tests: verify the behavior of GNUTLS_E_NEED_FALLBACK

author Nikos Mavrogiannopoulos <nmav@redhat.com>

Tue, 7 Apr 2015 13:48:41 +0000 (15:48 +0200)

committer Nikos Mavrogiannopoulos <nmav@redhat.com>

Tue, 7 Apr 2015 13:48:41 +0000 (15:48 +0200)
author Nikos Mavrogiannopoulos <nmav@redhat.com>
Tue, 7 Apr 2015 13:48:41 +0000 (15:48 +0200)
committer Nikos Mavrogiannopoulos <nmav@redhat.com>
Tue, 7 Apr 2015 13:48:41 +0000 (15:48 +0200)
diff --git a/tests/slow/Makefile.am b/tests/slow/Makefile.am

index 856c0371ed3334e52a10d34f95b2a0b3fbe5c7e7..b15422987959847b0f85d06520042185302aee0d 100644 (file)
--- a/tests/slow/Makefile.am
+++ b/tests/slow/Makefile.am
@@ -45,7 +45,7 @@ cipher_override_LDFLAGS = $(NETTLE_LIBS) $(HOGWEED_LIBS) $(GMP_LIBS) $(LDADD)
  mac_override_LDFLAGS = $(NETTLE_LIBS) $(HOGWEED_LIBS) $(GMP_LIBS) $(LDADD)
  endif
  
-check_PROGRAMS = $(ctests) cipher-test cipher-override mac-override
+check_PROGRAMS = $(ctests) cipher-test cipher-override mac-override cipher-override2
  TESTS = $(ctests) test-ciphers override-ciphers
  
  EXTRA_DIST = README
diff --git a/tests/slow/cipher-override2.c b/tests/slow/cipher-override2.c

new file mode 100644 (file)

index 0000000..1f9319f
--- /dev/null
+++ b/tests/slow/cipher-override2.c
@@ -0,0 +1,161 @@
+#include <config.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <string.h>
+#include <utils.h>
+#include <stdlib.h>
+#include <gnutls/gnutls.h>
+#include <gnutls/crypto.h>
+#include <gnutls/self-test.h>
+
+#ifndef HAVE_LIBNETTLE
+int main(int argc, char **argv)
+{
+       exit(77);
+}
+#else
+
+# include <nettle/aes.h>
+# include <nettle/cbc.h>
+# include <nettle/gcm.h>
+
+/* this tests whether the API to override ciphers works sanely,
+ * when GNUTLS_E_NEED_FALLBACK is used.
+ */
+static void tls_log_func(int level, const char *str)
+{
+       fprintf(stderr, "<%d>| %s", level, str);
+}
+
+#ifndef ENABLE_SELF_CHECKS
+# define AVOID_INTERNALS
+# include "../../lib/crypto-selftests.c"
+#endif
+
+struct myaes_ctx {
+       unsigned char iv[16];
+};
+
+static int
+myaes_init(gnutls_cipher_algorithm_t algorithm, void **_ctx, int enc)
+{
+       return GNUTLS_E_NEED_FALLBACK;
+}
+
+static int
+myaes_setkey(void *_ctx, const void *userkey, size_t keysize)
+{
+       abort();
+}
+
+static int myaes_setiv(void *_ctx, const void *iv, size_t iv_size)
+{
+       abort();
+}
+
+static int
+myaes_encrypt(void *_ctx, const void *src, size_t src_size,
+           void *dst, size_t dst_size)
+{
+       abort();
+}
+
+static int
+myaes_decrypt(void *_ctx, const void *src, size_t src_size,
+           void *dst, size_t dst_size)
+{
+       abort();
+}
+
+static void myaes_deinit(void *_ctx)
+{
+       abort();
+}
+
+/* AES-GCM */
+struct myaes_gcm_ctx {
+       char xx[32];
+};
+
+static int
+myaes_gcm_init(gnutls_cipher_algorithm_t algorithm, void **_ctx, int enc)
+{
+       return GNUTLS_E_NEED_FALLBACK;
+}
+
+static int
+myaes_gcm_setkey(void *_ctx, const void *userkey, size_t keysize)
+{
+       abort();
+}
+
+static void myaes_gcm_deinit(void *_ctx)
+{
+       abort();
+}
+
+static int
+myaes_gcm_encrypt(void *_ctx,
+                       const void *nonce, size_t nonce_size,
+                       const void *auth, size_t auth_size,
+                       size_t tag_size,
+                       const void *plain, size_t plain_size,
+                       void *encr, size_t encr_size)
+{
+       abort();
+}
+
+static int
+myaes_gcm_decrypt(void *_ctx,
+                       const void *nonce, size_t nonce_size,
+                       const void *auth, size_t auth_size,
+                       size_t tag_size,
+                       const void *encr, size_t encr_size,
+                       void *plain, size_t plain_size)
+{
+       abort();
+}
+
+
+
+int main(int argc, char **argv)
+{
+       int ret;
+
+       gnutls_global_set_log_function(tls_log_func);
+       if (argc > 1)
+               gnutls_global_set_log_level(4711);
+
+       ret = gnutls_crypto_register_cipher(GNUTLS_CIPHER_AES_128_CBC, 1,
+               myaes_init,
+               myaes_setkey,
+               myaes_setiv,
+               myaes_encrypt,
+               myaes_decrypt,
+               myaes_deinit);
+       if (ret < 0) {
+               fprintf(stderr, "%d: cannot register cipher\n", __LINE__);
+               exit(1);
+       }
+
+       ret = gnutls_crypto_register_aead_cipher(GNUTLS_CIPHER_AES_128_GCM, 1,
+               myaes_gcm_init,
+               myaes_gcm_setkey,
+               myaes_gcm_encrypt,
+               myaes_gcm_decrypt,
+               myaes_gcm_deinit);
+       if (ret < 0) {
+               fprintf(stderr, "%d: cannot register cipher\n", __LINE__);
+               exit(1);
+       }
+
+       global_init();
+
+       if (gnutls_cipher_self_test(1, 0) < 0)
+               return 1;
+
+       gnutls_global_deinit();
+       return 0;
+}
+
+#endif
diff --git a/tests/slow/override-ciphers b/tests/slow/override-ciphers

index 224b1e382668710445c0309f015cc9f36ea615bb..45cc8623f2bfa10ac1f73856ed1821bf5e80cfc7 100755 (executable)
--- a/tests/slow/override-ciphers
+++ b/tests/slow/override-ciphers
@@ -39,6 +39,12 @@ if test $? != 0;then
         exit 1
  fi
  
+$VALGRIND ./cipher-override2
+if test $? != 0;then
+       echo "overriden cipher tests 3 failed"
+       exit 1
+fi
+
  GNUTLS_NO_EXPLICIT_INIT=1 $VALGRIND ./mac-override
  if test $? != 0;then
         echo "overriden mac tests failed"
author	Nikos Mavrogiannopoulos <nmav@redhat.com>
	Tue, 7 Apr 2015 13:48:41 +0000 (15:48 +0200)
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>
	Tue, 7 Apr 2015 13:48:41 +0000 (15:48 +0200)
tests/slow/Makefile.am		patch \| blob \| blame \| history
tests/slow/cipher-override2.c	[new file with mode: 0644]	patch \| blob
tests/slow/override-ciphers		patch \| blob \| blame \| history