#!/usr/bin/perl -w
# Perl utility to run or verify FIPS 140-2 CMVP algorithm tests based on the
# pathnames of input algorithm test files actually present (the unqualified
# file names are consistent but the pathnames are not).
#
# FIPS test definitions
# List of all the unqualified file names we expect and command lines to run
# DSA tests
my @fips_dsa_test_list = (
"DSA",
[ "PQGGen", "fips_dssvs pqg" ],
[ "KeyPair", "fips_dssvs keypair" ],
[ "SigGen", "fips_dssvs siggen" ],
[ "SigVer", "fips_dssvs sigver" ]
);
my @fips_dsa_pqgver_test_list = (
[ "PQGVer", "fips_dssvs pqgver" ]
);
# RSA tests
my @fips_rsa_test_list = (
"RSA",
[ "SigGen15", "fips_rsastest" ],
[ "SigVer15", "fips_rsavtest" ],
[ "SigVerRSA", "fips_rsavtest -x931" ],
[ "KeyGenRSA", "fips_rsagtest" ],
[ "SigGenRSA", "fips_rsastest -x931" ]
);
# Special cases for PSS. The filename itself is
# not sufficient to determine the test. Addditionally we
# need to examine the file contents to determine the salt length
# In these cases the test filename has (saltlen) appended.
# RSA PSS salt length 0 tests
my @fips_rsa_pss0_test_list = (
[ "SigGenPSS(0)", "fips_rsastest -saltlen 0" ],
[ "SigVerPSS(0)", "fips_rsavtest -saltlen 0" ]
);
# RSA PSS salt length 62 tests
my @fips_rsa_pss62_test_list = (
[ "SigGenPSS(62)", "fips_rsastest -saltlen 62" ],
[ "SigVerPSS(62)", "fips_rsavtest -saltlen 62" ]
);
# SHA tests
my @fips_sha_test_list = (
"SHA",
[ "SHA1LongMsg", "fips_shatest" ],
[ "SHA1Monte", "fips_shatest" ],
[ "SHA1ShortMsg", "fips_shatest" ],
[ "SHA224LongMsg", "fips_shatest" ],
[ "SHA224Monte", "fips_shatest" ],
[ "SHA224ShortMsg", "fips_shatest" ],
[ "SHA256LongMsg", "fips_shatest" ],
[ "SHA256Monte", "fips_shatest" ],
[ "SHA256ShortMsg", "fips_shatest" ],
[ "SHA384LongMsg", "fips_shatest" ],
[ "SHA384Monte", "fips_shatest" ],
[ "SHA384ShortMsg", "fips_shatest" ],
[ "SHA512LongMsg", "fips_shatest" ],
[ "SHA512Monte", "fips_shatest" ],
[ "SHA512ShortMsg", "fips_shatest" ]
);
# HMAC
my @fips_hmac_test_list = (
"HMAC",
[ "HMAC", "fips_hmactest" ]
);
# CMAC
my @fips_cmac_test_list = (
"CMAC",
[ "CMACGenAES128", "fips_cmactest -a aes128 -g" ],
[ "CMACVerAES128", "fips_cmactest -a aes128 -v" ],
[ "CMACGenAES192", "fips_cmactest -a aes192 -g" ],
[ "CMACVerAES192", "fips_cmactest -a aes192 -v" ],
[ "CMACGenAES256", "fips_cmactest -a aes256 -g" ],
[ "CMACVerAES256", "fips_cmactest -a aes256 -v" ],
[ "CMACGenTDES3", "fips_cmactest -a tdes3 -g" ],
[ "CMACVerTDES3", "fips_cmactest -a tdes3 -v" ],
);
# RAND tests, AES version
my @fips_rand_aes_test_list = (
"RAND (AES)",
[ "ANSI931_AES128MCT", "fips_rngvs mct" ],
[ "ANSI931_AES192MCT", "fips_rngvs mct" ],
[ "ANSI931_AES256MCT", "fips_rngvs mct" ],
[ "ANSI931_AES128VST", "fips_rngvs vst" ],
[ "ANSI931_AES192VST", "fips_rngvs vst" ],
[ "ANSI931_AES256VST", "fips_rngvs vst" ]
);
# RAND tests, DES2 version
my @fips_rand_des2_test_list = (
"RAND (DES2)",
[ "ANSI931_TDES2MCT", "fips_rngvs mct" ],
[ "ANSI931_TDES2VST", "fips_rngvs vst" ]
);
# AES tests
my @fips_aes_test_list = (
"AES",
[ "CBCGFSbox128", "fips_aesavs -f" ],
[ "CBCGFSbox192", "fips_aesavs -f" ],
[ "CBCGFSbox256", "fips_aesavs -f" ],
[ "CBCKeySbox128", "fips_aesavs -f" ],
[ "CBCKeySbox192", "fips_aesavs -f" ],
[ "CBCKeySbox256", "fips_aesavs -f" ],
[ "CBCMCT128", "fips_aesavs -f" ],
[ "CBCMCT192", "fips_aesavs -f" ],
[ "CBCMCT256", "fips_aesavs -f" ],
[ "CBCMMT128", "fips_aesavs -f" ],
[ "CBCMMT192", "fips_aesavs -f" ],
[ "CBCMMT256", "fips_aesavs -f" ],
[ "CBCVarKey128", "fips_aesavs -f" ],
[ "CBCVarKey192", "fips_aesavs -f" ],
[ "CBCVarKey256", "fips_aesavs -f" ],
[ "CBCVarTxt128", "fips_aesavs -f" ],
[ "CBCVarTxt192", "fips_aesavs -f" ],
[ "CBCVarTxt256", "fips_aesavs -f" ],
[ "CFB128GFSbox128", "fips_aesavs -f" ],
[ "CFB128GFSbox192", "fips_aesavs -f" ],
[ "CFB128GFSbox256", "fips_aesavs -f" ],
[ "CFB128KeySbox128", "fips_aesavs -f" ],
[ "CFB128KeySbox192", "fips_aesavs -f" ],
[ "CFB128KeySbox256", "fips_aesavs -f" ],
[ "CFB128MCT128", "fips_aesavs -f" ],
[ "CFB128MCT192", "fips_aesavs -f" ],
[ "CFB128MCT256", "fips_aesavs -f" ],
[ "CFB128MMT128", "fips_aesavs -f" ],