/*
- * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
*
- * Licensed under the OpenSSL license (the "License"). You may not use
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
/* Internal tests for the modes module */
+/*
+ * This file uses the low level AES functions (which are deprecated for
+ * non-internal use) in order to test the modes code
+ */
+#include "internal/deprecated.h"
+
#include <stdio.h>
#include <string.h>
#include <openssl/aes.h>
#include <openssl/modes.h>
-#include "../crypto/modes/modes_lcl.h"
#include "testutil.h"
-#include "e_os.h"
+#include "crypto/modes.h"
+#include "internal/nelem.h"
typedef struct {
size_t size;
{ \
sizeof(vector_##len), vector_##len \
}
-static const SIZED_DATA cts128_vectors[] = {
+static const SIZED_DATA aes_cts128_vectors[] = {
CTS128_TEST_VECTOR(17),
CTS128_TEST_VECTOR(31),
CTS128_TEST_VECTOR(32),
CTS128_TEST_VECTOR(64),
};
-static AES_KEY *cts128_encrypt_key_schedule()
+static AES_KEY *cts128_encrypt_key_schedule(void)
{
static int init_key = 1;
static AES_KEY ks;
return &ks;
}
-static AES_KEY *cts128_decrypt_key_schedule()
+static AES_KEY *cts128_decrypt_key_schedule(void)
{
static int init_key = 1;
static AES_KEY ks;
typedef struct {
const char *case_name;
- int num;
- size_t (*transform_output)(const unsigned char *in, unsigned char *out,
- size_t len);
+ size_t (*last_blocks_correction)(const unsigned char *in,
+ unsigned char *out, size_t len);
size_t (*encrypt_block)(const unsigned char *in,
unsigned char *out, size_t len,
const void *key, unsigned char ivec[16],
block128_f block);
- size_t (*encrypt)(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], cbc128_f cbc);
+ size_t (*encrypt_stream)(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], cbc128_f cbc);
size_t (*decrypt_block)(const unsigned char *in,
unsigned char *out, size_t len,
const void *key, unsigned char ivec[16],
block128_f block);
- size_t (*decrypt)(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], cbc128_f cbc);
+ size_t (*decrypt_stream)(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], cbc128_f cbc);
} CTS128_FIXTURE;
-
-static CTS128_FIXTURE setup_cts128(const char *const test_case_name)
-{
- CTS128_FIXTURE fixture;
- fixture.case_name = test_case_name;
- return fixture;
-}
-
-static size_t transform_output(const unsigned char *in, unsigned char *out,
- size_t len)
+static size_t last_blocks_correction(const unsigned char *in,
+ unsigned char *out, size_t len)
{
size_t tail;
return tail;
}
-static size_t transform_output_nist(const unsigned char *in, unsigned char *out,
- size_t len)
+static size_t last_blocks_correction_nist(const unsigned char *in,
+ unsigned char *out, size_t len)
{
size_t tail;
return tail;
}
-static int execute_cts128(CTS128_FIXTURE fixture)
+static int execute_cts128(const CTS128_FIXTURE *fixture, int num)
{
const unsigned char *test_iv = cts128_test_iv;
size_t test_iv_len = sizeof(cts128_test_iv);
- const unsigned char *orig_vector = cts128_vectors[fixture.num].data;
- size_t len = cts128_vectors[fixture.num].size;
+ const unsigned char *orig_vector = aes_cts128_vectors[num].data;
+ size_t len = aes_cts128_vectors[num].size;
const unsigned char *test_input = cts128_test_input;
const AES_KEY *encrypt_key_schedule = cts128_encrypt_key_schedule();
const AES_KEY *decrypt_key_schedule = cts128_decrypt_key_schedule();
unsigned char iv[16];
/* The largest test inputs are = 64 bytes. */
unsigned char cleartext[64], ciphertext[64], vector[64];
- size_t tail;
+ size_t tail, size;
- TEST_info("%s_vector_%lu", fixture.case_name, (unsigned long)len);
+ TEST_info("%s_vector_%lu", fixture->case_name, (unsigned long)len);
- tail = fixture.transform_output(orig_vector, vector, len);
+ tail = fixture->last_blocks_correction(orig_vector, vector, len);
/* test block-based encryption */
memcpy(iv, test_iv, test_iv_len);
- fixture.encrypt_block(test_input, ciphertext, len,
- encrypt_key_schedule, iv,
- (block128_f)AES_encrypt);
- if (!TEST_mem_eq(ciphertext, len, vector, len))
- return 0;
-
- if (!TEST_mem_eq(iv, sizeof(iv), vector + len - tail, sizeof(iv)))
+ if (!TEST_size_t_eq(fixture->encrypt_block(test_input, ciphertext, len,
+ encrypt_key_schedule, iv,
+ (block128_f)AES_encrypt), len)
+ || !TEST_mem_eq(ciphertext, len, vector, len)
+ || !TEST_mem_eq(iv, sizeof(iv), vector + len - tail, sizeof(iv)))
return 0;
/* test block-based decryption */
memcpy(iv, test_iv, test_iv_len);
- fixture.decrypt_block(ciphertext, cleartext, len,
- decrypt_key_schedule, iv,
- (block128_f)AES_decrypt);
- if (!TEST_mem_eq(cleartext, len, test_input, len))
- return 0;
- if (!TEST_mem_eq(iv, sizeof(iv), vector + len - tail, sizeof(iv)))
+ size = fixture->decrypt_block(ciphertext, cleartext, len,
+ decrypt_key_schedule, iv,
+ (block128_f)AES_decrypt);
+ if (!TEST_true(len == size || len + 16 == size)
+ || !TEST_mem_eq(cleartext, len, test_input, len)
+ || !TEST_mem_eq(iv, sizeof(iv), vector + len - tail, sizeof(iv)))
return 0;
/* test streamed encryption */
memcpy(iv, test_iv, test_iv_len);
- fixture.encrypt(test_input, ciphertext, len, encrypt_key_schedule,
- iv, (cbc128_f) AES_cbc_encrypt);
- if (!TEST_mem_eq(ciphertext, len, vector, len))
- return 0;
- if (!TEST_mem_eq(iv, sizeof(iv), vector + len - tail, sizeof(iv)))
+ if (!TEST_size_t_eq(fixture->encrypt_stream(test_input, ciphertext, len,
+ encrypt_key_schedule, iv,
+ (cbc128_f) AES_cbc_encrypt),
+ len)
+ || !TEST_mem_eq(ciphertext, len, vector, len)
+ || !TEST_mem_eq(iv, sizeof(iv), vector + len - tail, sizeof(iv)))
return 0;
/* test streamed decryption */
memcpy(iv, test_iv, test_iv_len);
- fixture.decrypt(ciphertext, cleartext, len, decrypt_key_schedule, iv,
- (cbc128_f)AES_cbc_encrypt);
- if (!TEST_mem_eq(cleartext, len, test_input, len))
- return 0;
- if (!TEST_mem_eq(iv, sizeof(iv), vector + len - tail, sizeof(iv)))
+ if (!TEST_size_t_eq(fixture->decrypt_stream(ciphertext, cleartext, len,
+ decrypt_key_schedule, iv,
+ (cbc128_f)AES_cbc_encrypt),
+ len)
+ || !TEST_mem_eq(cleartext, len, test_input, len)
+ || !TEST_mem_eq(iv, sizeof(iv), vector + len - tail, sizeof(iv)))
return 0;
return 1;
}
-static int test_cts128(int idx)
+static int test_aes_cts128(int idx)
{
- SETUP_TEST_FIXTURE(CTS128_FIXTURE, setup_cts128);
- fixture.transform_output = transform_output;
- fixture.encrypt_block = CRYPTO_cts128_encrypt_block;
- fixture.encrypt = CRYPTO_cts128_encrypt;
- fixture.decrypt_block = CRYPTO_cts128_decrypt_block;
- fixture.decrypt = CRYPTO_cts128_decrypt;
- fixture.case_name = "cts128";
- fixture.num = idx;
- EXECUTE_TEST_NO_TEARDOWN(execute_cts128);
+ static const CTS128_FIXTURE fixture_cts128 = {
+ "aes_cts128", last_blocks_correction,
+ CRYPTO_cts128_encrypt_block, CRYPTO_cts128_encrypt,
+ CRYPTO_cts128_decrypt_block, CRYPTO_cts128_decrypt
+ };
+
+ return execute_cts128(&fixture_cts128, idx);
}
-static int test_cts128_nist(int idx)
+static int test_aes_cts128_nist(int idx)
{
- SETUP_TEST_FIXTURE(CTS128_FIXTURE, setup_cts128);
- fixture.transform_output = transform_output_nist;
- fixture.encrypt_block = CRYPTO_nistcts128_encrypt_block;
- fixture.encrypt = CRYPTO_nistcts128_encrypt;
- fixture.decrypt_block = CRYPTO_nistcts128_decrypt_block;
- fixture.decrypt = CRYPTO_nistcts128_decrypt;
- fixture.case_name = "cts128_nist";
- fixture.num = idx;
- EXECUTE_TEST_NO_TEARDOWN(execute_cts128);
+ static const CTS128_FIXTURE fixture_cts128_nist = {
+ "aes_cts128_nist", last_blocks_correction_nist,
+ CRYPTO_nistcts128_encrypt_block, CRYPTO_nistcts128_encrypt,
+ CRYPTO_nistcts128_decrypt_block, CRYPTO_nistcts128_decrypt
+ };
+
+ return execute_cts128(&fixture_cts128_nist, idx);
}
/*
return 1;
}
-static void benchmark_gcm128(const unsigned char *K, size_t Klen,
- const unsigned char *IV, size_t IVlen)
+int setup_tests(void)
{
-#ifdef OPENSSL_CPUID_OBJ
- GCM128_CONTEXT ctx;
- AES_KEY key;
- size_t start, gcm_t, ctr_t, OPENSSL_rdtsc();
- union {
- u64 u;
- u8 c[1024];
- } buf;
-
- AES_set_encrypt_key(K, Klen * 8, &key);
- CRYPTO_gcm128_init(&ctx, &key, (block128_f) AES_encrypt);
- CRYPTO_gcm128_setiv(&ctx, IV, IVlen);
-
- CRYPTO_gcm128_encrypt(&ctx, buf.c, buf.c, sizeof(buf));
- start = OPENSSL_rdtsc();
- CRYPTO_gcm128_encrypt(&ctx, buf.c, buf.c, sizeof(buf));
- gcm_t = OPENSSL_rdtsc() - start;
-
- CRYPTO_ctr128_encrypt(buf.c, buf.c, sizeof(buf),
- &key, ctx.Yi.c, ctx.EKi.c, &ctx.mres,
- (block128_f) AES_encrypt);
- start = OPENSSL_rdtsc();
- CRYPTO_ctr128_encrypt(buf.c, buf.c, sizeof(buf),
- &key, ctx.Yi.c, ctx.EKi.c, &ctx.mres,
- (block128_f) AES_encrypt);
- ctr_t = OPENSSL_rdtsc() - start;
-
- printf("%.2f-%.2f=%.2f\n",
- gcm_t / (double)sizeof(buf),
- ctr_t / (double)sizeof(buf),
- (gcm_t - ctr_t) / (double)sizeof(buf));
-# ifdef GHASH
- {
- void (*gcm_ghash_p) (u64 Xi[2], const u128 Htable[16],
- const u8 *inp, size_t len) = ctx.ghash;
-
- GHASH((&ctx), buf.c, sizeof(buf));
- start = OPENSSL_rdtsc();
- for (i = 0; i < 100; ++i)
- GHASH((&ctx), buf.c, sizeof(buf));
- gcm_t = OPENSSL_rdtsc() - start;
- printf("%.2f\n", gcm_t / (double)sizeof(buf) / (double)i);
- }
-# endif
-#else
- fprintf(stderr,
- "Benchmarking of modes isn't available on this platform\n");
-#endif
-}
-
-int test_main(int argc, char **argv)
-{
- int result = 0;
- int iter_argv;
- int benchmark = 0;
-
- for (iter_argv = 1; iter_argv < argc; iter_argv++) {
- if (strcmp(argv[iter_argv], "-b") == 0)
- benchmark = 1;
- else if (strcmp(argv[iter_argv], "-h") == 0)
- goto help;
- }
-
- ADD_ALL_TESTS(test_cts128, OSSL_NELEM(cts128_vectors));
- ADD_ALL_TESTS(test_cts128_nist, OSSL_NELEM(cts128_vectors));
+ ADD_ALL_TESTS(test_aes_cts128, OSSL_NELEM(aes_cts128_vectors));
+ ADD_ALL_TESTS(test_aes_cts128_nist, OSSL_NELEM(aes_cts128_vectors));
ADD_ALL_TESTS(test_gcm128, OSSL_NELEM(gcm128_vectors));
-
- result = run_tests(argv[0]);
-
- if (benchmark)
- benchmark_gcm128(K1, sizeof(K1), IV1, sizeof(IV1));
-
- return result;
-
- help:
- printf("-h\tThis help\n");
- printf("-b\tBenchmark gcm128 in addition to the tests\n");
-
- return 0;
+ return 1;
}