Initial regress for CSI DH.

3 files changed, 196 insertions, 0 deletions

diff --git a/regress/lib/libcsi/Makefile b/regress/lib/libcsi/Makefile
new file mode 100644
index 00000000000..1a2cad93732
--- /dev/null
+++ b/regress/lib/libcsi/Makefile
@@ -0,0 +1,8 @@
+#	$OpenBSD: Makefile,v 1.1 2018/06/02 17:46:04 jsing Exp $
+
+SUBDIR= \
+	dh
+
+install:
+
+.include <bsd.subdir.mk>
diff --git a/regress/lib/libcsi/dh/Makefile b/regress/lib/libcsi/dh/Makefile
new file mode 100644
index 00000000000..61fcf490da6
--- /dev/null
+++ b/regress/lib/libcsi/dh/Makefile
@@ -0,0 +1,18 @@
+# $OpenBSD: Makefile,v 1.1 2018/06/02 17:46:04 jsing Exp $
+
+PROG=	dhtest
+LDADD=	-lcrypto
+DPADD=	${LIBCRYPTO}
+
+WARNINGS=	Yes
+CFLAGS+=	-Werror
+
+CFLAGS+=	-I${.CURDIR}/../../../../lib/libcsi
+
+SRCS=	dhtest.c
+
+.PATH:  ${.CURDIR}/../../../../lib/libcsi
+
+SRCS+=  csi.c csi_dh.c csi_dh_groups.c csi_util.c
+
+.include <bsd.regress.mk>
diff --git a/regress/lib/libcsi/dh/dhtest.c b/regress/lib/libcsi/dh/dhtest.c
new file mode 100644
index 00000000000..2c6e4ff4ab2
--- /dev/null
+++ b/regress/lib/libcsi/dh/dhtest.c
@@ -0,0 +1,170 @@
+/* $OpenBSD: dhtest.c,v 1.1 2018/06/02 17:46:04 jsing Exp $ */
+/*
+ * Copyright (c) 2018 Joel Sing <jsing@openbsd.org>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <err.h>
+#include <stdio.h>
+#include <string.h>
+
+#include <csi.h>
+
+static int
+dh_params_test(void)
+{
+	return 0;
+}
+
+static int
+dh_generate_keys_test(void)
+{
+	return 0;
+}
+
+static int
+dh_peer_public_test(void)
+{
+	uint8_t data[] = {0x01, 0x00, 0x01};
+	struct csi_dh_params *params;
+	struct csi_dh_public public;
+	struct csi_dh *cdh;
+	int failed = 1;
+
+	if ((cdh = csi_dh_new()) == NULL)
+		errx(1, "out of memory");
+	if ((params = csi_dh_params_modp_group1()) == NULL)
+		errx(1, "out of memory");
+
+	if (csi_dh_set_params(cdh, params) == -1) {
+		fprintf(stderr, "FAIL: failed to set dh params: %s\n",
+		    csi_dh_error(cdh));
+		goto fail;
+	}
+
+	public.key.data = data;
+	public.key.len = sizeof(data);
+
+	if (csi_dh_set_peer_public(cdh, &public) != -1) {
+		fprintf(stderr, "FAIL: successfully set public key, "
+		    "should have failed!\n");
+		goto fail;
+	}
+
+	failed = 0;
+
+ fail:
+	csi_dh_params_free(params);
+	csi_dh_free(cdh);
+
+	return failed;
+}
+
+static int
+dh_kex_test(void)
+{
+	struct csi_dh_public *client_public = NULL, *server_public = NULL;
+	struct csi_dh_shared *client_shared = NULL, *server_shared = NULL;
+	struct csi_dh *client = NULL, *server = NULL;
+	struct csi_dh_params *params;
+	int failed = 1;
+
+	if ((client = csi_dh_new()) == NULL)
+		errx(1, "out of memory");
+	if ((server = csi_dh_new()) == NULL)
+		errx(1, "out of memory");
+
+	params = csi_dh_params_modp_group2();
+
+	if (csi_dh_set_params(client, params) == -1) {
+		fprintf(stderr, "FAIL: failed to set client params: %s\n",
+		    csi_dh_error(client));
+		goto fail;
+	}
+	if (csi_dh_set_params(server, params) == -1) {
+		fprintf(stderr, "FAIL: failed to set server params: %s\n",
+		    csi_dh_error(server));
+		goto fail;
+	}
+
+	if (csi_dh_generate_keys(client, 0, &client_public) == -1) {
+		fprintf(stderr, "FAIL: failed to generate client keys: %s\n",
+		    csi_dh_error(client));
+		goto fail;
+	}
+	if (csi_dh_generate_keys(server, 0, &server_public) == -1) {
+		fprintf(stderr, "FAIL: failed to generate server keys: %s\n",
+		    csi_dh_error(server));
+		goto fail;
+	}
+
+	if (csi_dh_set_peer_public(client, server_public) == -1) {
+		fprintf(stderr, "FAIL: failed to set client peer public: %s\n",
+		    csi_dh_error(client));
+		goto fail;
+	}
+	if (csi_dh_set_peer_public(server, client_public) == -1) {
+		fprintf(stderr, "FAIL: failed to set server peer public: %s\n",
+		    csi_dh_error(server));
+		goto fail;
+	}
+
+	if (csi_dh_derive_shared_key(client, &client_shared) == -1) {
+		fprintf(stderr, "FAIL: failed to derive client shared key: %s\n",
+		    csi_dh_error(client));
+		goto fail;
+	}
+	if (csi_dh_derive_shared_key(server, &server_shared) == -1) {
+		fprintf(stderr, "FAIL: failed to derive server shared key: %s\n",
+		    csi_dh_error(server));
+		goto fail;
+	}
+
+	if (client_shared->key.len != server_shared->key.len) {
+		fprintf(stderr, "FAIL: shared key lengths differ (%zu != %zu)\n",
+		    client_shared->key.len, server_shared->key.len);
+		goto fail;
+	}
+	if (memcmp(client_shared->key.data, server_shared->key.data,
+	    client_shared->key.len) != 0) {
+		fprintf(stderr, "FAIL: shared keys differ\n");
+		goto fail;
+	}
+
+	failed = 0;
+
+ fail:
+	csi_dh_params_free(params);
+	csi_dh_free(client);
+	csi_dh_free(server);
+	csi_dh_public_free(client_public);
+	csi_dh_public_free(server_public);
+	csi_dh_shared_free(client_shared);
+	csi_dh_shared_free(server_shared);
+
+	return failed;
+}
+
+int
+main(int argc, char **argv)
+{
+	int failed = 0;
+
+	failed |= dh_params_test();
+	failed |= dh_generate_keys_test();
+	failed |= dh_peer_public_test();
+	failed |= dh_kex_test();
+
+	return failed;
+}