2
0

evp_test.c 69 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340234123422343234423452346234723482349235023512352235323542355235623572358235923602361236223632364236523662367236823692370237123722373237423752376237723782379238023812382238323842385238623872388238923902391239223932394239523962397239823992400240124022403240424052406240724082409241024112412241324142415241624172418241924202421242224232424242524262427242824292430243124322433243424352436243724382439244024412442244324442445244624472448244924502451245224532454245524562457245824592460246124622463246424652466246724682469247024712472247324742475247624772478247924802481248224832484248524862487248824892490249124922493249424952496249724982499250025012502250325042505250625072508250925102511251225132514251525162517251825192520252125222523252425252526252725282529253025312532253325342535253625372538253925402541254225432544254525462547254825492550255125522553255425552556255725582559256025612562256325642565256625672568256925702571257225732574257525762577257825792580258125822583258425852586258725882589259025912592259325942595259625972598259926002601260226032604260526062607260826092610261126122613261426152616261726182619262026212622262326242625262626272628262926302631263226332634263526362637
  1. /*
  2. * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the OpenSSL license (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include <string.h>
  11. #include <stdlib.h>
  12. #include <ctype.h>
  13. #include <openssl/evp.h>
  14. #include <openssl/pem.h>
  15. #include <openssl/err.h>
  16. #include <openssl/x509v3.h>
  17. #include <openssl/pkcs12.h>
  18. #include <openssl/kdf.h>
  19. #include "internal/numbers.h"
  20. #include "testutil.h"
  21. #include "evp_test.h"
  22. typedef struct evp_test_method_st EVP_TEST_METHOD;
  23. /*
  24. * Structure holding test information
  25. */
  26. typedef struct evp_test_st {
  27. STANZA s; /* Common test stanza */
  28. char *name;
  29. int skip; /* Current test should be skipped */
  30. const EVP_TEST_METHOD *meth; /* method for this test */
  31. const char *err, *aux_err; /* Error string for test */
  32. char *expected_err; /* Expected error value of test */
  33. char *func; /* Expected error function string */
  34. char *reason; /* Expected error reason string */
  35. void *data; /* test specific data */
  36. } EVP_TEST;
  37. /*
  38. * Test method structure
  39. */
  40. struct evp_test_method_st {
  41. /* Name of test as it appears in file */
  42. const char *name;
  43. /* Initialise test for "alg" */
  44. int (*init) (EVP_TEST * t, const char *alg);
  45. /* Clean up method */
  46. void (*cleanup) (EVP_TEST * t);
  47. /* Test specific name value pair processing */
  48. int (*parse) (EVP_TEST * t, const char *name, const char *value);
  49. /* Run the test itself */
  50. int (*run_test) (EVP_TEST * t);
  51. };
  52. /*
  53. * Linked list of named keys.
  54. */
  55. typedef struct key_list_st {
  56. char *name;
  57. EVP_PKEY *key;
  58. struct key_list_st *next;
  59. } KEY_LIST;
  60. /*
  61. * List of public and private keys
  62. */
  63. static KEY_LIST *private_keys;
  64. static KEY_LIST *public_keys;
  65. static int find_key(EVP_PKEY **ppk, const char *name, KEY_LIST *lst);
  66. static int parse_bin(const char *value, unsigned char **buf, size_t *buflen);
  67. /*
  68. * Structure used to hold a list of blocks of memory to test
  69. * calls to "update" like functions.
  70. */
  71. struct evp_test_buffer_st {
  72. unsigned char *buf;
  73. size_t buflen;
  74. size_t count;
  75. int count_set;
  76. };
  77. static void evp_test_buffer_free(EVP_TEST_BUFFER *db)
  78. {
  79. if (db != NULL) {
  80. OPENSSL_free(db->buf);
  81. OPENSSL_free(db);
  82. }
  83. }
  84. /*
  85. * append buffer to a list
  86. */
  87. static int evp_test_buffer_append(const char *value,
  88. STACK_OF(EVP_TEST_BUFFER) **sk)
  89. {
  90. EVP_TEST_BUFFER *db = NULL;
  91. if (!TEST_ptr(db = OPENSSL_malloc(sizeof(*db))))
  92. goto err;
  93. if (!parse_bin(value, &db->buf, &db->buflen))
  94. goto err;
  95. db->count = 1;
  96. db->count_set = 0;
  97. if (*sk == NULL && !TEST_ptr(*sk = sk_EVP_TEST_BUFFER_new_null()))
  98. goto err;
  99. if (!sk_EVP_TEST_BUFFER_push(*sk, db))
  100. goto err;
  101. return 1;
  102. err:
  103. evp_test_buffer_free(db);
  104. return 0;
  105. }
  106. /*
  107. * replace last buffer in list with copies of itself
  108. */
  109. static int evp_test_buffer_ncopy(const char *value,
  110. STACK_OF(EVP_TEST_BUFFER) *sk)
  111. {
  112. EVP_TEST_BUFFER *db;
  113. unsigned char *tbuf, *p;
  114. size_t tbuflen;
  115. int ncopy = atoi(value);
  116. int i;
  117. if (ncopy <= 0)
  118. return 0;
  119. if (sk == NULL || sk_EVP_TEST_BUFFER_num(sk) == 0)
  120. return 0;
  121. db = sk_EVP_TEST_BUFFER_value(sk, sk_EVP_TEST_BUFFER_num(sk) - 1);
  122. tbuflen = db->buflen * ncopy;
  123. if (!TEST_ptr(tbuf = OPENSSL_malloc(tbuflen)))
  124. return 0;
  125. for (i = 0, p = tbuf; i < ncopy; i++, p += db->buflen)
  126. memcpy(p, db->buf, db->buflen);
  127. OPENSSL_free(db->buf);
  128. db->buf = tbuf;
  129. db->buflen = tbuflen;
  130. return 1;
  131. }
  132. /*
  133. * set repeat count for last buffer in list
  134. */
  135. static int evp_test_buffer_set_count(const char *value,
  136. STACK_OF(EVP_TEST_BUFFER) *sk)
  137. {
  138. EVP_TEST_BUFFER *db;
  139. int count = atoi(value);
  140. if (count <= 0)
  141. return 0;
  142. if (sk == NULL || sk_EVP_TEST_BUFFER_num(sk) == 0)
  143. return 0;
  144. db = sk_EVP_TEST_BUFFER_value(sk, sk_EVP_TEST_BUFFER_num(sk) - 1);
  145. if (db->count_set != 0)
  146. return 0;
  147. db->count = (size_t)count;
  148. db->count_set = 1;
  149. return 1;
  150. }
  151. /*
  152. * call "fn" with each element of the list in turn
  153. */
  154. static int evp_test_buffer_do(STACK_OF(EVP_TEST_BUFFER) *sk,
  155. int (*fn)(void *ctx,
  156. const unsigned char *buf,
  157. size_t buflen),
  158. void *ctx)
  159. {
  160. int i;
  161. for (i = 0; i < sk_EVP_TEST_BUFFER_num(sk); i++) {
  162. EVP_TEST_BUFFER *tb = sk_EVP_TEST_BUFFER_value(sk, i);
  163. size_t j;
  164. for (j = 0; j < tb->count; j++) {
  165. if (fn(ctx, tb->buf, tb->buflen) <= 0)
  166. return 0;
  167. }
  168. }
  169. return 1;
  170. }
  171. /*
  172. * Unescape some sequences in string literals (only \n for now).
  173. * Return an allocated buffer, set |out_len|. If |input_len|
  174. * is zero, get an empty buffer but set length to zero.
  175. */
  176. static unsigned char* unescape(const char *input, size_t input_len,
  177. size_t *out_len)
  178. {
  179. unsigned char *ret, *p;
  180. size_t i;
  181. if (input_len == 0) {
  182. *out_len = 0;
  183. return OPENSSL_zalloc(1);
  184. }
  185. /* Escaping is non-expanding; over-allocate original size for simplicity. */
  186. if (!TEST_ptr(ret = p = OPENSSL_malloc(input_len)))
  187. return NULL;
  188. for (i = 0; i < input_len; i++) {
  189. if (*input == '\\') {
  190. if (i == input_len - 1 || *++input != 'n') {
  191. TEST_error("Bad escape sequence in file");
  192. goto err;
  193. }
  194. *p++ = '\n';
  195. i++;
  196. input++;
  197. } else {
  198. *p++ = *input++;
  199. }
  200. }
  201. *out_len = p - ret;
  202. return ret;
  203. err:
  204. OPENSSL_free(ret);
  205. return NULL;
  206. }
  207. /*
  208. * For a hex string "value" convert to a binary allocated buffer.
  209. * Return 1 on success or 0 on failure.
  210. */
  211. static int parse_bin(const char *value, unsigned char **buf, size_t *buflen)
  212. {
  213. long len;
  214. /* Check for NULL literal */
  215. if (strcmp(value, "NULL") == 0) {
  216. *buf = NULL;
  217. *buflen = 0;
  218. return 1;
  219. }
  220. /* Check for empty value */
  221. if (*value == '\0') {
  222. /*
  223. * Don't return NULL for zero length buffer. This is needed for
  224. * some tests with empty keys: HMAC_Init_ex() expects a non-NULL key
  225. * buffer even if the key length is 0, in order to detect key reset.
  226. */
  227. *buf = OPENSSL_malloc(1);
  228. if (*buf == NULL)
  229. return 0;
  230. **buf = 0;
  231. *buflen = 0;
  232. return 1;
  233. }
  234. /* Check for string literal */
  235. if (value[0] == '"') {
  236. size_t vlen = strlen(++value);
  237. if (vlen == 0 || value[vlen - 1] != '"')
  238. return 0;
  239. vlen--;
  240. *buf = unescape(value, vlen, buflen);
  241. return *buf == NULL ? 0 : 1;
  242. }
  243. /* Otherwise assume as hex literal and convert it to binary buffer */
  244. if (!TEST_ptr(*buf = OPENSSL_hexstr2buf(value, &len))) {
  245. TEST_info("Can't convert %s", value);
  246. TEST_openssl_errors();
  247. return -1;
  248. }
  249. /* Size of input buffer means we'll never overflow */
  250. *buflen = len;
  251. return 1;
  252. }
  253. /**
  254. *** MESSAGE DIGEST TESTS
  255. **/
  256. typedef struct digest_data_st {
  257. /* Digest this test is for */
  258. const EVP_MD *digest;
  259. /* Input to digest */
  260. STACK_OF(EVP_TEST_BUFFER) *input;
  261. /* Expected output */
  262. unsigned char *output;
  263. size_t output_len;
  264. } DIGEST_DATA;
  265. static int digest_test_init(EVP_TEST *t, const char *alg)
  266. {
  267. DIGEST_DATA *mdat;
  268. const EVP_MD *digest;
  269. if ((digest = EVP_get_digestbyname(alg)) == NULL) {
  270. /* If alg has an OID assume disabled algorithm */
  271. if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) {
  272. t->skip = 1;
  273. return 1;
  274. }
  275. return 0;
  276. }
  277. if (!TEST_ptr(mdat = OPENSSL_zalloc(sizeof(*mdat))))
  278. return 0;
  279. t->data = mdat;
  280. mdat->digest = digest;
  281. return 1;
  282. }
  283. static void digest_test_cleanup(EVP_TEST *t)
  284. {
  285. DIGEST_DATA *mdat = t->data;
  286. sk_EVP_TEST_BUFFER_pop_free(mdat->input, evp_test_buffer_free);
  287. OPENSSL_free(mdat->output);
  288. }
  289. static int digest_test_parse(EVP_TEST *t,
  290. const char *keyword, const char *value)
  291. {
  292. DIGEST_DATA *mdata = t->data;
  293. if (strcmp(keyword, "Input") == 0)
  294. return evp_test_buffer_append(value, &mdata->input);
  295. if (strcmp(keyword, "Output") == 0)
  296. return parse_bin(value, &mdata->output, &mdata->output_len);
  297. if (strcmp(keyword, "Count") == 0)
  298. return evp_test_buffer_set_count(value, mdata->input);
  299. if (strcmp(keyword, "Ncopy") == 0)
  300. return evp_test_buffer_ncopy(value, mdata->input);
  301. return 0;
  302. }
  303. static int digest_update_fn(void *ctx, const unsigned char *buf, size_t buflen)
  304. {
  305. return EVP_DigestUpdate(ctx, buf, buflen);
  306. }
  307. static int digest_test_run(EVP_TEST *t)
  308. {
  309. DIGEST_DATA *expected = t->data;
  310. EVP_MD_CTX *mctx;
  311. unsigned char *got = NULL;
  312. unsigned int got_len;
  313. t->err = "TEST_FAILURE";
  314. if (!TEST_ptr(mctx = EVP_MD_CTX_new()))
  315. goto err;
  316. got = OPENSSL_malloc(expected->output_len > EVP_MAX_MD_SIZE ?
  317. expected->output_len : EVP_MAX_MD_SIZE);
  318. if (!TEST_ptr(got))
  319. goto err;
  320. if (!EVP_DigestInit_ex(mctx, expected->digest, NULL)) {
  321. t->err = "DIGESTINIT_ERROR";
  322. goto err;
  323. }
  324. if (!evp_test_buffer_do(expected->input, digest_update_fn, mctx)) {
  325. t->err = "DIGESTUPDATE_ERROR";
  326. goto err;
  327. }
  328. if (EVP_MD_flags(expected->digest) & EVP_MD_FLAG_XOF) {
  329. got_len = expected->output_len;
  330. if (!EVP_DigestFinalXOF(mctx, got, got_len)) {
  331. t->err = "DIGESTFINALXOF_ERROR";
  332. goto err;
  333. }
  334. } else {
  335. if (!EVP_DigestFinal(mctx, got, &got_len)) {
  336. t->err = "DIGESTFINAL_ERROR";
  337. goto err;
  338. }
  339. }
  340. if (!TEST_int_eq(expected->output_len, got_len)) {
  341. t->err = "DIGEST_LENGTH_MISMATCH";
  342. goto err;
  343. }
  344. if (!TEST_mem_eq(expected->output, expected->output_len, got, got_len)) {
  345. t->err = "DIGEST_MISMATCH";
  346. goto err;
  347. }
  348. t->err = NULL;
  349. err:
  350. OPENSSL_free(got);
  351. EVP_MD_CTX_free(mctx);
  352. return 1;
  353. }
  354. static const EVP_TEST_METHOD digest_test_method = {
  355. "Digest",
  356. digest_test_init,
  357. digest_test_cleanup,
  358. digest_test_parse,
  359. digest_test_run
  360. };
  361. /**
  362. *** CIPHER TESTS
  363. **/
  364. typedef struct cipher_data_st {
  365. const EVP_CIPHER *cipher;
  366. int enc;
  367. /* EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE or EVP_CIPH_OCB_MODE if AEAD */
  368. int aead;
  369. unsigned char *key;
  370. size_t key_len;
  371. unsigned char *iv;
  372. size_t iv_len;
  373. unsigned char *plaintext;
  374. size_t plaintext_len;
  375. unsigned char *ciphertext;
  376. size_t ciphertext_len;
  377. /* GCM, CCM only */
  378. unsigned char *aad;
  379. size_t aad_len;
  380. unsigned char *tag;
  381. size_t tag_len;
  382. } CIPHER_DATA;
  383. static int cipher_test_init(EVP_TEST *t, const char *alg)
  384. {
  385. const EVP_CIPHER *cipher;
  386. CIPHER_DATA *cdat;
  387. int m;
  388. if ((cipher = EVP_get_cipherbyname(alg)) == NULL) {
  389. /* If alg has an OID assume disabled algorithm */
  390. if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) {
  391. t->skip = 1;
  392. return 1;
  393. }
  394. return 0;
  395. }
  396. cdat = OPENSSL_zalloc(sizeof(*cdat));
  397. cdat->cipher = cipher;
  398. cdat->enc = -1;
  399. m = EVP_CIPHER_mode(cipher);
  400. if (m == EVP_CIPH_GCM_MODE
  401. || m == EVP_CIPH_OCB_MODE
  402. || m == EVP_CIPH_CCM_MODE)
  403. cdat->aead = EVP_CIPHER_mode(cipher);
  404. else if (EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER)
  405. cdat->aead = -1;
  406. else
  407. cdat->aead = 0;
  408. t->data = cdat;
  409. return 1;
  410. }
  411. static void cipher_test_cleanup(EVP_TEST *t)
  412. {
  413. CIPHER_DATA *cdat = t->data;
  414. OPENSSL_free(cdat->key);
  415. OPENSSL_free(cdat->iv);
  416. OPENSSL_free(cdat->ciphertext);
  417. OPENSSL_free(cdat->plaintext);
  418. OPENSSL_free(cdat->aad);
  419. OPENSSL_free(cdat->tag);
  420. }
  421. static int cipher_test_parse(EVP_TEST *t, const char *keyword,
  422. const char *value)
  423. {
  424. CIPHER_DATA *cdat = t->data;
  425. if (strcmp(keyword, "Key") == 0)
  426. return parse_bin(value, &cdat->key, &cdat->key_len);
  427. if (strcmp(keyword, "IV") == 0)
  428. return parse_bin(value, &cdat->iv, &cdat->iv_len);
  429. if (strcmp(keyword, "Plaintext") == 0)
  430. return parse_bin(value, &cdat->plaintext, &cdat->plaintext_len);
  431. if (strcmp(keyword, "Ciphertext") == 0)
  432. return parse_bin(value, &cdat->ciphertext, &cdat->ciphertext_len);
  433. if (cdat->aead) {
  434. if (strcmp(keyword, "AAD") == 0)
  435. return parse_bin(value, &cdat->aad, &cdat->aad_len);
  436. if (strcmp(keyword, "Tag") == 0)
  437. return parse_bin(value, &cdat->tag, &cdat->tag_len);
  438. }
  439. if (strcmp(keyword, "Operation") == 0) {
  440. if (strcmp(value, "ENCRYPT") == 0)
  441. cdat->enc = 1;
  442. else if (strcmp(value, "DECRYPT") == 0)
  443. cdat->enc = 0;
  444. else
  445. return 0;
  446. return 1;
  447. }
  448. return 0;
  449. }
  450. static int cipher_test_enc(EVP_TEST *t, int enc,
  451. size_t out_misalign, size_t inp_misalign, int frag)
  452. {
  453. CIPHER_DATA *expected = t->data;
  454. unsigned char *in, *expected_out, *tmp = NULL;
  455. size_t in_len, out_len, donelen = 0;
  456. int ok = 0, tmplen, chunklen, tmpflen;
  457. EVP_CIPHER_CTX *ctx = NULL;
  458. t->err = "TEST_FAILURE";
  459. if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new()))
  460. goto err;
  461. EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
  462. if (enc) {
  463. in = expected->plaintext;
  464. in_len = expected->plaintext_len;
  465. expected_out = expected->ciphertext;
  466. out_len = expected->ciphertext_len;
  467. } else {
  468. in = expected->ciphertext;
  469. in_len = expected->ciphertext_len;
  470. expected_out = expected->plaintext;
  471. out_len = expected->plaintext_len;
  472. }
  473. if (inp_misalign == (size_t)-1) {
  474. /*
  475. * Exercise in-place encryption
  476. */
  477. tmp = OPENSSL_malloc(out_misalign + in_len + 2 * EVP_MAX_BLOCK_LENGTH);
  478. if (!tmp)
  479. goto err;
  480. in = memcpy(tmp + out_misalign, in, in_len);
  481. } else {
  482. inp_misalign += 16 - ((out_misalign + in_len) & 15);
  483. /*
  484. * 'tmp' will store both output and copy of input. We make the copy
  485. * of input to specifically aligned part of 'tmp'. So we just
  486. * figured out how much padding would ensure the required alignment,
  487. * now we allocate extended buffer and finally copy the input just
  488. * past inp_misalign in expression below. Output will be written
  489. * past out_misalign...
  490. */
  491. tmp = OPENSSL_malloc(out_misalign + in_len + 2 * EVP_MAX_BLOCK_LENGTH +
  492. inp_misalign + in_len);
  493. if (!tmp)
  494. goto err;
  495. in = memcpy(tmp + out_misalign + in_len + 2 * EVP_MAX_BLOCK_LENGTH +
  496. inp_misalign, in, in_len);
  497. }
  498. if (!EVP_CipherInit_ex(ctx, expected->cipher, NULL, NULL, NULL, enc)) {
  499. t->err = "CIPHERINIT_ERROR";
  500. goto err;
  501. }
  502. if (expected->iv) {
  503. if (expected->aead) {
  504. if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
  505. expected->iv_len, 0)) {
  506. t->err = "INVALID_IV_LENGTH";
  507. goto err;
  508. }
  509. } else if (expected->iv_len != (size_t)EVP_CIPHER_CTX_iv_length(ctx)) {
  510. t->err = "INVALID_IV_LENGTH";
  511. goto err;
  512. }
  513. }
  514. if (expected->aead) {
  515. unsigned char *tag;
  516. /*
  517. * If encrypting or OCB just set tag length initially, otherwise
  518. * set tag length and value.
  519. */
  520. if (enc || expected->aead == EVP_CIPH_OCB_MODE) {
  521. t->err = "TAG_LENGTH_SET_ERROR";
  522. tag = NULL;
  523. } else {
  524. t->err = "TAG_SET_ERROR";
  525. tag = expected->tag;
  526. }
  527. if (tag || expected->aead != EVP_CIPH_GCM_MODE) {
  528. if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
  529. expected->tag_len, tag))
  530. goto err;
  531. }
  532. }
  533. if (!EVP_CIPHER_CTX_set_key_length(ctx, expected->key_len)) {
  534. t->err = "INVALID_KEY_LENGTH";
  535. goto err;
  536. }
  537. if (!EVP_CipherInit_ex(ctx, NULL, NULL, expected->key, expected->iv, -1)) {
  538. t->err = "KEY_SET_ERROR";
  539. goto err;
  540. }
  541. if (!enc && expected->aead == EVP_CIPH_OCB_MODE) {
  542. if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
  543. expected->tag_len, expected->tag)) {
  544. t->err = "TAG_SET_ERROR";
  545. goto err;
  546. }
  547. }
  548. if (expected->aead == EVP_CIPH_CCM_MODE) {
  549. if (!EVP_CipherUpdate(ctx, NULL, &tmplen, NULL, out_len)) {
  550. t->err = "CCM_PLAINTEXT_LENGTH_SET_ERROR";
  551. goto err;
  552. }
  553. }
  554. if (expected->aad) {
  555. t->err = "AAD_SET_ERROR";
  556. if (!frag) {
  557. if (!EVP_CipherUpdate(ctx, NULL, &chunklen, expected->aad,
  558. expected->aad_len))
  559. goto err;
  560. } else {
  561. /*
  562. * Supply the AAD in chunks less than the block size where possible
  563. */
  564. if (expected->aad_len > 0) {
  565. if (!EVP_CipherUpdate(ctx, NULL, &chunklen, expected->aad, 1))
  566. goto err;
  567. donelen++;
  568. }
  569. if (expected->aad_len > 2) {
  570. if (!EVP_CipherUpdate(ctx, NULL, &chunklen,
  571. expected->aad + donelen,
  572. expected->aad_len - 2))
  573. goto err;
  574. donelen += expected->aad_len - 2;
  575. }
  576. if (expected->aad_len > 1
  577. && !EVP_CipherUpdate(ctx, NULL, &chunklen,
  578. expected->aad + donelen, 1))
  579. goto err;
  580. }
  581. }
  582. EVP_CIPHER_CTX_set_padding(ctx, 0);
  583. t->err = "CIPHERUPDATE_ERROR";
  584. tmplen = 0;
  585. if (!frag) {
  586. /* We supply the data all in one go */
  587. if (!EVP_CipherUpdate(ctx, tmp + out_misalign, &tmplen, in, in_len))
  588. goto err;
  589. } else {
  590. /* Supply the data in chunks less than the block size where possible */
  591. if (in_len > 0) {
  592. if (!EVP_CipherUpdate(ctx, tmp + out_misalign, &chunklen, in, 1))
  593. goto err;
  594. tmplen += chunklen;
  595. in++;
  596. in_len--;
  597. }
  598. if (in_len > 1) {
  599. if (!EVP_CipherUpdate(ctx, tmp + out_misalign + tmplen, &chunklen,
  600. in, in_len - 1))
  601. goto err;
  602. tmplen += chunklen;
  603. in += in_len - 1;
  604. in_len = 1;
  605. }
  606. if (in_len > 0 ) {
  607. if (!EVP_CipherUpdate(ctx, tmp + out_misalign + tmplen, &chunklen,
  608. in, 1))
  609. goto err;
  610. tmplen += chunklen;
  611. }
  612. }
  613. if (!EVP_CipherFinal_ex(ctx, tmp + out_misalign + tmplen, &tmpflen)) {
  614. t->err = "CIPHERFINAL_ERROR";
  615. goto err;
  616. }
  617. if (!TEST_mem_eq(expected_out, out_len,
  618. tmp + out_misalign, tmplen + tmpflen)) {
  619. t->err = "VALUE_MISMATCH";
  620. goto err;
  621. }
  622. if (enc && expected->aead) {
  623. unsigned char rtag[16];
  624. if (!TEST_size_t_le(expected->tag_len, sizeof(rtag))) {
  625. t->err = "TAG_LENGTH_INTERNAL_ERROR";
  626. goto err;
  627. }
  628. if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
  629. expected->tag_len, rtag)) {
  630. t->err = "TAG_RETRIEVE_ERROR";
  631. goto err;
  632. }
  633. if (!TEST_mem_eq(expected->tag, expected->tag_len,
  634. rtag, expected->tag_len)) {
  635. t->err = "TAG_VALUE_MISMATCH";
  636. goto err;
  637. }
  638. }
  639. t->err = NULL;
  640. ok = 1;
  641. err:
  642. OPENSSL_free(tmp);
  643. EVP_CIPHER_CTX_free(ctx);
  644. return ok;
  645. }
  646. static int cipher_test_run(EVP_TEST *t)
  647. {
  648. CIPHER_DATA *cdat = t->data;
  649. int rv, frag = 0;
  650. size_t out_misalign, inp_misalign;
  651. if (!cdat->key) {
  652. t->err = "NO_KEY";
  653. return 0;
  654. }
  655. if (!cdat->iv && EVP_CIPHER_iv_length(cdat->cipher)) {
  656. /* IV is optional and usually omitted in wrap mode */
  657. if (EVP_CIPHER_mode(cdat->cipher) != EVP_CIPH_WRAP_MODE) {
  658. t->err = "NO_IV";
  659. return 0;
  660. }
  661. }
  662. if (cdat->aead && !cdat->tag) {
  663. t->err = "NO_TAG";
  664. return 0;
  665. }
  666. for (out_misalign = 0; out_misalign <= 1;) {
  667. static char aux_err[64];
  668. t->aux_err = aux_err;
  669. for (inp_misalign = (size_t)-1; inp_misalign != 2; inp_misalign++) {
  670. if (inp_misalign == (size_t)-1) {
  671. /* kludge: inp_misalign == -1 means "exercise in-place" */
  672. BIO_snprintf(aux_err, sizeof(aux_err),
  673. "%s in-place, %sfragmented",
  674. out_misalign ? "misaligned" : "aligned",
  675. frag ? "" : "not ");
  676. } else {
  677. BIO_snprintf(aux_err, sizeof(aux_err),
  678. "%s output and %s input, %sfragmented",
  679. out_misalign ? "misaligned" : "aligned",
  680. inp_misalign ? "misaligned" : "aligned",
  681. frag ? "" : "not ");
  682. }
  683. if (cdat->enc) {
  684. rv = cipher_test_enc(t, 1, out_misalign, inp_misalign, frag);
  685. /* Not fatal errors: return */
  686. if (rv != 1) {
  687. if (rv < 0)
  688. return 0;
  689. return 1;
  690. }
  691. }
  692. if (cdat->enc != 1) {
  693. rv = cipher_test_enc(t, 0, out_misalign, inp_misalign, frag);
  694. /* Not fatal errors: return */
  695. if (rv != 1) {
  696. if (rv < 0)
  697. return 0;
  698. return 1;
  699. }
  700. }
  701. }
  702. if (out_misalign == 1 && frag == 0) {
  703. /*
  704. * XTS, CCM and Wrap modes have special requirements about input
  705. * lengths so we don't fragment for those
  706. */
  707. if (cdat->aead == EVP_CIPH_CCM_MODE
  708. || EVP_CIPHER_mode(cdat->cipher) == EVP_CIPH_XTS_MODE
  709. || EVP_CIPHER_mode(cdat->cipher) == EVP_CIPH_WRAP_MODE)
  710. break;
  711. out_misalign = 0;
  712. frag++;
  713. } else {
  714. out_misalign++;
  715. }
  716. }
  717. t->aux_err = NULL;
  718. return 1;
  719. }
  720. static const EVP_TEST_METHOD cipher_test_method = {
  721. "Cipher",
  722. cipher_test_init,
  723. cipher_test_cleanup,
  724. cipher_test_parse,
  725. cipher_test_run
  726. };
  727. /**
  728. *** MAC TESTS
  729. **/
  730. typedef struct mac_data_st {
  731. /* MAC type */
  732. int type;
  733. /* Algorithm string for this MAC */
  734. char *alg;
  735. /* MAC key */
  736. unsigned char *key;
  737. size_t key_len;
  738. /* Input to MAC */
  739. unsigned char *input;
  740. size_t input_len;
  741. /* Expected output */
  742. unsigned char *output;
  743. size_t output_len;
  744. } MAC_DATA;
  745. static int mac_test_init(EVP_TEST *t, const char *alg)
  746. {
  747. int type;
  748. MAC_DATA *mdat;
  749. if (strcmp(alg, "HMAC") == 0) {
  750. type = EVP_PKEY_HMAC;
  751. } else if (strcmp(alg, "CMAC") == 0) {
  752. #ifndef OPENSSL_NO_CMAC
  753. type = EVP_PKEY_CMAC;
  754. #else
  755. t->skip = 1;
  756. return 1;
  757. #endif
  758. } else if (strcmp(alg, "Poly1305") == 0) {
  759. #ifndef OPENSSL_NO_POLY1305
  760. type = EVP_PKEY_POLY1305;
  761. #else
  762. t->skip = 1;
  763. return 1;
  764. #endif
  765. } else if (strcmp(alg, "SipHash") == 0) {
  766. #ifndef OPENSSL_NO_SIPHASH
  767. type = EVP_PKEY_SIPHASH;
  768. #else
  769. t->skip = 1;
  770. return 1;
  771. #endif
  772. } else
  773. return 0;
  774. mdat = OPENSSL_zalloc(sizeof(*mdat));
  775. mdat->type = type;
  776. t->data = mdat;
  777. return 1;
  778. }
  779. static void mac_test_cleanup(EVP_TEST *t)
  780. {
  781. MAC_DATA *mdat = t->data;
  782. OPENSSL_free(mdat->alg);
  783. OPENSSL_free(mdat->key);
  784. OPENSSL_free(mdat->input);
  785. OPENSSL_free(mdat->output);
  786. }
  787. static int mac_test_parse(EVP_TEST *t,
  788. const char *keyword, const char *value)
  789. {
  790. MAC_DATA *mdata = t->data;
  791. if (strcmp(keyword, "Key") == 0)
  792. return parse_bin(value, &mdata->key, &mdata->key_len);
  793. if (strcmp(keyword, "Algorithm") == 0) {
  794. mdata->alg = OPENSSL_strdup(value);
  795. if (!mdata->alg)
  796. return 0;
  797. return 1;
  798. }
  799. if (strcmp(keyword, "Input") == 0)
  800. return parse_bin(value, &mdata->input, &mdata->input_len);
  801. if (strcmp(keyword, "Output") == 0)
  802. return parse_bin(value, &mdata->output, &mdata->output_len);
  803. return 0;
  804. }
  805. static int mac_test_run(EVP_TEST *t)
  806. {
  807. MAC_DATA *expected = t->data;
  808. EVP_MD_CTX *mctx = NULL;
  809. EVP_PKEY_CTX *pctx = NULL, *genctx = NULL;
  810. EVP_PKEY *key = NULL;
  811. const EVP_MD *md = NULL;
  812. unsigned char *got = NULL;
  813. size_t got_len;
  814. #ifdef OPENSSL_NO_DES
  815. if (expected->alg != NULL && strstr(expected->alg, "DES") != NULL) {
  816. /* Skip DES */
  817. t->err = NULL;
  818. goto err;
  819. }
  820. #endif
  821. if (expected->type == EVP_PKEY_CMAC)
  822. key = EVP_PKEY_new_CMAC_key(NULL, expected->key, expected->key_len,
  823. EVP_get_cipherbyname(expected->alg));
  824. else
  825. key = EVP_PKEY_new_raw_private_key(expected->type, NULL, expected->key,
  826. expected->key_len);
  827. if (key == NULL) {
  828. t->err = "MAC_KEY_CREATE_ERROR";
  829. goto err;
  830. }
  831. if (expected->type == EVP_PKEY_HMAC) {
  832. if (!TEST_ptr(md = EVP_get_digestbyname(expected->alg))) {
  833. t->err = "MAC_ALGORITHM_SET_ERROR";
  834. goto err;
  835. }
  836. }
  837. if (!TEST_ptr(mctx = EVP_MD_CTX_new())) {
  838. t->err = "INTERNAL_ERROR";
  839. goto err;
  840. }
  841. if (!EVP_DigestSignInit(mctx, &pctx, md, NULL, key)) {
  842. t->err = "DIGESTSIGNINIT_ERROR";
  843. goto err;
  844. }
  845. if (!EVP_DigestSignUpdate(mctx, expected->input, expected->input_len)) {
  846. t->err = "DIGESTSIGNUPDATE_ERROR";
  847. goto err;
  848. }
  849. if (!EVP_DigestSignFinal(mctx, NULL, &got_len)) {
  850. t->err = "DIGESTSIGNFINAL_LENGTH_ERROR";
  851. goto err;
  852. }
  853. if (!TEST_ptr(got = OPENSSL_malloc(got_len))) {
  854. t->err = "TEST_FAILURE";
  855. goto err;
  856. }
  857. if (!EVP_DigestSignFinal(mctx, got, &got_len)
  858. || !TEST_mem_eq(expected->output, expected->output_len,
  859. got, got_len)) {
  860. t->err = "TEST_MAC_ERR";
  861. goto err;
  862. }
  863. t->err = NULL;
  864. err:
  865. EVP_MD_CTX_free(mctx);
  866. OPENSSL_free(got);
  867. EVP_PKEY_CTX_free(genctx);
  868. EVP_PKEY_free(key);
  869. return 1;
  870. }
  871. static const EVP_TEST_METHOD mac_test_method = {
  872. "MAC",
  873. mac_test_init,
  874. mac_test_cleanup,
  875. mac_test_parse,
  876. mac_test_run
  877. };
  878. /**
  879. *** PUBLIC KEY TESTS
  880. *** These are all very similar and share much common code.
  881. **/
  882. typedef struct pkey_data_st {
  883. /* Context for this operation */
  884. EVP_PKEY_CTX *ctx;
  885. /* Key operation to perform */
  886. int (*keyop) (EVP_PKEY_CTX *ctx,
  887. unsigned char *sig, size_t *siglen,
  888. const unsigned char *tbs, size_t tbslen);
  889. /* Input to MAC */
  890. unsigned char *input;
  891. size_t input_len;
  892. /* Expected output */
  893. unsigned char *output;
  894. size_t output_len;
  895. } PKEY_DATA;
  896. /*
  897. * Perform public key operation setup: lookup key, allocated ctx and call
  898. * the appropriate initialisation function
  899. */
  900. static int pkey_test_init(EVP_TEST *t, const char *name,
  901. int use_public,
  902. int (*keyopinit) (EVP_PKEY_CTX *ctx),
  903. int (*keyop)(EVP_PKEY_CTX *ctx,
  904. unsigned char *sig, size_t *siglen,
  905. const unsigned char *tbs,
  906. size_t tbslen))
  907. {
  908. PKEY_DATA *kdata;
  909. EVP_PKEY *pkey = NULL;
  910. int rv = 0;
  911. if (use_public)
  912. rv = find_key(&pkey, name, public_keys);
  913. if (rv == 0)
  914. rv = find_key(&pkey, name, private_keys);
  915. if (rv == 0 || pkey == NULL) {
  916. t->skip = 1;
  917. return 1;
  918. }
  919. if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata)))) {
  920. EVP_PKEY_free(pkey);
  921. return 0;
  922. }
  923. kdata->keyop = keyop;
  924. if (!TEST_ptr(kdata->ctx = EVP_PKEY_CTX_new(pkey, NULL))) {
  925. EVP_PKEY_free(pkey);
  926. OPENSSL_free(kdata);
  927. return 0;
  928. }
  929. if (keyopinit(kdata->ctx) <= 0)
  930. t->err = "KEYOP_INIT_ERROR";
  931. t->data = kdata;
  932. return 1;
  933. }
  934. static void pkey_test_cleanup(EVP_TEST *t)
  935. {
  936. PKEY_DATA *kdata = t->data;
  937. OPENSSL_free(kdata->input);
  938. OPENSSL_free(kdata->output);
  939. EVP_PKEY_CTX_free(kdata->ctx);
  940. }
  941. static int pkey_test_ctrl(EVP_TEST *t, EVP_PKEY_CTX *pctx,
  942. const char *value)
  943. {
  944. int rv;
  945. char *p, *tmpval;
  946. if (!TEST_ptr(tmpval = OPENSSL_strdup(value)))
  947. return 0;
  948. p = strchr(tmpval, ':');
  949. if (p != NULL)
  950. *p++ = '\0';
  951. rv = EVP_PKEY_CTX_ctrl_str(pctx, tmpval, p);
  952. if (rv == -2) {
  953. t->err = "PKEY_CTRL_INVALID";
  954. rv = 1;
  955. } else if (p != NULL && rv <= 0) {
  956. /* If p has an OID and lookup fails assume disabled algorithm */
  957. int nid = OBJ_sn2nid(p);
  958. if (nid == NID_undef)
  959. nid = OBJ_ln2nid(p);
  960. if (nid != NID_undef
  961. && EVP_get_digestbynid(nid) == NULL
  962. && EVP_get_cipherbynid(nid) == NULL) {
  963. t->skip = 1;
  964. rv = 1;
  965. } else {
  966. t->err = "PKEY_CTRL_ERROR";
  967. rv = 1;
  968. }
  969. }
  970. OPENSSL_free(tmpval);
  971. return rv > 0;
  972. }
  973. static int pkey_test_parse(EVP_TEST *t,
  974. const char *keyword, const char *value)
  975. {
  976. PKEY_DATA *kdata = t->data;
  977. if (strcmp(keyword, "Input") == 0)
  978. return parse_bin(value, &kdata->input, &kdata->input_len);
  979. if (strcmp(keyword, "Output") == 0)
  980. return parse_bin(value, &kdata->output, &kdata->output_len);
  981. if (strcmp(keyword, "Ctrl") == 0)
  982. return pkey_test_ctrl(t, kdata->ctx, value);
  983. return 0;
  984. }
  985. static int pkey_test_run(EVP_TEST *t)
  986. {
  987. PKEY_DATA *expected = t->data;
  988. unsigned char *got = NULL;
  989. size_t got_len;
  990. if (expected->keyop(expected->ctx, NULL, &got_len,
  991. expected->input, expected->input_len) <= 0
  992. || !TEST_ptr(got = OPENSSL_malloc(got_len))) {
  993. t->err = "KEYOP_LENGTH_ERROR";
  994. goto err;
  995. }
  996. if (expected->keyop(expected->ctx, got, &got_len,
  997. expected->input, expected->input_len) <= 0) {
  998. t->err = "KEYOP_ERROR";
  999. goto err;
  1000. }
  1001. if (!TEST_mem_eq(expected->output, expected->output_len, got, got_len)) {
  1002. t->err = "KEYOP_MISMATCH";
  1003. goto err;
  1004. }
  1005. t->err = NULL;
  1006. err:
  1007. OPENSSL_free(got);
  1008. return 1;
  1009. }
  1010. static int sign_test_init(EVP_TEST *t, const char *name)
  1011. {
  1012. return pkey_test_init(t, name, 0, EVP_PKEY_sign_init, EVP_PKEY_sign);
  1013. }
  1014. static const EVP_TEST_METHOD psign_test_method = {
  1015. "Sign",
  1016. sign_test_init,
  1017. pkey_test_cleanup,
  1018. pkey_test_parse,
  1019. pkey_test_run
  1020. };
  1021. static int verify_recover_test_init(EVP_TEST *t, const char *name)
  1022. {
  1023. return pkey_test_init(t, name, 1, EVP_PKEY_verify_recover_init,
  1024. EVP_PKEY_verify_recover);
  1025. }
  1026. static const EVP_TEST_METHOD pverify_recover_test_method = {
  1027. "VerifyRecover",
  1028. verify_recover_test_init,
  1029. pkey_test_cleanup,
  1030. pkey_test_parse,
  1031. pkey_test_run
  1032. };
  1033. static int decrypt_test_init(EVP_TEST *t, const char *name)
  1034. {
  1035. return pkey_test_init(t, name, 0, EVP_PKEY_decrypt_init,
  1036. EVP_PKEY_decrypt);
  1037. }
  1038. static const EVP_TEST_METHOD pdecrypt_test_method = {
  1039. "Decrypt",
  1040. decrypt_test_init,
  1041. pkey_test_cleanup,
  1042. pkey_test_parse,
  1043. pkey_test_run
  1044. };
  1045. static int verify_test_init(EVP_TEST *t, const char *name)
  1046. {
  1047. return pkey_test_init(t, name, 1, EVP_PKEY_verify_init, 0);
  1048. }
  1049. static int verify_test_run(EVP_TEST *t)
  1050. {
  1051. PKEY_DATA *kdata = t->data;
  1052. if (EVP_PKEY_verify(kdata->ctx, kdata->output, kdata->output_len,
  1053. kdata->input, kdata->input_len) <= 0)
  1054. t->err = "VERIFY_ERROR";
  1055. return 1;
  1056. }
  1057. static const EVP_TEST_METHOD pverify_test_method = {
  1058. "Verify",
  1059. verify_test_init,
  1060. pkey_test_cleanup,
  1061. pkey_test_parse,
  1062. verify_test_run
  1063. };
  1064. static int pderive_test_init(EVP_TEST *t, const char *name)
  1065. {
  1066. return pkey_test_init(t, name, 0, EVP_PKEY_derive_init, 0);
  1067. }
  1068. static int pderive_test_parse(EVP_TEST *t,
  1069. const char *keyword, const char *value)
  1070. {
  1071. PKEY_DATA *kdata = t->data;
  1072. if (strcmp(keyword, "PeerKey") == 0) {
  1073. EVP_PKEY *peer;
  1074. if (find_key(&peer, value, public_keys) == 0)
  1075. return 0;
  1076. if (EVP_PKEY_derive_set_peer(kdata->ctx, peer) <= 0)
  1077. return 0;
  1078. return 1;
  1079. }
  1080. if (strcmp(keyword, "SharedSecret") == 0)
  1081. return parse_bin(value, &kdata->output, &kdata->output_len);
  1082. if (strcmp(keyword, "Ctrl") == 0)
  1083. return pkey_test_ctrl(t, kdata->ctx, value);
  1084. return 0;
  1085. }
  1086. static int pderive_test_run(EVP_TEST *t)
  1087. {
  1088. PKEY_DATA *expected = t->data;
  1089. unsigned char *got = NULL;
  1090. size_t got_len;
  1091. if (EVP_PKEY_derive(expected->ctx, NULL, &got_len) <= 0) {
  1092. t->err = "DERIVE_ERROR";
  1093. goto err;
  1094. }
  1095. if (!TEST_ptr(got = OPENSSL_malloc(got_len))) {
  1096. t->err = "DERIVE_ERROR";
  1097. goto err;
  1098. }
  1099. if (EVP_PKEY_derive(expected->ctx, got, &got_len) <= 0) {
  1100. t->err = "DERIVE_ERROR";
  1101. goto err;
  1102. }
  1103. if (!TEST_mem_eq(expected->output, expected->output_len, got, got_len)) {
  1104. t->err = "SHARED_SECRET_MISMATCH";
  1105. goto err;
  1106. }
  1107. t->err = NULL;
  1108. err:
  1109. OPENSSL_free(got);
  1110. return 1;
  1111. }
  1112. static const EVP_TEST_METHOD pderive_test_method = {
  1113. "Derive",
  1114. pderive_test_init,
  1115. pkey_test_cleanup,
  1116. pderive_test_parse,
  1117. pderive_test_run
  1118. };
  1119. /**
  1120. *** PBE TESTS
  1121. **/
  1122. typedef enum pbe_type_enum {
  1123. PBE_TYPE_INVALID = 0,
  1124. PBE_TYPE_SCRYPT, PBE_TYPE_PBKDF2, PBE_TYPE_PKCS12
  1125. } PBE_TYPE;
  1126. typedef struct pbe_data_st {
  1127. PBE_TYPE pbe_type;
  1128. /* scrypt parameters */
  1129. uint64_t N, r, p, maxmem;
  1130. /* PKCS#12 parameters */
  1131. int id, iter;
  1132. const EVP_MD *md;
  1133. /* password */
  1134. unsigned char *pass;
  1135. size_t pass_len;
  1136. /* salt */
  1137. unsigned char *salt;
  1138. size_t salt_len;
  1139. /* Expected output */
  1140. unsigned char *key;
  1141. size_t key_len;
  1142. } PBE_DATA;
  1143. #ifndef OPENSSL_NO_SCRYPT
  1144. /*
  1145. * Parse unsigned decimal 64 bit integer value
  1146. */
  1147. static int parse_uint64(const char *value, uint64_t *pr)
  1148. {
  1149. const char *p = value;
  1150. if (!TEST_true(*p)) {
  1151. TEST_info("Invalid empty integer value");
  1152. return -1;
  1153. }
  1154. for (*pr = 0; *p; ) {
  1155. if (*pr > UINT64_MAX / 10) {
  1156. TEST_error("Integer overflow in string %s", value);
  1157. return -1;
  1158. }
  1159. *pr *= 10;
  1160. if (!TEST_true(isdigit((unsigned char)*p))) {
  1161. TEST_error("Invalid character in string %s", value);
  1162. return -1;
  1163. }
  1164. *pr += *p - '0';
  1165. p++;
  1166. }
  1167. return 1;
  1168. }
  1169. static int scrypt_test_parse(EVP_TEST *t,
  1170. const char *keyword, const char *value)
  1171. {
  1172. PBE_DATA *pdata = t->data;
  1173. if (strcmp(keyword, "N") == 0)
  1174. return parse_uint64(value, &pdata->N);
  1175. if (strcmp(keyword, "p") == 0)
  1176. return parse_uint64(value, &pdata->p);
  1177. if (strcmp(keyword, "r") == 0)
  1178. return parse_uint64(value, &pdata->r);
  1179. if (strcmp(keyword, "maxmem") == 0)
  1180. return parse_uint64(value, &pdata->maxmem);
  1181. return 0;
  1182. }
  1183. #endif
  1184. static int pbkdf2_test_parse(EVP_TEST *t,
  1185. const char *keyword, const char *value)
  1186. {
  1187. PBE_DATA *pdata = t->data;
  1188. if (strcmp(keyword, "iter") == 0) {
  1189. pdata->iter = atoi(value);
  1190. if (pdata->iter <= 0)
  1191. return -1;
  1192. return 1;
  1193. }
  1194. if (strcmp(keyword, "MD") == 0) {
  1195. pdata->md = EVP_get_digestbyname(value);
  1196. if (pdata->md == NULL)
  1197. return -1;
  1198. return 1;
  1199. }
  1200. return 0;
  1201. }
  1202. static int pkcs12_test_parse(EVP_TEST *t,
  1203. const char *keyword, const char *value)
  1204. {
  1205. PBE_DATA *pdata = t->data;
  1206. if (strcmp(keyword, "id") == 0) {
  1207. pdata->id = atoi(value);
  1208. if (pdata->id <= 0)
  1209. return -1;
  1210. return 1;
  1211. }
  1212. return pbkdf2_test_parse(t, keyword, value);
  1213. }
  1214. static int pbe_test_init(EVP_TEST *t, const char *alg)
  1215. {
  1216. PBE_DATA *pdat;
  1217. PBE_TYPE pbe_type = PBE_TYPE_INVALID;
  1218. if (strcmp(alg, "scrypt") == 0) {
  1219. #ifndef OPENSSL_NO_SCRYPT
  1220. pbe_type = PBE_TYPE_SCRYPT;
  1221. #else
  1222. t->skip = 1;
  1223. return 1;
  1224. #endif
  1225. } else if (strcmp(alg, "pbkdf2") == 0) {
  1226. pbe_type = PBE_TYPE_PBKDF2;
  1227. } else if (strcmp(alg, "pkcs12") == 0) {
  1228. pbe_type = PBE_TYPE_PKCS12;
  1229. } else {
  1230. TEST_error("Unknown pbe algorithm %s", alg);
  1231. }
  1232. pdat = OPENSSL_zalloc(sizeof(*pdat));
  1233. pdat->pbe_type = pbe_type;
  1234. t->data = pdat;
  1235. return 1;
  1236. }
  1237. static void pbe_test_cleanup(EVP_TEST *t)
  1238. {
  1239. PBE_DATA *pdat = t->data;
  1240. OPENSSL_free(pdat->pass);
  1241. OPENSSL_free(pdat->salt);
  1242. OPENSSL_free(pdat->key);
  1243. }
  1244. static int pbe_test_parse(EVP_TEST *t,
  1245. const char *keyword, const char *value)
  1246. {
  1247. PBE_DATA *pdata = t->data;
  1248. if (strcmp(keyword, "Password") == 0)
  1249. return parse_bin(value, &pdata->pass, &pdata->pass_len);
  1250. if (strcmp(keyword, "Salt") == 0)
  1251. return parse_bin(value, &pdata->salt, &pdata->salt_len);
  1252. if (strcmp(keyword, "Key") == 0)
  1253. return parse_bin(value, &pdata->key, &pdata->key_len);
  1254. if (pdata->pbe_type == PBE_TYPE_PBKDF2)
  1255. return pbkdf2_test_parse(t, keyword, value);
  1256. else if (pdata->pbe_type == PBE_TYPE_PKCS12)
  1257. return pkcs12_test_parse(t, keyword, value);
  1258. #ifndef OPENSSL_NO_SCRYPT
  1259. else if (pdata->pbe_type == PBE_TYPE_SCRYPT)
  1260. return scrypt_test_parse(t, keyword, value);
  1261. #endif
  1262. return 0;
  1263. }
  1264. static int pbe_test_run(EVP_TEST *t)
  1265. {
  1266. PBE_DATA *expected = t->data;
  1267. unsigned char *key;
  1268. if (!TEST_ptr(key = OPENSSL_malloc(expected->key_len))) {
  1269. t->err = "INTERNAL_ERROR";
  1270. goto err;
  1271. }
  1272. if (expected->pbe_type == PBE_TYPE_PBKDF2) {
  1273. if (PKCS5_PBKDF2_HMAC((char *)expected->pass, expected->pass_len,
  1274. expected->salt, expected->salt_len,
  1275. expected->iter, expected->md,
  1276. expected->key_len, key) == 0) {
  1277. t->err = "PBKDF2_ERROR";
  1278. goto err;
  1279. }
  1280. #ifndef OPENSSL_NO_SCRYPT
  1281. } else if (expected->pbe_type == PBE_TYPE_SCRYPT) {
  1282. if (EVP_PBE_scrypt((const char *)expected->pass, expected->pass_len,
  1283. expected->salt, expected->salt_len, expected->N,
  1284. expected->r, expected->p, expected->maxmem,
  1285. key, expected->key_len) == 0) {
  1286. t->err = "SCRYPT_ERROR";
  1287. goto err;
  1288. }
  1289. #endif
  1290. } else if (expected->pbe_type == PBE_TYPE_PKCS12) {
  1291. if (PKCS12_key_gen_uni(expected->pass, expected->pass_len,
  1292. expected->salt, expected->salt_len,
  1293. expected->id, expected->iter, expected->key_len,
  1294. key, expected->md) == 0) {
  1295. t->err = "PKCS12_ERROR";
  1296. goto err;
  1297. }
  1298. }
  1299. if (!TEST_mem_eq(expected->key, expected->key_len,
  1300. key, expected->key_len)) {
  1301. t->err = "KEY_MISMATCH";
  1302. goto err;
  1303. }
  1304. t->err = NULL;
  1305. err:
  1306. OPENSSL_free(key);
  1307. return 1;
  1308. }
  1309. static const EVP_TEST_METHOD pbe_test_method = {
  1310. "PBE",
  1311. pbe_test_init,
  1312. pbe_test_cleanup,
  1313. pbe_test_parse,
  1314. pbe_test_run
  1315. };
  1316. /**
  1317. *** BASE64 TESTS
  1318. **/
  1319. typedef enum {
  1320. BASE64_CANONICAL_ENCODING = 0,
  1321. BASE64_VALID_ENCODING = 1,
  1322. BASE64_INVALID_ENCODING = 2
  1323. } base64_encoding_type;
  1324. typedef struct encode_data_st {
  1325. /* Input to encoding */
  1326. unsigned char *input;
  1327. size_t input_len;
  1328. /* Expected output */
  1329. unsigned char *output;
  1330. size_t output_len;
  1331. base64_encoding_type encoding;
  1332. } ENCODE_DATA;
  1333. static int encode_test_init(EVP_TEST *t, const char *encoding)
  1334. {
  1335. ENCODE_DATA *edata;
  1336. if (!TEST_ptr(edata = OPENSSL_zalloc(sizeof(*edata))))
  1337. return 0;
  1338. if (strcmp(encoding, "canonical") == 0) {
  1339. edata->encoding = BASE64_CANONICAL_ENCODING;
  1340. } else if (strcmp(encoding, "valid") == 0) {
  1341. edata->encoding = BASE64_VALID_ENCODING;
  1342. } else if (strcmp(encoding, "invalid") == 0) {
  1343. edata->encoding = BASE64_INVALID_ENCODING;
  1344. if (!TEST_ptr(t->expected_err = OPENSSL_strdup("DECODE_ERROR")))
  1345. return 0;
  1346. } else {
  1347. TEST_error("Bad encoding: %s."
  1348. " Should be one of {canonical, valid, invalid}",
  1349. encoding);
  1350. return 0;
  1351. }
  1352. t->data = edata;
  1353. return 1;
  1354. }
  1355. static void encode_test_cleanup(EVP_TEST *t)
  1356. {
  1357. ENCODE_DATA *edata = t->data;
  1358. OPENSSL_free(edata->input);
  1359. OPENSSL_free(edata->output);
  1360. memset(edata, 0, sizeof(*edata));
  1361. }
  1362. static int encode_test_parse(EVP_TEST *t,
  1363. const char *keyword, const char *value)
  1364. {
  1365. ENCODE_DATA *edata = t->data;
  1366. if (strcmp(keyword, "Input") == 0)
  1367. return parse_bin(value, &edata->input, &edata->input_len);
  1368. if (strcmp(keyword, "Output") == 0)
  1369. return parse_bin(value, &edata->output, &edata->output_len);
  1370. return 0;
  1371. }
  1372. static int encode_test_run(EVP_TEST *t)
  1373. {
  1374. ENCODE_DATA *expected = t->data;
  1375. unsigned char *encode_out = NULL, *decode_out = NULL;
  1376. int output_len, chunk_len;
  1377. EVP_ENCODE_CTX *decode_ctx;
  1378. if (!TEST_ptr(decode_ctx = EVP_ENCODE_CTX_new())) {
  1379. t->err = "INTERNAL_ERROR";
  1380. goto err;
  1381. }
  1382. if (expected->encoding == BASE64_CANONICAL_ENCODING) {
  1383. EVP_ENCODE_CTX *encode_ctx;
  1384. if (!TEST_ptr(encode_ctx = EVP_ENCODE_CTX_new())
  1385. || !TEST_ptr(encode_out =
  1386. OPENSSL_malloc(EVP_ENCODE_LENGTH(expected->input_len))))
  1387. goto err;
  1388. EVP_EncodeInit(encode_ctx);
  1389. EVP_EncodeUpdate(encode_ctx, encode_out, &chunk_len,
  1390. expected->input, expected->input_len);
  1391. output_len = chunk_len;
  1392. EVP_EncodeFinal(encode_ctx, encode_out + chunk_len, &chunk_len);
  1393. output_len += chunk_len;
  1394. EVP_ENCODE_CTX_free(encode_ctx);
  1395. if (!TEST_mem_eq(expected->output, expected->output_len,
  1396. encode_out, output_len)) {
  1397. t->err = "BAD_ENCODING";
  1398. goto err;
  1399. }
  1400. }
  1401. if (!TEST_ptr(decode_out =
  1402. OPENSSL_malloc(EVP_DECODE_LENGTH(expected->output_len))))
  1403. goto err;
  1404. EVP_DecodeInit(decode_ctx);
  1405. if (EVP_DecodeUpdate(decode_ctx, decode_out, &chunk_len, expected->output,
  1406. expected->output_len) < 0) {
  1407. t->err = "DECODE_ERROR";
  1408. goto err;
  1409. }
  1410. output_len = chunk_len;
  1411. if (EVP_DecodeFinal(decode_ctx, decode_out + chunk_len, &chunk_len) != 1) {
  1412. t->err = "DECODE_ERROR";
  1413. goto err;
  1414. }
  1415. output_len += chunk_len;
  1416. if (expected->encoding != BASE64_INVALID_ENCODING
  1417. && !TEST_mem_eq(expected->input, expected->input_len,
  1418. decode_out, output_len)) {
  1419. t->err = "BAD_DECODING";
  1420. goto err;
  1421. }
  1422. t->err = NULL;
  1423. err:
  1424. OPENSSL_free(encode_out);
  1425. OPENSSL_free(decode_out);
  1426. EVP_ENCODE_CTX_free(decode_ctx);
  1427. return 1;
  1428. }
  1429. static const EVP_TEST_METHOD encode_test_method = {
  1430. "Encoding",
  1431. encode_test_init,
  1432. encode_test_cleanup,
  1433. encode_test_parse,
  1434. encode_test_run,
  1435. };
  1436. /**
  1437. *** KDF TESTS
  1438. **/
  1439. typedef struct kdf_data_st {
  1440. /* Context for this operation */
  1441. EVP_PKEY_CTX *ctx;
  1442. /* Expected output */
  1443. unsigned char *output;
  1444. size_t output_len;
  1445. } KDF_DATA;
  1446. /*
  1447. * Perform public key operation setup: lookup key, allocated ctx and call
  1448. * the appropriate initialisation function
  1449. */
  1450. static int kdf_test_init(EVP_TEST *t, const char *name)
  1451. {
  1452. KDF_DATA *kdata;
  1453. int kdf_nid = OBJ_sn2nid(name);
  1454. #ifdef OPENSSL_NO_SCRYPT
  1455. if (strcmp(name, "scrypt") == 0) {
  1456. t->skip = 1;
  1457. return 1;
  1458. }
  1459. #endif
  1460. if (kdf_nid == NID_undef)
  1461. kdf_nid = OBJ_ln2nid(name);
  1462. if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata))))
  1463. return 0;
  1464. kdata->ctx = EVP_PKEY_CTX_new_id(kdf_nid, NULL);
  1465. if (kdata->ctx == NULL) {
  1466. OPENSSL_free(kdata);
  1467. return 0;
  1468. }
  1469. if (EVP_PKEY_derive_init(kdata->ctx) <= 0) {
  1470. EVP_PKEY_CTX_free(kdata->ctx);
  1471. OPENSSL_free(kdata);
  1472. return 0;
  1473. }
  1474. t->data = kdata;
  1475. return 1;
  1476. }
  1477. static void kdf_test_cleanup(EVP_TEST *t)
  1478. {
  1479. KDF_DATA *kdata = t->data;
  1480. OPENSSL_free(kdata->output);
  1481. EVP_PKEY_CTX_free(kdata->ctx);
  1482. }
  1483. static int kdf_test_parse(EVP_TEST *t,
  1484. const char *keyword, const char *value)
  1485. {
  1486. KDF_DATA *kdata = t->data;
  1487. if (strcmp(keyword, "Output") == 0)
  1488. return parse_bin(value, &kdata->output, &kdata->output_len);
  1489. if (strncmp(keyword, "Ctrl", 4) == 0)
  1490. return pkey_test_ctrl(t, kdata->ctx, value);
  1491. return 0;
  1492. }
  1493. static int kdf_test_run(EVP_TEST *t)
  1494. {
  1495. KDF_DATA *expected = t->data;
  1496. unsigned char *got = NULL;
  1497. size_t got_len = expected->output_len;
  1498. if (!TEST_ptr(got = OPENSSL_malloc(got_len))) {
  1499. t->err = "INTERNAL_ERROR";
  1500. goto err;
  1501. }
  1502. if (EVP_PKEY_derive(expected->ctx, got, &got_len) <= 0) {
  1503. t->err = "KDF_DERIVE_ERROR";
  1504. goto err;
  1505. }
  1506. if (!TEST_mem_eq(expected->output, expected->output_len, got, got_len)) {
  1507. t->err = "KDF_MISMATCH";
  1508. goto err;
  1509. }
  1510. t->err = NULL;
  1511. err:
  1512. OPENSSL_free(got);
  1513. return 1;
  1514. }
  1515. static const EVP_TEST_METHOD kdf_test_method = {
  1516. "KDF",
  1517. kdf_test_init,
  1518. kdf_test_cleanup,
  1519. kdf_test_parse,
  1520. kdf_test_run
  1521. };
  1522. /**
  1523. *** KEYPAIR TESTS
  1524. **/
  1525. typedef struct keypair_test_data_st {
  1526. EVP_PKEY *privk;
  1527. EVP_PKEY *pubk;
  1528. } KEYPAIR_TEST_DATA;
  1529. static int keypair_test_init(EVP_TEST *t, const char *pair)
  1530. {
  1531. KEYPAIR_TEST_DATA *data;
  1532. int rv = 0;
  1533. EVP_PKEY *pk = NULL, *pubk = NULL;
  1534. char *pub, *priv = NULL;
  1535. /* Split private and public names. */
  1536. if (!TEST_ptr(priv = OPENSSL_strdup(pair))
  1537. || !TEST_ptr(pub = strchr(priv, ':'))) {
  1538. t->err = "PARSING_ERROR";
  1539. goto end;
  1540. }
  1541. *pub++ = '\0';
  1542. if (!TEST_true(find_key(&pk, priv, private_keys))) {
  1543. TEST_info("Can't find private key: %s", priv);
  1544. t->err = "MISSING_PRIVATE_KEY";
  1545. goto end;
  1546. }
  1547. if (!TEST_true(find_key(&pubk, pub, public_keys))) {
  1548. TEST_info("Can't find public key: %s", pub);
  1549. t->err = "MISSING_PUBLIC_KEY";
  1550. goto end;
  1551. }
  1552. if (pk == NULL && pubk == NULL) {
  1553. /* Both keys are listed but unsupported: skip this test */
  1554. t->skip = 1;
  1555. rv = 1;
  1556. goto end;
  1557. }
  1558. if (!TEST_ptr(data = OPENSSL_malloc(sizeof(*data))))
  1559. goto end;
  1560. data->privk = pk;
  1561. data->pubk = pubk;
  1562. t->data = data;
  1563. rv = 1;
  1564. t->err = NULL;
  1565. end:
  1566. OPENSSL_free(priv);
  1567. return rv;
  1568. }
  1569. static void keypair_test_cleanup(EVP_TEST *t)
  1570. {
  1571. OPENSSL_free(t->data);
  1572. t->data = NULL;
  1573. }
  1574. /*
  1575. * For tests that do not accept any custom keywords.
  1576. */
  1577. static int void_test_parse(EVP_TEST *t, const char *keyword, const char *value)
  1578. {
  1579. return 0;
  1580. }
  1581. static int keypair_test_run(EVP_TEST *t)
  1582. {
  1583. int rv = 0;
  1584. const KEYPAIR_TEST_DATA *pair = t->data;
  1585. if (pair->privk == NULL || pair->pubk == NULL) {
  1586. /*
  1587. * this can only happen if only one of the keys is not set
  1588. * which means that one of them was unsupported while the
  1589. * other isn't: hence a key type mismatch.
  1590. */
  1591. t->err = "KEYPAIR_TYPE_MISMATCH";
  1592. rv = 1;
  1593. goto end;
  1594. }
  1595. if ((rv = EVP_PKEY_cmp(pair->privk, pair->pubk)) != 1 ) {
  1596. if ( 0 == rv ) {
  1597. t->err = "KEYPAIR_MISMATCH";
  1598. } else if ( -1 == rv ) {
  1599. t->err = "KEYPAIR_TYPE_MISMATCH";
  1600. } else if ( -2 == rv ) {
  1601. t->err = "UNSUPPORTED_KEY_COMPARISON";
  1602. } else {
  1603. TEST_error("Unexpected error in key comparison");
  1604. rv = 0;
  1605. goto end;
  1606. }
  1607. rv = 1;
  1608. goto end;
  1609. }
  1610. rv = 1;
  1611. t->err = NULL;
  1612. end:
  1613. return rv;
  1614. }
  1615. static const EVP_TEST_METHOD keypair_test_method = {
  1616. "PrivPubKeyPair",
  1617. keypair_test_init,
  1618. keypair_test_cleanup,
  1619. void_test_parse,
  1620. keypair_test_run
  1621. };
  1622. /**
  1623. *** KEYGEN TEST
  1624. **/
  1625. typedef struct keygen_test_data_st {
  1626. EVP_PKEY_CTX *genctx; /* Keygen context to use */
  1627. char *keyname; /* Key name to store key or NULL */
  1628. } KEYGEN_TEST_DATA;
  1629. static int keygen_test_init(EVP_TEST *t, const char *alg)
  1630. {
  1631. KEYGEN_TEST_DATA *data;
  1632. EVP_PKEY_CTX *genctx;
  1633. int nid = OBJ_sn2nid(alg);
  1634. if (nid == NID_undef) {
  1635. nid = OBJ_ln2nid(alg);
  1636. if (nid == NID_undef)
  1637. return 0;
  1638. }
  1639. if (!TEST_ptr(genctx = EVP_PKEY_CTX_new_id(nid, NULL))) {
  1640. /* assume algorithm disabled */
  1641. t->skip = 1;
  1642. return 1;
  1643. }
  1644. if (EVP_PKEY_keygen_init(genctx) <= 0) {
  1645. t->err = "KEYGEN_INIT_ERROR";
  1646. goto err;
  1647. }
  1648. if (!TEST_ptr(data = OPENSSL_malloc(sizeof(*data))))
  1649. goto err;
  1650. data->genctx = genctx;
  1651. data->keyname = NULL;
  1652. t->data = data;
  1653. t->err = NULL;
  1654. return 1;
  1655. err:
  1656. EVP_PKEY_CTX_free(genctx);
  1657. return 0;
  1658. }
  1659. static void keygen_test_cleanup(EVP_TEST *t)
  1660. {
  1661. KEYGEN_TEST_DATA *keygen = t->data;
  1662. EVP_PKEY_CTX_free(keygen->genctx);
  1663. OPENSSL_free(keygen->keyname);
  1664. OPENSSL_free(t->data);
  1665. t->data = NULL;
  1666. }
  1667. static int keygen_test_parse(EVP_TEST *t,
  1668. const char *keyword, const char *value)
  1669. {
  1670. KEYGEN_TEST_DATA *keygen = t->data;
  1671. if (strcmp(keyword, "KeyName") == 0)
  1672. return TEST_ptr(keygen->keyname = OPENSSL_strdup(value));
  1673. if (strcmp(keyword, "Ctrl") == 0)
  1674. return pkey_test_ctrl(t, keygen->genctx, value);
  1675. return 0;
  1676. }
  1677. static int keygen_test_run(EVP_TEST *t)
  1678. {
  1679. KEYGEN_TEST_DATA *keygen = t->data;
  1680. EVP_PKEY *pkey = NULL;
  1681. t->err = NULL;
  1682. if (EVP_PKEY_keygen(keygen->genctx, &pkey) <= 0) {
  1683. t->err = "KEYGEN_GENERATE_ERROR";
  1684. goto err;
  1685. }
  1686. if (keygen->keyname != NULL) {
  1687. KEY_LIST *key;
  1688. if (find_key(NULL, keygen->keyname, private_keys)) {
  1689. TEST_info("Duplicate key %s", keygen->keyname);
  1690. goto err;
  1691. }
  1692. if (!TEST_ptr(key = OPENSSL_malloc(sizeof(*key))))
  1693. goto err;
  1694. key->name = keygen->keyname;
  1695. keygen->keyname = NULL;
  1696. key->key = pkey;
  1697. key->next = private_keys;
  1698. private_keys = key;
  1699. } else {
  1700. EVP_PKEY_free(pkey);
  1701. }
  1702. return 1;
  1703. err:
  1704. EVP_PKEY_free(pkey);
  1705. return 0;
  1706. }
  1707. static const EVP_TEST_METHOD keygen_test_method = {
  1708. "KeyGen",
  1709. keygen_test_init,
  1710. keygen_test_cleanup,
  1711. keygen_test_parse,
  1712. keygen_test_run,
  1713. };
  1714. /**
  1715. *** DIGEST SIGN+VERIFY TESTS
  1716. **/
  1717. typedef struct {
  1718. int is_verify; /* Set to 1 if verifying */
  1719. int is_oneshot; /* Set to 1 for one shot operation */
  1720. const EVP_MD *md; /* Digest to use */
  1721. EVP_MD_CTX *ctx; /* Digest context */
  1722. EVP_PKEY_CTX *pctx;
  1723. STACK_OF(EVP_TEST_BUFFER) *input; /* Input data: streaming */
  1724. unsigned char *osin; /* Input data if one shot */
  1725. size_t osin_len; /* Input length data if one shot */
  1726. unsigned char *output; /* Expected output */
  1727. size_t output_len; /* Expected output length */
  1728. } DIGESTSIGN_DATA;
  1729. static int digestsigver_test_init(EVP_TEST *t, const char *alg, int is_verify,
  1730. int is_oneshot)
  1731. {
  1732. const EVP_MD *md = NULL;
  1733. DIGESTSIGN_DATA *mdat;
  1734. if (strcmp(alg, "NULL") != 0) {
  1735. if ((md = EVP_get_digestbyname(alg)) == NULL) {
  1736. /* If alg has an OID assume disabled algorithm */
  1737. if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) {
  1738. t->skip = 1;
  1739. return 1;
  1740. }
  1741. return 0;
  1742. }
  1743. }
  1744. if (!TEST_ptr(mdat = OPENSSL_zalloc(sizeof(*mdat))))
  1745. return 0;
  1746. mdat->md = md;
  1747. if (!TEST_ptr(mdat->ctx = EVP_MD_CTX_new())) {
  1748. OPENSSL_free(mdat);
  1749. return 0;
  1750. }
  1751. mdat->is_verify = is_verify;
  1752. mdat->is_oneshot = is_oneshot;
  1753. t->data = mdat;
  1754. return 1;
  1755. }
  1756. static int digestsign_test_init(EVP_TEST *t, const char *alg)
  1757. {
  1758. return digestsigver_test_init(t, alg, 0, 0);
  1759. }
  1760. static void digestsigver_test_cleanup(EVP_TEST *t)
  1761. {
  1762. DIGESTSIGN_DATA *mdata = t->data;
  1763. EVP_MD_CTX_free(mdata->ctx);
  1764. sk_EVP_TEST_BUFFER_pop_free(mdata->input, evp_test_buffer_free);
  1765. OPENSSL_free(mdata->osin);
  1766. OPENSSL_free(mdata->output);
  1767. OPENSSL_free(mdata);
  1768. t->data = NULL;
  1769. }
  1770. static int digestsigver_test_parse(EVP_TEST *t,
  1771. const char *keyword, const char *value)
  1772. {
  1773. DIGESTSIGN_DATA *mdata = t->data;
  1774. if (strcmp(keyword, "Key") == 0) {
  1775. EVP_PKEY *pkey = NULL;
  1776. int rv = 0;
  1777. if (mdata->is_verify)
  1778. rv = find_key(&pkey, value, public_keys);
  1779. if (rv == 0)
  1780. rv = find_key(&pkey, value, private_keys);
  1781. if (rv == 0 || pkey == NULL) {
  1782. t->skip = 1;
  1783. return 1;
  1784. }
  1785. if (mdata->is_verify) {
  1786. if (!EVP_DigestVerifyInit(mdata->ctx, &mdata->pctx, mdata->md,
  1787. NULL, pkey))
  1788. t->err = "DIGESTVERIFYINIT_ERROR";
  1789. return 1;
  1790. }
  1791. if (!EVP_DigestSignInit(mdata->ctx, &mdata->pctx, mdata->md, NULL,
  1792. pkey))
  1793. t->err = "DIGESTSIGNINIT_ERROR";
  1794. return 1;
  1795. }
  1796. if (strcmp(keyword, "Input") == 0) {
  1797. if (mdata->is_oneshot)
  1798. return parse_bin(value, &mdata->osin, &mdata->osin_len);
  1799. return evp_test_buffer_append(value, &mdata->input);
  1800. }
  1801. if (strcmp(keyword, "Output") == 0)
  1802. return parse_bin(value, &mdata->output, &mdata->output_len);
  1803. if (!mdata->is_oneshot) {
  1804. if (strcmp(keyword, "Count") == 0)
  1805. return evp_test_buffer_set_count(value, mdata->input);
  1806. if (strcmp(keyword, "Ncopy") == 0)
  1807. return evp_test_buffer_ncopy(value, mdata->input);
  1808. }
  1809. if (strcmp(keyword, "Ctrl") == 0) {
  1810. if (mdata->pctx == NULL)
  1811. return 0;
  1812. return pkey_test_ctrl(t, mdata->pctx, value);
  1813. }
  1814. return 0;
  1815. }
  1816. static int digestsign_update_fn(void *ctx, const unsigned char *buf,
  1817. size_t buflen)
  1818. {
  1819. return EVP_DigestSignUpdate(ctx, buf, buflen);
  1820. }
  1821. static int digestsign_test_run(EVP_TEST *t)
  1822. {
  1823. DIGESTSIGN_DATA *expected = t->data;
  1824. unsigned char *got = NULL;
  1825. size_t got_len;
  1826. if (!evp_test_buffer_do(expected->input, digestsign_update_fn,
  1827. expected->ctx)) {
  1828. t->err = "DIGESTUPDATE_ERROR";
  1829. goto err;
  1830. }
  1831. if (!EVP_DigestSignFinal(expected->ctx, NULL, &got_len)) {
  1832. t->err = "DIGESTSIGNFINAL_LENGTH_ERROR";
  1833. goto err;
  1834. }
  1835. if (!TEST_ptr(got = OPENSSL_malloc(got_len))) {
  1836. t->err = "MALLOC_FAILURE";
  1837. goto err;
  1838. }
  1839. if (!EVP_DigestSignFinal(expected->ctx, got, &got_len)) {
  1840. t->err = "DIGESTSIGNFINAL_ERROR";
  1841. goto err;
  1842. }
  1843. if (!TEST_mem_eq(expected->output, expected->output_len, got, got_len)) {
  1844. t->err = "SIGNATURE_MISMATCH";
  1845. goto err;
  1846. }
  1847. err:
  1848. OPENSSL_free(got);
  1849. return 1;
  1850. }
  1851. static const EVP_TEST_METHOD digestsign_test_method = {
  1852. "DigestSign",
  1853. digestsign_test_init,
  1854. digestsigver_test_cleanup,
  1855. digestsigver_test_parse,
  1856. digestsign_test_run
  1857. };
  1858. static int digestverify_test_init(EVP_TEST *t, const char *alg)
  1859. {
  1860. return digestsigver_test_init(t, alg, 1, 0);
  1861. }
  1862. static int digestverify_update_fn(void *ctx, const unsigned char *buf,
  1863. size_t buflen)
  1864. {
  1865. return EVP_DigestVerifyUpdate(ctx, buf, buflen);
  1866. }
  1867. static int digestverify_test_run(EVP_TEST *t)
  1868. {
  1869. DIGESTSIGN_DATA *mdata = t->data;
  1870. if (!evp_test_buffer_do(mdata->input, digestverify_update_fn, mdata->ctx)) {
  1871. t->err = "DIGESTUPDATE_ERROR";
  1872. return 1;
  1873. }
  1874. if (EVP_DigestVerifyFinal(mdata->ctx, mdata->output,
  1875. mdata->output_len) <= 0)
  1876. t->err = "VERIFY_ERROR";
  1877. return 1;
  1878. }
  1879. static const EVP_TEST_METHOD digestverify_test_method = {
  1880. "DigestVerify",
  1881. digestverify_test_init,
  1882. digestsigver_test_cleanup,
  1883. digestsigver_test_parse,
  1884. digestverify_test_run
  1885. };
  1886. static int oneshot_digestsign_test_init(EVP_TEST *t, const char *alg)
  1887. {
  1888. return digestsigver_test_init(t, alg, 0, 1);
  1889. }
  1890. static int oneshot_digestsign_test_run(EVP_TEST *t)
  1891. {
  1892. DIGESTSIGN_DATA *expected = t->data;
  1893. unsigned char *got = NULL;
  1894. size_t got_len;
  1895. if (!EVP_DigestSign(expected->ctx, NULL, &got_len,
  1896. expected->osin, expected->osin_len)) {
  1897. t->err = "DIGESTSIGN_LENGTH_ERROR";
  1898. goto err;
  1899. }
  1900. if (!TEST_ptr(got = OPENSSL_malloc(got_len))) {
  1901. t->err = "MALLOC_FAILURE";
  1902. goto err;
  1903. }
  1904. if (!EVP_DigestSign(expected->ctx, got, &got_len,
  1905. expected->osin, expected->osin_len)) {
  1906. t->err = "DIGESTSIGN_ERROR";
  1907. goto err;
  1908. }
  1909. if (!TEST_mem_eq(expected->output, expected->output_len, got, got_len)) {
  1910. t->err = "SIGNATURE_MISMATCH";
  1911. goto err;
  1912. }
  1913. err:
  1914. OPENSSL_free(got);
  1915. return 1;
  1916. }
  1917. static const EVP_TEST_METHOD oneshot_digestsign_test_method = {
  1918. "OneShotDigestSign",
  1919. oneshot_digestsign_test_init,
  1920. digestsigver_test_cleanup,
  1921. digestsigver_test_parse,
  1922. oneshot_digestsign_test_run
  1923. };
  1924. static int oneshot_digestverify_test_init(EVP_TEST *t, const char *alg)
  1925. {
  1926. return digestsigver_test_init(t, alg, 1, 1);
  1927. }
  1928. static int oneshot_digestverify_test_run(EVP_TEST *t)
  1929. {
  1930. DIGESTSIGN_DATA *mdata = t->data;
  1931. if (EVP_DigestVerify(mdata->ctx, mdata->output, mdata->output_len,
  1932. mdata->osin, mdata->osin_len) <= 0)
  1933. t->err = "VERIFY_ERROR";
  1934. return 1;
  1935. }
  1936. static const EVP_TEST_METHOD oneshot_digestverify_test_method = {
  1937. "OneShotDigestVerify",
  1938. oneshot_digestverify_test_init,
  1939. digestsigver_test_cleanup,
  1940. digestsigver_test_parse,
  1941. oneshot_digestverify_test_run
  1942. };
  1943. /**
  1944. *** PARSING AND DISPATCH
  1945. **/
  1946. static const EVP_TEST_METHOD *evp_test_list[] = {
  1947. &cipher_test_method,
  1948. &digest_test_method,
  1949. &digestsign_test_method,
  1950. &digestverify_test_method,
  1951. &encode_test_method,
  1952. &kdf_test_method,
  1953. &keypair_test_method,
  1954. &keygen_test_method,
  1955. &mac_test_method,
  1956. &oneshot_digestsign_test_method,
  1957. &oneshot_digestverify_test_method,
  1958. &pbe_test_method,
  1959. &pdecrypt_test_method,
  1960. &pderive_test_method,
  1961. &psign_test_method,
  1962. &pverify_recover_test_method,
  1963. &pverify_test_method,
  1964. NULL
  1965. };
  1966. static const EVP_TEST_METHOD *find_test(const char *name)
  1967. {
  1968. const EVP_TEST_METHOD **tt;
  1969. for (tt = evp_test_list; *tt; tt++) {
  1970. if (strcmp(name, (*tt)->name) == 0)
  1971. return *tt;
  1972. }
  1973. return NULL;
  1974. }
  1975. static void clear_test(EVP_TEST *t)
  1976. {
  1977. test_clearstanza(&t->s);
  1978. ERR_clear_error();
  1979. if (t->data != NULL) {
  1980. if (t->meth != NULL)
  1981. t->meth->cleanup(t);
  1982. OPENSSL_free(t->data);
  1983. t->data = NULL;
  1984. }
  1985. OPENSSL_free(t->expected_err);
  1986. t->expected_err = NULL;
  1987. OPENSSL_free(t->func);
  1988. t->func = NULL;
  1989. OPENSSL_free(t->reason);
  1990. t->reason = NULL;
  1991. /* Text literal. */
  1992. t->err = NULL;
  1993. t->skip = 0;
  1994. t->meth = NULL;
  1995. }
  1996. /*
  1997. * Check for errors in the test structure; return 1 if okay, else 0.
  1998. */
  1999. static int check_test_error(EVP_TEST *t)
  2000. {
  2001. unsigned long err;
  2002. const char *func;
  2003. const char *reason;
  2004. if (t->err == NULL && t->expected_err == NULL)
  2005. return 1;
  2006. if (t->err != NULL && t->expected_err == NULL) {
  2007. if (t->aux_err != NULL) {
  2008. TEST_info("%s:%d: Source of above error (%s); unexpected error %s",
  2009. t->s.test_file, t->s.start, t->aux_err, t->err);
  2010. } else {
  2011. TEST_info("%s:%d: Source of above error; unexpected error %s",
  2012. t->s.test_file, t->s.start, t->err);
  2013. }
  2014. return 0;
  2015. }
  2016. if (t->err == NULL && t->expected_err != NULL) {
  2017. TEST_info("%s:%d: Succeeded but was expecting %s",
  2018. t->s.test_file, t->s.start, t->expected_err);
  2019. return 0;
  2020. }
  2021. if (strcmp(t->err, t->expected_err) != 0) {
  2022. TEST_info("%s:%d: Expected %s got %s",
  2023. t->s.test_file, t->s.start, t->expected_err, t->err);
  2024. return 0;
  2025. }
  2026. if (t->func == NULL && t->reason == NULL)
  2027. return 1;
  2028. if (t->func == NULL || t->reason == NULL) {
  2029. TEST_info("%s:%d: Test is missing function or reason code",
  2030. t->s.test_file, t->s.start);
  2031. return 0;
  2032. }
  2033. err = ERR_peek_error();
  2034. if (err == 0) {
  2035. TEST_info("%s:%d: Expected error \"%s:%s\" not set",
  2036. t->s.test_file, t->s.start, t->func, t->reason);
  2037. return 0;
  2038. }
  2039. func = ERR_func_error_string(err);
  2040. reason = ERR_reason_error_string(err);
  2041. if (func == NULL && reason == NULL) {
  2042. TEST_info("%s:%d: Expected error \"%s:%s\", no strings available."
  2043. " Assuming ok.",
  2044. t->s.test_file, t->s.start, t->func, t->reason);
  2045. return 1;
  2046. }
  2047. if (strcmp(func, t->func) == 0 && strcmp(reason, t->reason) == 0)
  2048. return 1;
  2049. TEST_info("%s:%d: Expected error \"%s:%s\", got \"%s:%s\"",
  2050. t->s.test_file, t->s.start, t->func, t->reason, func, reason);
  2051. return 0;
  2052. }
  2053. /*
  2054. * Run a parsed test. Log a message and return 0 on error.
  2055. */
  2056. static int run_test(EVP_TEST *t)
  2057. {
  2058. if (t->meth == NULL)
  2059. return 1;
  2060. t->s.numtests++;
  2061. if (t->skip) {
  2062. t->s.numskip++;
  2063. } else {
  2064. /* run the test */
  2065. if (t->err == NULL && t->meth->run_test(t) != 1) {
  2066. TEST_info("%s:%d %s error",
  2067. t->s.test_file, t->s.start, t->meth->name);
  2068. return 0;
  2069. }
  2070. if (!check_test_error(t)) {
  2071. TEST_openssl_errors();
  2072. t->s.errors++;
  2073. }
  2074. }
  2075. /* clean it up */
  2076. return 1;
  2077. }
  2078. static int find_key(EVP_PKEY **ppk, const char *name, KEY_LIST *lst)
  2079. {
  2080. for (; lst != NULL; lst = lst->next) {
  2081. if (strcmp(lst->name, name) == 0) {
  2082. if (ppk != NULL)
  2083. *ppk = lst->key;
  2084. return 1;
  2085. }
  2086. }
  2087. return 0;
  2088. }
  2089. static void free_key_list(KEY_LIST *lst)
  2090. {
  2091. while (lst != NULL) {
  2092. KEY_LIST *next = lst->next;
  2093. EVP_PKEY_free(lst->key);
  2094. OPENSSL_free(lst->name);
  2095. OPENSSL_free(lst);
  2096. lst = next;
  2097. }
  2098. }
  2099. /*
  2100. * Is the key type an unsupported algorithm?
  2101. */
  2102. static int key_unsupported()
  2103. {
  2104. long err = ERR_peek_error();
  2105. if (ERR_GET_LIB(err) == ERR_LIB_EVP
  2106. && ERR_GET_REASON(err) == EVP_R_UNSUPPORTED_ALGORITHM) {
  2107. ERR_clear_error();
  2108. return 1;
  2109. }
  2110. #ifndef OPENSSL_NO_EC
  2111. /*
  2112. * If EC support is enabled we should catch also EC_R_UNKNOWN_GROUP as an
  2113. * hint to an unsupported algorithm/curve (e.g. if binary EC support is
  2114. * disabled).
  2115. */
  2116. if (ERR_GET_LIB(err) == ERR_LIB_EC
  2117. && ERR_GET_REASON(err) == EC_R_UNKNOWN_GROUP) {
  2118. ERR_clear_error();
  2119. return 1;
  2120. }
  2121. #endif /* OPENSSL_NO_EC */
  2122. return 0;
  2123. }
  2124. /*
  2125. * NULL out the value from |pp| but return it. This "steals" a pointer.
  2126. */
  2127. static char *take_value(PAIR *pp)
  2128. {
  2129. char *p = pp->value;
  2130. pp->value = NULL;
  2131. return p;
  2132. }
  2133. static int key_disabled(EVP_PKEY *pkey)
  2134. {
  2135. #if defined(OPENSSL_NO_SM2) && !defined(OPENSSL_NO_EC)
  2136. int type = EVP_PKEY_base_id(pkey);
  2137. if (type == EVP_PKEY_EC) {
  2138. EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey);
  2139. int nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
  2140. if (nid == NID_sm2)
  2141. return 1;
  2142. }
  2143. #endif /* OPENSSL_NO_SM2 */
  2144. return 0;
  2145. }
  2146. /*
  2147. * Read and parse one test. Return 0 if failure, 1 if okay.
  2148. */
  2149. static int parse(EVP_TEST *t)
  2150. {
  2151. KEY_LIST *key, **klist;
  2152. EVP_PKEY *pkey;
  2153. PAIR *pp;
  2154. int i;
  2155. top:
  2156. do {
  2157. if (BIO_eof(t->s.fp))
  2158. return EOF;
  2159. clear_test(t);
  2160. if (!test_readstanza(&t->s))
  2161. return 0;
  2162. } while (t->s.numpairs == 0);
  2163. pp = &t->s.pairs[0];
  2164. /* Are we adding a key? */
  2165. klist = NULL;
  2166. pkey = NULL;
  2167. if (strcmp(pp->key, "PrivateKey") == 0) {
  2168. pkey = PEM_read_bio_PrivateKey(t->s.key, NULL, 0, NULL);
  2169. if (pkey == NULL && !key_unsupported()) {
  2170. EVP_PKEY_free(pkey);
  2171. TEST_info("Can't read private key %s", pp->value);
  2172. TEST_openssl_errors();
  2173. return 0;
  2174. }
  2175. klist = &private_keys;
  2176. } else if (strcmp(pp->key, "PublicKey") == 0) {
  2177. pkey = PEM_read_bio_PUBKEY(t->s.key, NULL, 0, NULL);
  2178. if (pkey == NULL && !key_unsupported()) {
  2179. EVP_PKEY_free(pkey);
  2180. TEST_info("Can't read public key %s", pp->value);
  2181. TEST_openssl_errors();
  2182. return 0;
  2183. }
  2184. klist = &public_keys;
  2185. } else if (strcmp(pp->key, "PrivateKeyRaw") == 0
  2186. || strcmp(pp->key, "PublicKeyRaw") == 0 ) {
  2187. char *strnid = NULL, *keydata = NULL;
  2188. unsigned char *keybin;
  2189. size_t keylen;
  2190. int nid;
  2191. if (strcmp(pp->key, "PrivateKeyRaw") == 0)
  2192. klist = &private_keys;
  2193. else
  2194. klist = &public_keys;
  2195. strnid = strchr(pp->value, ':');
  2196. if (strnid != NULL) {
  2197. *strnid++ = '\0';
  2198. keydata = strchr(strnid, ':');
  2199. if (keydata != NULL)
  2200. *keydata++ = '\0';
  2201. }
  2202. if (keydata == NULL) {
  2203. TEST_info("Failed to parse %s value", pp->key);
  2204. return 0;
  2205. }
  2206. nid = OBJ_txt2nid(strnid);
  2207. if (nid == NID_undef) {
  2208. TEST_info("Uncrecognised algorithm NID");
  2209. return 0;
  2210. }
  2211. if (!parse_bin(keydata, &keybin, &keylen)) {
  2212. TEST_info("Failed to create binary key");
  2213. return 0;
  2214. }
  2215. if (klist == &private_keys)
  2216. pkey = EVP_PKEY_new_raw_private_key(nid, NULL, keybin, keylen);
  2217. else
  2218. pkey = EVP_PKEY_new_raw_public_key(nid, NULL, keybin, keylen);
  2219. if (pkey == NULL && !key_unsupported()) {
  2220. TEST_info("Can't read %s data", pp->key);
  2221. OPENSSL_free(keybin);
  2222. TEST_openssl_errors();
  2223. return 0;
  2224. }
  2225. OPENSSL_free(keybin);
  2226. }
  2227. if (pkey != NULL && key_disabled(pkey)) {
  2228. EVP_PKEY_free(pkey);
  2229. pkey = NULL;
  2230. }
  2231. /* If we have a key add to list */
  2232. if (klist != NULL) {
  2233. if (find_key(NULL, pp->value, *klist)) {
  2234. TEST_info("Duplicate key %s", pp->value);
  2235. return 0;
  2236. }
  2237. if (!TEST_ptr(key = OPENSSL_malloc(sizeof(*key))))
  2238. return 0;
  2239. key->name = take_value(pp);
  2240. key->key = pkey;
  2241. key->next = *klist;
  2242. *klist = key;
  2243. /* Go back and start a new stanza. */
  2244. if (t->s.numpairs != 1)
  2245. TEST_info("Line %d: missing blank line\n", t->s.curr);
  2246. goto top;
  2247. }
  2248. /* Find the test, based on first keyword. */
  2249. if (!TEST_ptr(t->meth = find_test(pp->key)))
  2250. return 0;
  2251. if (!t->meth->init(t, pp->value)) {
  2252. TEST_error("unknown %s: %s\n", pp->key, pp->value);
  2253. return 0;
  2254. }
  2255. if (t->skip == 1) {
  2256. /* TEST_info("skipping %s %s", pp->key, pp->value); */
  2257. return 0;
  2258. }
  2259. for (pp++, i = 1; i < t->s.numpairs; pp++, i++) {
  2260. if (strcmp(pp->key, "Result") == 0) {
  2261. if (t->expected_err != NULL) {
  2262. TEST_info("Line %d: multiple result lines", t->s.curr);
  2263. return 0;
  2264. }
  2265. t->expected_err = take_value(pp);
  2266. } else if (strcmp(pp->key, "Function") == 0) {
  2267. if (t->func != NULL) {
  2268. TEST_info("Line %d: multiple function lines\n", t->s.curr);
  2269. return 0;
  2270. }
  2271. t->func = take_value(pp);
  2272. } else if (strcmp(pp->key, "Reason") == 0) {
  2273. if (t->reason != NULL) {
  2274. TEST_info("Line %d: multiple reason lines", t->s.curr);
  2275. return 0;
  2276. }
  2277. t->reason = take_value(pp);
  2278. } else {
  2279. /* Must be test specific line: try to parse it */
  2280. int rv = t->meth->parse(t, pp->key, pp->value);
  2281. if (rv == 0) {
  2282. TEST_info("Line %d: unknown keyword %s", t->s.curr, pp->key);
  2283. return 0;
  2284. }
  2285. if (rv < 0) {
  2286. TEST_info("Line %d: error processing keyword %s\n",
  2287. t->s.curr, pp->key);
  2288. return 0;
  2289. }
  2290. }
  2291. }
  2292. return 1;
  2293. }
  2294. static int run_file_tests(int i)
  2295. {
  2296. EVP_TEST *t;
  2297. const char *testfile = test_get_argument(i);
  2298. int c;
  2299. if (!TEST_ptr(t = OPENSSL_zalloc(sizeof(*t))))
  2300. return 0;
  2301. if (!test_start_file(&t->s, testfile)) {
  2302. OPENSSL_free(t);
  2303. return 0;
  2304. }
  2305. while (!BIO_eof(t->s.fp)) {
  2306. c = parse(t);
  2307. if (t->skip)
  2308. continue;
  2309. if (c == 0 || !run_test(t)) {
  2310. t->s.errors++;
  2311. break;
  2312. }
  2313. }
  2314. test_end_file(&t->s);
  2315. clear_test(t);
  2316. free_key_list(public_keys);
  2317. free_key_list(private_keys);
  2318. BIO_free(t->s.key);
  2319. c = t->s.errors;
  2320. OPENSSL_free(t);
  2321. return c == 0;
  2322. }
  2323. int setup_tests(void)
  2324. {
  2325. size_t n = test_get_argument_count();
  2326. if (n == 0) {
  2327. TEST_error("Usage: %s file...", test_get_program_name());
  2328. return 0;
  2329. }
  2330. ADD_ALL_TESTS(run_file_tests, n);
  2331. return 1;
  2332. }