00001 #ifndef CRYPTOPP_DLL_ONLY
00002 #define CRYPTOPP_DEFAULT_NO_DLL
00003 #endif
00004
00005 #include "dll.h"
00006 #include <iostream>
00007
00008 USING_NAMESPACE(CryptoPP)
00009 USING_NAMESPACE(std)
00010
00011 void FIPS140_SampleApplication()
00012 {
00013 if (!FIPS_140_2_ComplianceEnabled())
00014 {
00015 cerr << "FIPS 140-2 compliance was turned off at compile time.\n";
00016 abort();
00017 }
00018
00019
00020 if (GetPowerUpSelfTestStatus() != POWER_UP_SELF_TEST_PASSED)
00021 {
00022 cerr << "Automatic power-up self test failed.\n";
00023 abort();
00024 }
00025 cout << "0. Automatic power-up self test passed.\n";
00026
00027
00028 SimulatePowerUpSelfTestFailure();
00029 try
00030 {
00031
00032 AES::Encryption aes;
00033
00034
00035 cerr << "Use of AES failed to cause an exception after power-up self test error.\n";
00036 abort();
00037 }
00038 catch (SelfTestFailure &e)
00039 {
00040 cout << "1. Caught expected exception when simulating self test failure. Exception message follows: ";
00041 cout << e.what() << endl;
00042 }
00043
00044
00045 DoDllPowerUpSelfTest();
00046 if (GetPowerUpSelfTestStatus() != POWER_UP_SELF_TEST_PASSED)
00047 {
00048 cerr << "Re-do power-up self test failed.\n";
00049 abort();
00050 }
00051 cout << "2. Re-do power-up self test passed.\n";
00052
00053
00054 const byte key[] = {0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
00055 const byte iv[] = {0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef};
00056 const byte plaintext[] = {
00057 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
00058 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
00059 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20};
00060 byte ciphertext[24];
00061 byte decrypted[24];
00062
00063 CFB_FIPS_Mode<DES_EDE3>::Encryption encryption_DES_EDE3_CFB;
00064 encryption_DES_EDE3_CFB.SetKeyWithIV(key, sizeof(key), iv);
00065 encryption_DES_EDE3_CFB.ProcessString(ciphertext, plaintext, 24);
00066
00067 CFB_FIPS_Mode<DES_EDE3>::Decryption decryption_DES_EDE3_CFB;
00068 decryption_DES_EDE3_CFB.SetKeyWithIV(key, sizeof(key), iv);
00069 decryption_DES_EDE3_CFB.ProcessString(decrypted, ciphertext, 24);
00070
00071 if (memcmp(plaintext, decrypted, 24) != 0)
00072 {
00073 cerr << "DES-EDE3-CFB Encryption/decryption failed.\n";
00074 abort();
00075 }
00076 cout << "3. DES-EDE3-CFB Encryption/decryption succeeded.\n";
00077
00078
00079 const byte message[] = {'a', 'b', 'c'};
00080 const byte expectedDigest[] = {0xA9,0x99,0x3E,0x36,0x47,0x06,0x81,0x6A,0xBA,0x3E,0x25,0x71,0x78,0x50,0xC2,0x6C,0x9C,0xD0,0xD8,0x9D};
00081 byte digest[20];
00082
00083 SHA1 sha;
00084 sha.Update(message, 3);
00085 sha.Final(digest);
00086
00087 if (memcmp(digest, expectedDigest, 20) != 0)
00088 {
00089 cerr << "SHA-1 hash failed.\n";
00090 abort();
00091 }
00092 cout << "4. SHA-1 hash succeeded.\n";
00093
00094
00095 #ifdef OS_RNG_AVAILABLE
00096 AutoSeededX917RNG<DES_EDE3> rng;
00097 #else
00098
00099 RandomNumberGenerator &rng(NullRNG());
00100 #endif
00101
00102
00103 DSA::PrivateKey dsaPrivateKey;
00104 dsaPrivateKey.GenerateRandomWithKeySize(rng, 1024);
00105 DSA::PublicKey dsaPublicKey;
00106 dsaPublicKey.AssignFrom(dsaPrivateKey);
00107 if (!dsaPrivateKey.Validate(rng, 3) || !dsaPublicKey.Validate(rng, 3))
00108 {
00109 cerr << "DSA key generation failed.\n";
00110 abort();
00111 }
00112 cout << "5. DSA key generation succeeded.\n";
00113
00114
00115 std::string encodedDsaPublicKey, encodedDsaPrivateKey;
00116 dsaPublicKey.DEREncode(StringSink(encodedDsaPublicKey).Ref());
00117 dsaPrivateKey.DEREncode(StringSink(encodedDsaPrivateKey).Ref());
00118
00119
00120 DSA::PrivateKey decodedDsaPrivateKey;
00121 decodedDsaPrivateKey.BERDecode(StringStore(encodedDsaPrivateKey).Ref());
00122 DSA::PublicKey decodedDsaPublicKey;
00123 decodedDsaPublicKey.BERDecode(StringStore(encodedDsaPublicKey).Ref());
00124
00125 if (!decodedDsaPrivateKey.Validate(rng, 3) || !decodedDsaPublicKey.Validate(rng, 3))
00126 {
00127 cerr << "DSA key encode/decode failed.\n";
00128 abort();
00129 }
00130 cout << "6. DSA key encode/decode succeeded.\n";
00131
00132
00133 byte signature[40];
00134 DSA::Signer signer(dsaPrivateKey);
00135 assert(signer.SignatureLength() == 40);
00136 signer.SignMessage(rng, message, 3, signature);
00137
00138 DSA::Verifier verifier(dsaPublicKey);
00139 if (!verifier.VerifyMessage(message, 3, signature, sizeof(signature)))
00140 {
00141 cerr << "DSA signature and verification failed.\n";
00142 abort();
00143 }
00144 cout << "7. DSA signature and verification succeeded.\n";
00145
00146
00147
00148 signature[0] ^= 1;
00149 if (verifier.VerifyMessage(message, 3, signature, sizeof(signature)))
00150 {
00151 cerr << "DSA signature verification failed to detect bad signature.\n";
00152 abort();
00153 }
00154 cout << "8. DSA signature verification successfully detected bad signature.\n";
00155
00156
00157 try
00158 {
00159 ECB_Mode<DES_EDE3>::Encryption encryption_DES_EDE3_ECB;
00160 encryption_DES_EDE3_ECB.SetKey(key, 5);
00161
00162
00163 cerr << "DES-EDE3 implementation did not detect use of invalid key length.\n";
00164 abort();
00165 }
00166 catch (InvalidArgument &e)
00167 {
00168 cout << "9. Caught expected exception when using invalid key length. Exception message follows: ";
00169 cout << e.what() << endl;
00170 }
00171
00172 cout << "\nFIPS 140-2 Sample Application completed normally.\n";
00173 }
00174
00175 #ifdef CRYPTOPP_IMPORTS
00176
00177 static PNew s_pNew = NULL;
00178 static PDelete s_pDelete = NULL;
00179
00180 extern "C" __declspec(dllexport) void __cdecl SetNewAndDeleteFromCryptoPP(PNew pNew, PDelete pDelete, PSetNewHandler pSetNewHandler)
00181 {
00182 s_pNew = pNew;
00183 s_pDelete = pDelete;
00184 }
00185
00186 void * __cdecl operator new (size_t size)
00187 {
00188 return s_pNew(size);
00189 }
00190
00191 void __cdecl operator delete (void * p)
00192 {
00193 s_pDelete(p);
00194 }
00195
00196 #endif
00197
00198 #ifdef CRYPTOPP_DLL_ONLY
00199
00200 int __cdecl main()
00201 {
00202 FIPS140_SampleApplication();
00203 return 0;
00204 }
00205
00206 #endif
