Fix cert with rsa instead of rsaEncryption as public key algorithm
[openssl.git] / test / drbg_cavs_test.c
1 /*
2  * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9
10 #include <string.h>
11 #include "internal/nelem.h"
12 #include <openssl/crypto.h>
13 #include <openssl/err.h>
14 #include <openssl/rand.h>
15 #include <openssl/obj_mac.h>
16 #include <openssl/evp.h>
17 #include <openssl/aes.h>
18 #include "../crypto/rand/rand_lcl.h"
19
20 #include "testutil.h"
21 #include "drbg_cavs_data.h"
22
23 static int app_data_index;
24
25 typedef struct test_ctx_st {
26     const unsigned char *entropy;
27     size_t entropylen;
28     int entropycnt;
29     const unsigned char *nonce;
30     size_t noncelen;
31     int noncecnt;
32 } TEST_CTX;
33
34 static size_t kat_entropy(RAND_DRBG *drbg, unsigned char **pout,
35                           int entropy, size_t min_len, size_t max_len,
36                           int prediction_resistance)
37 {
38     TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_ex_data(drbg, app_data_index);
39
40     t->entropycnt++;
41     *pout = (unsigned char *)t->entropy;
42     return t->entropylen;
43 }
44
45 static size_t kat_nonce(RAND_DRBG *drbg, unsigned char **pout,
46                         int entropy, size_t min_len, size_t max_len)
47 {
48     TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_ex_data(drbg, app_data_index);
49
50     t->noncecnt++;
51     *pout = (unsigned char *)t->nonce;
52     return t->noncelen;
53 }
54
55 /*
56  * Do a single NO_RESEED KAT:
57  *
58  * Instantiate
59  * Generate Random Bits (pr=false)
60  * Generate Random Bits (pr=false)
61  * Uninstantiate
62  *
63  * Return 0 on failure.
64  */
65 static int single_kat_no_reseed(const struct drbg_kat *td)
66 {
67     struct drbg_kat_no_reseed *data = (struct drbg_kat_no_reseed *)td->t;
68     RAND_DRBG *drbg = NULL;
69     unsigned char *buff = NULL;
70     unsigned int flags = 0;
71     int failures = 0;
72     TEST_CTX t;
73
74     if ((td->flags & USE_DF) == 0)
75         flags |= RAND_DRBG_FLAG_CTR_NO_DF;
76     if ((td->flags & USE_HMAC) != 0)
77         flags |= RAND_DRBG_FLAG_HMAC;
78
79     if (!TEST_ptr(drbg = RAND_DRBG_new(td->nid, flags, NULL)))
80         return 0;
81
82     if (!TEST_true(RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
83                                            kat_nonce, NULL))) {
84         failures++;
85         goto err;
86     }
87     memset(&t, 0, sizeof(t));
88     t.entropy = data->entropyin;
89     t.entropylen = td->entropyinlen;
90     t.nonce = data->nonce;
91     t.noncelen = td->noncelen;
92     RAND_DRBG_set_ex_data(drbg, app_data_index, &t);
93
94     buff = OPENSSL_malloc(td->retbyteslen);
95     if (buff == NULL)
96         goto err;
97
98     if (!TEST_true(RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen))
99         || !TEST_true(RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0,
100                                          data->addin1, td->addinlen))
101         || !TEST_true(RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0,
102                                          data->addin2, td->addinlen))
103         || !TEST_true(RAND_DRBG_uninstantiate(drbg))
104         || !TEST_mem_eq(data->retbytes, td->retbyteslen, buff,
105                         td->retbyteslen))
106         failures++;
107
108 err:
109     if (buff != NULL)
110         OPENSSL_free(buff);
111     if (drbg != NULL) {
112         RAND_DRBG_uninstantiate(drbg);
113         RAND_DRBG_free(drbg);
114     }
115     return failures == 0;
116 }
117
118 /*-
119  * Do a single PR_FALSE KAT:
120  *
121  * Instantiate
122  * Reseed
123  * Generate Random Bits (pr=false)
124  * Generate Random Bits (pr=false)
125  * Uninstantiate
126  *
127  * Return 0 on failure.
128  */
129 static int single_kat_pr_false(const struct drbg_kat *td)
130 {
131     struct drbg_kat_pr_false *data = (struct drbg_kat_pr_false *)td->t;
132     RAND_DRBG *drbg = NULL;
133     unsigned char *buff = NULL;
134     unsigned int flags = 0;
135     int failures = 0;
136     TEST_CTX t;
137
138     if ((td->flags & USE_DF) == 0)
139         flags |= RAND_DRBG_FLAG_CTR_NO_DF;
140     if ((td->flags & USE_HMAC) != 0)
141         flags |= RAND_DRBG_FLAG_HMAC;
142
143     if (!TEST_ptr(drbg = RAND_DRBG_new(td->nid, flags, NULL)))
144         return 0;
145
146     if (!TEST_true(RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
147                                            kat_nonce, NULL))) {
148         failures++;
149         goto err;
150     }
151     memset(&t, 0, sizeof(t));
152     t.entropy = data->entropyin;
153     t.entropylen = td->entropyinlen;
154     t.nonce = data->nonce;
155     t.noncelen = td->noncelen;
156     RAND_DRBG_set_ex_data(drbg, app_data_index, &t);
157
158     buff = OPENSSL_malloc(td->retbyteslen);
159     if (buff == NULL)
160         goto err;
161
162     if (!TEST_true(RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen)))
163         failures++;
164
165     t.entropy = data->entropyinreseed;
166     t.entropylen = td->entropyinlen;
167
168     if (!TEST_true(RAND_DRBG_reseed(drbg, data->addinreseed, td->addinlen, 0))
169         || !TEST_true(RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0,
170                                          data->addin1, td->addinlen))
171         || !TEST_true(RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0,
172                                          data->addin2, td->addinlen))
173         || !TEST_true(RAND_DRBG_uninstantiate(drbg))
174         || !TEST_mem_eq(data->retbytes, td->retbyteslen, buff,
175                         td->retbyteslen))
176         failures++;
177
178 err:
179     if (buff != NULL)
180         OPENSSL_free(buff);
181     if (drbg != NULL) {
182         RAND_DRBG_uninstantiate(drbg);
183         RAND_DRBG_free(drbg);
184     }
185     return failures == 0;
186 }
187
188 /*-
189  * Do a single PR_TRUE KAT:
190  *
191  * Instantiate
192  * Generate Random Bits (pr=true)
193  * Generate Random Bits (pr=true)
194  * Uninstantiate
195  *
196  * Return 0 on failure.
197  */
198 static int single_kat_pr_true(const struct drbg_kat *td)
199 {
200     struct drbg_kat_pr_true *data = (struct drbg_kat_pr_true *)td->t;
201     RAND_DRBG *drbg = NULL;
202     unsigned char *buff = NULL;
203     unsigned int flags = 0;
204     int failures = 0;
205     TEST_CTX t;
206
207     if ((td->flags & USE_DF) == 0)
208         flags |= RAND_DRBG_FLAG_CTR_NO_DF;
209     if ((td->flags & USE_HMAC) != 0)
210         flags |= RAND_DRBG_FLAG_HMAC;
211
212     if (!TEST_ptr(drbg = RAND_DRBG_new(td->nid, flags, NULL)))
213         return 0;
214
215     if (!TEST_true(RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
216                                            kat_nonce, NULL))) {
217         failures++;
218         goto err;
219     }
220     memset(&t, 0, sizeof(t));
221     t.nonce = data->nonce;
222     t.noncelen = td->noncelen;
223     t.entropy = data->entropyin;
224     t.entropylen = td->entropyinlen;
225     RAND_DRBG_set_ex_data(drbg, app_data_index, &t);
226
227     buff = OPENSSL_malloc(td->retbyteslen);
228     if (buff == NULL)
229         goto err;
230
231     if (!TEST_true(RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen)))
232         failures++;
233
234     t.entropy = data->entropyinpr1;
235     t.entropylen = td->entropyinlen;
236
237     if (!TEST_true(RAND_DRBG_generate(drbg, buff, td->retbyteslen, 1,
238                                       data->addin1, td->addinlen)))
239         failures++;
240
241     t.entropy = data->entropyinpr2;
242     t.entropylen = td->entropyinlen;
243
244     if (!TEST_true(RAND_DRBG_generate(drbg, buff, td->retbyteslen, 1,
245                                       data->addin2, td->addinlen))
246         || !TEST_true(RAND_DRBG_uninstantiate(drbg))
247         || !TEST_mem_eq(data->retbytes, td->retbyteslen, buff,
248                         td->retbyteslen))
249         failures++;
250
251 err:
252     if (buff != NULL)
253         OPENSSL_free(buff);
254     if (drbg != NULL) {
255         RAND_DRBG_uninstantiate(drbg);
256         RAND_DRBG_free(drbg);
257     }
258     return failures == 0;
259 }
260
261 static int test_cavs_kats(const struct drbg_kat *test[], int i)
262 {
263     const struct drbg_kat *td = test[i];
264     int rv = 0;
265
266     switch (td->type) {
267     case NO_RESEED:
268         if (!single_kat_no_reseed(td))
269             goto err;
270         break;
271     case PR_FALSE:
272         if (!single_kat_pr_false(td))
273             goto err;
274         break;
275     case PR_TRUE:
276         if (!single_kat_pr_true(td))
277             goto err;
278         break;
279     default:    /* cant happen */
280         goto err;
281     }
282     rv = 1;
283 err:
284     return rv;
285 }
286
287 static int test_cavs_ctr(int i)
288 {
289     return test_cavs_kats(drbg_ctr_test, i);
290 }
291
292 static int test_cavs_hmac(int i)
293 {
294     return test_cavs_kats(drbg_hmac_test, i);
295 }
296
297 static int test_cavs_hash(int i)
298 {
299     return test_cavs_kats(drbg_hash_test, i);
300 }
301
302 int setup_tests(void)
303 {
304     app_data_index = RAND_DRBG_get_ex_new_index(0L, NULL, NULL, NULL, NULL);
305
306     ADD_ALL_TESTS(test_cavs_ctr,  drbg_ctr_nelem);
307     ADD_ALL_TESTS(test_cavs_hmac, drbg_hmac_nelem);
308     ADD_ALL_TESTS(test_cavs_hash, drbg_hash_nelem);
309
310     return 1;
311 }