1// fipstest.cpp - written and placed in the public domain by Wei Dai
2
3#include "pch.h"
4
5#ifndef CRYPTOPP_IMPORTS
6
7#define CRYPTOPP_DEFAULT_NO_DLL
8#include "dll.h"
9
10#ifdef CRYPTOPP_WIN32_AVAILABLE
11#define _WIN32_WINNT 0x0400
12#include <windows.h>
13
14#if defined(_MSC_VER) && _MSC_VER >= 1400
15#ifdef _M_IX86
16#define _CRT_DEBUGGER_HOOK _crt_debugger_hook
17#else
18#define _CRT_DEBUGGER_HOOK __crt_debugger_hook
19#endif
20extern "C" {_CRTIMP void __cdecl _CRT_DEBUGGER_HOOK(int);}
21#endif
22#endif
23
24#include <iostream>
25
26NAMESPACE_BEGIN(CryptoPP)
27
28extern PowerUpSelfTestStatus g_powerUpSelfTestStatus;
29SecByteBlock g_actualMac;
30unsigned long g_macFileLocation = 0;
31
32// use a random dummy string here, to be searched/replaced later with the real MAC
33static const byte s_moduleMac[CryptoPP::HMAC<CryptoPP::SHA1>::DIGESTSIZE] = CRYPTOPP_DUMMY_DLL_MAC;
34CRYPTOPP_COMPILE_ASSERT(sizeof(s_moduleMac) == CryptoPP::SHA1::DIGESTSIZE);
35
36#ifdef CRYPTOPP_WIN32_AVAILABLE
37static HMODULE s_hModule = NULL;
38#endif
39
40const byte * CRYPTOPP_API GetActualMacAndLocation(unsigned int &macSize, unsigned int &fileLocation)
41{
42	macSize = (unsigned int)g_actualMac.size();
43	fileLocation = g_macFileLocation;
44	return g_actualMac;
45}
46
47void KnownAnswerTest(RandomNumberGenerator &rng, const char *output)
48{
49	EqualityComparisonFilter comparison;
50
51	RandomNumberStore(rng, strlen(output)/2).TransferAllTo(comparison, "0");
52	StringSource(output, true, new HexDecoder(new ChannelSwitch(comparison, "1")));
53
54	comparison.ChannelMessageSeriesEnd("0");
55	comparison.ChannelMessageSeriesEnd("1");
56}
57
58template <class CIPHER>
59void X917RNG_KnownAnswerTest(
60	const char *key,
61	const char *seed,
62	const char *deterministicTimeVector,
63	const char *output,
64	CIPHER *dummy = NULL)
65{
66#ifdef OS_RNG_AVAILABLE
67	std::string decodedKey, decodedSeed, decodedDeterministicTimeVector;
68	StringSource(key, true, new HexDecoder(new StringSink(decodedKey)));
69	StringSource(seed, true, new HexDecoder(new StringSink(decodedSeed)));
70	StringSource(deterministicTimeVector, true, new HexDecoder(new StringSink(decodedDeterministicTimeVector)));
71
72	AutoSeededX917RNG<CIPHER> rng;
73	rng.Reseed((const byte *)decodedKey.data(), decodedKey.size(), (const byte *)decodedSeed.data(), (const byte *)decodedDeterministicTimeVector.data());
74	KnownAnswerTest(rng, output);
75#else
76	throw 0;
77#endif
78}
79
80void KnownAnswerTest(StreamTransformation &encryption, StreamTransformation &decryption, const char *plaintext, const char *ciphertext)
81{
82	EqualityComparisonFilter comparison;
83
84	StringSource(plaintext, true, new HexDecoder(new StreamTransformationFilter(encryption, new ChannelSwitch(comparison, "0"), StreamTransformationFilter::NO_PADDING)));
85	StringSource(ciphertext, true, new HexDecoder(new ChannelSwitch(comparison, "1")));
86
87	StringSource(ciphertext, true, new HexDecoder(new StreamTransformationFilter(decryption, new ChannelSwitch(comparison, "0"), StreamTransformationFilter::NO_PADDING)));
88	StringSource(plaintext, true, new HexDecoder(new ChannelSwitch(comparison, "1")));
89
90	comparison.ChannelMessageSeriesEnd("0");
91	comparison.ChannelMessageSeriesEnd("1");
92}
93
94template <class CIPHER>
95void SymmetricEncryptionKnownAnswerTest(
96	const char *key,
97	const char *hexIV,
98	const char *plaintext,
99	const char *ecb,
100	const char *cbc,
101	const char *cfb,
102	const char *ofb,
103	const char *ctr,
104	CIPHER *dummy = NULL)
105{
106	std::string decodedKey;
107	StringSource(key, true, new HexDecoder(new StringSink(decodedKey)));
108
109	typename CIPHER::Encryption encryption((const byte *)decodedKey.data(), decodedKey.size());
110	typename CIPHER::Decryption decryption((const byte *)decodedKey.data(), decodedKey.size());
111
112	SecByteBlock iv(encryption.BlockSize());
113	StringSource(hexIV, true, new HexDecoder(new ArraySink(iv, iv.size())));
114
115	if (ecb)
116		KnownAnswerTest(ECB_Mode_ExternalCipher::Encryption(encryption).Ref(), ECB_Mode_ExternalCipher::Decryption(decryption).Ref(), plaintext, ecb);
117	if (cbc)
118		KnownAnswerTest(CBC_Mode_ExternalCipher::Encryption(encryption, iv).Ref(), CBC_Mode_ExternalCipher::Decryption(decryption, iv).Ref(), plaintext, cbc);
119	if (cfb)
120		KnownAnswerTest(CFB_Mode_ExternalCipher::Encryption(encryption, iv).Ref(), CFB_Mode_ExternalCipher::Decryption(encryption, iv).Ref(), plaintext, cfb);
121	if (ofb)
122		KnownAnswerTest(OFB_Mode_ExternalCipher::Encryption(encryption, iv).Ref(), OFB_Mode_ExternalCipher::Decryption(encryption, iv).Ref(), plaintext, ofb);
123	if (ctr)
124		KnownAnswerTest(CTR_Mode_ExternalCipher::Encryption(encryption, iv).Ref(), CTR_Mode_ExternalCipher::Decryption(encryption, iv).Ref(), plaintext, ctr);
125}
126
127void KnownAnswerTest(HashTransformation &hash, const char *message, const char *digest)
128{
129	EqualityComparisonFilter comparison;
130	StringSource(digest, true, new HexDecoder(new ChannelSwitch(comparison, "1")));
131	StringSource(message, true, new HashFilter(hash, new ChannelSwitch(comparison, "0")));
132
133	comparison.ChannelMessageSeriesEnd("0");
134	comparison.ChannelMessageSeriesEnd("1");
135}
136
137template <class HASH>
138void SecureHashKnownAnswerTest(const char *message, const char *digest, HASH *dummy = NULL)
139{
140	HASH hash;
141	KnownAnswerTest(hash, message, digest);
142}
143
144template <class MAC>
145void MAC_KnownAnswerTest(const char *key, const char *message, const char *digest, MAC *dummy = NULL)
146{
147	std::string decodedKey;
148	StringSource(key, true, new HexDecoder(new StringSink(decodedKey)));
149
150	MAC mac((const byte *)decodedKey.data(), decodedKey.size());
151	KnownAnswerTest(mac, message, digest);
152}
153
154template <class SCHEME>
155void SignatureKnownAnswerTest(const char *key, const char *message, const char *signature, SCHEME *dummy = NULL)
156{
157#ifdef OS_RNG_AVAILABLE
158	DefaultAutoSeededRNG rng;
159#else
160	RandomNumberGenerator &rng = NullRNG();
161#endif
162
163	typename SCHEME::Signer signer(StringSource(key, true, new HexDecoder).Ref());
164	typename SCHEME::Verifier verifier(signer);
165
166	EqualityComparisonFilter comparison;
167
168	StringSource(message, true, new SignerFilter(rng, signer, new ChannelSwitch(comparison, "0")));
169	StringSource(signature, true, new HexDecoder(new ChannelSwitch(comparison, "1")));
170
171	comparison.ChannelMessageSeriesEnd("0");
172	comparison.ChannelMessageSeriesEnd("1");
173
174	VerifierFilter verifierFilter(verifier, NULL, VerifierFilter::SIGNATURE_AT_BEGIN | VerifierFilter::THROW_EXCEPTION);
175	StringSource(signature, true, new HexDecoder(new Redirector(verifierFilter, Redirector::DATA_ONLY)));
176	StringSource(message, true, new Redirector(verifierFilter));
177}
178
179void EncryptionPairwiseConsistencyTest(const PK_Encryptor &encryptor, const PK_Decryptor &decryptor)
180{
181	try
182	{
183#ifdef OS_RNG_AVAILABLE
184		DefaultAutoSeededRNG rng;
185#else
186		RandomNumberGenerator &rng = NullRNG();
187#endif
188		const char *testMessage ="test message";
189		std::string ciphertext, decrypted;
190
191		StringSource(
192			testMessage,
193			true,
194			new PK_EncryptorFilter(
195				rng,
196				encryptor,
197				new StringSink(ciphertext)));
198
199		if (ciphertext == testMessage)
200			throw 0;
201
202		StringSource(
203			ciphertext,
204			true,
205			new PK_DecryptorFilter(
206				rng,
207				decryptor,
208				new StringSink(decrypted)));
209
210		if (decrypted != testMessage)
211			throw 0;
212	}
213	catch (...)
214	{
215		throw SelfTestFailure(encryptor.AlgorithmName() + ": pairwise consistency test failed");
216	}
217}
218
219void SignaturePairwiseConsistencyTest(const PK_Signer &signer, const PK_Verifier &verifier)
220{
221	try
222	{
223#ifdef OS_RNG_AVAILABLE
224		DefaultAutoSeededRNG rng;
225#else
226		RandomNumberGenerator &rng = NullRNG();
227#endif
228
229		StringSource(
230			"test message",
231			true,
232			new SignerFilter(
233				rng,
234				signer,
235				new VerifierFilter(verifier, NULL, VerifierFilter::THROW_EXCEPTION),
236				true));
237	}
238	catch (...)
239	{
240		throw SelfTestFailure(signer.AlgorithmName() + ": pairwise consistency test failed");
241	}
242}
243
244template <class SCHEME>
245void SignaturePairwiseConsistencyTest(const char *key, SCHEME *dummy = NULL)
246{
247	typename SCHEME::Signer signer(StringSource(key, true, new HexDecoder).Ref());
248	typename SCHEME::Verifier verifier(signer);
249
250	SignaturePairwiseConsistencyTest(signer, verifier);
251}
252
253MessageAuthenticationCode * NewIntegrityCheckingMAC()
254{
255	byte key[] = {0x47, 0x1E, 0x33, 0x96, 0x65, 0xB1, 0x6A, 0xED, 0x0B, 0xF8, 0x6B, 0xFD, 0x01, 0x65, 0x05, 0xCC};
256	return new HMAC<SHA1>(key, sizeof(key));
257}
258
259bool IntegrityCheckModule(const char *moduleFilename, const byte *expectedModuleMac, SecByteBlock *pActualMac, unsigned long *pMacFileLocation)
260{
261	std::auto_ptr<MessageAuthenticationCode> mac(NewIntegrityCheckingMAC());
262	unsigned int macSize = mac->DigestSize();
263
264	SecByteBlock tempMac;
265	SecByteBlock &actualMac = pActualMac ? *pActualMac : tempMac;
266	actualMac.resize(macSize);
267
268	unsigned long tempLocation;
269	unsigned long &macFileLocation = pMacFileLocation ? *pMacFileLocation : tempLocation;
270	macFileLocation = 0;
271
272	MeterFilter verifier(new HashFilter(*mac, new ArraySink(actualMac, actualMac.size())));
273//	MeterFilter verifier(new FileSink("c:\\dt.tmp"));
274	std::ifstream moduleStream;
275
276#ifdef CRYPTOPP_WIN32_AVAILABLE
277	HMODULE h;
278	{
279	char moduleFilenameBuf[MAX_PATH] = "";
280	if (moduleFilename == NULL)
281	{
282#if (_MSC_VER >= 1400 && !defined(_STLPORT_VERSION))	// ifstream doesn't support wide filename on other compilers
283		wchar_t wideModuleFilename[MAX_PATH];
284		if (GetModuleFileNameW(s_hModule, wideModuleFilename, MAX_PATH) > 0)
285		{
286			moduleStream.open(wideModuleFilename, std::ios::in | std::ios::binary);
287			h = GetModuleHandleW(wideModuleFilename);
288		}
289		else
290#endif
291		{
292			GetModuleFileNameA(s_hModule, moduleFilenameBuf, MAX_PATH);
293			moduleFilename = moduleFilenameBuf;
294		}
295	}
296#endif
297	if (moduleFilename != NULL)
298	{
299			moduleStream.open(moduleFilename, std::ios::in | std::ios::binary);
300#ifdef CRYPTOPP_WIN32_AVAILABLE
301			h = GetModuleHandleA(moduleFilename);
302			moduleFilename = NULL;
303	}
304#endif
305	}
306
307	if (!moduleStream)
308	{
309#ifdef CRYPTOPP_WIN32_AVAILABLE
310		OutputDebugString("Crypto++ DLL integrity check failed. Cannot open file for reading.");
311#endif
312		return false;
313	}
314	FileStore file(moduleStream);
315
316#ifdef CRYPTOPP_WIN32_AVAILABLE
317	// try to hash from memory first
318	const byte *memBase = (const byte *)h;
319	const IMAGE_DOS_HEADER *ph = (IMAGE_DOS_HEADER *)memBase;
320	const IMAGE_NT_HEADERS *phnt = (IMAGE_NT_HEADERS *)(memBase + ph->e_lfanew);
321	const IMAGE_SECTION_HEADER *phs = IMAGE_FIRST_SECTION(phnt);
322	DWORD nSections = phnt->FileHeader.NumberOfSections;
323	size_t currentFilePos = 0;
324
325	size_t checksumPos = (byte *)&phnt->OptionalHeader.CheckSum - memBase;
326	size_t checksumSize = sizeof(phnt->OptionalHeader.CheckSum);
327	size_t certificateTableDirectoryPos = (byte *)&phnt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_SECURITY] - memBase;
328	size_t certificateTableDirectorySize = sizeof(phnt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_SECURITY]);
329	size_t certificateTablePos = phnt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_SECURITY].VirtualAddress;
330	size_t certificateTableSize = phnt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_SECURITY].Size;
331
332	verifier.AddRangeToSkip(0, checksumPos, checksumSize);
333	verifier.AddRangeToSkip(0, certificateTableDirectoryPos, certificateTableDirectorySize);
334	verifier.AddRangeToSkip(0, certificateTablePos, certificateTableSize);
335
336	while (nSections--)
337	{
338		switch (phs->Characteristics)
339		{
340		default:
341			break;
342		case IMAGE_SCN_CNT_CODE | IMAGE_SCN_MEM_EXECUTE | IMAGE_SCN_MEM_READ:
343		case IMAGE_SCN_CNT_INITIALIZED_DATA | IMAGE_SCN_MEM_READ:
344			unsigned int sectionSize = STDMIN(phs->SizeOfRawData, phs->Misc.VirtualSize);
345			const byte *sectionMemStart = memBase + phs->VirtualAddress;
346			unsigned int sectionFileStart = phs->PointerToRawData;
347			size_t subSectionStart = 0, nextSubSectionStart;
348
349			do
350			{
351				const byte *subSectionMemStart = sectionMemStart + subSectionStart;
352				size_t subSectionFileStart = sectionFileStart + subSectionStart;
353				size_t subSectionSize = sectionSize - subSectionStart;
354				nextSubSectionStart = 0;
355
356				unsigned int entriesToReadFromDisk[] = {IMAGE_DIRECTORY_ENTRY_IMPORT, IMAGE_DIRECTORY_ENTRY_IAT};
357				for (unsigned int i=0; i<sizeof(entriesToReadFromDisk)/sizeof(entriesToReadFromDisk[0]); i++)
358				{
359					const IMAGE_DATA_DIRECTORY &entry = phnt->OptionalHeader.DataDirectory[entriesToReadFromDisk[i]];
360					const byte *entryMemStart = memBase + entry.VirtualAddress;
361					if (subSectionMemStart <= entryMemStart && entryMemStart < subSectionMemStart + subSectionSize)
362					{
363						subSectionSize = entryMemStart - subSectionMemStart;
364						nextSubSectionStart = entryMemStart - sectionMemStart + entry.Size;
365					}
366				}
367
368#if defined(_MSC_VER) && _MSC_VER >= 1400
369				// first byte of _CRT_DEBUGGER_HOOK gets modified in memory by the debugger invisibly, so read it from file
370				if (IsDebuggerPresent())
371				{
372					if (subSectionMemStart <= (byte *)&_CRT_DEBUGGER_HOOK && (byte *)&_CRT_DEBUGGER_HOOK < subSectionMemStart + subSectionSize)
373					{
374						subSectionSize = (byte *)&_CRT_DEBUGGER_HOOK - subSectionMemStart;
375						nextSubSectionStart = (byte *)&_CRT_DEBUGGER_HOOK - sectionMemStart + 1;
376					}
377				}
378#endif
379
380				if (subSectionMemStart <= expectedModuleMac && expectedModuleMac < subSectionMemStart + subSectionSize)
381				{
382					// found stored MAC
383					macFileLocation = (unsigned long)(subSectionFileStart + (expectedModuleMac - subSectionMemStart));
384					verifier.AddRangeToSkip(0, macFileLocation, macSize);
385				}
386
387				file.TransferTo(verifier, subSectionFileStart - currentFilePos);
388				verifier.Put(subSectionMemStart, subSectionSize);
389				file.Skip(subSectionSize);
390				currentFilePos = subSectionFileStart + subSectionSize;
391				subSectionStart = nextSubSectionStart;
392			} while (nextSubSectionStart != 0);
393		}
394		phs++;
395	}
396#endif
397	file.TransferAllTo(verifier);
398
399#ifdef CRYPTOPP_WIN32_AVAILABLE
400	// if that fails (could be caused by debug breakpoints or DLL base relocation modifying image in memory),
401	// hash from disk instead
402	if (!VerifyBufsEqual(expectedModuleMac, actualMac, macSize))
403	{
404		OutputDebugString("In memory integrity check failed. This may be caused by debug breakpoints or DLL relocation.\n");
405		moduleStream.clear();
406		moduleStream.seekg(0);
407		verifier.Initialize(MakeParameters(Name::OutputBuffer(), ByteArrayParameter(actualMac, (unsigned int)actualMac.size())));
408//		verifier.Initialize(MakeParameters(Name::OutputFileName(), (const char *)"c:\\dt2.tmp"));
409		verifier.AddRangeToSkip(0, checksumPos, checksumSize);
410		verifier.AddRangeToSkip(0, certificateTableDirectoryPos, certificateTableDirectorySize);
411		verifier.AddRangeToSkip(0, certificateTablePos, certificateTableSize);
412		verifier.AddRangeToSkip(0, macFileLocation, macSize);
413		FileStore(moduleStream).TransferAllTo(verifier);
414	}
415#endif
416
417	if (VerifyBufsEqual(expectedModuleMac, actualMac, macSize))
418		return true;
419
420#ifdef CRYPTOPP_WIN32_AVAILABLE
421	std::string hexMac;
422	HexEncoder(new StringSink(hexMac)).PutMessageEnd(actualMac, actualMac.size());
423	OutputDebugString((("Crypto++ DLL integrity check failed. Actual MAC is: " + hexMac) + "\n").c_str());
424#endif
425	return false;
426}
427
428void DoPowerUpSelfTest(const char *moduleFilename, const byte *expectedModuleMac)
429{
430	g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_NOT_DONE;
431	SetPowerUpSelfTestInProgressOnThisThread(true);
432
433	try
434	{
435		if (FIPS_140_2_ComplianceEnabled() || expectedModuleMac != NULL)
436		{
437			if (!IntegrityCheckModule(moduleFilename, expectedModuleMac, &g_actualMac, &g_macFileLocation))
438				throw 0;	// throw here so we break in the debugger, this will be caught right away
439		}
440
441		// algorithm tests
442
443		X917RNG_KnownAnswerTest<AES>(
444			"2b7e151628aed2a6abf7158809cf4f3c",										// key
445			"000102030405060708090a0b0c0d0e0f",										// seed
446			"00000000000000000000000000000001",										// time vector
447			"D176EDD27493B0395F4D10546232B0693DC7061C03C3A554F09CECF6F6B46D945A");	// output
448
449		SymmetricEncryptionKnownAnswerTest<DES_EDE3>(
450			"385D7189A5C3D485E1370AA5D408082B5CCCCB5E19F2D90E",
451			"C141B5FCCD28DC8A",
452			"6E1BD7C6120947A464A6AAB293A0F89A563D8D40D3461B68",
453			"64EAAD4ACBB9CEAD6C7615E7C7E4792FE587D91F20C7D2F4",
454			"6235A461AFD312973E3B4F7AA7D23E34E03371F8E8C376C9",
455			"E26BA806A59B0330DE40CA38E77A3E494BE2B212F6DD624B",
456			"E26BA806A59B03307DE2BCC25A08BA40A8BA335F5D604C62",
457			"E26BA806A59B03303C62C2EFF32D3ACDD5D5F35EBCC53371");
458
459		SymmetricEncryptionKnownAnswerTest<SKIPJACK>(
460			"1555E5531C3A169B2D65",
461			"6EC9795701F49864",
462			"00AFA48E9621E52E8CBDA312660184EDDB1F33D9DACDA8DA",
463			"DBEC73562EFCAEB56204EB8AE9557EBF77473FBB52D17CD1",
464			"0C7B0B74E21F99B8F2C8DF37879F6C044967F42A796DCA8B",
465			"79FDDA9724E36CC2E023E9A5C717A8A8A7FDA465CADCBF63",
466			"79FDDA9724E36CC26CACBD83C1ABC06EAF5B249BE5B1E040",
467			"79FDDA9724E36CC211B0AEC607B95A96BCDA318440B82F49");
468
469		SymmetricEncryptionKnownAnswerTest<AES>(
470			"2b7e151628aed2a6abf7158809cf4f3c",
471			"000102030405060708090a0b0c0d0e0f",
472			"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710",	// plaintext
473			"3ad77bb40d7a3660a89ecaf32466ef97f5d3d58503b9699de785895a96fdbaaf43b1cd7f598ece23881b00e3ed0306887b0c785e27e8ad3f8223207104725dd4", // ecb
474			"7649abac8119b246cee98e9b12e9197d5086cb9b507219ee95db113a917678b273bed6b8e3c1743b7116e69e222295163ff1caa1681fac09120eca307586e1a7",	// cbc
475			"3b3fd92eb72dad20333449f8e83cfb4ac8a64537a0b3a93fcde3cdad9f1ce58b26751f67a3cbb140b1808cf187a4f4dfc04b05357c5d1c0eeac4c66f9ff7f2e6", // cfb
476			"3b3fd92eb72dad20333449f8e83cfb4a7789508d16918f03f53c52dac54ed8259740051e9c5fecf64344f7a82260edcc304c6528f659c77866a510d9c1d6ae5e", // ofb
477			NULL);
478
479		SymmetricEncryptionKnownAnswerTest<AES>(
480			"2b7e151628aed2a6abf7158809cf4f3c",
481			"f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff",
482			"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710",
483			NULL,
484			NULL,
485			NULL,
486			NULL,
487			"874d6191b620e3261bef6864990db6ce9806f66b7970fdff8617187bb9fffdff5ae4df3edbd5d35e5b4f09020db03eab1e031dda2fbe03d1792170a0f3009cee"); // ctr
488
489
490		SecureHashKnownAnswerTest<SHA1>(
491			"abc",
492			"A9993E364706816ABA3E25717850C26C9CD0D89D");
493
494		SecureHashKnownAnswerTest<SHA224>(
495			"abc",
496			"23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7");
497
498		SecureHashKnownAnswerTest<SHA256>(
499			"abc",
500			"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad");
501
502		SecureHashKnownAnswerTest<SHA384>(
503			"abc",
504			"cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e7cc2358baeca134c825a7");
505
506		SecureHashKnownAnswerTest<SHA512>(
507			"abc",
508			"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f");
509
510		MAC_KnownAnswerTest<HMAC<SHA1> >(
511			"303132333435363738393a3b3c3d3e3f40414243",
512			"Sample #2",
513			"0922d3405faa3d194f82a45830737d5cc6c75d24");
514
515		const char *keyRSA1 =
516			"30820150020100300d06092a864886f70d01010105000482013a3082013602010002400a66791dc6988168de7ab77419bb7fb0"
517			"c001c62710270075142942e19a8d8c51d053b3e3782a1de5dc5af4ebe99468170114a1dfe67cdc9a9af55d655620bbab0203010001"
518			"02400123c5b61ba36edb1d3679904199a89ea80c09b9122e1400c09adcf7784676d01d23356a7d44d6bd8bd50e94bfc723fa"
519			"87d8862b75177691c11d757692df8881022033d48445c859e52340de704bcdda065fbb4058d740bd1d67d29e9c146c11cf61"
520			"0220335e8408866b0fd38dc7002d3f972c67389a65d5d8306566d5c4f2a5aa52628b0220045ec90071525325d3d46db79695e9af"
521			"acc4523964360e02b119baa366316241022015eb327360c7b60d12e5e2d16bdcd97981d17fba6b70db13b20b436e24eada590220"
522			"2ca6366d72781dfa24d34a9a24cbc2ae927a9958af426563ff63fb11658a461d";
523
524		const char *keyRSA2 =
525			"30820273020100300D06092A864886F70D01010105000482025D3082025902010002818100D40AF9"
526			"A2B713034249E5780056D70FC7DE75D76E44565AA6A6B8ED9646F3C19F9E254D72D7DE6E49DB2264"
527			"0C1D05AB9E2A5F901D8F3FE1F7AE02CEE2ECCE54A40ABAE55A004692752E70725AEEE7CDEA67628A"
528			"82A9239B4AB660C2BC56D9F01E90CBAAB9BF0FC8E17173CEFC5709A29391A7DDF3E0B758691AAF30"
529			"725B292F4F020111027F18C0BA087D082C45D75D3594E0767E4820818EB35612B80CEAB8C880ACA5"
530			"44B6876DFFEF85A576C0D45B551AFAA1FD63209CD745DF75C5A0F0B580296EA466CD0338207E4752"
531			"FF4E7DB724D8AE18CE5CF4153BB94C27869FBB50E64F02546E4B02997A0B8623E64017CC770759C6"
532			"695DB649EEFD829D688D441BCC4E7348F1024100EF86DD7AF3F32CDE8A9F6564E43A559A0C9F8BAD"
533			"36CC25330548B347AC158A345631FA90F7B873C36EFFAE2F7823227A3F580B5DD18304D5932751E7"
534			"43E9234F024100E2A039854B55688740E32A51DF4AF88613D91A371CF8DDD95D780A89D7CF2119A9"
535			"54F1AC0F3DCDB2F6959926E6D9D37D8BC07A4C634DE6F16315BD5F0DAC340102407ECEEDB9903572"
536			"1B76909F174BA6698DCA72953D957B22C0A871C8531EDE3A1BB52984A719BC010D1CA57A555DB83F"
537			"6DE54CBAB932AEC652F38D497A6F3F30CF024100854F30E4FF232E6DADB2CD99926855F484255AB7"
538			"01FBCDCB27EC426F33A7046972AA700ADBCA008763DF87440F52F4E070531AC385B55AAC1C2AE7DD"
539			"8F9278F1024100C313F4AF9E4A9DE1253C21080CE524251560C111550772FD08690F13FBE658342E"
540			"BD2D41C9DCB12374E871B1839E26CAE252E1AE3DAAD5F1EE1F42B4D0EE7581";
541
542		SignatureKnownAnswerTest<RSASS<PKCS1v15, SHA1> >(
543			keyRSA1,
544			"Everyone gets Friday off.",
545			"0610761F95FFD1B8F29DA34212947EC2AA0E358866A722F03CC3C41487ADC604A48FF54F5C6BEDB9FB7BD59F82D6E55D8F3174BA361B2214B2D74E8825E04E81");
546
547		SignatureKnownAnswerTest<RSASS_ISO<SHA1> >(
548			keyRSA2,
549			"test",
550			"32F6BA41C8930DE71EE67F2627172CC539EDE04267FDE03AC295E3C50311F26C3B275D3AF513AC96"
551			"8EE493BAB7DA3A754661D1A7C4A0D1A2B7EE8B313AACD8CB8BFBC5C15EFB0EF15C86A9334A1E87AD"
552			"291EB961B5CA0E84930429B28780816AA94F96FC2367B71E2D2E4866FA966795B147F00600E5207E"
553			"2F189C883B37477C");
554
555		SignaturePairwiseConsistencyTest<DSA>(
556			"3082014A0201003082012B06072A8648CE3804013082011E02818100F468699A6F6EBCC0120D3B34C8E007F125EC7D81F763B8D0F33869AE3BD6B9F2ECCC7DF34DF84C0307449E9B85D30D57194BCCEB310F48141914DD13A077AAF9B624A6CBE666BBA1D7EBEA95B5BA6F54417FD5D4E4220C601E071D316A24EA814E8B0122DBF47EE8AEEFD319EBB01DD95683F10DBB4FEB023F8262A07EAEB7FD02150082AD4E034DA6EEACDFDAE68C36F2BAD614F9E53B02818071AAF73361A26081529F7D84078ADAFCA48E031DB54AD57FB1A833ADBD8672328AABAA0C756247998D7A5B10DACA359D231332CE8120B483A784FE07D46EEBFF0D7D374A10691F78653E6DC29E27CCB1B174923960DFE5B959B919B2C3816C19251832AFD8E35D810E598F82877ABF7D40A041565168BD7F0E21E3FE2A8D8C1C0416021426EBA66E846E755169F84A1DA981D86502405DDF");
557
558		SignaturePairwiseConsistencyTest<ECDSA<EC2N, SHA1> >(
559			"302D020100301006072A8648CE3D020106052B8104000404163014020101040F0070337065E1E196980A9D00E37211");
560
561		SignaturePairwiseConsistencyTest<ECDSA<ECP, SHA1> >(
562			"3039020100301306072A8648CE3D020106082A8648CE3D030101041F301D02010104182BB8A13C8B867010BD9471D9E81FDB01ABD0538C64D6249A");
563
564		SignaturePairwiseConsistencyTest<RSASS<PSS, SHA1> >(keyRSA1);
565	}
566	catch (...)
567	{
568		g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_FAILED;
569		goto done;
570	}
571
572	g_powerUpSelfTestStatus = POWER_UP_SELF_TEST_PASSED;
573
574done:
575	SetPowerUpSelfTestInProgressOnThisThread(false);
576	return;
577}
578
579#ifdef CRYPTOPP_WIN32_AVAILABLE
580
581void DoDllPowerUpSelfTest()
582{
583	CryptoPP::DoPowerUpSelfTest(NULL, s_moduleMac);
584}
585
586#else
587
588void DoDllPowerUpSelfTest()
589{
590	throw NotImplemented("DoDllPowerUpSelfTest() only available on Windows");
591}
592
593#endif	// #ifdef CRYPTOPP_WIN32_AVAILABLE
594
595NAMESPACE_END
596
597#ifdef CRYPTOPP_WIN32_AVAILABLE
598
599// DllMain needs to be in the global namespace
600BOOL APIENTRY DllMain(HANDLE hModule,
601                      DWORD  ul_reason_for_call,
602                      LPVOID lpReserved)
603{
604	if (ul_reason_for_call == DLL_PROCESS_ATTACH)
605	{
606		CryptoPP::s_hModule = (HMODULE)hModule;
607		CryptoPP::DoDllPowerUpSelfTest();
608	}
609    return TRUE;
610}
611
612#endif	// #ifdef CRYPTOPP_WIN32_AVAILABLE
613
614#endif	// #ifndef CRYPTOPP_IMPORTS
615