From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Tue, 7 Apr 2015 13:48:41 +0000 (+0200)
Subject: tests: verify the behavior of GNUTLS_E_NEED_FALLBACK
X-Git-Tag: gnutls_3_4_0~14
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=59696c1915f87e5eccd6061c0461bcaac28ebfc1;p=thirdparty%2Fgnutls.git

tests: verify the behavior of GNUTLS_E_NEED_FALLBACK
---

diff --git a/tests/slow/Makefile.am b/tests/slow/Makefile.am
index 856c0371ed..b154229879 100644
--- a/tests/slow/Makefile.am
+++ b/tests/slow/Makefile.am
@@ -45,7 +45,7 @@ cipher_override_LDFLAGS = $(NETTLE_LIBS) $(HOGWEED_LIBS) $(GMP_LIBS) $(LDADD)
 mac_override_LDFLAGS = $(NETTLE_LIBS) $(HOGWEED_LIBS) $(GMP_LIBS) $(LDADD)
 endif
 
-check_PROGRAMS = $(ctests) cipher-test cipher-override mac-override
+check_PROGRAMS = $(ctests) cipher-test cipher-override mac-override cipher-override2
 TESTS = $(ctests) test-ciphers override-ciphers
 
 EXTRA_DIST = README
diff --git a/tests/slow/cipher-override2.c b/tests/slow/cipher-override2.c
new file mode 100644
index 0000000000..1f9319f4c2
--- /dev/null
+++ b/tests/slow/cipher-override2.c
@@ -0,0 +1,161 @@
+#include <config.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <string.h>
+#include <utils.h>
+#include <stdlib.h>
+#include <gnutls/gnutls.h>
+#include <gnutls/crypto.h>
+#include <gnutls/self-test.h>
+
+#ifndef HAVE_LIBNETTLE
+int main(int argc, char **argv)
+{
+	exit(77);
+}
+#else
+
+# include <nettle/aes.h>
+# include <nettle/cbc.h>
+# include <nettle/gcm.h>
+
+/* this tests whether the API to override ciphers works sanely,
+ * when GNUTLS_E_NEED_FALLBACK is used.
+ */
+static void tls_log_func(int level, const char *str)
+{
+	fprintf(stderr, "<%d>| %s", level, str);
+}
+
+#ifndef ENABLE_SELF_CHECKS
+# define AVOID_INTERNALS
+# include "../../lib/crypto-selftests.c"
+#endif
+
+struct myaes_ctx {
+	unsigned char iv[16];
+};
+
+static int
+myaes_init(gnutls_cipher_algorithm_t algorithm, void **_ctx, int enc)
+{
+	return GNUTLS_E_NEED_FALLBACK;
+}
+
+static int
+myaes_setkey(void *_ctx, const void *userkey, size_t keysize)
+{
+	abort();
+}
+
+static int myaes_setiv(void *_ctx, const void *iv, size_t iv_size)
+{
+	abort();
+}
+
+static int
+myaes_encrypt(void *_ctx, const void *src, size_t src_size,
+	    void *dst, size_t dst_size)
+{
+	abort();
+}
+
+static int
+myaes_decrypt(void *_ctx, const void *src, size_t src_size,
+	    void *dst, size_t dst_size)
+{
+	abort();
+}
+
+static void myaes_deinit(void *_ctx)
+{
+	abort();
+}
+
+/* AES-GCM */
+struct myaes_gcm_ctx {
+	char xx[32];
+};
+
+static int
+myaes_gcm_init(gnutls_cipher_algorithm_t algorithm, void **_ctx, int enc)
+{
+	return GNUTLS_E_NEED_FALLBACK;
+}
+
+static int
+myaes_gcm_setkey(void *_ctx, const void *userkey, size_t keysize)
+{
+	abort();
+}
+
+static void myaes_gcm_deinit(void *_ctx)
+{
+	abort();
+}
+
+static int
+myaes_gcm_encrypt(void *_ctx,
+			const void *nonce, size_t nonce_size,
+			const void *auth, size_t auth_size,
+			size_t tag_size,
+			const void *plain, size_t plain_size,
+		   	void *encr, size_t encr_size)
+{
+	abort();
+}
+
+static int
+myaes_gcm_decrypt(void *_ctx,
+			const void *nonce, size_t nonce_size,
+			const void *auth, size_t auth_size,
+			size_t tag_size,
+		   	const void *encr, size_t encr_size,
+			void *plain, size_t plain_size)
+{
+	abort();
+}
+
+
+
+int main(int argc, char **argv)
+{
+	int ret;
+
+	gnutls_global_set_log_function(tls_log_func);
+	if (argc > 1)
+		gnutls_global_set_log_level(4711);
+
+	ret = gnutls_crypto_register_cipher(GNUTLS_CIPHER_AES_128_CBC, 1,
+		myaes_init,
+		myaes_setkey,
+		myaes_setiv,
+		myaes_encrypt,
+		myaes_decrypt,
+		myaes_deinit);
+	if (ret < 0) {
+		fprintf(stderr, "%d: cannot register cipher\n", __LINE__);
+		exit(1);
+	}
+
+	ret = gnutls_crypto_register_aead_cipher(GNUTLS_CIPHER_AES_128_GCM, 1,
+		myaes_gcm_init,
+		myaes_gcm_setkey,
+		myaes_gcm_encrypt,
+		myaes_gcm_decrypt,
+		myaes_gcm_deinit);
+	if (ret < 0) {
+		fprintf(stderr, "%d: cannot register cipher\n", __LINE__);
+		exit(1);
+	}
+
+	global_init();
+
+	if (gnutls_cipher_self_test(1, 0) < 0)
+		return 1;
+
+	gnutls_global_deinit();
+	return 0;
+}
+
+#endif
diff --git a/tests/slow/override-ciphers b/tests/slow/override-ciphers
index 224b1e3826..45cc8623f2 100755
--- a/tests/slow/override-ciphers
+++ b/tests/slow/override-ciphers
@@ -39,6 +39,12 @@ if test $? != 0;then
 	exit 1
 fi
 
+$VALGRIND ./cipher-override2
+if test $? != 0;then
+	echo "overriden cipher tests 3 failed"
+	exit 1
+fi
+
 GNUTLS_NO_EXPLICIT_INIT=1 $VALGRIND ./mac-override
 if test $? != 0;then
 	echo "overriden mac tests failed"