diff options
Diffstat (limited to 'tests/fips-rsa-sizes.c')
-rw-r--r-- | tests/fips-rsa-sizes.c | 56 |
1 files changed, 26 insertions, 30 deletions
diff --git a/tests/fips-rsa-sizes.c b/tests/fips-rsa-sizes.c index 257f83d0b5..13089e3741 100644 --- a/tests/fips-rsa-sizes.c +++ b/tests/fips-rsa-sizes.c @@ -26,19 +26,17 @@ #include <gnutls/abstract.h> #include <gnutls/x509.h> - -void generate_successfully(gnutls_privkey_t* privkey, gnutls_pubkey_t* pubkey, - unsigned int size); -void generate_unsuccessfully(gnutls_privkey_t* privkey, gnutls_pubkey_t* pubkey, - unsigned int size); +void generate_successfully(gnutls_privkey_t * privkey, gnutls_pubkey_t * pubkey, + unsigned int size); +void generate_unsuccessfully(gnutls_privkey_t * privkey, + gnutls_pubkey_t * pubkey, unsigned int size); void sign_verify_successfully(gnutls_privkey_t privkey, gnutls_pubkey_t pubkey); void sign_verify_unsuccessfully(gnutls_privkey_t privkey, - gnutls_pubkey_t pubkey); + gnutls_pubkey_t pubkey); void nosign_verify(gnutls_privkey_t privkey, gnutls_pubkey_t pubkey); - -void generate_successfully(gnutls_privkey_t* privkey, gnutls_pubkey_t* pubkey, - unsigned int size) +void generate_successfully(gnutls_privkey_t * privkey, gnutls_pubkey_t * pubkey, + unsigned int size) { int ret; gnutls_x509_privkey_t xprivkey; @@ -74,9 +72,8 @@ void generate_successfully(gnutls_privkey_t* privkey, gnutls_pubkey_t* pubkey, gnutls_fips140_context_deinit(fips_context); } - -void generate_unsuccessfully(gnutls_privkey_t* privkey, gnutls_pubkey_t* pubkey, - unsigned int size) +void generate_unsuccessfully(gnutls_privkey_t * privkey, + gnutls_pubkey_t * pubkey, unsigned int size) { int ret; gnutls_x509_privkey_t xprivkey; @@ -130,14 +127,14 @@ void generate_unsuccessfully(gnutls_privkey_t* privkey, gnutls_pubkey_t* pubkey, gnutls_fips140_context_deinit(fips_context); } - -void sign_verify_successfully(gnutls_privkey_t privkey, gnutls_pubkey_t pubkey) { +void sign_verify_successfully(gnutls_privkey_t privkey, gnutls_pubkey_t pubkey) +{ int ret; gnutls_fips140_context_t fips_context; gnutls_datum_t signature; gnutls_datum_t plaintext = { - .data = (unsigned char* const) "Hello world!", + .data = (unsigned char *const)"Hello world!", .size = 12 }; assert(gnutls_fips140_context_init(&fips_context) == 0); @@ -145,7 +142,7 @@ void sign_verify_successfully(gnutls_privkey_t privkey, gnutls_pubkey_t pubkey) /* RSA sign: approved */ FIPS_PUSH_CONTEXT(); ret = gnutls_privkey_sign_data(privkey, GNUTLS_DIG_SHA256, 0, - &plaintext, &signature); + &plaintext, &signature); if (ret < 0) fail("gnutls_privkey_sign_data failed\n"); FIPS_POP_CONTEXT(APPROVED); @@ -153,7 +150,7 @@ void sign_verify_successfully(gnutls_privkey_t privkey, gnutls_pubkey_t pubkey) /* RSA verify: approved */ FIPS_PUSH_CONTEXT(); ret = gnutls_pubkey_verify_data2(pubkey, GNUTLS_SIGN_RSA_SHA256, 0, - &plaintext, &signature); + &plaintext, &signature); if (ret < 0) fail("gnutls_pubkey_verify_data2 failed\n"); FIPS_POP_CONTEXT(APPROVED); @@ -162,15 +159,15 @@ void sign_verify_successfully(gnutls_privkey_t privkey, gnutls_pubkey_t pubkey) gnutls_fips140_context_deinit(fips_context); } - void sign_verify_unsuccessfully(gnutls_privkey_t privkey, - gnutls_pubkey_t pubkey) { + gnutls_pubkey_t pubkey) +{ int ret; gnutls_fips140_context_t fips_context; gnutls_datum_t signature; gnutls_datum_t plaintext = { - .data = (unsigned char* const) "Hello world!", + .data = (unsigned char *const)"Hello world!", .size = 12 }; assert(gnutls_fips140_context_init(&fips_context) == 0); @@ -178,7 +175,7 @@ void sign_verify_unsuccessfully(gnutls_privkey_t privkey, /* small key RSA sign: not approved */ FIPS_PUSH_CONTEXT(); ret = gnutls_privkey_sign_data(privkey, GNUTLS_DIG_SHA256, 0, - &plaintext, &signature); + &plaintext, &signature); if (ret < 0) fail("gnutls_privkey_sign_data failed\n"); FIPS_POP_CONTEXT(NOT_APPROVED); @@ -186,7 +183,7 @@ void sign_verify_unsuccessfully(gnutls_privkey_t privkey, /* small key RSA verify: not approved */ FIPS_PUSH_CONTEXT(); ret = gnutls_pubkey_verify_data2(pubkey, GNUTLS_SIGN_RSA_SHA256, 0, - &plaintext, &signature); + &plaintext, &signature); if (ret < 0) fail("gnutls_pubkey_verify_data2 failed\n"); FIPS_POP_CONTEXT(NOT_APPROVED); @@ -197,14 +194,14 @@ void sign_verify_unsuccessfully(gnutls_privkey_t privkey, gnutls_fips140_context_deinit(fips_context); } - -void nosign_verify(gnutls_privkey_t privkey, gnutls_pubkey_t pubkey) { +void nosign_verify(gnutls_privkey_t privkey, gnutls_pubkey_t pubkey) +{ int ret; gnutls_fips140_context_t fips_context; gnutls_datum_t signature; gnutls_datum_t plaintext = { - .data = (unsigned char* const) "Hello world!", + .data = (unsigned char *const)"Hello world!", .size = 12 }; assert(gnutls_fips140_context_init(&fips_context) == 0); @@ -212,7 +209,7 @@ void nosign_verify(gnutls_privkey_t privkey, gnutls_pubkey_t pubkey) { /* 1024, 1280, 1536, 1792 key RSA sign: not approved */ FIPS_PUSH_CONTEXT(); ret = gnutls_privkey_sign_data(privkey, GNUTLS_DIG_SHA256, 0, - &plaintext, &signature); + &plaintext, &signature); if (ret < 0) fail("gnutls_privkey_sign_data failed\n"); FIPS_POP_CONTEXT(NOT_APPROVED); @@ -222,7 +219,7 @@ void nosign_verify(gnutls_privkey_t privkey, gnutls_pubkey_t pubkey) { assert(gnutls_fips140_mode_enabled() == GNUTLS_FIPS140_LAX); ret = gnutls_privkey_sign_data(privkey, GNUTLS_DIG_SHA256, 0, - &plaintext, &signature); + &plaintext, &signature); if (ret < 0) fail("gnutls_privkey_sign_data failed\n"); @@ -232,7 +229,7 @@ void nosign_verify(gnutls_privkey_t privkey, gnutls_pubkey_t pubkey) { /* 1024, 1280, 1536, 1792 key RSA verify: approved (exception) */ FIPS_PUSH_CONTEXT(); ret = gnutls_pubkey_verify_data2(pubkey, GNUTLS_SIGN_RSA_SHA256, 0, - &plaintext, &signature); + &plaintext, &signature); if (ret < 0) fail("gnutls_pubkey_verify_data2 failed\n"); FIPS_POP_CONTEXT(APPROVED); @@ -243,7 +240,6 @@ void nosign_verify(gnutls_privkey_t privkey, gnutls_pubkey_t pubkey) { gnutls_fips140_context_deinit(fips_context); } - void doit(void) { gnutls_fips140_context_t fips_context; @@ -252,7 +248,7 @@ void doit(void) if (gnutls_fips140_mode_enabled() == 0) { success("We are not in FIPS140 mode\n"); - exit(77); /* SKIP */ + exit(77); /* SKIP */ } assert(gnutls_fips140_context_init(&fips_context) == 0); |