XRootD
Loading...
Searching...
No Matches
XrdCryptotest.cc File Reference
#include <cstdio>
#include <cstdlib>
#include <cstring>
#include "XrdOuc/XrdOucString.hh"
#include "XrdSut/XrdSutAux.hh"
#include "XrdSut/XrdSutBucket.hh"
#include "XrdCrypto/XrdCryptoAux.hh"
#include "XrdCrypto/XrdCryptoFactory.hh"
#include "XrdCrypto/XrdCryptoCipher.hh"
#include "XrdCrypto/XrdCryptoMsgDigest.hh"
#include "XrdCrypto/XrdCryptoRSA.hh"
#include "XrdCrypto/XrdCryptoX509.hh"
Include dependency graph for XrdCryptotest.cc:

Go to the source code of this file.

Macros

#define PRINT(x)

Functions

int main (int argc, char **argv)

Variables

XrdCryptoFactorygCryptoFactory = 0

Macro Definition Documentation

◆ PRINT

#define PRINT ( x)
Value:
{std::cerr <<x <<std::endl;}

Definition at line 52 of file XrdCryptotest.cc.

Referenced by main().

Function Documentation

◆ main()

int main ( int argc,
char ** argv )

Definition at line 55 of file XrdCryptotest.cc.

56{
57 // Test implemented functionality
58 char cryptomod[64] = "ssl";
59 char outname[256] = {0};
60
61 //
62 // Set debug flags
65
66 //
67 // Determine application name
68 char *p = argv[0];
69 int k = strlen(argv[0]);
70 while (k--)
71 if (p[k] == '/') break;
72 strcpy(outname,p+k+1);
73
74 //
75 // Check/Use inputs
76 if(!argv[1]) {
77 printf("\n Usage: %s <crypto_module_name>\n",outname);
78 printf(" e.g. %s ssl\n",outname);
79 printf(" Assuming <crypto_module_name> = ssl\n\n");
80 } else {
81 strcpy(cryptomod,argv[1]);
82 }
83 bool local = !strcmp(cryptomod,"local");
84
85 //
86 // Load the crypto factory
88 PRINT(outname<<": cannot instantiate factory "<<cryptomod);
89 exit(1);
90 }
92
93 //
94 // Message Digest of a simple message
95 PRINT(outname<<": --------------------------------------------------- ");
96 PRINT(outname<<": Testing MD ... ");
97 XrdCryptoMsgDigest *MD_1 = gCryptoFactory->MsgDigest("md5");
98 if (MD_1) {
99 MD_1->Update("prova",strlen("prova"));
100 MD_1->Final();
101 // Check result
102 char MD5prova[128] = "189bbbb00c5f1fb7fba9ad9285f193d1";
103 if (strncmp(MD_1->AsHexString(),MD5prova,MD_1->Length())) {
104 PRINT(outname<<": MD mismatch: ");
105 PRINT(outname<<": got: "<<MD_1->AsHexString());
106 PRINT(outname<<": instead of: "<<MD5prova);
107 } else {
108 PRINT(outname<<": MD test OK ");
109 }
110 delete MD_1;
111 } else
112 PRINT(outname<<": MD object could not be instantiated: ");
113
114 //
115 // Instantiate a cipher
116 PRINT(outname<<": --------------------------------------------------- ");
117 PRINT(outname<<": Testing symmetric cipher ... ");
118 XrdCryptoCipher *BF_1 = gCryptoFactory->Cipher("bf-cbc");
119 if (BF_1) {
120 PRINT(outname<<": cipher length: "<<BF_1->Length());
121 PRINT(outname<<": cipher hex: "<<BF_1->AsHexString());
122 char tm_1[64] = "Test message for cipher - 001";
123 PRINT(outname<<": Test message: "<<tm_1);
124 int ltm_1 = strlen(tm_1);
125 char *tmp_1 = new char[BF_1->EncOutLength(ltm_1)];
126 if (tmp_1) {
127 int ltmp = BF_1->Encrypt(tm_1,ltm_1,tmp_1);
128 char tm_2[128] = {0};
129 XrdSutToHex(tmp_1,ltmp,&tm_2[0]);
130 PRINT(outname<<": cipher encrypted (hex):");
131 PRINT(tm_2);
132 char *tm_3 = new char[BF_1->DecOutLength(ltmp)];
133 int lfin = BF_1->Decrypt(tmp_1,ltmp,tm_3);
134 delete[] tmp_1;
135 if (tm_3) {
136 PRINT(outname<<": cipher decrypted: "<<tm_3);
137 if (strncmp(tm_1,tm_3,ltm_1)) {
138 PRINT(outname<<": symmetric cipher test failed: ");
139 PRINT(outname<<": got: "<<tm_3<<" ("<<lfin<<" bytes)");
140 PRINT(outname<<": instead of: "<<tm_1<<" ("<<ltm_1<<" bytes)");
141 } else {
142 PRINT(outname<<": symmetric cipher test OK ");
143 }
144 delete[] tm_3;
145 } else
146 PRINT(outname<<": cipher decryption failure");
147 } else
148 PRINT(outname<<": cipher encryption failure");
149
150 // Bucket encryption
151 PRINT(outname<<": testing bucket encryption");
152 XrdOucString Astr("TestBucket");
153 XrdSutBucket Bck0(Astr);
154 PRINT(outname<<": length of string: "<<Bck0.size);
155 XrdSutBucket Bck1(Astr);
156 int lo1 = BF_1->Encrypt(Bck1);
157 PRINT(outname<<": length of encryption: "<<lo1);
158 int lo2 = BF_1->Decrypt(Bck1);
159 PRINT(outname<<": length of decryption: "<<lo2);
160 if (Bck1 != Bck0) {
161 PRINT(outname<<": test bucket encryption failed: ");
162 PRINT(outname<<": got: "<<lo2<<" bytes)");
163 PRINT(outname<<": instead of: "<<lo1<<" bytes)");
164 } else {
165 PRINT(outname<<": test bucket encryption OK");
166 }
167
168 } else
169 PRINT(outname<<": cipher object could not be instantiated: ");
170
171 //
172 // Try KDFun ...
173 PRINT(outname<<": --------------------------------------------------- ");
174 PRINT(outname<<": Testing KDFun ... ");
176 if (KDFun) {
177 const char *pass = "pippo";
178 int plen = strlen(pass);
179 const char *salt = "$$10000$derek";
180 int slen = strlen(salt);
181 char key[128];
182 char KDFunprova[128] = {0};
183 bool matching = 0;
184 if (local) {
185 int klen = (*KDFun)(pass,plen,salt,slen,key,0);
186 PRINT(outname<<": key is: "<< key<< " ("<<klen<<" bytes)");
187 strcpy(KDFunprova,"igcdgcbcebkplgajngjkfjlbcbiponnkifmeafpdmglp"
188 "lnfkpkjgbmlgbnhehnec");
189 matching = !strncmp(key,KDFunprova,klen);
190 } else {
191 int klen = (*KDFun)(pass,plen,salt,slen,key,0);
192 char khex[2046] = {0};
193 int i = 0;
194 for(; i < klen; i++) sprintf(khex,"%s%02x",khex, 0xFF & key[i]);
195 PRINT(outname<<": key is: "<< khex<< " ("<<klen<<" bytes)");
196 strcpy(KDFunprova,"b8d309875d91b050eea1527d91559f6ffa023601da0976de");
197 matching = !strncmp(khex,KDFunprova,strlen(khex));
198 }
199 // Check result
200 if (!matching) {
201 PRINT(outname<<": KDFun mismatch: ");
202 PRINT(outname<<": key should have been: "<<KDFunprova);
203 } else {
204 PRINT(outname<<": KDFun test OK ");
205 }
206 } else
207 PRINT(outname<<": KDFun object could not be instantiated: ");
208
209 //
210 // Instantiate a RSA pair
211 PRINT(outname<<": --------------------------------------------------- ");
212 PRINT(outname<<": Testing RSA ... ");
213 XrdCryptoRSA *TestRSA_1 = gCryptoFactory->RSA(1024);
214 if (TestRSA_1) {
215 XrdCryptoRSA *CpyRSA = gCryptoFactory->RSA(*TestRSA_1);
216 if (CpyRSA)
217 CpyRSA->Dump();
218
219 char RSApubexp[4096];
220 TestRSA_1->ExportPublic(RSApubexp,4096);
221 PRINT(outname<<": public export:"<<std::endl<<RSApubexp);
222 PRINT(outname<<": The two printouts above should be equal");
223 PRINT(outname<<": --------------------------------------------------- ");
224 PRINT(outname<<": outlen : "<<TestRSA_1->GetPublen());
225 PRINT(outname<<": --------------------------------------------------- ");
226 char RSApriexp[4096];
227 TestRSA_1->ExportPrivate(RSApriexp,4096);
228 PRINT(outname<<": private export:"<<std::endl<<RSApriexp);
229 PRINT(outname<<": --------------------------------------------------- ");
230 PRINT(outname<<": outlen : "<<TestRSA_1->GetPrilen());
231 PRINT(outname<<": --------------------------------------------------- ");
232 PRINT(outname<<": --------------------------------------------------- ");
233 PRINT(outname<<": testing import/export ");
234 XrdCryptoRSA *TestRSA_2 = gCryptoFactory->RSA(1024);
235 TestRSA_2->ImportPublic(RSApubexp,strlen(RSApubexp));
236 TestRSA_2->ImportPrivate(RSApriexp,strlen(RSApriexp));
237
238 PRINT(outname<<": --------------------------------------------------- ");
239 char buf_1[128] = "Here I am ... in test";
240 int lin = strlen(buf_1);
241 char buf_2[4096];
242 PRINT(outname<<": encrypting (public): "<<buf_1<<" ("<<strlen(buf_1)<<" bytes)");
243 int lout1 = TestRSA_1->EncryptPublic(buf_1,strlen(buf_1),buf_2,512);
244 char buf_2_hex[4096];
245 XrdSutToHex(buf_2,lout1,buf_2_hex);
246 PRINT(outname<<": output has "<<lout1<<" bytes: here is its hex:");
247 PRINT(outname<<": "<<buf_2_hex);
248 char buf_3[4096];
249 PRINT(outname<<": decrypting (private): ("<<lout1<<" bytes)");
250 int lout2 = TestRSA_2->DecryptPrivate(buf_2,lout1,buf_3,512);
251 PRINT(outname<<": got: "<<buf_3<<" ("<<lout2<<" bytes)");
252 if (memcmp(buf_1,buf_3,lin)) {
253 PRINT(outname<<": RSA public enc / private dec mismatch: ");
254 PRINT(outname<<": got: "<<buf_3<<" ("<<lout2<<" bytes)");
255 PRINT(outname<<": instead of: "<<buf_1<<" ("<<strlen(buf_1)<<" bytes)");
256 } else if (lout2 > lin) {
257 PRINT(outname<<": RSA public enc / private dec length mismatch: ");
258 PRINT(outname<<": got: "<<lout2<<" instead of "<<lin);
259 int j = lin;
260 for (; j<lout2; j++) printf("%s: %d: 0x%x\n",outname,j,(int)buf_3[j]);
261 } else {
262 PRINT(outname<<": RSA public enc / private dec test OK ");
263 }
264 PRINT(outname<<": --------------------------------------------------- ");
265 PRINT(outname<<": encrypting (private): "<<buf_1<<" ("<<strlen(buf_1)<<" bytes)");
266 lout1 = TestRSA_1->EncryptPrivate(buf_1,strlen(buf_1),buf_2,512);
267 XrdSutToHex(buf_2,lout1,buf_2_hex);
268 PRINT(outname<<": output has "<<lout1<<" bytes: here is its hex:");
269 PRINT(outname<<": "<<buf_2_hex);
270 PRINT(outname<<": decrypting (public): ("<<lout1<<" bytes)");
271 lout2 = TestRSA_2->DecryptPublic(buf_2,lout1,buf_3,512);
272 PRINT(outname<<": got: "<<buf_3<<" ("<<lout2<<" bytes)");
273 if (memcmp(buf_1,buf_3,lin)) {
274 PRINT(outname<<": RSA private enc / public dec mismatch: ");
275 PRINT(outname<<": got: "<<buf_3<<" ("<<lout2<<" bytes)");
276 PRINT(outname<<": instead of: "<<buf_1<<" ("<<strlen(buf_1)<<" bytes)");
277 } else if (lout2 > lin) {
278 PRINT(outname<<": RSA private enc / public dec length mismatch: ");
279 PRINT(outname<<": got: "<<lout2<<" instead of "<<lin);
280 int j = lin;
281 for (; j<lout2; j++) printf("%s: %d: 0x%x\n",outname,j,(int)buf_3[j]);
282 } else {
283 PRINT(outname<<": RSA private enc / public dec test OK ");
284 }
285
286 // Bucket encryption
287 PRINT(outname<<": testing bucket RSA encryption");
288 XrdOucString Astr("TestBucket");
289 XrdSutBucket Bck0(Astr);
290 PRINT(outname<<": length of string: "<<Bck0.size);
291 XrdSutBucket Bck1(Astr);
292 int lo1 = TestRSA_1->EncryptPrivate(Bck1);
293 PRINT(outname<<": length of private encryption: "<<lo1);
294 int lo2 = TestRSA_1->DecryptPublic(Bck1);
295 PRINT(outname<<": length of public decryption: "<<lo2);
296 if (Bck1 != Bck0) {
297 PRINT(outname<<": test bucket RSA priv enc / pub dec failed: ");
298 PRINT(outname<<": got: "<<lo2<<" bytes)");
299 PRINT(outname<<": instead of: "<<lo1<<" bytes)");
300 } else {
301 PRINT(outname<<": test bucket RSA priv enc / pub dec OK");
302 }
303 XrdSutBucket Bck2(Astr);
304 lo1 = TestRSA_1->EncryptPublic(Bck2);
305 PRINT(outname<<": length of public encryption: "<<lo1);
306 lo2 = TestRSA_1->DecryptPrivate(Bck2);
307 PRINT(outname<<": length of private decryption: "<<lo2);
308 if (Bck2 != Bck0) {
309 PRINT(outname<<": test bucket RSA pub enc / priv dec failed: ");
310 PRINT(outname<<": got: "<<lo2<<" bytes)");
311 PRINT(outname<<": instead of: "<<lo1<<" bytes)");
312 } else {
313 PRINT(outname<<": test bucket RSA pub enc / priv dec OK");
314 }
315
316 delete TestRSA_1;
317#if 0
318 PRINT(outname<<": --------------------------------------------------- ");
319 // repeat 1000 times
320 DebugON = 0;
321 bool match = 1;
322 int i = 0;
323 for (; i<1000; i++) {
324
325 TestRSA_1 = gCryptoFactory->RSA(2048);
326
327 lout1 = TestRSA_1->EncryptPrivate(buf_1,strlen(buf_1),buf_2,4096);
328 lout2 = TestRSA_1->DecryptPublic(buf_2,lout1,buf_3,4096);
329 if (memcmp(buf_1,buf_3,lin)) {
330 PRINT(outname<<": RSA private enc / public dec mismatch: "<<i);
331 PRINT(outname<<": got: "<<buf_3<<" ("<<lout2<<" bytes)");
332 PRINT(outname<<": instead of: "<<buf_1<<" ("<<strlen(buf_1)<<" bytes)");
333 } else if (lout2 > lin) {
334 PRINT(outname<<": RSA private enc / public dec length mismatch: "<<i);
335 PRINT(outname<<": got: "<<lout2<<" instead of "<<lin);
336 int j = lin;
337 for (; j<lout2; j++) printf("%s: %d: 0x%x\n",outname,j,(int)buf_3[j]);
338 }
339 delete TestRSA_1;
340
341 if (i && !(i % 10)) PRINT(outname<<": done "<<i);
342 }
343#endif
344 } else
345 PRINT(outname<<": RSA object could not be instantiated: ");
346
347 //
348 // Test key agreement
349 PRINT(outname<<": --------------------------------------------------- ");
350 PRINT(outname<<": Testing key agreement for ciphers ... ");
351 // Get first cipher
352 char *bp1 = 0;
353 int lp1 = 0;
354 PRINT(outname<<": CF_1: prepare ...");
355 XrdCryptoCipher *CF_1 = gCryptoFactory->Cipher(0,0,0);
356 if (CF_1 && CF_1->IsValid()) {
357 // Get public part and save it to a buffer
358 if (!(bp1 = CF_1->Public(lp1))) {
359 PRINT(outname<<": CF_1 cipher: problems getting public part ");
360 exit(1);
361 }
362 } else {
363 PRINT(outname<<": CF_1 cipher object could not be instantiated: ");
364 }
365 // Get a third cipher directly from constructor
366 char *bp3 = 0;
367 int lp3 = 0;
368 PRINT(outname<<": CF_3: instantiate ... with pub");
369 if (!local)
370 PRINT(bp1);
371 XrdCryptoCipher *CF_3 = gCryptoFactory->Cipher(0,bp1,lp1);
372 if (CF_3 && CF_3->IsValid()) {
373 // Get public part and save it to a buffer
374 if (!(bp3 = CF_3->Public(lp3))) {
375 PRINT(outname<<": CF_3 cipher: problems getting public part ");
376 exit(1);
377 }
378 } else {
379 PRINT(outname<<": CF_3 cipher object could not be instantiated: ");
380 }
381 // Complete initialization
382 if (CF_1 && CF_1->IsValid() && bp3) {
383 PRINT(outname<<": CF_1: finalize ... with pub");
384 if (!local)
385 PRINT(bp3);
386 CF_1->Finalize(bp3,lp3,"default");
387 } else {
388 PRINT(outname<<": CF_1 cipher object could not be finalized ");
389 }
390 // Test matching now
391 if (CF_1 && CF_1->IsValid() && CF_3 && CF_3->IsValid()) {
392 char chex[128] = {0};
393 XrdSutToHex(CF_1->Buffer(),CF_1->Length(),&chex[0]);
394 PRINT(outname<<": cipher 1 encrypted (hex):");
395 PRINT(chex);
396 PRINT(outname<<": cipher 1 used length: "<<CF_1->Length());
397 XrdSutToHex(CF_3->Buffer(),CF_3->Length(),&chex[0]);
398 PRINT(outname<<": cipher 3 encrypted (hex):");
399 PRINT(chex);
400 PRINT(outname<<": cipher 3 used length: "<<CF_3->Length());
401 if (CF_1->Length() == CF_3->Length()) {
402 if (!memcmp(CF_1->Buffer(),CF_3->Buffer(),CF_3->Length())) {
403 PRINT(outname<<": ciphers match !");
404 } else {
405 PRINT(outname<<": ciphers DO NOT match !");
406 }
407 }
408 }
409
410 // Encryption
411 if (CF_1 && CF_1->IsValid() && CF_3 && CF_3->IsValid()) {
412 char tm_1[64] = "Test message for cipher - 001";
413 PRINT(outname<<": Test message: "<<tm_1);
414 int ltm_1 = strlen(tm_1);
415 char *tmp_1 = new char[CF_1->EncOutLength(ltm_1)];
416 if (tmp_1) {
417 int ltmp = CF_1->Encrypt(tm_1,ltm_1,tmp_1);
418 char tm_2[128] = {0};
419 XrdSutToHex(tmp_1,ltmp,&tm_2[0]);
420 PRINT(outname<<": cipher encrypted (hex):");
421 PRINT(tm_2);
422 char *tm_3 = new char[CF_3->DecOutLength(ltmp)+1];
423 int lfin = CF_3->Decrypt(tmp_1,ltmp,tm_3);
424 delete[] tmp_1;
425 if (tm_3) {
426 tm_3[lfin] = 0;
427 PRINT(outname<<": cipher decrypted: "<<tm_3);
428 if (strncmp(tm_1,tm_3,ltm_1)) {
429 PRINT(outname<<": symmetric cipher test failed: ");
430 PRINT(outname<<": got: "<<tm_3<<" ("<<lfin<<" bytes)");
431 PRINT(outname<<": instead of: "<<tm_1<<" ("<<ltm_1<<" bytes)");
432 } else {
433 PRINT(outname<<": symmetric cipher test OK ");
434 }
435 delete[] tm_3;
436 } else
437 PRINT(outname<<": cipher decryption failure");
438 } else
439 PRINT(outname<<": cipher encryption failure");
440 }
441
442 if (CF_1) delete CF_1;
443 if (CF_3) delete CF_3;
444
445 if (bp1) delete bp1;
446 if (bp3) delete bp3;
447
448
449 //
450 // Test X509 ...
451 if (gCryptoFactory->ID() == 1) {
452 PRINT(outname<<": --------------------------------------------------- ");
453 PRINT(outname<<": Testing X509 functionality ... ");
454 XrdCryptoX509 *x509 = gCryptoFactory->X509("/home/ganis/.globus/usercert.pem");
455 if (x509) {
456 x509->Dump();
457 }
458 }
459
460 PRINT(outname<<": --------------------------------------------------- ");
461 exit(0);
462}
void XrdCryptoSetTrace(kXR_int32 trace)
#define cryptoTRACE_Debug
int(* XrdCryptoKDFun_t)(const char *pass, int plen, const char *salt, int slen, char *key, int klen)
int DebugON
XrdCryptoFactory * gCryptoFactory
#define PRINT(x)
XrdCryptoKDFun_t KDFun
int XrdSutToHex(const char *in, int lin, char *out)
Definition XrdSutAux.cc:241
void XrdSutSetTrace(kXR_int32 trace)
Definition XrdSutAux.cc:93
#define sutTRACE_Debug
Definition XrdSutAux.hh:99
virtual int Length() const
virtual char * Buffer() const
virtual int Decrypt(const char *in, int lin, char *out)
virtual int DecOutLength(int l)
virtual int Encrypt(const char *in, int lin, char *out)
virtual char * Public(int &lpub)
virtual bool IsValid()
virtual int EncOutLength(int l)
virtual bool Finalize(bool padded, char *pub, int lpub, const char *t)
static XrdCryptoFactory * GetCryptoFactory(const char *factoryname)
virtual int Update(const char *b, int l)
virtual int ImportPublic(const char *in, int lin)
virtual int ExportPrivate(char *out, int lout)
virtual int EncryptPublic(const char *in, int lin, char *out, int lout)
virtual int EncryptPrivate(const char *in, int lin, char *out, int lout)
virtual int GetPublen()
virtual int ImportPrivate(const char *in, int lin)
virtual int DecryptPublic(const char *in, int lin, char *out, int lout)
virtual void Dump()
virtual int GetPrilen()
virtual int ExportPublic(char *out, int lout)
virtual int DecryptPrivate(const char *in, int lin, char *out, int lout)
virtual void Dump()

References XrdCryptoBasic::AsHexString(), XrdCryptoBasic::Buffer(), cryptoTRACE_Debug, DebugON, XrdCryptoCipher::DecOutLength(), XrdCryptoCipher::Decrypt(), XrdCryptoRSA::DecryptPrivate(), XrdCryptoRSA::DecryptPublic(), XrdCryptoRSA::Dump(), XrdCryptoX509::Dump(), XrdCryptoCipher::EncOutLength(), XrdCryptoCipher::Encrypt(), XrdCryptoRSA::EncryptPrivate(), XrdCryptoRSA::EncryptPublic(), XrdCryptoRSA::ExportPrivate(), XrdCryptoRSA::ExportPublic(), XrdCryptoMsgDigest::Final(), XrdCryptoCipher::Finalize(), gCryptoFactory, XrdCryptoFactory::GetCryptoFactory(), XrdCryptoRSA::GetPrilen(), XrdCryptoRSA::GetPublen(), XrdCryptoRSA::ImportPrivate(), XrdCryptoRSA::ImportPublic(), XrdCryptoCipher::IsValid(), KDFun, XrdCryptoBasic::Length(), PRINT, XrdCryptoCipher::Public(), XrdSutBucket::size, sutTRACE_Debug, XrdCryptoMsgDigest::Update(), XrdCryptoSetTrace(), XrdSutSetTrace(), and XrdSutToHex().

Here is the call graph for this function:

Variable Documentation

◆ gCryptoFactory

XrdCryptoFactory* gCryptoFactory = 0

Definition at line 53 of file XrdCryptotest.cc.

Referenced by Display(), and main().