wycheproof tests

author: Karel Miko <karel.miko@gmail.com> 2017-09-15 13:11:34 +0200
committer: Karel Miko <karel.miko@gmail.com> 2017-09-15 13:11:34 +0200
commit: 7e15d5deed7c7f1bad18671a663abafebe980015 (patch)
tree: 41a05f3b4fada5f1271f8d72c33541f8ec66d0ab /t/wycheproof.t
parent: 54ce0c0788ce88af2037e7f163a7a6c872a7b09e (diff)
1 files changed, 247 insertions, 0 deletions
diff --git a/t/wycheproof.t b/t/wycheproof.t
new file mode 100644
index 00000000..0782d032
--- /dev/null
+++ b/t/wycheproof.t
@@ -0,0 +1,247 @@
+# rebuild:
+# rm -f src/liballinone.a && touch CryptX.xs && make && perl -Mblib t/wycheproof.t
+
+use strict;
+use warnings;
+
+use Test::More;
+
+plan skip_all => "No JSON::* module installed" unless eval { require JSON::PP } || eval { require JSON::XS } || eval { require Cpanel::JSON::XS };
+plan tests => 762;
+
+use CryptX;
+use Crypt::Misc 'read_rawfile';
+
+if (1) {
+  use Crypt::AuthEnc::GCM qw(gcm_encrypt_authenticate gcm_decrypt_verify);
+
+  my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/aes_gcm_test.json';
+  for my $g (@{$tests->{testGroups}}) {
+    my $type    = $g->{type};
+    for my $t (@{$g->{tests}}) {
+      my $tcId    = $t->{tcId};           # 1
+      my $comment = $t->{comment};        # ""
+      my $result  = $t->{result};         # "valid"
+      my $aad     = pack "H*", $t->{aad}; # "6578616d706c65"
+      my $ct      = pack "H*", $t->{ct};  # "5d349ead175ef6b1def6fd"
+      my $iv      = pack "H*", $t->{iv};  # "752abad3e0afb5f434dc4310"
+      my $key     = pack "H*", $t->{key}; # "ee8e1ed9ff2540ae8f2ba9f50bc2f27c"
+      my $msg     = pack "H*", $t->{msg}; # "48656c6c6f20776f726c64"
+      my $tag     = pack "H*", $t->{tag}; # "4fbcdeb7e4793f4a1d7e4faa70100af1"
+      # do the test
+      my ($ct2, $tag2) = eval { gcm_encrypt_authenticate('AES', $key, $iv, $aad, $msg) };
+      my $pt2 = eval { gcm_decrypt_verify('AES', $key, $iv, $aad, $ct, $tag) };
+      my $testname = "type=$type tcId=$tcId comment='$comment' expected-result=$result";
+      if ($result eq 'valid') {
+        is(unpack("H*", $ct2),  $t->{ct},  "$testname CT-v");
+        is(unpack("H*", $tag2), $t->{tag}, "$testname TAG-v");
+        is(unpack("H*", $pt2),  $t->{msg}, "$testname PT-v");
+      }
+      elsif ($result eq 'invalid') {
+        #isnt(unpack("H*", $ct2),  $t->{ct},  "$testname CT-i");
+        #isnt(unpack("H*", $tag2), $t->{tag}, "$testname TAG-i");
+        is($pt2, undef, "$testname PT-i");
+      }
+      else {
+        ok(0, "UNEXPECTED result=$result");
+      }
+    }
+  }
+}
+
+if (1) {
+  use Crypt::PK::RSA;
+
+  my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/rsa_signature_test.json';
+  for my $g (@{$tests->{testGroups}}) {
+    my $type   = $g->{type};
+    my $keyDer = pack "H*", $g->{keyDer};
+    my $keyPem = $g->{keyPem};
+    my $sha    = $g->{sha};
+    $sha =~ s/-//g; # SHA-1 >> SHA1
+    ok(Crypt::PK::RSA->new( \$keyDer ), "Crypt::PK::RSA->new + DER type: $type/$sha");
+    ok(Crypt::PK::RSA->new( \$keyPem ), "Crypt::PK::RSA->new + PEM type: $type/$sha");
+    for my $t (@{$g->{tests}}) {
+      my $tcId    = $t->{tcId};
+      my $comment = $t->{comment};
+      my $result  = $t->{result};
+      my $message = pack "H*", $t->{message};
+      my $sig     = pack "H*", $t->{sig};
+      # do the test
+      my $testname = "type=$type/$sha tcId=$tcId comment='$comment' expected-result=$result";
+      my $pk = Crypt::PK::RSA->new( \$keyPem );
+      my $valid = $pk->verify_message($sig, $message, $sha,"v1.5");
+      if ($result eq 'valid' || $result eq 'acceptable') {
+        ok($valid, $testname);
+      }
+      elsif ($result eq 'invalid') {
+        ok(!$valid, $testname);
+      }
+      else {
+        ok(0, "UNEXPECTED result=$result");
+      }
+    }
+  }
+}
+
+if (1) {
+  use Crypt::PK::DSA;
+
+  my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/dsa_test.json';
+  for my $g (@{$tests->{testGroups}}) {
+    my $type   = $g->{type};   # "DSAVer"
+    my $keyDer = pack "H*", $g->{keyDer};
+    my $keyPem = $g->{keyPem};
+    my $sha    = $g->{sha};    # "SHA-1"
+    $sha =~ s/-//g; # SHA-1 >> SHA1
+    ok(Crypt::PK::DSA->new( \$keyDer ), "Crypt::PK::DSA->new + DER type=$type/$sha");
+    ok(Crypt::PK::DSA->new( \$keyPem ), "Crypt::PK::DSA->new + PEM type=$type/$sha");
+    for my $t (@{$g->{tests}}) {
+      my $tcId    = $t->{tcId};
+      my $comment = $t->{comment};
+      my $result  = $t->{result};
+      my $message = pack "H*", $t->{message};
+      my $sig     = pack "H*", $t->{sig};
+      # skip unsupported tests:
+      next if $tcId==12 && $result eq 'acceptable' && $comment eq "Legacy:ASN encoding of s misses leading 0";
+      next if $tcId==13 && $result eq 'acceptable' && $comment eq "BER:long form encoding of length";
+      next if $tcId==14 && $result eq 'acceptable' && $comment eq "BER:long form encoding of length";
+      next if $tcId==15 && $result eq 'acceptable' && $comment eq "BER:long form encoding of length";
+      next if $tcId==16 && $result eq 'acceptable' && $comment eq "BER:length contains leading 0";
+      next if $tcId==17 && $result eq 'acceptable' && $comment eq "BER:length contains leading 0";
+      next if $tcId==18 && $result eq 'acceptable' && $comment eq "BER:length contains leading 0";
+      next if $tcId==19 && $result eq 'acceptable' && $comment eq "BER:indefinite length";
+      next if $tcId==20 && $result eq 'acceptable' && $comment eq "BER:prepending 0's to integer";
+      next if $tcId==21 && $result eq 'acceptable' && $comment eq "BER:prepending 0's to integer";
+      # do the test
+      my $testname = "type=$type/$sha tcId=$tcId comment='$comment' expected-result=$result";
+      my $pk = Crypt::PK::DSA->new( \$keyPem );
+      my $valid = $pk->verify_message($sig, $message, $sha);
+      if ($result eq 'valid' || $result eq 'acceptable') {
+        ok($valid, $testname);
+      }
+      elsif ($result eq 'invalid') {
+        ok(!$valid, $testname);
+      }
+      else {
+        ok(0, "UNEXPECTED result=$result");
+      }
+    }
+  }
+}
+
+if (0) {
+  #XXX-TODO:
+  # not ok 749 - type=ECDSAVer/SHA256 tcId=50 comment='appending unused 0's' expected-result=invalid verify_message=1
+  # not ok 819 - type=ECDSAVer/SHA256 tcId=120 comment='Modified r or s, e.g. by adding or subtracting the order of the group' expected-result=invalid verify_message=1
+  # not ok 820 - type=ECDSAVer/SHA256 tcId=121 comment='Modified r or s, e.g. by adding or subtracting the order of the group' expected-result=invalid verify_message=1
+  # not ok 821 - type=ECDSAVer/SHA256 tcId=122 comment='Modified r or s, e.g. by adding or subtracting the order of the group' expected-result=invalid verify_message=1
+
+  use Crypt::PK::ECC;
+
+  my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/ecdsa_test.json';
+  for my $g (@{$tests->{testGroups}}) {
+    my $type   = $g->{type};
+    my $keyDer = pack "H*", $g->{keyDer};
+    my $keyPem = $g->{keyPem};
+    my $sha    = $g->{sha};
+    $sha =~ s/-//g; # SHA-1 >> SHA1
+    ok(Crypt::PK::ECC->new( \$keyDer ), "Crypt::PK::ECC->new + DER type=$type/$sha");
+    ok(Crypt::PK::ECC->new( \$keyPem ), "Crypt::PK::ECC->new + PEM type=$type/$sha");
+    for my $t (@{$g->{tests}}) {
+      my $tcId    = $t->{tcId};
+      my $comment = $t->{comment};
+      my $result  = $t->{result};
+      my $message = pack "H*", $t->{message};
+      my $sig     = pack "H*", $t->{sig};
+      # do the test
+      my $testname = "type=$type/$sha tcId=$tcId comment='$comment' expected-result=$result";
+      my $pk = Crypt::PK::ECC->new( \$keyPem );
+      my $valid = $pk->verify_message($sig, $message, $sha);
+      if ($result eq 'valid') {
+        ok($valid, "$testname verify_message=$valid");
+      }
+      elsif ($result eq 'acceptable') {
+        #XXX-TODO
+        #ok($valid, "$testname verify_message=$valid");
+      }
+      elsif ($result eq 'invalid') {
+        ok(!$valid, "$testname verify_message=$valid");
+      }
+      else {
+        ok(0, "UNEXPECTED result=$result");
+      }
+    }
+  }
+}
+
+if (0) {
+  use Crypt::PK::ECC;
+
+  my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/ecdsa_webcrypto_test.json';
+  for my $g (@{$tests->{testGroups}}) {
+    my $type   = $g->{type};
+    my $keyDer = pack "H*", $g->{keyDer};
+    my $keyPem = $g->{keyPem};
+    my $sha    = $g->{sha};
+    my $jwk    = $g->{jwk};
+    $sha =~ s/-//g; # SHA-1 >> SHA1
+    ok(Crypt::PK::ECC->new( \$keyDer ), "Crypt::PK::ECC->new + DER type=$type/$sha");
+    ok(Crypt::PK::ECC->new( \$keyPem ), "Crypt::PK::ECC->new + PEM type=$type/$sha");
+    ok(Crypt::PK::ECC->new( $jwk ),     "Crypt::PK::ECC->new + JWK type=$type/$sha");
+    for my $t (@{$g->{tests}}) {
+      my $tcId    = $t->{tcId};
+      my $comment = $t->{comment};
+      my $result  = $t->{result};
+      my $message = pack "H*", $t->{message};
+      my $sig     = pack "H*", $t->{sig};
+      # do the test
+      my $testname = "type=$type/$sha tcId=$tcId comment='$comment' expected-result=$result";
+      my $pk = Crypt::PK::ECC->new( \$keyPem );
+      my $valid = $pk->verify_message($sig, $message, $sha);
+      if ($result eq 'valid') {
+        ok($valid, "$testname verify_message=$valid");
+      }
+      elsif ($result eq 'acceptable') {
+        #XXX-TODO
+        #ok($valid, "$testname verify_message=$valid");
+      }
+      elsif ($result eq 'invalid') {
+        ok(!$valid, "$testname verify_message=$valid");
+      }
+      else {
+        ok(0, "UNEXPECTED result=$result");
+      }
+    }
+  }
+}
+
+if (1) {
+  use Crypt::PK::ECC;
+
+  my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/ecdh_webcrypto_test.json';
+  for my $g (@{$tests->{testGroups}}) {
+    my $type   = $g->{type};
+    for my $t (@{$g->{tests}}) {
+      my $tcId    = $t->{tcId};
+      my $comment = $t->{comment};
+      my $name    = $t->{name};
+      my $result  = $t->{result};
+      my $shared  = pack "H*", $t->{shared};
+      # do the test
+      my $testname = "type=$type/$name tcId=$tcId comment='$comment' expected-result=$result";
+      my $pub = Crypt::PK::ECC->new( $t->{public} );
+      my $pri = Crypt::PK::ECC->new( $t->{private} );
+      my $shared_hex = unpack "H*", $pri->shared_secret($pub);
+      if ($result eq 'valid' || $result eq 'acceptable') {
+        is($shared_hex, $t->{shared}, $testname);
+      }
+      elsif ($result eq 'invalid') {
+        isnt($shared_hex, $t->{shared}, $testname);
+      }
+      else {
+        ok(0, "UNEXPECTED result=$result");
+      }
+    }
+  }
+}
author	Karel Miko <karel.miko@gmail.com>	2017-09-15 13:11:34 +0200
committer	Karel Miko <karel.miko@gmail.com>	2017-09-15 13:11:34 +0200
commit	7e15d5deed7c7f1bad18671a663abafebe980015 (patch)
tree	41a05f3b4fada5f1271f8d72c33541f8ec66d0ab /t/wycheproof.t
parent	54ce0c0788ce88af2037e7f163a7a6c872a7b09e (diff)