diff options
Diffstat (limited to 'examples/pk_lib.c')
-rw-r--r-- | examples/pk_lib.c | 741 |
1 files changed, 741 insertions, 0 deletions
diff --git a/examples/pk_lib.c b/examples/pk_lib.c new file mode 100644 index 0000000..b184b78 --- /dev/null +++ b/examples/pk_lib.c @@ -0,0 +1,741 @@ +/* + * Demo on how to use /dev/crypto device for HMAC. + * + * Placed under public domain. + * + */ +#include <stdint.h> +#include <stdio.h> +#include <string.h> +#include <sys/types.h> +#include <stdlib.h> + +#include <ncrypto.h> +#include <gnutls/gnutls.h> +#include <gnutls/x509.h> +#if GNUTLS_VERSION_NUMBER >= 0x020b00 +# include <gnutls/abstract.h> +#endif + +#define DATA_SIZE 4096 + +#define DIAGNOSTIC_CALL(f,p...) \ + if ((output_size = f(p)) < 0) { \ + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); \ + perror(#f); \ + return 1; \ + } +#define DIAGNOSTIC_ERROR(p...) \ + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); \ + fprintf(stderr, p); +#define DIAGNOSTIC_DUMP(d,l) \ + { \ + int out_index; \ + \ + for (out_index = 0; out_index < l; out_index++) \ + fprintf(stderr, "%.2x:", (int)d[out_index]); \ + fprintf(stderr, "\n"); \ + } + +static void +print_hex_datum (gnutls_datum_t * dat) +{ + unsigned int j; +#define SPACE "\t" + fprintf (stdout, "\n" SPACE); + for (j = 0; j < dat->size; j++) + { + fprintf (stdout, "%.2x:", (unsigned char) dat->data[j]); + if ((j + 1) % 15 == 0) + fprintf (stdout, "\n" SPACE); + } + fprintf (stdout, "\n"); +} + +static void +print_dsa_pkey (gnutls_datum_t * x, gnutls_datum_t * y, gnutls_datum_t * p, + gnutls_datum_t * q, gnutls_datum_t * g) +{ + if (x) + { + fprintf (stdout, "private key:"); + print_hex_datum (x); + } + fprintf (stdout, "public key:"); + print_hex_datum (y); + fprintf (stdout, "p:"); + print_hex_datum (p); + fprintf (stdout, "q:"); + print_hex_datum (q); + fprintf (stdout, "g:"); + print_hex_datum (g); +} + +static void +print_rsa_pkey (gnutls_datum_t * m, gnutls_datum_t * e, gnutls_datum_t * d, + gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * u, + gnutls_datum_t * exp1, gnutls_datum_t *exp2) +{ + fprintf (stdout, "modulus:"); + print_hex_datum (m); + fprintf (stdout, "public exponent:"); + print_hex_datum (e); + if (d) + { + fprintf (stdout, "private exponent:"); + print_hex_datum (d); + fprintf (stdout, "prime1:"); + print_hex_datum (p); + fprintf (stdout, "prime2:"); + print_hex_datum (q); + fprintf (stdout, "coefficient:"); + print_hex_datum (u); + if (exp1 && exp2) + { + fprintf (stdout, "exp1:"); + print_hex_datum (exp1); + fprintf (stdout, "exp2:"); + print_hex_datum (exp2); + } + } +} + +static const char * +raw_to_string (const unsigned char *raw, size_t raw_size) +{ + static char buf[1024]; + size_t i; + if (raw_size == 0) + return NULL; + + if (raw_size * 3 + 1 >= sizeof (buf)) + return NULL; + + for (i = 0; i < raw_size; i++) { + sprintf (&(buf[i * 3]), "%02X%s", raw[i], + (i == raw_size - 1) ? "" : ":"); + } + buf[sizeof (buf) - 1] = '\0'; + + return buf; +} + +int privkey_info (void* data, int data_size, int verbose) +{ + gnutls_x509_privkey_t key; + size_t size; + int ret; + gnutls_datum_t der; + unsigned char buffer[5*1024]; + const char *cprint; + + ret = gnutls_x509_privkey_init (&key); + if (ret < 0) { + fprintf(stderr, "error in privkey_init\n"); + return 1; + } + + der.data = data; + der.size = data_size; + + ret = gnutls_x509_privkey_import (key, &der, GNUTLS_X509_FMT_DER); + if (ret < 0) { + fprintf(stderr, "unable to import privkey\n"); + return 1; + } + + if (verbose > 0) { + /* Public key algorithm + */ + fprintf (stdout, "Public Key Info:\n"); + ret = gnutls_x509_privkey_get_pk_algorithm (key); + + fprintf (stdout, "\tPublic Key Algorithm: "); + cprint = gnutls_pk_algorithm_get_name (ret); + fprintf (stdout, "%s\n", cprint ? cprint : "Unknown"); + + /* Print the raw public and private keys + */ + if (ret == GNUTLS_PK_RSA) { + gnutls_datum_t m, e, d, p, q, u, exp1={NULL,0}, exp2={NULL,0}; + +#if GNUTLS_VERSION_NUMBER >= 0x020b00 + ret = gnutls_x509_privkey_export_rsa_raw2 (key, &m, &e, &d, &p, &q, &u, &exp1, &exp2); +#else + ret = gnutls_x509_privkey_export_rsa_raw (key, &m, &e, &d, &p, &q, &u); +#endif + if (ret < 0) + fprintf (stderr, "Error in key RSA data export: %s\n", + gnutls_strerror (ret)); + else { + print_rsa_pkey (&m, &e, &d, &p, &q, &u, &exp1, &exp2); + gnutls_free (m.data); + gnutls_free (e.data); + gnutls_free (d.data); + gnutls_free (p.data); + gnutls_free (q.data); + gnutls_free (u.data); + gnutls_free (exp1.data); + gnutls_free (exp2.data); + } + } else if (ret == GNUTLS_PK_DSA) { + gnutls_datum_t p, q, g, y, x; + + ret = gnutls_x509_privkey_export_dsa_raw (key, &p, &q, &g, &y, &x); + if (ret < 0) + fprintf (stderr, "Error in key DSA data export: %s\n", + gnutls_strerror (ret)); + else { + print_dsa_pkey (&x, &y, &p, &q, &g); + gnutls_free (x.data); + gnutls_free (y.data); + gnutls_free (p.data); + gnutls_free (q.data); + gnutls_free (g.data); + } + } + + fprintf (stdout, "\n"); + + size = sizeof (buffer); + if ((ret = gnutls_x509_privkey_get_key_id (key, 0, buffer, &size)) < 0) { + fprintf (stderr, "Error in key id calculation: %s\n", + gnutls_strerror (ret)); + } else { + fprintf (stdout, "Public Key ID: %s\n", raw_to_string (buffer, size)); + } + + size = sizeof (buffer); + ret = gnutls_x509_privkey_export (key, GNUTLS_X509_FMT_PEM, buffer, &size); + if (ret < 0) { + fprintf(stderr, "Error in privkey_export\n"); + return 1; + } + + fprintf (stdout, "\n%s\n", buffer); + } + + gnutls_x509_privkey_deinit (key); + + return 0; +} + + + +int pubkey_info(void* data, int data_size, int verbose) +{ +#if GNUTLS_VERSION_NUMBER >= 0x020b00 + gnutls_pubkey_t key; + size_t size; + int ret; + gnutls_datum_t der; + unsigned char buffer[5*1024]; + const char *cprint; + + ret = gnutls_pubkey_init (&key); + if (ret < 0) { + fprintf(stderr, "error in pubkey_init\n"); + return 1; + } + + der.data = data; + der.size = data_size; + + ret = gnutls_pubkey_import (key, &der, GNUTLS_X509_FMT_DER); + if (ret < 0) { + fprintf(stderr, "unable to import pubkey\n"); + return 1; + } + + if (verbose > 0) { + /* Public key algorithm + */ + fprintf (stdout, "Public Key Info:\n"); + ret = gnutls_pubkey_get_pk_algorithm (key, NULL); + + fprintf (stdout, "\tPublic Key Algorithm: "); + cprint = gnutls_pk_algorithm_get_name (ret); + fprintf (stdout, "%s\n", cprint ? cprint : "Unknown"); + + /* Print the raw public and private keys + */ + if (ret == GNUTLS_PK_RSA) { + gnutls_datum_t m, e; + + ret = gnutls_pubkey_get_pk_rsa_raw (key, &m, &e); + if (ret < 0) + fprintf (stderr, "Error in key RSA data export: %s\n", + gnutls_strerror (ret)); + else { + print_rsa_pkey (&m, &e, NULL, NULL, NULL, NULL, NULL, NULL); + gnutls_free (m.data); + gnutls_free (e.data); + } + } else if (ret == GNUTLS_PK_DSA) { + gnutls_datum_t p, q, g, y; + + ret = gnutls_pubkey_get_pk_dsa_raw (key, &p, &q, &g, &y); + if (ret < 0) + fprintf (stderr, "Error in key DSA data export: %s\n", + gnutls_strerror (ret)); + else { + print_dsa_pkey (NULL, &y, &p, &q, &g); + gnutls_free (y.data); + gnutls_free (p.data); + gnutls_free (q.data); + gnutls_free (g.data); + } + } + + fprintf (stdout, "\n"); + + size = sizeof (buffer); + if ((ret = gnutls_pubkey_get_key_id (key, 0, buffer, &size)) < 0) { + fprintf (stderr, "Error in key id calculation: %s\n", + gnutls_strerror (ret)); + } else { + fprintf (stdout, "Public Key ID: %s\n", raw_to_string (buffer, size)); + } + + size = sizeof (buffer); + ret = gnutls_pubkey_export (key, GNUTLS_X509_FMT_PEM, buffer, &size); + if (ret < 0) { + fprintf(stderr, "Error in privkey_export\n"); + return 1; + } + + fprintf (stdout, "\n%s\n", buffer); + } + + gnutls_pubkey_deinit (key); +#endif + return 0; +} + +/* Diffie Hellman */ +const char dh_params_txt[] = "-----BEGIN DH PARAMETERS-----\n"\ +"MIGHAoGBAKMox0/IjuGqSaGMJESYMhdmXiTe1pY8gkSzWZ/ktWaUdaYAzgAZp7r3\n"\ +"OCh68YslS9Oi7/UQjmBbgGuOucMKgq3tYeYzY8G2epIuIzM4TAogaEqwkdSrXlth\n"\ +"MMsP2FhLhHg8m6V6iItitnMOz9r8t3BEf04GRlfzgZraM0gUUwTjAgEF\n"\ +"-----END DH PARAMETERS-----\n"; + +static int test_ncr_dh(void) +{ +ncr_key_generate_params_t kgen; +ncr_key_t private1, public1, public2, private2; +ncr_key_t z1, z2; +int ret; +gnutls_datum g, p, params; +gnutls_dh_params_t dhp; +unsigned char y1[1024], y2[1024]; +size_t y1_size, y2_size; +ncr_key_params_t kderive; +ssize_t output_size; + + fprintf(stdout, "Tests on DH key exchange:"); + fflush(stdout); + + params.data = (void*)dh_params_txt; + params.size = sizeof(dh_params_txt)-1; + + ret = gnutls_dh_params_init(&dhp); + if (ret < 0) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + fprintf(stderr, "gnutls: %s\n", gnutls_strerror(ret)); + return 1; + } + + ret = gnutls_dh_params_import_pkcs3(dhp, ¶ms, GNUTLS_X509_FMT_PEM); + if (ret < 0) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + fprintf(stderr, "gnutls: %s\n", gnutls_strerror(ret)); + return 1; + } + + ret = gnutls_dh_params_export_raw(dhp, &p, &g, NULL); + if (ret < 0) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + fprintf(stderr, "gnutls: %s\n", gnutls_strerror(ret)); + return 1; + } + + /* generate a DH key */ + DIAGNOSTIC_CALL(ncr_key_init, &private1); + DIAGNOSTIC_CALL(ncr_key_init, &public1); + + DIAGNOSTIC_CALL(ncr_key_generate_params_init, &kgen); + DIAGNOSTIC_CALL(ncr_key_generate_params_set_algorithm, kgen, + NCR_ALG_DH); + DIAGNOSTIC_CALL(ncr_key_generate_params_set_keyflags, kgen, + NCR_KEY_FLAG_EXPORTABLE); + DIAGNOSTIC_CALL(ncr_key_generate_params_set_dh, kgen, p.data, p.size, + g.data, g.size); + + DIAGNOSTIC_CALL(ncr_key_generate_pair, private1, public1, kgen); + DIAGNOSTIC_CALL(ncr_key_generate_params_deinit, kgen); + + /* generate another DH key */ + DIAGNOSTIC_CALL(ncr_key_init, &private2); + DIAGNOSTIC_CALL(ncr_key_init, &public2); + + DIAGNOSTIC_CALL(ncr_key_generate_params_init, &kgen); + DIAGNOSTIC_CALL(ncr_key_generate_params_set_algorithm, kgen, + NCR_ALG_DH); + DIAGNOSTIC_CALL(ncr_key_generate_params_set_keyflags, kgen, + NCR_KEY_FLAG_EXPORTABLE); + DIAGNOSTIC_CALL(ncr_key_generate_params_set_dh, kgen, p.data, p.size, + g.data, g.size); + + DIAGNOSTIC_CALL(ncr_key_generate_pair, private2, public2, kgen); + DIAGNOSTIC_CALL(ncr_key_generate_params_deinit, kgen); + + /* export y1=g^x1 */ + DIAGNOSTIC_CALL(ncr_key_export, public1, y1, sizeof(y1)); + y1_size = output_size; + + DIAGNOSTIC_CALL(ncr_key_deinit, public1); + + /* export y2=g^x2 */ + DIAGNOSTIC_CALL(ncr_key_export, public2, y2, sizeof(y2)); + y2_size = output_size; + + DIAGNOSTIC_CALL(ncr_key_deinit, public2); + + /* z1=y1^x2 */ + DIAGNOSTIC_CALL(ncr_key_init, &z1); + + DIAGNOSTIC_CALL(ncr_key_params_init, &kderive); + DIAGNOSTIC_CALL(ncr_key_params_set_dh_pub, kderive, y2, y2_size); + + DIAGNOSTIC_CALL(ncr_key_derive, z1, NCR_KEY_FLAG_EXPORTABLE, private1, + NCR_DERIVE_DH, kderive); + ncr_key_params_deinit(kderive); + DIAGNOSTIC_CALL(ncr_key_deinit, private1); + + /* z2=y2^x1 */ + DIAGNOSTIC_CALL(ncr_key_init, &z2); + + DIAGNOSTIC_CALL(ncr_key_params_init, &kderive); + DIAGNOSTIC_CALL(ncr_key_params_set_dh_pub, kderive, y1, y1_size); + + DIAGNOSTIC_CALL(ncr_key_derive, z2, NCR_KEY_FLAG_EXPORTABLE, private2, + NCR_DERIVE_DH, kderive); + ncr_key_params_deinit(kderive); + DIAGNOSTIC_CALL(ncr_key_deinit, private2); + + /* z1==z2 */ + DIAGNOSTIC_CALL(ncr_key_export, z1, y1, sizeof(y1)); + y1_size = output_size; + DIAGNOSTIC_CALL(ncr_key_deinit, z1); + + DIAGNOSTIC_CALL(ncr_key_export, z2, y2, sizeof(y2)); + y2_size = output_size; + DIAGNOSTIC_CALL(ncr_key_deinit, z2); + + if (y1_size == 0 || y1_size != y2_size || memcmp(y1, y2, y1_size) != 0) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + DIAGNOSTIC_ERROR("Output in DH does not match (%d, %d)!\n", + (int)y1_size, (int)y2_size); + + fprintf(stderr, "Key1[%d]: ", (int) y1_size); + DIAGNOSTIC_DUMP(y1, y1_size); + + fprintf(stderr, "Key2[%d]: ", (int) y2_size); + DIAGNOSTIC_DUMP(y2, y2_size); + + return 1; + } + + + fprintf(stdout, " Success\n"); + + return 0; +} + +#define RSA_ENCRYPT_SIZE 32 + +static int rsa_key_encrypt(ncr_key_t privkey, ncr_key_t pubkey, int oaep) +{ + ncr_key_params_t params; + uint8_t data[DATA_SIZE]; + uint8_t vdata[RSA_ENCRYPT_SIZE]; + int enc_size; + ssize_t output_size; + + fprintf(stdout, "Tests on RSA (%s) key encryption:", (oaep!=0)?"OAEP":"PKCS V1.5"); + fflush(stdout); + + memset(data, 0x3, sizeof(data)); + memcpy(vdata, data, sizeof(vdata)); + + /* do encryption */ + DIAGNOSTIC_CALL(ncr_key_params_init, ¶ms); + if (oaep) { + DIAGNOSTIC_CALL(ncr_key_params_set_rsa_type, params, + RSA_PKCS1_OAEP); + DIAGNOSTIC_CALL(ncr_key_params_set_rsa_oaep_hash, params, + NCR_ALG_SHA1); + } else { + DIAGNOSTIC_CALL(ncr_key_params_set_rsa_type, params, + RSA_PKCS1_V1_5); + } + + DIAGNOSTIC_CALL(ncr_session_once_direct_data, pubkey, params, + NCR_OP_ENCRYPT, NCR_ALG_RSA, data, RSA_ENCRYPT_SIZE, + data, sizeof(data)); + enc_size = output_size; + + /* decrypt data */ + DIAGNOSTIC_CALL(ncr_session_once_direct_data, privkey, params, + NCR_OP_DECRYPT, NCR_ALG_RSA, data, enc_size, + data, sizeof(data)); + + if (memcmp(vdata, data, sizeof(vdata)) != 0) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + fprintf(stderr, "Decrypted data do not match!\n"); + return 1; + } + + ncr_key_params_deinit(params); + fprintf(stdout, " Success\n"); + + return 0; + +} + +#define DATA_TO_SIGN 52 + +static int rsa_key_sign_verify(ncr_key_t privkey, ncr_key_t pubkey, int pss) +{ + ncr_key_params_t params; + uint8_t data[DATA_SIZE]; + uint8_t sig[DATA_SIZE]; + int sig_size; + ssize_t output_size; + + fprintf(stdout, "Tests on RSA (%s) key signature:", (pss!=0)?"PSS":"PKCS V1.5"); + fflush(stdout); + + memset(data, 0x3, sizeof(data)); + + /* sign datad */ + DIAGNOSTIC_CALL(ncr_key_params_init, ¶ms); + DIAGNOSTIC_CALL(ncr_key_params_set_rsa_type, params, + (pss != 0) ? RSA_PKCS1_PSS : RSA_PKCS1_V1_5); + DIAGNOSTIC_CALL(ncr_key_params_set_rsa_sign_hash, params, NCR_ALG_SHA1); + + DIAGNOSTIC_CALL(ncr_session_once_direct_data, privkey, params, + NCR_OP_SIGN, NCR_ALG_RSA, data, DATA_TO_SIGN, sig, + sizeof(sig)); + sig_size = output_size; + + /* verify signature */ + memset(data, 0x3, sizeof(data)); + + DIAGNOSTIC_CALL(ncr_session_once_direct_data, pubkey, params, + NCR_OP_VERIFY, NCR_ALG_RSA, data, DATA_TO_SIGN, sig, + sig_size); + + ncr_key_params_deinit(params); + + fprintf(stdout, " Success\n"); + + return 0; + +} + +static int dsa_key_sign_verify(ncr_key_t privkey, ncr_key_t pubkey) +{ + ncr_key_params_t params; + uint8_t data[DATA_SIZE]; + uint8_t sig[DATA_SIZE]; + int sig_size; + ssize_t output_size; + + fprintf(stdout, "Tests on DSA key signature:"); + fflush(stdout); + + memset(data, 0x3, sizeof(data)); + + /* sign datad */ + DIAGNOSTIC_CALL(ncr_key_params_init, ¶ms); + DIAGNOSTIC_CALL(ncr_key_params_set_dsa_sign_hash, params, NCR_ALG_SHA1); + + DIAGNOSTIC_CALL(ncr_session_once_direct_data, privkey, params, + NCR_OP_SIGN, NCR_ALG_DSA, data, DATA_TO_SIGN, sig, + sizeof(sig)); + sig_size = output_size; + + /* verify signature */ + DIAGNOSTIC_CALL(ncr_session_once_direct_data, pubkey, params, + NCR_OP_VERIFY, NCR_ALG_DSA, data, DATA_TO_SIGN, sig, + sig_size); + + ncr_key_params_deinit(params); + + fprintf(stdout, " Success\n"); + + return 0; +} + + +static int test_ncr_rsa(void) +{ + int ret; + ncr_key_generate_params_t kgen; + ncr_key_t pubkey, privkey; + uint8_t data[DATA_SIZE]; + ssize_t output_size; + + fprintf(stdout, "Tests on RSA key generation:"); + fflush(stdout); + + /* convert it to key */ + DIAGNOSTIC_CALL(ncr_key_init, &privkey); + + DIAGNOSTIC_CALL(ncr_key_init, &pubkey); + + DIAGNOSTIC_CALL(ncr_key_generate_params_init, &kgen); + DIAGNOSTIC_CALL(ncr_key_generate_params_set_algorithm, kgen, + NCR_ALG_RSA); + DIAGNOSTIC_CALL(ncr_key_generate_params_set_keyflags, kgen, + NCR_KEY_FLAG_EXPORTABLE|NCR_KEY_FLAG_WRAPPABLE); + DIAGNOSTIC_CALL(ncr_key_generate_params_set_rsa_bits, kgen, 1024); + + DIAGNOSTIC_CALL(ncr_key_generate_pair, privkey, pubkey, kgen); + DIAGNOSTIC_CALL(ncr_key_generate_params_deinit, kgen); + + /* export the private key */ + memset(data, 0, sizeof(data)); + DIAGNOSTIC_CALL(ncr_key_export, privkey, data, sizeof(data)); + + ret = privkey_info(data, output_size, 0); + if (ret != 0) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + return 1; + } + + /* export the public key */ + + memset(data, 0, sizeof(data)); + DIAGNOSTIC_CALL(ncr_key_export, pubkey, data, sizeof(data)); + + ret = pubkey_info(data, output_size, 0); + if (ret != 0) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + return 1; + } + + fprintf(stdout, " Success\n"); + + ret = rsa_key_sign_verify(privkey, pubkey, 1); + if (ret != 0) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + return 1; + } + + ret = rsa_key_sign_verify(privkey, pubkey, 0); + if (ret != 0) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + return 1; + } + + ret = rsa_key_encrypt(privkey, pubkey, 0); + if (ret != 0) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + return 1; + } + + ret = rsa_key_encrypt(privkey, pubkey, 1); + if (ret != 0) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + return 1; + } + + return 0; + +} + +static int test_ncr_dsa(void) +{ + int ret; + ncr_key_generate_params_t kgen; + ncr_key_t pubkey, privkey; + uint8_t data[DATA_SIZE]; + ssize_t output_size; + + fprintf(stdout, "Tests on DSA key generation:"); + fflush(stdout); + + /* convert it to key */ + DIAGNOSTIC_CALL(ncr_key_init, &privkey); + DIAGNOSTIC_CALL(ncr_key_init, &pubkey); + + DIAGNOSTIC_CALL(ncr_key_generate_params_init, &kgen); + DIAGNOSTIC_CALL(ncr_key_generate_params_set_algorithm, kgen, + NCR_ALG_DSA); + DIAGNOSTIC_CALL(ncr_key_generate_params_set_keyflags, kgen, + NCR_KEY_FLAG_EXPORTABLE|NCR_KEY_FLAG_WRAPPABLE); + DIAGNOSTIC_CALL(ncr_key_generate_params_set_dsa_q_bits, kgen, 160); + DIAGNOSTIC_CALL(ncr_key_generate_params_set_dsa_p_bits, kgen, 1024); + + DIAGNOSTIC_CALL(ncr_key_generate_pair, privkey, pubkey, kgen); + DIAGNOSTIC_CALL(ncr_key_generate_params_deinit, kgen); + + memset(data, 0, sizeof(data)); + DIAGNOSTIC_CALL(ncr_key_export, privkey, data, sizeof(data)); + + ret = privkey_info(data, output_size, 0); + if (ret != 0) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + return 1; + } + + /* export the public key */ + + memset(data, 0, sizeof(data)); + DIAGNOSTIC_CALL(ncr_key_export, pubkey, data, sizeof(data)); + + ret = pubkey_info(data, output_size, 0); + if (ret != 0) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + return 1; + } + + fprintf(stdout, " Success\n"); + + ret = dsa_key_sign_verify(privkey, pubkey); + if (ret != 0) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + return 1; + } + + return 0; + +} + + +int +main() +{ + gnutls_global_init(); + + /* actually test if the initial close + * will really delete all used lists */ + + ncr_global_init(0); + + if (test_ncr_dh()) + return 1; + + if (test_ncr_rsa()) + return 1; + + if (test_ncr_dsa()) + return 1; + + /* Close the original descriptor */ + ncr_global_deinit(); + + return 0; +} |