X-Git-Url: https://git.openssl.org/gitweb/?a=blobdiff_plain;f=test%2Fdhtest.c;h=e8a91f17f88e0088cfde2eed735234de49c4f74e;hb=bdea50ca802f7645774a359960e3b6ee9c352921;hp=5b2fd6795f6d9b581a6255fb6c74729c7e40ca73;hpb=9ba9d81b1c1645ed56a79b841e3fb63e5cbd7617;p=openssl.git diff --git a/test/dhtest.c b/test/dhtest.c index 5b2fd6795f..e8a91f17f8 100644 --- a/test/dhtest.c +++ b/test/dhtest.c @@ -1,7 +1,7 @@ /* - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use + * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html @@ -17,6 +17,7 @@ #include #include #include +#include #include "testutil.h" #ifndef OPENSSL_NO_DH @@ -62,6 +63,22 @@ static int dh_test(void) || !TEST_true(DH_set0_pqg(dh, p, q, g))) goto err1; + /* check fails, because p is way too small */ + if (!DH_check(dh, &i)) + goto err2; + i ^= DH_MODULUS_TOO_SMALL; + if (!TEST_false(i & DH_CHECK_P_NOT_PRIME) + || !TEST_false(i & DH_CHECK_P_NOT_SAFE_PRIME) + || !TEST_false(i & DH_UNABLE_TO_CHECK_GENERATOR) + || !TEST_false(i & DH_NOT_SUITABLE_GENERATOR) + || !TEST_false(i & DH_CHECK_Q_NOT_PRIME) + || !TEST_false(i & DH_CHECK_INVALID_Q_VALUE) + || !TEST_false(i & DH_CHECK_INVALID_J_VALUE) + || !TEST_false(i & DH_MODULUS_TOO_SMALL) + || !TEST_false(i & DH_MODULUS_TOO_LARGE) + || !TEST_false(i)) + goto err2; + /* test the combined getter for p, q, and g */ DH_get0_pqg(dh, &p2, &q2, &g2); if (!TEST_ptr_eq(p2, p) @@ -91,25 +108,12 @@ static int dh_test(void) || !TEST_ptr_eq(DH_get0_priv_key(dh), priv_key2)) goto err3; - /* now generate a key pair ... */ - if (!DH_generate_key(dh)) - goto err3; - - /* ... and check whether the private key was reused: */ - - /* test it with the combined getter for pub_key and priv_key */ - DH_get0_key(dh, &pub_key2, &priv_key2); - if (!TEST_ptr(pub_key2) - || !TEST_ptr_eq(priv_key2, priv_key)) - goto err3; - - /* test it the simple getters for pub_key and priv_key */ - if (!TEST_ptr_eq(DH_get0_pub_key(dh), pub_key2) - || !TEST_ptr_eq(DH_get0_priv_key(dh), priv_key2)) + /* now generate a key pair (expect failure since modulus is too small) */ + if (!TEST_false(DH_generate_key(dh))) goto err3; - /* check whether the public key was calculated correctly */ - TEST_uint_eq(BN_get_word(pub_key2), 3331L); + /* We'll have a stale error on the queue from the above test so clear it */ + ERR_clear_error(); /* * II) key generation @@ -120,7 +124,7 @@ static int dh_test(void) goto err3; BN_GENCB_set(_cb, &cb, NULL); if (!TEST_ptr(a = DH_new()) - || !TEST_true(DH_generate_parameters_ex(a, 64, + || !TEST_true(DH_generate_parameters_ex(a, 512, DH_GENERATOR_5, _cb))) goto err3; @@ -130,7 +134,13 @@ static int dh_test(void) if (!TEST_false(i & DH_CHECK_P_NOT_PRIME) || !TEST_false(i & DH_CHECK_P_NOT_SAFE_PRIME) || !TEST_false(i & DH_UNABLE_TO_CHECK_GENERATOR) - || !TEST_false(i & DH_NOT_SUITABLE_GENERATOR)) + || !TEST_false(i & DH_NOT_SUITABLE_GENERATOR) + || !TEST_false(i & DH_CHECK_Q_NOT_PRIME) + || !TEST_false(i & DH_CHECK_INVALID_Q_VALUE) + || !TEST_false(i & DH_CHECK_INVALID_J_VALUE) + || !TEST_false(i & DH_MODULUS_TOO_SMALL) + || !TEST_false(i & DH_MODULUS_TOO_LARGE) + || !TEST_false(i)) goto err3; DH_get0_pqg(a, &ap, NULL, &ag); @@ -179,7 +189,7 @@ static int dh_test(void) || !TEST_true((cout = DH_compute_key(cbuf, apub_key, c)) != -1)) goto err3; - if (!TEST_true(aout >= 4) + if (!TEST_true(aout >= 20) || !TEST_mem_eq(abuf, aout, bbuf, bout) || !TEST_mem_eq(abuf, aout, cbuf, cout)) goto err3; @@ -193,7 +203,7 @@ static int dh_test(void) BN_free(q); BN_free(g); err2: - /* an error occured before priv_key was assigned to dh */ + /* an error occurred before priv_key was assigned to dh */ BN_free(priv_key); err3: success: @@ -609,6 +619,63 @@ static int rfc5114_test(void) TEST_error("Test failed RFC5114 set %d\n", i + 1); return 0; } + +static int rfc7919_test(void) +{ + DH *a = NULL, *b = NULL; + const BIGNUM *apub_key = NULL, *bpub_key = NULL; + unsigned char *abuf = NULL; + unsigned char *bbuf = NULL; + int i, alen, blen, aout, bout; + int ret = 0; + + if (!TEST_ptr(a = DH_new_by_nid(NID_ffdhe2048))) + goto err; + + if (!DH_check(a, &i)) + goto err; + if (!TEST_false(i & DH_CHECK_P_NOT_PRIME) + || !TEST_false(i & DH_CHECK_P_NOT_SAFE_PRIME) + || !TEST_false(i & DH_UNABLE_TO_CHECK_GENERATOR) + || !TEST_false(i & DH_NOT_SUITABLE_GENERATOR) + || !TEST_false(i)) + goto err; + + if (!DH_generate_key(a)) + goto err; + DH_get0_key(a, &apub_key, NULL); + + /* now create another copy of the DH group for the peer */ + if (!TEST_ptr(b = DH_new_by_nid(NID_ffdhe2048))) + goto err; + + if (!DH_generate_key(b)) + goto err; + DH_get0_key(b, &bpub_key, NULL); + + alen = DH_size(a); + if (!TEST_ptr(abuf = OPENSSL_malloc(alen)) + || !TEST_true((aout = DH_compute_key(abuf, bpub_key, a)) != -1)) + goto err; + + blen = DH_size(b); + if (!TEST_ptr(bbuf = OPENSSL_malloc(blen)) + || !TEST_true((bout = DH_compute_key(bbuf, apub_key, b)) != -1)) + goto err; + + if (!TEST_true(aout >= 20) + || !TEST_mem_eq(abuf, aout, bbuf, bout)) + goto err; + + ret = 1; + + err: + OPENSSL_free(abuf); + OPENSSL_free(bbuf); + DH_free(a); + DH_free(b); + return ret; +} #endif @@ -619,6 +686,7 @@ int setup_tests(void) #else ADD_TEST(dh_test); ADD_TEST(rfc5114_test); + ADD_TEST(rfc7919_test); #endif return 1; }