diff options
Diffstat (limited to 'src/lib/libssl/src/fips/fipsalgtest.pl')
-rw-r--r-- | src/lib/libssl/src/fips/fipsalgtest.pl | 848 |
1 files changed, 0 insertions, 848 deletions
diff --git a/src/lib/libssl/src/fips/fipsalgtest.pl b/src/lib/libssl/src/fips/fipsalgtest.pl deleted file mode 100644 index 44a5ccac7a..0000000000 --- a/src/lib/libssl/src/fips/fipsalgtest.pl +++ /dev/null | |||
@@ -1,848 +0,0 @@ | |||
1 | #!/usr/bin/perl -w | ||
2 | # Perl utility to run or verify FIPS 140-2 CMVP algorithm tests based on the | ||
3 | # pathnames of input algorithm test files actually present (the unqualified | ||
4 | # file names are consistent but the pathnames are not). | ||
5 | # | ||
6 | |||
7 | # FIPS test definitions | ||
8 | # List of all the unqualified file names we expect and command lines to run | ||
9 | |||
10 | # DSA tests | ||
11 | my @fips_dsa_test_list = ( | ||
12 | |||
13 | "DSA", | ||
14 | |||
15 | [ "PQGGen", "fips_dssvs pqg" ], | ||
16 | [ "KeyPair", "fips_dssvs keypair" ], | ||
17 | [ "SigGen", "fips_dssvs siggen" ], | ||
18 | [ "SigVer", "fips_dssvs sigver" ] | ||
19 | |||
20 | ); | ||
21 | |||
22 | # RSA tests | ||
23 | |||
24 | my @fips_rsa_test_list = ( | ||
25 | |||
26 | "RSA", | ||
27 | |||
28 | [ "SigGen15", "fips_rsastest" ], | ||
29 | [ "SigVer15", "fips_rsavtest" ], | ||
30 | [ "SigVerRSA", "fips_rsavtest -x931" ], | ||
31 | [ "KeyGenRSA", "fips_rsagtest" ], | ||
32 | [ "SigGenRSA", "fips_rsastest -x931" ] | ||
33 | |||
34 | ); | ||
35 | |||
36 | # Special cases for PSS. The filename itself is | ||
37 | # not sufficient to determine the test. Addditionally we | ||
38 | # need to examine the file contents to determine the salt length | ||
39 | # In these cases the test filename has (saltlen) appended. | ||
40 | |||
41 | # RSA PSS salt length 0 tests | ||
42 | |||
43 | my @fips_rsa_pss0_test_list = ( | ||
44 | |||
45 | [ "SigGenPSS(0)", "fips_rsastest -saltlen 0" ], | ||
46 | [ "SigVerPSS(0)", "fips_rsavtest -saltlen 0" ] | ||
47 | |||
48 | ); | ||
49 | |||
50 | # RSA PSS salt length 62 tests | ||
51 | |||
52 | my @fips_rsa_pss62_test_list = ( | ||
53 | [ "SigGenPSS(62)", "fips_rsastest -saltlen 62" ], | ||
54 | [ "SigVerPSS(62)", "fips_rsavtest -saltlen 62" ] | ||
55 | |||
56 | ); | ||
57 | |||
58 | # SHA tests | ||
59 | |||
60 | my @fips_sha_test_list = ( | ||
61 | |||
62 | "SHA", | ||
63 | |||
64 | [ "SHA1LongMsg", "fips_shatest" ], | ||
65 | [ "SHA1Monte", "fips_shatest" ], | ||
66 | [ "SHA1ShortMsg", "fips_shatest" ], | ||
67 | [ "SHA224LongMsg", "fips_shatest" ], | ||
68 | [ "SHA224Monte", "fips_shatest" ], | ||
69 | [ "SHA224ShortMsg", "fips_shatest" ], | ||
70 | [ "SHA256LongMsg", "fips_shatest" ], | ||
71 | [ "SHA256Monte", "fips_shatest" ], | ||
72 | [ "SHA256ShortMsg", "fips_shatest" ], | ||
73 | [ "SHA384LongMsg", "fips_shatest" ], | ||
74 | [ "SHA384Monte", "fips_shatest" ], | ||
75 | [ "SHA384ShortMsg", "fips_shatest" ], | ||
76 | [ "SHA512LongMsg", "fips_shatest" ], | ||
77 | [ "SHA512Monte", "fips_shatest" ], | ||
78 | [ "SHA512ShortMsg", "fips_shatest" ] | ||
79 | |||
80 | ); | ||
81 | |||
82 | # HMAC | ||
83 | |||
84 | my @fips_hmac_test_list = ( | ||
85 | |||
86 | "HMAC", | ||
87 | |||
88 | [ "HMAC", "fips_hmactest" ] | ||
89 | |||
90 | ); | ||
91 | |||
92 | # RAND tests, AES version | ||
93 | |||
94 | my @fips_rand_aes_test_list = ( | ||
95 | |||
96 | "RAND (AES)", | ||
97 | |||
98 | [ "ANSI931_AES128MCT", "fips_rngvs mct" ], | ||
99 | [ "ANSI931_AES192MCT", "fips_rngvs mct" ], | ||
100 | [ "ANSI931_AES256MCT", "fips_rngvs mct" ], | ||
101 | [ "ANSI931_AES128VST", "fips_rngvs vst" ], | ||
102 | [ "ANSI931_AES192VST", "fips_rngvs vst" ], | ||
103 | [ "ANSI931_AES256VST", "fips_rngvs vst" ] | ||
104 | |||
105 | ); | ||
106 | |||
107 | # RAND tests, DES2 version | ||
108 | |||
109 | my @fips_rand_des2_test_list = ( | ||
110 | |||
111 | "RAND (DES2)", | ||
112 | |||
113 | [ "ANSI931_TDES2MCT", "fips_rngvs mct" ], | ||
114 | [ "ANSI931_TDES2VST", "fips_rngvs vst" ] | ||
115 | |||
116 | ); | ||
117 | |||
118 | # AES tests | ||
119 | |||
120 | my @fips_aes_test_list = ( | ||
121 | |||
122 | "AES", | ||
123 | |||
124 | [ "CBCGFSbox128", "fips_aesavs -f" ], | ||
125 | [ "CBCGFSbox192", "fips_aesavs -f" ], | ||
126 | [ "CBCGFSbox256", "fips_aesavs -f" ], | ||
127 | [ "CBCKeySbox128", "fips_aesavs -f" ], | ||
128 | [ "CBCKeySbox192", "fips_aesavs -f" ], | ||
129 | [ "CBCKeySbox256", "fips_aesavs -f" ], | ||
130 | [ "CBCMCT128", "fips_aesavs -f" ], | ||
131 | [ "CBCMCT192", "fips_aesavs -f" ], | ||
132 | [ "CBCMCT256", "fips_aesavs -f" ], | ||
133 | [ "CBCMMT128", "fips_aesavs -f" ], | ||
134 | [ "CBCMMT192", "fips_aesavs -f" ], | ||
135 | [ "CBCMMT256", "fips_aesavs -f" ], | ||
136 | [ "CBCVarKey128", "fips_aesavs -f" ], | ||
137 | [ "CBCVarKey192", "fips_aesavs -f" ], | ||
138 | [ "CBCVarKey256", "fips_aesavs -f" ], | ||
139 | [ "CBCVarTxt128", "fips_aesavs -f" ], | ||
140 | [ "CBCVarTxt192", "fips_aesavs -f" ], | ||
141 | [ "CBCVarTxt256", "fips_aesavs -f" ], | ||
142 | [ "CFB128GFSbox128", "fips_aesavs -f" ], | ||
143 | [ "CFB128GFSbox192", "fips_aesavs -f" ], | ||
144 | [ "CFB128GFSbox256", "fips_aesavs -f" ], | ||
145 | [ "CFB128KeySbox128", "fips_aesavs -f" ], | ||
146 | [ "CFB128KeySbox192", "fips_aesavs -f" ], | ||
147 | [ "CFB128KeySbox256", "fips_aesavs -f" ], | ||
148 | [ "CFB128MCT128", "fips_aesavs -f" ], | ||
149 | [ "CFB128MCT192", "fips_aesavs -f" ], | ||
150 | [ "CFB128MCT256", "fips_aesavs -f" ], | ||
151 | [ "CFB128MMT128", "fips_aesavs -f" ], | ||
152 | [ "CFB128MMT192", "fips_aesavs -f" ], | ||
153 | [ "CFB128MMT256", "fips_aesavs -f" ], | ||
154 | [ "CFB128VarKey128", "fips_aesavs -f" ], | ||
155 | [ "CFB128VarKey192", "fips_aesavs -f" ], | ||
156 | [ "CFB128VarKey256", "fips_aesavs -f" ], | ||
157 | [ "CFB128VarTxt128", "fips_aesavs -f" ], | ||
158 | [ "CFB128VarTxt192", "fips_aesavs -f" ], | ||
159 | [ "CFB128VarTxt256", "fips_aesavs -f" ], | ||
160 | [ "CFB8GFSbox128", "fips_aesavs -f" ], | ||
161 | [ "CFB8GFSbox192", "fips_aesavs -f" ], | ||
162 | [ "CFB8GFSbox256", "fips_aesavs -f" ], | ||
163 | [ "CFB8KeySbox128", "fips_aesavs -f" ], | ||
164 | [ "CFB8KeySbox192", "fips_aesavs -f" ], | ||
165 | [ "CFB8KeySbox256", "fips_aesavs -f" ], | ||
166 | [ "CFB8MCT128", "fips_aesavs -f" ], | ||
167 | [ "CFB8MCT192", "fips_aesavs -f" ], | ||
168 | [ "CFB8MCT256", "fips_aesavs -f" ], | ||
169 | [ "CFB8MMT128", "fips_aesavs -f" ], | ||
170 | [ "CFB8MMT192", "fips_aesavs -f" ], | ||
171 | [ "CFB8MMT256", "fips_aesavs -f" ], | ||
172 | [ "CFB8VarKey128", "fips_aesavs -f" ], | ||
173 | [ "CFB8VarKey192", "fips_aesavs -f" ], | ||
174 | [ "CFB8VarKey256", "fips_aesavs -f" ], | ||
175 | [ "CFB8VarTxt128", "fips_aesavs -f" ], | ||
176 | [ "CFB8VarTxt192", "fips_aesavs -f" ], | ||
177 | [ "CFB8VarTxt256", "fips_aesavs -f" ], | ||
178 | |||
179 | [ "ECBGFSbox128", "fips_aesavs -f" ], | ||
180 | [ "ECBGFSbox192", "fips_aesavs -f" ], | ||
181 | [ "ECBGFSbox256", "fips_aesavs -f" ], | ||
182 | [ "ECBKeySbox128", "fips_aesavs -f" ], | ||
183 | [ "ECBKeySbox192", "fips_aesavs -f" ], | ||
184 | [ "ECBKeySbox256", "fips_aesavs -f" ], | ||
185 | [ "ECBMCT128", "fips_aesavs -f" ], | ||
186 | [ "ECBMCT192", "fips_aesavs -f" ], | ||
187 | [ "ECBMCT256", "fips_aesavs -f" ], | ||
188 | [ "ECBMMT128", "fips_aesavs -f" ], | ||
189 | [ "ECBMMT192", "fips_aesavs -f" ], | ||
190 | [ "ECBMMT256", "fips_aesavs -f" ], | ||
191 | [ "ECBVarKey128", "fips_aesavs -f" ], | ||
192 | [ "ECBVarKey192", "fips_aesavs -f" ], | ||
193 | [ "ECBVarKey256", "fips_aesavs -f" ], | ||
194 | [ "ECBVarTxt128", "fips_aesavs -f" ], | ||
195 | [ "ECBVarTxt192", "fips_aesavs -f" ], | ||
196 | [ "ECBVarTxt256", "fips_aesavs -f" ], | ||
197 | [ "OFBGFSbox128", "fips_aesavs -f" ], | ||
198 | [ "OFBGFSbox192", "fips_aesavs -f" ], | ||
199 | [ "OFBGFSbox256", "fips_aesavs -f" ], | ||
200 | [ "OFBKeySbox128", "fips_aesavs -f" ], | ||
201 | [ "OFBKeySbox192", "fips_aesavs -f" ], | ||
202 | [ "OFBKeySbox256", "fips_aesavs -f" ], | ||
203 | [ "OFBMCT128", "fips_aesavs -f" ], | ||
204 | [ "OFBMCT192", "fips_aesavs -f" ], | ||
205 | [ "OFBMCT256", "fips_aesavs -f" ], | ||
206 | [ "OFBMMT128", "fips_aesavs -f" ], | ||
207 | [ "OFBMMT192", "fips_aesavs -f" ], | ||
208 | [ "OFBMMT256", "fips_aesavs -f" ], | ||
209 | [ "OFBVarKey128", "fips_aesavs -f" ], | ||
210 | [ "OFBVarKey192", "fips_aesavs -f" ], | ||
211 | [ "OFBVarKey256", "fips_aesavs -f" ], | ||
212 | [ "OFBVarTxt128", "fips_aesavs -f" ], | ||
213 | [ "OFBVarTxt192", "fips_aesavs -f" ], | ||
214 | [ "OFBVarTxt256", "fips_aesavs -f" ] | ||
215 | |||
216 | ); | ||
217 | |||
218 | my @fips_aes_cfb1_test_list = ( | ||
219 | |||
220 | # AES CFB1 tests | ||
221 | |||
222 | [ "CFB1GFSbox128", "fips_aesavs -f" ], | ||
223 | [ "CFB1GFSbox192", "fips_aesavs -f" ], | ||
224 | [ "CFB1GFSbox256", "fips_aesavs -f" ], | ||
225 | [ "CFB1KeySbox128", "fips_aesavs -f" ], | ||
226 | [ "CFB1KeySbox192", "fips_aesavs -f" ], | ||
227 | [ "CFB1KeySbox256", "fips_aesavs -f" ], | ||
228 | [ "CFB1MCT128", "fips_aesavs -f" ], | ||
229 | [ "CFB1MCT192", "fips_aesavs -f" ], | ||
230 | [ "CFB1MCT256", "fips_aesavs -f" ], | ||
231 | [ "CFB1MMT128", "fips_aesavs -f" ], | ||
232 | [ "CFB1MMT192", "fips_aesavs -f" ], | ||
233 | [ "CFB1MMT256", "fips_aesavs -f" ], | ||
234 | [ "CFB1VarKey128", "fips_aesavs -f" ], | ||
235 | [ "CFB1VarKey192", "fips_aesavs -f" ], | ||
236 | [ "CFB1VarKey256", "fips_aesavs -f" ], | ||
237 | [ "CFB1VarTxt128", "fips_aesavs -f" ], | ||
238 | [ "CFB1VarTxt192", "fips_aesavs -f" ], | ||
239 | [ "CFB1VarTxt256", "fips_aesavs -f" ] | ||
240 | |||
241 | ); | ||
242 | |||
243 | # Triple DES tests | ||
244 | |||
245 | my @fips_des3_test_list = ( | ||
246 | |||
247 | "Triple DES", | ||
248 | |||
249 | [ "TCBCinvperm", "fips_desmovs -f" ], | ||
250 | [ "TCBCMMT1", "fips_desmovs -f" ], | ||
251 | [ "TCBCMMT2", "fips_desmovs -f" ], | ||
252 | [ "TCBCMMT3", "fips_desmovs -f" ], | ||
253 | [ "TCBCMonte1", "fips_desmovs -f" ], | ||
254 | [ "TCBCMonte2", "fips_desmovs -f" ], | ||
255 | [ "TCBCMonte3", "fips_desmovs -f" ], | ||
256 | [ "TCBCpermop", "fips_desmovs -f" ], | ||
257 | [ "TCBCsubtab", "fips_desmovs -f" ], | ||
258 | [ "TCBCvarkey", "fips_desmovs -f" ], | ||
259 | [ "TCBCvartext", "fips_desmovs -f" ], | ||
260 | [ "TCFB64invperm", "fips_desmovs -f" ], | ||
261 | [ "TCFB64MMT1", "fips_desmovs -f" ], | ||
262 | [ "TCFB64MMT2", "fips_desmovs -f" ], | ||
263 | [ "TCFB64MMT3", "fips_desmovs -f" ], | ||
264 | [ "TCFB64Monte1", "fips_desmovs -f" ], | ||
265 | [ "TCFB64Monte2", "fips_desmovs -f" ], | ||
266 | [ "TCFB64Monte3", "fips_desmovs -f" ], | ||
267 | [ "TCFB64permop", "fips_desmovs -f" ], | ||
268 | [ "TCFB64subtab", "fips_desmovs -f" ], | ||
269 | [ "TCFB64varkey", "fips_desmovs -f" ], | ||
270 | [ "TCFB64vartext", "fips_desmovs -f" ], | ||
271 | [ "TCFB8invperm", "fips_desmovs -f" ], | ||
272 | [ "TCFB8MMT1", "fips_desmovs -f" ], | ||
273 | [ "TCFB8MMT2", "fips_desmovs -f" ], | ||
274 | [ "TCFB8MMT3", "fips_desmovs -f" ], | ||
275 | [ "TCFB8Monte1", "fips_desmovs -f" ], | ||
276 | [ "TCFB8Monte2", "fips_desmovs -f" ], | ||
277 | [ "TCFB8Monte3", "fips_desmovs -f" ], | ||
278 | [ "TCFB8permop", "fips_desmovs -f" ], | ||
279 | [ "TCFB8subtab", "fips_desmovs -f" ], | ||
280 | [ "TCFB8varkey", "fips_desmovs -f" ], | ||
281 | [ "TCFB8vartext", "fips_desmovs -f" ], | ||
282 | [ "TECBinvperm", "fips_desmovs -f" ], | ||
283 | [ "TECBMMT1", "fips_desmovs -f" ], | ||
284 | [ "TECBMMT2", "fips_desmovs -f" ], | ||
285 | [ "TECBMMT3", "fips_desmovs -f" ], | ||
286 | [ "TECBMonte1", "fips_desmovs -f" ], | ||
287 | [ "TECBMonte2", "fips_desmovs -f" ], | ||
288 | [ "TECBMonte3", "fips_desmovs -f" ], | ||
289 | [ "TECBpermop", "fips_desmovs -f" ], | ||
290 | [ "TECBsubtab", "fips_desmovs -f" ], | ||
291 | [ "TECBvarkey", "fips_desmovs -f" ], | ||
292 | [ "TECBvartext", "fips_desmovs -f" ], | ||
293 | [ "TOFBinvperm", "fips_desmovs -f" ], | ||
294 | [ "TOFBMMT1", "fips_desmovs -f" ], | ||
295 | [ "TOFBMMT2", "fips_desmovs -f" ], | ||
296 | [ "TOFBMMT3", "fips_desmovs -f" ], | ||
297 | [ "TOFBMonte1", "fips_desmovs -f" ], | ||
298 | [ "TOFBMonte2", "fips_desmovs -f" ], | ||
299 | [ "TOFBMonte3", "fips_desmovs -f" ], | ||
300 | [ "TOFBpermop", "fips_desmovs -f" ], | ||
301 | [ "TOFBsubtab", "fips_desmovs -f" ], | ||
302 | [ "TOFBvarkey", "fips_desmovs -f" ], | ||
303 | [ "TOFBvartext", "fips_desmovs -f" ] | ||
304 | |||
305 | ); | ||
306 | |||
307 | # Verification special cases. | ||
308 | # In most cases the output of a test is deterministic and | ||
309 | # it can be compared to a known good result. A few involve | ||
310 | # the genration and use of random keys and the output will | ||
311 | # be different each time. In thoses cases we perform special tests | ||
312 | # to simply check their consistency. For example signature generation | ||
313 | # output will be run through signature verification to see if all outputs | ||
314 | # show as valid. | ||
315 | # | ||
316 | |||
317 | my %verify_special = ( | ||
318 | "PQGGen" => "fips_dssvs pqgver", | ||
319 | "KeyPair" => "fips_dssvs keyver", | ||
320 | "SigGen" => "fips_dssvs sigver", | ||
321 | "SigGen15" => "fips_rsavtest", | ||
322 | "SigGenRSA" => "fips_rsavtest -x931", | ||
323 | "SigGenPSS(0)" => "fips_rsavtest -saltlen 0", | ||
324 | "SigGenPSS(62)" => "fips_rsavtest -saltlen 62", | ||
325 | ); | ||
326 | |||
327 | my $win32 = $^O =~ m/mswin/i; | ||
328 | my $onedir = 0; | ||
329 | my $filter = ""; | ||
330 | my $tvdir; | ||
331 | my $tprefix; | ||
332 | my $shwrap_prefix; | ||
333 | my $debug = 0; | ||
334 | my $quiet = 0; | ||
335 | my $notest = 0; | ||
336 | my $verify = 1; | ||
337 | my $rspdir = "rsp"; | ||
338 | my $ignore_missing = 0; | ||
339 | my $ignore_bogus = 0; | ||
340 | my $bufout = ''; | ||
341 | my $list_tests = 0; | ||
342 | |||
343 | my %fips_enabled = ( | ||
344 | dsa => 1, | ||
345 | rsa => 1, | ||
346 | "rsa-pss0" => 0, | ||
347 | "rsa-pss62" => 1, | ||
348 | sha => 1, | ||
349 | hmac => 1, | ||
350 | "rand-aes" => 1, | ||
351 | "rand-des2" => 0, | ||
352 | aes => 1, | ||
353 | "aes-cfb1" => 0, | ||
354 | des3 => 1 | ||
355 | ); | ||
356 | |||
357 | foreach (@ARGV) { | ||
358 | if ( $_ eq "--win32" ) { | ||
359 | $win32 = 1; | ||
360 | } | ||
361 | elsif ( $_ eq "--onedir" ) { | ||
362 | $onedir = 1; | ||
363 | } | ||
364 | elsif ( $_ eq "--debug" ) { | ||
365 | $debug = 1; | ||
366 | } | ||
367 | elsif ( $_ eq "--ignore-missing" ) { | ||
368 | $ignore_missing = 1; | ||
369 | } | ||
370 | elsif ( $_ eq "--ignore-bogus" ) { | ||
371 | $ignore_bogus = 1; | ||
372 | } | ||
373 | elsif ( $_ eq "--generate" ) { | ||
374 | $verify = 0; | ||
375 | } | ||
376 | elsif ( $_ eq "--notest" ) { | ||
377 | $notest = 1; | ||
378 | } | ||
379 | elsif ( $_ eq "--quiet" ) { | ||
380 | $quiet = 1; | ||
381 | } | ||
382 | elsif (/--dir=(.*)$/) { | ||
383 | $tvdir = $1; | ||
384 | } | ||
385 | elsif (/--rspdir=(.*)$/) { | ||
386 | $rspdir = $1; | ||
387 | } | ||
388 | elsif (/--tprefix=(.*)$/) { | ||
389 | $tprefix = $1; | ||
390 | } | ||
391 | elsif (/--shwrap_prefix=(.*)$/) { | ||
392 | $shwrap_prefix = $1; | ||
393 | } | ||
394 | elsif (/^--(enable|disable)-(.*)$/) { | ||
395 | if ( !exists $fips_enabled{$2} ) { | ||
396 | print STDERR "Unknown test $2\n"; | ||
397 | } | ||
398 | if ( $1 eq "enable" ) { | ||
399 | $fips_enabled{$2} = 1; | ||
400 | } | ||
401 | else { | ||
402 | $fips_enabled{$2} = 0; | ||
403 | } | ||
404 | } | ||
405 | elsif (/--filter=(.*)$/) { | ||
406 | $filter = $1; | ||
407 | } | ||
408 | elsif (/^--list-tests$/) { | ||
409 | $list_tests = 1; | ||
410 | } | ||
411 | else { | ||
412 | Help(); | ||
413 | exit(1); | ||
414 | } | ||
415 | } | ||
416 | |||
417 | my @fips_test_list; | ||
418 | |||
419 | push @fips_test_list, @fips_dsa_test_list if $fips_enabled{"dsa"}; | ||
420 | push @fips_test_list, @fips_rsa_test_list if $fips_enabled{"rsa"}; | ||
421 | push @fips_test_list, @fips_rsa_pss0_test_list if $fips_enabled{"rsa-pss0"}; | ||
422 | push @fips_test_list, @fips_rsa_pss62_test_list if $fips_enabled{"rsa-pss62"}; | ||
423 | push @fips_test_list, @fips_sha_test_list if $fips_enabled{"sha"}; | ||
424 | push @fips_test_list, @fips_hmac_test_list if $fips_enabled{"hmac"}; | ||
425 | push @fips_test_list, @fips_rand_aes_test_list if $fips_enabled{"rand-aes"}; | ||
426 | push @fips_test_list, @fips_rand_des2_test_list if $fips_enabled{"rand-des2"}; | ||
427 | push @fips_test_list, @fips_aes_test_list if $fips_enabled{"aes"}; | ||
428 | push @fips_test_list, @fips_aes_cfb1_test_list if $fips_enabled{"aes-cfb1"}; | ||
429 | push @fips_test_list, @fips_des3_test_list if $fips_enabled{"des3"}; | ||
430 | |||
431 | if ($list_tests) { | ||
432 | my ( $test, $en ); | ||
433 | print "=====TEST LIST=====\n"; | ||
434 | foreach $test ( sort keys %fips_enabled ) { | ||
435 | $en = $fips_enabled{$test}; | ||
436 | $test =~ tr/[a-z]/[A-Z]/; | ||
437 | printf "%-10s %s\n", $test, $en ? "enabled" : "disabled"; | ||
438 | } | ||
439 | exit(0); | ||
440 | } | ||
441 | |||
442 | foreach (@fips_test_list) { | ||
443 | next unless ref($_); | ||
444 | my $nm = $_->[0]; | ||
445 | $_->[2] = ""; | ||
446 | $_->[3] = ""; | ||
447 | print STDERR "Duplicate test $nm\n" if exists $fips_tests{$nm}; | ||
448 | $fips_tests{$nm} = $_; | ||
449 | } | ||
450 | |||
451 | $tvdir = "." unless defined $tvdir; | ||
452 | |||
453 | if ($win32) { | ||
454 | if ( !defined $tprefix ) { | ||
455 | if ($onedir) { | ||
456 | $tprefix = ".\\"; | ||
457 | } | ||
458 | else { | ||
459 | $tprefix = "..\\out32dll\\"; | ||
460 | } | ||
461 | } | ||
462 | } | ||
463 | else { | ||
464 | if ($onedir) { | ||
465 | $tprefix = "./" unless defined $tprefix; | ||
466 | $shwrap_prefix = "./" unless defined $shwrap_prefix; | ||
467 | } | ||
468 | else { | ||
469 | $tprefix = "../test/" unless defined $tprefix; | ||
470 | $shwrap_prefix = "../util/" unless defined $shwrap_prefix; | ||
471 | } | ||
472 | } | ||
473 | |||
474 | sanity_check_exe( $win32, $tprefix, $shwrap_prefix ); | ||
475 | |||
476 | my $cmd_prefix = $win32 ? "" : "${shwrap_prefix}shlib_wrap.sh "; | ||
477 | |||
478 | find_files( $filter, $tvdir ); | ||
479 | |||
480 | sanity_check_files(); | ||
481 | |||
482 | my ( $runerr, $cmperr, $cmpok, $scheckrunerr, $scheckerr, $scheckok, $skipcnt ) | ||
483 | = ( 0, 0, 0, 0, 0, 0, 0 ); | ||
484 | |||
485 | exit(0) if $notest; | ||
486 | |||
487 | run_tests( $verify, $win32, $tprefix, $filter, $tvdir ); | ||
488 | |||
489 | if ($verify) { | ||
490 | print "ALGORITHM TEST VERIFY SUMMARY REPORT:\n"; | ||
491 | print "Tests skipped due to missing files: $skipcnt\n"; | ||
492 | print "Algorithm test program execution failures: $runerr\n"; | ||
493 | print "Test comparisons successful: $cmpok\n"; | ||
494 | print "Test comparisons failed: $cmperr\n"; | ||
495 | print "Test sanity checks successful: $scheckok\n"; | ||
496 | print "Test sanity checks failed: $scheckerr\n"; | ||
497 | print "Sanity check program execution failures: $scheckrunerr\n"; | ||
498 | |||
499 | if ( $runerr || $cmperr || $scheckrunerr || $scheckerr ) { | ||
500 | print "***TEST FAILURE***\n"; | ||
501 | } | ||
502 | else { | ||
503 | print "***ALL TESTS SUCCESSFUL***\n"; | ||
504 | } | ||
505 | } | ||
506 | else { | ||
507 | print "ALGORITHM TEST SUMMARY REPORT:\n"; | ||
508 | print "Tests skipped due to missing files: $skipcnt\n"; | ||
509 | print "Algorithm test program execution failures: $runerr\n"; | ||
510 | |||
511 | if ($runerr) { | ||
512 | print "***TEST FAILURE***\n"; | ||
513 | } | ||
514 | else { | ||
515 | print "***ALL TESTS SUCCESSFUL***\n"; | ||
516 | } | ||
517 | } | ||
518 | |||
519 | #-------------------------------- | ||
520 | sub Help { | ||
521 | ( my $cmd ) = ( $0 =~ m#([^/]+)$# ); | ||
522 | print <<EOF; | ||
523 | $cmd: generate run CMVP algorithm tests | ||
524 | --debug Enable debug output | ||
525 | --dir=<dirname> Optional root for *.req file search | ||
526 | --filter=<regexp> | ||
527 | --onedir <dirname> Assume all components in current directory | ||
528 | --rspdir=<dirname> Name of subdirectories containing *.rsp files, default "resp" | ||
529 | --shwrap_prefix=<prefix> | ||
530 | --tprefix=<prefix> | ||
531 | --ignore-bogus Ignore duplicate or bogus files | ||
532 | --ignore-missing Ignore missing test files | ||
533 | --quiet Shhh.... | ||
534 | --generate Generate algorithm test output | ||
535 | --win32 Win32 environment | ||
536 | EOF | ||
537 | } | ||
538 | |||
539 | # Sanity check to see if all necessary executables exist | ||
540 | |||
541 | sub sanity_check_exe { | ||
542 | my ( $win32, $tprefix, $shwrap_prefix ) = @_; | ||
543 | my %exe_list; | ||
544 | my $bad = 0; | ||
545 | $exe_list{ $shwrap_prefix . "shlib_wrap.sh" } = 1 unless $win32; | ||
546 | foreach (@fips_test_list) { | ||
547 | next unless ref($_); | ||
548 | my $cmd = $_->[1]; | ||
549 | $cmd =~ s/ .*$//; | ||
550 | $cmd = $tprefix . $cmd; | ||
551 | $cmd .= ".exe" if $win32; | ||
552 | $exe_list{$cmd} = 1; | ||
553 | } | ||
554 | |||
555 | foreach ( sort keys %exe_list ) { | ||
556 | if ( !-f $_ ) { | ||
557 | print STDERR "ERROR: can't find executable $_\n"; | ||
558 | $bad = 1; | ||
559 | } | ||
560 | } | ||
561 | if ($bad) { | ||
562 | print STDERR "FATAL ERROR: executables missing\n"; | ||
563 | exit(1); | ||
564 | } | ||
565 | elsif ($debug) { | ||
566 | print STDERR "Executable sanity check passed OK\n"; | ||
567 | } | ||
568 | } | ||
569 | |||
570 | # Search for all request and response files | ||
571 | |||
572 | sub find_files { | ||
573 | my ( $filter, $dir ) = @_; | ||
574 | my ( $dirh, $testname ); | ||
575 | opendir( $dirh, $dir ); | ||
576 | while ( $_ = readdir($dirh) ) { | ||
577 | next if ( $_ eq "." || $_ eq ".." ); | ||
578 | $_ = "$dir/$_"; | ||
579 | if ( -f "$_" ) { | ||
580 | if (/\/([^\/]*)\.rsp$/) { | ||
581 | $testname = fix_pss( $1, $_ ); | ||
582 | if ( exists $fips_tests{$testname} ) { | ||
583 | if ( $fips_tests{$testname}->[3] eq "" ) { | ||
584 | $fips_tests{$testname}->[3] = $_; | ||
585 | } | ||
586 | else { | ||
587 | print STDERR | ||
588 | "WARNING: duplicate response file $_ for test $testname\n"; | ||
589 | $nbogus++; | ||
590 | } | ||
591 | } | ||
592 | else { | ||
593 | print STDERR "WARNING: bogus file $_\n"; | ||
594 | $nbogus++; | ||
595 | } | ||
596 | } | ||
597 | next unless /$filter.*\.req$/i; | ||
598 | if (/\/([^\/]*)\.req$/) { | ||
599 | $testname = fix_pss( $1, $_ ); | ||
600 | if ( exists $fips_tests{$testname} ) { | ||
601 | if ( $fips_tests{$testname}->[2] eq "" ) { | ||
602 | $fips_tests{$testname}->[2] = $_; | ||
603 | } | ||
604 | else { | ||
605 | print STDERR | ||
606 | "WARNING: duplicate request file $_ for test $testname\n"; | ||
607 | $nbogus++; | ||
608 | } | ||
609 | |||
610 | } | ||
611 | elsif ( !/SHAmix\.req$/ ) { | ||
612 | print STDERR "WARNING: unrecognized filename $_\n"; | ||
613 | $nbogus++; | ||
614 | } | ||
615 | } | ||
616 | } | ||
617 | elsif ( -d "$_" ) { | ||
618 | find_files( $filter, $_ ); | ||
619 | } | ||
620 | } | ||
621 | closedir($dirh); | ||
622 | } | ||
623 | |||
624 | sub fix_pss { | ||
625 | my ( $test, $path ) = @_; | ||
626 | my $sl = ""; | ||
627 | local $_; | ||
628 | if ( $test =~ /PSS/ ) { | ||
629 | open( IN, $path ) || die "Can't Open File $path"; | ||
630 | while (<IN>) { | ||
631 | if (/^\s*#\s*salt\s+len:\s+(\d+)\s*$/i) { | ||
632 | $sl = $1; | ||
633 | last; | ||
634 | } | ||
635 | } | ||
636 | close IN; | ||
637 | if ( $sl eq "" ) { | ||
638 | print STDERR "WARNING: No Salt length detected for file $path\n"; | ||
639 | } | ||
640 | else { | ||
641 | return $test . "($sl)"; | ||
642 | } | ||
643 | } | ||
644 | return $test; | ||
645 | } | ||
646 | |||
647 | sub sanity_check_files { | ||
648 | my $bad = 0; | ||
649 | foreach (@fips_test_list) { | ||
650 | next unless ref($_); | ||
651 | my ( $tst, $cmd, $req, $resp ) = @$_; | ||
652 | |||
653 | #print STDERR "FILES $tst, $cmd, $req, $resp\n"; | ||
654 | if ( $req eq "" ) { | ||
655 | print STDERR "WARNING: missing request file for $tst\n"; | ||
656 | $bad = 1; | ||
657 | next; | ||
658 | } | ||
659 | if ( $verify && $resp eq "" ) { | ||
660 | print STDERR "WARNING: no response file for test $tst\n"; | ||
661 | $bad = 1; | ||
662 | } | ||
663 | elsif ( !$verify && $resp ne "" ) { | ||
664 | print STDERR "WARNING: response file $resp will be overwritten\n"; | ||
665 | } | ||
666 | } | ||
667 | if ($bad) { | ||
668 | print STDERR "ERROR: test vector file set not complete\n"; | ||
669 | exit(1) unless $ignore_missing; | ||
670 | } | ||
671 | if ($nbogus) { | ||
672 | print STDERR | ||
673 | "ERROR: $nbogus bogus or duplicate request and response files\n"; | ||
674 | exit(1) unless $ignore_bogus; | ||
675 | } | ||
676 | if ( $debug && !$nbogus && !$bad ) { | ||
677 | print STDERR "test vector file set complete\n"; | ||
678 | } | ||
679 | } | ||
680 | |||
681 | sub run_tests { | ||
682 | my ( $verify, $win32, $tprefix, $filter, $tvdir ) = @_; | ||
683 | my ( $tname, $tref ); | ||
684 | my $bad = 0; | ||
685 | foreach (@fips_test_list) { | ||
686 | if ( !ref($_) ) { | ||
687 | print "Running $_ tests\n" unless $quiet; | ||
688 | next; | ||
689 | } | ||
690 | my ( $tname, $tcmd, $req, $rsp ) = @$_; | ||
691 | my $out = $rsp; | ||
692 | if ($verify) { | ||
693 | $out =~ s/\.rsp$/.tst/; | ||
694 | } | ||
695 | if ( $req eq "" ) { | ||
696 | print STDERR | ||
697 | "WARNING: Request file for $tname missing: test skipped\n"; | ||
698 | $skipcnt++; | ||
699 | next; | ||
700 | } | ||
701 | if ( $verify && $rsp eq "" ) { | ||
702 | print STDERR | ||
703 | "WARNING: Response file for $tname missing: test skipped\n"; | ||
704 | $skipcnt++; | ||
705 | next; | ||
706 | } | ||
707 | elsif ( !$verify ) { | ||
708 | if ( $rsp ne "" ) { | ||
709 | print STDERR "WARNING: Response file for $tname deleted\n"; | ||
710 | unlink $rsp; | ||
711 | } | ||
712 | $out = $req; | ||
713 | $out =~ s|/req/(\S+)\.req|/$rspdir/$1.rsp|; | ||
714 | my $outdir = $out; | ||
715 | $outdir =~ s|/[^/]*$||; | ||
716 | if ( !-d $outdir ) { | ||
717 | print STDERR "DEBUG: Creating directory $outdir\n" if $debug; | ||
718 | mkdir($outdir) || die "Can't create directory $outdir"; | ||
719 | } | ||
720 | } | ||
721 | my $cmd = "$cmd_prefix$tprefix$tcmd "; | ||
722 | if ( $tcmd =~ /-f$/ ) { | ||
723 | $cmd .= "$req $out"; | ||
724 | } | ||
725 | else { | ||
726 | $cmd .= "<$req >$out"; | ||
727 | } | ||
728 | print STDERR "DEBUG: running test $tname\n" if ( $debug && !$verify ); | ||
729 | system($cmd); | ||
730 | if ( $? != 0 ) { | ||
731 | print STDERR | ||
732 | "WARNING: error executing test $tname for command: $cmd\n"; | ||
733 | $runerr++; | ||
734 | next; | ||
735 | } | ||
736 | if ($verify) { | ||
737 | if ( exists $verify_special{$tname} ) { | ||
738 | my $vout = $rsp; | ||
739 | $vout =~ s/\.rsp$/.ver/; | ||
740 | $tcmd = $verify_special{$tname}; | ||
741 | $cmd = "$cmd_prefix$tprefix$tcmd "; | ||
742 | $cmd .= "<$out >$vout"; | ||
743 | system($cmd); | ||
744 | if ( $? != 0 ) { | ||
745 | print STDERR | ||
746 | "WARNING: error executing verify test $tname $cmd\n"; | ||
747 | $scheckrunerr++; | ||
748 | next; | ||
749 | } | ||
750 | my ( $fcount, $pcount ) = ( 0, 0 ); | ||
751 | open VER, "$vout"; | ||
752 | while (<VER>) { | ||
753 | if (/^Result\s*=\s*(\S*)\s*$/i) | ||
754 | |||
755 | { | ||
756 | if ( $1 eq "F" ) { | ||
757 | $fcount++; | ||
758 | } | ||
759 | else { | ||
760 | $pcount++; | ||
761 | } | ||
762 | } | ||
763 | } | ||
764 | close VER; | ||
765 | |||
766 | unlink $vout; | ||
767 | if ( $fcount || $debug ) { | ||
768 | print STDERR "DEBUG: $tname, Pass=$pcount, Fail=$fcount\n"; | ||
769 | } | ||
770 | if ( $fcount || !$pcount ) { | ||
771 | $scheckerr++; | ||
772 | } | ||
773 | else { | ||
774 | $scheckok++; | ||
775 | } | ||
776 | |||
777 | } | ||
778 | elsif ( !cmp_file( $tname, $rsp, $out ) ) { | ||
779 | $cmperr++; | ||
780 | } | ||
781 | else { | ||
782 | $cmpok++; | ||
783 | } | ||
784 | unlink $out; | ||
785 | } | ||
786 | } | ||
787 | } | ||
788 | |||
789 | sub cmp_file { | ||
790 | my ( $tname, $rsp, $tst ) = @_; | ||
791 | my ( $rspf, $tstf ); | ||
792 | my ( $rspline, $tstline ); | ||
793 | if ( !open( $rspf, $rsp ) ) { | ||
794 | print STDERR "ERROR: can't open request file $rsp\n"; | ||
795 | return 0; | ||
796 | } | ||
797 | if ( !open( $tstf, $tst ) ) { | ||
798 | print STDERR "ERROR: can't open output file $tst\n"; | ||
799 | return 0; | ||
800 | } | ||
801 | for ( ; ; ) { | ||
802 | $rspline = next_line($rspf); | ||
803 | $tstline = next_line($tstf); | ||
804 | if ( !defined($rspline) && !defined($tstline) ) { | ||
805 | print STDERR "DEBUG: $tname file comparison OK\n" if $debug; | ||
806 | return 1; | ||
807 | } | ||
808 | if ( !defined($rspline) ) { | ||
809 | print STDERR "ERROR: $tname EOF on $rspf\n"; | ||
810 | return 0; | ||
811 | } | ||
812 | if ( !defined($tstline) ) { | ||
813 | print STDERR "ERROR: $tname EOF on $tstf\n"; | ||
814 | return 0; | ||
815 | } | ||
816 | |||
817 | # Workaround for bug in RAND des2 test output */ | ||
818 | if ( $tstline =~ /^Key2 =/ && $rspline =~ /^Key1 =/ ) { | ||
819 | $rspline =~ s/^Key1/Key2/; | ||
820 | } | ||
821 | |||
822 | if ( $tstline ne $rspline ) { | ||
823 | print STDERR "ERROR: $tname mismatch:\n"; | ||
824 | print STDERR "\t $tstline != $rspline\n"; | ||
825 | return 0; | ||
826 | } | ||
827 | } | ||
828 | return 1; | ||
829 | } | ||
830 | |||
831 | sub next_line { | ||
832 | my ($in) = @_; | ||
833 | |||
834 | while (<$in>) { | ||
835 | chomp; | ||
836 | |||
837 | # Delete comments | ||
838 | s/#.*$//; | ||
839 | |||
840 | # Ignore blank lines | ||
841 | next if (/^\s*$/); | ||
842 | |||
843 | # Translate multiple space into one | ||
844 | s/\s+/ /g; | ||
845 | return $_; | ||
846 | } | ||
847 | return undef; | ||
848 | } | ||