TLS 1.3 server auth only

tests/gcmtest.c

@@ -51,6 +51,8 @@
 #include <stdlib.h>
 #include <gmssl/gcm.h>
 #include <gmssl/hex.h>
+#include <gmssl/rand.h>
+#include <gmssl/block_cipher.h>
 #include <gmssl/error.h>
 
 
@@ -130,8 +132,6 @@ int test_ghash(void)
 	size_t Hlen, Alen, Clen, Tlen;
 	int i;
 
-	printf("%s\n", __FUNCTION__);
-
 	for (i = 0; i < sizeof(ghash_tests)/sizeof(ghash_tests[0]); i++) {
 		hex_to_bytes(ghash_tests[i].H, strlen(ghash_tests[i].H), H, &Hlen);
 		hex_to_bytes(ghash_tests[i].A, strlen(ghash_tests[i].A), A, &Alen);
@@ -139,22 +139,93 @@ int test_ghash(void)
 		hex_to_bytes(ghash_tests[i].T, strlen(ghash_tests[i].T), T, &Tlen);
 		ghash(H, A, Alen, C, Clen, out);
 
-		printf("  test %d %s\n", i + 1, memcmp(out ,T, Tlen) == 0 ? "ok" : "error");
-		/*
-		format_print(stdout, 0, 2, "H = %s\n", ghash_tests[i].H);
-		format_print(stdout, 0, 2, "A = %s\n", ghash_tests[i].A);
-		format_print(stdout, 0, 2, "C = %s\n", ghash_tests[i].C);
-		format_bytes(stdout, 0, 2, "GHASH(H,A,C) = ", out, 16);
-		format_print(stdout, 0, 2, "             = %s\n\n", ghash_tests[i].T);
-		*/
+		if (memcmp(out, T, Tlen) != 0) {
+			format_print(stderr, 0, 0, "test %d failed\n", i + 1);
+			format_print(stderr, 0, 2, "H = %s\n", ghash_tests[i].H);
+			format_print(stderr, 0, 2, "A = %s\n", ghash_tests[i].A);
+			format_print(stderr, 0, 2, "C = %s\n", ghash_tests[i].C);
+			format_bytes(stderr, 0, 2, "GHASH(H,A,C) = ", out, 16);
+			format_print(stderr, 0, 2, "             = %s\n\n", ghash_tests[i].T);
+		}
 	}
-	return 0;
+
+	printf("%s() ok\n", __FUNCTION__);
+	return 1;
 }
 
+int test_gcm(void)
+{
+	BLOCK_CIPHER_KEY block_key;
+	uint8_t key[16];
+	uint8_t iv[12];
+	uint8_t aad[64];
+	uint8_t in[100];
+	uint8_t out[sizeof(in)];
+	uint8_t buf[sizeof(in)];
+	uint8_t tag[16];
+
+	rand_bytes(key, sizeof(key));
+	rand_bytes(iv, sizeof(iv));
+	rand_bytes(aad, sizeof(aad));
+	rand_bytes(in, sizeof(in));
+
+	memset(out, 0, sizeof(out));
+	memset(buf, 0, sizeof(buf));
+	memset(tag, 0, sizeof(tag));
+
+	if (block_cipher_set_encrypt_key(&block_key, BLOCK_CIPHER_aes128(), key) != 1) {
+		error_print();
+		return -1;
+	}
+	if (gcm_encrypt(&block_key, iv, sizeof(iv), aad, sizeof(aad), in, sizeof(in), out, sizeof(tag), tag) != 1) {
+		error_print();
+		return -1;
+	}
+	if (gcm_decrypt(&block_key, iv, sizeof(iv), aad, sizeof(aad), out, sizeof(out), tag, sizeof(tag), buf) != 1) {
+		error_print();
+		return -1;
+	}
+	if (memcmp(buf, in, sizeof(in)) != 0) {
+		error_print();
+		return -1;
+	}
+
+	memset(out, 0, sizeof(out));
+	memset(buf, 0, sizeof(buf));
+	memset(tag, 0, sizeof(tag));
+
+	if (block_cipher_set_encrypt_key(&block_key, BLOCK_CIPHER_sm4(), key) != 1) {
+		error_print();
+		return -1;
+	}
+	if (gcm_encrypt(&block_key, iv, sizeof(iv), aad, sizeof(aad), in, sizeof(in), out, sizeof(tag), tag) != 1) {
+		error_print();
+		return -1;
+	}
+	if (gcm_decrypt(&block_key, iv, sizeof(iv), aad, sizeof(aad), out, sizeof(out), tag, sizeof(tag), buf) != 1) {
+		error_print();
+		return -1;
+	}
+	if (memcmp(buf, in, sizeof(in)) != 0) {
+		error_print();
+		return -1;
+	}
+
+	printf("%s() ok\n", __FUNCTION__);
+	return 1;
+}
+
+
+
+
 
 int main(int argc, char **argv)
 {
-	int err = 0;
-	err += test_ghash();
-	return err;
+	if (test_ghash() != 1) goto err;
+	if (test_gcm() != 1) goto err;
+	printf("%s all tests passed\n", __FILE__);
+	return 0;
+err:
+	error_print();
+	return -1;
 }

tests/gf128test.c

@@ -52,44 +52,95 @@
 #include <assert.h>
 #include <gmssl/hex.h>
 #include <gmssl/gf128.h>
+#include <gmssl/error.h>
 
-/*
-a = de300f9301a499a965f8bf677e99e80d
-b = 14b267838ec9ef1bb7b5ce8c19e34bc6
-a + b = ca8268108f6d76b2d24d71eb677aa3cb
-a - b = ca8268108f6d76b2d24d71eb677aa3cb
-a * b = 28e63413cd53b01a3b469375781942c6
-a * 2 = bc601f2603493352cbf17ecefd33d09d
-*/
+
+int test_gf128_from_hex(void)
+{
+	char *tests[] = {
+		"00000000000000000000000000000000",
+		"00000000000000000000000000000001",
+		"10000000000000000000000000000000",
+		"de300f9301a499a965f8bf677e99e80d",
+		"14b267838ec9ef1bb7b5ce8c19e34bc6",
+	};
+	gf128_t a;
+	int i;
+
+	for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
+		a = gf128_from_hex(tests[i]);
+		if (gf128_equ_hex(a, tests[i]) != 1) {
+			error_print();
+			return -1;
+		}
+	}
+
+	printf("%s() ok\n", __FUNCTION__);
+	return 1;
+}
+
+int test_gf128_mul2(void)
+{
+	char *tests[] = {
+		"00000000000000000000000000000001",
+		"de300f9301a499a965f8bf677e99e80d",
+	};
+	char *results[] = {
+		"e1000000000000000000000000000000",
+		"8e1807c980d24cd4b2fc5fb3bf4cf406",
+	};
+	gf128_t a;
+	int i;
+
+	for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
+		a = gf128_from_hex(tests[i]);
+		a = gf128_mul2(a);
+		if (gf128_equ_hex(a, results[i]) != 1) {
+			error_print();
+			return -1;
+		}
+	}
+
+	printf("%s() ok\n", __FUNCTION__);
+	return 1;
+}
+
+int test_gf128_mul(void)
+{
+	char *hex_a = "de300f9301a499a965f8bf677e99e80d";
+	char *hex_b = "14b267838ec9ef1bb7b5ce8c19e34bc6";
+	char *hex_add_a_b = "ca8268108f6d76b2d24d71eb677aa3cb";
+	char *hex_mul_a_b = "7d87dda57a20b0c51d9743071ab14010";
+	gf128_t a, b, r;
+
+	a = gf128_from_hex(hex_a);
+	b = gf128_from_hex(hex_b);
+
+	r = gf128_add(a, b);
+	if (gf128_equ_hex(r, hex_add_a_b) != 1) {
+		error_print();
+		return -1;
+	}
+
+	r = gf128_mul(a, b);
+	if (gf128_equ_hex(r, hex_mul_a_b) != 1) {
+		error_print();
+		return -1;
+	}
+
+	printf("%s() ok\n", __FUNCTION__);
+	return 1;
+}
 
 int main(void)
 {
-	gf128_t zero = gf128_from_hex("00000000000000000000000000000000");
-	gf128_t one  = gf128_from_hex("00000000000000000000000000000001");
-	gf128_t ones = gf128_from_hex("11111111111111111111111111111111");
-	gf128_t a    = gf128_from_hex("de300f9301a499a965f8bf677e99e80d");
-	gf128_t b    = gf128_from_hex("14b267838ec9ef1bb7b5ce8c19e34bc6");
-	gf128_t r;
-
-	/*
-	r = gf128_add(a, b);
-	gf128_print("a + b = ", r);
-
-	r = gf128_mul(a, b);
-	gf128_print("a * b = ", r);
-
-	r = gf128_mul2(a);
-	gf128_print("a * 2 = ", r);
-	*/
-
-	gf128_t H = gf128_from_hex("66e94bd4ef8a2c3b884cfa59ca342b2e");
-	gf128_t C = gf128_from_hex("0388dace60b6a392f328c2b971b2fe78");
-	gf128_t T = gf128_mul(C, H);
-
-
-	gf128_print(stderr, 0, 0, "C", C);
-	gf128_print(stderr, 0, 0, "H", H);
-	gf128_print(stderr, 0, 0, "C * H", T);
-
+	if (test_gf128_from_hex() != 1) goto err;
+	if (test_gf128_mul2() != 1) goto err;
+	if (test_gf128_mul() != 1) goto err;
+	printf("%s all tests passed\n", __FILE__);
 	return 0;
+err:
+	error_print();
+	return -1;
+
 }

tests/tls13test.c

@@ -0,0 +1,119 @@
+/*
+ * Copyright (c) 2021 - 2021 The GmSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the GmSSL Project.
+ *    (http://gmssl.org/)"
+ *
+ * 4. The name "GmSSL Project" must not be used to endorse or promote
+ *    products derived from this software without prior written
+ *    permission. For written permission, please contact
+ *    guanzhi1980@gmail.com.
+ *
+ * 5. Products derived from this software may not be called "GmSSL"
+ *    nor may "GmSSL" appear in their names without prior written
+ *    permission of the GmSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the GmSSL Project
+ *    (http://gmssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE GmSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <gmssl/oid.h>
+#include <gmssl/x509.h>
+#include <gmssl/rand.h>
+#include <gmssl/error.h>
+#include <gmssl/tls.h>
+#include <gmssl/sm3.h>
+#include <gmssl/sm4.h>
+
+
+static int test_tls13_gcm(void)
+{
+
+	BLOCK_CIPHER_KEY block_key;
+	uint8_t key[16];
+	uint8_t iv[12];
+	uint8_t seq_num[8] = {0,0,0,0,0,0,0,1};
+	int record_type = TLS_record_handshake;
+	uint8_t in[40];
+	size_t padding_len = 8;
+	uint8_t out[256];
+	size_t outlen;
+	uint8_t buf[256];
+	size_t buflen;
+
+	rand_bytes(key, sizeof(key));
+	rand_bytes(iv, sizeof(iv));
+	rand_bytes(in, sizeof(in));
+
+	memset(out, 1, sizeof(out));
+	outlen = 0;
+	memset(buf, 1, sizeof(buf));
+	buflen = 0;
+
+	if (block_cipher_set_encrypt_key(&block_key, BLOCK_CIPHER_sm4(), key) != 1) {
+		error_print();
+		return -1;
+	}
+
+	if (tls13_gcm_encrypt(&block_key, iv, seq_num, record_type, in, sizeof(in), padding_len, out, &outlen) != 1) {
+		error_print();
+		return -1;
+	}
+	if (tls13_gcm_decrypt(&block_key, iv, seq_num, out, outlen, &record_type, buf, &buflen) != 1) {
+		error_print();
+		return -1;
+	}
+
+	if (buflen != sizeof(in)) {
+		error_print();
+		return -1;
+	}
+	if (memcmp(in, buf, buflen) != 0) {
+		error_print();
+		return -1;
+	}
+	printf("%s() ok\n", __FUNCTION__);
+	return 1;
+}
+
+int main(void)
+{
+	if (test_tls13_gcm() != 1) goto err;
+	printf("%s all tests passed\n", __FILE__);
+	return 0;
+err:
+	error_print();
+	return -1;
+}