00001 #include "dll.h"
00002 #include <iostream>
00003
00004 USING_NAMESPACE(CryptoPP)
00005 USING_NAMESPACE(std)
00006
00007 void FIPS140_SampleApplication()
00008 {
00009 if (!FIPS_140_2_ComplianceEnabled())
00010 {
00011 cerr << "FIPS-140-2 compliance was turned off at compile time.\n";
00012 abort();
00013 }
00014
00015
00016 if (GetPowerUpSelfTestStatus() != POWER_UP_SELF_TEST_PASSED)
00017 {
00018 cerr << "Automatic power-up self test failed.\n";
00019 abort();
00020 }
00021 cout << "0. Automatic power-up self test passed.\n";
00022
00023
00024 SimulatePowerUpSelfTestFailure();
00025 try
00026 {
00027
00028 AES::Encryption aes;
00029
00030
00031 cerr << "Use of AES failed to cause an exception after power-up self test error.\n";
00032 abort();
00033 }
00034 catch (SelfTestFailure &e)
00035 {
00036 cout << "1. Caught expected exception when simulating self test failure. Exception message follows: ";
00037 cout << e.what() << endl;
00038 }
00039
00040
00041 DoDllPowerUpSelfTest();
00042 if (GetPowerUpSelfTestStatus() != POWER_UP_SELF_TEST_PASSED)
00043 {
00044 cerr << "Re-do power-up self test failed.\n";
00045 abort();
00046 }
00047 cout << "2. Re-do power-up self test passed.\n";
00048
00049
00050 const byte key[] = {0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
00051 const byte iv[] = {0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef};
00052 const byte plaintext[] = {
00053 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
00054 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
00055 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20};
00056 byte ciphertext[24];
00057 byte decrypted[24];
00058
00059 CFB_Mode<DES_EDE3>::Encryption encryption_DES_EDE3_CBC;
00060 encryption_DES_EDE3_CBC.SetKeyWithIV(key, sizeof(key), iv);
00061 encryption_DES_EDE3_CBC.ProcessString(ciphertext, plaintext, 24);
00062
00063 CFB_Mode<DES_EDE3>::Decryption decryption_DES_EDE3_CBC;
00064 decryption_DES_EDE3_CBC.SetKeyWithIV(key, sizeof(key), iv);
00065 decryption_DES_EDE3_CBC.ProcessString(decrypted, ciphertext, 24);
00066
00067 if (memcmp(plaintext, decrypted, 24) != 0)
00068 {
00069 cerr << "DES-EDE3-CBC Encryption/decryption failed.\n";
00070 abort();
00071 }
00072 cout << "3. DES-EDE3-CBC Encryption/decryption succeeded.\n";
00073
00074
00075 const byte message[] = {'a', 'b', 'c'};
00076 const byte expectedDigest[] = {0xA9,0x99,0x3E,0x36,0x47,0x06,0x81,0x6A,0xBA,0x3E,0x25,0x71,0x78,0x50,0xC2,0x6C,0x9C,0xD0,0xD8,0x9D};
00077 byte digest[20];
00078
00079 SHA1 sha;
00080 sha.Update(message, 3);
00081 sha.Final(digest);
00082
00083 if (memcmp(digest, expectedDigest, 20) != 0)
00084 {
00085 cerr << "SHA-1 hash failed.\n";
00086 abort();
00087 }
00088 cout << "4. SHA-1 hash succeeded.\n";
00089
00090
00091 #ifdef OS_RNG_AVAILABLE
00092 AutoSeededX917RNG<DES_EDE3> rng;
00093 #else
00094
00095 RandomNumberGenerator &rng(NullRNG());
00096 #endif
00097
00098
00099 DSA::PrivateKey dsaPrivateKey;
00100 dsaPrivateKey.GenerateRandomWithKeySize(rng, 1024);
00101 DSA::PublicKey dsaPublicKey;
00102 dsaPublicKey.AssignFrom(dsaPrivateKey);
00103 if (!dsaPrivateKey.Validate(rng, 3) || !dsaPublicKey.Validate(rng, 3))
00104 {
00105 cerr << "DSA key generation failed.\n";
00106 abort();
00107 }
00108 cout << "5. DSA key generation succeeded.\n";
00109
00110
00111 std::string encodedDsaPublicKey, encodedDsaPrivateKey;
00112 dsaPublicKey.DEREncode(StringSink(encodedDsaPublicKey).Ref());
00113 dsaPrivateKey.DEREncode(StringSink(encodedDsaPrivateKey).Ref());
00114
00115
00116 DSA::PrivateKey decodedDsaPrivateKey;
00117 decodedDsaPrivateKey.BERDecode(StringStore(encodedDsaPrivateKey).Ref());
00118 DSA::PublicKey decodedDsaPublicKey;
00119 decodedDsaPublicKey.BERDecode(StringStore(encodedDsaPublicKey).Ref());
00120
00121 if (!decodedDsaPrivateKey.Validate(rng, 3) || !decodedDsaPublicKey.Validate(rng, 3))
00122 {
00123 cerr << "DSA key encode/decode failed.\n";
00124 abort();
00125 }
00126 cout << "6. DSA key encode/decode succeeded.\n";
00127
00128
00129 byte signature[40];
00130 DSA::Signer signer(dsaPrivateKey);
00131 assert(signer.SignatureLength() == 40);
00132 signer.SignMessage(rng, message, 3, signature);
00133
00134 DSA::Verifier verifier(dsaPublicKey);
00135 if (!verifier.VerifyMessage(message, 3, signature))
00136 {
00137 cerr << "DSA signature and verification failed.\n";
00138 abort();
00139 }
00140 cout << "7. DSA signature and verification succeeded.\n";
00141
00142
00143
00144 signature[0] ^= 1;
00145 if (verifier.VerifyMessage(message, 3, signature))
00146 {
00147 cerr << "DSA signature verification failed to detect bad signature.\n";
00148 abort();
00149 }
00150 cout << "8. DSA signature verification successfully detected bad signature.\n";
00151
00152
00153 try
00154 {
00155 encryption_DES_EDE3_CBC.SetKey(key, 5);
00156
00157
00158 cerr << "DES-EDE3 implementation did not detect use of invalid key length.\n";
00159 abort();
00160 }
00161 catch (InvalidArgument &e)
00162 {
00163 cout << "9. Caught expected exception when using invalid key length. Exception message follows: ";
00164 cout << e.what() << endl;
00165 }
00166
00167 cout << "\nFIPS 140-2 Sample Application completed normally.\n";
00168 }
00169
00170 #ifdef CRYPTOPP_DLL_ONLY
00171
00172 int __cdecl main()
00173 {
00174 FIPS140_SampleApplication();
00175 return 0;
00176 }
00177
00178 #endif