1 /* ====================================================================
2 * Copyright (c) 2011-2013 The OpenSSL Project. All rights reserved.
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * licensing@OpenSSL.org.
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
30 * 6. Redistributions of any form whatsoever must retain the following
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 * ====================================================================
55 #include <openssl/evp.h>
57 /* This program tests an AEAD against a series of test vectors from a file. The
58 * test vector file consists of key-value lines where the key and value are
59 * separated by a colon and optional whitespace. The keys are listed in
60 * |NAMES|, below. The values are hex-encoded data.
62 * After a number of key-value lines, a blank line or EOF indicates the end of
65 * For example, here's a valid test case:
67 * KEY: 5a19f3173586b4c42f8412f4d5a786531b3231753e9e00998aec12fda8df10e4
68 * NONCE: 978105dfce667bf4
72 * TAG: 1d45758621762e061368e68868e2f929
77 /* These are the different types of line that are found in the input file. */
80 KEY = 0, /* hex encoded key. */
81 NONCE, /* hex encoded nonce. */
82 IN, /* hex encoded plaintext. */
83 AD, /* hex encoded additional data. */
84 CT, /* hex encoded ciphertext (not including the authenticator,
86 TAG, /* hex encoded authenticator. */
90 static const char NAMES[6][NUM_TYPES] =
100 static unsigned char hex_digit(char h)
102 if (h >= '0' && h <= '9')
104 else if (h >= 'a' && h <= 'f')
106 else if (h >= 'A' && h <= 'F')
112 static int run_test_case(const EVP_AEAD* aead,
113 unsigned char bufs[NUM_TYPES][BUF_MAX],
114 const unsigned int lengths[NUM_TYPES],
115 unsigned int line_no)
120 unsigned char out[BUF_MAX+EVP_AEAD_MAX_TAG_LENGTH], out2[BUF_MAX];
122 if (!EVP_AEAD_CTX_init(&ctx, aead, bufs[KEY], lengths[KEY],
125 fprintf(stderr, "Failed to init AEAD on line %u\n", line_no);
129 n = EVP_AEAD_CTX_seal(
130 &ctx, out, sizeof(out),
131 bufs[NONCE], lengths[NONCE],
132 bufs[IN], lengths[IN],
133 bufs[AD], lengths[AD]);
137 fprintf(stderr, "Failed to run AEAD on line %u\n",
144 if (un != lengths[CT] + lengths[TAG])
146 fprintf(stderr, "Bad output length on line %u: %u vs %u\n",
147 line_no, (unsigned) un,
148 (unsigned)(lengths[CT] + lengths[TAG]));
152 if (memcmp(out, bufs[CT], lengths[CT]) != 0)
154 fprintf(stderr, "Bad output on line %u\n", line_no);
158 if (memcmp(out + lengths[CT], bufs[TAG], lengths[TAG]) != 0)
160 fprintf(stderr, "Bad tag on line %u\n", line_no);
164 n = EVP_AEAD_CTX_open(&ctx, out2, lengths[IN],
165 bufs[NONCE], lengths[NONCE],
167 bufs[AD], lengths[AD]);
170 fprintf(stderr, "Failed to decrypt on line %u\n", line_no);
174 if ((size_t) n != lengths[IN])
176 fprintf(stderr, "Bad decrypt on line %u: %u\n", line_no,
182 n = EVP_AEAD_CTX_open(&ctx, out2, lengths[IN],
183 bufs[NONCE], lengths[NONCE],
185 bufs[AD], lengths[AD]);
188 fprintf(stderr, "Decrypted bad data on line %u\n", line_no);
192 EVP_AEAD_CTX_cleanup(&ctx);
196 int main(int argc, char **argv)
199 const EVP_AEAD *aead = NULL;
200 unsigned int line_no = 0, num_tests = 0, j;
202 unsigned char bufs[NUM_TYPES][BUF_MAX];
203 unsigned int lengths[NUM_TYPES];
207 fprintf(stderr, "%s <aead> <test file.txt>\n", argv[0]);
211 if (strcmp(argv[1], "chacha20-poly1305") == 0)
213 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
214 aead = EVP_aead_chacha20_poly1305();
216 fprintf(stderr, "No chacha20-poly1305 support. Skipping test.\n");
220 else if (strcmp(argv[1], "aes-128-gcm") == 0)
222 #ifndef OPENSSL_NO_AES
223 aead = EVP_aead_aes_128_gcm();
225 fprintf(stderr, "No AES support. Skipping test.\n");
229 else if (strcmp(argv[1], "aes-256-gcm") == 0)
231 #ifndef OPENSSL_NO_AES
232 aead = EVP_aead_aes_256_gcm();
234 fprintf(stderr, "No AES support. Skipping test.\n");
240 fprintf(stderr, "Unknown AEAD: %s\n", argv[1]);
244 f = fopen(argv[2], "r");
247 perror("failed to open input");
251 for (j = 0; j < NUM_TYPES; j++)
257 unsigned int i, type_len = 0;
259 unsigned char *buf = NULL;
260 unsigned int *buf_len;
262 if (!fgets(line, sizeof(line), f))
269 if (line[0] == '\n' || line[0] == 0)
271 /* Run a test, if possible. */
272 char any_values_set = 0;
273 for (j = 0; j < NUM_TYPES; j++)
285 if (!run_test_case(aead, bufs, lengths, line_no))
288 for (j = 0; j < NUM_TYPES; j++)
295 /* Each line looks like:
297 * Where "TYPE" is the type of the data on the line,
299 for (i = 0; line[i] != 0 && line[i] != '\n'; i++)
311 fprintf(stderr, "Parse error on line %u\n",
316 /* After the colon, there's optional whitespace. */
317 for (; line[i] != 0 && line[i] != '\n'; i++)
319 if (line[i] != ' ' && line[i] != '\t')
324 for (j = 0; j < NUM_TYPES; j++)
326 if (strcmp(line, NAMES[j]) != 0)
330 fprintf(stderr, "Duplicate value on line %u\n",
335 buf_len = &lengths[j];
340 fprintf(stderr, "Unknown line type on line %u\n",
346 for (; line[i] != 0 && line[i] != '\n'; i++)
349 v = hex_digit(line[i++]);
350 if (line[i] == 0 || line[i] == '\n')
352 fprintf(stderr, "Odd-length hex data"
357 v2 = hex_digit(line[i]);
358 if (v > 15 || v2 > 15)
360 fprintf(stderr, "Invalid hex char"
370 fprintf(stderr, "Too much hex data"
371 " on line %u (max is"
373 line_no, (unsigned) BUF_MAX);
377 *buf_len = *buf_len + 1;
381 printf("Completed %u test cases\n", num_tests);