[Cryptech-Commits] [sw/libhal] 04/06: Restructure hashsig test program

git at cryptech.is git at cryptech.is
Mon Apr 1 00:59:35 UTC 2019


This is an automated email from the git hooks/post-receive script.

paul at psgd.org pushed a commit to branch master
in repository sw/libhal.

commit 16d9cf7864a3659c926cf3e5d68ce093e1e8e75c
Author: Paul Selkirk <paul at psgd.org>
AuthorDate: Mon Mar 4 21:36:04 2019 -0500

    Restructure hashsig test program
---
 tests/test-rpc_hashsig.c | 461 ++++++++++++++++++++++++++++-------------------
 1 file changed, 277 insertions(+), 184 deletions(-)

diff --git a/tests/test-rpc_hashsig.c b/tests/test-rpc_hashsig.c
index 2de5dfb..2d4c396 100644
--- a/tests/test-rpc_hashsig.c
+++ b/tests/test-rpc_hashsig.c
@@ -65,7 +65,6 @@
     } while (0)
 #endif
 
-static int debug = 0;
 static int info = 0;
 
 #define lose(...) do { printf(__VA_ARGS__); goto fail; } while (0)
@@ -84,10 +83,10 @@ static int test_hashsig_testvec_local(const hashsig_tc_t * const tc, hal_key_fla
     if ((err = hal_hashsig_key_load_public_xdr(&tc_key,
                                                tc_keybuf, sizeof(tc_keybuf),
                                                tc->key.val, tc->key.len)) != HAL_OK)
-        lose("Could not load public key from test vector: %s\n", hal_error_string(err));
+        lose("Error loading public key from test vector: %s\n", hal_error_string(err));
 
     if ((err = hal_hashsig_verify(NULL, tc_key, tc->msg.val, tc->msg.len, tc->sig.val, tc->sig.len)) != HAL_OK)
-        lose("Verify failed: %s\n", hal_error_string(err));
+        lose("Error verifying: %s\n", hal_error_string(err));
 
     printf("OK\n");
     return 1;
@@ -117,27 +116,27 @@ static int test_hashsig_testvec_remote(const hashsig_tc_t * const tc, hal_key_fl
         if ((err = hal_hashsig_key_load_public_xdr(&tc_key,
                                                    tc_keybuf, sizeof(tc_keybuf),
                                                    tc->key.val, tc->key.len)) != HAL_OK)
-            lose("Could not load public key from test vector: %s\n", hal_error_string(err));
+            lose("Error loading public key from test vector: %s\n", hal_error_string(err));
 
         hal_uuid_t public_name;
 
         uint8_t public_der[hal_hashsig_public_key_to_der_len(tc_key)];
 
         if ((err = hal_hashsig_public_key_to_der(tc_key, public_der, &len, sizeof(public_der))) != HAL_OK)
-            lose("Could not DER encode public key from test vector: %s\n", hal_error_string(err));
+            lose("Error DER encoding public key from test vector: %s\n", hal_error_string(err));
 
         assert(len == sizeof(public_der));
 
         if ((err = hal_rpc_pkey_load(client, session, &public_key, &public_name,
                                      public_der, sizeof(public_der), flags)) != HAL_OK)
-            lose("Could not load public key into RPC: %s\n", hal_error_string(err));
+            lose("Error loading public key: %s\n", hal_error_string(err));
 
         if ((err = hal_rpc_pkey_verify(public_key, hal_hash_handle_none,
                                        tc->msg.val, tc->msg.len, tc->sig.val, tc->sig.len)) != HAL_OK)
-            lose("Could not verify: %s\n", hal_error_string(err));
+            lose("Error verifying: %s\n", hal_error_string(err));
 
         if ((err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
-            lose("Could not delete public key: %s\n", hal_error_string(err));
+            goto fail_out;
 
         printf("OK\n");
         return 1;
@@ -146,7 +145,8 @@ static int test_hashsig_testvec_remote(const hashsig_tc_t * const tc, hal_key_fl
 fail:
     if (public_key.handle != HAL_HANDLE_NONE &&
         (err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
-        printf("Warning: could not delete public key: %s\n", hal_error_string(err));
+    fail_out:
+        printf("Error deleting public key: %s\n", hal_error_string(err));
 
     return 0;
 }
@@ -258,167 +258,176 @@ static hal_error_t dump_hss_signature(const uint8_t * const sig, const size_t le
     return HAL_OK;
 }
 
-static int test_hashsig_sign(const size_t L,
-                             const hal_lms_algorithm_t lms_type,
-                             const hal_lmots_algorithm_t lmots_type,
-                             hal_key_flags_t flags,
-                             size_t iterations,
-                             int save, int keep)
+static int test_hashsig_generate(const size_t L,
+                                 const hal_lms_algorithm_t lms_type,
+                                 const hal_lmots_algorithm_t lmots_type,
+                                 hal_key_flags_t flags,
+                                 const int keep,
+                                 hal_pkey_handle_t *handle)
 {
     const hal_client_handle_t client = {HAL_HANDLE_NONE};
     const hal_session_handle_t session = {HAL_HANDLE_NONE};
     hal_pkey_handle_t private_key = {HAL_HANDLE_NONE};
-    hal_pkey_handle_t public_key = {HAL_HANDLE_NONE};
     hal_error_t err;
-    size_t len;
-
-    {
-        char save_name[16];
-        if (save) {
-            sprintf(save_name, "L%d.lms%d.ots%d", (int)L, (int)lms_type, (int)lmots_type);
-            FILE *fp;
-            if ((fp = fopen(save_name, "wb")) == NULL)
-                lose("Error opening %s: %s\n", save_name, strerror(errno));
-            size_t len1;
-            if ((len1 = fwrite(tc1_msg, 1, sizeof(tc1_msg), fp)) != sizeof(tc1_msg))
-                lose("Wrote %lu bytes to %s, expected %lu\n", len1, save_name, sizeof(tc1_msg));
-            if (fclose(fp) != 0)
-                lose("Error closing %s: %s\n", save_name, strerror(errno));
-        }
+    hal_uuid_t private_name;
+    struct timeval tv_start, tv_end, tv_diff;
+
+    if (info) {
+        printf("Info: signature length %lu, lmots private key length %lu\n",
+               hal_hashsig_signature_len(L, lms_type, lmots_type),
+               hal_hashsig_lmots_private_key_len(lmots_type));
+        gettimeofday(&tv_start, NULL);
+    }
 
-        flags |= HAL_KEY_FLAG_USAGE_DIGITALSIGNATURE | HAL_KEY_FLAG_TOKEN;
-
-        printf("Starting hashsig key test: L %lu, lms type %u (h=%lu), lmots type %u (w=%lu)\n",
-               L, lms_type, lms_type_to_h(lms_type), lmots_type, lmots_type_to_w(lmots_type));
-
-        if (info)
-            printf("Info: signature length %lu, lmots private key length %lu\n",
-                   hal_hashsig_signature_len(L, lms_type, lmots_type),
-                   hal_hashsig_lmots_private_key_len(lmots_type));
-
-        hal_uuid_t private_name, public_name;
-        struct timeval tv_start, tv_end, tv_diff;
-
-        size_t h = lms_type_to_h(lms_type);
-
-        if (info)
-            gettimeofday(&tv_start, NULL);
-        if ((err = hal_rpc_pkey_generate_hashsig(client, session, &private_key, &private_name,
-                                                 L, lms_type, lmots_type, flags)) != HAL_OK)
-            lose("Could not generate hashsig private key: %s\n", hal_error_string(err));
-        if (info) {
-            gettimeofday(&tv_end, NULL);
-            timersub(&tv_end, &tv_start, &tv_diff);
-            long per_key = (tv_diff.tv_sec * 1000000 + tv_diff.tv_usec) / (L * (1 << h));
-            printf("Info: %ldm%ld.%03lds to generate key (%ld.%03lds per lmots key)\n",
-                   (long)tv_diff.tv_sec / 60, (long)tv_diff.tv_sec % 60, (long)tv_diff.tv_usec / 1000,
-                   (long)per_key / 1000000, ((long)per_key % 1000000) / 1000);
-        }
+    if ((err = hal_rpc_pkey_generate_hashsig(client, session, &private_key, &private_name,
+                                             L, lms_type, lmots_type, flags)) != HAL_OK)
+        lose("Error generating private key: %s\n", hal_error_string(err));
+
+    if (info) {
+        gettimeofday(&tv_end, NULL);
+        timersub(&tv_end, &tv_start, &tv_diff);
+        long per_key = (tv_diff.tv_sec * 1000000 + tv_diff.tv_usec) / (L * (1 << lms_type_to_h(lms_type)));
+        printf("Info: %ldm%ld.%03lds to generate key (%ld.%03lds per lmots key)\n",
+               (long)tv_diff.tv_sec / 60, (long)tv_diff.tv_sec % 60, (long)tv_diff.tv_usec / 1000,
+               (long)per_key / 1000000, ((long)per_key % 1000000) / 1000);
+    }
 
-        uint8_t public_der[hal_rpc_pkey_get_public_key_len(private_key)];
+    if (keep) {
+        char name_str[HAL_UUID_TEXT_SIZE];
+        if ((err = hal_uuid_format(&private_name, name_str, sizeof(name_str))) != HAL_OK)
+            lose("Error formatting private key name: %s\n", hal_error_string(err));
+        printf("Private key name: %s\n", name_str);
+    }
 
-        if ((err = hal_rpc_pkey_get_public_key(private_key, public_der, &len, sizeof(public_der))) != HAL_OK)
-            lose("Could not DER encode public key from private key: %s\n", hal_error_string(err));
+    *handle = private_key;
+    printf("OK\n");
+    return 1;
 
-        assert(len == sizeof(public_der));
+fail:
+    if (private_key.handle != HAL_HANDLE_NONE &&
+        (err = hal_rpc_pkey_delete(private_key)) != HAL_OK)
+        printf("Error deleting private key: %s\n", hal_error_string(err));
 
-        if ((err = hal_rpc_pkey_load(client, session, &public_key, &public_name,
-                                     public_der, sizeof(public_der), flags)) != HAL_OK)
-            lose("Could not load public key into RPC: %s\n", hal_error_string(err));
+    handle->handle = HAL_HANDLE_NONE;
+    return 0;
+}
 
-        if (save) {
-            char fn[strlen(save_name) + 5];
-            sprintf(fn, "%s.pub", save_name);
-            FILE *fp;
-            if ((fp = fopen(fn, "wb")) == NULL)
-                lose("Error opening %s: %s\n", fn, strerror(errno));
-            uint8_t pub[60];
-            if ((err = hal_hashsig_public_key_der_to_xdr(public_der, sizeof(public_der), pub, &len, sizeof(pub))) != HAL_OK)
-                lose("Could not XDR encode public key: %s\n", hal_error_string(err));
-            size_t len1;
-            if ((len1 = fwrite(pub, 1, len, fp)) != len)
-                lose("Wrote %lu bytes to %s, expected %lu\n", len1, fn, len);
-            if (fclose(fp) != 0)
-                lose("Error closing %s: %s\n", fn, strerror(errno));
+static int test_hashsig_sign(const hal_pkey_handle_t private_key,
+                             const uint8_t * const msg, const size_t msg_len,
+                             const size_t iterations,
+                             const char * const save_name,
+                             uint8_t *sig, size_t *sig_len, const size_t sig_max)
+{
+    hal_error_t err;
+    struct timeval tv_start, tv_end, tv_diff;
+    int i;
+
+    if (info)
+        gettimeofday(&tv_start, NULL);
+
+    for (i = 0; i < iterations; ++i) {
+        if ((err = hal_rpc_pkey_sign(private_key, hal_hash_handle_none,
+                                     msg, msg_len,
+                                     sig, sig_len, sig_max)) != HAL_OK) {
+            if (i > 0 && err == HAL_ERROR_HASHSIG_KEY_EXHAUSTED)
+                break;
+            else
+                lose("Error signing (%d): %s\n", i, hal_error_string(err));
         }
+    }
 
-        if (iterations > 0) {
-            uint8_t sig[hal_hashsig_signature_len(L, lms_type, lmots_type)];
-
-            if (info)
-                gettimeofday(&tv_start, NULL);
-            int i;
-            for (i = 0; i < iterations; ++i) {
-                if ((err = hal_rpc_pkey_sign(private_key, hal_hash_handle_none,
-                                             tc1_msg, sizeof(tc1_msg), sig, &len, sizeof(sig))) == HAL_OK) {
-                    assert(len == sizeof(sig));
-                    if (debug) {
-                        printf("Debug: received signature:\n");
-                        dump_hss_signature(sig, len);
-                    }
-                }
-                else {
-                    if (i == (1 << (L * h)) && err == HAL_ERROR_HASHSIG_KEY_EXHAUSTED)
-                        break;
-                    else
-                        lose("Could not sign (%d): %s\n", i, hal_error_string(err));
-                }
-                if (save) {
-                    char fn[strlen(save_name) + 16];
-                    sprintf(fn, "%s.%d.sig", save_name, i);
-                    FILE *fp;
-                    if ((fp = fopen(fn, "wb")) == NULL)
-                        lose("Error opening %s: %s\n", fn, strerror(errno));
-                    size_t len1;
-                    if ((len1 = fwrite(sig, 1, len, fp)) != len)
-                        lose("Wrote %lu bytes to %s, expected %lu\n", len1, fn, len);
-                    if (fclose(fp) != 0)
-                        lose("Error closing %s: %s\n", fn, strerror(errno));
-                }
-            }
-            if (info) {
-                gettimeofday(&tv_end, NULL);
-                timersub(&tv_end, &tv_start, &tv_diff);
-                long per_sig = (tv_diff.tv_sec * 1000000 + tv_diff.tv_usec) / i;
-                printf("Info: %ldm%ld.%03lds to generate %d signatures (%ld.%03lds per signature)\n",
-                       (long)tv_diff.tv_sec / 60, (long)tv_diff.tv_sec % 60, (long)tv_diff.tv_usec / 1000, i,
-                       (long)per_sig / 1000000, ((long)per_sig % 1000000) / 1000);
-            }
+    if (info) {
+        gettimeofday(&tv_end, NULL);
+        timersub(&tv_end, &tv_start, &tv_diff);
+        long per_sig = (tv_diff.tv_sec * 1000000 + tv_diff.tv_usec) / i;
+        printf("Info: %ldm%ld.%03lds to generate %d signatures (%ld.%03lds per signature)\n",
+               (long)tv_diff.tv_sec / 60, (long)tv_diff.tv_sec % 60, (long)tv_diff.tv_usec / 1000, i,
+               (long)per_sig / 1000000, ((long)per_sig % 1000000) / 1000);
+    }
 
-            if (info)
-                gettimeofday(&tv_start, NULL);
-            if ((err = hal_rpc_pkey_verify(public_key, hal_hash_handle_none,
-                                           tc1_msg, sizeof(tc1_msg), sig, len)) != HAL_OK)
-                lose("Could not verify: %s\n", hal_error_string(err));
-            if (info) {
-                gettimeofday(&tv_end, NULL);
-                timersub(&tv_end, &tv_start, &tv_diff);
-                printf("Info: %ldm%ld.%03lds to verify 1 signature\n",
-                       (long)tv_diff.tv_sec / 60, (long)tv_diff.tv_sec % 60, (long)tv_diff.tv_usec / 1000);
-            }
-        }
+    if (*save_name) {
+        /* save the signature for interop verification */
+        char fn[strlen(save_name) + 5];
+        sprintf(fn, "%s.sig", save_name);
+        FILE *fp;
+        if ((fp = fopen(fn, "wb")) == NULL)
+            lose("Error opening %s: %s\n", fn, strerror(errno));
+        size_t len;
+        if ((len = fwrite(sig, 1, *sig_len, fp)) != *sig_len)
+            lose("Error: wrote %lu bytes to %s, expected %lu\n", len, fn, *sig_len);
+        if (fclose(fp) != 0)
+            lose("Error closing %s: %s\n", fn, strerror(errno));
+    }
 
-        if (!keep) {
-            if ((err = hal_rpc_pkey_delete(private_key)) != HAL_OK)
-                lose("Could not delete private key: %s\n", hal_error_string(err));
-        }
+    printf("OK\n");
+    return 1;
 
-        if ((err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
-            lose("Could not delete public key: %s\n", hal_error_string(err));
+fail:
+    return 0;
+}
 
-        printf("OK\n");
-        return 1;
+static int test_hashsig_verify(const hal_pkey_handle_t private_key, 
+                               const uint8_t * const msg, const size_t msg_len,
+                               const char * const save_name,
+                               uint8_t *sig, size_t sig_len)
+{
+    const hal_client_handle_t client = {HAL_HANDLE_NONE};
+    const hal_session_handle_t session = {HAL_HANDLE_NONE};
+    hal_error_t err;
+
+    hal_pkey_handle_t public_key = {HAL_HANDLE_NONE};
+    hal_uuid_t public_name;
+    uint8_t public_der[hal_rpc_pkey_get_public_key_len(private_key)];
+    size_t der_len;
+
+    if ((err = hal_rpc_pkey_get_public_key(private_key, public_der, &der_len, sizeof(public_der))) != HAL_OK)
+        lose("Error DER encoding public key from private key: %s\n", hal_error_string(err));
+    assert(der_len == sizeof(public_der));
+
+    if ((err = hal_rpc_pkey_load(client, session, &public_key, &public_name,
+                                 public_der, sizeof(public_der), HAL_KEY_FLAG_USAGE_DIGITALSIGNATURE)) != HAL_OK)
+        lose("Error loading public key: %s\n", hal_error_string(err));
+
+    if (*save_name) {
+        /* save the public key for interop verification */
+        char fn[strlen(save_name) + 5];
+        sprintf(fn, "%s.pub", save_name);
+        FILE *fp;
+        if ((fp = fopen(fn, "wb")) == NULL)
+            lose("Error opening %s: %s\n", fn, strerror(errno));
+        uint8_t pub[60];
+        size_t xdr_len;
+        if ((err = hal_hashsig_public_key_der_to_xdr(public_der, sizeof(public_der), pub, &xdr_len, sizeof(pub))) != HAL_OK)
+            lose("Error XDR encoding public key: %s\n", hal_error_string(err));
+        size_t write_len;
+        if ((write_len = fwrite(pub, 1, xdr_len, fp)) != xdr_len)
+            lose("Wrote %lu bytes to %s, expected %lu\n", write_len, fn, xdr_len);
+        if (fclose(fp) != 0)
+            lose("Error closing %s: %s\n", fn, strerror(errno));
     }
 
-fail:
-    if (private_key.handle != HAL_HANDLE_NONE &&
-        (err = hal_rpc_pkey_delete(private_key)) != HAL_OK)
-        printf("Warning: could not delete private key: %s\n", hal_error_string(err));
+    struct timeval tv_start, tv_end, tv_diff;
+    if (info)
+        gettimeofday(&tv_start, NULL);
 
-    if (public_key.handle != HAL_HANDLE_NONE &&
-        (err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
-        printf("Warning: could not delete public key: %s\n", hal_error_string(err));
+    if ((err = hal_rpc_pkey_verify(public_key, hal_hash_handle_none,
+                                   msg, msg_len, sig, sig_len)) != HAL_OK)
+        lose("Error verifying: %s\n", hal_error_string(err));
+
+    if (info) {
+        gettimeofday(&tv_end, NULL);
+        timersub(&tv_end, &tv_start, &tv_diff);
+        printf("Info: %ldm%ld.%03lds to verify 1 signature\n",
+               (long)tv_diff.tv_sec / 60, (long)tv_diff.tv_sec % 60, (long)tv_diff.tv_usec / 1000);
+    }
 
+    if ((err = hal_rpc_pkey_delete(public_key)) != HAL_OK)
+        lose("Error deleting public key: %s\n", hal_error_string(err));
+
+    printf("OK\n");
+    return 1;
+
+fail:
     return 0;
 }
 
@@ -436,7 +445,7 @@ static int read_sig(char *fn)
         uint8_t sig[statbuf.st_size];
         size_t len;
         if ((len = fread(sig, 1, sizeof(sig), fp)) != sizeof(sig))
-            lose("Read %lu bytes from %s, expected %lu\n", len, fn, sizeof(sig));
+            lose("Error: read %lu bytes from %s, expected %lu\n", len, fn, sizeof(sig));
 
         if (fclose(fp) != 0)
             lose("Error closing %s: %s\n", fn, strerror(errno));
@@ -454,22 +463,24 @@ fail:
 int main(int argc, char *argv[])
 {
     const hal_client_handle_t client = {HAL_HANDLE_NONE};
+    const hal_session_handle_t session = {HAL_HANDLE_NONE};
     char *pin = "fnord";
-    int do_default = 1;
     int do_testvec = 0;
-    size_t iterations = 1;
+    size_t iterations = 0;
     size_t L_lo = 0, L_hi = 0;
     size_t lms_lo = 5, lms_hi = 0;
     size_t lmots_lo = 3, lmots_hi = 0;
-    int save = 0, keep = 0;
-    hal_key_flags_t flags = 0;
+    int save = 0, keep = 0, verify = 0;
+    char *name = NULL;
+    hal_key_flags_t flags = HAL_KEY_FLAG_USAGE_DIGITALSIGNATURE | HAL_KEY_FLAG_TOKEN;
     char *p;
     hal_error_t err;
     int ok = 1;
+    uint8_t *msg = tc1_msg;
+    size_t msg_len = sizeof(tc1_msg);
 
 char usage[] = "\
-Usage: %s [-d] [-i] [-p pin] [-t] [-L n] [-l n] [-o n] [-n n] [-s] [-r file]\n\
-       -d: enable debugging - hexdump signatures\n\
+Usage: %s [-i] [-p pin] [-t] [-L #] [-l #] [-o #] [-n #] [-s] [-r file] [-m file] [-x] [-v]\n\
        -i: enable informational messages - runtimes and signature lengths\n\
        -p: user PIN\n\
        -t: verify test vectors\n\
@@ -477,24 +488,23 @@ Usage: %s [-d] [-i] [-p pin] [-t] [-L n] [-l n] [-o n] [-n n] [-s] [-r file]\n\
        -l: LMS type (5..9)\n\
        -o: LM-OTS type (1..4)\n\
        -n: number of signatures to generate (0..'max')\n\
-       -s: save generated public key and signatures\n\
        -k: keep (don't delete) the generated keys on the hsm\n\
+       -K: use named key for signing (don't generate)\n\
+       -s: save generated public key and signatures for interop verification\n\
        -r: read and pretty-print a saved signature file\n\
+       -m: use file as message to be signed\n\
        -x: mark key as exportable\n\
+       -v: verify generated signature\n\
 Numeric arguments can be a single number or a range, e.g. '1..4'\n";
 
     int opt;
-    while ((opt = getopt(argc, argv, "ditp:L:l:o:n:skr:xh?")) != -1) {
+    while ((opt = getopt(argc, argv, "itp:L:l:o:n:skK:r:xvm:h?")) != -1) {
         switch (opt) {
-        case 'd':
-            debug = 1;
-            break;
         case 'i':
             info = 1;
             break;
         case 't':
             do_testvec = 1;
-            do_default = 0;
             break;
         case 'p':
             pin = optarg;
@@ -504,28 +514,24 @@ Numeric arguments can be a single number or a range, e.g. '1..4'\n";
                 iterations = (size_t)-1;
             else
                 iterations = (size_t)atoi(optarg);
-            do_default = 0;
             break;
         case 'L':
             if ((p = strtok(optarg, ".")) != NULL)
                 L_lo = (size_t)atoi(p);
             if ((p = strtok(NULL, ".")) != NULL)
                 L_hi = (size_t)atoi(p);
-            do_default = 0;
             break;
         case 'l':
             if ((p = strtok(optarg, ".")) != NULL)
                 lms_lo = (size_t)atoi(p);
             if ((p = strtok(NULL, ".")) != NULL)
                 lms_hi = (size_t)atoi(p);
-            do_default = 0;
             break;
         case 'o':
             if ((p = strtok(optarg, ".")) != NULL)
                 lmots_lo = (size_t)atoi(p);
             if ((p = strtok(NULL, ".")) != NULL)
                 lmots_hi = (size_t)atoi(p);
-            do_default = 0;
             break;
         case's':
             save = 1;
@@ -533,37 +539,57 @@ Numeric arguments can be a single number or a range, e.g. '1..4'\n";
         case 'k':
             keep = 1;
             break;
+        case 'K':
+            name = optarg;
+            break;
         case 'r':
             ok &= read_sig(optarg);
-            do_default = 0;
             break;
         case 'x':
-            flags = HAL_KEY_FLAG_EXPORTABLE;
+            flags |= HAL_KEY_FLAG_EXPORTABLE;
+            break;
+        case 'v':
+            verify = 1;
+            if (iterations == 0)
+                iterations = 1;
+            break;
+        case 'm':
+        {
+            FILE *fp;
+            struct stat statbuf;
+            if (stat(optarg, &statbuf) != 0)
+                lose("Error statting %s: %s\n", optarg, strerror(errno));
+            msg_len = statbuf.st_size;
+            if ((msg = malloc(msg_len)) == NULL)
+                lose("Error allocating message buffer: %s\n", strerror(errno));
+            if ((fp = fopen(optarg, "rb")) == NULL)
+                lose("Error opening %s: %s\n", optarg, strerror(errno));
+            size_t len;
+            if ((len = fread(msg, 1, msg_len, fp)) != msg_len)
+                lose("Error: read %lu bytes from %s, expected %lu\n", len, optarg, msg_len);
+            if (fclose(fp) != 0)
+                lose("Error closing %s: %s\n", optarg, strerror(errno));
             break;
+        }
         case 'h':
         case '?':
             fprintf(stdout, usage, argv[0]);
-            exit(EXIT_SUCCESS);
+            return EXIT_SUCCESS;
         default:
             fprintf(stderr, usage, argv[0]);
-            exit(EXIT_FAILURE);
+            return EXIT_FAILURE;
         }
     }
 
-    if (do_default) {
-        do_testvec = 1;
-        L_lo = 1;
-    }
-
     if (L_hi < L_lo) L_hi = L_lo;
     if (lms_hi < lms_lo) lms_hi = lms_lo;
     if (lmots_hi < lmots_lo) lmots_hi = lmots_lo;
 
     if ((err = hal_rpc_client_init()) != HAL_OK)
-        printf("Warning: Trouble initializing RPC client: %s\n", hal_error_string(err));
+        lose("Error initializing RPC client: %s\n", hal_error_string(err));
 
     if ((err = hal_rpc_login(client, HAL_USER_NORMAL, pin, strlen(pin))) != HAL_OK)
-        printf("Warning: Trouble logging into HSM: %s\n", hal_error_string(err));
+        lose("Error logging into HSM: %s\n", hal_error_string(err));
 
     if (do_testvec) {
         for (int i = 0; i < (sizeof(hashsig_tc)/sizeof(*hashsig_tc)); i++)
@@ -578,21 +604,88 @@ Numeric arguments can be a single number or a range, e.g. '1..4'\n";
     /* A single test would be of the form '-L 2 -l 5 -o 3 -n 1' */
     /* A range test of just keygen would be of the form '-o 1..4 -n 0' */
     /* A test to key exhaustion would be of the form '-n max' */
-    if (L_lo > 0) {
-        for (size_t L = L_lo; L <= L_hi; ++L) {
-            for (hal_lms_algorithm_t lms_type = lms_lo; lms_type <= lms_hi; ++lms_type) {
-                for (hal_lmots_algorithm_t lmots_type = lmots_lo; lmots_type <= lmots_hi; ++lmots_type) {
-                    ok &= test_hashsig_sign(L, lms_type, lmots_type, flags, iterations, save, keep);
+
+    if (name != NULL) {
+        hal_uuid_t uuid;
+        hal_pkey_handle_t private_key = {HAL_HANDLE_NONE};
+
+        if ((err = hal_uuid_parse(&uuid, name)) != HAL_OK)
+            lose("Error parsing private key name: %s\n", hal_error_string(err));
+
+        else if ((err = hal_rpc_pkey_open(client, session, &private_key, &uuid)) != HAL_OK)
+            lose("Error opening private key: %s\n", hal_error_string(err));
+
+        if (save) {
+            /* save the message for interop verification */
+            FILE *fp;
+            if ((fp = fopen(name, "wb")) == NULL)
+                lose("Error opening %s: %s\n", name, strerror(errno));
+            size_t write_len;
+            if ((write_len = fwrite(msg, 1, msg_len, fp)) != msg_len)
+                lose("Error: wrote %lu bytes to %s, expected %lu\n", write_len, name, msg_len);
+            if (fclose(fp) != 0)
+                lose("Error closing %s: %s\n", name, strerror(errno));
+        }
+
+        uint8_t sig[16000];
+        size_t sig_len;
+        if (iterations > 0)
+            ok &= test_hashsig_sign(private_key, msg, msg_len, iterations,
+                                    save ? name : "", sig, &sig_len, sizeof(sig));
+
+        if (ok && verify)
+            ok &= test_hashsig_verify(private_key, msg, msg_len, save ? name : "", sig, sig_len);
+
+        /* implicitly keep the key */
+    }
+
+    else {
+        if (L_lo) {
+            for (size_t L = L_lo; L <= L_hi; ++L) {
+                for (hal_lms_algorithm_t lms_type = lms_lo; lms_type <= lms_hi; ++lms_type) {
+                    for (hal_lmots_algorithm_t lmots_type = lmots_lo; lmots_type <= lmots_hi; ++lmots_type) {
+                        printf("Starting hashsig key test: L %lu, lms type %u (h=%lu), lmots type %u (w=%lu)\n",
+                               L, lms_type, lms_type_to_h(lms_type), lmots_type, lmots_type_to_w(lmots_type));
+
+                        char save_name[16] = "";
+                        if (save) {
+                            /* save the message for interop verification */
+                            sprintf(save_name, "L%d.lms%d.ots%d", (int)L, (int)lms_type, (int)lmots_type);
+                            FILE *fp;
+                            if ((fp = fopen(save_name, "wb")) == NULL)
+                                lose("Error opening %s: %s\n", save_name, strerror(errno));
+                            size_t write_len;
+                            if ((write_len = fwrite(msg, 1, msg_len, fp)) != msg_len)
+                                lose("Error: wrote %lu bytes to %s, expected %lu\n", write_len, save_name, msg_len);
+                            if (fclose(fp) != 0)
+                                lose("Error closing %s: %s\n", save_name, strerror(errno));
+                        }
+
+                        hal_pkey_handle_t private_key = {HAL_HANDLE_NONE};
+                        ok &= test_hashsig_generate(L, lms_type, lmots_type, flags, keep, &private_key);
+
+                        uint8_t sig[hal_hashsig_signature_len(L, lms_type, lmots_type)];
+                        size_t sig_len;
+                        if (ok && iterations > 0)
+                            ok &= test_hashsig_sign(private_key, msg, msg_len, iterations, save_name, sig, &sig_len, sizeof(sig));
+
+                        if (ok && verify)
+                            ok &= test_hashsig_verify(private_key, msg, msg_len, save_name, sig, sig_len);
+
+                        if (!keep && ((err = hal_rpc_pkey_delete(private_key)) != HAL_OK))
+                            lose("Error deleting private key: %s\n", hal_error_string(err));
+                    }
                 }
             }
         }
     }
 
     if ((err = hal_rpc_logout(client)) != HAL_OK)
-        printf("Warning: Trouble logging out of HSM: %s\n", hal_error_string(err));
+        lose("Error logging out of HSM: %s\n", hal_error_string(err));
 
     if ((err = hal_rpc_client_close()) != HAL_OK)
-        printf("Warning: Trouble shutting down RPC client: %s\n", hal_error_string(err));
+        lose("Error shutting down RPC client: %s\n", hal_error_string(err));
 
+fail:
     return !ok;
 }



More information about the Commits mailing list