]>
Commit | Line | Data |
---|---|---|
2d5d70b1 | 1 | /* |
6738bf14 | 2 | * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. |
2d5d70b1 | 3 | * |
ab3fa1c0 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
440e5d80 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
2d5d70b1 MC |
8 | */ |
9 | ||
10 | /* | |
11 | * This is the OSSLTEST engine. It provides deliberately crippled digest | |
12 | * implementations for test purposes. It is highly insecure and must NOT be | |
13 | * used for any purpose except testing | |
14 | */ | |
15 | ||
85d843c8 P |
16 | /* |
17 | * SHA low level APIs are deprecated for public use, but still ok for | |
18 | * internal use. Note, that due to symbols not being exported, only the | |
19 | * #defines and type definitions can be accessed, function calls are not | |
20 | * available. The digest lengths, block sizes and sizeof(CTX) are used herein | |
21 | * for several different digests. | |
22 | */ | |
23 | #include "internal/deprecated.h" | |
24 | ||
2d5d70b1 MC |
25 | #include <stdio.h> |
26 | #include <string.h> | |
27 | ||
28 | #include <openssl/engine.h> | |
29 | #include <openssl/sha.h> | |
30 | #include <openssl/md5.h> | |
31 | #include <openssl/rsa.h> | |
32 | #include <openssl/evp.h> | |
33 | #include <openssl/modes.h> | |
34 | #include <openssl/aes.h> | |
c57c32a8 | 35 | #include <openssl/rand.h> |
7b9f8f7f | 36 | #include <openssl/crypto.h> |
2d5d70b1 | 37 | |
2d5d70b1 MC |
38 | #include "e_ossltest_err.c" |
39 | ||
40 | /* Engine Id and Name */ | |
41 | static const char *engine_ossltest_id = "ossltest"; | |
42 | static const char *engine_ossltest_name = "OpenSSL Test engine support"; | |
43 | ||
44 | ||
45 | /* Engine Lifetime functions */ | |
46 | static int ossltest_destroy(ENGINE *e); | |
47 | static int ossltest_init(ENGINE *e); | |
48 | static int ossltest_finish(ENGINE *e); | |
49 | void ENGINE_load_ossltest(void); | |
50 | ||
51 | ||
52 | /* Set up digests */ | |
53 | static int ossltest_digests(ENGINE *e, const EVP_MD **digest, | |
54 | const int **nids, int nid); | |
c57c32a8 | 55 | static const RAND_METHOD *ossltest_rand_method(void); |
2d5d70b1 | 56 | |
2d5d70b1 MC |
57 | /* MD5 */ |
58 | static int digest_md5_init(EVP_MD_CTX *ctx); | |
59 | static int digest_md5_update(EVP_MD_CTX *ctx, const void *data, | |
16a9542a | 60 | size_t count); |
2d5d70b1 MC |
61 | static int digest_md5_final(EVP_MD_CTX *ctx, unsigned char *md); |
62 | ||
cddcea8c RL |
63 | static EVP_MD *_hidden_md5_md = NULL; |
64 | static const EVP_MD *digest_md5(void) | |
65 | { | |
66 | if (_hidden_md5_md == NULL) { | |
67 | EVP_MD *md; | |
68 | ||
69 | if ((md = EVP_MD_meth_new(NID_md5, NID_md5WithRSAEncryption)) == NULL | |
70 | || !EVP_MD_meth_set_result_size(md, MD5_DIGEST_LENGTH) | |
71 | || !EVP_MD_meth_set_input_blocksize(md, MD5_CBLOCK) | |
72 | || !EVP_MD_meth_set_app_datasize(md, | |
73 | sizeof(EVP_MD *) + sizeof(MD5_CTX)) | |
74 | || !EVP_MD_meth_set_flags(md, 0) | |
75 | || !EVP_MD_meth_set_init(md, digest_md5_init) | |
76 | || !EVP_MD_meth_set_update(md, digest_md5_update) | |
77 | || !EVP_MD_meth_set_final(md, digest_md5_final)) { | |
78 | EVP_MD_meth_free(md); | |
79 | md = NULL; | |
80 | } | |
81 | _hidden_md5_md = md; | |
82 | } | |
83 | return _hidden_md5_md; | |
84 | } | |
2d5d70b1 MC |
85 | |
86 | /* SHA1 */ | |
87 | static int digest_sha1_init(EVP_MD_CTX *ctx); | |
88 | static int digest_sha1_update(EVP_MD_CTX *ctx, const void *data, | |
16a9542a | 89 | size_t count); |
2d5d70b1 MC |
90 | static int digest_sha1_final(EVP_MD_CTX *ctx, unsigned char *md); |
91 | ||
cddcea8c RL |
92 | static EVP_MD *_hidden_sha1_md = NULL; |
93 | static const EVP_MD *digest_sha1(void) | |
94 | { | |
95 | if (_hidden_sha1_md == NULL) { | |
96 | EVP_MD *md; | |
97 | ||
98 | if ((md = EVP_MD_meth_new(NID_sha1, NID_sha1WithRSAEncryption)) == NULL | |
99 | || !EVP_MD_meth_set_result_size(md, SHA_DIGEST_LENGTH) | |
100 | || !EVP_MD_meth_set_input_blocksize(md, SHA_CBLOCK) | |
101 | || !EVP_MD_meth_set_app_datasize(md, | |
102 | sizeof(EVP_MD *) + sizeof(SHA_CTX)) | |
103 | || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_DIGALGID_ABSENT) | |
104 | || !EVP_MD_meth_set_init(md, digest_sha1_init) | |
105 | || !EVP_MD_meth_set_update(md, digest_sha1_update) | |
106 | || !EVP_MD_meth_set_final(md, digest_sha1_final)) { | |
107 | EVP_MD_meth_free(md); | |
108 | md = NULL; | |
109 | } | |
110 | _hidden_sha1_md = md; | |
111 | } | |
112 | return _hidden_sha1_md; | |
113 | } | |
2d5d70b1 MC |
114 | |
115 | /* SHA256 */ | |
116 | static int digest_sha256_init(EVP_MD_CTX *ctx); | |
117 | static int digest_sha256_update(EVP_MD_CTX *ctx, const void *data, | |
16a9542a | 118 | size_t count); |
2d5d70b1 MC |
119 | static int digest_sha256_final(EVP_MD_CTX *ctx, unsigned char *md); |
120 | ||
cddcea8c RL |
121 | static EVP_MD *_hidden_sha256_md = NULL; |
122 | static const EVP_MD *digest_sha256(void) | |
123 | { | |
124 | if (_hidden_sha256_md == NULL) { | |
125 | EVP_MD *md; | |
126 | ||
127 | if ((md = EVP_MD_meth_new(NID_sha256, NID_sha256WithRSAEncryption)) == NULL | |
128 | || !EVP_MD_meth_set_result_size(md, SHA256_DIGEST_LENGTH) | |
129 | || !EVP_MD_meth_set_input_blocksize(md, SHA256_CBLOCK) | |
130 | || !EVP_MD_meth_set_app_datasize(md, | |
131 | sizeof(EVP_MD *) + sizeof(SHA256_CTX)) | |
132 | || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_DIGALGID_ABSENT) | |
133 | || !EVP_MD_meth_set_init(md, digest_sha256_init) | |
134 | || !EVP_MD_meth_set_update(md, digest_sha256_update) | |
135 | || !EVP_MD_meth_set_final(md, digest_sha256_final)) { | |
136 | EVP_MD_meth_free(md); | |
137 | md = NULL; | |
138 | } | |
139 | _hidden_sha256_md = md; | |
140 | } | |
141 | return _hidden_sha256_md; | |
142 | } | |
2d5d70b1 MC |
143 | |
144 | /* SHA384/SHA512 */ | |
145 | static int digest_sha384_init(EVP_MD_CTX *ctx); | |
85d843c8 P |
146 | static int digest_sha384_update(EVP_MD_CTX *ctx, const void *data, |
147 | size_t count); | |
148 | static int digest_sha384_final(EVP_MD_CTX *ctx, unsigned char *md); | |
149 | ||
2d5d70b1 MC |
150 | static int digest_sha512_init(EVP_MD_CTX *ctx); |
151 | static int digest_sha512_update(EVP_MD_CTX *ctx, const void *data, | |
16a9542a | 152 | size_t count); |
2d5d70b1 MC |
153 | static int digest_sha512_final(EVP_MD_CTX *ctx, unsigned char *md); |
154 | ||
cddcea8c RL |
155 | static EVP_MD *_hidden_sha384_md = NULL; |
156 | static const EVP_MD *digest_sha384(void) | |
157 | { | |
158 | if (_hidden_sha384_md == NULL) { | |
159 | EVP_MD *md; | |
160 | ||
161 | if ((md = EVP_MD_meth_new(NID_sha384, NID_sha384WithRSAEncryption)) == NULL | |
162 | || !EVP_MD_meth_set_result_size(md, SHA384_DIGEST_LENGTH) | |
163 | || !EVP_MD_meth_set_input_blocksize(md, SHA512_CBLOCK) | |
164 | || !EVP_MD_meth_set_app_datasize(md, | |
165 | sizeof(EVP_MD *) + sizeof(SHA512_CTX)) | |
166 | || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_DIGALGID_ABSENT) | |
167 | || !EVP_MD_meth_set_init(md, digest_sha384_init) | |
85d843c8 | 168 | || !EVP_MD_meth_set_update(md, digest_sha384_update) |
cddcea8c RL |
169 | || !EVP_MD_meth_set_final(md, digest_sha384_final)) { |
170 | EVP_MD_meth_free(md); | |
171 | md = NULL; | |
172 | } | |
173 | _hidden_sha384_md = md; | |
174 | } | |
175 | return _hidden_sha384_md; | |
176 | } | |
177 | static EVP_MD *_hidden_sha512_md = NULL; | |
178 | static const EVP_MD *digest_sha512(void) | |
179 | { | |
180 | if (_hidden_sha512_md == NULL) { | |
181 | EVP_MD *md; | |
182 | ||
183 | if ((md = EVP_MD_meth_new(NID_sha512, NID_sha512WithRSAEncryption)) == NULL | |
184 | || !EVP_MD_meth_set_result_size(md, SHA512_DIGEST_LENGTH) | |
185 | || !EVP_MD_meth_set_input_blocksize(md, SHA512_CBLOCK) | |
186 | || !EVP_MD_meth_set_app_datasize(md, | |
187 | sizeof(EVP_MD *) + sizeof(SHA512_CTX)) | |
188 | || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_DIGALGID_ABSENT) | |
189 | || !EVP_MD_meth_set_init(md, digest_sha512_init) | |
190 | || !EVP_MD_meth_set_update(md, digest_sha512_update) | |
191 | || !EVP_MD_meth_set_final(md, digest_sha512_final)) { | |
192 | EVP_MD_meth_free(md); | |
193 | md = NULL; | |
194 | } | |
195 | _hidden_sha512_md = md; | |
196 | } | |
197 | return _hidden_sha512_md; | |
198 | } | |
199 | static void destroy_digests(void) | |
200 | { | |
201 | EVP_MD_meth_free(_hidden_md5_md); | |
202 | _hidden_md5_md = NULL; | |
203 | EVP_MD_meth_free(_hidden_sha1_md); | |
204 | _hidden_sha1_md = NULL; | |
205 | EVP_MD_meth_free(_hidden_sha256_md); | |
206 | _hidden_sha256_md = NULL; | |
207 | EVP_MD_meth_free(_hidden_sha384_md); | |
208 | _hidden_sha384_md = NULL; | |
209 | EVP_MD_meth_free(_hidden_sha512_md); | |
210 | _hidden_sha512_md = NULL; | |
211 | } | |
212 | static int ossltest_digest_nids(const int **nids) | |
213 | { | |
214 | static int digest_nids[6] = { 0, 0, 0, 0, 0, 0 }; | |
215 | static int pos = 0; | |
216 | static int init = 0; | |
217 | ||
218 | if (!init) { | |
219 | const EVP_MD *md; | |
220 | if ((md = digest_md5()) != NULL) | |
221 | digest_nids[pos++] = EVP_MD_type(md); | |
222 | if ((md = digest_sha1()) != NULL) | |
223 | digest_nids[pos++] = EVP_MD_type(md); | |
224 | if ((md = digest_sha256()) != NULL) | |
225 | digest_nids[pos++] = EVP_MD_type(md); | |
226 | if ((md = digest_sha384()) != NULL) | |
227 | digest_nids[pos++] = EVP_MD_type(md); | |
228 | if ((md = digest_sha512()) != NULL) | |
229 | digest_nids[pos++] = EVP_MD_type(md); | |
230 | digest_nids[pos] = 0; | |
231 | init = 1; | |
232 | } | |
233 | *nids = digest_nids; | |
234 | return pos; | |
235 | } | |
2d5d70b1 MC |
236 | |
237 | /* Setup ciphers */ | |
238 | static int ossltest_ciphers(ENGINE *, const EVP_CIPHER **, | |
239 | const int **, int); | |
240 | ||
241 | static int ossltest_cipher_nids[] = { | |
aad22ba2 | 242 | NID_aes_128_cbc, NID_aes_128_gcm, 0 |
2d5d70b1 MC |
243 | }; |
244 | ||
245 | /* AES128 */ | |
246 | ||
247 | int ossltest_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | |
248 | const unsigned char *iv, int enc); | |
249 | int ossltest_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | |
250 | const unsigned char *in, size_t inl); | |
aad22ba2 MC |
251 | int ossltest_aes128_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, |
252 | const unsigned char *iv, int enc); | |
253 | int ossltest_aes128_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | |
254 | const unsigned char *in, size_t inl); | |
255 | static int ossltest_aes128_gcm_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, | |
256 | void *ptr); | |
2d5d70b1 | 257 | |
39e8d0ce RL |
258 | static EVP_CIPHER *_hidden_aes_128_cbc = NULL; |
259 | static const EVP_CIPHER *ossltest_aes_128_cbc(void) | |
260 | { | |
261 | if (_hidden_aes_128_cbc == NULL | |
262 | && ((_hidden_aes_128_cbc = EVP_CIPHER_meth_new(NID_aes_128_cbc, | |
263 | 16 /* block size */, | |
264 | 16 /* key len */)) == NULL | |
265 | || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_cbc,16) | |
266 | || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc, | |
267 | EVP_CIPH_FLAG_DEFAULT_ASN1 | |
268 | | EVP_CIPH_CBC_MODE) | |
269 | || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc, | |
270 | ossltest_aes128_init_key) | |
271 | || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc, | |
272 | ossltest_aes128_cbc_cipher) | |
273 | || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_cbc, | |
274 | EVP_CIPHER_impl_ctx_size(EVP_aes_128_cbc())))) { | |
275 | EVP_CIPHER_meth_free(_hidden_aes_128_cbc); | |
276 | _hidden_aes_128_cbc = NULL; | |
277 | } | |
278 | return _hidden_aes_128_cbc; | |
279 | } | |
aad22ba2 | 280 | static EVP_CIPHER *_hidden_aes_128_gcm = NULL; |
ca0b75ad | 281 | |
aad22ba2 MC |
282 | #define AES_GCM_FLAGS (EVP_CIPH_FLAG_DEFAULT_ASN1 \ |
283 | | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ | |
284 | | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \ | |
285 | | EVP_CIPH_CUSTOM_COPY |EVP_CIPH_FLAG_AEAD_CIPHER \ | |
286 | | EVP_CIPH_GCM_MODE) | |
ca0b75ad | 287 | |
aad22ba2 MC |
288 | static const EVP_CIPHER *ossltest_aes_128_gcm(void) |
289 | { | |
290 | if (_hidden_aes_128_gcm == NULL | |
291 | && ((_hidden_aes_128_gcm = EVP_CIPHER_meth_new(NID_aes_128_gcm, | |
292 | 1 /* block size */, | |
293 | 16 /* key len */)) == NULL | |
294 | || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_gcm,12) | |
295 | || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_gcm, AES_GCM_FLAGS) | |
296 | || !EVP_CIPHER_meth_set_init(_hidden_aes_128_gcm, | |
297 | ossltest_aes128_gcm_init_key) | |
298 | || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_gcm, | |
299 | ossltest_aes128_gcm_cipher) | |
300 | || !EVP_CIPHER_meth_set_ctrl(_hidden_aes_128_gcm, | |
301 | ossltest_aes128_gcm_ctrl) | |
302 | || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_gcm, | |
303 | EVP_CIPHER_impl_ctx_size(EVP_aes_128_gcm())))) { | |
304 | EVP_CIPHER_meth_free(_hidden_aes_128_gcm); | |
305 | _hidden_aes_128_gcm = NULL; | |
306 | } | |
307 | return _hidden_aes_128_gcm; | |
308 | } | |
309 | ||
39e8d0ce RL |
310 | static void destroy_ciphers(void) |
311 | { | |
312 | EVP_CIPHER_meth_free(_hidden_aes_128_cbc); | |
aad22ba2 | 313 | EVP_CIPHER_meth_free(_hidden_aes_128_gcm); |
39e8d0ce RL |
314 | _hidden_aes_128_cbc = NULL; |
315 | } | |
2d5d70b1 MC |
316 | |
317 | static int bind_ossltest(ENGINE *e) | |
318 | { | |
319 | /* Ensure the ossltest error handling is set up */ | |
320 | ERR_load_OSSLTEST_strings(); | |
321 | ||
322 | if (!ENGINE_set_id(e, engine_ossltest_id) | |
323 | || !ENGINE_set_name(e, engine_ossltest_name) | |
324 | || !ENGINE_set_digests(e, ossltest_digests) | |
325 | || !ENGINE_set_ciphers(e, ossltest_ciphers) | |
c57c32a8 | 326 | || !ENGINE_set_RAND(e, ossltest_rand_method()) |
2d5d70b1 MC |
327 | || !ENGINE_set_destroy_function(e, ossltest_destroy) |
328 | || !ENGINE_set_init_function(e, ossltest_init) | |
329 | || !ENGINE_set_finish_function(e, ossltest_finish)) { | |
330 | OSSLTESTerr(OSSLTEST_F_BIND_OSSLTEST, OSSLTEST_R_INIT_FAILED); | |
331 | return 0; | |
332 | } | |
333 | ||
334 | return 1; | |
335 | } | |
336 | ||
c0cbb4c1 | 337 | #ifndef OPENSSL_NO_DYNAMIC_ENGINE |
2d5d70b1 MC |
338 | static int bind_helper(ENGINE *e, const char *id) |
339 | { | |
340 | if (id && (strcmp(id, engine_ossltest_id) != 0)) | |
341 | return 0; | |
342 | if (!bind_ossltest(e)) | |
343 | return 0; | |
344 | return 1; | |
345 | } | |
346 | ||
347 | IMPLEMENT_DYNAMIC_CHECK_FN() | |
348 | IMPLEMENT_DYNAMIC_BIND_FN(bind_helper) | |
c0cbb4c1 RL |
349 | #endif |
350 | ||
2d5d70b1 MC |
351 | static ENGINE *engine_ossltest(void) |
352 | { | |
353 | ENGINE *ret = ENGINE_new(); | |
55646005 | 354 | if (ret == NULL) |
2d5d70b1 MC |
355 | return NULL; |
356 | if (!bind_ossltest(ret)) { | |
357 | ENGINE_free(ret); | |
358 | return NULL; | |
359 | } | |
360 | return ret; | |
361 | } | |
362 | ||
363 | void ENGINE_load_ossltest(void) | |
364 | { | |
365 | /* Copied from eng_[openssl|dyn].c */ | |
366 | ENGINE *toadd = engine_ossltest(); | |
367 | if (!toadd) | |
368 | return; | |
369 | ENGINE_add(toadd); | |
370 | ENGINE_free(toadd); | |
371 | ERR_clear_error(); | |
372 | } | |
2d5d70b1 MC |
373 | |
374 | ||
375 | static int ossltest_init(ENGINE *e) | |
376 | { | |
377 | return 1; | |
378 | } | |
379 | ||
380 | ||
381 | static int ossltest_finish(ENGINE *e) | |
382 | { | |
383 | return 1; | |
384 | } | |
385 | ||
386 | ||
387 | static int ossltest_destroy(ENGINE *e) | |
388 | { | |
cddcea8c | 389 | destroy_digests(); |
39e8d0ce | 390 | destroy_ciphers(); |
2d5d70b1 MC |
391 | ERR_unload_OSSLTEST_strings(); |
392 | return 1; | |
393 | } | |
394 | ||
395 | static int ossltest_digests(ENGINE *e, const EVP_MD **digest, | |
396 | const int **nids, int nid) | |
397 | { | |
398 | int ok = 1; | |
399 | if (!digest) { | |
400 | /* We are returning a list of supported nids */ | |
cddcea8c | 401 | return ossltest_digest_nids(nids); |
2d5d70b1 MC |
402 | } |
403 | /* We are being asked for a specific digest */ | |
404 | switch (nid) { | |
405 | case NID_md5: | |
cddcea8c | 406 | *digest = digest_md5(); |
2d5d70b1 MC |
407 | break; |
408 | case NID_sha1: | |
cddcea8c | 409 | *digest = digest_sha1(); |
2d5d70b1 MC |
410 | break; |
411 | case NID_sha256: | |
cddcea8c | 412 | *digest = digest_sha256(); |
2d5d70b1 MC |
413 | break; |
414 | case NID_sha384: | |
cddcea8c | 415 | *digest = digest_sha384(); |
2d5d70b1 MC |
416 | break; |
417 | case NID_sha512: | |
cddcea8c | 418 | *digest = digest_sha512(); |
2d5d70b1 MC |
419 | break; |
420 | default: | |
421 | ok = 0; | |
422 | *digest = NULL; | |
423 | break; | |
424 | } | |
425 | return ok; | |
426 | } | |
427 | ||
428 | static int ossltest_ciphers(ENGINE *e, const EVP_CIPHER **cipher, | |
429 | const int **nids, int nid) | |
430 | { | |
431 | int ok = 1; | |
432 | if (!cipher) { | |
433 | /* We are returning a list of supported nids */ | |
434 | *nids = ossltest_cipher_nids; | |
435 | return (sizeof(ossltest_cipher_nids) - 1) | |
436 | / sizeof(ossltest_cipher_nids[0]); | |
437 | } | |
438 | /* We are being asked for a specific cipher */ | |
439 | switch (nid) { | |
440 | case NID_aes_128_cbc: | |
39e8d0ce | 441 | *cipher = ossltest_aes_128_cbc(); |
2d5d70b1 | 442 | break; |
aad22ba2 MC |
443 | case NID_aes_128_gcm: |
444 | *cipher = ossltest_aes_128_gcm(); | |
445 | break; | |
2d5d70b1 MC |
446 | default: |
447 | ok = 0; | |
448 | *cipher = NULL; | |
449 | break; | |
450 | } | |
451 | return ok; | |
452 | } | |
453 | ||
454 | static void fill_known_data(unsigned char *md, unsigned int len) | |
455 | { | |
456 | unsigned int i; | |
457 | ||
458 | for (i=0; i<len; i++) { | |
459 | md[i] = (unsigned char)(i & 0xff); | |
460 | } | |
461 | } | |
462 | ||
463 | /* | |
464 | * MD5 implementation. We go through the motions of doing MD5 by deferring to | |
465 | * the standard implementation. Then we overwrite the result with a will defined | |
466 | * value, so that all "MD5" digests using the test engine always end up with | |
467 | * the same value. | |
468 | */ | |
2d5d70b1 MC |
469 | static int digest_md5_init(EVP_MD_CTX *ctx) |
470 | { | |
85d843c8 | 471 | return EVP_MD_meth_get_init(EVP_md5())(ctx); |
2d5d70b1 MC |
472 | } |
473 | ||
474 | static int digest_md5_update(EVP_MD_CTX *ctx, const void *data, | |
16a9542a | 475 | size_t count) |
2d5d70b1 | 476 | { |
85d843c8 | 477 | return EVP_MD_meth_get_update(EVP_md5())(ctx, data, count); |
2d5d70b1 MC |
478 | } |
479 | ||
480 | static int digest_md5_final(EVP_MD_CTX *ctx, unsigned char *md) | |
481 | { | |
85d843c8 | 482 | int ret = EVP_MD_meth_get_final(EVP_md5())(ctx, md); |
2d5d70b1 MC |
483 | |
484 | if (ret > 0) { | |
485 | fill_known_data(md, MD5_DIGEST_LENGTH); | |
486 | } | |
487 | return ret; | |
488 | } | |
489 | ||
490 | /* | |
491 | * SHA1 implementation. | |
492 | */ | |
2d5d70b1 MC |
493 | static int digest_sha1_init(EVP_MD_CTX *ctx) |
494 | { | |
85d843c8 | 495 | return EVP_MD_meth_get_init(EVP_sha1())(ctx); |
2d5d70b1 MC |
496 | } |
497 | ||
498 | static int digest_sha1_update(EVP_MD_CTX *ctx, const void *data, | |
16a9542a | 499 | size_t count) |
2d5d70b1 | 500 | { |
85d843c8 | 501 | return EVP_MD_meth_get_update(EVP_sha1())(ctx, data, count); |
2d5d70b1 MC |
502 | } |
503 | ||
504 | static int digest_sha1_final(EVP_MD_CTX *ctx, unsigned char *md) | |
505 | { | |
85d843c8 | 506 | int ret = EVP_MD_meth_get_final(EVP_sha1())(ctx, md); |
2d5d70b1 MC |
507 | |
508 | if (ret > 0) { | |
509 | fill_known_data(md, SHA_DIGEST_LENGTH); | |
510 | } | |
511 | return ret; | |
512 | } | |
513 | ||
514 | /* | |
515 | * SHA256 implementation. | |
516 | */ | |
2d5d70b1 MC |
517 | static int digest_sha256_init(EVP_MD_CTX *ctx) |
518 | { | |
85d843c8 | 519 | return EVP_MD_meth_get_init(EVP_sha256())(ctx); |
2d5d70b1 MC |
520 | } |
521 | ||
522 | static int digest_sha256_update(EVP_MD_CTX *ctx, const void *data, | |
16a9542a | 523 | size_t count) |
2d5d70b1 | 524 | { |
85d843c8 | 525 | return EVP_MD_meth_get_update(EVP_sha256())(ctx, data, count); |
2d5d70b1 MC |
526 | } |
527 | ||
528 | static int digest_sha256_final(EVP_MD_CTX *ctx, unsigned char *md) | |
529 | { | |
85d843c8 | 530 | int ret = EVP_MD_meth_get_final(EVP_sha256())(ctx, md); |
2d5d70b1 MC |
531 | |
532 | if (ret > 0) { | |
533 | fill_known_data(md, SHA256_DIGEST_LENGTH); | |
534 | } | |
535 | return ret; | |
536 | } | |
537 | ||
538 | /* | |
85d843c8 | 539 | * SHA384 implementation. |
2d5d70b1 | 540 | */ |
2d5d70b1 MC |
541 | static int digest_sha384_init(EVP_MD_CTX *ctx) |
542 | { | |
85d843c8 | 543 | return EVP_MD_meth_get_init(EVP_sha384())(ctx); |
2d5d70b1 MC |
544 | } |
545 | ||
85d843c8 | 546 | static int digest_sha384_update(EVP_MD_CTX *ctx, const void *data, |
16a9542a | 547 | size_t count) |
2d5d70b1 | 548 | { |
85d843c8 | 549 | return EVP_MD_meth_get_update(EVP_sha384())(ctx, data, count); |
2d5d70b1 MC |
550 | } |
551 | ||
552 | static int digest_sha384_final(EVP_MD_CTX *ctx, unsigned char *md) | |
553 | { | |
85d843c8 | 554 | int ret = EVP_MD_meth_get_final(EVP_sha384())(ctx, md); |
2d5d70b1 MC |
555 | |
556 | if (ret > 0) { | |
557 | fill_known_data(md, SHA384_DIGEST_LENGTH); | |
558 | } | |
559 | return ret; | |
560 | } | |
561 | ||
85d843c8 P |
562 | /* |
563 | * SHA512 implementation. | |
564 | */ | |
565 | static int digest_sha512_init(EVP_MD_CTX *ctx) | |
566 | { | |
567 | return EVP_MD_meth_get_init(EVP_sha512())(ctx); | |
568 | } | |
569 | ||
570 | static int digest_sha512_update(EVP_MD_CTX *ctx, const void *data, | |
571 | size_t count) | |
572 | { | |
573 | return EVP_MD_meth_get_update(EVP_sha512())(ctx, data, count); | |
574 | } | |
575 | ||
2d5d70b1 MC |
576 | static int digest_sha512_final(EVP_MD_CTX *ctx, unsigned char *md) |
577 | { | |
85d843c8 | 578 | int ret = EVP_MD_meth_get_final(EVP_sha512())(ctx, md); |
2d5d70b1 MC |
579 | |
580 | if (ret > 0) { | |
581 | fill_known_data(md, SHA512_DIGEST_LENGTH); | |
582 | } | |
583 | return ret; | |
584 | } | |
585 | ||
586 | /* | |
587 | * AES128 Implementation | |
588 | */ | |
589 | ||
590 | int ossltest_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | |
591 | const unsigned char *iv, int enc) | |
592 | { | |
39e8d0ce | 593 | return EVP_CIPHER_meth_get_init(EVP_aes_128_cbc()) (ctx, key, iv, enc); |
2d5d70b1 MC |
594 | } |
595 | ||
596 | int ossltest_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | |
597 | const unsigned char *in, size_t inl) | |
598 | { | |
599 | unsigned char *tmpbuf; | |
600 | int ret; | |
601 | ||
602 | tmpbuf = OPENSSL_malloc(inl); | |
04e3bb04 MC |
603 | |
604 | /* OPENSSL_malloc will return NULL if inl == 0 */ | |
605 | if (tmpbuf == NULL && inl > 0) | |
2d5d70b1 MC |
606 | return -1; |
607 | ||
608 | /* Remember what we were asked to encrypt */ | |
04e3bb04 MC |
609 | if (tmpbuf != NULL) |
610 | memcpy(tmpbuf, in, inl); | |
2d5d70b1 MC |
611 | |
612 | /* Go through the motions of encrypting it */ | |
39e8d0ce | 613 | ret = EVP_CIPHER_meth_get_do_cipher(EVP_aes_128_cbc())(ctx, out, in, inl); |
2d5d70b1 MC |
614 | |
615 | /* Throw it all away and just use the plaintext as the output */ | |
04e3bb04 MC |
616 | if (tmpbuf != NULL) |
617 | memcpy(out, tmpbuf, inl); | |
2d5d70b1 MC |
618 | OPENSSL_free(tmpbuf); |
619 | ||
620 | return ret; | |
621 | } | |
aad22ba2 MC |
622 | |
623 | int ossltest_aes128_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | |
624 | const unsigned char *iv, int enc) | |
625 | { | |
626 | return EVP_CIPHER_meth_get_init(EVP_aes_128_gcm()) (ctx, key, iv, enc); | |
627 | } | |
628 | ||
629 | ||
630 | int ossltest_aes128_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | |
631 | const unsigned char *in, size_t inl) | |
632 | { | |
bebc0c7d | 633 | unsigned char *tmpbuf = OPENSSL_malloc(inl); |
aad22ba2 | 634 | |
6606d600 | 635 | /* OPENSSL_malloc will return NULL if inl == 0 */ |
bebc0c7d | 636 | if (tmpbuf == NULL && inl > 0) |
aad22ba2 MC |
637 | return -1; |
638 | ||
639 | /* Remember what we were asked to encrypt */ | |
04e3bb04 MC |
640 | if (tmpbuf != NULL) |
641 | memcpy(tmpbuf, in, inl); | |
aad22ba2 MC |
642 | |
643 | /* Go through the motions of encrypting it */ | |
644 | EVP_CIPHER_meth_get_do_cipher(EVP_aes_128_gcm())(ctx, out, in, inl); | |
645 | ||
6606d600 | 646 | /* Throw it all away and just use the plaintext as the output */ |
3295d242 | 647 | if (tmpbuf != NULL && out != NULL) |
04e3bb04 | 648 | memcpy(out, tmpbuf, inl); |
aad22ba2 MC |
649 | OPENSSL_free(tmpbuf); |
650 | ||
bebc0c7d | 651 | return inl; |
aad22ba2 MC |
652 | } |
653 | ||
654 | static int ossltest_aes128_gcm_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, | |
655 | void *ptr) | |
656 | { | |
aad22ba2 | 657 | /* Pass the ctrl down */ |
6606d600 | 658 | int ret = EVP_CIPHER_meth_get_ctrl(EVP_aes_128_gcm())(ctx, type, arg, ptr); |
bebc0c7d MC |
659 | |
660 | if (ret <= 0) | |
661 | return ret; | |
662 | ||
663 | switch(type) { | |
664 | case EVP_CTRL_AEAD_GET_TAG: | |
665 | /* Always give the same tag */ | |
666 | memset(ptr, 0, EVP_GCM_TLS_TAG_LEN); | |
667 | break; | |
668 | ||
669 | default: | |
670 | break; | |
671 | } | |
672 | ||
673 | return 1; | |
aad22ba2 | 674 | } |
c57c32a8 DSH |
675 | |
676 | static int ossltest_rand_bytes(unsigned char *buf, int num) | |
677 | { | |
678 | unsigned char val = 1; | |
679 | ||
680 | while (--num >= 0) | |
681 | *buf++ = val++; | |
682 | return 1; | |
683 | } | |
684 | ||
685 | static int ossltest_rand_status(void) | |
686 | { | |
687 | return 1; | |
688 | } | |
689 | ||
690 | static const RAND_METHOD *ossltest_rand_method(void) | |
691 | { | |
692 | ||
693 | static RAND_METHOD osslt_rand_meth = { | |
694 | NULL, | |
695 | ossltest_rand_bytes, | |
696 | NULL, | |
697 | NULL, | |
698 | ossltest_rand_bytes, | |
699 | ossltest_rand_status | |
700 | }; | |
701 | ||
702 | return &osslt_rand_meth; | |
703 | } |