58957255ab592f3be4",
+ "71ad4a19d37d92a5e6ef3694ddbeb5aa61ada645"
+ },
+ {
+ 472,
+ "72c3c2e065aefa8d9f7a65229e818176eef05da83f835107ba90ec2e95472e73e538f783b416c04654ba8909f26a12db6e5c4e376b7615e4a25819",
+ "a7d9dc68dacefb7d6116186048cb355cc548e11d"
+ },
+ {
+ 480,
+ "7cc9894454d0055ab5069a33984e2f712bef7e3124960d33559f5f3b81906bb66fe64da13c153ca7f5cabc89667314c32c01036d12ecaf5f9a78de98",
+ "142e429f0522ba5abf5131fa81df82d355b96909"
+ },
+ {
+ 488,
+ "74e8404d5a453c5f4d306f2cfa338ca65501c840ddab3fb82117933483afd6913c56aaf8a0a0a6b2a342fc3d9dc7599f4a850dfa15d06c61966d74ea59",
+ "ef72db70dcbcab991e9637976c6faf00d22caae9"
+ },
+ {
+ 496,
+ "46fe5ed326c8fe376fcc92dc9e2714e2240d3253b105adfbb256ff7a19bc40975c604ad7c0071c4fd78a7cb64786e1bece548fa4833c04065fe593f6fb10",
+ "f220a7457f4588d639dc21407c942e9843f8e26b"
+ },
+ {
+ 504,
+ "836dfa2524d621cf07c3d2908835de859e549d35030433c796b81272fd8bc0348e8ddbc7705a5ad1fdf2155b6bc48884ac0cd376925f069a37849c089c8645",
+ "ddd2117b6e309c233ede85f962a0c2fc215e5c69"
+ },
+ {
+ 512,
+ "7e3a4c325cb9c52b88387f93d01ae86d42098f5efa7f9457388b5e74b6d28b2438d42d8b64703324d4aa25ab6aad153ae30cd2b2af4d5e5c00a8a2d0220c6116",
+ "a3054427cdb13f164a610b348702724c808a0dcc"
+ }
+ };
+
+
+ for (i=0; i < 65; i++) {
+ err = hash_test_case_add(&sha1_test_case_list,
+ tc[i].hex_data,
+ tc[i].bit_len/8,
+ tc[i].hex_hash, 20);
+ if (err) {
+ printf("error adding hash test case (code %d)\n", err);
+ return err;
+ }
+ }
+
+ return err_status_ok;
+}
+
+err_status_t
+sha1_dealloc_test_cases(void) {
+ hash_test_case_t *t, *next;
+
+ for (t = sha1_test_case_list; t != NULL; t = next) {
+ next = t->next_test_case;
+ free(t);
+ }
+
+ sha1_test_case_list = NULL;
+
+ return err_status_ok;
+}
+
+
+
+err_status_t
+sha1_validate(void) {
+ hash_test_case_t *test_case;
+ err_status_t err;
+
+ err = sha1_add_test_cases();
+ if (err) {
+ printf("error adding SHA1 test cases (error code %d)\n", err);
+ return err;
+ }
+
+ if (sha1_test_case_list == NULL)
+ return err_status_cant_check;
+
+ test_case = sha1_test_case_list;
+ while (test_case != NULL) {
+ err = sha1_test_case_validate(test_case);
+ if (err) {
+ printf("error validating hash test case (error code %d)\n", err);
+ return err;
+ }
+ test_case = test_case->next_test_case;
+ }
+
+ sha1_dealloc_test_cases();
+
+ return err_status_ok;
+}
+
+
+
+int
+main (void) {
+ err_status_t err;
+
+ printf("sha1 test driver\n");
+
+ err = sha1_validate();
+ if (err) {
+ printf("SHA1 did not pass validation testing\n");
+ return 1;
+ }
+ printf("SHA1 passed validation tests\n");
+
+ return 0;
+
+}
diff --git a/netwerk/srtp/src/crypto/test/stat_driver.c b/netwerk/srtp/src/crypto/test/stat_driver.c
new file mode 100644
index 000000000..4ff2b1426
--- /dev/null
+++ b/netwerk/srtp/src/crypto/test/stat_driver.c
@@ -0,0 +1,174 @@
+/*
+ * stat-driver.c
+ *
+ * test driver for the stat_test functions
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2006, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <stdio.h> /* for printf() */
+
+#include "err.h"
+#include "stat.h"
+
+#include "cipher.h"
+
+typedef struct {
+ void *state;
+} random_source_t;
+
+err_status_t
+random_source_alloc(void);
+
+void
+err_check(err_status_t s) {
+ if (s) {
+ printf("error (code %d)\n", s);
+ exit(1);
+ }
+}
+
+int
+main (int argc, char *argv[]) {
+ uint8_t buffer[2500];
+ unsigned int buf_len = 2500;
+ int i, j;
+ extern cipher_type_t aes_icm;
+ cipher_t *c;
+ uint8_t key[46] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05
+ };
+ v128_t nonce;
+ int num_trials = 500;
+ int num_fail;
+
+ printf("statistical tests driver\n");
+
+ for (i=0; i < 2500; i++)
+ buffer[i] = 0;
+
+ /* run tests */
+ printf("running stat_tests on all-null buffer, expecting failure\n");
+ printf("monobit %d\n", stat_test_monobit(buffer));
+ printf("poker %d\n", stat_test_poker(buffer));
+ printf("runs %d\n", stat_test_runs(buffer));
+
+ for (i=0; i < 2500; i++)
+ buffer[i] = rand();
+ printf("running stat_tests on rand(), expecting success\n");
+ printf("monobit %d\n", stat_test_monobit(buffer));
+ printf("poker %d\n", stat_test_poker(buffer));
+ printf("runs %d\n", stat_test_runs(buffer));
+
+ printf("running stat_tests on AES-128-ICM, expecting success\n");
+ /* set buffer to cipher output */
+ for (i=0; i < 2500; i++)
+ buffer[i] = 0;
+ err_check(cipher_type_alloc(&aes_icm, &c, 30));
+ err_check(cipher_init(c, key, direction_encrypt));
+ err_check(cipher_set_iv(c, &nonce));
+ err_check(cipher_encrypt(c, buffer, &buf_len));
+ /* run tests on cipher outout */
+ printf("monobit %d\n", stat_test_monobit(buffer));
+ printf("poker %d\n", stat_test_poker(buffer));
+ printf("runs %d\n", stat_test_runs(buffer));
+
+ printf("runs test (please be patient): ");
+ fflush(stdout);
+ num_fail = 0;
+ v128_set_to_zero(&nonce);
+ for(j=0; j < num_trials; j++) {
+ for (i=0; i < 2500; i++)
+ buffer[i] = 0;
+ nonce.v32[3] = i;
+ err_check(cipher_set_iv(c, &nonce));
+ err_check(cipher_encrypt(c, buffer, &buf_len));
+ if (stat_test_runs(buffer)) {
+ num_fail++;
+ }
+ }
+
+ printf("%d failures in %d tests\n", num_fail, num_trials);
+ printf("(nota bene: a small fraction of stat_test failures does not \n"
+ "indicate that the random source is invalid)\n");
+
+ err_check(cipher_dealloc(c));
+
+ printf("running stat_tests on AES-256-ICM, expecting success\n");
+ /* set buffer to cipher output */
+ for (i=0; i < 2500; i++)
+ buffer[i] = 0;
+ err_check(cipher_type_alloc(&aes_icm, &c, 46));
+ err_check(cipher_init(c, key, direction_encrypt));
+ err_check(cipher_set_iv(c, &nonce));
+ err_check(cipher_encrypt(c, buffer, &buf_len));
+ /* run tests on cipher outout */
+ printf("monobit %d\n", stat_test_monobit(buffer));
+ printf("poker %d\n", stat_test_poker(buffer));
+ printf("runs %d\n", stat_test_runs(buffer));
+
+ printf("runs test (please be patient): ");
+ fflush(stdout);
+ num_fail = 0;
+ v128_set_to_zero(&nonce);
+ for(j=0; j < num_trials; j++) {
+ for (i=0; i < 2500; i++)
+ buffer[i] = 0;
+ nonce.v32[3] = i;
+ err_check(cipher_set_iv(c, &nonce));
+ err_check(cipher_encrypt(c, buffer, &buf_len));
+ if (stat_test_runs(buffer)) {
+ num_fail++;
+ }
+ }
+
+ printf("%d failures in %d tests\n", num_fail, num_trials);
+ printf("(nota bene: a small fraction of stat_test failures does not \n"
+ "indicate that the random source is invalid)\n");
+
+ err_check(cipher_dealloc(c));
+
+ return 0;
+}