]> git.ipfire.org Git - thirdparty/openssl.git/blame - test/evp_test.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Convert of evp_test to framework
[thirdparty/openssl.git] / test / evp_test.c
CommitLineData
0e360199 1/*
3f5616d7 2 * Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.
0e360199 3 *
440e5d80
RS		 4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
0e360199
BL		 8 */
9
10#include <stdio.h>
11#include <string.h>
307e3978
DSH		 12#include <stdlib.h>
13#include <ctype.h>
0e360199 14#include <openssl/evp.h>
5824cc29 15#include <openssl/pem.h>
0b13e9f0 16#include <openssl/err.h>
307e3978 17#include <openssl/x509v3.h>
351fe214 18#include <openssl/pkcs12.h>
44a284d2 19#include <openssl/kdf.h>
3b53e18a 20#include "internal/numbers.h"
6c5943c9 21#include "testutil.h"
0e360199 22
6c5943c9
RS		 23/*
24 * Remove spaces from beginning and end of a string
25 */
307e3978 26static void remove_space(char **pval)
0f113f3e 27{
533b178d 28 unsigned char *p = (unsigned char *)*pval, *beginning;
0f113f3e 29
307e3978
DSH		 30 while (isspace(*p))
31 p++;
32
533b178d 33 *pval = (char *)(beginning = p);
307e3978
DSH		 34
35 p = p + strlen(*pval) - 1;
36
37 /* Remove trailing space */
533b178d 38 while (p >= beginning && isspace(*p))
307e3978 39 *p-- = 0;
0f113f3e 40}
0e360199 41
307e3978
DSH		 42/*
43 * Given a line of the form:
44 * name = value # comment
6c5943c9 45 * extract name and value. NB: modifies |linebuf|.
307e3978 46 */
307e3978 47static int parse_line(char **pkw, char **pval, char *linebuf)
0f113f3e 48{
6c5943c9 49 char *p = linebuf + strlen(linebuf) - 1;
0f113f3e 50
307e3978 51 if (*p != '\n') {
6c5943c9
RS		 52 TEST_error("FATAL: missing EOL");
53 return 0;
0e360199
BL		 54 }
55
307e3978 56 /* Look for # */
307e3978 57 p = strchr(linebuf, '#');
6c5943c9 58 if (p != NULL)
307e3978 59 *p = '\0';
5b46eee0 60
307e3978 61 /* Look for = sign */
6c5943c9 62 if ((p = strchr(linebuf, '=')) == NULL)
307e3978 63 return 0;
307e3978 64 *p++ = '\0';
5b46eee0 65
307e3978
DSH		 66 *pkw = linebuf;
67 *pval = p;
307e3978
DSH		 68 remove_space(pkw);
69 remove_space(pval);
307e3978 70 return 1;
0f113f3e 71}
0e360199 72
3cdd1e94
EK		 73/*
74 * Unescape some escape sequences in string literals.
75 * Return the result in a newly allocated buffer.
76 * Currently only supports '\n'.
77 * If the input length is 0, returns a valid 1-byte buffer, but sets
78 * the length to 0.
79 */
80static unsigned char* unescape(const char *input, size_t input_len,
81 size_t *out_len)
82{
83 unsigned char *ret, *p;
84 size_t i;
6c5943c9 85
3cdd1e94
EK		 86 if (input_len == 0) {
87 *out_len = 0;
88 return OPENSSL_zalloc(1);
89 }
90
91 /* Escaping is non-expanding; over-allocate original size for simplicity. */
92 ret = p = OPENSSL_malloc(input_len);
93 if (ret == NULL)
94 return NULL;
95
96 for (i = 0; i < input_len; i++) {
97 if (input[i] == '\\') {
98 if (i == input_len - 1 || input[i+1] != 'n')
99 goto err;
100 *p++ = '\n';
101 i++;
102 } else {
103 *p++ = input[i];
104 }
105 }
106
107 *out_len = p - ret;
108 return ret;
109
110 err:
111 OPENSSL_free(ret);
112 return NULL;
113}
114
307e3978
DSH		 115/* For a hex string "value" convert to a binary allocated buffer */
116static int test_bin(const char *value, unsigned char **buf, size_t *buflen)
0f113f3e 117{
307e3978 118 long len;
bc9d9ce2
DSH		 119
120 *buflen = 0;
fa013b65
PB		 121
122 /* Check for empty value */
307e3978 123 if (!*value) {
3cdd1e94
EK		 124 /*
125 * Don't return NULL for zero length buffer.
126 * This is needed for some tests with empty keys: HMAC_Init_ex() expects
127 * a non-NULL key buffer even if the key length is 0, in order to detect
128 * key reset.
129 */
307e3978
DSH		 130 *buf = OPENSSL_malloc(1);
131 if (!*buf)
132 return 0;
133 **buf = 0;
134 *buflen = 0;
135 return 1;
136 }
fa013b65
PB		 137
138 /* Check for NULL literal */
139 if (strcmp(value, "NULL") == 0) {
140 *buf = NULL;
141 *buflen = 0;
142 return 1;
143 }
144
83251f39
DSH		 145 /* Check for string literal */
146 if (value[0] == '"') {
147 size_t vlen;
148 value++;
149 vlen = strlen(value);
150 if (value[vlen - 1] != '"')
151 return 0;
152 vlen--;
3cdd1e94
EK		 153 *buf = unescape(value, vlen, buflen);
154 if (*buf == NULL)
155 return 0;
83251f39
DSH		 156 return 1;
157 }
3cdd1e94 158
fa013b65 159 /* Otherwise assume as hex literal and convert it to binary buffer */
6c5943c9
RS		 160 if (!TEST_ptr(*buf = OPENSSL_hexstr2buf(value, &len))) {
161 TEST_info("Cannot convert %s", value);
162 ERR_print_errors(bio_err);
307e3978
DSH		 163 return -1;
164 }
165 /* Size of input buffer means we'll never overflow */
166 *buflen = len;
167 return 1;
0f113f3e 168}
83bd31da
MC		 169#ifndef OPENSSL_NO_SCRYPT
170/* Currently only used by scrypt tests */
3b53e18a
DSH		 171/* Parse unsigned decimal 64 bit integer value */
172static int test_uint64(const char *value, uint64_t *pr)
173{
174 const char *p = value;
6c5943c9
RS		 175
176 if (!TEST_true(*p)) {
177 TEST_info("Invalid empty integer value");
3b53e18a
DSH		 178 return -1;
179 }
180 *pr = 0;
181 while (*p) {
6c5943c9
RS		 182 if (*pr > UINT64_MAX / 10) {
183 TEST_error("Integer overflow in string %s", value);
3b53e18a
DSH		 184 return -1;
185 }
186 *pr *= 10;
6c5943c9
RS		 187 if (!TEST_true(isdigit(*p))) {
188 TEST_error("Invalid character in string %s", value);
3b53e18a
DSH		 189 return -1;
190 }
191 *pr += *p - '0';
192 p++;
193 }
194 return 1;
195}
83bd31da 196#endif
848f735a 197
6c5943c9
RS		 198typedef struct evp_test_method_st EVP_TEST_METHOD;
199
307e3978 200/* Structure holding test information */
6c5943c9 201typedef struct evp_test_st {
5824cc29 202 /* file being read */
02b91dcf 203 BIO *in;
71f60ef3
DSH		 204 /* temp memory BIO for reading in keys */
205 BIO *key;
307e3978 206 /* method for this test */
6c5943c9 207 const EVP_TEST_METHOD *meth;
307e3978
DSH		 208 /* current line being processed */
209 unsigned int line;
210 /* start line of current test */
211 unsigned int start_line;
212 /* Error string for test */
9a2d2fb3 213 const char *err, *aux_err;
307e3978
DSH		 214 /* Expected error value of test */
215 char *expected_err;
99f2f1dc
DSH		 216 /* Expected error function string */
217 char *func;
218 /* Expected error reason string */
219 char *reason;
307e3978
DSH		 220 /* Number of tests */
221 int ntests;
222 /* Error count */
223 int errors;
7a6c9792
DSH		 224 /* Number of tests skipped */
225 int nskip;
b033e5d5 226 /* If output mismatch expected and got value */
3cdd1e94
EK		 227 unsigned char *out_received;
228 size_t out_received_len;
b033e5d5 229 unsigned char *out_expected;
3cdd1e94 230 size_t out_expected_len;
307e3978
DSH		 231 /* test specific data */
232 void *data;
7a6c9792
DSH		 233 /* Current test should be skipped */
234 int skip;
6c5943c9 235} EVP_TEST;
5824cc29 236
6c5943c9
RS		 237/*
238 * Linked list of named keys.
239 */
240typedef struct key_list_st {
5824cc29
DSH		 241 char *name;
242 EVP_PKEY *key;
6c5943c9
RS		 243 struct key_list_st *next;
244} KEY_LIST;
245
246/* List of public and private keys */
247static KEY_LIST *private_keys;
248static KEY_LIST *public_keys;
5824cc29 249
6c5943c9
RS		 250/*
251 * Test method structure
252 */
253struct evp_test_method_st {
307e3978
DSH		 254 /* Name of test as it appears in file */
255 const char *name;
256 /* Initialise test for "alg" */
6c5943c9 257 int (*init) (EVP_TEST * t, const char *alg);
307e3978 258 /* Clean up method */
6c5943c9 259 void (*cleanup) (EVP_TEST * t);
307e3978 260 /* Test specific name value pair processing */
6c5943c9 261 int (*parse) (EVP_TEST * t, const char *name, const char *value);
307e3978 262 /* Run the test itself */
6c5943c9 263 int (*run_test) (EVP_TEST * t);
307e3978
DSH		 264};
265
6c5943c9
RS		 266static const EVP_TEST_METHOD digest_test_method, cipher_test_method;
267static const EVP_TEST_METHOD mac_test_method;
268static const EVP_TEST_METHOD psign_test_method, pverify_test_method;
269static const EVP_TEST_METHOD pdecrypt_test_method;
270static const EVP_TEST_METHOD pverify_recover_test_method;
271static const EVP_TEST_METHOD pderive_test_method;
272static const EVP_TEST_METHOD pbe_test_method;
273static const EVP_TEST_METHOD encode_test_method;
274static const EVP_TEST_METHOD kdf_test_method;
275static const EVP_TEST_METHOD keypair_test_method;
276
277static const EVP_TEST_METHOD *evp_test_list[] = {
307e3978
DSH		 278 &digest_test_method,
279 &cipher_test_method,
83251f39 280 &mac_test_method,
5824cc29
DSH		 281 &psign_test_method,
282 &pverify_test_method,
283 &pdecrypt_test_method,
284 &pverify_recover_test_method,
d4ad48d7 285 &pderive_test_method,
3b53e18a 286 &pbe_test_method,
3cdd1e94 287 &encode_test_method,
44a284d2 288 &kdf_test_method,
d91b7423 289 &keypair_test_method,
83251f39 290 NULL
307e3978
DSH		 291};
292
6c5943c9 293static const EVP_TEST_METHOD *evp_find_test(const char *name)
0f113f3e 294{
6c5943c9 295 const EVP_TEST_METHOD **tt;
86885c28 296
307e3978 297 for (tt = evp_test_list; *tt; tt++) {
86885c28 298 if (strcmp(name, (*tt)->name) == 0)
307e3978
DSH		 299 return *tt;
300 }
301 return NULL;
0f113f3e
MC		 302}
303
b033e5d5
DSH		 304static void hex_print(const char *name, const unsigned char *buf, size_t len)
305{
306 size_t i;
6c5943c9 307
b033e5d5
DSH		 308 fprintf(stderr, "%s ", name);
309 for (i = 0; i < len; i++)
310 fprintf(stderr, "%02X", buf[i]);
311 fputs("\n", stderr);
312}
313
6c5943c9 314static void clear_test(EVP_TEST *t)
5724bd49 315{
b548a1f1
RS		 316 OPENSSL_free(t->expected_err);
317 t->expected_err = NULL;
99f2f1dc
DSH		 318 OPENSSL_free(t->func);
319 t->func = NULL;
320 OPENSSL_free(t->reason);
321 t->reason = NULL;
25aaa98a 322 OPENSSL_free(t->out_expected);
25aaa98a 323 t->out_expected = NULL;
3cdd1e94 324 t->out_expected_len = 0;
6c5943c9
RS		 325 OPENSSL_free(t->out_received);
326 t->out_received = NULL;
3cdd1e94
EK		 327 t->out_received_len = 0;
328 /* Literals. */
329 t->err = NULL;
5724bd49
DSH		 330}
331
6c5943c9 332static void print_expected(EVP_TEST *t)
b033e5d5 333{
3cdd1e94 334 if (t->out_expected == NULL && t->out_received == NULL)
b033e5d5 335 return;
3cdd1e94
EK		 336 hex_print("Expected:", t->out_expected, t->out_expected_len);
337 hex_print("Got: ", t->out_received, t->out_received_len);
6c5943c9 338 clear_test(t);
b033e5d5
DSH		 339}
340
6c5943c9
RS		 341/*
342 * Check for errors in the test structure; return 1 if okay, else 0.
343 */
344static int check_test_error(EVP_TEST *t)
0f113f3e 345{
99f2f1dc
DSH		 346 unsigned long err;
347 const char *func;
348 const char *reason;
6c5943c9
RS		 349
350 if (t->err == NULL && t->expected_err == NULL)
307e3978 351 return 1;
6c5943c9 352 if (t->err != NULL && t->expected_err == NULL) {
9a2d2fb3 353 if (t->aux_err != NULL) {
6c5943c9
RS		 354 TEST_info("Test line %d(%s): unexpected error %s",
355 t->start_line, t->aux_err, t->err);
9a2d2fb3 356 } else {
6c5943c9
RS		 357 TEST_info("Test line %d: unexpected error %s",
358 t->start_line, t->err);
9a2d2fb3 359 }
b033e5d5 360 print_expected(t);
307e3978 361 return 0;
0f113f3e 362 }
6c5943c9
RS		 363 if (t->err == NULL && t->expected_err != NULL) {
364 TEST_info("Test line %d: succeeded expecting %s",
365 t->start_line, t->expected_err);
307e3978
DSH		 366 return 0;
367 }
99f2f1dc
DSH		 368
369 if (strcmp(t->err, t->expected_err) != 0) {
6c5943c9
RS		 370 TEST_info("Test line %d: expecting %s got %s",
371 t->start_line, t->expected_err, t->err);
99f2f1dc
DSH		 372 return 0;
373 }
374
375 if (t->func == NULL && t->reason == NULL)
376 return 1;
377
378 if (t->func == NULL || t->reason == NULL) {
6c5943c9
RS		 379 TEST_info("Test line %d: missing function or reason code",
380 t->start_line);
99f2f1dc
DSH		 381 return 0;
382 }
383
384 err = ERR_peek_error();
385 if (err == 0) {
6c5943c9
RS		 386 TEST_info("Test line %d, expected error \"%s:%s\" not set",
387 t->start_line, t->func, t->reason);
99f2f1dc
DSH		 388 return 0;
389 }
390
391 func = ERR_func_error_string(err);
392 reason = ERR_reason_error_string(err);
cd3fe0e0 393 if (func == NULL && reason == NULL) {
6c5943c9
RS		 394 TEST_info("Test line %d: expected error \"%s:%s\","
395 " no strings available. Skipping...\n",
396 t->start_line, t->func, t->reason);
cd3fe0e0
RL		 397 return 1;
398 }
399
99f2f1dc 400 if (strcmp(func, t->func) == 0 && strcmp(reason, t->reason) == 0)
307e3978 401 return 1;
544a2aea 402
6c5943c9
RS		 403 TEST_info("Test line %d: expected error \"%s:%s\", got \"%s:%s\"",
404 t->start_line, t->func, t->reason, func, reason);
99f2f1dc 405
307e3978
DSH		 406 return 0;
407}
0f113f3e 408
6c5943c9
RS		 409/*
410 * Setup a new test, run any existing test. Log a message and return 0
411 * on error.
412 */
413static int run_and_get_next(EVP_TEST *t, const EVP_TEST_METHOD *tmeth)
307e3978
DSH		 414{
415 /* If we already have a test set up run it */
416 if (t->meth) {
417 t->ntests++;
7a6c9792 418 if (t->skip) {
6c5943c9 419 TEST_info("Line %d skipped %s test", t->start_line, t->meth->name);
7a6c9792 420 t->nskip++;
024d681e
TS		 421 } else {
422 /* run the test */
cce65266 423 if (t->err == NULL && t->meth->run_test(t) != 1) {
6c5943c9 424 TEST_info("Line %d error %s", t->start_line, t->meth->name);
024d681e
TS		 425 return 0;
426 }
427 if (!check_test_error(t)) {
428 if (t->err)
429 ERR_print_errors_fp(stderr);
430 t->errors++;
431 }
0f113f3e 432 }
024d681e 433 /* clean it up */
307e3978 434 ERR_clear_error();
024d681e
TS		 435 if (t->data != NULL) {
436 t->meth->cleanup(t);
437 OPENSSL_free(t->data);
438 t->data = NULL;
439 }
6c5943c9 440 clear_test(t);
307e3978
DSH		 441 }
442 t->meth = tmeth;
443 return 1;
444}
0f113f3e 445
6c5943c9 446static int find_key(EVP_PKEY **ppk, const char *name, KEY_LIST *lst)
5824cc29
DSH		 447{
448 for (; lst; lst = lst->next) {
86885c28 449 if (strcmp(lst->name, name) == 0) {
7a6c9792
DSH		 450 if (ppk)
451 *ppk = lst->key;
452 return 1;
453 }
5824cc29 454 }
7a6c9792 455 return 0;
5824cc29
DSH		 456}
457
6c5943c9 458static void free_key_list(KEY_LIST *lst)
5824cc29 459{
d5ec8efc 460 while (lst != NULL) {
6c5943c9
RS		 461 KEY_LIST *ltmp;
462
5824cc29
DSH		 463 EVP_PKEY_free(lst->key);
464 OPENSSL_free(lst->name);
366448ec
DSH		 465 ltmp = lst->next;
466 OPENSSL_free(lst);
467 lst = ltmp;
5824cc29
DSH		 468 }
469}
470
7a6c9792
DSH		 471static int check_unsupported()
472{
473 long err = ERR_peek_error();
6c5943c9 474
7a6c9792 475 if (ERR_GET_LIB(err) == ERR_LIB_EVP
6c5943c9 476 && ERR_GET_REASON(err) == EVP_R_UNSUPPORTED_ALGORITHM) {
7a6c9792
DSH		 477 ERR_clear_error();
478 return 1;
479 }
0c44545c
RS		 480#ifndef OPENSSL_NO_EC
481 /*
482 * If EC support is enabled we should catch also EC_R_UNKNOWN_GROUP as an
483 * hint to an unsupported algorithm/curve (e.g. if binary EC support is
484 * disabled).
485 */
486 if (ERR_GET_LIB(err) == ERR_LIB_EC
487 && ERR_GET_REASON(err) == EC_R_UNKNOWN_GROUP) {
488 ERR_clear_error();
489 return 1;
490 }
491#endif /* OPENSSL_NO_EC */
7a6c9792
DSH		 492 return 0;
493}
494
71f60ef3 495
6c5943c9 496static int read_key(EVP_TEST *t)
71f60ef3
DSH		 497{
498 char tmpbuf[80];
6c5943c9 499
71f60ef3 500 if (t->key == NULL) {
6c5943c9
RS		 501 if (!TEST_ptr(t->key = BIO_new(BIO_s_mem())))
502 return 0;
503 } else if (!TEST_int_gt(BIO_reset(t->key), 0)) {
71f60ef3
DSH		 504 return 0;
505 }
6c5943c9 506
71f60ef3
DSH		 507 /* Read to PEM end line and place content in memory BIO */
508 while (BIO_gets(t->in, tmpbuf, sizeof(tmpbuf))) {
509 t->line++;
6c5943c9 510 if (!TEST_int_gt(BIO_puts(t->key, tmpbuf), 0))
71f60ef3 511 return 0;
71f60ef3
DSH		 512 if (strncmp(tmpbuf, "-----END", 8) == 0)
513 return 1;
514 }
6c5943c9 515 TEST_error("Can't find key end");
71f60ef3
DSH		 516 return 0;
517}
518
6c5943c9
RS		 519/*
520 * Parse a line into the current test |t|. Return 0 on error.
521 */
522static int parse_test_line(EVP_TEST *t, char *buf)
307e3978 523{
4c9b0a03 524 char *keyword = NULL, *value = NULL;
6c5943c9
RS		 525 int add_key = 0;
526 KEY_LIST **lst = NULL, *key = NULL;
5824cc29 527 EVP_PKEY *pk = NULL;
6c5943c9
RS		 528 const EVP_TEST_METHOD *tmeth = NULL;
529
307e3978
DSH		 530 if (!parse_line(&keyword, &value, buf))
531 return 1;
86885c28 532 if (strcmp(keyword, "PrivateKey") == 0) {
71f60ef3
DSH		 533 if (!read_key(t))
534 return 0;
535 pk = PEM_read_bio_PrivateKey(t->key, NULL, 0, NULL);
7a6c9792 536 if (pk == NULL && !check_unsupported()) {
6c5943c9 537 TEST_info("Error reading private key %s", value);
5824cc29
DSH		 538 ERR_print_errors_fp(stderr);
539 return 0;
540 }
6c5943c9 541 lst = &private_keys;
7a6c9792 542 add_key = 1;
5824cc29 543 }
86885c28 544 if (strcmp(keyword, "PublicKey") == 0) {
71f60ef3
DSH		 545 if (!read_key(t))
546 return 0;
547 pk = PEM_read_bio_PUBKEY(t->key, NULL, 0, NULL);
7a6c9792 548 if (pk == NULL && !check_unsupported()) {
6c5943c9 549 TEST_info("Error reading public key %s", value);
5824cc29
DSH		 550 ERR_print_errors_fp(stderr);
551 return 0;
552 }
6c5943c9 553 lst = &public_keys;
7a6c9792 554 add_key = 1;
5824cc29
DSH		 555 }
556 /* If we have a key add to list */
7a6c9792 557 if (add_key) {
7a6c9792 558 if (find_key(NULL, value, *lst)) {
6c5943c9 559 TEST_info("Duplicate key %s", value);
5824cc29
DSH		 560 return 0;
561 }
6c5943c9
RS		 562 if (!TEST_ptr(key = OPENSSL_malloc(sizeof(*key)))
563 || !TEST_ptr(key->name = OPENSSL_strdup(value)))
5824cc29 564 return 0;
5824cc29
DSH		 565 key->key = pk;
566 key->next = *lst;
567 *lst = key;
71f60ef3 568 return 1;
5824cc29
DSH		 569 }
570
307e3978 571 /* See if keyword corresponds to a test start */
6c5943c9
RS		 572 if ((tmeth = evp_find_test(keyword)) != NULL) {
573 if (!run_and_get_next(t, tmeth))
307e3978
DSH		 574 return 0;
575 t->start_line = t->line;
7a6c9792 576 t->skip = 0;
307e3978 577 if (!tmeth->init(t, value)) {
6c5943c9 578 TEST_info("Unknown %s: %s", keyword, value);
307e3978 579 return 0;
0f113f3e 580 }
307e3978 581 return 1;
6c5943c9
RS		 582 }
583 if (t->skip)
7a6c9792 584 return 1;
6c5943c9 585 if (strcmp(keyword, "Result") == 0) {
307e3978 586 if (t->expected_err) {
6c5943c9 587 TEST_info("Line %d: multiple result lines", t->line);
307e3978 588 return 0;
0f113f3e 589 }
6c5943c9 590 if (!TEST_ptr(t->expected_err = OPENSSL_strdup(value)))
99f2f1dc
DSH		 591 return 0;
592 } else if (strcmp(keyword, "Function") == 0) {
593 if (t->func != NULL) {
6c5943c9 594 TEST_info("Line %d: multiple function lines\n", t->line);
99f2f1dc
DSH		 595 return 0;
596 }
6c5943c9 597 if (!TEST_ptr(t->func = OPENSSL_strdup(value)))
99f2f1dc
DSH		 598 return 0;
599 } else if (strcmp(keyword, "Reason") == 0) {
600 if (t->reason != NULL) {
6c5943c9 601 TEST_info("Line %d: multiple reason lines", t->line);
99f2f1dc
DSH		 602 return 0;
603 }
6c5943c9 604 if (!TEST_ptr(t->reason = OPENSSL_strdup(value)))
307e3978
DSH		 605 return 0;
606 } else {
607 /* Must be test specific line: try to parse it */
6c5943c9 608 int rv = t->meth == NULL ? 0 : t->meth->parse(t, keyword, value);
307e3978 609
6c5943c9
RS		 610 if (rv == 0) {
611 TEST_info("Line %d: unknown keyword %s", t->line, keyword);
307e3978 612 return 0;
6c5943c9
RS		 613 }
614 if (rv < 0) {
615 TEST_info("Line %d: error processing keyword %s\n",
616 t->line, keyword);
617 return 0;
618 }
0f113f3e 619 }
307e3978
DSH		 620 return 1;
621}
0f113f3e 622
307e3978 623/* Message digest tests */
4897dc40 624
6c5943c9 625typedef struct digest_data_st {
307e3978
DSH		 626 /* Digest this test is for */
627 const EVP_MD *digest;
628 /* Input to digest */
629 unsigned char *input;
630 size_t input_len;
618be04e
DSH		 631 /* Repeat count for input */
632 size_t nrpt;
307e3978
DSH		 633 /* Expected output */
634 unsigned char *output;
635 size_t output_len;
6c5943c9 636} DIGEST_DATA;
4897dc40 637
6c5943c9 638static int digest_test_init(EVP_TEST *t, const char *alg)
307e3978
DSH		 639{
640 const EVP_MD *digest;
6c5943c9
RS		 641 DIGEST_DATA *mdat;
642
307e3978 643 digest = EVP_get_digestbyname(alg);
578ce42d
DSH		 644 if (!digest) {
645 /* If alg has an OID assume disabled algorithm */
646 if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) {
647 t->skip = 1;
648 return 1;
649 }
307e3978 650 return 0;
578ce42d 651 }
6c5943c9 652 mdat = OPENSSL_zalloc(sizeof(*mdat));
307e3978 653 mdat->digest = digest;
618be04e 654 mdat->nrpt = 1;
307e3978 655 t->data = mdat;
4897dc40 656 return 1;
0f113f3e 657}
4897dc40 658
6c5943c9 659static void digest_test_cleanup(EVP_TEST *t)
307e3978 660{
6c5943c9
RS		 661 DIGEST_DATA *mdat = t->data;
662
663 OPENSSL_free(mdat->input);
664 OPENSSL_free(mdat->output);
307e3978
DSH		 665}
666
6c5943c9 667static int digest_test_parse(EVP_TEST *t,
307e3978
DSH		 668 const char *keyword, const char *value)
669{
6c5943c9
RS		 670 DIGEST_DATA *mdata = t->data;
671
86885c28 672 if (strcmp(keyword, "Input") == 0)
307e3978 673 return test_bin(value, &mdata->input, &mdata->input_len);
86885c28 674 if (strcmp(keyword, "Output") == 0)
307e3978 675 return test_bin(value, &mdata->output, &mdata->output_len);
86885c28 676 if (strcmp(keyword, "Count") == 0) {
618be04e
DSH		 677 long nrpt = atoi(value);
678 if (nrpt <= 0)
679 return 0;
680 mdata->nrpt = (size_t)nrpt;
681 return 1;
682 }
307e3978
DSH		 683 return 0;
684}
685
6c5943c9 686static int digest_test_run(EVP_TEST *t)
0f113f3e 687{
6c5943c9 688 DIGEST_DATA *mdata = t->data;
618be04e 689 size_t i;
307e3978 690 EVP_MD_CTX *mctx;
4897dc40 691 unsigned char md[EVP_MAX_MD_SIZE];
307e3978 692 unsigned int md_len;
6c5943c9
RS		 693
694 t->err = "TEST_FAILURE";
695 if (!TEST_ptr(mctx = EVP_MD_CTX_new()))
307e3978 696 goto err;
6c5943c9
RS		 697
698 if (!EVP_DigestInit_ex(mctx, mdata->digest, NULL)) {
699 t->err = "DIGESTINIT_ERROR";
307e3978 700 goto err;
618be04e 701 }
6c5943c9
RS		 702 for (i = 0; i < mdata->nrpt; i++)
703 if (!EVP_DigestUpdate(mctx, mdata->input, mdata->input_len)) {
704 t->err = "DIGESTUPDATE_ERROR";
705 goto err;
706 }
707 if (!EVP_DigestFinal(mctx, md, &md_len)) {
708 t->err = "DIGESTFINAL_ERROR";
307e3978 709 goto err;
6c5943c9
RS		 710 }
711 if (md_len != mdata->output_len) {
712 t->err = "DIGEST_LENGTH_MISMATCH";
307e3978 713 goto err;
6c5943c9
RS		 714 }
715 if (!TEST_mem_eq(mdata->output, mdata->output_len, md, md_len)) {
716 t->err = "DIGEST_MISMATCH";
307e3978 717 goto err;
6c5943c9
RS		 718 }
719 t->err = NULL;
720
307e3978 721 err:
bfb0641f 722 EVP_MD_CTX_free(mctx);
b033e5d5 723 return 1;
307e3978 724}
4897dc40 725
6c5943c9 726static const EVP_TEST_METHOD digest_test_method = {
307e3978
DSH		 727 "Digest",
728 digest_test_init,
729 digest_test_cleanup,
730 digest_test_parse,
731 digest_test_run
732};
733
734/* Cipher tests */
6c5943c9 735typedef struct cipher_data_st {
307e3978
DSH		 736 const EVP_CIPHER *cipher;
737 int enc;
2207ba7b 738 /* EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE or EVP_CIPH_OCB_MODE if AEAD */
307e3978
DSH		 739 int aead;
740 unsigned char *key;
741 size_t key_len;
742 unsigned char *iv;
743 size_t iv_len;
744 unsigned char *plaintext;
745 size_t plaintext_len;
746 unsigned char *ciphertext;
747 size_t ciphertext_len;
748 /* GCM, CCM only */
749 unsigned char *aad;
750 size_t aad_len;
751 unsigned char *tag;
752 size_t tag_len;
6c5943c9 753} CIPHER_DATA;
307e3978 754
6c5943c9 755static int cipher_test_init(EVP_TEST *t, const char *alg)
307e3978
DSH		 756{
757 const EVP_CIPHER *cipher;
6c5943c9
RS		 758 CIPHER_DATA *cdat = t->data;
759
307e3978 760 cipher = EVP_get_cipherbyname(alg);
33a89fa6
DSH		 761 if (!cipher) {
762 /* If alg has an OID assume disabled algorithm */
763 if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) {
764 t->skip = 1;
765 return 1;
766 }
0f113f3e 767 return 0;
33a89fa6 768 }
b4faea50 769 cdat = OPENSSL_malloc(sizeof(*cdat));
307e3978
DSH		 770 cdat->cipher = cipher;
771 cdat->enc = -1;
772 cdat->key = NULL;
773 cdat->iv = NULL;
774 cdat->ciphertext = NULL;
775 cdat->plaintext = NULL;
776 cdat->aad = NULL;
777 cdat->tag = NULL;
778 t->data = cdat;
779 if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE
2207ba7b 780 || EVP_CIPHER_mode(cipher) == EVP_CIPH_OCB_MODE
307e3978
DSH		 781 || EVP_CIPHER_mode(cipher) == EVP_CIPH_CCM_MODE)
782 cdat->aead = EVP_CIPHER_mode(cipher);
eb85cb86
AP		 783 else if (EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER)
784 cdat->aead = -1;
307e3978
DSH		 785 else
786 cdat->aead = 0;
4897dc40 787
307e3978
DSH		 788 return 1;
789}
4897dc40 790
6c5943c9 791static void cipher_test_cleanup(EVP_TEST *t)
307e3978 792{
6c5943c9
RS		 793 CIPHER_DATA *cdat = t->data;
794
795 OPENSSL_free(cdat->key);
796 OPENSSL_free(cdat->iv);
797 OPENSSL_free(cdat->ciphertext);
798 OPENSSL_free(cdat->plaintext);
799 OPENSSL_free(cdat->aad);
800 OPENSSL_free(cdat->tag);
307e3978 801}
4897dc40 802
6c5943c9 803static int cipher_test_parse(EVP_TEST *t, const char *keyword,
307e3978
DSH		 804 const char *value)
805{
6c5943c9
RS		 806 CIPHER_DATA *cdat = t->data;
807
86885c28 808 if (strcmp(keyword, "Key") == 0)
307e3978 809 return test_bin(value, &cdat->key, &cdat->key_len);
86885c28 810 if (strcmp(keyword, "IV") == 0)
307e3978 811 return test_bin(value, &cdat->iv, &cdat->iv_len);
86885c28 812 if (strcmp(keyword, "Plaintext") == 0)
307e3978 813 return test_bin(value, &cdat->plaintext, &cdat->plaintext_len);
86885c28 814 if (strcmp(keyword, "Ciphertext") == 0)
307e3978
DSH		 815 return test_bin(value, &cdat->ciphertext, &cdat->ciphertext_len);
816 if (cdat->aead) {
86885c28 817 if (strcmp(keyword, "AAD") == 0)
307e3978 818 return test_bin(value, &cdat->aad, &cdat->aad_len);
86885c28 819 if (strcmp(keyword, "Tag") == 0)
307e3978 820 return test_bin(value, &cdat->tag, &cdat->tag_len);
0f113f3e 821 }
4897dc40 822
86885c28
RS		 823 if (strcmp(keyword, "Operation") == 0) {
824 if (strcmp(value, "ENCRYPT") == 0)
307e3978 825 cdat->enc = 1;
86885c28 826 else if (strcmp(value, "DECRYPT") == 0)
307e3978
DSH		 827 cdat->enc = 0;
828 else
829 return 0;
830 return 1;
0f113f3e 831 }
307e3978 832 return 0;
0f113f3e 833}
4897dc40 834
6c5943c9 835static int cipher_test_enc(EVP_TEST *t, int enc,
0b96d77a 836 size_t out_misalign, size_t inp_misalign, int frag)
0f113f3e 837{
6c5943c9 838 CIPHER_DATA *cdat = t->data;
307e3978 839 unsigned char *in, *out, *tmp = NULL;
0b96d77a 840 size_t in_len, out_len, donelen = 0;
6c5943c9 841 int ok = 0, tmplen, chunklen, tmpflen;
307e3978 842 EVP_CIPHER_CTX *ctx = NULL;
6c5943c9
RS		 843
844 t->err = "TEST_FAILURE";
845 if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new()))
307e3978
DSH		 846 goto err;
847 EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
848 if (enc) {
849 in = cdat->plaintext;
850 in_len = cdat->plaintext_len;
851 out = cdat->ciphertext;
852 out_len = cdat->ciphertext_len;
853 } else {
854 in = cdat->ciphertext;
855 in_len = cdat->ciphertext_len;
856 out = cdat->plaintext;
857 out_len = cdat->plaintext_len;
0f113f3e 858 }
ff715da4
AP		 859 if (inp_misalign == (size_t)-1) {
860 /*
861 * Exercise in-place encryption
862 */
863 tmp = OPENSSL_malloc(out_misalign + in_len + 2 * EVP_MAX_BLOCK_LENGTH);
864 if (!tmp)
865 goto err;
866 in = memcpy(tmp + out_misalign, in, in_len);
867 } else {
868 inp_misalign += 16 - ((out_misalign + in_len) & 15);
869 /*
870 * 'tmp' will store both output and copy of input. We make the copy
871 * of input to specifically aligned part of 'tmp'. So we just
872 * figured out how much padding would ensure the required alignment,
873 * now we allocate extended buffer and finally copy the input just
874 * past inp_misalign in expression below. Output will be written
875 * past out_misalign...
876 */
877 tmp = OPENSSL_malloc(out_misalign + in_len + 2 * EVP_MAX_BLOCK_LENGTH +
878 inp_misalign + in_len);
879 if (!tmp)
880 goto err;
881 in = memcpy(tmp + out_misalign + in_len + 2 * EVP_MAX_BLOCK_LENGTH +
882 inp_misalign, in, in_len);
883 }
6c5943c9
RS		 884 if (!EVP_CipherInit_ex(ctx, cdat->cipher, NULL, NULL, NULL, enc)) {
885 t->err = "CIPHERINIT_ERROR";
307e3978 886 goto err;
6c5943c9 887 }
307e3978 888 if (cdat->iv) {
2207ba7b
DSH		 889 if (cdat->aead) {
890 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
6c5943c9
RS		 891 cdat->iv_len, 0)) {
892 t->err = "INVALID_IV_LENGTH";
307e3978 893 goto err;
6c5943c9
RS		 894 }
895 } else if (cdat->iv_len != (size_t)EVP_CIPHER_CTX_iv_length(ctx)) {
896 t->err = "INVALID_IV_LENGTH";
307e3978 897 goto err;
6c5943c9 898 }
0f113f3e 899 }
307e3978
DSH		 900 if (cdat->aead) {
901 unsigned char *tag;
902 /*
2207ba7b
DSH		 903 * If encrypting or OCB just set tag length initially, otherwise
904 * set tag length and value.
307e3978 905 */
2207ba7b 906 if (enc || cdat->aead == EVP_CIPH_OCB_MODE) {
6c5943c9 907 t->err = "TAG_LENGTH_SET_ERROR";
307e3978 908 tag = NULL;
0f113f3e 909 } else {
6c5943c9 910 t->err = "TAG_SET_ERROR";
307e3978 911 tag = cdat->tag;
0f113f3e 912 }
2207ba7b
DSH		 913 if (tag || cdat->aead != EVP_CIPH_GCM_MODE) {
914 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
366448ec 915 cdat->tag_len, tag))
307e3978 916 goto err;
0f113f3e 917 }
307e3978 918 }
0f113f3e 919
6c5943c9
RS		 920 if (!EVP_CIPHER_CTX_set_key_length(ctx, cdat->key_len)) {
921 t->err = "INVALID_KEY_LENGTH";
307e3978 922 goto err;
6c5943c9
RS		 923 }
924 if (!EVP_CipherInit_ex(ctx, NULL, NULL, cdat->key, cdat->iv, -1)) {
925 t->err = "KEY_SET_ERROR";
307e3978 926 goto err;
6c5943c9 927 }
307e3978 928
2207ba7b
DSH		 929 if (!enc && cdat->aead == EVP_CIPH_OCB_MODE) {
930 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
931 cdat->tag_len, cdat->tag)) {
6c5943c9 932 t->err = "TAG_SET_ERROR";
366448ec 933 goto err;
2207ba7b
DSH		 934 }
935 }
936
307e3978
DSH		 937 if (cdat->aead == EVP_CIPH_CCM_MODE) {
938 if (!EVP_CipherUpdate(ctx, NULL, &tmplen, NULL, out_len)) {
6c5943c9 939 t->err = "CCM_PLAINTEXT_LENGTH_SET_ERROR";
307e3978 940 goto err;
0f113f3e
MC		 941 }
942 }
307e3978 943 if (cdat->aad) {
6c5943c9 944 t->err = "AAD_SET_ERROR";
0b96d77a
MC		 945 if (!frag) {
946 if (!EVP_CipherUpdate(ctx, NULL, &chunklen, cdat->aad,
947 cdat->aad_len))
948 goto err;
949 } else {
950 /*
951 * Supply the AAD in chunks less than the block size where possible
952 */
953 if (cdat->aad_len > 0) {
954 if (!EVP_CipherUpdate(ctx, NULL, &chunklen, cdat->aad, 1))
955 goto err;
956 donelen++;
957 }
958 if (cdat->aad_len > 2) {
959 if (!EVP_CipherUpdate(ctx, NULL, &chunklen, cdat->aad + donelen,
960 cdat->aad_len - 2))
961 goto err;
962 donelen += cdat->aad_len - 2;
963 }
964 if (cdat->aad_len > 1
965 && !EVP_CipherUpdate(ctx, NULL, &chunklen,
966 cdat->aad + donelen, 1))
967 goto err;
307e3978
DSH		 968 }
969 }
970 EVP_CIPHER_CTX_set_padding(ctx, 0);
6c5943c9 971 t->err = "CIPHERUPDATE_ERROR";
0b96d77a 972 tmplen = 0;
0b96d77a
MC		 973 if (!frag) {
974 /* We supply the data all in one go */
975 if (!EVP_CipherUpdate(ctx, tmp + out_misalign, &tmplen, in, in_len))
976 goto err;
977 } else {
978 /* Supply the data in chunks less than the block size where possible */
979 if (in_len > 0) {
980 if (!EVP_CipherUpdate(ctx, tmp + out_misalign, &chunklen, in, 1))
981 goto err;
982 tmplen += chunklen;
ef055ec5
MC		 983 in++;
984 in_len--;
0b96d77a 985 }
ef055ec5 986 if (in_len > 1) {
0b96d77a 987 if (!EVP_CipherUpdate(ctx, tmp + out_misalign + tmplen, &chunklen,
ef055ec5 988 in, in_len - 1))
0b96d77a
MC		 989 goto err;
990 tmplen += chunklen;
ef055ec5
MC		 991 in += in_len - 1;
992 in_len = 1;
0b96d77a 993 }
ef055ec5 994 if (in_len > 0 ) {
0b96d77a 995 if (!EVP_CipherUpdate(ctx, tmp + out_misalign + tmplen, &chunklen,
ef055ec5 996 in, 1))
0b96d77a
MC		 997 goto err;
998 tmplen += chunklen;
999 }
1000 }
6c5943c9
RS		 1001 if (!EVP_CipherFinal_ex(ctx, tmp + out_misalign + tmplen, &tmpflen)) {
1002 t->err = "CIPHERFINAL_ERROR";
00212c66 1003 goto err;
6c5943c9
RS		 1004 }
1005 if (!TEST_mem_eq(out, out_len, tmp + out_misalign, tmplen + tmpflen)) {
1006 t->err = "VALUE_MISMATCH";
307e3978 1007 goto err;
6c5943c9 1008 }
307e3978
DSH		 1009 if (enc && cdat->aead) {
1010 unsigned char rtag[16];
6c5943c9 1011
307e3978 1012 if (cdat->tag_len > sizeof(rtag)) {
6c5943c9 1013 t->err = "TAG_LENGTH_INTERNAL_ERROR";
307e3978
DSH		 1014 goto err;
1015 }
2207ba7b 1016 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
307e3978 1017 cdat->tag_len, rtag)) {
6c5943c9 1018 t->err = "TAG_RETRIEVE_ERROR";
307e3978
DSH		 1019 goto err;
1020 }
6c5943c9
RS		 1021 if (!TEST_mem_eq(cdat->tag, cdat->tag_len, rtag, cdat->tag_len)) {
1022 t->err = "TAG_VALUE_MISMATCH";
307e3978
DSH		 1023 goto err;
1024 }
1025 }
6c5943c9
RS		 1026 t->err = NULL;
1027 ok = 1;
307e3978 1028 err:
b548a1f1 1029 OPENSSL_free(tmp);
307e3978 1030 EVP_CIPHER_CTX_free(ctx);
6c5943c9 1031 return ok;
307e3978 1032}
0e360199 1033
6c5943c9 1034static int cipher_test_run(EVP_TEST *t)
307e3978 1035{
6c5943c9 1036 CIPHER_DATA *cdat = t->data;
0b96d77a 1037 int rv, frag = 0;
9a2d2fb3
AP		 1038 size_t out_misalign, inp_misalign;
1039
307e3978
DSH		 1040 if (!cdat->key) {
1041 t->err = "NO_KEY";
1042 return 0;
1043 }
1044 if (!cdat->iv && EVP_CIPHER_iv_length(cdat->cipher)) {
1045 /* IV is optional and usually omitted in wrap mode */
1046 if (EVP_CIPHER_mode(cdat->cipher) != EVP_CIPH_WRAP_MODE) {
1047 t->err = "NO_IV";
1048 return 0;
1049 }
1050 }
1051 if (cdat->aead && !cdat->tag) {
1052 t->err = "NO_TAG";
1053 return 0;
1054 }
0b96d77a 1055 for (out_misalign = 0; out_misalign <= 1;) {
9a2d2fb3
AP		 1056 static char aux_err[64];
1057 t->aux_err = aux_err;
ff715da4
AP		 1058 for (inp_misalign = (size_t)-1; inp_misalign != 2; inp_misalign++) {
1059 if (inp_misalign == (size_t)-1) {
1060 /* kludge: inp_misalign == -1 means "exercise in-place" */
0b96d77a
MC		 1061 BIO_snprintf(aux_err, sizeof(aux_err),
1062 "%s in-place, %sfragmented",
1063 out_misalign ? "misaligned" : "aligned",
1064 frag ? "" : "not ");
ff715da4 1065 } else {
0b96d77a
MC		 1066 BIO_snprintf(aux_err, sizeof(aux_err),
1067 "%s output and %s input, %sfragmented",
ff715da4 1068 out_misalign ? "misaligned" : "aligned",
0b96d77a
MC		 1069 inp_misalign ? "misaligned" : "aligned",
1070 frag ? "" : "not ");
ff715da4 1071 }
9a2d2fb3 1072 if (cdat->enc) {
0b96d77a 1073 rv = cipher_test_enc(t, 1, out_misalign, inp_misalign, frag);
9a2d2fb3
AP		 1074 /* Not fatal errors: return */
1075 if (rv != 1) {
1076 if (rv < 0)
1077 return 0;
1078 return 1;
1079 }
1080 }
1081 if (cdat->enc != 1) {
0b96d77a 1082 rv = cipher_test_enc(t, 0, out_misalign, inp_misalign, frag);
9a2d2fb3
AP		 1083 /* Not fatal errors: return */
1084 if (rv != 1) {
1085 if (rv < 0)
1086 return 0;
1087 return 1;
1088 }
1089 }
307e3978 1090 }
0b96d77a
MC		 1091
1092 if (out_misalign == 1 && frag == 0) {
1093 /*
1094 * XTS, CCM and Wrap modes have special requirements about input
1095 * lengths so we don't fragment for those
1096 */
1097 if (cdat->aead == EVP_CIPH_CCM_MODE
1098 || EVP_CIPHER_mode(cdat->cipher) == EVP_CIPH_XTS_MODE
1099 || EVP_CIPHER_mode(cdat->cipher) == EVP_CIPH_WRAP_MODE)
1100 break;
1101 out_misalign = 0;
1102 frag++;
1103 } else {
1104 out_misalign++;
1105 }
307e3978 1106 }
9a2d2fb3
AP		 1107 t->aux_err = NULL;
1108
307e3978 1109 return 1;
0f113f3e 1110}
307e3978 1111
6c5943c9 1112static const EVP_TEST_METHOD cipher_test_method = {
307e3978
DSH		 1113 "Cipher",
1114 cipher_test_init,
1115 cipher_test_cleanup,
1116 cipher_test_parse,
1117 cipher_test_run
1118};
83251f39 1119
6c5943c9 1120typedef struct mac_data_st {
83251f39
DSH		 1121 /* MAC type */
1122 int type;
1123 /* Algorithm string for this MAC */
1124 char *alg;
1125 /* MAC key */
1126 unsigned char *key;
1127 size_t key_len;
1128 /* Input to MAC */
1129 unsigned char *input;
1130 size_t input_len;
1131 /* Expected output */
1132 unsigned char *output;
1133 size_t output_len;
6c5943c9 1134} MAC_DATA;
83251f39 1135
6c5943c9 1136static int mac_test_init(EVP_TEST *t, const char *alg)
83251f39
DSH		 1137{
1138 int type;
6c5943c9
RS		 1139 MAC_DATA *mdat;
1140
b4a3aeeb 1141 if (strcmp(alg, "HMAC") == 0) {
83251f39 1142 type = EVP_PKEY_HMAC;
b4a3aeeb
MC		 1143 } else if (strcmp(alg, "CMAC") == 0) {
1144#ifndef OPENSSL_NO_CMAC
83251f39 1145 type = EVP_PKEY_CMAC;
b4a3aeeb
MC		 1146#else
1147 t->skip = 1;
1148 return 1;
52ad5b60
TS		 1149#endif
1150 } else if (strcmp(alg, "Poly1305") == 0) {
1151#ifndef OPENSSL_NO_POLY1305
1152 type = EVP_PKEY_POLY1305;
1153#else
1154 t->skip = 1;
1155 return 1;
3f5616d7
TS		 1156#endif
1157 } else if (strcmp(alg, "SipHash") == 0) {
1158#ifndef OPENSSL_NO_SIPHASH
1159 type = EVP_PKEY_SIPHASH;
1160#else
1161 t->skip = 1;
1162 return 1;
b4a3aeeb
MC		 1163#endif
1164 } else
83251f39
DSH		 1165 return 0;
1166
6c5943c9 1167 mdat = OPENSSL_zalloc(sizeof(*mdat));
83251f39 1168 mdat->type = type;
83251f39
DSH		 1169 t->data = mdat;
1170 return 1;
1171}
1172
6c5943c9 1173static void mac_test_cleanup(EVP_TEST *t)
83251f39 1174{
6c5943c9
RS		 1175 MAC_DATA *mdat = t->data;
1176
1177 OPENSSL_free(mdat->alg);
1178 OPENSSL_free(mdat->key);
1179 OPENSSL_free(mdat->input);
1180 OPENSSL_free(mdat->output);
83251f39
DSH		 1181}
1182
6c5943c9 1183static int mac_test_parse(EVP_TEST *t,
83251f39
DSH		 1184 const char *keyword, const char *value)
1185{
6c5943c9
RS		 1186 MAC_DATA *mdata = t->data;
1187
86885c28 1188 if (strcmp(keyword, "Key") == 0)
83251f39 1189 return test_bin(value, &mdata->key, &mdata->key_len);
86885c28 1190 if (strcmp(keyword, "Algorithm") == 0) {
7644a9ae 1191 mdata->alg = OPENSSL_strdup(value);
83251f39
DSH		 1192 if (!mdata->alg)
1193 return 0;
1194 return 1;
1195 }
86885c28 1196 if (strcmp(keyword, "Input") == 0)
83251f39 1197 return test_bin(value, &mdata->input, &mdata->input_len);
86885c28 1198 if (strcmp(keyword, "Output") == 0)
83251f39
DSH		 1199 return test_bin(value, &mdata->output, &mdata->output_len);
1200 return 0;
1201}
1202
6c5943c9 1203static int mac_test_run(EVP_TEST *t)
83251f39 1204{
6c5943c9 1205 MAC_DATA *mdata = t->data;
83251f39
DSH		 1206 EVP_MD_CTX *mctx = NULL;
1207 EVP_PKEY_CTX *pctx = NULL, *genctx = NULL;
1208 EVP_PKEY *key = NULL;
1209 const EVP_MD *md = NULL;
1210 unsigned char *mac = NULL;
1211 size_t mac_len;
1212
96bea000 1213#ifdef OPENSSL_NO_DES
31b69e9a 1214 if (mdata->alg != NULL && strstr(mdata->alg, "DES") != NULL) {
96bea000 1215 /* Skip DES */
6c5943c9 1216 t->err = NULL;
96bea000
MC		 1217 goto err;
1218 }
1219#endif
1220
6c5943c9
RS		 1221 if (!TEST_ptr(genctx = EVP_PKEY_CTX_new_id(mdata->type, NULL))) {
1222 t->err = "MAC_PKEY_CTX_ERROR";
83251f39 1223 goto err;
6c5943c9 1224 }
83251f39 1225
6c5943c9
RS		 1226 if (EVP_PKEY_keygen_init(genctx) <= 0) {
1227 t->err = "MAC_KEYGEN_INIT_ERROR";
1228 goto err;
1229 }
1230 if (mdata->type == EVP_PKEY_CMAC
1231 && EVP_PKEY_CTX_ctrl_str(genctx, "cipher", mdata->alg) <= 0) {
1232 t->err = "MAC_ALGORITHM_SET_ERROR";
83251f39 1233 goto err;
83251f39
DSH		 1234 }
1235
6c5943c9
RS		 1236 if (EVP_PKEY_CTX_set_mac_key(genctx, mdata->key, mdata->key_len) <= 0) {
1237 t->err = "MAC_KEY_SET_ERROR";
83251f39 1238 goto err;
6c5943c9 1239 }
83251f39 1240
6c5943c9
RS		 1241 if (EVP_PKEY_keygen(genctx, &key) <= 0) {
1242 t->err = "MAC_KEY_GENERATE_ERROR";
83251f39 1243 goto err;
6c5943c9 1244 }
83251f39 1245 if (mdata->type == EVP_PKEY_HMAC) {
6c5943c9
RS		 1246 if (!TEST_ptr(md = EVP_get_digestbyname(mdata->alg))) {
1247 t->err = "MAC_ALGORITHM_SET_ERROR";
83251f39 1248 goto err;
6c5943c9 1249 }
83251f39 1250 }
6c5943c9
RS		 1251 if (!TEST_ptr(mctx = EVP_MD_CTX_new())) {
1252 t->err = "INTERNAL_ERROR";
83251f39 1253 goto err;
6c5943c9
RS		 1254 }
1255 if (!EVP_DigestSignInit(mctx, &pctx, md, NULL, key)) {
1256 t->err = "DIGESTSIGNINIT_ERROR";
83251f39 1257 goto err;
6c5943c9 1258 }
83251f39 1259
6c5943c9
RS		 1260 if (!EVP_DigestSignUpdate(mctx, mdata->input, mdata->input_len)) {
1261 t->err = "DIGESTSIGNUPDATE_ERROR";
83251f39 1262 goto err;
83251f39 1263 }
6c5943c9
RS		 1264 if (!EVP_DigestSignFinal(mctx, NULL, &mac_len)) {
1265 t->err = "DIGESTSIGNFINAL_LENGTH_ERROR";
83251f39 1266 goto err;
6c5943c9
RS		 1267 }
1268 if (!TEST_ptr(mac = OPENSSL_malloc(mac_len))
1269 || !EVP_DigestSignFinal(mctx, mac, &mac_len)
1270 || !TEST_mem_eq(mdata->output, mdata->output_len, mac, mac_len)) {
1271 t->err = "TEST_FAILURE";
83251f39 1272 goto err;
6c5943c9
RS		 1273 }
1274
1275 t->err = NULL;
83251f39 1276 err:
bfb0641f 1277 EVP_MD_CTX_free(mctx);
b548a1f1 1278 OPENSSL_free(mac);
c5ba2d99
RS		 1279 EVP_PKEY_CTX_free(genctx);
1280 EVP_PKEY_free(key);
83251f39
DSH		 1281 return 1;
1282}
1283
6c5943c9 1284static const EVP_TEST_METHOD mac_test_method = {
83251f39
DSH		 1285 "MAC",
1286 mac_test_init,
1287 mac_test_cleanup,
1288 mac_test_parse,
1289 mac_test_run
1290};
5824cc29
DSH		 1291
1292/*
1293 * Public key operations. These are all very similar and can share
1294 * a lot of common code.
1295 */
1296
6c5943c9 1297typedef struct pkey_data_st {
5824cc29
DSH		 1298 /* Context for this operation */
1299 EVP_PKEY_CTX *ctx;
1300 /* Key operation to perform */
1301 int (*keyop) (EVP_PKEY_CTX *ctx,
1302 unsigned char *sig, size_t *siglen,
1303 const unsigned char *tbs, size_t tbslen);
1304 /* Input to MAC */
1305 unsigned char *input;
1306 size_t input_len;
1307 /* Expected output */
1308 unsigned char *output;
1309 size_t output_len;
6c5943c9 1310} PKEY_DATA;
5824cc29
DSH		 1311
1312/*
1313 * Perform public key operation setup: lookup key, allocated ctx and call
1314 * the appropriate initialisation function
1315 */
6c5943c9 1316static int pkey_test_init(EVP_TEST *t, const char *name,
5824cc29
DSH		 1317 int use_public,
1318 int (*keyopinit) (EVP_PKEY_CTX *ctx),
1319 int (*keyop) (EVP_PKEY_CTX *ctx,
1320 unsigned char *sig, size_t *siglen,
1321 const unsigned char *tbs,
1322 size_t tbslen)
1323 )
1324{
6c5943c9 1325 PKEY_DATA *kdata;
5824cc29 1326 EVP_PKEY *pkey = NULL;
7a6c9792 1327 int rv = 0;
6c5943c9 1328
7a6c9792 1329 if (use_public)
6c5943c9
RS		 1330 rv = find_key(&pkey, name, public_keys);
1331 if (rv == 0)
1332 rv = find_key(&pkey, name, private_keys);
1333 if (rv == 0 || pkey == NULL) {
7a6c9792
DSH		 1334 t->skip = 1;
1335 return 1;
1336 }
1337
6c5943c9 1338 if (!TEST_ptr(kdata = OPENSSL_malloc(sizeof(*kdata)))) {
7a6c9792 1339 EVP_PKEY_free(pkey);
5824cc29 1340 return 0;
7a6c9792 1341 }
5824cc29
DSH		 1342 kdata->ctx = NULL;
1343 kdata->input = NULL;
1344 kdata->output = NULL;
1345 kdata->keyop = keyop;
1346 t->data = kdata;
6c5943c9 1347 if (!TEST_ptr(kdata->ctx = EVP_PKEY_CTX_new(pkey, NULL)))
5824cc29
DSH		 1348 return 0;
1349 if (keyopinit(kdata->ctx) <= 0)
cce65266 1350 t->err = "KEYOP_INIT_ERROR";
5824cc29
DSH		 1351 return 1;
1352}
1353
6c5943c9 1354static void pkey_test_cleanup(EVP_TEST *t)
5824cc29 1355{
6c5943c9 1356 PKEY_DATA *kdata = t->data;
b548a1f1
RS		 1357
1358 OPENSSL_free(kdata->input);
1359 OPENSSL_free(kdata->output);
c5ba2d99 1360 EVP_PKEY_CTX_free(kdata->ctx);
5824cc29
DSH		 1361}
1362
6c5943c9 1363static int pkey_test_ctrl(EVP_TEST *t, EVP_PKEY_CTX *pctx,
dfbdf4ab 1364 const char *value)
4ddd5ace
DSH		 1365{
1366 int rv;
1367 char *p, *tmpval;
1368
6c5943c9 1369 if (!TEST_ptr(tmpval = OPENSSL_strdup(value)))
4ddd5ace
DSH		 1370 return 0;
1371 p = strchr(tmpval, ':');
1372 if (p != NULL)
1373 *p++ = 0;
1374 rv = EVP_PKEY_CTX_ctrl_str(pctx, tmpval, p);
cce65266
DSH		 1375 if (rv == -2) {
1376 t->err = "PKEY_CTRL_INVALID";
1377 rv = 1;
1378 } else if (p != NULL && rv <= 0) {
1379 /* If p has an OID and lookup fails assume disabled algorithm */
1380 int nid = OBJ_sn2nid(p);
6c5943c9 1381
cce65266
DSH		 1382 if (nid == NID_undef)
1383 nid = OBJ_ln2nid(p);
1384 if ((nid != NID_undef) && EVP_get_digestbynid(nid) == NULL &&
1385 EVP_get_cipherbynid(nid) == NULL) {
dfbdf4ab
RL		 1386 t->skip = 1;
1387 rv = 1;
cce65266
DSH		 1388 } else {
1389 t->err = "PKEY_CTRL_ERROR";
1390 rv = 1;
dfbdf4ab
RL		 1391 }
1392 }
4ddd5ace
DSH		 1393 OPENSSL_free(tmpval);
1394 return rv > 0;
1395}
1396
6c5943c9 1397static int pkey_test_parse(EVP_TEST *t,
5824cc29
DSH		 1398 const char *keyword, const char *value)
1399{
6c5943c9 1400 PKEY_DATA *kdata = t->data;
86885c28 1401 if (strcmp(keyword, "Input") == 0)
5824cc29 1402 return test_bin(value, &kdata->input, &kdata->input_len);
86885c28 1403 if (strcmp(keyword, "Output") == 0)
5824cc29 1404 return test_bin(value, &kdata->output, &kdata->output_len);
4ddd5ace 1405 if (strcmp(keyword, "Ctrl") == 0)
dfbdf4ab 1406 return pkey_test_ctrl(t, kdata->ctx, value);
5824cc29
DSH		 1407 return 0;
1408}
1409
6c5943c9 1410static int pkey_test_run(EVP_TEST *t)
5824cc29 1411{
6c5943c9 1412 PKEY_DATA *kdata = t->data;
5824cc29
DSH		 1413 unsigned char *out = NULL;
1414 size_t out_len;
6c5943c9 1415
5824cc29 1416 if (kdata->keyop(kdata->ctx, NULL, &out_len, kdata->input,
6c5943c9
RS		 1417 kdata->input_len) <= 0
1418 || !TEST_ptr(out = OPENSSL_malloc(out_len))) {
1419 t->err = "KEYOP_LENGTH_ERROR";
5824cc29 1420 goto err;
6c5943c9
RS		 1421 }
1422 if (kdata->keyop(kdata->ctx, out,
1423 &out_len, kdata->input, kdata->input_len) <= 0) {
1424 t->err = "KEYOP_ERROR";
5824cc29 1425 goto err;
6c5943c9
RS		 1426 }
1427 if (!TEST_mem_eq(kdata->output, kdata->output_len, out, out_len)) {
1428 t->err = "KEYOP_MISMATCH";
5824cc29 1429 goto err;
6c5943c9
RS		 1430 }
1431 t->err = NULL;
5824cc29 1432 err:
b548a1f1 1433 OPENSSL_free(out);
5824cc29
DSH		 1434 return 1;
1435}
1436
6c5943c9 1437static int sign_test_init(EVP_TEST *t, const char *name)
5824cc29
DSH		 1438{
1439 return pkey_test_init(t, name, 0, EVP_PKEY_sign_init, EVP_PKEY_sign);
1440}
1441
6c5943c9 1442static const EVP_TEST_METHOD psign_test_method = {
5824cc29
DSH		 1443 "Sign",
1444 sign_test_init,
1445 pkey_test_cleanup,
1446 pkey_test_parse,
1447 pkey_test_run
1448};
1449
6c5943c9 1450static int verify_recover_test_init(EVP_TEST *t, const char *name)
5824cc29
DSH		 1451{
1452 return pkey_test_init(t, name, 1, EVP_PKEY_verify_recover_init,
1453 EVP_PKEY_verify_recover);
1454}
1455
6c5943c9 1456static const EVP_TEST_METHOD pverify_recover_test_method = {
5824cc29
DSH		 1457 "VerifyRecover",
1458 verify_recover_test_init,
1459 pkey_test_cleanup,
1460 pkey_test_parse,
1461 pkey_test_run
1462};
1463
6c5943c9 1464static int decrypt_test_init(EVP_TEST *t, const char *name)
5824cc29
DSH		 1465{
1466 return pkey_test_init(t, name, 0, EVP_PKEY_decrypt_init,
1467 EVP_PKEY_decrypt);
1468}
1469
6c5943c9 1470static const EVP_TEST_METHOD pdecrypt_test_method = {
5824cc29
DSH		 1471 "Decrypt",
1472 decrypt_test_init,
1473 pkey_test_cleanup,
1474 pkey_test_parse,
1475 pkey_test_run
1476};
1477
6c5943c9 1478static int verify_test_init(EVP_TEST *t, const char *name)
5824cc29
DSH		 1479{
1480 return pkey_test_init(t, name, 1, EVP_PKEY_verify_init, 0);
1481}
1482
6c5943c9 1483static int verify_test_run(EVP_TEST *t)
5824cc29 1484{
6c5943c9
RS		 1485 PKEY_DATA *kdata = t->data;
1486
5824cc29
DSH		 1487 if (EVP_PKEY_verify(kdata->ctx, kdata->output, kdata->output_len,
1488 kdata->input, kdata->input_len) <= 0)
1489 t->err = "VERIFY_ERROR";
1490 return 1;
1491}
1492
6c5943c9 1493static const EVP_TEST_METHOD pverify_test_method = {
5824cc29
DSH		 1494 "Verify",
1495 verify_test_init,
1496 pkey_test_cleanup,
1497 pkey_test_parse,
1498 verify_test_run
1499};
3b53e18a 1500
d4ad48d7 1501
6c5943c9 1502static int pderive_test_init(EVP_TEST *t, const char *name)
d4ad48d7
DSH		 1503{
1504 return pkey_test_init(t, name, 0, EVP_PKEY_derive_init, 0);
1505}
1506
6c5943c9 1507static int pderive_test_parse(EVP_TEST *t,
d4ad48d7
DSH		 1508 const char *keyword, const char *value)
1509{
6c5943c9 1510 PKEY_DATA *kdata = t->data;
d4ad48d7
DSH		 1511
1512 if (strcmp(keyword, "PeerKey") == 0) {
1513 EVP_PKEY *peer;
6c5943c9 1514 if (find_key(&peer, value, public_keys) == 0)
d4ad48d7
DSH		 1515 return 0;
1516 if (EVP_PKEY_derive_set_peer(kdata->ctx, peer) <= 0)
1517 return 0;
1518 return 1;
1519 }
1520 if (strcmp(keyword, "SharedSecret") == 0)
1521 return test_bin(value, &kdata->output, &kdata->output_len);
4ddd5ace 1522 if (strcmp(keyword, "Ctrl") == 0)
dfbdf4ab 1523 return pkey_test_ctrl(t, kdata->ctx, value);
d4ad48d7
DSH		 1524 return 0;
1525}
1526
6c5943c9 1527static int pderive_test_run(EVP_TEST *t)
d4ad48d7 1528{
6c5943c9 1529 PKEY_DATA *kdata = t->data;
d4ad48d7
DSH		 1530 unsigned char *out = NULL;
1531 size_t out_len;
d4ad48d7
DSH		 1532
1533 out_len = kdata->output_len;
6c5943c9
RS		 1534 if (!TEST_ptr(out = OPENSSL_malloc(out_len))) {
1535 t->err = "DERIVE_ERROR";
d4ad48d7 1536 goto err;
6c5943c9
RS		 1537 }
1538 if (EVP_PKEY_derive(kdata->ctx, out, &out_len) <= 0) {
1539 t->err = "DERIVE_ERROR";
d4ad48d7 1540 goto err;
6c5943c9
RS		 1541 }
1542 if (!TEST_mem_eq(kdata->output, kdata->output_len, out, out_len)) {
1543 t->err = "SHARED_SECRET_MISMATCH";
d4ad48d7 1544 goto err;
6c5943c9
RS		 1545 }
1546
1547 t->err = NULL;
d4ad48d7
DSH		 1548 err:
1549 OPENSSL_free(out);
d4ad48d7
DSH		 1550 return 1;
1551}
1552
6c5943c9 1553static const EVP_TEST_METHOD pderive_test_method = {
d4ad48d7
DSH		 1554 "Derive",
1555 pderive_test_init,
1556 pkey_test_cleanup,
1557 pderive_test_parse,
1558 pderive_test_run
1559};
1560
3b53e18a
DSH		 1561/* PBE tests */
1562
1563#define PBE_TYPE_SCRYPT 1
351fe214
DSH		 1564#define PBE_TYPE_PBKDF2 2
1565#define PBE_TYPE_PKCS12 3
3b53e18a 1566
6c5943c9 1567typedef struct pbe_data_st {
3b53e18a 1568 int pbe_type;
6c5943c9 1569 /* scrypt parameters */
3b53e18a 1570 uint64_t N, r, p, maxmem;
6c5943c9 1571 /* PKCS#12 parameters */
351fe214
DSH		 1572 int id, iter;
1573 const EVP_MD *md;
6c5943c9 1574 /* password */
3b53e18a
DSH		 1575 unsigned char *pass;
1576 size_t pass_len;
6c5943c9 1577 /* salt */
3b53e18a
DSH		 1578 unsigned char *salt;
1579 size_t salt_len;
6c5943c9 1580 /* Expected output */
3b53e18a
DSH		 1581 unsigned char *key;
1582 size_t key_len;
6c5943c9 1583} PBE_DATA;
3b53e18a 1584
b0809bc8 1585#ifndef OPENSSL_NO_SCRYPT
6c5943c9 1586static int scrypt_test_parse(EVP_TEST *t,
3b53e18a
DSH		 1587 const char *keyword, const char *value)
1588{
6c5943c9 1589 PBE_DATA *pdata = t->data;
351fe214 1590
3b53e18a
DSH		 1591 if (strcmp(keyword, "N") == 0)
1592 return test_uint64(value, &pdata->N);
1593 if (strcmp(keyword, "p") == 0)
1594 return test_uint64(value, &pdata->p);
1595 if (strcmp(keyword, "r") == 0)
1596 return test_uint64(value, &pdata->r);
1597 if (strcmp(keyword, "maxmem") == 0)
1598 return test_uint64(value, &pdata->maxmem);
1599 return 0;
1600}
b0809bc8 1601#endif
3b53e18a 1602
6c5943c9 1603static int pbkdf2_test_parse(EVP_TEST *t,
351fe214 1604 const char *keyword, const char *value)
3b53e18a 1605{
6c5943c9 1606 PBE_DATA *pdata = t->data;
351fe214
DSH		 1607
1608 if (strcmp(keyword, "iter") == 0) {
1609 pdata->iter = atoi(value);
1610 if (pdata->iter <= 0)
1611 return 0;
1612 return 1;
1613 }
1614 if (strcmp(keyword, "MD") == 0) {
1615 pdata->md = EVP_get_digestbyname(value);
1616 if (pdata->md == NULL)
1617 return 0;
1618 return 1;
1619 }
1620 return 0;
1621}
1622
6c5943c9 1623static int pkcs12_test_parse(EVP_TEST *t,
351fe214
DSH		 1624 const char *keyword, const char *value)
1625{
6c5943c9 1626 PBE_DATA *pdata = t->data;
351fe214
DSH		 1627
1628 if (strcmp(keyword, "id") == 0) {
1629 pdata->id = atoi(value);
1630 if (pdata->id <= 0)
1631 return 0;
1632 return 1;
1633 }
1634 return pbkdf2_test_parse(t, keyword, value);
3b53e18a
DSH		 1635}
1636
6c5943c9 1637static int pbe_test_init(EVP_TEST *t, const char *alg)
3b53e18a 1638{
6c5943c9 1639 PBE_DATA *pdat;
3b53e18a 1640 int pbe_type = 0;
351fe214 1641
83bd31da 1642 if (strcmp(alg, "scrypt") == 0) {
b0809bc8 1643#ifndef OPENSSL_NO_SCRYPT
3b53e18a 1644 pbe_type = PBE_TYPE_SCRYPT;
83bd31da
MC		 1645#else
1646 t->skip = 1;
1647 return 1;
b0809bc8 1648#endif
83bd31da 1649 } else if (strcmp(alg, "pbkdf2") == 0) {
351fe214 1650 pbe_type = PBE_TYPE_PBKDF2;
83bd31da 1651 } else if (strcmp(alg, "pkcs12") == 0) {
351fe214 1652 pbe_type = PBE_TYPE_PKCS12;
83bd31da 1653 } else {
6c5943c9 1654 TEST_error("Unknown pbe algorithm %s", alg);
83bd31da 1655 }
3b53e18a
DSH		 1656 pdat = OPENSSL_malloc(sizeof(*pdat));
1657 pdat->pbe_type = pbe_type;
1658 pdat->pass = NULL;
1659 pdat->salt = NULL;
1660 pdat->N = 0;
1661 pdat->r = 0;
1662 pdat->p = 0;
1663 pdat->maxmem = 0;
351fe214
DSH		 1664 pdat->id = 0;
1665 pdat->iter = 0;
1666 pdat->md = NULL;
3b53e18a
DSH		 1667 t->data = pdat;
1668 return 1;
1669}
1670
6c5943c9 1671static void pbe_test_cleanup(EVP_TEST *t)
3b53e18a 1672{
6c5943c9
RS		 1673 PBE_DATA *pdat = t->data;
1674
1675 OPENSSL_free(pdat->pass);
1676 OPENSSL_free(pdat->salt);
1677 OPENSSL_free(pdat->key);
3b53e18a
DSH		 1678}
1679
6c5943c9
RS		 1680static int pbe_test_parse(EVP_TEST *t,
1681 const char *keyword, const char *value)
3b53e18a 1682{
6c5943c9 1683 PBE_DATA *pdata = t->data;
351fe214 1684
3b53e18a
DSH		 1685 if (strcmp(keyword, "Password") == 0)
1686 return test_bin(value, &pdata->pass, &pdata->pass_len);
1687 if (strcmp(keyword, "Salt") == 0)
1688 return test_bin(value, &pdata->salt, &pdata->salt_len);
1689 if (strcmp(keyword, "Key") == 0)
1690 return test_bin(value, &pdata->key, &pdata->key_len);
b0809bc8 1691 if (pdata->pbe_type == PBE_TYPE_PBKDF2)
351fe214
DSH		 1692 return pbkdf2_test_parse(t, keyword, value);
1693 else if (pdata->pbe_type == PBE_TYPE_PKCS12)
1694 return pkcs12_test_parse(t, keyword, value);
b0809bc8
RS		 1695#ifndef OPENSSL_NO_SCRYPT
1696 else if (pdata->pbe_type == PBE_TYPE_SCRYPT)
1697 return scrypt_test_parse(t, keyword, value);
1698#endif
3b53e18a
DSH		 1699 return 0;
1700}
1701
6c5943c9 1702static int pbe_test_run(EVP_TEST *t)
3b53e18a 1703{
6c5943c9 1704 PBE_DATA *pdata = t->data;
351fe214
DSH		 1705 unsigned char *key;
1706
6c5943c9
RS		 1707 if (!TEST_ptr(key = OPENSSL_malloc(pdata->key_len))) {
1708 t->err = "INTERNAL_ERROR";
351fe214 1709 goto err;
6c5943c9 1710 }
351fe214 1711 if (pdata->pbe_type == PBE_TYPE_PBKDF2) {
351fe214
DSH		 1712 if (PKCS5_PBKDF2_HMAC((char *)pdata->pass, pdata->pass_len,
1713 pdata->salt, pdata->salt_len,
1714 pdata->iter, pdata->md,
6c5943c9
RS		 1715 pdata->key_len, key) == 0) {
1716 t->err = "PBKDF2_ERROR";
351fe214 1717 goto err;
6c5943c9 1718 }
b0809bc8 1719#ifndef OPENSSL_NO_SCRYPT
351fe214 1720 } else if (pdata->pbe_type == PBE_TYPE_SCRYPT) {
351fe214
DSH		 1721 if (EVP_PBE_scrypt((const char *)pdata->pass, pdata->pass_len,
1722 pdata->salt, pdata->salt_len,
1723 pdata->N, pdata->r, pdata->p, pdata->maxmem,
6c5943c9
RS		 1724 key, pdata->key_len) == 0) {
1725 t->err = "SCRYPT_ERROR";
351fe214 1726 goto err;
6c5943c9 1727 }
b0809bc8 1728#endif
351fe214 1729 } else if (pdata->pbe_type == PBE_TYPE_PKCS12) {
351fe214
DSH		 1730 if (PKCS12_key_gen_uni(pdata->pass, pdata->pass_len,
1731 pdata->salt, pdata->salt_len,
1732 pdata->id, pdata->iter, pdata->key_len,
6c5943c9
RS		 1733 key, pdata->md) == 0) {
1734 t->err = "PKCS12_ERROR";
351fe214 1735 goto err;
6c5943c9 1736 }
351fe214 1737 }
6c5943c9
RS		 1738 if (!TEST_mem_eq(pdata->key, pdata->key_len, key, pdata->key_len)) {
1739 t->err = "KEY_MISMATCH";
351fe214 1740 goto err;
6c5943c9
RS		 1741 }
1742 t->err = NULL;
1743err:
351fe214 1744 OPENSSL_free(key);
351fe214 1745 return 1;
3b53e18a
DSH		 1746}
1747
6c5943c9 1748static const EVP_TEST_METHOD pbe_test_method = {
3b53e18a
DSH		 1749 "PBE",
1750 pbe_test_init,
1751 pbe_test_cleanup,
1752 pbe_test_parse,
1753 pbe_test_run
1754};
3cdd1e94
EK		 1755
1756/* Base64 tests */
1757
1758typedef enum {
1759 BASE64_CANONICAL_ENCODING = 0,
1760 BASE64_VALID_ENCODING = 1,
1761 BASE64_INVALID_ENCODING = 2
1762} base64_encoding_type;
1763
6c5943c9 1764typedef struct encode_data_st {
3cdd1e94
EK		 1765 /* Input to encoding */
1766 unsigned char *input;
1767 size_t input_len;
1768 /* Expected output */
1769 unsigned char *output;
1770 size_t output_len;
1771 base64_encoding_type encoding;
6c5943c9 1772} ENCODE_DATA;
3cdd1e94 1773
6c5943c9 1774static int encode_test_init(EVP_TEST *t, const char *encoding)
3cdd1e94 1775{
6c5943c9 1776 ENCODE_DATA *edata = OPENSSL_zalloc(sizeof(*edata));
3cdd1e94
EK		 1777
1778 if (strcmp(encoding, "canonical") == 0) {
1779 edata->encoding = BASE64_CANONICAL_ENCODING;
1780 } else if (strcmp(encoding, "valid") == 0) {
1781 edata->encoding = BASE64_VALID_ENCODING;
1782 } else if (strcmp(encoding, "invalid") == 0) {
1783 edata->encoding = BASE64_INVALID_ENCODING;
7644a9ae 1784 t->expected_err = OPENSSL_strdup("DECODE_ERROR");
3cdd1e94
EK		 1785 if (t->expected_err == NULL)
1786 return 0;
1787 } else {
6c5943c9
RS		 1788 TEST_info("Bad encoding: %s. Should be one of "
1789 "{canonical, valid, invalid}", encoding);
3cdd1e94
EK		 1790 return 0;
1791 }
1792 t->data = edata;
1793 return 1;
1794}
1795
6c5943c9 1796static void encode_test_cleanup(EVP_TEST *t)
3cdd1e94 1797{
6c5943c9
RS		 1798 ENCODE_DATA *edata = t->data;
1799
1800 OPENSSL_free(edata->input);
1801 OPENSSL_free(edata->output);
3cdd1e94
EK		 1802 memset(edata, 0, sizeof(*edata));
1803}
1804
6c5943c9 1805static int encode_test_parse(EVP_TEST *t,
3cdd1e94
EK		 1806 const char *keyword, const char *value)
1807{
6c5943c9 1808 ENCODE_DATA *edata = t->data;
3cdd1e94
EK		 1809 if (strcmp(keyword, "Input") == 0)
1810 return test_bin(value, &edata->input, &edata->input_len);
1811 if (strcmp(keyword, "Output") == 0)
1812 return test_bin(value, &edata->output, &edata->output_len);
1813 return 0;
1814}
1815
6c5943c9 1816static int encode_test_run(EVP_TEST *t)
3cdd1e94 1817{
6c5943c9 1818 ENCODE_DATA *edata = t->data;
3cdd1e94
EK		 1819 unsigned char *encode_out = NULL, *decode_out = NULL;
1820 int output_len, chunk_len;
6c5943c9 1821 EVP_ENCODE_CTX *decode_ctx;
254b26af 1822
6c5943c9
RS		 1823 if (!TEST_ptr(decode_ctx = EVP_ENCODE_CTX_new())) {
1824 t->err = "INTERNAL_ERROR";
254b26af 1825 goto err;
6c5943c9 1826 }
3cdd1e94
EK		 1827
1828 if (edata->encoding == BASE64_CANONICAL_ENCODING) {
6c5943c9
RS		 1829 EVP_ENCODE_CTX *encode_ctx;
1830
1831 if (!TEST_ptr(encode_ctx = EVP_ENCODE_CTX_new())
1832 || !TEST_ptr(encode_out =
1833 OPENSSL_malloc(EVP_ENCODE_LENGTH(edata->input_len))))
3cdd1e94
EK		 1834 goto err;
1835
254b26af
RL		 1836 EVP_EncodeInit(encode_ctx);
1837 EVP_EncodeUpdate(encode_ctx, encode_out, &chunk_len,
3cdd1e94
EK		 1838 edata->input, edata->input_len);
1839 output_len = chunk_len;
1840
254b26af 1841 EVP_EncodeFinal(encode_ctx, encode_out + chunk_len, &chunk_len);
3cdd1e94
EK		 1842 output_len += chunk_len;
1843
254b26af
RL		 1844 EVP_ENCODE_CTX_free(encode_ctx);
1845
6c5943c9
RS		 1846 if (!TEST_mem_eq(edata->output, edata->output_len,
1847 encode_out, output_len)) {
1848 t->err = "BAD_ENCODING";
3cdd1e94
EK		 1849 goto err;
1850 }
1851 }
1852
6c5943c9
RS		 1853 if (!TEST_ptr(decode_out =
1854 OPENSSL_malloc(EVP_DECODE_LENGTH(edata->output_len))))
3cdd1e94
EK		 1855 goto err;
1856
254b26af
RL		 1857 EVP_DecodeInit(decode_ctx);
1858 if (EVP_DecodeUpdate(decode_ctx, decode_out, &chunk_len, edata->output,
3cdd1e94 1859 edata->output_len) < 0) {
6c5943c9 1860 t->err = "DECODE_ERROR";
3cdd1e94
EK		 1861 goto err;
1862 }
1863 output_len = chunk_len;
1864
254b26af 1865 if (EVP_DecodeFinal(decode_ctx, decode_out + chunk_len, &chunk_len) != 1) {
6c5943c9 1866 t->err = "DECODE_ERROR";
3cdd1e94
EK		 1867 goto err;
1868 }
1869 output_len += chunk_len;
1870
6c5943c9
RS		 1871 if (edata->encoding != BASE64_INVALID_ENCODING
1872 && !TEST_mem_eq(edata->input, edata->input_len,
1873 decode_out, output_len)) {
1874 t->err = "BAD_DECODING";
3cdd1e94
EK		 1875 goto err;
1876 }
1877
6c5943c9 1878 t->err = NULL;
3cdd1e94 1879 err:
3cdd1e94
EK		 1880 OPENSSL_free(encode_out);
1881 OPENSSL_free(decode_out);
254b26af 1882 EVP_ENCODE_CTX_free(decode_ctx);
3cdd1e94
EK		 1883 return 1;
1884}
1885
6c5943c9 1886static const EVP_TEST_METHOD encode_test_method = {
3cdd1e94
EK		 1887 "Encoding",
1888 encode_test_init,
1889 encode_test_cleanup,
1890 encode_test_parse,
1891 encode_test_run,
1892};
44a284d2 1893
7d04be79 1894/* KDF operations */
44a284d2 1895
6c5943c9 1896typedef struct kdf_data_st {
44a284d2
DSH		 1897 /* Context for this operation */
1898 EVP_PKEY_CTX *ctx;
1899 /* Expected output */
1900 unsigned char *output;
1901 size_t output_len;
6c5943c9 1902} KDF_DATA;
44a284d2
DSH		 1903
1904/*
1905 * Perform public key operation setup: lookup key, allocated ctx and call
1906 * the appropriate initialisation function
1907 */
6c5943c9 1908static int kdf_test_init(EVP_TEST *t, const char *name)
44a284d2 1909{
6c5943c9 1910 KDF_DATA *kdata;
44a284d2
DSH		 1911
1912 kdata = OPENSSL_malloc(sizeof(*kdata));
1913 if (kdata == NULL)
1914 return 0;
1915 kdata->ctx = NULL;
1916 kdata->output = NULL;
1917 t->data = kdata;
1918 kdata->ctx = EVP_PKEY_CTX_new_id(OBJ_sn2nid(name), NULL);
1919 if (kdata->ctx == NULL)
1920 return 0;
1921 if (EVP_PKEY_derive_init(kdata->ctx) <= 0)
1922 return 0;
1923 return 1;
1924}
1925
6c5943c9 1926static void kdf_test_cleanup(EVP_TEST *t)
44a284d2 1927{
6c5943c9 1928 KDF_DATA *kdata = t->data;
44a284d2
DSH		 1929 OPENSSL_free(kdata->output);
1930 EVP_PKEY_CTX_free(kdata->ctx);
1931}
1932
6c5943c9 1933static int kdf_test_parse(EVP_TEST *t,
44a284d2
DSH		 1934 const char *keyword, const char *value)
1935{
6c5943c9
RS		 1936 KDF_DATA *kdata = t->data;
1937
44a284d2
DSH		 1938 if (strcmp(keyword, "Output") == 0)
1939 return test_bin(value, &kdata->output, &kdata->output_len);
7d04be79 1940 if (strncmp(keyword, "Ctrl", 4) == 0)
dfbdf4ab 1941 return pkey_test_ctrl(t, kdata->ctx, value);
44a284d2
DSH		 1942 return 0;
1943}
1944
6c5943c9 1945static int kdf_test_run(EVP_TEST *t)
44a284d2 1946{
6c5943c9 1947 KDF_DATA *kdata = t->data;
44a284d2
DSH		 1948 unsigned char *out = NULL;
1949 size_t out_len = kdata->output_len;
6c5943c9
RS		 1950
1951 if (!TEST_ptr(out = OPENSSL_malloc(out_len))) {
1952 t->err = "INTERNAL_ERROR";
44a284d2 1953 goto err;
6c5943c9
RS		 1954 }
1955 if (EVP_PKEY_derive(kdata->ctx, out, &out_len) <= 0) {
1956 t->err = "KDF_DERIVE_ERROR";
44a284d2 1957 goto err;
6c5943c9
RS		 1958 }
1959 if (!TEST_mem_eq(kdata->output, kdata->output_len, out, out_len)) {
1960 t->err = "KDF_MISMATCH";
44a284d2 1961 goto err;
6c5943c9
RS		 1962 }
1963 t->err = NULL;
1964
44a284d2
DSH		 1965 err:
1966 OPENSSL_free(out);
44a284d2
DSH		 1967 return 1;
1968}
1969
6c5943c9 1970static const EVP_TEST_METHOD kdf_test_method = {
44a284d2
DSH		 1971 "KDF",
1972 kdf_test_init,
1973 kdf_test_cleanup,
1974 kdf_test_parse,
1975 kdf_test_run
1976};
d91b7423 1977
6c5943c9 1978typedef struct keypair_test_data_st {
d91b7423
RS		 1979 EVP_PKEY *privk;
1980 EVP_PKEY *pubk;
6c5943c9 1981} KEYPAIR_TEST_DATA;
d91b7423 1982
6c5943c9 1983static int keypair_test_init(EVP_TEST *t, const char *pair)
d91b7423
RS		 1984{
1985 int rv = 0;
1986 EVP_PKEY *pk = NULL, *pubk = NULL;
1987 char *pub, *priv = NULL;
6c5943c9 1988 KEYPAIR_TEST_DATA *data;
d91b7423 1989
6c5943c9
RS		 1990 if (!TEST_ptr(priv = OPENSSL_strdup(pair))
1991 || !TEST_ptr(pub = strchr(priv, ':'))) {
1992 t->err = "PARSING_ERROR";
d91b7423
RS		 1993 goto end;
1994 }
1995 *pub++ = 0; /* split priv and pub strings */
1996
6c5943c9
RS		 1997 if (!TEST_true(find_key(&pk, priv, private_keys))) {
1998 TEST_info("Cannot find private key: %s", priv);
1999 t->err = "MISSING_PRIVATE_KEY";
d91b7423
RS		 2000 goto end;
2001 }
6c5943c9
RS		 2002 if (!TEST_true(find_key(&pubk, pub, public_keys))) {
2003 TEST_info("Cannot find public key: %s", pub);
2004 t->err = "MISSING_PUBLIC_KEY";
d91b7423
RS		 2005 goto end;
2006 }
2007
2008 if (pk == NULL && pubk == NULL) {
2009 /* Both keys are listed but unsupported: skip this test */
2010 t->skip = 1;
2011 rv = 1;
2012 goto end;
2013 }
2014
6c5943c9 2015 if (!TEST_ptr(data = OPENSSL_malloc(sizeof(*data))))
d91b7423
RS		 2016 goto end;
2017
2018 data->privk = pk;
2019 data->pubk = pubk;
2020 t->data = data;
d91b7423 2021 rv = 1;
6c5943c9 2022 t->err = NULL;
d91b7423
RS		 2023
2024end:
6c5943c9 2025 OPENSSL_free(priv);
d91b7423
RS		 2026 return rv;
2027}
2028
6c5943c9 2029static void keypair_test_cleanup(EVP_TEST *t)
d91b7423 2030{
6c5943c9 2031 OPENSSL_free(t->data);
d91b7423 2032 t->data = NULL;
d91b7423
RS		 2033}
2034
2035/* For test that do not accept any custom keyword:
2036 * return 0 if called
2037 */
6c5943c9 2038static int void_test_parse(EVP_TEST *t, const char *keyword, const char *value)
d91b7423
RS		 2039{
2040 return 0;
2041}
2042
6c5943c9 2043static int keypair_test_run(EVP_TEST *t)
d91b7423
RS		 2044{
2045 int rv = 0;
6c5943c9 2046 const KEYPAIR_TEST_DATA *pair = t->data;
d91b7423
RS		 2047
2048 if (pair->privk == NULL || pair->pubk == NULL) {
6c5943c9
RS		 2049 /*
2050 * this can only happen if only one of the keys is not set
d91b7423
RS		 2051 * which means that one of them was unsupported while the
2052 * other isn't: hence a key type mismatch.
2053 */
6c5943c9 2054 t->err = "KEYPAIR_TYPE_MISMATCH";
d91b7423
RS		 2055 rv = 1;
2056 goto end;
2057 }
2058
2059 if ((rv = EVP_PKEY_cmp(pair->privk, pair->pubk)) != 1 ) {
2060 if ( 0 == rv ) {
6c5943c9 2061 t->err = "KEYPAIR_MISMATCH";
d91b7423 2062 } else if ( -1 == rv ) {
6c5943c9 2063 t->err = "KEYPAIR_TYPE_MISMATCH";
d91b7423 2064 } else if ( -2 == rv ) {
6c5943c9 2065 t->err = "UNSUPPORTED_KEY_COMPARISON";
d91b7423 2066 } else {
6c5943c9 2067 TEST_error("Unexpected error in key comparison");
d91b7423
RS		 2068 rv = 0;
2069 goto end;
2070 }
2071 rv = 1;
2072 goto end;
2073 }
2074
2075 rv = 1;
6c5943c9 2076 t->err = NULL;
d91b7423
RS		 2077
2078end:
d91b7423
RS		 2079 return rv;
2080}
2081
6c5943c9 2082static const EVP_TEST_METHOD keypair_test_method = {
d91b7423
RS		 2083 "PrivPubKeyPair",
2084 keypair_test_init,
2085 keypair_test_cleanup,
2086 void_test_parse,
2087 keypair_test_run
2088};
2089
6c5943c9
RS		 2090static int do_test_file(const char *testfile)
2091{
2092 BIO *in;
2093 char buf[10240];
2094 EVP_TEST t;
2095
2096 if (!TEST_ptr(in = BIO_new_file(testfile, "rb")))
2097 return 0;
2098 memset(&t, 0, sizeof(t));
2099 t.start_line = -1;
2100 t.in = in;
2101 t.err = NULL;
2102 while (BIO_gets(in, buf, sizeof(buf))) {
2103 t.line++;
2104 if (!TEST_true(parse_test_line(&t, buf)))
2105 return 0;
2106 }
2107 /* Run any final test we have */
2108 if (!run_and_get_next(&t, NULL))
2109 return 0;
2110
2111 TEST_info("Completed %d tests with %d errors and %d skipped",
2112 t.ntests, t.errors, t.nskip);
2113 free_key_list(public_keys);
2114 free_key_list(private_keys);
2115 BIO_free(t.key);
2116 BIO_free(in);
2117 return t.errors == 0;
2118}
2119
2120static char * const *testfiles;
2121
2122static int run_file_tests(int i)
2123{
2124 return do_test_file(testfiles[i]);
2125}
2126
2127int test_main(int argc, char *argv[])
2128{
2129 if (argc < 2) {
2130 TEST_error("Usage: %s file...", argv[0]);
2131 return 0;
2132 }
2133 testfiles = &argv[1];
2134
2135 ADD_ALL_TESTS(run_file_tests, argc - 1);
2136
2137 return run_tests(argv[0]);
2138}
A mirror of the official openssl repository