diff --git a/cipher.cc b/cipher.cc index e2a01fb..ba574db 100644 --- a/cipher.cc +++ b/cipher.cc @@ -36,32 +36,13 @@ namespace test { namespace { -struct CipherInfo { - CK_KEY_TYPE keytype; - CK_MECHANISM_TYPE keygen; - CK_MECHANISM_TYPE mode; - int blocksize; - bool has_iv; - int keylen; -}; - -map kCipherInfo = { - {"DES-ECB", {CKK_DES, CKM_DES_KEY_GEN, CKM_DES_ECB, 8, false, -1}}, - {"DES-CBC", {CKK_DES, CKM_DES_KEY_GEN, CKM_DES_CBC, 8, true, -1}}, - {"3DES-ECB", {CKK_DES3, CKM_DES3_KEY_GEN, CKM_DES3_ECB, 8, false, -1}}, - {"3DES-CBC", {CKK_DES3, CKM_DES3_KEY_GEN, CKM_DES3_CBC, 8, true, -1}}, - {"IDEA-ECB", {CKK_IDEA, CKM_IDEA_KEY_GEN, CKM_IDEA_ECB, 8, false, -1}}, - {"IDEA-CBC", {CKK_IDEA, CKM_IDEA_KEY_GEN, CKM_IDEA_CBC, 8, true, -1}}, - {"AES-ECB", {CKK_AES, CKM_AES_KEY_GEN, CKM_AES_ECB, 16, false, 16}}, - {"AES-CBC", {CKK_AES, CKM_AES_KEY_GEN, CKM_AES_CBC, 16, true, 16}}, -}; - struct TestData { string key; // Hex string iv; // Hex string plaintext; // Hex string ciphertext; // Hex }; + map > kTestVectors = { { "DES-ECB", {{"8000000000000000", "", "0000000000000000", "95A8D72813DAA94D"}, {"4000000000000000", "", "0000000000000000", "0EEC1487DD8C26D5"}, }}, diff --git a/digest.cc b/digest.cc index 3f7e47f..8e1eda0 100644 --- a/digest.cc +++ b/digest.cc @@ -33,18 +33,6 @@ namespace pkcs11 { namespace test { namespace { -struct DigestInfo { - CK_MECHANISM_TYPE type; - int size; -}; - -map kDigestInfo = { - {"MD5", {CKM_MD5, 16}}, - {"SHA-1", {CKM_SHA_1, 20}}, - {"SHA-256", {CKM_SHA256, 256/8}}, - {"SHA-384", {CKM_SHA384, 384/8}}, - {"SHA-512", {CKM_SHA512, 512/8}}, -}; struct TestData { string input; // UTF-8 diff --git a/globals.cc b/globals.cc index 2bf3deb..b1b1930 100644 --- a/globals.cc +++ b/globals.cc @@ -29,6 +29,44 @@ const char* g_reset_user_pin = "12345678"; const char* g_so_pin = "sososo"; const char* g_reset_so_pin = "87654321"; +// Algorithm information. +std::map kHmacInfo = { + {"MD5-HMAC", {CKM_MD5_HMAC, 16}}, + {"SHA1-HMAC", {CKM_SHA_1_HMAC, 20}}, + {"SHA256-HMAC", {CKM_SHA256_HMAC, 256/8}}, + {"SHA384-HMAC", {CKM_SHA384_HMAC, 384/8}}, + {"SHA512-HMAC", {CKM_SHA512_HMAC, 512/8}}, +}; + +std::map kSignatureInfo = { + // CKM_RSA_PKCS has restrictions on data sizes (see PKCS#11 s12.1.6 table 37). + {"RSA", {CKM_RSA_PKCS, 64}}, + {"MD5-RSA", {CKM_MD5_RSA_PKCS, 1024}}, + {"SHA1-RSA", {CKM_SHA1_RSA_PKCS, 1024}}, + {"SHA256-RSA", {CKM_SHA256_RSA_PKCS, 1024}}, + {"SHA384-RSA", {CKM_SHA384_RSA_PKCS, 1024}}, + {"SHA512-RSA", {CKM_SHA512_RSA_PKCS, 1024}}, +}; + +std::map kCipherInfo = { + {"DES-ECB", {CKK_DES, CKM_DES_KEY_GEN, CKM_DES_ECB, 8, false, -1}}, + {"DES-CBC", {CKK_DES, CKM_DES_KEY_GEN, CKM_DES_CBC, 8, true, -1}}, + {"3DES-ECB", {CKK_DES3, CKM_DES3_KEY_GEN, CKM_DES3_ECB, 8, false, -1}}, + {"3DES-CBC", {CKK_DES3, CKM_DES3_KEY_GEN, CKM_DES3_CBC, 8, true, -1}}, + {"IDEA-ECB", {CKK_IDEA, CKM_IDEA_KEY_GEN, CKM_IDEA_ECB, 8, false, -1}}, + {"IDEA-CBC", {CKK_IDEA, CKM_IDEA_KEY_GEN, CKM_IDEA_CBC, 8, true, -1}}, + {"AES-ECB", {CKK_AES, CKM_AES_KEY_GEN, CKM_AES_ECB, 16, false, 16}}, + {"AES-CBC", {CKK_AES, CKM_AES_KEY_GEN, CKM_AES_CBC, 16, true, 16}}, +}; + +std::map kDigestInfo = { + {"MD5", {CKM_MD5, 16}}, + {"SHA-1", {CKM_SHA_1, 20}}, + {"SHA-256", {CKM_SHA256, 256/8}}, + {"SHA-384", {CKM_SHA384, 384/8}}, + {"SHA-512", {CKM_SHA512, 512/8}}, +}; + // PKCS#11 s12 table 34: Mechanisms vs. Functions std::set encrypt_decrypt_mechanisms = { CKM_RSA_PKCS, diff --git a/globals.h b/globals.h index 27eecc0..9da8cce 100644 --- a/globals.h +++ b/globals.h @@ -19,6 +19,7 @@ #include #include +#include namespace pkcs11 { namespace test { @@ -47,6 +48,36 @@ extern const char* g_reset_user_pin; // Security Officer PIN after token reset. Only used if (g_token_flags & CKF_LOGIN_REQUIRED). extern const char* g_reset_so_pin; +// Algorithm information. These tables are effectively const, but not marked as +// const so operator[] can be used for convenience. +struct HmacInfo { + CK_MECHANISM_TYPE hmac; + CK_ULONG mac_size; +}; +extern std::map kHmacInfo; + +struct SignatureInfo { + CK_MECHANISM_TYPE alg; + int max_data; +}; +extern std::map kSignatureInfo; + +struct CipherInfo { + CK_KEY_TYPE keytype; + CK_MECHANISM_TYPE keygen; + CK_MECHANISM_TYPE mode; + int blocksize; + bool has_iv; + int keylen; +}; +extern std::map kCipherInfo; + +struct DigestInfo { + CK_MECHANISM_TYPE type; + int size; +}; +extern std::map kDigestInfo; + // PKCS#11 mechanisms for encrypt/decrypt. extern std::set encrypt_decrypt_mechanisms; // PKCS#11 mechanisms for sign/verify. diff --git a/hmac.cc b/hmac.cc index 952109b..58e6e71 100644 --- a/hmac.cc +++ b/hmac.cc @@ -38,19 +38,6 @@ namespace test { namespace { -struct HmacInfo { - CK_MECHANISM_TYPE hmac; - CK_ULONG mac_size; -}; - -map kHmacInfo = { - {"MD5-HMAC", {CKM_MD5_HMAC, 16}}, - {"SHA1-HMAC", {CKM_SHA_1_HMAC, 20}}, - {"SHA256-HMAC", {CKM_SHA256_HMAC, 256/8}}, - {"SHA384-HMAC", {CKM_SHA384_HMAC, 384/8}}, - {"SHA512-HMAC", {CKM_SHA512_HMAC, 512/8}}, -}; - struct TestData { string key; // Hex string data; // Hex diff --git a/sign.cc b/sign.cc index eedbb47..ca80898 100644 --- a/sign.cc +++ b/sign.cc @@ -28,8 +28,6 @@ // C_VerifyRecover #include "pkcs11test.h" -#include - using namespace std; // So sue me namespace pkcs11 { @@ -37,35 +35,20 @@ namespace test { namespace { -struct HmacInfo { - CK_MECHANISM_TYPE hmac; - int max_data; -}; - -map kHmacInfo = { - // CKM_RSA_PKCS has restrictions on data sizes (see PKCS#11 s12.1.6 table 37). - {"RSA", {CKM_RSA_PKCS, 64}}, - {"MD5-RSA", {CKM_MD5_RSA_PKCS, 1024}}, - {"SHA1-RSA", {CKM_SHA1_RSA_PKCS, 1024}}, - {"SHA256-RSA", {CKM_SHA256_RSA_PKCS, 1024}}, - {"SHA384-RSA", {CKM_SHA384_RSA_PKCS, 1024}}, - {"SHA512-RSA", {CKM_SHA512_RSA_PKCS, 1024}}, -}; - class SignTest : public ReadOnlySessionTest, public ::testing::WithParamInterface { public: SignTest() - : info_(kHmacInfo[GetParam()]), + : info_(kSignatureInfo[GetParam()]), public_attrs_({CKA_VERIFY}), private_attrs_({CKA_SIGN}), keypair_(session_, public_attrs_, private_attrs_), datalen_(std::rand() % info_.max_data), data_(randmalloc(datalen_)), - mechanism_({info_.hmac, NULL_PTR, 0}) { + mechanism_({info_.alg, NULL_PTR, 0}) { } protected: - HmacInfo info_; + SignatureInfo info_; vector public_attrs_; vector private_attrs_; KeyPair keypair_;