]> git.ipfire.org Git - thirdparty/openssl.git/blob - providers/fips/self_test_kats.c
projects / thirdparty / openssl.git / blob
? search:


3ccd3f66ed649941997e2a403c9c4c9307306005
[thirdparty/openssl.git] / providers / fips / self_test_kats.c
1 /*
2 * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <string.h>
11 #include <openssl/evp.h>
12 #include <openssl/kdf.h>
13 #include "internal/nelem.h"
14 #include "self_test.h"
15 #include "self_test_data.inc"
16
17 static int self_test_digest(const ST_KAT_DIGEST *t, OSSL_ST_EVENT *event,
18 OPENSSL_CTX *libctx)
19 {
20 int ok = 0;
21 unsigned char out[EVP_MAX_MD_SIZE];
22 unsigned int out_len = 0;
23 EVP_MD_CTX *ctx = EVP_MD_CTX_new();
24 EVP_MD *md = EVP_MD_fetch(libctx, t->algorithm, NULL);
25
26 SELF_TEST_EVENT_onbegin(event, OSSL_SELF_TEST_TYPE_KAT_DIGEST, t->desc);
27
28 if (ctx == NULL
29 || md == NULL
30 || !EVP_DigestInit_ex(ctx, md, NULL)
31 || !EVP_DigestUpdate(ctx, t->pt, t->pt_len)
32 || !EVP_DigestFinal(ctx, out, &out_len))
33 goto err;
34
35 /* Optional corruption */
36 SELF_TEST_EVENT_oncorrupt_byte(event, out);
37
38 if (out_len != t->expected_len
39 || memcmp(out, t->expected, out_len) != 0)
40 goto err;
41 ok = 1;
42 err:
43 SELF_TEST_EVENT_onend(event, ok);
44 EVP_MD_free(md);
45 EVP_MD_CTX_free(ctx);
46
47 return ok;
48 }
49
50 /*
51 * Helper function to setup a EVP_CipherInit
52 * Used to hide the complexity of Authenticated ciphers.
53 */
54 static int cipher_init(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
55 const ST_KAT_CIPHER *t, int enc)
56 {
57 unsigned char *in_tag = NULL;
58 int pad = 0, tmp;
59
60 /* Flag required for Key wrapping */
61 EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
62 if (t->tag == NULL) {
63 /* Use a normal cipher init */
64 return EVP_CipherInit_ex(ctx, cipher, NULL, t->key, t->iv, enc)
65 && EVP_CIPHER_CTX_set_padding(ctx, pad);
66 }
67
68 /* The authenticated cipher init */
69 if (!enc)
70 in_tag = (unsigned char *)t->tag;
71
72 return EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc)
73 && EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, t->iv_len, NULL)
74 && (in_tag == NULL
75 || EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, t->tag_len,
76 in_tag))
77 && EVP_CipherInit_ex(ctx, NULL, NULL, t->key, t->iv, enc)
78 && EVP_CIPHER_CTX_set_padding(ctx, pad)
79 && EVP_CipherUpdate(ctx, NULL, &tmp, t->aad, t->aad_len);
80 }
81
82 /* Test a single KAT for encrypt/decrypt */
83 static int self_test_cipher(const ST_KAT_CIPHER *t, OSSL_ST_EVENT *event,
84 OPENSSL_CTX *libctx)
85 {
86 int ret = 0, encrypt = 1, len, ct_len = 0, pt_len = 0;
87 EVP_CIPHER_CTX *ctx = NULL;
88 EVP_CIPHER *cipher = NULL;
89 unsigned char ct_buf[256] = { 0 };
90 unsigned char pt_buf[256] = { 0 };
91
92 SELF_TEST_EVENT_onbegin(event, OSSL_SELF_TEST_TYPE_KAT_CIPHER, t->base.desc);
93
94 ctx = EVP_CIPHER_CTX_new();
95 if (ctx == NULL)
96 goto end;
97 cipher = EVP_CIPHER_fetch(libctx, t->base.algorithm, "");
98 if (cipher == NULL)
99 goto end;
100
101 /* Encrypt plain text message */
102 if (!cipher_init(ctx, cipher, t, encrypt)
103 || !EVP_CipherUpdate(ctx, ct_buf, &len, t->base.pt, t->base.pt_len)
104 || !EVP_CipherFinal_ex(ctx, ct_buf + len, &ct_len))
105 goto end;
106
107 SELF_TEST_EVENT_oncorrupt_byte(event, ct_buf);
108 ct_len += len;
109 if (ct_len != (int)t->base.expected_len
110 || memcmp(t->base.expected, ct_buf, ct_len) != 0)
111 goto end;
112
113 if (t->tag != NULL) {
114 unsigned char tag[16] = { 0 };
115
116 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, t->tag_len, tag)
117 || memcmp(tag, t->tag, t->tag_len) != 0)
118 goto end;
119 }
120
121 if (!(cipher_init(ctx, cipher, t, !encrypt)
122 && EVP_CipherUpdate(ctx, pt_buf, &len, ct_buf, ct_len)
123 && EVP_CipherFinal_ex(ctx, pt_buf + len, &pt_len)))
124 goto end;
125 pt_len += len;
126
127 if (pt_len != (int)t->base.pt_len
128 || memcmp(pt_buf, t->base.pt, pt_len) != 0)
129 goto end;
130
131 ret = 1;
132 end:
133 EVP_CIPHER_free(cipher);
134 EVP_CIPHER_CTX_free(ctx);
135 SELF_TEST_EVENT_onend(event, ret);
136 return ret;
137 }
138
139 static int self_test_kdf(const ST_KAT_KDF *t, OSSL_ST_EVENT *event,
140 OPENSSL_CTX *libctx)
141 {
142 int ret = 0;
143 int i;
144 unsigned char out[64];
145 EVP_KDF *kdf = NULL;
146 EVP_KDF_CTX *ctx = NULL;
147 OSSL_PARAM params[16];
148 const OSSL_PARAM *settables = NULL;
149
150 SELF_TEST_EVENT_onbegin(event, OSSL_SELF_TEST_TYPE_KAT_KDF, t->desc);
151
152 kdf = EVP_KDF_fetch(libctx, t->algorithm, "");
153 ctx = EVP_KDF_CTX_new(kdf);
154 if (ctx == NULL)
155 goto end;
156
157 settables = EVP_KDF_settable_ctx_params(kdf);
158 for (i = 0; t->ctrls[i].name != NULL; ++i) {
159 if (!OSSL_PARAM_allocate_from_text(&params[i], settables,
160 t->ctrls[i].name,
161 t->ctrls[i].value,
162 strlen(t->ctrls[i].value)))
163 goto end;
164 }
165 params[i] = OSSL_PARAM_construct_end();
166 if (!EVP_KDF_CTX_set_params(ctx, params))
167 goto end;
168
169 if (t->expected_len > sizeof(out))
170 goto end;
171 if (EVP_KDF_derive(ctx, out, t->expected_len) <= 0)
172 goto end;
173
174 SELF_TEST_EVENT_oncorrupt_byte(event, out);
175
176 if (memcmp(out, t->expected, t->expected_len) != 0)
177 goto end;
178
179 ret = 1;
180 end:
181 for (i = 0; params[i].key != NULL; ++i)
182 OPENSSL_free(params[i].data);
183 EVP_KDF_free(kdf);
184 EVP_KDF_CTX_free(ctx);
185 SELF_TEST_EVENT_onend(event, ret);
186 return ret;
187 }
188
189 /*
190 * Test a data driven list of KAT's for digest algorithms.
191 * All tests are run regardless of if they fail or not.
192 * Return 0 if any test fails.
193 */
194 static int self_test_digests(OSSL_ST_EVENT *event, OPENSSL_CTX *libctx)
195 {
196 int i, ret = 1;
197
198 for (i = 0; i < (int)OSSL_NELEM(st_kat_digest_tests); ++i) {
199 if (!self_test_digest(&st_kat_digest_tests[i], event, libctx))
200 ret = 0;
201 }
202 return ret;
203 }
204
205 static int self_test_ciphers(OSSL_ST_EVENT *event, OPENSSL_CTX *libctx)
206 {
207 int i, ret = 1;
208
209 for (i = 0; i < (int)OSSL_NELEM(st_kat_cipher_tests); ++i) {
210 if (!self_test_cipher(&st_kat_cipher_tests[i], event, libctx))
211 ret = 0;
212 }
213 return ret;
214 }
215
216 static int self_test_kdfs(OSSL_ST_EVENT *event, OPENSSL_CTX *libctx)
217 {
218 int i, ret = 1;
219
220 for (i = 0; i < (int)OSSL_NELEM(st_kat_kdf_tests); ++i) {
221 if (!self_test_kdf(&st_kat_kdf_tests[i], event, libctx))
222 ret = 0;
223 }
224 return ret;
225 }
226
227 /*
228 * Run the algorithm KAT's.
229 * Return 1 is successful, otherwise return 0.
230 * This runs all the tests regardless of if any fail.
231 *
232 * TODO(3.0) Add self tests for KA, DRBG, Sign/Verify when they become available
233 */
234 int SELF_TEST_kats(OSSL_ST_EVENT *event, OPENSSL_CTX *libctx)
235 {
236 int ret = 1;
237
238 if (!self_test_digests(event, libctx))
239 ret = 0;
240 if (!self_test_ciphers(event, libctx))
241 ret = 0;
242 if (!self_test_kdfs(event, libctx))
243 ret = 0;
244
245 return ret;
246 }
A mirror of the official openssl repository