mirror of
https://github.com/rn10950/RetroZilla.git
synced 2024-11-14 03:30:17 +01:00
57 lines
2.6 KiB
Plaintext
57 lines
2.6 KiB
Plaintext
This directory contains a set of tests for each cipher supported by
|
|
BLAPI. Each subdirectory contains known plaintext and ciphertext pairs
|
|
(and keys and/or iv's if needed). The tests can be run as a full set
|
|
with:
|
|
bltest -T
|
|
or as subsets, for example:
|
|
bltest -T -m des_ecb,md2,rsa
|
|
|
|
In each subdirectory, the plaintext, key, and iv are ascii, and treated
|
|
as such. The ciphertext is base64-encoded to avoid the hassle of binary
|
|
files.
|
|
|
|
To add a test, incremement the value in the numtests file. Create a
|
|
plaintext, key, and iv file, such that the name of the file is
|
|
incrememted one from the last set of tests. For example, if you are
|
|
adding the second test, put your data in files named plaintext1, key1,
|
|
and iv1 (ignoring key and iv if they are not needed, of course). Make
|
|
sure your key and iv are the correct number of bytes for your cipher (a
|
|
trailing \n is okay, but any other trailing bytes will be used!). Once
|
|
you have your input data, create output data by running bltest on a
|
|
trusted implementation. For example, for a new DES ECB test, run
|
|
bltest -E -m des_ecb -i plaintext1 -k key1 -o ciphertext1 -a in the
|
|
tests/des_ecb directory. Then run
|
|
bltest -T des_ecb from the cmd/bltest directory in the tree of the
|
|
implementation you want to test.
|
|
|
|
Note that the -a option above is important, it tells bltest to expect
|
|
the input to be straight ASCII, and not base64 encoded binary!
|
|
|
|
Special cases:
|
|
|
|
RC5:
|
|
RC5 can take additional parameters, the number of rounds to perform and
|
|
the wordsize to use. The number of rounds is between is between 0 and
|
|
255, and the wordsize is either is either 16, 32, or 64 bits (at this
|
|
time only 32-bit is supported). These parameters are specified in a
|
|
paramsN file, where N is an index as above. The format of the file is
|
|
"rounds=R\nwordsize=W\n".
|
|
|
|
public key modes (RSA and DSA):
|
|
Asymmetric key ciphers use keys with special properties, so creating a
|
|
key file with "Mozilla!" in it will not get you very far! To create a
|
|
public key, run bltest with the plaintext you want to encrypt, using a
|
|
trusted implementation. bltest will generate a key and store it in
|
|
"tmp.key", rename that file to keyN. For example:
|
|
bltest -E -m rsa -i plaintext0 -o ciphertext0 -e 65537 -g 32 -a
|
|
mv tmp.key key0
|
|
|
|
RSA-OAEP/RSA-PSS:
|
|
RSA-OAEP and RSA-PSS have a number of additional parameters to feed in.
|
|
- "seedN": The seed or salt to use when encrypting/signing
|
|
- "hashN" / "maskhashN" - The base digest algorithm and the digest algorithm
|
|
to use with MGF1, respectively. This should be an ASCII string specifying
|
|
one of the hash algorithms recognized by bltest (eg: "sha1", "sha256")
|
|
|
|
[note: specifying a keysize (-g) when using RSA is important!]
|