From f4b12883579af918653904d3f1351d9a454d5e6f Mon Sep 17 00:00:00 2001
From: Stef Walter <stef@memberwebs.com>
Date: Mon, 16 Nov 2009 20:52:55 +0000
Subject: Implement testing of DH key pair generation

---
 src/dh.c | 91 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 91 insertions(+)
 create mode 100644 src/dh.c

(limited to 'src/dh.c')

diff --git a/src/dh.c b/src/dh.c
new file mode 100644
index 0000000..3325caa
--- /dev/null
+++ b/src/dh.c
@@ -0,0 +1,91 @@
+
+#include "p11-tests-lib.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <openssl/dh.h>
+
+static void
+test_dh_key_pair_gen (CK_SLOT_ID slot, CK_MECHANISM_TYPE mech, CK_MECHANISM_INFO_PTR info)
+{
+	CK_SESSION_HANDLE session;
+
+	session = p11t_session_open(slot, 0);
+	if(session == CK_INVALID || !p11t_session_login (session))
+		return;
+
+	p11t_dh_test_generate_pair (session);
+}
+
+void
+p11t_dh_tests (void)
+{
+	p11t_slot_for_each_mech (CKM_DH_PKCS_KEY_PAIR_GEN, test_dh_key_pair_gen);
+}
+
+int
+p11t_dh_test_generate_pair (CK_SESSION_HANDLE session)
+{
+	CK_ATTRIBUTE pub_attrs[3];
+	CK_ATTRIBUTE priv_attrs[3];
+	CK_MECHANISM mech;
+	CK_OBJECT_HANDLE pub_key;
+	CK_OBJECT_HANDLE priv_key;
+	CK_ULONG bits;
+	CK_RV rv;
+	DH *dh;
+
+	P11T_SECTION ("C_GenerateKeyPair");
+
+	dh = DH_generate_parameters (256, 2, NULL, NULL);
+	assert (dh);
+
+	pub_attrs[0].type = CKA_PRIME;
+	pub_attrs[0].ulValueLen = BN_num_bytes (dh->p);
+	pub_attrs[0].pValue = alloca (pub_attrs[0].ulValueLen);
+	BN_bn2bin (dh->p, (unsigned char*)pub_attrs[0].pValue);
+
+	pub_attrs[1].type = CKA_BASE;
+	pub_attrs[1].ulValueLen = BN_num_bytes (dh->g);
+	pub_attrs[1].pValue = alloca (pub_attrs[1].ulValueLen);
+	BN_bn2bin (dh->g, (unsigned char*)pub_attrs[1].pValue);
+
+	priv_attrs[0].type = CKA_PRIME;
+	priv_attrs[0].ulValueLen = BN_num_bytes (dh->p);
+	priv_attrs[0].pValue = alloca (priv_attrs[0].ulValueLen);
+	BN_bn2bin (dh->p, (unsigned char*)priv_attrs[0].pValue);
+
+	priv_attrs[1].type = CKA_BASE;
+	priv_attrs[1].ulValueLen = BN_num_bytes (dh->g);
+	priv_attrs[1].pValue = alloca (priv_attrs[1].ulValueLen);
+	BN_bn2bin (dh->g, (unsigned char*)priv_attrs[1].pValue);
+
+	priv_attrs[2].type = CKA_VALUE_BITS;
+	priv_attrs[2].ulValueLen = sizeof (bits);
+	priv_attrs[2].pValue = &bits;
+
+	mech.mechanism = CKM_DH_PKCS_KEY_PAIR_GEN;
+	mech.pParameter = NULL;
+	mech.ulParameterLen = 0;
+
+	if (p11t_test_unexpected) {
+		rv = (p11t_module_funcs->C_GenerateKeyPair) (session, &mech, pub_attrs, 0, priv_attrs, 0, &pub_key, &priv_key);
+		P11T_CHECK_RV ("DH Key Pair without CKA_PRIME", rv, CKR_TEMPLATE_INCOMPLETE);
+
+		bits = 1024;
+		rv = (p11t_module_funcs->C_GenerateKeyPair) (session, &mech, pub_attrs, 2, priv_attrs, 3, &pub_key, &priv_key);
+		P11T_CHECK_RV ("DH Key Pair with CKA_VALUE_BITS larger than CKA_PRIME", rv, CKR_TEMPLATE_INCONSISTENT);
+	}
+
+	bits = 256;
+	rv = (p11t_module_funcs->C_GenerateKeyPair) (session, &mech, pub_attrs, 2, priv_attrs, 3, &pub_key, &priv_key);
+	P11T_CHECK_RV ("DH Key Pair", rv, CKR_OK);
+
+	p11t_key_test (session, pub_key, CKO_PUBLIC_KEY);
+	p11t_key_test (session, priv_key, CKO_PRIVATE_KEY);
+
+	/* Test corner cases */
+	return p11t_object_generate_pair_bad (session, CKM_DH_PKCS_KEY_PAIR_GEN);
+}
-- 
cgit v1.2.3