RetroZilla/security/nss/cmd/bltest/tests
2020-01-31 15:54:04 +08:00
..
aes_cbc cherry-picked mozilla NSS upstream changes (to rev f7a4c771997e, which is on par with 3.16.1 but without windows rand() changes): 2018-07-14 21:22:29 +08:00
aes_ctr NSS: update to 3.15.5 2018-05-19 22:01:21 +08:00
aes_cts NSS: update to 3.15.5 2018-05-19 22:01:21 +08:00
aes_ecb cherry-picked mozilla NSS upstream changes (to rev f7a4c771997e, which is on par with 3.16.1 but without windows rand() changes): 2018-07-14 21:22:29 +08:00
aes_gcm NSS: update to 3.15.5 2018-05-19 22:01:21 +08:00
camellia_cbc NSS: update to 3.15.5 2018-05-19 22:01:21 +08:00
camellia_ecb NSS: update to 3.15.5 2018-05-19 22:01:21 +08:00
chacha20_poly1305 import NSS mozilla upstream changes in order to implement ChaCha20-Poly1305 support: 2020-01-31 15:54:04 +08:00
des3_cbc first commit 2015-10-20 23:03:22 -04:00
des3_ecb first commit 2015-10-20 23:03:22 -04:00
des_cbc first commit 2015-10-20 23:03:22 -04:00
des_ecb first commit 2015-10-20 23:03:22 -04:00
dsa NSS: update to 3.15.5 2018-05-19 22:01:21 +08:00
ecdsa NSS: update to 3.15.5 2018-05-19 22:01:21 +08:00
md2 first commit 2015-10-20 23:03:22 -04:00
md5 first commit 2015-10-20 23:03:22 -04:00
rc2_cbc first commit 2015-10-20 23:03:22 -04:00
rc2_ecb first commit 2015-10-20 23:03:22 -04:00
rc4 first commit 2015-10-20 23:03:22 -04:00
rc5_cbc first commit 2015-10-20 23:03:22 -04:00
rc5_ecb first commit 2015-10-20 23:03:22 -04:00
rsa NSS: update to 3.15.5 2018-05-19 22:01:21 +08:00
rsa_oaep NSS: update to 3.15.5 2018-05-19 22:01:21 +08:00
rsa_pss NSS: update to 3.15.5 2018-05-19 22:01:21 +08:00
seed_cbc first commit 2015-10-20 23:03:22 -04:00
seed_ecb first commit 2015-10-20 23:03:22 -04:00
sha1 first commit 2015-10-20 23:03:22 -04:00
sha224 NSS: update to 3.15.5 2018-05-19 22:01:21 +08:00
sha256 first commit 2015-10-20 23:03:22 -04:00
sha384 first commit 2015-10-20 23:03:22 -04:00
sha512 first commit 2015-10-20 23:03:22 -04:00
README NSS: update to 3.15.5 2018-05-19 22:01:21 +08:00

This directory contains a set of tests for each cipher supported by
BLAPI.  Each subdirectory contains known plaintext and ciphertext pairs
(and keys and/or iv's if needed).  The tests can be run as a full set
with:
    bltest -T
or as subsets, for example:
    bltest -T -m des_ecb,md2,rsa

In each subdirectory, the plaintext, key, and iv are ascii, and treated
as such.  The ciphertext is base64-encoded to avoid the hassle of binary
files.

To add a test, incremement the value in the numtests file.  Create a
plaintext, key, and iv file, such that the name of the file is
incrememted one from the last set of tests.  For example, if you are
adding the second test, put your data in files named plaintext1, key1,
and iv1 (ignoring key and iv if they are not needed, of course).  Make
sure your key and iv are the correct number of bytes for your cipher (a
trailing \n is okay, but any other trailing bytes will be used!).  Once
you have your input data, create output data by running bltest on a
trusted implementation.  For example, for a new DES ECB test, run
    bltest -E -m des_ecb -i plaintext1 -k key1 -o ciphertext1 -a in the
tests/des_ecb directory.  Then run
    bltest -T des_ecb from the cmd/bltest directory in the tree of the
implementation you want to test.

Note that the -a option above is important, it tells bltest to expect
the input to be straight ASCII, and not base64 encoded binary!

Special cases:

RC5:
RC5 can take additional parameters, the number of rounds to perform and
the wordsize to use.  The number of rounds is between is between 0 and
255, and the wordsize is either is either 16, 32, or 64 bits (at this
time only 32-bit is supported).  These parameters are specified in a
paramsN file, where N is an index as above.  The format of the file is
"rounds=R\nwordsize=W\n".

public key modes (RSA and DSA):
Asymmetric key ciphers use keys with special properties, so creating a
key file with "Mozilla!" in it will not get you very far!  To create a
public key, run bltest with the plaintext you want to encrypt, using a
trusted implementation.  bltest will generate a key and store it in
"tmp.key", rename that file to keyN.  For example:
    bltest -E -m rsa -i plaintext0 -o ciphertext0 -e 65537 -g 32 -a
    mv tmp.key key0

RSA-OAEP/RSA-PSS:
RSA-OAEP and RSA-PSS have a number of additional parameters to feed in.
- "seedN": The seed or salt to use when encrypting/signing
- "hashN" / "maskhashN" - The base digest algorithm and the digest algorithm
   to use with MGF1, respectively. This should be an ASCII string specifying
   one of the hash algorithms recognized by bltest (eg: "sha1", "sha256")

[note: specifying a keysize (-g) when using RSA is important!]