printf("%s...%s\n", msg, result ? "successful" : Fail("Failed!"));
}
-static const char *post_get_sig(int id)
- {
- switch (id)
- {
- case EVP_PKEY_RSA:
- return " (RSA)";
-
- case EVP_PKEY_DSA:
- return " (DSA)";
-
- case EVP_PKEY_EC:
- return " (ECDSA)";
-
- default:
- return " (UNKNOWN)";
+/* Table of IDs for POST translating between NIDs and names */
- }
- }
-
-static const char *post_get_cipher(int id)
+typedef struct
{
- static char out[128];
- switch(id)
+ int id;
+ const char *name;
+ } POST_ID;
+
+POST_ID id_list[] = {
+ {NID_sha1, "SHA1"},
+ {NID_sha224, "SHA224"},
+ {NID_sha256, "SHA256"},
+ {NID_sha384, "SHA384"},
+ {NID_sha512, "SHA512"},
+ {EVP_PKEY_RSA, "RSA"},
+ {EVP_PKEY_DSA, "DSA"},
+ {EVP_PKEY_EC, "ECDSA"},
+ {NID_aes_128_cbc, "AES-128-CBC"},
+ {NID_aes_192_cbc, "AES-192-CBC"},
+ {NID_aes_256_cbc, "AES-256-CBC"},
+ {NID_aes_128_ecb, "AES-128-ECB"},
+ {NID_des_ede3_cbc, "DES-EDE3-CBC"},
+ {NID_des_ede3_ecb, "DES-EDE3-ECB"},
+ {0, NULL}
+};
+
+static const char *lookup_id(int id)
+ {
+ POST_ID *n;
+ static char out[40];
+ for (n = id_list; n->name; n++)
{
-
- case NID_aes_128_ecb:
- return " (AES-128-ECB)";
-
- case NID_des_ede3_ecb:
- return " (DES-EDE3-ECB)";
-
- default:
- sprintf(out, " (NID=%d)", id);
- return out;
-
+ if (n->id == id)
+ return n->name;
}
+ sprintf(out, "ID=%d", id);
+ return out;
}
static int fail_id = -1;
case FIPS_TEST_DIGEST:
idstr = "Digest";
- if (subid == NID_sha1)
- exstr = " (SHA1)";
+ exstr = lookup_id(subid);
break;
case FIPS_TEST_CIPHER:
- exstr = post_get_cipher(subid);
+ exstr = lookup_id(subid);
idstr = "Cipher";
break;
{
EVP_PKEY *pkey = ex;
keytype = pkey->type;
- exstr = post_get_sig(keytype);
+ exstr = lookup_id(keytype);
}
idstr = "Signature";
break;
case FIPS_TEST_HMAC:
+ exstr = lookup_id(subid);
idstr = "HMAC";
break;
case FIPS_TEST_CMAC:
idstr = "CMAC";
+ exstr = lookup_id(subid);
break;
case FIPS_TEST_GCM:
- idstr = "HMAC";
+ idstr = "GCM";
break;
case FIPS_TEST_CCM:
- idstr = "HMAC";
+ idstr = "CCM";
break;
case FIPS_TEST_XTS:
{
EVP_PKEY *pkey = ex;
keytype = pkey->type;
- exstr = post_get_sig(keytype);
+ exstr = lookup_id(keytype);
}
idstr = "Pairwise Consistency";
break;
break;
case FIPS_POST_STARTED:
- printf("\t\t%s%s test started\n", idstr, exstr);
+ printf("\t\t%s %s test started\n", idstr, exstr);
break;
case FIPS_POST_SUCCESS:
- printf("\t\t%s%s test OK\n", idstr, exstr);
+ printf("\t\t%s %s test OK\n", idstr, exstr);
break;
case FIPS_POST_FAIL:
- printf("\t\t%s%s test FAILED!!\n", idstr, exstr);
+ printf("\t\t%s %s test FAILED!!\n", idstr, exstr);
break;
case FIPS_POST_CORRUPT:
&& (fail_key == -1 || fail_key == keytype)
&& (fail_sub == -1 || fail_sub == subid))
{
- printf("\t\t%s%s test failure induced\n", idstr, exstr);
+ printf("\t\t%s %s test failure induced\n", idstr, exstr);
return 0;
}
break;
return 1;
}
-
-
int main(int argc,char **argv)
{
int bad_rsa = 0, bad_dsa = 0;
fail_id = FIPS_TEST_DIGEST;
} else if (!strcmp(argv[1], "hmac")) {
fail_id = FIPS_TEST_HMAC;
+ } else if (!strcmp(argv[1], "cmac")) {
+ fail_id = FIPS_TEST_CMAC;
} else if (!strcmp(argv[1], "drbg")) {
FIPS_corrupt_drbg();
} else if (!strcmp(argv[1], "rng")) {