X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=test%2Fevp_test.c;h=d924e3f6fcb801521fadd20ddf4271e5fa200a79;hp=629f23c2070531d75973771134dabfdfdb33928b;hb=e0926ef49df09a85117d7442db83f321aeb5b982;hpb=ff715da492fb82b4ea681aae64d73a6c6264218b diff --git a/test/evp_test.c b/test/evp_test.c index 629f23c207..d924e3f6fc 100644 --- a/test/evp_test.c +++ b/test/evp_test.c @@ -1,54 +1,10 @@ /* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2015 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. + * Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved. * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include @@ -67,17 +23,17 @@ static void remove_space(char **pval) { - unsigned char *p = (unsigned char *)*pval; + unsigned char *p = (unsigned char *)*pval, *beginning; while (isspace(*p)) p++; - *pval = (char *)p; + *pval = (char *)(beginning = p); p = p + strlen(*pval) - 1; /* Remove trailing space */ - while (isspace(*p)) + while (p >= beginning && isspace(*p)) *p-- = 0; } @@ -241,6 +197,8 @@ static int test_uint64(const char *value, uint64_t *pr) struct evp_test { /* file being read */ BIO *in; + /* temp memory BIO for reading in keys */ + BIO *key; /* List of public and private keys */ struct key_list *private; struct key_list *public; @@ -254,6 +212,10 @@ struct evp_test { const char *err, *aux_err; /* Expected error value of test */ char *expected_err; + /* Expected error function string */ + char *func; + /* Expected error reason string */ + char *reason; /* Number of tests */ int ntests; /* Error count */ @@ -340,6 +302,10 @@ static void free_expected(struct evp_test *t) { OPENSSL_free(t->expected_err); t->expected_err = NULL; + OPENSSL_free(t->func); + t->func = NULL; + OPENSSL_free(t->reason); + t->reason = NULL; OPENSSL_free(t->out_expected); OPENSSL_free(t->out_received); t->out_expected = NULL; @@ -361,6 +327,9 @@ static void print_expected(struct evp_test *t) static int check_test_error(struct evp_test *t) { + unsigned long err; + const char *func; + const char *reason; if (!t->err && !t->expected_err) return 1; if (t->err && !t->expected_err) { @@ -379,11 +348,44 @@ static int check_test_error(struct evp_test *t) t->start_line, t->expected_err); return 0; } - if (strcmp(t->err, t->expected_err) == 0) + + if (strcmp(t->err, t->expected_err) != 0) { + fprintf(stderr, "Test line %d: expecting %s got %s\n", + t->start_line, t->expected_err, t->err); + return 0; + } + + if (t->func == NULL && t->reason == NULL) + return 1; + + if (t->func == NULL || t->reason == NULL) { + fprintf(stderr, "Test line %d: missing function or reason code\n", + t->start_line); + return 0; + } + + err = ERR_peek_error(); + if (err == 0) { + fprintf(stderr, "Test line %d, expected error \"%s:%s\" not set\n", + t->start_line, t->func, t->reason); + return 0; + } + + func = ERR_func_error_string(err); + reason = ERR_reason_error_string(err); + + if (func == NULL && reason == NULL) { + fprintf(stderr, "Test line %d: expected error \"%s:%s\", no strings available. Skipping...\n", + t->start_line, t->func, t->reason); + return 1; + } + + if (strcmp(func, t->func) == 0 && strcmp(reason, t->reason) == 0) return 1; - fprintf(stderr, "Test line %d: expecting %s got %s\n", - t->start_line, t->expected_err, t->err); + fprintf(stderr, "Test line %d: expected error \"%s:%s\", got \"%s:%s\"\n", + t->start_line, t->func, t->reason, func, reason); + return 0; } @@ -395,25 +397,27 @@ static int setup_test(struct evp_test *t, const struct evp_test_method *tmeth) if (t->meth) { t->ntests++; if (t->skip) { - t->meth = tmeth; t->nskip++; - return 1; - } - t->err = NULL; - if (t->meth->run_test(t) != 1) { - fprintf(stderr, "%s test error line %d\n", - t->meth->name, t->start_line); - return 0; - } - if (!check_test_error(t)) { - if (t->err) - ERR_print_errors_fp(stderr); - t->errors++; + } else { + /* run the test */ + if (t->err == NULL && t->meth->run_test(t) != 1) { + fprintf(stderr, "%s test error line %d\n", + t->meth->name, t->start_line); + return 0; + } + if (!check_test_error(t)) { + if (t->err) + ERR_print_errors_fp(stderr); + t->errors++; + } } + /* clean it up */ ERR_clear_error(); - t->meth->cleanup(t); - OPENSSL_free(t->data); - t->data = NULL; + if (t->data != NULL) { + t->meth->cleanup(t); + OPENSSL_free(t->data); + t->data = NULL; + } OPENSSL_free(t->expected_err); t->expected_err = NULL; free_expected(t); @@ -457,11 +461,36 @@ static int check_unsupported() return 0; } + +static int read_key(struct evp_test *t) +{ + char tmpbuf[80]; + if (t->key == NULL) + t->key = BIO_new(BIO_s_mem()); + else if (BIO_reset(t->key) <= 0) + return 0; + if (t->key == NULL) { + fprintf(stderr, "Error allocating key memory BIO\n"); + return 0; + } + /* Read to PEM end line and place content in memory BIO */ + while (BIO_gets(t->in, tmpbuf, sizeof(tmpbuf))) { + t->line++; + if (BIO_puts(t->key, tmpbuf) <= 0) { + fprintf(stderr, "Error writing to key memory BIO\n"); + return 0; + } + if (strncmp(tmpbuf, "-----END", 8) == 0) + return 1; + } + fprintf(stderr, "Can't find key end\n"); + return 0; +} + static int process_test(struct evp_test *t, char *buf, int verbose) { char *keyword = NULL, *value = NULL; int rv = 0, add_key = 0; - long save_pos = 0; struct key_list **lst = NULL, *key = NULL; EVP_PKEY *pk = NULL; const struct evp_test_method *tmeth = NULL; @@ -470,8 +499,9 @@ static int process_test(struct evp_test *t, char *buf, int verbose) if (!parse_line(&keyword, &value, buf)) return 1; if (strcmp(keyword, "PrivateKey") == 0) { - save_pos = BIO_tell(t->in); - pk = PEM_read_bio_PrivateKey(t->in, NULL, 0, NULL); + if (!read_key(t)) + return 0; + pk = PEM_read_bio_PrivateKey(t->key, NULL, 0, NULL); if (pk == NULL && !check_unsupported()) { fprintf(stderr, "Error reading private key %s\n", value); ERR_print_errors_fp(stderr); @@ -481,8 +511,9 @@ static int process_test(struct evp_test *t, char *buf, int verbose) add_key = 1; } if (strcmp(keyword, "PublicKey") == 0) { - save_pos = BIO_tell(t->in); - pk = PEM_read_bio_PUBKEY(t->in, NULL, 0, NULL); + if (!read_key(t)) + return 0; + pk = PEM_read_bio_PUBKEY(t->key, NULL, 0, NULL); if (pk == NULL && !check_unsupported()) { fprintf(stderr, "Error reading public key %s\n", value); ERR_print_errors_fp(stderr); @@ -493,7 +524,6 @@ static int process_test(struct evp_test *t, char *buf, int verbose) } /* If we have a key add to list */ if (add_key) { - char tmpbuf[80]; if (find_key(NULL, value, *lst)) { fprintf(stderr, "Duplicate key %s\n", value); return 0; @@ -505,15 +535,7 @@ static int process_test(struct evp_test *t, char *buf, int verbose) key->key = pk; key->next = *lst; *lst = key; - /* Rewind input, read to end and update line numbers */ - (void)BIO_seek(t->in, save_pos); - while (BIO_gets(t->in,tmpbuf, sizeof(tmpbuf))) { - t->line++; - if (strncmp(tmpbuf, "-----END", 8) == 0) - return 1; - } - fprintf(stderr, "Can't find key end\n"); - return 0; + return 1; } /* See if keyword corresponds to a test start */ @@ -536,7 +558,23 @@ static int process_test(struct evp_test *t, char *buf, int verbose) return 0; } t->expected_err = OPENSSL_strdup(value); - if (!t->expected_err) + if (t->expected_err == NULL) + return 0; + } else if (strcmp(keyword, "Function") == 0) { + if (t->func != NULL) { + fprintf(stderr, "Line %d: multiple function lines\n", t->line); + return 0; + } + t->func = OPENSSL_strdup(value); + if (t->func == NULL) + return 0; + } else if (strcmp(keyword, "Reason") == 0) { + if (t->reason != NULL) { + fprintf(stderr, "Line %d: multiple reason lines\n", t->line); + return 0; + } + t->reason = OPENSSL_strdup(value); + if (t->reason == NULL) return 0; } else { /* Must be test specific line: try to parse it */ @@ -603,7 +641,12 @@ int main(int argc, char **argv) memset(&t, 0, sizeof(t)); t.start_line = -1; in = BIO_new_file(argv[1], "r"); + if (in == NULL) { + fprintf(stderr, "Can't open %s for reading\n", argv[1]); + return 1; + } t.in = in; + t.err = NULL; while (BIO_gets(in, buf, sizeof(buf))) { t.line++; if (!process_test(&t, buf, 0)) @@ -616,6 +659,7 @@ int main(int argc, char **argv) t.ntests, t.errors, t.nskip); free_key_list(t.public); free_key_list(t.private); + BIO_free(t.key); BIO_free(in); #ifndef OPENSSL_NO_CRYPTO_MDEBUG @@ -836,12 +880,12 @@ static int cipher_test_parse(struct evp_test *t, const char *keyword, } static int cipher_test_enc(struct evp_test *t, int enc, - size_t out_misalign, size_t inp_misalign) + size_t out_misalign, size_t inp_misalign, int frag) { struct cipher_data *cdat = t->data; unsigned char *in, *out, *tmp = NULL; - size_t in_len, out_len; - int tmplen, tmpflen; + size_t in_len, out_len, donelen = 0; + int tmplen, chunklen, tmpflen; EVP_CIPHER_CTX *ctx = NULL; const char *err; err = "INTERNAL_ERROR"; @@ -939,22 +983,66 @@ static int cipher_test_enc(struct evp_test *t, int enc, } } if (cdat->aad) { - if (!EVP_CipherUpdate(ctx, NULL, &tmplen, cdat->aad, cdat->aad_len)) { - err = "AAD_SET_ERROR"; - goto err; + err = "AAD_SET_ERROR"; + if (!frag) { + if (!EVP_CipherUpdate(ctx, NULL, &chunklen, cdat->aad, + cdat->aad_len)) + goto err; + } else { + /* + * Supply the AAD in chunks less than the block size where possible + */ + if (cdat->aad_len > 0) { + if (!EVP_CipherUpdate(ctx, NULL, &chunklen, cdat->aad, 1)) + goto err; + donelen++; + } + if (cdat->aad_len > 2) { + if (!EVP_CipherUpdate(ctx, NULL, &chunklen, cdat->aad + donelen, + cdat->aad_len - 2)) + goto err; + donelen += cdat->aad_len - 2; + } + if (cdat->aad_len > 1 + && !EVP_CipherUpdate(ctx, NULL, &chunklen, + cdat->aad + donelen, 1)) + goto err; } } EVP_CIPHER_CTX_set_padding(ctx, 0); err = "CIPHERUPDATE_ERROR"; - if (!EVP_CipherUpdate(ctx, tmp + out_misalign, &tmplen, in, in_len)) - goto err; - if (cdat->aead == EVP_CIPH_CCM_MODE) - tmpflen = 0; - else { - err = "CIPHERFINAL_ERROR"; - if (!EVP_CipherFinal_ex(ctx, tmp + out_misalign + tmplen, &tmpflen)) + tmplen = 0; + if (!frag) { + /* We supply the data all in one go */ + if (!EVP_CipherUpdate(ctx, tmp + out_misalign, &tmplen, in, in_len)) goto err; + } else { + /* Supply the data in chunks less than the block size where possible */ + if (in_len > 0) { + if (!EVP_CipherUpdate(ctx, tmp + out_misalign, &chunklen, in, 1)) + goto err; + tmplen += chunklen; + in++; + in_len--; + } + if (in_len > 1) { + if (!EVP_CipherUpdate(ctx, tmp + out_misalign + tmplen, &chunklen, + in, in_len - 1)) + goto err; + tmplen += chunklen; + in += in_len - 1; + in_len = 1; + } + if (in_len > 0 ) { + if (!EVP_CipherUpdate(ctx, tmp + out_misalign + tmplen, &chunklen, + in, 1)) + goto err; + tmplen += chunklen; + } } + err = "CIPHERFINAL_ERROR"; + if (!EVP_CipherFinal_ex(ctx, tmp + out_misalign + tmplen, &tmpflen)) + goto err; err = "LENGTH_MISMATCH"; if (out_len != (size_t)(tmplen + tmpflen)) goto err; @@ -988,7 +1076,7 @@ static int cipher_test_enc(struct evp_test *t, int enc, static int cipher_test_run(struct evp_test *t) { struct cipher_data *cdat = t->data; - int rv; + int rv, frag = 0; size_t out_misalign, inp_misalign; if (!cdat->key) { @@ -1006,21 +1094,25 @@ static int cipher_test_run(struct evp_test *t) t->err = "NO_TAG"; return 0; } - for (out_misalign = 0; out_misalign <= 1; out_misalign++) { + for (out_misalign = 0; out_misalign <= 1;) { static char aux_err[64]; t->aux_err = aux_err; for (inp_misalign = (size_t)-1; inp_misalign != 2; inp_misalign++) { if (inp_misalign == (size_t)-1) { /* kludge: inp_misalign == -1 means "exercise in-place" */ - BIO_snprintf(aux_err, sizeof(aux_err), "%s in-place", - out_misalign ? "misaligned" : "aligned"); + BIO_snprintf(aux_err, sizeof(aux_err), + "%s in-place, %sfragmented", + out_misalign ? "misaligned" : "aligned", + frag ? "" : "not "); } else { - BIO_snprintf(aux_err, sizeof(aux_err), "%s output and %s input", + BIO_snprintf(aux_err, sizeof(aux_err), + "%s output and %s input, %sfragmented", out_misalign ? "misaligned" : "aligned", - inp_misalign ? "misaligned" : "aligned"); + inp_misalign ? "misaligned" : "aligned", + frag ? "" : "not "); } if (cdat->enc) { - rv = cipher_test_enc(t, 1, out_misalign, inp_misalign); + rv = cipher_test_enc(t, 1, out_misalign, inp_misalign, frag); /* Not fatal errors: return */ if (rv != 1) { if (rv < 0) @@ -1029,7 +1121,7 @@ static int cipher_test_run(struct evp_test *t) } } if (cdat->enc != 1) { - rv = cipher_test_enc(t, 0, out_misalign, inp_misalign); + rv = cipher_test_enc(t, 0, out_misalign, inp_misalign, frag); /* Not fatal errors: return */ if (rv != 1) { if (rv < 0) @@ -1038,6 +1130,21 @@ static int cipher_test_run(struct evp_test *t) } } } + + if (out_misalign == 1 && frag == 0) { + /* + * XTS, CCM and Wrap modes have special requirements about input + * lengths so we don't fragment for those + */ + if (cdat->aead == EVP_CIPH_CCM_MODE + || EVP_CIPHER_mode(cdat->cipher) == EVP_CIPH_XTS_MODE + || EVP_CIPHER_mode(cdat->cipher) == EVP_CIPH_WRAP_MODE) + break; + out_misalign = 0; + frag++; + } else { + out_misalign++; + } } t->aux_err = NULL; @@ -1080,6 +1187,20 @@ static int mac_test_init(struct evp_test *t, const char *alg) #else t->skip = 1; return 1; +#endif + } else if (strcmp(alg, "Poly1305") == 0) { +#ifndef OPENSSL_NO_POLY1305 + type = EVP_PKEY_POLY1305; +#else + t->skip = 1; + return 1; +#endif + } else if (strcmp(alg, "SipHash") == 0) { +#ifndef OPENSSL_NO_SIPHASH + type = EVP_PKEY_SIPHASH; +#else + t->skip = 1; + return 1; #endif } else return 0; @@ -1134,7 +1255,7 @@ static int mac_test_run(struct evp_test *t) size_t mac_len; #ifdef OPENSSL_NO_DES - if (strstr(mdata->alg, "DES") != NULL) { + if (mdata->alg != NULL && strstr(mdata->alg, "DES") != NULL) { /* Skip DES */ err = NULL; goto err; @@ -1252,9 +1373,7 @@ static int pkey_test_init(struct evp_test *t, const char *name, rv = find_key(&pkey, name, t->public); if (!rv) rv = find_key(&pkey, name, t->private); - if (!rv) - return 0; - if (!pkey) { + if (!rv || pkey == NULL) { t->skip = 1; return 1; } @@ -1273,7 +1392,7 @@ static int pkey_test_init(struct evp_test *t, const char *name, if (!kdata->ctx) return 0; if (keyopinit(kdata->ctx) <= 0) - return 0; + t->err = "KEYOP_INIT_ERROR"; return 1; } @@ -1286,7 +1405,8 @@ static void pkey_test_cleanup(struct evp_test *t) EVP_PKEY_CTX_free(kdata->ctx); } -static int pkey_test_ctrl(EVP_PKEY_CTX *pctx, const char *value) +static int pkey_test_ctrl(struct evp_test *t, EVP_PKEY_CTX *pctx, + const char *value) { int rv; char *p, *tmpval; @@ -1298,6 +1418,23 @@ static int pkey_test_ctrl(EVP_PKEY_CTX *pctx, const char *value) if (p != NULL) *p++ = 0; rv = EVP_PKEY_CTX_ctrl_str(pctx, tmpval, p); + if (rv == -2) { + t->err = "PKEY_CTRL_INVALID"; + rv = 1; + } else if (p != NULL && rv <= 0) { + /* If p has an OID and lookup fails assume disabled algorithm */ + int nid = OBJ_sn2nid(p); + if (nid == NID_undef) + nid = OBJ_ln2nid(p); + if ((nid != NID_undef) && EVP_get_digestbynid(nid) == NULL && + EVP_get_cipherbynid(nid) == NULL) { + t->skip = 1; + rv = 1; + } else { + t->err = "PKEY_CTRL_ERROR"; + rv = 1; + } + } OPENSSL_free(tmpval); return rv > 0; } @@ -1311,7 +1448,7 @@ static int pkey_test_parse(struct evp_test *t, if (strcmp(keyword, "Output") == 0) return test_bin(value, &kdata->output, &kdata->output_len); if (strcmp(keyword, "Ctrl") == 0) - return pkey_test_ctrl(kdata->ctx, value); + return pkey_test_ctrl(t, kdata->ctx, value); return 0; } @@ -1431,7 +1568,7 @@ static int pderive_test_parse(struct evp_test *t, if (strcmp(keyword, "SharedSecret") == 0) return test_bin(value, &kdata->output, &kdata->output_len); if (strcmp(keyword, "Ctrl") == 0) - return pkey_test_ctrl(kdata->ctx, value); + return pkey_test_ctrl(t, kdata->ctx, value); return 0; } @@ -1852,7 +1989,7 @@ static int kdf_test_parse(struct evp_test *t, if (strcmp(keyword, "Output") == 0) return test_bin(value, &kdata->output, &kdata->output_len); if (strncmp(keyword, "Ctrl", 4) == 0) - return pkey_test_ctrl(kdata->ctx, value); + return pkey_test_ctrl(t, kdata->ctx, value); return 0; }