test/evp_libctx_test.c

   1 /*
   2  * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the Apache License 2.0 (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 /*
  11
  12  * These tests are setup to load null into the default library context.
  13  * Any tests are expected to use the created 'libctx' to find algorithms.
  14  * The framework runs the tests twice using the 'default' provider or
  15  * 'fips' provider as inputs.
  16  */
  17
  18 /*
  19  * DSA/DH low level APIs are deprecated for public use, but still ok for
  20  * internal use.
  21  */
  22 #include "internal/deprecated.h"
  23 #include <openssl/evp.h>
  24 #include <openssl/provider.h>
  25 #include <openssl/dsa.h>
  26 #include <openssl/dh.h>
  27 #include <openssl/safestack.h>
  28 #include <openssl/x509.h>
  29 #include "testutil.h"
  30 #include "internal/nelem.h"
  31 #include "crypto/bn_dh.h"   /* _bignum_ffdhe2048_p */
  32 #include "../e_os.h"        /* strcasecmp */
  33
  34 DEFINE_STACK_OF_CSTRING()
  35
  36 static OPENSSL_CTX *libctx = NULL;
  37 static OSSL_PROVIDER *nullprov = NULL;
  38 static OSSL_PROVIDER *libprov = NULL;
  39 static STACK_OF(OPENSSL_CSTRING) *cipher_names = NULL;
  40
  41 typedef enum OPTION_choice {
  42     OPT_ERR = -1,
  43     OPT_EOF = 0,
  44     OPT_CONFIG_FILE,
  45     OPT_PROVIDER_NAME,
  46     OPT_TEST_ENUM
  47 } OPTION_CHOICE;
  48
  49 const OPTIONS *test_get_options(void)
  50 {
  51     static const OPTIONS test_options[] = {
  52         OPT_TEST_OPTIONS_DEFAULT_USAGE,
  53         { "config", OPT_CONFIG_FILE, '<',
  54           "The configuration file to use for the libctx" },
  55         { "provider", OPT_PROVIDER_NAME, 's',
  56           "The provider to load (The default value is 'default'" },
  57         { NULL }
  58     };
  59     return test_options;
  60 }
  61
  62 #ifndef OPENSSL_NO_DH
  63 static const char *getname(int id)
  64 {
  65     const char *name[] = {"p", "q", "g" };
  66
  67     if (id >= 0 && id < 3)
  68         return name[id];
  69     return "?";
  70 }
  71 #endif
  72
  73 /*
  74  * We're using some DH specific values in this test, so we skip compilation if
  75  * we're in a no-dh build.
  76  */
  77 #if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_DH)
  78
  79 static int test_dsa_param_keygen(int tstid)
  80 {
  81     int ret = 0;
  82     int expected;
  83     EVP_PKEY_CTX *gen_ctx = NULL;
  84     EVP_PKEY *pkey_parm = NULL;
  85     EVP_PKEY *pkey = NULL;
  86     DSA *dsa = NULL;
  87     int pind, qind, gind;
  88     BIGNUM *p = NULL, *q = NULL, *g = NULL;
  89
  90     /*
  91      * Just grab some fixed dh p, q, g values for testing,
  92      * these 'safe primes' should not be used normally for dsa *.
  93      */
  94     static const BIGNUM *bn[] = {
  95         &_bignum_dh2048_256_p,  &_bignum_dh2048_256_q, &_bignum_dh2048_256_g
  96     };
  97
  98     /*
  99      * These tests are using bad values for p, q, g by reusing the values.
 100      * A value of 0 uses p, 1 uses q and 2 uses g.
 101      * There are 27 different combinations, with only the 1 valid combination.
 102      */
 103     pind = tstid / 9;
 104     qind = (tstid / 3) % 3;
 105     gind = tstid % 3;
 106     expected  = (pind == 0 && qind == 1 && gind == 2);
 107
 108     TEST_note("Testing with (p, q, g) = (%s, %s, %s)\n", getname(pind),
 109               getname(qind), getname(gind));
 110
 111     if (!TEST_ptr(pkey_parm = EVP_PKEY_new())
 112         || !TEST_ptr(dsa = DSA_new())
 113         || !TEST_ptr(p = BN_dup(bn[pind]))
 114         || !TEST_ptr(q = BN_dup(bn[qind]))
 115         || !TEST_ptr(g = BN_dup(bn[gind]))
 116         || !TEST_true(DSA_set0_pqg(dsa, p, q, g)))
 117         goto err;
 118     p = q = g = NULL;
 119
 120     if (!TEST_true(EVP_PKEY_assign_DSA(pkey_parm, dsa)))
 121         goto err;
 122     dsa = NULL;
 123
 124     if (!TEST_ptr(gen_ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey_parm, NULL))
 125         || !TEST_int_gt(EVP_PKEY_keygen_init(gen_ctx), 0)
 126         || !TEST_int_eq(EVP_PKEY_keygen(gen_ctx, &pkey), expected))
 127         goto err;
 128     ret = 1;
 129 err:
 130     EVP_PKEY_free(pkey);
 131     EVP_PKEY_CTX_free(gen_ctx);
 132     EVP_PKEY_free(pkey_parm);
 133     DSA_free(dsa);
 134     BN_free(g);
 135     BN_free(q);
 136     BN_free(p);
 137     return ret;
 138 }
 139 #endif /* OPENSSL_NO_DSA */
 140
 141 #ifndef OPENSSL_NO_DH
 142 static int do_dh_param_keygen(int tstid, const BIGNUM **bn)
 143 {
 144     int ret = 0;
 145     int expected;
 146     EVP_PKEY_CTX *gen_ctx = NULL;
 147     EVP_PKEY *pkey_parm = NULL;
 148     EVP_PKEY *pkey = NULL;
 149     DH *dh = NULL;
 150     int pind, qind, gind;
 151     BIGNUM *p = NULL, *q = NULL, *g = NULL;
 152
 153     /*
 154      * These tests are using bad values for p, q, g by reusing the values.
 155      * A value of 0 uses p, 1 uses q and 2 uses g.
 156      * There are 27 different combinations, with only the 1 valid combination.
 157      */
 158     pind = tstid / 9;
 159     qind = (tstid / 3) % 3;
 160     gind = tstid % 3;
 161     expected  = (pind == 0 && qind == 1 && gind == 2);
 162
 163     TEST_note("Testing with (p, q, g) = (%s, %s, %s)", getname(pind),
 164               getname(qind), getname(gind));
 165
 166     if (!TEST_ptr(pkey_parm = EVP_PKEY_new())
 167         || !TEST_ptr(dh = DH_new())
 168         || !TEST_ptr(p = BN_dup(bn[pind]))
 169         || !TEST_ptr(q = BN_dup(bn[qind]))
 170         || !TEST_ptr(g = BN_dup(bn[gind]))
 171         || !TEST_true(DH_set0_pqg(dh, p, q, g)))
 172         goto err;
 173     p = q = g = NULL;
 174
 175     if (!TEST_true(EVP_PKEY_assign_DH(pkey_parm, dh)))
 176         goto err;
 177     dh = NULL;
 178
 179     if (!TEST_ptr(gen_ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey_parm, NULL))
 180         || !TEST_int_gt(EVP_PKEY_keygen_init(gen_ctx), 0)
 181         || !TEST_int_eq(EVP_PKEY_keygen(gen_ctx, &pkey), expected))
 182         goto err;
 183     ret = 1;
 184 err:
 185     EVP_PKEY_free(pkey);
 186     EVP_PKEY_CTX_free(gen_ctx);
 187     EVP_PKEY_free(pkey_parm);
 188     DH_free(dh);
 189     BN_free(g);
 190     BN_free(q);
 191     BN_free(p);
 192     return ret;
 193 }
 194
 195 /*
 196  * Note that we get the fips186-4 path being run for most of these cases since
 197  * the internal code will detect that the p, q, g does not match a safe prime
 198  * group (Except for when tstid = 5, which sets the correct p, q, g)
 199  */
 200 static int test_dh_safeprime_param_keygen(int tstid)
 201 {
 202     static const BIGNUM *bn[] = {
 203         &_bignum_ffdhe2048_p,  &_bignum_ffdhe2048_q, &_bignum_const_2
 204     };
 205     return do_dh_param_keygen(tstid, bn);
 206 }
 207
 208 static int dhx_cert_load(void)
 209 {
 210     int ret = 0;
 211     X509 *cert = NULL;
 212     BIO *bio = NULL;
 213
 214     static const unsigned char dhx_cert[] = {
 215         0x30,0x82,0x03,0xff,0x30,0x82,0x02,0xe7,0xa0,0x03,0x02,0x01,0x02,0x02,0x09,0x00,
 216         0xdb,0xf5,0x4d,0x22,0xa0,0x7a,0x67,0xa6,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,
 217         0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x30,0x44,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,
 218         0x04,0x06,0x13,0x02,0x55,0x4b,0x31,0x16,0x30,0x14,0x06,0x03,0x55,0x04,0x0a,0x0c,
 219         0x0d,0x4f,0x70,0x65,0x6e,0x53,0x53,0x4c,0x20,0x47,0x72,0x6f,0x75,0x70,0x31,0x1d,
 220         0x30,0x1b,0x06,0x03,0x55,0x04,0x03,0x0c,0x14,0x54,0x65,0x73,0x74,0x20,0x53,0x2f,
 221         0x4d,0x49,0x4d,0x45,0x20,0x52,0x53,0x41,0x20,0x52,0x6f,0x6f,0x74,0x30,0x1e,0x17,
 222         0x0d,0x31,0x33,0x30,0x38,0x30,0x32,0x31,0x34,0x34,0x39,0x32,0x39,0x5a,0x17,0x0d,
 223         0x32,0x33,0x30,0x36,0x31,0x31,0x31,0x34,0x34,0x39,0x32,0x39,0x5a,0x30,0x44,0x31,
 224         0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x4b,0x31,0x16,0x30,0x14,
 225         0x06,0x03,0x55,0x04,0x0a,0x0c,0x0d,0x4f,0x70,0x65,0x6e,0x53,0x53,0x4c,0x20,0x47,
 226         0x72,0x6f,0x75,0x70,0x31,0x1d,0x30,0x1b,0x06,0x03,0x55,0x04,0x03,0x0c,0x14,0x54,
 227         0x65,0x73,0x74,0x20,0x53,0x2f,0x4d,0x49,0x4d,0x45,0x20,0x45,0x45,0x20,0x44,0x48,
 228         0x20,0x23,0x31,0x30,0x82,0x01,0xb6,0x30,0x82,0x01,0x2b,0x06,0x07,0x2a,0x86,0x48,
 229         0xce,0x3e,0x02,0x01,0x30,0x82,0x01,0x1e,0x02,0x81,0x81,0x00,0xd4,0x0c,0x4a,0x0c,
 230         0x04,0x72,0x71,0x19,0xdf,0x59,0x19,0xc5,0xaf,0x44,0x7f,0xca,0x8e,0x2b,0xf0,0x09,
 231         0xf5,0xd3,0x25,0xb1,0x73,0x16,0x55,0x89,0xdf,0xfd,0x07,0xaf,0x19,0xd3,0x7f,0xd0,
 232         0x07,0xa2,0xfe,0x3f,0x5a,0xf1,0x01,0xc6,0xf8,0x2b,0xef,0x4e,0x6d,0x03,0x38,0x42,
 233         0xa1,0x37,0xd4,0x14,0xb4,0x00,0x4a,0xb1,0x86,0x5a,0x83,0xce,0xb9,0x08,0x0e,0xc1,
 234         0x99,0x27,0x47,0x8d,0x0b,0x85,0xa8,0x82,0xed,0xcc,0x0d,0xb9,0xb0,0x32,0x7e,0xdf,
 235         0xe8,0xe4,0xf6,0xf6,0xec,0xb3,0xee,0x7a,0x11,0x34,0x65,0x97,0xfc,0x1a,0xb0,0x95,
 236         0x4b,0x19,0xb9,0xa6,0x1c,0xd9,0x01,0x32,0xf7,0x35,0x7c,0x2d,0x5d,0xfe,0xc1,0x85,
 237         0x70,0x49,0xf8,0xcc,0x99,0xd0,0xbe,0xf1,0x5a,0x78,0xc8,0x03,0x02,0x81,0x80,0x69,
 238         0x00,0xfd,0x66,0xf2,0xfc,0x15,0x8b,0x09,0xb8,0xdc,0x4d,0xea,0xaa,0x79,0x55,0xf9,
 239         0xdf,0x46,0xa6,0x2f,0xca,0x2d,0x8f,0x59,0x2a,0xad,0x44,0xa3,0xc6,0x18,0x2f,0x95,
 240         0xb6,0x16,0x20,0xe3,0xd3,0xd1,0x8f,0x03,0xce,0x71,0x7c,0xef,0x3a,0xc7,0x44,0x39,
 241         0x0e,0xe2,0x1f,0xd8,0xd3,0x89,0x2b,0xe7,0x51,0xdc,0x12,0x48,0x4c,0x18,0x4d,0x99,
 242         0x12,0x06,0xe4,0x17,0x02,0x03,0x8c,0x24,0x05,0x8e,0xa6,0x85,0xf2,0x69,0x1b,0xe1,
 243         0x6a,0xdc,0xe2,0x04,0x3a,0x01,0x9d,0x64,0xbe,0xfe,0x45,0xf9,0x44,0x18,0x71,0xbd,
 244         0x2d,0x3e,0x7a,0x6f,0x72,0x7d,0x1a,0x80,0x42,0x57,0xae,0x18,0x6f,0x91,0xd6,0x61,
 245         0x03,0x8a,0x1c,0x89,0x73,0xc7,0x56,0x41,0x03,0xd3,0xf8,0xed,0x65,0xe2,0x85,0x02,
 246         0x15,0x00,0x89,0x94,0xab,0x10,0x67,0x45,0x41,0xad,0x63,0xc6,0x71,0x40,0x8d,0x6b,
 247         0x9e,0x19,0x5b,0xa4,0xc7,0xf5,0x03,0x81,0x84,0x00,0x02,0x81,0x80,0x2f,0x5b,0xde,
 248         0x72,0x02,0x36,0x6b,0x00,0x5e,0x24,0x7f,0x14,0x2c,0x18,0x52,0x42,0x97,0x4b,0xdb,
 249         0x6e,0x15,0x50,0x3c,0x45,0x3e,0x25,0xf3,0xb7,0xc5,0x6e,0xe5,0x52,0xe7,0xc4,0xfb,
 250         0xf4,0xa5,0xf0,0x39,0x12,0x7f,0xbc,0x54,0x1c,0x93,0xb9,0x5e,0xee,0xe9,0x14,0xb0,
 251         0xdf,0xfe,0xfc,0x36,0xe4,0xf2,0xaf,0xfb,0x13,0xc8,0xdf,0x18,0x94,0x1d,0x40,0xb9,
 252         0x71,0xdd,0x4c,0x9c,0xa7,0x03,0x52,0x02,0xb5,0xed,0x71,0x80,0x3e,0x23,0xda,0x28,
 253         0xe5,0xab,0xe7,0x6f,0xf2,0x0a,0x0e,0x00,0x5b,0x7d,0xc6,0x4b,0xd7,0xc7,0xb2,0xc3,
 254         0xba,0x62,0x7f,0x70,0x28,0xa0,0x9d,0x71,0x13,0x70,0xd1,0x9f,0x32,0x2f,0x3e,0xd2,
 255         0xcd,0x1b,0xa4,0xc6,0x72,0xa0,0x74,0x5d,0x71,0xef,0x03,0x43,0x6e,0xa3,0x60,0x30,
 256         0x5e,0x30,0x0c,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x02,0x30,0x00,0x30,
 257         0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01,0xff,0x04,0x04,0x03,0x02,0x05,0xe0,0x30,
 258         0x1d,0x06,0x03,0x55,0x1d,0x0e,0x04,0x16,0x04,0x14,0x0b,0x5a,0x4d,0x5f,0x7d,0x25,
 259         0xc7,0xf2,0x9d,0xc1,0xaa,0xb7,0x63,0x82,0x2f,0xfa,0x8f,0x32,0xe7,0xc0,0x30,0x1f,
 260         0x06,0x03,0x55,0x1d,0x23,0x04,0x18,0x30,0x16,0x80,0x14,0xdf,0x7e,0x5e,0x88,0x05,
 261         0x24,0x33,0x08,0xdd,0x22,0x81,0x02,0x97,0xcc,0x9a,0xb7,0xb1,0x33,0x27,0x30,0x30,
 262         0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x82,
 263         0x01,0x01,0x00,0x5a,0xf2,0x63,0xef,0xd3,0x16,0xd7,0xf5,0xaa,0xdd,0x12,0x00,0x36,
 264         0x00,0x21,0xa2,0x7b,0x08,0xd6,0x3b,0x9f,0x62,0xac,0x53,0x1f,0xed,0x4c,0xd1,0x15,
 265         0x34,0x65,0x71,0xee,0x96,0x07,0xa6,0xef,0xb2,0xde,0xd8,0xbb,0x35,0x6e,0x2c,0xe2,
 266         0xd1,0x26,0xef,0x7e,0x94,0xe2,0x88,0x51,0xa4,0x6c,0xaa,0x27,0x2a,0xd3,0xb6,0xc2,
 267         0xf7,0xea,0xc3,0x0b,0xa9,0xb5,0x28,0x37,0xa2,0x63,0x08,0xe4,0x88,0xc0,0x1b,0x16,
 268         0x1b,0xca,0xfd,0x8a,0x07,0x32,0x29,0xa7,0x53,0xb5,0x2d,0x30,0xe4,0xf5,0x16,0xc3,
 269         0xe3,0xc2,0x4c,0x30,0x5d,0x35,0x80,0x1c,0xa2,0xdb,0xe3,0x4b,0x51,0x0d,0x4c,0x60,
 270         0x5f,0xb9,0x46,0xac,0xa8,0x46,0xa7,0x32,0xa7,0x9c,0x76,0xf8,0xe9,0xb5,0x19,0xe2,
 271         0x0c,0xe1,0x0f,0xc6,0x46,0xe2,0x38,0xa7,0x87,0x72,0x6d,0x6c,0xbc,0x88,0x2f,0x9d,
 272         0x2d,0xe5,0xd0,0x7d,0x1e,0xc7,0x5d,0xf8,0x7e,0xb4,0x0b,0xa6,0xf9,0x6c,0xe3,0x7c,
 273         0xb2,0x70,0x6e,0x75,0x9b,0x1e,0x63,0xe1,0x4d,0xb2,0x81,0xd3,0x55,0x38,0x94,0x1a,
 274         0x7a,0xfa,0xbf,0x01,0x18,0x70,0x2d,0x35,0xd3,0xe3,0x10,0x7a,0x9a,0xa7,0x8f,0xf3,
 275         0xbd,0x56,0x55,0x5e,0xd8,0xbd,0x4e,0x16,0x76,0xd0,0x48,0x4c,0xf9,0x51,0x54,0xdf,
 276         0x2d,0xb0,0xc9,0xaa,0x5e,0x42,0x38,0x50,0xbf,0x0f,0xc0,0xd9,0x84,0x44,0x4b,0x42,
 277         0x24,0xec,0x14,0xa3,0xde,0x11,0xdf,0x58,0x7f,0xc2,0x4d,0xb2,0xd5,0x42,0x78,0x6e,
 278         0x52,0x3e,0xad,0xc3,0x5f,0x04,0xc4,0xe6,0x31,0xaa,0x81,0x06,0x8b,0x13,0x4b,0x3c,
 279         0x0e,0x6a,0xb1
 280     };
 281
 282     if (!TEST_ptr(bio = BIO_new_mem_buf(dhx_cert, sizeof(dhx_cert)))
 283         || !TEST_ptr(cert = X509_new_with_libctx(libctx, NULL))
 284         || !TEST_ptr(d2i_X509_bio(bio, &cert)))
 285         goto err;
 286     ret = 1;
 287 err:
 288     X509_free(cert);
 289     BIO_free(bio);
 290     return ret;
 291 }
 292
 293 #endif /* OPENSSL_NO_DH */
 294
 295 static int test_cipher_reinit(int test_id)
 296 {
 297     int ret = 0, out1_len = 0, out2_len = 0, diff, ccm;
 298     EVP_CIPHER *cipher = NULL;
 299     EVP_CIPHER_CTX *ctx = NULL;
 300     unsigned char out1[256];
 301     unsigned char out2[256];
 302     unsigned char in[16] = {
 303         0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
 304         0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10
 305     };
 306     unsigned char key[64] = {
 307         0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
 308         0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
 309         0x01, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
 310         0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
 311         0x02, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
 312         0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
 313         0x03, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
 314         0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
 315     };
 316     unsigned char iv[16] = {
 317         0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
 318         0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00
 319     };
 320     const char *name = sk_OPENSSL_CSTRING_value(cipher_names, test_id);
 321
 322     if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new()))
 323         goto err;
 324
 325     TEST_note("Fetching %s\n", name);
 326     if (!TEST_ptr(cipher = EVP_CIPHER_fetch(libctx, name, NULL)))
 327         goto err;
 328
 329     /* ccm fails on the second update - this matches OpenSSL 1_1_1 behaviour */
 330     ccm = (EVP_CIPHER_mode(cipher) == EVP_CIPH_CCM_MODE);
 331
 332     /* DES3-WRAP uses random every update - so it will give a different value */
 333     diff = EVP_CIPHER_is_a(cipher, "DES3-WRAP");
 334
 335     if (!TEST_true(EVP_EncryptInit_ex(ctx, cipher, NULL, key, iv))
 336         || !TEST_true(EVP_EncryptUpdate(ctx, out1, &out1_len, in, sizeof(in)))
 337         || !TEST_true(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv))
 338         || !TEST_int_eq(EVP_EncryptUpdate(ctx, out2, &out2_len, in, sizeof(in)),
 339                         ccm ? 0 : 1))
 340         goto err;
 341
 342     if (ccm == 0) {
 343         if (diff) {
 344             if (!TEST_mem_ne(out1, out1_len, out2, out2_len))
 345                 goto err;
 346         } else {
 347             if (!TEST_mem_eq(out1, out1_len, out2, out2_len))
 348                 goto err;
 349         }
 350     }
 351     ret = 1;
 352 err:
 353     EVP_CIPHER_free(cipher);
 354     EVP_CIPHER_CTX_free(ctx);
 355     return ret;
 356 }
 357
 358 /*
 359  * This test only uses a partial block (half the block size) of input for each
 360  * EVP_EncryptUpdate() in order to test that the second init/update is not using
 361  * a leftover buffer from the first init/update.
 362  * Note: some ciphers don't need a full block to produce output.
 363  */
 364 static int test_cipher_reinit_partialupdate(int test_id)
 365 {
 366     int ret = 0, out1_len = 0, out2_len = 0, in_len;
 367     EVP_CIPHER *cipher = NULL;
 368     EVP_CIPHER_CTX *ctx = NULL;
 369     unsigned char out1[256];
 370     unsigned char out2[256];
 371     static const unsigned char in[32] = {
 372         0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
 373         0xba, 0xbe, 0xba, 0xbe, 0x00, 0x00, 0xba, 0xbe,
 374         0x01, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
 375         0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
 376     };
 377     static const unsigned char key[64] = {
 378         0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
 379         0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
 380         0x01, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
 381         0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
 382         0x02, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
 383         0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
 384         0x03, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
 385         0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
 386     };
 387     static const unsigned char iv[16] = {
 388         0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
 389         0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00
 390     };
 391     const char *name = sk_OPENSSL_CSTRING_value(cipher_names, test_id);
 392
 393     if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new()))
 394         goto err;
 395
 396     TEST_note("Fetching %s\n", name);
 397     if (!TEST_ptr(cipher = EVP_CIPHER_fetch(libctx, name, NULL)))
 398         goto err;
 399
 400     in_len = EVP_CIPHER_block_size(cipher) / 2;
 401
 402     /* skip any ciphers that don't allow partial updates */
 403     if (((EVP_CIPHER_flags(cipher)
 404           & (EVP_CIPH_FLAG_CTS | EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) != 0)
 405         || EVP_CIPHER_mode(cipher) == EVP_CIPH_CCM_MODE
 406         || EVP_CIPHER_mode(cipher) == EVP_CIPH_XTS_MODE
 407         || EVP_CIPHER_mode(cipher) == EVP_CIPH_WRAP_MODE) {
 408         ret = 1;
 409         goto err;
 410     }
 411
 412     if (!TEST_true(EVP_EncryptInit_ex(ctx, cipher, NULL, key, iv))
 413         || !TEST_true(EVP_EncryptUpdate(ctx, out1, &out1_len, in, in_len))
 414         || !TEST_true(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv))
 415         || !TEST_true(EVP_EncryptUpdate(ctx, out2, &out2_len, in, in_len)))
 416         goto err;
 417
 418     /* DES3-WRAP uses random every update - so it will give a different value */
 419     if (EVP_CIPHER_is_a(cipher, "DES3-WRAP")) {
 420         if (!TEST_mem_ne(out1, out1_len, out2, out2_len))
 421             goto err;
 422     } else {
 423         if (!TEST_mem_eq(out1, out1_len, out2, out2_len))
 424             goto err;
 425     }
 426     ret = 1;
 427 err:
 428     EVP_CIPHER_free(cipher);
 429     EVP_CIPHER_CTX_free(ctx);
 430     return ret;
 431 }
 432
 433
 434 static int name_cmp(const char * const *a, const char * const *b)
 435 {
 436     return strcasecmp(*a, *b);
 437 }
 438
 439 static void collect_cipher_names(EVP_CIPHER *cipher, void *cipher_names_list)
 440 {
 441     STACK_OF(OPENSSL_CSTRING) *names = cipher_names_list;
 442
 443     sk_OPENSSL_CSTRING_push(names, EVP_CIPHER_name(cipher));
 444 }
 445
 446 int setup_tests(void)
 447 {
 448     const char *prov_name = "default";
 449     char *config_file = NULL;
 450     OPTION_CHOICE o;
 451
 452     while ((o = opt_next()) != OPT_EOF) {
 453         switch (o) {
 454         case OPT_PROVIDER_NAME:
 455             prov_name = opt_arg();
 456             break;
 457         case OPT_CONFIG_FILE:
 458             config_file = opt_arg();
 459             break;
 460         case OPT_TEST_CASES:
 461            break;
 462         default:
 463         case OPT_ERR:
 464             return 0;
 465         }
 466     }
 467
 468     nullprov = OSSL_PROVIDER_load(NULL, "null");
 469     if (!TEST_ptr(nullprov))
 470         return 0;
 471
 472     libctx = OPENSSL_CTX_new();
 473
 474     if (!TEST_ptr(libctx))
 475         return 0;
 476
 477     if (config_file != NULL) {
 478         if (!TEST_true(OPENSSL_CTX_load_config(libctx, config_file)))
 479             return 0;
 480     }
 481
 482     libprov = OSSL_PROVIDER_load(libctx, prov_name);
 483     if (!TEST_ptr(libprov))
 484         return 0;
 485
 486 #if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_DH)
 487     ADD_ALL_TESTS(test_dsa_param_keygen, 3 * 3 * 3);
 488 #endif
 489 #ifndef OPENSSL_NO_DH
 490     ADD_ALL_TESTS(test_dh_safeprime_param_keygen, 3 * 3 * 3);
 491     ADD_TEST(dhx_cert_load);
 492 #endif
 493
 494     if (!TEST_ptr(cipher_names = sk_OPENSSL_CSTRING_new(name_cmp)))
 495         return 0;
 496     EVP_CIPHER_do_all_provided(libctx, collect_cipher_names, cipher_names);
 497
 498     ADD_ALL_TESTS(test_cipher_reinit, sk_OPENSSL_CSTRING_num(cipher_names));
 499     ADD_ALL_TESTS(test_cipher_reinit_partialupdate,
 500                   sk_OPENSSL_CSTRING_num(cipher_names));
 501     return 1;
 502 }
 503
 504 void cleanup_tests(void)
 505 {
 506     sk_OPENSSL_CSTRING_free(cipher_names);
 507     OSSL_PROVIDER_unload(libprov);
 508     OPENSSL_CTX_free(libctx);
 509     OSSL_PROVIDER_unload(nullprov);
 510 }