--S.MG, 2018 with Interfaces; use Interfaces; with Interfaces.C; use Interfaces.C; with RSA_OAEP; use RSA_OAEP; with OAEP; use OAEP; with Raw_Types; use Raw_Types; with RNG; use RNG; with Keccak; use Keccak; with Ada.Text_IO; use Ada.Text_IO; package body Test_RSA_OAEP is procedure test_char_array is S : String := OAEP.TMSR_STR; O : Octets := Raw_Types.OAEP_RESERVED; A : char_array(0..O'Length-1) := (others => '0'); B : Octets(0..O'Length -1) := (others => 0); Fail : Boolean := FALSE; begin Octets_To_Char_Array(O, A); Char_Array_To_Octets(A, B); if B /= O then Put_Line("FAIL: char_array_to_octets"); else Put_Line("PASS: char_array_to_octets"); end if; for I in 0..S'Length-1 loop declare C : Character := Character(A(A'First + size_t(I))); E : Character := S(S'First + I); begin if C /= E then Fail := TRUE; Put("Error at pos " & Integer'Image(I) & ": "); Put(Integer'Image(Character'Pos(C))); Put_Line(" instead of " & Integer'Image(Character'Pos(E))); end if; end; end loop; if FAIL then Put_Line("FAIL: test octets_to_char_array"); else Put_Line("PASS: test octets_to_char_array"); end if; end test_char_array; -- test OAEP encrypt + decrypt procedure test_oaep is Plain: Octets(1..MAX_LEN_MSG); Short: Octets(0..10); Encr : OAEP_Block; Decr : OAEP_HALF; Len : Natural; Entropy: OAEP_Block; Success : Boolean; begin RNG.Get_Octets(Plain); RNG.Get_Octets(Entropy); RNG.Get_Octets(Short); -- test full length message OAEP_Encrypt(Plain, Entropy, Encr); OAEP_Decrypt(Encr, Len, Decr, Success); if not Success or Len/8 /= Plain'Length then Put_Line("FAIL: oaep encrypt/decrypt on max len message."); else if Decr(Decr'First..Decr'First+Len/8-1) /= Plain(Plain'First..Plain'First+Len/8-1) then Put_Line("FAIL: oaep encrypt/decrypt on max len message - " & "result different from expected."); else Put_Line("PASS: oaep encrypt/decrypt on max len message."); end if; end if; -- test short message OAEP_Encrypt(Short, Entropy, Encr); OAEP_Decrypt(Encr, Len, Decr, Success); if not Success or Len/8 /= Short'Length then Put_Line("FAIL: oaep encrypt/decrypt on short message."); else if Decr(Decr'First..Decr'First+Len/8-1) /= Short(Short'First..Short'First+Len/8-1) then Put_Line("FAIL: oaep encrypt/decrypt on short message - " & "result different from expected."); else Put_Line("PASS: oaep encrypt/decrypt on short message."); end if; end if; end test_oaep; -- test JUST RSA (i.e. without oaep) with RSA key pair previously generated procedure test_rsa is n: String := "C6579F8646180EED0DC1F02E0DDD2B43EABB3F702D79D9928E2CDA5E1D42DF5D9ED7773F80B1F8D9B0DB7D4D00F55647640D70768F63D3CED56A39C681D08D6191F318BB79DC969B470A7364D53335C8318EF35E39D5DF706AB6F2393C6DD2128C142DBAB1806EB35E26C908F0A48419313D2D0F33DD430655DBFEC722899EC21C238E8DB7003430BBC39BAD990F9887F6B03E1344F537EC97389B78DBC656718ACD7B0FDC13DD24534F417BC7A18F077A0C4227354CEA19670331B6CAA3DFC17BBA7E70C14510D9EB3B63F3014994EC87BD23E868C0AE6E9EC55027577F62C0280B2D7DD1135001844923E5455C4566E066B3FDE968C6BC4DC672F229FCE366440403D7A4F4A8BFBA5679B7D0844BA1231277D13A77C9E2B5A1CB138C1B7AB5B4D4832448723A3DE70ED2E86D5FC5174F949A02DE8E404304BEB95F9BF40F3AA3CA15622D2776294BE7E19233406FF563CB8C25A1CB5AADBC1899DA3F2AE38533931FE032EE3232C2CD4F219FADF95B91635C0762A476A4DE5013F4384093F0FB715028D97F93B2E6F057B99EE344D83ADF2686FD5C9C793928BEF3182E568C4339C36C744C8E9CA7D4B9A16AA039CBF6F38CC97B12D87644E94C9DBD6BC93A93A03ED61ECC5874586E3A310E958F858735E30019D345C62E5127B80652C8A970A14B31F03B3A157CD5"; e: String := "F74D78E382FC19B064411C6C20E0FDB2985F843007A54C7D8400BB459468624126E7D175F397E55C57AF25858EAE2D2952FB7998C119A6103606733EB5E1D27FCA1FACF14ADE94101D383D1B25DA511805569BC344EAD384EDBF3F3A541B34887FE199D99D7F62E6E9D516F88D6F5AD3E020DF04D402A02CC628A0064362FE8516CF7CD6040E9521407AB90EE6B5AFFF9EA9EBB16A7D3407CE81FD3844F519880556AB94AB349C1F3BBB6FDB4C4B377FE4C091EBDC2C3A1BD3AA56382D8D80E7742B5C751008FD6ECDD2EC3B2E3B6C566F698ED672000B403766DD63C3ACBDE16A14FB02E83A2EB6AA018BFC0020401E790DEE24E9"; d: String := "698DA05DA25B230211EEF0CBA12083A1457B749A11937AC9993859F69A3BF38D575E5166AF2EC88D77F1DF04E68AEA358EACF7659FD4722A4F5A1C8BA7676DA97A9FBA75451152F8F68887D3451A9CCFFFE9EB80979786E37495B17687A6212F77FA616E4C0CD8A8EB7AEB88EA6CCABB7F3E854FB94B35394A09F95F0D6F997947E865CC0606F437C30FE8C48D96FBF5E2F52807BC9E9ED7BBEB23D5C45EDDCD16FE2BF410A9A1E5EF879E71C0D41FAE270C0C5D442860103F8C3944E802F33DB38432F11F763A7AF593656108E4A98A44A8549913CE5DCEC1A6500F280E3190991B2B938561CFACD8BC5183AAC9A4914BFE52C3BE39BB83688E1DE52479107EF8E087DCDB409432FC954C6349407E81DDFB11AE92BABB32A31868597958C9C76E0B4156F380955F0E09C1F3B98BB4CDD59E1B5C7D8CC2AA7491B0D319D219CF459A527CE1AA2729DEC53269653BF0ED3E0253F4451168437E3B069E48350CA4C3EC82134E87135624C768D1330B0D70C6E447FD9945BF06FCB91AA334C0FD8EEF1ADBC15928B3DB62077B537F7E9F468CC95CD5AAFEAE1F760A863B48D07B163F670E2E5B550BB3E960230BA9FDAED9903AE2E669A7F3C4D1F1E25B8E8EDB8CC6E6FD2164E66F4E64ED77BEF1EC9E6CEA5624FD84C0680248746DC1C8187145F3CD2411659DAEAD11D"; p: String := "CDD6F7673A501FB24C44D56CA1D434F6CB3334E193E02F8E906241906BCB7412DD2159825B24C22002F373E647C2DA62A854F3841C00FD5985D03227CA9B54A69380BA9D63BE738BDF9E65C247E43E1220EEDD9281DCA78B32A4E1B786B7697ED0C3195D5AF2990881B11D6FC9EC9F940067B2DEA2A516FAA5F269C98F0B67628A6D2708515A4A58041AA17A93E4C4DD95C85BC38351DDA1DCF3DFD91C505B22383132649CF9F9233852C7207075BCF43C71038F043F1EC53E9787FB051B7927D020903233C16897B993C8089D8464451F086E756CF20E46CE6ED4A6AC5C327A0AAFBECBAAFD177969E7C952C76A4F4E7C85BF7F63"; q: String := "F6ACF0790A250802C8D45DAC549CDBEF7806D5877A5DF0069136A458FAC4F0B0858060A873DA6355A965A064A0BC1BBB874872CD7ED89674AD407533041E74BCA317EC73597D335115523F61A05071E5ED81EE2A05331F65D4DC7A25AD7938B124CF03F49154B6693FB0B598B33ABDEF85C599A57A9B7347EAFF82638E1CBC28FCDFFF1FF04A18C2DBF3938395C2F8D1782B43D3A25EF7633B5DDAC89EFD3BAA64D976425A0891E00B876E9DE9FE4B6492B0EA8DFC7C8DEEC61721356EC816295B1BD9CD9DA3E30D2D90DC9CB3987F4BE042104900E036F3044A016749EF910CCFB9F377A90849B4CCCF4471A74E67EF6C814C9467"; u: String := "854B89ED10F52258D00D6B3FA7F1FD22752804668F51FF7806DB82E22CB8B3AA8448D9B8E9DB14D31A36AEC2BCFA89E341B7334D494E97ED8051244136192233332C4612D963E7B6AF2535FDB7FE97E28DDFEBDFB3E1AFC29D05DBDF37106A817D3AB1864C7F7F247982897EDA6A92BED47D9C68305CD170C7301ACEB05F8A6382E73CC7614B2D8D758669B3A99AB64114809254B0BE21F40341A5B48B9B032603B14875B87EB5E16603FD16552E146A0FC6964958DFC25AA9FFCCD1ED1F4DEAF9FBAA0D7357F5FF0803FEB9BA78E74AC6B3070F417CEC6CFC7A3CF1E305FC7B76B7ED71893999AF797B2EBDE41FE90F076CCEDBFB"; Plain: OAEP_Block := (others => 0); Decr : OAEP_Block := (others => 0); Encr : RSA_len; pkey: RSA_pkey; skey: RSA_skey; begin -- initialize with RSA pair previously generated Hex2Octets( n, skey.n ); Hex2Octets( e, skey.e ); Hex2Octets( d, skey.d ); Hex2Octets( p, skey.p ); Hex2Octets( q, skey.q ); Hex2Octets( u, skey.u ); -- copy n and e for public key pkey.n := skey.n; pkey.e := skey.e; -- get random data RNG.Get_Octets(Plain); -- make first octet < RSA key's modulus first octet Plain(Plain'First) := 16#00#; -- naked rsa encrypt/decrypt Put_Line("Encrypting with RSA public key..."); Public_RSA( Plain, pkey, Encr ); Put_Line("Decrypting with RSA private key..."); Private_RSA( Encr, skey, Decr ); Put_Line("Checking..."); -- check result if Decr /= Plain then Put_Line("FAIL: RSA encrypt/decrypt result doesn't match plain."); else Put_Line("PASS: RSA encrypt/decrypt"); end if; end test_rsa; -- test rsa+oaep with RSA key pair previously generated procedure test_rsa_oaep is n: String := "C6579F8646180EED0DC1F02E0DDD2B43EABB3F702D79D9928E2CDA5E1D42DF5D9ED7773F80B1F8D9B0DB7D4D00F55647640D70768F63D3CED56A39C681D08D6191F318BB79DC969B470A7364D53335C8318EF35E39D5DF706AB6F2393C6DD2128C142DBAB1806EB35E26C908F0A48419313D2D0F33DD430655DBFEC722899EC21C238E8DB7003430BBC39BAD990F9887F6B03E1344F537EC97389B78DBC656718ACD7B0FDC13DD24534F417BC7A18F077A0C4227354CEA19670331B6CAA3DFC17BBA7E70C14510D9EB3B63F3014994EC87BD23E868C0AE6E9EC55027577F62C0280B2D7DD1135001844923E5455C4566E066B3FDE968C6BC4DC672F229FCE366440403D7A4F4A8BFBA5679B7D0844BA1231277D13A77C9E2B5A1CB138C1B7AB5B4D4832448723A3DE70ED2E86D5FC5174F949A02DE8E404304BEB95F9BF40F3AA3CA15622D2776294BE7E19233406FF563CB8C25A1CB5AADBC1899DA3F2AE38533931FE032EE3232C2CD4F219FADF95B91635C0762A476A4DE5013F4384093F0FB715028D97F93B2E6F057B99EE344D83ADF2686FD5C9C793928BEF3182E568C4339C36C744C8E9CA7D4B9A16AA039CBF6F38CC97B12D87644E94C9DBD6BC93A93A03ED61ECC5874586E3A310E958F858735E30019D345C62E5127B80652C8A970A14B31F03B3A157CD5"; e: String := "F74D78E382FC19B064411C6C20E0FDB2985F843007A54C7D8400BB459468624126E7D175F397E55C57AF25858EAE2D2952FB7998C119A6103606733EB5E1D27FCA1FACF14ADE94101D383D1B25DA511805569BC344EAD384EDBF3F3A541B34887FE199D99D7F62E6E9D516F88D6F5AD3E020DF04D402A02CC628A0064362FE8516CF7CD6040E9521407AB90EE6B5AFFF9EA9EBB16A7D3407CE81FD3844F519880556AB94AB349C1F3BBB6FDB4C4B377FE4C091EBDC2C3A1BD3AA56382D8D80E7742B5C751008FD6ECDD2EC3B2E3B6C566F698ED672000B403766DD63C3ACBDE16A14FB02E83A2EB6AA018BFC0020401E790DEE24E9"; d: String := "698DA05DA25B230211EEF0CBA12083A1457B749A11937AC9993859F69A3BF38D575E5166AF2EC88D77F1DF04E68AEA358EACF7659FD4722A4F5A1C8BA7676DA97A9FBA75451152F8F68887D3451A9CCFFFE9EB80979786E37495B17687A6212F77FA616E4C0CD8A8EB7AEB88EA6CCABB7F3E854FB94B35394A09F95F0D6F997947E865CC0606F437C30FE8C48D96FBF5E2F52807BC9E9ED7BBEB23D5C45EDDCD16FE2BF410A9A1E5EF879E71C0D41FAE270C0C5D442860103F8C3944E802F33DB38432F11F763A7AF593656108E4A98A44A8549913CE5DCEC1A6500F280E3190991B2B938561CFACD8BC5183AAC9A4914BFE52C3BE39BB83688E1DE52479107EF8E087DCDB409432FC954C6349407E81DDFB11AE92BABB32A31868597958C9C76E0B4156F380955F0E09C1F3B98BB4CDD59E1B5C7D8CC2AA7491B0D319D219CF459A527CE1AA2729DEC53269653BF0ED3E0253F4451168437E3B069E48350CA4C3EC82134E87135624C768D1330B0D70C6E447FD9945BF06FCB91AA334C0FD8EEF1ADBC15928B3DB62077B537F7E9F468CC95CD5AAFEAE1F760A863B48D07B163F670E2E5B550BB3E960230BA9FDAED9903AE2E669A7F3C4D1F1E25B8E8EDB8CC6E6FD2164E66F4E64ED77BEF1EC9E6CEA5624FD84C0680248746DC1C8187145F3CD2411659DAEAD11D"; p: String := "CDD6F7673A501FB24C44D56CA1D434F6CB3334E193E02F8E906241906BCB7412DD2159825B24C22002F373E647C2DA62A854F3841C00FD5985D03227CA9B54A69380BA9D63BE738BDF9E65C247E43E1220EEDD9281DCA78B32A4E1B786B7697ED0C3195D5AF2990881B11D6FC9EC9F940067B2DEA2A516FAA5F269C98F0B67628A6D2708515A4A58041AA17A93E4C4DD95C85BC38351DDA1DCF3DFD91C505B22383132649CF9F9233852C7207075BCF43C71038F043F1EC53E9787FB051B7927D020903233C16897B993C8089D8464451F086E756CF20E46CE6ED4A6AC5C327A0AAFBECBAAFD177969E7C952C76A4F4E7C85BF7F63"; q: String := "F6ACF0790A250802C8D45DAC549CDBEF7806D5877A5DF0069136A458FAC4F0B0858060A873DA6355A965A064A0BC1BBB874872CD7ED89674AD407533041E74BCA317EC73597D335115523F61A05071E5ED81EE2A05331F65D4DC7A25AD7938B124CF03F49154B6693FB0B598B33ABDEF85C599A57A9B7347EAFF82638E1CBC28FCDFFF1FF04A18C2DBF3938395C2F8D1782B43D3A25EF7633B5DDAC89EFD3BAA64D976425A0891E00B876E9DE9FE4B6492B0EA8DFC7C8DEEC61721356EC816295B1BD9CD9DA3E30D2D90DC9CB3987F4BE042104900E036F3044A016749EF910CCFB9F377A90849B4CCCF4471A74E67EF6C814C9467"; u: String := "854B89ED10F52258D00D6B3FA7F1FD22752804668F51FF7806DB82E22CB8B3AA8448D9B8E9DB14D31A36AEC2BCFA89E341B7334D494E97ED8051244136192233332C4612D963E7B6AF2535FDB7FE97E28DDFEBDFB3E1AFC29D05DBDF37106A817D3AB1864C7F7F247982897EDA6A92BED47D9C68305CD170C7301ACEB05F8A6382E73CC7614B2D8D758669B3A99AB64114809254B0BE21F40341A5B48B9B032603B14875B87EB5E16603FD16552E146A0FC6964958DFC25AA9FFCCD1ED1F4DEAF9FBAA0D7357F5FF0803FEB9BA78E74AC6B3070F417CEC6CFC7A3CF1E305FC7B76B7ED71893999AF797B2EBDE41FE90F076CCEDBFB"; Plain: Octets(1..MAX_LEN_MSG) := (others=>20); Short: Octets(1..10); Decr : RSA_len; Encr : RSA_len; pkey: RSA_pkey; skey: RSA_skey; Success: Boolean; Len : Natural; begin -- initialize with RSA pair previously generated Hex2Octets( n, skey.n ); Hex2Octets( e, skey.e ); Hex2Octets( d, skey.d ); Hex2Octets( p, skey.p ); Hex2Octets( q, skey.q ); Hex2Octets( u, skey.u ); -- copy n and e for public key pkey.n := skey.n; pkey.e := skey.e; -- test with 0 message of length Plain'Length RSA_OAEP.Encrypt(Plain, pkey, Encr); RSA_OAEP.Decrypt(Encr, skey, Decr, Len, Success); if (not Success) or Len /= Plain'Length or Plain /= Decr(Decr'First..Decr'First+Plain'Length-1) then Put_Line("FAIL: RSA_OAEP on max len message 20-filled."); else Put_Line("PASS: RSA_OAEP on max len message 20-filled."); end if; -- get random data for "plain" message RNG.Get_Octets(Plain); RSA_OAEP.Encrypt(Plain, pkey, Encr); RSA_OAEP.Decrypt(Encr, skey, Decr, Len, Success); if (not Success) or Len /= Plain'Length or Plain /= Decr(Decr'First..Decr'First+Plain'Length-1) then Put_Line("FAIL: RSA_OAEP on random data of max length."); else Put_Line("PASS: RSA_OAEP on random data of max length."); end if; -- get random data for "short" message RNG.Get_Octets(Short); RSA_OAEP.Encrypt(Short, pkey, Encr); RSA_OAEP.Decrypt(Encr, skey, Decr, Len, Success); if (not Success) or Len /= Short'Length or Short /= Decr(Decr'First..Decr'First+Short'Length-1) then Put_Line("FAIL: RSA_OAEP on random data of short length."); else Put_Line("PASS: RSA_OAEP on random data of short length."); end if; end test_rsa_oaep; -- helper methods procedure Hex2Octets( Hex: in String; O: out Raw_Types.Octets ) is S : String := "16#AA#"; -- to make sure that input String has EVEN number of chars (ie full octets) H : String(1..Hex'Length+Hex'Length mod 2) := (others=>'0'); begin -- first char is 0 if needed to cover full octet... H(H'Length-Hex'Length+1..H'Length) := Hex; O := (others => 0); for I in 0 .. H'Length/2-1 loop S := "16#" & H(H'First + I*2 .. H'First + I*2 + 1) & "#"; O(O'Last - H'Length/2 + 1 + I) := Unsigned_8'Value(S); end loop; end Hex2Octets; procedure PrintOctets( O: in Raw_Types.Octets; Title: in String ) is begin Put_Line(Title); for V of O loop Put(Unsigned_8'Image(V) & " "); end loop; New_Line; end PrintOctets; end Test_RSA_OAEP;