3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
6 /* ====================================================================
7 * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in
18 * the documentation and/or other materials provided with the
21 * 3. All advertising materials mentioning features or use of this
22 * software must display the following acknowledgment:
23 * "This product includes software developed by the OpenSSL Project
24 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27 * endorse or promote products derived from this software without
28 * prior written permission. For written permission, please contact
29 * licensing@OpenSSL.org.
31 * 5. Products derived from this software may not be called "OpenSSL"
32 * nor may "OpenSSL" appear in their names without prior written
33 * permission of the OpenSSL Project.
35 * 6. Redistributions of any form whatsoever must retain the following
37 * "This product includes software developed by the OpenSSL Project
38 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51 * OF THE POSSIBILITY OF SUCH DAMAGE.
52 * ====================================================================
59 #include <openssl/evp.h>
60 #include <openssl/pem.h>
61 #include <openssl/err.h>
62 #include <openssl/x509v3.h>
63 #include <openssl/pkcs12.h>
64 #include "internal/numbers.h"
66 /* Remove spaces from beginning and end of a string */
68 static void remove_space(char **pval
)
70 unsigned char *p
= (unsigned char *)*pval
;
77 p
= p
+ strlen(*pval
) - 1;
79 /* Remove trailing space */
85 * Given a line of the form:
86 * name = value # comment
87 * extract name and value. NB: modifies passed buffer.
90 static int parse_line(char **pkw
, char **pval
, char *linebuf
)
94 p
= linebuf
+ strlen(linebuf
) - 1;
97 fprintf(stderr
, "FATAL: missing EOL\n");
103 p
= strchr(linebuf
, '#');
108 /* Look for = sign */
109 p
= strchr(linebuf
, '=');
120 /* Remove spaces from keyword and value */
127 /* For a hex string "value" convert to a binary allocated buffer */
128 static int test_bin(const char *value
, unsigned char **buf
, size_t *buflen
)
132 /* Don't return NULL for zero length buffer */
133 *buf
= OPENSSL_malloc(1);
140 /* Check for string literal */
141 if (value
[0] == '"') {
144 vlen
= strlen(value
);
145 if (value
[vlen
- 1] != '"')
149 *buf
= OPENSSL_malloc(1);
154 *buf
= BUF_memdup(value
, vlen
);
161 *buf
= string_to_hex(value
, &len
);
163 fprintf(stderr
, "Value=%s\n", value
);
164 ERR_print_errors_fp(stderr
);
167 /* Size of input buffer means we'll never overflow */
171 /* Parse unsigned decimal 64 bit integer value */
172 static int test_uint64(const char *value
, uint64_t *pr
)
174 const char *p
= value
;
176 fprintf(stderr
, "Invalid empty integer value\n");
181 if (*pr
> UINT64_MAX
/10) {
182 fprintf(stderr
, "Integer string overflow value=%s\n", value
);
186 if (*p
< '0' || *p
> '9') {
187 fprintf(stderr
, "Invalid integer string value=%s\n", value
);
196 /* Structure holding test information */
198 /* file being read */
200 /* List of public and private keys */
201 struct key_list
*private;
202 struct key_list
*public;
203 /* method for this test */
204 const struct evp_test_method
*meth
;
205 /* current line being processed */
207 /* start line of current test */
208 unsigned int start_line
;
209 /* Error string for test */
211 /* Expected error value of test */
213 /* Number of tests */
217 /* Number of tests skipped */
219 /* If output mismatch expected and got value */
220 unsigned char *out_got
;
221 unsigned char *out_expected
;
223 /* test specific data */
225 /* Current test should be skipped */
232 struct key_list
*next
;
235 /* Test method structure */
236 struct evp_test_method
{
237 /* Name of test as it appears in file */
239 /* Initialise test for "alg" */
240 int (*init
) (struct evp_test
* t
, const char *alg
);
241 /* Clean up method */
242 void (*cleanup
) (struct evp_test
* t
);
243 /* Test specific name value pair processing */
244 int (*parse
) (struct evp_test
* t
, const char *name
, const char *value
);
245 /* Run the test itself */
246 int (*run_test
) (struct evp_test
* t
);
249 static const struct evp_test_method digest_test_method
, cipher_test_method
;
250 static const struct evp_test_method mac_test_method
;
251 static const struct evp_test_method psign_test_method
, pverify_test_method
;
252 static const struct evp_test_method pdecrypt_test_method
;
253 static const struct evp_test_method pverify_recover_test_method
;
254 static const struct evp_test_method pbe_test_method
;
256 static const struct evp_test_method
*evp_test_list
[] = {
261 &pverify_test_method
,
262 &pdecrypt_test_method
,
263 &pverify_recover_test_method
,
268 static const struct evp_test_method
*evp_find_test(const char *name
)
270 const struct evp_test_method
**tt
;
272 for (tt
= evp_test_list
; *tt
; tt
++) {
273 if (strcmp(name
, (*tt
)->name
) == 0)
279 static void hex_print(const char *name
, const unsigned char *buf
, size_t len
)
282 fprintf(stderr
, "%s ", name
);
283 for (i
= 0; i
< len
; i
++)
284 fprintf(stderr
, "%02X", buf
[i
]);
288 static void free_expected(struct evp_test
*t
)
290 OPENSSL_free(t
->expected_err
);
291 t
->expected_err
= NULL
;
292 OPENSSL_free(t
->out_expected
);
293 OPENSSL_free(t
->out_got
);
294 t
->out_expected
= NULL
;
298 static void print_expected(struct evp_test
*t
)
300 if (t
->out_expected
== NULL
)
302 hex_print("Expected:", t
->out_expected
, t
->out_len
);
303 hex_print("Got: ", t
->out_got
, t
->out_len
);
307 static int check_test_error(struct evp_test
*t
)
309 if (!t
->err
&& !t
->expected_err
)
311 if (t
->err
&& !t
->expected_err
) {
312 fprintf(stderr
, "Test line %d: unexpected error %s\n",
313 t
->start_line
, t
->err
);
317 if (!t
->err
&& t
->expected_err
) {
318 fprintf(stderr
, "Test line %d: succeeded expecting %s\n",
319 t
->start_line
, t
->expected_err
);
322 if (strcmp(t
->err
, t
->expected_err
) == 0)
325 fprintf(stderr
, "Test line %d: expecting %s got %s\n",
326 t
->start_line
, t
->expected_err
, t
->err
);
330 /* Setup a new test, run any existing test */
332 static int setup_test(struct evp_test
*t
, const struct evp_test_method
*tmeth
)
334 /* If we already have a test set up run it */
343 if (t
->meth
->run_test(t
) != 1) {
344 fprintf(stderr
, "%s test error line %d\n",
345 t
->meth
->name
, t
->start_line
);
348 if (!check_test_error(t
)) {
350 ERR_print_errors_fp(stderr
);
355 OPENSSL_free(t
->data
);
357 OPENSSL_free(t
->expected_err
);
358 t
->expected_err
= NULL
;
365 static int find_key(EVP_PKEY
**ppk
, const char *name
, struct key_list
*lst
)
367 for (; lst
; lst
= lst
->next
) {
368 if (strcmp(lst
->name
, name
) == 0) {
377 static void free_key_list(struct key_list
*lst
)
379 while (lst
!= NULL
) {
380 struct key_list
*ltmp
;
381 EVP_PKEY_free(lst
->key
);
382 OPENSSL_free(lst
->name
);
389 static int check_unsupported()
391 long err
= ERR_peek_error();
392 if (ERR_GET_LIB(err
) == ERR_LIB_EVP
393 && ERR_GET_REASON(err
) == EVP_R_UNSUPPORTED_ALGORITHM
) {
400 static int process_test(struct evp_test
*t
, char *buf
, int verbose
)
402 char *keyword
= NULL
, *value
= NULL
;
403 int rv
= 0, add_key
= 0;
405 struct key_list
**lst
= NULL
, *key
= NULL
;
407 const struct evp_test_method
*tmeth
= NULL
;
410 if (!parse_line(&keyword
, &value
, buf
))
412 if (strcmp(keyword
, "PrivateKey") == 0) {
413 save_pos
= ftell(t
->in
);
414 pk
= PEM_read_PrivateKey(t
->in
, NULL
, 0, NULL
);
415 if (pk
== NULL
&& !check_unsupported()) {
416 fprintf(stderr
, "Error reading private key %s\n", value
);
417 ERR_print_errors_fp(stderr
);
423 if (strcmp(keyword
, "PublicKey") == 0) {
424 save_pos
= ftell(t
->in
);
425 pk
= PEM_read_PUBKEY(t
->in
, NULL
, 0, NULL
);
426 if (pk
== NULL
&& !check_unsupported()) {
427 fprintf(stderr
, "Error reading public key %s\n", value
);
428 ERR_print_errors_fp(stderr
);
434 /* If we have a key add to list */
437 if (find_key(NULL
, value
, *lst
)) {
438 fprintf(stderr
, "Duplicate key %s\n", value
);
441 key
= OPENSSL_malloc(sizeof(*key
));
444 key
->name
= BUF_strdup(value
);
448 /* Rewind input, read to end and update line numbers */
449 fseek(t
->in
, save_pos
, SEEK_SET
);
450 while (fgets(tmpbuf
, sizeof(tmpbuf
), t
->in
)) {
452 if (strncmp(tmpbuf
, "-----END", 8) == 0)
455 fprintf(stderr
, "Can't find key end\n");
459 /* See if keyword corresponds to a test start */
460 tmeth
= evp_find_test(keyword
);
462 if (!setup_test(t
, tmeth
))
464 t
->start_line
= t
->line
;
466 if (!tmeth
->init(t
, value
)) {
467 fprintf(stderr
, "Unknown %s: %s\n", keyword
, value
);
471 } else if (t
->skip
) {
473 } else if (strcmp(keyword
, "Result") == 0) {
474 if (t
->expected_err
) {
475 fprintf(stderr
, "Line %d: multiple result lines\n", t
->line
);
478 t
->expected_err
= BUF_strdup(value
);
479 if (!t
->expected_err
)
482 /* Must be test specific line: try to parse it */
484 rv
= t
->meth
->parse(t
, keyword
, value
);
487 fprintf(stderr
, "line %d: unexpected keyword %s\n",
491 fprintf(stderr
, "line %d: error processing keyword %s\n",
499 static int check_output(struct evp_test
*t
, const unsigned char *expected
,
500 const unsigned char *got
, size_t len
)
502 if (!memcmp(expected
, got
, len
))
504 t
->out_expected
= BUF_memdup(expected
, len
);
505 t
->out_got
= BUF_memdup(got
, len
);
507 if (t
->out_expected
== NULL
|| t
->out_got
== NULL
) {
508 fprintf(stderr
, "Memory allocation error!\n");
514 int main(int argc
, char **argv
)
521 fprintf(stderr
, "usage: evp_test testfile.txt\n");
525 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON
);
527 ERR_load_crypto_strings();
528 OpenSSL_add_all_algorithms();
530 memset(&t
, 0, sizeof(t
));
539 t
.out_expected
= NULL
;
542 in
= fopen(argv
[1], "r");
544 while (fgets(buf
, sizeof(buf
), in
)) {
546 if (!process_test(&t
, buf
, 0))
549 /* Run any final test we have */
550 if (!setup_test(&t
, NULL
))
552 fprintf(stderr
, "%d tests completed with %d errors, %d skipped\n",
553 t
.ntests
, t
.errors
, t
.nskip
);
554 free_key_list(t
.public);
555 free_key_list(t
.private);
558 CRYPTO_cleanup_all_ex_data();
559 ERR_remove_thread_state(NULL
);
561 CRYPTO_mem_leaks_fp(stderr
);
567 static void test_free(void *d
)
572 /* Message digest tests */
575 /* Digest this test is for */
576 const EVP_MD
*digest
;
577 /* Input to digest */
578 unsigned char *input
;
580 /* Repeat count for input */
582 /* Expected output */
583 unsigned char *output
;
587 static int digest_test_init(struct evp_test
*t
, const char *alg
)
589 const EVP_MD
*digest
;
590 struct digest_data
*mdat
= t
->data
;
591 digest
= EVP_get_digestbyname(alg
);
593 /* If alg has an OID assume disabled algorithm */
594 if (OBJ_sn2nid(alg
) != NID_undef
|| OBJ_ln2nid(alg
) != NID_undef
) {
600 mdat
= OPENSSL_malloc(sizeof(*mdat
));
601 mdat
->digest
= digest
;
609 static void digest_test_cleanup(struct evp_test
*t
)
611 struct digest_data
*mdat
= t
->data
;
612 test_free(mdat
->input
);
613 test_free(mdat
->output
);
616 static int digest_test_parse(struct evp_test
*t
,
617 const char *keyword
, const char *value
)
619 struct digest_data
*mdata
= t
->data
;
620 if (strcmp(keyword
, "Input") == 0)
621 return test_bin(value
, &mdata
->input
, &mdata
->input_len
);
622 if (strcmp(keyword
, "Output") == 0)
623 return test_bin(value
, &mdata
->output
, &mdata
->output_len
);
624 if (strcmp(keyword
, "Count") == 0) {
625 long nrpt
= atoi(value
);
628 mdata
->nrpt
= (size_t)nrpt
;
634 static int digest_test_run(struct evp_test
*t
)
636 struct digest_data
*mdata
= t
->data
;
638 const char *err
= "INTERNAL_ERROR";
640 unsigned char md
[EVP_MAX_MD_SIZE
];
642 mctx
= EVP_MD_CTX_create();
645 err
= "DIGESTINIT_ERROR";
646 if (!EVP_DigestInit_ex(mctx
, mdata
->digest
, NULL
))
648 err
= "DIGESTUPDATE_ERROR";
649 for (i
= 0; i
< mdata
->nrpt
; i
++) {
650 if (!EVP_DigestUpdate(mctx
, mdata
->input
, mdata
->input_len
))
653 err
= "DIGESTFINAL_ERROR";
654 if (!EVP_DigestFinal(mctx
, md
, &md_len
))
656 err
= "DIGEST_LENGTH_MISMATCH";
657 if (md_len
!= mdata
->output_len
)
659 err
= "DIGEST_MISMATCH";
660 if (check_output(t
, mdata
->output
, md
, md_len
))
665 EVP_MD_CTX_destroy(mctx
);
670 static const struct evp_test_method digest_test_method
= {
680 const EVP_CIPHER
*cipher
;
682 /* EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE or EVP_CIPH_OCB_MODE if AEAD */
688 unsigned char *plaintext
;
689 size_t plaintext_len
;
690 unsigned char *ciphertext
;
691 size_t ciphertext_len
;
699 static int cipher_test_init(struct evp_test
*t
, const char *alg
)
701 const EVP_CIPHER
*cipher
;
702 struct cipher_data
*cdat
= t
->data
;
703 cipher
= EVP_get_cipherbyname(alg
);
705 /* If alg has an OID assume disabled algorithm */
706 if (OBJ_sn2nid(alg
) != NID_undef
|| OBJ_ln2nid(alg
) != NID_undef
) {
712 cdat
= OPENSSL_malloc(sizeof(*cdat
));
713 cdat
->cipher
= cipher
;
717 cdat
->ciphertext
= NULL
;
718 cdat
->plaintext
= NULL
;
722 if (EVP_CIPHER_mode(cipher
) == EVP_CIPH_GCM_MODE
723 || EVP_CIPHER_mode(cipher
) == EVP_CIPH_OCB_MODE
724 || EVP_CIPHER_mode(cipher
) == EVP_CIPH_CCM_MODE
)
725 cdat
->aead
= EVP_CIPHER_mode(cipher
);
732 static void cipher_test_cleanup(struct evp_test
*t
)
734 struct cipher_data
*cdat
= t
->data
;
735 test_free(cdat
->key
);
737 test_free(cdat
->ciphertext
);
738 test_free(cdat
->plaintext
);
739 test_free(cdat
->aad
);
740 test_free(cdat
->tag
);
743 static int cipher_test_parse(struct evp_test
*t
, const char *keyword
,
746 struct cipher_data
*cdat
= t
->data
;
747 if (strcmp(keyword
, "Key") == 0)
748 return test_bin(value
, &cdat
->key
, &cdat
->key_len
);
749 if (strcmp(keyword
, "IV") == 0)
750 return test_bin(value
, &cdat
->iv
, &cdat
->iv_len
);
751 if (strcmp(keyword
, "Plaintext") == 0)
752 return test_bin(value
, &cdat
->plaintext
, &cdat
->plaintext_len
);
753 if (strcmp(keyword
, "Ciphertext") == 0)
754 return test_bin(value
, &cdat
->ciphertext
, &cdat
->ciphertext_len
);
756 if (strcmp(keyword
, "AAD") == 0)
757 return test_bin(value
, &cdat
->aad
, &cdat
->aad_len
);
758 if (strcmp(keyword
, "Tag") == 0)
759 return test_bin(value
, &cdat
->tag
, &cdat
->tag_len
);
762 if (strcmp(keyword
, "Operation") == 0) {
763 if (strcmp(value
, "ENCRYPT") == 0)
765 else if (strcmp(value
, "DECRYPT") == 0)
774 static int cipher_test_enc(struct evp_test
*t
, int enc
)
776 struct cipher_data
*cdat
= t
->data
;
777 unsigned char *in
, *out
, *tmp
= NULL
;
778 size_t in_len
, out_len
;
780 EVP_CIPHER_CTX
*ctx
= NULL
;
782 err
= "INTERNAL_ERROR";
783 ctx
= EVP_CIPHER_CTX_new();
786 EVP_CIPHER_CTX_set_flags(ctx
, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW
);
788 in
= cdat
->plaintext
;
789 in_len
= cdat
->plaintext_len
;
790 out
= cdat
->ciphertext
;
791 out_len
= cdat
->ciphertext_len
;
793 in
= cdat
->ciphertext
;
794 in_len
= cdat
->ciphertext_len
;
795 out
= cdat
->plaintext
;
796 out_len
= cdat
->plaintext_len
;
798 tmp
= OPENSSL_malloc(in_len
+ 2 * EVP_MAX_BLOCK_LENGTH
);
801 err
= "CIPHERINIT_ERROR";
802 if (!EVP_CipherInit_ex(ctx
, cdat
->cipher
, NULL
, NULL
, NULL
, enc
))
804 err
= "INVALID_IV_LENGTH";
807 if (!EVP_CIPHER_CTX_ctrl(ctx
, EVP_CTRL_AEAD_SET_IVLEN
,
810 } else if (cdat
->iv_len
!= (size_t)EVP_CIPHER_CTX_iv_length(ctx
))
816 * If encrypting or OCB just set tag length initially, otherwise
817 * set tag length and value.
819 if (enc
|| cdat
->aead
== EVP_CIPH_OCB_MODE
) {
820 err
= "TAG_LENGTH_SET_ERROR";
823 err
= "TAG_SET_ERROR";
826 if (tag
|| cdat
->aead
!= EVP_CIPH_GCM_MODE
) {
827 if (!EVP_CIPHER_CTX_ctrl(ctx
, EVP_CTRL_AEAD_SET_TAG
,
833 err
= "INVALID_KEY_LENGTH";
834 if (!EVP_CIPHER_CTX_set_key_length(ctx
, cdat
->key_len
))
836 err
= "KEY_SET_ERROR";
837 if (!EVP_CipherInit_ex(ctx
, NULL
, NULL
, cdat
->key
, cdat
->iv
, -1))
840 if (!enc
&& cdat
->aead
== EVP_CIPH_OCB_MODE
) {
841 if (!EVP_CIPHER_CTX_ctrl(ctx
, EVP_CTRL_AEAD_SET_TAG
,
842 cdat
->tag_len
, cdat
->tag
)) {
843 err
= "TAG_SET_ERROR";
848 if (cdat
->aead
== EVP_CIPH_CCM_MODE
) {
849 if (!EVP_CipherUpdate(ctx
, NULL
, &tmplen
, NULL
, out_len
)) {
850 err
= "CCM_PLAINTEXT_LENGTH_SET_ERROR";
855 if (!EVP_CipherUpdate(ctx
, NULL
, &tmplen
, cdat
->aad
, cdat
->aad_len
)) {
856 err
= "AAD_SET_ERROR";
860 EVP_CIPHER_CTX_set_padding(ctx
, 0);
861 err
= "CIPHERUPDATE_ERROR";
862 if (!EVP_CipherUpdate(ctx
, tmp
, &tmplen
, in
, in_len
))
864 if (cdat
->aead
== EVP_CIPH_CCM_MODE
)
867 err
= "CIPHERFINAL_ERROR";
868 if (!EVP_CipherFinal_ex(ctx
, tmp
+ tmplen
, &tmpflen
))
871 err
= "LENGTH_MISMATCH";
872 if (out_len
!= (size_t)(tmplen
+ tmpflen
))
874 err
= "VALUE_MISMATCH";
875 if (check_output(t
, out
, tmp
, out_len
))
877 if (enc
&& cdat
->aead
) {
878 unsigned char rtag
[16];
879 if (cdat
->tag_len
> sizeof(rtag
)) {
880 err
= "TAG_LENGTH_INTERNAL_ERROR";
883 if (!EVP_CIPHER_CTX_ctrl(ctx
, EVP_CTRL_AEAD_GET_TAG
,
884 cdat
->tag_len
, rtag
)) {
885 err
= "TAG_RETRIEVE_ERROR";
888 if (check_output(t
, cdat
->tag
, rtag
, cdat
->tag_len
)) {
889 err
= "TAG_VALUE_MISMATCH";
896 EVP_CIPHER_CTX_free(ctx
);
901 static int cipher_test_run(struct evp_test
*t
)
903 struct cipher_data
*cdat
= t
->data
;
909 if (!cdat
->iv
&& EVP_CIPHER_iv_length(cdat
->cipher
)) {
910 /* IV is optional and usually omitted in wrap mode */
911 if (EVP_CIPHER_mode(cdat
->cipher
) != EVP_CIPH_WRAP_MODE
) {
916 if (cdat
->aead
&& !cdat
->tag
) {
921 rv
= cipher_test_enc(t
, 1);
922 /* Not fatal errors: return */
929 if (cdat
->enc
!= 1) {
930 rv
= cipher_test_enc(t
, 0);
931 /* Not fatal errors: return */
941 static const struct evp_test_method cipher_test_method
= {
952 /* Algorithm string for this MAC */
958 unsigned char *input
;
960 /* Expected output */
961 unsigned char *output
;
965 static int mac_test_init(struct evp_test
*t
, const char *alg
)
968 struct mac_data
*mdat
;
969 if (strcmp(alg
, "HMAC") == 0)
970 type
= EVP_PKEY_HMAC
;
971 else if (strcmp(alg
, "CMAC") == 0)
972 type
= EVP_PKEY_CMAC
;
976 mdat
= OPENSSL_malloc(sizeof(*mdat
));
986 static void mac_test_cleanup(struct evp_test
*t
)
988 struct mac_data
*mdat
= t
->data
;
989 test_free(mdat
->alg
);
990 test_free(mdat
->key
);
991 test_free(mdat
->input
);
992 test_free(mdat
->output
);
995 static int mac_test_parse(struct evp_test
*t
,
996 const char *keyword
, const char *value
)
998 struct mac_data
*mdata
= t
->data
;
999 if (strcmp(keyword
, "Key") == 0)
1000 return test_bin(value
, &mdata
->key
, &mdata
->key_len
);
1001 if (strcmp(keyword
, "Algorithm") == 0) {
1002 mdata
->alg
= BUF_strdup(value
);
1007 if (strcmp(keyword
, "Input") == 0)
1008 return test_bin(value
, &mdata
->input
, &mdata
->input_len
);
1009 if (strcmp(keyword
, "Output") == 0)
1010 return test_bin(value
, &mdata
->output
, &mdata
->output_len
);
1014 static int mac_test_run(struct evp_test
*t
)
1016 struct mac_data
*mdata
= t
->data
;
1017 const char *err
= "INTERNAL_ERROR";
1018 EVP_MD_CTX
*mctx
= NULL
;
1019 EVP_PKEY_CTX
*pctx
= NULL
, *genctx
= NULL
;
1020 EVP_PKEY
*key
= NULL
;
1021 const EVP_MD
*md
= NULL
;
1022 unsigned char *mac
= NULL
;
1025 err
= "MAC_PKEY_CTX_ERROR";
1026 genctx
= EVP_PKEY_CTX_new_id(mdata
->type
, NULL
);
1030 err
= "MAC_KEYGEN_INIT_ERROR";
1031 if (EVP_PKEY_keygen_init(genctx
) <= 0)
1033 if (mdata
->type
== EVP_PKEY_CMAC
) {
1034 err
= "MAC_ALGORITHM_SET_ERROR";
1035 if (EVP_PKEY_CTX_ctrl_str(genctx
, "cipher", mdata
->alg
) <= 0)
1039 err
= "MAC_KEY_SET_ERROR";
1040 if (EVP_PKEY_CTX_set_mac_key(genctx
, mdata
->key
, mdata
->key_len
) <= 0)
1043 err
= "MAC_KEY_GENERATE_ERROR";
1044 if (EVP_PKEY_keygen(genctx
, &key
) <= 0)
1046 if (mdata
->type
== EVP_PKEY_HMAC
) {
1047 err
= "MAC_ALGORITHM_SET_ERROR";
1048 md
= EVP_get_digestbyname(mdata
->alg
);
1052 mctx
= EVP_MD_CTX_create();
1055 err
= "DIGESTSIGNINIT_ERROR";
1056 if (!EVP_DigestSignInit(mctx
, &pctx
, md
, NULL
, key
))
1059 err
= "DIGESTSIGNUPDATE_ERROR";
1060 if (!EVP_DigestSignUpdate(mctx
, mdata
->input
, mdata
->input_len
))
1062 err
= "DIGESTSIGNFINAL_LENGTH_ERROR";
1063 if (!EVP_DigestSignFinal(mctx
, NULL
, &mac_len
))
1065 mac
= OPENSSL_malloc(mac_len
);
1067 fprintf(stderr
, "Error allocating mac buffer!\n");
1070 if (!EVP_DigestSignFinal(mctx
, mac
, &mac_len
))
1072 err
= "MAC_LENGTH_MISMATCH";
1073 if (mac_len
!= mdata
->output_len
)
1075 err
= "MAC_MISMATCH";
1076 if (check_output(t
, mdata
->output
, mac
, mac_len
))
1081 EVP_MD_CTX_destroy(mctx
);
1083 EVP_PKEY_CTX_free(genctx
);
1089 static const struct evp_test_method mac_test_method
= {
1098 * Public key operations. These are all very similar and can share
1099 * a lot of common code.
1103 /* Context for this operation */
1105 /* Key operation to perform */
1106 int (*keyop
) (EVP_PKEY_CTX
*ctx
,
1107 unsigned char *sig
, size_t *siglen
,
1108 const unsigned char *tbs
, size_t tbslen
);
1110 unsigned char *input
;
1112 /* Expected output */
1113 unsigned char *output
;
1118 * Perform public key operation setup: lookup key, allocated ctx and call
1119 * the appropriate initialisation function
1121 static int pkey_test_init(struct evp_test
*t
, const char *name
,
1123 int (*keyopinit
) (EVP_PKEY_CTX
*ctx
),
1124 int (*keyop
) (EVP_PKEY_CTX
*ctx
,
1125 unsigned char *sig
, size_t *siglen
,
1126 const unsigned char *tbs
,
1130 struct pkey_data
*kdata
;
1131 EVP_PKEY
*pkey
= NULL
;
1134 rv
= find_key(&pkey
, name
, t
->public);
1136 rv
= find_key(&pkey
, name
, t
->private);
1144 kdata
= OPENSSL_malloc(sizeof(*kdata
));
1146 EVP_PKEY_free(pkey
);
1150 kdata
->input
= NULL
;
1151 kdata
->output
= NULL
;
1152 kdata
->keyop
= keyop
;
1154 kdata
->ctx
= EVP_PKEY_CTX_new(pkey
, NULL
);
1157 if (keyopinit(kdata
->ctx
) <= 0)
1162 static void pkey_test_cleanup(struct evp_test
*t
)
1164 struct pkey_data
*kdata
= t
->data
;
1166 OPENSSL_free(kdata
->input
);
1167 OPENSSL_free(kdata
->output
);
1168 EVP_PKEY_CTX_free(kdata
->ctx
);
1171 static int pkey_test_parse(struct evp_test
*t
,
1172 const char *keyword
, const char *value
)
1174 struct pkey_data
*kdata
= t
->data
;
1175 if (strcmp(keyword
, "Input") == 0)
1176 return test_bin(value
, &kdata
->input
, &kdata
->input_len
);
1177 if (strcmp(keyword
, "Output") == 0)
1178 return test_bin(value
, &kdata
->output
, &kdata
->output_len
);
1179 if (strcmp(keyword
, "Ctrl") == 0) {
1180 char *p
= strchr(value
, ':');
1183 if (EVP_PKEY_CTX_ctrl_str(kdata
->ctx
, value
, p
) <= 0)
1190 static int pkey_test_run(struct evp_test
*t
)
1192 struct pkey_data
*kdata
= t
->data
;
1193 unsigned char *out
= NULL
;
1195 const char *err
= "KEYOP_LENGTH_ERROR";
1196 if (kdata
->keyop(kdata
->ctx
, NULL
, &out_len
, kdata
->input
,
1197 kdata
->input_len
) <= 0)
1199 out
= OPENSSL_malloc(out_len
);
1201 fprintf(stderr
, "Error allocating output buffer!\n");
1204 err
= "KEYOP_ERROR";
1206 (kdata
->ctx
, out
, &out_len
, kdata
->input
, kdata
->input_len
) <= 0)
1208 err
= "KEYOP_LENGTH_MISMATCH";
1209 if (out_len
!= kdata
->output_len
)
1211 err
= "KEYOP_MISMATCH";
1212 if (check_output(t
, kdata
->output
, out
, out_len
))
1221 static int sign_test_init(struct evp_test
*t
, const char *name
)
1223 return pkey_test_init(t
, name
, 0, EVP_PKEY_sign_init
, EVP_PKEY_sign
);
1226 static const struct evp_test_method psign_test_method
= {
1234 static int verify_recover_test_init(struct evp_test
*t
, const char *name
)
1236 return pkey_test_init(t
, name
, 1, EVP_PKEY_verify_recover_init
,
1237 EVP_PKEY_verify_recover
);
1240 static const struct evp_test_method pverify_recover_test_method
= {
1242 verify_recover_test_init
,
1248 static int decrypt_test_init(struct evp_test
*t
, const char *name
)
1250 return pkey_test_init(t
, name
, 0, EVP_PKEY_decrypt_init
,
1254 static const struct evp_test_method pdecrypt_test_method
= {
1262 static int verify_test_init(struct evp_test
*t
, const char *name
)
1264 return pkey_test_init(t
, name
, 1, EVP_PKEY_verify_init
, 0);
1267 static int verify_test_run(struct evp_test
*t
)
1269 struct pkey_data
*kdata
= t
->data
;
1270 if (EVP_PKEY_verify(kdata
->ctx
, kdata
->output
, kdata
->output_len
,
1271 kdata
->input
, kdata
->input_len
) <= 0)
1272 t
->err
= "VERIFY_ERROR";
1276 static const struct evp_test_method pverify_test_method
= {
1286 #define PBE_TYPE_SCRYPT 1
1287 #define PBE_TYPE_PBKDF2 2
1288 #define PBE_TYPE_PKCS12 3
1294 /* scrypt parameters */
1295 uint64_t N
, r
, p
, maxmem
;
1297 /* PKCS#12 parameters */
1302 unsigned char *pass
;
1306 unsigned char *salt
;
1309 /* Expected output */
1314 static int scrypt_test_parse(struct evp_test
*t
,
1315 const char *keyword
, const char *value
)
1317 struct pbe_data
*pdata
= t
->data
;
1319 if (strcmp(keyword
, "N") == 0)
1320 return test_uint64(value
, &pdata
->N
);
1321 if (strcmp(keyword
, "p") == 0)
1322 return test_uint64(value
, &pdata
->p
);
1323 if (strcmp(keyword
, "r") == 0)
1324 return test_uint64(value
, &pdata
->r
);
1325 if (strcmp(keyword
, "maxmem") == 0)
1326 return test_uint64(value
, &pdata
->maxmem
);
1330 static int pbkdf2_test_parse(struct evp_test
*t
,
1331 const char *keyword
, const char *value
)
1333 struct pbe_data
*pdata
= t
->data
;
1335 if (strcmp(keyword
, "iter") == 0) {
1336 pdata
->iter
= atoi(value
);
1337 if (pdata
->iter
<= 0)
1341 if (strcmp(keyword
, "MD") == 0) {
1342 pdata
->md
= EVP_get_digestbyname(value
);
1343 if (pdata
->md
== NULL
)
1350 static int pkcs12_test_parse(struct evp_test
*t
,
1351 const char *keyword
, const char *value
)
1353 struct pbe_data
*pdata
= t
->data
;
1355 if (strcmp(keyword
, "id") == 0) {
1356 pdata
->id
= atoi(value
);
1361 return pbkdf2_test_parse(t
, keyword
, value
);
1364 static int pbe_test_init(struct evp_test
*t
, const char *alg
)
1366 struct pbe_data
*pdat
;
1369 if (strcmp(alg
, "scrypt") == 0)
1370 pbe_type
= PBE_TYPE_SCRYPT
;
1371 else if (strcmp(alg
, "pbkdf2") == 0)
1372 pbe_type
= PBE_TYPE_PBKDF2
;
1373 else if (strcmp(alg
, "pkcs12") == 0)
1374 pbe_type
= PBE_TYPE_PKCS12
;
1376 fprintf(stderr
, "Unknown pbe algorithm %s\n", alg
);
1377 pdat
= OPENSSL_malloc(sizeof(*pdat
));
1378 pdat
->pbe_type
= pbe_type
;
1392 static void pbe_test_cleanup(struct evp_test
*t
)
1394 struct pbe_data
*pdat
= t
->data
;
1395 test_free(pdat
->pass
);
1396 test_free(pdat
->salt
);
1397 test_free(pdat
->key
);
1400 static int pbe_test_parse(struct evp_test
*t
,
1401 const char *keyword
, const char *value
)
1403 struct pbe_data
*pdata
= t
->data
;
1405 if (strcmp(keyword
, "Password") == 0)
1406 return test_bin(value
, &pdata
->pass
, &pdata
->pass_len
);
1407 if (strcmp(keyword
, "Salt") == 0)
1408 return test_bin(value
, &pdata
->salt
, &pdata
->salt_len
);
1409 if (strcmp(keyword
, "Key") == 0)
1410 return test_bin(value
, &pdata
->key
, &pdata
->key_len
);
1411 if (pdata
->pbe_type
== PBE_TYPE_SCRYPT
)
1412 return scrypt_test_parse(t
, keyword
, value
);
1413 else if (pdata
->pbe_type
== PBE_TYPE_PBKDF2
)
1414 return pbkdf2_test_parse(t
, keyword
, value
);
1415 else if (pdata
->pbe_type
== PBE_TYPE_PKCS12
)
1416 return pkcs12_test_parse(t
, keyword
, value
);
1420 static int pbe_test_run(struct evp_test
*t
)
1422 struct pbe_data
*pdata
= t
->data
;
1423 const char *err
= "INTERNAL_ERROR";
1426 key
= OPENSSL_malloc(pdata
->key_len
);
1429 if (pdata
->pbe_type
== PBE_TYPE_PBKDF2
) {
1430 err
= "PBKDF2_ERROR";
1431 if (PKCS5_PBKDF2_HMAC((char *)pdata
->pass
, pdata
->pass_len
,
1432 pdata
->salt
, pdata
->salt_len
,
1433 pdata
->iter
, pdata
->md
,
1434 pdata
->key_len
, key
) == 0)
1436 } else if (pdata
->pbe_type
== PBE_TYPE_SCRYPT
) {
1437 err
= "SCRYPT_ERROR";
1438 if (EVP_PBE_scrypt((const char *)pdata
->pass
, pdata
->pass_len
,
1439 pdata
->salt
, pdata
->salt_len
,
1440 pdata
->N
, pdata
->r
, pdata
->p
, pdata
->maxmem
,
1441 key
, pdata
->key_len
) == 0)
1443 } else if (pdata
->pbe_type
== PBE_TYPE_PKCS12
) {
1444 err
= "PKCS12_ERROR";
1445 if (PKCS12_key_gen_uni(pdata
->pass
, pdata
->pass_len
,
1446 pdata
->salt
, pdata
->salt_len
,
1447 pdata
->id
, pdata
->iter
, pdata
->key_len
,
1448 key
, pdata
->md
) == 0)
1451 err
= "KEY_MISMATCH";
1452 if (check_output(t
, pdata
->key
, key
, pdata
->key_len
))
1461 static const struct evp_test_method pbe_test_method
= {