X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=test%2Fevp_test.c;h=63ae14492040889eafd62bb74a9b852db1510248;hb=d462b5ff21e9fcdef98447c8f8d8c694b1e79602;hp=17b9fc0dfb1ddb9e02d3751601a47703c84d6872;hpb=703170d4b9da1b3adc0e4d87719a5156080b2dca;p=oweals%2Fopenssl.git diff --git a/test/evp_test.c b/test/evp_test.c index 17b9fc0dfb..63ae144920 100644 --- a/test/evp_test.c +++ b/test/evp_test.c @@ -325,19 +325,24 @@ static int parse_bin(const char *value, unsigned char **buf, size_t *buflen) typedef struct digest_data_st { /* Digest this test is for */ const EVP_MD *digest; + EVP_MD *fetched_digest; /* Input to digest */ STACK_OF(EVP_TEST_BUFFER) *input; /* Expected output */ unsigned char *output; size_t output_len; + /* Padding type */ + int pad_type; } DIGEST_DATA; static int digest_test_init(EVP_TEST *t, const char *alg) { DIGEST_DATA *mdat; const EVP_MD *digest; + EVP_MD *fetched_digest; - if ((digest = EVP_get_digestbyname(alg)) == NULL) { + if ((digest = fetched_digest = EVP_MD_fetch(NULL, alg, NULL)) == NULL + && (digest = EVP_get_digestbyname(alg)) == NULL) { /* If alg has an OID assume disabled algorithm */ if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) { t->skip = 1; @@ -349,6 +354,10 @@ static int digest_test_init(EVP_TEST *t, const char *alg) return 0; t->data = mdat; mdat->digest = digest; + mdat->fetched_digest = fetched_digest; + mdat->pad_type = 0; + if (fetched_digest != NULL) + TEST_info("%s is fetched", alg); return 1; } @@ -358,6 +367,7 @@ static void digest_test_cleanup(EVP_TEST *t) sk_EVP_TEST_BUFFER_pop_free(mdat->input, evp_test_buffer_free); OPENSSL_free(mdat->output); + EVP_MD_meth_free(mdat->fetched_digest); } static int digest_test_parse(EVP_TEST *t, @@ -373,6 +383,8 @@ static int digest_test_parse(EVP_TEST *t, return evp_test_buffer_set_count(value, mdata->input); if (strcmp(keyword, "Ncopy") == 0) return evp_test_buffer_ncopy(value, mdata->input); + if (strcmp(keyword, "Padding") == 0) + return (mdata->pad_type = atoi(value)) > 0; return 0; } @@ -387,6 +399,7 @@ static int digest_test_run(EVP_TEST *t) EVP_MD_CTX *mctx; unsigned char *got = NULL; unsigned int got_len; + OSSL_PARAM params[2]; t->err = "TEST_FAILURE"; if (!TEST_ptr(mctx = EVP_MD_CTX_new())) @@ -401,6 +414,15 @@ static int digest_test_run(EVP_TEST *t) t->err = "DIGESTINIT_ERROR"; goto err; } + if (expected->pad_type > 0) { + params[0] = OSSL_PARAM_construct_int(OSSL_DIGEST_PARAM_PAD_TYPE, + &expected->pad_type); + params[1] = OSSL_PARAM_construct_end(); + if (!TEST_int_gt(EVP_MD_CTX_set_params(mctx, params), 0)) { + t->err = "PARAMS_ERROR"; + goto err; + } + } if (!evp_test_buffer_do(expected->input, digest_update_fn, mctx)) { t->err = "DIGESTUPDATE_ERROR"; goto err; @@ -472,12 +494,15 @@ static const EVP_TEST_METHOD digest_test_method = { typedef struct cipher_data_st { const EVP_CIPHER *cipher; + EVP_CIPHER *fetched_cipher; int enc; /* EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE or EVP_CIPH_OCB_MODE if AEAD */ int aead; unsigned char *key; size_t key_len; + size_t key_bits; /* Used by RC2 */ unsigned char *iv; + unsigned int rounds; size_t iv_len; unsigned char *plaintext; size_t plaintext_len; @@ -494,10 +519,12 @@ typedef struct cipher_data_st { static int cipher_test_init(EVP_TEST *t, const char *alg) { const EVP_CIPHER *cipher; + EVP_CIPHER *fetched_cipher; CIPHER_DATA *cdat; int m; - if ((cipher = EVP_get_cipherbyname(alg)) == NULL) { + if ((cipher = fetched_cipher = EVP_CIPHER_fetch(NULL, alg, NULL)) == NULL + && (cipher = EVP_get_cipherbyname(alg)) == NULL) { /* If alg has an OID assume disabled algorithm */ if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) { t->skip = 1; @@ -507,6 +534,7 @@ static int cipher_test_init(EVP_TEST *t, const char *alg) } cdat = OPENSSL_zalloc(sizeof(*cdat)); cdat->cipher = cipher; + cdat->fetched_cipher = fetched_cipher; cdat->enc = -1; m = EVP_CIPHER_mode(cipher); if (m == EVP_CIPH_GCM_MODE @@ -520,6 +548,8 @@ static int cipher_test_init(EVP_TEST *t, const char *alg) cdat->aead = 0; t->data = cdat; + if (fetched_cipher != NULL) + TEST_info("%s is fetched", alg); return 1; } @@ -535,6 +565,7 @@ static void cipher_test_cleanup(EVP_TEST *t) for (i = 0; i < AAD_NUM; i++) OPENSSL_free(cdat->aad[i]); OPENSSL_free(cdat->tag); + EVP_CIPHER_meth_free(cdat->fetched_cipher); } static int cipher_test_parse(EVP_TEST *t, const char *keyword, @@ -545,12 +576,26 @@ static int cipher_test_parse(EVP_TEST *t, const char *keyword, if (strcmp(keyword, "Key") == 0) return parse_bin(value, &cdat->key, &cdat->key_len); + if (strcmp(keyword, "Rounds") == 0) { + i = atoi(value); + if (i < 0) + return -1; + cdat->rounds = (unsigned int)i; + return 1; + } if (strcmp(keyword, "IV") == 0) return parse_bin(value, &cdat->iv, &cdat->iv_len); if (strcmp(keyword, "Plaintext") == 0) return parse_bin(value, &cdat->plaintext, &cdat->plaintext_len); if (strcmp(keyword, "Ciphertext") == 0) return parse_bin(value, &cdat->ciphertext, &cdat->ciphertext_len); + if (strcmp(keyword, "KeyBits") == 0) { + i = atoi(value); + if (i < 0) + return -1; + cdat->key_bits = (size_t)i; + return 1; + } if (cdat->aead) { if (strcmp(keyword, "AAD") == 0) { for (i = 0; i < AAD_NUM; i++) { @@ -591,12 +636,15 @@ static int cipher_test_enc(EVP_TEST *t, int enc, unsigned char *in, *expected_out, *tmp = NULL; size_t in_len, out_len, donelen = 0; int ok = 0, tmplen, chunklen, tmpflen, i; + EVP_CIPHER_CTX *ctx_base = NULL; EVP_CIPHER_CTX *ctx = NULL; t->err = "TEST_FAILURE"; + if (!TEST_ptr(ctx_base = EVP_CIPHER_CTX_new())) + goto err; if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())) goto err; - EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW); + EVP_CIPHER_CTX_set_flags(ctx_base, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW); if (enc) { in = expected->plaintext; in_len = expected->plaintext_len; @@ -633,18 +681,18 @@ static int cipher_test_enc(EVP_TEST *t, int enc, in = memcpy(tmp + out_misalign + in_len + 2 * EVP_MAX_BLOCK_LENGTH + inp_misalign, in, in_len); } - if (!EVP_CipherInit_ex(ctx, expected->cipher, NULL, NULL, NULL, enc)) { + if (!EVP_CipherInit_ex(ctx_base, expected->cipher, NULL, NULL, NULL, enc)) { t->err = "CIPHERINIT_ERROR"; goto err; } if (expected->iv) { if (expected->aead) { - if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, + if (!EVP_CIPHER_CTX_ctrl(ctx_base, EVP_CTRL_AEAD_SET_IVLEN, expected->iv_len, 0)) { t->err = "INVALID_IV_LENGTH"; goto err; } - } else if (expected->iv_len != (size_t)EVP_CIPHER_CTX_iv_length(ctx)) { + } else if (expected->iv_len != (size_t)EVP_CIPHER_CTX_iv_length(ctx_base)) { t->err = "INVALID_IV_LENGTH"; goto err; } @@ -663,29 +711,56 @@ static int cipher_test_enc(EVP_TEST *t, int enc, tag = expected->tag; } if (tag || expected->aead != EVP_CIPH_GCM_MODE) { - if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, + if (!EVP_CIPHER_CTX_ctrl(ctx_base, EVP_CTRL_AEAD_SET_TAG, expected->tag_len, tag)) goto err; } } - if (!EVP_CIPHER_CTX_set_key_length(ctx, expected->key_len)) { + if (expected->rounds > 0) { + int rounds = (int)expected->rounds; + + if (!EVP_CIPHER_CTX_ctrl(ctx_base, EVP_CTRL_SET_RC5_ROUNDS, rounds, NULL)) { + t->err = "INVALID_ROUNDS"; + goto err; + } + } + + if (!EVP_CIPHER_CTX_set_key_length(ctx_base, expected->key_len)) { t->err = "INVALID_KEY_LENGTH"; goto err; } - if (!EVP_CipherInit_ex(ctx, NULL, NULL, expected->key, expected->iv, -1)) { + if (expected->key_bits > 0) { + int bits = (int)expected->key_bits; + + if (!EVP_CIPHER_CTX_ctrl(ctx_base, EVP_CTRL_SET_RC2_KEY_BITS, bits, NULL)) { + t->err = "INVALID KEY BITS"; + goto err; + } + } + if (!EVP_CipherInit_ex(ctx_base, NULL, NULL, expected->key, expected->iv, -1)) { t->err = "KEY_SET_ERROR"; goto err; } + /* Check that we get the same IV back */ if (expected->iv != NULL && (EVP_CIPHER_flags(expected->cipher) & EVP_CIPH_CUSTOM_IV) == 0 && !TEST_mem_eq(expected->iv, expected->iv_len, - EVP_CIPHER_CTX_iv(ctx), expected->iv_len)) { + EVP_CIPHER_CTX_iv(ctx_base), expected->iv_len)) { t->err = "INVALID_IV"; goto err; } + /* Test that the cipher dup functions correctly if it is supported */ + if (EVP_CIPHER_CTX_copy(ctx, ctx_base)) { + EVP_CIPHER_CTX_free(ctx_base); + ctx_base = NULL; + } else { + EVP_CIPHER_CTX_free(ctx); + ctx = ctx_base; + } + if (expected->aead == EVP_CIPH_CCM_MODE) { if (!EVP_CipherUpdate(ctx, NULL, &tmplen, NULL, out_len)) { t->err = "CCM_PLAINTEXT_LENGTH_SET_ERROR"; @@ -792,6 +867,8 @@ static int cipher_test_enc(EVP_TEST *t, int enc, ok = 1; err: OPENSSL_free(tmp); + if (ctx != ctx_base) + EVP_CIPHER_CTX_free(ctx_base); EVP_CIPHER_CTX_free(ctx); return ok; } @@ -890,6 +967,7 @@ static const EVP_TEST_METHOD cipher_test_method = { typedef struct mac_data_st { /* MAC type in one form or another */ + char *mac_name; EVP_MAC *mac; /* for mac_test_run_mac */ int type; /* for mac_test_run_pkey */ /* Algorithm string for this MAC */ @@ -973,6 +1051,7 @@ static int mac_test_init(EVP_TEST *t, const char *alg) mdat = OPENSSL_zalloc(sizeof(*mdat)); mdat->type = type; + mdat->mac_name = OPENSSL_strdup(alg); mdat->mac = mac; mdat->controls = sk_OPENSSL_STRING_new_null(); t->data = mdat; @@ -990,6 +1069,7 @@ static void mac_test_cleanup(EVP_TEST *t) MAC_DATA *mdat = t->data; EVP_MAC_free(mdat->mac); + OPENSSL_free(mdat->mac_name); sk_OPENSSL_STRING_pop_free(mdat->controls, openssl_free); OPENSSL_free(mdat->alg); OPENSSL_free(mdat->key); @@ -1147,13 +1227,13 @@ static int mac_test_run_mac(EVP_TEST *t) size_t params_n = 0; size_t params_n_allocstart = 0; const OSSL_PARAM *defined_params = - EVP_MAC_CTX_settable_params(expected->mac); + EVP_MAC_settable_ctx_params(expected->mac); if (expected->alg == NULL) - TEST_info("Trying the EVP_MAC %s test", EVP_MAC_name(expected->mac)); + TEST_info("Trying the EVP_MAC %s test", expected->mac_name); else TEST_info("Trying the EVP_MAC %s test with %s", - EVP_MAC_name(expected->mac), expected->alg); + expected->mac_name, expected->alg); #ifdef OPENSSL_NO_DES if (expected->alg != NULL && strstr(expected->alg, "DES") != NULL) { @@ -1173,14 +1253,12 @@ static int mac_test_run_mac(EVP_TEST *t) OSSL_MAC_PARAM_CIPHER) != NULL) { params[params_n++] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER, - expected->alg, - strlen(expected->alg) + 1); + expected->alg, 0); } else if (OSSL_PARAM_locate_const(defined_params, OSSL_MAC_PARAM_DIGEST) != NULL) { params[params_n++] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, - expected->alg, - strlen(expected->alg) + 1); + expected->alg, 0); } else { t->err = "MAC_BAD_PARAMS"; goto err; @@ -1228,9 +1306,11 @@ static int mac_test_run_mac(EVP_TEST *t) if (tmpval != NULL) *tmpval++ = '\0'; - if (!OSSL_PARAM_allocate_from_text(¶ms[params_n], defined_params, - tmpkey, tmpval, - strlen(tmpval))) { + if (tmpval == NULL + || !OSSL_PARAM_allocate_from_text(¶ms[params_n], + defined_params, + tmpkey, tmpval, + strlen(tmpval), NULL)) { OPENSSL_free(tmpkey); t->err = "MAC_PARAM_ERROR"; goto err; @@ -1975,6 +2055,8 @@ typedef struct kdf_data_st { /* Expected output */ unsigned char *output; size_t output_len; + OSSL_PARAM params[20]; + OSSL_PARAM *p; } KDF_DATA; /* @@ -1984,10 +2066,11 @@ typedef struct kdf_data_st { static int kdf_test_init(EVP_TEST *t, const char *name) { KDF_DATA *kdata; - const EVP_KDF *kdf; + EVP_KDF *kdf; #ifdef OPENSSL_NO_SCRYPT - if (strcmp(name, "scrypt") == 0) { + /* TODO(3.0) Replace with "scrypt" once aliases are supported */ + if (strcmp(name, "id-scrypt") == 0) { t->skip = 1; return 1; } @@ -2000,13 +2083,18 @@ static int kdf_test_init(EVP_TEST *t, const char *name) } #endif /* OPENSSL_NO_CMS */ - kdf = EVP_get_kdfbyname(name); - if (kdf == NULL) + if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata)))) return 0; + kdata->p = kdata->params; + *kdata->p = OSSL_PARAM_construct_end(); - if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata)))) + kdf = EVP_KDF_fetch(NULL, name, NULL); + if (kdf == NULL) { + OPENSSL_free(kdata); return 0; + } kdata->ctx = EVP_KDF_CTX_new(kdf); + EVP_KDF_free(kdf); if (kdata->ctx == NULL) { OPENSSL_free(kdata); return 0; @@ -2018,6 +2106,10 @@ static int kdf_test_init(EVP_TEST *t, const char *name) static void kdf_test_cleanup(EVP_TEST *t) { KDF_DATA *kdata = t->data; + OSSL_PARAM *p; + + for (p = kdata->params; p->key != NULL; p++) + OPENSSL_free(p->data); OPENSSL_free(kdata->output); EVP_KDF_CTX_free(kdata->ctx); } @@ -2025,36 +2117,45 @@ static void kdf_test_cleanup(EVP_TEST *t) static int kdf_test_ctrl(EVP_TEST *t, EVP_KDF_CTX *kctx, const char *value) { + KDF_DATA *kdata = t->data; int rv; - char *p, *tmpval; + char *p, *name; + const OSSL_PARAM *defs = EVP_KDF_settable_ctx_params(EVP_KDF_CTX_kdf(kctx)); - if (!TEST_ptr(tmpval = OPENSSL_strdup(value))) + if (!TEST_ptr(name = OPENSSL_strdup(value))) return 0; - p = strchr(tmpval, ':'); + p = strchr(name, ':'); if (p != NULL) *p++ = '\0'; - rv = EVP_KDF_ctrl_str(kctx, tmpval, p); - if (rv == -2) { - t->err = "KDF_CTRL_INVALID"; - rv = 1; - } else if (p != NULL && rv <= 0) { + + rv = OSSL_PARAM_allocate_from_text(kdata->p, defs, name, p, + p != NULL ? strlen(p) : 0, NULL); + *++kdata->p = OSSL_PARAM_construct_end(); + if (!rv) { + t->err = "KDF_PARAM_ERROR"; + OPENSSL_free(name); + return 0; + } + if (p != NULL && strcmp(name, "digest") == 0) { /* If p has an OID and lookup fails assume disabled algorithm */ int nid = OBJ_sn2nid(p); if (nid == NID_undef) nid = OBJ_ln2nid(p); - if (nid != NID_undef - && EVP_get_digestbynid(nid) == NULL - && EVP_get_cipherbynid(nid) == NULL) { + if (nid != NID_undef && EVP_get_digestbynid(nid) == NULL) t->skip = 1; - rv = 1; - } else { - t->err = "KDF_CTRL_ERROR"; - rv = 1; - } } - OPENSSL_free(tmpval); - return rv > 0; + if (p != NULL && strcmp(name, "cipher") == 0) { + /* If p has an OID and lookup fails assume disabled algorithm */ + int nid = OBJ_sn2nid(p); + + if (nid == NID_undef) + nid = OBJ_ln2nid(p); + if (nid != NID_undef && EVP_get_cipherbynid(nid) == NULL) + t->skip = 1; + } + OPENSSL_free(name); + return 1; } static int kdf_test_parse(EVP_TEST *t, @@ -2075,6 +2176,10 @@ static int kdf_test_run(EVP_TEST *t) unsigned char *got = NULL; size_t got_len = expected->output_len; + if (!EVP_KDF_CTX_set_params(expected->ctx, expected->params)) { + t->err = "KDF_CTRL_ERROR"; + return 1; + } if (!TEST_ptr(got = OPENSSL_malloc(got_len))) { t->err = "INTERNAL_ERROR"; goto err; @@ -2161,6 +2266,7 @@ static int pkey_kdf_test_init(EVP_TEST *t, const char *name) static void pkey_kdf_test_cleanup(EVP_TEST *t) { PKEY_KDF_DATA *kdata = t->data; + OPENSSL_free(kdata->output); EVP_PKEY_CTX_free(kdata->ctx); } @@ -2768,7 +2874,6 @@ static void clear_test(EVP_TEST *t) static int check_test_error(EVP_TEST *t) { unsigned long err; - const char *func; const char *reason; if (t->err == NULL && t->expected_err == NULL) @@ -2811,9 +2916,8 @@ static int check_test_error(EVP_TEST *t) return 0; } - func = ERR_func_error_string(err); reason = ERR_reason_error_string(err); - if (func == NULL && reason == NULL) { + if (reason == NULL) { TEST_info("%s:%d: Expected error \"%s\", no strings available." " Assuming ok.", t->s.test_file, t->s.start, t->reason); @@ -3041,17 +3145,6 @@ top: if (!TEST_ptr(key = OPENSSL_malloc(sizeof(*key)))) return 0; key->name = take_value(pp); - - /* Hack to detect SM2 keys */ - if(pkey != NULL && strstr(key->name, "SM2") != NULL) { -#ifdef OPENSSL_NO_SM2 - EVP_PKEY_free(pkey); - pkey = NULL; -#else - EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2); -#endif - } - key->key = pkey; key->next = *klist; *klist = key; @@ -3154,8 +3247,14 @@ OPT_TEST_DECLARE_USAGE("file...\n") int setup_tests(void) { - size_t n = test_get_argument_count(); + size_t n; + + if (!test_skip_common_options()) { + TEST_error("Error parsing test options\n"); + return 0; + } + n = test_get_argument_count(); if (n == 0) return 0;