tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

cipher.sh (6145B)

      1 #! /bin/bash  
      2 #
      3 # This Source Code Form is subject to the terms of the Mozilla Public
      4 # License, v. 2.0. If a copy of the MPL was not distributed with this
      5 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
      6 
      7 ########################################################################
      8 #
      9 # mozilla/security/nss/tests/cipher/cipher.sh
     10 #
     11 # Script to test NSS ciphers
     12 #
     13 # needs to work on all Unix and Windows platforms
     14 #
     15 # special strings
     16 # ---------------
     17 #   FIXME ... known problems, search for this string
     18 #   NOTE .... unexpected behavior
     19 #
     20 ########################################################################
     21 
     22 ############################## cipher_init #############################
     23 # local shell function to initialize this script
     24 ########################################################################
     25 cipher_init()
     26 {
     27  SCRIPTNAME="cipher.sh"
     28  if [ -z "${CLEANUP}" ] ; then     # if nobody else is responsible for
     29      CLEANUP="${SCRIPTNAME}"       # cleaning this script will do it
     30  fi
     31  if [ -z "${INIT_SOURCED}" ] ; then
     32      cd ../common
     33      . ./init.sh
     34  fi
     35  SCRIPTNAME="cipher.sh"
     36  html_head "Cipher Tests"
     37 
     38  CIPHERDIR=${HOSTDIR}/cipher
     39  CIPHERTESTDIR=${QADIR}/../cmd/bltest
     40  GCMTESTDIR=${QADIR}/../cmd/pk11gcmtest
     41  D_CIPHER="Cipher.$version"
     42 
     43  CIPHER_TXT=${QADIR}/cipher/cipher.txt
     44  GCM_TXT=${QADIR}/cipher/gcm.txt
     45 
     46  mkdir -p ${CIPHERDIR}
     47 
     48  cd ${CIPHERDIR}
     49  P_CIPHER=.
     50  if [ -n "${MULTIACCESS_DBM}" ]; then
     51    P_CIPHER="multiaccess:${D_CIPHER}"
     52  fi
     53 }
     54 
     55 ############################## cipher_ecdsa #############################
     56 # local shell function to test NSS ciphers
     57 # it is a modified version of the cipher_main function
     58 # the function does not use the -1 -2 offsets
     59 # because ./bltest -T -m ecdsa -S -d returns the self-test of all test vectors provided
     60 ########################################################################
     61 cipher_without_offset()
     62 {
     63  echo "bltest -T -m $PARAM -d $CIPHERTESTDIR"
     64  ${PROFTOOL} ${BINDIR}/bltest${PROG_SUFFIX} -T -m $PARAM -d $CIPHERTESTDIR
     65  if [ $? -ne 0 ]; then
     66      html_msg 1 $EXP_RET "$TESTNAME"
     67      echo "$failedStr"
     68  fi
     69 }
     70 
     71 ############################## cipher_main #############################
     72 # local shell function to test NSS ciphers
     73 ########################################################################
     74 cipher_main()
     75 {
     76  while read EXP_RET PARAM TESTNAME
     77  do
     78      if [ -n "$EXP_RET" -a "$EXP_RET" != "#" ] ; then
     79          PARAM=`echo $PARAM | sed -e "s/_-/ -/g"`
     80          TESTNAME=`echo $TESTNAME | sed -e "s/_/ /g"`
     81          echo "$SCRIPTNAME: $TESTNAME --------------------------------"
     82          failedStr=""
     83          res=0
     84          if [[ "$TESTNAME" == "ECDSA Sign"  || "$TESTNAME" == "ECDSA Verify" 
     85            || "$TESTNAME" == "SHA3 224 Hash" || "$TESTNAME" == "SHA3 256 Hash" 
     86            || "$TESTNAME" == "SHA3 384 Hash" || "$TESTNAME" == "SHA3 512 Hash" ]] ; then
     87              cipher_without_offset
     88   else
     89              inOff=0
     90              while [ $inOff -lt 8 ]
     91              do
     92                 outOff=0
     93                 while [ $outOff -lt 8 ]
     94                 do
     95                     echo "bltest -T -m $PARAM -d $CIPHERTESTDIR -1 $inOff -2 $outOff"
     96                     ${PROFTOOL} ${BINDIR}/bltest${PROG_SUFFIX} -T -m $PARAM -d $CIPHERTESTDIR -1 $inOff -2 $outOff
     97                     if [ $? -ne 0 ]; then
     98                         failedStr="$failedStr[$inOff:$outOff]"
     99                     fi
    100                     outOff=`expr $outOff + 1`
    101                 done
    102                 inOff=`expr $inOff + 1`
    103              done
    104              if [ -n "$failedStr" ]; then
    105                  html_msg 1 $EXP_RET "$TESTNAME (Failed in/out offset pairs:" \
    106                            " $failedStr)"
    107              else
    108                  html_msg $res $EXP_RET "$TESTNAME"
    109              fi
    110          fi
    111      fi
    112  done < ${CIPHER_TXT}
    113 }
    114 
    115 ############################## cipher_gcm #############################
    116 # local shell function to test NSS AES GCM
    117 ########################################################################
    118 cipher_gcm()
    119 {
    120  while read EXP_RET INPUT_FILE TESTNAME
    121  do
    122      if [ -n "$EXP_RET" -a "$EXP_RET" != "#" ] ; then
    123          TESTNAME=`echo $TESTNAME | sed -e "s/_/ /g"`
    124          echo "$SCRIPTNAME: $TESTNAME --------------------------------"
    125          echo "pk11gcmtest aes kat gcm $GCMTESTDIR/tests/$INPUT_FILE"
    126          ${PROFTOOL} ${BINDIR}/pk11gcmtest aes kat gcm $GCMTESTDIR/tests/$INPUT_FILE
    127          html_msg $? $EXP_RET "$TESTNAME"
    128      fi
    129  done < ${GCM_TXT}
    130 }
    131 
    132 ###################### cipher_rsa_populate ############################
    133 # Test the ability to reconstruct rsa private key reconstruction
    134 # also test the PK11GenericObject interface 
    135 ###################################################################
    136 cipher_rsa_populate()
    137 {
    138  TESTNAME="RSA Reconstruct Private Keys Test"
    139  echo "$SCRIPTNAME: $TESTNAME --------------------------------"
    140  echo "rsapoptst -t all -r 10"
    141 # skip e_d_q. It isn't reliable, and can return incorrect data. e_d_q should
    142 # be turned off.
    143  ${PROFTOOL} ${BINDIR}/rsapoptst -t e_n_p,d_n_q,d_p_q,e_d_n -r 10
    144  html_msg $? 0 "$TESTNAME"
    145 }
    146 
    147 
    148 ############################## cipher_cleanup ############################
    149 # local shell function to finish this script (no exit since it might be
    150 # sourced)
    151 ########################################################################
    152 cipher_cleanup()
    153 {
    154  html "</TABLE><BR>"
    155  cd ${QADIR}
    156  . common/cleanup.sh
    157 }
    158 
    159 ################## main #################################################
    160 
    161 # When building without softoken, bltest isn't built. It was already
    162 # built and the cipher suite run as part of an nss-softoken build. 
    163 if [ ! -x ${DIST}/${OBJDIR}/bin/bltest${PROG_SUFFIX} ]; then
    164    echo "bltest not built, skipping this test." >> ${LOGFILE}
    165    res=0
    166    html_msg $res $EXP_RET "$TESTNAME"
    167    return 0
    168 fi
    169 cipher_init
    170 # Skip cipher_main if this an NSS without softoken build.
    171 if [ "${NSS_BUILD_WITHOUT_SOFTOKEN}" != "1" ]; then
    172    cipher_main
    173 fi
    174 # Skip cipher_gcm if this is a softoken only build.
    175 if [ "${NSS_BUILD_SOFTOKEN_ONLY}" != "1" ]; then
    176    cipher_gcm
    177    cipher_rsa_populate
    178 fi
    179 cipher_cleanup