]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/evp_test.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
test: add cipher context dup test
[thirdparty/openssl.git] / test / evp_test.c
1 /*
2 * Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #define OPENSSL_SUPPRESS_DEPRECATED /* EVP_PKEY_new_CMAC_key */
11 #include <stdio.h>
12 #include <string.h>
13 #include <stdlib.h>
14 #include <ctype.h>
15 #include "../e_os.h" /* strcasecmp and strncasecmp */
16 #include <openssl/evp.h>
17 #include <openssl/pem.h>
18 #include <openssl/err.h>
19 #include <openssl/provider.h>
20 #include <openssl/x509v3.h>
21 #include <openssl/pkcs12.h>
22 #include <openssl/kdf.h>
23 #include <openssl/params.h>
24 #include <openssl/core_names.h>
25 #include <openssl/fips_names.h>
26 #include "internal/numbers.h"
27 #include "internal/nelem.h"
28 #include "crypto/evp.h"
29 #include "testutil.h"
30
31 typedef struct evp_test_buffer_st EVP_TEST_BUFFER;
32 DEFINE_STACK_OF(EVP_TEST_BUFFER)
33
34 #define AAD_NUM 4
35
36 typedef struct evp_test_method_st EVP_TEST_METHOD;
37
38 /* Structure holding test information */
39 typedef struct evp_test_st {
40 STANZA s; /* Common test stanza */
41 char *name;
42 int skip; /* Current test should be skipped */
43 const EVP_TEST_METHOD *meth; /* method for this test */
44 const char *err, *aux_err; /* Error string for test */
45 char *expected_err; /* Expected error value of test */
46 char *reason; /* Expected error reason string */
47 void *data; /* test specific data */
48 } EVP_TEST;
49
50 /* Test method structure */
51 struct evp_test_method_st {
52 /* Name of test as it appears in file */
53 const char *name;
54 /* Initialise test for "alg" */
55 int (*init) (EVP_TEST * t, const char *alg);
56 /* Clean up method */
57 void (*cleanup) (EVP_TEST * t);
58 /* Test specific name value pair processing */
59 int (*parse) (EVP_TEST * t, const char *name, const char *value);
60 /* Run the test itself */
61 int (*run_test) (EVP_TEST * t);
62 };
63
64 /* Linked list of named keys. */
65 typedef struct key_list_st {
66 char *name;
67 EVP_PKEY *key;
68 struct key_list_st *next;
69 } KEY_LIST;
70
71 typedef enum OPTION_choice {
72 OPT_ERR = -1,
73 OPT_EOF = 0,
74 OPT_CONFIG_FILE,
75 OPT_TEST_ENUM
76 } OPTION_CHOICE;
77
78 static OSSL_PROVIDER *prov_null = NULL;
79 static OSSL_LIB_CTX *libctx = NULL;
80
81 /* List of public and private keys */
82 static KEY_LIST *private_keys;
83 static KEY_LIST *public_keys;
84
85 static int find_key(EVP_PKEY **ppk, const char *name, KEY_LIST *lst);
86 static int parse_bin(const char *value, unsigned char **buf, size_t *buflen);
87 static int is_digest_disabled(const char *name);
88 static int is_pkey_disabled(const char *name);
89 static int is_mac_disabled(const char *name);
90 static int is_cipher_disabled(const char *name);
91 static int is_kdf_disabled(const char *name);
92
93 /*
94 * Compare two memory regions for equality, returning zero if they differ.
95 * However, if there is expected to be an error and the actual error
96 * matches then the memory is expected to be different so handle this
97 * case without producing unnecessary test framework output.
98 */
99 static int memory_err_compare(EVP_TEST *t, const char *err,
100 const void *expected, size_t expected_len,
101 const void *got, size_t got_len)
102 {
103 int r;
104
105 if (t->expected_err != NULL && strcmp(t->expected_err, err) == 0)
106 r = !TEST_mem_ne(expected, expected_len, got, got_len);
107 else
108 r = TEST_mem_eq(expected, expected_len, got, got_len);
109 if (!r)
110 t->err = err;
111 return r;
112 }
113
114 /*
115 * Structure used to hold a list of blocks of memory to test
116 * calls to "update" like functions.
117 */
118 struct evp_test_buffer_st {
119 unsigned char *buf;
120 size_t buflen;
121 size_t count;
122 int count_set;
123 };
124
125 static void evp_test_buffer_free(EVP_TEST_BUFFER *db)
126 {
127 if (db != NULL) {
128 OPENSSL_free(db->buf);
129 OPENSSL_free(db);
130 }
131 }
132
133 /* append buffer to a list */
134 static int evp_test_buffer_append(const char *value,
135 STACK_OF(EVP_TEST_BUFFER) **sk)
136 {
137 EVP_TEST_BUFFER *db = NULL;
138
139 if (!TEST_ptr(db = OPENSSL_malloc(sizeof(*db))))
140 goto err;
141
142 if (!parse_bin(value, &db->buf, &db->buflen))
143 goto err;
144 db->count = 1;
145 db->count_set = 0;
146
147 if (*sk == NULL && !TEST_ptr(*sk = sk_EVP_TEST_BUFFER_new_null()))
148 goto err;
149 if (!sk_EVP_TEST_BUFFER_push(*sk, db))
150 goto err;
151
152 return 1;
153
154 err:
155 evp_test_buffer_free(db);
156 return 0;
157 }
158
159 /* replace last buffer in list with copies of itself */
160 static int evp_test_buffer_ncopy(const char *value,
161 STACK_OF(EVP_TEST_BUFFER) *sk)
162 {
163 EVP_TEST_BUFFER *db;
164 unsigned char *tbuf, *p;
165 size_t tbuflen;
166 int ncopy = atoi(value);
167 int i;
168
169 if (ncopy <= 0)
170 return 0;
171 if (sk == NULL || sk_EVP_TEST_BUFFER_num(sk) == 0)
172 return 0;
173 db = sk_EVP_TEST_BUFFER_value(sk, sk_EVP_TEST_BUFFER_num(sk) - 1);
174
175 tbuflen = db->buflen * ncopy;
176 if (!TEST_ptr(tbuf = OPENSSL_malloc(tbuflen)))
177 return 0;
178 for (i = 0, p = tbuf; i < ncopy; i++, p += db->buflen)
179 memcpy(p, db->buf, db->buflen);
180
181 OPENSSL_free(db->buf);
182 db->buf = tbuf;
183 db->buflen = tbuflen;
184 return 1;
185 }
186
187 /* set repeat count for last buffer in list */
188 static int evp_test_buffer_set_count(const char *value,
189 STACK_OF(EVP_TEST_BUFFER) *sk)
190 {
191 EVP_TEST_BUFFER *db;
192 int count = atoi(value);
193
194 if (count <= 0)
195 return 0;
196
197 if (sk == NULL || sk_EVP_TEST_BUFFER_num(sk) == 0)
198 return 0;
199
200 db = sk_EVP_TEST_BUFFER_value(sk, sk_EVP_TEST_BUFFER_num(sk) - 1);
201 if (db->count_set != 0)
202 return 0;
203
204 db->count = (size_t)count;
205 db->count_set = 1;
206 return 1;
207 }
208
209 /* call "fn" with each element of the list in turn */
210 static int evp_test_buffer_do(STACK_OF(EVP_TEST_BUFFER) *sk,
211 int (*fn)(void *ctx,
212 const unsigned char *buf,
213 size_t buflen),
214 void *ctx)
215 {
216 int i;
217
218 for (i = 0; i < sk_EVP_TEST_BUFFER_num(sk); i++) {
219 EVP_TEST_BUFFER *tb = sk_EVP_TEST_BUFFER_value(sk, i);
220 size_t j;
221
222 for (j = 0; j < tb->count; j++) {
223 if (fn(ctx, tb->buf, tb->buflen) <= 0)
224 return 0;
225 }
226 }
227 return 1;
228 }
229
230 /*
231 * Unescape some sequences in string literals (only \n for now).
232 * Return an allocated buffer, set |out_len|. If |input_len|
233 * is zero, get an empty buffer but set length to zero.
234 */
235 static unsigned char* unescape(const char *input, size_t input_len,
236 size_t *out_len)
237 {
238 unsigned char *ret, *p;
239 size_t i;
240
241 if (input_len == 0) {
242 *out_len = 0;
243 return OPENSSL_zalloc(1);
244 }
245
246 /* Escaping is non-expanding; over-allocate original size for simplicity. */
247 if (!TEST_ptr(ret = p = OPENSSL_malloc(input_len)))
248 return NULL;
249
250 for (i = 0; i < input_len; i++) {
251 if (*input == '\\') {
252 if (i == input_len - 1 || *++input != 'n') {
253 TEST_error("Bad escape sequence in file");
254 goto err;
255 }
256 *p++ = '\n';
257 i++;
258 input++;
259 } else {
260 *p++ = *input++;
261 }
262 }
263
264 *out_len = p - ret;
265 return ret;
266
267 err:
268 OPENSSL_free(ret);
269 return NULL;
270 }
271
272 /*
273 * For a hex string "value" convert to a binary allocated buffer.
274 * Return 1 on success or 0 on failure.
275 */
276 static int parse_bin(const char *value, unsigned char **buf, size_t *buflen)
277 {
278 long len;
279
280 /* Check for NULL literal */
281 if (strcmp(value, "NULL") == 0) {
282 *buf = NULL;
283 *buflen = 0;
284 return 1;
285 }
286
287 /* Check for empty value */
288 if (*value == '\0') {
289 /*
290 * Don't return NULL for zero length buffer. This is needed for
291 * some tests with empty keys: HMAC_Init_ex() expects a non-NULL key
292 * buffer even if the key length is 0, in order to detect key reset.
293 */
294 *buf = OPENSSL_malloc(1);
295 if (*buf == NULL)
296 return 0;
297 **buf = 0;
298 *buflen = 0;
299 return 1;
300 }
301
302 /* Check for string literal */
303 if (value[0] == '"') {
304 size_t vlen = strlen(++value);
305
306 if (vlen == 0 || value[vlen - 1] != '"')
307 return 0;
308 vlen--;
309 *buf = unescape(value, vlen, buflen);
310 return *buf == NULL ? 0 : 1;
311 }
312
313 /* Otherwise assume as hex literal and convert it to binary buffer */
314 if (!TEST_ptr(*buf = OPENSSL_hexstr2buf(value, &len))) {
315 TEST_info("Can't convert %s", value);
316 TEST_openssl_errors();
317 return -1;
318 }
319 /* Size of input buffer means we'll never overflow */
320 *buflen = len;
321 return 1;
322 }
323
324 /**
325 ** MESSAGE DIGEST TESTS
326 **/
327
328 typedef struct digest_data_st {
329 /* Digest this test is for */
330 const EVP_MD *digest;
331 EVP_MD *fetched_digest;
332 /* Input to digest */
333 STACK_OF(EVP_TEST_BUFFER) *input;
334 /* Expected output */
335 unsigned char *output;
336 size_t output_len;
337 /* Padding type */
338 int pad_type;
339 } DIGEST_DATA;
340
341 static int digest_test_init(EVP_TEST *t, const char *alg)
342 {
343 DIGEST_DATA *mdat;
344 const EVP_MD *digest;
345 EVP_MD *fetched_digest;
346
347 if (is_digest_disabled(alg)) {
348 TEST_info("skipping, '%s' is disabled", alg);
349 t->skip = 1;
350 return 1;
351 }
352
353 if ((digest = fetched_digest = EVP_MD_fetch(libctx, alg, NULL)) == NULL
354 && (digest = EVP_get_digestbyname(alg)) == NULL)
355 return 0;
356 if (!TEST_ptr(mdat = OPENSSL_zalloc(sizeof(*mdat))))
357 return 0;
358 t->data = mdat;
359 mdat->digest = digest;
360 mdat->fetched_digest = fetched_digest;
361 mdat->pad_type = 0;
362 if (fetched_digest != NULL)
363 TEST_info("%s is fetched", alg);
364 return 1;
365 }
366
367 static void digest_test_cleanup(EVP_TEST *t)
368 {
369 DIGEST_DATA *mdat = t->data;
370
371 sk_EVP_TEST_BUFFER_pop_free(mdat->input, evp_test_buffer_free);
372 OPENSSL_free(mdat->output);
373 EVP_MD_free(mdat->fetched_digest);
374 }
375
376 static int digest_test_parse(EVP_TEST *t,
377 const char *keyword, const char *value)
378 {
379 DIGEST_DATA *mdata = t->data;
380
381 if (strcmp(keyword, "Input") == 0)
382 return evp_test_buffer_append(value, &mdata->input);
383 if (strcmp(keyword, "Output") == 0)
384 return parse_bin(value, &mdata->output, &mdata->output_len);
385 if (strcmp(keyword, "Count") == 0)
386 return evp_test_buffer_set_count(value, mdata->input);
387 if (strcmp(keyword, "Ncopy") == 0)
388 return evp_test_buffer_ncopy(value, mdata->input);
389 if (strcmp(keyword, "Padding") == 0)
390 return (mdata->pad_type = atoi(value)) > 0;
391 return 0;
392 }
393
394 static int digest_update_fn(void *ctx, const unsigned char *buf, size_t buflen)
395 {
396 return EVP_DigestUpdate(ctx, buf, buflen);
397 }
398
399 static int test_duplicate_md_ctx(EVP_TEST *t, EVP_MD_CTX *mctx)
400 {
401 char dont[] = "touch";
402
403 if (!TEST_ptr(mctx))
404 return 0;
405 if (!EVP_DigestFinalXOF(mctx, (unsigned char *)dont, 0)) {
406 EVP_MD_CTX_free(mctx);
407 t->err = "DIGESTFINALXOF_ERROR";
408 return 0;
409 }
410 if (!TEST_str_eq(dont, "touch")) {
411 EVP_MD_CTX_free(mctx);
412 t->err = "DIGESTFINALXOF_ERROR";
413 return 0;
414 }
415 EVP_MD_CTX_free(mctx);
416 return 1;
417 }
418
419 static int digest_test_run(EVP_TEST *t)
420 {
421 DIGEST_DATA *expected = t->data;
422 EVP_TEST_BUFFER *inbuf;
423 EVP_MD_CTX *mctx;
424 unsigned char *got = NULL;
425 unsigned int got_len;
426 size_t size = 0;
427 int xof = 0;
428 OSSL_PARAM params[2];
429
430 printf("test %s (%d %d)\n", t->name, t->s.start, t->s.curr);
431 t->err = "TEST_FAILURE";
432 if (!TEST_ptr(mctx = EVP_MD_CTX_new()))
433 goto err;
434
435 got = OPENSSL_malloc(expected->output_len > EVP_MAX_MD_SIZE ?
436 expected->output_len : EVP_MAX_MD_SIZE);
437 if (!TEST_ptr(got))
438 goto err;
439
440 if (!EVP_DigestInit_ex(mctx, expected->digest, NULL)) {
441 t->err = "DIGESTINIT_ERROR";
442 goto err;
443 }
444 if (expected->pad_type > 0) {
445 params[0] = OSSL_PARAM_construct_int(OSSL_DIGEST_PARAM_PAD_TYPE,
446 &expected->pad_type);
447 params[1] = OSSL_PARAM_construct_end();
448 if (!TEST_int_gt(EVP_MD_CTX_set_params(mctx, params), 0)) {
449 t->err = "PARAMS_ERROR";
450 goto err;
451 }
452 }
453 if (!evp_test_buffer_do(expected->input, digest_update_fn, mctx)) {
454 t->err = "DIGESTUPDATE_ERROR";
455 goto err;
456 }
457
458 xof = (EVP_MD_get_flags(expected->digest) & EVP_MD_FLAG_XOF) != 0;
459 if (xof) {
460 EVP_MD_CTX *mctx_cpy;
461
462 if (!TEST_ptr(mctx_cpy = EVP_MD_CTX_new())) {
463 goto err;
464 }
465 if (!TEST_true(EVP_MD_CTX_copy(mctx_cpy, mctx))) {
466 EVP_MD_CTX_free(mctx_cpy);
467 goto err;
468 } else if (!test_duplicate_md_ctx(t, mctx_cpy)) {
469 goto err;
470 }
471
472 if (!test_duplicate_md_ctx(t, EVP_MD_CTX_dup(mctx)))
473 goto err;
474
475 got_len = expected->output_len;
476 if (!EVP_DigestFinalXOF(mctx, got, got_len)) {
477 t->err = "DIGESTFINALXOF_ERROR";
478 goto err;
479 }
480 } else {
481 if (!EVP_DigestFinal(mctx, got, &got_len)) {
482 t->err = "DIGESTFINAL_ERROR";
483 goto err;
484 }
485 }
486 if (!TEST_int_eq(expected->output_len, got_len)) {
487 t->err = "DIGEST_LENGTH_MISMATCH";
488 goto err;
489 }
490 if (!memory_err_compare(t, "DIGEST_MISMATCH",
491 expected->output, expected->output_len,
492 got, got_len))
493 goto err;
494
495 t->err = NULL;
496
497 /* Test the EVP_Q_digest interface as well */
498 if (sk_EVP_TEST_BUFFER_num(expected->input) == 1
499 && !xof
500 /* This should never fail but we need the returned pointer now */
501 && !TEST_ptr(inbuf = sk_EVP_TEST_BUFFER_value(expected->input, 0))
502 && !inbuf->count_set) {
503 OPENSSL_cleanse(got, got_len);
504 if (!TEST_true(EVP_Q_digest(libctx,
505 EVP_MD_get0_name(expected->fetched_digest),
506 NULL, inbuf->buf, inbuf->buflen,
507 got, &size))
508 || !TEST_mem_eq(got, size,
509 expected->output, expected->output_len)) {
510 t->err = "EVP_Q_digest failed";
511 goto err;
512 }
513 }
514
515 err:
516 OPENSSL_free(got);
517 EVP_MD_CTX_free(mctx);
518 return 1;
519 }
520
521 static const EVP_TEST_METHOD digest_test_method = {
522 "Digest",
523 digest_test_init,
524 digest_test_cleanup,
525 digest_test_parse,
526 digest_test_run
527 };
528
529 /**
530 *** CIPHER TESTS
531 **/
532
533 typedef struct cipher_data_st {
534 const EVP_CIPHER *cipher;
535 EVP_CIPHER *fetched_cipher;
536 int enc;
537 /* EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE or EVP_CIPH_OCB_MODE if AEAD */
538 int aead;
539 unsigned char *key;
540 size_t key_len;
541 size_t key_bits; /* Used by RC2 */
542 unsigned char *iv;
543 unsigned char *next_iv; /* Expected IV state after operation */
544 unsigned int rounds;
545 size_t iv_len;
546 unsigned char *plaintext;
547 size_t plaintext_len;
548 unsigned char *ciphertext;
549 size_t ciphertext_len;
550 /* AEAD ciphers only */
551 unsigned char *aad[AAD_NUM];
552 size_t aad_len[AAD_NUM];
553 int tls_aad;
554 int tls_version;
555 unsigned char *tag;
556 const char *cts_mode;
557 size_t tag_len;
558 int tag_late;
559 unsigned char *mac_key;
560 size_t mac_key_len;
561 } CIPHER_DATA;
562
563 static int cipher_test_init(EVP_TEST *t, const char *alg)
564 {
565 const EVP_CIPHER *cipher;
566 EVP_CIPHER *fetched_cipher;
567 CIPHER_DATA *cdat;
568 int m;
569
570 if (is_cipher_disabled(alg)) {
571 t->skip = 1;
572 TEST_info("skipping, '%s' is disabled", alg);
573 return 1;
574 }
575
576 ERR_set_mark();
577 if ((cipher = fetched_cipher = EVP_CIPHER_fetch(libctx, alg, NULL)) == NULL
578 && (cipher = EVP_get_cipherbyname(alg)) == NULL) {
579 /* a stitched cipher might not be available */
580 if (strstr(alg, "HMAC") != NULL) {
581 ERR_pop_to_mark();
582 t->skip = 1;
583 TEST_info("skipping, '%s' is not available", alg);
584 return 1;
585 }
586 ERR_clear_last_mark();
587 return 0;
588 }
589 ERR_clear_last_mark();
590
591 cdat = OPENSSL_zalloc(sizeof(*cdat));
592 cdat->cipher = cipher;
593 cdat->fetched_cipher = fetched_cipher;
594 cdat->enc = -1;
595 m = EVP_CIPHER_get_mode(cipher);
596 if (EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER)
597 cdat->aead = m != 0 ? m : -1;
598 else
599 cdat->aead = 0;
600
601 t->data = cdat;
602 if (fetched_cipher != NULL)
603 TEST_info("%s is fetched", alg);
604 return 1;
605 }
606
607 static void cipher_test_cleanup(EVP_TEST *t)
608 {
609 int i;
610 CIPHER_DATA *cdat = t->data;
611
612 OPENSSL_free(cdat->key);
613 OPENSSL_free(cdat->iv);
614 OPENSSL_free(cdat->next_iv);
615 OPENSSL_free(cdat->ciphertext);
616 OPENSSL_free(cdat->plaintext);
617 for (i = 0; i < AAD_NUM; i++)
618 OPENSSL_free(cdat->aad[i]);
619 OPENSSL_free(cdat->tag);
620 OPENSSL_free(cdat->mac_key);
621 EVP_CIPHER_free(cdat->fetched_cipher);
622 }
623
624 static int cipher_test_parse(EVP_TEST *t, const char *keyword,
625 const char *value)
626 {
627 CIPHER_DATA *cdat = t->data;
628 int i;
629
630 if (strcmp(keyword, "Key") == 0)
631 return parse_bin(value, &cdat->key, &cdat->key_len);
632 if (strcmp(keyword, "Rounds") == 0) {
633 i = atoi(value);
634 if (i < 0)
635 return -1;
636 cdat->rounds = (unsigned int)i;
637 return 1;
638 }
639 if (strcmp(keyword, "IV") == 0)
640 return parse_bin(value, &cdat->iv, &cdat->iv_len);
641 if (strcmp(keyword, "NextIV") == 0)
642 return parse_bin(value, &cdat->next_iv, &cdat->iv_len);
643 if (strcmp(keyword, "Plaintext") == 0)
644 return parse_bin(value, &cdat->plaintext, &cdat->plaintext_len);
645 if (strcmp(keyword, "Ciphertext") == 0)
646 return parse_bin(value, &cdat->ciphertext, &cdat->ciphertext_len);
647 if (strcmp(keyword, "KeyBits") == 0) {
648 i = atoi(value);
649 if (i < 0)
650 return -1;
651 cdat->key_bits = (size_t)i;
652 return 1;
653 }
654 if (cdat->aead) {
655 int tls_aad = 0;
656
657 if (strcmp(keyword, "TLSAAD") == 0)
658 cdat->tls_aad = tls_aad = 1;
659 if (strcmp(keyword, "AAD") == 0 || tls_aad) {
660 for (i = 0; i < AAD_NUM; i++) {
661 if (cdat->aad[i] == NULL)
662 return parse_bin(value, &cdat->aad[i], &cdat->aad_len[i]);
663 }
664 return -1;
665 }
666 if (strcmp(keyword, "Tag") == 0)
667 return parse_bin(value, &cdat->tag, &cdat->tag_len);
668 if (strcmp(keyword, "SetTagLate") == 0) {
669 if (strcmp(value, "TRUE") == 0)
670 cdat->tag_late = 1;
671 else if (strcmp(value, "FALSE") == 0)
672 cdat->tag_late = 0;
673 else
674 return -1;
675 return 1;
676 }
677 if (strcmp(keyword, "MACKey") == 0)
678 return parse_bin(value, &cdat->mac_key, &cdat->mac_key_len);
679 if (strcmp(keyword, "TLSVersion") == 0) {
680 char *endptr;
681
682 cdat->tls_version = (int)strtol(value, &endptr, 0);
683 return value[0] != '\0' && endptr[0] == '\0';
684 }
685 }
686
687 if (strcmp(keyword, "Operation") == 0) {
688 if (strcmp(value, "ENCRYPT") == 0)
689 cdat->enc = 1;
690 else if (strcmp(value, "DECRYPT") == 0)
691 cdat->enc = 0;
692 else
693 return -1;
694 return 1;
695 }
696 if (strcmp(keyword, "CTSMode") == 0) {
697 cdat->cts_mode = value;
698 return 1;
699 }
700 return 0;
701 }
702
703 static int cipher_test_enc(EVP_TEST *t, int enc,
704 size_t out_misalign, size_t inp_misalign, int frag)
705 {
706 CIPHER_DATA *expected = t->data;
707 unsigned char *in, *expected_out, *tmp = NULL;
708 size_t in_len, out_len, donelen = 0;
709 int ok = 0, tmplen, chunklen, tmpflen, i;
710 EVP_CIPHER_CTX *ctx_base = NULL;
711 EVP_CIPHER_CTX *ctx = NULL, *duped;
712
713 t->err = "TEST_FAILURE";
714 if (!TEST_ptr(ctx_base = EVP_CIPHER_CTX_new()))
715 goto err;
716 if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new()))
717 goto err;
718 EVP_CIPHER_CTX_set_flags(ctx_base, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
719 if (enc) {
720 in = expected->plaintext;
721 in_len = expected->plaintext_len;
722 expected_out = expected->ciphertext;
723 out_len = expected->ciphertext_len;
724 } else {
725 in = expected->ciphertext;
726 in_len = expected->ciphertext_len;
727 expected_out = expected->plaintext;
728 out_len = expected->plaintext_len;
729 }
730 if (inp_misalign == (size_t)-1) {
731 /* Exercise in-place encryption */
732 tmp = OPENSSL_malloc(out_misalign + in_len + 2 * EVP_MAX_BLOCK_LENGTH);
733 if (!tmp)
734 goto err;
735 in = memcpy(tmp + out_misalign, in, in_len);
736 } else {
737 inp_misalign += 16 - ((out_misalign + in_len) & 15);
738 /*
739 * 'tmp' will store both output and copy of input. We make the copy
740 * of input to specifically aligned part of 'tmp'. So we just
741 * figured out how much padding would ensure the required alignment,
742 * now we allocate extended buffer and finally copy the input just
743 * past inp_misalign in expression below. Output will be written
744 * past out_misalign...
745 */
746 tmp = OPENSSL_malloc(out_misalign + in_len + 2 * EVP_MAX_BLOCK_LENGTH +
747 inp_misalign + in_len);
748 if (!tmp)
749 goto err;
750 in = memcpy(tmp + out_misalign + in_len + 2 * EVP_MAX_BLOCK_LENGTH +
751 inp_misalign, in, in_len);
752 }
753 if (!EVP_CipherInit_ex(ctx_base, expected->cipher, NULL, NULL, NULL, enc)) {
754 t->err = "CIPHERINIT_ERROR";
755 goto err;
756 }
757 if (expected->cts_mode != NULL) {
758 OSSL_PARAM params[2];
759
760 params[0] = OSSL_PARAM_construct_utf8_string(OSSL_CIPHER_PARAM_CTS_MODE,
761 (char *)expected->cts_mode,
762 0);
763 params[1] = OSSL_PARAM_construct_end();
764 if (!EVP_CIPHER_CTX_set_params(ctx_base, params)) {
765 t->err = "INVALID_CTS_MODE";
766 goto err;
767 }
768 }
769 if (expected->iv) {
770 if (expected->aead) {
771 if (!EVP_CIPHER_CTX_ctrl(ctx_base, EVP_CTRL_AEAD_SET_IVLEN,
772 expected->iv_len, 0)) {
773 t->err = "INVALID_IV_LENGTH";
774 goto err;
775 }
776 } else if (expected->iv_len != (size_t)EVP_CIPHER_CTX_get_iv_length(ctx_base)) {
777 t->err = "INVALID_IV_LENGTH";
778 goto err;
779 }
780 }
781 if (expected->aead && !expected->tls_aad) {
782 unsigned char *tag;
783 /*
784 * If encrypting or OCB just set tag length initially, otherwise
785 * set tag length and value.
786 */
787 if (enc || expected->aead == EVP_CIPH_OCB_MODE || expected->tag_late) {
788 t->err = "TAG_LENGTH_SET_ERROR";
789 tag = NULL;
790 } else {
791 t->err = "TAG_SET_ERROR";
792 tag = expected->tag;
793 }
794 if (tag || expected->aead != EVP_CIPH_GCM_MODE) {
795 if (!EVP_CIPHER_CTX_ctrl(ctx_base, EVP_CTRL_AEAD_SET_TAG,
796 expected->tag_len, tag))
797 goto err;
798 }
799 }
800
801 if (expected->rounds > 0) {
802 int rounds = (int)expected->rounds;
803
804 if (!EVP_CIPHER_CTX_ctrl(ctx_base, EVP_CTRL_SET_RC5_ROUNDS, rounds, NULL)) {
805 t->err = "INVALID_ROUNDS";
806 goto err;
807 }
808 }
809
810 if (!EVP_CIPHER_CTX_set_key_length(ctx_base, expected->key_len)) {
811 t->err = "INVALID_KEY_LENGTH";
812 goto err;
813 }
814 if (expected->key_bits > 0) {
815 int bits = (int)expected->key_bits;
816
817 if (!EVP_CIPHER_CTX_ctrl(ctx_base, EVP_CTRL_SET_RC2_KEY_BITS, bits, NULL)) {
818 t->err = "INVALID KEY BITS";
819 goto err;
820 }
821 }
822 if (!EVP_CipherInit_ex(ctx_base, NULL, NULL, expected->key, expected->iv, -1)) {
823 t->err = "KEY_SET_ERROR";
824 goto err;
825 }
826
827 /* Check that we get the same IV back */
828 if (expected->iv != NULL) {
829 /* Some (e.g., GCM) tests use IVs longer than EVP_MAX_IV_LENGTH. */
830 unsigned char iv[128];
831 if (!TEST_true(EVP_CIPHER_CTX_get_updated_iv(ctx_base, iv, sizeof(iv)))
832 || ((EVP_CIPHER_get_flags(expected->cipher) & EVP_CIPH_CUSTOM_IV) == 0
833 && !TEST_mem_eq(expected->iv, expected->iv_len, iv,
834 expected->iv_len))) {
835 t->err = "INVALID_IV";
836 goto err;
837 }
838 }
839
840 /* Test that the cipher dup functions correctly if it is supported */
841 ERR_set_mark();
842 if (EVP_CIPHER_CTX_copy(ctx, ctx_base)) {
843 EVP_CIPHER_CTX_free(ctx_base);
844 ctx_base = NULL;
845 } else {
846 EVP_CIPHER_CTX_free(ctx);
847 ctx = ctx_base;
848 }
849 /* Likewise for dup */
850 duped = EVP_CIPHER_CTX_dup(ctx);
851 if (duped != NULL) {
852 EVP_CIPHER_CTX_free(ctx);
853 ctx = duped;
854 }
855 ERR_pop_to_mark();
856
857 if (expected->mac_key != NULL
858 && !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY,
859 (int)expected->mac_key_len,
860 (void *)expected->mac_key)) {
861 t->err = "SET_MAC_KEY_ERROR";
862 goto err;
863 }
864
865 if (expected->tls_version) {
866 OSSL_PARAM params[2];
867
868 params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_TLS_VERSION,
869 &expected->tls_version);
870 params[1] = OSSL_PARAM_construct_end();
871 if (!EVP_CIPHER_CTX_set_params(ctx, params)) {
872 t->err = "SET_TLS_VERSION_ERROR";
873 goto err;
874 }
875 }
876
877 if (expected->aead == EVP_CIPH_CCM_MODE) {
878 if (!EVP_CipherUpdate(ctx, NULL, &tmplen, NULL, out_len)) {
879 t->err = "CCM_PLAINTEXT_LENGTH_SET_ERROR";
880 goto err;
881 }
882 }
883 if (expected->aad[0] != NULL && !expected->tls_aad) {
884 t->err = "AAD_SET_ERROR";
885 if (!frag) {
886 for (i = 0; expected->aad[i] != NULL; i++) {
887 if (!EVP_CipherUpdate(ctx, NULL, &chunklen, expected->aad[i],
888 expected->aad_len[i]))
889 goto err;
890 }
891 } else {
892 /*
893 * Supply the AAD in chunks less than the block size where possible
894 */
895 for (i = 0; expected->aad[i] != NULL; i++) {
896 if (expected->aad_len[i] > 0) {
897 if (!EVP_CipherUpdate(ctx, NULL, &chunklen, expected->aad[i], 1))
898 goto err;
899 donelen++;
900 }
901 if (expected->aad_len[i] > 2) {
902 if (!EVP_CipherUpdate(ctx, NULL, &chunklen,
903 expected->aad[i] + donelen,
904 expected->aad_len[i] - 2))
905 goto err;
906 donelen += expected->aad_len[i] - 2;
907 }
908 if (expected->aad_len[i] > 1
909 && !EVP_CipherUpdate(ctx, NULL, &chunklen,
910 expected->aad[i] + donelen, 1))
911 goto err;
912 }
913 }
914 }
915
916 if (expected->tls_aad) {
917 OSSL_PARAM params[2];
918 char *tls_aad;
919
920 /* duplicate the aad as the implementation might modify it */
921 if ((tls_aad = OPENSSL_memdup(expected->aad[0],
922 expected->aad_len[0])) == NULL)
923 goto err;
924 params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD,
925 tls_aad,
926 expected->aad_len[0]);
927 params[1] = OSSL_PARAM_construct_end();
928 if (!EVP_CIPHER_CTX_set_params(ctx, params)) {
929 OPENSSL_free(tls_aad);
930 t->err = "TLS1_AAD_ERROR";
931 goto err;
932 }
933 OPENSSL_free(tls_aad);
934 } else if (!enc && (expected->aead == EVP_CIPH_OCB_MODE
935 || expected->tag_late)) {
936 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
937 expected->tag_len, expected->tag)) {
938 t->err = "TAG_SET_ERROR";
939 goto err;
940 }
941 }
942
943 EVP_CIPHER_CTX_set_padding(ctx, 0);
944 t->err = "CIPHERUPDATE_ERROR";
945 tmplen = 0;
946 if (!frag) {
947 /* We supply the data all in one go */
948 if (!EVP_CipherUpdate(ctx, tmp + out_misalign, &tmplen, in, in_len))
949 goto err;
950 } else {
951 /* Supply the data in chunks less than the block size where possible */
952 if (in_len > 0) {
953 if (!EVP_CipherUpdate(ctx, tmp + out_misalign, &chunklen, in, 1))
954 goto err;
955 tmplen += chunklen;
956 in++;
957 in_len--;
958 }
959 if (in_len > 1) {
960 if (!EVP_CipherUpdate(ctx, tmp + out_misalign + tmplen, &chunklen,
961 in, in_len - 1))
962 goto err;
963 tmplen += chunklen;
964 in += in_len - 1;
965 in_len = 1;
966 }
967 if (in_len > 0) {
968 if (!EVP_CipherUpdate(ctx, tmp + out_misalign + tmplen, &chunklen,
969 in, 1))
970 goto err;
971 tmplen += chunklen;
972 }
973 }
974 if (!EVP_CipherFinal_ex(ctx, tmp + out_misalign + tmplen, &tmpflen)) {
975 t->err = "CIPHERFINAL_ERROR";
976 goto err;
977 }
978 if (!enc && expected->tls_aad) {
979 if (expected->tls_version >= TLS1_1_VERSION
980 && (EVP_CIPHER_is_a(expected->cipher, "AES-128-CBC-HMAC-SHA1")
981 || EVP_CIPHER_is_a(expected->cipher, "AES-256-CBC-HMAC-SHA1"))) {
982 tmplen -= expected->iv_len;
983 expected_out += expected->iv_len;
984 out_misalign += expected->iv_len;
985 }
986 if ((int)out_len > tmplen + tmpflen)
987 out_len = tmplen + tmpflen;
988 }
989 if (!memory_err_compare(t, "VALUE_MISMATCH", expected_out, out_len,
990 tmp + out_misalign, tmplen + tmpflen))
991 goto err;
992 if (enc && expected->aead && !expected->tls_aad) {
993 unsigned char rtag[16];
994
995 if (!TEST_size_t_le(expected->tag_len, sizeof(rtag))) {
996 t->err = "TAG_LENGTH_INTERNAL_ERROR";
997 goto err;
998 }
999 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
1000 expected->tag_len, rtag)) {
1001 t->err = "TAG_RETRIEVE_ERROR";
1002 goto err;
1003 }
1004 if (!memory_err_compare(t, "TAG_VALUE_MISMATCH",
1005 expected->tag, expected->tag_len,
1006 rtag, expected->tag_len))
1007 goto err;
1008 }
1009 /* Check the updated IV */
1010 if (expected->next_iv != NULL) {
1011 /* Some (e.g., GCM) tests use IVs longer than EVP_MAX_IV_LENGTH. */
1012 unsigned char iv[128];
1013 if (!TEST_true(EVP_CIPHER_CTX_get_updated_iv(ctx, iv, sizeof(iv)))
1014 || ((EVP_CIPHER_get_flags(expected->cipher) & EVP_CIPH_CUSTOM_IV) == 0
1015 && !TEST_mem_eq(expected->next_iv, expected->iv_len, iv,
1016 expected->iv_len))) {
1017 t->err = "INVALID_NEXT_IV";
1018 goto err;
1019 }
1020 }
1021
1022 t->err = NULL;
1023 ok = 1;
1024 err:
1025 OPENSSL_free(tmp);
1026 if (ctx != ctx_base)
1027 EVP_CIPHER_CTX_free(ctx_base);
1028 EVP_CIPHER_CTX_free(ctx);
1029 return ok;
1030 }
1031
1032 static int cipher_test_run(EVP_TEST *t)
1033 {
1034 CIPHER_DATA *cdat = t->data;
1035 int rv, frag = 0;
1036 size_t out_misalign, inp_misalign;
1037
1038 if (!cdat->key) {
1039 t->err = "NO_KEY";
1040 return 0;
1041 }
1042 if (!cdat->iv && EVP_CIPHER_get_iv_length(cdat->cipher)) {
1043 /* IV is optional and usually omitted in wrap mode */
1044 if (EVP_CIPHER_get_mode(cdat->cipher) != EVP_CIPH_WRAP_MODE) {
1045 t->err = "NO_IV";
1046 return 0;
1047 }
1048 }
1049 if (cdat->aead && cdat->tag == NULL && !cdat->tls_aad) {
1050 t->err = "NO_TAG";
1051 return 0;
1052 }
1053 for (out_misalign = 0; out_misalign <= 1;) {
1054 static char aux_err[64];
1055 t->aux_err = aux_err;
1056 for (inp_misalign = (size_t)-1; inp_misalign != 2; inp_misalign++) {
1057 if (inp_misalign == (size_t)-1) {
1058 /* kludge: inp_misalign == -1 means "exercise in-place" */
1059 BIO_snprintf(aux_err, sizeof(aux_err),
1060 "%s in-place, %sfragmented",
1061 out_misalign ? "misaligned" : "aligned",
1062 frag ? "" : "not ");
1063 } else {
1064 BIO_snprintf(aux_err, sizeof(aux_err),
1065 "%s output and %s input, %sfragmented",
1066 out_misalign ? "misaligned" : "aligned",
1067 inp_misalign ? "misaligned" : "aligned",
1068 frag ? "" : "not ");
1069 }
1070 if (cdat->enc) {
1071 rv = cipher_test_enc(t, 1, out_misalign, inp_misalign, frag);
1072 /* Not fatal errors: return */
1073 if (rv != 1) {
1074 if (rv < 0)
1075 return 0;
1076 return 1;
1077 }
1078 }
1079 if (cdat->enc != 1) {
1080 rv = cipher_test_enc(t, 0, out_misalign, inp_misalign, frag);
1081 /* Not fatal errors: return */
1082 if (rv != 1) {
1083 if (rv < 0)
1084 return 0;
1085 return 1;
1086 }
1087 }
1088 }
1089
1090 if (out_misalign == 1 && frag == 0) {
1091 /*
1092 * XTS, SIV, CCM, stitched ciphers and Wrap modes have special
1093 * requirements about input lengths so we don't fragment for those
1094 */
1095 if (cdat->aead == EVP_CIPH_CCM_MODE
1096 || cdat->aead == EVP_CIPH_CBC_MODE
1097 || (cdat->aead == -1
1098 && EVP_CIPHER_get_mode(cdat->cipher) == EVP_CIPH_STREAM_CIPHER)
1099 || ((EVP_CIPHER_get_flags(cdat->cipher) & EVP_CIPH_FLAG_CTS) != 0)
1100 || EVP_CIPHER_get_mode(cdat->cipher) == EVP_CIPH_SIV_MODE
1101 || EVP_CIPHER_get_mode(cdat->cipher) == EVP_CIPH_XTS_MODE
1102 || EVP_CIPHER_get_mode(cdat->cipher) == EVP_CIPH_WRAP_MODE)
1103 break;
1104 out_misalign = 0;
1105 frag++;
1106 } else {
1107 out_misalign++;
1108 }
1109 }
1110 t->aux_err = NULL;
1111
1112 return 1;
1113 }
1114
1115 static const EVP_TEST_METHOD cipher_test_method = {
1116 "Cipher",
1117 cipher_test_init,
1118 cipher_test_cleanup,
1119 cipher_test_parse,
1120 cipher_test_run
1121 };
1122
1123
1124 /**
1125 ** MAC TESTS
1126 **/
1127
1128 typedef struct mac_data_st {
1129 /* MAC type in one form or another */
1130 char *mac_name;
1131 EVP_MAC *mac; /* for mac_test_run_mac */
1132 int type; /* for mac_test_run_pkey */
1133 /* Algorithm string for this MAC */
1134 char *alg;
1135 /* MAC key */
1136 unsigned char *key;
1137 size_t key_len;
1138 /* MAC IV (GMAC) */
1139 unsigned char *iv;
1140 size_t iv_len;
1141 /* Input to MAC */
1142 unsigned char *input;
1143 size_t input_len;
1144 /* Expected output */
1145 unsigned char *output;
1146 size_t output_len;
1147 unsigned char *custom;
1148 size_t custom_len;
1149 /* MAC salt (blake2) */
1150 unsigned char *salt;
1151 size_t salt_len;
1152 /* XOF mode? */
1153 int xof;
1154 /* Collection of controls */
1155 STACK_OF(OPENSSL_STRING) *controls;
1156 /* Output size */
1157 int output_size;
1158 /* Block size */
1159 int block_size;
1160 } MAC_DATA;
1161
1162 static int mac_test_init(EVP_TEST *t, const char *alg)
1163 {
1164 EVP_MAC *mac = NULL;
1165 int type = NID_undef;
1166 MAC_DATA *mdat;
1167
1168 if (is_mac_disabled(alg)) {
1169 TEST_info("skipping, '%s' is disabled", alg);
1170 t->skip = 1;
1171 return 1;
1172 }
1173 if ((mac = EVP_MAC_fetch(libctx, alg, NULL)) == NULL) {
1174 /*
1175 * Since we didn't find an EVP_MAC, we check for known EVP_PKEY methods
1176 * For debugging purposes, we allow 'NNNN by EVP_PKEY' to force running
1177 * the EVP_PKEY method.
1178 */
1179 size_t sz = strlen(alg);
1180 static const char epilogue[] = " by EVP_PKEY";
1181
1182 if (sz >= sizeof(epilogue)
1183 && strcmp(alg + sz - (sizeof(epilogue) - 1), epilogue) == 0)
1184 sz -= sizeof(epilogue) - 1;
1185
1186 if (strncmp(alg, "HMAC", sz) == 0)
1187 type = EVP_PKEY_HMAC;
1188 else if (strncmp(alg, "CMAC", sz) == 0)
1189 type = EVP_PKEY_CMAC;
1190 else if (strncmp(alg, "Poly1305", sz) == 0)
1191 type = EVP_PKEY_POLY1305;
1192 else if (strncmp(alg, "SipHash", sz) == 0)
1193 type = EVP_PKEY_SIPHASH;
1194 else
1195 return 0;
1196 }
1197
1198 mdat = OPENSSL_zalloc(sizeof(*mdat));
1199 mdat->type = type;
1200 mdat->mac_name = OPENSSL_strdup(alg);
1201 mdat->mac = mac;
1202 mdat->controls = sk_OPENSSL_STRING_new_null();
1203 mdat->output_size = mdat->block_size = -1;
1204 t->data = mdat;
1205 return 1;
1206 }
1207
1208 /* Because OPENSSL_free is a macro, it can't be passed as a function pointer */
1209 static void openssl_free(char *m)
1210 {
1211 OPENSSL_free(m);
1212 }
1213
1214 static void mac_test_cleanup(EVP_TEST *t)
1215 {
1216 MAC_DATA *mdat = t->data;
1217
1218 EVP_MAC_free(mdat->mac);
1219 OPENSSL_free(mdat->mac_name);
1220 sk_OPENSSL_STRING_pop_free(mdat->controls, openssl_free);
1221 OPENSSL_free(mdat->alg);
1222 OPENSSL_free(mdat->key);
1223 OPENSSL_free(mdat->iv);
1224 OPENSSL_free(mdat->custom);
1225 OPENSSL_free(mdat->salt);
1226 OPENSSL_free(mdat->input);
1227 OPENSSL_free(mdat->output);
1228 }
1229
1230 static int mac_test_parse(EVP_TEST *t,
1231 const char *keyword, const char *value)
1232 {
1233 MAC_DATA *mdata = t->data;
1234
1235 if (strcmp(keyword, "Key") == 0)
1236 return parse_bin(value, &mdata->key, &mdata->key_len);
1237 if (strcmp(keyword, "IV") == 0)
1238 return parse_bin(value, &mdata->iv, &mdata->iv_len);
1239 if (strcmp(keyword, "Custom") == 0)
1240 return parse_bin(value, &mdata->custom, &mdata->custom_len);
1241 if (strcmp(keyword, "Salt") == 0)
1242 return parse_bin(value, &mdata->salt, &mdata->salt_len);
1243 if (strcmp(keyword, "Algorithm") == 0) {
1244 mdata->alg = OPENSSL_strdup(value);
1245 if (!mdata->alg)
1246 return -1;
1247 return 1;
1248 }
1249 if (strcmp(keyword, "Input") == 0)
1250 return parse_bin(value, &mdata->input, &mdata->input_len);
1251 if (strcmp(keyword, "Output") == 0)
1252 return parse_bin(value, &mdata->output, &mdata->output_len);
1253 if (strcmp(keyword, "XOF") == 0)
1254 return mdata->xof = 1;
1255 if (strcmp(keyword, "Ctrl") == 0)
1256 return sk_OPENSSL_STRING_push(mdata->controls,
1257 OPENSSL_strdup(value)) != 0;
1258 if (strcmp(keyword, "OutputSize") == 0) {
1259 mdata->output_size = atoi(value);
1260 if (mdata->output_size < 0)
1261 return -1;
1262 return 1;
1263 }
1264 if (strcmp(keyword, "BlockSize") == 0) {
1265 mdata->block_size = atoi(value);
1266 if (mdata->block_size < 0)
1267 return -1;
1268 return 1;
1269 }
1270 return 0;
1271 }
1272
1273 static int mac_test_ctrl_pkey(EVP_TEST *t, EVP_PKEY_CTX *pctx,
1274 const char *value)
1275 {
1276 int rv = 0;
1277 char *p, *tmpval;
1278
1279 if (!TEST_ptr(tmpval = OPENSSL_strdup(value)))
1280 return 0;
1281 p = strchr(tmpval, ':');
1282 if (p != NULL) {
1283 *p++ = '\0';
1284 rv = EVP_PKEY_CTX_ctrl_str(pctx, tmpval, p);
1285 }
1286 if (rv == -2)
1287 t->err = "PKEY_CTRL_INVALID";
1288 else if (rv <= 0)
1289 t->err = "PKEY_CTRL_ERROR";
1290 else
1291 rv = 1;
1292 OPENSSL_free(tmpval);
1293 return rv > 0;
1294 }
1295
1296 static int mac_test_run_pkey(EVP_TEST *t)
1297 {
1298 MAC_DATA *expected = t->data;
1299 EVP_MD_CTX *mctx = NULL;
1300 EVP_PKEY_CTX *pctx = NULL, *genctx = NULL;
1301 EVP_PKEY *key = NULL;
1302 const char *mdname = NULL;
1303 EVP_CIPHER *cipher = NULL;
1304 unsigned char *got = NULL;
1305 size_t got_len;
1306 int i;
1307
1308 /* We don't do XOF mode via PKEY */
1309 if (expected->xof)
1310 return 1;
1311
1312 if (expected->alg == NULL)
1313 TEST_info("Trying the EVP_PKEY %s test", OBJ_nid2sn(expected->type));
1314 else
1315 TEST_info("Trying the EVP_PKEY %s test with %s",
1316 OBJ_nid2sn(expected->type), expected->alg);
1317
1318 if (expected->type == EVP_PKEY_CMAC) {
1319 #ifdef OPENSSL_NO_DEPRECATED_3_0
1320 TEST_info("skipping, PKEY CMAC '%s' is disabled", expected->alg);
1321 t->skip = 1;
1322 t->err = NULL;
1323 goto err;
1324 #else
1325 OSSL_LIB_CTX *tmpctx;
1326
1327 if (expected->alg != NULL && is_cipher_disabled(expected->alg)) {
1328 TEST_info("skipping, PKEY CMAC '%s' is disabled", expected->alg);
1329 t->skip = 1;
1330 t->err = NULL;
1331 goto err;
1332 }
1333 if (!TEST_ptr(cipher = EVP_CIPHER_fetch(libctx, expected->alg, NULL))) {
1334 t->err = "MAC_KEY_CREATE_ERROR";
1335 goto err;
1336 }
1337 tmpctx = OSSL_LIB_CTX_set0_default(libctx);
1338 key = EVP_PKEY_new_CMAC_key(NULL, expected->key, expected->key_len,
1339 cipher);
1340 OSSL_LIB_CTX_set0_default(tmpctx);
1341 #endif
1342 } else {
1343 key = EVP_PKEY_new_raw_private_key_ex(libctx,
1344 OBJ_nid2sn(expected->type), NULL,
1345 expected->key, expected->key_len);
1346 }
1347 if (key == NULL) {
1348 t->err = "MAC_KEY_CREATE_ERROR";
1349 goto err;
1350 }
1351
1352 if (expected->type == EVP_PKEY_HMAC && expected->alg != NULL) {
1353 if (is_digest_disabled(expected->alg)) {
1354 TEST_info("skipping, HMAC '%s' is disabled", expected->alg);
1355 t->skip = 1;
1356 t->err = NULL;
1357 goto err;
1358 }
1359 mdname = expected->alg;
1360 }
1361 if (!TEST_ptr(mctx = EVP_MD_CTX_new())) {
1362 t->err = "INTERNAL_ERROR";
1363 goto err;
1364 }
1365 if (!EVP_DigestSignInit_ex(mctx, &pctx, mdname, libctx, NULL, key, NULL)) {
1366 t->err = "DIGESTSIGNINIT_ERROR";
1367 goto err;
1368 }
1369 for (i = 0; i < sk_OPENSSL_STRING_num(expected->controls); i++)
1370 if (!mac_test_ctrl_pkey(t, pctx,
1371 sk_OPENSSL_STRING_value(expected->controls,
1372 i))) {
1373 t->err = "EVPPKEYCTXCTRL_ERROR";
1374 goto err;
1375 }
1376 if (!EVP_DigestSignUpdate(mctx, expected->input, expected->input_len)) {
1377 t->err = "DIGESTSIGNUPDATE_ERROR";
1378 goto err;
1379 }
1380 if (!EVP_DigestSignFinal(mctx, NULL, &got_len)) {
1381 t->err = "DIGESTSIGNFINAL_LENGTH_ERROR";
1382 goto err;
1383 }
1384 if (!TEST_ptr(got = OPENSSL_malloc(got_len))) {
1385 t->err = "TEST_FAILURE";
1386 goto err;
1387 }
1388 if (!EVP_DigestSignFinal(mctx, got, &got_len)
1389 || !memory_err_compare(t, "TEST_MAC_ERR",
1390 expected->output, expected->output_len,
1391 got, got_len)) {
1392 t->err = "TEST_MAC_ERR";
1393 goto err;
1394 }
1395 t->err = NULL;
1396 err:
1397 EVP_CIPHER_free(cipher);
1398 EVP_MD_CTX_free(mctx);
1399 OPENSSL_free(got);
1400 EVP_PKEY_CTX_free(genctx);
1401 EVP_PKEY_free(key);
1402 return 1;
1403 }
1404
1405 static int mac_test_run_mac(EVP_TEST *t)
1406 {
1407 MAC_DATA *expected = t->data;
1408 EVP_MAC_CTX *ctx = NULL;
1409 unsigned char *got = NULL;
1410 size_t got_len = 0, size = 0;
1411 int i, block_size = -1, output_size = -1;
1412 OSSL_PARAM params[21], sizes[3], *psizes = sizes;
1413 size_t params_n = 0;
1414 size_t params_n_allocstart = 0;
1415 const OSSL_PARAM *defined_params =
1416 EVP_MAC_settable_ctx_params(expected->mac);
1417 int xof;
1418
1419 if (expected->alg == NULL)
1420 TEST_info("Trying the EVP_MAC %s test", expected->mac_name);
1421 else
1422 TEST_info("Trying the EVP_MAC %s test with %s",
1423 expected->mac_name, expected->alg);
1424
1425 if (expected->alg != NULL) {
1426 /*
1427 * The underlying algorithm may be a cipher or a digest.
1428 * We don't know which it is, but we can ask the MAC what it
1429 * should be and bet on that.
1430 */
1431 if (OSSL_PARAM_locate_const(defined_params,
1432 OSSL_MAC_PARAM_CIPHER) != NULL) {
1433 params[params_n++] =
1434 OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER,
1435 expected->alg, 0);
1436 } else if (OSSL_PARAM_locate_const(defined_params,
1437 OSSL_MAC_PARAM_DIGEST) != NULL) {
1438 params[params_n++] =
1439 OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
1440 expected->alg, 0);
1441 } else {
1442 t->err = "MAC_BAD_PARAMS";
1443 goto err;
1444 }
1445 }
1446 if (expected->custom != NULL)
1447 params[params_n++] =
1448 OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_CUSTOM,
1449 expected->custom,
1450 expected->custom_len);
1451 if (expected->salt != NULL)
1452 params[params_n++] =
1453 OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_SALT,
1454 expected->salt,
1455 expected->salt_len);
1456 if (expected->iv != NULL)
1457 params[params_n++] =
1458 OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_IV,
1459 expected->iv,
1460 expected->iv_len);
1461
1462 /* Unknown controls. They must match parameters that the MAC recognizes */
1463 if (params_n + sk_OPENSSL_STRING_num(expected->controls)
1464 >= OSSL_NELEM(params)) {
1465 t->err = "MAC_TOO_MANY_PARAMETERS";
1466 goto err;
1467 }
1468 params_n_allocstart = params_n;
1469 for (i = 0; i < sk_OPENSSL_STRING_num(expected->controls); i++) {
1470 char *tmpkey, *tmpval;
1471 char *value = sk_OPENSSL_STRING_value(expected->controls, i);
1472
1473 if (!TEST_ptr(tmpkey = OPENSSL_strdup(value))) {
1474 t->err = "MAC_PARAM_ERROR";
1475 goto err;
1476 }
1477 tmpval = strchr(tmpkey, ':');
1478 if (tmpval != NULL)
1479 *tmpval++ = '\0';
1480
1481 if (tmpval == NULL
1482 || !OSSL_PARAM_allocate_from_text(&params[params_n],
1483 defined_params,
1484 tmpkey, tmpval,
1485 strlen(tmpval), NULL)) {
1486 OPENSSL_free(tmpkey);
1487 t->err = "MAC_PARAM_ERROR";
1488 goto err;
1489 }
1490 params_n++;
1491
1492 OPENSSL_free(tmpkey);
1493 }
1494 params[params_n] = OSSL_PARAM_construct_end();
1495
1496 if ((ctx = EVP_MAC_CTX_new(expected->mac)) == NULL) {
1497 t->err = "MAC_CREATE_ERROR";
1498 goto err;
1499 }
1500
1501 if (!EVP_MAC_init(ctx, expected->key, expected->key_len, params)) {
1502 t->err = "MAC_INIT_ERROR";
1503 goto err;
1504 }
1505 if (expected->output_size >= 0)
1506 *psizes++ = OSSL_PARAM_construct_int(OSSL_MAC_PARAM_SIZE,
1507 &output_size);
1508 if (expected->block_size >= 0)
1509 *psizes++ = OSSL_PARAM_construct_int(OSSL_MAC_PARAM_BLOCK_SIZE,
1510 &block_size);
1511 if (psizes != sizes) {
1512 *psizes = OSSL_PARAM_construct_end();
1513 if (!TEST_true(EVP_MAC_CTX_get_params(ctx, sizes))) {
1514 t->err = "INTERNAL_ERROR";
1515 goto err;
1516 }
1517 if (expected->output_size >= 0
1518 && !TEST_int_eq(output_size, expected->output_size)) {
1519 t->err = "TEST_FAILURE";
1520 goto err;
1521 }
1522 if (expected->block_size >= 0
1523 && !TEST_int_eq(block_size, expected->block_size)) {
1524 t->err = "TEST_FAILURE";
1525 goto err;
1526 }
1527 }
1528 if (!EVP_MAC_update(ctx, expected->input, expected->input_len)) {
1529 t->err = "MAC_UPDATE_ERROR";
1530 goto err;
1531 }
1532 xof = expected->xof;
1533 if (xof) {
1534 if (!TEST_ptr(got = OPENSSL_malloc(expected->output_len))) {
1535 t->err = "TEST_FAILURE";
1536 goto err;
1537 }
1538 if (!EVP_MAC_finalXOF(ctx, got, expected->output_len)
1539 || !memory_err_compare(t, "TEST_MAC_ERR",
1540 expected->output, expected->output_len,
1541 got, expected->output_len)) {
1542 t->err = "MAC_FINAL_ERROR";
1543 goto err;
1544 }
1545 } else {
1546 if (!EVP_MAC_final(ctx, NULL, &got_len, 0)) {
1547 t->err = "MAC_FINAL_LENGTH_ERROR";
1548 goto err;
1549 }
1550 if (!TEST_ptr(got = OPENSSL_malloc(got_len))) {
1551 t->err = "TEST_FAILURE";
1552 goto err;
1553 }
1554 if (!EVP_MAC_final(ctx, got, &got_len, got_len)
1555 || !memory_err_compare(t, "TEST_MAC_ERR",
1556 expected->output, expected->output_len,
1557 got, got_len)) {
1558 t->err = "TEST_MAC_ERR";
1559 goto err;
1560 }
1561 }
1562 t->err = NULL;
1563
1564 /* Test the EVP_Q_mac interface as well */
1565 if (!xof) {
1566 OPENSSL_cleanse(got, got_len);
1567 if (!TEST_true(EVP_Q_mac(libctx, expected->mac_name, NULL,
1568 expected->alg, params,
1569 expected->key, expected->key_len,
1570 expected->input, expected->input_len,
1571 got, got_len, &size))
1572 || !TEST_mem_eq(got, size,
1573 expected->output, expected->output_len)) {
1574 t->err = "EVP_Q_mac failed";
1575 goto err;
1576 }
1577 }
1578 err:
1579 while (params_n-- > params_n_allocstart) {
1580 OPENSSL_free(params[params_n].data);
1581 }
1582 EVP_MAC_CTX_free(ctx);
1583 OPENSSL_free(got);
1584 return 1;
1585 }
1586
1587 static int mac_test_run(EVP_TEST *t)
1588 {
1589 MAC_DATA *expected = t->data;
1590
1591 if (expected->mac != NULL)
1592 return mac_test_run_mac(t);
1593 return mac_test_run_pkey(t);
1594 }
1595
1596 static const EVP_TEST_METHOD mac_test_method = {
1597 "MAC",
1598 mac_test_init,
1599 mac_test_cleanup,
1600 mac_test_parse,
1601 mac_test_run
1602 };
1603
1604
1605 /**
1606 ** PUBLIC KEY TESTS
1607 ** These are all very similar and share much common code.
1608 **/
1609
1610 typedef struct pkey_data_st {
1611 /* Context for this operation */
1612 EVP_PKEY_CTX *ctx;
1613 /* Key operation to perform */
1614 int (*keyop) (EVP_PKEY_CTX *ctx,
1615 unsigned char *sig, size_t *siglen,
1616 const unsigned char *tbs, size_t tbslen);
1617 /* Input to MAC */
1618 unsigned char *input;
1619 size_t input_len;
1620 /* Expected output */
1621 unsigned char *output;
1622 size_t output_len;
1623 } PKEY_DATA;
1624
1625 /*
1626 * Perform public key operation setup: lookup key, allocated ctx and call
1627 * the appropriate initialisation function
1628 */
1629 static int pkey_test_init(EVP_TEST *t, const char *name,
1630 int use_public,
1631 int (*keyopinit) (EVP_PKEY_CTX *ctx),
1632 int (*keyop)(EVP_PKEY_CTX *ctx,
1633 unsigned char *sig, size_t *siglen,
1634 const unsigned char *tbs,
1635 size_t tbslen))
1636 {
1637 PKEY_DATA *kdata;
1638 EVP_PKEY *pkey = NULL;
1639 int rv = 0;
1640
1641 if (use_public)
1642 rv = find_key(&pkey, name, public_keys);
1643 if (rv == 0)
1644 rv = find_key(&pkey, name, private_keys);
1645 if (rv == 0 || pkey == NULL) {
1646 TEST_info("skipping, key '%s' is disabled", name);
1647 t->skip = 1;
1648 return 1;
1649 }
1650
1651 if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata)))) {
1652 EVP_PKEY_free(pkey);
1653 return 0;
1654 }
1655 kdata->keyop = keyop;
1656 if (!TEST_ptr(kdata->ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, NULL))) {
1657 EVP_PKEY_free(pkey);
1658 OPENSSL_free(kdata);
1659 return 0;
1660 }
1661 if (keyopinit(kdata->ctx) <= 0)
1662 t->err = "KEYOP_INIT_ERROR";
1663 t->data = kdata;
1664 return 1;
1665 }
1666
1667 static void pkey_test_cleanup(EVP_TEST *t)
1668 {
1669 PKEY_DATA *kdata = t->data;
1670
1671 OPENSSL_free(kdata->input);
1672 OPENSSL_free(kdata->output);
1673 EVP_PKEY_CTX_free(kdata->ctx);
1674 }
1675
1676 static int pkey_test_ctrl(EVP_TEST *t, EVP_PKEY_CTX *pctx,
1677 const char *value)
1678 {
1679 int rv = 0;
1680 char *p, *tmpval;
1681
1682 if (!TEST_ptr(tmpval = OPENSSL_strdup(value)))
1683 return 0;
1684 p = strchr(tmpval, ':');
1685 if (p != NULL) {
1686 *p++ = '\0';
1687 rv = EVP_PKEY_CTX_ctrl_str(pctx, tmpval, p);
1688 }
1689 if (rv == -2) {
1690 t->err = "PKEY_CTRL_INVALID";
1691 rv = 1;
1692 } else if (p != NULL && rv <= 0) {
1693 if (is_digest_disabled(p) || is_cipher_disabled(p)) {
1694 TEST_info("skipping, '%s' is disabled", p);
1695 t->skip = 1;
1696 rv = 1;
1697 } else {
1698 t->err = "PKEY_CTRL_ERROR";
1699 rv = 1;
1700 }
1701 }
1702 OPENSSL_free(tmpval);
1703 return rv > 0;
1704 }
1705
1706 static int pkey_test_parse(EVP_TEST *t,
1707 const char *keyword, const char *value)
1708 {
1709 PKEY_DATA *kdata = t->data;
1710 if (strcmp(keyword, "Input") == 0)
1711 return parse_bin(value, &kdata->input, &kdata->input_len);
1712 if (strcmp(keyword, "Output") == 0)
1713 return parse_bin(value, &kdata->output, &kdata->output_len);
1714 if (strcmp(keyword, "Ctrl") == 0)
1715 return pkey_test_ctrl(t, kdata->ctx, value);
1716 return 0;
1717 }
1718
1719 static int pkey_test_run(EVP_TEST *t)
1720 {
1721 PKEY_DATA *expected = t->data;
1722 unsigned char *got = NULL;
1723 size_t got_len;
1724 EVP_PKEY_CTX *copy = NULL;
1725
1726 if (expected->keyop(expected->ctx, NULL, &got_len,
1727 expected->input, expected->input_len) <= 0
1728 || !TEST_ptr(got = OPENSSL_malloc(got_len))) {
1729 t->err = "KEYOP_LENGTH_ERROR";
1730 goto err;
1731 }
1732 if (expected->keyop(expected->ctx, got, &got_len,
1733 expected->input, expected->input_len) <= 0) {
1734 t->err = "KEYOP_ERROR";
1735 goto err;
1736 }
1737 if (!memory_err_compare(t, "KEYOP_MISMATCH",
1738 expected->output, expected->output_len,
1739 got, got_len))
1740 goto err;
1741
1742 t->err = NULL;
1743 OPENSSL_free(got);
1744 got = NULL;
1745
1746 /* Repeat the test on a copy. */
1747 if (!TEST_ptr(copy = EVP_PKEY_CTX_dup(expected->ctx))) {
1748 t->err = "INTERNAL_ERROR";
1749 goto err;
1750 }
1751 if (expected->keyop(copy, NULL, &got_len, expected->input,
1752 expected->input_len) <= 0
1753 || !TEST_ptr(got = OPENSSL_malloc(got_len))) {
1754 t->err = "KEYOP_LENGTH_ERROR";
1755 goto err;
1756 }
1757 if (expected->keyop(copy, got, &got_len, expected->input,
1758 expected->input_len) <= 0) {
1759 t->err = "KEYOP_ERROR";
1760 goto err;
1761 }
1762 if (!memory_err_compare(t, "KEYOP_MISMATCH",
1763 expected->output, expected->output_len,
1764 got, got_len))
1765 goto err;
1766
1767 err:
1768 OPENSSL_free(got);
1769 EVP_PKEY_CTX_free(copy);
1770 return 1;
1771 }
1772
1773 static int sign_test_init(EVP_TEST *t, const char *name)
1774 {
1775 return pkey_test_init(t, name, 0, EVP_PKEY_sign_init, EVP_PKEY_sign);
1776 }
1777
1778 static const EVP_TEST_METHOD psign_test_method = {
1779 "Sign",
1780 sign_test_init,
1781 pkey_test_cleanup,
1782 pkey_test_parse,
1783 pkey_test_run
1784 };
1785
1786 static int verify_recover_test_init(EVP_TEST *t, const char *name)
1787 {
1788 return pkey_test_init(t, name, 1, EVP_PKEY_verify_recover_init,
1789 EVP_PKEY_verify_recover);
1790 }
1791
1792 static const EVP_TEST_METHOD pverify_recover_test_method = {
1793 "VerifyRecover",
1794 verify_recover_test_init,
1795 pkey_test_cleanup,
1796 pkey_test_parse,
1797 pkey_test_run
1798 };
1799
1800 static int decrypt_test_init(EVP_TEST *t, const char *name)
1801 {
1802 return pkey_test_init(t, name, 0, EVP_PKEY_decrypt_init,
1803 EVP_PKEY_decrypt);
1804 }
1805
1806 static const EVP_TEST_METHOD pdecrypt_test_method = {
1807 "Decrypt",
1808 decrypt_test_init,
1809 pkey_test_cleanup,
1810 pkey_test_parse,
1811 pkey_test_run
1812 };
1813
1814 static int verify_test_init(EVP_TEST *t, const char *name)
1815 {
1816 return pkey_test_init(t, name, 1, EVP_PKEY_verify_init, 0);
1817 }
1818
1819 static int verify_test_run(EVP_TEST *t)
1820 {
1821 PKEY_DATA *kdata = t->data;
1822
1823 if (EVP_PKEY_verify(kdata->ctx, kdata->output, kdata->output_len,
1824 kdata->input, kdata->input_len) <= 0)
1825 t->err = "VERIFY_ERROR";
1826 return 1;
1827 }
1828
1829 static const EVP_TEST_METHOD pverify_test_method = {
1830 "Verify",
1831 verify_test_init,
1832 pkey_test_cleanup,
1833 pkey_test_parse,
1834 verify_test_run
1835 };
1836
1837 static int pderive_test_init(EVP_TEST *t, const char *name)
1838 {
1839 return pkey_test_init(t, name, 0, EVP_PKEY_derive_init, 0);
1840 }
1841
1842 static int pderive_test_parse(EVP_TEST *t,
1843 const char *keyword, const char *value)
1844 {
1845 PKEY_DATA *kdata = t->data;
1846 int validate = 0;
1847
1848 if (strcmp(keyword, "PeerKeyValidate") == 0)
1849 validate = 1;
1850
1851 if (validate || strcmp(keyword, "PeerKey") == 0) {
1852 EVP_PKEY *peer;
1853 if (find_key(&peer, value, public_keys) == 0)
1854 return -1;
1855 if (EVP_PKEY_derive_set_peer_ex(kdata->ctx, peer, validate) <= 0) {
1856 t->err = "DERIVE_SET_PEER_ERROR";
1857 return 1;
1858 }
1859 t->err = NULL;
1860 return 1;
1861 }
1862 if (strcmp(keyword, "SharedSecret") == 0)
1863 return parse_bin(value, &kdata->output, &kdata->output_len);
1864 if (strcmp(keyword, "Ctrl") == 0)
1865 return pkey_test_ctrl(t, kdata->ctx, value);
1866 return 0;
1867 }
1868
1869 static int pderive_test_run(EVP_TEST *t)
1870 {
1871 EVP_PKEY_CTX *dctx = NULL;
1872 PKEY_DATA *expected = t->data;
1873 unsigned char *got = NULL;
1874 size_t got_len;
1875
1876 if (!TEST_ptr(dctx = EVP_PKEY_CTX_dup(expected->ctx))) {
1877 t->err = "DERIVE_ERROR";
1878 goto err;
1879 }
1880
1881 if (EVP_PKEY_derive(dctx, NULL, &got_len) <= 0) {
1882 t->err = "DERIVE_ERROR";
1883 goto err;
1884 }
1885 if (!TEST_ptr(got = OPENSSL_malloc(got_len))) {
1886 t->err = "DERIVE_ERROR";
1887 goto err;
1888 }
1889 if (EVP_PKEY_derive(dctx, got, &got_len) <= 0) {
1890 t->err = "DERIVE_ERROR";
1891 goto err;
1892 }
1893 if (!memory_err_compare(t, "SHARED_SECRET_MISMATCH",
1894 expected->output, expected->output_len,
1895 got, got_len))
1896 goto err;
1897
1898 t->err = NULL;
1899 err:
1900 OPENSSL_free(got);
1901 EVP_PKEY_CTX_free(dctx);
1902 return 1;
1903 }
1904
1905 static const EVP_TEST_METHOD pderive_test_method = {
1906 "Derive",
1907 pderive_test_init,
1908 pkey_test_cleanup,
1909 pderive_test_parse,
1910 pderive_test_run
1911 };
1912
1913
1914 /**
1915 ** PBE TESTS
1916 **/
1917
1918 typedef enum pbe_type_enum {
1919 PBE_TYPE_INVALID = 0,
1920 PBE_TYPE_SCRYPT, PBE_TYPE_PBKDF2, PBE_TYPE_PKCS12
1921 } PBE_TYPE;
1922
1923 typedef struct pbe_data_st {
1924 PBE_TYPE pbe_type;
1925 /* scrypt parameters */
1926 uint64_t N, r, p, maxmem;
1927 /* PKCS#12 parameters */
1928 int id, iter;
1929 const EVP_MD *md;
1930 /* password */
1931 unsigned char *pass;
1932 size_t pass_len;
1933 /* salt */
1934 unsigned char *salt;
1935 size_t salt_len;
1936 /* Expected output */
1937 unsigned char *key;
1938 size_t key_len;
1939 } PBE_DATA;
1940
1941 #ifndef OPENSSL_NO_SCRYPT
1942 /* Parse unsigned decimal 64 bit integer value */
1943 static int parse_uint64(const char *value, uint64_t *pr)
1944 {
1945 const char *p = value;
1946
1947 if (!TEST_true(*p)) {
1948 TEST_info("Invalid empty integer value");
1949 return -1;
1950 }
1951 for (*pr = 0; *p; ) {
1952 if (*pr > UINT64_MAX / 10) {
1953 TEST_error("Integer overflow in string %s", value);
1954 return -1;
1955 }
1956 *pr *= 10;
1957 if (!TEST_true(isdigit((unsigned char)*p))) {
1958 TEST_error("Invalid character in string %s", value);
1959 return -1;
1960 }
1961 *pr += *p - '0';
1962 p++;
1963 }
1964 return 1;
1965 }
1966
1967 static int scrypt_test_parse(EVP_TEST *t,
1968 const char *keyword, const char *value)
1969 {
1970 PBE_DATA *pdata = t->data;
1971
1972 if (strcmp(keyword, "N") == 0)
1973 return parse_uint64(value, &pdata->N);
1974 if (strcmp(keyword, "p") == 0)
1975 return parse_uint64(value, &pdata->p);
1976 if (strcmp(keyword, "r") == 0)
1977 return parse_uint64(value, &pdata->r);
1978 if (strcmp(keyword, "maxmem") == 0)
1979 return parse_uint64(value, &pdata->maxmem);
1980 return 0;
1981 }
1982 #endif
1983
1984 static int pbkdf2_test_parse(EVP_TEST *t,
1985 const char *keyword, const char *value)
1986 {
1987 PBE_DATA *pdata = t->data;
1988
1989 if (strcmp(keyword, "iter") == 0) {
1990 pdata->iter = atoi(value);
1991 if (pdata->iter <= 0)
1992 return -1;
1993 return 1;
1994 }
1995 if (strcmp(keyword, "MD") == 0) {
1996 pdata->md = EVP_get_digestbyname(value);
1997 if (pdata->md == NULL)
1998 return -1;
1999 return 1;
2000 }
2001 return 0;
2002 }
2003
2004 static int pkcs12_test_parse(EVP_TEST *t,
2005 const char *keyword, const char *value)
2006 {
2007 PBE_DATA *pdata = t->data;
2008
2009 if (strcmp(keyword, "id") == 0) {
2010 pdata->id = atoi(value);
2011 if (pdata->id <= 0)
2012 return -1;
2013 return 1;
2014 }
2015 return pbkdf2_test_parse(t, keyword, value);
2016 }
2017
2018 static int pbe_test_init(EVP_TEST *t, const char *alg)
2019 {
2020 PBE_DATA *pdat;
2021 PBE_TYPE pbe_type = PBE_TYPE_INVALID;
2022
2023 if (is_kdf_disabled(alg)) {
2024 TEST_info("skipping, '%s' is disabled", alg);
2025 t->skip = 1;
2026 return 1;
2027 }
2028 if (strcmp(alg, "scrypt") == 0) {
2029 pbe_type = PBE_TYPE_SCRYPT;
2030 } else if (strcmp(alg, "pbkdf2") == 0) {
2031 pbe_type = PBE_TYPE_PBKDF2;
2032 } else if (strcmp(alg, "pkcs12") == 0) {
2033 pbe_type = PBE_TYPE_PKCS12;
2034 } else {
2035 TEST_error("Unknown pbe algorithm %s", alg);
2036 return 0;
2037 }
2038 if (!TEST_ptr(pdat = OPENSSL_zalloc(sizeof(*pdat))))
2039 return 0;
2040 pdat->pbe_type = pbe_type;
2041 t->data = pdat;
2042 return 1;
2043 }
2044
2045 static void pbe_test_cleanup(EVP_TEST *t)
2046 {
2047 PBE_DATA *pdat = t->data;
2048
2049 OPENSSL_free(pdat->pass);
2050 OPENSSL_free(pdat->salt);
2051 OPENSSL_free(pdat->key);
2052 }
2053
2054 static int pbe_test_parse(EVP_TEST *t,
2055 const char *keyword, const char *value)
2056 {
2057 PBE_DATA *pdata = t->data;
2058
2059 if (strcmp(keyword, "Password") == 0)
2060 return parse_bin(value, &pdata->pass, &pdata->pass_len);
2061 if (strcmp(keyword, "Salt") == 0)
2062 return parse_bin(value, &pdata->salt, &pdata->salt_len);
2063 if (strcmp(keyword, "Key") == 0)
2064 return parse_bin(value, &pdata->key, &pdata->key_len);
2065 if (pdata->pbe_type == PBE_TYPE_PBKDF2)
2066 return pbkdf2_test_parse(t, keyword, value);
2067 else if (pdata->pbe_type == PBE_TYPE_PKCS12)
2068 return pkcs12_test_parse(t, keyword, value);
2069 #ifndef OPENSSL_NO_SCRYPT
2070 else if (pdata->pbe_type == PBE_TYPE_SCRYPT)
2071 return scrypt_test_parse(t, keyword, value);
2072 #endif
2073 return 0;
2074 }
2075
2076 static int pbe_test_run(EVP_TEST *t)
2077 {
2078 PBE_DATA *expected = t->data;
2079 unsigned char *key;
2080 EVP_MD *fetched_digest = NULL;
2081 OSSL_LIB_CTX *save_libctx;
2082
2083 save_libctx = OSSL_LIB_CTX_set0_default(libctx);
2084
2085 if (!TEST_ptr(key = OPENSSL_malloc(expected->key_len))) {
2086 t->err = "INTERNAL_ERROR";
2087 goto err;
2088 }
2089 if (expected->pbe_type == PBE_TYPE_PBKDF2) {
2090 if (PKCS5_PBKDF2_HMAC((char *)expected->pass, expected->pass_len,
2091 expected->salt, expected->salt_len,
2092 expected->iter, expected->md,
2093 expected->key_len, key) == 0) {
2094 t->err = "PBKDF2_ERROR";
2095 goto err;
2096 }
2097 #ifndef OPENSSL_NO_SCRYPT
2098 } else if (expected->pbe_type == PBE_TYPE_SCRYPT) {
2099 if (EVP_PBE_scrypt((const char *)expected->pass, expected->pass_len,
2100 expected->salt, expected->salt_len,
2101 expected->N, expected->r, expected->p,
2102 expected->maxmem, key, expected->key_len) == 0) {
2103 t->err = "SCRYPT_ERROR";
2104 goto err;
2105 }
2106 #endif
2107 } else if (expected->pbe_type == PBE_TYPE_PKCS12) {
2108 fetched_digest = EVP_MD_fetch(libctx, EVP_MD_get0_name(expected->md),
2109 NULL);
2110 if (fetched_digest == NULL) {
2111 t->err = "PKCS12_ERROR";
2112 goto err;
2113 }
2114 if (PKCS12_key_gen_uni(expected->pass, expected->pass_len,
2115 expected->salt, expected->salt_len,
2116 expected->id, expected->iter, expected->key_len,
2117 key, fetched_digest) == 0) {
2118 t->err = "PKCS12_ERROR";
2119 goto err;
2120 }
2121 }
2122 if (!memory_err_compare(t, "KEY_MISMATCH", expected->key, expected->key_len,
2123 key, expected->key_len))
2124 goto err;
2125
2126 t->err = NULL;
2127 err:
2128 EVP_MD_free(fetched_digest);
2129 OPENSSL_free(key);
2130 OSSL_LIB_CTX_set0_default(save_libctx);
2131 return 1;
2132 }
2133
2134 static const EVP_TEST_METHOD pbe_test_method = {
2135 "PBE",
2136 pbe_test_init,
2137 pbe_test_cleanup,
2138 pbe_test_parse,
2139 pbe_test_run
2140 };
2141
2142
2143 /**
2144 ** BASE64 TESTS
2145 **/
2146
2147 typedef enum {
2148 BASE64_CANONICAL_ENCODING = 0,
2149 BASE64_VALID_ENCODING = 1,
2150 BASE64_INVALID_ENCODING = 2
2151 } base64_encoding_type;
2152
2153 typedef struct encode_data_st {
2154 /* Input to encoding */
2155 unsigned char *input;
2156 size_t input_len;
2157 /* Expected output */
2158 unsigned char *output;
2159 size_t output_len;
2160 base64_encoding_type encoding;
2161 } ENCODE_DATA;
2162
2163 static int encode_test_init(EVP_TEST *t, const char *encoding)
2164 {
2165 ENCODE_DATA *edata;
2166
2167 if (!TEST_ptr(edata = OPENSSL_zalloc(sizeof(*edata))))
2168 return 0;
2169 if (strcmp(encoding, "canonical") == 0) {
2170 edata->encoding = BASE64_CANONICAL_ENCODING;
2171 } else if (strcmp(encoding, "valid") == 0) {
2172 edata->encoding = BASE64_VALID_ENCODING;
2173 } else if (strcmp(encoding, "invalid") == 0) {
2174 edata->encoding = BASE64_INVALID_ENCODING;
2175 if (!TEST_ptr(t->expected_err = OPENSSL_strdup("DECODE_ERROR")))
2176 goto err;
2177 } else {
2178 TEST_error("Bad encoding: %s."
2179 " Should be one of {canonical, valid, invalid}",
2180 encoding);
2181 goto err;
2182 }
2183 t->data = edata;
2184 return 1;
2185 err:
2186 OPENSSL_free(edata);
2187 return 0;
2188 }
2189
2190 static void encode_test_cleanup(EVP_TEST *t)
2191 {
2192 ENCODE_DATA *edata = t->data;
2193
2194 OPENSSL_free(edata->input);
2195 OPENSSL_free(edata->output);
2196 memset(edata, 0, sizeof(*edata));
2197 }
2198
2199 static int encode_test_parse(EVP_TEST *t,
2200 const char *keyword, const char *value)
2201 {
2202 ENCODE_DATA *edata = t->data;
2203
2204 if (strcmp(keyword, "Input") == 0)
2205 return parse_bin(value, &edata->input, &edata->input_len);
2206 if (strcmp(keyword, "Output") == 0)
2207 return parse_bin(value, &edata->output, &edata->output_len);
2208 return 0;
2209 }
2210
2211 static int encode_test_run(EVP_TEST *t)
2212 {
2213 ENCODE_DATA *expected = t->data;
2214 unsigned char *encode_out = NULL, *decode_out = NULL;
2215 int output_len, chunk_len;
2216 EVP_ENCODE_CTX *decode_ctx = NULL, *encode_ctx = NULL;
2217
2218 if (!TEST_ptr(decode_ctx = EVP_ENCODE_CTX_new())) {
2219 t->err = "INTERNAL_ERROR";
2220 goto err;
2221 }
2222
2223 if (expected->encoding == BASE64_CANONICAL_ENCODING) {
2224
2225 if (!TEST_ptr(encode_ctx = EVP_ENCODE_CTX_new())
2226 || !TEST_ptr(encode_out =
2227 OPENSSL_malloc(EVP_ENCODE_LENGTH(expected->input_len))))
2228 goto err;
2229
2230 EVP_EncodeInit(encode_ctx);
2231 if (!TEST_true(EVP_EncodeUpdate(encode_ctx, encode_out, &chunk_len,
2232 expected->input, expected->input_len)))
2233 goto err;
2234
2235 output_len = chunk_len;
2236
2237 EVP_EncodeFinal(encode_ctx, encode_out + chunk_len, &chunk_len);
2238 output_len += chunk_len;
2239
2240 if (!memory_err_compare(t, "BAD_ENCODING",
2241 expected->output, expected->output_len,
2242 encode_out, output_len))
2243 goto err;
2244 }
2245
2246 if (!TEST_ptr(decode_out =
2247 OPENSSL_malloc(EVP_DECODE_LENGTH(expected->output_len))))
2248 goto err;
2249
2250 EVP_DecodeInit(decode_ctx);
2251 if (EVP_DecodeUpdate(decode_ctx, decode_out, &chunk_len, expected->output,
2252 expected->output_len) < 0) {
2253 t->err = "DECODE_ERROR";
2254 goto err;
2255 }
2256 output_len = chunk_len;
2257
2258 if (EVP_DecodeFinal(decode_ctx, decode_out + chunk_len, &chunk_len) != 1) {
2259 t->err = "DECODE_ERROR";
2260 goto err;
2261 }
2262 output_len += chunk_len;
2263
2264 if (expected->encoding != BASE64_INVALID_ENCODING
2265 && !memory_err_compare(t, "BAD_DECODING",
2266 expected->input, expected->input_len,
2267 decode_out, output_len)) {
2268 t->err = "BAD_DECODING";
2269 goto err;
2270 }
2271
2272 t->err = NULL;
2273 err:
2274 OPENSSL_free(encode_out);
2275 OPENSSL_free(decode_out);
2276 EVP_ENCODE_CTX_free(decode_ctx);
2277 EVP_ENCODE_CTX_free(encode_ctx);
2278 return 1;
2279 }
2280
2281 static const EVP_TEST_METHOD encode_test_method = {
2282 "Encoding",
2283 encode_test_init,
2284 encode_test_cleanup,
2285 encode_test_parse,
2286 encode_test_run,
2287 };
2288
2289
2290 /**
2291 ** RAND TESTS
2292 **/
2293 #define MAX_RAND_REPEATS 15
2294
2295 typedef struct rand_data_pass_st {
2296 unsigned char *entropy;
2297 unsigned char *reseed_entropy;
2298 unsigned char *nonce;
2299 unsigned char *pers;
2300 unsigned char *reseed_addin;
2301 unsigned char *addinA;
2302 unsigned char *addinB;
2303 unsigned char *pr_entropyA;
2304 unsigned char *pr_entropyB;
2305 unsigned char *output;
2306 size_t entropy_len, nonce_len, pers_len, addinA_len, addinB_len,
2307 pr_entropyA_len, pr_entropyB_len, output_len, reseed_entropy_len,
2308 reseed_addin_len;
2309 } RAND_DATA_PASS;
2310
2311 typedef struct rand_data_st {
2312 /* Context for this operation */
2313 EVP_RAND_CTX *ctx;
2314 EVP_RAND_CTX *parent;
2315 int n;
2316 int prediction_resistance;
2317 int use_df;
2318 unsigned int generate_bits;
2319 char *cipher;
2320 char *digest;
2321
2322 /* Expected output */
2323 RAND_DATA_PASS data[MAX_RAND_REPEATS];
2324 } RAND_DATA;
2325
2326 static int rand_test_init(EVP_TEST *t, const char *name)
2327 {
2328 RAND_DATA *rdata;
2329 EVP_RAND *rand;
2330 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
2331 unsigned int strength = 256;
2332
2333 if (!TEST_ptr(rdata = OPENSSL_zalloc(sizeof(*rdata))))
2334 return 0;
2335
2336 /* TEST-RAND is available in the FIPS provider but not with "fips=yes" */
2337 rand = EVP_RAND_fetch(libctx, "TEST-RAND", "-fips");
2338 if (rand == NULL)
2339 goto err;
2340 rdata->parent = EVP_RAND_CTX_new(rand, NULL);
2341 EVP_RAND_free(rand);
2342 if (rdata->parent == NULL)
2343 goto err;
2344
2345 *params = OSSL_PARAM_construct_uint(OSSL_RAND_PARAM_STRENGTH, &strength);
2346 if (!EVP_RAND_CTX_set_params(rdata->parent, params))
2347 goto err;
2348
2349 rand = EVP_RAND_fetch(libctx, name, NULL);
2350 if (rand == NULL)
2351 goto err;
2352 rdata->ctx = EVP_RAND_CTX_new(rand, rdata->parent);
2353 EVP_RAND_free(rand);
2354 if (rdata->ctx == NULL)
2355 goto err;
2356
2357 rdata->n = -1;
2358 t->data = rdata;
2359 return 1;
2360 err:
2361 EVP_RAND_CTX_free(rdata->parent);
2362 OPENSSL_free(rdata);
2363 return 0;
2364 }
2365
2366 static void rand_test_cleanup(EVP_TEST *t)
2367 {
2368 RAND_DATA *rdata = t->data;
2369 int i;
2370
2371 OPENSSL_free(rdata->cipher);
2372 OPENSSL_free(rdata->digest);
2373
2374 for (i = 0; i <= rdata->n; i++) {
2375 OPENSSL_free(rdata->data[i].entropy);
2376 OPENSSL_free(rdata->data[i].reseed_entropy);
2377 OPENSSL_free(rdata->data[i].nonce);
2378 OPENSSL_free(rdata->data[i].pers);
2379 OPENSSL_free(rdata->data[i].reseed_addin);
2380 OPENSSL_free(rdata->data[i].addinA);
2381 OPENSSL_free(rdata->data[i].addinB);
2382 OPENSSL_free(rdata->data[i].pr_entropyA);
2383 OPENSSL_free(rdata->data[i].pr_entropyB);
2384 OPENSSL_free(rdata->data[i].output);
2385 }
2386 EVP_RAND_CTX_free(rdata->ctx);
2387 EVP_RAND_CTX_free(rdata->parent);
2388 }
2389
2390 static int rand_test_parse(EVP_TEST *t,
2391 const char *keyword, const char *value)
2392 {
2393 RAND_DATA *rdata = t->data;
2394 RAND_DATA_PASS *item;
2395 const char *p;
2396 int n;
2397
2398 if ((p = strchr(keyword, '.')) != NULL) {
2399 n = atoi(++p);
2400 if (n >= MAX_RAND_REPEATS)
2401 return 0;
2402 if (n > rdata->n)
2403 rdata->n = n;
2404 item = rdata->data + n;
2405 if (HAS_PREFIX(keyword, "Entropy."))
2406 return parse_bin(value, &item->entropy, &item->entropy_len);
2407 if (HAS_PREFIX(keyword, "ReseedEntropy."))
2408 return parse_bin(value, &item->reseed_entropy,
2409 &item->reseed_entropy_len);
2410 if (HAS_PREFIX(keyword, "Nonce."))
2411 return parse_bin(value, &item->nonce, &item->nonce_len);
2412 if (HAS_PREFIX(keyword, "PersonalisationString."))
2413 return parse_bin(value, &item->pers, &item->pers_len);
2414 if (HAS_PREFIX(keyword, "ReseedAdditionalInput."))
2415 return parse_bin(value, &item->reseed_addin,
2416 &item->reseed_addin_len);
2417 if (HAS_PREFIX(keyword, "AdditionalInputA."))
2418 return parse_bin(value, &item->addinA, &item->addinA_len);
2419 if (HAS_PREFIX(keyword, "AdditionalInputB."))
2420 return parse_bin(value, &item->addinB, &item->addinB_len);
2421 if (HAS_PREFIX(keyword, "EntropyPredictionResistanceA."))
2422 return parse_bin(value, &item->pr_entropyA, &item->pr_entropyA_len);
2423 if (HAS_PREFIX(keyword, "EntropyPredictionResistanceB."))
2424 return parse_bin(value, &item->pr_entropyB, &item->pr_entropyB_len);
2425 if (HAS_PREFIX(keyword, "Output."))
2426 return parse_bin(value, &item->output, &item->output_len);
2427 } else {
2428 if (strcmp(keyword, "Cipher") == 0)
2429 return TEST_ptr(rdata->cipher = OPENSSL_strdup(value));
2430 if (strcmp(keyword, "Digest") == 0)
2431 return TEST_ptr(rdata->digest = OPENSSL_strdup(value));
2432 if (strcmp(keyword, "DerivationFunction") == 0) {
2433 rdata->use_df = atoi(value) != 0;
2434 return 1;
2435 }
2436 if (strcmp(keyword, "GenerateBits") == 0) {
2437 if ((n = atoi(value)) <= 0 || n % 8 != 0)
2438 return 0;
2439 rdata->generate_bits = (unsigned int)n;
2440 return 1;
2441 }
2442 if (strcmp(keyword, "PredictionResistance") == 0) {
2443 rdata->prediction_resistance = atoi(value) != 0;
2444 return 1;
2445 }
2446 }
2447 return 0;
2448 }
2449
2450 static int rand_test_run(EVP_TEST *t)
2451 {
2452 RAND_DATA *expected = t->data;
2453 RAND_DATA_PASS *item;
2454 unsigned char *got;
2455 size_t got_len = expected->generate_bits / 8;
2456 OSSL_PARAM params[5], *p = params;
2457 int i = -1, ret = 0;
2458 unsigned int strength;
2459 unsigned char *z;
2460
2461 if (!TEST_ptr(got = OPENSSL_malloc(got_len)))
2462 return 0;
2463
2464 *p++ = OSSL_PARAM_construct_int(OSSL_DRBG_PARAM_USE_DF, &expected->use_df);
2465 if (expected->cipher != NULL)
2466 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_CIPHER,
2467 expected->cipher, 0);
2468 if (expected->digest != NULL)
2469 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_DIGEST,
2470 expected->digest, 0);
2471 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_MAC, "HMAC", 0);
2472 *p = OSSL_PARAM_construct_end();
2473 if (!TEST_true(EVP_RAND_CTX_set_params(expected->ctx, params)))
2474 goto err;
2475
2476 strength = EVP_RAND_get_strength(expected->ctx);
2477 for (i = 0; i <= expected->n; i++) {
2478 item = expected->data + i;
2479
2480 p = params;
2481 z = item->entropy != NULL ? item->entropy : (unsigned char *)"";
2482 *p++ = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY,
2483 z, item->entropy_len);
2484 z = item->nonce != NULL ? item->nonce : (unsigned char *)"";
2485 *p++ = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_NONCE,
2486 z, item->nonce_len);
2487 *p = OSSL_PARAM_construct_end();
2488 if (!TEST_true(EVP_RAND_instantiate(expected->parent, strength,
2489 0, NULL, 0, params)))
2490 goto err;
2491
2492 z = item->pers != NULL ? item->pers : (unsigned char *)"";
2493 if (!TEST_true(EVP_RAND_instantiate
2494 (expected->ctx, strength,
2495 expected->prediction_resistance, z,
2496 item->pers_len, NULL)))
2497 goto err;
2498
2499 if (item->reseed_entropy != NULL) {
2500 params[0] = OSSL_PARAM_construct_octet_string
2501 (OSSL_RAND_PARAM_TEST_ENTROPY, item->reseed_entropy,
2502 item->reseed_entropy_len);
2503 params[1] = OSSL_PARAM_construct_end();
2504 if (!TEST_true(EVP_RAND_CTX_set_params(expected->parent, params)))
2505 goto err;
2506
2507 if (!TEST_true(EVP_RAND_reseed
2508 (expected->ctx, expected->prediction_resistance,
2509 NULL, 0, item->reseed_addin,
2510 item->reseed_addin_len)))
2511 goto err;
2512 }
2513 if (item->pr_entropyA != NULL) {
2514 params[0] = OSSL_PARAM_construct_octet_string
2515 (OSSL_RAND_PARAM_TEST_ENTROPY, item->pr_entropyA,
2516 item->pr_entropyA_len);
2517 params[1] = OSSL_PARAM_construct_end();
2518 if (!TEST_true(EVP_RAND_CTX_set_params(expected->parent, params)))
2519 goto err;
2520 }
2521 if (!TEST_true(EVP_RAND_generate
2522 (expected->ctx, got, got_len,
2523 strength, expected->prediction_resistance,
2524 item->addinA, item->addinA_len)))
2525 goto err;
2526
2527 if (item->pr_entropyB != NULL) {
2528 params[0] = OSSL_PARAM_construct_octet_string
2529 (OSSL_RAND_PARAM_TEST_ENTROPY, item->pr_entropyB,
2530 item->pr_entropyB_len);
2531 params[1] = OSSL_PARAM_construct_end();
2532 if (!TEST_true(EVP_RAND_CTX_set_params(expected->parent, params)))
2533 goto err;
2534 }
2535 if (!TEST_true(EVP_RAND_generate
2536 (expected->ctx, got, got_len,
2537 strength, expected->prediction_resistance,
2538 item->addinB, item->addinB_len)))
2539 goto err;
2540 if (!TEST_mem_eq(got, got_len, item->output, item->output_len))
2541 goto err;
2542 if (!TEST_true(EVP_RAND_uninstantiate(expected->ctx))
2543 || !TEST_true(EVP_RAND_uninstantiate(expected->parent))
2544 || !TEST_true(EVP_RAND_verify_zeroization(expected->ctx))
2545 || !TEST_int_eq(EVP_RAND_get_state(expected->ctx),
2546 EVP_RAND_STATE_UNINITIALISED))
2547 goto err;
2548 }
2549 t->err = NULL;
2550 ret = 1;
2551
2552 err:
2553 if (ret == 0 && i >= 0)
2554 TEST_info("Error in test case %d of %d\n", i, expected->n + 1);
2555 OPENSSL_free(got);
2556 return ret;
2557 }
2558
2559 static const EVP_TEST_METHOD rand_test_method = {
2560 "RAND",
2561 rand_test_init,
2562 rand_test_cleanup,
2563 rand_test_parse,
2564 rand_test_run
2565 };
2566
2567
2568 /**
2569 ** KDF TESTS
2570 **/
2571 typedef struct kdf_data_st {
2572 /* Context for this operation */
2573 EVP_KDF_CTX *ctx;
2574 /* Expected output */
2575 unsigned char *output;
2576 size_t output_len;
2577 OSSL_PARAM params[20];
2578 OSSL_PARAM *p;
2579 } KDF_DATA;
2580
2581 /*
2582 * Perform public key operation setup: lookup key, allocated ctx and call
2583 * the appropriate initialisation function
2584 */
2585 static int kdf_test_init(EVP_TEST *t, const char *name)
2586 {
2587 KDF_DATA *kdata;
2588 EVP_KDF *kdf;
2589
2590 if (is_kdf_disabled(name)) {
2591 TEST_info("skipping, '%s' is disabled", name);
2592 t->skip = 1;
2593 return 1;
2594 }
2595
2596 if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata))))
2597 return 0;
2598 kdata->p = kdata->params;
2599 *kdata->p = OSSL_PARAM_construct_end();
2600
2601 kdf = EVP_KDF_fetch(libctx, name, NULL);
2602 if (kdf == NULL) {
2603 OPENSSL_free(kdata);
2604 return 0;
2605 }
2606 kdata->ctx = EVP_KDF_CTX_new(kdf);
2607 EVP_KDF_free(kdf);
2608 if (kdata->ctx == NULL) {
2609 OPENSSL_free(kdata);
2610 return 0;
2611 }
2612 t->data = kdata;
2613 return 1;
2614 }
2615
2616 static void kdf_test_cleanup(EVP_TEST *t)
2617 {
2618 KDF_DATA *kdata = t->data;
2619 OSSL_PARAM *p;
2620
2621 for (p = kdata->params; p->key != NULL; p++)
2622 OPENSSL_free(p->data);
2623 OPENSSL_free(kdata->output);
2624 EVP_KDF_CTX_free(kdata->ctx);
2625 }
2626
2627 static int kdf_test_ctrl(EVP_TEST *t, EVP_KDF_CTX *kctx,
2628 const char *value)
2629 {
2630 KDF_DATA *kdata = t->data;
2631 int rv;
2632 char *p, *name;
2633 const OSSL_PARAM *defs = EVP_KDF_settable_ctx_params(EVP_KDF_CTX_kdf(kctx));
2634
2635 if (!TEST_ptr(name = OPENSSL_strdup(value)))
2636 return 0;
2637 p = strchr(name, ':');
2638 if (p != NULL)
2639 *p++ = '\0';
2640
2641 rv = OSSL_PARAM_allocate_from_text(kdata->p, defs, name, p,
2642 p != NULL ? strlen(p) : 0, NULL);
2643 *++kdata->p = OSSL_PARAM_construct_end();
2644 if (!rv) {
2645 t->err = "KDF_PARAM_ERROR";
2646 OPENSSL_free(name);
2647 return 0;
2648 }
2649 if (p != NULL && strcmp(name, "digest") == 0) {
2650 if (is_digest_disabled(p)) {
2651 TEST_info("skipping, '%s' is disabled", p);
2652 t->skip = 1;
2653 }
2654 }
2655 if (p != NULL
2656 && (strcmp(name, "cipher") == 0
2657 || strcmp(name, "cekalg") == 0)
2658 && is_cipher_disabled(p)) {
2659 TEST_info("skipping, '%s' is disabled", p);
2660 t->skip = 1;
2661 }
2662 if (p != NULL
2663 && (strcmp(name, "mac") == 0)
2664 && is_mac_disabled(p)) {
2665 TEST_info("skipping, '%s' is disabled", p);
2666 t->skip = 1;
2667 }
2668 OPENSSL_free(name);
2669 return 1;
2670 }
2671
2672 static int kdf_test_parse(EVP_TEST *t,
2673 const char *keyword, const char *value)
2674 {
2675 KDF_DATA *kdata = t->data;
2676
2677 if (strcmp(keyword, "Output") == 0)
2678 return parse_bin(value, &kdata->output, &kdata->output_len);
2679 if (HAS_PREFIX(keyword, "Ctrl"))
2680 return kdf_test_ctrl(t, kdata->ctx, value);
2681 return 0;
2682 }
2683
2684 static int kdf_test_run(EVP_TEST *t)
2685 {
2686 KDF_DATA *expected = t->data;
2687 unsigned char *got = NULL;
2688 size_t got_len = expected->output_len;
2689
2690 if (!EVP_KDF_CTX_set_params(expected->ctx, expected->params)) {
2691 t->err = "KDF_CTRL_ERROR";
2692 return 1;
2693 }
2694 if (!TEST_ptr(got = OPENSSL_malloc(got_len == 0 ? 1 : got_len))) {
2695 t->err = "INTERNAL_ERROR";
2696 goto err;
2697 }
2698 if (EVP_KDF_derive(expected->ctx, got, got_len, NULL) <= 0) {
2699 t->err = "KDF_DERIVE_ERROR";
2700 goto err;
2701 }
2702 if (!memory_err_compare(t, "KDF_MISMATCH",
2703 expected->output, expected->output_len,
2704 got, got_len))
2705 goto err;
2706
2707 t->err = NULL;
2708
2709 err:
2710 OPENSSL_free(got);
2711 return 1;
2712 }
2713
2714 static const EVP_TEST_METHOD kdf_test_method = {
2715 "KDF",
2716 kdf_test_init,
2717 kdf_test_cleanup,
2718 kdf_test_parse,
2719 kdf_test_run
2720 };
2721
2722 /**
2723 ** PKEY KDF TESTS
2724 **/
2725
2726 typedef struct pkey_kdf_data_st {
2727 /* Context for this operation */
2728 EVP_PKEY_CTX *ctx;
2729 /* Expected output */
2730 unsigned char *output;
2731 size_t output_len;
2732 } PKEY_KDF_DATA;
2733
2734 /*
2735 * Perform public key operation setup: lookup key, allocated ctx and call
2736 * the appropriate initialisation function
2737 */
2738 static int pkey_kdf_test_init(EVP_TEST *t, const char *name)
2739 {
2740 PKEY_KDF_DATA *kdata = NULL;
2741
2742 if (is_kdf_disabled(name)) {
2743 TEST_info("skipping, '%s' is disabled", name);
2744 t->skip = 1;
2745 return 1;
2746 }
2747
2748 if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata))))
2749 return 0;
2750
2751 kdata->ctx = EVP_PKEY_CTX_new_from_name(libctx, name, NULL);
2752 if (kdata->ctx == NULL
2753 || EVP_PKEY_derive_init(kdata->ctx) <= 0)
2754 goto err;
2755
2756 t->data = kdata;
2757 return 1;
2758 err:
2759 EVP_PKEY_CTX_free(kdata->ctx);
2760 OPENSSL_free(kdata);
2761 return 0;
2762 }
2763
2764 static void pkey_kdf_test_cleanup(EVP_TEST *t)
2765 {
2766 PKEY_KDF_DATA *kdata = t->data;
2767
2768 OPENSSL_free(kdata->output);
2769 EVP_PKEY_CTX_free(kdata->ctx);
2770 }
2771
2772 static int pkey_kdf_test_parse(EVP_TEST *t,
2773 const char *keyword, const char *value)
2774 {
2775 PKEY_KDF_DATA *kdata = t->data;
2776
2777 if (strcmp(keyword, "Output") == 0)
2778 return parse_bin(value, &kdata->output, &kdata->output_len);
2779 if (HAS_PREFIX(keyword, "Ctrl"))
2780 return pkey_test_ctrl(t, kdata->ctx, value);
2781 return 0;
2782 }
2783
2784 static int pkey_kdf_test_run(EVP_TEST *t)
2785 {
2786 PKEY_KDF_DATA *expected = t->data;
2787 unsigned char *got = NULL;
2788 size_t got_len = expected->output_len;
2789
2790 if (!TEST_ptr(got = OPENSSL_malloc(got_len == 0 ? 1 : got_len))) {
2791 t->err = "INTERNAL_ERROR";
2792 goto err;
2793 }
2794 if (EVP_PKEY_derive(expected->ctx, got, &got_len) <= 0) {
2795 t->err = "KDF_DERIVE_ERROR";
2796 goto err;
2797 }
2798 if (!TEST_mem_eq(expected->output, expected->output_len, got, got_len)) {
2799 t->err = "KDF_MISMATCH";
2800 goto err;
2801 }
2802 t->err = NULL;
2803
2804 err:
2805 OPENSSL_free(got);
2806 return 1;
2807 }
2808
2809 static const EVP_TEST_METHOD pkey_kdf_test_method = {
2810 "PKEYKDF",
2811 pkey_kdf_test_init,
2812 pkey_kdf_test_cleanup,
2813 pkey_kdf_test_parse,
2814 pkey_kdf_test_run
2815 };
2816
2817 /**
2818 ** KEYPAIR TESTS
2819 **/
2820
2821 typedef struct keypair_test_data_st {
2822 EVP_PKEY *privk;
2823 EVP_PKEY *pubk;
2824 } KEYPAIR_TEST_DATA;
2825
2826 static int keypair_test_init(EVP_TEST *t, const char *pair)
2827 {
2828 KEYPAIR_TEST_DATA *data;
2829 int rv = 0;
2830 EVP_PKEY *pk = NULL, *pubk = NULL;
2831 char *pub, *priv = NULL;
2832
2833 /* Split private and public names. */
2834 if (!TEST_ptr(priv = OPENSSL_strdup(pair))
2835 || !TEST_ptr(pub = strchr(priv, ':'))) {
2836 t->err = "PARSING_ERROR";
2837 goto end;
2838 }
2839 *pub++ = '\0';
2840
2841 if (!TEST_true(find_key(&pk, priv, private_keys))) {
2842 TEST_info("Can't find private key: %s", priv);
2843 t->err = "MISSING_PRIVATE_KEY";
2844 goto end;
2845 }
2846 if (!TEST_true(find_key(&pubk, pub, public_keys))) {
2847 TEST_info("Can't find public key: %s", pub);
2848 t->err = "MISSING_PUBLIC_KEY";
2849 goto end;
2850 }
2851
2852 if (pk == NULL && pubk == NULL) {
2853 /* Both keys are listed but unsupported: skip this test */
2854 t->skip = 1;
2855 rv = 1;
2856 goto end;
2857 }
2858
2859 if (!TEST_ptr(data = OPENSSL_malloc(sizeof(*data))))
2860 goto end;
2861 data->privk = pk;
2862 data->pubk = pubk;
2863 t->data = data;
2864 rv = 1;
2865 t->err = NULL;
2866
2867 end:
2868 OPENSSL_free(priv);
2869 return rv;
2870 }
2871
2872 static void keypair_test_cleanup(EVP_TEST *t)
2873 {
2874 OPENSSL_free(t->data);
2875 t->data = NULL;
2876 }
2877
2878 /*
2879 * For tests that do not accept any custom keywords.
2880 */
2881 static int void_test_parse(EVP_TEST *t, const char *keyword, const char *value)
2882 {
2883 return 0;
2884 }
2885
2886 static int keypair_test_run(EVP_TEST *t)
2887 {
2888 int rv = 0;
2889 const KEYPAIR_TEST_DATA *pair = t->data;
2890
2891 if (pair->privk == NULL || pair->pubk == NULL) {
2892 /*
2893 * this can only happen if only one of the keys is not set
2894 * which means that one of them was unsupported while the
2895 * other isn't: hence a key type mismatch.
2896 */
2897 t->err = "KEYPAIR_TYPE_MISMATCH";
2898 rv = 1;
2899 goto end;
2900 }
2901
2902 if ((rv = EVP_PKEY_eq(pair->privk, pair->pubk)) != 1) {
2903 if (0 == rv) {
2904 t->err = "KEYPAIR_MISMATCH";
2905 } else if (-1 == rv) {
2906 t->err = "KEYPAIR_TYPE_MISMATCH";
2907 } else if (-2 == rv) {
2908 t->err = "UNSUPPORTED_KEY_COMPARISON";
2909 } else {
2910 TEST_error("Unexpected error in key comparison");
2911 rv = 0;
2912 goto end;
2913 }
2914 rv = 1;
2915 goto end;
2916 }
2917
2918 rv = 1;
2919 t->err = NULL;
2920
2921 end:
2922 return rv;
2923 }
2924
2925 static const EVP_TEST_METHOD keypair_test_method = {
2926 "PrivPubKeyPair",
2927 keypair_test_init,
2928 keypair_test_cleanup,
2929 void_test_parse,
2930 keypair_test_run
2931 };
2932
2933 /**
2934 ** KEYGEN TEST
2935 **/
2936
2937 typedef struct keygen_test_data_st {
2938 EVP_PKEY_CTX *genctx; /* Keygen context to use */
2939 char *keyname; /* Key name to store key or NULL */
2940 } KEYGEN_TEST_DATA;
2941
2942 static int keygen_test_init(EVP_TEST *t, const char *alg)
2943 {
2944 KEYGEN_TEST_DATA *data;
2945 EVP_PKEY_CTX *genctx;
2946 int nid = OBJ_sn2nid(alg);
2947
2948 if (nid == NID_undef) {
2949 nid = OBJ_ln2nid(alg);
2950 if (nid == NID_undef)
2951 return 0;
2952 }
2953
2954 if (is_pkey_disabled(alg)) {
2955 t->skip = 1;
2956 return 1;
2957 }
2958 if (!TEST_ptr(genctx = EVP_PKEY_CTX_new_from_name(libctx, alg, NULL)))
2959 goto err;
2960
2961 if (EVP_PKEY_keygen_init(genctx) <= 0) {
2962 t->err = "KEYGEN_INIT_ERROR";
2963 goto err;
2964 }
2965
2966 if (!TEST_ptr(data = OPENSSL_malloc(sizeof(*data))))
2967 goto err;
2968 data->genctx = genctx;
2969 data->keyname = NULL;
2970 t->data = data;
2971 t->err = NULL;
2972 return 1;
2973
2974 err:
2975 EVP_PKEY_CTX_free(genctx);
2976 return 0;
2977 }
2978
2979 static void keygen_test_cleanup(EVP_TEST *t)
2980 {
2981 KEYGEN_TEST_DATA *keygen = t->data;
2982
2983 EVP_PKEY_CTX_free(keygen->genctx);
2984 OPENSSL_free(keygen->keyname);
2985 OPENSSL_free(t->data);
2986 t->data = NULL;
2987 }
2988
2989 static int keygen_test_parse(EVP_TEST *t,
2990 const char *keyword, const char *value)
2991 {
2992 KEYGEN_TEST_DATA *keygen = t->data;
2993
2994 if (strcmp(keyword, "KeyName") == 0)
2995 return TEST_ptr(keygen->keyname = OPENSSL_strdup(value));
2996 if (strcmp(keyword, "Ctrl") == 0)
2997 return pkey_test_ctrl(t, keygen->genctx, value);
2998 return 0;
2999 }
3000
3001 static int keygen_test_run(EVP_TEST *t)
3002 {
3003 KEYGEN_TEST_DATA *keygen = t->data;
3004 EVP_PKEY *pkey = NULL;
3005 int rv = 1;
3006
3007 if (EVP_PKEY_keygen(keygen->genctx, &pkey) <= 0) {
3008 t->err = "KEYGEN_GENERATE_ERROR";
3009 goto err;
3010 }
3011
3012 if (!evp_pkey_is_provided(pkey)) {
3013 TEST_info("Warning: legacy key generated %s", keygen->keyname);
3014 goto err;
3015 }
3016 if (keygen->keyname != NULL) {
3017 KEY_LIST *key;
3018
3019 rv = 0;
3020 if (find_key(NULL, keygen->keyname, private_keys)) {
3021 TEST_info("Duplicate key %s", keygen->keyname);
3022 goto err;
3023 }
3024
3025 if (!TEST_ptr(key = OPENSSL_malloc(sizeof(*key))))
3026 goto err;
3027 key->name = keygen->keyname;
3028 keygen->keyname = NULL;
3029 key->key = pkey;
3030 key->next = private_keys;
3031 private_keys = key;
3032 rv = 1;
3033 } else {
3034 EVP_PKEY_free(pkey);
3035 }
3036
3037 t->err = NULL;
3038
3039 err:
3040 return rv;
3041 }
3042
3043 static const EVP_TEST_METHOD keygen_test_method = {
3044 "KeyGen",
3045 keygen_test_init,
3046 keygen_test_cleanup,
3047 keygen_test_parse,
3048 keygen_test_run,
3049 };
3050
3051 /**
3052 ** DIGEST SIGN+VERIFY TESTS
3053 **/
3054
3055 typedef struct {
3056 int is_verify; /* Set to 1 if verifying */
3057 int is_oneshot; /* Set to 1 for one shot operation */
3058 const EVP_MD *md; /* Digest to use */
3059 EVP_MD_CTX *ctx; /* Digest context */
3060 EVP_PKEY_CTX *pctx;
3061 STACK_OF(EVP_TEST_BUFFER) *input; /* Input data: streaming */
3062 unsigned char *osin; /* Input data if one shot */
3063 size_t osin_len; /* Input length data if one shot */
3064 unsigned char *output; /* Expected output */
3065 size_t output_len; /* Expected output length */
3066 } DIGESTSIGN_DATA;
3067
3068 static int digestsigver_test_init(EVP_TEST *t, const char *alg, int is_verify,
3069 int is_oneshot)
3070 {
3071 const EVP_MD *md = NULL;
3072 DIGESTSIGN_DATA *mdat;
3073
3074 if (strcmp(alg, "NULL") != 0) {
3075 if (is_digest_disabled(alg)) {
3076 t->skip = 1;
3077 return 1;
3078 }
3079 md = EVP_get_digestbyname(alg);
3080 if (md == NULL)
3081 return 0;
3082 }
3083 if (!TEST_ptr(mdat = OPENSSL_zalloc(sizeof(*mdat))))
3084 return 0;
3085 mdat->md = md;
3086 if (!TEST_ptr(mdat->ctx = EVP_MD_CTX_new())) {
3087 OPENSSL_free(mdat);
3088 return 0;
3089 }
3090 mdat->is_verify = is_verify;
3091 mdat->is_oneshot = is_oneshot;
3092 t->data = mdat;
3093 return 1;
3094 }
3095
3096 static int digestsign_test_init(EVP_TEST *t, const char *alg)
3097 {
3098 return digestsigver_test_init(t, alg, 0, 0);
3099 }
3100
3101 static void digestsigver_test_cleanup(EVP_TEST *t)
3102 {
3103 DIGESTSIGN_DATA *mdata = t->data;
3104
3105 EVP_MD_CTX_free(mdata->ctx);
3106 sk_EVP_TEST_BUFFER_pop_free(mdata->input, evp_test_buffer_free);
3107 OPENSSL_free(mdata->osin);
3108 OPENSSL_free(mdata->output);
3109 OPENSSL_free(mdata);
3110 t->data = NULL;
3111 }
3112
3113 static int digestsigver_test_parse(EVP_TEST *t,
3114 const char *keyword, const char *value)
3115 {
3116 DIGESTSIGN_DATA *mdata = t->data;
3117
3118 if (strcmp(keyword, "Key") == 0) {
3119 EVP_PKEY *pkey = NULL;
3120 int rv = 0;
3121 const char *name = mdata->md == NULL ? NULL : EVP_MD_get0_name(mdata->md);
3122
3123 if (mdata->is_verify)
3124 rv = find_key(&pkey, value, public_keys);
3125 if (rv == 0)
3126 rv = find_key(&pkey, value, private_keys);
3127 if (rv == 0 || pkey == NULL) {
3128 t->skip = 1;
3129 return 1;
3130 }
3131 if (mdata->is_verify) {
3132 if (!EVP_DigestVerifyInit_ex(mdata->ctx, &mdata->pctx, name, libctx,
3133 NULL, pkey, NULL))
3134 t->err = "DIGESTVERIFYINIT_ERROR";
3135 return 1;
3136 }
3137 if (!EVP_DigestSignInit_ex(mdata->ctx, &mdata->pctx, name, libctx, NULL,
3138 pkey, NULL))
3139 t->err = "DIGESTSIGNINIT_ERROR";
3140 return 1;
3141 }
3142
3143 if (strcmp(keyword, "Input") == 0) {
3144 if (mdata->is_oneshot)
3145 return parse_bin(value, &mdata->osin, &mdata->osin_len);
3146 return evp_test_buffer_append(value, &mdata->input);
3147 }
3148 if (strcmp(keyword, "Output") == 0)
3149 return parse_bin(value, &mdata->output, &mdata->output_len);
3150
3151 if (!mdata->is_oneshot) {
3152 if (strcmp(keyword, "Count") == 0)
3153 return evp_test_buffer_set_count(value, mdata->input);
3154 if (strcmp(keyword, "Ncopy") == 0)
3155 return evp_test_buffer_ncopy(value, mdata->input);
3156 }
3157 if (strcmp(keyword, "Ctrl") == 0) {
3158 if (mdata->pctx == NULL)
3159 return -1;
3160 return pkey_test_ctrl(t, mdata->pctx, value);
3161 }
3162 return 0;
3163 }
3164
3165 static int digestsign_update_fn(void *ctx, const unsigned char *buf,
3166 size_t buflen)
3167 {
3168 return EVP_DigestSignUpdate(ctx, buf, buflen);
3169 }
3170
3171 static int digestsign_test_run(EVP_TEST *t)
3172 {
3173 DIGESTSIGN_DATA *expected = t->data;
3174 unsigned char *got = NULL;
3175 size_t got_len;
3176
3177 if (!evp_test_buffer_do(expected->input, digestsign_update_fn,
3178 expected->ctx)) {
3179 t->err = "DIGESTUPDATE_ERROR";
3180 goto err;
3181 }
3182
3183 if (!EVP_DigestSignFinal(expected->ctx, NULL, &got_len)) {
3184 t->err = "DIGESTSIGNFINAL_LENGTH_ERROR";
3185 goto err;
3186 }
3187 if (!TEST_ptr(got = OPENSSL_malloc(got_len))) {
3188 t->err = "MALLOC_FAILURE";
3189 goto err;
3190 }
3191 if (!EVP_DigestSignFinal(expected->ctx, got, &got_len)) {
3192 t->err = "DIGESTSIGNFINAL_ERROR";
3193 goto err;
3194 }
3195 if (!memory_err_compare(t, "SIGNATURE_MISMATCH",
3196 expected->output, expected->output_len,
3197 got, got_len))
3198 goto err;
3199
3200 t->err = NULL;
3201 err:
3202 OPENSSL_free(got);
3203 return 1;
3204 }
3205
3206 static const EVP_TEST_METHOD digestsign_test_method = {
3207 "DigestSign",
3208 digestsign_test_init,
3209 digestsigver_test_cleanup,
3210 digestsigver_test_parse,
3211 digestsign_test_run
3212 };
3213
3214 static int digestverify_test_init(EVP_TEST *t, const char *alg)
3215 {
3216 return digestsigver_test_init(t, alg, 1, 0);
3217 }
3218
3219 static int digestverify_update_fn(void *ctx, const unsigned char *buf,
3220 size_t buflen)
3221 {
3222 return EVP_DigestVerifyUpdate(ctx, buf, buflen);
3223 }
3224
3225 static int digestverify_test_run(EVP_TEST *t)
3226 {
3227 DIGESTSIGN_DATA *mdata = t->data;
3228
3229 if (!evp_test_buffer_do(mdata->input, digestverify_update_fn, mdata->ctx)) {
3230 t->err = "DIGESTUPDATE_ERROR";
3231 return 1;
3232 }
3233
3234 if (EVP_DigestVerifyFinal(mdata->ctx, mdata->output,
3235 mdata->output_len) <= 0)
3236 t->err = "VERIFY_ERROR";
3237 return 1;
3238 }
3239
3240 static const EVP_TEST_METHOD digestverify_test_method = {
3241 "DigestVerify",
3242 digestverify_test_init,
3243 digestsigver_test_cleanup,
3244 digestsigver_test_parse,
3245 digestverify_test_run
3246 };
3247
3248 static int oneshot_digestsign_test_init(EVP_TEST *t, const char *alg)
3249 {
3250 return digestsigver_test_init(t, alg, 0, 1);
3251 }
3252
3253 static int oneshot_digestsign_test_run(EVP_TEST *t)
3254 {
3255 DIGESTSIGN_DATA *expected = t->data;
3256 unsigned char *got = NULL;
3257 size_t got_len;
3258
3259 if (!EVP_DigestSign(expected->ctx, NULL, &got_len,
3260 expected->osin, expected->osin_len)) {
3261 t->err = "DIGESTSIGN_LENGTH_ERROR";
3262 goto err;
3263 }
3264 if (!TEST_ptr(got = OPENSSL_malloc(got_len))) {
3265 t->err = "MALLOC_FAILURE";
3266 goto err;
3267 }
3268 if (!EVP_DigestSign(expected->ctx, got, &got_len,
3269 expected->osin, expected->osin_len)) {
3270 t->err = "DIGESTSIGN_ERROR";
3271 goto err;
3272 }
3273 if (!memory_err_compare(t, "SIGNATURE_MISMATCH",
3274 expected->output, expected->output_len,
3275 got, got_len))
3276 goto err;
3277
3278 t->err = NULL;
3279 err:
3280 OPENSSL_free(got);
3281 return 1;
3282 }
3283
3284 static const EVP_TEST_METHOD oneshot_digestsign_test_method = {
3285 "OneShotDigestSign",
3286 oneshot_digestsign_test_init,
3287 digestsigver_test_cleanup,
3288 digestsigver_test_parse,
3289 oneshot_digestsign_test_run
3290 };
3291
3292 static int oneshot_digestverify_test_init(EVP_TEST *t, const char *alg)
3293 {
3294 return digestsigver_test_init(t, alg, 1, 1);
3295 }
3296
3297 static int oneshot_digestverify_test_run(EVP_TEST *t)
3298 {
3299 DIGESTSIGN_DATA *mdata = t->data;
3300
3301 if (EVP_DigestVerify(mdata->ctx, mdata->output, mdata->output_len,
3302 mdata->osin, mdata->osin_len) <= 0)
3303 t->err = "VERIFY_ERROR";
3304 return 1;
3305 }
3306
3307 static const EVP_TEST_METHOD oneshot_digestverify_test_method = {
3308 "OneShotDigestVerify",
3309 oneshot_digestverify_test_init,
3310 digestsigver_test_cleanup,
3311 digestsigver_test_parse,
3312 oneshot_digestverify_test_run
3313 };
3314
3315
3316 /**
3317 ** PARSING AND DISPATCH
3318 **/
3319
3320 static const EVP_TEST_METHOD *evp_test_list[] = {
3321 &rand_test_method,
3322 &cipher_test_method,
3323 &digest_test_method,
3324 &digestsign_test_method,
3325 &digestverify_test_method,
3326 &encode_test_method,
3327 &kdf_test_method,
3328 &pkey_kdf_test_method,
3329 &keypair_test_method,
3330 &keygen_test_method,
3331 &mac_test_method,
3332 &oneshot_digestsign_test_method,
3333 &oneshot_digestverify_test_method,
3334 &pbe_test_method,
3335 &pdecrypt_test_method,
3336 &pderive_test_method,
3337 &psign_test_method,
3338 &pverify_recover_test_method,
3339 &pverify_test_method,
3340 NULL
3341 };
3342
3343 static const EVP_TEST_METHOD *find_test(const char *name)
3344 {
3345 const EVP_TEST_METHOD **tt;
3346
3347 for (tt = evp_test_list; *tt; tt++) {
3348 if (strcmp(name, (*tt)->name) == 0)
3349 return *tt;
3350 }
3351 return NULL;
3352 }
3353
3354 static void clear_test(EVP_TEST *t)
3355 {
3356 test_clearstanza(&t->s);
3357 ERR_clear_error();
3358 if (t->data != NULL) {
3359 if (t->meth != NULL)
3360 t->meth->cleanup(t);
3361 OPENSSL_free(t->data);
3362 t->data = NULL;
3363 }
3364 OPENSSL_free(t->expected_err);
3365 t->expected_err = NULL;
3366 OPENSSL_free(t->reason);
3367 t->reason = NULL;
3368
3369 /* Text literal. */
3370 t->err = NULL;
3371 t->skip = 0;
3372 t->meth = NULL;
3373 }
3374
3375 /* Check for errors in the test structure; return 1 if okay, else 0. */
3376 static int check_test_error(EVP_TEST *t)
3377 {
3378 unsigned long err;
3379 const char *reason;
3380
3381 if (t->err == NULL && t->expected_err == NULL)
3382 return 1;
3383 if (t->err != NULL && t->expected_err == NULL) {
3384 if (t->aux_err != NULL) {
3385 TEST_info("%s:%d: Source of above error (%s); unexpected error %s",
3386 t->s.test_file, t->s.start, t->aux_err, t->err);
3387 } else {
3388 TEST_info("%s:%d: Source of above error; unexpected error %s",
3389 t->s.test_file, t->s.start, t->err);
3390 }
3391 return 0;
3392 }
3393 if (t->err == NULL && t->expected_err != NULL) {
3394 TEST_info("%s:%d: Succeeded but was expecting %s",
3395 t->s.test_file, t->s.start, t->expected_err);
3396 return 0;
3397 }
3398
3399 if (strcmp(t->err, t->expected_err) != 0) {
3400 TEST_info("%s:%d: Expected %s got %s",
3401 t->s.test_file, t->s.start, t->expected_err, t->err);
3402 return 0;
3403 }
3404
3405 if (t->reason == NULL)
3406 return 1;
3407
3408 if (t->reason == NULL) {
3409 TEST_info("%s:%d: Test is missing function or reason code",
3410 t->s.test_file, t->s.start);
3411 return 0;
3412 }
3413
3414 err = ERR_peek_error();
3415 if (err == 0) {
3416 TEST_info("%s:%d: Expected error \"%s\" not set",
3417 t->s.test_file, t->s.start, t->reason);
3418 return 0;
3419 }
3420
3421 reason = ERR_reason_error_string(err);
3422 if (reason == NULL) {
3423 TEST_info("%s:%d: Expected error \"%s\", no strings available."
3424 " Assuming ok.",
3425 t->s.test_file, t->s.start, t->reason);
3426 return 1;
3427 }
3428
3429 if (strcmp(reason, t->reason) == 0)
3430 return 1;
3431
3432 TEST_info("%s:%d: Expected error \"%s\", got \"%s\"",
3433 t->s.test_file, t->s.start, t->reason, reason);
3434
3435 return 0;
3436 }
3437
3438 /* Run a parsed test. Log a message and return 0 on error. */
3439 static int run_test(EVP_TEST *t)
3440 {
3441 if (t->meth == NULL)
3442 return 1;
3443 t->s.numtests++;
3444 if (t->skip) {
3445 t->s.numskip++;
3446 } else {
3447 /* run the test */
3448 if (t->err == NULL && t->meth->run_test(t) != 1) {
3449 TEST_info("%s:%d %s error",
3450 t->s.test_file, t->s.start, t->meth->name);
3451 return 0;
3452 }
3453 if (!check_test_error(t)) {
3454 TEST_openssl_errors();
3455 t->s.errors++;
3456 }
3457 }
3458
3459 /* clean it up */
3460 return 1;
3461 }
3462
3463 static int find_key(EVP_PKEY **ppk, const char *name, KEY_LIST *lst)
3464 {
3465 for (; lst != NULL; lst = lst->next) {
3466 if (strcmp(lst->name, name) == 0) {
3467 if (ppk != NULL)
3468 *ppk = lst->key;
3469 return 1;
3470 }
3471 }
3472 return 0;
3473 }
3474
3475 static void free_key_list(KEY_LIST *lst)
3476 {
3477 while (lst != NULL) {
3478 KEY_LIST *next = lst->next;
3479
3480 EVP_PKEY_free(lst->key);
3481 OPENSSL_free(lst->name);
3482 OPENSSL_free(lst);
3483 lst = next;
3484 }
3485 }
3486
3487 /*
3488 * Is the key type an unsupported algorithm?
3489 */
3490 static int key_unsupported(void)
3491 {
3492 long err = ERR_peek_last_error();
3493 int lib = ERR_GET_LIB(err);
3494 long reason = ERR_GET_REASON(err);
3495
3496 if ((lib == ERR_LIB_EVP && reason == EVP_R_UNSUPPORTED_ALGORITHM)
3497 || (lib == ERR_LIB_EVP && reason == EVP_R_DECODE_ERROR)
3498 || reason == ERR_R_UNSUPPORTED) {
3499 ERR_clear_error();
3500 return 1;
3501 }
3502 #ifndef OPENSSL_NO_EC
3503 /*
3504 * If EC support is enabled we should catch also EC_R_UNKNOWN_GROUP as an
3505 * hint to an unsupported algorithm/curve (e.g. if binary EC support is
3506 * disabled).
3507 */
3508 if (lib == ERR_LIB_EC
3509 && (reason == EC_R_UNKNOWN_GROUP
3510 || reason == EC_R_INVALID_CURVE)) {
3511 ERR_clear_error();
3512 return 1;
3513 }
3514 #endif /* OPENSSL_NO_EC */
3515 return 0;
3516 }
3517
3518 /* NULL out the value from |pp| but return it. This "steals" a pointer. */
3519 static char *take_value(PAIR *pp)
3520 {
3521 char *p = pp->value;
3522
3523 pp->value = NULL;
3524 return p;
3525 }
3526
3527 #if !defined(OPENSSL_NO_FIPS_SECURITYCHECKS)
3528 static int securitycheck_enabled(void)
3529 {
3530 static int enabled = -1;
3531
3532 if (enabled == -1) {
3533 if (OSSL_PROVIDER_available(libctx, "fips")) {
3534 OSSL_PARAM params[2];
3535 OSSL_PROVIDER *prov = NULL;
3536 int check = 1;
3537
3538 prov = OSSL_PROVIDER_load(libctx, "fips");
3539 if (prov != NULL) {
3540 params[0] =
3541 OSSL_PARAM_construct_int(OSSL_PROV_PARAM_SECURITY_CHECKS,
3542 &check);
3543 params[1] = OSSL_PARAM_construct_end();
3544 OSSL_PROVIDER_get_params(prov, params);
3545 OSSL_PROVIDER_unload(prov);
3546 }
3547 enabled = check;
3548 return enabled;
3549 }
3550 enabled = 0;
3551 }
3552 return enabled;
3553 }
3554 #endif
3555
3556 /*
3557 * Return 1 if one of the providers named in the string is available.
3558 * The provider names are separated with whitespace.
3559 * NOTE: destructive function, it inserts '\0' after each provider name.
3560 */
3561 static int prov_available(char *providers)
3562 {
3563 char *p;
3564 int more = 1;
3565
3566 while (more) {
3567 for (; isspace(*providers); providers++)
3568 continue;
3569 if (*providers == '\0')
3570 break; /* End of the road */
3571 for (p = providers; *p != '\0' && !isspace(*p); p++)
3572 continue;
3573 if (*p == '\0')
3574 more = 0;
3575 else
3576 *p = '\0';
3577 if (OSSL_PROVIDER_available(libctx, providers))
3578 return 1; /* Found one */
3579 }
3580 return 0;
3581 }
3582
3583 /* Read and parse one test. Return 0 if failure, 1 if okay. */
3584 static int parse(EVP_TEST *t)
3585 {
3586 KEY_LIST *key, **klist;
3587 EVP_PKEY *pkey;
3588 PAIR *pp;
3589 int i, skip_availablein = 0;
3590
3591 top:
3592 do {
3593 if (BIO_eof(t->s.fp))
3594 return EOF;
3595 clear_test(t);
3596 if (!test_readstanza(&t->s))
3597 return 0;
3598 } while (t->s.numpairs == 0);
3599 pp = &t->s.pairs[0];
3600
3601 /* Are we adding a key? */
3602 klist = NULL;
3603 pkey = NULL;
3604 start:
3605 if (strcmp(pp->key, "PrivateKey") == 0) {
3606 pkey = PEM_read_bio_PrivateKey_ex(t->s.key, NULL, 0, NULL, libctx, NULL);
3607 if (pkey == NULL && !key_unsupported()) {
3608 EVP_PKEY_free(pkey);
3609 TEST_info("Can't read private key %s", pp->value);
3610 TEST_openssl_errors();
3611 return 0;
3612 }
3613 klist = &private_keys;
3614 } else if (strcmp(pp->key, "PublicKey") == 0) {
3615 pkey = PEM_read_bio_PUBKEY_ex(t->s.key, NULL, 0, NULL, libctx, NULL);
3616 if (pkey == NULL && !key_unsupported()) {
3617 EVP_PKEY_free(pkey);
3618 TEST_info("Can't read public key %s", pp->value);
3619 TEST_openssl_errors();
3620 return 0;
3621 }
3622 klist = &public_keys;
3623 } else if (strcmp(pp->key, "PrivateKeyRaw") == 0
3624 || strcmp(pp->key, "PublicKeyRaw") == 0) {
3625 char *strnid = NULL, *keydata = NULL;
3626 unsigned char *keybin;
3627 size_t keylen;
3628 int nid;
3629
3630 if (strcmp(pp->key, "PrivateKeyRaw") == 0)
3631 klist = &private_keys;
3632 else
3633 klist = &public_keys;
3634
3635 strnid = strchr(pp->value, ':');
3636 if (strnid != NULL) {
3637 *strnid++ = '\0';
3638 keydata = strchr(strnid, ':');
3639 if (keydata != NULL)
3640 *keydata++ = '\0';
3641 }
3642 if (keydata == NULL) {
3643 TEST_info("Failed to parse %s value", pp->key);
3644 return 0;
3645 }
3646
3647 nid = OBJ_txt2nid(strnid);
3648 if (nid == NID_undef) {
3649 TEST_info("Unrecognised algorithm NID");
3650 return 0;
3651 }
3652 if (!parse_bin(keydata, &keybin, &keylen)) {
3653 TEST_info("Failed to create binary key");
3654 return 0;
3655 }
3656 if (klist == &private_keys)
3657 pkey = EVP_PKEY_new_raw_private_key_ex(libctx, strnid, NULL, keybin,
3658 keylen);
3659 else
3660 pkey = EVP_PKEY_new_raw_public_key_ex(libctx, strnid, NULL, keybin,
3661 keylen);
3662 if (pkey == NULL && !key_unsupported()) {
3663 TEST_info("Can't read %s data", pp->key);
3664 OPENSSL_free(keybin);
3665 TEST_openssl_errors();
3666 return 0;
3667 }
3668 OPENSSL_free(keybin);
3669 } else if (strcmp(pp->key, "Availablein") == 0) {
3670 if (!prov_available(pp->value)) {
3671 TEST_info("skipping, '%s' provider not available: %s:%d",
3672 pp->value, t->s.test_file, t->s.start);
3673 t->skip = 1;
3674 return 0;
3675 }
3676 skip_availablein++;
3677 pp++;
3678 goto start;
3679 }
3680
3681 /* If we have a key add to list */
3682 if (klist != NULL) {
3683 if (find_key(NULL, pp->value, *klist)) {
3684 TEST_info("Duplicate key %s", pp->value);
3685 return 0;
3686 }
3687 if (!TEST_ptr(key = OPENSSL_malloc(sizeof(*key))))
3688 return 0;
3689 key->name = take_value(pp);
3690 key->key = pkey;
3691 key->next = *klist;
3692 *klist = key;
3693
3694 /* Go back and start a new stanza. */
3695 if ((t->s.numpairs - skip_availablein) != 1)
3696 TEST_info("Line %d: missing blank line\n", t->s.curr);
3697 goto top;
3698 }
3699
3700 /* Find the test, based on first keyword. */
3701 if (!TEST_ptr(t->meth = find_test(pp->key)))
3702 return 0;
3703 if (!t->meth->init(t, pp->value)) {
3704 TEST_error("unknown %s: %s\n", pp->key, pp->value);
3705 return 0;
3706 }
3707 if (t->skip == 1) {
3708 /* TEST_info("skipping %s %s", pp->key, pp->value); */
3709 return 0;
3710 }
3711
3712 for (pp++, i = 1; i < (t->s.numpairs - skip_availablein); pp++, i++) {
3713 if (strcmp(pp->key, "Securitycheck") == 0) {
3714 #if defined(OPENSSL_NO_FIPS_SECURITYCHECKS)
3715 #else
3716 if (!securitycheck_enabled())
3717 #endif
3718 {
3719 TEST_info("skipping, Securitycheck is disabled: %s:%d",
3720 t->s.test_file, t->s.start);
3721 t->skip = 1;
3722 return 0;
3723 }
3724 } else if (strcmp(pp->key, "Availablein") == 0) {
3725 TEST_info("Line %d: 'Availablein' should be the first option",
3726 t->s.curr);
3727 return 0;
3728 } else if (strcmp(pp->key, "Result") == 0) {
3729 if (t->expected_err != NULL) {
3730 TEST_info("Line %d: multiple result lines", t->s.curr);
3731 return 0;
3732 }
3733 t->expected_err = take_value(pp);
3734 } else if (strcmp(pp->key, "Function") == 0) {
3735 /* Ignore old line. */
3736 } else if (strcmp(pp->key, "Reason") == 0) {
3737 if (t->reason != NULL) {
3738 TEST_info("Line %d: multiple reason lines", t->s.curr);
3739 return 0;
3740 }
3741 t->reason = take_value(pp);
3742 } else {
3743 /* Must be test specific line: try to parse it */
3744 int rv = t->meth->parse(t, pp->key, pp->value);
3745
3746 if (rv == 0) {
3747 TEST_info("Line %d: unknown keyword %s", t->s.curr, pp->key);
3748 return 0;
3749 }
3750 if (rv < 0) {
3751 TEST_info("Line %d: error processing keyword %s = %s\n",
3752 t->s.curr, pp->key, pp->value);
3753 return 0;
3754 }
3755 }
3756 }
3757
3758 return 1;
3759 }
3760
3761 static int run_file_tests(int i)
3762 {
3763 EVP_TEST *t;
3764 const char *testfile = test_get_argument(i);
3765 int c;
3766
3767 if (!TEST_ptr(t = OPENSSL_zalloc(sizeof(*t))))
3768 return 0;
3769 if (!test_start_file(&t->s, testfile)) {
3770 OPENSSL_free(t);
3771 return 0;
3772 }
3773
3774 while (!BIO_eof(t->s.fp)) {
3775 c = parse(t);
3776 if (t->skip) {
3777 t->s.numskip++;
3778 continue;
3779 }
3780 if (c == 0 || !run_test(t)) {
3781 t->s.errors++;
3782 break;
3783 }
3784 }
3785 test_end_file(&t->s);
3786 clear_test(t);
3787
3788 free_key_list(public_keys);
3789 free_key_list(private_keys);
3790 BIO_free(t->s.key);
3791 c = t->s.errors;
3792 OPENSSL_free(t);
3793 return c == 0;
3794 }
3795
3796 const OPTIONS *test_get_options(void)
3797 {
3798 static const OPTIONS test_options[] = {
3799 OPT_TEST_OPTIONS_WITH_EXTRA_USAGE("[file...]\n"),
3800 { "config", OPT_CONFIG_FILE, '<',
3801 "The configuration file to use for the libctx" },
3802 { OPT_HELP_STR, 1, '-', "file\tFile to run tests on.\n" },
3803 { NULL }
3804 };
3805 return test_options;
3806 }
3807
3808 int setup_tests(void)
3809 {
3810 size_t n;
3811 char *config_file = NULL;
3812
3813 OPTION_CHOICE o;
3814
3815 while ((o = opt_next()) != OPT_EOF) {
3816 switch (o) {
3817 case OPT_CONFIG_FILE:
3818 config_file = opt_arg();
3819 break;
3820 case OPT_TEST_CASES:
3821 break;
3822 default:
3823 case OPT_ERR:
3824 return 0;
3825 }
3826 }
3827
3828 /*
3829 * Load the provider via configuration into the created library context.
3830 * Load the 'null' provider into the default library context to ensure that
3831 * the tests do not fallback to using the default provider.
3832 */
3833 if (!test_get_libctx(&libctx, &prov_null, config_file, NULL, NULL))
3834 return 0;
3835
3836 n = test_get_argument_count();
3837 if (n == 0)
3838 return 0;
3839
3840 ADD_ALL_TESTS(run_file_tests, n);
3841 return 1;
3842 }
3843
3844 void cleanup_tests(void)
3845 {
3846 OSSL_PROVIDER_unload(prov_null);
3847 OSSL_LIB_CTX_free(libctx);
3848 }
3849
3850 static int is_digest_disabled(const char *name)
3851 {
3852 #ifdef OPENSSL_NO_BLAKE2
3853 if (HAS_CASE_PREFIX(name, "BLAKE"))
3854 return 1;
3855 #endif
3856 #ifdef OPENSSL_NO_MD2
3857 if (strcasecmp(name, "MD2") == 0)
3858 return 1;
3859 #endif
3860 #ifdef OPENSSL_NO_MDC2
3861 if (strcasecmp(name, "MDC2") == 0)
3862 return 1;
3863 #endif
3864 #ifdef OPENSSL_NO_MD4
3865 if (strcasecmp(name, "MD4") == 0)
3866 return 1;
3867 #endif
3868 #ifdef OPENSSL_NO_MD5
3869 if (strcasecmp(name, "MD5") == 0)
3870 return 1;
3871 #endif
3872 #ifdef OPENSSL_NO_RMD160
3873 if (strcasecmp(name, "RIPEMD160") == 0)
3874 return 1;
3875 #endif
3876 #ifdef OPENSSL_NO_SM3
3877 if (strcasecmp(name, "SM3") == 0)
3878 return 1;
3879 #endif
3880 #ifdef OPENSSL_NO_WHIRLPOOL
3881 if (strcasecmp(name, "WHIRLPOOL") == 0)
3882 return 1;
3883 #endif
3884 return 0;
3885 }
3886
3887 static int is_pkey_disabled(const char *name)
3888 {
3889 #ifdef OPENSSL_NO_EC
3890 if (HAS_CASE_PREFIX(name, "EC"))
3891 return 1;
3892 #endif
3893 #ifdef OPENSSL_NO_DH
3894 if (HAS_CASE_PREFIX(name, "DH"))
3895 return 1;
3896 #endif
3897 #ifdef OPENSSL_NO_DSA
3898 if (HAS_CASE_PREFIX(name, "DSA"))
3899 return 1;
3900 #endif
3901 return 0;
3902 }
3903
3904 static int is_mac_disabled(const char *name)
3905 {
3906 #ifdef OPENSSL_NO_BLAKE2
3907 if (HAS_CASE_PREFIX(name, "BLAKE2BMAC")
3908 || HAS_CASE_PREFIX(name, "BLAKE2SMAC"))
3909 return 1;
3910 #endif
3911 #ifdef OPENSSL_NO_CMAC
3912 if (HAS_CASE_PREFIX(name, "CMAC"))
3913 return 1;
3914 #endif
3915 #ifdef OPENSSL_NO_POLY1305
3916 if (HAS_CASE_PREFIX(name, "Poly1305"))
3917 return 1;
3918 #endif
3919 #ifdef OPENSSL_NO_SIPHASH
3920 if (HAS_CASE_PREFIX(name, "SipHash"))
3921 return 1;
3922 #endif
3923 return 0;
3924 }
3925 static int is_kdf_disabled(const char *name)
3926 {
3927 #ifdef OPENSSL_NO_SCRYPT
3928 if (HAS_CASE_SUFFIX(name, "SCRYPT"))
3929 return 1;
3930 #endif
3931 return 0;
3932 }
3933
3934 static int is_cipher_disabled(const char *name)
3935 {
3936 #ifdef OPENSSL_NO_ARIA
3937 if (HAS_CASE_PREFIX(name, "ARIA"))
3938 return 1;
3939 #endif
3940 #ifdef OPENSSL_NO_BF
3941 if (HAS_CASE_PREFIX(name, "BF"))
3942 return 1;
3943 #endif
3944 #ifdef OPENSSL_NO_CAMELLIA
3945 if (HAS_CASE_PREFIX(name, "CAMELLIA"))
3946 return 1;
3947 #endif
3948 #ifdef OPENSSL_NO_CAST
3949 if (HAS_CASE_PREFIX(name, "CAST"))
3950 return 1;
3951 #endif
3952 #ifdef OPENSSL_NO_CHACHA
3953 if (HAS_CASE_PREFIX(name, "CHACHA"))
3954 return 1;
3955 #endif
3956 #ifdef OPENSSL_NO_POLY1305
3957 if (HAS_CASE_SUFFIX(name, "Poly1305"))
3958 return 1;
3959 #endif
3960 #ifdef OPENSSL_NO_DES
3961 if (HAS_CASE_PREFIX(name, "DES"))
3962 return 1;
3963 if (HAS_CASE_SUFFIX(name, "3DESwrap"))
3964 return 1;
3965 #endif
3966 #ifdef OPENSSL_NO_OCB
3967 if (HAS_CASE_SUFFIX(name, "OCB"))
3968 return 1;
3969 #endif
3970 #ifdef OPENSSL_NO_IDEA
3971 if (HAS_CASE_PREFIX(name, "IDEA"))
3972 return 1;
3973 #endif
3974 #ifdef OPENSSL_NO_RC2
3975 if (HAS_CASE_PREFIX(name, "RC2"))
3976 return 1;
3977 #endif
3978 #ifdef OPENSSL_NO_RC4
3979 if (HAS_CASE_PREFIX(name, "RC4"))
3980 return 1;
3981 #endif
3982 #ifdef OPENSSL_NO_RC5
3983 if (HAS_CASE_PREFIX(name, "RC5"))
3984 return 1;
3985 #endif
3986 #ifdef OPENSSL_NO_SEED
3987 if (HAS_CASE_PREFIX(name, "SEED"))
3988 return 1;
3989 #endif
3990 #ifdef OPENSSL_NO_SIV
3991 if (HAS_CASE_SUFFIX(name, "SIV"))
3992 return 1;
3993 #endif
3994 #ifdef OPENSSL_NO_SM4
3995 if (HAS_CASE_PREFIX(name, "SM4"))
3996 return 1;
3997 #endif
3998 return 0;
3999 }
A mirror of the official openssl repository