]> git.ipfire.org Git - thirdparty/openssl.git/blame - test/evp_test.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
VMS UI_OpenSSL: generate OpenSSL errors when things go wrong.
[thirdparty/openssl.git] / test / evp_test.c
CommitLineData
0e360199 1/*
440e5d80 2 * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
0e360199 3 *
440e5d80
RS		 4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
0e360199
BL		 8 */
9
10#include <stdio.h>
11#include <string.h>
307e3978
DSH		 12#include <stdlib.h>
13#include <ctype.h>
0e360199 14#include <openssl/evp.h>
5824cc29 15#include <openssl/pem.h>
0b13e9f0 16#include <openssl/err.h>
307e3978 17#include <openssl/x509v3.h>
351fe214 18#include <openssl/pkcs12.h>
44a284d2 19#include <openssl/kdf.h>
3b53e18a 20#include "internal/numbers.h"
0e360199 21
307e3978
DSH		 22/* Remove spaces from beginning and end of a string */
23
24static void remove_space(char **pval)
0f113f3e 25{
307e3978 26 unsigned char *p = (unsigned char *)*pval;
0f113f3e 27
307e3978
DSH		 28 while (isspace(*p))
29 p++;
30
31 *pval = (char *)p;
32
33 p = p + strlen(*pval) - 1;
34
35 /* Remove trailing space */
36 while (isspace(*p))
37 *p-- = 0;
0f113f3e 38}
0e360199 39
307e3978
DSH		 40/*
41 * Given a line of the form:
42 * name = value # comment
43 * extract name and value. NB: modifies passed buffer.
44 */
45
46static int parse_line(char **pkw, char **pval, char *linebuf)
0f113f3e 47{
307e3978 48 char *p;
0e360199 49
307e3978 50 p = linebuf + strlen(linebuf) - 1;
0f113f3e 51
307e3978
DSH		 52 if (*p != '\n') {
53 fprintf(stderr, "FATAL: missing EOL\n");
54 exit(1);
0e360199
BL		 55 }
56
307e3978 57 /* Look for # */
5b46eee0 58
307e3978 59 p = strchr(linebuf, '#');
5b46eee0 60
307e3978
DSH		 61 if (p)
62 *p = '\0';
5b46eee0 63
307e3978
DSH		 64 /* Look for = sign */
65 p = strchr(linebuf, '=');
5b46eee0 66
307e3978
DSH		 67 /* If no '=' exit */
68 if (!p)
69 return 0;
5b46eee0 70
307e3978 71 *p++ = '\0';
5b46eee0 72
307e3978
DSH		 73 *pkw = linebuf;
74 *pval = p;
5b46eee0 75
307e3978
DSH		 76 /* Remove spaces from keyword and value */
77 remove_space(pkw);
78 remove_space(pval);
79
80 return 1;
0f113f3e 81}
0e360199 82
3cdd1e94
EK		 83/*
84 * Unescape some escape sequences in string literals.
85 * Return the result in a newly allocated buffer.
86 * Currently only supports '\n'.
87 * If the input length is 0, returns a valid 1-byte buffer, but sets
88 * the length to 0.
89 */
90static unsigned char* unescape(const char *input, size_t input_len,
91 size_t *out_len)
92{
93 unsigned char *ret, *p;
94 size_t i;
95 if (input_len == 0) {
96 *out_len = 0;
97 return OPENSSL_zalloc(1);
98 }
99
100 /* Escaping is non-expanding; over-allocate original size for simplicity. */
101 ret = p = OPENSSL_malloc(input_len);
102 if (ret == NULL)
103 return NULL;
104
105 for (i = 0; i < input_len; i++) {
106 if (input[i] == '\\') {
107 if (i == input_len - 1 || input[i+1] != 'n')
108 goto err;
109 *p++ = '\n';
110 i++;
111 } else {
112 *p++ = input[i];
113 }
114 }
115
116 *out_len = p - ret;
117 return ret;
118
119 err:
120 OPENSSL_free(ret);
121 return NULL;
122}
123
307e3978
DSH		 124/* For a hex string "value" convert to a binary allocated buffer */
125static int test_bin(const char *value, unsigned char **buf, size_t *buflen)
0f113f3e 126{
307e3978 127 long len;
bc9d9ce2
DSH		 128
129 *buflen = 0;
307e3978 130 if (!*value) {
3cdd1e94
EK		 131 /*
132 * Don't return NULL for zero length buffer.
133 * This is needed for some tests with empty keys: HMAC_Init_ex() expects
134 * a non-NULL key buffer even if the key length is 0, in order to detect
135 * key reset.
136 */
307e3978
DSH		 137 *buf = OPENSSL_malloc(1);
138 if (!*buf)
139 return 0;
140 **buf = 0;
141 *buflen = 0;
142 return 1;
143 }
83251f39
DSH		 144 /* Check for string literal */
145 if (value[0] == '"') {
146 size_t vlen;
147 value++;
148 vlen = strlen(value);
149 if (value[vlen - 1] != '"')
150 return 0;
151 vlen--;
3cdd1e94
EK		 152 *buf = unescape(value, vlen, buflen);
153 if (*buf == NULL)
154 return 0;
83251f39
DSH		 155 return 1;
156 }
3cdd1e94 157
14f051a0 158 *buf = OPENSSL_hexstr2buf(value, &len);
307e3978
DSH		 159 if (!*buf) {
160 fprintf(stderr, "Value=%s\n", value);
161 ERR_print_errors_fp(stderr);
162 return -1;
163 }
164 /* Size of input buffer means we'll never overflow */
165 *buflen = len;
166 return 1;
0f113f3e 167}
83bd31da
MC		 168#ifndef OPENSSL_NO_SCRYPT
169/* Currently only used by scrypt tests */
3b53e18a
DSH		 170/* Parse unsigned decimal 64 bit integer value */
171static int test_uint64(const char *value, uint64_t *pr)
172{
173 const char *p = value;
174 if (!*p) {
175 fprintf(stderr, "Invalid empty integer value\n");
176 return -1;
177 }
178 *pr = 0;
179 while (*p) {
180 if (*pr > UINT64_MAX/10) {
181 fprintf(stderr, "Integer string overflow value=%s\n", value);
182 return -1;
183 }
184 *pr *= 10;
185 if (*p < '0' || *p > '9') {
186 fprintf(stderr, "Invalid integer string value=%s\n", value);
187 return -1;
188 }
189 *pr += *p - '0';
190 p++;
191 }
192 return 1;
193}
83bd31da 194#endif
848f735a 195
307e3978
DSH		 196/* Structure holding test information */
197struct evp_test {
5824cc29 198 /* file being read */
02b91dcf 199 BIO *in;
5824cc29
DSH		 200 /* List of public and private keys */
201 struct key_list *private;
202 struct key_list *public;
307e3978
DSH		 203 /* method for this test */
204 const struct evp_test_method *meth;
205 /* current line being processed */
206 unsigned int line;
207 /* start line of current test */
208 unsigned int start_line;
209 /* Error string for test */
9a2d2fb3 210 const char *err, *aux_err;
307e3978
DSH		 211 /* Expected error value of test */
212 char *expected_err;
213 /* Number of tests */
214 int ntests;
215 /* Error count */
216 int errors;
7a6c9792
DSH		 217 /* Number of tests skipped */
218 int nskip;
b033e5d5 219 /* If output mismatch expected and got value */
3cdd1e94
EK		 220 unsigned char *out_received;
221 size_t out_received_len;
b033e5d5 222 unsigned char *out_expected;
3cdd1e94 223 size_t out_expected_len;
307e3978
DSH		 224 /* test specific data */
225 void *data;
7a6c9792
DSH		 226 /* Current test should be skipped */
227 int skip;
307e3978 228};
5824cc29
DSH		 229
230struct key_list {
231 char *name;
232 EVP_PKEY *key;
233 struct key_list *next;
234};
235
307e3978
DSH		 236/* Test method structure */
237struct evp_test_method {
238 /* Name of test as it appears in file */
239 const char *name;
240 /* Initialise test for "alg" */
241 int (*init) (struct evp_test * t, const char *alg);
242 /* Clean up method */
243 void (*cleanup) (struct evp_test * t);
244 /* Test specific name value pair processing */
245 int (*parse) (struct evp_test * t, const char *name, const char *value);
246 /* Run the test itself */
247 int (*run_test) (struct evp_test * t);
248};
249
250static const struct evp_test_method digest_test_method, cipher_test_method;
f9e31463 251static const struct evp_test_method mac_test_method;
5824cc29
DSH		 252static const struct evp_test_method psign_test_method, pverify_test_method;
253static const struct evp_test_method pdecrypt_test_method;
254static const struct evp_test_method pverify_recover_test_method;
d4ad48d7 255static const struct evp_test_method pderive_test_method;
3b53e18a 256static const struct evp_test_method pbe_test_method;
3cdd1e94 257static const struct evp_test_method encode_test_method;
44a284d2 258static const struct evp_test_method kdf_test_method;
307e3978
DSH		 259
260static const struct evp_test_method *evp_test_list[] = {
261 &digest_test_method,
262 &cipher_test_method,
83251f39 263 &mac_test_method,
5824cc29
DSH		 264 &psign_test_method,
265 &pverify_test_method,
266 &pdecrypt_test_method,
267 &pverify_recover_test_method,
d4ad48d7 268 &pderive_test_method,
3b53e18a 269 &pbe_test_method,
3cdd1e94 270 &encode_test_method,
44a284d2 271 &kdf_test_method,
83251f39 272 NULL
307e3978
DSH		 273};
274
275static const struct evp_test_method *evp_find_test(const char *name)
0f113f3e 276{
307e3978 277 const struct evp_test_method **tt;
86885c28 278
307e3978 279 for (tt = evp_test_list; *tt; tt++) {
86885c28 280 if (strcmp(name, (*tt)->name) == 0)
307e3978
DSH		 281 return *tt;
282 }
283 return NULL;
0f113f3e
MC		 284}
285
b033e5d5
DSH		 286static void hex_print(const char *name, const unsigned char *buf, size_t len)
287{
288 size_t i;
289 fprintf(stderr, "%s ", name);
290 for (i = 0; i < len; i++)
291 fprintf(stderr, "%02X", buf[i]);
292 fputs("\n", stderr);
293}
294
5724bd49
DSH		 295static void free_expected(struct evp_test *t)
296{
b548a1f1
RS		 297 OPENSSL_free(t->expected_err);
298 t->expected_err = NULL;
25aaa98a 299 OPENSSL_free(t->out_expected);
3cdd1e94 300 OPENSSL_free(t->out_received);
25aaa98a 301 t->out_expected = NULL;
3cdd1e94
EK		 302 t->out_received = NULL;
303 t->out_expected_len = 0;
304 t->out_received_len = 0;
305 /* Literals. */
306 t->err = NULL;
5724bd49
DSH		 307}
308
b033e5d5
DSH		 309static void print_expected(struct evp_test *t)
310{
3cdd1e94 311 if (t->out_expected == NULL && t->out_received == NULL)
b033e5d5 312 return;
3cdd1e94
EK		 313 hex_print("Expected:", t->out_expected, t->out_expected_len);
314 hex_print("Got: ", t->out_received, t->out_received_len);
5724bd49 315 free_expected(t);
b033e5d5
DSH		 316}
317
307e3978 318static int check_test_error(struct evp_test *t)
0f113f3e 319{
307e3978
DSH		 320 if (!t->err && !t->expected_err)
321 return 1;
322 if (t->err && !t->expected_err) {
9a2d2fb3
AP		 323 if (t->aux_err != NULL) {
324 fprintf(stderr, "Test line %d(%s): unexpected error %s\n",
325 t->start_line, t->aux_err, t->err);
326 } else {
327 fprintf(stderr, "Test line %d: unexpected error %s\n",
328 t->start_line, t->err);
329 }
b033e5d5 330 print_expected(t);
307e3978 331 return 0;
0f113f3e 332 }
307e3978
DSH		 333 if (!t->err && t->expected_err) {
334 fprintf(stderr, "Test line %d: succeeded expecting %s\n",
335 t->start_line, t->expected_err);
336 return 0;
337 }
86885c28 338 if (strcmp(t->err, t->expected_err) == 0)
307e3978 339 return 1;
544a2aea 340
307e3978
DSH		 341 fprintf(stderr, "Test line %d: expecting %s got %s\n",
342 t->start_line, t->expected_err, t->err);
343 return 0;
344}
0f113f3e 345
307e3978 346/* Setup a new test, run any existing test */
0f113f3e 347
307e3978
DSH		 348static int setup_test(struct evp_test *t, const struct evp_test_method *tmeth)
349{
350 /* If we already have a test set up run it */
351 if (t->meth) {
352 t->ntests++;
7a6c9792
DSH		 353 if (t->skip) {
354 t->nskip++;
024d681e
TS		 355 } else {
356 /* run the test */
357 t->err = NULL;
358 if (t->meth->run_test(t) != 1) {
359 fprintf(stderr, "%s test error line %d\n",
360 t->meth->name, t->start_line);
361 return 0;
362 }
363 if (!check_test_error(t)) {
364 if (t->err)
365 ERR_print_errors_fp(stderr);
366 t->errors++;
367 }
0f113f3e 368 }
024d681e 369 /* clean it up */
307e3978 370 ERR_clear_error();
024d681e
TS		 371 if (t->data != NULL) {
372 t->meth->cleanup(t);
373 OPENSSL_free(t->data);
374 t->data = NULL;
375 }
b548a1f1
RS		 376 OPENSSL_free(t->expected_err);
377 t->expected_err = NULL;
5724bd49 378 free_expected(t);
307e3978
DSH		 379 }
380 t->meth = tmeth;
381 return 1;
382}
0f113f3e 383
7a6c9792 384static int find_key(EVP_PKEY **ppk, const char *name, struct key_list *lst)
5824cc29
DSH		 385{
386 for (; lst; lst = lst->next) {
86885c28 387 if (strcmp(lst->name, name) == 0) {
7a6c9792
DSH		 388 if (ppk)
389 *ppk = lst->key;
390 return 1;
391 }
5824cc29 392 }
7a6c9792 393 return 0;
5824cc29
DSH		 394}
395
396static void free_key_list(struct key_list *lst)
397{
d5ec8efc 398 while (lst != NULL) {
366448ec 399 struct key_list *ltmp;
5824cc29
DSH		 400 EVP_PKEY_free(lst->key);
401 OPENSSL_free(lst->name);
366448ec
DSH		 402 ltmp = lst->next;
403 OPENSSL_free(lst);
404 lst = ltmp;
5824cc29
DSH		 405 }
406}
407
7a6c9792
DSH		 408static int check_unsupported()
409{
410 long err = ERR_peek_error();
411 if (ERR_GET_LIB(err) == ERR_LIB_EVP
366448ec 412 && ERR_GET_REASON(err) == EVP_R_UNSUPPORTED_ALGORITHM) {
7a6c9792
DSH		 413 ERR_clear_error();
414 return 1;
415 }
416 return 0;
417}
418
307e3978
DSH		 419static int process_test(struct evp_test *t, char *buf, int verbose)
420{
4c9b0a03 421 char *keyword = NULL, *value = NULL;
7a6c9792 422 int rv = 0, add_key = 0;
4c9b0a03
GK		 423 long save_pos = 0;
424 struct key_list **lst = NULL, *key = NULL;
5824cc29 425 EVP_PKEY *pk = NULL;
4c9b0a03 426 const struct evp_test_method *tmeth = NULL;
307e3978
DSH		 427 if (verbose)
428 fputs(buf, stdout);
429 if (!parse_line(&keyword, &value, buf))
430 return 1;
86885c28 431 if (strcmp(keyword, "PrivateKey") == 0) {
02b91dcf
AP		 432 save_pos = BIO_tell(t->in);
433 pk = PEM_read_bio_PrivateKey(t->in, NULL, 0, NULL);
7a6c9792 434 if (pk == NULL && !check_unsupported()) {
5824cc29
DSH		 435 fprintf(stderr, "Error reading private key %s\n", value);
436 ERR_print_errors_fp(stderr);
437 return 0;
438 }
439 lst = &t->private;
7a6c9792 440 add_key = 1;
5824cc29 441 }
86885c28 442 if (strcmp(keyword, "PublicKey") == 0) {
02b91dcf
AP		 443 save_pos = BIO_tell(t->in);
444 pk = PEM_read_bio_PUBKEY(t->in, NULL, 0, NULL);
7a6c9792 445 if (pk == NULL && !check_unsupported()) {
5824cc29
DSH		 446 fprintf(stderr, "Error reading public key %s\n", value);
447 ERR_print_errors_fp(stderr);
448 return 0;
449 }
450 lst = &t->public;
7a6c9792 451 add_key = 1;
5824cc29
DSH		 452 }
453 /* If we have a key add to list */
7a6c9792 454 if (add_key) {
5824cc29 455 char tmpbuf[80];
7a6c9792 456 if (find_key(NULL, value, *lst)) {
5824cc29
DSH		 457 fprintf(stderr, "Duplicate key %s\n", value);
458 return 0;
459 }
b4faea50 460 key = OPENSSL_malloc(sizeof(*key));
5824cc29
DSH		 461 if (!key)
462 return 0;
7644a9ae 463 key->name = OPENSSL_strdup(value);
5824cc29
DSH		 464 key->key = pk;
465 key->next = *lst;
466 *lst = key;
467 /* Rewind input, read to end and update line numbers */
02b91dcf
AP		 468 (void)BIO_seek(t->in, save_pos);
469 while (BIO_gets(t->in,tmpbuf, sizeof(tmpbuf))) {
5824cc29 470 t->line++;
86885c28 471 if (strncmp(tmpbuf, "-----END", 8) == 0)
5824cc29
DSH		 472 return 1;
473 }
474 fprintf(stderr, "Can't find key end\n");
475 return 0;
476 }
477
307e3978
DSH		 478 /* See if keyword corresponds to a test start */
479 tmeth = evp_find_test(keyword);
480 if (tmeth) {
481 if (!setup_test(t, tmeth))
482 return 0;
483 t->start_line = t->line;
7a6c9792 484 t->skip = 0;
307e3978
DSH		 485 if (!tmeth->init(t, value)) {
486 fprintf(stderr, "Unknown %s: %s\n", keyword, value);
487 return 0;
0f113f3e 488 }
307e3978 489 return 1;
7a6c9792
DSH		 490 } else if (t->skip) {
491 return 1;
86885c28 492 } else if (strcmp(keyword, "Result") == 0) {
307e3978
DSH		 493 if (t->expected_err) {
494 fprintf(stderr, "Line %d: multiple result lines\n", t->line);
495 return 0;
0f113f3e 496 }
7644a9ae 497 t->expected_err = OPENSSL_strdup(value);
307e3978
DSH		 498 if (!t->expected_err)
499 return 0;
500 } else {
501 /* Must be test specific line: try to parse it */
502 if (t->meth)
503 rv = t->meth->parse(t, keyword, value);
504
505 if (rv == 0)
506 fprintf(stderr, "line %d: unexpected keyword %s\n",
507 t->line, keyword);
508
509 if (rv < 0)
510 fprintf(stderr, "line %d: error processing keyword %s\n",
511 t->line, keyword);
512 if (rv <= 0)
513 return 0;
0f113f3e 514 }
307e3978
DSH		 515 return 1;
516}
0f113f3e 517
3cdd1e94
EK		 518static int check_var_length_output(struct evp_test *t,
519 const unsigned char *expected,
520 size_t expected_len,
521 const unsigned char *received,
522 size_t received_len)
b033e5d5 523{
3cdd1e94
EK		 524 if (expected_len == received_len &&
525 memcmp(expected, received, expected_len) == 0) {
b033e5d5 526 return 0;
3cdd1e94
EK		 527 }
528
529 /* The result printing code expects a non-NULL buffer. */
7644a9ae 530 t->out_expected = OPENSSL_memdup(expected, expected_len ? expected_len : 1);
3cdd1e94 531 t->out_expected_len = expected_len;
7644a9ae 532 t->out_received = OPENSSL_memdup(received, received_len ? received_len : 1);
3cdd1e94
EK		 533 t->out_received_len = received_len;
534 if (t->out_expected == NULL || t->out_received == NULL) {
b033e5d5
DSH		 535 fprintf(stderr, "Memory allocation error!\n");
536 exit(1);
537 }
538 return 1;
539}
540
3cdd1e94
EK		 541static int check_output(struct evp_test *t,
542 const unsigned char *expected,
543 const unsigned char *received,
544 size_t len)
545{
546 return check_var_length_output(t, expected, len, received, len);
547}
548
307e3978
DSH		 549int main(int argc, char **argv)
550{
02b91dcf 551 BIO *in = NULL;
307e3978
DSH		 552 char buf[10240];
553 struct evp_test t;
0f113f3e 554
b033e5d5
DSH		 555 if (argc != 2) {
556 fprintf(stderr, "usage: evp_test testfile.txt\n");
557 return 1;
558 }
559
d5ec8efc
DSH		 560 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
561
366448ec 562 memset(&t, 0, sizeof(t));
307e3978 563 t.start_line = -1;
02b91dcf 564 in = BIO_new_file(argv[1], "r");
ce7a2232
RS		 565 if (in == NULL) {
566 fprintf(stderr, "Can't open %s for reading\n", argv[1]);
567 return 1;
568 }
5824cc29 569 t.in = in;
02b91dcf 570 while (BIO_gets(in, buf, sizeof(buf))) {
307e3978
DSH		 571 t.line++;
572 if (!process_test(&t, buf, 0))
573 exit(1);
574 }
575 /* Run any final test we have */
576 if (!setup_test(&t, NULL))
577 exit(1);
7a6c9792
DSH		 578 fprintf(stderr, "%d tests completed with %d errors, %d skipped\n",
579 t.ntests, t.errors, t.nskip);
5824cc29
DSH		 580 free_key_list(t.public);
581 free_key_list(t.private);
02b91dcf 582 BIO_free(in);
8793f012 583
c2e27310 584#ifndef OPENSSL_NO_CRYPTO_MDEBUG
541e9565
DSH		 585 if (CRYPTO_mem_leaks_fp(stderr) <= 0)
586 return 1;
7644a9ae 587#endif
6906a7c1
DSH		 588 if (t.errors)
589 return 1;
307e3978 590 return 0;
0f113f3e
MC		 591}
592
307e3978 593static void test_free(void *d)
0f113f3e 594{
b548a1f1 595 OPENSSL_free(d);
307e3978 596}
4897dc40 597
307e3978 598/* Message digest tests */
4897dc40 599
307e3978
DSH		 600struct digest_data {
601 /* Digest this test is for */
602 const EVP_MD *digest;
603 /* Input to digest */
604 unsigned char *input;
605 size_t input_len;
618be04e
DSH		 606 /* Repeat count for input */
607 size_t nrpt;
307e3978
DSH		 608 /* Expected output */
609 unsigned char *output;
610 size_t output_len;
611};
4897dc40 612
307e3978
DSH		 613static int digest_test_init(struct evp_test *t, const char *alg)
614{
615 const EVP_MD *digest;
070c2332 616 struct digest_data *mdat;
307e3978 617 digest = EVP_get_digestbyname(alg);
578ce42d
DSH		 618 if (!digest) {
619 /* If alg has an OID assume disabled algorithm */
620 if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) {
621 t->skip = 1;
622 return 1;
623 }
307e3978 624 return 0;
578ce42d 625 }
b4faea50 626 mdat = OPENSSL_malloc(sizeof(*mdat));
307e3978
DSH		 627 mdat->digest = digest;
628 mdat->input = NULL;
629 mdat->output = NULL;
618be04e 630 mdat->nrpt = 1;
307e3978 631 t->data = mdat;
4897dc40 632 return 1;
0f113f3e 633}
4897dc40 634
307e3978
DSH		 635static void digest_test_cleanup(struct evp_test *t)
636{
637 struct digest_data *mdat = t->data;
638 test_free(mdat->input);
639 test_free(mdat->output);
640}
641
642static int digest_test_parse(struct evp_test *t,
643 const char *keyword, const char *value)
644{
645 struct digest_data *mdata = t->data;
86885c28 646 if (strcmp(keyword, "Input") == 0)
307e3978 647 return test_bin(value, &mdata->input, &mdata->input_len);
86885c28 648 if (strcmp(keyword, "Output") == 0)
307e3978 649 return test_bin(value, &mdata->output, &mdata->output_len);
86885c28 650 if (strcmp(keyword, "Count") == 0) {
618be04e
DSH		 651 long nrpt = atoi(value);
652 if (nrpt <= 0)
653 return 0;
654 mdata->nrpt = (size_t)nrpt;
655 return 1;
656 }
307e3978
DSH		 657 return 0;
658}
659
660static int digest_test_run(struct evp_test *t)
0f113f3e 661{
307e3978 662 struct digest_data *mdata = t->data;
618be04e 663 size_t i;
307e3978
DSH		 664 const char *err = "INTERNAL_ERROR";
665 EVP_MD_CTX *mctx;
4897dc40 666 unsigned char md[EVP_MAX_MD_SIZE];
307e3978 667 unsigned int md_len;
bfb0641f 668 mctx = EVP_MD_CTX_new();
307e3978
DSH		 669 if (!mctx)
670 goto err;
671 err = "DIGESTINIT_ERROR";
672 if (!EVP_DigestInit_ex(mctx, mdata->digest, NULL))
673 goto err;
674 err = "DIGESTUPDATE_ERROR";
618be04e
DSH		 675 for (i = 0; i < mdata->nrpt; i++) {
676 if (!EVP_DigestUpdate(mctx, mdata->input, mdata->input_len))
677 goto err;
678 }
307e3978
DSH		 679 err = "DIGESTFINAL_ERROR";
680 if (!EVP_DigestFinal(mctx, md, &md_len))
681 goto err;
682 err = "DIGEST_LENGTH_MISMATCH";
683 if (md_len != mdata->output_len)
684 goto err;
685 err = "DIGEST_MISMATCH";
b033e5d5 686 if (check_output(t, mdata->output, md, md_len))
307e3978
DSH		 687 goto err;
688 err = NULL;
689 err:
bfb0641f 690 EVP_MD_CTX_free(mctx);
307e3978 691 t->err = err;
b033e5d5 692 return 1;
307e3978 693}
4897dc40 694
307e3978
DSH		 695static const struct evp_test_method digest_test_method = {
696 "Digest",
697 digest_test_init,
698 digest_test_cleanup,
699 digest_test_parse,
700 digest_test_run
701};
702
703/* Cipher tests */
704struct cipher_data {
705 const EVP_CIPHER *cipher;
706 int enc;
2207ba7b 707 /* EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE or EVP_CIPH_OCB_MODE if AEAD */
307e3978
DSH		 708 int aead;
709 unsigned char *key;
710 size_t key_len;
711 unsigned char *iv;
712 size_t iv_len;
713 unsigned char *plaintext;
714 size_t plaintext_len;
715 unsigned char *ciphertext;
716 size_t ciphertext_len;
717 /* GCM, CCM only */
718 unsigned char *aad;
719 size_t aad_len;
720 unsigned char *tag;
721 size_t tag_len;
722};
723
724static int cipher_test_init(struct evp_test *t, const char *alg)
725{
726 const EVP_CIPHER *cipher;
727 struct cipher_data *cdat = t->data;
728 cipher = EVP_get_cipherbyname(alg);
33a89fa6
DSH		 729 if (!cipher) {
730 /* If alg has an OID assume disabled algorithm */
731 if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) {
732 t->skip = 1;
733 return 1;
734 }
0f113f3e 735 return 0;
33a89fa6 736 }
b4faea50 737 cdat = OPENSSL_malloc(sizeof(*cdat));
307e3978
DSH		 738 cdat->cipher = cipher;
739 cdat->enc = -1;
740 cdat->key = NULL;
741 cdat->iv = NULL;
742 cdat->ciphertext = NULL;
743 cdat->plaintext = NULL;
744 cdat->aad = NULL;
745 cdat->tag = NULL;
746 t->data = cdat;
747 if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE
2207ba7b 748 || EVP_CIPHER_mode(cipher) == EVP_CIPH_OCB_MODE
307e3978
DSH		 749 || EVP_CIPHER_mode(cipher) == EVP_CIPH_CCM_MODE)
750 cdat->aead = EVP_CIPHER_mode(cipher);
eb85cb86
AP		 751 else if (EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER)
752 cdat->aead = -1;
307e3978
DSH		 753 else
754 cdat->aead = 0;
4897dc40 755
307e3978
DSH		 756 return 1;
757}
4897dc40 758
307e3978
DSH		 759static void cipher_test_cleanup(struct evp_test *t)
760{
761 struct cipher_data *cdat = t->data;
762 test_free(cdat->key);
763 test_free(cdat->iv);
764 test_free(cdat->ciphertext);
765 test_free(cdat->plaintext);
766 test_free(cdat->aad);
767 test_free(cdat->tag);
768}
4897dc40 769
307e3978
DSH		 770static int cipher_test_parse(struct evp_test *t, const char *keyword,
771 const char *value)
772{
773 struct cipher_data *cdat = t->data;
86885c28 774 if (strcmp(keyword, "Key") == 0)
307e3978 775 return test_bin(value, &cdat->key, &cdat->key_len);
86885c28 776 if (strcmp(keyword, "IV") == 0)
307e3978 777 return test_bin(value, &cdat->iv, &cdat->iv_len);
86885c28 778 if (strcmp(keyword, "Plaintext") == 0)
307e3978 779 return test_bin(value, &cdat->plaintext, &cdat->plaintext_len);
86885c28 780 if (strcmp(keyword, "Ciphertext") == 0)
307e3978
DSH		 781 return test_bin(value, &cdat->ciphertext, &cdat->ciphertext_len);
782 if (cdat->aead) {
86885c28 783 if (strcmp(keyword, "AAD") == 0)
307e3978 784 return test_bin(value, &cdat->aad, &cdat->aad_len);
86885c28 785 if (strcmp(keyword, "Tag") == 0)
307e3978 786 return test_bin(value, &cdat->tag, &cdat->tag_len);
0f113f3e 787 }
4897dc40 788
86885c28
RS		 789 if (strcmp(keyword, "Operation") == 0) {
790 if (strcmp(value, "ENCRYPT") == 0)
307e3978 791 cdat->enc = 1;
86885c28 792 else if (strcmp(value, "DECRYPT") == 0)
307e3978
DSH		 793 cdat->enc = 0;
794 else
795 return 0;
796 return 1;
0f113f3e 797 }
307e3978 798 return 0;
0f113f3e 799}
4897dc40 800
9a2d2fb3
AP		 801static int cipher_test_enc(struct evp_test *t, int enc,
802 size_t out_misalign, size_t inp_misalign)
0f113f3e 803{
307e3978
DSH		 804 struct cipher_data *cdat = t->data;
805 unsigned char *in, *out, *tmp = NULL;
806 size_t in_len, out_len;
807 int tmplen, tmpflen;
808 EVP_CIPHER_CTX *ctx = NULL;
809 const char *err;
810 err = "INTERNAL_ERROR";
811 ctx = EVP_CIPHER_CTX_new();
812 if (!ctx)
813 goto err;
814 EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
815 if (enc) {
816 in = cdat->plaintext;
817 in_len = cdat->plaintext_len;
818 out = cdat->ciphertext;
819 out_len = cdat->ciphertext_len;
820 } else {
821 in = cdat->ciphertext;
822 in_len = cdat->ciphertext_len;
823 out = cdat->plaintext;
824 out_len = cdat->plaintext_len;
0f113f3e 825 }
ff715da4
AP		 826 if (inp_misalign == (size_t)-1) {
827 /*
828 * Exercise in-place encryption
829 */
830 tmp = OPENSSL_malloc(out_misalign + in_len + 2 * EVP_MAX_BLOCK_LENGTH);
831 if (!tmp)
832 goto err;
833 in = memcpy(tmp + out_misalign, in, in_len);
834 } else {
835 inp_misalign += 16 - ((out_misalign + in_len) & 15);
836 /*
837 * 'tmp' will store both output and copy of input. We make the copy
838 * of input to specifically aligned part of 'tmp'. So we just
839 * figured out how much padding would ensure the required alignment,
840 * now we allocate extended buffer and finally copy the input just
841 * past inp_misalign in expression below. Output will be written
842 * past out_misalign...
843 */
844 tmp = OPENSSL_malloc(out_misalign + in_len + 2 * EVP_MAX_BLOCK_LENGTH +
845 inp_misalign + in_len);
846 if (!tmp)
847 goto err;
848 in = memcpy(tmp + out_misalign + in_len + 2 * EVP_MAX_BLOCK_LENGTH +
849 inp_misalign, in, in_len);
850 }
307e3978
DSH		 851 err = "CIPHERINIT_ERROR";
852 if (!EVP_CipherInit_ex(ctx, cdat->cipher, NULL, NULL, NULL, enc))
853 goto err;
854 err = "INVALID_IV_LENGTH";
855 if (cdat->iv) {
2207ba7b
DSH		 856 if (cdat->aead) {
857 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
307e3978
DSH		 858 cdat->iv_len, 0))
859 goto err;
860 } else if (cdat->iv_len != (size_t)EVP_CIPHER_CTX_iv_length(ctx))
861 goto err;
0f113f3e 862 }
307e3978
DSH		 863 if (cdat->aead) {
864 unsigned char *tag;
865 /*
2207ba7b
DSH		 866 * If encrypting or OCB just set tag length initially, otherwise
867 * set tag length and value.
307e3978 868 */
2207ba7b 869 if (enc || cdat->aead == EVP_CIPH_OCB_MODE) {
307e3978
DSH		 870 err = "TAG_LENGTH_SET_ERROR";
871 tag = NULL;
0f113f3e 872 } else {
307e3978
DSH		 873 err = "TAG_SET_ERROR";
874 tag = cdat->tag;
0f113f3e 875 }
2207ba7b
DSH		 876 if (tag || cdat->aead != EVP_CIPH_GCM_MODE) {
877 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
366448ec 878 cdat->tag_len, tag))
307e3978 879 goto err;
0f113f3e 880 }
307e3978 881 }
0f113f3e 882
307e3978
DSH		 883 err = "INVALID_KEY_LENGTH";
884 if (!EVP_CIPHER_CTX_set_key_length(ctx, cdat->key_len))
885 goto err;
886 err = "KEY_SET_ERROR";
887 if (!EVP_CipherInit_ex(ctx, NULL, NULL, cdat->key, cdat->iv, -1))
888 goto err;
889
2207ba7b
DSH		 890 if (!enc && cdat->aead == EVP_CIPH_OCB_MODE) {
891 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
892 cdat->tag_len, cdat->tag)) {
366448ec
DSH		 893 err = "TAG_SET_ERROR";
894 goto err;
2207ba7b
DSH		 895 }
896 }
897
307e3978
DSH		 898 if (cdat->aead == EVP_CIPH_CCM_MODE) {
899 if (!EVP_CipherUpdate(ctx, NULL, &tmplen, NULL, out_len)) {
900 err = "CCM_PLAINTEXT_LENGTH_SET_ERROR";
901 goto err;
0f113f3e
MC		 902 }
903 }
307e3978
DSH		 904 if (cdat->aad) {
905 if (!EVP_CipherUpdate(ctx, NULL, &tmplen, cdat->aad, cdat->aad_len)) {
906 err = "AAD_SET_ERROR";
907 goto err;
908 }
909 }
910 EVP_CIPHER_CTX_set_padding(ctx, 0);
911 err = "CIPHERUPDATE_ERROR";
9a2d2fb3 912 if (!EVP_CipherUpdate(ctx, tmp + out_misalign, &tmplen, in, in_len))
307e3978
DSH		 913 goto err;
914 if (cdat->aead == EVP_CIPH_CCM_MODE)
915 tmpflen = 0;
916 else {
917 err = "CIPHERFINAL_ERROR";
9a2d2fb3 918 if (!EVP_CipherFinal_ex(ctx, tmp + out_misalign + tmplen, &tmpflen))
307e3978
DSH		 919 goto err;
920 }
921 err = "LENGTH_MISMATCH";
922 if (out_len != (size_t)(tmplen + tmpflen))
923 goto err;
924 err = "VALUE_MISMATCH";
9a2d2fb3 925 if (check_output(t, out, tmp + out_misalign, out_len))
307e3978
DSH		 926 goto err;
927 if (enc && cdat->aead) {
928 unsigned char rtag[16];
929 if (cdat->tag_len > sizeof(rtag)) {
930 err = "TAG_LENGTH_INTERNAL_ERROR";
931 goto err;
932 }
2207ba7b 933 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
307e3978
DSH		 934 cdat->tag_len, rtag)) {
935 err = "TAG_RETRIEVE_ERROR";
936 goto err;
937 }
b033e5d5 938 if (check_output(t, cdat->tag, rtag, cdat->tag_len)) {
307e3978
DSH		 939 err = "TAG_VALUE_MISMATCH";
940 goto err;
941 }
942 }
943 err = NULL;
944 err:
b548a1f1 945 OPENSSL_free(tmp);
307e3978
DSH		 946 EVP_CIPHER_CTX_free(ctx);
947 t->err = err;
948 return err ? 0 : 1;
949}
0e360199 950
307e3978
DSH		 951static int cipher_test_run(struct evp_test *t)
952{
953 struct cipher_data *cdat = t->data;
954 int rv;
9a2d2fb3
AP		 955 size_t out_misalign, inp_misalign;
956
307e3978
DSH		 957 if (!cdat->key) {
958 t->err = "NO_KEY";
959 return 0;
960 }
961 if (!cdat->iv && EVP_CIPHER_iv_length(cdat->cipher)) {
962 /* IV is optional and usually omitted in wrap mode */
963 if (EVP_CIPHER_mode(cdat->cipher) != EVP_CIPH_WRAP_MODE) {
964 t->err = "NO_IV";
965 return 0;
966 }
967 }
968 if (cdat->aead && !cdat->tag) {
969 t->err = "NO_TAG";
970 return 0;
971 }
9a2d2fb3
AP		 972 for (out_misalign = 0; out_misalign <= 1; out_misalign++) {
973 static char aux_err[64];
974 t->aux_err = aux_err;
ff715da4
AP		 975 for (inp_misalign = (size_t)-1; inp_misalign != 2; inp_misalign++) {
976 if (inp_misalign == (size_t)-1) {
977 /* kludge: inp_misalign == -1 means "exercise in-place" */
978 BIO_snprintf(aux_err, sizeof(aux_err), "%s in-place",
979 out_misalign ? "misaligned" : "aligned");
980 } else {
981 BIO_snprintf(aux_err, sizeof(aux_err), "%s output and %s input",
982 out_misalign ? "misaligned" : "aligned",
983 inp_misalign ? "misaligned" : "aligned");
984 }
9a2d2fb3
AP		 985 if (cdat->enc) {
986 rv = cipher_test_enc(t, 1, out_misalign, inp_misalign);
987 /* Not fatal errors: return */
988 if (rv != 1) {
989 if (rv < 0)
990 return 0;
991 return 1;
992 }
993 }
994 if (cdat->enc != 1) {
995 rv = cipher_test_enc(t, 0, out_misalign, inp_misalign);
996 /* Not fatal errors: return */
997 if (rv != 1) {
998 if (rv < 0)
999 return 0;
1000 return 1;
1001 }
1002 }
307e3978
DSH		 1003 }
1004 }
9a2d2fb3
AP		 1005 t->aux_err = NULL;
1006
307e3978 1007 return 1;
0f113f3e 1008}
307e3978
DSH		 1009
1010static const struct evp_test_method cipher_test_method = {
1011 "Cipher",
1012 cipher_test_init,
1013 cipher_test_cleanup,
1014 cipher_test_parse,
1015 cipher_test_run
1016};
83251f39
DSH		 1017
1018struct mac_data {
1019 /* MAC type */
1020 int type;
1021 /* Algorithm string for this MAC */
1022 char *alg;
1023 /* MAC key */
1024 unsigned char *key;
1025 size_t key_len;
1026 /* Input to MAC */
1027 unsigned char *input;
1028 size_t input_len;
1029 /* Expected output */
1030 unsigned char *output;
1031 size_t output_len;
1032};
1033
1034static int mac_test_init(struct evp_test *t, const char *alg)
1035{
1036 int type;
1037 struct mac_data *mdat;
b4a3aeeb 1038 if (strcmp(alg, "HMAC") == 0) {
83251f39 1039 type = EVP_PKEY_HMAC;
b4a3aeeb
MC		 1040 } else if (strcmp(alg, "CMAC") == 0) {
1041#ifndef OPENSSL_NO_CMAC
83251f39 1042 type = EVP_PKEY_CMAC;
b4a3aeeb
MC		 1043#else
1044 t->skip = 1;
1045 return 1;
1046#endif
1047 } else
83251f39
DSH		 1048 return 0;
1049
b4faea50 1050 mdat = OPENSSL_malloc(sizeof(*mdat));
83251f39
DSH		 1051 mdat->type = type;
1052 mdat->alg = NULL;
1053 mdat->key = NULL;
1054 mdat->input = NULL;
1055 mdat->output = NULL;
1056 t->data = mdat;
1057 return 1;
1058}
1059
1060static void mac_test_cleanup(struct evp_test *t)
1061{
1062 struct mac_data *mdat = t->data;
1063 test_free(mdat->alg);
1064 test_free(mdat->key);
1065 test_free(mdat->input);
1066 test_free(mdat->output);
1067}
1068
1069static int mac_test_parse(struct evp_test *t,
1070 const char *keyword, const char *value)
1071{
1072 struct mac_data *mdata = t->data;
86885c28 1073 if (strcmp(keyword, "Key") == 0)
83251f39 1074 return test_bin(value, &mdata->key, &mdata->key_len);
86885c28 1075 if (strcmp(keyword, "Algorithm") == 0) {
7644a9ae 1076 mdata->alg = OPENSSL_strdup(value);
83251f39
DSH		 1077 if (!mdata->alg)
1078 return 0;
1079 return 1;
1080 }
86885c28 1081 if (strcmp(keyword, "Input") == 0)
83251f39 1082 return test_bin(value, &mdata->input, &mdata->input_len);
86885c28 1083 if (strcmp(keyword, "Output") == 0)
83251f39
DSH		 1084 return test_bin(value, &mdata->output, &mdata->output_len);
1085 return 0;
1086}
1087
1088static int mac_test_run(struct evp_test *t)
1089{
1090 struct mac_data *mdata = t->data;
1091 const char *err = "INTERNAL_ERROR";
1092 EVP_MD_CTX *mctx = NULL;
1093 EVP_PKEY_CTX *pctx = NULL, *genctx = NULL;
1094 EVP_PKEY *key = NULL;
1095 const EVP_MD *md = NULL;
1096 unsigned char *mac = NULL;
1097 size_t mac_len;
1098
96bea000
MC		 1099#ifdef OPENSSL_NO_DES
1100 if (strstr(mdata->alg, "DES") != NULL) {
1101 /* Skip DES */
1102 err = NULL;
1103 goto err;
1104 }
1105#endif
1106
83251f39
DSH		 1107 err = "MAC_PKEY_CTX_ERROR";
1108 genctx = EVP_PKEY_CTX_new_id(mdata->type, NULL);
1109 if (!genctx)
1110 goto err;
1111
1112 err = "MAC_KEYGEN_INIT_ERROR";
1113 if (EVP_PKEY_keygen_init(genctx) <= 0)
1114 goto err;
1115 if (mdata->type == EVP_PKEY_CMAC) {
1116 err = "MAC_ALGORITHM_SET_ERROR";
1117 if (EVP_PKEY_CTX_ctrl_str(genctx, "cipher", mdata->alg) <= 0)
1118 goto err;
1119 }
1120
1121 err = "MAC_KEY_SET_ERROR";
1122 if (EVP_PKEY_CTX_set_mac_key(genctx, mdata->key, mdata->key_len) <= 0)
1123 goto err;
1124
1125 err = "MAC_KEY_GENERATE_ERROR";
1126 if (EVP_PKEY_keygen(genctx, &key) <= 0)
1127 goto err;
1128 if (mdata->type == EVP_PKEY_HMAC) {
1129 err = "MAC_ALGORITHM_SET_ERROR";
1130 md = EVP_get_digestbyname(mdata->alg);
1131 if (!md)
1132 goto err;
1133 }
bfb0641f 1134 mctx = EVP_MD_CTX_new();
83251f39
DSH		 1135 if (!mctx)
1136 goto err;
1137 err = "DIGESTSIGNINIT_ERROR";
1138 if (!EVP_DigestSignInit(mctx, &pctx, md, NULL, key))
1139 goto err;
1140
1141 err = "DIGESTSIGNUPDATE_ERROR";
1142 if (!EVP_DigestSignUpdate(mctx, mdata->input, mdata->input_len))
1143 goto err;
1144 err = "DIGESTSIGNFINAL_LENGTH_ERROR";
1145 if (!EVP_DigestSignFinal(mctx, NULL, &mac_len))
1146 goto err;
1147 mac = OPENSSL_malloc(mac_len);
1148 if (!mac) {
1149 fprintf(stderr, "Error allocating mac buffer!\n");
1150 exit(1);
1151 }
1152 if (!EVP_DigestSignFinal(mctx, mac, &mac_len))
1153 goto err;
1154 err = "MAC_LENGTH_MISMATCH";
1155 if (mac_len != mdata->output_len)
1156 goto err;
1157 err = "MAC_MISMATCH";
1158 if (check_output(t, mdata->output, mac, mac_len))
1159 goto err;
1160 err = NULL;
1161 err:
bfb0641f 1162 EVP_MD_CTX_free(mctx);
b548a1f1 1163 OPENSSL_free(mac);
c5ba2d99
RS		 1164 EVP_PKEY_CTX_free(genctx);
1165 EVP_PKEY_free(key);
83251f39
DSH		 1166 t->err = err;
1167 return 1;
1168}
1169
1170static const struct evp_test_method mac_test_method = {
1171 "MAC",
1172 mac_test_init,
1173 mac_test_cleanup,
1174 mac_test_parse,
1175 mac_test_run
1176};
5824cc29
DSH		 1177
1178/*
1179 * Public key operations. These are all very similar and can share
1180 * a lot of common code.
1181 */
1182
1183struct pkey_data {
1184 /* Context for this operation */
1185 EVP_PKEY_CTX *ctx;
1186 /* Key operation to perform */
1187 int (*keyop) (EVP_PKEY_CTX *ctx,
1188 unsigned char *sig, size_t *siglen,
1189 const unsigned char *tbs, size_t tbslen);
1190 /* Input to MAC */
1191 unsigned char *input;
1192 size_t input_len;
1193 /* Expected output */
1194 unsigned char *output;
1195 size_t output_len;
1196};
1197
1198/*
1199 * Perform public key operation setup: lookup key, allocated ctx and call
1200 * the appropriate initialisation function
1201 */
1202static int pkey_test_init(struct evp_test *t, const char *name,
1203 int use_public,
1204 int (*keyopinit) (EVP_PKEY_CTX *ctx),
1205 int (*keyop) (EVP_PKEY_CTX *ctx,
1206 unsigned char *sig, size_t *siglen,
1207 const unsigned char *tbs,
1208 size_t tbslen)
1209 )
1210{
1211 struct pkey_data *kdata;
1212 EVP_PKEY *pkey = NULL;
7a6c9792
DSH		 1213 int rv = 0;
1214 if (use_public)
1215 rv = find_key(&pkey, name, t->public);
1216 if (!rv)
1217 rv = find_key(&pkey, name, t->private);
024d681e 1218 if (!rv || pkey == NULL) {
7a6c9792
DSH		 1219 t->skip = 1;
1220 return 1;
1221 }
1222
b4faea50 1223 kdata = OPENSSL_malloc(sizeof(*kdata));
7a6c9792
DSH		 1224 if (!kdata) {
1225 EVP_PKEY_free(pkey);
5824cc29 1226 return 0;
7a6c9792 1227 }
5824cc29
DSH		 1228 kdata->ctx = NULL;
1229 kdata->input = NULL;
1230 kdata->output = NULL;
1231 kdata->keyop = keyop;
1232 t->data = kdata;
5824cc29
DSH		 1233 kdata->ctx = EVP_PKEY_CTX_new(pkey, NULL);
1234 if (!kdata->ctx)
1235 return 0;
1236 if (keyopinit(kdata->ctx) <= 0)
1237 return 0;
1238 return 1;
1239}
1240
1241static void pkey_test_cleanup(struct evp_test *t)
1242{
1243 struct pkey_data *kdata = t->data;
b548a1f1
RS		 1244
1245 OPENSSL_free(kdata->input);
1246 OPENSSL_free(kdata->output);
c5ba2d99 1247 EVP_PKEY_CTX_free(kdata->ctx);
5824cc29
DSH		 1248}
1249
dfbdf4ab
RL		 1250static int pkey_test_ctrl(struct evp_test *t, EVP_PKEY_CTX *pctx,
1251 const char *value)
4ddd5ace
DSH		 1252{
1253 int rv;
1254 char *p, *tmpval;
1255
1256 tmpval = OPENSSL_strdup(value);
1257 if (tmpval == NULL)
1258 return 0;
1259 p = strchr(tmpval, ':');
1260 if (p != NULL)
1261 *p++ = 0;
1262 rv = EVP_PKEY_CTX_ctrl_str(pctx, tmpval, p);
dfbdf4ab
RL		 1263 if (p != NULL && rv <= 0 && rv != -2) {
1264 /* If p has an OID assume disabled algorithm */
1265 if (OBJ_sn2nid(p) != NID_undef || OBJ_ln2nid(p) != NID_undef) {
1266 t->skip = 1;
1267 rv = 1;
1268 }
1269 }
4ddd5ace
DSH		 1270 OPENSSL_free(tmpval);
1271 return rv > 0;
1272}
1273
5824cc29
DSH		 1274static int pkey_test_parse(struct evp_test *t,
1275 const char *keyword, const char *value)
1276{
1277 struct pkey_data *kdata = t->data;
86885c28 1278 if (strcmp(keyword, "Input") == 0)
5824cc29 1279 return test_bin(value, &kdata->input, &kdata->input_len);
86885c28 1280 if (strcmp(keyword, "Output") == 0)
5824cc29 1281 return test_bin(value, &kdata->output, &kdata->output_len);
4ddd5ace 1282 if (strcmp(keyword, "Ctrl") == 0)
dfbdf4ab 1283 return pkey_test_ctrl(t, kdata->ctx, value);
5824cc29
DSH		 1284 return 0;
1285}
1286
1287static int pkey_test_run(struct evp_test *t)
1288{
1289 struct pkey_data *kdata = t->data;
1290 unsigned char *out = NULL;
1291 size_t out_len;
1292 const char *err = "KEYOP_LENGTH_ERROR";
1293 if (kdata->keyop(kdata->ctx, NULL, &out_len, kdata->input,
1294 kdata->input_len) <= 0)
1295 goto err;
1296 out = OPENSSL_malloc(out_len);
1297 if (!out) {
1298 fprintf(stderr, "Error allocating output buffer!\n");
1299 exit(1);
1300 }
1301 err = "KEYOP_ERROR";
1302 if (kdata->keyop
1303 (kdata->ctx, out, &out_len, kdata->input, kdata->input_len) <= 0)
1304 goto err;
1305 err = "KEYOP_LENGTH_MISMATCH";
1306 if (out_len != kdata->output_len)
1307 goto err;
1308 err = "KEYOP_MISMATCH";
1309 if (check_output(t, kdata->output, out, out_len))
1310 goto err;
1311 err = NULL;
1312 err:
b548a1f1 1313 OPENSSL_free(out);
5824cc29
DSH		 1314 t->err = err;
1315 return 1;
1316}
1317
1318static int sign_test_init(struct evp_test *t, const char *name)
1319{
1320 return pkey_test_init(t, name, 0, EVP_PKEY_sign_init, EVP_PKEY_sign);
1321}
1322
1323static const struct evp_test_method psign_test_method = {
1324 "Sign",
1325 sign_test_init,
1326 pkey_test_cleanup,
1327 pkey_test_parse,
1328 pkey_test_run
1329};
1330
1331static int verify_recover_test_init(struct evp_test *t, const char *name)
1332{
1333 return pkey_test_init(t, name, 1, EVP_PKEY_verify_recover_init,
1334 EVP_PKEY_verify_recover);
1335}
1336
1337static const struct evp_test_method pverify_recover_test_method = {
1338 "VerifyRecover",
1339 verify_recover_test_init,
1340 pkey_test_cleanup,
1341 pkey_test_parse,
1342 pkey_test_run
1343};
1344
1345static int decrypt_test_init(struct evp_test *t, const char *name)
1346{
1347 return pkey_test_init(t, name, 0, EVP_PKEY_decrypt_init,
1348 EVP_PKEY_decrypt);
1349}
1350
1351static const struct evp_test_method pdecrypt_test_method = {
1352 "Decrypt",
1353 decrypt_test_init,
1354 pkey_test_cleanup,
1355 pkey_test_parse,
1356 pkey_test_run
1357};
1358
1359static int verify_test_init(struct evp_test *t, const char *name)
1360{
1361 return pkey_test_init(t, name, 1, EVP_PKEY_verify_init, 0);
1362}
1363
1364static int verify_test_run(struct evp_test *t)
1365{
1366 struct pkey_data *kdata = t->data;
1367 if (EVP_PKEY_verify(kdata->ctx, kdata->output, kdata->output_len,
1368 kdata->input, kdata->input_len) <= 0)
1369 t->err = "VERIFY_ERROR";
1370 return 1;
1371}
1372
1373static const struct evp_test_method pverify_test_method = {
1374 "Verify",
1375 verify_test_init,
1376 pkey_test_cleanup,
1377 pkey_test_parse,
1378 verify_test_run
1379};
3b53e18a 1380
d4ad48d7
DSH		 1381
1382static int pderive_test_init(struct evp_test *t, const char *name)
1383{
1384 return pkey_test_init(t, name, 0, EVP_PKEY_derive_init, 0);
1385}
1386
1387static int pderive_test_parse(struct evp_test *t,
1388 const char *keyword, const char *value)
1389{
1390 struct pkey_data *kdata = t->data;
1391
1392 if (strcmp(keyword, "PeerKey") == 0) {
1393 EVP_PKEY *peer;
1394 if (find_key(&peer, value, t->public) == 0)
1395 return 0;
1396 if (EVP_PKEY_derive_set_peer(kdata->ctx, peer) <= 0)
1397 return 0;
1398 return 1;
1399 }
1400 if (strcmp(keyword, "SharedSecret") == 0)
1401 return test_bin(value, &kdata->output, &kdata->output_len);
4ddd5ace 1402 if (strcmp(keyword, "Ctrl") == 0)
dfbdf4ab 1403 return pkey_test_ctrl(t, kdata->ctx, value);
d4ad48d7
DSH		 1404 return 0;
1405}
1406
1407static int pderive_test_run(struct evp_test *t)
1408{
1409 struct pkey_data *kdata = t->data;
1410 unsigned char *out = NULL;
1411 size_t out_len;
1412 const char *err = "INTERNAL_ERROR";
1413
1414 out_len = kdata->output_len;
1415 out = OPENSSL_malloc(out_len);
1416 if (!out) {
1417 fprintf(stderr, "Error allocating output buffer!\n");
1418 exit(1);
1419 }
1420 err = "DERIVE_ERROR";
1421 if (EVP_PKEY_derive(kdata->ctx, out, &out_len) <= 0)
1422 goto err;
1423 err = "SHARED_SECRET_LENGTH_MISMATCH";
1424 if (out_len != kdata->output_len)
1425 goto err;
1426 err = "SHARED_SECRET_MISMATCH";
1427 if (check_output(t, kdata->output, out, out_len))
1428 goto err;
1429 err = NULL;
1430 err:
1431 OPENSSL_free(out);
1432 t->err = err;
1433 return 1;
1434}
1435
1436static const struct evp_test_method pderive_test_method = {
1437 "Derive",
1438 pderive_test_init,
1439 pkey_test_cleanup,
1440 pderive_test_parse,
1441 pderive_test_run
1442};
1443
3b53e18a
DSH		 1444/* PBE tests */
1445
1446#define PBE_TYPE_SCRYPT 1
351fe214
DSH		 1447#define PBE_TYPE_PBKDF2 2
1448#define PBE_TYPE_PKCS12 3
3b53e18a
DSH		 1449
1450struct pbe_data {
1451
1452 int pbe_type;
1453
1454 /* scrypt parameters */
1455 uint64_t N, r, p, maxmem;
1456
351fe214
DSH		 1457 /* PKCS#12 parameters */
1458 int id, iter;
1459 const EVP_MD *md;
1460
3b53e18a
DSH		 1461 /* password */
1462 unsigned char *pass;
1463 size_t pass_len;
1464
1465 /* salt */
1466 unsigned char *salt;
1467 size_t salt_len;
1468
1469 /* Expected output */
1470 unsigned char *key;
1471 size_t key_len;
1472};
1473
b0809bc8 1474#ifndef OPENSSL_NO_SCRYPT
3b53e18a
DSH		 1475static int scrypt_test_parse(struct evp_test *t,
1476 const char *keyword, const char *value)
1477{
1478 struct pbe_data *pdata = t->data;
351fe214 1479
3b53e18a
DSH		 1480 if (strcmp(keyword, "N") == 0)
1481 return test_uint64(value, &pdata->N);
1482 if (strcmp(keyword, "p") == 0)
1483 return test_uint64(value, &pdata->p);
1484 if (strcmp(keyword, "r") == 0)
1485 return test_uint64(value, &pdata->r);
1486 if (strcmp(keyword, "maxmem") == 0)
1487 return test_uint64(value, &pdata->maxmem);
1488 return 0;
1489}
b0809bc8 1490#endif
3b53e18a 1491
351fe214
DSH		 1492static int pbkdf2_test_parse(struct evp_test *t,
1493 const char *keyword, const char *value)
3b53e18a
DSH		 1494{
1495 struct pbe_data *pdata = t->data;
351fe214
DSH		 1496
1497 if (strcmp(keyword, "iter") == 0) {
1498 pdata->iter = atoi(value);
1499 if (pdata->iter <= 0)
1500 return 0;
1501 return 1;
1502 }
1503 if (strcmp(keyword, "MD") == 0) {
1504 pdata->md = EVP_get_digestbyname(value);
1505 if (pdata->md == NULL)
1506 return 0;
1507 return 1;
1508 }
1509 return 0;
1510}
1511
1512static int pkcs12_test_parse(struct evp_test *t,
1513 const char *keyword, const char *value)
1514{
1515 struct pbe_data *pdata = t->data;
1516
1517 if (strcmp(keyword, "id") == 0) {
1518 pdata->id = atoi(value);
1519 if (pdata->id <= 0)
1520 return 0;
1521 return 1;
1522 }
1523 return pbkdf2_test_parse(t, keyword, value);
3b53e18a
DSH		 1524}
1525
1526static int pbe_test_init(struct evp_test *t, const char *alg)
1527{
1528 struct pbe_data *pdat;
1529 int pbe_type = 0;
351fe214 1530
83bd31da 1531 if (strcmp(alg, "scrypt") == 0) {
b0809bc8 1532#ifndef OPENSSL_NO_SCRYPT
3b53e18a 1533 pbe_type = PBE_TYPE_SCRYPT;
83bd31da
MC		 1534#else
1535 t->skip = 1;
1536 return 1;
b0809bc8 1537#endif
83bd31da 1538 } else if (strcmp(alg, "pbkdf2") == 0) {
351fe214 1539 pbe_type = PBE_TYPE_PBKDF2;
83bd31da 1540 } else if (strcmp(alg, "pkcs12") == 0) {
351fe214 1541 pbe_type = PBE_TYPE_PKCS12;
83bd31da 1542 } else {
3b53e18a 1543 fprintf(stderr, "Unknown pbe algorithm %s\n", alg);
83bd31da 1544 }
3b53e18a
DSH		 1545 pdat = OPENSSL_malloc(sizeof(*pdat));
1546 pdat->pbe_type = pbe_type;
1547 pdat->pass = NULL;
1548 pdat->salt = NULL;
1549 pdat->N = 0;
1550 pdat->r = 0;
1551 pdat->p = 0;
1552 pdat->maxmem = 0;
351fe214
DSH		 1553 pdat->id = 0;
1554 pdat->iter = 0;
1555 pdat->md = NULL;
3b53e18a
DSH		 1556 t->data = pdat;
1557 return 1;
1558}
1559
1560static void pbe_test_cleanup(struct evp_test *t)
1561{
1562 struct pbe_data *pdat = t->data;
1563 test_free(pdat->pass);
1564 test_free(pdat->salt);
1565 test_free(pdat->key);
1566}
1567
1568static int pbe_test_parse(struct evp_test *t,
1569 const char *keyword, const char *value)
1570{
1571 struct pbe_data *pdata = t->data;
351fe214 1572
3b53e18a
DSH		 1573 if (strcmp(keyword, "Password") == 0)
1574 return test_bin(value, &pdata->pass, &pdata->pass_len);
1575 if (strcmp(keyword, "Salt") == 0)
1576 return test_bin(value, &pdata->salt, &pdata->salt_len);
1577 if (strcmp(keyword, "Key") == 0)
1578 return test_bin(value, &pdata->key, &pdata->key_len);
b0809bc8 1579 if (pdata->pbe_type == PBE_TYPE_PBKDF2)
351fe214
DSH		 1580 return pbkdf2_test_parse(t, keyword, value);
1581 else if (pdata->pbe_type == PBE_TYPE_PKCS12)
1582 return pkcs12_test_parse(t, keyword, value);
b0809bc8
RS		 1583#ifndef OPENSSL_NO_SCRYPT
1584 else if (pdata->pbe_type == PBE_TYPE_SCRYPT)
1585 return scrypt_test_parse(t, keyword, value);
1586#endif
3b53e18a
DSH		 1587 return 0;
1588}
1589
1590static int pbe_test_run(struct evp_test *t)
1591{
1592 struct pbe_data *pdata = t->data;
351fe214
DSH		 1593 const char *err = "INTERNAL_ERROR";
1594 unsigned char *key;
1595
1596 key = OPENSSL_malloc(pdata->key_len);
1597 if (!key)
1598 goto err;
1599 if (pdata->pbe_type == PBE_TYPE_PBKDF2) {
1600 err = "PBKDF2_ERROR";
1601 if (PKCS5_PBKDF2_HMAC((char *)pdata->pass, pdata->pass_len,
1602 pdata->salt, pdata->salt_len,
1603 pdata->iter, pdata->md,
1604 pdata->key_len, key) == 0)
1605 goto err;
b0809bc8 1606#ifndef OPENSSL_NO_SCRYPT
351fe214
DSH		 1607 } else if (pdata->pbe_type == PBE_TYPE_SCRYPT) {
1608 err = "SCRYPT_ERROR";
1609 if (EVP_PBE_scrypt((const char *)pdata->pass, pdata->pass_len,
1610 pdata->salt, pdata->salt_len,
1611 pdata->N, pdata->r, pdata->p, pdata->maxmem,
1612 key, pdata->key_len) == 0)
1613 goto err;
b0809bc8 1614#endif
351fe214
DSH		 1615 } else if (pdata->pbe_type == PBE_TYPE_PKCS12) {
1616 err = "PKCS12_ERROR";
1617 if (PKCS12_key_gen_uni(pdata->pass, pdata->pass_len,
1618 pdata->salt, pdata->salt_len,
1619 pdata->id, pdata->iter, pdata->key_len,
1620 key, pdata->md) == 0)
1621 goto err;
1622 }
1623 err = "KEY_MISMATCH";
1624 if (check_output(t, pdata->key, key, pdata->key_len))
1625 goto err;
1626 err = NULL;
1627 err:
1628 OPENSSL_free(key);
1629 t->err = err;
1630 return 1;
3b53e18a
DSH		 1631}
1632
1633static const struct evp_test_method pbe_test_method = {
1634 "PBE",
1635 pbe_test_init,
1636 pbe_test_cleanup,
1637 pbe_test_parse,
1638 pbe_test_run
1639};
3cdd1e94
EK		 1640
1641/* Base64 tests */
1642
1643typedef enum {
1644 BASE64_CANONICAL_ENCODING = 0,
1645 BASE64_VALID_ENCODING = 1,
1646 BASE64_INVALID_ENCODING = 2
1647} base64_encoding_type;
1648
1649struct encode_data {
1650 /* Input to encoding */
1651 unsigned char *input;
1652 size_t input_len;
1653 /* Expected output */
1654 unsigned char *output;
1655 size_t output_len;
1656 base64_encoding_type encoding;
1657};
1658
1659static int encode_test_init(struct evp_test *t, const char *encoding)
1660{
1661 struct encode_data *edata = OPENSSL_zalloc(sizeof(*edata));
1662
1663 if (strcmp(encoding, "canonical") == 0) {
1664 edata->encoding = BASE64_CANONICAL_ENCODING;
1665 } else if (strcmp(encoding, "valid") == 0) {
1666 edata->encoding = BASE64_VALID_ENCODING;
1667 } else if (strcmp(encoding, "invalid") == 0) {
1668 edata->encoding = BASE64_INVALID_ENCODING;
7644a9ae 1669 t->expected_err = OPENSSL_strdup("DECODE_ERROR");
3cdd1e94
EK		 1670 if (t->expected_err == NULL)
1671 return 0;
1672 } else {
1673 fprintf(stderr, "Bad encoding: %s. Should be one of "
1674 "{canonical, valid, invalid}\n", encoding);
1675 return 0;
1676 }
1677 t->data = edata;
1678 return 1;
1679}
1680
1681static void encode_test_cleanup(struct evp_test *t)
1682{
1683 struct encode_data *edata = t->data;
1684 test_free(edata->input);
1685 test_free(edata->output);
1686 memset(edata, 0, sizeof(*edata));
1687}
1688
1689static int encode_test_parse(struct evp_test *t,
1690 const char *keyword, const char *value)
1691{
1692 struct encode_data *edata = t->data;
1693 if (strcmp(keyword, "Input") == 0)
1694 return test_bin(value, &edata->input, &edata->input_len);
1695 if (strcmp(keyword, "Output") == 0)
1696 return test_bin(value, &edata->output, &edata->output_len);
1697 return 0;
1698}
1699
1700static int encode_test_run(struct evp_test *t)
1701{
1702 struct encode_data *edata = t->data;
1703 unsigned char *encode_out = NULL, *decode_out = NULL;
1704 int output_len, chunk_len;
1705 const char *err = "INTERNAL_ERROR";
254b26af
RL		 1706 EVP_ENCODE_CTX *decode_ctx = EVP_ENCODE_CTX_new();
1707
1708 if (decode_ctx == NULL)
1709 goto err;
3cdd1e94
EK		 1710
1711 if (edata->encoding == BASE64_CANONICAL_ENCODING) {
254b26af
RL		 1712 EVP_ENCODE_CTX *encode_ctx = EVP_ENCODE_CTX_new();
1713 if (encode_ctx == NULL)
1714 goto err;
3cdd1e94
EK		 1715 encode_out = OPENSSL_malloc(EVP_ENCODE_LENGTH(edata->input_len));
1716 if (encode_out == NULL)
1717 goto err;
1718
254b26af
RL		 1719 EVP_EncodeInit(encode_ctx);
1720 EVP_EncodeUpdate(encode_ctx, encode_out, &chunk_len,
3cdd1e94
EK		 1721 edata->input, edata->input_len);
1722 output_len = chunk_len;
1723
254b26af 1724 EVP_EncodeFinal(encode_ctx, encode_out + chunk_len, &chunk_len);
3cdd1e94
EK		 1725 output_len += chunk_len;
1726
254b26af
RL		 1727 EVP_ENCODE_CTX_free(encode_ctx);
1728
3cdd1e94
EK		 1729 if (check_var_length_output(t, edata->output, edata->output_len,
1730 encode_out, output_len)) {
1731 err = "BAD_ENCODING";
1732 goto err;
1733 }
1734 }
1735
1736 decode_out = OPENSSL_malloc(EVP_DECODE_LENGTH(edata->output_len));
1737 if (decode_out == NULL)
1738 goto err;
1739
254b26af
RL		 1740 EVP_DecodeInit(decode_ctx);
1741 if (EVP_DecodeUpdate(decode_ctx, decode_out, &chunk_len, edata->output,
3cdd1e94
EK		 1742 edata->output_len) < 0) {
1743 err = "DECODE_ERROR";
1744 goto err;
1745 }
1746 output_len = chunk_len;
1747
254b26af 1748 if (EVP_DecodeFinal(decode_ctx, decode_out + chunk_len, &chunk_len) != 1) {
3cdd1e94
EK		 1749 err = "DECODE_ERROR";
1750 goto err;
1751 }
1752 output_len += chunk_len;
1753
1754 if (edata->encoding != BASE64_INVALID_ENCODING &&
1755 check_var_length_output(t, edata->input, edata->input_len,
1756 decode_out, output_len)) {
1757 err = "BAD_DECODING";
1758 goto err;
1759 }
1760
1761 err = NULL;
1762 err:
1763 t->err = err;
1764 OPENSSL_free(encode_out);
1765 OPENSSL_free(decode_out);
254b26af 1766 EVP_ENCODE_CTX_free(decode_ctx);
3cdd1e94
EK		 1767 return 1;
1768}
1769
1770static const struct evp_test_method encode_test_method = {
1771 "Encoding",
1772 encode_test_init,
1773 encode_test_cleanup,
1774 encode_test_parse,
1775 encode_test_run,
1776};
44a284d2 1777
7d04be79 1778/* KDF operations */
44a284d2
DSH		 1779
1780struct kdf_data {
1781 /* Context for this operation */
1782 EVP_PKEY_CTX *ctx;
1783 /* Expected output */
1784 unsigned char *output;
1785 size_t output_len;
1786};
1787
1788/*
1789 * Perform public key operation setup: lookup key, allocated ctx and call
1790 * the appropriate initialisation function
1791 */
1792static int kdf_test_init(struct evp_test *t, const char *name)
1793{
1794 struct kdf_data *kdata;
1795
1796 kdata = OPENSSL_malloc(sizeof(*kdata));
1797 if (kdata == NULL)
1798 return 0;
1799 kdata->ctx = NULL;
1800 kdata->output = NULL;
1801 t->data = kdata;
1802 kdata->ctx = EVP_PKEY_CTX_new_id(OBJ_sn2nid(name), NULL);
1803 if (kdata->ctx == NULL)
1804 return 0;
1805 if (EVP_PKEY_derive_init(kdata->ctx) <= 0)
1806 return 0;
1807 return 1;
1808}
1809
1810static void kdf_test_cleanup(struct evp_test *t)
1811{
1812 struct kdf_data *kdata = t->data;
1813 OPENSSL_free(kdata->output);
1814 EVP_PKEY_CTX_free(kdata->ctx);
1815}
1816
44a284d2
DSH		 1817static int kdf_test_parse(struct evp_test *t,
1818 const char *keyword, const char *value)
1819{
1820 struct kdf_data *kdata = t->data;
1821 if (strcmp(keyword, "Output") == 0)
1822 return test_bin(value, &kdata->output, &kdata->output_len);
7d04be79 1823 if (strncmp(keyword, "Ctrl", 4) == 0)
dfbdf4ab 1824 return pkey_test_ctrl(t, kdata->ctx, value);
44a284d2
DSH		 1825 return 0;
1826}
1827
1828static int kdf_test_run(struct evp_test *t)
1829{
1830 struct kdf_data *kdata = t->data;
1831 unsigned char *out = NULL;
1832 size_t out_len = kdata->output_len;
1833 const char *err = "INTERNAL_ERROR";
1834 out = OPENSSL_malloc(out_len);
1835 if (!out) {
1836 fprintf(stderr, "Error allocating output buffer!\n");
1837 exit(1);
1838 }
1839 err = "KDF_DERIVE_ERROR";
1840 if (EVP_PKEY_derive(kdata->ctx, out, &out_len) <= 0)
1841 goto err;
1842 err = "KDF_LENGTH_MISMATCH";
1843 if (out_len != kdata->output_len)
1844 goto err;
1845 err = "KDF_MISMATCH";
1846 if (check_output(t, kdata->output, out, out_len))
1847 goto err;
1848 err = NULL;
1849 err:
1850 OPENSSL_free(out);
1851 t->err = err;
1852 return 1;
1853}
1854
1855static const struct evp_test_method kdf_test_method = {
1856 "KDF",
1857 kdf_test_init,
1858 kdf_test_cleanup,
1859 kdf_test_parse,
1860 kdf_test_run
1861};
A mirror of the official openssl repository