2
0

api.c 545 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340234123422343234423452346234723482349235023512352235323542355235623572358235923602361236223632364236523662367236823692370237123722373237423752376237723782379238023812382238323842385238623872388238923902391239223932394239523962397239823992400240124022403240424052406240724082409241024112412241324142415241624172418241924202421242224232424242524262427242824292430243124322433243424352436243724382439244024412442244324442445244624472448244924502451245224532454245524562457245824592460246124622463246424652466246724682469247024712472247324742475247624772478247924802481248224832484248524862487248824892490249124922493249424952496249724982499250025012502250325042505250625072508250925102511251225132514251525162517251825192520252125222523252425252526252725282529253025312532253325342535253625372538253925402541254225432544254525462547254825492550255125522553255425552556255725582559256025612562256325642565256625672568256925702571257225732574257525762577257825792580258125822583258425852586258725882589259025912592259325942595259625972598259926002601260226032604260526062607260826092610261126122613261426152616261726182619262026212622262326242625262626272628262926302631263226332634263526362637263826392640264126422643264426452646264726482649265026512652265326542655265626572658265926602661266226632664266526662667266826692670267126722673267426752676267726782679268026812682268326842685268626872688268926902691269226932694269526962697269826992700270127022703270427052706270727082709271027112712271327142715271627172718271927202721272227232724272527262727272827292730273127322733273427352736273727382739274027412742274327442745274627472748274927502751275227532754275527562757275827592760276127622763276427652766276727682769277027712772277327742775277627772778277927802781278227832784278527862787278827892790279127922793279427952796279727982799280028012802280328042805280628072808280928102811281228132814281528162817281828192820282128222823282428252826282728282829283028312832283328342835283628372838283928402841284228432844284528462847284828492850285128522853285428552856285728582859286028612862286328642865286628672868286928702871287228732874287528762877287828792880288128822883288428852886288728882889289028912892289328942895289628972898289929002901290229032904290529062907290829092910291129122913291429152916291729182919292029212922292329242925292629272928292929302931293229332934293529362937293829392940294129422943294429452946294729482949295029512952295329542955295629572958295929602961296229632964296529662967296829692970297129722973297429752976297729782979298029812982298329842985298629872988298929902991299229932994299529962997299829993000300130023003300430053006300730083009301030113012301330143015301630173018301930203021302230233024302530263027302830293030303130323033303430353036303730383039304030413042304330443045304630473048304930503051305230533054305530563057305830593060306130623063306430653066306730683069307030713072307330743075307630773078307930803081308230833084308530863087308830893090309130923093309430953096309730983099310031013102310331043105310631073108310931103111311231133114311531163117311831193120312131223123312431253126312731283129313031313132313331343135313631373138313931403141314231433144314531463147314831493150315131523153315431553156315731583159316031613162316331643165316631673168316931703171317231733174317531763177317831793180318131823183318431853186318731883189319031913192319331943195319631973198319932003201320232033204320532063207320832093210321132123213321432153216321732183219322032213222322332243225322632273228322932303231323232333234323532363237323832393240324132423243324432453246324732483249325032513252325332543255325632573258325932603261326232633264326532663267326832693270327132723273327432753276327732783279328032813282328332843285328632873288328932903291329232933294329532963297329832993300330133023303330433053306330733083309331033113312331333143315331633173318331933203321332233233324332533263327332833293330333133323333333433353336333733383339334033413342334333443345334633473348334933503351335233533354335533563357335833593360336133623363336433653366336733683369337033713372337333743375337633773378337933803381338233833384338533863387338833893390339133923393339433953396339733983399340034013402340334043405340634073408340934103411341234133414341534163417341834193420342134223423342434253426342734283429343034313432343334343435343634373438343934403441344234433444344534463447344834493450345134523453345434553456345734583459346034613462346334643465346634673468346934703471347234733474347534763477347834793480348134823483348434853486348734883489349034913492349334943495349634973498349935003501350235033504350535063507350835093510351135123513351435153516351735183519352035213522352335243525352635273528352935303531353235333534353535363537353835393540354135423543354435453546354735483549355035513552355335543555355635573558355935603561356235633564356535663567356835693570357135723573357435753576357735783579358035813582358335843585358635873588358935903591359235933594359535963597359835993600360136023603360436053606360736083609361036113612361336143615361636173618361936203621362236233624362536263627362836293630363136323633363436353636363736383639364036413642364336443645364636473648364936503651365236533654365536563657365836593660366136623663366436653666366736683669367036713672367336743675367636773678367936803681368236833684368536863687368836893690369136923693369436953696369736983699370037013702370337043705370637073708370937103711371237133714371537163717371837193720372137223723372437253726372737283729373037313732373337343735373637373738373937403741374237433744374537463747374837493750375137523753375437553756375737583759376037613762376337643765376637673768376937703771377237733774377537763777377837793780378137823783378437853786378737883789379037913792379337943795379637973798379938003801380238033804380538063807380838093810381138123813381438153816381738183819382038213822382338243825382638273828382938303831383238333834383538363837383838393840384138423843384438453846384738483849385038513852385338543855385638573858385938603861386238633864386538663867386838693870387138723873387438753876387738783879388038813882388338843885388638873888388938903891389238933894389538963897389838993900390139023903390439053906390739083909391039113912391339143915391639173918391939203921392239233924392539263927392839293930393139323933393439353936393739383939394039413942394339443945394639473948394939503951395239533954395539563957395839593960396139623963396439653966396739683969397039713972397339743975397639773978397939803981398239833984398539863987398839893990399139923993399439953996399739983999400040014002400340044005400640074008400940104011401240134014401540164017401840194020402140224023402440254026402740284029403040314032403340344035403640374038403940404041404240434044404540464047404840494050405140524053405440554056405740584059406040614062406340644065406640674068406940704071407240734074407540764077407840794080408140824083408440854086408740884089409040914092409340944095409640974098409941004101410241034104410541064107410841094110411141124113411441154116411741184119412041214122412341244125412641274128412941304131413241334134413541364137413841394140414141424143414441454146414741484149415041514152415341544155415641574158415941604161416241634164416541664167416841694170417141724173417441754176417741784179418041814182418341844185418641874188418941904191419241934194419541964197419841994200420142024203420442054206420742084209421042114212421342144215421642174218421942204221422242234224422542264227422842294230423142324233423442354236423742384239424042414242424342444245424642474248424942504251425242534254425542564257425842594260426142624263426442654266426742684269427042714272427342744275427642774278427942804281428242834284428542864287428842894290429142924293429442954296429742984299430043014302430343044305430643074308430943104311431243134314431543164317431843194320432143224323432443254326432743284329433043314332433343344335433643374338433943404341434243434344434543464347434843494350435143524353435443554356435743584359436043614362436343644365436643674368436943704371437243734374437543764377437843794380438143824383438443854386438743884389439043914392439343944395439643974398439944004401440244034404440544064407440844094410441144124413441444154416441744184419442044214422442344244425442644274428442944304431443244334434443544364437443844394440444144424443444444454446444744484449445044514452445344544455445644574458445944604461446244634464446544664467446844694470447144724473447444754476447744784479448044814482448344844485448644874488448944904491449244934494449544964497449844994500450145024503450445054506450745084509451045114512451345144515451645174518451945204521452245234524452545264527452845294530453145324533453445354536453745384539454045414542454345444545454645474548454945504551455245534554455545564557455845594560456145624563456445654566456745684569457045714572457345744575457645774578457945804581458245834584458545864587458845894590459145924593459445954596459745984599460046014602460346044605460646074608460946104611461246134614461546164617461846194620462146224623462446254626462746284629463046314632463346344635463646374638463946404641464246434644464546464647464846494650465146524653465446554656465746584659466046614662466346644665466646674668466946704671467246734674467546764677467846794680468146824683468446854686468746884689469046914692469346944695469646974698469947004701470247034704470547064707470847094710471147124713471447154716471747184719472047214722472347244725472647274728472947304731473247334734473547364737473847394740474147424743474447454746474747484749475047514752475347544755475647574758475947604761476247634764476547664767476847694770477147724773477447754776477747784779478047814782478347844785478647874788478947904791479247934794479547964797479847994800480148024803480448054806480748084809481048114812481348144815481648174818481948204821482248234824482548264827482848294830483148324833483448354836483748384839484048414842484348444845484648474848484948504851485248534854485548564857485848594860486148624863486448654866486748684869487048714872487348744875487648774878487948804881488248834884488548864887488848894890489148924893489448954896489748984899490049014902490349044905490649074908490949104911491249134914491549164917491849194920492149224923492449254926492749284929493049314932493349344935493649374938493949404941494249434944494549464947494849494950495149524953495449554956495749584959496049614962496349644965496649674968496949704971497249734974497549764977497849794980498149824983498449854986498749884989499049914992499349944995499649974998499950005001500250035004500550065007500850095010501150125013501450155016501750185019502050215022502350245025502650275028502950305031503250335034503550365037503850395040504150425043504450455046504750485049505050515052505350545055505650575058505950605061506250635064506550665067506850695070507150725073507450755076507750785079508050815082508350845085508650875088508950905091509250935094509550965097509850995100510151025103510451055106510751085109511051115112511351145115511651175118511951205121512251235124512551265127512851295130513151325133513451355136513751385139514051415142514351445145514651475148514951505151515251535154515551565157515851595160516151625163516451655166516751685169517051715172517351745175517651775178517951805181518251835184518551865187518851895190519151925193519451955196519751985199520052015202520352045205520652075208520952105211521252135214521552165217521852195220522152225223522452255226522752285229523052315232523352345235523652375238523952405241524252435244524552465247524852495250525152525253525452555256525752585259526052615262526352645265526652675268526952705271527252735274527552765277527852795280528152825283528452855286528752885289529052915292529352945295529652975298529953005301530253035304530553065307530853095310531153125313531453155316531753185319532053215322532353245325532653275328532953305331533253335334533553365337533853395340534153425343534453455346534753485349535053515352535353545355535653575358535953605361536253635364536553665367536853695370537153725373537453755376537753785379538053815382538353845385538653875388538953905391539253935394539553965397539853995400540154025403540454055406540754085409541054115412541354145415541654175418541954205421542254235424542554265427542854295430543154325433543454355436543754385439544054415442544354445445544654475448544954505451545254535454545554565457545854595460546154625463546454655466546754685469547054715472547354745475547654775478547954805481548254835484548554865487548854895490549154925493549454955496549754985499550055015502550355045505550655075508550955105511551255135514551555165517551855195520552155225523552455255526552755285529553055315532553355345535553655375538553955405541554255435544554555465547554855495550555155525553555455555556555755585559556055615562556355645565556655675568556955705571557255735574557555765577557855795580558155825583558455855586558755885589559055915592559355945595559655975598559956005601560256035604560556065607560856095610561156125613561456155616561756185619562056215622562356245625562656275628562956305631563256335634563556365637563856395640564156425643564456455646564756485649565056515652565356545655565656575658565956605661566256635664566556665667566856695670567156725673567456755676567756785679568056815682568356845685568656875688568956905691569256935694569556965697569856995700570157025703570457055706570757085709571057115712571357145715571657175718571957205721572257235724572557265727572857295730573157325733573457355736573757385739574057415742574357445745574657475748574957505751575257535754575557565757575857595760576157625763576457655766576757685769577057715772577357745775577657775778577957805781578257835784578557865787578857895790579157925793579457955796579757985799580058015802580358045805580658075808580958105811581258135814581558165817581858195820582158225823582458255826582758285829583058315832583358345835583658375838583958405841584258435844584558465847584858495850585158525853585458555856585758585859586058615862586358645865586658675868586958705871587258735874587558765877587858795880588158825883588458855886588758885889589058915892589358945895589658975898589959005901590259035904590559065907590859095910591159125913591459155916591759185919592059215922592359245925592659275928592959305931593259335934593559365937593859395940594159425943594459455946594759485949595059515952595359545955595659575958595959605961596259635964596559665967596859695970597159725973597459755976597759785979598059815982598359845985598659875988598959905991599259935994599559965997599859996000600160026003600460056006600760086009601060116012601360146015601660176018601960206021602260236024602560266027602860296030603160326033603460356036603760386039604060416042604360446045604660476048604960506051605260536054605560566057605860596060606160626063606460656066606760686069607060716072607360746075607660776078607960806081608260836084608560866087608860896090609160926093609460956096609760986099610061016102610361046105610661076108610961106111611261136114611561166117611861196120612161226123612461256126612761286129613061316132613361346135613661376138613961406141614261436144614561466147614861496150615161526153615461556156615761586159616061616162616361646165616661676168616961706171617261736174617561766177617861796180618161826183618461856186618761886189619061916192619361946195619661976198619962006201620262036204620562066207620862096210621162126213621462156216621762186219622062216222622362246225622662276228622962306231623262336234623562366237623862396240624162426243624462456246624762486249625062516252625362546255625662576258625962606261626262636264626562666267626862696270627162726273627462756276627762786279628062816282628362846285628662876288628962906291629262936294629562966297629862996300630163026303630463056306630763086309631063116312631363146315631663176318631963206321632263236324632563266327632863296330633163326333633463356336633763386339634063416342634363446345634663476348634963506351635263536354635563566357635863596360636163626363636463656366636763686369637063716372637363746375637663776378637963806381638263836384638563866387638863896390639163926393639463956396639763986399640064016402640364046405640664076408640964106411641264136414641564166417641864196420642164226423642464256426642764286429643064316432643364346435643664376438643964406441644264436444644564466447644864496450645164526453645464556456645764586459646064616462646364646465646664676468646964706471647264736474647564766477647864796480648164826483648464856486648764886489649064916492649364946495649664976498649965006501650265036504650565066507650865096510651165126513651465156516651765186519652065216522652365246525652665276528652965306531653265336534653565366537653865396540654165426543654465456546654765486549655065516552655365546555655665576558655965606561656265636564656565666567656865696570657165726573657465756576657765786579658065816582658365846585658665876588658965906591659265936594659565966597659865996600660166026603660466056606660766086609661066116612661366146615661666176618661966206621662266236624662566266627662866296630663166326633663466356636663766386639664066416642664366446645664666476648664966506651665266536654665566566657665866596660666166626663666466656666666766686669667066716672667366746675667666776678667966806681668266836684668566866687668866896690669166926693669466956696669766986699670067016702670367046705670667076708670967106711671267136714671567166717671867196720672167226723672467256726672767286729673067316732673367346735673667376738673967406741674267436744674567466747674867496750675167526753675467556756675767586759676067616762676367646765676667676768676967706771677267736774677567766777677867796780678167826783678467856786678767886789679067916792679367946795679667976798679968006801680268036804680568066807680868096810681168126813681468156816681768186819682068216822682368246825682668276828682968306831683268336834683568366837683868396840684168426843684468456846684768486849685068516852685368546855685668576858685968606861686268636864686568666867686868696870687168726873687468756876687768786879688068816882688368846885688668876888688968906891689268936894689568966897689868996900690169026903690469056906690769086909691069116912691369146915691669176918691969206921692269236924692569266927692869296930693169326933693469356936693769386939694069416942694369446945694669476948694969506951695269536954695569566957695869596960696169626963696469656966696769686969697069716972697369746975697669776978697969806981698269836984698569866987698869896990699169926993699469956996699769986999700070017002700370047005700670077008700970107011701270137014701570167017701870197020702170227023702470257026702770287029703070317032703370347035703670377038703970407041704270437044704570467047704870497050705170527053705470557056705770587059706070617062706370647065706670677068706970707071707270737074707570767077707870797080708170827083708470857086708770887089709070917092709370947095709670977098709971007101710271037104710571067107710871097110711171127113711471157116711771187119712071217122712371247125712671277128712971307131713271337134713571367137713871397140714171427143714471457146714771487149715071517152715371547155715671577158715971607161716271637164716571667167716871697170717171727173717471757176717771787179718071817182718371847185718671877188718971907191719271937194719571967197719871997200720172027203720472057206720772087209721072117212721372147215721672177218721972207221722272237224722572267227722872297230723172327233723472357236723772387239724072417242724372447245724672477248724972507251725272537254725572567257725872597260726172627263726472657266726772687269727072717272727372747275727672777278727972807281728272837284728572867287728872897290729172927293729472957296729772987299730073017302730373047305730673077308730973107311731273137314731573167317731873197320732173227323732473257326732773287329733073317332733373347335733673377338733973407341734273437344734573467347734873497350735173527353735473557356735773587359736073617362736373647365736673677368736973707371737273737374737573767377737873797380738173827383738473857386738773887389739073917392739373947395739673977398739974007401740274037404740574067407740874097410741174127413741474157416741774187419742074217422742374247425742674277428742974307431743274337434743574367437743874397440744174427443744474457446744774487449745074517452745374547455745674577458745974607461746274637464746574667467746874697470747174727473747474757476747774787479748074817482748374847485748674877488748974907491749274937494749574967497749874997500750175027503750475057506750775087509751075117512751375147515751675177518751975207521752275237524752575267527752875297530753175327533753475357536753775387539754075417542754375447545754675477548754975507551755275537554755575567557755875597560756175627563756475657566756775687569757075717572757375747575757675777578757975807581758275837584758575867587758875897590759175927593759475957596759775987599760076017602760376047605760676077608760976107611761276137614761576167617761876197620762176227623762476257626762776287629763076317632763376347635763676377638763976407641764276437644764576467647764876497650765176527653765476557656765776587659766076617662766376647665766676677668766976707671767276737674767576767677767876797680768176827683768476857686768776887689769076917692769376947695769676977698769977007701770277037704770577067707770877097710771177127713771477157716771777187719772077217722772377247725772677277728772977307731773277337734773577367737773877397740774177427743774477457746774777487749775077517752775377547755775677577758775977607761776277637764776577667767776877697770777177727773777477757776777777787779778077817782778377847785778677877788778977907791779277937794779577967797779877997800780178027803780478057806780778087809781078117812781378147815781678177818781978207821782278237824782578267827782878297830783178327833783478357836783778387839784078417842784378447845784678477848784978507851785278537854785578567857785878597860786178627863786478657866786778687869787078717872787378747875787678777878787978807881788278837884788578867887788878897890789178927893789478957896789778987899790079017902790379047905790679077908790979107911791279137914791579167917791879197920792179227923792479257926792779287929793079317932793379347935793679377938793979407941794279437944794579467947794879497950795179527953795479557956795779587959796079617962796379647965796679677968796979707971797279737974797579767977797879797980798179827983798479857986798779887989799079917992799379947995799679977998799980008001800280038004800580068007800880098010801180128013801480158016801780188019802080218022802380248025802680278028802980308031803280338034803580368037803880398040804180428043804480458046804780488049805080518052805380548055805680578058805980608061806280638064806580668067806880698070807180728073807480758076807780788079808080818082808380848085808680878088808980908091809280938094809580968097809880998100810181028103810481058106810781088109811081118112811381148115811681178118811981208121812281238124812581268127812881298130813181328133813481358136813781388139814081418142814381448145814681478148814981508151815281538154815581568157815881598160816181628163816481658166816781688169817081718172817381748175817681778178817981808181818281838184818581868187818881898190819181928193819481958196819781988199820082018202820382048205820682078208820982108211821282138214821582168217821882198220822182228223822482258226822782288229823082318232823382348235823682378238823982408241824282438244824582468247824882498250825182528253825482558256825782588259826082618262826382648265826682678268826982708271827282738274827582768277827882798280828182828283828482858286828782888289829082918292829382948295829682978298829983008301830283038304830583068307830883098310831183128313831483158316831783188319832083218322832383248325832683278328832983308331833283338334833583368337833883398340834183428343834483458346834783488349835083518352835383548355835683578358835983608361836283638364836583668367836883698370837183728373837483758376837783788379838083818382838383848385838683878388838983908391839283938394839583968397839883998400840184028403840484058406840784088409841084118412841384148415841684178418841984208421842284238424842584268427842884298430843184328433843484358436843784388439844084418442844384448445844684478448844984508451845284538454845584568457845884598460846184628463846484658466846784688469847084718472847384748475847684778478847984808481848284838484848584868487848884898490849184928493849484958496849784988499850085018502850385048505850685078508850985108511851285138514851585168517851885198520852185228523852485258526852785288529853085318532853385348535853685378538853985408541854285438544854585468547854885498550855185528553855485558556855785588559856085618562856385648565856685678568856985708571857285738574857585768577857885798580858185828583858485858586858785888589859085918592859385948595859685978598859986008601860286038604860586068607860886098610861186128613861486158616861786188619862086218622862386248625862686278628862986308631863286338634863586368637863886398640864186428643864486458646864786488649865086518652865386548655865686578658865986608661866286638664866586668667866886698670867186728673867486758676867786788679868086818682868386848685868686878688868986908691869286938694869586968697869886998700870187028703870487058706870787088709871087118712871387148715871687178718871987208721872287238724872587268727872887298730873187328733873487358736873787388739874087418742874387448745874687478748874987508751875287538754875587568757875887598760876187628763876487658766876787688769877087718772877387748775877687778778877987808781878287838784878587868787878887898790879187928793879487958796879787988799880088018802880388048805880688078808880988108811881288138814881588168817881888198820882188228823882488258826882788288829883088318832883388348835883688378838883988408841884288438844884588468847884888498850885188528853885488558856885788588859886088618862886388648865886688678868886988708871887288738874887588768877887888798880888188828883888488858886888788888889889088918892889388948895889688978898889989008901890289038904890589068907890889098910891189128913891489158916891789188919892089218922892389248925892689278928892989308931893289338934893589368937893889398940894189428943894489458946894789488949895089518952895389548955895689578958895989608961896289638964896589668967896889698970897189728973897489758976897789788979898089818982898389848985898689878988898989908991899289938994899589968997899889999000900190029003900490059006900790089009901090119012901390149015901690179018901990209021902290239024902590269027902890299030903190329033903490359036903790389039904090419042904390449045904690479048904990509051905290539054905590569057905890599060906190629063906490659066906790689069907090719072907390749075907690779078907990809081908290839084908590869087908890899090909190929093909490959096909790989099910091019102910391049105910691079108910991109111911291139114911591169117911891199120912191229123912491259126912791289129913091319132913391349135913691379138913991409141914291439144914591469147914891499150915191529153915491559156915791589159916091619162916391649165916691679168916991709171917291739174917591769177917891799180918191829183918491859186918791889189919091919192919391949195919691979198919992009201920292039204920592069207920892099210921192129213921492159216921792189219922092219222922392249225922692279228922992309231923292339234923592369237923892399240924192429243924492459246924792489249925092519252925392549255925692579258925992609261926292639264926592669267926892699270927192729273927492759276927792789279928092819282928392849285928692879288928992909291929292939294929592969297929892999300930193029303930493059306930793089309931093119312931393149315931693179318931993209321932293239324932593269327932893299330933193329333933493359336933793389339934093419342934393449345934693479348934993509351935293539354935593569357935893599360936193629363936493659366936793689369937093719372937393749375937693779378937993809381938293839384938593869387938893899390939193929393939493959396939793989399940094019402940394049405940694079408940994109411941294139414941594169417941894199420942194229423942494259426942794289429943094319432943394349435943694379438943994409441944294439444944594469447944894499450945194529453945494559456945794589459946094619462946394649465946694679468946994709471947294739474947594769477947894799480948194829483948494859486948794889489949094919492949394949495949694979498949995009501950295039504950595069507950895099510951195129513951495159516951795189519952095219522952395249525952695279528952995309531953295339534953595369537953895399540954195429543954495459546954795489549955095519552955395549555955695579558955995609561956295639564956595669567956895699570957195729573957495759576957795789579958095819582958395849585958695879588958995909591959295939594959595969597959895999600960196029603960496059606960796089609961096119612961396149615961696179618961996209621962296239624962596269627962896299630963196329633963496359636963796389639964096419642964396449645964696479648964996509651965296539654965596569657965896599660966196629663966496659666966796689669967096719672967396749675967696779678967996809681968296839684968596869687968896899690969196929693969496959696969796989699970097019702970397049705970697079708970997109711971297139714971597169717971897199720972197229723972497259726972797289729973097319732973397349735973697379738973997409741974297439744974597469747974897499750975197529753975497559756975797589759976097619762976397649765976697679768976997709771977297739774977597769777977897799780978197829783978497859786978797889789979097919792979397949795979697979798979998009801980298039804980598069807980898099810981198129813981498159816981798189819982098219822982398249825982698279828982998309831983298339834983598369837983898399840984198429843984498459846984798489849985098519852985398549855985698579858985998609861986298639864986598669867986898699870987198729873987498759876987798789879988098819882988398849885988698879888988998909891989298939894989598969897989898999900990199029903990499059906990799089909991099119912991399149915991699179918991999209921992299239924992599269927992899299930993199329933993499359936993799389939994099419942994399449945994699479948994999509951995299539954995599569957995899599960996199629963996499659966996799689969997099719972997399749975997699779978997999809981998299839984998599869987998899899990999199929993999499959996999799989999100001000110002100031000410005100061000710008100091001010011100121001310014100151001610017100181001910020100211002210023100241002510026100271002810029100301003110032100331003410035100361003710038100391004010041100421004310044100451004610047100481004910050100511005210053100541005510056100571005810059100601006110062100631006410065100661006710068100691007010071100721007310074100751007610077100781007910080100811008210083100841008510086100871008810089100901009110092100931009410095100961009710098100991010010101101021010310104101051010610107101081010910110101111011210113101141011510116101171011810119101201012110122101231012410125101261012710128101291013010131101321013310134101351013610137101381013910140101411014210143101441014510146101471014810149101501015110152101531015410155101561015710158101591016010161101621016310164101651016610167101681016910170101711017210173101741017510176101771017810179101801018110182101831018410185101861018710188101891019010191101921019310194101951019610197101981019910200102011020210203102041020510206102071020810209102101021110212102131021410215102161021710218102191022010221102221022310224102251022610227102281022910230102311023210233102341023510236102371023810239102401024110242102431024410245102461024710248102491025010251102521025310254102551025610257102581025910260102611026210263102641026510266102671026810269102701027110272102731027410275102761027710278102791028010281102821028310284102851028610287102881028910290102911029210293102941029510296102971029810299103001030110302103031030410305103061030710308103091031010311103121031310314103151031610317103181031910320103211032210323103241032510326103271032810329103301033110332103331033410335103361033710338103391034010341103421034310344103451034610347103481034910350103511035210353103541035510356103571035810359103601036110362103631036410365103661036710368103691037010371103721037310374103751037610377103781037910380103811038210383103841038510386103871038810389103901039110392103931039410395103961039710398103991040010401104021040310404104051040610407104081040910410104111041210413104141041510416104171041810419104201042110422104231042410425104261042710428104291043010431104321043310434104351043610437104381043910440104411044210443104441044510446104471044810449104501045110452104531045410455104561045710458104591046010461104621046310464104651046610467104681046910470104711047210473104741047510476104771047810479104801048110482104831048410485104861048710488104891049010491104921049310494104951049610497104981049910500105011050210503105041050510506105071050810509105101051110512105131051410515105161051710518105191052010521105221052310524105251052610527105281052910530105311053210533105341053510536105371053810539105401054110542105431054410545105461054710548105491055010551105521055310554105551055610557105581055910560105611056210563105641056510566105671056810569105701057110572105731057410575105761057710578105791058010581105821058310584105851058610587105881058910590105911059210593105941059510596105971059810599106001060110602106031060410605106061060710608106091061010611106121061310614106151061610617106181061910620106211062210623106241062510626106271062810629106301063110632106331063410635106361063710638106391064010641106421064310644106451064610647106481064910650106511065210653106541065510656106571065810659106601066110662106631066410665106661066710668106691067010671106721067310674106751067610677106781067910680106811068210683106841068510686106871068810689106901069110692106931069410695106961069710698106991070010701107021070310704107051070610707107081070910710107111071210713107141071510716107171071810719107201072110722107231072410725107261072710728107291073010731107321073310734107351073610737107381073910740107411074210743107441074510746107471074810749107501075110752107531075410755107561075710758107591076010761107621076310764107651076610767107681076910770107711077210773107741077510776107771077810779107801078110782107831078410785107861078710788107891079010791107921079310794107951079610797107981079910800108011080210803108041080510806108071080810809108101081110812108131081410815108161081710818108191082010821108221082310824108251082610827108281082910830108311083210833108341083510836108371083810839108401084110842108431084410845108461084710848108491085010851108521085310854108551085610857108581085910860108611086210863108641086510866108671086810869108701087110872108731087410875108761087710878108791088010881108821088310884108851088610887108881088910890108911089210893108941089510896108971089810899109001090110902109031090410905109061090710908109091091010911109121091310914109151091610917109181091910920109211092210923109241092510926109271092810929109301093110932109331093410935109361093710938109391094010941109421094310944109451094610947109481094910950109511095210953109541095510956109571095810959109601096110962109631096410965109661096710968109691097010971109721097310974109751097610977109781097910980109811098210983109841098510986109871098810989109901099110992109931099410995109961099710998109991100011001110021100311004110051100611007110081100911010110111101211013110141101511016110171101811019110201102111022110231102411025110261102711028110291103011031110321103311034110351103611037110381103911040110411104211043110441104511046110471104811049110501105111052110531105411055110561105711058110591106011061110621106311064110651106611067110681106911070110711107211073110741107511076110771107811079110801108111082110831108411085110861108711088110891109011091110921109311094110951109611097110981109911100111011110211103111041110511106111071110811109111101111111112111131111411115111161111711118111191112011121111221112311124111251112611127111281112911130111311113211133111341113511136111371113811139111401114111142111431114411145111461114711148111491115011151111521115311154111551115611157111581115911160111611116211163111641116511166111671116811169111701117111172111731117411175111761117711178111791118011181111821118311184111851118611187111881118911190111911119211193111941119511196111971119811199112001120111202112031120411205112061120711208112091121011211112121121311214112151121611217112181121911220112211122211223112241122511226112271122811229112301123111232112331123411235112361123711238112391124011241112421124311244112451124611247112481124911250112511125211253112541125511256112571125811259112601126111262112631126411265112661126711268112691127011271112721127311274112751127611277112781127911280112811128211283112841128511286112871128811289112901129111292112931129411295112961129711298112991130011301113021130311304113051130611307113081130911310113111131211313113141131511316113171131811319113201132111322113231132411325113261132711328113291133011331113321133311334113351133611337113381133911340113411134211343113441134511346113471134811349113501135111352113531135411355113561135711358113591136011361113621136311364113651136611367113681136911370113711137211373113741137511376113771137811379113801138111382113831138411385113861138711388113891139011391113921139311394113951139611397113981139911400114011140211403114041140511406114071140811409114101141111412114131141411415114161141711418114191142011421114221142311424114251142611427114281142911430114311143211433114341143511436114371143811439114401144111442114431144411445114461144711448114491145011451114521145311454114551145611457114581145911460114611146211463114641146511466114671146811469114701147111472114731147411475114761147711478114791148011481114821148311484114851148611487114881148911490114911149211493114941149511496114971149811499115001150111502115031150411505115061150711508115091151011511115121151311514115151151611517115181151911520115211152211523115241152511526115271152811529115301153111532115331153411535115361153711538115391154011541115421154311544115451154611547115481154911550115511155211553115541155511556115571155811559115601156111562115631156411565115661156711568115691157011571115721157311574115751157611577115781157911580115811158211583115841158511586115871158811589115901159111592115931159411595115961159711598115991160011601116021160311604116051160611607116081160911610116111161211613116141161511616116171161811619116201162111622116231162411625116261162711628116291163011631116321163311634116351163611637116381163911640116411164211643116441164511646116471164811649116501165111652116531165411655116561165711658116591166011661116621166311664116651166611667116681166911670116711167211673116741167511676116771167811679116801168111682116831168411685116861168711688116891169011691116921169311694116951169611697116981169911700117011170211703117041170511706117071170811709117101171111712117131171411715117161171711718117191172011721117221172311724117251172611727117281172911730117311173211733117341173511736117371173811739117401174111742117431174411745117461174711748117491175011751117521175311754117551175611757117581175911760117611176211763117641176511766117671176811769117701177111772117731177411775117761177711778117791178011781117821178311784117851178611787117881178911790117911179211793117941179511796117971179811799118001180111802118031180411805118061180711808118091181011811118121181311814118151181611817118181181911820118211182211823118241182511826118271182811829118301183111832118331183411835118361183711838118391184011841118421184311844118451184611847118481184911850118511185211853118541185511856118571185811859118601186111862118631186411865118661186711868118691187011871118721187311874118751187611877118781187911880118811188211883118841188511886118871188811889118901189111892118931189411895118961189711898118991190011901119021190311904119051190611907119081190911910119111191211913119141191511916119171191811919119201192111922119231192411925119261192711928119291193011931119321193311934119351193611937119381193911940119411194211943119441194511946119471194811949119501195111952119531195411955119561195711958119591196011961119621196311964119651196611967119681196911970119711197211973119741197511976119771197811979119801198111982119831198411985119861198711988119891199011991119921199311994119951199611997119981199912000120011200212003120041200512006120071200812009120101201112012120131201412015120161201712018120191202012021120221202312024120251202612027120281202912030120311203212033120341203512036120371203812039120401204112042120431204412045120461204712048120491205012051120521205312054120551205612057120581205912060120611206212063120641206512066120671206812069120701207112072120731207412075120761207712078120791208012081120821208312084120851208612087120881208912090120911209212093120941209512096120971209812099121001210112102121031210412105121061210712108121091211012111121121211312114121151211612117121181211912120121211212212123121241212512126121271212812129121301213112132121331213412135121361213712138121391214012141121421214312144121451214612147121481214912150121511215212153121541215512156121571215812159121601216112162121631216412165121661216712168121691217012171121721217312174121751217612177121781217912180121811218212183121841218512186121871218812189121901219112192121931219412195121961219712198121991220012201122021220312204122051220612207122081220912210122111221212213122141221512216122171221812219122201222112222122231222412225122261222712228122291223012231122321223312234122351223612237122381223912240122411224212243122441224512246122471224812249122501225112252122531225412255122561225712258122591226012261122621226312264122651226612267122681226912270122711227212273122741227512276122771227812279122801228112282122831228412285122861228712288122891229012291122921229312294122951229612297122981229912300123011230212303123041230512306123071230812309123101231112312123131231412315123161231712318123191232012321123221232312324123251232612327123281232912330123311233212333123341233512336123371233812339123401234112342123431234412345123461234712348123491235012351123521235312354123551235612357123581235912360123611236212363123641236512366123671236812369123701237112372123731237412375123761237712378123791238012381123821238312384123851238612387123881238912390123911239212393123941239512396123971239812399124001240112402124031240412405124061240712408124091241012411124121241312414124151241612417124181241912420124211242212423124241242512426124271242812429124301243112432124331243412435124361243712438124391244012441124421244312444124451244612447124481244912450124511245212453124541245512456124571245812459124601246112462124631246412465124661246712468124691247012471124721247312474124751247612477124781247912480124811248212483124841248512486124871248812489124901249112492124931249412495124961249712498124991250012501125021250312504125051250612507125081250912510125111251212513125141251512516125171251812519125201252112522125231252412525125261252712528125291253012531125321253312534125351253612537125381253912540125411254212543125441254512546125471254812549125501255112552125531255412555125561255712558125591256012561125621256312564125651256612567125681256912570125711257212573125741257512576125771257812579125801258112582125831258412585125861258712588125891259012591125921259312594125951259612597125981259912600126011260212603126041260512606126071260812609126101261112612126131261412615126161261712618126191262012621126221262312624126251262612627126281262912630126311263212633126341263512636126371263812639126401264112642126431264412645126461264712648126491265012651126521265312654126551265612657126581265912660126611266212663126641266512666126671266812669126701267112672126731267412675126761267712678126791268012681126821268312684126851268612687126881268912690126911269212693126941269512696126971269812699127001270112702127031270412705127061270712708127091271012711127121271312714127151271612717127181271912720127211272212723127241272512726127271272812729127301273112732127331273412735127361273712738127391274012741127421274312744127451274612747127481274912750127511275212753127541275512756127571275812759127601276112762127631276412765127661276712768127691277012771127721277312774127751277612777127781277912780127811278212783127841278512786127871278812789127901279112792127931279412795127961279712798127991280012801128021280312804128051280612807128081280912810128111281212813128141281512816128171281812819128201282112822128231282412825128261282712828128291283012831128321283312834128351283612837128381283912840128411284212843128441284512846128471284812849128501285112852128531285412855128561285712858128591286012861128621286312864128651286612867128681286912870128711287212873128741287512876128771287812879128801288112882128831288412885128861288712888128891289012891128921289312894128951289612897128981289912900129011290212903129041290512906129071290812909129101291112912129131291412915129161291712918129191292012921129221292312924129251292612927129281292912930129311293212933129341293512936129371293812939129401294112942129431294412945129461294712948129491295012951129521295312954129551295612957129581295912960129611296212963129641296512966129671296812969129701297112972129731297412975129761297712978129791298012981129821298312984129851298612987129881298912990129911299212993129941299512996129971299812999130001300113002130031300413005130061300713008130091301013011130121301313014130151301613017130181301913020130211302213023130241302513026130271302813029130301303113032130331303413035130361303713038130391304013041130421304313044130451304613047130481304913050130511305213053130541305513056130571305813059130601306113062130631306413065130661306713068130691307013071130721307313074130751307613077130781307913080130811308213083130841308513086130871308813089130901309113092130931309413095130961309713098130991310013101131021310313104131051310613107131081310913110131111311213113131141311513116131171311813119131201312113122131231312413125131261312713128131291313013131131321313313134131351313613137131381313913140131411314213143131441314513146131471314813149131501315113152131531315413155131561315713158131591316013161131621316313164131651316613167131681316913170131711317213173131741317513176131771317813179131801318113182131831318413185131861318713188131891319013191131921319313194131951319613197131981319913200132011320213203132041320513206132071320813209132101321113212132131321413215132161321713218132191322013221132221322313224132251322613227132281322913230132311323213233132341323513236132371323813239132401324113242132431324413245132461324713248132491325013251132521325313254132551325613257132581325913260132611326213263132641326513266132671326813269132701327113272132731327413275132761327713278132791328013281132821328313284132851328613287132881328913290132911329213293132941329513296132971329813299133001330113302133031330413305133061330713308133091331013311133121331313314133151331613317133181331913320133211332213323133241332513326133271332813329133301333113332133331333413335133361333713338133391334013341133421334313344133451334613347133481334913350133511335213353133541335513356133571335813359133601336113362133631336413365133661336713368133691337013371133721337313374133751337613377133781337913380133811338213383133841338513386133871338813389133901339113392133931339413395133961339713398133991340013401134021340313404134051340613407134081340913410134111341213413134141341513416134171341813419134201342113422134231342413425134261342713428134291343013431134321343313434134351343613437134381343913440134411344213443134441344513446134471344813449134501345113452134531345413455134561345713458134591346013461134621346313464134651346613467134681346913470134711347213473134741347513476134771347813479134801348113482134831348413485134861348713488134891349013491134921349313494134951349613497134981349913500135011350213503135041350513506135071350813509135101351113512135131351413515135161351713518135191352013521135221352313524135251352613527135281352913530135311353213533135341353513536135371353813539135401354113542135431354413545135461354713548135491355013551135521355313554135551355613557135581355913560135611356213563135641356513566135671356813569135701357113572135731357413575135761357713578135791358013581135821358313584135851358613587135881358913590135911359213593135941359513596135971359813599136001360113602136031360413605136061360713608136091361013611136121361313614136151361613617136181361913620136211362213623136241362513626136271362813629136301363113632136331363413635136361363713638136391364013641136421364313644136451364613647136481364913650136511365213653136541365513656136571365813659136601366113662136631366413665136661366713668136691367013671136721367313674136751367613677136781367913680136811368213683136841368513686136871368813689136901369113692136931369413695136961369713698136991370013701137021370313704137051370613707137081370913710137111371213713137141371513716137171371813719137201372113722137231372413725137261372713728137291373013731137321373313734137351373613737137381373913740137411374213743137441374513746137471374813749137501375113752137531375413755137561375713758137591376013761137621376313764137651376613767137681376913770137711377213773137741377513776137771377813779137801378113782137831378413785137861378713788137891379013791137921379313794137951379613797137981379913800138011380213803138041380513806138071380813809138101381113812138131381413815138161381713818138191382013821138221382313824138251382613827138281382913830138311383213833138341383513836138371383813839138401384113842138431384413845138461384713848138491385013851138521385313854138551385613857138581385913860138611386213863138641386513866138671386813869138701387113872138731387413875138761387713878138791388013881138821388313884138851388613887138881388913890138911389213893138941389513896138971389813899139001390113902139031390413905139061390713908139091391013911139121391313914139151391613917139181391913920139211392213923139241392513926139271392813929139301393113932139331393413935139361393713938139391394013941139421394313944139451394613947139481394913950139511395213953139541395513956139571395813959139601396113962139631396413965139661396713968139691397013971139721397313974139751397613977139781397913980139811398213983139841398513986139871398813989139901399113992139931399413995139961399713998139991400014001140021400314004140051400614007140081400914010140111401214013140141401514016140171401814019140201402114022140231402414025140261402714028140291403014031140321403314034140351403614037140381403914040140411404214043140441404514046140471404814049140501405114052140531405414055140561405714058140591406014061140621406314064140651406614067140681406914070140711407214073140741407514076140771407814079140801408114082140831408414085140861408714088140891409014091140921409314094140951409614097140981409914100141011410214103141041410514106141071410814109141101411114112141131411414115141161411714118141191412014121141221412314124141251412614127141281412914130141311413214133141341413514136141371413814139141401414114142141431414414145141461414714148141491415014151141521415314154141551415614157141581415914160141611416214163141641416514166141671416814169141701417114172141731417414175141761417714178141791418014181141821418314184141851418614187141881418914190141911419214193141941419514196141971419814199142001420114202142031420414205142061420714208142091421014211142121421314214142151421614217142181421914220142211422214223142241422514226142271422814229142301423114232142331423414235142361423714238142391424014241142421424314244142451424614247142481424914250142511425214253142541425514256142571425814259142601426114262142631426414265142661426714268142691427014271142721427314274142751427614277142781427914280142811428214283142841428514286142871428814289142901429114292142931429414295142961429714298142991430014301143021430314304143051430614307143081430914310143111431214313143141431514316143171431814319143201432114322143231432414325143261432714328143291433014331143321433314334143351433614337143381433914340143411434214343143441434514346143471434814349143501435114352143531435414355143561435714358143591436014361143621436314364143651436614367143681436914370143711437214373143741437514376143771437814379143801438114382143831438414385143861438714388143891439014391143921439314394143951439614397143981439914400144011440214403144041440514406144071440814409144101441114412144131441414415144161441714418144191442014421144221442314424144251442614427144281442914430144311443214433144341443514436144371443814439144401444114442144431444414445144461444714448144491445014451144521445314454144551445614457144581445914460144611446214463144641446514466144671446814469144701447114472144731447414475144761447714478144791448014481144821448314484144851448614487144881448914490144911449214493144941449514496144971449814499145001450114502145031450414505145061450714508145091451014511145121451314514145151451614517145181451914520145211452214523145241452514526145271452814529145301453114532145331453414535145361453714538145391454014541145421454314544145451454614547145481454914550145511455214553145541455514556145571455814559145601456114562145631456414565145661456714568145691457014571145721457314574145751457614577145781457914580145811458214583145841458514586145871458814589145901459114592145931459414595145961459714598145991460014601146021460314604146051460614607146081460914610146111461214613146141461514616146171461814619146201462114622146231462414625146261462714628146291463014631146321463314634146351463614637146381463914640146411464214643146441464514646146471464814649146501465114652146531465414655146561465714658146591466014661146621466314664146651466614667146681466914670146711467214673146741467514676146771467814679146801468114682146831468414685146861468714688146891469014691146921469314694146951469614697146981469914700147011470214703147041470514706147071470814709147101471114712147131471414715147161471714718147191472014721147221472314724147251472614727147281472914730147311473214733147341473514736147371473814739147401474114742147431474414745147461474714748147491475014751147521475314754147551475614757147581475914760147611476214763147641476514766147671476814769147701477114772147731477414775147761477714778147791478014781147821478314784147851478614787147881478914790147911479214793147941479514796147971479814799148001480114802148031480414805148061480714808148091481014811148121481314814148151481614817148181481914820148211482214823148241482514826148271482814829148301483114832148331483414835148361483714838148391484014841148421484314844148451484614847148481484914850148511485214853148541485514856148571485814859148601486114862148631486414865148661486714868148691487014871148721487314874148751487614877148781487914880148811488214883148841488514886148871488814889148901489114892148931489414895148961489714898148991490014901149021490314904149051490614907149081490914910149111491214913149141491514916149171491814919149201492114922149231492414925149261492714928149291493014931149321493314934149351493614937149381493914940149411494214943149441494514946149471494814949149501495114952149531495414955149561495714958149591496014961149621496314964149651496614967149681496914970149711497214973149741497514976149771497814979149801498114982149831498414985149861498714988149891499014991149921499314994149951499614997149981499915000150011500215003150041500515006150071500815009150101501115012150131501415015150161501715018150191502015021150221502315024150251502615027150281502915030150311503215033150341503515036150371503815039150401504115042150431504415045150461504715048150491505015051150521505315054150551505615057150581505915060150611506215063150641506515066150671506815069150701507115072150731507415075150761507715078150791508015081150821508315084150851508615087150881508915090150911509215093150941509515096150971509815099151001510115102151031510415105151061510715108151091511015111151121511315114151151511615117151181511915120151211512215123151241512515126151271512815129151301513115132151331513415135151361513715138151391514015141151421514315144151451514615147151481514915150151511515215153151541515515156151571515815159151601516115162151631516415165151661516715168151691517015171151721517315174151751517615177151781517915180151811518215183151841518515186151871518815189151901519115192151931519415195151961519715198151991520015201152021520315204152051520615207152081520915210152111521215213152141521515216152171521815219152201522115222152231522415225152261522715228152291523015231152321523315234152351523615237152381523915240152411524215243152441524515246152471524815249152501525115252152531525415255152561525715258152591526015261152621526315264152651526615267152681526915270152711527215273152741527515276152771527815279152801528115282152831528415285152861528715288152891529015291152921529315294152951529615297152981529915300153011530215303153041530515306153071530815309153101531115312153131531415315153161531715318153191532015321153221532315324153251532615327153281532915330153311533215333153341533515336153371533815339153401534115342153431534415345153461534715348153491535015351153521535315354153551535615357153581535915360153611536215363153641536515366153671536815369153701537115372153731537415375153761537715378153791538015381153821538315384153851538615387153881538915390153911539215393153941539515396153971539815399154001540115402154031540415405154061540715408154091541015411154121541315414154151541615417154181541915420154211542215423154241542515426154271542815429154301543115432154331543415435154361543715438154391544015441154421544315444154451544615447154481544915450154511545215453154541545515456154571545815459154601546115462154631546415465154661546715468154691547015471154721547315474154751547615477154781547915480154811548215483154841548515486154871548815489154901549115492154931549415495154961549715498154991550015501155021550315504155051550615507155081550915510155111551215513155141551515516155171551815519155201552115522155231552415525155261552715528155291553015531155321553315534155351553615537155381553915540155411554215543155441554515546155471554815549155501555115552155531555415555155561555715558155591556015561155621556315564155651556615567155681556915570155711557215573155741557515576155771557815579155801558115582155831558415585155861558715588155891559015591155921559315594155951559615597155981559915600156011560215603156041560515606156071560815609156101561115612156131561415615156161561715618156191562015621156221562315624156251562615627156281562915630156311563215633156341563515636156371563815639156401564115642156431564415645156461564715648156491565015651156521565315654156551565615657156581565915660156611566215663156641566515666156671566815669156701567115672156731567415675156761567715678156791568015681156821568315684156851568615687156881568915690156911569215693156941569515696156971569815699157001570115702157031570415705157061570715708157091571015711157121571315714157151571615717157181571915720157211572215723157241572515726157271572815729157301573115732157331573415735157361573715738157391574015741157421574315744157451574615747157481574915750157511575215753157541575515756157571575815759157601576115762157631576415765157661576715768157691577015771157721577315774157751577615777157781577915780157811578215783157841578515786157871578815789157901579115792157931579415795157961579715798157991580015801158021580315804158051580615807158081580915810158111581215813158141581515816158171581815819158201582115822158231582415825158261582715828158291583015831158321583315834158351583615837158381583915840158411584215843158441584515846158471584815849158501585115852158531585415855158561585715858158591586015861158621586315864158651586615867158681586915870158711587215873158741587515876158771587815879158801588115882158831588415885158861588715888158891589015891158921589315894158951589615897158981589915900159011590215903159041590515906159071590815909159101591115912159131591415915159161591715918159191592015921159221592315924159251592615927159281592915930159311593215933159341593515936159371593815939159401594115942159431594415945159461594715948159491595015951159521595315954159551595615957159581595915960159611596215963159641596515966159671596815969159701597115972159731597415975159761597715978159791598015981159821598315984159851598615987159881598915990159911599215993159941599515996159971599815999160001600116002160031600416005160061600716008160091601016011160121601316014160151601616017160181601916020160211602216023160241602516026160271602816029160301603116032160331603416035160361603716038160391604016041160421604316044160451604616047160481604916050160511605216053160541605516056160571605816059160601606116062160631606416065160661606716068160691607016071160721607316074160751607616077160781607916080160811608216083160841608516086160871608816089160901609116092160931609416095160961609716098160991610016101161021610316104161051610616107161081610916110161111611216113161141611516116161171611816119161201612116122161231612416125161261612716128161291613016131161321613316134161351613616137161381613916140161411614216143161441614516146161471614816149161501615116152161531615416155161561615716158161591616016161161621616316164161651616616167161681616916170161711617216173161741617516176161771617816179161801618116182161831618416185161861618716188161891619016191161921619316194161951619616197161981619916200162011620216203162041620516206162071620816209162101621116212162131621416215162161621716218162191622016221162221622316224162251622616227162281622916230162311623216233162341623516236162371623816239162401624116242162431624416245162461624716248162491625016251162521625316254162551625616257162581625916260162611626216263162641626516266162671626816269162701627116272162731627416275162761627716278162791628016281162821628316284162851628616287162881628916290162911629216293162941629516296162971629816299163001630116302163031630416305163061630716308163091631016311163121631316314163151631616317163181631916320163211632216323163241632516326163271632816329163301633116332163331633416335163361633716338163391634016341163421634316344163451634616347163481634916350163511635216353163541635516356163571635816359163601636116362163631636416365163661636716368163691637016371163721637316374163751637616377163781637916380163811638216383163841638516386163871638816389163901639116392163931639416395163961639716398163991640016401164021640316404164051640616407164081640916410164111641216413164141641516416164171641816419164201642116422164231642416425164261642716428164291643016431164321643316434164351643616437164381643916440164411644216443164441644516446164471644816449164501645116452164531645416455164561645716458164591646016461164621646316464164651646616467164681646916470164711647216473164741647516476164771647816479164801648116482164831648416485164861648716488164891649016491164921649316494164951649616497164981649916500165011650216503165041650516506165071650816509165101651116512165131651416515165161651716518165191652016521165221652316524165251652616527165281652916530165311653216533165341653516536165371653816539165401654116542165431654416545165461654716548165491655016551165521655316554165551655616557165581655916560165611656216563165641656516566165671656816569165701657116572165731657416575165761657716578165791658016581165821658316584165851658616587165881658916590165911659216593165941659516596165971659816599166001660116602166031660416605166061660716608166091661016611166121661316614166151661616617166181661916620166211662216623166241662516626166271662816629166301663116632166331663416635166361663716638166391664016641166421664316644166451664616647166481664916650166511665216653166541665516656166571665816659166601666116662166631666416665166661666716668166691667016671166721667316674166751667616677166781667916680166811668216683166841668516686166871668816689166901669116692166931669416695166961669716698166991670016701167021670316704167051670616707167081670916710167111671216713167141671516716167171671816719167201672116722167231672416725167261672716728167291673016731167321673316734167351673616737167381673916740167411674216743167441674516746167471674816749167501675116752167531675416755167561675716758167591676016761167621676316764167651676616767167681676916770167711677216773167741677516776167771677816779167801678116782167831678416785167861678716788167891679016791167921679316794167951679616797167981679916800168011680216803168041680516806168071680816809168101681116812168131681416815168161681716818168191682016821168221682316824168251682616827168281682916830168311683216833168341683516836168371683816839168401684116842168431684416845168461684716848168491685016851168521685316854168551685616857168581685916860168611686216863168641686516866168671686816869168701687116872168731687416875168761687716878168791688016881168821688316884168851688616887168881688916890168911689216893168941689516896168971689816899169001690116902169031690416905169061690716908169091691016911169121691316914169151691616917169181691916920169211692216923169241692516926169271692816929169301693116932169331693416935169361693716938169391694016941169421694316944169451694616947169481694916950169511695216953169541695516956169571695816959169601696116962169631696416965169661696716968169691697016971169721697316974169751697616977169781697916980169811698216983169841698516986169871698816989169901699116992169931699416995169961699716998169991700017001170021700317004170051700617007170081700917010170111701217013170141701517016170171701817019170201702117022170231702417025170261702717028170291703017031170321703317034170351703617037170381703917040170411704217043170441704517046170471704817049170501705117052170531705417055170561705717058170591706017061170621706317064170651706617067170681706917070170711707217073170741707517076170771707817079170801708117082170831708417085170861708717088170891709017091170921709317094170951709617097170981709917100171011710217103171041710517106171071710817109171101711117112171131711417115171161711717118171191712017121171221712317124171251712617127171281712917130171311713217133171341713517136171371713817139171401714117142171431714417145171461714717148171491715017151171521715317154171551715617157171581715917160171611716217163171641716517166171671716817169171701717117172171731717417175171761717717178171791718017181171821718317184171851718617187171881718917190171911719217193171941719517196171971719817199172001720117202172031720417205172061720717208172091721017211172121721317214172151721617217172181721917220172211722217223172241722517226172271722817229172301723117232172331723417235172361723717238172391724017241172421724317244172451724617247172481724917250172511725217253172541725517256172571725817259172601726117262172631726417265172661726717268172691727017271172721727317274172751727617277172781727917280172811728217283172841728517286172871728817289172901729117292172931729417295172961729717298172991730017301173021730317304173051730617307173081730917310173111731217313173141731517316173171731817319173201732117322173231732417325173261732717328173291733017331173321733317334173351733617337173381733917340173411734217343173441734517346173471734817349173501735117352173531735417355173561735717358173591736017361173621736317364173651736617367173681736917370173711737217373173741737517376173771737817379173801738117382173831738417385173861738717388173891739017391173921739317394173951739617397173981739917400174011740217403174041740517406174071740817409174101741117412174131741417415174161741717418174191742017421174221742317424174251742617427174281742917430174311743217433174341743517436174371743817439174401744117442174431744417445174461744717448174491745017451174521745317454174551745617457174581745917460174611746217463174641746517466174671746817469174701747117472174731747417475174761747717478174791748017481174821748317484174851748617487174881748917490174911749217493174941749517496174971749817499175001750117502175031750417505175061750717508175091751017511175121751317514175151751617517175181751917520175211752217523175241752517526175271752817529175301753117532175331753417535175361753717538175391754017541175421754317544175451754617547175481754917550175511755217553175541755517556175571755817559175601756117562175631756417565175661756717568175691757017571175721757317574175751757617577175781757917580175811758217583175841758517586175871758817589175901759117592175931759417595175961759717598175991760017601176021760317604176051760617607176081760917610176111761217613176141761517616176171761817619176201762117622176231762417625176261762717628176291763017631176321763317634176351763617637176381763917640176411764217643176441764517646176471764817649176501765117652176531765417655176561765717658176591766017661176621766317664176651766617667176681766917670176711767217673176741767517676176771767817679176801768117682176831768417685176861768717688176891769017691176921769317694176951769617697176981769917700177011770217703177041770517706177071770817709177101771117712177131771417715177161771717718177191772017721177221772317724177251772617727177281772917730177311773217733177341773517736177371773817739177401774117742177431774417745177461774717748177491775017751177521775317754177551775617757177581775917760177611776217763177641776517766177671776817769177701777117772177731777417775177761777717778177791778017781177821778317784177851778617787177881778917790177911779217793177941779517796177971779817799178001780117802178031780417805178061780717808178091781017811178121781317814178151781617817178181781917820178211782217823178241782517826178271782817829178301783117832178331783417835178361783717838178391784017841178421784317844178451784617847178481784917850178511785217853178541785517856178571785817859178601786117862178631786417865178661786717868178691787017871178721787317874178751787617877178781787917880178811788217883178841788517886178871788817889178901789117892178931789417895178961789717898178991790017901179021790317904179051790617907179081790917910179111791217913179141791517916179171791817919179201792117922179231792417925179261792717928179291793017931179321793317934179351793617937179381793917940179411794217943179441794517946179471794817949179501795117952179531795417955179561795717958179591796017961179621796317964179651796617967179681796917970179711797217973179741797517976179771797817979179801798117982179831798417985179861798717988179891799017991179921799317994179951799617997179981799918000180011800218003180041800518006180071800818009180101801118012180131801418015180161801718018180191802018021180221802318024180251802618027180281802918030180311803218033180341803518036180371803818039180401804118042180431804418045180461804718048180491805018051180521805318054180551805618057180581805918060180611806218063180641806518066180671806818069180701807118072180731807418075180761807718078180791808018081180821808318084180851808618087180881808918090180911809218093180941809518096180971809818099181001810118102181031810418105181061810718108181091811018111181121811318114181151811618117181181811918120181211812218123181241812518126181271812818129181301813118132181331813418135181361813718138181391814018141181421814318144181451814618147181481814918150181511815218153181541815518156181571815818159181601816118162181631816418165181661816718168181691817018171181721817318174181751817618177181781817918180181811818218183181841818518186181871818818189181901819118192181931819418195181961819718198181991820018201182021820318204182051820618207182081820918210182111821218213182141821518216182171821818219182201822118222182231822418225182261822718228182291823018231182321823318234182351823618237182381823918240182411824218243182441824518246182471824818249182501825118252182531825418255182561825718258182591826018261182621826318264182651826618267182681826918270182711827218273182741827518276182771827818279182801828118282182831828418285182861828718288182891829018291182921829318294182951829618297182981829918300183011830218303183041830518306183071830818309183101831118312183131831418315183161831718318183191832018321183221832318324183251832618327183281832918330183311833218333183341833518336183371833818339183401834118342183431834418345183461834718348183491835018351183521835318354183551835618357183581835918360183611836218363183641836518366183671836818369183701837118372183731837418375183761837718378183791838018381183821838318384183851838618387183881838918390183911839218393183941839518396183971839818399184001840118402184031840418405184061840718408184091841018411184121841318414184151841618417184181841918420184211842218423184241842518426184271842818429184301843118432184331843418435184361843718438184391844018441184421844318444184451844618447184481844918450184511845218453184541845518456184571845818459184601846118462184631846418465184661846718468184691847018471184721847318474184751847618477184781847918480184811848218483184841848518486184871848818489184901849118492184931849418495184961849718498184991850018501185021850318504185051850618507185081850918510185111851218513185141851518516185171851818519185201852118522185231852418525185261852718528185291853018531185321853318534185351853618537185381853918540185411854218543185441854518546185471854818549185501855118552185531855418555185561855718558185591856018561185621856318564185651856618567185681856918570185711857218573185741857518576185771857818579185801858118582185831858418585185861858718588185891859018591185921859318594185951859618597185981859918600186011860218603186041860518606186071860818609186101861118612186131861418615186161861718618186191862018621186221862318624186251862618627186281862918630186311863218633186341863518636186371863818639186401864118642186431864418645186461864718648186491865018651186521865318654186551865618657186581865918660186611866218663186641866518666186671866818669186701867118672186731867418675186761867718678186791868018681186821868318684186851868618687186881868918690186911869218693186941869518696186971869818699187001870118702187031870418705187061870718708187091871018711187121871318714187151871618717187181871918720187211872218723187241872518726187271872818729187301873118732187331873418735187361873718738187391874018741187421874318744187451874618747187481874918750187511875218753187541875518756187571875818759187601876118762187631876418765187661876718768187691877018771187721877318774187751877618777187781877918780187811878218783187841878518786187871878818789187901879118792187931879418795187961879718798187991880018801188021880318804188051880618807188081880918810188111881218813188141881518816188171881818819188201882118822188231882418825188261882718828188291883018831188321883318834188351883618837188381883918840188411884218843188441884518846188471884818849188501885118852188531885418855188561885718858188591886018861188621886318864188651886618867188681886918870188711887218873188741887518876188771887818879188801888118882188831888418885188861888718888
  1. /* api.c API unit tests
  2. *
  3. * Copyright (C) 2006-2017 wolfSSL Inc.
  4. *
  5. * This file is part of wolfSSL.
  6. *
  7. * wolfSSL is free software; you can redistribute it and/or modify
  8. * it under the terms of the GNU General Public License as published by
  9. * the Free Software Foundation; either version 2 of the License, or
  10. * (at your option) any later version.
  11. *
  12. * wolfSSL is distributed in the hope that it will be useful,
  13. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. * GNU General Public License for more details.
  16. *
  17. * You should have received a copy of the GNU General Public License
  18. * along with this program; if not, write to the Free Software
  19. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  20. */
  21. /*----------------------------------------------------------------------------*
  22. | Includes
  23. *----------------------------------------------------------------------------*/
  24. #ifdef HAVE_CONFIG_H
  25. #include <config.h>
  26. #endif
  27. #include <wolfssl/wolfcrypt/settings.h>
  28. #ifndef FOURK_BUF
  29. #define FOURK_BUF 4096
  30. #endif
  31. #ifndef TWOK_BUF
  32. #define TWOK_BUF 2048
  33. #endif
  34. #ifndef ONEK_BUF
  35. #define ONEK_BUF 1024
  36. #endif
  37. #if defined(WOLFSSL_STATIC_MEMORY)
  38. #include <wolfssl/wolfcrypt/memory.h>
  39. #endif /* WOLFSSL_STATIC_MEMORY */
  40. #ifndef HEAP_HINT
  41. #define HEAP_HINT NULL
  42. #endif /* WOLFSSL_STAIC_MEMORY */
  43. #ifdef WOLFSSL_ASNC_CRYPT
  44. #include <wolfssl/wolfcrypt/async.h>
  45. #endif
  46. #ifdef HAVE_ECC
  47. #include <wolfssl/wolfcrypt/ecc.h> /* wc_ecc_fp_free */
  48. #ifndef ECC_ASN963_MAX_BUF_SZ
  49. #define ECC_ASN963_MAX_BUF_SZ 133
  50. #endif
  51. #ifndef ECC_PRIV_KEY_BUF
  52. #define ECC_PRIV_KEY_BUF 66 /* For non user defined curves. */
  53. #endif
  54. #ifdef HAVE_ALL_CURVES
  55. /* ecc key sizes: 14, 16, 20, 24, 28, 30, 32, 40, 48, 64*/
  56. #ifndef KEY14
  57. #define KEY14 14
  58. #endif
  59. #if !defined(KEY16)
  60. #define KEY16 16
  61. #endif
  62. #if !defined(KEY20)
  63. #define KEY20 20
  64. #endif
  65. #if !defined(KEY24)
  66. #define KEY24 24
  67. #endif
  68. #if !defined(KEY28)
  69. #define KEY28 28
  70. #endif
  71. #if !defined(KEY30)
  72. #define KEY30 30
  73. #endif
  74. #if !defined(KEY32)
  75. #define KEY32 32
  76. #endif
  77. #if !defined(KEY40)
  78. #define KEY40 40
  79. #endif
  80. #if !defined(KEY48)
  81. #define KEY48 48
  82. #endif
  83. #if !defined(KEY64)
  84. #define KEY64 64
  85. #endif
  86. #else
  87. /* ecc key sizes: 14, 16, 20, 24, 28, 30, 32, 40, 48, 64*/
  88. #ifndef KEY14
  89. #define KEY14 32
  90. #endif
  91. #if !defined(KEY16)
  92. #define KEY16 32
  93. #endif
  94. #if !defined(KEY20)
  95. #define KEY20 32
  96. #endif
  97. #if !defined(KEY24)
  98. #define KEY24 32
  99. #endif
  100. #if !defined(KEY28)
  101. #define KEY28 32
  102. #endif
  103. #if !defined(KEY30)
  104. #define KEY30 32
  105. #endif
  106. #if !defined(KEY32)
  107. #define KEY32 32
  108. #endif
  109. #if !defined(KEY40)
  110. #define KEY40 32
  111. #endif
  112. #if !defined(KEY48)
  113. #define KEY48 32
  114. #endif
  115. #if !defined(KEY64)
  116. #define KEY64 32
  117. #endif
  118. #endif
  119. #if !defined(HAVE_COMP_KEY)
  120. #if !defined(NOCOMP)
  121. #define NOCOMP 0
  122. #endif
  123. #else
  124. #if !defined(COMP)
  125. #define COMP 1
  126. #endif
  127. #endif
  128. #if !defined(DER_SZ)
  129. #define DER_SZ (keySz * 2 + 1)
  130. #endif
  131. #endif
  132. #ifndef NO_ASN
  133. #include <wolfssl/wolfcrypt/asn_public.h>
  134. #endif
  135. #include <wolfssl/error-ssl.h>
  136. #include <stdlib.h>
  137. #include <wolfssl/ssl.h> /* compatibility layer */
  138. #include <wolfssl/test.h>
  139. #include <tests/unit.h>
  140. #include "examples/server/server.h"
  141. /* for testing compatibility layer callbacks */
  142. #ifndef NO_MD5
  143. #include <wolfssl/wolfcrypt/md5.h>
  144. #endif
  145. #ifndef NO_SHA
  146. #include <wolfssl/wolfcrypt/sha.h>
  147. #endif
  148. #ifndef NO_SHA256
  149. #include <wolfssl/wolfcrypt/sha256.h>
  150. #endif
  151. #ifdef WOLFSSL_SHA512
  152. #include <wolfssl/wolfcrypt/sha512.h>
  153. #endif
  154. #ifdef WOLFSSL_SHA384
  155. #include <wolfssl/wolfcrypt/sha512.h>
  156. #endif
  157. #ifdef WOLFSSL_SHA3
  158. #include <wolfssl/wolfcrypt/sha3.h>
  159. #ifndef HEAP_HINT
  160. #define HEAP_HINT NULL
  161. #endif
  162. #endif
  163. #ifndef NO_AES
  164. #include <wolfssl/wolfcrypt/aes.h>
  165. #ifdef HAVE_AES_DECRYPT
  166. #include <wolfssl/wolfcrypt/wc_encrypt.h>
  167. #endif
  168. #endif
  169. #ifdef WOLFSSL_RIPEMD
  170. #include <wolfssl/wolfcrypt/ripemd.h>
  171. #endif
  172. #ifdef HAVE_IDEA
  173. #include <wolfssl/wolfcrypt/idea.h>
  174. #endif
  175. #ifndef NO_DES3
  176. #include <wolfssl/wolfcrypt/des3.h>
  177. #include <wolfssl/wolfcrypt/wc_encrypt.h>
  178. #endif
  179. #ifndef NO_HMAC
  180. #include <wolfssl/wolfcrypt/hmac.h>
  181. #endif
  182. #ifdef HAVE_CHACHA
  183. #include <wolfssl/wolfcrypt/chacha.h>
  184. #endif
  185. #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
  186. #include <wolfssl/wolfcrypt/chacha20_poly1305.h>
  187. #endif
  188. #ifdef HAVE_CAMELLIA
  189. #include <wolfssl/wolfcrypt/camellia.h>
  190. #endif
  191. #ifndef NO_RABBIT
  192. #include <wolfssl/wolfcrypt/rabbit.h>
  193. #endif
  194. #ifndef NO_RC4
  195. #include <wolfssl/wolfcrypt/arc4.h>
  196. #endif
  197. #ifndef NO_RSA
  198. #include <wolfssl/wolfcrypt/rsa.h>
  199. #include <wolfssl/wolfcrypt/hash.h>
  200. #define FOURK_BUF 4096
  201. #define GEN_BUF 294
  202. #ifndef USER_CRYPTO_ERROR
  203. #define USER_CRYPTO_ERROR -101 /* error returned by IPP lib. */
  204. #endif
  205. #endif
  206. #ifdef HAVE_AESCCM
  207. #include <wolfssl/wolfcrypt/aes.h>
  208. #endif
  209. #ifdef HAVE_HC128
  210. #include <wolfssl/wolfcrypt/hc128.h>
  211. #endif
  212. #ifdef HAVE_PKCS7
  213. #include <wolfssl/wolfcrypt/pkcs7.h>
  214. #include <wolfssl/wolfcrypt/asn.h>
  215. #endif
  216. #if defined(WOLFSSL_SHA3) || defined(HAVE_PKCS7)
  217. static int devId = INVALID_DEVID;
  218. #endif
  219. #ifndef NO_DSA
  220. #include <wolfssl/wolfcrypt/dsa.h>
  221. #ifndef ONEK_BUF
  222. #define ONEK_BUF 1024
  223. #endif
  224. #ifndef TWOK_BUF
  225. #define TWOK_BUF 2048
  226. #endif
  227. #ifndef FOURK_BUF
  228. #define FOURK_BUF 4096
  229. #endif
  230. #ifndef DSA_SIG_SIZE
  231. #define DSA_SIG_SIZE 40
  232. #endif
  233. #ifndef MAX_DSA_PARAM_SIZE
  234. #define MAX_DSA_PARAM_SIZE 256
  235. #endif
  236. #endif
  237. #ifdef WOLFSSL_CMAC
  238. #include <wolfssl/wolfcrypt/cmac.h>
  239. #endif
  240. #ifdef HAVE_ED25519
  241. #include <wolfssl/wolfcrypt/ed25519.h>
  242. #endif
  243. #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL))
  244. #include <wolfssl/openssl/ssl.h>
  245. #ifndef NO_ASN
  246. /* for ASN_COMMON_NAME DN_tags enum */
  247. #include <wolfssl/wolfcrypt/asn.h>
  248. #endif
  249. #endif
  250. #ifdef OPENSSL_EXTRA
  251. #include <wolfssl/openssl/asn1.h>
  252. #include <wolfssl/openssl/crypto.h>
  253. #include <wolfssl/openssl/pkcs12.h>
  254. #include <wolfssl/openssl/evp.h>
  255. #include <wolfssl/openssl/dh.h>
  256. #include <wolfssl/openssl/bn.h>
  257. #include <wolfssl/openssl/buffer.h>
  258. #include <wolfssl/openssl/pem.h>
  259. #include <wolfssl/openssl/ec.h>
  260. #include <wolfssl/openssl/engine.h>
  261. #include <wolfssl/openssl/crypto.h>
  262. #include <wolfssl/openssl/hmac.h>
  263. #include <wolfssl/openssl/objects.h>
  264. #ifndef NO_AES
  265. #include <wolfssl/openssl/aes.h>
  266. #endif
  267. #ifndef NO_DES3
  268. #include <wolfssl/openssl/des.h>
  269. #endif
  270. #endif /* OPENSSL_EXTRA */
  271. #if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) \
  272. && !defined(NO_SHA256) && !defined(RC_NO_RNG)
  273. #include <wolfssl/wolfcrypt/srp.h>
  274. #endif
  275. #if defined(SESSION_CERTS) && defined(TEST_PEER_CERT_CHAIN)
  276. #include "wolfssl/internal.h" /* for testing SSL_get_peer_cert_chain */
  277. #endif
  278. /* enable testing buffer load functions */
  279. #ifndef USE_CERT_BUFFERS_2048
  280. #define USE_CERT_BUFFERS_2048
  281. #endif
  282. #ifndef USE_CERT_BUFFERS_256
  283. #define USE_CERT_BUFFERS_256
  284. #endif
  285. #include <wolfssl/certs_test.h>
  286. typedef struct testVector {
  287. const char* input;
  288. const char* output;
  289. size_t inLen;
  290. size_t outLen;
  291. } testVector;
  292. #if defined(HAVE_PKCS7)
  293. typedef struct {
  294. const byte* content;
  295. word32 contentSz;
  296. int contentOID;
  297. int encryptOID;
  298. int keyWrapOID;
  299. int keyAgreeOID;
  300. byte* cert;
  301. size_t certSz;
  302. byte* privateKey;
  303. word32 privateKeySz;
  304. } pkcs7EnvelopedVector;
  305. #ifndef NO_PKCS7_ENCRYPTED_DATA
  306. typedef struct {
  307. const byte* content;
  308. word32 contentSz;
  309. int contentOID;
  310. int encryptOID;
  311. byte* encryptionKey;
  312. word32 encryptionKeySz;
  313. } pkcs7EncryptedVector;
  314. #endif
  315. #endif /* HAVE_PKCS7 */
  316. /*----------------------------------------------------------------------------*
  317. | Constants
  318. *----------------------------------------------------------------------------*/
  319. #define TEST_SUCCESS (1)
  320. #define TEST_FAIL (0)
  321. #define testingFmt " %s:"
  322. #define resultFmt " %s\n"
  323. static const char* passed = "passed";
  324. static const char* failed = "failed";
  325. #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
  326. static const char* bogusFile =
  327. #ifdef _WIN32
  328. "NUL"
  329. #else
  330. "/dev/null"
  331. #endif
  332. ;
  333. #endif
  334. enum {
  335. TESTING_RSA = 1,
  336. TESTING_ECC = 2
  337. };
  338. /*----------------------------------------------------------------------------*
  339. | Setup
  340. *----------------------------------------------------------------------------*/
  341. static int test_wolfSSL_Init(void)
  342. {
  343. int result;
  344. printf(testingFmt, "wolfSSL_Init()");
  345. result = wolfSSL_Init();
  346. printf(resultFmt, result == WOLFSSL_SUCCESS ? passed : failed);
  347. return result;
  348. }
  349. static int test_wolfSSL_Cleanup(void)
  350. {
  351. int result;
  352. printf(testingFmt, "wolfSSL_Cleanup()");
  353. result = wolfSSL_Cleanup();
  354. printf(resultFmt, result == WOLFSSL_SUCCESS ? passed : failed);
  355. return result;
  356. }
  357. /* Initialize the wolfCrypt state.
  358. * POST: 0 success.
  359. */
  360. static int test_wolfCrypt_Init(void)
  361. {
  362. int result;
  363. printf(testingFmt, "wolfCrypt_Init()");
  364. result = wolfCrypt_Init();
  365. printf(resultFmt, result == 0 ? passed : failed);
  366. return result;
  367. } /* END test_wolfCrypt_Init */
  368. /*----------------------------------------------------------------------------*
  369. | Method Allocators
  370. *----------------------------------------------------------------------------*/
  371. static void test_wolfSSL_Method_Allocators(void)
  372. {
  373. #define TEST_METHOD_ALLOCATOR(allocator, condition) \
  374. do { \
  375. WOLFSSL_METHOD *method; \
  376. condition(method = allocator()); \
  377. XFREE(method, 0, DYNAMIC_TYPE_METHOD); \
  378. } while(0)
  379. #define TEST_VALID_METHOD_ALLOCATOR(a) \
  380. TEST_METHOD_ALLOCATOR(a, AssertNotNull)
  381. #define TEST_INVALID_METHOD_ALLOCATOR(a) \
  382. TEST_METHOD_ALLOCATOR(a, AssertNull)
  383. #ifndef NO_OLD_TLS
  384. #ifdef WOLFSSL_ALLOW_SSLV3
  385. TEST_VALID_METHOD_ALLOCATOR(wolfSSLv3_server_method);
  386. TEST_VALID_METHOD_ALLOCATOR(wolfSSLv3_client_method);
  387. #endif
  388. #ifdef WOLFSL_ALLOW_TLSV10
  389. TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_server_method);
  390. TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_client_method);
  391. #endif
  392. TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_1_server_method);
  393. TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_1_client_method);
  394. #endif
  395. #ifndef NO_WOLFSSL_SERVER
  396. TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_2_server_method);
  397. #endif
  398. #ifndef NO_WOLFSSL_CLIENT
  399. TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_2_client_method);
  400. TEST_VALID_METHOD_ALLOCATOR(wolfSSLv23_client_method);
  401. #endif
  402. #ifdef WOLFSSL_DTLS
  403. #ifndef NO_OLD_TLS
  404. TEST_VALID_METHOD_ALLOCATOR(wolfDTLSv1_server_method);
  405. TEST_VALID_METHOD_ALLOCATOR(wolfDTLSv1_client_method);
  406. #endif
  407. TEST_VALID_METHOD_ALLOCATOR(wolfDTLSv1_2_server_method);
  408. TEST_VALID_METHOD_ALLOCATOR(wolfDTLSv1_2_client_method);
  409. #endif
  410. #ifdef OPENSSL_EXTRA
  411. TEST_INVALID_METHOD_ALLOCATOR(wolfSSLv2_server_method);
  412. TEST_INVALID_METHOD_ALLOCATOR(wolfSSLv2_client_method);
  413. #endif
  414. }
  415. /*----------------------------------------------------------------------------*
  416. | Context
  417. *----------------------------------------------------------------------------*/
  418. #ifndef NO_WOLFSSL_SERVER
  419. static void test_wolfSSL_CTX_new(WOLFSSL_METHOD *method)
  420. {
  421. WOLFSSL_CTX *ctx;
  422. AssertNull(ctx = wolfSSL_CTX_new(NULL));
  423. AssertNotNull(method);
  424. AssertNotNull(ctx = wolfSSL_CTX_new(method));
  425. wolfSSL_CTX_free(ctx);
  426. }
  427. #endif
  428. static void test_wolfSSL_CTX_use_certificate_file(void)
  429. {
  430. #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER)
  431. WOLFSSL_CTX *ctx;
  432. AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
  433. /* invalid context */
  434. AssertFalse(wolfSSL_CTX_use_certificate_file(NULL, svrCertFile,
  435. WOLFSSL_FILETYPE_PEM));
  436. /* invalid cert file */
  437. AssertFalse(wolfSSL_CTX_use_certificate_file(ctx, bogusFile,
  438. WOLFSSL_FILETYPE_PEM));
  439. /* invalid cert type */
  440. AssertFalse(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, 9999));
  441. #ifdef NO_RSA
  442. /* rsa needed */
  443. AssertFalse(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile,WOLFSSL_FILETYPE_PEM));
  444. #else
  445. /* success */
  446. AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM));
  447. #endif
  448. wolfSSL_CTX_free(ctx);
  449. #endif
  450. }
  451. /* Test function for wolfSSL_CTX_use_certificate_buffer. Load cert into
  452. * context using buffer.
  453. * PRE: NO_CERTS not defined; USE_CERT_BUFFERS_2048 defined; compile with
  454. * --enable-testcert flag.
  455. */
  456. static int test_wolfSSL_CTX_use_certificate_buffer(void)
  457. {
  458. #if !defined(NO_CERTS) && defined(USE_CERT_BUFFERS_2048) && \
  459. !defined(NO_RSA) && !defined(NO_WOLFSSL_SERVER)
  460. WOLFSSL_CTX* ctx;
  461. int ret;
  462. printf(testingFmt, "wolfSSL_CTX_use_certificate_buffer()");
  463. AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
  464. ret = wolfSSL_CTX_use_certificate_buffer(ctx, server_cert_der_2048,
  465. sizeof_server_cert_der_2048, WOLFSSL_FILETYPE_ASN1);
  466. printf(resultFmt, ret == WOLFSSL_SUCCESS ? passed : failed);
  467. wolfSSL_CTX_free(ctx);
  468. return ret;
  469. #else
  470. return WOLFSSL_SUCCESS;
  471. #endif
  472. } /*END test_wolfSSL_CTX_use_certificate_buffer*/
  473. static void test_wolfSSL_CTX_use_PrivateKey_file(void)
  474. {
  475. #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER)
  476. WOLFSSL_CTX *ctx;
  477. AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
  478. /* invalid context */
  479. AssertFalse(wolfSSL_CTX_use_PrivateKey_file(NULL, svrKeyFile,
  480. WOLFSSL_FILETYPE_PEM));
  481. /* invalid key file */
  482. AssertFalse(wolfSSL_CTX_use_PrivateKey_file(ctx, bogusFile,
  483. WOLFSSL_FILETYPE_PEM));
  484. /* invalid key type */
  485. AssertFalse(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, 9999));
  486. /* success */
  487. #ifdef NO_RSA
  488. /* rsa needed */
  489. AssertFalse(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM));
  490. #else
  491. /* success */
  492. AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM));
  493. #endif
  494. wolfSSL_CTX_free(ctx);
  495. #endif
  496. }
  497. /* test both file and buffer versions along with unloading trusted peer certs */
  498. static void test_wolfSSL_CTX_trust_peer_cert(void)
  499. {
  500. #if !defined(NO_CERTS) && defined(WOLFSSL_TRUST_PEER_CERT) && !defined(NO_WOLFSSL_CLIENT)
  501. WOLFSSL_CTX *ctx;
  502. AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
  503. #if !defined(NO_FILESYSTEM)
  504. /* invalid file */
  505. assert(wolfSSL_CTX_trust_peer_cert(ctx, NULL,
  506. WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS);
  507. assert(wolfSSL_CTX_trust_peer_cert(ctx, bogusFile,
  508. WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS);
  509. assert(wolfSSL_CTX_trust_peer_cert(ctx, cliCertFile,
  510. WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS);
  511. /* success */
  512. assert(wolfSSL_CTX_trust_peer_cert(ctx, cliCertFile, WOLFSSL_FILETYPE_PEM)
  513. == WOLFSSL_SUCCESS);
  514. /* unload cert */
  515. assert(wolfSSL_CTX_Unload_trust_peers(NULL) != WOLFSSL_SUCCESS);
  516. assert(wolfSSL_CTX_Unload_trust_peers(ctx) == WOLFSSL_SUCCESS);
  517. #endif
  518. /* Test of loading certs from buffers */
  519. /* invalid buffer */
  520. assert(wolfSSL_CTX_trust_peer_buffer(ctx, NULL, -1,
  521. WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS);
  522. /* success */
  523. #ifdef USE_CERT_BUFFERS_1024
  524. assert(wolfSSL_CTX_trust_peer_buffer(ctx, client_cert_der_1024,
  525. sizeof_client_cert_der_1024, WOLFSSL_FILETYPE_ASN1) == WOLFSSL_SUCCESS);
  526. #endif
  527. #ifdef USE_CERT_BUFFERS_2048
  528. assert(wolfSSL_CTX_trust_peer_buffer(ctx, client_cert_der_2048,
  529. sizeof_client_cert_der_2048, WOLFSSL_FILETYPE_ASN1) == WOLFSSL_SUCCESS);
  530. #endif
  531. /* unload cert */
  532. assert(wolfSSL_CTX_Unload_trust_peers(NULL) != WOLFSSL_SUCCESS);
  533. assert(wolfSSL_CTX_Unload_trust_peers(ctx) == WOLFSSL_SUCCESS);
  534. wolfSSL_CTX_free(ctx);
  535. #endif
  536. }
  537. static void test_wolfSSL_CTX_load_verify_locations(void)
  538. {
  539. #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_CLIENT)
  540. WOLFSSL_CTX *ctx;
  541. WOLFSSL_CERT_MANAGER* cm;
  542. #ifdef PERSIST_CERT_CACHE
  543. int cacheSz;
  544. #endif
  545. AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
  546. /* invalid context */
  547. AssertFalse(wolfSSL_CTX_load_verify_locations(NULL, caCertFile, 0));
  548. /* invalid ca file */
  549. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_load_verify_locations(ctx, NULL, 0));
  550. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_load_verify_locations(ctx, bogusFile, 0));
  551. #ifndef WOLFSSL_TIRTOS
  552. /* invalid path */
  553. /* not working... investigate! */
  554. /* AssertFalse(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, bogusFile)); */
  555. #endif
  556. /* load ca cert */
  557. AssertTrue(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0));
  558. #ifdef PERSIST_CERT_CACHE
  559. /* Get cert cache size */
  560. cacheSz = wolfSSL_CTX_get_cert_cache_memsize(ctx);
  561. #endif
  562. /* Test unloading CA's */
  563. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UnloadCAs(ctx));
  564. #ifdef PERSIST_CERT_CACHE
  565. /* Verify no certs (result is less than cacheSz) */
  566. AssertIntGT(cacheSz, wolfSSL_CTX_get_cert_cache_memsize(ctx));
  567. #endif
  568. /* load ca cert again */
  569. AssertTrue(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0));
  570. /* Test getting CERT_MANAGER */
  571. AssertNotNull(cm = wolfSSL_CTX_GetCertManager(ctx));
  572. /* Test unloading CA's using CM */
  573. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerUnloadCAs(cm));
  574. #ifdef PERSIST_CERT_CACHE
  575. /* Verify no certs (result is less than cacheSz) */
  576. AssertIntGT(cacheSz, wolfSSL_CTX_get_cert_cache_memsize(ctx));
  577. #endif
  578. wolfSSL_CTX_free(ctx);
  579. #endif
  580. }
  581. static void test_wolfSSL_CTX_SetTmpDH_file(void)
  582. {
  583. #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_DH) && \
  584. !defined(NO_WOLFSSL_CLIENT)
  585. WOLFSSL_CTX *ctx;
  586. AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
  587. /* invalid context */
  588. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_file(NULL,
  589. dhParamFile, WOLFSSL_FILETYPE_PEM));
  590. /* invalid dhParamFile file */
  591. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_file(ctx,
  592. NULL, WOLFSSL_FILETYPE_PEM));
  593. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_file(ctx,
  594. bogusFile, WOLFSSL_FILETYPE_PEM));
  595. /* success */
  596. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_file(ctx, dhParamFile,
  597. WOLFSSL_FILETYPE_PEM));
  598. wolfSSL_CTX_free(ctx);
  599. #endif
  600. }
  601. static void test_wolfSSL_CTX_SetTmpDH_buffer(void)
  602. {
  603. #if !defined(NO_CERTS) && !defined(NO_DH) && !defined(NO_WOLFSSL_CLIENT)
  604. WOLFSSL_CTX *ctx;
  605. AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
  606. /* invalid context */
  607. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_buffer(NULL, dh_key_der_2048,
  608. sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1));
  609. /* invalid dhParamFile file */
  610. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_buffer(NULL, NULL,
  611. 0, WOLFSSL_FILETYPE_ASN1));
  612. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_buffer(ctx, dsa_key_der_2048,
  613. sizeof_dsa_key_der_2048, WOLFSSL_FILETYPE_ASN1));
  614. /* success */
  615. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_buffer(ctx, dh_key_der_2048,
  616. sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1));
  617. wolfSSL_CTX_free(ctx);
  618. #endif
  619. }
  620. /*----------------------------------------------------------------------------*
  621. | SSL
  622. *----------------------------------------------------------------------------*/
  623. static void test_server_wolfSSL_new(void)
  624. {
  625. #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
  626. !defined(NO_WOLFSSL_SERVER)
  627. WOLFSSL_CTX *ctx;
  628. WOLFSSL_CTX *ctx_nocert;
  629. WOLFSSL *ssl;
  630. AssertNotNull(ctx_nocert = wolfSSL_CTX_new(wolfSSLv23_server_method()));
  631. AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
  632. AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM));
  633. AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM));
  634. /* invalid context */
  635. AssertNull(ssl = wolfSSL_new(NULL));
  636. #ifndef WOLFSSL_SESSION_EXPORT
  637. AssertNull(ssl = wolfSSL_new(ctx_nocert));
  638. #endif
  639. /* success */
  640. AssertNotNull(ssl = wolfSSL_new(ctx));
  641. wolfSSL_free(ssl);
  642. wolfSSL_CTX_free(ctx);
  643. wolfSSL_CTX_free(ctx_nocert);
  644. #endif
  645. }
  646. static void test_client_wolfSSL_new(void)
  647. {
  648. #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
  649. !defined(NO_WOLFSSL_CLIENT)
  650. WOLFSSL_CTX *ctx;
  651. WOLFSSL_CTX *ctx_nocert;
  652. WOLFSSL *ssl;
  653. AssertNotNull(ctx_nocert = wolfSSL_CTX_new(wolfSSLv23_client_method()));
  654. AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
  655. AssertTrue(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0));
  656. /* invalid context */
  657. AssertNull(ssl = wolfSSL_new(NULL));
  658. /* success */
  659. AssertNotNull(ssl = wolfSSL_new(ctx_nocert));
  660. wolfSSL_free(ssl);
  661. /* success */
  662. AssertNotNull(ssl = wolfSSL_new(ctx));
  663. wolfSSL_free(ssl);
  664. wolfSSL_CTX_free(ctx);
  665. wolfSSL_CTX_free(ctx_nocert);
  666. #endif
  667. }
  668. static void test_wolfSSL_SetTmpDH_file(void)
  669. {
  670. #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_DH) && \
  671. !defined(NO_WOLFSSL_SERVER)
  672. WOLFSSL_CTX *ctx;
  673. WOLFSSL *ssl;
  674. AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
  675. #ifndef NO_RSA
  676. AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile,
  677. WOLFSSL_FILETYPE_PEM));
  678. AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
  679. WOLFSSL_FILETYPE_PEM));
  680. #else
  681. AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, eccCertFile,
  682. WOLFSSL_FILETYPE_PEM));
  683. AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, eccKeyFile,
  684. WOLFSSL_FILETYPE_PEM));
  685. #endif
  686. AssertNotNull(ssl = wolfSSL_new(ctx));
  687. /* invalid ssl */
  688. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_file(NULL,
  689. dhParamFile, WOLFSSL_FILETYPE_PEM));
  690. /* invalid dhParamFile file */
  691. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_file(ssl,
  692. NULL, WOLFSSL_FILETYPE_PEM));
  693. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_file(ssl,
  694. bogusFile, WOLFSSL_FILETYPE_PEM));
  695. /* success */
  696. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_file(ssl, dhParamFile,
  697. WOLFSSL_FILETYPE_PEM));
  698. wolfSSL_free(ssl);
  699. wolfSSL_CTX_free(ctx);
  700. #endif
  701. }
  702. static void test_wolfSSL_SetTmpDH_buffer(void)
  703. {
  704. #if !defined(NO_CERTS) && !defined(NO_DH) && !defined(NO_WOLFSSL_SERVER)
  705. WOLFSSL_CTX *ctx;
  706. WOLFSSL *ssl;
  707. AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
  708. AssertTrue(wolfSSL_CTX_use_certificate_buffer(ctx, server_cert_der_2048,
  709. sizeof_server_cert_der_2048, WOLFSSL_FILETYPE_ASN1));
  710. AssertTrue(wolfSSL_CTX_use_PrivateKey_buffer(ctx, server_key_der_2048,
  711. sizeof_server_key_der_2048, WOLFSSL_FILETYPE_ASN1));
  712. AssertNotNull(ssl = wolfSSL_new(ctx));
  713. /* invalid ssl */
  714. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_buffer(NULL, dh_key_der_2048,
  715. sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1));
  716. /* invalid dhParamFile file */
  717. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_buffer(NULL, NULL,
  718. 0, WOLFSSL_FILETYPE_ASN1));
  719. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_buffer(ssl, dsa_key_der_2048,
  720. sizeof_dsa_key_der_2048, WOLFSSL_FILETYPE_ASN1));
  721. /* success */
  722. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_buffer(ssl, dh_key_der_2048,
  723. sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1));
  724. wolfSSL_free(ssl);
  725. wolfSSL_CTX_free(ctx);
  726. #endif
  727. }
  728. /* Test function for wolfSSL_SetMinVersion. Sets the minimum downgrade version
  729. * allowed.
  730. * POST: return 1 on success.
  731. */
  732. static int test_wolfSSL_SetMinVersion(void)
  733. {
  734. int failFlag = WOLFSSL_SUCCESS;
  735. #ifndef NO_WOLFSSL_CLIENT
  736. WOLFSSL_CTX* ctx;
  737. WOLFSSL* ssl;
  738. int itr;
  739. #ifndef NO_OLD_TLS
  740. const int versions[] = { WOLFSSL_TLSV1, WOLFSSL_TLSV1_1,
  741. WOLFSSL_TLSV1_2};
  742. #else
  743. const int versions[] = { WOLFSSL_TLSV1_2 };
  744. #endif
  745. AssertTrue(wolfSSL_Init());
  746. ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
  747. ssl = wolfSSL_new(ctx);
  748. printf(testingFmt, "wolfSSL_SetMinVersion()");
  749. for (itr = 0; itr < (int)(sizeof(versions)/sizeof(int)); itr++){
  750. if(wolfSSL_SetMinVersion(ssl, *(versions + itr)) != WOLFSSL_SUCCESS){
  751. failFlag = WOLFSSL_FAILURE;
  752. }
  753. }
  754. printf(resultFmt, failFlag == WOLFSSL_SUCCESS ? passed : failed);
  755. wolfSSL_free(ssl);
  756. wolfSSL_CTX_free(ctx);
  757. AssertTrue(wolfSSL_Cleanup());
  758. #endif
  759. return failFlag;
  760. } /* END test_wolfSSL_SetMinVersion */
  761. /*----------------------------------------------------------------------------*
  762. | EC
  763. *----------------------------------------------------------------------------*/
  764. /* Test function for EC_POINT_new, EC_POINT_mul, EC_POINT_free,
  765. EC_GROUP_new_by_curve_name
  766. */
  767. # if defined(OPENSSL_EXTRA)
  768. static void test_wolfSSL_EC(void)
  769. {
  770. #ifdef HAVE_ECC
  771. BN_CTX *ctx;
  772. EC_GROUP *group;
  773. EC_POINT *Gxy, *new_point;
  774. BIGNUM *k = NULL, *Gx = NULL, *Gy = NULL, *Gz = NULL;
  775. BIGNUM *X, *Y;
  776. #if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) || defined(DEBUG_WOLFSSL)
  777. char* hexStr;
  778. #endif
  779. const char* kTest = "F4F8338AFCC562C5C3F3E1E46A7EFECD17AF381913FF7A96314EA47055EA0FD0";
  780. /* NISTP256R1 Gx/Gy */
  781. const char* kGx = "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296";
  782. const char* kGy = "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5";
  783. AssertNotNull(ctx = BN_CTX_new());
  784. AssertNotNull(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
  785. AssertNotNull(Gxy = EC_POINT_new(group));
  786. AssertNotNull(new_point = EC_POINT_new(group));
  787. AssertNotNull(X = BN_new());
  788. AssertNotNull(Y = BN_new());
  789. /* load test values */
  790. AssertIntEQ(BN_hex2bn(&k, kTest), WOLFSSL_SUCCESS);
  791. AssertIntEQ(BN_hex2bn(&Gx, kGx), WOLFSSL_SUCCESS);
  792. AssertIntEQ(BN_hex2bn(&Gy, kGy), WOLFSSL_SUCCESS);
  793. AssertIntEQ(BN_hex2bn(&Gz, "1"), WOLFSSL_SUCCESS);
  794. /* populate coordinates for input point */
  795. Gxy->X = Gx;
  796. Gxy->Y = Gy;
  797. Gxy->Z = Gz;
  798. /* perform point multiplication */
  799. AssertIntEQ(EC_POINT_mul(group, new_point, NULL, Gxy, k, ctx), WOLFSSL_SUCCESS);
  800. /* check if point X coordinate is zero */
  801. AssertIntEQ(BN_is_zero(new_point->X), WOLFSSL_FAILURE);
  802. /* extract the coordinates from point */
  803. AssertIntEQ(EC_POINT_get_affine_coordinates_GFp(group, new_point, X, Y, ctx), WOLFSSL_SUCCESS);
  804. /* check if point X coordinate is zero */
  805. AssertIntEQ(BN_is_zero(X), WOLFSSL_FAILURE);
  806. /* check bx2hex */
  807. #if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) || defined(DEBUG_WOLFSSL)
  808. hexStr = BN_bn2hex(k);
  809. AssertStrEQ(hexStr, kTest);
  810. XFREE(hexStr, NULL, DYNAMIC_TYPE_ECC);
  811. hexStr = BN_bn2hex(Gx);
  812. AssertStrEQ(hexStr, kGx);
  813. XFREE(hexStr, NULL, DYNAMIC_TYPE_ECC);
  814. hexStr = BN_bn2hex(Gy);
  815. AssertStrEQ(hexStr, kGy);
  816. XFREE(hexStr, NULL, DYNAMIC_TYPE_ECC);
  817. #endif
  818. /* cleanup */
  819. BN_free(X);
  820. BN_free(Y);
  821. BN_free(k);
  822. EC_POINT_free(new_point);
  823. EC_POINT_free(Gxy);
  824. EC_GROUP_free(group);
  825. BN_CTX_free(ctx);
  826. #endif /* HAVE_ECC */
  827. }
  828. #endif
  829. #include <wolfssl/openssl/pem.h>
  830. /*----------------------------------------------------------------------------*
  831. | EVP
  832. *----------------------------------------------------------------------------*/
  833. /* Test function for wolfSSL_EVP_get_cipherbynid.
  834. */
  835. # if defined(OPENSSL_EXTRA)
  836. static void test_wolfSSL_EVP_get_cipherbynid(void)
  837. {
  838. #ifndef NO_AES
  839. const WOLFSSL_EVP_CIPHER* c;
  840. c = wolfSSL_EVP_get_cipherbynid(419);
  841. #if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
  842. AssertNotNull(c);
  843. AssertNotNull(strcmp("EVP_AES_128_CBC", c));
  844. #else
  845. AssertNull(c);
  846. #endif
  847. c = wolfSSL_EVP_get_cipherbynid(423);
  848. #if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_192)
  849. AssertNotNull(c);
  850. AssertNotNull(strcmp("EVP_AES_192_CBC", c));
  851. #else
  852. AssertNull(c);
  853. #endif
  854. c = wolfSSL_EVP_get_cipherbynid(427);
  855. #if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_256)
  856. AssertNotNull(c);
  857. AssertNotNull(strcmp("EVP_AES_256_CBC", c));
  858. #else
  859. AssertNull(c);
  860. #endif
  861. c = wolfSSL_EVP_get_cipherbynid(904);
  862. #if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_128)
  863. AssertNotNull(c);
  864. AssertNotNull(strcmp("EVP_AES_128_CTR", c));
  865. #else
  866. AssertNull(c);
  867. #endif
  868. c = wolfSSL_EVP_get_cipherbynid(905);
  869. #if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_192)
  870. AssertNotNull(c);
  871. AssertNotNull(strcmp("EVP_AES_192_CTR", c));
  872. #else
  873. AssertNull(c);
  874. #endif
  875. c = wolfSSL_EVP_get_cipherbynid(906);
  876. #if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_256)
  877. AssertNotNull(c);
  878. AssertNotNull(strcmp("EVP_AES_256_CTR", c));
  879. #else
  880. AssertNull(c);
  881. #endif
  882. c = wolfSSL_EVP_get_cipherbynid(418);
  883. #if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_128)
  884. AssertNotNull(c);
  885. AssertNotNull(strcmp("EVP_AES_128_ECB", c));
  886. #else
  887. AssertNull(c);
  888. #endif
  889. c = wolfSSL_EVP_get_cipherbynid(422);
  890. #if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_192)
  891. AssertNotNull(c);
  892. AssertNotNull(strcmp("EVP_AES_192_ECB", c));
  893. #else
  894. AssertNull(c);
  895. #endif
  896. c = wolfSSL_EVP_get_cipherbynid(426);
  897. #if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_256)
  898. AssertNotNull(c);
  899. AssertNotNull(strcmp("EVP_AES_256_ECB", c));
  900. #else
  901. AssertNull(c);
  902. #endif
  903. #endif
  904. #ifndef NO_DES3
  905. AssertNotNull(strcmp("EVP_DES_CBC", wolfSSL_EVP_get_cipherbynid(31)));
  906. #ifdef WOLFSSL_DES_ECB
  907. AssertNotNull(strcmp("EVP_DES_ECB", wolfSSL_EVP_get_cipherbynid(29)));
  908. #endif
  909. AssertNotNull(strcmp("EVP_DES_EDE3_CBC", wolfSSL_EVP_get_cipherbynid(44)));
  910. #ifdef WOLFSSL_DES_ECB
  911. AssertNotNull(strcmp("EVP_DES_EDE3_ECB", wolfSSL_EVP_get_cipherbynid(33)));
  912. #endif
  913. #endif /*NO_DES3*/
  914. #ifdef HAVE_IDEA
  915. AssertNotNull(strcmp("EVP_IDEA_CBC", wolfSSL_EVP_get_cipherbynid(34)));
  916. #endif
  917. /* test for nid is out of range */
  918. AssertNull(wolfSSL_EVP_get_cipherbynid(1));
  919. }
  920. #endif
  921. /*----------------------------------------------------------------------------*
  922. | IO
  923. *----------------------------------------------------------------------------*/
  924. #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
  925. !defined(NO_RSA) && !defined(SINGLE_THREADED) && \
  926. !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT)
  927. #define HAVE_IO_TESTS_DEPENDENCIES
  928. #endif
  929. /* helper functions */
  930. #ifdef HAVE_IO_TESTS_DEPENDENCIES
  931. #ifdef WOLFSSL_SESSION_EXPORT
  932. /* set up function for sending session information */
  933. static int test_export(WOLFSSL* inSsl, byte* buf, word32 sz, void* userCtx)
  934. {
  935. WOLFSSL_CTX* ctx;
  936. WOLFSSL* ssl;
  937. AssertNotNull(inSsl);
  938. AssertNotNull(buf);
  939. AssertIntNE(0, sz);
  940. /* Set ctx to DTLS 1.2 */
  941. ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method());
  942. AssertNotNull(ctx);
  943. ssl = wolfSSL_new(ctx);
  944. AssertNotNull(ssl);
  945. AssertIntGE(wolfSSL_dtls_import(ssl, buf, sz), 0);
  946. wolfSSL_free(ssl);
  947. wolfSSL_CTX_free(ctx);
  948. (void)userCtx;
  949. return WOLFSSL_SUCCESS;
  950. }
  951. #endif
  952. #ifndef NO_WOLFSSL_SERVER
  953. static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args)
  954. {
  955. SOCKET_T sockfd = 0;
  956. SOCKET_T clientfd = 0;
  957. word16 port;
  958. callback_functions* cbf = NULL;
  959. WOLFSSL_METHOD* method = 0;
  960. WOLFSSL_CTX* ctx = 0;
  961. WOLFSSL* ssl = 0;
  962. char msg[] = "I hear you fa shizzle!";
  963. char input[1024];
  964. int idx;
  965. int ret, err = 0;
  966. #ifdef WOLFSSL_TIRTOS
  967. fdOpenSession(Task_self());
  968. #endif
  969. ((func_args*)args)->return_code = TEST_FAIL;
  970. cbf = ((func_args*)args)->callbacks;
  971. if (cbf != NULL && cbf->method != NULL) {
  972. method = cbf->method();
  973. }
  974. else {
  975. method = wolfSSLv23_server_method();
  976. }
  977. ctx = wolfSSL_CTX_new(method);
  978. #if defined(USE_WINDOWS_API)
  979. port = ((func_args*)args)->signal->port;
  980. #elif defined(NO_MAIN_DRIVER) && !defined(WOLFSSL_SNIFFER) && \
  981. !defined(WOLFSSL_MDK_SHELL) && !defined(WOLFSSL_TIRTOS)
  982. /* Let tcp_listen assign port */
  983. port = 0;
  984. #else
  985. /* Use default port */
  986. port = wolfSSLPort;
  987. #endif
  988. wolfSSL_CTX_set_verify(ctx,
  989. WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0);
  990. #ifdef WOLFSSL_ENCRYPTED_KEYS
  991. wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
  992. #endif
  993. if (wolfSSL_CTX_load_verify_locations(ctx, cliCertFile, 0) != WOLFSSL_SUCCESS)
  994. {
  995. /*err_sys("can't load ca file, Please run from wolfSSL home dir");*/
  996. goto done;
  997. }
  998. if (wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM)
  999. != WOLFSSL_SUCCESS)
  1000. {
  1001. /*err_sys("can't load server cert chain file, "
  1002. "Please run from wolfSSL home dir");*/
  1003. goto done;
  1004. }
  1005. if (wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM)
  1006. != WOLFSSL_SUCCESS)
  1007. {
  1008. /*err_sys("can't load server key file, "
  1009. "Please run from wolfSSL home dir");*/
  1010. goto done;
  1011. }
  1012. /* call ctx setup callback */
  1013. if (cbf != NULL && cbf->ctx_ready != NULL) {
  1014. cbf->ctx_ready(ctx);
  1015. }
  1016. ssl = wolfSSL_new(ctx);
  1017. tcp_accept(&sockfd, &clientfd, (func_args*)args, port, 0, 0, 0, 0, 1);
  1018. CloseSocket(sockfd);
  1019. if (wolfSSL_set_fd(ssl, clientfd) != WOLFSSL_SUCCESS) {
  1020. /*err_sys("SSL_set_fd failed");*/
  1021. goto done;
  1022. }
  1023. #if !defined(NO_FILESYSTEM) && !defined(NO_DH)
  1024. wolfSSL_SetTmpDH_file(ssl, dhParamFile, WOLFSSL_FILETYPE_PEM);
  1025. #elif !defined(NO_DH)
  1026. SetDH(ssl); /* will repick suites with DHE, higher priority than PSK */
  1027. #endif
  1028. /* call ssl setup callback */
  1029. if (cbf != NULL && cbf->ssl_ready != NULL) {
  1030. cbf->ssl_ready(ssl);
  1031. }
  1032. do {
  1033. #ifdef WOLFSSL_ASYNC_CRYPT
  1034. if (err == WC_PENDING_E) {
  1035. ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
  1036. if (ret < 0) { break; } else if (ret == 0) { continue; }
  1037. }
  1038. #endif
  1039. err = 0; /* Reset error */
  1040. ret = wolfSSL_accept(ssl);
  1041. if (ret != WOLFSSL_SUCCESS) {
  1042. err = wolfSSL_get_error(ssl, 0);
  1043. }
  1044. } while (ret != WOLFSSL_SUCCESS && err == WC_PENDING_E);
  1045. if (ret != WOLFSSL_SUCCESS) {
  1046. char buff[WOLFSSL_MAX_ERROR_SZ];
  1047. printf("error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buff));
  1048. /*err_sys("SSL_accept failed");*/
  1049. goto done;
  1050. }
  1051. idx = wolfSSL_read(ssl, input, sizeof(input)-1);
  1052. if (idx > 0) {
  1053. input[idx] = 0;
  1054. printf("Client message: %s\n", input);
  1055. }
  1056. if (wolfSSL_write(ssl, msg, sizeof(msg)) != sizeof(msg))
  1057. {
  1058. /*err_sys("SSL_write failed");*/
  1059. #ifdef WOLFSSL_TIRTOS
  1060. return;
  1061. #else
  1062. return 0;
  1063. #endif
  1064. }
  1065. #ifdef WOLFSSL_TIRTOS
  1066. Task_yield();
  1067. #endif
  1068. ((func_args*)args)->return_code = TEST_SUCCESS;
  1069. done:
  1070. wolfSSL_shutdown(ssl);
  1071. wolfSSL_free(ssl);
  1072. wolfSSL_CTX_free(ctx);
  1073. CloseSocket(clientfd);
  1074. #ifdef WOLFSSL_TIRTOS
  1075. fdCloseSession(Task_self());
  1076. #endif
  1077. #if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \
  1078. && defined(HAVE_THREAD_LS)
  1079. wc_ecc_fp_free(); /* free per thread cache */
  1080. #endif
  1081. #ifndef WOLFSSL_TIRTOS
  1082. return 0;
  1083. #endif
  1084. }
  1085. #endif /* !NO_WOLFSSL_SERVER */
  1086. typedef int (*cbType)(WOLFSSL_CTX *ctx, WOLFSSL *ssl);
  1087. static void test_client_nofail(void* args, void *cb)
  1088. {
  1089. SOCKET_T sockfd = 0;
  1090. callback_functions* cbf = NULL;
  1091. WOLFSSL_METHOD* method = 0;
  1092. WOLFSSL_CTX* ctx = 0;
  1093. WOLFSSL* ssl = 0;
  1094. char msg[64] = "hello wolfssl!";
  1095. char reply[1024];
  1096. int input;
  1097. int msgSz = (int)XSTRLEN(msg);
  1098. int ret, err = 0;
  1099. #ifdef WOLFSSL_TIRTOS
  1100. fdOpenSession(Task_self());
  1101. #endif
  1102. if (((func_args*)args)->callbacks != NULL) {
  1103. cbf = ((func_args*)args)->callbacks;
  1104. }
  1105. ((func_args*)args)->return_code = TEST_FAIL;
  1106. if (cbf != NULL && cbf->method != NULL) {
  1107. method = cbf->method();
  1108. }
  1109. else {
  1110. method = wolfSSLv23_client_method();
  1111. }
  1112. ctx = wolfSSL_CTX_new(method);
  1113. #ifdef WOLFSSL_ENCRYPTED_KEYS
  1114. wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
  1115. #endif
  1116. if (wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0) != WOLFSSL_SUCCESS)
  1117. {
  1118. /* err_sys("can't load ca file, Please run from wolfSSL home dir");*/
  1119. goto done2;
  1120. }
  1121. if (wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, WOLFSSL_FILETYPE_PEM)
  1122. != WOLFSSL_SUCCESS)
  1123. {
  1124. /*err_sys("can't load client cert file, "
  1125. "Please run from wolfSSL home dir");*/
  1126. goto done2;
  1127. }
  1128. if (wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, WOLFSSL_FILETYPE_PEM)
  1129. != WOLFSSL_SUCCESS)
  1130. {
  1131. /*err_sys("can't load client key file, "
  1132. "Please run from wolfSSL home dir");*/
  1133. goto done2;
  1134. }
  1135. /* call ctx setup callback */
  1136. if (cbf != NULL && cbf->ctx_ready != NULL) {
  1137. cbf->ctx_ready(ctx);
  1138. }
  1139. ssl = wolfSSL_new(ctx);
  1140. tcp_connect(&sockfd, wolfSSLIP, ((func_args*)args)->signal->port,
  1141. 0, 0, ssl);
  1142. if (wolfSSL_set_fd(ssl, sockfd) != WOLFSSL_SUCCESS) {
  1143. /*err_sys("SSL_set_fd failed");*/
  1144. goto done2;
  1145. }
  1146. /* call ssl setup callback */
  1147. if (cbf != NULL && cbf->ssl_ready != NULL) {
  1148. cbf->ssl_ready(ssl);
  1149. }
  1150. do {
  1151. #ifdef WOLFSSL_ASYNC_CRYPT
  1152. if (err == WC_PENDING_E) {
  1153. ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
  1154. if (ret < 0) { break; } else if (ret == 0) { continue; }
  1155. }
  1156. #endif
  1157. err = 0; /* Reset error */
  1158. ret = wolfSSL_connect(ssl);
  1159. if (ret != WOLFSSL_SUCCESS) {
  1160. err = wolfSSL_get_error(ssl, 0);
  1161. }
  1162. } while (ret != WOLFSSL_SUCCESS && err == WC_PENDING_E);
  1163. if (ret != WOLFSSL_SUCCESS) {
  1164. char buff[WOLFSSL_MAX_ERROR_SZ];
  1165. printf("error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buff));
  1166. /*err_sys("SSL_connect failed");*/
  1167. goto done2;
  1168. }
  1169. if(cb != NULL)((cbType)cb)(ctx, ssl);
  1170. if (wolfSSL_write(ssl, msg, msgSz) != msgSz)
  1171. {
  1172. /*err_sys("SSL_write failed");*/
  1173. goto done2;
  1174. }
  1175. input = wolfSSL_read(ssl, reply, sizeof(reply)-1);
  1176. if (input > 0)
  1177. {
  1178. reply[input] = 0;
  1179. printf("Server response: %s\n", reply);
  1180. }
  1181. ((func_args*)args)->return_code = TEST_SUCCESS;
  1182. done2:
  1183. wolfSSL_free(ssl);
  1184. wolfSSL_CTX_free(ctx);
  1185. CloseSocket(sockfd);
  1186. #ifdef WOLFSSL_TIRTOS
  1187. fdCloseSession(Task_self());
  1188. #endif
  1189. return;
  1190. }
  1191. /* SNI / ALPN / session export helper functions */
  1192. #if defined(HAVE_SNI) || defined(HAVE_ALPN) || defined(WOLFSSL_SESSION_EXPORT)
  1193. static THREAD_RETURN WOLFSSL_THREAD run_wolfssl_server(void* args)
  1194. {
  1195. callback_functions* callbacks = ((func_args*)args)->callbacks;
  1196. WOLFSSL_CTX* ctx = wolfSSL_CTX_new(callbacks->method());
  1197. WOLFSSL* ssl = NULL;
  1198. SOCKET_T sfd = 0;
  1199. SOCKET_T cfd = 0;
  1200. word16 port;
  1201. char msg[] = "I hear you fa shizzle!";
  1202. int len = (int) XSTRLEN(msg);
  1203. char input[1024];
  1204. int idx;
  1205. int ret, err = 0;
  1206. #ifdef WOLFSSL_TIRTOS
  1207. fdOpenSession(Task_self());
  1208. #endif
  1209. ((func_args*)args)->return_code = TEST_FAIL;
  1210. #if defined(USE_WINDOWS_API)
  1211. port = ((func_args*)args)->signal->port;
  1212. #elif defined(NO_MAIN_DRIVER) && !defined(WOLFSSL_SNIFFER) && \
  1213. !defined(WOLFSSL_MDK_SHELL) && !defined(WOLFSSL_TIRTOS)
  1214. /* Let tcp_listen assign port */
  1215. port = 0;
  1216. #else
  1217. /* Use default port */
  1218. port = wolfSSLPort;
  1219. #endif
  1220. wolfSSL_CTX_set_verify(ctx,
  1221. WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0);
  1222. #ifdef WOLFSSL_ENCRYPTED_KEYS
  1223. wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
  1224. #endif
  1225. #ifdef WOLFSSL_SESSION_EXPORT
  1226. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_dtls_set_export(ctx, test_export));
  1227. #endif
  1228. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_load_verify_locations(ctx, cliCertFile, 0));
  1229. AssertIntEQ(WOLFSSL_SUCCESS,
  1230. wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM));
  1231. AssertIntEQ(WOLFSSL_SUCCESS,
  1232. wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM));
  1233. if (callbacks->ctx_ready)
  1234. callbacks->ctx_ready(ctx);
  1235. ssl = wolfSSL_new(ctx);
  1236. if (wolfSSL_dtls(ssl)) {
  1237. SOCKADDR_IN_T cliAddr;
  1238. socklen_t cliLen;
  1239. cliLen = sizeof(cliAddr);
  1240. tcp_accept(&sfd, &cfd, (func_args*)args, port, 0, 1, 0, 0, 0);
  1241. idx = (int)recvfrom(sfd, input, sizeof(input), MSG_PEEK,
  1242. (struct sockaddr*)&cliAddr, &cliLen);
  1243. AssertIntGT(idx, 0);
  1244. wolfSSL_dtls_set_peer(ssl, &cliAddr, cliLen);
  1245. }
  1246. else {
  1247. tcp_accept(&sfd, &cfd, (func_args*)args, port, 0, 0, 0, 0, 1);
  1248. CloseSocket(sfd);
  1249. }
  1250. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_set_fd(ssl, cfd));
  1251. #ifdef NO_PSK
  1252. #if !defined(NO_FILESYSTEM) && !defined(NO_DH)
  1253. wolfSSL_SetTmpDH_file(ssl, dhParamFile, WOLFSSL_FILETYPE_PEM);
  1254. #elif !defined(NO_DH)
  1255. SetDH(ssl); /* will repick suites with DHE, higher priority than PSK */
  1256. #endif
  1257. #endif
  1258. if (callbacks->ssl_ready)
  1259. callbacks->ssl_ready(ssl);
  1260. do {
  1261. #ifdef WOLFSSL_ASYNC_CRYPT
  1262. if (err == WC_PENDING_E) {
  1263. ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
  1264. if (ret < 0) { break; } else if (ret == 0) { continue; }
  1265. }
  1266. #endif
  1267. err = 0; /* Reset error */
  1268. ret = wolfSSL_accept(ssl);
  1269. if (ret != WOLFSSL_SUCCESS) {
  1270. err = wolfSSL_get_error(ssl, 0);
  1271. }
  1272. } while (ret != WOLFSSL_SUCCESS && err == WC_PENDING_E);
  1273. if (ret != WOLFSSL_SUCCESS) {
  1274. char buff[WOLFSSL_MAX_ERROR_SZ];
  1275. printf("error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buff));
  1276. /*err_sys("SSL_accept failed");*/
  1277. }
  1278. else {
  1279. if (0 < (idx = wolfSSL_read(ssl, input, sizeof(input)-1))) {
  1280. input[idx] = 0;
  1281. printf("Client message: %s\n", input);
  1282. }
  1283. AssertIntEQ(len, wolfSSL_write(ssl, msg, len));
  1284. #if defined(WOLFSSL_SESSION_EXPORT) && !defined(HAVE_IO_POOL)
  1285. if (wolfSSL_dtls(ssl)) {
  1286. byte* import;
  1287. word32 sz;
  1288. wolfSSL_dtls_export(ssl, NULL, &sz);
  1289. import = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  1290. AssertNotNull(import);
  1291. idx = wolfSSL_dtls_export(ssl, import, &sz);
  1292. AssertIntGE(idx, 0);
  1293. AssertIntGE(wolfSSL_dtls_import(ssl, import, idx), 0);
  1294. XFREE(import, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  1295. }
  1296. #endif
  1297. #ifdef WOLFSSL_TIRTOS
  1298. Task_yield();
  1299. #endif
  1300. ((func_args*)args)->return_code = TEST_SUCCESS;
  1301. }
  1302. if (callbacks->on_result)
  1303. callbacks->on_result(ssl);
  1304. wolfSSL_shutdown(ssl);
  1305. wolfSSL_free(ssl);
  1306. wolfSSL_CTX_free(ctx);
  1307. CloseSocket(cfd);
  1308. #ifdef WOLFSSL_TIRTOS
  1309. fdCloseSession(Task_self());
  1310. #endif
  1311. #if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \
  1312. && defined(HAVE_THREAD_LS)
  1313. wc_ecc_fp_free(); /* free per thread cache */
  1314. #endif
  1315. #ifndef WOLFSSL_TIRTOS
  1316. return 0;
  1317. #endif
  1318. }
  1319. static void run_wolfssl_client(void* args)
  1320. {
  1321. callback_functions* callbacks = ((func_args*)args)->callbacks;
  1322. WOLFSSL_CTX* ctx = wolfSSL_CTX_new(callbacks->method());
  1323. WOLFSSL* ssl = NULL;
  1324. SOCKET_T sfd = 0;
  1325. char msg[] = "hello wolfssl server!";
  1326. int len = (int) XSTRLEN(msg);
  1327. char input[1024];
  1328. int idx;
  1329. int ret, err = 0;
  1330. #ifdef WOLFSSL_TIRTOS
  1331. fdOpenSession(Task_self());
  1332. #endif
  1333. ((func_args*)args)->return_code = TEST_FAIL;
  1334. #ifdef WOLFSSL_ENCRYPTED_KEYS
  1335. wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
  1336. #endif
  1337. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0));
  1338. AssertIntEQ(WOLFSSL_SUCCESS,
  1339. wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, WOLFSSL_FILETYPE_PEM));
  1340. AssertIntEQ(WOLFSSL_SUCCESS,
  1341. wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, WOLFSSL_FILETYPE_PEM));
  1342. if (callbacks->ctx_ready)
  1343. callbacks->ctx_ready(ctx);
  1344. ssl = wolfSSL_new(ctx);
  1345. if (wolfSSL_dtls(ssl)) {
  1346. tcp_connect(&sfd, wolfSSLIP, ((func_args*)args)->signal->port,
  1347. 1, 0, ssl);
  1348. }
  1349. else {
  1350. tcp_connect(&sfd, wolfSSLIP, ((func_args*)args)->signal->port,
  1351. 0, 0, ssl);
  1352. }
  1353. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_set_fd(ssl, sfd));
  1354. if (callbacks->ssl_ready)
  1355. callbacks->ssl_ready(ssl);
  1356. do {
  1357. #ifdef WOLFSSL_ASYNC_CRYPT
  1358. if (err == WC_PENDING_E) {
  1359. ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
  1360. if (ret < 0) { break; } else if (ret == 0) { continue; }
  1361. }
  1362. #endif
  1363. err = 0; /* Reset error */
  1364. ret = wolfSSL_connect(ssl);
  1365. if (ret != WOLFSSL_SUCCESS) {
  1366. err = wolfSSL_get_error(ssl, 0);
  1367. }
  1368. } while (ret != WOLFSSL_SUCCESS && err == WC_PENDING_E);
  1369. if (ret != WOLFSSL_SUCCESS) {
  1370. char buff[WOLFSSL_MAX_ERROR_SZ];
  1371. printf("error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buff));
  1372. /*err_sys("SSL_connect failed");*/
  1373. }
  1374. else {
  1375. AssertIntEQ(len, wolfSSL_write(ssl, msg, len));
  1376. if (0 < (idx = wolfSSL_read(ssl, input, sizeof(input)-1))) {
  1377. input[idx] = 0;
  1378. printf("Server response: %s\n", input);
  1379. }
  1380. ((func_args*)args)->return_code = TEST_SUCCESS;
  1381. }
  1382. if (callbacks->on_result)
  1383. callbacks->on_result(ssl);
  1384. wolfSSL_free(ssl);
  1385. wolfSSL_CTX_free(ctx);
  1386. CloseSocket(sfd);
  1387. #ifdef WOLFSSL_TIRTOS
  1388. fdCloseSession(Task_self());
  1389. #endif
  1390. }
  1391. #endif /* defined(HAVE_SNI) || defined(HAVE_ALPN) ||
  1392. defined(WOLFSSL_SESSION_EXPORT) */
  1393. #endif /* io tests dependencies */
  1394. static void test_wolfSSL_read_write(void)
  1395. {
  1396. #ifdef HAVE_IO_TESTS_DEPENDENCIES
  1397. /* The unit testing for read and write shall happen simutaneously, since
  1398. * one can't do anything with one without the other. (Except for a failure
  1399. * test case.) This function will call all the others that will set up,
  1400. * execute, and report their test findings.
  1401. *
  1402. * Set up the success case first. This function will become the template
  1403. * for the other tests. This should eventually be renamed
  1404. *
  1405. * The success case isn't interesting, how can this fail?
  1406. * - Do not give the client context a CA certificate. The connect should
  1407. * fail. Do not need server for this?
  1408. * - Using NULL for the ssl object on server. Do not need client for this.
  1409. * - Using NULL for the ssl object on client. Do not need server for this.
  1410. * - Good ssl objects for client and server. Client write() without server
  1411. * read().
  1412. * - Good ssl objects for client and server. Server write() without client
  1413. * read().
  1414. * - Forgetting the password callback?
  1415. */
  1416. tcp_ready ready;
  1417. func_args client_args;
  1418. func_args server_args;
  1419. THREAD_TYPE serverThread;
  1420. XMEMSET(&client_args, 0, sizeof(func_args));
  1421. XMEMSET(&server_args, 0, sizeof(func_args));
  1422. #ifdef WOLFSSL_TIRTOS
  1423. fdOpenSession(Task_self());
  1424. #endif
  1425. StartTCP();
  1426. InitTcpReady(&ready);
  1427. #if defined(USE_WINDOWS_API)
  1428. /* use RNG to get random port if using windows */
  1429. ready.port = GetRandomPort();
  1430. #endif
  1431. server_args.signal = &ready;
  1432. client_args.signal = &ready;
  1433. start_thread(test_server_nofail, &server_args, &serverThread);
  1434. wait_tcp_ready(&server_args);
  1435. test_client_nofail(&client_args, NULL);
  1436. join_thread(serverThread);
  1437. AssertTrue(client_args.return_code);
  1438. AssertTrue(server_args.return_code);
  1439. FreeTcpReady(&ready);
  1440. #ifdef WOLFSSL_TIRTOS
  1441. fdOpenSession(Task_self());
  1442. #endif
  1443. #endif
  1444. }
  1445. #if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS) && \
  1446. defined(WOLFSSL_SESSION_EXPORT)
  1447. /* canned export of a session using older version 3 */
  1448. static unsigned char version_3[] = {
  1449. 0xA5, 0xA3, 0x01, 0x87, 0x00, 0x39, 0x00, 0x01,
  1450. 0x00, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x80,
  1451. 0x00, 0x1C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
  1452. 0x01, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
  1453. 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x01,
  1454. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  1455. 0x00, 0x00, 0x00, 0xC0, 0x30, 0x05, 0x09, 0x0A,
  1456. 0x01, 0x01, 0x00, 0x0D, 0x05, 0xFE, 0xFD, 0x01,
  1457. 0x25, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  1458. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  1459. 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
  1460. 0x01, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
  1461. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x00,
  1462. 0x05, 0x00, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00,
  1463. 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x00,
  1464. 0x01, 0x00, 0x07, 0x00, 0x00, 0x00, 0x30, 0x00,
  1465. 0x00, 0x00, 0x10, 0x01, 0x01, 0x00, 0x02, 0x00,
  1466. 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
  1467. 0x02, 0x00, 0x00, 0x00, 0x3F, 0x00, 0x00, 0x00,
  1468. 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x00, 0x00,
  1469. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  1470. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  1471. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  1472. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  1473. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  1474. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  1475. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  1476. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  1477. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  1478. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  1479. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  1480. 0x00, 0x00, 0x00, 0x20, 0x05, 0x12, 0xCF, 0x22,
  1481. 0xA1, 0x9F, 0x1C, 0x39, 0x1D, 0x31, 0x11, 0x12,
  1482. 0x1D, 0x11, 0x18, 0x0D, 0x0B, 0xF3, 0xE1, 0x4D,
  1483. 0xDC, 0xB1, 0xF1, 0x39, 0x98, 0x91, 0x6C, 0x48,
  1484. 0xE5, 0xED, 0x11, 0x12, 0xA0, 0x00, 0xF2, 0x25,
  1485. 0x4C, 0x09, 0x26, 0xD1, 0x74, 0xDF, 0x23, 0x40,
  1486. 0x15, 0x6A, 0x42, 0x2A, 0x26, 0xA5, 0xAC, 0x56,
  1487. 0xD5, 0x4A, 0x20, 0xB7, 0xE9, 0xEF, 0xEB, 0xAF,
  1488. 0xA8, 0x1E, 0x23, 0x7C, 0x04, 0xAA, 0xA1, 0x6D,
  1489. 0x92, 0x79, 0x7B, 0xFA, 0x80, 0x00, 0x00, 0x00,
  1490. 0x00, 0x00, 0x00, 0x00, 0x01, 0x0C, 0x79, 0x7B,
  1491. 0xFA, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  1492. 0x00, 0x00, 0xAA, 0xA1, 0x6D, 0x92, 0x00, 0x00,
  1493. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10,
  1494. 0x00, 0x20, 0x00, 0x04, 0x00, 0x10, 0x00, 0x10,
  1495. 0x08, 0x02, 0x05, 0x08, 0x01, 0x30, 0x28, 0x00,
  1496. 0x00, 0x0F, 0x00, 0x02, 0x00, 0x09, 0x31, 0x32,
  1497. 0x37, 0x2E, 0x30, 0x2E, 0x30, 0x2E, 0x31, 0xED,
  1498. 0x4F
  1499. };
  1500. #endif /* defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS) && \
  1501. defined(WOLFSSL_SESSION_EXPORT) */
  1502. static void test_wolfSSL_dtls_export(void)
  1503. {
  1504. #if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS) && \
  1505. defined(WOLFSSL_SESSION_EXPORT)
  1506. tcp_ready ready;
  1507. func_args client_args;
  1508. func_args server_args;
  1509. THREAD_TYPE serverThread;
  1510. callback_functions server_cbf;
  1511. callback_functions client_cbf;
  1512. #ifdef WOLFSSL_TIRTOS
  1513. fdOpenSession(Task_self());
  1514. #endif
  1515. InitTcpReady(&ready);
  1516. #if defined(USE_WINDOWS_API)
  1517. /* use RNG to get random port if using windows */
  1518. ready.port = GetRandomPort();
  1519. #endif
  1520. /* set using dtls */
  1521. XMEMSET(&client_args, 0, sizeof(func_args));
  1522. XMEMSET(&server_args, 0, sizeof(func_args));
  1523. XMEMSET(&server_cbf, 0, sizeof(callback_functions));
  1524. XMEMSET(&client_cbf, 0, sizeof(callback_functions));
  1525. server_cbf.method = wolfDTLSv1_2_server_method;
  1526. client_cbf.method = wolfDTLSv1_2_client_method;
  1527. server_args.callbacks = &server_cbf;
  1528. client_args.callbacks = &client_cbf;
  1529. server_args.signal = &ready;
  1530. client_args.signal = &ready;
  1531. start_thread(run_wolfssl_server, &server_args, &serverThread);
  1532. wait_tcp_ready(&server_args);
  1533. run_wolfssl_client(&client_args);
  1534. join_thread(serverThread);
  1535. AssertTrue(client_args.return_code);
  1536. AssertTrue(server_args.return_code);
  1537. FreeTcpReady(&ready);
  1538. #ifdef WOLFSSL_TIRTOS
  1539. fdOpenSession(Task_self());
  1540. #endif
  1541. {
  1542. WOLFSSL_CTX* ctx;
  1543. WOLFSSL* ssl;
  1544. /* Set ctx to DTLS 1.2 */
  1545. AssertNotNull(ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method()));
  1546. AssertNotNull(ssl = wolfSSL_new(ctx));
  1547. /* test importing version 3 */
  1548. AssertIntGE(wolfSSL_dtls_import(ssl, version_3, sizeof(version_3)), 0);
  1549. /* test importing bad length and bad version */
  1550. version_3[2] += 1;
  1551. AssertIntLT(wolfSSL_dtls_import(ssl, version_3, sizeof(version_3)), 0);
  1552. version_3[2] -= 1; version_3[1] = 0XA0;
  1553. AssertIntLT(wolfSSL_dtls_import(ssl, version_3, sizeof(version_3)), 0);
  1554. wolfSSL_free(ssl);
  1555. wolfSSL_CTX_free(ctx);
  1556. }
  1557. printf(testingFmt, "wolfSSL_dtls_export()");
  1558. printf(resultFmt, passed);
  1559. #endif
  1560. }
  1561. /*----------------------------------------------------------------------------*
  1562. | TLS extensions tests
  1563. *----------------------------------------------------------------------------*/
  1564. #if defined(HAVE_SNI) || defined(HAVE_ALPN)
  1565. /* connection test runner */
  1566. static void test_wolfSSL_client_server(callback_functions* client_callbacks,
  1567. callback_functions* server_callbacks)
  1568. {
  1569. #ifdef HAVE_IO_TESTS_DEPENDENCIES
  1570. tcp_ready ready;
  1571. func_args client_args;
  1572. func_args server_args;
  1573. THREAD_TYPE serverThread;
  1574. XMEMSET(&client_args, 0, sizeof(func_args));
  1575. XMEMSET(&server_args, 0, sizeof(func_args));
  1576. StartTCP();
  1577. client_args.callbacks = client_callbacks;
  1578. server_args.callbacks = server_callbacks;
  1579. #ifdef WOLFSSL_TIRTOS
  1580. fdOpenSession(Task_self());
  1581. #endif
  1582. /* RUN Server side */
  1583. InitTcpReady(&ready);
  1584. #if defined(USE_WINDOWS_API)
  1585. /* use RNG to get random port if using windows */
  1586. ready.port = GetRandomPort();
  1587. #endif
  1588. server_args.signal = &ready;
  1589. client_args.signal = &ready;
  1590. start_thread(run_wolfssl_server, &server_args, &serverThread);
  1591. wait_tcp_ready(&server_args);
  1592. /* RUN Client side */
  1593. run_wolfssl_client(&client_args);
  1594. join_thread(serverThread);
  1595. FreeTcpReady(&ready);
  1596. #ifdef WOLFSSL_TIRTOS
  1597. fdCloseSession(Task_self());
  1598. #endif
  1599. #else
  1600. (void)client_callbacks;
  1601. (void)server_callbacks;
  1602. #endif
  1603. }
  1604. #endif /* defined(HAVE_SNI) || defined(HAVE_ALPN) */
  1605. #ifdef HAVE_SNI
  1606. static void test_wolfSSL_UseSNI_params(void)
  1607. {
  1608. WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
  1609. WOLFSSL *ssl = wolfSSL_new(ctx);
  1610. AssertNotNull(ctx);
  1611. AssertNotNull(ssl);
  1612. /* invalid [ctx|ssl] */
  1613. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSNI(NULL, 0, "ctx", 3));
  1614. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_UseSNI( NULL, 0, "ssl", 3));
  1615. /* invalid type */
  1616. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSNI(ctx, -1, "ctx", 3));
  1617. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_UseSNI( ssl, -1, "ssl", 3));
  1618. /* invalid data */
  1619. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSNI(ctx, 0, NULL, 3));
  1620. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_UseSNI( ssl, 0, NULL, 3));
  1621. /* success case */
  1622. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSNI(ctx, 0, "ctx", 3));
  1623. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseSNI( ssl, 0, "ssl", 3));
  1624. wolfSSL_free(ssl);
  1625. wolfSSL_CTX_free(ctx);
  1626. }
  1627. /* BEGIN of connection tests callbacks */
  1628. static void use_SNI_at_ctx(WOLFSSL_CTX* ctx)
  1629. {
  1630. AssertIntEQ(WOLFSSL_SUCCESS,
  1631. wolfSSL_CTX_UseSNI(ctx, WOLFSSL_SNI_HOST_NAME, "www.wolfssl.com", 15));
  1632. }
  1633. static void use_SNI_at_ssl(WOLFSSL* ssl)
  1634. {
  1635. AssertIntEQ(WOLFSSL_SUCCESS,
  1636. wolfSSL_UseSNI(ssl, WOLFSSL_SNI_HOST_NAME, "www.wolfssl.com", 15));
  1637. }
  1638. static void different_SNI_at_ssl(WOLFSSL* ssl)
  1639. {
  1640. AssertIntEQ(WOLFSSL_SUCCESS,
  1641. wolfSSL_UseSNI(ssl, WOLFSSL_SNI_HOST_NAME, "ww2.wolfssl.com", 15));
  1642. }
  1643. static void use_SNI_WITH_CONTINUE_at_ssl(WOLFSSL* ssl)
  1644. {
  1645. use_SNI_at_ssl(ssl);
  1646. wolfSSL_SNI_SetOptions(ssl, WOLFSSL_SNI_HOST_NAME,
  1647. WOLFSSL_SNI_CONTINUE_ON_MISMATCH);
  1648. }
  1649. static void use_SNI_WITH_FAKE_ANSWER_at_ssl(WOLFSSL* ssl)
  1650. {
  1651. use_SNI_at_ssl(ssl);
  1652. wolfSSL_SNI_SetOptions(ssl, WOLFSSL_SNI_HOST_NAME,
  1653. WOLFSSL_SNI_ANSWER_ON_MISMATCH);
  1654. }
  1655. static void use_MANDATORY_SNI_at_ctx(WOLFSSL_CTX* ctx)
  1656. {
  1657. use_SNI_at_ctx(ctx);
  1658. wolfSSL_CTX_SNI_SetOptions(ctx, WOLFSSL_SNI_HOST_NAME,
  1659. WOLFSSL_SNI_ABORT_ON_ABSENCE);
  1660. }
  1661. static void use_MANDATORY_SNI_at_ssl(WOLFSSL* ssl)
  1662. {
  1663. use_SNI_at_ssl(ssl);
  1664. wolfSSL_SNI_SetOptions(ssl, WOLFSSL_SNI_HOST_NAME,
  1665. WOLFSSL_SNI_ABORT_ON_ABSENCE);
  1666. }
  1667. static void use_PSEUDO_MANDATORY_SNI_at_ctx(WOLFSSL_CTX* ctx)
  1668. {
  1669. use_SNI_at_ctx(ctx);
  1670. wolfSSL_CTX_SNI_SetOptions(ctx, WOLFSSL_SNI_HOST_NAME,
  1671. WOLFSSL_SNI_ANSWER_ON_MISMATCH | WOLFSSL_SNI_ABORT_ON_ABSENCE);
  1672. }
  1673. static void verify_UNKNOWN_SNI_on_server(WOLFSSL* ssl)
  1674. {
  1675. AssertIntEQ(UNKNOWN_SNI_HOST_NAME_E, wolfSSL_get_error(ssl, 0));
  1676. }
  1677. static void verify_SNI_ABSENT_on_server(WOLFSSL* ssl)
  1678. {
  1679. AssertIntEQ(SNI_ABSENT_ERROR, wolfSSL_get_error(ssl, 0));
  1680. }
  1681. static void verify_SNI_no_matching(WOLFSSL* ssl)
  1682. {
  1683. byte type = WOLFSSL_SNI_HOST_NAME;
  1684. char* request = (char*) &type; /* to be overwriten */
  1685. AssertIntEQ(WOLFSSL_SNI_NO_MATCH, wolfSSL_SNI_Status(ssl, type));
  1686. AssertNotNull(request);
  1687. AssertIntEQ(0, wolfSSL_SNI_GetRequest(ssl, type, (void**) &request));
  1688. AssertNull(request);
  1689. }
  1690. static void verify_SNI_real_matching(WOLFSSL* ssl)
  1691. {
  1692. byte type = WOLFSSL_SNI_HOST_NAME;
  1693. char* request = NULL;
  1694. AssertIntEQ(WOLFSSL_SNI_REAL_MATCH, wolfSSL_SNI_Status(ssl, type));
  1695. AssertIntEQ(15, wolfSSL_SNI_GetRequest(ssl, type, (void**) &request));
  1696. AssertNotNull(request);
  1697. AssertStrEQ("www.wolfssl.com", request);
  1698. }
  1699. static void verify_SNI_fake_matching(WOLFSSL* ssl)
  1700. {
  1701. byte type = WOLFSSL_SNI_HOST_NAME;
  1702. char* request = NULL;
  1703. AssertIntEQ(WOLFSSL_SNI_FAKE_MATCH, wolfSSL_SNI_Status(ssl, type));
  1704. AssertIntEQ(15, wolfSSL_SNI_GetRequest(ssl, type, (void**) &request));
  1705. AssertNotNull(request);
  1706. AssertStrEQ("ww2.wolfssl.com", request);
  1707. }
  1708. static void verify_FATAL_ERROR_on_client(WOLFSSL* ssl)
  1709. {
  1710. AssertIntEQ(FATAL_ERROR, wolfSSL_get_error(ssl, 0));
  1711. }
  1712. /* END of connection tests callbacks */
  1713. static void test_wolfSSL_UseSNI_connection(void)
  1714. {
  1715. unsigned long i;
  1716. callback_functions callbacks[] = {
  1717. /* success case at ctx */
  1718. {0, use_SNI_at_ctx, 0, 0},
  1719. {0, use_SNI_at_ctx, 0, verify_SNI_real_matching},
  1720. /* success case at ssl */
  1721. {0, 0, use_SNI_at_ssl, verify_SNI_real_matching},
  1722. {0, 0, use_SNI_at_ssl, verify_SNI_real_matching},
  1723. /* default missmatch behavior */
  1724. {0, 0, different_SNI_at_ssl, verify_FATAL_ERROR_on_client},
  1725. {0, 0, use_SNI_at_ssl, verify_UNKNOWN_SNI_on_server},
  1726. /* continue on missmatch */
  1727. {0, 0, different_SNI_at_ssl, 0},
  1728. {0, 0, use_SNI_WITH_CONTINUE_at_ssl, verify_SNI_no_matching},
  1729. /* fake answer on missmatch */
  1730. {0, 0, different_SNI_at_ssl, 0},
  1731. {0, 0, use_SNI_WITH_FAKE_ANSWER_at_ssl, verify_SNI_fake_matching},
  1732. /* sni abort - success */
  1733. {0, use_SNI_at_ctx, 0, 0},
  1734. {0, use_MANDATORY_SNI_at_ctx, 0, verify_SNI_real_matching},
  1735. /* sni abort - abort when absent (ctx) */
  1736. {0, 0, 0, verify_FATAL_ERROR_on_client},
  1737. {0, use_MANDATORY_SNI_at_ctx, 0, verify_SNI_ABSENT_on_server},
  1738. /* sni abort - abort when absent (ssl) */
  1739. {0, 0, 0, verify_FATAL_ERROR_on_client},
  1740. {0, 0, use_MANDATORY_SNI_at_ssl, verify_SNI_ABSENT_on_server},
  1741. /* sni abort - success when overwriten */
  1742. {0, 0, 0, 0},
  1743. {0, use_MANDATORY_SNI_at_ctx, use_SNI_at_ssl, verify_SNI_no_matching},
  1744. /* sni abort - success when allowing missmatches */
  1745. {0, 0, different_SNI_at_ssl, 0},
  1746. {0, use_PSEUDO_MANDATORY_SNI_at_ctx, 0, verify_SNI_fake_matching},
  1747. };
  1748. for (i = 0; i < sizeof(callbacks) / sizeof(callback_functions); i += 2) {
  1749. callbacks[i ].method = wolfSSLv23_client_method;
  1750. callbacks[i + 1].method = wolfSSLv23_server_method;
  1751. test_wolfSSL_client_server(&callbacks[i], &callbacks[i + 1]);
  1752. }
  1753. }
  1754. static void test_wolfSSL_SNI_GetFromBuffer(void)
  1755. {
  1756. byte buffer[] = { /* www.paypal.com */
  1757. 0x00, 0x00, 0x00, 0x00, 0xff, 0x01, 0x00, 0x00, 0x60, 0x03, 0x03, 0x5c,
  1758. 0xc4, 0xb3, 0x8c, 0x87, 0xef, 0xa4, 0x09, 0xe0, 0x02, 0xab, 0x86, 0xca,
  1759. 0x76, 0xf0, 0x9e, 0x01, 0x65, 0xf6, 0xa6, 0x06, 0x13, 0x1d, 0x0f, 0xa5,
  1760. 0x79, 0xb0, 0xd4, 0x77, 0x22, 0xeb, 0x1a, 0x00, 0x00, 0x16, 0x00, 0x6b,
  1761. 0x00, 0x67, 0x00, 0x39, 0x00, 0x33, 0x00, 0x3d, 0x00, 0x3c, 0x00, 0x35,
  1762. 0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x21,
  1763. 0x00, 0x00, 0x00, 0x13, 0x00, 0x11, 0x00, 0x00, 0x0e, 0x77, 0x77, 0x77,
  1764. 0x2e, 0x70, 0x61, 0x79, 0x70, 0x61, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x00,
  1765. 0x0d, 0x00, 0x06, 0x00, 0x04, 0x04, 0x01, 0x02, 0x01
  1766. };
  1767. byte buffer2[] = { /* api.textmate.org */
  1768. 0x16, 0x03, 0x01, 0x00, 0xc6, 0x01, 0x00, 0x00, 0xc2, 0x03, 0x03, 0x52,
  1769. 0x8b, 0x7b, 0xca, 0x69, 0xec, 0x97, 0xd5, 0x08, 0x03, 0x50, 0xfe, 0x3b,
  1770. 0x99, 0xc3, 0x20, 0xce, 0xa5, 0xf6, 0x99, 0xa5, 0x71, 0xf9, 0x57, 0x7f,
  1771. 0x04, 0x38, 0xf6, 0x11, 0x0b, 0xb8, 0xd3, 0x00, 0x00, 0x5e, 0x00, 0xff,
  1772. 0xc0, 0x24, 0xc0, 0x23, 0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x07, 0xc0, 0x08,
  1773. 0xc0, 0x28, 0xc0, 0x27, 0xc0, 0x14, 0xc0, 0x13, 0xc0, 0x11, 0xc0, 0x12,
  1774. 0xc0, 0x26, 0xc0, 0x25, 0xc0, 0x2a, 0xc0, 0x29, 0xc0, 0x05, 0xc0, 0x04,
  1775. 0xc0, 0x02, 0xc0, 0x03, 0xc0, 0x0f, 0xc0, 0x0e, 0xc0, 0x0c, 0xc0, 0x0d,
  1776. 0x00, 0x3d, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x35,
  1777. 0x00, 0x0a, 0x00, 0x67, 0x00, 0x6b, 0x00, 0x33, 0x00, 0x39, 0x00, 0x16,
  1778. 0x00, 0xaf, 0x00, 0xae, 0x00, 0x8d, 0x00, 0x8c, 0x00, 0x8a, 0x00, 0x8b,
  1779. 0x00, 0xb1, 0x00, 0xb0, 0x00, 0x2c, 0x00, 0x3b, 0x01, 0x00, 0x00, 0x3b,
  1780. 0x00, 0x00, 0x00, 0x15, 0x00, 0x13, 0x00, 0x00, 0x10, 0x61, 0x70, 0x69,
  1781. 0x2e, 0x74, 0x65, 0x78, 0x74, 0x6d, 0x61, 0x74, 0x65, 0x2e, 0x6f, 0x72,
  1782. 0x67, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x17, 0x00, 0x18, 0x00,
  1783. 0x19, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x0d, 0x00, 0x0c, 0x00,
  1784. 0x0a, 0x05, 0x01, 0x04, 0x01, 0x02, 0x01, 0x04, 0x03, 0x02, 0x03
  1785. };
  1786. byte buffer3[] = { /* no sni extension */
  1787. 0x16, 0x03, 0x03, 0x00, 0x4d, 0x01, 0x00, 0x00, 0x49, 0x03, 0x03, 0xea,
  1788. 0xa1, 0x9f, 0x60, 0xdd, 0x52, 0x12, 0x13, 0xbd, 0x84, 0x34, 0xd5, 0x1c,
  1789. 0x38, 0x25, 0xa8, 0x97, 0xd2, 0xd5, 0xc6, 0x45, 0xaf, 0x1b, 0x08, 0xe4,
  1790. 0x1e, 0xbb, 0xdf, 0x9d, 0x39, 0xf0, 0x65, 0x00, 0x00, 0x16, 0x00, 0x6b,
  1791. 0x00, 0x67, 0x00, 0x39, 0x00, 0x33, 0x00, 0x3d, 0x00, 0x3c, 0x00, 0x35,
  1792. 0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x0a,
  1793. 0x00, 0x0d, 0x00, 0x06, 0x00, 0x04, 0x04, 0x01, 0x02, 0x01
  1794. };
  1795. byte buffer4[] = { /* last extension has zero size */
  1796. 0x16, 0x03, 0x01, 0x00, 0xba, 0x01, 0x00, 0x00,
  1797. 0xb6, 0x03, 0x03, 0x83, 0xa3, 0xe6, 0xdc, 0x16, 0xa1, 0x43, 0xe9, 0x45,
  1798. 0x15, 0xbd, 0x64, 0xa9, 0xb6, 0x07, 0xb4, 0x50, 0xc6, 0xdd, 0xff, 0xc2,
  1799. 0xd3, 0x0d, 0x4f, 0x36, 0xb4, 0x41, 0x51, 0x61, 0xc1, 0xa5, 0x9e, 0x00,
  1800. 0x00, 0x28, 0xcc, 0x14, 0xcc, 0x13, 0xc0, 0x2b, 0xc0, 0x2f, 0x00, 0x9e,
  1801. 0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x13, 0xc0, 0x14, 0xc0, 0x07, 0xc0, 0x11,
  1802. 0x00, 0x33, 0x00, 0x32, 0x00, 0x39, 0x00, 0x9c, 0x00, 0x2f, 0x00, 0x35,
  1803. 0x00, 0x0a, 0x00, 0x05, 0x00, 0x04, 0x01, 0x00, 0x00, 0x65, 0xff, 0x01,
  1804. 0x00, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x17, 0x00,
  1805. 0x18, 0x00, 0x19, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x23, 0x00,
  1806. 0x00, 0x33, 0x74, 0x00, 0x00, 0x00, 0x10, 0x00, 0x1b, 0x00, 0x19, 0x06,
  1807. 0x73, 0x70, 0x64, 0x79, 0x2f, 0x33, 0x08, 0x73, 0x70, 0x64, 0x79, 0x2f,
  1808. 0x33, 0x2e, 0x31, 0x08, 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
  1809. 0x75, 0x50, 0x00, 0x00, 0x00, 0x05, 0x00, 0x05, 0x01, 0x00, 0x00, 0x00,
  1810. 0x00, 0x00, 0x0d, 0x00, 0x12, 0x00, 0x10, 0x04, 0x01, 0x05, 0x01, 0x02,
  1811. 0x01, 0x04, 0x03, 0x05, 0x03, 0x02, 0x03, 0x04, 0x02, 0x02, 0x02, 0x00,
  1812. 0x12, 0x00, 0x00
  1813. };
  1814. byte buffer5[] = { /* SSL v2.0 client hello */
  1815. 0x00, 0x2b, 0x01, 0x03, 0x01, 0x00, 0x09, 0x00, 0x00,
  1816. /* dummy bytes bellow, just to pass size check */
  1817. 0xb6, 0x03, 0x03, 0x83, 0xa3, 0xe6, 0xdc, 0x16, 0xa1, 0x43, 0xe9, 0x45,
  1818. 0x15, 0xbd, 0x64, 0xa9, 0xb6, 0x07, 0xb4, 0x50, 0xc6, 0xdd, 0xff, 0xc2,
  1819. 0xd3, 0x0d, 0x4f, 0x36, 0xb4, 0x41, 0x51, 0x61, 0xc1, 0xa5, 0x9e, 0x00,
  1820. };
  1821. byte result[32] = {0};
  1822. word32 length = 32;
  1823. AssertIntEQ(0, wolfSSL_SNI_GetFromBuffer(buffer4, sizeof(buffer4),
  1824. 0, result, &length));
  1825. AssertIntEQ(0, wolfSSL_SNI_GetFromBuffer(buffer3, sizeof(buffer3),
  1826. 0, result, &length));
  1827. AssertIntEQ(0, wolfSSL_SNI_GetFromBuffer(buffer2, sizeof(buffer2),
  1828. 1, result, &length));
  1829. AssertIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buffer, sizeof(buffer),
  1830. 0, result, &length));
  1831. buffer[0] = 0x16;
  1832. AssertIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buffer, sizeof(buffer),
  1833. 0, result, &length));
  1834. buffer[1] = 0x03;
  1835. AssertIntEQ(SNI_UNSUPPORTED, wolfSSL_SNI_GetFromBuffer(buffer,
  1836. sizeof(buffer), 0, result, &length));
  1837. buffer[2] = 0x03;
  1838. AssertIntEQ(INCOMPLETE_DATA, wolfSSL_SNI_GetFromBuffer(buffer,
  1839. sizeof(buffer), 0, result, &length));
  1840. buffer[4] = 0x64;
  1841. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_SNI_GetFromBuffer(buffer, sizeof(buffer),
  1842. 0, result, &length));
  1843. result[length] = 0;
  1844. AssertStrEQ("www.paypal.com", (const char*) result);
  1845. length = 32;
  1846. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_SNI_GetFromBuffer(buffer2, sizeof(buffer2),
  1847. 0, result, &length));
  1848. result[length] = 0;
  1849. AssertStrEQ("api.textmate.org", (const char*) result);
  1850. /* SSL v2.0 tests */
  1851. AssertIntEQ(SNI_UNSUPPORTED, wolfSSL_SNI_GetFromBuffer(buffer5,
  1852. sizeof(buffer5), 0, result, &length));
  1853. buffer5[2] = 0x02;
  1854. AssertIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buffer5,
  1855. sizeof(buffer5), 0, result, &length));
  1856. buffer5[2] = 0x01; buffer5[6] = 0x08;
  1857. AssertIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buffer5,
  1858. sizeof(buffer5), 0, result, &length));
  1859. buffer5[6] = 0x09; buffer5[8] = 0x01;
  1860. AssertIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buffer5,
  1861. sizeof(buffer5), 0, result, &length));
  1862. }
  1863. #endif /* HAVE_SNI */
  1864. static void test_wolfSSL_UseSNI(void)
  1865. {
  1866. #ifdef HAVE_SNI
  1867. test_wolfSSL_UseSNI_params();
  1868. test_wolfSSL_UseSNI_connection();
  1869. test_wolfSSL_SNI_GetFromBuffer();
  1870. #endif
  1871. }
  1872. static void test_wolfSSL_UseMaxFragment(void)
  1873. {
  1874. #if defined(HAVE_MAX_FRAGMENT) && !defined(NO_WOLFSSL_CLIENT)
  1875. WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
  1876. WOLFSSL *ssl = wolfSSL_new(ctx);
  1877. AssertNotNull(ctx);
  1878. AssertNotNull(ssl);
  1879. /* error cases */
  1880. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_UseMaxFragment(NULL, WOLFSSL_MFL_2_9));
  1881. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_UseMaxFragment( NULL, WOLFSSL_MFL_2_9));
  1882. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_UseMaxFragment(ctx, 0));
  1883. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_UseMaxFragment(ctx, 6));
  1884. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_UseMaxFragment(ssl, 0));
  1885. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_UseMaxFragment(ssl, 6));
  1886. /* success case */
  1887. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_9));
  1888. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_10));
  1889. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_11));
  1890. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_12));
  1891. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_13));
  1892. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseMaxFragment( ssl, WOLFSSL_MFL_2_9));
  1893. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseMaxFragment( ssl, WOLFSSL_MFL_2_10));
  1894. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseMaxFragment( ssl, WOLFSSL_MFL_2_11));
  1895. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseMaxFragment( ssl, WOLFSSL_MFL_2_12));
  1896. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseMaxFragment( ssl, WOLFSSL_MFL_2_13));
  1897. wolfSSL_free(ssl);
  1898. wolfSSL_CTX_free(ctx);
  1899. #endif
  1900. }
  1901. static void test_wolfSSL_UseTruncatedHMAC(void)
  1902. {
  1903. #if defined(HAVE_TRUNCATED_HMAC) && !defined(NO_WOLFSSL_CLIENT)
  1904. WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
  1905. WOLFSSL *ssl = wolfSSL_new(ctx);
  1906. AssertNotNull(ctx);
  1907. AssertNotNull(ssl);
  1908. /* error cases */
  1909. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_UseTruncatedHMAC(NULL));
  1910. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_UseTruncatedHMAC(NULL));
  1911. /* success case */
  1912. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseTruncatedHMAC(ctx));
  1913. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseTruncatedHMAC(ssl));
  1914. wolfSSL_free(ssl);
  1915. wolfSSL_CTX_free(ctx);
  1916. #endif
  1917. }
  1918. static void test_wolfSSL_UseSupportedCurve(void)
  1919. {
  1920. #if defined(HAVE_SUPPORTED_CURVES) && !defined(NO_WOLFSSL_CLIENT)
  1921. WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
  1922. WOLFSSL *ssl = wolfSSL_new(ctx);
  1923. AssertNotNull(ctx);
  1924. AssertNotNull(ssl);
  1925. /* error cases */
  1926. AssertIntNE(WOLFSSL_SUCCESS,
  1927. wolfSSL_CTX_UseSupportedCurve(NULL, WOLFSSL_ECC_SECP256R1));
  1928. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSupportedCurve(ctx, 0));
  1929. AssertIntNE(WOLFSSL_SUCCESS,
  1930. wolfSSL_UseSupportedCurve(NULL, WOLFSSL_ECC_SECP256R1));
  1931. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_UseSupportedCurve(ssl, 0));
  1932. /* success case */
  1933. AssertIntEQ(WOLFSSL_SUCCESS,
  1934. wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_SECP256R1));
  1935. AssertIntEQ(WOLFSSL_SUCCESS,
  1936. wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_SECP256R1));
  1937. wolfSSL_free(ssl);
  1938. wolfSSL_CTX_free(ctx);
  1939. #endif
  1940. }
  1941. #ifdef HAVE_ALPN
  1942. static void verify_ALPN_FATAL_ERROR_on_client(WOLFSSL* ssl)
  1943. {
  1944. AssertIntEQ(UNKNOWN_ALPN_PROTOCOL_NAME_E, wolfSSL_get_error(ssl, 0));
  1945. }
  1946. static void use_ALPN_all(WOLFSSL* ssl)
  1947. {
  1948. /* http/1.1,spdy/1,spdy/2,spdy/3 */
  1949. char alpn_list[] = {0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31, 0x2c,
  1950. 0x73, 0x70, 0x64, 0x79, 0x2f, 0x31, 0x2c,
  1951. 0x73, 0x70, 0x64, 0x79, 0x2f, 0x32, 0x2c,
  1952. 0x73, 0x70, 0x64, 0x79, 0x2f, 0x33};
  1953. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, alpn_list, sizeof(alpn_list),
  1954. WOLFSSL_ALPN_FAILED_ON_MISMATCH));
  1955. }
  1956. static void use_ALPN_all_continue(WOLFSSL* ssl)
  1957. {
  1958. /* http/1.1,spdy/1,spdy/2,spdy/3 */
  1959. char alpn_list[] = {0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31, 0x2c,
  1960. 0x73, 0x70, 0x64, 0x79, 0x2f, 0x31, 0x2c,
  1961. 0x73, 0x70, 0x64, 0x79, 0x2f, 0x32, 0x2c,
  1962. 0x73, 0x70, 0x64, 0x79, 0x2f, 0x33};
  1963. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, alpn_list, sizeof(alpn_list),
  1964. WOLFSSL_ALPN_CONTINUE_ON_MISMATCH));
  1965. }
  1966. static void use_ALPN_one(WOLFSSL* ssl)
  1967. {
  1968. /* spdy/2 */
  1969. char proto[] = {0x73, 0x70, 0x64, 0x79, 0x2f, 0x32};
  1970. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, proto, sizeof(proto),
  1971. WOLFSSL_ALPN_FAILED_ON_MISMATCH));
  1972. }
  1973. static void use_ALPN_unknown(WOLFSSL* ssl)
  1974. {
  1975. /* http/2.0 */
  1976. char proto[] = {0x68, 0x74, 0x74, 0x70, 0x2f, 0x32, 0x2e, 0x30};
  1977. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, proto, sizeof(proto),
  1978. WOLFSSL_ALPN_FAILED_ON_MISMATCH));
  1979. }
  1980. static void use_ALPN_unknown_continue(WOLFSSL* ssl)
  1981. {
  1982. /* http/2.0 */
  1983. char proto[] = {0x68, 0x74, 0x74, 0x70, 0x2f, 0x32, 0x2e, 0x30};
  1984. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, proto, sizeof(proto),
  1985. WOLFSSL_ALPN_CONTINUE_ON_MISMATCH));
  1986. }
  1987. static void verify_ALPN_not_matching_spdy3(WOLFSSL* ssl)
  1988. {
  1989. /* spdy/3 */
  1990. char nego_proto[] = {0x73, 0x70, 0x64, 0x79, 0x2f, 0x33};
  1991. char *proto;
  1992. word16 protoSz = 0;
  1993. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_ALPN_GetProtocol(ssl, &proto, &protoSz));
  1994. /* check value */
  1995. AssertIntNE(1, sizeof(nego_proto) == protoSz);
  1996. AssertIntNE(0, XMEMCMP(nego_proto, proto, sizeof(nego_proto)));
  1997. }
  1998. static void verify_ALPN_not_matching_continue(WOLFSSL* ssl)
  1999. {
  2000. char *proto = NULL;
  2001. word16 protoSz = 0;
  2002. AssertIntEQ(WOLFSSL_ALPN_NOT_FOUND,
  2003. wolfSSL_ALPN_GetProtocol(ssl, &proto, &protoSz));
  2004. /* check value */
  2005. AssertIntEQ(1, (0 == protoSz));
  2006. AssertIntEQ(1, (NULL == proto));
  2007. }
  2008. static void verify_ALPN_matching_http1(WOLFSSL* ssl)
  2009. {
  2010. /* http/1.1 */
  2011. char nego_proto[] = {0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31};
  2012. char *proto;
  2013. word16 protoSz = 0;
  2014. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_ALPN_GetProtocol(ssl, &proto, &protoSz));
  2015. /* check value */
  2016. AssertIntEQ(1, sizeof(nego_proto) == protoSz);
  2017. AssertIntEQ(0, XMEMCMP(nego_proto, proto, protoSz));
  2018. }
  2019. static void verify_ALPN_matching_spdy2(WOLFSSL* ssl)
  2020. {
  2021. /* spdy/2 */
  2022. char nego_proto[] = {0x73, 0x70, 0x64, 0x79, 0x2f, 0x32};
  2023. char *proto;
  2024. word16 protoSz = 0;
  2025. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_ALPN_GetProtocol(ssl, &proto, &protoSz));
  2026. /* check value */
  2027. AssertIntEQ(1, sizeof(nego_proto) == protoSz);
  2028. AssertIntEQ(0, XMEMCMP(nego_proto, proto, protoSz));
  2029. }
  2030. static void verify_ALPN_client_list(WOLFSSL* ssl)
  2031. {
  2032. /* http/1.1,spdy/1,spdy/2,spdy/3 */
  2033. char alpn_list[] = {0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31, 0x2c,
  2034. 0x73, 0x70, 0x64, 0x79, 0x2f, 0x31, 0x2c,
  2035. 0x73, 0x70, 0x64, 0x79, 0x2f, 0x32, 0x2c,
  2036. 0x73, 0x70, 0x64, 0x79, 0x2f, 0x33};
  2037. char *clist = NULL;
  2038. word16 clistSz = 0;
  2039. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_ALPN_GetPeerProtocol(ssl, &clist,
  2040. &clistSz));
  2041. /* check value */
  2042. AssertIntEQ(1, sizeof(alpn_list) == clistSz);
  2043. AssertIntEQ(0, XMEMCMP(alpn_list, clist, clistSz));
  2044. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_ALPN_FreePeerProtocol(ssl, &clist));
  2045. }
  2046. static void test_wolfSSL_UseALPN_connection(void)
  2047. {
  2048. unsigned long i;
  2049. callback_functions callbacks[] = {
  2050. /* success case same list */
  2051. {0, 0, use_ALPN_all, 0},
  2052. {0, 0, use_ALPN_all, verify_ALPN_matching_http1},
  2053. /* success case only one for server */
  2054. {0, 0, use_ALPN_all, 0},
  2055. {0, 0, use_ALPN_one, verify_ALPN_matching_spdy2},
  2056. /* success case only one for client */
  2057. {0, 0, use_ALPN_one, 0},
  2058. {0, 0, use_ALPN_all, verify_ALPN_matching_spdy2},
  2059. /* success case none for client */
  2060. {0, 0, 0, 0},
  2061. {0, 0, use_ALPN_all, 0},
  2062. /* success case missmatch behavior but option 'continue' set */
  2063. {0, 0, use_ALPN_all_continue, verify_ALPN_not_matching_continue},
  2064. {0, 0, use_ALPN_unknown_continue, 0},
  2065. /* success case read protocol send by client */
  2066. {0, 0, use_ALPN_all, 0},
  2067. {0, 0, use_ALPN_one, verify_ALPN_client_list},
  2068. /* missmatch behavior with same list
  2069. * the first and only this one must be taken */
  2070. {0, 0, use_ALPN_all, 0},
  2071. {0, 0, use_ALPN_all, verify_ALPN_not_matching_spdy3},
  2072. /* default missmatch behavior */
  2073. {0, 0, use_ALPN_all, 0},
  2074. {0, 0, use_ALPN_unknown, verify_ALPN_FATAL_ERROR_on_client},
  2075. };
  2076. for (i = 0; i < sizeof(callbacks) / sizeof(callback_functions); i += 2) {
  2077. callbacks[i ].method = wolfSSLv23_client_method;
  2078. callbacks[i + 1].method = wolfSSLv23_server_method;
  2079. test_wolfSSL_client_server(&callbacks[i], &callbacks[i + 1]);
  2080. }
  2081. }
  2082. static void test_wolfSSL_UseALPN_params(void)
  2083. {
  2084. #ifndef NO_WOLFSSL_CLIENT
  2085. /* "http/1.1" */
  2086. char http1[] = {0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31};
  2087. /* "spdy/1" */
  2088. char spdy1[] = {0x73, 0x70, 0x64, 0x79, 0x2f, 0x31};
  2089. /* "spdy/2" */
  2090. char spdy2[] = {0x73, 0x70, 0x64, 0x79, 0x2f, 0x32};
  2091. /* "spdy/3" */
  2092. char spdy3[] = {0x73, 0x70, 0x64, 0x79, 0x2f, 0x33};
  2093. char buff[256];
  2094. word32 idx;
  2095. WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
  2096. WOLFSSL *ssl = wolfSSL_new(ctx);
  2097. AssertNotNull(ctx);
  2098. AssertNotNull(ssl);
  2099. /* error cases */
  2100. AssertIntNE(WOLFSSL_SUCCESS,
  2101. wolfSSL_UseALPN(NULL, http1, sizeof(http1),
  2102. WOLFSSL_ALPN_FAILED_ON_MISMATCH));
  2103. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, NULL, 0,
  2104. WOLFSSL_ALPN_FAILED_ON_MISMATCH));
  2105. /* success case */
  2106. /* http1 only */
  2107. AssertIntEQ(WOLFSSL_SUCCESS,
  2108. wolfSSL_UseALPN(ssl, http1, sizeof(http1),
  2109. WOLFSSL_ALPN_FAILED_ON_MISMATCH));
  2110. /* http1, spdy1 */
  2111. XMEMCPY(buff, http1, sizeof(http1));
  2112. idx = sizeof(http1);
  2113. buff[idx++] = ',';
  2114. XMEMCPY(buff+idx, spdy1, sizeof(spdy1));
  2115. idx += sizeof(spdy1);
  2116. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, buff, idx,
  2117. WOLFSSL_ALPN_FAILED_ON_MISMATCH));
  2118. /* http1, spdy2, spdy1 */
  2119. XMEMCPY(buff, http1, sizeof(http1));
  2120. idx = sizeof(http1);
  2121. buff[idx++] = ',';
  2122. XMEMCPY(buff+idx, spdy2, sizeof(spdy2));
  2123. idx += sizeof(spdy2);
  2124. buff[idx++] = ',';
  2125. XMEMCPY(buff+idx, spdy1, sizeof(spdy1));
  2126. idx += sizeof(spdy1);
  2127. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, buff, idx,
  2128. WOLFSSL_ALPN_FAILED_ON_MISMATCH));
  2129. /* spdy3, http1, spdy2, spdy1 */
  2130. XMEMCPY(buff, spdy3, sizeof(spdy3));
  2131. idx = sizeof(spdy3);
  2132. buff[idx++] = ',';
  2133. XMEMCPY(buff+idx, http1, sizeof(http1));
  2134. idx += sizeof(http1);
  2135. buff[idx++] = ',';
  2136. XMEMCPY(buff+idx, spdy2, sizeof(spdy2));
  2137. idx += sizeof(spdy2);
  2138. buff[idx++] = ',';
  2139. XMEMCPY(buff+idx, spdy1, sizeof(spdy1));
  2140. idx += sizeof(spdy1);
  2141. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, buff, idx,
  2142. WOLFSSL_ALPN_CONTINUE_ON_MISMATCH));
  2143. wolfSSL_free(ssl);
  2144. wolfSSL_CTX_free(ctx);
  2145. #endif
  2146. }
  2147. #endif /* HAVE_ALPN */
  2148. static void test_wolfSSL_UseALPN(void)
  2149. {
  2150. #ifdef HAVE_ALPN
  2151. test_wolfSSL_UseALPN_connection();
  2152. test_wolfSSL_UseALPN_params();
  2153. #endif
  2154. }
  2155. static void test_wolfSSL_DisableExtendedMasterSecret(void)
  2156. {
  2157. #if defined(HAVE_EXTENDED_MASTER) && !defined(NO_WOLFSSL_CLIENT)
  2158. WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
  2159. WOLFSSL *ssl = wolfSSL_new(ctx);
  2160. AssertNotNull(ctx);
  2161. AssertNotNull(ssl);
  2162. /* error cases */
  2163. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_DisableExtendedMasterSecret(NULL));
  2164. AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_DisableExtendedMasterSecret(NULL));
  2165. /* success cases */
  2166. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_DisableExtendedMasterSecret(ctx));
  2167. AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_DisableExtendedMasterSecret(ssl));
  2168. wolfSSL_free(ssl);
  2169. wolfSSL_CTX_free(ctx);
  2170. #endif
  2171. }
  2172. /*----------------------------------------------------------------------------*
  2173. | X509 Tests
  2174. *----------------------------------------------------------------------------*/
  2175. static void test_wolfSSL_X509_NAME_get_entry(void)
  2176. {
  2177. #if !defined(NO_CERTS) && !defined(NO_RSA)
  2178. #if defined(OPENSSL_ALL) || \
  2179. (defined(OPENSSL_EXTRA) && \
  2180. (defined(KEEP_PEER_CERT) || defined(SESSION_CERTS)))
  2181. printf(testingFmt, "wolfSSL_X509_NAME_get_entry()");
  2182. {
  2183. /* use openssl like name to test mapping */
  2184. X509_NAME_ENTRY* ne = NULL;
  2185. X509_NAME* name = NULL;
  2186. char* subCN = NULL;
  2187. X509* x509;
  2188. ASN1_STRING* asn;
  2189. int idx;
  2190. #ifndef NO_FILESYSTEM
  2191. x509 = wolfSSL_X509_load_certificate_file(cliCertFile, WOLFSSL_FILETYPE_PEM);
  2192. AssertNotNull(x509);
  2193. name = X509_get_subject_name(x509);
  2194. idx = X509_NAME_get_index_by_NID(name, NID_commonName, -1);
  2195. AssertIntGE(idx, 0);
  2196. ne = X509_NAME_get_entry(name, idx);
  2197. AssertNotNull(ne);
  2198. asn = X509_NAME_ENTRY_get_data(ne);
  2199. AssertNotNull(asn);
  2200. subCN = (char*)ASN1_STRING_data(asn);
  2201. AssertNotNull(subCN);
  2202. wolfSSL_FreeX509(x509);
  2203. #endif
  2204. }
  2205. printf(resultFmt, passed);
  2206. #endif /* OPENSSL_ALL || (OPENSSL_EXTRA && (KEEP_PEER_CERT || SESSION_CERTS) */
  2207. #endif /* !NO_CERTS && !NO_RSA */
  2208. }
  2209. /* Testing functions dealing with PKCS12 parsing out X509 certs */
  2210. static void test_wolfSSL_PKCS12(void)
  2211. {
  2212. /* .p12 file is encrypted with DES3 */
  2213. #if defined(OPENSSL_EXTRA) && !defined(NO_DES3) && !defined(NO_FILESYSTEM) && \
  2214. !defined(NO_ASN) && !defined(NO_PWDBASED) && !defined(NO_RSA)
  2215. byte buffer[5300];
  2216. char file[] = "./certs/test-servercert.p12";
  2217. char order[] = "./certs/ecc-rsa-server.p12";
  2218. char pass[] = "a password";
  2219. WOLFSSL_X509_NAME* subject;
  2220. FILE *f;
  2221. int bytes, ret;
  2222. WOLFSSL_BIO *bio;
  2223. WOLFSSL_EVP_PKEY *pkey;
  2224. WC_PKCS12 *pkcs12;
  2225. WC_PKCS12 *pkcs12_2;
  2226. WOLFSSL_X509 *cert;
  2227. WOLFSSL_X509 *x509;
  2228. WOLFSSL_X509 *tmp;
  2229. WOLF_STACK_OF(WOLFSSL_X509) *ca;
  2230. printf(testingFmt, "wolfSSL_PKCS12()");
  2231. f = fopen(file, "rb");
  2232. AssertNotNull(f);
  2233. bytes = (int)fread(buffer, 1, sizeof(buffer), f);
  2234. fclose(f);
  2235. bio = BIO_new_mem_buf((void*)buffer, bytes);
  2236. AssertNotNull(bio);
  2237. pkcs12 = d2i_PKCS12_bio(bio, NULL);
  2238. AssertNotNull(pkcs12);
  2239. PKCS12_free(pkcs12);
  2240. d2i_PKCS12_bio(bio, &pkcs12);
  2241. AssertNotNull(pkcs12);
  2242. /* check verify MAC fail case */
  2243. ret = PKCS12_parse(pkcs12, "bad", &pkey, &cert, NULL);
  2244. AssertIntEQ(ret, 0);
  2245. AssertNull(pkey);
  2246. AssertNull(cert);
  2247. /* check parse with no extra certs kept */
  2248. ret = PKCS12_parse(pkcs12, "wolfSSL test", &pkey, &cert, NULL);
  2249. AssertIntEQ(ret, 1);
  2250. AssertNotNull(pkey);
  2251. AssertNotNull(cert);
  2252. wolfSSL_EVP_PKEY_free(pkey);
  2253. wolfSSL_X509_free(cert);
  2254. /* check parse with extra certs kept */
  2255. ret = PKCS12_parse(pkcs12, "wolfSSL test", &pkey, &cert, &ca);
  2256. AssertIntEQ(ret, 1);
  2257. AssertNotNull(pkey);
  2258. AssertNotNull(cert);
  2259. AssertNotNull(ca);
  2260. /* should be 2 other certs on stack */
  2261. tmp = sk_X509_pop(ca);
  2262. AssertNotNull(tmp);
  2263. X509_free(tmp);
  2264. tmp = sk_X509_pop(ca);
  2265. AssertNotNull(tmp);
  2266. X509_free(tmp);
  2267. AssertNull(sk_X509_pop(ca));
  2268. EVP_PKEY_free(pkey);
  2269. X509_free(cert);
  2270. sk_X509_pop_free(ca, X509_free);
  2271. /* check PKCS12_create */
  2272. AssertNull(PKCS12_create(pass, NULL, NULL, NULL, NULL, -1, -1, -1, -1,0));
  2273. AssertIntEQ(PKCS12_parse(pkcs12, "wolfSSL test", &pkey, &cert, &ca),
  2274. SSL_SUCCESS);
  2275. AssertNotNull((pkcs12_2 = PKCS12_create(pass, NULL, pkey, cert, ca,
  2276. -1, -1, 100, -1, 0)));
  2277. EVP_PKEY_free(pkey);
  2278. X509_free(cert);
  2279. sk_X509_free(ca);
  2280. AssertIntEQ(PKCS12_parse(pkcs12_2, "a password", &pkey, &cert, &ca),
  2281. SSL_SUCCESS);
  2282. PKCS12_free(pkcs12_2);
  2283. AssertNotNull((pkcs12_2 = PKCS12_create(pass, NULL, pkey, cert, ca,
  2284. NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
  2285. NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
  2286. 2000, 1, 0)));
  2287. EVP_PKEY_free(pkey);
  2288. X509_free(cert);
  2289. sk_X509_free(ca);
  2290. AssertIntEQ(PKCS12_parse(pkcs12_2, "a password", &pkey, &cert, &ca),
  2291. SSL_SUCCESS);
  2292. /* should be 2 other certs on stack */
  2293. tmp = sk_X509_pop(ca);
  2294. AssertNotNull(tmp);
  2295. X509_free(tmp);
  2296. tmp = sk_X509_pop(ca);
  2297. AssertNotNull(tmp);
  2298. X509_free(tmp);
  2299. AssertNull(sk_X509_pop(ca));
  2300. #ifndef NO_RC4
  2301. PKCS12_free(pkcs12_2);
  2302. AssertNotNull((pkcs12_2 = PKCS12_create(pass, NULL, pkey, cert, NULL,
  2303. NID_pbe_WithSHA1And128BitRC4,
  2304. NID_pbe_WithSHA1And128BitRC4,
  2305. 2000, 1, 0)));
  2306. EVP_PKEY_free(pkey);
  2307. X509_free(cert);
  2308. sk_X509_free(ca);
  2309. AssertIntEQ(PKCS12_parse(pkcs12_2, "a password", &pkey, &cert, &ca),
  2310. SSL_SUCCESS);
  2311. #endif /* NO_RC4 */
  2312. EVP_PKEY_free(pkey);
  2313. X509_free(cert);
  2314. BIO_free(bio);
  2315. PKCS12_free(pkcs12);
  2316. PKCS12_free(pkcs12_2);
  2317. sk_X509_free(ca);
  2318. #ifdef HAVE_ECC
  2319. /* test order of parsing */
  2320. f = fopen(order, "rb");
  2321. AssertNotNull(f);
  2322. bytes = (int)fread(buffer, 1, sizeof(buffer), f);
  2323. fclose(f);
  2324. AssertNotNull(bio = BIO_new_mem_buf((void*)buffer, bytes));
  2325. AssertNotNull(pkcs12 = d2i_PKCS12_bio(bio, NULL));
  2326. AssertIntEQ((ret = PKCS12_parse(pkcs12, "", &pkey, &cert, &ca)),
  2327. WOLFSSL_SUCCESS);
  2328. AssertNotNull(pkey);
  2329. AssertNotNull(cert);
  2330. AssertNotNull(ca);
  2331. /* compare subject lines of certificates */
  2332. AssertNotNull(subject = wolfSSL_X509_get_subject_name(cert));
  2333. AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(eccRsaCertFile,
  2334. SSL_FILETYPE_PEM));
  2335. AssertIntEQ(wolfSSL_X509_NAME_cmp((const WOLFSSL_X509_NAME*)subject,
  2336. (const WOLFSSL_X509_NAME*)wolfSSL_X509_get_subject_name(x509)), 0);
  2337. X509_free(x509);
  2338. /* test expected fail case */
  2339. AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(eccCertFile,
  2340. SSL_FILETYPE_PEM));
  2341. AssertIntNE(wolfSSL_X509_NAME_cmp((const WOLFSSL_X509_NAME*)subject,
  2342. (const WOLFSSL_X509_NAME*)wolfSSL_X509_get_subject_name(x509)), 0);
  2343. X509_free(x509);
  2344. X509_free(cert);
  2345. /* get subject line from ca stack */
  2346. AssertNotNull(cert = sk_X509_pop(ca));
  2347. AssertNotNull(subject = wolfSSL_X509_get_subject_name(cert));
  2348. /* compare subject from certificate in ca to expected */
  2349. AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(eccCertFile,
  2350. SSL_FILETYPE_PEM));
  2351. AssertIntEQ(wolfSSL_X509_NAME_cmp((const WOLFSSL_X509_NAME*)subject,
  2352. (const WOLFSSL_X509_NAME*)wolfSSL_X509_get_subject_name(x509)), 0);
  2353. EVP_PKEY_free(pkey);
  2354. X509_free(x509);
  2355. X509_free(cert);
  2356. BIO_free(bio);
  2357. PKCS12_free(pkcs12);
  2358. sk_X509_free(ca);
  2359. #endif /* HAVE_ECC */
  2360. (void)x509;
  2361. (void)subject;
  2362. (void)order;
  2363. printf(resultFmt, passed);
  2364. #endif /* OPENSSL_EXTRA */
  2365. }
  2366. #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
  2367. !defined(NO_DES3) && !defined(NO_FILESYSTEM) && \
  2368. !defined(NO_ASN) && !defined(NO_PWDBASED) && !defined(NO_RSA)
  2369. /* for PKCS8 test case */
  2370. static INLINE int PKCS8TestCallBack(char* passwd, int sz, int rw, void* userdata)
  2371. {
  2372. int flag = 0;
  2373. (void)rw;
  2374. if (userdata != NULL) {
  2375. flag = *((int*)userdata); /* user set data */
  2376. }
  2377. switch (flag) {
  2378. case 1: /* flag set for specific WOLFSSL_CTX structure, note userdata
  2379. * can be anything the user wishes to be passed to the callback
  2380. * associated with the WOLFSSL_CTX */
  2381. strncpy(passwd, "yassl123", sz);
  2382. return 8;
  2383. default:
  2384. return BAD_FUNC_ARG;
  2385. }
  2386. }
  2387. #endif
  2388. /* Testing functions dealing with PKCS8 */
  2389. static void test_wolfSSL_PKCS8(void)
  2390. {
  2391. #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
  2392. !defined(NO_DES3) && !defined(NO_FILESYSTEM) && \
  2393. !defined(NO_ASN) && !defined(NO_PWDBASED) && !defined(NO_RSA) && \
  2394. defined(WOLFSSL_ENCRYPTED_KEYS)
  2395. byte buffer[FOURK_BUF];
  2396. byte der[FOURK_BUF];
  2397. char file[] = "./certs/server-keyPkcs8Enc.pem";
  2398. FILE *f;
  2399. int flag = 1;
  2400. int bytes;
  2401. WOLFSSL_CTX* ctx;
  2402. printf(testingFmt, "wolfSSL_PKCS8()");
  2403. f = fopen(file, "rb");
  2404. AssertNotNull(f);
  2405. bytes = (int)fread(buffer, 1, sizeof(buffer), f);
  2406. fclose(f);
  2407. /* Note that wolfSSL_Init() or wolfCrypt_Init() has been called before these
  2408. * function calls */
  2409. AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()));
  2410. wolfSSL_CTX_set_default_passwd_cb(ctx, &PKCS8TestCallBack);
  2411. wolfSSL_CTX_set_default_passwd_cb_userdata(ctx, (void*)&flag);
  2412. AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buffer, bytes,
  2413. SSL_FILETYPE_PEM), SSL_SUCCESS);
  2414. /* this next case should fail if setting the user flag to a value other
  2415. * than 1 due to the password callback functions return value */
  2416. flag = 0;
  2417. wolfSSL_CTX_set_default_passwd_cb_userdata(ctx, (void*)&flag);
  2418. AssertIntNE(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buffer, bytes,
  2419. SSL_FILETYPE_PEM), SSL_SUCCESS);
  2420. wolfSSL_CTX_free(ctx);
  2421. /* decrypt PKCS8 PEM to key in DER format with not using WOLFSSL_CTX */
  2422. AssertIntGT(wc_KeyPemToDer(buffer, bytes, der, FOURK_BUF, "yassl123"),
  2423. 0);
  2424. /* test that error value is returned with a bad password */
  2425. AssertIntLT(wc_KeyPemToDer(buffer, bytes, der, FOURK_BUF, "bad"), 0);
  2426. printf(resultFmt, passed);
  2427. #endif /* OPENSSL_EXTRA */
  2428. }
  2429. /* Testing functions dealing with PKCS5 */
  2430. static void test_wolfSSL_PKCS5(void)
  2431. {
  2432. #if defined(OPENSSL_EXTRA) && !defined(NO_SHA) && !defined(NO_PWDBASED)
  2433. const char *passwd = "pass1234";
  2434. const unsigned char *salt = (unsigned char *)"salt1234";
  2435. unsigned char *out = (unsigned char *)XMALLOC(WC_SHA_DIGEST_SIZE, NULL,
  2436. DYNAMIC_TYPE_TMP_BUFFER);
  2437. int ret = 0;
  2438. AssertNotNull(out);
  2439. ret = PKCS5_PBKDF2_HMAC_SHA1(passwd,(int)XSTRLEN(passwd), salt,
  2440. (int)XSTRLEN((const char *) salt), 10,
  2441. WC_SHA_DIGEST_SIZE,out);
  2442. AssertIntEQ(ret, SSL_SUCCESS);
  2443. XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  2444. #endif /* defined(OPENSSL_EXTRA) && !defined(NO_SHA) */
  2445. }
  2446. /* Testing function wolfSSL_CTX_SetMinVersion; sets the minimum downgrade
  2447. * version allowed.
  2448. * POST: 1 on success.
  2449. */
  2450. static int test_wolfSSL_CTX_SetMinVersion(void)
  2451. {
  2452. int failFlag = WOLFSSL_SUCCESS;
  2453. #ifndef NO_WOLFSSL_CLIENT
  2454. WOLFSSL_CTX* ctx;
  2455. int itr;
  2456. #ifndef NO_OLD_TLS
  2457. const int versions[] = { WOLFSSL_TLSV1, WOLFSSL_TLSV1_1,
  2458. WOLFSSL_TLSV1_2 };
  2459. #else
  2460. const int versions[] = { WOLFSSL_TLSV1_2 };
  2461. #endif
  2462. failFlag = WOLFSSL_SUCCESS;
  2463. AssertTrue(wolfSSL_Init());
  2464. ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
  2465. printf(testingFmt, "wolfSSL_CTX_SetMinVersion()");
  2466. for (itr = 0; itr < (int)(sizeof(versions)/sizeof(int)); itr++){
  2467. if(wolfSSL_CTX_SetMinVersion(ctx, *(versions + itr)) != WOLFSSL_SUCCESS){
  2468. failFlag = WOLFSSL_FAILURE;
  2469. }
  2470. }
  2471. printf(resultFmt, failFlag == WOLFSSL_SUCCESS ? passed : failed);
  2472. wolfSSL_CTX_free(ctx);
  2473. AssertTrue(wolfSSL_Cleanup());
  2474. #endif
  2475. return failFlag;
  2476. } /* END test_wolfSSL_CTX_SetMinVersion */
  2477. /*----------------------------------------------------------------------------*
  2478. | OCSP Stapling
  2479. *----------------------------------------------------------------------------*/
  2480. /* Testing wolfSSL_UseOCSPStapling function. OCSP stapling eliminates the need
  2481. * need to contact the CA, lowering the cost of cert revocation checking.
  2482. * PRE: HAVE_OCSP and HAVE_CERTIFICATE_STATUS_REQUEST
  2483. * POST: 1 returned for success.
  2484. */
  2485. static int test_wolfSSL_UseOCSPStapling(void)
  2486. {
  2487. #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) && defined(HAVE_OCSP) && \
  2488. !defined(NO_WOLFSSL_CLIENT)
  2489. int ret;
  2490. WOLFSSL_CTX* ctx;
  2491. WOLFSSL* ssl;
  2492. wolfSSL_Init();
  2493. ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
  2494. ssl = wolfSSL_new(ctx);
  2495. printf(testingFmt, "wolfSSL_UseOCSPStapling()");
  2496. ret = wolfSSL_UseOCSPStapling(ssl, WOLFSSL_CSR2_OCSP,
  2497. WOLFSSL_CSR2_OCSP_USE_NONCE);
  2498. printf(resultFmt, ret == WOLFSSL_SUCCESS ? passed : failed);
  2499. wolfSSL_free(ssl);
  2500. wolfSSL_CTX_free(ctx);
  2501. if(ret != WOLFSSL_SUCCESS){
  2502. wolfSSL_Cleanup();
  2503. return WOLFSSL_FAILURE;
  2504. }
  2505. return wolfSSL_Cleanup();
  2506. #else
  2507. return WOLFSSL_SUCCESS;
  2508. #endif
  2509. } /*END test_wolfSSL_UseOCSPStapling */
  2510. /* Testing OCSP stapling version 2, wolfSSL_UseOCSPStaplingV2 funciton. OCSP
  2511. * stapling eliminates the need ot contact the CA and lowers cert revocation
  2512. * check.
  2513. * PRE: HAVE_CERTIFICATE_STATUS_REQUEST_V2 and HAVE_OCSP defined.
  2514. */
  2515. static int test_wolfSSL_UseOCSPStaplingV2 (void)
  2516. {
  2517. #if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) && defined(HAVE_OCSP) && \
  2518. !defined(NO_WOLFSSL_CLIENT)
  2519. int ret;
  2520. WOLFSSL_CTX* ctx;
  2521. WOLFSSL* ssl;
  2522. wolfSSL_Init();
  2523. ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
  2524. ssl = wolfSSL_new(ctx);
  2525. printf(testingFmt, "wolfSSL_UseOCSPStaplingV2()");
  2526. ret = wolfSSL_UseOCSPStaplingV2(ssl, WOLFSSL_CSR2_OCSP,
  2527. WOLFSSL_CSR2_OCSP_USE_NONCE );
  2528. printf(resultFmt, ret == WOLFSSL_SUCCESS ? passed : failed);
  2529. wolfSSL_free(ssl);
  2530. wolfSSL_CTX_free(ctx);
  2531. if (ret != WOLFSSL_SUCCESS){
  2532. wolfSSL_Cleanup();
  2533. return WOLFSSL_FAILURE;
  2534. }
  2535. return wolfSSL_Cleanup();
  2536. #else
  2537. return WOLFSSL_SUCCESS;
  2538. #endif
  2539. } /*END test_wolfSSL_UseOCSPStaplingV2*/
  2540. /*----------------------------------------------------------------------------*
  2541. | Multicast Tests
  2542. *----------------------------------------------------------------------------*/
  2543. static void test_wolfSSL_mcast(void)
  2544. {
  2545. #if defined(WOLFSSL_DTLS) && defined(WOLFSSL_MULTICAST)
  2546. WOLFSSL_CTX* ctx;
  2547. WOLFSSL* ssl;
  2548. int result;
  2549. byte preMasterSecret[512];
  2550. byte clientRandom[32];
  2551. byte serverRandom[32];
  2552. byte suite[2] = {0, 0xfe}; /* WDM_WITH_NULL_SHA256 */
  2553. byte buf[256];
  2554. word16 newId;
  2555. ctx = wolfSSL_CTX_new(wolfDTLSv1_2_client_method());
  2556. AssertNotNull(ctx);
  2557. result = wolfSSL_CTX_mcast_set_member_id(ctx, 0);
  2558. AssertIntEQ(result, WOLFSSL_SUCCESS);
  2559. ssl = wolfSSL_new(ctx);
  2560. AssertNotNull(ssl);
  2561. XMEMSET(preMasterSecret, 0x23, sizeof(preMasterSecret));
  2562. XMEMSET(clientRandom, 0xA5, sizeof(clientRandom));
  2563. XMEMSET(serverRandom, 0x5A, sizeof(serverRandom));
  2564. result = wolfSSL_set_secret(ssl, 23,
  2565. preMasterSecret, sizeof(preMasterSecret),
  2566. clientRandom, serverRandom, suite);
  2567. AssertIntEQ(result, WOLFSSL_SUCCESS);
  2568. result = wolfSSL_mcast_read(ssl, &newId, buf, sizeof(buf));
  2569. AssertIntLE(result, 0);
  2570. AssertIntLE(newId, 100);
  2571. wolfSSL_free(ssl);
  2572. wolfSSL_CTX_free(ctx);
  2573. #endif /* WOLFSSL_DTLS && WOLFSSL_MULTICAST */
  2574. }
  2575. /*----------------------------------------------------------------------------*
  2576. | Wolfcrypt
  2577. *----------------------------------------------------------------------------*/
  2578. /*
  2579. * Unit test for the wc_InitMd5()
  2580. */
  2581. static int test_wc_InitMd5 (void)
  2582. {
  2583. int flag = 0;
  2584. #ifndef NO_MD5
  2585. wc_Md5 md5;
  2586. int ret;
  2587. printf(testingFmt, "wc_InitMd5()");
  2588. /* Test good arg. */
  2589. ret = wc_InitMd5(&md5);
  2590. if (ret != 0) {
  2591. flag = WOLFSSL_FATAL_ERROR;
  2592. }
  2593. /* Test bad arg. */
  2594. if (!flag) {
  2595. ret = wc_InitMd5(NULL);
  2596. if (ret != BAD_FUNC_ARG) {
  2597. flag = WOLFSSL_FATAL_ERROR;
  2598. }
  2599. }
  2600. wc_Md5Free(&md5);
  2601. printf(resultFmt, flag == 0 ? passed : failed);
  2602. #endif
  2603. return flag;
  2604. } /* END test_wc_InitMd5 */
  2605. /*
  2606. * Testing wc_UpdateMd5()
  2607. */
  2608. static int test_wc_Md5Update (void)
  2609. {
  2610. int flag = 0;
  2611. #ifndef NO_MD5
  2612. wc_Md5 md5;
  2613. byte hash[WC_MD5_DIGEST_SIZE];
  2614. testVector a, b, c;
  2615. int ret;
  2616. ret = wc_InitMd5(&md5);
  2617. if (ret != 0) {
  2618. flag = ret;
  2619. }
  2620. printf(testingFmt, "wc_Md5Update()");
  2621. /* Input */
  2622. if (!flag) {
  2623. a.input = "a";
  2624. a.inLen = XSTRLEN(a.input);
  2625. }
  2626. if (!flag){
  2627. ret = wc_Md5Update(&md5, (byte*)a.input, (word32)a.inLen);
  2628. if (ret != 0) {
  2629. flag = ret;
  2630. }
  2631. }
  2632. if (!flag) {
  2633. ret = wc_Md5Final(&md5, hash);
  2634. if (ret != 0) {
  2635. flag = ret;
  2636. }
  2637. }
  2638. /* Update input. */
  2639. if (!flag) {
  2640. a.input = "abc";
  2641. a.output = "\x90\x01\x50\x98\x3c\xd2\x4f\xb0\xd6\x96\x3f\x7d\x28\xe1\x7f"
  2642. "\x72";
  2643. a.inLen = XSTRLEN(a.input);
  2644. a.outLen = XSTRLEN(a.output);
  2645. ret = wc_Md5Update(&md5, (byte*) a.input, (word32) a.inLen);
  2646. if (ret != 0) {
  2647. flag = ret;
  2648. }
  2649. }
  2650. if (!flag) {
  2651. ret = wc_Md5Final(&md5, hash);
  2652. if (ret != 0) {
  2653. flag = ret;
  2654. }
  2655. }
  2656. if (!flag) {
  2657. if (XMEMCMP(hash, a.output, WC_MD5_DIGEST_SIZE) != 0) {
  2658. flag = WOLFSSL_FATAL_ERROR;
  2659. }
  2660. }
  2661. /*Pass in bad values. */
  2662. if (!flag) {
  2663. b.input = NULL;
  2664. b.inLen = 0;
  2665. ret = wc_Md5Update(&md5, (byte*)b.input, (word32)b.inLen);
  2666. if (ret != 0) {
  2667. flag = ret;
  2668. }
  2669. }
  2670. if (!flag) {
  2671. c.input = NULL;
  2672. c.inLen = WC_MD5_DIGEST_SIZE;
  2673. ret = wc_Md5Update(&md5, (byte*)c.input, (word32)c.inLen);
  2674. if (ret != BAD_FUNC_ARG) {
  2675. flag = WOLFSSL_FATAL_ERROR;
  2676. }
  2677. }
  2678. if (!flag) {
  2679. ret = wc_Md5Update(NULL, (byte*)a.input, (word32)a.inLen);
  2680. if (ret != BAD_FUNC_ARG) {
  2681. flag = WOLFSSL_FATAL_ERROR;
  2682. }
  2683. }
  2684. wc_Md5Free(&md5);
  2685. printf(resultFmt, flag == 0 ? passed : failed);
  2686. #endif
  2687. return flag;
  2688. } /* END test_wc_Md5Update() */
  2689. /*
  2690. * Unit test on wc_Md5Final() in wolfcrypt/src/md5.c
  2691. */
  2692. static int test_wc_Md5Final (void)
  2693. {
  2694. int flag = 0;
  2695. #ifndef NO_MD5
  2696. /* Instantiate */
  2697. wc_Md5 md5;
  2698. byte* hash_test[3];
  2699. byte hash1[WC_MD5_DIGEST_SIZE];
  2700. byte hash2[2*WC_MD5_DIGEST_SIZE];
  2701. byte hash3[5*WC_MD5_DIGEST_SIZE];
  2702. int times, i, ret;
  2703. /* Initialize */
  2704. ret = wc_InitMd5(&md5);
  2705. if (ret != 0) {
  2706. flag = ret;
  2707. }
  2708. if (!flag) {
  2709. hash_test[0] = hash1;
  2710. hash_test[1] = hash2;
  2711. hash_test[2] = hash3;
  2712. }
  2713. times = sizeof(hash_test)/sizeof(byte*);
  2714. /* Test good args. */
  2715. printf(testingFmt, "wc_Md5Final()");
  2716. for (i = 0; i < times; i++) {
  2717. if (!flag) {
  2718. ret = wc_Md5Final(&md5, hash_test[i]);
  2719. if (ret != 0) {
  2720. flag = WOLFSSL_FATAL_ERROR;
  2721. }
  2722. }
  2723. }
  2724. /* Test bad args. */
  2725. if (!flag) {
  2726. ret = wc_Md5Final(NULL, NULL);
  2727. if (ret != BAD_FUNC_ARG) {
  2728. flag = WOLFSSL_FATAL_ERROR;
  2729. }
  2730. }
  2731. if (!flag) {
  2732. ret = wc_Md5Final(NULL, hash1);
  2733. if (ret != BAD_FUNC_ARG) {
  2734. flag = WOLFSSL_FATAL_ERROR;
  2735. }
  2736. }
  2737. if (!flag) {
  2738. ret = wc_Md5Final(&md5, NULL);
  2739. if (ret != BAD_FUNC_ARG) {
  2740. flag = WOLFSSL_FATAL_ERROR;
  2741. }
  2742. }
  2743. wc_Md5Free(&md5);
  2744. printf(resultFmt, flag == 0 ? passed : failed);
  2745. #endif
  2746. return flag;
  2747. }
  2748. /*
  2749. * Unit test for the wc_InitSha()
  2750. */
  2751. static int test_wc_InitSha(void)
  2752. {
  2753. int flag = 0;
  2754. #ifndef NO_SHA
  2755. wc_Sha sha;
  2756. int ret;
  2757. printf(testingFmt, "wc_InitSha()");
  2758. /* Test good arg. */
  2759. ret = wc_InitSha(&sha);
  2760. if (ret != 0) {
  2761. flag = WOLFSSL_FATAL_ERROR;
  2762. }
  2763. /* Test bad arg. */
  2764. if (!flag) {
  2765. ret = wc_InitSha(NULL);
  2766. if (ret != BAD_FUNC_ARG) {
  2767. flag = WOLFSSL_FATAL_ERROR;
  2768. }
  2769. }
  2770. wc_ShaFree(&sha);
  2771. printf(resultFmt, flag == 0 ? passed : failed);
  2772. #endif
  2773. return flag;
  2774. } /* END test_wc_InitSha */
  2775. /*
  2776. * Tesing wc_ShaUpdate()
  2777. */
  2778. static int test_wc_ShaUpdate (void)
  2779. {
  2780. int flag = 0;
  2781. #ifndef NO_SHA
  2782. wc_Sha sha;
  2783. byte hash[WC_SHA_DIGEST_SIZE];
  2784. testVector a, b, c;
  2785. int ret;
  2786. ret = wc_InitSha(&sha);
  2787. if (ret != 0) {
  2788. flag = ret;
  2789. }
  2790. printf(testingFmt, "wc_ShaUpdate()");
  2791. /* Input. */
  2792. if (!flag) {
  2793. a.input = "a";
  2794. a.inLen = XSTRLEN(a.input);
  2795. }
  2796. if (!flag) {
  2797. ret = wc_ShaUpdate(&sha, (byte*)a.input, (word32)a.inLen);
  2798. if (ret != 0) {
  2799. flag = ret;
  2800. }
  2801. }
  2802. if (!flag) {
  2803. ret = wc_ShaFinal(&sha, hash);
  2804. if (ret != 0) {
  2805. flag = ret;
  2806. }
  2807. }
  2808. /* Update input. */
  2809. if (!flag) {
  2810. a.input = "abc";
  2811. a.output = "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2"
  2812. "\x6C\x9C\xD0\xD8\x9D";
  2813. a.inLen = XSTRLEN(a.input);
  2814. a.outLen = XSTRLEN(a.output);
  2815. ret = wc_ShaUpdate(&sha, (byte*)a.input, (word32)a.inLen);
  2816. if (ret != 0) {
  2817. flag = ret;
  2818. }
  2819. }
  2820. if (!flag) {
  2821. ret = wc_ShaFinal(&sha, hash);
  2822. if (ret !=0) {
  2823. flag = ret;
  2824. }
  2825. }
  2826. if (!flag) {
  2827. if (XMEMCMP(hash, a.output, WC_SHA_DIGEST_SIZE) != 0) {
  2828. flag = WOLFSSL_FATAL_ERROR;
  2829. }
  2830. }
  2831. /* Try passing in bad values. */
  2832. if (!flag) {
  2833. b.input = NULL;
  2834. b.inLen = 0;
  2835. ret = wc_ShaUpdate(&sha, (byte*)b.input, (word32)b.inLen);
  2836. if (ret != 0) {
  2837. flag = ret;
  2838. }
  2839. }
  2840. if (!flag) {
  2841. c.input = NULL;
  2842. c.inLen = WC_SHA_DIGEST_SIZE;
  2843. ret = wc_ShaUpdate(&sha, (byte*)c.input, (word32)c.inLen);
  2844. if (ret != BAD_FUNC_ARG) {
  2845. flag = WOLFSSL_FATAL_ERROR;
  2846. }
  2847. }
  2848. if (!flag) {
  2849. ret = wc_ShaUpdate(NULL, (byte*)a.input, (word32)a.inLen);
  2850. if (ret != BAD_FUNC_ARG) {
  2851. flag = WOLFSSL_FATAL_ERROR;
  2852. }
  2853. }
  2854. wc_ShaFree(&sha);
  2855. /* If not returned then the unit test passed test vectors. */
  2856. printf(resultFmt, flag == 0 ? passed : failed);
  2857. #endif
  2858. return flag;
  2859. } /* END test_wc_ShaUpdate() */
  2860. /*
  2861. * Unit test on wc_ShaFinal
  2862. */
  2863. static int test_wc_ShaFinal (void)
  2864. {
  2865. int flag = 0;
  2866. #ifndef NO_SHA
  2867. wc_Sha sha;
  2868. byte* hash_test[3];
  2869. byte hash1[WC_SHA_DIGEST_SIZE];
  2870. byte hash2[2*WC_SHA_DIGEST_SIZE];
  2871. byte hash3[5*WC_SHA_DIGEST_SIZE];
  2872. int times, i, ret;
  2873. /*Initialize*/
  2874. ret = wc_InitSha(&sha);
  2875. if (ret) {
  2876. flag = ret;
  2877. }
  2878. if (!flag) {
  2879. hash_test[0] = hash1;
  2880. hash_test[1] = hash2;
  2881. hash_test[2] = hash3;
  2882. }
  2883. times = sizeof(hash_test)/sizeof(byte*);
  2884. /* Good test args. */
  2885. printf(testingFmt, "wc_ShaFinal()");
  2886. for (i = 0; i < times; i++) {
  2887. if (!flag) {
  2888. ret = wc_ShaFinal(&sha, hash_test[i]);
  2889. if (ret != 0) {
  2890. flag = WOLFSSL_FATAL_ERROR;
  2891. }
  2892. }
  2893. }
  2894. /* Test bad args. */
  2895. if (!flag) {
  2896. ret = wc_ShaFinal(NULL, NULL);
  2897. if (ret != BAD_FUNC_ARG) {
  2898. flag = WOLFSSL_FATAL_ERROR;
  2899. }
  2900. }
  2901. if (!flag) {
  2902. ret = wc_ShaFinal(NULL, hash1);
  2903. if (ret != BAD_FUNC_ARG) {
  2904. flag = WOLFSSL_FATAL_ERROR;
  2905. }
  2906. }
  2907. if (!flag) {
  2908. ret = wc_ShaFinal(&sha, NULL);
  2909. if (ret != BAD_FUNC_ARG) {
  2910. flag = WOLFSSL_FATAL_ERROR;
  2911. }
  2912. }
  2913. wc_ShaFree(&sha);
  2914. printf(resultFmt, flag == 0 ? passed : failed);
  2915. #endif
  2916. return flag;
  2917. } /* END test_wc_ShaFinal */
  2918. /*
  2919. * Unit test for wc_InitSha256()
  2920. */
  2921. static int test_wc_InitSha256 (void)
  2922. {
  2923. int flag = 0;
  2924. #ifndef NO_SHA256
  2925. wc_Sha256 sha256;
  2926. int ret;
  2927. printf(testingFmt, "wc_InitSha256()");
  2928. /* Test good arg. */
  2929. ret = wc_InitSha256(&sha256);
  2930. if (ret != 0) {
  2931. flag = WOLFSSL_FATAL_ERROR;
  2932. }
  2933. /* Test bad arg. */
  2934. if (!flag) {
  2935. ret = wc_InitSha256(NULL);
  2936. if (ret != BAD_FUNC_ARG) {
  2937. flag = WOLFSSL_FATAL_ERROR;
  2938. }
  2939. }
  2940. wc_Sha256Free(&sha256);
  2941. printf(resultFmt, flag == 0 ? passed : failed);
  2942. #endif
  2943. return flag;
  2944. } /* END test_wc_InitSha256 */
  2945. /*
  2946. * Unit test for wc_Sha256Update()
  2947. */
  2948. static int test_wc_Sha256Update (void)
  2949. {
  2950. int flag = 0;
  2951. #ifndef NO_SHA256
  2952. wc_Sha256 sha256;
  2953. byte hash[WC_SHA256_DIGEST_SIZE];
  2954. testVector a, b, c;
  2955. int ret;
  2956. ret = wc_InitSha256(&sha256);
  2957. if (ret != 0) {
  2958. flag = ret;
  2959. }
  2960. printf(testingFmt, "wc_Sha256Update()");
  2961. /* Input. */
  2962. if (!flag) {
  2963. a.input = "a";
  2964. a.inLen = XSTRLEN(a.input);
  2965. }
  2966. if (!flag) {
  2967. ret = wc_Sha256Update(&sha256, (byte*)a.input, (word32)a.inLen);
  2968. if (ret != 0) {
  2969. flag = ret;
  2970. }
  2971. }
  2972. if (!flag) {
  2973. ret = wc_Sha256Final(&sha256, hash);
  2974. if (ret != 0) {
  2975. flag = ret;
  2976. }
  2977. }
  2978. /* Update input. */
  2979. if (!flag) {
  2980. a.input = "abc";
  2981. a.output = "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22"
  2982. "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00"
  2983. "\x15\xAD";
  2984. a.inLen = XSTRLEN(a.input);
  2985. a.outLen = XSTRLEN(a.output);
  2986. ret = wc_Sha256Update(&sha256, (byte*)a.input, (word32)a.inLen);
  2987. if (ret != 0) {
  2988. flag = ret;
  2989. }
  2990. }
  2991. if (!flag) {
  2992. ret = wc_Sha256Final(&sha256, hash);
  2993. if (ret != 0) {
  2994. flag = ret;
  2995. }
  2996. }
  2997. if (!flag) {
  2998. if (XMEMCMP(hash, a.output, WC_SHA256_DIGEST_SIZE) != 0) {
  2999. flag = WOLFSSL_FATAL_ERROR;
  3000. }
  3001. }
  3002. /* Try passing in bad values */
  3003. if (!flag) {
  3004. b.input = NULL;
  3005. b.inLen = 0;
  3006. ret = wc_Sha256Update(&sha256, (byte*)b.input, (word32)b.inLen);
  3007. if (ret != 0) {
  3008. flag = ret;
  3009. }
  3010. }
  3011. if (!flag) {
  3012. c.input = NULL;
  3013. c.inLen = WC_SHA256_DIGEST_SIZE;
  3014. ret = wc_Sha256Update(&sha256, (byte*)c.input, (word32)c.inLen);
  3015. if (ret != BAD_FUNC_ARG) {
  3016. flag = WOLFSSL_FATAL_ERROR;
  3017. }
  3018. }
  3019. if (!flag) {
  3020. ret = wc_Sha256Update(NULL, (byte*)a.input, (word32)a.inLen);
  3021. if (ret != BAD_FUNC_ARG) {
  3022. flag = WOLFSSL_FATAL_ERROR;
  3023. }
  3024. }
  3025. wc_Sha256Free(&sha256);
  3026. /* If not returned then the unit test passed. */
  3027. printf(resultFmt, flag == 0 ? passed : failed);
  3028. #endif
  3029. return flag;
  3030. } /* END test_wc_Sha256Update */
  3031. /*
  3032. * Unit test function for wc_Sha256Final()
  3033. */
  3034. static int test_wc_Sha256Final (void)
  3035. {
  3036. int flag = 0;
  3037. #ifndef NO_SHA256
  3038. wc_Sha256 sha256;
  3039. byte* hash_test[3];
  3040. byte hash1[WC_SHA256_DIGEST_SIZE];
  3041. byte hash2[2*WC_SHA256_DIGEST_SIZE];
  3042. byte hash3[5*WC_SHA256_DIGEST_SIZE];
  3043. int times, i, ret;
  3044. /* Initialize */
  3045. ret = wc_InitSha256(&sha256);
  3046. if (ret != 0) {
  3047. flag = ret;
  3048. }
  3049. if (!flag) {
  3050. hash_test[0] = hash1;
  3051. hash_test[1] = hash2;
  3052. hash_test[2] = hash3;
  3053. }
  3054. times = sizeof(hash_test) / sizeof(byte*);
  3055. /* Good test args. */
  3056. printf(testingFmt, "wc_Sha256Final()");
  3057. for (i = 0; i < times; i++) {
  3058. if (!flag) {
  3059. ret = wc_Sha256Final(&sha256, hash_test[i]);
  3060. if (ret != 0) {
  3061. flag = WOLFSSL_FATAL_ERROR;
  3062. }
  3063. }
  3064. }
  3065. /* Test bad args. */
  3066. if (!flag ) {
  3067. ret = wc_Sha256Final(NULL, NULL);
  3068. if (ret != BAD_FUNC_ARG) {
  3069. flag = WOLFSSL_FATAL_ERROR;
  3070. }
  3071. }
  3072. if (!flag) {
  3073. ret = wc_Sha256Final(NULL, hash1);
  3074. if (ret != BAD_FUNC_ARG) {
  3075. flag = WOLFSSL_FATAL_ERROR;
  3076. }
  3077. }
  3078. if (!flag) {
  3079. ret = wc_Sha256Final(&sha256, NULL);
  3080. if (ret != BAD_FUNC_ARG) {
  3081. flag = WOLFSSL_FATAL_ERROR;
  3082. }
  3083. }
  3084. wc_Sha256Free(&sha256);
  3085. printf(resultFmt, flag == 0 ? passed : failed);
  3086. #endif
  3087. return flag;
  3088. } /* END test_wc_Sha256Final */
  3089. /*
  3090. * Testing wc_InitSha512()
  3091. */
  3092. static int test_wc_InitSha512 (void)
  3093. {
  3094. int flag = 0;
  3095. #ifdef WOLFSSL_SHA512
  3096. wc_Sha512 sha512;
  3097. int ret;
  3098. printf(testingFmt, "wc_InitSha512()");
  3099. /* Test good arg. */
  3100. ret = wc_InitSha512(&sha512);
  3101. if (ret != 0) {
  3102. flag = WOLFSSL_FATAL_ERROR;
  3103. }
  3104. /* Test bad arg. */
  3105. if (!flag) {
  3106. ret = wc_InitSha512(NULL);
  3107. if (ret != BAD_FUNC_ARG) {
  3108. flag = WOLFSSL_FATAL_ERROR;
  3109. }
  3110. }
  3111. wc_Sha512Free(&sha512);
  3112. printf(resultFmt, flag == 0 ? passed : failed);
  3113. #endif
  3114. return flag;
  3115. } /* END test_wc_InitSha512 */
  3116. /*
  3117. * wc_Sha512Update() test.
  3118. */
  3119. static int test_wc_Sha512Update (void)
  3120. {
  3121. int flag = 0;
  3122. #ifdef WOLFSSL_SHA512
  3123. wc_Sha512 sha512;
  3124. byte hash[WC_SHA512_DIGEST_SIZE];
  3125. testVector a, b, c;
  3126. int ret;
  3127. ret = wc_InitSha512(&sha512);
  3128. if (ret != 0) {
  3129. flag = ret;
  3130. }
  3131. printf(testingFmt, "wc_Sha512Update()");
  3132. /* Input. */
  3133. if (!flag) {
  3134. a.input = "a";
  3135. a.inLen = XSTRLEN(a.input);
  3136. }
  3137. if (!flag) {
  3138. ret = wc_Sha512Update(&sha512, (byte*)a.input, (word32)a.inLen);
  3139. if (ret != 0) {
  3140. flag = ret;
  3141. }
  3142. }
  3143. if (!flag) {
  3144. ret = wc_Sha512Final(&sha512, hash);
  3145. if (ret != 0) {
  3146. flag = ret;
  3147. }
  3148. }
  3149. /* Update input. */
  3150. if (!flag) {
  3151. a.input = "abc";
  3152. a.output = "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41"
  3153. "\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b"
  3154. "\x55\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c"
  3155. "\x23\xa3\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a"
  3156. "\x9a\xc9\x4f\xa5\x4c\xa4\x9f";
  3157. a.inLen = XSTRLEN(a.input);
  3158. a.outLen = XSTRLEN(a.output);
  3159. ret = wc_Sha512Update(&sha512, (byte*) a.input, (word32) a.inLen);
  3160. if (ret != 0) {
  3161. flag = ret;
  3162. }
  3163. }
  3164. if (!flag) {
  3165. ret = wc_Sha512Final(&sha512, hash);
  3166. if (ret != 0) {
  3167. flag = ret;
  3168. }
  3169. }
  3170. if (!flag) {
  3171. if (XMEMCMP(hash, a.output, WC_SHA512_DIGEST_SIZE) != 0) {
  3172. flag = WOLFSSL_FATAL_ERROR;
  3173. }
  3174. }
  3175. /* Try passing in bad values */
  3176. if (!flag) {
  3177. b.input = NULL;
  3178. b.inLen = 0;
  3179. ret = wc_Sha512Update(&sha512, (byte*)b.input, (word32)b.inLen);
  3180. if (ret != 0) {
  3181. flag = ret;
  3182. }
  3183. }
  3184. if (!flag) {
  3185. c.input = NULL;
  3186. c.inLen = WC_SHA512_DIGEST_SIZE;
  3187. ret = wc_Sha512Update(&sha512, (byte*)c.input, (word32)c.inLen);
  3188. if (ret != BAD_FUNC_ARG) {
  3189. flag = WOLFSSL_FATAL_ERROR;
  3190. }
  3191. }
  3192. if (!flag) {
  3193. ret = wc_Sha512Update(NULL, (byte*)a.input, (word32)a.inLen);
  3194. if (ret != BAD_FUNC_ARG) {
  3195. flag = WOLFSSL_FATAL_ERROR;
  3196. }
  3197. }
  3198. wc_Sha512Free(&sha512);
  3199. /* If not returned then the unit test passed test vectors. */
  3200. printf(resultFmt, flag == 0 ? passed : failed);
  3201. #endif
  3202. return flag;
  3203. } /* END test_wc_Sha512Update */
  3204. /*
  3205. * Unit test function for wc_Sha512Final()
  3206. */
  3207. static int test_wc_Sha512Final (void)
  3208. {
  3209. int flag = 0;
  3210. #ifdef WOLFSSL_SHA512
  3211. wc_Sha512 sha512;
  3212. byte* hash_test[3];
  3213. byte hash1[WC_SHA512_DIGEST_SIZE];
  3214. byte hash2[2*WC_SHA512_DIGEST_SIZE];
  3215. byte hash3[5*WC_SHA512_DIGEST_SIZE];
  3216. int times, i, ret;
  3217. /* Initialize */
  3218. ret = wc_InitSha512(&sha512);
  3219. if (ret != 0) {
  3220. flag = ret;
  3221. }
  3222. if (!flag) {
  3223. hash_test[0] = hash1;
  3224. hash_test[1] = hash2;
  3225. hash_test[2] = hash3;
  3226. }
  3227. times = sizeof(hash_test) / sizeof(byte *);
  3228. /* Good test args. */
  3229. printf(testingFmt, "wc_Sha512Final()");
  3230. for (i = 0; i < times; i++) {
  3231. if (!flag) {
  3232. ret = wc_Sha512Final(&sha512, hash_test[i]);
  3233. if (ret != 0) {
  3234. flag = WOLFSSL_FATAL_ERROR;
  3235. }
  3236. }
  3237. }
  3238. /* Test bad args. */
  3239. if (!flag) {
  3240. ret = wc_Sha512Final(NULL, NULL);
  3241. if (ret != BAD_FUNC_ARG) {
  3242. flag = WOLFSSL_FATAL_ERROR;
  3243. }
  3244. if (!flag) {}
  3245. ret = wc_Sha512Final(NULL, hash1);
  3246. if (ret != BAD_FUNC_ARG) {
  3247. flag = WOLFSSL_FATAL_ERROR;
  3248. }
  3249. }
  3250. if (!flag) {
  3251. ret = wc_Sha512Final(&sha512, NULL);
  3252. if (ret != BAD_FUNC_ARG) {
  3253. flag = WOLFSSL_FATAL_ERROR;
  3254. }
  3255. }
  3256. wc_Sha512Free(&sha512);
  3257. printf(resultFmt, flag == 0 ? passed : failed);
  3258. #endif
  3259. return flag;
  3260. } /* END test_wc_Sha512Final */
  3261. /*
  3262. * Testing wc_InitSha384()
  3263. */
  3264. static int test_wc_InitSha384 (void)
  3265. {
  3266. int flag = 0;
  3267. #ifdef WOLFSSL_SHA384
  3268. wc_Sha384 sha384;
  3269. int ret;
  3270. printf(testingFmt, "wc_InitSha384()");
  3271. /* Test good arg. */
  3272. ret = wc_InitSha384(&sha384);
  3273. if (ret != 0) {
  3274. flag = WOLFSSL_FATAL_ERROR;
  3275. }
  3276. /* Test bad arg. */
  3277. if (!flag) {
  3278. ret = wc_InitSha384(NULL);
  3279. if (ret != BAD_FUNC_ARG) {
  3280. flag = WOLFSSL_FATAL_ERROR;
  3281. }
  3282. }
  3283. wc_Sha384Free(&sha384);
  3284. printf(resultFmt, flag == 0 ? passed : failed);
  3285. #endif
  3286. return flag;
  3287. } /* END test_wc_InitSha384 */
  3288. /*
  3289. * test wc_Sha384Update()
  3290. */
  3291. static int test_wc_Sha384Update (void)
  3292. {
  3293. int flag = 0;
  3294. #ifdef WOLFSSL_SHA384
  3295. wc_Sha384 sha384;
  3296. byte hash[WC_SHA384_DIGEST_SIZE];
  3297. testVector a, b, c;
  3298. int ret;
  3299. ret = wc_InitSha384(&sha384);
  3300. if (ret != 0) {
  3301. flag = ret;
  3302. }
  3303. printf(testingFmt, "wc_Sha384Update()");
  3304. /* Input */
  3305. if (!flag) {
  3306. a.input = "a";
  3307. a.inLen = XSTRLEN(a.input);
  3308. }
  3309. if (!flag) {
  3310. ret = wc_Sha384Update(&sha384, (byte*)a.input, (word32)a.inLen);
  3311. if (ret != 0) {
  3312. flag = ret;
  3313. }
  3314. }
  3315. if (!flag) {
  3316. ret = wc_Sha384Final(&sha384, hash);
  3317. if (ret != 0) {
  3318. flag = ret;
  3319. }
  3320. }
  3321. /* Update input. */
  3322. if (!flag) {
  3323. a.input = "abc";
  3324. a.output = "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50"
  3325. "\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff"
  3326. "\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34"
  3327. "\xc8\x25\xa7";
  3328. a.inLen = XSTRLEN(a.input);
  3329. a.outLen = XSTRLEN(a.output);
  3330. ret = wc_Sha384Update(&sha384, (byte*)a.input, (word32)a.inLen);
  3331. if (ret != 0) {
  3332. flag = ret;
  3333. }
  3334. }
  3335. if (!flag) {
  3336. ret = wc_Sha384Final(&sha384, hash);
  3337. if (ret != 0) {
  3338. flag = ret;
  3339. }
  3340. }
  3341. if (!flag) {
  3342. if (XMEMCMP(hash, a.output, WC_SHA384_DIGEST_SIZE) != 0) {
  3343. flag = WOLFSSL_FATAL_ERROR;
  3344. }
  3345. }
  3346. /* Pass in bad values. */
  3347. if (!flag) {
  3348. b.input = NULL;
  3349. b.inLen = 0;
  3350. ret = wc_Sha384Update(&sha384, (byte*)b.input, (word32)b.inLen);
  3351. if (ret != 0) {
  3352. flag = ret;
  3353. }
  3354. }
  3355. if (!flag) {
  3356. c.input = NULL;
  3357. c.inLen = WC_SHA384_DIGEST_SIZE;
  3358. ret = wc_Sha384Update(&sha384, (byte*)c.input, (word32)c.inLen);
  3359. if (ret != BAD_FUNC_ARG) {
  3360. flag = WOLFSSL_FATAL_ERROR;
  3361. }
  3362. }
  3363. if (!flag) {
  3364. ret = wc_Sha384Update(NULL, (byte*)a.input, (word32)a.inLen);
  3365. if (ret != BAD_FUNC_ARG) {
  3366. flag = WOLFSSL_FATAL_ERROR;
  3367. }
  3368. }
  3369. wc_Sha384Free(&sha384);
  3370. /* If not returned then the unit test passed test vectors. */
  3371. printf(resultFmt, flag == 0 ? passed : failed);
  3372. #endif
  3373. return flag;
  3374. } /* END test_wc_Sha384Update */
  3375. /*
  3376. * Unit test function for wc_Sha384Final();
  3377. */
  3378. static int test_wc_Sha384Final (void)
  3379. {
  3380. int flag = 0;
  3381. #ifdef WOLFSSL_SHA384
  3382. wc_Sha384 sha384;
  3383. byte* hash_test[3];
  3384. byte hash1[WC_SHA384_DIGEST_SIZE];
  3385. byte hash2[2*WC_SHA384_DIGEST_SIZE];
  3386. byte hash3[5*WC_SHA384_DIGEST_SIZE];
  3387. int times, i, ret;
  3388. /* Initialize */
  3389. ret = wc_InitSha384(&sha384);
  3390. if (ret) {
  3391. flag = ret;
  3392. }
  3393. if (!flag) {
  3394. hash_test[0] = hash1;
  3395. hash_test[1] = hash2;
  3396. hash_test[2] = hash3;
  3397. }
  3398. times = sizeof(hash_test) / sizeof(byte*);
  3399. /* Good test args. */
  3400. printf(testingFmt, "wc_Sha384Final()");
  3401. for (i = 0; i < times; i++) {
  3402. if (!flag) {
  3403. ret = wc_Sha384Final(&sha384, hash_test[i]);
  3404. if (ret != 0) {
  3405. flag = WOLFSSL_FATAL_ERROR;
  3406. }
  3407. }
  3408. }
  3409. /* Test bad args. */
  3410. if (!flag) {
  3411. ret = wc_Sha384Final(NULL, NULL);
  3412. if (ret != BAD_FUNC_ARG) {
  3413. flag = WOLFSSL_FATAL_ERROR;
  3414. }
  3415. }
  3416. if (!flag) {
  3417. ret = wc_Sha384Final(NULL, hash1);
  3418. if (ret != BAD_FUNC_ARG) {
  3419. flag = WOLFSSL_FATAL_ERROR;
  3420. }
  3421. }
  3422. if (!flag) {
  3423. ret = wc_Sha384Final(&sha384, NULL);
  3424. if (ret != BAD_FUNC_ARG) {
  3425. flag = WOLFSSL_FATAL_ERROR;
  3426. }
  3427. }
  3428. wc_Sha384Free(&sha384);
  3429. printf(resultFmt, flag == 0 ? passed : failed);
  3430. #endif
  3431. return flag;
  3432. } /* END test_wc_Sha384Final */
  3433. /*
  3434. * Testing wc_InitSha224();
  3435. */
  3436. static int test_wc_InitSha224 (void)
  3437. {
  3438. int flag = 0;
  3439. #ifdef WOLFSSL_SHA224
  3440. wc_Sha224 sha224;
  3441. int ret;
  3442. printf(testingFmt, "wc_InitSha224()");
  3443. /* Test good arg. */
  3444. ret = wc_InitSha224(&sha224);
  3445. if (ret != 0) {
  3446. flag = WOLFSSL_FATAL_ERROR;
  3447. }
  3448. /* Test bad arg. */
  3449. if (!flag) {
  3450. ret = wc_InitSha224(NULL);
  3451. if (ret != BAD_FUNC_ARG) {
  3452. flag = WOLFSSL_FATAL_ERROR;
  3453. }
  3454. }
  3455. wc_Sha224Free(&sha224);
  3456. printf(resultFmt, flag == 0 ? passed : failed);
  3457. #endif
  3458. return flag;
  3459. } /* END test_wc_InitSha224 */
  3460. /*
  3461. * Unit test on wc_Sha224Update
  3462. */
  3463. static int test_wc_Sha224Update (void)
  3464. {
  3465. int flag = 0;
  3466. #ifdef WOLFSSL_SHA224
  3467. wc_Sha224 sha224;
  3468. byte hash[WC_SHA224_DIGEST_SIZE];
  3469. testVector a, b, c;
  3470. int ret;
  3471. ret = wc_InitSha224(&sha224);
  3472. if (ret != 0) {
  3473. flag = ret;
  3474. }
  3475. printf(testingFmt, "wc_Sha224Update()");
  3476. /* Input. */
  3477. if (!flag) {
  3478. a.input = "a";
  3479. a.inLen = XSTRLEN(a.input);
  3480. }
  3481. if (!flag) {
  3482. ret = wc_Sha224Update(&sha224, (byte*)a.input, (word32)a.inLen);
  3483. if (ret != 0) {
  3484. flag = ret;
  3485. }
  3486. }
  3487. if (!flag) {
  3488. ret = wc_Sha224Final(&sha224, hash);
  3489. if (ret != 0) {
  3490. flag = ret;
  3491. }
  3492. }
  3493. /* Update input. */
  3494. if (!flag) {
  3495. a.input = "abc";
  3496. a.output = "\x23\x09\x7d\x22\x34\x05\xd8\x22\x86\x42\xa4\x77\xbd\xa2"
  3497. "\x55\xb3\x2a\xad\xbc\xe4\xbd\xa0\xb3\xf7\xe3\x6c\x9d\xa7";
  3498. a.inLen = XSTRLEN(a.input);
  3499. a.outLen = XSTRLEN(a.output);
  3500. ret = wc_Sha224Update(&sha224, (byte*)a.input, (word32)a.inLen);
  3501. if (ret != 0) {
  3502. flag = ret;
  3503. }
  3504. }
  3505. if (!flag) {
  3506. ret = wc_Sha224Final(&sha224, hash);
  3507. if (ret != 0) {
  3508. flag = ret;
  3509. }
  3510. }
  3511. if (!flag) {
  3512. if (XMEMCMP(hash, a.output, WC_SHA224_DIGEST_SIZE) != 0) {
  3513. flag = WOLFSSL_FATAL_ERROR;
  3514. }
  3515. }
  3516. /* Pass in bad values. */
  3517. if (!flag) {
  3518. b.input = NULL;
  3519. b.inLen = 0;
  3520. ret = wc_Sha224Update(&sha224, (byte*)b.input, (word32)b.inLen);
  3521. if (ret != 0) {
  3522. flag = ret;
  3523. }
  3524. }
  3525. if (!flag) {
  3526. c.input = NULL;
  3527. c.inLen = WC_SHA224_DIGEST_SIZE;
  3528. ret = wc_Sha224Update(&sha224, (byte*)c.input, (word32)c.inLen);
  3529. if (ret != BAD_FUNC_ARG) {
  3530. flag = WOLFSSL_FATAL_ERROR;
  3531. }
  3532. }
  3533. if (!flag) {
  3534. ret = wc_Sha224Update(NULL, (byte*)a.input, (word32)a.inLen);
  3535. if (ret != BAD_FUNC_ARG) {
  3536. flag = WOLFSSL_FATAL_ERROR;
  3537. }
  3538. }
  3539. wc_Sha224Free(&sha224);
  3540. /* If not returned then the unit test passed test vectors. */
  3541. printf(resultFmt, flag == 0 ? passed : failed);
  3542. #endif
  3543. return flag;
  3544. } /* END test_wc_Sha224Update */
  3545. /*
  3546. * Unit test for wc_Sha224Final();
  3547. */
  3548. static int test_wc_Sha224Final (void)
  3549. {
  3550. int flag = 0;
  3551. #ifdef WOLFSSL_SHA224
  3552. wc_Sha224 sha224;
  3553. byte* hash_test[3];
  3554. byte hash1[WC_SHA224_DIGEST_SIZE];
  3555. byte hash2[2*WC_SHA224_DIGEST_SIZE];
  3556. byte hash3[5*WC_SHA224_DIGEST_SIZE];
  3557. int times, i, ret;
  3558. /* Initialize */
  3559. ret = wc_InitSha224(&sha224);
  3560. if (ret) {
  3561. flag = ret;
  3562. }
  3563. if (!flag) {
  3564. hash_test[0] = hash1;
  3565. hash_test[1] = hash2;
  3566. hash_test[2] = hash3;
  3567. }
  3568. times = sizeof(hash_test) / sizeof(byte*);
  3569. /* Good test args. */
  3570. printf(testingFmt, "wc_sha224Final()");
  3571. /* Testing oversized buffers. */
  3572. for (i = 0; i < times; i++) {
  3573. if (!flag) {
  3574. ret = wc_Sha224Final(&sha224, hash_test[i]);
  3575. if (ret != 0) {
  3576. flag = WOLFSSL_FATAL_ERROR;
  3577. }
  3578. }
  3579. }
  3580. /* Test bad args. */
  3581. if (!flag) {
  3582. ret = wc_Sha224Final(NULL, NULL);
  3583. if (ret != BAD_FUNC_ARG) {
  3584. flag = WOLFSSL_FATAL_ERROR;
  3585. }
  3586. }
  3587. if (!flag) {
  3588. ret = wc_Sha224Final(NULL, hash1);
  3589. if (ret != BAD_FUNC_ARG) {
  3590. flag = WOLFSSL_FATAL_ERROR;
  3591. }
  3592. }
  3593. if (!flag) {
  3594. ret = wc_Sha224Final(&sha224, NULL);
  3595. if (ret != BAD_FUNC_ARG) {
  3596. flag = WOLFSSL_FATAL_ERROR;
  3597. }
  3598. }
  3599. wc_Sha224Free(&sha224);
  3600. printf(resultFmt, flag == 0 ? passed : failed);
  3601. #endif
  3602. return flag;
  3603. } /* END test_wc_Sha224Final */
  3604. /*
  3605. * Testing wc_InitRipeMd()
  3606. */
  3607. static int test_wc_InitRipeMd (void)
  3608. {
  3609. int flag = 0;
  3610. #ifdef WOLFSSL_RIPEMD
  3611. RipeMd ripemd;
  3612. int ret;
  3613. printf(testingFmt, "wc_InitRipeMd()");
  3614. /* Test good arg. */
  3615. ret = wc_InitRipeMd(&ripemd);
  3616. if (ret != 0) {
  3617. flag = WOLFSSL_FATAL_ERROR;
  3618. }
  3619. /* Test bad arg. */
  3620. if (!flag) {
  3621. ret = wc_InitRipeMd(NULL);
  3622. if (ret != BAD_FUNC_ARG) {
  3623. flag = WOLFSSL_FATAL_ERROR;
  3624. }
  3625. }
  3626. printf(resultFmt, flag == 0 ? passed : failed);
  3627. #endif
  3628. return flag;
  3629. } /* END test_wc_InitRipeMd */
  3630. /*
  3631. * Testing wc_RipeMdUpdate()
  3632. */
  3633. static int test_wc_RipeMdUpdate (void)
  3634. {
  3635. int flag = 0;
  3636. #ifdef WOLFSSL_RIPEMD
  3637. RipeMd ripemd;
  3638. byte hash[RIPEMD_DIGEST_SIZE];
  3639. testVector a, b, c;
  3640. int ret;
  3641. ret = wc_InitRipeMd(&ripemd);
  3642. if (ret != 0) {
  3643. flag = ret;
  3644. }
  3645. printf(testingFmt, "wc_RipeMdUpdate()");
  3646. /* Input */
  3647. if (!flag) {
  3648. a.input = "a";
  3649. a.inLen = XSTRLEN(a.input);
  3650. }
  3651. if (!flag) {
  3652. ret = wc_RipeMdUpdate(&ripemd, (byte*)a.input, (word32)a.inLen);
  3653. if (ret != 0) {
  3654. flag = ret;
  3655. }
  3656. }
  3657. if (!flag) {
  3658. ret = wc_RipeMdFinal(&ripemd, hash);
  3659. if (ret != 0) {
  3660. flag = ret;
  3661. }
  3662. }
  3663. /* Update input. */
  3664. if (!flag) {
  3665. a.input = "abc";
  3666. a.output = "\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04\x4a\x8e\x98\xc6"
  3667. "\xb0\x87\xf1\x5a\x0b\xfc";
  3668. a.inLen = XSTRLEN(a.input);
  3669. a.outLen = XSTRLEN(a.output);
  3670. ret = wc_RipeMdUpdate(&ripemd, (byte*)a.input, (word32)a.inLen);
  3671. if (ret != 0) {
  3672. flag = ret;
  3673. }
  3674. }
  3675. if (!flag) {
  3676. ret = wc_RipeMdFinal(&ripemd, hash);
  3677. if (ret != 0) {
  3678. flag = ret;
  3679. }
  3680. }
  3681. if (!flag) {
  3682. if (XMEMCMP(hash, a.output, RIPEMD_DIGEST_SIZE) != 0) {
  3683. flag = WOLFSSL_FATAL_ERROR;
  3684. }
  3685. }
  3686. /* Pass in bad values. */
  3687. if (!flag) {
  3688. b.input = NULL;
  3689. b.inLen = 0;
  3690. ret = wc_RipeMdUpdate(&ripemd, (byte*)b.input, (word32)b.inLen);
  3691. if (ret != 0) {
  3692. flag = ret;
  3693. }
  3694. }
  3695. if (!flag) {
  3696. c.input = NULL;
  3697. c.inLen = RIPEMD_DIGEST_SIZE;
  3698. ret = wc_RipeMdUpdate(&ripemd, (byte*)c.input, (word32)c.inLen);
  3699. if (ret != BAD_FUNC_ARG) {
  3700. flag = WOLFSSL_FATAL_ERROR;
  3701. }
  3702. }
  3703. if (!flag) {
  3704. ret = wc_RipeMdUpdate(NULL, (byte*)a.input, (word32)a.inLen);
  3705. if (ret != BAD_FUNC_ARG) {
  3706. flag = WOLFSSL_FATAL_ERROR;
  3707. }
  3708. }
  3709. printf(resultFmt, flag == 0 ? passed : failed);
  3710. #endif
  3711. return flag;
  3712. } /* END test_wc_RipeMdUdpate */
  3713. /*
  3714. * Unit test function for wc_RipeMdFinal()
  3715. */
  3716. static int test_wc_RipeMdFinal (void)
  3717. {
  3718. int flag = 0;
  3719. #ifdef WOLFSSL_RIPEMD
  3720. RipeMd ripemd;
  3721. byte* hash_test[3];
  3722. byte hash1[RIPEMD_DIGEST_SIZE];
  3723. byte hash2[2*RIPEMD_DIGEST_SIZE];
  3724. byte hash3[5*RIPEMD_DIGEST_SIZE];
  3725. int times, i, ret;
  3726. /* Initialize */
  3727. ret = wc_InitRipeMd(&ripemd);
  3728. if (ret != 0) {
  3729. flag = ret;
  3730. }
  3731. if (!flag) {
  3732. hash_test[0] = hash1;
  3733. hash_test[1] = hash2;
  3734. hash_test[2] = hash3;
  3735. }
  3736. times = sizeof(hash_test) / sizeof(byte*);
  3737. /* Good test args. */
  3738. printf(testingFmt, "wc_RipeMdFinal()");
  3739. /* Testing oversized buffers. */
  3740. for (i = 0; i < times; i++) {
  3741. if (!flag) {
  3742. ret = wc_RipeMdFinal(&ripemd, hash_test[i]);
  3743. if (ret != 0) {
  3744. flag = WOLFSSL_FATAL_ERROR;
  3745. }
  3746. }
  3747. }
  3748. /* Test bad args. */
  3749. if (!flag) {
  3750. ret = wc_RipeMdFinal(NULL, NULL);
  3751. if (ret != BAD_FUNC_ARG) {
  3752. flag = WOLFSSL_FATAL_ERROR;
  3753. }
  3754. }
  3755. if (!flag) {
  3756. ret = wc_RipeMdFinal(NULL, hash1);
  3757. if (ret != BAD_FUNC_ARG) {
  3758. flag = WOLFSSL_FATAL_ERROR;
  3759. }
  3760. }
  3761. if (!flag) {
  3762. ret = wc_RipeMdFinal(&ripemd, NULL);
  3763. if (ret != BAD_FUNC_ARG) {
  3764. flag = WOLFSSL_FATAL_ERROR;
  3765. }
  3766. }
  3767. printf(resultFmt, flag == 0 ? passed : failed);
  3768. #endif
  3769. return flag;
  3770. } /* END test_wc_RipeMdFinal */
  3771. /*
  3772. * Testing wc_InitSha3_224, wc_InitSha3_256, wc_InitSha3_384, and
  3773. * wc_InitSha3_512
  3774. */
  3775. static int test_wc_InitSha3 (void)
  3776. {
  3777. int ret = 0;
  3778. #if defined(WOLFSSL_SHA3)
  3779. wc_Sha3 sha3;
  3780. #if !defined(WOLFSSL_NOSHA3_224)
  3781. printf(testingFmt, "wc_InitSha3_224()");
  3782. ret = wc_InitSha3_224(&sha3, HEAP_HINT, devId);
  3783. /* Test bad args. */
  3784. if (ret == 0) {
  3785. ret = wc_InitSha3_224(NULL, HEAP_HINT, devId);
  3786. if (ret == BAD_FUNC_ARG) {
  3787. ret = 0;
  3788. } else if (ret == 0) {
  3789. ret = WOLFSSL_FATAL_ERROR;
  3790. }
  3791. }
  3792. wc_Sha3_224_Free(&sha3);
  3793. printf(resultFmt, ret == 0 ? passed : failed);
  3794. #endif /* NOSHA3_224 */
  3795. #if !defined(WOLFSSL_NOSHA3_256)
  3796. if (ret == 0) {
  3797. printf(testingFmt, "wc_InitSha3_256()");
  3798. ret = wc_InitSha3_256(&sha3, HEAP_HINT, devId);
  3799. /* Test bad args. */
  3800. if (ret == 0) {
  3801. ret = wc_InitSha3_256(NULL, HEAP_HINT, devId);
  3802. if (ret == BAD_FUNC_ARG) {
  3803. ret = 0;
  3804. } else if (ret == 0) {
  3805. ret = WOLFSSL_FATAL_ERROR;
  3806. }
  3807. }
  3808. wc_Sha3_256_Free(&sha3);
  3809. printf(resultFmt, ret == 0 ? passed : failed);
  3810. } /* END sha3_256 */
  3811. #endif /* NOSHA3_256 */
  3812. #if !defined(WOLFSSL_NOSHA3_384)
  3813. if (ret == 0) {
  3814. printf(testingFmt, "wc_InitSha3_384()");
  3815. ret = wc_InitSha3_384(&sha3, HEAP_HINT, devId);
  3816. /* Test bad args. */
  3817. if (ret == 0) {
  3818. ret = wc_InitSha3_384(NULL, HEAP_HINT, devId);
  3819. if (ret == BAD_FUNC_ARG) {
  3820. ret = 0;
  3821. } else if (ret == 0) {
  3822. ret = WOLFSSL_FATAL_ERROR;
  3823. }
  3824. }
  3825. wc_Sha3_384_Free(&sha3);
  3826. printf(resultFmt, ret == 0 ? passed : failed);
  3827. } /* END sha3_384 */
  3828. #endif /* NOSHA3_384 */
  3829. #if !defined(WOLFSSL_NOSHA3_512)
  3830. if (ret == 0) {
  3831. printf(testingFmt, "wc_InitSha3_512()");
  3832. ret = wc_InitSha3_512(&sha3, HEAP_HINT, devId);
  3833. /* Test bad args. */
  3834. if (ret == 0) {
  3835. ret = wc_InitSha3_512(NULL, HEAP_HINT, devId);
  3836. if (ret == BAD_FUNC_ARG) {
  3837. ret = 0;
  3838. } else if (ret == 0) {
  3839. ret = WOLFSSL_FATAL_ERROR;
  3840. }
  3841. }
  3842. wc_Sha3_512_Free(&sha3);
  3843. printf(resultFmt, ret == 0 ? passed : failed);
  3844. } /* END sha3_512 */
  3845. #endif /* NOSHA3_512 */
  3846. #endif
  3847. return ret;
  3848. } /* END test_wc_InitSha3 */
  3849. /*
  3850. * Testing wc_Sha3_Update()
  3851. */
  3852. static int testing_wc_Sha3_Update (void)
  3853. {
  3854. int ret = 0;
  3855. #if defined(WOLFSSL_SHA3)
  3856. wc_Sha3 sha3;
  3857. byte msg[] = "Everybody's working for the weekend.";
  3858. byte msg2[] = "Everybody gets Friday off.";
  3859. byte msgCmp[] = "\x45\x76\x65\x72\x79\x62\x6f\x64\x79\x27\x73\x20"
  3860. "\x77\x6f\x72\x6b\x69\x6e\x67\x20\x66\x6f\x72\x20\x74"
  3861. "\x68\x65\x20\x77\x65\x65\x6b\x65\x6e\x64\x2e\x45\x76"
  3862. "\x65\x72\x79\x62\x6f\x64\x79\x20\x67\x65\x74\x73\x20"
  3863. "\x46\x72\x69\x64\x61\x79\x20\x6f\x66\x66\x2e";
  3864. word32 msglen = sizeof(msg) - 1;
  3865. word32 msg2len = sizeof(msg2);
  3866. word32 msgCmplen = sizeof(msgCmp);
  3867. #if !defined(WOLFSSL_NOSHA3_224)
  3868. printf(testingFmt, "wc_Sha3_224_Update()");
  3869. ret = wc_InitSha3_224(&sha3, HEAP_HINT, devId);
  3870. if (ret != 0) {
  3871. return ret;
  3872. }
  3873. ret = wc_Sha3_224_Update(&sha3, msg, msglen);
  3874. if (XMEMCMP(msg, sha3.t, msglen) || sha3.i != msglen) {
  3875. ret = WOLFSSL_FATAL_ERROR;
  3876. }
  3877. if (ret == 0) {
  3878. ret = wc_Sha3_224_Update(&sha3, msg2, msg2len);
  3879. if (ret == 0 && XMEMCMP(sha3.t, msgCmp, msgCmplen) != 0) {
  3880. ret = WOLFSSL_FATAL_ERROR;
  3881. }
  3882. }
  3883. /* Pass bad args. */
  3884. if (ret == 0) {
  3885. ret = wc_Sha3_224_Update(NULL, msg2, msg2len);
  3886. if (ret == BAD_FUNC_ARG) {
  3887. ret = wc_Sha3_224_Update(&sha3, NULL, 5);
  3888. }
  3889. if (ret == BAD_FUNC_ARG) {
  3890. wc_Sha3_224_Free(&sha3);
  3891. if (wc_InitSha3_224(&sha3, HEAP_HINT, devId)) {
  3892. return ret;
  3893. }
  3894. ret = wc_Sha3_224_Update(&sha3, NULL, 0);
  3895. if (ret == 0) {
  3896. ret = wc_Sha3_224_Update(&sha3, msg2, msg2len);
  3897. }
  3898. if (ret == 0 && XMEMCMP(msg2, sha3.t, msg2len) != 0) {
  3899. ret = WOLFSSL_FATAL_ERROR;
  3900. }
  3901. }
  3902. }
  3903. wc_Sha3_224_Free(&sha3);
  3904. printf(resultFmt, ret == 0 ? passed : failed);
  3905. #endif /* SHA3_224 */
  3906. #if !defined(WOLFSSL_NOSHA3_256)
  3907. if (ret == 0) {
  3908. printf(testingFmt, "wc_Sha3_256_Update()");
  3909. ret = wc_InitSha3_256(&sha3, HEAP_HINT, devId);
  3910. if (ret != 0) {
  3911. return ret;
  3912. }
  3913. ret = wc_Sha3_256_Update(&sha3, msg, msglen);
  3914. if (XMEMCMP(msg, sha3.t, msglen) || sha3.i != msglen) {
  3915. ret = WOLFSSL_FATAL_ERROR;
  3916. }
  3917. if (ret == 0) {
  3918. ret = wc_Sha3_256_Update(&sha3, msg2, msg2len);
  3919. if (XMEMCMP(sha3.t, msgCmp, msgCmplen) != 0) {
  3920. ret = WOLFSSL_FATAL_ERROR;
  3921. }
  3922. }
  3923. /* Pass bad args. */
  3924. if (ret == 0) {
  3925. ret = wc_Sha3_256_Update(NULL, msg2, msg2len);
  3926. if (ret == BAD_FUNC_ARG) {
  3927. ret = wc_Sha3_256_Update(&sha3, NULL, 5);
  3928. }
  3929. if (ret == BAD_FUNC_ARG) {
  3930. wc_Sha3_256_Free(&sha3);
  3931. if (wc_InitSha3_256(&sha3, HEAP_HINT, devId)) {
  3932. return ret;
  3933. }
  3934. ret = wc_Sha3_256_Update(&sha3, NULL, 0);
  3935. if (ret == 0) {
  3936. ret = wc_Sha3_256_Update(&sha3, msg2, msg2len);
  3937. }
  3938. if (ret == 0 && XMEMCMP(msg2, sha3.t, msg2len) != 0) {
  3939. ret = WOLFSSL_FATAL_ERROR;
  3940. }
  3941. }
  3942. }
  3943. wc_Sha3_256_Free(&sha3);
  3944. printf(resultFmt, ret == 0 ? passed : failed);
  3945. }
  3946. #endif /* SHA3_256 */
  3947. #if !defined(WOLFSSL_NOSHA3_384)
  3948. if (ret == 0) {
  3949. printf(testingFmt, "wc_Sha3_384_Update()");
  3950. ret = wc_InitSha3_384(&sha3, HEAP_HINT, devId);
  3951. if (ret != 0) {
  3952. return ret;
  3953. }
  3954. ret = wc_Sha3_384_Update(&sha3, msg, msglen);
  3955. if (XMEMCMP(msg, sha3.t, msglen) || sha3.i != msglen) {
  3956. ret = WOLFSSL_FATAL_ERROR;
  3957. }
  3958. if (ret == 0) {
  3959. ret = wc_Sha3_384_Update(&sha3, msg2, msg2len);
  3960. if (XMEMCMP(sha3.t, msgCmp, msgCmplen) != 0) {
  3961. ret = WOLFSSL_FATAL_ERROR;
  3962. }
  3963. }
  3964. /* Pass bad args. */
  3965. if (ret == 0) {
  3966. ret = wc_Sha3_384_Update(NULL, msg2, msg2len);
  3967. if (ret == BAD_FUNC_ARG) {
  3968. ret = wc_Sha3_384_Update(&sha3, NULL, 5);
  3969. }
  3970. if (ret == BAD_FUNC_ARG) {
  3971. wc_Sha3_384_Free(&sha3);
  3972. if (wc_InitSha3_384(&sha3, HEAP_HINT, devId)) {
  3973. return ret;
  3974. }
  3975. ret = wc_Sha3_384_Update(&sha3, NULL, 0);
  3976. if (ret == 0) {
  3977. ret = wc_Sha3_384_Update(&sha3, msg2, msg2len);
  3978. }
  3979. if (ret == 0 && XMEMCMP(msg2, sha3.t, msg2len) != 0) {
  3980. ret = WOLFSSL_FATAL_ERROR;
  3981. }
  3982. }
  3983. }
  3984. wc_Sha3_384_Free(&sha3);
  3985. printf(resultFmt, ret == 0 ? passed : failed);
  3986. }
  3987. #endif /* SHA3_384 */
  3988. #if !defined(WOLFSSL_NOSHA3_512)
  3989. if (ret == 0) {
  3990. printf(testingFmt, "wc_Sha3_512_Update()");
  3991. ret = wc_InitSha3_512(&sha3, HEAP_HINT, devId);
  3992. if (ret != 0) {
  3993. return ret;
  3994. }
  3995. ret = wc_Sha3_512_Update(&sha3, msg, msglen);
  3996. if (XMEMCMP(msg, sha3.t, msglen) || sha3.i != msglen) {
  3997. ret = WOLFSSL_FATAL_ERROR;
  3998. }
  3999. if (ret == 0) {
  4000. ret = wc_Sha3_512_Update(&sha3, msg2, msg2len);
  4001. if (XMEMCMP(sha3.t, msgCmp, msgCmplen) != 0) {
  4002. ret = WOLFSSL_FATAL_ERROR;
  4003. }
  4004. }
  4005. /* Pass bad args. */
  4006. if (ret == 0) {
  4007. ret = wc_Sha3_512_Update(NULL, msg2, msg2len);
  4008. if (ret == BAD_FUNC_ARG) {
  4009. ret = wc_Sha3_512_Update(&sha3, NULL, 5);
  4010. }
  4011. if (ret == BAD_FUNC_ARG) {
  4012. wc_Sha3_512_Free(&sha3);
  4013. if (wc_InitSha3_512(&sha3, HEAP_HINT, devId)) {
  4014. return ret;
  4015. }
  4016. ret = wc_Sha3_512_Update(&sha3, NULL, 0);
  4017. if (ret == 0) {
  4018. ret = wc_Sha3_512_Update(&sha3, msg2, msg2len);
  4019. }
  4020. if (ret == 0 && XMEMCMP(msg2, sha3.t, msg2len) != 0) {
  4021. ret = WOLFSSL_FATAL_ERROR;
  4022. }
  4023. }
  4024. }
  4025. wc_Sha3_512_Free(&sha3);
  4026. printf(resultFmt, ret == 0 ? passed : failed);
  4027. }
  4028. #endif /* SHA3_512 */
  4029. #endif /* WOLFSSL_SHA3 */
  4030. return ret;
  4031. } /* END testing_wc_Sha3_Update */
  4032. /*
  4033. * Testing wc_Sha3_224_Final()
  4034. */
  4035. static int test_wc_Sha3_224_Final (void)
  4036. {
  4037. int ret = 0;
  4038. #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
  4039. wc_Sha3 sha3;
  4040. const char* msg = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnom"
  4041. "nopnopq";
  4042. const char* expOut = "\x8a\x24\x10\x8b\x15\x4a\xda\x21\xc9\xfd\x55"
  4043. "\x74\x49\x44\x79\xba\x5c\x7e\x7a\xb7\x6e\xf2"
  4044. "\x64\xea\xd0\xfc\xce\x33";
  4045. byte hash[WC_SHA3_224_DIGEST_SIZE];
  4046. byte hashRet[WC_SHA3_224_DIGEST_SIZE];
  4047. /* Init stack variables. */
  4048. XMEMSET(hash, 0, sizeof(hash));
  4049. printf(testingFmt, "wc_Sha3_224_Final()");
  4050. ret = wc_InitSha3_224(&sha3, HEAP_HINT, devId);
  4051. if (ret != 0) {
  4052. return ret;
  4053. }
  4054. ret= wc_Sha3_224_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg));
  4055. if (ret == 0) {
  4056. ret = wc_Sha3_224_Final(&sha3, hash);
  4057. if (ret == 0 && XMEMCMP(expOut, hash, WC_SHA3_224_DIGEST_SIZE) != 0) {
  4058. ret = WOLFSSL_FATAL_ERROR;
  4059. }
  4060. }
  4061. /* Test bad args. */
  4062. if (ret == 0) {
  4063. ret = wc_Sha3_224_Final(NULL, hash);
  4064. if (ret == 0) {
  4065. ret = wc_Sha3_224_Final(&sha3, NULL);
  4066. }
  4067. if (ret == BAD_FUNC_ARG) {
  4068. ret = 0;
  4069. } else if (ret == 0) {
  4070. ret = WOLFSSL_FATAL_ERROR;
  4071. }
  4072. }
  4073. printf(resultFmt, ret == 0 ? passed : failed);
  4074. if (ret == 0) {
  4075. printf(testingFmt, "wc_Sha3_224_GetHash()");
  4076. ret = wc_InitSha3_224(&sha3, HEAP_HINT, devId);
  4077. if (ret != 0) {
  4078. return ret;
  4079. }
  4080. /* Init stack variables. */
  4081. XMEMSET(hash, 0, sizeof(hash));
  4082. XMEMSET(hashRet, 0, sizeof(hashRet));
  4083. ret= wc_Sha3_224_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg));
  4084. if (ret == 0) {
  4085. ret = wc_Sha3_224_GetHash(&sha3, hashRet);
  4086. }
  4087. if (ret == 0) {
  4088. ret = wc_Sha3_224_Final(&sha3, hash);
  4089. if (ret == 0 && XMEMCMP(hash, hashRet, WC_SHA3_224_DIGEST_SIZE) != 0) {
  4090. ret = WOLFSSL_FATAL_ERROR;
  4091. }
  4092. }
  4093. if (ret == 0) {
  4094. /* Test bad args. */
  4095. ret = wc_Sha3_224_GetHash(NULL, hashRet);
  4096. if (ret == BAD_FUNC_ARG) {
  4097. ret = wc_Sha3_224_GetHash(&sha3, NULL);
  4098. }
  4099. if (ret == BAD_FUNC_ARG) {
  4100. ret = 0;
  4101. } else if (ret == 0) {
  4102. ret = WOLFSSL_FATAL_ERROR;
  4103. }
  4104. }
  4105. printf(resultFmt, ret == 0 ? passed : failed);
  4106. }
  4107. wc_Sha3_224_Free(&sha3);
  4108. #endif
  4109. return ret;
  4110. } /* END test_wc_Sha3_224_Final */
  4111. /*
  4112. * Testing wc_Sha3_256_Final()
  4113. */
  4114. static int test_wc_Sha3_256_Final (void)
  4115. {
  4116. int ret = 0;
  4117. #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
  4118. wc_Sha3 sha3;
  4119. const char* msg = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnom"
  4120. "nopnopq";
  4121. const char* expOut = "\x41\xc0\xdb\xa2\xa9\xd6\x24\x08\x49\x10\x03\x76\xa8"
  4122. "\x23\x5e\x2c\x82\xe1\xb9\x99\x8a\x99\x9e\x21\xdb\x32"
  4123. "\xdd\x97\x49\x6d\x33\x76";
  4124. byte hash[WC_SHA3_256_DIGEST_SIZE];
  4125. byte hashRet[WC_SHA3_256_DIGEST_SIZE];
  4126. /* Init stack variables. */
  4127. XMEMSET(hash, 0, sizeof(hash));
  4128. printf(testingFmt, "wc_Sha3_256_Final()");
  4129. ret = wc_InitSha3_256(&sha3, HEAP_HINT, devId);
  4130. if (ret != 0) {
  4131. return ret;
  4132. }
  4133. ret= wc_Sha3_256_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg));
  4134. if (ret == 0) {
  4135. ret = wc_Sha3_256_Final(&sha3, hash);
  4136. if (ret == 0 && XMEMCMP(expOut, hash, WC_SHA3_256_DIGEST_SIZE) != 0) {
  4137. ret = WOLFSSL_FATAL_ERROR;
  4138. }
  4139. }
  4140. /* Test bad args. */
  4141. if (ret == 0) {
  4142. ret = wc_Sha3_256_Final(NULL, hash);
  4143. if (ret == 0) {
  4144. ret = wc_Sha3_256_Final(&sha3, NULL);
  4145. }
  4146. if (ret == BAD_FUNC_ARG) {
  4147. ret = 0;
  4148. } else if (ret == 0) {
  4149. ret = WOLFSSL_FATAL_ERROR;
  4150. }
  4151. }
  4152. printf(resultFmt, ret == 0 ? passed : failed);
  4153. if (ret == 0) {
  4154. printf(testingFmt, "wc_Sha3_256_GetHash()");
  4155. ret = wc_InitSha3_256(&sha3, HEAP_HINT, devId);
  4156. if (ret != 0) {
  4157. return ret;
  4158. }
  4159. /* Init stack variables. */
  4160. XMEMSET(hash, 0, sizeof(hash));
  4161. XMEMSET(hashRet, 0, sizeof(hashRet));
  4162. ret= wc_Sha3_256_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg));
  4163. if (ret == 0) {
  4164. ret = wc_Sha3_256_GetHash(&sha3, hashRet);
  4165. }
  4166. if (ret == 0) {
  4167. ret = wc_Sha3_256_Final(&sha3, hash);
  4168. if (ret == 0 && XMEMCMP(hash, hashRet, WC_SHA3_256_DIGEST_SIZE) != 0) {
  4169. ret = WOLFSSL_FATAL_ERROR;
  4170. }
  4171. }
  4172. if (ret == 0) {
  4173. /* Test bad args. */
  4174. ret = wc_Sha3_256_GetHash(NULL, hashRet);
  4175. if (ret == BAD_FUNC_ARG) {
  4176. ret = wc_Sha3_256_GetHash(&sha3, NULL);
  4177. }
  4178. if (ret == BAD_FUNC_ARG) {
  4179. ret = 0;
  4180. } else if (ret == 0) {
  4181. ret = WOLFSSL_FATAL_ERROR;
  4182. }
  4183. }
  4184. printf(resultFmt, ret == 0 ? passed : failed);
  4185. }
  4186. wc_Sha3_256_Free(&sha3);
  4187. #endif
  4188. return ret;
  4189. } /* END test_wc_Sha3_256_Final */
  4190. /*
  4191. * Testing wc_Sha3_384_Final()
  4192. */
  4193. static int test_wc_Sha3_384_Final (void)
  4194. {
  4195. int ret = 0;
  4196. #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
  4197. wc_Sha3 sha3;
  4198. const char* msg = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnom"
  4199. "nopnopq";
  4200. const char* expOut = "\x99\x1c\x66\x57\x55\xeb\x3a\x4b\x6b\xbd\xfb\x75\xc7"
  4201. "\x8a\x49\x2e\x8c\x56\xa2\x2c\x5c\x4d\x7e\x42\x9b\xfd"
  4202. "\xbc\x32\xb9\xd4\xad\x5a\xa0\x4a\x1f\x07\x6e\x62\xfe"
  4203. "\xa1\x9e\xef\x51\xac\xd0\x65\x7c\x22";
  4204. byte hash[WC_SHA3_384_DIGEST_SIZE];
  4205. byte hashRet[WC_SHA3_384_DIGEST_SIZE];
  4206. /* Init stack variables. */
  4207. XMEMSET(hash, 0, sizeof(hash));
  4208. printf(testingFmt, "wc_Sha3_384_Final()");
  4209. ret = wc_InitSha3_384(&sha3, HEAP_HINT, devId);
  4210. if (ret != 0) {
  4211. return ret;
  4212. }
  4213. ret= wc_Sha3_384_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg));
  4214. if (ret == 0) {
  4215. ret = wc_Sha3_384_Final(&sha3, hash);
  4216. if (ret == 0 && XMEMCMP(expOut, hash, WC_SHA3_384_DIGEST_SIZE) != 0) {
  4217. ret = WOLFSSL_FATAL_ERROR;
  4218. }
  4219. }
  4220. /* Test bad args. */
  4221. if (ret == 0) {
  4222. ret = wc_Sha3_384_Final(NULL, hash);
  4223. if (ret == 0) {
  4224. ret = wc_Sha3_384_Final(&sha3, NULL);
  4225. }
  4226. if (ret == BAD_FUNC_ARG) {
  4227. ret = 0;
  4228. } else if (ret == 0) {
  4229. ret = WOLFSSL_FATAL_ERROR;
  4230. }
  4231. }
  4232. printf(resultFmt, ret == 0 ? passed : failed);
  4233. if (ret == 0) {
  4234. printf(testingFmt, "wc_Sha3_384_GetHash()");
  4235. ret = wc_InitSha3_384(&sha3, HEAP_HINT, devId);
  4236. if (ret != 0) {
  4237. return ret;
  4238. }
  4239. /* Init stack variables. */
  4240. XMEMSET(hash, 0, sizeof(hash));
  4241. XMEMSET(hashRet, 0, sizeof(hashRet));
  4242. ret= wc_Sha3_384_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg));
  4243. if (ret == 0) {
  4244. ret = wc_Sha3_384_GetHash(&sha3, hashRet);
  4245. }
  4246. if (ret == 0) {
  4247. ret = wc_Sha3_384_Final(&sha3, hash);
  4248. if (ret == 0 && XMEMCMP(hash, hashRet, WC_SHA3_384_DIGEST_SIZE) != 0) {
  4249. ret = WOLFSSL_FATAL_ERROR;
  4250. }
  4251. }
  4252. if (ret == 0) {
  4253. /* Test bad args. */
  4254. ret = wc_Sha3_384_GetHash(NULL, hashRet);
  4255. if (ret == BAD_FUNC_ARG) {
  4256. ret = wc_Sha3_384_GetHash(&sha3, NULL);
  4257. }
  4258. if (ret == BAD_FUNC_ARG) {
  4259. ret = 0;
  4260. } else if (ret == 0) {
  4261. ret = WOLFSSL_FATAL_ERROR;
  4262. }
  4263. }
  4264. printf(resultFmt, ret == 0 ? passed : failed);
  4265. }
  4266. wc_Sha3_384_Free(&sha3);
  4267. #endif
  4268. return ret;
  4269. } /* END test_wc_Sha3_384_Final */
  4270. /*
  4271. * Testing wc_Sha3_512_Final()
  4272. */
  4273. static int test_wc_Sha3_512_Final (void)
  4274. {
  4275. int ret = 0;
  4276. #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
  4277. wc_Sha3 sha3;
  4278. const char* msg = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnom"
  4279. "nopnopq";
  4280. const char* expOut = "\x04\xa3\x71\xe8\x4e\xcf\xb5\xb8\xb7\x7c\xb4\x86\x10"
  4281. "\xfc\xa8\x18\x2d\xd4\x57\xce\x6f\x32\x6a\x0f\xd3\xd7"
  4282. "\xec\x2f\x1e\x91\x63\x6d\xee\x69\x1f\xbe\x0c\x98\x53"
  4283. "\x02\xba\x1b\x0d\x8d\xc7\x8c\x08\x63\x46\xb5\x33\xb4"
  4284. "\x9c\x03\x0d\x99\xa2\x7d\xaf\x11\x39\xd6\xe7\x5e";
  4285. byte hash[WC_SHA3_512_DIGEST_SIZE];
  4286. byte hashRet[WC_SHA3_512_DIGEST_SIZE];
  4287. /* Init stack variables. */
  4288. XMEMSET(hash, 0, sizeof(hash));
  4289. printf(testingFmt, "wc_Sha3_512_Final()");
  4290. ret = wc_InitSha3_512(&sha3, HEAP_HINT, devId);
  4291. if (ret != 0) {
  4292. return ret;
  4293. }
  4294. ret= wc_Sha3_512_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg));
  4295. if (ret == 0) {
  4296. ret = wc_Sha3_512_Final(&sha3, hash);
  4297. if (ret == 0 && XMEMCMP(expOut, hash, WC_SHA3_512_DIGEST_SIZE) != 0) {
  4298. ret = WOLFSSL_FATAL_ERROR;
  4299. }
  4300. }
  4301. /* Test bad args. */
  4302. if (ret == 0) {
  4303. ret = wc_Sha3_512_Final(NULL, hash);
  4304. if (ret == 0) {
  4305. ret = wc_Sha3_384_Final(&sha3, NULL);
  4306. }
  4307. if (ret == BAD_FUNC_ARG) {
  4308. ret = 0;
  4309. } else if (ret == 0) {
  4310. ret = WOLFSSL_FATAL_ERROR;
  4311. }
  4312. }
  4313. printf(resultFmt, ret == 0 ? passed : failed);
  4314. if (ret == 0) {
  4315. printf(testingFmt, "wc_Sha3_512_GetHash()");
  4316. ret = wc_InitSha3_512(&sha3, HEAP_HINT, devId);
  4317. if (ret != 0) {
  4318. return ret;
  4319. }
  4320. /* Init stack variables. */
  4321. XMEMSET(hash, 0, sizeof(hash));
  4322. XMEMSET(hashRet, 0, sizeof(hashRet));
  4323. ret= wc_Sha3_512_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg));
  4324. if (ret == 0) {
  4325. ret = wc_Sha3_512_GetHash(&sha3, hashRet);
  4326. }
  4327. if (ret == 0) {
  4328. ret = wc_Sha3_512_Final(&sha3, hash);
  4329. if (ret == 0 && XMEMCMP(hash, hashRet, WC_SHA3_512_DIGEST_SIZE) != 0) {
  4330. ret = WOLFSSL_FATAL_ERROR;
  4331. }
  4332. }
  4333. if (ret == 0) {
  4334. /* Test bad args. */
  4335. ret = wc_Sha3_512_GetHash(NULL, hashRet);
  4336. if (ret == BAD_FUNC_ARG) {
  4337. ret = wc_Sha3_512_GetHash(&sha3, NULL);
  4338. }
  4339. if (ret == BAD_FUNC_ARG) {
  4340. ret = 0;
  4341. } else if (ret == 0) {
  4342. ret = WOLFSSL_FATAL_ERROR;
  4343. }
  4344. }
  4345. printf(resultFmt, ret == 0 ? passed : failed);
  4346. }
  4347. wc_Sha3_512_Free(&sha3);
  4348. #endif
  4349. return ret;
  4350. } /* END test_wc_Sha3_512_Final */
  4351. /*
  4352. * Testing wc_Sha3_224_Copy()
  4353. */
  4354. static int test_wc_Sha3_224_Copy (void)
  4355. {
  4356. int ret = 0;
  4357. #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
  4358. wc_Sha3 sha3, sha3Cpy;
  4359. const char* msg = "Everyone gets Friday off.";
  4360. word32 msglen = (word32)XSTRLEN(msg);
  4361. byte hash[WC_SHA3_224_DIGEST_SIZE];
  4362. byte hashCpy[WC_SHA3_224_DIGEST_SIZE];
  4363. XMEMSET(hash, 0, sizeof(hash));
  4364. XMEMSET(hashCpy, 0, sizeof(hashCpy));
  4365. printf(testingFmt, "wc_Sha3_224_Copy()");
  4366. ret = wc_InitSha3_224(&sha3, HEAP_HINT, devId);
  4367. if (ret != 0) {
  4368. return ret;
  4369. }
  4370. ret = wc_InitSha3_224(&sha3Cpy, HEAP_HINT, devId);
  4371. if (ret != 0) {
  4372. wc_Sha3_224_Free(&sha3);
  4373. return ret;
  4374. }
  4375. ret = wc_Sha3_224_Update(&sha3, (byte*)msg, msglen);
  4376. if (ret == 0) {
  4377. ret = wc_Sha3_224_Copy(&sha3Cpy, &sha3);
  4378. if (ret == 0) {
  4379. ret = wc_Sha3_224_Final(&sha3, hash);
  4380. if (ret == 0) {
  4381. ret = wc_Sha3_224_Final(&sha3Cpy, hashCpy);
  4382. }
  4383. }
  4384. if (ret == 0 && XMEMCMP(hash, hashCpy, sizeof(hash)) != 0) {
  4385. ret = WOLFSSL_FATAL_ERROR;
  4386. }
  4387. }
  4388. /* Test bad args. */
  4389. if (ret == 0) {
  4390. ret = wc_Sha3_224_Copy(NULL, &sha3);
  4391. if (ret == BAD_FUNC_ARG) {
  4392. ret = wc_Sha3_224_Copy(&sha3Cpy, NULL);
  4393. }
  4394. if (ret == BAD_FUNC_ARG) {
  4395. ret = 0;
  4396. } else if (ret == 0) {
  4397. ret = WOLFSSL_FATAL_ERROR;
  4398. }
  4399. }
  4400. printf(resultFmt, ret == 0 ? passed : failed);
  4401. #endif
  4402. return ret;
  4403. } /* END test_wc_Sha3_224_Copy */
  4404. /*
  4405. * Testing wc_Sha3_256_Copy()
  4406. */
  4407. static int test_wc_Sha3_256_Copy (void)
  4408. {
  4409. int ret = 0;
  4410. #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
  4411. wc_Sha3 sha3, sha3Cpy;
  4412. const char* msg = "Everyone gets Friday off.";
  4413. word32 msglen = (word32)XSTRLEN(msg);
  4414. byte hash[WC_SHA3_256_DIGEST_SIZE];
  4415. byte hashCpy[WC_SHA3_256_DIGEST_SIZE];
  4416. XMEMSET(hash, 0, sizeof(hash));
  4417. XMEMSET(hashCpy, 0, sizeof(hashCpy));
  4418. printf(testingFmt, "wc_Sha3_256_Copy()");
  4419. ret = wc_InitSha3_256(&sha3, HEAP_HINT, devId);
  4420. if (ret != 0) {
  4421. return ret;
  4422. }
  4423. ret = wc_InitSha3_256(&sha3Cpy, HEAP_HINT, devId);
  4424. if (ret != 0) {
  4425. wc_Sha3_256_Free(&sha3);
  4426. return ret;
  4427. }
  4428. ret = wc_Sha3_256_Update(&sha3, (byte*)msg, msglen);
  4429. if (ret == 0) {
  4430. ret = wc_Sha3_256_Copy(&sha3Cpy, &sha3);
  4431. if (ret == 0) {
  4432. ret = wc_Sha3_256_Final(&sha3, hash);
  4433. if (ret == 0) {
  4434. ret = wc_Sha3_256_Final(&sha3Cpy, hashCpy);
  4435. }
  4436. }
  4437. if (ret == 0 && XMEMCMP(hash, hashCpy, sizeof(hash)) != 0) {
  4438. ret = WOLFSSL_FATAL_ERROR;
  4439. }
  4440. }
  4441. /* Test bad args. */
  4442. if (ret == 0) {
  4443. ret = wc_Sha3_256_Copy(NULL, &sha3);
  4444. if (ret == BAD_FUNC_ARG) {
  4445. ret = wc_Sha3_256_Copy(&sha3Cpy, NULL);
  4446. }
  4447. if (ret == BAD_FUNC_ARG) {
  4448. ret = 0;
  4449. } else if (ret == 0) {
  4450. ret = WOLFSSL_FATAL_ERROR;
  4451. }
  4452. }
  4453. printf(resultFmt, ret == 0 ? passed : failed);
  4454. #endif
  4455. return ret;
  4456. } /* END test_wc_Sha3_256_Copy */
  4457. /*
  4458. * Testing wc_Sha3_384_Copy()
  4459. */
  4460. static int test_wc_Sha3_384_Copy (void)
  4461. {
  4462. int ret = 0;
  4463. #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
  4464. wc_Sha3 sha3, sha3Cpy;
  4465. const char* msg = "Everyone gets Friday off.";
  4466. word32 msglen = (word32)XSTRLEN(msg);
  4467. byte hash[WC_SHA3_384_DIGEST_SIZE];
  4468. byte hashCpy[WC_SHA3_384_DIGEST_SIZE];
  4469. XMEMSET(hash, 0, sizeof(hash));
  4470. XMEMSET(hashCpy, 0, sizeof(hashCpy));
  4471. printf(testingFmt, "wc_Sha3_384_Copy()");
  4472. ret = wc_InitSha3_384(&sha3, HEAP_HINT, devId);
  4473. if (ret != 0) {
  4474. return ret;
  4475. }
  4476. ret = wc_InitSha3_384(&sha3Cpy, HEAP_HINT, devId);
  4477. if (ret != 0) {
  4478. wc_Sha3_384_Free(&sha3);
  4479. return ret;
  4480. }
  4481. ret = wc_Sha3_384_Update(&sha3, (byte*)msg, msglen);
  4482. if (ret == 0) {
  4483. ret = wc_Sha3_384_Copy(&sha3Cpy, &sha3);
  4484. if (ret == 0) {
  4485. ret = wc_Sha3_384_Final(&sha3, hash);
  4486. if (ret == 0) {
  4487. ret = wc_Sha3_384_Final(&sha3Cpy, hashCpy);
  4488. }
  4489. }
  4490. if (ret == 0 && XMEMCMP(hash, hashCpy, sizeof(hash)) != 0) {
  4491. ret = WOLFSSL_FATAL_ERROR;
  4492. }
  4493. }
  4494. /* Test bad args. */
  4495. if (ret == 0) {
  4496. ret = wc_Sha3_384_Copy(NULL, &sha3);
  4497. if (ret == BAD_FUNC_ARG) {
  4498. ret = wc_Sha3_384_Copy(&sha3Cpy, NULL);
  4499. }
  4500. if (ret == BAD_FUNC_ARG) {
  4501. ret = 0;
  4502. } else if (ret == 0) {
  4503. ret = WOLFSSL_FATAL_ERROR;
  4504. }
  4505. }
  4506. printf(resultFmt, ret == 0 ? passed : failed);
  4507. #endif
  4508. return ret;
  4509. } /* END test_wc_Sha3_384_Copy */
  4510. /*
  4511. * Testing wc_Sha3_512_Copy()
  4512. */
  4513. static int test_wc_Sha3_512_Copy (void)
  4514. {
  4515. int ret = 0;
  4516. #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512)
  4517. wc_Sha3 sha3, sha3Cpy;
  4518. const char* msg = "Everyone gets Friday off.";
  4519. word32 msglen = (word32)XSTRLEN(msg);
  4520. byte hash[WC_SHA3_512_DIGEST_SIZE];
  4521. byte hashCpy[WC_SHA3_512_DIGEST_SIZE];
  4522. XMEMSET(hash, 0, sizeof(hash));
  4523. XMEMSET(hashCpy, 0, sizeof(hashCpy));
  4524. printf(testingFmt, "wc_Sha3_512_Copy()");
  4525. ret = wc_InitSha3_512(&sha3, HEAP_HINT, devId);
  4526. if (ret != 0) {
  4527. return ret;
  4528. }
  4529. ret = wc_InitSha3_512(&sha3Cpy, HEAP_HINT, devId);
  4530. if (ret != 0) {
  4531. wc_Sha3_512_Free(&sha3);
  4532. return ret;
  4533. }
  4534. ret = wc_Sha3_512_Update(&sha3, (byte*)msg, msglen);
  4535. if (ret == 0) {
  4536. ret = wc_Sha3_512_Copy(&sha3Cpy, &sha3);
  4537. if (ret == 0) {
  4538. ret = wc_Sha3_512_Final(&sha3, hash);
  4539. if (ret == 0) {
  4540. ret = wc_Sha3_512_Final(&sha3Cpy, hashCpy);
  4541. }
  4542. }
  4543. if (ret == 0 && XMEMCMP(hash, hashCpy, sizeof(hash)) != 0) {
  4544. ret = WOLFSSL_FATAL_ERROR;
  4545. }
  4546. }
  4547. /* Test bad args. */
  4548. if (ret == 0) {
  4549. ret = wc_Sha3_512_Copy(NULL, &sha3);
  4550. if (ret == BAD_FUNC_ARG) {
  4551. ret = wc_Sha3_512_Copy(&sha3Cpy, NULL);
  4552. }
  4553. if (ret == BAD_FUNC_ARG) {
  4554. ret = 0;
  4555. } else if (ret == 0) {
  4556. ret = WOLFSSL_FATAL_ERROR;
  4557. }
  4558. }
  4559. printf(resultFmt, ret == 0 ? passed : failed);
  4560. #endif
  4561. return ret;
  4562. } /* END test_wc_Sha3_512_Copy */
  4563. /*
  4564. * unit test for wc_IdeaSetKey()
  4565. */
  4566. static int test_wc_IdeaSetKey (void)
  4567. {
  4568. int ret = 0;
  4569. #ifdef HAVE_IDEA
  4570. Idea idea;
  4571. const byte key[] =
  4572. {
  4573. 0x37, 0x37, 0x37, 0x37, 0x37, 0x37, 0x37, 0x37,
  4574. 0x37, 0x37, 0x37, 0x37, 0x37, 0x37, 0x37, 0x37
  4575. };
  4576. int flag = 0;
  4577. printf(testingFmt, "wc_IdeaSetKey()");
  4578. /*IV can be NULL, default value is 0*/
  4579. ret = wc_IdeaSetKey(&idea, key, IDEA_KEY_SIZE, NULL, IDEA_ENCRYPTION);
  4580. if (ret == 0) {
  4581. ret = wc_IdeaSetKey(&idea, key, IDEA_KEY_SIZE, NULL, IDEA_DECRYPTION);
  4582. }
  4583. /* Bad args. */
  4584. if (ret == 0) {
  4585. ret = wc_IdeaSetKey(NULL, key, IDEA_KEY_SIZE, NULL, IDEA_ENCRYPTION);
  4586. if (ret != BAD_FUNC_ARG) {
  4587. flag = 1;
  4588. }
  4589. ret = wc_IdeaSetKey(&idea, NULL, IDEA_KEY_SIZE, NULL, IDEA_ENCRYPTION);
  4590. if (ret != BAD_FUNC_ARG) {
  4591. flag = 1;
  4592. }
  4593. ret = wc_IdeaSetKey(&idea, key, IDEA_KEY_SIZE - 1,
  4594. NULL, IDEA_ENCRYPTION);
  4595. if (ret != BAD_FUNC_ARG) {
  4596. flag = 1;
  4597. }
  4598. ret = wc_IdeaSetKey(&idea, key, IDEA_KEY_SIZE, NULL, -1);
  4599. if (ret != BAD_FUNC_ARG) {
  4600. flag = 1;
  4601. }
  4602. if (flag == 1) {
  4603. ret = WOLFSSL_FATAL_ERROR;
  4604. } else {
  4605. ret = 0;
  4606. }
  4607. } /* END Test Bad Args. */
  4608. printf(resultFmt, ret == 0 ? passed : failed);
  4609. #endif
  4610. return ret;
  4611. } /* END test_wc_IdeaSetKey */
  4612. /*
  4613. * Unit test for wc_IdeaSetIV()
  4614. */
  4615. static int test_wc_IdeaSetIV (void)
  4616. {
  4617. int ret = 0;
  4618. #ifdef HAVE_IDEA
  4619. Idea idea;
  4620. printf(testingFmt, "wc_IdeaSetIV()");
  4621. ret = wc_IdeaSetIV(&idea, NULL);
  4622. /* Test bad args. */
  4623. if (ret == 0) {
  4624. ret = wc_IdeaSetIV(NULL, NULL);
  4625. if (ret == BAD_FUNC_ARG) {
  4626. ret = 0;
  4627. } else {
  4628. ret = WOLFSSL_FATAL_ERROR;
  4629. }
  4630. }
  4631. printf(resultFmt, ret == 0 ? passed : failed);
  4632. #endif
  4633. return ret;
  4634. } /* END test_wc_IdeaSetIV */
  4635. /*
  4636. * Unit test for wc_IdeaCipher()
  4637. */
  4638. static int test_wc_IdeaCipher (void)
  4639. {
  4640. int ret = 0;
  4641. #ifdef HAVE_IDEA
  4642. Idea idea;
  4643. const byte key[] =
  4644. {
  4645. 0x2B, 0xD6, 0x45, 0x9F, 0x82, 0xC5, 0xB3, 0x00,
  4646. 0x95, 0x2C, 0x49, 0x10, 0x48, 0x81, 0xFF, 0x48
  4647. };
  4648. const byte plain[] =
  4649. {
  4650. 0x37, 0x37, 0x37, 0x37, 0x37, 0x37, 0x37, 0x37
  4651. };
  4652. byte enc[sizeof(plain)];
  4653. byte dec[sizeof(enc)];
  4654. printf(testingFmt, "wc_IdeaCipher()");
  4655. ret = wc_IdeaSetKey(&idea, key, IDEA_KEY_SIZE, NULL, IDEA_ENCRYPTION);
  4656. if (ret == 0) {
  4657. ret = wc_IdeaCipher(&idea, enc, plain);
  4658. if (ret != 0) {
  4659. ret = WOLFSSL_FATAL_ERROR;
  4660. }
  4661. }
  4662. if (ret == 0) {
  4663. ret = wc_IdeaSetKey(&idea, key, IDEA_KEY_SIZE, NULL, IDEA_DECRYPTION);
  4664. if (ret == 0) {
  4665. ret = wc_IdeaCipher(&idea, dec, enc);
  4666. }
  4667. if (ret == 0) {
  4668. ret = XMEMCMP(plain, dec, IDEA_BLOCK_SIZE);
  4669. }
  4670. if (ret != 0) {
  4671. ret = WOLFSSL_FATAL_ERROR;
  4672. }
  4673. }
  4674. /* Pass Bad Args. */
  4675. if (ret == 0) {
  4676. ret = wc_IdeaCipher(NULL, enc, dec);
  4677. if (ret == BAD_FUNC_ARG) {
  4678. ret = wc_IdeaCipher(&idea, NULL, dec);
  4679. }
  4680. if (ret == BAD_FUNC_ARG) {
  4681. ret = wc_IdeaCipher(&idea, enc, NULL);
  4682. }
  4683. if (ret == BAD_FUNC_ARG) {
  4684. ret = 0;
  4685. } else {
  4686. ret = WOLFSSL_FATAL_ERROR;
  4687. }
  4688. }
  4689. printf(resultFmt, ret == 0 ? passed : failed);
  4690. #endif
  4691. return ret;
  4692. } /* END test_wc_IdeaCipher */
  4693. /*
  4694. * Unit test for functions wc_IdeaCbcEncrypt and wc_IdeaCbcDecrypt
  4695. */
  4696. static int test_wc_IdeaCbcEncyptDecrypt (void)
  4697. {
  4698. int ret = 0;
  4699. #ifdef HAVE_IDEA
  4700. Idea idea;
  4701. const byte key[] =
  4702. {
  4703. 0x37, 0x37, 0x37, 0x37, 0x37, 0x37, 0x37, 0x37,
  4704. 0x37, 0x37, 0x37, 0x37, 0x37, 0x37, 0x37, 0x37
  4705. };
  4706. const char* message = "International Data Encryption Algorithm";
  4707. byte msg_enc[40];
  4708. byte msg_dec[40];
  4709. printf(testingFmt, "wc_IdeaCbcEncrypt()");
  4710. ret = wc_IdeaSetKey(&idea, key, sizeof(key), NULL, IDEA_ENCRYPTION);
  4711. if (ret == 0) {
  4712. ret = wc_IdeaCbcEncrypt(&idea, msg_enc, (byte *)message,
  4713. (word32)XSTRLEN(message) + 1);
  4714. }
  4715. if (ret == 0) {
  4716. ret = wc_IdeaSetKey(&idea, key, sizeof(key), NULL, IDEA_DECRYPTION);
  4717. }
  4718. if (ret == 0) {
  4719. ret = wc_IdeaCbcDecrypt(&idea, msg_dec, msg_enc,
  4720. (word32)XSTRLEN(message) + 1);
  4721. if (XMEMCMP(message, msg_dec, (word32)XSTRLEN(message))) {
  4722. ret = WOLFSSL_FATAL_ERROR;
  4723. }
  4724. }
  4725. /* Test bad args. Enc */
  4726. if (ret == 0) {
  4727. ret = wc_IdeaCbcEncrypt(NULL, msg_enc, (byte*)message,
  4728. (word32)XSTRLEN(message) + 1);
  4729. if (ret == BAD_FUNC_ARG) {
  4730. ret = wc_IdeaCbcEncrypt(&idea, NULL, (byte*)message,
  4731. (word32)XSTRLEN(message) + 1);
  4732. }
  4733. if (ret == BAD_FUNC_ARG) {
  4734. ret = wc_IdeaCbcEncrypt(&idea, msg_enc, NULL,
  4735. (word32)XSTRLEN(message) + 1);
  4736. }
  4737. if (ret != BAD_FUNC_ARG) {
  4738. ret = WOLFSSL_FATAL_ERROR;
  4739. } else {
  4740. ret = 0;
  4741. }
  4742. } /* END test bad args ENC */
  4743. /* Test bad args DEC */
  4744. if (ret == 0) {
  4745. ret = wc_IdeaCbcDecrypt(NULL, msg_dec, msg_enc,
  4746. (word32)XSTRLEN(message) + 1);
  4747. if (ret == BAD_FUNC_ARG) {
  4748. ret = wc_IdeaCbcDecrypt(&idea, NULL, msg_enc,
  4749. (word32)XSTRLEN(message) + 1);
  4750. }
  4751. if (ret == BAD_FUNC_ARG) {
  4752. ret = wc_IdeaCbcDecrypt(&idea, msg_dec, NULL,
  4753. (word32)XSTRLEN(message) + 1);
  4754. }
  4755. if (ret != BAD_FUNC_ARG) {
  4756. ret = WOLFSSL_FATAL_ERROR;
  4757. } else {
  4758. ret = 0;
  4759. }
  4760. }
  4761. printf(resultFmt, ret == 0 ? passed : failed);
  4762. #endif
  4763. return ret;
  4764. } /* END test_wc_IdeaCbcEncryptDecrypt */
  4765. /*
  4766. * Test function for wc_HmacSetKey
  4767. */
  4768. static int test_wc_Md5HmacSetKey (void)
  4769. {
  4770. int flag = 0;
  4771. #if !defined(NO_HMAC) && !defined(NO_MD5)
  4772. Hmac hmac;
  4773. int ret, times, itr;
  4774. const char* keys[]=
  4775. {
  4776. "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b",
  4777. #ifndef HAVE_FIPS
  4778. "Jefe", /* smaller than minumum FIPS key size */
  4779. #endif
  4780. "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
  4781. };
  4782. times = sizeof(keys) / sizeof(char*);
  4783. flag = 0;
  4784. printf(testingFmt, "wc_HmacSetKey() with MD5");
  4785. ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
  4786. if (ret != 0)
  4787. return ret;
  4788. for (itr = 0; itr < times; itr++) {
  4789. ret = wc_HmacSetKey(&hmac, WC_MD5, (byte*)keys[itr],
  4790. (word32)XSTRLEN(keys[itr]));
  4791. if (ret != 0) {
  4792. flag = ret;
  4793. }
  4794. }
  4795. /* Bad args. */
  4796. if (!flag) {
  4797. ret = wc_HmacSetKey(NULL, WC_MD5, (byte*)keys[0],
  4798. (word32)XSTRLEN(keys[0]));
  4799. if (ret != BAD_FUNC_ARG) {
  4800. flag = WOLFSSL_FATAL_ERROR;
  4801. }
  4802. }
  4803. if (!flag) {
  4804. ret = wc_HmacSetKey(&hmac, WC_MD5, NULL, (word32)XSTRLEN(keys[0]));
  4805. if (ret != BAD_FUNC_ARG) {
  4806. flag = WOLFSSL_FATAL_ERROR;
  4807. }
  4808. }
  4809. if (!flag) {
  4810. ret = wc_HmacSetKey(&hmac, 20, (byte*)keys[0],
  4811. (word32)XSTRLEN(keys[0]));
  4812. if (ret != BAD_FUNC_ARG) {
  4813. flag = WOLFSSL_FATAL_ERROR;
  4814. }
  4815. }
  4816. if (!flag) {
  4817. ret = wc_HmacSetKey(&hmac, WC_MD5, (byte*)keys[0], 0);
  4818. #ifdef HAVE_FIPS
  4819. if (ret != HMAC_MIN_KEYLEN_E) {
  4820. flag = WOLFSSL_FATAL_ERROR;
  4821. }
  4822. #else
  4823. if (ret != 0) {
  4824. flag = WOLFSSL_FATAL_ERROR;
  4825. }
  4826. #endif
  4827. }
  4828. wc_HmacFree(&hmac);
  4829. printf(resultFmt, flag == 0 ? passed : failed);
  4830. #endif
  4831. return flag;
  4832. } /* END test_wc_Md5HmacSetKey */
  4833. /*
  4834. * testing wc_HmacSetKey() on wc_Sha hash.
  4835. */
  4836. static int test_wc_ShaHmacSetKey (void)
  4837. {
  4838. int flag = 0;
  4839. #if !defined(NO_HMAC) && !defined(NO_SHA)
  4840. Hmac hmac;
  4841. int ret, times, itr;
  4842. const char* keys[]=
  4843. {
  4844. "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
  4845. "\x0b\x0b\x0b",
  4846. #ifndef HAVE_FIPS
  4847. "Jefe", /* smaller than minumum FIPS key size */
  4848. #endif
  4849. "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
  4850. "\xAA\xAA\xAA"
  4851. };
  4852. times = sizeof(keys) / sizeof(char*);
  4853. flag = 0;
  4854. printf(testingFmt, "wc_HmacSetKey() with SHA");
  4855. ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
  4856. if (ret != 0)
  4857. return ret;
  4858. for (itr = 0; itr < times; itr++) {
  4859. ret = wc_HmacSetKey(&hmac, WC_SHA, (byte*)keys[itr],
  4860. (word32)XSTRLEN(keys[itr]));
  4861. if (ret != 0) {
  4862. flag = ret;
  4863. }
  4864. }
  4865. /* Bad args. */
  4866. if (!flag) {
  4867. ret = wc_HmacSetKey(NULL, WC_SHA, (byte*)keys[0],
  4868. (word32)XSTRLEN(keys[0]));
  4869. if (ret != BAD_FUNC_ARG) {
  4870. flag = WOLFSSL_FATAL_ERROR;
  4871. }
  4872. }
  4873. if (!flag) {
  4874. ret = wc_HmacSetKey(&hmac, WC_SHA, NULL, (word32)XSTRLEN(keys[0]));
  4875. if (ret != BAD_FUNC_ARG) {
  4876. flag = WOLFSSL_FATAL_ERROR;
  4877. }
  4878. }
  4879. if (!flag) {
  4880. ret = wc_HmacSetKey(&hmac, 20, (byte*)keys[0],
  4881. (word32)XSTRLEN(keys[0]));
  4882. if (ret != BAD_FUNC_ARG) {
  4883. flag = WOLFSSL_FATAL_ERROR;
  4884. }
  4885. }
  4886. if (!flag) {
  4887. ret = wc_HmacSetKey(&hmac, WC_SHA, (byte*)keys[0], 0);
  4888. #ifdef HAVE_FIPS
  4889. if (ret != HMAC_MIN_KEYLEN_E) {
  4890. flag = WOLFSSL_FATAL_ERROR;
  4891. }
  4892. #else
  4893. if (ret != 0) {
  4894. flag = WOLFSSL_FATAL_ERROR;
  4895. }
  4896. #endif
  4897. }
  4898. wc_HmacFree(&hmac);
  4899. printf(resultFmt, flag == 0 ? passed : failed);
  4900. #endif
  4901. return flag;
  4902. } /* END test_wc_ShaHmacSetKey() */
  4903. /*
  4904. * testing wc_HmacSetKey() on Sha224 hash.
  4905. */
  4906. static int test_wc_Sha224HmacSetKey (void)
  4907. {
  4908. int flag = 0;
  4909. #if !defined(NO_HMAC) && defined(WOLFSSL_SHA224)
  4910. Hmac hmac;
  4911. int ret, times, itr;
  4912. const char* keys[]=
  4913. {
  4914. "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
  4915. "\x0b\x0b\x0b",
  4916. #ifndef HAVE_FIPS
  4917. "Jefe", /* smaller than minumum FIPS key size */
  4918. #endif
  4919. "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
  4920. "\xAA\xAA\xAA"
  4921. };
  4922. times = sizeof(keys) / sizeof(char*);
  4923. flag = 0;
  4924. printf(testingFmt, "wc_HmacSetKey() with SHA 224");
  4925. ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
  4926. if (ret != 0)
  4927. return ret;
  4928. for (itr = 0; itr < times; itr++) {
  4929. ret = wc_HmacSetKey(&hmac, WC_SHA224, (byte*)keys[itr],
  4930. (word32)XSTRLEN(keys[itr]));
  4931. if (ret != 0) {
  4932. flag = ret;
  4933. }
  4934. }
  4935. /* Bad args. */
  4936. if (!flag) {
  4937. ret = wc_HmacSetKey(NULL, WC_SHA224, (byte*)keys[0],
  4938. (word32)XSTRLEN(keys[0]));
  4939. if (ret != BAD_FUNC_ARG) {
  4940. flag = WOLFSSL_FATAL_ERROR;
  4941. }
  4942. }
  4943. if (!flag) {
  4944. ret = wc_HmacSetKey(&hmac, WC_SHA224, NULL, (word32)XSTRLEN(keys[0]));
  4945. if (ret != BAD_FUNC_ARG) {
  4946. flag = WOLFSSL_FATAL_ERROR;
  4947. }
  4948. }
  4949. if (!flag) {
  4950. ret = wc_HmacSetKey(&hmac, 20, (byte*)keys[0],
  4951. (word32)XSTRLEN(keys[0]));
  4952. if (ret != BAD_FUNC_ARG) {
  4953. flag = WOLFSSL_FATAL_ERROR;
  4954. }
  4955. }
  4956. if (!flag) {
  4957. ret = wc_HmacSetKey(&hmac, WC_SHA224, (byte*)keys[0], 0);
  4958. #ifdef HAVE_FIPS
  4959. if (ret != HMAC_MIN_KEYLEN_E) {
  4960. flag = WOLFSSL_FATAL_ERROR;
  4961. }
  4962. #else
  4963. if (ret != 0) {
  4964. flag = WOLFSSL_FATAL_ERROR;
  4965. }
  4966. #endif
  4967. }
  4968. wc_HmacFree(&hmac);
  4969. printf(resultFmt, flag == 0 ? passed : failed);
  4970. #endif
  4971. return flag;
  4972. } /* END test_wc_Sha224HmacSetKey() */
  4973. /*
  4974. * testing wc_HmacSetKey() on Sha256 hash
  4975. */
  4976. static int test_wc_Sha256HmacSetKey (void)
  4977. {
  4978. int flag = 0;
  4979. #if !defined(NO_HMAC) && !defined(NO_SHA256)
  4980. Hmac hmac;
  4981. int ret, times, itr;
  4982. const char* keys[]=
  4983. {
  4984. "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
  4985. "\x0b\x0b\x0b",
  4986. #ifndef HAVE_FIPS
  4987. "Jefe", /* smaller than minumum FIPS key size */
  4988. #endif
  4989. "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
  4990. "\xAA\xAA\xAA"
  4991. };
  4992. times = sizeof(keys) / sizeof(char*);
  4993. flag = 0;
  4994. printf(testingFmt, "wc_HmacSetKey() with SHA256");
  4995. ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
  4996. if (ret != 0)
  4997. return ret;
  4998. for (itr = 0; itr < times; itr++) {
  4999. ret = wc_HmacSetKey(&hmac, WC_SHA256, (byte*)keys[itr],
  5000. (word32)XSTRLEN(keys[itr]));
  5001. if (ret != 0) {
  5002. flag = ret;
  5003. }
  5004. }
  5005. /* Bad args. */
  5006. if (!flag) {
  5007. ret = wc_HmacSetKey(NULL, WC_SHA256, (byte*)keys[0],
  5008. (word32)XSTRLEN(keys[0]));
  5009. if (ret != BAD_FUNC_ARG) {
  5010. flag = WOLFSSL_FATAL_ERROR;
  5011. }
  5012. }
  5013. if (!flag) {
  5014. ret = wc_HmacSetKey(&hmac, WC_SHA256, NULL, (word32)XSTRLEN(keys[0]));
  5015. if (ret != BAD_FUNC_ARG) {
  5016. flag = WOLFSSL_FATAL_ERROR;
  5017. }
  5018. }
  5019. if (!flag) {
  5020. ret = wc_HmacSetKey(&hmac, 20, (byte*)keys[0],
  5021. (word32)XSTRLEN(keys[0]));
  5022. if (ret != BAD_FUNC_ARG) {
  5023. flag = WOLFSSL_FATAL_ERROR;
  5024. }
  5025. }
  5026. if (!flag) {
  5027. ret = wc_HmacSetKey(&hmac, WC_SHA256, (byte*)keys[0], 0);
  5028. #ifdef HAVE_FIPS
  5029. if (ret != HMAC_MIN_KEYLEN_E) {
  5030. flag = WOLFSSL_FATAL_ERROR;
  5031. }
  5032. #else
  5033. if (ret != 0) {
  5034. flag = WOLFSSL_FATAL_ERROR;
  5035. }
  5036. #endif
  5037. }
  5038. wc_HmacFree(&hmac);
  5039. printf(resultFmt, flag == 0 ? passed : failed);
  5040. #endif
  5041. return flag;
  5042. } /* END test_wc_Sha256HmacSetKey() */
  5043. /*
  5044. * testing wc_HmacSetKey on Sha384 hash.
  5045. */
  5046. static int test_wc_Sha384HmacSetKey (void)
  5047. {
  5048. int flag = 0;
  5049. #if !defined(NO_HMAC) && defined(WOLFSSL_SHA384)
  5050. Hmac hmac;
  5051. int ret, times, itr;
  5052. const char* keys[]=
  5053. {
  5054. "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
  5055. "\x0b\x0b\x0b",
  5056. #ifndef HAVE_FIPS
  5057. "Jefe", /* smaller than minumum FIPS key size */
  5058. #endif
  5059. "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
  5060. "\xAA\xAA\xAA"
  5061. };
  5062. times = sizeof(keys) / sizeof(char*);
  5063. flag = 0;
  5064. printf(testingFmt, "wc_HmacSetKey() with SHA384");
  5065. ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
  5066. if (ret != 0)
  5067. return ret;
  5068. for (itr = 0; itr < times; itr++) {
  5069. ret = wc_HmacSetKey(&hmac, WC_SHA384, (byte*)keys[itr],
  5070. (word32)XSTRLEN(keys[itr]));
  5071. if (ret != 0) {
  5072. flag = ret;
  5073. }
  5074. }
  5075. /* Bad args. */
  5076. if (!flag) {
  5077. ret = wc_HmacSetKey(NULL, WC_SHA384, (byte*)keys[0],
  5078. (word32)XSTRLEN(keys[0]));
  5079. if (ret != BAD_FUNC_ARG) {
  5080. flag = WOLFSSL_FATAL_ERROR;
  5081. }
  5082. }
  5083. if (!flag) {
  5084. ret = wc_HmacSetKey(&hmac, WC_SHA384, NULL, (word32)XSTRLEN(keys[0]));
  5085. if (ret != BAD_FUNC_ARG) {
  5086. flag = WOLFSSL_FATAL_ERROR;
  5087. }
  5088. }
  5089. if (!flag) {
  5090. ret = wc_HmacSetKey(&hmac, 20, (byte*)keys[0],
  5091. (word32)XSTRLEN(keys[0]));
  5092. if (ret != BAD_FUNC_ARG) {
  5093. flag = WOLFSSL_FATAL_ERROR;
  5094. }
  5095. }
  5096. if (!flag) {
  5097. ret = wc_HmacSetKey(&hmac, WC_SHA384, (byte*)keys[0], 0);
  5098. #ifdef HAVE_FIPS
  5099. if (ret != HMAC_MIN_KEYLEN_E) {
  5100. flag = WOLFSSL_FATAL_ERROR;
  5101. }
  5102. #else
  5103. if (ret != 0) {
  5104. flag = WOLFSSL_FATAL_ERROR;
  5105. }
  5106. #endif
  5107. }
  5108. wc_HmacFree(&hmac);
  5109. printf(resultFmt, flag == 0 ? passed : failed);
  5110. #endif
  5111. return flag;
  5112. } /* END test_wc_Sha384HmacSetKey() */
  5113. /*
  5114. * testing wc_HmacUpdate on wc_Md5 hash.
  5115. */
  5116. static int test_wc_Md5HmacUpdate (void)
  5117. {
  5118. int flag = 0;
  5119. #if !defined(NO_HMAC) && !defined(NO_MD5)
  5120. Hmac hmac;
  5121. testVector a, b;
  5122. int ret;
  5123. #ifdef HAVE_FIPS
  5124. const char* keys =
  5125. "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
  5126. #else
  5127. const char* keys = "Jefe";
  5128. #endif
  5129. a.input = "what do ya want for nothing?";
  5130. a.inLen = XSTRLEN(a.input);
  5131. b.input = "Hi There";
  5132. b.inLen = XSTRLEN(b.input);
  5133. flag = 0;
  5134. printf(testingFmt, "wc_HmacUpdate() with MD5");
  5135. ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
  5136. if (ret != 0)
  5137. return ret;
  5138. ret = wc_HmacSetKey(&hmac, WC_MD5, (byte*)keys, (word32)XSTRLEN(keys));
  5139. if (ret != 0) {
  5140. flag = ret;
  5141. }
  5142. if (!flag) {
  5143. ret = wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen);
  5144. if (ret != 0) {
  5145. flag = ret;
  5146. }
  5147. }
  5148. /* Update Hmac. */
  5149. if (!flag) {
  5150. ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
  5151. if (ret != 0) {
  5152. flag = ret;
  5153. }
  5154. }
  5155. /* Test bad args. */
  5156. if (!flag) {
  5157. ret = wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen);
  5158. if (ret != BAD_FUNC_ARG) {
  5159. flag = WOLFSSL_FATAL_ERROR;
  5160. }
  5161. }
  5162. if (!flag) {
  5163. ret = wc_HmacUpdate(&hmac, NULL, (word32)a.inLen);
  5164. if (ret != BAD_FUNC_ARG) {
  5165. flag = WOLFSSL_FATAL_ERROR;
  5166. }
  5167. }
  5168. if (!flag) {
  5169. ret = wc_HmacUpdate(&hmac, (byte*)a.input, 0);
  5170. if (ret != 0) {
  5171. flag = ret;
  5172. }
  5173. }
  5174. wc_HmacFree(&hmac);
  5175. printf(resultFmt, flag == 0 ? passed : failed);
  5176. #endif
  5177. return flag;
  5178. } /* END test_wc_Md5HmacUpdate */
  5179. /*
  5180. * testing wc_HmacUpdate on SHA hash.
  5181. */
  5182. static int test_wc_ShaHmacUpdate (void)
  5183. {
  5184. int flag = 0;
  5185. #if !defined(NO_HMAC) && !defined(NO_SHA)
  5186. Hmac hmac;
  5187. testVector a, b;
  5188. int ret;
  5189. #ifdef HAVE_FIPS
  5190. const char* keys =
  5191. "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
  5192. #else
  5193. const char* keys = "Jefe";
  5194. #endif
  5195. a.input = "what do ya want for nothing?";
  5196. a.inLen = XSTRLEN(a.input);
  5197. b.input = "Hi There";
  5198. b.inLen = XSTRLEN(b.input);
  5199. flag = 0;
  5200. printf(testingFmt, "wc_HmacUpdate() with SHA");
  5201. ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
  5202. if (ret != 0)
  5203. return ret;
  5204. ret = wc_HmacSetKey(&hmac, WC_SHA, (byte*)keys, (word32)XSTRLEN(keys));
  5205. if (ret != 0) {
  5206. flag = ret;
  5207. }
  5208. if (!flag) {
  5209. ret = wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen);
  5210. if (ret != 0) {
  5211. flag = ret;
  5212. }
  5213. }
  5214. /* Update Hmac. */
  5215. if (!flag) {
  5216. ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
  5217. if (ret != 0) {
  5218. flag = ret;
  5219. }
  5220. }
  5221. /* Test bad args. */
  5222. if (!flag) {
  5223. ret = wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen);
  5224. if (ret != BAD_FUNC_ARG) {
  5225. flag = WOLFSSL_FATAL_ERROR;
  5226. }
  5227. }
  5228. if (!flag) {
  5229. ret = wc_HmacUpdate(&hmac, NULL, (word32)a.inLen);
  5230. if (ret != BAD_FUNC_ARG) {
  5231. flag = WOLFSSL_FATAL_ERROR;
  5232. }
  5233. }
  5234. if (!flag) {
  5235. ret = wc_HmacUpdate(&hmac, (byte*)a.input, 0);
  5236. if (ret != 0) {
  5237. flag = ret;
  5238. }
  5239. }
  5240. wc_HmacFree(&hmac);
  5241. printf(resultFmt, flag == 0 ? passed : failed);
  5242. #endif
  5243. return flag;
  5244. } /* END test_wc_ShaHmacUpdate */
  5245. /*
  5246. * testing wc_HmacUpdate on SHA224 hash.
  5247. */
  5248. static int test_wc_Sha224HmacUpdate (void)
  5249. {
  5250. int flag = 0;
  5251. #if !defined(NO_HMAC) && defined(WOLFSSL_SHA224)
  5252. Hmac hmac;
  5253. testVector a, b;
  5254. int ret;
  5255. #ifdef HAVE_FIPS
  5256. const char* keys =
  5257. "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
  5258. #else
  5259. const char* keys = "Jefe";
  5260. #endif
  5261. a.input = "what do ya want for nothing?";
  5262. a.inLen = XSTRLEN(a.input);
  5263. b.input = "Hi There";
  5264. b.inLen = XSTRLEN(b.input);
  5265. flag = 0;
  5266. printf(testingFmt, "wc_HmacUpdate() with SHA224");
  5267. ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
  5268. if (ret != 0)
  5269. return ret;
  5270. ret = wc_HmacSetKey(&hmac, WC_SHA224, (byte*)keys, (word32)XSTRLEN(keys));
  5271. if (ret != 0) {
  5272. flag = ret;
  5273. }
  5274. if (!flag) {
  5275. ret = wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen);
  5276. if (ret != 0) {
  5277. flag = ret;
  5278. }
  5279. }
  5280. /* Update Hmac. */
  5281. if (!flag) {
  5282. ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
  5283. if (ret != 0) {
  5284. flag = ret;
  5285. }
  5286. }
  5287. /* Test bad args. */
  5288. if (!flag) {
  5289. ret = wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen);
  5290. if (ret != BAD_FUNC_ARG) {
  5291. flag = WOLFSSL_FATAL_ERROR;
  5292. }
  5293. }
  5294. if (!flag) {
  5295. ret = wc_HmacUpdate(&hmac, NULL, (word32)a.inLen);
  5296. if (ret != BAD_FUNC_ARG) {
  5297. flag = WOLFSSL_FATAL_ERROR;
  5298. }
  5299. }
  5300. if (!flag) {
  5301. ret = wc_HmacUpdate(&hmac, (byte*)a.input, 0);
  5302. if (ret != 0) {
  5303. flag = ret;
  5304. }
  5305. }
  5306. wc_HmacFree(&hmac);
  5307. printf(resultFmt, flag == 0 ? passed : failed);
  5308. #endif
  5309. return flag;
  5310. } /* END test_wc_Sha224HmacUpdate */
  5311. /*
  5312. * testing wc_HmacUpdate on SHA256 hash.
  5313. */
  5314. static int test_wc_Sha256HmacUpdate (void)
  5315. {
  5316. int flag = 0;
  5317. #if !defined(NO_HMAC) && !defined(NO_SHA256)
  5318. Hmac hmac;
  5319. testVector a, b;
  5320. int ret;
  5321. #ifdef HAVE_FIPS
  5322. const char* keys =
  5323. "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
  5324. #else
  5325. const char* keys = "Jefe";
  5326. #endif
  5327. a.input = "what do ya want for nothing?";
  5328. a.inLen = XSTRLEN(a.input);
  5329. b.input = "Hi There";
  5330. b.inLen = XSTRLEN(b.input);
  5331. flag = 0;
  5332. printf(testingFmt, "wc_HmacUpdate() with WC_SHA256");
  5333. ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
  5334. if (ret != 0)
  5335. return ret;
  5336. ret = wc_HmacSetKey(&hmac, WC_SHA256, (byte*)keys, (word32)XSTRLEN(keys));
  5337. if (ret != 0) {
  5338. flag = ret;
  5339. }
  5340. if (!flag) {
  5341. ret = wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen);
  5342. if (ret != 0) {
  5343. flag = ret;
  5344. }
  5345. }
  5346. /* Update Hmac. */
  5347. if (!flag) {
  5348. ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
  5349. if (ret != 0) {
  5350. flag = ret;
  5351. }
  5352. }
  5353. /* Test bad args. */
  5354. if (!flag) {
  5355. ret = wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen);
  5356. if (ret != BAD_FUNC_ARG) {
  5357. flag = WOLFSSL_FATAL_ERROR;
  5358. }
  5359. }
  5360. if (!flag) {
  5361. ret = wc_HmacUpdate(&hmac, NULL, (word32)a.inLen);
  5362. if (ret != BAD_FUNC_ARG) {
  5363. flag = WOLFSSL_FATAL_ERROR;
  5364. }
  5365. }
  5366. if (!flag) {
  5367. ret = wc_HmacUpdate(&hmac, (byte*)a.input, 0);
  5368. if (ret != 0) {
  5369. flag = ret;
  5370. }
  5371. }
  5372. wc_HmacFree(&hmac);
  5373. printf(resultFmt, flag == 0 ? passed : failed);
  5374. #endif
  5375. return flag;
  5376. } /* END test_wc_Sha256HmacUpdate */
  5377. /*
  5378. * testing wc_HmacUpdate on SHA384 hash.
  5379. */
  5380. static int test_wc_Sha384HmacUpdate (void)
  5381. {
  5382. int flag = 0;
  5383. #if !defined(NO_HMAC) && defined(WOLFSSL_SHA384)
  5384. Hmac hmac;
  5385. testVector a, b;
  5386. int ret;
  5387. #ifdef HAVE_FIPS
  5388. const char* keys =
  5389. "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
  5390. #else
  5391. const char* keys = "Jefe";
  5392. #endif
  5393. a.input = "what do ya want for nothing?";
  5394. a.inLen = XSTRLEN(a.input);
  5395. b.input = "Hi There";
  5396. b.inLen = XSTRLEN(b.input);
  5397. flag = 0;
  5398. printf(testingFmt, "wc_HmacUpdate() with SHA384");
  5399. ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
  5400. if (ret != 0)
  5401. return ret;
  5402. ret = wc_HmacSetKey(&hmac, WC_SHA384, (byte*)keys, (word32)XSTRLEN(keys));
  5403. if (ret != 0) {
  5404. flag = ret;
  5405. }
  5406. if (!flag) {
  5407. ret = wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen);
  5408. if (ret != 0) {
  5409. flag = ret;
  5410. }
  5411. }
  5412. /* Update Hmac. */
  5413. if (!flag) {
  5414. ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
  5415. if (ret != 0) {
  5416. flag = ret;
  5417. }
  5418. }
  5419. /* Test bad args. */
  5420. if (!flag) {
  5421. ret = wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen);
  5422. if (ret != BAD_FUNC_ARG) {
  5423. flag = WOLFSSL_FATAL_ERROR;
  5424. }
  5425. }
  5426. if (!flag) {
  5427. ret = wc_HmacUpdate(&hmac, NULL, (word32)a.inLen);
  5428. if (ret != BAD_FUNC_ARG) {
  5429. flag = WOLFSSL_FATAL_ERROR;
  5430. }
  5431. }
  5432. if (!flag) {
  5433. ret = wc_HmacUpdate(&hmac, (byte*)a.input, 0);
  5434. if (ret != 0) {
  5435. flag = ret;
  5436. }
  5437. }
  5438. wc_HmacFree(&hmac);
  5439. printf(resultFmt, flag == 0 ? passed : failed);
  5440. #endif
  5441. return flag;
  5442. } /* END test_wc_Sha384HmacUpdate */
  5443. /*
  5444. * Testing wc_HmacFinal() with MD5
  5445. */
  5446. static int test_wc_Md5HmacFinal (void)
  5447. {
  5448. int flag = 0;
  5449. #if !defined(NO_HMAC) && !defined(NO_MD5)
  5450. Hmac hmac;
  5451. byte hash[WC_MD5_DIGEST_SIZE];
  5452. testVector a;
  5453. int ret;
  5454. const char* key;
  5455. key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
  5456. a.input = "Hi There";
  5457. a.output = "\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc"
  5458. "\x9d";
  5459. a.inLen = XSTRLEN(a.input);
  5460. a.outLen = XSTRLEN(a.output);
  5461. flag = 0;
  5462. printf(testingFmt, "wc_HmacFinal() with MD5");
  5463. ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
  5464. if (ret != 0)
  5465. return ret;
  5466. ret = wc_HmacSetKey(&hmac, WC_MD5, (byte*)key, (word32)XSTRLEN(key));
  5467. if (ret != 0) {
  5468. flag = ret;
  5469. }
  5470. if (!flag) {
  5471. ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
  5472. if (ret != 0) {
  5473. flag = ret;
  5474. }
  5475. }
  5476. if (!flag) {
  5477. ret = wc_HmacFinal(&hmac, hash);
  5478. if (ret != 0) {
  5479. flag = ret;
  5480. }
  5481. }
  5482. if (!flag) {
  5483. if (XMEMCMP(hash, a.output, WC_MD5_DIGEST_SIZE) != 0) {
  5484. flag = WOLFSSL_FATAL_ERROR;
  5485. }
  5486. }
  5487. /* Try bad parameters. */
  5488. if (!flag) {
  5489. ret = wc_HmacFinal(NULL, hash);
  5490. if (ret != BAD_FUNC_ARG) {
  5491. flag = WOLFSSL_FATAL_ERROR;
  5492. }
  5493. }
  5494. #ifndef HAVE_FIPS
  5495. if (!flag) {
  5496. ret = wc_HmacFinal(&hmac, NULL);
  5497. if (ret != BAD_FUNC_ARG) {
  5498. flag = WOLFSSL_FATAL_ERROR;
  5499. }
  5500. }
  5501. #endif
  5502. wc_HmacFree(&hmac);
  5503. printf(resultFmt, flag == 0 ? passed : failed);
  5504. #endif
  5505. return flag;
  5506. } /* END test_wc_Md5HmacFinal */
  5507. /*
  5508. * Testing wc_HmacFinal() with SHA
  5509. */
  5510. static int test_wc_ShaHmacFinal (void)
  5511. {
  5512. int flag = 0;
  5513. #if !defined(NO_HMAC) && !defined(NO_SHA)
  5514. Hmac hmac;
  5515. byte hash[WC_SHA_DIGEST_SIZE];
  5516. testVector a;
  5517. int ret;
  5518. const char* key;
  5519. key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
  5520. "\x0b\x0b\x0b";
  5521. a.input = "Hi There";
  5522. a.output = "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c"
  5523. "\x8e\xf1\x46\xbe\x00";
  5524. a.inLen = XSTRLEN(a.input);
  5525. a.outLen = XSTRLEN(a.output);
  5526. flag = 0;
  5527. printf(testingFmt, "wc_HmacFinal() with SHA");
  5528. ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
  5529. if (ret != 0)
  5530. return ret;
  5531. ret = wc_HmacSetKey(&hmac, WC_SHA, (byte*)key, (word32)XSTRLEN(key));
  5532. if (ret != 0) {
  5533. flag = ret;
  5534. }
  5535. if (!flag) {
  5536. ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
  5537. if (ret != 0) {
  5538. flag = ret;
  5539. }
  5540. }
  5541. if (!flag) {
  5542. ret = wc_HmacFinal(&hmac, hash);
  5543. if (ret != 0) {
  5544. flag = ret;
  5545. }
  5546. }
  5547. if (!flag) {
  5548. if (XMEMCMP(hash, a.output, WC_SHA_DIGEST_SIZE) != 0) {
  5549. flag = WOLFSSL_FATAL_ERROR;
  5550. }
  5551. }
  5552. /* Try bad parameters. */
  5553. if (!flag) {
  5554. ret = wc_HmacFinal(NULL, hash);
  5555. if (ret != BAD_FUNC_ARG) {
  5556. flag = WOLFSSL_FATAL_ERROR;
  5557. }
  5558. }
  5559. #ifndef HAVE_FIPS
  5560. if (!flag) {
  5561. ret = wc_HmacFinal(&hmac, NULL);
  5562. if (ret != BAD_FUNC_ARG) {
  5563. flag = WOLFSSL_FATAL_ERROR;
  5564. }
  5565. }
  5566. #endif
  5567. wc_HmacFree(&hmac);
  5568. printf(resultFmt, flag == 0 ? passed : failed);
  5569. #endif
  5570. return flag;
  5571. } /* END test_wc_ShaHmacFinal */
  5572. /*
  5573. * Testing wc_HmacFinal() with SHA224
  5574. */
  5575. static int test_wc_Sha224HmacFinal (void)
  5576. {
  5577. int flag = 0;
  5578. #if !defined(NO_HMAC) && defined(WOLFSSL_SHA224)
  5579. Hmac hmac;
  5580. byte hash[WC_SHA224_DIGEST_SIZE];
  5581. testVector a;
  5582. int ret;
  5583. const char* key;
  5584. key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
  5585. "\x0b\x0b\x0b";
  5586. a.input = "Hi There";
  5587. a.output = "\x89\x6f\xb1\x12\x8a\xbb\xdf\x19\x68\x32\x10\x7c\xd4\x9d\xf3"
  5588. "\x3f\x47\xb4\xb1\x16\x99\x12\xba\x4f\x53\x68\x4b\x22";
  5589. a.inLen = XSTRLEN(a.input);
  5590. a.outLen = XSTRLEN(a.output);
  5591. flag = 0;
  5592. printf(testingFmt, "wc_HmacFinal() with SHA224");
  5593. ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
  5594. if (ret != 0)
  5595. return ret;
  5596. ret = wc_HmacSetKey(&hmac, WC_SHA224, (byte*)key, (word32)XSTRLEN(key));
  5597. if (ret != 0) {
  5598. flag = ret;
  5599. }
  5600. if (!flag) {
  5601. ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
  5602. if (ret != 0) {
  5603. flag = ret;
  5604. }
  5605. }
  5606. if (!flag) {
  5607. ret = wc_HmacFinal(&hmac, hash);
  5608. if (ret != 0) {
  5609. flag = ret;
  5610. }
  5611. }
  5612. if (!flag) {
  5613. if (XMEMCMP(hash, a.output, WC_SHA224_DIGEST_SIZE) != 0) {
  5614. flag = WOLFSSL_FATAL_ERROR;
  5615. }
  5616. }
  5617. /* Try bad parameters. */
  5618. if (!flag) {
  5619. ret = wc_HmacFinal(NULL, hash);
  5620. if (ret != BAD_FUNC_ARG) {
  5621. flag = WOLFSSL_FATAL_ERROR;
  5622. }
  5623. }
  5624. #ifndef HAVE_FIPS
  5625. if (!flag) {
  5626. ret = wc_HmacFinal(&hmac, NULL);
  5627. if (ret != BAD_FUNC_ARG) {
  5628. flag = WOLFSSL_FATAL_ERROR;
  5629. }
  5630. }
  5631. #endif
  5632. wc_HmacFree(&hmac);
  5633. printf(resultFmt, flag == 0 ? passed : failed);
  5634. #endif
  5635. return flag;
  5636. } /* END test_wc_Sha224HmacFinal */
  5637. /*
  5638. * Testing wc_HmacFinal() with SHA256
  5639. */
  5640. static int test_wc_Sha256HmacFinal (void)
  5641. {
  5642. int flag = 0;
  5643. #if !defined(NO_HMAC) && !defined(NO_SHA256)
  5644. Hmac hmac;
  5645. byte hash[WC_SHA256_DIGEST_SIZE];
  5646. testVector a;
  5647. int ret;
  5648. const char* key;
  5649. key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
  5650. "\x0b\x0b\x0b";
  5651. a.input = "Hi There";
  5652. a.output = "\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1"
  5653. "\x2b\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32"
  5654. "\xcf\xf7";
  5655. a.inLen = XSTRLEN(a.input);
  5656. a.outLen = XSTRLEN(a.output);
  5657. flag = 0;
  5658. printf(testingFmt, "wc_HmacFinal() with WC_SHA256");
  5659. ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
  5660. if (ret != 0)
  5661. return ret;
  5662. ret = wc_HmacSetKey(&hmac, WC_SHA256, (byte*)key, (word32)XSTRLEN(key));
  5663. if (ret != 0) {
  5664. flag = ret;
  5665. }
  5666. if (!flag) {
  5667. ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
  5668. if (ret != 0) {
  5669. flag = ret;
  5670. }
  5671. }
  5672. if (!flag) {
  5673. ret = wc_HmacFinal(&hmac, hash);
  5674. if (ret != 0) {
  5675. flag = ret;
  5676. }
  5677. }
  5678. if (!flag) {
  5679. if (XMEMCMP(hash, a.output, WC_SHA256_DIGEST_SIZE) != 0) {
  5680. flag = WOLFSSL_FATAL_ERROR;
  5681. }
  5682. }
  5683. /* Try bad parameters. */
  5684. if (!flag) {
  5685. ret = wc_HmacFinal(NULL, hash);
  5686. if (ret != BAD_FUNC_ARG) {
  5687. flag = WOLFSSL_FATAL_ERROR;
  5688. }
  5689. }
  5690. #ifndef HAVE_FIPS
  5691. if (!flag) {
  5692. ret = wc_HmacFinal(&hmac, NULL);
  5693. if (ret != BAD_FUNC_ARG) {
  5694. flag = WOLFSSL_FATAL_ERROR;
  5695. }
  5696. }
  5697. #endif
  5698. wc_HmacFree(&hmac);
  5699. printf(resultFmt, flag == 0 ? passed : failed);
  5700. #endif
  5701. return flag;
  5702. } /* END test_wc_Sha256HmacFinal */
  5703. /*
  5704. * Testing wc_HmacFinal() with SHA384
  5705. */
  5706. static int test_wc_Sha384HmacFinal (void)
  5707. {
  5708. int flag = 0;
  5709. #if !defined(NO_HMAC) && defined(WOLFSSL_SHA384)
  5710. Hmac hmac;
  5711. byte hash[WC_SHA384_DIGEST_SIZE];
  5712. testVector a;
  5713. int ret;
  5714. const char* key;
  5715. key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
  5716. "\x0b\x0b\x0b";
  5717. a.input = "Hi There";
  5718. a.output = "\xaf\xd0\x39\x44\xd8\x48\x95\x62\x6b\x08\x25\xf4\xab\x46\x90"
  5719. "\x7f\x15\xf9\xda\xdb\xe4\x10\x1e\xc6\x82\xaa\x03\x4c\x7c\xeb"
  5720. "\xc5\x9c\xfa\xea\x9e\xa9\x07\x6e\xde\x7f\x4a\xf1\x52\xe8\xb2"
  5721. "\xfa\x9c\xb6";
  5722. a.inLen = XSTRLEN(a.input);
  5723. a.outLen = XSTRLEN(a.output);
  5724. flag = 0;
  5725. printf(testingFmt, "wc_HmacFinal() with SHA384");
  5726. ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
  5727. if (ret != 0)
  5728. return ret;
  5729. ret = wc_HmacSetKey(&hmac, WC_SHA384, (byte*)key, (word32)XSTRLEN(key));
  5730. if (ret != 0) {
  5731. flag = ret;
  5732. }
  5733. if (!flag) {
  5734. ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
  5735. if (ret != 0) {
  5736. flag = ret;
  5737. }
  5738. }
  5739. if (!flag) {
  5740. ret = wc_HmacFinal(&hmac, hash);
  5741. if (ret != 0) {
  5742. flag = ret;
  5743. }
  5744. }
  5745. if (!flag) {
  5746. if (XMEMCMP(hash, a.output, WC_SHA384_DIGEST_SIZE) != 0) {
  5747. flag = WOLFSSL_FATAL_ERROR;
  5748. }
  5749. }
  5750. /* Try bad parameters. */
  5751. if (!flag) {
  5752. ret = wc_HmacFinal(NULL, hash);
  5753. if (ret != BAD_FUNC_ARG) {
  5754. flag = WOLFSSL_FATAL_ERROR;
  5755. }
  5756. }
  5757. #ifndef HAVE_FIPS
  5758. if (!flag) {
  5759. ret = wc_HmacFinal(&hmac, NULL);
  5760. if (ret != BAD_FUNC_ARG) {
  5761. flag = WOLFSSL_FATAL_ERROR;
  5762. }
  5763. }
  5764. #endif
  5765. wc_HmacFree(&hmac);
  5766. printf(resultFmt, flag == 0 ? passed : failed);
  5767. #endif
  5768. return flag;
  5769. } /* END test_wc_Sha384HmacFinal */
  5770. /*
  5771. * Testing wc_InitCmac()
  5772. */
  5773. static int test_wc_InitCmac (void)
  5774. {
  5775. int ret = 0;
  5776. #if defined(WOLFSSL_CMAC) && !defined(NO_AES)
  5777. Cmac cmac1, cmac2, cmac3;
  5778. /* AES 128 key. */
  5779. byte key1[] = "\x01\x02\x03\x04\x05\x06\x07\x08"
  5780. "\x09\x10\x11\x12\x13\x14\x15\x16";
  5781. /* AES 192 key. */
  5782. byte key2[] = "\x01\x02\x03\x04\x05\x06\x07\x08"
  5783. "\x09\x01\x11\x12\x13\x14\x15\x16"
  5784. "\x01\x02\x03\x04\x05\x06\x07\x08";
  5785. /* AES 256 key. */
  5786. byte key3[] = "\x01\x02\x03\x04\x05\x06\x07\x08"
  5787. "\x09\x01\x11\x12\x13\x14\x15\x16"
  5788. "\x01\x02\x03\x04\x05\x06\x07\x08"
  5789. "\x09\x01\x11\x12\x13\x14\x15\x16";
  5790. word32 key1Sz = (word32)sizeof(key1) - 1;
  5791. word32 key2Sz = (word32)sizeof(key2) - 1;
  5792. word32 key3Sz = (word32)sizeof(key3) - 1;
  5793. int type = WC_CMAC_AES;
  5794. printf(testingFmt, "wc_InitCmac()");
  5795. #ifdef WOLFSSL_AES_128
  5796. ret = wc_InitCmac(&cmac1, key1, key1Sz, type, NULL);
  5797. #endif
  5798. #ifdef WOLFSSL_AES_192
  5799. if (ret == 0)
  5800. ret = wc_InitCmac(&cmac2, key2, key2Sz, type, NULL);
  5801. #endif
  5802. #ifdef WOLFSSL_AES_256
  5803. if (ret == 0)
  5804. ret = wc_InitCmac(&cmac3, key3, key3Sz, type, NULL);
  5805. #endif
  5806. /* Test bad args. */
  5807. if (ret == 0) {
  5808. ret = wc_InitCmac(NULL, key3, key3Sz, type, NULL);
  5809. if (ret == BAD_FUNC_ARG) {
  5810. ret = wc_InitCmac(&cmac3, NULL, key3Sz, type, NULL);
  5811. }
  5812. if (ret == BAD_FUNC_ARG) {
  5813. ret = wc_InitCmac(&cmac3, key3, 0, type, NULL);
  5814. }
  5815. if (ret == BAD_FUNC_ARG) {
  5816. ret = wc_InitCmac(&cmac3, key3, key3Sz, 0, NULL);
  5817. }
  5818. if (ret == BAD_FUNC_ARG) {
  5819. ret = 0;
  5820. } else {
  5821. ret = SSL_FATAL_ERROR;
  5822. }
  5823. }
  5824. (void)key1;
  5825. (void)key1Sz;
  5826. (void)key2;
  5827. (void)key2Sz;
  5828. (void)cmac1;
  5829. (void)cmac2;
  5830. printf(resultFmt, ret == 0 ? passed : failed);
  5831. #endif
  5832. return ret;
  5833. } /* END test_wc_InitCmac */
  5834. /*
  5835. * Testing wc_CmacUpdate()
  5836. */
  5837. static int test_wc_CmacUpdate (void)
  5838. {
  5839. int ret = 0;
  5840. #if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_128)
  5841. Cmac cmac;
  5842. byte key[] =
  5843. {
  5844. 0x64, 0x4c, 0xbf, 0x12, 0x85, 0x9d, 0xf0, 0x55,
  5845. 0x7e, 0xa9, 0x1f, 0x08, 0xe0, 0x51, 0xff, 0x27
  5846. };
  5847. byte in[] = "\xe2\xb4\xb6\xf9\x48\x44\x02\x64"
  5848. "\x5c\x47\x80\x9e\xd5\xa8\x3a\x17"
  5849. "\xb3\x78\xcf\x85\x22\x41\x74\xd9"
  5850. "\xa0\x97\x39\x71\x62\xf1\x8e\x8f"
  5851. "\xf4";
  5852. word32 inSz = (word32)sizeof(in) - 1;
  5853. word32 keySz = (word32)sizeof(key);
  5854. int type = WC_CMAC_AES;
  5855. ret = wc_InitCmac(&cmac, key, keySz, type, NULL);
  5856. if (ret != 0) {
  5857. return ret;
  5858. }
  5859. printf(testingFmt, "wc_CmacUpdate()");
  5860. ret = wc_CmacUpdate(&cmac, in, inSz);
  5861. /* Test bad args. */
  5862. if (ret == 0) {
  5863. ret = wc_CmacUpdate(NULL, in, inSz);
  5864. if (ret == BAD_FUNC_ARG) {
  5865. ret = wc_CmacUpdate(&cmac, NULL, 30);
  5866. }
  5867. if (ret == BAD_FUNC_ARG) {
  5868. ret = 0;
  5869. } else if (ret == 0) {
  5870. ret = SSL_FATAL_ERROR;
  5871. }
  5872. }
  5873. printf(resultFmt, ret == 0 ? passed : failed);
  5874. #endif
  5875. return ret;
  5876. } /* END test_wc_CmacUpdate */
  5877. /*
  5878. * Testing wc_CmacFinal()
  5879. */
  5880. static int test_wc_CmacFinal (void)
  5881. {
  5882. int ret = 0;
  5883. #if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_128)
  5884. Cmac cmac;
  5885. byte key[] =
  5886. {
  5887. 0x64, 0x4c, 0xbf, 0x12, 0x85, 0x9d, 0xf0, 0x55,
  5888. 0x7e, 0xa9, 0x1f, 0x08, 0xe0, 0x51, 0xff, 0x27
  5889. };
  5890. byte msg[] =
  5891. {
  5892. 0xe2, 0xb4, 0xb6, 0xf9, 0x48, 0x44, 0x02, 0x64,
  5893. 0x5c, 0x47, 0x80, 0x9e, 0xd5, 0xa8, 0x3a, 0x17,
  5894. 0xb3, 0x78, 0xcf, 0x85, 0x22, 0x41, 0x74, 0xd9,
  5895. 0xa0, 0x97, 0x39, 0x71, 0x62, 0xf1, 0x8e, 0x8f,
  5896. 0xf4
  5897. };
  5898. /* Test vectors from CMACGenAES128.rsp from
  5899. * http://csrc.nist.gov/groups/STM/cavp/block-cipher-modes.html#cmac
  5900. * Per RFC4493 truncation of lsb is possible.
  5901. */
  5902. byte expMac[] =
  5903. {
  5904. 0x4e, 0x6e, 0xc5, 0x6f, 0xf9, 0x5d, 0x0e, 0xae,
  5905. 0x1c, 0xf8, 0x3e, 0xfc, 0xf4, 0x4b, 0xeb
  5906. };
  5907. byte mac[AES_BLOCK_SIZE];
  5908. word32 msgSz = (word32)sizeof(msg);
  5909. word32 keySz = (word32)sizeof(key);
  5910. word32 macSz = sizeof(mac);
  5911. word32 badMacSz = 17;
  5912. int expMacSz = sizeof(expMac);
  5913. int type = WC_CMAC_AES;
  5914. XMEMSET(mac, 0, macSz);
  5915. ret = wc_InitCmac(&cmac, key, keySz, type, NULL);
  5916. if (ret != 0) {
  5917. return ret;
  5918. }
  5919. ret = wc_CmacUpdate(&cmac, msg, msgSz);
  5920. printf(testingFmt, "wc_CmacFinal()");
  5921. if (ret == 0) {
  5922. ret = wc_CmacFinal(&cmac, mac, &macSz);
  5923. if (ret == 0 && XMEMCMP(mac, expMac, expMacSz) != 0) {
  5924. ret = SSL_FATAL_ERROR;
  5925. }
  5926. /* Pass in bad args. */
  5927. if (ret == 0) {
  5928. ret = wc_CmacFinal(NULL, mac, &macSz);
  5929. if (ret == BAD_FUNC_ARG) {
  5930. ret = wc_CmacFinal(&cmac, NULL, &macSz);
  5931. }
  5932. if (ret == BAD_FUNC_ARG) {
  5933. ret = wc_CmacFinal(&cmac, mac, &badMacSz);
  5934. if (ret == BUFFER_E) {
  5935. ret = 0;
  5936. }
  5937. } else if (ret == 0) {
  5938. ret = SSL_FATAL_ERROR;
  5939. }
  5940. }
  5941. }
  5942. printf(resultFmt, ret == 0 ? passed : failed);
  5943. #endif
  5944. return ret;
  5945. } /* END test_wc_CmacFinal */
  5946. /*
  5947. * Testing wc_AesCmacGenerate() && wc_AesCmacVerify()
  5948. */
  5949. static int test_wc_AesCmacGenerate (void)
  5950. {
  5951. int ret = 0;
  5952. #if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_128)
  5953. Cmac cmac;
  5954. byte key[] =
  5955. {
  5956. 0x26, 0xef, 0x8b, 0x40, 0x34, 0x11, 0x7d, 0x9e,
  5957. 0xbe, 0xc0, 0xc7, 0xfc, 0x31, 0x08, 0x54, 0x69
  5958. };
  5959. byte msg[] = "\x18\x90\x49\xef\xfd\x7c\xf9\xc8"
  5960. "\xf3\x59\x65\xbc\xb0\x97\x8f\xd4";
  5961. byte expMac[] = "\x29\x5f\x2f\x71\xfc\x58\xe6\xf6"
  5962. "\x3d\x32\x65\x4c\x66\x23\xc5";
  5963. byte mac[AES_BLOCK_SIZE];
  5964. word32 keySz = sizeof(key);
  5965. word32 macSz = sizeof(mac);
  5966. word32 msgSz = sizeof(msg) - 1;
  5967. word32 expMacSz = sizeof(expMac) - 1;
  5968. int type = WC_CMAC_AES;
  5969. XMEMSET(mac, 0, macSz);
  5970. ret = wc_InitCmac(&cmac, key, keySz, type, NULL);
  5971. if (ret != 0) {
  5972. return ret;
  5973. }
  5974. ret = wc_CmacUpdate(&cmac, msg, msgSz);
  5975. if (ret != 0) {
  5976. return ret;
  5977. }
  5978. printf(testingFmt, "wc_AesCmacGenerate()");
  5979. ret = wc_AesCmacGenerate(mac, &macSz, msg, msgSz, key, keySz);
  5980. if (ret == 0 && XMEMCMP(mac, expMac, expMacSz) != 0) {
  5981. ret = SSL_FATAL_ERROR;
  5982. }
  5983. /* Pass in bad args. */
  5984. if (ret == 0) {
  5985. ret = wc_AesCmacGenerate(NULL, &macSz, msg, msgSz, key, keySz);
  5986. if (ret == BAD_FUNC_ARG) {
  5987. ret = wc_AesCmacGenerate(mac, &macSz, msg, msgSz, NULL, keySz);
  5988. }
  5989. if (ret == BAD_FUNC_ARG) {
  5990. ret = wc_AesCmacGenerate(mac, &macSz, msg, msgSz, key, 0);
  5991. }
  5992. if (ret == BAD_FUNC_ARG) {
  5993. ret = wc_AesCmacGenerate(mac, &macSz, NULL, msgSz, key, keySz);
  5994. }
  5995. if (ret == BAD_FUNC_ARG) {
  5996. ret = 0;
  5997. } else if (ret == 0) {
  5998. ret = SSL_FATAL_ERROR;
  5999. }
  6000. }
  6001. printf(resultFmt, ret == 0 ? passed : failed);
  6002. if (ret == 0) {
  6003. printf(testingFmt, "wc_AesCmacVerify()");
  6004. ret = wc_AesCmacVerify(mac, macSz, msg, msgSz, key, keySz);
  6005. /* Test bad args. */
  6006. if (ret == 0) {
  6007. ret = wc_AesCmacVerify(NULL, macSz, msg, msgSz, key, keySz);
  6008. if (ret == BAD_FUNC_ARG) {
  6009. ret = wc_AesCmacVerify(mac, 0, msg, msgSz, key, keySz);
  6010. }
  6011. if (ret == BAD_FUNC_ARG) {
  6012. ret = wc_AesCmacVerify(mac, macSz, msg, msgSz, NULL, keySz);
  6013. }
  6014. if (ret == BAD_FUNC_ARG) {
  6015. ret = wc_AesCmacVerify(mac, macSz, msg, msgSz, key, 0);
  6016. }
  6017. if (ret == BAD_FUNC_ARG) {
  6018. ret = wc_AesCmacVerify(mac, macSz, NULL, msgSz, key, keySz);
  6019. }
  6020. if (ret == BAD_FUNC_ARG) {
  6021. ret = 0;
  6022. } else if (ret == 0) {
  6023. ret = SSL_FATAL_ERROR;
  6024. }
  6025. }
  6026. printf(resultFmt, ret == 0 ? passed : failed);
  6027. }
  6028. #endif
  6029. return ret;
  6030. } /* END test_wc_AesCmacGenerate */
  6031. /*
  6032. * unit test for wc_Des3_SetIV()
  6033. */
  6034. static int test_wc_Des3_SetIV (void)
  6035. {
  6036. int ret = 0;
  6037. #ifndef NO_DES3
  6038. Des3 des;
  6039. const byte key[] =
  6040. {
  6041. 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
  6042. 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
  6043. 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
  6044. };
  6045. const byte iv[] =
  6046. {
  6047. 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
  6048. 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
  6049. 0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
  6050. };
  6051. printf(testingFmt, "wc_Des3_SetIV()");
  6052. ret = wc_Des3Init(&des, NULL, INVALID_DEVID);
  6053. if (ret != 0)
  6054. return ret;
  6055. /* DES_ENCRYPTION or DES_DECRYPTION */
  6056. ret = wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION);
  6057. if (ret == 0) {
  6058. if (XMEMCMP(iv, des.reg, DES_BLOCK_SIZE) != 0) {
  6059. ret = WOLFSSL_FATAL_ERROR;
  6060. }
  6061. }
  6062. #ifndef HAVE_FIPS /* no sanity checks with FIPS wrapper */
  6063. /* Test explicitly wc_Des3_SetIV() */
  6064. if (ret == 0) {
  6065. ret = wc_Des3_SetIV(NULL, iv);
  6066. if (ret == BAD_FUNC_ARG) {
  6067. ret = wc_Des3_SetIV(&des, NULL);
  6068. } else if (ret == 0) {
  6069. ret = WOLFSSL_FATAL_ERROR;
  6070. }
  6071. }
  6072. #endif
  6073. wc_Des3Free(&des);
  6074. printf(resultFmt, ret == 0 ? passed : failed);
  6075. #endif
  6076. return ret;
  6077. } /* END test_wc_Des3_SetIV */
  6078. /*
  6079. * unit test for wc_Des3_SetKey()
  6080. */
  6081. static int test_wc_Des3_SetKey (void)
  6082. {
  6083. int ret = 0;
  6084. #ifndef NO_DES3
  6085. Des3 des;
  6086. const byte key[] =
  6087. {
  6088. 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
  6089. 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
  6090. 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
  6091. };
  6092. const byte iv[] =
  6093. {
  6094. 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
  6095. 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
  6096. 0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
  6097. };
  6098. printf(testingFmt, "wc_Des3_SetKey()");
  6099. ret = wc_Des3Init(&des, NULL, INVALID_DEVID);
  6100. if (ret != 0)
  6101. return ret;
  6102. /* DES_ENCRYPTION or DES_DECRYPTION */
  6103. ret = wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION);
  6104. if (ret == 0) {
  6105. if (XMEMCMP(iv, des.reg, DES_BLOCK_SIZE) != 0) {
  6106. ret = WOLFSSL_FATAL_ERROR;
  6107. }
  6108. }
  6109. /* Test bad args. */
  6110. if (ret == 0) {
  6111. ret = wc_Des3_SetKey(NULL, key, iv, DES_ENCRYPTION);
  6112. if (ret == BAD_FUNC_ARG) {
  6113. ret = wc_Des3_SetKey(&des, NULL, iv, DES_ENCRYPTION);
  6114. }
  6115. if (ret == BAD_FUNC_ARG) {
  6116. ret = wc_Des3_SetKey(&des, key, iv, -1);
  6117. }
  6118. if (ret == BAD_FUNC_ARG) {
  6119. /* Default case. Should return 0. */
  6120. ret = wc_Des3_SetKey(&des, key, NULL, DES_ENCRYPTION);
  6121. }
  6122. } /* END if ret != 0 */
  6123. wc_Des3Free(&des);
  6124. printf(resultFmt, ret == 0 ? passed : failed);
  6125. #endif
  6126. return ret;
  6127. } /* END test_wc_Des3_SetKey */
  6128. /*
  6129. * Test function for wc_Des3_CbcEncrypt and wc_Des3_CbcDecrypt
  6130. */
  6131. static int test_wc_Des3_CbcEncryptDecrypt (void)
  6132. {
  6133. int ret = 0;
  6134. #ifndef NO_DES3
  6135. Des3 des;
  6136. byte cipher[24];
  6137. byte plain[24];
  6138. const byte key[] =
  6139. {
  6140. 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
  6141. 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
  6142. 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
  6143. };
  6144. const byte iv[] =
  6145. {
  6146. 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
  6147. 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
  6148. 0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
  6149. };
  6150. const byte vector[] = { /* "Now is the time for all " w/o trailing 0 */
  6151. 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
  6152. 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
  6153. 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
  6154. };
  6155. printf(testingFmt, "wc_Des3_CbcEncrypt()");
  6156. ret = wc_Des3Init(&des, NULL, INVALID_DEVID);
  6157. if (ret != 0)
  6158. return ret;
  6159. ret = wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION);
  6160. if (ret == 0) {
  6161. ret = wc_Des3_CbcEncrypt(&des, cipher, vector, 24);
  6162. if (ret == 0) {
  6163. ret = wc_Des3_SetKey(&des, key, iv, DES_DECRYPTION);
  6164. }
  6165. if (ret == 0) {
  6166. ret = wc_Des3_CbcDecrypt(&des, plain, cipher, 24);
  6167. }
  6168. }
  6169. if (ret == 0) {
  6170. if (XMEMCMP(plain, vector, 24) != 0) {
  6171. ret = WOLFSSL_FATAL_ERROR;
  6172. }
  6173. }
  6174. /* Pass in bad args. */
  6175. if (ret == 0) {
  6176. ret = wc_Des3_CbcEncrypt(NULL, cipher, vector, 24);
  6177. if (ret == BAD_FUNC_ARG) {
  6178. ret = wc_Des3_CbcEncrypt(&des, NULL, vector, 24);
  6179. }
  6180. if (ret == BAD_FUNC_ARG) {
  6181. ret = wc_Des3_CbcEncrypt(&des, cipher, NULL, sizeof(vector));
  6182. }
  6183. if (ret != BAD_FUNC_ARG) {
  6184. ret = WOLFSSL_FATAL_ERROR;;
  6185. } else {
  6186. ret = 0;
  6187. }
  6188. }
  6189. if (ret == 0) {
  6190. ret = wc_Des3_CbcDecrypt(NULL, plain, cipher, 24);
  6191. if (ret == BAD_FUNC_ARG) {
  6192. ret = wc_Des3_CbcDecrypt(&des, NULL, cipher, 24);
  6193. }
  6194. if (ret == BAD_FUNC_ARG) {
  6195. ret = wc_Des3_CbcDecrypt(&des, plain, NULL, 24);
  6196. }
  6197. if (ret != BAD_FUNC_ARG) {
  6198. ret = WOLFSSL_FATAL_ERROR;
  6199. } else {
  6200. ret = 0;
  6201. }
  6202. }
  6203. wc_Des3Free(&des);
  6204. printf(resultFmt, ret == 0 ? passed : failed);
  6205. #endif
  6206. return ret;
  6207. } /* END wc_Des3_CbcEncrypt */
  6208. /*
  6209. * Unit test for wc_Des3_CbcEncryptWithKey and wc_Des3_CbcDecryptWithKey
  6210. */
  6211. static int test_wc_Des3_CbcEncryptDecryptWithKey (void)
  6212. {
  6213. int ret = 0;
  6214. #ifndef NO_DES3
  6215. word32 vectorSz, cipherSz;
  6216. byte cipher[24];
  6217. byte plain[24];
  6218. byte vector[] = /* Now is the time for all w/o trailing 0 */
  6219. {
  6220. 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
  6221. 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
  6222. 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
  6223. };
  6224. byte key[] =
  6225. {
  6226. 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
  6227. 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
  6228. 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
  6229. };
  6230. byte iv[] =
  6231. {
  6232. 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
  6233. 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
  6234. 0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
  6235. };
  6236. vectorSz = sizeof(byte) * 24;
  6237. cipherSz = sizeof(byte) * 24;
  6238. printf(testingFmt, "wc_Des3_CbcEncryptWithKey()");
  6239. ret = wc_Des3_CbcEncryptWithKey(cipher, vector, vectorSz, key, iv);
  6240. if (ret == 0) {
  6241. ret = wc_Des3_CbcDecryptWithKey(plain, cipher, cipherSz, key, iv);
  6242. if (ret == 0) {
  6243. if (XMEMCMP(plain, vector, 24) != 0) {
  6244. ret = WOLFSSL_FATAL_ERROR;
  6245. }
  6246. }
  6247. }
  6248. /* pass in bad args. */
  6249. if (ret == 0) {
  6250. ret = wc_Des3_CbcEncryptWithKey(NULL, vector, vectorSz, key, iv);
  6251. if (ret == BAD_FUNC_ARG) {
  6252. ret = wc_Des3_CbcEncryptWithKey(cipher, NULL, vectorSz, key, iv);
  6253. }
  6254. if (ret == BAD_FUNC_ARG) {
  6255. ret = wc_Des3_CbcEncryptWithKey(cipher, vector, vectorSz, NULL, iv);
  6256. }
  6257. if (ret == BAD_FUNC_ARG) {
  6258. ret = wc_Des3_CbcEncryptWithKey(cipher, vector, vectorSz,
  6259. key, NULL);
  6260. } else {
  6261. /* Return code catch. */
  6262. ret = WOLFSSL_FAILURE;
  6263. }
  6264. }
  6265. if (ret == 0) {
  6266. ret = wc_Des3_CbcDecryptWithKey(NULL, cipher, cipherSz, key, iv);
  6267. if (ret == BAD_FUNC_ARG) {
  6268. ret = wc_Des3_CbcDecryptWithKey(plain, NULL, cipherSz, key, iv);
  6269. }
  6270. if (ret == BAD_FUNC_ARG) {
  6271. ret = wc_Des3_CbcDecryptWithKey(plain, cipher, cipherSz, NULL, iv);
  6272. }
  6273. if (ret == BAD_FUNC_ARG) {
  6274. ret = wc_Des3_CbcDecryptWithKey(plain, cipher, cipherSz, key, NULL);
  6275. } else {
  6276. ret = WOLFSSL_FAILURE;
  6277. }
  6278. }
  6279. printf(resultFmt, ret == 0 ? passed : failed);
  6280. #endif
  6281. return ret;
  6282. } /* END test_wc_Des3_CbcEncryptDecryptWithKey */
  6283. /*
  6284. * Testing wc_Chacha_SetKey() and wc_Chacha_SetIV()
  6285. */
  6286. static int test_wc_Chacha_SetKey (void)
  6287. {
  6288. int ret = 0;
  6289. #ifdef HAVE_CHACHA
  6290. ChaCha ctx;
  6291. const byte key[] =
  6292. {
  6293. 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  6294. 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  6295. 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  6296. 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01
  6297. };
  6298. byte cipher[128];
  6299. printf(testingFmt, "wc_Chacha_SetKey()");
  6300. ret = wc_Chacha_SetKey(&ctx, key, (word32)(sizeof(key)/sizeof(byte)));
  6301. /* Test bad args. */
  6302. if (ret == 0) {
  6303. ret = wc_Chacha_SetKey(NULL, key, (word32)(sizeof(key)/sizeof(byte)));
  6304. if (ret == BAD_FUNC_ARG) {
  6305. ret = wc_Chacha_SetKey(&ctx, key, 18);
  6306. }
  6307. if (ret == BAD_FUNC_ARG) {
  6308. ret = 0;
  6309. } else {
  6310. ret = WOLFSSL_FATAL_ERROR;
  6311. }
  6312. }
  6313. printf(resultFmt, ret == 0 ? passed : failed);
  6314. if (ret != 0) {
  6315. return ret;
  6316. }
  6317. printf(testingFmt, "wc_Chacha_SetIV");
  6318. ret = wc_Chacha_SetIV(&ctx, cipher, 0);
  6319. if (ret == 0) {
  6320. /* Test bad args. */
  6321. ret = wc_Chacha_SetIV(NULL, cipher, 0);
  6322. if (ret == BAD_FUNC_ARG) {
  6323. ret = 0;
  6324. } else {
  6325. ret = WOLFSSL_FAILURE;
  6326. }
  6327. }
  6328. printf(resultFmt, ret == 0 ? passed : failed);
  6329. #endif
  6330. return ret;
  6331. } /* END test_wc_Chacha_SetKey */
  6332. /*
  6333. * Testing wc_Chacha_Process()
  6334. */
  6335. static int test_wc_Chacha_Process (void)
  6336. {
  6337. int ret = 0;
  6338. #ifdef HAVE_CHACHA
  6339. ChaCha enc, dec;
  6340. byte cipher[128];
  6341. byte plain[128];
  6342. const byte key[] =
  6343. {
  6344. 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  6345. 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  6346. 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  6347. 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01
  6348. };
  6349. const char* input = "Everybody gets Friday off.";
  6350. word32 keySz = sizeof(key)/sizeof(byte);
  6351. unsigned long int inlen = XSTRLEN(input);
  6352. /*Initialize stack varialbes.*/
  6353. XMEMSET(cipher, 0, 128);
  6354. XMEMSET(plain, 0, 128);
  6355. printf(testingFmt, "wc_Chacha_Process()");
  6356. ret = wc_Chacha_SetKey(&enc, key, keySz);
  6357. if (ret == 0) {
  6358. ret = wc_Chacha_SetKey(&dec, key, keySz);
  6359. if (ret == 0) {
  6360. ret = wc_Chacha_SetIV(&enc, cipher, 0);
  6361. }
  6362. if (ret == 0) {
  6363. ret = wc_Chacha_SetIV(&dec, cipher, 0);
  6364. }
  6365. }
  6366. if (ret == 0) {
  6367. ret = wc_Chacha_Process(&enc, cipher, (byte*)input, (word32)inlen);
  6368. if (ret == 0) {
  6369. ret = wc_Chacha_Process(&dec, plain, cipher, (word32)inlen);
  6370. if (ret == 0) {
  6371. ret = XMEMCMP(input, plain, (int)inlen);
  6372. }
  6373. }
  6374. }
  6375. /* Test bad args. */
  6376. if (ret == 0) {
  6377. ret = wc_Chacha_Process(NULL, cipher, (byte*)input, (word32)inlen);
  6378. if (ret == BAD_FUNC_ARG) {
  6379. ret = 0;
  6380. } else {
  6381. ret = WOLFSSL_FATAL_ERROR;
  6382. }
  6383. }
  6384. printf(resultFmt, ret == 0 ? passed : failed);
  6385. #endif
  6386. return ret;
  6387. } /* END test_wc_Chacha_Process */
  6388. /*
  6389. * Testing wc_ChaCha20Poly1305_Encrypt() and wc_ChaCha20Poly1305_Decrypt()
  6390. */
  6391. static int test_wc_ChaCha20Poly1305_aead (void)
  6392. {
  6393. int ret = 0;
  6394. #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
  6395. const byte key[] = {
  6396. 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
  6397. 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
  6398. 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
  6399. 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f
  6400. };
  6401. const byte plaintext[] = {
  6402. 0x4c, 0x61, 0x64, 0x69, 0x65, 0x73, 0x20, 0x61,
  6403. 0x6e, 0x64, 0x20, 0x47, 0x65, 0x6e, 0x74, 0x6c,
  6404. 0x65, 0x6d, 0x65, 0x6e, 0x20, 0x6f, 0x66, 0x20,
  6405. 0x74, 0x68, 0x65, 0x20, 0x63, 0x6c, 0x61, 0x73,
  6406. 0x73, 0x20, 0x6f, 0x66, 0x20, 0x27, 0x39, 0x39,
  6407. 0x3a, 0x20, 0x49, 0x66, 0x20, 0x49, 0x20, 0x63,
  6408. 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x6f, 0x66, 0x66,
  6409. 0x65, 0x72, 0x20, 0x79, 0x6f, 0x75, 0x20, 0x6f,
  6410. 0x6e, 0x6c, 0x79, 0x20, 0x6f, 0x6e, 0x65, 0x20,
  6411. 0x74, 0x69, 0x70, 0x20, 0x66, 0x6f, 0x72, 0x20,
  6412. 0x74, 0x68, 0x65, 0x20, 0x66, 0x75, 0x74, 0x75,
  6413. 0x72, 0x65, 0x2c, 0x20, 0x73, 0x75, 0x6e, 0x73,
  6414. 0x63, 0x72, 0x65, 0x65, 0x6e, 0x20, 0x77, 0x6f,
  6415. 0x75, 0x6c, 0x64, 0x20, 0x62, 0x65, 0x20, 0x69,
  6416. 0x74, 0x2e
  6417. };
  6418. const byte iv[] = {
  6419. 0x07, 0x00, 0x00, 0x00, 0x40, 0x41, 0x42, 0x43,
  6420. 0x44, 0x45, 0x46, 0x47
  6421. };
  6422. const byte aad[] = { /* additional data */
  6423. 0x50, 0x51, 0x52, 0x53, 0xc0, 0xc1, 0xc2, 0xc3,
  6424. 0xc4, 0xc5, 0xc6, 0xc7
  6425. };
  6426. const byte cipher[] = { /* expected output from operation */
  6427. 0xd3, 0x1a, 0x8d, 0x34, 0x64, 0x8e, 0x60, 0xdb,
  6428. 0x7b, 0x86, 0xaf, 0xbc, 0x53, 0xef, 0x7e, 0xc2,
  6429. 0xa4, 0xad, 0xed, 0x51, 0x29, 0x6e, 0x08, 0xfe,
  6430. 0xa9, 0xe2, 0xb5, 0xa7, 0x36, 0xee, 0x62, 0xd6,
  6431. 0x3d, 0xbe, 0xa4, 0x5e, 0x8c, 0xa9, 0x67, 0x12,
  6432. 0x82, 0xfa, 0xfb, 0x69, 0xda, 0x92, 0x72, 0x8b,
  6433. 0x1a, 0x71, 0xde, 0x0a, 0x9e, 0x06, 0x0b, 0x29,
  6434. 0x05, 0xd6, 0xa5, 0xb6, 0x7e, 0xcd, 0x3b, 0x36,
  6435. 0x92, 0xdd, 0xbd, 0x7f, 0x2d, 0x77, 0x8b, 0x8c,
  6436. 0x98, 0x03, 0xae, 0xe3, 0x28, 0x09, 0x1b, 0x58,
  6437. 0xfa, 0xb3, 0x24, 0xe4, 0xfa, 0xd6, 0x75, 0x94,
  6438. 0x55, 0x85, 0x80, 0x8b, 0x48, 0x31, 0xd7, 0xbc,
  6439. 0x3f, 0xf4, 0xde, 0xf0, 0x8e, 0x4b, 0x7a, 0x9d,
  6440. 0xe5, 0x76, 0xd2, 0x65, 0x86, 0xce, 0xc6, 0x4b,
  6441. 0x61, 0x16
  6442. };
  6443. const byte authTag[] = { /* expected output from operation */
  6444. 0x1a, 0xe1, 0x0b, 0x59, 0x4f, 0x09, 0xe2, 0x6a,
  6445. 0x7e, 0x90, 0x2e, 0xcb, 0xd0, 0x60, 0x06, 0x91
  6446. };
  6447. byte generatedCiphertext[272];
  6448. byte generatedPlaintext[272];
  6449. byte generatedAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE];
  6450. /* Initialize stack variables. */
  6451. XMEMSET(generatedCiphertext, 0, 272);
  6452. XMEMSET(generatedPlaintext, 0, 272);
  6453. /* Test Encrypt */
  6454. printf(testingFmt, "wc_ChaCha20Poly1305_Encrypt()");
  6455. ret = wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad), plaintext,
  6456. sizeof(plaintext), generatedCiphertext, generatedAuthTag);
  6457. if (ret == 0) {
  6458. ret = XMEMCMP(generatedCiphertext, cipher, sizeof(cipher)/sizeof(byte));
  6459. }
  6460. /* Test bad args. */
  6461. if (ret == 0) {
  6462. ret = wc_ChaCha20Poly1305_Encrypt(NULL, iv, aad, sizeof(aad), plaintext,
  6463. sizeof(plaintext), generatedCiphertext, generatedAuthTag);
  6464. if (ret == BAD_FUNC_ARG) {
  6465. ret = wc_ChaCha20Poly1305_Encrypt(key, NULL, aad, sizeof(aad),
  6466. plaintext, sizeof(plaintext),
  6467. generatedCiphertext, generatedAuthTag);
  6468. }
  6469. if (ret == BAD_FUNC_ARG) {
  6470. ret = wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad), NULL,
  6471. sizeof(plaintext), generatedCiphertext, generatedAuthTag);
  6472. }
  6473. if (ret == BAD_FUNC_ARG) {
  6474. ret = wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad),
  6475. plaintext, 0, generatedCiphertext, generatedAuthTag);
  6476. }
  6477. if (ret == BAD_FUNC_ARG) {
  6478. ret = wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad),
  6479. plaintext, sizeof(plaintext), NULL, generatedAuthTag);
  6480. }
  6481. if (ret == BAD_FUNC_ARG) {
  6482. ret = wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad),
  6483. plaintext, sizeof(plaintext), generatedCiphertext, NULL);
  6484. }
  6485. if (ret == BAD_FUNC_ARG) {
  6486. ret = 0;
  6487. } else {
  6488. ret = WOLFSSL_FATAL_ERROR;
  6489. }
  6490. }
  6491. printf(resultFmt, ret == 0 ? passed : failed);
  6492. if (ret != 0) {
  6493. return ret;
  6494. }
  6495. printf(testingFmt, "wc_ChaCha20Poly1305_Decrypt()");
  6496. ret = wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), cipher,
  6497. sizeof(cipher), authTag, generatedPlaintext);
  6498. if (ret == 0) {
  6499. ret = XMEMCMP(generatedPlaintext, plaintext,
  6500. sizeof(plaintext)/sizeof(byte));
  6501. }
  6502. /* Test bad args. */
  6503. if (ret == 0) {
  6504. ret = wc_ChaCha20Poly1305_Decrypt(NULL, iv, aad, sizeof(aad), cipher,
  6505. sizeof(cipher), authTag, generatedPlaintext);
  6506. if (ret == BAD_FUNC_ARG) {
  6507. ret = wc_ChaCha20Poly1305_Decrypt(key, NULL, aad, sizeof(aad),
  6508. cipher, sizeof(cipher), authTag, generatedPlaintext);
  6509. }
  6510. if (ret == BAD_FUNC_ARG) {
  6511. ret = wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), NULL,
  6512. sizeof(cipher), authTag, generatedPlaintext);
  6513. }
  6514. if (ret == BAD_FUNC_ARG) {
  6515. ret = wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), cipher,
  6516. sizeof(cipher), NULL, generatedPlaintext);
  6517. }
  6518. if (ret == BAD_FUNC_ARG) {
  6519. ret = wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), cipher,
  6520. sizeof(cipher), authTag, NULL);
  6521. }
  6522. if (ret == BAD_FUNC_ARG) {
  6523. ret = wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), cipher,
  6524. 0, authTag, generatedPlaintext);
  6525. }
  6526. if (ret == BAD_FUNC_ARG) {
  6527. ret = 0;
  6528. } else {
  6529. ret = WOLFSSL_FATAL_ERROR;
  6530. }
  6531. }
  6532. printf(resultFmt, ret == 0 ? passed : failed);
  6533. #endif
  6534. return ret;
  6535. } /* END test-wc_ChaCha20Poly1305_EncryptDecrypt */
  6536. /*
  6537. * Testing function for wc_AesSetIV
  6538. */
  6539. static int test_wc_AesSetIV (void)
  6540. {
  6541. int ret = 0;
  6542. #if !defined(NO_AES) && defined(WOLFSSL_AES_128)
  6543. Aes aes;
  6544. byte key16[] =
  6545. {
  6546. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  6547. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
  6548. };
  6549. byte iv1[] = "1234567890abcdef";
  6550. byte iv2[] = "0987654321fedcba";
  6551. printf(testingFmt, "wc_AesSetIV()");
  6552. ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
  6553. if (ret != 0)
  6554. return ret;
  6555. ret = wc_AesSetKey(&aes, key16, (word32) sizeof(key16) / sizeof(byte),
  6556. iv1, AES_ENCRYPTION);
  6557. if(ret == 0) {
  6558. ret = wc_AesSetIV(&aes, iv2);
  6559. }
  6560. /* Test bad args. */
  6561. if(ret == 0) {
  6562. ret = wc_AesSetIV(NULL, iv1);
  6563. if(ret == BAD_FUNC_ARG) {
  6564. /* NULL iv should return 0. */
  6565. ret = wc_AesSetIV(&aes, NULL);
  6566. } else {
  6567. ret = WOLFSSL_FATAL_ERROR;
  6568. }
  6569. }
  6570. wc_AesFree(&aes);
  6571. printf(resultFmt, ret == 0 ? passed : failed);
  6572. #endif
  6573. return ret;
  6574. } /* test_wc_AesSetIV */
  6575. /*
  6576. * Testing function for wc_AesSetKey().
  6577. */
  6578. static int test_wc_AesSetKey (void)
  6579. {
  6580. int ret = 0;
  6581. #ifndef NO_AES
  6582. Aes aes;
  6583. byte key16[] =
  6584. {
  6585. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  6586. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
  6587. };
  6588. #ifdef WOLFSSL_AES_192
  6589. byte key24[] =
  6590. {
  6591. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  6592. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
  6593. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
  6594. };
  6595. #endif
  6596. #ifdef WOLFSSL_AES_256
  6597. byte key32[] =
  6598. {
  6599. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  6600. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
  6601. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  6602. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
  6603. };
  6604. #endif
  6605. byte badKey16[] =
  6606. {
  6607. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  6608. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65
  6609. };
  6610. byte iv[] = "1234567890abcdef";
  6611. printf(testingFmt, "wc_AesSetKey()");
  6612. ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
  6613. if (ret != 0)
  6614. return ret;
  6615. #ifdef WOLFSSL_AES_128
  6616. ret = wc_AesSetKey(&aes, key16, (word32) sizeof(key16) / sizeof(byte),
  6617. iv, AES_ENCRYPTION);
  6618. #endif
  6619. #ifdef WOLFSSL_AES_192
  6620. if (ret == 0) {
  6621. ret = wc_AesSetKey (&aes, key24, (word32) sizeof(key24) / sizeof(byte),
  6622. iv, AES_ENCRYPTION);
  6623. }
  6624. #endif
  6625. #ifdef WOLFSSL_AES_256
  6626. if (ret == 0) {
  6627. ret = wc_AesSetKey (&aes, key32, (word32) sizeof(key32) / sizeof(byte),
  6628. iv, AES_ENCRYPTION);
  6629. }
  6630. #endif
  6631. /* Pass in bad args. */
  6632. if (ret == 0) {
  6633. ret = wc_AesSetKey (NULL, key16, (word32) sizeof(key16) / sizeof(byte),
  6634. iv, AES_ENCRYPTION);
  6635. if (ret == BAD_FUNC_ARG) {
  6636. ret = wc_AesSetKey(&aes, badKey16,
  6637. (word32) sizeof(badKey16) / sizeof(byte),
  6638. iv, AES_ENCRYPTION);
  6639. }
  6640. if (ret == BAD_FUNC_ARG) {
  6641. ret = 0;
  6642. } else {
  6643. ret = WOLFSSL_FATAL_ERROR;
  6644. }
  6645. }
  6646. wc_AesFree(&aes);
  6647. printf(resultFmt, ret == 0 ? passed : failed);
  6648. #endif
  6649. return ret;
  6650. } /* END test_wc_AesSetKey */
  6651. /*
  6652. * test function for wc_AesCbcEncrypt(), wc_AesCbcDecrypt(),
  6653. * and wc_AesCbcDecryptWithKey()
  6654. */
  6655. static int test_wc_AesCbcEncryptDecrypt (void)
  6656. {
  6657. int ret = 0;
  6658. #if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(HAVE_AES_DECRYPT)&& \
  6659. defined(WOLFSSL_AES_256)
  6660. Aes aes;
  6661. byte key32[] =
  6662. {
  6663. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  6664. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
  6665. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  6666. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
  6667. };
  6668. byte vector[] = /* Now is the time for all w/o trailing 0 */
  6669. {
  6670. 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
  6671. 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
  6672. 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
  6673. };
  6674. byte iv[] = "1234567890abcdef";
  6675. byte enc[sizeof(vector)];
  6676. byte dec[sizeof(vector)];
  6677. int cbcE = WOLFSSL_FATAL_ERROR;
  6678. int cbcD = WOLFSSL_FATAL_ERROR;
  6679. int cbcDWK = WOLFSSL_FATAL_ERROR;
  6680. byte dec2[sizeof(vector)];
  6681. /* Init stack variables. */
  6682. XMEMSET(enc, 0, sizeof(enc));
  6683. XMEMSET(dec, 0, sizeof(vector));
  6684. XMEMSET(dec2, 0, sizeof(vector));
  6685. ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
  6686. if (ret != 0)
  6687. return ret;
  6688. ret = wc_AesSetKey(&aes, key32, AES_BLOCK_SIZE * 2, iv, AES_ENCRYPTION);
  6689. if (ret == 0) {
  6690. ret = wc_AesCbcEncrypt(&aes, enc, vector, sizeof(vector));
  6691. if (ret == 0) {
  6692. /* Re init for decrypt and set flag. */
  6693. cbcE = 0;
  6694. ret = wc_AesSetKey(&aes, key32, AES_BLOCK_SIZE * 2,
  6695. iv, AES_DECRYPTION);
  6696. }
  6697. if (ret == 0) {
  6698. ret = wc_AesCbcDecrypt(&aes, dec, enc, AES_BLOCK_SIZE);
  6699. if (ret != 0 || XMEMCMP(vector, dec, AES_BLOCK_SIZE) != 0) {
  6700. ret = WOLFSSL_FATAL_ERROR;
  6701. } else {
  6702. /* Set flag. */
  6703. cbcD = 0;
  6704. }
  6705. }
  6706. }
  6707. /* If encrypt succeeds but cbc decrypt fails, we can still test. */
  6708. if (ret == 0 || (ret != 0 && cbcE == 0)) {
  6709. ret = wc_AesCbcDecryptWithKey(dec2, enc, AES_BLOCK_SIZE,
  6710. key32, sizeof(key32)/sizeof(byte), iv);
  6711. if (ret == 0 || XMEMCMP(vector, dec2, AES_BLOCK_SIZE) == 0) {
  6712. cbcDWK = 0;
  6713. }
  6714. }
  6715. printf(testingFmt, "wc_AesCbcEncrypt()");
  6716. /* Pass in bad args */
  6717. if (cbcE == 0) {
  6718. cbcE = wc_AesCbcEncrypt(NULL, enc, vector, sizeof(vector));
  6719. if (cbcE == BAD_FUNC_ARG) {
  6720. cbcE = wc_AesCbcEncrypt(&aes, NULL, vector, sizeof(vector));
  6721. }
  6722. if (cbcE == BAD_FUNC_ARG) {
  6723. cbcE = wc_AesCbcEncrypt(&aes, enc, NULL, sizeof(vector));
  6724. }
  6725. if (cbcE == BAD_FUNC_ARG) {
  6726. cbcE = 0;
  6727. } else {
  6728. cbcE = WOLFSSL_FATAL_ERROR;
  6729. }
  6730. }
  6731. printf(resultFmt, cbcE == 0 ? passed : failed);
  6732. if (cbcE != 0) {
  6733. wc_AesFree(&aes);
  6734. return cbcE;
  6735. }
  6736. printf(testingFmt, "wc_AesCbcDecrypt()");
  6737. if (cbcD == 0) {
  6738. cbcD = wc_AesCbcDecrypt(NULL, dec, enc, AES_BLOCK_SIZE);
  6739. if (cbcD == BAD_FUNC_ARG) {
  6740. cbcD = wc_AesCbcDecrypt(&aes, NULL, enc, AES_BLOCK_SIZE);
  6741. }
  6742. if (cbcD == BAD_FUNC_ARG) {
  6743. cbcD = wc_AesCbcDecrypt(&aes, dec, NULL, AES_BLOCK_SIZE);
  6744. }
  6745. if (cbcD == BAD_FUNC_ARG) {
  6746. cbcD = wc_AesCbcDecrypt(&aes, dec, enc, AES_BLOCK_SIZE * 2 - 1);
  6747. }
  6748. if (cbcD == BAD_FUNC_ARG) {
  6749. cbcD = 0;
  6750. } else {
  6751. cbcD = WOLFSSL_FATAL_ERROR;
  6752. }
  6753. }
  6754. printf(resultFmt, cbcD == 0 ? passed : failed);
  6755. if (cbcD != 0) {
  6756. wc_AesFree(&aes);
  6757. return cbcD;
  6758. }
  6759. printf(testingFmt, "wc_AesCbcDecryptWithKey()");
  6760. if (cbcDWK == 0) {
  6761. cbcDWK = wc_AesCbcDecryptWithKey(NULL, enc, AES_BLOCK_SIZE,
  6762. key32, sizeof(key32)/sizeof(byte), iv);
  6763. if (cbcDWK == BAD_FUNC_ARG) {
  6764. cbcDWK = wc_AesCbcDecryptWithKey(dec2, NULL, AES_BLOCK_SIZE,
  6765. key32, sizeof(key32)/sizeof(byte), iv);
  6766. }
  6767. if (cbcDWK == BAD_FUNC_ARG) {
  6768. cbcDWK = wc_AesCbcDecryptWithKey(dec2, enc, AES_BLOCK_SIZE,
  6769. NULL, sizeof(key32)/sizeof(byte), iv);
  6770. }
  6771. if (cbcDWK == BAD_FUNC_ARG) {
  6772. cbcDWK = wc_AesCbcDecryptWithKey(dec2, enc, AES_BLOCK_SIZE,
  6773. key32, sizeof(key32)/sizeof(byte), NULL);
  6774. }
  6775. if (cbcDWK == BAD_FUNC_ARG) {
  6776. cbcDWK = 0;
  6777. } else {
  6778. cbcDWK = WOLFSSL_FATAL_ERROR;
  6779. }
  6780. }
  6781. wc_AesFree(&aes);
  6782. printf(resultFmt, cbcDWK == 0 ? passed : failed);
  6783. if (cbcDWK != 0) {
  6784. return cbcDWK;
  6785. }
  6786. #endif
  6787. return ret;
  6788. } /* END test_wc_AesCbcEncryptDecrypt */
  6789. /*
  6790. * Testing wc_AesCtrEncrypt and wc_AesCtrDecrypt
  6791. */
  6792. static int test_wc_AesCtrEncryptDecrypt (void)
  6793. {
  6794. int ret = 0;
  6795. #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_256)
  6796. Aes aesEnc, aesDec;
  6797. byte key32[] =
  6798. {
  6799. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  6800. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
  6801. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  6802. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
  6803. };
  6804. byte vector[] = /* Now is the time for all w/o trailing 0 */
  6805. {
  6806. 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
  6807. 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
  6808. 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
  6809. };
  6810. byte iv[] = "1234567890abcdef";
  6811. byte enc[AES_BLOCK_SIZE * 2];
  6812. byte dec[AES_BLOCK_SIZE * 2];
  6813. /* Init stack variables. */
  6814. XMEMSET(enc, 0, AES_BLOCK_SIZE * 2);
  6815. XMEMSET(dec, 0, AES_BLOCK_SIZE * 2);
  6816. printf(testingFmt, "wc_AesCtrEncrypt()");
  6817. ret = wc_AesInit(&aesEnc, NULL, INVALID_DEVID);
  6818. if (ret != 0)
  6819. return ret;
  6820. ret = wc_AesInit(&aesDec, NULL, INVALID_DEVID);
  6821. if (ret != 0) {
  6822. wc_AesFree(&aesEnc);
  6823. return ret;
  6824. }
  6825. ret = wc_AesSetKey(&aesEnc, key32, AES_BLOCK_SIZE * 2,
  6826. iv, AES_ENCRYPTION);
  6827. if (ret == 0) {
  6828. ret = wc_AesCtrEncrypt(&aesEnc, enc, vector,
  6829. sizeof(vector)/sizeof(byte));
  6830. if (ret == 0) {
  6831. /* Decrypt with wc_AesCtrEncrypt() */
  6832. ret = wc_AesSetKey(&aesDec, key32, AES_BLOCK_SIZE * 2,
  6833. iv, AES_ENCRYPTION);
  6834. }
  6835. if (ret == 0) {
  6836. ret = wc_AesCtrEncrypt(&aesDec, dec, enc, sizeof(enc)/sizeof(byte));
  6837. if (ret != 0 || XMEMCMP(vector, dec, sizeof(vector))) {
  6838. ret = WOLFSSL_FATAL_ERROR;
  6839. }
  6840. }
  6841. }
  6842. /* Test bad args. */
  6843. if (ret == 0) {
  6844. ret = wc_AesCtrEncrypt(NULL, dec, enc, sizeof(enc)/sizeof(byte));
  6845. if (ret == BAD_FUNC_ARG) {
  6846. ret = wc_AesCtrEncrypt(&aesDec, NULL, enc, sizeof(enc)/sizeof(byte));
  6847. }
  6848. if (ret == BAD_FUNC_ARG) {
  6849. ret = wc_AesCtrEncrypt(&aesDec, dec, NULL, sizeof(enc)/sizeof(byte));
  6850. }
  6851. if (ret == BAD_FUNC_ARG) {
  6852. ret = 0;
  6853. } else {
  6854. ret = WOLFSSL_FATAL_ERROR;
  6855. }
  6856. }
  6857. wc_AesFree(&aesEnc);
  6858. wc_AesFree(&aesDec);
  6859. printf(resultFmt, ret == 0 ? passed : failed);
  6860. #endif
  6861. return ret;
  6862. } /* END test_wc_AesCtrEncryptDecrypt */
  6863. /*
  6864. * test function for wc_AesGcmSetKey()
  6865. */
  6866. static int test_wc_AesGcmSetKey (void)
  6867. {
  6868. int ret = 0;
  6869. #if !defined(NO_AES) && defined(HAVE_AESGCM)
  6870. Aes aes;
  6871. #ifdef WOLFSSL_AES_128
  6872. byte key16[] =
  6873. {
  6874. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  6875. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
  6876. };
  6877. #endif
  6878. #ifdef WOLFSSL_AES_192
  6879. byte key24[] =
  6880. {
  6881. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  6882. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
  6883. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
  6884. };
  6885. #endif
  6886. #ifdef WOLFSSL_AES_256
  6887. byte key32[] =
  6888. {
  6889. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  6890. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
  6891. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  6892. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
  6893. };
  6894. #endif
  6895. byte badKey16[] =
  6896. {
  6897. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  6898. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65
  6899. };
  6900. byte badKey24[] =
  6901. {
  6902. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  6903. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
  6904. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36
  6905. };
  6906. byte badKey32[] =
  6907. {
  6908. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x37, 0x37,
  6909. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
  6910. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  6911. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65
  6912. };
  6913. printf(testingFmt, "wc_AesGcmSetKey()");
  6914. ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
  6915. if (ret != 0)
  6916. return ret;
  6917. #ifdef WOLFSSL_AES_128
  6918. ret = wc_AesGcmSetKey(&aes, key16, sizeof(key16)/sizeof(byte));
  6919. #endif
  6920. #ifdef WOLFSSL_AES_192
  6921. if (ret == 0) {
  6922. ret = wc_AesGcmSetKey(&aes, key24, sizeof(key24)/sizeof(byte));
  6923. }
  6924. #endif
  6925. #ifdef WOLFSSL_AES_256
  6926. if (ret == 0) {
  6927. ret = wc_AesGcmSetKey(&aes, key32, sizeof(key32)/sizeof(byte));
  6928. }
  6929. #endif
  6930. /* Pass in bad args. */
  6931. if (ret == 0) {
  6932. ret = wc_AesGcmSetKey(&aes, badKey16, sizeof(badKey16)/sizeof(byte));
  6933. if (ret == BAD_FUNC_ARG) {
  6934. ret = wc_AesGcmSetKey(&aes, badKey24, sizeof(badKey24)/sizeof(byte));
  6935. }
  6936. if (ret == BAD_FUNC_ARG) {
  6937. ret = wc_AesGcmSetKey(&aes, badKey32, sizeof(badKey32)/sizeof(byte));
  6938. }
  6939. if (ret == BAD_FUNC_ARG) {
  6940. ret = 0;
  6941. } else {
  6942. ret = WOLFSSL_FATAL_ERROR;
  6943. }
  6944. }
  6945. wc_AesFree(&aes);
  6946. printf(resultFmt, ret == 0 ? passed : failed);
  6947. #endif
  6948. return ret;
  6949. } /* END test_wc_AesGcmSetKey */
  6950. /*
  6951. * test function for wc_AesGcmEncrypt and wc_AesGcmDecrypt
  6952. */
  6953. static int test_wc_AesGcmEncryptDecrypt (void)
  6954. {
  6955. int ret = 0;
  6956. #if !defined(NO_AES) && defined(HAVE_AESGCM) && defined(WOLFSSL_AES_256)
  6957. Aes aes;
  6958. byte key32[] =
  6959. {
  6960. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  6961. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
  6962. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  6963. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
  6964. };
  6965. byte vector[] = /* Now is the time for all w/o trailing 0 */
  6966. {
  6967. 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
  6968. 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
  6969. 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
  6970. };
  6971. const byte a[] =
  6972. {
  6973. 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
  6974. 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
  6975. 0xab, 0xad, 0xda, 0xd2
  6976. };
  6977. byte iv[] = "1234567890a";
  6978. byte longIV[] = "1234567890abcdefghij";
  6979. byte enc[sizeof(vector)];
  6980. byte resultT[AES_BLOCK_SIZE];
  6981. byte dec[sizeof(vector)];
  6982. int gcmD = WOLFSSL_FATAL_ERROR;
  6983. int gcmE = WOLFSSL_FATAL_ERROR;
  6984. /* Init stack variables. */
  6985. XMEMSET(enc, 0, sizeof(vector));
  6986. XMEMSET(dec, 0, sizeof(vector));
  6987. XMEMSET(resultT, 0, AES_BLOCK_SIZE);
  6988. ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
  6989. if (ret != 0)
  6990. return ret;
  6991. ret = wc_AesGcmSetKey(&aes, key32, sizeof(key32)/sizeof(byte));
  6992. if (ret == 0) {
  6993. gcmE = wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector),
  6994. iv, sizeof(iv)/sizeof(byte), resultT,
  6995. sizeof(resultT), a, sizeof(a));
  6996. }
  6997. if (gcmE == 0) { /* If encrypt fails, no decrypt. */
  6998. gcmD = wc_AesGcmDecrypt(&aes, dec, enc, sizeof(vector),
  6999. iv, sizeof(iv)/sizeof(byte), resultT,
  7000. sizeof(resultT), a, sizeof(a));
  7001. if(gcmD == 0 && (XMEMCMP(vector, dec, sizeof(vector)) != 0)) {
  7002. gcmD = WOLFSSL_FATAL_ERROR;
  7003. }
  7004. }
  7005. printf(testingFmt, "wc_AesGcmEncrypt()");
  7006. /*Test bad args for wc_AesGcmEncrypt and wc_AesGcmDecrypt */
  7007. if (gcmE == 0) {
  7008. gcmE = wc_AesGcmEncrypt(NULL, enc, vector, sizeof(vector),
  7009. iv, sizeof(iv)/sizeof(byte), resultT, sizeof(resultT),
  7010. a, sizeof(a));
  7011. if (gcmE == BAD_FUNC_ARG) {
  7012. gcmE = wc_AesGcmEncrypt(&aes, enc, vector,
  7013. sizeof(vector), iv, sizeof(iv)/sizeof(byte),
  7014. resultT, sizeof(resultT) + 1, a, sizeof(a));
  7015. }
  7016. if (gcmE == BAD_FUNC_ARG) {
  7017. gcmE = wc_AesGcmEncrypt(&aes, enc, vector,
  7018. sizeof(vector), iv, sizeof(iv)/sizeof(byte),
  7019. resultT, sizeof(resultT) - 5, a, sizeof(a));
  7020. }
  7021. if (gcmE == BAD_FUNC_ARG) {
  7022. gcmE = 0;
  7023. } else {
  7024. gcmE = WOLFSSL_FATAL_ERROR;
  7025. }
  7026. }
  7027. /* This case is now considered good. Long IVs are now allowed.
  7028. * Except for the original FIPS release, it still has an upper
  7029. * bound on the IV length. */
  7030. #if !defined(HAVE_FIPS) || \
  7031. (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
  7032. if (gcmE == 0) {
  7033. gcmE = wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), longIV,
  7034. sizeof(longIV)/sizeof(byte), resultT, sizeof(resultT),
  7035. a, sizeof(a));
  7036. }
  7037. #else
  7038. (void)longIV;
  7039. #endif /* Old FIPS */
  7040. /* END wc_AesGcmEncrypt */
  7041. printf(resultFmt, gcmE == 0 ? passed : failed);
  7042. if (gcmE != 0) {
  7043. wc_AesFree(&aes);
  7044. return gcmE;
  7045. }
  7046. #ifdef HAVE_AES_DECRYPT
  7047. printf(testingFmt, "wc_AesGcmDecrypt()");
  7048. if (gcmD == 0) {
  7049. gcmD = wc_AesGcmDecrypt(NULL, dec, enc, sizeof(enc)/sizeof(byte),
  7050. iv, sizeof(iv)/sizeof(byte), resultT,
  7051. sizeof(resultT), a, sizeof(a));
  7052. if (gcmD == BAD_FUNC_ARG) {
  7053. gcmD = wc_AesGcmDecrypt(&aes, NULL, enc, sizeof(enc)/sizeof(byte),
  7054. iv, sizeof(iv)/sizeof(byte), resultT,
  7055. sizeof(resultT), a, sizeof(a));
  7056. }
  7057. if (gcmD == BAD_FUNC_ARG) {
  7058. gcmD = wc_AesGcmDecrypt(&aes, dec, NULL, sizeof(enc)/sizeof(byte),
  7059. iv, sizeof(iv)/sizeof(byte), resultT,
  7060. sizeof(resultT), a, sizeof(a));
  7061. }
  7062. if (gcmD == BAD_FUNC_ARG) {
  7063. gcmD = wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte),
  7064. NULL, sizeof(iv)/sizeof(byte), resultT,
  7065. sizeof(resultT), a, sizeof(a));
  7066. }
  7067. if (gcmD == BAD_FUNC_ARG) {
  7068. gcmD = wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte),
  7069. iv, sizeof(iv)/sizeof(byte), NULL,
  7070. sizeof(resultT), a, sizeof(a));
  7071. }
  7072. if (gcmD == BAD_FUNC_ARG) {
  7073. gcmD = wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte),
  7074. iv, sizeof(iv)/sizeof(byte), resultT,
  7075. sizeof(resultT) + 1, a, sizeof(a));
  7076. }
  7077. if (gcmD == BAD_FUNC_ARG) {
  7078. gcmD = 0;
  7079. } else {
  7080. gcmD = WOLFSSL_FATAL_ERROR;
  7081. }
  7082. } /* END wc_AesGcmDecrypt */
  7083. printf(resultFmt, gcmD == 0 ? passed : failed);
  7084. #endif /* HAVE_AES_DECRYPT */
  7085. wc_AesFree(&aes);
  7086. #endif
  7087. return ret;
  7088. } /* END test_wc_AesGcmEncryptDecrypt */
  7089. /*
  7090. * unit test for wc_GmacSetKey()
  7091. */
  7092. static int test_wc_GmacSetKey (void)
  7093. {
  7094. int ret = 0;
  7095. #if !defined(NO_AES) && defined(HAVE_AESGCM)
  7096. Gmac gmac;
  7097. byte key16[] =
  7098. {
  7099. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  7100. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
  7101. };
  7102. #ifdef WOLFSSL_AES_192
  7103. byte key24[] =
  7104. {
  7105. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  7106. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
  7107. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
  7108. };
  7109. #endif
  7110. #ifdef WOLFSSL_AES_256
  7111. byte key32[] =
  7112. {
  7113. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  7114. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
  7115. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  7116. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
  7117. };
  7118. #endif
  7119. byte badKey16[] =
  7120. {
  7121. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  7122. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x66
  7123. };
  7124. byte badKey24[] =
  7125. {
  7126. 0x30, 0x31, 0x32, 0x33, 0x34, 0x36, 0x37,
  7127. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
  7128. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
  7129. };
  7130. byte badKey32[] =
  7131. {
  7132. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  7133. 0x38, 0x39, 0x61, 0x62, 0x64, 0x65, 0x66,
  7134. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  7135. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
  7136. };
  7137. printf(testingFmt, "wc_GmacSetKey()");
  7138. ret = wc_AesInit(&gmac.aes, NULL, INVALID_DEVID);
  7139. if (ret != 0)
  7140. return ret;
  7141. #ifdef WOLFSSL_AES_128
  7142. ret = wc_GmacSetKey(&gmac, key16, sizeof(key16)/sizeof(byte));
  7143. #endif
  7144. #ifdef WOLFSSL_AES_192
  7145. if (ret == 0) {
  7146. ret = wc_GmacSetKey(&gmac, key24, sizeof(key24)/sizeof(byte));
  7147. }
  7148. #endif
  7149. #ifdef WOLFSSL_AES_256
  7150. if (ret == 0) {
  7151. ret = wc_GmacSetKey(&gmac, key32, sizeof(key32)/sizeof(byte));
  7152. }
  7153. #endif
  7154. /* Pass in bad args. */
  7155. if (ret == 0) {
  7156. ret = wc_GmacSetKey(NULL, key16, sizeof(key16)/sizeof(byte));
  7157. if (ret == BAD_FUNC_ARG) {
  7158. ret = wc_GmacSetKey(&gmac, NULL, sizeof(key16)/sizeof(byte));
  7159. }
  7160. if (ret == BAD_FUNC_ARG) {
  7161. ret = wc_GmacSetKey(&gmac, badKey16, sizeof(badKey16)/sizeof(byte));
  7162. }
  7163. if (ret == BAD_FUNC_ARG) {
  7164. ret = wc_GmacSetKey(&gmac, badKey24, sizeof(badKey24)/sizeof(byte));
  7165. }
  7166. if (ret == BAD_FUNC_ARG) {
  7167. ret = wc_GmacSetKey(&gmac, badKey32, sizeof(badKey32)/sizeof(byte));
  7168. }
  7169. if (ret == BAD_FUNC_ARG) {
  7170. ret = 0;
  7171. } else {
  7172. ret = WOLFSSL_FATAL_ERROR;
  7173. }
  7174. }
  7175. wc_AesFree(&gmac.aes);
  7176. printf(resultFmt, ret == 0 ? passed : failed);
  7177. #endif
  7178. return ret;
  7179. } /* END test_wc_GmacSetKey */
  7180. /*
  7181. * unit test for wc_GmacUpdate
  7182. */
  7183. static int test_wc_GmacUpdate (void)
  7184. {
  7185. int ret = 0;
  7186. #if !defined(NO_AES) && defined(HAVE_AESGCM)
  7187. Gmac gmac;
  7188. #ifdef WOLFSSL_AES_128
  7189. const byte key16[] =
  7190. {
  7191. 0x89, 0xc9, 0x49, 0xe9, 0xc8, 0x04, 0xaf, 0x01,
  7192. 0x4d, 0x56, 0x04, 0xb3, 0x94, 0x59, 0xf2, 0xc8
  7193. };
  7194. #endif
  7195. #ifdef WOLFSSL_AES_192
  7196. byte key24[] =
  7197. {
  7198. 0x41, 0xc5, 0xda, 0x86, 0x67, 0xef, 0x72, 0x52,
  7199. 0x20, 0xff, 0xe3, 0x9a, 0xe0, 0xac, 0x59, 0x0a,
  7200. 0xc9, 0xfc, 0xa7, 0x29, 0xab, 0x60, 0xad, 0xa0
  7201. };
  7202. #endif
  7203. #ifdef WOLFSSL_AES_256
  7204. byte key32[] =
  7205. {
  7206. 0x78, 0xdc, 0x4e, 0x0a, 0xaf, 0x52, 0xd9, 0x35,
  7207. 0xc3, 0xc0, 0x1e, 0xea, 0x57, 0x42, 0x8f, 0x00,
  7208. 0xca, 0x1f, 0xd4, 0x75, 0xf5, 0xda, 0x86, 0xa4,
  7209. 0x9c, 0x8d, 0xd7, 0x3d, 0x68, 0xc8, 0xe2, 0x23
  7210. };
  7211. #endif
  7212. #ifdef WOLFSSL_AES_128
  7213. const byte authIn[] =
  7214. {
  7215. 0x82, 0xad, 0xcd, 0x63, 0x8d, 0x3f, 0xa9, 0xd9,
  7216. 0xf3, 0xe8, 0x41, 0x00, 0xd6, 0x1e, 0x07, 0x77
  7217. };
  7218. #endif
  7219. #ifdef WOLFSSL_AES_192
  7220. const byte authIn2[] =
  7221. {
  7222. 0x8b, 0x5c, 0x12, 0x4b, 0xef, 0x6e, 0x2f, 0x0f,
  7223. 0xe4, 0xd8, 0xc9, 0x5c, 0xd5, 0xfa, 0x4c, 0xf1
  7224. };
  7225. #endif
  7226. const byte authIn3[] =
  7227. {
  7228. 0xb9, 0x6b, 0xaa, 0x8c, 0x1c, 0x75, 0xa6, 0x71,
  7229. 0xbf, 0xb2, 0xd0, 0x8d, 0x06, 0xbe, 0x5f, 0x36
  7230. };
  7231. #ifdef WOLFSSL_AES_128
  7232. const byte tag1[] = /* Known. */
  7233. {
  7234. 0x88, 0xdb, 0x9d, 0x62, 0x17, 0x2e, 0xd0, 0x43,
  7235. 0xaa, 0x10, 0xf1, 0x6d, 0x22, 0x7d, 0xc4, 0x1b
  7236. };
  7237. #endif
  7238. #ifdef WOLFSSL_AES_192
  7239. const byte tag2[] = /* Known */
  7240. {
  7241. 0x20, 0x4b, 0xdb, 0x1b, 0xd6, 0x21, 0x54, 0xbf,
  7242. 0x08, 0x92, 0x2a, 0xaa, 0x54, 0xee, 0xd7, 0x05
  7243. };
  7244. #endif
  7245. const byte tag3[] = /* Known */
  7246. {
  7247. 0x3e, 0x5d, 0x48, 0x6a, 0xa2, 0xe3, 0x0b, 0x22,
  7248. 0xe0, 0x40, 0xb8, 0x57, 0x23, 0xa0, 0x6e, 0x76
  7249. };
  7250. #ifdef WOLFSSL_AES_128
  7251. const byte iv[] =
  7252. {
  7253. 0xd1, 0xb1, 0x04, 0xc8, 0x15, 0xbf, 0x1e, 0x94,
  7254. 0xe2, 0x8c, 0x8f, 0x16
  7255. };
  7256. #endif
  7257. #ifdef WOLFSSL_AES_192
  7258. const byte iv2[] =
  7259. {
  7260. 0x05, 0xad, 0x13, 0xa5, 0xe2, 0xc2, 0xab, 0x66,
  7261. 0x7e, 0x1a, 0x6f, 0xbc
  7262. };
  7263. #endif
  7264. const byte iv3[] =
  7265. {
  7266. 0xd7, 0x9c, 0xf2, 0x2d, 0x50, 0x4c, 0xc7, 0x93,
  7267. 0xc3, 0xfb, 0x6c, 0x8a
  7268. };
  7269. byte tagOut[16];
  7270. byte tagOut2[24];
  7271. byte tagOut3[32];
  7272. /* Init stack varaibles. */
  7273. XMEMSET(tagOut, 0, sizeof(tagOut));
  7274. XMEMSET(tagOut2, 0, sizeof(tagOut2));
  7275. XMEMSET(tagOut3, 0, sizeof(tagOut3));
  7276. printf(testingFmt, "wc_GmacUpdate()");
  7277. ret = wc_AesInit(&gmac.aes, NULL, INVALID_DEVID);
  7278. if (ret != 0)
  7279. return ret;
  7280. #ifdef WOLFSSL_AES_128
  7281. ret = wc_GmacSetKey(&gmac, key16, sizeof(key16));
  7282. if (ret == 0) {
  7283. ret = wc_GmacUpdate(&gmac, iv, sizeof(iv), authIn, sizeof(authIn),
  7284. tagOut, sizeof(tag1));
  7285. if (ret == 0) {
  7286. ret = XMEMCMP(tag1, tagOut, sizeof(tag1));
  7287. }
  7288. }
  7289. #endif
  7290. #ifdef WOLFSSL_AES_192
  7291. if (ret == 0) {
  7292. XMEMSET(&gmac, 0, sizeof(Gmac));
  7293. ret = wc_GmacSetKey(&gmac, key24, sizeof(key24)/sizeof(byte));
  7294. }
  7295. if (ret == 0) {
  7296. ret = wc_GmacUpdate(&gmac, iv2, sizeof(iv2), authIn2,
  7297. sizeof(authIn2), tagOut2, sizeof(tag2));
  7298. }
  7299. if (ret == 0) {
  7300. ret = XMEMCMP(tagOut2, tag2, sizeof(tag2));
  7301. }
  7302. #endif
  7303. #ifdef WOLFSSL_AES_256
  7304. if (ret == 0) {
  7305. XMEMSET(&gmac, 0, sizeof(Gmac));
  7306. ret = wc_GmacSetKey(&gmac, key32, sizeof(key32)/sizeof(byte));
  7307. }
  7308. if (ret == 0) {
  7309. ret = wc_GmacUpdate(&gmac, iv3, sizeof(iv3), authIn3,
  7310. sizeof(authIn3), tagOut3, sizeof(tag3));
  7311. }
  7312. if (ret == 0) {
  7313. ret = XMEMCMP(tag3, tagOut3, sizeof(tag3));
  7314. }
  7315. #endif
  7316. /*Pass bad args. */
  7317. if (ret == 0) {
  7318. ret = wc_GmacUpdate(NULL, iv3, sizeof(iv3), authIn3,
  7319. sizeof(authIn3), tagOut3, sizeof(tag3));
  7320. if (ret == BAD_FUNC_ARG) {
  7321. ret = wc_GmacUpdate(&gmac, iv3, sizeof(iv3), authIn3,
  7322. sizeof(authIn3), tagOut3, sizeof(tag3) - 5);
  7323. }
  7324. if (ret == BAD_FUNC_ARG) {
  7325. ret = wc_GmacUpdate(&gmac, iv3, sizeof(iv3), authIn3,
  7326. sizeof(authIn3), tagOut3, sizeof(tag3) + 1);
  7327. }
  7328. if (ret == BAD_FUNC_ARG) {
  7329. ret = 0;
  7330. } else {
  7331. ret = WOLFSSL_FATAL_ERROR;
  7332. }
  7333. }
  7334. wc_AesFree(&gmac.aes);
  7335. printf(resultFmt, ret == 0 ? passed : failed);
  7336. #endif
  7337. return ret;
  7338. } /* END test_wc_GmacUpdate */
  7339. /*
  7340. * testing wc_CamelliaSetKey
  7341. */
  7342. static int test_wc_CamelliaSetKey (void)
  7343. {
  7344. int ret = 0;
  7345. #ifdef HAVE_CAMELLIA
  7346. Camellia camellia;
  7347. /*128-bit key*/
  7348. static const byte key16[] =
  7349. {
  7350. 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
  7351. 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10
  7352. };
  7353. /* 192-bit key */
  7354. static const byte key24[] =
  7355. {
  7356. 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
  7357. 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
  7358. 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77
  7359. };
  7360. /* 256-bit key */
  7361. static const byte key32[] =
  7362. {
  7363. 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
  7364. 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
  7365. 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
  7366. 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
  7367. };
  7368. static const byte iv[] =
  7369. {
  7370. 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
  7371. 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
  7372. };
  7373. printf(testingFmt, "wc_CamelliaSetKey()");
  7374. ret = wc_CamelliaSetKey(&camellia, key16, (word32)sizeof(key16), iv);
  7375. if (ret == 0) {
  7376. ret = wc_CamelliaSetKey(&camellia, key16,
  7377. (word32)sizeof(key16), NULL);
  7378. if (ret == 0) {
  7379. ret = wc_CamelliaSetKey(&camellia, key24,
  7380. (word32)sizeof(key24), iv);
  7381. }
  7382. if (ret == 0) {
  7383. ret = wc_CamelliaSetKey(&camellia, key24,
  7384. (word32)sizeof(key24), NULL);
  7385. }
  7386. if (ret == 0) {
  7387. ret = wc_CamelliaSetKey(&camellia, key32,
  7388. (word32)sizeof(key32), iv);
  7389. }
  7390. if (ret == 0) {
  7391. ret = wc_CamelliaSetKey(&camellia, key32,
  7392. (word32)sizeof(key32), NULL);
  7393. }
  7394. }
  7395. /* Bad args. */
  7396. if (ret == 0) {
  7397. ret = wc_CamelliaSetKey(NULL, key32, (word32)sizeof(key32), iv);
  7398. if (ret != BAD_FUNC_ARG) {
  7399. ret = WOLFSSL_FATAL_ERROR;
  7400. } else {
  7401. ret = 0;
  7402. }
  7403. } /* END bad args. */
  7404. #endif
  7405. return ret;
  7406. } /* END test_wc_CammeliaSetKey */
  7407. /*
  7408. * Testing wc_CamelliaSetIV()
  7409. */
  7410. static int test_wc_CamelliaSetIV (void)
  7411. {
  7412. int ret = 0;
  7413. #ifdef HAVE_CAMELLIA
  7414. Camellia camellia;
  7415. static const byte iv[] =
  7416. {
  7417. 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
  7418. 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
  7419. };
  7420. printf(testingFmt, "wc_CamelliaSetIV()");
  7421. ret = wc_CamelliaSetIV(&camellia, iv);
  7422. if (ret == 0) {
  7423. ret = wc_CamelliaSetIV(&camellia, NULL);
  7424. }
  7425. /* Bad args. */
  7426. if (ret == 0) {
  7427. ret = wc_CamelliaSetIV(NULL, NULL);
  7428. if (ret != BAD_FUNC_ARG) {
  7429. ret = WOLFSSL_FATAL_ERROR;
  7430. } else {
  7431. ret = 0;
  7432. }
  7433. }
  7434. printf(resultFmt, ret == 0 ? passed : failed);
  7435. #endif
  7436. return ret;
  7437. } /*END test_wc_CamelliaSetIV*/
  7438. /*
  7439. * Test wc_CamelliaEncryptDirect and wc_CamelliaDecryptDirect
  7440. */
  7441. static int test_wc_CamelliaEncryptDecryptDirect (void)
  7442. {
  7443. int ret = 0;
  7444. #ifdef HAVE_CAMELLIA
  7445. Camellia camellia;
  7446. static const byte key24[] =
  7447. {
  7448. 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
  7449. 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
  7450. 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77
  7451. };
  7452. static const byte iv[] =
  7453. {
  7454. 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
  7455. 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
  7456. };
  7457. static const byte plainT[] =
  7458. {
  7459. 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
  7460. 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A
  7461. };
  7462. byte enc[sizeof(plainT)];
  7463. byte dec[sizeof(enc)];
  7464. int camE = WOLFSSL_FATAL_ERROR;
  7465. int camD = WOLFSSL_FATAL_ERROR;
  7466. /*Init stack variables.*/
  7467. XMEMSET(enc, 0, 16);
  7468. XMEMSET(enc, 0, 16);
  7469. ret = wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24), iv);
  7470. if (ret == 0) {
  7471. ret = wc_CamelliaEncryptDirect(&camellia, enc, plainT);
  7472. if (ret == 0) {
  7473. ret = wc_CamelliaDecryptDirect(&camellia, dec, enc);
  7474. if (XMEMCMP(plainT, dec, CAMELLIA_BLOCK_SIZE)) {
  7475. ret = WOLFSSL_FATAL_ERROR;
  7476. }
  7477. }
  7478. }
  7479. printf(testingFmt, "wc_CamelliaEncryptDirect()");
  7480. /* Pass bad args. */
  7481. if (ret == 0) {
  7482. camE = wc_CamelliaEncryptDirect(NULL, enc, plainT);
  7483. if (camE == BAD_FUNC_ARG) {
  7484. camE = wc_CamelliaEncryptDirect(&camellia, NULL, plainT);
  7485. }
  7486. if (camE == BAD_FUNC_ARG) {
  7487. camE = wc_CamelliaEncryptDirect(&camellia, enc, NULL);
  7488. }
  7489. if (camE == BAD_FUNC_ARG) {
  7490. camE = 0;
  7491. } else {
  7492. camE = WOLFSSL_FATAL_ERROR;
  7493. }
  7494. }
  7495. printf(resultFmt, camE == 0 ? passed : failed);
  7496. if (camE != 0) {
  7497. return camE;
  7498. }
  7499. printf(testingFmt, "wc_CamelliaDecryptDirect()");
  7500. if (ret == 0) {
  7501. camD = wc_CamelliaDecryptDirect(NULL, dec, enc);
  7502. if (camD == BAD_FUNC_ARG) {
  7503. camD = wc_CamelliaDecryptDirect(&camellia, NULL, enc);
  7504. }
  7505. if (camD == BAD_FUNC_ARG) {
  7506. camD = wc_CamelliaDecryptDirect(&camellia, dec, NULL);
  7507. }
  7508. if (camD == BAD_FUNC_ARG) {
  7509. camD = 0;
  7510. } else {
  7511. camD = WOLFSSL_FATAL_ERROR;
  7512. }
  7513. }
  7514. printf(resultFmt, camD == 0 ? passed : failed);
  7515. if (camD != 0) {
  7516. return camD;
  7517. }
  7518. #endif
  7519. return ret;
  7520. } /* END test-wc_CamelliaEncryptDecryptDirect */
  7521. /*
  7522. * Testing wc_CamelliaCbcEncrypt and wc_CamelliaCbcDecrypt
  7523. */
  7524. static int test_wc_CamelliaCbcEncryptDecrypt (void)
  7525. {
  7526. int ret = 0;
  7527. #ifdef HAVE_CAMELLIA
  7528. Camellia camellia;
  7529. static const byte key24[] =
  7530. {
  7531. 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
  7532. 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
  7533. 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77
  7534. };
  7535. static const byte plainT[] =
  7536. {
  7537. 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
  7538. 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A
  7539. };
  7540. byte enc[CAMELLIA_BLOCK_SIZE];
  7541. byte dec[CAMELLIA_BLOCK_SIZE];
  7542. int camCbcE = WOLFSSL_FATAL_ERROR;
  7543. int camCbcD = WOLFSSL_FATAL_ERROR;
  7544. /* Init stack variables. */
  7545. XMEMSET(enc, 0, CAMELLIA_BLOCK_SIZE);
  7546. XMEMSET(enc, 0, CAMELLIA_BLOCK_SIZE);
  7547. ret = wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24), NULL);
  7548. if (ret == 0) {
  7549. ret = wc_CamelliaCbcEncrypt(&camellia, enc, plainT, CAMELLIA_BLOCK_SIZE);
  7550. if (ret != 0) {
  7551. ret = WOLFSSL_FATAL_ERROR;
  7552. }
  7553. }
  7554. if (ret == 0) {
  7555. ret = wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24), NULL);
  7556. if (ret == 0) {
  7557. ret = wc_CamelliaCbcDecrypt(&camellia, dec, enc, CAMELLIA_BLOCK_SIZE);
  7558. if (XMEMCMP(plainT, dec, CAMELLIA_BLOCK_SIZE)) {
  7559. ret = WOLFSSL_FATAL_ERROR;
  7560. }
  7561. }
  7562. }
  7563. printf(testingFmt, "wc_CamelliaCbcEncrypt");
  7564. /* Pass in bad args. */
  7565. if (ret == 0) {
  7566. camCbcE = wc_CamelliaCbcEncrypt(NULL, enc, plainT, CAMELLIA_BLOCK_SIZE);
  7567. if (camCbcE == BAD_FUNC_ARG) {
  7568. camCbcE = wc_CamelliaCbcEncrypt(&camellia, NULL, plainT,
  7569. CAMELLIA_BLOCK_SIZE);
  7570. }
  7571. if (camCbcE == BAD_FUNC_ARG) {
  7572. camCbcE = wc_CamelliaCbcEncrypt(&camellia, enc, NULL,
  7573. CAMELLIA_BLOCK_SIZE);
  7574. }
  7575. if (camCbcE == BAD_FUNC_ARG) {
  7576. camCbcE = 0;
  7577. } else {
  7578. camCbcE = WOLFSSL_FATAL_ERROR;
  7579. }
  7580. }
  7581. printf(resultFmt, camCbcE == 0 ? passed : failed);
  7582. if (camCbcE != 0) {
  7583. return camCbcE;
  7584. }
  7585. printf(testingFmt, "wc_CamelliaCbcDecrypt()");
  7586. if (ret == 0) {
  7587. camCbcD = wc_CamelliaCbcDecrypt(NULL, dec, enc, CAMELLIA_BLOCK_SIZE);
  7588. if (camCbcD == BAD_FUNC_ARG) {
  7589. camCbcD = wc_CamelliaCbcDecrypt(&camellia, NULL, enc,
  7590. CAMELLIA_BLOCK_SIZE);
  7591. }
  7592. if (camCbcD == BAD_FUNC_ARG) {
  7593. camCbcD = wc_CamelliaCbcDecrypt(&camellia, dec, NULL,
  7594. CAMELLIA_BLOCK_SIZE);
  7595. }
  7596. if (camCbcD == BAD_FUNC_ARG) {
  7597. camCbcD = 0;
  7598. } else {
  7599. camCbcD = WOLFSSL_FATAL_ERROR;
  7600. }
  7601. } /* END bad args. */
  7602. printf(resultFmt, camCbcD == 0 ? passed : failed);
  7603. if (camCbcD != 0) {
  7604. return camCbcD;
  7605. }
  7606. #endif
  7607. return ret;
  7608. } /* END test_wc_CamelliaCbcEncryptDecrypt */
  7609. /*
  7610. * Testing wc_RabbitSetKey()
  7611. */
  7612. static int test_wc_RabbitSetKey (void)
  7613. {
  7614. int ret = 0;
  7615. #ifndef NO_RABBIT
  7616. Rabbit rabbit;
  7617. const char* key = "\xAC\xC3\x51\xDC\xF1\x62\xFC\x3B"
  7618. "\xFE\x36\x3D\x2E\x29\x13\x28\x91";
  7619. const char* iv = "\x59\x7E\x26\xC1\x75\xF5\x73\xC3";
  7620. printf(testingFmt, "wc_RabbitSetKey()");
  7621. ret = wc_RabbitSetKey(&rabbit, (byte*)key, (byte*)iv);
  7622. /* Test bad args. */
  7623. if (ret == 0) {
  7624. ret = wc_RabbitSetKey(NULL, (byte*)key, (byte*)iv);
  7625. if (ret == BAD_FUNC_ARG) {
  7626. ret = wc_RabbitSetKey(&rabbit, NULL, (byte*)iv);
  7627. }
  7628. if (ret == BAD_FUNC_ARG) {
  7629. ret = wc_RabbitSetKey(&rabbit, (byte*)key, NULL);
  7630. }
  7631. }
  7632. printf(resultFmt, ret == 0 ? passed : failed);
  7633. #endif
  7634. return ret;
  7635. } /* END test_wc_RabbitSetKey */
  7636. /*
  7637. * Test wc_RabbitProcess()
  7638. */
  7639. static int test_wc_RabbitProcess (void)
  7640. {
  7641. int ret = 0;
  7642. #ifndef NO_RABBIT
  7643. Rabbit enc, dec;
  7644. byte cipher[25];
  7645. byte plain[25];
  7646. const char* key = "\xAC\xC3\x51\xDC\xF1\x62\xFC\x3B"
  7647. "\xFE\x36\x3D\x2E\x29\x13\x28\x91";
  7648. const char* iv = "\x59\x7E\x26\xC1\x75\xF5\x73\xC3";
  7649. const char* input = "Everyone gets Friday off.";
  7650. unsigned long int inlen = XSTRLEN(input);
  7651. /* Initialize stack variables. */
  7652. XMEMSET(cipher, 0, sizeof(cipher));
  7653. XMEMSET(plain, 0, sizeof(plain));
  7654. printf(testingFmt, "wc_RabbitProcess()");
  7655. ret = wc_RabbitSetKey(&enc, (byte*)key, (byte*)iv);
  7656. if (ret == 0) {
  7657. ret = wc_RabbitSetKey(&dec, (byte*)key, (byte*)iv);
  7658. }
  7659. if (ret == 0) {
  7660. ret = wc_RabbitProcess(&enc, cipher, (byte*)input, (word32)inlen);
  7661. }
  7662. if (ret == 0) {
  7663. ret = wc_RabbitProcess(&dec, plain, cipher, (word32)inlen);
  7664. if (ret != 0 || XMEMCMP(input, plain, inlen)) {
  7665. ret = WOLFSSL_FATAL_ERROR;
  7666. } else {
  7667. ret = 0;
  7668. }
  7669. }
  7670. /* Test bad args. */
  7671. if (ret == 0) {
  7672. ret = wc_RabbitProcess(NULL, plain, cipher, (word32)inlen);
  7673. if (ret == BAD_FUNC_ARG) {
  7674. ret = wc_RabbitProcess(&dec, NULL, cipher, (word32)inlen);
  7675. }
  7676. if (ret == BAD_FUNC_ARG) {
  7677. ret = wc_RabbitProcess(&dec, plain, NULL, (word32)inlen);
  7678. }
  7679. if (ret == BAD_FUNC_ARG) {
  7680. ret = 0;
  7681. } else {
  7682. ret = WOLFSSL_FATAL_ERROR;
  7683. }
  7684. }
  7685. printf(resultFmt, ret == 0 ? passed : failed);
  7686. #endif
  7687. return ret;
  7688. } /* END test_wc_RabbitProcess */
  7689. /*
  7690. * Testing wc_Arc4SetKey()
  7691. */
  7692. static int test_wc_Arc4SetKey (void)
  7693. {
  7694. int ret = 0;
  7695. #ifndef NO_RC4
  7696. Arc4 arc;
  7697. const char* key[] =
  7698. {
  7699. "\x01\x23\x45\x67\x89\xab\xcd\xef"
  7700. };
  7701. int keyLen = 8;
  7702. printf(testingFmt, "wc_Arch4SetKey()");
  7703. ret = wc_Arc4SetKey(&arc, (byte*)key, keyLen);
  7704. /* Test bad args. */
  7705. if (ret == 0) {
  7706. ret = wc_Arc4SetKey(NULL, (byte*)key, keyLen);
  7707. if (ret == BAD_FUNC_ARG) {
  7708. ret = wc_Arc4SetKey(&arc, NULL, keyLen);
  7709. }
  7710. if (ret == BAD_FUNC_ARG) {
  7711. /* Exits normally if keyLen is incorrect. */
  7712. ret = wc_Arc4SetKey(&arc, (byte*)key, 0);
  7713. } else {
  7714. ret = WOLFSSL_FATAL_ERROR;
  7715. }
  7716. } /* END test bad args. */
  7717. printf(resultFmt, ret == 0 ? passed : failed);
  7718. #endif
  7719. return ret;
  7720. } /* END test_wc_Arc4SetKey */
  7721. /*
  7722. * Testing wc_Arc4Process for ENC/DEC.
  7723. */
  7724. static int test_wc_Arc4Process (void)
  7725. {
  7726. int ret = 0;
  7727. #ifndef NO_RC4
  7728. Arc4 enc, dec;
  7729. const char* key[] = {"\x01\x23\x45\x67\x89\xab\xcd\xef"};
  7730. int keyLen = 8;
  7731. const char* input[] = {"\x01\x23\x45\x67\x89\xab\xcd\xef"};
  7732. byte cipher[8];
  7733. byte plain[8];
  7734. /* Init stack variables */
  7735. XMEMSET(cipher, 0, sizeof(cipher));
  7736. XMEMSET(plain, 0, sizeof(plain));
  7737. /* Use for async. */
  7738. ret = wc_Arc4Init(&enc, NULL, INVALID_DEVID);
  7739. if (ret == 0) {
  7740. ret = wc_Arc4Init(&dec, NULL, INVALID_DEVID);
  7741. }
  7742. printf(testingFmt, "wc_Arc4Process()");
  7743. if (ret == 0) {
  7744. ret = wc_Arc4SetKey(&enc, (byte*)key, keyLen);
  7745. }
  7746. if (ret == 0) {
  7747. ret = wc_Arc4SetKey(&dec, (byte*)key, keyLen);
  7748. }
  7749. if (ret == 0) {
  7750. ret = wc_Arc4Process(&enc, cipher, (byte*)input, keyLen);
  7751. }
  7752. if (ret == 0) {
  7753. ret = wc_Arc4Process(&dec, plain, cipher, keyLen);
  7754. if (ret != 0 || XMEMCMP(plain, input, keyLen)) {
  7755. ret = WOLFSSL_FATAL_ERROR;
  7756. } else {
  7757. ret = 0;
  7758. }
  7759. }
  7760. /* Bad args. */
  7761. if (ret == 0) {
  7762. ret = wc_Arc4Process(NULL, plain, cipher, keyLen);
  7763. if (ret == BAD_FUNC_ARG) {
  7764. ret = wc_Arc4Process(&dec, NULL, cipher, keyLen);
  7765. }
  7766. if (ret == BAD_FUNC_ARG) {
  7767. ret = wc_Arc4Process(&dec, plain, NULL, keyLen);
  7768. }
  7769. if (ret == BAD_FUNC_ARG) {
  7770. ret = 0;
  7771. } else {
  7772. ret = WOLFSSL_FATAL_ERROR;
  7773. }
  7774. }
  7775. printf(resultFmt, ret == 0 ? passed : failed);
  7776. wc_Arc4Free(&enc);
  7777. wc_Arc4Free(&dec);
  7778. #endif
  7779. return ret;
  7780. }/* END test_wc_Arc4Process */
  7781. /*
  7782. * Testing wc_Init RsaKey()
  7783. */
  7784. static int test_wc_InitRsaKey (void)
  7785. {
  7786. int ret = 0;
  7787. #ifndef NO_RSA
  7788. RsaKey key;
  7789. printf(testingFmt, "wc_InitRsaKey()");
  7790. ret = wc_InitRsaKey(&key, NULL);
  7791. /* Test bad args. */
  7792. if (ret == 0) {
  7793. ret = wc_InitRsaKey(NULL, NULL);
  7794. #ifndef HAVE_USER_RSA
  7795. if (ret == BAD_FUNC_ARG) {
  7796. ret = 0;
  7797. } else {
  7798. #else
  7799. if (ret == USER_CRYPTO_ERROR) {
  7800. ret = 0;
  7801. } else {
  7802. #endif
  7803. ret = WOLFSSL_FATAL_ERROR;
  7804. }
  7805. } /* end if */
  7806. if (wc_FreeRsaKey(&key) || ret != 0) {
  7807. ret = WOLFSSL_FATAL_ERROR;
  7808. }
  7809. printf(resultFmt, ret == 0 ? passed : failed);
  7810. #endif
  7811. return ret;
  7812. } /* END test_wc_InitRsaKey */
  7813. /*
  7814. * Testing wc_RsaPrivateKeyDecode()
  7815. */
  7816. static int test_wc_RsaPrivateKeyDecode (void)
  7817. {
  7818. int ret = 0;
  7819. #if !defined(NO_RSA) && (defined(USE_CERT_BUFFERS_1024)\
  7820. || defined(USE_CERT_BUFFERS_2048)) && !defined(HAVE_FIPS)
  7821. RsaKey key;
  7822. byte* tmp;
  7823. word32 idx = 0;
  7824. int bytes = 0;
  7825. printf(testingFmt, "wc_RsaPrivateKeyDecode()");
  7826. tmp = (byte*)XMALLOC(FOURK_BUF, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  7827. if (tmp == NULL) {
  7828. ret = WOLFSSL_FATAL_ERROR;
  7829. }
  7830. if (ret == 0) {
  7831. ret = wc_InitRsaKey(&key, NULL);
  7832. }
  7833. if (ret == 0) {
  7834. #ifdef USE_CERT_BUFFERS_1024
  7835. XMEMCPY(tmp, client_key_der_1024, sizeof_client_key_der_1024);
  7836. bytes = sizeof_client_key_der_1024;
  7837. #else
  7838. XMEMCPY(tmp, client_key_der_2048, sizeof_client_key_der_2048);
  7839. bytes = sizeof_client_key_der_2048;
  7840. #endif /* Use cert buffers. */
  7841. ret = wc_RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes);
  7842. }
  7843. #ifndef HAVE_USER_RSA
  7844. /* Test bad args. */
  7845. if (ret == 0) {
  7846. ret = wc_RsaPrivateKeyDecode(NULL, &idx, &key, (word32)bytes);
  7847. if (ret == ASN_PARSE_E) {
  7848. ret = wc_RsaPrivateKeyDecode(tmp, NULL, &key, (word32)bytes);
  7849. }
  7850. if (ret == BAD_FUNC_ARG) {
  7851. ret = wc_RsaPrivateKeyDecode(tmp, &idx, NULL, (word32)bytes);
  7852. }
  7853. if (ret == ASN_PARSE_E) {
  7854. ret = 0;
  7855. } else {
  7856. ret = WOLFSSL_FATAL_ERROR;
  7857. }
  7858. }
  7859. #else
  7860. /* Test bad args. User RSA. */
  7861. if (ret == 0) {
  7862. ret = wc_RsaPrivateKeyDecode(NULL, &idx, &key, (word32)bytes);
  7863. if (ret == USER_CRYPTO_ERROR) {
  7864. ret = wc_RsaPrivateKeyDecode(tmp, NULL, &key, (word32)bytes);
  7865. }
  7866. if (ret == USER_CRYPTO_ERROR) {
  7867. ret = wc_RsaPrivateKeyDecode(tmp, &idx, NULL, (word32)bytes);
  7868. }
  7869. if (ret == USER_CRYPTO_ERROR) {
  7870. ret = 0;
  7871. } else {
  7872. ret = WOLFSSL_FATAL_ERROR;
  7873. }
  7874. }
  7875. #endif
  7876. if (tmp != NULL) {
  7877. XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  7878. }
  7879. if (wc_FreeRsaKey(&key) || ret != 0) {
  7880. ret = WOLFSSL_FATAL_ERROR;
  7881. }
  7882. printf(resultFmt, ret == 0 ? passed : failed);
  7883. #endif
  7884. return ret;
  7885. } /* END test_wc_RsaPrivateKeyDecode */
  7886. /*
  7887. * Testing wc_RsaPublicKeyDecode()
  7888. */
  7889. static int test_wc_RsaPublicKeyDecode (void)
  7890. {
  7891. int ret = 0;
  7892. #if !defined(NO_RSA) && (defined(USE_CERT_BUFFERS_1024)\
  7893. || defined(USE_CERT_BUFFERS_2048)) && !defined(HAVE_FIPS)
  7894. RsaKey keyPub;
  7895. byte* tmp;
  7896. word32 idx = 0;
  7897. int bytes = 0;
  7898. tmp = (byte*)XMALLOC(GEN_BUF, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  7899. if (tmp == NULL) {
  7900. ret = WOLFSSL_FATAL_ERROR;
  7901. }
  7902. if (ret == 0) {
  7903. ret = wc_InitRsaKey(&keyPub, NULL);
  7904. }
  7905. if (ret == 0) {
  7906. #ifdef USE_CERT_BUFFERS_1024
  7907. XMEMCPY(tmp, client_keypub_der_1024, sizeof_client_keypub_der_1024);
  7908. bytes = sizeof_client_keypub_der_1024;
  7909. #else
  7910. XMEMCPY(tmp, client_keypub_der_2048, sizeof_client_keypub_der_2048);
  7911. bytes = sizeof_client_keypub_der_2048;
  7912. #endif
  7913. printf(testingFmt, "wc_RsaPublicKeyDecode()");
  7914. ret = wc_RsaPublicKeyDecode(tmp, &idx, &keyPub, (word32)bytes);
  7915. }
  7916. #ifndef HAVE_USER_RSA
  7917. /* Pass in bad args. */
  7918. if (ret == 0) {
  7919. ret = wc_RsaPublicKeyDecode(NULL, &idx, &keyPub, (word32)bytes);
  7920. if (ret == BAD_FUNC_ARG) {
  7921. ret = wc_RsaPublicKeyDecode(tmp, NULL, &keyPub, (word32)bytes);
  7922. }
  7923. if (ret == BAD_FUNC_ARG) {
  7924. ret = wc_RsaPublicKeyDecode(tmp, &idx, NULL, (word32)bytes);
  7925. }
  7926. if (ret == BAD_FUNC_ARG) {
  7927. ret = 0;
  7928. } else {
  7929. ret = WOLFSSL_FATAL_ERROR;
  7930. }
  7931. }
  7932. #else
  7933. /* Pass in bad args. */
  7934. if (ret == 0) {
  7935. ret = wc_RsaPublicKeyDecode(NULL, &idx, &keyPub, (word32)bytes);
  7936. if (ret == USER_CRYPTO_ERROR) {
  7937. ret = wc_RsaPublicKeyDecode(tmp, NULL, &keyPub, (word32)bytes);
  7938. }
  7939. if (ret == USER_CRYPTO_ERROR) {
  7940. ret = wc_RsaPublicKeyDecode(tmp, &idx, NULL, (word32)bytes);
  7941. }
  7942. if (ret == USER_CRYPTO_ERROR) {
  7943. ret = 0;
  7944. } else {
  7945. ret = WOLFSSL_FATAL_ERROR;
  7946. }
  7947. }
  7948. #endif
  7949. if (tmp != NULL) {
  7950. XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  7951. }
  7952. if (wc_FreeRsaKey(&keyPub) || ret != 0) {
  7953. ret = WOLFSSL_FATAL_ERROR;
  7954. }
  7955. printf(resultFmt, ret == 0 ? passed : failed);
  7956. #endif
  7957. return ret;
  7958. } /* END test_wc_RsaPublicKeyDecode */
  7959. /*
  7960. * Testing wc_RsaPublicKeyDecodeRaw()
  7961. */
  7962. static int test_wc_RsaPublicKeyDecodeRaw (void)
  7963. {
  7964. int ret = 0;
  7965. #if !defined(NO_RSA)
  7966. RsaKey key;
  7967. const byte n = 0x23;
  7968. const byte e = 0x03;
  7969. int nSz = sizeof(n);
  7970. int eSz = sizeof(e);
  7971. printf(testingFmt, "wc_RsaPublicKeyDecodeRaw()");
  7972. ret = wc_InitRsaKey(&key, NULL);
  7973. if (ret == 0) {
  7974. ret = wc_RsaPublicKeyDecodeRaw(&n, nSz, &e, eSz, &key);
  7975. }
  7976. #ifndef HAVE_USER_RSA
  7977. /* Pass in bad args. */
  7978. if (ret == 0) {
  7979. ret = wc_RsaPublicKeyDecodeRaw(NULL, nSz, &e, eSz, &key);
  7980. if (ret == BAD_FUNC_ARG) {
  7981. ret = wc_RsaPublicKeyDecodeRaw(&n, nSz, NULL, eSz, &key);
  7982. }
  7983. if (ret == BAD_FUNC_ARG) {
  7984. ret = wc_RsaPublicKeyDecodeRaw(&n, nSz, &e, eSz, NULL);
  7985. }
  7986. if (ret == BAD_FUNC_ARG) {
  7987. ret = 0;
  7988. } else {
  7989. ret = WOLFSSL_FATAL_ERROR;
  7990. }
  7991. }
  7992. #else
  7993. /* Pass in bad args. User RSA. */
  7994. if (ret == 0) {
  7995. ret = wc_RsaPublicKeyDecodeRaw(NULL, nSz, &e, eSz, &key);
  7996. if (ret == USER_CRYPTO_ERROR) {
  7997. ret = wc_RsaPublicKeyDecodeRaw(&n, nSz, NULL, eSz, &key);
  7998. }
  7999. if (ret == USER_CRYPTO_ERROR) {
  8000. ret = wc_RsaPublicKeyDecodeRaw(&n, nSz, &e, eSz, NULL);
  8001. }
  8002. if (ret == USER_CRYPTO_ERROR) {
  8003. ret = 0;
  8004. } else {
  8005. ret = WOLFSSL_FATAL_ERROR;
  8006. }
  8007. }
  8008. #endif
  8009. if (wc_FreeRsaKey(&key) || ret != 0) {
  8010. ret = WOLFSSL_FATAL_ERROR;
  8011. }
  8012. printf(resultFmt, ret == 0 ? passed : failed);
  8013. #endif
  8014. return ret;
  8015. } /* END test_wc_RsaPublicKeyDecodeRaw */
  8016. #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
  8017. /* In FIPS builds, wc_MakeRsaKey() will return an error if it cannot find
  8018. * a probable prime in 5*(modLen/2) attempts. In non-FIPS builds, it keeps
  8019. * trying until it gets a probable prime. */
  8020. #ifdef WOLFSSL_FIPS
  8021. static int MakeRsaKeyRetry(RsaKey* key, int size, long e, WC_RNG* rng)
  8022. {
  8023. int ret;
  8024. for (;;) {
  8025. ret = wc_MakeRsaKey(key, size, e, rng);
  8026. if (ret != PRIME_GEN_E) break;
  8027. printf("MakeRsaKey couldn't find prime; trying again.\n");
  8028. }
  8029. return ret;
  8030. }
  8031. #define MAKE_RSA_KEY(a, b, c, d) MakeRsaKeyRetry(a, b, c, d)
  8032. #else
  8033. #define MAKE_RSA_KEY(a, b, c, d) wc_MakeRsaKey(a, b, c, d)
  8034. #endif
  8035. #endif
  8036. /*
  8037. * Testing wc_MakeRsaKey()
  8038. */
  8039. static int test_wc_MakeRsaKey (void)
  8040. {
  8041. int ret = 0;
  8042. #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
  8043. RsaKey genKey;
  8044. WC_RNG rng;
  8045. printf(testingFmt, "wc_MakeRsaKey()");
  8046. ret = wc_InitRsaKey(&genKey, NULL);
  8047. if (ret == 0) {
  8048. ret = wc_InitRng(&rng);
  8049. if (ret == 0) {
  8050. ret = MAKE_RSA_KEY(&genKey, 1024, WC_RSA_EXPONENT, &rng);
  8051. if (ret == 0 && wc_FreeRsaKey(&genKey) != 0) {
  8052. ret = WOLFSSL_FATAL_ERROR;
  8053. }
  8054. }
  8055. }
  8056. #ifndef HAVE_USER_RSA
  8057. /* Test bad args. */
  8058. if (ret == 0) {
  8059. ret = MAKE_RSA_KEY(NULL, 1024, WC_RSA_EXPONENT, &rng);
  8060. if (ret == BAD_FUNC_ARG) {
  8061. ret = MAKE_RSA_KEY(&genKey, 1024, WC_RSA_EXPONENT, NULL);
  8062. }
  8063. if (ret == BAD_FUNC_ARG) {
  8064. /* e < 3 */
  8065. ret = MAKE_RSA_KEY(&genKey, 1024, 2, &rng);
  8066. }
  8067. if (ret == BAD_FUNC_ARG) {
  8068. /* e & 1 == 0 */
  8069. ret = MAKE_RSA_KEY(&genKey, 1024, 6, &rng);
  8070. }
  8071. if (ret == BAD_FUNC_ARG) {
  8072. ret = 0;
  8073. } else {
  8074. ret = WOLFSSL_FATAL_ERROR;
  8075. }
  8076. }
  8077. #else
  8078. /* Test bad args. */
  8079. if (ret == 0) {
  8080. ret = MAKE_RSA_KEY(NULL, 1024, WC_RSA_EXPONENT, &rng);
  8081. if (ret == USER_CRYPTO_ERROR) {
  8082. ret = MAKE_RSA_KEY(&genKey, 1024, WC_RSA_EXPONENT, NULL);
  8083. }
  8084. if (ret == USER_CRYPTO_ERROR) {
  8085. /* e < 3 */
  8086. ret = MAKE_RSA_KEY(&genKey, 1024, 2, &rng);
  8087. }
  8088. if (ret == USER_CRYPTO_ERROR) {
  8089. /* e & 1 == 0 */
  8090. ret = MAKE_RSA_KEY(&genKey, 1024, 6, &rng);
  8091. }
  8092. if (ret == USER_CRYPTO_ERROR) {
  8093. ret = 0;
  8094. } else {
  8095. ret = WOLFSSL_FATAL_ERROR;
  8096. }
  8097. }
  8098. #endif
  8099. if (wc_FreeRng(&rng) || ret != 0) {
  8100. ret = WOLFSSL_FATAL_ERROR;
  8101. }
  8102. printf(resultFmt, ret == 0 ? passed : failed);
  8103. #endif
  8104. return ret;
  8105. } /* END test_wc_MakeRsaKey */
  8106. /*
  8107. * Test the bounds checking on the cipher text versus the key modulus.
  8108. * 1. Make a new RSA key.
  8109. * 2. Set c to 1.
  8110. * 3. Decrypt c into k. (error)
  8111. * 4. Copy the key modulus to c and sub 1 from the copy.
  8112. * 5. Decrypt c into k. (error)
  8113. * Valid bounds test cases are covered by all the other RSA tests.
  8114. */
  8115. static int test_RsaDecryptBoundsCheck(void)
  8116. {
  8117. int ret = 0;
  8118. #if !defined(NO_RSA) && defined(WC_RSA_NO_PADDING) && \
  8119. (defined(USE_CERT_BUFFERS_1024) || defined(USE_CERT_BUFFERS_2048)) && \
  8120. defined(WOLFSSL_PUBLIC_MP) && !defined(NO_RSA_BOUNDS_CHECK)
  8121. RsaKey key;
  8122. byte flatC[256];
  8123. word32 flatCSz;
  8124. byte out[256];
  8125. word32 outSz = sizeof(out);
  8126. WC_RNG rng;
  8127. printf(testingFmt, "RSA decrypt bounds check");
  8128. ret = wc_InitRng(&rng);
  8129. if (ret == 0)
  8130. ret = wc_InitRsaKey(&key, NULL);
  8131. if (ret == 0) {
  8132. const byte* derKey;
  8133. word32 derKeySz;
  8134. word32 idx = 0;
  8135. #ifdef USE_CERT_BUFFERS_1024
  8136. derKey = server_key_der_1024;
  8137. derKeySz = (word32)sizeof_server_key_der_1024;
  8138. flatCSz = 128;
  8139. #else
  8140. derKey = server_key_der_2048;
  8141. derKeySz = (word32)sizeof_server_key_der_2048;
  8142. flatCSz = 256;
  8143. #endif
  8144. ret = wc_RsaPrivateKeyDecode(derKey, &idx, &key, derKeySz);
  8145. }
  8146. if (ret == 0) {
  8147. XMEMSET(flatC, 0, flatCSz);
  8148. flatC[flatCSz-1] = 1;
  8149. ret = wc_RsaDirect(flatC, flatCSz, out, &outSz, &key,
  8150. RSA_PRIVATE_DECRYPT, &rng);
  8151. }
  8152. if (ret == RSA_OUT_OF_RANGE_E) {
  8153. mp_int c;
  8154. mp_init_copy(&c, &key.n);
  8155. mp_sub_d(&c, 1, &c);
  8156. mp_to_unsigned_bin(&c, flatC);
  8157. ret = wc_RsaDirect(flatC, sizeof(flatC), out, &outSz, &key,
  8158. RSA_PRIVATE_DECRYPT, NULL);
  8159. mp_clear(&c);
  8160. }
  8161. if (ret == RSA_OUT_OF_RANGE_E)
  8162. ret = 0;
  8163. if (wc_FreeRsaKey(&key) || wc_FreeRng(&rng) || ret != 0)
  8164. ret = WOLFSSL_FATAL_ERROR;
  8165. printf(resultFmt, ret == 0 ? passed : failed);
  8166. #endif
  8167. return ret;
  8168. } /* END test_wc_RsaDecryptBoundsCheck */
  8169. /*
  8170. * Testing wc_SetKeyUsage()
  8171. */
  8172. static int test_wc_SetKeyUsage (void)
  8173. {
  8174. int ret = 0;
  8175. #if !defined(NO_RSA) && defined(WOLFSSL_CERT_EXT) && !defined(HAVE_FIPS)
  8176. Cert myCert;
  8177. ret = wc_InitCert(&myCert);
  8178. printf(testingFmt, "wc_SetKeyUsage()");
  8179. if (ret == 0) {
  8180. ret = wc_SetKeyUsage(&myCert, "keyEncipherment,keyAgreement");
  8181. if (ret == 0) {
  8182. ret = wc_SetKeyUsage(&myCert, "digitalSignature,nonRepudiation");
  8183. }
  8184. if (ret == 0) {
  8185. ret = wc_SetKeyUsage(&myCert, "contentCommitment,encipherOnly");
  8186. }
  8187. if (ret == 0) {
  8188. ret = wc_SetKeyUsage(&myCert, "decipherOnly");
  8189. }
  8190. if (ret == 0) {
  8191. ret = wc_SetKeyUsage(&myCert, "cRLSign,keyCertSign");
  8192. }
  8193. }
  8194. /* Test bad args. */
  8195. if (ret == 0) {
  8196. ret = wc_SetKeyUsage(NULL, "decipherOnly");
  8197. if (ret == BAD_FUNC_ARG) {
  8198. ret = wc_SetKeyUsage(&myCert, NULL);
  8199. }
  8200. if (ret == BAD_FUNC_ARG) {
  8201. ret = wc_SetKeyUsage(&myCert, "");
  8202. }
  8203. if (ret == KEYUSAGE_E) {
  8204. ret = wc_SetKeyUsage(&myCert, ",");
  8205. }
  8206. if (ret == KEYUSAGE_E) {
  8207. ret = wc_SetKeyUsage(&myCert, "digitalSignature, cRLSign");
  8208. }
  8209. if (ret == KEYUSAGE_E) {
  8210. ret = 0;
  8211. } else {
  8212. ret = WOLFSSL_FATAL_ERROR;
  8213. }
  8214. }
  8215. printf(resultFmt, ret == 0 ? passed : failed);
  8216. #endif
  8217. return ret;
  8218. } /* END test_wc_SetKeyUsage */
  8219. /*
  8220. * Testing wc_RsaKeyToDer()
  8221. */
  8222. static int test_wc_RsaKeyToDer (void)
  8223. {
  8224. int ret = 0;
  8225. #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
  8226. RsaKey genKey;
  8227. WC_RNG rng;
  8228. byte* der;
  8229. word32 derSz = 611;
  8230. /* (2 x 128) + 2 (possible leading 00) + (5 x 64) + 5 (possible leading 00)
  8231. + 3 (e) + 8 (ASN tag) + 10 (ASN length) + 4 seqSz + 3 version */
  8232. der = (byte*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  8233. if (der == NULL) {
  8234. ret = WOLFSSL_FATAL_ERROR;
  8235. }
  8236. /* Init structures. */
  8237. if (ret == 0) {
  8238. ret = wc_InitRsaKey(&genKey, NULL);
  8239. }
  8240. if (ret == 0) {
  8241. ret = wc_InitRng(&rng);
  8242. }
  8243. /* Make key. */
  8244. if (ret == 0) {
  8245. ret = MAKE_RSA_KEY(&genKey, 1024, WC_RSA_EXPONENT, &rng);
  8246. if (ret != 0) {
  8247. ret = WOLFSSL_FATAL_ERROR;
  8248. }
  8249. }
  8250. printf(testingFmt, "wc_RsaKeyToDer()");
  8251. if (ret == 0) {
  8252. ret = wc_RsaKeyToDer(&genKey, der, derSz);
  8253. if (ret > 0) {
  8254. ret = 0;
  8255. } else {
  8256. ret = WOLFSSL_FATAL_ERROR;
  8257. }
  8258. }
  8259. #ifndef HAVE_USER_RSA
  8260. /* Pass bad args. */
  8261. if (ret == 0) {
  8262. ret = wc_RsaKeyToDer(NULL, der, FOURK_BUF);
  8263. if (ret == BAD_FUNC_ARG) {
  8264. ret = wc_RsaKeyToDer(&genKey, NULL, FOURK_BUF);
  8265. }
  8266. if (ret == BAD_FUNC_ARG) {
  8267. /* Try Public Key. */
  8268. genKey.type = 0;
  8269. ret = wc_RsaKeyToDer(&genKey, der, FOURK_BUF);
  8270. }
  8271. if (ret == BAD_FUNC_ARG) {
  8272. ret = 0;
  8273. } else {
  8274. ret = WOLFSSL_FATAL_ERROR;
  8275. }
  8276. }
  8277. #else
  8278. /* Pass bad args. */
  8279. if (ret == 0) {
  8280. ret = wc_RsaKeyToDer(NULL, der, FOURK_BUF);
  8281. if (ret == USER_CRYPTO_ERROR) {
  8282. ret = wc_RsaKeyToDer(&genKey, NULL, FOURK_BUF);
  8283. }
  8284. if (ret == USER_CRYPTO_ERROR) {
  8285. /* Try Public Key. */
  8286. genKey.type = 0;
  8287. ret = wc_RsaKeyToDer(&genKey, der, FOURK_BUF);
  8288. }
  8289. if (ret == USER_CRYPTO_ERROR) {
  8290. ret = 0;
  8291. } else {
  8292. ret = WOLFSSL_FATAL_ERROR;
  8293. }
  8294. }
  8295. #endif
  8296. if (der != NULL) {
  8297. XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  8298. }
  8299. if (wc_FreeRsaKey(&genKey) || ret != 0) {
  8300. ret = WOLFSSL_FATAL_ERROR;
  8301. }
  8302. if (wc_FreeRng(&rng) || ret != 0) {
  8303. ret = WOLFSSL_FATAL_ERROR;
  8304. }
  8305. printf(resultFmt, ret == 0 ? passed : failed);
  8306. #endif
  8307. return ret;
  8308. } /* END test_wc_RsaKeyToDer */
  8309. /*
  8310. * Testing wc_RsaKeyToPublicDer()
  8311. */
  8312. static int test_wc_RsaKeyToPublicDer (void)
  8313. {
  8314. int ret = 0;
  8315. #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
  8316. RsaKey key;
  8317. WC_RNG rng;
  8318. byte* der;
  8319. word32 derLen = 162;
  8320. der = (byte*)XMALLOC(derLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  8321. if (der == NULL) {
  8322. ret = WOLFSSL_FATAL_ERROR;
  8323. }
  8324. if (ret == 0) {
  8325. ret = wc_InitRsaKey(&key, NULL);
  8326. }
  8327. if (ret == 0) {
  8328. ret = wc_InitRng(&rng);
  8329. }
  8330. if (ret == 0) {
  8331. ret = MAKE_RSA_KEY(&key, 1024, WC_RSA_EXPONENT, &rng);
  8332. }
  8333. printf(testingFmt, "wc_RsaKeyToPublicDer()");
  8334. if (ret == 0) {
  8335. ret = wc_RsaKeyToPublicDer(&key, der, derLen);
  8336. if (ret >= 0) {
  8337. ret = 0;
  8338. } else {
  8339. ret = WOLFSSL_FATAL_ERROR;
  8340. }
  8341. }
  8342. #ifndef HAVE_USER_RSA
  8343. /* Pass in bad args. */
  8344. if (ret == 0) {
  8345. ret = wc_RsaKeyToPublicDer(NULL, der, derLen);
  8346. if (ret == BAD_FUNC_ARG) {
  8347. ret = wc_RsaKeyToPublicDer(&key, NULL, derLen);
  8348. }
  8349. if (ret == BAD_FUNC_ARG) {
  8350. ret = wc_RsaKeyToPublicDer(&key, der, -1);
  8351. }
  8352. if (ret == BAD_FUNC_ARG) {
  8353. ret = 0;
  8354. } else {
  8355. ret = WOLFSSL_FATAL_ERROR;
  8356. }
  8357. }
  8358. #else
  8359. /* Pass in bad args. */
  8360. if (ret == 0) {
  8361. ret = wc_RsaKeyToPublicDer(NULL, der, derLen);
  8362. if (ret == USER_CRYPTO_ERROR) {
  8363. ret = wc_RsaKeyToPublicDer(&key, NULL, derLen);
  8364. }
  8365. if (ret == USER_CRYPTO_ERROR) {
  8366. ret = wc_RsaKeyToPublicDer(&key, der, -1);
  8367. }
  8368. if (ret == USER_CRYPTO_ERROR) {
  8369. ret = 0;
  8370. } else {
  8371. ret = WOLFSSL_FATAL_ERROR;
  8372. }
  8373. }
  8374. #endif
  8375. if (der != NULL) {
  8376. XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  8377. }
  8378. if (wc_FreeRsaKey(&key) || ret != 0) {
  8379. ret = WOLFSSL_FATAL_ERROR;
  8380. }
  8381. if (wc_FreeRng(&rng) || ret != 0) {
  8382. ret = WOLFSSL_FATAL_ERROR;
  8383. }
  8384. printf(resultFmt, ret == 0 ? passed : failed);
  8385. #endif
  8386. return ret;
  8387. } /* END test_wc_RsaKeyToPublicDer */
  8388. /*
  8389. * Testing wc_RsaPublicEncrypt() and wc_RsaPrivateDecrypt()
  8390. */
  8391. static int test_wc_RsaPublicEncryptDecrypt (void)
  8392. {
  8393. int ret = 0;
  8394. #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
  8395. RsaKey key;
  8396. WC_RNG rng;
  8397. const char* inStr = "Everyone gets Friday off.";
  8398. word32 cipherLen = 128;
  8399. word32 plainLen = 25;
  8400. word32 inLen = (word32)XSTRLEN(inStr);
  8401. DECLARE_VAR_INIT(in, byte, inLen, inStr, NULL);
  8402. DECLARE_VAR(plain, byte, plainLen, NULL);
  8403. DECLARE_VAR(cipher, byte, cipherLen, NULL);
  8404. ret = wc_InitRsaKey(&key, NULL);
  8405. if (ret == 0) {
  8406. ret = wc_InitRng(&rng);
  8407. }
  8408. if (ret == 0) {
  8409. ret = MAKE_RSA_KEY(&key, 1024, WC_RSA_EXPONENT, &rng);
  8410. }
  8411. /* Encrypt. */
  8412. printf(testingFmt, "wc_RsaPublicEncrypt()");
  8413. if (ret == 0) {
  8414. ret = wc_RsaPublicEncrypt(in, inLen, cipher, cipherLen, &key, &rng);
  8415. if (ret >= 0) {
  8416. cipherLen = ret;
  8417. ret = 0;
  8418. } else {
  8419. ret = WOLFSSL_FATAL_ERROR;
  8420. }
  8421. }
  8422. /* Pass bad args. */
  8423. /* Tests PsaPublicEncryptEx() which, is tested by another fn. No need dup.*/
  8424. printf(resultFmt, ret == 0 ? passed : failed);
  8425. if (ret != 0) {
  8426. return ret;
  8427. }
  8428. /* Decrypt */
  8429. printf(testingFmt, "wc_RsaPrivateDecrypt()");
  8430. #if defined(WC_RSA_BLINDING)
  8431. /* Bind rng */
  8432. if (ret == 0) {
  8433. ret = wc_RsaSetRNG(&key, &rng);
  8434. }
  8435. #endif
  8436. if (ret == 0) {
  8437. ret = wc_RsaPrivateDecrypt(cipher, cipherLen, plain, plainLen, &key);
  8438. }
  8439. if (ret >= 0) {
  8440. ret = XMEMCMP(plain, inStr, plainLen);
  8441. }
  8442. /* Pass in bad args. */
  8443. /* Tests RsaPrivateDecryptEx() which, is tested by another fn. No need dup.*/
  8444. FREE_VAR(in, NULL);
  8445. FREE_VAR(plain, NULL);
  8446. FREE_VAR(cipher, NULL);
  8447. if (wc_FreeRsaKey(&key) || ret != 0) {
  8448. ret = WOLFSSL_FATAL_ERROR;
  8449. }
  8450. if (wc_FreeRng(&rng) || ret != 0) {
  8451. ret = WOLFSSL_FATAL_ERROR;
  8452. }
  8453. printf(resultFmt, ret == 0 ? passed : failed);
  8454. #endif
  8455. return ret;
  8456. } /* END test_wc_RsaPublicEncryptDecrypt */
  8457. /*
  8458. * Testing wc_RsaPrivateDecrypt_ex() and wc_RsaPrivateDecryptInline_ex()
  8459. */
  8460. static int test_wc_RsaPublicEncryptDecrypt_ex (void)
  8461. {
  8462. int ret = 0;
  8463. #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(HAVE_FIPS)\
  8464. && !defined(WC_NO_RSA_OAEP) && !defined(HAVE_USER_RSA)\
  8465. && !defined(NO_SHA)
  8466. RsaKey key;
  8467. WC_RNG rng;
  8468. const char* inStr = "Everyone gets Friday off.";
  8469. word32 inLen = (word32)XSTRLEN(inStr);
  8470. const word32 cipherSz = 128;
  8471. const word32 plainSz = 25;
  8472. byte* res = NULL;
  8473. int idx = 0;
  8474. DECLARE_VAR_INIT(in, byte, inLen, inStr, NULL);
  8475. DECLARE_VAR(plain, byte, plainSz, NULL);
  8476. DECLARE_VAR(cipher, byte, cipherSz, NULL);
  8477. /* Initialize stack structures. */
  8478. XMEMSET(&rng, 0, sizeof(rng));
  8479. XMEMSET(&key, 0, sizeof(key));
  8480. ret = wc_InitRsaKey_ex(&key, NULL, INVALID_DEVID);
  8481. if (ret == 0) {
  8482. ret = wc_InitRng(&rng);
  8483. }
  8484. if (ret == 0) {
  8485. ret = MAKE_RSA_KEY(&key, 1024, WC_RSA_EXPONENT, &rng);
  8486. }
  8487. /* Encrypt */
  8488. printf(testingFmt, "wc_RsaPublicEncrypt_ex()");
  8489. if (ret == 0) {
  8490. ret = wc_RsaPublicEncrypt_ex(in, inLen, cipher, cipherSz, &key, &rng,
  8491. WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA, WC_MGF1SHA1, NULL, 0);
  8492. if (ret >= 0) {
  8493. idx = ret;
  8494. ret = 0;
  8495. } else {
  8496. ret = WOLFSSL_FATAL_ERROR;
  8497. }
  8498. }
  8499. /*Pass bad args.*/
  8500. /* Tests RsaPublicEncryptEx again. No need duplicate. */
  8501. printf(resultFmt, ret == 0 ? passed : failed);
  8502. if (ret != 0) {
  8503. return ret;
  8504. }
  8505. /* Decrypt */
  8506. printf(testingFmt, "wc_RsaPrivateDecrypt_ex()");
  8507. #if defined(WC_RSA_BLINDING)
  8508. if (ret == 0) {
  8509. ret = wc_RsaSetRNG(&key, &rng);
  8510. }
  8511. #endif
  8512. if (ret == 0) {
  8513. ret = wc_RsaPrivateDecrypt_ex(cipher, (word32)idx,
  8514. plain, plainSz, &key, WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA,
  8515. WC_MGF1SHA1, NULL, 0);
  8516. }
  8517. if (ret >= 0) {
  8518. if (!XMEMCMP(plain, inStr, plainSz)) {
  8519. ret = 0;
  8520. } else {
  8521. ret = WOLFSSL_FATAL_ERROR;
  8522. }
  8523. }
  8524. /*Pass bad args.*/
  8525. /* Tests RsaPrivateDecryptEx() again. No need duplicate. */
  8526. printf(resultFmt, ret == 0 ? passed : failed);
  8527. if (ret != 0) {
  8528. return ret;
  8529. }
  8530. printf(testingFmt, "wc_RsaPrivateDecryptInline_ex()");
  8531. if (ret == 0) {
  8532. ret = wc_RsaPrivateDecryptInline_ex(cipher, (word32)idx,
  8533. &res, &key, WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA,
  8534. WC_MGF1SHA1, NULL, 0);
  8535. if (ret >= 0) {
  8536. if (!XMEMCMP(inStr, res, plainSz)) {
  8537. ret = 0;
  8538. } else {
  8539. ret = WOLFSSL_FATAL_ERROR;
  8540. }
  8541. }
  8542. }
  8543. FREE_VAR(in, NULL);
  8544. FREE_VAR(plain, NULL);
  8545. FREE_VAR(cipher, NULL);
  8546. if (wc_FreeRsaKey(&key) || ret != 0) {
  8547. ret = WOLFSSL_FATAL_ERROR;
  8548. }
  8549. if (wc_FreeRng(&rng) || ret != 0) {
  8550. ret = WOLFSSL_FATAL_ERROR;
  8551. }
  8552. printf(resultFmt, ret == 0 ? passed : failed);
  8553. #endif
  8554. return ret;
  8555. } /* END test_wc_RsaPublicEncryptDecrypt_ex */
  8556. /*
  8557. * Tesing wc_RsaSSL_Sign() and wc_RsaSSL_Verify()
  8558. */
  8559. static int test_wc_RsaSSL_SignVerify (void)
  8560. {
  8561. int ret = 0;
  8562. #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
  8563. RsaKey key;
  8564. WC_RNG rng;
  8565. const char* inStr = "Everyone gets Friday off.";
  8566. const word32 outSz = 128;
  8567. const word32 plainSz = 25;
  8568. word32 inLen = (word32)XSTRLEN(inStr);
  8569. word32 idx = 0;
  8570. DECLARE_VAR_INIT(in, byte, inLen, inStr, NULL);
  8571. DECLARE_VAR(out, byte, outSz, NULL);
  8572. DECLARE_VAR(plain, byte, plainSz, NULL);
  8573. ret = wc_InitRsaKey(&key, NULL);
  8574. if (ret == 0) {
  8575. ret = wc_InitRng(&rng);
  8576. }
  8577. if (ret == 0) {
  8578. ret = MAKE_RSA_KEY(&key, 1024, WC_RSA_EXPONENT, &rng);
  8579. }
  8580. /* Sign. */
  8581. printf(testingFmt, "wc_RsaSSL_Sign()");
  8582. if (ret == 0) {
  8583. ret = wc_RsaSSL_Sign(in, inLen, out, outSz, &key, &rng);
  8584. if (ret == (int)outSz) {
  8585. idx = ret;
  8586. ret = 0;
  8587. } else {
  8588. ret = WOLFSSL_FATAL_ERROR;
  8589. }
  8590. }
  8591. #ifndef HAVE_USER_RSA
  8592. /* Test bad args. */
  8593. if (ret == 0) {
  8594. ret = wc_RsaSSL_Sign(NULL, inLen, out, outSz, &key, &rng);
  8595. if (ret == BAD_FUNC_ARG) {
  8596. ret = wc_RsaSSL_Sign(in, 0, out, outSz, &key, &rng);
  8597. }
  8598. if (ret == BAD_FUNC_ARG) {
  8599. ret = wc_RsaSSL_Sign(in, inLen, NULL, outSz, &key, &rng);
  8600. }
  8601. if (ret == BAD_FUNC_ARG) {
  8602. ret = wc_RsaSSL_Sign(in, inLen, out, outSz, NULL, &rng);
  8603. }
  8604. if (ret == BAD_FUNC_ARG) {
  8605. ret = 0;
  8606. } else {
  8607. ret = WOLFSSL_FATAL_ERROR;
  8608. }
  8609. }
  8610. #else
  8611. /* Test bad args. */
  8612. if (ret == 0) {
  8613. ret = wc_RsaSSL_Sign(NULL, inLen, out, outSz, &key, &rng);
  8614. if (ret == USER_CRYPTO_ERROR) {
  8615. ret = wc_RsaSSL_Sign(in, 0, out, outSz, &key, &rng);
  8616. }
  8617. if (ret == USER_CRYPTO_ERROR) {
  8618. ret = wc_RsaSSL_Sign(in, inLen, NULL, outSz, &key, &rng);
  8619. }
  8620. if (ret == USER_CRYPTO_ERROR) {
  8621. ret = wc_RsaSSL_Sign(in, inLen, out, outSz, NULL, &rng);
  8622. }
  8623. if (ret == USER_CRYPTO_ERROR) {
  8624. ret = 0;
  8625. } else {
  8626. ret = WOLFSSL_FATAL_ERROR;
  8627. }
  8628. }
  8629. #endif
  8630. printf(resultFmt, ret == 0 ? passed : failed);
  8631. if (ret != 0) {
  8632. return ret;
  8633. }
  8634. /* Verify. */
  8635. printf(testingFmt, "wc_RsaSSL_Verify()");
  8636. if (ret == 0) {
  8637. ret = wc_RsaSSL_Verify(out, idx, plain, plainSz, &key);
  8638. if (ret == (int)inLen) {
  8639. ret = 0;
  8640. } else {
  8641. ret = WOLFSSL_FATAL_ERROR;
  8642. }
  8643. }
  8644. #ifndef HAVE_USER_RSA
  8645. /* Pass bad args. */
  8646. if (ret == 0) {
  8647. ret = wc_RsaSSL_Verify(NULL, idx, plain, plainSz, &key);
  8648. if (ret == BAD_FUNC_ARG) {
  8649. ret = wc_RsaSSL_Verify(out, 0, plain, plainSz, &key);
  8650. }
  8651. if (ret == BAD_FUNC_ARG) {
  8652. ret = wc_RsaSSL_Verify(out, idx, NULL, plainSz, &key);
  8653. }
  8654. if (ret == BAD_FUNC_ARG) {
  8655. ret = wc_RsaSSL_Verify(out, idx, plain, plainSz, NULL);
  8656. }
  8657. if (ret == BAD_FUNC_ARG) {
  8658. ret = 0;
  8659. } else {
  8660. ret = WOLFSSL_FATAL_ERROR;
  8661. }
  8662. }
  8663. #else
  8664. /* Pass bad args. */
  8665. if (ret == 0) {
  8666. ret = wc_RsaSSL_Verify(NULL, idx, plain, plainSz, &key);
  8667. if (ret == USER_CRYPTO_ERROR) {
  8668. ret = wc_RsaSSL_Verify(out, 0, plain, plainSz, &key);
  8669. }
  8670. if (ret == USER_CRYPTO_ERROR) {
  8671. ret = wc_RsaSSL_Verify(out, idx, NULL, plainSz, &key);
  8672. }
  8673. if (ret == USER_CRYPTO_ERROR) {
  8674. ret = wc_RsaSSL_Verify(out, idx, plain, plainSz, NULL);
  8675. }
  8676. if (ret == USER_CRYPTO_ERROR) {
  8677. ret = 0;
  8678. } else {
  8679. ret = WOLFSSL_FATAL_ERROR;
  8680. }
  8681. }
  8682. #endif
  8683. FREE_VAR(in, NULL);
  8684. FREE_VAR(out, NULL);
  8685. FREE_VAR(plain, NULL);
  8686. if (wc_FreeRsaKey(&key) || ret != 0) {
  8687. ret = WOLFSSL_FATAL_ERROR;
  8688. }
  8689. if (wc_FreeRng(&rng) || ret != 0) {
  8690. ret = WOLFSSL_FATAL_ERROR;
  8691. }
  8692. printf(resultFmt, ret == 0 ? passed : failed);
  8693. #endif
  8694. return ret;
  8695. } /* END test_wc_RsaSSL_SignVerify */
  8696. /*
  8697. * Testing wc_RsaEncryptSize()
  8698. */
  8699. static int test_wc_RsaEncryptSize (void)
  8700. {
  8701. int ret = 0;
  8702. #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
  8703. RsaKey key;
  8704. WC_RNG rng;
  8705. ret = wc_InitRsaKey(&key, NULL);
  8706. if (ret == 0) {
  8707. ret = wc_InitRng(&rng);
  8708. }
  8709. printf(testingFmt, "wc_RsaEncryptSize()");
  8710. if (ret == 0) {
  8711. ret = MAKE_RSA_KEY(&key, 1024, WC_RSA_EXPONENT, &rng);
  8712. if (ret == 0) {
  8713. ret = wc_RsaEncryptSize(&key);
  8714. }
  8715. if (ret == 128) {
  8716. ret = 0;
  8717. } else {
  8718. ret = WOLFSSL_FATAL_ERROR;
  8719. }
  8720. }
  8721. if (wc_FreeRsaKey(&key) || ret != 0) {
  8722. ret = WOLFSSL_FATAL_ERROR;
  8723. } else {
  8724. ret = 0;
  8725. }
  8726. if (ret == 0) {
  8727. ret = MAKE_RSA_KEY(&key, 2048, WC_RSA_EXPONENT, &rng);
  8728. if (ret == 0) {
  8729. ret = wc_RsaEncryptSize(&key);
  8730. }
  8731. if (ret == 256) {
  8732. ret = 0;
  8733. } else {
  8734. ret = WOLFSSL_FATAL_ERROR;
  8735. }
  8736. }
  8737. /* Pass in bad arg. */
  8738. if (ret == 0) {
  8739. ret = wc_RsaEncryptSize(NULL);
  8740. #ifndef HAVE_USER_RSA
  8741. if (ret == BAD_FUNC_ARG) {
  8742. ret = 0;
  8743. } else {
  8744. ret = WOLFSSL_FATAL_ERROR;
  8745. }
  8746. #endif
  8747. }
  8748. if (wc_FreeRsaKey(&key) || ret != 0) {
  8749. ret = WOLFSSL_FATAL_ERROR;
  8750. }
  8751. if (wc_FreeRng(&rng) || ret != 0) {
  8752. ret = WOLFSSL_FATAL_ERROR;
  8753. }
  8754. printf(resultFmt, ret == 0 ? passed : failed);
  8755. #endif
  8756. return ret;
  8757. } /* END test_wc_RsaEncryptSize*/
  8758. /*
  8759. * Testing wc_RsaFlattenPublicKey()
  8760. */
  8761. static int test_wc_RsaFlattenPublicKey (void)
  8762. {
  8763. int ret = 0;
  8764. #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
  8765. RsaKey key;
  8766. WC_RNG rng;
  8767. byte e[256];
  8768. byte n[256];
  8769. word32 eSz = sizeof(e);
  8770. word32 nSz = sizeof(n);
  8771. ret = wc_InitRsaKey(&key, NULL);
  8772. if (ret == 0) {
  8773. ret = wc_InitRng(&rng);
  8774. }
  8775. if (ret == 0) {
  8776. ret = MAKE_RSA_KEY(&key, 1024, WC_RSA_EXPONENT, &rng);
  8777. if (ret >= 0) {
  8778. ret = 0;
  8779. } else {
  8780. ret = WOLFSSL_FATAL_ERROR;
  8781. }
  8782. }
  8783. printf(testingFmt, "wc_RsaFlattenPublicKey()");
  8784. if (ret == 0) {
  8785. ret = wc_RsaFlattenPublicKey(&key, e, &eSz, n, &nSz);
  8786. }
  8787. #ifndef HAVE_USER_RSA
  8788. /* Pass bad args. */
  8789. if (ret == 0) {
  8790. ret = wc_RsaFlattenPublicKey(NULL, e, &eSz, n, &nSz);
  8791. if (ret == BAD_FUNC_ARG) {
  8792. ret = wc_RsaFlattenPublicKey(&key, NULL, &eSz, n, &nSz);
  8793. }
  8794. if (ret == BAD_FUNC_ARG) {
  8795. ret = wc_RsaFlattenPublicKey(&key, e, NULL, n, &nSz);
  8796. }
  8797. if (ret == BAD_FUNC_ARG) {
  8798. ret = wc_RsaFlattenPublicKey(&key, e, &eSz, NULL, &nSz);
  8799. }
  8800. if (ret == BAD_FUNC_ARG) {
  8801. ret = wc_RsaFlattenPublicKey(&key, e, &eSz, n, NULL);
  8802. }
  8803. if (ret == BAD_FUNC_ARG) {
  8804. ret = 0;
  8805. } else {
  8806. ret = WOLFSSL_FATAL_ERROR;
  8807. }
  8808. }
  8809. #else
  8810. /* Pass bad args. */
  8811. if (ret == 0) {
  8812. ret = wc_RsaFlattenPublicKey(NULL, e, &eSz, n, &nSz);
  8813. if (ret == USER_CRYPTO_ERROR) {
  8814. ret = wc_RsaFlattenPublicKey(&key, NULL, &eSz, n, &nSz);
  8815. }
  8816. if (ret == USER_CRYPTO_ERROR) {
  8817. ret = wc_RsaFlattenPublicKey(&key, e, NULL, n, &nSz);
  8818. }
  8819. if (ret == USER_CRYPTO_ERROR) {
  8820. ret = wc_RsaFlattenPublicKey(&key, e, &eSz, NULL, &nSz);
  8821. }
  8822. if (ret == USER_CRYPTO_ERROR) {
  8823. ret = wc_RsaFlattenPublicKey(&key, e, &eSz, n, NULL);
  8824. }
  8825. if (ret == USER_CRYPTO_ERROR) {
  8826. ret = 0;
  8827. } else {
  8828. ret = WOLFSSL_FATAL_ERROR;
  8829. }
  8830. }
  8831. #endif
  8832. if (wc_FreeRsaKey(&key) || ret != 0) {
  8833. ret = WOLFSSL_FATAL_ERROR;
  8834. }
  8835. if (wc_FreeRng(&rng) || ret != 0) {
  8836. ret = WOLFSSL_FATAL_ERROR;
  8837. }
  8838. printf(resultFmt, ret == 0 ? passed : failed);
  8839. #endif
  8840. return ret;
  8841. } /* END test_wc_RsaFlattenPublicKey */
  8842. /*
  8843. * unit test for wc_AesCcmSetKey
  8844. */
  8845. static int test_wc_AesCcmSetKey (void)
  8846. {
  8847. int ret = 0;
  8848. #ifdef HAVE_AESCCM
  8849. Aes aes;
  8850. const byte key16[] =
  8851. {
  8852. 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
  8853. 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf
  8854. };
  8855. const byte key24[] =
  8856. {
  8857. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  8858. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
  8859. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
  8860. };
  8861. const byte key32[] =
  8862. {
  8863. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  8864. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
  8865. 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
  8866. 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
  8867. };
  8868. printf(testingFmt, "wc_AesCcmSetKey()");
  8869. ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
  8870. if (ret != 0)
  8871. return ret;
  8872. #ifdef WOLFSSL_AES_128
  8873. ret = wc_AesCcmSetKey(&aes, key16, sizeof(key16));
  8874. #endif
  8875. #ifdef WOLFSSL_AES_192
  8876. if (ret == 0) {
  8877. ret = wc_AesCcmSetKey(&aes, key24, sizeof(key24));
  8878. }
  8879. #endif
  8880. #ifdef WOLFSSL_AES_256
  8881. if (ret == 0) {
  8882. ret = wc_AesCcmSetKey(&aes, key32, sizeof(key32));
  8883. }
  8884. #endif
  8885. /* Test bad args. */
  8886. if (ret == 0) {
  8887. ret = wc_AesCcmSetKey(&aes, key16, sizeof(key16) - 1);
  8888. if (ret == BAD_FUNC_ARG) {
  8889. ret = wc_AesCcmSetKey(&aes, key24, sizeof(key24) - 1);
  8890. }
  8891. if (ret == BAD_FUNC_ARG) {
  8892. ret = wc_AesCcmSetKey(&aes, key32, sizeof(key32) - 1);
  8893. }
  8894. if (ret != BAD_FUNC_ARG) {
  8895. ret = WOLFSSL_FATAL_ERROR;
  8896. } else {
  8897. ret = 0;
  8898. }
  8899. }
  8900. wc_AesFree(&aes);
  8901. printf(resultFmt, ret == 0 ? passed : failed);
  8902. #endif
  8903. return ret;
  8904. } /* END test_wc_AesCcmSetKey */
  8905. /*
  8906. * Unit test function for wc_AesCcmEncrypt and wc_AesCcmDecrypt
  8907. */
  8908. static int test_wc_AesCcmEncryptDecrypt (void)
  8909. {
  8910. int ret = 0;
  8911. #if defined(HAVE_AESCCM) && defined(WOLFSSL_AES_128)
  8912. Aes aes;
  8913. const byte key16[] =
  8914. {
  8915. 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
  8916. 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf
  8917. };
  8918. /* plaintext */
  8919. const byte plainT[] =
  8920. {
  8921. 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
  8922. 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
  8923. 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e
  8924. };
  8925. /* nonce */
  8926. const byte iv[] =
  8927. {
  8928. 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0,
  8929. 0xa1, 0xa2, 0xa3, 0xa4, 0xa5
  8930. };
  8931. const byte c[] = /* cipher text. */
  8932. {
  8933. 0x58, 0x8c, 0x97, 0x9a, 0x61, 0xc6, 0x63, 0xd2,
  8934. 0xf0, 0x66, 0xd0, 0xc2, 0xc0, 0xf9, 0x89, 0x80,
  8935. 0x6d, 0x5f, 0x6b, 0x61, 0xda, 0xc3, 0x84
  8936. };
  8937. const byte t[] = /* Auth tag */
  8938. {
  8939. 0x17, 0xe8, 0xd1, 0x2c, 0xfd, 0xf9, 0x26, 0xe0
  8940. };
  8941. const byte authIn[] =
  8942. {
  8943. 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
  8944. };
  8945. byte cipherOut[sizeof(plainT)];
  8946. byte authTag[sizeof(t)];
  8947. int ccmE = WOLFSSL_FATAL_ERROR;
  8948. #ifdef HAVE_AES_DECRYPT
  8949. int ccmD = WOLFSSL_FATAL_ERROR;
  8950. byte plainOut[sizeof(cipherOut)];
  8951. #endif
  8952. ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
  8953. if (ret != 0)
  8954. return ret;
  8955. ret = wc_AesCcmSetKey(&aes, key16, sizeof(key16));
  8956. if (ret == 0) {
  8957. ccmE = wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
  8958. iv, sizeof(iv), authTag, sizeof(authTag),
  8959. authIn , sizeof(authIn));
  8960. if ((XMEMCMP(cipherOut, c, sizeof(c)) && ccmE == 0) ||
  8961. XMEMCMP(t, authTag, sizeof(t))) {
  8962. ccmE = WOLFSSL_FATAL_ERROR;
  8963. ret = WOLFSSL_FATAL_ERROR;
  8964. }
  8965. #ifdef HAVE_AES_DECRYPT
  8966. if (ret == 0) {
  8967. ccmD = wc_AesCcmDecrypt(&aes, plainOut, cipherOut,
  8968. sizeof(plainOut), iv, sizeof(iv),
  8969. authTag, sizeof(authTag),
  8970. authIn, sizeof(authIn));
  8971. }
  8972. if (XMEMCMP(plainOut, plainT, sizeof(plainT)) && ccmD == 0) {
  8973. ccmD = WOLFSSL_FATAL_ERROR;
  8974. }
  8975. #endif
  8976. }
  8977. printf(testingFmt, "wc_AesCcmEncrypt()");
  8978. /* Pass in bad args. Encrypt*/
  8979. if (ret == 0 && ccmE == 0) {
  8980. ccmE = wc_AesCcmEncrypt(NULL, cipherOut, plainT, sizeof(cipherOut),
  8981. iv, sizeof(iv), authTag, sizeof(authTag),
  8982. authIn , sizeof(authIn));
  8983. if (ccmE == BAD_FUNC_ARG) {
  8984. ccmE = wc_AesCcmEncrypt(&aes, NULL, plainT, sizeof(cipherOut),
  8985. iv, sizeof(iv), authTag, sizeof(authTag),
  8986. authIn , sizeof(authIn));
  8987. }
  8988. if (ccmE == BAD_FUNC_ARG) {
  8989. ccmE = wc_AesCcmEncrypt(&aes, cipherOut, NULL, sizeof(cipherOut),
  8990. iv, sizeof(iv), authTag, sizeof(authTag),
  8991. authIn , sizeof(authIn));
  8992. }
  8993. if (ccmE == BAD_FUNC_ARG) {
  8994. ccmE = wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
  8995. NULL, sizeof(iv), authTag, sizeof(authTag),
  8996. authIn , sizeof(authIn));
  8997. }
  8998. if (ccmE == BAD_FUNC_ARG) {
  8999. ccmE = wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
  9000. iv, sizeof(iv), NULL, sizeof(authTag),
  9001. authIn , sizeof(authIn));
  9002. }
  9003. if (ccmE == BAD_FUNC_ARG) {
  9004. ccmE = wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
  9005. iv, sizeof(iv) + 1, authTag, sizeof(authTag),
  9006. authIn , sizeof(authIn));
  9007. }
  9008. if (ccmE == BAD_FUNC_ARG) {
  9009. ccmE = wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
  9010. iv, sizeof(iv) - 7, authTag, sizeof(authTag),
  9011. authIn , sizeof(authIn));
  9012. }
  9013. if (ccmE != BAD_FUNC_ARG) {
  9014. ccmE = WOLFSSL_FATAL_ERROR;
  9015. } else {
  9016. ccmE = 0;
  9017. }
  9018. } /* End Encrypt */
  9019. printf(resultFmt, ccmE == 0 ? passed : failed);
  9020. if (ccmE != 0) {
  9021. wc_AesFree(&aes);
  9022. return ccmE;
  9023. }
  9024. #ifdef HAVE_AES_DECRYPT
  9025. printf(testingFmt, "wc_AesCcmDecrypt()");
  9026. /* Pass in bad args. Decrypt*/
  9027. if (ret == 0 && ccmD == 0) {
  9028. ccmD = wc_AesCcmDecrypt(NULL, plainOut, cipherOut, sizeof(plainOut),
  9029. iv, sizeof(iv), authTag, sizeof(authTag),
  9030. authIn, sizeof(authIn));
  9031. if (ccmD == BAD_FUNC_ARG) {
  9032. ccmD = wc_AesCcmDecrypt(&aes, NULL, cipherOut, sizeof(plainOut),
  9033. iv, sizeof(iv), authTag, sizeof(authTag),
  9034. authIn, sizeof(authIn));
  9035. }
  9036. if (ccmD == BAD_FUNC_ARG) {
  9037. ccmD = wc_AesCcmDecrypt(&aes, plainOut, NULL, sizeof(plainOut),
  9038. iv, sizeof(iv), authTag, sizeof(authTag),
  9039. authIn, sizeof(authIn));
  9040. }
  9041. if (ccmD == BAD_FUNC_ARG) {
  9042. ccmD = wc_AesCcmDecrypt(&aes, plainOut, cipherOut,
  9043. sizeof(plainOut), NULL, sizeof(iv),
  9044. authTag, sizeof(authTag),
  9045. authIn, sizeof(authIn));
  9046. }
  9047. if (ccmD == BAD_FUNC_ARG) {
  9048. ccmD = wc_AesCcmDecrypt(&aes, plainOut, cipherOut,
  9049. sizeof(plainOut), iv, sizeof(iv), NULL,
  9050. sizeof(authTag), authIn, sizeof(authIn));
  9051. }
  9052. if (ccmD == BAD_FUNC_ARG) {
  9053. ccmD = wc_AesCcmDecrypt(&aes, plainOut, cipherOut,
  9054. sizeof(plainOut), iv, sizeof(iv) + 1,
  9055. authTag, sizeof(authTag),
  9056. authIn, sizeof(authIn));
  9057. }
  9058. if (ccmD == BAD_FUNC_ARG) {
  9059. ccmD = wc_AesCcmDecrypt(&aes, plainOut, cipherOut,
  9060. sizeof(plainOut), iv, sizeof(iv) - 7,
  9061. authTag, sizeof(authTag),
  9062. authIn, sizeof(authIn));
  9063. }
  9064. if (ccmD != BAD_FUNC_ARG) {
  9065. ccmD = WOLFSSL_FATAL_ERROR;
  9066. } else {
  9067. ccmD = 0;
  9068. }
  9069. } /* END Decrypt */
  9070. printf(resultFmt, ccmD == 0 ? passed : failed);
  9071. if (ccmD != 0) {
  9072. return ccmD;
  9073. }
  9074. #endif
  9075. wc_AesFree(&aes);
  9076. #endif /* HAVE_AESCCM */
  9077. return ret;
  9078. } /* END test_wc_AesCcmEncryptDecrypt */
  9079. /*
  9080. * Test wc_Hc128_SetKey()
  9081. */
  9082. static int test_wc_Hc128_SetKey (void)
  9083. {
  9084. int ret = 0;
  9085. #ifdef HAVE_HC128
  9086. HC128 ctx;
  9087. const char* key = "\x80\x00\x00\x00\x00\x00\x00\x00"
  9088. "\x00\x00\x00\x00\x00\x00\x00\x00";
  9089. const char* iv = "\x0D\x74\xDB\x42\xA9\x10\x77\xDE"
  9090. "\x45\xAC\x13\x7A\xE1\x48\xAF\x16";
  9091. printf(testingFmt, "wc_Hc128_SetKey()");
  9092. ret = wc_Hc128_SetKey(&ctx, (byte*)key, (byte*)iv);
  9093. /* Test bad args. */
  9094. if (ret == 0) {
  9095. ret = wc_Hc128_SetKey(NULL, (byte*)key, (byte*)iv);
  9096. if (ret == BAD_FUNC_ARG) {
  9097. ret = wc_Hc128_SetKey(&ctx, NULL, (byte*)iv);
  9098. }
  9099. if (ret == BAD_FUNC_ARG) {
  9100. ret = wc_Hc128_SetKey(&ctx, (byte*)key, NULL);
  9101. }
  9102. }
  9103. printf(resultFmt, ret == 0 ? passed : failed);
  9104. #endif
  9105. return ret;
  9106. } /* END test_wc_Hc128_SetKey */
  9107. /*
  9108. * Testing wc_Hc128_Process()
  9109. */
  9110. static int test_wc_Hc128_Process (void)
  9111. {
  9112. int ret = 0;
  9113. #ifdef HAVE_HC128
  9114. HC128 enc;
  9115. HC128 dec;
  9116. const char* key = "\x0F\x62\xB5\x08\x5B\xAE\x01\x54"
  9117. "\xA7\xFA\x4D\xA0\xF3\x46\x99\xEC";
  9118. const char* input = "Encrypt Hc128, and then Decrypt.";
  9119. size_t inlen = XSTRLEN(input) + 1; /* Add null terminator */
  9120. byte cipher[inlen];
  9121. byte plain[inlen];
  9122. printf(testingFmt, "wc_Hc128_Process()");
  9123. ret = wc_Hc128_SetKey(&enc, (byte*)key, NULL);
  9124. if (ret == 0) {
  9125. ret = wc_Hc128_SetKey(&dec, (byte*)key, NULL);
  9126. }
  9127. if (ret == 0) {
  9128. ret = wc_Hc128_Process(&enc, cipher, (byte*)input, (word32)inlen);
  9129. if (ret == 0) {
  9130. ret = wc_Hc128_Process(&dec, plain, cipher, (word32)inlen);
  9131. }
  9132. }
  9133. /* Bad args. */
  9134. if (ret == 0) {
  9135. ret = wc_Hc128_Process(NULL, plain, cipher, (word32)inlen);
  9136. if (ret == BAD_FUNC_ARG) {
  9137. ret = wc_Hc128_Process(&dec, NULL, cipher, (word32)inlen);
  9138. }
  9139. if (ret == BAD_FUNC_ARG) {
  9140. ret = wc_Hc128_Process(&dec, plain, NULL, (word32)inlen);
  9141. }
  9142. if (ret == BAD_FUNC_ARG) {
  9143. ret = 0;
  9144. } else {
  9145. ret = WOLFSSL_FATAL_ERROR;
  9146. }
  9147. }
  9148. printf(resultFmt, ret == 0 ? passed : failed);
  9149. #endif
  9150. return ret;
  9151. } /* END test_wc_Hc128_Process */
  9152. /*
  9153. * Testing wc_InitDsaKey()
  9154. */
  9155. static int test_wc_InitDsaKey (void)
  9156. {
  9157. int ret = 0;
  9158. #ifndef NO_DSA
  9159. DsaKey key;
  9160. printf(testingFmt, "wc_InitDsaKey()");
  9161. ret = wc_InitDsaKey(&key);
  9162. /* Pass in bad args. */
  9163. if (ret == 0) {
  9164. ret = wc_InitDsaKey(NULL);
  9165. if (ret == BAD_FUNC_ARG) {
  9166. ret = 0;
  9167. } else {
  9168. ret = WOLFSSL_FATAL_ERROR;
  9169. }
  9170. }
  9171. printf(resultFmt, ret == 0 ? passed : failed);
  9172. wc_FreeDsaKey(&key);
  9173. #endif
  9174. return ret;
  9175. } /* END test_wc_InitDsaKey */
  9176. /*
  9177. * Testing wc_DsaSign() and wc_DsaVerify()
  9178. */
  9179. static int test_wc_DsaSignVerify (void)
  9180. {
  9181. int ret = 0;
  9182. #if !defined(NO_DSA)
  9183. DsaKey key;
  9184. WC_RNG rng;
  9185. wc_Sha sha;
  9186. byte signature[DSA_SIG_SIZE];
  9187. byte hash[WC_SHA_DIGEST_SIZE];
  9188. word32 idx = 0;
  9189. word32 bytes;
  9190. int answer;
  9191. #ifdef USE_CERT_BUFFERS_1024
  9192. byte tmp[ONEK_BUF];
  9193. XMEMSET(tmp, 0, sizeof(tmp));
  9194. XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024);
  9195. bytes = sizeof_dsa_key_der_1024;
  9196. #elif defined(USE_CERT_BUFFERS_2048)
  9197. byte tmp[TWOK_BUF];
  9198. XMEMSET(tmp, 0, sizeof(tmp));
  9199. XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048);
  9200. bytes = sizeof_dsa_key_der_2048;
  9201. #else
  9202. byte tmp[TWOK_BUF];
  9203. XMEMSET(tmp, 0, sizeof(tmp));
  9204. FILE* fp = fopen("./certs/dsa2048.der", "rb");
  9205. if (!fp) {
  9206. return WOLFSSL_BAD_FILE;
  9207. }
  9208. bytes = (word32) fread(tmp, 1, sizeof(tmp), fp);
  9209. fclose(fp);
  9210. #endif /* END USE_CERT_BUFFERS_1024 */
  9211. ret = wc_InitSha(&sha);
  9212. if (ret == 0) {
  9213. ret = wc_ShaUpdate(&sha, tmp, bytes);
  9214. if (ret == 0) {
  9215. ret = wc_ShaFinal(&sha, hash);
  9216. }
  9217. if (ret == 0) {
  9218. ret = wc_InitDsaKey(&key);
  9219. }
  9220. if (ret == 0) {
  9221. ret = wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes);
  9222. }
  9223. if (ret == 0) {
  9224. ret = wc_InitRng(&rng);
  9225. }
  9226. }
  9227. printf(testingFmt, "wc_DsaSign()");
  9228. /* Sign. */
  9229. if (ret == 0) {
  9230. ret = wc_DsaSign(hash, signature, &key, &rng);
  9231. }
  9232. /* Test bad args. */
  9233. if (ret == 0) {
  9234. ret = wc_DsaSign(NULL, signature, &key, &rng);
  9235. if (ret == BAD_FUNC_ARG) {
  9236. ret = wc_DsaSign(hash, NULL, &key, &rng);
  9237. }
  9238. if (ret == BAD_FUNC_ARG) {
  9239. ret = wc_DsaSign(hash, signature, NULL, &rng);
  9240. }
  9241. if (ret == BAD_FUNC_ARG) {
  9242. ret = wc_DsaSign(hash, signature, &key, NULL);
  9243. }
  9244. if (ret == BAD_FUNC_ARG) {
  9245. ret = 0;
  9246. } else {
  9247. ret = WOLFSSL_FATAL_ERROR;
  9248. }
  9249. }
  9250. printf(resultFmt, ret == 0 ? passed : failed);
  9251. if (ret != 0) {
  9252. return ret;
  9253. }
  9254. /* Verify. */
  9255. printf(testingFmt, "wc_DsaVerify()");
  9256. ret = wc_DsaVerify(hash, signature, &key, &answer);
  9257. if (ret != 0 || answer != 1) {
  9258. ret = WOLFSSL_FATAL_ERROR;
  9259. } else {
  9260. ret = 0;
  9261. }
  9262. /* Pass in bad args. */
  9263. if (ret == 0) {
  9264. ret = wc_DsaVerify(NULL, signature, &key, &answer);
  9265. if (ret == BAD_FUNC_ARG) {
  9266. ret = wc_DsaVerify(hash, NULL, &key, &answer);
  9267. }
  9268. if (ret == BAD_FUNC_ARG) {
  9269. ret = wc_DsaVerify(hash, signature, NULL, &answer);
  9270. }
  9271. if (ret == BAD_FUNC_ARG) {
  9272. ret = wc_DsaVerify(hash, signature, &key, NULL);
  9273. }
  9274. if (ret == BAD_FUNC_ARG) {
  9275. ret = 0;
  9276. } else {
  9277. ret = WOLFSSL_FATAL_ERROR;
  9278. }
  9279. }
  9280. if (wc_FreeRng(&rng) && ret == 0) {
  9281. ret = WOLFSSL_FATAL_ERROR;
  9282. }
  9283. printf(resultFmt, ret == 0 ? passed : failed);
  9284. wc_FreeDsaKey(&key);
  9285. wc_ShaFree(&sha);
  9286. #endif
  9287. return ret;
  9288. } /* END test_wc_DsaSign */
  9289. /*
  9290. * Testing wc_DsaPrivateKeyDecode() and wc_DsaPublicKeyDecode()
  9291. */
  9292. static int test_wc_DsaPublicPrivateKeyDecode (void)
  9293. {
  9294. int ret = 0;
  9295. #if !defined(NO_DSA)
  9296. DsaKey key;
  9297. word32 bytes;
  9298. word32 idx = 0;
  9299. int priv = WOLFSSL_FATAL_ERROR;
  9300. int pub = WOLFSSL_FATAL_ERROR;
  9301. #ifdef USE_CERT_BUFFERS_1024
  9302. byte tmp[ONEK_BUF];
  9303. XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024);
  9304. bytes = sizeof_dsa_key_der_1024;
  9305. #elif defined(USE_CERT_BUFFERS_2048)
  9306. byte tmp[TWOK_BUF];
  9307. XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048);
  9308. bytes = sizeof_dsa_key_der_2048;
  9309. #else
  9310. byte tmp[TWOK_BUF];
  9311. XMEMSET(tmp, 0, sizeof(tmp));
  9312. FILE* fp = fopen("./certs/dsa2048.der", "rb");
  9313. if (!fp) {
  9314. return WOLFSSL_BAD_FILE;
  9315. }
  9316. bytes = (word32) fread(tmp, 1, sizeof(tmp), fp);
  9317. fclose(fp);
  9318. #endif /* END USE_CERT_BUFFERS_1024 */
  9319. ret = wc_InitDsaKey(&key);
  9320. printf(testingFmt, "wc_DsaPrivateKeyDecode()");
  9321. if (ret == 0) {
  9322. priv = wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes);
  9323. /* Test bad args. */
  9324. if (priv == 0) {
  9325. priv = wc_DsaPrivateKeyDecode(NULL, &idx, &key, bytes);
  9326. if (priv == BAD_FUNC_ARG) {
  9327. priv = wc_DsaPrivateKeyDecode(tmp, NULL, &key, bytes);
  9328. }
  9329. if (priv == BAD_FUNC_ARG) {
  9330. priv = wc_DsaPrivateKeyDecode(tmp, &idx, NULL, bytes);
  9331. }
  9332. if (priv == BAD_FUNC_ARG) {
  9333. priv = wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes);
  9334. }
  9335. if (priv == ASN_PARSE_E) {
  9336. priv = 0;
  9337. } else {
  9338. priv = WOLFSSL_FATAL_ERROR;
  9339. }
  9340. }
  9341. } /* END Private Key */
  9342. if (ret == 0) {
  9343. wc_FreeDsaKey(&key);
  9344. ret = wc_InitDsaKey(&key);
  9345. }
  9346. printf(resultFmt, priv == 0 ? passed : failed);
  9347. printf(testingFmt, "wc_DsaPublicKeyDecode()");
  9348. if (ret == 0) {
  9349. idx = 0; /* Reset */
  9350. pub = wc_DsaPublicKeyDecode(tmp, &idx, &key, bytes);
  9351. /* Test bad args. */
  9352. if (pub == 0) {
  9353. pub = wc_DsaPublicKeyDecode(NULL, &idx, &key, bytes);
  9354. if (pub == BAD_FUNC_ARG) {
  9355. pub = wc_DsaPublicKeyDecode(tmp, NULL, &key, bytes);
  9356. }
  9357. if (pub == BAD_FUNC_ARG) {
  9358. pub = wc_DsaPublicKeyDecode(tmp, &idx, NULL, bytes);
  9359. }
  9360. if (pub == BAD_FUNC_ARG) {
  9361. pub = wc_DsaPublicKeyDecode(tmp, &idx, &key, bytes);
  9362. }
  9363. if (pub == ASN_PARSE_E) {
  9364. pub = 0;
  9365. } else {
  9366. pub = WOLFSSL_FATAL_ERROR;
  9367. }
  9368. }
  9369. } /* END Public Key */
  9370. printf(resultFmt, pub == 0 ? passed : failed);
  9371. wc_FreeDsaKey(&key);
  9372. #endif
  9373. return ret;
  9374. } /* END test_wc_DsaPublicPrivateKeyDecode */
  9375. /*
  9376. * Testing wc_MakeDsaKey() and wc_MakeDsaParameters()
  9377. */
  9378. static int test_wc_MakeDsaKey (void)
  9379. {
  9380. int ret = 0;
  9381. #if !defined(NO_DSA) && defined(WOLFSSL_KEY_GEN)
  9382. DsaKey genKey;
  9383. WC_RNG rng;
  9384. ret = wc_InitRng(&rng);
  9385. if (ret == 0) {
  9386. ret = wc_InitDsaKey(&genKey);
  9387. }
  9388. printf(testingFmt, "wc_MakeDsaParameters()");
  9389. if (ret == 0) {
  9390. ret = wc_MakeDsaParameters(&rng, ONEK_BUF, &genKey);
  9391. }
  9392. /* Test bad args. */
  9393. if (ret == 0) {
  9394. ret = wc_MakeDsaParameters(NULL, ONEK_BUF, &genKey);
  9395. if (ret == BAD_FUNC_ARG) {
  9396. ret = wc_MakeDsaParameters(&rng, ONEK_BUF, NULL);
  9397. }
  9398. if (ret == BAD_FUNC_ARG) {
  9399. ret = wc_MakeDsaParameters(&rng, ONEK_BUF + 1, &genKey);
  9400. }
  9401. if (ret == BAD_FUNC_ARG) {
  9402. ret = 0;
  9403. } else {
  9404. ret = WOLFSSL_FATAL_ERROR;
  9405. }
  9406. }
  9407. printf(resultFmt, ret == 0 ? passed : failed);
  9408. printf(testingFmt, "wc_MakeDsaKey()");
  9409. if (ret == 0) {
  9410. ret = wc_MakeDsaKey(&rng, &genKey);
  9411. }
  9412. /* Test bad args. */
  9413. if (ret == 0) {
  9414. ret = wc_MakeDsaKey(NULL, &genKey);
  9415. if (ret == BAD_FUNC_ARG) {
  9416. ret = wc_MakeDsaKey(&rng, NULL);
  9417. }
  9418. if (ret == BAD_FUNC_ARG) {
  9419. ret = 0;
  9420. } else {
  9421. ret = WOLFSSL_FATAL_ERROR;
  9422. }
  9423. }
  9424. if (wc_FreeRng(&rng) && ret == 0) {
  9425. ret = WOLFSSL_FAILURE;
  9426. }
  9427. printf(resultFmt, ret == 0 ? passed : failed);
  9428. wc_FreeDsaKey(&genKey);
  9429. #endif
  9430. return ret;
  9431. } /* END test_wc_MakeDsaKey */
  9432. /*
  9433. * Testing wc_DsaKeyToDer()
  9434. */
  9435. static int test_wc_DsaKeyToDer (void)
  9436. {
  9437. int ret = 0;
  9438. #if !defined(NO_DSA) && defined(WOLFSSL_KEY_GEN)
  9439. DsaKey genKey;
  9440. WC_RNG rng;
  9441. word32 bytes;
  9442. word32 idx = 0;
  9443. #ifdef USE_CERT_BUFFERS_1024
  9444. byte tmp[ONEK_BUF];
  9445. byte der[ONEK_BUF];
  9446. XMEMSET(tmp, 0, sizeof(tmp));
  9447. XMEMSET(der, 0, sizeof(der));
  9448. XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024);
  9449. bytes = sizeof_dsa_key_der_1024;
  9450. #elif defined(USE_CERT_BUFFERS_2048)
  9451. byte tmp[TWOK_BUF];
  9452. byte der[TWOK_BUF];
  9453. XMEMSET(tmp, 0, sizeof(tmp));
  9454. XMEMSET(der, 0, sizeof(der));
  9455. XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048);
  9456. bytes = sizeof_dsa_key_der_2048;
  9457. #else
  9458. byte tmp[TWOK_BUF];
  9459. byte der[TWOK_BUF];
  9460. XMEMSET(tmp, 0, sizeof(tmp));
  9461. XMEMSET(der, 0, sizeof(der));
  9462. FILE* fp = fopen("./certs/dsa2048.der", "rb");
  9463. if (!fp) {
  9464. return WOLFSSL_BAD_FILE;
  9465. }
  9466. bytes = (word32) fread(tmp, 1, sizeof(tmp), fp);
  9467. fclose(fp);
  9468. #endif /* END USE_CERT_BUFFERS_1024 */
  9469. ret = wc_InitRng(&rng);
  9470. if (ret == 0) {
  9471. ret = wc_InitDsaKey(&genKey);
  9472. }
  9473. if (ret == 0) {
  9474. ret = wc_MakeDsaParameters(&rng, sizeof(tmp), &genKey);
  9475. if (ret == 0) {
  9476. wc_FreeDsaKey(&genKey);
  9477. ret = wc_InitDsaKey(&genKey);
  9478. }
  9479. }
  9480. if (ret == 0) {
  9481. ret = wc_DsaPrivateKeyDecode(tmp, &idx, &genKey, bytes);
  9482. }
  9483. printf(testingFmt, "wc_DsaKeyToDer()");
  9484. if (ret == 0) {
  9485. ret = wc_DsaKeyToDer(&genKey, der, bytes);
  9486. if ( ret >= 0 && ( ret = XMEMCMP(der, tmp, bytes) ) == 0 ) {
  9487. ret = 0;
  9488. }
  9489. }
  9490. /* Test bad args. */
  9491. if (ret == 0) {
  9492. ret = wc_DsaKeyToDer(NULL, der, FOURK_BUF);
  9493. if (ret == BAD_FUNC_ARG) {
  9494. ret = wc_DsaKeyToDer(&genKey, NULL, FOURK_BUF);
  9495. }
  9496. if (ret == BAD_FUNC_ARG) {
  9497. ret = 0;
  9498. } else {
  9499. ret = WOLFSSL_FATAL_ERROR;
  9500. }
  9501. }
  9502. if (wc_FreeRng(&rng) && ret == 0) {
  9503. ret = WOLFSSL_FATAL_ERROR;
  9504. }
  9505. printf(resultFmt, ret == 0 ? passed : failed);
  9506. wc_FreeDsaKey(&genKey);
  9507. #endif
  9508. return ret;
  9509. } /* END test_wc_DsaKeyToDer */
  9510. /*
  9511. * Testing wc_DsaImportParamsRaw()
  9512. */
  9513. static int test_wc_DsaImportParamsRaw (void)
  9514. {
  9515. int ret = 0;
  9516. #if !defined(NO_DSA)
  9517. DsaKey key;
  9518. /* [mod = L=1024, N=160], from CAVP KeyPair */
  9519. const char* p = "d38311e2cd388c3ed698e82fdf88eb92b5a9a483dc88005d"
  9520. "4b725ef341eabb47cf8a7a8a41e792a156b7ce97206c4f9c"
  9521. "5ce6fc5ae7912102b6b502e59050b5b21ce263dddb2044b6"
  9522. "52236f4d42ab4b5d6aa73189cef1ace778d7845a5c1c1c71"
  9523. "47123188f8dc551054ee162b634d60f097f719076640e209"
  9524. "80a0093113a8bd73";
  9525. const char* q = "96c5390a8b612c0e422bb2b0ea194a3ec935a281";
  9526. const char* g = "06b7861abbd35cc89e79c52f68d20875389b127361ca66822"
  9527. "138ce4991d2b862259d6b4548a6495b195aa0e0b6137ca37e"
  9528. "b23b94074d3c3d300042bdf15762812b6333ef7b07ceba786"
  9529. "07610fcc9ee68491dbc1e34cd12615474e52b18bc934fb00c"
  9530. "61d39e7da8902291c4434a4e2224c3f4fd9f93cd6f4f17fc0"
  9531. "76341a7e7d9";
  9532. /* invalid p and q parameters */
  9533. const char* invalidP = "d38311e2cd388c3ed698e82fdf88eb92b5a9a483dc88005d";
  9534. const char* invalidQ = "96c5390a";
  9535. printf(testingFmt, "wc_DsaImportParamsRaw()");
  9536. ret = wc_InitDsaKey(&key);
  9537. if (ret == 0) {
  9538. ret = wc_DsaImportParamsRaw(&key, p, q, g);
  9539. }
  9540. /* test bad args */
  9541. if (ret == 0) {
  9542. /* null key struct */
  9543. ret = wc_DsaImportParamsRaw(NULL, p, q, g);
  9544. if (ret == BAD_FUNC_ARG) {
  9545. /* null param pointers */
  9546. ret = wc_DsaImportParamsRaw(&key, NULL, NULL, NULL);
  9547. }
  9548. if (ret == BAD_FUNC_ARG) {
  9549. /* illegal p length */
  9550. ret = wc_DsaImportParamsRaw(&key, invalidP, q, g);
  9551. }
  9552. if (ret == BAD_FUNC_ARG) {
  9553. /* illegal q length */
  9554. ret = wc_DsaImportParamsRaw(&key, p, invalidQ, g);
  9555. if (ret == BAD_FUNC_ARG)
  9556. ret = 0;
  9557. }
  9558. }
  9559. printf(resultFmt, ret == 0 ? passed : failed);
  9560. wc_FreeDsaKey(&key);
  9561. #endif
  9562. return ret;
  9563. } /* END test_wc_DsaImportParamsRaw */
  9564. /*
  9565. * Testing wc_DsaExportParamsRaw()
  9566. */
  9567. static int test_wc_DsaExportParamsRaw (void)
  9568. {
  9569. int ret = 0;
  9570. #if !defined(NO_DSA)
  9571. DsaKey key;
  9572. /* [mod = L=1024, N=160], from CAVP KeyPair */
  9573. const char* p = "d38311e2cd388c3ed698e82fdf88eb92b5a9a483dc88005d"
  9574. "4b725ef341eabb47cf8a7a8a41e792a156b7ce97206c4f9c"
  9575. "5ce6fc5ae7912102b6b502e59050b5b21ce263dddb2044b6"
  9576. "52236f4d42ab4b5d6aa73189cef1ace778d7845a5c1c1c71"
  9577. "47123188f8dc551054ee162b634d60f097f719076640e209"
  9578. "80a0093113a8bd73";
  9579. const char* q = "96c5390a8b612c0e422bb2b0ea194a3ec935a281";
  9580. const char* g = "06b7861abbd35cc89e79c52f68d20875389b127361ca66822"
  9581. "138ce4991d2b862259d6b4548a6495b195aa0e0b6137ca37e"
  9582. "b23b94074d3c3d300042bdf15762812b6333ef7b07ceba786"
  9583. "07610fcc9ee68491dbc1e34cd12615474e52b18bc934fb00c"
  9584. "61d39e7da8902291c4434a4e2224c3f4fd9f93cd6f4f17fc0"
  9585. "76341a7e7d9";
  9586. const char* pCompare = "\xd3\x83\x11\xe2\xcd\x38\x8c\x3e\xd6\x98\xe8\x2f"
  9587. "\xdf\x88\xeb\x92\xb5\xa9\xa4\x83\xdc\x88\x00\x5d"
  9588. "\x4b\x72\x5e\xf3\x41\xea\xbb\x47\xcf\x8a\x7a\x8a"
  9589. "\x41\xe7\x92\xa1\x56\xb7\xce\x97\x20\x6c\x4f\x9c"
  9590. "\x5c\xe6\xfc\x5a\xe7\x91\x21\x02\xb6\xb5\x02\xe5"
  9591. "\x90\x50\xb5\xb2\x1c\xe2\x63\xdd\xdb\x20\x44\xb6"
  9592. "\x52\x23\x6f\x4d\x42\xab\x4b\x5d\x6a\xa7\x31\x89"
  9593. "\xce\xf1\xac\xe7\x78\xd7\x84\x5a\x5c\x1c\x1c\x71"
  9594. "\x47\x12\x31\x88\xf8\xdc\x55\x10\x54\xee\x16\x2b"
  9595. "\x63\x4d\x60\xf0\x97\xf7\x19\x07\x66\x40\xe2\x09"
  9596. "\x80\xa0\x09\x31\x13\xa8\xbd\x73";
  9597. const char* qCompare = "\x96\xc5\x39\x0a\x8b\x61\x2c\x0e\x42\x2b\xb2\xb0"
  9598. "\xea\x19\x4a\x3e\xc9\x35\xa2\x81";
  9599. const char* gCompare = "\x06\xb7\x86\x1a\xbb\xd3\x5c\xc8\x9e\x79\xc5\x2f"
  9600. "\x68\xd2\x08\x75\x38\x9b\x12\x73\x61\xca\x66\x82"
  9601. "\x21\x38\xce\x49\x91\xd2\xb8\x62\x25\x9d\x6b\x45"
  9602. "\x48\xa6\x49\x5b\x19\x5a\xa0\xe0\xb6\x13\x7c\xa3"
  9603. "\x7e\xb2\x3b\x94\x07\x4d\x3c\x3d\x30\x00\x42\xbd"
  9604. "\xf1\x57\x62\x81\x2b\x63\x33\xef\x7b\x07\xce\xba"
  9605. "\x78\x60\x76\x10\xfc\xc9\xee\x68\x49\x1d\xbc\x1e"
  9606. "\x34\xcd\x12\x61\x54\x74\xe5\x2b\x18\xbc\x93\x4f"
  9607. "\xb0\x0c\x61\xd3\x9e\x7d\xa8\x90\x22\x91\xc4\x43"
  9608. "\x4a\x4e\x22\x24\xc3\xf4\xfd\x9f\x93\xcd\x6f\x4f"
  9609. "\x17\xfc\x07\x63\x41\xa7\xe7\xd9";
  9610. byte pOut[MAX_DSA_PARAM_SIZE];
  9611. byte qOut[MAX_DSA_PARAM_SIZE];
  9612. byte gOut[MAX_DSA_PARAM_SIZE];
  9613. word32 pOutSz, qOutSz, gOutSz;
  9614. printf(testingFmt, "wc_DsaExportParamsRaw()");
  9615. ret = wc_InitDsaKey(&key);
  9616. if (ret == 0) {
  9617. /* first test using imported raw parameters, for expected */
  9618. ret = wc_DsaImportParamsRaw(&key, p, q, g);
  9619. }
  9620. if (ret == 0) {
  9621. pOutSz = sizeof(pOut);
  9622. qOutSz = sizeof(qOut);
  9623. gOutSz = sizeof(gOut);
  9624. ret = wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz,
  9625. gOut, &gOutSz);
  9626. }
  9627. if (ret == 0) {
  9628. /* validate exported parameters are correct */
  9629. if ((XMEMCMP(pOut, pCompare, pOutSz) != 0) ||
  9630. (XMEMCMP(qOut, qCompare, qOutSz) != 0) ||
  9631. (XMEMCMP(gOut, gCompare, gOutSz) != 0) ) {
  9632. ret = -1;
  9633. }
  9634. }
  9635. /* test bad args */
  9636. if (ret == 0) {
  9637. /* null key struct */
  9638. ret = wc_DsaExportParamsRaw(NULL, pOut, &pOutSz, qOut, &qOutSz,
  9639. gOut, &gOutSz);
  9640. if (ret == BAD_FUNC_ARG) {
  9641. /* null output pointers */
  9642. ret = wc_DsaExportParamsRaw(&key, NULL, &pOutSz, NULL, &qOutSz,
  9643. NULL, &gOutSz);
  9644. }
  9645. if (ret == LENGTH_ONLY_E) {
  9646. /* null output size pointers */
  9647. ret = wc_DsaExportParamsRaw(&key, pOut, NULL, qOut, NULL,
  9648. gOut, NULL);
  9649. }
  9650. if (ret == BAD_FUNC_ARG) {
  9651. /* p output buffer size too small */
  9652. pOutSz = 1;
  9653. ret = wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz,
  9654. gOut, &gOutSz);
  9655. pOutSz = sizeof(pOut);
  9656. }
  9657. if (ret == BUFFER_E) {
  9658. /* q output buffer size too small */
  9659. qOutSz = 1;
  9660. ret = wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz,
  9661. gOut, &gOutSz);
  9662. qOutSz = sizeof(qOut);
  9663. }
  9664. if (ret == BUFFER_E) {
  9665. /* g output buffer size too small */
  9666. gOutSz = 1;
  9667. ret = wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz,
  9668. gOut, &gOutSz);
  9669. if (ret == BUFFER_E)
  9670. ret = 0;
  9671. }
  9672. }
  9673. printf(resultFmt, ret == 0 ? passed : failed);
  9674. wc_FreeDsaKey(&key);
  9675. #endif
  9676. return ret;
  9677. } /* END test_wc_DsaExportParamsRaw */
  9678. /*
  9679. * Testing wc_DsaExportKeyRaw()
  9680. */
  9681. static int test_wc_DsaExportKeyRaw (void)
  9682. {
  9683. int ret = 0;
  9684. #if !defined(NO_DSA) && defined(WOLFSSL_KEY_GEN)
  9685. DsaKey key;
  9686. WC_RNG rng;
  9687. byte xOut[MAX_DSA_PARAM_SIZE];
  9688. byte yOut[MAX_DSA_PARAM_SIZE];
  9689. word32 xOutSz, yOutSz;
  9690. printf(testingFmt, "wc_DsaExportKeyRaw()");
  9691. ret = wc_InitRng(&rng);
  9692. if (ret == 0) {
  9693. ret = wc_InitDsaKey(&key);
  9694. }
  9695. if (ret == 0) {
  9696. ret = wc_MakeDsaParameters(&rng, 1024, &key);
  9697. if (ret == 0) {
  9698. ret = wc_MakeDsaKey(&rng, &key);
  9699. }
  9700. }
  9701. /* try successful export */
  9702. if (ret == 0) {
  9703. xOutSz = sizeof(xOut);
  9704. yOutSz = sizeof(yOut);
  9705. ret = wc_DsaExportKeyRaw(&key, xOut, &xOutSz, yOut, &yOutSz);
  9706. }
  9707. /* test bad args */
  9708. if (ret == 0) {
  9709. /* null key struct */
  9710. ret = wc_DsaExportKeyRaw(NULL, xOut, &xOutSz, yOut, &yOutSz);
  9711. if (ret == BAD_FUNC_ARG) {
  9712. /* null output pointers */
  9713. ret = wc_DsaExportKeyRaw(&key, NULL, &xOutSz, NULL, &yOutSz);
  9714. }
  9715. if (ret == LENGTH_ONLY_E) {
  9716. /* null output size pointers */
  9717. ret = wc_DsaExportKeyRaw(&key, xOut, NULL, yOut, NULL);
  9718. }
  9719. if (ret == BAD_FUNC_ARG) {
  9720. /* x output buffer size too small */
  9721. xOutSz = 1;
  9722. ret = wc_DsaExportKeyRaw(&key, xOut, &xOutSz, yOut, &yOutSz);
  9723. xOutSz = sizeof(xOut);
  9724. }
  9725. if (ret == BUFFER_E) {
  9726. /* y output buffer size too small */
  9727. yOutSz = 1;
  9728. ret = wc_DsaExportKeyRaw(&key, xOut, &xOutSz, yOut, &yOutSz);
  9729. if (ret == BUFFER_E)
  9730. ret = 0;
  9731. }
  9732. }
  9733. printf(resultFmt, ret == 0 ? passed : failed);
  9734. wc_FreeDsaKey(&key);
  9735. wc_FreeRng(&rng);
  9736. #endif
  9737. return ret;
  9738. } /* END test_wc_DsaExportParamsRaw */
  9739. /*
  9740. * Testing wc_ed25519_make_key().
  9741. */
  9742. static int test_wc_ed25519_make_key (void)
  9743. {
  9744. int ret = 0;
  9745. #if defined(HAVE_ED25519)
  9746. ed25519_key key;
  9747. WC_RNG rng;
  9748. ret = wc_InitRng(&rng);
  9749. if (ret == 0) {
  9750. ret = wc_ed25519_init(&key);
  9751. }
  9752. printf(testingFmt, "wc_ed25519_make_key()");
  9753. if (ret == 0) {
  9754. ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key);
  9755. }
  9756. /* Test bad args. */
  9757. if (ret == 0) {
  9758. ret = wc_ed25519_make_key(NULL, ED25519_KEY_SIZE, &key);
  9759. if (ret == BAD_FUNC_ARG) {
  9760. ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, NULL);
  9761. }
  9762. if (ret == BAD_FUNC_ARG) {
  9763. ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE - 1, &key);
  9764. }
  9765. if (ret == BAD_FUNC_ARG) {
  9766. ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE + 1, &key);
  9767. }
  9768. if (ret == BAD_FUNC_ARG) {
  9769. ret = 0;
  9770. } else if (ret == 0) {
  9771. ret = SSL_FATAL_ERROR;
  9772. }
  9773. }
  9774. printf(resultFmt, ret == 0 ? passed : failed);
  9775. if (wc_FreeRng(&rng) && ret == 0) {
  9776. ret = SSL_FATAL_ERROR;
  9777. }
  9778. wc_ed25519_free(&key);
  9779. #endif
  9780. return ret;
  9781. } /* END test_wc_ed25519_make_key */
  9782. /*
  9783. * Testing wc_ed25519_init()
  9784. */
  9785. static int test_wc_ed25519_init (void)
  9786. {
  9787. int ret = 0;
  9788. #if defined(HAVE_ED25519)
  9789. ed25519_key key;
  9790. printf(testingFmt, "wc_ed25519_init()");
  9791. ret = wc_ed25519_init(&key);
  9792. /* Test bad args. */
  9793. if (ret == 0) {
  9794. ret = wc_ed25519_init(NULL);
  9795. if (ret == BAD_FUNC_ARG) {
  9796. ret = 0;
  9797. } else if (ret == 0) {
  9798. ret = SSL_FATAL_ERROR;
  9799. }
  9800. }
  9801. printf(resultFmt, ret == 0 ? passed : failed);
  9802. wc_ed25519_free(&key);
  9803. #endif
  9804. return ret;
  9805. } /* END test_wc_ed25519_init */
  9806. /*
  9807. * Test wc_ed25519_sign_msg() and wc_ed25519_verify_msg()
  9808. */
  9809. static int test_wc_ed25519_sign_msg (void)
  9810. {
  9811. int ret = 0;
  9812. #if defined(HAVE_ED25519) && defined(HAVE_ED25519_SIGN)
  9813. WC_RNG rng;
  9814. ed25519_key key;
  9815. byte msg[] = "Everybody gets Friday off.\n";
  9816. byte sig[ED25519_SIG_SIZE];
  9817. word32 msglen = sizeof(msg);
  9818. word32 siglen = sizeof(sig);
  9819. word32 badSigLen = sizeof(sig) - 1;
  9820. int stat = 0; /*1 = Verify success.*/
  9821. /* Initialize stack variables. */
  9822. XMEMSET(sig, 0, siglen);
  9823. /* Initialize key. */
  9824. ret = wc_InitRng(&rng);
  9825. if (ret == 0) {
  9826. ret = wc_ed25519_init(&key);
  9827. if (ret == 0) {
  9828. ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key);
  9829. }
  9830. }
  9831. printf(testingFmt, "wc_ed25519_sign_msg()");
  9832. if (ret == 0) {
  9833. ret = wc_ed25519_sign_msg(msg, msglen, sig, &siglen, &key);
  9834. }
  9835. /* Test bad args. */
  9836. if (ret == 0 && siglen == ED25519_SIG_SIZE) {
  9837. ret = wc_ed25519_sign_msg(NULL, msglen, sig, &siglen, &key);
  9838. if (ret == BAD_FUNC_ARG) {
  9839. ret = wc_ed25519_sign_msg(msg, msglen, NULL, &siglen, &key);
  9840. }
  9841. if (ret == BAD_FUNC_ARG) {
  9842. ret = wc_ed25519_sign_msg(msg, msglen, sig, NULL, &key);
  9843. }
  9844. if (ret == BAD_FUNC_ARG) {
  9845. ret = wc_ed25519_sign_msg(msg, msglen, sig, &siglen, NULL);
  9846. }
  9847. if (ret == BAD_FUNC_ARG) {
  9848. ret = wc_ed25519_sign_msg(msg, msglen, sig, &badSigLen, &key);
  9849. }
  9850. if (ret == BUFFER_E && badSigLen == ED25519_SIG_SIZE) {
  9851. badSigLen -= 1;
  9852. ret = 0;
  9853. } else if (ret == 0) {
  9854. ret = SSL_FATAL_ERROR;
  9855. }
  9856. } /* END sign */
  9857. printf(resultFmt, ret == 0 ? passed : failed);
  9858. #ifdef HAVE_ED25519_VERIFY
  9859. printf(testingFmt, "wc_ed25519_verify_msg()");
  9860. if (ret == 0) {
  9861. ret = wc_ed25519_verify_msg(sig, siglen, msg, msglen, &stat, &key);
  9862. if (ret == 0 && stat == 1) {
  9863. ret = 0;
  9864. } else if (ret == 0) {
  9865. ret = SSL_FATAL_ERROR;
  9866. }
  9867. /* Test bad args. */
  9868. if (ret == 0) {
  9869. ret = wc_ed25519_verify_msg(NULL, siglen, msg, msglen, &stat,
  9870. &key);
  9871. if (ret == BAD_FUNC_ARG) {
  9872. ret = wc_ed25519_verify_msg(sig, siglen, NULL, msglen,
  9873. &stat, &key);
  9874. }
  9875. if (ret == BAD_FUNC_ARG) {
  9876. ret = wc_ed25519_verify_msg(sig, siglen, msg, msglen,
  9877. NULL, &key);
  9878. }
  9879. if (ret == BAD_FUNC_ARG) {
  9880. ret = wc_ed25519_verify_msg(sig, siglen, msg, msglen,
  9881. &stat, NULL);
  9882. }
  9883. if (ret == BAD_FUNC_ARG) {
  9884. ret = wc_ed25519_verify_msg(sig, badSigLen, msg, msglen,
  9885. &stat, &key);
  9886. }
  9887. if (ret == BAD_FUNC_ARG) {
  9888. ret = 0;
  9889. } else if (ret == 0) {
  9890. ret = SSL_FATAL_ERROR;
  9891. }
  9892. }
  9893. } /* END verify. */
  9894. printf(resultFmt, ret == 0 ? passed : failed);
  9895. #endif /* Verify. */
  9896. if (wc_FreeRng(&rng) && ret == 0) {
  9897. ret = SSL_FATAL_ERROR;
  9898. }
  9899. wc_ed25519_free(&key);
  9900. #endif
  9901. return ret;
  9902. } /* END test_wc_ed25519_sign_msg */
  9903. /*
  9904. * Testing wc_ed25519_import_public()
  9905. */
  9906. static int test_wc_ed25519_import_public (void)
  9907. {
  9908. int ret = 0;
  9909. #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT)
  9910. WC_RNG rng;
  9911. ed25519_key pubKey;
  9912. const byte in[] = "Ed25519PublicKeyUnitTest......\n";
  9913. word32 inlen = sizeof(in);
  9914. ret = wc_InitRng(&rng);
  9915. if (ret == 0) {
  9916. ret = wc_ed25519_init(&pubKey);
  9917. if (ret == 0) {
  9918. ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &pubKey);
  9919. }
  9920. }
  9921. printf(testingFmt, "wc_ed25519_import_public()");
  9922. if (ret == 0) {
  9923. ret = wc_ed25519_import_public(in, inlen, &pubKey);
  9924. if (ret == 0 && XMEMCMP(in, pubKey.p, inlen) == 0) {
  9925. ret = 0;
  9926. } else {
  9927. ret = SSL_FATAL_ERROR;
  9928. }
  9929. /* Test bad args. */
  9930. if (ret == 0) {
  9931. ret = wc_ed25519_import_public(NULL, inlen, &pubKey);
  9932. if (ret == BAD_FUNC_ARG) {
  9933. ret = wc_ed25519_import_public(in, inlen, NULL);
  9934. }
  9935. if (ret == BAD_FUNC_ARG) {
  9936. ret = wc_ed25519_import_public(in, inlen - 1, &pubKey);
  9937. }
  9938. if (ret == BAD_FUNC_ARG) {
  9939. ret = 0;
  9940. } else if (ret == 0) {
  9941. ret = SSL_FATAL_ERROR;
  9942. }
  9943. }
  9944. }
  9945. printf(resultFmt, ret == 0 ? passed : failed);
  9946. if (wc_FreeRng(&rng) && ret == 0) {
  9947. ret = SSL_FATAL_ERROR;
  9948. }
  9949. wc_ed25519_free(&pubKey);
  9950. #endif
  9951. return ret;
  9952. } /* END wc_ed25519_import_public */
  9953. /*
  9954. * Testing wc_ed25519_import_private_key()
  9955. */
  9956. static int test_wc_ed25519_import_private_key (void)
  9957. {
  9958. int ret = 0;
  9959. #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT)
  9960. WC_RNG rng;
  9961. ed25519_key key;
  9962. const byte privKey[] = "Ed25519PrivateKeyUnitTest.....\n";
  9963. const byte pubKey[] = "Ed25519PublicKeyUnitTest......\n";
  9964. word32 privKeySz = sizeof(privKey);
  9965. word32 pubKeySz = sizeof(pubKey);
  9966. ret = wc_InitRng(&rng);
  9967. if (ret != 0) {
  9968. return ret;
  9969. }
  9970. ret = wc_ed25519_init(&key);
  9971. if (ret != 0) {
  9972. wc_FreeRng(&rng);
  9973. return ret;
  9974. }
  9975. ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key);
  9976. printf(testingFmt, "wc_ed25519_import_private_key()");
  9977. if (ret == 0) {
  9978. ret = wc_ed25519_import_private_key(privKey, privKeySz, pubKey,
  9979. pubKeySz, &key);
  9980. if (ret == 0 && (XMEMCMP(pubKey, key.p, privKeySz) != 0
  9981. || XMEMCMP(privKey, key.k, pubKeySz) != 0)) {
  9982. ret = SSL_FATAL_ERROR;
  9983. }
  9984. }
  9985. /* Test bad args. */
  9986. if (ret == 0) {
  9987. ret = wc_ed25519_import_private_key(NULL, privKeySz, pubKey, pubKeySz,
  9988. &key);
  9989. if (ret == BAD_FUNC_ARG) {
  9990. ret = wc_ed25519_import_private_key(privKey, privKeySz, NULL,
  9991. pubKeySz, &key);
  9992. }
  9993. if (ret == BAD_FUNC_ARG) {
  9994. ret = wc_ed25519_import_private_key(privKey, privKeySz, pubKey,
  9995. pubKeySz, NULL);
  9996. }
  9997. if (ret == BAD_FUNC_ARG) {
  9998. ret = wc_ed25519_import_private_key(privKey, privKeySz - 1, pubKey,
  9999. pubKeySz, &key);
  10000. }
  10001. if (ret == BAD_FUNC_ARG) {
  10002. ret = wc_ed25519_import_private_key(privKey, privKeySz, pubKey,
  10003. pubKeySz - 1, &key);
  10004. }
  10005. if (ret == BAD_FUNC_ARG) {
  10006. ret = 0;
  10007. } else if (ret == 0) {
  10008. ret = SSL_FATAL_ERROR;
  10009. }
  10010. }
  10011. printf(resultFmt, ret == 0 ? passed : failed);
  10012. if (wc_FreeRng(&rng) && ret == 0) {
  10013. ret = SSL_FATAL_ERROR;
  10014. }
  10015. wc_ed25519_free(&key);
  10016. #endif
  10017. return ret;
  10018. } /* END test_wc_ed25519_import_private_key */
  10019. /*
  10020. * Testing wc_ed25519_export_public() and wc_ed25519_export_private_only()
  10021. */
  10022. static int test_wc_ed25519_export (void)
  10023. {
  10024. int ret = 0;
  10025. #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
  10026. WC_RNG rng;
  10027. ed25519_key key;
  10028. byte priv[ED25519_PRV_KEY_SIZE];
  10029. byte pub[ED25519_PUB_KEY_SIZE];
  10030. word32 privSz = sizeof(priv);
  10031. word32 pubSz = sizeof(pub);
  10032. ret = wc_InitRng(&rng);
  10033. if (ret != 0) {
  10034. return ret;
  10035. }
  10036. ret = wc_ed25519_init(&key);
  10037. if (ret != 0) {
  10038. wc_FreeRng(&rng);
  10039. return ret;
  10040. }
  10041. if (ret == 0) {
  10042. ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key);
  10043. }
  10044. printf(testingFmt, "wc_ed25519_export_public()");
  10045. if (ret == 0) {
  10046. ret = wc_ed25519_export_public(&key, pub, &pubSz);
  10047. if (ret == 0 && (pubSz != ED25519_KEY_SIZE
  10048. || XMEMCMP(key.p, pub, pubSz) != 0)) {
  10049. ret = SSL_FATAL_ERROR;
  10050. }
  10051. if (ret == 0) {
  10052. ret = wc_ed25519_export_public(NULL, pub, &pubSz);
  10053. if (ret == BAD_FUNC_ARG) {
  10054. ret = wc_ed25519_export_public(&key, NULL, &pubSz);
  10055. }
  10056. if (ret == BAD_FUNC_ARG) {
  10057. ret = wc_ed25519_export_public(&key, pub, NULL);
  10058. }
  10059. if (ret == BAD_FUNC_ARG) {
  10060. ret = 0;
  10061. } else if (ret == 0) {
  10062. ret = SSL_FATAL_ERROR;
  10063. }
  10064. }
  10065. }
  10066. printf(resultFmt, ret == 0 ? passed : failed);
  10067. printf(testingFmt, "wc_ed25519_export_private_only()");
  10068. if (ret == 0) {
  10069. ret = wc_ed25519_export_private_only(&key, priv, &privSz);
  10070. if (ret == 0 && (privSz != ED25519_KEY_SIZE
  10071. || XMEMCMP(key.k, priv, privSz) != 0)) {
  10072. ret = SSL_FATAL_ERROR;
  10073. }
  10074. if (ret == 0) {
  10075. ret = wc_ed25519_export_private_only(NULL, priv, &privSz);
  10076. if (ret == BAD_FUNC_ARG) {
  10077. ret = wc_ed25519_export_private_only(&key, NULL, &privSz);
  10078. }
  10079. if (ret == BAD_FUNC_ARG) {
  10080. ret = wc_ed25519_export_private_only(&key, priv, NULL);
  10081. }
  10082. if (ret == BAD_FUNC_ARG) {
  10083. ret = 0;
  10084. } else if (ret == 0) {
  10085. ret = SSL_FATAL_ERROR;
  10086. }
  10087. }
  10088. }
  10089. printf(resultFmt, ret == 0 ? passed : failed);
  10090. if (wc_FreeRng(&rng) && ret == 0) {
  10091. ret = SSL_FATAL_ERROR;
  10092. }
  10093. wc_ed25519_free(&key);
  10094. #endif
  10095. return ret;
  10096. } /* END test_wc_ed25519_export */
  10097. /*
  10098. * Testing wc_ed25519_size()
  10099. */
  10100. static int test_wc_ed25519_size (void)
  10101. {
  10102. int ret = 0;
  10103. #if defined(HAVE_ED25519)
  10104. WC_RNG rng;
  10105. ed25519_key key;
  10106. ret = wc_InitRng(&rng);
  10107. if (ret != 0) {
  10108. return ret;
  10109. }
  10110. ret = wc_ed25519_init(&key);
  10111. if (ret != 0) {
  10112. wc_FreeRng(&rng);
  10113. return ret;
  10114. }
  10115. ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key);
  10116. if (ret != 0) {
  10117. wc_FreeRng(&rng);
  10118. wc_ed25519_free(&key);
  10119. return ret;
  10120. }
  10121. printf(testingFmt, "wc_ed25519_size()");
  10122. ret = wc_ed25519_size(&key);
  10123. /* Test bad args. */
  10124. if (ret == ED25519_KEY_SIZE) {
  10125. ret = wc_ed25519_size(NULL);
  10126. if (ret == BAD_FUNC_ARG) {
  10127. ret = 0;
  10128. }
  10129. }
  10130. printf(resultFmt, ret == 0 ? passed : failed);
  10131. if (ret == 0) {
  10132. printf(testingFmt, "wc_ed25519_sig_size()");
  10133. ret = wc_ed25519_sig_size(&key);
  10134. if (ret == ED25519_SIG_SIZE) {
  10135. ret = 0;
  10136. }
  10137. /* Test bad args. */
  10138. if (ret == 0) {
  10139. ret = wc_ed25519_sig_size(NULL);
  10140. if (ret == BAD_FUNC_ARG) {
  10141. ret = 0;
  10142. }
  10143. }
  10144. printf(resultFmt, ret == 0 ? passed : failed);
  10145. } /* END wc_ed25519_sig_size() */
  10146. if (ret == 0) {
  10147. printf(testingFmt, "wc_ed25519_pub_size");
  10148. ret = wc_ed25519_pub_size(&key);
  10149. if (ret == ED25519_PUB_KEY_SIZE) {
  10150. ret = 0;
  10151. }
  10152. if (ret == 0) {
  10153. ret = wc_ed25519_pub_size(NULL);
  10154. if (ret == BAD_FUNC_ARG) {
  10155. ret = 0;
  10156. }
  10157. }
  10158. printf(resultFmt, ret == 0 ? passed : failed);
  10159. } /* END wc_ed25519_pub_size */
  10160. if (ret == 0) {
  10161. printf(testingFmt, "wc_ed25519_priv_size");
  10162. ret = wc_ed25519_priv_size(&key);
  10163. if (ret == ED25519_PRV_KEY_SIZE) {
  10164. ret = 0;
  10165. }
  10166. if (ret == 0) {
  10167. ret = wc_ed25519_priv_size(NULL);
  10168. if (ret == BAD_FUNC_ARG) {
  10169. ret = 0;
  10170. }
  10171. }
  10172. printf(resultFmt, ret == 0 ? passed : failed);
  10173. } /* END wc_ed25519_pub_size */
  10174. if (wc_FreeRng(&rng) && ret == 0) {
  10175. ret = SSL_FATAL_ERROR;
  10176. }
  10177. wc_ed25519_free(&key);
  10178. #endif
  10179. return ret;
  10180. } /* END test_wc_ed25519_size */
  10181. /*
  10182. * Testing wc_ed25519_export_private() and wc_ed25519_export_key()
  10183. */
  10184. static int test_wc_ed25519_exportKey (void)
  10185. {
  10186. int ret = 0;
  10187. #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
  10188. WC_RNG rng;
  10189. ed25519_key key;
  10190. byte priv[ED25519_PRV_KEY_SIZE];
  10191. byte pub[ED25519_PUB_KEY_SIZE];
  10192. byte privOnly[ED25519_PRV_KEY_SIZE];
  10193. word32 privSz = sizeof(priv);
  10194. word32 pubSz = sizeof(pub);
  10195. word32 privOnlySz = sizeof(privOnly);
  10196. ret = wc_InitRng(&rng);
  10197. if (ret != 0) {
  10198. return ret;
  10199. }
  10200. ret = wc_ed25519_init(&key);
  10201. if (ret != 0) {
  10202. wc_FreeRng(&rng);
  10203. return ret;
  10204. }
  10205. ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key);
  10206. if (ret != 0) {
  10207. wc_FreeRng(&rng);
  10208. wc_ed25519_free(&key);
  10209. return ret;
  10210. }
  10211. printf(testingFmt, "wc_ed25519_export_private()");
  10212. ret = wc_ed25519_export_private(&key, privOnly, &privOnlySz);
  10213. if (ret == 0) {
  10214. ret = wc_ed25519_export_private(NULL, privOnly, &privOnlySz);
  10215. if (ret == BAD_FUNC_ARG) {
  10216. ret = wc_ed25519_export_private(&key, NULL, &privOnlySz);
  10217. }
  10218. if (ret == BAD_FUNC_ARG) {
  10219. ret = wc_ed25519_export_private(&key, privOnly, NULL);
  10220. }
  10221. if (ret == BAD_FUNC_ARG) {
  10222. ret = 0;
  10223. } else if (ret == 0) {
  10224. ret = SSL_FATAL_ERROR;
  10225. }
  10226. }
  10227. printf(resultFmt, ret == 0 ? passed : failed);
  10228. if (ret == 0) {
  10229. printf(testingFmt, "wc_ed25519_export_key()");
  10230. ret = wc_ed25519_export_key(&key, priv, &privSz, pub, &pubSz);
  10231. if (ret == 0) {
  10232. ret = wc_ed25519_export_key(NULL, priv, &privSz, pub, &pubSz);
  10233. if (ret == BAD_FUNC_ARG) {
  10234. ret = wc_ed25519_export_key(&key, NULL, &privSz, pub, &pubSz);
  10235. }
  10236. if (ret == BAD_FUNC_ARG) {
  10237. ret = wc_ed25519_export_key(&key, priv, NULL, pub, &pubSz);
  10238. }
  10239. if (ret == BAD_FUNC_ARG) {
  10240. ret = wc_ed25519_export_key(&key, priv, &privSz, NULL, &pubSz);
  10241. }
  10242. if (ret == BAD_FUNC_ARG) {
  10243. ret = wc_ed25519_export_key(&key, priv, &privSz, pub, NULL);
  10244. }
  10245. if (ret == BAD_FUNC_ARG) {
  10246. ret = 0;
  10247. } else if (ret == 0) {
  10248. ret = SSL_FATAL_ERROR;
  10249. }
  10250. }
  10251. printf(resultFmt, ret == 0 ? passed : failed);
  10252. } /* END wc_ed25519_export_key() */
  10253. /* Cross check output. */
  10254. if (ret == 0 && XMEMCMP(priv, privOnly, privSz) != 0) {
  10255. ret = SSL_FATAL_ERROR;
  10256. }
  10257. if (wc_FreeRng(&rng) && ret == 0) {
  10258. ret = SSL_FATAL_ERROR;
  10259. }
  10260. wc_ed25519_free(&key);
  10261. #endif
  10262. return ret;
  10263. } /* END test_wc_ed25519_exportKey */
  10264. /*
  10265. * Testing wc_ecc_make_key.
  10266. */
  10267. static int test_wc_ecc_make_key (void)
  10268. {
  10269. int ret = 0;
  10270. #if defined(HAVE_ECC)
  10271. WC_RNG rng;
  10272. ecc_key key;
  10273. ret = wc_InitRng(&rng);
  10274. if (ret == 0) {
  10275. ret = wc_ecc_init(&key);
  10276. }
  10277. printf(testingFmt, "wc_ecc_make_key()");
  10278. if (ret == 0) {
  10279. ret = wc_ecc_make_key(&rng, KEY14, &key);
  10280. }
  10281. /* Pass in bad args. */
  10282. if (ret == 0) {
  10283. ret = wc_ecc_make_key(NULL, KEY14, &key);
  10284. if (ret == BAD_FUNC_ARG) {
  10285. ret = wc_ecc_make_key(&rng, KEY14, NULL);
  10286. }
  10287. if (ret == BAD_FUNC_ARG) {
  10288. ret = 0;
  10289. } else if (ret == 0) {
  10290. ret = WOLFSSL_FATAL_ERROR;
  10291. }
  10292. }
  10293. if (wc_FreeRng(&rng) && ret == 0) {
  10294. ret = WOLFSSL_FATAL_ERROR;
  10295. }
  10296. printf(resultFmt, ret == 0 ? passed : failed);
  10297. wc_ecc_free(&key);
  10298. #endif
  10299. return ret;
  10300. } /* END test_wc_ecc_make_key */
  10301. /*
  10302. * Testing wc_ecc_init()
  10303. */
  10304. static int test_wc_ecc_init (void)
  10305. {
  10306. int ret = 0;
  10307. #ifdef HAVE_ECC
  10308. ecc_key key;
  10309. printf(testingFmt, "wc_ecc_init()");
  10310. ret = wc_ecc_init(&key);
  10311. /* Pass in bad args. */
  10312. if (ret == 0) {
  10313. ret = wc_ecc_init(NULL);
  10314. if (ret == BAD_FUNC_ARG) {
  10315. ret = 0;
  10316. } else if (ret == 0) {
  10317. ret = WOLFSSL_FATAL_ERROR;
  10318. }
  10319. }
  10320. printf(resultFmt, ret == 0 ? passed : failed);
  10321. wc_ecc_free(&key);
  10322. #endif
  10323. return ret;
  10324. } /* END test_wc_ecc_init */
  10325. /*
  10326. * Testing wc_ecc_check_key()
  10327. */
  10328. static int test_wc_ecc_check_key (void)
  10329. {
  10330. int ret = 0;
  10331. #if defined(HAVE_ECC)
  10332. WC_RNG rng;
  10333. ecc_key key;
  10334. ret = wc_InitRng(&rng);
  10335. if (ret == 0) {
  10336. ret = wc_ecc_init(&key);
  10337. if (ret == 0) {
  10338. ret = wc_ecc_make_key(&rng, KEY14, &key);
  10339. }
  10340. }
  10341. printf(testingFmt, "wc_ecc_check_key()");
  10342. if (ret == 0) {
  10343. ret = wc_ecc_check_key(&key);
  10344. }
  10345. /* Pass in bad args. */
  10346. if (ret == 0) {
  10347. ret = wc_ecc_check_key(NULL);
  10348. if (ret == BAD_FUNC_ARG) {
  10349. ret = 0;
  10350. } else if (ret == 0) {
  10351. ret = WOLFSSL_FATAL_ERROR;
  10352. }
  10353. }
  10354. printf(resultFmt, ret == 0 ? passed : failed);
  10355. if (wc_FreeRng(&rng) && ret == 0) {
  10356. ret = WOLFSSL_FATAL_ERROR;
  10357. }
  10358. wc_ecc_free(&key);
  10359. #endif
  10360. return ret;
  10361. } /* END test_wc_ecc_check_key */
  10362. /*
  10363. * Testing wc_ecc_size()
  10364. */
  10365. static int test_wc_ecc_size (void)
  10366. {
  10367. int ret = 0;
  10368. #if defined(HAVE_ECC)
  10369. WC_RNG rng;
  10370. ecc_key key;
  10371. ret = wc_InitRng(&rng);
  10372. if (ret == 0) {
  10373. ret = wc_ecc_init(&key);
  10374. if (ret == 0) {
  10375. ret = wc_ecc_make_key(&rng, KEY14, &key);
  10376. }
  10377. }
  10378. printf(testingFmt, "wc_ecc_size()");
  10379. if (ret == 0) {
  10380. ret = wc_ecc_size(&key);
  10381. if (ret == KEY14) {
  10382. ret = 0;
  10383. } else if (ret == 0){
  10384. ret = WOLFSSL_FATAL_ERROR;
  10385. }
  10386. }
  10387. /* Test bad args. */
  10388. if (ret == 0) {
  10389. /* Returns Zero for bad arg. */
  10390. ret = wc_ecc_size(NULL);
  10391. }
  10392. printf(resultFmt, ret == 0 ? passed : failed);
  10393. if (wc_FreeRng(&rng) && ret == 0) {
  10394. ret = WOLFSSL_FATAL_ERROR;
  10395. }
  10396. wc_ecc_free(&key);
  10397. #endif
  10398. return ret;
  10399. } /* END test_wc_ecc_size */
  10400. /*
  10401. * Testing wc_ecc_sign_hash() and wc_ecc_verify_hash()
  10402. */
  10403. static int test_wc_ecc_signVerify_hash (void)
  10404. {
  10405. int ret = 0;
  10406. #if defined(HAVE_ECC) && defined(HAVE_ECC_SIGN) && !defined(NO_ASN)
  10407. WC_RNG rng;
  10408. ecc_key key;
  10409. int signH = WOLFSSL_FATAL_ERROR;
  10410. #ifdef HAVE_ECC_VERIFY
  10411. int verifyH = WOLFSSL_FATAL_ERROR;
  10412. int verify = 0;
  10413. #endif
  10414. word32 siglen = ECC_BUFSIZE;
  10415. byte sig[ECC_BUFSIZE];
  10416. byte digest[] = "Everyone gets Friday off.";
  10417. word32 digestlen = (word32)XSTRLEN((char*)digest);
  10418. /* Init stack var */
  10419. XMEMSET(sig, 0, siglen);
  10420. /* Init structs. */
  10421. ret = wc_InitRng(&rng);
  10422. if (ret == 0) {
  10423. ret = wc_ecc_init(&key);
  10424. if (ret == 0) {
  10425. ret = wc_ecc_make_key(&rng, KEY14, &key);
  10426. }
  10427. }
  10428. printf(testingFmt, "wc_ecc_sign_hash()");
  10429. if (ret == 0) {
  10430. ret = wc_ecc_sign_hash(digest, digestlen, sig, &siglen, &rng, &key);
  10431. }
  10432. /* Checkk bad args. */
  10433. if (ret == 0) {
  10434. signH = wc_ecc_sign_hash(NULL, digestlen, sig, &siglen, &rng, &key);
  10435. if (signH == ECC_BAD_ARG_E) {
  10436. signH = wc_ecc_sign_hash(digest, digestlen, NULL, &siglen,
  10437. &rng, &key);
  10438. }
  10439. if (signH == ECC_BAD_ARG_E) {
  10440. signH = wc_ecc_sign_hash(digest, digestlen, sig, NULL,
  10441. &rng, &key);
  10442. }
  10443. if (signH == ECC_BAD_ARG_E) {
  10444. signH = wc_ecc_sign_hash(digest, digestlen, sig, &siglen,
  10445. NULL, &key);
  10446. }
  10447. if (signH == ECC_BAD_ARG_E) {
  10448. signH = wc_ecc_sign_hash(digest, digestlen, sig, &siglen,
  10449. &rng, NULL);
  10450. }
  10451. if (signH == ECC_BAD_ARG_E) {
  10452. signH = 0;
  10453. } else if (ret == 0) {
  10454. signH = WOLFSSL_FATAL_ERROR;
  10455. }
  10456. }
  10457. printf(resultFmt, signH == 0 ? passed : failed);
  10458. #ifdef HAVE_ECC_VERIFY
  10459. printf(testingFmt, "wc_ecc_verify_hash()");
  10460. ret = wc_ecc_verify_hash(sig, siglen, digest, digestlen, &verify, &key);
  10461. if (verify != 1 && ret == 0) {
  10462. ret = WOLFSSL_FATAL_ERROR;
  10463. }
  10464. /* Test bad args. */
  10465. if (ret == 0) {
  10466. verifyH = wc_ecc_verify_hash(NULL, siglen, digest, digestlen,
  10467. &verify, &key);
  10468. if (verifyH == ECC_BAD_ARG_E) {
  10469. verifyH = wc_ecc_verify_hash(sig, siglen, NULL, digestlen,
  10470. &verify, &key);
  10471. }
  10472. if (verifyH == ECC_BAD_ARG_E) {
  10473. verifyH = wc_ecc_verify_hash(sig, siglen, digest, digestlen,
  10474. NULL, &key);
  10475. }
  10476. if (verifyH == ECC_BAD_ARG_E) {
  10477. verifyH = wc_ecc_verify_hash(sig, siglen, digest, digestlen,
  10478. &verify, NULL);
  10479. }
  10480. if (verifyH == ECC_BAD_ARG_E) {
  10481. verifyH = 0;
  10482. } else if (ret == 0) {
  10483. verifyH = WOLFSSL_FATAL_ERROR;
  10484. }
  10485. }
  10486. printf(resultFmt, verifyH == 0 ? passed : failed);
  10487. #endif /* HAVE_ECC_VERIFY */
  10488. if (wc_FreeRng(&rng) && ret == 0) {
  10489. ret = WOLFSSL_FATAL_ERROR;
  10490. }
  10491. wc_ecc_free(&key);
  10492. #endif
  10493. return ret;
  10494. } /* END test_wc_ecc_sign_hash */
  10495. /*
  10496. * Testing wc_ecc_shared_secret()
  10497. */
  10498. static int test_wc_ecc_shared_secret (void)
  10499. {
  10500. int ret = 0;
  10501. #if defined(HAVE_ECC) && defined(HAVE_ECC_DHE)
  10502. ecc_key key, pubKey;
  10503. WC_RNG rng;
  10504. int keySz = KEY16;
  10505. byte out[keySz];
  10506. word32 outlen = (word32)sizeof(out);
  10507. /* Initialize variables. */
  10508. XMEMSET(out, 0, keySz);
  10509. ret = wc_InitRng(&rng);
  10510. if (ret == 0) {
  10511. ret = wc_ecc_init(&key);
  10512. if (ret == 0) {
  10513. ret = wc_ecc_init(&pubKey);
  10514. }
  10515. }
  10516. if (ret == 0) {
  10517. ret = wc_ecc_make_key(&rng, keySz, &key);
  10518. }
  10519. if (ret == 0) {
  10520. ret = wc_ecc_make_key(&rng, keySz, &pubKey);
  10521. }
  10522. printf(testingFmt, "wc_ecc_shared_secret()");
  10523. if (ret == 0) {
  10524. ret = wc_ecc_shared_secret(&key, &pubKey, out, &outlen);
  10525. /* Test bad args. */
  10526. if (ret == 0) {
  10527. ret = wc_ecc_shared_secret(NULL, &pubKey, out, &outlen);
  10528. if (ret == BAD_FUNC_ARG) {
  10529. ret = wc_ecc_shared_secret(&key, NULL, out, &outlen);
  10530. }
  10531. if (ret == BAD_FUNC_ARG) {
  10532. ret = wc_ecc_shared_secret(&key, &pubKey, NULL, &outlen);
  10533. }
  10534. if (ret == BAD_FUNC_ARG) {
  10535. ret = wc_ecc_shared_secret(&key, &pubKey, out, NULL);
  10536. }
  10537. if (ret == BAD_FUNC_ARG) {
  10538. ret = 0;
  10539. } else if (ret == 0) {
  10540. ret = WOLFSSL_FATAL_ERROR;
  10541. }
  10542. }
  10543. }
  10544. printf(resultFmt, ret == 0 ? passed : failed);
  10545. if (wc_FreeRng(&rng) && ret == 0) {
  10546. ret = WOLFSSL_FATAL_ERROR;
  10547. }
  10548. wc_ecc_free(&key);
  10549. wc_ecc_free(&pubKey);
  10550. #endif
  10551. return ret;
  10552. } /* END tests_wc_ecc_shared_secret */
  10553. /*
  10554. * testint wc_ecc_export_x963()
  10555. */
  10556. static int test_wc_ecc_export_x963 (void)
  10557. {
  10558. int ret = 0;
  10559. #ifdef HAVE_ECC
  10560. ecc_key key;
  10561. WC_RNG rng;
  10562. byte out[ECC_ASN963_MAX_BUF_SZ];
  10563. word32 outlen = sizeof(out);
  10564. /* Initialize variables. */
  10565. XMEMSET(out, 0, outlen);
  10566. ret = wc_InitRng(&rng);
  10567. if (ret == 0) {
  10568. ret = wc_ecc_init(&key);
  10569. if (ret == 0) {
  10570. ret = wc_ecc_make_key(&rng, KEY20, &key);
  10571. }
  10572. }
  10573. printf(testingFmt, "wc_ecc_export_x963()");
  10574. if (ret == 0) {
  10575. ret = wc_ecc_export_x963(&key, out, &outlen);
  10576. }
  10577. /* Test bad args. */
  10578. if (ret == 0) {
  10579. ret = wc_ecc_export_x963(NULL, out, &outlen);
  10580. if (ret == ECC_BAD_ARG_E) {
  10581. ret = wc_ecc_export_x963(&key, NULL, &outlen);
  10582. }
  10583. if (ret == LENGTH_ONLY_E) {
  10584. ret = wc_ecc_export_x963(&key, out, NULL);
  10585. }
  10586. if (ret == ECC_BAD_ARG_E) {
  10587. key.idx = -4;
  10588. ret = wc_ecc_export_x963(&key, out, &outlen);
  10589. }
  10590. if (ret == ECC_BAD_ARG_E) {
  10591. ret = 0;
  10592. } else {
  10593. ret = WOLFSSL_FATAL_ERROR;
  10594. }
  10595. }
  10596. printf(resultFmt, ret == 0 ? passed : failed);
  10597. if (wc_FreeRng(&rng) && ret == 0) {
  10598. ret = WOLFSSL_FATAL_ERROR;
  10599. }
  10600. wc_ecc_free(&key);
  10601. #endif
  10602. return ret;
  10603. } /* END test_wc_ecc_export_x963 */
  10604. /*
  10605. * Testing wc_ecc_export_x963_ex()
  10606. * compile with --enable-compkey will use compression.
  10607. */
  10608. static int test_wc_ecc_export_x963_ex (void)
  10609. {
  10610. int ret = 0;
  10611. #if defined(HAVE_ECC)
  10612. ecc_key key;
  10613. WC_RNG rng;
  10614. byte out[ECC_ASN963_MAX_BUF_SZ];
  10615. word32 outlen = sizeof(out);
  10616. #ifdef HAVE_COMP_KEY
  10617. word32 badOutLen = 5;
  10618. #endif
  10619. /* Init stack variables. */
  10620. XMEMSET(out, 0, outlen);
  10621. ret = wc_InitRng(&rng);
  10622. if (ret == 0) {
  10623. ret = wc_ecc_init(&key);
  10624. if (ret == 0) {
  10625. ret = wc_ecc_make_key(&rng, KEY64, &key);
  10626. }
  10627. }
  10628. printf(testingFmt, "wc_ecc_export_x963_ex()");
  10629. #ifdef HAVE_COMP_KEY
  10630. if (ret == 0) {
  10631. ret = wc_ecc_export_x963_ex(&key, out, &outlen, COMP);
  10632. }
  10633. #else
  10634. if (ret == 0) {
  10635. ret = wc_ecc_export_x963_ex(&key, out, &outlen, NOCOMP);
  10636. }
  10637. #endif
  10638. /* Test bad args. */
  10639. #ifdef HAVE_COMP_KEY
  10640. if (ret == 0) {
  10641. ret = wc_ecc_export_x963_ex(NULL, out, &outlen, COMP);
  10642. if (ret == BAD_FUNC_ARG) {
  10643. ret = wc_ecc_export_x963_ex(&key, NULL, &outlen, COMP);
  10644. }
  10645. if (ret == BAD_FUNC_ARG) {
  10646. ret = wc_ecc_export_x963_ex(&key, out, NULL, COMP);
  10647. }
  10648. if (ret == BAD_FUNC_ARG) {
  10649. ret = wc_ecc_export_x963_ex(&key, out, &badOutLen, COMP);
  10650. }
  10651. if (ret == BUFFER_E) {
  10652. key.idx = -4;
  10653. ret = wc_ecc_export_x963_ex(&key, out, &outlen, COMP);
  10654. }
  10655. if (ret == ECC_BAD_ARG_E) {
  10656. ret = 0;
  10657. } else {
  10658. ret = WOLFSSL_FATAL_ERROR;
  10659. }
  10660. }
  10661. #else
  10662. if (ret == 0) {
  10663. ret = wc_ecc_export_x963_ex(NULL, out, &outlen, NOCOMP);
  10664. if (ret == BAD_FUNC_ARG) {
  10665. ret = wc_ecc_export_x963_ex(&key, NULL, &outlen, NOCOMP);
  10666. }
  10667. if (ret == BAD_FUNC_ARG) {
  10668. ret = wc_ecc_export_x963_ex(&key, out, &outlen, 1);
  10669. }
  10670. if (ret == NOT_COMPILED_IN) {
  10671. ret = wc_ecc_export_x963_ex(&key, out, NULL, NOCOMP);
  10672. }
  10673. if (ret == BAD_FUNC_ARG) {
  10674. key.idx = -4;
  10675. ret = wc_ecc_export_x963_ex(&key, out, &outlen, NOCOMP);
  10676. }
  10677. if (ret == ECC_BAD_ARG_E) {
  10678. ret = 0;
  10679. } else if (ret == 0) {
  10680. ret = WOLFSSL_FATAL_ERROR;
  10681. }
  10682. }
  10683. #endif
  10684. printf(resultFmt, ret == 0 ? passed : failed);
  10685. if (wc_FreeRng(&rng) && ret == 0) {
  10686. ret = WOLFSSL_FATAL_ERROR;
  10687. }
  10688. wc_ecc_free(&key);
  10689. #endif
  10690. return ret;
  10691. } /* END test_wc_ecc_export_x963_ex */
  10692. /*
  10693. * testing wc_ecc_import_x963()
  10694. */
  10695. static int test_wc_ecc_import_x963 (void)
  10696. {
  10697. int ret = 0;
  10698. #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_IMPORT)
  10699. ecc_key pubKey, key;
  10700. WC_RNG rng;
  10701. byte x963[ECC_ASN963_MAX_BUF_SZ];
  10702. word32 x963Len = (word32)sizeof(x963);
  10703. /* Init stack variables. */
  10704. XMEMSET(x963, 0, x963Len);
  10705. ret = wc_InitRng(&rng);
  10706. if (ret == 0) {
  10707. ret = wc_ecc_init(&pubKey);
  10708. if (ret == 0) {
  10709. ret = wc_ecc_init(&key);
  10710. }
  10711. if (ret == 0) {
  10712. ret = wc_ecc_make_key(&rng, KEY24, &key);
  10713. }
  10714. if (ret == 0) {
  10715. ret = wc_ecc_export_x963(&key, x963, &x963Len);
  10716. }
  10717. }
  10718. printf(testingFmt, "wc_ecc_import_x963()");
  10719. if (ret == 0) {
  10720. ret = wc_ecc_import_x963(x963, x963Len, &pubKey);
  10721. }
  10722. /* Test bad args. */
  10723. if (ret == 0) {
  10724. ret = wc_ecc_import_x963(NULL, x963Len, &pubKey);
  10725. if (ret == BAD_FUNC_ARG) {
  10726. ret = wc_ecc_import_x963(x963, x963Len, NULL);
  10727. }
  10728. if (ret == BAD_FUNC_ARG) {
  10729. ret = wc_ecc_import_x963(x963, x963Len + 1, &pubKey);
  10730. }
  10731. if (ret == ECC_BAD_ARG_E) {
  10732. ret = 0;
  10733. } else if (ret == 0) {
  10734. ret = WOLFSSL_FATAL_ERROR;
  10735. }
  10736. }
  10737. printf(resultFmt, ret == 0 ? passed : failed);
  10738. if (wc_FreeRng(&rng) && ret == 0) {
  10739. ret = WOLFSSL_FATAL_ERROR;
  10740. }
  10741. wc_ecc_free(&key);
  10742. wc_ecc_free(&pubKey);
  10743. #endif
  10744. return ret;
  10745. } /* END wc_ecc_import_x963 */
  10746. /*
  10747. * testing wc_ecc_import_private_key()
  10748. */
  10749. static int ecc_import_private_key (void)
  10750. {
  10751. int ret = 0;
  10752. #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_IMPORT)
  10753. ecc_key key, keyImp;
  10754. WC_RNG rng;
  10755. byte privKey[ECC_PRIV_KEY_BUF]; /* Raw private key.*/
  10756. byte x963Key[ECC_ASN963_MAX_BUF_SZ];
  10757. word32 privKeySz = (word32)sizeof(privKey);
  10758. word32 x963KeySz = (word32)sizeof(x963Key);
  10759. /* Init stack variables. */
  10760. XMEMSET(privKey, 0, privKeySz);
  10761. XMEMSET(x963Key, 0, x963KeySz);
  10762. ret = wc_InitRng(&rng);
  10763. if (ret == 0) {
  10764. ret = wc_ecc_init(&key);
  10765. if (ret == 0) {
  10766. ret = wc_ecc_init(&keyImp);
  10767. }
  10768. if (ret == 0) {
  10769. ret = wc_ecc_make_key(&rng, KEY48, &key);
  10770. }
  10771. if (ret == 0) {
  10772. ret = wc_ecc_export_x963(&key, x963Key, &x963KeySz);
  10773. }
  10774. if (ret == 0) {
  10775. ret = wc_ecc_export_private_only(&key, privKey, &privKeySz);
  10776. }
  10777. }
  10778. printf(testingFmt, "wc_ecc_import_private_key()");
  10779. if (ret == 0) {
  10780. ret = wc_ecc_import_private_key(privKey, privKeySz, x963Key,
  10781. x963KeySz, &keyImp);
  10782. }
  10783. /* Pass in bad args. */
  10784. if (ret == 0) {
  10785. ret = wc_ecc_import_private_key(privKey, privKeySz, x963Key,
  10786. x963KeySz, NULL);
  10787. if (ret == BAD_FUNC_ARG) {
  10788. ret = wc_ecc_import_private_key(NULL, privKeySz, x963Key,
  10789. x963KeySz, &keyImp);
  10790. }
  10791. if (ret == BAD_FUNC_ARG) {
  10792. ret = 0;
  10793. } else if (ret == 0) {
  10794. ret = WOLFSSL_FATAL_ERROR;
  10795. }
  10796. }
  10797. printf(resultFmt, ret == 0 ? passed : failed);
  10798. if (wc_FreeRng(&rng) && ret == 0) {
  10799. ret = WOLFSSL_FATAL_ERROR;
  10800. }
  10801. wc_ecc_free(&key);
  10802. wc_ecc_free(&keyImp);
  10803. #endif
  10804. return ret;
  10805. } /* END wc_ecc_import_private_key */
  10806. /*
  10807. * Testing wc_ecc_export_private_only()
  10808. */
  10809. static int test_wc_ecc_export_private_only (void)
  10810. {
  10811. int ret = 0;
  10812. #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT)
  10813. ecc_key key;
  10814. WC_RNG rng;
  10815. byte out[ECC_PRIV_KEY_BUF];
  10816. word32 outlen = sizeof(out);
  10817. /* Init stack variables. */
  10818. XMEMSET(out, 0, outlen);
  10819. ret = wc_InitRng(&rng);
  10820. if (ret == 0) {
  10821. ret = wc_ecc_init(&key);
  10822. if (ret == 0) {
  10823. ret = wc_ecc_make_key(&rng, KEY32, &key);
  10824. }
  10825. }
  10826. printf(testingFmt, "wc_ecc_export_private_only()");
  10827. if (ret == 0) {
  10828. ret = wc_ecc_export_private_only(&key, out, &outlen);
  10829. }
  10830. /* Pass in bad args. */
  10831. if (ret == 0) {
  10832. ret = wc_ecc_export_private_only(NULL, out, &outlen);
  10833. if (ret == BAD_FUNC_ARG) {
  10834. ret = wc_ecc_export_private_only(&key, NULL, &outlen);
  10835. }
  10836. if (ret == BAD_FUNC_ARG) {
  10837. ret = wc_ecc_export_private_only(&key, out, NULL);
  10838. }
  10839. if (ret == BAD_FUNC_ARG) {
  10840. ret = 0;
  10841. } else if (ret == 0) {
  10842. ret = WOLFSSL_FATAL_ERROR;
  10843. }
  10844. }
  10845. printf(resultFmt, ret == 0 ? passed : failed);
  10846. if (wc_FreeRng(&rng) && ret == 0) {
  10847. ret = WOLFSSL_FATAL_ERROR;
  10848. }
  10849. wc_ecc_free(&key);
  10850. #endif
  10851. return ret;
  10852. } /* END test_wc_ecc_export_private_only */
  10853. /*
  10854. * Testing wc_ecc_rs_to_sig()
  10855. */
  10856. static int test_wc_ecc_rs_to_sig (void)
  10857. {
  10858. int ret = 0;
  10859. #if defined(HAVE_ECC) && !defined(NO_ASN)
  10860. /* first [P-192,SHA-1] vector from FIPS 186-3 NIST vectors */
  10861. const char* R = "6994d962bdd0d793ffddf855ec5bf2f91a9698b46258a63e";
  10862. const char* S = "02ba6465a234903744ab02bc8521405b73cf5fc00e1a9f41";
  10863. byte sig[ECC_MAX_SIG_SIZE];
  10864. word32 siglen = (word32)sizeof(sig);
  10865. /*R and S max size is the order of curve. 2^192.*/
  10866. int keySz = KEY24;
  10867. byte r[keySz];
  10868. byte s[keySz];
  10869. word32 rlen = (word32)sizeof(r);
  10870. word32 slen = (word32)sizeof(s);
  10871. /* Init stack variables. */
  10872. XMEMSET(sig, 0, ECC_MAX_SIG_SIZE);
  10873. XMEMSET(r, 0, keySz);
  10874. XMEMSET(s, 0, keySz);
  10875. printf(testingFmt, "wc_ecc_rs_to_sig()");
  10876. ret = wc_ecc_rs_to_sig(R, S, sig, &siglen);
  10877. /* Test bad args. */
  10878. if (ret == 0) {
  10879. ret = wc_ecc_rs_to_sig(NULL, S, sig, &siglen);
  10880. if (ret == ECC_BAD_ARG_E) {
  10881. ret = wc_ecc_rs_to_sig(R, NULL, sig, &siglen);
  10882. }
  10883. if (ret == ECC_BAD_ARG_E) {
  10884. ret = wc_ecc_rs_to_sig(R, S, sig, NULL);
  10885. }
  10886. if (ret == ECC_BAD_ARG_E) {
  10887. ret = wc_ecc_rs_to_sig(R, S, NULL, &siglen);
  10888. }
  10889. if (ret == ECC_BAD_ARG_E) {
  10890. ret = 0;
  10891. } else {
  10892. ret = WOLFSSL_FATAL_ERROR;
  10893. }
  10894. }
  10895. printf(resultFmt, ret == 0 ? passed : failed);
  10896. printf(testingFmt, "wc_ecc_sig_to_rs()");
  10897. if (ret == 0) {
  10898. ret = wc_ecc_sig_to_rs(sig, siglen, r, &rlen, s, &slen);
  10899. }
  10900. /* Test bad args. */
  10901. if (ret == 0) {
  10902. ret = wc_ecc_sig_to_rs(NULL, siglen, r, &rlen, s, &slen);
  10903. if (ret == ECC_BAD_ARG_E) {
  10904. ret = wc_ecc_sig_to_rs(sig, siglen, NULL, &rlen, s, &slen);
  10905. }
  10906. if (ret == ECC_BAD_ARG_E) {
  10907. ret = wc_ecc_sig_to_rs(sig, siglen, r, NULL, s, &slen);
  10908. }
  10909. if (ret == ECC_BAD_ARG_E) {
  10910. ret = wc_ecc_sig_to_rs(sig, siglen, r, &rlen, NULL, &slen);
  10911. }
  10912. if (ret == ECC_BAD_ARG_E) {
  10913. ret = wc_ecc_sig_to_rs(sig, siglen, r, &rlen, s, NULL);
  10914. }
  10915. if (ret == ECC_BAD_ARG_E) {
  10916. ret = 0;
  10917. } else if (ret == 0) {
  10918. ret = WOLFSSL_FATAL_ERROR;
  10919. }
  10920. }
  10921. printf(resultFmt, ret == 0 ? passed : failed);
  10922. #endif
  10923. return ret;
  10924. } /* END test_wc_ecc_rs_to_sig */
  10925. static int test_wc_ecc_import_raw (void)
  10926. {
  10927. int ret = 0;
  10928. #ifdef HAVE_ECC
  10929. ecc_key key;
  10930. #ifdef HAVE_ALL_CURVES
  10931. const char* qx = "07008ea40b08dbe76432096e80a2494c94982d2d5bcf98e6";
  10932. const char* qy = "76fab681d00b414ea636ba215de26d98c41bd7f2e4d65477";
  10933. const char* d = "e14f37b3d1374ff8b03f41b9b3fdd2f0ebccf275d660d7f3";
  10934. const char* curveName = "SECP192R1";
  10935. #else
  10936. const char* qx =
  10937. "6c450448386596485678dcf46ccf75e80ff292443cddab1ff216d0c72cd9341";
  10938. const char* qy =
  10939. "9cac72ff8a90e4939e37714bfa07ae4612588535c3fdeab63ceb29b1d80f0d1";
  10940. const char* d =
  10941. "1e1dd938e15bdd036b0b0e2a6dc62fe7b46dbe042ac42310c6d5db0cda63e807";
  10942. const char* curveName = "SECP256R1";
  10943. #endif
  10944. ret = wc_ecc_init(&key);
  10945. printf(testingFmt, "wc_ecc_import_raw()");
  10946. if (ret == 0) {
  10947. ret = wc_ecc_import_raw(&key, qx, qy, d, curveName);
  10948. }
  10949. /* Test bad args. */
  10950. if (ret == 0) {
  10951. ret = wc_ecc_import_raw(NULL, qx, qy, d, curveName);
  10952. if (ret == BAD_FUNC_ARG) {
  10953. ret = wc_ecc_import_raw(&key, NULL, qy, d, curveName);
  10954. }
  10955. if (ret == BAD_FUNC_ARG) {
  10956. ret = wc_ecc_import_raw(&key, qx, NULL, d, curveName);
  10957. }
  10958. if (ret == BAD_FUNC_ARG) {
  10959. ret = wc_ecc_import_raw(&key, qx, qy, d, NULL);
  10960. }
  10961. if (ret == BAD_FUNC_ARG) {
  10962. ret = 0;
  10963. } else if (ret == 0) {
  10964. ret = WOLFSSL_FATAL_ERROR;
  10965. }
  10966. }
  10967. printf(resultFmt, ret == 0 ? passed : failed);
  10968. wc_ecc_free(&key);
  10969. #endif
  10970. return ret;
  10971. } /* END test_wc_ecc_import_raw */
  10972. /*
  10973. * Testing wc_ecc_sig_size()
  10974. */
  10975. static int test_wc_ecc_sig_size (void)
  10976. {
  10977. int ret = 0;
  10978. #ifdef HAVE_ECC
  10979. ecc_key key;
  10980. WC_RNG rng;
  10981. int keySz = KEY16;
  10982. ret = wc_InitRng(&rng);
  10983. if (ret == 0) {
  10984. ret = wc_ecc_init(&key);
  10985. if (ret == 0) {
  10986. ret = wc_ecc_make_key(&rng, keySz, &key);
  10987. }
  10988. }
  10989. printf(testingFmt, "wc_ecc_sig_size()");
  10990. if (ret == 0) {
  10991. ret = wc_ecc_sig_size(&key);
  10992. if (ret == (2 * keySz + SIG_HEADER_SZ + ECC_MAX_PAD_SZ)) {
  10993. ret = 0;
  10994. }
  10995. }
  10996. printf(resultFmt, ret == 0 ? passed : failed);
  10997. if (wc_FreeRng(&rng) && ret == 0) {
  10998. ret = WOLFSSL_FATAL_ERROR;
  10999. }
  11000. wc_ecc_free(&key);
  11001. #endif
  11002. return ret;
  11003. } /* END test_wc_ecc_sig_size */
  11004. /*
  11005. * Testing wc_ecc_ctx_new()
  11006. */
  11007. static int test_wc_ecc_ctx_new (void)
  11008. {
  11009. int ret = 0;
  11010. #if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT)
  11011. WC_RNG rng;
  11012. ecEncCtx* cli = NULL;
  11013. ecEncCtx* srv = NULL;
  11014. ret = wc_InitRng(&rng);
  11015. printf(testingFmt, "wc_ecc_ctx_new()");
  11016. if (ret == 0) {
  11017. cli = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng);
  11018. srv = wc_ecc_ctx_new(REQ_RESP_SERVER, &rng);
  11019. }
  11020. if (ret == 0 && (cli == NULL || srv == NULL)) {
  11021. ret = WOLFSSL_FATAL_ERROR;
  11022. }
  11023. wc_ecc_ctx_free(cli);
  11024. wc_ecc_ctx_free(srv);
  11025. /* Test bad args. */
  11026. if (ret == 0) {
  11027. /* wc_ecc_ctx_new_ex() will free if returned NULL. */
  11028. cli = wc_ecc_ctx_new(0, &rng);
  11029. if (cli != NULL) {
  11030. ret = WOLFSSL_FATAL_ERROR;
  11031. }
  11032. cli = wc_ecc_ctx_new(REQ_RESP_CLIENT, NULL);
  11033. if (cli != NULL) {
  11034. ret = WOLFSSL_FATAL_ERROR;
  11035. }
  11036. }
  11037. printf(resultFmt, ret == 0 ? passed : failed);
  11038. if (wc_FreeRng(&rng) && ret == 0) {
  11039. ret = WOLFSSL_FATAL_ERROR;
  11040. }
  11041. wc_ecc_ctx_free(cli);
  11042. #endif
  11043. return ret;
  11044. } /* END test_wc_ecc_ctx_new */
  11045. /*
  11046. * Tesing wc_ecc_reset()
  11047. */
  11048. static int test_wc_ecc_ctx_reset (void)
  11049. {
  11050. int ret = 0;
  11051. #if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT)
  11052. ecEncCtx* ctx = NULL;
  11053. WC_RNG rng;
  11054. ret = wc_InitRng(&rng);
  11055. if (ret == 0) {
  11056. if ( (ctx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng)) == NULL ) {
  11057. ret = WOLFSSL_FATAL_ERROR;
  11058. }
  11059. }
  11060. printf(testingFmt, "wc_ecc_ctx_reset()");
  11061. if (ret == 0) {
  11062. ret = wc_ecc_ctx_reset(ctx, &rng);
  11063. }
  11064. /* Pass in bad args. */
  11065. if (ret == 0) {
  11066. ret = wc_ecc_ctx_reset(NULL, &rng);
  11067. if (ret == BAD_FUNC_ARG) {
  11068. ret = wc_ecc_ctx_reset(ctx, NULL);
  11069. }
  11070. if (ret == BAD_FUNC_ARG) {
  11071. ret = 0;
  11072. } else if (ret == 0) {
  11073. ret = WOLFSSL_FATAL_ERROR;
  11074. }
  11075. }
  11076. printf(resultFmt, ret == 0 ? passed : failed);
  11077. if (wc_FreeRng(&rng) && ret == 0) {
  11078. ret = WOLFSSL_FATAL_ERROR;
  11079. }
  11080. wc_ecc_ctx_free(ctx);
  11081. #endif
  11082. return ret;
  11083. } /* END test_wc_ecc_ctx_reset */
  11084. /*
  11085. * Testing wc_ecc_ctx_set_peer_salt() and wc_ecc_ctx_get_own_salt()
  11086. */
  11087. static int test_wc_ecc_ctx_set_peer_salt (void)
  11088. {
  11089. int ret = 0;
  11090. #if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT)
  11091. WC_RNG rng;
  11092. ecEncCtx* cliCtx = NULL;
  11093. ecEncCtx* servCtx = NULL;
  11094. const byte* cliSalt = NULL;
  11095. const byte* servSalt = NULL;
  11096. ret = wc_InitRng(&rng);
  11097. if (ret == 0) {
  11098. if ( ( (cliCtx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng)) == NULL ) ||
  11099. ( (servCtx = wc_ecc_ctx_new(REQ_RESP_SERVER, &rng)) == NULL) ) {
  11100. ret = WOLFSSL_FATAL_ERROR;
  11101. }
  11102. }
  11103. printf(testingFmt, "wc_ecc_ctx_get_own_salt()");
  11104. /* Test bad args. */
  11105. if (ret == 0) {
  11106. cliSalt = wc_ecc_ctx_get_own_salt(NULL);
  11107. if (cliSalt != NULL) {
  11108. ret = WOLFSSL_FATAL_ERROR;
  11109. }
  11110. }
  11111. if (ret == 0) {
  11112. cliSalt = wc_ecc_ctx_get_own_salt(cliCtx);
  11113. servSalt = wc_ecc_ctx_get_own_salt(servCtx);
  11114. if (cliSalt == NULL || servSalt == NULL) {
  11115. ret = WOLFSSL_FATAL_ERROR;
  11116. }
  11117. }
  11118. printf(resultFmt, ret == 0 ? passed : failed);
  11119. printf(testingFmt, "wc_ecc_ctx_set_peer_salt()");
  11120. if (ret == 0) {
  11121. ret = wc_ecc_ctx_set_peer_salt(cliCtx, servSalt);
  11122. }
  11123. /* Test bad args. */
  11124. if (ret == 0) {
  11125. ret = wc_ecc_ctx_set_peer_salt(NULL, servSalt);
  11126. if (ret == BAD_FUNC_ARG) {
  11127. ret = wc_ecc_ctx_set_peer_salt(cliCtx, NULL);
  11128. }
  11129. if (ret == BAD_FUNC_ARG) {
  11130. ret = 0;
  11131. } else if (ret == 0) {
  11132. ret = WOLFSSL_FATAL_ERROR;
  11133. }
  11134. }
  11135. printf(resultFmt, ret == 0 ? passed : failed);
  11136. if (wc_FreeRng(&rng) && ret == 0) {
  11137. ret = WOLFSSL_FATAL_ERROR;
  11138. }
  11139. wc_ecc_ctx_free(cliCtx);
  11140. wc_ecc_ctx_free(servCtx);
  11141. #endif
  11142. return ret;
  11143. } /* END test_wc_ecc_ctx_set_peer_salt */
  11144. /*
  11145. * Testing wc_ecc_ctx_set_info()
  11146. */
  11147. static int test_wc_ecc_ctx_set_info (void)
  11148. {
  11149. int ret = 0;
  11150. #if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT)
  11151. ecEncCtx* ctx = NULL;
  11152. WC_RNG rng;
  11153. const char* optInfo = "Optional Test Info.";
  11154. int optInfoSz = (int)XSTRLEN(optInfo);
  11155. const char* badOptInfo = NULL;
  11156. ret = wc_InitRng(&rng);
  11157. if ( (ctx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng)) == NULL || ret != 0 ) {
  11158. ret = WOLFSSL_FATAL_ERROR;
  11159. }
  11160. printf(testingFmt, "wc_ecc_ctx_set_info()");
  11161. if (ret == 0) {
  11162. ret = wc_ecc_ctx_set_info(ctx, (byte*)optInfo, optInfoSz);
  11163. }
  11164. /* Test bad args. */
  11165. if (ret == 0) {
  11166. ret = wc_ecc_ctx_set_info(NULL, (byte*)optInfo, optInfoSz);
  11167. if (ret == BAD_FUNC_ARG) {
  11168. ret = wc_ecc_ctx_set_info(ctx, (byte*)badOptInfo, optInfoSz);
  11169. }
  11170. if (ret == BAD_FUNC_ARG) {
  11171. ret = wc_ecc_ctx_set_info(ctx, (byte*)optInfo, -1);
  11172. }
  11173. if (ret == BAD_FUNC_ARG) {
  11174. ret = 0;
  11175. } else if (ret == 0) {
  11176. ret = WOLFSSL_FATAL_ERROR;
  11177. }
  11178. }
  11179. printf(resultFmt, ret == 0 ? passed : failed);
  11180. if (wc_FreeRng(&rng) && ret == 0) {
  11181. ret = WOLFSSL_FATAL_ERROR;
  11182. }
  11183. wc_ecc_ctx_free(ctx);
  11184. #endif
  11185. return ret;
  11186. } /* END test_wc_ecc_ctx_set_info */
  11187. /*
  11188. * Testing wc_ecc_encrypt() and wc_ecc_decrypt()
  11189. */
  11190. static int test_wc_ecc_encryptDecrypt (void)
  11191. {
  11192. int ret = 0;
  11193. #if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && defined(WOLFSSL_AES_128)
  11194. ecc_key srvKey, cliKey;
  11195. WC_RNG rng;
  11196. const char* msg = "EccBlock Size 16";
  11197. word32 msgSz = (word32)XSTRLEN(msg);
  11198. byte out[XSTRLEN(msg) + WC_SHA256_DIGEST_SIZE];
  11199. word32 outSz = (word32)sizeof(out);
  11200. byte plain[XSTRLEN(msg) + 1];
  11201. word32 plainSz = (word32)sizeof(plain);
  11202. int keySz = KEY20;
  11203. /* Init stack variables. */
  11204. XMEMSET(out, 0, outSz);
  11205. XMEMSET(plain, 0, plainSz);
  11206. ret = wc_InitRng(&rng);
  11207. if (ret == 0) {
  11208. ret = wc_ecc_init(&cliKey);
  11209. if (ret == 0) {
  11210. ret = wc_ecc_make_key(&rng, keySz, &cliKey);
  11211. }
  11212. if (ret == 0) {
  11213. ret = wc_ecc_init(&srvKey);
  11214. }
  11215. if (ret == 0) {
  11216. ret = wc_ecc_make_key(&rng, keySz, &srvKey);
  11217. }
  11218. }
  11219. printf(testingFmt, "wc_ecc_encrypt()");
  11220. if (ret == 0) {
  11221. ret = wc_ecc_encrypt(&cliKey, &srvKey, (byte*)msg, msgSz, out,
  11222. &outSz, NULL);
  11223. }
  11224. if (ret == 0) {
  11225. ret = wc_ecc_encrypt(NULL, &srvKey, (byte*)msg, msgSz, out,
  11226. &outSz, NULL);
  11227. if (ret == BAD_FUNC_ARG) {
  11228. ret = wc_ecc_encrypt(&cliKey, NULL, (byte*)msg, msgSz, out,
  11229. &outSz, NULL);
  11230. }
  11231. if (ret == BAD_FUNC_ARG) {
  11232. ret = wc_ecc_encrypt(&cliKey, &srvKey, NULL, msgSz, out,
  11233. &outSz, NULL);
  11234. }
  11235. if (ret == BAD_FUNC_ARG) {
  11236. ret = wc_ecc_encrypt(&cliKey, &srvKey, (byte*)msg, msgSz, NULL,
  11237. &outSz, NULL);
  11238. }
  11239. if (ret == BAD_FUNC_ARG) {
  11240. ret = wc_ecc_encrypt(&cliKey, &srvKey, (byte*)msg, msgSz, out,
  11241. NULL, NULL);
  11242. }
  11243. if (ret == BAD_FUNC_ARG) {
  11244. ret = 0;
  11245. } else if (ret == 0) {
  11246. ret = WOLFSSL_FATAL_ERROR;
  11247. }
  11248. }
  11249. printf(resultFmt, ret == 0 ? passed : failed);
  11250. printf(testingFmt, "wc_ecc_decrypt()");
  11251. if (ret == 0) {
  11252. ret = wc_ecc_decrypt(&srvKey, &cliKey, out, outSz, plain,
  11253. &plainSz, NULL);
  11254. }
  11255. if (ret == 0) {
  11256. ret = wc_ecc_decrypt(NULL, &cliKey, out, outSz, plain,
  11257. &plainSz, NULL);
  11258. if (ret == BAD_FUNC_ARG) {
  11259. ret = wc_ecc_decrypt(&srvKey, NULL, out, outSz, plain,
  11260. &plainSz, NULL);
  11261. }
  11262. if (ret == BAD_FUNC_ARG) {
  11263. ret = wc_ecc_decrypt(&srvKey, &cliKey, NULL, outSz, plain,
  11264. &plainSz, NULL);
  11265. }
  11266. if (ret == BAD_FUNC_ARG) {
  11267. ret = wc_ecc_decrypt(&srvKey, &cliKey, out, outSz, NULL,
  11268. &plainSz, NULL);
  11269. }
  11270. if (ret == BAD_FUNC_ARG) {
  11271. ret = wc_ecc_decrypt(&srvKey, &cliKey, out, outSz,
  11272. plain, NULL, NULL);
  11273. }
  11274. if (ret == BAD_FUNC_ARG) {
  11275. ret = 0;
  11276. } else if (ret == 0) {
  11277. ret = WOLFSSL_FATAL_ERROR;
  11278. }
  11279. }
  11280. if (XMEMCMP(msg, plain, msgSz) != 0) {
  11281. ret = WOLFSSL_FATAL_ERROR;
  11282. }
  11283. printf(resultFmt, ret == 0 ? passed : failed);
  11284. if (wc_FreeRng(&rng) && ret == 0) {
  11285. ret = WOLFSSL_FATAL_ERROR;
  11286. }
  11287. wc_ecc_free(&cliKey);
  11288. wc_ecc_free(&srvKey);
  11289. #endif
  11290. return ret;
  11291. } /* END test_wc_ecc_encryptDecrypt */
  11292. /*
  11293. * Testing wc_ecc_del_point() and wc_ecc_new_point()
  11294. */
  11295. static int test_wc_ecc_del_point (void)
  11296. {
  11297. int ret = 0;
  11298. #if defined(HAVE_ECC)
  11299. ecc_point* pt;
  11300. printf(testingFmt, "wc_ecc_new_point()");
  11301. pt = wc_ecc_new_point();
  11302. if (!pt) {
  11303. ret = WOLFSSL_FATAL_ERROR;
  11304. }
  11305. printf(resultFmt, ret == 0 ? passed : failed);
  11306. wc_ecc_del_point(pt);
  11307. #endif
  11308. return ret;
  11309. } /* END test_wc_ecc_del_point */
  11310. /*
  11311. * Testing wc_ecc_point_is_at_infinity(), wc_ecc_export_point_der(),
  11312. * wc_ecc_import_point_der(), wc_ecc_copy_point(), and wc_ecc_cmp_point()
  11313. */
  11314. static int test_wc_ecc_pointFns (void)
  11315. {
  11316. int ret = 0;
  11317. #if defined(HAVE_ECC)
  11318. ecc_key key;
  11319. WC_RNG rng;
  11320. ecc_point* point = NULL;
  11321. ecc_point* cpypt = NULL;
  11322. int idx = 0;
  11323. int keySz = KEY32;
  11324. byte der[DER_SZ];
  11325. word32 derlenChk = 0;
  11326. word32 derSz = (int)sizeof(der);
  11327. /* Init stack variables. */
  11328. XMEMSET(der, 0, derSz);
  11329. ret = wc_InitRng(&rng);
  11330. if (ret == 0) {
  11331. ret = wc_ecc_init(&key);
  11332. if (ret == 0) {
  11333. ret = wc_ecc_make_key(&rng, keySz, &key);
  11334. }
  11335. }
  11336. if (ret == 0) {
  11337. point = wc_ecc_new_point();
  11338. if (!point) {
  11339. ret = WOLFSSL_FATAL_ERROR;
  11340. }
  11341. }
  11342. if (ret == 0) {
  11343. cpypt = wc_ecc_new_point();
  11344. if (!cpypt) {
  11345. ret = WOLFSSL_FATAL_ERROR;
  11346. }
  11347. }
  11348. /* Export */
  11349. printf(testingFmt, "wc_ecc_export_point_der()");
  11350. if (ret == 0) {
  11351. ret = wc_ecc_export_point_der((idx = key.idx), &key.pubkey,
  11352. NULL, &derlenChk);
  11353. /* Check length value. */
  11354. if (derSz == derlenChk && ret == LENGTH_ONLY_E) {
  11355. ret = wc_ecc_export_point_der((idx = key.idx), &key.pubkey,
  11356. der, &derSz);
  11357. }
  11358. }
  11359. /* Test bad args. */
  11360. if (ret == 0) {
  11361. ret = wc_ecc_export_point_der(-2, &key.pubkey, der, &derSz);
  11362. if (ret == ECC_BAD_ARG_E) {
  11363. ret = wc_ecc_export_point_der((idx = key.idx), NULL, der, &derSz);
  11364. }
  11365. if (ret == ECC_BAD_ARG_E) {
  11366. ret = wc_ecc_export_point_der((idx = key.idx), &key.pubkey,
  11367. der, NULL);
  11368. }
  11369. if (ret == ECC_BAD_ARG_E) {
  11370. ret = 0;
  11371. } else if (ret == 0) {
  11372. ret = WOLFSSL_FATAL_ERROR;
  11373. }
  11374. }
  11375. printf(resultFmt, ret == 0 ? passed : failed);
  11376. /* Import */
  11377. printf(testingFmt, "wc_ecc_import_point_der()");
  11378. if (ret == 0) {
  11379. ret = wc_ecc_import_point_der(der, derSz, idx, point);
  11380. /* Condition double checks wc_ecc_cmp_point(). */
  11381. if (ret == 0 && XMEMCMP(&key.pubkey, point, sizeof(key.pubkey))) {
  11382. ret = wc_ecc_cmp_point(&key.pubkey, point);
  11383. }
  11384. }
  11385. /* Test bad args. */
  11386. if (ret == 0) {
  11387. ret = wc_ecc_import_point_der(NULL, derSz, idx, point);
  11388. if (ret == ECC_BAD_ARG_E) {
  11389. ret = wc_ecc_import_point_der(der, derSz, idx, NULL);
  11390. }
  11391. if (ret == ECC_BAD_ARG_E) {
  11392. ret = wc_ecc_import_point_der(der, derSz, -1, point);
  11393. }
  11394. if (ret == ECC_BAD_ARG_E) {
  11395. ret = wc_ecc_import_point_der(der, derSz + 1, idx, point);
  11396. }
  11397. if (ret == ECC_BAD_ARG_E) {
  11398. ret = 0;
  11399. } else if (ret == 0) {
  11400. ret = WOLFSSL_FATAL_ERROR;
  11401. }
  11402. }
  11403. printf(resultFmt, ret == 0 ? passed : failed);
  11404. /* Copy */
  11405. printf(testingFmt, "wc_ecc_copy_point()");
  11406. if (ret == 0) {
  11407. ret = wc_ecc_copy_point(point, cpypt);
  11408. }
  11409. /* Test bad args. */
  11410. if (ret == 0) {
  11411. ret = wc_ecc_copy_point(NULL, cpypt);
  11412. if (ret == ECC_BAD_ARG_E) {
  11413. ret = wc_ecc_copy_point(point, NULL);
  11414. }
  11415. if (ret == ECC_BAD_ARG_E) {
  11416. ret = 0;
  11417. } else if (ret == 0) {
  11418. ret = WOLFSSL_FATAL_ERROR;
  11419. }
  11420. }
  11421. printf(resultFmt, ret == 0 ? passed : failed);
  11422. printf(testingFmt, "wc_ecc_cmp_point()");
  11423. /* Compare point */
  11424. if (ret == 0) {
  11425. ret = wc_ecc_cmp_point(point, cpypt);
  11426. }
  11427. /* Test bad args. */
  11428. if (ret == 0) {
  11429. ret = wc_ecc_cmp_point(NULL, cpypt);
  11430. if (ret == BAD_FUNC_ARG) {
  11431. ret = wc_ecc_cmp_point(point, NULL);
  11432. }
  11433. if (ret == BAD_FUNC_ARG) {
  11434. ret = 0;
  11435. } else if (ret == 0) {
  11436. ret = WOLFSSL_FATAL_ERROR;
  11437. }
  11438. }
  11439. printf(resultFmt, ret == 0 ? passed : failed);
  11440. printf(testingFmt, "wc_ecc_point_is_at_infinity()");
  11441. /* At infinity if return == 1, otherwise return == 0. */
  11442. if (ret == 0) {
  11443. ret = wc_ecc_point_is_at_infinity(point);
  11444. }
  11445. /* Test bad args. */
  11446. if (ret == 0) {
  11447. ret = wc_ecc_point_is_at_infinity(NULL);
  11448. if (ret == BAD_FUNC_ARG) {
  11449. ret = 0;
  11450. } else if (ret == 0) {
  11451. ret = WOLFSSL_FATAL_ERROR;
  11452. }
  11453. }
  11454. printf(resultFmt, ret == 0 ? passed : failed);
  11455. /* Free */
  11456. wc_ecc_del_point(point);
  11457. wc_ecc_del_point(cpypt);
  11458. wc_ecc_free(&key);
  11459. if (wc_FreeRng(&rng) && ret == 0) {
  11460. ret = WOLFSSL_FATAL_ERROR;
  11461. }
  11462. #endif
  11463. return ret;
  11464. } /* END test_wc_ecc_pointFns */
  11465. /*
  11466. * Testing wc_ecc_sahred_secret_ssh()
  11467. */
  11468. static int test_wc_ecc_shared_secret_ssh (void)
  11469. {
  11470. int ret = 0;
  11471. #if defined(HAVE_ECC) && defined(HAVE_ECC_DHE)
  11472. ecc_key key, key2;
  11473. WC_RNG rng;
  11474. int keySz = KEY32;
  11475. int key2Sz = KEY24;
  11476. byte secret[keySz];
  11477. word32 secretLen = keySz;
  11478. /* Init stack variables. */
  11479. XMEMSET(secret, 0, secretLen);
  11480. /* Make keys */
  11481. ret = wc_InitRng(&rng);
  11482. if (ret == 0) {
  11483. ret = wc_ecc_init(&key);
  11484. if (ret == 0) {
  11485. ret = wc_ecc_make_key(&rng, keySz, &key);
  11486. }
  11487. if (wc_FreeRng(&rng) && ret == 0) {
  11488. ret = WOLFSSL_FATAL_ERROR;
  11489. }
  11490. }
  11491. if (ret == 0) {
  11492. ret = wc_InitRng(&rng);
  11493. if (ret == 0) {
  11494. ret = wc_ecc_init(&key2);
  11495. }
  11496. if (ret == 0) {
  11497. ret = wc_ecc_make_key(&rng, key2Sz, &key2);
  11498. }
  11499. }
  11500. printf(testingFmt, "ecc_shared_secret_ssh()");
  11501. if (ret == 0) {
  11502. ret = wc_ecc_shared_secret_ssh(&key, &key2.pubkey, secret, &secretLen);
  11503. }
  11504. /* Pass in bad args. */
  11505. if (ret == 0) {
  11506. ret = wc_ecc_shared_secret_ssh(NULL, &key2.pubkey, secret, &secretLen);
  11507. if (ret == BAD_FUNC_ARG) {
  11508. ret = wc_ecc_shared_secret_ssh(&key, NULL, secret, &secretLen);
  11509. }
  11510. if (ret == BAD_FUNC_ARG) {
  11511. ret = wc_ecc_shared_secret_ssh(&key, &key2.pubkey, NULL, &secretLen);
  11512. }
  11513. if (ret == BAD_FUNC_ARG) {
  11514. ret = wc_ecc_shared_secret_ssh(&key, &key2.pubkey, secret, NULL);
  11515. }
  11516. if (ret == BAD_FUNC_ARG) {
  11517. key.type = ECC_PUBLICKEY;
  11518. ret = wc_ecc_shared_secret_ssh(&key, &key2.pubkey, secret, &secretLen);
  11519. if (ret == ECC_BAD_ARG_E) {
  11520. ret = 0;
  11521. } else if (ret == 0) {
  11522. ret = WOLFSSL_FATAL_ERROR;
  11523. }
  11524. } else if (ret == 0) {
  11525. ret = WOLFSSL_FATAL_ERROR;
  11526. }
  11527. }
  11528. printf(resultFmt, ret == 0 ? passed : failed);
  11529. if (wc_FreeRng(&rng) && ret == 0) {
  11530. ret = WOLFSSL_FATAL_ERROR;
  11531. }
  11532. wc_ecc_free(&key);
  11533. wc_ecc_free(&key2);
  11534. #endif
  11535. return ret;
  11536. } /* END test_wc_ecc_shared_secret_ssh */
  11537. /*
  11538. * Testing wc_ecc_verify_hash_ex() and wc_ecc_verify_hash_ex()
  11539. */
  11540. static int test_wc_ecc_verify_hash_ex (void)
  11541. {
  11542. int ret = 0;
  11543. #if defined(HAVE_ECC) && defined(HAVE_ECC_SIGN) && defined(WOLFSSL_PUBLIC_MP)
  11544. ecc_key key;
  11545. WC_RNG rng;
  11546. mp_int r;
  11547. mp_int s;
  11548. unsigned char hash[] = "Everyone gets Friday off.EccSig";
  11549. unsigned char iHash[] = "Everyone gets Friday off.......";
  11550. unsigned char shortHash[] = "Everyone gets Friday off.";
  11551. word32 hashlen = sizeof(hash);
  11552. word32 iHashLen = sizeof(iHash);
  11553. word32 shortHashLen = sizeof(shortHash);
  11554. int keySz = KEY32;
  11555. int sig = WOLFSSL_FATAL_ERROR;
  11556. int ver = WOLFSSL_FATAL_ERROR;
  11557. int stat = 0;
  11558. /* Initialize r and s. */
  11559. ret = mp_init_multi(&r, &s, NULL, NULL, NULL, NULL);
  11560. if (ret != MP_OKAY) {
  11561. return MP_INIT_E;
  11562. }
  11563. ret = wc_InitRng(&rng);
  11564. if (ret == 0) {
  11565. ret = wc_ecc_init(&key);
  11566. if (ret == 0) {
  11567. ret = wc_ecc_make_key(&rng, keySz, &key);
  11568. }
  11569. }
  11570. if (ret == 0) {
  11571. ret = wc_ecc_sign_hash_ex(hash, hashlen, &rng, &key, &r, &s);
  11572. if (ret == 0) {
  11573. /* stat should be 1. */
  11574. ret = wc_ecc_verify_hash_ex(&r, &s, hash, hashlen, &stat, &key);
  11575. if (stat != 1 && ret == 0) {
  11576. ret = WOLFSSL_FATAL_ERROR;
  11577. }
  11578. }
  11579. if (ret == 0) {
  11580. /* stat should be 0 */
  11581. ret = wc_ecc_verify_hash_ex(&r, &s, iHash, iHashLen,
  11582. &stat, &key);
  11583. if (stat != 0 && ret == 0) {
  11584. ret = WOLFSSL_FATAL_ERROR;
  11585. }
  11586. }
  11587. if (ret == 0) {
  11588. /* stat should be 0. */
  11589. ret = wc_ecc_verify_hash_ex(&r, &s, shortHash, shortHashLen,
  11590. &stat, &key);
  11591. if (stat != 0 && ret == 0) {
  11592. ret = WOLFSSL_FATAL_ERROR;
  11593. }
  11594. }
  11595. }
  11596. printf(testingFmt, "wc_ecc_sign_hash_ex()");
  11597. /* Test bad args. */
  11598. if (ret == 0) {
  11599. if (wc_ecc_sign_hash_ex(NULL, hashlen, &rng, &key, &r, &s)
  11600. == ECC_BAD_ARG_E) {
  11601. sig = 0;
  11602. }
  11603. if (sig == 0 && wc_ecc_sign_hash_ex(hash, hashlen, NULL, &key, &r, &s)
  11604. != ECC_BAD_ARG_E) {
  11605. sig = WOLFSSL_FATAL_ERROR;
  11606. }
  11607. if (sig == 0 && wc_ecc_sign_hash_ex(hash, hashlen, &rng, NULL, &r, &s)
  11608. != ECC_BAD_ARG_E) {
  11609. sig = WOLFSSL_FATAL_ERROR;
  11610. }
  11611. if (sig == 0 && wc_ecc_sign_hash_ex(hash, hashlen, &rng, &key, NULL, &s)
  11612. != ECC_BAD_ARG_E) {
  11613. sig = WOLFSSL_FATAL_ERROR;
  11614. }
  11615. if (sig == 0 && wc_ecc_sign_hash_ex(hash, hashlen, &rng, &key, &r, NULL)
  11616. != ECC_BAD_ARG_E) {
  11617. sig = WOLFSSL_FATAL_ERROR;
  11618. }
  11619. }
  11620. printf(resultFmt, sig == 0 ? passed : failed);
  11621. printf(testingFmt, "wc_ecc_verify_hash_ex()");
  11622. /* Test bad args. */
  11623. if (ret == 0) {
  11624. if (wc_ecc_verify_hash_ex(NULL, &s, shortHash, shortHashLen, &stat, &key)
  11625. == ECC_BAD_ARG_E) {
  11626. ver = 0;
  11627. }
  11628. if (ver == 0 && wc_ecc_verify_hash_ex(&r, NULL, shortHash, shortHashLen,
  11629. &stat, &key) != ECC_BAD_ARG_E) {
  11630. ver = WOLFSSL_FATAL_ERROR;
  11631. }
  11632. if (ver == 0 && wc_ecc_verify_hash_ex(&r, &s, NULL, shortHashLen, &stat,
  11633. &key) != ECC_BAD_ARG_E) {
  11634. ver = WOLFSSL_FATAL_ERROR;
  11635. }
  11636. if (ver == 0 && wc_ecc_verify_hash_ex(&r, &s, shortHash, shortHashLen,
  11637. NULL, &key) != ECC_BAD_ARG_E) {
  11638. ver = WOLFSSL_FATAL_ERROR;
  11639. }
  11640. if (ver == 0 && wc_ecc_verify_hash_ex(&r, &s, shortHash, shortHashLen,
  11641. &stat, NULL) != ECC_BAD_ARG_E) {
  11642. ver = WOLFSSL_FATAL_ERROR;
  11643. }
  11644. }
  11645. printf(resultFmt, ver == 0 ? passed : failed);
  11646. wc_ecc_free(&key);
  11647. mp_free(&r);
  11648. mp_free(&s);
  11649. if (wc_FreeRng(&rng)) {
  11650. return WOLFSSL_FATAL_ERROR;
  11651. }
  11652. if (ret == 0 && (sig != 0 || ver != 0)) {
  11653. ret = WOLFSSL_FATAL_ERROR;
  11654. }
  11655. #endif
  11656. return ret;
  11657. } /* END test_wc_ecc_verify_hash_ex */
  11658. /*
  11659. * Testing wc_ecc_mulmod()
  11660. */
  11661. static int test_wc_ecc_mulmod (void)
  11662. {
  11663. int ret = 0;
  11664. #if defined(HAVE_ECC)
  11665. ecc_key key1, key2, key3;
  11666. WC_RNG rng;
  11667. ret = wc_InitRng(&rng);
  11668. if (ret == 0) {
  11669. if (ret == 0) {
  11670. ret = wc_ecc_init(&key1);
  11671. }
  11672. if (ret == 0) {
  11673. ret = wc_ecc_init(&key2);
  11674. }
  11675. if (ret == 0) {
  11676. ret = wc_ecc_init(&key3);
  11677. }
  11678. if (ret == 0) {
  11679. ret = wc_ecc_make_key(&rng, KEY32, &key1);
  11680. }
  11681. }
  11682. if (ret == 0) {
  11683. ret = wc_ecc_import_raw_ex(&key2, key1.dp->Gx, key1.dp->Gy, key1.dp->Af,
  11684. ECC_SECP256R1);
  11685. if (ret == 0) {
  11686. ret = wc_ecc_import_raw_ex(&key3, key1.dp->Gx, key1.dp->Gy,
  11687. key1.dp->prime, ECC_SECP256R1);
  11688. }
  11689. }
  11690. printf(testingFmt, "wc_ecc_mulmod()");
  11691. if (ret == 0) {
  11692. ret = wc_ecc_mulmod(&key1.k, &key2.pubkey, &key3.pubkey, &key2.k,
  11693. &key3.k, 1);
  11694. }
  11695. /* Test bad args. */
  11696. if (ret == 0) {
  11697. ret = wc_ecc_mulmod(NULL, &key2.pubkey, &key3.pubkey, &key2.k,
  11698. &key3.k, 1);
  11699. if (ret == ECC_BAD_ARG_E) {
  11700. ret = wc_ecc_mulmod(&key1.k, NULL, &key3.pubkey, &key2.k,
  11701. &key3.k, 1);
  11702. }
  11703. if (ret == ECC_BAD_ARG_E) {
  11704. ret = wc_ecc_mulmod(&key1.k, &key2.pubkey, NULL, &key2.k,
  11705. &key3.k, 1);
  11706. }
  11707. if (ret == ECC_BAD_ARG_E) {
  11708. ret = wc_ecc_mulmod(&key1.k, &key2.pubkey, &key3.pubkey,
  11709. &key2.k, NULL, 1);
  11710. }
  11711. if (ret == ECC_BAD_ARG_E) {
  11712. ret = 0;
  11713. } else if (ret == 0) {
  11714. ret = WOLFSSL_FATAL_ERROR;
  11715. }
  11716. }
  11717. printf(resultFmt, ret == 0 ? passed : failed);
  11718. if (wc_FreeRng(&rng) && ret == 0) {
  11719. ret = WOLFSSL_FATAL_ERROR;
  11720. }
  11721. wc_ecc_free(&key1);
  11722. wc_ecc_free(&key2);
  11723. wc_ecc_free(&key3);
  11724. #endif
  11725. return ret;
  11726. } /* END test_wc_ecc_mulmod */
  11727. /*
  11728. * Testing wc_ecc_is_valid_idx()
  11729. */
  11730. static int test_wc_ecc_is_valid_idx (void)
  11731. {
  11732. int ret = 0;
  11733. #if defined(HAVE_ECC)
  11734. ecc_key key;
  11735. WC_RNG rng;
  11736. int iVal = -2;
  11737. int iVal2 = 3000;
  11738. ret = wc_InitRng(&rng);
  11739. if (ret == 0) {
  11740. ret = wc_ecc_init(&key);
  11741. if (ret == 0) {
  11742. ret = wc_ecc_make_key(&rng, 32, &key);
  11743. }
  11744. }
  11745. printf(testingFmt, "wc_ecc_is_valid_idx()");
  11746. if (ret == 0) {
  11747. ret = wc_ecc_is_valid_idx(key.idx);
  11748. if (ret == 1) {
  11749. ret = 0;
  11750. } else {
  11751. ret = WOLFSSL_FATAL_ERROR;
  11752. }
  11753. }
  11754. /* Test bad args. */
  11755. if (ret == 0) {
  11756. ret = wc_ecc_is_valid_idx(iVal); /* should return 0 */
  11757. if (ret == 0) {
  11758. ret = wc_ecc_is_valid_idx(iVal2);
  11759. }
  11760. if (ret != 0) {
  11761. ret = WOLFSSL_FATAL_ERROR;
  11762. }
  11763. }
  11764. printf(resultFmt, ret == 0 ? passed : failed);
  11765. if (wc_FreeRng(&rng) && ret == 0) {
  11766. ret = WOLFSSL_FATAL_ERROR;
  11767. }
  11768. wc_ecc_free(&key);
  11769. #endif
  11770. return ret;
  11771. } /* END test_wc_ecc_is_valid_idx */
  11772. /*
  11773. * Testing wc_PKCS7_Init()
  11774. */
  11775. static void test_wc_PKCS7_Init (void)
  11776. {
  11777. #if defined(HAVE_PKCS7)
  11778. PKCS7 pkcs7;
  11779. void* heap = NULL;
  11780. printf(testingFmt, "wc_PKCS7_Init()");
  11781. AssertIntEQ(wc_PKCS7_Init(&pkcs7, heap, devId), 0);
  11782. /* Pass in bad args. */
  11783. AssertIntEQ(wc_PKCS7_Init(NULL, heap, devId), BAD_FUNC_ARG);
  11784. printf(resultFmt, passed);
  11785. wc_PKCS7_Free(&pkcs7);
  11786. #endif
  11787. } /* END test-wc_PKCS7_Init */
  11788. /*
  11789. * Testing wc_PKCS7_InitWithCert()
  11790. */
  11791. static void test_wc_PKCS7_InitWithCert (void)
  11792. {
  11793. #if defined(HAVE_PKCS7)
  11794. PKCS7 pkcs7;
  11795. #ifndef NO_RSA
  11796. #if defined(USE_CERT_BUFFERS_2048)
  11797. unsigned char cert[sizeof_client_cert_der_2048];
  11798. int certSz = (int)sizeof(cert);
  11799. XMEMSET(cert, 0, certSz);
  11800. XMEMCPY(cert, client_cert_der_2048, sizeof_client_cert_der_2048);
  11801. #elif defined(USE_CERT_BUFFERS_1024)
  11802. unsigned char cert[sizeof_client_cert_der_1024];
  11803. int certSz = (int)sizeof(cert);
  11804. XMEMSET(cert, 0, certSz);
  11805. XMEMCPY(cert, client_cert_der_1024, sizeof_client_cert_der_1024);
  11806. #else
  11807. unsigned char cert[ONEK_BUF];
  11808. FILE* fp;
  11809. int certSz;
  11810. fp = fopen("./certs/1024/client-cert.der", "rb");
  11811. AssertNotNull(fp);
  11812. certSz = fread(cert, 1, sizeof_client_cert_der_1024, fp);
  11813. fclose(fp);
  11814. #endif
  11815. #elif defined(HAVE_ECC)
  11816. #if defined(USE_CERT_BUFFERS_256)
  11817. unsigned char cert[sizeof_cliecc_cert_der_256];
  11818. int certSz = (int)sizeof(cert);
  11819. XMEMSET(cert, 0, certSz);
  11820. XMEMCPY(cert, cliecc_cert_der_256, sizeof_cliecc_cert_der_256);
  11821. #else
  11822. unsigned char cert[ONEK_BUF];
  11823. FILE* fp;
  11824. int certSz;
  11825. fp = fopen("./certs/client-ecc-cert.der", "rb");
  11826. AssertNotNull(fp);
  11827. certSz = fread(cert, 1, sizeof_cliecc_cert_der_256, fp);
  11828. fclose(fp);
  11829. #endif
  11830. #else
  11831. #error PKCS7 requires ECC or RSA
  11832. #endif
  11833. printf(testingFmt, "wc_PKCS7_InitWithCert()");
  11834. /* If initialization is not successful, it's free'd in init func. */
  11835. AssertIntEQ(wc_PKCS7_InitWithCert(&pkcs7, (byte*)cert, (word32)certSz), 0);
  11836. wc_PKCS7_Free(&pkcs7);
  11837. /* Valid initialization usage. */
  11838. AssertIntEQ(wc_PKCS7_InitWithCert(&pkcs7, NULL, 0), 0);
  11839. /* Pass in bad args. No need free for null checks, free at end.*/
  11840. AssertIntEQ(wc_PKCS7_InitWithCert(NULL, (byte*)cert, (word32)certSz),
  11841. BAD_FUNC_ARG);
  11842. AssertIntEQ(wc_PKCS7_InitWithCert(&pkcs7, NULL, (word32)certSz),
  11843. BAD_FUNC_ARG);
  11844. printf(resultFmt, passed);
  11845. wc_PKCS7_Free(&pkcs7);
  11846. #endif
  11847. } /* END test_wc_PKCS7_InitWithCert */
  11848. /*
  11849. * Testing wc_PKCS7_EncodeData()
  11850. */
  11851. static void test_wc_PKCS7_EncodeData (void)
  11852. {
  11853. #if defined(HAVE_PKCS7)
  11854. PKCS7 pkcs7;
  11855. byte output[FOURK_BUF];
  11856. byte data[] = "My encoded DER cert.";
  11857. #ifndef NO_RSA
  11858. #if defined(USE_CERT_BUFFERS_2048)
  11859. unsigned char cert[sizeof_client_cert_der_2048];
  11860. unsigned char key[sizeof_client_key_der_2048];
  11861. int certSz = (int)sizeof(cert);
  11862. int keySz = (int)sizeof(key);
  11863. XMEMSET(cert, 0, certSz);
  11864. XMEMSET(key, 0, keySz);
  11865. XMEMCPY(cert, client_cert_der_2048, certSz);
  11866. XMEMCPY(key, client_key_der_2048, keySz);
  11867. #elif defined(USE_CERT_BUFFERS_1024)
  11868. unsigned char cert[sizeof_client_cert_der_1024];
  11869. unsigned char key[sizeof_client_key_der_1024];
  11870. int certSz = (int)sizeof(cert);
  11871. int keySz = (int)sizeof(key);
  11872. XMEMSET(cert, 0, certSz);
  11873. XMEMSET(key, 0, keySz);
  11874. XMEMCPY(cert, client_cert_der_1024, certSz);
  11875. XMEMCPY(key, client_key_der_1024, keySz);
  11876. #else
  11877. unsigned char cert[ONEK_BUF];
  11878. unsigned char key[ONEK_BUF];
  11879. FILE* fp;
  11880. int certSz;
  11881. int keySz;
  11882. fp = fopen("./certs/1024/client-cert.der", "rb");
  11883. AssertNotNull(fp);
  11884. certSz = fread(cert, 1, sizeof_client_cert_der_1024, fp);
  11885. fclose(fp);
  11886. fp = fopen("./certs/1024/client-key.der", "rb");
  11887. AssertNotNull(fp);
  11888. keySz = fread(key, 1, sizeof_client_key_der_1024, fp);
  11889. fclose(fp);
  11890. #endif
  11891. #elif defined(HAVE_ECC)
  11892. #if defined(USE_CERT_BUFFERS_256)
  11893. unsigned char cert[sizeof_cliecc_cert_der_256];
  11894. unsigned char key[sizeof_ecc_clikey_der_256];
  11895. int certSz = (int)sizeof(cert);
  11896. int keySz = (int)sizeof(key);
  11897. XMEMSET(cert, 0, certSz);
  11898. XMEMSET(key, 0, keySz);
  11899. XMEMCPY(cert, cliecc_cert_der_256, sizeof_cliecc_cert_der_256);
  11900. XMEMCPY(key, ecc_clikey_der_256, sizeof_ecc_clikey_der_256);
  11901. #else
  11902. unsigned char cert[ONEK_BUF];
  11903. unsigned char key[ONEK_BUF];
  11904. FILE* fp;
  11905. int certSz, keySz;
  11906. fp = fopen("./certs/client-ecc-cert.der", "rb");
  11907. AssertNotNull(fp);
  11908. certSz = fread(cert, 1, sizeof_cliecc_cert_der_256, fp);
  11909. fclose(fp);
  11910. fp = fopen("./certs/client-ecc-key.der", "rb");
  11911. AssertNotNull(fp);
  11912. keySz = fread(key, 1, sizeof_ecc_clikey_der_256, fp);
  11913. fclose(fp);
  11914. #endif
  11915. #endif
  11916. XMEMSET(output, 0, sizeof(output));
  11917. AssertIntEQ(wc_PKCS7_InitWithCert(&pkcs7, (byte*)cert, certSz), 0);
  11918. printf(testingFmt, "wc_PKCS7_EncodeData()");
  11919. pkcs7.content = data;
  11920. pkcs7.contentSz = sizeof(data);
  11921. pkcs7.privateKey = key;
  11922. pkcs7.privateKeySz = keySz;
  11923. AssertIntGT(wc_PKCS7_EncodeData(&pkcs7, output, (word32)sizeof(output)), 0);
  11924. /* Test bad args. */
  11925. AssertIntEQ(wc_PKCS7_EncodeData(NULL, output, (word32)sizeof(output)),
  11926. BAD_FUNC_ARG);
  11927. AssertIntEQ(wc_PKCS7_EncodeData(&pkcs7, NULL, (word32)sizeof(output)),
  11928. BAD_FUNC_ARG);
  11929. AssertIntEQ(wc_PKCS7_EncodeData(&pkcs7, output, 5), BUFFER_E);
  11930. printf(resultFmt, passed);
  11931. wc_PKCS7_Free(&pkcs7);
  11932. #endif
  11933. } /* END test_wc_PKCS7_EncodeData */
  11934. /*
  11935. * Testing wc_PKCS7_EncodeSignedData()
  11936. */
  11937. static void test_wc_PKCS7_EncodeSignedData (void)
  11938. {
  11939. #if defined(HAVE_PKCS7)
  11940. PKCS7 pkcs7;
  11941. WC_RNG rng;
  11942. byte output[FOURK_BUF];
  11943. byte badOut[0];
  11944. word32 outputSz = (word32)sizeof(output);
  11945. word32 badOutSz = (word32)sizeof(badOut);
  11946. byte data[] = "Test data to encode.";
  11947. #ifndef NO_RSA
  11948. #if defined(USE_CERT_BUFFERS_2048)
  11949. byte key[sizeof_client_key_der_2048];
  11950. byte cert[sizeof_client_cert_der_2048];
  11951. word32 keySz = (word32)sizeof(key);
  11952. word32 certSz = (word32)sizeof(cert);
  11953. XMEMSET(key, 0, keySz);
  11954. XMEMSET(cert, 0, certSz);
  11955. XMEMCPY(key, client_key_der_2048, keySz);
  11956. XMEMCPY(cert, client_cert_der_2048, certSz);
  11957. #elif defined(USE_CERT_BUFFERS_1024)
  11958. byte key[sizeof_client_key_der_1024];
  11959. byte cert[sizeof_client_cert_der_1024];
  11960. word32 keySz = (word32)sizeof(key);
  11961. word32 certSz = (word32)sizeof(cert);
  11962. XMEMSET(key, 0, keySz);
  11963. XMEMSET(cert, 0, certSz);
  11964. XMEMCPY(key, client_key_der_1024, keySz);
  11965. XMEMCPY(cert, client_cert_der_1024, certSz);
  11966. #else
  11967. unsigned char cert[ONEK_BUF];
  11968. unsigned char key[ONEK_BUF];
  11969. FILE* fp;
  11970. int certSz;
  11971. int keySz;
  11972. fp = fopen("./certs/1024/client-cert.der", "rb");
  11973. AssertNotNull(fp);
  11974. certSz = fread(cert, 1, sizeof_client_cert_der_1024, fp);
  11975. fclose(fp);
  11976. fp = fopen("./certs/1024/client-key.der", "rb");
  11977. AssertNotNull(fp);
  11978. keySz = fread(key, 1, sizeof_client_key_der_1024, fp);
  11979. fclose(fp);
  11980. #endif
  11981. #elif defined(HAVE_ECC)
  11982. #if defined(USE_CERT_BUFFERS_256)
  11983. unsigned char cert[sizeof_cliecc_cert_der_256];
  11984. unsigned char key[sizeof_ecc_clikey_der_256];
  11985. int certSz = (int)sizeof(cert);
  11986. int keySz = (int)sizeof(key);
  11987. XMEMSET(cert, 0, certSz);
  11988. XMEMSET(key, 0, keySz);
  11989. XMEMCPY(cert, cliecc_cert_der_256, sizeof_cliecc_cert_der_256);
  11990. XMEMCPY(key, ecc_clikey_der_256, sizeof_ecc_clikey_der_256);
  11991. #else
  11992. unsigned char cert[ONEK_BUF];
  11993. unsigned char key[ONEK_BUF];
  11994. FILE* fp;
  11995. int certSz, keySz;
  11996. fp = fopen("./certs/client-ecc-cert.der", "rb");
  11997. AssertNotNull(fp);
  11998. certSz = fread(cert, 1, sizeof_cliecc_cert_der_256, fp);
  11999. fclose(fp);
  12000. fp = fopen("./certs/client-ecc-key.der", "rb");
  12001. AssertNotNull(fp);
  12002. keySz = fread(key, 1, sizeof_ecc_clikey_der_256, fp);
  12003. fclose(fp);
  12004. #endif
  12005. #endif
  12006. XMEMSET(output, 0, outputSz);
  12007. AssertIntEQ(wc_InitRng(&rng), 0);
  12008. AssertIntEQ(wc_PKCS7_InitWithCert(&pkcs7, cert, certSz), 0);
  12009. printf(testingFmt, "wc_PKCS7_EncodeSignedData()");
  12010. pkcs7.content = data;
  12011. pkcs7.contentSz = (word32)sizeof(data);
  12012. pkcs7.privateKey = key;
  12013. pkcs7.privateKeySz = (word32)sizeof(key);
  12014. pkcs7.encryptOID = RSAk;
  12015. pkcs7.hashOID = SHAh;
  12016. pkcs7.rng = &rng;
  12017. AssertIntGT(wc_PKCS7_EncodeSignedData(&pkcs7, output, outputSz), 0);
  12018. wc_PKCS7_Free(&pkcs7);
  12019. AssertIntEQ(wc_PKCS7_InitWithCert(&pkcs7, NULL, 0), 0);
  12020. AssertIntEQ(wc_PKCS7_VerifySignedData(&pkcs7, output, outputSz), 0);
  12021. /* Pass in bad args. */
  12022. AssertIntEQ(wc_PKCS7_EncodeSignedData(NULL, output, outputSz), BAD_FUNC_ARG);
  12023. AssertIntEQ(wc_PKCS7_EncodeSignedData(&pkcs7, NULL, outputSz), BAD_FUNC_ARG);
  12024. AssertIntEQ(wc_PKCS7_EncodeSignedData(&pkcs7, badOut,
  12025. badOutSz), BAD_FUNC_ARG);
  12026. printf(resultFmt, passed);
  12027. wc_PKCS7_Free(&pkcs7);
  12028. wc_FreeRng(&rng);
  12029. #endif
  12030. } /* END test_wc_PKCS7_EncodeSignedData */
  12031. /*
  12032. * Testing wc_PKCS_VerifySignedData()
  12033. */
  12034. static void test_wc_PKCS7_VerifySignedData(void)
  12035. {
  12036. #if defined(HAVE_PKCS7)
  12037. PKCS7 pkcs7;
  12038. WC_RNG rng;
  12039. byte output[FOURK_BUF];
  12040. byte badOut[0];
  12041. word32 outputSz = (word32)sizeof(output);
  12042. word32 badOutSz = (word32)sizeof(badOut);
  12043. byte data[] = "Test data to encode.";
  12044. #ifndef NO_RSA
  12045. #if defined(USE_CERT_BUFFERS_2048)
  12046. byte key[sizeof_client_key_der_2048];
  12047. byte cert[sizeof_client_cert_der_2048];
  12048. word32 keySz = (word32)sizeof(key);
  12049. word32 certSz = (word32)sizeof(cert);
  12050. XMEMSET(key, 0, keySz);
  12051. XMEMSET(cert, 0, certSz);
  12052. XMEMCPY(key, client_key_der_2048, keySz);
  12053. XMEMCPY(cert, client_cert_der_2048, certSz);
  12054. #elif defined(USE_CERT_BUFFERS_1024)
  12055. byte key[sizeof_client_key_der_1024];
  12056. byte cert[sizeof_client_cert_der_1024];
  12057. word32 keySz = (word32)sizeof(key);
  12058. word32 certSz = (word32)sizeof(cert);
  12059. XMEMSET(key, 0, keySz);
  12060. XMEMSET(cert, 0, certSz);
  12061. XMEMCPY(key, client_key_der_1024, keySz);
  12062. XMEMCPY(cert, client_cert_der_1024, certSz);
  12063. #else
  12064. unsigned char cert[ONEK_BUF];
  12065. unsigned char key[ONEK_BUF];
  12066. FILE* fp;
  12067. int certSz;
  12068. int keySz;
  12069. fp = fopen("./certs/1024/client-cert.der", "rb");
  12070. AssertNotNull(fp);
  12071. certSz = fread(cert, 1, sizeof_client_cert_der_1024, fp);
  12072. fclose(fp);
  12073. fp = fopen("./certs/1024/client-key.der", "rb");
  12074. AssertNotNull(fp);
  12075. keySz = fread(key, 1, sizeof_client_key_der_1024, fp);
  12076. fclose(fp);
  12077. #endif
  12078. #elif defined(HAVE_ECC)
  12079. #if defined(USE_CERT_BUFFERS_256)
  12080. unsigned char cert[sizeof_cliecc_cert_der_256];
  12081. unsigned char key[sizeof_ecc_clikey_der_256];
  12082. int certSz = (int)sizeof(cert);
  12083. int keySz = (int)sizeof(key);
  12084. XMEMSET(cert, 0, certSz);
  12085. XMEMSET(key, 0, keySz);
  12086. XMEMCPY(cert, cliecc_cert_der_256, sizeof_cliecc_cert_der_256);
  12087. XMEMCPY(key, ecc_clikey_der_256, sizeof_ecc_clikey_der_256);
  12088. #else
  12089. unsigned char cert[ONEK_BUF];
  12090. unsigned char key[ONEK_BUF];
  12091. FILE* fp;
  12092. int certSz, keySz;
  12093. fp = fopen("./certs/client-ecc-cert.der", "rb");
  12094. AssertNotNull(fp);
  12095. certSz = fread(cert, 1, sizeof_cliecc_cert_der_256, fp);
  12096. fclose(fp);
  12097. fp = fopen("./certs/client-ecc-key.der", "rb");
  12098. AssertNotNull(fp);
  12099. keySz = fread(key, 1, sizeof_ecc_clikey_der_256, fp);
  12100. fclose(fp);
  12101. #endif
  12102. #endif
  12103. XMEMSET(output, 0, outputSz);
  12104. AssertIntEQ(wc_InitRng(&rng), 0);
  12105. AssertIntEQ(wc_PKCS7_InitWithCert(&pkcs7, cert, certSz), 0);
  12106. printf(testingFmt, "wc_PKCS7_VerifySignedData()");
  12107. pkcs7.content = data;
  12108. pkcs7.contentSz = (word32)sizeof(data);
  12109. pkcs7.privateKey = key;
  12110. pkcs7.privateKeySz = (word32)sizeof(key);
  12111. pkcs7.encryptOID = RSAk;
  12112. pkcs7.hashOID = SHAh;
  12113. pkcs7.rng = &rng;
  12114. AssertIntGT(wc_PKCS7_EncodeSignedData(&pkcs7, output, outputSz), 0);
  12115. wc_PKCS7_Free(&pkcs7);
  12116. AssertIntEQ(wc_PKCS7_InitWithCert(&pkcs7, NULL, 0), 0);
  12117. AssertIntEQ(wc_PKCS7_VerifySignedData(&pkcs7, output, outputSz), 0);
  12118. /* Test bad args. */
  12119. AssertIntEQ(wc_PKCS7_VerifySignedData(NULL, output, outputSz), BAD_FUNC_ARG);
  12120. AssertIntEQ(wc_PKCS7_VerifySignedData(&pkcs7, NULL, outputSz), BAD_FUNC_ARG);
  12121. AssertIntEQ(wc_PKCS7_VerifySignedData(&pkcs7, badOut,
  12122. badOutSz), BAD_FUNC_ARG);
  12123. printf(resultFmt, passed);
  12124. wc_PKCS7_Free(&pkcs7);
  12125. wc_FreeRng(&rng);
  12126. #endif
  12127. } /* END test_wc_PKCS7_VerifySignedData() */
  12128. /*
  12129. * Testing wc_PKCS7_EncodeEnvelopedData()
  12130. */
  12131. static void test_wc_PKCS7_EncodeDecodeEnvelopedData (void)
  12132. {
  12133. #if defined(HAVE_PKCS7)
  12134. PKCS7 pkcs7;
  12135. word32 tempWrd32 = 0;
  12136. byte* tmpBytePtr = NULL;
  12137. const char input[] = "Test data to encode.";
  12138. int i;
  12139. int testSz = 0;
  12140. #if !defined(NO_RSA) && (!defined(NO_AES) || (!defined(NO_SHA) ||\
  12141. !defined(NO_SHA256) || !defined(NO_SHA512)))
  12142. byte* rsaCert = NULL;
  12143. byte* rsaPrivKey = NULL;
  12144. word32 rsaCertSz;
  12145. word32 rsaPrivKeySz;
  12146. #if !defined(NO_FILESYSTEM) && (!defined(USE_CERT_BUFFERS_1024) && \
  12147. !defined(USE_CERT_BUFFERS_2048) )
  12148. static const char* rsaClientCert = "./certs/client-cert.der";
  12149. static const char* rsaClientKey = "./certs/client-key.der";
  12150. rsaCertSz = (word32)sizeof(rsaClientCert);
  12151. rsaPrivKeySz = (word32)sizeof(rsaClientKey);
  12152. #endif
  12153. #endif
  12154. #if defined(HAVE_ECC) && (!defined(NO_AES) || (!defined(NO_SHA) ||\
  12155. !defined(NO_SHA256) || !defined(NO_SHA512)))
  12156. byte* eccCert = NULL;
  12157. byte* eccPrivKey = NULL;
  12158. word32 eccCertSz;
  12159. word32 eccPrivKeySz;
  12160. #if !defined(NO_FILESYSTEM) && !defined(USE_CERT_BUFFERS_256)
  12161. static const char* eccClientCert = "./certs/client-ecc-cert.der";
  12162. static const char* eccClientKey = "./certs/ecc-client-key.der";
  12163. #endif
  12164. #endif
  12165. /* Generic buffer size. */
  12166. byte output[ONEK_BUF];
  12167. byte decoded[sizeof(input)/sizeof(char)];
  12168. int decodedSz = 0;
  12169. #ifndef NO_FILESYSTEM
  12170. FILE* certFile;
  12171. FILE* keyFile;
  12172. #endif
  12173. #if !defined(NO_RSA) && (!defined(NO_AES) || (!defined(NO_SHA) ||\
  12174. !defined(NO_SHA256) || !defined(NO_SHA512)))
  12175. /* RSA certs and keys. */
  12176. #if defined(USE_CERT_BUFFERS_1024)
  12177. /* Allocate buffer space. */
  12178. rsaCert = (byte*)XMALLOC(ONEK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
  12179. /* Init buffer. */
  12180. rsaCertSz = (word32)sizeof_client_cert_der_1024;
  12181. XMEMCPY(rsaCert, client_cert_der_1024, rsaCertSz);
  12182. rsaPrivKey = (byte*)XMALLOC(ONEK_BUF, HEAP_HINT,
  12183. DYNAMIC_TYPE_TMP_BUFFER);
  12184. rsaPrivKeySz = (word32)sizeof_client_key_der_1024;
  12185. XMEMCPY(rsaPrivKey, client_key_der_1024, rsaPrivKeySz);
  12186. #elif defined(USE_CERT_BUFFERS_2048)
  12187. /* Allocate buffer */
  12188. rsaCert = (byte*)XMALLOC(TWOK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
  12189. /* Init buffer. */
  12190. rsaCertSz = (word32)sizeof_client_cert_der_2048;
  12191. XMEMCPY(rsaCert, client_cert_der_2048, rsaCertSz);
  12192. rsaPrivKey = (byte*)XMALLOC(TWOK_BUF, HEAP_HINT,
  12193. DYNAMIC_TYPE_TMP_BUFFER);
  12194. rsaPrivKeySz = (word32)sizeof_client_key_der_2048;
  12195. XMEMCPY(rsaPrivKey, client_key_der_2048, rsaPrivKeySz);
  12196. #else
  12197. /* File system. */
  12198. certFile = fopen(rsaClientCert, "rb");
  12199. AssertNotNull(certFile);
  12200. rsaCertSz = (word32)FOURK_BUF;
  12201. rsaCert = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
  12202. rsaCertSz = (word32)fread(rsaCert, 1, rsaCertSz, certFile);
  12203. fclose(certFile);
  12204. keyFile = fopen(rsaClientKey, "rb");
  12205. AssertNotNull(keyFile);
  12206. rsaPrivKey = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
  12207. DYNAMIC_TYPE_TMP_BUFFER);
  12208. rsaPrivKeySz = (word32)FOURK_BUF;
  12209. rsaPrivKeySz = (word32)fread(rsaPrivKey, 1, rsaPrivKeySz, keyFile);
  12210. fclose(keyFile);
  12211. #endif /* USE_CERT_BUFFERS */
  12212. #endif /* NO_RSA */
  12213. /* ECC */
  12214. #if defined(HAVE_ECC) && (!defined(NO_AES) || (!defined(NO_SHA) ||\
  12215. !defined(NO_SHA256) || !defined(NO_SHA512)))
  12216. #ifdef USE_CERT_BUFFERS_256
  12217. eccCert = (byte*)XMALLOC(TWOK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
  12218. /* Init buffer. */
  12219. eccCertSz = (word32)sizeof_cliecc_cert_der_256;
  12220. XMEMCPY(eccCert, cliecc_cert_der_256, eccCertSz);
  12221. eccPrivKey = (byte*)XMALLOC(TWOK_BUF, HEAP_HINT,
  12222. DYNAMIC_TYPE_TMP_BUFFER);
  12223. eccPrivKeySz = (word32)sizeof_ecc_clikey_der_256;
  12224. XMEMCPY(eccPrivKey, ecc_clikey_der_256, eccPrivKeySz);
  12225. #else /* File system. */
  12226. certFile = fopen(eccClientCert, "rb");
  12227. AssertNotNull(certFile);
  12228. eccCertSz = (word32)FOURK_BUF;
  12229. eccCert = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
  12230. eccCertSz = (word32)fread(eccCert, 1, eccCertSz, certFile);
  12231. fclose(certFile);
  12232. keyFile = fopen(eccClientKey, "rb");
  12233. AssertNotNull(keyFile);
  12234. eccPrivKeySz = (word32)FOURK_BUF;
  12235. eccPrivKey = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
  12236. DYNAMIC_TYPE_TMP_BUFFER);
  12237. eccPrivKeySz = (word32)fread(eccPrivKey, 1, eccPrivKeySz, keyFile);
  12238. fclose(keyFile);
  12239. #endif /* USE_CERT_BUFFERS_256 */
  12240. #endif /* END HAVE_ECC */
  12241. /* Silence. */
  12242. (void)keyFile;
  12243. (void)certFile;
  12244. const pkcs7EnvelopedVector testVectors[] = {
  12245. /* DATA is a global variable defined in the makefile. */
  12246. #if !defined(NO_RSA)
  12247. #ifndef NO_DES3
  12248. {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, DES3b, 0, 0,
  12249. rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz},
  12250. #endif /* NO_DES3 */
  12251. #ifndef NO_AES
  12252. {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, AES128CBCb,
  12253. 0, 0, rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz},
  12254. {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, AES192CBCb,
  12255. 0, 0, rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz},
  12256. {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, AES256CBCb,
  12257. 0, 0, rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz},
  12258. #endif /* NO_AES */
  12259. #endif /* NO_RSA */
  12260. #if defined(HAVE_ECC)
  12261. #ifndef NO_AES
  12262. #ifndef NO_SHA
  12263. {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, AES128CBCb,
  12264. AES128_WRAP, dhSinglePass_stdDH_sha1kdf_scheme, eccCert,
  12265. eccCertSz, eccPrivKey, eccPrivKeySz},
  12266. #endif
  12267. #ifndef NO_SHA256
  12268. {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, AES256CBCb,
  12269. AES256_WRAP, dhSinglePass_stdDH_sha256kdf_scheme, eccCert,
  12270. eccCertSz, eccPrivKey, eccPrivKeySz},
  12271. #endif
  12272. #ifdef WOLFSSL_SHA512
  12273. {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, AES256CBCb,
  12274. AES256_WRAP, dhSinglePass_stdDH_sha512kdf_scheme, eccCert,
  12275. eccCertSz, eccPrivKey, eccPrivKeySz},
  12276. #endif
  12277. #endif /* NO_AES */
  12278. #endif /* END HAVE_ECC */
  12279. }; /* END pkcs7EnvelopedVector */
  12280. printf(testingFmt, "wc_PKCS7_EncodeEnvelopedData()");
  12281. testSz = (int)sizeof(testVectors)/(int)sizeof(pkcs7EnvelopedVector);
  12282. for (i = 0; i < testSz; i++) {
  12283. AssertIntEQ(wc_PKCS7_InitWithCert(&pkcs7, (testVectors + i)->cert,
  12284. (word32)(testVectors + i)->certSz), 0);
  12285. pkcs7.content = (byte*)(testVectors + i)->content;
  12286. pkcs7.contentSz = (testVectors + i)->contentSz;
  12287. pkcs7.contentOID = (testVectors + i)->contentOID;
  12288. pkcs7.encryptOID = (testVectors + i)->encryptOID;
  12289. pkcs7.keyWrapOID = (testVectors + i)->keyWrapOID;
  12290. pkcs7.keyAgreeOID = (testVectors + i)->keyAgreeOID;
  12291. pkcs7.privateKey = (testVectors + i)->privateKey;
  12292. pkcs7.privateKeySz = (testVectors + i)->privateKeySz;
  12293. AssertIntGE(wc_PKCS7_EncodeEnvelopedData(&pkcs7, output,
  12294. (word32)sizeof(output)), 0);
  12295. decodedSz = wc_PKCS7_DecodeEnvelopedData(&pkcs7, output,
  12296. (word32)sizeof(output), decoded, (word32)sizeof(decoded));
  12297. AssertIntGE(decodedSz, 0);
  12298. /* Verify the size of each buffer. */
  12299. AssertIntEQ((word32)sizeof(input)/sizeof(char), decodedSz);
  12300. /* Don't free the last time through the loop. */
  12301. if (i < testSz - 1 ){
  12302. wc_PKCS7_Free(&pkcs7);
  12303. }
  12304. } /* END test loop. */
  12305. /* Test bad args. */
  12306. AssertIntEQ(wc_PKCS7_EncodeEnvelopedData(NULL, output,
  12307. (word32)sizeof(output)), BAD_FUNC_ARG);
  12308. AssertIntEQ(wc_PKCS7_EncodeEnvelopedData(&pkcs7, NULL,
  12309. (word32)sizeof(output)), BAD_FUNC_ARG);
  12310. AssertIntEQ(wc_PKCS7_EncodeEnvelopedData(&pkcs7, output, 0), BAD_FUNC_ARG);
  12311. printf(resultFmt, passed);
  12312. /* Decode. */
  12313. printf(testingFmt, "wc_PKCS7_DecodeEnvelopedData()");
  12314. AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(NULL, output,
  12315. (word32)sizeof(output), decoded, (word32)sizeof(decoded)), BAD_FUNC_ARG);
  12316. AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(&pkcs7, output,
  12317. (word32)sizeof(output), NULL, (word32)sizeof(decoded)), BAD_FUNC_ARG);
  12318. AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(&pkcs7, output,
  12319. (word32)sizeof(output), decoded, 0), BAD_FUNC_ARG);
  12320. AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(&pkcs7, NULL,
  12321. (word32)sizeof(output), decoded, (word32)sizeof(decoded)), BAD_FUNC_ARG);
  12322. AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(&pkcs7, output, 0, decoded,
  12323. (word32)sizeof(decoded)), BAD_FUNC_ARG);
  12324. /* Should get a return of BAD_FUNC_ARG with structure data. Order matters.*/
  12325. tempWrd32 = pkcs7.singleCertSz;
  12326. pkcs7.singleCertSz = 0;
  12327. AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(&pkcs7, output,
  12328. (word32)sizeof(output), decoded, (word32)sizeof(decoded)), BAD_FUNC_ARG);
  12329. pkcs7.singleCertSz = tempWrd32;
  12330. tempWrd32 = pkcs7.privateKeySz;
  12331. pkcs7.privateKeySz = 0;
  12332. AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(&pkcs7, output,
  12333. (word32)sizeof(output), decoded, (word32)sizeof(decoded)), BAD_FUNC_ARG);
  12334. pkcs7.privateKeySz = tempWrd32;
  12335. tmpBytePtr = pkcs7.singleCert;
  12336. pkcs7.singleCert = NULL;
  12337. AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(&pkcs7, output,
  12338. (word32)sizeof(output), decoded, (word32)sizeof(decoded)), BAD_FUNC_ARG);
  12339. pkcs7.singleCert = tmpBytePtr;
  12340. tmpBytePtr = pkcs7.privateKey;
  12341. pkcs7.privateKey = NULL;
  12342. AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(&pkcs7, output,
  12343. (word32)sizeof(output), decoded, (word32)sizeof(decoded)), BAD_FUNC_ARG);
  12344. pkcs7.privateKey = tmpBytePtr;
  12345. printf(resultFmt, passed);
  12346. wc_PKCS7_Free(&pkcs7);
  12347. #ifndef NO_RSA
  12348. if (rsaCert) {
  12349. XFREE(rsaCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
  12350. }
  12351. if (rsaPrivKey) {
  12352. XFREE(rsaPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
  12353. }
  12354. #endif /*NO_RSA */
  12355. #ifdef HAVE_ECC
  12356. if (eccCert) {
  12357. XFREE(eccCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
  12358. }
  12359. if (eccPrivKey) {
  12360. XFREE(eccPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
  12361. }
  12362. #endif /* HAVE_ECC */
  12363. #endif /* HAVE_PKCS7 */
  12364. } /* END test_wc_PKCS7_EncodeEnvelopedData() */
  12365. /*
  12366. * Testing wc_PKCS7_EncodeEncryptedData()
  12367. */
  12368. static void test_wc_PKCS7_EncodeEncryptedData (void)
  12369. {
  12370. #if defined(HAVE_PKCS7) && !defined(NO_PKCS7_ENCRYPTED_DATA)
  12371. PKCS7 pkcs7;
  12372. byte* tmpBytePtr = NULL;
  12373. byte encrypted[TWOK_BUF];
  12374. byte decoded[TWOK_BUF];
  12375. word32 tmpWrd32 = 0;
  12376. int tmpInt = 0;
  12377. int decodedSz;
  12378. int encryptedSz;
  12379. int testSz;
  12380. int i;
  12381. const byte data[] = { /* Hello World */
  12382. 0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f,
  12383. 0x72,0x6c,0x64
  12384. };
  12385. #ifndef NO_DES3
  12386. byte desKey[] = {
  12387. 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef
  12388. };
  12389. byte des3Key[] = {
  12390. 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
  12391. 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
  12392. 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
  12393. };
  12394. #endif
  12395. #ifndef NO_AES
  12396. byte aes128Key[] = {
  12397. 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
  12398. 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08
  12399. };
  12400. byte aes192Key[] = {
  12401. 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
  12402. 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
  12403. 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08
  12404. };
  12405. byte aes256Key[] = {
  12406. 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
  12407. 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
  12408. 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
  12409. 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08
  12410. };
  12411. #endif
  12412. const pkcs7EncryptedVector testVectors[] =
  12413. {
  12414. #ifndef NO_DES3
  12415. {data, (word32)sizeof(data), DATA, DES3b, des3Key, sizeof(des3Key)},
  12416. {data, (word32)sizeof(data), DATA, DESb, desKey, sizeof(desKey)},
  12417. #endif /* NO_DES3 */
  12418. #ifndef NO_AES
  12419. {data, (word32)sizeof(data), DATA, AES128CBCb, aes128Key,
  12420. sizeof(aes128Key)},
  12421. {data, (word32)sizeof(data), DATA, AES192CBCb, aes192Key,
  12422. sizeof(aes192Key)},
  12423. {data, (word32)sizeof(data), DATA, AES256CBCb, aes256Key,
  12424. sizeof(aes256Key)},
  12425. #endif /* NO_AES */
  12426. };
  12427. testSz = sizeof(testVectors) / sizeof(pkcs7EncryptedVector);
  12428. for (i = 0; i < testSz; i++) {
  12429. AssertIntEQ(wc_PKCS7_Init(&pkcs7, HEAP_HINT, devId), 0);
  12430. pkcs7.content = (byte*)testVectors[i].content;
  12431. pkcs7.contentSz = testVectors[i].contentSz;
  12432. pkcs7.contentOID = testVectors[i].contentOID;
  12433. pkcs7.encryptOID = testVectors[i].encryptOID;
  12434. pkcs7.encryptionKey = testVectors[i].encryptionKey;
  12435. pkcs7.encryptionKeySz = testVectors[i].encryptionKeySz;
  12436. pkcs7.heap = HEAP_HINT;
  12437. /* encode encryptedData */
  12438. encryptedSz = wc_PKCS7_EncodeEncryptedData(&pkcs7, encrypted,
  12439. sizeof(encrypted));
  12440. AssertIntGT(encryptedSz, 0);
  12441. /* Decode encryptedData */
  12442. decodedSz = wc_PKCS7_DecodeEncryptedData(&pkcs7, encrypted, encryptedSz,
  12443. decoded, sizeof(decoded));
  12444. AssertIntEQ(XMEMCMP(decoded, data, decodedSz), 0);
  12445. /* Keep values for last itr. */
  12446. if (i < testSz - 1) {
  12447. wc_PKCS7_Free(&pkcs7);
  12448. }
  12449. }
  12450. printf(testingFmt, "wc_PKCS7_EncodeEncryptedData()");
  12451. AssertIntEQ(wc_PKCS7_EncodeEncryptedData(NULL, encrypted,
  12452. sizeof(encrypted)),BAD_FUNC_ARG);
  12453. AssertIntEQ(wc_PKCS7_EncodeEncryptedData(&pkcs7, NULL,
  12454. sizeof(encrypted)), BAD_FUNC_ARG);
  12455. AssertIntEQ(wc_PKCS7_EncodeEncryptedData(&pkcs7, encrypted,
  12456. 0), BAD_FUNC_ARG);
  12457. /* Testing the struct. */
  12458. tmpBytePtr = pkcs7.content;
  12459. pkcs7.content = NULL;
  12460. AssertIntEQ(wc_PKCS7_EncodeEncryptedData(&pkcs7, encrypted,
  12461. sizeof(encrypted)), BAD_FUNC_ARG);
  12462. pkcs7.content = tmpBytePtr;
  12463. tmpWrd32 = pkcs7.contentSz;
  12464. pkcs7.contentSz = 0;
  12465. AssertIntEQ(wc_PKCS7_EncodeEncryptedData(&pkcs7, encrypted,
  12466. sizeof(encrypted)), BAD_FUNC_ARG);
  12467. pkcs7.contentSz = tmpWrd32;
  12468. tmpInt = pkcs7.encryptOID;
  12469. pkcs7.encryptOID = 0;
  12470. AssertIntEQ(wc_PKCS7_EncodeEncryptedData(&pkcs7, encrypted,
  12471. sizeof(encrypted)), BAD_FUNC_ARG);
  12472. pkcs7.encryptOID = tmpInt;
  12473. tmpBytePtr = pkcs7.encryptionKey;
  12474. pkcs7.encryptionKey = NULL;
  12475. AssertIntEQ(wc_PKCS7_EncodeEncryptedData(&pkcs7, encrypted,
  12476. sizeof(encrypted)), BAD_FUNC_ARG);
  12477. pkcs7.encryptionKey = tmpBytePtr;
  12478. tmpWrd32 = pkcs7.encryptionKeySz;
  12479. pkcs7.encryptionKeySz = 0;
  12480. AssertIntEQ(wc_PKCS7_EncodeEncryptedData(&pkcs7, encrypted,
  12481. sizeof(encrypted)), BAD_FUNC_ARG);
  12482. pkcs7.encryptionKeySz = tmpWrd32;
  12483. printf(resultFmt, passed);
  12484. printf(testingFmt, "wc_PKCS7_EncodeEncryptedData()");
  12485. AssertIntEQ(wc_PKCS7_DecodeEncryptedData(NULL, encrypted, encryptedSz,
  12486. decoded, sizeof(decoded)), BAD_FUNC_ARG);
  12487. AssertIntEQ(wc_PKCS7_DecodeEncryptedData(&pkcs7, NULL, encryptedSz,
  12488. decoded, sizeof(decoded)), BAD_FUNC_ARG);
  12489. AssertIntEQ(wc_PKCS7_DecodeEncryptedData(&pkcs7, encrypted, 0,
  12490. decoded, sizeof(decoded)), BAD_FUNC_ARG);
  12491. AssertIntEQ(wc_PKCS7_DecodeEncryptedData(&pkcs7, encrypted, encryptedSz,
  12492. NULL, sizeof(decoded)), BAD_FUNC_ARG);
  12493. AssertIntEQ(wc_PKCS7_DecodeEncryptedData(&pkcs7, encrypted, encryptedSz,
  12494. decoded, 0), BAD_FUNC_ARG);
  12495. /* Test struct fields */
  12496. tmpBytePtr = pkcs7.encryptionKey;
  12497. pkcs7.encryptionKey = NULL;
  12498. AssertIntEQ(wc_PKCS7_DecodeEncryptedData(&pkcs7, encrypted, encryptedSz,
  12499. decoded, sizeof(decoded)), BAD_FUNC_ARG);
  12500. pkcs7.encryptionKey = tmpBytePtr;
  12501. pkcs7.encryptionKeySz = 0;
  12502. AssertIntEQ(wc_PKCS7_DecodeEncryptedData(&pkcs7, encrypted, encryptedSz,
  12503. decoded, sizeof(decoded)), BAD_FUNC_ARG);
  12504. printf(resultFmt, passed);
  12505. wc_PKCS7_Free(&pkcs7);
  12506. #endif
  12507. } /* END test_wc_PKCS7_EncodeEncryptedData() */
  12508. /*----------------------------------------------------------------------------*
  12509. | Compatibility Tests
  12510. *----------------------------------------------------------------------------*/
  12511. static void test_wolfSSL_X509_NAME(void)
  12512. {
  12513. #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) \
  12514. && !defined(NO_RSA) && defined(WOLFSSL_CERT_GEN)
  12515. X509* x509;
  12516. const unsigned char* c;
  12517. unsigned char buf[4096];
  12518. int bytes;
  12519. FILE* f;
  12520. const X509_NAME* a;
  12521. const X509_NAME* b;
  12522. int sz;
  12523. unsigned char* tmp;
  12524. char file[] = "./certs/ca-cert.der";
  12525. printf(testingFmt, "wolfSSL_X509_NAME()");
  12526. /* test compile of depricated function, returns 0 */
  12527. AssertIntEQ(CRYPTO_thread_id(), 0);
  12528. AssertNotNull(a = X509_NAME_new());
  12529. X509_NAME_free((X509_NAME*)a);
  12530. f = fopen(file, "rb");
  12531. AssertNotNull(f);
  12532. bytes = (int)fread(buf, 1, sizeof(buf), f);
  12533. fclose(f);
  12534. c = buf;
  12535. AssertNotNull(x509 = wolfSSL_X509_load_certificate_buffer(c, bytes,
  12536. SSL_FILETYPE_ASN1));
  12537. /* test cmp function */
  12538. AssertNotNull(a = X509_get_issuer_name(x509));
  12539. AssertNotNull(b = X509_get_subject_name(x509));
  12540. AssertIntEQ(X509_NAME_cmp(a, b), 0); /* self signed should be 0 */
  12541. tmp = buf;
  12542. AssertIntGT((sz = i2d_X509_NAME((X509_NAME*)a, &tmp)), 0);
  12543. if (tmp == buf) {
  12544. printf("\nERROR - %s line %d failed with:", __FILE__, __LINE__); \
  12545. printf(" Expected pointer to be incremented\n");
  12546. abort();
  12547. }
  12548. /* retry but with the function creating a buffer */
  12549. tmp = NULL;
  12550. AssertIntGT((sz = i2d_X509_NAME((X509_NAME*)b, &tmp)), 0);
  12551. XFREE(tmp, NULL, DYNAMIC_TYPE_OPENSSL);
  12552. X509_free(x509);
  12553. printf(resultFmt, passed);
  12554. #endif /* defined(OPENSSL_EXTRA) && !defined(NO_DES3) */
  12555. }
  12556. static void test_wolfSSL_DES(void)
  12557. {
  12558. #if defined(OPENSSL_EXTRA) && !defined(NO_DES3)
  12559. const_DES_cblock myDes;
  12560. DES_cblock iv;
  12561. DES_key_schedule key;
  12562. word32 i;
  12563. DES_LONG dl;
  12564. unsigned char msg[] = "hello wolfssl";
  12565. printf(testingFmt, "wolfSSL_DES()");
  12566. DES_check_key(1);
  12567. DES_set_key(&myDes, &key);
  12568. /* check, check of odd parity */
  12569. XMEMSET(myDes, 4, sizeof(const_DES_cblock)); myDes[0] = 6; /*set even parity*/
  12570. XMEMSET(key, 5, sizeof(DES_key_schedule));
  12571. AssertIntEQ(DES_set_key_checked(&myDes, &key), -1);
  12572. AssertIntNE(key[0], myDes[0]); /* should not have copied over key */
  12573. /* set odd parity for success case */
  12574. DES_set_odd_parity(&myDes);
  12575. printf("%02x %02x %02x %02x", myDes[0], myDes[1], myDes[2], myDes[3]);
  12576. AssertIntEQ(DES_set_key_checked(&myDes, &key), 0);
  12577. for (i = 0; i < sizeof(DES_key_schedule); i++) {
  12578. AssertIntEQ(key[i], myDes[i]);
  12579. }
  12580. AssertIntEQ(DES_is_weak_key(&myDes), 0);
  12581. /* check weak key */
  12582. XMEMSET(myDes, 1, sizeof(const_DES_cblock));
  12583. XMEMSET(key, 5, sizeof(DES_key_schedule));
  12584. AssertIntEQ(DES_set_key_checked(&myDes, &key), -2);
  12585. AssertIntNE(key[0], myDes[0]); /* should not have copied over key */
  12586. /* now do unchecked copy of a weak key over */
  12587. DES_set_key_unchecked(&myDes, &key);
  12588. /* compare arrays, should be the same */
  12589. for (i = 0; i < sizeof(DES_key_schedule); i++) {
  12590. AssertIntEQ(key[i], myDes[i]);
  12591. }
  12592. AssertIntEQ(DES_is_weak_key(&myDes), 1);
  12593. /* check DES_key_sched API */
  12594. XMEMSET(key, 1, sizeof(DES_key_schedule));
  12595. AssertIntEQ(DES_key_sched(&myDes, NULL), 0);
  12596. AssertIntEQ(DES_key_sched(NULL, &key), 0);
  12597. AssertIntEQ(DES_key_sched(&myDes, &key), 0);
  12598. /* compare arrays, should be the same */
  12599. for (i = 0; i < sizeof(DES_key_schedule); i++) {
  12600. AssertIntEQ(key[i], myDes[i]);
  12601. }
  12602. /* DES_cbc_cksum should return the last 4 of the last 8 bytes after
  12603. * DES_cbc_encrypt on the input */
  12604. XMEMSET(iv, 0, sizeof(DES_cblock));
  12605. XMEMSET(myDes, 5, sizeof(DES_key_schedule));
  12606. AssertIntGT((dl = DES_cbc_cksum(msg, &key, sizeof(msg), &myDes, &iv)), 0);
  12607. AssertIntEQ(dl, 480052723);
  12608. printf(resultFmt, passed);
  12609. #endif /* defined(OPENSSL_EXTRA) && !defined(NO_DES3) */
  12610. }
  12611. static void test_wolfSSL_certs(void)
  12612. {
  12613. #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
  12614. !defined(NO_FILESYSTEM) && !defined(NO_RSA)
  12615. X509* x509;
  12616. WOLFSSL* ssl;
  12617. WOLFSSL_CTX* ctx;
  12618. WOLF_STACK_OF(ASN1_OBJECT)* sk;
  12619. int crit;
  12620. printf(testingFmt, "wolfSSL_certs()");
  12621. AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
  12622. AssertTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile, SSL_FILETYPE_PEM));
  12623. AssertTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM));
  12624. #ifndef HAVE_USER_RSA
  12625. AssertTrue(SSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, SSL_FILETYPE_PEM));
  12626. AssertIntEQ(SSL_CTX_check_private_key(ctx), SSL_FAILURE);
  12627. AssertTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM));
  12628. AssertIntEQ(SSL_CTX_check_private_key(ctx), SSL_SUCCESS);
  12629. #endif
  12630. AssertNotNull(ssl = SSL_new(ctx));
  12631. AssertIntEQ(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS);
  12632. #ifdef HAVE_PK_CALLBACKS
  12633. AssertIntEQ((int)SSL_set_tlsext_debug_arg(ssl, NULL), WOLFSSL_SUCCESS);
  12634. #endif /* HAVE_PK_CALLBACKS */
  12635. /* create and use x509 */
  12636. x509 = wolfSSL_X509_load_certificate_file(cliCertFile, WOLFSSL_FILETYPE_PEM);
  12637. AssertNotNull(x509);
  12638. AssertIntEQ(SSL_use_certificate(ssl, x509), WOLFSSL_SUCCESS);
  12639. #ifndef HAVE_USER_RSA
  12640. /* with loading in a new cert the check on private key should now fail */
  12641. AssertIntNE(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS);
  12642. #endif
  12643. #if defined(USE_CERT_BUFFERS_2048)
  12644. AssertIntEQ(SSL_use_certificate_ASN1(ssl,
  12645. (unsigned char*)server_cert_der_2048,
  12646. sizeof_server_cert_der_2048), WOLFSSL_SUCCESS);
  12647. #endif
  12648. #if !defined(NO_SHA) && !defined(NO_SHA256)
  12649. /************* Get Digest of Certificate ******************/
  12650. {
  12651. byte digest[64]; /* max digest size */
  12652. word32 digestSz;
  12653. XMEMSET(digest, 0, sizeof(digest));
  12654. AssertIntEQ(X509_digest(x509, wolfSSL_EVP_sha1(), digest, &digestSz),
  12655. WOLFSSL_SUCCESS);
  12656. AssertIntEQ(X509_digest(x509, wolfSSL_EVP_sha256(), digest, &digestSz),
  12657. WOLFSSL_SUCCESS);
  12658. AssertIntEQ(X509_digest(NULL, wolfSSL_EVP_sha1(), digest, &digestSz),
  12659. WOLFSSL_FAILURE);
  12660. }
  12661. #endif /* !NO_SHA && !NO_SHA256*/
  12662. /* test and checkout X509 extensions */
  12663. sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_basic_constraints,
  12664. &crit, NULL);
  12665. AssertNotNull(sk);
  12666. AssertIntEQ(crit, 0);
  12667. wolfSSL_sk_ASN1_OBJECT_free(sk);
  12668. sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_key_usage,
  12669. &crit, NULL);
  12670. /* AssertNotNull(sk); NID not yet supported */
  12671. AssertIntEQ(crit, -1);
  12672. wolfSSL_sk_ASN1_OBJECT_free(sk);
  12673. sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_ext_key_usage,
  12674. &crit, NULL);
  12675. /* AssertNotNull(sk); no extension set */
  12676. wolfSSL_sk_ASN1_OBJECT_free(sk);
  12677. sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509,
  12678. NID_authority_key_identifier, &crit, NULL);
  12679. AssertNotNull(sk);
  12680. wolfSSL_sk_ASN1_OBJECT_free(sk);
  12681. sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509,
  12682. NID_private_key_usage_period, &crit, NULL);
  12683. /* AssertNotNull(sk); NID not yet supported */
  12684. AssertIntEQ(crit, -1);
  12685. wolfSSL_sk_ASN1_OBJECT_free(sk);
  12686. sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_subject_alt_name,
  12687. &crit, NULL);
  12688. /* AssertNotNull(sk); no alt names set */
  12689. wolfSSL_sk_ASN1_OBJECT_free(sk);
  12690. sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_issuer_alt_name,
  12691. &crit, NULL);
  12692. /* AssertNotNull(sk); NID not yet supported */
  12693. AssertIntEQ(crit, -1);
  12694. wolfSSL_sk_ASN1_OBJECT_free(sk);
  12695. sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_info_access, &crit,
  12696. NULL);
  12697. /* AssertNotNull(sk); no auth info set */
  12698. wolfSSL_sk_ASN1_OBJECT_free(sk);
  12699. sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_sinfo_access,
  12700. &crit, NULL);
  12701. /* AssertNotNull(sk); NID not yet supported */
  12702. AssertIntEQ(crit, -1);
  12703. wolfSSL_sk_ASN1_OBJECT_free(sk);
  12704. sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_name_constraints,
  12705. &crit, NULL);
  12706. /* AssertNotNull(sk); NID not yet supported */
  12707. AssertIntEQ(crit, -1);
  12708. wolfSSL_sk_ASN1_OBJECT_free(sk);
  12709. sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509,
  12710. NID_certificate_policies, &crit, NULL);
  12711. #if !defined(WOLFSSL_SEP) && !defined(WOLFSSL_CERT_EXT)
  12712. AssertNull(sk);
  12713. #else
  12714. /* AssertNotNull(sk); no cert policy set */
  12715. #endif
  12716. wolfSSL_sk_ASN1_OBJECT_free(sk);
  12717. sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_policy_mappings,
  12718. &crit, NULL);
  12719. /* AssertNotNull(sk); NID not yet supported */
  12720. AssertIntEQ(crit, -1);
  12721. wolfSSL_sk_ASN1_OBJECT_free(sk);
  12722. sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_policy_constraints,
  12723. &crit, NULL);
  12724. /* AssertNotNull(sk); NID not yet supported */
  12725. AssertIntEQ(crit, -1);
  12726. wolfSSL_sk_ASN1_OBJECT_free(sk);
  12727. sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_inhibit_any_policy,
  12728. &crit, NULL);
  12729. /* AssertNotNull(sk); NID not yet supported */
  12730. AssertIntEQ(crit, -1);
  12731. wolfSSL_sk_ASN1_OBJECT_free(sk);
  12732. sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_tlsfeature, &crit,
  12733. NULL);
  12734. /* AssertNotNull(sk); NID not yet supported */
  12735. AssertIntEQ(crit, -1);
  12736. wolfSSL_sk_ASN1_OBJECT_free(sk);
  12737. /* test invalid cases */
  12738. crit = 0;
  12739. sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, -1, &crit, NULL);
  12740. AssertNull(sk);
  12741. AssertIntEQ(crit, -1);
  12742. sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(NULL, NID_tlsfeature,
  12743. NULL, NULL);
  12744. AssertNull(sk);
  12745. AssertIntEQ(SSL_get_hit(ssl), 0);
  12746. X509_free(x509);
  12747. SSL_free(ssl);
  12748. SSL_CTX_free(ctx);
  12749. printf(resultFmt, passed);
  12750. #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */
  12751. }
  12752. static void test_wolfSSL_ASN1_TIME_print()
  12753. {
  12754. #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA) \
  12755. && (defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) || \
  12756. defined(WOLFSSL_HAPROXY)) && defined(USE_CERT_BUFFERS_2048)
  12757. BIO* bio;
  12758. X509* x509;
  12759. const unsigned char* der = client_cert_der_2048;
  12760. ASN1_TIME* t;
  12761. unsigned char buf[25];
  12762. printf(testingFmt, "wolfSSL_ASN1_TIME_print()");
  12763. AssertNotNull(bio = BIO_new(BIO_s_mem()));
  12764. AssertNotNull(x509 = wolfSSL_X509_load_certificate_buffer(der,
  12765. sizeof_client_cert_der_2048, WOLFSSL_FILETYPE_ASN1));
  12766. AssertIntEQ(ASN1_TIME_print(bio, X509_get_notBefore(x509)), 1);
  12767. AssertIntEQ(BIO_read(bio, buf, sizeof(buf)), 24);
  12768. AssertIntEQ(XMEMCMP(buf, "Aug 11 20:07:37 2016 GMT", sizeof(buf) - 1), 0);
  12769. /* create a bad time and test results */
  12770. AssertNotNull(t = X509_get_notAfter(x509));
  12771. t->data[10] = 0;
  12772. t->data[5] = 0;
  12773. AssertIntNE(ASN1_TIME_print(bio, t), 1);
  12774. AssertIntEQ(BIO_read(bio, buf, sizeof(buf)), 14);
  12775. AssertIntEQ(XMEMCMP(buf, "Bad time value", 14), 0);
  12776. BIO_free(bio);
  12777. X509_free(x509);
  12778. printf(resultFmt, passed);
  12779. #endif
  12780. }
  12781. static void test_wolfSSL_private_keys(void)
  12782. {
  12783. #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
  12784. !defined(NO_FILESYSTEM)
  12785. WOLFSSL* ssl;
  12786. WOLFSSL_CTX* ctx;
  12787. EVP_PKEY* pkey = NULL;
  12788. printf(testingFmt, "wolfSSL_private_keys()");
  12789. OpenSSL_add_all_digests();
  12790. OpenSSL_add_all_algorithms();
  12791. #ifndef NO_RSA
  12792. AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
  12793. AssertTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM));
  12794. AssertTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM));
  12795. AssertNotNull(ssl = SSL_new(ctx));
  12796. AssertIntEQ(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS);
  12797. #ifdef USE_CERT_BUFFERS_2048
  12798. {
  12799. const unsigned char* server_key = (const unsigned char*)server_key_der_2048;
  12800. unsigned char buf[FOURK_BUF];
  12801. word32 bufSz;
  12802. AssertIntEQ(SSL_use_RSAPrivateKey_ASN1(ssl,
  12803. (unsigned char*)client_key_der_2048,
  12804. sizeof_client_key_der_2048), WOLFSSL_SUCCESS);
  12805. #ifndef HAVE_USER_RSA
  12806. /* Should missmatch now that a different private key loaded */
  12807. AssertIntNE(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS);
  12808. #endif
  12809. AssertIntEQ(SSL_use_PrivateKey_ASN1(0, ssl,
  12810. (unsigned char*)server_key,
  12811. sizeof_server_key_der_2048), WOLFSSL_SUCCESS);
  12812. /* After loading back in DER format of original key, should match */
  12813. AssertIntEQ(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS);
  12814. /* pkey not set yet, expecting to fail */
  12815. AssertIntEQ(SSL_use_PrivateKey(ssl, pkey), WOLFSSL_FAILURE);
  12816. /* set PKEY and test again */
  12817. AssertNotNull(wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, &pkey,
  12818. &server_key, (long)sizeof_server_key_der_2048));
  12819. AssertIntEQ(SSL_use_PrivateKey(ssl, pkey), WOLFSSL_SUCCESS);
  12820. /* reuse PKEY structure and test
  12821. * this should be checked with a memory management sanity checker */
  12822. AssertFalse(server_key == (const unsigned char*)server_key_der_2048);
  12823. server_key = (const unsigned char*)server_key_der_2048;
  12824. AssertNotNull(wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, &pkey,
  12825. &server_key, (long)sizeof_server_key_der_2048));
  12826. AssertIntEQ(SSL_use_PrivateKey(ssl, pkey), WOLFSSL_SUCCESS);
  12827. /* check striping PKCS8 header with wolfSSL_d2i_PrivateKey */
  12828. bufSz = FOURK_BUF;
  12829. AssertIntGT((bufSz = wc_CreatePKCS8Key(buf, &bufSz,
  12830. (byte*)server_key_der_2048, sizeof_server_key_der_2048,
  12831. RSAk, NULL, 0)), 0);
  12832. server_key = (const unsigned char*)buf;
  12833. AssertNotNull(wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, &pkey, &server_key,
  12834. (long)bufSz));
  12835. }
  12836. #endif
  12837. EVP_PKEY_free(pkey);
  12838. SSL_free(ssl); /* frees x509 also since loaded into ssl */
  12839. SSL_CTX_free(ctx);
  12840. #endif /* end of RSA private key match tests */
  12841. #ifdef HAVE_ECC
  12842. AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
  12843. AssertTrue(SSL_CTX_use_certificate_file(ctx, eccCertFile,
  12844. WOLFSSL_FILETYPE_PEM));
  12845. AssertTrue(SSL_CTX_use_PrivateKey_file(ctx, eccKeyFile,
  12846. WOLFSSL_FILETYPE_PEM));
  12847. AssertNotNull(ssl = SSL_new(ctx));
  12848. AssertIntEQ(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS);
  12849. SSL_free(ssl);
  12850. AssertTrue(SSL_CTX_use_PrivateKey_file(ctx, cliEccKeyFile,
  12851. WOLFSSL_FILETYPE_PEM));
  12852. AssertNotNull(ssl = SSL_new(ctx));
  12853. AssertIntNE(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS);
  12854. SSL_free(ssl);
  12855. SSL_CTX_free(ctx);
  12856. #endif /* end of ECC private key match tests */
  12857. /* test existence of no-op macros in wolfssl/openssl/ssl.h */
  12858. CONF_modules_free();
  12859. ENGINE_cleanup();
  12860. CONF_modules_unload();
  12861. (void)ssl;
  12862. (void)ctx;
  12863. (void)pkey;
  12864. printf(resultFmt, passed);
  12865. #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */
  12866. }
  12867. static void test_wolfSSL_PEM_PrivateKey(void)
  12868. {
  12869. #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
  12870. !defined(NO_FILESYSTEM) && !defined(NO_RSA) && \
  12871. (defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN)) && \
  12872. defined(USE_CERT_BUFFERS_2048)
  12873. const unsigned char* server_key = (const unsigned char*)server_key_der_2048;
  12874. EVP_PKEY* pkey = NULL;
  12875. EVP_PKEY* pkey2 = NULL;
  12876. BIO* bio;
  12877. unsigned char extra[10];
  12878. int i;
  12879. printf(testingFmt, "wolfSSL_PEM_PrivateKey()");
  12880. XMEMSET(extra, 0, sizeof(extra));
  12881. AssertNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
  12882. AssertIntEQ(BIO_set_write_buf_size(bio, 4096), SSL_FAILURE);
  12883. AssertNull(d2i_PrivateKey(EVP_PKEY_EC, &pkey,
  12884. &server_key, (long)sizeof_server_key_der_2048));
  12885. AssertNull(pkey);
  12886. AssertNotNull(wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, &pkey,
  12887. &server_key, (long)sizeof_server_key_der_2048));
  12888. AssertIntEQ(PEM_write_bio_PrivateKey(bio, pkey, NULL, NULL, 0, NULL, NULL),
  12889. WOLFSSL_SUCCESS);
  12890. /* test of creating new EVP_PKEY */
  12891. AssertNotNull((pkey2 = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL)));
  12892. AssertIntEQ((int)XMEMCMP(pkey->pkey.ptr, pkey2->pkey.ptr, pkey->pkey_sz),0);
  12893. /* test of reuse of EVP_PKEY */
  12894. AssertNull(PEM_read_bio_PrivateKey(bio, &pkey, NULL, NULL));
  12895. AssertIntEQ(BIO_pending(bio), 0);
  12896. AssertIntEQ(PEM_write_bio_PrivateKey(bio, pkey, NULL, NULL, 0, NULL, NULL),
  12897. SSL_SUCCESS);
  12898. AssertIntEQ(BIO_write(bio, extra, 10), 10); /*add 10 extra bytes after PEM*/
  12899. AssertNotNull(PEM_read_bio_PrivateKey(bio, &pkey, NULL, NULL));
  12900. AssertNotNull(pkey);
  12901. AssertIntEQ((int)XMEMCMP(pkey->pkey.ptr, pkey2->pkey.ptr, pkey->pkey_sz),0);
  12902. AssertIntEQ(BIO_pending(bio), 10); /* check 10 extra bytes still there */
  12903. AssertIntEQ(BIO_read(bio, extra, 10), 10);
  12904. for (i = 0; i < 10; i++) {
  12905. AssertIntEQ(extra[i], 0);
  12906. }
  12907. BIO_free(bio);
  12908. EVP_PKEY_free(pkey);
  12909. EVP_PKEY_free(pkey2);
  12910. /* key is DES encrypted */
  12911. #if !defined(NO_DES3) && defined(WOLFSSL_ENCRYPTED_KEYS)
  12912. {
  12913. pem_password_cb* passwd_cb;
  12914. void* passwd_cb_userdata;
  12915. SSL_CTX* ctx;
  12916. char passwd[] = "bad password";
  12917. AssertNotNull(ctx = SSL_CTX_new(TLSv1_2_server_method()));
  12918. AssertNotNull(bio = BIO_new_file("./certs/server-keyEnc.pem", "rb"));
  12919. SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
  12920. AssertNotNull(passwd_cb = SSL_CTX_get_default_passwd_cb(ctx));
  12921. AssertNull(passwd_cb_userdata =
  12922. SSL_CTX_get_default_passwd_cb_userdata(ctx));
  12923. /* fail case with password call back */
  12924. AssertNull(pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL,
  12925. (void*)passwd));
  12926. BIO_free(bio);
  12927. AssertNotNull(bio = BIO_new_file("./certs/server-keyEnc.pem", "rb"));
  12928. AssertNull(pkey = PEM_read_bio_PrivateKey(bio, NULL, passwd_cb,
  12929. (void*)passwd));
  12930. BIO_free(bio);
  12931. AssertNotNull(bio = BIO_new_file("./certs/server-keyEnc.pem", "rb"));
  12932. /* use callback that works */
  12933. AssertNotNull(pkey = PEM_read_bio_PrivateKey(bio, NULL, passwd_cb,
  12934. (void*)"yassl123"));
  12935. AssertIntEQ(SSL_CTX_use_PrivateKey(ctx, pkey), SSL_SUCCESS);
  12936. EVP_PKEY_free(pkey);
  12937. BIO_free(bio);
  12938. SSL_CTX_free(ctx);
  12939. }
  12940. #endif /* !defined(NO_DES3) */
  12941. #ifdef HAVE_ECC
  12942. {
  12943. unsigned char buf[2048];
  12944. size_t bytes;
  12945. XFILE f;
  12946. SSL_CTX* ctx;
  12947. AssertNotNull(ctx = SSL_CTX_new(TLSv1_2_server_method()));
  12948. AssertNotNull(f = XFOPEN("./certs/ecc-key.der", "rb"));
  12949. bytes = XFREAD(buf, 1, sizeof(buf), f);
  12950. XFCLOSE(f);
  12951. server_key = buf;
  12952. pkey = NULL;
  12953. AssertNull(d2i_PrivateKey(EVP_PKEY_RSA, &pkey, &server_key, bytes));
  12954. AssertNull(pkey);
  12955. AssertNotNull(d2i_PrivateKey(EVP_PKEY_EC, &pkey, &server_key, bytes));
  12956. AssertIntEQ(SSL_CTX_use_PrivateKey(ctx, pkey), SSL_SUCCESS);
  12957. EVP_PKEY_free(pkey);
  12958. SSL_CTX_free(ctx);
  12959. }
  12960. #endif
  12961. printf(resultFmt, passed);
  12962. #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */
  12963. }
  12964. static void test_wolfSSL_PEM_RSAPrivateKey(void)
  12965. {
  12966. #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
  12967. !defined(NO_FILESYSTEM) && !defined(NO_RSA)
  12968. RSA* rsa = NULL;
  12969. BIO* bio = NULL;
  12970. printf(testingFmt, "wolfSSL_PEM_RSAPrivateKey()");
  12971. AssertNotNull(bio = BIO_new_file(svrKeyFile, "rb"));
  12972. AssertNotNull((rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL)));
  12973. AssertIntEQ(RSA_size(rsa), 256);
  12974. BIO_free(bio);
  12975. RSA_free(rsa);
  12976. #ifdef HAVE_ECC
  12977. AssertNotNull(bio = BIO_new_file(eccKeyFile, "rb"));
  12978. AssertNull((rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL)));
  12979. BIO_free(bio);
  12980. #endif /* HAVE_ECC */
  12981. printf(resultFmt, passed);
  12982. #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */
  12983. }
  12984. static void test_wolfSSL_tmp_dh(void)
  12985. {
  12986. #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
  12987. !defined(NO_FILESYSTEM) && !defined(NO_DSA) && !defined(NO_RSA) && \
  12988. !defined(NO_DH)
  12989. byte buffer[5300];
  12990. char file[] = "./certs/dsaparams.pem";
  12991. FILE *f;
  12992. int bytes;
  12993. DSA* dsa;
  12994. DH* dh;
  12995. BIO* bio;
  12996. SSL* ssl;
  12997. SSL_CTX* ctx;
  12998. printf(testingFmt, "wolfSSL_tmp_dh()");
  12999. AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
  13000. AssertTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM));
  13001. AssertTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM));
  13002. AssertNotNull(ssl = SSL_new(ctx));
  13003. f = fopen(file, "rb");
  13004. AssertNotNull(f);
  13005. bytes = (int)fread(buffer, 1, sizeof(buffer), f);
  13006. fclose(f);
  13007. bio = BIO_new_mem_buf((void*)buffer, bytes);
  13008. AssertNotNull(bio);
  13009. dsa = wolfSSL_PEM_read_bio_DSAparams(bio, NULL, NULL, NULL);
  13010. AssertNotNull(dsa);
  13011. dh = wolfSSL_DSA_dup_DH(dsa);
  13012. AssertNotNull(dh);
  13013. AssertIntEQ((int)SSL_CTX_set_tmp_dh(ctx, dh), WOLFSSL_SUCCESS);
  13014. AssertIntEQ((int)SSL_set_tmp_dh(ssl, dh), WOLFSSL_SUCCESS);
  13015. BIO_free(bio);
  13016. DSA_free(dsa);
  13017. DH_free(dh);
  13018. SSL_free(ssl);
  13019. SSL_CTX_free(ctx);
  13020. printf(resultFmt, passed);
  13021. #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */
  13022. }
  13023. static void test_wolfSSL_ctrl(void)
  13024. {
  13025. #if defined(OPENSSL_EXTRA)
  13026. byte buff[5300];
  13027. BIO* bio;
  13028. int bytes;
  13029. BUF_MEM* ptr = NULL;
  13030. printf(testingFmt, "wolfSSL_crtl()");
  13031. bytes = sizeof(buff);
  13032. bio = BIO_new_mem_buf((void*)buff, bytes);
  13033. AssertNotNull(bio);
  13034. AssertNotNull(BIO_s_socket());
  13035. AssertIntEQ((int)wolfSSL_BIO_get_mem_ptr(bio, &ptr), WOLFSSL_SUCCESS);
  13036. /* needs tested after stubs filled out @TODO
  13037. SSL_ctrl
  13038. SSL_CTX_ctrl
  13039. */
  13040. BIO_free(bio);
  13041. printf(resultFmt, passed);
  13042. #endif /* defined(OPENSSL_EXTRA) */
  13043. }
  13044. static void test_wolfSSL_EVP_PKEY_new_mac_key(void)
  13045. {
  13046. #ifdef OPENSSL_EXTRA
  13047. static const unsigned char pw[] = "password";
  13048. static const int pwSz = sizeof(pw) - 1;
  13049. size_t checkPwSz = 0;
  13050. const unsigned char* checkPw = NULL;
  13051. WOLFSSL_EVP_PKEY* key = NULL;
  13052. printf(testingFmt, "wolfSSL_EVP_PKEY_new_mac_key()");
  13053. AssertNull(key = wolfSSL_EVP_PKEY_new_mac_key(0, NULL, pw, pwSz));
  13054. AssertNull(key = wolfSSL_EVP_PKEY_new_mac_key(0, NULL, NULL, pwSz));
  13055. AssertNotNull(key = wolfSSL_EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, pw, pwSz));
  13056. AssertIntEQ(key->type, EVP_PKEY_HMAC);
  13057. AssertIntEQ(key->save_type, EVP_PKEY_HMAC);
  13058. AssertIntEQ(key->pkey_sz, pwSz);
  13059. AssertIntEQ(XMEMCMP(key->pkey.ptr, pw, pwSz), 0);
  13060. AssertNotNull(checkPw = wolfSSL_EVP_PKEY_get0_hmac(key, &checkPwSz));
  13061. AssertIntEQ((int)checkPwSz, pwSz);
  13062. AssertIntEQ(XMEMCMP(checkPw, pw, pwSz), 0);
  13063. wolfSSL_EVP_PKEY_free(key);
  13064. AssertNotNull(key = wolfSSL_EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, pw, 0));
  13065. AssertIntEQ(key->pkey_sz, 0);
  13066. checkPw = wolfSSL_EVP_PKEY_get0_hmac(key, &checkPwSz);
  13067. (void)checkPw;
  13068. AssertIntEQ((int)checkPwSz, 0);
  13069. wolfSSL_EVP_PKEY_free(key);
  13070. AssertNotNull(key = wolfSSL_EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, NULL, 0));
  13071. AssertIntEQ(key->pkey_sz, 0);
  13072. checkPw = wolfSSL_EVP_PKEY_get0_hmac(key, &checkPwSz);
  13073. (void)checkPw;
  13074. AssertIntEQ((int)checkPwSz, 0);
  13075. wolfSSL_EVP_PKEY_free(key);
  13076. printf(resultFmt, passed);
  13077. #endif /* OPENSSL_EXTRA */
  13078. }
  13079. static void test_wolfSSL_EVP_MD_hmac_signing(void)
  13080. {
  13081. #ifdef OPENSSL_EXTRA
  13082. const unsigned char testKey[] =
  13083. {
  13084. 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
  13085. 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
  13086. 0x0b, 0x0b, 0x0b, 0x0b
  13087. };
  13088. const char testData[] = "Hi There";
  13089. const unsigned char testResult[] =
  13090. {
  13091. 0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53,
  13092. 0x5c, 0xa8, 0xaf, 0xce, 0xaf, 0x0b, 0xf1, 0x2b,
  13093. 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7,
  13094. 0x26, 0xe9, 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7
  13095. };
  13096. unsigned char check[sizeof(testResult)];
  13097. size_t checkSz = -1;
  13098. WOLFSSL_EVP_PKEY* key;
  13099. WOLFSSL_EVP_MD_CTX mdCtx;
  13100. printf(testingFmt, "wolfSSL_EVP_MD_hmac_signing()");
  13101. AssertNotNull(key = wolfSSL_EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL,
  13102. testKey, (int)sizeof(testKey)));
  13103. wolfSSL_EVP_MD_CTX_init(&mdCtx);
  13104. AssertIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, wolfSSL_EVP_sha256(),
  13105. NULL, key), 1);
  13106. AssertIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData,
  13107. (unsigned int)XSTRLEN(testData)), 1);
  13108. AssertIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1);
  13109. AssertIntEQ((int)checkSz, sizeof(testResult));
  13110. AssertIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
  13111. AssertIntEQ((int)checkSz,(int)sizeof(testResult));
  13112. AssertIntEQ(XMEMCMP(testResult, check, sizeof(testResult)), 0);
  13113. AssertIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
  13114. wolfSSL_EVP_MD_CTX_init(&mdCtx);
  13115. AssertIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, wolfSSL_EVP_sha256(),
  13116. NULL, key), 1);
  13117. AssertIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData, 4), 1);
  13118. AssertIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1);
  13119. AssertIntEQ((int)checkSz, sizeof(testResult));
  13120. AssertIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
  13121. AssertIntEQ((int)checkSz,(int)sizeof(testResult));
  13122. AssertIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData + 4,
  13123. (unsigned int)XSTRLEN(testData) - 4), 1);
  13124. AssertIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
  13125. AssertIntEQ((int)checkSz,(int)sizeof(testResult));
  13126. AssertIntEQ(XMEMCMP(testResult, check, sizeof(testResult)), 0);
  13127. AssertIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
  13128. wolfSSL_EVP_PKEY_free(key);
  13129. printf(resultFmt, passed);
  13130. #endif /* OPENSSL_EXTRA */
  13131. }
  13132. static void test_wolfSSL_CTX_add_extra_chain_cert(void)
  13133. {
  13134. #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
  13135. !defined(NO_FILESYSTEM) && !defined(NO_RSA)
  13136. char caFile[] = "./certs/client-ca.pem";
  13137. char clientFile[] = "./certs/client-cert.pem";
  13138. SSL_CTX* ctx;
  13139. X509* x509 = NULL;
  13140. printf(testingFmt, "wolfSSL_CTX_add_extra_chain_cert()");
  13141. AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
  13142. x509 = wolfSSL_X509_load_certificate_file(caFile, WOLFSSL_FILETYPE_PEM);
  13143. AssertNotNull(x509);
  13144. AssertIntEQ((int)SSL_CTX_add_extra_chain_cert(ctx, x509), WOLFSSL_SUCCESS);
  13145. x509 = wolfSSL_X509_load_certificate_file(clientFile, WOLFSSL_FILETYPE_PEM);
  13146. AssertNotNull(x509);
  13147. #if !defined(HAVE_USER_RSA) && !defined(HAVE_FAST_RSA)
  13148. /* additional test of getting EVP_PKEY key size from X509
  13149. * Do not run with user RSA because wolfSSL_RSA_size is not currently
  13150. * allowed with user RSA */
  13151. {
  13152. EVP_PKEY* pkey;
  13153. #if defined(HAVE_ECC)
  13154. X509* ecX509;
  13155. #endif /* HAVE_ECC */
  13156. AssertNotNull(pkey = X509_get_pubkey(x509));
  13157. /* current RSA key is 2048 bit (256 bytes) */
  13158. AssertIntEQ(EVP_PKEY_size(pkey), 256);
  13159. EVP_PKEY_free(pkey);
  13160. #if defined(HAVE_ECC)
  13161. #if defined(USE_CERT_BUFFERS_256)
  13162. AssertNotNull(ecX509 = wolfSSL_X509_load_certificate_buffer(
  13163. cliecc_cert_der_256, sizeof_cliecc_cert_der_256,
  13164. SSL_FILETYPE_ASN1));
  13165. #else
  13166. AssertNotNull(ecX509 = wolfSSL_X509_load_certificate_file(cliEccCertFile,
  13167. SSL_FILETYPE_PEM));
  13168. #endif
  13169. AssertNotNull(pkey = X509_get_pubkey(ecX509));
  13170. /* current ECC key is 256 bit (32 bytes) */
  13171. AssertIntEQ(EVP_PKEY_size(pkey), 32);
  13172. X509_free(ecX509);
  13173. EVP_PKEY_free(pkey);
  13174. #endif /* HAVE_ECC */
  13175. }
  13176. #endif /* !defined(HAVE_USER_RSA) && !defined(HAVE_FAST_RSA) */
  13177. AssertIntEQ((int)SSL_CTX_add_extra_chain_cert(ctx, x509), SSL_SUCCESS);
  13178. #ifdef WOLFSSL_ENCRYPTED_KEYS
  13179. AssertNull(SSL_CTX_get_default_passwd_cb(ctx));
  13180. AssertNull(SSL_CTX_get_default_passwd_cb_userdata(ctx));
  13181. #endif
  13182. SSL_CTX_free(ctx);
  13183. printf(resultFmt, passed);
  13184. #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
  13185. !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
  13186. }
  13187. static void test_wolfSSL_ERR_peek_last_error_line(void)
  13188. {
  13189. #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
  13190. !defined(NO_FILESYSTEM) && defined(DEBUG_WOLFSSL) && \
  13191. !defined(NO_OLD_TLS) && defined(HAVE_IO_TESTS_DEPENDENCIES)
  13192. tcp_ready ready;
  13193. func_args client_args;
  13194. func_args server_args;
  13195. #ifndef SINGLE_THREADED
  13196. THREAD_TYPE serverThread;
  13197. #endif
  13198. callback_functions client_cb;
  13199. callback_functions server_cb;
  13200. int line = 0;
  13201. int flag = ERR_TXT_STRING;
  13202. const char* file = NULL;
  13203. const char* data = NULL;
  13204. printf(testingFmt, "wolfSSL_ERR_peek_last_error_line()");
  13205. /* create a failed connection and inspect the error */
  13206. #ifdef WOLFSSL_TIRTOS
  13207. fdOpenSession(Task_self());
  13208. #endif
  13209. XMEMSET(&client_args, 0, sizeof(func_args));
  13210. XMEMSET(&server_args, 0, sizeof(func_args));
  13211. StartTCP();
  13212. InitTcpReady(&ready);
  13213. XMEMSET(&client_cb, 0, sizeof(callback_functions));
  13214. XMEMSET(&server_cb, 0, sizeof(callback_functions));
  13215. client_cb.method = wolfTLSv1_1_client_method;
  13216. server_cb.method = wolfTLSv1_2_server_method;
  13217. server_args.signal = &ready;
  13218. server_args.callbacks = &server_cb;
  13219. client_args.signal = &ready;
  13220. client_args.callbacks = &client_cb;
  13221. #ifndef SINGLE_THREADED
  13222. start_thread(test_server_nofail, &server_args, &serverThread);
  13223. wait_tcp_ready(&server_args);
  13224. test_client_nofail(&client_args, NULL);
  13225. join_thread(serverThread);
  13226. #endif
  13227. FreeTcpReady(&ready);
  13228. AssertIntGT(ERR_get_error_line_data(NULL, NULL, &data, &flag), 0);
  13229. AssertNotNull(data);
  13230. /* check clearing error state */
  13231. ERR_remove_state(0);
  13232. AssertIntEQ((int)ERR_peek_last_error_line(NULL, NULL), 0);
  13233. ERR_peek_last_error_line(NULL, &line);
  13234. AssertIntEQ(line, 0);
  13235. ERR_peek_last_error_line(&file, NULL);
  13236. AssertNull(file);
  13237. /* retry connection to fill error queue */
  13238. XMEMSET(&client_args, 0, sizeof(func_args));
  13239. XMEMSET(&server_args, 0, sizeof(func_args));
  13240. StartTCP();
  13241. InitTcpReady(&ready);
  13242. client_cb.method = wolfTLSv1_1_client_method;
  13243. server_cb.method = wolfTLSv1_2_server_method;
  13244. server_args.signal = &ready;
  13245. server_args.callbacks = &server_cb;
  13246. client_args.signal = &ready;
  13247. client_args.callbacks = &client_cb;
  13248. start_thread(test_server_nofail, &server_args, &serverThread);
  13249. wait_tcp_ready(&server_args);
  13250. test_client_nofail(&client_args, NULL);
  13251. join_thread(serverThread);
  13252. FreeTcpReady(&ready);
  13253. /* check that error code was stored */
  13254. AssertIntNE((int)ERR_peek_last_error_line(NULL, NULL), 0);
  13255. ERR_peek_last_error_line(NULL, &line);
  13256. AssertIntNE(line, 0);
  13257. ERR_peek_last_error_line(&file, NULL);
  13258. AssertNotNull(file);
  13259. #ifdef WOLFSSL_TIRTOS
  13260. fdOpenSession(Task_self());
  13261. #endif
  13262. printf(resultFmt, passed);
  13263. printf("\nTesting error print out\n");
  13264. ERR_print_errors_fp(stdout);
  13265. printf("Done testing print out\n\n");
  13266. fflush(stdout);
  13267. #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
  13268. !defined(NO_FILESYSTEM) && !defined(DEBUG_WOLFSSL) */
  13269. }
  13270. #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
  13271. !defined(NO_FILESYSTEM) && !defined(NO_RSA)
  13272. static int verify_cb(int ok, X509_STORE_CTX *ctx)
  13273. {
  13274. (void) ok;
  13275. (void) ctx;
  13276. printf("ENTER verify_cb\n");
  13277. return SSL_SUCCESS;
  13278. }
  13279. #endif
  13280. static void test_wolfSSL_X509_STORE_CTX(void)
  13281. {
  13282. #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
  13283. !defined(NO_FILESYSTEM) && !defined(NO_RSA)
  13284. X509_STORE_CTX* ctx;
  13285. X509_STORE* str;
  13286. X509* x509;
  13287. printf(testingFmt, "wolfSSL_X509_STORE_CTX()");
  13288. AssertNotNull(ctx = X509_STORE_CTX_new());
  13289. AssertNotNull((str = wolfSSL_X509_STORE_new()));
  13290. AssertNotNull((x509 =
  13291. wolfSSL_X509_load_certificate_file(svrCertFile, SSL_FILETYPE_PEM)));
  13292. AssertIntEQ(X509_STORE_add_cert(str, x509), SSL_SUCCESS);
  13293. AssertIntEQ(X509_STORE_CTX_init(ctx, str, x509, NULL), SSL_SUCCESS);
  13294. AssertIntEQ(SSL_get_ex_data_X509_STORE_CTX_idx(), 0);
  13295. X509_STORE_CTX_set_error(ctx, -5);
  13296. X509_STORE_CTX_set_error(NULL, -5);
  13297. X509_STORE_CTX_free(ctx);
  13298. AssertNotNull(ctx = X509_STORE_CTX_new());
  13299. X509_STORE_CTX_set_verify_cb(ctx, (void *)verify_cb);
  13300. X509_STORE_CTX_free(ctx);
  13301. printf(resultFmt, passed);
  13302. #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
  13303. !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
  13304. }
  13305. static void test_wolfSSL_X509_STORE_set_flags(void)
  13306. {
  13307. #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
  13308. !defined(NO_FILESYSTEM) && !defined(NO_RSA)
  13309. X509_STORE* store;
  13310. X509* x509;
  13311. printf(testingFmt, "wolfSSL_X509_STORE_set_flags()");
  13312. AssertNotNull((store = wolfSSL_X509_STORE_new()));
  13313. AssertNotNull((x509 =
  13314. wolfSSL_X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM)));
  13315. AssertIntEQ(X509_STORE_add_cert(store, x509), WOLFSSL_SUCCESS);
  13316. #ifdef HAVE_CRL
  13317. AssertIntEQ(X509_STORE_set_flags(store, WOLFSSL_CRL_CHECKALL), WOLFSSL_SUCCESS);
  13318. #else
  13319. AssertIntEQ(X509_STORE_set_flags(store, WOLFSSL_CRL_CHECKALL),
  13320. NOT_COMPILED_IN);
  13321. #endif
  13322. wolfSSL_X509_free(x509);
  13323. wolfSSL_X509_STORE_free(store);
  13324. printf(resultFmt, passed);
  13325. #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
  13326. !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
  13327. }
  13328. static void test_wolfSSL_X509_LOOKUP_load_file(void)
  13329. {
  13330. #if defined(OPENSSL_EXTRA) && defined(HAVE_CRL) && \
  13331. !defined(NO_FILESYSTEM) && !defined(NO_RSA)
  13332. WOLFSSL_X509_STORE* store;
  13333. WOLFSSL_X509_LOOKUP* lookup;
  13334. printf(testingFmt, "wolfSSL_X509_LOOKUP_load_file()");
  13335. AssertNotNull(store = wolfSSL_X509_STORE_new());
  13336. AssertNotNull(lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file()));
  13337. AssertIntEQ(wolfSSL_X509_LOOKUP_load_file(lookup, "certs/client-ca.pem",
  13338. X509_FILETYPE_PEM), 1);
  13339. AssertIntEQ(wolfSSL_X509_LOOKUP_load_file(lookup, "certs/crl/crl2.pem",
  13340. X509_FILETYPE_PEM), 1);
  13341. AssertIntEQ(wolfSSL_CertManagerVerify(store->cm, cliCertFile,
  13342. WOLFSSL_FILETYPE_PEM), 1);
  13343. AssertIntEQ(wolfSSL_CertManagerVerify(store->cm, svrCertFile,
  13344. WOLFSSL_FILETYPE_PEM), ASN_NO_SIGNER_E);
  13345. AssertIntEQ(wolfSSL_X509_LOOKUP_load_file(lookup, "certs/ca-cert.pem",
  13346. X509_FILETYPE_PEM), 1);
  13347. AssertIntEQ(wolfSSL_CertManagerVerify(store->cm, svrCertFile,
  13348. WOLFSSL_FILETYPE_PEM), 1);
  13349. wolfSSL_X509_STORE_free(store);
  13350. printf(resultFmt, passed);
  13351. #endif /* defined(OPENSSL_EXTRA) && defined(HAVE_CRL) && \
  13352. !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
  13353. }
  13354. static void test_wolfSSL_X509_STORE_CTX_set_time(void)
  13355. {
  13356. #if defined(OPENSSL_EXTRA)
  13357. WOLFSSL_X509_STORE_CTX* ctx;
  13358. time_t c_time;
  13359. printf(testingFmt, "wolfSSL_X509_set_time()");
  13360. AssertNotNull(ctx = wolfSSL_X509_STORE_CTX_new());
  13361. c_time = 365*24*60*60;
  13362. wolfSSL_X509_STORE_CTX_set_time(ctx, 0, c_time);
  13363. AssertTrue(
  13364. (ctx->param->flags & WOLFSSL_USE_CHECK_TIME) == WOLFSSL_USE_CHECK_TIME);
  13365. AssertTrue(ctx->param->check_time == c_time);
  13366. wolfSSL_X509_STORE_CTX_free(ctx);
  13367. printf(resultFmt, passed);
  13368. #endif /* OPENSSL_EXTRA */
  13369. }
  13370. static void test_wolfSSL_CTX_set_client_CA_list(void)
  13371. {
  13372. #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_CERTS)
  13373. WOLFSSL_CTX* ctx;
  13374. WOLF_STACK_OF(WOLFSSL_X509_NAME)* names = NULL;
  13375. WOLF_STACK_OF(WOLFSSL_X509_NAME)* ca_list = NULL;
  13376. printf(testingFmt, "wolfSSL_CTX_set_client_CA_list()");
  13377. AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
  13378. names = wolfSSL_load_client_CA_file(cliCertFile);
  13379. AssertNotNull(names);
  13380. wolfSSL_CTX_set_client_CA_list(ctx,names);
  13381. AssertNotNull(ca_list = wolfSSL_SSL_CTX_get_client_CA_list(ctx));
  13382. wolfSSL_CTX_free(ctx);
  13383. printf(resultFmt, passed);
  13384. #endif /* OPENSSL_EXTRA && !NO_RSA && !NO_CERTS */
  13385. }
  13386. static void test_wolfSSL_CTX_add_client_CA(void)
  13387. {
  13388. #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_CERTS)
  13389. WOLFSSL_CTX* ctx;
  13390. WOLFSSL_X509* x509;
  13391. WOLFSSL_X509* x509_a;
  13392. WOLF_STACK_OF(WOLFSSLX509_NAME)* ca_list;
  13393. int ret = 0;
  13394. printf(testingFmt, "wolfSSL_CTX_add_client_CA()");
  13395. AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
  13396. /* Add client cert */
  13397. AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile,
  13398. SSL_FILETYPE_PEM));
  13399. ret = wolfSSL_CTX_add_client_CA(ctx, x509);
  13400. AssertIntEQ(ret ,SSL_SUCCESS);
  13401. AssertNotNull(ca_list = wolfSSL_SSL_CTX_get_client_CA_list(ctx));
  13402. /* Add another client cert */
  13403. AssertNotNull(x509_a = wolfSSL_X509_load_certificate_file(cliCertFile,
  13404. SSL_FILETYPE_PEM));
  13405. AssertIntEQ(wolfSSL_CTX_add_client_CA(ctx, x509_a),SSL_SUCCESS);
  13406. wolfSSL_X509_free(x509);
  13407. wolfSSL_X509_free(x509_a);
  13408. wolfSSL_CTX_free(ctx);
  13409. printf(resultFmt, passed);
  13410. #endif /* OPENSSL_EXTRA && !NO_RSA && !NO_CERTS */
  13411. }
  13412. static void test_wolfSSL_X509_NID(void)
  13413. {
  13414. #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
  13415. !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048) && !defined(NO_ASN)
  13416. int sigType;
  13417. int nameSz;
  13418. X509* cert;
  13419. EVP_PKEY* pubKeyTmp;
  13420. X509_NAME* name;
  13421. char commonName[80];
  13422. char countryName[80];
  13423. char localityName[80];
  13424. char stateName[80];
  13425. char orgName[80];
  13426. char orgUnit[80];
  13427. printf(testingFmt, "wolfSSL_X509_NID()");
  13428. /* ------ PARSE ORIGINAL SELF-SIGNED CERTIFICATE ------ */
  13429. /* convert cert from DER to internal WOLFSSL_X509 struct */
  13430. AssertNotNull(cert = wolfSSL_X509_d2i(&cert, client_cert_der_2048,
  13431. sizeof_client_cert_der_2048));
  13432. /* ------ EXTRACT CERTIFICATE ELEMENTS ------ */
  13433. /* extract PUBLIC KEY from cert */
  13434. AssertNotNull(pubKeyTmp = X509_get_pubkey(cert));
  13435. /* extract signatureType */
  13436. AssertIntNE((sigType = wolfSSL_X509_get_signature_type(cert)), 0);
  13437. /* extract subjectName info */
  13438. AssertNotNull(name = X509_get_subject_name(cert));
  13439. AssertIntEQ(X509_NAME_get_text_by_NID(name, -1, NULL, 0), -1);
  13440. AssertIntGT((nameSz = X509_NAME_get_text_by_NID(name, ASN_COMMON_NAME,
  13441. NULL, 0)), 0);
  13442. AssertIntEQ(nameSz, 15);
  13443. AssertIntGT((nameSz = X509_NAME_get_text_by_NID(name, ASN_COMMON_NAME,
  13444. commonName, sizeof(commonName))), 0);
  13445. AssertIntEQ(nameSz, 15);
  13446. AssertIntEQ(XMEMCMP(commonName, "www.wolfssl.com", nameSz), 0);
  13447. AssertIntGT((nameSz = X509_NAME_get_text_by_NID(name, ASN_COMMON_NAME,
  13448. commonName, 9)), 0);
  13449. AssertIntEQ(nameSz, 8);
  13450. AssertIntEQ(XMEMCMP(commonName, "www.wolf", nameSz), 0);
  13451. AssertIntGT((nameSz = X509_NAME_get_text_by_NID(name, ASN_COUNTRY_NAME,
  13452. countryName, sizeof(countryName))), 0);
  13453. AssertIntEQ(XMEMCMP(countryName, "US", nameSz), 0);
  13454. AssertIntGT((nameSz = X509_NAME_get_text_by_NID(name, ASN_LOCALITY_NAME,
  13455. localityName, sizeof(localityName))), 0);
  13456. AssertIntEQ(XMEMCMP(localityName, "Bozeman", nameSz), 0);
  13457. AssertIntGT((nameSz = X509_NAME_get_text_by_NID(name, ASN_STATE_NAME,
  13458. stateName, sizeof(stateName))), 0);
  13459. AssertIntEQ(XMEMCMP(stateName, "Montana", nameSz), 0);
  13460. AssertIntGT((nameSz = X509_NAME_get_text_by_NID(name, ASN_ORG_NAME,
  13461. orgName, sizeof(orgName))), 0);
  13462. AssertIntEQ(XMEMCMP(orgName, "wolfSSL_2048", nameSz), 0);
  13463. AssertIntGT((nameSz = X509_NAME_get_text_by_NID(name, ASN_ORGUNIT_NAME,
  13464. orgUnit, sizeof(orgUnit))), 0);
  13465. AssertIntEQ(XMEMCMP(orgUnit, "Programming-2048", nameSz), 0);
  13466. EVP_PKEY_free(pubKeyTmp);
  13467. X509_free(cert);
  13468. printf(resultFmt, passed);
  13469. #endif
  13470. }
  13471. static void test_wolfSSL_CTX_set_srp_username(void)
  13472. {
  13473. #if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) \
  13474. && !defined(NO_SHA256) && !defined(WC_NO_RNG)
  13475. WOLFSSL_CTX* ctx;
  13476. const char *username = "TESTUSER";
  13477. const char *password = "TESTPASSWORD";
  13478. int r;
  13479. printf(testingFmt, "wolfSSL_CTX_set_srp_username()");
  13480. ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
  13481. AssertNotNull(ctx);
  13482. r = wolfSSL_CTX_set_srp_username(ctx, (char *)username);
  13483. AssertIntEQ(r,SSL_SUCCESS);
  13484. wolfSSL_CTX_free(ctx);
  13485. ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
  13486. AssertNotNull(ctx);
  13487. r = wolfSSL_CTX_set_srp_password(ctx, (char *)password);
  13488. AssertIntEQ(r,SSL_SUCCESS);
  13489. r = wolfSSL_CTX_set_srp_username(ctx, (char *)username);
  13490. AssertIntEQ(r,SSL_SUCCESS);
  13491. wolfSSL_CTX_free(ctx);
  13492. printf(resultFmt, passed);
  13493. #endif /* OPENSSL_EXTRA && WOLFCRYPT_HAVE_SRP */
  13494. /* && !NO_SHA256 && !WC_NO_RNG */
  13495. }
  13496. static void test_wolfSSL_CTX_set_srp_password(void)
  13497. {
  13498. #if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) \
  13499. && !defined(NO_SHA256) && !defined(WC_NO_RNG)
  13500. WOLFSSL_CTX* ctx;
  13501. const char *username = "TESTUSER";
  13502. const char *password = "TESTPASSWORD";
  13503. int r;
  13504. printf(testingFmt, "wolfSSL_CTX_set_srp_password()");
  13505. ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
  13506. AssertNotNull(ctx);
  13507. r = wolfSSL_CTX_set_srp_password(ctx, (char *)password);
  13508. AssertIntEQ(r,SSL_SUCCESS);
  13509. wolfSSL_CTX_free(ctx);
  13510. ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
  13511. AssertNotNull(ctx);
  13512. r = wolfSSL_CTX_set_srp_username(ctx, (char *)username);
  13513. AssertIntEQ(r,SSL_SUCCESS);
  13514. r = wolfSSL_CTX_set_srp_password(ctx, (char *)password);
  13515. AssertIntEQ(r,SSL_SUCCESS);
  13516. wolfSSL_CTX_free(ctx);
  13517. printf(resultFmt, passed);
  13518. #endif /* OPENSSL_EXTRA && WOLFCRYPT_HAVE_SRP */
  13519. /* && !NO_SHA256 && !WC_NO_RNG */
  13520. }
  13521. static void test_wolfSSL_BN(void)
  13522. {
  13523. #if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
  13524. BIGNUM* a;
  13525. BIGNUM* b;
  13526. BIGNUM* c;
  13527. BIGNUM* d;
  13528. ASN1_INTEGER* ai;
  13529. unsigned char value[1];
  13530. printf(testingFmt, "wolfSSL_BN()");
  13531. AssertNotNull(b = BN_new());
  13532. AssertNotNull(c = BN_new());
  13533. AssertNotNull(d = BN_new());
  13534. value[0] = 0x03;
  13535. AssertNotNull(ai = ASN1_INTEGER_new());
  13536. /* at the moment hard setting since no set function */
  13537. ai->data[0] = 0x02; /* tag for ASN_INTEGER */
  13538. ai->data[1] = 0x01; /* length of integer */
  13539. ai->data[2] = value[0];
  13540. AssertNotNull(a = ASN1_INTEGER_to_BN(ai, NULL));
  13541. ASN1_INTEGER_free(ai);
  13542. value[0] = 0x02;
  13543. AssertNotNull(BN_bin2bn(value, sizeof(value), b));
  13544. value[0] = 0x05;
  13545. AssertNotNull(BN_bin2bn(value, sizeof(value), c));
  13546. /* a^b mod c = */
  13547. AssertIntEQ(BN_mod_exp(d, NULL, b, c, NULL), WOLFSSL_FAILURE);
  13548. AssertIntEQ(BN_mod_exp(d, a, b, c, NULL), WOLFSSL_SUCCESS);
  13549. /* check result 3^2 mod 5 */
  13550. value[0] = 0;
  13551. AssertIntEQ(BN_bn2bin(d, value), WOLFSSL_SUCCESS);
  13552. AssertIntEQ(BN_bn2bin(d, value), SSL_SUCCESS);
  13553. AssertIntEQ((int)(value[0]), 4);
  13554. /* a*b mod c = */
  13555. AssertIntEQ(BN_mod_mul(d, NULL, b, c, NULL), SSL_FAILURE);
  13556. AssertIntEQ(BN_mod_mul(d, a, b, c, NULL), SSL_SUCCESS);
  13557. /* check result 3*2 mod 5 */
  13558. value[0] = 0;
  13559. AssertIntEQ(BN_bn2bin(d, value), SSL_SUCCESS);
  13560. AssertIntEQ((int)(value[0]), 1);
  13561. /* BN_mod_inverse test */
  13562. value[0] = 0;
  13563. BIGNUM *r = BN_new();
  13564. BIGNUM *val = BN_mod_inverse(r,b,c,NULL);
  13565. AssertIntEQ(BN_bn2bin(r, value), 1);
  13566. AssertIntEQ((int)(value[0] & 0x03), 3);
  13567. BN_free(val);
  13568. AssertIntEQ(BN_set_word(a, 1), SSL_SUCCESS);
  13569. AssertIntEQ(BN_set_word(b, 5), SSL_SUCCESS);
  13570. AssertIntEQ(BN_sub(c, a, b), SSL_SUCCESS);
  13571. #if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY)
  13572. {
  13573. char* ret;
  13574. AssertNotNull(ret = BN_bn2dec(c));
  13575. AssertIntEQ(XMEMCMP(ret, "-4", sizeof("-4")), 0);
  13576. XFREE(ret, NULL, DYNAMIC_TYPE_OPENSSL);
  13577. }
  13578. #endif
  13579. AssertIntEQ(BN_get_word(c), 4);
  13580. BN_free(a);
  13581. BN_free(b);
  13582. BN_free(c);
  13583. BN_clear_free(d);
  13584. /* check that converting NULL and the null string returns an error */
  13585. a = NULL;
  13586. AssertIntLE(BN_hex2bn(&a, NULL), 0);
  13587. AssertIntLE(BN_hex2bn(&a, ""), 0);
  13588. AssertNull(a);
  13589. /* check that getting a string and a bin of the same number are equal,
  13590. * and that the comparison works EQ, LT and GT */
  13591. AssertIntGT(BN_hex2bn(&a, "03"), 0);
  13592. value[0] = 0x03;
  13593. AssertNotNull(b = BN_new());
  13594. AssertNotNull(BN_bin2bn(value, sizeof(value), b));
  13595. value[0] = 0x04;
  13596. AssertNotNull(c = BN_new());
  13597. AssertNotNull(BN_bin2bn(value, sizeof(value), c));
  13598. AssertIntEQ(BN_cmp(a, b), 0);
  13599. AssertIntLT(BN_cmp(a, c), 0);
  13600. AssertIntGT(BN_cmp(c, b), 0);
  13601. BN_free(a);
  13602. BN_free(b);
  13603. BN_free(c);
  13604. printf(resultFmt, passed);
  13605. #endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */
  13606. }
  13607. #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
  13608. !defined(NO_FILESYSTEM) && !defined(NO_RSA)
  13609. #define TEST_ARG 0x1234
  13610. static void msg_cb(int write_p, int version, int content_type,
  13611. const void *buf, size_t len, SSL *ssl, void *arg)
  13612. {
  13613. (void)write_p;
  13614. (void)version;
  13615. (void)content_type;
  13616. (void)buf;
  13617. (void)len;
  13618. (void)ssl;
  13619. AssertTrue(arg == (void*)TEST_ARG);
  13620. }
  13621. #endif
  13622. #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
  13623. !defined(NO_FILESYSTEM) && defined(DEBUG_WOLFSSL) && \
  13624. !defined(NO_OLD_TLS) && defined(HAVE_IO_TESTS_DEPENDENCIES)
  13625. #ifndef SINGLE_THREADED
  13626. static int msgCb(SSL_CTX *ctx, SSL *ssl)
  13627. {
  13628. (void) ctx;
  13629. (void) ssl;
  13630. printf("\n===== msgcb called ====\n");
  13631. #if defined(SESSION_CERTS) && defined(TEST_PEER_CERT_CHAIN)
  13632. AssertTrue(SSL_get_peer_cert_chain(ssl) != NULL);
  13633. AssertIntEQ(((WOLFSSL_X509_CHAIN *)SSL_get_peer_cert_chain(ssl))->count, 1);
  13634. #endif
  13635. return SSL_SUCCESS;
  13636. }
  13637. #endif
  13638. #endif
  13639. static void test_wolfSSL_msgCb(void)
  13640. {
  13641. #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
  13642. !defined(NO_FILESYSTEM) && defined(DEBUG_WOLFSSL) && \
  13643. !defined(NO_OLD_TLS) && defined(HAVE_IO_TESTS_DEPENDENCIES)
  13644. tcp_ready ready;
  13645. func_args client_args;
  13646. func_args server_args;
  13647. #ifndef SINGLE_THREADED
  13648. THREAD_TYPE serverThread;
  13649. #endif
  13650. callback_functions client_cb;
  13651. callback_functions server_cb;
  13652. printf(testingFmt, "test_wolfSSL_msgCb");
  13653. /* create a failed connection and inspect the error */
  13654. #ifdef WOLFSSL_TIRTOS
  13655. fdOpenSession(Task_self());
  13656. #endif
  13657. XMEMSET(&client_args, 0, sizeof(func_args));
  13658. XMEMSET(&server_args, 0, sizeof(func_args));
  13659. StartTCP();
  13660. InitTcpReady(&ready);
  13661. XMEMSET(&client_cb, 0, sizeof(callback_functions));
  13662. XMEMSET(&server_cb, 0, sizeof(callback_functions));
  13663. client_cb.method = wolfTLSv1_2_client_method;
  13664. server_cb.method = wolfTLSv1_2_server_method;
  13665. server_args.signal = &ready;
  13666. server_args.callbacks = &server_cb;
  13667. client_args.signal = &ready;
  13668. client_args.callbacks = &client_cb;
  13669. client_args.return_code = TEST_FAIL;
  13670. #ifndef SINGLE_THREADED
  13671. start_thread(test_server_nofail, &server_args, &serverThread);
  13672. wait_tcp_ready(&server_args);
  13673. test_client_nofail(&client_args, (void *)msgCb);
  13674. join_thread(serverThread);
  13675. AssertTrue(client_args.return_code);
  13676. AssertTrue(server_args.return_code);
  13677. #endif
  13678. FreeTcpReady(&ready);
  13679. #ifdef WOLFSSL_TIRTOS
  13680. fdOpenSession(Task_self());
  13681. #endif
  13682. printf(resultFmt, passed);
  13683. #endif
  13684. }
  13685. static void test_wolfSSL_set_options(void)
  13686. {
  13687. #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
  13688. !defined(NO_FILESYSTEM) && !defined(NO_RSA)
  13689. SSL* ssl;
  13690. SSL_CTX* ctx;
  13691. char appData[] = "extra msg";
  13692. unsigned char protos[] = {
  13693. 7, 't', 'l', 's', '/', '1', '.', '2',
  13694. 8, 'h', 't', 't', 'p', '/', '1', '.', '1'
  13695. };
  13696. unsigned int len = sizeof(protos);
  13697. void *arg = (void *)TEST_ARG;
  13698. printf(testingFmt, "wolfSSL_set_options()");
  13699. AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
  13700. AssertTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile, SSL_FILETYPE_PEM));
  13701. AssertTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM));
  13702. AssertTrue(SSL_CTX_set_options(ctx, SSL_OP_NO_TLSv1) == SSL_OP_NO_TLSv1);
  13703. AssertTrue(SSL_CTX_get_options(ctx) == SSL_OP_NO_TLSv1);
  13704. AssertIntGT((int)SSL_CTX_set_options(ctx, (SSL_OP_COOKIE_EXCHANGE |
  13705. SSL_OP_NO_SSLv2)), 0);
  13706. AssertTrue((SSL_CTX_set_options(ctx, SSL_OP_COOKIE_EXCHANGE) &
  13707. SSL_OP_COOKIE_EXCHANGE) == SSL_OP_COOKIE_EXCHANGE);
  13708. AssertTrue((SSL_CTX_set_options(ctx, SSL_OP_NO_TLSv1_2) &
  13709. SSL_OP_NO_TLSv1_2) == SSL_OP_NO_TLSv1_2);
  13710. AssertTrue((SSL_CTX_set_options(ctx, SSL_OP_NO_COMPRESSION) &
  13711. SSL_OP_NO_COMPRESSION) == SSL_OP_NO_COMPRESSION);
  13712. AssertNull((SSL_CTX_clear_options(ctx, SSL_OP_NO_COMPRESSION) &
  13713. SSL_OP_NO_COMPRESSION));
  13714. SSL_CTX_free(ctx);
  13715. AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
  13716. AssertTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile, SSL_FILETYPE_PEM));
  13717. AssertTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM));
  13718. AssertNotNull(ssl = SSL_new(ctx));
  13719. #if defined(HAVE_EX_DATA) || defined(FORTRESS)
  13720. AssertIntEQ(SSL_set_app_data(ssl, (void*)appData), SSL_SUCCESS);
  13721. AssertNotNull(SSL_get_app_data((const WOLFSSL*)ssl));
  13722. AssertIntEQ(XMEMCMP(SSL_get_app_data((const WOLFSSL*)ssl),
  13723. appData, sizeof(appData)), 0);
  13724. #else
  13725. AssertIntEQ(SSL_set_app_data(ssl, (void*)appData), SSL_FAILURE);
  13726. AssertNull(SSL_get_app_data((const WOLFSSL*)ssl));
  13727. #endif
  13728. AssertTrue(SSL_set_options(ssl, SSL_OP_NO_TLSv1) == SSL_OP_NO_TLSv1);
  13729. AssertTrue(SSL_get_options(ssl) == SSL_OP_NO_TLSv1);
  13730. AssertIntGT((int)SSL_set_options(ssl, (SSL_OP_COOKIE_EXCHANGE |
  13731. WOLFSSL_OP_NO_SSLv2)), 0);
  13732. AssertTrue((SSL_set_options(ssl, SSL_OP_COOKIE_EXCHANGE) &
  13733. SSL_OP_COOKIE_EXCHANGE) == SSL_OP_COOKIE_EXCHANGE);
  13734. AssertTrue((SSL_set_options(ssl, SSL_OP_NO_TLSv1_2) &
  13735. SSL_OP_NO_TLSv1_2) == SSL_OP_NO_TLSv1_2);
  13736. AssertTrue((SSL_set_options(ssl, SSL_OP_NO_COMPRESSION) &
  13737. SSL_OP_NO_COMPRESSION) == SSL_OP_NO_COMPRESSION);
  13738. AssertNull((SSL_clear_options(ssl, SSL_OP_NO_COMPRESSION) &
  13739. SSL_OP_NO_COMPRESSION));
  13740. AssertTrue(SSL_set_msg_callback(ssl, msg_cb) == SSL_SUCCESS);
  13741. SSL_set_msg_callback_arg(ssl, arg);
  13742. AssertTrue(SSL_CTX_set_alpn_protos(ctx, protos, len) == SSL_SUCCESS);
  13743. SSL_free(ssl);
  13744. SSL_CTX_free(ctx);
  13745. printf(resultFmt, passed);
  13746. #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
  13747. !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
  13748. }
  13749. /* Testing wolfSSL_set_tlsext_status_type funciton.
  13750. * PRE: OPENSSL and HAVE_CERTIFICATE_STATUS_REQUEST defined.
  13751. */
  13752. static void test_wolfSSL_set_tlsext_status_type(void){
  13753. #if defined(OPENSSL_EXTRA) && defined(HAVE_CERTIFICATE_STATUS_REQUEST)
  13754. SSL* ssl;
  13755. SSL_CTX* ctx;
  13756. printf(testingFmt, "wolfSSL_set_tlsext_status_type()");
  13757. AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
  13758. AssertTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile, SSL_FILETYPE_PEM));
  13759. AssertTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM));
  13760. AssertNotNull(ssl = SSL_new(ctx));
  13761. AssertTrue(SSL_set_tlsext_status_type(ssl,TLSEXT_STATUSTYPE_ocsp)
  13762. == SSL_SUCCESS);
  13763. SSL_free(ssl);
  13764. SSL_CTX_free(ctx);
  13765. #endif /* OPENSSL_EXTRA && HAVE_CERTIFICATE_STATUS_REQUEST */
  13766. }
  13767. static void test_wolfSSL_PEM_read_bio(void)
  13768. {
  13769. #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
  13770. !defined(NO_FILESYSTEM) && !defined(NO_RSA)
  13771. byte buff[5300];
  13772. FILE *f;
  13773. int bytes;
  13774. X509* x509;
  13775. BIO* bio = NULL;
  13776. BUF_MEM* buf;
  13777. printf(testingFmt, "wolfSSL_PEM_read_bio()");
  13778. AssertNotNull(f = fopen(cliCertFile, "rb"));
  13779. bytes = (int)fread(buff, 1, sizeof(buff), f);
  13780. fclose(f);
  13781. AssertNull(x509 = PEM_read_bio_X509_AUX(bio, NULL, NULL, NULL));
  13782. AssertNotNull(bio = BIO_new_mem_buf((void*)buff, bytes));
  13783. AssertNotNull(x509 = PEM_read_bio_X509_AUX(bio, NULL, NULL, NULL));
  13784. AssertIntEQ((int)BIO_set_fd(bio, 0, BIO_NOCLOSE), 1);
  13785. AssertIntEQ(SSL_SUCCESS, BIO_get_mem_ptr(bio, &buf));
  13786. BIO_free(bio);
  13787. BUF_MEM_free(buf);
  13788. X509_free(x509);
  13789. printf(resultFmt, passed);
  13790. #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
  13791. !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
  13792. }
  13793. static void test_wolfSSL_BIO(void)
  13794. {
  13795. #if defined(OPENSSL_EXTRA)
  13796. byte buff[20];
  13797. BIO* bio1;
  13798. BIO* bio2;
  13799. BIO* bio3;
  13800. char* bufPt;
  13801. int i;
  13802. printf(testingFmt, "wolfSSL_BIO()");
  13803. for (i = 0; i < 20; i++) {
  13804. buff[i] = i;
  13805. }
  13806. /* Creating and testing type BIO_s_bio */
  13807. AssertNotNull(bio1 = BIO_new(BIO_s_bio()));
  13808. AssertNotNull(bio2 = BIO_new(BIO_s_bio()));
  13809. AssertNotNull(bio3 = BIO_new(BIO_s_bio()));
  13810. /* read/write before set up */
  13811. AssertIntEQ(BIO_read(bio1, buff, 2), WOLFSSL_BIO_UNSET);
  13812. AssertIntEQ(BIO_write(bio1, buff, 2), WOLFSSL_BIO_UNSET);
  13813. AssertIntEQ(BIO_set_write_buf_size(bio1, 20), WOLFSSL_SUCCESS);
  13814. AssertIntEQ(BIO_set_write_buf_size(bio2, 8), WOLFSSL_SUCCESS);
  13815. AssertIntEQ(BIO_make_bio_pair(bio1, bio2), WOLFSSL_SUCCESS);
  13816. AssertIntEQ(BIO_nwrite(bio1, &bufPt, 10), 10);
  13817. XMEMCPY(bufPt, buff, 10);
  13818. AssertIntEQ(BIO_write(bio1, buff + 10, 10), 10);
  13819. /* write buffer full */
  13820. AssertIntEQ(BIO_write(bio1, buff, 10), WOLFSSL_BIO_ERROR);
  13821. AssertIntEQ(BIO_flush(bio1), WOLFSSL_SUCCESS);
  13822. AssertIntEQ((int)BIO_ctrl_pending(bio1), 0);
  13823. /* write the other direction with pair */
  13824. AssertIntEQ((int)BIO_nwrite(bio2, &bufPt, 10), 8);
  13825. XMEMCPY(bufPt, buff, 8);
  13826. AssertIntEQ(BIO_write(bio2, buff, 10), WOLFSSL_BIO_ERROR);
  13827. /* try read */
  13828. AssertIntEQ((int)BIO_ctrl_pending(bio1), 8);
  13829. AssertIntEQ((int)BIO_ctrl_pending(bio2), 20);
  13830. AssertIntEQ(BIO_nread(bio2, &bufPt, (int)BIO_ctrl_pending(bio2)), 20);
  13831. for (i = 0; i < 20; i++) {
  13832. AssertIntEQ((int)bufPt[i], i);
  13833. }
  13834. AssertIntEQ(BIO_nread(bio2, &bufPt, 1), WOLFSSL_BIO_ERROR);
  13835. AssertIntEQ(BIO_nread(bio1, &bufPt, (int)BIO_ctrl_pending(bio1)), 8);
  13836. for (i = 0; i < 8; i++) {
  13837. AssertIntEQ((int)bufPt[i], i);
  13838. }
  13839. AssertIntEQ(BIO_nread(bio1, &bufPt, 1), WOLFSSL_BIO_ERROR);
  13840. AssertIntEQ(BIO_ctrl_reset_read_request(bio1), 1);
  13841. /* new pair */
  13842. AssertIntEQ(BIO_make_bio_pair(bio1, bio3), WOLFSSL_FAILURE);
  13843. BIO_free(bio2); /* free bio2 and automaticly remove from pair */
  13844. AssertIntEQ(BIO_make_bio_pair(bio1, bio3), WOLFSSL_SUCCESS);
  13845. AssertIntEQ((int)BIO_ctrl_pending(bio3), 0);
  13846. AssertIntEQ(BIO_nread(bio3, &bufPt, 10), WOLFSSL_BIO_ERROR);
  13847. /* test wrap around... */
  13848. AssertIntEQ(BIO_reset(bio1), 0);
  13849. AssertIntEQ(BIO_reset(bio3), 0);
  13850. /* fill write buffer, read only small amount then write again */
  13851. AssertIntEQ(BIO_nwrite(bio1, &bufPt, 20), 20);
  13852. XMEMCPY(bufPt, buff, 20);
  13853. AssertIntEQ(BIO_nread(bio3, &bufPt, 4), 4);
  13854. for (i = 0; i < 4; i++) {
  13855. AssertIntEQ(bufPt[i], i);
  13856. }
  13857. /* try writing over read index */
  13858. AssertIntEQ(BIO_nwrite(bio1, &bufPt, 5), 4);
  13859. XMEMSET(bufPt, 0, 4);
  13860. AssertIntEQ((int)BIO_ctrl_pending(bio3), 20);
  13861. /* read and write 0 bytes */
  13862. AssertIntEQ(BIO_nread(bio3, &bufPt, 0), 0);
  13863. AssertIntEQ(BIO_nwrite(bio1, &bufPt, 0), 0);
  13864. /* should read only to end of write buffer then need to read again */
  13865. AssertIntEQ(BIO_nread(bio3, &bufPt, 20), 16);
  13866. for (i = 0; i < 16; i++) {
  13867. AssertIntEQ(bufPt[i], buff[4 + i]);
  13868. }
  13869. AssertIntEQ(BIO_nread(bio3, NULL, 0), WOLFSSL_FAILURE);
  13870. AssertIntEQ(BIO_nread0(bio3, &bufPt), 4);
  13871. for (i = 0; i < 4; i++) {
  13872. AssertIntEQ(bufPt[i], 0);
  13873. }
  13874. /* read index should not have advanced with nread0 */
  13875. AssertIntEQ(BIO_nread(bio3, &bufPt, 5), 4);
  13876. for (i = 0; i < 4; i++) {
  13877. AssertIntEQ(bufPt[i], 0);
  13878. }
  13879. /* write and fill up buffer checking reset of index state */
  13880. AssertIntEQ(BIO_nwrite(bio1, &bufPt, 20), 20);
  13881. XMEMCPY(bufPt, buff, 20);
  13882. /* test reset on data in bio1 write buffer */
  13883. AssertIntEQ(BIO_reset(bio1), 0);
  13884. AssertIntEQ((int)BIO_ctrl_pending(bio3), 0);
  13885. AssertIntEQ(BIO_nread(bio3, &bufPt, 3), WOLFSSL_BIO_ERROR);
  13886. AssertIntEQ(BIO_nwrite(bio1, &bufPt, 20), 20);
  13887. XMEMCPY(bufPt, buff, 20);
  13888. AssertIntEQ(BIO_nread(bio3, &bufPt, 6), 6);
  13889. for (i = 0; i < 6; i++) {
  13890. AssertIntEQ(bufPt[i], i);
  13891. }
  13892. /* test case of writing twice with offset read index */
  13893. AssertIntEQ(BIO_nwrite(bio1, &bufPt, 3), 3);
  13894. AssertIntEQ(BIO_nwrite(bio1, &bufPt, 4), 3); /* try overwriting */
  13895. AssertIntEQ(BIO_nwrite(bio1, &bufPt, 4), WOLFSSL_BIO_ERROR);
  13896. AssertIntEQ(BIO_nread(bio3, &bufPt, 0), 0);
  13897. AssertIntEQ(BIO_nwrite(bio1, &bufPt, 4), WOLFSSL_BIO_ERROR);
  13898. AssertIntEQ(BIO_nread(bio3, &bufPt, 1), 1);
  13899. AssertIntEQ(BIO_nwrite(bio1, &bufPt, 4), 1);
  13900. AssertIntEQ(BIO_nwrite(bio1, &bufPt, 4), WOLFSSL_BIO_ERROR);
  13901. BIO_free(bio1);
  13902. BIO_free(bio3);
  13903. /* BIOs with file pointers */
  13904. #if !defined(NO_FILESYSTEM)
  13905. {
  13906. XFILE f1;
  13907. XFILE f2;
  13908. BIO* f_bio1;
  13909. BIO* f_bio2;
  13910. unsigned char cert[300];
  13911. char testFile[] = "tests/bio_write_test.txt";
  13912. char msg[] = "bio_write_test.txt contains the first 300 bytes of certs/server-cert.pem\ncreated by tests/unit.test\n\n";
  13913. AssertNotNull(f_bio1 = BIO_new(BIO_s_file()));
  13914. AssertNotNull(f_bio2 = BIO_new(BIO_s_file()));
  13915. AssertIntEQ((int)BIO_set_mem_eof_return(f_bio1, -1), 0);
  13916. AssertIntEQ((int)BIO_set_mem_eof_return(NULL, -1), 0);
  13917. f1 = XFOPEN(svrCertFile, "rwb");
  13918. AssertIntEQ((int)BIO_set_fp(f_bio1, f1, BIO_CLOSE), WOLFSSL_SUCCESS);
  13919. AssertIntEQ(BIO_write_filename(f_bio2, testFile),
  13920. WOLFSSL_SUCCESS);
  13921. AssertIntEQ(BIO_read(f_bio1, cert, sizeof(cert)), sizeof(cert));
  13922. AssertIntEQ(BIO_write(f_bio2, msg, sizeof(msg)), sizeof(msg));
  13923. AssertIntEQ(BIO_write(f_bio2, cert, sizeof(cert)), sizeof(cert));
  13924. AssertIntEQ((int)BIO_get_fp(f_bio2, &f2), WOLFSSL_SUCCESS);
  13925. AssertIntEQ(BIO_reset(f_bio2), 0);
  13926. AssertIntEQ(BIO_seek(f_bio2, 4), 0);
  13927. BIO_free(f_bio1);
  13928. BIO_free(f_bio2);
  13929. AssertNotNull(f_bio1 = BIO_new_file(svrCertFile, "rwb"));
  13930. AssertIntEQ((int)BIO_set_mem_eof_return(f_bio1, -1), 0);
  13931. AssertIntEQ(BIO_read(f_bio1, cert, sizeof(cert)), sizeof(cert));
  13932. BIO_free(f_bio1);
  13933. }
  13934. #endif /* !defined(NO_FILESYSTEM) */
  13935. printf(resultFmt, passed);
  13936. #endif
  13937. }
  13938. static void test_wolfSSL_ASN1_STRING(void)
  13939. {
  13940. #if defined(OPENSSL_EXTRA)
  13941. ASN1_STRING* str = NULL;
  13942. const char data[] = "hello wolfSSL";
  13943. printf(testingFmt, "wolfSSL_ASN1_STRING()");
  13944. AssertNotNull(str = ASN1_STRING_type_new(V_ASN1_OCTET_STRING));
  13945. AssertIntEQ(ASN1_STRING_set(str, (const void*)data, sizeof(data)), 1);
  13946. AssertIntEQ(ASN1_STRING_set(str, (const void*)data, -1), 1);
  13947. AssertIntEQ(ASN1_STRING_set(str, NULL, -1), 0);
  13948. ASN1_STRING_free(str);
  13949. printf(resultFmt, passed);
  13950. #endif
  13951. }
  13952. static void test_wolfSSL_DES_ecb_encrypt(void)
  13953. {
  13954. #if defined(OPENSSL_EXTRA) && !defined(NO_DES3) && defined(WOLFSSL_DES_ECB)
  13955. WOLFSSL_DES_cblock input1,input2,output1,output2,back1,back2;
  13956. WOLFSSL_DES_key_schedule key;
  13957. printf(testingFmt, "wolfSSL_DES_ecb_encrypt()");
  13958. XMEMCPY(key,"12345678",sizeof(WOLFSSL_DES_key_schedule));
  13959. XMEMCPY(input1, "Iamhuman",sizeof(WOLFSSL_DES_cblock));
  13960. XMEMCPY(input2, "Whoisit?",sizeof(WOLFSSL_DES_cblock));
  13961. XMEMSET(output1, 0, sizeof(WOLFSSL_DES_cblock));
  13962. XMEMSET(output2, 0, sizeof(WOLFSSL_DES_cblock));
  13963. XMEMSET(back1, 0, sizeof(WOLFSSL_DES_cblock));
  13964. XMEMSET(back2, 0, sizeof(WOLFSSL_DES_cblock));
  13965. /* Encrypt messages */
  13966. wolfSSL_DES_ecb_encrypt(&input1,&output1,&key,DES_ENCRYPT);
  13967. wolfSSL_DES_ecb_encrypt(&input2,&output2,&key,DES_ENCRYPT);
  13968. /* Decrypt messages */
  13969. int ret1 = 0;
  13970. int ret2 = 0;
  13971. wolfSSL_DES_ecb_encrypt(&output1,&back1,&key,DES_DECRYPT);
  13972. ret1 = XMEMCMP((unsigned char *) back1,(unsigned char *) input1,sizeof(WOLFSSL_DES_cblock));
  13973. AssertIntEQ(ret1,0);
  13974. wolfSSL_DES_ecb_encrypt(&output2,&back2,&key,DES_DECRYPT);
  13975. ret2 = XMEMCMP((unsigned char *) back2,(unsigned char *) input2,sizeof(WOLFSSL_DES_cblock));
  13976. AssertIntEQ(ret2,0);
  13977. printf(resultFmt, passed);
  13978. #endif
  13979. }
  13980. static void test_wolfSSL_ASN1_TIME_adj(void)
  13981. {
  13982. #if defined(OPENSSL_EXTRA) && !defined(NO_ASN1_TIME) \
  13983. && !defined(USER_TIME) && !defined(TIME_OVERRIDES)
  13984. const int year = 365*24*60*60;
  13985. const int day = 24*60*60;
  13986. const int hour = 60*60;
  13987. const int mini = 60;
  13988. const byte asn_utc_time = ASN_UTC_TIME;
  13989. #if !defined(TIME_T_NOT_LONG) && !defined(NO_64BIT)
  13990. const byte asn_gen_time = ASN_GENERALIZED_TIME;
  13991. #endif
  13992. WOLFSSL_ASN1_TIME *asn_time, *s;
  13993. int offset_day;
  13994. long offset_sec;
  13995. char date_str[20];
  13996. time_t t;
  13997. printf(testingFmt, "wolfSSL_ASN1_TIME_adj()");
  13998. s = (WOLFSSL_ASN1_TIME*)XMALLOC(sizeof(WOLFSSL_ASN1_TIME), NULL,
  13999. DYNAMIC_TYPE_OPENSSL);
  14000. /* UTC notation test */
  14001. /* 2000/2/15 20:30:00 */
  14002. t = (time_t)30 * year + 45 * day + 20 * hour + 30 * mini + 7 * day;
  14003. offset_day = 7;
  14004. offset_sec = 45 * mini;
  14005. /* offset_sec = -45 * min;*/
  14006. asn_time = wolfSSL_ASN1_TIME_adj(s, t, offset_day, offset_sec);
  14007. AssertTrue(asn_time->data[0] == asn_utc_time);
  14008. XSTRNCPY(date_str,(const char*) &asn_time->data+2,13);
  14009. AssertIntEQ(0, XMEMCMP(date_str, "000222211500Z", 13));
  14010. /* negative offset */
  14011. offset_sec = -45 * mini;
  14012. asn_time = wolfSSL_ASN1_TIME_adj(s, t, offset_day, offset_sec);
  14013. AssertTrue(asn_time->data[0] == asn_utc_time);
  14014. XSTRNCPY(date_str,(const char*) &asn_time->data+2,13);
  14015. AssertIntEQ(0, XMEMCMP(date_str, "000222194500Z", 13));
  14016. XFREE(s,NULL,DYNAMIC_TYPE_OPENSSL);
  14017. XMEMSET(date_str, 0, sizeof(date_str));
  14018. /* Generalized time will overflow time_t if not long */
  14019. #if !defined(TIME_T_NOT_LONG) && !defined(NO_64BIT)
  14020. s = (WOLFSSL_ASN1_TIME*)XMALLOC(sizeof(WOLFSSL_ASN1_TIME), NULL,
  14021. DYNAMIC_TYPE_OPENSSL);
  14022. /* GeneralizedTime notation test */
  14023. /* 2055/03/01 09:00:00 */
  14024. t = (time_t)85 * year + 59 * day + 9 * hour + 21 * day;
  14025. offset_day = 12;
  14026. offset_sec = 10 * mini;
  14027. asn_time = wolfSSL_ASN1_TIME_adj(s, t, offset_day, offset_sec);
  14028. AssertTrue(asn_time->data[0] == asn_gen_time);
  14029. XSTRNCPY(date_str,(const char*) &asn_time->data+2, 15);
  14030. AssertIntEQ(0, XMEMCMP(date_str, "20550313091000Z", 15));
  14031. XFREE(s,NULL,DYNAMIC_TYPE_OPENSSL);
  14032. XMEMSET(date_str, 0, sizeof(date_str));
  14033. #endif /* !TIME_T_NOT_LONG && !NO_64BIT */
  14034. /* if WOLFSSL_ASN1_TIME struct is not allocated */
  14035. s = NULL;
  14036. t = (time_t)30 * year + 45 * day + 20 * hour + 30 * mini + 15 + 7 * day;
  14037. offset_day = 7;
  14038. offset_sec = 45 * mini;
  14039. asn_time = wolfSSL_ASN1_TIME_adj(s, t, offset_day, offset_sec);
  14040. AssertTrue(asn_time->data[0] == asn_utc_time);
  14041. XSTRNCPY(date_str,(const char*) &asn_time->data+2,13);
  14042. AssertIntEQ(0, XMEMCMP(date_str, "000222211515Z", 13));
  14043. XFREE(asn_time,NULL,DYNAMIC_TYPE_OPENSSL);
  14044. asn_time = wolfSSL_ASN1_TIME_adj(NULL, t, offset_day, offset_sec);
  14045. AssertTrue(asn_time->data[0] == asn_utc_time);
  14046. XSTRNCPY(date_str,(const char*) &asn_time->data+2,13);
  14047. AssertIntEQ(0, XMEMCMP(date_str, "000222211515Z", 13));
  14048. XFREE(asn_time,NULL,DYNAMIC_TYPE_OPENSSL);
  14049. printf(resultFmt, passed);
  14050. #endif
  14051. }
  14052. static void test_wolfSSL_X509(void)
  14053. {
  14054. #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM)\
  14055. && !defined(NO_RSA)
  14056. X509* x509;
  14057. BIO* bio;
  14058. X509_STORE_CTX* ctx;
  14059. X509_STORE* store;
  14060. printf(testingFmt, "wolfSSL_X509()");
  14061. AssertNotNull(x509 = X509_new());
  14062. X509_free(x509);
  14063. x509 = wolfSSL_X509_load_certificate_file(cliCertFile, SSL_FILETYPE_PEM);
  14064. AssertNotNull(bio = BIO_new(BIO_s_mem()));
  14065. AssertIntEQ(i2d_X509_bio(bio, x509), SSL_SUCCESS);
  14066. AssertNotNull(ctx = X509_STORE_CTX_new());
  14067. AssertIntEQ(X509_verify_cert(ctx), SSL_FATAL_ERROR);
  14068. AssertNotNull(store = X509_STORE_new());
  14069. AssertIntEQ(X509_STORE_add_cert(store, x509), SSL_SUCCESS);
  14070. AssertIntEQ(X509_STORE_CTX_init(ctx, store, x509, NULL), SSL_SUCCESS);
  14071. AssertIntEQ(X509_verify_cert(ctx), SSL_SUCCESS);
  14072. X509_STORE_CTX_free(ctx);
  14073. BIO_free(bio);
  14074. printf(resultFmt, passed);
  14075. #endif
  14076. }
  14077. static void test_wolfSSL_RAND(void)
  14078. {
  14079. #if defined(OPENSSL_EXTRA)
  14080. byte seed[16];
  14081. printf(testingFmt, "wolfSSL_RAND()");
  14082. RAND_seed(seed, sizeof(seed));
  14083. RAND_cleanup();
  14084. AssertIntEQ(RAND_egd(NULL), -1);
  14085. #ifndef NO_FILESYSTEM
  14086. {
  14087. char fname[100];
  14088. AssertNotNull(RAND_file_name(fname, (sizeof(fname) - 1)));
  14089. AssertIntEQ(RAND_write_file(NULL), 0);
  14090. }
  14091. #endif
  14092. printf(resultFmt, passed);
  14093. #endif
  14094. }
  14095. static void test_wolfSSL_BUF(void)
  14096. {
  14097. #if defined(OPENSSL_EXTRA)
  14098. BUF_MEM* buf;
  14099. AssertNotNull(buf = BUF_MEM_new());
  14100. AssertIntEQ(BUF_MEM_grow(buf, 10), 10);
  14101. AssertIntEQ(BUF_MEM_grow(buf, -1), 0);
  14102. BUF_MEM_free(buf);
  14103. #endif /* OPENSSL_EXTRA */
  14104. }
  14105. static void test_wolfSSL_pseudo_rand(void)
  14106. {
  14107. #if defined(OPENSSL_EXTRA)
  14108. BIGNUM* bn;
  14109. unsigned char bin[8];
  14110. int i;
  14111. printf(testingFmt, "wolfSSL_pseudo_rand()");
  14112. /* BN_pseudo_rand returns 1 on success 0 on failure
  14113. * int BN_pseudo_rand(BIGNUM* bn, int bits, int top, int bottom) */
  14114. for (i = 0; i < 10; i++) {
  14115. AssertNotNull(bn = BN_new());
  14116. AssertIntEQ(BN_pseudo_rand(bn, 8, 0, 0), SSL_SUCCESS);
  14117. AssertIntGT(BN_bn2bin(bn, bin),0);
  14118. AssertIntEQ((bin[0] & 0x80), 0x80); /* top bit should be set */
  14119. BN_free(bn);
  14120. }
  14121. for (i = 0; i < 10; i++) {
  14122. AssertNotNull(bn = BN_new());
  14123. AssertIntEQ(BN_pseudo_rand(bn, 8, 1, 1), SSL_SUCCESS);
  14124. AssertIntGT(BN_bn2bin(bn, bin),0);
  14125. AssertIntEQ((bin[0] & 0xc1), 0xc1); /* top bit should be set */
  14126. BN_free(bn);
  14127. }
  14128. printf(resultFmt, passed);
  14129. #endif
  14130. }
  14131. static void test_wolfSSL_pkcs8(void)
  14132. {
  14133. #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && defined(HAVE_ECC)
  14134. PKCS8_PRIV_KEY_INFO* pt;
  14135. BIO* bio;
  14136. FILE* f;
  14137. int bytes;
  14138. char buffer[512];
  14139. printf(testingFmt, "wolfSSL_pkcs8()");
  14140. /* file from wolfssl/certs/ directory */
  14141. AssertNotNull(f = fopen("./certs/ecc-keyPkcs8.pem", "rb"));
  14142. AssertIntGT((bytes = (int)fread(buffer, 1, sizeof(buffer), f)), 0);
  14143. fclose(f);
  14144. AssertNotNull(bio = BIO_new_mem_buf((void*)buffer, bytes));
  14145. AssertNotNull(pt = d2i_PKCS8_PRIV_KEY_INFO_bio(bio, NULL));
  14146. BIO_free(bio);
  14147. PKCS8_PRIV_KEY_INFO_free(pt);
  14148. printf(resultFmt, passed);
  14149. #endif
  14150. }
  14151. static void test_wolfSSL_ERR_put_error(void)
  14152. {
  14153. #if defined(OPENSSL_EXTRA) && defined(DEBUG_WOLFSSL)
  14154. const char* file;
  14155. int line;
  14156. printf(testingFmt, "wolfSSL_ERR_put_error()");
  14157. ERR_clear_error(); /* clear out any error nodes */
  14158. ERR_put_error(0,SYS_F_ACCEPT, 0, "this file", 0);
  14159. AssertIntEQ(ERR_get_error_line(&file, &line), 0);
  14160. ERR_put_error(0,SYS_F_BIND, 1, "this file", 1);
  14161. AssertIntEQ(ERR_get_error_line(&file, &line), 1);
  14162. ERR_put_error(0,SYS_F_CONNECT, 2, "this file", 2);
  14163. AssertIntEQ(ERR_get_error_line(&file, &line), 2);
  14164. ERR_put_error(0,SYS_F_FOPEN, 3, "this file", 3);
  14165. AssertIntEQ(ERR_get_error_line(&file, &line), 3);
  14166. ERR_put_error(0,SYS_F_FREAD, 4, "this file", 4);
  14167. AssertIntEQ(ERR_get_error_line(&file, &line), 4);
  14168. ERR_put_error(0,SYS_F_GETADDRINFO, 5, "this file", 5);
  14169. AssertIntEQ(ERR_get_error_line(&file, &line), 5);
  14170. ERR_put_error(0,SYS_F_GETSOCKOPT, 6, "this file", 6);
  14171. AssertIntEQ(ERR_get_error_line(&file, &line), 6);
  14172. ERR_put_error(0,SYS_F_GETSOCKNAME, 7, "this file", 7);
  14173. AssertIntEQ(ERR_get_error_line(&file, &line), 7);
  14174. ERR_put_error(0,SYS_F_GETHOSTBYNAME, 8, "this file", 8);
  14175. AssertIntEQ(ERR_get_error_line(&file, &line), 8);
  14176. ERR_put_error(0,SYS_F_GETNAMEINFO, 9, "this file", 9);
  14177. AssertIntEQ(ERR_get_error_line(&file, &line), 9);
  14178. ERR_put_error(0,SYS_F_GETSERVBYNAME, 10, "this file", 10);
  14179. AssertIntEQ(ERR_get_error_line(&file, &line), 10);
  14180. ERR_put_error(0,SYS_F_IOCTLSOCKET, 11, "this file", 11);
  14181. AssertIntEQ(ERR_get_error_line(&file, &line), 11);
  14182. ERR_put_error(0,SYS_F_LISTEN, 12, "this file", 12);
  14183. AssertIntEQ(ERR_get_error_line(&file, &line), 12);
  14184. ERR_put_error(0,SYS_F_OPENDIR, 13, "this file", 13);
  14185. AssertIntEQ(ERR_get_error_line(&file, &line), 13);
  14186. ERR_put_error(0,SYS_F_SETSOCKOPT, 14, "this file", 14);
  14187. AssertIntEQ(ERR_get_error_line(&file, &line), 14);
  14188. ERR_put_error(0,SYS_F_SOCKET, 15, "this file", 15);
  14189. AssertIntEQ(ERR_get_error_line(&file, &line), 15);
  14190. /* try reading past end of error queue */
  14191. file = NULL;
  14192. AssertIntEQ(ERR_get_error_line(&file, &line), 0);
  14193. AssertNull(file);
  14194. AssertIntEQ(ERR_get_error_line_data(&file, &line, NULL, NULL), 0);
  14195. /* Empty and free up all error nodes */
  14196. ERR_clear_error();
  14197. printf(resultFmt, passed);
  14198. #endif
  14199. }
  14200. static void test_wolfSSL_HMAC(void)
  14201. {
  14202. #if defined(OPENSSL_EXTRA) && !defined(NO_SHA256)
  14203. HMAC_CTX hmac;
  14204. ENGINE* e = NULL;
  14205. const unsigned char key[] = "simple test key";
  14206. unsigned char hash[WC_MAX_DIGEST_SIZE];
  14207. unsigned int len;
  14208. printf(testingFmt, "wolfSSL_HMAC()");
  14209. HMAC_CTX_init(&hmac);
  14210. AssertIntEQ(HMAC_Init_ex(&hmac, (void*)key, (int)sizeof(key),
  14211. EVP_sha256(), e), SSL_SUCCESS);
  14212. /* re-using test key as data to hash */
  14213. AssertIntEQ(HMAC_Update(&hmac, key, (int)sizeof(key)), SSL_SUCCESS);
  14214. AssertIntEQ(HMAC_Update(&hmac, NULL, 0), SSL_SUCCESS);
  14215. AssertIntEQ(HMAC_Final(&hmac, hash, &len), SSL_SUCCESS);
  14216. AssertIntEQ(len, (int)WC_SHA256_DIGEST_SIZE);
  14217. HMAC_cleanup(&hmac);
  14218. #endif
  14219. #if defined(OPENSSL_EXTRA) && !defined(NO_SHA256)
  14220. len = 0;
  14221. AssertNotNull(HMAC(EVP_sha256(), key, (int)sizeof(key), NULL, 0, hash, &len));
  14222. AssertIntEQ(len, (int)WC_SHA256_DIGEST_SIZE);
  14223. #endif
  14224. #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA224)
  14225. len = 0;
  14226. AssertNotNull(HMAC(EVP_sha224(), key, (int)sizeof(key), NULL, 0, hash, &len));
  14227. AssertIntEQ(len, (int)WC_SHA224_DIGEST_SIZE);
  14228. #endif
  14229. #if defined(OPENSSL_EXTRA) && (defined(WOLFSSL_SHA384) && defined(WOLFSSL_SHA512))
  14230. len = 0;
  14231. AssertNotNull(HMAC(EVP_sha384(), key, (int)sizeof(key), NULL, 0, hash, &len));
  14232. AssertIntEQ(len, (int)WC_SHA384_DIGEST_SIZE);
  14233. #endif
  14234. #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA512)
  14235. len = 0;
  14236. AssertNotNull(HMAC(EVP_sha512(), key, (int)sizeof(key), NULL, 0, hash, &len));
  14237. AssertIntEQ(len, (int)WC_SHA512_DIGEST_SIZE);
  14238. #endif
  14239. printf(resultFmt, passed);
  14240. }
  14241. static void test_wolfSSL_OBJ(void)
  14242. {
  14243. #if defined(OPENSSL_EXTRA) && !defined(NO_SHA256)
  14244. ASN1_OBJECT* obj = NULL;
  14245. char buf[50];
  14246. printf(testingFmt, "wolfSSL_OBJ()");
  14247. AssertIntEQ(OBJ_obj2txt(buf, (int)sizeof(buf), obj, 1), SSL_FAILURE);
  14248. AssertNotNull(obj = OBJ_nid2obj(NID_any_policy));
  14249. AssertIntEQ(OBJ_obj2nid(obj), NID_any_policy);
  14250. AssertIntEQ(OBJ_obj2txt(buf, (int)sizeof(buf), obj, 1), 11);
  14251. AssertIntGT(OBJ_obj2txt(buf, (int)sizeof(buf), obj, 0), 0);
  14252. ASN1_OBJECT_free(obj);
  14253. AssertNotNull(obj = OBJ_nid2obj(NID_sha256));
  14254. AssertIntEQ(OBJ_obj2nid(obj), NID_sha256);
  14255. AssertIntEQ(OBJ_obj2txt(buf, (int)sizeof(buf), obj, 1), 22);
  14256. AssertIntGT(OBJ_obj2txt(buf, (int)sizeof(buf), obj, 0), 0);
  14257. ASN1_OBJECT_free(obj);
  14258. printf(resultFmt, passed);
  14259. #endif
  14260. }
  14261. static void test_wolfSSL_X509_NAME_ENTRY(void)
  14262. {
  14263. #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) \
  14264. && !defined(NO_FILESYSTEM) && !defined(NO_RSA) && defined(WOLFSSL_CERT_GEN)
  14265. X509* x509;
  14266. BIO* bio;
  14267. X509_NAME* nm;
  14268. X509_NAME_ENTRY* entry;
  14269. unsigned char cn[] = "another name to add";
  14270. printf(testingFmt, "wolfSSL_X509_NAME_ENTRY()");
  14271. AssertNotNull(x509 =
  14272. wolfSSL_X509_load_certificate_file(cliCertFile, SSL_FILETYPE_PEM));
  14273. AssertNotNull(bio = BIO_new(BIO_s_mem()));
  14274. AssertIntEQ(PEM_write_bio_X509_AUX(bio, x509), SSL_SUCCESS);
  14275. #ifdef WOLFSSL_CERT_REQ
  14276. {
  14277. X509_REQ* req;
  14278. BIO* bReq;
  14279. AssertNotNull(req =
  14280. wolfSSL_X509_load_certificate_file(cliCertFile, SSL_FILETYPE_PEM));
  14281. AssertNotNull(bReq = BIO_new(BIO_s_mem()));
  14282. AssertIntEQ(PEM_write_bio_X509_REQ(bReq, req), SSL_SUCCESS);
  14283. BIO_free(bReq);
  14284. X509_free(req);
  14285. }
  14286. #endif
  14287. AssertNotNull(nm = X509_get_subject_name(x509));
  14288. AssertNotNull(entry = X509_NAME_ENTRY_create_by_NID(NULL, NID_commonName,
  14289. 0x0c, cn, (int)sizeof(cn)));
  14290. AssertIntEQ(X509_NAME_add_entry(nm, entry, -1, 0), SSL_SUCCESS);
  14291. X509_NAME_ENTRY_free(entry);
  14292. BIO_free(bio);
  14293. X509_free(x509);
  14294. printf(resultFmt, passed);
  14295. #endif
  14296. }
  14297. static void test_wolfSSL_BIO_gets(void)
  14298. {
  14299. #if defined(OPENSSL_EXTRA)
  14300. BIO* bio;
  14301. BIO* bio2;
  14302. char msg[] = "\nhello wolfSSL\n security plus\t---...**adf\na...b.c";
  14303. char emp[] = "";
  14304. char buffer[20];
  14305. int bufferSz = 20;
  14306. printf(testingFmt, "wolfSSL_X509_BIO_gets()");
  14307. AssertNotNull(bio = BIO_new_mem_buf((void*)msg, sizeof(msg)));
  14308. XMEMSET(buffer, 0, bufferSz);
  14309. AssertNotNull(BIO_push(bio, BIO_new(BIO_s_bio())));
  14310. AssertNull(bio2 = BIO_find_type(bio, BIO_TYPE_FILE));
  14311. AssertNotNull(bio2 = BIO_find_type(bio, BIO_TYPE_BIO));
  14312. AssertFalse(bio2 != BIO_next(bio));
  14313. /* make buffer filled with no terminating characters */
  14314. XMEMSET(buffer, 1, bufferSz);
  14315. /* BIO_gets reads a line of data */
  14316. AssertIntEQ(BIO_gets(bio, buffer, -3), 0);
  14317. AssertIntEQ(BIO_gets(bio, buffer, bufferSz), 1);
  14318. AssertIntEQ(BIO_gets(bio, buffer, bufferSz), 14);
  14319. AssertStrEQ(buffer, "hello wolfSSL\n");
  14320. AssertIntEQ(BIO_gets(bio, buffer, bufferSz), 19);
  14321. AssertIntEQ(BIO_gets(bio, buffer, bufferSz), 8);
  14322. AssertIntEQ(BIO_gets(bio, buffer, -1), 0);
  14323. /* check not null terminated string */
  14324. BIO_free(bio);
  14325. msg[0] = 0x33;
  14326. msg[1] = 0x33;
  14327. msg[2] = 0x33;
  14328. AssertNotNull(bio = BIO_new_mem_buf((void*)msg, 3));
  14329. AssertIntEQ(BIO_gets(bio, buffer, 3), 2);
  14330. AssertIntEQ(buffer[0], msg[0]);
  14331. AssertIntEQ(buffer[1], msg[1]);
  14332. AssertIntNE(buffer[2], msg[2]);
  14333. BIO_free(bio);
  14334. msg[3] = 0x33;
  14335. buffer[3] = 0x33;
  14336. AssertNotNull(bio = BIO_new_mem_buf((void*)msg, 3));
  14337. AssertIntEQ(BIO_gets(bio, buffer, bufferSz), 3);
  14338. AssertIntEQ(buffer[0], msg[0]);
  14339. AssertIntEQ(buffer[1], msg[1]);
  14340. AssertIntEQ(buffer[2], msg[2]);
  14341. AssertIntNE(buffer[3], 0x33); /* make sure null terminator was set */
  14342. /* check reading an empty string */
  14343. BIO_free(bio);
  14344. AssertNotNull(bio = BIO_new_mem_buf((void*)emp, sizeof(emp)));
  14345. AssertIntEQ(BIO_gets(bio, buffer, bufferSz), 1); /* just terminator */
  14346. AssertStrEQ(emp, buffer);
  14347. /* check error cases */
  14348. BIO_free(bio);
  14349. AssertIntEQ(BIO_gets(NULL, NULL, 0), SSL_FAILURE);
  14350. AssertNotNull(bio = BIO_new(BIO_s_mem()));
  14351. AssertIntEQ(BIO_gets(bio, buffer, 2), -1); /* nothing to read */
  14352. #if !defined(NO_FILESYSTEM)
  14353. {
  14354. BIO* f_bio;
  14355. XFILE f;
  14356. AssertNotNull(f_bio = BIO_new(BIO_s_file()));
  14357. AssertIntLE(BIO_gets(f_bio, buffer, bufferSz), 0);
  14358. f = XFOPEN(svrCertFile, "rb");
  14359. AssertIntEQ((int)BIO_set_fp(f_bio, f, BIO_CLOSE), SSL_SUCCESS);
  14360. AssertIntGT(BIO_gets(f_bio, buffer, bufferSz), 0);
  14361. BIO_free(f_bio);
  14362. }
  14363. #endif /* NO_FILESYSTEM */
  14364. BIO_free(bio);
  14365. BIO_free(bio2);
  14366. /* try with type BIO */
  14367. XMEMCPY(msg, "\nhello wolfSSL\n security plus\t---...**adf\na...b.c",
  14368. sizeof(msg));
  14369. AssertNotNull(bio = BIO_new(BIO_s_bio()));
  14370. AssertNotNull(bio2 = BIO_new(BIO_s_bio()));
  14371. AssertIntEQ(BIO_set_write_buf_size(bio, 10), SSL_SUCCESS);
  14372. AssertIntEQ(BIO_set_write_buf_size(bio2, sizeof(msg)), SSL_SUCCESS);
  14373. AssertIntEQ(BIO_make_bio_pair(bio, bio2), SSL_SUCCESS);
  14374. AssertIntEQ(BIO_write(bio2, msg, sizeof(msg)), sizeof(msg));
  14375. AssertIntEQ(BIO_gets(bio, buffer, -3), 0);
  14376. AssertIntEQ(BIO_gets(bio, buffer, bufferSz), 1);
  14377. AssertIntEQ(BIO_gets(bio, buffer, bufferSz), 14);
  14378. AssertStrEQ(buffer, "hello wolfSSL\n");
  14379. AssertIntEQ(BIO_gets(bio, buffer, bufferSz), 19);
  14380. AssertIntEQ(BIO_gets(bio, buffer, bufferSz), 8);
  14381. AssertIntEQ(BIO_gets(bio, buffer, -1), 0);
  14382. BIO_free(bio);
  14383. BIO_free(bio2);
  14384. printf(resultFmt, passed);
  14385. #endif
  14386. }
  14387. static void test_wolfSSL_BIO_write(void)
  14388. {
  14389. #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_ENCODE)
  14390. BIO* bio;
  14391. BIO* bio64;
  14392. BIO* ptr;
  14393. int sz;
  14394. char msg[] = "conversion test";
  14395. char out[40];
  14396. char expected[] = "Y29udmVyc2lvbiB0ZXN0AA==\n";
  14397. printf(testingFmt, "wolfSSL_BIO_write()");
  14398. AssertNotNull(bio64 = BIO_new(BIO_f_base64()));
  14399. AssertNotNull(bio = BIO_push(bio64, BIO_new(BIO_s_mem())));
  14400. /* now should convert to base64 then write to memory */
  14401. AssertIntEQ(BIO_write(bio, msg, sizeof(msg)), 25);
  14402. BIO_flush(bio);
  14403. AssertNotNull(ptr = BIO_find_type(bio, BIO_TYPE_MEM));
  14404. sz = sizeof(out);
  14405. XMEMSET(out, 0, sz);
  14406. AssertIntEQ((sz = BIO_read(ptr, out, sz)), 25);
  14407. AssertIntEQ(XMEMCMP(out, expected, sz), 0);
  14408. /* write then read should return the same message */
  14409. AssertIntEQ(BIO_write(bio, msg, sizeof(msg)), 25);
  14410. sz = sizeof(out);
  14411. XMEMSET(out, 0, sz);
  14412. AssertIntEQ(BIO_read(bio, out, sz), 16);
  14413. AssertIntEQ(XMEMCMP(out, msg, sizeof(msg)), 0);
  14414. /* now try encoding with no line ending */
  14415. BIO_set_flags(bio64, BIO_FLAG_BASE64_NO_NL);
  14416. AssertIntEQ(BIO_write(bio, msg, sizeof(msg)), 24);
  14417. BIO_flush(bio);
  14418. sz = sizeof(out);
  14419. XMEMSET(out, 0, sz);
  14420. AssertIntEQ((sz = BIO_read(ptr, out, sz)), 24);
  14421. AssertIntEQ(XMEMCMP(out, expected, sz), 0);
  14422. BIO_free_all(bio); /* frees bio64 also */
  14423. /* test with more than one bio64 in list */
  14424. AssertNotNull(bio64 = BIO_new(BIO_f_base64()));
  14425. AssertNotNull(bio = BIO_push(BIO_new(BIO_f_base64()), bio64));
  14426. AssertNotNull(BIO_push(bio64, BIO_new(BIO_s_mem())));
  14427. /* now should convert to base64(x2) when stored and then decode with read */
  14428. AssertIntEQ(BIO_write(bio, msg, sizeof(msg)), 37);
  14429. BIO_flush(bio);
  14430. sz = sizeof(out);
  14431. XMEMSET(out, 0, sz);
  14432. AssertIntEQ((sz = BIO_read(bio, out, sz)), 16);
  14433. AssertIntEQ(XMEMCMP(out, msg, sz), 0);
  14434. BIO_free_all(bio); /* frees bio64s also */
  14435. printf(resultFmt, passed);
  14436. #endif
  14437. }
  14438. static void test_wolfSSL_SESSION(void)
  14439. {
  14440. #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
  14441. !defined(NO_RSA) && defined(HAVE_EXT_CACHE) && \
  14442. defined(HAVE_IO_TESTS_DEPENDENCIES)
  14443. WOLFSSL* ssl;
  14444. WOLFSSL_CTX* ctx;
  14445. WOLFSSL_SESSION* sess;
  14446. const unsigned char context[] = "user app context";
  14447. unsigned char* sessDer = NULL;
  14448. unsigned char* ptr = NULL;
  14449. unsigned int contextSz = (unsigned int)sizeof(context);
  14450. int ret, err, sockfd, sz;
  14451. tcp_ready ready;
  14452. func_args server_args;
  14453. THREAD_TYPE serverThread;
  14454. printf(testingFmt, "wolfSSL_SESSION()");
  14455. AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
  14456. AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, SSL_FILETYPE_PEM));
  14457. AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, SSL_FILETYPE_PEM));
  14458. AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0), SSL_SUCCESS);
  14459. #ifdef WOLFSSL_ENCRYPTED_KEYS
  14460. wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
  14461. #endif
  14462. XMEMSET(&server_args, 0, sizeof(func_args));
  14463. #ifdef WOLFSSL_TIRTOS
  14464. fdOpenSession(Task_self());
  14465. #endif
  14466. StartTCP();
  14467. InitTcpReady(&ready);
  14468. #if defined(USE_WINDOWS_API)
  14469. /* use RNG to get random port if using windows */
  14470. ready.port = GetRandomPort();
  14471. #endif
  14472. server_args.signal = &ready;
  14473. start_thread(test_server_nofail, &server_args, &serverThread);
  14474. wait_tcp_ready(&server_args);
  14475. /* client connection */
  14476. ssl = wolfSSL_new(ctx);
  14477. tcp_connect(&sockfd, wolfSSLIP, ready.port, 0, 0, ssl);
  14478. AssertIntEQ(wolfSSL_set_fd(ssl, sockfd), SSL_SUCCESS);
  14479. err = 0; /* Reset error */
  14480. do {
  14481. #ifdef WOLFSSL_ASYNC_CRYPT
  14482. if (err == WC_PENDING_E) {
  14483. ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
  14484. if (ret < 0) { break; } else if (ret == 0) { continue; }
  14485. }
  14486. #endif
  14487. ret = wolfSSL_connect(ssl);
  14488. if (ret != SSL_SUCCESS) {
  14489. err = wolfSSL_get_error(ssl, 0);
  14490. }
  14491. } while (ret != SSL_SUCCESS && err == WC_PENDING_E);
  14492. AssertIntEQ(ret, SSL_SUCCESS);
  14493. sess = wolfSSL_get_session(ssl);
  14494. wolfSSL_shutdown(ssl);
  14495. wolfSSL_free(ssl);
  14496. join_thread(serverThread);
  14497. FreeTcpReady(&ready);
  14498. #ifdef WOLFSSL_TIRTOS
  14499. fdOpenSession(Task_self());
  14500. #endif
  14501. /* get session from DER and update the timeout */
  14502. AssertIntEQ(wolfSSL_i2d_SSL_SESSION(NULL, &sessDer), BAD_FUNC_ARG);
  14503. AssertIntGT((sz = wolfSSL_i2d_SSL_SESSION(sess, &sessDer)), 0);
  14504. wolfSSL_SESSION_free(sess);
  14505. ptr = sessDer;
  14506. AssertNull(sess = wolfSSL_d2i_SSL_SESSION(NULL, NULL, sz));
  14507. AssertNotNull(sess = wolfSSL_d2i_SSL_SESSION(NULL,
  14508. (const unsigned char**)&ptr, sz));
  14509. XFREE(sessDer, NULL, DYNAMIC_TYPE_OPENSSL);
  14510. AssertIntGT(wolfSSL_SESSION_get_time(sess), 0);
  14511. AssertIntEQ(wolfSSL_SSL_SESSION_set_timeout(sess, 500), SSL_SUCCESS);
  14512. /* successful set session test */
  14513. AssertNotNull(ssl = wolfSSL_new(ctx));
  14514. AssertIntEQ(wolfSSL_set_session(ssl, sess), SSL_SUCCESS);
  14515. /* fail case with miss match session context IDs (use compatibility API) */
  14516. AssertIntEQ(SSL_set_session_id_context(ssl, context, contextSz),
  14517. SSL_SUCCESS);
  14518. AssertIntEQ(wolfSSL_set_session(ssl, sess), SSL_FAILURE);
  14519. wolfSSL_free(ssl);
  14520. AssertIntEQ(SSL_CTX_set_session_id_context(NULL, context, contextSz),
  14521. SSL_FAILURE);
  14522. AssertIntEQ(SSL_CTX_set_session_id_context(ctx, context, contextSz),
  14523. SSL_SUCCESS);
  14524. AssertNotNull(ssl = wolfSSL_new(ctx));
  14525. AssertIntEQ(wolfSSL_set_session(ssl, sess), SSL_FAILURE);
  14526. wolfSSL_free(ssl);
  14527. SSL_SESSION_free(sess);
  14528. wolfSSL_CTX_free(ctx);
  14529. printf(resultFmt, passed);
  14530. #endif
  14531. }
  14532. static void test_wolfSSL_d2i_PUBKEY(void)
  14533. {
  14534. #if defined(OPENSSL_EXTRA)
  14535. BIO* bio;
  14536. EVP_PKEY* pkey;
  14537. printf(testingFmt, "wolfSSL_d2i_PUBKEY()");
  14538. AssertNotNull(bio = BIO_new(BIO_s_mem()));
  14539. AssertNull(d2i_PUBKEY_bio(NULL, NULL));
  14540. #if defined(USE_CERT_BUFFERS_2048) && !defined(NO_RSA)
  14541. /* RSA PUBKEY test */
  14542. AssertIntGT(BIO_write(bio, client_keypub_der_2048,
  14543. sizeof_client_keypub_der_2048), 0);
  14544. AssertNotNull(pkey = d2i_PUBKEY_bio(bio, NULL));
  14545. EVP_PKEY_free(pkey);
  14546. #endif
  14547. #if defined(USE_CERT_BUFFERS_256) && defined(HAVE_ECC)
  14548. /* ECC PUBKEY test */
  14549. AssertIntGT(BIO_write(bio, ecc_clikeypub_der_256,
  14550. sizeof_ecc_clikeypub_der_256), 0);
  14551. AssertNotNull(pkey = d2i_PUBKEY_bio(bio, NULL));
  14552. EVP_PKEY_free(pkey);
  14553. #endif
  14554. BIO_free(bio);
  14555. (void)pkey;
  14556. printf(resultFmt, passed);
  14557. #endif
  14558. }
  14559. static void test_wolfSSL_sk_GENERAL_NAME(void)
  14560. {
  14561. #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
  14562. !defined(NO_RSA)
  14563. X509* x509;
  14564. unsigned char buf[4096];
  14565. const unsigned char* bufPt;
  14566. int bytes;
  14567. XFILE f;
  14568. STACK_OF(GENERAL_NAME)* sk;
  14569. printf(testingFmt, "wolfSSL_sk_GENERAL_NAME()");
  14570. AssertNotNull(f = XFOPEN(cliCertDerFile, "rb"));
  14571. AssertIntGT((bytes = (int)XFREAD(buf, 1, sizeof(buf), f)), 0);
  14572. XFCLOSE(f);
  14573. bufPt = buf;
  14574. AssertNotNull(x509 = d2i_X509(NULL, &bufPt, bytes));
  14575. /* current cert has no alt names */
  14576. AssertNull(sk = (WOLF_STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509,
  14577. NID_subject_alt_name, NULL, NULL));
  14578. AssertIntEQ(sk_GENERAL_NAME_num(sk), -1);
  14579. #if 0
  14580. for (i = 0; i < sk_GENERAL_NAME_num(sk); i++) {
  14581. GENERAL_NAME* gn = sk_GENERAL_NAME_value(sk, i);
  14582. if (gn == NULL) {
  14583. printf("massive falure\n");
  14584. return -1;
  14585. }
  14586. if (gn->type == GEN_DNS) {
  14587. printf("found type GEN_DNS\n");
  14588. printf("length = %d\n", gn->d.ia5->length);
  14589. printf("data = %s\n", (char*)gn->d.ia5->data);
  14590. }
  14591. if (gn->type == GEN_EMAIL) {
  14592. printf("found type GEN_EMAIL\n");
  14593. printf("length = %d\n", gn->d.ia5->length);
  14594. printf("data = %s\n", (char*)gn->d.ia5->data);
  14595. }
  14596. if (gn->type == GEN_URI) {
  14597. printf("found type GEN_URI\n");
  14598. printf("length = %d\n", gn->d.ia5->length);
  14599. printf("data = %s\n", (char*)gn->d.ia5->data);
  14600. }
  14601. }
  14602. #endif
  14603. X509_free(x509);
  14604. sk_GENERAL_NAME_pop_free(sk, GENERAL_NAME_free);
  14605. printf(resultFmt, passed);
  14606. #endif
  14607. }
  14608. static void test_wolfSSL_MD4(void)
  14609. {
  14610. #if defined(OPENSSL_EXTRA) && !defined(NO_MD4)
  14611. MD4_CTX md4;
  14612. unsigned char out[16]; /* MD4_DIGEST_SIZE */
  14613. const char* msg = "12345678901234567890123456789012345678901234567890123456"
  14614. "789012345678901234567890";
  14615. const char* test = "\xe3\x3b\x4d\xdc\x9c\x38\xf2\x19\x9c\x3e\x7b\x16\x4f"
  14616. "\xcc\x05\x36";
  14617. int msgSz = (int)XSTRLEN(msg);
  14618. printf(testingFmt, "wolfSSL_MD4()");
  14619. XMEMSET(out, 0, sizeof(out));
  14620. MD4_Init(&md4);
  14621. MD4_Update(&md4, (const void*)msg, (unsigned long)msgSz);
  14622. MD4_Final(out, &md4);
  14623. AssertIntEQ(XMEMCMP(out, test, sizeof(out)), 0);
  14624. printf(resultFmt, passed);
  14625. #endif
  14626. }
  14627. static void test_wolfSSL_RSA(void)
  14628. {
  14629. #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
  14630. RSA* rsa;
  14631. printf(testingFmt, "wolfSSL_RSA()");
  14632. AssertNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
  14633. AssertIntEQ(RSA_size(rsa), 256);
  14634. RSA_free(rsa);
  14635. AssertNotNull(rsa = RSA_generate_key(3072, 17, NULL, NULL));
  14636. AssertIntEQ(RSA_size(rsa), 384);
  14637. RSA_free(rsa);
  14638. /* remove for now with odd key size until adjusting rsa key size check with
  14639. wc_MakeRsaKey()
  14640. AssertNotNull(rsa = RSA_generate_key(2999, 65537, NULL, NULL));
  14641. RSA_free(rsa);
  14642. */
  14643. AssertNull(RSA_generate_key(-1, 3, NULL, NULL));
  14644. AssertNull(RSA_generate_key(511, 3, NULL, NULL)); /* RSA_MIN_SIZE - 1 */
  14645. AssertNull(RSA_generate_key(4097, 3, NULL, NULL)); /* RSA_MAX_SIZE + 1 */
  14646. AssertNull(RSA_generate_key(2048, 0, NULL, NULL));
  14647. printf(resultFmt, passed);
  14648. #endif
  14649. }
  14650. static void test_wolfSSL_verify_depth(void)
  14651. {
  14652. #if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
  14653. WOLFSSL* ssl;
  14654. WOLFSSL_CTX* ctx;
  14655. long depth;
  14656. AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
  14657. AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, SSL_FILETYPE_PEM));
  14658. AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, SSL_FILETYPE_PEM));
  14659. AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0), SSL_SUCCESS);
  14660. AssertIntGT((depth = SSL_CTX_get_verify_depth(ctx)), 0);
  14661. AssertNotNull(ssl = SSL_new(ctx));
  14662. AssertIntEQ(SSL_get_verify_depth(ssl), SSL_CTX_get_verify_depth(ctx));
  14663. SSL_free(ssl);
  14664. SSL_CTX_set_verify_depth(ctx, -1);
  14665. AssertIntEQ(depth, SSL_CTX_get_verify_depth(ctx));
  14666. SSL_CTX_set_verify_depth(ctx, 2);
  14667. AssertIntEQ(2, SSL_CTX_get_verify_depth(ctx));
  14668. AssertNotNull(ssl = SSL_new(ctx));
  14669. AssertIntEQ(2, SSL_get_verify_depth(ssl));
  14670. SSL_free(ssl);
  14671. SSL_CTX_free(ctx);
  14672. printf(resultFmt, passed);
  14673. #endif
  14674. }
  14675. #if defined(OPENSSL_EXTRA) && !defined(NO_HMAC)
  14676. /* helper function for test_wolfSSL_HMAC_CTX, digest size is expected to be a
  14677. * buffer of 64 bytes.
  14678. *
  14679. * returns the size of the digest buffer on success and a negative value on
  14680. * failure.
  14681. */
  14682. static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest)
  14683. {
  14684. HMAC_CTX ctx1;
  14685. HMAC_CTX ctx2;
  14686. unsigned char key[] = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
  14687. "\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
  14688. unsigned char long_key[] =
  14689. "0123456789012345678901234567890123456789"
  14690. "0123456789012345678901234567890123456789"
  14691. "0123456789012345678901234567890123456789"
  14692. "0123456789012345678901234567890123456789";
  14693. unsigned char msg[] = "message to hash";
  14694. unsigned int digestSz = 64;
  14695. int keySz = sizeof(key);
  14696. int long_keySz = sizeof(long_key);
  14697. int msgSz = sizeof(msg);
  14698. unsigned char digest2[64];
  14699. unsigned int digestSz2 = 64;
  14700. HMAC_CTX_init(&ctx1);
  14701. AssertIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS);
  14702. AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
  14703. AssertIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
  14704. AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
  14705. AssertIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
  14706. HMAC_CTX_cleanup(&ctx1);
  14707. AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
  14708. AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz2), SSL_SUCCESS);
  14709. HMAC_CTX_cleanup(&ctx2);
  14710. AssertIntEQ(digestSz, digestSz2);
  14711. AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
  14712. /* test HMAC_Init with NULL key */
  14713. /* init after copy */
  14714. printf("test HMAC_Init with NULL key (0)\n");
  14715. HMAC_CTX_init(&ctx1);
  14716. AssertIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS);
  14717. AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
  14718. AssertIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
  14719. AssertIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS);
  14720. AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
  14721. AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
  14722. AssertIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
  14723. AssertIntEQ(HMAC_Init(&ctx2, NULL, 0, NULL), SSL_SUCCESS);
  14724. AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
  14725. AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
  14726. AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
  14727. HMAC_CTX_cleanup(&ctx2);
  14728. AssertIntEQ(digestSz, digestSz2);
  14729. AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
  14730. /* long key */
  14731. printf("test HMAC_Init with NULL key (1)\n");
  14732. HMAC_CTX_init(&ctx1);
  14733. AssertIntEQ(HMAC_Init(&ctx1, (const void*)long_key, long_keySz, type), SSL_SUCCESS);
  14734. AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
  14735. AssertIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
  14736. AssertIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS);
  14737. AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
  14738. AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
  14739. AssertIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
  14740. AssertIntEQ(HMAC_Init(&ctx2, NULL, 0, NULL), SSL_SUCCESS);
  14741. AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
  14742. AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
  14743. AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
  14744. HMAC_CTX_cleanup(&ctx2);
  14745. AssertIntEQ(digestSz, digestSz2);
  14746. AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
  14747. /* init before copy */
  14748. printf("test HMAC_Init with NULL key (2)\n");
  14749. HMAC_CTX_init(&ctx1);
  14750. AssertIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS);
  14751. AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
  14752. AssertIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS);
  14753. AssertIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
  14754. AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
  14755. AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
  14756. AssertIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
  14757. AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
  14758. AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
  14759. AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
  14760. HMAC_CTX_cleanup(&ctx2);
  14761. AssertIntEQ(digestSz, digestSz2);
  14762. AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
  14763. return digestSz;
  14764. }
  14765. #endif /* defined(OPENSSL_EXTRA) && !defined(NO_HMAC) */
  14766. static void test_wolfSSL_HMAC_CTX(void)
  14767. {
  14768. #if defined(OPENSSL_EXTRA) && !defined(NO_HMAC)
  14769. unsigned char digest[64];
  14770. int digestSz;
  14771. printf(testingFmt, "wolfSSL_HMAC_CTX()");
  14772. #ifndef NO_SHA
  14773. AssertIntEQ((digestSz = test_HMAC_CTX_helper(EVP_sha1(), digest)), 20);
  14774. AssertIntEQ(XMEMCMP("\xD9\x68\x77\x23\x70\xFB\x53\x70\x53\xBA\x0E\xDC\xDA"
  14775. "\xBF\x03\x98\x31\x19\xB2\xCC", digest, digestSz), 0);
  14776. #endif /* !NO_SHA */
  14777. #ifdef WOLFSSL_SHA224
  14778. AssertIntEQ((digestSz = test_HMAC_CTX_helper(EVP_sha224(), digest)), 28);
  14779. AssertIntEQ(XMEMCMP("\x57\xFD\xF4\xE1\x2D\xB0\x79\xD7\x4B\x25\x7E\xB1\x95"
  14780. "\x9C\x11\xAC\x2D\x1E\x78\x94\x4F\x3A\x0F\xED\xF8\xAD"
  14781. "\x02\x0E", digest, digestSz), 0);
  14782. #endif /* WOLFSSL_SHA224 */
  14783. #ifndef NO_SHA256
  14784. AssertIntEQ((digestSz = test_HMAC_CTX_helper(EVP_sha256(), digest)), 32);
  14785. AssertIntEQ(XMEMCMP("\x13\xAB\x76\x91\x0C\x37\x86\x8D\xB3\x7E\x30\x0C\xFC"
  14786. "\xB0\x2E\x8E\x4A\xD7\xD4\x25\xCC\x3A\xA9\x0F\xA2\xF2"
  14787. "\x47\x1E\x62\x6F\x5D\xF2", digest, digestSz), 0);
  14788. #endif /* !NO_SHA256 */
  14789. #ifdef WOLFSSL_SHA512
  14790. #ifdef WOLFSSL_SHA384
  14791. AssertIntEQ((digestSz = test_HMAC_CTX_helper(EVP_sha384(), digest)), 48);
  14792. AssertIntEQ(XMEMCMP("\x9E\xCB\x07\x0C\x11\x76\x3F\x23\xC3\x25\x0E\xC4\xB7"
  14793. "\x28\x77\x95\x99\xD5\x9D\x7A\xBB\x1A\x9F\xB7\xFD\x25"
  14794. "\xC9\x72\x47\x9F\x8F\x86\x76\xD6\x20\x57\x87\xB7\xE7"
  14795. "\xCD\xFB\xC2\xCC\x9F\x2B\xC5\x41\xAB",
  14796. digest, digestSz), 0);
  14797. #endif /* WOLFSSL_SHA384 */
  14798. AssertIntEQ((digestSz = test_HMAC_CTX_helper(EVP_sha512(), digest)), 64);
  14799. AssertIntEQ(XMEMCMP("\xD4\x21\x0C\x8B\x60\x6F\xF4\xBF\x07\x2F\x26\xCC\xAD"
  14800. "\xBC\x06\x0B\x34\x78\x8B\x4F\xD6\xC0\x42\xF1\x33\x10"
  14801. "\x6C\x4F\x1E\x55\x59\xDD\x2A\x9F\x15\x88\x62\xF8\x60"
  14802. "\xA3\x99\x91\xE2\x08\x7B\xF7\x95\x3A\xB0\x92\x48\x60"
  14803. "\x88\x8B\x5B\xB8\x5F\xE9\xB6\xB1\x96\xE3\xB5\xF0",
  14804. digest, digestSz), 0);
  14805. #endif /* WOLFSSL_SHA512 */
  14806. #ifndef NO_MD5
  14807. AssertIntEQ((digestSz = test_HMAC_CTX_helper(EVP_md5(), digest)), 16);
  14808. AssertIntEQ(XMEMCMP("\xB7\x27\xC4\x41\xE5\x2E\x62\xBA\x54\xED\x72\x70\x9F"
  14809. "\xE4\x98\xDD", digest, digestSz), 0);
  14810. #endif /* !NO_MD5 */
  14811. printf(resultFmt, passed);
  14812. #endif
  14813. }
  14814. #if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
  14815. static void sslMsgCb(int w, int version, int type, const void* buf,
  14816. size_t sz, SSL* ssl, void* arg)
  14817. {
  14818. int i;
  14819. unsigned char* pt = (unsigned char*)buf;
  14820. printf("%s %d bytes of version %d , type %d : ", (w)?"Writing":"Reading",
  14821. (int)sz, version, type);
  14822. for (i = 0; i < (int)sz; i++) printf("%02X", pt[i]);
  14823. printf("\n");
  14824. (void)ssl;
  14825. (void)arg;
  14826. }
  14827. #endif /* OPENSSL_EXTRA */
  14828. static void test_wolfSSL_msg_callback(void)
  14829. {
  14830. #if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
  14831. WOLFSSL* ssl;
  14832. WOLFSSL_CTX* ctx;
  14833. printf(testingFmt, "wolfSSL_msg_callback()");
  14834. AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
  14835. AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, cliCertFile,
  14836. SSL_FILETYPE_PEM));
  14837. AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile,
  14838. SSL_FILETYPE_PEM));
  14839. AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0),
  14840. SSL_SUCCESS);
  14841. AssertNotNull(ssl = SSL_new(ctx));
  14842. AssertIntEQ(SSL_set_msg_callback(ssl, NULL), SSL_SUCCESS);
  14843. AssertIntEQ(SSL_set_msg_callback(ssl, &sslMsgCb), SSL_SUCCESS);
  14844. AssertIntEQ(SSL_set_msg_callback(NULL, &sslMsgCb), SSL_FAILURE);
  14845. SSL_CTX_free(ctx);
  14846. SSL_free(ssl);
  14847. printf(resultFmt, passed);
  14848. #endif
  14849. }
  14850. static void test_wolfSSL_SHA(void)
  14851. {
  14852. #if defined(OPENSSL_EXTRA)
  14853. printf(testingFmt, "wolfSSL_SHA()");
  14854. #if !defined(NO_SHA)
  14855. {
  14856. const unsigned char in[] = "abc";
  14857. unsigned char expected[] = "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E"
  14858. "\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D";
  14859. unsigned char out[WC_SHA_DIGEST_SIZE];
  14860. XMEMSET(out, 0, WC_SHA_DIGEST_SIZE);
  14861. AssertNotNull(SHA1(in, XSTRLEN((char*)in), out));
  14862. AssertIntEQ(XMEMCMP(out, expected, WC_SHA_DIGEST_SIZE), 0);
  14863. }
  14864. #endif
  14865. printf(resultFmt, passed);
  14866. #endif
  14867. }
  14868. static void test_wolfSSL_DH_1536_prime(void)
  14869. {
  14870. #if defined(OPENSSL_EXTRA) && !defined(NO_DH)
  14871. BIGNUM* bn;
  14872. unsigned char bits[200];
  14873. int sz = 192; /* known binary size */
  14874. const byte expected[] = {
  14875. 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
  14876. 0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
  14877. 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
  14878. 0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
  14879. 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,
  14880. 0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
  14881. 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,
  14882. 0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
  14883. 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
  14884. 0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
  14885. 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,
  14886. 0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
  14887. 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,
  14888. 0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
  14889. 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,
  14890. 0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
  14891. 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,
  14892. 0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
  14893. 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,
  14894. 0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
  14895. 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,
  14896. 0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
  14897. 0xF1,0x74,0x6C,0x08,0xCA,0x23,0x73,0x27,
  14898. 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
  14899. };
  14900. printf(testingFmt, "wolfSSL_DH_1536_prime()");
  14901. AssertNotNull(bn = get_rfc3526_prime_1536(NULL));
  14902. AssertIntEQ(sz, BN_bn2bin((const BIGNUM*)bn, bits));
  14903. AssertIntEQ(0, XMEMCMP(expected, bits, sz));
  14904. BN_free(bn);
  14905. printf(resultFmt, passed);
  14906. #endif
  14907. }
  14908. static void test_wolfSSL_AES_ecb_encrypt(void)
  14909. {
  14910. #if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AES_ECB)
  14911. AES_KEY aes;
  14912. const byte msg[] =
  14913. {
  14914. 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
  14915. 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a
  14916. };
  14917. const byte verify[] =
  14918. {
  14919. 0xf3,0xee,0xd1,0xbd,0xb5,0xd2,0xa0,0x3c,
  14920. 0x06,0x4b,0x5a,0x7e,0x3d,0xb1,0x81,0xf8
  14921. };
  14922. const byte key[] =
  14923. {
  14924. 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
  14925. 0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
  14926. 0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,
  14927. 0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4
  14928. };
  14929. byte out[AES_BLOCK_SIZE];
  14930. printf(testingFmt, "wolfSSL_AES_ecb_encrypt()");
  14931. AssertIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &aes), 0);
  14932. XMEMSET(out, 0, AES_BLOCK_SIZE);
  14933. AES_ecb_encrypt(msg, out, &aes, AES_ENCRYPT);
  14934. AssertIntEQ(XMEMCMP(out, verify, AES_BLOCK_SIZE), 0);
  14935. #ifdef HAVE_AES_DECRYPT
  14936. AssertIntEQ(AES_set_decrypt_key(key, sizeof(key)*8, &aes), 0);
  14937. XMEMSET(out, 0, AES_BLOCK_SIZE);
  14938. AES_ecb_encrypt(verify, out, &aes, AES_DECRYPT);
  14939. AssertIntEQ(XMEMCMP(out, msg, AES_BLOCK_SIZE), 0);
  14940. #endif
  14941. /* test bad arguments */
  14942. AES_ecb_encrypt(NULL, out, &aes, AES_DECRYPT);
  14943. AES_ecb_encrypt(verify, NULL, &aes, AES_DECRYPT);
  14944. AES_ecb_encrypt(verify, out, NULL, AES_DECRYPT);
  14945. printf(resultFmt, passed);
  14946. #endif
  14947. }
  14948. static void test_wolfSSL_SHA256(void)
  14949. {
  14950. #if defined(OPENSSL_EXTRA) && !defined(NO_SHA256) && \
  14951. defined(NO_OLD_SHA256_NAMES) && !defined(HAVE_FIPS)
  14952. unsigned char input[] =
  14953. "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
  14954. unsigned char output[] =
  14955. "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60"
  14956. "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB"
  14957. "\x06\xC1";
  14958. size_t inLen;
  14959. byte hash[WC_SHA256_DIGEST_SIZE];
  14960. printf(testingFmt, "wolfSSL_SHA256()");
  14961. inLen = XSTRLEN((char*)input);
  14962. XMEMSET(hash, 0, WC_SHA256_DIGEST_SIZE);
  14963. AssertNotNull(SHA256(input, inLen, hash));
  14964. AssertIntEQ(XMEMCMP(hash, output, WC_SHA256_DIGEST_SIZE), 0);
  14965. printf(resultFmt, passed);
  14966. #endif
  14967. }
  14968. static void test_wolfSSL_X509_get_serialNumber(void)
  14969. {
  14970. #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
  14971. !defined(NO_RSA)
  14972. ASN1_INTEGER* a;
  14973. BIGNUM* bn;
  14974. X509* x509;
  14975. printf(testingFmt, "wolfSSL_X509_get_serialNumber()");
  14976. AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
  14977. SSL_FILETYPE_PEM));
  14978. AssertNotNull(a = X509_get_serialNumber(x509));
  14979. X509_free(x509);
  14980. /* check on value of ASN1 Integer */
  14981. AssertNotNull(bn = ASN1_INTEGER_to_BN(a, NULL));
  14982. AssertIntEQ(BN_get_word(bn), 1);
  14983. BN_free(bn);
  14984. ASN1_INTEGER_free(a);
  14985. /* hard test free'ing with dynamic buffer to make sure there is no leaks */
  14986. a = ASN1_INTEGER_new();
  14987. AssertNotNull(a->data = (unsigned char*)XMALLOC(100, NULL,
  14988. DYNAMIC_TYPE_OPENSSL));
  14989. a->isDynamic = 1;
  14990. ASN1_INTEGER_free(a);
  14991. printf(resultFmt, passed);
  14992. #endif
  14993. }
  14994. static void test_no_op_functions(void)
  14995. {
  14996. #if defined(OPENSSL_EXTRA)
  14997. printf(testingFmt, "no_op_functions()");
  14998. /* this makes sure wolfSSL can compile and run these no-op functions */
  14999. SSL_load_error_strings();
  15000. ENGINE_load_builtin_engines();
  15001. OpenSSL_add_all_ciphers();
  15002. CRYPTO_malloc_init();
  15003. printf(resultFmt, passed);
  15004. #endif
  15005. }
  15006. /*----------------------------------------------------------------------------*
  15007. | wolfCrypt ASN
  15008. *----------------------------------------------------------------------------*/
  15009. static void test_wc_GetPkcs8TraditionalOffset(void)
  15010. {
  15011. #if !defined(NO_ASN) && !defined(NO_FILESYSTEM)
  15012. int length, derSz;
  15013. word32 inOutIdx;
  15014. const char* path = "./certs/server-keyPkcs8.der";
  15015. FILE* file;
  15016. byte der[2048];
  15017. printf(testingFmt, "wc_GetPkcs8TraditionalOffset");
  15018. file = fopen(path, "rb");
  15019. AssertNotNull(file);
  15020. derSz = (int)fread(der, 1, sizeof(der), file);
  15021. fclose(file);
  15022. /* valid case */
  15023. inOutIdx = 0;
  15024. length = wc_GetPkcs8TraditionalOffset(der, &inOutIdx, derSz);
  15025. AssertIntGT(length, 0);
  15026. /* inOutIdx > sz */
  15027. inOutIdx = 4000;
  15028. length = wc_GetPkcs8TraditionalOffset(der, &inOutIdx, derSz);
  15029. AssertIntEQ(length, BAD_FUNC_ARG);
  15030. /* null input */
  15031. inOutIdx = 0;
  15032. length = wc_GetPkcs8TraditionalOffset(NULL, &inOutIdx, 0);
  15033. AssertIntEQ(length, BAD_FUNC_ARG);
  15034. /* invalid input, fill buffer with 1's */
  15035. XMEMSET(der, 1, sizeof(der));
  15036. inOutIdx = 0;
  15037. length = wc_GetPkcs8TraditionalOffset(der, &inOutIdx, derSz);
  15038. AssertIntEQ(length, ASN_PARSE_E);
  15039. printf(resultFmt, passed);
  15040. #endif /* NO_ASN */
  15041. }
  15042. /*----------------------------------------------------------------------------*
  15043. | wolfCrypt ECC
  15044. *----------------------------------------------------------------------------*/
  15045. static void test_wc_ecc_get_curve_size_from_name(void)
  15046. {
  15047. #ifdef HAVE_ECC
  15048. int ret;
  15049. printf(testingFmt, "wc_ecc_get_curve_size_from_name");
  15050. #if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
  15051. ret = wc_ecc_get_curve_size_from_name("SECP256R1");
  15052. AssertIntEQ(ret, 32);
  15053. #endif
  15054. /* invalid case */
  15055. ret = wc_ecc_get_curve_size_from_name("BADCURVE");
  15056. AssertIntEQ(ret, -1);
  15057. /* NULL input */
  15058. ret = wc_ecc_get_curve_size_from_name(NULL);
  15059. AssertIntEQ(ret, BAD_FUNC_ARG);
  15060. printf(resultFmt, passed);
  15061. #endif /* HAVE_ECC */
  15062. }
  15063. static void test_wc_ecc_get_curve_id_from_name(void)
  15064. {
  15065. #ifdef HAVE_ECC
  15066. int id;
  15067. printf(testingFmt, "wc_ecc_get_curve_id_from_name");
  15068. #if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
  15069. id = wc_ecc_get_curve_id_from_name("SECP256R1");
  15070. AssertIntEQ(id, ECC_SECP256R1);
  15071. #endif
  15072. /* invalid case */
  15073. id = wc_ecc_get_curve_id_from_name("BADCURVE");
  15074. AssertIntEQ(id, -1);
  15075. /* NULL input */
  15076. id = wc_ecc_get_curve_id_from_name(NULL);
  15077. AssertIntEQ(id, BAD_FUNC_ARG);
  15078. printf(resultFmt, passed);
  15079. #endif /* HAVE_ECC */
  15080. }
  15081. static void test_wc_ecc_get_curve_id_from_params(void)
  15082. {
  15083. #ifdef HAVE_ECC
  15084. int id;
  15085. const byte prime[] =
  15086. {
  15087. 0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x01,
  15088. 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  15089. 0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,
  15090. 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
  15091. };
  15092. const byte primeInvalid[] =
  15093. {
  15094. 0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x01,
  15095. 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  15096. 0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,
  15097. 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x01,0x01
  15098. };
  15099. const byte Af[] =
  15100. {
  15101. 0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x01,
  15102. 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  15103. 0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,
  15104. 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFC
  15105. };
  15106. const byte Bf[] =
  15107. {
  15108. 0x5A,0xC6,0x35,0xD8,0xAA,0x3A,0x93,0xE7,
  15109. 0xB3,0xEB,0xBD,0x55,0x76,0x98,0x86,0xBC,
  15110. 0x65,0x1D,0x06,0xB0,0xCC,0x53,0xB0,0xF6,
  15111. 0x3B,0xCE,0x3C,0x3E,0x27,0xD2,0x60,0x4B
  15112. };
  15113. const byte order[] =
  15114. {
  15115. 0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,
  15116. 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
  15117. 0xBC,0xE6,0xFA,0xAD,0xA7,0x17,0x9E,0x84,
  15118. 0xF3,0xB9,0xCA,0xC2,0xFC,0x63,0x25,0x51
  15119. };
  15120. const byte Gx[] =
  15121. {
  15122. 0x6B,0x17,0xD1,0xF2,0xE1,0x2C,0x42,0x47,
  15123. 0xF8,0xBC,0xE6,0xE5,0x63,0xA4,0x40,0xF2,
  15124. 0x77,0x03,0x7D,0x81,0x2D,0xEB,0x33,0xA0,
  15125. 0xF4,0xA1,0x39,0x45,0xD8,0x98,0xC2,0x96
  15126. };
  15127. const byte Gy[] =
  15128. {
  15129. 0x4F,0xE3,0x42,0xE2,0xFE,0x1A,0x7F,0x9B,
  15130. 0x8E,0xE7,0xEB,0x4A,0x7C,0x0F,0x9E,0x16,
  15131. 0x2B,0xCE,0x33,0x57,0x6B,0x31,0x5E,0xCE,
  15132. 0xCB,0xB6,0x40,0x68,0x37,0xBF,0x51,0xF5
  15133. };
  15134. int cofactor = 1;
  15135. int fieldSize = 256;
  15136. printf(testingFmt, "wc_ecc_get_curve_id_from_params");
  15137. #if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
  15138. id = wc_ecc_get_curve_id_from_params(fieldSize, prime, sizeof(prime),
  15139. Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order),
  15140. Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor);
  15141. AssertIntEQ(id, ECC_SECP256R1);
  15142. #endif
  15143. /* invalid case, fieldSize = 0 */
  15144. id = wc_ecc_get_curve_id_from_params(0, prime, sizeof(prime),
  15145. Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order),
  15146. Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor);
  15147. AssertIntEQ(id, ECC_CURVE_INVALID);
  15148. /* invalid case, NULL prime */
  15149. id = wc_ecc_get_curve_id_from_params(fieldSize, NULL, sizeof(prime),
  15150. Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order),
  15151. Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor);
  15152. AssertIntEQ(id, BAD_FUNC_ARG);
  15153. /* invalid case, invalid prime */
  15154. id = wc_ecc_get_curve_id_from_params(fieldSize,
  15155. primeInvalid, sizeof(primeInvalid),
  15156. Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order),
  15157. Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor);
  15158. AssertIntEQ(id, ECC_CURVE_INVALID);
  15159. printf(resultFmt, passed);
  15160. #endif
  15161. }
  15162. /*----------------------------------------------------------------------------*
  15163. | Certficate Failure Checks
  15164. *----------------------------------------------------------------------------*/
  15165. #ifndef NO_CERTS
  15166. /* Use the Cert Manager(CM) API to generate the error ASN_SIG_CONFIRM_E */
  15167. static int verify_sig_cm(const char* ca, byte* cert_buf, size_t cert_sz,
  15168. int type)
  15169. {
  15170. int ret;
  15171. WOLFSSL_CERT_MANAGER* cm = NULL;
  15172. switch (type) {
  15173. case TESTING_RSA:
  15174. #ifdef NO_RSA
  15175. printf("RSA disabled, skipping test\n");
  15176. return ASN_SIG_CONFIRM_E;
  15177. #else
  15178. break;
  15179. #endif
  15180. case TESTING_ECC:
  15181. #ifndef HAVE_ECC
  15182. printf("ECC disabled, skipping test\n");
  15183. return ASN_SIG_CONFIRM_E;
  15184. #else
  15185. break;
  15186. #endif
  15187. default:
  15188. printf("Bad function argument\n");
  15189. return BAD_FUNC_ARG;
  15190. }
  15191. cm = wolfSSL_CertManagerNew();
  15192. if (cm == NULL) {
  15193. printf("wolfSSL_CertManagerNew failed\n");
  15194. return -1;
  15195. }
  15196. #ifndef NO_FILESYSTEM
  15197. ret = wolfSSL_CertManagerLoadCA(cm, ca, 0);
  15198. if (ret != WOLFSSL_SUCCESS) {
  15199. printf("wolfSSL_CertManagerLoadCA failed\n");
  15200. wolfSSL_CertManagerFree(cm);
  15201. return ret;
  15202. }
  15203. #else
  15204. (void)ca;
  15205. #endif
  15206. ret = wolfSSL_CertManagerVerifyBuffer(cm, cert_buf, cert_sz, WOLFSSL_FILETYPE_ASN1);
  15207. /* Let AssertIntEQ handle return code */
  15208. wolfSSL_CertManagerFree(cm);
  15209. return ret;
  15210. }
  15211. static int test_RsaSigFailure_cm(void)
  15212. {
  15213. int ret = 0;
  15214. const char* ca_cert = "./certs/ca-cert.pem";
  15215. const char* server_cert = "./certs/server-cert.der";
  15216. byte* cert_buf = NULL;
  15217. size_t cert_sz = 0;
  15218. ret = load_file(server_cert, &cert_buf, &cert_sz);
  15219. if (ret == 0) {
  15220. /* corrupt DER - invert last byte, which is signature */
  15221. cert_buf[cert_sz-1] = ~cert_buf[cert_sz-1];
  15222. /* test bad cert */
  15223. ret = verify_sig_cm(ca_cert, cert_buf, cert_sz, TESTING_RSA);
  15224. }
  15225. printf("Signature failure test: RSA: Ret %d\n", ret);
  15226. if (cert_buf)
  15227. free(cert_buf);
  15228. return ret;
  15229. }
  15230. static int test_EccSigFailure_cm(void)
  15231. {
  15232. int ret = 0;
  15233. /* self-signed ECC cert, so use server cert as CA */
  15234. const char* ca_cert = "./certs/ca-ecc-cert.pem";
  15235. const char* server_cert = "./certs/server-ecc.der";
  15236. byte* cert_buf = NULL;
  15237. size_t cert_sz = 0;
  15238. ret = load_file(server_cert, &cert_buf, &cert_sz);
  15239. if (ret == 0) {
  15240. /* corrupt DER - invert last byte, which is signature */
  15241. cert_buf[cert_sz-1] = ~cert_buf[cert_sz-1];
  15242. /* test bad cert */
  15243. ret = verify_sig_cm(ca_cert, cert_buf, cert_sz, TESTING_ECC);
  15244. }
  15245. printf("Signature failure test: ECC: Ret %d\n", ret);
  15246. if (cert_buf)
  15247. free(cert_buf);
  15248. return ret;
  15249. }
  15250. #endif /* NO_CERTS */
  15251. #ifdef WOLFSSL_TLS13
  15252. #ifdef WOLFSSL_SEND_HRR_COOKIE
  15253. static byte fixedKey[WC_SHA384_DIGEST_SIZE] = { 0, };
  15254. #endif
  15255. #ifdef WOLFSSL_EARLY_DATA
  15256. static const char earlyData[] = "Early Data";
  15257. static char earlyDataBuffer[1];
  15258. #endif
  15259. static int test_tls13_apis(void)
  15260. {
  15261. int ret = 0;
  15262. WOLFSSL_CTX* clientTls12Ctx;
  15263. WOLFSSL* clientTls12Ssl;
  15264. WOLFSSL_CTX* serverTls12Ctx;
  15265. WOLFSSL* serverTls12Ssl;
  15266. WOLFSSL_CTX* clientCtx;
  15267. WOLFSSL* clientSsl;
  15268. WOLFSSL_CTX* serverCtx;
  15269. WOLFSSL* serverSsl;
  15270. #ifndef NO_CERTS
  15271. const char* ourCert = svrCertFile;
  15272. const char* ourKey = svrKeyFile;
  15273. #endif
  15274. #ifdef WOLFSSL_EARLY_DATA
  15275. int outSz;
  15276. #endif
  15277. int groups[1] = { WOLFSSL_ECC_X25519 };
  15278. int numGroups = 1;
  15279. clientTls12Ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
  15280. clientTls12Ssl = wolfSSL_new(clientTls12Ctx);
  15281. serverTls12Ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method());
  15282. #ifndef NO_CERTS
  15283. wolfSSL_CTX_use_certificate_chain_file(serverTls12Ctx, ourCert);
  15284. wolfSSL_CTX_use_PrivateKey_file(serverTls12Ctx, ourKey, WOLFSSL_FILETYPE_PEM);
  15285. #endif
  15286. serverTls12Ssl = wolfSSL_new(serverTls12Ctx);
  15287. clientCtx = wolfSSL_CTX_new(wolfTLSv1_3_client_method());
  15288. clientSsl = wolfSSL_new(clientCtx);
  15289. serverCtx = wolfSSL_CTX_new(wolfTLSv1_3_server_method());
  15290. #ifndef NO_CERTS
  15291. wolfSSL_CTX_use_certificate_chain_file(serverCtx, ourCert);
  15292. wolfSSL_CTX_use_PrivateKey_file(serverCtx, ourKey, WOLFSSL_FILETYPE_PEM);
  15293. #endif
  15294. serverSsl = wolfSSL_new(serverCtx);
  15295. #ifdef WOLFSSL_SEND_HRR_COOKIE
  15296. AssertIntEQ(wolfSSL_send_hrr_cookie(NULL, NULL, 0), BAD_FUNC_ARG);
  15297. AssertIntEQ(wolfSSL_send_hrr_cookie(clientSsl, NULL, 0), SIDE_ERROR);
  15298. AssertIntEQ(wolfSSL_send_hrr_cookie(serverTls12Ssl, NULL, 0), BAD_FUNC_ARG);
  15299. AssertIntEQ(wolfSSL_send_hrr_cookie(serverSsl, NULL, 0), WOLFSSL_SUCCESS);
  15300. AssertIntEQ(wolfSSL_send_hrr_cookie(serverSsl, fixedKey, sizeof(fixedKey)),
  15301. WOLFSSL_SUCCESS);
  15302. #endif
  15303. #ifdef HAVE_ECC
  15304. AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_SECP256R1), BAD_FUNC_ARG);
  15305. AssertIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_SECP256R1),
  15306. WOLFSSL_SUCCESS);
  15307. AssertIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_SECP256R1),
  15308. WOLFSSL_SUCCESS);
  15309. AssertIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_SECP256R1),
  15310. WOLFSSL_SUCCESS);
  15311. #elif defined(HAVE_CURVE25519)
  15312. AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_X25519), BAD_FUNC_ARG);
  15313. AssertIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_X25519),
  15314. WOLFSSL_SUCCESS);
  15315. AssertIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_X25519),
  15316. WOLFSSL_SUCCESS);
  15317. AssertIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_X25519),
  15318. WOLFSSL_SUCCESS);
  15319. #else
  15320. AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_SECP256R1), BAD_FUNC_ARG);
  15321. AssertIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_SECP256R1),
  15322. NOT_COMPILED_IN);
  15323. AssertIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_SECP256R1),
  15324. NOT_COMPILED_IN);
  15325. #endif
  15326. AssertIntEQ(wolfSSL_NoKeyShares(NULL), BAD_FUNC_ARG);
  15327. AssertIntEQ(wolfSSL_NoKeyShares(serverSsl), SIDE_ERROR);
  15328. AssertIntEQ(wolfSSL_NoKeyShares(clientTls12Ssl), WOLFSSL_SUCCESS);
  15329. AssertIntEQ(wolfSSL_NoKeyShares(clientSsl), WOLFSSL_SUCCESS);
  15330. AssertIntEQ(wolfSSL_CTX_no_ticket_TLSv13(NULL), BAD_FUNC_ARG);
  15331. AssertIntEQ(wolfSSL_CTX_no_ticket_TLSv13(clientCtx), SIDE_ERROR);
  15332. AssertIntEQ(wolfSSL_CTX_no_ticket_TLSv13(serverTls12Ctx), BAD_FUNC_ARG);
  15333. AssertIntEQ(wolfSSL_CTX_no_ticket_TLSv13(serverCtx), 0);
  15334. AssertIntEQ(wolfSSL_no_ticket_TLSv13(NULL), BAD_FUNC_ARG);
  15335. AssertIntEQ(wolfSSL_no_ticket_TLSv13(clientSsl), SIDE_ERROR);
  15336. AssertIntEQ(wolfSSL_no_ticket_TLSv13(serverTls12Ssl), BAD_FUNC_ARG);
  15337. AssertIntEQ(wolfSSL_no_ticket_TLSv13(serverSsl), 0);
  15338. AssertIntEQ(wolfSSL_CTX_no_dhe_psk(NULL), BAD_FUNC_ARG);
  15339. AssertIntEQ(wolfSSL_CTX_no_dhe_psk(clientTls12Ctx), BAD_FUNC_ARG);
  15340. AssertIntEQ(wolfSSL_CTX_no_dhe_psk(serverCtx), 0);
  15341. AssertIntEQ(wolfSSL_CTX_no_dhe_psk(clientCtx), 0);
  15342. AssertIntEQ(wolfSSL_no_dhe_psk(NULL), BAD_FUNC_ARG);
  15343. AssertIntEQ(wolfSSL_no_dhe_psk(clientTls12Ssl), BAD_FUNC_ARG);
  15344. AssertIntEQ(wolfSSL_no_dhe_psk(serverSsl), 0);
  15345. AssertIntEQ(wolfSSL_no_dhe_psk(clientSsl), 0);
  15346. AssertIntEQ(wolfSSL_update_keys(NULL), BAD_FUNC_ARG);
  15347. AssertIntEQ(wolfSSL_update_keys(clientTls12Ssl), BAD_FUNC_ARG);
  15348. AssertIntEQ(wolfSSL_update_keys(serverSsl), BUILD_MSG_ERROR);
  15349. AssertIntEQ(wolfSSL_update_keys(clientSsl), BUILD_MSG_ERROR);
  15350. #if !defined(NO_CERTS) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
  15351. AssertIntEQ(wolfSSL_CTX_allow_post_handshake_auth(NULL), BAD_FUNC_ARG);
  15352. AssertIntEQ(wolfSSL_CTX_allow_post_handshake_auth(serverCtx), SIDE_ERROR);
  15353. AssertIntEQ(wolfSSL_CTX_allow_post_handshake_auth(clientTls12Ctx),
  15354. BAD_FUNC_ARG);
  15355. AssertIntEQ(wolfSSL_CTX_allow_post_handshake_auth(clientCtx), 0);
  15356. AssertIntEQ(wolfSSL_allow_post_handshake_auth(NULL), BAD_FUNC_ARG);
  15357. AssertIntEQ(wolfSSL_allow_post_handshake_auth(serverSsl), SIDE_ERROR);
  15358. AssertIntEQ(wolfSSL_allow_post_handshake_auth(clientTls12Ssl),
  15359. BAD_FUNC_ARG);
  15360. AssertIntEQ(wolfSSL_allow_post_handshake_auth(clientSsl), 0);
  15361. AssertIntEQ(wolfSSL_request_certificate(NULL), BAD_FUNC_ARG);
  15362. AssertIntEQ(wolfSSL_request_certificate(clientSsl), SIDE_ERROR);
  15363. AssertIntEQ(wolfSSL_request_certificate(serverTls12Ssl),
  15364. BAD_FUNC_ARG);
  15365. AssertIntEQ(wolfSSL_request_certificate(serverSsl), NOT_READY_ERROR);
  15366. #endif
  15367. #ifndef WOLFSSL_NO_SERVER_GROUPS_EXT
  15368. AssertIntEQ(wolfSSL_preferred_group(NULL), BAD_FUNC_ARG);
  15369. AssertIntEQ(wolfSSL_preferred_group(serverSsl), SIDE_ERROR);
  15370. AssertIntEQ(wolfSSL_preferred_group(clientTls12Ssl), BAD_FUNC_ARG);
  15371. AssertIntEQ(wolfSSL_preferred_group(clientSsl), NOT_READY_ERROR);
  15372. #endif
  15373. AssertIntEQ(wolfSSL_CTX_set_groups(NULL, NULL, 0), BAD_FUNC_ARG);
  15374. AssertIntEQ(wolfSSL_CTX_set_groups(clientCtx, NULL, 0), BAD_FUNC_ARG);
  15375. AssertIntEQ(wolfSSL_CTX_set_groups(NULL, groups, numGroups), BAD_FUNC_ARG);
  15376. AssertIntEQ(wolfSSL_CTX_set_groups(clientTls12Ctx, groups, numGroups),
  15377. BAD_FUNC_ARG);
  15378. AssertIntEQ(wolfSSL_CTX_set_groups(clientCtx, groups,
  15379. WOLFSSL_MAX_GROUP_COUNT + 1),
  15380. BAD_FUNC_ARG);
  15381. AssertIntEQ(wolfSSL_CTX_set_groups(clientCtx, groups, numGroups),
  15382. WOLFSSL_SUCCESS);
  15383. AssertIntEQ(wolfSSL_CTX_set_groups(serverCtx, groups, numGroups),
  15384. WOLFSSL_SUCCESS);
  15385. AssertIntEQ(wolfSSL_set_groups(NULL, NULL, 0), BAD_FUNC_ARG);
  15386. AssertIntEQ(wolfSSL_set_groups(clientSsl, NULL, 0), BAD_FUNC_ARG);
  15387. AssertIntEQ(wolfSSL_set_groups(NULL, groups, numGroups), BAD_FUNC_ARG);
  15388. AssertIntEQ(wolfSSL_set_groups(clientTls12Ssl, groups, numGroups),
  15389. BAD_FUNC_ARG);
  15390. AssertIntEQ(wolfSSL_set_groups(clientSsl, groups,
  15391. WOLFSSL_MAX_GROUP_COUNT + 1), BAD_FUNC_ARG);
  15392. AssertIntEQ(wolfSSL_set_groups(clientSsl, groups, numGroups),
  15393. WOLFSSL_SUCCESS);
  15394. AssertIntEQ(wolfSSL_set_groups(serverSsl, groups, numGroups),
  15395. WOLFSSL_SUCCESS);
  15396. #ifdef WOLFSSL_EARLY_DATA
  15397. AssertIntEQ(wolfSSL_CTX_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
  15398. AssertIntEQ(wolfSSL_CTX_set_max_early_data(clientCtx, 0), SIDE_ERROR);
  15399. AssertIntEQ(wolfSSL_CTX_set_max_early_data(serverTls12Ctx, 0),
  15400. BAD_FUNC_ARG);
  15401. AssertIntEQ(wolfSSL_CTX_set_max_early_data(serverCtx, 0), 0);
  15402. AssertIntEQ(wolfSSL_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
  15403. AssertIntEQ(wolfSSL_set_max_early_data(clientSsl, 0), SIDE_ERROR);
  15404. AssertIntEQ(wolfSSL_set_max_early_data(serverTls12Ssl, 0), BAD_FUNC_ARG);
  15405. AssertIntEQ(wolfSSL_set_max_early_data(serverSsl, 0), 0);
  15406. AssertIntEQ(wolfSSL_write_early_data(NULL, earlyData, sizeof(earlyData),
  15407. &outSz), BAD_FUNC_ARG);
  15408. AssertIntEQ(wolfSSL_write_early_data(clientSsl, NULL, sizeof(earlyData),
  15409. &outSz), BAD_FUNC_ARG);
  15410. AssertIntEQ(wolfSSL_write_early_data(clientSsl, earlyData, -1, &outSz),
  15411. BAD_FUNC_ARG);
  15412. AssertIntEQ(wolfSSL_write_early_data(clientSsl, earlyData,
  15413. sizeof(earlyData), NULL),
  15414. BAD_FUNC_ARG);
  15415. AssertIntEQ(wolfSSL_write_early_data(serverSsl, earlyData,
  15416. sizeof(earlyData), &outSz),
  15417. SIDE_ERROR);
  15418. AssertIntEQ(wolfSSL_write_early_data(clientTls12Ssl, earlyData,
  15419. sizeof(earlyData), &outSz),
  15420. BAD_FUNC_ARG);
  15421. AssertIntEQ(wolfSSL_write_early_data(clientSsl, earlyData,
  15422. sizeof(earlyData), &outSz),
  15423. WOLFSSL_FATAL_ERROR);
  15424. AssertIntEQ(wolfSSL_read_early_data(NULL, earlyDataBuffer,
  15425. sizeof(earlyDataBuffer), &outSz),
  15426. BAD_FUNC_ARG);
  15427. AssertIntEQ(wolfSSL_read_early_data(serverSsl, NULL,
  15428. sizeof(earlyDataBuffer), &outSz),
  15429. BAD_FUNC_ARG);
  15430. AssertIntEQ(wolfSSL_read_early_data(serverSsl, earlyDataBuffer, -1, &outSz),
  15431. BAD_FUNC_ARG);
  15432. AssertIntEQ(wolfSSL_read_early_data(serverSsl, earlyDataBuffer,
  15433. sizeof(earlyDataBuffer), NULL),
  15434. BAD_FUNC_ARG);
  15435. AssertIntEQ(wolfSSL_read_early_data(clientSsl, earlyDataBuffer,
  15436. sizeof(earlyDataBuffer), &outSz),
  15437. SIDE_ERROR);
  15438. AssertIntEQ(wolfSSL_read_early_data(serverTls12Ssl, earlyDataBuffer,
  15439. sizeof(earlyDataBuffer), &outSz),
  15440. BAD_FUNC_ARG);
  15441. AssertIntEQ(wolfSSL_read_early_data(serverSsl, earlyDataBuffer,
  15442. sizeof(earlyDataBuffer), &outSz),
  15443. WOLFSSL_FATAL_ERROR);
  15444. #endif
  15445. wolfSSL_free(serverSsl);
  15446. wolfSSL_CTX_free(serverCtx);
  15447. wolfSSL_free(clientSsl);
  15448. wolfSSL_CTX_free(clientCtx);
  15449. wolfSSL_free(serverTls12Ssl);
  15450. wolfSSL_CTX_free(serverTls12Ctx);
  15451. wolfSSL_free(clientTls12Ssl);
  15452. wolfSSL_CTX_free(clientTls12Ctx);
  15453. return ret;
  15454. }
  15455. #endif
  15456. #ifdef HAVE_PK_CALLBACKS
  15457. #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
  15458. !defined(NO_WOLFSSL_CLIENT) && !defined(NO_DH) && !defined(NO_AES) && \
  15459. defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(SINGLE_THREADED)
  15460. static int my_DhCallback(WOLFSSL* ssl, struct DhKey* key,
  15461. const unsigned char* priv, unsigned int privSz,
  15462. const unsigned char* pubKeyDer, unsigned int pubKeySz,
  15463. unsigned char* out, unsigned int* outlen,
  15464. void* ctx)
  15465. {
  15466. /* Test fail when context associated with WOLFSSL is NULL */
  15467. if (ctx == NULL) {
  15468. return -1;
  15469. }
  15470. (void)ssl;
  15471. /* return 0 on success */
  15472. return wc_DhAgree(key, out, outlen, priv, privSz, pubKeyDer, pubKeySz);
  15473. };
  15474. static void test_dh_ctx_setup(WOLFSSL_CTX* ctx) {
  15475. wolfSSL_CTX_SetDhAgreeCb(ctx, my_DhCallback);
  15476. #ifdef WOLFSSL_AES_128
  15477. AssertIntEQ(wolfSSL_CTX_set_cipher_list(ctx, "DHE-RSA-AES128-SHA256"),
  15478. WOLFSSL_SUCCESS);
  15479. #endif
  15480. #ifdef WOLFSSL_AES_256
  15481. AssertIntEQ(wolfSSL_CTX_set_cipher_list(ctx, "DHE-RSA-AES256-SHA256"),
  15482. WOLFSSL_SUCCESS);
  15483. #endif
  15484. }
  15485. static void test_dh_ssl_setup(WOLFSSL* ssl)
  15486. {
  15487. static int dh_test_ctx = 1;
  15488. int ret;
  15489. wolfSSL_SetDhAgreeCtx(ssl, &dh_test_ctx);
  15490. AssertIntEQ(*((int*)wolfSSL_GetDhAgreeCtx(ssl)), dh_test_ctx);
  15491. ret = wolfSSL_SetTmpDH_file(ssl, dhParamFile, WOLFSSL_FILETYPE_PEM);
  15492. if (ret != WOLFSSL_SUCCESS && ret != SIDE_ERROR) {
  15493. AssertIntEQ(ret, WOLFSSL_SUCCESS);
  15494. }
  15495. }
  15496. static void test_dh_ssl_setup_fail(WOLFSSL* ssl)
  15497. {
  15498. int ret;
  15499. wolfSSL_SetDhAgreeCtx(ssl, NULL);
  15500. AssertNull(wolfSSL_GetDhAgreeCtx(ssl));
  15501. ret = wolfSSL_SetTmpDH_file(ssl, dhParamFile, WOLFSSL_FILETYPE_PEM);
  15502. if (ret != WOLFSSL_SUCCESS && ret != SIDE_ERROR) {
  15503. AssertIntEQ(ret, WOLFSSL_SUCCESS);
  15504. }
  15505. }
  15506. #endif
  15507. static void test_DhCallbacks(void)
  15508. {
  15509. #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
  15510. !defined(NO_WOLFSSL_CLIENT) && !defined(NO_DH) && !defined(NO_AES) && \
  15511. defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(SINGLE_THREADED)
  15512. WOLFSSL_CTX *ctx;
  15513. WOLFSSL *ssl;
  15514. tcp_ready ready;
  15515. func_args server_args;
  15516. func_args client_args;
  15517. THREAD_TYPE serverThread;
  15518. callback_functions func_cb_client;
  15519. callback_functions func_cb_server;
  15520. int test;
  15521. printf(testingFmt, "test_DhCallbacks");
  15522. AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
  15523. wolfSSL_CTX_SetDhAgreeCb(ctx, &my_DhCallback);
  15524. /* load client ca cert */
  15525. AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0),
  15526. WOLFSSL_SUCCESS);
  15527. /* test with NULL arguments */
  15528. wolfSSL_SetDhAgreeCtx(NULL, &test);
  15529. AssertNull(wolfSSL_GetDhAgreeCtx(NULL));
  15530. /* test success case */
  15531. test = 1;
  15532. AssertNotNull(ssl = wolfSSL_new(ctx));
  15533. wolfSSL_SetDhAgreeCtx(ssl, &test);
  15534. AssertIntEQ(*((int*)wolfSSL_GetDhAgreeCtx(ssl)), test);
  15535. wolfSSL_free(ssl);
  15536. wolfSSL_CTX_free(ctx);
  15537. /* test a connection where callback is used */
  15538. #ifdef WOLFSSL_TIRTOS
  15539. fdOpenSession(Task_self());
  15540. #endif
  15541. XMEMSET(&server_args, 0, sizeof(func_args));
  15542. XMEMSET(&client_args, 0, sizeof(func_args));
  15543. XMEMSET(&func_cb_client, 0, sizeof(callback_functions));
  15544. XMEMSET(&func_cb_server, 0, sizeof(callback_functions));
  15545. StartTCP();
  15546. InitTcpReady(&ready);
  15547. #if defined(USE_WINDOWS_API)
  15548. /* use RNG to get random port if using windows */
  15549. ready.port = GetRandomPort();
  15550. #endif
  15551. server_args.signal = &ready;
  15552. client_args.signal = &ready;
  15553. server_args.return_code = TEST_FAIL;
  15554. client_args.return_code = TEST_FAIL;
  15555. /* set callbacks to use DH functions */
  15556. func_cb_client.ctx_ready = &test_dh_ctx_setup;
  15557. func_cb_client.ssl_ready = &test_dh_ssl_setup;
  15558. func_cb_client.method = wolfTLSv1_2_client_method;
  15559. client_args.callbacks = &func_cb_client;
  15560. func_cb_server.ctx_ready = &test_dh_ctx_setup;
  15561. func_cb_server.ssl_ready = &test_dh_ssl_setup;
  15562. func_cb_server.method = wolfTLSv1_2_server_method;
  15563. server_args.callbacks = &func_cb_server;
  15564. start_thread(test_server_nofail, &server_args, &serverThread);
  15565. wait_tcp_ready(&server_args);
  15566. test_client_nofail(&client_args, NULL);
  15567. join_thread(serverThread);
  15568. AssertTrue(client_args.return_code);
  15569. AssertTrue(server_args.return_code);
  15570. FreeTcpReady(&ready);
  15571. #ifdef WOLFSSL_TIRTOS
  15572. fdOpenSession(Task_self());
  15573. #endif
  15574. /* now set user ctx to not be 1 so that the callback returns fail case */
  15575. #ifdef WOLFSSL_TIRTOS
  15576. fdOpenSession(Task_self());
  15577. #endif
  15578. XMEMSET(&server_args, 0, sizeof(func_args));
  15579. XMEMSET(&client_args, 0, sizeof(func_args));
  15580. XMEMSET(&func_cb_client, 0, sizeof(callback_functions));
  15581. XMEMSET(&func_cb_server, 0, sizeof(callback_functions));
  15582. StartTCP();
  15583. InitTcpReady(&ready);
  15584. #if defined(USE_WINDOWS_API)
  15585. /* use RNG to get random port if using windows */
  15586. ready.port = GetRandomPort();
  15587. #endif
  15588. server_args.signal = &ready;
  15589. client_args.signal = &ready;
  15590. server_args.return_code = TEST_FAIL;
  15591. client_args.return_code = TEST_FAIL;
  15592. /* set callbacks to use DH functions */
  15593. func_cb_client.ctx_ready = &test_dh_ctx_setup;
  15594. func_cb_client.ssl_ready = &test_dh_ssl_setup_fail;
  15595. func_cb_client.method = wolfTLSv1_2_client_method;
  15596. client_args.callbacks = &func_cb_client;
  15597. func_cb_server.ctx_ready = &test_dh_ctx_setup;
  15598. func_cb_server.ssl_ready = &test_dh_ssl_setup_fail;
  15599. func_cb_server.method = wolfTLSv1_2_server_method;
  15600. server_args.callbacks = &func_cb_server;
  15601. start_thread(test_server_nofail, &server_args, &serverThread);
  15602. wait_tcp_ready(&server_args);
  15603. test_client_nofail(&client_args, NULL);
  15604. join_thread(serverThread);
  15605. AssertIntEQ(client_args.return_code, TEST_FAIL);
  15606. AssertIntEQ(server_args.return_code, TEST_FAIL);
  15607. FreeTcpReady(&ready);
  15608. #ifdef WOLFSSL_TIRTOS
  15609. fdOpenSession(Task_self());
  15610. #endif
  15611. printf(resultFmt, passed);
  15612. #endif
  15613. }
  15614. #endif /* HAVE_PK_CALLBACKS */
  15615. #ifdef HAVE_HASHDRBG
  15616. static int test_wc_RNG_GenerateBlock()
  15617. {
  15618. int i, ret;
  15619. WC_RNG rng;
  15620. byte key[32];
  15621. ret = wc_InitRng(&rng);
  15622. if (ret == 0) {
  15623. for(i = 0; i < WC_RESEED_INTERVAL + 10; i++) {
  15624. ret = wc_RNG_GenerateBlock(&rng, key, sizeof(key));
  15625. if (ret != 0) {
  15626. break;
  15627. }
  15628. }
  15629. }
  15630. wc_FreeRng(&rng);
  15631. return ret;
  15632. }
  15633. #endif
  15634. /*----------------------------------------------------------------------------*
  15635. | Main
  15636. *----------------------------------------------------------------------------*/
  15637. void ApiTest(void)
  15638. {
  15639. printf(" Begin API Tests\n");
  15640. AssertIntEQ(test_wolfSSL_Init(), WOLFSSL_SUCCESS);
  15641. /* wolfcrypt initialization tests */
  15642. test_wolfSSL_Method_Allocators();
  15643. #ifndef NO_WOLFSSL_SERVER
  15644. test_wolfSSL_CTX_new(wolfSSLv23_server_method());
  15645. #endif
  15646. test_wolfSSL_CTX_use_certificate_file();
  15647. AssertIntEQ(test_wolfSSL_CTX_use_certificate_buffer(), WOLFSSL_SUCCESS);
  15648. test_wolfSSL_CTX_use_PrivateKey_file();
  15649. test_wolfSSL_CTX_load_verify_locations();
  15650. test_wolfSSL_CTX_trust_peer_cert();
  15651. test_wolfSSL_CTX_SetTmpDH_file();
  15652. test_wolfSSL_CTX_SetTmpDH_buffer();
  15653. test_server_wolfSSL_new();
  15654. test_client_wolfSSL_new();
  15655. test_wolfSSL_SetTmpDH_file();
  15656. test_wolfSSL_SetTmpDH_buffer();
  15657. test_wolfSSL_read_write();
  15658. test_wolfSSL_dtls_export();
  15659. AssertIntEQ(test_wolfSSL_SetMinVersion(), WOLFSSL_SUCCESS);
  15660. AssertIntEQ(test_wolfSSL_CTX_SetMinVersion(), WOLFSSL_SUCCESS);
  15661. /* TLS extensions tests */
  15662. test_wolfSSL_UseSNI();
  15663. test_wolfSSL_UseMaxFragment();
  15664. test_wolfSSL_UseTruncatedHMAC();
  15665. test_wolfSSL_UseSupportedCurve();
  15666. test_wolfSSL_UseALPN();
  15667. test_wolfSSL_DisableExtendedMasterSecret();
  15668. /* X509 tests */
  15669. test_wolfSSL_X509_NAME_get_entry();
  15670. test_wolfSSL_PKCS12();
  15671. test_wolfSSL_PKCS8();
  15672. test_wolfSSL_PKCS5();
  15673. /*OCSP Stapling. */
  15674. AssertIntEQ(test_wolfSSL_UseOCSPStapling(), WOLFSSL_SUCCESS);
  15675. AssertIntEQ(test_wolfSSL_UseOCSPStaplingV2(), WOLFSSL_SUCCESS);
  15676. /* Multicast */
  15677. test_wolfSSL_mcast();
  15678. /* compatibility tests */
  15679. test_wolfSSL_X509_NAME();
  15680. test_wolfSSL_DES();
  15681. test_wolfSSL_certs();
  15682. test_wolfSSL_ASN1_TIME_print();
  15683. test_wolfSSL_private_keys();
  15684. test_wolfSSL_PEM_PrivateKey();
  15685. test_wolfSSL_PEM_RSAPrivateKey();
  15686. test_wolfSSL_tmp_dh();
  15687. test_wolfSSL_ctrl();
  15688. test_wolfSSL_EVP_PKEY_new_mac_key();
  15689. test_wolfSSL_EVP_MD_hmac_signing();
  15690. test_wolfSSL_CTX_add_extra_chain_cert();
  15691. test_wolfSSL_ERR_peek_last_error_line();
  15692. test_wolfSSL_set_options();
  15693. test_wolfSSL_X509_STORE_CTX();
  15694. test_wolfSSL_msgCb();
  15695. test_wolfSSL_X509_STORE_set_flags();
  15696. test_wolfSSL_X509_LOOKUP_load_file();
  15697. test_wolfSSL_X509_NID();
  15698. test_wolfSSL_X509_STORE_CTX_set_time();
  15699. test_wolfSSL_BN();
  15700. test_wolfSSL_PEM_read_bio();
  15701. test_wolfSSL_BIO();
  15702. test_wolfSSL_ASN1_STRING();
  15703. test_wolfSSL_X509();
  15704. test_wolfSSL_RAND();
  15705. test_wolfSSL_BUF();
  15706. test_wolfSSL_set_tlsext_status_type();
  15707. test_wolfSSL_ASN1_TIME_adj();
  15708. test_wolfSSL_CTX_set_client_CA_list();
  15709. test_wolfSSL_CTX_add_client_CA();
  15710. test_wolfSSL_CTX_set_srp_username();
  15711. test_wolfSSL_CTX_set_srp_password();
  15712. test_wolfSSL_pseudo_rand();
  15713. test_wolfSSL_pkcs8();
  15714. test_wolfSSL_ERR_put_error();
  15715. test_wolfSSL_HMAC();
  15716. test_wolfSSL_OBJ();
  15717. test_wolfSSL_X509_NAME_ENTRY();
  15718. test_wolfSSL_BIO_gets();
  15719. test_wolfSSL_d2i_PUBKEY();
  15720. test_wolfSSL_BIO_write();
  15721. test_wolfSSL_SESSION();
  15722. test_wolfSSL_DES_ecb_encrypt();
  15723. test_wolfSSL_sk_GENERAL_NAME();
  15724. test_wolfSSL_MD4();
  15725. test_wolfSSL_RSA();
  15726. test_wolfSSL_verify_depth();
  15727. test_wolfSSL_HMAC_CTX();
  15728. test_wolfSSL_msg_callback();
  15729. test_wolfSSL_SHA();
  15730. test_wolfSSL_DH_1536_prime();
  15731. test_wolfSSL_AES_ecb_encrypt();
  15732. test_wolfSSL_SHA256();
  15733. test_wolfSSL_X509_get_serialNumber();
  15734. /* test the no op functions for compatibility */
  15735. test_no_op_functions();
  15736. AssertIntEQ(test_wolfSSL_Cleanup(), WOLFSSL_SUCCESS);
  15737. /* wolfCrypt ASN tests */
  15738. test_wc_GetPkcs8TraditionalOffset();
  15739. /* wolfCrypt ECC tests */
  15740. test_wc_ecc_get_curve_size_from_name();
  15741. test_wc_ecc_get_curve_id_from_name();
  15742. test_wc_ecc_get_curve_id_from_params();
  15743. #ifdef WOLFSSL_TLS13
  15744. /* TLS v1.3 API tests */
  15745. test_tls13_apis();
  15746. #endif
  15747. #ifndef NO_CERTS
  15748. /* Bad certificate signature tests */
  15749. AssertIntEQ(test_EccSigFailure_cm(), ASN_SIG_CONFIRM_E);
  15750. AssertIntEQ(test_RsaSigFailure_cm(), ASN_SIG_CONFIRM_E);
  15751. #endif /* NO_CERTS */
  15752. #ifdef HAVE_PK_CALLBACKS
  15753. /* public key callback tests */
  15754. test_DhCallbacks();
  15755. #endif
  15756. /*wolfcrypt */
  15757. printf("\n-----------------wolfcrypt unit tests------------------\n");
  15758. AssertFalse(test_wolfCrypt_Init());
  15759. AssertFalse(test_wc_InitMd5());
  15760. AssertFalse(test_wc_Md5Update());
  15761. AssertFalse(test_wc_Md5Final());
  15762. AssertFalse(test_wc_InitSha());
  15763. AssertFalse(test_wc_ShaUpdate());
  15764. AssertFalse(test_wc_ShaFinal());
  15765. AssertFalse(test_wc_InitSha256());
  15766. AssertFalse(test_wc_Sha256Update());
  15767. AssertFalse(test_wc_Sha256Final());
  15768. AssertFalse(test_wc_InitSha512());
  15769. AssertFalse(test_wc_Sha512Update());
  15770. AssertFalse(test_wc_Sha512Final());
  15771. AssertFalse(test_wc_InitSha384());
  15772. AssertFalse(test_wc_Sha384Update());
  15773. AssertFalse(test_wc_Sha384Final());
  15774. AssertFalse(test_wc_InitSha224());
  15775. AssertFalse(test_wc_Sha224Update());
  15776. AssertFalse(test_wc_Sha224Final());
  15777. AssertFalse(test_wc_InitRipeMd());
  15778. AssertFalse(test_wc_RipeMdUpdate());
  15779. AssertFalse(test_wc_RipeMdFinal());
  15780. AssertIntEQ(test_wc_InitSha3(), 0);
  15781. AssertIntEQ(testing_wc_Sha3_Update(), 0);
  15782. AssertIntEQ(test_wc_Sha3_224_Final(), 0);
  15783. AssertIntEQ(test_wc_Sha3_256_Final(), 0);
  15784. AssertIntEQ(test_wc_Sha3_384_Final(), 0);
  15785. AssertIntEQ(test_wc_Sha3_512_Final(), 0);
  15786. AssertIntEQ(test_wc_Sha3_224_Copy(), 0);
  15787. AssertIntEQ(test_wc_Sha3_256_Copy(), 0);
  15788. AssertIntEQ(test_wc_Sha3_384_Copy(), 0);
  15789. AssertIntEQ(test_wc_Sha3_512_Copy(), 0);
  15790. AssertFalse(test_wc_Md5HmacSetKey());
  15791. AssertFalse(test_wc_Md5HmacUpdate());
  15792. AssertFalse(test_wc_Md5HmacFinal());
  15793. AssertFalse(test_wc_ShaHmacSetKey());
  15794. AssertFalse(test_wc_ShaHmacUpdate());
  15795. AssertFalse(test_wc_ShaHmacFinal());
  15796. AssertFalse(test_wc_Sha224HmacSetKey());
  15797. AssertFalse(test_wc_Sha224HmacUpdate());
  15798. AssertFalse(test_wc_Sha224HmacFinal());
  15799. AssertFalse(test_wc_Sha256HmacSetKey());
  15800. AssertFalse(test_wc_Sha256HmacUpdate());
  15801. AssertFalse(test_wc_Sha256HmacFinal());
  15802. AssertFalse(test_wc_Sha384HmacSetKey());
  15803. AssertFalse(test_wc_Sha384HmacUpdate());
  15804. AssertFalse(test_wc_Sha384HmacFinal());
  15805. AssertIntEQ(test_wc_InitCmac(), 0);
  15806. AssertIntEQ(test_wc_CmacUpdate(), 0);
  15807. AssertIntEQ(test_wc_CmacFinal(), 0);
  15808. AssertIntEQ(test_wc_AesCmacGenerate(), 0);
  15809. AssertIntEQ(test_wc_Des3_SetIV(), 0);
  15810. AssertIntEQ(test_wc_Des3_SetKey(), 0);
  15811. AssertIntEQ(test_wc_Des3_CbcEncryptDecrypt(), 0);
  15812. AssertIntEQ(test_wc_Des3_CbcEncryptDecryptWithKey(), 0);
  15813. AssertIntEQ(test_wc_IdeaSetKey(), 0);
  15814. AssertIntEQ(test_wc_IdeaSetIV(), 0);
  15815. AssertIntEQ(test_wc_IdeaCipher(), 0);
  15816. AssertIntEQ(test_wc_IdeaCbcEncyptDecrypt(), 0);
  15817. AssertIntEQ(test_wc_Chacha_SetKey(), 0);
  15818. AssertIntEQ(test_wc_Chacha_Process(), 0);
  15819. AssertIntEQ(test_wc_ChaCha20Poly1305_aead(), 0);
  15820. AssertIntEQ(test_wc_CamelliaSetKey(), 0);
  15821. AssertIntEQ(test_wc_CamelliaSetIV(), 0);
  15822. AssertIntEQ(test_wc_CamelliaEncryptDecryptDirect(), 0);
  15823. AssertIntEQ(test_wc_CamelliaCbcEncryptDecrypt(), 0);
  15824. AssertIntEQ(test_wc_RabbitSetKey(), 0);
  15825. AssertIntEQ(test_wc_RabbitProcess(), 0);
  15826. AssertIntEQ(test_wc_Arc4SetKey(), 0);
  15827. AssertIntEQ(test_wc_Arc4Process(), 0);
  15828. AssertIntEQ(test_wc_AesSetKey(), 0);
  15829. AssertIntEQ(test_wc_AesSetIV(), 0);
  15830. AssertIntEQ(test_wc_AesCbcEncryptDecrypt(), 0);
  15831. AssertIntEQ(test_wc_AesCtrEncryptDecrypt(), 0);
  15832. AssertIntEQ(test_wc_AesGcmSetKey(), 0);
  15833. AssertIntEQ(test_wc_AesGcmEncryptDecrypt(), 0);
  15834. AssertIntEQ(test_wc_GmacSetKey(), 0);
  15835. AssertIntEQ(test_wc_GmacUpdate(), 0);
  15836. AssertIntEQ(test_wc_InitRsaKey(), 0);
  15837. AssertIntEQ(test_wc_RsaPrivateKeyDecode(), 0);
  15838. AssertIntEQ(test_wc_RsaPublicKeyDecode(), 0);
  15839. AssertIntEQ(test_wc_RsaPublicKeyDecodeRaw(), 0);
  15840. AssertIntEQ(test_wc_MakeRsaKey(), 0);
  15841. AssertIntEQ(test_wc_SetKeyUsage (), 0);
  15842. AssertIntEQ(test_wc_RsaKeyToDer(), 0);
  15843. AssertIntEQ(test_wc_RsaKeyToPublicDer(), 0);
  15844. AssertIntEQ(test_wc_RsaPublicEncryptDecrypt(), 0);
  15845. AssertIntEQ(test_wc_RsaPublicEncryptDecrypt_ex(), 0);
  15846. AssertIntEQ(test_wc_RsaEncryptSize(), 0);
  15847. AssertIntEQ(test_wc_RsaSSL_SignVerify(), 0);
  15848. AssertIntEQ(test_wc_RsaFlattenPublicKey(), 0);
  15849. AssertIntEQ(test_RsaDecryptBoundsCheck(), 0);
  15850. AssertIntEQ(test_wc_AesCcmSetKey(), 0);
  15851. AssertIntEQ(test_wc_AesCcmEncryptDecrypt(), 0);
  15852. AssertIntEQ(test_wc_Hc128_SetKey(), 0);
  15853. AssertIntEQ(test_wc_Hc128_Process(), 0);
  15854. AssertIntEQ(test_wc_InitDsaKey(), 0);
  15855. AssertIntEQ(test_wc_DsaSignVerify(), 0);
  15856. AssertIntEQ(test_wc_DsaPublicPrivateKeyDecode(), 0);
  15857. AssertIntEQ(test_wc_MakeDsaKey(), 0);
  15858. AssertIntEQ(test_wc_DsaKeyToDer(), 0);
  15859. AssertIntEQ(test_wc_DsaImportParamsRaw(), 0);
  15860. AssertIntEQ(test_wc_DsaExportParamsRaw(), 0);
  15861. AssertIntEQ(test_wc_DsaExportKeyRaw(), 0);
  15862. #ifdef OPENSSL_EXTRA
  15863. /*wolfSSS_EVP_get_cipherbynid test*/
  15864. test_wolfSSL_EVP_get_cipherbynid();
  15865. test_wolfSSL_EC();
  15866. #endif
  15867. #ifdef HAVE_HASHDRBG
  15868. AssertIntEQ(test_wc_RNG_GenerateBlock(), 0);
  15869. #endif
  15870. AssertIntEQ(test_wc_ed25519_make_key(), 0);
  15871. AssertIntEQ(test_wc_ed25519_init(), 0);
  15872. AssertIntEQ(test_wc_ed25519_sign_msg(), 0);
  15873. AssertIntEQ(test_wc_ed25519_import_public(), 0);
  15874. AssertIntEQ(test_wc_ed25519_import_private_key(), 0);
  15875. AssertIntEQ(test_wc_ed25519_export(), 0);
  15876. AssertIntEQ(test_wc_ed25519_size(), 0);
  15877. AssertIntEQ(test_wc_ed25519_exportKey(), 0);
  15878. AssertIntEQ(test_wc_ecc_make_key(), 0);
  15879. AssertIntEQ(test_wc_ecc_init(), 0);
  15880. AssertIntEQ(test_wc_ecc_check_key(), 0);
  15881. AssertIntEQ(test_wc_ecc_size(), 0);
  15882. AssertIntEQ(test_wc_ecc_signVerify_hash(), 0);
  15883. AssertIntEQ(test_wc_ecc_shared_secret(), 0);
  15884. AssertIntEQ(test_wc_ecc_export_x963(), 0);
  15885. AssertIntEQ(test_wc_ecc_export_x963_ex(), 0);
  15886. AssertIntEQ(test_wc_ecc_import_x963(), 0);
  15887. AssertIntEQ(ecc_import_private_key(), 0);
  15888. AssertIntEQ(test_wc_ecc_export_private_only(), 0);
  15889. AssertIntEQ(test_wc_ecc_rs_to_sig(), 0);
  15890. AssertIntEQ(test_wc_ecc_import_raw(), 0);
  15891. AssertIntEQ(test_wc_ecc_sig_size(), 0);
  15892. AssertIntEQ(test_wc_ecc_ctx_new(), 0);
  15893. AssertIntEQ(test_wc_ecc_ctx_reset(), 0);
  15894. AssertIntEQ(test_wc_ecc_ctx_set_peer_salt(), 0);
  15895. AssertIntEQ(test_wc_ecc_ctx_set_info(), 0);
  15896. AssertIntEQ(test_wc_ecc_encryptDecrypt(), 0);
  15897. AssertIntEQ(test_wc_ecc_del_point(), 0);
  15898. AssertIntEQ(test_wc_ecc_pointFns(), 0);
  15899. AssertIntEQ(test_wc_ecc_shared_secret_ssh(), 0);
  15900. AssertIntEQ(test_wc_ecc_verify_hash_ex(), 0);
  15901. AssertIntEQ(test_wc_ecc_mulmod(), 0);
  15902. AssertIntEQ(test_wc_ecc_is_valid_idx(), 0);
  15903. test_wc_PKCS7_Init();
  15904. test_wc_PKCS7_InitWithCert();
  15905. test_wc_PKCS7_EncodeData();
  15906. test_wc_PKCS7_EncodeSignedData();
  15907. test_wc_PKCS7_VerifySignedData();
  15908. test_wc_PKCS7_EncodeDecodeEnvelopedData();
  15909. test_wc_PKCS7_EncodeEncryptedData();
  15910. printf(" End API Tests\n");
  15911. }