You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@milagro.apache.org by br...@apache.org on 2018/11/08 00:12:51 UTC
[31/51] [partial] incubator-milagro-crypto-c git commit: update code
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-c/blob/8d28d2c3/src/x509.c
----------------------------------------------------------------------
diff --git a/src/x509.c b/src/x509.c
new file mode 100644
index 0000000..67c7e79
--- /dev/null
+++ b/src/x509.c
@@ -0,0 +1,1081 @@
+/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+*/
+
+/* AMCL X.509 Functions */
+
+// To run test program, define HAS_MAIN
+// gcc -std=c99 x509.c amcl.a -o x509.exe
+
+//#define HAS_MAIN
+
+#include <stdio.h>
+#include "amcl.h" // for octet support only
+#include "x509.h"
+
+// ASN.1 tags
+
+#define ANY 0x00
+#define SEQ 0x30
+#define OID 0x06
+#define INT 0x02
+#define NUL 0x05
+#define ZER 0x00
+#define UTF 0x0C
+#define UTC 0x17
+#define LOG 0x01
+#define BIT 0x03
+#define OCT 0x04
+#define STR 0x13
+#define SET 0x31
+#define IA5 0x16
+
+// Supported Encryption Methods
+
+#define ECC 1
+#define RSA 2
+
+// Supported Hash functions
+
+#define H256 2
+#define H384 3
+#define H512 4
+
+// Supported Curves
+
+#define NIST256 0 /**< For the NIST 256-bit standard curve - WEIERSTRASS only */
+#define C25519 1 /**< Bernstein's Modulus 2^255-19 - EDWARDS or MONTGOMERY only */
+#define BRAINPOOL 2 /**< For Brainpool 256-bit curve - WEIERSTRASS only */
+#define ANSSI 3 /**< For French 256-bit standard curve - WEIERSTRASS only */
+#define NIST384 10 /**< For the NIST 384-bit standard curve - WEIERSTRASS only */
+#define NIST521 12 /**< For the NIST 521-bit standard curve - WEIERSTRASS only */
+
+
+// Define some OIDs
+
+// Elliptic Curve with SHA256
+static unsigned char eccsha256[8]= {0x2a,0x86,0x48,0xce,0x3d,0x04,0x03,0x02};
+static octet ECCSHA256= {8,sizeof(eccsha256),(char *)eccsha256};
+
+// Elliptic Curve with SHA384
+static unsigned char eccsha384[8]= {0x2a,0x86,0x48,0xce,0x3d,0x04,0x03,0x03};
+static octet ECCSHA384= {8,sizeof(eccsha384),(char *)eccsha384};
+
+// Elliptic Curve with SHA512
+static unsigned char eccsha512[8]= {0x2a,0x86,0x48,0xce,0x3d,0x04,0x03,0x04};
+static octet ECCSHA512= {8,sizeof(eccsha512),(char *)eccsha512};
+
+// EC Public Key
+static unsigned char ecpk[7]= {0x2a,0x86,0x48,0xce,0x3d,0x02,0x01};
+static octet ECPK= {7,sizeof(ecpk),(char *)ecpk};
+
+// C25519 curve
+static unsigned char prime25519[9]= {0x2B,0x06,0x01,0x04,0x01,0xDA,0x47,0x0F,0x01}; /*****/
+static octet PRIME25519= {9,sizeof(prime25519),(char *)prime25519};
+
+// NIST256 curve
+static unsigned char prime256v1[8]= {0x2a,0x86,0x48,0xce,0x3d,0x03,0x01,0x07};
+static octet PRIME256V1= {8,sizeof(prime256v1),(char *)prime256v1};
+
+// NIST384 curve
+static unsigned char secp384r1[5]= {0x2B,0x81,0x04,0x00,0x22};
+static octet SECP384R1= {5,sizeof(secp384r1),(char *)secp384r1};
+
+// NIST521 curve
+static unsigned char secp521r1[5]= {0x2B,0x81,0x04,0x00,0x23};
+static octet SECP521R1= {5,sizeof(secp521r1),(char *)secp521r1};
+
+// RSA Public Key
+static unsigned char rsapk[9]= {0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01};
+static octet RSAPK= {9,sizeof(rsapk),(char *)rsapk};
+
+// RSA with SHA256
+static unsigned char rsasha256[9]= {0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x0b};
+static octet RSASHA256= {9,sizeof(rsasha256),(char *)rsasha256};
+
+// RSA with SHA384
+static unsigned char rsasha384[9]= {0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x0c};
+static octet RSASHA384= {9,sizeof(rsasha384),(char *)rsasha384};
+
+// RSA with SHA512
+static unsigned char rsasha512[9]= {0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x0d};
+static octet RSASHA512= {9,sizeof(rsasha512),(char *)rsasha512};
+
+#ifdef HAS_MAIN
+// countryName
+static unsigned char cn[3]= {0x55,0x04,0x06};
+static octet CN= {3,sizeof(cn),(char *)cn};
+
+// orgName
+static unsigned char on[3]= {0x55,0x04,0x0A};
+static octet ON= {3,sizeof(on),(char *)on};
+
+// emailName
+static unsigned char en[9]= {0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x09,0x01};
+static octet EN= {9,sizeof(en),(char *)en};
+#endif // HAS_MAIN
+
+/* Check expected TAG and return ASN.1 field length. If tag=0 skip check. */
+static int getalen(int tag,char *b,int j)
+{
+ int len;
+
+ if (tag!=0 && (unsigned char)b[j]!=tag) return -1; // not a valid tag
+ j++;
+
+ if ((unsigned char)b[j]==0x81)
+ {
+ j++;
+ len=(unsigned char)b[j];
+ }
+ else if ((unsigned char)b[j]==0x82)
+ {
+ j++;
+ len=256*b[j++];
+ len+=(unsigned char)b[j];
+ }
+ else
+ {
+ len=(unsigned char)b[j];
+ if (len>127) return -1;
+ }
+ return len;
+}
+
+/* jump over length field */
+static int skip(int len)
+{
+ if (len<128) return 2;
+ if (len>=128 && len<256) return 3;
+ return 4;
+}
+
+/* round length up to nearest 8-byte length */
+static int bround(int len)
+{
+ if (len%8==0) return len;
+ return len+(8-len%8);
+
+}
+
+// Input signed cert as octet, and extract signature
+// Return 0 for failure, ECC for Elliptic Curve signature, RSA for RSA signature
+// Note that signature type is not provided here - its the type of the public key that
+// is used to verify it that matters, and which determines for example the curve to be used!
+
+pktype X509_extract_cert_sig(octet *sc,octet *sig)
+{
+ int i,j,k,fin,len,rlen,sj,ex;
+ char soid[9];
+ octet SOID= {0,sizeof(soid),soid};
+ pktype ret;
+
+ ret.type=0;
+ ret.hash=0;
+
+ j=0;
+
+ len=getalen(SEQ,sc->val,j); // Check for expected SEQ clause, and get length
+ if (len<0) return ret; // if not a SEQ clause, there is a problem, exit
+ j+=skip(len); // skip over length to clause contents. Add len to skip clause
+
+ if (len+j!=sc->len) return ret;
+
+ len=getalen(SEQ,sc->val,j);
+ if (len<0) return ret;
+ j+=skip(len)+len; // jump over cert to signature OID
+
+ len=getalen(SEQ,sc->val,j);
+ if (len<0) return ret;
+ j+=skip(len);
+
+ sj=j+len; // Needed to jump over signature OID
+
+ // dive in to extract OID
+ len=getalen(OID,sc->val,j);
+ if (len<0) return ret;
+ j+=skip(len);
+
+ fin=j+len;
+ SOID.len=len;
+ for (i=0; j<fin; j++)
+ SOID.val[i++]= sc->val[j];
+
+ // check OID here..
+
+ if (OCT_comp(&ECCSHA256,&SOID))
+ {
+ ret.type=ECC;
+ ret.hash=H256;
+ }
+ if (OCT_comp(&ECCSHA384,&SOID))
+ {
+ ret.type=ECC;
+ ret.hash=H384;
+ }
+ if (OCT_comp(&ECCSHA512,&SOID))
+ {
+ ret.type=ECC;
+ ret.hash=H512;
+ }
+ if (OCT_comp(&RSASHA256,&SOID))
+ {
+ ret.type=RSA;
+ ret.hash=H256;
+ }
+ if (OCT_comp(&RSASHA384,&SOID))
+ {
+ ret.type=RSA;
+ ret.hash=H384;
+ }
+ if (OCT_comp(&RSASHA512,&SOID))
+ {
+ ret.type=RSA;
+ ret.hash=H512;
+ }
+
+ if (ret.type==0) return ret; // unsupported type
+
+ j=sj; // jump out to signature
+
+ len=getalen(BIT,sc->val,j);
+ if (len<0)
+ {
+ ret.type=0;
+ return ret;
+ }
+ j+=skip(len);
+ j++;
+ len--; // skip bit shift (hopefully 0!)
+
+ if (ret.type==ECC)
+ {
+ // signature in the form (r,s)
+ len=getalen(SEQ,sc->val,j);
+ if (len<0)
+ {
+ ret.type=0;
+ return ret;
+ }
+ j+=skip(len);
+
+ // pick up r part of signature
+ len=getalen(INT,sc->val,j);
+ if (len<0)
+ {
+ ret.type=0;
+ return ret;
+ }
+ j+=skip(len);
+
+ if (sc->val[j]==0)
+ {
+ // skip leading zero
+ j++;
+ len--;
+ }
+ rlen=bround(len);
+
+ ex=rlen-len;
+ sig->len=2*rlen;
+
+ i=0;
+ for (k=0; k<ex; k++)
+ sig->val[i++]=0;
+
+ fin=j+len;
+ for (; j<fin; j++)
+ sig->val[i++]= sc->val[j];
+
+ // pick up s part of signature
+ len=getalen(INT,sc->val,j);
+ if (len<0)
+ {
+ ret.type=0;
+ return ret;
+ }
+ j+=skip(len);
+
+ if (sc->val[j]==0)
+ {
+ // skip leading zeros
+ j++;
+ len--;
+ }
+ rlen=bround(len);
+ ex=rlen-len;
+ for (k=0; k<ex; k++)
+ sig->val[i++]=0;
+
+ fin=j+len;
+ for (; j<fin; j++)
+ sig->val[i++]= sc->val[j];
+
+ }
+ if (ret.type==RSA)
+ {
+ rlen=bround(len);
+ ex=rlen-len;
+
+ sig->len=rlen;
+ i=0;
+ for (k=0; k<ex; k++)
+ sig->val[i++]=0;
+
+ fin=j+len;
+ for (; j<fin; j++)
+ sig->val[i++]= sc->val[j];
+
+ }
+ if (ret.hash==H256) ret.curve=NIST256;
+ if (ret.hash==H384) ret.curve=NIST384;
+ if (ret.hash==H512) ret.curve=NIST521;
+
+ return ret;
+}
+
+// Extract certificate from signed cert
+int X509_extract_cert(octet *sc,octet *cert)
+{
+ int i,j,fin,len,k;
+
+ j=0;
+ len=getalen(SEQ,sc->val,j);
+
+ if (len<0) return 0;
+ j+=skip(len);
+
+ k=j;
+
+ len=getalen(SEQ,sc->val,j);
+ if (len<0) return 0;
+ j+=skip(len);
+
+ fin=j+len;
+ cert->len=fin-k;
+ for (i=k; i<fin; i++) cert->val[i-k]=sc->val[i];
+
+ return 1;
+}
+
+// Extract Public Key from inside Certificate
+pktype X509_extract_public_key(octet *c,octet *key)
+{
+ int i,j,fin,len,sj;
+ char koid[12]; /*****/
+ octet KOID= {0,sizeof(koid),koid};
+ pktype ret;
+
+ ret.type=ret.hash=0;
+ ret.curve=-1;
+
+ j=0;
+
+ len=getalen(SEQ,c->val,j);
+ if (len<0) return ret;
+ j+=skip(len);
+
+ if (len+j!=c->len) return ret;
+
+ len=getalen(0,c->val,j);
+ if (len<0) return ret;
+ j+=skip(len)+len; //jump over version clause
+
+ len=getalen(INT,c->val,j);
+
+ if (len>0) j+=skip(len)+len; // jump over serial number clause (if there is one)
+
+ len=getalen(SEQ,c->val,j);
+ if (len<0) return ret;
+ j+=skip(len)+len; // jump over signature algorithm
+
+ len=getalen(SEQ,c->val,j);
+ if (len<0) return ret;
+ j+=skip(len)+len; // skip issuer
+
+ len=getalen(SEQ,c->val,j);
+ if (len<0) return ret;
+ j+=skip(len)+len; // skip validity
+
+ len=getalen(SEQ,c->val,j);
+ if (len<0) return ret;
+ j+=skip(len)+len; // skip subject
+
+ len=getalen(SEQ,c->val,j);
+ if (len<0) return ret;
+ j+=skip(len); //
+
+ len=getalen(SEQ,c->val,j);
+ if (len<0) return ret;
+ j+=skip(len);
+
+ // ** Maybe dive in and check Public Key OIDs here?
+ // ecpublicKey & prime256v1, secp384r1 or secp521r1 for ECC
+ // rsapublicKey for RSA
+
+ sj=j+len;
+
+ len=getalen(OID,c->val,j);
+ if (len<0) return ret;
+ j+=skip(len);
+
+ fin=j+len;
+ KOID.len=len;
+ for (i=0; j<fin; j++)
+ KOID.val[i++]= c->val[j];
+
+ ret.type=0;
+ if (OCT_comp(&ECPK,&KOID)) ret.type=ECC;
+ if (OCT_comp(&RSAPK,&KOID)) ret.type=RSA;
+
+ if (ret.type==0) return ret;
+
+ if (ret.type==ECC)
+ {
+ // which elliptic curve?
+ len=getalen(OID,c->val,j);
+ if (len<0)
+ {
+ ret.type=0;
+ return ret;
+ }
+ j+=skip(len);
+
+ fin=j+len;
+ KOID.len=len;
+ for (i=0; j<fin; j++)
+ KOID.val[i++]= c->val[j];
+
+ if (OCT_comp(&PRIME25519,&KOID)) ret.curve=C25519; /*****/
+ if (OCT_comp(&PRIME256V1,&KOID)) ret.curve=NIST256;
+ if (OCT_comp(&SECP384R1,&KOID)) ret.curve=NIST384;
+ if (OCT_comp(&SECP521R1,&KOID)) ret.curve=NIST521;
+ }
+
+ j=sj; // skip to actual Public Key
+
+ len=getalen(BIT,c->val,j);
+ if (len<0)
+ {
+ ret.type=0;
+ return ret;
+ }
+ j+=skip(len); //
+ j++;
+ len--; // skip bit shift (hopefully 0!)
+
+ // extract key
+ if (ret.type==ECC)
+ {
+ key->len=len;
+ fin=j+len;
+ for (i=0; j<fin; j++)
+ key->val[i++]= c->val[j];
+
+ }
+ if (ret.type==RSA)
+ {
+ // Key is (modulus,exponent) - assume exponent is 65537
+ len=getalen(SEQ,c->val,j);
+ if (len<0)
+ {
+ ret.type=0;
+ return ret;
+ }
+ j+=skip(len); //
+
+ len=getalen(INT,c->val,j); // get modulus
+ if (len<0)
+ {
+ ret.type=0;
+ return ret;
+ }
+ j+=skip(len); //
+ if (c->val[j]==0)
+ {
+ j++;
+ len--; // remove leading zero
+ }
+
+ key->len=len;
+ fin=j+len;
+ for (i=0; j<fin; j++)
+ key->val[i++]= c->val[j];
+
+ ret.curve=8*len;
+ }
+ return ret;
+}
+
+// Find pointer to main sections of cert, before extracting individual field
+// Find index to issuer in cert
+int X509_find_issuer(octet *c)
+{
+ int j,len;
+ j=0;
+ len=getalen(SEQ,c->val,j);
+ if (len<0) return 0;
+ j+=skip(len);
+
+ if (len+j!=c->len) return 0;
+
+ len=getalen(0,c->val,j);
+ if (len<0) return 0;
+ j+=skip(len)+len; //jump over version clause
+
+ len=getalen(INT,c->val,j);
+
+ if (len>0) j+=skip(len)+len; // jump over serial number clause (if there is one)
+
+ len=getalen(SEQ,c->val,j);
+ if (len<0) return 0;
+ j+=skip(len)+len; // jump over signature algorithm
+
+ return j;
+}
+
+// Find index to validity period
+int X509_find_validity(octet *c)
+{
+ int j,len;
+ j=X509_find_issuer(c);
+
+ len=getalen(SEQ,c->val,j);
+ if (len<0) return 0;
+ j+=skip(len)+len; // skip issuer
+
+ return j;
+}
+
+// Find index to subject in cert
+int X509_find_subject(octet *c)
+{
+ int j,len;
+ j=X509_find_validity(c);
+
+ len=getalen(SEQ,c->val,j);
+ if (len<0) return 0;
+ j+=skip(len)+len; // skip validity
+
+ return j;
+}
+
+// NOTE: When extracting cert information, we actually return just an index to the data inside the cert, and maybe its length
+// So no memory is assigned to store cert info. It is the callers responsibility to allocate such memory if required, and copy
+// cert information into it.
+
+// Find entity property indicated by SOID, given start of issuer or subject field. Return index in cert, flen=length of field
+
+int X509_find_entity_property(octet *c,octet *SOID,int start,int *flen)
+{
+ int i,j,k,fin,len,tlen;
+ char foid[50]; /*****/
+ octet FOID= {0,sizeof(foid),foid};
+
+ j=start;
+
+ tlen=getalen(SEQ,c->val,j);
+ if (tlen<0) return 0;
+ j+=skip(tlen);
+
+ for (k=j; j<k+tlen;)
+ {
+ // search for Owner OID
+ len=getalen(SET,c->val,j);
+ if (len<0) return 0;
+ j+=skip(len);
+ len=getalen(SEQ,c->val,j);
+ if (len<0) return 0;
+ j+=skip(len);
+ len=getalen(OID,c->val,j);
+ if (len<0) return 0;
+ j+=skip(len);
+ fin=j+len; // extract OID
+ FOID.len=len;
+ for (i=0; j<fin; j++)
+ FOID.val[i++]= c->val[j];
+ len=getalen(ANY,c->val,j); // get text, could be any type
+ if (len<0) return 0;
+
+ j+=skip(len);
+ if (OCT_comp(&FOID,SOID))
+ {
+ // if its the right one return
+ *flen=len;
+ return j;
+ }
+ j+=len; // skip over it
+ }
+ *flen=0; /*****/
+ return 0;
+}
+
+// Find start date of certificate validity period
+int X509_find_start_date(octet *c,int start)
+{
+ int j,len;
+ j=start;
+
+ len=getalen(SEQ,c->val,j);
+ if (len<0) return 0;
+ j+=skip(len);
+
+ len=getalen(UTC,c->val,j);
+ if (len<0) return 0;
+ j+=skip(len);
+ return j;
+}
+
+// Find expiry date of certificate validity period
+int X509_find_expiry_date(octet *c,int start)
+{
+ int j,len;
+ j=start;
+
+ len=getalen(SEQ,c->val,j);
+ if (len<0) return 0;
+ j+=skip(len);
+
+ len=getalen(UTC,c->val,j);
+ if (len<0) return 0;
+ j+=skip(len)+len;
+
+ len=getalen(UTC,c->val,j);
+ if (len<0) return 0;
+ j+=skip(len);
+
+ return j;
+}
+
+void print_out(char *des,octet *c,int index,int len)
+{
+ int i;
+ printf("%s [",des);
+ for (i=0; i<len; i++)
+ printf("%c",c->val[index+i]);
+ printf("]\n");
+}
+
+void print_date(char *des,octet *c,int index)
+{
+ int i=index;
+ printf("%s [",des);
+ if (i==0) printf("]\n");
+ else printf("20%c%c-%c%c-%c%c %c%c:%c%c:%c%c]\n",c->val[i],c->val[i+1],c->val[i+2],c->val[i+3],c->val[i+4],c->val[i+5],c->val[i+6],c->val[i+7],c->val[i+8],c->val[i+9],c->val[i+10],c->val[i+11]);
+}
+
+
+#ifdef HAS_MAIN
+
+/* This simple driver program is hard-wired to support just one elliptic curve and one
+ RSA bit length. To change replace the text string NIST256 in the main program to
+ another curve and 2048 to some other value, where the curve and the RSA bit length
+ are suppported by the library. Of course a more elaborate program could support
+ muliple curves simultaneously */
+
+#define CHOICE NIST256
+
+
+
+/* test driver program */
+// Sample Certs. Uncomment one CA cert and one example cert. Note that AMCL library must be built to support given curve.
+// Sample Certs all created using OpenSSL - see http://blog.didierstevens.com/2008/12/30/howto-make-your-own-cert-with-openssl/
+// Note - SSL currently only supports NIST curves. Howevever version 1.1.0 of OpenSSL now supports C25519
+
+#if CHOICE==NIST256
+
+#include "ecdh_NIST256.h"
+#include "rsa_2048.h"
+
+// ** CA is RSA 2048-bit based - for use with NIST256 build of library - assumes use of SHA256 in Certs
+// RSA 2048 Self-Signed CA cert
+char ca_b64[]="MIIDuzCCAqOgAwIBAgIJAP44jcM1MOROMA0GCSqGSIb3DQEBCwUAMHQxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEfMB0GCSqGSIb3DQEJARYQbXNjb3R0QGluZGlnby5pZTAeFw0xNTExMjYwOTUwMzlaFw0yMDExMjUwOTUwMzlaMHQxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEfMB0GCSqGSIb3DQEJARYQbXNjb3R0QGluZGlnby5pZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANUs7/nri9J8zw8rW8JVszXP0ZqeLoQJaq2X28ebm8x5VT3okr9rnBjFjpx0YKQCAFQf8iSOOYuNpDvtZ/YpsjPbk2rg5sLY9G0eUMqrTuZ7moPSxnrXS5evizjD9Z9HqaqeNEYD3sPouPg+lhU1oAUQjUTJVFhEr1x0EnSEYbbrWtY9ZDSuZv+d4NIeqqPOYFd1yZc+LYZyQbAAQqwRLNPZH/rnIykLa6I7w7mGT7H6SBz2O09BtgpTHhalL40ecXa4ZOEze0xwzlc+mEFIrnmdadg3vQrJt42RVbo3LN6RfDIqUZOMOtQW/53pUR1lIpCwVWJTiOpmSEIEqhhjFq0CAwEAAaNQME4wHQYDVR0OBBYEFJrz6LHeT6FcjRahpUC3hAMxKRTCMB8GA1UdIwQYMBaAFJrz6LHeT6FcjRahpUC3hAMxKRTCMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBADqkqCYVa3X8XO9Ufu6XIUoZafFPRjSeJXvEIWqlbm7ixJ
Z2FPOvf2eMc5RCZYigNKhsxru5Ojw0lPcpa8DDmEsdZDf7p0vlmf7T7xH9gtoInh4DzgI8HRHFc8R/z2/jLX7nlLoopKX5yp7F1gRACg0pd4tGpQ6EnBNcYZZghFH9UIRDmx+vDlwDCu8vyRPt35orrEiI4XGq/QkvxxAb5YWxQ4i06064ULfyCI7suu3KoobdM1aAaA8zhpOOBXKbq+Wi9IGFe/wiEMHLmfHdt9CBTjIWb//IHji4RT05kCmTVrx97pb7EHafuL3L10mM5cpTyBWKnb4kMFtx9yw+S2U=";
+// an RSA 2048 CA-signed cert
+//char cert_b64[]="MIIDcjCCAloCAQEwDQYJKoZIhvcNAQELBQAwdDELMAkGA1UEBhMCSUUxEDAOBgNVBAgMB0lyZWxhbmQxDzANBgNVBAcMBkR1YmxpbjEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMR8wHQYJKoZIhvcNAQkBFhBtc2NvdHRAaW5kaWdvLmllMB4XDTE1MTEyNjEwMzQzMFoXDTE3MTEyNTEwMzQzMFowgYkxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xETAPBgNVBAoMCENlcnRpVm94MQ0wCwYDVQQLDARMYWJzMQ0wCwYDVQQDDARNSUtFMSYwJAYJKoZIhvcNAQkBFhdtaWtlLnNjb3R0QGNlcnRpdm94LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMIoxaQHFQzfyNChrw+3i7FjRFMHZ4zspkjkAcJW21LdBCqrxU+sdjyBoSFlrlafQOHshbrEP93AKX1bfaYbuV4fzq7OlRaLxaK+b+xrOJdewMI2WZ5OwEzj3onZATISogIoB6dTdzJ41NuxuMqQ/DqOnVrRA0SoIespbQhB8FGHBLw0hJATBzUk+bqOIt0HmnMp2EbYgtuG4lYINU/lD3Qt16SunUukWRLtxqJkioie+dkhP2zm+bOlSVmeQb4Wp8AI14OKkTfkdYC8qCxb5eabg90Q33rQUhNwRQHhHwopZwD/BgodasoSrPfwUlj0awh6y87eMGcik5Q/mjkCk5MCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAFrd7R/67ClkbLhpiX++6QTOa47siUAB9v+Qil9hZfhPNeeM589ixYkD4zH5pOK2B0ea+CXEKkanQ6lXx9KV86yS7fq6Yww7wO0diecusHd0+P82i46Tq0nm8nlsnAuhYoFRUGa2m2D
kB1HSsB0ts8DjzFLySonFjSSLHDU0ox9/uFbJMzipy3ijAA4XM0N4jRrUfrmxpA7DOOsbEbGkvvB7VK9+s9PHE/4dJTwhSteplUnhxVFkkDo/JwaLx4/IEQRlCF3KEQ5s3AwRHnbrIjOY2yONxHBtJEp7QN5aOHruwvMNRNheCBPiQJyLitUsFGr4voANmobkrFgYtu0tRMQ==";
+// an ECC 256 CA-signed cert
+char cert_b64[]="MIICojCCAYoCAQMwDQYJKoZIhvcNAQELBQAwdDELMAkGA1UEBhMCSUUxEDAOBgNVBAgMB0lyZWxhbmQxDzANBgNVBAcMBkR1YmxpbjEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMR8wHQYJKoZIhvcNAQkBFhBtc2NvdHRAaW5kaWdvLmllMB4XDTE1MTEyNjEzNDcyOVoXDTE3MTEyNTEzNDcyOVowgYQxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xETAPBgNVBAoMCENlcnRpdm94MQ0wCwYDVQQLDARMYWJzMQ8wDQYDVQQDDAZtc2NvdHQxHzAdBgkqhkiG9w0BCQEWEG1zY290dEBpbmRpZ28uaWUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATO2iZiQZsXxzwBKnufKfZcsctNXZ4PmfJm638PmX9DQ3Xdb+nD5VxiOakNcB9xf5im8CriiOF5Z/7yPGyzUMbdMA0GCSqGSIb3DQEBCwUAA4IBAQAK5fMgGCCiPts8hMUZvYDpu8hd7qtPKPBc10QUccHb7PGrhqf/Ex2Gpj1aaURmx7SGZG0HX97LtkdW8KQpEoyaa60r7cjVA589TznxXKSGg5ggVoFJNpuZUm7VcolLjwIgTxtGbPzrvVMiZ4cl4PwFePXVKTl4f8XkOFX5gLmVSuCf729lEBmpx3IzqGmTjmnBixaApUElOKVeL7hiUKP3TqMUxZN+QNJBq4Mh9K9h4Sks2oneLwBwhMqQvpmcOb/7SucJn5N0IgJoGaMbfX0oCJJID1NSbagUSbFD1XciR2Ng9VtvnRP+htmEQ7jtww8phFdrWt5M5zPGOHUppqDx";
+
+// ** CA is ECC 256 based - for use with NIST256 build of library
+// ECC 256 Self-Signed CA cert
+//char ca_b64[]="MIIB7TCCAZOgAwIBAgIJANp4nGS/VYj2MAoGCCqGSM49BAMCMFMxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xNTExMjYxMzI0MTBaFw0yMDExMjUxMzI0MTBaMFMxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABPb6IjYNKyfbEtL1aafzW1jrn6ALn3PnGm7AyX+pcvwG0GKmb3Z/uHzhT4GysNE0/GB1n4Y/mrORQIm2X98rRs6jUDBOMB0GA1UdDgQWBBSfXUNkgJVklIhuXq4DCnVYhsdzwDAfBgNVHSMEGDAWgBSfXUNkgJVklIhuXq4DCnVYhsdzwDAMBgNVHRMEBTADAQH/MAoGCCqGSM49BAMCA0gAMEUCIQDrZJ1tshwTl/jabU2i49EOgbWe0ZgE3QZywJclf5IVwwIgVmz79AAf7e098lyrOKYAqbwjHVyMZGfmkNNGIuIhp/Q=";
+// an ECC 256 CA-signed cert
+//char cert_b64[]="MIIBvjCCAWQCAQEwCgYIKoZIzj0EAwIwUzELMAkGA1UEBhMCSUUxEDAOBgNVBAgMB0lyZWxhbmQxDzANBgNVBAcMBkR1YmxpbjEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMB4XDTE1MTEyNjEzMjc1N1oXDTE3MTEyNTEzMjc1N1owgYIxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xETAPBgNVBAoMCENlcnRpdm94MQ0wCwYDVQQLDARMYWJzMQ0wCwYDVQQDDARtaWtlMR8wHQYJKoZIhvcNAQkBFhBtc2NvdHRAaW5kaWdvLmllMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEY42H52TfWMLueKB1o2Sq8uKaKErbHJ2GRAxrnJdNxex0hxZF5FUx7664BbPUolKhpvKTnJxDq5/gMqXzpKgR6DAKBggqhkjOPQQDAgNIADBFAiEA0ew08Xg32g7BwheslVKwXo9XRRx4kygYha1+cn0tvaUCIEKCEwnosZlAckjcZt8aHN5zslE9K9Y7XxTErTstthKc";
+// an RSA 2048 CA-signed cert
+//char cert_b64[]="MIICiDCCAi4CAQIwCgYIKoZIzj0EAwIwUzELMAkGA1UEBhMCSUUxEDAOBgNVBAgMB0lyZWxhbmQxDzANBgNVBAcMBkR1YmxpbjEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMB4XDTE1MTEyNjEzMzcwNVoXDTE3MTEyNTEzMzcwNVowgYExCzAJBgNVBAYTAklFMQ8wDQYDVQQIDAZJZWxhbmQxDzANBgNVBAcMBkR1YmxpbjERMA8GA1UECgwIQ2VydGl2b3gxDTALBgNVBAsMBExhYnMxDTALBgNVBAMMBE1pa2UxHzAdBgkqhkiG9w0BCQEWEG1zY290dEBpbmRpZ28uaWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjPBVwmPg8Gwx0+8xekmomptA0BDwS7NUfBetqDqNMNyji0bSe8LAfpciU7NW/HWfUE1lndCqSDDwnMJmwC5e3GAl/Bus+a+z8ruEhWGbn95xrHXFkOawbRlXuS7UcEQCvPr8KQHhNsg4cyV7Hn527CPUl27n+WN8/pANo01cTN/dQaK87naU0Mid09vktlMKSN0zyJOnc5CsaTLs+vCRKJ9sUL3d4IQIA2y7gvrTe+iY/QI26nqhGpNWYyFkAdy9PdHUEnDI6JsfF7jFh37yG7XEgDDA3asp/oi1T1+ZoASj2boL++opdqCzDndeWwzDWAWuvJ9wULd80ti6x737ZAgMBAAEwCgYIKoZIzj0EAwIDSAAwRQIgCDwgl98+9moBo+etaLt8MvB/z5Ti6i9neRTZkvoFl7YCIQDq//M3OB757fepErRzIQo3aFAFYjOooi6WdSqP3XqGIg==";
+
+#endif
+
+#if CHOICE==NIST384
+
+#include "ecdh_NIST384.h"
+#include "rsa_3072.h"
+
+// ** CA is RSA 3072-bit based - for use with NIST384 build of library - assumes use of SHA384 in Certs
+// RSA 3072 Self-Signed CA cert
+char ca_b64[]="MIIElzCCAv+gAwIBAgIJAJA+8OyEeK4FMA0GCSqGSIb3DQEBDAUAMGIxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDENMAsGA1UEAwwETWlrZTAeFw0xNTExMjYxNDQ0MDBaFw0yMDExMjUxNDQ0MDBaMGIxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDENMAsGA1UEAwwETWlrZTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANvNO8ahsanxzqwkp3A3bujwObJoP3xpOiAAxwGbW867wx4EqBjPRZP+Wcm9Du6e4Fx9U7tHrOLocIUUBcRrmxUJ7Z375hX0cV9yuoYPNv0o2klJhB8+i4YXddkOrSmDLV4r46Ytt1/gjImziat6ZJALdd/uIuhaXwjzy1fFqSEBpkzhrFwFP9MG+5CgbRQed+YxZ10l/rjk+h3LKq9UFsxRCMPYhBFgmEKAVTMnbTfNNxawTRCKtK7nxxruGvAEM+k0ge5rvybERQ0NxtizefBSsB3Q6QVZOsRJiyC0HQhE6ZBHn4h3A5nHUZwPeh71KShw3uMPPB3Kp1pb/1Euq8azyXSshEMPivvgcGJSlm2b/xqsyrT1tie82MqB0APYAtbx3i5q8p+rD143NiNO8fzCq/J+EV82rVyvqDxf7AaTdJqDbZmnFRbIcrLcQdigWZdSjc+WxrCeOtebRmRknuUmetsCUPVzGv71PLMUNQ2qEiq8KGWmnMBJYVMl96bPxwIDAQABo1AwTjAdBgNVHQ4EFgQUsSjrHeZ5TNI2tMcQd6wUnFpU8DcwHwYDVR0jBB
gwFoAUsSjrHeZ5TNI2tMcQd6wUnFpU8DcwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQwFAAOCAYEADlnC1gYIHpVf4uSuBpYNHMO324hhGajHNraHYQAoYc0bW4OcKi0732ib5CHDrV3LCxjxF4lxZVo61gatg5LnfJYldXc0vP0GQRcaqC6lXlLb8ZJ0O3oPgZkAqpzc+AQxYW1wFxbzX8EJU0stSwAuxkgs9bwg8tTxIhDutrcjQl3osnAqGDyM+7VAG5QLRMzxiZumyD7s/xBUOa+L6OKXf4QRr/SH/rPU8H+ENaNkv4PApSVzCgTBPOFBIzqEuO4hcQI0laUopsp2kK1w6wYB5oY/rR/O6lNNfB2WEtfdIhdbQru4cUE3boKerM8Mjd21RuerAuK4X8cbDudHIFsaopGSNuzZwPo/bu0OsmZkORxvdjahHJ0G3/6jM6nEDoIy6mXUCGOUOMhGQKCa8TYlZdPKz29QIxk6HA1wCA38MxUo/29Z7oYw27Mx3x8Gcr+UA4vc+oBN3IEzRmhRZKAYQ10MhYPx3NmYGZBDqHvT06oG5hysTCtlVzx0Tm+o01JQ";
+// an RSA 3072 CA-signed cert
+//char cert_b64[]="MIIEWzCCAsMCAQYwDQYJKoZIhvcNAQEMBQAwYjELMAkGA1UEBhMCSUUxEDAOBgNVBAgMB0lyZWxhbmQxDzANBgNVBAcMBkR1YmxpbjEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQ0wCwYDVQQDDARNaWtlMB4XDTE1MTEyNjE0NDY0MloXDTE3MTEyNTE0NDY0MlowgYQxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xETAPBgNVBAoMCENlcnRpdm94MQ0wCwYDVQQLDARMYWJzMQ8wDQYDVQQDDAZtc2NvdHQxHzAdBgkqhkiG9w0BCQEWEG1zY290dEBpbmRpZ28uaWUwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQC6SrDiE4BpTEks1YpX209q8iH0dfvhGO8hi1rGYFYnz+eeiOvPdXiCdIPVPbGwxQGMEnZQV1X0KupYJw3LR2EsXhN4LZBxnQZmDvUXsTU+Ft/CKZUxVoXpNMxzwl70RC6XeUpPxvdPXa78AnfLL/DsOKsxCfNaKYZZ6G53L6Y69+HrCbyM7g2KrZ9/K/FXS1veMpRj9EbA6Mcdv1TUDNK2fTDV952AQO3kC3+PqywdVgPvntraAoQomrni+tcFW7UXe2Sk7DRcF/acBSuo2UtP3m9UWNL+8HOXvtRqmhns55Vj4DxKuPln759UBS7WZ11apCvC3BvCHR/k3WRf9PQWnW2cmT73/kEShvTRi8h7F9RWvYTEF1MuwSVy+l51q8O3rJU4XxnLm/YbtIGXZUf5Rqb0985zQkA+6rip/OSc8X5a3OV3kp38U7tXJ5sqBMg9RdIIz42cmiRLG5NYSj0/T6zjYEdwj3SYEBoPN/7UGSmhu8fdxS7JYPNpOsgeiu8CAwEAATANBgkqhkiG9w0BAQwFAAOCAY
EAyxxEg0hWLFuN2fiukX6vqzSDx5Ac8w1JI4W/bamRd7iDZfHQYqyPDZi9s07I2PcGbByj2oqoyGiIEBLbsljdIEF4D229h2kisn1gA9O+0IM44EgjhBTUoNDgC+SbfJrXlU2GZ1XI3OWjbK7+1wiv0NaBShbbiPgSdjQBP8S+9W7lyyIrZEM1J7maBdepie1BS//DUDmpQzEi0UlB1J+HmQpyZsnT97J9uIPKsK4t2/+iOiknl6iS4GzAQKMLqj2yIBRf/O44ZZ6UZIKLtI4PCVS/8H5Lrg3AC0kr4ZkPAXzefUiTwyLVkqYSxSSTvtb3BpgOxIbmA6juFid0rvUyjN4fuDQkxl3PZyQwIHjpz33HyKrmo4BZ8Dg4JT8LCsQgd0AaD3r0QOS5FdLhkb+rD8EMSsCoOCEtPI6lqLJCrGOQWj7zbcUdPOEsczWMI9hSfK3u/P9+gOUBUFkb0gBIn3WvNuHifIHpsZ5bzbR+SGtu5Tgc7CCCPyNgz1Beb247";
+// an ECC 384 CA-signed cert
+char cert_b64[]="MIIDCDCCAXACAQcwDQYJKoZIhvcNAQEMBQAwYjELMAkGA1UEBhMCSUUxEDAOBgNVBAgMB0lyZWxhbmQxDzANBgNVBAcMBkR1YmxpbjEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQ0wCwYDVQQDDARNaWtlMB4XDTE1MTEyNjE1MzU1M1oXDTE3MTEyNTE1MzU1M1owYDELMAkGA1UEBhMCSUUxEDAOBgNVBAgMB0lyZWxhbmQxDzANBgNVBAcMBkR1YmxpbjEQMA4GA1UECgwHQ2VydGl2bzENMAsGA1UECwwETGFiczENMAsGA1UEAwwEbWlrZTB2MBAGByqGSM49AgEGBSuBBAAiA2IABJ1J+FT5mxxYEM4aYKM0CvZHmh8JFXzoBmzibabrvyTz79+1QOrR+6MEEsKtmJIYPJi+GsQ0PmjF2HmJncM1zeQh7DQYJf2Xc8p5Vjd8//6YREBVfN3UIyrl87MSucy+mjANBgkqhkiG9w0BAQwFAAOCAYEAmuwa64+K1qlCELpcnCyWwMhSb+Zsw0Hh6q/BfxalZhsX1UFEwE9nHoVJcokaEEYF4u4AYXU5rdysRHxYBfgMbohguTT7sJwCfve2JqpqvhQOkGDG1DB4Ho4y7NPPYB2+UMd7JMD0TOcHXdgQ8FtAE0ClD8VkW0gAC0lCrbQbynfLoUjIWqg3w2g79hvdZPgRt208nFiHuezynOaEFePoXl8CxHInsxAnMaJn2fEs5/QH67pwD65mPdNFsvlr0zdzYcceqEmEHpRAXFOQAJtffGjWAGGX/CsghLuqlpdCiTGA1B53XoXKJvArr/kHpTNMsU1NnkQIHZ5n4USCo4QgL6n9nwem7U2mYBYjmxPi5Y3JJnTZz4zUnv0bD0vSwoivnFZox9H6qTAkeIX1ojJ2ujxWHNOMvOFb6nU2gqNZj2vYcO38OIrK9gwM9lm4FF20YBuf
h+WOzQthrHJv0YuQt3NuDQEMkvz+23YvzZlr+e2XqDlMhyR01Kk0MXeLGGcv";
+
+// ** CA is ECC 384 based - - for use with NIST384 build of library - assumes use of SHA384 in Certs
+// ECC 384 Self-Signed CA Cert
+//char ca_b64[]="MIICSTCCAc6gAwIBAgIJAIwHpOFSZLXnMAoGCCqGSM49BAMDMGIxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDENMAsGA1UEAwwEbWlrZTAeFw0xNTExMjYxNTQ0NTlaFw0yMDExMjUxNTQ0NTlaMGIxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDENMAsGA1UEAwwEbWlrZTB2MBAGByqGSM49AgEGBSuBBAAiA2IABOEPMYBqzIn1hJAMZ0aEVxQ08gBF2aSfWtEJtmKj64014w7VfWdeFQSIMP9SjmhatFbAvxep8xgcwbeAobGTqCgUp+0EdFZR1ktKSND/S+UDU1YSNCFRvlNTJ6YmXUkW36NQME4wHQYDVR0OBBYEFDQxIZoKNniNuW91UMJ1KWEjs045MB8GA1UdIwQYMBaAFDQxIZoKNniNuW91UMJ1KWEjs045MAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwMDaQAwZgIxANbml6sp5A92qQiCM/OtBf+TbXpSpIO83TuNP9V2lsphp0CEX3KwAuqBXB95m9/xWAIxAOXAT2LqieSbUh4fpxcdaeY01RoGtD2AQch1a6BuIugcQqTfqLcXy7D51R70R729sA==";
+// an ECC 384 CA-signed cert
+//char cert_b64[]="MIICCjCCAZACAQgwCgYIKoZIzj0EAwMwYjELMAkGA1UEBhMCSUUxEDAOBgNVBAgMB0lyZWxhbmQxDzANBgNVBAcMBkR1YmxpbjEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQ0wCwYDVQQDDARtaWtlMB4XDTE1MTEyNjE1NTIxMFoXDTE3MTEyNTE1NTIxMFowgYIxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xETAPBgNVBAoMCENlcnRpdm94MQ0wCwYDVQQLDARMYWJzMQ0wCwYDVQQDDARtaWtlMR8wHQYJKoZIhvcNAQkBFhBtc2NvdHRAaW5kaWdvLmllMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEf2Qm6jH2U+vhAApsMqH9gzGCH8rk+mUwFSD3Uud4NiyPBqrJRC1eetVvr3cYb6ucDTa15km6QKvZZrsRW+Z4ZpryoEE6esmD4XPLrtrOtoxtxFNRhiMmT/M9zcrfMJC5MAoGCCqGSM49BAMDA2gAMGUCMF0x6PAvvnJR3riZdUPC4OWFC2K3eiz3QuLCdFOZVIqX7mkLftdS8BtzusXWMMgFCQIxALJNMKLs39P9wYQHu1C+v9ieltQr20C+WVYxqUvgL/KTdxd9dzc3wseZRDT1CydqOA==";
+// an RSA 3072 CA-signed cert
+//char cert_b64[]="MIIDFjCCAp4CAQkwCgYIKoZIzj0EAwMwYjELMAkGA1UEBhMCSUUxEDAOBgNVBAgMB0lyZWxhbmQxDzANBgNVBAcMBkR1YmxpbjEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQ0wCwYDVQQDDARtaWtlMB4XDTE1MTEyNjE2MTYwNloXDTE3MTEyNTE2MTYwNlowYzELMAkGA1UEBhMCSUUxEDAOBgNVBAgMB0lyZWxhbmQxDzANBgNVBAcMBkR1YmxpbjERMA8GA1UECgwIQ2VydGl2b3gxDTALBgNVBAsMBGxhYnMxDzANBgNVBAMMBmtlYWxhbjCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAK5QhVjR+UGt3ZWPSGicpviqaOhxXmmvOepdl5Seqr+Iweb3IuEDgtHGwrw/EEgWlKPfS/2LW9ncptdNbVQh7+2rojj7ZtedrAK5p7I9b22f2U3sSHIqjtTT0BjqzL0qEwy/ATqbf93Tcr3yT0Ygh3yzbvn4zodrWQZK8kkN3PQKkiHBCuIxo+8MlTs8d99dl1hbJ84MYZuPmhrkB4oLEAt8+srtL+a4Yd0wPhuCYrLjBnYkD9TlcWLWWh8/iwXiznrY8gQsXSveQNzQjcmHilZrTlTL2dnyI2v7BAXXHSwo6UeES0n064fnYTr3JB0GArMcty6RD3E7xr64HNzzTE2+8cDxufNvU0tq2Z72oZ9cAReHUL5P6mLfORI+AhtCHrXGJch/F07ZX9h8UFpzok8NK5++Q7lHKuezTYRRPlDL5hDB3BUpBwvILdqujcbNil04cuLRBNT/WgqRXEBRjlHLgZaLChFV2VSJ9Z1Uke2lfm5X2O0XPQLhjMSiuvr4HwIDAQABMAoGCCqGSM49BAMDA2YAMGMCLxHSQAYP2EsuIpR4TzDDSIlsw4BBsD7W0ZfH91v9J0j5UWQJD/
yNjMtyA2Qlkq/0AjB+SJQbLgycNJH5SnR/X5wx26/62ln9s0swUtlCYVtNzyEQ3YRHSZbmTbh16RUT7Ak=";
+
+#endif
+
+#if CHOICE==NIST521
+
+#include "ecdh_NIST521.h"
+#include "rsa_4096.h"
+
+// ** CA is ECC 521 based - - for use with NIST521 build of library - assumes use of SHA512 in Certs
+// ECC 521 Self-Signed CA Cert
+char ca_b64[]="MIIC+TCCAlqgAwIBAgIJAKlppiHsRpY8MAoGCCqGSM49BAMEMIGUMQswCQYDVQQGEwJJRTEQMA4GA1UECAwHSXJlbGFuZDEPMA0GA1UEBwwGRHVibGluMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDTALBgNVBAsMBExhYnMxDzANBgNVBAMMBm1zY290dDEfMB0GCSqGSIb3DQEJARYQbXNjb3R0QGluZGlnby5pZTAeFw0xNTEyMDExMzE5MjZaFw0yMDExMzAxMzE5MjZaMIGUMQswCQYDVQQGEwJJRTEQMA4GA1UECAwHSXJlbGFuZDEPMA0GA1UEBwwGRHVibGluMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDTALBgNVBAsMBExhYnMxDzANBgNVBAMMBm1zY290dDEfMB0GCSqGSIb3DQEJARYQbXNjb3R0QGluZGlnby5pZTCBmzAQBgcqhkjOPQIBBgUrgQQAIwOBhgAEAKUj6Qa4Vr1vyango8XHlLIIEzY9IVppdpGUrMlNfo0Spu+AXGhnluwJTZXOYLi8jSIPEAL7vuwS5H6uPPIz1QWXALRETVYAQfK0pIfPHq+edTHVTXMcAUpdNla2d4LwYO7HpkSQFHd7aaDN3yVhSL2J0LBLgy0wGkEHuyK1O2r0xNu6o1AwTjAdBgNVHQ4EFgQU966PLshKffU/NRCivMmNq8RiRkAwHwYDVR0jBBgwFoAU966PLshKffU/NRCivMmNq8RiRkAwDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDBAOBjAAwgYgCQgHkLczeTWXq5BfY0bsTOSNU8bYy39OhiQ8wr5rlXY0zOg0fDyokueL4dhkXp8FjbIyUfQBY5OMxjtcn2p+cXU+6MwJCAci61REgxZvjpf1X8pGeSsOKa7GhfsfVnbQm+LQmjVmhMHbVRk
Q4h93CENN4MH/86XNozO9USh+ydTislAcXvCb0";
+// an ECC 521 CA-signed cert
+char cert_b64[]="MIICZjCCAccCAQMwCgYIKoZIzj0EAwQwgZQxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDENMAsGA1UECwwETGFiczEPMA0GA1UEAwwGbXNjb3R0MR8wHQYJKoZIhvcNAQkBFhBtc2NvdHRAaW5kaWdvLmllMB4XDTE1MTIwMTEzMjkxN1oXDTE3MTEzMDEzMjkxN1owYTELMAkGA1UEBhMCSUUxEDAOBgNVBAgMB0lyZWxhbmQxDzANBgNVBAcMBkR1YmxpbjERMA8GA1UECgwIQ2VydGlWb3gxDTALBgNVBAsMBExhYnMxDTALBgNVBAMMBE1pa2UwgZswEAYHKoZIzj0CAQYFK4EEACMDgYYABAAva/N4kP2LMSGJZ5tvULlfdNx2M/+xYeCrQkuFmY8sG+mdcUAaSx819fztn2jz1nfdTJnuj79AhfUOL8hlTW14BwErp3DnqWa7Y/rpSJP+AsnJ2bZg4yGUDfVy/Q0AQychSzJm2oGRfdliyBIc+2SoQJ/Rf0ZVKVJ5FfRbWUUiKqYUqjAKBggqhkjOPQQDBAOBjAAwgYgCQgFE1Y7d9aBdxpZqROtkdVNG8XBCTSlMX0fISWkSM8ZEiQfYf7YgXzLjk8wHnv04Mv6kmAuV0V1AHs2M0/753CYEfAJCAPZo801McsGe+3jYALrFFw9Wj7KQC/sFEJ7/I+PYyJtrlfTTqmV0IFKdJzjEsk7ic+Gd4Nbs6kIe1GyYbrcyC4wT";
+
+#endif
+
+char io[5000];
+octet IO= {0,sizeof(io),io};
+
+#define MAXMODBYTES 72
+#define MAXFFLEN 16
+
+char sig[MAXMODBYTES*MAXFFLEN];
+octet SIG= {0,sizeof(sig),sig};
+
+char r[MAXMODBYTES];
+octet R= {0,sizeof(r),r};
+
+char s[MAXMODBYTES];
+octet S= {0,sizeof(s),s};
+
+char cakey[MAXMODBYTES*MAXFFLEN];
+octet CAKEY= {0,sizeof(cakey),cakey};
+
+char certkey[MAXMODBYTES*MAXFFLEN];
+octet CERTKEY= {0,sizeof(certkey),certkey};
+
+char h[5000];
+octet H= {0,sizeof(h),h};
+
+char hh[5000];
+octet HH= {0,sizeof(hh),hh};
+
+char hp[RFS_2048];
+octet HP= {0,sizeof(hp),hp};
+
+
+int main()
+{
+ int res,len,sha;
+ int c,ic;
+ rsa_public_key_2048 PK;
+ pktype st,ca,pt;
+
+ printf("First check signature on self-signed cert and extract CA public key\n");
+ OCT_frombase64(&IO,ca_b64);
+ printf("CA Self-Signed Cert= \n");
+ OCT_output(&IO);
+ printf("\n");
+
+ st=X509_extract_cert_sig(&IO,&SIG); // returns signature type
+
+ if (st.type==0)
+ {
+ printf("Unable to extract cert signature\n");
+ return 0;
+ }
+
+ if (st.type==ECC)
+ {
+ OCT_chop(&SIG,&S,SIG.len/2);
+ OCT_copy(&R,&SIG);
+ printf("ECC SIG= \n");
+ OCT_output(&R);
+ OCT_output(&S);
+ printf("\n");
+ }
+
+ if (st.type==RSA)
+ {
+ printf("RSA SIG= \n");
+ OCT_output(&SIG);
+ printf("\n");
+ }
+
+ if (st.hash==H256) printf("Hashed with SHA256\n");
+ if (st.hash==H384) printf("Hashed with SHA384\n");
+ if (st.hash==H512) printf("Hashed with SHA512\n");
+
+// Extract Cert from signed Cert
+
+ c=X509_extract_cert(&IO,&H);
+
+ printf("\nCert= \n");
+ OCT_output(&H);
+ printf("\n");
+
+// show some details
+ printf("Issuer Details\n");
+ ic=X509_find_issuer(&H);
+ c=X509_find_entity_property(&H,&ON,ic,&len);
+ print_out("owner=",&H,c,len);
+ c=X509_find_entity_property(&H,&CN,ic,&len);
+ print_out("country=",&H,c,len);
+ c=X509_find_entity_property(&H,&EN,ic,&len);
+ print_out("email=",&H,c,len);
+ printf("\n");
+
+ ca=X509_extract_public_key(&H,&CAKEY);
+
+ if (ca.type==0)
+ {
+ printf("Not supported by library\n");
+ return 0;
+ }
+ if (ca.type!=st.type)
+ {
+ printf("Not self-signed\n");
+ }
+
+ if (ca.type==ECC)
+ {
+ printf("EXTRACTED ECC PUBLIC KEY= \n");
+ OCT_output(&CAKEY);
+ }
+ if (ca.type==RSA)
+ {
+ printf("EXTRACTED RSA PUBLIC KEY= \n");
+ OCT_output(&CAKEY);
+ }
+ printf("\n");
+
+// Cert is self-signed - so check signature
+
+ printf("Checking Self-Signed Signature\n");
+ if (ca.type==ECC)
+ {
+ if (ca.curve!=CHOICE)
+ {
+ printf("Curve is not supported\n");
+ return 0;
+ }
+ res=ECP_NIST256_PUBLIC_KEY_VALIDATE(1,&CAKEY);
+ if (res!=0)
+ {
+ printf("ECP Public Key is invalid!\n");
+ return 0;
+ }
+ else printf("ECP Public Key is Valid\n");
+
+ sha=0;
+
+ if (st.hash==H256) sha=SHA256;
+ if (st.hash==H384) sha=SHA384;
+ if (st.hash==H512) sha=SHA512;
+ if (st.hash==0)
+ {
+ printf("Hash Function not supported\n");
+ return 0;
+ }
+
+ if (ECP_NIST256_VP_DSA(sha,&CAKEY,&H,&R,&S)!=0)
+ {
+ printf("***ECDSA Verification Failed\n");
+ return 0;
+ }
+ else
+ printf("ECDSA Signature/Verification succeeded \n");
+ }
+
+ if (ca.type==RSA)
+ {
+ if (ca.curve!=2048)
+ {
+ printf("RSA bit size is not supported\n");
+ return 0;
+ }
+ PK.e=65537; // assuming this!
+ RSA_2048_fromOctet(PK.n,&CAKEY);
+
+ sha=0;
+
+ if (st.hash==H256) sha=SHA256;
+ if (st.hash==H384) sha=SHA384;
+ if (st.hash==H512) sha=SHA512;
+ if (st.hash==0)
+ {
+ printf("Hash Function not supported\n");
+ return 0;
+ }
+ PKCS15(sha,&H,&HP);
+
+ RSA_2048_ENCRYPT(&PK,&SIG,&HH);
+
+ if (OCT_comp(&HP,&HH))
+ printf("RSA Signature/Verification succeeded \n");
+ else
+ {
+ printf("***RSA Verification Failed\n");
+ return 0;
+ }
+ }
+
+ printf("\nNext check CA signature on cert, and extract public key\n");
+
+ OCT_frombase64(&IO,cert_b64);
+ printf("Example Cert= \n");
+ OCT_output(&IO);
+ printf("\n");
+
+ st=X509_extract_cert_sig(&IO,&SIG);
+
+ if (st.type==0)
+ {
+ printf("Unable to check cert signature\n");
+ return 0;
+ }
+
+ if (st.type==ECC)
+ {
+ OCT_chop(&SIG,&S,SIG.len/2);
+ OCT_copy(&R,&SIG);
+ printf("SIG= \n");
+ OCT_output(&R);
+
+ OCT_output(&S);
+
+ printf("\n");
+ }
+
+ if (st.type==RSA)
+ {
+ printf("SIG= \n");
+ OCT_output(&SIG);
+ printf("\n");
+ }
+
+ c=X509_extract_cert(&IO,&H);
+
+ printf("Cert= \n");
+ OCT_output(&H);
+ printf("\n");
+
+ printf("Subject Details\n");
+ ic=X509_find_subject(&H);
+ c=X509_find_entity_property(&H,&ON,ic,&len);
+ print_out("owner=",&H,c,len);
+ c=X509_find_entity_property(&H,&CN,ic,&len);
+ print_out("country=",&H,c,len);
+ c=X509_find_entity_property(&H,&EN,ic,&len);
+ print_out("email=",&H,c,len);
+ printf("\n");
+
+ ic=X509_find_validity(&H);
+ c=X509_find_start_date(&H,ic);
+ print_date("start date= ",&H,c);
+ c=X509_find_expiry_date(&H,ic);
+ print_date("expiry date=",&H,c);
+ printf("\n");
+
+ pt=X509_extract_public_key(&H,&CERTKEY);
+
+ if (pt.type==0)
+ {
+ printf("Not supported by library\n");
+ return 0;
+ }
+
+ if (pt.type==ECC)
+ {
+ printf("EXTRACTED ECC PUBLIC KEY= \n");
+ OCT_output(&CERTKEY);
+ }
+ if (pt.type==RSA)
+ {
+ printf("EXTRACTED RSA PUBLIC KEY= \n");
+ OCT_output(&CERTKEY);
+ }
+
+ printf("\n");
+
+ /* Check CA signature */
+
+ if (ca.type==ECC)
+ {
+ printf("Checking CA's ECC Signature on Cert\n");
+ res=ECP_NIST256_PUBLIC_KEY_VALIDATE(1,&CAKEY);
+ if (res!=0)
+ printf("ECP Public Key is invalid!\n");
+ else printf("ECP Public Key is Valid\n");
+
+ sha=0;
+
+ if (st.hash==H256) sha=SHA256;
+ if (st.hash==H384) sha=SHA384;
+ if (st.hash==H512) sha=SHA512;
+ if (st.hash==0)
+ {
+ printf("Hash Function not supported\n");
+ return 0;
+ }
+
+ if (ECP_NIST256_VP_DSA(sha,&CAKEY,&H,&R,&S)!=0)
+ printf("***ECDSA Verification Failed\n");
+ else
+ printf("ECDSA Signature/Verification succeeded \n");
+ }
+
+ if (ca.type==RSA)
+ {
+ printf("Checking CA's RSA Signature on Cert\n");
+ PK.e=65537; // assuming this!
+ RSA_2048_fromOctet(PK.n,&CAKEY);
+
+ sha=0;
+
+ if (st.hash==H256) sha=SHA256;
+ if (st.hash==H384) sha=SHA384;
+ if (st.hash==H512) sha=SHA512;
+ if (st.hash==0)
+ {
+ printf("Hash Function not supported\n");
+ return 0;
+ }
+ PKCS15(sha,&H,&HP);
+
+ RSA_2048_ENCRYPT(&PK,&SIG,&HH);
+
+ if (OCT_comp(&HP,&HH))
+ printf("RSA Signature/Verification succeeded \n");
+ else
+ printf("***RSA Verification Failed\n");
+
+ }
+
+ return 0;
+}
+
+#endif
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-c/blob/8d28d2c3/test/CMakeLists.txt
----------------------------------------------------------------------
diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt
new file mode 100644
index 0000000..196c554
--- /dev/null
+++ b/test/CMakeLists.txt
@@ -0,0 +1,257 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+cmake_minimum_required(VERSION 3.1 FATAL_ERROR)
+
+function(amcl_test name source dependencies expected_response)
+ add_executable(${name} "${source}")
+
+ target_link_libraries(${name} PRIVATE ${dependencies})
+
+ add_test(NAME ${name}
+ COMMAND ${TARGET_SYSTEM_EMULATOR} $<TARGET_FILE:${name}> ${ARGN}
+ WORKING_DIRECTORY ${PROJECT_SOURCE_DIR}/testVectors
+ )
+
+ set_tests_properties(${name} PROPERTIES
+ PASS_REGULAR_EXPRESSION "${expected_response}"
+ )
+endfunction()
+
+function(amcl_curve_test curve name source dependencies expected_response)
+ if(NOT TARGET ${name})
+ amcl_configure_file_curve(${source} ${name}.c ${curve} ${name}_SRC)
+ amcl_test(${name} ${${name}_SRC} "${dependencies}" "${expected_response}" ${ARGN})
+ endif()
+endfunction()
+
+function(amcl_rsa_test level name source dependencies expected_response)
+ if(NOT TARGET ${name})
+ amcl_configure_file_rsa(${source} ${name}.c ${level} ${name}_SRC)
+ amcl_test(${name} ${${name}_SRC} "${dependencies}" "${expected_response}" ${ARGN})
+ endif()
+endfunction()
+
+function(amcl_rsa_curve_test level curve name source dependencies expected_response)
+ if(NOT TARGET ${name})
+ amcl_configure_file_rsa_curve(${source} ${name}.c ${level} ${curve} ${name}_SRC)
+ amcl_test(${name} ${${name}_SRC} "${dependencies}" "${expected_response}" ${ARGN})
+ endif()
+endfunction()
+
+################################################
+# Basic Tests
+################################################
+amcl_test(test_octet_consistency test_octet_consistency.c amcl_core "SUCCESS")
+amcl_test(test_version test_version.c amcl_core "Version: ${AMCL_VERSION_MAJOR}.${AMCL_VERSION_MINOR}.${AMCL_VERSION_PATCH}")
+amcl_test(test_utils test_utils.c amcl_core "SUCCESS")
+
+################################################
+# Hash Tests
+################################################
+amcl_test(test_hash_256 test_hash.c amcl_core "SUCCESS" "sha/256/SHA256ShortMsg.rsp" "sha256")
+amcl_test(test_hash_384 test_hash.c amcl_core "SUCCESS" "sha/384/SHA384ShortMsg.rsp" "sha384")
+amcl_test(test_hash_512 test_hash.c amcl_core "SUCCESS" "sha/512/SHA512ShortMsg.rsp" "sha512")
+
+################################################
+# AES-GCM Tests
+################################################
+amcl_test(test_gcm_encrypt_128 test_gcm_encrypt.c amcl_core "SUCCESS" "gcm/gcmEncryptExtIV128.rsp" "")
+amcl_test(test_gcm_encrypt_256 test_gcm_encrypt.c amcl_core "SUCCESS" "gcm/gcmEncryptExtIV256.rsp" "")
+amcl_test(test_gcm_decrypt_128 test_gcm_decrypt.c amcl_core "SUCCESS" "gcm/gcmDecrypt128.rsp" "")
+amcl_test(test_gcm_decrypt_256 test_gcm_decrypt.c amcl_core "SUCCESS" "gcm/gcmDecrypt256.rsp" "")
+amcl_test(test_aes_encrypt_ECB_128 test_aes_encrypt.c amcl_core "SUCCESS" "aes/ECBMMT128.rsp" "ECB")
+amcl_test(test_aes_encrypt_ECB_256 test_aes_encrypt.c amcl_core "SUCCESS" "aes/ECBMMT256.rsp" "ECB")
+amcl_test(test_aes_encrypt_CBC_128 test_aes_encrypt.c amcl_core "SUCCESS" "aes/CBCMMT128.rsp" "CBC")
+amcl_test(test_aes_encrypt_CFB1_128 test_aes_encrypt.c amcl_core "SUCCESS" "aes/CFB8MMT128.rsp" "CFB1")
+amcl_test(test_aes_encrypt_CBC_256 test_aes_encrypt.c amcl_core "SUCCESS" "aes/CBCMMT256.rsp" "CBC")
+amcl_test(test_aes_encrypt_CTR_128 test_aes_encrypt.c amcl_core "SUCCESS" "aes/amcl_CTRMCL128.rsp" "CTR")
+amcl_test(test_aes_encrypt_CTR_256 test_aes_encrypt.c amcl_core "SUCCESS" "aes/amcl_CTRMCL256.rsp" "CTR")
+amcl_test(test_aes_encrypt_CFB1_256 test_aes_encrypt.c amcl_core "SUCCESS" "aes/CFB8MMT256.rsp" "CFB1")
+amcl_test(test_aes_decrypt_ECB_128 test_aes_decrypt.c amcl_core "SUCCESS" "aes/ECBMMT128.rsp" "ECB")
+amcl_test(test_aes_decrypt_ECB_256 test_aes_decrypt.c amcl_core "SUCCESS" "aes/ECBMMT256.rsp" "ECB")
+amcl_test(test_aes_decrypt_CBC_128 test_aes_decrypt.c amcl_core "SUCCESS" "aes/CBCMMT128.rsp" "CBC")
+amcl_test(test_aes_decrypt_CFB1_128 test_aes_decrypt.c amcl_core "SUCCESS" "aes/CFB8MMT128.rsp" "CFB1")
+amcl_test(test_aes_decrypt_CBC_256 test_aes_decrypt.c amcl_core "SUCCESS" "aes/CBCMMT256.rsp" "CBC")
+amcl_test(test_aes_decrypt_CTR_128 test_aes_decrypt.c amcl_core "SUCCESS" "aes/amcl_CTRMCL128.rsp" "CTR")
+amcl_test(test_aes_decrypt_CTR_256 test_aes_decrypt.c amcl_core "SUCCESS" "aes/amcl_CTRMCL256.rsp" "CTR")
+amcl_test(test_aes_decrypt_CFB1_256 test_aes_decrypt.c amcl_core "SUCCESS" "aes/CFB8MMT256.rsp" "CFB1")
+
+################################################
+# Curve Tests
+################################################
+foreach(curve ${AMCL_CURVE})
+ amcl_curve_field(BD "${curve}")
+ amcl_curve_field(PF "${curve}")
+ amcl_curve_field(TC "${curve}")
+ amcl_curve_field(TF "${curve}")
+ amcl_curve_field(CS "${curve}")
+
+ amcl_curve_test(${curve} test_big_arithmetics_${BD} test_big_arithmetics_XXX.c.in amcl_curve_${TC} "SUCCESS" "big/test_vector_big.txt")
+ amcl_curve_test(${curve} test_big_consistency_${BD} test_big_consistency_XXX.c.in amcl_curve_${TC} "SUCCESS")
+ amcl_curve_test(${curve} test_ecc_${TC} test_ecc_ZZZ.c.in amcl_curve_${TC} "SUCCESS")
+ amcl_curve_test(${curve} test_fp_arithmetics_${TF} test_fp_arithmetics_YYY.c.in amcl_curve_${TC} "SUCCESS" "fp/test_vector_${TF}.txt")
+
+ if(NOT ${TC} MATCHES "^NUMS[0-9]+E$")
+ amcl_curve_test(${curve} test_ecp_arithmetics_${TC} test_ecp_arithmetics_ZZZ.c.in amcl_curve_${TC} "SUCCESS" "ecp/test_vector_${TC}.txt")
+ endif()
+
+ if(curve STREQUAL "NIST256")
+ amcl_curve_test(${curve} test_ecdh_${TC} test_ecdh_ZZZ.c.in amcl_curve_${TC} "SUCCESS" "ecdh/P-256/KAS_ECC_CDH_PrimitiveTest.txt")
+ amcl_curve_test(${curve} test_ecdsa_keypair_${TC} test_ecdsa_keypair_ZZZ.c.in amcl_curve_${TC} "SUCCESS" "ecdsa/P-256/KeyPair.rsp")
+ amcl_curve_test(${curve} test_ecdsa_sign_${TC}_256 test_ecdsa_sign_ZZZ.c.in amcl_curve_${TC} "SUCCESS" "ecdsa/P-256/sha256Sign.rsp" "sha256")
+ amcl_curve_test(${curve} test_ecdsa_sign_${TC}_512 test_ecdsa_sign_ZZZ.c.in amcl_curve_${TC} "SUCCESS" "ecdsa/P-256/sha512Sign.rsp" "sha512")
+ amcl_curve_test(${curve} test_ecdsa_verify_${TC}_256 test_ecdsa_verify_ZZZ.c.in amcl_curve_${TC} "SUCCESS" "ecdsa/P-256/sha256Verify.rsp" "sha256")
+ amcl_curve_test(${curve} test_ecdsa_verify_${TC}_512 test_ecdsa_verify_ZZZ.c.in amcl_curve_${TC} "SUCCESS" "ecdsa/P-256/sha512Verify.rsp" "sha512")
+ endif()
+
+ if(curve STREQUAL "NIST384")
+ amcl_curve_test(${curve} test_ecdh_${TC} test_ecdh_ZZZ.c.in amcl_curve_${TC} "SUCCESS" "ecdh/P-384/KAS_ECC_CDH_PrimitiveTest.txt")
+ amcl_curve_test(${curve} test_ecdsa_keypair_${TC} test_ecdsa_keypair_ZZZ.c.in amcl_curve_${TC} "SUCCESS" "ecdsa/P-384/KeyPair.rsp")
+ amcl_curve_test(${curve} test_ecdsa_sign_${TC}_256 test_ecdsa_sign_ZZZ.c.in amcl_curve_${TC} "SUCCESS" "ecdsa/P-384/sha256Sign.rsp" "sha256")
+ amcl_curve_test(${curve} test_ecdsa_sign_${TC}_384 test_ecdsa_sign_ZZZ.c.in amcl_curve_${TC} "SUCCESS" "ecdsa/P-384/sha384Sign.rsp" "sha384")
+ amcl_curve_test(${curve} test_ecdsa_sign_${TC}_512 test_ecdsa_sign_ZZZ.c.in amcl_curve_${TC} "SUCCESS" "ecdsa/P-384/sha512Sign.rsp" "sha512")
+ amcl_curve_test(${curve} test_ecdsa_verify_${TC}_256 test_ecdsa_verify_ZZZ.c.in amcl_curve_${TC} "SUCCESS" "ecdsa/P-384/sha256Verify.rsp" "sha256")
+ amcl_curve_test(${curve} test_ecdsa_verify_${TC}_384 test_ecdsa_verify_ZZZ.c.in amcl_curve_${TC} "SUCCESS" "ecdsa/P-384/sha384Verify.rsp" "sha384")
+ amcl_curve_test(${curve} test_ecdsa_verify_${TC}_512 test_ecdsa_verify_ZZZ.c.in amcl_curve_${TC} "SUCCESS" "ecdsa/P-384/sha512Verify.rsp" "sha512")
+ endif()
+
+ if(curve STREQUAL "NIST521")
+ amcl_curve_test(${curve} test_ecdh_${TC} test_ecdh_ZZZ.c.in amcl_curve_${TC} "SUCCESS" "ecdh/P-521/KAS_ECC_CDH_PrimitiveTest.txt")
+ amcl_curve_test(${curve} test_ecdsa_keypair_${TC} test_ecdsa_keypair_ZZZ.c.in amcl_curve_${TC} "SUCCESS" "ecdsa/P-521/KeyPair.rsp")
+ amcl_curve_test(${curve} test_ecdsa_sign_${TC}_256 test_ecdsa_sign_ZZZ.c.in amcl_curve_${TC} "SUCCESS" "ecdsa/P-521/sha256Sign.rsp" "sha256")
+ amcl_curve_test(${curve} test_ecdsa_sign_${TC}_512 test_ecdsa_sign_ZZZ.c.in amcl_curve_${TC} "SUCCESS" "ecdsa/P-521/sha512Sign.rsp" "sha512")
+ amcl_curve_test(${curve} test_ecdsa_verify_${TC}_256 test_ecdsa_verify_ZZZ.c.in amcl_curve_${TC} "SUCCESS" "ecdsa/P-521/sha256Verify.rsp" "sha256")
+ amcl_curve_test(${curve} test_ecdsa_verify_${TC}_512 test_ecdsa_verify_ZZZ.c.in amcl_curve_${TC} "SUCCESS" "ecdsa/P-521/sha512Verify.rsp" "sha512")
+ endif()
+
+ ################################################
+ # Pairing Friendly Curve Tests
+ ################################################
+ if(NOT ${PF} STREQUAL "NOT")
+ amcl_curve_test(${curve} test_fp2_arithmetics_${TC} test_fp2_arithmetics_YYY.c.in amcl_pairing_${TC} "SUCCESS" "fp2/test_vector_${TC}.txt")
+ amcl_curve_test(${curve} test_fp4_arithmetics_${TC} test_fp4_arithmetics_YYY.c.in amcl_pairing_${TC} "SUCCESS" "fp4/test_vector_${TC}.txt")
+ if(CS STREQUAL "128")
+ amcl_curve_test(${curve} test_fp12_arithmetics_${TC} test_fp12_arithmetics_YYY.c.in amcl_pairing_${TC} "SUCCESS" "fp12/test_vector_${TC}.txt")
+ amcl_curve_test(${curve} test_ecp2_arithmetics_${TC} test_ecp2_arithmetics_ZZZ.c.in amcl_pairing_${TC} "SUCCESS" "ecp2/test_vector_${TC}.txt")
+ elseif(CS STREQUAL "192")
+ amcl_curve_test(${curve} test_fp8_arithmetics_${TC} test_fp8_arithmetics_YYY.c.in amcl_pairing_${TC} "SUCCESS" "fp8/test_vector_${TC}.txt")
+ amcl_curve_test(${curve} test_fp24_arithmetics_${TC} test_fp24_arithmetics_YYY.c.in amcl_pairing_${TC} "SUCCESS" "fp24/test_vector_${TC}.txt")
+ amcl_curve_test(${curve} test_ecp4_arithmetics_${TC} test_ecp4_arithmetics_ZZZ.c.in amcl_pairing_${TC} "SUCCESS" "ecp4/test_vector_${TC}.txt")
+ elseif(CS STREQUAL "256")
+ amcl_curve_test(${curve} test_fp8_arithmetics_${TC} test_fp8_arithmetics_YYY.c.in amcl_pairing_${TC} "SUCCESS" "fp8/test_vector_${TC}.txt")
+ amcl_curve_test(${curve} test_fp16_arithmetics_${TC} test_fp16_arithmetics_YYY.c.in amcl_pairing_${TC} "SUCCESS" "fp16/test_vector_${TC}.txt")
+ amcl_curve_test(${curve} test_fp48_arithmetics_${TC} test_fp48_arithmetics_YYY.c.in amcl_pairing_${TC} "SUCCESS" "fp48/test_vector_${TC}.txt")
+ amcl_curve_test(${curve} test_ecp8_arithmetics_${TC} test_ecp8_arithmetics_ZZZ.c.in amcl_pairing_${TC} "SUCCESS" "ecp8/test_vector_${TC}.txt")
+ endif(CS STREQUAL "128")
+ amcl_curve_test(${curve} test_pair_${TC} test_pair_ZZZ.c.in amcl_pairing_${TC} "SUCCESS")
+
+ if(CMAKE_SYSTEM_NAME MATCHES "Linux")
+ # Test arithmetics debug output functions - Linux specific code
+ amcl_curve_test(${curve} test_output_functions_${TC} test_output_functions_ZZZ.c.in amcl_pairing_${TC} "SUCCESS" "output/test_vector_${TC}_${WORD_SIZE}.txt" "stdout.out")
+ endif(CMAKE_SYSTEM_NAME MATCHES "Linux")
+
+ ################################################
+ # MPIN Tests
+ ################################################
+ if(BUILD_MPIN)
+ amcl_curve_test(${curve} test_mpin_${TC} test_mpin_ZZZ.c.in amcl_mpin_${TC} "SUCCESS Error Code 0")
+ amcl_curve_test(${curve} test_mpin_sign_${TC} test_mpin_sign_ZZZ.c.in amcl_mpin_${TC} "TEST PASSED")
+ amcl_curve_test(${curve} test_mpin_good_${TC} test_mpin_good_ZZZ.c.in amcl_mpin_${TC} "SUCCESS Error Code 0")
+ amcl_curve_test(${curve} test_mpin_bad_pin_${TC} test_mpin_bad_pin_ZZZ.c.in amcl_mpin_${TC} "FAILURE")
+ amcl_curve_test(${curve} test_mpin_bad_token_${TC} test_mpin_bad_token_ZZZ.c.in amcl_mpin_${TC} "FAILURE")
+ amcl_curve_test(${curve} test_mpin_tp_${TC} test_mpin_tp_ZZZ.c.in amcl_mpin_${TC} "SUCCESS Error Code 0")
+ amcl_curve_test(${curve} test_mpin_expired_tp_${TC} test_mpin_expired_tp_ZZZ.c.in amcl_mpin_${TC} "FAILURE Invalid Token Error Code -19")
+ amcl_curve_test(${curve} test_mpin_dvs_${TC} test_mpin_dvs_ZZZ.c.in amcl_mpin_${TC} "SUCCESS Error Code 0")
+ amcl_curve_test(${curve} test_mpin_dvs_wrong_pk_${TC} test_mpin_dvs_wrong_pk_ZZZ.c.in amcl_mpin_${TC} "FAILURE Signature Verification Error Code -19")
+ amcl_curve_test(${curve} test_mpin_random_${TC} test_mpin_random_ZZZ.c.in amcl_mpin_${TC} "SUCCESS Error Code 0")
+ amcl_curve_test(${curve} test_mpinfull_sha256_${TC} test_mpinfull_ZZZ.c.in amcl_mpin_${TC} "SUCCESS" "sha256")
+ amcl_curve_test(${curve} test_mpinfull_sha384_${TC} test_mpinfull_ZZZ.c.in amcl_mpin_${TC} "SUCCESS" "sha384")
+ amcl_curve_test(${curve} test_mpinfull_sha512_${TC} test_mpinfull_ZZZ.c.in amcl_mpin_${TC} "SUCCESS" "sha512")
+ amcl_curve_test(${curve} test_mpinfull_tp_${TC} test_mpinfull_tp_ZZZ.c.in amcl_mpin_${TC} "SUCCESS")
+ amcl_curve_test(${curve} test_mpinfull_onepass_${TC} test_mpinfull_onepass_ZZZ.c.in amcl_mpin_${TC} "SUCCESS")
+ amcl_curve_test(${curve} test_mpinfull_random_${TC} test_mpinfull_random_ZZZ.c.in amcl_mpin_${TC} "SUCCESS")
+ if(curve STREQUAL "BN254CX")
+ amcl_curve_test(${curve} test_mpin_vectors_dta_${TC} test_mpin_vectors_dta_ZZZ.c.in amcl_mpin_${TC} "SUCCESS" "mpin/BN254_CX.txt")
+ endif()
+ if(curve STREQUAL "BLS383")
+ amcl_curve_test(${curve} test_mpin_vectors_${TC} test_mpin_vectors_ZZZ.c.in amcl_mpin_${TC} "SUCCESS" "mpin/BLS383.txt")
+ endif()
+ endif()
+
+ ################################################
+ # WCC Tests
+ ################################################
+ if(BUILD_WCC)
+ amcl_curve_test(${curve} test_wcc_${TC} test_wcc_ZZZ.c.in amcl_wcc_${TC} "SUCCESS")
+ amcl_curve_test(${curve} test_wcc_random_${TC} test_wcc_random_ZZZ.c.in amcl_wcc_${TC} "SUCCESS")
+ amcl_curve_test(${curve} test_wcc_invalid_points_${TC} test_wcc_invalid_points_ZZZ.c.in amcl_wcc_${TC} "SUCCESS")
+ amcl_curve_test(${curve} test_wcc_bad_sender_key_${TC} test_wcc_bad_sender_key_ZZZ.c.in amcl_wcc_${TC} "SUCCESS")
+ amcl_curve_test(${curve} test_wcc_bad_receiver_key_${TC} test_wcc_bad_receiver_key_ZZZ.c.in amcl_wcc_${TC} "SUCCESS")
+ endif()
+
+ endif()
+endforeach()
+
+################################################
+# RSA Tests
+################################################
+foreach(level ${AMCL_RSA})
+ amcl_rsa_field(BD "${level}")
+ amcl_rsa_field(TFF "${level}")
+
+ amcl_rsa_test(${level} test_big_arithmetics_${BD} test_big_arithmetics_XXX.c.in amcl_rsa_${TFF} "SUCCESS" "big/test_vector_big.txt")
+ amcl_rsa_test(${level} test_big_consistency_${BD} test_big_consistency_XXX.c.in amcl_rsa_${TFF} "SUCCESS")
+ amcl_rsa_test(${level} test_rsa_${TFF} test_rsa_WWW.c.in amcl_rsa_${TFF} "SUCCESS")
+endforeach()
+
+################################################
+# X509 Tests
+################################################
+if(BUILD_X509)
+ foreach(level ${AMCL_RSA})
+ foreach(curve ${AMCL_CURVE})
+
+ set(deps "amcl_x509;amcl_rsa_${level};amcl_curve_${curve}")
+
+ if (level STREQUAL "2048" AND curve STREQUAL "NIST256")
+ amcl_rsa_curve_test(${level} ${curve} test_x509_${level}_${curve}_1 test_x509_WWW_ZZZ.c.in "${deps}" "SUCCESS" "x509/2048_P256/x509-vect.txt")
+ amcl_rsa_curve_test(${level} ${curve} test_x509_${level}_${curve}_2 test_x509_WWW_ZZZ.c.in "${deps}" "SUCCESS" "x509/2048_P256/pkits-vect.txt")
+ amcl_rsa_curve_test(${level} ${curve} test_rsa_sign_${level}_${curve} test_rsa_sign_WWW_ZZZ.c.in "${deps}" "SUCCESS" "rsa/2048/pkcs-vect.txt")
+ endif()
+
+ if (level STREQUAL "4096" AND curve STREQUAL "NIST256")
+ amcl_rsa_curve_test(${level} ${curve} test_x509_${level}_${curve}_1 test_x509_WWW_ZZZ.c.in "${deps}" "SUCCESS" "x509/4096/x509-vect.txt")
+ amcl_rsa_curve_test(${level} ${curve} test_rsa_sign_${level}_${curve} test_rsa_sign_WWW_ZZZ.c.in "${deps}" "SUCCESS" "rsa/4096/pkcs-vect.txt")
+ endif()
+
+ if (level STREQUAL "3072" AND curve STREQUAL "NIST384")
+ amcl_rsa_curve_test(${level} ${curve} test_x509_${level}_${curve}_1 test_x509_WWW_ZZZ.c.in "${deps}" "SUCCESS" "x509/3072_P384/x509-vect.txt")
+ amcl_rsa_curve_test(${level} ${curve} test_rsa_sign_${level}_${curve} test_rsa_sign_WWW_ZZZ.c.in "${deps}" "SUCCESS" "rsa/3072/pkcs-vect.txt")
+ endif()
+
+ if (curve STREQUAL "NIST521")
+ amcl_rsa_curve_test(${level} ${curve} test_x509_${level}_${curve}_1 test_x509_WWW_ZZZ.c.in "${deps}" "SUCCESS" "x509/P521/x509-vect.txt")
+ endif()
+
+ if (level STREQUAL "2048" AND curve STREQUAL "C25519")
+ amcl_rsa_curve_test(${level} ${curve} test_rsa_sign_${level}_${curve} test_rsa_sign_WWW_ZZZ.c.in "${deps}" "SUCCESS" "rsa/2048/pkcs-vect.txt")
+ endif()
+
+ endforeach()
+ endforeach()
+endif()
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-c/blob/8d28d2c3/test/test_aes_decrypt.c
----------------------------------------------------------------------
diff --git a/test/test_aes_decrypt.c b/test/test_aes_decrypt.c
new file mode 100644
index 0000000..d9ea605
--- /dev/null
+++ b/test/test_aes_decrypt.c
@@ -0,0 +1,252 @@
+/**
+ * @file test_aes_decrypto.c
+ * @author Kealan McCusker
+ * @brief Test function for AES decryption,
+ *
+ * LICENSE
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/* Build executible after installation:
+
+ gcc -std=c99 -g ./test_aes_decrypt.c -I/opt/amcl/include -L/opt/amcl/lib -lamcl -o test_aes_decrypt
+
+*/
+
+#include "arch.h"
+#include "amcl.h"
+#include "utils.h"
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#define LINE_LEN 500
+// #define DEBUG
+
+int main(int argc, char** argv)
+{
+ if (argc != 3)
+ {
+ printf("usage: ./test_aes_decrypt [path to test vector file] [mode-ECB||CBC||CTR||CBF1]\n");
+ exit(EXIT_FAILURE);
+ }
+
+ bool readLine;
+ FILE * fp = NULL;
+ char line[LINE_LEN];
+ char * linePtr = NULL;
+ int l1=0;
+ int blockSize;
+
+ char * KEY = NULL;
+ int KEYLen = 0;
+ const char* KEYStr = "KEY = ";
+
+ char * IV = NULL;
+ int IVLen = 0;
+ const char* IVStr = "IV = ";
+
+ char * CIPHERTEXT = NULL;
+ int CIPHERTEXTLen = 0;
+ const char* CIPHERTEXTStr = "CIPHERTEXT = ";
+
+ char * PLAINTEXT1 = NULL;
+ const char* PLAINTEXTStr = "PLAINTEXT = ";
+ const char* DECRYPTStr = "[DECRYPT]";
+
+ // Assign AES mode
+ int mode;
+ if (!strcmp(argv[2], "ECB"))
+ {
+ mode = ECB;
+ blockSize=16;
+ }
+ else if (!strcmp(argv[2], "CBC"))
+ {
+ mode = CBC;
+ blockSize=16;
+ }
+ else if (!strcmp(argv[2], "CTR"))
+ {
+ mode = CTR16;
+ blockSize=16;
+ }
+ else if (!strcmp(argv[2], "CFB1"))
+ {
+ mode = CFB1;
+ blockSize=1;
+ }
+ else
+ {
+ mode = CBC;
+ blockSize=16;
+ }
+
+ // Open file
+ fp = fopen(argv[1], "r");
+ if (fp == NULL)
+ {
+ printf("ERROR opening test vector file\n");
+ exit(EXIT_FAILURE);
+ }
+
+ int lineNo=0;
+ readLine = false;
+ while ( (fgets(line, LINE_LEN, fp) != NULL))
+ {
+ if (!strncmp(line, DECRYPTStr,strlen(DECRYPTStr)))
+ {
+#ifdef DEBUG
+ printf("line %d %s\n", lineNo,line);
+#endif
+ readLine = true;
+ }
+
+ if(!readLine)
+ continue;
+
+ if (!strncmp(line, KEYStr, strlen(KEYStr)))
+ {
+#ifdef DEBUG
+ printf("line %d %s\n", lineNo,line);
+#endif
+ // Find hex value in string
+ linePtr = line + strlen(KEYStr);
+
+ // Allocate memory
+ l1 = strlen(linePtr)-1;
+ KEYLen = l1/2;
+ KEY = (char*) malloc (KEYLen);
+ if (KEY==NULL)
+ exit(EXIT_FAILURE);
+
+ // KEY binary value
+ amcl_hex2bin(linePtr, KEY, l1);
+ }
+
+ if (!strncmp(line, IVStr, strlen(IVStr)))
+ {
+#ifdef DEBUG
+ printf("line %d %s\n", lineNo,line);
+#endif
+ // Find hex value in string
+ linePtr = line + strlen(IVStr);
+
+ // Allocate memory
+ l1 = strlen(linePtr)-1;
+ IVLen = l1/2;
+ IV = (char*) malloc (IVLen);
+ if (IV==NULL)
+ exit(EXIT_FAILURE);
+
+ // IV binary value
+ amcl_hex2bin(linePtr, IV, l1);
+ }
+
+ if (!strncmp(line, CIPHERTEXTStr, strlen(CIPHERTEXTStr)))
+ {
+#ifdef DEBUG
+ printf("line %d %s\n", lineNo,line);
+#endif
+ // Find hex value in string
+ linePtr = line + strlen(CIPHERTEXTStr);
+
+ // Allocate memory
+ l1 = strlen(linePtr)-1;
+ CIPHERTEXTLen = l1/2;
+ CIPHERTEXT = (char*) malloc (CIPHERTEXTLen);
+ if (CIPHERTEXT==NULL)
+ exit(EXIT_FAILURE);
+
+ // CIPHERTEXT binary value
+ amcl_hex2bin(linePtr, CIPHERTEXT, l1);
+ }
+
+ if (!strncmp(line, PLAINTEXTStr, strlen(PLAINTEXTStr)))
+ {
+#ifdef DEBUG
+ printf("line %d %s\n", lineNo,line);
+#endif
+ // Find hex value in string
+ linePtr = line + strlen(PLAINTEXTStr);
+
+ // Allocate memory
+ l1 = strlen(linePtr);
+ PLAINTEXT1 = (char*) malloc(CIPHERTEXTLen+1);
+ if (PLAINTEXT1==NULL)
+ exit(EXIT_FAILURE);
+
+ // Golden PLAINTEXT value
+ octet PLAINTEXT1Oct= {CIPHERTEXTLen,CIPHERTEXTLen,PLAINTEXT1};
+ amcl_hex2bin(linePtr, PLAINTEXT1, l1);
+
+ amcl_aes a;
+
+#ifdef DEBUG
+ printf("KEY = ");
+ amcl_print_hex(KEY, KEYLen);
+ printf("IV = ");
+ amcl_print_hex(IV, IVLen);
+ printf("CIPHERTEXT = ");
+ amcl_print_hex(CIPHERTEXT, CIPHERTEXTLen);
+#endif
+
+ // Decrypt
+ int i=0;
+ AES_init(&a,mode,KEYLen,KEY,IV);
+ for (i=0; i<(CIPHERTEXTLen/blockSize); i++)
+ {
+ AES_decrypt(&a,&CIPHERTEXT[i*blockSize]);
+ }
+
+ octet PLAINTEXTOct= {CIPHERTEXTLen,CIPHERTEXTLen,CIPHERTEXT};
+
+#ifdef DEBUG
+ printf("PLAINTEXT = ");
+ amcl_print_hex(CIPHERTEXT, CIPHERTEXTLen);
+ printf("\n\n");
+#endif
+
+ int rc = OCT_comp(&PLAINTEXTOct,&PLAINTEXT1Oct);
+ if (!rc)
+ {
+ printf("TEST AES DECRYPT FAILED COMPARE PLAINTEXT LINE %d\n",lineNo);
+ exit(EXIT_FAILURE);
+ }
+
+ free(KEY);
+ KEY = NULL;
+ free(IV);
+ IV = NULL;
+ free(CIPHERTEXT);
+ CIPHERTEXT = NULL;
+ free(PLAINTEXT1);
+ PLAINTEXT1 = NULL;
+ }
+ lineNo++;
+ }
+ fclose(fp);
+ if (!readLine)
+ {
+ printf("ERROR Empty test vector file\n");
+ exit(EXIT_FAILURE);
+ }
+ printf("SUCCESS TEST AES %s DECRYPT PASSED\n", argv[2]);
+ exit(EXIT_SUCCESS);
+}
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-c/blob/8d28d2c3/test/test_aes_encrypt.c
----------------------------------------------------------------------
diff --git a/test/test_aes_encrypt.c b/test/test_aes_encrypt.c
new file mode 100644
index 0000000..f963c0d
--- /dev/null
+++ b/test/test_aes_encrypt.c
@@ -0,0 +1,253 @@
+
+/**
+ * @file test_aes_encrypt.c
+ * @author Kealan McCusker
+ * @brief Test function for AES encryption,
+ *
+ * LICENSE
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/* Build executible after installation:
+
+ gcc -std=c99 -g ./test_aes_encrypt.c -I/opt/amcl/include -L/opt/amcl/lib -lamcl -o test_aes_encrypt
+
+*/
+
+#include "arch.h"
+#include "amcl.h"
+#include "utils.h"
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#define LINE_LEN 500
+//#define DEBUG
+
+int main(int argc, char** argv)
+{
+ if (argc != 3)
+ {
+ printf("usage: ./test_aes_encrypt [path to test vector file] [mode:ECB||CBC||CTR||CFB1]\n");
+ exit(EXIT_FAILURE);
+ }
+
+ bool readLine;
+ FILE * fp = NULL;
+ char line[LINE_LEN];
+ char * linePtr = NULL;
+ int l1=0;
+ int blockSize;
+
+ char * KEY = NULL;
+ int KEYLen = 0;
+ const char* KEYStr = "KEY = ";
+
+ char * IV = NULL;
+ int IVLen = 0;
+ const char* IVStr = "IV = ";
+
+ char * PLAINTEXT = NULL;
+ int PLAINTEXTLen = 0;
+ const char* PLAINTEXTStr = "PLAINTEXT = ";
+
+ char * CIPHERTEXT1 = NULL;
+ const char* CIPHERTEXTStr = "CIPHERTEXT = ";
+ const char* DECRYPTStr = "[DECRYPT]";
+
+ // Assign AES mode
+ int mode;
+ if (!strcmp(argv[2], "ECB"))
+ {
+ mode = ECB;
+ blockSize=16;
+ }
+ else if (!strcmp(argv[2], "CBC"))
+ {
+ mode = CBC;
+ blockSize=16;
+ }
+ else if (!strcmp(argv[2], "CTR"))
+ {
+ mode = CTR16;
+ blockSize=16;
+ }
+ else if (!strcmp(argv[2], "CFB1"))
+ {
+ mode = CFB1;
+ blockSize=1;
+ }
+ else
+ {
+ mode = CBC;
+ blockSize=16;
+ }
+
+ // Open file
+ fp = fopen(argv[1], "r");
+ if (fp == NULL)
+ {
+ printf("ERROR opening test vector file\n");
+ exit(EXIT_FAILURE);
+ }
+
+ int lineNo=0;
+ readLine = true;
+ while ( (fgets(line, LINE_LEN, fp) != NULL))
+ {
+ if (!strncmp(line, DECRYPTStr,strlen(DECRYPTStr)))
+ {
+#ifdef DEBUG
+ printf("line %d %s\n", lineNo,line);
+#endif
+ readLine = false;
+ }
+
+ if(!readLine)
+ continue;
+
+ if (!strncmp(line, KEYStr, strlen(KEYStr)))
+ {
+#ifdef DEBUG
+ printf("line %d %s\n", lineNo,line);
+#endif
+ // Find hex value in string
+ linePtr = line + strlen(KEYStr);
+
+ // Allocate memory
+ l1 = strlen(linePtr)-1;
+ KEYLen = l1/2;
+ KEY = (char*) malloc (KEYLen);
+ if (KEY==NULL)
+ exit(EXIT_FAILURE);
+
+ // KEY binary value
+ amcl_hex2bin(linePtr, KEY, l1);
+ }
+
+ if (!strncmp(line, IVStr, strlen(IVStr)))
+ {
+#ifdef DEBUG
+ printf("line %d %s\n", lineNo,line);
+#endif
+ // Find hex value in string
+ linePtr = line + strlen(IVStr);
+
+ // Allocate memory
+ l1 = strlen(linePtr)-1;
+ IVLen = l1/2;
+ IV = (char*) malloc (IVLen);
+ if (IV==NULL)
+ exit(EXIT_FAILURE);
+
+ // IV binary value
+ amcl_hex2bin(linePtr, IV, l1);
+ }
+
+ if (!strncmp(line, PLAINTEXTStr, strlen(PLAINTEXTStr)))
+ {
+#ifdef DEBUG
+ printf("line %d %s\n", lineNo,line);
+#endif
+ // Find hex value in string
+ linePtr = line + strlen(PLAINTEXTStr);
+
+ // Allocate memory
+ l1 = strlen(linePtr)-1;
+ PLAINTEXTLen = l1/2;
+ PLAINTEXT = (char*) malloc(PLAINTEXTLen);
+ if (PLAINTEXT==NULL)
+ exit(EXIT_FAILURE);
+
+ // PLAINTEXT binary value
+ amcl_hex2bin(linePtr, PLAINTEXT, l1);
+ }
+
+ if (!strncmp(line, CIPHERTEXTStr, strlen(CIPHERTEXTStr)))
+ {
+#ifdef DEBUG
+ printf("line %d %s\n", lineNo,line);
+#endif
+ // Find hex value in string
+ linePtr = line + strlen(CIPHERTEXTStr);
+
+ // Allocate memory
+ l1 = strlen(linePtr);
+ CIPHERTEXT1 = (char*) malloc(PLAINTEXTLen+1);
+ if (CIPHERTEXT1==NULL)
+ exit(EXIT_FAILURE);
+
+ // Golden CIPHERTEXT value
+ octet CIPHERTEXT1Oct= {PLAINTEXTLen,PLAINTEXTLen,CIPHERTEXT1};
+ amcl_hex2bin(linePtr, CIPHERTEXT1, l1);
+
+ amcl_aes a;
+
+#ifdef DEBUG
+ printf("KEY = ");
+ amcl_print_hex(KEY, KEYLen);
+ printf("IV = ");
+ amcl_print_hex(IV, IVLen);
+ printf("PLAINTEXT = ");
+ amcl_print_hex(PLAINTEXT, PLAINTEXTLen);
+#endif
+
+ // Encrypt
+ int i=0;
+ AES_init(&a,mode,KEYLen,KEY,IV);
+ for (i=0; i<(PLAINTEXTLen/blockSize); i++)
+ {
+ AES_encrypt(&a,&PLAINTEXT[i*blockSize]);
+ }
+
+ octet CIPHERTEXTOct= {PLAINTEXTLen,PLAINTEXTLen,PLAINTEXT};
+
+#ifdef DEBUG
+ printf("CIPHERTEXT = ");
+ amcl_print_hex(PLAINTEXT, PLAINTEXTLen);
+ printf("\n\n");
+#endif
+
+ int rc = OCT_comp(&CIPHERTEXTOct,&CIPHERTEXT1Oct);
+ if (!rc)
+ {
+ printf("TEST AES ENCRYPT FAILED COMPARE CIPHERTEXT LINE %d\n",lineNo);
+ exit(EXIT_FAILURE);
+ }
+
+ free(KEY);
+ KEY = NULL;
+ free(IV);
+ IV = NULL;
+ free(PLAINTEXT);
+ PLAINTEXT = NULL;
+ free(CIPHERTEXT1);
+ CIPHERTEXT1 = NULL;
+ }
+ lineNo++;
+ }
+ fclose(fp);
+ if (readLine)
+ {
+ printf("ERROR No test vectors\n");
+ exit(EXIT_FAILURE);
+ }
+ printf("SUCCESS TEST AES %s ENCRYPT PASSED\n", argv[2]);
+ exit(EXIT_SUCCESS);
+}
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-c/blob/8d28d2c3/test/test_big_arithmetics_XXX.c.in
----------------------------------------------------------------------
diff --git a/test/test_big_arithmetics_XXX.c.in b/test/test_big_arithmetics_XXX.c.in
new file mode 100644
index 0000000..96793ee
--- /dev/null
+++ b/test/test_big_arithmetics_XXX.c.in
@@ -0,0 +1,361 @@
+/**
+ * @file test_big_consistency.c
+ * @author Alessandro Budroni
+ * @brief Test for aritmetics with BIG_XXX
+ *
+ * LICENSE
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "arch.h"
+#include "amcl.h"
+#include "utils.h"
+#include "big_XXX.h"
+
+#define LINE_LEN 10000
+#define MAX_STRING 300
+
+void read_BIG_XXX(BIG_XXX A, char* string)
+{
+ int len;
+ char support[LINE_LEN];
+ BIG_XXX_zero(A);
+ len = strlen(string)+1;
+ amcl_hex2bin(string,support,len);
+ len = (len-1)/2;;
+ BIG_XXX_fromBytesLen(A,support,len);
+ BIG_XXX_norm(A);
+}
+
+void read_DBIG_XXX(DBIG_XXX A, char* string)
+{
+ int len;
+ char support[LINE_LEN];
+ BIG_XXX_dzero(A);
+ len = strlen(string)+1;
+ amcl_hex2bin(string,support,len);
+ len = (len-1)/2;
+ BIG_XXX_dfromBytesLen(A,support,len);
+ BIG_XXX_dnorm(A);
+}
+
+int main(int argc, char** argv)
+{
+ if (argc != 2)
+ {
+ printf("usage: ./test_BIG_XXX_arithmetics [path to test vector file]\n");
+ exit(EXIT_FAILURE);
+ }
+
+ int i=0, len=0, bitlen=0;
+
+ FILE *fp;
+
+ char line[LINE_LEN];
+ char * linePtr = NULL;
+
+ BIG_XXX supp,mod,div;
+ DBIG_XXX dsupp;
+
+ BIG_XXX BIG1;
+ const char* BIG1line = "BIG1 = ";
+ BIG_XXX BIG2;
+ const char* BIG2line = "BIG2 = ";
+ BIG_XXX BIGsum;
+ const char* BIGsumline = "BIGsum = ";
+ BIG_XXX BIGsub;
+ const char* BIGsubline = "BIGsub = ";
+ BIG_XXX BIG1mod2;
+ const char* BIG1mod2line = "BIG1mod2 = ";
+ BIG_XXX BIG2mod1;
+ const char* BIG2mod1line = "BIG2mod1 = ";
+ DBIG_XXX BIGmul;
+ const char* BIGmulline = "BIGmul = ";
+ DBIG_XXX BIG1sqr;
+ const char* BIG1sqrline = "BIG1sqr = ";
+ DBIG_XXX BIG2sqr;
+ const char* BIG2sqrline = "BIG2sqr = ";
+ BIG_XXX BIG1sqrmod2;
+ const char* BIG1sqrmod2line = "BIG1sqrmod2 = ";
+ BIG_XXX BIG1modneg2;
+ const char* BIG1modneg2line = "BIG1modneg2 = ";
+ int nbitBIG = 0;
+ const char* nbitBIGline = "nbitBIG = ";
+ int nbitDBIG = 0;
+ const char* nbitDBIGline = "nbitDBIG = ";
+ BIG_XXX BIGdiv;
+ const char* BIGdivline = "BIGdiv = ";
+ BIG_XXX BIGdivmod;
+ const char* BIGdivmodline = "BIGdivmod = ";
+ DBIG_XXX BIGpxmul;
+ const char* BIGpxmulline = "BIGpxmul = ";
+
+ fp = fopen(argv[1], "r");
+ if (fp == NULL)
+ {
+ printf("ERROR opening test vector file\n");
+ exit(EXIT_FAILURE);
+ }
+
+ while (fgets(line, LINE_LEN, fp) != NULL)
+ {
+ i++;
+ if (!strncmp(line, BIG1line, strlen(BIG1line)))
+ {
+ len = strlen(BIG1line);
+ linePtr = line + len;
+ read_BIG_XXX(BIG1,linePtr);
+ }
+// test comparison
+ if (!strncmp(line,BIG2line, strlen(BIG2line)))
+ {
+ len = strlen(BIG2line);
+ linePtr = line + len;
+ read_BIG_XXX(BIG2,linePtr);
+ if (BIG_XXX_comp(BIG1,BIG2) < 0)
+ {
+ printf("ERROR comparing two BIGs, line %d\n",i);
+ exit(EXIT_FAILURE);
+ }
+ }
+// test addition
+ if (!strncmp(line,BIGsumline, strlen(BIGsumline)))
+ {
+ BIG_XXX_zero(supp);
+ BIG_XXX_add(supp,BIG1,BIG2);
+ len = strlen(BIGsumline);
+ linePtr = line + len;
+ read_BIG_XXX(BIGsum,linePtr);
+ BIG_XXX_norm(supp);
+ if (BIG_XXX_comp(BIGsum,supp) != 0)
+ {
+ printf("ERROR adding two BIGs, line %d\n",i);
+ exit(EXIT_FAILURE);
+ }
+ }
+// test subtraction
+ if (!strncmp(line,BIGsubline, strlen(BIGsubline)))
+ {
+ BIG_XXX_zero(supp);
+ BIG_XXX_sub(supp,BIG1,BIG2);
+ len = strlen(BIGsubline);
+ linePtr = line + len;
+ read_BIG_XXX(BIGsub,linePtr);
+ BIG_XXX_norm(supp);
+ if (BIG_XXX_comp(BIGsub,supp) != 0)
+ {
+ printf("ERROR subtracting two BIGs, line %d\n",i);
+ exit(EXIT_FAILURE);
+ }
+ }
+// test modulo 1
+ if (!strncmp(line,BIG1mod2line, strlen(BIG1mod2line)))
+ {
+ BIG_XXX_zero(supp);
+ BIG_XXX_copy(supp,BIG1);
+ BIG_XXX_mod(supp,BIG2);
+ len = strlen(BIG1mod2line);
+ linePtr = line + len;
+ read_BIG_XXX(BIG1mod2,linePtr);
+ BIG_XXX_norm(supp);
+ if (BIG_XXX_comp(BIG1mod2,supp) != 0)
+ {
+ printf("ERROR reducing modulo BIG, line %d\n",i);
+ exit(EXIT_FAILURE);
+ }
+ }
+// test modulo 2
+ if (!strncmp(line,BIG2mod1line, strlen(BIG2mod1line)))
+ {
+ BIG_XXX_zero(supp);
+ BIG_XXX_copy(supp,BIG2);
+ BIG_XXX_mod(supp,BIG1);
+ len = strlen(BIG2mod1line);
+ linePtr = line + len;
+ read_BIG_XXX(BIG2mod1,linePtr);
+ BIG_XXX_norm(supp);
+ if (BIG_XXX_comp(BIG2mod1,supp) != 0)
+ {
+ printf("ERROR reducing modulo BIG, line %d\n",i);
+ exit(EXIT_FAILURE);
+ }
+ }
+// test multiplication
+ if (!strncmp(line,BIGmulline, strlen(BIGmulline)))
+ {
+ BIG_XXX_dzero(dsupp);
+ BIG_XXX_mul(dsupp,BIG1,BIG2);
+ len = strlen(BIGmulline);
+ linePtr = line + len;
+ read_DBIG_XXX(BIGmul,linePtr);
+ BIG_XXX_dnorm(dsupp);
+ if (BIG_XXX_dcomp(BIGmul,dsupp) != 0)
+ {
+ printf("ERROR multiplication BIG, line %d\n",i);
+ exit(EXIT_FAILURE);
+ }
+ }
+// test square 1
+ if (!strncmp(line,BIG1sqrline, strlen(BIG1sqrline)))
+ {
+ BIG_XXX_dzero(dsupp);
+ BIG_XXX_sqr(dsupp,BIG1);
+ len = strlen(BIG1sqrline);
+ linePtr = line + len;
+ read_DBIG_XXX(BIG1sqr,linePtr);
+ BIG_XXX_dnorm(dsupp);
+ if (BIG_XXX_dcomp(BIG1sqr,dsupp) != 0)
+ {
+ printf("ERROR squaring BIG 1, line %d\n",i);
+ exit(EXIT_FAILURE);
+ }
+ }
+// test square 2
+ if (!strncmp(line,BIG2sqrline, strlen(BIG2sqrline)))
+ {
+ BIG_XXX_dzero(dsupp);
+ BIG_XXX_sqr(dsupp,BIG2);
+ len = strlen(BIG2sqrline);
+ linePtr = line + len;
+ read_DBIG_XXX(BIG2sqr,linePtr);
+ BIG_XXX_dnorm(dsupp);
+ if (BIG_XXX_dcomp(BIG2sqr,dsupp) != 0)
+ {
+ printf("ERROR squaring BIG 2, line %d\n",i);
+ exit(EXIT_FAILURE);
+ }
+ }
+// test square mod
+ if (!strncmp(line,BIG1sqrmod2line, strlen(BIG1sqrmod2line)))
+ {
+ BIG_XXX_zero(supp);
+ BIG_XXX_copy(supp,BIG1);
+ BIG_XXX_modsqr(supp,supp,BIG2);
+ len = strlen(BIG1sqrmod2line);
+ linePtr = line + len;
+ read_BIG_XXX(BIG1sqrmod2,linePtr);
+ BIG_XXX_norm(supp);
+ if (BIG_XXX_comp(BIG1sqrmod2,supp) != 0)
+ {
+ printf("ERROR reducing squaring modulo BIG, line %d\n",i);
+ exit(EXIT_FAILURE);
+ }
+ }
+// test negative and modulo
+ if (!strncmp(line,BIG1modneg2line, strlen(BIG1modneg2line)))
+ {
+ BIG_XXX_zero(supp);
+ BIG_XXX_copy(supp,BIG1);
+ BIG_XXX_modneg(supp,supp,BIG2);
+ BIG_XXX_mod(supp,BIG2); // Account for case BIG1 = BIG2
+ len = strlen(BIG1modneg2line);
+ linePtr = line + len;
+ read_BIG_XXX(BIG1modneg2,linePtr);
+ BIG_XXX_norm(supp);
+ if (BIG_XXX_comp(BIG1modneg2,supp) != 0)
+ {
+ printf("ERROR negative reduced modulo BIG, line %d\n",i);
+ exit(EXIT_FAILURE);
+ }
+ }
+// test counting bit BIG
+ if (!strncmp(line,nbitBIGline, strlen(nbitBIGline)))
+ {
+ len = strlen(nbitBIGline);
+ nbitBIG = BIG_XXX_nbits(BIG1);
+ linePtr = line + len;
+ sscanf(linePtr,"%d\n",&bitlen);
+ if (nbitBIG != bitlen)
+ {
+ printf("ERROR counting bit BIG, line %d\n",i);
+ exit(EXIT_FAILURE);
+ }
+ }
+// test counting bit DBIG
+ if (!strncmp(line,nbitDBIGline, strlen(nbitDBIGline)))
+ {
+ len = strlen(nbitDBIGline);
+ nbitDBIG = BIG_XXX_dnbits(BIGmul);
+ linePtr = line + len;
+ sscanf(linePtr,"%d\n",&bitlen);
+ if (nbitDBIG != bitlen)
+ {
+ printf("ERROR counting bit DBIG, line %d\n",i);
+ exit(EXIT_FAILURE);
+ }
+ }
+// test division
+ if (!strncmp(line,BIGdivline, strlen(BIGdivline)))
+ {
+ BIG_XXX_dzero(dsupp);
+ BIG_XXX_zero(supp);
+ BIG_XXX_dcopy(dsupp,BIGmul);
+ BIG_XXX_ddiv(supp,dsupp,BIGsum);
+ len = strlen(BIGdivline);
+ linePtr = line + len;
+ read_BIG_XXX(BIGdiv,linePtr);
+ BIG_XXX_norm(supp);
+ if (BIG_XXX_comp(BIGdiv,supp) != 0)
+ {
+ printf("ERROR division BIG, line %d\n",i);
+ exit(EXIT_FAILURE);
+ }
+ }
+// test division with modulo
+ if (!strncmp(line,BIGdivmodline, strlen(BIGdivmodline)))
+ {
+ read_BIG_XXX(mod,"E186EB30EF");
+ read_BIG_XXX(div,"0ED5066C6815047425DF");
+ BIG_XXX_zero(supp);
+ BIG_XXX_copy(supp,BIG1);
+ BIG_XXX_moddiv(supp,supp,div,mod);
+ len = strlen(BIGdivmodline);
+ linePtr = line + len;
+ read_BIG_XXX(BIGdivmod,linePtr);
+ BIG_XXX_norm(supp);
+ if (BIG_XXX_comp(BIGdivmod,supp) != 0)
+ {
+ printf("ERROR division modulo BIG, line %d\n",i);
+ exit(EXIT_FAILURE);
+ }
+ }
+// test small multiplication
+ if (!strncmp(line,BIGpxmulline, strlen(BIGpxmulline)))
+ {
+ BIG_XXX_dzero(dsupp);
+ BIG_XXX_pxmul(dsupp,BIG1,nbitDBIG);
+ len = strlen(BIGpxmulline);
+ linePtr = line + len;
+ read_DBIG_XXX(BIGpxmul,linePtr);
+ BIG_XXX_dnorm(dsupp);
+ if (BIG_XXX_dcomp(BIGpxmul,dsupp) != 0)
+ {
+ printf("ERROR small multiplication BIG, line %d\n",i);
+ exit(EXIT_FAILURE);
+ }
+ }
+ }
+
+ fclose(fp);
+ printf("SUCCESS TEST ARITMETIC OF BIG_XXX PASSED\n");
+ exit(EXIT_SUCCESS);
+}