Author: bh
Date: 2007-07-17 20:22:01 +0200 (Tue, 17 Jul 2007)
New Revision: 269
Added:
trunk/openvas-libnasl/test/
trunk/openvas-libnasl/test/Makefile
trunk/openvas-libnasl/test/test_blowfish.nasl
trunk/openvas-libnasl/test/test_bn.nasl
trunk/openvas-libnasl/test/test_dh.nasl
trunk/openvas-libnasl/test/test_dsa.nasl
trunk/openvas-libnasl/test/test_md.nasl
trunk/openvas-libnasl/test/test_privkey.nasl
trunk/openvas-libnasl/test/test_rsa.nasl
trunk/openvas-libnasl/test/testsuiteinit.nasl
trunk/openvas-libnasl/test/testsuitesummary.nasl
Modified:
trunk/openvas-libnasl/ChangeLog
Log:
Add a small test suite. For now it only covers the crypto
functions that were modified because the OpenSSL ->
GnuTLS/libgcrypt migration.
* test/Makefile: New. Makefile for the test suit. Run make check in
the test subdirectory to execute the test suite.
* test/test_blowfish.nasl, test/test_bn.nasl, test/test_dh.nasl,
test/test_dsa.nasl, test/test_md.nasl, test/test_privkey.nasl,
test/test_rsa.nasl: New. Tests for the test suite
* test/testsuiteinit.nasl, test/testsuitesummary.nasl:
New. Testsuite support code.
Modified: trunk/openvas-libnasl/ChangeLog
===================================================================
--- trunk/openvas-libnasl/ChangeLog 2007-07-17 13:57:49 UTC (rev 268)
+++ trunk/openvas-libnasl/ChangeLog 2007-07-17 18:22:01 UTC (rev 269)
@@ -1,5 +1,21 @@
2007-07-17 Bernhard Herzog <[EMAIL PROTECTED]>
+ Add a small test suite. For now it only covers the crypto
+ functions that were modified because the OpenSSL ->
+ GnuTLS/libgcrypt migration.
+
+ * test/Makefile: New. Makefile for the test suit. Run make check in
+ the test subdirectory to execute the test suite.
+
+ * test/test_blowfish.nasl, test/test_bn.nasl, test/test_dh.nasl,
+ test/test_dsa.nasl, test/test_md.nasl, test/test_privkey.nasl,
+ test/test_rsa.nasl: New. Tests for the test suite
+
+ * test/testsuiteinit.nasl, test/testsuitesummary.nasl:
+ New. Testsuite support code.
+
+2007-07-17 Bernhard Herzog <[EMAIL PROTECTED]>
+
* nasl/nasl_crypto2.c: Use GnuTLS/libgcrypt instead of OpenSSL.
Note the incompatible changes in rsa_sign and
verify_script_signature.
Added: trunk/openvas-libnasl/test/Makefile
===================================================================
--- trunk/openvas-libnasl/test/Makefile 2007-07-17 13:57:49 UTC (rev 268)
+++ trunk/openvas-libnasl/test/Makefile 2007-07-17 18:22:01 UTC (rev 269)
@@ -0,0 +1,9 @@
+TEST_SCRIPTS = test_bn.nasl test_md.nasl test_dh.nasl test_blowfish.nasl \
+ test_dsa.nasl test_privkey.nasl test_rsa.nasl
+
+check: testsuite
+ ../nasl/nasl -X testsuite
+
+testsuite: $(TEST_SCRIPTS) testsuiteinit.nasl testsuitesummary.nasl
+ cat testsuiteinit.nasl $(TEST_SCRIPTS) testsuitesummary.nasl > testsuite
+
Property changes on: trunk/openvas-libnasl/test/Makefile
___________________________________________________________________
Name: svn:eol-style
+ native
Added: trunk/openvas-libnasl/test/test_blowfish.nasl
===================================================================
--- trunk/openvas-libnasl/test/test_blowfish.nasl 2007-07-17 13:57:49 UTC
(rev 268)
+++ trunk/openvas-libnasl/test/test_blowfish.nasl 2007-07-17 18:22:01 UTC
(rev 269)
@@ -0,0 +1,51 @@
+function test_bf_cbc_encrypt(key, iv, data, expected_enc, expected_iv)
+{
+ local_var enc;
+
+ testcase_start("test_bf_cbc_encrypt");
+
+ enc = bf_cbc_encrypt(key:key, iv:iv, data:data);
+ if (enc[0] == expected_enc && hexstr(enc[1]) == expected_iv)
+ {
+ testcase_ok();
+ }
+ else
+ {
+ testcase_failed();
+ display(strcat("enc[0]=", hexstr(enc[0]), string("\n")));
+ display(strcat("enc[1]=", hexstr(enc[1]), string("\n")));
+ }
+}
+
+function test_bf_cbc_decrypt(key, iv, data, expected_dec, expected_iv)
+{
+ local_var dec;
+ testcase_start("test_bf_cbc_decrypt");
+
+ dec = bf_cbc_decrypt(key:key, iv:iv, data:data);
+ if (dec[0] == expected_dec && hexstr(dec[1]) == expected_iv)
+ {
+ testcase_ok();
+ }
+ else
+ {
+ testcase_failed();
+ display(strcat("dec[0]=", hexstr(dec[0]), string("\n")));
+ display(strcat("dec[1]=", hexstr(dec[1]), string("\n")));
+ }
+}
+
+clear_text = "abcdefghijklmnopabcdefghijklmnop";
+cipher_text = raw_string(0xf5, 0xd5, 0x88, 0x8e, 0x81, 0x40, 0xda, 0x9f,
+ 0x48, 0x50, 0x89, 0x87, 0xad, 0x45, 0x9e, 0x8f,
+ 0x1c, 0xe0, 0x1f, 0x0b, 0x0d, 0x7d, 0x68, 0x31,
+ 0x09, 0x44, 0xab, 0x3b, 0x17, 0x9d, 0x18, 0x15);
+
+test_bf_cbc_encrypt(key:"0123456789abcdef", iv:"00000000",
+ data:clear_text,
+ expected_enc:cipher_text,
+ expected_iv:"0944ab3b179d1815");
+test_bf_cbc_decrypt(key:"0123456789abcdef", iv:"00000000",
+ data:cipher_text,
+ expected_dec:clear_text,
+ expected_iv:"0944ab3b179d1815");
Added: trunk/openvas-libnasl/test/test_bn.nasl
===================================================================
--- trunk/openvas-libnasl/test/test_bn.nasl 2007-07-17 13:57:49 UTC (rev
268)
+++ trunk/openvas-libnasl/test/test_bn.nasl 2007-07-17 18:22:01 UTC (rev
269)
@@ -0,0 +1,46 @@
+function test_bn_random()
+{
+ testcase_start("test_bn_random");
+
+ data = bn_random(need:16);
+
+ # we cannot check the actual data because it's random. But we can
+ # check that we've got 2 bytes. The first byte of the string may be 0
+ # if the most significant bit would be set otherwise.
+ if (data[0] == string("\x00"))
+ data = substr(data, 1, 2);
+
+ if (strlen(data) == 2)
+ testcase_ok();
+ else
+ {
+ testcase_failed();
+ display("expected 2 bytes, got ", strlen(data),
+ " (hexdata=", hexstr(data), ")\n");
+ }
+}
+
+test_bn_random();
+
+function test_bn_cmp(a, b, expected)
+{
+ local_var result;
+
+ testcase_start(string("test_bn_cmp ", hexstr(a), ", ", hexstr(b)));
+
+ result = bn_cmp(key1:a, key2:b);
+
+ if (result == expected)
+ {
+ testcase_ok();
+ }
+ else
+ {
+ testcase_failed();
+ display("expected ", expected, ", got ", result, "\n");
+ }
+}
+
+test_bn_cmp(a:raw_string(0x00), b:raw_string(0x01), expected:-1);
+test_bn_cmp(a:raw_string(0x20), b:raw_string(0x20), expected:0);
+test_bn_cmp(a:raw_string(0x10, 0x20), b:raw_string(0x08, 0x20), expected:1);
Added: trunk/openvas-libnasl/test/test_dh.nasl
===================================================================
--- trunk/openvas-libnasl/test/test_dh.nasl 2007-07-17 13:57:49 UTC (rev
268)
+++ trunk/openvas-libnasl/test/test_dh.nasl 2007-07-17 18:22:01 UTC (rev
269)
@@ -0,0 +1,103 @@
+prime = raw_string(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
+ 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
+ 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
+ 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
+ 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+ 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+ 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
+ 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
+ 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
+ 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
+ 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+ 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
+ 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+ 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE6, 0x53, 0x81,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF);
+
+generator = raw_string(2);
+
+
+function test_dh_generate_key()
+{
+ local_var priv, pub, expected;
+
+ testcase_start("test_dh_generate_key");
+
+ # normally, this is a random string. For the test we use a fixed
+ # string to get predictable results.
+ priv = raw_string(0x51, 0x9a, 0xed, 0x06, 0xe4, 0x85, 0x1d, 0xe1,
+ 0x29, 0x7c, 0x57, 0xee, 0xbc, 0xf2, 0x14, 0x03,
+ 0x65, 0x86, 0x50, 0x9c, 0xdb, 0x6d, 0x35, 0xdc,
+ 0x0f, 0x32, 0x71, 0xff, 0xae, 0xe6, 0x1c, 0xc8,
+ 0xab, 0xa1, 0x92, 0x0b, 0xc9, 0xd4, 0xf8, 0x39);
+
+ pub = dh_generate_key(p:prime, g:generator, priv:priv);
+
+ expected = strcat("4979724ac0e28486dc6183f4acafa4c9",
+ "fc86ba515449fc23e411414865543197",
+ "6588771edfa0e00cede9b6a095a57b09",
+ "4e53fccc99737cdfd217be9186fa6a44",
+ "a4a8fc48227f6512ce8df0df87d23b81",
+ "14fa663c9e06f86c2be9d74ce59ceb61",
+ "23c0df1c7d77272aef9163c5ba170e4b",
+ "ddc150a86dfea26d864556c449450607");
+
+ if (expected == hexstr(pub))
+ testcase_ok();
+ else
+ testcase_failed();
+}
+
+
+test_dh_generate_key();
+
+
+
+function test_dh_compute_key()
+{
+ local_var client_pub, client_priv, server_pub, server_priv, shared, expected;
+
+ testcase_start("test_dh_compute_key");
+
+ # normally, this is a random string. For the test we use a fixed
+ # string to get predictable results.
+ server_priv = raw_string(0x00, 0x86, 0x14, 0x2d, 0xa9, 0xa3, 0x73, 0x46,
+ 0x3f, 0x89, 0x1c, 0x6d, 0xd3, 0x09, 0xe9, 0xfb,
+ 0x2e, 0x16, 0x52, 0x67, 0x59, 0xdb, 0x80, 0x22,
+ 0x8e, 0xab, 0x42, 0xe8, 0x21, 0x90, 0xcd, 0x78,
+ 0xb7, 0x7f, 0x3b, 0x8a, 0xf4, 0x27, 0x92, 0xd9,
+ 0xd2);
+ server_pub = dh_generate_key(p:prime, g:generator, priv:server_priv);
+
+ client_priv = raw_string(0x51, 0x9a, 0xed, 0x06, 0xe4, 0x85, 0x1d, 0xe1,
+ 0x29, 0x7c, 0x57, 0xee, 0xbc, 0xf2, 0x14, 0x03,
+ 0x65, 0x86, 0x50, 0x9c, 0xdb, 0x6d, 0x35, 0xdc,
+ 0x0f, 0x32, 0x71, 0xff, 0xae, 0xe6, 0x1c, 0xc8,
+ 0xab, 0xa1, 0x92, 0x0b, 0xc9, 0xd4, 0xf8, 0x39);
+
+ client_pub = dh_generate_key(p:prime, g:generator, priv:client_priv);
+
+ shared = dh_compute_key(p:prime, g:generator, dh_server_pub:server_pub,
+ pub_key:client_pub, priv_key:client_priv);
+
+ expected = strcat("677ce52a2a803bca17443b2e69a8add3",
+ "cc7c069eaea90ab7ed90af04d684ad55",
+ "9443f8db8163d4e112e91b2520bf138e",
+ "94863dacfc85efc5363a392540b5e070",
+ "a5c75da2119df9ab1c3219384ee37c32",
+ "d9f2deda3afba03571c74c987514e0e1",
+ "10f05678da23518d6d6359a8a74f2320",
+ "cab036b416ee4989fdd5a39ae40040d7");
+
+ if (expected == hexstr(shared))
+ testcase_ok();
+ else
+ {
+ testcase_failed();
+ display("shared=", hexstr(shared), "\n");
+ }
+}
+
+
+test_dh_compute_key();
Added: trunk/openvas-libnasl/test/test_dsa.nasl
===================================================================
--- trunk/openvas-libnasl/test/test_dsa.nasl 2007-07-17 13:57:49 UTC (rev
268)
+++ trunk/openvas-libnasl/test/test_dsa.nasl 2007-07-17 18:22:01 UTC (rev
269)
@@ -0,0 +1,133 @@
+# rsa key generated with ssh-keygen -t dsa -f keyfile
+dsa_key_plain = string(
+"-----BEGIN DSA PRIVATE KEY-----\n",
+"MIIBuwIBAAKBgQCWLwS7cJ59aAc12fY2ZDjEVB+NsDxoH+TpD+gzJx2sYJ4XqMkV\n",
+"DYdSMcZ9gaVyXE5cWDw152c01VkpEPt4rUFA9ZGGdrqIM6rLytMsBQioJNG/qrB+\n",
+"6wgPFEZafkoGXgM6eCs8jXDKCN6vcQq1ByovLDTEmvyqnQKoeDraQH/jpwIVAOzW\n",
+"fhGJLXSAAzYGVBxGKlATA681AoGAJn/oThmueo8LQ+yif3m5T09X5TJU5TtxD9wo\n",
+"TRw80c7AL59dTUsriDILVeo42jtCG/AmPgIZdxvIsCGPdOIFwpcppfxa/IC6jW4s\n",
+"pFp8/GSFmxhCSU7g3AnSJX/LQUWELcf9AZPT9ArMP7oy9QYYWmJrFyxaOjFQetid\n",
+"/qRnKfcCgYBeVrmBMRb99dxE2N6V/r/fwaK/WG05Tf1inXnh5lDRwAB0kOnoR2XW\n",
+"T26p7pEkrbCie0ylJho1K8TMqE5ZhMzhEY/iufZ0s7yS1iL4nioO8ETfCAjroeUr\n",
+"wr6JVtVZZ2wvzIJ4Y2zKojmWbcWRCCkm/3ufIAKxx9WV8O0ZUnXKIwIVAKaF08dV\n",
+"I58zgmgYo6X07kCJJiQb\n",
+"-----END DSA PRIVATE KEY-----\n");
+
+# key parameters extracted from dsa_key_plain's pubkey file
+p = raw_string(0x00, 0x96, 0x2f, 0x04, 0xbb, 0x70, 0x9e, 0x7d,
+ 0x68, 0x07, 0x35, 0xd9, 0xf6, 0x36, 0x64, 0x38,
+ 0xc4, 0x54, 0x1f, 0x8d, 0xb0, 0x3c, 0x68, 0x1f,
+ 0xe4, 0xe9, 0x0f, 0xe8, 0x33, 0x27, 0x1d, 0xac,
+ 0x60, 0x9e, 0x17, 0xa8, 0xc9, 0x15, 0x0d, 0x87,
+ 0x52, 0x31, 0xc6, 0x7d, 0x81, 0xa5, 0x72, 0x5c,
+ 0x4e, 0x5c, 0x58, 0x3c, 0x35, 0xe7, 0x67, 0x34,
+ 0xd5, 0x59, 0x29, 0x10, 0xfb, 0x78, 0xad, 0x41,
+ 0x40, 0xf5, 0x91, 0x86, 0x76, 0xba, 0x88, 0x33,
+ 0xaa, 0xcb, 0xca, 0xd3, 0x2c, 0x05, 0x08, 0xa8,
+ 0x24, 0xd1, 0xbf, 0xaa, 0xb0, 0x7e, 0xeb, 0x08,
+ 0x0f, 0x14, 0x46, 0x5a, 0x7e, 0x4a, 0x06, 0x5e,
+ 0x03, 0x3a, 0x78, 0x2b, 0x3c, 0x8d, 0x70, 0xca,
+ 0x08, 0xde, 0xaf, 0x71, 0x0a, 0xb5, 0x07, 0x2a,
+ 0x2f, 0x2c, 0x34, 0xc4, 0x9a, 0xfc, 0xaa, 0x9d,
+ 0x02, 0xa8, 0x78, 0x3a, 0xda, 0x40, 0x7f, 0xe3,
+ 0xa7);
+q = raw_string(0x00, 0xec, 0xd6, 0x7e, 0x11, 0x89, 0x2d, 0x74,
+ 0x80, 0x03, 0x36, 0x06, 0x54, 0x1c, 0x46, 0x2a,
+ 0x50, 0x13, 0x03, 0xaf, 0x35);
+g = raw_string(0x26, 0x7f, 0xe8, 0x4e, 0x19, 0xae, 0x7a, 0x8f,
+ 0x0b, 0x43, 0xec, 0xa2, 0x7f, 0x79, 0xb9, 0x4f,
+ 0x4f, 0x57, 0xe5, 0x32, 0x54, 0xe5, 0x3b, 0x71,
+ 0x0f, 0xdc, 0x28, 0x4d, 0x1c, 0x3c, 0xd1, 0xce,
+ 0xc0, 0x2f, 0x9f, 0x5d, 0x4d, 0x4b, 0x2b, 0x88,
+ 0x32, 0x0b, 0x55, 0xea, 0x38, 0xda, 0x3b, 0x42,
+ 0x1b, 0xf0, 0x26, 0x3e, 0x02, 0x19, 0x77, 0x1b,
+ 0xc8, 0xb0, 0x21, 0x8f, 0x74, 0xe2, 0x05, 0xc2,
+ 0x97, 0x29, 0xa5, 0xfc, 0x5a, 0xfc, 0x80, 0xba,
+ 0x8d, 0x6e, 0x2c, 0xa4, 0x5a, 0x7c, 0xfc, 0x64,
+ 0x85, 0x9b, 0x18, 0x42, 0x49, 0x4e, 0xe0, 0xdc,
+ 0x09, 0xd2, 0x25, 0x7f, 0xcb, 0x41, 0x45, 0x84,
+ 0x2d, 0xc7, 0xfd, 0x01, 0x93, 0xd3, 0xf4, 0x0a,
+ 0xcc, 0x3f, 0xba, 0x32, 0xf5, 0x06, 0x18, 0x5a,
+ 0x62, 0x6b, 0x17, 0x2c, 0x5a, 0x3a, 0x31, 0x50,
+ 0x7a, 0xd8, 0x9d, 0xfe, 0xa4, 0x67, 0x29, 0xf7);
+y = raw_string(0x5e, 0x56, 0xb9, 0x81, 0x31, 0x16, 0xfd, 0xf5,
+ 0xdc, 0x44, 0xd8, 0xde, 0x95, 0xfe, 0xbf, 0xdf,
+ 0xc1, 0xa2, 0xbf, 0x58, 0x6d, 0x39, 0x4d, 0xfd,
+ 0x62, 0x9d, 0x79, 0xe1, 0xe6, 0x50, 0xd1, 0xc0,
+ 0x00, 0x74, 0x90, 0xe9, 0xe8, 0x47, 0x65, 0xd6,
+ 0x4f, 0x6e, 0xa9, 0xee, 0x91, 0x24, 0xad, 0xb0,
+ 0xa2, 0x7b, 0x4c, 0xa5, 0x26, 0x1a, 0x35, 0x2b,
+ 0xc4, 0xcc, 0xa8, 0x4e, 0x59, 0x84, 0xcc, 0xe1,
+ 0x11, 0x8f, 0xe2, 0xb9, 0xf6, 0x74, 0xb3, 0xbc,
+ 0x92, 0xd6, 0x22, 0xf8, 0x9e, 0x2a, 0x0e, 0xf0,
+ 0x44, 0xdf, 0x08, 0x08, 0xeb, 0xa1, 0xe5, 0x2b,
+ 0xc2, 0xbe, 0x89, 0x56, 0xd5, 0x59, 0x67, 0x6c,
+ 0x2f, 0xcc, 0x82, 0x78, 0x63, 0x6c, 0xca, 0xa2,
+ 0x39, 0x96, 0x6d, 0xc5, 0x91, 0x08, 0x29, 0x26,
+ 0xff, 0x7b, 0x9f, 0x20, 0x02, 0xb1, 0xc7, 0xd5,
+ 0x95, 0xf0, 0xed, 0x19, 0x52, 0x75, 0xca, 0x23);
+
+# plaintext and corresponding signature made with dsa_key_plain
+plain_text = "abc";
+signature = raw_string();
+
+
+function test_dsa_do_sign(p, g, q, pub, privkey, data)
+{
+ local_var priv, signature, r, s, verified;
+
+ testcase_start("test_dsa_do_sign");
+
+ priv = pem_to_dsa(priv:privkey, passphrase:"");
+ signature = dsa_do_sign(p:p, g:g, q:q, pub:pub, priv:priv, data:data);
+
+ r = substr(signature, 0, 19);
+ s = substr(signature, 20, 39);
+
+ verified = dsa_do_verify(p:p, g:g, q:q, pub:pub, r:r, s:s, data:data);
+ if (verified)
+ testcase_ok();
+ else
+ testcase_failed();
+}
+
+function test_dsa_do_verify(name, expect_valid, p, g, q, pub, r, s, data)
+{
+ local_var valid;
+
+ testcase_start(string("test_dsa_do_verify ", name));
+
+ valid = dsa_do_verify(p:p, g:g, q:q, pub:pub, r:r, s:s, data:data);
+ if (valid == expect_valid)
+ testcase_ok();
+ else
+ testcase_failed();
+}
+
+test_dsa_do_sign(p:p, g:g, q:q, pub:y, privkey:dsa_key_plain,
+ data:SHA1(plain_text));
+
+test_dsa_do_verify(name:"valid", expect_valid:1, p:p, g:g, q:q, pub:y,
+ r:raw_string(0x70, 0x5a, 0xba, 0x76, 0x58, 0xfb, 0xeb, 0x09,
+ 0x5f, 0x58, 0xea, 0xf6, 0xca, 0x7b, 0xf5, 0x0d,
+ 0xdc, 0xab, 0x25, 0x70),
+ s:raw_string(0xc6, 0xb9, 0x49, 0x73, 0xa2, 0x9b, 0x58, 0x99,
+ 0x07, 0x3e, 0x71, 0x8b, 0x46, 0x1c, 0x8e, 0x72,
+ 0x67, 0xdf, 0x35, 0x14),
+ data:SHA1(plain_text));
+test_dsa_do_verify(name:"wrong hash", expect_valid:0, p:p, g:g, q:q, pub:y,
+ r:raw_string(0x70, 0x5a, 0xba, 0x76, 0x58, 0xfb, 0xeb, 0x09,
+ 0x5f, 0x58, 0xea, 0xf6, 0xca, 0x7b, 0xf5, 0x0d,
+ 0xdc, 0xab, 0x25, 0x70),
+ s:raw_string(0xc6, 0xb9, 0x49, 0x73, 0xa2, 0x9b, 0x58, 0x99,
+ 0x07, 0x3e, 0x71, 0x8b, 0x46, 0x1c, 0x8e, 0x72,
+ 0x67, 0xdf, 0x35, 0x14),
+ data:SHA1("def"));
+test_dsa_do_verify(name:"wrong sig", expect_valid:0, p:p, g:g, q:q, pub:y,
+ r:raw_string(0x70, 0x5a, 0xba, 0x76, 0x58, 0xfb, 0xeb, 0x09,
+ 0x5f, 0x58, 0xea, 0xf6, 0xca, 0x7b, 0xf5, 0x0d,
+ 0xdc, 0xab, 0x25, 0x71),
+ s:raw_string(0xc6, 0xb9, 0x49, 0x73, 0xa2, 0x9b, 0x58, 0x99,
+ 0x07, 0x3e, 0x71, 0x8b, 0x46, 0x1c, 0x8e, 0x72,
+ 0x67, 0xdf, 0x35, 0x14),
+ data:SHA1(plain_text));
Added: trunk/openvas-libnasl/test/test_md.nasl
===================================================================
--- trunk/openvas-libnasl/test/test_md.nasl 2007-07-17 13:57:49 UTC (rev
268)
+++ trunk/openvas-libnasl/test/test_md.nasl 2007-07-17 18:22:01 UTC (rev
269)
@@ -0,0 +1,34 @@
+function checkmd(name, expected, value)
+{
+ local_var hexval;
+
+ testcase_start(name);
+
+ hexval = hexstr(value);
+ if (hexval == expected)
+ {
+ testcase_ok();
+ }
+ else
+ {
+ testcase_failed();
+ display("expected: ", expected, "\n");
+ display("got: ", hexval, "\n");
+ }
+}
+
+checkmd(name:"MD4", value:MD4("abc"),
+ expected:"a448017aaf21d8525fc10ae87aa6729d");
+checkmd(name:"MD5", value:MD5("abc"),
+ expected:"900150983cd24fb0d6963f7d28e17f72");
+checkmd(name:"SHA1", value:SHA1("abc"),
+ expected:"a9993e364706816aba3e25717850c26c9cd0d89d");
+checkmd(name:"RIPEMD160", value:RIPEMD160("abc"),
+ expected:"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc");
+
+checkmd(name:"HMAC_MD5", value:HMAC_MD5(data:"abc", key:"xyz"),
+ expected:"36507bde4caa8241226bb568596d3439");
+checkmd(name:"HMAC_SHA1", value:HMAC_SHA1(data:"abc", key:"xyz"),
+ expected:"a2b2e8c7de17e4f249b9539b4e56f18e4735f0c9");
+checkmd(name:"HMAC_RIPEMD160", value:HMAC_RIPEMD160(data:"abc", key:"xyz"),
+ expected:"25b990841b02514cacc090a9979857b33a69735f");
Added: trunk/openvas-libnasl/test/test_privkey.nasl
===================================================================
--- trunk/openvas-libnasl/test/test_privkey.nasl 2007-07-17 13:57:49 UTC
(rev 268)
+++ trunk/openvas-libnasl/test/test_privkey.nasl 2007-07-17 18:22:01 UTC
(rev 269)
@@ -0,0 +1,128 @@
+# unencrypted RSA key. GnuTLS command:
+# certtool -p --outfile key-p8-rsa-unenc.pem
+rsa_key_plain = string(
+"-----BEGIN RSA PRIVATE KEY-----\n",
+"MIICWwIBAAKBgQDZsYxvtOq/S/FIITbZyUn5lTPzos9YM1FUuh8XhfRmsiDq32d7\n",
+"2swNxQwWxD7xJTLeQ+8PxU2Cj4W9Eye3L52Bfmird99Am5zRERmNIb8OaAPd6hH+\n",
+"H0GnXGMI5Nnr9Z3Jz3l+lvSRnGwbSDEQiJR6jBN9+1JXQq+aQbogipwsswIDAQAB\n",
+"AoGAC3ciGgwMRRD/NI5TRjsnbewMIBaAwc4fcs1EBUglLCImQQM31GUcqX5UTv/8\n",
+"/1Rh48+Y0AV95JTMir3Eh2MMR4R6TOnPA6VLlXRb02XoE4Mh89uLOQKCJUQ+pn+P\n",
+"fHSzLez+MWjyIaLx52uPc8eTYAysKNU0pBW0GVRgfid/G2kCQQDjjOcD8so/MS0F\n",
+"sIvTroEzpysnZhyNeTD0KynGO1NmSC5L/80wm9G0PBH1fzVbL/OhiTqZP3425ytx\n",
+"S7FmJdC/AkEA9OkpoiKYZ8zqx40eJqvmiSAUbSacfYx0DeOQCrgbsr04zyRFpkNl\n",
+"UZBNjAkNKfHeKGeW948uBBSmQX/468EtDQJAXYOJaOj9Tszx2LW+MQc1F7oqlO10\n",
+"7HsSsDWQ3GODGbSuOhNtCv3uR2isZLybe9cQA6G20EX0o7GK++uEgxslVwJAfT67\n",
+"7tF4VSUDL9eoAqjINXn1WDh1sPLh6rRkVkb+yzJfWfc3syYmK0b7kVCTrc6mCM2o\n",
+"86MCKk4RE9AJES9yBQJARUVBKsPK0ViAQmE+llXlaUPVWB25Dx2nyRX4hvHeYwji\n",
+"eN6l16F0rOV4IvtbRsQQjhMW4OM5Z6SZ7vWmZRHTWQ==\n",
+"-----END RSA PRIVATE KEY-----\n");
+
+
+# encrypted RSA key. created from rsa_key_plain with openssl:
+# openssl pkcs8 -topk8 -v2 des3 -in key-p8-rsa-unenc.pem -out
key-p8-rsa-des.pem
+rsa_key_encrypted = string(
+"-----BEGIN ENCRYPTED PRIVATE KEY-----\n",
+"MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIxHEGjqmqAVcCAggA\n",
+"MBQGCCqGSIb3DQMHBAiAGcor2rXuLgSCAoDabyOr28HQTP1DkPB4iAbHv0N1K5RP\n",
+"qd51qSHBafw0oxRj0jNTjorKztClAuSW49g+t+QWKdc2h281b6sJ4E/rCHgVdUmV\n",
+"zqgkvWv4l/SUL+YpyvFsX6sC30I2vHaV2HRFFxyXWEJpFuTMkFMTP3LcUYohFjZz\n",
+"guYFc0I9JMW1x0E4rT0oYqfVwRE5XHeGd/u/h23RjP+teRyn+m9aVSJ6lldK6PT/\n",
+"Hnlb6a30B7Or6nDukVMLiPdEHVhFzKBGHIvE5I8URk90bmSdQaS3ooY+VJbwkz8E\n",
+"/TfwJA6FxUo+Fxg4Tx8Is3IK/fQG/0+AkYrceKR1GQayBRceA6P9OKoIBXQpciGG\n",
+"UEt5Zt3NSn+Dfjd2QvzoawEaZJN82XJ0f1ZoX0ByHvUsK2Bn4Hc1Y6Wd/y1nNGF/\n",
+"gSC0sGzJPju+U2l4LKUp853ahvnVz5FT5p+HN7sH8iTKh5QpJHRp8746pwPAD+et\n",
+"p3Q3z//fONN4BY5yxZ5yoASYiE0OcTDDgr8uRR7sYv7IV+jjbJSFdpU7YaxEsvmt\n",
+"GMWG6eX+cBaYFejnyHe99Ew4nyJxVcSP2QxrsE2u+qyAvjhVQ8xCf9NE43RcYP3/\n",
+"VArR3UVMS77XD/eRbieVg8XvVahthoLN7dsH4Nci7+/vzk9CKGoy3tY4WZu0WjIJ\n",
+"2Y2O1ajfFmbHuPV1iOp/zc/TuO5veuR/qzveJyQg5We+03L04cCU5V/cjRc3pGw4\n",
+"kyV+pYZSnjhqE0Zhdmfaaz5Wh1uBVdMuudUlvq4DzXm/JZv0UqZ53cKnqmLzBdb4\n",
+"TSQh8rr1f5E0HAhoKE6s0yof55ZBWXBogdYv3wFNWUmPAkEVCENzz0Jy\n",
+"-----END ENCRYPTED PRIVATE KEY-----\n");
+
+
+rsa_key_passphrase = "openvas";
+
+# unencrypted DSA key. GnuTLS command:
+# certtool -p --dsa --outfile key-dsa.pem
+dsa_key_plain = string(
+"-----BEGIN DSA PRIVATE KEY-----\n",
+"MIIBuwIBAAKBgQCnF+nY+CF9r5qROZUq9YlYZfCwaRomOdOnSEXavIjJGXzYUP2A\n",
+"E1jY6NxMQnbX6X6/Rb4PWdI70U5AMoNrCJuoN4ewGIoNhp9IUn4CG3+29whK/O8B\n",
+"D8qVa3MVhEwmRmMO/o5u3ldTeSYvEXNt4spoJMC952Qd9f/Wlo3j28hzlwIVAN7M\n",
+"Atg6YAfOVucN1UFq0r/gmZOxAoGADItFZiNYrOKN49guGFwDhHyS/BLhwktREo1f\n",
+"URuh6vuqS4DkXPjBV5VPnukDataVZMNg6T+lvsLY58Wd8dwvg9VX4LJXZs1deaAj\n",
+"Dd6G4MUT7GxynyKsY3t4DQp/dzyvepXKtfhriDyY1cCiogKpfoZst399EfEL4fCe\n",
+"JTzRWOMCgYEAoP35oGXR7S3vcUkanWK8TBjNgxWMG7Oq41c/zegqT2AV/BeQhdys\n",
+"+NIr+hYlT9+rz3XsB4ZE0yFtsDtUv67gvFNdVERrguhabDVr0PTcCbp5CMDVHbgg\n",
+"WK+DwRFP5ZP9Ippoqni7tIHIbvBlvHv0DY4rtV3cJb34H1QFe2gxg7kCFFw+Ijpz\n",
+"NODP8R34Rg+lMJHVIKTn\n",
+"-----END DSA PRIVATE KEY-----\n");
+
+# encrypted DSA key. Converted from dsa_key with openssl:
+# openssl pkcs8 -topk8 -v2 des3 -in key-dsa.pem -out key-p8-dsa-des.pem
+dsa_key_encrypted = string(
+"-----BEGIN ENCRYPTED PRIVATE KEY-----\n",
+"MIIBcTAbBgkqhkiG9w0BBQMwDgQIlqMZXYtotz4CAggABIIBUB0y7YkIowaRgN1Y\n",
+"7xhul6A1ZN2cAvt+W6Q8O30k524lNtQyXgA944VStpALZtV4+H1mqTtJPEAZD6Mp\n",
+"fqcloF4KRd8NTIxwawRZ3aJf8LH2qZvczHSwjCK8eR8PJEaBzOrYIQS+t43bTLCx\n",
+"AGebp+6YLHlyvtMy9H02CCAv/8+g3nZKiaQCuHZXsmQmk7aSsPlc5dAUvRm49KqE\n",
+"drYm25R+LDQRkafUzV4HJgFInrmRLHEW7NtSTDBp8oSo/p4vMRLoqAz8d2cDus/I\n",
+"Gy6+ItgFlqC3yNpuKrH38alaAn6ar2TThM51yhmzmsj7cUcir7BOmZ0mvWtUrXQo\n",
+"d9EmDi7s8yGi/hiz0ewFawUHavdNe5IuoiEIpiOOxipyy8tlQIbHeLTlfsy1Y19S\n",
+"pnqQmzxd6Dh49AhsBaVO7x8RQC0bxsfNUkh4ZHnB6se9elh5zA==\n",
+"-----END ENCRYPTED PRIVATE KEY-----\n");
+
+dsa_key_passphrase = string("openvas");
+
+
+function test_pem_to(type, priv, passphrase, expected)
+{
+ local_var key;
+
+ testcase_start(string("test_pem_to_", type));
+
+ if (type == "rsa")
+ {
+ key = pem_to_rsa(priv:priv, passphrase:passphrase);
+ }
+ else
+ {
+ key = pem_to_dsa(priv:priv, passphrase:passphrase);
+ }
+
+ if (hexstr(key) == expected)
+ testcase_ok();
+ else
+ {
+ testcase_failed();
+ display("key=");
+ display(hexstr(key));
+ display("\n");
+ }
+}
+
+test_pem_to(type:"rsa", priv:rsa_key_plain, passphrase:"",
+ expected:string("0b77221a0c0c4510ff348e53463b276d",
+ "ec0c201680c1ce1f72cd440548252c22",
+ "26410337d4651ca97e544efffcff5461",
+ "e3cf98d0057de494cc8abdc487630c47",
+ "847a4ce9cf03a54b95745bd365e81383",
+ "21f3db8b39028225443ea67f8f7c74b3",
+ "2decfe3168f221a2f1e76b8f73c79360",
+ "0cac28d534a415b41954607e277f1b69"));
+test_pem_to(type:"rsa", priv:rsa_key_encrypted, passphrase:rsa_key_passphrase,
+ expected:string("0b77221a0c0c4510ff348e53463b276d",
+ "ec0c201680c1ce1f72cd440548252c22",
+ "26410337d4651ca97e544efffcff5461",
+ "e3cf98d0057de494cc8abdc487630c47",
+ "847a4ce9cf03a54b95745bd365e81383",
+ "21f3db8b39028225443ea67f8f7c74b3",
+ "2decfe3168f221a2f1e76b8f73c79360",
+ "0cac28d534a415b41954607e277f1b69"));
+
+test_pem_to(type:"dsa", priv:dsa_key_plain, passphrase:"",
+ expected:"5c3e223a7334e0cff11df8460fa53091d520a4e7");
+# pkcs8 files with DSA keys are not supported yet by GnuTLS. The
+# following test should work, if it were:
+#test_pem_to(type:"dsa", priv:dsa_key_encrypted, passphrase:dsa_key_passphrase,
+# expected:"5c3e223a7334e0cff11df8460fa53091d520a4e7");
Added: trunk/openvas-libnasl/test/test_rsa.nasl
===================================================================
--- trunk/openvas-libnasl/test/test_rsa.nasl 2007-07-17 13:57:49 UTC (rev
268)
+++ trunk/openvas-libnasl/test/test_rsa.nasl 2007-07-17 18:22:01 UTC (rev
269)
@@ -0,0 +1,107 @@
+# rsa key generated with ssh-keygen -t rsa -f keyfile
+rsa_key_plain = string(
+"-----BEGIN RSA PRIVATE KEY-----\n",
+"MIICWgIBAAKBgQCYC0xkHWB+7gQ0TJIaBJZjgUcRb9yij1FhpxtO3XM0p2bBslWF\n",
+"7A06VUOZibNoRaaBqM8kC7qdYtj62vEDIb4fAo0ZuNfWfRGa6ejE2poUjH7tqce4\n",
+"8hMe1inEBVG8l9dxIouloc7m4A+hrHnvPIedv+21dmeJ2y+uuZ1EFFB52wIBIwKB\n",
+"gF+SEsKWH2W6LodGErFEtk0ssFQabW1+qC7Az1YkzBJ32jCb+z48mpmx7/ocCl7M\n",
+"sc3X0qjxbfyHRo8NRwlIaN9SuJ7S9P/tZfvmsf2IzhAWK+05FkeE+piSDRfbMt4M\n",
+"EUzoxI8wKyX/cWXETHrk3ZiAx+xCqbWt3ixjXYEcheobAkEAxl82mE4NlXl6xL53\n",
+"Mh11VXFR1n4xGEONOJjcuWBek5MUGkKIL8yAbRotRqtGpngxQFwsbovSdDtI9VoK\n",
+"TwfEpwJBAMQ2t+gyjtakbHv33TeR4rawc+ExuPqd+/sHtbUJK04o1wpWOaVgqf97\n",
+"OzkmcLWXnMn2Yp3NuUa12VS6GulcY60CQAtV5dzRQprTvd9bV0SxOeegE04V1utx\n",
+"kwqMZGJdRzuiASYSbi6d+LXG+0Xd5sevGMHZYZ/qu5Gc/NrR8fXjL88CQQCGi+vS\n",
+"a8+pIEpjoqZR/aLGal4WwwJ/902zcwBBn+MuR+Pp1LnQfMxXanHAyebi6562X86Y\n",
+"GAoEmfQc12LpKWjrAkAhOX5iAuY5KCYmTzhJKzJP81aTlLLBFMKEuVDV9h6Thh7y\n",
+"CsEnYYrHm6FwUDLHAPFFj/ycMPguH3XjUtUaHpQs\n",
+"-----END RSA PRIVATE KEY-----\n");
+
+# public key parameters corrsponding to rsa_key_plain
+e = raw_string(0x23);
+n = raw_string(0x00, 0x98, 0x0b, 0x4c, 0x64, 0x1d, 0x60, 0x7e,
+ 0xee, 0x04, 0x34, 0x4c, 0x92, 0x1a, 0x04, 0x96,
+ 0x63, 0x81, 0x47, 0x11, 0x6f, 0xdc, 0xa2, 0x8f,
+ 0x51, 0x61, 0xa7, 0x1b, 0x4e, 0xdd, 0x73, 0x34,
+ 0xa7, 0x66, 0xc1, 0xb2, 0x55, 0x85, 0xec, 0x0d,
+ 0x3a, 0x55, 0x43, 0x99, 0x89, 0xb3, 0x68, 0x45,
+ 0xa6, 0x81, 0xa8, 0xcf, 0x24, 0x0b, 0xba, 0x9d,
+ 0x62, 0xd8, 0xfa, 0xda, 0xf1, 0x03, 0x21, 0xbe,
+ 0x1f, 0x02, 0x8d, 0x19, 0xb8, 0xd7, 0xd6, 0x7d,
+ 0x11, 0x9a, 0xe9, 0xe8, 0xc4, 0xda, 0x9a, 0x14,
+ 0x8c, 0x7e, 0xed, 0xa9, 0xc7, 0xb8, 0xf2, 0x13,
+ 0x1e, 0xd6, 0x29, 0xc4, 0x05, 0x51, 0xbc, 0x97,
+ 0xd7, 0x71, 0x22, 0x8b, 0xa5, 0xa1, 0xce, 0xe6,
+ 0xe0, 0x0f, 0xa1, 0xac, 0x79, 0xef, 0x3c, 0x87,
+ 0x9d, 0xbf, 0xed, 0xb5, 0x76, 0x67, 0x89, 0xdb,
+ 0x2f, 0xae, 0xb9, 0x9d, 0x44, 0x14, 0x50, 0x79, 0xdb);
+
+# plain text and corresponding SHA1 signature made with rsa_key_plain
+plain_text = "abc";
+signature = raw_string(0x5b, 0x94, 0x24, 0x6a, 0xf5, 0x34, 0x1c, 0xd5,
+ 0x5c, 0x1d, 0xfd, 0x90, 0xef, 0x21, 0xe5, 0xc6,
+ 0xef, 0xa7, 0x07, 0x0c, 0xfa, 0x3d, 0xa7, 0x6e,
+ 0xb7, 0x88, 0x78, 0x92, 0xb3, 0x75, 0xae, 0xec,
+ 0x5b, 0xe8, 0xe7, 0x26, 0x5e, 0xa0, 0xa5, 0xd7,
+ 0xe8, 0x07, 0x3d, 0x29, 0xae, 0x8a, 0x6b, 0xea,
+ 0xd3, 0xdf, 0x74, 0x90, 0xe9, 0xae, 0x8b, 0xb6,
+ 0x48, 0x13, 0x8a, 0xa9, 0x32, 0x7c, 0xa6, 0xe6,
+ 0x69, 0x32, 0x04, 0x96, 0xb2, 0x25, 0x2c, 0xa8,
+ 0x43, 0xf3, 0x41, 0xb1, 0x60, 0x62, 0x43, 0x10,
+ 0x3e, 0xbb, 0x26, 0x13, 0x42, 0x07, 0xc9, 0x6d,
+ 0x4b, 0x48, 0x59, 0x18, 0x1a, 0x8e, 0xe5, 0xc6,
+ 0xc4, 0xbe, 0x58, 0x04, 0x05, 0x6e, 0x52, 0x7b,
+ 0x7e, 0x78, 0xa4, 0xc1, 0xd6, 0xdd, 0x24, 0xf2,
+ 0x6d, 0x75, 0x31, 0x60, 0xcb, 0x03, 0xe2, 0x4d,
+ 0x67, 0x5e, 0xd7, 0xf9, 0x40, 0xaa, 0xe0, 0xd9);
+
+
+function test_rsa_sign(priv, e, n, hash, expected)
+{
+ local_var signature;
+
+ testcase_start("test_rsa_sign");
+
+ signature = rsa_sign(priv:priv, passphrase:"", data:hash);
+
+ if (hexstr(signature) == hexstr(expected))
+ testcase_ok();
+ else
+ {
+ testcase_failed();
+ display("signature=");
+ display(hexstr(signature));
+ display("\n");
+ }
+}
+
+function test_rsa_public_decrypt(e, n, sig, plaintext)
+{
+ local_var decrypted, prefix, expected;
+
+ testcase_start("test_rsa_public_decrypt");
+
+ decrypted = rsa_public_decrypt(sig:sig, e:e, n:n);
+
+ # prefix is pkcs1 block type 1 + padding and SHA oid.
+ prefix=string("01ffffffffffffffffffffffffffffff",
+ "ffffffffffffffffffffffffffffffff",
+ "ffffffffffffffffffffffffffffffff",
+ "ffffffffffffffffffffffffffffffff",
+ "ffffffffffffffffffffffffffffffff",
+ "ffffffffffffffffffffff00",
+ "3021300906052b0e03021a05000414");
+ expected = strcat(prefix, hexstr(SHA1(plaintext)));
+ if (hexstr(decrypted) == expected)
+ testcase_ok();
+ else
+ {
+ testcase_failed();
+ display("decrypted=");
+ display(hexstr(decrypted));
+ display("\n");
+ }
+}
+
+test_rsa_sign(priv:rsa_key_plain, e:e, n:n, hash:SHA1(plain_text),
+ expected=signature);
+test_rsa_public_decrypt(e:e, n:n, sig:signature, plaintext:plain_text);
Added: trunk/openvas-libnasl/test/testsuiteinit.nasl
===================================================================
--- trunk/openvas-libnasl/test/testsuiteinit.nasl 2007-07-17 13:57:49 UTC
(rev 268)
+++ trunk/openvas-libnasl/test/testsuiteinit.nasl 2007-07-17 18:22:01 UTC
(rev 269)
@@ -0,0 +1,24 @@
+# initializes the test suite and provides some helper functions
+
+global_var num_successful, num_failed;
+
+num_successful = 0;
+num_failed = 0;
+
+function testcase_start(name)
+{
+ name = _FCT_ANON_ARGS[0];
+ display(name, " ");
+}
+
+function testcase_ok()
+{
+ display("OK\n");
+ num_successful += 1;
+}
+
+function testcase_failed()
+{
+ display("FAILED\n");
+ num_failed += 1;
+}
Added: trunk/openvas-libnasl/test/testsuitesummary.nasl
===================================================================
--- trunk/openvas-libnasl/test/testsuitesummary.nasl 2007-07-17 13:57:49 UTC
(rev 268)
+++ trunk/openvas-libnasl/test/testsuitesummary.nasl 2007-07-17 18:22:01 UTC
(rev 269)
@@ -0,0 +1,10 @@
+function testsuite_summary()
+{
+ display("----------\n");
+ display(num_successful + num_failed, " tests, ", num_failed, " failed\n");
+
+ if (num_failed > 0)
+ exit(1);
+}
+
+testsuite_summary();
_______________________________________________
Openvas-commits mailing list
[email protected]
http://lists.wald.intevation.org/mailman/listinfo/openvas-commits
