Report each cipher used with CMAC tests.
authorDr. Stephen Henson <steve@openssl.org>
Thu, 14 Apr 2011 16:38:20 +0000 (16:38 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Thu, 14 Apr 2011 16:38:20 +0000 (16:38 +0000)
Only add one error to error queue if a specific test type fails.

fips/cmac/fips_cmac_selftest.c
fips/fips_test_suite.c
fips/hmac/fips_hmac_selftest.c

index 2550bc6..b307297 100644 (file)
@@ -114,39 +114,63 @@ int FIPS_selftest_cmac()
        const EVP_CIPHER *cipher;
        CMAC_CTX *ctx = CMAC_CTX_new();
        const CMAC_KAT *t;
-       int do_corrupt = 0, rv = 0;
-
-       if (!fips_post_started(FIPS_TEST_CMAC, 0, 0))
-               return 1;
-       if (!fips_post_corrupt(FIPS_TEST_CMAC, 0, NULL))
+       int subid, rv = 1;
 
        for(n=0,t=vector; n<sizeof(vector)/sizeof(vector[0]); n++,t++)
                {
                cipher = (*t->alg)();
-               CMAC_Init(ctx, t->key, t->keysize/8, cipher, 0);
-               CMAC_Update(ctx, t->msg, t->msgsize/8);
-               if (do_corrupt)
-                       CMAC_Update(ctx, t->msg, 1);
-               CMAC_Final(ctx, out, &outlen);
+               subid = M_EVP_CIPHER_nid(cipher);
+               if (!fips_post_started(FIPS_TEST_CMAC, subid, 0))
+                       continue;
+               if (!CMAC_Init(ctx, t->key, t->keysize/8, cipher, 0))
+                       {
+                       rv = -1;
+                       goto err;
+                       }
+               if (!CMAC_Update(ctx, t->msg, t->msgsize/8))
+                       {
+                       rv = -1;
+                       goto err;
+                       }
+                       
+               if (!fips_post_corrupt(FIPS_TEST_CMAC, subid, NULL))
+                       {
+                       if (!CMAC_Update(ctx, t->msg, 1))
+                               {
+                               rv = -1;
+                               goto err;
+                               }
+                       }
+               if (!CMAC_Final(ctx, out, &outlen))
+                       {
+                       rv = -1;
+                       goto err;
+                       }
                CMAC_CTX_cleanup(ctx);
 
                if(outlen < t->macsize/8 || memcmp(out,t->mac,t->macsize/8))
                        {
-                       FIPSerr(FIPS_F_FIPS_SELFTEST_CMAC,FIPS_R_SELFTEST_FAILED);
-                       goto err;
+                       fips_post_failed(FIPS_TEST_CMAC, subid, NULL);
+                       rv = 0;
                        }
+               else if (!fips_post_success(FIPS_TEST_CMAC, subid, NULL))
+                       {
+                       rv = 0;
+                       goto err;
+                       }
                }
 
-       rv = 1;
        err:
        CMAC_CTX_free(ctx);
 
-       if (rv == 0)
+       if (rv == -1)
                {
-               fips_post_failed(FIPS_TEST_CMAC, 0, NULL);
-               return 0;
+               fips_post_failed(FIPS_TEST_CMAC, subid, NULL);
+               rv = 0;
                }
+       if (!rv)
+                  FIPSerr(FIPS_F_FIPS_SELFTEST_CMAC,FIPS_R_SELFTEST_FAILED);
 
-       return fips_post_success(FIPS_TEST_CMAC, 0, NULL);
+       return rv;
        }
 #endif
index c14ecb3..6b2cdc7 100644 (file)
@@ -682,7 +682,11 @@ POST_ID id_list[] = {
        {EVP_PKEY_RSA, "RSA"},
        {EVP_PKEY_DSA, "DSA"},
        {EVP_PKEY_EC, "ECDSA"},
+       {NID_aes_128_cbc, "AES-128-CBC"},
+       {NID_aes_192_cbc, "AES-192-CBC"},
+       {NID_aes_256_cbc, "AES-256-CBC"},
        {NID_aes_128_ecb, "AES-128-ECB"},
+       {NID_des_ede3_cbc, "DES-EDE3-CBC"},
        {NID_des_ede3_ecb, "DES-EDE3-ECB"},
        {0, NULL}
 };
@@ -696,7 +700,7 @@ static const char *lookup_id(int id)
                if (n->id == id)
                        return n->name;
                }
-       sprintf(out, "ID=%d\n", id);
+       sprintf(out, "ID=%d", id);
        return out;
        }
 
@@ -741,6 +745,7 @@ static int post_cb(int op, int id, int subid, void *ex)
 
                case FIPS_TEST_CMAC:
                idstr = "CMAC";
+               exstr = lookup_id(subid);
                break;
 
                case FIPS_TEST_GCM:
@@ -873,6 +878,8 @@ int main(int argc,char **argv)
            fail_id = FIPS_TEST_DIGEST;
         } else if (!strcmp(argv[1], "hmac")) {
            fail_id = FIPS_TEST_HMAC;
+        } else if (!strcmp(argv[1], "cmac")) {
+           fail_id = FIPS_TEST_CMAC;
        } else if (!strcmp(argv[1], "drbg")) {
            FIPS_corrupt_drbg();
        } else if (!strcmp(argv[1], "rng")) {
index 34ac247..c95e73f 100644 (file)
@@ -156,11 +156,10 @@ int FIPS_selftest_hmac()
 
                if(memcmp(out,t->kaval,outlen))
                        {
-                       FIPSerr(FIPS_F_FIPS_SELFTEST_HMAC,FIPS_R_SELFTEST_FAILED);
                        fips_post_failed(FIPS_TEST_HMAC, subid, NULL);
                        rv = 0;
                        }
-               if (!fips_post_success(FIPS_TEST_HMAC, subid, NULL))
+               else if (!fips_post_success(FIPS_TEST_HMAC, subid, NULL))
                        goto err;
                }
 
@@ -171,6 +170,8 @@ int FIPS_selftest_hmac()
                fips_post_failed(FIPS_TEST_HMAC, subid, NULL);
                rv = 0;
                }
+       if (!rv)
+                  FIPSerr(FIPS_F_FIPS_SELFTEST_HMAC,FIPS_R_SELFTEST_FAILED);
        return rv;
        }
 #endif