]>
Commit | Line | Data |
---|---|---|
7bb82f92 SL |
1 | /* |
2 | * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. | |
3 | * | |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
10 | #include <string.h> | |
11 | #include <openssl/sha.h> | |
12 | #include <openssl/evp.h> | |
13 | #include <openssl/provider.h> | |
14 | #include "testutil.h" | |
15 | ||
16 | static char *alg = "digest"; | |
17 | static int use_default_ctx = 0; | |
18 | static char *fetch_property = NULL; | |
19 | static int expected_fetch_result = 1; | |
20 | ||
21 | typedef enum OPTION_choice { | |
22 | OPT_ERR = -1, | |
23 | OPT_EOF = 0, | |
24 | OPT_ALG_FETCH_TYPE, | |
25 | OPT_FETCH_PROPERTY, | |
26 | OPT_FETCH_FAILURE, | |
27 | OPT_USE_DEFAULTCTX, | |
28 | OPT_TEST_ENUM | |
29 | } OPTION_CHOICE; | |
30 | ||
31 | const OPTIONS *test_get_options(void) | |
32 | { | |
33 | static const OPTIONS test_options[] = { | |
34 | OPT_TEST_OPTIONS_WITH_EXTRA_USAGE("[provname...]\n"), | |
35 | { "type", OPT_ALG_FETCH_TYPE, 's', "The fetch type to test" }, | |
36 | { "property", OPT_FETCH_PROPERTY, 's', "The fetch property e.g. fips=yes" }, | |
37 | { "fetchfail", OPT_FETCH_FAILURE, '-', "fetch is expected to fail" }, | |
38 | { "defaultctx", OPT_USE_DEFAULTCTX, '-', | |
39 | "Use the default context if this is set" }, | |
40 | { OPT_HELP_STR, 1, '-', | |
41 | "file\tProvider names to explicitly load\n" }, | |
42 | { NULL } | |
43 | }; | |
44 | return test_options; | |
45 | } | |
46 | ||
47 | static int calculate_digest(const EVP_MD *md, const char *msg, size_t len, | |
48 | const unsigned char *exptd) | |
49 | { | |
50 | unsigned char out[SHA256_DIGEST_LENGTH]; | |
51 | EVP_MD_CTX *ctx; | |
52 | int ret = 0; | |
53 | ||
54 | if (!TEST_ptr(ctx = EVP_MD_CTX_new()) | |
55 | || !TEST_true(EVP_DigestInit_ex(ctx, md, NULL)) | |
56 | || !TEST_true(EVP_DigestUpdate(ctx, msg, len)) | |
57 | || !TEST_true(EVP_DigestFinal_ex(ctx, out, NULL)) | |
58 | || !TEST_mem_eq(out, SHA256_DIGEST_LENGTH, exptd, | |
59 | SHA256_DIGEST_LENGTH) | |
60 | || !TEST_true(md == EVP_MD_CTX_md(ctx))) | |
61 | goto err; | |
62 | ||
63 | ret = 1; | |
64 | err: | |
65 | EVP_MD_CTX_free(ctx); | |
66 | return ret; | |
67 | } | |
68 | ||
69 | static int load_providers(OPENSSL_CTX **libctx, OSSL_PROVIDER *prov[]) | |
70 | { | |
71 | OPENSSL_CTX *ctx; | |
72 | int ret = 0; | |
73 | size_t i; | |
74 | ||
75 | ctx = OPENSSL_CTX_new(); | |
76 | if (!TEST_ptr(ctx)) | |
77 | goto err; | |
78 | ||
79 | if (test_get_argument_count() > 2) | |
80 | goto err; | |
81 | ||
82 | for (i = 0; i < test_get_argument_count(); ++i) { | |
83 | char *provname = test_get_argument(i); | |
84 | prov[i] = OSSL_PROVIDER_load(ctx, provname); | |
85 | if (!TEST_ptr(prov[i])) | |
86 | goto err; | |
87 | } | |
88 | ret = 1; | |
89 | *libctx = ctx; | |
90 | err: | |
91 | return ret; | |
92 | } | |
93 | ||
94 | /* | |
95 | * Test EVP_MD_fetch() | |
96 | */ | |
97 | static int test_EVP_MD_fetch(void) | |
98 | { | |
99 | OPENSSL_CTX *ctx = NULL; | |
100 | EVP_MD *md = NULL; | |
101 | OSSL_PROVIDER *prov[2] = {NULL, NULL}; | |
102 | int ret = 0; | |
103 | const char testmsg[] = "Hello world"; | |
104 | const unsigned char exptd[] = { | |
105 | 0x27, 0x51, 0x8b, 0xa9, 0x68, 0x30, 0x11, 0xf6, 0xb3, 0x96, 0x07, 0x2c, | |
106 | 0x05, 0xf6, 0x65, 0x6d, 0x04, 0xf5, 0xfb, 0xc3, 0x78, 0x7c, 0xf9, 0x24, | |
107 | 0x90, 0xec, 0x60, 0x6e, 0x50, 0x92, 0xe3, 0x26 | |
108 | }; | |
109 | ||
110 | if (use_default_ctx == 0 && !load_providers(&ctx, prov)) | |
111 | goto err; | |
112 | ||
113 | /* Implicit fetching of the MD should produce the expected result */ | |
114 | if (!TEST_true(calculate_digest(EVP_sha256(), testmsg, sizeof(testmsg), | |
115 | exptd)) | |
116 | || !TEST_int_eq(EVP_MD_size(EVP_sha256()), SHA256_DIGEST_LENGTH) | |
117 | || !TEST_int_eq(EVP_MD_block_size(EVP_sha256()), SHA256_CBLOCK)) | |
118 | goto err; | |
119 | ||
120 | /* Fetch the digest from a provider using properties. */ | |
121 | md = EVP_MD_fetch(ctx, "SHA256", fetch_property); | |
122 | if (expected_fetch_result != 0) { | |
123 | if (!TEST_ptr(md) | |
124 | || !TEST_int_eq(EVP_MD_nid(md), NID_sha256) | |
125 | || !TEST_true(calculate_digest(md, testmsg, sizeof(testmsg), exptd)) | |
126 | || !TEST_int_eq(EVP_MD_size(md), SHA256_DIGEST_LENGTH) | |
127 | || !TEST_int_eq(EVP_MD_block_size(md), SHA256_CBLOCK)) | |
128 | goto err; | |
129 | ||
130 | /* Also test EVP_MD_up_ref() while we're doing this */ | |
131 | if (!TEST_true(EVP_MD_up_ref(md))) | |
132 | goto err; | |
133 | /* Ref count should now be 2. Release first one here */ | |
134 | EVP_MD_meth_free(md); | |
135 | } else { | |
136 | if (!TEST_ptr_null(md)) | |
137 | goto err; | |
138 | } | |
139 | ret = 1; | |
140 | ||
141 | err: | |
142 | EVP_MD_meth_free(md); | |
143 | OSSL_PROVIDER_unload(prov[0]); | |
144 | OSSL_PROVIDER_unload(prov[1]); | |
145 | /* Not normally needed, but we would like to test that | |
146 | * OPENSSL_thread_stop_ex() behaves as expected. | |
147 | */ | |
148 | if (ctx != NULL) { | |
149 | OPENSSL_thread_stop_ex(ctx); | |
150 | OPENSSL_CTX_free(ctx); | |
151 | } | |
152 | return ret; | |
153 | } | |
154 | ||
155 | static int encrypt_decrypt(const EVP_CIPHER *cipher, const unsigned char *msg, | |
156 | size_t len) | |
157 | { | |
158 | int ret = 0, ctlen, ptlen; | |
159 | EVP_CIPHER_CTX *ctx = NULL; | |
160 | unsigned char key[128 / 8]; | |
161 | unsigned char ct[64], pt[64]; | |
162 | ||
163 | memset(key, 0, sizeof(key)); | |
164 | if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new()) | |
165 | || !TEST_true(EVP_CipherInit_ex(ctx, cipher, NULL, key, NULL, 1)) | |
166 | || !TEST_true(EVP_CipherUpdate(ctx, ct, &ctlen, msg, len)) | |
167 | || !TEST_true(EVP_CipherFinal_ex(ctx, ct, &ctlen)) | |
168 | || !TEST_true(EVP_CipherInit_ex(ctx, cipher, NULL, key, NULL, 0)) | |
169 | || !TEST_true(EVP_CipherUpdate(ctx, pt, &ptlen, ct, ctlen)) | |
170 | || !TEST_true(EVP_CipherFinal_ex(ctx, pt, &ptlen)) | |
171 | || !TEST_mem_eq(pt, ptlen, msg, len)) | |
172 | goto err; | |
173 | ||
174 | ret = 1; | |
175 | err: | |
176 | EVP_CIPHER_CTX_free(ctx); | |
177 | return ret; | |
178 | } | |
179 | ||
180 | /* | |
181 | * Test EVP_CIPHER_fetch() | |
182 | */ | |
183 | static int test_EVP_CIPHER_fetch(void) | |
184 | { | |
185 | OPENSSL_CTX *ctx = NULL; | |
186 | EVP_CIPHER *cipher = NULL; | |
187 | OSSL_PROVIDER *prov[2] = {NULL, NULL}; | |
188 | int ret = 0; | |
189 | const unsigned char testmsg[] = "Hello world"; | |
190 | ||
191 | if (use_default_ctx == 0 && !load_providers(&ctx, prov)) | |
192 | goto err; | |
193 | ||
194 | /* Implicit fetching of the cipher should produce the expected result */ | |
195 | if (!TEST_true(encrypt_decrypt(EVP_aes_128_cbc(), testmsg, sizeof(testmsg)))) | |
196 | goto err; | |
197 | ||
198 | /* Fetch the cipher from a provider using properties. */ | |
199 | cipher = EVP_CIPHER_fetch(ctx, "AES-128-CBC", fetch_property); | |
200 | if (expected_fetch_result != 0) { | |
201 | if (!TEST_ptr(cipher) | |
202 | || !TEST_true(encrypt_decrypt(cipher, testmsg, sizeof(testmsg)))) { | |
203 | if (!TEST_true(EVP_CIPHER_up_ref(cipher))) | |
204 | goto err; | |
205 | /* Ref count should now be 2. Release first one here */ | |
206 | EVP_CIPHER_meth_free(cipher); | |
207 | } | |
208 | } else { | |
209 | if (!TEST_ptr_null(cipher)) | |
210 | goto err; | |
211 | } | |
212 | ret = 1; | |
213 | err: | |
214 | EVP_CIPHER_meth_free(cipher); | |
215 | OSSL_PROVIDER_unload(prov[0]); | |
216 | OSSL_PROVIDER_unload(prov[1]); | |
217 | OPENSSL_CTX_free(ctx); | |
218 | return ret; | |
219 | } | |
220 | ||
221 | int setup_tests(void) | |
222 | { | |
223 | OPTION_CHOICE o; | |
224 | ||
225 | while ((o = opt_next()) != OPT_EOF) { | |
226 | switch (o) { | |
227 | case OPT_ALG_FETCH_TYPE: | |
228 | alg = opt_arg(); | |
229 | break; | |
230 | case OPT_FETCH_PROPERTY: | |
231 | fetch_property = opt_arg(); | |
232 | break; | |
233 | case OPT_FETCH_FAILURE: | |
234 | expected_fetch_result = 0; | |
235 | break; | |
236 | case OPT_USE_DEFAULTCTX: | |
237 | use_default_ctx = 1; | |
238 | break; | |
239 | case OPT_TEST_CASES: | |
240 | break; | |
241 | default: | |
242 | case OPT_ERR: | |
243 | return 0; | |
244 | } | |
245 | } | |
246 | if (strcmp(alg, "digest") == 0) | |
247 | ADD_TEST(test_EVP_MD_fetch); | |
248 | else | |
249 | ADD_TEST(test_EVP_CIPHER_fetch); | |
250 | return 1; | |
251 | } |