summaryrefslogtreecommitdiffstats
path: root/third_party/libsrtp/src/crypto/test
diff options
context:
space:
mode:
Diffstat (limited to 'third_party/libsrtp/src/crypto/test')
-rw-r--r--third_party/libsrtp/src/crypto/test/aes_calc.c172
-rw-r--r--third_party/libsrtp/src/crypto/test/cipher_driver.c598
-rw-r--r--third_party/libsrtp/src/crypto/test/datatypes_driver.c222
-rw-r--r--third_party/libsrtp/src/crypto/test/env.c89
-rw-r--r--third_party/libsrtp/src/crypto/test/kernel_driver.c115
-rw-r--r--third_party/libsrtp/src/crypto/test/meson.build41
-rw-r--r--third_party/libsrtp/src/crypto/test/sha1_driver.c387
7 files changed, 1624 insertions, 0 deletions
diff --git a/third_party/libsrtp/src/crypto/test/aes_calc.c b/third_party/libsrtp/src/crypto/test/aes_calc.c
new file mode 100644
index 0000000000..3d0d5cf36b
--- /dev/null
+++ b/third_party/libsrtp/src/crypto/test/aes_calc.c
@@ -0,0 +1,172 @@
+/*
+ * aes_calc.c
+ *
+ * A simple AES calculator for generating AES encryption values
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2017, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+/*
+
+ Example usage (with first NIST FIPS 197 test case):
+
+ [sh]$ test/aes_calc 000102030405060708090a0b0c0d0e0f \
+ 00112233445566778899aabbccddeeff -v
+
+ plaintext: 00112233445566778899aabbccddeeff
+ key: 000102030405060708090a0b0c0d0e0f
+ ciphertext: 69c4e0d86a7b0430d8cdb78070b4c55a
+
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include "aes.h"
+#include <stdio.h>
+#include <string.h>
+#include "util.h"
+
+void usage(char *prog_name)
+{
+ printf("usage: %s <key> <plaintext> [<ciphertext>] [-v]\n", prog_name);
+ exit(255);
+}
+
+#define AES_MAX_KEY_LEN 32
+
+int main(int argc, char *argv[])
+{
+ const char *expected_ciphertext = NULL;
+ const char *ciphertext = NULL;
+ v128_t data;
+ uint8_t key[AES_MAX_KEY_LEN];
+ srtp_aes_expanded_key_t exp_key;
+ int key_len, len;
+ int verbose = 0;
+ srtp_err_status_t status;
+
+ /* -v must be last if it's passed */
+ if (argc > 0 && strncmp(argv[argc - 1], "-v", 2) == 0) {
+ /* we're in verbose mode */
+ verbose = 1;
+ --argc;
+ }
+
+ if (argc < 3 || argc > 4) {
+ /* we've been fed the wrong number of arguments - compain and exit */
+ usage(argv[0]);
+ }
+
+ if (argc == 4) {
+ /* we're being passed the ciphertext to check (in unit test mode) */
+ expected_ciphertext = argv[3];
+ if (strlen(expected_ciphertext) != 16 * 2) {
+ usage(argv[0]);
+ }
+ }
+
+ /* read in key, checking length */
+ if (strlen(argv[1]) > AES_MAX_KEY_LEN * 2) {
+ fprintf(stderr, "error: too many digits in key "
+ "(should be at most %d hexadecimal digits, found %u)\n",
+ AES_MAX_KEY_LEN * 2, (unsigned)strlen(argv[1]));
+ exit(1);
+ }
+ len = hex_string_to_octet_string((char *)key, argv[1], AES_MAX_KEY_LEN * 2);
+ /* check that hex string is the right length */
+ if (len != 32 && len != 48 && len != 64) {
+ fprintf(stderr, "error: bad number of digits in key "
+ "(should be 32/48/64 hexadecimal digits, found %d)\n",
+ len);
+ exit(1);
+ }
+ key_len = len / 2;
+
+ /* read in plaintext, checking length */
+ if (strlen(argv[2]) > 16 * 2) {
+ fprintf(stderr, "error: too many digits in plaintext "
+ "(should be %d hexadecimal digits, found %u)\n",
+ 16 * 2, (unsigned)strlen(argv[2]));
+ exit(1);
+ }
+ len = hex_string_to_octet_string((char *)(&data), argv[2], 16 * 2);
+ /* check that hex string is the right length */
+ if (len < 16 * 2) {
+ fprintf(stderr, "error: too few digits in plaintext "
+ "(should be %d hexadecimal digits, found %d)\n",
+ 16 * 2, len);
+ exit(1);
+ }
+
+ if (verbose) {
+ /* print out plaintext */
+ printf("plaintext:\t%s\n",
+ octet_string_hex_string((uint8_t *)&data, 16));
+ }
+
+ /* encrypt plaintext */
+ status = srtp_aes_expand_encryption_key(key, key_len, &exp_key);
+ if (status) {
+ fprintf(stderr, "error: AES key expansion failed.\n");
+ exit(1);
+ }
+
+ srtp_aes_encrypt(&data, &exp_key);
+
+ /* write ciphertext to output */
+ if (verbose) {
+ printf("key:\t\t%s\n", octet_string_hex_string(key, key_len));
+ printf("ciphertext:\t");
+ }
+
+ ciphertext = v128_hex_string(&data);
+ printf("%s\n", ciphertext);
+
+ if (expected_ciphertext && strcmp(ciphertext, expected_ciphertext) != 0) {
+ fprintf(stderr, "error: calculated ciphertext %s does not match "
+ "expected ciphertext %s\n",
+ ciphertext, expected_ciphertext);
+ exit(1);
+ }
+
+ return 0;
+}
diff --git a/third_party/libsrtp/src/crypto/test/cipher_driver.c b/third_party/libsrtp/src/crypto/test/cipher_driver.c
new file mode 100644
index 0000000000..4fbcd95e39
--- /dev/null
+++ b/third_party/libsrtp/src/crypto/test/cipher_driver.c
@@ -0,0 +1,598 @@
+/*
+ * cipher_driver.c
+ *
+ * A driver for the generic cipher type
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2017 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h> /* for printf() */
+#include "getopt_s.h"
+#include "cipher.h"
+#include "cipher_priv.h"
+#include "datatypes.h"
+
+#define PRINT_DEBUG 0
+
+void cipher_driver_test_throughput(srtp_cipher_t *c);
+
+srtp_err_status_t cipher_driver_self_test(srtp_cipher_type_t *ct);
+
+/*
+ * cipher_driver_test_buffering(ct) tests the cipher's output
+ * buffering for correctness by checking the consistency of succesive
+ * calls
+ */
+
+srtp_err_status_t cipher_driver_test_buffering(srtp_cipher_t *c);
+
+/*
+ * functions for testing cipher cache thrash
+ */
+srtp_err_status_t cipher_driver_test_array_throughput(srtp_cipher_type_t *ct,
+ int klen,
+ int num_cipher);
+
+void cipher_array_test_throughput(srtp_cipher_t *ca[], int num_cipher);
+
+uint64_t cipher_array_bits_per_second(srtp_cipher_t *cipher_array[],
+ int num_cipher,
+ unsigned octets_in_buffer,
+ int num_trials);
+
+srtp_err_status_t cipher_array_delete(srtp_cipher_t *cipher_array[],
+ int num_cipher);
+
+srtp_err_status_t cipher_array_alloc_init(srtp_cipher_t ***cipher_array,
+ int num_ciphers,
+ srtp_cipher_type_t *ctype,
+ int klen);
+
+void usage(char *prog_name)
+{
+ printf("usage: %s [ -t | -v | -a ]\n", prog_name);
+ exit(255);
+}
+
+void check_status(srtp_err_status_t s)
+{
+ if (s) {
+ printf("error (code %d)\n", s);
+ exit(s);
+ }
+ return;
+}
+
+/*
+ * null_cipher and srtp_aes_icm are the cipher meta-objects
+ * defined in the files in crypto/cipher subdirectory. these are
+ * declared external so that we can use these cipher types here
+ */
+
+extern srtp_cipher_type_t srtp_null_cipher;
+extern srtp_cipher_type_t srtp_aes_icm_128;
+extern srtp_cipher_type_t srtp_aes_icm_256;
+#ifdef GCM
+extern srtp_cipher_type_t srtp_aes_icm_192;
+extern srtp_cipher_type_t srtp_aes_gcm_128;
+extern srtp_cipher_type_t srtp_aes_gcm_256;
+#endif
+
+int main(int argc, char *argv[])
+{
+ srtp_cipher_t *c = NULL;
+ srtp_err_status_t status;
+ /* clang-format off */
+ unsigned char test_key[48] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
+ 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
+ };
+ /* clang-format on */
+ int q;
+ unsigned do_timing_test = 0;
+ unsigned do_validation = 0;
+ unsigned do_array_timing_test = 0;
+
+ /* process input arguments */
+ while (1) {
+ q = getopt_s(argc, argv, "tva");
+ if (q == -1)
+ break;
+ switch (q) {
+ case 't':
+ do_timing_test = 1;
+ break;
+ case 'v':
+ do_validation = 1;
+ break;
+ case 'a':
+ do_array_timing_test = 1;
+ break;
+ default:
+ usage(argv[0]);
+ }
+ }
+
+ printf("cipher test driver\n"
+ "David A. McGrew\n"
+ "Cisco Systems, Inc.\n");
+
+ if (!do_validation && !do_timing_test && !do_array_timing_test)
+ usage(argv[0]);
+
+ /* arry timing (cache thrash) test */
+ if (do_array_timing_test) {
+ int max_num_cipher = 1 << 16; /* number of ciphers in cipher_array */
+ int num_cipher;
+
+ for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8)
+ cipher_driver_test_array_throughput(&srtp_null_cipher, 0,
+ num_cipher);
+
+ for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8)
+ cipher_driver_test_array_throughput(
+ &srtp_aes_icm_128, SRTP_AES_ICM_128_KEY_LEN_WSALT, num_cipher);
+
+ for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8)
+ cipher_driver_test_array_throughput(
+ &srtp_aes_icm_256, SRTP_AES_ICM_256_KEY_LEN_WSALT, num_cipher);
+
+#ifdef GCM
+ for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8)
+ cipher_driver_test_array_throughput(
+ &srtp_aes_icm_192, SRTP_AES_ICM_192_KEY_LEN_WSALT, num_cipher);
+
+ for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8) {
+ cipher_driver_test_array_throughput(
+ &srtp_aes_gcm_128, SRTP_AES_GCM_128_KEY_LEN_WSALT, num_cipher);
+ }
+
+ for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8) {
+ cipher_driver_test_array_throughput(
+ &srtp_aes_gcm_256, SRTP_AES_GCM_256_KEY_LEN_WSALT, num_cipher);
+ }
+#endif
+ }
+
+ if (do_validation) {
+ cipher_driver_self_test(&srtp_null_cipher);
+ cipher_driver_self_test(&srtp_aes_icm_128);
+ cipher_driver_self_test(&srtp_aes_icm_256);
+#ifdef GCM
+ cipher_driver_self_test(&srtp_aes_icm_192);
+ cipher_driver_self_test(&srtp_aes_gcm_128);
+ cipher_driver_self_test(&srtp_aes_gcm_256);
+#endif
+ }
+
+ /* do timing and/or buffer_test on srtp_null_cipher */
+ status = srtp_cipher_type_alloc(&srtp_null_cipher, &c, 0, 0);
+ check_status(status);
+
+ status = srtp_cipher_init(c, NULL);
+ check_status(status);
+
+ if (do_timing_test)
+ cipher_driver_test_throughput(c);
+ if (do_validation) {
+ status = cipher_driver_test_buffering(c);
+ check_status(status);
+ }
+ status = srtp_cipher_dealloc(c);
+ check_status(status);
+
+ /* run the throughput test on the aes_icm cipher (128-bit key) */
+ status = srtp_cipher_type_alloc(&srtp_aes_icm_128, &c,
+ SRTP_AES_ICM_128_KEY_LEN_WSALT, 0);
+ if (status) {
+ fprintf(stderr, "error: can't allocate cipher\n");
+ exit(status);
+ }
+
+ status = srtp_cipher_init(c, test_key);
+ check_status(status);
+
+ if (do_timing_test)
+ cipher_driver_test_throughput(c);
+
+ if (do_validation) {
+ status = cipher_driver_test_buffering(c);
+ check_status(status);
+ }
+
+ status = srtp_cipher_dealloc(c);
+ check_status(status);
+
+ /* repeat the tests with 256-bit keys */
+ status = srtp_cipher_type_alloc(&srtp_aes_icm_256, &c,
+ SRTP_AES_ICM_256_KEY_LEN_WSALT, 0);
+ if (status) {
+ fprintf(stderr, "error: can't allocate cipher\n");
+ exit(status);
+ }
+
+ status = srtp_cipher_init(c, test_key);
+ check_status(status);
+
+ if (do_timing_test)
+ cipher_driver_test_throughput(c);
+
+ if (do_validation) {
+ status = cipher_driver_test_buffering(c);
+ check_status(status);
+ }
+
+ status = srtp_cipher_dealloc(c);
+ check_status(status);
+
+#ifdef GCM
+ /* run the throughput test on the aes_gcm_128 cipher */
+ status = srtp_cipher_type_alloc(&srtp_aes_gcm_128, &c,
+ SRTP_AES_GCM_128_KEY_LEN_WSALT, 8);
+ if (status) {
+ fprintf(stderr, "error: can't allocate GCM 128 cipher\n");
+ exit(status);
+ }
+ status = srtp_cipher_init(c, test_key);
+ check_status(status);
+ if (do_timing_test) {
+ cipher_driver_test_throughput(c);
+ }
+
+ // GCM ciphers don't do buffering; they're "one shot"
+
+ status = srtp_cipher_dealloc(c);
+ check_status(status);
+
+ /* run the throughput test on the aes_gcm_256 cipher */
+ status = srtp_cipher_type_alloc(&srtp_aes_gcm_256, &c,
+ SRTP_AES_GCM_256_KEY_LEN_WSALT, 16);
+ if (status) {
+ fprintf(stderr, "error: can't allocate GCM 256 cipher\n");
+ exit(status);
+ }
+ status = srtp_cipher_init(c, test_key);
+ check_status(status);
+ if (do_timing_test) {
+ cipher_driver_test_throughput(c);
+ }
+
+ // GCM ciphers don't do buffering; they're "one shot"
+
+ status = srtp_cipher_dealloc(c);
+ check_status(status);
+#endif
+
+ return 0;
+}
+
+void cipher_driver_test_throughput(srtp_cipher_t *c)
+{
+ int i;
+ int min_enc_len = 32;
+ int max_enc_len = 2048; /* should be a power of two */
+ int num_trials = 1000000;
+
+ printf("timing %s throughput, key length %d:\n", c->type->description,
+ c->key_len);
+ fflush(stdout);
+ for (i = min_enc_len; i <= max_enc_len; i = i * 2)
+ printf("msg len: %d\tgigabits per second: %f\n", i,
+ srtp_cipher_bits_per_second(c, i, num_trials) / 1e9);
+}
+
+srtp_err_status_t cipher_driver_self_test(srtp_cipher_type_t *ct)
+{
+ srtp_err_status_t status;
+
+ printf("running cipher self-test for %s...", ct->description);
+ status = srtp_cipher_type_self_test(ct);
+ if (status) {
+ printf("failed with error code %d\n", status);
+ exit(status);
+ }
+ printf("passed\n");
+
+ return srtp_err_status_ok;
+}
+
+/*
+ * cipher_driver_test_buffering(ct) tests the cipher's output
+ * buffering for correctness by checking the consistency of succesive
+ * calls
+ */
+
+#define INITIAL_BUFLEN 1024
+srtp_err_status_t cipher_driver_test_buffering(srtp_cipher_t *c)
+{
+ int i, j, num_trials = 1000;
+ unsigned len, buflen = INITIAL_BUFLEN;
+ uint8_t buffer0[INITIAL_BUFLEN], buffer1[INITIAL_BUFLEN], *current, *end;
+ uint8_t idx[16] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0x34 };
+ srtp_err_status_t status;
+
+ printf("testing output buffering for cipher %s...", c->type->description);
+
+ for (i = 0; i < num_trials; i++) {
+ /* set buffers to zero */
+ for (j = 0; j < (int)buflen; j++) {
+ buffer0[j] = buffer1[j] = 0;
+ }
+
+ /* initialize cipher */
+ status = srtp_cipher_set_iv(c, (uint8_t *)idx, srtp_direction_encrypt);
+ if (status)
+ return status;
+
+ /* generate 'reference' value by encrypting all at once */
+ status = srtp_cipher_encrypt(c, buffer0, &buflen);
+ if (status)
+ return status;
+
+ /* re-initialize cipher */
+ status = srtp_cipher_set_iv(c, (uint8_t *)idx, srtp_direction_encrypt);
+ if (status)
+ return status;
+
+ /* now loop over short lengths until buffer1 is encrypted */
+ current = buffer1;
+ end = buffer1 + buflen;
+ while (current < end) {
+ /* choose a short length */
+ len = srtp_cipher_rand_u32_for_tests() & 0x01f;
+
+ /* make sure that len doesn't cause us to overreach the buffer */
+ if (current + len > end)
+ len = end - current;
+
+ status = srtp_cipher_encrypt(c, current, &len);
+ if (status)
+ return status;
+
+ /* advance pointer into buffer1 to reflect encryption */
+ current += len;
+
+ /* if buffer1 is all encrypted, break out of loop */
+ if (current == end)
+ break;
+ }
+
+ /* compare buffers */
+ for (j = 0; j < (int)buflen; j++) {
+ if (buffer0[j] != buffer1[j]) {
+#if PRINT_DEBUG
+ printf("test case %d failed at byte %d\n", i, j);
+ printf("computed: %s\n",
+ octet_string_hex_string(buffer1, buflen));
+ printf("expected: %s\n",
+ octet_string_hex_string(buffer0, buflen));
+#endif
+ return srtp_err_status_algo_fail;
+ }
+ }
+ }
+
+ printf("passed\n");
+
+ return srtp_err_status_ok;
+}
+
+/*
+ * The function cipher_test_throughput_array() tests the effect of CPU
+ * cache thrash on cipher throughput.
+ *
+ * cipher_array_alloc_init(ctype, array, num_ciphers) creates an array
+ * of srtp_cipher_t of type ctype
+ */
+
+srtp_err_status_t cipher_array_alloc_init(srtp_cipher_t ***ca,
+ int num_ciphers,
+ srtp_cipher_type_t *ctype,
+ int klen)
+{
+ int i, j;
+ srtp_err_status_t status;
+ uint8_t *key;
+ srtp_cipher_t **cipher_array;
+ /* pad klen allocation, to handle aes_icm reading 16 bytes for the
+ 14-byte salt */
+ int klen_pad = ((klen + 15) >> 4) << 4;
+
+ /* allocate array of pointers to ciphers */
+ cipher_array = (srtp_cipher_t **)srtp_crypto_alloc(sizeof(srtp_cipher_t *) *
+ num_ciphers);
+ if (cipher_array == NULL)
+ return srtp_err_status_alloc_fail;
+
+ /* set ca to location of cipher_array */
+ *ca = cipher_array;
+
+ /* allocate key */
+ key = srtp_crypto_alloc(klen_pad);
+ if (key == NULL) {
+ srtp_crypto_free(cipher_array);
+ return srtp_err_status_alloc_fail;
+ }
+
+ /* allocate and initialize an array of ciphers */
+ for (i = 0; i < num_ciphers; i++) {
+ /* allocate cipher */
+ status = srtp_cipher_type_alloc(ctype, cipher_array, klen, 16);
+ if (status)
+ return status;
+
+ /* generate random key and initialize cipher */
+ srtp_cipher_rand_for_tests(key, klen);
+ for (j = klen; j < klen_pad; j++)
+ key[j] = 0;
+ status = srtp_cipher_init(*cipher_array, key);
+ if (status)
+ return status;
+
+ /* printf("%dth cipher is at %p\n", i, *cipher_array); */
+ /* printf("%dth cipher description: %s\n", i, */
+ /* (*cipher_array)->type->description); */
+
+ /* advance cipher array pointer */
+ cipher_array++;
+ }
+
+ srtp_crypto_free(key);
+
+ return srtp_err_status_ok;
+}
+
+srtp_err_status_t cipher_array_delete(srtp_cipher_t *cipher_array[],
+ int num_cipher)
+{
+ int i;
+
+ for (i = 0; i < num_cipher; i++) {
+ srtp_cipher_dealloc(cipher_array[i]);
+ }
+
+ srtp_crypto_free(cipher_array);
+
+ return srtp_err_status_ok;
+}
+
+/*
+ * cipher_array_bits_per_second(c, l, t) computes (an estimate of) the
+ * number of bits that a cipher implementation can encrypt in a second
+ * when distinct keys are used to encrypt distinct messages
+ *
+ * c is a cipher (which MUST be allocated an initialized already), l
+ * is the length in octets of the test data to be encrypted, and t is
+ * the number of trials
+ *
+ * if an error is encountered, the value 0 is returned
+ */
+
+uint64_t cipher_array_bits_per_second(srtp_cipher_t *cipher_array[],
+ int num_cipher,
+ unsigned octets_in_buffer,
+ int num_trials)
+{
+ int i;
+ v128_t nonce;
+ clock_t timer;
+ unsigned char *enc_buf;
+ int cipher_index = srtp_cipher_rand_u32_for_tests() % num_cipher;
+
+ /* Over-alloc, for NIST CBC padding */
+ enc_buf = srtp_crypto_alloc(octets_in_buffer + 17);
+ if (enc_buf == NULL)
+ return 0; /* indicate bad parameters by returning null */
+
+ /* time repeated trials */
+ v128_set_to_zero(&nonce);
+ timer = clock();
+ for (i = 0; i < num_trials; i++, nonce.v32[3] = i) {
+ /* length parameter to srtp_cipher_encrypt is in/out -- out is total,
+ * padded
+ * length -- so reset it each time. */
+ unsigned octets_to_encrypt = octets_in_buffer;
+
+ /* encrypt buffer with cipher */
+ srtp_cipher_set_iv(cipher_array[cipher_index], (uint8_t *)&nonce,
+ srtp_direction_encrypt);
+ srtp_cipher_encrypt(cipher_array[cipher_index], enc_buf,
+ &octets_to_encrypt);
+
+ /* choose a cipher at random from the array*/
+ cipher_index = (*((uint32_t *)enc_buf)) % num_cipher;
+ }
+ timer = clock() - timer;
+
+ srtp_crypto_free(enc_buf);
+
+ if (timer == 0) {
+ /* Too fast! */
+ return 0;
+ }
+
+ return (uint64_t)CLOCKS_PER_SEC * num_trials * 8 * octets_in_buffer / timer;
+}
+
+void cipher_array_test_throughput(srtp_cipher_t *ca[], int num_cipher)
+{
+ int i;
+ int min_enc_len = 16;
+ int max_enc_len = 2048; /* should be a power of two */
+ int num_trials = 1000000;
+
+ printf("timing %s throughput with key length %d, array size %d:\n",
+ (ca[0])->type->description, (ca[0])->key_len, num_cipher);
+ fflush(stdout);
+ for (i = min_enc_len; i <= max_enc_len; i = i * 4)
+ printf("msg len: %d\tgigabits per second: %f\n", i,
+ cipher_array_bits_per_second(ca, num_cipher, i, num_trials) /
+ 1e9);
+}
+
+srtp_err_status_t cipher_driver_test_array_throughput(srtp_cipher_type_t *ct,
+ int klen,
+ int num_cipher)
+{
+ srtp_cipher_t **ca = NULL;
+ srtp_err_status_t status;
+
+ status = cipher_array_alloc_init(&ca, num_cipher, ct, klen);
+ if (status) {
+ printf("error: cipher_array_alloc_init() failed with error code %d\n",
+ status);
+ return status;
+ }
+
+ cipher_array_test_throughput(ca, num_cipher);
+
+ cipher_array_delete(ca, num_cipher);
+
+ return srtp_err_status_ok;
+}
diff --git a/third_party/libsrtp/src/crypto/test/datatypes_driver.c b/third_party/libsrtp/src/crypto/test/datatypes_driver.c
new file mode 100644
index 0000000000..db1be7f668
--- /dev/null
+++ b/third_party/libsrtp/src/crypto/test/datatypes_driver.c
@@ -0,0 +1,222 @@
+/*
+ * datatypes_driver.c
+ *
+ * a test driver for crypto/math datatypes
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2017, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h> /* for printf() */
+#include <string.h> /* for strlen() */
+#include "datatypes.h"
+#include "util.h"
+
+void byte_order(void);
+
+void test_hex_string_funcs(void);
+
+void print_string(char *s);
+
+void test_bswap(void);
+
+void test_set_to_zero(void);
+
+int main(void)
+{
+ /*
+ * this program includes various and sundry tests for fundamental
+ * datatypes. it's a grab-bag of throwaway code, retained only in
+ * case of future problems
+ */
+
+ int i, j;
+ v128_t x;
+ char *r = "The Moving Finger writes; and, having writ,\n"
+ "Moves on: nor all thy Piety nor Wit\n"
+ "Shall lure it back to cancel half a Line,\n"
+ "Nor all thy Tears wash out a Word of it.";
+ char *s = "incomplet";
+
+ print_string(r);
+ print_string(s);
+
+ byte_order();
+ test_hex_string_funcs();
+
+ for (j = 0; j < 128; j++) {
+ v128_set_to_zero(&x);
+ /* x.v32[0] = (1 << j); */
+ v128_set_bit(&x, j);
+ printf("%s\n", v128_bit_string(&x));
+ v128_clear_bit(&x, j);
+ printf("%s\n", v128_bit_string(&x));
+ }
+
+ printf("----------------------------------------------\n");
+ v128_set_to_zero(&x);
+ for (i = 0; i < 128; i++) {
+ v128_set_bit(&x, i);
+ }
+ printf("%s\n", v128_bit_string(&x));
+
+ printf("----------------------------------------------\n");
+ v128_set_to_zero(&x);
+ v128_set_bit(&x, 127);
+ for (i = 0; i < 128; i++) {
+ printf("%s\n", v128_bit_string(&x));
+ v128_left_shift(&x, 1);
+ }
+ printf("----------------------------------------------\n");
+ for (i = 0; i < 128; i++) {
+ v128_set_to_zero(&x);
+ v128_set_bit(&x, 127);
+ v128_left_shift(&x, i);
+ printf("%s\n", v128_bit_string(&x));
+ }
+ printf("----------------------------------------------\n");
+ v128_set_to_zero(&x);
+ for (i = 0; i < 128; i += 2) {
+ v128_set_bit(&x, i);
+ }
+ printf("bit_string: { %s }\n", v128_bit_string(&x));
+ printf("get_bit: { ");
+ for (i = 0; i < 128; i++) {
+ if (v128_get_bit(&x, i) == 1)
+ printf("1");
+ else
+ printf("0");
+ }
+ printf(" } \n");
+
+ test_bswap();
+ test_set_to_zero();
+
+ return 0;
+}
+
+/* byte_order() prints out byte ordering of datatypes */
+
+void byte_order(void)
+{
+ int i;
+ v128_t e;
+
+ printf("byte ordering of crypto/math datatypes:\n");
+ for (i = 0; i < sizeof(e); i++)
+ e.v8[i] = i;
+ printf("v128_t: %s\n", v128_hex_string(&e));
+}
+
+void test_hex_string_funcs(void)
+{
+ char hex1[] = "abadcafe";
+ char hex2[] = "0123456789abcdefqqqqq";
+ char raw[10];
+ int len;
+
+ len = hex_string_to_octet_string(raw, hex1, strlen(hex1));
+ printf("computed length: %d\tstring: %s\n", len,
+ octet_string_hex_string(raw, len / 2));
+ printf("expected length: %u\tstring: %s\n", (unsigned)strlen(hex1), hex1);
+
+ len = hex_string_to_octet_string(raw, hex2, strlen(hex2));
+ printf("computed length: %d\tstring: %s\n", len,
+ octet_string_hex_string(raw, len / 2));
+ printf("expected length: %d\tstring: %s\n", 16, "0123456789abcdef");
+}
+
+void print_string(char *s)
+{
+ size_t i;
+ printf("%s\n", s);
+ printf("strlen(s) = %u\n", (unsigned)strlen(s));
+ printf("{ ");
+ for (i = 0; i < strlen(s); i++) {
+ printf("0x%x, ", s[i]);
+ if (((i + 1) % 8) == 0)
+ printf("\n ");
+ }
+ printf("}\n");
+}
+
+void test_bswap(void)
+{
+ uint32_t x = 0x11223344;
+ uint64_t y = 0x1122334455667788LL;
+
+ printf("before: %0x\nafter: %0x\n", x, (unsigned int)be32_to_cpu(x));
+ printf("before: %0llx\nafter: %0llx\n", (unsigned long long)y,
+ (unsigned long long)be64_to_cpu(y));
+
+ y = 1234;
+
+ printf("1234: %0llx\n", (unsigned long long)y);
+ printf("as octet string: %s\n", octet_string_hex_string((uint8_t *)&y, 8));
+ y = be64_to_cpu(y);
+ printf("bswapped octet string: %s\n",
+ octet_string_hex_string((uint8_t *)&y, 8));
+}
+
+void test_set_to_zero(void)
+{
+#define BUFFER_SIZE (16)
+ uint8_t buffer[BUFFER_SIZE];
+ size_t i;
+
+ for (i = 0; i < BUFFER_SIZE; i++) {
+ buffer[i] = i & 0xff;
+ }
+ printf("Buffer before: %s\n", octet_string_hex_string(buffer, BUFFER_SIZE));
+ octet_string_set_to_zero(buffer, BUFFER_SIZE);
+ printf("Buffer after: %s\n", octet_string_hex_string(buffer, BUFFER_SIZE));
+ for (i = 0; i < BUFFER_SIZE; i++) {
+ if (buffer[i]) {
+ fprintf(stderr,
+ "Buffer contents not zero at position %zu (is %d)\n", i,
+ buffer[i]);
+ abort();
+ }
+ }
+#undef BUFFER_SIZE
+}
diff --git a/third_party/libsrtp/src/crypto/test/env.c b/third_party/libsrtp/src/crypto/test/env.c
new file mode 100644
index 0000000000..8c3f4edfac
--- /dev/null
+++ b/third_party/libsrtp/src/crypto/test/env.c
@@ -0,0 +1,89 @@
+/*
+ * env.c
+ *
+ * prints out a brief report on the build environment
+ *
+ * David McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright (c) 2001-2017 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <stdio.h>
+#include <string.h> /* for srtcmp() */
+#include "config.h"
+
+int main(void)
+{
+ int err_count = 0;
+
+#ifdef WORDS_BIGENDIAN
+ printf("CPU set to big-endian\t\t\t(WORDS_BIGENDIAN == 1)\n");
+#else
+ printf("CPU set to little-endian\t\t(WORDS_BIGENDIAN == 0)\n");
+#endif
+
+#ifdef CPU_RISC
+ printf("CPU set to RISC\t\t\t\t(CPU_RISC == 1)\n");
+#elif defined(CPU_CISC)
+ printf("CPU set to CISC\t\t\t\t(CPU_CISC == 1)\n");
+#else
+ printf(
+ "CPU set to an unknown type, probably due to a configuration error\n");
+ err_count++;
+#endif
+
+#ifdef CPU_ALTIVEC
+ printf("CPU set to ALTIVEC\t\t\t\t(CPU_ALTIVEC == 0)\n");
+#endif
+
+#ifndef NO_64BIT_MATH
+ printf("using native 64-bit type\t\t(NO_64_BIT_MATH == 0)\n");
+#else
+ printf("using built-in 64-bit math\t\t(NO_64_BIT_MATH == 1)\n");
+#endif
+
+#ifdef ERR_REPORTING_STDOUT
+ printf("using stdout for error reporting\t(ERR_REPORTING_STDOUT == 1)\n");
+#endif
+
+ if (err_count)
+ printf("warning: configuration is probably in error "
+ "(found %d problems)\n",
+ err_count);
+
+ return err_count;
+}
diff --git a/third_party/libsrtp/src/crypto/test/kernel_driver.c b/third_party/libsrtp/src/crypto/test/kernel_driver.c
new file mode 100644
index 0000000000..929a2470af
--- /dev/null
+++ b/third_party/libsrtp/src/crypto/test/kernel_driver.c
@@ -0,0 +1,115 @@
+/*
+ * kernel_driver.c
+ *
+ * a test driver for the crypto_kernel
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *
+ * Copyright(c) 2001-2017 Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h> /* for printf() */
+#include "getopt_s.h"
+#include "crypto_kernel.h"
+
+void usage(char *prog_name)
+{
+ printf("usage: %s [ -v ][ -d debug_module ]*\n", prog_name);
+ exit(255);
+}
+
+int main(int argc, char *argv[])
+{
+ int q;
+ int do_validation = 0;
+ srtp_err_status_t status;
+
+ if (argc == 1)
+ usage(argv[0]);
+
+ /* initialize kernel - we need to do this before anything else */
+ status = srtp_crypto_kernel_init();
+ if (status) {
+ printf("error: srtp_crypto_kernel init failed\n");
+ exit(1);
+ }
+ printf("srtp_crypto_kernel successfully initalized\n");
+
+ /* process input arguments */
+ while (1) {
+ q = getopt_s(argc, argv, "vd:");
+ if (q == -1)
+ break;
+ switch (q) {
+ case 'v':
+ do_validation = 1;
+ break;
+ case 'd':
+ status = srtp_crypto_kernel_set_debug_module(optarg_s, 1);
+ if (status) {
+ printf("error: set debug module (%s) failed\n", optarg_s);
+ exit(1);
+ }
+ break;
+ default:
+ usage(argv[0]);
+ }
+ }
+
+ if (do_validation) {
+ printf("checking srtp_crypto_kernel status...\n");
+ status = srtp_crypto_kernel_status();
+ if (status) {
+ printf("failed\n");
+ exit(1);
+ }
+ printf("srtp_crypto_kernel passed self-tests\n");
+ }
+
+ status = srtp_crypto_kernel_shutdown();
+ if (status) {
+ printf("error: srtp_crypto_kernel shutdown failed\n");
+ exit(1);
+ }
+ printf("srtp_crypto_kernel successfully shut down\n");
+
+ return 0;
+}
diff --git a/third_party/libsrtp/src/crypto/test/meson.build b/third_party/libsrtp/src/crypto/test/meson.build
new file mode 100644
index 0000000000..533431c54e
--- /dev/null
+++ b/third_party/libsrtp/src/crypto/test/meson.build
@@ -0,0 +1,41 @@
+# crypto test suite
+
+test_apps = [
+ 'cipher_driver',
+ 'datatypes_driver',
+ 'kernel_driver',
+ 'env',
+]
+
+if not use_openssl and not use_nss
+ test_apps += ['sha1_driver']
+endif
+
+foreach test_name : test_apps
+ test_exe = executable(test_name,
+ '@0@.c'.format(test_name), '../../test/getopt_s.c', '../../test/util.c',
+ include_directories: [config_incs, crypto_incs, srtp2_incs, test_incs],
+ dependencies: [srtp2_deps, syslibs],
+ link_with: libsrtp2_for_tests)
+ test(test_name, test_exe, args: ['-v'])
+endforeach
+
+if not use_openssl and not use_nss
+ test_exe = executable('aes_calc',
+ 'aes_calc.c', '../../test/getopt_s.c', '../../test/util.c',
+ include_directories: [config_incs, crypto_incs, srtp2_incs, test_incs],
+ dependencies: [srtp2_deps, syslibs],
+ link_with: libsrtp2_for_tests)
+
+ # data values used to test the aes_calc application for AES-128
+ k128 = '000102030405060708090a0b0c0d0e0f'
+ p128 = '00112233445566778899aabbccddeeff'
+ c128 = '69c4e0d86a7b0430d8cdb78070b4c55a'
+ test('aes_calc_128', test_exe, args: [k128, p128, c128])
+
+ # data values used to test the aes_calc application for AES-256
+ k256 = '000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f'
+ p256 = '00112233445566778899aabbccddeeff'
+ c256 = '8ea2b7ca516745bfeafc49904b496089'
+ test('aes_calc_256', test_exe, args: [k256, p256, c256])
+endif
diff --git a/third_party/libsrtp/src/crypto/test/sha1_driver.c b/third_party/libsrtp/src/crypto/test/sha1_driver.c
new file mode 100644
index 0000000000..c64b000f81
--- /dev/null
+++ b/third_party/libsrtp/src/crypto/test/sha1_driver.c
@@ -0,0 +1,387 @@
+/*
+ * sha1_driver.c
+ *
+ * a test driver for SHA-1
+ *
+ * David A. McGrew
+ * Cisco Systems, Inc.
+ */
+
+/*
+ *
+ * Copyright (c) 2001-2017, Cisco Systems, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * Neither the name of the Cisco Systems, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <string.h>
+#include "sha1.h"
+#include "util.h"
+
+#define SHA_PASS 0
+#define SHA_FAIL 1
+
+#define MAX_HASH_DATA_LEN 1024
+#define MAX_HASH_OUT_LEN 20
+
+typedef struct hash_test_case_t {
+ unsigned data_len; /* number of octets in data */
+ unsigned hash_len; /* number of octets output by hash */
+ uint8_t data[MAX_HASH_DATA_LEN]; /* message data */
+ uint8_t hash[MAX_HASH_OUT_LEN]; /* expected hash output */
+ struct hash_test_case_t *next_test_case;
+} hash_test_case_t;
+
+hash_test_case_t *sha1_test_case_list;
+
+srtp_err_status_t hash_test_case_add(hash_test_case_t **list_ptr,
+ char *hex_data,
+ unsigned data_len,
+ char *hex_hash,
+ unsigned hash_len)
+{
+ hash_test_case_t *list_head = *list_ptr;
+ hash_test_case_t *test_case;
+ unsigned tmp_len;
+
+ test_case = malloc(sizeof(hash_test_case_t));
+ if (test_case == NULL)
+ return srtp_err_status_alloc_fail;
+
+ tmp_len = hex_string_to_octet_string((char *)test_case->data, hex_data,
+ data_len * 2);
+ if (tmp_len != data_len * 2) {
+ free(test_case);
+ return srtp_err_status_parse_err;
+ }
+
+ tmp_len = hex_string_to_octet_string((char *)test_case->hash, hex_hash,
+ hash_len * 2);
+ if (tmp_len != hash_len * 2) {
+ free(test_case);
+ return srtp_err_status_parse_err;
+ }
+
+ test_case->data_len = data_len;
+ test_case->hash_len = hash_len;
+
+ /* add the new test case to the head of the list */
+ test_case->next_test_case = list_head;
+ *list_ptr = test_case;
+
+ return srtp_err_status_ok;
+}
+
+srtp_err_status_t sha1_test_case_validate(const hash_test_case_t *test_case)
+{
+ srtp_sha1_ctx_t ctx;
+ uint32_t hash_value[5];
+
+ if (test_case == NULL)
+ return srtp_err_status_bad_param;
+
+ if (test_case->hash_len != 20)
+ return srtp_err_status_bad_param;
+ if (test_case->data_len > MAX_HASH_DATA_LEN)
+ return srtp_err_status_bad_param;
+
+ srtp_sha1_init(&ctx);
+ srtp_sha1_update(&ctx, test_case->data, test_case->data_len);
+ srtp_sha1_final(&ctx, hash_value);
+ if (0 == memcmp(test_case->hash, hash_value, 20)) {
+#if VERBOSE
+ printf("PASSED: reference value: %s\n",
+ octet_string_hex_string((const uint8_t *)test_case->hash, 20));
+ printf("PASSED: computed value: %s\n",
+ octet_string_hex_string((const uint8_t *)hash_value, 20));
+#endif
+ return srtp_err_status_ok;
+ }
+
+ printf("reference value: %s\n",
+ octet_string_hex_string((const uint8_t *)test_case->hash, 20));
+ printf("computed value: %s\n",
+ octet_string_hex_string((const uint8_t *)hash_value, 20));
+
+ return srtp_err_status_algo_fail;
+}
+
+struct hex_sha1_test_case_t {
+ unsigned bit_len;
+ char hex_data[MAX_HASH_DATA_LEN * 2];
+ char hex_hash[40];
+};
+
+srtp_err_status_t sha1_add_test_cases(void)
+{
+ int i;
+ srtp_err_status_t err;
+
+ /*
+ * these test cases are taken from the "SHA-1 Sample Vectors"
+ * provided by NIST at http://csrc.nist.gov/cryptval/shs.html
+ */
+
+ struct hex_sha1_test_case_t tc[] = {
+ { 0, "", "da39a3ee5e6b4b0d3255bfef95601890afd80709" },
+ { 8, "a8", "99f2aa95e36f95c2acb0eaf23998f030638f3f15" },
+ { 16, "3000", "f944dcd635f9801f7ac90a407fbc479964dec024" },
+ { 24, "42749e", "a444319e9b6cc1e8464c511ec0969c37d6bb2619" },
+ { 32, "9fc3fe08", "16a0ff84fcc156fd5d3ca3a744f20a232d172253" },
+ { 40, "b5c1c6f1af", "fec9deebfcdedaf66dda525e1be43597a73a1f93" },
+ { 48, "e47571e5022e", "8ce051181f0ed5e9d0c498f6bc4caf448d20deb5" },
+ { 56, "3e1b28839fb758", "67da53837d89e03bf652ef09c369a3415937cfd3" },
+ { 64, "a81350cbb224cb90", "305e4ff9888ad855a78573cddf4c5640cce7e946" },
+ { 72, "c243d167923dec3ce1",
+ "5902b77b3265f023f9bbc396ba1a93fa3509bde7" },
+ { 80, "50ac18c59d6a37a29bf4",
+ "fcade5f5d156bf6f9af97bdfa9c19bccfb4ff6ab" },
+ { 88, "98e2b611ad3b1cccf634f6",
+ "1d20fbe00533c10e3cbd6b27088a5de0c632c4b5" },
+ { 96, "73fe9afb68e1e8712e5d4eec",
+ "7e1b7e0f7a8f3455a9c03e9580fd63ae205a2d93" },
+ { 104, "9e701ed7d412a9226a2a130e66",
+ "706f0677146307b20bb0e8d6311e329966884d13" },
+ { 112, "6d3ee90413b0a7cbf69e5e6144ca",
+ "a7241a703aaf0d53fe142f86bf2e849251fa8dff" },
+ { 120, "fae24d56514efcb530fd4802f5e71f",
+ "400f53546916d33ad01a5e6df66822dfbdc4e9e6" },
+ { 128, "c5a22dd6eda3fe2bdc4ddb3ce6b35fd1",
+ "fac8ab93c1ae6c16f0311872b984f729dc928ccd" },
+ { 136, "d98cded2adabf08fda356445c781802d95",
+ "fba6d750c18da58f6e2aab10112b9a5ef3301b3b" },
+ { 144, "bcc6d7087a84f00103ccb32e5f5487a751a2",
+ "29d27c2d44c205c8107f0351b05753ac708226b6" },
+ { 152, "36ecacb1055434190dbbc556c48bafcb0feb0d",
+ "b971bfc1ebd6f359e8d74cb7ecfe7f898d0ba845" },
+ { 160, "5ff9edb69e8f6bbd498eb4537580b7fba7ad31d0",
+ "96d08c430094b9fcc164ad2fb6f72d0a24268f68" },
+ { 168, "c95b441d8270822a46a798fae5defcf7b26abace36",
+ "a287ea752a593d5209e287881a09c49fa3f0beb1" },
+ { 176, "83104c1d8a55b28f906f1b72cb53f68cbb097b44f860",
+ "a06c713779cbd88519ed4a585ac0cb8a5e9d612b" },
+ { 184, "755175528d55c39c56493d697b790f099a5ce741f7754b",
+ "bff7d52c13a3688132a1d407b1ab40f5b5ace298" },
+ { 192, "088fc38128bbdb9fd7d65228b3184b3faac6c8715f07272f",
+ "c7566b91d7b6f56bdfcaa9781a7b6841aacb17e9" },
+ { 200, "a4a586eb9245a6c87e3adf1009ac8a49f46c07e14185016895",
+ "ffa30c0b5c550ea4b1e34f8a60ec9295a1e06ac1" },
+ { 208, "8e7c555270c006092c2a3189e2a526b873e2e269f0fb28245256",
+ "29e66ed23e914351e872aa761df6e4f1a07f4b81" },
+ { 216, "a5f3bfa6bb0ba3b59f6b9cbdef8a558ec565e8aa3121f405e7f2f0",
+ "b28cf5e5b806a01491d41f69bd9248765c5dc292" },
+ { 224, "589054f0d2bd3c2c85b466bfd8ce18e6ec3e0b87d944cd093ba36469",
+ "60224fb72c46069652cd78bcd08029ef64da62f3" },
+ { 232, "a0abb12083b5bbc78128601bf1cbdbc0fdf4b862b24d899953d8da0ff3",
+ "b72c4a86f72608f24c05f3b9088ef92fba431df7" },
+ { 240, "82143f4cea6fadbf998e128a8811dc75301cf1db4f079501ea568da68eeb",
+ "73779ad5d6b71b9b8328ef7220ff12eb167076ac" },
+ { 248, "9f1231dd6df1ff7bc0b0d4f989d048672683ce35d956d2f57913046267e6f3",
+ "a09671d4452d7cf50015c914a1e31973d20cc1a0" },
+ { 256,
+ "041c512b5eed791f80d3282f3a28df263bb1df95e1239a7650e5670fc2187919",
+ "e88cdcd233d99184a6fd260b8fca1b7f7687aee0" },
+ { 264,
+ "17e81f6ae8c2e5579d69dafa6e070e7111461552d314b691e7a3e7a4feb3fae418",
+ "010def22850deb1168d525e8c84c28116cb8a269" },
+ { 272, "d15976b23a1d712ad28fad04d805f572026b54dd64961fda94d5355a0cc9862"
+ "0cf77",
+ "aeaa40ba1717ed5439b1e6ea901b294ba500f9ad" },
+ { 280, "09fce4d434f6bd32a44e04b848ff50ec9f642a8a85b37a264dc73f130f22838"
+ "443328f",
+ "c6433791238795e34f080a5f1f1723f065463ca0" },
+ { 288, "f17af27d776ec82a257d8d46d2b46b639462c56984cc1be9c1222eadb8b2659"
+ "4a25c709d",
+ "e21e22b89c1bb944a32932e6b2a2f20d491982c3" },
+ { 296, "b13ce635d6f8758143ffb114f2f601cb20b6276951416a2f94fbf4ad081779d"
+ "79f4f195b22",
+ "575323a9661f5d28387964d2ba6ab92c17d05a8a" },
+ { 304, "5498793f60916ff1c918dde572cdea76da8629ba4ead6d065de3dfb48de94d2"
+ "34cc1c5002910",
+ "feb44494af72f245bfe68e86c4d7986d57c11db7" },
+ { 312, "498a1e0b39fa49582ae688cd715c86fbaf8a81b8b11b4d1594c49c902d197c8"
+ "ba8a621fd6e3be5",
+ "cff2290b3648ba2831b98dde436a72f9ebf51eee" },
+ { 320, "3a36ae71521f9af628b3e34dcb0d4513f84c78ee49f10416a98857150b8b15c"
+ "b5c83afb4b570376e",
+ "9b4efe9d27b965905b0c3dab67b8d7c9ebacd56c" },
+ { 328, "dcc76b40ae0ea3ba253e92ac50fcde791662c5b6c948538cffc2d95e9de99ca"
+ "c34dfca38910db2678f",
+ "afedb0ff156205bcd831cbdbda43db8b0588c113" },
+ { 336, "5b5ec6ec4fd3ad9c4906f65c747fd4233c11a1736b6b228b92e90cddabb0c7c"
+ "2fcf9716d3fad261dff33",
+ "8deb1e858f88293a5e5e4d521a34b2a4efa70fc4" },
+ { 344, "df48a37b29b1d6de4e94717d60cdb4293fcf170bba388bddf7a9035a15d433f"
+ "20fd697c3e4c8b8c5f590ab",
+ "95cbdac0f74afa69cebd0e5c7defbc6faf0cbeaf" },
+ { 352, "1f179b3b82250a65e1b0aee949e218e2f45c7a8dbfd6ba08de05c55acfc226b"
+ "48c68d7f7057e5675cd96fcfc",
+ "f0307bcb92842e5ae0cd4f4f14f3df7f877fbef2" },
+ { 360, "ee3d72da3a44d971578972a8e6780ce64941267e0f7d0179b214fa97855e179"
+ "0e888e09fbe3a70412176cb3b54",
+ "7b13bb0dbf14964bd63b133ac85e22100542ef55" },
+ { 368, "d4d4c7843d312b30f610b3682254c8be96d5f6684503f8fbfbcd15774fc1b08"
+ "4d3741afb8d24aaa8ab9c104f7258",
+ "c314d2b6cf439be678d2a74e890d96cfac1c02ed" },
+ { 376, "32c094944f5936a190a0877fb9178a7bf60ceae36fd530671c5b38c5dbd5e6a"
+ "6c0d615c2ac8ad04b213cc589541cf6",
+ "4d0be361e410b47a9d67d8ce0bb6a8e01c53c078" },
+ { 384, "e5d3180c14bf27a5409fa12b104a8fd7e9639609bfde6ee82bbf9648be2546d"
+ "29688a65e2e3f3da47a45ac14343c9c02",
+ "e5353431ffae097f675cbf498869f6fbb6e1c9f2" },
+ { 392, "e7b6e4b69f724327e41e1188a37f4fe38b1dba19cbf5a7311d6e32f1038e97a"
+ "b506ee05aebebc1eed09fc0e357109818b9",
+ "b8720a7068a085c018ab18961de2765aa6cd9ac4" },
+ { 400, "bc880cb83b8ac68ef2fedc2da95e7677ce2aa18b0e2d8b322701f67af7d5e7a"
+ "0d96e9e33326ccb7747cfff0852b961bfd475",
+ "b0732181568543ba85f2b6da602b4b065d9931aa" },
+ { 408, "235ea9c2ba7af25400f2e98a47a291b0bccdaad63faa2475721fda5510cc7da"
+ "d814bce8dabb611790a6abe56030b798b75c944",
+ "9c22674cf3222c3ba921672694aafee4ce67b96b" },
+ { 416, "07e3e29fed63104b8410f323b975fd9fba53f636af8c4e68a53fb202ca35dd9"
+ "ee07cb169ec5186292e44c27e5696a967f5e67709",
+ "d128335f4cecca9066cdae08958ce656ff0b4cfc" },
+ { 424, "65d2a1dd60a517eb27bfbf530cf6a5458f9d5f4730058bd9814379547f34241"
+ "822bf67e6335a6d8b5ed06abf8841884c636a25733f",
+ "0b67c57ac578de88a2ae055caeaec8bb9b0085a0" },
+ { 432, "dcc86b3bd461615bab739d8daafac231c0f462e819ad29f9f14058f3ab5b759"
+ "41d4241ea2f17ebb8a458831b37a9b16dead4a76a9b0e",
+ "c766f912a89d4ccda88e0cce6a713ef5f178b596" },
+ { 440, "4627d54f0568dc126b62a8c35fb46a9ac5024400f2995e51635636e1afc4373"
+ "dbb848eb32df23914230560b82477e9c3572647a7f2bb92",
+ "9aa3925a9dcb177b15ccff9b78e70cf344858779" },
+ { 448, "ba531affd4381168ef24d8b275a84d9254c7f5cc55fded53aa8024b2c5c5c8a"
+ "a7146fe1d1b83d62b70467e9a2e2cb67b3361830adbab28d7",
+ "4811fa30042fc076acf37c8e2274d025307e5943" },
+ { 456, "8764dcbcf89dcf4282eb644e3d568bdccb4b13508bfa7bfe0ffc05efd1390be"
+ "22109969262992d377691eb4f77f3d59ea8466a74abf57b2ef4",
+ "6743018450c9730761ee2b130df9b91c1e118150" },
+ { 464, "497d9df9ddb554f3d17870b1a31986c1be277bc44feff713544217a9f579623"
+ "d18b5ffae306c25a45521d2759a72c0459b58957255ab592f3be4",
+ "71ad4a19d37d92a5e6ef3694ddbeb5aa61ada645" },
+ { 472, "72c3c2e065aefa8d9f7a65229e818176eef05da83f835107ba90ec2e95472e7"
+ "3e538f783b416c04654ba8909f26a12db6e5c4e376b7615e4a25819",
+ "a7d9dc68dacefb7d6116186048cb355cc548e11d" },
+ { 480, "7cc9894454d0055ab5069a33984e2f712bef7e3124960d33559f5f3b81906bb"
+ "66fe64da13c153ca7f5cabc89667314c32c01036d12ecaf5f9a78de98",
+ "142e429f0522ba5abf5131fa81df82d355b96909" },
+ { 488, "74e8404d5a453c5f4d306f2cfa338ca65501c840ddab3fb82117933483afd69"
+ "13c56aaf8a0a0a6b2a342fc3d9dc7599f4a850dfa15d06c61966d74ea59",
+ "ef72db70dcbcab991e9637976c6faf00d22caae9" },
+ { 496, "46fe5ed326c8fe376fcc92dc9e2714e2240d3253b105adfbb256ff7a19bc409"
+ "75c604ad7c0071c4fd78a7cb64786e1bece548fa4833c04065fe593f6fb10",
+ "f220a7457f4588d639dc21407c942e9843f8e26b" },
+ { 504, "836dfa2524d621cf07c3d2908835de859e549d35030433c796b81272fd8bc03"
+ "48e8ddbc7705a5ad1fdf2155b6bc48884ac0cd376925f069a37849c089c864"
+ "5",
+ "ddd2117b6e309c233ede85f962a0c2fc215e5c69" },
+ { 512, "7e3a4c325cb9c52b88387f93d01ae86d42098f5efa7f9457388b5e74b6d28b2"
+ "438d42d8b64703324d4aa25ab6aad153ae30cd2b2af4d5e5c00a8a2d0220c61"
+ "16",
+ "a3054427cdb13f164a610b348702724c808a0dcc" }
+ };
+
+ for (i = 0; i < 65; i++) {
+ err = hash_test_case_add(&sha1_test_case_list, tc[i].hex_data,
+ tc[i].bit_len / 8, tc[i].hex_hash, 20);
+ if (err) {
+ printf("error adding hash test case (code %d)\n", err);
+ return err;
+ }
+ }
+
+ return srtp_err_status_ok;
+}
+
+srtp_err_status_t sha1_dealloc_test_cases(void)
+{
+ hash_test_case_t *t, *next;
+
+ for (t = sha1_test_case_list; t != NULL; t = next) {
+ next = t->next_test_case;
+ free(t);
+ }
+
+ sha1_test_case_list = NULL;
+
+ return srtp_err_status_ok;
+}
+
+srtp_err_status_t sha1_validate(void)
+{
+ hash_test_case_t *test_case;
+ srtp_err_status_t err;
+
+ err = sha1_add_test_cases();
+ if (err) {
+ printf("error adding SHA1 test cases (error code %d)\n", err);
+ return err;
+ }
+
+ if (sha1_test_case_list == NULL)
+ return srtp_err_status_cant_check;
+
+ test_case = sha1_test_case_list;
+ while (test_case != NULL) {
+ err = sha1_test_case_validate(test_case);
+ if (err) {
+ printf("error validating hash test case (error code %d)\n", err);
+ return err;
+ }
+ test_case = test_case->next_test_case;
+ }
+
+ sha1_dealloc_test_cases();
+
+ return srtp_err_status_ok;
+}
+
+int main(void)
+{
+ srtp_err_status_t err;
+
+ printf("sha1 test driver\n");
+
+ err = sha1_validate();
+ if (err) {
+ printf("SHA1 did not pass validation testing\n");
+ return 1;
+ }
+ printf("SHA1 passed validation tests\n");
+
+ return 0;
+}