evp_fetch_prov_test.c 7.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251
  1. /*
  2. * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <string.h>
  10. #include <openssl/sha.h>
  11. #include <openssl/evp.h>
  12. #include <openssl/provider.h>
  13. #include "testutil.h"
  14. static char *alg = "digest";
  15. static int use_default_ctx = 0;
  16. static char *fetch_property = NULL;
  17. static int expected_fetch_result = 1;
  18. typedef enum OPTION_choice {
  19. OPT_ERR = -1,
  20. OPT_EOF = 0,
  21. OPT_ALG_FETCH_TYPE,
  22. OPT_FETCH_PROPERTY,
  23. OPT_FETCH_FAILURE,
  24. OPT_USE_DEFAULTCTX,
  25. OPT_TEST_ENUM
  26. } OPTION_CHOICE;
  27. const OPTIONS *test_get_options(void)
  28. {
  29. static const OPTIONS test_options[] = {
  30. OPT_TEST_OPTIONS_WITH_EXTRA_USAGE("[provname...]\n"),
  31. { "type", OPT_ALG_FETCH_TYPE, 's', "The fetch type to test" },
  32. { "property", OPT_FETCH_PROPERTY, 's', "The fetch property e.g. fips=yes" },
  33. { "fetchfail", OPT_FETCH_FAILURE, '-', "fetch is expected to fail" },
  34. { "defaultctx", OPT_USE_DEFAULTCTX, '-',
  35. "Use the default context if this is set" },
  36. { OPT_HELP_STR, 1, '-',
  37. "file\tProvider names to explicitly load\n" },
  38. { NULL }
  39. };
  40. return test_options;
  41. }
  42. static int calculate_digest(const EVP_MD *md, const char *msg, size_t len,
  43. const unsigned char *exptd)
  44. {
  45. unsigned char out[SHA256_DIGEST_LENGTH];
  46. EVP_MD_CTX *ctx;
  47. int ret = 0;
  48. if (!TEST_ptr(ctx = EVP_MD_CTX_new())
  49. || !TEST_true(EVP_DigestInit_ex(ctx, md, NULL))
  50. || !TEST_true(EVP_DigestUpdate(ctx, msg, len))
  51. || !TEST_true(EVP_DigestFinal_ex(ctx, out, NULL))
  52. || !TEST_mem_eq(out, SHA256_DIGEST_LENGTH, exptd,
  53. SHA256_DIGEST_LENGTH)
  54. || !TEST_true(md == EVP_MD_CTX_md(ctx)))
  55. goto err;
  56. ret = 1;
  57. err:
  58. EVP_MD_CTX_free(ctx);
  59. return ret;
  60. }
  61. static int load_providers(OPENSSL_CTX **libctx, OSSL_PROVIDER *prov[])
  62. {
  63. OPENSSL_CTX *ctx;
  64. int ret = 0;
  65. size_t i;
  66. ctx = OPENSSL_CTX_new();
  67. if (!TEST_ptr(ctx))
  68. goto err;
  69. if (test_get_argument_count() > 2)
  70. goto err;
  71. for (i = 0; i < test_get_argument_count(); ++i) {
  72. char *provname = test_get_argument(i);
  73. prov[i] = OSSL_PROVIDER_load(ctx, provname);
  74. if (!TEST_ptr(prov[i]))
  75. goto err;
  76. }
  77. ret = 1;
  78. *libctx = ctx;
  79. err:
  80. return ret;
  81. }
  82. /*
  83. * Test EVP_MD_fetch()
  84. */
  85. static int test_EVP_MD_fetch(void)
  86. {
  87. OPENSSL_CTX *ctx = NULL;
  88. EVP_MD *md = NULL;
  89. OSSL_PROVIDER *prov[2] = {NULL, NULL};
  90. int ret = 0;
  91. const char testmsg[] = "Hello world";
  92. const unsigned char exptd[] = {
  93. 0x27, 0x51, 0x8b, 0xa9, 0x68, 0x30, 0x11, 0xf6, 0xb3, 0x96, 0x07, 0x2c,
  94. 0x05, 0xf6, 0x65, 0x6d, 0x04, 0xf5, 0xfb, 0xc3, 0x78, 0x7c, 0xf9, 0x24,
  95. 0x90, 0xec, 0x60, 0x6e, 0x50, 0x92, 0xe3, 0x26
  96. };
  97. if (use_default_ctx == 0 && !load_providers(&ctx, prov))
  98. goto err;
  99. /* Implicit fetching of the MD should produce the expected result */
  100. if (!TEST_true(calculate_digest(EVP_sha256(), testmsg, sizeof(testmsg),
  101. exptd))
  102. || !TEST_int_eq(EVP_MD_size(EVP_sha256()), SHA256_DIGEST_LENGTH)
  103. || !TEST_int_eq(EVP_MD_block_size(EVP_sha256()), SHA256_CBLOCK))
  104. goto err;
  105. /* Fetch the digest from a provider using properties. */
  106. md = EVP_MD_fetch(ctx, "SHA256", fetch_property);
  107. if (expected_fetch_result != 0) {
  108. if (!TEST_ptr(md)
  109. || !TEST_int_eq(EVP_MD_nid(md), NID_sha256)
  110. || !TEST_true(calculate_digest(md, testmsg, sizeof(testmsg), exptd))
  111. || !TEST_int_eq(EVP_MD_size(md), SHA256_DIGEST_LENGTH)
  112. || !TEST_int_eq(EVP_MD_block_size(md), SHA256_CBLOCK))
  113. goto err;
  114. /* Also test EVP_MD_up_ref() while we're doing this */
  115. if (!TEST_true(EVP_MD_up_ref(md)))
  116. goto err;
  117. /* Ref count should now be 2. Release first one here */
  118. EVP_MD_meth_free(md);
  119. } else {
  120. if (!TEST_ptr_null(md))
  121. goto err;
  122. }
  123. ret = 1;
  124. err:
  125. EVP_MD_meth_free(md);
  126. OSSL_PROVIDER_unload(prov[0]);
  127. OSSL_PROVIDER_unload(prov[1]);
  128. /* Not normally needed, but we would like to test that
  129. * OPENSSL_thread_stop_ex() behaves as expected.
  130. */
  131. if (ctx != NULL) {
  132. OPENSSL_thread_stop_ex(ctx);
  133. OPENSSL_CTX_free(ctx);
  134. }
  135. return ret;
  136. }
  137. static int encrypt_decrypt(const EVP_CIPHER *cipher, const unsigned char *msg,
  138. size_t len)
  139. {
  140. int ret = 0, ctlen, ptlen;
  141. EVP_CIPHER_CTX *ctx = NULL;
  142. unsigned char key[128 / 8];
  143. unsigned char ct[64], pt[64];
  144. memset(key, 0, sizeof(key));
  145. if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())
  146. || !TEST_true(EVP_CipherInit_ex(ctx, cipher, NULL, key, NULL, 1))
  147. || !TEST_true(EVP_CipherUpdate(ctx, ct, &ctlen, msg, len))
  148. || !TEST_true(EVP_CipherFinal_ex(ctx, ct, &ctlen))
  149. || !TEST_true(EVP_CipherInit_ex(ctx, cipher, NULL, key, NULL, 0))
  150. || !TEST_true(EVP_CipherUpdate(ctx, pt, &ptlen, ct, ctlen))
  151. || !TEST_true(EVP_CipherFinal_ex(ctx, pt, &ptlen))
  152. || !TEST_mem_eq(pt, ptlen, msg, len))
  153. goto err;
  154. ret = 1;
  155. err:
  156. EVP_CIPHER_CTX_free(ctx);
  157. return ret;
  158. }
  159. /*
  160. * Test EVP_CIPHER_fetch()
  161. */
  162. static int test_EVP_CIPHER_fetch(void)
  163. {
  164. OPENSSL_CTX *ctx = NULL;
  165. EVP_CIPHER *cipher = NULL;
  166. OSSL_PROVIDER *prov[2] = {NULL, NULL};
  167. int ret = 0;
  168. const unsigned char testmsg[] = "Hello world";
  169. if (use_default_ctx == 0 && !load_providers(&ctx, prov))
  170. goto err;
  171. /* Implicit fetching of the cipher should produce the expected result */
  172. if (!TEST_true(encrypt_decrypt(EVP_aes_128_cbc(), testmsg, sizeof(testmsg))))
  173. goto err;
  174. /* Fetch the cipher from a provider using properties. */
  175. cipher = EVP_CIPHER_fetch(ctx, "AES-128-CBC", fetch_property);
  176. if (expected_fetch_result != 0) {
  177. if (!TEST_ptr(cipher)
  178. || !TEST_true(encrypt_decrypt(cipher, testmsg, sizeof(testmsg)))) {
  179. if (!TEST_true(EVP_CIPHER_up_ref(cipher)))
  180. goto err;
  181. /* Ref count should now be 2. Release first one here */
  182. EVP_CIPHER_meth_free(cipher);
  183. }
  184. } else {
  185. if (!TEST_ptr_null(cipher))
  186. goto err;
  187. }
  188. ret = 1;
  189. err:
  190. EVP_CIPHER_meth_free(cipher);
  191. OSSL_PROVIDER_unload(prov[0]);
  192. OSSL_PROVIDER_unload(prov[1]);
  193. OPENSSL_CTX_free(ctx);
  194. return ret;
  195. }
  196. int setup_tests(void)
  197. {
  198. OPTION_CHOICE o;
  199. while ((o = opt_next()) != OPT_EOF) {
  200. switch (o) {
  201. case OPT_ALG_FETCH_TYPE:
  202. alg = opt_arg();
  203. break;
  204. case OPT_FETCH_PROPERTY:
  205. fetch_property = opt_arg();
  206. break;
  207. case OPT_FETCH_FAILURE:
  208. expected_fetch_result = 0;
  209. break;
  210. case OPT_USE_DEFAULTCTX:
  211. use_default_ctx = 1;
  212. break;
  213. case OPT_TEST_CASES:
  214. break;
  215. default:
  216. case OPT_ERR:
  217. return 0;
  218. }
  219. }
  220. if (strcmp(alg, "digest") == 0)
  221. ADD_TEST(test_EVP_MD_fetch);
  222. else
  223. ADD_TEST(test_EVP_CIPHER_fetch);
  224. return 1;
  225. }