X-Git-Url: https://git.openssl.org/gitweb/?a=blobdiff_plain;f=test%2Fdhtest.c;h=224b1fdee87cb685783454c11c821be801630ec9;hb=9c812014c84c10419f39183e9aa7dd57b29edbcc;hp=35bd298a870bcd0f89bfc6d5269e2471c87bce9c;hpb=b196e7d936fb377d9c5b305748ac25ff0e53ef6d;p=openssl.git diff --git a/test/dhtest.c b/test/dhtest.c index 35bd298a87..224b1fdee8 100644 --- a/test/dhtest.c +++ b/test/dhtest.c @@ -1,4 +1,3 @@ -/* crypto/dh/dhtest.c */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -86,36 +85,32 @@ static int run_rfc5114_tests(void); int main(int argc, char *argv[]) { - BN_GENCB *_cb; + BN_GENCB *_cb = NULL; DH *a = NULL; DH *b = NULL; - char buf[12]; - unsigned char *abuf = NULL, *bbuf = NULL; - int i, alen, blen, aout, bout, ret = 1; - BIO *out; - - CRYPTO_malloc_debug_init(); - CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL); + char buf[12] = {0}; + unsigned char *abuf = NULL; + unsigned char *bbuf = NULL; + int i, alen, blen, aout, bout; + int ret = 1; + BIO *out = NULL; + + CRYPTO_set_mem_debug(1); CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); -# ifdef OPENSSL_SYS_WIN32 - CRYPTO_malloc_init(); -# endif - RAND_seed(rnd_seed, sizeof rnd_seed); out = BIO_new(BIO_s_file()); if (out == NULL) EXIT(1); - BIO_set_fp(out, stdout, BIO_NOCLOSE); + BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT); _cb = BN_GENCB_new(); - if (!_cb) + if (_cb == NULL) goto err; BN_GENCB_set(_cb, &cb, out); - if (((a = DH_new()) == NULL) || !DH_generate_parameters_ex(a, 64, - DH_GENERATOR_5, - _cb)) + if (((a = DH_new()) == NULL) + || (!DH_generate_parameters_ex(a, 64, DH_GENERATOR_5, _cb))) goto err; if (!DH_check(a, &i)) @@ -166,6 +161,9 @@ int main(int argc, char *argv[]) alen = DH_size(a); abuf = OPENSSL_malloc(alen); + if (abuf == NULL) + goto err; + aout = DH_compute_key(abuf, b->pub_key, a); BIO_puts(out, "key1 ="); @@ -177,6 +175,9 @@ int main(int argc, char *argv[]) blen = DH_size(b); bbuf = OPENSSL_malloc(blen); + if (bbuf == NULL) + goto err; + bout = DH_compute_key(bbuf, a->pub_key, b); BIO_puts(out, "key2 ="); @@ -195,14 +196,11 @@ int main(int argc, char *argv[]) err: ERR_print_errors_fp(stderr); - if (abuf != NULL) - OPENSSL_free(abuf); - if (bbuf != NULL) - OPENSSL_free(bbuf); + OPENSSL_free(abuf); + OPENSSL_free(bbuf); DH_free(b); DH_free(a); - if (_cb) - BN_GENCB_free(_cb); + BN_GENCB_free(_cb); BIO_free(out); # ifdef OPENSSL_SYS_NETWARE if (ret) @@ -456,6 +454,31 @@ static const unsigned char dhtest_2048_256_Z[] = { 0xC2, 0x6C, 0x5D, 0x7C }; +static const unsigned char dhtest_rfc5114_2048_224_bad_y[] = { + 0x45, 0x32, 0x5F, 0x51, 0x07, 0xE5, 0xDF, 0x1C, 0xD6, 0x02, 0x82, 0xB3, + 0x32, 0x8F, 0xA4, 0x0F, 0x87, 0xB8, 0x41, 0xFE, 0xB9, 0x35, 0xDE, 0xAD, + 0xC6, 0x26, 0x85, 0xB4, 0xFF, 0x94, 0x8C, 0x12, 0x4C, 0xBF, 0x5B, 0x20, + 0xC4, 0x46, 0xA3, 0x26, 0xEB, 0xA4, 0x25, 0xB7, 0x68, 0x8E, 0xCC, 0x67, + 0xBA, 0xEA, 0x58, 0xD0, 0xF2, 0xE9, 0xD2, 0x24, 0x72, 0x60, 0xDA, 0x88, + 0x18, 0x9C, 0xE0, 0x31, 0x6A, 0xAD, 0x50, 0x6D, 0x94, 0x35, 0x8B, 0x83, + 0x4A, 0x6E, 0xFA, 0x48, 0x73, 0x0F, 0x83, 0x87, 0xFF, 0x6B, 0x66, 0x1F, + 0xA8, 0x82, 0xC6, 0x01, 0xE5, 0x80, 0xB5, 0xB0, 0x52, 0xD0, 0xE9, 0xD8, + 0x72, 0xF9, 0x7D, 0x5B, 0x8B, 0xA5, 0x4C, 0xA5, 0x25, 0x95, 0x74, 0xE2, + 0x7A, 0x61, 0x4E, 0xA7, 0x8F, 0x12, 0xE2, 0xD2, 0x9D, 0x8C, 0x02, 0x70, + 0x34, 0x44, 0x32, 0xC7, 0xB2, 0xF3, 0xB9, 0xFE, 0x17, 0x2B, 0xD6, 0x1F, + 0x8B, 0x7E, 0x4A, 0xFA, 0xA3, 0xB5, 0x3E, 0x7A, 0x81, 0x9A, 0x33, 0x66, + 0x62, 0xA4, 0x50, 0x18, 0x3E, 0xA2, 0x5F, 0x00, 0x07, 0xD8, 0x9B, 0x22, + 0xE4, 0xEC, 0x84, 0xD5, 0xEB, 0x5A, 0xF3, 0x2A, 0x31, 0x23, 0xD8, 0x44, + 0x22, 0x2A, 0x8B, 0x37, 0x44, 0xCC, 0xC6, 0x87, 0x4B, 0xBE, 0x50, 0x9D, + 0x4A, 0xC4, 0x8E, 0x45, 0xCF, 0x72, 0x4D, 0xC0, 0x89, 0xB3, 0x72, 0xED, + 0x33, 0x2C, 0xBC, 0x7F, 0x16, 0x39, 0x3B, 0xEB, 0xD2, 0xDD, 0xA8, 0x01, + 0x73, 0x84, 0x62, 0xB9, 0x29, 0xD2, 0xC9, 0x51, 0x32, 0x9E, 0x7A, 0x6A, + 0xCF, 0xC1, 0x0A, 0xDB, 0x0E, 0xE0, 0x62, 0x77, 0x6F, 0x59, 0x62, 0x72, + 0x5A, 0x69, 0xA6, 0x5B, 0x70, 0xCA, 0x65, 0xC4, 0x95, 0x6F, 0x9A, 0xC2, + 0xDF, 0x72, 0x6D, 0xB1, 0x1E, 0x54, 0x7B, 0x51, 0xB4, 0xEF, 0x7F, 0x89, + 0x93, 0x74, 0x89, 0x59 +}; + typedef struct { DH *(*get_param) (void); const unsigned char *xA; @@ -488,14 +511,19 @@ static const rfc5114_td rfctd[] = { static int run_rfc5114_tests(void) { int i; - for (i = 0; i < (int)(sizeof(rfctd) / sizeof(rfc5114_td)); i++) { - DH *dhA, *dhB; - unsigned char *Z1 = NULL, *Z2 = NULL; - const rfc5114_td *td = rfctd + i; + DH *dhA = NULL; + DH *dhB = NULL; + unsigned char *Z1 = NULL; + unsigned char *Z2 = NULL; + const rfc5114_td *td = NULL; + BIGNUM *bady = NULL; + + for (i = 0; i < (int)OSSL_NELEM(rfctd); i++) { + td = rfctd + i; /* Set up DH structures setting key components */ dhA = td->get_param(); dhB = td->get_param(); - if (!dhA || !dhB) + if ((dhA == NULL) || (dhB == NULL)) goto bad_err; dhA->priv_key = BN_bin2bn(td->xA, td->xA_len, NULL); @@ -504,8 +532,8 @@ static int run_rfc5114_tests(void) dhB->priv_key = BN_bin2bn(td->xB, td->xB_len, NULL); dhB->pub_key = BN_bin2bn(td->yB, td->yB_len, NULL); - if (!dhA->priv_key || !dhA->pub_key - || !dhB->priv_key || !dhB->pub_key) + if ((dhA->priv_key == NULL) || (dhA->pub_key == NULL) + || (dhB->priv_key == NULL) || (dhB->pub_key == NULL)) goto bad_err; if ((td->Z_len != (size_t)DH_size(dhA)) @@ -514,13 +542,15 @@ static int run_rfc5114_tests(void) Z1 = OPENSSL_malloc(DH_size(dhA)); Z2 = OPENSSL_malloc(DH_size(dhB)); + if ((Z1 == NULL) || (Z2 == NULL)) + goto bad_err; /* * Work out shared secrets using both sides and compare with expected * values. */ - if (!DH_compute_key(Z1, dhB->pub_key, dhA)) + if (DH_compute_key(Z1, dhB->pub_key, dhA) == -1) goto bad_err; - if (!DH_compute_key(Z2, dhA->pub_key, dhB)) + if (DH_compute_key(Z2, dhA->pub_key, dhB) == -1) goto bad_err; if (memcmp(Z1, td->Z, td->Z_len)) @@ -534,14 +564,63 @@ static int run_rfc5114_tests(void) DH_free(dhB); OPENSSL_free(Z1); OPENSSL_free(Z2); + dhA = NULL; + dhB = NULL; + Z1 = NULL; + Z2 = NULL; + } + /* Now i == OSSL_NELEM(rfctd) */ + /* RFC5114 uses unsafe primes, so now test an invalid y value */ + dhA = DH_get_2048_224(); + if (dhA == NULL) + goto bad_err; + Z1 = OPENSSL_malloc(DH_size(dhA)); + if (Z1 == NULL) + goto bad_err; + + bady = BN_bin2bn(dhtest_rfc5114_2048_224_bad_y, + sizeof(dhtest_rfc5114_2048_224_bad_y), NULL); + if (bady == NULL) + goto bad_err; + + if (!DH_generate_key(dhA)) + goto bad_err; + + if (DH_compute_key(Z1, bady, dhA) != -1) { + /* + * DH_compute_key should fail with -1. If we get here we unexpectedly + * allowed an invalid y value + */ + goto err; } + /* We'll have a stale error on the queue from the above test so clear it */ + ERR_clear_error(); + + printf("RFC5114 parameter test %d OK\n", i + 1); + + BN_free(bady); + DH_free(dhA); + OPENSSL_free(Z1); + return 1; bad_err: + BN_free(bady); + DH_free(dhA); + DH_free(dhB); + OPENSSL_free(Z1); + OPENSSL_free(Z2); + fprintf(stderr, "Initalisation error RFC5114 set %d\n", i + 1); ERR_print_errors_fp(stderr); return 0; err: + BN_free(bady); + DH_free(dhA); + DH_free(dhB); + OPENSSL_free(Z1); + OPENSSL_free(Z2); + fprintf(stderr, "Test failed RFC5114 set %d\n", i + 1); return 0; }