]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/evp_test.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Use common STANZA for bn and exp tests
[thirdparty/openssl.git] / test / evp_test.c
1 /*
2 * Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stdio.h>
11 #include <string.h>
12 #include <stdlib.h>
13 #include <ctype.h>
14 #include <openssl/evp.h>
15 #include <openssl/pem.h>
16 #include <openssl/err.h>
17 #include <openssl/x509v3.h>
18 #include <openssl/pkcs12.h>
19 #include <openssl/kdf.h>
20 #include "internal/numbers.h"
21 #include "testutil.h"
22 #include "evp_test.h"
23
24
25 typedef struct evp_test_method_st EVP_TEST_METHOD;
26
27 /*
28 * Structure holding test information
29 */
30 typedef struct evp_test_st {
31 STANZA s; /* Common test stanza */
32 char *name;
33 int skip; /* Current test should be skipped */
34 const EVP_TEST_METHOD *meth; /* method for this test */
35 const char *err, *aux_err; /* Error string for test */
36 char *expected_err; /* Expected error value of test */
37 char *func; /* Expected error function string */
38 char *reason; /* Expected error reason string */
39 void *data; /* test specific data */
40 } EVP_TEST;
41
42 /*
43 * Test method structure
44 */
45 struct evp_test_method_st {
46 /* Name of test as it appears in file */
47 const char *name;
48 /* Initialise test for "alg" */
49 int (*init) (EVP_TEST * t, const char *alg);
50 /* Clean up method */
51 void (*cleanup) (EVP_TEST * t);
52 /* Test specific name value pair processing */
53 int (*parse) (EVP_TEST * t, const char *name, const char *value);
54 /* Run the test itself */
55 int (*run_test) (EVP_TEST * t);
56 };
57
58
59 /*
60 * Linked list of named keys.
61 */
62 typedef struct key_list_st {
63 char *name;
64 EVP_PKEY *key;
65 struct key_list_st *next;
66 } KEY_LIST;
67
68 /*
69 * List of public and private keys
70 */
71 static KEY_LIST *private_keys;
72 static KEY_LIST *public_keys;
73 static int find_key(EVP_PKEY **ppk, const char *name, KEY_LIST *lst);
74
75 static int parse_bin(const char *value, unsigned char **buf, size_t *buflen);
76
77 /*
78 * Structure used to hold a list of blocks of memory to test
79 * calls to "update" like functions.
80 */
81 struct evp_test_buffer_st {
82 unsigned char *buf;
83 size_t buflen;
84 size_t count;
85 int count_set;
86 };
87
88 static void evp_test_buffer_free(EVP_TEST_BUFFER *db)
89 {
90 if (db != NULL) {
91 OPENSSL_free(db->buf);
92 OPENSSL_free(db);
93 }
94 }
95
96 /*
97 * append buffer to a list
98 */
99 static int evp_test_buffer_append(const char *value,
100 STACK_OF(EVP_TEST_BUFFER) **sk)
101 {
102 EVP_TEST_BUFFER *db = NULL;
103
104 if (!TEST_ptr(db = OPENSSL_malloc(sizeof(*db))))
105 goto err;
106
107 if (!parse_bin(value, &db->buf, &db->buflen))
108 goto err;
109 db->count = 1;
110 db->count_set = 0;
111
112 if (*sk == NULL && !TEST_ptr(*sk = sk_EVP_TEST_BUFFER_new_null()))
113 goto err;
114 if (!sk_EVP_TEST_BUFFER_push(*sk, db))
115 goto err;
116
117 return 1;
118
119 err:
120 evp_test_buffer_free(db);
121 return 0;
122 }
123
124 /*
125 * replace last buffer in list with copies of itself
126 */
127 static int evp_test_buffer_ncopy(const char *value,
128 STACK_OF(EVP_TEST_BUFFER) *sk)
129 {
130 EVP_TEST_BUFFER *db;
131 unsigned char *tbuf, *p;
132 size_t tbuflen;
133 int ncopy = atoi(value);
134 int i;
135
136 if (ncopy <= 0)
137 return 0;
138 if (sk == NULL || sk_EVP_TEST_BUFFER_num(sk) == 0)
139 return 0;
140 db = sk_EVP_TEST_BUFFER_value(sk, sk_EVP_TEST_BUFFER_num(sk) - 1);
141
142 tbuflen = db->buflen * ncopy;
143 if (!TEST_ptr(tbuf = OPENSSL_malloc(tbuflen)))
144 return 0;
145 for (i = 0, p = tbuf; i < ncopy; i++, p += db->buflen)
146 memcpy(p, db->buf, db->buflen);
147
148 OPENSSL_free(db->buf);
149 db->buf = tbuf;
150 db->buflen = tbuflen;
151 return 1;
152 }
153
154 /*
155 * set repeat count for last buffer in list
156 */
157 static int evp_test_buffer_set_count(const char *value,
158 STACK_OF(EVP_TEST_BUFFER) *sk)
159 {
160 EVP_TEST_BUFFER *db;
161 int count = atoi(value);
162
163 if (count <= 0)
164 return 0;
165
166 if (sk == NULL || sk_EVP_TEST_BUFFER_num(sk) == 0)
167 return 0;
168
169 db = sk_EVP_TEST_BUFFER_value(sk, sk_EVP_TEST_BUFFER_num(sk) - 1);
170 if (db->count_set != 0)
171 return 0;
172
173 db->count = (size_t)count;
174 db->count_set = 1;
175 return 1;
176 }
177
178 /*
179 * call "fn" with each element of the list in turn
180 */
181 static int evp_test_buffer_do(STACK_OF(EVP_TEST_BUFFER) *sk,
182 int (*fn)(void *ctx,
183 const unsigned char *buf,
184 size_t buflen),
185 void *ctx)
186 {
187 int i;
188
189 for (i = 0; i < sk_EVP_TEST_BUFFER_num(sk); i++) {
190 EVP_TEST_BUFFER *tb = sk_EVP_TEST_BUFFER_value(sk, i);
191 size_t j;
192
193 for (j = 0; j < tb->count; j++) {
194 if (fn(ctx, tb->buf, tb->buflen) <= 0)
195 return 0;
196 }
197 }
198 return 1;
199 }
200
201 /*
202 * Unescape some sequences in string literals (only \n for now).
203 * Return an allocated buffer, set |out_len|. If |input_len|
204 * is zero, get an empty buffer but set length to zero.
205 */
206 static unsigned char* unescape(const char *input, size_t input_len,
207 size_t *out_len)
208 {
209 unsigned char *ret, *p;
210 size_t i;
211
212 if (input_len == 0) {
213 *out_len = 0;
214 return OPENSSL_zalloc(1);
215 }
216
217 /* Escaping is non-expanding; over-allocate original size for simplicity. */
218 if (!TEST_ptr(ret = p = OPENSSL_malloc(input_len)))
219 return NULL;
220
221 for (i = 0; i < input_len; i++) {
222 if (*input == '\\') {
223 if (i == input_len - 1 || *++input != 'n') {
224 TEST_error("Bad escape sequence in file");
225 goto err;
226 }
227 *p++ = '\n';
228 i++;
229 input++;
230 } else {
231 *p++ = *input++;
232 }
233 }
234
235 *out_len = p - ret;
236 return ret;
237
238 err:
239 OPENSSL_free(ret);
240 return NULL;
241 }
242
243 /*
244 * For a hex string "value" convert to a binary allocated buffer.
245 * Return 1 on success or 0 on failure.
246 */
247 static int parse_bin(const char *value, unsigned char **buf, size_t *buflen)
248 {
249 long len;
250
251 /* Check for NULL literal */
252 if (strcmp(value, "NULL") == 0) {
253 *buf = NULL;
254 *buflen = 0;
255 return 1;
256 }
257
258 /* Check for empty value */
259 if (*value == '\0') {
260 /*
261 * Don't return NULL for zero length buffer. This is needed for
262 * some tests with empty keys: HMAC_Init_ex() expects a non-NULL key
263 * buffer even if the key length is 0, in order to detect key reset.
264 */
265 *buf = OPENSSL_malloc(1);
266 if (*buf == NULL)
267 return 0;
268 **buf = 0;
269 *buflen = 0;
270 return 1;
271 }
272
273 /* Check for string literal */
274 if (value[0] == '"') {
275 size_t vlen = strlen(++value);
276
277 if (vlen == 0 || value[vlen - 1] != '"')
278 return 0;
279 vlen--;
280 *buf = unescape(value, vlen, buflen);
281 return *buf == NULL ? 0 : 1;
282 }
283
284 /* Otherwise assume as hex literal and convert it to binary buffer */
285 if (!TEST_ptr(*buf = OPENSSL_hexstr2buf(value, &len))) {
286 TEST_info("Can't convert %s", value);
287 ERR_print_errors(bio_err);
288 return -1;
289 }
290 /* Size of input buffer means we'll never overflow */
291 *buflen = len;
292 return 1;
293 }
294
295
296 /**
297 *** MESSAGE DIGEST TESTS
298 **/
299
300 typedef struct digest_data_st {
301 /* Digest this test is for */
302 const EVP_MD *digest;
303 /* Input to digest */
304 STACK_OF(EVP_TEST_BUFFER) *input;
305 /* Expected output */
306 unsigned char *output;
307 size_t output_len;
308 } DIGEST_DATA;
309
310 static int digest_test_init(EVP_TEST *t, const char *alg)
311 {
312 DIGEST_DATA *mdat;
313 const EVP_MD *digest;
314
315 if ((digest = EVP_get_digestbyname(alg)) == NULL) {
316 /* If alg has an OID assume disabled algorithm */
317 if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) {
318 t->skip = 1;
319 return 1;
320 }
321 return 0;
322 }
323 if (!TEST_ptr(mdat = OPENSSL_zalloc(sizeof(*mdat))))
324 return 0;
325 t->data = mdat;
326 mdat->digest = digest;
327 return 1;
328 }
329
330 static void digest_test_cleanup(EVP_TEST *t)
331 {
332 DIGEST_DATA *mdat = t->data;
333
334 sk_EVP_TEST_BUFFER_pop_free(mdat->input, evp_test_buffer_free);
335 OPENSSL_free(mdat->output);
336 }
337
338 static int digest_test_parse(EVP_TEST *t,
339 const char *keyword, const char *value)
340 {
341 DIGEST_DATA *mdata = t->data;
342
343 if (strcmp(keyword, "Input") == 0)
344 return evp_test_buffer_append(value, &mdata->input);
345 if (strcmp(keyword, "Output") == 0)
346 return parse_bin(value, &mdata->output, &mdata->output_len);
347 if (strcmp(keyword, "Count") == 0)
348 return evp_test_buffer_set_count(value, mdata->input);
349 if (strcmp(keyword, "Ncopy") == 0)
350 return evp_test_buffer_ncopy(value, mdata->input);
351 return 0;
352 }
353
354 static int digest_update_fn(void *ctx, const unsigned char *buf, size_t buflen)
355 {
356 return EVP_DigestUpdate(ctx, buf, buflen);
357 }
358
359 static int digest_test_run(EVP_TEST *t)
360 {
361 DIGEST_DATA *expected = t->data;
362 EVP_MD_CTX *mctx;
363 unsigned char got[EVP_MAX_MD_SIZE];
364 unsigned int got_len;
365
366 t->err = "TEST_FAILURE";
367 if (!TEST_ptr(mctx = EVP_MD_CTX_new()))
368 goto err;
369
370 if (!EVP_DigestInit_ex(mctx, expected->digest, NULL)) {
371 t->err = "DIGESTINIT_ERROR";
372 goto err;
373 }
374 if (!evp_test_buffer_do(expected->input, digest_update_fn, mctx)) {
375 t->err = "DIGESTUPDATE_ERROR";
376 goto err;
377 }
378
379 if (!EVP_DigestFinal(mctx, got, &got_len)) {
380 t->err = "DIGESTFINAL_ERROR";
381 goto err;
382 }
383 if (!TEST_int_eq(expected->output_len, got_len)) {
384 t->err = "DIGEST_LENGTH_MISMATCH";
385 goto err;
386 }
387 if (!TEST_mem_eq(expected->output, expected->output_len, got, got_len)) {
388 t->err = "DIGEST_MISMATCH";
389 goto err;
390 }
391 t->err = NULL;
392
393 err:
394 EVP_MD_CTX_free(mctx);
395 return 1;
396 }
397
398 static const EVP_TEST_METHOD digest_test_method = {
399 "Digest",
400 digest_test_init,
401 digest_test_cleanup,
402 digest_test_parse,
403 digest_test_run
404 };
405
406
407 /**
408 *** CIPHER TESTS
409 **/
410
411 typedef struct cipher_data_st {
412 const EVP_CIPHER *cipher;
413 int enc;
414 /* EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE or EVP_CIPH_OCB_MODE if AEAD */
415 int aead;
416 unsigned char *key;
417 size_t key_len;
418 unsigned char *iv;
419 size_t iv_len;
420 unsigned char *plaintext;
421 size_t plaintext_len;
422 unsigned char *ciphertext;
423 size_t ciphertext_len;
424 /* GCM, CCM only */
425 unsigned char *aad;
426 size_t aad_len;
427 unsigned char *tag;
428 size_t tag_len;
429 } CIPHER_DATA;
430
431 static int cipher_test_init(EVP_TEST *t, const char *alg)
432 {
433 const EVP_CIPHER *cipher;
434 CIPHER_DATA *cdat;
435 int m;
436
437 if ((cipher = EVP_get_cipherbyname(alg)) == NULL) {
438 /* If alg has an OID assume disabled algorithm */
439 if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) {
440 t->skip = 1;
441 return 1;
442 }
443 return 0;
444 }
445 cdat = OPENSSL_zalloc(sizeof(*cdat));
446 cdat->cipher = cipher;
447 cdat->enc = -1;
448 m = EVP_CIPHER_mode(cipher);
449 if (m == EVP_CIPH_GCM_MODE
450 || m == EVP_CIPH_OCB_MODE
451 || m == EVP_CIPH_CCM_MODE)
452 cdat->aead = EVP_CIPHER_mode(cipher);
453 else if (EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER)
454 cdat->aead = -1;
455 else
456 cdat->aead = 0;
457
458 t->data = cdat;
459 return 1;
460 }
461
462 static void cipher_test_cleanup(EVP_TEST *t)
463 {
464 CIPHER_DATA *cdat = t->data;
465
466 OPENSSL_free(cdat->key);
467 OPENSSL_free(cdat->iv);
468 OPENSSL_free(cdat->ciphertext);
469 OPENSSL_free(cdat->plaintext);
470 OPENSSL_free(cdat->aad);
471 OPENSSL_free(cdat->tag);
472 }
473
474 static int cipher_test_parse(EVP_TEST *t, const char *keyword,
475 const char *value)
476 {
477 CIPHER_DATA *cdat = t->data;
478
479 if (strcmp(keyword, "Key") == 0)
480 return parse_bin(value, &cdat->key, &cdat->key_len);
481 if (strcmp(keyword, "IV") == 0)
482 return parse_bin(value, &cdat->iv, &cdat->iv_len);
483 if (strcmp(keyword, "Plaintext") == 0)
484 return parse_bin(value, &cdat->plaintext, &cdat->plaintext_len);
485 if (strcmp(keyword, "Ciphertext") == 0)
486 return parse_bin(value, &cdat->ciphertext, &cdat->ciphertext_len);
487 if (cdat->aead) {
488 if (strcmp(keyword, "AAD") == 0)
489 return parse_bin(value, &cdat->aad, &cdat->aad_len);
490 if (strcmp(keyword, "Tag") == 0)
491 return parse_bin(value, &cdat->tag, &cdat->tag_len);
492 }
493
494 if (strcmp(keyword, "Operation") == 0) {
495 if (strcmp(value, "ENCRYPT") == 0)
496 cdat->enc = 1;
497 else if (strcmp(value, "DECRYPT") == 0)
498 cdat->enc = 0;
499 else
500 return 0;
501 return 1;
502 }
503 return 0;
504 }
505
506 static int cipher_test_enc(EVP_TEST *t, int enc,
507 size_t out_misalign, size_t inp_misalign, int frag)
508 {
509 CIPHER_DATA *expected = t->data;
510 unsigned char *in, *expected_out, *tmp = NULL;
511 size_t in_len, out_len, donelen = 0;
512 int ok = 0, tmplen, chunklen, tmpflen;
513 EVP_CIPHER_CTX *ctx = NULL;
514
515 t->err = "TEST_FAILURE";
516 if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new()))
517 goto err;
518 EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
519 if (enc) {
520 in = expected->plaintext;
521 in_len = expected->plaintext_len;
522 expected_out = expected->ciphertext;
523 out_len = expected->ciphertext_len;
524 } else {
525 in = expected->ciphertext;
526 in_len = expected->ciphertext_len;
527 expected_out = expected->plaintext;
528 out_len = expected->plaintext_len;
529 }
530 if (inp_misalign == (size_t)-1) {
531 /*
532 * Exercise in-place encryption
533 */
534 tmp = OPENSSL_malloc(out_misalign + in_len + 2 * EVP_MAX_BLOCK_LENGTH);
535 if (!tmp)
536 goto err;
537 in = memcpy(tmp + out_misalign, in, in_len);
538 } else {
539 inp_misalign += 16 - ((out_misalign + in_len) & 15);
540 /*
541 * 'tmp' will store both output and copy of input. We make the copy
542 * of input to specifically aligned part of 'tmp'. So we just
543 * figured out how much padding would ensure the required alignment,
544 * now we allocate extended buffer and finally copy the input just
545 * past inp_misalign in expression below. Output will be written
546 * past out_misalign...
547 */
548 tmp = OPENSSL_malloc(out_misalign + in_len + 2 * EVP_MAX_BLOCK_LENGTH +
549 inp_misalign + in_len);
550 if (!tmp)
551 goto err;
552 in = memcpy(tmp + out_misalign + in_len + 2 * EVP_MAX_BLOCK_LENGTH +
553 inp_misalign, in, in_len);
554 }
555 if (!EVP_CipherInit_ex(ctx, expected->cipher, NULL, NULL, NULL, enc)) {
556 t->err = "CIPHERINIT_ERROR";
557 goto err;
558 }
559 if (expected->iv) {
560 if (expected->aead) {
561 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
562 expected->iv_len, 0)) {
563 t->err = "INVALID_IV_LENGTH";
564 goto err;
565 }
566 } else if (expected->iv_len != (size_t)EVP_CIPHER_CTX_iv_length(ctx)) {
567 t->err = "INVALID_IV_LENGTH";
568 goto err;
569 }
570 }
571 if (expected->aead) {
572 unsigned char *tag;
573 /*
574 * If encrypting or OCB just set tag length initially, otherwise
575 * set tag length and value.
576 */
577 if (enc || expected->aead == EVP_CIPH_OCB_MODE) {
578 t->err = "TAG_LENGTH_SET_ERROR";
579 tag = NULL;
580 } else {
581 t->err = "TAG_SET_ERROR";
582 tag = expected->tag;
583 }
584 if (tag || expected->aead != EVP_CIPH_GCM_MODE) {
585 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
586 expected->tag_len, tag))
587 goto err;
588 }
589 }
590
591 if (!EVP_CIPHER_CTX_set_key_length(ctx, expected->key_len)) {
592 t->err = "INVALID_KEY_LENGTH";
593 goto err;
594 }
595 if (!EVP_CipherInit_ex(ctx, NULL, NULL, expected->key, expected->iv, -1)) {
596 t->err = "KEY_SET_ERROR";
597 goto err;
598 }
599
600 if (!enc && expected->aead == EVP_CIPH_OCB_MODE) {
601 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
602 expected->tag_len, expected->tag)) {
603 t->err = "TAG_SET_ERROR";
604 goto err;
605 }
606 }
607
608 if (expected->aead == EVP_CIPH_CCM_MODE) {
609 if (!EVP_CipherUpdate(ctx, NULL, &tmplen, NULL, out_len)) {
610 t->err = "CCM_PLAINTEXT_LENGTH_SET_ERROR";
611 goto err;
612 }
613 }
614 if (expected->aad) {
615 t->err = "AAD_SET_ERROR";
616 if (!frag) {
617 if (!EVP_CipherUpdate(ctx, NULL, &chunklen, expected->aad,
618 expected->aad_len))
619 goto err;
620 } else {
621 /*
622 * Supply the AAD in chunks less than the block size where possible
623 */
624 if (expected->aad_len > 0) {
625 if (!EVP_CipherUpdate(ctx, NULL, &chunklen, expected->aad, 1))
626 goto err;
627 donelen++;
628 }
629 if (expected->aad_len > 2) {
630 if (!EVP_CipherUpdate(ctx, NULL, &chunklen,
631 expected->aad + donelen,
632 expected->aad_len - 2))
633 goto err;
634 donelen += expected->aad_len - 2;
635 }
636 if (expected->aad_len > 1
637 && !EVP_CipherUpdate(ctx, NULL, &chunklen,
638 expected->aad + donelen, 1))
639 goto err;
640 }
641 }
642 EVP_CIPHER_CTX_set_padding(ctx, 0);
643 t->err = "CIPHERUPDATE_ERROR";
644 tmplen = 0;
645 if (!frag) {
646 /* We supply the data all in one go */
647 if (!EVP_CipherUpdate(ctx, tmp + out_misalign, &tmplen, in, in_len))
648 goto err;
649 } else {
650 /* Supply the data in chunks less than the block size where possible */
651 if (in_len > 0) {
652 if (!EVP_CipherUpdate(ctx, tmp + out_misalign, &chunklen, in, 1))
653 goto err;
654 tmplen += chunklen;
655 in++;
656 in_len--;
657 }
658 if (in_len > 1) {
659 if (!EVP_CipherUpdate(ctx, tmp + out_misalign + tmplen, &chunklen,
660 in, in_len - 1))
661 goto err;
662 tmplen += chunklen;
663 in += in_len - 1;
664 in_len = 1;
665 }
666 if (in_len > 0 ) {
667 if (!EVP_CipherUpdate(ctx, tmp + out_misalign + tmplen, &chunklen,
668 in, 1))
669 goto err;
670 tmplen += chunklen;
671 }
672 }
673 if (!EVP_CipherFinal_ex(ctx, tmp + out_misalign + tmplen, &tmpflen)) {
674 t->err = "CIPHERFINAL_ERROR";
675 goto err;
676 }
677 if (!TEST_mem_eq(expected_out, out_len,
678 tmp + out_misalign, tmplen + tmpflen)) {
679 t->err = "VALUE_MISMATCH";
680 goto err;
681 }
682 if (enc && expected->aead) {
683 unsigned char rtag[16];
684
685 if (!TEST_size_t_le(expected->tag_len, sizeof(rtag))) {
686 t->err = "TAG_LENGTH_INTERNAL_ERROR";
687 goto err;
688 }
689 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
690 expected->tag_len, rtag)) {
691 t->err = "TAG_RETRIEVE_ERROR";
692 goto err;
693 }
694 if (!TEST_mem_eq(expected->tag, expected->tag_len,
695 rtag, expected->tag_len)) {
696 t->err = "TAG_VALUE_MISMATCH";
697 goto err;
698 }
699 }
700 t->err = NULL;
701 ok = 1;
702 err:
703 OPENSSL_free(tmp);
704 EVP_CIPHER_CTX_free(ctx);
705 return ok;
706 }
707
708 static int cipher_test_run(EVP_TEST *t)
709 {
710 CIPHER_DATA *cdat = t->data;
711 int rv, frag = 0;
712 size_t out_misalign, inp_misalign;
713
714 if (!cdat->key) {
715 t->err = "NO_KEY";
716 return 0;
717 }
718 if (!cdat->iv && EVP_CIPHER_iv_length(cdat->cipher)) {
719 /* IV is optional and usually omitted in wrap mode */
720 if (EVP_CIPHER_mode(cdat->cipher) != EVP_CIPH_WRAP_MODE) {
721 t->err = "NO_IV";
722 return 0;
723 }
724 }
725 if (cdat->aead && !cdat->tag) {
726 t->err = "NO_TAG";
727 return 0;
728 }
729 for (out_misalign = 0; out_misalign <= 1;) {
730 static char aux_err[64];
731 t->aux_err = aux_err;
732 for (inp_misalign = (size_t)-1; inp_misalign != 2; inp_misalign++) {
733 if (inp_misalign == (size_t)-1) {
734 /* kludge: inp_misalign == -1 means "exercise in-place" */
735 BIO_snprintf(aux_err, sizeof(aux_err),
736 "%s in-place, %sfragmented",
737 out_misalign ? "misaligned" : "aligned",
738 frag ? "" : "not ");
739 } else {
740 BIO_snprintf(aux_err, sizeof(aux_err),
741 "%s output and %s input, %sfragmented",
742 out_misalign ? "misaligned" : "aligned",
743 inp_misalign ? "misaligned" : "aligned",
744 frag ? "" : "not ");
745 }
746 if (cdat->enc) {
747 rv = cipher_test_enc(t, 1, out_misalign, inp_misalign, frag);
748 /* Not fatal errors: return */
749 if (rv != 1) {
750 if (rv < 0)
751 return 0;
752 return 1;
753 }
754 }
755 if (cdat->enc != 1) {
756 rv = cipher_test_enc(t, 0, out_misalign, inp_misalign, frag);
757 /* Not fatal errors: return */
758 if (rv != 1) {
759 if (rv < 0)
760 return 0;
761 return 1;
762 }
763 }
764 }
765
766 if (out_misalign == 1 && frag == 0) {
767 /*
768 * XTS, CCM and Wrap modes have special requirements about input
769 * lengths so we don't fragment for those
770 */
771 if (cdat->aead == EVP_CIPH_CCM_MODE
772 || EVP_CIPHER_mode(cdat->cipher) == EVP_CIPH_XTS_MODE
773 || EVP_CIPHER_mode(cdat->cipher) == EVP_CIPH_WRAP_MODE)
774 break;
775 out_misalign = 0;
776 frag++;
777 } else {
778 out_misalign++;
779 }
780 }
781 t->aux_err = NULL;
782
783 return 1;
784 }
785
786 static const EVP_TEST_METHOD cipher_test_method = {
787 "Cipher",
788 cipher_test_init,
789 cipher_test_cleanup,
790 cipher_test_parse,
791 cipher_test_run
792 };
793
794
795 /**
796 *** MAC TESTS
797 **/
798
799 typedef struct mac_data_st {
800 /* MAC type */
801 int type;
802 /* Algorithm string for this MAC */
803 char *alg;
804 /* MAC key */
805 unsigned char *key;
806 size_t key_len;
807 /* Input to MAC */
808 unsigned char *input;
809 size_t input_len;
810 /* Expected output */
811 unsigned char *output;
812 size_t output_len;
813 } MAC_DATA;
814
815 static int mac_test_init(EVP_TEST *t, const char *alg)
816 {
817 int type;
818 MAC_DATA *mdat;
819
820 if (strcmp(alg, "HMAC") == 0) {
821 type = EVP_PKEY_HMAC;
822 } else if (strcmp(alg, "CMAC") == 0) {
823 #ifndef OPENSSL_NO_CMAC
824 type = EVP_PKEY_CMAC;
825 #else
826 t->skip = 1;
827 return 1;
828 #endif
829 } else if (strcmp(alg, "Poly1305") == 0) {
830 #ifndef OPENSSL_NO_POLY1305
831 type = EVP_PKEY_POLY1305;
832 #else
833 t->skip = 1;
834 return 1;
835 #endif
836 } else if (strcmp(alg, "SipHash") == 0) {
837 #ifndef OPENSSL_NO_SIPHASH
838 type = EVP_PKEY_SIPHASH;
839 #else
840 t->skip = 1;
841 return 1;
842 #endif
843 } else
844 return 0;
845
846 mdat = OPENSSL_zalloc(sizeof(*mdat));
847 mdat->type = type;
848 t->data = mdat;
849 return 1;
850 }
851
852 static void mac_test_cleanup(EVP_TEST *t)
853 {
854 MAC_DATA *mdat = t->data;
855
856 OPENSSL_free(mdat->alg);
857 OPENSSL_free(mdat->key);
858 OPENSSL_free(mdat->input);
859 OPENSSL_free(mdat->output);
860 }
861
862 static int mac_test_parse(EVP_TEST *t,
863 const char *keyword, const char *value)
864 {
865 MAC_DATA *mdata = t->data;
866
867 if (strcmp(keyword, "Key") == 0)
868 return parse_bin(value, &mdata->key, &mdata->key_len);
869 if (strcmp(keyword, "Algorithm") == 0) {
870 mdata->alg = OPENSSL_strdup(value);
871 if (!mdata->alg)
872 return 0;
873 return 1;
874 }
875 if (strcmp(keyword, "Input") == 0)
876 return parse_bin(value, &mdata->input, &mdata->input_len);
877 if (strcmp(keyword, "Output") == 0)
878 return parse_bin(value, &mdata->output, &mdata->output_len);
879 return 0;
880 }
881
882 static int mac_test_run(EVP_TEST *t)
883 {
884 MAC_DATA *expected = t->data;
885 EVP_MD_CTX *mctx = NULL;
886 EVP_PKEY_CTX *pctx = NULL, *genctx = NULL;
887 EVP_PKEY *key = NULL;
888 const EVP_MD *md = NULL;
889 unsigned char *got = NULL;
890 size_t got_len;
891
892 #ifdef OPENSSL_NO_DES
893 if (expected->alg != NULL && strstr(expected->alg, "DES") != NULL) {
894 /* Skip DES */
895 t->err = NULL;
896 goto err;
897 }
898 #endif
899
900 if (!TEST_ptr(genctx = EVP_PKEY_CTX_new_id(expected->type, NULL))) {
901 t->err = "MAC_PKEY_CTX_ERROR";
902 goto err;
903 }
904
905 if (EVP_PKEY_keygen_init(genctx) <= 0) {
906 t->err = "MAC_KEYGEN_INIT_ERROR";
907 goto err;
908 }
909 if (expected->type == EVP_PKEY_CMAC
910 && EVP_PKEY_CTX_ctrl_str(genctx, "cipher", expected->alg) <= 0) {
911 t->err = "MAC_ALGORITHM_SET_ERROR";
912 goto err;
913 }
914
915 if (EVP_PKEY_CTX_set_mac_key(genctx, expected->key,
916 expected->key_len) <= 0) {
917 t->err = "MAC_KEY_SET_ERROR";
918 goto err;
919 }
920
921 if (EVP_PKEY_keygen(genctx, &key) <= 0) {
922 t->err = "MAC_KEY_GENERATE_ERROR";
923 goto err;
924 }
925 if (expected->type == EVP_PKEY_HMAC) {
926 if (!TEST_ptr(md = EVP_get_digestbyname(expected->alg))) {
927 t->err = "MAC_ALGORITHM_SET_ERROR";
928 goto err;
929 }
930 }
931 if (!TEST_ptr(mctx = EVP_MD_CTX_new())) {
932 t->err = "INTERNAL_ERROR";
933 goto err;
934 }
935 if (!EVP_DigestSignInit(mctx, &pctx, md, NULL, key)) {
936 t->err = "DIGESTSIGNINIT_ERROR";
937 goto err;
938 }
939
940 if (!EVP_DigestSignUpdate(mctx, expected->input, expected->input_len)) {
941 t->err = "DIGESTSIGNUPDATE_ERROR";
942 goto err;
943 }
944 if (!EVP_DigestSignFinal(mctx, NULL, &got_len)) {
945 t->err = "DIGESTSIGNFINAL_LENGTH_ERROR";
946 goto err;
947 }
948 if (!TEST_ptr(got = OPENSSL_malloc(got_len))) {
949 t->err = "TEST_FAILURE";
950 goto err;
951 }
952 if (!EVP_DigestSignFinal(mctx, got, &got_len)
953 || !TEST_mem_eq(expected->output, expected->output_len,
954 got, got_len)) {
955 t->err = "TEST_MAC_ERR";
956 goto err;
957 }
958 t->err = NULL;
959 err:
960 EVP_MD_CTX_free(mctx);
961 OPENSSL_free(got);
962 EVP_PKEY_CTX_free(genctx);
963 EVP_PKEY_free(key);
964 return 1;
965 }
966
967 static const EVP_TEST_METHOD mac_test_method = {
968 "MAC",
969 mac_test_init,
970 mac_test_cleanup,
971 mac_test_parse,
972 mac_test_run
973 };
974
975
976 /**
977 *** PUBLIC KEY TESTS
978 *** These are all very similar and share much common code.
979 **/
980
981 typedef struct pkey_data_st {
982 /* Context for this operation */
983 EVP_PKEY_CTX *ctx;
984 /* Key operation to perform */
985 int (*keyop) (EVP_PKEY_CTX *ctx,
986 unsigned char *sig, size_t *siglen,
987 const unsigned char *tbs, size_t tbslen);
988 /* Input to MAC */
989 unsigned char *input;
990 size_t input_len;
991 /* Expected output */
992 unsigned char *output;
993 size_t output_len;
994 } PKEY_DATA;
995
996 /*
997 * Perform public key operation setup: lookup key, allocated ctx and call
998 * the appropriate initialisation function
999 */
1000 static int pkey_test_init(EVP_TEST *t, const char *name,
1001 int use_public,
1002 int (*keyopinit) (EVP_PKEY_CTX *ctx),
1003 int (*keyop)(EVP_PKEY_CTX *ctx,
1004 unsigned char *sig, size_t *siglen,
1005 const unsigned char *tbs,
1006 size_t tbslen))
1007 {
1008 PKEY_DATA *kdata;
1009 EVP_PKEY *pkey = NULL;
1010 int rv = 0;
1011
1012 if (use_public)
1013 rv = find_key(&pkey, name, public_keys);
1014 if (rv == 0)
1015 rv = find_key(&pkey, name, private_keys);
1016 if (rv == 0 || pkey == NULL) {
1017 t->skip = 1;
1018 return 1;
1019 }
1020
1021 if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata)))) {
1022 EVP_PKEY_free(pkey);
1023 return 0;
1024 }
1025 kdata->keyop = keyop;
1026 if (!TEST_ptr(kdata->ctx = EVP_PKEY_CTX_new(pkey, NULL)))
1027 return 0;
1028 if (keyopinit(kdata->ctx) <= 0)
1029 t->err = "KEYOP_INIT_ERROR";
1030 t->data = kdata;
1031 return 1;
1032 }
1033
1034 static void pkey_test_cleanup(EVP_TEST *t)
1035 {
1036 PKEY_DATA *kdata = t->data;
1037
1038 OPENSSL_free(kdata->input);
1039 OPENSSL_free(kdata->output);
1040 EVP_PKEY_CTX_free(kdata->ctx);
1041 }
1042
1043 static int pkey_test_ctrl(EVP_TEST *t, EVP_PKEY_CTX *pctx,
1044 const char *value)
1045 {
1046 int rv;
1047 char *p, *tmpval;
1048
1049 if (!TEST_ptr(tmpval = OPENSSL_strdup(value)))
1050 return 0;
1051 p = strchr(tmpval, ':');
1052 if (p != NULL)
1053 *p++ = '\0';
1054 rv = EVP_PKEY_CTX_ctrl_str(pctx, tmpval, p);
1055 if (rv == -2) {
1056 t->err = "PKEY_CTRL_INVALID";
1057 rv = 1;
1058 } else if (p != NULL && rv <= 0) {
1059 /* If p has an OID and lookup fails assume disabled algorithm */
1060 int nid = OBJ_sn2nid(p);
1061
1062 if (nid == NID_undef)
1063 nid = OBJ_ln2nid(p);
1064 if (nid != NID_undef
1065 && EVP_get_digestbynid(nid) == NULL
1066 && EVP_get_cipherbynid(nid) == NULL) {
1067 t->skip = 1;
1068 rv = 1;
1069 } else {
1070 t->err = "PKEY_CTRL_ERROR";
1071 rv = 1;
1072 }
1073 }
1074 OPENSSL_free(tmpval);
1075 return rv > 0;
1076 }
1077
1078 static int pkey_test_parse(EVP_TEST *t,
1079 const char *keyword, const char *value)
1080 {
1081 PKEY_DATA *kdata = t->data;
1082 if (strcmp(keyword, "Input") == 0)
1083 return parse_bin(value, &kdata->input, &kdata->input_len);
1084 if (strcmp(keyword, "Output") == 0)
1085 return parse_bin(value, &kdata->output, &kdata->output_len);
1086 if (strcmp(keyword, "Ctrl") == 0)
1087 return pkey_test_ctrl(t, kdata->ctx, value);
1088 return 0;
1089 }
1090
1091 static int pkey_test_run(EVP_TEST *t)
1092 {
1093 PKEY_DATA *expected = t->data;
1094 unsigned char *got = NULL;
1095 size_t got_len;
1096
1097 if (expected->keyop(expected->ctx, NULL, &got_len,
1098 expected->input, expected->input_len) <= 0
1099 || !TEST_ptr(got = OPENSSL_malloc(got_len))) {
1100 t->err = "KEYOP_LENGTH_ERROR";
1101 goto err;
1102 }
1103 if (expected->keyop(expected->ctx, got, &got_len,
1104 expected->input, expected->input_len) <= 0) {
1105 t->err = "KEYOP_ERROR";
1106 goto err;
1107 }
1108 if (!TEST_mem_eq(expected->output, expected->output_len, got, got_len)) {
1109 t->err = "KEYOP_MISMATCH";
1110 goto err;
1111 }
1112 t->err = NULL;
1113 err:
1114 OPENSSL_free(got);
1115 return 1;
1116 }
1117
1118 static int sign_test_init(EVP_TEST *t, const char *name)
1119 {
1120 return pkey_test_init(t, name, 0, EVP_PKEY_sign_init, EVP_PKEY_sign);
1121 }
1122
1123 static const EVP_TEST_METHOD psign_test_method = {
1124 "Sign",
1125 sign_test_init,
1126 pkey_test_cleanup,
1127 pkey_test_parse,
1128 pkey_test_run
1129 };
1130
1131 static int verify_recover_test_init(EVP_TEST *t, const char *name)
1132 {
1133 return pkey_test_init(t, name, 1, EVP_PKEY_verify_recover_init,
1134 EVP_PKEY_verify_recover);
1135 }
1136
1137 static const EVP_TEST_METHOD pverify_recover_test_method = {
1138 "VerifyRecover",
1139 verify_recover_test_init,
1140 pkey_test_cleanup,
1141 pkey_test_parse,
1142 pkey_test_run
1143 };
1144
1145 static int decrypt_test_init(EVP_TEST *t, const char *name)
1146 {
1147 return pkey_test_init(t, name, 0, EVP_PKEY_decrypt_init,
1148 EVP_PKEY_decrypt);
1149 }
1150
1151 static const EVP_TEST_METHOD pdecrypt_test_method = {
1152 "Decrypt",
1153 decrypt_test_init,
1154 pkey_test_cleanup,
1155 pkey_test_parse,
1156 pkey_test_run
1157 };
1158
1159 static int verify_test_init(EVP_TEST *t, const char *name)
1160 {
1161 return pkey_test_init(t, name, 1, EVP_PKEY_verify_init, 0);
1162 }
1163
1164 static int verify_test_run(EVP_TEST *t)
1165 {
1166 PKEY_DATA *kdata = t->data;
1167
1168 if (EVP_PKEY_verify(kdata->ctx, kdata->output, kdata->output_len,
1169 kdata->input, kdata->input_len) <= 0)
1170 t->err = "VERIFY_ERROR";
1171 return 1;
1172 }
1173
1174 static const EVP_TEST_METHOD pverify_test_method = {
1175 "Verify",
1176 verify_test_init,
1177 pkey_test_cleanup,
1178 pkey_test_parse,
1179 verify_test_run
1180 };
1181
1182
1183 static int pderive_test_init(EVP_TEST *t, const char *name)
1184 {
1185 return pkey_test_init(t, name, 0, EVP_PKEY_derive_init, 0);
1186 }
1187
1188 static int pderive_test_parse(EVP_TEST *t,
1189 const char *keyword, const char *value)
1190 {
1191 PKEY_DATA *kdata = t->data;
1192
1193 if (strcmp(keyword, "PeerKey") == 0) {
1194 EVP_PKEY *peer;
1195 if (find_key(&peer, value, public_keys) == 0)
1196 return 0;
1197 if (EVP_PKEY_derive_set_peer(kdata->ctx, peer) <= 0)
1198 return 0;
1199 return 1;
1200 }
1201 if (strcmp(keyword, "SharedSecret") == 0)
1202 return parse_bin(value, &kdata->output, &kdata->output_len);
1203 if (strcmp(keyword, "Ctrl") == 0)
1204 return pkey_test_ctrl(t, kdata->ctx, value);
1205 return 0;
1206 }
1207
1208 static int pderive_test_run(EVP_TEST *t)
1209 {
1210 PKEY_DATA *expected = t->data;
1211 unsigned char *got = NULL;
1212 size_t got_len;
1213
1214 got_len = expected->output_len;
1215 if (!TEST_ptr(got = OPENSSL_malloc(got_len))) {
1216 t->err = "DERIVE_ERROR";
1217 goto err;
1218 }
1219 if (EVP_PKEY_derive(expected->ctx, got, &got_len) <= 0) {
1220 t->err = "DERIVE_ERROR";
1221 goto err;
1222 }
1223 if (!TEST_mem_eq(expected->output, expected->output_len, got, got_len)) {
1224 t->err = "SHARED_SECRET_MISMATCH";
1225 goto err;
1226 }
1227
1228 t->err = NULL;
1229 err:
1230 OPENSSL_free(got);
1231 return 1;
1232 }
1233
1234 static const EVP_TEST_METHOD pderive_test_method = {
1235 "Derive",
1236 pderive_test_init,
1237 pkey_test_cleanup,
1238 pderive_test_parse,
1239 pderive_test_run
1240 };
1241
1242
1243 /**
1244 *** PBE TESTS
1245 **/
1246
1247 typedef enum pbe_type_enum {
1248 PBE_TYPE_INVALID = 0,
1249 PBE_TYPE_SCRYPT, PBE_TYPE_PBKDF2, PBE_TYPE_PKCS12
1250 } PBE_TYPE;
1251
1252 typedef struct pbe_data_st {
1253 PBE_TYPE pbe_type;
1254 /* scrypt parameters */
1255 uint64_t N, r, p, maxmem;
1256 /* PKCS#12 parameters */
1257 int id, iter;
1258 const EVP_MD *md;
1259 /* password */
1260 unsigned char *pass;
1261 size_t pass_len;
1262 /* salt */
1263 unsigned char *salt;
1264 size_t salt_len;
1265 /* Expected output */
1266 unsigned char *key;
1267 size_t key_len;
1268 } PBE_DATA;
1269
1270 #ifndef OPENSSL_NO_SCRYPT
1271 /*
1272 * Parse unsigned decimal 64 bit integer value
1273 */
1274 static int parse_uint64(const char *value, uint64_t *pr)
1275 {
1276 const char *p = value;
1277
1278 if (!TEST_true(*p)) {
1279 TEST_info("Invalid empty integer value");
1280 return -1;
1281 }
1282 for (*pr = 0; *p; ) {
1283 if (*pr > UINT64_MAX / 10) {
1284 TEST_error("Integer overflow in string %s", value);
1285 return -1;
1286 }
1287 *pr *= 10;
1288 if (!TEST_true(isdigit(*p))) {
1289 TEST_error("Invalid character in string %s", value);
1290 return -1;
1291 }
1292 *pr += *p - '0';
1293 p++;
1294 }
1295 return 1;
1296 }
1297
1298 static int scrypt_test_parse(EVP_TEST *t,
1299 const char *keyword, const char *value)
1300 {
1301 PBE_DATA *pdata = t->data;
1302
1303 if (strcmp(keyword, "N") == 0)
1304 return parse_uint64(value, &pdata->N);
1305 if (strcmp(keyword, "p") == 0)
1306 return parse_uint64(value, &pdata->p);
1307 if (strcmp(keyword, "r") == 0)
1308 return parse_uint64(value, &pdata->r);
1309 if (strcmp(keyword, "maxmem") == 0)
1310 return parse_uint64(value, &pdata->maxmem);
1311 return 0;
1312 }
1313 #endif
1314
1315 static int pbkdf2_test_parse(EVP_TEST *t,
1316 const char *keyword, const char *value)
1317 {
1318 PBE_DATA *pdata = t->data;
1319
1320 if (strcmp(keyword, "iter") == 0) {
1321 pdata->iter = atoi(value);
1322 if (pdata->iter <= 0)
1323 return -1;
1324 return 1;
1325 }
1326 if (strcmp(keyword, "MD") == 0) {
1327 pdata->md = EVP_get_digestbyname(value);
1328 if (pdata->md == NULL)
1329 return -1;
1330 return 1;
1331 }
1332 return 0;
1333 }
1334
1335 static int pkcs12_test_parse(EVP_TEST *t,
1336 const char *keyword, const char *value)
1337 {
1338 PBE_DATA *pdata = t->data;
1339
1340 if (strcmp(keyword, "id") == 0) {
1341 pdata->id = atoi(value);
1342 if (pdata->id <= 0)
1343 return -1;
1344 return 1;
1345 }
1346 return pbkdf2_test_parse(t, keyword, value);
1347 }
1348
1349 static int pbe_test_init(EVP_TEST *t, const char *alg)
1350 {
1351 PBE_DATA *pdat;
1352 PBE_TYPE pbe_type = PBE_TYPE_INVALID;
1353
1354 if (strcmp(alg, "scrypt") == 0) {
1355 #ifndef OPENSSL_NO_SCRYPT
1356 pbe_type = PBE_TYPE_SCRYPT;
1357 #else
1358 t->skip = 1;
1359 return 1;
1360 #endif
1361 } else if (strcmp(alg, "pbkdf2") == 0) {
1362 pbe_type = PBE_TYPE_PBKDF2;
1363 } else if (strcmp(alg, "pkcs12") == 0) {
1364 pbe_type = PBE_TYPE_PKCS12;
1365 } else {
1366 TEST_error("Unknown pbe algorithm %s", alg);
1367 }
1368 pdat = OPENSSL_zalloc(sizeof(*pdat));
1369 pdat->pbe_type = pbe_type;
1370 t->data = pdat;
1371 return 1;
1372 }
1373
1374 static void pbe_test_cleanup(EVP_TEST *t)
1375 {
1376 PBE_DATA *pdat = t->data;
1377
1378 OPENSSL_free(pdat->pass);
1379 OPENSSL_free(pdat->salt);
1380 OPENSSL_free(pdat->key);
1381 }
1382
1383 static int pbe_test_parse(EVP_TEST *t,
1384 const char *keyword, const char *value)
1385 {
1386 PBE_DATA *pdata = t->data;
1387
1388 if (strcmp(keyword, "Password") == 0)
1389 return parse_bin(value, &pdata->pass, &pdata->pass_len);
1390 if (strcmp(keyword, "Salt") == 0)
1391 return parse_bin(value, &pdata->salt, &pdata->salt_len);
1392 if (strcmp(keyword, "Key") == 0)
1393 return parse_bin(value, &pdata->key, &pdata->key_len);
1394 if (pdata->pbe_type == PBE_TYPE_PBKDF2)
1395 return pbkdf2_test_parse(t, keyword, value);
1396 else if (pdata->pbe_type == PBE_TYPE_PKCS12)
1397 return pkcs12_test_parse(t, keyword, value);
1398 #ifndef OPENSSL_NO_SCRYPT
1399 else if (pdata->pbe_type == PBE_TYPE_SCRYPT)
1400 return scrypt_test_parse(t, keyword, value);
1401 #endif
1402 return 0;
1403 }
1404
1405 static int pbe_test_run(EVP_TEST *t)
1406 {
1407 PBE_DATA *expected = t->data;
1408 unsigned char *key;
1409
1410 if (!TEST_ptr(key = OPENSSL_malloc(expected->key_len))) {
1411 t->err = "INTERNAL_ERROR";
1412 goto err;
1413 }
1414 if (expected->pbe_type == PBE_TYPE_PBKDF2) {
1415 if (PKCS5_PBKDF2_HMAC((char *)expected->pass, expected->pass_len,
1416 expected->salt, expected->salt_len,
1417 expected->iter, expected->md,
1418 expected->key_len, key) == 0) {
1419 t->err = "PBKDF2_ERROR";
1420 goto err;
1421 }
1422 #ifndef OPENSSL_NO_SCRYPT
1423 } else if (expected->pbe_type == PBE_TYPE_SCRYPT) {
1424 if (EVP_PBE_scrypt((const char *)expected->pass, expected->pass_len,
1425 expected->salt, expected->salt_len, expected->N,
1426 expected->r, expected->p, expected->maxmem,
1427 key, expected->key_len) == 0) {
1428 t->err = "SCRYPT_ERROR";
1429 goto err;
1430 }
1431 #endif
1432 } else if (expected->pbe_type == PBE_TYPE_PKCS12) {
1433 if (PKCS12_key_gen_uni(expected->pass, expected->pass_len,
1434 expected->salt, expected->salt_len,
1435 expected->id, expected->iter, expected->key_len,
1436 key, expected->md) == 0) {
1437 t->err = "PKCS12_ERROR";
1438 goto err;
1439 }
1440 }
1441 if (!TEST_mem_eq(expected->key, expected->key_len,
1442 key, expected->key_len)) {
1443 t->err = "KEY_MISMATCH";
1444 goto err;
1445 }
1446 t->err = NULL;
1447 err:
1448 OPENSSL_free(key);
1449 return 1;
1450 }
1451
1452 static const EVP_TEST_METHOD pbe_test_method = {
1453 "PBE",
1454 pbe_test_init,
1455 pbe_test_cleanup,
1456 pbe_test_parse,
1457 pbe_test_run
1458 };
1459
1460
1461 /**
1462 *** BASE64 TESTS
1463 **/
1464
1465 typedef enum {
1466 BASE64_CANONICAL_ENCODING = 0,
1467 BASE64_VALID_ENCODING = 1,
1468 BASE64_INVALID_ENCODING = 2
1469 } base64_encoding_type;
1470
1471 typedef struct encode_data_st {
1472 /* Input to encoding */
1473 unsigned char *input;
1474 size_t input_len;
1475 /* Expected output */
1476 unsigned char *output;
1477 size_t output_len;
1478 base64_encoding_type encoding;
1479 } ENCODE_DATA;
1480
1481 static int encode_test_init(EVP_TEST *t, const char *encoding)
1482 {
1483 ENCODE_DATA *edata;
1484
1485 if (!TEST_ptr(edata = OPENSSL_zalloc(sizeof(*edata))))
1486 return 0;
1487 if (strcmp(encoding, "canonical") == 0) {
1488 edata->encoding = BASE64_CANONICAL_ENCODING;
1489 } else if (strcmp(encoding, "valid") == 0) {
1490 edata->encoding = BASE64_VALID_ENCODING;
1491 } else if (strcmp(encoding, "invalid") == 0) {
1492 edata->encoding = BASE64_INVALID_ENCODING;
1493 if (!TEST_ptr(t->expected_err = OPENSSL_strdup("DECODE_ERROR")))
1494 return 0;
1495 } else {
1496 TEST_error("Bad encoding: %s."
1497 " Should be one of {canonical, valid, invalid}",
1498 encoding);
1499 return 0;
1500 }
1501 t->data = edata;
1502 return 1;
1503 }
1504
1505 static void encode_test_cleanup(EVP_TEST *t)
1506 {
1507 ENCODE_DATA *edata = t->data;
1508
1509 OPENSSL_free(edata->input);
1510 OPENSSL_free(edata->output);
1511 memset(edata, 0, sizeof(*edata));
1512 }
1513
1514 static int encode_test_parse(EVP_TEST *t,
1515 const char *keyword, const char *value)
1516 {
1517 ENCODE_DATA *edata = t->data;
1518
1519 if (strcmp(keyword, "Input") == 0)
1520 return parse_bin(value, &edata->input, &edata->input_len);
1521 if (strcmp(keyword, "Output") == 0)
1522 return parse_bin(value, &edata->output, &edata->output_len);
1523 return 0;
1524 }
1525
1526 static int encode_test_run(EVP_TEST *t)
1527 {
1528 ENCODE_DATA *expected = t->data;
1529 unsigned char *encode_out = NULL, *decode_out = NULL;
1530 int output_len, chunk_len;
1531 EVP_ENCODE_CTX *decode_ctx;
1532
1533 if (!TEST_ptr(decode_ctx = EVP_ENCODE_CTX_new())) {
1534 t->err = "INTERNAL_ERROR";
1535 goto err;
1536 }
1537
1538 if (expected->encoding == BASE64_CANONICAL_ENCODING) {
1539 EVP_ENCODE_CTX *encode_ctx;
1540
1541 if (!TEST_ptr(encode_ctx = EVP_ENCODE_CTX_new())
1542 || !TEST_ptr(encode_out =
1543 OPENSSL_malloc(EVP_ENCODE_LENGTH(expected->input_len))))
1544 goto err;
1545
1546 EVP_EncodeInit(encode_ctx);
1547 EVP_EncodeUpdate(encode_ctx, encode_out, &chunk_len,
1548 expected->input, expected->input_len);
1549 output_len = chunk_len;
1550
1551 EVP_EncodeFinal(encode_ctx, encode_out + chunk_len, &chunk_len);
1552 output_len += chunk_len;
1553
1554 EVP_ENCODE_CTX_free(encode_ctx);
1555
1556 if (!TEST_mem_eq(expected->output, expected->output_len,
1557 encode_out, output_len)) {
1558 t->err = "BAD_ENCODING";
1559 goto err;
1560 }
1561 }
1562
1563 if (!TEST_ptr(decode_out =
1564 OPENSSL_malloc(EVP_DECODE_LENGTH(expected->output_len))))
1565 goto err;
1566
1567 EVP_DecodeInit(decode_ctx);
1568 if (EVP_DecodeUpdate(decode_ctx, decode_out, &chunk_len, expected->output,
1569 expected->output_len) < 0) {
1570 t->err = "DECODE_ERROR";
1571 goto err;
1572 }
1573 output_len = chunk_len;
1574
1575 if (EVP_DecodeFinal(decode_ctx, decode_out + chunk_len, &chunk_len) != 1) {
1576 t->err = "DECODE_ERROR";
1577 goto err;
1578 }
1579 output_len += chunk_len;
1580
1581 if (expected->encoding != BASE64_INVALID_ENCODING
1582 && !TEST_mem_eq(expected->input, expected->input_len,
1583 decode_out, output_len)) {
1584 t->err = "BAD_DECODING";
1585 goto err;
1586 }
1587
1588 t->err = NULL;
1589 err:
1590 OPENSSL_free(encode_out);
1591 OPENSSL_free(decode_out);
1592 EVP_ENCODE_CTX_free(decode_ctx);
1593 return 1;
1594 }
1595
1596 static const EVP_TEST_METHOD encode_test_method = {
1597 "Encoding",
1598 encode_test_init,
1599 encode_test_cleanup,
1600 encode_test_parse,
1601 encode_test_run,
1602 };
1603
1604 /**
1605 *** KDF TESTS
1606 **/
1607
1608 typedef struct kdf_data_st {
1609 /* Context for this operation */
1610 EVP_PKEY_CTX *ctx;
1611 /* Expected output */
1612 unsigned char *output;
1613 size_t output_len;
1614 } KDF_DATA;
1615
1616 /*
1617 * Perform public key operation setup: lookup key, allocated ctx and call
1618 * the appropriate initialisation function
1619 */
1620 static int kdf_test_init(EVP_TEST *t, const char *name)
1621 {
1622 KDF_DATA *kdata;
1623
1624 if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata))))
1625 return 0;
1626 kdata->ctx = EVP_PKEY_CTX_new_id(OBJ_sn2nid(name), NULL);
1627 if (kdata->ctx == NULL)
1628 return 0;
1629 if (EVP_PKEY_derive_init(kdata->ctx) <= 0)
1630 return 0;
1631 t->data = kdata;
1632 return 1;
1633 }
1634
1635 static void kdf_test_cleanup(EVP_TEST *t)
1636 {
1637 KDF_DATA *kdata = t->data;
1638 OPENSSL_free(kdata->output);
1639 EVP_PKEY_CTX_free(kdata->ctx);
1640 }
1641
1642 static int kdf_test_parse(EVP_TEST *t,
1643 const char *keyword, const char *value)
1644 {
1645 KDF_DATA *kdata = t->data;
1646
1647 if (strcmp(keyword, "Output") == 0)
1648 return parse_bin(value, &kdata->output, &kdata->output_len);
1649 if (strncmp(keyword, "Ctrl", 4) == 0)
1650 return pkey_test_ctrl(t, kdata->ctx, value);
1651 return 0;
1652 }
1653
1654 static int kdf_test_run(EVP_TEST *t)
1655 {
1656 KDF_DATA *expected = t->data;
1657 unsigned char *got = NULL;
1658 size_t got_len = expected->output_len;
1659
1660 if (!TEST_ptr(got = OPENSSL_malloc(got_len))) {
1661 t->err = "INTERNAL_ERROR";
1662 goto err;
1663 }
1664 if (EVP_PKEY_derive(expected->ctx, got, &got_len) <= 0) {
1665 t->err = "KDF_DERIVE_ERROR";
1666 goto err;
1667 }
1668 if (!TEST_mem_eq(expected->output, expected->output_len, got, got_len)) {
1669 t->err = "KDF_MISMATCH";
1670 goto err;
1671 }
1672 t->err = NULL;
1673
1674 err:
1675 OPENSSL_free(got);
1676 return 1;
1677 }
1678
1679 static const EVP_TEST_METHOD kdf_test_method = {
1680 "KDF",
1681 kdf_test_init,
1682 kdf_test_cleanup,
1683 kdf_test_parse,
1684 kdf_test_run
1685 };
1686
1687
1688 /**
1689 *** KEYPAIR TESTS
1690 **/
1691
1692 typedef struct keypair_test_data_st {
1693 EVP_PKEY *privk;
1694 EVP_PKEY *pubk;
1695 } KEYPAIR_TEST_DATA;
1696
1697 static int keypair_test_init(EVP_TEST *t, const char *pair)
1698 {
1699 KEYPAIR_TEST_DATA *data;
1700 int rv = 0;
1701 EVP_PKEY *pk = NULL, *pubk = NULL;
1702 char *pub, *priv = NULL;
1703
1704 /* Split private and public names. */
1705 if (!TEST_ptr(priv = OPENSSL_strdup(pair))
1706 || !TEST_ptr(pub = strchr(priv, ':'))) {
1707 t->err = "PARSING_ERROR";
1708 goto end;
1709 }
1710 *pub++ = '\0';
1711
1712 if (!TEST_true(find_key(&pk, priv, private_keys))) {
1713 TEST_info("Can't find private key: %s", priv);
1714 t->err = "MISSING_PRIVATE_KEY";
1715 goto end;
1716 }
1717 if (!TEST_true(find_key(&pubk, pub, public_keys))) {
1718 TEST_info("Can't find public key: %s", pub);
1719 t->err = "MISSING_PUBLIC_KEY";
1720 goto end;
1721 }
1722
1723 if (pk == NULL && pubk == NULL) {
1724 /* Both keys are listed but unsupported: skip this test */
1725 t->skip = 1;
1726 rv = 1;
1727 goto end;
1728 }
1729
1730 if (!TEST_ptr(data = OPENSSL_malloc(sizeof(*data))))
1731 goto end;
1732 data->privk = pk;
1733 data->pubk = pubk;
1734 t->data = data;
1735 rv = 1;
1736 t->err = NULL;
1737
1738 end:
1739 OPENSSL_free(priv);
1740 return rv;
1741 }
1742
1743 static void keypair_test_cleanup(EVP_TEST *t)
1744 {
1745 OPENSSL_free(t->data);
1746 t->data = NULL;
1747 }
1748
1749 /*
1750 * For tests that do not accept any custom keywords.
1751 */
1752 static int void_test_parse(EVP_TEST *t, const char *keyword, const char *value)
1753 {
1754 return 0;
1755 }
1756
1757 static int keypair_test_run(EVP_TEST *t)
1758 {
1759 int rv = 0;
1760 const KEYPAIR_TEST_DATA *pair = t->data;
1761
1762 if (pair->privk == NULL || pair->pubk == NULL) {
1763 /*
1764 * this can only happen if only one of the keys is not set
1765 * which means that one of them was unsupported while the
1766 * other isn't: hence a key type mismatch.
1767 */
1768 t->err = "KEYPAIR_TYPE_MISMATCH";
1769 rv = 1;
1770 goto end;
1771 }
1772
1773 if ((rv = EVP_PKEY_cmp(pair->privk, pair->pubk)) != 1 ) {
1774 if ( 0 == rv ) {
1775 t->err = "KEYPAIR_MISMATCH";
1776 } else if ( -1 == rv ) {
1777 t->err = "KEYPAIR_TYPE_MISMATCH";
1778 } else if ( -2 == rv ) {
1779 t->err = "UNSUPPORTED_KEY_COMPARISON";
1780 } else {
1781 TEST_error("Unexpected error in key comparison");
1782 rv = 0;
1783 goto end;
1784 }
1785 rv = 1;
1786 goto end;
1787 }
1788
1789 rv = 1;
1790 t->err = NULL;
1791
1792 end:
1793 return rv;
1794 }
1795
1796 static const EVP_TEST_METHOD keypair_test_method = {
1797 "PrivPubKeyPair",
1798 keypair_test_init,
1799 keypair_test_cleanup,
1800 void_test_parse,
1801 keypair_test_run
1802 };
1803
1804
1805 /**
1806 *** DIGEST SIGN+VERIFY TESTS
1807 **/
1808
1809 typedef struct {
1810 int is_verify; /* Set to 1 if verifying */
1811 int is_oneshot; /* Set to 1 for one shot operation */
1812 const EVP_MD *md; /* Digest to use */
1813 EVP_MD_CTX *ctx; /* Digest context */
1814 EVP_PKEY_CTX *pctx;
1815 STACK_OF(EVP_TEST_BUFFER) *input; /* Input data: streaming */
1816 unsigned char *osin; /* Input data if one shot */
1817 size_t osin_len; /* Input length data if one shot */
1818 unsigned char *output; /* Expected output */
1819 size_t output_len; /* Expected output length */
1820 } DIGESTSIGN_DATA;
1821
1822 static int digestsigver_test_init(EVP_TEST *t, const char *alg, int is_verify,
1823 int is_oneshot)
1824 {
1825 const EVP_MD *md = NULL;
1826 DIGESTSIGN_DATA *mdat;
1827
1828 if (strcmp(alg, "NULL") != 0) {
1829 if ((md = EVP_get_digestbyname(alg)) == NULL) {
1830 /* If alg has an OID assume disabled algorithm */
1831 if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) {
1832 t->skip = 1;
1833 return 1;
1834 }
1835 return 0;
1836 }
1837 }
1838 if (!TEST_ptr(mdat = OPENSSL_zalloc(sizeof(*mdat))))
1839 return 0;
1840 mdat->md = md;
1841 if (!TEST_ptr(mdat->ctx = EVP_MD_CTX_new())) {
1842 OPENSSL_free(mdat);
1843 return 0;
1844 }
1845 mdat->is_verify = is_verify;
1846 mdat->is_oneshot = is_oneshot;
1847 t->data = mdat;
1848 return 1;
1849 }
1850
1851 static int digestsign_test_init(EVP_TEST *t, const char *alg)
1852 {
1853 return digestsigver_test_init(t, alg, 0, 0);
1854 }
1855
1856 static void digestsigver_test_cleanup(EVP_TEST *t)
1857 {
1858 DIGESTSIGN_DATA *mdata = t->data;
1859
1860 EVP_MD_CTX_free(mdata->ctx);
1861 sk_EVP_TEST_BUFFER_pop_free(mdata->input, evp_test_buffer_free);
1862 OPENSSL_free(mdata->osin);
1863 OPENSSL_free(mdata->output);
1864 OPENSSL_free(mdata);
1865 t->data = NULL;
1866 }
1867
1868 static int digestsigver_test_parse(EVP_TEST *t,
1869 const char *keyword, const char *value)
1870 {
1871 DIGESTSIGN_DATA *mdata = t->data;
1872
1873 if (strcmp(keyword, "Key") == 0) {
1874 EVP_PKEY *pkey = NULL;
1875 int rv = 0;
1876
1877 if (mdata->is_verify)
1878 rv = find_key(&pkey, value, public_keys);
1879 if (rv == 0)
1880 rv = find_key(&pkey, value, private_keys);
1881 if (rv == 0 || pkey == NULL) {
1882 t->skip = 1;
1883 return 1;
1884 }
1885 if (mdata->is_verify) {
1886 if (!EVP_DigestVerifyInit(mdata->ctx, &mdata->pctx, mdata->md,
1887 NULL, pkey))
1888 t->err = "DIGESTVERIFYINIT_ERROR";
1889 return 1;
1890 }
1891 if (!EVP_DigestSignInit(mdata->ctx, &mdata->pctx, mdata->md, NULL,
1892 pkey))
1893 t->err = "DIGESTSIGNINIT_ERROR";
1894 return 1;
1895 }
1896
1897 if (strcmp(keyword, "Input") == 0) {
1898 if (mdata->is_oneshot)
1899 return parse_bin(value, &mdata->osin, &mdata->osin_len);
1900 return evp_test_buffer_append(value, &mdata->input);
1901 }
1902 if (strcmp(keyword, "Output") == 0)
1903 return parse_bin(value, &mdata->output, &mdata->output_len);
1904
1905 if (!mdata->is_oneshot) {
1906 if (strcmp(keyword, "Count") == 0)
1907 return evp_test_buffer_set_count(value, mdata->input);
1908 if (strcmp(keyword, "Ncopy") == 0)
1909 return evp_test_buffer_ncopy(value, mdata->input);
1910 }
1911 if (strcmp(keyword, "Ctrl") == 0) {
1912 if (mdata->pctx == NULL)
1913 return 0;
1914 return pkey_test_ctrl(t, mdata->pctx, value);
1915 }
1916 return 0;
1917 }
1918
1919 static int digestsign_update_fn(void *ctx, const unsigned char *buf,
1920 size_t buflen)
1921 {
1922 return EVP_DigestSignUpdate(ctx, buf, buflen);
1923 }
1924
1925 static int digestsign_test_run(EVP_TEST *t)
1926 {
1927 DIGESTSIGN_DATA *expected = t->data;
1928 unsigned char *got = NULL;
1929 size_t got_len;
1930
1931 if (!evp_test_buffer_do(expected->input, digestsign_update_fn,
1932 expected->ctx)) {
1933 t->err = "DIGESTUPDATE_ERROR";
1934 goto err;
1935 }
1936
1937 if (!EVP_DigestSignFinal(expected->ctx, NULL, &got_len)) {
1938 t->err = "DIGESTSIGNFINAL_LENGTH_ERROR";
1939 goto err;
1940 }
1941 if (!TEST_ptr(got = OPENSSL_malloc(got_len))) {
1942 t->err = "MALLOC_FAILURE";
1943 goto err;
1944 }
1945 if (!EVP_DigestSignFinal(expected->ctx, got, &got_len)) {
1946 t->err = "DIGESTSIGNFINAL_ERROR";
1947 goto err;
1948 }
1949 if (!TEST_mem_eq(expected->output, expected->output_len, got, got_len)) {
1950 t->err = "SIGNATURE_MISMATCH";
1951 goto err;
1952 }
1953
1954 err:
1955 OPENSSL_free(got);
1956 return 1;
1957 }
1958
1959 static const EVP_TEST_METHOD digestsign_test_method = {
1960 "DigestSign",
1961 digestsign_test_init,
1962 digestsigver_test_cleanup,
1963 digestsigver_test_parse,
1964 digestsign_test_run
1965 };
1966
1967 static int digestverify_test_init(EVP_TEST *t, const char *alg)
1968 {
1969 return digestsigver_test_init(t, alg, 1, 0);
1970 }
1971
1972 static int digestverify_update_fn(void *ctx, const unsigned char *buf,
1973 size_t buflen)
1974 {
1975 return EVP_DigestVerifyUpdate(ctx, buf, buflen);
1976 }
1977
1978 static int digestverify_test_run(EVP_TEST *t)
1979 {
1980 DIGESTSIGN_DATA *mdata = t->data;
1981
1982 if (!evp_test_buffer_do(mdata->input, digestverify_update_fn, mdata->ctx)) {
1983 t->err = "DIGESTUPDATE_ERROR";
1984 return 1;
1985 }
1986
1987 if (EVP_DigestVerifyFinal(mdata->ctx, mdata->output,
1988 mdata->output_len) <= 0)
1989 t->err = "VERIFY_ERROR";
1990 return 1;
1991 }
1992
1993 static const EVP_TEST_METHOD digestverify_test_method = {
1994 "DigestVerify",
1995 digestverify_test_init,
1996 digestsigver_test_cleanup,
1997 digestsigver_test_parse,
1998 digestverify_test_run
1999 };
2000
2001 static int oneshot_digestsign_test_init(EVP_TEST *t, const char *alg)
2002 {
2003 return digestsigver_test_init(t, alg, 0, 1);
2004 }
2005
2006 static int oneshot_digestsign_test_run(EVP_TEST *t)
2007 {
2008 DIGESTSIGN_DATA *expected = t->data;
2009 unsigned char *got = NULL;
2010 size_t got_len;
2011
2012 if (!EVP_DigestSign(expected->ctx, NULL, &got_len,
2013 expected->osin, expected->osin_len)) {
2014 t->err = "DIGESTSIGN_LENGTH_ERROR";
2015 goto err;
2016 }
2017 if (!TEST_ptr(got = OPENSSL_malloc(got_len))) {
2018 t->err = "MALLOC_FAILURE";
2019 goto err;
2020 }
2021 if (!EVP_DigestSign(expected->ctx, got, &got_len,
2022 expected->osin, expected->osin_len)) {
2023 t->err = "DIGESTSIGN_ERROR";
2024 goto err;
2025 }
2026 if (!TEST_mem_eq(expected->output, expected->output_len, got, got_len)) {
2027 t->err = "SIGNATURE_MISMATCH";
2028 goto err;
2029 }
2030
2031 err:
2032 OPENSSL_free(got);
2033 return 1;
2034 }
2035
2036 static const EVP_TEST_METHOD oneshot_digestsign_test_method = {
2037 "OneShotDigestSign",
2038 oneshot_digestsign_test_init,
2039 digestsigver_test_cleanup,
2040 digestsigver_test_parse,
2041 oneshot_digestsign_test_run
2042 };
2043
2044 static int oneshot_digestverify_test_init(EVP_TEST *t, const char *alg)
2045 {
2046 return digestsigver_test_init(t, alg, 1, 1);
2047 }
2048
2049 static int oneshot_digestverify_test_run(EVP_TEST *t)
2050 {
2051 DIGESTSIGN_DATA *mdata = t->data;
2052
2053 if (EVP_DigestVerify(mdata->ctx, mdata->output, mdata->output_len,
2054 mdata->osin, mdata->osin_len) <= 0)
2055 t->err = "VERIFY_ERROR";
2056 return 1;
2057 }
2058
2059 static const EVP_TEST_METHOD oneshot_digestverify_test_method = {
2060 "OneShotDigestVerify",
2061 oneshot_digestverify_test_init,
2062 digestsigver_test_cleanup,
2063 digestsigver_test_parse,
2064 oneshot_digestverify_test_run
2065 };
2066
2067
2068 /**
2069 *** PARSING AND DISPATCH
2070 **/
2071
2072 static const EVP_TEST_METHOD *evp_test_list[] = {
2073 &cipher_test_method,
2074 &digest_test_method,
2075 &digestsign_test_method,
2076 &digestverify_test_method,
2077 &encode_test_method,
2078 &kdf_test_method,
2079 &keypair_test_method,
2080 &mac_test_method,
2081 &oneshot_digestsign_test_method,
2082 &oneshot_digestverify_test_method,
2083 &pbe_test_method,
2084 &pdecrypt_test_method,
2085 &pderive_test_method,
2086 &psign_test_method,
2087 &pverify_recover_test_method,
2088 &pverify_test_method,
2089 NULL
2090 };
2091
2092 static const EVP_TEST_METHOD *find_test(const char *name)
2093 {
2094 const EVP_TEST_METHOD **tt;
2095
2096 for (tt = evp_test_list; *tt; tt++) {
2097 if (strcmp(name, (*tt)->name) == 0)
2098 return *tt;
2099 }
2100 return NULL;
2101 }
2102
2103 static void clear_test(EVP_TEST *t)
2104 {
2105 test_clearstanza(&t->s);
2106 ERR_clear_error();
2107 if (t->data != NULL) {
2108 if (t->meth != NULL)
2109 t->meth->cleanup(t);
2110 OPENSSL_free(t->data);
2111 t->data = NULL;
2112 }
2113 OPENSSL_free(t->expected_err);
2114 t->expected_err = NULL;
2115 OPENSSL_free(t->func);
2116 t->func = NULL;
2117 OPENSSL_free(t->reason);
2118 t->reason = NULL;
2119
2120 /* Text literal. */
2121 t->err = NULL;
2122 t->skip = 0;
2123 t->meth = NULL;
2124 }
2125
2126 /*
2127 * Check for errors in the test structure; return 1 if okay, else 0.
2128 */
2129 static int check_test_error(EVP_TEST *t)
2130 {
2131 unsigned long err;
2132 const char *func;
2133 const char *reason;
2134
2135 if (t->err == NULL && t->expected_err == NULL)
2136 return 1;
2137 if (t->err != NULL && t->expected_err == NULL) {
2138 if (t->aux_err != NULL) {
2139 TEST_info("%s:%d: Source of above error (%s); unexpected error %s",
2140 t->s.test_file, t->s.start, t->aux_err, t->err);
2141 } else {
2142 TEST_info("%s:%d: Source of above error; unexpected error %s",
2143 t->s.test_file, t->s.start, t->err);
2144 }
2145 return 0;
2146 }
2147 if (t->err == NULL && t->expected_err != NULL) {
2148 TEST_info("%s:%d: Succeeded but was expecting %s",
2149 t->s.test_file, t->s.start, t->expected_err);
2150 return 0;
2151 }
2152
2153 if (strcmp(t->err, t->expected_err) != 0) {
2154 TEST_info("%s:%d: Expected %s got %s",
2155 t->s.test_file, t->s.start, t->expected_err, t->err);
2156 return 0;
2157 }
2158
2159 if (t->func == NULL && t->reason == NULL)
2160 return 1;
2161
2162 if (t->func == NULL || t->reason == NULL) {
2163 TEST_info("%s:%d: Test is missing function or reason code",
2164 t->s.test_file, t->s.start);
2165 return 0;
2166 }
2167
2168 err = ERR_peek_error();
2169 if (err == 0) {
2170 TEST_info("%s:%d: Expected error \"%s:%s\" not set",
2171 t->s.test_file, t->s.start, t->func, t->reason);
2172 return 0;
2173 }
2174
2175 func = ERR_func_error_string(err);
2176 reason = ERR_reason_error_string(err);
2177 if (func == NULL && reason == NULL) {
2178 TEST_info("%s:%d: Expected error \"%s:%s\", no strings available."
2179 " Assuming ok.",
2180 t->s.test_file, t->s.start, t->func, t->reason);
2181 return 1;
2182 }
2183
2184 if (strcmp(func, t->func) == 0 && strcmp(reason, t->reason) == 0)
2185 return 1;
2186
2187 TEST_info("%s:%d: Expected error \"%s:%s\", got \"%s:%s\"",
2188 t->s.test_file, t->s.start, t->func, t->reason, func, reason);
2189
2190 return 0;
2191 }
2192
2193 /*
2194 * Run a parsed test. Log a message and return 0 on error.
2195 */
2196 static int run_test(EVP_TEST *t)
2197 {
2198 if (t->meth == NULL)
2199 return 1;
2200 t->s.numtests++;
2201 if (t->skip) {
2202 t->s.numskip++;
2203 } else {
2204 /* run the test */
2205 if (t->err == NULL && t->meth->run_test(t) != 1) {
2206 TEST_info("%s:%d %s error",
2207 t->s.test_file, t->s.start, t->meth->name);
2208 return 0;
2209 }
2210 if (!check_test_error(t)) {
2211 test_openssl_errors();
2212 t->s.errors++;
2213 }
2214 }
2215
2216 /* clean it up */
2217 return 1;
2218 }
2219
2220 static int find_key(EVP_PKEY **ppk, const char *name, KEY_LIST *lst)
2221 {
2222 for (; lst != NULL; lst = lst->next) {
2223 if (strcmp(lst->name, name) == 0) {
2224 if (ppk != NULL)
2225 *ppk = lst->key;
2226 return 1;
2227 }
2228 }
2229 return 0;
2230 }
2231
2232 static void free_key_list(KEY_LIST *lst)
2233 {
2234 while (lst != NULL) {
2235 KEY_LIST *next = lst->next;
2236
2237 EVP_PKEY_free(lst->key);
2238 OPENSSL_free(lst->name);
2239 OPENSSL_free(lst);
2240 lst = next;
2241 }
2242 }
2243
2244 /*
2245 * Is the key type an unsupported algorithm?
2246 */
2247 static int key_unsupported()
2248 {
2249 long err = ERR_peek_error();
2250
2251 if (ERR_GET_LIB(err) == ERR_LIB_EVP
2252 && ERR_GET_REASON(err) == EVP_R_UNSUPPORTED_ALGORITHM) {
2253 ERR_clear_error();
2254 return 1;
2255 }
2256 #ifndef OPENSSL_NO_EC
2257 /*
2258 * If EC support is enabled we should catch also EC_R_UNKNOWN_GROUP as an
2259 * hint to an unsupported algorithm/curve (e.g. if binary EC support is
2260 * disabled).
2261 */
2262 if (ERR_GET_LIB(err) == ERR_LIB_EC
2263 && ERR_GET_REASON(err) == EC_R_UNKNOWN_GROUP) {
2264 ERR_clear_error();
2265 return 1;
2266 }
2267 #endif /* OPENSSL_NO_EC */
2268 return 0;
2269 }
2270
2271 /*
2272 * NULL out the value from |pp| but return it. This "steals" a pointer.
2273 */
2274 static char *take_value(PAIR *pp)
2275 {
2276 char *p = pp->value;
2277
2278 pp->value = NULL;
2279 return p;
2280 }
2281
2282 /*
2283 * Read and parse one test. Return 0 if failure, 1 if okay.
2284 */
2285 static int parse(EVP_TEST *t)
2286 {
2287 KEY_LIST *key, **klist;
2288 EVP_PKEY *pkey;
2289 PAIR *pp;
2290 int i;
2291
2292 top:
2293 do {
2294 if (BIO_eof(t->s.fp))
2295 return EOF;
2296 clear_test(t);
2297 if (!test_readstanza(&t->s))
2298 return 0;
2299 } while (t->s.numpairs == 0);
2300 pp = &t->s.pairs[0];
2301
2302 /* Are we adding a key? */
2303 klist = NULL;
2304 pkey = NULL;
2305 if (strcmp(pp->key, "PrivateKey") == 0) {
2306 pkey = PEM_read_bio_PrivateKey(t->s.key, NULL, 0, NULL);
2307 if (pkey == NULL && !key_unsupported()) {
2308 TEST_info("Can't read private key %s", pp->value);
2309 ERR_print_errors_fp(stderr);
2310 return 0;
2311 }
2312 klist = &private_keys;
2313 }
2314 else if (strcmp(pp->key, "PublicKey") == 0) {
2315 pkey = PEM_read_bio_PUBKEY(t->s.key, NULL, 0, NULL);
2316 if (pkey == NULL && !key_unsupported()) {
2317 TEST_info("Can't read public key %s", pp->value);
2318 ERR_print_errors_fp(stderr);
2319 return 0;
2320 }
2321 klist = &public_keys;
2322 }
2323
2324 /* If we have a key add to list */
2325 if (klist != NULL) {
2326 if (find_key(NULL, pp->value, *klist)) {
2327 TEST_info("Duplicate key %s", pp->value);
2328 return 0;
2329 }
2330 if (!TEST_ptr(key = OPENSSL_malloc(sizeof(*key))))
2331 return 0;
2332 key->name = take_value(pp);
2333 key->key = pkey;
2334 key->next = *klist;
2335 *klist = key;
2336
2337 /* Go back and start a new stanza. */
2338 if (t->s.numpairs != 1)
2339 TEST_info("Line %d: missing blank line\n", t->s.curr);
2340 goto top;
2341 }
2342
2343 /* Find the test, based on first keyword. */
2344 if (!TEST_ptr(t->meth = find_test(pp->key)))
2345 return 0;
2346 if (!t->meth->init(t, pp->value)) {
2347 TEST_error("unknown %s: %s\n", pp->key, pp->value);
2348 return 0;
2349 }
2350 if (t->skip == 1) {
2351 /* TEST_info("skipping %s %s", pp->key, pp->value); */
2352 return 0;
2353 }
2354
2355 for (pp++, i = 1; i < t->s.numpairs; pp++, i++) {
2356 if (strcmp(pp->key, "Result") == 0) {
2357 if (t->expected_err != NULL) {
2358 TEST_info("Line %d: multiple result lines", t->s.curr);
2359 return 0;
2360 }
2361 t->expected_err = take_value(pp);
2362 } else if (strcmp(pp->key, "Function") == 0) {
2363 if (t->func != NULL) {
2364 TEST_info("Line %d: multiple function lines\n", t->s.curr);
2365 return 0;
2366 }
2367 t->func = take_value(pp);
2368 } else if (strcmp(pp->key, "Reason") == 0) {
2369 if (t->reason != NULL) {
2370 TEST_info("Line %d: multiple reason lines", t->s.curr);
2371 return 0;
2372 }
2373 t->reason = take_value(pp);
2374 } else {
2375 /* Must be test specific line: try to parse it */
2376 int rv = t->meth->parse(t, pp->key, pp->value);
2377
2378 if (rv == 0) {
2379 TEST_info("Line %d: unknown keyword %s", t->s.curr, pp->key);
2380 return 0;
2381 }
2382 if (rv < 0) {
2383 TEST_info("Line %d: error processing keyword %s\n",
2384 t->s.curr, pp->key);
2385 return 0;
2386 }
2387 }
2388 }
2389
2390 return 1;
2391 }
2392
2393 static char * const *testfiles;
2394
2395 static int run_file_tests(int i)
2396 {
2397 EVP_TEST *t;
2398 int c;
2399
2400 if (!TEST_ptr(t = OPENSSL_zalloc(sizeof(*t))))
2401 return 0;
2402 if (!test_start_file(&t->s, testfiles[i])) {
2403 OPENSSL_free(t);
2404 return 0;
2405 }
2406
2407 while (!BIO_eof(t->s.fp)) {
2408 c = parse(t);
2409 if (t->skip)
2410 continue;
2411 if (c == 0 || !run_test(t)) {
2412 t->s.errors++;
2413 break;
2414 }
2415 }
2416 test_end_file(&t->s);
2417 clear_test(t);
2418
2419 free_key_list(public_keys);
2420 free_key_list(private_keys);
2421 BIO_free(t->s.key);
2422 c = t->s.errors;
2423 OPENSSL_free(t);
2424 return c == 0;
2425 }
2426
2427 int test_main(int argc, char *argv[])
2428 {
2429 if (argc < 2) {
2430 TEST_error("Usage: %s file...", argv[0]);
2431 return 0;
2432 }
2433 testfiles = &argv[1];
2434
2435 ADD_ALL_TESTS(run_file_tests, argc - 1);
2436
2437 return run_tests(argv[0]);
2438 }
A mirror of the official openssl repository