/*
- * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2020-2024 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
}
#endif
+static int test_evp_cipher_api_safety(void)
+{
+ int ret = 0;
+ EVP_CIPHER_CTX *ctx = NULL;
+
+ ctx = EVP_CIPHER_CTX_new();
+
+ if (!TEST_ptr(ctx))
+ goto err;
+
+ /*
+ * Ensure that EVP_CIPHER_get_block_size returns 0
+ * if we haven't initialized the cipher in this context
+ */
+ if (!TEST_int_eq(EVP_CIPHER_CTX_get_block_size(ctx), 0))
+ goto err_free;
+
+ /*
+ * Ensure that EVP_CIPHER_get_iv_length returns 0
+ * if we haven't initialized the cipher in this context
+ */
+ if (!TEST_int_eq(EVP_CIPHER_CTX_get_iv_length(ctx), 0))
+ goto err_free;
+
+ ret = 1;
+err_free:
+ EVP_CIPHER_CTX_free(ctx);
+err:
+ return ret;
+}
+
/*
* We're using some DH specific values in this test, so we skip compilation if
* we're in a no-dh build.
0x03, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
};
- unsigned char iv[16] = {
+ unsigned char iv[48] = {
+ 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
+ 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
+ 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
+ 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00
};
0x03, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
};
- static const unsigned char iv[16] = {
+ static const unsigned char iv[48] = {
+ 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
+ 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
+ 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
+ 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00
};
if (!TEST_ptr(cipher = EVP_CIPHER_fetch(libctx, name, NULL)))
goto err;
- in_len = EVP_CIPHER_get_block_size(cipher) / 2;
+ in_len = EVP_CIPHER_get_block_size(cipher);
+ if (!TEST_int_gt(in_len, 0))
+ goto err;
+ if (in_len > 1)
+ in_len /= 2;
/* skip any ciphers that don't allow partial updates */
if (((EVP_CIPHER_get_flags(cipher)
|| !TEST_true(EVP_EncryptUpdate(ctx, out2, &out2_len, in, in_len)))
goto err;
- if (!TEST_mem_eq(out1, out1_len, out2, out2_len))
- goto err;
+ if (EVP_CIPHER_get_iv_length(cipher) != 0)
+ if (!TEST_mem_eq(out1, out1_len, out2, out2_len))
+ goto err;
if (EVP_CIPHER_get_mode(cipher) != EVP_CIPH_SIV_MODE) {
if (!TEST_true(EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv))
|| !TEST_true(EVP_EncryptUpdate(ctx, out3, &out3_len, in, in_len)))
goto err;
- if (!TEST_mem_eq(out1, out1_len, out3, out3_len))
- goto err;
+ if (EVP_CIPHER_get_iv_length(cipher) != 0)
+ if (!TEST_mem_eq(out1, out1_len, out3, out3_len))
+ goto err;
}
ret = 1;
err:
&& TEST_int_ne(EVP_CIPHER_get_flags(tdes_cipher) & EVP_CIPH_RAND_KEY, 0)
&& TEST_ptr(ctx = EVP_CIPHER_CTX_new())
&& TEST_true(EVP_CipherInit_ex(ctx, tdes_cipher, NULL, NULL, NULL, 1))
- && TEST_true(EVP_CIPHER_CTX_rand_key(ctx, key));
+ && TEST_int_gt(EVP_CIPHER_CTX_rand_key(ctx, key), 0);
EVP_CIPHER_CTX_free(ctx);
EVP_CIPHER_free(tdes_cipher);
if (!test_get_libctx(&libctx, &nullprov, config_file, &libprov, prov_name))
return 0;
+ ADD_TEST(test_evp_cipher_api_safety);
+
#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_DH)
ADD_ALL_TESTS(test_dsa_param_keygen, 3 * 3 * 3);
#endif