// Copyright (c) 2019, Google Inc.
//
// Permission to use, copy, modify, and/or distribute this software for any
// purpose with or without fee is hereby granted, provided that the above
// copyright notice and this permission notice appear in all copies.
//
// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
package main
import (
"bufio"
"bytes"
"crypto"
"crypto/hmac"
"crypto/sha256"
"crypto/x509"
"encoding/base64"
"encoding/binary"
"encoding/json"
"encoding/pem"
"errors"
"flag"
"fmt"
"io/ioutil"
"log"
"net/http"
neturl "net/url"
"os"
"path/filepath"
"strings"
"time"
"boringssl.googlesource.com/boringssl/util/fipstools/acvp/acvptool/acvp"
"boringssl.googlesource.com/boringssl/util/fipstools/acvp/acvptool/subprocess"
)
var (
dumpRegcap = flag . Bool ( "regcap" , false , "Print module capabilities JSON to stdout" )
configFilename = flag . String ( "config" , "config.json" , "Location of the configuration JSON file" )
jsonInputFile = flag . String ( "json" , "" , "Location of a vector-set input file" )
runFlag = flag . String ( "run" , "" , "Name of primitive to run tests for" )
fetchFlag = flag . String ( "fetch" , "" , "Name of primitive to fetch vectors for" )
wrapperPath = flag . String ( "wrapper" , "../../../../build/util/fipstools/acvp/modulewrapper/modulewrapper" , "Path to the wrapper binary" )
)
type Config struct {
CertPEMFile string
PrivateKeyFile string
PrivateKeyDERFile string
TOTPSecret string
ACVPServer string
SessionTokensCache string
LogFile string
}
func isCommentLine ( line [ ] byte ) bool {
var foundCommentStart bool
for _ , b := range line {
if ! foundCommentStart {
if b == ' ' || b == '\t' {
continue
}
if b != '/' {
return false
}
foundCommentStart = true
} else {
return b == '/'
}
}
return false
}
func jsonFromFile ( out interface { } , filename string ) error {
in , err := os . Open ( filename )
if err != nil {
return err
}
defer in . Close ( )
scanner := bufio . NewScanner ( in )
var commentsRemoved bytes . Buffer
for scanner . Scan ( ) {
if isCommentLine ( scanner . Bytes ( ) ) {
continue
}
commentsRemoved . Write ( scanner . Bytes ( ) )
commentsRemoved . WriteString ( "\n" )
}
if err := scanner . Err ( ) ; err != nil {
return err
}
decoder := json . NewDecoder ( & commentsRemoved )
decoder . DisallowUnknownFields ( )
if err := decoder . Decode ( out ) ; err != nil {
return err
}
if decoder . More ( ) {
return errors . New ( "trailing garbage found" )
}
return nil
}
// TOTP implements the time-based one-time password algorithm with the suggested
// granularity of 30 seconds. See https://tools.ietf.org/html/rfc6238 and then
// https://tools.ietf.org/html/rfc4226#section-5.3
func TOTP ( secret [ ] byte ) string {
const timeStep = 30
now := uint64 ( time . Now ( ) . Unix ( ) ) / 30
var nowBuf [ 8 ] byte
binary . BigEndian . PutUint64 ( nowBuf [ : ] , now )
mac := hmac . New ( sha256 . New , secret )
mac . Write ( nowBuf [ : ] )
digest := mac . Sum ( nil )
value := binary . BigEndian . Uint32 ( digest [ digest [ 31 ] & 15 : ] )
value &= 0x7fffffff
value %= 100000000
return fmt . Sprintf ( "%08d" , value )
}
type Middle interface {
Close ( )
Config ( ) ( [ ] byte , error )
Process ( algorithm string , vectorSet [ ] byte ) ( interface { } , error )
}
func loadCachedSessionTokens ( server * acvp . Server , cachePath string ) error {
cacheDir , err := os . Open ( cachePath )
if err != nil {
if os . IsNotExist ( err ) {
if err := os . Mkdir ( cachePath , 0700 ) ; err != nil {
return fmt . Errorf ( "Failed to create session token cache directory %q: %s" , cachePath , err )
}
return nil
}
return fmt . Errorf ( "Failed to open session token cache directory %q: %s" , cachePath , err )
}
defer cacheDir . Close ( )
names , err := cacheDir . Readdirnames ( 0 )
if err != nil {
return fmt . Errorf ( "Failed to list session token cache directory %q: %s" , cachePath , err )
}
loaded := 0
for _ , name := range names {
if ! strings . HasSuffix ( name , ".token" ) {
continue
}
path := filepath . Join ( cachePath , name )
contents , err := ioutil . ReadFile ( path )
if err != nil {
return fmt . Errorf ( "Failed to read session token cache entry %q: %s" , path , err )
}
urlPath , err := neturl . PathUnescape ( name [ : len ( name ) - 6 ] )
if err != nil {
return fmt . Errorf ( "Failed to unescape token filename %q: %s" , name , err )
}
server . PrefixTokens [ urlPath ] = string ( contents )
loaded ++
}
log . Printf ( "Loaded %d cached tokens" , loaded )
return nil
}
func trimLeadingSlash ( s string ) string {
if strings . HasPrefix ( s , "/" ) {
return s [ 1 : ]
}
return s
}
// looksLikeHeaderElement returns true iff element looks like it's a header,
// not a test. Some ACVP files contain a header as the first element that
// should be duplicated into the response, and some don't. If the element
// contains a "url" field then we guess that it's a header.
func looksLikeHeaderElement ( element json . RawMessage ) bool {
var headerFields struct {
URL string ` json:"url" `
}
if err := json . Unmarshal ( element , & headerFields ) ; err != nil {
return false
}
return len ( headerFields . URL ) > 0
}
// processFile reads a file containing vector sets, at least in the format
// preferred by our lab, and writes the results to stdout.
func processFile ( filename string , supportedAlgos [ ] map [ string ] interface { } , middle Middle ) error {
jsonBytes , err := ioutil . ReadFile ( filename )
if err != nil {
return err
}
var elements [ ] json . RawMessage
if err := json . Unmarshal ( jsonBytes , & elements ) ; err != nil {
return err
}
// There must be at least one element in the file.
if len ( elements ) < 1 {
return errors . New ( "JSON input is empty" )
}
var header json . RawMessage
if looksLikeHeaderElement ( elements [ 0 ] ) {
header , elements = elements [ 0 ] , elements [ 1 : ]
if len ( elements ) == 0 {
return errors . New ( "JSON input is empty" )
}
}
// Build a map of which algorithms our Middle supports.
algos := make ( map [ string ] struct { } )
for _ , supportedAlgo := range supportedAlgos {
algoInterface , ok := supportedAlgo [ "algorithm" ]
if ! ok {
continue
}
algo , ok := algoInterface . ( string )
if ! ok {
continue
}
algos [ algo ] = struct { } { }
}
var result bytes . Buffer
result . WriteString ( "[" )
if header != nil {
headerBytes , err := json . MarshalIndent ( header , "" , " " )
if err != nil {
return err
}
result . Write ( headerBytes )
result . WriteString ( "," )
}
for i , element := range elements {
var commonFields struct {
Algo string ` json:"algorithm" `
ID uint64 ` json:"vsId" `
}
if err := json . Unmarshal ( element , & commonFields ) ; err != nil {
return fmt . Errorf ( "failed to extract common fields from vector set #%d" , i + 1 )
}
algo := commonFields . Algo
if _ , ok := algos [ algo ] ; ! ok {
return fmt . Errorf ( "vector set #%d contains unsupported algorithm %q" , i + 1 , algo )
}
replyGroups , err := middle . Process ( algo , element )
if err != nil {
return fmt . Errorf ( "while processing vector set #%d: %s" , i + 1 , err )
}
group := map [ string ] interface { } {
"vsId" : commonFields . ID ,
"testGroups" : replyGroups ,
}
replyBytes , err := json . MarshalIndent ( group , "" , " " )
if err != nil {
return err
}
if i != 0 {
result . WriteString ( "," )
}
result . Write ( replyBytes )
}
result . WriteString ( "]\n" )
os . Stdout . Write ( result . Bytes ( ) )
return nil
}
func main ( ) {
flag . Parse ( )
var err error
var middle Middle
middle , err = subprocess . New ( * wrapperPath )
if err != nil {
log . Fatalf ( "failed to initialise middle: %s" , err )
}
defer middle . Close ( )
configBytes , err := middle . Config ( )
if err != nil {
log . Fatalf ( "failed to get config from middle: %s" , err )
}
var supportedAlgos [ ] map [ string ] interface { }
if err := json . Unmarshal ( configBytes , & supportedAlgos ) ; err != nil {
log . Fatalf ( "failed to parse configuration from Middle: %s" , err )
}
if * dumpRegcap {
nonTestAlgos := make ( [ ] map [ string ] interface { } , 0 , len ( supportedAlgos ) )
for _ , algo := range supportedAlgos {
if value , ok := algo [ "acvptoolTestOnly" ] ; ok {
testOnly , ok := value . ( bool )
if ! ok {
log . Fatalf ( "modulewrapper config contains acvptoolTestOnly field with non-boolean value %#v" , value )
}
if testOnly {
continue
}
}
nonTestAlgos = append ( nonTestAlgos , algo )
}
regcap := [ ] map [ string ] interface { } {
map [ string ] interface { } { "acvVersion" : "1.0" } ,
map [ string ] interface { } { "algorithms" : nonTestAlgos } ,
}
regcapBytes , err := json . MarshalIndent ( regcap , "" , " " )
if err != nil {
log . Fatalf ( "failed to marshal regcap: %s" , err )
}
os . Stdout . Write ( regcapBytes )
os . Stdout . WriteString ( "\n" )
os . Exit ( 0 )
}
if len ( * jsonInputFile ) > 0 {
if err := processFile ( * jsonInputFile , supportedAlgos , middle ) ; err != nil {
log . Fatalf ( "failed to process input file: %s" , err )
}
os . Exit ( 0 )
}
var config Config
if err := jsonFromFile ( & config , * configFilename ) ; err != nil {
log . Fatalf ( "Failed to load config file: %s" , err )
}
if len ( config . TOTPSecret ) == 0 {
log . Fatal ( "Config file missing TOTPSecret" )
}
totpSecret , err := base64 . StdEncoding . DecodeString ( config . TOTPSecret )
if err != nil {
log . Fatalf ( "Failed to base64-decode TOTP secret from config file: %s. (Note that the secret _itself_ should be in the config, not the name of a file that contains it.)" , err )
}
if len ( config . CertPEMFile ) == 0 {
log . Fatal ( "Config file missing CertPEMFile" )
}
certPEM , err := ioutil . ReadFile ( config . CertPEMFile )
if err != nil {
log . Fatalf ( "failed to read certificate from %q: %s" , config . CertPEMFile , err )
}
block , _ := pem . Decode ( certPEM )
certDER := block . Bytes
if len ( config . PrivateKeyDERFile ) == 0 && len ( config . PrivateKeyFile ) == 0 {
log . Fatal ( "Config file missing PrivateKeyDERFile and PrivateKeyFile" )
}
if len ( config . PrivateKeyDERFile ) != 0 && len ( config . PrivateKeyFile ) != 0 {
log . Fatal ( "Config file has both PrivateKeyDERFile and PrivateKeyFile. Can only have one." )
}
privateKeyFile := config . PrivateKeyDERFile
if len ( config . PrivateKeyFile ) > 0 {
privateKeyFile = config . PrivateKeyFile
}
keyBytes , err := ioutil . ReadFile ( privateKeyFile )
if err != nil {
log . Fatalf ( "failed to read private key from %q: %s" , privateKeyFile , err )
}
var keyDER [ ] byte
pemBlock , _ := pem . Decode ( keyBytes )
if pemBlock != nil {
keyDER = pemBlock . Bytes
} else {
keyDER = keyBytes
}
var certKey crypto . PrivateKey
if certKey , err = x509 . ParsePKCS1PrivateKey ( keyDER ) ; err != nil {
if certKey , err = x509 . ParsePKCS8PrivateKey ( keyDER ) ; err != nil {
log . Fatalf ( "failed to parse private key from %q: %s" , privateKeyFile , err )
}
}
var requestedAlgosFlag string
if len ( * runFlag ) > 0 && len ( * fetchFlag ) > 0 {
log . Fatalf ( "cannot specify both -run and -fetch" )
}
if len ( * runFlag ) > 0 {
requestedAlgosFlag = * runFlag
} else {
requestedAlgosFlag = * fetchFlag
}
runAlgos := make ( map [ string ] bool )
if len ( requestedAlgosFlag ) > 0 {
for _ , substr := range strings . Split ( requestedAlgosFlag , "," ) {
runAlgos [ substr ] = false
}
}
var algorithms [ ] map [ string ] interface { }
for _ , supportedAlgo := range supportedAlgos {
algoInterface , ok := supportedAlgo [ "algorithm" ]
if ! ok {
continue
}
algo , ok := algoInterface . ( string )
if ! ok {
continue
}
if _ , ok := runAlgos [ algo ] ; ok {
algorithms = append ( algorithms , supportedAlgo )
runAlgos [ algo ] = true
}
}
for algo , recognised := range runAlgos {
if ! recognised {
log . Fatalf ( "requested algorithm %q was not recognised" , algo )
}
}
if len ( config . ACVPServer ) == 0 {
config . ACVPServer = "https://demo.acvts.nist.gov/"
}
server := acvp . NewServer ( config . ACVPServer , config . LogFile , [ ] [ ] byte { certDER } , certKey , func ( ) string {
return TOTP ( totpSecret [ : ] )
} )
var sessionTokensCacheDir string
if len ( config . SessionTokensCache ) > 0 {
sessionTokensCacheDir = config . SessionTokensCache
if strings . HasPrefix ( sessionTokensCacheDir , "~/" ) {
home := os . Getenv ( "HOME" )
if len ( home ) == 0 {
log . Fatal ( "~ used in config file but $HOME not set" )
}
sessionTokensCacheDir = filepath . Join ( home , sessionTokensCacheDir [ 2 : ] )
}
if err := loadCachedSessionTokens ( server , sessionTokensCacheDir ) ; err != nil {
log . Fatal ( err )
}
}
if err := server . Login ( ) ; err != nil {
log . Fatalf ( "failed to login: %s" , err )
}
if len ( requestedAlgosFlag ) == 0 {
if interactiveModeSupported {
runInteractive ( server , config )
} else {
log . Fatalf ( "no arguments given but interactive mode not supported" )
}
return
}
requestBytes , err := json . Marshal ( acvp . TestSession {
IsSample : true ,
Publishable : false ,
Algorithms : algorithms ,
} )
if err != nil {
log . Fatalf ( "Failed to serialise JSON: %s" , err )
}
var result acvp . TestSession
if err := server . Post ( & result , "acvp/v1/testSessions" , requestBytes ) ; err != nil {
log . Fatalf ( "Request to create test session failed: %s" , err )
}
url := trimLeadingSlash ( result . URL )
log . Printf ( "Created test session %q" , url )
if token := result . AccessToken ; len ( token ) > 0 {
server . PrefixTokens [ url ] = token
if len ( sessionTokensCacheDir ) > 0 {
ioutil . WriteFile ( filepath . Join ( sessionTokensCacheDir , neturl . PathEscape ( url ) ) + ".token" , [ ] byte ( token ) , 0600 )
}
}
log . Printf ( "Have vector sets %v" , result . VectorSetURLs )
if len ( * fetchFlag ) > 0 {
os . Stdout . WriteString ( "[\n" )
json . NewEncoder ( os . Stdout ) . Encode ( map [ string ] interface { } {
"url" : url ,
"vectorSetUrls" : result . VectorSetURLs ,
"time" : time . Now ( ) . Format ( time . RFC3339 ) ,
} )
}
for _ , setURL := range result . VectorSetURLs {
firstTime := true
for {
if firstTime {
log . Printf ( "Fetching test vectors %q" , setURL )
firstTime = false
}
vectorsBytes , err := server . GetBytes ( trimLeadingSlash ( setURL ) )
if err != nil {
log . Fatalf ( "Failed to fetch vector set %q: %s" , setURL , err )
}
var vectors acvp . Vectors
if err := json . Unmarshal ( vectorsBytes , & vectors ) ; err != nil {
log . Fatalf ( "Failed to parse vector set from %q: %s" , setURL , err )
}
if retry := vectors . Retry ; retry > 0 {
log . Printf ( "Server requested %d seconds delay" , retry )
if retry > 10 {
retry = 10
}
time . Sleep ( time . Duration ( retry ) * time . Second )
continue
}
if len ( * fetchFlag ) > 0 {
os . Stdout . WriteString ( ",\n" )
os . Stdout . Write ( vectorsBytes )
break
}
replyGroups , err := middle . Process ( vectors . Algo , vectorsBytes )
if err != nil {
log . Printf ( "Failed: %s" , err )
log . Printf ( "Deleting test set" )
server . Delete ( url )
os . Exit ( 1 )
}
headerBytes , err := json . Marshal ( acvp . Vectors {
ID : vectors . ID ,
Algo : vectors . Algo ,
} )
if err != nil {
log . Printf ( "Failed to marshal result: %s" , err )
log . Printf ( "Deleting test set" )
server . Delete ( url )
os . Exit ( 1 )
}
var resultBuf bytes . Buffer
resultBuf . Write ( headerBytes [ : len ( headerBytes ) - 1 ] )
resultBuf . WriteString ( ` ,"testGroups": ` )
replyBytes , err := json . Marshal ( replyGroups )
if err != nil {
log . Printf ( "Failed to marshal result: %s" , err )
log . Printf ( "Deleting test set" )
server . Delete ( url )
os . Exit ( 1 )
}
resultBuf . Write ( replyBytes )
resultBuf . WriteString ( "}" )
resultData := resultBuf . Bytes ( )
resultSize := uint64 ( len ( resultData ) ) + 32 /* for framing overhead */
if server . SizeLimit > 0 && resultSize >= server . SizeLimit {
// The NIST ACVP server no longer requires the large-upload process,
// suggesting that it may no longer be needed.
log . Printf ( "Result is %d bytes, too much given server limit of %d bytes. Using large-upload process." , resultSize , server . SizeLimit )
largeRequestBytes , err := json . Marshal ( acvp . LargeUploadRequest {
Size : resultSize ,
URL : setURL ,
} )
if err != nil {
log . Printf ( "Failed to marshal large-upload request: %s" , err )
log . Printf ( "Deleting test set" )
server . Delete ( url )
os . Exit ( 1 )
}
var largeResponse acvp . LargeUploadResponse
if err := server . Post ( & largeResponse , "/large" , largeRequestBytes ) ; err != nil {
log . Fatalf ( "Failed to request large-upload endpoint: %s" , err )
}
log . Printf ( "Directed to large-upload endpoint at %q" , largeResponse . URL )
client := & http . Client { }
req , err := http . NewRequest ( "POST" , largeResponse . URL , bytes . NewBuffer ( resultData ) )
if err != nil {
log . Fatalf ( "Failed to create POST request: %s" , err )
}
token := largeResponse . AccessToken
if len ( token ) == 0 {
token = server . AccessToken
}
req . Header . Add ( "Authorization" , "Bearer " + token )
req . Header . Add ( "Content-Type" , "application/json" )
resp , err := client . Do ( req )
if err != nil {
log . Fatalf ( "Failed writing large upload: %s" , err )
}
resp . Body . Close ( )
if resp . StatusCode != 200 {
log . Fatalf ( "Large upload resulted in status code %d" , resp . StatusCode )
}
} else {
log . Printf ( "Result size %d bytes" , resultSize )
if err := server . Post ( nil , trimLeadingSlash ( setURL ) + "/results" , resultData ) ; err != nil {
log . Fatalf ( "Failed to upload results: %s\n" , err )
}
}
break
}
}
if len ( * fetchFlag ) > 0 {
os . Stdout . WriteString ( "]\n" )
os . Exit ( 0 )
}
FetchResults :
for {
var results acvp . SessionResults
if err := server . Get ( & results , trimLeadingSlash ( url ) + "/results" ) ; err != nil {
log . Fatalf ( "Failed to fetch session results: %s" , err )
}
if results . Passed {
log . Print ( "Test passed" )
break
}
for _ , result := range results . Results {
if result . Status == "incomplete" {
log . Print ( "Server hasn't finished processing results. Waiting 10 seconds." )
time . Sleep ( 10 * time . Second )
continue FetchResults
}
}
log . Fatalf ( "Server did not accept results: %#v" , results )
}
}
