#include <openssl/provider.h>
#include <openssl/core_names.h>
#include <openssl/dsa.h>
+#include <openssl/dh.h>
#include "testutil.h"
#include "internal/nelem.h"
#include "crypto/evp.h"
* kExampleDSAKeyDER is a DSA private key in ASN.1, DER format. Of course, you
* should never use this key anywhere but in an example.
*/
+#ifndef OPENSSL_NO_DSA
static const unsigned char kExampleDSAKeyDER[] = {
0x30, 0x82, 0x01, 0xba, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0x9a,
0x05, 0x6d, 0x33, 0xcd, 0x5d, 0x78, 0xa1, 0xbb, 0xcb, 0x7d, 0x5b, 0x8d,
0xf1, 0x8c, 0x82, 0x97, 0xf2, 0xf4, 0x19, 0xba, 0x2b, 0xf3, 0x16, 0xbe,
0x40, 0x48
};
+#endif
/*
* kExampleBadRSAKeyDER is an RSA private key in ASN.1, DER format. The private
return ret;
}
+#ifndef OPENSSL_NO_DSA
static EVP_PKEY *load_example_dsa_key(void)
{
EVP_PKEY *ret = NULL;
return ret;
}
+#endif
+static EVP_PKEY *load_example_hmac_key(void)
+{
+ EVP_PKEY *pkey = NULL;
+ unsigned char key[] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
+ 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
+ };
+
+ pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL, key, sizeof(key));
+ if (!TEST_ptr(pkey))
+ return NULL;
+
+ return pkey;
+}
static int test_EVP_Enveloped(void)
{
}
/*
- * Test 0: Standard calls to EVP_DigestSignInit/Update/Final (RSA)
- * Test 1: Standard calls to EVP_DigestSignInit/Update/Final (DSA)
- * Test 2: Use an MD BIO to do the Update calls instead (RSA)
- * Test 3: Use an MD BIO to do the Update calls instead (DSA)
+ * Test 0: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, RSA)
+ * Test 1: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, DSA)
+ * Test 2: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, HMAC)
+ * Test 3: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch digest, RSA)
+ * Test 4: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch digest, DSA)
+ * Test 5: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch diegst, HMAC)
+ * Test 6: Use an MD BIO to do the Update calls instead (RSA)
+ * Test 7: Use an MD BIO to do the Update calls instead (DSA)
+ * Test 8: Use an MD BIO to do the Update calls instead (HMAC)
*/
static int test_EVP_DigestSignInit(int tst)
{
EVP_MD_CTX *a_md_ctx = NULL, *a_md_ctx_verify = NULL;
BIO *mdbio = NULL, *membio = NULL;
size_t written;
+ const EVP_MD *md;
+ EVP_MD *mdexp = NULL;
- if (tst >= 2) {
+ if (tst >= 6) {
membio = BIO_new(BIO_s_mem());
mdbio = BIO_new(BIO_f_md());
if (!TEST_ptr(membio) || !TEST_ptr(mdbio))
goto out;
}
- if (tst == 0 || tst == 2) {
+ if (tst == 0 || tst == 3 || tst == 6) {
if (!TEST_ptr(pkey = load_example_rsa_key()))
goto out;
- } else {
+ } else if (tst == 1 || tst == 4 || tst == 7) {
+#ifndef OPENSSL_NO_DSA
if (!TEST_ptr(pkey = load_example_dsa_key()))
goto out;
+#else
+ ret = 1;
+ goto out;
+#endif
+ } else {
+ if (!TEST_ptr(pkey = load_example_hmac_key()))
+ goto out;
}
- if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sha256(), NULL, pkey)))
+ if (tst >= 3 && tst <= 5)
+ md = mdexp = EVP_MD_fetch(NULL, "SHA256", NULL);
+ else
+ md = EVP_sha256();
+
+ if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, md, NULL, pkey)))
goto out;
- if (tst >= 2) {
+ if (tst >= 6) {
if (!BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written))
goto out;
} else {
/* Determine the size of the signature. */
if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len))
- || !TEST_size_t_eq(sig_len, (size_t)EVP_PKEY_size(pkey)))
+ || !TEST_size_t_le(sig_len, (size_t)EVP_PKEY_size(pkey)))
goto out;
if (!TEST_ptr(sig = OPENSSL_malloc(sig_len))
|| !TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
goto out;
- if (tst >= 2) {
+ if (tst >= 6) {
if (!TEST_int_gt(BIO_reset(mdbio), 0)
|| !TEST_int_gt(BIO_get_md_ctx(mdbio, &md_ctx_verify), 0))
goto out;
}
- /* Ensure that the signature round-trips. */
- if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sha256(),
- NULL, pkey)))
- goto out;
-
- if (tst >= 2) {
- if (!BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written))
+ /*
+ * Ensure that the signature round-trips (Verification isn't supported for
+ * HMAC via EVP_DigestVerify*)
+ */
+ if (tst != 2 && tst != 5 && tst != 8) {
+ if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, md,
+ NULL, pkey)))
goto out;
- } else {
- if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg,
- sizeof(kMsg))))
+
+ if (tst >= 6) {
+ if (!TEST_true(BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written)))
+ goto out;
+ } else {
+ if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg,
+ sizeof(kMsg))))
+ goto out;
+ }
+ if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
goto out;
}
- if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
- goto out;
ret = 1;
EVP_MD_CTX_free(a_md_ctx_verify);
EVP_PKEY_free(pkey);
OPENSSL_free(sig);
+ EVP_MD_free(mdexp);
return ret;
}
const OSSL_PARAM *params;
OSSL_PARAM ourparams[2], *param = ourparams;
DSA *dsa = NULL;
- BIGNUM *p = NULL, *q = NULL, *g = NULL;
+ BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub = NULL, *priv = NULL;
EVP_PKEY *pkey = NULL;
int ret = 0;
const EVP_MD *md;
char ssl3ms[48];
/*
- * Setup the parameters for our DSA object. For our purposes they don't have
- * to actually be *valid* parameters. We just need to set something. We
- * don't even need a pub_key/priv_key.
+ * Setup the parameters for our DSA object. For our purposes they don't
+ * have to actually be *valid* parameters. We just need to set something.
*/
dsa = DSA_new();
p = BN_new();
q = BN_new();
g = BN_new();
+ pub = BN_new();
+ priv = BN_new();
if (!TEST_ptr(dsa)
|| !TEST_ptr(p)
|| !TEST_ptr(q)
|| !TEST_ptr(g)
- || !DSA_set0_pqg(dsa, p, q, g))
+ || !TEST_ptr(pub)
+ || !DSA_set0_pqg(dsa, p, q, g)
+ || !DSA_set0_key(dsa, pub, priv))
goto err;
- p = q = g = NULL;
+ p = q = g = pub = priv = NULL;
pkey = EVP_PKEY_new();
if (!TEST_ptr(pkey)
/* Initialise a sign operation */
ctx = EVP_PKEY_CTX_new(pkey, NULL);
- dsaimpl = EVP_SIGNATURE_fetch(NULL, "DSA", NULL);
if (!TEST_ptr(ctx)
- || !TEST_ptr(dsaimpl)
- || !TEST_int_gt(EVP_PKEY_sign_init_ex(ctx, dsaimpl), 0))
+ || !TEST_int_gt(EVP_PKEY_sign_init(ctx), 0))
goto err;
/*
*/
mdctx = EVP_MD_CTX_new();
if (!TEST_ptr(mdctx)
- || !TEST_true(EVP_DigestSignInit_ex(mdctx, NULL, "SHA1", NULL,
- pkey, dsaimpl)))
+ || !TEST_true(EVP_DigestSignInit_ex(mdctx, NULL, "SHA1", NULL, pkey)))
goto err;
/*
BN_free(p);
BN_free(q);
BN_free(g);
+ BN_free(pub);
+ BN_free(priv);
+
+ return ret;
+}
+#endif
+
+#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
+static int test_decrypt_null_chunks(void)
+{
+ EVP_CIPHER_CTX* ctx = NULL;
+ const unsigned char key[32] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
+ 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1
+ };
+ unsigned char iv[12] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b
+ };
+ unsigned char msg[] = "It was the best of times, it was the worst of times";
+ unsigned char ciphertext[80];
+ unsigned char plaintext[80];
+ /* We initialise tmp to a non zero value on purpose */
+ int ctlen, ptlen, tmp = 99;
+ int ret = 0;
+ const int enc_offset = 10, dec_offset = 20;
+
+ if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())
+ || !TEST_true(EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL,
+ key, iv))
+ || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext, &ctlen, msg,
+ enc_offset))
+ /* Deliberate add a zero length update */
+ || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext + ctlen, &tmp, NULL,
+ 0))
+ || !TEST_int_eq(tmp, 0)
+ || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext + ctlen, &tmp,
+ msg + enc_offset,
+ sizeof(msg) - enc_offset))
+ || !TEST_int_eq(ctlen += tmp, sizeof(msg))
+ || !TEST_true(EVP_EncryptFinal(ctx, ciphertext + ctlen, &tmp))
+ || !TEST_int_eq(tmp, 0))
+ goto err;
+
+ /* Deliberately initialise tmp to a non zero value */
+ tmp = 99;
+ if (!TEST_true(EVP_DecryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL, key,
+ iv))
+ || !TEST_true(EVP_DecryptUpdate(ctx, plaintext, &ptlen, ciphertext,
+ dec_offset))
+ /*
+ * Deliberately add a zero length update. We also deliberately do
+ * this at a different offset than for encryption.
+ */
+ || !TEST_true(EVP_DecryptUpdate(ctx, plaintext + ptlen, &tmp, NULL,
+ 0))
+ || !TEST_int_eq(tmp, 0)
+ || !TEST_true(EVP_DecryptUpdate(ctx, plaintext + ptlen, &tmp,
+ ciphertext + dec_offset,
+ ctlen - dec_offset))
+ || !TEST_int_eq(ptlen += tmp, sizeof(msg))
+ || !TEST_true(EVP_DecryptFinal(ctx, plaintext + ptlen, &tmp))
+ || !TEST_int_eq(tmp, 0)
+ || !TEST_mem_eq(msg, sizeof(msg), plaintext, ptlen))
+ goto err;
+
+ ret = 1;
+ err:
+ EVP_CIPHER_CTX_free(ctx);
+ return ret;
+}
+#endif /* !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) */
+
+#ifndef OPENSSL_NO_DH
+static int test_EVP_PKEY_set1_DH(void)
+{
+ DH *x942dh, *pkcs3dh;
+ EVP_PKEY *pkey1, *pkey2;
+ int ret = 0;
+
+ x942dh = DH_get_2048_256();
+ pkcs3dh = DH_new_by_nid(NID_ffdhe2048);
+ pkey1 = EVP_PKEY_new();
+ pkey2 = EVP_PKEY_new();
+ if (!TEST_ptr(x942dh)
+ || !TEST_ptr(pkcs3dh)
+ || !TEST_ptr(pkey1)
+ || !TEST_ptr(pkey2))
+ goto err;
+
+ if(!TEST_true(EVP_PKEY_set1_DH(pkey1, x942dh))
+ || !TEST_int_eq(EVP_PKEY_id(pkey1), EVP_PKEY_DHX))
+ goto err;
+
+
+ if(!TEST_true(EVP_PKEY_set1_DH(pkey2, pkcs3dh))
+ || !TEST_int_eq(EVP_PKEY_id(pkey2), EVP_PKEY_DH))
+ goto err;
+
+ ret = 1;
+ err:
+ EVP_PKEY_free(pkey1);
+ EVP_PKEY_free(pkey2);
+ DH_free(x942dh);
+ DH_free(pkcs3dh);
return ret;
}
int setup_tests(void)
{
- ADD_ALL_TESTS(test_EVP_DigestSignInit, 4);
+ ADD_ALL_TESTS(test_EVP_DigestSignInit, 9);
ADD_TEST(test_EVP_DigestVerifyInit);
ADD_TEST(test_EVP_Enveloped);
ADD_ALL_TESTS(test_d2i_AutoPrivateKey, OSSL_NELEM(keydata));
#ifndef OPENSSL_NO_DSA
ADD_TEST(test_EVP_PKEY_CTX_get_set_params);
#endif
+#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
+ ADD_TEST(test_decrypt_null_chunks);
+#endif
+#ifndef OPENSSL_NO_DH
+ ADD_TEST(test_EVP_PKEY_set1_DH);
+#endif
+
return 1;
}