00001 #ifndef CRYPTOPP_DLL_ONLY
00002 # define CRYPTOPP_DEFAULT_NO_DLL
00003 #endif
00004
00005 #include "dll.h"
00006 #include "cryptlib.h"
00007 #include "filters.h"
00008
00009 USING_NAMESPACE(CryptoPP)
00010 USING_NAMESPACE(std)
00011
00012 void FIPS140_SampleApplication()
00013 {
00014 if (!FIPS_140_2_ComplianceEnabled())
00015 {
00016 cerr << "FIPS 140-2 compliance was turned off at compile time.\n";
00017 abort();
00018 }
00019
00020
00021 if (GetPowerUpSelfTestStatus() != POWER_UP_SELF_TEST_PASSED)
00022 {
00023 cerr << "Automatic power-up self test failed.\n";
00024 abort();
00025 }
00026 cout << "0. Automatic power-up self test passed.\n";
00027
00028
00029 SimulatePowerUpSelfTestFailure();
00030 try
00031 {
00032
00033 AES::Encryption aes;
00034
00035
00036 cerr << "Use of AES failed to cause an exception after power-up self test error.\n";
00037 abort();
00038 }
00039 catch (SelfTestFailure &e)
00040 {
00041 cout << "1. Caught expected exception when simulating self test failure. Exception message follows: ";
00042 cout << e.what() << endl;
00043 }
00044
00045
00046 DoDllPowerUpSelfTest();
00047 if (GetPowerUpSelfTestStatus() != POWER_UP_SELF_TEST_PASSED)
00048 {
00049 cerr << "Re-do power-up self test failed.\n";
00050 abort();
00051 }
00052 cout << "2. Re-do power-up self test passed.\n";
00053
00054
00055 const byte key[] = {0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
00056 const byte iv[] = {0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef};
00057 const byte plaintext[] = {
00058 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
00059 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
00060 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20};
00061 byte ciphertext[24];
00062 byte decrypted[24];
00063
00064 CFB_FIPS_Mode<DES_EDE3>::Encryption encryption_DES_EDE3_CFB;
00065 encryption_DES_EDE3_CFB.SetKeyWithIV(key, sizeof(key), iv);
00066 encryption_DES_EDE3_CFB.ProcessString(ciphertext, plaintext, 24);
00067
00068 CFB_FIPS_Mode<DES_EDE3>::Decryption decryption_DES_EDE3_CFB;
00069 decryption_DES_EDE3_CFB.SetKeyWithIV(key, sizeof(key), iv);
00070 decryption_DES_EDE3_CFB.ProcessString(decrypted, ciphertext, 24);
00071
00072 if (memcmp(plaintext, decrypted, 24) != 0)
00073 {
00074 cerr << "DES-EDE3-CFB Encryption/decryption failed.\n";
00075 abort();
00076 }
00077 cout << "3. DES-EDE3-CFB Encryption/decryption succeeded.\n";
00078
00079
00080 const byte message[] = {'a', 'b', 'c'};
00081 const byte expectedDigest[] = {0xA9,0x99,0x3E,0x36,0x47,0x06,0x81,0x6A,0xBA,0x3E,0x25,0x71,0x78,0x50,0xC2,0x6C,0x9C,0xD0,0xD8,0x9D};
00082 byte digest[20];
00083
00084 SHA1 sha;
00085 sha.Update(message, 3);
00086 sha.Final(digest);
00087
00088 if (memcmp(digest, expectedDigest, 20) != 0)
00089 {
00090 cerr << "SHA-1 hash failed.\n";
00091 abort();
00092 }
00093 cout << "4. SHA-1 hash succeeded.\n";
00094
00095
00096 #ifdef OS_RNG_AVAILABLE
00097 AutoSeededX917RNG<AES> rng;
00098 #else
00099
00100 RandomNumberGenerator &rng(NullRNG());
00101 #endif
00102
00103
00104 DSA::PrivateKey dsaPrivateKey;
00105 dsaPrivateKey.GenerateRandomWithKeySize(rng, 1024);
00106 DSA::PublicKey dsaPublicKey;
00107 dsaPublicKey.AssignFrom(dsaPrivateKey);
00108 if (!dsaPrivateKey.Validate(rng, 3) || !dsaPublicKey.Validate(rng, 3))
00109 {
00110 cerr << "DSA key generation failed.\n";
00111 abort();
00112 }
00113 cout << "5. DSA key generation succeeded.\n";
00114
00115
00116 std::string encodedDsaPublicKey, encodedDsaPrivateKey;
00117 dsaPublicKey.DEREncode(StringSink(encodedDsaPublicKey).Ref());
00118 dsaPrivateKey.DEREncode(StringSink(encodedDsaPrivateKey).Ref());
00119
00120
00121 DSA::PrivateKey decodedDsaPrivateKey;
00122 decodedDsaPrivateKey.BERDecode(StringStore(encodedDsaPrivateKey).Ref());
00123 DSA::PublicKey decodedDsaPublicKey;
00124 decodedDsaPublicKey.BERDecode(StringStore(encodedDsaPublicKey).Ref());
00125
00126 if (!decodedDsaPrivateKey.Validate(rng, 3) || !decodedDsaPublicKey.Validate(rng, 3))
00127 {
00128 cerr << "DSA key encode/decode failed.\n";
00129 abort();
00130 }
00131 cout << "6. DSA key encode/decode succeeded.\n";
00132
00133
00134 byte signature[40];
00135 DSA::Signer signer(dsaPrivateKey);
00136 assert(signer.SignatureLength() == 40);
00137 signer.SignMessage(rng, message, 3, signature);
00138
00139 DSA::Verifier verifier(dsaPublicKey);
00140 if (!verifier.VerifyMessage(message, 3, signature, sizeof(signature)))
00141 {
00142 cerr << "DSA signature and verification failed.\n";
00143 abort();
00144 }
00145 cout << "7. DSA signature and verification succeeded.\n";
00146
00147
00148
00149 signature[0] ^= 1;
00150 if (verifier.VerifyMessage(message, 3, signature, sizeof(signature)))
00151 {
00152 cerr << "DSA signature verification failed to detect bad signature.\n";
00153 abort();
00154 }
00155 cout << "8. DSA signature verification successfully detected bad signature.\n";
00156
00157
00158 try
00159 {
00160 ECB_Mode<DES_EDE3>::Encryption encryption_DES_EDE3_ECB;
00161 encryption_DES_EDE3_ECB.SetKey(key, 5);
00162
00163
00164 cerr << "DES-EDE3 implementation did not detect use of invalid key length.\n";
00165 abort();
00166 }
00167 catch (InvalidArgument &e)
00168 {
00169 cout << "9. Caught expected exception when using invalid key length. Exception message follows: ";
00170 cout << e.what() << endl;
00171 }
00172
00173 cout << "\nFIPS 140-2 Sample Application completed normally.\n";
00174 }
00175
00176 #ifdef CRYPTOPP_IMPORTS
00177
00178 static PNew s_pNew = NULL;
00179 static PDelete s_pDelete = NULL;
00180
00181 extern "C" __declspec(dllexport) void __cdecl SetNewAndDeleteFromCryptoPP(PNew pNew, PDelete pDelete, PSetNewHandler pSetNewHandler)
00182 {
00183 s_pNew = pNew;
00184 s_pDelete = pDelete;
00185 }
00186
00187 void * __cdecl operator new (size_t size)
00188 {
00189 return s_pNew(size);
00190 }
00191
00192 void __cdecl operator delete (void * p)
00193 {
00194 s_pDelete(p);
00195 }
00196
00197 #endif
00198
00199 #ifdef CRYPTOPP_DLL_ONLY
00200
00201 int __cdecl main()
00202 {
00203 FIPS140_SampleApplication();
00204 return 0;
00205 }
00206
00207 #endif