[thirdparty/openssl.git] / test / evp_fetch_prov_test.c

/*
 * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <string.h>
#include <openssl/sha.h>
#include <openssl/evp.h>
#include <openssl/provider.h>
#include "testutil.h"

static char *alg = "digest";
static int use_default_ctx = 0;
static char *fetch_property = NULL;
static int expected_fetch_result = 1;

typedef enum OPTION_choice {
    OPT_ERR = -1,
    OPT_EOF = 0,
    OPT_ALG_FETCH_TYPE,
    OPT_FETCH_PROPERTY,
    OPT_FETCH_FAILURE,
    OPT_USE_DEFAULTCTX,
    OPT_TEST_ENUM
} OPTION_CHOICE;

const OPTIONS *test_get_options(void)
{
    static const OPTIONS test_options[] = {
        OPT_TEST_OPTIONS_WITH_EXTRA_USAGE("[provname...]\n"),
        { "type", OPT_ALG_FETCH_TYPE, 's', "The fetch type to test" },
        { "property", OPT_FETCH_PROPERTY, 's', "The fetch property e.g. fips=yes" },
        { "fetchfail", OPT_FETCH_FAILURE, '-', "fetch is expected to fail" },
        { "defaultctx", OPT_USE_DEFAULTCTX, '-',
          "Use the default context if this is set" },
        { OPT_HELP_STR, 1, '-',
          "file\tProvider names to explicitly load\n" },
        { NULL }
    };
    return test_options;
}

static int calculate_digest(const EVP_MD *md, const char *msg, size_t len,
                            const unsigned char *exptd)
{
    unsigned char out[SHA256_DIGEST_LENGTH];
    EVP_MD_CTX *ctx;
    int ret = 0;

    if (!TEST_ptr(ctx = EVP_MD_CTX_new())
            || !TEST_true(EVP_DigestInit_ex(ctx, md, NULL))
            || !TEST_true(EVP_DigestUpdate(ctx, msg, len))
            || !TEST_true(EVP_DigestFinal_ex(ctx, out, NULL))
            || !TEST_mem_eq(out, SHA256_DIGEST_LENGTH, exptd,
                            SHA256_DIGEST_LENGTH)
            || !TEST_true(md == EVP_MD_CTX_md(ctx)))
        goto err;

    ret = 1;
 err:
    EVP_MD_CTX_free(ctx);
    return ret;
}

static int load_providers(OPENSSL_CTX **libctx, OSSL_PROVIDER *prov[])
{
    OPENSSL_CTX *ctx;
    int ret = 0;
    size_t i;

    ctx = OPENSSL_CTX_new();
    if (!TEST_ptr(ctx))
        goto err;

    if (test_get_argument_count() > 2)
        goto err;

    for (i = 0; i < test_get_argument_count(); ++i) {
        char *provname = test_get_argument(i);
        prov[i] = OSSL_PROVIDER_load(ctx, provname);
        if (!TEST_ptr(prov[i]))
            goto err;
    }
    ret = 1;
    *libctx = ctx;
err:
    return ret;
}

/*
 * Test EVP_MD_fetch()
 */
static int test_EVP_MD_fetch(void)
{
    OPENSSL_CTX *ctx = NULL;
    EVP_MD *md = NULL;
    OSSL_PROVIDER *prov[2] = {NULL, NULL};
    int ret = 0;
    const char testmsg[] = "Hello world";
    const unsigned char exptd[] = {
      0x27, 0x51, 0x8b, 0xa9, 0x68, 0x30, 0x11, 0xf6, 0xb3, 0x96, 0x07, 0x2c,
      0x05, 0xf6, 0x65, 0x6d, 0x04, 0xf5, 0xfb, 0xc3, 0x78, 0x7c, 0xf9, 0x24,
      0x90, 0xec, 0x60, 0x6e, 0x50, 0x92, 0xe3, 0x26
    };

    if (use_default_ctx == 0 && !load_providers(&ctx, prov))
        goto err;

    /* Implicit fetching of the MD should produce the expected result */
    if (!TEST_true(calculate_digest(EVP_sha256(), testmsg, sizeof(testmsg),
                                    exptd))
            || !TEST_int_eq(EVP_MD_size(EVP_sha256()), SHA256_DIGEST_LENGTH)
            || !TEST_int_eq(EVP_MD_block_size(EVP_sha256()), SHA256_CBLOCK))
        goto err;

    /* Fetch the digest from a provider using properties. */
    md = EVP_MD_fetch(ctx, "SHA256", fetch_property);
    if (expected_fetch_result != 0) {
        if (!TEST_ptr(md)
            || !TEST_int_eq(EVP_MD_nid(md), NID_sha256)
            || !TEST_true(calculate_digest(md, testmsg, sizeof(testmsg), exptd))
            || !TEST_int_eq(EVP_MD_size(md), SHA256_DIGEST_LENGTH)
            || !TEST_int_eq(EVP_MD_block_size(md), SHA256_CBLOCK))
        goto err;

        /* Also test EVP_MD_up_ref() while we're doing this */
        if (!TEST_true(EVP_MD_up_ref(md)))
            goto err;
        /* Ref count should now be 2. Release first one here */
        EVP_MD_meth_free(md);
    } else {
        if (!TEST_ptr_null(md))
            goto err;
    }
    ret = 1;

err:
    EVP_MD_meth_free(md);
    OSSL_PROVIDER_unload(prov[0]);
    OSSL_PROVIDER_unload(prov[1]);
    /* Not normally needed, but we would like to test that
     * OPENSSL_thread_stop_ex() behaves as expected.
     */
    if (ctx != NULL) {
        OPENSSL_thread_stop_ex(ctx);
        OPENSSL_CTX_free(ctx);
    }
    return ret;
}

static int encrypt_decrypt(const EVP_CIPHER *cipher, const unsigned char *msg,
                           size_t len)
{
    int ret = 0, ctlen, ptlen;
    EVP_CIPHER_CTX *ctx = NULL;
    unsigned char key[128 / 8];
    unsigned char ct[64], pt[64];

    memset(key, 0, sizeof(key));
    if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())
            || !TEST_true(EVP_CipherInit_ex(ctx, cipher, NULL, key, NULL, 1))
            || !TEST_true(EVP_CipherUpdate(ctx, ct, &ctlen, msg, len))
            || !TEST_true(EVP_CipherFinal_ex(ctx, ct, &ctlen))
            || !TEST_true(EVP_CipherInit_ex(ctx, cipher, NULL, key, NULL, 0))
            || !TEST_true(EVP_CipherUpdate(ctx, pt, &ptlen, ct, ctlen))
            || !TEST_true(EVP_CipherFinal_ex(ctx, pt, &ptlen))
            || !TEST_mem_eq(pt, ptlen, msg, len))
        goto err;

    ret = 1;
err:
    EVP_CIPHER_CTX_free(ctx);
    return ret;
}

/*
 * Test EVP_CIPHER_fetch()
 */
static int test_EVP_CIPHER_fetch(void)
{
    OPENSSL_CTX *ctx = NULL;
    EVP_CIPHER *cipher = NULL;
    OSSL_PROVIDER *prov[2] = {NULL, NULL};
    int ret = 0;
    const unsigned char testmsg[] = "Hello world";

    if (use_default_ctx == 0 && !load_providers(&ctx, prov))
        goto err;

    /* Implicit fetching of the cipher should produce the expected result */
    if (!TEST_true(encrypt_decrypt(EVP_aes_128_cbc(), testmsg, sizeof(testmsg))))
        goto err;

    /* Fetch the cipher from a provider using properties. */
    cipher = EVP_CIPHER_fetch(ctx, "AES-128-CBC", fetch_property);
    if (expected_fetch_result != 0) {
        if (!TEST_ptr(cipher)
            || !TEST_true(encrypt_decrypt(cipher, testmsg, sizeof(testmsg)))) {
            if (!TEST_true(EVP_CIPHER_up_ref(cipher)))
                goto err;
            /* Ref count should now be 2. Release first one here */
            EVP_CIPHER_meth_free(cipher);
        }
    } else {
        if (!TEST_ptr_null(cipher))
            goto err;
    }
    ret = 1;
err:
    EVP_CIPHER_meth_free(cipher);
    OSSL_PROVIDER_unload(prov[0]);
    OSSL_PROVIDER_unload(prov[1]);
    OPENSSL_CTX_free(ctx);
    return ret;
}

int setup_tests(void)
{
    OPTION_CHOICE o;

    while ((o = opt_next()) != OPT_EOF) {
        switch (o) {
        case OPT_ALG_FETCH_TYPE:
            alg = opt_arg();
            break;
        case OPT_FETCH_PROPERTY:
            fetch_property = opt_arg();
            break;
        case OPT_FETCH_FAILURE:
            expected_fetch_result = 0;
            break;
        case OPT_USE_DEFAULTCTX:
            use_default_ctx = 1;
            break;
        case OPT_TEST_CASES:
           break;
        default:
        case OPT_ERR:
            return 0;
        }
    }
    if (strcmp(alg, "digest") == 0)
        ADD_TEST(test_EVP_MD_fetch);
    else
        ADD_TEST(test_EVP_CIPHER_fetch);
    return 1;
}
Commit	Line	Data
7bb82f92 SL	1	/*
	2	* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
	3	*
	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
	8	*/
	9
	10	#include <string.h>
	11	#include <openssl/sha.h>
	12	#include <openssl/evp.h>
	13	#include <openssl/provider.h>
	14	#include "testutil.h"
	15
	16	static char *alg = "digest";
	17	static int use_default_ctx = 0;
	18	static char *fetch_property = NULL;
	19	static int expected_fetch_result = 1;
	20
	21	typedef enum OPTION_choice {
	22	OPT_ERR = -1,
	23	OPT_EOF = 0,
	24	OPT_ALG_FETCH_TYPE,
	25	OPT_FETCH_PROPERTY,
	26	OPT_FETCH_FAILURE,
	27	OPT_USE_DEFAULTCTX,
	28	OPT_TEST_ENUM
	29	} OPTION_CHOICE;
	30
	31	const OPTIONS *test_get_options(void)
	32	{
	33	static const OPTIONS test_options[] = {
	34	OPT_TEST_OPTIONS_WITH_EXTRA_USAGE("[provname...]\n"),
	35	{ "type", OPT_ALG_FETCH_TYPE, 's', "The fetch type to test" },
	36	{ "property", OPT_FETCH_PROPERTY, 's', "The fetch property e.g. fips=yes" },
	37	{ "fetchfail", OPT_FETCH_FAILURE, '-', "fetch is expected to fail" },
	38	{ "defaultctx", OPT_USE_DEFAULTCTX, '-',
	39	"Use the default context if this is set" },
	40	{ OPT_HELP_STR, 1, '-',
	41	"file\tProvider names to explicitly load\n" },
	42	{ NULL }
	43	};
	44	return test_options;
	45	}
	46
	47	static int calculate_digest(const EVP_MD md, const char msg, size_t len,
	48	const unsigned char *exptd)
	49	{
	50	unsigned char out[SHA256_DIGEST_LENGTH];
	51	EVP_MD_CTX *ctx;
	52	int ret = 0;
	53
	54	if (!TEST_ptr(ctx = EVP_MD_CTX_new())
	55	\|\| !TEST_true(EVP_DigestInit_ex(ctx, md, NULL))
	56	\|\| !TEST_true(EVP_DigestUpdate(ctx, msg, len))
	57	\|\| !TEST_true(EVP_DigestFinal_ex(ctx, out, NULL))
	58	\|\| !TEST_mem_eq(out, SHA256_DIGEST_LENGTH, exptd,
	59	SHA256_DIGEST_LENGTH)
	60	\|\| !TEST_true(md == EVP_MD_CTX_md(ctx)))
	61	goto err;
	62
	63	ret = 1;
	64	err:
65	EVP_MD_CTX_free(ctx);
66	return ret;
67	}
68
69	static int load_providers(OPENSSL_CTX *libctx, OSSL_PROVIDER prov[])
70	{
71	OPENSSL_CTX *ctx;
72	int ret = 0;
73	size_t i;
74
75	ctx = OPENSSL_CTX_new();
76	if (!TEST_ptr(ctx))
77	goto err;
78
79	if (test_get_argument_count() > 2)
80	goto err;
81
82	for (i = 0; i < test_get_argument_count(); ++i) {
83	char *provname = test_get_argument(i);
84	prov[i] = OSSL_PROVIDER_load(ctx, provname);
85	if (!TEST_ptr(prov[i]))
86	goto err;
87	}
88	ret = 1;
89	*libctx = ctx;
90	err:
91	return ret;
92	}
93
94	/*
95	* Test EVP_MD_fetch()
96	*/
97	static int test_EVP_MD_fetch(void)
98	{
99	OPENSSL_CTX *ctx = NULL;
100	EVP_MD *md = NULL;
101	OSSL_PROVIDER *prov[2] = {NULL, NULL};
102	int ret = 0;
103	const char testmsg[] = "Hello world";
104	const unsigned char exptd[] = {
105	0x27, 0x51, 0x8b, 0xa9, 0x68, 0x30, 0x11, 0xf6, 0xb3, 0x96, 0x07, 0x2c,
106	0x05, 0xf6, 0x65, 0x6d, 0x04, 0xf5, 0xfb, 0xc3, 0x78, 0x7c, 0xf9, 0x24,
107	0x90, 0xec, 0x60, 0x6e, 0x50, 0x92, 0xe3, 0x26
108	};
109
110	if (use_default_ctx == 0 && !load_providers(&ctx, prov))
111	goto err;
112
113	/* Implicit fetching of the MD should produce the expected result */
114	if (!TEST_true(calculate_digest(EVP_sha256(), testmsg, sizeof(testmsg),
115	exptd))
116	\|\| !TEST_int_eq(EVP_MD_size(EVP_sha256()), SHA256_DIGEST_LENGTH)
117	\|\| !TEST_int_eq(EVP_MD_block_size(EVP_sha256()), SHA256_CBLOCK))
118	goto err;
119
120	/* Fetch the digest from a provider using properties. */
121	md = EVP_MD_fetch(ctx, "SHA256", fetch_property);
122	if (expected_fetch_result != 0) {
123	if (!TEST_ptr(md)
124	\|\| !TEST_int_eq(EVP_MD_nid(md), NID_sha256)
125	\|\| !TEST_true(calculate_digest(md, testmsg, sizeof(testmsg), exptd))
126	\|\| !TEST_int_eq(EVP_MD_size(md), SHA256_DIGEST_LENGTH)
127	\|\| !TEST_int_eq(EVP_MD_block_size(md), SHA256_CBLOCK))
128	goto err;
129
130	/* Also test EVP_MD_up_ref() while we're doing this */
131	if (!TEST_true(EVP_MD_up_ref(md)))
132	goto err;
133	/* Ref count should now be 2. Release first one here */
134	EVP_MD_meth_free(md);
135	} else {
136	if (!TEST_ptr_null(md))
137	goto err;
138	}
139	ret = 1;
140
141	err:
142	EVP_MD_meth_free(md);
143	OSSL_PROVIDER_unload(prov[0]);
144	OSSL_PROVIDER_unload(prov[1]);
145	/* Not normally needed, but we would like to test that
146	* OPENSSL_thread_stop_ex() behaves as expected.
147	*/
148	if (ctx != NULL) {
149	OPENSSL_thread_stop_ex(ctx);
150	OPENSSL_CTX_free(ctx);
151	}
152	return ret;
153	}
154
155	static int encrypt_decrypt(const EVP_CIPHER cipher, const unsigned char msg,
156	size_t len)
157	{
158	int ret = 0, ctlen, ptlen;
159	EVP_CIPHER_CTX *ctx = NULL;
160	unsigned char key[128 / 8];
161	unsigned char ct[64], pt[64];
162
163	memset(key, 0, sizeof(key));
164	if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())
165	\|\| !TEST_true(EVP_CipherInit_ex(ctx, cipher, NULL, key, NULL, 1))
166	\|\| !TEST_true(EVP_CipherUpdate(ctx, ct, &ctlen, msg, len))
167	\|\| !TEST_true(EVP_CipherFinal_ex(ctx, ct, &ctlen))
168	\|\| !TEST_true(EVP_CipherInit_ex(ctx, cipher, NULL, key, NULL, 0))
169	\|\| !TEST_true(EVP_CipherUpdate(ctx, pt, &ptlen, ct, ctlen))
170	\|\| !TEST_true(EVP_CipherFinal_ex(ctx, pt, &ptlen))
171	\|\| !TEST_mem_eq(pt, ptlen, msg, len))
172	goto err;
173
174	ret = 1;
175	err:
176	EVP_CIPHER_CTX_free(ctx);
177	return ret;
178	}
179
180	/*
181	* Test EVP_CIPHER_fetch()
182	*/
183	static int test_EVP_CIPHER_fetch(void)
184	{
185	OPENSSL_CTX *ctx = NULL;
186	EVP_CIPHER *cipher = NULL;
187	OSSL_PROVIDER *prov[2] = {NULL, NULL};
188	int ret = 0;
189	const unsigned char testmsg[] = "Hello world";
190
191	if (use_default_ctx == 0 && !load_providers(&ctx, prov))
192	goto err;
193
194	/* Implicit fetching of the cipher should produce the expected result */
195	if (!TEST_true(encrypt_decrypt(EVP_aes_128_cbc(), testmsg, sizeof(testmsg))))
196	goto err;
197
198	/* Fetch the cipher from a provider using properties. */
199	cipher = EVP_CIPHER_fetch(ctx, "AES-128-CBC", fetch_property);
200	if (expected_fetch_result != 0) {
201	if (!TEST_ptr(cipher)
202	\|\| !TEST_true(encrypt_decrypt(cipher, testmsg, sizeof(testmsg)))) {
203	if (!TEST_true(EVP_CIPHER_up_ref(cipher)))
204	goto err;
205	/* Ref count should now be 2. Release first one here */
206	EVP_CIPHER_meth_free(cipher);
207	}
208	} else {
209	if (!TEST_ptr_null(cipher))
210	goto err;
211	}
212	ret = 1;
213	err:
214	EVP_CIPHER_meth_free(cipher);
215	OSSL_PROVIDER_unload(prov[0]);
216	OSSL_PROVIDER_unload(prov[1]);
217	OPENSSL_CTX_free(ctx);
218	return ret;
219	}
220
221	int setup_tests(void)
222	{
223	OPTION_CHOICE o;
224
225	while ((o = opt_next()) != OPT_EOF) {
226	switch (o) {
227	case OPT_ALG_FETCH_TYPE:
228	alg = opt_arg();
229	break;
230	case OPT_FETCH_PROPERTY:
231	fetch_property = opt_arg();
232	break;
233	case OPT_FETCH_FAILURE:
234	expected_fetch_result = 0;
235	break;
236	case OPT_USE_DEFAULTCTX:
237	use_default_ctx = 1;
238	break;
239	case OPT_TEST_CASES:
240	break;
241	default:
242	case OPT_ERR:
243	return 0;
244	}
245	}
246	if (strcmp(alg, "digest") == 0)
247	ADD_TEST(test_EVP_MD_fetch);
248	else
249	ADD_TEST(test_EVP_CIPHER_fetch);
250	return 1;
251	}