summaryrefslogtreecommitdiff
path: root/regress/sbin
diff options
context:
space:
mode:
authorReyk Floeter <reyk@cvs.openbsd.org>2010-06-29 19:50:17 +0000
committerReyk Floeter <reyk@cvs.openbsd.org>2010-06-29 19:50:17 +0000
commite69cd500249d0f33ac2315b0a6fa39715244a3bf (patch)
treeb9287111a7b0376eb1a89a399ac05348d8e390bb /regress/sbin
parent752e13003d3f50cf77229b00727f7a386d28facf (diff)
Replace the hand-crafted Diffie-Hellman implementation in isakmpd with
the smaller implementation from iked that is using libcrypto instead. This allows to remove a lot of code (which is always good), get rid of some custom crypto code by using libcrypto, theoretically adds support for many new MODP and EC2N/ECP modes (but it is not configurable yet), and allows to share the dh.c/dh.h code in different codebases (it is identical in isakmpd and iked, but could also be used elsewhere). ok deraadt@
Diffstat (limited to 'regress/sbin')
-rw-r--r--regress/sbin/isakmpd/dh/Makefile5
-rw-r--r--regress/sbin/isakmpd/dh/dhtest.c80
2 files changed, 32 insertions, 53 deletions
diff --git a/regress/sbin/isakmpd/dh/Makefile b/regress/sbin/isakmpd/dh/Makefile
index 032550bb7e8..41dba838c45 100644
--- a/regress/sbin/isakmpd/dh/Makefile
+++ b/regress/sbin/isakmpd/dh/Makefile
@@ -1,11 +1,10 @@
-# $OpenBSD: Makefile,v 1.1 2005/04/08 17:12:48 cloder Exp $
+# $OpenBSD: Makefile,v 1.2 2010/06/29 19:50:16 reyk Exp $
# $EOM: Makefile,v 1.10 2000/04/07 20:19:43 niklas Exp $
# Test DH:
PROG= dhtest
-SRCS= math_2n.c math_ec2n.c math_group.c dh.c dhtest.c log.c util.c \
- sysdep.c gmp_util.c conf.c
+SRCS= dh.c dhtest.c
TOPSRC= ${.CURDIR}/../../../../sbin/isakmpd
TOPOBJ!= cd ${TOPSRC}; printf "all:\n\t@pwd\n" |${MAKE} -f-
OS!= awk '/^OS=/ { print $$2 }' ${.CURDIR}/../../Makefile
diff --git a/regress/sbin/isakmpd/dh/dhtest.c b/regress/sbin/isakmpd/dh/dhtest.c
index 7e4faa0de6f..7993d85c10b 100644
--- a/regress/sbin/isakmpd/dh/dhtest.c
+++ b/regress/sbin/isakmpd/dh/dhtest.c
@@ -1,7 +1,8 @@
-/* $OpenBSD: dhtest.c,v 1.1 2005/04/08 17:12:48 cloder Exp $ */
+/* $OpenBSD: dhtest.c,v 1.2 2010/06/29 19:50:16 reyk Exp $ */
/* $EOM: dhtest.c,v 1.1 1998/07/18 21:14:20 provos Exp $ */
/*
+ * Copyright (c) 2010 Reyk Floeter <reyk@vantronix.net>
* Copyright (c) 1998 Niels Provos. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -37,66 +38,45 @@
#include <string.h>
#include <stdio.h>
-#include "math_group.h"
#include "dh.h"
-#define DUMP_X(_x_) point = (_x_); b2n_print (point->x);
-
int
-main (void)
+main(void)
{
- int len;
- char buf[100], buf2[100];
- char sec[100], sec2[100];
- struct group *group, *group2;
-
- group_init ();
- group = group_get (4);
- group2 = group_get (4);
-
- printf ("Testing DH (elliptic curve): \n");
-
- printf ("dh_getlen\n");
- len = dh_getlen (group);
- printf ("dh_create_exchange\n");
- dh_create_exchange (group, buf);
- dh_create_exchange (group2, buf2);
-
- printf ("dh_create_shared\n");
- dh_create_shared (group, sec, buf2);
- dh_create_shared (group2, sec2, buf);
+ int len, id;
+ char buf[DH_MAXSZ], buf2[DH_MAXSZ];
+ char sec[DH_MAXSZ], sec2[DH_MAXSZ];
+ struct group *group, *group2;
+ const char *name[] = { "MODP", "EC2N", "ECP" };
- printf ("Result: ");
- if (memcmp (sec, sec2, len))
- printf ("FAILED ");
- else
- printf ("OKAY ");
+ group_init();
- group_free (group);
- group_free (group2);
+ for (id = 0; id < 0xff; id++) {
+ if ((group = group_get(id)) == NULL ||
+ (group2 = group_get(id)) == NULL)
+ continue;
- printf ("\nTesting DH (MODP): \n");
+ printf ("Testing group %d (%s%d): ", id,
+ name[group->spec->type],
+ group->spec->bits);
- group = group_get (1);
- group2 = group_get (1);
+ len = dh_getlen(group);
- printf ("dh_getlen\n");
- len = dh_getlen (group);
- printf ("dh_create_exchange\n");
- dh_create_exchange (group, buf);
- dh_create_exchange (group2, buf2);
+ dh_create_exchange(group, buf);
+ dh_create_exchange(group2, buf2);
- printf ("dh_create_shared\n");
- dh_create_shared (group, sec, buf2);
- dh_create_shared (group2, sec2, buf);
+ dh_create_shared(group, sec, buf2);
+ dh_create_shared(group2, sec2, buf);
- printf ("Result: ");
- if (memcmp (sec, sec2, len))
- printf ("FAILED ");
- else
- printf ("OKAY ");
+ if (memcmp (sec, sec2, len)) {
+ printf("FAILED\n");
+ return (1);
+ } else
+ printf("OKAY\n");
+ group_free(group);
+ group_free(group2);
+ }
- printf ("\n");
- return 0;
+ return (0);
}