*) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7
+) applies to 0.9.7 only
+ +) Add EVP test program.
+ [Ben Laurie]
+
+) Add symmetric cipher support to ENGINE. Expect the API to change!
[Ben Laurie]
/* Instruct an engine to load any EVP ciphers it knows of */
/* XXX make this work via defaults? */
void ENGINE_load_engine_ciphers(ENGINE *e);
+/* Get a particular cipher from a particular engine - NULL if the engine
+ * doesn't have it */
+const EVP_CIPHER *ENGINE_get_cipher_by_name(ENGINE *e,const char *name);
+
/* Obligatory error function. */
void ERR_load_ENGINE_strings(void);
for(n=0 ; n < sk_ENGINE_EVP_CIPHER_num(e->ciphers) ; ++n)
EVP_add_cipher(sk_ENGINE_EVP_CIPHER_value(e->ciphers,n)->cipher);
}
+
+const EVP_CIPHER *ENGINE_get_cipher_by_name(ENGINE *e,const char *name)
+ {
+ int n;
+
+ for(n=0 ; n < ENGINE_cipher_num(e) ; ++n)
+ {
+ const EVP_CIPHER *c=ENGINE_get_cipher(e,n);
+
+ if(!strcmp(EVP_CIPHER_name(c),name))
+ return c;
+ }
+ return NULL;
+ }
CFLAGS= $(INCLUDES) $(CFLAG)
GENERAL=Makefile
-TEST=
+TEST=evp_test.c evptests.txt
APPS=
LIB=$(TOP)/libcrypto.a
#define EVP_MD_CTX_type(e) EVP_MD_type((e)->digest)
#define EVP_CIPHER_nid(e) ((e)->nid)
+#define EVP_CIPHER_name(e) OBJ_nid2sn(EVP_CIPHER_nid(e))
#define EVP_CIPHER_block_size(e) ((e)->block_size)
#define EVP_CIPHER_key_length(e) ((e)->key_len)
#define EVP_CIPHER_iv_length(e) ((e)->iv_len)
#define EVP_delete_digest_alias(alias) \
OBJ_NAME_remove(alias,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS);
-
void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
EVP_MD_CTX *EVP_MD_CTX_create(void);
int datal, int count, unsigned char *key,unsigned char *iv);
int EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
- unsigned char *key, unsigned char *iv);
+ const unsigned char *key, const unsigned char *iv);
int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
- int *outl, unsigned char *in, int inl);
+ int *outl, const unsigned char *in, int inl);
int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
int EVP_DecryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
- unsigned char *key, unsigned char *iv);
+ const unsigned char *key, const unsigned char *iv);
int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
- int *outl, unsigned char *in, int inl);
+ int *outl, const unsigned char *in, int inl);
int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
int EVP_CipherInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
- unsigned char *key,unsigned char *iv,int enc);
+ const unsigned char *key,const unsigned char *iv,
+ int enc);
int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
- int *outl, unsigned char *in, int inl);
+ int *outl, const unsigned char *in, int inl);
int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s,
}
int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
- unsigned char *key, unsigned char *iv, int enc)
+ const unsigned char *key, const unsigned char *iv, int enc)
{
if(enc && (enc != -1)) enc = 1;
if (cipher)
}
int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
- unsigned char *in, int inl)
+ const unsigned char *in, int inl)
{
if (ctx->encrypt)
return EVP_EncryptUpdate(ctx,out,outl,in,inl);
}
int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
- unsigned char *key, unsigned char *iv)
+ const unsigned char *key, const unsigned char *iv)
{
return EVP_CipherInit(ctx, cipher, key, iv, 1);
}
int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
- unsigned char *key, unsigned char *iv)
+ const unsigned char *key, const unsigned char *iv)
{
return EVP_CipherInit(ctx, cipher, key, iv, 0);
}
int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
- unsigned char *in, int inl)
+ const unsigned char *in, int inl)
{
int i,j,bl;
}
int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
- unsigned char *in, int inl)
+ const unsigned char *in, int inl)
{
int b;
--- /dev/null
+/* Written by Ben Laurie, 2001 */
+/*
+ * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/evp.h>
+#include <openssl/engine.h>
+
+static void hexdump(FILE *f,const char *title,const unsigned char *s,int l)
+ {
+ int n=0;
+
+ fprintf(f,"%s",title);
+ for( ; n < l ; ++n)
+ {
+ if((n%16) == 0)
+ fprintf(f,"\n%04x",n);
+ fprintf(f," %02x",s[n]);
+ }
+ fprintf(f,"\n");
+ }
+
+static int convert(unsigned char *s)
+ {
+ unsigned char *d;
+
+ for(d=s ; *s ; s+=2,++d)
+ {
+ int n;
+
+ if(!s[1])
+ {
+ fprintf(stderr,"Odd number of hex digits!");
+ exit(4);
+ }
+ sscanf((char *)s,"%2x",&n);
+ *d=(unsigned char)n;
+ }
+ return s-d;
+ }
+
+static unsigned char *ustrsep(char **p,const char *sep)
+ { return (unsigned char *)strsep((char **)p,sep); }
+
+static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn,
+ const unsigned char *iv,int in,
+ const unsigned char *plaintext,int pn,
+ const unsigned char *ciphertext,int cn)
+ {
+ EVP_CIPHER_CTX ctx;
+ unsigned char out[4096];
+ int outl,outl2;
+
+ printf("Testing cipher %s\n",EVP_CIPHER_name(c));
+ hexdump(stdout,"Key",key,kn);
+ if(in)
+ hexdump(stdout,"IV",iv,in);
+ hexdump(stdout,"Plaintext",plaintext,pn);
+ hexdump(stdout,"Ciphertext",ciphertext,cn);
+
+
+ if(kn != c->key_len)
+ {
+ fprintf(stderr,"Key length doesn't match, got %d expected %d\n",kn,
+ c->key_len);
+ exit(5);
+ }
+
+ if(!EVP_EncryptInit(&ctx,c,key,iv))
+ {
+ fprintf(stderr,"EncryptInit failed\n");
+ exit(10);
+ }
+ EVP_CIPHER_CTX_set_padding(&ctx,0);
+
+ if(!EVP_EncryptUpdate(&ctx,out,&outl,plaintext,pn))
+ {
+ fprintf(stderr,"Encrypt failed\n");
+ exit(6);
+ }
+ if(!EVP_EncryptFinal(&ctx,out+outl,&outl2))
+ {
+ fprintf(stderr,"EncryptFinal failed\n");
+ exit(7);
+ }
+
+ if(outl+outl2 != cn)
+ {
+ fprintf(stderr,"Ciphertext length mismatch got %d expected %d\n",
+ outl+outl2,cn);
+ exit(8);
+ }
+
+ if(memcmp(out,ciphertext,cn))
+ {
+ fprintf(stderr,"Ciphertext mismatch\n");
+ hexdump(stderr,"Got",out,cn);
+ hexdump(stderr,"Expected",ciphertext,cn);
+ exit(9);
+ }
+
+ if(!EVP_DecryptInit(&ctx,c,key,iv))
+ {
+ fprintf(stderr,"DecryptInit failed\n");
+ exit(10);
+ }
+ EVP_CIPHER_CTX_set_padding(&ctx,0);
+
+ if(!EVP_DecryptUpdate(&ctx,out,&outl,ciphertext,pn))
+ {
+ fprintf(stderr,"Decrypt failed\n");
+ exit(6);
+ }
+ if(!EVP_DecryptFinal(&ctx,out+outl,&outl2))
+ {
+ fprintf(stderr,"DecryptFinal failed\n");
+ exit(7);
+ }
+
+ if(outl+outl2 != cn)
+ {
+ fprintf(stderr,"Plaintext length mismatch got %d expected %d\n",
+ outl+outl2,cn);
+ exit(8);
+ }
+
+ if(memcmp(out,plaintext,cn))
+ {
+ fprintf(stderr,"Plaintext mismatch\n");
+ hexdump(stderr,"Got",out,cn);
+ hexdump(stderr,"Expected",plaintext,cn);
+ exit(9);
+ }
+
+ printf("\n");
+ }
+
+int main(int argc,char **argv)
+ {
+ const char *szTestFile;
+ FILE *f;
+
+ if(argc != 2)
+ {
+ fprintf(stderr,"%s <test file>\n",argv[0]);
+ exit(1);
+ }
+
+ szTestFile=argv[1];
+
+ f=fopen(szTestFile,"r");
+ if(!f)
+ {
+ perror(szTestFile);
+ exit(2);
+ }
+
+ OpenSSL_add_all_ciphers();
+ ENGINE_load_builtin_engines();
+
+ for( ; ; )
+ {
+ char acLine[4096];
+ char *p;
+ char *cipher;
+ unsigned char *iv,*key,*plaintext,*ciphertext;
+ const EVP_CIPHER *c;
+ int kn,in,pn,cn;
+ ENGINE *e;
+
+ if(!fgets((char *)acLine,sizeof acLine,f))
+ break;
+ if(acLine[0] == '#')
+ continue;
+ p=acLine;
+ cipher=strsep(&p,":");
+ key=ustrsep(&p,":");
+ iv=ustrsep(&p,":");
+ plaintext=ustrsep(&p,":");
+ ciphertext=ustrsep(&p,"\n");
+
+ c=EVP_get_cipherbyname(cipher);
+ if(!c)
+ {
+ fprintf(stderr,"Can't find cipher %s!\n",cipher);
+ exit(3);
+ }
+
+ kn=convert(key);
+ in=convert(iv);
+ pn=convert(plaintext);
+ cn=convert(ciphertext);
+
+ test1(c,key,kn,iv,in,plaintext,pn,ciphertext,cn);
+
+ for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e))
+ {
+ c=ENGINE_get_cipher_by_name(e,cipher);
+ if(!c)
+ continue;
+ printf("Testing engine %s\n",ENGINE_get_name(e));
+
+ test1(c,key,kn,iv,in,plaintext,pn,ciphertext,cn);
+ }
+ }
+
+
+ return 0;
+ }
--- /dev/null
+#cipher:key:iv:input:output
+# AES 128 CBC tests (from NIST test vectors, encrypt)
+#AES-128-CBC:00000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:8A05FC5E095AF4848A08D328D3688E3D
+# AES 128 CBC tests (from NIST test vectors, decrypt)
+#AES-128-CBC:00000000000000000000000000000000:00000000000000000000000000000000:FACA37E0B0C85373DF706E73F7C9AF86:00000000000000000000000000000000
+# DES ECB tests (from destest)
+DES-ECB:0000000000000000::0000000000000000:8CA64DE9C1B123A7
+# DES EDE3 CBC tests (from destest)
+DES-EDE3-CBC:0123456789abcdeff1e0d3c2b5a49786fedcba9876543210:fedcba9876543210:37363534333231204E6F77206973207468652074696D6520666F722000000000:3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675
+# RC4 tests (from rc4test)
+RC4:0123456789abcdef0123456789abcdef::0123456789abcdef:75b7878099e0c596
+RC4:0123456789abcdef0123456789abcdef::0000000000000000:7494c2e7104b0879
+RC4:00000000000000000000000000000000::0000000000000000:de188941a3375d3a
+RC4:ef012345ef012345ef012345ef012345::0000000000000000000000000000000000000000:d6a141a7ec3c38dfbd615a1162e1c7ba36b67858
+RC4:0123456789abcdef0123456789abcdef::123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345678:66a0949f8af7d6891f7f832ba833c00c892ebe30143ce28740011ecf
+RC4:ef012345ef012345ef012345ef012345::00000000000000000000:d6a141a7ec3c38dfbd61
+/* Written by Ben Laurie, 2001 */
/*
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
SSLTEST= ssltest
RSATEST= rsa_test
ENGINETEST= enginetest
+EVPTEST= evp_test
TESTS= alltests
$(RC2TEST) $(RC4TEST) $(RC5TEST) \
$(DESTEST) $(SHATEST) $(SHA1TEST) $(MDC2TEST) $(RMDTEST) \
$(RANDTEST) $(DHTEST) $(ENGINETEST) \
- $(BFTEST) $(CASTTEST) $(SSLTEST) $(EXPTEST) $(DSATEST) $(RSATEST)
+ $(BFTEST) $(CASTTEST) $(SSLTEST) $(EXPTEST) $(DSATEST) $(RSATEST) \
+ $(EVPTEST)
# $(METHTEST)
$(RC2TEST).o $(RC4TEST).o $(RC5TEST).o \
$(DESTEST).o $(SHATEST).o $(SHA1TEST).o $(MDC2TEST).o $(RMDTEST).o \
$(RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \
- $(BFTEST).o $(SSLTEST).o $(DSATEST).o $(EXPTEST).o $(RSATEST).o
+ $(BFTEST).o $(SSLTEST).o $(DSATEST).o $(EXPTEST).o $(RSATEST).o \
+ $(EVPTEST).o
SRC= $(BNTEST).c $(ECTEST).c $(IDEATEST).c $(MD2TEST).c $(MD4TEST).c $(MD5TEST).c \
$(HMACTEST).c \
$(RC2TEST).c $(RC4TEST).c $(RC5TEST).c \
$(DESTEST).c $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
$(RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \
- $(BFTEST).c $(SSLTEST).c $(DSATEST).c $(EXPTEST).c $(RSATEST).c
+ $(BFTEST).c $(SSLTEST).c $(DSATEST).c $(EXPTEST).c $(RSATEST).c \
+ $(EVPTEST).c
EXHEADER=
HEADER= $(EXHEADER)
test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_rd \
test_rand test_bn test_ec test_enc test_x509 test_rsa test_crl test_sid \
test_gen test_req test_pkcs7 test_verify test_dh test_dsa \
- test_ss test_ca test_engine test_ssl
+ test_ss test_ca test_engine test_ssl test_evp
+
+test_evp:
+ ./$(EVPTEST) evptests.txt
test_des:
./$(DESTEST)
$(ENGINETEST): $(ENGINETEST).o $(DLIBCRYPTO)
$(CC) -o $(ENGINETEST) $(CFLAGS) $(ENGINETEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+$(EVPTEST): $(EVPTEST).o $(DLIBCRYPTO)
+ $(CC) -o $(EVPTEST) $(CFLAGS) $(EVPTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
#$(RDTEST).o: $(RDTEST).c
# $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(RDTEST).c
enginetest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
enginetest.o: ../include/openssl/symhacks.h ../include/openssl/types.h
enginetest.o: ../include/openssl/ui.h enginetest.c
+evp_test.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+evp_test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+evp_test.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+evp_test.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
+evp_test.o: ../include/openssl/evp.h ../include/openssl/obj_mac.h
+evp_test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+evp_test.o: ../include/openssl/opensslv.h ../include/openssl/rand.h
+evp_test.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+evp_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+evp_test.o: ../include/openssl/types.h ../include/openssl/ui.h evp_test.c
exptest.o: ../include/openssl/bio.h ../include/openssl/bn.h
exptest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
exptest.o: ../include/openssl/err.h ../include/openssl/lhash.h