/* api.c API unit tests * * Copyright (C) 2006-2023 wolfSSL Inc. * * This file is part of wolfSSL. * * wolfSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * wolfSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA */ /* For AES-CBC, input lengths can optionally be validated to be a * multiple of the block size, by defining WOLFSSL_AES_CBC_LENGTH_CHECKS, * also available via the configure option --enable-aescbc-length-checks. */ /*----------------------------------------------------------------------------* | Includes *----------------------------------------------------------------------------*/ #ifdef HAVE_CONFIG_H #include #endif #include #undef TEST_OPENSSL_COEXIST /* can't use this option with this example */ #ifndef FOURK_BUF #define FOURK_BUF 4096 #endif #ifndef TWOK_BUF #define TWOK_BUF 2048 #endif #ifndef ONEK_BUF #define ONEK_BUF 1024 #endif #if defined(WOLFSSL_STATIC_MEMORY) #include #if defined(WOLFSSL_STATIC_MEMORY) && !defined(WOLFCRYPT_ONLY) #if (defined(HAVE_ECC) && !defined(ALT_ECC_SIZE)) || \ defined(SESSION_CERTS) #ifdef OPENSSL_EXTRA #define TEST_TLS_STATIC_MEMSZ (400000) #else #define TEST_TLS_STATIC_MEMSZ (320000) #endif #else #define TEST_TLS_STATIC_MEMSZ (80000) #endif #endif #endif /* WOLFSSL_STATIC_MEMORY */ #ifndef HEAP_HINT #define HEAP_HINT NULL #endif /* WOLFSSL_STAIC_MEMORY */ #ifdef WOLFSSL_ASNC_CRYPT #include #endif #ifdef HAVE_ECC #include /* wc_ecc_fp_free */ #ifndef ECC_ASN963_MAX_BUF_SZ #define ECC_ASN963_MAX_BUF_SZ 133 #endif #ifndef ECC_PRIV_KEY_BUF #define ECC_PRIV_KEY_BUF 66 /* For non user defined curves. */ #endif /* ecc key sizes: 14, 16, 20, 24, 28, 30, 32, 40, 48, 64 */ /* logic to choose right key ECC size */ #if (defined(HAVE_ECC112) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 112 #define KEY14 14 #else #define KEY14 32 #endif #if (defined(HAVE_ECC128) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 128 #define KEY16 16 #else #define KEY16 32 #endif #if (defined(HAVE_ECC160) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 160 #define KEY20 20 #else #define KEY20 32 #endif #if (defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 192 #define KEY24 24 #else #define KEY24 32 #endif #if defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES) #define KEY28 28 #else #define KEY28 32 #endif #if defined(HAVE_ECC239) || defined(HAVE_ALL_CURVES) #define KEY30 30 #else #define KEY30 32 #endif #define KEY32 32 #if defined(HAVE_ECC320) || defined(HAVE_ALL_CURVES) #define KEY40 40 #else #define KEY40 32 #endif #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES) #define KEY48 48 #else #define KEY48 32 #endif #if defined(HAVE_ECC512) || defined(HAVE_ALL_CURVES) #define KEY64 64 #else #define KEY64 32 #endif #if !defined(HAVE_COMP_KEY) #if !defined(NOCOMP) #define NOCOMP 0 #endif #else #if !defined(COMP) #define COMP 1 #endif #endif #if !defined(DER_SZ) #define DER_SZ(ks) ((ks) * 2 + 1) #endif #ifdef WOLFSSL_SM2 #include #endif #endif #ifndef NO_ASN #include #endif #include #include #include /* compatibility layer */ #include #include #include "examples/server/server.h" /* for testing compatibility layer callbacks */ #ifndef NO_MD5 #include #endif #ifndef NO_SHA #include #endif #ifndef NO_SHA256 #include #endif #ifdef WOLFSSL_SHA512 #include #endif #ifdef WOLFSSL_SHA384 #include #endif #ifdef WOLFSSL_SHA3 #include #ifndef HEAP_HINT #define HEAP_HINT NULL #endif #endif #ifdef WOLFSSL_SM3 #include #endif #ifndef NO_AES #include #ifdef HAVE_AES_DECRYPT #include #endif #endif #ifdef WOLFSSL_SM4 #include #endif #ifdef WOLFSSL_RIPEMD #include #endif #ifndef NO_DES3 #include #include #endif #ifdef WC_RC2 #include #endif #ifndef NO_HMAC #include #endif #ifdef HAVE_CHACHA #include #endif #ifdef HAVE_POLY1305 #include #endif #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) #include #endif #ifdef HAVE_CAMELLIA #include #endif #ifndef NO_RC4 #include #endif #ifdef HAVE_BLAKE2 #include #endif #include #ifndef NO_RSA #include #define FOURK_BUF 4096 #define GEN_BUF 294 #endif #ifndef NO_SIG_WRAPPER #include #endif #ifdef HAVE_AESCCM #include #endif #ifdef HAVE_PKCS7 #include #include #ifdef HAVE_LIBZ #include #endif #endif #ifdef WOLFSSL_SMALL_CERT_VERIFY #include #endif #ifndef NO_DSA #include #ifndef ONEK_BUF #define ONEK_BUF 1024 #endif #ifndef TWOK_BUF #define TWOK_BUF 2048 #endif #ifndef FOURK_BUF #define FOURK_BUF 4096 #endif #ifndef DSA_SIG_SIZE #define DSA_SIG_SIZE 40 #endif #ifndef MAX_DSA_PARAM_SIZE #define MAX_DSA_PARAM_SIZE 256 #endif #endif #ifdef WOLFSSL_CMAC #include #endif #ifdef HAVE_ED25519 #include #endif #ifdef HAVE_CURVE25519 #include #endif #ifdef HAVE_ED448 #include #endif #ifdef HAVE_CURVE448 #include #endif #ifdef HAVE_PKCS12 #include #endif #include #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || defined(OPENSSL_ALL)) #include #ifndef NO_ASN /* for ASN_COMMON_NAME DN_tags enum */ #include #endif #ifdef HAVE_OCSP #include #endif #endif #ifdef OPENSSL_EXTRA #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #ifdef OPENSSL_ALL #include #include #endif #ifndef NO_AES #include #endif #ifndef NO_DES3 #include #endif #ifndef NO_RC4 #include #endif #ifdef HAVE_ECC #include #endif #ifdef HAVE_PKCS7 #include #endif #ifdef HAVE_ED25519 #include #endif #ifdef HAVE_ED448 #include #endif #endif /* OPENSSL_EXTRA */ #if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) \ && !defined(NO_SHA256) && !defined(RC_NO_RNG) #include #endif #if (defined(SESSION_CERTS) && defined(TEST_PEER_CERT_CHAIN)) || \ defined(HAVE_SESSION_TICKET) || (defined(OPENSSL_EXTRA) && \ defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)) || \ defined(WOLFSSL_TEST_STATIC_BUILD) || defined(WOLFSSL_DTLS) || \ defined(HAVE_ECH) || defined(HAVE_EX_DATA) || !defined(NO_SESSION_CACHE) \ || !defined(WOLFSSL_NO_TLS12) || defined(WOLFSSL_TLS13) /* for testing SSL_get_peer_cert_chain, or SESSION_TICKET_HINT_DEFAULT, * for setting authKeyIdSrc in WOLFSSL_X509, or testing DTLS sequence * number tracking */ #include "wolfssl/internal.h" #endif /* force enable test buffers */ #ifndef USE_CERT_BUFFERS_2048 #define USE_CERT_BUFFERS_2048 #endif #ifndef USE_CERT_BUFFERS_256 #define USE_CERT_BUFFERS_256 #endif #include #include "tests/utils.h" /* include misc.c here regardless of NO_INLINE, because misc.c implementations * have default (hidden) visibility, and in the absence of visibility, it's * benign to mask out the library implementation. */ #define WOLFSSL_MISC_INCLUDED #include #ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV /* FIPS build has replaced ecc.h. */ #define wc_ecc_key_get_priv(key) (&((key)->k)) #define WOLFSSL_HAVE_ECC_KEY_GET_PRIV #endif typedef struct testVector { const char* input; const char* output; size_t inLen; size_t outLen; } testVector; #if defined(HAVE_PKCS7) typedef struct { const byte* content; word32 contentSz; int contentOID; int encryptOID; int keyWrapOID; int keyAgreeOID; byte* cert; size_t certSz; byte* privateKey; word32 privateKeySz; } pkcs7EnvelopedVector; #ifndef NO_PKCS7_ENCRYPTED_DATA typedef struct { const byte* content; word32 contentSz; int contentOID; int encryptOID; byte* encryptionKey; word32 encryptionKeySz; } pkcs7EncryptedVector; #endif #endif /* HAVE_PKCS7 */ typedef int (*ctx_cb)(WOLFSSL_CTX* ctx); typedef int (*ssl_cb)(WOLFSSL* ssl); typedef int (*test_cbType)(WOLFSSL_CTX *ctx, WOLFSSL *ssl); typedef int (*hs_cb)(WOLFSSL_CTX **ctx, WOLFSSL **ssl); typedef struct test_ssl_cbf { method_provider method; ctx_cb ctx_ready; ssl_cb ssl_ready; ssl_cb on_result; ctx_cb on_ctx_cleanup; ssl_cb on_cleanup; hs_cb on_handshake; WOLFSSL_CTX* ctx; const char* caPemFile; const char* certPemFile; const char* keyPemFile; const char* crlPemFile; #ifdef WOLFSSL_STATIC_MEMORY byte* mem; word32 memSz; wolfSSL_method_func method_ex; #endif int devId; int return_code; int last_err; unsigned char isSharedCtx:1; unsigned char loadToSSL:1; unsigned char ticNoInit:1; unsigned char doUdp:1; } test_ssl_cbf; #define TEST_SSL_MEMIO_BUF_SZ (64 * 1024) typedef struct test_ssl_memio_ctx { WOLFSSL_CTX* s_ctx; WOLFSSL_CTX* c_ctx; WOLFSSL* s_ssl; WOLFSSL* c_ssl; const char* c_ciphers; const char* s_ciphers; char* c_msg; int c_msglen; char* s_msg; int s_msglen; test_ssl_cbf s_cb; test_ssl_cbf c_cb; byte c_buff[TEST_SSL_MEMIO_BUF_SZ]; int c_len; byte s_buff[TEST_SSL_MEMIO_BUF_SZ]; int s_len; } test_ssl_memio_ctx; int test_wolfSSL_client_server_nofail_memio(test_ssl_cbf* client_cb, test_ssl_cbf* server_cb, test_cbType client_on_handshake); #ifdef WOLFSSL_DUMP_MEMIO_STREAM const char* currentTestName; char tmpDirName[16]; int tmpDirNameSet = 0; #endif /*----------------------------------------------------------------------------* | Constants *----------------------------------------------------------------------------*/ /* Test result constants and macros. */ /* Test succeeded. */ #define TEST_SUCCESS (1) /* Test failed. */ #define TEST_FAIL (0) /* Test skipped - not run. */ #define TEST_SKIPPED (-7777) /* Returns the result based on whether check is true. * * @param [in] check Condition for success. * @return When condition is true: TEST_SUCCESS. * @return When condition is false: TEST_FAIL. */ #ifdef DEBUG_WOLFSSL_VERBOSE #define XSTRINGIFY(s) STRINGIFY(s) #define STRINGIFY(s) #s #define TEST_RES_CHECK(check) ({ \ int _ret = (check) ? TEST_SUCCESS : TEST_FAIL; \ if (_ret == TEST_FAIL) { \ fprintf(stderr, " check \"%s\" at %d ", \ XSTRINGIFY(check), __LINE__); \ } \ _ret; }) #else #define TEST_RES_CHECK(check) \ ((check) ? TEST_SUCCESS : TEST_FAIL) #endif /* DEBUG_WOLFSSL_VERBOSE */ #define TEST_STRING "Everyone gets Friday off." #define TEST_STRING_SZ 25 #if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4)) #define TEST_RSA_BITS 1024 #else #define TEST_RSA_BITS 2048 #endif #define TEST_RSA_BYTES (TEST_RSA_BITS/8) #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ (!defined(NO_WOLFSSL_SERVER) || !defined(NO_WOLFSSL_CLIENT)) static const char* bogusFile = #ifdef _WIN32 "NUL" #else "/dev/null" #endif ; #endif /* !NO_FILESYSTEM && !NO_CERTS && (!NO_WOLFSSL_SERVER || !NO_WOLFSSL_CLIENT) */ enum { TESTING_RSA = 1, TESTING_ECC = 2 }; #ifdef WOLFSSL_QNX_CAAM #include static int testDevId = WOLFSSL_CAAM_DEVID; #else static int testDevId = INVALID_DEVID; #endif #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ !defined(NO_RSA) && !defined(SINGLE_THREADED) && \ !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) #define HAVE_IO_TESTS_DEPENDENCIES #endif #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \ !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) #define HAVE_SSL_MEMIO_TESTS_DEPENDENCIES #endif /*----------------------------------------------------------------------------* | BIO with fixed read/write size *----------------------------------------------------------------------------*/ #if defined(OPENSSL_EXTRA) && !defined(NO_BIO) static int wolfssl_bio_s_fixed_mem_write(WOLFSSL_BIO* bio, const char* data, int len) { if ((bio == NULL) || (bio->ptr == NULL) || (data == NULL)) { len = 0; } else { if (bio->wrSz - bio->wrIdx < len) { len = bio->wrSz - bio->wrIdx; } XMEMCPY((char*)bio->ptr + bio->wrIdx, data, len); bio->wrIdx += len; } return len; } static int wolfssl_bio_s_fixed_mem_read(WOLFSSL_BIO* bio, char* data, int len) { if ((bio == NULL) || (bio->ptr == NULL) || (data == NULL)) { len = 0; } else { if (bio->wrSz - bio->rdIdx < len) { len = bio->wrSz - bio->rdIdx; } XMEMCPY(data, (char*)bio->ptr + bio->rdIdx, len); bio->rdIdx += len; } return len; } static WOLFSSL_BIO_METHOD* wolfSSL_BIO_s_fixed_mem(void) { static WOLFSSL_BIO_METHOD meth; meth.type = WOLFSSL_BIO_BIO; XMEMCPY(meth.name, "Fixed Memory Size", 18); meth.writeCb = wolfssl_bio_s_fixed_mem_write; meth.readCb = wolfssl_bio_s_fixed_mem_read; return &meth; } #endif /*----------------------------------------------------------------------------* | Setup *----------------------------------------------------------------------------*/ static int test_wolfSSL_Init(void) { EXPECT_DECLS; ExpectIntEQ(wolfSSL_Init(), WOLFSSL_SUCCESS); return EXPECT_RESULT(); } static int test_wolfSSL_Cleanup(void) { EXPECT_DECLS; ExpectIntEQ(wolfSSL_Cleanup(), WOLFSSL_SUCCESS); return EXPECT_RESULT(); } /* Initialize the wolfCrypt state. * POST: 0 success. */ static int test_wolfCrypt_Init(void) { EXPECT_DECLS; ExpectIntEQ(wolfCrypt_Init(), 0); return EXPECT_RESULT(); } /* END test_wolfCrypt_Init */ static int test_wolfCrypt_Cleanup(void) { EXPECT_DECLS; ExpectIntEQ(wolfCrypt_Cleanup(), 0); return EXPECT_RESULT(); } /*----------------------------------------------------------------------------* | Platform dependent function test *----------------------------------------------------------------------------*/ static int test_fileAccess(void) { EXPECT_DECLS; #if defined(WOLFSSL_TEST_PLATFORMDEPEND) && !defined(NO_FILESYSTEM) const char *fname[] = { svrCertFile, svrKeyFile, caCertFile, eccCertFile, eccKeyFile, eccRsaCertFile, cliCertFile, cliCertDerFile, cliKeyFile, dhParamFile, cliEccKeyFile, cliEccCertFile, caEccCertFile, edCertFile, edKeyFile, cliEdCertFile, cliEdKeyFile, caEdCertFile, NULL }; const char derfile[] = "./certs/server-cert.der"; XFILE f = XBADFILE; size_t sz; byte *buff = NULL; int i; ExpectTrue(XFOPEN("badfilename", "rb") == XBADFILE); for (i=0; EXPECT_SUCCESS() && fname[i] != NULL ; i++) { ExpectTrue((f = XFOPEN(fname[i], "rb")) != XBADFILE); XFCLOSE(f); } ExpectTrue((f = XFOPEN(derfile, "rb")) != XBADFILE); ExpectTrue(XFSEEK(f, 0, XSEEK_END) == 0); ExpectIntGE(sz = (size_t) XFTELL(f), sizeof_server_cert_der_2048); ExpectTrue(XFSEEK(f, 0, XSEEK_SET) == 0); ExpectTrue((buff = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE)) != NULL); ExpectTrue(XFREAD(buff, 1, sz, f) == sz); ExpectIntEQ(XMEMCMP(server_cert_der_2048, buff, sz), 0); XFREE(buff, NULL, DYNAMIC_TYPE_FILE); XFCLOSE(f); #endif return EXPECT_RESULT(); } /*----------------------------------------------------------------------------* | Method Allocators *----------------------------------------------------------------------------*/ static int test_wolfSSL_Method_Allocators(void) { EXPECT_DECLS; #define TEST_METHOD_ALLOCATOR(allocator, condition) \ do { \ WOLFSSL_METHOD *method = NULL; \ condition(method = allocator()); \ XFREE(method, 0, DYNAMIC_TYPE_METHOD); \ } while (0) #define TEST_VALID_METHOD_ALLOCATOR(a) \ TEST_METHOD_ALLOCATOR(a, ExpectNotNull) #define TEST_INVALID_METHOD_ALLOCATOR(a) \ TEST_METHOD_ALLOCATOR(a, ExpectNull) #ifndef NO_OLD_TLS #ifdef WOLFSSL_ALLOW_SSLV3 #ifndef NO_WOLFSSL_SERVER TEST_VALID_METHOD_ALLOCATOR(wolfSSLv3_server_method); #endif #ifndef NO_WOLFSSL_CLIENT TEST_VALID_METHOD_ALLOCATOR(wolfSSLv3_client_method); #endif #endif #ifdef WOLFSSL_ALLOW_TLSV10 #ifndef NO_WOLFSSL_SERVER TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_server_method); #endif #ifndef NO_WOLFSSL_CLIENT TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_client_method); #endif #endif #ifndef NO_WOLFSSL_SERVER TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_1_server_method); #endif #ifndef NO_WOLFSSL_CLIENT TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_1_client_method); #endif #endif /* !NO_OLD_TLS */ #ifndef WOLFSSL_NO_TLS12 #ifndef NO_WOLFSSL_SERVER TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_2_server_method); #endif #ifndef NO_WOLFSSL_CLIENT TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_2_client_method); #endif #endif /* !WOLFSSL_NO_TLS12 */ #ifdef WOLFSSL_TLS13 #ifndef NO_WOLFSSL_SERVER TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_3_server_method); #endif #ifndef NO_WOLFSSL_CLIENT TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_3_client_method); #endif #endif /* WOLFSSL_TLS13 */ #ifndef NO_WOLFSSL_SERVER TEST_VALID_METHOD_ALLOCATOR(wolfSSLv23_server_method); #endif #ifndef NO_WOLFSSL_CLIENT TEST_VALID_METHOD_ALLOCATOR(wolfSSLv23_client_method); #endif #ifdef WOLFSSL_DTLS #ifndef NO_OLD_TLS #ifndef NO_WOLFSSL_SERVER TEST_VALID_METHOD_ALLOCATOR(wolfDTLSv1_server_method); #endif #ifndef NO_WOLFSSL_CLIENT TEST_VALID_METHOD_ALLOCATOR(wolfDTLSv1_client_method); #endif #endif #ifndef WOLFSSL_NO_TLS12 #ifndef NO_WOLFSSL_SERVER TEST_VALID_METHOD_ALLOCATOR(wolfDTLSv1_2_server_method); #endif #ifndef NO_WOLFSSL_CLIENT TEST_VALID_METHOD_ALLOCATOR(wolfDTLSv1_2_client_method); #endif #endif #endif /* WOLFSSL_DTLS */ #if !defined(NO_OLD_TLS) && defined(OPENSSL_EXTRA) /* Stubs */ #ifndef NO_WOLFSSL_SERVER TEST_INVALID_METHOD_ALLOCATOR(wolfSSLv2_server_method); #endif #ifndef NO_WOLFSSL_CLIENT TEST_INVALID_METHOD_ALLOCATOR(wolfSSLv2_client_method); #endif #endif /* Test Either Method (client or server) */ #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) TEST_VALID_METHOD_ALLOCATOR(wolfSSLv23_method); #ifndef NO_OLD_TLS #ifdef WOLFSSL_ALLOW_TLSV10 TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_method); #endif TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_1_method); #endif /* !NO_OLD_TLS */ #ifndef WOLFSSL_NO_TLS12 TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_2_method); #endif /* !WOLFSSL_NO_TLS12 */ #ifdef WOLFSSL_TLS13 TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_3_method); #endif /* WOLFSSL_TLS13 */ #ifdef WOLFSSL_DTLS TEST_VALID_METHOD_ALLOCATOR(wolfDTLS_method); #ifndef NO_OLD_TLS TEST_VALID_METHOD_ALLOCATOR(wolfDTLSv1_method); #endif /* !NO_OLD_TLS */ #ifndef WOLFSSL_NO_TLS12 TEST_VALID_METHOD_ALLOCATOR(wolfDTLSv1_2_method); #endif /* !WOLFSSL_NO_TLS12 */ #endif /* WOLFSSL_DTLS */ #endif /* OPENSSL_EXTRA || WOLFSSL_EITHER_SIDE */ return EXPECT_RESULT(); } #if defined(WOLFSSL_DUAL_ALG_CERTS) && !defined(NO_FILESYSTEM) /*----------------------------------------------------------------------------* | Dual algorithm Certificate Tests *----------------------------------------------------------------------------*/ #define LARGE_TEMP_SZ 4096 /* To better understand this, please see the X9.146 example in wolfssl-examples * repo. */ static int do_dual_alg_root_certgen(byte **out, char *caKeyFile, char *sapkiFile, char *altPrivFile) { EXPECT_DECLS; FILE* file = NULL; Cert newCert; DecodedCert preTBS; byte caKeyBuf[LARGE_TEMP_SZ]; word32 caKeySz = LARGE_TEMP_SZ; byte sapkiBuf[LARGE_TEMP_SZ]; word32 sapkiSz = LARGE_TEMP_SZ; byte altPrivBuf[LARGE_TEMP_SZ]; word32 altPrivSz = LARGE_TEMP_SZ; byte altSigAlgBuf[LARGE_TEMP_SZ]; word32 altSigAlgSz = LARGE_TEMP_SZ; byte scratchBuf[LARGE_TEMP_SZ]; word32 scratchSz = LARGE_TEMP_SZ; byte preTbsBuf[LARGE_TEMP_SZ]; word32 preTbsSz = LARGE_TEMP_SZ; byte altSigValBuf[LARGE_TEMP_SZ]; word32 altSigValSz = LARGE_TEMP_SZ; byte *outBuf = NULL; word32 outSz = LARGE_TEMP_SZ; WC_RNG rng; RsaKey caKey; ecc_key altCaKey; word32 idx = 0; ExpectNotNull(outBuf = (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER)); ExpectIntEQ(wc_InitRng(&rng), 0); XMEMSET(caKeyBuf, 0, caKeySz); ExpectNotNull(file = fopen(caKeyFile, "rb")); ExpectIntGT(caKeySz = (word32)fread(caKeyBuf, 1, caKeySz, file), 0); if (file) { fclose(file); file = NULL; } ExpectIntEQ(wc_InitRsaKey_ex(&caKey, NULL, INVALID_DEVID), 0); idx = 0; ExpectIntEQ(wc_RsaPrivateKeyDecode(caKeyBuf, &idx, &caKey, caKeySz), 0); XMEMSET(sapkiBuf, 0, sapkiSz); ExpectNotNull(file = fopen(sapkiFile, "rb")); ExpectIntGT(sapkiSz = (word32)fread(sapkiBuf, 1, sapkiSz, file), 0); if (file) { fclose(file); file = NULL; } XMEMSET(altPrivBuf, 0, altPrivSz); ExpectNotNull(file = fopen(altPrivFile, "rb")); ExpectIntGT(altPrivSz = (word32)fread(altPrivBuf, 1, altPrivSz, file), 0); if (file) { fclose(file); file = NULL; } wc_ecc_init(&altCaKey); idx = 0; ExpectIntEQ(wc_EccPrivateKeyDecode(altPrivBuf, &idx, &altCaKey, (word32)altPrivSz), 0); XMEMSET(altSigAlgBuf, 0, altSigAlgSz); ExpectIntGT(altSigAlgSz = SetAlgoID(CTC_SHA256wECDSA, altSigAlgBuf, oidSigType, 0), 0); wc_InitCert(&newCert); strncpy(newCert.subject.country, "US", CTC_NAME_SIZE); strncpy(newCert.subject.state, "MT", CTC_NAME_SIZE); strncpy(newCert.subject.locality, "Bozeman", CTC_NAME_SIZE); strncpy(newCert.subject.org, "wolfSSL", CTC_NAME_SIZE); strncpy(newCert.subject.unit, "Engineering", CTC_NAME_SIZE); strncpy(newCert.subject.commonName, "www.wolfssl.com", CTC_NAME_SIZE); strncpy(newCert.subject.email, "root@wolfssl.com", CTC_NAME_SIZE); newCert.sigType = CTC_SHA256wRSA; newCert.isCA = 1; ExpectIntEQ(wc_SetCustomExtension(&newCert, 0, "1.2.3.4.5", (const byte *)"This is NOT a critical extension", 32), 0); ExpectIntEQ(wc_SetCustomExtension(&newCert, 0, "2.5.29.72", sapkiBuf, sapkiSz), 0); ExpectIntEQ(wc_SetCustomExtension(&newCert, 0, "2.5.29.73", altSigAlgBuf, altSigAlgSz), 0); XMEMSET(scratchBuf, 0, scratchSz); ExpectIntGT(scratchSz = wc_MakeSelfCert(&newCert, scratchBuf, scratchSz, &caKey, &rng), 0); wc_InitDecodedCert(&preTBS, scratchBuf, scratchSz, 0); ExpectIntEQ(wc_ParseCert(&preTBS, CERT_TYPE, NO_VERIFY, NULL), 0); XMEMSET(preTbsBuf, 0, preTbsSz); ExpectIntGT(preTbsSz = wc_GeneratePreTBS(&preTBS, preTbsBuf, preTbsSz), 0); XMEMSET(altSigValBuf, 0, altSigValSz); ExpectIntGT(altSigValSz = wc_MakeSigWithBitStr(altSigValBuf, altSigValSz, CTC_SHA256wECDSA, preTbsBuf, preTbsSz, ECC_TYPE, &altCaKey, &rng), 0); ExpectIntEQ(wc_SetCustomExtension(&newCert, 0, "2.5.29.74", altSigValBuf, altSigValSz), 0); /* Finally, generate the new certificate. */ XMEMSET(outBuf, 0, outSz); ExpectIntGT(outSz = wc_MakeSelfCert(&newCert, outBuf, outSz, &caKey, &rng), 0); *out = outBuf; wc_FreeRsaKey(&caKey); wc_FreeRng(&rng); wc_FreeDecodedCert(&preTBS); return outSz; } static int do_dual_alg_server_certgen(byte **out, char *caKeyFile, char *sapkiFile, char *altPrivFile, char *serverKeyFile, byte *caCertBuf, int caCertSz) { EXPECT_DECLS; FILE* file = NULL; Cert newCert; DecodedCert preTBS; byte serverKeyBuf[LARGE_TEMP_SZ]; word32 serverKeySz = LARGE_TEMP_SZ; byte caKeyBuf[LARGE_TEMP_SZ]; word32 caKeySz = LARGE_TEMP_SZ; byte sapkiBuf[LARGE_TEMP_SZ]; word32 sapkiSz = LARGE_TEMP_SZ; byte altPrivBuf[LARGE_TEMP_SZ]; word32 altPrivSz = LARGE_TEMP_SZ; byte altSigAlgBuf[LARGE_TEMP_SZ]; word32 altSigAlgSz = LARGE_TEMP_SZ; byte scratchBuf[LARGE_TEMP_SZ]; word32 scratchSz = LARGE_TEMP_SZ; byte preTbsBuf[LARGE_TEMP_SZ]; word32 preTbsSz = LARGE_TEMP_SZ; byte altSigValBuf[LARGE_TEMP_SZ]; word32 altSigValSz = LARGE_TEMP_SZ; byte *outBuf = NULL; word32 outSz = LARGE_TEMP_SZ; WC_RNG rng; RsaKey caKey; RsaKey serverKey; ecc_key altCaKey; word32 idx = 0; ExpectNotNull(outBuf = (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER)); ExpectIntEQ(wc_InitRng(&rng), 0); XMEMSET(serverKeyBuf, 0, serverKeySz); ExpectNotNull(file = fopen(serverKeyFile, "rb")); ExpectIntGT(serverKeySz = (word32)fread(serverKeyBuf, 1, serverKeySz, file), 0); if (file) { fclose(file); file = NULL; } ExpectIntEQ(wc_InitRsaKey_ex(&serverKey, NULL, INVALID_DEVID), 0); idx = 0; ExpectIntEQ(wc_RsaPrivateKeyDecode(serverKeyBuf, &idx, &serverKey, (word32)serverKeySz), 0); XMEMSET(caKeyBuf, 0, caKeySz); ExpectNotNull(file = fopen(caKeyFile, "rb")); ExpectIntGT(caKeySz = (word32)fread(caKeyBuf, 1, caKeySz, file), 0); if (file) { fclose(file); file = NULL; } ExpectIntEQ(wc_InitRsaKey_ex(&caKey, NULL, INVALID_DEVID), 0); idx = 0; ExpectIntEQ(wc_RsaPrivateKeyDecode(caKeyBuf, &idx, &caKey, (word32)caKeySz), 0); XMEMSET(sapkiBuf, 0, sapkiSz); ExpectNotNull(file = fopen(sapkiFile, "rb")); ExpectIntGT(sapkiSz = (word32)fread(sapkiBuf, 1, sapkiSz, file), 0); if (file) { fclose(file); file = NULL; } XMEMSET(altPrivBuf, 0, altPrivSz); ExpectNotNull(file = fopen(altPrivFile, "rb")); ExpectIntGT(altPrivSz = (word32)fread(altPrivBuf, 1, altPrivSz, file), 0); if (file) { fclose(file); file = NULL; } wc_ecc_init(&altCaKey); idx = 0; ExpectIntEQ(wc_EccPrivateKeyDecode(altPrivBuf, &idx, &altCaKey, (word32)altPrivSz), 0); XMEMSET(altSigAlgBuf, 0, altSigAlgSz); ExpectIntGT(altSigAlgSz = SetAlgoID(CTC_SHA256wECDSA, altSigAlgBuf, oidSigType, 0), 0); wc_InitCert(&newCert); strncpy(newCert.subject.country, "US", CTC_NAME_SIZE); strncpy(newCert.subject.state, "MT", CTC_NAME_SIZE); strncpy(newCert.subject.locality, "Bozeman", CTC_NAME_SIZE); strncpy(newCert.subject.org, "wolfSSL", CTC_NAME_SIZE); strncpy(newCert.subject.unit, "Engineering", CTC_NAME_SIZE); strncpy(newCert.subject.commonName, "www.wolfssl.com", CTC_NAME_SIZE); strncpy(newCert.subject.email, "server@wolfssl.com", CTC_NAME_SIZE); newCert.sigType = CTC_SHA256wRSA; newCert.isCA = 0; ExpectIntEQ(wc_SetIssuerBuffer(&newCert, caCertBuf, caCertSz), 0); ExpectIntEQ(wc_SetCustomExtension(&newCert, 0, "1.2.3.4.5", (const byte *)"This is NOT a critical extension", 32), 0); ExpectIntEQ(wc_SetCustomExtension(&newCert, 0, "2.5.29.72", sapkiBuf, sapkiSz), 0); ExpectIntEQ(wc_SetCustomExtension(&newCert, 0, "2.5.29.73", altSigAlgBuf, altSigAlgSz), 0); XMEMSET(scratchBuf, 0, scratchSz); ExpectIntGT(wc_MakeCert(&newCert, scratchBuf, scratchSz, &serverKey, NULL, &rng), 0); ExpectIntGT(scratchSz = wc_SignCert(newCert.bodySz, newCert.sigType, scratchBuf, scratchSz, &caKey, NULL, &rng), 0); wc_InitDecodedCert(&preTBS, scratchBuf, scratchSz, 0); ExpectIntEQ(wc_ParseCert(&preTBS, CERT_TYPE, NO_VERIFY, NULL), 0); XMEMSET(preTbsBuf, 0, preTbsSz); ExpectIntGT(preTbsSz = wc_GeneratePreTBS(&preTBS, preTbsBuf, preTbsSz), 0); XMEMSET(altSigValBuf, 0, altSigValSz); ExpectIntGT(altSigValSz = wc_MakeSigWithBitStr(altSigValBuf, altSigValSz, CTC_SHA256wECDSA, preTbsBuf, preTbsSz, ECC_TYPE, &altCaKey, &rng), 0); ExpectIntEQ(wc_SetCustomExtension(&newCert, 0, "2.5.29.74", altSigValBuf, altSigValSz), 0); /* Finally, generate the new certificate. */ XMEMSET(outBuf, 0, outSz); ExpectIntGT(wc_MakeCert(&newCert, outBuf, outSz, &serverKey, NULL, &rng), 0); ExpectIntGT(outSz = wc_SignCert(newCert.bodySz, newCert.sigType, outBuf, outSz, &caKey, NULL, &rng), 0); *out = outBuf; wc_FreeRsaKey(&caKey); wc_FreeRsaKey(&serverKey); wc_FreeRng(&rng); wc_FreeDecodedCert(&preTBS); return outSz; } static int do_dual_alg_tls13_connection(byte *caCert, word32 caCertSz, byte *serverCert, word32 serverCertSz, byte *serverKey, word32 serverKeySz, int negative_test) { EXPECT_DECLS; WOLFSSL_CTX *ctx_c = NULL; WOLFSSL_CTX *ctx_s = NULL; WOLFSSL *ssl_c = NULL; WOLFSSL *ssl_s = NULL; struct test_memio_ctx test_ctx; XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ(test_memio_setup_ex(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, caCert, caCertSz, serverCert, serverCertSz, serverKey, serverKeySz), 0); if (negative_test) { ExpectTrue(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0); } else { ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0); } wolfSSL_free(ssl_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_c); wolfSSL_CTX_free(ctx_s); return EXPECT_RESULT(); } static int extCount = 0; static int myUnknownExtCallback(const word16* oid, word32 oidSz, int crit, const unsigned char* der, word32 derSz) { (void) oid; (void) oidSz; (void) crit; (void) der; (void) derSz; extCount ++; /* Accept all extensions. This is only a test. Normally we would be much more * careful about critical extensions. */ return 1; } static int test_dual_alg_support(void) { EXPECT_DECLS; /* Root CA and server keys will be the same. This is only appropriate for * testing. */ char keyFile[] = "./certs/ca-key.der"; char sapkiFile[] = "./certs/ecc-keyPub.der"; char altPrivFile[] = "./certs/ecc-key.der"; char wrongPrivFile[] = "./certs/ecc-client-key.der"; byte *serverKey = NULL; size_t serverKeySz = 0; byte *root = NULL; int rootSz = 0; byte *server = NULL; int serverSz = 0; WOLFSSL_CERT_MANAGER* cm = NULL; ExpectIntEQ(load_file(keyFile, &serverKey, &serverKeySz), 0); /* Base normal case. */ rootSz = do_dual_alg_root_certgen(&root, keyFile, sapkiFile, altPrivFile); ExpectNotNull(root); ExpectIntGT(rootSz, 0); serverSz = do_dual_alg_server_certgen(&server, keyFile, sapkiFile, altPrivFile, keyFile, root, rootSz); ExpectNotNull(server); ExpectIntGT(serverSz, 0); ExpectIntEQ(do_dual_alg_tls13_connection(root, rootSz, server, serverSz, serverKey, (word32)serverKeySz, 0), TEST_SUCCESS); XFREE(root, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(server, NULL, DYNAMIC_TYPE_TMP_BUFFER); /* Now we try a negative case. Note that we use wrongPrivFile to generate * the alternative signature and then set negative_test to true for the * call to do_dual_alg_tls13_connection(). Its expecting a failed connection * because the signature won't verify. The exception is if * WOLFSSL_TRUST_PEER_CERT is defined. In that case, no verfication happens * and this is no longer a negative test. */ rootSz = do_dual_alg_root_certgen(&root, keyFile, sapkiFile, wrongPrivFile); ExpectNotNull(root); ExpectIntGT(rootSz, 0); serverSz = do_dual_alg_server_certgen(&server, keyFile, sapkiFile, wrongPrivFile, keyFile, root, rootSz); ExpectNotNull(server); ExpectIntGT(serverSz, 0); #ifdef WOLFSSL_TRUST_PEER_CERT ExpectIntEQ(do_dual_alg_tls13_connection(root, rootSz, server, serverSz, serverKey, (word32)serverKeySz, 0), TEST_SUCCESS); #else ExpectIntEQ(do_dual_alg_tls13_connection(root, rootSz, server, serverSz, serverKey, (word32)serverKeySz, 1), TEST_SUCCESS); #endif /* Lets see if CertManager can find the new extensions */ extCount = 0; ExpectNotNull(cm = wolfSSL_CertManagerNew()); wolfSSL_CertManagerSetUnknownExtCallback(cm, myUnknownExtCallback); ExpectIntEQ(wolfSSL_CertManagerLoadCABuffer(cm, root, rootSz, SSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, server, serverSz, SSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); /* There is only 1 unknown exension (1.2.3.4.5). The other ones are known * because they are for the dual alg extensions. */ ExpectIntEQ(extCount, 1); wolfSSL_CertManagerFree(cm); XFREE(root, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(server, NULL, DYNAMIC_TYPE_TMP_BUFFER); free(serverKey); return EXPECT_RESULT(); } #else static int test_dual_alg_support(void) { return TEST_SKIPPED; } #endif /* WOLFSSL_DUAL_ALG_CERTS && !NO_FILESYSTEM */ /*----------------------------------------------------------------------------* | Context *----------------------------------------------------------------------------*/ #ifndef NO_WOLFSSL_SERVER static int test_wolfSSL_CTX_new(void) { EXPECT_DECLS; WOLFSSL_CTX *ctx; WOLFSSL_METHOD* method; ExpectNull(ctx = wolfSSL_CTX_new(NULL)); ExpectNotNull(method = wolfSSLv23_server_method()); ExpectNotNull(ctx = wolfSSL_CTX_new(method)); wolfSSL_CTX_free(ctx); return EXPECT_RESULT(); } #endif #if (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \ (!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(NO_FILESYSTEM) static int test_for_double_Free(void) { EXPECT_DECLS; WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; int skipTest = 0; const char* testCertFile; const char* testKeyFile; char optionsCiphers[] = "RC4-SHA:RC4-MD5:DES-CBC3-SHA:AES128-SHA:AES256-SHA" ":NULL-SHA:NULL-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-PSK-AES256-GCM" "-SHA384:DHE-PSK-AES128-GCM-SHA256:PSK-AES256-GCM-SHA384:PSK-AES128-GCM-SHA256:" "DHE-PSK-AES256-CBC-SHA384:DHE-PSK-AES128-CBC-SHA256:PSK-AES256-CBC-SHA384:PSK-" "AES128-CBC-SHA256:PSK-AES128-CBC-SHA:PSK-AES256-CBC-SHA:DHE-PSK-AES128-CCM:DHE" "-PSK-AES256-CCM:PSK-AES128-CCM:PSK-AES256-CCM:PSK-AES128-CCM-8:PSK-AES256-CCM-" "8:DHE-PSK-NULL-SHA384:DHE-PSK-NULL-SHA256:PSK-NULL-SHA384:PSK-NULL-SHA256:PSK-" "NULL-SHA:AES128-CCM-8:AES256-CCM-8:ECDHE-ECDSA-" "AES128-CCM:ECDHE-ECDSA-AES128-CCM-8:ECDHE-ECDSA-AES256-CCM-8:ECDHE-RSA-AES128-" "SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-R" "SA-RC4-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-ECDSA-DES-CBC3-SHA" ":AES128-SHA256:AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:ECDH-" "RSA-AES128-SHA:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES128-SHA:ECDH-ECDSA-AES256-SHA" ":ECDH-RSA-RC4-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-RC4-SHA:ECDH-ECDSA-DES-CBC3" "-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES" "256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-E" "CDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES128-GCM-SHA25" "6:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-ECDSA-AES256-GC" "M-SHA384:CAMELLIA128-SHA:DHE-RSA-CAMELLIA128-SHA:CAMELLIA256-SHA:DHE-RSA-CAMEL" "LIA256-SHA:CAMELLIA128-SHA256:DHE-RSA-CAMELLIA128-SHA256:CAMELLIA256-SHA256:DH" "E-RSA-CAMELLIA256-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECD" "H-RSA-AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-ECD" "SA-AES256-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:ECDHE-RSA-CHA" "CHA20-POLY1305:ECDHE-ECDSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-R" "SA-CHACHA20-POLY1305-OLD:ECDHE-ECDSA-CHACHA20-POLY1305-OLD:DHE-RSA-CHACHA20-PO" "LY1305-OLD:ECDHE-ECDSA-NULL-SHA:ECDHE-PSK-NULL-SHA256:ECDHE-PSK-A" "ES128-CBC-SHA256:PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305:DHE-PSK-CHA" "CHA20-POLY1305:EDH-RSA-DES-CBC3-SHA:TLS13-AES128-GCM-SHA256:TLS13-AES256-GCM-S" "HA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES128-CCM-SHA256:TLS13-AES128-CCM-" "8-SHA256:TLS13-SHA256-SHA256:TLS13-SHA384-SHA384"; /* OpenVPN uses a "blacklist" method to specify which ciphers NOT to use */ #ifdef OPENSSL_EXTRA char openvpnCiphers[] = "DEFAULT:!EXP:!LOW:!MEDIUM:!kDH:!kECDH:!DSS:!PSK:" "!SRP:!kRSA:!aNULL:!eNULL"; #endif #ifndef NO_RSA testCertFile = svrCertFile; testKeyFile = svrKeyFile; #elif defined(HAVE_ECC) testCertFile = eccCertFile; testKeyFile = eccKeyFile; #else skipTest = 1; #endif if (skipTest != 1) { #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); #endif ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, testCertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, testKeyFile, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(ssl = wolfSSL_new(ctx)); /* First test freeing SSL, then CTX */ wolfSSL_free(ssl); ssl = NULL; wolfSSL_CTX_free(ctx); ctx = NULL; #ifndef NO_WOLFSSL_CLIENT ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); #endif ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, testCertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, testKeyFile, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(ssl = wolfSSL_new(ctx)); /* Next test freeing CTX then SSL */ wolfSSL_CTX_free(ctx); ctx = NULL; wolfSSL_free(ssl); ssl = NULL; #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); #endif /* Test setting ciphers at ctx level */ ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, testCertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, testKeyFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(wolfSSL_CTX_set_cipher_list(ctx, optionsCiphers)); #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_TLS13) && defined(HAVE_AESGCM) && \ defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256) /* only update TLSv13 suites */ ExpectTrue(wolfSSL_CTX_set_cipher_list(ctx, "TLS13-AES256-GCM-SHA384")); #endif #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && defined(HAVE_AESGCM) && \ !defined(NO_SHA256) && !defined(WOLFSSL_NO_TLS12) && \ defined(WOLFSSL_AES_128) && !defined(NO_RSA) /* only update pre-TLSv13 suites */ ExpectTrue(wolfSSL_CTX_set_cipher_list(ctx, "ECDHE-RSA-AES128-GCM-SHA256")); #endif #ifdef OPENSSL_EXTRA ExpectTrue(wolfSSL_CTX_set_cipher_list(ctx, openvpnCiphers)); #endif ExpectNotNull(ssl = wolfSSL_new(ctx)); wolfSSL_CTX_free(ctx); ctx = NULL; wolfSSL_free(ssl); ssl = NULL; #ifndef NO_WOLFSSL_CLIENT ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); #endif ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, testCertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, testKeyFile, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(ssl = wolfSSL_new(ctx)); /* test setting ciphers at SSL level */ ExpectTrue(wolfSSL_set_cipher_list(ssl, optionsCiphers)); #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_TLS13) && defined(HAVE_AESGCM) && \ defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256) /* only update TLSv13 suites */ ExpectTrue(wolfSSL_set_cipher_list(ssl, "TLS13-AES256-GCM-SHA384")); #endif #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && defined(HAVE_AESGCM) && \ !defined(NO_SHA256) && !defined(WOLFSSL_NO_TLS12) && \ defined(WOLFSSL_AES_128) && !defined(NO_RSA) /* only update pre-TLSv13 suites */ ExpectTrue(wolfSSL_set_cipher_list(ssl, "ECDHE-RSA-AES128-GCM-SHA256")); #endif wolfSSL_CTX_free(ctx); ctx = NULL; wolfSSL_free(ssl); ssl = NULL; } return EXPECT_RESULT(); } #endif static int test_wolfSSL_CTX_set_cipher_list_bytes(void) { EXPECT_DECLS; #if (defined(OPENSSL_EXTRA) || defined(WOLFSSL_SET_CIPHER_BYTES)) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \ (!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(NO_FILESYSTEM) const char* testCertFile; const char* testKeyFile; WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; const byte cipherList[] = { /* TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA */ 0xC0, 0x16, /* TLS_DHE_RSA_WITH_AES_256_CBC_SHA */ 0xC0, 0x39, /* TLS_DHE_RSA_WITH_AES_128_CBC_SHA */ 0xC0, 0x33, /* TLS_DH_anon_WITH_AES_128_CBC_SHA */ 0xC0, 0x34, /* TLS_RSA_WITH_AES_256_CBC_SHA */ 0xC0, 0x35, /* TLS_RSA_WITH_AES_128_CBC_SHA */ 0xC0, 0x2F, /* TLS_RSA_WITH_NULL_MD5 */ 0xC0, 0x01, /* TLS_RSA_WITH_NULL_SHA */ 0xC0, 0x02, /* TLS_PSK_WITH_AES_256_CBC_SHA */ 0xC0, 0x8d, /* TLS_PSK_WITH_AES_128_CBC_SHA256 */ 0xC0, 0xae, /* TLS_PSK_WITH_AES_256_CBC_SHA384 */ 0xC0, 0xaf, /* TLS_PSK_WITH_AES_128_CBC_SHA */ 0xC0, 0x8c, /* TLS_PSK_WITH_NULL_SHA256 */ 0xC0, 0xb0, /* TLS_PSK_WITH_NULL_SHA384 */ 0xC0, 0xb1, /* TLS_PSK_WITH_NULL_SHA */ 0xC0, 0x2c, /* SSL_RSA_WITH_RC4_128_SHA */ 0xC0, 0x05, /* SSL_RSA_WITH_RC4_128_MD5 */ 0xC0, 0x04, /* SSL_RSA_WITH_3DES_EDE_CBC_SHA */ 0xC0, 0x0A, /* ECC suites, first byte is 0xC0 (ECC_BYTE) */ /* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA */ 0xC0, 0x14, /* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA */ 0xC0, 0x13, /* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA */ 0xC0, 0x0A, /* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA */ 0xC0, 0x09, /* TLS_ECDHE_RSA_WITH_RC4_128_SHA */ 0xC0, 0x11, /* TLS_ECDHE_ECDSA_WITH_RC4_128_SHA */ 0xC0, 0x07, /* TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA */ 0xC0, 0x12, /* TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA */ 0xC0, 0x08, /* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 */ 0xC0, 0x27, /* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256*/ 0xC0, 0x23, /* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 */ 0xC0, 0x28, /* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384*/ 0xC0, 0x24, /* TLS_ECDHE_ECDSA_WITH_NULL_SHA */ 0xC0, 0x06, /* TLS_ECDHE_PSK_WITH_NULL_SHA256 */ 0xC0, 0x3a, /* TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 */ 0xC0, 0x37, /* static ECDH, first byte is 0xC0 (ECC_BYTE) */ /* TLS_ECDH_RSA_WITH_AES_256_CBC_SHA */ 0xC0, 0x0F, /* TLS_ECDH_RSA_WITH_AES_128_CBC_SHA */ 0xC0, 0x0E, /* TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA */ 0xC0, 0x05, /* TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA */ 0xC0, 0x04, /* TLS_ECDH_RSA_WITH_RC4_128_SHA */ 0xC0, 0x0C, /* TLS_ECDH_ECDSA_WITH_RC4_128_SHA */ 0xC0, 0x02, /* TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA */ 0xC0, 0x0D, /* TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA */ 0xC0, 0x03, /* TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 */ 0xC0, 0x29, /* TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 */ 0xC0, 0x25, /* TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 */ 0xC0, 0x2A, /* TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 */ 0xC0, 0x26, /* WDM_WITH_NULL_SHA256 */ 0x00, 0xFE, /* wolfSSL DTLS Multicast */ /* SHA256 */ /* TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 */ 0x00, 0x6b, /* TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 */ 0x00, 0x67, /* TLS_RSA_WITH_AES_256_CBC_SHA256 */ 0x00, 0x3d, /* TLS_RSA_WITH_AES_128_CBC_SHA256 */ 0x00, 0x3c, /* TLS_RSA_WITH_NULL_SHA256 */ 0x00, 0x3b, /* TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 */ 0x00, 0xb2, /* TLS_DHE_PSK_WITH_NULL_SHA256 */ 0x00, 0xb4, /* SHA384 */ /* TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 */ 0x00, 0xb3, /* TLS_DHE_PSK_WITH_NULL_SHA384 */ 0x00, 0xb5, /* AES-GCM */ /* TLS_RSA_WITH_AES_128_GCM_SHA256 */ 0x00, 0x9c, /* TLS_RSA_WITH_AES_256_GCM_SHA384 */ 0x00, 0x9d, /* TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 */ 0x00, 0x9e, /* TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 */ 0x00, 0x9f, /* TLS_DH_anon_WITH_AES_256_GCM_SHA384 */ 0x00, 0xa7, /* TLS_PSK_WITH_AES_128_GCM_SHA256 */ 0x00, 0xa8, /* TLS_PSK_WITH_AES_256_GCM_SHA384 */ 0x00, 0xa9, /* TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 */ 0x00, 0xaa, /* TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 */ 0x00, 0xab, /* ECC AES-GCM, first byte is 0xC0 (ECC_BYTE) */ /* TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 */ 0xC0, 0x2b, /* TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 */ 0xC0, 0x2c, /* TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 */ 0xC0, 0x2d, /* TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 */ 0xC0, 0x2e, /* TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 */ 0xC0, 0x2f, /* TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 */ 0xC0, 0x30, /* TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 */ 0xC0, 0x31, /* TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 */ 0xC0, 0x32, /* AES-CCM, first byte is 0xC0 but isn't ECC, * also, in some of the other AES-CCM suites * there will be second byte number conflicts * with non-ECC AES-GCM */ /* TLS_RSA_WITH_AES_128_CCM_8 */ 0xC0, 0xa0, /* TLS_RSA_WITH_AES_256_CCM_8 */ 0xC0, 0xa1, /* TLS_ECDHE_ECDSA_WITH_AES_128_CCM */ 0xC0, 0xac, /* TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 */ 0xC0, 0xae, /* TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 */ 0xC0, 0xaf, /* TLS_PSK_WITH_AES_128_CCM */ 0xC0, 0xa4, /* TLS_PSK_WITH_AES_256_CCM */ 0xC0, 0xa5, /* TLS_PSK_WITH_AES_128_CCM_8 */ 0xC0, 0xa8, /* TLS_PSK_WITH_AES_256_CCM_8 */ 0xC0, 0xa9, /* TLS_DHE_PSK_WITH_AES_128_CCM */ 0xC0, 0xa6, /* TLS_DHE_PSK_WITH_AES_256_CCM */ 0xC0, 0xa7, /* Camellia */ /* TLS_RSA_WITH_CAMELLIA_128_CBC_SHA */ 0x00, 0x41, /* TLS_RSA_WITH_CAMELLIA_256_CBC_SHA */ 0x00, 0x84, /* TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 */ 0x00, 0xba, /* TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 */ 0x00, 0xc0, /* TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA */ 0x00, 0x45, /* TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA */ 0x00, 0x88, /* TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 */ 0x00, 0xbe, /* TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 */ 0x00, 0xc4, /* chacha20-poly1305 suites first byte is 0xCC (CHACHA_BYTE) */ /* TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 */ 0xCC, 0xa8, /* TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 */ 0xCC, 0xa9, /* TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 */ 0xCC, 0xaa, /* TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 */ 0xCC, 0xac, /* TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 */ 0xCC, 0xab, /* TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 */ 0xCC, 0xad, /* chacha20-poly1305 earlier version of nonce and padding (CHACHA_BYTE) */ /* TLS_ECDHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256 */ 0xCC, 0x13, /* TLS_ECDHE_ECDSA_WITH_CHACHA20_OLD_POLY1305_SHA256 */ 0xCC, 0x14, /* TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256 */ 0xCC, 0x15, /* ECDHE_PSK RFC8442, first byte is 0xD0 (ECDHE_PSK_BYTE) */ /* TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 */ 0xD0, 0x01, /* TLS v1.3 cipher suites */ /* TLS_AES_128_GCM_SHA256 */ 0x13, 0x01, /* TLS_AES_256_GCM_SHA384 */ 0x13, 0x02, /* TLS_CHACHA20_POLY1305_SHA256 */ 0x13, 0x03, /* TLS_AES_128_CCM_SHA256 */ 0x13, 0x04, /* TLS_AES_128_CCM_8_SHA256 */ 0x13, 0x05, /* TLS v1.3 Integrity only cipher suites - 0xC0 (ECC) first byte */ /* TLS_SHA256_SHA256 */ 0xC0, 0xB4, /* TLS_SHA384_SHA384 */ 0xC0, 0xB5 }; #ifndef NO_RSA testCertFile = svrCertFile; testKeyFile = svrKeyFile; #elif defined(HAVE_ECC) testCertFile = eccCertFile; testKeyFile = eccKeyFile; #endif #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); #endif ExpectTrue(wolfSSL_CTX_set_cipher_list_bytes(ctx, &cipherList[0U], sizeof(cipherList))); wolfSSL_CTX_free(ctx); ctx = NULL; #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); #endif ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, testCertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, testKeyFile, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(ssl = wolfSSL_new(ctx)); ExpectTrue(wolfSSL_set_cipher_list_bytes(ssl, &cipherList[0U], sizeof(cipherList))); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); #endif /* (OPENSSL_EXTRA || WOLFSSL_SET_CIPHER_BYTES) && (!NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER) && (!NO_RSA || HAVE_ECC) */ return EXPECT_RESULT(); } static int test_wolfSSL_CTX_use_certificate_file(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER) WOLFSSL_CTX *ctx = NULL; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); /* invalid context */ ExpectFalse(wolfSSL_CTX_use_certificate_file(NULL, svrCertFile, WOLFSSL_FILETYPE_PEM)); /* invalid cert file */ ExpectFalse(wolfSSL_CTX_use_certificate_file(ctx, bogusFile, WOLFSSL_FILETYPE_PEM)); /* invalid cert type */ ExpectFalse(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, 9999)); #ifdef NO_RSA /* rsa needed */ ExpectFalse(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM)); #else /* success */ ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM)); #endif wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } #if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)) && !defined(NO_RSA) static int test_wolfSSL_CTX_use_certificate_ASN1(void) { EXPECT_DECLS; #if !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER) && !defined(NO_ASN) WOLFSSL_CTX* ctx = NULL; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); ExpectIntEQ(SSL_CTX_use_certificate_ASN1(ctx, sizeof_server_cert_der_2048, server_cert_der_2048), WOLFSSL_SUCCESS); wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } #endif /* (OPENSSL_ALL || WOLFSSL_ASIO) && !NO_RSA */ /* Test function for wolfSSL_CTX_use_certificate_buffer. Load cert into * context using buffer. * PRE: NO_CERTS not defined; USE_CERT_BUFFERS_2048 defined; compile with * --enable-testcert flag. */ static int test_wolfSSL_CTX_use_certificate_buffer(void) { EXPECT_DECLS; #if !defined(NO_CERTS) && defined(USE_CERT_BUFFERS_2048) && \ !defined(NO_RSA) && !defined(NO_WOLFSSL_SERVER) WOLFSSL_CTX* ctx = NULL; int ret; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); ExpectIntEQ(ret = wolfSSL_CTX_use_certificate_buffer(ctx, server_cert_der_2048, sizeof_server_cert_der_2048, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } /* END test_wolfSSL_CTX_use_certificate_buffer */ static int test_wolfSSL_CTX_use_PrivateKey_file(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER) WOLFSSL_CTX *ctx = NULL; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); /* invalid context */ ExpectFalse(wolfSSL_CTX_use_PrivateKey_file(NULL, svrKeyFile, WOLFSSL_FILETYPE_PEM)); /* invalid key file */ ExpectFalse(wolfSSL_CTX_use_PrivateKey_file(ctx, bogusFile, WOLFSSL_FILETYPE_PEM)); /* invalid key type */ ExpectFalse(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, 9999)); /* success */ #ifdef NO_RSA /* rsa needed */ ExpectFalse(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM)); #else /* success */ ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM)); #endif wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } /* test both file and buffer versions along with unloading trusted peer certs */ static int test_wolfSSL_CTX_trust_peer_cert(void) { EXPECT_DECLS; #if !defined(NO_CERTS) && defined(WOLFSSL_TRUST_PEER_CERT) && \ !defined(NO_WOLFSSL_CLIENT) && !defined(NO_RSA) WOLFSSL_CTX *ctx = NULL; WOLFSSL* ssl = NULL; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); ExpectNotNull(ssl = wolfSSL_new(ctx)); #if !defined(NO_FILESYSTEM) /* invalid file */ ExpectIntNE(wolfSSL_CTX_trust_peer_cert(ctx, NULL, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); ExpectIntNE(wolfSSL_CTX_trust_peer_cert(ctx, bogusFile, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); ExpectIntNE(wolfSSL_CTX_trust_peer_cert(ctx, cliCertFile, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); /* success */ ExpectIntEQ(wolfSSL_CTX_trust_peer_cert(ctx, cliCertFile, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); /* unload cert */ ExpectIntNE(wolfSSL_CTX_Unload_trust_peers(NULL), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_Unload_trust_peers(ctx), WOLFSSL_SUCCESS); /* invalid file */ ExpectIntNE(wolfSSL_trust_peer_cert(ssl, NULL, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); ExpectIntNE(wolfSSL_trust_peer_cert(ssl, bogusFile, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); ExpectIntNE(wolfSSL_trust_peer_cert(ssl, cliCertFile, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); /* success */ ExpectIntEQ(wolfSSL_trust_peer_cert(ssl, cliCertFile, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); #ifdef WOLFSSL_LOCAL_X509_STORE /* unload cert */ ExpectIntNE(wolfSSL_Unload_trust_peers(NULL), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_Unload_trust_peers(ssl), WOLFSSL_SUCCESS); #endif #endif /* Test of loading certs from buffers */ /* invalid buffer */ ExpectIntNE(wolfSSL_CTX_trust_peer_buffer(ctx, NULL, -1, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); /* success */ #ifdef USE_CERT_BUFFERS_1024 ExpectIntEQ(wolfSSL_CTX_trust_peer_buffer(ctx, client_cert_der_1024, sizeof_client_cert_der_1024, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); #endif #ifdef USE_CERT_BUFFERS_2048 ExpectIntEQ(wolfSSL_CTX_trust_peer_buffer(ctx, client_cert_der_2048, sizeof_client_cert_der_2048, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); #endif /* unload cert */ ExpectIntNE(wolfSSL_CTX_Unload_trust_peers(NULL), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_Unload_trust_peers(ctx), WOLFSSL_SUCCESS); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfSSL_CTX_load_verify_locations(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_CLIENT) WOLFSSL_CTX *ctx = NULL; #ifndef NO_RSA WOLFSSL_CERT_MANAGER* cm = NULL; #ifdef PERSIST_CERT_CACHE int cacheSz = 0; unsigned char* cache = NULL; int used = 0; #ifndef NO_FILESYSTEM const char* cacheFile = "./tests/cert_cache.tmp"; #endif int i; int t; int* p; #endif #endif #if !defined(NO_WOLFSSL_DIR) && !defined(WOLFSSL_TIRTOS) const char* load_certs_path = "./certs/external"; const char* load_no_certs_path = "./examples"; const char* load_expired_path = "./certs/test/expired"; #endif ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); /* invalid arguments */ ExpectIntEQ(wolfSSL_CTX_load_verify_locations(NULL, caCertFile, NULL), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, NULL, NULL), WOLFSSL_FAILURE); /* invalid ca file */ ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, bogusFile, NULL), WS_RETURN_CODE(WOLFSSL_BAD_FILE,WOLFSSL_FAILURE)); #if !defined(NO_WOLFSSL_DIR) && !defined(WOLFSSL_TIRTOS) && \ ((defined(WOLFSSL_QT) || defined(WOLFSSL_IGNORE_BAD_CERT_PATH)) && \ !(WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS & WOLFSSL_LOAD_FLAG_IGNORE_BAD_PATH_ERR)) /* invalid path */ ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, NULL, bogusFile), WS_RETURN_CODE(BAD_PATH_ERROR,WOLFSSL_FAILURE)); #endif #if defined(WOLFSSL_QT) || defined(WOLFSSL_IGNORE_BAD_CERT_PATH) /* test ignoring the invalid path */ ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx, NULL, bogusFile, WOLFSSL_LOAD_FLAG_IGNORE_BAD_PATH_ERR), WOLFSSL_SUCCESS); #endif /* load ca cert */ #ifdef NO_RSA ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, NULL), WS_RETURN_CODE(ASN_UNKNOWN_OID_E,WOLFSSL_FAILURE)); #else /* Skip the following test without RSA certs. */ ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, NULL), WOLFSSL_SUCCESS); #ifdef PERSIST_CERT_CACHE /* Get cert cache size */ ExpectIntGT(cacheSz = wolfSSL_CTX_get_cert_cache_memsize(ctx), 0); ExpectNotNull(cache = (byte*)XMALLOC(cacheSz, NULL, DYNAMIC_TYPE_TMP_BUFFER)); ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(NULL, NULL, -1, NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(ctx, NULL, -1, NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(NULL, cache, -1, NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(NULL, NULL, cacheSz, NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(NULL, NULL, -1, &used), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(NULL, cache, cacheSz, &used), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(ctx, NULL, cacheSz, &used), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(ctx, cache, -1, &used), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(ctx, cache, cacheSz, NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(ctx, cache, cacheSz - 10, &used), BUFFER_E); ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(ctx, cache, cacheSz, &used), 1); ExpectIntEQ(cacheSz, used); ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(NULL, NULL, -1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, NULL, -1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(NULL, cache, -1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(NULL, NULL, cacheSz), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(NULL, cache, cacheSz), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, NULL, cacheSz), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, -1), BAD_FUNC_ARG); /* Smaller than header. */ ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, 1), BUFFER_E); for (i = 1; i < cacheSz; i++) { ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, cacheSz - i), BUFFER_E); } if (EXPECT_SUCCESS()) { /* Modify header for bad results! */ p = (int*)cache; /* version */ t = p[0]; p[0] = 0xff; ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, cacheSz), CACHE_MATCH_ERROR); p[0] = t; p++; /* rows */ t = p[0]; p[0] = 0xff; ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, cacheSz), CACHE_MATCH_ERROR); p[0] = t; p++; /* columns[0] */ t = p[0]; p[0] = -1; ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, cacheSz), PARSE_ERROR); p[0] = t; p += CA_TABLE_SIZE; /* signerSz*/ t = p[0]; p[0] = 0xff; ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, cacheSz), CACHE_MATCH_ERROR); p[0] = t; } ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, cacheSz), 1); ExpectIntEQ(cacheSz = wolfSSL_CTX_get_cert_cache_memsize(ctx), used); #ifndef NO_FILESYSTEM ExpectIntEQ(wolfSSL_CTX_save_cert_cache(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_save_cert_cache(ctx, NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_save_cert_cache(NULL, cacheFile), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_save_cert_cache(ctx, cacheFile), 1); ExpectIntEQ(wolfSSL_CTX_restore_cert_cache(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_restore_cert_cache(ctx, NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_restore_cert_cache(NULL, cacheFile), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_restore_cert_cache(ctx, "no-file"), WOLFSSL_BAD_FILE); ExpectIntEQ(wolfSSL_CTX_restore_cert_cache(ctx, cacheFile), 1); /* File contents is not a cache. */ ExpectIntEQ(wolfSSL_CTX_restore_cert_cache(ctx, "./certs/ca-cert.pem"), CACHE_MATCH_ERROR); #endif XFREE(cache, NULL, DYNAMIC_TYPE_TMP_BUFFER); #endif /* Test unloading CA's */ ExpectIntEQ(wolfSSL_CTX_UnloadCAs(ctx), WOLFSSL_SUCCESS); #ifdef PERSIST_CERT_CACHE /* Verify no certs (result is less than cacheSz) */ ExpectIntGT(cacheSz, wolfSSL_CTX_get_cert_cache_memsize(ctx)); #endif /* load ca cert again */ ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, NULL), WOLFSSL_SUCCESS); /* Test getting CERT_MANAGER */ ExpectNotNull(cm = wolfSSL_CTX_GetCertManager(ctx)); /* Test unloading CA's using CM */ ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS); #ifdef PERSIST_CERT_CACHE /* Verify no certs (result is less than cacheSz) */ ExpectIntGT(cacheSz, wolfSSL_CTX_get_cert_cache_memsize(ctx)); #endif #endif #if !defined(NO_WOLFSSL_DIR) && !defined(WOLFSSL_TIRTOS) /* Test loading CA certificates using a path */ #ifdef NO_RSA /* failure here okay since certs in external directory are RSA */ ExpectIntNE(wolfSSL_CTX_load_verify_locations_ex(ctx, NULL, load_certs_path, WOLFSSL_LOAD_FLAG_PEM_CA_ONLY), WOLFSSL_SUCCESS); #else ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx, NULL, load_certs_path, WOLFSSL_LOAD_FLAG_PEM_CA_ONLY), WOLFSSL_SUCCESS); #endif /* Test loading path with no files */ ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx, NULL, load_no_certs_path, WOLFSSL_LOAD_FLAG_PEM_CA_ONLY), WOLFSSL_FAILURE); /* Test loading expired CA certificates */ #ifdef NO_RSA ExpectIntNE(wolfSSL_CTX_load_verify_locations_ex(ctx, NULL, load_expired_path, WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY | WOLFSSL_LOAD_FLAG_PEM_CA_ONLY), WOLFSSL_SUCCESS); #else ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx, NULL, load_expired_path, WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY | WOLFSSL_LOAD_FLAG_PEM_CA_ONLY), WOLFSSL_SUCCESS); #endif /* Test loading CA certificates and ignoring all errors */ #ifdef NO_RSA ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx, NULL, load_certs_path, WOLFSSL_LOAD_FLAG_IGNORE_ERR), WOLFSSL_FAILURE); #else ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx, NULL, load_certs_path, WOLFSSL_LOAD_FLAG_IGNORE_ERR), WOLFSSL_SUCCESS); #endif #endif wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfSSL_CTX_load_system_CA_certs(void) { int res = TEST_SKIPPED; #if defined(WOLFSSL_SYS_CA_CERTS) && !defined(NO_WOLFSSL_CLIENT) && \ (!defined(NO_RSA) || defined(HAVE_ECC)) WOLFSSL_CTX* ctx; byte dirValid = 0; int ret = 0; ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()); if (ctx == NULL) { fprintf(stderr, "wolfSSL_CTX_new failed.\n"); ret = -1; } if (ret == 0) { #if defined(USE_WINDOWS_API) || defined(__APPLE__) dirValid = 1; #else word32 numDirs; const char** caDirs = wolfSSL_get_system_CA_dirs(&numDirs); if (caDirs == NULL || numDirs == 0) { fprintf(stderr, "wolfSSL_get_system_CA_dirs failed.\n"); ret = -1; } else { ReadDirCtx dirCtx; word32 i; for (i = 0; i < numDirs; ++i) { if (wc_ReadDirFirst(&dirCtx, caDirs[i], NULL) == 0) { /* Directory isn't empty. */ dirValid = 1; wc_ReadDirClose(&dirCtx); break; } } } #endif } /* * If the directory isn't empty, we should be able to load CA * certs from it. On Windows/Mac, we assume the CA cert stores are * usable. */ if (ret == 0 && dirValid && wolfSSL_CTX_load_system_CA_certs(ctx) != WOLFSSL_SUCCESS) { fprintf(stderr, "wolfSSL_CTX_load_system_CA_certs failed.\n"); ret = -1; } #ifdef OPENSSL_EXTRA if (ret == 0 && wolfSSL_CTX_set_default_verify_paths(ctx) != WOLFSSL_SUCCESS) { fprintf(stderr, "wolfSSL_CTX_set_default_verify_paths failed.\n"); ret = -1; } #endif /* OPENSSL_EXTRA */ wolfSSL_CTX_free(ctx); res = TEST_RES_CHECK(ret == 0); #endif /* WOLFSSL_SYS_CA_CERTS && !NO_WOLFSSL_CLIENT */ return res; } #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) static int test_cm_load_ca_buffer(const byte* cert_buf, size_t cert_sz, int file_type) { int ret; WOLFSSL_CERT_MANAGER* cm; cm = wolfSSL_CertManagerNew(); if (cm == NULL) { fprintf(stderr, "test_cm_load_ca failed\n"); return -1; } ret = wolfSSL_CertManagerLoadCABuffer(cm, cert_buf, cert_sz, file_type); wolfSSL_CertManagerFree(cm); return ret; } static int test_cm_load_ca_file(const char* ca_cert_file) { int ret = 0; byte* cert_buf = NULL; size_t cert_sz = 0; #if defined(WOLFSSL_PEM_TO_DER) DerBuffer* pDer = NULL; #endif ret = load_file(ca_cert_file, &cert_buf, &cert_sz); if (ret == 0) { /* normal test */ ret = test_cm_load_ca_buffer(cert_buf, cert_sz, WOLFSSL_FILETYPE_PEM); if (ret == WOLFSSL_SUCCESS) { /* test including null terminator in length */ byte* tmp = (byte*)realloc(cert_buf, cert_sz+1); if (tmp == NULL) { ret = MEMORY_E; } else { cert_buf = tmp; cert_buf[cert_sz] = '\0'; ret = test_cm_load_ca_buffer(cert_buf, cert_sz+1, WOLFSSL_FILETYPE_PEM); } } #if defined(WOLFSSL_PEM_TO_DER) if (ret == WOLFSSL_SUCCESS) { /* test loading DER */ ret = wc_PemToDer(cert_buf, cert_sz, CA_TYPE, &pDer, NULL, NULL, NULL); if (ret == 0 && pDer != NULL) { ret = test_cm_load_ca_buffer(pDer->buffer, pDer->length, WOLFSSL_FILETYPE_ASN1); wc_FreeDer(&pDer); } } #endif } free(cert_buf); return ret; } static int test_cm_load_ca_buffer_ex(const byte* cert_buf, size_t cert_sz, int file_type, word32 flags) { int ret; WOLFSSL_CERT_MANAGER* cm; cm = wolfSSL_CertManagerNew(); if (cm == NULL) { fprintf(stderr, "test_cm_load_ca failed\n"); return -1; } ret = wolfSSL_CertManagerLoadCABuffer_ex(cm, cert_buf, cert_sz, file_type, 0, flags); wolfSSL_CertManagerFree(cm); return ret; } static int test_cm_load_ca_file_ex(const char* ca_cert_file, word32 flags) { int ret = 0; byte* cert_buf = NULL; size_t cert_sz = 0; #if defined(WOLFSSL_PEM_TO_DER) DerBuffer* pDer = NULL; #endif ret = load_file(ca_cert_file, &cert_buf, &cert_sz); if (ret == 0) { /* normal test */ ret = test_cm_load_ca_buffer_ex(cert_buf, cert_sz, WOLFSSL_FILETYPE_PEM, flags); if (ret == WOLFSSL_SUCCESS) { /* test including null terminator in length */ byte* tmp = (byte*)realloc(cert_buf, cert_sz+1); if (tmp == NULL) { ret = MEMORY_E; } else { cert_buf = tmp; cert_buf[cert_sz] = '\0'; ret = test_cm_load_ca_buffer_ex(cert_buf, cert_sz+1, WOLFSSL_FILETYPE_PEM, flags); } } #if defined(WOLFSSL_PEM_TO_DER) if (ret == WOLFSSL_SUCCESS) { /* test loading DER */ ret = wc_PemToDer(cert_buf, cert_sz, CA_TYPE, &pDer, NULL, NULL, NULL); if (ret == 0 && pDer != NULL) { ret = test_cm_load_ca_buffer_ex(pDer->buffer, pDer->length, WOLFSSL_FILETYPE_ASN1, flags); wc_FreeDer(&pDer); } } #endif } free(cert_buf); return ret; } #endif /* !NO_FILESYSTEM && !NO_CERTS */ static int test_wolfSSL_CertManagerAPI(void) { EXPECT_DECLS; #ifndef NO_CERTS WOLFSSL_CERT_MANAGER* cm = NULL; unsigned char c; ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL)); wolfSSL_CertManagerFree(NULL); ExpectIntEQ(wolfSSL_CertManager_up_ref(NULL), 0); ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(NULL), BAD_FUNC_ARG); #ifdef WOLFSSL_TRUST_PEER_CERT ExpectIntEQ(wolfSSL_CertManagerUnload_trust_peers(NULL), BAD_FUNC_ARG); #endif ExpectIntEQ(wolfSSL_CertManagerLoadCABuffer_ex(NULL, &c, 1, WOLFSSL_FILETYPE_ASN1, 0, 0), WOLFSSL_FATAL_ERROR); #if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH) ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(NULL, NULL, -1, WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, NULL, -1, WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(NULL, &c, -1, WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(NULL, NULL, 1, WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(NULL, &c, 1, WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, NULL, 1, WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, &c, -1, WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, &c, 1, -1), WOLFSSL_BAD_FILETYPE); #endif #if !defined(NO_FILESYSTEM) { const char* ca_cert = "./certs/ca-cert.pem"; #if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH) const char* ca_cert_der = "./certs/ca-cert.der"; #endif const char* ca_path = "./certs"; #if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH) ExpectIntEQ(wolfSSL_CertManagerVerify(NULL, NULL, -1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerVerify(cm, NULL, WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerVerify(NULL, ca_cert, WOLFSSL_FILETYPE_PEM), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerVerify(cm, ca_cert, -1), WOLFSSL_BAD_FILETYPE); ExpectIntEQ(wolfSSL_CertManagerVerify(cm, "no-file", WOLFSSL_FILETYPE_ASN1), WOLFSSL_BAD_FILE); ExpectIntEQ(wolfSSL_CertManagerVerify(cm, ca_cert_der, WOLFSSL_FILETYPE_PEM), ASN_NO_PEM_HEADER); #endif ExpectIntEQ(wolfSSL_CertManagerLoadCA(NULL, NULL, NULL), WOLFSSL_FATAL_ERROR); ExpectIntEQ(wolfSSL_CertManagerLoadCA(NULL, ca_cert, NULL), WOLFSSL_FATAL_ERROR); ExpectIntEQ(wolfSSL_CertManagerLoadCA(NULL, NULL, ca_path), WOLFSSL_FATAL_ERROR); ExpectIntEQ(wolfSSL_CertManagerLoadCA(NULL, ca_cert, ca_path), WOLFSSL_FATAL_ERROR); } #endif #ifdef OPENSSL_COMPATIBLE_DEFAULTS ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm, 0), 1); #elif !defined(HAVE_CRL) ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm, 0), NOT_COMPILED_IN); #endif ExpectIntEQ(wolfSSL_CertManagerDisableCRL(NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerDisableCRL(cm), 1); #ifdef HAVE_CRL /* Test APIs when CRL is disabled. */ #ifdef HAVE_CRL_IO ExpectIntEQ(wolfSSL_CertManagerSetCRL_IOCb(cm, NULL), 1); #endif ExpectIntEQ(wolfSSL_CertManagerCheckCRL(cm, server_cert_der_2048, sizeof_server_cert_der_2048), 1); ExpectIntEQ(wolfSSL_CertManagerFreeCRL(cm), 1); #endif /* OCSP */ ExpectIntEQ(wolfSSL_CertManagerEnableOCSP(NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerDisableOCSP(NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerEnableOCSPStapling(NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerDisableOCSPStapling(NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerEnableOCSPMustStaple(NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerDisableOCSPMustStaple(NULL), BAD_FUNC_ARG); #if !defined(HAVE_CERTIFICATE_STATUS_REQUEST) && \ !defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) ExpectIntEQ(wolfSSL_CertManagerDisableOCSPStapling(cm), NOT_COMPILED_IN); ExpectIntEQ(wolfSSL_CertManagerEnableOCSPMustStaple(cm), NOT_COMPILED_IN); ExpectIntEQ(wolfSSL_CertManagerDisableOCSPMustStaple(cm), NOT_COMPILED_IN); #endif #ifdef HAVE_OCSP ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(NULL, NULL, -1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(cm, NULL, -1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(NULL, &c, -1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(NULL, NULL, 1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(NULL, &c, 1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(cm, NULL, 1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(cm, &c, -1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(NULL, NULL, 0, NULL, NULL, NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, NULL, 1, NULL, NULL, NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(NULL, &c, 1, NULL, NULL, NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerSetOCSPOverrideURL(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerSetOCSPOverrideURL(NULL, ""), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerSetOCSPOverrideURL(cm, NULL), 1); ExpectIntEQ(wolfSSL_CertManagerSetOCSP_Cb(NULL, NULL, NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerSetOCSP_Cb(cm, NULL, NULL, NULL), 1); ExpectIntEQ(wolfSSL_CertManagerDisableOCSP(cm), 1); /* Test APIs when OCSP is disabled. */ ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, &c, 1, NULL, NULL, NULL, NULL), 1); ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(cm, &c, 1), 1); #endif ExpectIntEQ(wolfSSL_CertManager_up_ref(cm), 1); wolfSSL_CertManagerFree(cm); wolfSSL_CertManagerFree(cm); cm = NULL; ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL)); #ifdef HAVE_OCSP ExpectIntEQ(wolfSSL_CertManagerEnableOCSP(cm, WOLFSSL_OCSP_URL_OVERRIDE | WOLFSSL_OCSP_CHECKALL), 1); #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \ defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) ExpectIntEQ(wolfSSL_CertManagerEnableOCSPStapling(cm), 1); ExpectIntEQ(wolfSSL_CertManagerEnableOCSPStapling(cm), 1); ExpectIntEQ(wolfSSL_CertManagerDisableOCSPStapling(cm), 1); ExpectIntEQ(wolfSSL_CertManagerEnableOCSPStapling(cm), 1); ExpectIntEQ(wolfSSL_CertManagerEnableOCSPMustStaple(cm), 1); ExpectIntEQ(wolfSSL_CertManagerDisableOCSPMustStaple(cm), 1); #endif ExpectIntEQ(wolfSSL_CertManagerSetOCSPOverrideURL(cm, ""), 1); ExpectIntEQ(wolfSSL_CertManagerSetOCSPOverrideURL(cm, ""), 1); #endif #ifdef WOLFSSL_TRUST_PEER_CERT ExpectIntEQ(wolfSSL_CertManagerUnload_trust_peers(cm), 1); #endif wolfSSL_CertManagerFree(cm); #endif return EXPECT_RESULT(); } static int test_wolfSSL_CertManagerLoadCABuffer(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) const char* ca_cert = "./certs/ca-cert.pem"; const char* ca_expired_cert = "./certs/test/expired/expired-ca.pem"; int ret; ExpectIntLE(ret = test_cm_load_ca_file(ca_cert), 1); #if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER) ExpectIntEQ(ret, WOLFSSL_FATAL_ERROR); #elif defined(NO_RSA) ExpectIntEQ(ret, ASN_UNKNOWN_OID_E); #else ExpectIntEQ(ret, WOLFSSL_SUCCESS); #endif ExpectIntLE(ret = test_cm_load_ca_file(ca_expired_cert), 1); #if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER) ExpectIntEQ(ret, WOLFSSL_FATAL_ERROR); #elif defined(NO_RSA) ExpectIntEQ(ret, ASN_UNKNOWN_OID_E); #elif !(WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS & WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY) && \ !defined(NO_ASN_TIME) ExpectIntEQ(ret, ASN_AFTER_DATE_E); #else ExpectIntEQ(ret, WOLFSSL_SUCCESS); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_CertManagerLoadCABuffer_ex(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) const char* ca_cert = "./certs/ca-cert.pem"; const char* ca_expired_cert = "./certs/test/expired/expired-ca.pem"; int ret; ExpectIntLE(ret = test_cm_load_ca_file_ex(ca_cert, WOLFSSL_LOAD_FLAG_NONE), 1); #if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER) ExpectIntEQ(ret, WOLFSSL_FATAL_ERROR); #elif defined(NO_RSA) ExpectIntEQ(ret, ASN_UNKNOWN_OID_E); #else ExpectIntEQ(ret, WOLFSSL_SUCCESS); #endif ExpectIntLE(ret = test_cm_load_ca_file_ex(ca_expired_cert, WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY), 1); #if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER) ExpectIntEQ(ret, WOLFSSL_FATAL_ERROR); #elif defined(NO_RSA) ExpectIntEQ(ret, ASN_UNKNOWN_OID_E); #elif !(WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS & WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY) && \ !defined(NO_ASN_TIME) && defined(WOLFSSL_TRUST_PEER_CERT) && \ defined(OPENSSL_COMPATIBLE_DEFAULTS) ExpectIntEQ(ret, ASN_AFTER_DATE_E); #else ExpectIntEQ(ret, WOLFSSL_SUCCESS); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_CertManagerGetCerts(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) && \ defined(WOLFSSL_SIGNER_DER_CERT) WOLFSSL_CERT_MANAGER* cm = NULL; WOLFSSL_STACK* sk = NULL; X509* x509 = NULL; X509* cert1 = NULL; FILE* file1 = NULL; #ifdef DEBUG_WOLFSSL_VERBOSE WOLFSSL_BIO* bio = NULL; #endif int i = 0; int ret = 0; const byte* der = NULL; int derSz = 0; ExpectNotNull(file1 = fopen("./certs/ca-cert.pem", "rb")); ExpectNotNull(cert1 = wolfSSL_PEM_read_X509(file1, NULL, NULL, NULL)); if (file1 != NULL) { fclose(file1); } ExpectNull(sk = wolfSSL_CertManagerGetCerts(NULL)); ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL)); ExpectNull(sk = wolfSSL_CertManagerGetCerts(cm)); ExpectNotNull(der = wolfSSL_X509_get_der(cert1, &derSz)); #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) /* Check that ASN_SELF_SIGNED_E is returned for a self-signed cert for QT * and full OpenSSL compatibility */ ExpectIntEQ(ret = wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), ASN_SELF_SIGNED_E); #else ExpectIntEQ(ret = wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), ASN_NO_SIGNER_E); #endif ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCA(cm, "./certs/ca-cert.pem", NULL)); ExpectNotNull(sk = wolfSSL_CertManagerGetCerts(cm)); for (i = 0; EXPECT_SUCCESS() && i < sk_X509_num(sk); i++) { ExpectNotNull(x509 = sk_X509_value(sk, i)); ExpectIntEQ(0, wolfSSL_X509_cmp(x509, cert1)); #ifdef DEBUG_WOLFSSL_VERBOSE bio = BIO_new(wolfSSL_BIO_s_file()); if (bio != NULL) { BIO_set_fp(bio, stderr, BIO_NOCLOSE); X509_print(bio, x509); BIO_free(bio); } #endif /* DEBUG_WOLFSSL_VERBOSE */ } wolfSSL_X509_free(cert1); sk_X509_pop_free(sk, NULL); wolfSSL_CertManagerFree(cm); #endif /* defined(OPENSSL_ALL) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) && \ defined(WOLFSSL_SIGNER_DER_CERT) */ return EXPECT_RESULT(); } static int test_wolfSSL_CertManagerSetVerify(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ !defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)) WOLFSSL_CERT_MANAGER* cm = NULL; int tmp = myVerifyAction; const char* ca_cert = "./certs/ca-cert.pem"; const char* expiredCert = "./certs/test/expired/expired-cert.pem"; wolfSSL_CertManagerSetVerify(NULL, NULL); wolfSSL_CertManagerSetVerify(NULL, myVerify); ExpectNotNull(cm = wolfSSL_CertManagerNew()); wolfSSL_CertManagerSetVerify(cm, myVerify); #if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER) ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL), -1); #else ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL), WOLFSSL_SUCCESS); #endif /* Use the test CB that always accepts certs */ myVerifyAction = VERIFY_OVERRIDE_ERROR; ExpectIntEQ(wolfSSL_CertManagerVerify(cm, expiredCert, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); #ifdef WOLFSSL_ALWAYS_VERIFY_CB { const char* verifyCert = "./certs/server-cert.der"; /* Use the test CB that always fails certs */ myVerifyAction = VERIFY_FORCE_FAIL; ExpectIntEQ(wolfSSL_CertManagerVerify(cm, verifyCert, WOLFSSL_FILETYPE_ASN1), VERIFY_CERT_ERROR); } #endif wolfSSL_CertManagerFree(cm); myVerifyAction = tmp; #endif return EXPECT_RESULT(); } #if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \ defined(DEBUG_UNIT_TEST_CERTS) /* Used when debugging name constraint tests. Not static to allow use in * multiple locations with complex define guards. */ void DEBUG_WRITE_CERT_X509(WOLFSSL_X509* x509, const char* fileName) { BIO* out = BIO_new_file(fileName, "wb"); if (out != NULL) { PEM_write_bio_X509(out, x509); BIO_free(out); } } void DEBUG_WRITE_DER(const byte* der, int derSz, const char* fileName) { BIO* out = BIO_new_file(fileName, "wb"); if (out != NULL) { BIO_write(out, der, derSz); BIO_free(out); } } #else #define DEBUG_WRITE_CERT_X509(x509, fileName) WC_DO_NOTHING #define DEBUG_WRITE_DER(der, derSz, fileName) WC_DO_NOTHING #endif static int test_wolfSSL_CertManagerNameConstraint(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ !defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \ defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && \ defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_ALT_NAMES) && \ !defined(NO_SHA256) WOLFSSL_CERT_MANAGER* cm = NULL; WOLFSSL_EVP_PKEY *priv = NULL; WOLFSSL_X509_NAME* name = NULL; const char* ca_cert = "./certs/test/cert-ext-nc.der"; const char* server_cert = "./certs/test/server-goodcn.pem"; int i = 0; static const byte extNameConsOid[] = {85, 29, 30}; RsaKey key; WC_RNG rng; byte *der = NULL; int derSz = 0; word32 idx = 0; byte *pt; WOLFSSL_X509 *x509 = NULL; WOLFSSL_X509 *ca = NULL; wc_InitRng(&rng); /* load in CA private key for signing */ ExpectIntEQ(wc_InitRsaKey_ex(&key, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_RsaPrivateKeyDecode(server_key_der_2048, &idx, &key, sizeof_server_key_der_2048), 0); /* get ca certificate then alter it */ ExpectNotNull(der = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(ca_cert, WOLFSSL_FILETYPE_ASN1)); ExpectNotNull(pt = (byte*)wolfSSL_X509_get_tbs(x509, &derSz)); if (EXPECT_SUCCESS() && (der != NULL)) { XMEMCPY(der, pt, derSz); /* find the name constraint extension and alter it */ pt = der; for (i = 0; i < derSz - 3; i++) { if (XMEMCMP(pt, extNameConsOid, 3) == 0) { pt += 3; break; } pt++; } ExpectIntNE(i, derSz - 3); /* did not find OID if this case is hit */ /* go to the length value and set it to 0 */ while (i < derSz && *pt != 0x81) { pt++; i++; } ExpectIntNE(i, derSz); /* did not place to alter */ pt++; *pt = 0x00; } /* resign the altered certificate */ ExpectIntGT((derSz = wc_SignCert(derSz, CTC_SHA256wRSA, der, FOURK_BUF, &key, NULL, &rng)), 0); ExpectNotNull(cm = wolfSSL_CertManagerNew()); ExpectIntEQ(wolfSSL_CertManagerLoadCABuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), ASN_PARSE_E); wolfSSL_CertManagerFree(cm); XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wolfSSL_X509_free(x509); wc_FreeRsaKey(&key); wc_FreeRng(&rng); /* add email alt name to satisfy constraint */ pt = (byte*)server_key_der_2048; ExpectNotNull(priv = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL, (const unsigned char**)&pt, sizeof_server_key_der_2048)); ExpectNotNull(cm = wolfSSL_CertManagerNew()); ExpectNotNull(ca = wolfSSL_X509_load_certificate_file(ca_cert, WOLFSSL_FILETYPE_ASN1)); ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(ca, &derSz))); DEBUG_WRITE_DER(der, derSz, "ca.der"); ExpectIntEQ(wolfSSL_CertManagerLoadCABuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); /* Good cert test with proper alt email name */ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca)); ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS); name = NULL; ExpectNotNull(name = X509_NAME_new()); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8, (byte*)"US", 2, -1, 0), SSL_SUCCESS); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8, (byte*)"wolfssl.com", 11, -1, 0), SSL_SUCCESS); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_UTF8, (byte*)"support@info.wolfssl.com", 24, -1, 0), SSL_SUCCESS); ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS); X509_NAME_free(name); name = NULL; wolfSSL_X509_add_altname(x509, "wolfssl@info.wolfssl.com", ASN_RFC822_TYPE); ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0); DEBUG_WRITE_CERT_X509(x509, "good-cert.pem"); ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz))); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); wolfSSL_X509_free(x509); x509 = NULL; /* Cert with bad alt name list */ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca)); ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS); name = NULL; ExpectNotNull(name = X509_NAME_new()); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8, (byte*)"US", 2, -1, 0), SSL_SUCCESS); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8, (byte*)"wolfssl.com", 11, -1, 0), SSL_SUCCESS); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_UTF8, (byte*)"support@info.wolfssl.com", 24, -1, 0), SSL_SUCCESS); ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS); X509_NAME_free(name); wolfSSL_X509_add_altname(x509, "wolfssl@info.com", ASN_RFC822_TYPE); wolfSSL_X509_add_altname(x509, "wolfssl@info.wolfssl.com", ASN_RFC822_TYPE); ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0); DEBUG_WRITE_CERT_X509(x509, "bad-cert.pem"); ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz))); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), ASN_NAME_INVALID_E); wolfSSL_CertManagerFree(cm); wolfSSL_X509_free(x509); wolfSSL_X509_free(ca); wolfSSL_EVP_PKEY_free(priv); #endif return EXPECT_RESULT(); } static int test_wolfSSL_CertManagerNameConstraint2(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ !defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \ defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && \ defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_ALT_NAMES) const char* ca_cert = "./certs/test/cert-ext-ndir.der"; const char* ca_cert2 = "./certs/test/cert-ext-ndir-exc.der"; const char* server_cert = "./certs/server-cert.pem"; WOLFSSL_CERT_MANAGER* cm = NULL; WOLFSSL_X509 *x509 = NULL; WOLFSSL_X509 *ca = NULL; const unsigned char *der = NULL; const unsigned char *pt; WOLFSSL_EVP_PKEY *priv = NULL; WOLFSSL_X509_NAME* name = NULL; int derSz = 0; /* C=US*/ char altName[] = { 0x30, 0x0D, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53 }; /* C=ID */ char altNameFail[] = { 0x30, 0x0D, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x49, 0x44 }; /* C=US ST=California*/ char altNameExc[] = { 0x30, 0x22, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x43, 0x61, 0x6c, 0x69, 0x66, 0x6f, 0x72, 0x6e, 0x69, 0x61 }; /* load in CA private key for signing */ pt = ca_key_der_2048; ExpectNotNull(priv = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL, &pt, sizeof_ca_key_der_2048)); ExpectNotNull(cm = wolfSSL_CertManagerNew()); ExpectNotNull(ca = wolfSSL_X509_load_certificate_file(ca_cert, WOLFSSL_FILETYPE_ASN1)); ExpectNotNull((der = wolfSSL_X509_get_der(ca, &derSz))); ExpectIntEQ(wolfSSL_CertManagerLoadCABuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca)); ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS); #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256) wolfSSL_X509_sign(x509, priv, EVP_sha3_256()); #else wolfSSL_X509_sign(x509, priv, EVP_sha256()); #endif ExpectNotNull((der = wolfSSL_X509_get_der(x509, &derSz))); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); /* add in matching DIR alt name and resign */ wolfSSL_X509_add_altname_ex(x509, altName, sizeof(altName), ASN_DIR_TYPE); #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256) wolfSSL_X509_sign(x509, priv, EVP_sha3_256()); #else wolfSSL_X509_sign(x509, priv, EVP_sha256()); #endif ExpectNotNull((der = wolfSSL_X509_get_der(x509, &derSz))); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); wolfSSL_X509_free(x509); x509 = NULL; /* check verify fail */ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca)); ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS); /* add in miss matching DIR alt name and resign */ wolfSSL_X509_add_altname_ex(x509, altNameFail, sizeof(altNameFail), ASN_DIR_TYPE); #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256) wolfSSL_X509_sign(x509, priv, EVP_sha3_256()); #else wolfSSL_X509_sign(x509, priv, EVP_sha256()); #endif ExpectNotNull((der = wolfSSL_X509_get_der(x509, &derSz))); #ifndef WOLFSSL_NO_ASN_STRICT ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), ASN_NAME_INVALID_E); #else ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); #endif /* check that it still fails if one bad altname and one good altname is in * the certificate */ wolfSSL_X509_free(x509); x509 = NULL; ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca)); ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS); wolfSSL_X509_add_altname_ex(x509, altName, sizeof(altName), ASN_DIR_TYPE); wolfSSL_X509_add_altname_ex(x509, altNameFail, sizeof(altNameFail), ASN_DIR_TYPE); #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256) wolfSSL_X509_sign(x509, priv, EVP_sha3_256()); #else wolfSSL_X509_sign(x509, priv, EVP_sha256()); #endif ExpectNotNull((der = wolfSSL_X509_get_der(x509, &derSz))); #ifndef WOLFSSL_NO_ASN_STRICT ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), ASN_NAME_INVALID_E); #else ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); #endif /* check it fails with switching position of bad altname */ wolfSSL_X509_free(x509); x509 = NULL; ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca)); ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS); wolfSSL_X509_add_altname_ex(x509, altNameFail, sizeof(altNameFail), ASN_DIR_TYPE); wolfSSL_X509_add_altname_ex(x509, altName, sizeof(altName), ASN_DIR_TYPE); #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256) wolfSSL_X509_sign(x509, priv, EVP_sha3_256()); #else wolfSSL_X509_sign(x509, priv, EVP_sha256()); #endif ExpectNotNull((der = wolfSSL_X509_get_der(x509, &derSz))); #ifndef WOLFSSL_NO_ASN_STRICT ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), ASN_NAME_INVALID_E); #else ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); #endif wolfSSL_CertManagerFree(cm); wolfSSL_X509_free(x509); x509 = NULL; wolfSSL_X509_free(ca); ca = NULL; /* now test with excluded name constraint */ ExpectNotNull(cm = wolfSSL_CertManagerNew()); ExpectNotNull(ca = wolfSSL_X509_load_certificate_file(ca_cert2, WOLFSSL_FILETYPE_ASN1)); ExpectNotNull((der = wolfSSL_X509_get_der(ca, &derSz))); ExpectIntEQ(wolfSSL_CertManagerLoadCABuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert, WOLFSSL_FILETYPE_PEM)); wolfSSL_X509_add_altname_ex(x509, altNameExc, sizeof(altNameExc), ASN_DIR_TYPE); ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca)); ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS); #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256) wolfSSL_X509_sign(x509, priv, EVP_sha3_256()); #else wolfSSL_X509_sign(x509, priv, EVP_sha256()); #endif ExpectNotNull((der = wolfSSL_X509_get_der(x509, &derSz))); #ifndef WOLFSSL_NO_ASN_STRICT ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), ASN_NAME_INVALID_E); #else ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); #endif wolfSSL_CertManagerFree(cm); wolfSSL_X509_free(x509); wolfSSL_X509_free(ca); wolfSSL_EVP_PKEY_free(priv); #endif return EXPECT_RESULT(); } static int test_wolfSSL_CertManagerNameConstraint3(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ !defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \ defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && \ defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_ALT_NAMES) && \ !defined(NO_SHA256) WOLFSSL_CERT_MANAGER* cm = NULL; WOLFSSL_EVP_PKEY *priv = NULL; WOLFSSL_X509_NAME* name = NULL; const char* ca_cert = "./certs/test/cert-ext-mnc.der"; const char* server_cert = "./certs/test/server-goodcn.pem"; byte *der = NULL; int derSz = 0; byte *pt; WOLFSSL_X509 *x509 = NULL; WOLFSSL_X509 *ca = NULL; pt = (byte*)server_key_der_2048; ExpectNotNull(priv = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL, (const unsigned char**)&pt, sizeof_server_key_der_2048)); ExpectNotNull(cm = wolfSSL_CertManagerNew()); ExpectNotNull(ca = wolfSSL_X509_load_certificate_file(ca_cert, WOLFSSL_FILETYPE_ASN1)); ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(ca, &derSz))); DEBUG_WRITE_DER(der, derSz, "ca.der"); ExpectIntEQ(wolfSSL_CertManagerLoadCABuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); /* check satisfying .wolfssl.com constraint passes */ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca)); ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS); name = NULL; ExpectNotNull(name = X509_NAME_new()); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8, (byte*)"US", 2, -1, 0), SSL_SUCCESS); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8, (byte*)"wolfssl.com", 11, -1, 0), SSL_SUCCESS); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_UTF8, (byte*)"support@info.wolfssl.com", 24, -1, 0), SSL_SUCCESS); ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS); X509_NAME_free(name); name = NULL; wolfSSL_X509_add_altname(x509, "wolfssl@info.wolfssl.com", ASN_RFC822_TYPE); ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0); DEBUG_WRITE_CERT_X509(x509, "good-1st-constraint-cert.pem"); ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz))); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); wolfSSL_X509_free(x509); x509 = NULL; /* check satisfying .random.com constraint passes */ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca)); ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS); name = NULL; ExpectNotNull(name = X509_NAME_new()); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8, (byte*)"US", 2, -1, 0), SSL_SUCCESS); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8, (byte*)"wolfssl.com", 11, -1, 0), SSL_SUCCESS); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_UTF8, (byte*)"support@info.example.com", 24, -1, 0), SSL_SUCCESS); ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS); X509_NAME_free(name); name = NULL; wolfSSL_X509_add_altname(x509, "wolfssl@info.example.com", ASN_RFC822_TYPE); ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0); DEBUG_WRITE_CERT_X509(x509, "good-2nd-constraint-cert.pem"); ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz))); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); wolfSSL_X509_free(x509); x509 = NULL; /* check fail case when neither constraint is matched */ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca)); ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS); name = NULL; ExpectNotNull(name = X509_NAME_new()); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8, (byte*)"US", 2, -1, 0), SSL_SUCCESS); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8, (byte*)"wolfssl.com", 11, -1, 0), SSL_SUCCESS); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_UTF8, (byte*)"support@info.com", 16, -1, 0), SSL_SUCCESS); ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS); X509_NAME_free(name); wolfSSL_X509_add_altname(x509, "wolfssl@info.com", ASN_RFC822_TYPE); ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0); DEBUG_WRITE_CERT_X509(x509, "bad-cert.pem"); ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz))); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), ASN_NAME_INVALID_E); wolfSSL_CertManagerFree(cm); wolfSSL_X509_free(x509); wolfSSL_X509_free(ca); wolfSSL_EVP_PKEY_free(priv); #endif return EXPECT_RESULT(); } static int test_wolfSSL_CertManagerNameConstraint4(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ !defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \ defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && \ defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_ALT_NAMES) && \ !defined(NO_SHA256) WOLFSSL_CERT_MANAGER* cm = NULL; WOLFSSL_EVP_PKEY *priv = NULL; WOLFSSL_X509_NAME* name = NULL; const char* ca_cert = "./certs/test/cert-ext-ncdns.der"; const char* server_cert = "./certs/test/server-goodcn.pem"; byte *der = NULL; int derSz; byte *pt; WOLFSSL_X509 *x509 = NULL; WOLFSSL_X509 *ca = NULL; pt = (byte*)server_key_der_2048; ExpectNotNull(priv = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL, (const unsigned char**)&pt, sizeof_server_key_der_2048)); ExpectNotNull(cm = wolfSSL_CertManagerNew()); ExpectNotNull(ca = wolfSSL_X509_load_certificate_file(ca_cert, WOLFSSL_FILETYPE_ASN1)); ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(ca, &derSz))); DEBUG_WRITE_DER(der, derSz, "ca.der"); ExpectIntEQ(wolfSSL_CertManagerLoadCABuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); /* check satisfying wolfssl.com constraint passes */ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca)); ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS); name = NULL; ExpectNotNull(name = X509_NAME_new()); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8, (byte*)"US", 2, -1, 0), SSL_SUCCESS); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8, (byte*)"wolfssl.com", 11, -1, 0), SSL_SUCCESS); ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS); X509_NAME_free(name); name = NULL; wolfSSL_X509_add_altname(x509, "www.wolfssl.com", ASN_DNS_TYPE); ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0); DEBUG_WRITE_CERT_X509(x509, "good-1st-constraint-cert.pem"); ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz))); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); wolfSSL_X509_free(x509); x509 = NULL; /* check satisfying example.com constraint passes */ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca)); ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS); name = NULL; ExpectNotNull(name = X509_NAME_new()); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8, (byte*)"US", 2, -1, 0), SSL_SUCCESS); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8, (byte*)"example.com", 11, -1, 0), SSL_SUCCESS); ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS); X509_NAME_free(name); name = NULL; wolfSSL_X509_add_altname(x509, "www.example.com", ASN_DNS_TYPE); ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0); DEBUG_WRITE_CERT_X509(x509, "good-2nd-constraint-cert.pem"); ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz))); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); wolfSSL_X509_free(x509); x509 = NULL; /* check satisfying wolfssl.com constraint passes with list of DNS's */ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca)); ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS); name = NULL; ExpectNotNull(name = X509_NAME_new()); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8, (byte*)"US", 2, -1, 0), SSL_SUCCESS); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8, (byte*)"wolfssl.com", 11, -1, 0), SSL_SUCCESS); ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS); X509_NAME_free(name); name = NULL; wolfSSL_X509_add_altname(x509, "www.wolfssl.com", ASN_DNS_TYPE); wolfSSL_X509_add_altname(x509, "www.info.wolfssl.com", ASN_DNS_TYPE); wolfSSL_X509_add_altname(x509, "extra.wolfssl.com", ASN_DNS_TYPE); ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0); DEBUG_WRITE_CERT_X509(x509, "good-multiple-constraint-cert.pem"); ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz))); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); wolfSSL_X509_free(x509); x509 = NULL; /* check fail when one DNS in the list is bad */ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca)); ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS); name = NULL; ExpectNotNull(name = X509_NAME_new()); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8, (byte*)"US", 2, -1, 0), SSL_SUCCESS); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8, (byte*)"wolfssl.com", 11, -1, 0), SSL_SUCCESS); ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS); X509_NAME_free(name); name = NULL; wolfSSL_X509_add_altname(x509, "www.wolfssl.com", ASN_DNS_TYPE); wolfSSL_X509_add_altname(x509, "www.nomatch.com", ASN_DNS_TYPE); wolfSSL_X509_add_altname(x509, "www.info.wolfssl.com", ASN_DNS_TYPE); ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0); DEBUG_WRITE_CERT_X509(x509, "bad-multiple-constraint-cert.pem"); ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz))); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), ASN_NAME_INVALID_E); wolfSSL_X509_free(x509); x509 = NULL; /* check fail case when neither constraint is matched */ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca)); ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS); name = NULL; ExpectNotNull(name = X509_NAME_new()); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8, (byte*)"US", 2, -1, 0), SSL_SUCCESS); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8, (byte*)"common", 6, -1, 0), SSL_SUCCESS); ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS); X509_NAME_free(name); wolfSSL_X509_add_altname(x509, "www.random.com", ASN_DNS_TYPE); ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0); DEBUG_WRITE_CERT_X509(x509, "bad-cert.pem"); ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz))); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), ASN_NAME_INVALID_E); wolfSSL_CertManagerFree(cm); wolfSSL_X509_free(x509); wolfSSL_X509_free(ca); wolfSSL_EVP_PKEY_free(priv); #endif return EXPECT_RESULT(); } static int test_wolfSSL_CertManagerNameConstraint5(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ !defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \ defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && \ defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_ALT_NAMES) && \ !defined(NO_SHA256) WOLFSSL_CERT_MANAGER* cm = NULL; WOLFSSL_EVP_PKEY *priv = NULL; WOLFSSL_X509_NAME* name = NULL; const char* ca_cert = "./certs/test/cert-ext-ncmixed.der"; const char* server_cert = "./certs/test/server-goodcn.pem"; byte *der = NULL; int derSz; byte *pt; WOLFSSL_X509 *x509 = NULL; WOLFSSL_X509 *ca = NULL; pt = (byte*)server_key_der_2048; ExpectNotNull(priv = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL, (const unsigned char**)&pt, sizeof_server_key_der_2048)); ExpectNotNull(cm = wolfSSL_CertManagerNew()); ExpectNotNull(ca = wolfSSL_X509_load_certificate_file(ca_cert, WOLFSSL_FILETYPE_ASN1)); ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(ca, &derSz))); DEBUG_WRITE_DER(der, derSz, "ca.der"); ExpectIntEQ(wolfSSL_CertManagerLoadCABuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); /* check satisfying wolfssl.com constraint passes */ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca)); ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS); name = NULL; ExpectNotNull(name = X509_NAME_new()); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8, (byte*)"US", 2, -1, 0), SSL_SUCCESS); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8, (byte*)"example", 7, -1, 0), SSL_SUCCESS); ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS); X509_NAME_free(name); name = NULL; wolfSSL_X509_add_altname(x509, "good.example", ASN_DNS_TYPE); wolfSSL_X509_add_altname(x509, "facts@into.wolfssl.com", ASN_RFC822_TYPE); ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0); DEBUG_WRITE_CERT_X509(x509, "good-cert.pem"); ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz))); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); wolfSSL_X509_free(x509); x509 = NULL; /* fail with DNS check because of common name */ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca)); ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS); name = NULL; ExpectNotNull(name = X509_NAME_new()); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8, (byte*)"US", 2, -1, 0), SSL_SUCCESS); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8, (byte*)"wolfssl.com", 11, -1, 0), SSL_SUCCESS); ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS); X509_NAME_free(name); name = NULL; wolfSSL_X509_add_altname(x509, "example", ASN_DNS_TYPE); wolfSSL_X509_add_altname(x509, "facts@wolfssl.com", ASN_RFC822_TYPE); ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0); DEBUG_WRITE_CERT_X509(x509, "bad-cn-cert.pem"); ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz))); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), ASN_NAME_INVALID_E); wolfSSL_X509_free(x509); x509 = NULL; /* fail on permitted DNS name constraint */ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca)); ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS); name = NULL; ExpectNotNull(name = X509_NAME_new()); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8, (byte*)"US", 2, -1, 0), SSL_SUCCESS); ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS); X509_NAME_free(name); name = NULL; wolfSSL_X509_add_altname(x509, "www.example", ASN_DNS_TYPE); wolfSSL_X509_add_altname(x509, "www.wolfssl", ASN_DNS_TYPE); wolfSSL_X509_add_altname(x509, "info@wolfssl.com", ASN_RFC822_TYPE); ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0); DEBUG_WRITE_CERT_X509(x509, "bad-1st-constraint-cert.pem"); ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz))); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), ASN_NAME_INVALID_E); wolfSSL_X509_free(x509); x509 = NULL; /* fail on permitted email name constraint */ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca)); ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS); name = NULL; ExpectNotNull(name = X509_NAME_new()); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8, (byte*)"US", 2, -1, 0), SSL_SUCCESS); ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS); X509_NAME_free(name); name = NULL; wolfSSL_X509_add_altname(x509, "example", ASN_DNS_TYPE); wolfSSL_X509_add_altname(x509, "info@wolfssl.com", ASN_RFC822_TYPE); wolfSSL_X509_add_altname(x509, "info@example.com", ASN_RFC822_TYPE); ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0); DEBUG_WRITE_CERT_X509(x509, "bad-2nd-constraint-cert.pem"); ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz))); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), ASN_NAME_INVALID_E); wolfSSL_X509_free(x509); x509 = NULL; /* success with empty email name */ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca)); ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS); name = NULL; ExpectNotNull(name = X509_NAME_new()); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8, (byte*)"US", 2, -1, 0), SSL_SUCCESS); ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS); X509_NAME_free(name); wolfSSL_X509_add_altname(x509, "example", ASN_DNS_TYPE); ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0); DEBUG_WRITE_CERT_X509(x509, "good-missing-constraint-cert.pem"); ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz))); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); wolfSSL_X509_free(x509); wolfSSL_CertManagerFree(cm); wolfSSL_X509_free(ca); wolfSSL_EVP_PKEY_free(priv); #endif return EXPECT_RESULT(); } static int test_wolfSSL_CertManagerCRL(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && defined(HAVE_CRL) && \ !defined(NO_RSA) const char* ca_cert = "./certs/ca-cert.pem"; const char* crl1 = "./certs/crl/crl.pem"; const char* crl2 = "./certs/crl/crl2.pem"; #ifdef WC_RSA_PSS const char* crl_rsapss = "./certs/crl/crl_rsapss.pem"; const char* ca_rsapss = "./certs/rsapss/ca-rsapss.pem"; #endif const unsigned char crl_buff[] = { 0x30, 0x82, 0x02, 0x04, 0x30, 0x81, 0xed, 0x02, 0x01, 0x01, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x81, 0x94, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x07, 0x4d, 0x6f, 0x6e, 0x74, 0x61, 0x6e, 0x61, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x42, 0x6f, 0x7a, 0x65, 0x6d, 0x61, 0x6e, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6f, 0x6f, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x0a, 0x43, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x74, 0x69, 0x6e, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x77, 0x77, 0x77, 0x2e, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x17, 0x0d, 0x32, 0x32, 0x31, 0x32, 0x31, 0x36, 0x32, 0x31, 0x31, 0x37, 0x35, 0x30, 0x5a, 0x17, 0x0d, 0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31, 0x37, 0x35, 0x30, 0x5a, 0x30, 0x14, 0x30, 0x12, 0x02, 0x01, 0x02, 0x17, 0x0d, 0x32, 0x32, 0x31, 0x32, 0x31, 0x36, 0x32, 0x31, 0x31, 0x37, 0x35, 0x30, 0x5a, 0xa0, 0x0e, 0x30, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x1d, 0x14, 0x04, 0x03, 0x02, 0x01, 0x02, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x39, 0x44, 0xff, 0x39, 0xf4, 0x04, 0x45, 0x79, 0x7e, 0x73, 0xe2, 0x42, 0x48, 0xdb, 0x85, 0x66, 0xfd, 0x99, 0x76, 0x94, 0x7c, 0xb5, 0x79, 0x5d, 0x15, 0x71, 0x36, 0xa9, 0x87, 0xf0, 0x73, 0x05, 0x50, 0x08, 0x6b, 0x1c, 0x6e, 0xde, 0x96, 0x45, 0x31, 0xc3, 0xc0, 0xba, 0xba, 0xf5, 0x08, 0x1d, 0x05, 0x4a, 0x52, 0x39, 0xe9, 0x03, 0xef, 0x59, 0xc8, 0x1d, 0x4a, 0xf2, 0x86, 0x05, 0x99, 0x7b, 0x4b, 0x74, 0xf6, 0xd3, 0x75, 0x8d, 0xb2, 0x57, 0xba, 0xac, 0xa7, 0x11, 0x14, 0xd6, 0x6c, 0x71, 0xc4, 0x4c, 0x1c, 0x68, 0xbc, 0x49, 0x78, 0xf0, 0xc9, 0x52, 0x8a, 0xe7, 0x8b, 0x54, 0xe6, 0x20, 0x58, 0x20, 0x60, 0x66, 0xf5, 0x14, 0xd8, 0xcb, 0xff, 0xe0, 0xa0, 0x45, 0xbc, 0xb4, 0x81, 0xad, 0x1d, 0xbc, 0xcf, 0xf8, 0x8e, 0xa8, 0x87, 0x24, 0x55, 0x99, 0xd9, 0xce, 0x47, 0xf7, 0x5b, 0x4a, 0x33, 0x6d, 0xdb, 0xbf, 0x93, 0x64, 0x1a, 0xa6, 0x46, 0x5f, 0x27, 0xdc, 0xd8, 0xd4, 0xf9, 0xc2, 0x42, 0x2a, 0x7e, 0xb2, 0x7c, 0xdd, 0x98, 0x77, 0xf5, 0x88, 0x7d, 0x15, 0x25, 0x08, 0xbc, 0xe0, 0xd0, 0x8d, 0xf4, 0xc3, 0xc3, 0x04, 0x41, 0xa4, 0xd1, 0xb1, 0x39, 0x4a, 0x6b, 0x2c, 0xb5, 0x2e, 0x9a, 0x65, 0x43, 0x0d, 0x0e, 0x73, 0xf4, 0x06, 0xe1, 0xb3, 0x49, 0x34, 0x94, 0xb0, 0xb7, 0xff, 0xc0, 0x27, 0xc1, 0xb5, 0xea, 0x06, 0xf7, 0x71, 0x71, 0x97, 0xbb, 0xbc, 0xc7, 0x1a, 0x9f, 0xeb, 0xf6, 0x3d, 0xa5, 0x7b, 0x55, 0xa7, 0xbf, 0xdd, 0xd7, 0xee, 0x97, 0xb8, 0x9d, 0xdc, 0xcd, 0xe3, 0x06, 0xdb, 0x9a, 0x2c, 0x60, 0xbf, 0x70, 0x84, 0xfa, 0x6b, 0x8d, 0x70, 0x7d, 0xde, 0xe8, 0xb7, 0xab, 0xb0, 0x38, 0x68, 0x6c, 0xc0, 0xb1, 0xe1, 0xba, 0x45, 0xe0, 0xd7, 0x12, 0x3d, 0x71, 0x5b }; WOLFSSL_CERT_MANAGER* cm = NULL; ExpectNotNull(cm = wolfSSL_CertManagerNew()); ExpectIntEQ(wolfSSL_CertManagerEnableCRL(NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm, WOLFSSL_CRL_CHECKALL), 1); ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm, WOLFSSL_CRL_CHECK), 1); ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm, WOLFSSL_CRL_CHECK | WOLFSSL_CRL_CHECKALL), 1); ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm, 16), 1); ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm, WOLFSSL_CRL_CHECKALL), 1); ExpectIntEQ(wolfSSL_CertManagerCheckCRL(NULL, NULL, -1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerCheckCRL(cm, NULL, -1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerCheckCRL(NULL, server_cert_der_2048, -1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerCheckCRL(NULL, NULL, 1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerCheckCRL(NULL, server_cert_der_2048, 1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerCheckCRL(cm, NULL, 1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerCheckCRL(cm, server_cert_der_2048, -1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerCheckCRL(cm, server_cert_der_2048, sizeof_server_cert_der_2048), ASN_NO_SIGNER_E); ExpectIntEQ(wolfSSL_CertManagerSetCRL_Cb(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerSetCRL_Cb(cm, NULL), 1); #ifdef HAVE_CRL_IO ExpectIntEQ(wolfSSL_CertManagerSetCRL_IOCb(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerSetCRL_IOCb(cm, NULL), 1); #endif #ifndef NO_FILESYSTEM ExpectIntEQ(wolfSSL_CertManagerLoadCRL(NULL, NULL, WOLFSSL_FILETYPE_ASN1, 0), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerLoadCRL(cm, NULL, WOLFSSL_FILETYPE_ASN1, 0), BAD_FUNC_ARG); /* -1 seen as !WOLFSSL_FILETYPE_PEM */ ExpectIntEQ(wolfSSL_CertManagerLoadCRL(cm, "./certs/crl", -1, 0), 1); ExpectIntEQ(wolfSSL_CertManagerLoadCRLFile(NULL, NULL, WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerLoadCRLFile(cm, NULL, WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG); /* -1 seen as !WOLFSSL_FILETYPE_PEM */ ExpectIntEQ(wolfSSL_CertManagerLoadCRLFile(cm, "./certs/crl/crl.pem", -1), ASN_PARSE_E); #endif ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(NULL, NULL, -1, WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(cm, NULL, -1, WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(NULL, crl_buff, -1, WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(NULL, NULL, 1, WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(NULL, crl_buff, 1, WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(cm, NULL, 1, WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(cm, crl_buff, -1, WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CertManagerFreeCRL(NULL), BAD_FUNC_ARG); DoExpectIntEQ(wolfSSL_CertManagerFreeCRL(cm), 1); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCRL(cm, crl1, WOLFSSL_FILETYPE_PEM, 0)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCRL(cm, crl2, WOLFSSL_FILETYPE_PEM, 0)); wolfSSL_CertManagerFreeCRL(cm); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCRL(cm, crl1, WOLFSSL_FILETYPE_PEM, 0)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL)); ExpectIntEQ(wolfSSL_CertManagerCheckCRL(cm, server_cert_der_2048, sizeof_server_cert_der_2048), CRL_MISSING); ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, server_cert_der_2048, sizeof_server_cert_der_2048, WOLFSSL_FILETYPE_ASN1), CRL_MISSING); ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(cm, crl_buff, sizeof(crl_buff), WOLFSSL_FILETYPE_ASN1), 1); #if !defined(NO_FILESYSTEM) && defined(WC_RSA_PSS) /* loading should fail without the CA set */ ExpectIntEQ(wolfSSL_CertManagerLoadCRLFile(cm, crl_rsapss, WOLFSSL_FILETYPE_PEM), ASN_CRL_NO_SIGNER_E); /* now successfully load the RSA-PSS crl once loading in it's CA */ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCA(cm, ca_rsapss, NULL)); ExpectIntEQ(wolfSSL_CertManagerLoadCRLFile(cm, crl_rsapss, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); #endif wolfSSL_CertManagerFree(cm); #endif return EXPECT_RESULT(); } static int test_wolfSSL_CertManagerCheckOCSPResponse(void) { EXPECT_DECLS; #if defined(HAVE_OCSP) && !defined(NO_RSA) && !defined(NO_SHA) /* Need one of these for wolfSSL_OCSP_REQUEST_new. */ #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \ defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_APACHE_HTTPD) || \ defined(HAVE_LIGHTY) WOLFSSL_CERT_MANAGER* cm = NULL; /* Raw OCSP response bytes captured using the following setup: * - Run responder with * openssl ocsp -port 9999 -ndays 9999 * -index certs/ocsp/index-intermediate1-ca-issued-certs.txt * -rsigner certs/ocsp/ocsp-responder-cert.pem * -rkey certs/ocsp/ocsp-responder-key.pem * -CA certs/ocsp/intermediate1-ca-cert.pem * - Run client with * openssl ocsp -host 127.0.0.1:9999 -respout resp.out * -issuer certs/ocsp/intermediate1-ca-cert.pem * -cert certs/ocsp/server1-cert.pem * -CAfile certs/ocsp/root-ca-cert.pem -noverify * - Select the response packet in Wireshark, and export it using * "File->Export Packet Dissection->As "C" Arrays". Select "Selected * packets only". After importing into the editor, remove the initial * ~148 bytes of header, ending with the Content-Length and the \r\n\r\n. */ static const byte response[] = { 0x30, 0x82, 0x07, 0x40, /* ....0..@ */ 0x0a, 0x01, 0x00, 0xa0, 0x82, 0x07, 0x39, 0x30, /* ......90 */ 0x82, 0x07, 0x35, 0x06, 0x09, 0x2b, 0x06, 0x01, /* ..5..+.. */ 0x05, 0x05, 0x07, 0x30, 0x01, 0x01, 0x04, 0x82, /* ...0.... */ 0x07, 0x26, 0x30, 0x82, 0x07, 0x22, 0x30, 0x82, /* .&0.."0. */ 0x01, 0x40, 0xa1, 0x81, 0xa1, 0x30, 0x81, 0x9e, /* .@...0.. */ 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, /* 1.0...U. */ 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, /* ...US1.0 */ 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, /* ...U.... */ 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x74, /* Washingt */ 0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, /* on1.0... */ 0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, 0x65, 0x61, /* U....Sea */ 0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, 0x30, 0x0e, /* ttle1.0. */ 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x07, 0x77, /* ..U....w */ 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x31, 0x14, /* olfSSL1. */ 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, /* 0...U... */ 0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, /* .Enginee */ 0x72, 0x69, 0x6e, 0x67, 0x31, 0x1f, 0x30, 0x1d, /* ring1.0. */ 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x16, 0x77, /* ..U....w */ 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x20, 0x4f, /* olfSSL O */ 0x43, 0x53, 0x50, 0x20, 0x52, 0x65, 0x73, 0x70, /* CSP Resp */ 0x6f, 0x6e, 0x64, 0x65, 0x72, 0x31, 0x1f, 0x30, /* onder1.0 */ 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, /* ...*.H.. */ 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, /* ......in */ 0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, /* fo@wolfs */ 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x18, 0x0f, /* sl.com.. */ 0x32, 0x30, 0x32, 0x33, 0x31, 0x31, 0x30, 0x38, /* 20231108 */ 0x30, 0x30, 0x32, 0x36, 0x33, 0x37, 0x5a, 0x30, /* 002637Z0 */ 0x64, 0x30, 0x62, 0x30, 0x3a, 0x30, 0x09, 0x06, /* d0b0:0.. */ 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, /* .+...... */ 0x04, 0x14, 0x71, 0x4d, 0x82, 0x23, 0x40, 0x59, /* ..qM.#@Y */ 0xc0, 0x96, 0xa1, 0x37, 0x43, 0xfa, 0x31, 0xdb, /* ...7C.1. */ 0xba, 0xb1, 0x43, 0x18, 0xda, 0x04, 0x04, 0x14, /* ..C..... */ 0x83, 0xc6, 0x3a, 0x89, 0x2c, 0x81, 0xf4, 0x02, /* ..:.,... */ 0xd7, 0x9d, 0x4c, 0xe2, 0x2a, 0xc0, 0x71, 0x82, /* ..L.*.q. */ 0x64, 0x44, 0xda, 0x0e, 0x02, 0x01, 0x05, 0x80, /* dD...... */ 0x00, 0x18, 0x0f, 0x32, 0x30, 0x32, 0x33, 0x31, /* ...20231 */ 0x31, 0x30, 0x38, 0x30, 0x30, 0x32, 0x36, 0x33, /* 10800263 */ 0x37, 0x5a, 0xa0, 0x11, 0x18, 0x0f, 0x32, 0x30, /* 7Z....20 */ 0x35, 0x31, 0x30, 0x33, 0x32, 0x35, 0x30, 0x30, /* 51032500 */ 0x32, 0x36, 0x33, 0x37, 0x5a, 0xa1, 0x23, 0x30, /* 2637Z.#0 */ 0x21, 0x30, 0x1f, 0x06, 0x09, 0x2b, 0x06, 0x01, /* !0...+.. */ 0x05, 0x05, 0x07, 0x30, 0x01, 0x02, 0x04, 0x12, /* ...0.... */ 0x04, 0x10, 0xdb, 0xbc, 0x2a, 0x76, 0xa0, 0xb4, /* ....*v.. */ 0x1e, 0x5d, 0xf6, 0x2b, 0x8e, 0x38, 0x62, 0xdb, /* .].+.8b. */ 0x90, 0xed, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, /* ..0...*. */ 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, /* H....... */ 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x87, 0xde, /* ........ */ 0xfb, 0xf9, 0x3a, 0x90, 0x1f, 0x90, 0xde, 0xcf, /* ..:..... */ 0xfe, 0xad, 0x64, 0x19, 0x34, 0x17, 0xf8, 0x15, /* ..d.4... */ 0x01, 0x22, 0x5f, 0x67, 0x41, 0xa4, 0x18, 0xf7, /* ."_gA... */ 0x16, 0xb7, 0xc9, 0xf3, 0xe1, 0x9f, 0xcd, 0x40, /* .......@ */ 0x56, 0x77, 0x6e, 0x6a, 0xfb, 0x92, 0x6a, 0x6f, /* Vwnj..jo */ 0x28, 0x3e, 0x22, 0x48, 0xa1, 0xc2, 0xd8, 0x1d, /* (>"H.... */ 0xc7, 0xe6, 0x78, 0x7f, 0xb6, 0x09, 0xfe, 0x2c, /* ..x...., */ 0xb5, 0xef, 0x29, 0x7c, 0xc5, 0x51, 0x16, 0x7b, /* ..)|.Q.{ */ 0x8f, 0xfb, 0x44, 0xa8, 0xcd, 0xf5, 0x5c, 0x0f, /* ..D...\. */ 0x46, 0x0e, 0xb1, 0xa4, 0xeb, 0x5b, 0xf5, 0x86, /* F....[.. */ 0x11, 0x0f, 0xcd, 0xe2, 0xe5, 0x3c, 0x91, 0x72, /* .....<.r */ 0x0d, 0x6a, 0xcb, 0x95, 0x99, 0x39, 0x91, 0x48, /* .j...9.H */ 0x65, 0x97, 0xb9, 0x78, 0xb5, 0x88, 0x7f, 0x76, /* e..x...v */ 0xa1, 0x43, 0x2f, 0xf6, 0x1f, 0x49, 0xb7, 0x08, /* .C/..I.. */ 0x36, 0xe4, 0x2e, 0x34, 0x25, 0xda, 0x16, 0x74, /* 6..4%..t */ 0x47, 0x62, 0x56, 0xff, 0x2f, 0x02, 0x03, 0x44, /* GbV./..D */ 0x89, 0x04, 0xe7, 0xb8, 0xde, 0x0a, 0x35, 0x43, /* ......5C */ 0xae, 0xd7, 0x54, 0xbe, 0xc3, 0x7c, 0x95, 0xa5, /* ..T..|.. */ 0xc8, 0xe0, 0x2e, 0x52, 0xb6, 0xea, 0x99, 0x45, /* ...R...E */ 0xfd, 0xda, 0x4b, 0xd5, 0x79, 0x07, 0x64, 0xca, /* ..K.y.d. */ 0x64, 0xba, 0x52, 0x12, 0x62, 0x8c, 0x08, 0x9a, /* d.R.b... */ 0x32, 0xeb, 0x85, 0x65, 0x05, 0x39, 0x07, 0x5d, /* 2..e.9.] */ 0x39, 0x4a, 0xcf, 0xa5, 0x30, 0xf6, 0xd1, 0xf7, /* 9J..0... */ 0x29, 0xaa, 0x23, 0x42, 0xc6, 0x85, 0x16, 0x7f, /* ).#B.... */ 0x64, 0x16, 0xb1, 0xb0, 0x5d, 0xcd, 0x88, 0x2d, /* d...]..- */ 0x06, 0xb0, 0xa9, 0xdf, 0xa3, 0x9f, 0x25, 0x41, /* ......%A */ 0x89, 0x9a, 0x19, 0xe1, 0xaa, 0xcd, 0xdf, 0x51, /* .......Q */ 0xcb, 0xa9, 0xc3, 0x7e, 0x27, 0xbc, 0x7d, 0x9b, /* ...~'.}. */ 0x6f, 0x4d, 0x79, 0x87, 0x09, 0x3f, 0xac, 0xd2, /* oMy..?.. */ 0x4a, 0x3b, 0xbe, 0xf8, 0x7a, 0xa4, 0x93, 0x45, /* J;..z..E */ 0x11, 0x64, 0x40, 0xc5, 0x03, 0xc9, 0x24, 0x5b, /* .d@...$[ */ 0xe9, 0x6d, 0xfc, 0x94, 0x08, 0xbe, 0xa0, 0x82, /* .m...... */ 0x04, 0xc6, 0x30, 0x82, 0x04, 0xc2, 0x30, 0x82, /* ..0...0. */ 0x04, 0xbe, 0x30, 0x82, 0x03, 0xa6, 0xa0, 0x03, /* ..0..... */ 0x02, 0x01, 0x02, 0x02, 0x01, 0x04, 0x30, 0x0d, /* ......0. */ 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, /* ..*.H... */ 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x81, 0x97, /* .....0.. */ 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, /* 1.0...U. */ 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, /* ...US1.0 */ 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, /* ...U.... */ 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x74, /* Washingt */ 0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, /* on1.0... */ 0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, 0x65, 0x61, /* U....Sea */ 0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, 0x30, 0x0e, /* ttle1.0. */ 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x07, 0x77, /* ..U....w */ 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x31, 0x14, /* olfSSL1. */ 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, /* 0...U... */ 0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, /* .Enginee */ 0x72, 0x69, 0x6e, 0x67, 0x31, 0x18, 0x30, 0x16, /* ring1.0. */ 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x77, /* ..U....w */ 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x20, 0x72, /* olfSSL r */ 0x6f, 0x6f, 0x74, 0x20, 0x43, 0x41, 0x31, 0x1f, /* oot CA1. */ 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, /* 0...*.H. */ 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, /* .......i */ 0x6e, 0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, /* nfo@wolf */ 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x30, /* ssl.com0 */ 0x1e, 0x17, 0x0d, 0x32, 0x32, 0x31, 0x32, 0x31, /* ...22121 */ 0x36, 0x32, 0x31, 0x31, 0x37, 0x35, 0x30, 0x5a, /* 6211750Z */ 0x17, 0x0d, 0x32, 0x35, 0x30, 0x39, 0x31, 0x31, /* ..250911 */ 0x32, 0x31, 0x31, 0x37, 0x35, 0x30, 0x5a, 0x30, /* 211750Z0 */ 0x81, 0x9e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, /* ..1.0... */ 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, /* U....US1 */ 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, /* .0...U.. */ 0x0c, 0x0a, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, /* ..Washin */ 0x67, 0x74, 0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, /* gton1.0. */ 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, /* ..U....S */ 0x65, 0x61, 0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, /* eattle1. */ 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, /* 0...U... */ 0x07, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, /* .wolfSSL */ 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, /* 1.0...U. */ 0x0b, 0x0c, 0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, /* ...Engin */ 0x65, 0x65, 0x72, 0x69, 0x6e, 0x67, 0x31, 0x1f, /* eering1. */ 0x30, 0x1d, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, /* 0...U... */ 0x16, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, /* .wolfSSL */ 0x20, 0x4f, 0x43, 0x53, 0x50, 0x20, 0x52, 0x65, /* OCSP Re */ 0x73, 0x70, 0x6f, 0x6e, 0x64, 0x65, 0x72, 0x31, /* sponder1 */ 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, /* .0...*.H */ 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, /* ........ */ 0x69, 0x6e, 0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, /* info@wol */ 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, /* fssl.com */ 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, /* 0.."0... */ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, /* *.H..... */ 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, /* ........ */ 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, /* 0....... */ 0x00, 0xb8, 0xba, 0x23, 0xb4, 0xf6, 0xc3, 0x7b, /* ...#...{ */ 0x14, 0xc3, 0xa4, 0xf5, 0x1d, 0x61, 0xa1, 0xf5, /* .....a.. */ 0x1e, 0x63, 0xb9, 0x85, 0x23, 0x34, 0x50, 0x6d, /* .c..#4Pm */ 0xf8, 0x7c, 0xa2, 0x8a, 0x04, 0x8b, 0xd5, 0x75, /* .|.....u */ 0x5c, 0x2d, 0xf7, 0x63, 0x88, 0xd1, 0x07, 0x7a, /* \-.c...z */ 0xea, 0x0b, 0x45, 0x35, 0x2b, 0xeb, 0x1f, 0xb1, /* ..E5+... */ 0x22, 0xb4, 0x94, 0x41, 0x38, 0xe2, 0x9d, 0x74, /* "..A8..t */ 0xd6, 0x8b, 0x30, 0x22, 0x10, 0x51, 0xc5, 0xdb, /* ..0".Q.. */ 0xca, 0x3f, 0x46, 0x2b, 0xfe, 0xe5, 0x5a, 0x3f, /* .?F+..Z? */ 0x41, 0x74, 0x67, 0x75, 0x95, 0xa9, 0x94, 0xd5, /* Atgu.... */ 0xc3, 0xee, 0x42, 0xf8, 0x8d, 0xeb, 0x92, 0x95, /* ..B..... */ 0xe1, 0xd9, 0x65, 0xb7, 0x43, 0xc4, 0x18, 0xde, /* ..e.C... */ 0x16, 0x80, 0x90, 0xce, 0x24, 0x35, 0x21, 0xc4, /* ....$5!. */ 0x55, 0xac, 0x5a, 0x51, 0xe0, 0x2e, 0x2d, 0xb3, /* U.ZQ..-. */ 0x0a, 0x5a, 0x4f, 0x4a, 0x73, 0x31, 0x50, 0xee, /* .ZOJs1P. */ 0x4a, 0x16, 0xbd, 0x39, 0x8b, 0xad, 0x05, 0x48, /* J..9...H */ 0x87, 0xb1, 0x99, 0xe2, 0x10, 0xa7, 0x06, 0x72, /* .......r */ 0x67, 0xca, 0x5c, 0xd1, 0x97, 0xbd, 0xc8, 0xf1, /* g.\..... */ 0x76, 0xf8, 0xe0, 0x4a, 0xec, 0xbc, 0x93, 0xf4, /* v..J.... */ 0x66, 0x4c, 0x28, 0x71, 0xd1, 0xd8, 0x66, 0x03, /* fL(q..f. */ 0xb4, 0x90, 0x30, 0xbb, 0x17, 0xb0, 0xfe, 0x97, /* ..0..... */ 0xf5, 0x1e, 0xe8, 0xc7, 0x5d, 0x9b, 0x8b, 0x11, /* ....]... */ 0x19, 0x12, 0x3c, 0xab, 0x82, 0x71, 0x78, 0xff, /* ..<..qx. */ 0xae, 0x3f, 0x32, 0xb2, 0x08, 0x71, 0xb2, 0x1b, /* .?2..q.. */ 0x8c, 0x27, 0xac, 0x11, 0xb8, 0xd8, 0x43, 0x49, /* .'....CI */ 0xcf, 0xb0, 0x70, 0xb1, 0xf0, 0x8c, 0xae, 0xda, /* ..p..... */ 0x24, 0x87, 0x17, 0x3b, 0xd8, 0x04, 0x65, 0x6c, /* $..;..el */ 0x00, 0x76, 0x50, 0xef, 0x15, 0x08, 0xd7, 0xb4, /* .vP..... */ 0x73, 0x68, 0x26, 0x14, 0x87, 0x95, 0xc3, 0x5f, /* sh&...._ */ 0x6e, 0x61, 0xb8, 0x87, 0x84, 0xfa, 0x80, 0x1a, /* na...... */ 0x0a, 0x8b, 0x98, 0xf3, 0xe3, 0xff, 0x4e, 0x44, /* ......ND */ 0x1c, 0x65, 0x74, 0x7c, 0x71, 0x54, 0x65, 0xe5, /* .et|qTe. */ 0x39, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x82, /* 9....... */ 0x01, 0x0a, 0x30, 0x82, 0x01, 0x06, 0x30, 0x09, /* ..0...0. */ 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, /* ..U....0 */ 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, /* .0...U.. */ 0x04, 0x16, 0x04, 0x14, 0x32, 0x67, 0xe1, 0xb1, /* ....2g.. */ 0x79, 0xd2, 0x81, 0xfc, 0x9f, 0x23, 0x0c, 0x70, /* y....#.p */ 0x40, 0x50, 0xb5, 0x46, 0x56, 0xb8, 0x30, 0x36, /* @P.FV.06 */ 0x30, 0x81, 0xc4, 0x06, 0x03, 0x55, 0x1d, 0x23, /* 0....U.# */ 0x04, 0x81, 0xbc, 0x30, 0x81, 0xb9, 0x80, 0x14, /* ...0.... */ 0x73, 0xb0, 0x1c, 0xa4, 0x2f, 0x82, 0xcb, 0xcf, /* s.../... */ 0x47, 0xa5, 0x38, 0xd7, 0xb0, 0x04, 0x82, 0x3a, /* G.8....: */ 0x7e, 0x72, 0x15, 0x21, 0xa1, 0x81, 0x9d, 0xa4, /* ~r.!.... */ 0x81, 0x9a, 0x30, 0x81, 0x97, 0x31, 0x0b, 0x30, /* ..0..1.0 */ 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, /* ...U.... */ 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, /* US1.0... */ 0x55, 0x04, 0x08, 0x0c, 0x0a, 0x57, 0x61, 0x73, /* U....Was */ 0x68, 0x69, 0x6e, 0x67, 0x74, 0x6f, 0x6e, 0x31, /* hington1 */ 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, /* .0...U.. */ 0x0c, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6c, /* ..Seattl */ 0x65, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, /* e1.0...U */ 0x04, 0x0a, 0x0c, 0x07, 0x77, 0x6f, 0x6c, 0x66, /* ....wolf */ 0x53, 0x53, 0x4c, 0x31, 0x14, 0x30, 0x12, 0x06, /* SSL1.0.. */ 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x0b, 0x45, 0x6e, /* .U....En */ 0x67, 0x69, 0x6e, 0x65, 0x65, 0x72, 0x69, 0x6e, /* gineerin */ 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, /* g1.0...U */ 0x04, 0x03, 0x0c, 0x0f, 0x77, 0x6f, 0x6c, 0x66, /* ....wolf */ 0x53, 0x53, 0x4c, 0x20, 0x72, 0x6f, 0x6f, 0x74, /* SSL root */ 0x20, 0x43, 0x41, 0x31, 0x1f, 0x30, 0x1d, 0x06, /* CA1.0.. */ 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, /* .*.H.... */ 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66, 0x6f, /* ....info */ 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, /* @wolfssl */ 0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x01, 0x63, 0x30, /* .com..c0 */ 0x13, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x04, 0x0c, /* ...U.%.. */ 0x30, 0x0a, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, /* 0...+... */ 0x05, 0x07, 0x03, 0x09, 0x30, 0x0d, 0x06, 0x09, /* ....0... */ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, /* *.H..... */ 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, /* ........ */ 0x2f, 0xb7, 0x6b, 0xec, 0xb7, 0x12, 0x63, 0xb9, /* /.k...c. */ 0x57, 0xdc, 0x04, 0x4d, 0x9c, 0x67, 0x74, 0x98, /* W..M.gt. */ 0x06, 0x28, 0x68, 0x37, 0x34, 0xc2, 0x50, 0xe9, /* .(h74.P. */ 0x2a, 0xd4, 0x1a, 0xb2, 0x32, 0x1a, 0x9d, 0x2b, /* *...2..+ */ 0x4f, 0x23, 0x50, 0xea, 0xb4, 0x95, 0x86, 0xc3, /* O#P..... */ 0xb9, 0x5f, 0x34, 0x3e, 0x99, 0x91, 0xa7, 0x80, /* ._4>.... */ 0x5f, 0x6e, 0x1b, 0x6e, 0xdb, 0xe9, 0x02, 0x38, /* _n.n...8 */ 0x6f, 0xdf, 0xc5, 0x9b, 0x0d, 0xa3, 0x1c, 0xa9, /* o....... */ 0x15, 0x76, 0x16, 0x66, 0xa8, 0x4e, 0xfb, 0xd3, /* .v.f.N.. */ 0x43, 0x76, 0xf1, 0x72, 0xb7, 0xd1, 0xfa, 0xee, /* Cv.r.... */ 0x39, 0xa6, 0x96, 0xc1, 0xa2, 0x93, 0xa4, 0x9b, /* 9....... */ 0x1e, 0x9f, 0xba, 0x71, 0x8f, 0xba, 0xbd, 0x67, /* ...q...g */ 0x6a, 0xf2, 0x15, 0x5f, 0xf1, 0x64, 0xe7, 0xcf, /* j.._.d.. */ 0x26, 0xb8, 0x4c, 0xc0, 0xeb, 0x85, 0x04, 0x58, /* &.L....X */ 0xd9, 0x4a, 0x6b, 0xd9, 0x86, 0xf5, 0x80, 0x21, /* .Jk....! */ 0xbf, 0x91, 0xc8, 0x4b, 0x9f, 0x04, 0xed, 0x57, /* ...K...W */ 0x7a, 0xd2, 0x58, 0xac, 0x5b, 0x47, 0xaf, 0x4d, /* z.X.[G.M */ 0x7f, 0x5b, 0x1d, 0x6d, 0x68, 0x9b, 0x84, 0x98, /* .[.mh... */ 0x2a, 0x31, 0x02, 0x2c, 0xe9, 0x1b, 0xaf, 0x11, /* *1.,.... */ 0x0b, 0x78, 0x49, 0xbe, 0x68, 0x68, 0xcb, 0x9c, /* .xI.hh.. */ 0x41, 0x56, 0xe8, 0xb5, 0x59, 0xda, 0xff, 0xca, /* AV..Y... */ 0x59, 0x99, 0x17, 0x3e, 0x11, 0x0a, 0x8f, 0x49, /* Y..>...I */ 0x24, 0x0b, 0x81, 0x42, 0x63, 0xcd, 0x4f, 0xf6, /* $..Bc.O. */ 0x2b, 0x9d, 0xd1, 0x79, 0x75, 0xd7, 0x4a, 0xcc, /* +..yu.J. */ 0x4c, 0xb7, 0x2b, 0xd7, 0xe8, 0xe7, 0xd4, 0x48, /* L.+....H */ 0x3c, 0x14, 0x3b, 0x1c, 0x28, 0xe8, 0x46, 0x7a, /* <.;.(.Fz */ 0xdc, 0x11, 0x9d, 0x7f, 0x1c, 0xab, 0x10, 0x95, /* ........ */ 0x17, 0xb2, 0xc7, 0x7a, 0xbb, 0x17, 0x44, 0x59, /* ...z..DY */ 0x69, 0x8e, 0x16, 0x05, 0x94, 0x8c, 0x88, 0xd9, /* i....... */ 0xdc, 0x9a, 0xfd, 0xf2, 0x93, 0xbe, 0x68, 0xba, /* ......h. */ 0x3c, 0xd6, 0x2b, 0x61, 0x3a, 0x8b, 0xf7, 0x66, /* <.+a:..f */ 0xcb, 0x54, 0xe8, 0xe4, 0xdb, 0x9f, 0xcc, 0x9e /* .T...... */ }; OcspEntry entry[1]; CertStatus status[1]; OcspRequest* request = NULL; #ifndef NO_FILESYSTEM const char* ca_cert = "./certs/ca-cert.pem"; #endif byte serial[] = {0x05}; byte issuerHash[] = {0x71, 0x4d, 0x82, 0x23, 0x40, 0x59, 0xc0, 0x96, 0xa1, 0x37, 0x43, 0xfa, 0x31, 0xdb, 0xba, 0xb1, 0x43, 0x18, 0xda, 0x04}; byte issuerKeyHash[] = {0x83, 0xc6, 0x3a, 0x89, 0x2c, 0x81, 0xf4, 0x02, 0xd7, 0x9d, 0x4c, 0xe2, 0x2a, 0xc0, 0x71, 0x82, 0x64, 0x44, 0xda, 0x0e}; XMEMSET(entry, 0, sizeof(OcspEntry)); XMEMSET(status, 0, sizeof(CertStatus)); ExpectNotNull(request = wolfSSL_OCSP_REQUEST_new()); ExpectNotNull(request->serial = (byte*)XMALLOC(sizeof(serial), NULL, DYNAMIC_TYPE_OCSP_REQUEST)); if ((request != NULL) && (request->serial != NULL)) { request->serialSz = sizeof(serial); XMEMCPY(request->serial, serial, sizeof(serial)); XMEMCPY(request->issuerHash, issuerHash, sizeof(issuerHash)); XMEMCPY(request->issuerKeyHash, issuerKeyHash, sizeof(issuerKeyHash)); } ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL)); ExpectIntEQ(wolfSSL_CertManagerEnableOCSP(cm, 0), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm, "./certs/ocsp/intermediate1-ca-cert.pem", NULL), WOLFSSL_SUCCESS); /* Response should be valid. */ ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, (byte *)response, sizeof(response), NULL, status, entry, request), WOLFSSL_SUCCESS); /* Flip a byte in the request serial number, response should be invalid * now. */ if ((request != NULL) && (request->serial != NULL)) request->serial[0] ^= request->serial[0]; ExpectIntNE(wolfSSL_CertManagerCheckOCSPResponse(cm, (byte *)response, sizeof(response), NULL, status, entry, request), WOLFSSL_SUCCESS); #ifndef NO_FILESYSTEM ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(cm, server_cert_der_2048, sizeof(server_cert_der_2048)), ASN_NO_SIGNER_E); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL)); ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(cm, server_cert_der_2048, sizeof(server_cert_der_2048)), 1); #endif wolfSSL_OCSP_REQUEST_free(request); wolfSSL_CertManagerFree(cm); #endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || * WOLFSSL_APACHE_HTTPD || HAVE_LIGHTY */ #endif /* HAVE_OCSP */ return EXPECT_RESULT(); } static int test_wolfSSL_CheckOCSPResponse(void) { EXPECT_DECLS; #if defined(HAVE_OCSP) && !defined(NO_RSA) && !defined(NO_SHA) && \ defined(OPENSSL_ALL) const char* responseFile = "./certs/ocsp/test-response.der"; const char* responseMultiFile = "./certs/ocsp/test-multi-response.der"; const char* responseNoInternFile = "./certs/ocsp/test-response-nointern.der"; const char* caFile = "./certs/ocsp/root-ca-cert.pem"; OcspResponse* res = NULL; byte data[4096]; const unsigned char* pt; int dataSz = 0; /* initialize to mitigate spurious maybe-uninitialized from * gcc sanitizer with --enable-heapmath. */ XFILE f = XBADFILE; WOLFSSL_OCSP_BASICRESP* bs = NULL; WOLFSSL_X509_STORE* st = NULL; WOLFSSL_X509* issuer = NULL; ExpectTrue((f = XFOPEN(responseFile, "rb")) != XBADFILE); ExpectIntGT(dataSz = (word32)XFREAD(data, 1, sizeof(data), f), 0); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } pt = data; ExpectNotNull(res = wolfSSL_d2i_OCSP_RESPONSE(NULL, &pt, dataSz)); ExpectNotNull(issuer = wolfSSL_X509_load_certificate_file(caFile, SSL_FILETYPE_PEM)); ExpectNotNull(st = wolfSSL_X509_STORE_new()); ExpectIntEQ(wolfSSL_X509_STORE_add_cert(st, issuer), WOLFSSL_SUCCESS); ExpectNotNull(bs = wolfSSL_OCSP_response_get1_basic(res)); ExpectIntEQ(wolfSSL_OCSP_basic_verify(bs, NULL, st, 0), WOLFSSL_SUCCESS); wolfSSL_OCSP_BASICRESP_free(bs); bs = NULL; wolfSSL_OCSP_RESPONSE_free(res); res = NULL; wolfSSL_X509_STORE_free(st); st = NULL; wolfSSL_X509_free(issuer); issuer = NULL; /* check loading a response with optional certs */ ExpectTrue((f = XFOPEN(responseNoInternFile, "rb")) != XBADFILE); ExpectIntGT(dataSz = (word32)XFREAD(data, 1, sizeof(data), f), 0); if (f != XBADFILE) XFCLOSE(f); f = XBADFILE; pt = data; ExpectNotNull(res = wolfSSL_d2i_OCSP_RESPONSE(NULL, &pt, dataSz)); wolfSSL_OCSP_RESPONSE_free(res); res = NULL; /* check loading a response with multiple certs */ { WOLFSSL_CERT_MANAGER* cm = NULL; OcspEntry *entry = NULL; CertStatus* status = NULL; OcspRequest* request = NULL; byte serial1[] = {0x01}; byte serial[] = {0x02}; byte issuerHash[] = { 0x44, 0xA8, 0xDB, 0xD1, 0xBC, 0x97, 0x0A, 0x83, 0x3B, 0x5B, 0x31, 0x9A, 0x4C, 0xB8, 0xD2, 0x52, 0x37, 0x15, 0x8A, 0x88 }; byte issuerKeyHash[] = { 0x73, 0xB0, 0x1C, 0xA4, 0x2F, 0x82, 0xCB, 0xCF, 0x47, 0xA5, 0x38, 0xD7, 0xB0, 0x04, 0x82, 0x3A, 0x7E, 0x72, 0x15, 0x21 }; ExpectNotNull(entry = (OcspEntry*)XMALLOC(sizeof(OcspEntry), NULL, DYNAMIC_TYPE_OPENSSL)); ExpectNotNull(status = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL, DYNAMIC_TYPE_OPENSSL)); if (entry != NULL) XMEMSET(entry, 0, sizeof(OcspEntry)); if (status != NULL) XMEMSET(status, 0, sizeof(CertStatus)); ExpectNotNull(request = wolfSSL_OCSP_REQUEST_new()); ExpectNotNull(request->serial = (byte*)XMALLOC(sizeof(serial), NULL, DYNAMIC_TYPE_OCSP_REQUEST)); if (request != NULL && request->serial != NULL) { request->serialSz = sizeof(serial); XMEMCPY(request->serial, serial, sizeof(serial)); XMEMCPY(request->issuerHash, issuerHash, sizeof(issuerHash)); XMEMCPY(request->issuerKeyHash, issuerKeyHash, sizeof(issuerKeyHash)); } ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL)); ExpectIntEQ(wolfSSL_CertManagerEnableOCSP(cm, 0), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm, caFile, NULL), WOLFSSL_SUCCESS); ExpectTrue((f = XFOPEN(responseMultiFile, "rb")) != XBADFILE); ExpectIntGT(dataSz = (word32)XFREAD(data, 1, sizeof(data), f), 0); if (f != XBADFILE) XFCLOSE(f); f = XBADFILE; ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data, dataSz, NULL, status, entry, request), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data, dataSz, NULL, entry->status, entry, request), WOLFSSL_SUCCESS); ExpectNotNull(entry->status); if (request != NULL && request->serial != NULL) XMEMCPY(request->serial, serial1, sizeof(serial1)); ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data, dataSz, NULL, status, entry, request), WOLFSSL_SUCCESS); /* store both status's in the entry to check that "next" is not * overwritten */ if (EXPECT_SUCCESS() && status != NULL && entry != NULL) { status->next = entry->status; entry->status = status; } if (request != NULL && request->serial != NULL) XMEMCPY(request->serial, serial, sizeof(serial)); ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data, dataSz, NULL, entry->status, entry, request), WOLFSSL_SUCCESS); ExpectNotNull(entry->status->next); /* compare the status found */ ExpectIntEQ(status->serialSz, entry->status->serialSz); ExpectIntEQ(XMEMCMP(status->serial, entry->status->serial, status->serialSz), 0); if (status != NULL && entry != NULL && entry->status != status) { XFREE(status, NULL, DYNAMIC_TYPE_OPENSSL); } wolfSSL_OCSP_CERTID_free(entry); wolfSSL_OCSP_REQUEST_free(request); wolfSSL_CertManagerFree(cm); } #if defined(WC_RSA_PSS) { const char* responsePssFile = "./certs/ocsp/test-response-rsapss.der"; /* check loading a response with RSA-PSS signature */ ExpectTrue((f = XFOPEN(responsePssFile, "rb")) != XBADFILE); ExpectIntGT(dataSz = (word32)XFREAD(data, 1, sizeof(data), f), 0); if (f != XBADFILE) XFCLOSE(f); pt = data; ExpectNotNull(res = wolfSSL_d2i_OCSP_RESPONSE(NULL, &pt, dataSz)); /* try to verify the response */ ExpectNotNull(issuer = wolfSSL_X509_load_certificate_file(caFile, SSL_FILETYPE_PEM)); ExpectNotNull(st = wolfSSL_X509_STORE_new()); ExpectIntEQ(wolfSSL_X509_STORE_add_cert(st, issuer), WOLFSSL_SUCCESS); ExpectNotNull(bs = wolfSSL_OCSP_response_get1_basic(res)); ExpectIntEQ(wolfSSL_OCSP_basic_verify(bs, NULL, st, 0), WOLFSSL_SUCCESS); wolfSSL_OCSP_BASICRESP_free(bs); wolfSSL_OCSP_RESPONSE_free(res); wolfSSL_X509_STORE_free(st); wolfSSL_X509_free(issuer); } #endif #endif /* HAVE_OCSP */ return EXPECT_RESULT(); } static int test_wolfSSL_FPKI(void) { EXPECT_DECLS; #if defined(WOLFSSL_FPKI) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) XFILE f = XBADFILE; const char* fpkiCert = "./certs/fpki-cert.der"; DecodedCert cert; byte buf[4096]; byte* uuid = NULL; byte* fascn = NULL; word32 fascnSz; word32 uuidSz; int bytes = 0; ExpectTrue((f = XFOPEN(fpkiCert, "rb")) != XBADFILE); ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0); if (f != XBADFILE) XFCLOSE(f); wc_InitDecodedCert(&cert, buf, bytes, NULL); ExpectIntEQ(wc_ParseCert(&cert, CERT_TYPE, 0, NULL), 0); ExpectIntEQ(wc_GetFASCNFromCert(&cert, NULL, &fascnSz), LENGTH_ONLY_E) ; ExpectNotNull(fascn = (byte*)XMALLOC(fascnSz, NULL, DYNAMIC_TYPE_TMP_BUFFER)); ExpectIntEQ(wc_GetFASCNFromCert(&cert, fascn, &fascnSz), 0); XFREE(fascn, NULL, DYNAMIC_TYPE_TMP_BUFFER); ExpectIntEQ(wc_GetUUIDFromCert(&cert, NULL, &uuidSz), LENGTH_ONLY_E); ExpectNotNull(uuid = (byte*)XMALLOC(uuidSz, NULL, DYNAMIC_TYPE_TMP_BUFFER)); ExpectIntEQ(wc_GetUUIDFromCert(&cert, uuid, &uuidSz), 0); XFREE(uuid, NULL, DYNAMIC_TYPE_TMP_BUFFER); wc_FreeDecodedCert(&cert); #endif return EXPECT_RESULT(); } /* use RID in confuncture with other names to test parsing of unknown other * names */ static int test_wolfSSL_OtherName(void) { EXPECT_DECLS; #if !defined(NO_RSA) && !defined(NO_FILESYSTEM) XFILE f = XBADFILE; const char* ridCert = "./certs/rid-cert.der"; DecodedCert cert; byte buf[4096]; int bytes = 0; ExpectTrue((f = XFOPEN(ridCert, "rb")) != XBADFILE); ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0); if (f != XBADFILE) XFCLOSE(f); wc_InitDecodedCert(&cert, buf, bytes, NULL); ExpectIntEQ(wc_ParseCert(&cert, CERT_TYPE, 0, NULL), 0); wc_FreeDecodedCert(&cert); #endif return EXPECT_RESULT(); } static int test_wolfSSL_CertRsaPss(void) { EXPECT_DECLS; /* FIPS v2 and below don't support long salts. */ #if !defined(NO_RSA) && defined(WC_RSA_PSS) && !defined(NO_FILESYSTEM) && \ (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \ (HAVE_FIPS_VERSION > 2))) && (!defined(HAVE_SELFTEST) || \ (defined(HAVE_SELFTEST_VERSION) && (HAVE_SELFTEST_VERSION > 2))) XFILE f = XBADFILE; const char* rsaPssSha256Cert = "./certs/rsapss/ca-rsapss.der"; const char* rsaPssRootSha256Cert = "./certs/rsapss/root-rsapss.pem"; #if defined(WOLFSSL_SHA384) && defined(WOLFSSL_PSS_LONG_SALT) && \ RSA_MAX_SIZE >= 3072 const char* rsaPssSha384Cert = "./certs/rsapss/ca-3072-rsapss.der"; #endif #if defined(WOLFSSL_SHA384) && RSA_MAX_SIZE >= 3072 const char* rsaPssRootSha384Cert = "./certs/rsapss/root-3072-rsapss.pem"; #endif DecodedCert cert; byte buf[4096]; int bytes = 0; WOLFSSL_CERT_MANAGER* cm = NULL; ExpectNotNull(cm = wolfSSL_CertManagerNew()); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCA(cm, rsaPssRootSha256Cert, NULL)); #if defined(WOLFSSL_SHA384) && RSA_MAX_SIZE >= 3072 ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCA(cm, rsaPssRootSha384Cert, NULL)); #endif ExpectTrue((f = XFOPEN(rsaPssSha256Cert, "rb")) != XBADFILE); ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } wc_InitDecodedCert(&cert, buf, bytes, NULL); ExpectIntEQ(wc_ParseCert(&cert, CERT_TYPE, VERIFY, cm), 0); wc_FreeDecodedCert(&cert); #if defined(WOLFSSL_SHA384) && defined(WOLFSSL_PSS_LONG_SALT) && \ RSA_MAX_SIZE >= 3072 ExpectTrue((f = XFOPEN(rsaPssSha384Cert, "rb")) != XBADFILE); ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0); if (f != XBADFILE) XFCLOSE(f); wc_InitDecodedCert(&cert, buf, bytes, NULL); ExpectIntEQ(wc_ParseCert(&cert, CERT_TYPE, VERIFY, cm), 0); wc_FreeDecodedCert(&cert); #endif wolfSSL_CertManagerFree(cm); #endif return EXPECT_RESULT(); } static int test_wolfSSL_CTX_load_verify_locations_ex(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \ !defined(NO_WOLFSSL_CLIENT) WOLFSSL_CTX* ctx = NULL; const char* ca_cert = "./certs/ca-cert.pem"; const char* ca_expired_cert = "./certs/test/expired/expired-ca.pem"; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); /* test good CA */ ExpectTrue(WOLFSSL_SUCCESS == wolfSSL_CTX_load_verify_locations_ex(ctx, ca_cert, NULL, WOLFSSL_LOAD_FLAG_NONE)); /* test expired CA */ #if !defined(OPENSSL_COMPATIBLE_DEFAULTS) && !defined(NO_ASN_TIME) ExpectIntNE(wolfSSL_CTX_load_verify_locations_ex(ctx, ca_expired_cert, NULL, WOLFSSL_LOAD_FLAG_NONE), WOLFSSL_SUCCESS); #else ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx, ca_expired_cert, NULL, WOLFSSL_LOAD_FLAG_NONE), WOLFSSL_SUCCESS); #endif ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx, ca_expired_cert, NULL, WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY), WOLFSSL_SUCCESS); wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfSSL_CTX_load_verify_buffer_ex(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \ defined(USE_CERT_BUFFERS_2048) #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) WOLFSSL_CTX* ctx; const char* ca_expired_cert_file = "./certs/test/expired/expired-ca.der"; byte ca_expired_cert[TWOK_BUF]; word32 sizeof_ca_expired_cert = 0; XFILE fp = XBADFILE; #ifndef NO_WOLFSSL_CLIENT ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()); #else ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()); #endif ExpectNotNull(ctx); /* test good CA */ ExpectTrue(WOLFSSL_SUCCESS == wolfSSL_CTX_load_verify_buffer_ex(ctx, ca_cert_der_2048, sizeof_ca_cert_der_2048, WOLFSSL_FILETYPE_ASN1, 0, WOLFSSL_LOAD_FLAG_NONE)); /* load expired CA */ XMEMSET(ca_expired_cert, 0, sizeof(ca_expired_cert)); ExpectTrue((fp = XFOPEN(ca_expired_cert_file, "rb")) != XBADFILE); ExpectIntGT(sizeof_ca_expired_cert = (word32)XFREAD(ca_expired_cert, 1, sizeof(ca_expired_cert), fp), 0); if (fp != XBADFILE) XFCLOSE(fp); /* test expired CA failure */ #if !defined(OPENSSL_COMPATIBLE_DEFAULTS) && !defined(NO_ASN_TIME) ExpectIntNE(wolfSSL_CTX_load_verify_buffer_ex(ctx, ca_expired_cert, sizeof_ca_expired_cert, WOLFSSL_FILETYPE_ASN1, 0, WOLFSSL_LOAD_FLAG_NONE), WOLFSSL_SUCCESS); #else ExpectIntEQ(wolfSSL_CTX_load_verify_buffer_ex(ctx, ca_expired_cert, sizeof_ca_expired_cert, WOLFSSL_FILETYPE_ASN1, 0, WOLFSSL_LOAD_FLAG_NONE), WOLFSSL_SUCCESS); #endif /* test expired CA success */ ExpectIntEQ(wolfSSL_CTX_load_verify_buffer_ex(ctx, ca_expired_cert, sizeof_ca_expired_cert, WOLFSSL_FILETYPE_ASN1, 0, WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY), WOLFSSL_SUCCESS); wolfSSL_CTX_free(ctx); #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ #endif return EXPECT_RESULT(); } static int test_wolfSSL_CTX_load_verify_chain_buffer_format(void) { EXPECT_DECLS; #if !defined(NO_CERTS) && !defined(NO_RSA) && defined(OPENSSL_EXTRA) && \ defined(WOLFSSL_CERT_GEN) && defined(USE_CERT_BUFFERS_2048) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) WOLFSSL_CTX* ctx = NULL; #ifndef NO_WOLFSSL_CLIENT ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); #endif ExpectTrue(WOLFSSL_SUCCESS == wolfSSL_CTX_load_verify_chain_buffer_format( ctx, ca_cert_chain_der, sizeof_ca_cert_chain_der, WOLFSSL_FILETYPE_ASN1)); wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfSSL_CTX_add1_chain_cert(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && defined(OPENSSL_EXTRA) && \ defined(KEEP_OUR_CERT) && !defined(NO_RSA) && !defined(NO_WOLFSSL_CLIENT) WOLFSSL_CTX* ctx; WOLFSSL* ssl = NULL; const char *certChain[] = { "./certs/intermediate/client-int-cert.pem", "./certs/intermediate/ca-int2-cert.pem", "./certs/intermediate/ca-int-cert.pem", "./certs/ca-cert.pem", NULL }; const char** cert; WOLFSSL_X509* x509 = NULL; WOLF_STACK_OF(X509)* chain = NULL; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); ExpectNotNull(ssl = wolfSSL_new(ctx)); for (cert = certChain; EXPECT_SUCCESS() && *cert != NULL; cert++) { ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(*cert, WOLFSSL_FILETYPE_PEM)); ExpectIntEQ(SSL_CTX_add1_chain_cert(ctx, x509), 1); X509_free(x509); x509 = NULL; } for (cert = certChain; EXPECT_SUCCESS() && *cert != NULL; cert++) { ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(*cert, WOLFSSL_FILETYPE_PEM)); ExpectIntEQ(SSL_add1_chain_cert(ssl, x509), 1); X509_free(x509); x509 = NULL; } ExpectIntEQ(SSL_CTX_get0_chain_certs(ctx, &chain), 1); ExpectIntEQ(sk_X509_num(chain), 3); ExpectIntEQ(SSL_get0_chain_certs(ssl, &chain), 1); ExpectIntEQ(sk_X509_num(chain), 3); SSL_free(ssl); SSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfSSL_CTX_use_certificate_chain_file_format(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) const char* server_chain_der = "./certs/server-cert-chain.der"; const char* client_single_pem = "./certs/client-cert.pem"; WOLFSSL_CTX* ctx; (void)server_chain_der; (void)client_single_pem; (void)ctx; #ifndef NO_WOLFSSL_CLIENT ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()); #else ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()); #endif ExpectNotNull(ctx); ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_file_format(ctx, server_chain_der, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_file_format(ctx, client_single_pem, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfSSL_CTX_SetTmpDH_file(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_DH) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) WOLFSSL_CTX *ctx = NULL; (void)ctx; #ifndef NO_WOLFSSL_CLIENT ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); #endif /* invalid context */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_file(NULL, dhParamFile, WOLFSSL_FILETYPE_PEM)); /* invalid dhParamFile file */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_file(ctx, NULL, WOLFSSL_FILETYPE_PEM)); ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_file(ctx, bogusFile, WOLFSSL_FILETYPE_PEM)); /* success */ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_file(ctx, dhParamFile, WOLFSSL_FILETYPE_PEM)); wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfSSL_CTX_SetTmpDH_buffer(void) { EXPECT_DECLS; #if !defined(NO_CERTS) && !defined(NO_DH) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) WOLFSSL_CTX *ctx = NULL; #ifndef NO_WOLFSSL_CLIENT ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); #endif /* invalid context */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_buffer(NULL, dh_key_der_2048, sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1)); /* invalid dhParamFile file */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_buffer(NULL, NULL, 0, WOLFSSL_FILETYPE_ASN1)); ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_buffer(ctx, dsa_key_der_2048, sizeof_dsa_key_der_2048, WOLFSSL_FILETYPE_ASN1)); /* success */ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_buffer(ctx, dh_key_der_2048, sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1)); wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfSSL_CTX_SetMinMaxDhKey_Sz(void) { EXPECT_DECLS; #if !defined(NO_CERTS) && !defined(NO_DH) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) WOLFSSL_CTX *ctx; (void)ctx; #ifndef NO_WOLFSSL_CLIENT ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()); #else ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()); #endif ExpectNotNull(ctx); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetMinDhKey_Sz(ctx, 3072)); ExpectIntEQ(DH_KEY_SIZE_E, wolfSSL_CTX_SetTmpDH_buffer(ctx, dh_key_der_2048, sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetMinDhKey_Sz(ctx, 2048)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_buffer(ctx, dh_key_der_2048, sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetMaxDhKey_Sz(ctx, 1024)); ExpectIntEQ(DH_KEY_SIZE_E, wolfSSL_CTX_SetTmpDH_buffer(ctx, dh_key_der_2048, sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetMaxDhKey_Sz(ctx, 2048)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_buffer(ctx, dh_key_der_2048, sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1)); wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfSSL_CTX_der_load_verify_locations(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && defined(WOLFSSL_DER_LOAD) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) WOLFSSL_CTX* ctx = NULL; const char* derCert = "./certs/server-cert.der"; const char* nullPath = NULL; const char* invalidPath = "./certs/this-cert-does-not-exist.der"; const char* emptyPath = ""; /* der load Case 1 ctx NULL */ ExpectIntEQ(wolfSSL_CTX_der_load_verify_locations(ctx, derCert, WOLFSSL_FILETYPE_ASN1), WOLFSSL_FAILURE); #ifndef NO_WOLFSSL_CLIENT ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); #endif /* Case 2 filePath NULL */ ExpectIntEQ(wolfSSL_CTX_der_load_verify_locations(ctx, nullPath, WOLFSSL_FILETYPE_ASN1), WOLFSSL_FAILURE); /* Case 3 invalid format */ ExpectIntEQ(wolfSSL_CTX_der_load_verify_locations(ctx, derCert, WOLFSSL_FILETYPE_PEM), WOLFSSL_FAILURE); /* Case 4 filePath not valid */ ExpectIntEQ(wolfSSL_CTX_der_load_verify_locations(ctx, invalidPath, WOLFSSL_FILETYPE_ASN1), WOLFSSL_FAILURE); /* Case 5 filePath empty */ ExpectIntEQ(wolfSSL_CTX_der_load_verify_locations(ctx, emptyPath, WOLFSSL_FILETYPE_ASN1), WOLFSSL_FAILURE); #ifndef NO_RSA /* Case 6 success case */ ExpectIntEQ(wolfSSL_CTX_der_load_verify_locations(ctx, derCert, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); #endif wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfSSL_CTX_enable_disable(void) { EXPECT_DECLS; #ifndef NO_CERTS WOLFSSL_CTX* ctx = NULL; #ifdef HAVE_CRL ExpectIntEQ(wolfSSL_CTX_DisableCRL(ctx), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_EnableCRL(ctx, 0), BAD_FUNC_ARG); #endif #ifdef HAVE_OCSP ExpectIntEQ(wolfSSL_CTX_DisableOCSP(ctx), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_EnableOCSP(ctx, 0), BAD_FUNC_ARG); #endif #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \ defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) ExpectIntEQ(wolfSSL_CTX_DisableOCSPStapling(ctx), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_EnableOCSPStapling(ctx), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_DisableOCSPMustStaple(ctx), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_EnableOCSPMustStaple(ctx), BAD_FUNC_ARG); #endif #ifndef NO_WOLFSSL_CLIENT #ifdef HAVE_EXTENDED_MASTER ExpectIntEQ(wolfSSL_CTX_DisableExtendedMasterSecret(ctx), BAD_FUNC_ARG); #endif ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); #ifdef HAVE_EXTENDED_MASTER ExpectIntEQ(wolfSSL_CTX_DisableExtendedMasterSecret(ctx), WOLFSSL_SUCCESS); #endif #elif !defined(NO_WOLFSSL_SERVER) ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); #endif #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) #ifdef HAVE_CRL ExpectIntEQ(wolfSSL_CTX_DisableCRL(ctx), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_EnableCRL(ctx, 0), WOLFSSL_SUCCESS); #endif #ifdef HAVE_OCSP ExpectIntEQ(wolfSSL_CTX_DisableOCSP(ctx), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_EnableOCSP(ctx, WOLFSSL_OCSP_URL_OVERRIDE), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_EnableOCSP(ctx, WOLFSSL_OCSP_NO_NONCE), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_EnableOCSP(ctx, WOLFSSL_OCSP_CHECKALL), WOLFSSL_SUCCESS); #endif #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \ defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) ExpectIntEQ(wolfSSL_CTX_DisableOCSPStapling(ctx), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_EnableOCSPStapling(ctx), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_DisableOCSPMustStaple(ctx), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_DisableOCSPMustStaple(ctx), WOLFSSL_SUCCESS); #endif wolfSSL_CTX_free(ctx); #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ #endif /* NO_CERTS */ return EXPECT_RESULT(); } static int test_wolfSSL_CTX_ticket_API(void) { EXPECT_DECLS; #if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) WOLFSSL_CTX* ctx = NULL; void *userCtx = (void*)"this is my ctx"; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_set_TicketEncCtx(ctx, userCtx)); ExpectTrue(userCtx == wolfSSL_CTX_get_TicketEncCtx(ctx)); wolfSSL_CTX_free(ctx); ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_set_TicketEncCtx(NULL, userCtx)); ExpectNull(wolfSSL_CTX_get_TicketEncCtx(NULL)); #endif /* HAVE_SESSION_TICKET && !NO_WOLFSSL_SERVER */ return EXPECT_RESULT(); } static int test_wolfSSL_set_minmax_proto_version(void) { EXPECT_DECLS; #ifdef OPENSSL_EXTRA WOLFSSL_CTX *ctx = NULL; WOLFSSL *ssl = NULL; (void)ssl; #ifndef NO_WOLFSSL_CLIENT ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); ExpectNotNull(ssl = wolfSSL_new(ctx)); ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(NULL, 0), SSL_FAILURE); ExpectIntEQ(wolfSSL_CTX_set_max_proto_version(NULL, 0), SSL_FAILURE); ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, 0), SSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_set_max_proto_version(ctx, 0), SSL_SUCCESS); ExpectIntEQ(wolfSSL_set_min_proto_version(NULL, 0), SSL_FAILURE); ExpectIntEQ(wolfSSL_set_min_proto_version(ssl, 0), SSL_SUCCESS); ExpectIntEQ(wolfSSL_set_max_proto_version(NULL, 0), SSL_FAILURE); ExpectIntEQ(wolfSSL_set_max_proto_version(ssl, 0), SSL_SUCCESS); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); ctx = NULL; #endif #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(NULL, 0), SSL_FAILURE); ExpectIntEQ(wolfSSL_CTX_set_max_proto_version(NULL, 0), SSL_FAILURE); ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, 0), SSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_set_max_proto_version(ctx, 0), SSL_SUCCESS); wolfSSL_CTX_free(ctx); #endif #endif return EXPECT_RESULT(); } #if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_TLS12) && \ defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) static int test_wolfSSL_CTX_set_max_proto_version_on_result(WOLFSSL* ssl) { EXPECT_DECLS; ExpectStrEQ(wolfSSL_get_version(ssl), "TLSv1.2"); return EXPECT_RESULT(); } static int test_wolfSSL_CTX_set_max_proto_version_ctx_ready(WOLFSSL_CTX* ctx) { EXPECT_DECLS; /* Set TLS 1.2 */ ExpectIntEQ(wolfSSL_CTX_set_max_proto_version(ctx, TLS1_2_VERSION), WOLFSSL_SUCCESS); return EXPECT_RESULT(); } /* Test using wolfSSL_CTX_set_max_proto_version to limit the version below * what was set at ctx creation. */ static int test_wolfSSL_CTX_set_max_proto_version(void) { EXPECT_DECLS; test_ssl_cbf client_cbs; test_ssl_cbf server_cbs; XMEMSET(&client_cbs, 0, sizeof(client_cbs)); XMEMSET(&server_cbs, 0, sizeof(server_cbs)); client_cbs.method = wolfTLS_client_method; server_cbs.method = wolfTLS_server_method; server_cbs.ctx_ready = test_wolfSSL_CTX_set_max_proto_version_ctx_ready; client_cbs.on_result = test_wolfSSL_CTX_set_max_proto_version_on_result; server_cbs.on_result = test_wolfSSL_CTX_set_max_proto_version_on_result; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbs, &server_cbs, NULL), TEST_SUCCESS); return EXPECT_RESULT(); } #else static int test_wolfSSL_CTX_set_max_proto_version(void) { return TEST_SKIPPED; } #endif /*----------------------------------------------------------------------------* | SSL *----------------------------------------------------------------------------*/ static int test_server_wolfSSL_new(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \ !defined(NO_WOLFSSL_SERVER) WOLFSSL_CTX *ctx = NULL; WOLFSSL_CTX *ctx_nocert = NULL; WOLFSSL *ssl = NULL; ExpectNotNull(ctx_nocert = wolfSSL_CTX_new(wolfSSLv23_server_method())); ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM)); /* invalid context */ ExpectNull(ssl = wolfSSL_new(NULL)); #if !defined(WOLFSSL_SESSION_EXPORT) && !defined(WOLFSSL_QT) && \ !defined(OPENSSL_EXTRA) && !defined(WOLFSSL_NO_INIT_CTX_KEY) ExpectNull(ssl = wolfSSL_new(ctx_nocert)); #endif /* success */ ExpectNotNull(ssl = wolfSSL_new(ctx)); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); wolfSSL_CTX_free(ctx_nocert); #endif return EXPECT_RESULT(); } static int test_client_wolfSSL_new(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \ !defined(NO_WOLFSSL_CLIENT) WOLFSSL_CTX *ctx = NULL; WOLFSSL_CTX *ctx_nocert = NULL; WOLFSSL *ssl = NULL; ExpectNotNull(ctx_nocert = wolfSSL_CTX_new(wolfSSLv23_client_method())); ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); ExpectTrue(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0)); /* invalid context */ ExpectNull(ssl = wolfSSL_new(NULL)); /* success */ ExpectNotNull(ssl = wolfSSL_new(ctx_nocert)); wolfSSL_free(ssl); ssl = NULL; /* success */ ExpectNotNull(ssl = wolfSSL_new(ctx)); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); wolfSSL_CTX_free(ctx_nocert); #endif return EXPECT_RESULT(); } static int test_wolfSSL_SetTmpDH_file(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_DH) && \ !defined(NO_WOLFSSL_SERVER) WOLFSSL_CTX *ctx = NULL; WOLFSSL *ssl = NULL; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); #ifndef NO_RSA ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM)); #elif defined(HAVE_ECC) ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, eccCertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, eccKeyFile, WOLFSSL_FILETYPE_PEM)); #elif defined(HAVE_ED25519) ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, edCertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, edKeyFile, WOLFSSL_FILETYPE_PEM)); #elif defined(HAVE_ED448) ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, ed448CertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, ed448KeyFile, WOLFSSL_FILETYPE_PEM)); #endif ExpectNotNull(ssl = wolfSSL_new(ctx)); /* invalid ssl */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_file(NULL, dhParamFile, WOLFSSL_FILETYPE_PEM)); /* invalid dhParamFile file */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_file(ssl, NULL, WOLFSSL_FILETYPE_PEM)); ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_file(ssl, bogusFile, WOLFSSL_FILETYPE_PEM)); /* success */ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_file(ssl, dhParamFile, WOLFSSL_FILETYPE_PEM)); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfSSL_SetTmpDH_buffer(void) { EXPECT_DECLS; #if !defined(NO_CERTS) && !defined(NO_DH) && !defined(NO_WOLFSSL_SERVER) WOLFSSL_CTX *ctx = NULL; WOLFSSL *ssl = NULL; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); ExpectTrue(wolfSSL_CTX_use_certificate_buffer(ctx, server_cert_der_2048, sizeof_server_cert_der_2048, WOLFSSL_FILETYPE_ASN1)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_buffer(ctx, server_key_der_2048, sizeof_server_key_der_2048, WOLFSSL_FILETYPE_ASN1)); ExpectNotNull(ssl = wolfSSL_new(ctx)); /* invalid ssl */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_buffer(NULL, dh_key_der_2048, sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1)); /* invalid dhParamFile file */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_buffer(NULL, NULL, 0, WOLFSSL_FILETYPE_ASN1)); ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_buffer(ssl, dsa_key_der_2048, sizeof_dsa_key_der_2048, WOLFSSL_FILETYPE_ASN1)); /* success */ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_buffer(ssl, dh_key_der_2048, sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1)); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfSSL_SetMinMaxDhKey_Sz(void) { EXPECT_DECLS; #if !defined(NO_CERTS) && !defined(NO_DH) && !defined(NO_WOLFSSL_SERVER) WOLFSSL_CTX *ctx = NULL; WOLFSSL_CTX *ctx2 = NULL; WOLFSSL *ssl = NULL; WOLFSSL *ssl2 = NULL; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); ExpectTrue(wolfSSL_CTX_use_certificate_buffer(ctx, server_cert_der_2048, sizeof_server_cert_der_2048, WOLFSSL_FILETYPE_ASN1)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_buffer(ctx, server_key_der_2048, sizeof_server_key_der_2048, WOLFSSL_FILETYPE_ASN1)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetMinDhKey_Sz(ctx, 3072)); ExpectNotNull(ssl = wolfSSL_new(ctx)); ExpectNotNull(ctx2 = wolfSSL_CTX_new(wolfSSLv23_server_method())); ExpectTrue(wolfSSL_CTX_use_certificate_buffer(ctx2, server_cert_der_2048, sizeof_server_cert_der_2048, WOLFSSL_FILETYPE_ASN1)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_buffer(ctx2, server_key_der_2048, sizeof_server_key_der_2048, WOLFSSL_FILETYPE_ASN1)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetMaxDhKey_Sz(ctx, 1024)); ExpectNotNull(ssl2 = wolfSSL_new(ctx2)); ExpectIntEQ(DH_KEY_SIZE_E, wolfSSL_SetTmpDH_buffer(ssl, dh_key_der_2048, sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetMinDhKey_Sz(ssl, 2048)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_buffer(ssl, dh_key_der_2048, sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetMinDhKey_Sz(ssl, 3072)); ExpectIntEQ(DH_KEY_SIZE_E, wolfSSL_SetTmpDH_buffer(ssl, dh_key_der_2048, sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_buffer(ssl2, dh_key_der_2048, sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetMaxDhKey_Sz(ssl2, 2048)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_buffer(ssl2, dh_key_der_2048, sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetMaxDhKey_Sz(ssl2, 1024)); ExpectIntEQ(DH_KEY_SIZE_E, wolfSSL_SetTmpDH_buffer(ssl, dh_key_der_2048, sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1)); wolfSSL_free(ssl2); wolfSSL_CTX_free(ctx2); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } /* Test function for wolfSSL_SetMinVersion. Sets the minimum downgrade version * allowed. * POST: return 1 on success. */ static int test_wolfSSL_SetMinVersion(void) { int res = TEST_SKIPPED; #ifndef NO_WOLFSSL_CLIENT int failFlag = WOLFSSL_SUCCESS; WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; int itr; #ifndef NO_OLD_TLS const int versions[] = { #ifdef WOLFSSL_ALLOW_TLSV10 WOLFSSL_TLSV1, #endif WOLFSSL_TLSV1_1, WOLFSSL_TLSV1_2}; #elif !defined(WOLFSSL_NO_TLS12) const int versions[] = { WOLFSSL_TLSV1_2 }; #else const int versions[] = { WOLFSSL_TLSV1_3 }; #endif ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()); ssl = wolfSSL_new(ctx); for (itr = 0; itr < (int)(sizeof(versions)/sizeof(int)); itr++) { if (wolfSSL_SetMinVersion(ssl, *(versions + itr)) != WOLFSSL_SUCCESS) { failFlag = WOLFSSL_FAILURE; } } wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); res = TEST_RES_CHECK(failFlag == WOLFSSL_SUCCESS); #endif return res; } /* END test_wolfSSL_SetMinVersion */ #ifdef OPENSSL_EXTRA static int test_ED25519(void) { EXPECT_DECLS; #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT) && \ defined(WOLFSSL_KEY_GEN) byte priv[ED25519_PRV_KEY_SIZE]; unsigned int privSz = (unsigned int)sizeof(priv); byte pub[ED25519_PUB_KEY_SIZE]; unsigned int pubSz = (unsigned int)sizeof(pub); #if defined(HAVE_ED25519_SIGN) && defined(HAVE_ED25519_KEY_IMPORT) const char* msg = TEST_STRING; unsigned int msglen = (unsigned int)TEST_STRING_SZ; byte sig[ED25519_SIG_SIZE]; unsigned int sigSz = (unsigned int)sizeof(sig); #endif /* HAVE_ED25519_SIGN && HAVE_ED25519_KEY_IMPORT */ ExpectIntEQ(wolfSSL_ED25519_generate_key(priv, &privSz, pub, &pubSz), WOLFSSL_SUCCESS); ExpectIntEQ(privSz, ED25519_PRV_KEY_SIZE); ExpectIntEQ(pubSz, ED25519_PUB_KEY_SIZE); #if defined(HAVE_ED25519_SIGN) && defined(HAVE_ED25519_KEY_IMPORT) ExpectIntEQ(wolfSSL_ED25519_sign((byte*)msg, msglen, priv, privSz, sig, &sigSz), WOLFSSL_SUCCESS); ExpectIntEQ(sigSz, ED25519_SIG_SIZE); #ifdef HAVE_ED25519_VERIFY ExpectIntEQ(wolfSSL_ED25519_verify((byte*)msg, msglen, pub, pubSz, sig, sigSz), WOLFSSL_SUCCESS); #endif /* HAVE_ED25519_VERIFY */ #endif /* HAVE_ED25519_SIGN && HAVE_ED25519_KEY_IMPORT */ #endif /* HAVE_ED25519 && HAVE_ED25519_KEY_EXPORT && WOLFSSL_KEY_GEN */ return EXPECT_RESULT(); } static int test_ED448(void) { EXPECT_DECLS; #if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) && \ defined(WOLFSSL_KEY_GEN) byte priv[ED448_PRV_KEY_SIZE]; unsigned int privSz = (unsigned int)sizeof(priv); byte pub[ED448_PUB_KEY_SIZE]; unsigned int pubSz = (unsigned int)sizeof(pub); #if defined(HAVE_ED448_SIGN) && defined(HAVE_ED448_KEY_IMPORT) const char* msg = TEST_STRING; unsigned int msglen = (unsigned int)TEST_STRING_SZ; byte sig[ED448_SIG_SIZE]; unsigned int sigSz = (unsigned int)sizeof(sig); #endif /* HAVE_ED448_SIGN && HAVE_ED448_KEY_IMPORT */ ExpectIntEQ(wolfSSL_ED448_generate_key(priv, &privSz, pub, &pubSz), WOLFSSL_SUCCESS); ExpectIntEQ(privSz, ED448_PRV_KEY_SIZE); ExpectIntEQ(pubSz, ED448_PUB_KEY_SIZE); #if defined(HAVE_ED448_SIGN) && defined(HAVE_ED448_KEY_IMPORT) ExpectIntEQ(wolfSSL_ED448_sign((byte*)msg, msglen, priv, privSz, sig, &sigSz), WOLFSSL_SUCCESS); ExpectIntEQ(sigSz, ED448_SIG_SIZE); #ifdef HAVE_ED448_VERIFY ExpectIntEQ(wolfSSL_ED448_verify((byte*)msg, msglen, pub, pubSz, sig, sigSz), WOLFSSL_SUCCESS); #endif /* HAVE_ED448_VERIFY */ #endif /* HAVE_ED448_SIGN && HAVE_ED448_KEY_IMPORT */ #endif /* HAVE_ED448 && HAVE_ED448_KEY_EXPORT && WOLFSSL_KEY_GEN */ return EXPECT_RESULT(); } #endif /* OPENSSL_EXTRA */ #include /*----------------------------------------------------------------------------* | EVP *----------------------------------------------------------------------------*/ static int test_wolfSSL_EVP_PKEY_print_public(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_BIO) WOLFSSL_BIO* rbio = NULL; WOLFSSL_BIO* wbio = NULL; WOLFSSL_EVP_PKEY* pkey = NULL; char line[256] = { 0 }; char line1[256] = { 0 }; int i = 0; /* test error cases */ ExpectIntEQ( EVP_PKEY_print_public(NULL,NULL,0,NULL),0L); /* * test RSA public key print * in this test, pass '3' for indent */ #if !defined(NO_RSA) && defined(USE_CERT_BUFFERS_1024) ExpectNotNull(rbio = BIO_new_mem_buf( client_keypub_der_1024, sizeof_client_keypub_der_1024)); ExpectNotNull(wolfSSL_d2i_PUBKEY_bio(rbio, &pkey)); ExpectNotNull(wbio = BIO_new(BIO_s_mem())); ExpectIntEQ(EVP_PKEY_print_public(wbio, pkey,3,NULL),1); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, " RSA Public-Key: (1024 bit)\n"); ExpectIntEQ(XSTRNCMP(line, line1, XSTRLEN(line1)), 0); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, " Modulus:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, " 00:bc:73:0e:a8:49:f3:74:a2:a9:ef:18:a5:da:55:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); /* skip to the end of modulus element*/ for (i = 0; i < 8 ;i++) { ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); } ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, " Exponent: 65537 (0x010001)\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); /* should reach EOF */ ExpectIntLE(BIO_gets(wbio, line, sizeof(line)), 0); EVP_PKEY_free(pkey); pkey = NULL; BIO_free(rbio); BIO_free(wbio); rbio = NULL; wbio = NULL; #endif /* !NO_RSA && USE_CERT_BUFFERS_1024*/ /* * test DSA public key print */ #if !defined(NO_DSA) && defined(USE_CERT_BUFFERS_2048) ExpectNotNull(rbio = BIO_new_mem_buf( dsa_pub_key_der_2048, sizeof_dsa_pub_key_der_2048)); ExpectNotNull(wolfSSL_d2i_PUBKEY_bio(rbio, &pkey)); ExpectNotNull(wbio = BIO_new(BIO_s_mem())); ExpectIntEQ(EVP_PKEY_print_public(wbio, pkey,0,NULL),1); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, "DSA Public-Key: (2048 bit)\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, "pub:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, " 00:C2:35:2D:EC:83:83:6C:73:13:9E:52:7C:74:C8:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); /* skip to the end of pub element*/ for (i = 0; i < 17 ;i++) { ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); } ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, "P:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); /* skip to the end of P element*/ for (i = 0; i < 18 ;i++) { ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); } ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, "Q:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); /* skip to the end of Q element*/ for (i = 0; i < 3 ;i++) { ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); } ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, "G:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); /* skip to the end of G element*/ for (i = 0; i < 18 ;i++) { ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); } /* should reach EOF */ ExpectIntLE(BIO_gets(wbio, line, sizeof(line)), 0); EVP_PKEY_free(pkey); pkey = NULL; BIO_free(rbio); BIO_free(wbio); rbio = NULL; wbio = NULL; #endif /* !NO_DSA && USE_CERT_BUFFERS_2048 */ /* * test ECC public key print */ #if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256) ExpectNotNull(rbio = BIO_new_mem_buf( ecc_clikeypub_der_256, sizeof_ecc_clikeypub_der_256)); ExpectNotNull(wolfSSL_d2i_PUBKEY_bio(rbio, &pkey)); ExpectNotNull(wbio = BIO_new(BIO_s_mem())); ExpectIntEQ(EVP_PKEY_print_public(wbio, pkey,0,NULL),1); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, "Public-Key: (256 bit)\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, "pub:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, " 04:55:BF:F4:0F:44:50:9A:3D:CE:9B:B7:F0:C5:4D:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); /* skip to the end of pub element*/ for (i = 0; i < 4 ;i++) { ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); } ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, "ASN1 OID: prime256v1\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, "NIST CURVE: P-256\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); /* should reach EOF */ ExpectIntLE(BIO_gets(wbio, line, sizeof(line)), 0); EVP_PKEY_free(pkey); pkey = NULL; BIO_free(rbio); BIO_free(wbio); rbio = NULL; wbio = NULL; #endif /* HAVE_ECC && USE_CERT_BUFFERS_256 */ /* * test DH public key print */ #if defined(WOLFSSL_DH_EXTRA) && defined(USE_CERT_BUFFERS_2048) ExpectNotNull(rbio = BIO_new_mem_buf( dh_pub_key_der_2048, sizeof_dh_pub_key_der_2048)); ExpectNotNull(wolfSSL_d2i_PUBKEY_bio(rbio, &pkey)); ExpectNotNull(wbio = BIO_new(BIO_s_mem())); ExpectIntEQ(EVP_PKEY_print_public(wbio, pkey,0,NULL), 1); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, "DH Public-Key: (2048 bit)\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, "public-key:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, " 34:41:BF:E9:F2:11:BF:05:DB:B2:72:A8:29:CC:BD:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); /* skip to the end of public-key element*/ for (i = 0; i < 17 ;i++) { ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); } ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, "prime:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, " 00:D3:B2:99:84:5C:0A:4C:E7:37:CC:FC:18:37:01:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); /* skip to the end of prime element*/ for (i = 0; i < 17 ;i++) { ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); } ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, "generator: 2 (0x02)\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); /* should reach EOF */ ExpectIntLE(BIO_gets(wbio, line, sizeof(line)), 0); EVP_PKEY_free(pkey); pkey = NULL; BIO_free(rbio); BIO_free(wbio); rbio = NULL; wbio = NULL; #endif /* WOLFSSL_DH_EXTRA && USE_CERT_BUFFERS_2048 */ /* to prevent "unused variable" warning */ (void)pkey; (void)wbio; (void)rbio; (void)line; (void)line1; (void)i; #endif /* OPENSSL_EXTRA */ return EXPECT_RESULT(); } /* Test functions for base64 encode/decode */ static int test_wolfSSL_EVP_ENCODE_CTX_new(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && \ ( defined(WOLFSSL_BASE64_ENCODE) || defined(WOLFSSL_BASE64_DECODE)) EVP_ENCODE_CTX* ctx = NULL; ExpectNotNull(ctx = EVP_ENCODE_CTX_new()); ExpectIntEQ(ctx->remaining,0); ExpectIntEQ(ctx->data[0],0); ExpectIntEQ(ctx->data[sizeof(ctx->data) -1],0); EVP_ENCODE_CTX_free(ctx); #endif /* OPENSSL_EXTRA && (WOLFSSL_BASE64_ENCODE || WOLFSSL_BASE64_DECODE) */ return EXPECT_RESULT(); } static int test_wolfSSL_EVP_ENCODE_CTX_free(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && \ ( defined(WOLFSSL_BASE64_ENCODE) || defined(WOLFSSL_BASE64_DECODE)) EVP_ENCODE_CTX* ctx = NULL; ExpectNotNull(ctx = EVP_ENCODE_CTX_new()); EVP_ENCODE_CTX_free(ctx); #endif /* OPENSSL_EXTRA && (WOLFSSL_BASE64_ENCODE || WOLFSSL_BASE64_DECODE) */ return EXPECT_RESULT(); } static int test_wolfSSL_EVP_EncodeInit(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_ENCODE) EVP_ENCODE_CTX* ctx = NULL; ExpectNotNull(ctx = EVP_ENCODE_CTX_new()); ExpectIntEQ(ctx->remaining, 0); ExpectIntEQ(ctx->data[0], 0); ExpectIntEQ(ctx->data[sizeof(ctx->data) -1], 0); if (ctx != NULL) { /* make ctx dirty */ ctx->remaining = 10; XMEMSET(ctx->data, 0x77, sizeof(ctx->data)); } EVP_EncodeInit(ctx); ExpectIntEQ(ctx->remaining, 0); ExpectIntEQ(ctx->data[0], 0); ExpectIntEQ(ctx->data[sizeof(ctx->data) -1], 0); EVP_ENCODE_CTX_free(ctx); #endif /* OPENSSL_EXTRA && WOLFSSL_BASE64_ENCODE*/ return EXPECT_RESULT(); } static int test_wolfSSL_EVP_EncodeUpdate(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_ENCODE) int outl; int total; const unsigned char plain0[] = {"Th"}; const unsigned char plain1[] = {"This is a base64 encodeing test."}; const unsigned char plain2[] = {"This is additional data."}; const unsigned char encBlock0[] = {"VGg="}; const unsigned char enc0[] = {"VGg=\n"}; /* expected encoded result for the first output 64 chars plus trailing LF*/ const unsigned char enc1[] = {"VGhpcyBpcyBhIGJhc2U2NCBlbmNvZGVpbmcgdGVzdC5UaGlzIGlzIGFkZGl0aW9u\n"}; const unsigned char enc2[] = {"VGhpcyBpcyBhIGJhc2U2NCBlbmNvZGVpbmcgdGVzdC5UaGlzIGlzIGFkZGl0aW9u\nYWwgZGF0YS4=\n"}; unsigned char encOutBuff[300]; EVP_ENCODE_CTX* ctx = NULL; ExpectNotNull(ctx = EVP_ENCODE_CTX_new()); EVP_EncodeInit(ctx); /* illegal parameter test */ ExpectIntEQ( EVP_EncodeUpdate( NULL, /* pass NULL as ctx */ encOutBuff, &outl, plain1, sizeof(plain1)-1), 0 /* expected result code 0: fail */ ); ExpectIntEQ( EVP_EncodeUpdate( ctx, NULL, /* pass NULL as out buff */ &outl, plain1, sizeof(plain1)-1), 0 /* expected result code 0: fail */ ); ExpectIntEQ( EVP_EncodeUpdate( ctx, encOutBuff, NULL, /* pass NULL as outl */ plain1, sizeof(plain1)-1), 0 /* expected result code 0: fail */ ); ExpectIntEQ( EVP_EncodeUpdate( ctx, encOutBuff, &outl, NULL, /* pass NULL as in */ sizeof(plain1)-1), 0 /* expected result code 0: fail */ ); ExpectIntEQ(EVP_EncodeBlock(NULL, NULL, 0), -1); /* meaningless parameter test */ ExpectIntEQ( EVP_EncodeUpdate( ctx, encOutBuff, &outl, plain1, 0), /* pass zero input */ 1 /* expected result code 1: success */ ); /* very small data encoding test */ EVP_EncodeInit(ctx); ExpectIntEQ( EVP_EncodeUpdate( ctx, encOutBuff, &outl, plain0, sizeof(plain0)-1), 1 /* expected result code 1: success */ ); ExpectIntEQ(outl,0); if (EXPECT_SUCCESS()) { EVP_EncodeFinal( ctx, encOutBuff + outl, &outl); } ExpectIntEQ( outl, sizeof(enc0)-1); ExpectIntEQ( XSTRNCMP( (const char*)encOutBuff, (const char*)enc0,sizeof(enc0) ), 0); XMEMSET( encOutBuff,0, sizeof(encOutBuff)); ExpectIntEQ(EVP_EncodeBlock(encOutBuff, plain0, sizeof(plain0)-1), sizeof(encBlock0)-1); ExpectStrEQ(encOutBuff, encBlock0); /* pass small size( < 48bytes ) input, then make sure they are not * encoded and just stored in ctx */ EVP_EncodeInit(ctx); total = 0; outl = 0; XMEMSET( encOutBuff,0, sizeof(encOutBuff)); ExpectIntEQ( EVP_EncodeUpdate( ctx, encOutBuff, /* buffer for output */ &outl, /* size of output */ plain1, /* input */ sizeof(plain1)-1), /* size of input */ 1); /* expected result code 1:success */ total += outl; ExpectIntEQ(outl, 0); /* no output expected */ ExpectIntEQ(ctx->remaining, sizeof(plain1) -1); ExpectTrue( XSTRNCMP((const char*)(ctx->data), (const char*)plain1, ctx->remaining) ==0 ); ExpectTrue(encOutBuff[0] == 0); /* call wolfSSL_EVP_EncodeUpdate again to make it encode * the stored data and the new input together */ ExpectIntEQ( EVP_EncodeUpdate( ctx, encOutBuff + outl, /* buffer for output */ &outl, /* size of output */ plain2, /* additional input */ sizeof(plain2) -1), /* size of additional input */ 1); /* expected result code 1:success */ total += outl; ExpectIntNE(outl, 0); /* some output is expected this time*/ ExpectIntEQ(outl, BASE64_ENCODE_RESULT_BLOCK_SIZE +1); /* 64 bytes and LF */ ExpectIntEQ( XSTRNCMP((const char*)encOutBuff,(const char*)enc1,sizeof(enc1) ),0); /* call wolfSSL_EVP_EncodeFinal to flush all the unprocessed input */ EVP_EncodeFinal( ctx, encOutBuff + outl, &outl); total += outl; ExpectIntNE(total,0); ExpectIntNE(outl,0); ExpectIntEQ(XSTRNCMP( (const char*)encOutBuff,(const char*)enc2,sizeof(enc2) ),0); /* test with illeagal parameters */ outl = 1; EVP_EncodeFinal(NULL, encOutBuff + outl, &outl); ExpectIntEQ(outl, 0); outl = 1; EVP_EncodeFinal(ctx, NULL, &outl); ExpectIntEQ(outl, 0); EVP_EncodeFinal(ctx, encOutBuff + outl, NULL); EVP_EncodeFinal(NULL, NULL, NULL); EVP_ENCODE_CTX_free(ctx); #endif /* OPENSSL_EXTRA && WOLFSSL_BASE64_ENCODE*/ return EXPECT_RESULT(); } static int test_wolfSSL_EVP_EncodeFinal(void) { int res = TEST_SKIPPED; #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_ENCODE) /* tests for wolfSSL_EVP_EncodeFinal are included in * test_wolfSSL_EVP_EncodeUpdate */ res = TEST_SUCCESS; #endif /* OPENSSL_EXTRA && WOLFSSL_BASE64_ENCODE*/ return res; } static int test_wolfSSL_EVP_DecodeInit(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_DECODE) EVP_ENCODE_CTX* ctx = NULL; ExpectNotNull( ctx = EVP_ENCODE_CTX_new()); ExpectIntEQ( ctx->remaining,0); ExpectIntEQ( ctx->data[0],0); ExpectIntEQ( ctx->data[sizeof(ctx->data) -1],0); if (ctx != NULL) { /* make ctx dirty */ ctx->remaining = 10; XMEMSET( ctx->data, 0x77, sizeof(ctx->data)); } EVP_DecodeInit(ctx); ExpectIntEQ( ctx->remaining,0); ExpectIntEQ( ctx->data[0],0); ExpectIntEQ( ctx->data[sizeof(ctx->data) -1],0); EVP_ENCODE_CTX_free(ctx); #endif /* OPENSSL && WOLFSSL_BASE_DECODE */ return EXPECT_RESULT(); } static int test_wolfSSL_EVP_DecodeUpdate(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_DECODE) int outl; unsigned char decOutBuff[300]; EVP_ENCODE_CTX* ctx = NULL; static const unsigned char enc1[] = {"VGhpcyBpcyBhIGJhc2U2NCBkZWNvZGluZyB0ZXN0Lg==\n"}; /* const unsigned char plain1[] = {"This is a base64 decoding test."} */ ExpectNotNull(ctx = EVP_ENCODE_CTX_new()); EVP_DecodeInit(ctx); /* illegal parameter tests */ /* pass NULL as ctx */ ExpectIntEQ( EVP_DecodeUpdate( NULL, /* pass NULL as ctx */ decOutBuff, &outl, enc1, sizeof(enc1)-1), -1 /* expected result code -1: fail */ ); ExpectIntEQ( outl, 0); /* pass NULL as output */ ExpectIntEQ( EVP_DecodeUpdate( ctx, NULL, /* pass NULL as out buff */ &outl, enc1, sizeof(enc1)-1), -1 /* expected result code -1: fail */ ); ExpectIntEQ( outl, 0); /* pass NULL as outl */ ExpectIntEQ( EVP_DecodeUpdate( ctx, decOutBuff, NULL, /* pass NULL as outl */ enc1, sizeof(enc1)-1), -1 /* expected result code -1: fail */ ); /* pass NULL as input */ ExpectIntEQ( EVP_DecodeUpdate( ctx, decOutBuff, &outl, NULL, /* pass NULL as in */ sizeof(enc1)-1), -1 /* expected result code -1: fail */ ); ExpectIntEQ( outl, 0); ExpectIntEQ(EVP_DecodeBlock(NULL, NULL, 0), -1); /* pass zero length input */ ExpectIntEQ( EVP_DecodeUpdate( ctx, decOutBuff, &outl, enc1, 0), /* pass zero as input len */ 1 /* expected result code 1: success */ ); /* decode correct base64 string */ { static const unsigned char enc2[] = {"VGhpcyBpcyBhIGJhc2U2NCBkZWNvZGluZyB0ZXN0Lg==\n"}; static const unsigned char plain2[] = {"This is a base64 decoding test."}; EVP_EncodeInit(ctx); ExpectIntEQ( EVP_DecodeUpdate( ctx, decOutBuff, &outl, enc2, sizeof(enc2)-1), 0 /* expected result code 0: success */ ); ExpectIntEQ(outl,sizeof(plain2) -1); ExpectIntEQ( EVP_DecodeFinal( ctx, decOutBuff + outl, &outl), 1 /* expected result code 1: success */ ); ExpectIntEQ(outl, 0); /* expected DecodeFinal output no data */ ExpectIntEQ(XSTRNCMP( (const char*)plain2,(const char*)decOutBuff, sizeof(plain2) -1 ),0); ExpectIntEQ(EVP_DecodeBlock(decOutBuff, enc2, sizeof(enc2)), sizeof(plain2)-1); ExpectIntEQ(XSTRNCMP( (const char*)plain2,(const char*)decOutBuff, sizeof(plain2) -1 ),0); } /* decode correct base64 string which does not have '\n' in its last*/ { static const unsigned char enc3[] = {"VGhpcyBpcyBhIGJhc2U2NCBkZWNvZGluZyB0ZXN0Lg=="}; /* 44 chars */ static const unsigned char plain3[] = {"This is a base64 decoding test."}; /* 31 chars */ EVP_EncodeInit(ctx); ExpectIntEQ( EVP_DecodeUpdate( ctx, decOutBuff, &outl, enc3, sizeof(enc3)-1), 0 /* expected result code 0: success */ ); ExpectIntEQ(outl,sizeof(plain3)-1); /* 31 chars should be output */ ExpectIntEQ(XSTRNCMP( (const char*)plain3,(const char*)decOutBuff, sizeof(plain3) -1 ),0); ExpectIntEQ( EVP_DecodeFinal( ctx, decOutBuff + outl, &outl), 1 /* expected result code 1: success */ ); ExpectIntEQ(outl,0 ); ExpectIntEQ(EVP_DecodeBlock(decOutBuff, enc3, sizeof(enc3)-1), sizeof(plain3)-1); ExpectIntEQ(XSTRNCMP( (const char*)plain3,(const char*)decOutBuff, sizeof(plain3) -1 ),0); } /* decode string which has a padding char ('=') in the illegal position*/ { static const unsigned char enc4[] = {"VGhpcyBpcyBhIGJhc2U2N=CBkZWNvZGluZyB0ZXN0Lg==\n"}; EVP_EncodeInit(ctx); ExpectIntEQ( EVP_DecodeUpdate( ctx, decOutBuff, &outl, enc4, sizeof(enc4)-1), -1 /* expected result code -1: error */ ); ExpectIntEQ(outl,0); ExpectIntEQ(EVP_DecodeBlock(decOutBuff, enc4, sizeof(enc4)-1), -1); } /* small data decode test */ { static const unsigned char enc00[] = {"VG"}; static const unsigned char enc01[] = {"g=\n"}; static const unsigned char plain4[] = {"Th"}; EVP_EncodeInit(ctx); ExpectIntEQ( EVP_DecodeUpdate( ctx, decOutBuff, &outl, enc00, sizeof(enc00)-1), 1 /* expected result code 1: success */ ); ExpectIntEQ(outl,0); ExpectIntEQ( EVP_DecodeUpdate( ctx, decOutBuff + outl, &outl, enc01, sizeof(enc01)-1), 0 /* expected result code 0: success */ ); ExpectIntEQ(outl,sizeof(plain4)-1); /* test with illegal parameters */ ExpectIntEQ(EVP_DecodeFinal(NULL,decOutBuff + outl,&outl), -1); ExpectIntEQ(EVP_DecodeFinal(ctx,NULL,&outl), -1); ExpectIntEQ(EVP_DecodeFinal(ctx,decOutBuff + outl, NULL), -1); ExpectIntEQ(EVP_DecodeFinal(NULL,NULL, NULL), -1); if (EXPECT_SUCCESS()) { EVP_DecodeFinal( ctx, decOutBuff + outl, &outl); } ExpectIntEQ( outl, 0); ExpectIntEQ( XSTRNCMP( (const char*)decOutBuff, (const char*)plain4,sizeof(plain4)-1 ), 0); } EVP_ENCODE_CTX_free(ctx); #endif /* OPENSSL && WOLFSSL_BASE_DECODE */ return EXPECT_RESULT(); } static int test_wolfSSL_EVP_DecodeFinal(void) { int res = TEST_SKIPPED; #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_DECODE) /* tests for wolfSSL_EVP_DecodeFinal are included in * test_wolfSSL_EVP_DecodeUpdate */ res = TEST_SUCCESS; #endif /* OPENSSL && WOLFSSL_BASE_DECODE */ return res; } /* Test function for wolfSSL_EVP_get_cipherbynid. */ #ifdef OPENSSL_EXTRA static int test_wolfSSL_EVP_get_cipherbynid(void) { EXPECT_DECLS; #ifndef NO_AES const WOLFSSL_EVP_CIPHER* c; c = wolfSSL_EVP_get_cipherbynid(419); #if (defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)) && \ defined(WOLFSSL_AES_128) ExpectNotNull(c); ExpectNotNull(XSTRCMP("EVP_AES_128_CBC", c)); #else ExpectNull(c); #endif c = wolfSSL_EVP_get_cipherbynid(423); #if (defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)) && \ defined(WOLFSSL_AES_192) ExpectNotNull(c); ExpectNotNull(XSTRCMP("EVP_AES_192_CBC", c)); #else ExpectNull(c); #endif c = wolfSSL_EVP_get_cipherbynid(427); #if (defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)) && \ defined(WOLFSSL_AES_256) ExpectNotNull(c); ExpectNotNull(XSTRCMP("EVP_AES_256_CBC", c)); #else ExpectNull(c); #endif c = wolfSSL_EVP_get_cipherbynid(904); #if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_128) ExpectNotNull(c); ExpectNotNull(XSTRCMP("EVP_AES_128_CTR", c)); #else ExpectNull(c); #endif c = wolfSSL_EVP_get_cipherbynid(905); #if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_192) ExpectNotNull(c); ExpectNotNull(XSTRCMP("EVP_AES_192_CTR", c)); #else ExpectNull(c); #endif c = wolfSSL_EVP_get_cipherbynid(906); #if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_256) ExpectNotNull(c); ExpectNotNull(XSTRCMP("EVP_AES_256_CTR", c)); #else ExpectNull(c); #endif c = wolfSSL_EVP_get_cipherbynid(418); #if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_128) ExpectNotNull(c); ExpectNotNull(XSTRCMP("EVP_AES_128_ECB", c)); #else ExpectNull(c); #endif c = wolfSSL_EVP_get_cipherbynid(422); #if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_192) ExpectNotNull(c); ExpectNotNull(XSTRCMP("EVP_AES_192_ECB", c)); #else ExpectNull(c); #endif c = wolfSSL_EVP_get_cipherbynid(426); #if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_256) ExpectNotNull(c); ExpectNotNull(XSTRCMP("EVP_AES_256_ECB", c)); #else ExpectNull(c); #endif #endif /* !NO_AES */ #ifndef NO_DES3 ExpectNotNull(XSTRCMP("EVP_DES_CBC", wolfSSL_EVP_get_cipherbynid(31))); #ifdef WOLFSSL_DES_ECB ExpectNotNull(XSTRCMP("EVP_DES_ECB", wolfSSL_EVP_get_cipherbynid(29))); #endif ExpectNotNull(XSTRCMP("EVP_DES_EDE3_CBC", wolfSSL_EVP_get_cipherbynid(44))); #ifdef WOLFSSL_DES_ECB ExpectNotNull(XSTRCMP("EVP_DES_EDE3_ECB", wolfSSL_EVP_get_cipherbynid(33))); #endif #endif /* !NO_DES3 */ #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) ExpectNotNull(XSTRCMP("EVP_CHACHA20_POLY13O5", EVP_get_cipherbynid(1018))); #endif /* test for nid is out of range */ ExpectNull(wolfSSL_EVP_get_cipherbynid(1)); return EXPECT_RESULT(); } static int test_wolfSSL_EVP_CIPHER_CTX(void) { EXPECT_DECLS; #if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128) EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new(); const EVP_CIPHER *init = EVP_aes_128_cbc(); const EVP_CIPHER *test; byte key[AES_BLOCK_SIZE] = {0}; byte iv[AES_BLOCK_SIZE] = {0}; ExpectNotNull(ctx); wolfSSL_EVP_CIPHER_CTX_init(ctx); ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS); test = EVP_CIPHER_CTX_cipher(ctx); ExpectTrue(init == test); ExpectIntEQ(EVP_CIPHER_nid(test), NID_aes_128_cbc); ExpectIntEQ(EVP_CIPHER_CTX_reset(ctx), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_CIPHER_CTX_reset(NULL), WOLFSSL_FAILURE); EVP_CIPHER_CTX_free(ctx); /* test EVP_CIPHER_CTX_cleanup with NULL */ ExpectIntEQ(EVP_CIPHER_CTX_cleanup(NULL), WOLFSSL_SUCCESS); #endif /* !NO_AES && HAVE_AES_CBC && WOLFSSL_AES_128 */ return EXPECT_RESULT(); } #endif /* OPENSSL_EXTRA */ /*----------------------------------------------------------------------------* | IO *----------------------------------------------------------------------------*/ #if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) || \ defined(HAVE_IO_TESTS_DEPENDENCIES) #ifdef WOLFSSL_HAVE_TLS_UNIQUE #ifdef WC_SHA512_DIGEST_SIZE #define MD_MAX_SIZE WC_SHA512_DIGEST_SIZE #else #define MD_MAX_SIZE WC_SHA256_DIGEST_SIZE #endif byte server_side_msg1[MD_MAX_SIZE] = {0};/* msg sent by server */ byte server_side_msg2[MD_MAX_SIZE] = {0};/* msg received from client */ byte client_side_msg1[MD_MAX_SIZE] = {0};/* msg sent by client */ byte client_side_msg2[MD_MAX_SIZE] = {0};/* msg received from server */ #endif /* WOLFSSL_HAVE_TLS_UNIQUE */ /* TODO: Expand and enable this when EVP_chacha20_poly1305 is supported */ #if defined(HAVE_SESSION_TICKET) && defined(OPENSSL_EXTRA) && \ defined(HAVE_AES_CBC) typedef struct openssl_key_ctx { byte name[WOLFSSL_TICKET_NAME_SZ]; /* server name */ byte key[WOLFSSL_TICKET_KEY_SZ]; /* cipher key */ byte hmacKey[WOLFSSL_TICKET_NAME_SZ]; /* hmac key */ byte iv[WOLFSSL_TICKET_IV_SZ]; /* cipher iv */ } openssl_key_ctx; static THREAD_LS_T openssl_key_ctx myOpenSSLKey_ctx; static THREAD_LS_T WC_RNG myOpenSSLKey_rng; static WC_INLINE int OpenSSLTicketInit(void) { int ret = wc_InitRng(&myOpenSSLKey_rng); if (ret != 0) return ret; ret = wc_RNG_GenerateBlock(&myOpenSSLKey_rng, myOpenSSLKey_ctx.name, sizeof(myOpenSSLKey_ctx.name)); if (ret != 0) return ret; ret = wc_RNG_GenerateBlock(&myOpenSSLKey_rng, myOpenSSLKey_ctx.key, sizeof(myOpenSSLKey_ctx.key)); if (ret != 0) return ret; ret = wc_RNG_GenerateBlock(&myOpenSSLKey_rng, myOpenSSLKey_ctx.hmacKey, sizeof(myOpenSSLKey_ctx.hmacKey)); if (ret != 0) return ret; ret = wc_RNG_GenerateBlock(&myOpenSSLKey_rng, myOpenSSLKey_ctx.iv, sizeof(myOpenSSLKey_ctx.iv)); if (ret != 0) return ret; return 0; } static int myTicketEncCbOpenSSL(WOLFSSL* ssl, byte name[WOLFSSL_TICKET_NAME_SZ], byte iv[WOLFSSL_TICKET_IV_SZ], WOLFSSL_EVP_CIPHER_CTX *ectx, WOLFSSL_HMAC_CTX *hctx, int enc) { (void)ssl; if (enc) { XMEMCPY(name, myOpenSSLKey_ctx.name, sizeof(myOpenSSLKey_ctx.name)); XMEMCPY(iv, myOpenSSLKey_ctx.iv, sizeof(myOpenSSLKey_ctx.iv)); } else if (XMEMCMP(name, myOpenSSLKey_ctx.name, sizeof(myOpenSSLKey_ctx.name)) != 0 || XMEMCMP(iv, myOpenSSLKey_ctx.iv, sizeof(myOpenSSLKey_ctx.iv)) != 0) { return 0; } HMAC_Init_ex(hctx, myOpenSSLKey_ctx.hmacKey, WOLFSSL_TICKET_NAME_SZ, EVP_sha256(), NULL); if (enc) EVP_EncryptInit_ex(ectx, EVP_aes_256_cbc(), NULL, myOpenSSLKey_ctx.key, iv); else EVP_DecryptInit_ex(ectx, EVP_aes_256_cbc(), NULL, myOpenSSLKey_ctx.key, iv); return 1; } static WC_INLINE void OpenSSLTicketCleanup(void) { wc_FreeRng(&myOpenSSLKey_rng); } #endif #endif /* helper functions */ #ifdef HAVE_SSL_MEMIO_TESTS_DEPENDENCIES static WC_INLINE int test_ssl_memio_write_cb(WOLFSSL *ssl, char *data, int sz, void *ctx) { struct test_ssl_memio_ctx *test_ctx; byte *buf; int *len; test_ctx = (struct test_ssl_memio_ctx*)ctx; if (wolfSSL_GetSide(ssl) == WOLFSSL_SERVER_END) { buf = test_ctx->c_buff; len = &test_ctx->c_len; } else { buf = test_ctx->s_buff; len = &test_ctx->s_len; } if ((unsigned)(*len + sz) > TEST_SSL_MEMIO_BUF_SZ) return WOLFSSL_CBIO_ERR_WANT_WRITE; XMEMCPY(buf + *len, data, sz); *len += sz; #ifdef WOLFSSL_DUMP_MEMIO_STREAM { /* This can be imported into Wireshark by transforming the file with * od -Ax -tx1 -v test_output.dump > test_output.dump.hex * And then loading test_output.dump.hex into Wireshark using the * "Import from Hex Dump..." option ion and selecting the TCP * encapsulation option. */ char dump_file_name[64]; WOLFSSL_BIO *dump_file; sprintf(dump_file_name, "%s/%s.dump", tmpDirName, currentTestName); dump_file = wolfSSL_BIO_new_file(dump_file_name, "a"); if (dump_file != NULL) { (void)wolfSSL_BIO_write(dump_file, data, sz); wolfSSL_BIO_free(dump_file); } } #endif return sz; } static WC_INLINE int test_ssl_memio_read_cb(WOLFSSL *ssl, char *data, int sz, void *ctx) { struct test_ssl_memio_ctx *test_ctx; int read_sz; byte *buf; int *len; test_ctx = (struct test_ssl_memio_ctx*)ctx; if (wolfSSL_GetSide(ssl) == WOLFSSL_SERVER_END) { buf = test_ctx->s_buff; len = &test_ctx->s_len; } else { buf = test_ctx->c_buff; len = &test_ctx->c_len; } if (*len == 0) return WOLFSSL_CBIO_ERR_WANT_READ; read_sz = sz < *len ? sz : *len; XMEMCPY(data, buf, read_sz); XMEMMOVE(buf, buf + read_sz, *len - read_sz); *len -= read_sz; return read_sz; } static WC_INLINE int test_ssl_memio_setup(test_ssl_memio_ctx *ctx) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) int c_sharedCtx = 0; int s_sharedCtx = 0; #endif const char* clientCertFile = cliCertFile; const char* clientKeyFile = cliKeyFile; const char* serverCertFile = svrCertFile; const char* serverKeyFile = svrKeyFile; /******************************** * Create WOLFSSL_CTX for client. ********************************/ #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) if (ctx->c_ctx != NULL) { c_sharedCtx = ctx->c_cb.isSharedCtx; } else #endif { WOLFSSL_METHOD* method = NULL; if (ctx->c_cb.method != NULL) { method = ctx->c_cb.method(); } else { method = wolfSSLv23_client_method(); } ExpectNotNull(ctx->c_ctx = wolfSSL_CTX_new(method)); } wolfSSL_SetIORecv(ctx->c_ctx, test_ssl_memio_read_cb); wolfSSL_SetIOSend(ctx->c_ctx, test_ssl_memio_write_cb); #ifdef WOLFSSL_ENCRYPTED_KEYS wolfSSL_CTX_set_default_passwd_cb(ctx->c_ctx, PasswordCallBack); #endif if (ctx->c_cb.caPemFile != NULL) ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx->c_ctx, ctx->c_cb.caPemFile, 0), WOLFSSL_SUCCESS); else ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx->c_ctx, caCertFile, 0), WOLFSSL_SUCCESS); if (ctx->c_cb.certPemFile != NULL) { clientCertFile = ctx->c_cb.certPemFile; } if (ctx->c_cb.keyPemFile != NULL) { clientKeyFile = ctx->c_cb.keyPemFile; } #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) if (!c_sharedCtx) #endif { ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_file(ctx->c_ctx, clientCertFile), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_file(ctx->c_ctx, clientKeyFile, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); } #ifdef HAVE_CRL if (ctx->c_cb.crlPemFile != NULL) { ExpectIntEQ(wolfSSL_CTX_EnableCRL(ctx->c_ctx, WOLFSSL_CRL_CHECKALL), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx->c_ctx, ctx->c_cb.crlPemFile, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); } #endif if (ctx->c_ciphers != NULL) { ExpectIntEQ(wolfSSL_CTX_set_cipher_list(ctx->c_ctx, ctx->c_ciphers), WOLFSSL_SUCCESS); } if (ctx->c_cb.ctx_ready != NULL) { ExpectIntEQ(ctx->c_cb.ctx_ready(ctx->c_ctx), TEST_SUCCESS); } /******************************** * Create WOLFSSL_CTX for server. ********************************/ if (ctx->s_ctx != NULL) { #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) s_sharedCtx = 1; #endif ctx->s_cb.isSharedCtx = 1; } else { WOLFSSL_METHOD* method = NULL; if (ctx->s_cb.method != NULL) { method = ctx->s_cb.method(); } else { method = wolfSSLv23_server_method(); } ExpectNotNull(ctx->s_ctx = wolfSSL_CTX_new(method)); ctx->s_cb.isSharedCtx = 0; } if (!ctx->s_cb.ticNoInit && (ctx->s_ctx != NULL)) { #if defined(HAVE_SESSION_TICKET) && \ ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM)) #if defined(OPENSSL_EXTRA) && defined(HAVE_AES_CBC) OpenSSLTicketInit(); wolfSSL_CTX_set_tlsext_ticket_key_cb(ctx->s_ctx, myTicketEncCbOpenSSL); #elif defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) TicketInit(); wolfSSL_CTX_set_TicketEncCb(ctx->s_ctx, myTicketEncCb); #endif #endif } wolfSSL_SetIORecv(ctx->s_ctx, test_ssl_memio_read_cb); wolfSSL_SetIOSend(ctx->s_ctx, test_ssl_memio_write_cb); wolfSSL_CTX_set_verify(ctx->s_ctx, WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0); if (ctx->s_cb.caPemFile != NULL) ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx->s_ctx, ctx->s_cb.caPemFile, 0), WOLFSSL_SUCCESS); else ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx->s_ctx, cliCertFile, 0), WOLFSSL_SUCCESS); #ifdef WOLFSSL_ENCRYPTED_KEYS wolfSSL_CTX_set_default_passwd_cb(ctx->s_ctx, PasswordCallBack); #endif if (ctx->s_cb.certPemFile != NULL) { serverCertFile = ctx->s_cb.certPemFile; } #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) if (!s_sharedCtx) #endif { ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_file(ctx->s_ctx, serverCertFile), WOLFSSL_SUCCESS); } if (ctx->s_cb.keyPemFile != NULL) { serverKeyFile = ctx->s_cb.keyPemFile; } #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) if (!s_sharedCtx) #endif { ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_file(ctx->s_ctx, serverKeyFile, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); } if (ctx->s_ciphers != NULL) { ExpectIntEQ(wolfSSL_CTX_set_cipher_list(ctx->s_ctx, ctx->s_ciphers), WOLFSSL_SUCCESS); } if (ctx->s_cb.ctx_ready != NULL) { ExpectIntEQ(ctx->s_cb.ctx_ready(ctx->s_ctx), TEST_SUCCESS); } /**************************** * Create WOLFSSL for client. ****************************/ ExpectNotNull(ctx->c_ssl = wolfSSL_new(ctx->c_ctx)); wolfSSL_SetIOWriteCtx(ctx->c_ssl, ctx); wolfSSL_SetIOReadCtx(ctx->c_ssl, ctx); if (0 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) || c_sharedCtx #endif ) { ExpectIntEQ(wolfSSL_use_certificate_chain_file(ctx->c_ssl, clientCertFile), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_use_PrivateKey_file(ctx->c_ssl, clientKeyFile, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); } if (ctx->c_cb.ssl_ready != NULL) { ExpectIntEQ(ctx->c_cb.ssl_ready(ctx->c_ssl), TEST_SUCCESS); } /**************************** * Create WOLFSSL for server. ****************************/ ExpectNotNull(ctx->s_ssl = wolfSSL_new(ctx->s_ctx)); wolfSSL_SetIOWriteCtx(ctx->s_ssl, ctx); wolfSSL_SetIOReadCtx(ctx->s_ssl, ctx); if (0 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) || s_sharedCtx #endif ) { ExpectIntEQ(wolfSSL_use_certificate_chain_file(ctx->s_ssl, serverCertFile), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_use_PrivateKey_file(ctx->s_ssl, serverKeyFile, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); } #if !defined(NO_FILESYSTEM) && !defined(NO_DH) wolfSSL_SetTmpDH_file(ctx->s_ssl, dhParamFile, WOLFSSL_FILETYPE_PEM); #elif !defined(NO_DH) /* will repick suites with DHE, higher priority than PSK */ SetDH(ctx->s_ssl); #endif if (ctx->s_cb.ssl_ready != NULL) { ExpectIntEQ(ctx->s_cb.ssl_ready(ctx->s_ssl), TEST_SUCCESS); } return EXPECT_RESULT(); } static int test_ssl_memio_do_handshake(test_ssl_memio_ctx* ctx, int max_rounds, int* rounds) { int handshake_complete = 0; int hs_c = 0; int hs_s = 0; int failing_s = 0; int failing_c = 0; int ret; int err; if (rounds != NULL) { *rounds = 0; } while ((!handshake_complete) && (max_rounds > 0)) { if (!hs_c) { wolfSSL_SetLoggingPrefix("client"); ret = wolfSSL_connect(ctx->c_ssl); wolfSSL_SetLoggingPrefix(NULL); if (ret == WOLFSSL_SUCCESS) { hs_c = 1; } else { err = wolfSSL_get_error(ctx->c_ssl, ret); if (err != WOLFSSL_ERROR_WANT_READ && err != WOLFSSL_ERROR_WANT_WRITE) { char buff[WOLFSSL_MAX_ERROR_SZ]; fprintf(stderr, "error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buff)); failing_c = 1; hs_c = 1; if (failing_c && failing_s) { break; } } } } if (!hs_s) { wolfSSL_SetLoggingPrefix("server"); ret = wolfSSL_accept(ctx->s_ssl); wolfSSL_SetLoggingPrefix(NULL); if (ret == WOLFSSL_SUCCESS) { hs_s = 1; } else { err = wolfSSL_get_error(ctx->s_ssl, ret); if (err != WOLFSSL_ERROR_WANT_READ && err != WOLFSSL_ERROR_WANT_WRITE) { char buff[WOLFSSL_MAX_ERROR_SZ]; fprintf(stderr, "error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buff)); failing_s = 1; hs_s = 1; if (failing_c && failing_s) { break; } } } } handshake_complete = hs_c && hs_s; max_rounds--; if (rounds != NULL) { *rounds += 1; } } if (!handshake_complete || failing_c || failing_s) { return TEST_FAIL; } return TEST_SUCCESS; } static int test_ssl_memio_read_write(test_ssl_memio_ctx* ctx) { EXPECT_DECLS; char input[1024]; int idx = 0; const char* msg_c = "hello wolfssl!"; int msglen_c = (int)XSTRLEN(msg_c); const char* msg_s = "I hear you fa shizzle!"; int msglen_s = (int)XSTRLEN(msg_s); if (ctx->c_msg != NULL) { msg_c = ctx->c_msg; msglen_c = ctx->c_msglen; } if (ctx->s_msg != NULL) { msg_s = ctx->s_msg; msglen_s = ctx->s_msglen; } wolfSSL_SetLoggingPrefix("client"); ExpectIntEQ(wolfSSL_write(ctx->c_ssl, msg_c, msglen_c), msglen_c); wolfSSL_SetLoggingPrefix("server"); ExpectIntGT(idx = wolfSSL_read(ctx->s_ssl, input, sizeof(input) - 1), 0); if (idx >= 0) { input[idx] = '\0'; } ExpectIntGT(fprintf(stderr, "Client message: %s\n", input), 0); ExpectIntEQ(wolfSSL_write(ctx->s_ssl, msg_s, msglen_s), msglen_s); ctx->s_cb.return_code = EXPECT_RESULT(); wolfSSL_SetLoggingPrefix("client"); ExpectIntGT(idx = wolfSSL_read(ctx->c_ssl, input, sizeof(input) - 1), 0); wolfSSL_SetLoggingPrefix(NULL); if (idx >= 0) { input[idx] = '\0'; } ExpectIntGT(fprintf(stderr, "Server response: %s\n", input), 0); ctx->c_cb.return_code = EXPECT_RESULT(); if (ctx->c_cb.on_result != NULL) { ExpectIntEQ(ctx->c_cb.on_result(ctx->c_ssl), TEST_SUCCESS); } if (ctx->s_cb.on_result != NULL) { ExpectIntEQ(ctx->s_cb.on_result(ctx->s_ssl), TEST_SUCCESS); } return EXPECT_RESULT(); } static void test_ssl_memio_cleanup(test_ssl_memio_ctx* ctx) { ctx->c_cb.last_err = wolfSSL_get_error(ctx->c_ssl, 0); ctx->s_cb.last_err = wolfSSL_get_error(ctx->s_ssl, 0); if (ctx->c_cb.on_cleanup != NULL) { ctx->c_cb.on_cleanup(ctx->c_ssl); } if (ctx->s_cb.on_cleanup != NULL) { ctx->s_cb.on_cleanup(ctx->s_ssl); } wolfSSL_shutdown(ctx->s_ssl); wolfSSL_shutdown(ctx->c_ssl); wolfSSL_free(ctx->s_ssl); wolfSSL_free(ctx->c_ssl); if (ctx->c_cb.on_ctx_cleanup != NULL) { ctx->c_cb.on_ctx_cleanup(ctx->c_ctx); } if (!ctx->c_cb.isSharedCtx) { wolfSSL_CTX_free(ctx->c_ctx); ctx->c_ctx = NULL; } if (ctx->s_cb.on_ctx_cleanup != NULL) { ctx->s_cb.on_ctx_cleanup(ctx->s_ctx); } if (!ctx->s_cb.isSharedCtx) { wolfSSL_CTX_free(ctx->s_ctx); ctx->s_ctx = NULL; } if (!ctx->s_cb.ticNoInit) { #if defined(HAVE_SESSION_TICKET) && \ ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM)) #if defined(OPENSSL_EXTRA) && defined(HAVE_AES_CBC) OpenSSLTicketCleanup(); #elif defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) TicketCleanup(); #endif #endif } } int test_wolfSSL_client_server_nofail_memio(test_ssl_cbf* client_cb, test_ssl_cbf* server_cb, cbType client_on_handshake) { EXPECT_DECLS; struct test_ssl_memio_ctx test_ctx; #ifdef WOLFSSL_HAVE_TLS_UNIQUE size_t msg_len; #endif /* WOLFSSL_HAVE_TLS_UNIQUE */ XMEMSET(&test_ctx, 0, sizeof(test_ctx)); XMEMCPY(&test_ctx.c_cb, client_cb, sizeof(test_ssl_cbf)); XMEMCPY(&test_ctx.s_cb, server_cb, sizeof(test_ssl_cbf)); test_ctx.c_ctx = client_cb->ctx; test_ctx.s_ctx = server_cb->ctx; test_ctx.c_cb.return_code = TEST_FAIL; test_ctx.s_cb.return_code = TEST_FAIL; ExpectIntEQ(test_ssl_memio_setup(&test_ctx), TEST_SUCCESS); ExpectIntEQ(test_ssl_memio_do_handshake(&test_ctx, 10, NULL), TEST_SUCCESS); if (client_on_handshake != NULL) { ExpectIntEQ(client_on_handshake(test_ctx.c_ctx, test_ctx.c_ssl), TEST_SUCCESS); } if (client_cb->on_handshake != NULL) { ExpectIntEQ(client_cb->on_handshake(&test_ctx.c_ctx, &test_ctx.c_ssl), TEST_SUCCESS); } if (server_cb->on_handshake != NULL) { ExpectIntEQ(server_cb->on_handshake(&test_ctx.s_ctx, &test_ctx.s_ssl), TEST_SUCCESS); } #ifdef WOLFSSL_HAVE_TLS_UNIQUE XMEMSET(server_side_msg2, 0, MD_MAX_SIZE); msg_len = wolfSSL_get_peer_finished(test_ctx.s_ssl, server_side_msg2, MD_MAX_SIZE); ExpectIntGE(msg_len, 0); XMEMSET(server_side_msg1, 0, MD_MAX_SIZE); msg_len = wolfSSL_get_finished(test_ctx.s_ssl, server_side_msg1, MD_MAX_SIZE); ExpectIntGE(msg_len, 0); #endif /* WOLFSSL_HAVE_TLS_UNIQUE */ ExpectIntEQ(test_ssl_memio_read_write(&test_ctx), TEST_SUCCESS); test_ssl_memio_cleanup(&test_ctx); client_cb->return_code = test_ctx.c_cb.return_code; client_cb->last_err = test_ctx.c_cb.last_err; server_cb->return_code = test_ctx.s_cb.return_code; server_cb->last_err = test_ctx.s_cb.last_err; return EXPECT_RESULT(); } #endif #ifdef HAVE_IO_TESTS_DEPENDENCIES #ifdef WOLFSSL_SESSION_EXPORT #ifdef WOLFSSL_DTLS /* set up function for sending session information */ static int test_export(WOLFSSL* inSsl, byte* buf, word32 sz, void* userCtx) { WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; AssertNotNull(inSsl); AssertNotNull(buf); AssertIntNE(0, sz); /* Set ctx to DTLS 1.2 */ ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method()); AssertNotNull(ctx); ssl = wolfSSL_new(ctx); AssertNotNull(ssl); AssertIntGE(wolfSSL_dtls_import(ssl, buf, sz), 0); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); (void)userCtx; return 0; } #endif /* returns negative value on fail and positive (including 0) on success */ static int nonblocking_accept_read(void* args, WOLFSSL* ssl, SOCKET_T* sockfd) { int ret, err, loop_count, count, timeout = 10; char msg[] = "I hear you fa shizzle!"; char input[1024]; loop_count = ((func_args*)args)->argc; #ifdef WOLFSSL_ASYNC_CRYPT err = 0; /* Reset error */ #endif do { #ifdef WOLFSSL_ASYNC_CRYPT if (err == WC_PENDING_E) { ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW); if (ret < 0) { break; } else if (ret == 0) { continue; } } #endif ret = wolfSSL_accept(ssl); err = wolfSSL_get_error(ssl, 0); if (err == WOLFSSL_ERROR_WANT_READ || err == WOLFSSL_ERROR_WANT_WRITE) { int select_ret; err = WC_PENDING_E; select_ret = tcp_select(*sockfd, timeout); if (select_ret == TEST_TIMEOUT) { return WOLFSSL_FATAL_ERROR; } } } while (err == WC_PENDING_E); if (ret != WOLFSSL_SUCCESS) { char buff[WOLFSSL_MAX_ERROR_SZ]; fprintf(stderr, "error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buff)); return ret; } for (count = 0; count < loop_count; count++) { int select_ret; select_ret = tcp_select(*sockfd, timeout); if (select_ret == TEST_TIMEOUT) { ret = WOLFSSL_FATAL_ERROR; break; } do { ret = wolfSSL_read(ssl, input, sizeof(input)-1); if (ret > 0) { input[ret] = '\0'; fprintf(stderr, "Client message: %s\n", input); } } while (err == WOLFSSL_ERROR_WANT_READ && ret != WOLFSSL_SUCCESS); do { if ((ret = wolfSSL_write(ssl, msg, sizeof(msg))) != sizeof(msg)) { return WOLFSSL_FATAL_ERROR; } err = wolfSSL_get_error(ssl, ret); } while (err == WOLFSSL_ERROR_WANT_READ && ret != WOLFSSL_SUCCESS); } return ret; } #endif /* WOLFSSL_SESSION_EXPORT */ static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args) { SOCKET_T sockfd = 0; SOCKET_T clientfd = 0; word16 port; callback_functions* cbf; WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; func_args* opts = (func_args*)args; char msg[] = "I hear you fa shizzle!"; char input[1024]; int idx; int ret, err = 0; int sharedCtx = 0; int doUdp = 0; SOCKADDR_IN_T cliAddr; socklen_t cliLen; const char* certFile = svrCertFile; const char* keyFile = svrKeyFile; #ifdef WOLFSSL_HAVE_TLS_UNIQUE size_t msg_len = 0; #endif wolfSSL_SetLoggingPrefix("server"); #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif opts->return_code = TEST_FAIL; cbf = opts->callbacks; if (cbf != NULL && cbf->ctx) { ctx = cbf->ctx; sharedCtx = 1; } else { WOLFSSL_METHOD* method = NULL; if (cbf != NULL && cbf->method != NULL) { method = cbf->method(); } else { method = wolfSSLv23_server_method(); } ctx = wolfSSL_CTX_new(method); } if (ctx == NULL) { /* Release the wait for TCP ready. */ signal_ready(opts->signal); goto done; } if (cbf == NULL || !cbf->ticNoInit) { #if defined(HAVE_SESSION_TICKET) && \ ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM)) #if defined(OPENSSL_EXTRA) && defined(HAVE_AES_CBC) OpenSSLTicketInit(); wolfSSL_CTX_set_tlsext_ticket_key_cb(ctx, myTicketEncCbOpenSSL); #elif defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) TicketInit(); wolfSSL_CTX_set_TicketEncCb(ctx, myTicketEncCb); #endif #endif } #if defined(USE_WINDOWS_API) port = opts->signal->port; #elif defined(NO_MAIN_DRIVER) && !defined(WOLFSSL_SNIFFER) && \ !defined(WOLFSSL_MDK_SHELL) && !defined(WOLFSSL_TIRTOS) /* Let tcp_listen assign port */ port = 0; #else /* Use default port */ port = wolfSSLPort; #endif if (cbf != NULL) doUdp = cbf->doUdp; /* do it here to detect failure */ tcp_accept( &sockfd, &clientfd, opts, port, 0, doUdp, 0, 0, 1, 0, 0); if (doUdp) { cliLen = sizeof(cliAddr); idx = (int)recvfrom(sockfd, input, sizeof(input), MSG_PEEK, (struct sockaddr*)&cliAddr, &cliLen); AssertIntGT(idx, 0); } else { CloseSocket(sockfd); } wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0); #ifdef WOLFSSL_ENCRYPTED_KEYS wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); #endif if (wolfSSL_CTX_load_verify_locations(ctx, cliCertFile, 0) != WOLFSSL_SUCCESS) { /*err_sys("can't load ca file, Please run from wolfSSL home dir");*/ goto done; } if (cbf != NULL && cbf->certPemFile != NULL) certFile = cbf->certPemFile; #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) if (!sharedCtx && wolfSSL_CTX_use_certificate_file(ctx, certFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { #else if (wolfSSL_CTX_use_certificate_file(ctx, certFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { #endif /*err_sys("can't load server cert chain file, " "Please run from wolfSSL home dir");*/ goto done; } if (cbf != NULL && cbf->keyPemFile != NULL) keyFile = cbf->keyPemFile; #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) if (!sharedCtx && wolfSSL_CTX_use_PrivateKey_file(ctx, keyFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { #else if (wolfSSL_CTX_use_PrivateKey_file(ctx, keyFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { #endif /*err_sys("can't load server key file, " "Please run from wolfSSL home dir");*/ goto done; } #ifdef HAVE_CRL if (cbf != NULL && cbf->crlPemFile != NULL) { if (wolfSSL_CTX_EnableCRL(ctx, WOLFSSL_CRL_CHECKALL) != WOLFSSL_SUCCESS) goto done; if (wolfSSL_CTX_LoadCRLFile(ctx, cbf->crlPemFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) goto done; } #endif /* call ctx setup callback */ if (cbf != NULL && cbf->ctx_ready != NULL) { cbf->ctx_ready(ctx); } ssl = wolfSSL_new(ctx); if (ssl == NULL) { goto done; } if (doUdp) { err = wolfSSL_dtls_set_peer(ssl, &cliAddr, cliLen); if (err != WOLFSSL_SUCCESS) goto done; } #ifdef WOLFSSL_SESSION_EXPORT /* only add in more complex nonblocking case with session export tests */ if (args && opts->argc > 0) { /* set as nonblock and time out for waiting on read/write */ tcp_set_nonblocking(&clientfd); wolfSSL_dtls_set_using_nonblock(ssl, 1); } #endif #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) if (sharedCtx && wolfSSL_use_certificate_file(ssl, certFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { #else if (wolfSSL_use_certificate_file(ssl, certFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { #endif /*err_sys("can't load server cert chain file, " "Please run from wolfSSL home dir");*/ goto done; } #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) if (sharedCtx && wolfSSL_use_PrivateKey_file(ssl, keyFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { #else if (wolfSSL_use_PrivateKey_file(ssl, keyFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { #endif /*err_sys("can't load server key file, " "Please run from wolfSSL home dir");*/ goto done; } if (wolfSSL_set_fd(ssl, clientfd) != WOLFSSL_SUCCESS) { /*err_sys("SSL_set_fd failed");*/ goto done; } #if !defined(NO_FILESYSTEM) && !defined(NO_DH) wolfSSL_SetTmpDH_file(ssl, dhParamFile, WOLFSSL_FILETYPE_PEM); #elif !defined(NO_DH) SetDH(ssl); /* will repick suites with DHE, higher priority than PSK */ #endif /* call ssl setup callback */ if (cbf != NULL && cbf->ssl_ready != NULL) { cbf->ssl_ready(ssl); } #ifdef WOLFSSL_SESSION_EXPORT /* only add in more complex nonblocking case with session export tests */ if (opts->argc > 0) { ret = nonblocking_accept_read(args, ssl, &clientfd); if (ret >= 0) { opts->return_code = TEST_SUCCESS; } #ifdef WOLFSSL_TIRTOS Task_yield(); #endif goto done; } #endif #ifdef WOLFSSL_ASYNC_CRYPT err = 0; /* Reset error */ #endif do { #ifdef WOLFSSL_ASYNC_CRYPT if (err == WC_PENDING_E) { ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW); if (ret < 0) { break; } else if (ret == 0) { continue; } } #endif ret = wolfSSL_negotiate(ssl); err = wolfSSL_get_error(ssl, 0); } while (err == WC_PENDING_E); if (ret != WOLFSSL_SUCCESS) { char buff[WOLFSSL_MAX_ERROR_SZ]; fprintf(stderr, "error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buff)); /*err_sys("SSL_accept failed");*/ goto done; } #ifdef WOLFSSL_HAVE_TLS_UNIQUE XMEMSET(server_side_msg2, 0, MD_MAX_SIZE); msg_len = wolfSSL_get_peer_finished(ssl, server_side_msg2, MD_MAX_SIZE); AssertIntGE(msg_len, 0); XMEMSET(server_side_msg1, 0, MD_MAX_SIZE); msg_len = wolfSSL_get_finished(ssl, server_side_msg1, MD_MAX_SIZE); AssertIntGE(msg_len, 0); #endif /* WOLFSSL_HAVE_TLS_UNIQUE */ idx = wolfSSL_read(ssl, input, sizeof(input)-1); if (idx > 0) { input[idx] = '\0'; fprintf(stderr, "Client message: %s\n", input); } else if (idx < 0) { goto done; } if (wolfSSL_write(ssl, msg, sizeof(msg)) != sizeof(msg)) { /*err_sys("SSL_write failed");*/ goto done; } if (cbf != NULL && cbf->on_result != NULL) cbf->on_result(ssl); #ifdef WOLFSSL_TIRTOS Task_yield(); #endif opts->return_code = TEST_SUCCESS; done: if (cbf != NULL) cbf->last_err = err; if (cbf != NULL && cbf->on_cleanup != NULL) cbf->on_cleanup(ssl); wolfSSL_shutdown(ssl); wolfSSL_free(ssl); if (!sharedCtx) wolfSSL_CTX_free(ctx); CloseSocket(clientfd); #ifdef WOLFSSL_TIRTOS fdCloseSession(Task_self()); #endif #if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \ && defined(HAVE_THREAD_LS) wc_ecc_fp_free(); /* free per thread cache */ #endif if (cbf == NULL || !cbf->ticNoInit) { #if defined(HAVE_SESSION_TICKET) && \ ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM)) #if defined(OPENSSL_EXTRA) && defined(HAVE_AES_CBC) OpenSSLTicketCleanup(); #elif defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) TicketCleanup(); #endif #endif } wolfSSL_SetLoggingPrefix(NULL); WOLFSSL_RETURN_FROM_THREAD(0); } #if defined(OPENSSL_EXTRA) && !defined(NO_SESSION_CACHE) && \ !defined(WOLFSSL_NO_TLS12) static THREAD_RETURN WOLFSSL_THREAD test_server_loop(void* args) { SOCKET_T sockfd = 0; SOCKET_T clientfd = 0; word16 port; callback_functions* cbf; WOLFSSL_CTX* ctx = 0; WOLFSSL* ssl = 0; char msg[] = "I hear you fa shizzle!"; char input[1024]; int idx; int ret, err = 0; int sharedCtx = 0; func_args* opts = (func_args*)args; int loop_count = opts->argc; int count = 0; #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif opts->return_code = TEST_FAIL; cbf = opts->callbacks; #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) if (cbf != NULL && cbf->ctx) { ctx = cbf->ctx; sharedCtx = 1; } else #endif { WOLFSSL_METHOD* method = NULL; if (cbf != NULL && cbf->method != NULL) { method = cbf->method(); } else { method = wolfSSLv23_server_method(); } ctx = wolfSSL_CTX_new(method); } #if defined(USE_WINDOWS_API) port = opts->signal->port; #elif defined(NO_MAIN_DRIVER) && !defined(WOLFSSL_SNIFFER) && \ !defined(WOLFSSL_MDK_SHELL) && !defined(WOLFSSL_TIRTOS) /* Let tcp_listen assign port */ port = 0; #else /* Use default port */ port = wolfSSLPort; #endif wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0); #ifdef WOLFSSL_ENCRYPTED_KEYS wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); #endif if (wolfSSL_CTX_load_verify_locations(ctx, cliCertFile, 0) != WOLFSSL_SUCCESS) { /*err_sys("can't load ca file, Please run from wolfSSL home dir");*/ /* Release the wait for TCP ready. */ signal_ready(opts->signal); goto done; } if (!sharedCtx && wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { /*err_sys("can't load server cert chain file, " "Please run from wolfSSL home dir");*/ /* Release the wait for TCP ready. */ signal_ready(opts->signal); goto done; } if (!sharedCtx && wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { /*err_sys("can't load server key file, " "Please run from wolfSSL home dir");*/ /* Release the wait for TCP ready. */ signal_ready(opts->signal); goto done; } /* call ctx setup callback */ if (cbf != NULL && cbf->ctx_ready != NULL) { cbf->ctx_ready(ctx); } while (count != loop_count) { ssl = wolfSSL_new(ctx); if (ssl == NULL) { signal_ready(opts->signal); goto done; } if (sharedCtx && wolfSSL_use_certificate_file(ssl, svrCertFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { /*err_sys("can't load server cert chain file, " "Please run from wolfSSL home dir");*/ /* Release the wait for TCP ready. */ signal_ready(opts->signal); goto done; } if (sharedCtx && wolfSSL_use_PrivateKey_file(ssl, svrKeyFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { /*err_sys("can't load server key file, " "Please run from wolfSSL home dir");*/ /* Release the wait for TCP ready. */ signal_ready(opts->signal); goto done; } #if !defined(NO_FILESYSTEM) && !defined(NO_DH) wolfSSL_SetTmpDH_file(ssl, dhParamFile, WOLFSSL_FILETYPE_PEM); #elif !defined(NO_DH) SetDH(ssl); /* will repick suites with DHE, higher priority than PSK */ #endif /* call ssl setup callback */ if (cbf != NULL && cbf->ssl_ready != NULL) { cbf->ssl_ready(ssl); } /* do it here to detect failure */ tcp_accept(&sockfd, &clientfd, (func_args*)args, port, 0, 0, 0, 0, 1, 0, 0); CloseSocket(sockfd); if (wolfSSL_set_fd(ssl, clientfd) != WOLFSSL_SUCCESS) { /*err_sys("SSL_set_fd failed");*/ goto done; } #ifdef WOLFSSL_ASYNC_CRYPT err = 0; /* Reset error */ #endif do { #ifdef WOLFSSL_ASYNC_CRYPT if (err == WC_PENDING_E) { ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW); if (ret < 0) { break; } else if (ret == 0) { continue; } } #endif ret = wolfSSL_accept(ssl); err = wolfSSL_get_error(ssl, 0); } while (err == WC_PENDING_E); if (ret != WOLFSSL_SUCCESS) { char buff[WOLFSSL_MAX_ERROR_SZ]; fprintf(stderr, "error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buff)); /*err_sys("SSL_accept failed");*/ goto done; } idx = wolfSSL_read(ssl, input, sizeof(input)-1); if (idx > 0) { input[idx] = '\0'; fprintf(stderr, "Client message: %s\n", input); } if (wolfSSL_write(ssl, msg, sizeof(msg)) != sizeof(msg)) { /*err_sys("SSL_write failed");*/ goto done; } /* free ssl for this connection */ wolfSSL_shutdown(ssl); wolfSSL_free(ssl); ssl = NULL; CloseSocket(clientfd); count++; } #ifdef WOLFSSL_TIRTOS Task_yield(); #endif opts->return_code = TEST_SUCCESS; done: if (ssl != NULL) { wolfSSL_shutdown(ssl); wolfSSL_free(ssl); } if (!sharedCtx) wolfSSL_CTX_free(ctx); CloseSocket(clientfd); #ifdef WOLFSSL_TIRTOS fdCloseSession(Task_self()); #endif #if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \ && defined(HAVE_THREAD_LS) wc_ecc_fp_free(); /* free per thread cache */ #endif WOLFSSL_RETURN_FROM_THREAD(0); } #endif /* defined(OPENSSL_EXTRA) && !defined(NO_SESSION_CACHE) && !defined(WOLFSSL_TLS13) */ static int test_client_nofail(void* args, cbType cb) { #if !defined(NO_WOLFSSL_CLIENT) SOCKET_T sockfd = 0; callback_functions* cbf; WOLFSSL_CTX* ctx = 0; WOLFSSL* ssl = 0; WOLFSSL_CIPHER* cipher; char msg[64] = "hello wolfssl!"; char reply[1024]; int input; int msgSz = (int)XSTRLEN(msg); int ret, err = 0; int cipherSuite; int sharedCtx = 0; int doUdp = 0; const char* cipherName1, *cipherName2; wolfSSL_SetLoggingPrefix("client"); #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif ((func_args*)args)->return_code = TEST_FAIL; cbf = ((func_args*)args)->callbacks; #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) if (cbf != NULL && cbf->ctx) { ctx = cbf->ctx; sharedCtx = cbf->isSharedCtx; } else #endif { WOLFSSL_METHOD* method = NULL; if (cbf != NULL && cbf->method != NULL) { method = cbf->method(); } else { method = wolfSSLv23_client_method(); } ctx = wolfSSL_CTX_new(method); } if (cbf != NULL) doUdp = cbf->doUdp; #ifdef WOLFSSL_ENCRYPTED_KEYS wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); #endif /* Do connect here so server detects failures */ tcp_connect(&sockfd, wolfSSLIP, ((func_args*)args)->signal->port, doUdp, 0, NULL); /* Connect the socket so that we don't have to set the peer later on */ if (doUdp) udp_connect(&sockfd, wolfSSLIP, ((func_args*)args)->signal->port); if (wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0) != WOLFSSL_SUCCESS) { /* err_sys("can't load ca file, Please run from wolfSSL home dir");*/ goto done; } #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) if (!sharedCtx && wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { #else if (wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { #endif /*err_sys("can't load client cert file, " "Please run from wolfSSL home dir");*/ goto done; } #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) if (!sharedCtx && wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { #else if (wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { #endif /*err_sys("can't load client key file, " "Please run from wolfSSL home dir");*/ goto done; } #ifdef HAVE_CRL if (cbf != NULL && cbf->crlPemFile != NULL) { if (wolfSSL_CTX_EnableCRL(ctx, WOLFSSL_CRL_CHECKALL) != WOLFSSL_SUCCESS) goto done; if (wolfSSL_CTX_LoadCRLFile(ctx, cbf->crlPemFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) goto done; } #endif /* call ctx setup callback */ if (cbf != NULL && cbf->ctx_ready != NULL) { cbf->ctx_ready(ctx); } ssl = wolfSSL_new(ctx); if (ssl == NULL) { goto done; } #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) if (sharedCtx && wolfSSL_use_certificate_file(ssl, cliCertFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { #else if (wolfSSL_use_certificate_file(ssl, cliCertFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { #endif /*err_sys("can't load client cert file, " "Please run from wolfSSL home dir");*/ goto done; } #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) if (sharedCtx && wolfSSL_use_PrivateKey_file(ssl, cliKeyFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { #else if (wolfSSL_use_PrivateKey_file(ssl, cliKeyFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { #endif /*err_sys("can't load client key file, " "Please run from wolfSSL home dir");*/ goto done; } if (!doUdp) { if (wolfSSL_set_fd(ssl, sockfd) != WOLFSSL_SUCCESS) { /*err_sys("SSL_set_fd failed");*/ goto done; } } else { #ifdef WOLFSSL_DTLS if (wolfSSL_set_dtls_fd_connected(ssl, sockfd) != WOLFSSL_SUCCESS) { /*err_sys("SSL_set_fd failed");*/ goto done; } #else goto done; #endif } /* call ssl setup callback */ if (cbf != NULL && cbf->ssl_ready != NULL) { cbf->ssl_ready(ssl); } #ifdef WOLFSSL_ASYNC_CRYPT err = 0; /* Reset error */ #endif do { #ifdef WOLFSSL_ASYNC_CRYPT if (err == WC_PENDING_E) { ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW); if (ret < 0) { break; } else if (ret == 0) { continue; } } #endif ret = wolfSSL_negotiate(ssl); err = wolfSSL_get_error(ssl, 0); } while (err == WC_PENDING_E); if (ret != WOLFSSL_SUCCESS) { char buff[WOLFSSL_MAX_ERROR_SZ]; fprintf(stderr, "error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buff)); /*err_sys("SSL_connect failed");*/ goto done; } /* test the various get cipher methods */ /* Internal cipher suite names */ cipherSuite = wolfSSL_get_current_cipher_suite(ssl); cipherName1 = wolfSSL_get_cipher_name(ssl); cipherName2 = wolfSSL_get_cipher_name_from_suite( (cipherSuite >> 8), cipherSuite & 0xFF); AssertStrEQ(cipherName1, cipherName2); /* IANA Cipher Suites Names */ /* Unless WOLFSSL_CIPHER_INTERNALNAME or NO_ERROR_STRINGS, then it's the internal cipher suite name */ cipher = wolfSSL_get_current_cipher(ssl); cipherName1 = wolfSSL_CIPHER_get_name(cipher); cipherName2 = wolfSSL_get_cipher(ssl); AssertStrEQ(cipherName1, cipherName2); #if !defined(WOLFSSL_CIPHER_INTERNALNAME) && !defined(NO_ERROR_STRINGS) && \ !defined(WOLFSSL_QT) cipherName1 = wolfSSL_get_cipher_name_iana_from_suite( (cipherSuite >> 8), cipherSuite & 0xFF); AssertStrEQ(cipherName1, cipherName2); #endif if (cb != NULL) (cb)(ctx, ssl); if (wolfSSL_write(ssl, msg, msgSz) != msgSz) { /*err_sys("SSL_write failed");*/ goto done; } input = wolfSSL_read(ssl, reply, sizeof(reply)-1); if (input > 0) { reply[input] = '\0'; fprintf(stderr, "Server response: %s\n", reply); } if (cbf != NULL && cbf->on_result != NULL) cbf->on_result(ssl); ((func_args*)args)->return_code = TEST_SUCCESS; done: if (cbf != NULL) cbf->last_err = err; if (cbf != NULL && cbf->on_cleanup != NULL) cbf->on_cleanup(ssl); wolfSSL_free(ssl); if (!sharedCtx) wolfSSL_CTX_free(ctx); CloseSocket(sockfd); #ifdef WOLFSSL_TIRTOS fdCloseSession(Task_self()); #endif #if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \ && defined(HAVE_THREAD_LS) wc_ecc_fp_free(); /* free per thread cache */ #endif #else (void)args; (void)cb; #endif /* !NO_WOLFSSL_CLIENT */ wolfSSL_SetLoggingPrefix(NULL); return 0; } void test_wolfSSL_client_server_nofail_ex(callback_functions* client_cb, callback_functions* server_cb, cbType client_on_handshake) { func_args client_args; func_args server_args; tcp_ready ready; THREAD_TYPE serverThread; XMEMSET(&client_args, 0, sizeof(func_args)); XMEMSET(&server_args, 0, sizeof(func_args)); #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif StartTCP(); InitTcpReady(&ready); #if defined(USE_WINDOWS_API) /* use RNG to get random port if using windows */ ready.port = GetRandomPort(); #endif server_args.signal = &ready; server_args.callbacks = server_cb; client_args.signal = &ready; client_args.callbacks = client_cb; start_thread(test_server_nofail, &server_args, &serverThread); wait_tcp_ready(&server_args); test_client_nofail(&client_args, client_on_handshake); join_thread(serverThread); client_cb->return_code = client_args.return_code; server_cb->return_code = server_args.return_code; FreeTcpReady(&ready); #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif } void test_wolfSSL_client_server_nofail(callback_functions* client_cb, callback_functions* server_cb) { test_wolfSSL_client_server_nofail_ex(client_cb, server_cb, NULL); } #if defined(OPENSSL_EXTRA) && !defined(NO_SESSION_CACHE) && \ !defined(WOLFSSL_NO_TLS12) && !defined(NO_WOLFSSL_CLIENT) static void test_client_reuse_WOLFSSLobj(void* args, cbType cb, void* server_args) { SOCKET_T sockfd = 0; callback_functions* cbf; WOLFSSL_CTX* ctx = 0; WOLFSSL* ssl = 0; WOLFSSL_SESSION* session = NULL; char msg[64] = "hello wolfssl!"; char reply[1024]; int input; int msgSz = (int)XSTRLEN(msg); int ret, err = 0; int sharedCtx = 0; #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif ((func_args*)args)->return_code = TEST_FAIL; cbf = ((func_args*)args)->callbacks; #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) if (cbf != NULL && cbf->ctx) { ctx = cbf->ctx; sharedCtx = 1; } else #endif { WOLFSSL_METHOD* method = NULL; if (cbf != NULL && cbf->method != NULL) { method = cbf->method(); } else { method = wolfSSLv23_client_method(); } ctx = wolfSSL_CTX_new(method); } #ifdef WOLFSSL_ENCRYPTED_KEYS wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); #endif /* Do connect here so server detects failures */ tcp_connect(&sockfd, wolfSSLIP, ((func_args*)args)->signal->port, 0, 0, NULL); if (wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0) != WOLFSSL_SUCCESS) { /* err_sys("can't load ca file, Please run from wolfSSL home dir");*/ goto done; } if (!sharedCtx && wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { /*err_sys("can't load client cert file, " "Please run from wolfSSL home dir");*/ goto done; } if (!sharedCtx && wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { /*err_sys("can't load client key file, " "Please run from wolfSSL home dir");*/ goto done; } /* call ctx setup callback */ if (cbf != NULL && cbf->ctx_ready != NULL) { cbf->ctx_ready(ctx); } ssl = wolfSSL_new(ctx); if (ssl == NULL) { goto done; } /* keep handshake resources for re-using WOLFSSL obj */ wolfSSL_KeepArrays(ssl); if (wolfSSL_KeepHandshakeResources(ssl)) { /* err_sys("SSL_KeepHandshakeResources failed"); */ goto done; } if (sharedCtx && wolfSSL_use_certificate_file(ssl, cliCertFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { /*err_sys("can't load client cert file, " "Please run from wolfSSL home dir");*/ goto done; } if (sharedCtx && wolfSSL_use_PrivateKey_file(ssl, cliKeyFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { /*err_sys("can't load client key file, " "Please run from wolfSSL home dir");*/ goto done; } if (wolfSSL_set_fd(ssl, sockfd) != WOLFSSL_SUCCESS) { /*err_sys("SSL_set_fd failed");*/ goto done; } /* call ssl setup callback */ if (cbf != NULL && cbf->ssl_ready != NULL) { cbf->ssl_ready(ssl); } #ifdef WOLFSSL_ASYNC_CRYPT err = 0; /* Reset error */ #endif do { #ifdef WOLFSSL_ASYNC_CRYPT if (err == WC_PENDING_E) { ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW); if (ret < 0) { break; } else if (ret == 0) { continue; } } #endif ret = wolfSSL_connect(ssl); err = wolfSSL_get_error(ssl, 0); } while (err == WC_PENDING_E); if (ret != WOLFSSL_SUCCESS) { char buff[WOLFSSL_MAX_ERROR_SZ]; fprintf(stderr, "error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buff)); /*err_sys("SSL_connect failed");*/ goto done; } /* Build first session */ if (cb != NULL) cb(ctx, ssl); if (wolfSSL_write(ssl, msg, msgSz) != msgSz) { /*err_sys("SSL_write failed");*/ goto done; } input = wolfSSL_read(ssl, reply, sizeof(reply)-1); if (input > 0) { reply[input] = '\0'; fprintf(stderr, "Server response: %s\n", reply); } /* Session Resumption by re-using WOLFSSL object */ wolfSSL_set_quiet_shutdown(ssl, 1); if (wolfSSL_shutdown(ssl) != WOLFSSL_SUCCESS) { /* err_sys ("SSL shutdown failed"); */ goto done; } session = wolfSSL_get1_session(ssl); if (wolfSSL_clear(ssl) != WOLFSSL_SUCCESS) { wolfSSL_SESSION_free(session); /* err_sys ("SSL_clear failed"); */ goto done; } wolfSSL_set_session(ssl, session); wolfSSL_SESSION_free(session); session = NULL; /* close socket once */ CloseSocket(sockfd); sockfd = 0; /* wait until server ready */ wait_tcp_ready((func_args*)server_args); fprintf(stderr, "session resumption\n"); /* Do re-connect */ tcp_connect(&sockfd, wolfSSLIP, ((func_args*)args)->signal->port, 0, 0, NULL); if (wolfSSL_set_fd(ssl, sockfd) != WOLFSSL_SUCCESS) { /*err_sys("SSL_set_fd failed");*/ goto done; } #ifdef WOLFSSL_ASYNC_CRYPT err = 0; /* Reset error */ #endif do { #ifdef WOLFSSL_ASYNC_CRYPT if (err == WC_PENDING_E) { ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW); if (ret < 0) { break; } else if (ret == 0) { continue; } } #endif ret = wolfSSL_connect(ssl); err = wolfSSL_get_error(ssl, 0); } while (err == WC_PENDING_E); if (ret != WOLFSSL_SUCCESS) { char buff[WOLFSSL_MAX_ERROR_SZ]; fprintf(stderr, "error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buff)); /*err_sys("SSL_connect failed");*/ goto done; } /* Build first session */ if (cb != NULL) cb(ctx, ssl); if (wolfSSL_write(ssl, msg, msgSz) != msgSz) { /*err_sys("SSL_write failed");*/ goto done; } input = wolfSSL_read(ssl, reply, sizeof(reply)-1); if (input > 0) { reply[input] = '\0'; fprintf(stderr, "Server response: %s\n", reply); } ((func_args*)args)->return_code = TEST_SUCCESS; done: wolfSSL_free(ssl); if (!sharedCtx) wolfSSL_CTX_free(ctx); CloseSocket(sockfd); #ifdef WOLFSSL_TIRTOS fdCloseSession(Task_self()); #endif return; } #endif /* defined(OPENSSL_EXTRA) && !defined(NO_SESSION_CACHE) && !defined(WOLFSSL_TLS13) && !defined(NO_WOLFSSL_CLIENT) */ #if (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \ defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)) && \ defined(HAVE_ALPN) && defined(HAVE_SNI) && \ defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(NO_BIO) #define HAVE_ALPN_PROTOS_SUPPORT #endif /* Generic TLS client / server with callbacks for API unit tests * Used by SNI / ALPN / crypto callback helper functions */ #if defined(HAVE_IO_TESTS_DEPENDENCIES) && \ (defined(HAVE_SNI) || defined(HAVE_ALPN) || defined(WOLF_CRYPTO_CB) || \ defined(HAVE_ALPN_PROTOS_SUPPORT)) || defined(WOLFSSL_STATIC_MEMORY) #define ENABLE_TLS_CALLBACK_TEST #endif #if defined(ENABLE_TLS_CALLBACK_TEST) || \ (defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT)) /* TLS server for API unit testing - generic */ static THREAD_RETURN WOLFSSL_THREAD run_wolfssl_server(void* args) { callback_functions* callbacks = ((func_args*)args)->callbacks; WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; SOCKET_T sfd = 0; SOCKET_T cfd = 0; word16 port; char msg[] = "I hear you fa shizzle!"; int len = (int) XSTRLEN(msg); char input[1024]; int idx; int ret, err = 0; ((func_args*)args)->return_code = TEST_FAIL; #if defined(USE_WINDOWS_API) port = ((func_args*)args)->signal->port; #elif defined(NO_MAIN_DRIVER) && !defined(WOLFSSL_SNIFFER) && \ !defined(WOLFSSL_MDK_SHELL) && !defined(WOLFSSL_TIRTOS) /* Let tcp_listen assign port */ port = 0; #else /* Use default port */ port = wolfSSLPort; #endif #ifdef WOLFSSL_DTLS if (callbacks->method == wolfDTLS_server_method #ifdef WOLFSSL_STATIC_MEMORY || callbacks->method_ex == wolfDTLS_server_method_ex #endif #ifndef NO_OLD_TLS || callbacks->method == wolfDTLSv1_server_method #ifdef WOLFSSL_STATIC_MEMORY || callbacks->method_ex == wolfDTLSv1_server_method_ex #endif #endif #ifndef WOLFSSL_NO_TLS12 || callbacks->method == wolfDTLSv1_2_server_method #ifdef WOLFSSL_STATIC_MEMORY || callbacks->method_ex == wolfDTLSv1_2_server_method_ex #endif #endif #ifdef WOLFSSL_DTLS13 || callbacks->method == wolfDTLSv1_3_server_method #ifdef WOLFSSL_STATIC_MEMORY || callbacks->method_ex == wolfDTLSv1_3_server_method_ex #endif #endif ) { tcp_accept(&sfd, &cfd, (func_args*)args, port, 0, 1, 0, 0, 0, 0, 0); } else #endif { tcp_accept(&sfd, &cfd, (func_args*)args, port, 0, 0, 0, 0, 1, 0, 0); } #ifdef WOLFSSL_STATIC_MEMORY if (callbacks->method_ex != NULL && callbacks->mem != NULL && callbacks->memSz > 0) { ret = wolfSSL_CTX_load_static_memory(&ctx, callbacks->method_ex, callbacks->mem, callbacks->memSz, 0, 1); if (ret != WOLFSSL_SUCCESS) { fprintf(stderr, "CTX static new failed %d\n", ret); goto cleanup; } } #else ctx = wolfSSL_CTX_new(callbacks->method()); #endif if (ctx == NULL) { fprintf(stderr, "CTX new failed\n"); goto cleanup; } /* set defaults */ if (callbacks->caPemFile == NULL) callbacks->caPemFile = cliCertFile; if (callbacks->certPemFile == NULL) callbacks->certPemFile = svrCertFile; if (callbacks->keyPemFile == NULL) callbacks->keyPemFile = svrKeyFile; #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif wolfSSL_CTX_SetDevId(ctx, callbacks->devId); wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0); #ifdef WOLFSSL_ENCRYPTED_KEYS wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); #endif #if defined(WOLFSSL_SESSION_EXPORT) && defined(WOLFSSL_DTLS) if (callbacks->method == wolfDTLSv1_2_server_method) { if (wolfSSL_CTX_dtls_set_export(ctx, test_export) != WOLFSSL_SUCCESS) goto cleanup; } #endif if (wolfSSL_CTX_load_verify_locations(ctx, callbacks->caPemFile, 0) != WOLFSSL_SUCCESS) { goto cleanup; } if (wolfSSL_CTX_use_certificate_file(ctx, callbacks->certPemFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { goto cleanup; } if (wolfSSL_CTX_use_PrivateKey_file(ctx, callbacks->keyPemFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { goto cleanup; } #ifdef HAVE_CRL if (callbacks->crlPemFile != NULL) { if (wolfSSL_CTX_LoadCRLFile(ctx, callbacks->crlPemFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { goto cleanup; } } #endif if (callbacks->ctx_ready) callbacks->ctx_ready(ctx); ssl = wolfSSL_new(ctx); if (ssl == NULL) { fprintf(stderr, "SSL new failed\n"); goto cleanup; } if (wolfSSL_dtls(ssl)) { SOCKADDR_IN_T cliAddr; socklen_t cliLen; cliLen = sizeof(cliAddr); idx = (int)recvfrom(sfd, input, sizeof(input), MSG_PEEK, (struct sockaddr*)&cliAddr, &cliLen); if (idx <= 0) { goto cleanup; } wolfSSL_dtls_set_peer(ssl, &cliAddr, cliLen); } else { CloseSocket(sfd); } if (wolfSSL_set_fd(ssl, cfd) != WOLFSSL_SUCCESS) { goto cleanup; } if (callbacks->loadToSSL) { wolfSSL_SetDevId(ssl, callbacks->devId); if (wolfSSL_use_certificate_file(ssl, callbacks->certPemFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { goto cleanup; } if (wolfSSL_use_PrivateKey_file(ssl, callbacks->keyPemFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { goto cleanup; } } #ifdef NO_PSK #if !defined(NO_FILESYSTEM) && !defined(NO_DH) wolfSSL_SetTmpDH_file(ssl, dhParamFile, WOLFSSL_FILETYPE_PEM); #elif !defined(NO_DH) SetDH(ssl); /* will repick suites with DHE, higher priority than PSK */ #endif #endif if (callbacks->ssl_ready) callbacks->ssl_ready(ssl); #ifdef WOLFSSL_ASYNC_CRYPT err = 0; /* Reset error */ #endif do { #ifdef WOLFSSL_ASYNC_CRYPT if (err == WC_PENDING_E) { ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW); if (ret < 0) { break; } else if (ret == 0) { continue; } } #endif ret = wolfSSL_accept(ssl); err = wolfSSL_get_error(ssl, ret); } while (err == WC_PENDING_E); if (ret != WOLFSSL_SUCCESS) { char buff[WOLFSSL_MAX_ERROR_SZ]; fprintf(stderr, "accept error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buff)); /*err_sys("SSL_accept failed");*/ } else { #ifdef WOLFSSL_ASYNC_CRYPT err = 0; /* Reset error */ #endif do { #ifdef WOLFSSL_ASYNC_CRYPT if (err == WC_PENDING_E) { ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW); if (ret < 0) { break; } else if (ret == 0) { continue; } } #endif idx = wolfSSL_read(ssl, input, sizeof(input)-1); err = wolfSSL_get_error(ssl, idx); } while (err == WC_PENDING_E); if (idx > 0) { input[idx] = 0; fprintf(stderr, "Client message: %s\n", input); } #ifdef WOLFSSL_ASYNC_CRYPT err = 0; /* Reset error */ #endif do { #ifdef WOLFSSL_ASYNC_CRYPT if (err == WC_PENDING_E) { ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW); if (ret < 0) { break; } else if (ret == 0) { continue; } } #endif ret = wolfSSL_write(ssl, msg, len); err = wolfSSL_get_error(ssl, ret); } while (err == WC_PENDING_E); if (len != ret) { goto cleanup; } #if defined(WOLFSSL_SESSION_EXPORT) && !defined(HAVE_IO_POOL) && \ defined(WOLFSSL_DTLS) if (wolfSSL_dtls(ssl)) { byte* import; word32 sz; wolfSSL_dtls_export(ssl, NULL, &sz); import = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_TMP_BUFFER); if (import == NULL) { goto cleanup; } idx = wolfSSL_dtls_export(ssl, import, &sz); if (idx < 0) { goto cleanup; } if (wolfSSL_dtls_import(ssl, import, idx) < 0) { goto cleanup; } XFREE(import, NULL, DYNAMIC_TYPE_TMP_BUFFER); } #endif #ifdef WOLFSSL_TIRTOS Task_yield(); #endif ((func_args*)args)->return_code = TEST_SUCCESS; } if (callbacks->on_result) callbacks->on_result(ssl); wolfSSL_shutdown(ssl); cleanup: wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); CloseSocket(cfd); #ifdef WOLFSSL_TIRTOS fdCloseSession(Task_self()); #endif #if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \ && defined(HAVE_THREAD_LS) wc_ecc_fp_free(); /* free per thread cache */ #endif WOLFSSL_RETURN_FROM_THREAD(0); } /* TLS Client for API unit testing - generic */ static void run_wolfssl_client(void* args) { callback_functions* callbacks = ((func_args*)args)->callbacks; WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; SOCKET_T sfd = 0; char msg[] = "hello wolfssl server!"; int len = (int) XSTRLEN(msg); char input[1024]; int ret, err = 0; ((func_args*)args)->return_code = TEST_FAIL; /* set defaults */ if (callbacks->caPemFile == NULL) callbacks->caPemFile = caCertFile; if (callbacks->certPemFile == NULL) callbacks->certPemFile = cliCertFile; if (callbacks->keyPemFile == NULL) callbacks->keyPemFile = cliKeyFile; #ifdef WOLFSSL_STATIC_MEMORY if (callbacks->method_ex != NULL && callbacks->mem != NULL && callbacks->memSz > 0) { ret = wolfSSL_CTX_load_static_memory(&ctx, callbacks->method_ex, callbacks->mem, callbacks->memSz, 0, 1); if (ret != WOLFSSL_SUCCESS) { fprintf(stderr, "CTX static new failed %d\n", ret); goto cleanup; } } #else ctx = wolfSSL_CTX_new(callbacks->method()); #endif if (ctx == NULL) { fprintf(stderr, "CTX new failed\n"); goto cleanup; } #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif if (!callbacks->loadToSSL) { wolfSSL_CTX_SetDevId(ctx, callbacks->devId); } #ifdef WOLFSSL_ENCRYPTED_KEYS wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); #endif if (wolfSSL_CTX_load_verify_locations(ctx, callbacks->caPemFile, 0) != WOLFSSL_SUCCESS) { goto cleanup; } if (!callbacks->loadToSSL) { if (wolfSSL_CTX_use_certificate_file(ctx, callbacks->certPemFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { goto cleanup; } if (wolfSSL_CTX_use_PrivateKey_file(ctx, callbacks->keyPemFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { goto cleanup; } } #ifdef HAVE_CRL if (callbacks->crlPemFile != NULL) { if (wolfSSL_CTX_LoadCRLFile(ctx, callbacks->crlPemFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { goto cleanup; } } #endif if (callbacks->ctx_ready) callbacks->ctx_ready(ctx); ssl = wolfSSL_new(ctx); if (wolfSSL_dtls(ssl)) { tcp_connect(&sfd, wolfSSLIP, ((func_args*)args)->signal->port, 1, 0, ssl); } else { tcp_connect(&sfd, wolfSSLIP, ((func_args*)args)->signal->port, 0, 0, ssl); } if (wolfSSL_set_fd(ssl, sfd) != WOLFSSL_SUCCESS) { goto cleanup; } if (callbacks->loadToSSL) { wolfSSL_SetDevId(ssl, callbacks->devId); if (wolfSSL_use_certificate_file(ssl, callbacks->certPemFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { goto cleanup; } if (wolfSSL_use_PrivateKey_file(ssl, callbacks->keyPemFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { goto cleanup; } } if (callbacks->ssl_ready) callbacks->ssl_ready(ssl); #ifdef WOLFSSL_ASYNC_CRYPT err = 0; /* Reset error */ #endif do { #ifdef WOLFSSL_ASYNC_CRYPT if (err == WC_PENDING_E) { ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW); if (ret < 0) { break; } else if (ret == 0) { continue; } } #endif ret = wolfSSL_connect(ssl); err = wolfSSL_get_error(ssl, ret); } while (err == WC_PENDING_E); if (ret != WOLFSSL_SUCCESS) { char buff[WOLFSSL_MAX_ERROR_SZ]; fprintf(stderr, "error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buff)); /*err_sys("SSL_connect failed");*/ } else { #ifdef WOLFSSL_ASYNC_CRYPT err = 0; /* Reset error */ #endif do { #ifdef WOLFSSL_ASYNC_CRYPT if (err == WC_PENDING_E) { ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW); if (ret < 0) { break; } else if (ret == 0) { continue; } } #endif ret = wolfSSL_write(ssl, msg, len); err = wolfSSL_get_error(ssl, ret); } while (err == WC_PENDING_E); if (len != ret) goto cleanup; #ifdef WOLFSSL_ASYNC_CRYPT err = 0; /* Reset error */ #endif do { #ifdef WOLFSSL_ASYNC_CRYPT if (err == WC_PENDING_E) { ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW); if (ret < 0) { break; } else if (ret == 0) { continue; } } #endif ret = wolfSSL_read(ssl, input, sizeof(input)-1); err = wolfSSL_get_error(ssl, ret); } while (err == WC_PENDING_E); if (ret > 0) { input[ret] = '\0'; /* null term */ fprintf(stderr, "Server response: %s\n", input); } ((func_args*)args)->return_code = TEST_SUCCESS; } if (callbacks->on_result) callbacks->on_result(ssl); cleanup: wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); CloseSocket(sfd); #ifdef WOLFSSL_TIRTOS fdCloseSession(Task_self()); #endif } #endif /* ENABLE_TLS_CALLBACK_TEST */ static int test_wolfSSL_read_write(void) { /* The unit testing for read and write shall happen simultaneously, since * one can't do anything with one without the other. (Except for a failure * test case.) This function will call all the others that will set up, * execute, and report their test findings. * * Set up the success case first. This function will become the template * for the other tests. This should eventually be renamed * * The success case isn't interesting, how can this fail? * - Do not give the client context a CA certificate. The connect should * fail. Do not need server for this? * - Using NULL for the ssl object on server. Do not need client for this. * - Using NULL for the ssl object on client. Do not need server for this. * - Good ssl objects for client and server. Client write() without server * read(). * - Good ssl objects for client and server. Server write() without client * read(). * - Forgetting the password callback? */ tcp_ready ready; func_args client_args; func_args server_args; THREAD_TYPE serverThread; EXPECT_DECLS; XMEMSET(&client_args, 0, sizeof(func_args)); XMEMSET(&server_args, 0, sizeof(func_args)); #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif StartTCP(); InitTcpReady(&ready); #if defined(USE_WINDOWS_API) /* use RNG to get random port if using windows */ ready.port = GetRandomPort(); #endif server_args.signal = &ready; client_args.signal = &ready; start_thread(test_server_nofail, &server_args, &serverThread); wait_tcp_ready(&server_args); test_client_nofail(&client_args, NULL); join_thread(serverThread); ExpectTrue(client_args.return_code); ExpectTrue(server_args.return_code); FreeTcpReady(&ready); #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif return EXPECT_RESULT(); } static int test_wolfSSL_reuse_WOLFSSLobj(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_SESSION_CACHE) && \ !defined(WOLFSSL_NO_TLS12) /* The unit test for session resumption by re-using WOLFSSL object. * WOLFSSL object is not cleared after first session. It reuse the object * for second connection. */ tcp_ready ready; func_args client_args; func_args server_args; THREAD_TYPE serverThread; callback_functions client_cbf; callback_functions server_cbf; XMEMSET(&client_args, 0, sizeof(func_args)); XMEMSET(&server_args, 0, sizeof(func_args)); XMEMSET(&client_cbf, 0, sizeof(callback_functions)); XMEMSET(&server_cbf, 0, sizeof(callback_functions)); #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif StartTCP(); InitTcpReady(&ready); #if defined(USE_WINDOWS_API) /* use RNG to get random port if using windows */ ready.port = GetRandomPort(); #endif client_cbf.method = wolfTLSv1_2_client_method; server_cbf.method = wolfTLSv1_2_server_method; client_args.callbacks = &client_cbf; server_args.callbacks = &server_cbf; server_args.signal = &ready; client_args.signal = &ready; /* the var is used for loop number */ server_args.argc = 2; start_thread(test_server_loop, &server_args, &serverThread); wait_tcp_ready(&server_args); test_client_reuse_WOLFSSLobj(&client_args, NULL, &server_args); join_thread(serverThread); ExpectTrue(client_args.return_code); ExpectTrue(server_args.return_code); FreeTcpReady(&ready); #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif #endif /* defined(OPENSSL_EXTRA) && !defined(NO_SESSION_CACHE) && * !defined(WOLFSSL_TLS13) */ return EXPECT_RESULT(); } #if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_TIRTOS) && \ defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) static int test_wolfSSL_CTX_verifyDepth_ServerClient_1_ctx_ready( WOLFSSL_CTX* ctx) { wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myVerify); myVerifyAction = VERIFY_USE_PREVERFIY; wolfSSL_CTX_set_verify_depth(ctx, 2); return TEST_SUCCESS; } #endif static int test_wolfSSL_CTX_verifyDepth_ServerClient_1(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_TIRTOS) && \ defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) test_ssl_cbf client_cbf; test_ssl_cbf server_cbf; XMEMSET(&client_cbf, 0, sizeof(client_cbf)); XMEMSET(&server_cbf, 0, sizeof(server_cbf)); #ifdef WOLFSSL_TLS13 client_cbf.method = wolfTLSv1_3_client_method; #endif /* WOLFSSL_TLS13 */ client_cbf.ctx_ready = test_wolfSSL_CTX_verifyDepth_ServerClient_1_ctx_ready; /* test case 1 verify depth is equal to peer chain */ ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf, &server_cbf, NULL), TEST_SUCCESS); ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS); ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS); #endif /* OPENSSL_EXTRA && !WOLFSSL_TIRTOS && * HAVE_SSL_MEMIO_TESTS_DEPENDENCIES */ return EXPECT_RESULT(); } #if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_TIRTOS) && \ defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) static int test_wolfSSL_CTX_verifyDepth_ServerClient_2_ctx_ready( WOLFSSL_CTX* ctx) { wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myVerify); myVerifyAction = VERIFY_OVERRIDE_ERROR; wolfSSL_CTX_set_verify_depth(ctx, 0); return TEST_SUCCESS; } #endif static int test_wolfSSL_CTX_verifyDepth_ServerClient_2(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_TIRTOS) && \ defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) test_ssl_cbf client_cbf; test_ssl_cbf server_cbf; XMEMSET(&client_cbf, 0, sizeof(client_cbf)); XMEMSET(&server_cbf, 0, sizeof(server_cbf)); #ifdef WOLFSSL_TLS13 client_cbf.method = wolfTLSv1_3_client_method; #endif /* WOLFSSL_TLS13 */ client_cbf.ctx_ready = test_wolfSSL_CTX_verifyDepth_ServerClient_2_ctx_ready; /* test case 2 * verify depth is zero, number of peer's chain is 2. * verify result becomes MAX_CHAIN_ERROR, but it is overridden in * callback. */ ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf, &server_cbf, NULL), TEST_SUCCESS); ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS); ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS); #endif /* OPENSSL_EXTRA && !WOLFSSL_TIRTOS && * HAVE_SSL_MEMIO_TESTS_DEPENDENCIES */ return EXPECT_RESULT(); } #if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_TIRTOS) && \ defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) static int test_wolfSSL_CTX_verifyDepth_ServerClient_3_ctx_ready( WOLFSSL_CTX* ctx) { wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myVerify); myVerifyAction = VERIFY_USE_PREVERFIY; wolfSSL_CTX_set_verify_depth(ctx, 0); return TEST_SUCCESS; } #endif static int test_wolfSSL_CTX_verifyDepth_ServerClient_3(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_TIRTOS) && \ defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) test_ssl_cbf client_cbf; test_ssl_cbf server_cbf; XMEMSET(&client_cbf, 0, sizeof(client_cbf)); XMEMSET(&server_cbf, 0, sizeof(server_cbf)); #ifdef WOLFSSL_TLS13 client_cbf.method = wolfTLSv1_3_client_method; #endif /* WOLFSSL_TLS13 */ client_cbf.ctx_ready = test_wolfSSL_CTX_verifyDepth_ServerClient_3_ctx_ready; /* test case 3 * verify depth is zero, number of peer's chain is 2 * verify result becomes MAX_CHAIN_ERRO. call-back returns failure. * therefore, handshake becomes failure. */ ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf, &server_cbf, NULL), TEST_FAIL); ExpectIntEQ(client_cbf.return_code, TEST_FAIL); ExpectIntEQ(server_cbf.return_code, TEST_FAIL); ExpectIntEQ(client_cbf.last_err, MAX_CHAIN_ERROR); ExpectIntEQ(server_cbf.last_err, FATAL_ERROR); #endif /* OPENSSL_EXTRA && !WOLFSSL_TIRTOS && * HAVE_SSL_MEMIO_TESTS_DEPENDENCIES */ return EXPECT_RESULT(); } #if defined(OPENSSL_ALL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \ !defined(WOLFSSL_TIRTOS) && !defined(NO_AES) && !defined(WOLFSSL_NO_TLS12) \ && !defined(NO_SHA256) && defined(HAVE_ECC) static int test_wolfSSL_CTX_set_cipher_list_server_ctx_ready(WOLFSSL_CTX* ctx) { EXPECT_DECLS; ExpectTrue(wolfSSL_CTX_set_cipher_list(ctx, "DEFAULT:!NULL")); return EXPECT_RESULT(); } static int test_wolfSSL_CTX_set_cipher_list_client_ctx_ready(WOLFSSL_CTX* ctx) { EXPECT_DECLS; ExpectTrue(wolfSSL_CTX_set_cipher_list(ctx, "ECDHE-RSA-AES128-SHA256")); return EXPECT_RESULT(); } #endif static int test_wolfSSL_CTX_set_cipher_list(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \ !defined(WOLFSSL_TIRTOS) && !defined(NO_AES) && !defined(WOLFSSL_NO_TLS12) \ && !defined(NO_SHA256) && defined(HAVE_ECC) WOLFSSL_CTX* ctxClient = NULL; WOLFSSL* sslClient = NULL; test_ssl_cbf client_cbf; test_ssl_cbf server_cbf; XMEMSET(&client_cbf, 0, sizeof(client_cbf)); XMEMSET(&server_cbf, 0, sizeof(server_cbf)); server_cbf.method = wolfTLSv1_2_server_method; server_cbf.ctx_ready = test_wolfSSL_CTX_set_cipher_list_server_ctx_ready; client_cbf.method = wolfTLSv1_2_client_method; client_cbf.ctx_ready = test_wolfSSL_CTX_set_cipher_list_client_ctx_ready; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf, &server_cbf, NULL), TEST_SUCCESS); ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS); ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS); /* check with cipher string that has '+' */ ExpectNotNull((ctxClient = wolfSSL_CTX_new(wolfTLSv1_2_client_method()))); ExpectTrue(wolfSSL_CTX_set_cipher_list(ctxClient, "ECDHE+AESGCM")); ExpectNotNull((sslClient = wolfSSL_new(ctxClient))); /* check for the existence of an ECDHE ECDSA cipher suite */ if (EXPECT_SUCCESS()) { int i = 0; int found = 0; const char* suite; WOLF_STACK_OF(WOLFSSL_CIPHER)* sk = NULL; WOLFSSL_CIPHER* current; ExpectNotNull((sk = wolfSSL_get_ciphers_compat(sslClient))); do { current = wolfSSL_sk_SSL_CIPHER_value(sk, i++); if (current) { suite = wolfSSL_CIPHER_get_name(current); if (suite && XSTRSTR(suite, "ECDSA")) { found = 1; break; } } } while (current); ExpectIntEQ(found, 1); } wolfSSL_free(sslClient); wolfSSL_CTX_free(ctxClient); #endif return EXPECT_RESULT(); } #if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \ defined(WOLFSSL_HAVE_TLS_UNIQUE) static int test_wolfSSL_get_finished_client_on_handshake(WOLFSSL_CTX* ctx, WOLFSSL* ssl) { EXPECT_DECLS; size_t msg_len; (void)ctx; /* get_finished test */ /* 1. get own sent message */ XMEMSET(client_side_msg1, 0, MD_MAX_SIZE); msg_len = wolfSSL_get_finished(ssl, client_side_msg1, MD_MAX_SIZE); ExpectIntGE(msg_len, 0); /* 2. get peer message */ XMEMSET(client_side_msg2, 0, MD_MAX_SIZE); msg_len = wolfSSL_get_peer_finished(ssl, client_side_msg2, MD_MAX_SIZE); ExpectIntGE(msg_len, 0); return EXPECT_RESULT(); } #endif static int test_wolfSSL_get_finished(void) { EXPECT_DECLS; #if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \ defined(WOLFSSL_HAVE_TLS_UNIQUE) test_ssl_cbf client_cbf; test_ssl_cbf server_cbf; XMEMSET(&client_cbf, 0, sizeof(client_cbf)); XMEMSET(&server_cbf, 0, sizeof(server_cbf)); ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf, &server_cbf, test_wolfSSL_get_finished_client_on_handshake), TEST_SUCCESS); /* test received msg vs sent msg */ ExpectIntEQ(0, XMEMCMP(client_side_msg1, server_side_msg2, MD_MAX_SIZE)); ExpectIntEQ(0, XMEMCMP(client_side_msg2, server_side_msg1, MD_MAX_SIZE)); #endif /* HAVE_SSL_MEMIO_TESTS_DEPENDENCIES && WOLFSSL_HAVE_TLS_UNIQUE */ return EXPECT_RESULT(); } #if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \ !defined(SINGLE_THREADED) && defined(WOLFSSL_TLS13) && \ !defined(NO_SESSION_CACHE) /* Sessions to restore/store */ static WOLFSSL_SESSION* test_wolfSSL_CTX_add_session_client_sess; static WOLFSSL_SESSION* test_wolfSSL_CTX_add_session_server_sess; static WOLFSSL_CTX* test_wolfSSL_CTX_add_session_server_ctx; static void test_wolfSSL_CTX_add_session_ctx_ready(WOLFSSL_CTX* ctx) { /* Don't store sessions. Lookup is still enabled. */ AssertIntEQ(wolfSSL_CTX_set_session_cache_mode(ctx, WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE), WOLFSSL_SUCCESS); #ifdef OPENSSL_EXTRA AssertIntEQ(wolfSSL_CTX_get_session_cache_mode(ctx) & WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE, WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE); #endif /* Require both peers to provide certs */ wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL); } static void test_wolfSSL_CTX_add_session_on_result(WOLFSSL* ssl) { WOLFSSL_SESSION** sess; if (wolfSSL_is_server(ssl)) sess = &test_wolfSSL_CTX_add_session_server_sess; else sess = &test_wolfSSL_CTX_add_session_client_sess; if (*sess == NULL) { #ifdef NO_SESSION_CACHE_REF AssertNotNull(*sess = wolfSSL_get1_session(ssl)); #else /* Test for backwards compatibility */ if (wolfSSL_is_server(ssl)) { AssertNotNull(*sess = wolfSSL_get1_session(ssl)); } else { AssertNotNull(*sess = wolfSSL_get_session(ssl)); } #endif /* Now save the session in the internal store to make it available * for lookup. For TLS 1.3, we can't save the session without * WOLFSSL_TICKET_HAVE_ID because there is no way to retrieve the * session from cache. */ if (wolfSSL_is_server(ssl) #ifndef WOLFSSL_TICKET_HAVE_ID && wolfSSL_version(ssl) != TLS1_3_VERSION #endif ) AssertIntEQ(wolfSSL_CTX_add_session(wolfSSL_get_SSL_CTX(ssl), *sess), WOLFSSL_SUCCESS); } else { /* If we have a session retrieved then remaining connections should be * resuming on that session */ AssertIntEQ(wolfSSL_session_reused(ssl), 1); } /* Save CTX to be able to decrypt tickets */ if (wolfSSL_is_server(ssl) && test_wolfSSL_CTX_add_session_server_ctx == NULL) { AssertNotNull(test_wolfSSL_CTX_add_session_server_ctx = wolfSSL_get_SSL_CTX(ssl)); AssertIntEQ(wolfSSL_CTX_up_ref(wolfSSL_get_SSL_CTX(ssl)), WOLFSSL_SUCCESS); } #ifdef SESSION_CERTS #ifndef WOLFSSL_TICKET_HAVE_ID if (wolfSSL_version(ssl) != TLS1_3_VERSION && wolfSSL_session_reused(ssl)) #endif { /* With WOLFSSL_TICKET_HAVE_ID the peer certs should be available * for all connections. TLS 1.3 only has tickets so if we don't * include the session id in the ticket then the certificates * will not be available on resumption. */ WOLFSSL_X509* peer = wolfSSL_get_peer_certificate(ssl); AssertNotNull(peer); wolfSSL_X509_free(peer); AssertNotNull(wolfSSL_SESSION_get_peer_chain(*sess)); #ifdef OPENSSL_EXTRA AssertNotNull(SSL_SESSION_get0_peer(*sess)); #endif } #endif /* SESSION_CERTS */ } static void test_wolfSSL_CTX_add_session_ssl_ready(WOLFSSL* ssl) { /* Set the session to reuse for the client */ AssertIntEQ(wolfSSL_set_session(ssl, test_wolfSSL_CTX_add_session_client_sess), WOLFSSL_SUCCESS); } #endif static int test_wolfSSL_CTX_add_session(void) { EXPECT_DECLS; #if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \ !defined(SINGLE_THREADED) && defined(WOLFSSL_TLS13) && \ !defined(NO_SESSION_CACHE) tcp_ready ready; func_args client_args; func_args server_args; THREAD_TYPE serverThread; callback_functions client_cb; callback_functions server_cb; method_provider methods[][2] = { #if !defined(NO_OLD_TLS) && ((!defined(NO_AES) && !defined(NO_AES_CBC)) || \ !defined(NO_DES3)) /* Without AES there are almost no ciphersuites available. This leads * to no ciphersuites being available and an error. */ { wolfTLSv1_1_client_method, wolfTLSv1_1_server_method }, #endif #ifndef WOLFSSL_NO_TLS12 { wolfTLSv1_2_client_method, wolfTLSv1_2_server_method }, #endif /* Needs the default ticket callback since it is tied to the * connection context and this makes it easy to carry over the ticket * crypto context between connections */ #if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \ defined(HAVE_SESSION_TICKET) { wolfTLSv1_3_client_method, wolfTLSv1_3_server_method }, #endif }; const size_t methodsLen = sizeof(methods)/sizeof(*methods); size_t i, j; for (i = 0; i < methodsLen; i++) { /* First run creates a connection while the second+ run will attempt * to resume the connection. The trick is that the internal cache * is turned off. wolfSSL_CTX_add_session should put the session in * the cache anyway. */ test_wolfSSL_CTX_add_session_client_sess = NULL; test_wolfSSL_CTX_add_session_server_sess = NULL; test_wolfSSL_CTX_add_session_server_ctx = NULL; #ifdef NO_SESSION_CACHE_REF for (j = 0; j < 4; j++) { #else /* The session may be overwritten in this case. Do only one resumption * to stop this test from failing intermittently. */ for (j = 0; j < 2; j++) { #endif #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif StartTCP(); InitTcpReady(&ready); XMEMSET(&client_args, 0, sizeof(func_args)); XMEMSET(&server_args, 0, sizeof(func_args)); XMEMSET(&client_cb, 0, sizeof(callback_functions)); XMEMSET(&server_cb, 0, sizeof(callback_functions)); client_cb.method = methods[i][0]; server_cb.method = methods[i][1]; server_args.signal = &ready; server_args.callbacks = &server_cb; client_args.signal = &ready; client_args.callbacks = &client_cb; if (test_wolfSSL_CTX_add_session_server_ctx != NULL) { server_cb.ctx = test_wolfSSL_CTX_add_session_server_ctx; server_cb.isSharedCtx = 1; } server_cb.ctx_ready = test_wolfSSL_CTX_add_session_ctx_ready; client_cb.ctx_ready = test_wolfSSL_CTX_add_session_ctx_ready; if (j != 0) client_cb.ssl_ready = test_wolfSSL_CTX_add_session_ssl_ready; server_cb.on_result = test_wolfSSL_CTX_add_session_on_result; client_cb.on_result = test_wolfSSL_CTX_add_session_on_result; server_cb.ticNoInit = 1; /* Use default builtin */ start_thread(test_server_nofail, &server_args, &serverThread); wait_tcp_ready(&server_args); test_client_nofail(&client_args, NULL); join_thread(serverThread); ExpectTrue(client_args.return_code); ExpectTrue(server_args.return_code); FreeTcpReady(&ready); if (EXPECT_FAIL()) break; } wolfSSL_SESSION_free(test_wolfSSL_CTX_add_session_client_sess); wolfSSL_SESSION_free(test_wolfSSL_CTX_add_session_server_sess); wolfSSL_CTX_free(test_wolfSSL_CTX_add_session_server_ctx); if (EXPECT_FAIL()) break; } #endif return EXPECT_RESULT(); } #if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \ defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \ defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \ defined(HAVE_SESSION_TICKET) && \ !defined(TITAN_SESSION_CACHE) && \ !defined(HUGE_SESSION_CACHE) && \ !defined(BIG_SESSION_CACHE) && \ !defined(MEDIUM_SESSION_CACHE) /* twcase - prefix for test_wolfSSL_CTX_add_session_ext */ /* Sessions to restore/store */ static WOLFSSL_SESSION* twcase_server_first_session_ptr; static WOLFSSL_SESSION* twcase_client_first_session_ptr; static WOLFSSL_CTX* twcase_server_current_ctx_ptr; static int twcase_new_session_called = 0; static int twcase_remove_session_called = 0; static int twcase_get_session_called = 0; /* Test default, SESSIONS_PER_ROW*SESSION_ROWS = 3*11, see ssl.c */ #define SESSION_CACHE_SIZE 33 typedef struct { const byte* key; /* key, altSessionID, session ID, NULL if empty */ WOLFSSL_SESSION* value; } hashTable_entry; typedef struct { hashTable_entry entries[SESSION_CACHE_SIZE]; /* hash slots */ size_t capacity; /* size of entries */ size_t length; /* number of items in the hash table */ wolfSSL_Mutex htLock; /* lock */ }hashTable; static hashTable server_sessionCache; static int twcase_new_sessionCb(WOLFSSL *ssl, WOLFSSL_SESSION *sess) { int i; unsigned int len; (void)ssl; /* * This example uses a hash table. * Steps you should take for a non-demo code: * - acquire a lock for the file named according to the session id * - open the file * - encrypt and write the SSL_SESSION object to the file * - release the lock * * Return: * 0: The callback does not wish to hold a reference of the sess * 1: The callback wants to hold a reference of the sess. The callback is * now also responsible for calling wolfSSL_SESSION_free() on sess. */ if (sess == NULL) return 0; if (wc_LockMutex(&server_sessionCache.htLock) != 0) { return 0; } for (i = 0; i < SESSION_CACHE_SIZE; i++) { if (server_sessionCache.entries[i].value == NULL) { server_sessionCache.entries[i].key = SSL_SESSION_get_id(sess, &len); server_sessionCache.entries[i].value = sess; server_sessionCache.length++; break; } } ++twcase_new_session_called; wc_UnLockMutex(&server_sessionCache.htLock); fprintf(stderr, "\t\ttwcase_new_session_called %d\n", twcase_new_session_called); return 1; } static void twcase_remove_sessionCb(WOLFSSL_CTX *ctx, WOLFSSL_SESSION *sess) { int i; (void)ctx; (void)sess; if (sess == NULL) return; /* * This example uses a hash table. * Steps you should take for a non-demo code: * - acquire a lock for the file named according to the session id * - remove the file * - release the lock */ if (wc_LockMutex(&server_sessionCache.htLock) != 0) { return; } for (i = 0; i < SESSION_CACHE_SIZE; i++) { if (server_sessionCache.entries[i].key != NULL && XMEMCMP(server_sessionCache.entries[i].key, sess->sessionID, SSL_MAX_SSL_SESSION_ID_LENGTH) == 0) { wolfSSL_SESSION_free(server_sessionCache.entries[i].value); server_sessionCache.entries[i].value = NULL; server_sessionCache.entries[i].key = NULL; server_sessionCache.length--; break; } } ++twcase_remove_session_called; wc_UnLockMutex(&server_sessionCache.htLock); fprintf(stderr, "\t\ttwcase_remove_session_called %d\n", twcase_remove_session_called); } static WOLFSSL_SESSION *twcase_get_sessionCb(WOLFSSL *ssl, const unsigned char *id, int len, int *ref) { int i; (void)ssl; (void)id; (void)len; /* * This example uses a hash table. * Steps you should take for a non-demo code: * - acquire a lock for the file named according to the session id in the * 2nd arg * - read and decrypt contents of file and create a new SSL_SESSION * - object release the lock * - return the new session object */ fprintf(stderr, "\t\ttwcase_get_session_called %d\n", ++twcase_get_session_called); /* This callback want to retain a copy of the object. If we want wolfSSL to * be responsible for the pointer then set to 0. */ *ref = 1; for (i = 0; i < SESSION_CACHE_SIZE; i++) { if (server_sessionCache.entries[i].key != NULL && XMEMCMP(server_sessionCache.entries[i].key, id, SSL_MAX_SSL_SESSION_ID_LENGTH) == 0) { return server_sessionCache.entries[i].value; } } return NULL; } static int twcase_get_sessionCb_cleanup(void) { int i; int cnt = 0; /* If twcase_get_sessionCb sets *ref = 1, the application is responsible * for freeing sessions */ for (i = 0; i < SESSION_CACHE_SIZE; i++) { if (server_sessionCache.entries[i].value != NULL) { wolfSSL_SESSION_free(server_sessionCache.entries[i].value); cnt++; } } fprintf(stderr, "\t\ttwcase_get_sessionCb_cleanup freed %d sessions\n", cnt); return TEST_SUCCESS; } static int twcase_cache_intOff_extOff(WOLFSSL_CTX* ctx) { EXPECT_DECLS; /* off - Disable internal cache */ ExpectIntEQ(wolfSSL_CTX_set_session_cache_mode(ctx, WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE), WOLFSSL_SUCCESS); #ifdef OPENSSL_EXTRA ExpectIntEQ(wolfSSL_CTX_get_session_cache_mode(ctx) & WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE, WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE); #endif /* off - Do not setup external cache */ /* Require both peers to provide certs */ wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL); return EXPECT_RESULT(); } static int twcase_cache_intOn_extOff(WOLFSSL_CTX* ctx) { /* on - internal cache is on by default */ /* off - Do not setup external cache */ /* Require both peers to provide certs */ wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL); return TEST_SUCCESS; } static int twcase_cache_intOff_extOn(WOLFSSL_CTX* ctx) { EXPECT_DECLS; /* off - Disable internal cache */ ExpectIntEQ(wolfSSL_CTX_set_session_cache_mode(ctx, WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE), WOLFSSL_SUCCESS); #ifdef OPENSSL_EXTRA ExpectIntEQ(wolfSSL_CTX_get_session_cache_mode(ctx) & WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE, WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE); #endif /* on - Enable external cache */ wolfSSL_CTX_sess_set_new_cb(ctx, twcase_new_sessionCb); wolfSSL_CTX_sess_set_remove_cb(ctx, twcase_remove_sessionCb); wolfSSL_CTX_sess_set_get_cb(ctx, twcase_get_sessionCb); /* Require both peers to provide certs */ wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL); return EXPECT_RESULT(); } static int twcase_cache_intOn_extOn(WOLFSSL_CTX* ctx) { /* on - internal cache is on by default */ /* on - Enable external cache */ wolfSSL_CTX_sess_set_new_cb(ctx, twcase_new_sessionCb); wolfSSL_CTX_sess_set_remove_cb(ctx, twcase_remove_sessionCb); wolfSSL_CTX_sess_set_get_cb(ctx, twcase_get_sessionCb); /* Require both peers to provide certs */ wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL); return TEST_SUCCESS; } static int twcase_cache_intOn_extOn_noTicket(WOLFSSL_CTX* ctx) { /* on - internal cache is on by default */ /* on - Enable external cache */ wolfSSL_CTX_sess_set_new_cb(ctx, twcase_new_sessionCb); wolfSSL_CTX_sess_set_remove_cb(ctx, twcase_remove_sessionCb); wolfSSL_CTX_sess_set_get_cb(ctx, twcase_get_sessionCb); wolfSSL_CTX_set_options(ctx, WOLFSSL_OP_NO_TICKET); /* Require both peers to provide certs */ wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL); return TEST_SUCCESS; } static int twcase_server_sess_ctx_pre_shutdown(WOLFSSL* ssl) { EXPECT_DECLS; WOLFSSL_SESSION** sess; if (wolfSSL_is_server(ssl)) sess = &twcase_server_first_session_ptr; else return TEST_SUCCESS; if (*sess == NULL) { ExpectNotNull(*sess = wolfSSL_get1_session(ssl)); /* Now save the session in the internal store to make it available * for lookup. For TLS 1.3, we can't save the session without * WOLFSSL_TICKET_HAVE_ID because there is no way to retrieve the * session from cache. */ if (wolfSSL_is_server(ssl) #ifndef WOLFSSL_TICKET_HAVE_ID && wolfSSL_version(ssl) != TLS1_3_VERSION && wolfSSL_version(ssl) != DTLS1_3_VERSION #endif ) { ExpectIntEQ(wolfSSL_CTX_add_session(wolfSSL_get_SSL_CTX(ssl), *sess), WOLFSSL_SUCCESS); } } /* Save CTX to be able to decrypt tickets */ if (twcase_server_current_ctx_ptr == NULL) { ExpectNotNull(twcase_server_current_ctx_ptr = wolfSSL_get_SSL_CTX(ssl)); ExpectIntEQ(wolfSSL_CTX_up_ref(wolfSSL_get_SSL_CTX(ssl)), WOLFSSL_SUCCESS); } #ifdef SESSION_CERTS #ifndef WOLFSSL_TICKET_HAVE_ID if (wolfSSL_version(ssl) != TLS1_3_VERSION && wolfSSL_session_reused(ssl)) #endif { /* With WOLFSSL_TICKET_HAVE_ID the peer certs should be available * for all connections. TLS 1.3 only has tickets so if we don't * include the session id in the ticket then the certificates * will not be available on resumption. */ WOLFSSL_X509* peer = NULL; ExpectNotNull(peer = wolfSSL_get_peer_certificate(ssl)); wolfSSL_X509_free(peer); ExpectNotNull(wolfSSL_SESSION_get_peer_chain(*sess)); } #endif return EXPECT_RESULT(); } static int twcase_client_sess_ctx_pre_shutdown(WOLFSSL* ssl) { EXPECT_DECLS; WOLFSSL_SESSION** sess; sess = &twcase_client_first_session_ptr; if (*sess == NULL) { ExpectNotNull(*sess = wolfSSL_get1_session(ssl)); } else { /* If we have a session retrieved then remaining connections should be * resuming on that session */ ExpectIntEQ(wolfSSL_session_reused(ssl), 1); } #ifdef SESSION_CERTS #ifndef WOLFSSL_TICKET_HAVE_ID if (wolfSSL_version(ssl) != TLS1_3_VERSION && wolfSSL_session_reused(ssl)) #endif { WOLFSSL_X509* peer = wolfSSL_get_peer_certificate(ssl); ExpectNotNull(peer); wolfSSL_X509_free(peer); ExpectNotNull(wolfSSL_SESSION_get_peer_chain(*sess)); #ifdef OPENSSL_EXTRA ExpectNotNull(wolfSSL_SESSION_get0_peer(*sess)); #endif } #endif return EXPECT_RESULT(); } static int twcase_client_set_sess_ssl_ready(WOLFSSL* ssl) { EXPECT_DECLS; /* Set the session to reuse for the client */ ExpectNotNull(ssl); ExpectNotNull(twcase_client_first_session_ptr); ExpectIntEQ(wolfSSL_set_session(ssl,twcase_client_first_session_ptr), WOLFSSL_SUCCESS); return EXPECT_RESULT(); } struct test_add_session_ext_params { method_provider client_meth; method_provider server_meth; const char* tls_version; }; static int test_wolfSSL_CTX_add_session_ext( struct test_add_session_ext_params* param) { EXPECT_DECLS; /* Test the default 33 sessions */ int j; /* Clear cache before starting */ wolfSSL_CTX_flush_sessions(NULL, -1); XMEMSET(&server_sessionCache, 0, sizeof(hashTable)); if (wc_InitMutex(&server_sessionCache.htLock) != 0) return BAD_MUTEX_E; server_sessionCache.capacity = SESSION_CACHE_SIZE; fprintf(stderr, "\tBegin %s\n", param->tls_version); for (j = 0; j < 5; j++) { int tls13 = XSTRSTR(param->tls_version, "TLSv1_3") != NULL; int dtls = XSTRSTR(param->tls_version, "DTLS") != NULL; test_ssl_cbf client_cb; test_ssl_cbf server_cb; (void)dtls; /* Test five cache configurations */ twcase_client_first_session_ptr = NULL; twcase_server_first_session_ptr = NULL; twcase_server_current_ctx_ptr = NULL; twcase_new_session_called = 0; twcase_remove_session_called = 0; twcase_get_session_called = 0; /* connection 1 - first connection */ fprintf(stderr, "\tconnect: %s: j=%d\n", param->tls_version, j); XMEMSET(&client_cb, 0, sizeof(client_cb)); XMEMSET(&server_cb, 0, sizeof(server_cb)); client_cb.method = param->client_meth; server_cb.method = param->server_meth; if (dtls) client_cb.doUdp = server_cb.doUdp = 1; /* Setup internal and external cache */ switch (j) { case 0: /* SSL_OP_NO_TICKET stateful ticket case */ server_cb.ctx_ready = twcase_cache_intOn_extOn_noTicket; break; case 1: server_cb.ctx_ready = twcase_cache_intOn_extOn; break; case 2: server_cb.ctx_ready = twcase_cache_intOff_extOn; break; case 3: server_cb.ctx_ready = twcase_cache_intOn_extOff; break; case 4: server_cb.ctx_ready = twcase_cache_intOff_extOff; break; } client_cb.ctx_ready = twcase_cache_intOff_extOff; /* Add session to internal cache and save SSL session for testing */ server_cb.on_result = twcase_server_sess_ctx_pre_shutdown; /* Save client SSL session for testing */ client_cb.on_result = twcase_client_sess_ctx_pre_shutdown; server_cb.ticNoInit = 1; /* Use default builtin */ /* Don't free/release ctx */ server_cb.ctx = twcase_server_current_ctx_ptr; server_cb.isSharedCtx = 1; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cb, &server_cb, NULL), TEST_SUCCESS); ExpectIntEQ(twcase_get_session_called, 0); if (EXPECT_FAIL()) { wolfSSL_SESSION_free(twcase_client_first_session_ptr); wolfSSL_SESSION_free(twcase_server_first_session_ptr); wolfSSL_CTX_free(twcase_server_current_ctx_ptr); break; } switch (j) { case 0: case 1: case 2: /* cache cannot be searched with out a connection */ /* Add a new session */ ExpectIntEQ(twcase_new_session_called, 1); /* In twcase_server_sess_ctx_pre_shutdown * wolfSSL_CTX_add_session which evicts the existing session * in cache and adds it back in */ ExpectIntLE(twcase_remove_session_called, 1); break; case 3: case 4: /* no external cache */ ExpectIntEQ(twcase_new_session_called, 0); ExpectIntEQ(twcase_remove_session_called, 0); break; } /* connection 2 - session resume */ fprintf(stderr, "\tresume: %s: j=%d\n", param->tls_version, j); twcase_new_session_called = 0; twcase_remove_session_called = 0; twcase_get_session_called = 0; server_cb.on_result = 0; client_cb.on_result = 0; server_cb.ticNoInit = 1; /* Use default builtin */ server_cb.ctx = twcase_server_current_ctx_ptr; /* try session resumption */ client_cb.ssl_ready = twcase_client_set_sess_ssl_ready; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cb, &server_cb, NULL), TEST_SUCCESS); /* Clear cache before checking */ wolfSSL_CTX_flush_sessions(NULL, -1); switch (j) { case 0: if (tls13) { /* (D)TLSv1.3 stateful case */ /* cache hit */ /* DTLS accesses cache once for stateless parsing and * once for stateful parsing */ ExpectIntEQ(twcase_get_session_called, !dtls ? 1 : 2); /* (D)TLSv1.3 creates a new ticket, * updates both internal and external cache */ ExpectIntEQ(twcase_new_session_called, 1); /* A new session ID is created for a new ticket */ ExpectIntEQ(twcase_remove_session_called, 2); } else { /* non (D)TLSv1.3 case, no update */ /* DTLS accesses cache once for stateless parsing and * once for stateful parsing */ #ifdef WOLFSSL_DTLS_NO_HVR_ON_RESUME ExpectIntEQ(twcase_get_session_called, !dtls ? 1 : 2); #else ExpectIntEQ(twcase_get_session_called, 1); #endif ExpectIntEQ(twcase_new_session_called, 0); /* Called on session added in * twcase_server_sess_ctx_pre_shutdown */ ExpectIntEQ(twcase_remove_session_called, 1); } break; case 1: if (tls13) { /* (D)TLSv1.3 case */ /* cache hit */ ExpectIntEQ(twcase_get_session_called, 1); /* (D)TLSv1.3 creates a new ticket, * updates both internal and external cache */ ExpectIntEQ(twcase_new_session_called, 1); /* Called on session added in * twcase_server_sess_ctx_pre_shutdown and by wolfSSL */ ExpectIntEQ(twcase_remove_session_called, 1); } else { /* non (D)TLSv1.3 case */ /* cache hit */ /* DTLS accesses cache once for stateless parsing and * once for stateful parsing */ #ifdef WOLFSSL_DTLS_NO_HVR_ON_RESUME ExpectIntEQ(twcase_get_session_called, !dtls ? 1 : 2); #else ExpectIntEQ(twcase_get_session_called, 1); #endif ExpectIntEQ(twcase_new_session_called, 0); /* Called on session added in * twcase_server_sess_ctx_pre_shutdown */ ExpectIntEQ(twcase_remove_session_called, 1); } break; case 2: if (tls13) { /* (D)TLSv1.3 case */ /* cache hit */ ExpectIntEQ(twcase_get_session_called, 1); /* (D)TLSv1.3 creates a new ticket, * updates both internal and external cache */ ExpectIntEQ(twcase_new_session_called, 1); /* Called on session added in * twcase_server_sess_ctx_pre_shutdown and by wolfSSL */ ExpectIntEQ(twcase_remove_session_called, 1); } else { /* non (D)TLSv1.3 case */ /* cache hit */ /* DTLS accesses cache once for stateless parsing and * once for stateful parsing */ #ifdef WOLFSSL_DTLS_NO_HVR_ON_RESUME ExpectIntEQ(twcase_get_session_called, !dtls ? 1 : 2); #else ExpectIntEQ(twcase_get_session_called, 1); #endif ExpectIntEQ(twcase_new_session_called, 0); /* Called on session added in * twcase_server_sess_ctx_pre_shutdown */ ExpectIntEQ(twcase_remove_session_called, 1); } break; case 3: case 4: /* no external cache */ ExpectIntEQ(twcase_get_session_called, 0); ExpectIntEQ(twcase_new_session_called, 0); ExpectIntEQ(twcase_remove_session_called, 0); break; } wolfSSL_SESSION_free(twcase_client_first_session_ptr); wolfSSL_SESSION_free(twcase_server_first_session_ptr); wolfSSL_CTX_free(twcase_server_current_ctx_ptr); if (EXPECT_FAIL()) break; } twcase_get_sessionCb_cleanup(); XMEMSET(&server_sessionCache.entries, 0, sizeof(server_sessionCache.entries)); fprintf(stderr, "\tEnd %s\n", param->tls_version); wc_FreeMutex(&server_sessionCache.htLock); return EXPECT_RESULT(); } #endif static int test_wolfSSL_CTX_add_session_ext_tls13(void) { EXPECT_DECLS; #if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \ defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \ defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \ defined(HAVE_SESSION_TICKET) && \ !defined(TITAN_SESSION_CACHE) && \ !defined(HUGE_SESSION_CACHE) && \ !defined(BIG_SESSION_CACHE) && \ !defined(MEDIUM_SESSION_CACHE) #if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \ defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TICKET_HAVE_ID) struct test_add_session_ext_params param[1] = { { wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, "TLSv1_3" } }; ExpectIntEQ(test_wolfSSL_CTX_add_session_ext(param), TEST_SUCCESS); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_CTX_add_session_ext_dtls13(void) { EXPECT_DECLS; #if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \ defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \ defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \ defined(HAVE_SESSION_TICKET) && \ !defined(TITAN_SESSION_CACHE) && \ !defined(HUGE_SESSION_CACHE) && \ !defined(BIG_SESSION_CACHE) && \ !defined(MEDIUM_SESSION_CACHE) #if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \ defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TICKET_HAVE_ID) #ifdef WOLFSSL_DTLS13 struct test_add_session_ext_params param[1] = { { wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method, "DTLSv1_3" } }; ExpectIntEQ(test_wolfSSL_CTX_add_session_ext(param), TEST_SUCCESS); #endif #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_CTX_add_session_ext_tls12(void) { EXPECT_DECLS; #if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \ defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \ defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \ defined(HAVE_SESSION_TICKET) && \ !defined(TITAN_SESSION_CACHE) && \ !defined(HUGE_SESSION_CACHE) && \ !defined(BIG_SESSION_CACHE) && \ !defined(MEDIUM_SESSION_CACHE) #ifndef WOLFSSL_NO_TLS12 struct test_add_session_ext_params param[1] = { { wolfTLSv1_2_client_method, wolfTLSv1_2_server_method, "TLSv1_2" } }; ExpectIntEQ(test_wolfSSL_CTX_add_session_ext(param), TEST_SUCCESS); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_CTX_add_session_ext_dtls12(void) { EXPECT_DECLS; #if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \ defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \ defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \ defined(HAVE_SESSION_TICKET) && \ !defined(TITAN_SESSION_CACHE) && \ !defined(HUGE_SESSION_CACHE) && \ !defined(BIG_SESSION_CACHE) && \ !defined(MEDIUM_SESSION_CACHE) #ifndef WOLFSSL_NO_TLS12 #ifdef WOLFSSL_DTLS struct test_add_session_ext_params param[1] = { { wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method, "DTLSv1_2" } }; ExpectIntEQ(test_wolfSSL_CTX_add_session_ext(param), TEST_SUCCESS); #endif #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_CTX_add_session_ext_tls11(void) { EXPECT_DECLS; #if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \ defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \ defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \ defined(HAVE_SESSION_TICKET) && \ !defined(TITAN_SESSION_CACHE) && \ !defined(HUGE_SESSION_CACHE) && \ !defined(BIG_SESSION_CACHE) && \ !defined(MEDIUM_SESSION_CACHE) #if !defined(NO_OLD_TLS) && ((!defined(NO_AES) && !defined(NO_AES_CBC)) || \ !defined(NO_DES3)) struct test_add_session_ext_params param[1] = { { wolfTLSv1_1_client_method, wolfTLSv1_1_server_method, "TLSv1_1" } }; ExpectIntEQ(test_wolfSSL_CTX_add_session_ext(param), TEST_SUCCESS); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_CTX_add_session_ext_dtls1(void) { EXPECT_DECLS; #if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \ defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \ defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \ defined(HAVE_SESSION_TICKET) && \ !defined(TITAN_SESSION_CACHE) && \ !defined(HUGE_SESSION_CACHE) && \ !defined(BIG_SESSION_CACHE) && \ !defined(MEDIUM_SESSION_CACHE) #if !defined(NO_OLD_TLS) && ((!defined(NO_AES) && !defined(NO_AES_CBC)) || \ !defined(NO_DES3)) #ifdef WOLFSSL_DTLS struct test_add_session_ext_params param[1] = { { wolfDTLSv1_client_method, wolfDTLSv1_server_method, "DTLSv1_0" } }; ExpectIntEQ(test_wolfSSL_CTX_add_session_ext(param), TEST_SUCCESS); #endif #endif #endif return EXPECT_RESULT(); } #if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT) /* canned export of a session using older version 3 */ static unsigned char version_3[] = { 0xA5, 0xA3, 0x01, 0x88, 0x00, 0x3c, 0x00, 0x01, 0x00, 0x00, 0x00, 0x80, 0x0C, 0x00, 0x00, 0x00, 0x00, 0x80, 0x00, 0x1C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x01, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xC0, 0x30, 0x05, 0x09, 0x0A, 0x01, 0x01, 0x00, 0x0D, 0x05, 0xFE, 0xFD, 0x01, 0x25, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x00, 0x05, 0x00, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x00, 0x01, 0x00, 0x07, 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x10, 0x01, 0x01, 0x00, 0x02, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x3F, 0x00, 0x00, 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x20, 0x05, 0x12, 0xCF, 0x22, 0xA1, 0x9F, 0x1C, 0x39, 0x1D, 0x31, 0x11, 0x12, 0x1D, 0x11, 0x18, 0x0D, 0x0B, 0xF3, 0xE1, 0x4D, 0xDC, 0xB1, 0xF1, 0x39, 0x98, 0x91, 0x6C, 0x48, 0xE5, 0xED, 0x11, 0x12, 0xA0, 0x00, 0xF2, 0x25, 0x4C, 0x09, 0x26, 0xD1, 0x74, 0xDF, 0x23, 0x40, 0x15, 0x6A, 0x42, 0x2A, 0x26, 0xA5, 0xAC, 0x56, 0xD5, 0x4A, 0x20, 0xB7, 0xE9, 0xEF, 0xEB, 0xAF, 0xA8, 0x1E, 0x23, 0x7C, 0x04, 0xAA, 0xA1, 0x6D, 0x92, 0x79, 0x7B, 0xFA, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x0C, 0x79, 0x7B, 0xFA, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xAA, 0xA1, 0x6D, 0x92, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x20, 0x00, 0x04, 0x00, 0x10, 0x00, 0x10, 0x08, 0x02, 0x05, 0x08, 0x01, 0x30, 0x28, 0x00, 0x00, 0x0F, 0x00, 0x02, 0x00, 0x09, 0x31, 0x32, 0x37, 0x2E, 0x30, 0x2E, 0x30, 0x2E, 0x31, 0xED, 0x4F }; #endif /* defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT) */ static int test_wolfSSL_dtls_export(void) { EXPECT_DECLS; #if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT) tcp_ready ready; func_args client_args; func_args server_args; THREAD_TYPE serverThread; callback_functions server_cbf; callback_functions client_cbf; #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif InitTcpReady(&ready); #if defined(USE_WINDOWS_API) /* use RNG to get random port if using windows */ ready.port = GetRandomPort(); #endif /* set using dtls */ XMEMSET(&client_args, 0, sizeof(func_args)); XMEMSET(&server_args, 0, sizeof(func_args)); XMEMSET(&server_cbf, 0, sizeof(callback_functions)); XMEMSET(&client_cbf, 0, sizeof(callback_functions)); server_cbf.method = wolfDTLSv1_2_server_method; client_cbf.method = wolfDTLSv1_2_client_method; server_args.callbacks = &server_cbf; client_args.callbacks = &client_cbf; server_args.signal = &ready; client_args.signal = &ready; start_thread(run_wolfssl_server, &server_args, &serverThread); wait_tcp_ready(&server_args); run_wolfssl_client(&client_args); join_thread(serverThread); ExpectTrue(client_args.return_code); ExpectTrue(server_args.return_code); FreeTcpReady(&ready); #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif if (EXPECT_SUCCESS()) { SOCKET_T sockfd = 0; WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; char msg[64] = "hello wolfssl!"; char reply[1024]; int msgSz = (int)XSTRLEN(msg); byte *session, *window; unsigned int sessionSz = 0; unsigned int windowSz = 0; #ifndef TEST_IPV6 struct sockaddr_in peerAddr; #else struct sockaddr_in6 peerAddr; #endif /* TEST_IPV6 */ int i; /* Set ctx to DTLS 1.2 */ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method())); ExpectNotNull(ssl = wolfSSL_new(ctx)); /* test importing version 3 */ ExpectIntGE(wolfSSL_dtls_import(ssl, version_3, sizeof(version_3)), 0); /* test importing bad length and bad version */ version_3[2] += 1; ExpectIntLT(wolfSSL_dtls_import(ssl, version_3, sizeof(version_3)), 0); version_3[2] -= 1; version_3[1] = 0XA0; ExpectIntLT(wolfSSL_dtls_import(ssl, version_3, sizeof(version_3)), 0); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); /* check storing client state after connection and storing window only */ #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif InitTcpReady(&ready); #if defined(USE_WINDOWS_API) /* use RNG to get random port if using windows */ ready.port = GetRandomPort(); #endif /* set using dtls */ XMEMSET(&server_args, 0, sizeof(func_args)); XMEMSET(&server_cbf, 0, sizeof(callback_functions)); server_cbf.method = wolfDTLSv1_2_server_method; server_cbf.doUdp = 1; server_args.callbacks = &server_cbf; server_args.argc = 3; /* set loop_count to 3 */ server_args.signal = &ready; start_thread(test_server_nofail, &server_args, &serverThread); wait_tcp_ready(&server_args); /* create and connect with client */ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfDTLSv1_2_client_method())); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, SSL_FILETYPE_PEM)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, SSL_FILETYPE_PEM)); tcp_connect(&sockfd, wolfSSLIP, server_args.signal->port, 1, 0, NULL); ExpectNotNull(ssl = wolfSSL_new(ctx)); ExpectIntEQ(wolfSSL_set_fd(ssl, sockfd), WOLFSSL_SUCCESS); /* store server information connected too */ XMEMSET(&peerAddr, 0, sizeof(peerAddr)); #ifndef TEST_IPV6 peerAddr.sin_family = AF_INET; ExpectIntEQ(XINET_PTON(AF_INET, wolfSSLIP, &peerAddr.sin_addr),1); peerAddr.sin_port = XHTONS(server_args.signal->port); #else peerAddr.sin6_family = AF_INET6; ExpectIntEQ( XINET_PTON(AF_INET6, wolfSSLIP, &peerAddr.sin6_addr),1); peerAddr.sin6_port = XHTONS(server_args.signal->port); #endif ExpectIntEQ(wolfSSL_dtls_set_peer(ssl, &peerAddr, sizeof(peerAddr)), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_connect(ssl), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_dtls_export(ssl, NULL, &sessionSz), 0); session = (byte*)XMALLOC(sessionSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); ExpectIntGT(wolfSSL_dtls_export(ssl, session, &sessionSz), 0); ExpectIntEQ(wolfSSL_write(ssl, msg, msgSz), msgSz); ExpectIntGT(wolfSSL_read(ssl, reply, sizeof(reply)), 0); ExpectIntEQ(wolfSSL_dtls_export_state_only(ssl, NULL, &windowSz), 0); window = (byte*)XMALLOC(windowSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); ExpectIntGT(wolfSSL_dtls_export_state_only(ssl, window, &windowSz), 0); wolfSSL_free(ssl); for (i = 1; EXPECT_SUCCESS() && i < server_args.argc; i++) { /* restore state */ ExpectNotNull(ssl = wolfSSL_new(ctx)); ExpectIntGT(wolfSSL_dtls_import(ssl, session, sessionSz), 0); ExpectIntGT(wolfSSL_dtls_import(ssl, window, windowSz), 0); ExpectIntEQ(wolfSSL_set_fd(ssl, sockfd), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_dtls_set_peer(ssl, &peerAddr, sizeof(peerAddr)), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_write(ssl, msg, msgSz), msgSz); ExpectIntGE(wolfSSL_read(ssl, reply, sizeof(reply)), 0); ExpectIntGT(wolfSSL_dtls_export_state_only(ssl, window, &windowSz), 0); wolfSSL_free(ssl); } XFREE(session, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(window, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wolfSSL_CTX_free(ctx); fprintf(stderr, "done and waiting for server\n"); join_thread(serverThread); ExpectIntEQ(server_args.return_code, TEST_SUCCESS); FreeTcpReady(&ready); #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif } #endif return EXPECT_RESULT(); } #if defined(WOLFSSL_SESSION_EXPORT) && !defined(WOLFSSL_NO_TLS12) #ifdef WOLFSSL_TLS13 static const byte canned_client_tls13_session[] = { 0xA7, 0xA4, 0x01, 0x18, 0x00, 0x41, 0x00, 0x00, 0x01, 0x00, 0x00, 0x80, 0x04, 0x00, 0x00, 0x00, 0x00, 0x80, 0x00, 0x1C, 0x01, 0x00, 0x00, 0x01, 0x00, 0x01, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x01, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x13, 0x01, 0x0A, 0x0F, 0x10, 0x01, 0x02, 0x09, 0x00, 0x05, 0x00, 0x00, 0x00, 0x00, 0x03, 0x04, 0x00, 0xB7, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x27, 0x00, 0x00, 0x00, 0x11, 0x01, 0x01, 0x00, 0x20, 0x84, 0x4F, 0x18, 0xD8, 0xC1, 0x24, 0xD8, 0xBB, 0x17, 0x9E, 0x31, 0xA3, 0xF8, 0xA7, 0x3C, 0xBA, 0xEC, 0xFA, 0xB4, 0x7F, 0xC5, 0x78, 0xEB, 0x6D, 0xE3, 0x2B, 0x7B, 0x94, 0xBE, 0x20, 0x11, 0x7E, 0x17, 0x10, 0xA7, 0x10, 0x19, 0xEC, 0x62, 0xCC, 0xBE, 0xF5, 0x01, 0x35, 0x3C, 0xEA, 0xEF, 0x44, 0x3C, 0x40, 0xA2, 0xBC, 0x18, 0x43, 0xA1, 0xA1, 0x65, 0x5C, 0x48, 0xE2, 0xF9, 0x38, 0xEB, 0x11, 0x10, 0x72, 0x7C, 0x78, 0x22, 0x13, 0x3B, 0x19, 0x40, 0xF0, 0x73, 0xBE, 0x96, 0x14, 0x78, 0x26, 0xB9, 0x6B, 0x2E, 0x72, 0x22, 0x0D, 0x90, 0x94, 0xDD, 0x78, 0x77, 0xFC, 0x0C, 0x2E, 0x63, 0x6E, 0xF0, 0x0C, 0x35, 0x41, 0xCD, 0xF3, 0x49, 0x31, 0x08, 0xD0, 0x6F, 0x02, 0x3D, 0xC1, 0xD3, 0xB7, 0xEE, 0x3A, 0xA0, 0x8E, 0xA1, 0x4D, 0xC3, 0x2E, 0x5E, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0C, 0x35, 0x41, 0xCD, 0xF3, 0x49, 0x31, 0x08, 0xD0, 0x6F, 0x02, 0x3D, 0xC1, 0xD3, 0xB7, 0xEE, 0x3A, 0xA0, 0x8E, 0xA1, 0x4D, 0xC3, 0x2E, 0x5E, 0x06, 0x00, 0x10, 0x00, 0x10, 0x00, 0x0C, 0x00, 0x10, 0x00, 0x10, 0x07, 0x02, 0x04, 0x00, 0x00, 0x20, 0x28, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03 }; static const byte canned_server_tls13_session[] = { 0xA7, 0xA4, 0x01, 0x18, 0x00, 0x41, 0x01, 0x00, 0x01, 0x00, 0x00, 0x80, 0x04, 0x00, 0x00, 0x00, 0x00, 0x80, 0x00, 0x1C, 0x01, 0x00, 0x00, 0x00, 0x00, 0x01, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x13, 0x01, 0x0A, 0x0F, 0x10, 0x01, 0x02, 0x00, 0x0F, 0x05, 0x00, 0x00, 0x00, 0x00, 0x03, 0x04, 0x00, 0xB7, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x17, 0x00, 0x00, 0x00, 0x11, 0x01, 0x01, 0x00, 0x20, 0x84, 0x4F, 0x18, 0xD8, 0xC1, 0x24, 0xD8, 0xBB, 0x17, 0x9E, 0x31, 0xA3, 0xF8, 0xA7, 0x3C, 0xBA, 0xEC, 0xFA, 0xB4, 0x7F, 0xC5, 0x78, 0xEB, 0x6D, 0xE3, 0x2B, 0x7B, 0x94, 0xBE, 0x20, 0x11, 0x7E, 0x17, 0x10, 0xA7, 0x10, 0x19, 0xEC, 0x62, 0xCC, 0xBE, 0xF5, 0x01, 0x35, 0x3C, 0xEA, 0xEF, 0x44, 0x3C, 0x40, 0xA2, 0xBC, 0x18, 0x43, 0xA1, 0xA1, 0x65, 0x5C, 0x48, 0xE2, 0xF9, 0x38, 0xEB, 0x11, 0x10, 0x72, 0x7C, 0x78, 0x22, 0x13, 0x3B, 0x19, 0x40, 0xF0, 0x73, 0xBE, 0x96, 0x14, 0x78, 0x26, 0xB9, 0x6B, 0x2E, 0x72, 0x22, 0x0D, 0x90, 0x94, 0xDD, 0x78, 0x77, 0xFC, 0x0C, 0x2E, 0x63, 0x6E, 0xF0, 0x0C, 0x35, 0x41, 0xCD, 0xF3, 0x49, 0x31, 0x08, 0xD0, 0x6F, 0x02, 0x3D, 0xC1, 0xD3, 0xB7, 0xEE, 0x3A, 0xA0, 0x8E, 0xA1, 0x4D, 0xC3, 0x2E, 0x5E, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0C, 0xD3, 0xB7, 0xEE, 0x3A, 0xA0, 0x8E, 0xA1, 0x4D, 0xC3, 0x2E, 0x5E, 0x06, 0x35, 0x41, 0xCD, 0xF3, 0x49, 0x31, 0x08, 0xD0, 0x6F, 0x02, 0x3D, 0xC1, 0x00, 0x10, 0x00, 0x10, 0x00, 0x0C, 0x00, 0x10, 0x00, 0x10, 0x07, 0x02, 0x04, 0x00, 0x00, 0x20, 0x28, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04 }; #endif /* WOLFSSL_TLS13 */ static const byte canned_client_session[] = { 0xA7, 0xA4, 0x01, 0x40, 0x00, 0x41, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, 0x02, 0x00, 0x00, 0x00, 0x00, 0x80, 0x00, 0x1C, 0x00, 0x00, 0x00, 0x01, 0x00, 0x01, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xC0, 0x27, 0x0A, 0x0D, 0x10, 0x01, 0x01, 0x0A, 0x00, 0x05, 0x00, 0x01, 0x01, 0x01, 0x03, 0x03, 0x00, 0xBF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x50, 0x00, 0x00, 0x00, 0x0A, 0x01, 0x01, 0x00, 0x20, 0x69, 0x11, 0x6D, 0x97, 0x15, 0x6E, 0x52, 0x27, 0xD6, 0x1D, 0x1D, 0xF5, 0x0D, 0x59, 0xA5, 0xAC, 0x2E, 0x8C, 0x0E, 0xCB, 0x26, 0x1E, 0xE2, 0xCE, 0xBB, 0xCE, 0xE1, 0x7D, 0xD7, 0xEF, 0xA5, 0x44, 0x80, 0x2A, 0xDE, 0xBB, 0x75, 0xB0, 0x1D, 0x75, 0x17, 0x20, 0x4C, 0x08, 0x05, 0x1B, 0xBA, 0x60, 0x1F, 0x6C, 0x91, 0x8C, 0xAA, 0xBB, 0xE5, 0xA3, 0x0B, 0x12, 0x3E, 0xC0, 0x35, 0x43, 0x1D, 0xE2, 0x10, 0xE2, 0x02, 0x92, 0x4B, 0x8F, 0x05, 0xA9, 0x4B, 0xCC, 0x90, 0xC3, 0x0E, 0xC2, 0x0F, 0xE9, 0x33, 0x85, 0x9B, 0x3C, 0x19, 0x21, 0xD5, 0x62, 0xE5, 0xE1, 0x17, 0x8F, 0x8C, 0x19, 0x52, 0xD8, 0x59, 0x10, 0x2D, 0x20, 0x6F, 0xBA, 0xC1, 0x1C, 0xD1, 0x82, 0xC7, 0x32, 0x1B, 0xBB, 0xCC, 0x30, 0x03, 0xD7, 0x3A, 0xC8, 0x18, 0xED, 0x58, 0xC8, 0x11, 0xFE, 0x71, 0x9C, 0x71, 0xD8, 0x6B, 0xE0, 0x25, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x10, 0x00, 0x10, 0x00, 0x10, 0x00, 0x00, 0x06, 0x01, 0x04, 0x08, 0x01, 0x20, 0x28, 0x00, 0x09, 0xE1, 0x50, 0x70, 0x02, 0x2F, 0x7E, 0xDA, 0xBD, 0x40, 0xC5, 0x58, 0x87, 0xCE, 0x43, 0xF3, 0xC5, 0x8F, 0xA1, 0x59, 0x93, 0xEF, 0x7E, 0xD3, 0xD0, 0xB5, 0x87, 0x1D, 0x81, 0x54, 0x14, 0x63, 0x00, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03 }; static const byte canned_server_session[] = { 0xA7, 0xA4, 0x01, 0x40, 0x00, 0x41, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, 0x02, 0x00, 0x00, 0x00, 0x00, 0x80, 0x00, 0x1C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xC0, 0x27, 0x08, 0x0F, 0x10, 0x01, 0x01, 0x00, 0x11, 0x05, 0x00, 0x01, 0x01, 0x01, 0x03, 0x03, 0x00, 0xBF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 0x0A, 0x01, 0x01, 0x00, 0x20, 0x69, 0x11, 0x6D, 0x97, 0x15, 0x6E, 0x52, 0x27, 0xD6, 0x1D, 0x1D, 0xF5, 0x0D, 0x59, 0xA5, 0xAC, 0x2E, 0x8C, 0x0E, 0xCB, 0x26, 0x1E, 0xE2, 0xCE, 0xBB, 0xCE, 0xE1, 0x7D, 0xD7, 0xEF, 0xA5, 0x44, 0x80, 0x2A, 0xDE, 0xBB, 0x75, 0xB0, 0x1D, 0x75, 0x17, 0x20, 0x4C, 0x08, 0x05, 0x1B, 0xBA, 0x60, 0x1F, 0x6C, 0x91, 0x8C, 0xAA, 0xBB, 0xE5, 0xA3, 0x0B, 0x12, 0x3E, 0xC0, 0x35, 0x43, 0x1D, 0xE2, 0x10, 0xE2, 0x02, 0x92, 0x4B, 0x8F, 0x05, 0xA9, 0x4B, 0xCC, 0x90, 0xC3, 0x0E, 0xC2, 0x0F, 0xE9, 0x33, 0x85, 0x9B, 0x3C, 0x19, 0x21, 0xD5, 0x62, 0xE5, 0xE1, 0x17, 0x8F, 0x8C, 0x19, 0x52, 0xD8, 0x59, 0x10, 0x2D, 0x20, 0x6F, 0xBA, 0xC1, 0x1C, 0xD1, 0x82, 0xC7, 0x32, 0x1B, 0xBB, 0xCC, 0x30, 0x03, 0xD7, 0x3A, 0xC8, 0x18, 0xED, 0x58, 0xC8, 0x11, 0xFE, 0x71, 0x9C, 0x71, 0xD8, 0x6B, 0xE0, 0x25, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x10, 0x00, 0x10, 0x00, 0x10, 0x00, 0x00, 0x06, 0x01, 0x04, 0x08, 0x01, 0x20, 0x28, 0x00, 0xC5, 0x8F, 0xA1, 0x59, 0x93, 0xEF, 0x7E, 0xD3, 0xD0, 0xB5, 0x87, 0x1D, 0x81, 0x54, 0x14, 0x63, 0x09, 0xE1, 0x50, 0x70, 0x02, 0x2F, 0x7E, 0xDA, 0xBD, 0x40, 0xC5, 0x58, 0x87, 0xCE, 0x43, 0xF3, 0x00, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04 }; static THREAD_RETURN WOLFSSL_THREAD tls_export_server(void* args) { SOCKET_T sockfd = 0; SOCKET_T clientfd = 0; word16 port; callback_functions* cbf; WOLFSSL_CTX* ctx = 0; WOLFSSL* ssl = 0; char msg[] = "I hear you fa shizzle!"; char input[1024]; int idx; #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif ((func_args*)args)->return_code = TEST_FAIL; cbf = ((func_args*)args)->callbacks; #if defined(USE_WINDOWS_API) port = ((func_args*)args)->signal->port; #elif defined(NO_MAIN_DRIVER) && !defined(WOLFSSL_SNIFFER) && \ !defined(WOLFSSL_MDK_SHELL) && !defined(WOLFSSL_TIRTOS) /* Let tcp_listen assign port */ port = 0; #else /* Use default port */ port = wolfSSLPort; #endif /* do it here to detect failure */ tcp_accept(&sockfd, &clientfd, (func_args*)args, port, 0, 0, 0, 0, 1, 0, 0); CloseSocket(sockfd); { WOLFSSL_METHOD* method = NULL; if (cbf != NULL && cbf->method != NULL) { method = cbf->method(); } else { method = wolfTLSv1_2_server_method(); } ctx = wolfSSL_CTX_new(method); } if (ctx == NULL) { goto done; } wolfSSL_CTX_set_cipher_list(ctx, "ECDHE-RSA-AES128-SHA256"); /* call ctx setup callback */ if (cbf != NULL && cbf->ctx_ready != NULL) { cbf->ctx_ready(ctx); } ssl = wolfSSL_new(ctx); if (ssl == NULL) { goto done; } wolfSSL_set_fd(ssl, clientfd); /* call ssl setup callback */ if (cbf != NULL && cbf->ssl_ready != NULL) { cbf->ssl_ready(ssl); } idx = wolfSSL_read(ssl, input, sizeof(input)-1); if (idx > 0) { input[idx] = '\0'; fprintf(stderr, "Client message export/import: %s\n", input); } else { fprintf(stderr, "ret = %d error = %d\n", idx, wolfSSL_get_error(ssl, idx)); goto done; } if (wolfSSL_write(ssl, msg, sizeof(msg)) != sizeof(msg)) { /*err_sys("SSL_write failed");*/ WOLFSSL_RETURN_FROM_THREAD(0); } #ifdef WOLFSSL_TIRTOS Task_yield(); #endif ((func_args*)args)->return_code = TEST_SUCCESS; done: wolfSSL_shutdown(ssl); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); CloseSocket(clientfd); #ifdef WOLFSSL_TIRTOS fdCloseSession(Task_self()); #endif #if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \ && defined(HAVE_THREAD_LS) wc_ecc_fp_free(); /* free per thread cache */ #endif #if defined(HAVE_SESSION_TICKET) && \ ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM)) #if defined(OPENSSL_EXTRA) && defined(HAVE_AESGCM) OpenSSLTicketCleanup(); #elif defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) TicketCleanup(); #endif #endif WOLFSSL_RETURN_FROM_THREAD(0); } static void load_tls12_canned_server(WOLFSSL* ssl) { int clientfd = wolfSSL_get_fd(ssl); AssertIntEQ(wolfSSL_tls_import(ssl, canned_server_session, sizeof(canned_server_session)), sizeof(canned_server_session)); wolfSSL_set_fd(ssl, clientfd); } #ifdef WOLFSSL_TLS13 static void load_tls13_canned_server(WOLFSSL* ssl) { int clientfd = wolfSSL_get_fd(ssl); AssertIntEQ(wolfSSL_tls_import(ssl, canned_server_tls13_session, sizeof(canned_server_tls13_session)), sizeof(canned_server_tls13_session)); wolfSSL_set_fd(ssl, clientfd); } #endif /* v is for version WOLFSSL_TLSV1_2 or WOLFSSL_TLSV1_3 */ static int test_wolfSSL_tls_export_run(int v) { EXPECT_DECLS; SOCKET_T sockfd = 0; WOLFSSL_CTX* ctx = 0; WOLFSSL* ssl = 0; char msg[64] = "hello wolfssl!"; char reply[1024]; word32 replySz; int msgSz = (int)XSTRLEN(msg); const byte* clientSession = NULL; int clientSessionSz = 0; tcp_ready ready; func_args server_args; THREAD_TYPE serverThread; callback_functions server_cbf; #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif InitTcpReady(&ready); #if defined(USE_WINDOWS_API) /* use RNG to get random port if using windows */ ready.port = GetRandomPort(); #endif XMEMSET(&server_args, 0, sizeof(func_args)); XMEMSET(&server_cbf, 0, sizeof(callback_functions)); switch (v) { case WOLFSSL_TLSV1_2: server_cbf.method = wolfTLSv1_2_server_method; server_cbf.ssl_ready = load_tls12_canned_server; /* setup the client side */ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())); wolfSSL_CTX_set_cipher_list(ctx, "ECDHE-RSA-AES128-SHA256"); clientSession = canned_client_session; clientSessionSz = sizeof(canned_client_session); break; #ifdef WOLFSSL_TLS13 case WOLFSSL_TLSV1_3: server_cbf.method = wolfTLSv1_3_server_method; server_cbf.ssl_ready = load_tls13_canned_server; /* setup the client side */ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method())); clientSession = canned_client_tls13_session; clientSessionSz = sizeof(canned_client_tls13_session); break; #endif } server_args.callbacks = &server_cbf; server_args.signal = &ready; start_thread(tls_export_server, &server_args, &serverThread); wait_tcp_ready(&server_args); #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif ExpectNotNull(ssl = wolfSSL_new(ctx)); tcp_connect(&sockfd, wolfSSLIP, ready.port, 0, 0, ssl); ExpectIntEQ(wolfSSL_tls_import(ssl, clientSession, clientSessionSz), clientSessionSz); replySz = sizeof(reply); ExpectIntGT(wolfSSL_tls_export(ssl, (byte*)reply, &replySz), 0); #if !defined(NO_PSK) && defined(HAVE_ANON) /* index 20 has is setting if PSK was on and 49 is if anon is allowed */ ExpectIntEQ(XMEMCMP(reply, clientSession, replySz), 0); #endif wolfSSL_set_fd(ssl, sockfd); ExpectIntEQ(wolfSSL_write(ssl, msg, msgSz), msgSz); ExpectIntGT(wolfSSL_read(ssl, reply, sizeof(reply)-1), 0); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); CloseSocket(sockfd); #ifdef WOLFSSL_TIRTOS fdCloseSession(Task_self()); #endif #if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \ && defined(HAVE_THREAD_LS) wc_ecc_fp_free(); /* free per thread cache */ #endif join_thread(serverThread); ExpectIntEQ(server_args.return_code, TEST_SUCCESS); FreeTcpReady(&ready); #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif return EXPECT_RESULT(); } #endif static int test_wolfSSL_tls_export(void) { int res = TEST_SKIPPED; #if defined(WOLFSSL_SESSION_EXPORT) && !defined(WOLFSSL_NO_TLS12) test_wolfSSL_tls_export_run(WOLFSSL_TLSV1_2); #ifdef WOLFSSL_TLS13 test_wolfSSL_tls_export_run(WOLFSSL_TLSV1_3); #endif res = TEST_RES_CHECK(1); #endif return res; } /*----------------------------------------------------------------------------* | TLS extensions tests *----------------------------------------------------------------------------*/ #ifdef ENABLE_TLS_CALLBACK_TEST /* Connection test runner - generic */ static void test_wolfSSL_client_server(callback_functions* client_callbacks, callback_functions* server_callbacks) { tcp_ready ready; func_args client_args; func_args server_args; THREAD_TYPE serverThread; XMEMSET(&client_args, 0, sizeof(func_args)); XMEMSET(&server_args, 0, sizeof(func_args)); StartTCP(); client_args.callbacks = client_callbacks; server_args.callbacks = server_callbacks; #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif /* RUN Server side */ InitTcpReady(&ready); #if defined(USE_WINDOWS_API) /* use RNG to get random port if using windows */ ready.port = GetRandomPort(); #endif server_args.signal = &ready; client_args.signal = &ready; start_thread(run_wolfssl_server, &server_args, &serverThread); wait_tcp_ready(&server_args); /* RUN Client side */ run_wolfssl_client(&client_args); join_thread(serverThread); FreeTcpReady(&ready); #ifdef WOLFSSL_TIRTOS fdCloseSession(Task_self()); #endif client_callbacks->return_code = client_args.return_code; server_callbacks->return_code = server_args.return_code; } #endif /* ENABLE_TLS_CALLBACK_TEST */ #ifdef HAVE_SNI static int test_wolfSSL_UseSNI_params(void) { EXPECT_DECLS; #if !defined(NO_WOLFSSL_CLIENT) WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()); WOLFSSL *ssl = wolfSSL_new(ctx); ExpectNotNull(ctx); ExpectNotNull(ssl); /* invalid [ctx|ssl] */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSNI(NULL, 0, "ctx", 3)); ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseSNI( NULL, 0, "ssl", 3)); /* invalid type */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSNI(ctx, -1, "ctx", 3)); ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseSNI( ssl, -1, "ssl", 3)); /* invalid data */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSNI(ctx, 0, NULL, 3)); ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseSNI( ssl, 0, NULL, 3)); /* success case */ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSNI(ctx, 0, "ctx", 3)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseSNI( ssl, 0, "ssl", 3)); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); #endif /* !NO_WOLFSSL_CLIENT */ return EXPECT_RESULT(); } /* BEGIN of connection tests callbacks */ static void use_SNI_at_ctx(WOLFSSL_CTX* ctx) { AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSNI(ctx, WOLFSSL_SNI_HOST_NAME, "www.wolfssl.com", 15)); } static void use_SNI_at_ssl(WOLFSSL* ssl) { AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseSNI(ssl, WOLFSSL_SNI_HOST_NAME, "www.wolfssl.com", 15)); } static void different_SNI_at_ssl(WOLFSSL* ssl) { AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseSNI(ssl, WOLFSSL_SNI_HOST_NAME, "ww2.wolfssl.com", 15)); } static void use_SNI_WITH_CONTINUE_at_ssl(WOLFSSL* ssl) { use_SNI_at_ssl(ssl); wolfSSL_SNI_SetOptions(ssl, WOLFSSL_SNI_HOST_NAME, WOLFSSL_SNI_CONTINUE_ON_MISMATCH); } static void use_SNI_WITH_FAKE_ANSWER_at_ssl(WOLFSSL* ssl) { use_SNI_at_ssl(ssl); wolfSSL_SNI_SetOptions(ssl, WOLFSSL_SNI_HOST_NAME, WOLFSSL_SNI_ANSWER_ON_MISMATCH); } static void use_MANDATORY_SNI_at_ctx(WOLFSSL_CTX* ctx) { use_SNI_at_ctx(ctx); wolfSSL_CTX_SNI_SetOptions(ctx, WOLFSSL_SNI_HOST_NAME, WOLFSSL_SNI_ABORT_ON_ABSENCE); } static void use_MANDATORY_SNI_at_ssl(WOLFSSL* ssl) { use_SNI_at_ssl(ssl); wolfSSL_SNI_SetOptions(ssl, WOLFSSL_SNI_HOST_NAME, WOLFSSL_SNI_ABORT_ON_ABSENCE); } static void use_PSEUDO_MANDATORY_SNI_at_ctx(WOLFSSL_CTX* ctx) { use_SNI_at_ctx(ctx); wolfSSL_CTX_SNI_SetOptions(ctx, WOLFSSL_SNI_HOST_NAME, WOLFSSL_SNI_ANSWER_ON_MISMATCH | WOLFSSL_SNI_ABORT_ON_ABSENCE); } static void verify_UNKNOWN_SNI_on_server(WOLFSSL* ssl) { AssertIntEQ(UNKNOWN_SNI_HOST_NAME_E, wolfSSL_get_error(ssl, 0)); } static void verify_SNI_ABSENT_on_server(WOLFSSL* ssl) { AssertIntEQ(SNI_ABSENT_ERROR, wolfSSL_get_error(ssl, 0)); } static void verify_SNI_no_matching(WOLFSSL* ssl) { byte type = WOLFSSL_SNI_HOST_NAME; void* request = (void*) &type; /* to be overwritten */ AssertIntEQ(WOLFSSL_SNI_NO_MATCH, wolfSSL_SNI_Status(ssl, type)); AssertNotNull(request); AssertIntEQ(0, wolfSSL_SNI_GetRequest(ssl, type, &request)); AssertNull(request); } static void verify_SNI_real_matching(WOLFSSL* ssl) { byte type = WOLFSSL_SNI_HOST_NAME; void* request = NULL; AssertIntEQ(WOLFSSL_SNI_REAL_MATCH, wolfSSL_SNI_Status(ssl, type)); AssertIntEQ(15, wolfSSL_SNI_GetRequest(ssl, type, &request)); AssertNotNull(request); AssertStrEQ("www.wolfssl.com", (char*)request); } static void verify_SNI_fake_matching(WOLFSSL* ssl) { byte type = WOLFSSL_SNI_HOST_NAME; void* request = NULL; AssertIntEQ(WOLFSSL_SNI_FAKE_MATCH, wolfSSL_SNI_Status(ssl, type)); AssertIntEQ(15, wolfSSL_SNI_GetRequest(ssl, type, &request)); AssertNotNull(request); AssertStrEQ("ww2.wolfssl.com", (char*)request); } static void verify_FATAL_ERROR_on_client(WOLFSSL* ssl) { AssertIntEQ(FATAL_ERROR, wolfSSL_get_error(ssl, 0)); } /* END of connection tests callbacks */ static int test_wolfSSL_UseSNI_connection(void) { int res = TEST_SKIPPED; #if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) callback_functions client_cb; callback_functions server_cb; size_t i; #ifdef WOLFSSL_STATIC_MEMORY byte cliMem[TEST_TLS_STATIC_MEMSZ]; byte svrMem[TEST_TLS_STATIC_MEMSZ]; #endif struct { method_provider client_meth; method_provider server_meth; #ifdef WOLFSSL_STATIC_MEMORY wolfSSL_method_func client_meth_ex; wolfSSL_method_func server_meth_ex; #endif } methods[] = { #if defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_TLS13) {wolfSSLv23_client_method, wolfSSLv23_server_method #ifdef WOLFSSL_STATIC_MEMORY ,wolfSSLv23_client_method_ex, wolfSSLv23_server_method_ex #endif }, #endif #ifndef WOLFSSL_NO_TLS12 {wolfTLSv1_2_client_method, wolfTLSv1_2_server_method #ifdef WOLFSSL_STATIC_MEMORY ,wolfTLSv1_2_client_method_ex, wolfTLSv1_2_server_method_ex #endif }, #endif #ifdef WOLFSSL_TLS13 {wolfTLSv1_3_client_method, wolfTLSv1_3_server_method #ifdef WOLFSSL_STATIC_MEMORY ,wolfTLSv1_3_client_method_ex, wolfTLSv1_3_server_method_ex #endif }, #endif }; size_t methodsSz = sizeof(methods) / sizeof(*methods); for (i = 0; i < methodsSz; i++) { XMEMSET(&client_cb, 0, sizeof(callback_functions)); XMEMSET(&server_cb, 0, sizeof(callback_functions)); client_cb.method = methods[i].client_meth; server_cb.method = methods[i].server_meth; client_cb.devId = testDevId; server_cb.devId = testDevId; #ifdef WOLFSSL_STATIC_MEMORY client_cb.method_ex = methods[i].client_meth_ex; server_cb.method_ex = methods[i].server_meth_ex; client_cb.mem = cliMem; client_cb.memSz = (word32)sizeof(cliMem); server_cb.mem = svrMem; server_cb.memSz = (word32)sizeof(svrMem);; #endif /* success case at ctx */ fprintf(stderr, "\n\tsuccess case at ctx\n"); client_cb.ctx_ready = use_SNI_at_ctx; client_cb.ssl_ready = NULL; client_cb.on_result = NULL; server_cb.ctx_ready = use_SNI_at_ctx; server_cb.ssl_ready = NULL; server_cb.on_result = verify_SNI_real_matching; test_wolfSSL_client_server(&client_cb, &server_cb); /* success case at ssl */ fprintf(stderr, "\tsuccess case at ssl\n"); client_cb.ctx_ready = NULL; client_cb.ssl_ready = use_SNI_at_ssl; client_cb.on_result = verify_SNI_real_matching; server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_SNI_at_ssl; server_cb.on_result = verify_SNI_real_matching; test_wolfSSL_client_server(&client_cb, &server_cb); /* default mismatch behavior */ fprintf(stderr, "\tdefault mismatch behavior\n"); client_cb.ctx_ready = NULL; client_cb.ssl_ready = different_SNI_at_ssl; client_cb.on_result = verify_FATAL_ERROR_on_client; server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_SNI_at_ssl; server_cb.on_result = verify_UNKNOWN_SNI_on_server; test_wolfSSL_client_server(&client_cb, &server_cb); /* continue on mismatch */ fprintf(stderr, "\tcontinue on mismatch\n"); client_cb.ctx_ready = NULL; client_cb.ssl_ready = different_SNI_at_ssl; client_cb.on_result = NULL; server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_SNI_WITH_CONTINUE_at_ssl; server_cb.on_result = verify_SNI_no_matching; test_wolfSSL_client_server(&client_cb, &server_cb); /* fake answer on mismatch */ fprintf(stderr, "\tfake answer on mismatch\n"); client_cb.ctx_ready = NULL; client_cb.ssl_ready = different_SNI_at_ssl; client_cb.on_result = NULL; server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_SNI_WITH_FAKE_ANSWER_at_ssl; server_cb.on_result = verify_SNI_fake_matching; test_wolfSSL_client_server(&client_cb, &server_cb); /* sni abort - success */ fprintf(stderr, "\tsni abort - success\n"); client_cb.ctx_ready = use_SNI_at_ctx; client_cb.ssl_ready = NULL; client_cb.on_result = NULL; server_cb.ctx_ready = use_MANDATORY_SNI_at_ctx; server_cb.ssl_ready = NULL; server_cb.on_result = verify_SNI_real_matching; test_wolfSSL_client_server(&client_cb, &server_cb); /* sni abort - abort when absent (ctx) */ fprintf(stderr, "\tsni abort - abort when absent (ctx)\n"); client_cb.ctx_ready = NULL; client_cb.ssl_ready = NULL; client_cb.on_result = verify_FATAL_ERROR_on_client; server_cb.ctx_ready = use_MANDATORY_SNI_at_ctx; server_cb.ssl_ready = NULL; server_cb.on_result = verify_SNI_ABSENT_on_server; test_wolfSSL_client_server(&client_cb, &server_cb); /* sni abort - abort when absent (ssl) */ fprintf(stderr, "\tsni abort - abort when absent (ssl)\n"); client_cb.ctx_ready = NULL; client_cb.ssl_ready = NULL; client_cb.on_result = verify_FATAL_ERROR_on_client; server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_MANDATORY_SNI_at_ssl; server_cb.on_result = verify_SNI_ABSENT_on_server; test_wolfSSL_client_server(&client_cb, &server_cb); /* sni abort - success when overwritten */ fprintf(stderr, "\tsni abort - success when overwritten\n"); client_cb.ctx_ready = NULL; client_cb.ssl_ready = NULL; client_cb.on_result = NULL; server_cb.ctx_ready = use_MANDATORY_SNI_at_ctx; server_cb.ssl_ready = use_SNI_at_ssl; server_cb.on_result = verify_SNI_no_matching; test_wolfSSL_client_server(&client_cb, &server_cb); /* sni abort - success when allowing mismatches */ fprintf(stderr, "\tsni abort - success when allowing mismatches\n"); client_cb.ctx_ready = NULL; client_cb.ssl_ready = different_SNI_at_ssl; client_cb.on_result = NULL; server_cb.ctx_ready = use_PSEUDO_MANDATORY_SNI_at_ctx; server_cb.ssl_ready = NULL; server_cb.on_result = verify_SNI_fake_matching; test_wolfSSL_client_server(&client_cb, &server_cb); } res = TEST_RES_CHECK(1); #endif /* !NO_WOLFSSL_CLIENT && !NO_WOLFSSL_SERVER */ return res; } static int test_wolfSSL_SNI_GetFromBuffer(void) { EXPECT_DECLS; byte buff[] = { /* www.paypal.com */ 0x00, 0x00, 0x00, 0x00, 0xff, 0x01, 0x00, 0x00, 0x60, 0x03, 0x03, 0x5c, 0xc4, 0xb3, 0x8c, 0x87, 0xef, 0xa4, 0x09, 0xe0, 0x02, 0xab, 0x86, 0xca, 0x76, 0xf0, 0x9e, 0x01, 0x65, 0xf6, 0xa6, 0x06, 0x13, 0x1d, 0x0f, 0xa5, 0x79, 0xb0, 0xd4, 0x77, 0x22, 0xeb, 0x1a, 0x00, 0x00, 0x16, 0x00, 0x6b, 0x00, 0x67, 0x00, 0x39, 0x00, 0x33, 0x00, 0x3d, 0x00, 0x3c, 0x00, 0x35, 0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x21, 0x00, 0x00, 0x00, 0x13, 0x00, 0x11, 0x00, 0x00, 0x0e, 0x77, 0x77, 0x77, 0x2e, 0x70, 0x61, 0x79, 0x70, 0x61, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x00, 0x0d, 0x00, 0x06, 0x00, 0x04, 0x04, 0x01, 0x02, 0x01 }; byte buff2[] = { /* api.textmate.org */ 0x16, 0x03, 0x01, 0x00, 0xc6, 0x01, 0x00, 0x00, 0xc2, 0x03, 0x03, 0x52, 0x8b, 0x7b, 0xca, 0x69, 0xec, 0x97, 0xd5, 0x08, 0x03, 0x50, 0xfe, 0x3b, 0x99, 0xc3, 0x20, 0xce, 0xa5, 0xf6, 0x99, 0xa5, 0x71, 0xf9, 0x57, 0x7f, 0x04, 0x38, 0xf6, 0x11, 0x0b, 0xb8, 0xd3, 0x00, 0x00, 0x5e, 0x00, 0xff, 0xc0, 0x24, 0xc0, 0x23, 0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x07, 0xc0, 0x08, 0xc0, 0x28, 0xc0, 0x27, 0xc0, 0x14, 0xc0, 0x13, 0xc0, 0x11, 0xc0, 0x12, 0xc0, 0x26, 0xc0, 0x25, 0xc0, 0x2a, 0xc0, 0x29, 0xc0, 0x05, 0xc0, 0x04, 0xc0, 0x02, 0xc0, 0x03, 0xc0, 0x0f, 0xc0, 0x0e, 0xc0, 0x0c, 0xc0, 0x0d, 0x00, 0x3d, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x35, 0x00, 0x0a, 0x00, 0x67, 0x00, 0x6b, 0x00, 0x33, 0x00, 0x39, 0x00, 0x16, 0x00, 0xaf, 0x00, 0xae, 0x00, 0x8d, 0x00, 0x8c, 0x00, 0x8a, 0x00, 0x8b, 0x00, 0xb1, 0x00, 0xb0, 0x00, 0x2c, 0x00, 0x3b, 0x01, 0x00, 0x00, 0x3b, 0x00, 0x00, 0x00, 0x15, 0x00, 0x13, 0x00, 0x00, 0x10, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x65, 0x78, 0x74, 0x6d, 0x61, 0x74, 0x65, 0x2e, 0x6f, 0x72, 0x67, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x17, 0x00, 0x18, 0x00, 0x19, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x0d, 0x00, 0x0c, 0x00, 0x0a, 0x05, 0x01, 0x04, 0x01, 0x02, 0x01, 0x04, 0x03, 0x02, 0x03 }; byte buff3[] = { /* no sni extension */ 0x16, 0x03, 0x03, 0x00, 0x4d, 0x01, 0x00, 0x00, 0x49, 0x03, 0x03, 0xea, 0xa1, 0x9f, 0x60, 0xdd, 0x52, 0x12, 0x13, 0xbd, 0x84, 0x34, 0xd5, 0x1c, 0x38, 0x25, 0xa8, 0x97, 0xd2, 0xd5, 0xc6, 0x45, 0xaf, 0x1b, 0x08, 0xe4, 0x1e, 0xbb, 0xdf, 0x9d, 0x39, 0xf0, 0x65, 0x00, 0x00, 0x16, 0x00, 0x6b, 0x00, 0x67, 0x00, 0x39, 0x00, 0x33, 0x00, 0x3d, 0x00, 0x3c, 0x00, 0x35, 0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x0d, 0x00, 0x06, 0x00, 0x04, 0x04, 0x01, 0x02, 0x01 }; byte buff4[] = { /* last extension has zero size */ 0x16, 0x03, 0x01, 0x00, 0xba, 0x01, 0x00, 0x00, 0xb6, 0x03, 0x03, 0x83, 0xa3, 0xe6, 0xdc, 0x16, 0xa1, 0x43, 0xe9, 0x45, 0x15, 0xbd, 0x64, 0xa9, 0xb6, 0x07, 0xb4, 0x50, 0xc6, 0xdd, 0xff, 0xc2, 0xd3, 0x0d, 0x4f, 0x36, 0xb4, 0x41, 0x51, 0x61, 0xc1, 0xa5, 0x9e, 0x00, 0x00, 0x28, 0xcc, 0x14, 0xcc, 0x13, 0xc0, 0x2b, 0xc0, 0x2f, 0x00, 0x9e, 0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x13, 0xc0, 0x14, 0xc0, 0x07, 0xc0, 0x11, 0x00, 0x33, 0x00, 0x32, 0x00, 0x39, 0x00, 0x9c, 0x00, 0x2f, 0x00, 0x35, 0x00, 0x0a, 0x00, 0x05, 0x00, 0x04, 0x01, 0x00, 0x00, 0x65, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x17, 0x00, 0x18, 0x00, 0x19, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x23, 0x00, 0x00, 0x33, 0x74, 0x00, 0x00, 0x00, 0x10, 0x00, 0x1b, 0x00, 0x19, 0x06, 0x73, 0x70, 0x64, 0x79, 0x2f, 0x33, 0x08, 0x73, 0x70, 0x64, 0x79, 0x2f, 0x33, 0x2e, 0x31, 0x08, 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31, 0x75, 0x50, 0x00, 0x00, 0x00, 0x05, 0x00, 0x05, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x12, 0x00, 0x10, 0x04, 0x01, 0x05, 0x01, 0x02, 0x01, 0x04, 0x03, 0x05, 0x03, 0x02, 0x03, 0x04, 0x02, 0x02, 0x02, 0x00, 0x12, 0x00, 0x00 }; byte buff5[] = { /* SSL v2.0 client hello */ 0x00, 0x2b, 0x01, 0x03, 0x01, 0x00, 0x09, 0x00, 0x00, /* dummy bytes below, just to pass size check */ 0xb6, 0x03, 0x03, 0x83, 0xa3, 0xe6, 0xdc, 0x16, 0xa1, 0x43, 0xe9, 0x45, 0x15, 0xbd, 0x64, 0xa9, 0xb6, 0x07, 0xb4, 0x50, 0xc6, 0xdd, 0xff, 0xc2, 0xd3, 0x0d, 0x4f, 0x36, 0xb4, 0x41, 0x51, 0x61, 0xc1, 0xa5, 0x9e, 0x00, }; byte result[32] = {0}; word32 length = 32; ExpectIntEQ(0, wolfSSL_SNI_GetFromBuffer(buff4, sizeof(buff4), 0, result, &length)); ExpectIntEQ(0, wolfSSL_SNI_GetFromBuffer(buff3, sizeof(buff3), 0, result, &length)); ExpectIntEQ(0, wolfSSL_SNI_GetFromBuffer(buff2, sizeof(buff2), 1, result, &length)); ExpectIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buff, sizeof(buff), 0, result, &length)); buff[0] = 0x16; ExpectIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buff, sizeof(buff), 0, result, &length)); buff[1] = 0x03; ExpectIntEQ(SNI_UNSUPPORTED, wolfSSL_SNI_GetFromBuffer(buff, sizeof(buff), 0, result, &length)); buff[2] = 0x03; ExpectIntEQ(INCOMPLETE_DATA, wolfSSL_SNI_GetFromBuffer(buff, sizeof(buff), 0, result, &length)); buff[4] = 0x64; ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SNI_GetFromBuffer(buff, sizeof(buff), 0, result, &length)); if (EXPECT_SUCCESS()) result[length] = 0; ExpectStrEQ("www.paypal.com", (const char*) result); length = 32; ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SNI_GetFromBuffer(buff2, sizeof(buff2), 0, result, &length)); if (EXPECT_SUCCESS()) result[length] = 0; ExpectStrEQ("api.textmate.org", (const char*) result); /* SSL v2.0 tests */ ExpectIntEQ(SNI_UNSUPPORTED, wolfSSL_SNI_GetFromBuffer(buff5, sizeof(buff5), 0, result, &length)); buff5[2] = 0x02; ExpectIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buff5, sizeof(buff5), 0, result, &length)); buff5[2] = 0x01; buff5[6] = 0x08; ExpectIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buff5, sizeof(buff5), 0, result, &length)); buff5[6] = 0x09; buff5[8] = 0x01; ExpectIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buff5, sizeof(buff5), 0, result, &length)); return EXPECT_RESULT(); } #endif /* HAVE_SNI */ #endif /* HAVE_IO_TESTS_DEPENDENCIES */ #if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT) && \ defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) /* Dummy peer functions to satisfy the exporter/importer */ static int test_wolfSSL_dtls_export_peers_get_peer(WOLFSSL* ssl, char* ip, int* ipSz, unsigned short* port, int* fam) { (void)ssl; ip[0] = -1; *ipSz = 1; *port = 1; *fam = 2; return 1; } static int test_wolfSSL_dtls_export_peers_set_peer(WOLFSSL* ssl, char* ip, int ipSz, unsigned short port, int fam) { (void)ssl; if (ip[0] != -1 || ipSz != 1 || port != 1 || fam != 2) return 0; return 1; } static int test_wolfSSL_dtls_export_peers_on_handshake(WOLFSSL_CTX **ctx, WOLFSSL **ssl) { EXPECT_DECLS; unsigned char* sessionBuf = NULL; unsigned int sessionSz = 0; void* ioWriteCtx = wolfSSL_GetIOWriteCtx(*ssl); void* ioReadCtx = wolfSSL_GetIOReadCtx(*ssl); wolfSSL_CTX_SetIOGetPeer(*ctx, test_wolfSSL_dtls_export_peers_get_peer); wolfSSL_CTX_SetIOSetPeer(*ctx, test_wolfSSL_dtls_export_peers_set_peer); ExpectIntGE(wolfSSL_dtls_export(*ssl, NULL, &sessionSz), 0); ExpectNotNull(sessionBuf = (unsigned char*)XMALLOC(sessionSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); ExpectIntGE(wolfSSL_dtls_export(*ssl, sessionBuf, &sessionSz), 0); wolfSSL_free(*ssl); *ssl = NULL; ExpectNotNull(*ssl = wolfSSL_new(*ctx)); ExpectIntGE(wolfSSL_dtls_import(*ssl, sessionBuf, sessionSz), 0); wolfSSL_SetIOWriteCtx(*ssl, ioWriteCtx); wolfSSL_SetIOReadCtx(*ssl, ioReadCtx); XFREE(sessionBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); return EXPECT_RESULT(); } #endif static int test_wolfSSL_dtls_export_peers(void) { EXPECT_DECLS; #if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT) && \ defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) test_ssl_cbf client_cbf; test_ssl_cbf server_cbf; size_t i, j; struct test_params { method_provider client_meth; method_provider server_meth; const char* dtls_version; } params[] = { #ifndef NO_OLD_TLS {wolfDTLSv1_client_method, wolfDTLSv1_server_method, "1.0"}, #endif {wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method, "1.2"}, /* TODO DTLS 1.3 exporting not supported #ifdef WOLFSSL_DTLS13 {wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method, "1.3"}, #endif */ }; for (i = 0; i < sizeof(params)/sizeof(*params); i++) { for (j = 0; j <= 0b11; j++) { XMEMSET(&client_cbf, 0, sizeof(client_cbf)); XMEMSET(&server_cbf, 0, sizeof(server_cbf)); printf("\n\tTesting DTLS %s connection;", params[i].dtls_version); client_cbf.method = params[i].client_meth; server_cbf.method = params[i].server_meth; if (j & 0b01) { client_cbf.on_handshake = test_wolfSSL_dtls_export_peers_on_handshake; printf(" With client export;"); } if (j & 0b10) { server_cbf.on_handshake = test_wolfSSL_dtls_export_peers_on_handshake; printf(" With server export;"); } printf("\n"); ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf, &server_cbf, NULL), TEST_SUCCESS); if (!EXPECT_SUCCESS()) break; } } #endif return EXPECT_RESULT(); } static int test_wolfSSL_UseTrustedCA(void) { EXPECT_DECLS; #if defined(HAVE_TRUSTED_CA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) \ && !defined(NO_RSA) #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) WOLFSSL_CTX *ctx = NULL; WOLFSSL *ssl = NULL; byte id[20]; #ifndef NO_WOLFSSL_SERVER ExpectNotNull((ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()))); ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM)); #else ExpectNotNull((ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()))); #endif ExpectNotNull((ssl = wolfSSL_new(ctx))); XMEMSET(id, 0, sizeof(id)); /* error cases */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseTrustedCA(NULL, 0, NULL, 0)); ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseTrustedCA(ssl, WOLFSSL_TRUSTED_CA_CERT_SHA1+1, NULL, 0)); ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseTrustedCA(ssl, WOLFSSL_TRUSTED_CA_CERT_SHA1, NULL, 0)); ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseTrustedCA(ssl, WOLFSSL_TRUSTED_CA_CERT_SHA1, id, 5)); #ifdef NO_SHA ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseTrustedCA(ssl, WOLFSSL_TRUSTED_CA_KEY_SHA1, id, sizeof(id))); #endif ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseTrustedCA(ssl, WOLFSSL_TRUSTED_CA_X509_NAME, id, 0)); /* success cases */ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseTrustedCA(ssl, WOLFSSL_TRUSTED_CA_PRE_AGREED, NULL, 0)); #ifndef NO_SHA ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseTrustedCA(ssl, WOLFSSL_TRUSTED_CA_KEY_SHA1, id, sizeof(id))); #endif ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseTrustedCA(ssl, WOLFSSL_TRUSTED_CA_X509_NAME, id, 5)); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ #endif /* HAVE_TRUSTED_CA */ return EXPECT_RESULT(); } static int test_wolfSSL_UseMaxFragment(void) { EXPECT_DECLS; #if defined(HAVE_MAX_FRAGMENT) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) #ifndef NO_WOLFSSL_SERVER WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()); #else WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()); #endif WOLFSSL *ssl = NULL; #ifdef OPENSSL_EXTRA int (*UseMaxFragment)(SSL *s, uint8_t mode); int (*CTX_UseMaxFragment)(SSL_CTX *c, uint8_t mode); #else int (*UseMaxFragment)(WOLFSSL *s, unsigned char mode); int (*CTX_UseMaxFragment)(WOLFSSL_CTX *c, unsigned char mode); #endif #ifndef NO_WOLFSSL_SERVER ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM)); #endif ExpectNotNull(ctx); ExpectNotNull(ssl = wolfSSL_new(ctx)); #ifdef OPENSSL_EXTRA CTX_UseMaxFragment = SSL_CTX_set_tlsext_max_fragment_length; UseMaxFragment = SSL_set_tlsext_max_fragment_length; #else UseMaxFragment = wolfSSL_UseMaxFragment; CTX_UseMaxFragment = wolfSSL_CTX_UseMaxFragment; #endif /* error cases */ ExpectIntNE(WOLFSSL_SUCCESS, CTX_UseMaxFragment(NULL, WOLFSSL_MFL_2_9)); ExpectIntNE(WOLFSSL_SUCCESS, UseMaxFragment( NULL, WOLFSSL_MFL_2_9)); ExpectIntNE(WOLFSSL_SUCCESS, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_MIN-1)); ExpectIntNE(WOLFSSL_SUCCESS, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_MAX+1)); ExpectIntNE(WOLFSSL_SUCCESS, UseMaxFragment(ssl, WOLFSSL_MFL_MIN-1)); ExpectIntNE(WOLFSSL_SUCCESS, UseMaxFragment(ssl, WOLFSSL_MFL_MAX+1)); /* success case */ #ifdef OPENSSL_EXTRA ExpectIntEQ(BAD_FUNC_ARG, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_8)); #else ExpectIntEQ(WOLFSSL_SUCCESS, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_8)); #endif ExpectIntEQ(WOLFSSL_SUCCESS, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_9)); ExpectIntEQ(WOLFSSL_SUCCESS, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_10)); ExpectIntEQ(WOLFSSL_SUCCESS, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_11)); ExpectIntEQ(WOLFSSL_SUCCESS, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_12)); #ifdef OPENSSL_EXTRA ExpectIntEQ(BAD_FUNC_ARG, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_13)); ExpectIntEQ(BAD_FUNC_ARG, UseMaxFragment( ssl, WOLFSSL_MFL_2_8)); #else ExpectIntEQ(WOLFSSL_SUCCESS, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_13)); ExpectIntEQ(WOLFSSL_SUCCESS, UseMaxFragment( ssl, WOLFSSL_MFL_2_8)); #endif ExpectIntEQ(WOLFSSL_SUCCESS, UseMaxFragment( ssl, WOLFSSL_MFL_2_9)); ExpectIntEQ(WOLFSSL_SUCCESS, UseMaxFragment( ssl, WOLFSSL_MFL_2_10)); ExpectIntEQ(WOLFSSL_SUCCESS, UseMaxFragment( ssl, WOLFSSL_MFL_2_11)); ExpectIntEQ(WOLFSSL_SUCCESS, UseMaxFragment( ssl, WOLFSSL_MFL_2_12)); #ifdef OPENSSL_EXTRA ExpectIntEQ(BAD_FUNC_ARG, UseMaxFragment( ssl, WOLFSSL_MFL_2_13)); #else ExpectIntEQ(WOLFSSL_SUCCESS, UseMaxFragment( ssl, WOLFSSL_MFL_2_13)); #endif wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ #endif return EXPECT_RESULT(); } static int test_wolfSSL_UseTruncatedHMAC(void) { EXPECT_DECLS; #if defined(HAVE_TRUNCATED_HMAC) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) #ifndef NO_WOLFSSL_SERVER WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()); #else WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()); #endif WOLFSSL *ssl = NULL; ExpectNotNull(ctx); #ifndef NO_WOLFSSL_SERVER ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM)); #endif ExpectNotNull(ssl = wolfSSL_new(ctx)); /* error cases */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_UseTruncatedHMAC(NULL)); ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseTruncatedHMAC(NULL)); /* success case */ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseTruncatedHMAC(ctx)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseTruncatedHMAC(ssl)); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ #endif return EXPECT_RESULT(); } static int test_wolfSSL_UseSupportedCurve(void) { EXPECT_DECLS; #if defined(HAVE_SUPPORTED_CURVES) && !defined(NO_WOLFSSL_CLIENT) && \ !defined(NO_TLS) WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()); WOLFSSL *ssl = wolfSSL_new(ctx); ExpectNotNull(ctx); ExpectNotNull(ssl); /* error cases */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSupportedCurve(NULL, WOLFSSL_ECC_SECP256R1)); ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSupportedCurve(ctx, 0)); ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseSupportedCurve(NULL, WOLFSSL_ECC_SECP256R1)); ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseSupportedCurve(ssl, 0)); /* success case */ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_SECP256R1)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_SECP256R1)); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } #if defined(HAVE_ALPN) && defined(HAVE_IO_TESTS_DEPENDENCIES) static void verify_ALPN_FATAL_ERROR_on_client(WOLFSSL* ssl) { AssertIntEQ(UNKNOWN_ALPN_PROTOCOL_NAME_E, wolfSSL_get_error(ssl, 0)); } static void use_ALPN_all(WOLFSSL* ssl) { /* http/1.1,spdy/1,spdy/2,spdy/3 */ char alpn_list[] = {0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31, 0x2c, 0x73, 0x70, 0x64, 0x79, 0x2f, 0x31, 0x2c, 0x73, 0x70, 0x64, 0x79, 0x2f, 0x32, 0x2c, 0x73, 0x70, 0x64, 0x79, 0x2f, 0x33}; AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, alpn_list, sizeof(alpn_list), WOLFSSL_ALPN_FAILED_ON_MISMATCH)); } static void use_ALPN_all_continue(WOLFSSL* ssl) { /* http/1.1,spdy/1,spdy/2,spdy/3 */ char alpn_list[] = {0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31, 0x2c, 0x73, 0x70, 0x64, 0x79, 0x2f, 0x31, 0x2c, 0x73, 0x70, 0x64, 0x79, 0x2f, 0x32, 0x2c, 0x73, 0x70, 0x64, 0x79, 0x2f, 0x33}; AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, alpn_list, sizeof(alpn_list), WOLFSSL_ALPN_CONTINUE_ON_MISMATCH)); } static void use_ALPN_one(WOLFSSL* ssl) { /* spdy/2 */ char proto[] = {0x73, 0x70, 0x64, 0x79, 0x2f, 0x32}; AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, proto, sizeof(proto), WOLFSSL_ALPN_FAILED_ON_MISMATCH)); } static void use_ALPN_unknown(WOLFSSL* ssl) { /* http/2.0 */ char proto[] = {0x68, 0x74, 0x74, 0x70, 0x2f, 0x32, 0x2e, 0x30}; AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, proto, sizeof(proto), WOLFSSL_ALPN_FAILED_ON_MISMATCH)); } static void use_ALPN_unknown_continue(WOLFSSL* ssl) { /* http/2.0 */ char proto[] = {0x68, 0x74, 0x74, 0x70, 0x2f, 0x32, 0x2e, 0x30}; AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, proto, sizeof(proto), WOLFSSL_ALPN_CONTINUE_ON_MISMATCH)); } static void verify_ALPN_not_matching_spdy3(WOLFSSL* ssl) { /* spdy/3 */ char nego_proto[] = {0x73, 0x70, 0x64, 0x79, 0x2f, 0x33}; char *proto = NULL; word16 protoSz = 0; AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_ALPN_GetProtocol(ssl, &proto, &protoSz)); /* check value */ AssertIntNE(1, sizeof(nego_proto) == protoSz); if (proto) { AssertIntNE(0, XMEMCMP(nego_proto, proto, sizeof(nego_proto))); } } static void verify_ALPN_not_matching_continue(WOLFSSL* ssl) { char *proto = NULL; word16 protoSz = 0; AssertIntEQ(WOLFSSL_ALPN_NOT_FOUND, wolfSSL_ALPN_GetProtocol(ssl, &proto, &protoSz)); /* check value */ AssertIntEQ(1, (0 == protoSz)); AssertIntEQ(1, (NULL == proto)); } static void verify_ALPN_matching_http1(WOLFSSL* ssl) { /* http/1.1 */ char nego_proto[] = {0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31}; char *proto; word16 protoSz = 0; AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_ALPN_GetProtocol(ssl, &proto, &protoSz)); /* check value */ AssertIntEQ(1, sizeof(nego_proto) == protoSz); AssertIntEQ(0, XMEMCMP(nego_proto, proto, protoSz)); } static void verify_ALPN_matching_spdy2(WOLFSSL* ssl) { /* spdy/2 */ char nego_proto[] = {0x73, 0x70, 0x64, 0x79, 0x2f, 0x32}; char *proto; word16 protoSz = 0; AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_ALPN_GetProtocol(ssl, &proto, &protoSz)); /* check value */ AssertIntEQ(1, sizeof(nego_proto) == protoSz); AssertIntEQ(0, XMEMCMP(nego_proto, proto, protoSz)); } static void verify_ALPN_client_list(WOLFSSL* ssl) { /* http/1.1,spdy/1,spdy/2,spdy/3 */ char alpn_list[] = {0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31, 0x2c, 0x73, 0x70, 0x64, 0x79, 0x2f, 0x31, 0x2c, 0x73, 0x70, 0x64, 0x79, 0x2f, 0x32, 0x2c, 0x73, 0x70, 0x64, 0x79, 0x2f, 0x33}; char *clist = NULL; word16 clistSz = 0; AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_ALPN_GetPeerProtocol(ssl, &clist, &clistSz)); /* check value */ AssertIntEQ(1, sizeof(alpn_list) == clistSz); AssertIntEQ(0, XMEMCMP(alpn_list, clist, clistSz)); AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_ALPN_FreePeerProtocol(ssl, &clist)); } #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \ defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY) /* ALPN select callback, success with spdy/2 */ static int select_ALPN_spdy2(WOLFSSL *ssl, const unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg) { /* spdy/2 */ const char proto[] = {0x73, 0x70, 0x64, 0x79, 0x2f, 0x32}; (void)ssl; (void)arg; /* adding +1 since LEN byte comes first */ if (inlen < sizeof(proto) + 1) { return SSL_TLSEXT_ERR_ALERT_FATAL; } if (XMEMCMP(in + 1, proto, sizeof(proto)) == 0) { *out = in + 1; *outlen = (unsigned char)sizeof(proto); return SSL_TLSEXT_ERR_OK; } return SSL_TLSEXT_ERR_ALERT_FATAL; } /* ALPN select callback, force failure */ static int select_ALPN_failure(WOLFSSL *ssl, const unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg) { (void)ssl; (void)out; (void)outlen; (void)in; (void)inlen; (void)arg; return SSL_TLSEXT_ERR_ALERT_FATAL; } static void use_ALPN_spdy2_callback(WOLFSSL* ssl) { wolfSSL_set_alpn_select_cb(ssl, select_ALPN_spdy2, NULL); } static void use_ALPN_failure_callback(WOLFSSL* ssl) { wolfSSL_set_alpn_select_cb(ssl, select_ALPN_failure, NULL); } #endif /* OPENSSL_ALL | NGINX | HAPROXY | LIGHTY | QUIC */ static int test_wolfSSL_UseALPN_connection(void) { int res = TEST_SKIPPED; #if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) callback_functions client_cb; callback_functions server_cb; XMEMSET(&client_cb, 0, sizeof(callback_functions)); XMEMSET(&server_cb, 0, sizeof(callback_functions)); client_cb.method = wolfSSLv23_client_method; server_cb.method = wolfSSLv23_server_method; client_cb.devId = testDevId; server_cb.devId = testDevId; /* success case same list */ client_cb.ctx_ready = NULL; client_cb.ssl_ready = use_ALPN_all; client_cb.on_result = NULL; server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_ALPN_all; server_cb.on_result = verify_ALPN_matching_http1; test_wolfSSL_client_server(&client_cb, &server_cb); /* success case only one for server */ client_cb.ctx_ready = NULL; client_cb.ssl_ready = use_ALPN_all; client_cb.on_result = NULL; server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_ALPN_one; server_cb.on_result = verify_ALPN_matching_spdy2; test_wolfSSL_client_server(&client_cb, &server_cb); /* success case only one for client */ client_cb.ctx_ready = NULL; client_cb.ssl_ready = use_ALPN_one; client_cb.on_result = NULL; server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_ALPN_all; server_cb.on_result = verify_ALPN_matching_spdy2; test_wolfSSL_client_server(&client_cb, &server_cb); /* success case none for client */ client_cb.ctx_ready = NULL; client_cb.ssl_ready = NULL; client_cb.on_result = NULL; server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_ALPN_all; server_cb.on_result = NULL; test_wolfSSL_client_server(&client_cb, &server_cb); /* success case mismatch behavior but option 'continue' set */ client_cb.ctx_ready = NULL; client_cb.ssl_ready = use_ALPN_all_continue; client_cb.on_result = verify_ALPN_not_matching_continue; server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_ALPN_unknown_continue; server_cb.on_result = NULL; test_wolfSSL_client_server(&client_cb, &server_cb); /* success case read protocol send by client */ client_cb.ctx_ready = NULL; client_cb.ssl_ready = use_ALPN_all; client_cb.on_result = NULL; server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_ALPN_one; server_cb.on_result = verify_ALPN_client_list; test_wolfSSL_client_server(&client_cb, &server_cb); /* mismatch behavior with same list * the first and only this one must be taken */ client_cb.ctx_ready = NULL; client_cb.ssl_ready = use_ALPN_all; client_cb.on_result = NULL; server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_ALPN_all; server_cb.on_result = verify_ALPN_not_matching_spdy3; test_wolfSSL_client_server(&client_cb, &server_cb); /* default mismatch behavior */ client_cb.ctx_ready = NULL; client_cb.ssl_ready = use_ALPN_all; client_cb.on_result = NULL; server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_ALPN_unknown; server_cb.on_result = verify_ALPN_FATAL_ERROR_on_client; test_wolfSSL_client_server(&client_cb, &server_cb); #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \ defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY) /* WOLFSSL-level ALPN select callback tests */ /* Callback: success (one protocol, spdy/2) */ client_cb.ctx_ready = NULL; client_cb.ssl_ready = use_ALPN_one; client_cb.on_result = verify_ALPN_matching_spdy2; server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_ALPN_spdy2_callback; server_cb.on_result = verify_ALPN_matching_spdy2; test_wolfSSL_client_server(&client_cb, &server_cb); /* Callback: failure (one client protocol, spdy/2) */ client_cb.ctx_ready = NULL; client_cb.ssl_ready = use_ALPN_one; client_cb.on_result = NULL; server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_ALPN_failure_callback; server_cb.on_result = verify_ALPN_FATAL_ERROR_on_client; test_wolfSSL_client_server(&client_cb, &server_cb); #endif /* OPENSSL_ALL | NGINX | HAPROXY | LIGHTY */ res = TEST_RES_CHECK(1); #endif /* !NO_WOLFSSL_CLIENT && !NO_WOLFSSL_SERVER */ return res; } static int test_wolfSSL_UseALPN_params(void) { EXPECT_DECLS; #ifndef NO_WOLFSSL_CLIENT /* "http/1.1" */ char http1[] = {0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31}; /* "spdy/1" */ char spdy1[] = {0x73, 0x70, 0x64, 0x79, 0x2f, 0x31}; /* "spdy/2" */ char spdy2[] = {0x73, 0x70, 0x64, 0x79, 0x2f, 0x32}; /* "spdy/3" */ char spdy3[] = {0x73, 0x70, 0x64, 0x79, 0x2f, 0x33}; char buff[256]; word32 idx; WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()); WOLFSSL *ssl = wolfSSL_new(ctx); ExpectNotNull(ctx); ExpectNotNull(ssl); /* error cases */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseALPN(NULL, http1, sizeof(http1), WOLFSSL_ALPN_FAILED_ON_MISMATCH)); ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, NULL, 0, WOLFSSL_ALPN_FAILED_ON_MISMATCH)); /* success case */ /* http1 only */ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, http1, sizeof(http1), WOLFSSL_ALPN_FAILED_ON_MISMATCH)); /* http1, spdy1 */ XMEMCPY(buff, http1, sizeof(http1)); idx = sizeof(http1); buff[idx++] = ','; XMEMCPY(buff+idx, spdy1, sizeof(spdy1)); idx += sizeof(spdy1); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, buff, idx, WOLFSSL_ALPN_FAILED_ON_MISMATCH)); /* http1, spdy2, spdy1 */ XMEMCPY(buff, http1, sizeof(http1)); idx = sizeof(http1); buff[idx++] = ','; XMEMCPY(buff+idx, spdy2, sizeof(spdy2)); idx += sizeof(spdy2); buff[idx++] = ','; XMEMCPY(buff+idx, spdy1, sizeof(spdy1)); idx += sizeof(spdy1); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, buff, idx, WOLFSSL_ALPN_FAILED_ON_MISMATCH)); /* spdy3, http1, spdy2, spdy1 */ XMEMCPY(buff, spdy3, sizeof(spdy3)); idx = sizeof(spdy3); buff[idx++] = ','; XMEMCPY(buff+idx, http1, sizeof(http1)); idx += sizeof(http1); buff[idx++] = ','; XMEMCPY(buff+idx, spdy2, sizeof(spdy2)); idx += sizeof(spdy2); buff[idx++] = ','; XMEMCPY(buff+idx, spdy1, sizeof(spdy1)); idx += sizeof(spdy1); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, buff, idx, WOLFSSL_ALPN_CONTINUE_ON_MISMATCH)); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } #endif /* HAVE_ALPN */ #ifdef HAVE_ALPN_PROTOS_SUPPORT static void CTX_set_alpn_protos(SSL_CTX *ctx) { unsigned char p[] = { 8, 'h', 't', 't', 'p', '/', '1', '.', '1', 6, 's', 'p', 'd', 'y', '/', '2', 6, 's', 'p', 'd', 'y', '/', '1', }; unsigned char p_len = sizeof(p); int ret; ret = SSL_CTX_set_alpn_protos(ctx, p, p_len); #ifdef WOLFSSL_ERROR_CODE_OPENSSL AssertIntEQ(ret, 0); #else AssertIntEQ(ret, SSL_SUCCESS); #endif } static void set_alpn_protos(SSL* ssl) { unsigned char p[] = { 6, 's', 'p', 'd', 'y', '/', '3', 8, 'h', 't', 't', 'p', '/', '1', '.', '1', 6, 's', 'p', 'd', 'y', '/', '2', 6, 's', 'p', 'd', 'y', '/', '1', }; unsigned char p_len = sizeof(p); int ret; ret = SSL_set_alpn_protos(ssl, p, p_len); #ifdef WOLFSSL_ERROR_CODE_OPENSSL AssertIntEQ(ret, 0); #else AssertIntEQ(ret, SSL_SUCCESS); #endif } static void verify_alpn_matching_spdy3(WOLFSSL* ssl) { /* "spdy/3" */ char nego_proto[] = {0x73, 0x70, 0x64, 0x79, 0x2f, 0x33}; const unsigned char *proto; unsigned int protoSz = 0; SSL_get0_alpn_selected(ssl, &proto, &protoSz); /* check value */ AssertIntEQ(1, sizeof(nego_proto) == protoSz); AssertIntEQ(0, XMEMCMP(nego_proto, proto, protoSz)); } static void verify_alpn_matching_http1(WOLFSSL* ssl) { /* "http/1.1" */ char nego_proto[] = {0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31}; const unsigned char *proto; unsigned int protoSz = 0; SSL_get0_alpn_selected(ssl, &proto, &protoSz); /* check value */ AssertIntEQ(1, sizeof(nego_proto) == protoSz); AssertIntEQ(0, XMEMCMP(nego_proto, proto, protoSz)); } static int test_wolfSSL_set_alpn_protos(void) { int res = TEST_SKIPPED; #if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) callback_functions client_cb; callback_functions server_cb; XMEMSET(&client_cb, 0, sizeof(callback_functions)); XMEMSET(&server_cb, 0, sizeof(callback_functions)); client_cb.method = wolfSSLv23_client_method; server_cb.method = wolfSSLv23_server_method; client_cb.devId = testDevId; server_cb.devId = testDevId; /* use CTX_alpn_protos */ client_cb.ctx_ready = CTX_set_alpn_protos; client_cb.ssl_ready = NULL; client_cb.on_result = NULL; server_cb.ctx_ready = CTX_set_alpn_protos; server_cb.ssl_ready = NULL; server_cb.on_result = verify_alpn_matching_http1; test_wolfSSL_client_server(&client_cb, &server_cb); /* use set_alpn_protos */ client_cb.ctx_ready = NULL; client_cb.ssl_ready = set_alpn_protos; client_cb.on_result = NULL; server_cb.ctx_ready = NULL; server_cb.ssl_ready = set_alpn_protos; server_cb.on_result = verify_alpn_matching_spdy3; test_wolfSSL_client_server(&client_cb, &server_cb); res = TEST_SUCCESS; #endif /* !NO_WOLFSSL_CLIENT && !NO_WOLFSSL_SERVER */ return res; } #endif /* HAVE_ALPN_PROTOS_SUPPORT */ static int test_wolfSSL_DisableExtendedMasterSecret(void) { EXPECT_DECLS; #if defined(HAVE_EXTENDED_MASTER) && !defined(NO_WOLFSSL_CLIENT) WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()); WOLFSSL *ssl = wolfSSL_new(ctx); ExpectNotNull(ctx); ExpectNotNull(ssl); /* error cases */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_DisableExtendedMasterSecret(NULL)); ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_DisableExtendedMasterSecret(NULL)); /* success cases */ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_DisableExtendedMasterSecret(ctx)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_DisableExtendedMasterSecret(ssl)); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfSSL_wolfSSL_UseSecureRenegotiation(void) { EXPECT_DECLS; #if defined(HAVE_SECURE_RENEGOTIATION) && !defined(NO_WOLFSSL_CLIENT) WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()); WOLFSSL *ssl = wolfSSL_new(ctx); ExpectNotNull(ctx); ExpectNotNull(ssl); /* error cases */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSecureRenegotiation(NULL)); ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseSecureRenegotiation(NULL)); /* success cases */ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSecureRenegotiation(ctx)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseSecureRenegotiation(ssl)); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } /* Test reconnecting with a different ciphersuite after a renegotiation. */ static int test_wolfSSL_SCR_Reconnect(void) { EXPECT_DECLS; #if defined(HAVE_SECURE_RENEGOTIATION) && \ defined(BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) && \ defined(BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256) && \ defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) struct test_memio_ctx test_ctx; WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL; WOLFSSL *ssl_c = NULL, *ssl_s = NULL; byte data; XMEMSET(&test_ctx, 0, sizeof(test_ctx)); test_ctx.c_ciphers = "ECDHE-RSA-AES256-GCM-SHA384"; test_ctx.s_ciphers = "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305"; ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfTLSv1_2_client_method, wolfTLSv1_2_server_method), 0); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSecureRenegotiation(ctx_c)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSecureRenegotiation(ctx_s)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseSecureRenegotiation(ssl_c)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseSecureRenegotiation(ssl_s)); ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0); /* WOLFSSL_FATAL_ERROR since it will block */ ExpectIntEQ(wolfSSL_Rehandshake(ssl_s), WOLFSSL_FATAL_ERROR); ExpectIntEQ(wolfSSL_get_error(ssl_s, WOLFSSL_FATAL_ERROR), WOLFSSL_ERROR_WANT_READ); ExpectIntEQ(wolfSSL_read(ssl_c, &data, 1), WOLFSSL_FATAL_ERROR); ExpectIntEQ(wolfSSL_get_error(ssl_s, WOLFSSL_FATAL_ERROR), WOLFSSL_ERROR_WANT_READ); ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0); wolfSSL_free(ssl_c); ssl_c = NULL; wolfSSL_free(ssl_s); ssl_s = NULL; wolfSSL_CTX_free(ctx_c); ctx_c = NULL; test_ctx.c_ciphers = "ECDHE-RSA-CHACHA20-POLY1305"; ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfTLSv1_2_client_method, wolfTLSv1_2_server_method), 0); ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0); wolfSSL_free(ssl_s); wolfSSL_free(ssl_c); wolfSSL_CTX_free(ctx_s); wolfSSL_CTX_free(ctx_c); #endif return EXPECT_RESULT(); } #if !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_SERVER) && \ (!defined(NO_RSA) || defined(HAVE_ECC)) /* Called when writing. */ static int DummySend(WOLFSSL* ssl, char* buf, int sz, void* ctx) { (void)ssl; (void)buf; (void)sz; (void)ctx; /* Force error return from wolfSSL_accept_TLSv13(). */ return WANT_WRITE; } /* Called when reading. */ static int BufferInfoRecv(WOLFSSL* ssl, char* buf, int sz, void* ctx) { WOLFSSL_BUFFER_INFO* msg = (WOLFSSL_BUFFER_INFO*)ctx; int len = (int)msg->length; (void)ssl; (void)sz; /* Pass back as much of message as will fit in buffer. */ if (len > sz) len = sz; XMEMCPY(buf, msg->buffer, len); /* Move over returned data. */ msg->buffer += len; msg->length -= len; /* Amount actually copied. */ return len; } #endif /* Test the detection of duplicate known TLS extensions. * Specifically in a ClientHello. */ static int test_tls_ext_duplicate(void) { EXPECT_DECLS; #if !defined(NO_WOLFSSL_SERVER) && (!defined(NO_RSA) || defined(HAVE_ECC)) && \ !defined(NO_FILESYSTEM) const unsigned char clientHelloDupTlsExt[] = { 0x16, 0x03, 0x03, 0x00, 0x6a, 0x01, 0x00, 0x00, 0x66, 0x03, 0x03, 0xf4, 0x65, 0xbd, 0x22, 0xfe, 0x6e, 0xab, 0x66, 0xdd, 0xcf, 0xe9, 0x65, 0x55, 0xe8, 0xdf, 0xc3, 0x8e, 0x4b, 0x00, 0xbc, 0xf8, 0x23, 0x57, 0x1b, 0xa0, 0xc8, 0xa9, 0xe2, 0x8c, 0x91, 0x6e, 0xf9, 0x20, 0xf7, 0x5c, 0xc5, 0x5b, 0x75, 0x8c, 0x47, 0x0a, 0x0e, 0xc4, 0x1a, 0xda, 0xef, 0x75, 0xe5, 0x21, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x13, 0x01, 0x00, 0x9e, 0x01, 0x00, /* Extensions - duplicate signature algorithms. */ 0x00, 0x19, 0x00, 0x0d, 0x00, 0x04, 0x00, 0x02, 0x04, 0x01, 0x00, 0x0d, 0x00, 0x04, 0x00, 0x02, 0x04, 0x01, /* Supported Versions extension for TLS 1.3. */ 0x00, 0x2b, 0x00, 0x05, 0x04, 0x03, 0x04, 0x03, 0x03 }; WOLFSSL_BUFFER_INFO msg; const char* testCertFile; const char* testKeyFile; WOLFSSL_CTX *ctx = NULL; WOLFSSL *ssl = NULL; #ifndef NO_RSA testCertFile = svrCertFile; testKeyFile = svrKeyFile; #elif defined(HAVE_ECC) testCertFile = eccCertFile; testKeyFile = eccKeyFile; #endif ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, testCertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, testKeyFile, WOLFSSL_FILETYPE_PEM)); /* Read from 'msg'. */ wolfSSL_SetIORecv(ctx, BufferInfoRecv); /* No where to send to - dummy sender. */ wolfSSL_SetIOSend(ctx, DummySend); ssl = wolfSSL_new(ctx); ExpectNotNull(ssl); msg.buffer = (unsigned char*)clientHelloDupTlsExt; msg.length = (unsigned int)sizeof(clientHelloDupTlsExt); wolfSSL_SetIOReadCtx(ssl, &msg); ExpectIntNE(wolfSSL_accept(ssl), WOLFSSL_SUCCESS); /* can return duplicate ext error or socket error if the peer closed down * while sending alert */ if (wolfSSL_get_error(ssl, 0) != SOCKET_ERROR_E) { ExpectIntEQ(wolfSSL_get_error(ssl, 0), DUPLICATE_TLS_EXT_E); } wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } /*----------------------------------------------------------------------------* | X509 Tests *----------------------------------------------------------------------------*/ static int test_wolfSSL_X509_NAME_get_entry(void) { EXPECT_DECLS; #if !defined(NO_CERTS) && !defined(NO_RSA) #if defined(OPENSSL_ALL) || \ (defined(OPENSSL_EXTRA) && \ (defined(KEEP_PEER_CERT) || defined(SESSION_CERTS))) /* use openssl like name to test mapping */ X509_NAME_ENTRY* ne = NULL; X509_NAME* name = NULL; X509* x509 = NULL; #ifndef NO_FILESYSTEM ASN1_STRING* asn = NULL; char* subCN = NULL; #endif int idx = 0; ASN1_OBJECT *object = NULL; #if defined(WOLFSSL_APACHE_HTTPD) || defined(OPENSSL_ALL) || \ defined(WOLFSSL_NGINX) #ifndef NO_BIO BIO* bio = NULL; #endif #endif #ifndef NO_FILESYSTEM ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(name = X509_get_subject_name(x509)); ExpectIntGE(idx = X509_NAME_get_index_by_NID(name, NID_commonName, -1), 0); ExpectNotNull(ne = X509_NAME_get_entry(name, idx)); ExpectNotNull(asn = X509_NAME_ENTRY_get_data(ne)); ExpectNotNull(subCN = (char*)ASN1_STRING_data(asn)); wolfSSL_FreeX509(x509); x509 = NULL; #endif ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(name = X509_get_subject_name(x509)); ExpectIntGE(idx = X509_NAME_get_index_by_NID(name, NID_commonName, -1), 0); #if defined(WOLFSSL_APACHE_HTTPD) || defined(OPENSSL_ALL) || \ defined(WOLFSSL_NGINX) #ifndef NO_BIO ExpectNotNull(bio = BIO_new(BIO_s_mem())); ExpectIntEQ(X509_NAME_print_ex(bio, name, 4, (XN_FLAG_RFC2253 & ~XN_FLAG_DN_REV)), WOLFSSL_SUCCESS); ExpectIntEQ(X509_NAME_print_ex_fp(stderr, name, 4, (XN_FLAG_RFC2253 & ~XN_FLAG_DN_REV)), WOLFSSL_SUCCESS); BIO_free(bio); #endif #endif ExpectNotNull(ne = X509_NAME_get_entry(name, idx)); ExpectNotNull(object = X509_NAME_ENTRY_get_object(ne)); wolfSSL_FreeX509(x509); #endif /* OPENSSL_ALL || (OPENSSL_EXTRA && (KEEP_PEER_CERT || SESSION_CERTS) */ #endif /* !NO_CERTS && !NO_RSA */ return EXPECT_RESULT(); } /* Testing functions dealing with PKCS12 parsing out X509 certs */ static int test_wolfSSL_PKCS12(void) { EXPECT_DECLS; /* .p12 file is encrypted with DES3 */ #ifndef HAVE_FIPS /* Password used in cert "wolfSSL test" is only 12-bytes * (96-bit) FIPS mode requires Minimum of 14-byte (112-bit) * Password Key */ #if defined(OPENSSL_EXTRA) && !defined(NO_DES3) && !defined(NO_FILESYSTEM) && \ !defined(NO_STDIO_FILESYSTEM) && \ !defined(NO_ASN) && !defined(NO_PWDBASED) && !defined(NO_RSA) && \ !defined(NO_SHA) && defined(HAVE_PKCS12) && !defined(NO_BIO) byte buf[6000]; char file[] = "./certs/test-servercert.p12"; char order[] = "./certs/ecc-rsa-server.p12"; #ifdef WC_RC2 char rc2p12[] = "./certs/test-servercert-rc2.p12"; #endif char pass[] = "a password"; const char goodPsw[] = "wolfSSL test"; const char badPsw[] = "bad"; #ifdef HAVE_ECC WOLFSSL_X509_NAME *subject = NULL; WOLFSSL_X509 *x509 = NULL; #endif XFILE f = XBADFILE; int bytes = 0, ret = 0, goodPswLen = 0, badPswLen = 0; WOLFSSL_BIO *bio = NULL; WOLFSSL_EVP_PKEY *pkey = NULL; WC_PKCS12 *pkcs12 = NULL; WC_PKCS12 *pkcs12_2 = NULL; WOLFSSL_X509 *cert = NULL; WOLFSSL_X509 *tmp = NULL; WOLF_STACK_OF(WOLFSSL_X509) *ca = NULL; #if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO) || defined(WOLFSSL_HAPROXY) \ || defined(WOLFSSL_NGINX)) && defined(SESSION_CERTS) WOLFSSL_CTX *ctx = NULL; WOLFSSL *ssl = NULL; WOLF_STACK_OF(WOLFSSL_X509) *tmp_ca = NULL; #endif ExpectTrue((f = XFOPEN(file, "rb")) != XBADFILE); ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } goodPswLen = (int)XSTRLEN(goodPsw); badPswLen = (int)XSTRLEN(badPsw); ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem())); ExpectIntEQ(BIO_write(bio, buf, bytes), bytes); /* d2i consumes BIO */ ExpectNotNull(d2i_PKCS12_bio(bio, &pkcs12)); ExpectNotNull(pkcs12); BIO_free(bio); bio = NULL; /* check verify MAC directly */ ExpectIntEQ(ret = PKCS12_verify_mac(pkcs12, goodPsw, goodPswLen), 1); /* check verify MAC fail case directly */ ExpectIntEQ(ret = PKCS12_verify_mac(pkcs12, badPsw, badPswLen), 0); /* check verify MAC fail case */ ExpectIntEQ(ret = PKCS12_parse(pkcs12, "bad", &pkey, &cert, NULL), 0); ExpectNull(pkey); ExpectNull(cert); /* check parse with no extra certs kept */ ExpectIntEQ(ret = PKCS12_parse(pkcs12, "wolfSSL test", &pkey, &cert, NULL), 1); ExpectNotNull(pkey); ExpectNotNull(cert); wolfSSL_EVP_PKEY_free(pkey); pkey = NULL; wolfSSL_X509_free(cert); cert = NULL; /* check parse with extra certs kept */ ExpectIntEQ(ret = PKCS12_parse(pkcs12, "wolfSSL test", &pkey, &cert, &ca), 1); ExpectNotNull(pkey); ExpectNotNull(cert); ExpectNotNull(ca); #if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO) || defined(WOLFSSL_HAPROXY) \ || defined(WOLFSSL_NGINX)) && defined(SESSION_CERTS) /* Check that SSL_CTX_set0_chain correctly sets the certChain buffer */ #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) #if !defined(NO_WOLFSSL_CLIENT) && defined(SESSION_CERTS) ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); #endif /* Copy stack structure */ ExpectNotNull(tmp_ca = X509_chain_up_ref(ca)); ExpectIntEQ(SSL_CTX_set0_chain(ctx, tmp_ca), 1); /* CTX now owns the tmp_ca stack structure */ tmp_ca = NULL; ExpectIntEQ(wolfSSL_CTX_get_extra_chain_certs(ctx, &tmp_ca), 1); ExpectNotNull(tmp_ca); ExpectIntEQ(sk_X509_num(tmp_ca), sk_X509_num(ca)); /* Check that the main cert is also set */ ExpectNotNull(SSL_CTX_get0_certificate(ctx)); ExpectNotNull(ssl = SSL_new(ctx)); ExpectNotNull(SSL_get_certificate(ssl)); SSL_free(ssl); SSL_CTX_free(ctx); ctx = NULL; #endif #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ /* should be 2 other certs on stack */ ExpectNotNull(tmp = sk_X509_pop(ca)); X509_free(tmp); ExpectNotNull(tmp = sk_X509_pop(ca)); X509_free(tmp); ExpectNull(sk_X509_pop(ca)); EVP_PKEY_free(pkey); pkey = NULL; X509_free(cert); cert = NULL; sk_X509_pop_free(ca, X509_free); ca = NULL; /* check PKCS12_create */ ExpectNull(PKCS12_create(pass, NULL, NULL, NULL, NULL, -1, -1, -1, -1,0)); ExpectIntEQ(PKCS12_parse(pkcs12, "wolfSSL test", &pkey, &cert, &ca), SSL_SUCCESS); ExpectNotNull((pkcs12_2 = PKCS12_create(pass, NULL, pkey, cert, ca, -1, -1, 100, -1, 0))); EVP_PKEY_free(pkey); pkey = NULL; X509_free(cert); cert = NULL; sk_X509_pop_free(ca, NULL); ca = NULL; ExpectIntEQ(PKCS12_parse(pkcs12_2, "a password", &pkey, &cert, &ca), SSL_SUCCESS); PKCS12_free(pkcs12_2); pkcs12_2 = NULL; ExpectNotNull((pkcs12_2 = PKCS12_create(pass, NULL, pkey, cert, ca, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, 2000, 1, 0))); EVP_PKEY_free(pkey); pkey = NULL; X509_free(cert); cert = NULL; sk_X509_pop_free(ca, NULL); ca = NULL; /* convert to DER then back and parse */ ExpectNotNull(bio = BIO_new(BIO_s_mem())); ExpectIntEQ(i2d_PKCS12_bio(bio, pkcs12_2), SSL_SUCCESS); PKCS12_free(pkcs12_2); pkcs12_2 = NULL; ExpectNotNull(pkcs12_2 = d2i_PKCS12_bio(bio, NULL)); BIO_free(bio); bio = NULL; ExpectIntEQ(PKCS12_parse(pkcs12_2, "a password", &pkey, &cert, &ca), SSL_SUCCESS); /* should be 2 other certs on stack */ ExpectNotNull(tmp = sk_X509_pop(ca)); X509_free(tmp); ExpectNotNull(tmp = sk_X509_pop(ca)); X509_free(tmp); ExpectNull(sk_X509_pop(ca)); #ifndef NO_RC4 PKCS12_free(pkcs12_2); pkcs12_2 = NULL; ExpectNotNull((pkcs12_2 = PKCS12_create(pass, NULL, pkey, cert, NULL, NID_pbe_WithSHA1And128BitRC4, NID_pbe_WithSHA1And128BitRC4, 2000, 1, 0))); EVP_PKEY_free(pkey); pkey = NULL; X509_free(cert); cert = NULL; sk_X509_pop_free(ca, NULL); ca = NULL; ExpectIntEQ(PKCS12_parse(pkcs12_2, "a password", &pkey, &cert, &ca), SSL_SUCCESS); #endif /* NO_RC4 */ EVP_PKEY_free(pkey); pkey = NULL; X509_free(cert); cert = NULL; PKCS12_free(pkcs12); pkcs12 = NULL; PKCS12_free(pkcs12_2); pkcs12_2 = NULL; sk_X509_pop_free(ca, NULL); ca = NULL; #ifdef HAVE_ECC /* test order of parsing */ ExpectTrue((f = XFOPEN(order, "rb")) != XBADFILE); ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } ExpectNotNull(bio = BIO_new_mem_buf((void*)buf, bytes)); ExpectNotNull(pkcs12 = d2i_PKCS12_bio(bio, NULL)); ExpectIntEQ((ret = PKCS12_parse(pkcs12, "", &pkey, &cert, &ca)), WOLFSSL_SUCCESS); /* check use of pkey after parse */ #if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO) || defined(WOLFSSL_HAPROXY) \ || defined(WOLFSSL_NGINX)) && defined(SESSION_CERTS) #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) #if !defined(NO_WOLFSSL_CLIENT) && defined(SESSION_CERTS) ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); #endif ExpectIntEQ(SSL_CTX_use_PrivateKey(ctx, pkey), WOLFSSL_SUCCESS); SSL_CTX_free(ctx); #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ #endif ExpectNotNull(pkey); ExpectNotNull(cert); ExpectNotNull(ca); /* compare subject lines of certificates */ ExpectNotNull(subject = wolfSSL_X509_get_subject_name(cert)); ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(eccRsaCertFile, SSL_FILETYPE_PEM)); ExpectIntEQ(wolfSSL_X509_NAME_cmp((const WOLFSSL_X509_NAME*)subject, (const WOLFSSL_X509_NAME*)wolfSSL_X509_get_subject_name(x509)), 0); X509_free(x509); x509 = NULL; /* test expected fail case */ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(eccCertFile, SSL_FILETYPE_PEM)); ExpectIntNE(wolfSSL_X509_NAME_cmp((const WOLFSSL_X509_NAME*)subject, (const WOLFSSL_X509_NAME*)wolfSSL_X509_get_subject_name(x509)), 0); X509_free(x509); x509 = NULL; X509_free(cert); cert = NULL; /* get subject line from ca stack */ ExpectNotNull(cert = sk_X509_pop(ca)); ExpectNotNull(subject = wolfSSL_X509_get_subject_name(cert)); /* compare subject from certificate in ca to expected */ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(eccCertFile, SSL_FILETYPE_PEM)); ExpectIntEQ(wolfSSL_X509_NAME_cmp((const WOLFSSL_X509_NAME*)subject, (const WOLFSSL_X509_NAME*)wolfSSL_X509_get_subject_name(x509)), 0); EVP_PKEY_free(pkey); pkey = NULL; X509_free(x509); x509 = NULL; X509_free(cert); cert = NULL; BIO_free(bio); bio = NULL; PKCS12_free(pkcs12); pkcs12 = NULL; sk_X509_pop_free(ca, NULL); /* TEST d2i_PKCS12_fp */ ca = NULL; /* test order of parsing */ ExpectTrue((f = XFOPEN(file, "rb")) != XBADFILE); ExpectNotNull(pkcs12 = d2i_PKCS12_fp(f, NULL)); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } /* check verify MAC fail case */ ExpectIntEQ(ret = PKCS12_parse(pkcs12, "bad", &pkey, &cert, NULL), 0); ExpectNull(pkey); ExpectNull(cert); /* check parse with no extra certs kept */ ExpectIntEQ(ret = PKCS12_parse(pkcs12, "wolfSSL test", &pkey, &cert, NULL), 1); ExpectNotNull(pkey); ExpectNotNull(cert); wolfSSL_EVP_PKEY_free(pkey); pkey = NULL; wolfSSL_X509_free(cert); cert = NULL; /* check parse with extra certs kept */ ExpectIntEQ(ret = PKCS12_parse(pkcs12, "wolfSSL test", &pkey, &cert, &ca), 1); ExpectNotNull(pkey); ExpectNotNull(cert); ExpectNotNull(ca); wolfSSL_EVP_PKEY_free(pkey); pkey = NULL; wolfSSL_X509_free(cert); cert = NULL; sk_X509_pop_free(ca, NULL); ca = NULL; PKCS12_free(pkcs12); pkcs12 = NULL; #endif /* HAVE_ECC */ #ifdef WC_RC2 /* test PKCS#12 with RC2 encryption */ ExpectTrue((f = XFOPEN(rc2p12, "rb")) != XBADFILE); ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } ExpectNotNull(bio = BIO_new_mem_buf((void*)buf, bytes)); ExpectNotNull(pkcs12 = d2i_PKCS12_bio(bio, NULL)); /* check verify MAC fail case */ ExpectIntEQ(ret = PKCS12_parse(pkcs12, "bad", &pkey, &cert, NULL), 0); ExpectNull(pkey); ExpectNull(cert); /* check parse with not extra certs kept */ ExpectIntEQ(ret = PKCS12_parse(pkcs12, "wolfSSL test", &pkey, &cert, NULL), WOLFSSL_SUCCESS); ExpectNotNull(pkey); ExpectNotNull(cert); wolfSSL_EVP_PKEY_free(pkey); pkey = NULL; wolfSSL_X509_free(cert); cert = NULL; /* check parse with extra certs kept */ ExpectIntEQ(ret = PKCS12_parse(pkcs12, "wolfSSL test", &pkey, &cert, &ca), WOLFSSL_SUCCESS); ExpectNotNull(pkey); ExpectNotNull(cert); ExpectNotNull(ca); wolfSSL_EVP_PKEY_free(pkey); wolfSSL_X509_free(cert); sk_X509_pop_free(ca, NULL); BIO_free(bio); bio = NULL; PKCS12_free(pkcs12); pkcs12 = NULL; #endif /* WC_RC2 */ /* Test i2d_PKCS12_bio */ ExpectTrue((f = XFOPEN(file, "rb")) != XBADFILE); ExpectNotNull(pkcs12 = d2i_PKCS12_fp(f, NULL)); if (f != XBADFILE) XFCLOSE(f); ExpectNotNull(bio = BIO_new(BIO_s_mem())); ExpectIntEQ(ret = i2d_PKCS12_bio(bio, pkcs12), 1); ExpectIntEQ(ret = i2d_PKCS12_bio(NULL, pkcs12), 0); ExpectIntEQ(ret = i2d_PKCS12_bio(bio, NULL), 0); PKCS12_free(pkcs12); BIO_free(bio); (void)order; #endif /* OPENSSL_EXTRA */ #endif /* HAVE_FIPS */ return EXPECT_RESULT(); } #if !defined(NO_FILESYSTEM) && !defined(NO_ASN) && defined(HAVE_PKCS8) && \ defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_DES3) && !defined(NO_PWDBASED) && \ (!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(NO_MD5) #define TEST_PKCS8_ENC #endif #if !defined(NO_FILESYSTEM) && !defined(NO_ASN) && defined(HAVE_PKCS8) \ && defined(HAVE_ECC) && defined(WOLFSSL_ENCRYPTED_KEYS) /* used to keep track if FailTestCallback was called */ static int failTestCallbackCalled = 0; static WC_INLINE int FailTestCallBack(char* passwd, int sz, int rw, void* userdata) { (void)passwd; (void)sz; (void)rw; (void)userdata; /* mark called, test_wolfSSL_no_password_cb() will check and fail if set */ failTestCallbackCalled = 1; return -1; } #endif static int test_wolfSSL_no_password_cb(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_ASN) && defined(HAVE_PKCS8) \ && defined(HAVE_ECC) && defined(WOLFSSL_ENCRYPTED_KEYS) WOLFSSL_CTX* ctx = NULL; byte buff[FOURK_BUF]; const char eccPkcs8PrivKeyDerFile[] = "./certs/ecc-privkeyPkcs8.der"; const char eccPkcs8PrivKeyPemFile[] = "./certs/ecc-privkeyPkcs8.pem"; XFILE f = XBADFILE; int bytes = 0; #ifndef NO_WOLFSSL_CLIENT ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLS_client_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLS_server_method())); #endif wolfSSL_CTX_set_default_passwd_cb(ctx, FailTestCallBack); ExpectTrue((f = XFOPEN(eccPkcs8PrivKeyDerFile, "rb")) != XBADFILE); ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } ExpectIntLE(bytes, sizeof(buff)); ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); ExpectTrue((f = XFOPEN(eccPkcs8PrivKeyPemFile, "rb")) != XBADFILE); ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0); if (f != XBADFILE) XFCLOSE(f); ExpectIntLE(bytes, sizeof(buff)); ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); wolfSSL_CTX_free(ctx); /* Password callback should not be called by default */ ExpectIntEQ(failTestCallbackCalled, 0); #endif return EXPECT_RESULT(); } #ifdef TEST_PKCS8_ENC /* for PKCS8 test case */ static int PKCS8TestCallBack(char* passwd, int sz, int rw, void* userdata) { int flag = 0; (void)rw; if (userdata != NULL) { flag = *((int*)userdata); /* user set data */ } switch (flag) { case 1: /* flag set for specific WOLFSSL_CTX structure, note userdata * can be anything the user wishes to be passed to the callback * associated with the WOLFSSL_CTX */ XSTRNCPY(passwd, "yassl123", sz); return 8; default: return BAD_FUNC_ARG; } } #endif /* TEST_PKCS8_ENC */ /* Testing functions dealing with PKCS8 */ static int test_wolfSSL_PKCS8(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_ASN) && defined(HAVE_PKCS8) && \ !defined(WOLFCRYPT_ONLY) #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) byte buff[FOURK_BUF]; byte der[FOURK_BUF]; #ifndef NO_RSA const char serverKeyPkcs8PemFile[] = "./certs/server-keyPkcs8.pem"; const char serverKeyPkcs8DerFile[] = "./certs/server-keyPkcs8.der"; #endif const char eccPkcs8PrivKeyPemFile[] = "./certs/ecc-privkeyPkcs8.pem"; #ifdef HAVE_ECC const char eccPkcs8PrivKeyDerFile[] = "./certs/ecc-privkeyPkcs8.der"; #endif XFILE f = XBADFILE; int bytes = 0; WOLFSSL_CTX* ctx = NULL; #if defined(HAVE_ECC) && !defined(NO_CODING) int ret; ecc_key key; word32 x = 0; #endif #ifdef TEST_PKCS8_ENC #if !defined(NO_RSA) && !defined(NO_SHA) const char serverKeyPkcs8EncPemFile[] = "./certs/server-keyPkcs8Enc.pem"; const char serverKeyPkcs8EncDerFile[] = "./certs/server-keyPkcs8Enc.der"; #endif #if defined(HAVE_ECC) && !defined(NO_SHA) const char eccPkcs8EncPrivKeyPemFile[] = "./certs/ecc-keyPkcs8Enc.pem"; const char eccPkcs8EncPrivKeyDerFile[] = "./certs/ecc-keyPkcs8Enc.der"; #endif int flag; #endif (void)der; #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method())); #endif #else #ifndef WOLFSSL_NO_TLS12 ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method())); #endif #endif #ifdef TEST_PKCS8_ENC wolfSSL_CTX_set_default_passwd_cb(ctx, PKCS8TestCallBack); wolfSSL_CTX_set_default_passwd_cb_userdata(ctx, (void*)&flag); flag = 1; /* used by password callback as return code */ #if !defined(NO_RSA) && !defined(NO_SHA) /* test loading PEM PKCS8 encrypted file */ ExpectTrue((f = XFOPEN(serverKeyPkcs8EncPemFile, "rb")) != XBADFILE); ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); /* this next case should fail because of password callback return code */ flag = 0; /* used by password callback as return code */ ExpectIntNE(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); /* decrypt PKCS8 PEM to key in DER format with not using WOLFSSL_CTX */ ExpectIntGT(wc_KeyPemToDer(buff, bytes, der, (word32)sizeof(der), "yassl123"), 0); /* test that error value is returned with a bad password */ ExpectIntLT(wc_KeyPemToDer(buff, bytes, der, (word32)sizeof(der), "bad"), 0); /* test loading PEM PKCS8 encrypted file */ ExpectTrue((f = XFOPEN(serverKeyPkcs8EncDerFile, "rb")) != XBADFILE); ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } flag = 1; /* used by password callback as return code */ ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); /* this next case should fail because of password callback return code */ flag = 0; /* used by password callback as return code */ ExpectIntNE(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); #endif /* !NO_RSA && !NO_SHA */ #if defined(HAVE_ECC) && !defined(NO_SHA) /* test loading PEM PKCS8 encrypted ECC Key file */ ExpectTrue((f = XFOPEN(eccPkcs8EncPrivKeyPemFile, "rb")) != XBADFILE); ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } flag = 1; /* used by password callback as return code */ ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); /* this next case should fail because of password callback return code */ flag = 0; /* used by password callback as return code */ ExpectIntNE(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); /* decrypt PKCS8 PEM to key in DER format with not using WOLFSSL_CTX */ ExpectIntGT(wc_KeyPemToDer(buff, bytes, der, (word32)sizeof(der), "yassl123"), 0); /* test that error value is returned with a bad password */ ExpectIntLT(wc_KeyPemToDer(buff, bytes, der, (word32)sizeof(der), "bad"), 0); /* test loading DER PKCS8 encrypted ECC Key file */ ExpectTrue((f = XFOPEN(eccPkcs8EncPrivKeyDerFile, "rb")) != XBADFILE); ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } flag = 1; /* used by password callback as return code */ ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); /* this next case should fail because of password callback return code */ flag = 0; /* used by password callback as return code */ ExpectIntNE(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); /* leave flag as "okay" */ flag = 1; #endif /* HAVE_ECC && !NO_SHA */ #endif /* TEST_PKCS8_ENC */ #ifndef NO_RSA /* test loading ASN.1 (DER) PKCS8 private key file (not encrypted) */ ExpectTrue((f = XFOPEN(serverKeyPkcs8DerFile, "rb")) != XBADFILE); ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); /* test loading PEM PKCS8 private key file (not encrypted) */ ExpectTrue((f = XFOPEN(serverKeyPkcs8PemFile, "rb")) != XBADFILE); ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); #endif /* !NO_RSA */ /* Test PKCS8 PEM ECC key no crypt */ ExpectTrue((f = XFOPEN(eccPkcs8PrivKeyPemFile, "rb")) != XBADFILE); ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } #ifdef HAVE_ECC /* Test PKCS8 PEM ECC key no crypt */ ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); #ifndef NO_CODING /* decrypt PKCS8 PEM to key in DER format */ ExpectIntGT((bytes = wc_KeyPemToDer(buff, bytes, der, (word32)sizeof(der), NULL)), 0); ret = wc_ecc_init(&key); if (ret == 0) { ret = wc_EccPrivateKeyDecode(der, &x, &key, bytes); wc_ecc_free(&key); } ExpectIntEQ(ret, 0); #endif /* Test PKCS8 DER ECC key no crypt */ ExpectTrue((f = XFOPEN(eccPkcs8PrivKeyDerFile, "rb")) != XBADFILE); ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0); if (f != XBADFILE) XFCLOSE(f); /* Test using a PKCS8 ECC PEM */ ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); #else /* if HAVE_ECC is not defined then BEGIN EC PRIVATE KEY is not found */ ExpectIntEQ((bytes = wc_KeyPemToDer(buff, bytes, der, (word32)sizeof(der), NULL)), ASN_NO_PEM_HEADER); #endif /* HAVE_ECC */ wolfSSL_CTX_free(ctx); #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ #endif /* !NO_FILESYSTEM && !NO_ASN && HAVE_PKCS8 */ return EXPECT_RESULT(); } static int test_wolfSSL_PKCS8_ED25519(void) { EXPECT_DECLS; #if !defined(NO_ASN) && defined(HAVE_PKCS8) && defined(HAVE_AES_CBC) && \ defined(WOLFSSL_ENCRYPTED_KEYS) && defined(HAVE_ED25519) && \ defined(HAVE_ED25519_KEY_IMPORT) const byte encPrivKey[] = \ "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" "MIGbMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAheCGLmWGh7+AICCAAw\n" "DAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEC4L5P6GappsTyhOOoQfvh8EQJMX\n" "OAdlsYKCOcFo4djg6AI1lRdeBRwVFWkha7gBdoCJOzS8wDvTbYcJMPvANu5ft3nl\n" "2L9W4v7swXkV+X+a1ww=\n" "-----END ENCRYPTED PRIVATE KEY-----\n"; const char password[] = "abcdefghijklmnopqrstuvwxyz"; byte der[FOURK_BUF]; WOLFSSL_CTX* ctx = NULL; int bytes; XMEMSET(der, 0, sizeof(der)); ExpectIntGT((bytes = wc_KeyPemToDer(encPrivKey, sizeof(encPrivKey), der, (word32)sizeof(der), password)), 0); #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); #endif ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, der, bytes, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); wolfSSL_CTX_free(ctx); #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ #endif return EXPECT_RESULT(); } static int test_wolfSSL_PKCS8_ED448(void) { EXPECT_DECLS; #if !defined(NO_ASN) && defined(HAVE_PKCS8) && defined(HAVE_AES_CBC) && \ defined(WOLFSSL_ENCRYPTED_KEYS) && defined(HAVE_ED448) && \ defined(HAVE_ED448_KEY_IMPORT) const byte encPrivKey[] = \ "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" "MIGrMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAjSbZKnG4EPggICCAAw\n" "DAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEFvCFWBBHBlJBsYleBJlJWcEUNC7\n" "Tf5pZviT5Btar4D/MNg6BsQHSDf5KW4ix871EsgDY2Zz+euaoWspiMntz7gU+PQu\n" "T/JJcbD2Ly8BbE3l5WHMifAQqNLxJBfXrHkfYtAo\n" "-----END ENCRYPTED PRIVATE KEY-----\n"; const char password[] = "abcdefghijklmnopqrstuvwxyz"; byte der[FOURK_BUF]; WOLFSSL_CTX* ctx = NULL; int bytes; XMEMSET(der, 0, sizeof(der)); ExpectIntGT((bytes = wc_KeyPemToDer(encPrivKey, sizeof(encPrivKey), der, (word32)sizeof(der), password)), 0); #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); #endif ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, der, bytes, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); wolfSSL_CTX_free(ctx); #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ #endif return EXPECT_RESULT(); } /* Testing functions dealing with PKCS5 */ static int test_wolfSSL_PKCS5(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_SHA) && !defined(NO_PWDBASED) #ifdef HAVE_FIPS /* Password minimum length is 14 (112-bit) in FIPS MODE */ const char* passwd = "myfipsPa$$W0rd"; #else const char *passwd = "pass1234"; #endif const unsigned char *salt = (unsigned char *)"salt1234"; unsigned char *out = (unsigned char *)XMALLOC(WC_SHA_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); int ret = 0; ExpectNotNull(out); ExpectIntEQ(ret = PKCS5_PBKDF2_HMAC_SHA1(passwd,(int)XSTRLEN(passwd), salt, (int)XSTRLEN((const char *) salt), 10, WC_SHA_DIGEST_SIZE,out), WOLFSSL_SUCCESS); #ifdef WOLFSSL_SHA512 ExpectIntEQ(ret = PKCS5_PBKDF2_HMAC(passwd,(int)XSTRLEN(passwd), salt, (int)XSTRLEN((const char *) salt), 10, wolfSSL_EVP_sha512(), WC_SHA_DIGEST_SIZE, out), SSL_SUCCESS); #endif XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER); #endif /* defined(OPENSSL_EXTRA) && !defined(NO_SHA) */ return EXPECT_RESULT(); } /* test parsing URI from certificate */ static int test_wolfSSL_URI(void) { EXPECT_DECLS; #if !defined(NO_CERTS) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) \ && (defined(KEEP_PEER_CERT) || defined(SESSION_CERTS) || \ defined(OPENSSL_EXTRA)) WOLFSSL_X509* x509 = NULL; const char uri[] = "./certs/client-uri-cert.pem"; const char urn[] = "./certs/client-absolute-urn.pem"; const char badUri[] = "./certs/client-relative-uri.pem"; ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(uri, WOLFSSL_FILETYPE_PEM)); wolfSSL_FreeX509(x509); x509 = NULL; ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(urn, WOLFSSL_FILETYPE_PEM)); wolfSSL_FreeX509(x509); x509 = NULL; #if !defined(IGNORE_NAME_CONSTRAINTS) && !defined(WOLFSSL_NO_ASN_STRICT) \ && !defined(WOLFSSL_FPKI) ExpectNull(x509 = wolfSSL_X509_load_certificate_file(badUri, WOLFSSL_FILETYPE_PEM)); #else ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(badUri, WOLFSSL_FILETYPE_PEM)); #endif wolfSSL_FreeX509(x509); #endif return EXPECT_RESULT(); } static int test_wolfSSL_TBS(void) { EXPECT_DECLS; #if !defined(NO_CERTS) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) \ && defined(OPENSSL_EXTRA) WOLFSSL_X509* x509 = NULL; const unsigned char* tbs; int tbsSz; ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(caCertFile, WOLFSSL_FILETYPE_PEM)); ExpectNull(tbs = wolfSSL_X509_get_tbs(NULL, &tbsSz)); ExpectNull(tbs = wolfSSL_X509_get_tbs(x509, NULL)); ExpectNotNull(tbs = wolfSSL_X509_get_tbs(x509, &tbsSz)); ExpectIntEQ(tbsSz, 1003); wolfSSL_FreeX509(x509); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_verify(void) { EXPECT_DECLS; #if !defined(NO_CERTS) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) && \ defined(OPENSSL_EXTRA) WOLFSSL_X509* ca = NULL; WOLFSSL_X509* serv = NULL; WOLFSSL_EVP_PKEY* pkey = NULL; unsigned char buf[2048]; const unsigned char* pt = NULL; int bufSz; ExpectNotNull(ca = wolfSSL_X509_load_certificate_file(caCertFile, WOLFSSL_FILETYPE_PEM)); ExpectIntNE(wolfSSL_X509_get_pubkey_buffer(NULL, buf, &bufSz), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_X509_get_pubkey_buffer(ca, NULL, &bufSz), WOLFSSL_SUCCESS); ExpectIntEQ(bufSz, 294); bufSz = 2048; ExpectIntEQ(wolfSSL_X509_get_pubkey_buffer(ca, buf, &bufSz), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_X509_get_pubkey_type(NULL), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_X509_get_pubkey_type(ca), RSAk); ExpectNotNull(serv = wolfSSL_X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM)); /* success case */ pt = buf; ExpectNotNull(pkey = wolfSSL_d2i_PUBKEY(NULL, &pt, bufSz)); ExpectIntEQ(i2d_PUBKEY(pkey, NULL), bufSz); ExpectIntEQ(wolfSSL_X509_verify(serv, pkey), WOLFSSL_SUCCESS); wolfSSL_EVP_PKEY_free(pkey); pkey = NULL; /* fail case */ bufSz = 2048; ExpectIntEQ(wolfSSL_X509_get_pubkey_buffer(serv, buf, &bufSz), WOLFSSL_SUCCESS); pt = buf; ExpectNotNull(pkey = wolfSSL_d2i_PUBKEY(NULL, &pt, bufSz)); ExpectIntEQ(wolfSSL_X509_verify(serv, pkey), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_X509_verify(NULL, pkey), WOLFSSL_FATAL_ERROR); ExpectIntEQ(wolfSSL_X509_verify(serv, NULL), WOLFSSL_FATAL_ERROR); wolfSSL_EVP_PKEY_free(pkey); wolfSSL_FreeX509(ca); wolfSSL_FreeX509(serv); #endif return EXPECT_RESULT(); } #if !defined(NO_DH) && !defined(NO_AES) && defined(WOLFSSL_CERT_GEN) && \ defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \ defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) /* create certificate with version 2 */ static int test_set_x509_badversion(WOLFSSL_CTX* ctx) { EXPECT_DECLS; WOLFSSL_X509 *x509 = NULL, *x509v2 = NULL; WOLFSSL_EVP_PKEY *priv = NULL, *pub = NULL; unsigned char *der = NULL, *key = NULL, *pt; char *header = NULL, *name = NULL; int derSz; long keySz; XFILE fp = XBADFILE; WOLFSSL_ASN1_TIME *notBefore = NULL, *notAfter = NULL; time_t t; ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue((fp = XFOPEN(cliKeyFile, "rb")) != XBADFILE); ExpectIntEQ(wolfSSL_PEM_read(fp, &name, &header, &key, &keySz), WOLFSSL_SUCCESS); if (fp != XBADFILE) XFCLOSE(fp); pt = key; ExpectNotNull(priv = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL, (const unsigned char**)&pt, keySz)); /* create the version 2 certificate */ ExpectNotNull(x509v2 = X509_new()); ExpectIntEQ(wolfSSL_X509_set_version(x509v2, 1), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_X509_set_subject_name(x509v2, wolfSSL_X509_get_subject_name(x509)), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509v2, wolfSSL_X509_get_issuer_name(x509)), WOLFSSL_SUCCESS); ExpectNotNull(pub = wolfSSL_X509_get_pubkey(x509)); ExpectIntEQ(X509_set_pubkey(x509v2, pub), WOLFSSL_SUCCESS); t = time(NULL); ExpectNotNull(notBefore = wolfSSL_ASN1_TIME_adj(NULL, t, 0, 0)); ExpectNotNull(notAfter = wolfSSL_ASN1_TIME_adj(NULL, t, 365, 0)); ExpectTrue(wolfSSL_X509_set_notBefore(x509v2, notBefore)); ExpectTrue(wolfSSL_X509_set_notAfter(x509v2, notAfter)); ExpectIntGT(wolfSSL_X509_sign(x509v2, priv, EVP_sha256()), 0); derSz = wolfSSL_i2d_X509(x509v2, &der); ExpectIntGT(derSz, 0); ExpectIntEQ(wolfSSL_CTX_use_certificate_buffer(ctx, der, derSz, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); /* TODO: Replace with API call */ XFREE(der, HEAP_HINT, DYNAMIC_TYPE_OPENSSL); XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(name, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(header, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wolfSSL_X509_free(x509); wolfSSL_X509_free(x509v2); wolfSSL_EVP_PKEY_free(priv); wolfSSL_EVP_PKEY_free(pub); wolfSSL_ASN1_TIME_free(notBefore); wolfSSL_ASN1_TIME_free(notAfter); return EXPECT_RESULT(); } /* override certificate version error */ static int test_override_x509(int preverify, WOLFSSL_X509_STORE_CTX* store) { EXPECT_DECLS; #ifndef OPENSSL_COMPATIBLE_DEFAULTS ExpectIntEQ(store->error, ASN_VERSION_E); #else ExpectIntEQ(store->error, 0); #endif ExpectIntEQ((int)wolfSSL_X509_get_version(store->current_cert), 1); (void)preverify; return EXPECT_RESULT() == TEST_SUCCESS; } /* set verify callback that will override bad certificate version */ static int test_set_override_x509(WOLFSSL_CTX* ctx) { wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, test_override_x509); return TEST_SUCCESS; } #endif static int test_wolfSSL_X509_TLS_version_test_1(void) { EXPECT_DECLS; #if !defined(NO_DH) && !defined(NO_AES) && defined(WOLFSSL_CERT_GEN) && \ defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \ defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) test_ssl_cbf func_cb_client; test_ssl_cbf func_cb_server; /* test server rejects a client certificate that is not version 3 */ XMEMSET(&func_cb_client, 0, sizeof(func_cb_client)); XMEMSET(&func_cb_server, 0, sizeof(func_cb_server)); func_cb_client.ctx_ready = &test_set_x509_badversion; #ifndef WOLFSSL_NO_TLS12 func_cb_client.method = wolfTLSv1_2_client_method; #else func_cb_client.method = wolfTLSv1_3_client_method; #endif #ifndef WOLFSSL_NO_TLS12 func_cb_server.method = wolfTLSv1_2_server_method; #else func_cb_server.method = wolfTLSv1_3_server_method; #endif #ifndef OPENSSL_COMPATIBLE_DEFAULTS ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client, &func_cb_server, NULL), TEST_FAIL); #else ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client, &func_cb_server, NULL), TEST_SUCCESS); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_TLS_version_test_2(void) { EXPECT_DECLS; #if !defined(NO_DH) && !defined(NO_AES) && defined(WOLFSSL_CERT_GEN) && \ defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \ defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) test_ssl_cbf func_cb_client; test_ssl_cbf func_cb_server; XMEMSET(&func_cb_client, 0, sizeof(func_cb_client)); XMEMSET(&func_cb_server, 0, sizeof(func_cb_server)); func_cb_client.ctx_ready = &test_set_x509_badversion; func_cb_server.ctx_ready = &test_set_override_x509; #ifndef WOLFSSL_NO_TLS12 func_cb_client.method = wolfTLSv1_2_client_method; #else func_cb_client.method = wolfTLSv1_3_client_method; #endif #ifndef WOLFSSL_NO_TLS12 func_cb_server.method = wolfTLSv1_2_server_method; #else func_cb_server.method = wolfTLSv1_3_server_method; #endif ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client, &func_cb_server, NULL), TEST_SUCCESS); #endif return EXPECT_RESULT(); } /* Testing function wolfSSL_CTX_SetMinVersion; sets the minimum downgrade * version allowed. * POST: 1 on success. */ static int test_wolfSSL_CTX_SetMinVersion(void) { int res = TEST_SKIPPED; #ifndef NO_WOLFSSL_CLIENT int failFlag = WOLFSSL_SUCCESS; WOLFSSL_CTX* ctx; int itr; #ifndef NO_OLD_TLS const int versions[] = { #ifdef WOLFSSL_ALLOW_TLSV10 WOLFSSL_TLSV1, #endif WOLFSSL_TLSV1_1, WOLFSSL_TLSV1_2 }; #elif !defined(WOLFSSL_NO_TLS12) const int versions[] = { WOLFSSL_TLSV1_2 }; #elif defined(WOLFSSL_TLS13) const int versions[] = { WOLFSSL_TLSV1_3 }; #else const int versions[0]; #endif ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()); for (itr = 0; itr < (int)(sizeof(versions)/sizeof(int)); itr++) { if (wolfSSL_CTX_SetMinVersion(ctx, *(versions + itr)) != WOLFSSL_SUCCESS) { failFlag = WOLFSSL_FAILURE; } } wolfSSL_CTX_free(ctx); res = TEST_RES_CHECK(failFlag == WOLFSSL_SUCCESS); #endif return res; } /* END test_wolfSSL_CTX_SetMinVersion */ /*----------------------------------------------------------------------------* | OCSP Stapling *----------------------------------------------------------------------------*/ /* Testing wolfSSL_UseOCSPStapling function. OCSP stapling eliminates the need * need to contact the CA, lowering the cost of cert revocation checking. * PRE: HAVE_OCSP and HAVE_CERTIFICATE_STATUS_REQUEST * POST: 1 returned for success. */ static int test_wolfSSL_UseOCSPStapling(void) { EXPECT_DECLS; #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) && defined(HAVE_OCSP) && \ !defined(NO_WOLFSSL_CLIENT) WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method())); #endif #else #ifndef WOLFSSL_NO_TLS12 ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method())); #endif #endif ExpectNotNull(ssl = wolfSSL_new(ctx)); ExpectIntEQ(wolfSSL_UseOCSPStapling(NULL, WOLFSSL_CSR2_OCSP, WOLFSSL_CSR2_OCSP_USE_NONCE), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_CLIENT ExpectIntEQ(wolfSSL_UseOCSPStapling(ssl, WOLFSSL_CSR2_OCSP, WOLFSSL_CSR2_OCSP_USE_NONCE), 1); #else ExpectIntEQ(wolfSSL_UseOCSPStapling(ssl, WOLFSSL_CSR2_OCSP, WOLFSSL_CSR2_OCSP_USE_NONCE), BAD_FUNC_ARG); #endif wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } /* END test_wolfSSL_UseOCSPStapling */ /* Testing OCSP stapling version 2, wolfSSL_UseOCSPStaplingV2 function. OCSP * stapling eliminates the need to contact the CA and lowers cert revocation * check. * PRE: HAVE_CERTIFICATE_STATUS_REQUEST_V2 and HAVE_OCSP defined. */ static int test_wolfSSL_UseOCSPStaplingV2(void) { EXPECT_DECLS; #if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) && defined(HAVE_OCSP) && \ !defined(NO_WOLFSSL_CLIENT) WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method())); #endif #else #ifndef WOLFSSL_NO_TLS12 ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method())); #endif #endif ExpectNotNull(ssl = wolfSSL_new(ctx)); ExpectIntEQ(wolfSSL_UseOCSPStaplingV2(NULL, WOLFSSL_CSR2_OCSP, WOLFSSL_CSR2_OCSP_USE_NONCE), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_CLIENT ExpectIntEQ(wolfSSL_UseOCSPStaplingV2(ssl, WOLFSSL_CSR2_OCSP, WOLFSSL_CSR2_OCSP_USE_NONCE), 1); #else ExpectIntEQ(wolfSSL_UseOCSPStaplingV2(ssl, WOLFSSL_CSR2_OCSP, WOLFSSL_CSR2_OCSP_USE_NONCE), BAD_FUNC_ARG); #endif wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } /* END test_wolfSSL_UseOCSPStaplingV2 */ /*----------------------------------------------------------------------------* | Multicast Tests *----------------------------------------------------------------------------*/ static int test_wolfSSL_mcast(void) { EXPECT_DECLS; #if defined(WOLFSSL_DTLS) && defined(WOLFSSL_MULTICAST) && \ (defined(WOLFSSL_TLS13) || defined(WOLFSSL_SNIFFER)) WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; byte preMasterSecret[512]; byte clientRandom[32]; byte serverRandom[32]; byte suite[2] = {0, 0xfe}; /* WDM_WITH_NULL_SHA256 */ byte buf[256]; word16 newId; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfDTLSv1_2_client_method())); ExpectIntEQ(wolfSSL_CTX_mcast_set_member_id(ctx, 0), WOLFSSL_SUCCESS); ExpectNotNull(ssl = wolfSSL_new(ctx)); XMEMSET(preMasterSecret, 0x23, sizeof(preMasterSecret)); XMEMSET(clientRandom, 0xA5, sizeof(clientRandom)); XMEMSET(serverRandom, 0x5A, sizeof(serverRandom)); ExpectIntEQ(wolfSSL_set_secret(ssl, 23, preMasterSecret, sizeof(preMasterSecret), clientRandom, serverRandom, suite), WOLFSSL_SUCCESS); ExpectIntLE(wolfSSL_mcast_read(ssl, &newId, buf, sizeof(buf)), 0); ExpectIntLE(newId, 100); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); #endif /* WOLFSSL_DTLS && WOLFSSL_MULTICAST && (WOLFSSL_TLS13 || * WOLFSSL_SNIFFER) */ return EXPECT_RESULT(); } /*----------------------------------------------------------------------------* | Wolfcrypt *----------------------------------------------------------------------------*/ /* * Unit test for the wc_InitBlake2b() */ static int test_wc_InitBlake2b(void) { EXPECT_DECLS; #ifdef HAVE_BLAKE2 Blake2b blake; /* Test good arg. */ ExpectIntEQ(wc_InitBlake2b(&blake, 64), 0); /* Test bad arg. */ ExpectIntEQ(wc_InitBlake2b(NULL, 64), BAD_FUNC_ARG); ExpectIntEQ(wc_InitBlake2b(NULL, 128), BAD_FUNC_ARG); ExpectIntEQ(wc_InitBlake2b(&blake, 128), BAD_FUNC_ARG); ExpectIntEQ(wc_InitBlake2b(NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_InitBlake2b(&blake, 0), BAD_FUNC_ARG); #endif return EXPECT_RESULT(); } /* END test_wc_InitBlake2b*/ /* * Unit test for the wc_InitBlake2b_WithKey() */ static int test_wc_InitBlake2b_WithKey(void) { EXPECT_DECLS; #ifdef HAVE_BLAKE2 Blake2b blake; word32 digestSz = BLAKE2B_KEYBYTES; byte key[BLAKE2B_KEYBYTES]; word32 keylen = BLAKE2B_KEYBYTES; XMEMSET(key, 0, sizeof(key)); /* Test good arg. */ ExpectIntEQ(wc_InitBlake2b_WithKey(&blake, digestSz, key, keylen), 0); /* Test bad args. */ ExpectIntEQ(wc_InitBlake2b_WithKey(NULL, digestSz, key, keylen), BAD_FUNC_ARG); ExpectIntEQ(wc_InitBlake2b_WithKey(&blake, digestSz, key, 256), BAD_FUNC_ARG); ExpectIntEQ(wc_InitBlake2b_WithKey(&blake, digestSz, NULL, keylen), 0); #endif return EXPECT_RESULT(); } /* END wc_InitBlake2b_WithKey*/ /* * Unit test for the wc_InitBlake2s_WithKey() */ static int test_wc_InitBlake2s_WithKey(void) { EXPECT_DECLS; #ifdef HAVE_BLAKE2S Blake2s blake; word32 digestSz = BLAKE2S_KEYBYTES; byte *key = (byte*)"01234567890123456789012345678901"; word32 keylen = BLAKE2S_KEYBYTES; /* Test good arg. */ ExpectIntEQ(wc_InitBlake2s_WithKey(&blake, digestSz, key, keylen), 0); /* Test bad args. */ ExpectIntEQ(wc_InitBlake2s_WithKey(NULL, digestSz, key, keylen), BAD_FUNC_ARG); ExpectIntEQ(wc_InitBlake2s_WithKey(&blake, digestSz, key, 256), BAD_FUNC_ARG); ExpectIntEQ(wc_InitBlake2s_WithKey(&blake, digestSz, NULL, keylen), 0); #endif return EXPECT_RESULT(); } /* END wc_InitBlake2s_WithKey*/ /* * Unit test for the wc_InitMd5() */ static int test_wc_InitMd5(void) { EXPECT_DECLS; #ifndef NO_MD5 wc_Md5 md5; /* Test good arg. */ ExpectIntEQ(wc_InitMd5(&md5), 0); /* Test bad arg. */ ExpectIntEQ(wc_InitMd5(NULL), BAD_FUNC_ARG); wc_Md5Free(&md5); #endif return EXPECT_RESULT(); } /* END test_wc_InitMd5 */ /* * Testing wc_UpdateMd5() */ static int test_wc_Md5Update(void) { EXPECT_DECLS; #ifndef NO_MD5 wc_Md5 md5; byte hash[WC_MD5_DIGEST_SIZE]; testVector a, b, c; ExpectIntEQ(wc_InitMd5(&md5), 0); /* Input */ a.input = "a"; a.inLen = XSTRLEN(a.input); ExpectIntEQ(wc_Md5Update(&md5, (byte*)a.input, (word32)a.inLen), 0); ExpectIntEQ(wc_Md5Final(&md5, hash), 0); /* Update input. */ a.input = "abc"; a.output = "\x90\x01\x50\x98\x3c\xd2\x4f\xb0\xd6\x96\x3f\x7d\x28\xe1\x7f" "\x72"; a.inLen = XSTRLEN(a.input); a.outLen = XSTRLEN(a.output); ExpectIntEQ(wc_Md5Update(&md5, (byte*) a.input, (word32) a.inLen), 0); ExpectIntEQ(wc_Md5Final(&md5, hash), 0); ExpectIntEQ(XMEMCMP(hash, a.output, WC_MD5_DIGEST_SIZE), 0); /* Pass in bad values. */ b.input = NULL; b.inLen = 0; ExpectIntEQ(wc_Md5Update(&md5, (byte*)b.input, (word32)b.inLen), 0); c.input = NULL; c.inLen = WC_MD5_DIGEST_SIZE; ExpectIntEQ(wc_Md5Update(&md5, (byte*)c.input, (word32)c.inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_Md5Update(NULL, (byte*)a.input, (word32)a.inLen), BAD_FUNC_ARG); wc_Md5Free(&md5); #endif return EXPECT_RESULT(); } /* END test_wc_Md5Update() */ /* * Unit test on wc_Md5Final() in wolfcrypt/src/md5.c */ static int test_wc_Md5Final(void) { EXPECT_DECLS; #ifndef NO_MD5 /* Instantiate */ wc_Md5 md5; byte* hash_test[3]; byte hash1[WC_MD5_DIGEST_SIZE]; byte hash2[2*WC_MD5_DIGEST_SIZE]; byte hash3[5*WC_MD5_DIGEST_SIZE]; int times, i; /* Initialize */ ExpectIntEQ(wc_InitMd5(&md5), 0); hash_test[0] = hash1; hash_test[1] = hash2; hash_test[2] = hash3; times = sizeof(hash_test)/sizeof(byte*); for (i = 0; i < times; i++) { ExpectIntEQ(wc_Md5Final(&md5, hash_test[i]), 0); } /* Test bad args. */ ExpectIntEQ(wc_Md5Final(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Md5Final(NULL, hash1), BAD_FUNC_ARG); ExpectIntEQ(wc_Md5Final(&md5, NULL), BAD_FUNC_ARG); wc_Md5Free(&md5); #endif return EXPECT_RESULT(); } /* * Unit test for the wc_InitSha() */ static int test_wc_InitSha(void) { EXPECT_DECLS; #ifndef NO_SHA wc_Sha sha; /* Test good arg. */ ExpectIntEQ(wc_InitSha(&sha), 0); /* Test bad arg. */ ExpectIntEQ(wc_InitSha(NULL), BAD_FUNC_ARG); wc_ShaFree(&sha); #endif return EXPECT_RESULT(); } /* END test_wc_InitSha */ /* * Tesing wc_ShaUpdate() */ static int test_wc_ShaUpdate(void) { EXPECT_DECLS; #ifndef NO_SHA wc_Sha sha; byte hash[WC_SHA_DIGEST_SIZE]; testVector a, b, c; ExpectIntEQ(wc_InitSha(&sha), 0); /* Input. */ a.input = "a"; a.inLen = XSTRLEN(a.input); ExpectIntEQ(wc_ShaUpdate(&sha, NULL, 0), 0); ExpectIntEQ(wc_ShaUpdate(&sha, (byte*)a.input, 0), 0); ExpectIntEQ(wc_ShaUpdate(&sha, (byte*)a.input, (word32)a.inLen), 0); ExpectIntEQ(wc_ShaFinal(&sha, hash), 0); /* Update input. */ a.input = "abc"; a.output = "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2" "\x6C\x9C\xD0\xD8\x9D"; a.inLen = XSTRLEN(a.input); a.outLen = XSTRLEN(a.output); ExpectIntEQ(wc_ShaUpdate(&sha, (byte*)a.input, (word32)a.inLen), 0); ExpectIntEQ(wc_ShaFinal(&sha, hash), 0); ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA_DIGEST_SIZE), 0); /* Try passing in bad values. */ b.input = NULL; b.inLen = 0; ExpectIntEQ(wc_ShaUpdate(&sha, (byte*)b.input, (word32)b.inLen), 0); c.input = NULL; c.inLen = WC_SHA_DIGEST_SIZE; ExpectIntEQ(wc_ShaUpdate(&sha, (byte*)c.input, (word32)c.inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_ShaUpdate(NULL, (byte*)a.input, (word32)a.inLen), BAD_FUNC_ARG); wc_ShaFree(&sha); #endif return EXPECT_RESULT(); } /* END test_wc_ShaUpdate() */ /* * Unit test on wc_ShaFinal */ static int test_wc_ShaFinal(void) { EXPECT_DECLS; #ifndef NO_SHA wc_Sha sha; byte* hash_test[3]; byte hash1[WC_SHA_DIGEST_SIZE]; byte hash2[2*WC_SHA_DIGEST_SIZE]; byte hash3[5*WC_SHA_DIGEST_SIZE]; int times, i; /* Initialize*/ ExpectIntEQ(wc_InitSha(&sha), 0); hash_test[0] = hash1; hash_test[1] = hash2; hash_test[2] = hash3; times = sizeof(hash_test)/sizeof(byte*); for (i = 0; i < times; i++) { ExpectIntEQ(wc_ShaFinal(&sha, hash_test[i]), 0); } /* Test bad args. */ ExpectIntEQ(wc_ShaFinal(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ShaFinal(NULL, hash1), BAD_FUNC_ARG); ExpectIntEQ(wc_ShaFinal(&sha, NULL), BAD_FUNC_ARG); wc_ShaFree(&sha); #endif return EXPECT_RESULT(); } /* END test_wc_ShaFinal */ /* * Unit test for wc_InitSha256() */ static int test_wc_InitSha256(void) { EXPECT_DECLS; #ifndef NO_SHA256 wc_Sha256 sha256; /* Test good arg. */ ExpectIntEQ(wc_InitSha256(&sha256), 0); /* Test bad arg. */ ExpectIntEQ(wc_InitSha256(NULL), BAD_FUNC_ARG); wc_Sha256Free(&sha256); #endif return EXPECT_RESULT(); } /* END test_wc_InitSha256 */ /* * Unit test for wc_Sha256Update() */ static int test_wc_Sha256Update(void) { EXPECT_DECLS; #ifndef NO_SHA256 wc_Sha256 sha256; byte hash[WC_SHA256_DIGEST_SIZE]; byte hash_unaligned[WC_SHA256_DIGEST_SIZE+1]; testVector a, b, c; ExpectIntEQ(wc_InitSha256(&sha256), 0); /* Input. */ a.input = "a"; a.inLen = XSTRLEN(a.input); ExpectIntEQ(wc_Sha256Update(&sha256, NULL, 0), 0); ExpectIntEQ(wc_Sha256Update(&sha256, (byte*)a.input, 0), 0); ExpectIntEQ(wc_Sha256Update(&sha256, (byte*)a.input, (word32)a.inLen), 0); ExpectIntEQ(wc_Sha256Final(&sha256, hash), 0); /* Update input. */ a.input = "abc"; a.output = "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22" "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00" "\x15\xAD"; a.inLen = XSTRLEN(a.input); a.outLen = XSTRLEN(a.output); ExpectIntEQ(wc_Sha256Update(&sha256, (byte*)a.input, (word32)a.inLen), 0); ExpectIntEQ(wc_Sha256Final(&sha256, hash), 0); ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA256_DIGEST_SIZE), 0); /* Unaligned check. */ ExpectIntEQ(wc_Sha256Update(&sha256, (byte*)a.input+1, (word32)a.inLen-1), 0); ExpectIntEQ(wc_Sha256Final(&sha256, hash_unaligned + 1), 0); /* Try passing in bad values */ b.input = NULL; b.inLen = 0; ExpectIntEQ(wc_Sha256Update(&sha256, (byte*)b.input, (word32)b.inLen), 0); c.input = NULL; c.inLen = WC_SHA256_DIGEST_SIZE; ExpectIntEQ(wc_Sha256Update(&sha256, (byte*)c.input, (word32)c.inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha256Update(NULL, (byte*)a.input, (word32)a.inLen), BAD_FUNC_ARG); wc_Sha256Free(&sha256); #endif return EXPECT_RESULT(); } /* END test_wc_Sha256Update */ /* * Unit test function for wc_Sha256Final() */ static int test_wc_Sha256Final(void) { EXPECT_DECLS; #ifndef NO_SHA256 wc_Sha256 sha256; byte* hash_test[3]; byte hash1[WC_SHA256_DIGEST_SIZE]; byte hash2[2*WC_SHA256_DIGEST_SIZE]; byte hash3[5*WC_SHA256_DIGEST_SIZE]; int times, i; /* Initialize */ ExpectIntEQ(wc_InitSha256(&sha256), 0); hash_test[0] = hash1; hash_test[1] = hash2; hash_test[2] = hash3; times = sizeof(hash_test) / sizeof(byte*); for (i = 0; i < times; i++) { ExpectIntEQ(wc_Sha256Final(&sha256, hash_test[i]), 0); } /* Test bad args. */ ExpectIntEQ(wc_Sha256Final(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha256Final(NULL, hash1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha256Final(&sha256, NULL), BAD_FUNC_ARG); wc_Sha256Free(&sha256); #endif return EXPECT_RESULT(); } /* END test_wc_Sha256Final */ /* * Unit test function for wc_Sha256FinalRaw() */ static int test_wc_Sha256FinalRaw(void) { EXPECT_DECLS; #if !defined(NO_SHA256) && !defined(HAVE_SELFTEST) && !defined(WOLFSSL_DEVCRYPTO) && (!defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 3))) && \ !defined(WOLFSSL_NO_HASH_RAW) wc_Sha256 sha256; byte* hash_test[3]; byte hash1[WC_SHA256_DIGEST_SIZE]; byte hash2[2*WC_SHA256_DIGEST_SIZE]; byte hash3[5*WC_SHA256_DIGEST_SIZE]; int times, i; /* Initialize */ ExpectIntEQ(wc_InitSha256(&sha256), 0); hash_test[0] = hash1; hash_test[1] = hash2; hash_test[2] = hash3; times = sizeof(hash_test) / sizeof(byte*); for (i = 0; i < times; i++) { ExpectIntEQ(wc_Sha256FinalRaw(&sha256, hash_test[i]), 0); } /* Test bad args. */ ExpectIntEQ(wc_Sha256FinalRaw(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha256FinalRaw(NULL, hash1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha256FinalRaw(&sha256, NULL), BAD_FUNC_ARG); wc_Sha256Free(&sha256); #endif return EXPECT_RESULT(); } /* END test_wc_Sha256FinalRaw */ /* * Unit test function for wc_Sha256GetFlags() */ static int test_wc_Sha256GetFlags(void) { EXPECT_DECLS; #if !defined(NO_SHA256) && defined(WOLFSSL_HASH_FLAGS) wc_Sha256 sha256; word32 flags = 0; /* Initialize */ ExpectIntEQ(wc_InitSha256(&sha256), 0); ExpectIntEQ(wc_Sha256GetFlags(&sha256, &flags), 0); ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0); wc_Sha256Free(&sha256); #endif return EXPECT_RESULT(); } /* END test_wc_Sha256GetFlags */ /* * Unit test function for wc_Sha256Free() */ static int test_wc_Sha256Free(void) { EXPECT_DECLS; #ifndef NO_SHA256 wc_Sha256Free(NULL); /* Set result to SUCCESS. */ ExpectTrue(1); #endif return EXPECT_RESULT(); } /* END test_wc_Sha256Free */ /* * Unit test function for wc_Sha256GetHash() */ static int test_wc_Sha256GetHash(void) { EXPECT_DECLS; #ifndef NO_SHA256 wc_Sha256 sha256; byte hash1[WC_SHA256_DIGEST_SIZE]; /* Initialize */ ExpectIntEQ(wc_InitSha256(&sha256), 0); ExpectIntEQ(wc_Sha256GetHash(&sha256, hash1), 0); /* test bad arguments*/ ExpectIntEQ(wc_Sha256GetHash(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha256GetHash(NULL, hash1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha256GetHash(&sha256, NULL), BAD_FUNC_ARG); wc_Sha256Free(&sha256); #endif return EXPECT_RESULT(); } /* END test_wc_Sha256GetHash */ /* * Unit test function for wc_Sha256Copy() */ static int test_wc_Sha256Copy(void) { EXPECT_DECLS; #ifndef NO_SHA256 wc_Sha256 sha256; wc_Sha256 temp; XMEMSET(&sha256, 0, sizeof(sha256)); XMEMSET(&temp, 0, sizeof(temp)); /* Initialize */ ExpectIntEQ(wc_InitSha256(&sha256), 0); ExpectIntEQ(wc_InitSha256(&temp), 0); ExpectIntEQ(wc_Sha256Copy(&sha256, &temp), 0); /* test bad arguments*/ ExpectIntEQ(wc_Sha256Copy(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha256Copy(NULL, &temp), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha256Copy(&sha256, NULL), BAD_FUNC_ARG); wc_Sha256Free(&sha256); wc_Sha256Free(&temp); #endif return EXPECT_RESULT(); } /* END test_wc_Sha256Copy */ /* * Testing wc_InitSha512() */ static int test_wc_InitSha512(void) { EXPECT_DECLS; #ifdef WOLFSSL_SHA512 wc_Sha512 sha512; /* Test good arg. */ ExpectIntEQ(wc_InitSha512(&sha512), 0); /* Test bad arg. */ ExpectIntEQ(wc_InitSha512(NULL), BAD_FUNC_ARG); wc_Sha512Free(&sha512); #endif return EXPECT_RESULT(); } /* END test_wc_InitSha512 */ /* * wc_Sha512Update() test. */ static int test_wc_Sha512Update(void) { EXPECT_DECLS; #ifdef WOLFSSL_SHA512 wc_Sha512 sha512; byte hash[WC_SHA512_DIGEST_SIZE]; byte hash_unaligned[WC_SHA512_DIGEST_SIZE + 1]; testVector a, b, c; ExpectIntEQ(wc_InitSha512(&sha512), 0); /* Input. */ a.input = "a"; a.inLen = XSTRLEN(a.input); ExpectIntEQ(wc_Sha512Update(&sha512, NULL, 0), 0); ExpectIntEQ(wc_Sha512Update(&sha512,(byte*)a.input, 0), 0); ExpectIntEQ(wc_Sha512Update(&sha512, (byte*)a.input, (word32)a.inLen), 0); ExpectIntEQ(wc_Sha512Final(&sha512, hash), 0); /* Update input. */ a.input = "abc"; a.output = "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41" "\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b" "\x55\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c" "\x23\xa3\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a" "\x9a\xc9\x4f\xa5\x4c\xa4\x9f"; a.inLen = XSTRLEN(a.input); a.outLen = XSTRLEN(a.output); ExpectIntEQ(wc_Sha512Update(&sha512, (byte*) a.input, (word32) a.inLen), 0); ExpectIntEQ(wc_Sha512Final(&sha512, hash), 0); ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA512_DIGEST_SIZE), 0); /* Unaligned check. */ ExpectIntEQ(wc_Sha512Update(&sha512, (byte*)a.input+1, (word32)a.inLen-1), 0); ExpectIntEQ(wc_Sha512Final(&sha512, hash_unaligned+1), 0); /* Try passing in bad values */ b.input = NULL; b.inLen = 0; ExpectIntEQ(wc_Sha512Update(&sha512, (byte*)b.input, (word32)b.inLen), 0); c.input = NULL; c.inLen = WC_SHA512_DIGEST_SIZE; ExpectIntEQ(wc_Sha512Update(&sha512, (byte*)c.input, (word32)c.inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha512Update(NULL, (byte*)a.input, (word32)a.inLen), BAD_FUNC_ARG); wc_Sha512Free(&sha512); #endif return EXPECT_RESULT(); } /* END test_wc_Sha512Update */ #ifdef WOLFSSL_SHA512 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \ (!defined(WOLFSSL_NOSHA512_224) || !defined(WOLFSSL_NOSHA512_256)) /* Performs test for * - wc_Sha512Final/wc_Sha512FinalRaw * - wc_Sha512_224Final/wc_Sha512_224Final * - wc_Sha512_256Final/wc_Sha512_256Final * parameter: * - type : must be one of WC_HASH_TYPE_SHA512, WC_HASH_TYPE_SHA512_224 or * WC_HASH_TYPE_SHA512_256 * - isRaw: if is non-zero, xxxFinalRaw function will be tested *return 0 on success */ static int test_Sha512_Family_Final(int type, int isRaw) { EXPECT_DECLS; wc_Sha512 sha512; byte* hash_test[3]; byte hash1[WC_SHA512_DIGEST_SIZE]; byte hash2[2*WC_SHA512_DIGEST_SIZE]; byte hash3[5*WC_SHA512_DIGEST_SIZE]; int times, i; int(*initFp)(wc_Sha512*); int(*finalFp)(wc_Sha512*, byte*); void(*freeFp)(wc_Sha512*); if (type == WC_HASH_TYPE_SHA512) { initFp = wc_InitSha512; #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \ !defined(WOLFSSL_NO_HASH_RAW) finalFp = (isRaw)? wc_Sha512FinalRaw : wc_Sha512Final; #else finalFp = (isRaw)? NULL : wc_Sha512Final; #endif freeFp = wc_Sha512Free; } #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) #if !defined(WOLFSSL_NOSHA512_224) else if (type == WC_HASH_TYPE_SHA512_224) { initFp = wc_InitSha512_224; #if !defined(WOLFSSL_NO_HASH_RAW) finalFp = (isRaw)? wc_Sha512_224FinalRaw : wc_Sha512_224Final; #else finalFp = (isRaw)? NULL : wc_Sha512_224Final; #endif freeFp = wc_Sha512_224Free; } #endif #if !defined(WOLFSSL_NOSHA512_256) else if (type == WC_HASH_TYPE_SHA512_256) { initFp = wc_InitSha512_256; #if !defined(WOLFSSL_NO_HASH_RAW) finalFp = (isRaw)? wc_Sha512_256FinalRaw : wc_Sha512_256Final; #else finalFp = (isRaw)? NULL : wc_Sha512_256Final; #endif freeFp = wc_Sha512_256Free; } #endif #endif /* !HAVE_FIPS && !HAVE_SELFTEST */ else return TEST_FAIL; /* Initialize */ ExpectIntEQ(initFp(&sha512), 0); hash_test[0] = hash1; hash_test[1] = hash2; hash_test[2] = hash3; times = sizeof(hash_test) / sizeof(byte *); /* Good test args. */ for (i = 0; i < times; i++) { ExpectIntEQ(finalFp(&sha512, hash_test[i]), 0); } /* Test bad args. */ ExpectIntEQ(finalFp(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(finalFp(NULL, hash1), BAD_FUNC_ARG); ExpectIntEQ(finalFp(&sha512, NULL), BAD_FUNC_ARG); freeFp(&sha512); return EXPECT_RESULT(); } #endif /* !HAVE_FIPS && !HAVE_SELFTEST && (!WOLFSSL_NOSHA512_224 || !WOLFSSL_NOSHA512_256) */ #endif /* WOLFSSL_SHA512 */ /* * Unit test function for wc_Sha512Final() */ static int test_wc_Sha512Final(void) { EXPECT_DECLS; #ifdef WOLFSSL_SHA512 wc_Sha512 sha512; byte* hash_test[3]; byte hash1[WC_SHA512_DIGEST_SIZE]; byte hash2[2*WC_SHA512_DIGEST_SIZE]; byte hash3[5*WC_SHA512_DIGEST_SIZE]; int times, i; /* Initialize */ ExpectIntEQ(wc_InitSha512(&sha512), 0); hash_test[0] = hash1; hash_test[1] = hash2; hash_test[2] = hash3; times = sizeof(hash_test) / sizeof(byte *); for (i = 0; i < times; i++) { ExpectIntEQ(wc_Sha512Final(&sha512, hash_test[i]), 0); } /* Test bad args. */ ExpectIntEQ(wc_Sha512Final(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha512Final(NULL, hash1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha512Final(&sha512, NULL), BAD_FUNC_ARG); wc_Sha512Free(&sha512); #endif return EXPECT_RESULT(); } /* END test_wc_Sha512Final */ /* * Unit test function for wc_Sha512GetFlags() */ static int test_wc_Sha512GetFlags(void) { EXPECT_DECLS; #if defined(WOLFSSL_SHA512) && defined(WOLFSSL_HASH_FLAGS) wc_Sha512 sha512; word32 flags = 0; /* Initialize */ ExpectIntEQ(wc_InitSha512(&sha512), 0); ExpectIntEQ(wc_Sha512GetFlags(&sha512, &flags), 0); ExpectIntEQ((flags & WC_HASH_FLAG_ISCOPY), 0); wc_Sha512Free(&sha512); #endif return EXPECT_RESULT(); } /* END test_wc_Sha512GetFlags */ /* * Unit test function for wc_Sha512FinalRaw() */ static int test_wc_Sha512FinalRaw(void) { EXPECT_DECLS; #if (defined(WOLFSSL_SHA512) && !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 3)))) && \ !defined(WOLFSSL_NO_HASH_RAW) wc_Sha512 sha512; byte* hash_test[3]; byte hash1[WC_SHA512_DIGEST_SIZE]; byte hash2[2*WC_SHA512_DIGEST_SIZE]; byte hash3[5*WC_SHA512_DIGEST_SIZE]; int times, i; /* Initialize */ ExpectIntEQ(wc_InitSha512(&sha512), 0); hash_test[0] = hash1; hash_test[1] = hash2; hash_test[2] = hash3; times = sizeof(hash_test) / sizeof(byte*); /* Good test args. */ for (i = 0; i < times; i++) { ExpectIntEQ(wc_Sha512FinalRaw(&sha512, hash_test[i]), 0); } /* Test bad args. */ ExpectIntEQ(wc_Sha512FinalRaw(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha512FinalRaw(NULL, hash1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha512FinalRaw(&sha512, NULL), BAD_FUNC_ARG); wc_Sha512Free(&sha512); #endif return EXPECT_RESULT(); } /* END test_wc_Sha512FinalRaw */ /* * Unit test function for wc_Sha512Free() */ static int test_wc_Sha512Free(void) { EXPECT_DECLS; #ifdef WOLFSSL_SHA512 wc_Sha512Free(NULL); /* Set result to SUCCESS. */ ExpectTrue(1); #endif return EXPECT_RESULT(); } /* END test_wc_Sha512Free */ #ifdef WOLFSSL_SHA512 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \ (!defined(WOLFSSL_NOSHA512_224) || !defined(WOLFSSL_NOSHA512_256)) static int test_Sha512_Family_GetHash(int type ) { EXPECT_DECLS; int(*initFp)(wc_Sha512*); int(*ghashFp)(wc_Sha512*, byte*); wc_Sha512 sha512; byte hash1[WC_SHA512_DIGEST_SIZE]; if (type == WC_HASH_TYPE_SHA512) { initFp = wc_InitSha512; ghashFp = wc_Sha512GetHash; } #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) #if !defined(WOLFSSL_NOSHA512_224) else if (type == WC_HASH_TYPE_SHA512_224) { initFp = wc_InitSha512_224; ghashFp = wc_Sha512_224GetHash; } #endif #if !defined(WOLFSSL_NOSHA512_256) else if (type == WC_HASH_TYPE_SHA512_256) { initFp = wc_InitSha512_256; ghashFp = wc_Sha512_256GetHash; } #endif #endif /* !HAVE_FIPS && !HAVE_SELFTEST */ else { initFp = NULL; ghashFp = NULL; } if (initFp == NULL || ghashFp == NULL) return TEST_FAIL; ExpectIntEQ(initFp(&sha512), 0); ExpectIntEQ(ghashFp(&sha512, hash1), 0); /* test bad arguments*/ ExpectIntEQ(ghashFp(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(ghashFp(NULL, hash1), BAD_FUNC_ARG); ExpectIntEQ(ghashFp(&sha512, NULL), BAD_FUNC_ARG); wc_Sha512Free(&sha512); return EXPECT_RESULT(); } #endif /* !HAVE_FIPS && !HAVE_SELFTEST && (!WOLFSSL_NOSHA512_224 || !WOLFSSL_NOSHA512_256) */ #endif /* WOLFSSL_SHA512 */ /* * Unit test function for wc_Sha512GetHash() */ static int test_wc_Sha512GetHash(void) { EXPECT_DECLS; #ifdef WOLFSSL_SHA512 wc_Sha512 sha512; byte hash1[WC_SHA512_DIGEST_SIZE]; /* Initialize */ ExpectIntEQ(wc_InitSha512(&sha512), 0); ExpectIntEQ(wc_Sha512GetHash(&sha512, hash1), 0); /* test bad arguments*/ ExpectIntEQ(wc_Sha512GetHash(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha512GetHash(NULL, hash1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha512GetHash(&sha512, NULL), BAD_FUNC_ARG); wc_Sha512Free(&sha512); #endif return EXPECT_RESULT(); } /* END test_wc_Sha512GetHash */ /* * Unit test function for wc_Sha512Copy() */ static int test_wc_Sha512Copy(void) { EXPECT_DECLS; #ifdef WOLFSSL_SHA512 wc_Sha512 sha512; wc_Sha512 temp; XMEMSET(&sha512, 0, sizeof(wc_Sha512)); XMEMSET(&temp, 0, sizeof(wc_Sha512)); /* Initialize */ ExpectIntEQ(wc_InitSha512(&sha512), 0); ExpectIntEQ(wc_InitSha512(&temp), 0); ExpectIntEQ(wc_Sha512Copy(&sha512, &temp), 0); /* test bad arguments*/ ExpectIntEQ(wc_Sha512Copy(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha512Copy(NULL, &temp), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha512Copy(&sha512, NULL), BAD_FUNC_ARG); wc_Sha512Free(&sha512); wc_Sha512Free(&temp); #endif return EXPECT_RESULT(); } /* END test_wc_Sha512Copy */ static int test_wc_InitSha512_224(void) { EXPECT_DECLS; #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) wc_Sha512 sha512; /* Test good arg. */ ExpectIntEQ(wc_InitSha512_224(&sha512), 0); /* Test bad arg. */ ExpectIntEQ(wc_InitSha512_224(NULL), BAD_FUNC_ARG); wc_Sha512_224Free(&sha512); #endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_224 */ #endif /* !HAVE_FIPS && !HAVE_SELFTEST */ return EXPECT_RESULT(); } static int test_wc_Sha512_224Update(void) { EXPECT_DECLS; #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) wc_Sha512 sha512; byte hash[WC_SHA512_DIGEST_SIZE]; testVector a, c; ExpectIntEQ(wc_InitSha512_224(&sha512), 0); /* Input. */ a.input = "a"; a.inLen = XSTRLEN(a.input); ExpectIntEQ(wc_Sha512_224Update(&sha512, NULL, 0), 0); ExpectIntEQ(wc_Sha512_224Update(&sha512,(byte*)a.input, 0), 0); ExpectIntEQ(wc_Sha512_224Update(&sha512, (byte*)a.input, (word32)a.inLen), 0); ExpectIntEQ(wc_Sha512_224Final(&sha512, hash), 0); /* Update input. */ a.input = "abc"; a.output = "\x46\x34\x27\x0f\x70\x7b\x6a\x54\xda\xae\x75\x30\x46\x08" "\x42\xe2\x0e\x37\xed\x26\x5c\xee\xe9\xa4\x3e\x89\x24\xaa"; a.inLen = XSTRLEN(a.input); a.outLen = XSTRLEN(a.output); ExpectIntEQ(wc_Sha512_224Update(&sha512, (byte*) a.input, (word32) a.inLen), 0); ExpectIntEQ(wc_Sha512_224Final(&sha512, hash), 0); ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA512_224_DIGEST_SIZE), 0); c.input = NULL; c.inLen = WC_SHA512_224_DIGEST_SIZE; ExpectIntEQ(wc_Sha512_224Update(&sha512, (byte*)c.input, (word32)c.inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha512_224Update(NULL, (byte*)a.input, (word32)a.inLen), BAD_FUNC_ARG); wc_Sha512_224Free(&sha512); #endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_224 */ #endif /* !HAVE_FIPS && !HAVE_SELFTEST */ return EXPECT_RESULT(); } static int test_wc_Sha512_224Final(void) { EXPECT_DECLS; #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) ExpectIntEQ(test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_224, 0), TEST_SUCCESS); #endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_224 */ #endif /* !HAVE_FIPS && !HAVE_SELFTEST */ return EXPECT_RESULT(); } static int test_wc_Sha512_224GetFlags(void) { EXPECT_DECLS; #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) && defined(WOLFSSL_HASH_FLAGS) wc_Sha512 sha512; wc_Sha512 copy; word32 flags = 0; XMEMSET(&sha512, 0, sizeof(wc_Sha512)); XMEMSET(©, 0, sizeof(wc_Sha512)); /* Initialize */ ExpectIntEQ(wc_InitSha512_224(&sha512), 0); ExpectIntEQ(wc_InitSha512_224(©), 0); ExpectIntEQ(wc_Sha512_224GetFlags(&sha512, &flags), 0); ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0); ExpectIntEQ(wc_Sha512_224Copy(&sha512, ©), 0); ExpectIntEQ(wc_Sha512_224GetFlags(©, &flags), 0); ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == WC_HASH_FLAG_ISCOPY); wc_Sha512_224Free(©); wc_Sha512_224Free(&sha512); #endif #endif /* !HAVE_FIPS && !HAVE_SELFTEST */ return EXPECT_RESULT(); } static int test_wc_Sha512_224FinalRaw(void) { EXPECT_DECLS; #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \ defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) && \ !defined(WOLFSSL_NO_HASH_RAW) ExpectIntEQ(test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_224, 1), TEST_SUCCESS); #endif return EXPECT_RESULT(); } static int test_wc_Sha512_224Free(void) { EXPECT_DECLS; #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) wc_Sha512_224Free(NULL); /* Set result to SUCCESS. */ ExpectTrue(1); #endif #endif /* !HAVE_FIPS && !HAVE_SELFTEST */ return EXPECT_RESULT(); } static int test_wc_Sha512_224GetHash(void) { EXPECT_DECLS; #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) ExpectIntEQ(test_Sha512_Family_GetHash(WC_HASH_TYPE_SHA512_224), TEST_SUCCESS); #endif #endif /* !HAVE_FIPS && !HAVE_SELFTEST */ return EXPECT_RESULT(); } static int test_wc_Sha512_224Copy(void) { EXPECT_DECLS; #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) wc_Sha512 sha512; wc_Sha512 temp; XMEMSET(&sha512, 0, sizeof(wc_Sha512)); XMEMSET(&temp, 0, sizeof(wc_Sha512)); /* Initialize */ ExpectIntEQ(wc_InitSha512_224(&sha512), 0); ExpectIntEQ(wc_InitSha512_224(&temp), 0); ExpectIntEQ(wc_Sha512_224Copy(&sha512, &temp), 0); /* test bad arguments*/ ExpectIntEQ(wc_Sha512_224Copy(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha512_224Copy(NULL, &temp), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha512_224Copy(&sha512, NULL), BAD_FUNC_ARG); wc_Sha512_224Free(&sha512); wc_Sha512_224Free(&temp); #endif #endif /* !HAVE_FIPS && !HAVE_SELFTEST */ return EXPECT_RESULT(); } static int test_wc_InitSha512_256(void) { EXPECT_DECLS; #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) wc_Sha512 sha512; /* Test good arg. */ ExpectIntEQ(wc_InitSha512_256(&sha512), 0); /* Test bad arg. */ ExpectIntEQ(wc_InitSha512_256(NULL), BAD_FUNC_ARG); wc_Sha512_256Free(&sha512); #endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_256 */ #endif /* !HAVE_FIPS && !HAVE_SELFTEST */ return EXPECT_RESULT(); } static int test_wc_Sha512_256Update(void) { EXPECT_DECLS; #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) wc_Sha512 sha512; byte hash[WC_SHA512_DIGEST_SIZE]; testVector a, c; ExpectIntEQ(wc_InitSha512_256(&sha512), 0); /* Input. */ a.input = "a"; a.inLen = XSTRLEN(a.input); ExpectIntEQ(wc_Sha512_256Update(&sha512, NULL, 0), 0); ExpectIntEQ(wc_Sha512_256Update(&sha512,(byte*)a.input, 0), 0); ExpectIntEQ(wc_Sha512_256Update(&sha512, (byte*)a.input, (word32)a.inLen), 0); ExpectIntEQ(wc_Sha512_256Final(&sha512, hash), 0); /* Update input. */ a.input = "abc"; a.output = "\x53\x04\x8e\x26\x81\x94\x1e\xf9\x9b\x2e\x29\xb7\x6b\x4c" "\x7d\xab\xe4\xc2\xd0\xc6\x34\xfc\x6d\x46\xe0\xe2\xf1\x31" "\x07\xe7\xaf\x23"; a.inLen = XSTRLEN(a.input); a.outLen = XSTRLEN(a.output); ExpectIntEQ(wc_Sha512_256Update(&sha512, (byte*) a.input, (word32) a.inLen), 0); ExpectIntEQ(wc_Sha512_256Final(&sha512, hash), 0); ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA512_256_DIGEST_SIZE), 0); c.input = NULL; c.inLen = WC_SHA512_256_DIGEST_SIZE; ExpectIntEQ(wc_Sha512_256Update(&sha512, (byte*)c.input, (word32)c.inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha512_256Update(NULL, (byte*)a.input, (word32)a.inLen), BAD_FUNC_ARG); wc_Sha512_256Free(&sha512); #endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_256 */ #endif /* !HAVE_FIPS && !HAVE_SELFTEST */ return EXPECT_RESULT(); } static int test_wc_Sha512_256Final(void) { EXPECT_DECLS; #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) ExpectIntEQ(test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_256, 0), TEST_SUCCESS); #endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_256 */ #endif /* !HAVE_FIPS && !HAVE_SELFTEST */ return EXPECT_RESULT(); } static int test_wc_Sha512_256GetFlags(void) { EXPECT_DECLS; #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) && defined(WOLFSSL_HASH_FLAGS) wc_Sha512 sha512, copy; word32 flags = 0; XMEMSET(&sha512, 0, sizeof(wc_Sha512)); XMEMSET(©, 0, sizeof(wc_Sha512)); /* Initialize */ ExpectIntEQ(wc_InitSha512_256(&sha512), 0); ExpectIntEQ(wc_InitSha512_256(©), 0); ExpectIntEQ(wc_Sha512_256GetFlags(&sha512, &flags), 0); ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0); ExpectIntEQ(wc_Sha512_256Copy(&sha512, ©), 0); ExpectIntEQ(wc_Sha512_256GetFlags(©, &flags), 0); ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == WC_HASH_FLAG_ISCOPY); wc_Sha512_256Free(&sha512); #endif #endif /* !HAVE_FIPS && !HAVE_SELFTEST */ return EXPECT_RESULT(); } static int test_wc_Sha512_256FinalRaw(void) { EXPECT_DECLS; #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \ defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) && \ !defined(WOLFSSL_NO_HASH_RAW) ExpectIntEQ(test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_256, 1), TEST_SUCCESS); #endif return EXPECT_RESULT(); } static int test_wc_Sha512_256Free(void) { EXPECT_DECLS; #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) wc_Sha512_256Free(NULL); /* Set result to SUCCESS. */ ExpectTrue(1); #endif #endif /* !HAVE_FIPS && !HAVE_SELFTEST */ return EXPECT_RESULT(); } static int test_wc_Sha512_256GetHash(void) { EXPECT_DECLS; #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) ExpectIntEQ(test_Sha512_Family_GetHash(WC_HASH_TYPE_SHA512_256), TEST_SUCCESS); #endif #endif /* !HAVE_FIPS && !HAVE_SELFTEST */ return EXPECT_RESULT(); } static int test_wc_Sha512_256Copy(void) { EXPECT_DECLS; #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) wc_Sha512 sha512; wc_Sha512 temp; XMEMSET(&sha512, 0, sizeof(wc_Sha512)); XMEMSET(&temp, 0, sizeof(wc_Sha512)); /* Initialize */ ExpectIntEQ(wc_InitSha512_256(&sha512), 0); ExpectIntEQ(wc_InitSha512_256(&temp), 0); ExpectIntEQ(wc_Sha512_256Copy(&sha512, &temp), 0); /* test bad arguments*/ ExpectIntEQ(wc_Sha512_256Copy(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha512_256Copy(NULL, &temp), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha512_256Copy(&sha512, NULL), BAD_FUNC_ARG); wc_Sha512_256Free(&sha512); wc_Sha512_256Free(&temp); #endif #endif /* !HAVE_FIPS && !HAVE_SELFTEST */ return EXPECT_RESULT(); } /* * Testing wc_InitSha384() */ static int test_wc_InitSha384(void) { EXPECT_DECLS; #ifdef WOLFSSL_SHA384 wc_Sha384 sha384; /* Test good arg. */ ExpectIntEQ(wc_InitSha384(&sha384), 0); /* Test bad arg. */ ExpectIntEQ(wc_InitSha384(NULL), BAD_FUNC_ARG); wc_Sha384Free(&sha384); #endif return EXPECT_RESULT(); } /* END test_wc_InitSha384 */ /* * test wc_Sha384Update() */ static int test_wc_Sha384Update(void) { EXPECT_DECLS; #ifdef WOLFSSL_SHA384 wc_Sha384 sha384; byte hash[WC_SHA384_DIGEST_SIZE]; testVector a, b, c; ExpectIntEQ(wc_InitSha384(&sha384), 0); /* Input */ a.input = "a"; a.inLen = XSTRLEN(a.input); ExpectIntEQ(wc_Sha384Update(&sha384, NULL, 0), 0); ExpectIntEQ(wc_Sha384Update(&sha384, (byte*)a.input, 0), 0); ExpectIntEQ(wc_Sha384Update(&sha384, (byte*)a.input, (word32)a.inLen), 0); ExpectIntEQ(wc_Sha384Final(&sha384, hash), 0); /* Update input. */ a.input = "abc"; a.output = "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50" "\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff" "\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34" "\xc8\x25\xa7"; a.inLen = XSTRLEN(a.input); a.outLen = XSTRLEN(a.output); ExpectIntEQ(wc_Sha384Update(&sha384, (byte*)a.input, (word32)a.inLen), 0); ExpectIntEQ(wc_Sha384Final(&sha384, hash), 0); ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA384_DIGEST_SIZE), 0); /* Pass in bad values. */ b.input = NULL; b.inLen = 0; ExpectIntEQ(wc_Sha384Update(&sha384, (byte*)b.input, (word32)b.inLen), 0); c.input = NULL; c.inLen = WC_SHA384_DIGEST_SIZE; ExpectIntEQ( wc_Sha384Update(&sha384, (byte*)c.input, (word32)c.inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha384Update(NULL, (byte*)a.input, (word32)a.inLen), BAD_FUNC_ARG); wc_Sha384Free(&sha384); #endif return EXPECT_RESULT(); } /* END test_wc_Sha384Update */ /* * Unit test function for wc_Sha384Final(); */ static int test_wc_Sha384Final(void) { EXPECT_DECLS; #ifdef WOLFSSL_SHA384 wc_Sha384 sha384; byte* hash_test[3]; byte hash1[WC_SHA384_DIGEST_SIZE]; byte hash2[2*WC_SHA384_DIGEST_SIZE]; byte hash3[5*WC_SHA384_DIGEST_SIZE]; int times, i; /* Initialize */ ExpectIntEQ(wc_InitSha384(&sha384), 0); hash_test[0] = hash1; hash_test[1] = hash2; hash_test[2] = hash3; times = sizeof(hash_test) / sizeof(byte*); /* Good test args. */ for (i = 0; i < times; i++) { ExpectIntEQ(wc_Sha384Final(&sha384, hash_test[i]), 0); } /* Test bad args. */ ExpectIntEQ(wc_Sha384Final(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha384Final(NULL, hash1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha384Final(&sha384, NULL), BAD_FUNC_ARG); wc_Sha384Free(&sha384); #endif return EXPECT_RESULT(); } /* END test_wc_Sha384Final */ /* * Unit test function for wc_Sha384GetFlags() */ static int test_wc_Sha384GetFlags(void) { EXPECT_DECLS; #if defined(WOLFSSL_SHA384) && defined(WOLFSSL_HASH_FLAGS) wc_Sha384 sha384; word32 flags = 0; /* Initialize */ ExpectIntEQ(wc_InitSha384(&sha384), 0); ExpectIntEQ(wc_Sha384GetFlags(&sha384, &flags), 0); ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0); wc_Sha384Free(&sha384); #endif return EXPECT_RESULT(); } /* END test_wc_Sha384GetFlags */ /* * Unit test function for wc_Sha384FinalRaw() */ static int test_wc_Sha384FinalRaw(void) { EXPECT_DECLS; #if (defined(WOLFSSL_SHA384) && !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 3)))) && \ !defined(WOLFSSL_NO_HASH_RAW) wc_Sha384 sha384; byte* hash_test[3]; byte hash1[WC_SHA384_DIGEST_SIZE]; byte hash2[2*WC_SHA384_DIGEST_SIZE]; byte hash3[5*WC_SHA384_DIGEST_SIZE]; int times, i; /* Initialize */ ExpectIntEQ(wc_InitSha384(&sha384), 0); hash_test[0] = hash1; hash_test[1] = hash2; hash_test[2] = hash3; times = sizeof(hash_test) / sizeof(byte*); /* Good test args. */ for (i = 0; i < times; i++) { ExpectIntEQ(wc_Sha384FinalRaw(&sha384, hash_test[i]), 0); } /* Test bad args. */ ExpectIntEQ(wc_Sha384FinalRaw(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha384FinalRaw(NULL, hash1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha384FinalRaw(&sha384, NULL), BAD_FUNC_ARG); wc_Sha384Free(&sha384); #endif return EXPECT_RESULT(); } /* END test_wc_Sha384FinalRaw */ /* * Unit test function for wc_Sha384Free() */ static int test_wc_Sha384Free(void) { EXPECT_DECLS; #ifdef WOLFSSL_SHA384 wc_Sha384Free(NULL); /* Set result to SUCCESS. */ ExpectTrue(1); #endif return EXPECT_RESULT(); } /* END test_wc_Sha384Free */ /* * Unit test function for wc_Sha384GetHash() */ static int test_wc_Sha384GetHash(void) { EXPECT_DECLS; #ifdef WOLFSSL_SHA384 wc_Sha384 sha384; byte hash1[WC_SHA384_DIGEST_SIZE]; /* Initialize */ ExpectIntEQ(wc_InitSha384(&sha384), 0); ExpectIntEQ(wc_Sha384GetHash(&sha384, hash1), 0); /* test bad arguments*/ ExpectIntEQ(wc_Sha384GetHash(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha384GetHash(NULL, hash1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha384GetHash(&sha384, NULL), BAD_FUNC_ARG); wc_Sha384Free(&sha384); #endif return EXPECT_RESULT(); } /* END test_wc_Sha384GetHash */ /* * Unit test function for wc_Sha384Copy() */ static int test_wc_Sha384Copy(void) { EXPECT_DECLS; #ifdef WOLFSSL_SHA384 wc_Sha384 sha384; wc_Sha384 temp; XMEMSET(&sha384, 0, sizeof(wc_Sha384)); XMEMSET(&temp, 0, sizeof(wc_Sha384)); /* Initialize */ ExpectIntEQ(wc_InitSha384(&sha384), 0); ExpectIntEQ(wc_InitSha384(&temp), 0); ExpectIntEQ(wc_Sha384Copy(&sha384, &temp), 0); /* test bad arguments*/ ExpectIntEQ(wc_Sha384Copy(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha384Copy(NULL, &temp), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha384Copy(&sha384, NULL), BAD_FUNC_ARG); wc_Sha384Free(&sha384); wc_Sha384Free(&temp); #endif return EXPECT_RESULT(); } /* END test_wc_Sha384Copy */ /* * Testing wc_InitSha224(); */ static int test_wc_InitSha224(void) { EXPECT_DECLS; #ifdef WOLFSSL_SHA224 wc_Sha224 sha224; /* Test good arg. */ ExpectIntEQ(wc_InitSha224(&sha224), 0); /* Test bad arg. */ ExpectIntEQ(wc_InitSha224(NULL), BAD_FUNC_ARG); wc_Sha224Free(&sha224); #endif return EXPECT_RESULT(); } /* END test_wc_InitSha224 */ /* * Unit test on wc_Sha224Update */ static int test_wc_Sha224Update(void) { EXPECT_DECLS; #ifdef WOLFSSL_SHA224 wc_Sha224 sha224; byte hash[WC_SHA224_DIGEST_SIZE]; testVector a, b, c; ExpectIntEQ(wc_InitSha224(&sha224), 0); /* Input. */ a.input = "a"; a.inLen = XSTRLEN(a.input); ExpectIntEQ(wc_Sha224Update(&sha224, NULL, 0), 0); ExpectIntEQ(wc_Sha224Update(&sha224, (byte*)a.input, 0), 0); ExpectIntEQ(wc_Sha224Update(&sha224, (byte*)a.input, (word32)a.inLen), 0); ExpectIntEQ(wc_Sha224Final(&sha224, hash), 0); /* Update input. */ a.input = "abc"; a.output = "\x23\x09\x7d\x22\x34\x05\xd8\x22\x86\x42\xa4\x77\xbd\xa2" "\x55\xb3\x2a\xad\xbc\xe4\xbd\xa0\xb3\xf7\xe3\x6c\x9d\xa7"; a.inLen = XSTRLEN(a.input); a.outLen = XSTRLEN(a.output); ExpectIntEQ(wc_Sha224Update(&sha224, (byte*)a.input, (word32)a.inLen), 0); ExpectIntEQ(wc_Sha224Final(&sha224, hash), 0); ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA224_DIGEST_SIZE), 0); /* Pass in bad values. */ b.input = NULL; b.inLen = 0; ExpectIntEQ(wc_Sha224Update(&sha224, (byte*)b.input, (word32)b.inLen), 0); c.input = NULL; c.inLen = WC_SHA224_DIGEST_SIZE; ExpectIntEQ(wc_Sha224Update(&sha224, (byte*)c.input, (word32)c.inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha224Update(NULL, (byte*)a.input, (word32)a.inLen), BAD_FUNC_ARG); wc_Sha224Free(&sha224); #endif return EXPECT_RESULT(); } /* END test_wc_Sha224Update */ /* * Unit test for wc_Sha224Final(); */ static int test_wc_Sha224Final(void) { EXPECT_DECLS; #ifdef WOLFSSL_SHA224 wc_Sha224 sha224; byte* hash_test[3]; byte hash1[WC_SHA224_DIGEST_SIZE]; byte hash2[2*WC_SHA224_DIGEST_SIZE]; byte hash3[5*WC_SHA224_DIGEST_SIZE]; int times, i; /* Initialize */ ExpectIntEQ(wc_InitSha224(&sha224), 0); hash_test[0] = hash1; hash_test[1] = hash2; hash_test[2] = hash3; times = sizeof(hash_test) / sizeof(byte*); /* Good test args. */ /* Testing oversized buffers. */ for (i = 0; i < times; i++) { ExpectIntEQ(wc_Sha224Final(&sha224, hash_test[i]), 0); } /* Test bad args. */ ExpectIntEQ(wc_Sha224Final(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha224Final(NULL, hash1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha224Final(&sha224, NULL), BAD_FUNC_ARG); wc_Sha224Free(&sha224); #endif return EXPECT_RESULT(); } /* END test_wc_Sha224Final */ /* * Unit test function for wc_Sha224SetFlags() */ static int test_wc_Sha224SetFlags(void) { EXPECT_DECLS; #if defined(WOLFSSL_SHA224) && defined(WOLFSSL_HASH_FLAGS) wc_Sha224 sha224; word32 flags = WC_HASH_FLAG_WILLCOPY; /* Initialize */ ExpectIntEQ(wc_InitSha224(&sha224), 0); ExpectIntEQ(wc_Sha224SetFlags(&sha224, flags), 0); flags = 0; ExpectIntEQ(wc_Sha224GetFlags(&sha224, &flags), 0); ExpectTrue(flags == WC_HASH_FLAG_WILLCOPY); wc_Sha224Free(&sha224); #endif return EXPECT_RESULT(); } /* END test_wc_Sha224SetFlags */ /* * Unit test function for wc_Sha224GetFlags() */ static int test_wc_Sha224GetFlags(void) { EXPECT_DECLS; #if defined(WOLFSSL_SHA224) && defined(WOLFSSL_HASH_FLAGS) wc_Sha224 sha224; word32 flags = 0; /* Initialize */ ExpectIntEQ(wc_InitSha224(&sha224), 0); ExpectIntEQ(wc_Sha224GetFlags(&sha224, &flags), 0); ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0); wc_Sha224Free(&sha224); #endif return EXPECT_RESULT(); } /* END test_wc_Sha224GetFlags */ /* * Unit test function for wc_Sha224Free() */ static int test_wc_Sha224Free(void) { EXPECT_DECLS; #ifdef WOLFSSL_SHA224 wc_Sha224Free(NULL); /* Set result to SUCCESS. */ ExpectTrue(1); #endif return EXPECT_RESULT(); } /* END test_wc_Sha224Free */ /* * Unit test function for wc_Sha224GetHash() */ static int test_wc_Sha224GetHash(void) { EXPECT_DECLS; #ifdef WOLFSSL_SHA224 wc_Sha224 sha224; byte hash1[WC_SHA224_DIGEST_SIZE]; /* Initialize */ ExpectIntEQ(wc_InitSha224(&sha224), 0); ExpectIntEQ(wc_Sha224GetHash(&sha224, hash1), 0); /* test bad arguments*/ ExpectIntEQ(wc_Sha224GetHash(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha224GetHash(NULL, hash1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha224GetHash(&sha224, NULL), BAD_FUNC_ARG); wc_Sha224Free(&sha224); #endif return EXPECT_RESULT(); } /* END test_wc_Sha224GetHash */ /* * Unit test function for wc_Sha224Copy() */ static int test_wc_Sha224Copy(void) { EXPECT_DECLS; #ifdef WOLFSSL_SHA224 wc_Sha224 sha224; wc_Sha224 temp; XMEMSET(&sha224, 0, sizeof(wc_Sha224)); XMEMSET(&temp, 0, sizeof(wc_Sha224)); /* Initialize */ ExpectIntEQ(wc_InitSha224(&sha224), 0); ExpectIntEQ(wc_InitSha224(&temp), 0); ExpectIntEQ(wc_Sha224Copy(&sha224, &temp), 0); /* test bad arguments*/ ExpectIntEQ(wc_Sha224Copy(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha224Copy(NULL, &temp), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha224Copy(&sha224, NULL), BAD_FUNC_ARG); wc_Sha224Free(&sha224); wc_Sha224Free(&temp); #endif return EXPECT_RESULT(); } /* END test_wc_Sha224Copy */ /* * Testing wc_InitRipeMd() */ static int test_wc_InitRipeMd(void) { EXPECT_DECLS; #ifdef WOLFSSL_RIPEMD RipeMd ripemd; /* Test good arg. */ ExpectIntEQ(wc_InitRipeMd(&ripemd), 0); /* Test bad arg. */ ExpectIntEQ(wc_InitRipeMd(NULL), BAD_FUNC_ARG); #endif return EXPECT_RESULT(); } /* END test_wc_InitRipeMd */ /* * Testing wc_RipeMdUpdate() */ static int test_wc_RipeMdUpdate(void) { EXPECT_DECLS; #ifdef WOLFSSL_RIPEMD RipeMd ripemd; byte hash[RIPEMD_DIGEST_SIZE]; testVector a, b, c; ExpectIntEQ(wc_InitRipeMd(&ripemd), 0); /* Input */ a.input = "a"; a.inLen = XSTRLEN(a.input); ExpectIntEQ(wc_RipeMdUpdate(&ripemd, (byte*)a.input, (word32)a.inLen), 0); ExpectIntEQ(wc_RipeMdFinal(&ripemd, hash), 0); /* Update input. */ a.input = "abc"; a.output = "\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04\x4a\x8e\x98\xc6" "\xb0\x87\xf1\x5a\x0b\xfc"; a.inLen = XSTRLEN(a.input); a.outLen = XSTRLEN(a.output); ExpectIntEQ(wc_RipeMdUpdate(&ripemd, (byte*)a.input, (word32)a.inLen), 0); ExpectIntEQ(wc_RipeMdFinal(&ripemd, hash), 0); ExpectIntEQ(XMEMCMP(hash, a.output, RIPEMD_DIGEST_SIZE), 0); /* Pass in bad values. */ b.input = NULL; b.inLen = 0; ExpectIntEQ(wc_RipeMdUpdate(&ripemd, (byte*)b.input, (word32)b.inLen), 0); c.input = NULL; c.inLen = RIPEMD_DIGEST_SIZE; ExpectIntEQ(wc_RipeMdUpdate(&ripemd, (byte*)c.input, (word32)c.inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_RipeMdUpdate(NULL, (byte*)a.input, (word32)a.inLen), BAD_FUNC_ARG); #endif return EXPECT_RESULT(); } /* END test_wc_RipeMdUdpate */ /* * Unit test function for wc_RipeMdFinal() */ static int test_wc_RipeMdFinal(void) { EXPECT_DECLS; #ifdef WOLFSSL_RIPEMD RipeMd ripemd; byte* hash_test[3]; byte hash1[RIPEMD_DIGEST_SIZE]; byte hash2[2*RIPEMD_DIGEST_SIZE]; byte hash3[5*RIPEMD_DIGEST_SIZE]; int times, i; /* Initialize */ ExpectIntEQ(wc_InitRipeMd(&ripemd), 0); hash_test[0] = hash1; hash_test[1] = hash2; hash_test[2] = hash3; times = sizeof(hash_test) / sizeof(byte*); /* Testing oversized buffers. */ for (i = 0; i < times; i++) { ExpectIntEQ(wc_RipeMdFinal(&ripemd, hash_test[i]), 0); } /* Test bad args. */ ExpectIntEQ(wc_RipeMdFinal(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_RipeMdFinal(NULL, hash1), BAD_FUNC_ARG); ExpectIntEQ(wc_RipeMdFinal(&ripemd, NULL), BAD_FUNC_ARG); #endif return EXPECT_RESULT(); } /* END test_wc_RipeMdFinal */ /* * Testing wc_InitSha3_224, wc_InitSha3_256, wc_InitSha3_384, and * wc_InitSha3_512 */ static int test_wc_InitSha3(void) { EXPECT_DECLS; #if defined(WOLFSSL_SHA3) wc_Sha3 sha3; (void)sha3; #if !defined(WOLFSSL_NOSHA3_224) ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0); /* Test bad args. */ ExpectIntEQ(wc_InitSha3_224(NULL, HEAP_HINT, testDevId), BAD_FUNC_ARG); wc_Sha3_224_Free(&sha3); #endif /* NOSHA3_224 */ #if !defined(WOLFSSL_NOSHA3_256) ExpectIntEQ(wc_InitSha3_256(&sha3, HEAP_HINT, testDevId), 0); /* Test bad args. */ ExpectIntEQ(wc_InitSha3_256(NULL, HEAP_HINT, testDevId), BAD_FUNC_ARG); wc_Sha3_256_Free(&sha3); #endif /* NOSHA3_256 */ #if !defined(WOLFSSL_NOSHA3_384) ExpectIntEQ(wc_InitSha3_384(&sha3, HEAP_HINT, testDevId), 0); /* Test bad args. */ ExpectIntEQ(wc_InitSha3_384(NULL, HEAP_HINT, testDevId), BAD_FUNC_ARG); wc_Sha3_384_Free(&sha3); #endif /* NOSHA3_384 */ #if !defined(WOLFSSL_NOSHA3_512) ExpectIntEQ(wc_InitSha3_512(&sha3, HEAP_HINT, testDevId), 0); /* Test bad args. */ ExpectIntEQ(wc_InitSha3_512(NULL, HEAP_HINT, testDevId), BAD_FUNC_ARG); wc_Sha3_512_Free(&sha3); #endif /* NOSHA3_512 */ #endif return EXPECT_RESULT(); } /* END test_wc_InitSha3 */ /* * Testing wc_Sha3_Update() */ static int testing_wc_Sha3_Update(void) { EXPECT_DECLS; #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_XILINX_CRYPT) && \ !defined(WOLFSSL_AFALG_XILINX) wc_Sha3 sha3; byte msg[] = "Everybody's working for the weekend."; byte msg2[] = "Everybody gets Friday off."; byte msgCmp[] = "\x45\x76\x65\x72\x79\x62\x6f\x64\x79\x27\x73\x20" "\x77\x6f\x72\x6b\x69\x6e\x67\x20\x66\x6f\x72\x20\x74" "\x68\x65\x20\x77\x65\x65\x6b\x65\x6e\x64\x2e\x45\x76" "\x65\x72\x79\x62\x6f\x64\x79\x20\x67\x65\x74\x73\x20" "\x46\x72\x69\x64\x61\x79\x20\x6f\x66\x66\x2e"; word32 msglen = sizeof(msg) - 1; word32 msg2len = sizeof(msg2); word32 msgCmplen = sizeof(msgCmp); #if !defined(WOLFSSL_NOSHA3_224) ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_Sha3_224_Update(&sha3, msg, msglen), 0); ExpectIntEQ(XMEMCMP(msg, sha3.t, msglen), 0); ExpectTrue(sha3.i == msglen); ExpectIntEQ(wc_Sha3_224_Update(&sha3, msg2, msg2len), 0); ExpectIntEQ(XMEMCMP(sha3.t, msgCmp, msgCmplen), 0); /* Pass bad args. */ ExpectIntEQ(wc_Sha3_224_Update(NULL, msg2, msg2len), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha3_224_Update(&sha3, NULL, 5), BAD_FUNC_ARG); wc_Sha3_224_Free(&sha3); ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_Sha3_224_Update(&sha3, NULL, 0), 0); ExpectIntEQ(wc_Sha3_224_Update(&sha3, msg2, msg2len), 0); ExpectIntEQ(XMEMCMP(msg2, sha3.t, msg2len), 0); wc_Sha3_224_Free(&sha3); #endif /* SHA3_224 */ #if !defined(WOLFSSL_NOSHA3_256) ExpectIntEQ(wc_InitSha3_256(&sha3, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_Sha3_256_Update(&sha3, msg, msglen), 0); ExpectIntEQ(XMEMCMP(msg, sha3.t, msglen), 0); ExpectTrue(sha3.i == msglen); ExpectIntEQ(wc_Sha3_256_Update(&sha3, msg2, msg2len), 0); ExpectIntEQ(XMEMCMP(sha3.t, msgCmp, msgCmplen), 0); /* Pass bad args. */ ExpectIntEQ(wc_Sha3_256_Update(NULL, msg2, msg2len), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha3_256_Update(&sha3, NULL, 5), BAD_FUNC_ARG); wc_Sha3_256_Free(&sha3); ExpectIntEQ(wc_InitSha3_256(&sha3, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_Sha3_256_Update(&sha3, NULL, 0), 0); ExpectIntEQ(wc_Sha3_256_Update(&sha3, msg2, msg2len), 0); ExpectIntEQ(XMEMCMP(msg2, sha3.t, msg2len), 0); wc_Sha3_256_Free(&sha3); #endif /* SHA3_256 */ #if !defined(WOLFSSL_NOSHA3_384) ExpectIntEQ(wc_InitSha3_384(&sha3, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_Sha3_384_Update(&sha3, msg, msglen), 0); ExpectIntEQ(XMEMCMP(msg, sha3.t, msglen), 0); ExpectTrue(sha3.i == msglen); ExpectIntEQ(wc_Sha3_384_Update(&sha3, msg2, msg2len), 0); ExpectIntEQ(XMEMCMP(sha3.t, msgCmp, msgCmplen), 0); /* Pass bad args. */ ExpectIntEQ(wc_Sha3_384_Update(NULL, msg2, msg2len), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha3_384_Update(&sha3, NULL, 5), BAD_FUNC_ARG); wc_Sha3_384_Free(&sha3); ExpectIntEQ(wc_InitSha3_384(&sha3, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_Sha3_384_Update(&sha3, NULL, 0), 0); ExpectIntEQ(wc_Sha3_384_Update(&sha3, msg2, msg2len), 0); ExpectIntEQ(XMEMCMP(msg2, sha3.t, msg2len), 0); wc_Sha3_384_Free(&sha3); #endif /* SHA3_384 */ #if !defined(WOLFSSL_NOSHA3_512) ExpectIntEQ(wc_InitSha3_512(&sha3, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_Sha3_512_Update(&sha3, msg, msglen), 0); ExpectIntEQ(XMEMCMP(msg, sha3.t, msglen), 0); ExpectTrue(sha3.i == msglen); ExpectIntEQ(wc_Sha3_512_Update(&sha3, msg2, msg2len), 0); ExpectIntEQ(XMEMCMP(sha3.t, msgCmp, msgCmplen), 0); /* Pass bad args. */ ExpectIntEQ(wc_Sha3_512_Update(NULL, msg2, msg2len), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha3_512_Update(&sha3, NULL, 5), BAD_FUNC_ARG); wc_Sha3_512_Free(&sha3); ExpectIntEQ(wc_InitSha3_512(&sha3, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_Sha3_512_Update(&sha3, NULL, 0), 0); ExpectIntEQ(wc_Sha3_512_Update(&sha3, msg2, msg2len), 0); ExpectIntEQ(XMEMCMP(msg2, sha3.t, msg2len), 0); wc_Sha3_512_Free(&sha3); #endif /* SHA3_512 */ #endif /* WOLFSSL_SHA3 */ return EXPECT_RESULT(); } /* END testing_wc_Sha3_Update */ /* * Testing wc_Sha3_224_Final() */ static int test_wc_Sha3_224_Final(void) { EXPECT_DECLS; #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224) wc_Sha3 sha3; const char* msg = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnom" "nopnopq"; const char* expOut = "\x8a\x24\x10\x8b\x15\x4a\xda\x21\xc9\xfd\x55" "\x74\x49\x44\x79\xba\x5c\x7e\x7a\xb7\x6e\xf2" "\x64\xea\xd0\xfc\xce\x33"; byte hash[WC_SHA3_224_DIGEST_SIZE]; byte hashRet[WC_SHA3_224_DIGEST_SIZE]; /* Init stack variables. */ XMEMSET(hash, 0, sizeof(hash)); ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_Sha3_224_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0); ExpectIntEQ(wc_Sha3_224_Final(&sha3, hash), 0); ExpectIntEQ(XMEMCMP(expOut, hash, WC_SHA3_224_DIGEST_SIZE), 0); /* Test bad args. */ ExpectIntEQ(wc_Sha3_224_Final(NULL, hash), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha3_224_Final(&sha3, NULL), BAD_FUNC_ARG); wc_Sha3_224_Free(&sha3); ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0); /* Init stack variables. */ XMEMSET(hash, 0, sizeof(hash)); XMEMSET(hashRet, 0, sizeof(hashRet)); ExpectIntEQ(wc_Sha3_224_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0); ExpectIntEQ(wc_Sha3_224_GetHash(&sha3, hashRet), 0); ExpectIntEQ(wc_Sha3_224_Final(&sha3, hash), 0); ExpectIntEQ(XMEMCMP(hash, hashRet, WC_SHA3_224_DIGEST_SIZE), 0); /* Test bad args. */ ExpectIntEQ(wc_Sha3_224_GetHash(NULL, hashRet), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha3_224_GetHash(&sha3, NULL), BAD_FUNC_ARG); wc_Sha3_224_Free(&sha3); #endif return EXPECT_RESULT(); } /* END test_wc_Sha3_224_Final */ /* * Testing wc_Sha3_256_Final() */ static int test_wc_Sha3_256_Final(void) { EXPECT_DECLS; #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256) wc_Sha3 sha3; const char* msg = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnom" "nopnopq"; const char* expOut = "\x41\xc0\xdb\xa2\xa9\xd6\x24\x08\x49\x10\x03\x76\xa8" "\x23\x5e\x2c\x82\xe1\xb9\x99\x8a\x99\x9e\x21\xdb\x32" "\xdd\x97\x49\x6d\x33\x76"; byte hash[WC_SHA3_256_DIGEST_SIZE]; byte hashRet[WC_SHA3_256_DIGEST_SIZE]; /* Init stack variables. */ XMEMSET(hash, 0, sizeof(hash)); ExpectIntEQ(wc_InitSha3_256(&sha3, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_Sha3_256_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0); ExpectIntEQ(wc_Sha3_256_Final(&sha3, hash), 0); ExpectIntEQ(XMEMCMP(expOut, hash, WC_SHA3_256_DIGEST_SIZE), 0); /* Test bad args. */ ExpectIntEQ(wc_Sha3_256_Final(NULL, hash), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha3_256_Final(&sha3, NULL), BAD_FUNC_ARG); wc_Sha3_256_Free(&sha3); ExpectIntEQ(wc_InitSha3_256(&sha3, HEAP_HINT, testDevId), 0); /* Init stack variables. */ XMEMSET(hash, 0, sizeof(hash)); XMEMSET(hashRet, 0, sizeof(hashRet)); ExpectIntEQ(wc_Sha3_256_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0); ExpectIntEQ(wc_Sha3_256_GetHash(&sha3, hashRet), 0); ExpectIntEQ(wc_Sha3_256_Final(&sha3, hash), 0); ExpectIntEQ(XMEMCMP(hash, hashRet, WC_SHA3_256_DIGEST_SIZE), 0); /* Test bad args. */ ExpectIntEQ(wc_Sha3_256_GetHash(NULL, hashRet), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha3_256_GetHash(&sha3, NULL), BAD_FUNC_ARG); wc_Sha3_256_Free(&sha3); #endif return EXPECT_RESULT(); } /* END test_wc_Sha3_256_Final */ /* * Testing wc_Sha3_384_Final() */ static int test_wc_Sha3_384_Final(void) { EXPECT_DECLS; #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384) wc_Sha3 sha3; const char* msg = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnom" "nopnopq"; const char* expOut = "\x99\x1c\x66\x57\x55\xeb\x3a\x4b\x6b\xbd\xfb\x75\xc7" "\x8a\x49\x2e\x8c\x56\xa2\x2c\x5c\x4d\x7e\x42\x9b\xfd" "\xbc\x32\xb9\xd4\xad\x5a\xa0\x4a\x1f\x07\x6e\x62\xfe" "\xa1\x9e\xef\x51\xac\xd0\x65\x7c\x22"; byte hash[WC_SHA3_384_DIGEST_SIZE]; byte hashRet[WC_SHA3_384_DIGEST_SIZE]; /* Init stack variables. */ XMEMSET(hash, 0, sizeof(hash)); ExpectIntEQ(wc_InitSha3_384(&sha3, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_Sha3_384_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0); ExpectIntEQ(wc_Sha3_384_Final(&sha3, hash), 0); ExpectIntEQ(XMEMCMP(expOut, hash, WC_SHA3_384_DIGEST_SIZE), 0); /* Test bad args. */ ExpectIntEQ(wc_Sha3_384_Final(NULL, hash), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha3_384_Final(&sha3, NULL), BAD_FUNC_ARG); wc_Sha3_384_Free(&sha3); ExpectIntEQ(wc_InitSha3_384(&sha3, HEAP_HINT, testDevId), 0); /* Init stack variables. */ XMEMSET(hash, 0, sizeof(hash)); XMEMSET(hashRet, 0, sizeof(hashRet)); ExpectIntEQ(wc_Sha3_384_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0); ExpectIntEQ(wc_Sha3_384_GetHash(&sha3, hashRet), 0); ExpectIntEQ(wc_Sha3_384_Final(&sha3, hash), 0); ExpectIntEQ(XMEMCMP(hash, hashRet, WC_SHA3_384_DIGEST_SIZE), 0); /* Test bad args. */ ExpectIntEQ(wc_Sha3_384_GetHash(NULL, hashRet), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha3_384_GetHash(&sha3, NULL), BAD_FUNC_ARG); wc_Sha3_384_Free(&sha3); #endif return EXPECT_RESULT(); } /* END test_wc_Sha3_384_Final */ /* * Testing wc_Sha3_512_Final() */ static int test_wc_Sha3_512_Final(void) { EXPECT_DECLS; #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512) && \ !defined(WOLFSSL_NOSHA3_384) wc_Sha3 sha3; const char* msg = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnom" "nopnopq"; const char* expOut = "\x04\xa3\x71\xe8\x4e\xcf\xb5\xb8\xb7\x7c\xb4\x86\x10" "\xfc\xa8\x18\x2d\xd4\x57\xce\x6f\x32\x6a\x0f\xd3\xd7" "\xec\x2f\x1e\x91\x63\x6d\xee\x69\x1f\xbe\x0c\x98\x53" "\x02\xba\x1b\x0d\x8d\xc7\x8c\x08\x63\x46\xb5\x33\xb4" "\x9c\x03\x0d\x99\xa2\x7d\xaf\x11\x39\xd6\xe7\x5e"; byte hash[WC_SHA3_512_DIGEST_SIZE]; byte hashRet[WC_SHA3_512_DIGEST_SIZE]; /* Init stack variables. */ XMEMSET(hash, 0, sizeof(hash)); ExpectIntEQ(wc_InitSha3_512(&sha3, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_Sha3_512_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0); ExpectIntEQ(wc_Sha3_512_Final(&sha3, hash), 0); ExpectIntEQ(XMEMCMP(expOut, hash, WC_SHA3_512_DIGEST_SIZE), 0); /* Test bad args. */ ExpectIntEQ(wc_Sha3_512_Final(NULL, hash), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha3_512_Final(&sha3, NULL), BAD_FUNC_ARG); wc_Sha3_512_Free(&sha3); ExpectIntEQ(wc_InitSha3_512(&sha3, HEAP_HINT, testDevId), 0); /* Init stack variables. */ XMEMSET(hash, 0, sizeof(hash)); XMEMSET(hashRet, 0, sizeof(hashRet)); ExpectIntEQ(wc_Sha3_512_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0); ExpectIntEQ(wc_Sha3_512_GetHash(&sha3, hashRet), 0); ExpectIntEQ(wc_Sha3_512_Final(&sha3, hash), 0); ExpectIntEQ(XMEMCMP(hash, hashRet, WC_SHA3_512_DIGEST_SIZE), 0); /* Test bad args. */ ExpectIntEQ(wc_Sha3_512_GetHash(NULL, hashRet), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha3_512_GetHash(&sha3, NULL), BAD_FUNC_ARG); wc_Sha3_512_Free(&sha3); #endif return EXPECT_RESULT(); } /* END test_wc_Sha3_512_Final */ /* * Testing wc_Sha3_224_Copy() */ static int test_wc_Sha3_224_Copy(void) { EXPECT_DECLS; #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224) wc_Sha3 sha3, sha3Cpy; const char* msg = TEST_STRING; word32 msglen = (word32)TEST_STRING_SZ; byte hash[WC_SHA3_224_DIGEST_SIZE]; byte hashCpy[WC_SHA3_224_DIGEST_SIZE]; XMEMSET(hash, 0, sizeof(hash)); XMEMSET(hashCpy, 0, sizeof(hashCpy)); XMEMSET(&sha3, 0, sizeof(wc_Sha3)); XMEMSET(&sha3Cpy, 0, sizeof(wc_Sha3)); ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_InitSha3_224(&sha3Cpy, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_Sha3_224_Update(&sha3, (byte*)msg, msglen), 0); ExpectIntEQ(wc_Sha3_224_Copy(&sha3Cpy, &sha3), 0); ExpectIntEQ(wc_Sha3_224_Final(&sha3, hash), 0); ExpectIntEQ(wc_Sha3_224_Final(&sha3Cpy, hashCpy), 0); ExpectIntEQ(XMEMCMP(hash, hashCpy, sizeof(hash)), 0); /* Test bad args. */ ExpectIntEQ(wc_Sha3_224_Copy(NULL, &sha3), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha3_224_Copy(&sha3Cpy, NULL), BAD_FUNC_ARG); wc_Sha3_224_Free(&sha3); wc_Sha3_224_Free(&sha3Cpy); #endif return EXPECT_RESULT(); } /* END test_wc_Sha3_224_Copy */ /* * Testing wc_Sha3_256_Copy() */ static int test_wc_Sha3_256_Copy(void) { EXPECT_DECLS; #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256) wc_Sha3 sha3, sha3Cpy; const char* msg = TEST_STRING; word32 msglen = (word32)TEST_STRING_SZ; byte hash[WC_SHA3_256_DIGEST_SIZE]; byte hashCpy[WC_SHA3_256_DIGEST_SIZE]; XMEMSET(hash, 0, sizeof(hash)); XMEMSET(hashCpy, 0, sizeof(hashCpy)); XMEMSET(&sha3, 0, sizeof(wc_Sha3)); XMEMSET(&sha3Cpy, 0, sizeof(wc_Sha3)); ExpectIntEQ(wc_InitSha3_256(&sha3, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_InitSha3_256(&sha3Cpy, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_Sha3_256_Update(&sha3, (byte*)msg, msglen), 0); ExpectIntEQ(wc_Sha3_256_Copy(&sha3Cpy, &sha3), 0); ExpectIntEQ(wc_Sha3_256_Final(&sha3, hash), 0); ExpectIntEQ(wc_Sha3_256_Final(&sha3Cpy, hashCpy), 0); ExpectIntEQ(XMEMCMP(hash, hashCpy, sizeof(hash)), 0); /* Test bad args. */ ExpectIntEQ(wc_Sha3_256_Copy(NULL, &sha3), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha3_256_Copy(&sha3Cpy, NULL), BAD_FUNC_ARG); wc_Sha3_256_Free(&sha3); wc_Sha3_256_Free(&sha3Cpy); #endif return EXPECT_RESULT(); } /* END test_wc_Sha3_256_Copy */ /* * Testing wc_Sha3_384_Copy() */ static int test_wc_Sha3_384_Copy(void) { EXPECT_DECLS; #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384) wc_Sha3 sha3, sha3Cpy; const char* msg = TEST_STRING; word32 msglen = (word32)TEST_STRING_SZ; byte hash[WC_SHA3_384_DIGEST_SIZE]; byte hashCpy[WC_SHA3_384_DIGEST_SIZE]; XMEMSET(hash, 0, sizeof(hash)); XMEMSET(hashCpy, 0, sizeof(hashCpy)); XMEMSET(&sha3, 0, sizeof(wc_Sha3)); XMEMSET(&sha3Cpy, 0, sizeof(wc_Sha3)); ExpectIntEQ(wc_InitSha3_384(&sha3, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_InitSha3_384(&sha3Cpy, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_Sha3_384_Update(&sha3, (byte*)msg, msglen), 0); ExpectIntEQ(wc_Sha3_384_Copy(&sha3Cpy, &sha3), 0); ExpectIntEQ(wc_Sha3_384_Final(&sha3, hash), 0); ExpectIntEQ(wc_Sha3_384_Final(&sha3Cpy, hashCpy), 0); ExpectIntEQ(XMEMCMP(hash, hashCpy, sizeof(hash)), 0); /* Test bad args. */ ExpectIntEQ(wc_Sha3_384_Copy(NULL, &sha3), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha3_384_Copy(&sha3Cpy, NULL), BAD_FUNC_ARG); wc_Sha3_384_Free(&sha3); wc_Sha3_384_Free(&sha3Cpy); #endif return EXPECT_RESULT(); } /* END test_wc_Sha3_384_Copy */ /* * Testing wc_Sha3_512_Copy() */ static int test_wc_Sha3_512_Copy(void) { EXPECT_DECLS; #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512) wc_Sha3 sha3, sha3Cpy; const char* msg = TEST_STRING; word32 msglen = (word32)TEST_STRING_SZ; byte hash[WC_SHA3_512_DIGEST_SIZE]; byte hashCpy[WC_SHA3_512_DIGEST_SIZE]; XMEMSET(hash, 0, sizeof(hash)); XMEMSET(hashCpy, 0, sizeof(hashCpy)); XMEMSET(&sha3, 0, sizeof(wc_Sha3)); XMEMSET(&sha3Cpy, 0, sizeof(wc_Sha3)); ExpectIntEQ(wc_InitSha3_512(&sha3, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_InitSha3_512(&sha3Cpy, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_Sha3_512_Update(&sha3, (byte*)msg, msglen), 0); ExpectIntEQ(wc_Sha3_512_Copy(&sha3Cpy, &sha3), 0); ExpectIntEQ(wc_Sha3_512_Final(&sha3, hash), 0); ExpectIntEQ(wc_Sha3_512_Final(&sha3Cpy, hashCpy), 0); ExpectIntEQ(XMEMCMP(hash, hashCpy, sizeof(hash)), 0); /* Test bad args. */ ExpectIntEQ(wc_Sha3_512_Copy(NULL, &sha3), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha3_512_Copy(&sha3Cpy, NULL), BAD_FUNC_ARG); wc_Sha3_512_Free(&sha3); wc_Sha3_512_Free(&sha3Cpy); #endif return EXPECT_RESULT(); } /* END test_wc_Sha3_512_Copy */ /* * Unit test function for wc_Sha3_GetFlags() */ static int test_wc_Sha3_GetFlags(void) { EXPECT_DECLS; #if defined(WOLFSSL_SHA3) && defined(WOLFSSL_HASH_FLAGS) wc_Sha3 sha3; word32 flags = 0; /* Initialize */ ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_Sha3_GetFlags(&sha3, &flags), 0); ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0); wc_Sha3_224_Free(&sha3); #endif return EXPECT_RESULT(); } /* END test_wc_Sha3_GetFlags */ static int test_wc_InitShake256(void) { EXPECT_DECLS; #ifdef WOLFSSL_SHAKE256 wc_Shake shake; ExpectIntEQ(wc_InitShake256(&shake, HEAP_HINT, testDevId), 0); /* Test bad args. */ ExpectIntEQ(wc_InitShake256(NULL, HEAP_HINT, testDevId), BAD_FUNC_ARG); wc_Shake256_Free(&shake); #endif return EXPECT_RESULT(); } static int testing_wc_Shake256_Update(void) { EXPECT_DECLS; #ifdef WOLFSSL_SHAKE256 wc_Shake shake; byte msg[] = "Everybody's working for the weekend."; byte msg2[] = "Everybody gets Friday off."; byte msgCmp[] = "\x45\x76\x65\x72\x79\x62\x6f\x64\x79\x27\x73\x20" "\x77\x6f\x72\x6b\x69\x6e\x67\x20\x66\x6f\x72\x20\x74" "\x68\x65\x20\x77\x65\x65\x6b\x65\x6e\x64\x2e\x45\x76" "\x65\x72\x79\x62\x6f\x64\x79\x20\x67\x65\x74\x73\x20" "\x46\x72\x69\x64\x61\x79\x20\x6f\x66\x66\x2e"; word32 msglen = sizeof(msg) - 1; word32 msg2len = sizeof(msg2); word32 msgCmplen = sizeof(msgCmp); ExpectIntEQ(wc_InitShake256(&shake, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_Shake256_Update(&shake, msg, msglen), 0); ExpectIntEQ(XMEMCMP(msg, shake.t, msglen), 0); ExpectTrue(shake.i == msglen); ExpectIntEQ(wc_Shake256_Update(&shake, msg2, msg2len), 0); ExpectIntEQ(XMEMCMP(shake.t, msgCmp, msgCmplen), 0); /* Pass bad args. */ ExpectIntEQ(wc_Shake256_Update(NULL, msg2, msg2len), BAD_FUNC_ARG); ExpectIntEQ(wc_Shake256_Update(&shake, NULL, 5), BAD_FUNC_ARG); wc_Shake256_Free(&shake); ExpectIntEQ(wc_InitShake256(&shake, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_Shake256_Update(&shake, NULL, 0), 0); ExpectIntEQ(wc_Shake256_Update(&shake, msg2, msg2len), 0); ExpectIntEQ(XMEMCMP(msg2, shake.t, msg2len), 0); wc_Shake256_Free(&shake); #endif /* WOLFSSL_SHAKE256 */ return EXPECT_RESULT(); } static int test_wc_Shake256_Final(void) { EXPECT_DECLS; #ifdef WOLFSSL_SHAKE256 wc_Shake shake; const char* msg = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnom" "nopnopq"; const char* expOut = "\x4d\x8c\x2d\xd2\x43\x5a\x01\x28\xee\xfb\xb8\xc3\x6f" "\x6f\x87\x13\x3a\x79\x11\xe1\x8d\x97\x9e\xe1\xae\x6b" "\xe5\xd4\xfd\x2e\x33\x29\x40\xd8\x68\x8a\x4e\x6a\x59" "\xaa\x80\x60\xf1\xf9\xbc\x99\x6c\x05\xac\xa3\xc6\x96" "\xa8\xb6\x62\x79\xdc\x67\x2c\x74\x0b\xb2\x24\xec\x37" "\xa9\x2b\x65\xdb\x05\x39\xc0\x20\x34\x55\xf5\x1d\x97" "\xcc\xe4\xcf\xc4\x91\x27\xd7\x26\x0a\xfc\x67\x3a\xf2" "\x08\xba\xf1\x9b\xe2\x12\x33\xf3\xde\xbe\x78\xd0\x67" "\x60\xcf\xa5\x51\xee\x1e\x07\x91\x41\xd4"; byte hash[114]; /* Init stack variables. */ XMEMSET(hash, 0, sizeof(hash)); ExpectIntEQ(wc_InitShake256(&shake, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_Shake256_Update(&shake, (byte*)msg, (word32)XSTRLEN(msg)), 0); ExpectIntEQ(wc_Shake256_Final(&shake, hash, (word32)sizeof(hash)), 0); ExpectIntEQ(XMEMCMP(expOut, hash, (word32)sizeof(hash)), 0); /* Test bad args. */ ExpectIntEQ(wc_Shake256_Final(NULL, hash, (word32)sizeof(hash)), BAD_FUNC_ARG); ExpectIntEQ(wc_Shake256_Final(&shake, NULL, (word32)sizeof(hash)), BAD_FUNC_ARG); wc_Shake256_Free(&shake); #endif return EXPECT_RESULT(); } /* * Testing wc_Shake256_Copy() */ static int test_wc_Shake256_Copy(void) { EXPECT_DECLS; #ifdef WOLFSSL_SHAKE256 wc_Shake shake, shakeCpy; const char* msg = TEST_STRING; word32 msglen = (word32)TEST_STRING_SZ; byte hash[144]; byte hashCpy[144]; word32 hashLen = sizeof(hash); word32 hashLenCpy = sizeof(hashCpy); XMEMSET(hash, 0, sizeof(hash)); XMEMSET(hashCpy, 0, sizeof(hashCpy)); ExpectIntEQ(wc_InitShake256(&shake, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_InitShake256(&shakeCpy, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_Shake256_Update(&shake, (byte*)msg, msglen), 0); ExpectIntEQ(wc_Shake256_Copy(&shakeCpy, &shake), 0); ExpectIntEQ(wc_Shake256_Final(&shake, hash, hashLen), 0); ExpectIntEQ(wc_Shake256_Final(&shakeCpy, hashCpy, hashLenCpy), 0); ExpectIntEQ(XMEMCMP(hash, hashCpy, sizeof(hash)), 0); /* Test bad args. */ ExpectIntEQ(wc_Shake256_Copy(NULL, &shake), BAD_FUNC_ARG); ExpectIntEQ(wc_Shake256_Copy(&shakeCpy, NULL), BAD_FUNC_ARG); wc_Shake256_Free(&shake); wc_Shake256_Free(&shakeCpy); #endif return EXPECT_RESULT(); } /* END test_wc_Shake256_Copy */ /* * Unit test function for wc_Shake256Hash() */ static int test_wc_Shake256Hash(void) { EXPECT_DECLS; #ifdef WOLFSSL_SHAKE256 const byte data[] = { /* Hello World */ 0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f, 0x72,0x6c,0x64 }; word32 len = sizeof(data); byte hash[144]; word32 hashLen = sizeof(hash); ExpectIntEQ(wc_Shake256Hash(data, len, hash, hashLen), 0); #endif return EXPECT_RESULT(); } /* END test_wc_Shake256Hash */ /* * Testing wc_InitSm3(), wc_Sm3Free() */ static int test_wc_InitSm3Free(void) { EXPECT_DECLS; #ifdef WOLFSSL_SM3 wc_Sm3 sm3; /* Invalid Parameters */ ExpectIntEQ(wc_InitSm3(NULL, NULL, INVALID_DEVID), BAD_FUNC_ARG); /* Valid Parameters */ ExpectIntEQ(wc_InitSm3(&sm3, NULL, INVALID_DEVID), 0); wc_Sm3Free(NULL); wc_Sm3Free(&sm3); #endif return EXPECT_RESULT(); } /* END test_wc_InitSm3 */ /* * Testing wc_Sm3Update(), wc_Sm3Final() */ static int test_wc_Sm3UpdateFinal(void) { EXPECT_DECLS; #ifdef WOLFSSL_SM3 wc_Sm3 sm3; byte data[WC_SM3_BLOCK_SIZE * 4]; byte hash[WC_SM3_DIGEST_SIZE]; byte calcHash[WC_SM3_DIGEST_SIZE]; byte expHash[WC_SM3_DIGEST_SIZE] = { 0x38, 0x48, 0x15, 0xa7, 0x0e, 0xae, 0x0b, 0x27, 0x5c, 0xde, 0x9d, 0xa5, 0xd1, 0xa4, 0x30, 0xa1, 0xca, 0xd4, 0x54, 0x58, 0x44, 0xa2, 0x96, 0x1b, 0xd7, 0x14, 0x80, 0x3f, 0x80, 0x1a, 0x07, 0xb6 }; word32 chunk; word32 i; XMEMSET(data, 0, sizeof(data)); ExpectIntEQ(wc_InitSm3(&sm3, NULL, INVALID_DEVID), 0); /* Invalid Parameters */ ExpectIntEQ(wc_Sm3Update(NULL, NULL, 1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm3Update(&sm3, NULL, 1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm3Update(NULL, data, 1), BAD_FUNC_ARG); /* Valid Parameters */ ExpectIntEQ(wc_Sm3Update(&sm3, NULL, 0), 0); ExpectIntEQ(wc_Sm3Update(&sm3, data, 1), 0); ExpectIntEQ(wc_Sm3Update(&sm3, data, 1), 0); ExpectIntEQ(wc_Sm3Update(&sm3, data, WC_SM3_BLOCK_SIZE), 0); ExpectIntEQ(wc_Sm3Update(&sm3, data, WC_SM3_BLOCK_SIZE - 2), 0); ExpectIntEQ(wc_Sm3Update(&sm3, data, WC_SM3_BLOCK_SIZE * 2), 0); /* Ensure too many bytes for lengths. */ ExpectIntEQ(wc_Sm3Update(&sm3, data, WC_SM3_PAD_SIZE), 0); /* Invalid Parameters */ ExpectIntEQ(wc_Sm3Final(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm3Final(&sm3, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm3Final(NULL, hash), BAD_FUNC_ARG); /* Valid Parameters */ ExpectIntEQ(wc_Sm3Final(&sm3, hash), 0); ExpectBufEQ(hash, expHash, WC_SM3_DIGEST_SIZE); /* Chunk tests. */ ExpectIntEQ(wc_Sm3Update(&sm3, data, sizeof(data)), 0); ExpectIntEQ(wc_Sm3Final(&sm3, calcHash), 0); for (chunk = 1; chunk <= WC_SM3_BLOCK_SIZE + 1; chunk++) { for (i = 0; i + chunk <= (word32)sizeof(data); i += chunk) { ExpectIntEQ(wc_Sm3Update(&sm3, data + i, chunk), 0); } if (i < (word32)sizeof(data)) { ExpectIntEQ(wc_Sm3Update(&sm3, data + i, (word32)sizeof(data) - i), 0); } ExpectIntEQ(wc_Sm3Final(&sm3, hash), 0); ExpectBufEQ(hash, calcHash, WC_SM3_DIGEST_SIZE); } /* Not testing when the low 32-bit length overflows. */ wc_Sm3Free(&sm3); #endif return EXPECT_RESULT(); } /* END test_wc_Sm3Update */ /* * Testing wc_Sm3GetHash() */ static int test_wc_Sm3GetHash(void) { EXPECT_DECLS; #ifdef WOLFSSL_SM3 wc_Sm3 sm3; byte hash[WC_SM3_DIGEST_SIZE]; byte calcHash[WC_SM3_DIGEST_SIZE]; byte data[WC_SM3_BLOCK_SIZE]; XMEMSET(data, 0, sizeof(data)); ExpectIntEQ(wc_InitSm3(&sm3, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_Sm3Final(&sm3, calcHash), 0); /* Invalid Parameters */ ExpectIntEQ(wc_Sm3GetHash(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm3GetHash(&sm3, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm3GetHash(NULL, hash), BAD_FUNC_ARG); /* Valid Parameters */ ExpectIntEQ(wc_Sm3GetHash(&sm3, hash), 0); ExpectBufEQ(hash, calcHash, WC_SM3_DIGEST_SIZE); /* With update. */ ExpectIntEQ(wc_Sm3Update(&sm3, data, sizeof(data)), 0); ExpectIntEQ(wc_Sm3GetHash(&sm3, hash), 0); ExpectIntEQ(wc_Sm3Final(&sm3, calcHash), 0); ExpectBufEQ(hash, calcHash, WC_SM3_DIGEST_SIZE); wc_Sm3Free(&sm3); #endif return EXPECT_RESULT(); } /* END test_wc_Sm3Update */ /* * Testing wc_Sm3Copy() */ static int test_wc_Sm3Copy(void) { EXPECT_DECLS; #if defined(WOLFSSL_SM3) && defined(WOLFSSL_HASH_FLAGS) wc_Sm3 sm3; wc_Sm3 sm3Copy; byte hash[WC_SM3_DIGEST_SIZE]; byte hashCopy[WC_SM3_DIGEST_SIZE]; byte data[WC_SM3_BLOCK_SIZE + 1]; int i; ExpectIntEQ(wc_InitSm3(&sm3, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_InitSm3(&sm3Copy, NULL, INVALID_DEVID), 0); /* Invalid Parameters */ ExpectIntEQ(wc_Sm3Copy(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm3Copy(&sm3, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm3Copy(NULL, &sm3Copy), BAD_FUNC_ARG); /* Valid Parameters */ ExpectIntEQ(wc_Sm3Copy(&sm3, &sm3Copy), 0); /* Ensure all parts of data updated during hashing are copied. */ for (i = 0; i < WC_SM3_BLOCK_SIZE + 1; i++) { ExpectIntEQ(wc_Sm3Update(&sm3, data, i), 0); ExpectIntEQ(wc_Sm3Copy(&sm3, &sm3Copy), 0); ExpectIntEQ(wc_Sm3Update(&sm3, data, 1), 0); ExpectIntEQ(wc_Sm3Update(&sm3Copy, data, 1), 0); ExpectIntEQ(wc_Sm3Final(&sm3, hash), 0); ExpectIntEQ(wc_Sm3Final(&sm3Copy, hashCopy), 0); ExpectBufEQ(hash, hashCopy, WC_SM3_DIGEST_SIZE); } wc_Sm3Free(&sm3Copy); wc_Sm3Free(&sm3); #endif return EXPECT_RESULT(); } /* END test_wc_Sm3Copy */ /* * Testing wc_Sm3FinalRaw() */ static int test_wc_Sm3FinalRaw(void) { EXPECT_DECLS; #if defined(WOLFSSL_SM3) && !defined(HAVE_SELFTEST) && \ !defined(WOLFSSL_DEVCRYPTO) && (!defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 3))) && \ !defined(WOLFSSL_NO_HASH_RAW) wc_Sm3 sm3; byte hash1[WC_SM3_DIGEST_SIZE]; byte hash2[WC_SM3_DIGEST_SIZE]; byte hash3[WC_SM3_DIGEST_SIZE]; byte* hash_test[3] = { hash1, hash2, hash3 }; int times; int i; XMEMSET(&sm3, 0, sizeof(sm3)); /* Initialize */ ExpectIntEQ(wc_InitSm3(&sm3, NULL, INVALID_DEVID), 0); /* Invalid Parameters */ ExpectIntEQ(wc_Sm3FinalRaw(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm3FinalRaw(&sm3, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm3FinalRaw(NULL, hash1), BAD_FUNC_ARG); times = sizeof(hash_test) / sizeof(byte*); for (i = 0; i < times; i++) { ExpectIntEQ(wc_Sm3FinalRaw(&sm3, hash_test[i]), 0); } wc_Sm3Free(&sm3); #endif return EXPECT_RESULT(); } /* END test_wc_Sm3FinalRaw */ /* * Testing wc_Sm3GetFlags, wc_Sm3SetFlags() */ static int test_wc_Sm3GetSetFlags(void) { EXPECT_DECLS; #if defined(WOLFSSL_SM3) && defined(WOLFSSL_HASH_FLAGS) wc_Sm3 sm3; wc_Sm3 sm3Copy; word32 flags = 0; ExpectIntEQ(wc_InitSm3(&sm3, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_InitSm3(&sm3Copy, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_Sm3GetFlags(NULL, &flags), 0); ExpectIntEQ(flags, 0); ExpectIntEQ(wc_Sm3SetFlags(NULL, WC_HASH_FLAG_WILLCOPY), 0); ExpectIntEQ(wc_Sm3GetFlags(NULL, &flags), 0); ExpectIntEQ(flags, 0); ExpectIntEQ(wc_Sm3GetFlags(&sm3, &flags), 0); ExpectIntEQ(flags, 0); ExpectIntEQ(wc_Sm3SetFlags(&sm3, WC_HASH_FLAG_WILLCOPY), 0); ExpectIntEQ(wc_Sm3GetFlags(&sm3, &flags), 0); ExpectIntEQ(flags, WC_HASH_FLAG_WILLCOPY); ExpectIntEQ(wc_Sm3Copy(&sm3, &sm3Copy), 0); ExpectIntEQ(wc_Sm3GetFlags(&sm3Copy, &flags), 0); ExpectIntEQ(flags, WC_HASH_FLAG_ISCOPY | WC_HASH_FLAG_WILLCOPY); wc_Sm3Free(&sm3Copy); wc_Sm3Free(&sm3); #endif return EXPECT_RESULT(); } /* END test_wc_Sm3Update */ /* * Testing wc_Sm3Hash() */ static int test_wc_Sm3Hash(void) { EXPECT_DECLS; #if defined(WOLFSSL_SM3) && defined(WOLFSSL_HASH_FLAGS) byte data[WC_SM3_BLOCK_SIZE]; byte hash[WC_SM3_DIGEST_SIZE]; /* Invalid parameters. */ ExpectIntEQ(wc_Sm3Hash(NULL, sizeof(data), hash), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm3Hash(data, sizeof(data), NULL), BAD_FUNC_ARG); /* Valid parameters. */ ExpectIntEQ(wc_Sm3Hash(data, sizeof(data), hash), 0); #endif return EXPECT_RESULT(); } /* END test_wc_Sm3Hash */ /* * Test function for wc_HmacSetKey */ static int test_wc_Md5HmacSetKey(void) { EXPECT_DECLS; #if !defined(NO_HMAC) && !defined(NO_MD5) Hmac hmac; int ret, times, itr; const char* keys[]= { "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b", #ifndef HAVE_FIPS "Jefe", /* smaller than minimum FIPS key size */ #endif "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" }; times = sizeof(keys) / sizeof(char*); ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0); for (itr = 0; itr < times; itr++) { ret = wc_HmacSetKey(&hmac, WC_MD5, (byte*)keys[itr], (word32)XSTRLEN(keys[itr])); #if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 5) wc_HmacFree(&hmac); ExpectIntEQ(ret, BAD_FUNC_ARG); #else ExpectIntEQ(ret, 0); #endif } /* Bad args. */ ExpectIntEQ(wc_HmacSetKey(NULL, WC_MD5, (byte*)keys[0], (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG); ExpectIntEQ(wc_HmacSetKey(&hmac, WC_MD5, NULL, (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG); ExpectIntEQ(wc_HmacSetKey(&hmac, 21, (byte*)keys[0], (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG); ret = wc_HmacSetKey(&hmac, WC_MD5, (byte*)keys[0], 0); #if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 5) ExpectIntEQ(ret, BAD_FUNC_ARG); #elif defined(HAVE_FIPS) ExpectIntEQ(ret, HMAC_MIN_KEYLEN_E); #else ExpectIntEQ(ret, 0); #endif wc_HmacFree(&hmac); #endif return EXPECT_RESULT(); } /* END test_wc_Md5HmacSetKey */ /* * testing wc_HmacSetKey() on wc_Sha hash. */ static int test_wc_ShaHmacSetKey(void) { EXPECT_DECLS; #if !defined(NO_HMAC) && !defined(NO_SHA) Hmac hmac; int ret, times, itr; const char* keys[]= { "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" "\x0b\x0b\x0b", #ifndef HAVE_FIPS "Jefe", /* smaller than minimum FIPS key size */ #endif "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" "\xAA\xAA\xAA" }; times = sizeof(keys) / sizeof(char*); ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0); for (itr = 0; itr < times; itr++) { ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA, (byte*)keys[itr], (word32)XSTRLEN(keys[itr])), 0); } /* Bad args. */ ExpectIntEQ(wc_HmacSetKey(NULL, WC_SHA, (byte*)keys[0], (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG); ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA, NULL, (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG); ExpectIntEQ(wc_HmacSetKey(&hmac, 21, (byte*)keys[0], (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG); ret = wc_HmacSetKey(&hmac, WC_SHA, (byte*)keys[0], 0); #ifdef HAVE_FIPS ExpectIntEQ(ret, HMAC_MIN_KEYLEN_E); #else ExpectIntEQ(ret, 0); #endif wc_HmacFree(&hmac); #endif return EXPECT_RESULT(); } /* END test_wc_ShaHmacSetKey() */ /* * testing wc_HmacSetKey() on Sha224 hash. */ static int test_wc_Sha224HmacSetKey(void) { EXPECT_DECLS; #if !defined(NO_HMAC) && defined(WOLFSSL_SHA224) Hmac hmac; int ret, times, itr; const char* keys[]= { "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" "\x0b\x0b\x0b", #ifndef HAVE_FIPS "Jefe", /* smaller than minimum FIPS key size */ #endif "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" "\xAA\xAA\xAA" }; times = sizeof(keys) / sizeof(char*); ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0); for (itr = 0; itr < times; itr++) { ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA224, (byte*)keys[itr], (word32)XSTRLEN(keys[itr])), 0); } /* Bad args. */ ExpectIntEQ(wc_HmacSetKey(NULL, WC_SHA224, (byte*)keys[0], (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG); ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA224, NULL, (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG); ExpectIntEQ(wc_HmacSetKey(&hmac, 21, (byte*)keys[0], (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG); ret = wc_HmacSetKey(&hmac, WC_SHA224, (byte*)keys[0], 0); #ifdef HAVE_FIPS ExpectIntEQ(ret, HMAC_MIN_KEYLEN_E); #else ExpectIntEQ(ret, 0); #endif wc_HmacFree(&hmac); #endif return EXPECT_RESULT(); } /* END test_wc_Sha224HmacSetKey() */ /* * testing wc_HmacSetKey() on Sha256 hash */ static int test_wc_Sha256HmacSetKey(void) { EXPECT_DECLS; #if !defined(NO_HMAC) && !defined(NO_SHA256) Hmac hmac; int ret, times, itr; const char* keys[]= { "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" "\x0b\x0b\x0b", #ifndef HAVE_FIPS "Jefe", /* smaller than minimum FIPS key size */ #endif "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" "\xAA\xAA\xAA" }; times = sizeof(keys) / sizeof(char*); ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0); for (itr = 0; itr < times; itr++) { ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA256, (byte*)keys[itr], (word32)XSTRLEN(keys[itr])), 0); } /* Bad args. */ ExpectIntEQ(wc_HmacSetKey(NULL, WC_SHA256, (byte*)keys[0], (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG); ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA256, NULL, (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG); ExpectIntEQ(wc_HmacSetKey(&hmac, 21, (byte*)keys[0], (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG); ret = wc_HmacSetKey(&hmac, WC_SHA256, (byte*)keys[0], 0); #ifdef HAVE_FIPS ExpectIntEQ(ret, HMAC_MIN_KEYLEN_E); #else ExpectIntEQ(ret, 0); #endif wc_HmacFree(&hmac); #endif return EXPECT_RESULT(); } /* END test_wc_Sha256HmacSetKey() */ /* * testing wc_HmacSetKey on Sha384 hash. */ static int test_wc_Sha384HmacSetKey(void) { EXPECT_DECLS; #if !defined(NO_HMAC) && defined(WOLFSSL_SHA384) Hmac hmac; int ret, times, itr; const char* keys[]= { "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" "\x0b\x0b\x0b", #ifndef HAVE_FIPS "Jefe", /* smaller than minimum FIPS key size */ #endif "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" "\xAA\xAA\xAA" }; times = sizeof(keys) / sizeof(char*); ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0); for (itr = 0; itr < times; itr++) { ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA384, (byte*)keys[itr], (word32)XSTRLEN(keys[itr])), 0); } /* Bad args. */ ExpectIntEQ(wc_HmacSetKey(NULL, WC_SHA384, (byte*)keys[0], (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG); ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA384, NULL, (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG); ExpectIntEQ(wc_HmacSetKey(&hmac, 21, (byte*)keys[0], (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG); ret = wc_HmacSetKey(&hmac, WC_SHA384, (byte*)keys[0], 0); #ifdef HAVE_FIPS ExpectIntEQ(ret, HMAC_MIN_KEYLEN_E); #else ExpectIntEQ(ret, 0); #endif wc_HmacFree(&hmac); #endif return EXPECT_RESULT(); } /* END test_wc_Sha384HmacSetKey() */ /* * testing wc_HmacUpdate on wc_Md5 hash. */ static int test_wc_Md5HmacUpdate(void) { EXPECT_DECLS; #if !defined(NO_HMAC) && !defined(NO_MD5) && !(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 5)) Hmac hmac; testVector a, b; #ifdef HAVE_FIPS const char* keys = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"; #else const char* keys = "Jefe"; #endif a.input = "what do ya want for nothing?"; a.inLen = XSTRLEN(a.input); b.input = "Hi There"; b.inLen = XSTRLEN(b.input); ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_HmacSetKey(&hmac, WC_MD5, (byte*)keys, (word32)XSTRLEN(keys)), 0); ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0); /* Update Hmac. */ ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0); /* Test bad args. */ ExpectIntEQ(wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_HmacUpdate(&hmac, NULL, (word32)a.inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, 0), 0); wc_HmacFree(&hmac); #endif return EXPECT_RESULT(); } /* END test_wc_Md5HmacUpdate */ /* * testing wc_HmacUpdate on SHA hash. */ static int test_wc_ShaHmacUpdate(void) { EXPECT_DECLS; #if !defined(NO_HMAC) && !defined(NO_SHA) Hmac hmac; testVector a, b; #ifdef HAVE_FIPS const char* keys = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"; #else const char* keys = "Jefe"; #endif a.input = "what do ya want for nothing?"; a.inLen = XSTRLEN(a.input); b.input = "Hi There"; b.inLen = XSTRLEN(b.input); ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA, (byte*)keys, (word32)XSTRLEN(keys)), 0); ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0); /* Update Hmac. */ ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0); /* Test bad args. */ ExpectIntEQ(wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_HmacUpdate(&hmac, NULL, (word32)a.inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, 0), 0); wc_HmacFree(&hmac); #endif return EXPECT_RESULT(); } /* END test_wc_ShaHmacUpdate */ /* * testing wc_HmacUpdate on SHA224 hash. */ static int test_wc_Sha224HmacUpdate(void) { EXPECT_DECLS; #if !defined(NO_HMAC) && defined(WOLFSSL_SHA224) Hmac hmac; testVector a, b; #ifdef HAVE_FIPS const char* keys = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"; #else const char* keys = "Jefe"; #endif a.input = "what do ya want for nothing?"; a.inLen = XSTRLEN(a.input); b.input = "Hi There"; b.inLen = XSTRLEN(b.input); ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA224, (byte*)keys, (word32)XSTRLEN(keys)), 0); ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0); /* Update Hmac. */ ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0); /* Test bad args. */ ExpectIntEQ(wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_HmacUpdate(&hmac, NULL, (word32)a.inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, 0), 0); wc_HmacFree(&hmac); #endif return EXPECT_RESULT(); } /* END test_wc_Sha224HmacUpdate */ /* * testing wc_HmacUpdate on SHA256 hash. */ static int test_wc_Sha256HmacUpdate(void) { EXPECT_DECLS; #if !defined(NO_HMAC) && !defined(NO_SHA256) Hmac hmac; testVector a, b; #ifdef HAVE_FIPS const char* keys = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"; #else const char* keys = "Jefe"; #endif a.input = "what do ya want for nothing?"; a.inLen = XSTRLEN(a.input); b.input = "Hi There"; b.inLen = XSTRLEN(b.input); ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA256, (byte*)keys, (word32)XSTRLEN(keys)), 0); ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0); /* Update Hmac. */ ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0); /* Test bad args. */ ExpectIntEQ(wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_HmacUpdate(&hmac, NULL, (word32)a.inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, 0), 0); wc_HmacFree(&hmac); #endif return EXPECT_RESULT(); } /* END test_wc_Sha256HmacUpdate */ /* * testing wc_HmacUpdate on SHA384 hash. */ static int test_wc_Sha384HmacUpdate(void) { EXPECT_DECLS; #if !defined(NO_HMAC) && defined(WOLFSSL_SHA384) Hmac hmac; testVector a, b; #ifdef HAVE_FIPS const char* keys = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"; #else const char* keys = "Jefe"; #endif a.input = "what do ya want for nothing?"; a.inLen = XSTRLEN(a.input); b.input = "Hi There"; b.inLen = XSTRLEN(b.input); ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA384, (byte*)keys, (word32)XSTRLEN(keys)), 0); ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0); /* Update Hmac. */ ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0); /* Test bad args. */ ExpectIntEQ(wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_HmacUpdate(&hmac, NULL, (word32)a.inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, 0), 0); wc_HmacFree(&hmac); #endif return EXPECT_RESULT(); } /* END test_wc_Sha384HmacUpdate */ /* * Testing wc_HmacFinal() with MD5 */ static int test_wc_Md5HmacFinal(void) { EXPECT_DECLS; #if !defined(NO_HMAC) && !defined(NO_MD5) && !(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 5)) Hmac hmac; byte hash[WC_MD5_DIGEST_SIZE]; testVector a; const char* key; key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"; a.input = "Hi There"; a.output = "\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc" "\x9d"; a.inLen = XSTRLEN(a.input); a.outLen = XSTRLEN(a.output); ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_HmacSetKey(&hmac, WC_MD5, (byte*)key, (word32)XSTRLEN(key)), 0); ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0); ExpectIntEQ(wc_HmacFinal(&hmac, hash), 0); ExpectIntEQ(XMEMCMP(hash, a.output, WC_MD5_DIGEST_SIZE), 0); /* Try bad parameters. */ ExpectIntEQ(wc_HmacFinal(NULL, hash), BAD_FUNC_ARG); #ifndef HAVE_FIPS ExpectIntEQ(wc_HmacFinal(&hmac, NULL), BAD_FUNC_ARG); #endif wc_HmacFree(&hmac); #endif return EXPECT_RESULT(); } /* END test_wc_Md5HmacFinal */ /* * Testing wc_HmacFinal() with SHA */ static int test_wc_ShaHmacFinal(void) { EXPECT_DECLS; #if !defined(NO_HMAC) && !defined(NO_SHA) Hmac hmac; byte hash[WC_SHA_DIGEST_SIZE]; testVector a; const char* key; key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" "\x0b\x0b\x0b"; a.input = "Hi There"; a.output = "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c" "\x8e\xf1\x46\xbe\x00"; a.inLen = XSTRLEN(a.input); a.outLen = XSTRLEN(a.output); ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA, (byte*)key, (word32)XSTRLEN(key)), 0); ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0); ExpectIntEQ(wc_HmacFinal(&hmac, hash), 0); ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA_DIGEST_SIZE), 0); /* Try bad parameters. */ ExpectIntEQ(wc_HmacFinal(NULL, hash), BAD_FUNC_ARG); #ifndef HAVE_FIPS ExpectIntEQ(wc_HmacFinal(&hmac, NULL), BAD_FUNC_ARG); #endif wc_HmacFree(&hmac); #endif return EXPECT_RESULT(); } /* END test_wc_ShaHmacFinal */ /* * Testing wc_HmacFinal() with SHA224 */ static int test_wc_Sha224HmacFinal(void) { EXPECT_DECLS; #if !defined(NO_HMAC) && defined(WOLFSSL_SHA224) Hmac hmac; byte hash[WC_SHA224_DIGEST_SIZE]; testVector a; const char* key; key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" "\x0b\x0b\x0b"; a.input = "Hi There"; a.output = "\x89\x6f\xb1\x12\x8a\xbb\xdf\x19\x68\x32\x10\x7c\xd4\x9d\xf3" "\x3f\x47\xb4\xb1\x16\x99\x12\xba\x4f\x53\x68\x4b\x22"; a.inLen = XSTRLEN(a.input); a.outLen = XSTRLEN(a.output); ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA224, (byte*)key, (word32)XSTRLEN(key)), 0); ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0); ExpectIntEQ(wc_HmacFinal(&hmac, hash), 0); ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA224_DIGEST_SIZE), 0); /* Try bad parameters. */ ExpectIntEQ(wc_HmacFinal(NULL, hash), BAD_FUNC_ARG); #ifndef HAVE_FIPS ExpectIntEQ(wc_HmacFinal(&hmac, NULL), BAD_FUNC_ARG); #endif wc_HmacFree(&hmac); #endif return EXPECT_RESULT(); } /* END test_wc_Sha224HmacFinal */ /* * Testing wc_HmacFinal() with SHA256 */ static int test_wc_Sha256HmacFinal(void) { EXPECT_DECLS; #if !defined(NO_HMAC) && !defined(NO_SHA256) Hmac hmac; byte hash[WC_SHA256_DIGEST_SIZE]; testVector a; const char* key; key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" "\x0b\x0b\x0b"; a.input = "Hi There"; a.output = "\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1" "\x2b\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32" "\xcf\xf7"; a.inLen = XSTRLEN(a.input); a.outLen = XSTRLEN(a.output); ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA256, (byte*)key, (word32)XSTRLEN(key)), 0); ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0); ExpectIntEQ(wc_HmacFinal(&hmac, hash), 0); ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA256_DIGEST_SIZE), 0); /* Try bad parameters. */ ExpectIntEQ(wc_HmacFinal(NULL, hash), BAD_FUNC_ARG); #ifndef HAVE_FIPS ExpectIntEQ(wc_HmacFinal(&hmac, NULL), BAD_FUNC_ARG); #endif wc_HmacFree(&hmac); #endif return EXPECT_RESULT(); } /* END test_wc_Sha256HmacFinal */ /* * Testing wc_HmacFinal() with SHA384 */ static int test_wc_Sha384HmacFinal(void) { EXPECT_DECLS; #if !defined(NO_HMAC) && defined(WOLFSSL_SHA384) Hmac hmac; byte hash[WC_SHA384_DIGEST_SIZE]; testVector a; const char* key; key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" "\x0b\x0b\x0b"; a.input = "Hi There"; a.output = "\xaf\xd0\x39\x44\xd8\x48\x95\x62\x6b\x08\x25\xf4\xab\x46\x90" "\x7f\x15\xf9\xda\xdb\xe4\x10\x1e\xc6\x82\xaa\x03\x4c\x7c\xeb" "\xc5\x9c\xfa\xea\x9e\xa9\x07\x6e\xde\x7f\x4a\xf1\x52\xe8\xb2" "\xfa\x9c\xb6"; a.inLen = XSTRLEN(a.input); a.outLen = XSTRLEN(a.output); ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA384, (byte*)key, (word32)XSTRLEN(key)), 0); ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0); ExpectIntEQ(wc_HmacFinal(&hmac, hash), 0); ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA384_DIGEST_SIZE), 0); /* Try bad parameters. */ ExpectIntEQ(wc_HmacFinal(NULL, hash), BAD_FUNC_ARG); #ifndef HAVE_FIPS ExpectIntEQ(wc_HmacFinal(&hmac, NULL), BAD_FUNC_ARG); #endif wc_HmacFree(&hmac); #endif return EXPECT_RESULT(); } /* END test_wc_Sha384HmacFinal */ /* * Testing wc_InitCmac() */ static int test_wc_InitCmac(void) { EXPECT_DECLS; #if defined(WOLFSSL_CMAC) && !defined(NO_AES) Cmac cmac1; Cmac cmac2; Cmac cmac3; /* AES 128 key. */ byte key1[] = "\x01\x02\x03\x04\x05\x06\x07\x08" "\x09\x10\x11\x12\x13\x14\x15\x16"; /* AES 192 key. */ byte key2[] = "\x01\x02\x03\x04\x05\x06\x07\x08" "\x09\x01\x11\x12\x13\x14\x15\x16" "\x01\x02\x03\x04\x05\x06\x07\x08"; /* AES 256 key. */ byte key3[] = "\x01\x02\x03\x04\x05\x06\x07\x08" "\x09\x01\x11\x12\x13\x14\x15\x16" "\x01\x02\x03\x04\x05\x06\x07\x08" "\x09\x01\x11\x12\x13\x14\x15\x16"; word32 key1Sz = (word32)sizeof(key1) - 1; word32 key2Sz = (word32)sizeof(key2) - 1; word32 key3Sz = (word32)sizeof(key3) - 1; int type = WC_CMAC_AES; (void)key1; (void)key1Sz; (void)key2; (void)key2Sz; XMEMSET(&cmac1, 0, sizeof(Cmac)); XMEMSET(&cmac2, 0, sizeof(Cmac)); XMEMSET(&cmac3, 0, sizeof(Cmac)); #ifdef WOLFSSL_AES_128 ExpectIntEQ(wc_InitCmac(&cmac1, key1, key1Sz, type, NULL), 0); #endif #ifdef WOLFSSL_AES_192 wc_AesFree(&cmac1.aes); ExpectIntEQ(wc_InitCmac(&cmac2, key2, key2Sz, type, NULL), 0); #endif #ifdef WOLFSSL_AES_256 wc_AesFree(&cmac2.aes); ExpectIntEQ(wc_InitCmac(&cmac3, key3, key3Sz, type, NULL), 0); #endif wc_AesFree(&cmac3.aes); /* Test bad args. */ ExpectIntEQ(wc_InitCmac(NULL, key3, key3Sz, type, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_InitCmac(&cmac3, NULL, key3Sz, type, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_InitCmac(&cmac3, key3, 0, type, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_InitCmac(&cmac3, key3, key3Sz, 0, NULL), BAD_FUNC_ARG); #endif return EXPECT_RESULT(); } /* END test_wc_InitCmac */ /* * Testing wc_CmacUpdate() */ static int test_wc_CmacUpdate(void) { EXPECT_DECLS; #if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_128) Cmac cmac; byte key[] = { 0x64, 0x4c, 0xbf, 0x12, 0x85, 0x9d, 0xf0, 0x55, 0x7e, 0xa9, 0x1f, 0x08, 0xe0, 0x51, 0xff, 0x27 }; byte in[] = "\xe2\xb4\xb6\xf9\x48\x44\x02\x64" "\x5c\x47\x80\x9e\xd5\xa8\x3a\x17" "\xb3\x78\xcf\x85\x22\x41\x74\xd9" "\xa0\x97\x39\x71\x62\xf1\x8e\x8f" "\xf4"; word32 inSz = (word32)sizeof(in) - 1; word32 keySz = (word32)sizeof(key); int type = WC_CMAC_AES; XMEMSET(&cmac, 0, sizeof(Cmac)); ExpectIntEQ(wc_InitCmac(&cmac, key, keySz, type, NULL), 0); ExpectIntEQ(wc_CmacUpdate(&cmac, in, inSz), 0); /* Test bad args. */ ExpectIntEQ(wc_CmacUpdate(NULL, in, inSz), BAD_FUNC_ARG); ExpectIntEQ(wc_CmacUpdate(&cmac, NULL, 30), BAD_FUNC_ARG); wc_AesFree(&cmac.aes); #endif return EXPECT_RESULT(); } /* END test_wc_CmacUpdate */ /* * Testing wc_CmacFinal() */ static int test_wc_CmacFinal(void) { EXPECT_DECLS; #if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_128) Cmac cmac; byte key[] = { 0x64, 0x4c, 0xbf, 0x12, 0x85, 0x9d, 0xf0, 0x55, 0x7e, 0xa9, 0x1f, 0x08, 0xe0, 0x51, 0xff, 0x27 }; byte msg[] = { 0xe2, 0xb4, 0xb6, 0xf9, 0x48, 0x44, 0x02, 0x64, 0x5c, 0x47, 0x80, 0x9e, 0xd5, 0xa8, 0x3a, 0x17, 0xb3, 0x78, 0xcf, 0x85, 0x22, 0x41, 0x74, 0xd9, 0xa0, 0x97, 0x39, 0x71, 0x62, 0xf1, 0x8e, 0x8f, 0xf4 }; /* Test vectors from CMACGenAES128.rsp from * http://csrc.nist.gov/groups/STM/cavp/block-cipher-modes.html#cmac * Per RFC4493 truncation of lsb is possible. */ byte expMac[] = { 0x4e, 0x6e, 0xc5, 0x6f, 0xf9, 0x5d, 0x0e, 0xae, 0x1c, 0xf8, 0x3e, 0xfc, 0xf4, 0x4b, 0xeb }; byte mac[AES_BLOCK_SIZE]; word32 msgSz = (word32)sizeof(msg); word32 keySz = (word32)sizeof(key); word32 macSz = sizeof(mac); word32 badMacSz = 17; int expMacSz = sizeof(expMac); int type = WC_CMAC_AES; XMEMSET(&cmac, 0, sizeof(Cmac)); XMEMSET(mac, 0, macSz); ExpectIntEQ(wc_InitCmac(&cmac, key, keySz, type, NULL), 0); ExpectIntEQ(wc_CmacUpdate(&cmac, msg, msgSz), 0); #if (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST) /* Pass in bad args. */ ExpectIntEQ(wc_CmacFinalNoFree(NULL, mac, &macSz), BAD_FUNC_ARG); ExpectIntEQ(wc_CmacFinalNoFree(&cmac, NULL, &macSz), BAD_FUNC_ARG); ExpectIntEQ(wc_CmacFinalNoFree(&cmac, mac, &badMacSz), BUFFER_E); /* For the last call, use the API with implicit wc_CmacFree(). */ ExpectIntEQ(wc_CmacFinal(&cmac, mac, &macSz), 0); ExpectIntEQ(XMEMCMP(mac, expMac, expMacSz), 0); #else /* !HAVE_FIPS || FIPS>=5.3 */ ExpectIntEQ(wc_CmacFinal(&cmac, mac, &macSz), 0); ExpectIntEQ(XMEMCMP(mac, expMac, expMacSz), 0); /* Pass in bad args. */ ExpectIntEQ(wc_CmacFinal(NULL, mac, &macSz), BAD_FUNC_ARG); ExpectIntEQ(wc_CmacFinal(&cmac, NULL, &macSz), BAD_FUNC_ARG); ExpectIntEQ(wc_CmacFinal(&cmac, mac, &badMacSz), BUFFER_E); #endif /* !HAVE_FIPS || FIPS>=5.3 */ #endif return EXPECT_RESULT(); } /* END test_wc_CmacFinal */ /* * Testing wc_AesCmacGenerate() && wc_AesCmacVerify() */ static int test_wc_AesCmacGenerate(void) { EXPECT_DECLS; #if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_128) byte key[] = { 0x26, 0xef, 0x8b, 0x40, 0x34, 0x11, 0x7d, 0x9e, 0xbe, 0xc0, 0xc7, 0xfc, 0x31, 0x08, 0x54, 0x69 }; byte msg[] = "\x18\x90\x49\xef\xfd\x7c\xf9\xc8" "\xf3\x59\x65\xbc\xb0\x97\x8f\xd4"; byte expMac[] = "\x29\x5f\x2f\x71\xfc\x58\xe6\xf6" "\x3d\x32\x65\x4c\x66\x23\xc5"; byte mac[AES_BLOCK_SIZE]; word32 keySz = sizeof(key); word32 macSz = sizeof(mac); word32 msgSz = sizeof(msg) - 1; word32 expMacSz = sizeof(expMac) - 1; XMEMSET(mac, 0, macSz); ExpectIntEQ(wc_AesCmacGenerate(mac, &macSz, msg, msgSz, key, keySz), 0); ExpectIntEQ(XMEMCMP(mac, expMac, expMacSz), 0); /* Pass in bad args. */ ExpectIntEQ(wc_AesCmacGenerate(NULL, &macSz, msg, msgSz, key, keySz), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCmacGenerate(mac, &macSz, msg, msgSz, NULL, keySz), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCmacGenerate(mac, &macSz, msg, msgSz, key, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCmacGenerate(mac, &macSz, NULL, msgSz, key, keySz), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCmacVerify(mac, macSz, msg, msgSz, key, keySz), 0); /* Test bad args. */ ExpectIntEQ(wc_AesCmacVerify(NULL, macSz, msg, msgSz, key, keySz), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCmacVerify(mac, 0, msg, msgSz, key, keySz), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCmacVerify(mac, macSz, msg, msgSz, NULL, keySz), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCmacVerify(mac, macSz, msg, msgSz, key, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCmacVerify(mac, macSz, NULL, msgSz, key, keySz), BAD_FUNC_ARG); #endif return EXPECT_RESULT(); } /* END test_wc_AesCmacGenerate */ /* * Testing streaming AES-GCM API. */ static int test_wc_AesGcmStream(void) { EXPECT_DECLS; #if !defined(NO_AES) && defined(WOLFSSL_AES_128) && defined(HAVE_AESGCM) && \ defined(WOLFSSL_AESGCM_STREAM) int i; WC_RNG rng[1]; Aes aesEnc[1]; Aes aesDec[1]; byte tag[AES_BLOCK_SIZE]; byte in[AES_BLOCK_SIZE * 3 + 2] = { 0, }; byte out[AES_BLOCK_SIZE * 3 + 2]; byte plain[AES_BLOCK_SIZE * 3 + 2]; byte aad[AES_BLOCK_SIZE * 3 + 2] = { 0, }; byte key[AES_128_KEY_SIZE] = { 0, }; byte iv[AES_IV_SIZE] = { 1, }; byte ivOut[AES_IV_SIZE]; static const byte expTagAAD1[AES_BLOCK_SIZE] = { 0x6c, 0x35, 0xe6, 0x7f, 0x59, 0x9e, 0xa9, 0x2f, 0x27, 0x2d, 0x5f, 0x8e, 0x7e, 0x42, 0xd3, 0x05 }; static const byte expTagPlain1[AES_BLOCK_SIZE] = { 0x24, 0xba, 0x57, 0x95, 0xd0, 0x27, 0x9e, 0x78, 0x3a, 0x88, 0x4c, 0x0a, 0x5d, 0x50, 0x23, 0xd1 }; static const byte expTag[AES_BLOCK_SIZE] = { 0x22, 0x91, 0x70, 0xad, 0x42, 0xc3, 0xad, 0x96, 0xe0, 0x31, 0x57, 0x60, 0xb7, 0x92, 0xa3, 0x6d }; XMEMSET(&rng, 0, sizeof(WC_RNG)); XMEMSET(&aesEnc, 0, sizeof(Aes)); XMEMSET(&aesDec, 0, sizeof(Aes)); /* Create a random for generating IV/nonce. */ ExpectIntEQ(wc_InitRng(rng), 0); /* Initialize data structures. */ ExpectIntEQ(wc_AesInit(aesEnc, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0); /* BadParameters to streaming init. */ ExpectIntEQ(wc_AesGcmEncryptInit(NULL, NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmDecryptInit(NULL, NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmDecryptInit(aesEnc, NULL, AES_128_KEY_SIZE, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmDecryptInit(aesEnc, NULL, 0, NULL, GCM_NONCE_MID_SZ), BAD_FUNC_ARG); /* Bad parameters to encrypt update. */ ExpectIntEQ(wc_AesGcmEncryptUpdate(NULL, NULL, NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 1, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, in, 1, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out, NULL, 1, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, NULL, 1), BAD_FUNC_ARG); /* Bad parameters to decrypt update. */ ExpectIntEQ(wc_AesGcmDecryptUpdate(NULL, NULL, NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 1, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, in, 1, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, out, NULL, 1, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, NULL, 1), BAD_FUNC_ARG); /* Bad parameters to encrypt final. */ ExpectIntEQ(wc_AesGcmEncryptFinal(NULL, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmEncryptFinal(NULL, tag, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmEncryptFinal(NULL, NULL, AES_BLOCK_SIZE), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, NULL, AES_BLOCK_SIZE), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE + 1), BAD_FUNC_ARG); /* Bad parameters to decrypt final. */ ExpectIntEQ(wc_AesGcmDecryptFinal(NULL, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmDecryptFinal(NULL, tag, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmDecryptFinal(NULL, NULL, AES_BLOCK_SIZE), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, NULL, AES_BLOCK_SIZE), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE + 1), BAD_FUNC_ARG); /* Check calling final before setting key fails. */ ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, sizeof(tag)), MISSING_KEY); ExpectIntEQ(wc_AesGcmEncryptFinal(aesDec, tag, sizeof(tag)), MISSING_KEY); /* Check calling update before setting key else fails. */ ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, aad, 1), MISSING_KEY); ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, aad, 1), MISSING_KEY); /* Set key but not IV. */ ExpectIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), NULL, 0), 0); ExpectIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), NULL, 0), 0); /* Check calling final before setting IV fails. */ ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, sizeof(tag)), MISSING_IV); ExpectIntEQ(wc_AesGcmEncryptFinal(aesDec, tag, sizeof(tag)), MISSING_IV); /* Check calling update before setting IV else fails. */ ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, aad, 1), MISSING_IV); ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, aad, 1), MISSING_IV); /* Set IV using fixed part IV and external IV APIs. */ ExpectIntEQ(wc_AesGcmSetIV(aesEnc, GCM_NONCE_MID_SZ, iv, AES_IV_FIXED_SZ, rng), 0); ExpectIntEQ(wc_AesGcmEncryptInit_ex(aesEnc, NULL, 0, ivOut, GCM_NONCE_MID_SZ), 0); ExpectIntEQ(wc_AesGcmSetExtIV(aesDec, ivOut, GCM_NONCE_MID_SZ), 0); ExpectIntEQ(wc_AesGcmInit(aesDec, NULL, 0, NULL, 0), 0); /* Encrypt and decrypt data. */ ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out, in, 1, aad, 1), 0); ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, plain, out, 1, aad, 1), 0); ExpectIntEQ(XMEMCMP(plain, in, 1), 0); /* Finalize and check tag matches. */ ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0); ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0); /* Set key and IV through streaming init API. */ wc_AesFree(aesEnc); wc_AesFree(aesDec); ExpectIntEQ(wc_AesInit(aesEnc, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), iv, AES_IV_SIZE), 0); ExpectIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0); /* Encrypt/decrypt one block and AAD of one block. */ ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out, in, AES_BLOCK_SIZE, aad, AES_BLOCK_SIZE), 0); ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, plain, out, AES_BLOCK_SIZE, aad, AES_BLOCK_SIZE), 0); ExpectIntEQ(XMEMCMP(plain, in, AES_BLOCK_SIZE), 0); /* Finalize and check tag matches. */ ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0); ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0); /* Set key and IV through streaming init API. */ wc_AesFree(aesEnc); wc_AesFree(aesDec); ExpectIntEQ(wc_AesInit(aesEnc, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), iv, AES_IV_SIZE), 0); ExpectIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0); /* No data to encrypt/decrypt one byte of AAD. */ ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, aad, 1), 0); ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, aad, 1), 0); /* Finalize and check tag matches. */ ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0); ExpectIntEQ(XMEMCMP(tag, expTagAAD1, AES_BLOCK_SIZE), 0); ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0); /* Set key and IV through streaming init API. */ wc_AesFree(aesEnc); wc_AesFree(aesDec); ExpectIntEQ(wc_AesInit(aesEnc, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), iv, AES_IV_SIZE), 0); ExpectIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0); /* Encrypt/decrypt one byte and no AAD. */ ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out, in, 1, NULL, 0), 0); ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, plain, out, 1, NULL, 0), 0); ExpectIntEQ(XMEMCMP(plain, in, 1), 0); /* Finalize and check tag matches. */ ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0); ExpectIntEQ(XMEMCMP(tag, expTagPlain1, AES_BLOCK_SIZE), 0); ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0); /* Set key and IV through streaming init API. */ wc_AesFree(aesEnc); wc_AesFree(aesDec); ExpectIntEQ(wc_AesInit(aesEnc, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), iv, AES_IV_SIZE), 0); ExpectIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0); /* Encryption AES is one byte at a time */ for (i = 0; i < (int)sizeof(aad); i++) { ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, aad + i, 1), 0); } for (i = 0; i < (int)sizeof(in); i++) { ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out + i, in + i, 1, NULL, 0), 0); } /* Decryption AES is two bytes at a time */ for (i = 0; i < (int)sizeof(aad); i += 2) { ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, aad + i, 2), 0); } for (i = 0; i < (int)sizeof(aad); i += 2) { ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, plain + i, out + i, 2, NULL, 0), 0); } ExpectIntEQ(XMEMCMP(plain, in, sizeof(in)), 0); /* Finalize and check tag matches. */ ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0); ExpectIntEQ(XMEMCMP(tag, expTag, AES_BLOCK_SIZE), 0); ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0); /* Check streaming encryption can be decrypted with one shot. */ wc_AesFree(aesDec); ExpectIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0); ExpectIntEQ(wc_AesGcmSetKey(aesDec, key, sizeof(key)), 0); ExpectIntEQ(wc_AesGcmDecrypt(aesDec, plain, out, sizeof(in), iv, AES_IV_SIZE, tag, AES_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(XMEMCMP(plain, in, sizeof(in)), 0); wc_AesFree(aesEnc); wc_AesFree(aesDec); wc_FreeRng(rng); #endif return EXPECT_RESULT(); } /* END test_wc_AesGcmStream */ /* * Testing streaming SM4 API. */ static int test_wc_Sm4(void) { int res = TEST_SKIPPED; #ifdef WOLFSSL_SM4 EXPECT_DECLS; wc_Sm4 sm4; #if defined(WOLFSSL_SM4_ECB) || defined(WOLFSSL_SM4_CBC) || \ defined(WOLFSSL_SM4_CTR) || defined(WOLFSSL_SM4_CCM) unsigned char key[SM4_KEY_SIZE]; #endif #if defined(WOLFSSL_SM4_CBC) || defined(WOLFSSL_SM4_CTR) unsigned char iv[SM4_IV_SIZE]; #endif /* Invalid parameters - wc_Sm4Init */ ExpectIntEQ(wc_Sm4Init(NULL, NULL, INVALID_DEVID), BAD_FUNC_ARG); /* Valid cases - wc_Sm4Init */ ExpectIntEQ(wc_Sm4Init(&sm4, NULL, INVALID_DEVID), 0); #if defined(WOLFSSL_SM4_ECB) || defined(WOLFSSL_SM4_CBC) || \ defined(WOLFSSL_SM4_CTR) || defined(WOLFSSL_SM4_CCM) XMEMSET(key, 0, sizeof(key)); /* Invalid parameters - wc_Sm4SetKey. */ ExpectIntEQ(wc_Sm4SetKey(NULL, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4SetKey(&sm4, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4SetKey(NULL, key, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4SetKey(NULL, NULL, SM4_KEY_SIZE), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4SetKey(&sm4, key, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4SetKey(&sm4, NULL, SM4_KEY_SIZE), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4SetKey(NULL, key, SM4_KEY_SIZE), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE-1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE+1), BAD_FUNC_ARG); /* Valid cases - wc_Sm4SetKey. */ ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE), 0); #endif #if defined(WOLFSSL_SM4_CBC) || defined(WOLFSSL_SM4_CTR) XMEMSET(iv, 0, sizeof(iv)); /* Invalid parameters - wc_Sm4SetIV. */ ExpectIntEQ(wc_Sm4SetIV(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4SetIV(&sm4, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4SetIV(NULL, iv), BAD_FUNC_ARG); /* Valid cases - wc_Sm4SetIV. */ ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0); #endif /* Valid cases - wc_Sm4Free */ wc_Sm4Free(NULL); wc_Sm4Free(&sm4); res = EXPECT_RESULT(); #endif return res; } /* END test_wc_Sm4 */ /* * Testing block based SM4-ECB API. */ static int test_wc_Sm4Ecb(void) { int res = TEST_SKIPPED; #ifdef WOLFSSL_SM4_ECB EXPECT_DECLS; wc_Sm4 sm4; unsigned char key[SM4_KEY_SIZE]; unsigned char in[SM4_BLOCK_SIZE * 2]; unsigned char out[SM4_BLOCK_SIZE * 2]; unsigned char out2[SM4_BLOCK_SIZE]; XMEMSET(key, 0, sizeof(key)); XMEMSET(in, 0, sizeof(in)); ExpectIntEQ(wc_Sm4Init(&sm4, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, out, in, 0), MISSING_KEY); ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, out, in, 0), MISSING_KEY); /* Tested in test_wc_Sm4. */ ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE), 0); /* Invalid parameters - wc_Sm4EcbEncrypt. */ ExpectIntEQ(wc_Sm4EcbEncrypt(NULL, NULL, NULL, 1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, NULL, NULL, 1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4EcbEncrypt(NULL, out, NULL, 1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4EcbEncrypt(NULL, NULL, in, 1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4EcbEncrypt(NULL, NULL, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4EcbEncrypt(NULL, out, in, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, NULL, in, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, out, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, out, in, 1), BAD_FUNC_ARG); /* Valid cases - wc_Sm4EcbEncrypt. */ ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, out, in, 0), 0); ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, out2, in, SM4_BLOCK_SIZE), 0); ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2), 0); ExpectIntEQ(XMEMCMP(out, out2, SM4_BLOCK_SIZE), 0); /* In and out are same pointer. */ ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, in, in, SM4_BLOCK_SIZE * 2), 0); ExpectIntEQ(XMEMCMP(in, out, SM4_BLOCK_SIZE * 2), 0); /* Invalid parameters - wc_Sm4EcbDecrypt. */ ExpectIntEQ(wc_Sm4EcbDecrypt(NULL, NULL, NULL, 1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, NULL, NULL, 1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4EcbDecrypt(NULL, out, NULL, 1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4EcbDecrypt(NULL, NULL, in, 1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4EcbDecrypt(NULL, NULL, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4EcbDecrypt(NULL, out, in, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, NULL, in, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, out, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, out, in, 1), BAD_FUNC_ARG); /* Valid cases - wc_Sm4EcbDecrypt. */ ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, out, in, 0), 0); ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, out2, in, SM4_BLOCK_SIZE), 0); ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2), 0); ExpectIntEQ(XMEMCMP(out, out2, SM4_BLOCK_SIZE), 0); /* In and out are same pointer. */ ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, in, in, SM4_BLOCK_SIZE * 2), 0); ExpectIntEQ(XMEMCMP(in, out, SM4_BLOCK_SIZE * 2), 0); wc_Sm4Free(&sm4); res = EXPECT_RESULT(); #endif return res; } /* END test_wc_Sm4Ecb */ /* * Testing block based SM4-CBC API. */ static int test_wc_Sm4Cbc(void) { int res = TEST_SKIPPED; #ifdef WOLFSSL_SM4_CBC EXPECT_DECLS; wc_Sm4 sm4; unsigned char key[SM4_KEY_SIZE]; unsigned char iv[SM4_IV_SIZE]; unsigned char in[SM4_BLOCK_SIZE * 2]; unsigned char out[SM4_BLOCK_SIZE * 2]; unsigned char out2[SM4_BLOCK_SIZE]; XMEMSET(key, 0, sizeof(key)); XMEMSET(iv, 0, sizeof(iv)); XMEMSET(in, 0, sizeof(in)); ExpectIntEQ(wc_Sm4Init(&sm4, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out, in, 0), MISSING_KEY); ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out, in, 0), MISSING_KEY); /* Tested in test_wc_Sm4. */ ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE), 0); ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out, in, 0), MISSING_IV); ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out, in, 0), MISSING_IV); /* Tested in test_wc_Sm4. */ ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0); /* Invalid parameters - wc_Sm4CbcEncrypt. */ ExpectIntEQ(wc_Sm4CbcEncrypt(NULL, NULL, NULL, 1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, NULL, NULL, 1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CbcEncrypt(NULL, out, NULL, 1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CbcEncrypt(NULL, NULL, in, 1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CbcEncrypt(NULL, NULL, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CbcEncrypt(NULL, out, in, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, NULL, in, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out, in, 1), BAD_FUNC_ARG); /* Valid cases - wc_Sm4CbcEncrypt. */ ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out, in, 0), 0); ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out2, in, SM4_BLOCK_SIZE), 0); ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0); ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2), 0); ExpectIntEQ(XMEMCMP(out, out2, SM4_BLOCK_SIZE), 0); /* In and out are same pointer. */ ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0); ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, in, in, SM4_BLOCK_SIZE * 2), 0); ExpectIntEQ(XMEMCMP(in, out, SM4_BLOCK_SIZE * 2), 0); /* Invalid parameters - wc_Sm4CbcDecrypt. */ ExpectIntEQ(wc_Sm4CbcDecrypt(NULL, NULL, NULL, 1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, NULL, NULL, 1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CbcDecrypt(NULL, out, NULL, 1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CbcDecrypt(NULL, NULL, in, 1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CbcDecrypt(NULL, NULL, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CbcDecrypt(NULL, out, in, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, NULL, in, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out, in, 1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0); /* Valid cases - wc_Sm4CbcDecrypt. */ ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out, in, 0), 0); ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out2, in, SM4_BLOCK_SIZE), 0); ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0); ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2), 0); ExpectIntEQ(XMEMCMP(out, out2, SM4_BLOCK_SIZE), 0); /* In and out are same pointer. */ ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0); ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, in, in, SM4_BLOCK_SIZE * 2), 0); ExpectIntEQ(XMEMCMP(in, out, SM4_BLOCK_SIZE * 2), 0); wc_Sm4Free(&sm4); res = EXPECT_RESULT(); #endif return res; } /* END test_wc_Sm4Cbc */ /* * Testing streaming SM4-CTR API. */ static int test_wc_Sm4Ctr(void) { int res = TEST_SKIPPED; #ifdef WOLFSSL_SM4_CTR EXPECT_DECLS; wc_Sm4 sm4; unsigned char key[SM4_KEY_SIZE]; unsigned char iv[SM4_IV_SIZE]; unsigned char in[SM4_BLOCK_SIZE * 4]; unsigned char out[SM4_BLOCK_SIZE * 4]; unsigned char out2[SM4_BLOCK_SIZE * 4]; word32 chunk; word32 i; XMEMSET(key, 0, sizeof(key)); XMEMSET(iv, 0, sizeof(iv)); XMEMSET(in, 0, sizeof(in)); ExpectIntEQ(wc_Sm4Init(&sm4, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, in, 0), MISSING_KEY); /* Tested in test_wc_Sm4. */ ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE), 0); ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, in, 0), MISSING_IV); /* Tested in test_wc_Sm4. */ ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0); /* Invalid parameters - wc_Sm4CtrEncrypt. */ ExpectIntEQ(wc_Sm4CtrEncrypt(NULL, NULL, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, NULL, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CtrEncrypt(NULL, out, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CtrEncrypt(NULL, NULL, in, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, NULL, in, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CtrEncrypt(NULL, out, in, 0), BAD_FUNC_ARG); /* Valid cases - wc_Sm4CtrEncrypt. */ ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, in, 0), 0); ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out2, in, 1), 0); ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0); ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, in, 2), 0); ExpectIntEQ(XMEMCMP(out, out2, 1), 0); ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0); ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out2, in, SM4_BLOCK_SIZE), 0); ExpectIntEQ(XMEMCMP(out2, out, 2), 0); ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0); ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2), 0); ExpectIntEQ(XMEMCMP(out, out2, SM4_BLOCK_SIZE), 0); /* In and out are same pointer. Also check encrypt of cipher text produces * plaintext. */ ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0); ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, out, SM4_BLOCK_SIZE * 2), 0); ExpectIntEQ(XMEMCMP(in, out, SM4_BLOCK_SIZE * 2), 0); /* Chunking tests. */ ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0); ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out2, in, (word32)sizeof(in)), 0); for (chunk = 1; chunk <= SM4_BLOCK_SIZE + 1; chunk++) { ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0); for (i = 0; i + chunk <= (word32)sizeof(in); i += chunk) { ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out + i, in + i, chunk), 0); } if (i < (word32)sizeof(in)) { ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out + i, in + i, (word32)sizeof(in) - i), 0); } ExpectIntEQ(XMEMCMP(out, out2, (word32)sizeof(out)), 0); } for (i = 0; i < (word32)sizeof(iv); i++) { iv[i] = 0xff; ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0); ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2), 0); ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0); ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out2, out, SM4_BLOCK_SIZE * 2), 0); ExpectIntEQ(XMEMCMP(out2, in, SM4_BLOCK_SIZE * 2), 0); } wc_Sm4Free(&sm4); res = EXPECT_RESULT(); #endif return res; } /* END test_wc_Sm4Ctr */ /* * Testing stream SM4-GCM API. */ static int test_wc_Sm4Gcm(void) { int res = TEST_SKIPPED; #ifdef WOLFSSL_SM4_GCM EXPECT_DECLS; wc_Sm4 sm4; unsigned char key[SM4_KEY_SIZE]; unsigned char nonce[GCM_NONCE_MAX_SZ]; unsigned char in[SM4_BLOCK_SIZE * 2]; unsigned char in2[SM4_BLOCK_SIZE * 2]; unsigned char out[SM4_BLOCK_SIZE * 2]; unsigned char out2[SM4_BLOCK_SIZE * 2]; unsigned char dec[SM4_BLOCK_SIZE * 2]; unsigned char tag[SM4_BLOCK_SIZE]; unsigned char aad[SM4_BLOCK_SIZE * 2]; word32 i; XMEMSET(key, 0, sizeof(key)); XMEMSET(nonce, 0, sizeof(nonce)); XMEMSET(in, 0, sizeof(in)); XMEMSET(in2, 0, sizeof(in2)); XMEMSET(aad, 0, sizeof(aad)); ExpectIntEQ(wc_Sm4Init(&sm4, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 0, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), MISSING_KEY); ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 0, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), MISSING_KEY); /* Invalid parameters - wc_Sm4GcmSetKey. */ ExpectIntEQ(wc_Sm4GcmSetKey(NULL, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmSetKey(&sm4, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmSetKey(NULL, key, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmSetKey(NULL, NULL, SM4_KEY_SIZE), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmSetKey(&sm4, key, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmSetKey(&sm4, NULL, SM4_KEY_SIZE), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmSetKey(NULL, key, SM4_KEY_SIZE), BAD_FUNC_ARG); /* Valid parameters - wc_Sm4GcmSetKey. */ ExpectIntEQ(wc_Sm4GcmSetKey(&sm4, key, SM4_KEY_SIZE), 0); /* Invalid parameters - wc_Sm4GcmEncrypt. */ ExpectIntEQ(wc_Sm4GcmEncrypt(NULL, NULL, NULL, 1, NULL, 0, NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, NULL, NULL, 1, NULL, 0, NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmEncrypt(NULL, out, NULL, 1, NULL, 0, NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmEncrypt(NULL, NULL, in, 1, NULL, 0, NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmEncrypt(NULL, NULL, NULL, 1, nonce, GCM_NONCE_MID_SZ, NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmEncrypt(NULL, NULL, NULL, 1, NULL, 0, tag, SM4_BLOCK_SIZE, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmEncrypt(NULL, out, in, 1, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, NULL, in, 1, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, NULL, 1, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 1, NULL, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 1, nonce, 0, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 1, nonce, GCM_NONCE_MID_SZ, NULL, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 1, nonce, GCM_NONCE_MID_SZ, tag, WOLFSSL_MIN_AUTH_TAG_SZ-1, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 1, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE+1, aad, sizeof(aad)), BAD_FUNC_ARG); /* Invalid parameters - wc_Sm4GcmDecrypt. */ ExpectIntEQ(wc_Sm4GcmDecrypt(NULL, NULL, NULL, 1, NULL, 0, NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, NULL, NULL, 1, NULL, 0, NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmDecrypt(NULL, out, NULL, 1, NULL, 0, NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmDecrypt(NULL, NULL, in, 1, NULL, 0, NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmDecrypt(NULL, NULL, NULL, 1, nonce, GCM_NONCE_MID_SZ, NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmDecrypt(NULL, NULL, NULL, 1, NULL, 0, tag, SM4_BLOCK_SIZE, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmDecrypt(NULL, out, in, 1, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, NULL, in, 1, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, NULL, 1, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 1, NULL, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 1, nonce, 0, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 1, nonce, GCM_NONCE_MID_SZ, NULL, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 1, nonce, GCM_NONCE_MID_SZ, tag, WOLFSSL_MIN_AUTH_TAG_SZ-1, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 1, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE+1, aad, sizeof(aad)), BAD_FUNC_ARG); /* Valid cases - wc_Sm4GcmEncrypt/wc_Sm4GcmDecrypt. */ ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, NULL, NULL, 0, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0); ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, NULL, NULL, 0, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0); ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, NULL, NULL, 0, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, NULL, NULL, 0, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0); ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0); ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 1), 0); ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 1), 0); ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE * 2, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, in2, in2, SM4_BLOCK_SIZE * 2, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(XMEMCMP(in2, out, SM4_BLOCK_SIZE * 2), 0); ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in2, in2, SM4_BLOCK_SIZE * 2, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(XMEMCMP(in2, in, SM4_BLOCK_SIZE * 2), 0); /* Check vald values of nonce - wc_Sm4GcmEncrypt/wc_Sm4GcmDecrypt. */ ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce, GCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce, GCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2, nonce, GCM_NONCE_MIN_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE * 2, nonce, GCM_NONCE_MIN_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE * 2, nonce, GCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), SM4_GCM_AUTH_E); /* Check valid values of tag size - wc_Sm4GcmEncrypt/wc_Sm4GcmDecrypt. */ for (i = WOLFSSL_MIN_AUTH_TAG_SZ; i < SM4_BLOCK_SIZE; i++) { ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce, GCM_NONCE_MID_SZ, tag, i, aad, sizeof(aad)), 0); ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce, GCM_NONCE_MID_SZ, tag, i, aad, sizeof(aad)), 0); } /* Check different in/out sizes. */ ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 0, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0); ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 0, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0); ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 1, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0); for (i = 2; i <= SM4_BLOCK_SIZE * 2; i++) { XMEMCPY(out2, out, i - 1); ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, i, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(XMEMCMP(out, out2, i - 1), 0); ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, dec, out, i, nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(XMEMCMP(in, dec, i), 0); } /* Force the counter to roll over in first byte. */ { static unsigned char largeIn[256 * SM4_BLOCK_SIZE]; static unsigned char largeOut[256 * SM4_BLOCK_SIZE]; ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, largeOut, largeIn, sizeof(largeIn), nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, largeOut, largeOut, sizeof(largeIn), nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(XMEMCMP(largeOut, largeIn, sizeof(largeIn)), 0); } wc_Sm4Free(&sm4); res = EXPECT_RESULT(); #endif return res; } /* END test_wc_Sm4Gcm */ /* * Testing stream SM4-CCM API. */ static int test_wc_Sm4Ccm(void) { int res = TEST_SKIPPED; #ifdef WOLFSSL_SM4_CCM EXPECT_DECLS; wc_Sm4 sm4; unsigned char key[SM4_KEY_SIZE]; unsigned char nonce[CCM_NONCE_MAX_SZ]; unsigned char in[SM4_BLOCK_SIZE * 2]; unsigned char in2[SM4_BLOCK_SIZE * 2]; unsigned char out[SM4_BLOCK_SIZE * 2]; unsigned char out2[SM4_BLOCK_SIZE * 2]; unsigned char dec[SM4_BLOCK_SIZE * 2]; unsigned char tag[SM4_BLOCK_SIZE]; unsigned char aad[SM4_BLOCK_SIZE * 2]; word32 i; XMEMSET(key, 0, sizeof(key)); XMEMSET(nonce, 0, sizeof(nonce)); XMEMSET(in, 0, sizeof(in)); XMEMSET(in2, 0, sizeof(in2)); XMEMSET(aad, 0, sizeof(aad)); ExpectIntEQ(wc_Sm4Init(&sm4, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 0, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), MISSING_KEY); ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 0, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), MISSING_KEY); ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE), 0); /* Invalid parameters - wc_Sm4CcmEncrypt. */ ExpectIntEQ(wc_Sm4CcmEncrypt(NULL, NULL, NULL, 1, NULL, 0, NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, NULL, NULL, 1, NULL, 0, NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmEncrypt(NULL, out, NULL, 1, NULL, 0, NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmEncrypt(NULL, NULL, in, 1, NULL, 0, NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmEncrypt(NULL, NULL, NULL, 1, nonce, CCM_NONCE_MAX_SZ, NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmEncrypt(NULL, NULL, NULL, 1, NULL, 0, tag, SM4_BLOCK_SIZE, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmEncrypt(NULL, out, in, 1, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, NULL, in, 1, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, NULL, 1, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 1, NULL, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 1, nonce, 0, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 1, nonce, CCM_NONCE_MAX_SZ, NULL, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 1, nonce, CCM_NONCE_MAX_SZ, tag, WOLFSSL_MIN_AUTH_TAG_SZ-1, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 1, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE+1, aad, sizeof(aad)), BAD_FUNC_ARG); /* Invalid parameters - wc_Sm4CcmDecrypt. */ ExpectIntEQ(wc_Sm4CcmDecrypt(NULL, NULL, NULL, 1, NULL, 0, NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, NULL, NULL, 1, NULL, 0, NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmDecrypt(NULL, out, NULL, 1, NULL, 0, NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmDecrypt(NULL, NULL, in, 1, NULL, 0, NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmDecrypt(NULL, NULL, NULL, 1, nonce, CCM_NONCE_MAX_SZ, NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmDecrypt(NULL, NULL, NULL, 1, NULL, 0, tag, SM4_BLOCK_SIZE, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmDecrypt(NULL, out, in, 1, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, NULL, in, 1, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, NULL, 1, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 1, NULL, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 1, nonce, 0, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 1, nonce, CCM_NONCE_MAX_SZ, NULL, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 1, nonce, CCM_NONCE_MAX_SZ, tag, WOLFSSL_MIN_AUTH_TAG_SZ - 1, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 1, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE + 1, aad, sizeof(aad)), BAD_FUNC_ARG); /* Valid cases - wc_Sm4CcmEncrypt/wc_Sm4CcmDecrypt. */ ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, NULL, NULL, 0, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0); ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, NULL, NULL, 0, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0); ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, NULL, NULL, 0, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, NULL, NULL, 0, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0); ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0); ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 1), 0); ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 1), 0); ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE * 2, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, in2, in2, SM4_BLOCK_SIZE * 2, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(XMEMCMP(in2, out, SM4_BLOCK_SIZE * 2), 0); ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in2, in2, SM4_BLOCK_SIZE * 2, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(XMEMCMP(in2, in, SM4_BLOCK_SIZE * 2), 0); /* Check vald values of nonce - wc_Sm4CcmEncrypt/wc_Sm4CcmDecrypt. */ for (i = CCM_NONCE_MIN_SZ; i <= CCM_NONCE_MAX_SZ; i++) { ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce, i, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce, i, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); } ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce, CCM_NONCE_MIN_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), SM4_CCM_AUTH_E); /* Check invalid values of tag size - wc_Sm4CcmEncrypt/wc_Sm4CcmDecrypt. */ for (i = 0; i < 4; i++) { ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce, CCM_NONCE_MAX_SZ, tag, i * 2 + 1, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce, CCM_NONCE_MAX_SZ, tag, i * 2 + 1, aad, sizeof(aad)), BAD_FUNC_ARG); } /* Odd values in range 4..SM4_BLOCK_SIZE. */ for (i = 2; i < SM4_BLOCK_SIZE / 2; i++) { ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce, CCM_NONCE_MAX_SZ, tag, i * 2 + 1, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce, CCM_NONCE_MAX_SZ, tag, i * 2 + 1, aad, sizeof(aad)), BAD_FUNC_ARG); } /* Check valid values of tag size - wc_Sm4CcmEncrypt/wc_Sm4CcmDecrypt. * Even values in range 4..SM4_BLOCK_SIZE. */ for (i = 2; i < SM4_BLOCK_SIZE / 2; i++) { ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce, CCM_NONCE_MAX_SZ, tag, i * 2, aad, sizeof(aad)), 0); ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce, CCM_NONCE_MAX_SZ, tag, i * 2, aad, sizeof(aad)), 0); } /* Check different in/out sizes. */ ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 0, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0); ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 0, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0); ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 1, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0); for (i = 2; i <= SM4_BLOCK_SIZE * 2; i++) { XMEMCPY(out2, out, i - 1); ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, i, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(XMEMCMP(out, out2, i - 1), 0); ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, dec, out, i, nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(XMEMCMP(in, dec, i), 0); } /* Force the counter to roll over in first byte. */ { static unsigned char largeIn[256 * SM4_BLOCK_SIZE]; static unsigned char largeOut[256 * SM4_BLOCK_SIZE]; ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, largeOut, largeIn, sizeof(largeIn), nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, largeOut, largeOut, sizeof(largeIn), nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0); ExpectIntEQ(XMEMCMP(largeOut, largeIn, sizeof(largeIn)), 0); } wc_Sm4Free(&sm4); res = EXPECT_RESULT(); #endif return res; } /* END test_wc_Sm4Ccm */ /* * unit test for wc_Des3_SetIV() */ static int test_wc_Des3_SetIV(void) { EXPECT_DECLS; #ifndef NO_DES3 Des3 des; const byte key[] = { 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10, 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67 }; const byte iv[] = { 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef, 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, 0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81 }; XMEMSET(&des, 0, sizeof(Des3)); ExpectIntEQ(wc_Des3Init(&des, NULL, INVALID_DEVID), 0); /* DES_ENCRYPTION or DES_DECRYPTION */ ExpectIntEQ(wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION), 0); ExpectIntEQ(XMEMCMP(iv, des.reg, DES_BLOCK_SIZE), 0); #ifndef HAVE_FIPS /* no sanity checks with FIPS wrapper */ /* Test explicitly wc_Des3_SetIV() */ ExpectIntEQ(wc_Des3_SetIV(NULL, iv), BAD_FUNC_ARG); ExpectIntEQ(wc_Des3_SetIV(&des, NULL), 0); #endif wc_Des3Free(&des); #endif return EXPECT_RESULT(); } /* END test_wc_Des3_SetIV */ /* * unit test for wc_Des3_SetKey() */ static int test_wc_Des3_SetKey(void) { EXPECT_DECLS; #ifndef NO_DES3 Des3 des; const byte key[] = { 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10, 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67 }; const byte iv[] = { 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef, 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, 0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81 }; XMEMSET(&des, 0, sizeof(Des3)); ExpectIntEQ(wc_Des3Init(&des, NULL, INVALID_DEVID), 0); /* DES_ENCRYPTION or DES_DECRYPTION */ ExpectIntEQ(wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION), 0); ExpectIntEQ(XMEMCMP(iv, des.reg, DES_BLOCK_SIZE), 0); /* Test bad args. */ ExpectIntEQ(wc_Des3_SetKey(NULL, key, iv, DES_ENCRYPTION), BAD_FUNC_ARG); ExpectIntEQ(wc_Des3_SetKey(&des, NULL, iv, DES_ENCRYPTION), BAD_FUNC_ARG); ExpectIntEQ(wc_Des3_SetKey(&des, key, iv, -1), BAD_FUNC_ARG); /* Default case. Should return 0. */ ExpectIntEQ(wc_Des3_SetKey(&des, key, NULL, DES_ENCRYPTION), 0); wc_Des3Free(&des); #endif return EXPECT_RESULT(); } /* END test_wc_Des3_SetKey */ /* * Test function for wc_Des3_CbcEncrypt and wc_Des3_CbcDecrypt */ static int test_wc_Des3_CbcEncryptDecrypt(void) { EXPECT_DECLS; #ifndef NO_DES3 Des3 des; byte cipher[24]; byte plain[24]; const byte key[] = { 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10, 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67 }; const byte iv[] = { 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef, 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, 0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81 }; const byte vector[] = { /* "Now is the time for all " w/o trailing 0 */ 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 }; XMEMSET(&des, 0, sizeof(Des3)); ExpectIntEQ(wc_Des3Init(&des, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION), 0); ExpectIntEQ(wc_Des3_CbcEncrypt(&des, cipher, vector, 24), 0); ExpectIntEQ(wc_Des3_SetKey(&des, key, iv, DES_DECRYPTION), 0); ExpectIntEQ(wc_Des3_CbcDecrypt(&des, plain, cipher, 24), 0); ExpectIntEQ(XMEMCMP(plain, vector, 24), 0); /* Pass in bad args. */ ExpectIntEQ(wc_Des3_CbcEncrypt(NULL, cipher, vector, 24), BAD_FUNC_ARG); ExpectIntEQ(wc_Des3_CbcEncrypt(&des, NULL, vector, 24), BAD_FUNC_ARG); ExpectIntEQ(wc_Des3_CbcEncrypt(&des, cipher, NULL, sizeof(vector)), BAD_FUNC_ARG); ExpectIntEQ(wc_Des3_CbcDecrypt(NULL, plain, cipher, 24), BAD_FUNC_ARG); ExpectIntEQ(wc_Des3_CbcDecrypt(&des, NULL, cipher, 24), BAD_FUNC_ARG); ExpectIntEQ(wc_Des3_CbcDecrypt(&des, plain, NULL, 24), BAD_FUNC_ARG); wc_Des3Free(&des); #endif return EXPECT_RESULT(); } /* END wc_Des3_CbcEncrypt */ /* * Unit test for wc_Des3_CbcEncryptWithKey and wc_Des3_CbcDecryptWithKey */ static int test_wc_Des3_CbcEncryptDecryptWithKey(void) { EXPECT_DECLS; #ifndef NO_DES3 word32 vectorSz, cipherSz; byte cipher[24]; byte plain[24]; byte vector[] = { /* Now is the time for all w/o trailing 0 */ 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 }; byte key[] = { 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10, 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67 }; byte iv[] = { 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef, 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, 0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81 }; vectorSz = sizeof(byte) * 24; cipherSz = sizeof(byte) * 24; ExpectIntEQ(wc_Des3_CbcEncryptWithKey(cipher, vector, vectorSz, key, iv), 0); ExpectIntEQ(wc_Des3_CbcDecryptWithKey(plain, cipher, cipherSz, key, iv), 0); ExpectIntEQ(XMEMCMP(plain, vector, 24), 0); /* pass in bad args. */ ExpectIntEQ(wc_Des3_CbcEncryptWithKey(NULL, vector, vectorSz, key, iv), BAD_FUNC_ARG); ExpectIntEQ(wc_Des3_CbcEncryptWithKey(cipher, NULL, vectorSz, key, iv), BAD_FUNC_ARG); ExpectIntEQ(wc_Des3_CbcEncryptWithKey(cipher, vector, vectorSz, NULL, iv), BAD_FUNC_ARG); ExpectIntEQ(wc_Des3_CbcEncryptWithKey(cipher, vector, vectorSz, key, NULL), 0); ExpectIntEQ(wc_Des3_CbcDecryptWithKey(NULL, cipher, cipherSz, key, iv), BAD_FUNC_ARG); ExpectIntEQ(wc_Des3_CbcDecryptWithKey(plain, NULL, cipherSz, key, iv), BAD_FUNC_ARG); ExpectIntEQ(wc_Des3_CbcDecryptWithKey(plain, cipher, cipherSz, NULL, iv), BAD_FUNC_ARG); ExpectIntEQ(wc_Des3_CbcDecryptWithKey(plain, cipher, cipherSz, key, NULL), 0); #endif return EXPECT_RESULT(); } /* END test_wc_Des3_CbcEncryptDecryptWithKey */ /* * Unit test for wc_Des3_EcbEncrypt */ static int test_wc_Des3_EcbEncrypt(void) { EXPECT_DECLS; #if !defined(NO_DES3) && defined(WOLFSSL_DES_ECB) Des3 des; byte cipher[24]; word32 cipherSz = sizeof(cipher); const byte key[] = { 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10, 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67 }; const byte iv[] = { 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef, 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, 0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81 }; const byte vector[] = { /* "Now is the time for all " w/o trailing 0 */ 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 }; XMEMSET(&des, 0, sizeof(Des3)); ExpectIntEQ(wc_Des3Init(&des, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION), 0); /* Bad Cases */ ExpectIntEQ(wc_Des3_EcbEncrypt(NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Des3_EcbEncrypt(NULL, cipher, vector, cipherSz), BAD_FUNC_ARG); ExpectIntEQ(wc_Des3_EcbEncrypt(&des, 0, vector, cipherSz), BAD_FUNC_ARG); ExpectIntEQ(wc_Des3_EcbEncrypt(&des, cipher, NULL, cipherSz), BAD_FUNC_ARG); ExpectIntEQ(wc_Des3_EcbEncrypt(&des, cipher, vector, 0), 0); /* Good Cases */ ExpectIntEQ(wc_Des3_EcbEncrypt(&des, cipher, vector, cipherSz), 0); wc_Des3Free(&des); #endif return EXPECT_RESULT(); } /* END test_wc_Des3_EcbEncrypt */ /* * Testing wc_Chacha_SetKey() and wc_Chacha_SetIV() */ static int test_wc_Chacha_SetKey(void) { EXPECT_DECLS; #ifdef HAVE_CHACHA ChaCha ctx; const byte key[] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01 }; word32 keySz = (word32)(sizeof(key)/sizeof(byte)); byte cipher[128]; XMEMSET(cipher, 0, sizeof(cipher)); ExpectIntEQ(wc_Chacha_SetKey(&ctx, key, keySz), 0); /* Test bad args. */ ExpectIntEQ(wc_Chacha_SetKey(NULL, key, keySz), BAD_FUNC_ARG); ExpectIntEQ(wc_Chacha_SetKey(&ctx, key, 18), BAD_FUNC_ARG); ExpectIntEQ(wc_Chacha_SetIV(&ctx, cipher, 0), 0); /* Test bad args. */ ExpectIntEQ(wc_Chacha_SetIV(NULL, cipher, 0), BAD_FUNC_ARG); #endif return EXPECT_RESULT(); } /* END test_wc_Chacha_SetKey */ /* * unit test for wc_Poly1305SetKey() */ static int test_wc_Poly1305SetKey(void) { EXPECT_DECLS; #ifdef HAVE_POLY1305 Poly1305 ctx; const byte key[] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01 }; word32 keySz = (word32)(sizeof(key)/sizeof(byte)); ExpectIntEQ(wc_Poly1305SetKey(&ctx, key, keySz), 0); /* Test bad args. */ ExpectIntEQ(wc_Poly1305SetKey(NULL, key,keySz), BAD_FUNC_ARG); ExpectIntEQ(wc_Poly1305SetKey(&ctx, NULL, keySz), BAD_FUNC_ARG); ExpectIntEQ(wc_Poly1305SetKey(&ctx, key, 18), BAD_FUNC_ARG); #endif return EXPECT_RESULT(); } /* END test_wc_Poly1305_SetKey() */ /* * Testing wc_Chacha_Process() */ static int test_wc_Chacha_Process(void) { EXPECT_DECLS; #ifdef HAVE_CHACHA ChaCha enc, dec; byte cipher[128]; byte plain[128]; const byte key[] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01 }; const char* input = "Everybody gets Friday off."; word32 keySz = sizeof(key)/sizeof(byte); unsigned long int inlen = XSTRLEN(input); /* Initialize stack variables. */ XMEMSET(cipher, 0, 128); XMEMSET(plain, 0, 128); ExpectIntEQ(wc_Chacha_SetKey(&enc, key, keySz), 0); ExpectIntEQ(wc_Chacha_SetKey(&dec, key, keySz), 0); ExpectIntEQ(wc_Chacha_SetIV(&enc, cipher, 0), 0); ExpectIntEQ(wc_Chacha_SetIV(&dec, cipher, 0), 0); ExpectIntEQ(wc_Chacha_Process(&enc, cipher, (byte*)input, (word32)inlen), 0); ExpectIntEQ(wc_Chacha_Process(&dec, plain, cipher, (word32)inlen), 0); ExpectIntEQ(XMEMCMP(input, plain, (int)inlen), 0); #if !defined(USE_INTEL_CHACHA_SPEEDUP) && !defined(WOLFSSL_ARMASM) /* test checking and using leftovers, currently just in C code */ ExpectIntEQ(wc_Chacha_SetIV(&enc, cipher, 0), 0); ExpectIntEQ(wc_Chacha_SetIV(&dec, cipher, 0), 0); ExpectIntEQ(wc_Chacha_Process(&enc, cipher, (byte*)input, (word32)inlen - 2), 0); ExpectIntEQ(wc_Chacha_Process(&enc, cipher + (inlen - 2), (byte*)input + (inlen - 2), 2), 0); ExpectIntEQ(wc_Chacha_Process(&dec, plain, (byte*)cipher, (word32)inlen - 2), 0); ExpectIntEQ(wc_Chacha_Process(&dec, cipher + (inlen - 2), (byte*)input + (inlen - 2), 2), 0); ExpectIntEQ(XMEMCMP(input, plain, (int)inlen), 0); /* check edge cases with counter increment */ { /* expected results collected from wolfSSL 4.3.0 encrypted in one call*/ const byte expected[] = { 0x54,0xB1,0xE2,0xD4,0xA2,0x4D,0x52,0x5F, 0x42,0x04,0x89,0x7C,0x6E,0x2D,0xFC,0x2D, 0x10,0x25,0xB6,0x92,0x71,0xD5,0xC3,0x20, 0xE3,0x0E,0xEC,0xF4,0xD8,0x10,0x70,0x29, 0x2D,0x4C,0x2A,0x56,0x21,0xE1,0xC7,0x37, 0x0B,0x86,0xF5,0x02,0x8C,0xB8,0xB8,0x38, 0x41,0xFD,0xDF,0xD9,0xC3,0xE6,0xC8,0x88, 0x06,0x82,0xD4,0x80,0x6A,0x50,0x69,0xD5, 0xB9,0xB0,0x2F,0x44,0x36,0x5D,0xDA,0x5E, 0xDE,0xF6,0xF5,0xFC,0x44,0xDC,0x07,0x51, 0xA7,0x32,0x42,0xDB,0xCC,0xBD,0xE2,0xE5, 0x0B,0xB1,0x14,0xFF,0x12,0x80,0x16,0x43, 0xE7,0x40,0xD5,0xEA,0xC7,0x3F,0x69,0x07, 0x64,0xD4,0x86,0x6C,0xE2,0x1F,0x8F,0x6E, 0x35,0x41,0xE7,0xD3,0xB5,0x5D,0xD6,0xD4, 0x9F,0x00,0xA9,0xAE,0x3D,0x28,0xA5,0x37, 0x80,0x3D,0x11,0x25,0xE2,0xB6,0x99,0xD9, 0x9B,0x98,0xE9,0x37,0xB9,0xF8,0xA0,0x04, 0xDF,0x13,0x49,0x3F,0x19,0x6A,0x45,0x06, 0x21,0xB4,0xC7,0x3B,0x49,0x45,0xB4,0xC8, 0x03,0x5B,0x43,0x89,0xBD,0xB3,0x96,0x4B, 0x17,0x6F,0x85,0xC6,0xCF,0xA6,0x05,0x35, 0x1E,0x25,0x03,0xBB,0x55,0x0A,0xD5,0x54, 0x41,0xEA,0xEB,0x50,0x40,0x1B,0x43,0x19, 0x59,0x1B,0x0E,0x12,0x3E,0xA2,0x71,0xC3, 0x1A,0xA7,0x11,0x50,0x43,0x9D,0x56,0x3B, 0x63,0x2F,0x63,0xF1,0x8D,0xAE,0xF3,0x23, 0xFA,0x1E,0xD8,0x6A,0xE1,0xB2,0x4B,0xF3, 0xB9,0x13,0x7A,0x72,0x2B,0x6D,0xCC,0x41, 0x1C,0x69,0x7C,0xCD,0x43,0x6F,0xE4,0xE2, 0x38,0x99,0xFB,0xC3,0x38,0x92,0x62,0x35, 0xC0,0x1D,0x60,0xE4,0x4B,0xDD,0x0C,0x14 }; const byte iv2[] = { 0x9D,0xED,0xE7,0x0F,0xEC,0x81,0x51,0xD9, 0x77,0x39,0x71,0xA6,0x21,0xDF,0xB8,0x93 }; byte input2[256]; int i; for (i = 0; i < 256; i++) input2[i] = i; ExpectIntEQ(wc_Chacha_SetIV(&enc, iv2, 0), 0); ExpectIntEQ(wc_Chacha_Process(&enc, cipher, input2, 64), 0); ExpectIntEQ(XMEMCMP(expected, cipher, 64), 0); ExpectIntEQ(wc_Chacha_Process(&enc, cipher, input2 + 64, 128), 0); ExpectIntEQ(XMEMCMP(expected + 64, cipher, 128), 0); /* partial */ ExpectIntEQ(wc_Chacha_Process(&enc, cipher, input2 + 192, 32), 0); ExpectIntEQ(XMEMCMP(expected + 192, cipher, 32), 0); ExpectIntEQ(wc_Chacha_Process(&enc, cipher, input2 + 224, 32), 0); ExpectIntEQ(XMEMCMP(expected + 224, cipher, 32), 0); } #endif /* Test bad args. */ ExpectIntEQ(wc_Chacha_Process(NULL, cipher, (byte*)input, (word32)inlen), BAD_FUNC_ARG); #endif return EXPECT_RESULT(); } /* END test_wc_Chacha_Process */ /* * Testing wc_ChaCha20Poly1305_Encrypt() and wc_ChaCha20Poly1305_Decrypt() */ static int test_wc_ChaCha20Poly1305_aead(void) { EXPECT_DECLS; #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) const byte key[] = { 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f }; const byte plaintext[] = { 0x4c, 0x61, 0x64, 0x69, 0x65, 0x73, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x47, 0x65, 0x6e, 0x74, 0x6c, 0x65, 0x6d, 0x65, 0x6e, 0x20, 0x6f, 0x66, 0x20, 0x74, 0x68, 0x65, 0x20, 0x63, 0x6c, 0x61, 0x73, 0x73, 0x20, 0x6f, 0x66, 0x20, 0x27, 0x39, 0x39, 0x3a, 0x20, 0x49, 0x66, 0x20, 0x49, 0x20, 0x63, 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x6f, 0x66, 0x66, 0x65, 0x72, 0x20, 0x79, 0x6f, 0x75, 0x20, 0x6f, 0x6e, 0x6c, 0x79, 0x20, 0x6f, 0x6e, 0x65, 0x20, 0x74, 0x69, 0x70, 0x20, 0x66, 0x6f, 0x72, 0x20, 0x74, 0x68, 0x65, 0x20, 0x66, 0x75, 0x74, 0x75, 0x72, 0x65, 0x2c, 0x20, 0x73, 0x75, 0x6e, 0x73, 0x63, 0x72, 0x65, 0x65, 0x6e, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x62, 0x65, 0x20, 0x69, 0x74, 0x2e }; const byte iv[] = { 0x07, 0x00, 0x00, 0x00, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47 }; const byte aad[] = { /* additional data */ 0x50, 0x51, 0x52, 0x53, 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7 }; const byte cipher[] = { /* expected output from operation */ 0xd3, 0x1a, 0x8d, 0x34, 0x64, 0x8e, 0x60, 0xdb, 0x7b, 0x86, 0xaf, 0xbc, 0x53, 0xef, 0x7e, 0xc2, 0xa4, 0xad, 0xed, 0x51, 0x29, 0x6e, 0x08, 0xfe, 0xa9, 0xe2, 0xb5, 0xa7, 0x36, 0xee, 0x62, 0xd6, 0x3d, 0xbe, 0xa4, 0x5e, 0x8c, 0xa9, 0x67, 0x12, 0x82, 0xfa, 0xfb, 0x69, 0xda, 0x92, 0x72, 0x8b, 0x1a, 0x71, 0xde, 0x0a, 0x9e, 0x06, 0x0b, 0x29, 0x05, 0xd6, 0xa5, 0xb6, 0x7e, 0xcd, 0x3b, 0x36, 0x92, 0xdd, 0xbd, 0x7f, 0x2d, 0x77, 0x8b, 0x8c, 0x98, 0x03, 0xae, 0xe3, 0x28, 0x09, 0x1b, 0x58, 0xfa, 0xb3, 0x24, 0xe4, 0xfa, 0xd6, 0x75, 0x94, 0x55, 0x85, 0x80, 0x8b, 0x48, 0x31, 0xd7, 0xbc, 0x3f, 0xf4, 0xde, 0xf0, 0x8e, 0x4b, 0x7a, 0x9d, 0xe5, 0x76, 0xd2, 0x65, 0x86, 0xce, 0xc6, 0x4b, 0x61, 0x16 }; const byte authTag[] = { /* expected output from operation */ 0x1a, 0xe1, 0x0b, 0x59, 0x4f, 0x09, 0xe2, 0x6a, 0x7e, 0x90, 0x2e, 0xcb, 0xd0, 0x60, 0x06, 0x91 }; byte generatedCiphertext[272]; byte generatedPlaintext[272]; byte generatedAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]; /* Initialize stack variables. */ XMEMSET(generatedCiphertext, 0, 272); XMEMSET(generatedPlaintext, 0, 272); /* Test Encrypt */ ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad), plaintext, sizeof(plaintext), generatedCiphertext, generatedAuthTag), 0); ExpectIntEQ(XMEMCMP(generatedCiphertext, cipher, sizeof(cipher)/sizeof(byte)), 0); /* Test bad args. */ ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(NULL, iv, aad, sizeof(aad), plaintext, sizeof(plaintext), generatedCiphertext, generatedAuthTag), BAD_FUNC_ARG); ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(key, NULL, aad, sizeof(aad), plaintext, sizeof(plaintext), generatedCiphertext, generatedAuthTag), BAD_FUNC_ARG); ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad), NULL, sizeof(plaintext), generatedCiphertext, generatedAuthTag), BAD_FUNC_ARG); ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad), NULL, sizeof(plaintext), generatedCiphertext, generatedAuthTag), BAD_FUNC_ARG); ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad), plaintext, sizeof(plaintext), NULL, generatedAuthTag), BAD_FUNC_ARG); ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad), plaintext, sizeof(plaintext), generatedCiphertext, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), cipher, sizeof(cipher), authTag, generatedPlaintext), 0); ExpectIntEQ(XMEMCMP(generatedPlaintext, plaintext, sizeof(plaintext)/sizeof(byte)), 0); /* Test bad args. */ ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(NULL, iv, aad, sizeof(aad), cipher, sizeof(cipher), authTag, generatedPlaintext), BAD_FUNC_ARG); ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(key, NULL, aad, sizeof(aad), cipher, sizeof(cipher), authTag, generatedPlaintext), BAD_FUNC_ARG); ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), NULL, sizeof(cipher), authTag, generatedPlaintext), BAD_FUNC_ARG); ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), cipher, sizeof(cipher), NULL, generatedPlaintext), BAD_FUNC_ARG); ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), cipher, sizeof(cipher), authTag, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), NULL, sizeof(cipher), authTag, generatedPlaintext), BAD_FUNC_ARG); #endif return EXPECT_RESULT(); } /* END test_wc_ChaCha20Poly1305_aead */ /* * Testing function for wc_Rc2SetKey(). */ static int test_wc_Rc2SetKey(void) { EXPECT_DECLS; #ifdef WC_RC2 Rc2 rc2; byte key40[] = { 0x01, 0x02, 0x03, 0x04, 0x05 }; byte iv[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 }; /* valid key and IV */ ExpectIntEQ(wc_Rc2SetKey(&rc2, key40, (word32) sizeof(key40) / sizeof(byte), iv, 40), 0); /* valid key, no IV */ ExpectIntEQ(wc_Rc2SetKey(&rc2, key40, (word32) sizeof(key40) / sizeof(byte), NULL, 40), 0); /* bad arguments */ /* null Rc2 struct */ ExpectIntEQ(wc_Rc2SetKey(NULL, key40, (word32) sizeof(key40) / sizeof(byte), iv, 40), BAD_FUNC_ARG); /* null key */ ExpectIntEQ(wc_Rc2SetKey(&rc2, NULL, (word32) sizeof(key40) / sizeof(byte), iv, 40), BAD_FUNC_ARG); /* key size == 0 */ ExpectIntEQ(wc_Rc2SetKey(&rc2, key40, 0, iv, 40), WC_KEY_SIZE_E); /* key size > 128 */ ExpectIntEQ(wc_Rc2SetKey(&rc2, key40, 129, iv, 40), WC_KEY_SIZE_E); /* effective bits == 0 */ ExpectIntEQ(wc_Rc2SetKey(&rc2, key40, (word32)sizeof(key40) / sizeof(byte), iv, 0), WC_KEY_SIZE_E); /* effective bits > 1024 */ ExpectIntEQ(wc_Rc2SetKey(&rc2, key40, (word32)sizeof(key40) / sizeof(byte), iv, 1025), WC_KEY_SIZE_E); #endif return EXPECT_RESULT(); } /* END test_wc_Rc2SetKey */ /* * Testing function for wc_Rc2SetIV(). */ static int test_wc_Rc2SetIV(void) { EXPECT_DECLS; #ifdef WC_RC2 Rc2 rc2; byte iv[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 }; /* valid IV */ ExpectIntEQ(wc_Rc2SetIV(&rc2, iv), 0); /* valid NULL IV */ ExpectIntEQ(wc_Rc2SetIV(&rc2, NULL), 0); /* bad arguments */ ExpectIntEQ(wc_Rc2SetIV(NULL, iv), BAD_FUNC_ARG); ExpectIntEQ(wc_Rc2SetIV(NULL, NULL), BAD_FUNC_ARG); #endif return EXPECT_RESULT(); } /* END test_wc_Rc2SetIV */ /* * Testing function for wc_Rc2EcbEncrypt() and wc_Rc2EcbDecrypt(). */ static int test_wc_Rc2EcbEncryptDecrypt(void) { EXPECT_DECLS; #ifdef WC_RC2 Rc2 rc2; int effectiveKeyBits = 63; byte cipher[RC2_BLOCK_SIZE]; byte plain[RC2_BLOCK_SIZE]; byte key[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; byte input[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; byte output[] = { 0xeb, 0xb7, 0x73, 0xf9, 0x93, 0x27, 0x8e, 0xff }; XMEMSET(cipher, 0, sizeof(cipher)); XMEMSET(plain, 0, sizeof(plain)); ExpectIntEQ(wc_Rc2SetKey(&rc2, key, (word32) sizeof(key) / sizeof(byte), NULL, effectiveKeyBits), 0); ExpectIntEQ(wc_Rc2EcbEncrypt(&rc2, cipher, input, RC2_BLOCK_SIZE), 0); ExpectIntEQ(XMEMCMP(cipher, output, RC2_BLOCK_SIZE), 0); ExpectIntEQ(wc_Rc2EcbDecrypt(&rc2, plain, cipher, RC2_BLOCK_SIZE), 0); ExpectIntEQ(XMEMCMP(plain, input, RC2_BLOCK_SIZE), 0); /* Rc2EcbEncrypt bad arguments */ /* null Rc2 struct */ ExpectIntEQ(wc_Rc2EcbEncrypt(NULL, cipher, input, RC2_BLOCK_SIZE), BAD_FUNC_ARG); /* null out buffer */ ExpectIntEQ(wc_Rc2EcbEncrypt(&rc2, NULL, input, RC2_BLOCK_SIZE), BAD_FUNC_ARG); /* null input buffer */ ExpectIntEQ(wc_Rc2EcbEncrypt(&rc2, cipher, NULL, RC2_BLOCK_SIZE), BAD_FUNC_ARG); /* output buffer sz != RC2_BLOCK_SIZE (8) */ ExpectIntEQ(wc_Rc2EcbEncrypt(&rc2, cipher, input, 7), BUFFER_E); /* Rc2EcbDecrypt bad arguments */ /* null Rc2 struct */ ExpectIntEQ(wc_Rc2EcbDecrypt(NULL, plain, output, RC2_BLOCK_SIZE), BAD_FUNC_ARG); /* null out buffer */ ExpectIntEQ(wc_Rc2EcbDecrypt(&rc2, NULL, output, RC2_BLOCK_SIZE), BAD_FUNC_ARG); /* null input buffer */ ExpectIntEQ(wc_Rc2EcbDecrypt(&rc2, plain, NULL, RC2_BLOCK_SIZE), BAD_FUNC_ARG); /* output buffer sz != RC2_BLOCK_SIZE (8) */ ExpectIntEQ(wc_Rc2EcbDecrypt(&rc2, plain, output, 7), BUFFER_E); #endif return EXPECT_RESULT(); } /* END test_wc_Rc2EcbEncryptDecrypt */ /* * Testing function for wc_Rc2CbcEncrypt() and wc_Rc2CbcDecrypt(). */ static int test_wc_Rc2CbcEncryptDecrypt(void) { EXPECT_DECLS; #ifdef WC_RC2 Rc2 rc2; int effectiveKeyBits = 63; byte cipher[RC2_BLOCK_SIZE*2]; byte plain[RC2_BLOCK_SIZE*2]; /* vector taken from test.c */ byte key[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; byte iv[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; byte input[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; byte output[] = { 0xeb, 0xb7, 0x73, 0xf9, 0x93, 0x27, 0x8e, 0xff, 0xf0, 0x51, 0x77, 0x8b, 0x65, 0xdb, 0x13, 0x57 }; XMEMSET(cipher, 0, sizeof(cipher)); XMEMSET(plain, 0, sizeof(plain)); ExpectIntEQ(wc_Rc2SetKey(&rc2, key, (word32) sizeof(key) / sizeof(byte), iv, effectiveKeyBits), 0); ExpectIntEQ(wc_Rc2CbcEncrypt(&rc2, cipher, input, sizeof(input)), 0); ExpectIntEQ(XMEMCMP(cipher, output, sizeof(output)), 0); /* reset IV for decrypt */ ExpectIntEQ(wc_Rc2SetIV(&rc2, iv), 0); ExpectIntEQ(wc_Rc2CbcDecrypt(&rc2, plain, cipher, sizeof(cipher)), 0); ExpectIntEQ(XMEMCMP(plain, input, sizeof(input)), 0); /* Rc2CbcEncrypt bad arguments */ /* null Rc2 struct */ ExpectIntEQ(wc_Rc2CbcEncrypt(NULL, cipher, input, sizeof(input)), BAD_FUNC_ARG); /* null out buffer */ ExpectIntEQ(wc_Rc2CbcEncrypt(&rc2, NULL, input, sizeof(input)), BAD_FUNC_ARG); /* null input buffer */ ExpectIntEQ(wc_Rc2CbcEncrypt(&rc2, cipher, NULL, sizeof(input)), BAD_FUNC_ARG); /* Rc2CbcDecrypt bad arguments */ /* in size is 0 */ ExpectIntEQ(wc_Rc2CbcDecrypt(&rc2, plain, output, 0), 0); /* null Rc2 struct */ ExpectIntEQ(wc_Rc2CbcDecrypt(NULL, plain, output, sizeof(output)), BAD_FUNC_ARG); /* null out buffer */ ExpectIntEQ(wc_Rc2CbcDecrypt(&rc2, NULL, output, sizeof(output)), BAD_FUNC_ARG); /* null input buffer */ ExpectIntEQ(wc_Rc2CbcDecrypt(&rc2, plain, NULL, sizeof(output)), BAD_FUNC_ARG); #endif return EXPECT_RESULT(); } /* END test_wc_Rc2CbcEncryptDecrypt */ /* * Testing function for wc_AesSetIV */ static int test_wc_AesSetIV(void) { int res = TEST_SKIPPED; #if !defined(NO_AES) && defined(WOLFSSL_AES_128) Aes aes; int ret = 0; byte key16[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66 }; byte iv1[] = "1234567890abcdef"; byte iv2[] = "0987654321fedcba"; ret = wc_AesInit(&aes, NULL, INVALID_DEVID); if (ret != 0) return ret; ret = wc_AesSetKey(&aes, key16, (word32) sizeof(key16) / sizeof(byte), iv1, AES_ENCRYPTION); if (ret == 0) { ret = wc_AesSetIV(&aes, iv2); } /* Test bad args. */ if (ret == 0) { ret = wc_AesSetIV(NULL, iv1); if (ret == BAD_FUNC_ARG) { /* NULL iv should return 0. */ ret = wc_AesSetIV(&aes, NULL); } else { ret = WOLFSSL_FATAL_ERROR; } } wc_AesFree(&aes); res = TEST_RES_CHECK(ret == 0); #endif return res; } /* test_wc_AesSetIV */ /* * Testing function for wc_AesSetKey(). */ static int test_wc_AesSetKey(void) { EXPECT_DECLS; #ifndef NO_AES Aes aes; byte key16[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66 }; #ifdef WOLFSSL_AES_192 byte key24[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37 }; #endif #ifdef WOLFSSL_AES_256 byte key32[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66 }; #endif byte badKey16[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65 }; byte iv[] = "1234567890abcdef"; XMEMSET(&aes, 0, sizeof(Aes)); ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0); #ifdef WOLFSSL_AES_128 ExpectIntEQ(wc_AesSetKey(&aes, key16, (word32)sizeof(key16) / sizeof(byte), iv, AES_ENCRYPTION), 0); #endif #ifdef WOLFSSL_AES_192 ExpectIntEQ(wc_AesSetKey(&aes, key24, (word32)sizeof(key24) / sizeof(byte), iv, AES_ENCRYPTION), 0); #endif #ifdef WOLFSSL_AES_256 ExpectIntEQ(wc_AesSetKey(&aes, key32, (word32)sizeof(key32) / sizeof(byte), iv, AES_ENCRYPTION), 0); #endif /* Pass in bad args. */ ExpectIntEQ(wc_AesSetKey(NULL, key16, (word32)sizeof(key16) / sizeof(byte), iv, AES_ENCRYPTION), BAD_FUNC_ARG); ExpectIntEQ(wc_AesSetKey(&aes, badKey16, (word32)sizeof(badKey16) / sizeof(byte), iv, AES_ENCRYPTION), BAD_FUNC_ARG); wc_AesFree(&aes); #endif return EXPECT_RESULT(); } /* END test_wc_AesSetKey */ /* * test function for wc_AesCbcEncrypt(), wc_AesCbcDecrypt(), * and wc_AesCbcDecryptWithKey() */ static int test_wc_AesCbcEncryptDecrypt(void) { EXPECT_DECLS; #if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(HAVE_AES_DECRYPT)&& \ defined(WOLFSSL_AES_256) Aes aes; byte key32[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66 }; byte vector[] = { /* Now is the time for all good men w/o trailing 0 */ 0x4e, 0x6f, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74, 0x68, 0x65, 0x20, 0x74, 0x69, 0x6d, 0x65, 0x20, 0x66, 0x6f, 0x72, 0x20, 0x61, 0x6c, 0x6c, 0x20, 0x67, 0x6f, 0x6f, 0x64, 0x20, 0x6d, 0x65, 0x6e }; byte iv[] = "1234567890abcdef"; byte enc[sizeof(vector)]; byte dec[sizeof(vector)]; byte dec2[sizeof(vector)]; /* Init stack variables. */ XMEMSET(&aes, 0, sizeof(Aes)); XMEMSET(enc, 0, sizeof(enc)); XMEMSET(dec, 0, sizeof(vector)); XMEMSET(dec2, 0, sizeof(vector)); ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_AesSetKey(&aes, key32, AES_BLOCK_SIZE * 2, iv, AES_ENCRYPTION), 0); ExpectIntEQ(wc_AesCbcEncrypt(&aes, enc, vector, sizeof(vector)), 0); /* Re init for decrypt and set flag. */ ExpectIntEQ(wc_AesSetKey(&aes, key32, AES_BLOCK_SIZE * 2, iv, AES_DECRYPTION), 0); ExpectIntEQ(wc_AesCbcDecrypt(&aes, dec, enc, sizeof(vector)), 0); ExpectIntEQ(XMEMCMP(vector, dec, sizeof(vector)), 0); ExpectIntEQ(wc_AesCbcDecryptWithKey(dec2, enc, AES_BLOCK_SIZE, key32, sizeof(key32)/sizeof(byte), iv), 0); ExpectIntEQ(XMEMCMP(vector, dec2, AES_BLOCK_SIZE), 0); /* Pass in bad args */ ExpectIntEQ(wc_AesCbcEncrypt(NULL, enc, vector, sizeof(vector)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCbcEncrypt(&aes, NULL, vector, sizeof(vector)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCbcEncrypt(&aes, enc, NULL, sizeof(vector)), BAD_FUNC_ARG); #ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS ExpectIntEQ(wc_AesCbcEncrypt(&aes, enc, vector, sizeof(vector) - 1), BAD_LENGTH_E); #endif #if defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \ (HAVE_FIPS_VERSION == 2) && defined(WOLFSSL_AESNI) fprintf(stderr, "Zero length inputs not supported with AESNI in FIPS " "mode (v2), skip test"); #else /* Test passing in size of 0 */ XMEMSET(enc, 0, sizeof(enc)); ExpectIntEQ(wc_AesCbcEncrypt(&aes, enc, vector, 0), 0); /* Check enc was not modified */ { int i; for (i = 0; i < (int)sizeof(enc); i++) ExpectIntEQ(enc[i], 0); } #endif ExpectIntEQ(wc_AesCbcDecrypt(NULL, dec, enc, AES_BLOCK_SIZE), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCbcDecrypt(&aes, NULL, enc, AES_BLOCK_SIZE), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCbcDecrypt(&aes, dec, NULL, AES_BLOCK_SIZE), BAD_FUNC_ARG); #ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS ExpectIntEQ(wc_AesCbcDecrypt(&aes, dec, enc, AES_BLOCK_SIZE * 2 - 1), BAD_LENGTH_E); #else ExpectIntEQ(wc_AesCbcDecrypt(&aes, dec, enc, AES_BLOCK_SIZE * 2 - 1), BAD_FUNC_ARG); #endif /* Test passing in size of 0 */ XMEMSET(dec, 0, sizeof(dec)); ExpectIntEQ(wc_AesCbcDecrypt(&aes, dec, enc, 0), 0); /* Check dec was not modified */ { int i; for (i = 0; i < (int)sizeof(dec); i++) ExpectIntEQ(dec[i], 0); } ExpectIntEQ(wc_AesCbcDecryptWithKey(NULL, enc, AES_BLOCK_SIZE, key32, sizeof(key32)/sizeof(byte), iv), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCbcDecryptWithKey(dec2, NULL, AES_BLOCK_SIZE, key32, sizeof(key32)/sizeof(byte), iv), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCbcDecryptWithKey(dec2, enc, AES_BLOCK_SIZE, NULL, sizeof(key32)/sizeof(byte), iv), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCbcDecryptWithKey(dec2, enc, AES_BLOCK_SIZE, key32, sizeof(key32)/sizeof(byte), NULL), BAD_FUNC_ARG); wc_AesFree(&aes); #endif return EXPECT_RESULT(); } /* END test_wc_AesCbcEncryptDecrypt */ /* * Testing wc_AesCtrEncrypt and wc_AesCtrDecrypt */ static int test_wc_AesCtrEncryptDecrypt(void) { EXPECT_DECLS; #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_256) Aes aesEnc; Aes aesDec; byte key32[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66 }; byte vector[] = { /* Now is the time for all w/o trailing 0 */ 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 }; byte iv[] = "1234567890abcdef"; byte enc[AES_BLOCK_SIZE * 2]; byte dec[AES_BLOCK_SIZE * 2]; /* Init stack variables. */ XMEMSET(&aesEnc, 0, sizeof(Aes)); XMEMSET(&aesDec, 0, sizeof(Aes)); XMEMSET(enc, 0, AES_BLOCK_SIZE * 2); XMEMSET(dec, 0, AES_BLOCK_SIZE * 2); ExpectIntEQ(wc_AesInit(&aesEnc, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_AesInit(&aesDec, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_AesSetKey(&aesEnc, key32, AES_BLOCK_SIZE * 2, iv, AES_ENCRYPTION), 0); ExpectIntEQ(wc_AesCtrEncrypt(&aesEnc, enc, vector, sizeof(vector)/sizeof(byte)), 0); /* Decrypt with wc_AesCtrEncrypt() */ ExpectIntEQ(wc_AesSetKey(&aesDec, key32, AES_BLOCK_SIZE * 2, iv, AES_ENCRYPTION), 0); ExpectIntEQ(wc_AesCtrEncrypt(&aesDec, dec, enc, sizeof(enc)/sizeof(byte)), 0); ExpectIntEQ(XMEMCMP(vector, dec, sizeof(vector)), 0); /* Test bad args. */ ExpectIntEQ(wc_AesCtrEncrypt(NULL, dec, enc, sizeof(enc)/sizeof(byte)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCtrEncrypt(&aesDec, NULL, enc, sizeof(enc)/sizeof(byte)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCtrEncrypt(&aesDec, dec, NULL, sizeof(enc)/sizeof(byte)), BAD_FUNC_ARG); wc_AesFree(&aesEnc); wc_AesFree(&aesDec); #endif return EXPECT_RESULT(); } /* END test_wc_AesCtrEncryptDecrypt */ /* * test function for wc_AesGcmSetKey() */ static int test_wc_AesGcmSetKey(void) { EXPECT_DECLS; #if !defined(NO_AES) && defined(HAVE_AESGCM) Aes aes; #ifdef WOLFSSL_AES_128 byte key16[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66 }; #endif #ifdef WOLFSSL_AES_192 byte key24[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37 }; #endif #ifdef WOLFSSL_AES_256 byte key32[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66 }; #endif byte badKey16[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65 }; byte badKey24[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36 }; byte badKey32[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x37, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65 }; ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0); #ifdef WOLFSSL_AES_128 ExpectIntEQ(wc_AesGcmSetKey(&aes, key16, sizeof(key16)/sizeof(byte)), 0); #endif #ifdef WOLFSSL_AES_192 ExpectIntEQ(wc_AesGcmSetKey(&aes, key24, sizeof(key24)/sizeof(byte)), 0); #endif #ifdef WOLFSSL_AES_256 ExpectIntEQ(wc_AesGcmSetKey(&aes, key32, sizeof(key32)/sizeof(byte)), 0); #endif /* Pass in bad args. */ ExpectIntEQ(wc_AesGcmSetKey(&aes, badKey16, sizeof(badKey16)/sizeof(byte)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmSetKey(&aes, badKey24, sizeof(badKey24)/sizeof(byte)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmSetKey(&aes, badKey32, sizeof(badKey32)/sizeof(byte)), BAD_FUNC_ARG); wc_AesFree(&aes); #endif return EXPECT_RESULT(); } /* END test_wc_AesGcmSetKey */ /* * test function for wc_AesGcmEncrypt and wc_AesGcmDecrypt */ static int test_wc_AesGcmEncryptDecrypt(void) { EXPECT_DECLS; /* WOLFSSL_AFALG requires 12 byte IV */ #if !defined(NO_AES) && defined(HAVE_AESGCM) && defined(WOLFSSL_AES_256) && \ !defined(WOLFSSL_AFALG) && !defined(WOLFSSL_DEVCRYPTO_AES) Aes aes; byte key32[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66 }; byte vector[] = { /* Now is the time for all w/o trailing 0 */ 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 }; const byte a[] = { 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, 0xab, 0xad, 0xda, 0xd2 }; byte iv[] = "1234567890a"; byte longIV[] = "1234567890abcdefghij"; byte enc[sizeof(vector)]; byte resultT[AES_BLOCK_SIZE]; byte dec[sizeof(vector)]; /* Init stack variables. */ XMEMSET(&aes, 0, sizeof(Aes)); XMEMSET(enc, 0, sizeof(vector)); XMEMSET(dec, 0, sizeof(vector)); XMEMSET(resultT, 0, AES_BLOCK_SIZE); ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_AesGcmSetKey(&aes, key32, sizeof(key32)/sizeof(byte)), 0); ExpectIntEQ(wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), iv, sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)), 0); ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, enc, sizeof(vector), iv, sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)), 0); ExpectIntEQ(XMEMCMP(vector, dec, sizeof(vector)), 0); /* Test bad args for wc_AesGcmEncrypt and wc_AesGcmDecrypt */ ExpectIntEQ(wc_AesGcmEncrypt(NULL, enc, vector, sizeof(vector), iv, sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), iv, sizeof(iv)/sizeof(byte), resultT, sizeof(resultT) + 1, a, sizeof(a)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), iv, sizeof(iv)/sizeof(byte), resultT, sizeof(resultT) - 5, a, sizeof(a)), BAD_FUNC_ARG); #if (defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \ (HAVE_FIPS_VERSION == 2)) || defined(HAVE_SELFTEST) || \ defined(WOLFSSL_AES_GCM_FIXED_IV_AAD) /* FIPS does not check the lower bound of ivSz */ #else ExpectIntEQ(wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), iv, 0, resultT, sizeof(resultT), a, sizeof(a)), BAD_FUNC_ARG); #endif /* This case is now considered good. Long IVs are now allowed. * Except for the original FIPS release, it still has an upper * bound on the IV length. */ #if (!defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))) && \ !defined(WOLFSSL_AES_GCM_FIXED_IV_AAD) ExpectIntEQ(wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), longIV, sizeof(longIV)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)), 0); #else (void)longIV; #endif /* Old FIPS */ /* END wc_AesGcmEncrypt */ #ifdef HAVE_AES_DECRYPT ExpectIntEQ(wc_AesGcmDecrypt(NULL, dec, enc, sizeof(enc)/sizeof(byte), iv, sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmDecrypt(&aes, NULL, enc, sizeof(enc)/sizeof(byte), iv, sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, NULL, sizeof(enc)/sizeof(byte), iv, sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte), NULL, sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte), iv, sizeof(iv)/sizeof(byte), NULL, sizeof(resultT), a, sizeof(a)), BAD_FUNC_ARG); #if (defined(HAVE_FIPS) && FIPS_VERSION_LE(2,0) && defined(WOLFSSL_ARMASM)) ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte), iv, sizeof(iv)/sizeof(byte), resultT, sizeof(resultT) + 1, a, sizeof(a)), AES_GCM_AUTH_E); #else ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte), iv, sizeof(iv)/sizeof(byte), resultT, sizeof(resultT) + 1, a, sizeof(a)), BAD_FUNC_ARG); #endif #if ((defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \ (HAVE_FIPS_VERSION == 2)) || defined(HAVE_SELFTEST)) && \ !defined(WOLFSSL_AES_GCM_FIXED_IV_AAD) /* FIPS does not check the lower bound of ivSz */ #else ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte), iv, 0, resultT, sizeof(resultT), a, sizeof(a)), BAD_FUNC_ARG); #endif #endif /* HAVE_AES_DECRYPT */ wc_AesFree(&aes); #endif return EXPECT_RESULT(); } /* END test_wc_AesGcmEncryptDecrypt */ /* * test function for mixed (one-shot encrpytion + stream decryption) AES GCM * using a long IV (older FIPS does NOT support long IVs). Relates to zd15423 */ static int test_wc_AesGcmMixedEncDecLongIV(void) { EXPECT_DECLS; #if (!defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))) && \ !defined(NO_AES) && defined(HAVE_AESGCM) && defined(WOLFSSL_AESGCM_STREAM) const byte key[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66 }; const byte in[] = { 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 }; const byte aad[] = { 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, 0xab, 0xad, 0xda, 0xd2 }; Aes aesEnc; Aes aesDec; byte iv[] = "1234567890abcdefghij"; byte out[sizeof(in)]; byte plain[sizeof(in)]; byte tag[AES_BLOCK_SIZE]; XMEMSET(&aesEnc, 0, sizeof(Aes)); XMEMSET(&aesDec, 0, sizeof(Aes)); XMEMSET(out, 0, sizeof(out)); XMEMSET(plain, 0, sizeof(plain)); XMEMSET(tag, 0, sizeof(tag)); /* Perform one-shot encryption using long IV */ ExpectIntEQ(wc_AesInit(&aesEnc, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_AesGcmSetKey(&aesEnc, key, sizeof(key)), 0); ExpectIntEQ(wc_AesGcmEncrypt(&aesEnc, out, in, sizeof(in), iv, sizeof(iv), tag, sizeof(tag), aad, sizeof(aad)), 0); /* Perform streaming decryption using long IV */ ExpectIntEQ(wc_AesInit(&aesDec, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_AesGcmInit(&aesDec, key, sizeof(key), iv, sizeof(iv)), 0); ExpectIntEQ(wc_AesGcmDecryptUpdate(&aesDec, plain, out, sizeof(out), aad, sizeof(aad)), 0); ExpectIntEQ(wc_AesGcmDecryptFinal(&aesDec, tag, sizeof(tag)), 0); ExpectIntEQ(XMEMCMP(plain, in, sizeof(in)), 0); /* Free resources */ wc_AesFree(&aesEnc); wc_AesFree(&aesDec); #endif return EXPECT_RESULT(); } /* END wc_AesGcmMixedEncDecLongIV */ /* * unit test for wc_GmacSetKey() */ static int test_wc_GmacSetKey(void) { EXPECT_DECLS; #if !defined(NO_AES) && defined(HAVE_AESGCM) Gmac gmac; byte key16[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66 }; #ifdef WOLFSSL_AES_192 byte key24[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37 }; #endif #ifdef WOLFSSL_AES_256 byte key32[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66 }; #endif byte badKey16[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x66 }; byte badKey24[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37 }; byte badKey32[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x64, 0x65, 0x66, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66 }; XMEMSET(&gmac, 0, sizeof(Gmac)); ExpectIntEQ(wc_AesInit(&gmac.aes, NULL, INVALID_DEVID), 0); #ifdef WOLFSSL_AES_128 ExpectIntEQ(wc_GmacSetKey(&gmac, key16, sizeof(key16)/sizeof(byte)), 0); #endif #ifdef WOLFSSL_AES_192 ExpectIntEQ(wc_GmacSetKey(&gmac, key24, sizeof(key24)/sizeof(byte)), 0); #endif #ifdef WOLFSSL_AES_256 ExpectIntEQ(wc_GmacSetKey(&gmac, key32, sizeof(key32)/sizeof(byte)), 0); #endif /* Pass in bad args. */ ExpectIntEQ(wc_GmacSetKey(NULL, key16, sizeof(key16)/sizeof(byte)), BAD_FUNC_ARG); ExpectIntEQ(wc_GmacSetKey(&gmac, NULL, sizeof(key16)/sizeof(byte)), BAD_FUNC_ARG); ExpectIntEQ(wc_GmacSetKey(&gmac, badKey16, sizeof(badKey16)/sizeof(byte)), BAD_FUNC_ARG); ExpectIntEQ(wc_GmacSetKey(&gmac, badKey24, sizeof(badKey24)/sizeof(byte)), BAD_FUNC_ARG); ExpectIntEQ(wc_GmacSetKey(&gmac, badKey32, sizeof(badKey32)/sizeof(byte)), BAD_FUNC_ARG); wc_AesFree(&gmac.aes); #endif return EXPECT_RESULT(); } /* END test_wc_GmacSetKey */ /* * unit test for wc_GmacUpdate */ static int test_wc_GmacUpdate(void) { EXPECT_DECLS; #if !defined(NO_AES) && defined(HAVE_AESGCM) Gmac gmac; #ifdef WOLFSSL_AES_128 const byte key16[] = { 0x89, 0xc9, 0x49, 0xe9, 0xc8, 0x04, 0xaf, 0x01, 0x4d, 0x56, 0x04, 0xb3, 0x94, 0x59, 0xf2, 0xc8 }; #endif #ifdef WOLFSSL_AES_192 byte key24[] = { 0x41, 0xc5, 0xda, 0x86, 0x67, 0xef, 0x72, 0x52, 0x20, 0xff, 0xe3, 0x9a, 0xe0, 0xac, 0x59, 0x0a, 0xc9, 0xfc, 0xa7, 0x29, 0xab, 0x60, 0xad, 0xa0 }; #endif #ifdef WOLFSSL_AES_256 byte key32[] = { 0x78, 0xdc, 0x4e, 0x0a, 0xaf, 0x52, 0xd9, 0x35, 0xc3, 0xc0, 0x1e, 0xea, 0x57, 0x42, 0x8f, 0x00, 0xca, 0x1f, 0xd4, 0x75, 0xf5, 0xda, 0x86, 0xa4, 0x9c, 0x8d, 0xd7, 0x3d, 0x68, 0xc8, 0xe2, 0x23 }; #endif #ifdef WOLFSSL_AES_128 const byte authIn[] = { 0x82, 0xad, 0xcd, 0x63, 0x8d, 0x3f, 0xa9, 0xd9, 0xf3, 0xe8, 0x41, 0x00, 0xd6, 0x1e, 0x07, 0x77 }; #endif #ifdef WOLFSSL_AES_192 const byte authIn2[] = { 0x8b, 0x5c, 0x12, 0x4b, 0xef, 0x6e, 0x2f, 0x0f, 0xe4, 0xd8, 0xc9, 0x5c, 0xd5, 0xfa, 0x4c, 0xf1 }; #endif const byte authIn3[] = { 0xb9, 0x6b, 0xaa, 0x8c, 0x1c, 0x75, 0xa6, 0x71, 0xbf, 0xb2, 0xd0, 0x8d, 0x06, 0xbe, 0x5f, 0x36 }; #ifdef WOLFSSL_AES_128 const byte tag1[] = { /* Known. */ 0x88, 0xdb, 0x9d, 0x62, 0x17, 0x2e, 0xd0, 0x43, 0xaa, 0x10, 0xf1, 0x6d, 0x22, 0x7d, 0xc4, 0x1b }; #endif #ifdef WOLFSSL_AES_192 const byte tag2[] = { /* Known */ 0x20, 0x4b, 0xdb, 0x1b, 0xd6, 0x21, 0x54, 0xbf, 0x08, 0x92, 0x2a, 0xaa, 0x54, 0xee, 0xd7, 0x05 }; #endif const byte tag3[] = { /* Known */ 0x3e, 0x5d, 0x48, 0x6a, 0xa2, 0xe3, 0x0b, 0x22, 0xe0, 0x40, 0xb8, 0x57, 0x23, 0xa0, 0x6e, 0x76 }; #ifdef WOLFSSL_AES_128 const byte iv[] = { 0xd1, 0xb1, 0x04, 0xc8, 0x15, 0xbf, 0x1e, 0x94, 0xe2, 0x8c, 0x8f, 0x16 }; #endif #ifdef WOLFSSL_AES_192 const byte iv2[] = { 0x05, 0xad, 0x13, 0xa5, 0xe2, 0xc2, 0xab, 0x66, 0x7e, 0x1a, 0x6f, 0xbc }; #endif const byte iv3[] = { 0xd7, 0x9c, 0xf2, 0x2d, 0x50, 0x4c, 0xc7, 0x93, 0xc3, 0xfb, 0x6c, 0x8a }; byte tagOut[16]; byte tagOut2[24]; byte tagOut3[32]; /* Init stack variables. */ XMEMSET(&gmac, 0, sizeof(Gmac)); XMEMSET(tagOut, 0, sizeof(tagOut)); XMEMSET(tagOut2, 0, sizeof(tagOut2)); XMEMSET(tagOut3, 0, sizeof(tagOut3)); #ifdef WOLFSSL_AES_128 ExpectIntEQ(wc_AesInit(&gmac.aes, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_GmacSetKey(&gmac, key16, sizeof(key16)), 0); ExpectIntEQ(wc_GmacUpdate(&gmac, iv, sizeof(iv), authIn, sizeof(authIn), tagOut, sizeof(tag1)), 0); ExpectIntEQ(XMEMCMP(tag1, tagOut, sizeof(tag1)), 0); wc_AesFree(&gmac.aes); #endif #ifdef WOLFSSL_AES_192 ExpectNotNull(XMEMSET(&gmac, 0, sizeof(Gmac))); ExpectIntEQ(wc_AesInit(&gmac.aes, HEAP_HINT, INVALID_DEVID), 0); ExpectIntEQ(wc_GmacSetKey(&gmac, key24, sizeof(key24)/sizeof(byte)), 0); ExpectIntEQ(wc_GmacUpdate(&gmac, iv2, sizeof(iv2), authIn2, sizeof(authIn2), tagOut2, sizeof(tag2)), 0); ExpectIntEQ(XMEMCMP(tagOut2, tag2, sizeof(tag2)), 0); wc_AesFree(&gmac.aes); #endif #ifdef WOLFSSL_AES_256 ExpectNotNull(XMEMSET(&gmac, 0, sizeof(Gmac))); ExpectIntEQ(wc_AesInit(&gmac.aes, HEAP_HINT, INVALID_DEVID), 0); ExpectIntEQ(wc_GmacSetKey(&gmac, key32, sizeof(key32)/sizeof(byte)), 0); ExpectIntEQ(wc_GmacUpdate(&gmac, iv3, sizeof(iv3), authIn3, sizeof(authIn3), tagOut3, sizeof(tag3)), 0); ExpectIntEQ(XMEMCMP(tag3, tagOut3, sizeof(tag3)), 0); wc_AesFree(&gmac.aes); #endif /* Pass bad args. */ ExpectIntEQ(wc_AesInit(&gmac.aes, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_GmacUpdate(NULL, iv3, sizeof(iv3), authIn3, sizeof(authIn3), tagOut3, sizeof(tag3)), BAD_FUNC_ARG); ExpectIntEQ(wc_GmacUpdate(&gmac, iv3, sizeof(iv3), authIn3, sizeof(authIn3), tagOut3, sizeof(tag3) - 5), BAD_FUNC_ARG); ExpectIntEQ(wc_GmacUpdate(&gmac, iv3, sizeof(iv3), authIn3, sizeof(authIn3), tagOut3, sizeof(tag3) + 1), BAD_FUNC_ARG); wc_AesFree(&gmac.aes); #endif return EXPECT_RESULT(); } /* END test_wc_GmacUpdate */ /* * testing wc_CamelliaSetKey */ static int test_wc_CamelliaSetKey(void) { EXPECT_DECLS; #ifdef HAVE_CAMELLIA Camellia camellia; /*128-bit key*/ static const byte key16[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 }; /* 192-bit key */ static const byte key24[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 }; /* 256-bit key */ static const byte key32[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff }; static const byte iv[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F }; ExpectIntEQ(wc_CamelliaSetKey(&camellia, key16, (word32)sizeof(key16), iv), 0); ExpectIntEQ(wc_CamelliaSetKey(&camellia, key16, (word32)sizeof(key16), NULL), 0); ExpectIntEQ(wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24), iv), 0); ExpectIntEQ(wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24), NULL), 0); ExpectIntEQ(wc_CamelliaSetKey(&camellia, key32, (word32)sizeof(key32), iv), 0); ExpectIntEQ(wc_CamelliaSetKey(&camellia, key32, (word32)sizeof(key32), NULL), 0); /* Bad args. */ ExpectIntEQ(wc_CamelliaSetKey(NULL, key32, (word32)sizeof(key32), iv), BAD_FUNC_ARG); #endif return EXPECT_RESULT(); } /* END test_wc_CammeliaSetKey */ /* * Testing wc_CamelliaSetIV() */ static int test_wc_CamelliaSetIV(void) { EXPECT_DECLS; #ifdef HAVE_CAMELLIA Camellia camellia; static const byte iv[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F }; ExpectIntEQ(wc_CamelliaSetIV(&camellia, iv), 0); ExpectIntEQ(wc_CamelliaSetIV(&camellia, NULL), 0); /* Bad args. */ ExpectIntEQ(wc_CamelliaSetIV(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_CamelliaSetIV(NULL, iv), BAD_FUNC_ARG); #endif return EXPECT_RESULT(); } /* END test_wc_CamelliaSetIV*/ /* * Test wc_CamelliaEncryptDirect and wc_CamelliaDecryptDirect */ static int test_wc_CamelliaEncryptDecryptDirect(void) { EXPECT_DECLS; #ifdef HAVE_CAMELLIA Camellia camellia; static const byte key24[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 }; static const byte iv[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F }; static const byte plainT[] = { 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96, 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A }; byte enc[sizeof(plainT)]; byte dec[sizeof(enc)]; /* Init stack variables.*/ XMEMSET(enc, 0, 16); XMEMSET(enc, 0, 16); ExpectIntEQ(wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24), iv), 0); ExpectIntEQ(wc_CamelliaEncryptDirect(&camellia, enc, plainT), 0); ExpectIntEQ(wc_CamelliaDecryptDirect(&camellia, dec, enc), 0); ExpectIntEQ(XMEMCMP(plainT, dec, CAMELLIA_BLOCK_SIZE), 0); /* Pass bad args. */ ExpectIntEQ(wc_CamelliaEncryptDirect(NULL, enc, plainT), BAD_FUNC_ARG); ExpectIntEQ(wc_CamelliaEncryptDirect(&camellia, NULL, plainT), BAD_FUNC_ARG); ExpectIntEQ(wc_CamelliaEncryptDirect(&camellia, enc, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_CamelliaDecryptDirect(NULL, dec, enc), BAD_FUNC_ARG); ExpectIntEQ(wc_CamelliaDecryptDirect(&camellia, NULL, enc), BAD_FUNC_ARG); ExpectIntEQ(wc_CamelliaDecryptDirect(&camellia, dec, NULL), BAD_FUNC_ARG); #endif return EXPECT_RESULT(); } /* END test-wc_CamelliaEncryptDecryptDirect */ /* * Testing wc_CamelliaCbcEncrypt and wc_CamelliaCbcDecrypt */ static int test_wc_CamelliaCbcEncryptDecrypt(void) { EXPECT_DECLS; #ifdef HAVE_CAMELLIA Camellia camellia; static const byte key24[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 }; static const byte plainT[] = { 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96, 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A }; byte enc[CAMELLIA_BLOCK_SIZE]; byte dec[CAMELLIA_BLOCK_SIZE]; /* Init stack variables. */ XMEMSET(enc, 0, CAMELLIA_BLOCK_SIZE); XMEMSET(enc, 0, CAMELLIA_BLOCK_SIZE); ExpectIntEQ(wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24), NULL), 0); ExpectIntEQ(wc_CamelliaCbcEncrypt(&camellia, enc, plainT, CAMELLIA_BLOCK_SIZE), 0); ExpectIntEQ(wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24), NULL), 0); ExpectIntEQ(wc_CamelliaCbcDecrypt(&camellia, dec, enc, CAMELLIA_BLOCK_SIZE), 0); ExpectIntEQ(XMEMCMP(plainT, dec, CAMELLIA_BLOCK_SIZE), 0); /* Pass in bad args. */ ExpectIntEQ(wc_CamelliaCbcEncrypt(NULL, enc, plainT, CAMELLIA_BLOCK_SIZE), BAD_FUNC_ARG); ExpectIntEQ(wc_CamelliaCbcEncrypt(&camellia, NULL, plainT, CAMELLIA_BLOCK_SIZE), BAD_FUNC_ARG); ExpectIntEQ(wc_CamelliaCbcEncrypt(&camellia, enc, NULL, CAMELLIA_BLOCK_SIZE), BAD_FUNC_ARG); ExpectIntEQ(wc_CamelliaCbcDecrypt(NULL, dec, enc, CAMELLIA_BLOCK_SIZE), BAD_FUNC_ARG); ExpectIntEQ(wc_CamelliaCbcDecrypt(&camellia, NULL, enc, CAMELLIA_BLOCK_SIZE), BAD_FUNC_ARG); ExpectIntEQ(wc_CamelliaCbcDecrypt(&camellia, dec, NULL, CAMELLIA_BLOCK_SIZE), BAD_FUNC_ARG); #endif return EXPECT_RESULT(); } /* END test_wc_CamelliaCbcEncryptDecrypt */ /* * Testing wc_Arc4SetKey() */ static int test_wc_Arc4SetKey(void) { EXPECT_DECLS; #ifndef NO_RC4 Arc4 arc; const char* key = "\x01\x23\x45\x67\x89\xab\xcd\xef"; int keyLen = 8; ExpectIntEQ(wc_Arc4SetKey(&arc, (byte*)key, keyLen), 0); /* Test bad args. */ ExpectIntEQ(wc_Arc4SetKey(NULL, (byte*)key, keyLen), BAD_FUNC_ARG); ExpectIntEQ(wc_Arc4SetKey(&arc, NULL , keyLen), BAD_FUNC_ARG); ExpectIntEQ(wc_Arc4SetKey(&arc, (byte*)key, 0 ), BAD_FUNC_ARG); #endif return EXPECT_RESULT(); } /* END test_wc_Arc4SetKey */ /* * Testing wc_Arc4Process for ENC/DEC. */ static int test_wc_Arc4Process(void) { EXPECT_DECLS; #ifndef NO_RC4 Arc4 enc; Arc4 dec; const char* key = "\x01\x23\x45\x67\x89\xab\xcd\xef"; int keyLen = 8; const char* input = "\x01\x23\x45\x67\x89\xab\xcd\xef"; byte cipher[8]; byte plain[8]; /* Init stack variables */ XMEMSET(&enc, 0, sizeof(Arc4)); XMEMSET(&dec, 0, sizeof(Arc4)); XMEMSET(cipher, 0, sizeof(cipher)); XMEMSET(plain, 0, sizeof(plain)); /* Use for async. */ ExpectIntEQ(wc_Arc4Init(&enc, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_Arc4Init(&dec, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_Arc4SetKey(&enc, (byte*)key, keyLen), 0); ExpectIntEQ(wc_Arc4SetKey(&dec, (byte*)key, keyLen), 0); ExpectIntEQ(wc_Arc4Process(&enc, cipher, (byte*)input, keyLen), 0); ExpectIntEQ(wc_Arc4Process(&dec, plain, cipher, keyLen), 0); ExpectIntEQ(XMEMCMP(plain, input, keyLen), 0); /* Bad args. */ ExpectIntEQ(wc_Arc4Process(NULL, plain, cipher, keyLen), BAD_FUNC_ARG); ExpectIntEQ(wc_Arc4Process(&dec, NULL, cipher, keyLen), BAD_FUNC_ARG); ExpectIntEQ(wc_Arc4Process(&dec, plain, NULL, keyLen), BAD_FUNC_ARG); wc_Arc4Free(&enc); wc_Arc4Free(&dec); #endif return EXPECT_RESULT(); } /* END test_wc_Arc4Process */ /* * Testing wc_Init RsaKey() */ static int test_wc_InitRsaKey(void) { EXPECT_DECLS; #ifndef NO_RSA RsaKey key; XMEMSET(&key, 0, sizeof(RsaKey)); ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0); /* Test bad args. */ ExpectIntEQ(wc_InitRsaKey(NULL, HEAP_HINT), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRsaKey(&key), 0); #endif return EXPECT_RESULT(); } /* END test_wc_InitRsaKey */ /* * Testing wc_RsaPrivateKeyDecode() */ static int test_wc_RsaPrivateKeyDecode(void) { EXPECT_DECLS; #if !defined(NO_RSA) && (defined(USE_CERT_BUFFERS_1024)\ || defined(USE_CERT_BUFFERS_2048)) && !defined(HAVE_FIPS) RsaKey key; byte* tmp = NULL; word32 idx = 0; int bytes = 0; XMEMSET(&key, 0, sizeof(RsaKey)); ExpectNotNull(tmp = (byte*)XMALLOC(FOURK_BUF, NULL, DYNAMIC_TYPE_TMP_BUFFER)); ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0); if (tmp != NULL) { #ifdef USE_CERT_BUFFERS_1024 XMEMCPY(tmp, client_key_der_1024, sizeof_client_key_der_1024); bytes = sizeof_client_key_der_1024; #else XMEMCPY(tmp, client_key_der_2048, sizeof_client_key_der_2048); bytes = sizeof_client_key_der_2048; #endif /* Use cert buffers. */ } ExpectIntEQ(wc_RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes), 0); /* Test bad args. */ ExpectIntEQ(wc_RsaPrivateKeyDecode(NULL, &idx, &key, (word32)bytes), BAD_FUNC_ARG); ExpectIntEQ(wc_RsaPrivateKeyDecode(tmp, NULL, &key, (word32)bytes), BAD_FUNC_ARG); ExpectIntEQ(wc_RsaPrivateKeyDecode(tmp, &idx, NULL, (word32)bytes), BAD_FUNC_ARG); XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); DoExpectIntEQ(wc_FreeRsaKey(&key), 0); #endif return EXPECT_RESULT(); } /* END test_wc_RsaPrivateKeyDecode */ /* * Testing wc_RsaPublicKeyDecode() */ static int test_wc_RsaPublicKeyDecode(void) { EXPECT_DECLS; #if !defined(NO_RSA) && (defined(USE_CERT_BUFFERS_1024)\ || defined(USE_CERT_BUFFERS_2048)) && !defined(HAVE_FIPS) RsaKey keyPub; byte* tmp = NULL; word32 idx = 0; int bytes = 0; word32 keySz = 0; word32 tstKeySz = 0; #if defined(WC_RSA_PSS) && !defined(NO_FILESYSTEM) XFILE f = XBADFILE; const char* rsaPssPubKey = "./certs/rsapss/ca-rsapss-key.der"; const char* rsaPssPubKeyNoParams = "./certs/rsapss/ca-3072-rsapss-key.der"; byte buf[4096]; #endif XMEMSET(&keyPub, 0, sizeof(RsaKey)); ExpectNotNull(tmp = (byte*)XMALLOC(GEN_BUF, NULL, DYNAMIC_TYPE_TMP_BUFFER)); ExpectIntEQ(wc_InitRsaKey(&keyPub, HEAP_HINT), 0); if (tmp != NULL) { #ifdef USE_CERT_BUFFERS_1024 XMEMCPY(tmp, client_keypub_der_1024, sizeof_client_keypub_der_1024); bytes = sizeof_client_keypub_der_1024; keySz = 1024; #else XMEMCPY(tmp, client_keypub_der_2048, sizeof_client_keypub_der_2048); bytes = sizeof_client_keypub_der_2048; keySz = 2048; #endif } ExpectIntEQ(wc_RsaPublicKeyDecode(tmp, &idx, &keyPub, (word32)bytes), 0); /* Pass in bad args. */ ExpectIntEQ(wc_RsaPublicKeyDecode(NULL, &idx, &keyPub, (word32)bytes), BAD_FUNC_ARG); ExpectIntEQ(wc_RsaPublicKeyDecode(tmp, NULL, &keyPub, (word32)bytes), BAD_FUNC_ARG); ExpectIntEQ(wc_RsaPublicKeyDecode(tmp, &idx, NULL, (word32)bytes), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRsaKey(&keyPub), 0); /* Test for getting modulus key size */ idx = 0; ExpectIntEQ(wc_RsaPublicKeyDecode_ex(tmp, &idx, (word32)bytes, NULL, &tstKeySz, NULL, NULL), 0); ExpectIntEQ(tstKeySz, keySz/8); #if defined(WC_RSA_PSS) && !defined(NO_FILESYSTEM) ExpectTrue((f = XFOPEN(rsaPssPubKey, "rb")) != XBADFILE); ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } idx = 0; ExpectIntEQ(wc_RsaPublicKeyDecode_ex(buf, &idx, bytes, NULL, NULL, NULL, NULL), 0); ExpectTrue((f = XFOPEN(rsaPssPubKeyNoParams, "rb")) != XBADFILE); ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0); if (f != XBADFILE) XFCLOSE(f); idx = 0; ExpectIntEQ(wc_RsaPublicKeyDecode_ex(buf, &idx, bytes, NULL, NULL, NULL, NULL), 0); #endif XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); #endif return EXPECT_RESULT(); } /* END test_wc_RsaPublicKeyDecode */ /* * Testing wc_RsaPublicKeyDecodeRaw() */ static int test_wc_RsaPublicKeyDecodeRaw(void) { EXPECT_DECLS; #if !defined(NO_RSA) RsaKey key; const byte n = 0x23; const byte e = 0x03; int nSz = sizeof(n); int eSz = sizeof(e); ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0); ExpectIntEQ(wc_RsaPublicKeyDecodeRaw(&n, nSz, &e, eSz, &key), 0); /* Pass in bad args. */ ExpectIntEQ(wc_RsaPublicKeyDecodeRaw(NULL, nSz, &e, eSz, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_RsaPublicKeyDecodeRaw(&n, nSz, NULL, eSz, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_RsaPublicKeyDecodeRaw(&n, nSz, &e, eSz, NULL), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRsaKey(&key), 0); #endif return EXPECT_RESULT(); } /* END test_wc_RsaPublicKeyDecodeRaw */ #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) /* In FIPS builds, wc_MakeRsaKey() will return an error if it cannot find * a probable prime in 5*(modLen/2) attempts. In non-FIPS builds, it keeps * trying until it gets a probable prime. */ #ifdef HAVE_FIPS static int MakeRsaKeyRetry(RsaKey* key, int size, long e, WC_RNG* rng) { int ret; for (;;) { ret = wc_MakeRsaKey(key, size, e, rng); if (ret != PRIME_GEN_E) break; fprintf(stderr, "MakeRsaKey couldn't find prime; " "trying again.\n"); } return ret; } #define MAKE_RSA_KEY(a, b, c, d) MakeRsaKeyRetry(a, b, c, d) #else #define MAKE_RSA_KEY(a, b, c, d) wc_MakeRsaKey(a, b, c, d) #endif #endif /* * Testing wc_MakeRsaKey() */ static int test_wc_MakeRsaKey(void) { EXPECT_DECLS; #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) RsaKey genKey; WC_RNG rng; #if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4)) int bits = 1024; #else int bits = 2048; #endif XMEMSET(&genKey, 0, sizeof(RsaKey)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_InitRsaKey(&genKey, HEAP_HINT), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, WC_RSA_EXPONENT, &rng), 0); DoExpectIntEQ(wc_FreeRsaKey(&genKey), 0); /* Test bad args. */ ExpectIntEQ(MAKE_RSA_KEY(NULL, bits, WC_RSA_EXPONENT, &rng), BAD_FUNC_ARG); ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, WC_RSA_EXPONENT, NULL), BAD_FUNC_ARG); /* e < 3 */ ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, 2, &rng), BAD_FUNC_ARG); /* e & 1 == 0 */ ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, 6, &rng), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRng(&rng), 0); #endif return EXPECT_RESULT(); } /* END test_wc_MakeRsaKey */ /* * Test the bounds checking on the cipher text versus the key modulus. * 1. Make a new RSA key. * 2. Set c to 1. * 3. Decrypt c into k. (error) * 4. Copy the key modulus to c and sub 1 from the copy. * 5. Decrypt c into k. (error) * Valid bounds test cases are covered by all the other RSA tests. */ static int test_RsaDecryptBoundsCheck(void) { EXPECT_DECLS; #if !defined(NO_RSA) && defined(WC_RSA_NO_PADDING) && \ (defined(USE_CERT_BUFFERS_1024) || defined(USE_CERT_BUFFERS_2048)) && \ defined(WOLFSSL_PUBLIC_MP) && !defined(NO_RSA_BOUNDS_CHECK) WC_RNG rng; RsaKey key; byte flatC[256]; word32 flatCSz; byte out[256]; word32 outSz = sizeof(out); XMEMSET(&key, 0, sizeof(RsaKey)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0); ExpectIntEQ(wc_InitRng(&rng), 0); if (EXPECT_SUCCESS()) { const byte* derKey; word32 derKeySz; word32 idx = 0; #ifdef USE_CERT_BUFFERS_1024 derKey = server_key_der_1024; derKeySz = (word32)sizeof_server_key_der_1024; flatCSz = 128; #else derKey = server_key_der_2048; derKeySz = (word32)sizeof_server_key_der_2048; flatCSz = 256; #endif ExpectIntEQ(wc_RsaPrivateKeyDecode(derKey, &idx, &key, derKeySz), 0); } if (EXPECT_SUCCESS()) { XMEMSET(flatC, 0, flatCSz); flatC[flatCSz-1] = 1; ExpectIntEQ(wc_RsaDirect(flatC, flatCSz, out, &outSz, &key, RSA_PRIVATE_DECRYPT, &rng), RSA_OUT_OF_RANGE_E); if (EXPECT_SUCCESS()) { mp_int c; ExpectIntEQ(mp_init_copy(&c, &key.n), 0); ExpectIntEQ(mp_sub_d(&c, 1, &c), 0); ExpectIntEQ(mp_to_unsigned_bin(&c, flatC), 0); ExpectIntEQ(wc_RsaDirect(flatC, flatCSz, out, &outSz, &key, RSA_PRIVATE_DECRYPT, NULL), RSA_OUT_OF_RANGE_E); mp_clear(&c); } } DoExpectIntEQ(wc_FreeRsaKey(&key), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); #endif return EXPECT_RESULT(); } /* END test_wc_RsaDecryptBoundsCheck */ /* * Testing wc_SetKeyUsage() */ static int test_wc_SetKeyUsage(void) { EXPECT_DECLS; #if !defined(NO_RSA) && defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN) && !defined(HAVE_FIPS) Cert myCert; ExpectIntEQ(wc_InitCert(&myCert), 0); ExpectIntEQ(wc_SetKeyUsage(&myCert, "keyEncipherment,keyAgreement"), 0); ExpectIntEQ(wc_SetKeyUsage(&myCert, "digitalSignature,nonRepudiation"), 0); ExpectIntEQ(wc_SetKeyUsage(&myCert, "contentCommitment,encipherOnly"), 0); ExpectIntEQ(wc_SetKeyUsage(&myCert, "decipherOnly"), 0); ExpectIntEQ(wc_SetKeyUsage(&myCert, "cRLSign,keyCertSign"), 0); /* Test bad args. */ ExpectIntEQ(wc_SetKeyUsage(NULL, "decipherOnly"), BAD_FUNC_ARG); ExpectIntEQ(wc_SetKeyUsage(&myCert, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_SetKeyUsage(&myCert, ""), KEYUSAGE_E); ExpectIntEQ(wc_SetKeyUsage(&myCert, ","), KEYUSAGE_E); ExpectIntEQ(wc_SetKeyUsage(&myCert, "digitalSignature, cRLSign"), KEYUSAGE_E); #endif return EXPECT_RESULT(); } /* END test_wc_SetKeyUsage */ /* * Testing wc_CheckProbablePrime() */ static int test_wc_CheckProbablePrime(void) { EXPECT_DECLS; #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(HAVE_SELFTEST) && \ !defined(HAVE_FIPS) && defined(WC_RSA_BLINDING) #define CHECK_PROBABLE_PRIME_KEY_BITS 2048 RsaKey key; WC_RNG rng; byte e[3]; word32 eSz = (word32)sizeof(e); byte n[CHECK_PROBABLE_PRIME_KEY_BITS / 8]; word32 nSz = (word32)sizeof(n); byte d[CHECK_PROBABLE_PRIME_KEY_BITS / 8]; word32 dSz = (word32)sizeof(d); byte p[CHECK_PROBABLE_PRIME_KEY_BITS / 8 / 2]; word32 pSz = (word32)sizeof(p); byte q[CHECK_PROBABLE_PRIME_KEY_BITS / 8 / 2]; word32 qSz = (word32)sizeof(q); int nlen = CHECK_PROBABLE_PRIME_KEY_BITS; int* isPrime; int test[5]; isPrime = test; XMEMSET(&key, 0, sizeof(RsaKey)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_RsaSetRNG(&key, &rng), 0); ExpectIntEQ(wc_MakeRsaKey(&key, CHECK_PROBABLE_PRIME_KEY_BITS, WC_RSA_EXPONENT, &rng), 0); PRIVATE_KEY_UNLOCK(); ExpectIntEQ(wc_RsaExportKey(&key, e, &eSz, n, &nSz, d, &dSz, p, &pSz, q, &qSz), 0); PRIVATE_KEY_LOCK(); /* Bad cases */ ExpectIntEQ(wc_CheckProbablePrime(NULL, pSz, q, qSz, e, eSz, nlen, isPrime), BAD_FUNC_ARG); ExpectIntEQ(wc_CheckProbablePrime(p, 0, q, qSz, e, eSz, nlen, isPrime), BAD_FUNC_ARG); ExpectIntEQ(wc_CheckProbablePrime(p, pSz, NULL, qSz, e, eSz, nlen, isPrime), BAD_FUNC_ARG); ExpectIntEQ(wc_CheckProbablePrime(p, pSz, q, 0, e, eSz, nlen, isPrime), BAD_FUNC_ARG); ExpectIntEQ(wc_CheckProbablePrime(p, pSz, q, qSz, NULL, eSz, nlen, isPrime), BAD_FUNC_ARG); ExpectIntEQ(wc_CheckProbablePrime(p, pSz, q, qSz, e, 0, nlen, isPrime), BAD_FUNC_ARG); ExpectIntEQ(wc_CheckProbablePrime(NULL, 0, NULL, 0, NULL, 0, nlen, isPrime), BAD_FUNC_ARG); /* Good case */ ExpectIntEQ(wc_CheckProbablePrime(p, pSz, q, qSz, e, eSz, nlen, isPrime), 0); DoExpectIntEQ(wc_FreeRsaKey(&key), 0); wc_FreeRng(&rng); #undef CHECK_PROBABLE_PRIME_KEY_BITS #endif return EXPECT_RESULT(); } /* END test_wc_CheckProbablePrime */ /* * Testing wc_RsaPSS_Verify() */ static int test_wc_RsaPSS_Verify(void) { EXPECT_DECLS; #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(HAVE_SELFTEST) && \ !defined(HAVE_FIPS) && defined(WC_RSA_BLINDING) && defined(WC_RSA_PSS) RsaKey key; WC_RNG rng; int sz = 256; const char* szMessage = "This is the string to be signed"; unsigned char pSignature[2048/8]; /* 2048 is RSA_KEY_SIZE */ unsigned char pDecrypted[2048/8]; byte* pt = pDecrypted; word32 outLen = sizeof(pDecrypted); XMEMSET(&key, 0, sizeof(RsaKey)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_RsaSetRNG(&key, &rng), 0); ExpectIntEQ(wc_MakeRsaKey(&key, 2048, WC_RSA_EXPONENT, &rng), 0); ExpectIntGT(sz = wc_RsaPSS_Sign((byte*)szMessage, (word32)XSTRLEN(szMessage)+1, pSignature, sizeof(pSignature), WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key, &rng), 0); /* Bad cases */ ExpectIntEQ(wc_RsaPSS_Verify(NULL, sz, pt, outLen, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_RsaPSS_Verify(pSignature, 0, pt, outLen, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_RsaPSS_Verify(pSignature, sz, NULL, outLen, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_RsaPSS_Verify(NULL, 0, NULL, outLen, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG); /* Good case */ ExpectIntGT(wc_RsaPSS_Verify(pSignature, sz, pt, outLen, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), 0); DoExpectIntEQ(wc_FreeRsaKey(&key), 0); wc_FreeRng(&rng); #endif return EXPECT_RESULT(); } /* END test_wc_RsaPSS_Verify */ /* * Testing wc_RsaPSS_VerifyCheck() */ static int test_wc_RsaPSS_VerifyCheck(void) { EXPECT_DECLS; #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(HAVE_SELFTEST) && \ !defined(HAVE_FIPS) && defined(WC_RSA_BLINDING) && defined(WC_RSA_PSS) RsaKey key; WC_RNG rng; int sz = 256; /* 2048/8 */ byte digest[32]; word32 digestSz = sizeof(digest); unsigned char pSignature[2048/8]; /* 2048 is RSA_KEY_SIZE */ word32 pSignatureSz = sizeof(pSignature); unsigned char pDecrypted[2048/8]; byte* pt = pDecrypted; word32 outLen = sizeof(pDecrypted); XMEMSET(&key, 0, sizeof(RsaKey)); XMEMSET(&rng, 0, sizeof(WC_RNG)); XMEMSET(digest, 0, sizeof(digest)); XMEMSET(pSignature, 0, sizeof(pSignature)); ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_RsaSetRNG(&key, &rng), 0); ExpectIntEQ(wc_MakeRsaKey(&key, 2048, WC_RSA_EXPONENT, &rng), 0); ExpectTrue((digestSz = wc_HashGetDigestSize(WC_HASH_TYPE_SHA256)) > 0); ExpectIntEQ(wc_Hash(WC_HASH_TYPE_SHA256, pSignature, sz, digest, digestSz), 0); ExpectIntGT(sz = wc_RsaPSS_Sign(digest, digestSz, pSignature, pSignatureSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key, &rng), 0); /* Bad cases */ ExpectIntEQ(wc_RsaPSS_VerifyCheck(NULL, sz, pt, outLen, digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_RsaPSS_VerifyCheck(pSignature, 0, pt, outLen, digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_RsaPSS_VerifyCheck(pSignature, sz, NULL, outLen, digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_RsaPSS_VerifyCheck(NULL, 0, NULL, outLen, digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG); /* Good case */ ExpectIntGT(wc_RsaPSS_VerifyCheck(pSignature, sz, pt, outLen, digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), 0); ExpectIntEQ(wc_FreeRsaKey(&key), 0); wc_FreeRng(&rng); #endif return EXPECT_RESULT(); } /* END test_wc_RsaPSS_VerifyCheck */ /* * Testing wc_RsaPSS_VerifyCheckInline() */ static int test_wc_RsaPSS_VerifyCheckInline(void) { EXPECT_DECLS; #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(HAVE_SELFTEST) && \ !defined(HAVE_FIPS) && defined(WC_RSA_BLINDING) && defined(WC_RSA_PSS) RsaKey key; WC_RNG rng; int sz = 256; byte digest[32]; word32 digestSz = sizeof(digest); unsigned char pSignature[2048/8]; /* 2048 is RSA_KEY_SIZE */ unsigned char pDecrypted[2048/8]; byte* pt = pDecrypted; XMEMSET(&key, 0, sizeof(RsaKey)); XMEMSET(&rng, 0, sizeof(WC_RNG)); XMEMSET(digest, 0, sizeof(digest)); XMEMSET(pSignature, 0, sizeof(pSignature)); ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_RsaSetRNG(&key, &rng), 0); ExpectIntEQ(wc_MakeRsaKey(&key, 2048, WC_RSA_EXPONENT, &rng), 0); ExpectTrue((digestSz = wc_HashGetDigestSize(WC_HASH_TYPE_SHA256)) > 0); ExpectIntEQ(wc_Hash(WC_HASH_TYPE_SHA256, pSignature, sz, digest, digestSz), 0); ExpectIntGT(sz = wc_RsaPSS_Sign(digest, digestSz, pSignature, sizeof(pSignature), WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key, &rng), 0); /* Bad Cases */ ExpectIntEQ(wc_RsaPSS_VerifyCheckInline(NULL, sz, &pt, digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_RsaPSS_VerifyCheckInline(pSignature, 0, NULL, digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_RsaPSS_VerifyCheckInline(NULL, 0, &pt, digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_RsaPSS_VerifyCheckInline(pSignature, sz, &pt, digest, digestSz, WC_HASH_TYPE_SHA, WC_MGF1SHA256, &key), BAD_FUNC_ARG); /* Good case */ ExpectIntGT(wc_RsaPSS_VerifyCheckInline(pSignature, sz, &pt, digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), 0); DoExpectIntEQ(wc_FreeRsaKey(&key), 0); wc_FreeRng(&rng); #endif return EXPECT_RESULT(); } /* END test_wc_RsaPSS_VerifyCheckInline */ #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) static void sample_mutex_cb (int flag, int type, const char* file, int line) { (void)flag; (void)type; (void)file; (void)line; } #endif /* * Testing wc_LockMutex_ex */ static int test_wc_LockMutex_ex(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) int flag = CRYPTO_LOCK; int type = 0; const char* file = "./test-LockMutex_ex.txt"; int line = 0; /* without SetMutexCb */ ExpectIntEQ(wc_LockMutex_ex(flag, type, file, line), BAD_STATE_E); /* with SetMutexCb */ ExpectIntEQ(wc_SetMutexCb(sample_mutex_cb), 0); ExpectIntEQ(wc_LockMutex_ex(flag, type, file, line), 0); ExpectIntEQ(wc_SetMutexCb(NULL), 0); #endif return EXPECT_RESULT(); } /* End test_wc_LockMutex_ex*/ /* * Testing wc_SetMutexCb */ static int test_wc_SetMutexCb(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) ExpectIntEQ(wc_SetMutexCb(sample_mutex_cb), 0); ExpectIntEQ(wc_SetMutexCb(NULL), 0); #endif return EXPECT_RESULT(); } /* End test_wc_SetMutexCb*/ /* * Testing wc_RsaKeyToDer() */ static int test_wc_RsaKeyToDer(void) { EXPECT_DECLS; #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) RsaKey genKey; WC_RNG rng; byte* der = NULL; #if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4)) int bits = 1024; word32 derSz = 611; /* (2 x 128) + 2 (possible leading 00) + (5 x 64) + 5 (possible leading 00) + 3 (e) + 8 (ASN tag) + 10 (ASN length) + 4 seqSz + 3 version */ #else int bits = 2048; word32 derSz = 1196; /* (2 x 256) + 2 (possible leading 00) + (5 x 128) + 5 (possible leading 00) + 3 (e) + 8 (ASN tag) + 17 (ASN length) + 4 seqSz + 3 version */ #endif XMEMSET(&rng, 0, sizeof(rng)); XMEMSET(&genKey, 0, sizeof(genKey)); ExpectNotNull(der = (byte*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_TMP_BUFFER)); /* Init structures. */ ExpectIntEQ(wc_InitRsaKey(&genKey, HEAP_HINT), 0); ExpectIntEQ(wc_InitRng(&rng), 0); /* Make key. */ ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, WC_RSA_EXPONENT, &rng), 0); ExpectIntGT(wc_RsaKeyToDer(&genKey, der, derSz), 0); /* Pass good/bad args. */ ExpectIntEQ(wc_RsaKeyToDer(NULL, der, FOURK_BUF), BAD_FUNC_ARG); /* Get just the output length */ ExpectIntGT(wc_RsaKeyToDer(&genKey, NULL, 0), 0); /* Try Public Key. */ genKey.type = 0; ExpectIntEQ(wc_RsaKeyToDer(&genKey, der, FOURK_BUF), BAD_FUNC_ARG); #ifdef WOLFSSL_CHECK_MEM_ZERO /* Put back to Private Key */ genKey.type = 1; #endif XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); DoExpectIntEQ(wc_FreeRsaKey(&genKey), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); #endif return EXPECT_RESULT(); } /* END test_wc_RsaKeyToDer */ /* * Testing wc_RsaKeyToPublicDer() */ static int test_wc_RsaKeyToPublicDer(void) { EXPECT_DECLS; #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) RsaKey key; WC_RNG rng; byte* der = NULL; #if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4)) int bits = 1024; word32 derLen = 162; #else int bits = 2048; word32 derLen = 294; #endif int ret; XMEMSET(&rng, 0, sizeof(rng)); XMEMSET(&key, 0, sizeof(key)); ExpectNotNull(der = (byte*)XMALLOC(derLen, NULL, DYNAMIC_TYPE_TMP_BUFFER)); ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng), 0); /* test getting size only */ ExpectIntGT(wc_RsaKeyToPublicDer(&key, NULL, derLen), 0); ExpectIntGT(wc_RsaKeyToPublicDer(&key, der, derLen), 0); /* test getting size only */ ExpectIntGT(wc_RsaKeyToPublicDer_ex(&key, NULL, derLen, 0), 0); ExpectIntGT(wc_RsaKeyToPublicDer_ex(&key, der, derLen, 0), 0); /* Pass in bad args. */ ExpectIntEQ(wc_RsaKeyToPublicDer(NULL, der, derLen), BAD_FUNC_ARG); ExpectIntLT(ret = wc_RsaKeyToPublicDer(&key, der, -1), 0); ExpectTrue((ret == BUFFER_E) || (ret == BAD_FUNC_ARG)); XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); DoExpectIntEQ(wc_FreeRsaKey(&key), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); #endif return EXPECT_RESULT(); } /* END test_wc_RsaKeyToPublicDer */ /* * Testing wc_RsaPublicEncrypt() and wc_RsaPrivateDecrypt() */ static int test_wc_RsaPublicEncryptDecrypt(void) { EXPECT_DECLS; #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) RsaKey key; WC_RNG rng; const char inStr[] = TEST_STRING; const word32 plainLen = (word32)TEST_STRING_SZ; const word32 inLen = (word32)TEST_STRING_SZ; int bits = TEST_RSA_BITS; const word32 cipherLen = TEST_RSA_BYTES; word32 cipherLenResult = cipherLen; WC_DECLARE_VAR(in, byte, TEST_STRING_SZ, NULL); WC_DECLARE_VAR(plain, byte, TEST_STRING_SZ, NULL); WC_DECLARE_VAR(cipher, byte, TEST_RSA_BYTES, NULL); WC_ALLOC_VAR(in, byte, TEST_STRING_SZ, NULL); WC_ALLOC_VAR(plain, byte, TEST_STRING_SZ, NULL); WC_ALLOC_VAR(cipher, byte, TEST_RSA_BYTES, NULL); #ifdef WC_DECLARE_VAR_IS_HEAP_ALLOC ExpectNotNull(in); ExpectNotNull(plain); ExpectNotNull(cipher); #endif ExpectNotNull(XMEMCPY(in, inStr, inLen)); /* Initialize stack structures. */ XMEMSET(&key, 0, sizeof(RsaKey)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng), 0); /* Encrypt. */ ExpectIntGT(cipherLenResult = wc_RsaPublicEncrypt(in, inLen, cipher, cipherLen, &key, &rng), 0); /* Pass bad args - tested in another testing function.*/ /* Decrypt */ #if defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS) /* Bind rng */ ExpectIntEQ(wc_RsaSetRNG(&key, &rng), 0); #endif ExpectIntGE(wc_RsaPrivateDecrypt(cipher, cipherLenResult, plain, plainLen, &key), 0); ExpectIntEQ(XMEMCMP(plain, inStr, plainLen), 0); /* Pass bad args - tested in another testing function.*/ WC_FREE_VAR(in, NULL); WC_FREE_VAR(plain, NULL); WC_FREE_VAR(cipher, NULL); DoExpectIntEQ(wc_FreeRsaKey(&key), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); #endif return EXPECT_RESULT(); } /* END test_wc_RsaPublicEncryptDecrypt */ /* * Testing wc_RsaPrivateDecrypt_ex() and wc_RsaPrivateDecryptInline_ex() */ static int test_wc_RsaPublicEncryptDecrypt_ex(void) { EXPECT_DECLS; #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(HAVE_FIPS)\ && !defined(WC_NO_RSA_OAEP) && !defined(NO_SHA256) RsaKey key; WC_RNG rng; const char inStr[] = TEST_STRING; const word32 inLen = (word32)TEST_STRING_SZ; const word32 plainSz = (word32)TEST_STRING_SZ; byte* res = NULL; int idx = 0; int bits = TEST_RSA_BITS; const word32 cipherSz = TEST_RSA_BYTES; WC_DECLARE_VAR(in, byte, TEST_STRING_SZ, NULL); WC_DECLARE_VAR(plain, byte, TEST_STRING_SZ, NULL); WC_DECLARE_VAR(cipher, byte, TEST_RSA_BYTES, NULL); WC_ALLOC_VAR(in, byte, TEST_STRING_SZ, NULL); WC_ALLOC_VAR(plain, byte, TEST_STRING_SZ, NULL); WC_ALLOC_VAR(cipher, byte, TEST_RSA_BYTES, NULL); #ifdef WC_DECLARE_VAR_IS_HEAP_ALLOC ExpectNotNull(in); ExpectNotNull(plain); ExpectNotNull(cipher); #endif ExpectNotNull(XMEMCPY(in, inStr, inLen)); /* Initialize stack structures. */ XMEMSET(&key, 0, sizeof(RsaKey)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_InitRsaKey_ex(&key, HEAP_HINT, INVALID_DEVID), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng), 0); /* Encrypt */ ExpectIntGE(idx = wc_RsaPublicEncrypt_ex(in, inLen, cipher, cipherSz, &key, &rng, WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, NULL, 0), 0); /* Pass bad args - tested in another testing function.*/ #ifndef WOLFSSL_RSA_PUBLIC_ONLY /* Decrypt */ #if defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS) ExpectIntEQ(wc_RsaSetRNG(&key, &rng), 0); #endif ExpectIntGE(wc_RsaPrivateDecrypt_ex(cipher, (word32)idx, plain, plainSz, &key, WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, NULL, 0), 0); ExpectIntEQ(XMEMCMP(plain, inStr, plainSz), 0); /* Pass bad args - tested in another testing function.*/ ExpectIntGE(wc_RsaPrivateDecryptInline_ex(cipher, (word32)idx, &res, &key, WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, NULL, 0), 0); ExpectIntEQ(XMEMCMP(inStr, res, plainSz), 0); #endif WC_FREE_VAR(in, NULL); WC_FREE_VAR(plain, NULL); WC_FREE_VAR(cipher, NULL); DoExpectIntEQ(wc_FreeRsaKey(&key), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); #endif return EXPECT_RESULT(); } /* END test_wc_RsaPublicEncryptDecrypt_ex */ /* * Tesing wc_RsaSSL_Sign() and wc_RsaSSL_Verify() */ static int test_wc_RsaSSL_SignVerify(void) { EXPECT_DECLS; #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) RsaKey key; WC_RNG rng; const char inStr[] = TEST_STRING; const word32 plainSz = (word32)TEST_STRING_SZ; const word32 inLen = (word32)TEST_STRING_SZ; word32 idx = 0; int bits = TEST_RSA_BITS; const word32 outSz = TEST_RSA_BYTES; WC_DECLARE_VAR(in, byte, TEST_STRING_SZ, NULL); WC_DECLARE_VAR(out, byte, TEST_RSA_BYTES, NULL); WC_DECLARE_VAR(plain, byte, TEST_STRING_SZ, NULL); WC_ALLOC_VAR(in, byte, TEST_STRING_SZ, NULL); WC_ALLOC_VAR(out, byte, TEST_RSA_BYTES, NULL); WC_ALLOC_VAR(plain, byte, TEST_STRING_SZ, NULL); #ifdef WC_DECLARE_VAR_IS_HEAP_ALLOC ExpectNotNull(in); ExpectNotNull(out); ExpectNotNull(plain); #endif ExpectNotNull(XMEMCPY(in, inStr, inLen)); XMEMSET(&key, 0, sizeof(RsaKey)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng), 0); /* Sign. */ ExpectIntEQ(wc_RsaSSL_Sign(in, inLen, out, outSz, &key, &rng), (int)outSz); idx = (int)outSz; /* Test bad args. */ ExpectIntEQ(wc_RsaSSL_Sign(NULL, inLen, out, outSz, &key, &rng), BAD_FUNC_ARG); ExpectIntEQ(wc_RsaSSL_Sign(in, 0, out, outSz, &key, &rng), BAD_FUNC_ARG); ExpectIntEQ(wc_RsaSSL_Sign(in, inLen, NULL, outSz, &key, &rng), BAD_FUNC_ARG); ExpectIntEQ(wc_RsaSSL_Sign(in, inLen, out, outSz, NULL, &rng), BAD_FUNC_ARG); /* Verify. */ ExpectIntEQ(wc_RsaSSL_Verify(out, idx, plain, plainSz, &key), (int)inLen); /* Pass bad args. */ ExpectIntEQ(wc_RsaSSL_Verify(NULL, idx, plain, plainSz, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_RsaSSL_Verify(out, 0, plain, plainSz, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_RsaSSL_Verify(out, idx, NULL, plainSz, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_RsaSSL_Verify(out, idx, plain, plainSz, NULL), BAD_FUNC_ARG); WC_FREE_VAR(in, NULL); WC_FREE_VAR(out, NULL); WC_FREE_VAR(plain, NULL); DoExpectIntEQ(wc_FreeRsaKey(&key), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); #endif return EXPECT_RESULT(); } /* END test_wc_RsaSSL_SignVerify */ /* * Testing wc_RsaEncryptSize() */ static int test_wc_RsaEncryptSize(void) { EXPECT_DECLS; #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) RsaKey key; WC_RNG rng; XMEMSET(&key, 0, sizeof(RsaKey)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0); ExpectIntEQ(wc_InitRng(&rng), 0); #if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4)) ExpectIntEQ(MAKE_RSA_KEY(&key, 1024, WC_RSA_EXPONENT, &rng), 0); ExpectIntEQ(wc_RsaEncryptSize(&key), 128); DoExpectIntEQ(wc_FreeRsaKey(&key), 0); #endif ExpectIntEQ(MAKE_RSA_KEY(&key, 2048, WC_RSA_EXPONENT, &rng), 0); ExpectIntEQ(wc_RsaEncryptSize(&key), 256); /* Pass in bad arg. */ ExpectIntEQ(wc_RsaEncryptSize(NULL), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRsaKey(&key), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); #endif return EXPECT_RESULT(); } /* END test_wc_RsaEncryptSize*/ /* * Testing wc_RsaFlattenPublicKey() */ static int test_wc_RsaFlattenPublicKey(void) { EXPECT_DECLS; #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) RsaKey key; WC_RNG rng; byte e[256]; byte n[256]; word32 eSz = sizeof(e); word32 nSz = sizeof(n); #if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4)) int bits = 1024; #else int bits = 2048; #endif XMEMSET(&key, 0, sizeof(RsaKey)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng), 0); ExpectIntEQ(wc_RsaFlattenPublicKey(&key, e, &eSz, n, &nSz), 0); /* Pass bad args. */ ExpectIntEQ(wc_RsaFlattenPublicKey(NULL, e, &eSz, n, &nSz), BAD_FUNC_ARG); ExpectIntEQ(wc_RsaFlattenPublicKey(&key, NULL, &eSz, n, &nSz), BAD_FUNC_ARG); ExpectIntEQ(wc_RsaFlattenPublicKey(&key, e, NULL, n, &nSz), BAD_FUNC_ARG); ExpectIntEQ(wc_RsaFlattenPublicKey(&key, e, &eSz, NULL, &nSz), BAD_FUNC_ARG); ExpectIntEQ(wc_RsaFlattenPublicKey(&key, e, &eSz, n, NULL), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRsaKey(&key), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); #endif return EXPECT_RESULT(); } /* END test_wc_RsaFlattenPublicKey */ /* * unit test for wc_AesCcmSetKey */ static int test_wc_AesCcmSetKey(void) { EXPECT_DECLS; #ifdef HAVE_AESCCM Aes aes; const byte key16[] = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf }; const byte key24[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37 }; const byte key32[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66 }; XMEMSET(&aes, 0, sizeof(Aes)); ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0); #ifdef WOLFSSL_AES_128 ExpectIntEQ(wc_AesCcmSetKey(&aes, key16, sizeof(key16)), 0); #endif #ifdef WOLFSSL_AES_192 ExpectIntEQ(wc_AesCcmSetKey(&aes, key24, sizeof(key24)), 0); #endif #ifdef WOLFSSL_AES_256 ExpectIntEQ(wc_AesCcmSetKey(&aes, key32, sizeof(key32)), 0); #endif /* Test bad args. */ ExpectIntEQ(wc_AesCcmSetKey(&aes, key16, sizeof(key16) - 1), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCcmSetKey(&aes, key24, sizeof(key24) - 1), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCcmSetKey(&aes, key32, sizeof(key32) - 1), BAD_FUNC_ARG); wc_AesFree(&aes); #endif return EXPECT_RESULT(); } /* END test_wc_AesCcmSetKey */ /* * Unit test function for wc_AesCcmEncrypt and wc_AesCcmDecrypt */ static int test_wc_AesCcmEncryptDecrypt(void) { EXPECT_DECLS; #if defined(HAVE_AESCCM) && defined(WOLFSSL_AES_128) Aes aes; const byte key16[] = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf }; /* plaintext */ const byte plainT[] = { 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e }; /* nonce */ const byte iv[] = { 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5 }; const byte c[] = { /* cipher text. */ 0x58, 0x8c, 0x97, 0x9a, 0x61, 0xc6, 0x63, 0xd2, 0xf0, 0x66, 0xd0, 0xc2, 0xc0, 0xf9, 0x89, 0x80, 0x6d, 0x5f, 0x6b, 0x61, 0xda, 0xc3, 0x84 }; const byte t[] = { /* Auth tag */ 0x17, 0xe8, 0xd1, 0x2c, 0xfd, 0xf9, 0x26, 0xe0 }; const byte authIn[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }; byte cipherOut[sizeof(plainT)]; byte authTag[sizeof(t)]; #ifdef HAVE_AES_DECRYPT byte plainOut[sizeof(cipherOut)]; #endif XMEMSET(&aes, 0, sizeof(Aes)); ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0); ExpectIntEQ(wc_AesCcmSetKey(&aes, key16, sizeof(key16)), 0); ExpectIntEQ(wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut), iv, sizeof(iv), authTag, sizeof(authTag), authIn , sizeof(authIn)), 0); ExpectIntEQ(XMEMCMP(cipherOut, c, sizeof(c)), 0); ExpectIntEQ(XMEMCMP(t, authTag, sizeof(t)), 0); #ifdef HAVE_AES_DECRYPT ExpectIntEQ(wc_AesCcmDecrypt(&aes, plainOut, cipherOut, sizeof(plainOut), iv, sizeof(iv), authTag, sizeof(authTag), authIn, sizeof(authIn)), 0); ExpectIntEQ(XMEMCMP(plainOut, plainT, sizeof(plainT)), 0); #endif /* Pass in bad args. Encrypt*/ ExpectIntEQ(wc_AesCcmEncrypt(NULL, cipherOut, plainT, sizeof(cipherOut), iv, sizeof(iv), authTag, sizeof(authTag), authIn , sizeof(authIn)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCcmEncrypt(&aes, NULL, plainT, sizeof(cipherOut), iv, sizeof(iv), authTag, sizeof(authTag), authIn , sizeof(authIn)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCcmEncrypt(&aes, cipherOut, NULL, sizeof(cipherOut), iv, sizeof(iv), authTag, sizeof(authTag), authIn , sizeof(authIn)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut), NULL, sizeof(iv), authTag, sizeof(authTag), authIn , sizeof(authIn)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut), iv, sizeof(iv), NULL, sizeof(authTag), authIn , sizeof(authIn)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut), iv, sizeof(iv) + 1, authTag, sizeof(authTag), authIn , sizeof(authIn)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut), iv, sizeof(iv) - 7, authTag, sizeof(authTag), authIn , sizeof(authIn)), BAD_FUNC_ARG); #ifdef HAVE_AES_DECRYPT /* Pass in bad args. Decrypt*/ ExpectIntEQ(wc_AesCcmDecrypt(NULL, plainOut, cipherOut, sizeof(plainOut), iv, sizeof(iv), authTag, sizeof(authTag), authIn, sizeof(authIn)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCcmDecrypt(&aes, NULL, cipherOut, sizeof(plainOut), iv, sizeof(iv), authTag, sizeof(authTag), authIn, sizeof(authIn)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCcmDecrypt(&aes, plainOut, NULL, sizeof(plainOut), iv, sizeof(iv), authTag, sizeof(authTag), authIn, sizeof(authIn)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCcmDecrypt(&aes, plainOut, cipherOut, sizeof(plainOut), NULL, sizeof(iv), authTag, sizeof(authTag), authIn, sizeof(authIn)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCcmDecrypt(&aes, plainOut, cipherOut, sizeof(plainOut), iv, sizeof(iv), NULL, sizeof(authTag), authIn, sizeof(authIn)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCcmDecrypt(&aes, plainOut, cipherOut, sizeof(plainOut), iv, sizeof(iv) + 1, authTag, sizeof(authTag), authIn, sizeof(authIn)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesCcmDecrypt(&aes, plainOut, cipherOut, sizeof(plainOut), iv, sizeof(iv) - 7, authTag, sizeof(authTag), authIn, sizeof(authIn)), BAD_FUNC_ARG); #endif wc_AesFree(&aes); #endif /* HAVE_AESCCM */ return EXPECT_RESULT(); } /* END test_wc_AesCcmEncryptDecrypt */ #if defined(WOLFSSL_AES_EAX) && \ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST) /* * Testing test_wc_AesEaxVectors() */ static int test_wc_AesEaxVectors(void) { EXPECT_DECLS; typedef struct { byte key[AES_256_KEY_SIZE]; int key_length; byte iv[AES_BLOCK_SIZE]; int iv_length; byte aad[AES_BLOCK_SIZE * 2]; int aad_length; byte msg[AES_BLOCK_SIZE * 5]; int msg_length; byte ct[AES_BLOCK_SIZE * 5]; int ct_length; byte tag[AES_BLOCK_SIZE]; int tag_length; int valid; } AadVector; /* Test vectors obtained from Google wycheproof project * https://github.com/google/wycheproof * from testvectors/aes_eax_test.json */ const AadVector vectors[] = { { /* key, key length */ {0x23, 0x39, 0x52, 0xde, 0xe4, 0xd5, 0xed, 0x5f, 0x9b, 0x9c, 0x6d, 0x6f, 0xf8, 0x0f, 0xf4, 0x78}, 16, /* iv, iv length */ {0x62, 0xec, 0x67, 0xf9, 0xc3, 0xa4, 0xa4, 0x07, 0xfc, 0xb2, 0xa8, 0xc4, 0x90, 0x31, 0xa8, 0xb3}, 16, /* aad, aad length */ {0x6b, 0xfb, 0x91, 0x4f, 0xd0, 0x7e, 0xae, 0x6b}, 8, /* msg, msg length */ {0x00}, 0, /* ct, ct length */ {0x00}, 0, /* tag, tag length */ {0xe0, 0x37, 0x83, 0x0e, 0x83, 0x89, 0xf2, 0x7b, 0x02, 0x5a, 0x2d, 0x65, 0x27, 0xe7, 0x9d, 0x01}, 16, /* valid */ 1, }, { /* key, key length */ {0x91, 0x94, 0x5d, 0x3f, 0x4d, 0xcb, 0xee, 0x0b, 0xf4, 0x5e, 0xf5, 0x22, 0x55, 0xf0, 0x95, 0xa4}, 16, /* iv, iv length */ {0xbe, 0xca, 0xf0, 0x43, 0xb0, 0xa2, 0x3d, 0x84, 0x31, 0x94, 0xba, 0x97, 0x2c, 0x66, 0xde, 0xbd}, 16, /* aad, aad length */ {0xfa, 0x3b, 0xfd, 0x48, 0x06, 0xeb, 0x53, 0xfa}, 8, /* msg, msg length */ {0xf7, 0xfb}, 2, /* ct, ct length */ {0x19, 0xdd}, 2, /* tag, tag length */ {0x5c, 0x4c, 0x93, 0x31, 0x04, 0x9d, 0x0b, 0xda, 0xb0, 0x27, 0x74, 0x08, 0xf6, 0x79, 0x67, 0xe5}, 16, /* valid */ 1, }, { /* key, key length */ {0x01, 0xf7, 0x4a, 0xd6, 0x40, 0x77, 0xf2, 0xe7, 0x04, 0xc0, 0xf6, 0x0a, 0xda, 0x3d, 0xd5, 0x23}, 16, /* iv, iv length */ {0x70, 0xc3, 0xdb, 0x4f, 0x0d, 0x26, 0x36, 0x84, 0x00, 0xa1, 0x0e, 0xd0, 0x5d, 0x2b, 0xff, 0x5e}, 16, /* aad, aad length */ {0x23, 0x4a, 0x34, 0x63, 0xc1, 0x26, 0x4a, 0xc6}, 8, /* msg, msg length */ {0x1a, 0x47, 0xcb, 0x49, 0x33}, 5, /* ct, ct length */ {0xd8, 0x51, 0xd5, 0xba, 0xe0}, 5, /* tag, tag length */ {0x3a, 0x59, 0xf2, 0x38, 0xa2, 0x3e, 0x39, 0x19, 0x9d, 0xc9, 0x26, 0x66, 0x26, 0xc4, 0x0f, 0x80}, 16, /* valid */ 1, }, { /* key, key length */ {0xd0, 0x7c, 0xf6, 0xcb, 0xb7, 0xf3, 0x13, 0xbd, 0xde, 0x66, 0xb7, 0x27, 0xaf, 0xd3, 0xc5, 0xe8}, 16, /* iv, iv length */ {0x84, 0x08, 0xdf, 0xff, 0x3c, 0x1a, 0x2b, 0x12, 0x92, 0xdc, 0x19, 0x9e, 0x46, 0xb7, 0xd6, 0x17}, 16, /* aad, aad length */ {0x33, 0xcc, 0xe2, 0xea, 0xbf, 0xf5, 0xa7, 0x9d}, 8, /* msg, msg length */ {0x48, 0x1c, 0x9e, 0x39, 0xb1}, 5, /* ct, ct length */ {0x63, 0x2a, 0x9d, 0x13, 0x1a}, 5, /* tag, tag length */ {0xd4, 0xc1, 0x68, 0xa4, 0x22, 0x5d, 0x8e, 0x1f, 0xf7, 0x55, 0x93, 0x99, 0x74, 0xa7, 0xbe, 0xde}, 16, /* valid */ 1, }, { /* key, key length */ {0x35, 0xb6, 0xd0, 0x58, 0x00, 0x05, 0xbb, 0xc1, 0x2b, 0x05, 0x87, 0x12, 0x45, 0x57, 0xd2, 0xc2}, 16, /* iv, iv length */ {0xfd, 0xb6, 0xb0, 0x66, 0x76, 0xee, 0xdc, 0x5c, 0x61, 0xd7, 0x42, 0x76, 0xe1, 0xf8, 0xe8, 0x16}, 16, /* aad, aad length */ {0xae, 0xb9, 0x6e, 0xae, 0xbe, 0x29, 0x70, 0xe9}, 8, /* msg, msg length */ {0x40, 0xd0, 0xc0, 0x7d, 0xa5, 0xe4}, 6, /* ct, ct length */ {0x07, 0x1d, 0xfe, 0x16, 0xc6, 0x75}, 6, /* tag, tag length */ {0xcb, 0x06, 0x77, 0xe5, 0x36, 0xf7, 0x3a, 0xfe, 0x6a, 0x14, 0xb7, 0x4e, 0xe4, 0x98, 0x44, 0xdd}, 16, /* valid */ 1, }, { /* key, key length */ {0xbd, 0x8e, 0x6e, 0x11, 0x47, 0x5e, 0x60, 0xb2, 0x68, 0x78, 0x4c, 0x38, 0xc6, 0x2f, 0xeb, 0x22}, 16, /* iv, iv length */ {0x6e, 0xac, 0x5c, 0x93, 0x07, 0x2d, 0x8e, 0x85, 0x13, 0xf7, 0x50, 0x93, 0x5e, 0x46, 0xda, 0x1b}, 16, /* aad, aad length */ {0xd4, 0x48, 0x2d, 0x1c, 0xa7, 0x8d, 0xce, 0x0f}, 8, /* msg, msg length */ {0x4d, 0xe3, 0xb3, 0x5c, 0x3f, 0xc0, 0x39, 0x24, 0x5b, 0xd1, 0xfb, 0x7d}, 12, /* ct, ct length */ {0x83, 0x5b, 0xb4, 0xf1, 0x5d, 0x74, 0x3e, 0x35, 0x0e, 0x72, 0x84, 0x14}, 12, /* tag, tag length */ {0xab, 0xb8, 0x64, 0x4f, 0xd6, 0xcc, 0xb8, 0x69, 0x47, 0xc5, 0xe1, 0x05, 0x90, 0x21, 0x0a, 0x4f}, 16, /* valid */ 1, }, { /* key, key length */ {0x7c, 0x77, 0xd6, 0xe8, 0x13, 0xbe, 0xd5, 0xac, 0x98, 0xba, 0xa4, 0x17, 0x47, 0x7a, 0x2e, 0x7d}, 16, /* iv, iv length */ {0x1a, 0x8c, 0x98, 0xdc, 0xd7, 0x3d, 0x38, 0x39, 0x3b, 0x2b, 0xf1, 0x56, 0x9d, 0xee, 0xfc, 0x19}, 16, /* aad, aad length */ {0x65, 0xd2, 0x01, 0x79, 0x90, 0xd6, 0x25, 0x28}, 8, /* msg, msg length */ {0x8b, 0x0a, 0x79, 0x30, 0x6c, 0x9c, 0xe7, 0xed, 0x99, 0xda, 0xe4, 0xf8, 0x7f, 0x8d, 0xd6, 0x16, 0x36}, 17, /* ct, ct length */ {0x02, 0x08, 0x3e, 0x39, 0x79, 0xda, 0x01, 0x48, 0x12, 0xf5, 0x9f, 0x11, 0xd5, 0x26, 0x30, 0xda, 0x30}, 17, /* tag, tag length */ {0x13, 0x73, 0x27, 0xd1, 0x06, 0x49, 0xb0, 0xaa, 0x6e, 0x1c, 0x18, 0x1d, 0xb6, 0x17, 0xd7, 0xf2}, 16, /* valid */ 1, }, { /* key, key length */ {0x5f, 0xff, 0x20, 0xca, 0xfa, 0xb1, 0x19, 0xca, 0x2f, 0xc7, 0x35, 0x49, 0xe2, 0x0f, 0x5b, 0x0d}, 16, /* iv, iv length */ {0xdd, 0xe5, 0x9b, 0x97, 0xd7, 0x22, 0x15, 0x6d, 0x4d, 0x9a, 0xff, 0x2b, 0xc7, 0x55, 0x98, 0x26}, 16, /* aad, aad length */ {0x54, 0xb9, 0xf0, 0x4e, 0x6a, 0x09, 0x18, 0x9a}, 8, /* msg, msg length */ {0x1b, 0xda, 0x12, 0x2b, 0xce, 0x8a, 0x8d, 0xba, 0xf1, 0x87, 0x7d, 0x96, 0x2b, 0x85, 0x92, 0xdd, 0x2d, 0x56}, 18, /* ct, ct length */ {0x2e, 0xc4, 0x7b, 0x2c, 0x49, 0x54, 0xa4, 0x89, 0xaf, 0xc7, 0xba, 0x48, 0x97, 0xed, 0xcd, 0xae, 0x8c, 0xc3}, 18, /* tag, tag length */ {0x3b, 0x60, 0x45, 0x05, 0x99, 0xbd, 0x02, 0xc9, 0x63, 0x82, 0x90, 0x2a, 0xef, 0x7f, 0x83, 0x2a}, 16, /* valid */ 1, }, { /* key, key length */ {0xa4, 0xa4, 0x78, 0x2b, 0xcf, 0xfd, 0x3e, 0xc5, 0xe7, 0xef, 0x6d, 0x8c, 0x34, 0xa5, 0x61, 0x23}, 16, /* iv, iv length */ {0xb7, 0x81, 0xfc, 0xf2, 0xf7, 0x5f, 0xa5, 0xa8, 0xde, 0x97, 0xa9, 0xca, 0x48, 0xe5, 0x22, 0xec}, 16, /* aad, aad length */ {0x89, 0x9a, 0x17, 0x58, 0x97, 0x56, 0x1d, 0x7e}, 8, /* msg, msg length */ {0x6c, 0xf3, 0x67, 0x20, 0x87, 0x2b, 0x85, 0x13, 0xf6, 0xea, 0xb1, 0xa8, 0xa4, 0x44, 0x38, 0xd5, 0xef, 0x11}, 18, /* ct, ct length */ {0x0d, 0xe1, 0x8f, 0xd0, 0xfd, 0xd9, 0x1e, 0x7a, 0xf1, 0x9f, 0x1d, 0x8e, 0xe8, 0x73, 0x39, 0x38, 0xb1, 0xe8}, 18, /* tag, tag length */ {0xe7, 0xf6, 0xd2, 0x23, 0x16, 0x18, 0x10, 0x2f, 0xdb, 0x7f, 0xe5, 0x5f, 0xf1, 0x99, 0x17, 0x00}, 16, /* valid */ 1, }, { /* key, key length */ {0x83, 0x95, 0xfc, 0xf1, 0xe9, 0x5b, 0xeb, 0xd6, 0x97, 0xbd, 0x01, 0x0b, 0xc7, 0x66, 0xaa, 0xc3}, 16, /* iv, iv length */ {0x22, 0xe7, 0xad, 0xd9, 0x3c, 0xfc, 0x63, 0x93, 0xc5, 0x7e, 0xc0, 0xb3, 0xc1, 0x7d, 0x6b, 0x44}, 16, /* aad, aad length */ {0x12, 0x67, 0x35, 0xfc, 0xc3, 0x20, 0xd2, 0x5a}, 8, /* msg, msg length */ {0xca, 0x40, 0xd7, 0x44, 0x6e, 0x54, 0x5f, 0xfa, 0xed, 0x3b, 0xd1, 0x2a, 0x74, 0x0a, 0x65, 0x9f, 0xfb, 0xbb, 0x3c, 0xea, 0xb7}, 21, /* ct, ct length */ {0xcb, 0x89, 0x20, 0xf8, 0x7a, 0x6c, 0x75, 0xcf, 0xf3, 0x96, 0x27, 0xb5, 0x6e, 0x3e, 0xd1, 0x97, 0xc5, 0x52, 0xd2, 0x95, 0xa7}, 21, /* tag, tag length */ {0xcf, 0xc4, 0x6a, 0xfc, 0x25, 0x3b, 0x46, 0x52, 0xb1, 0xaf, 0x37, 0x95, 0xb1, 0x24, 0xab, 0x6e}, 16, /* valid */ 1, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x3c, 0x8c, 0xc2, 0x97, 0x0a, 0x00, 0x8f, 0x75, 0xcc, 0x5b, 0xea, 0xe2, 0x84, 0x72, 0x58, 0xc2}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32, /* ct, ct length */ {0x3c, 0x44, 0x1f, 0x32, 0xce, 0x07, 0x82, 0x23, 0x64, 0xd7, 0xa2, 0x99, 0x0e, 0x50, 0xbb, 0x13, 0xd7, 0xb0, 0x2a, 0x26, 0x96, 0x9e, 0x4a, 0x93, 0x7e, 0x5e, 0x90, 0x73, 0xb0, 0xd9, 0xc9, 0x68}, 32, /* tag, tag length */ {0xdb, 0x90, 0xbd, 0xb3, 0xda, 0x3d, 0x00, 0xaf, 0xd0, 0xfc, 0x6a, 0x83, 0x55, 0x1d, 0xa9, 0x5e}, 16, /* valid */ 1, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0xae, 0xf0, 0x3d, 0x00, 0x59, 0x84, 0x94, 0xe9, 0xfb, 0x03, 0xcd, 0x7d, 0x8b, 0x59, 0x08, 0x66}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32, /* ct, ct length */ {0xd1, 0x9a, 0xc5, 0x98, 0x49, 0x02, 0x6a, 0x91, 0xaa, 0x1b, 0x9a, 0xec, 0x29, 0xb1, 0x1a, 0x20, 0x2a, 0x4d, 0x73, 0x9f, 0xd8, 0x6c, 0x28, 0xe3, 0xae, 0x3d, 0x58, 0x8e, 0xa2, 0x1d, 0x70, 0xc6}, 32, /* tag, tag length */ {0xc3, 0x0f, 0x6c, 0xd9, 0x20, 0x20, 0x74, 0xed, 0x6e, 0x2a, 0x2a, 0x36, 0x0e, 0xac, 0x8c, 0x47}, 16, /* valid */ 1, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x55, 0xd1, 0x25, 0x11, 0xc6, 0x96, 0xa8, 0x0d, 0x05, 0x14, 0xd1, 0xff, 0xba, 0x49, 0xca, 0xda}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32, /* ct, ct length */ {0x21, 0x08, 0x55, 0x8a, 0xc4, 0xb2, 0xc2, 0xd5, 0xcc, 0x66, 0xce, 0xa5, 0x1d, 0x62, 0x10, 0xe0, 0x46, 0x17, 0x7a, 0x67, 0x63, 0x1c, 0xd2, 0xdd, 0x8f, 0x09, 0x46, 0x97, 0x33, 0xac, 0xb5, 0x17}, 32, /* tag, tag length */ {0xfc, 0x35, 0x5e, 0x87, 0xa2, 0x67, 0xbe, 0x3a, 0xe3, 0xe4, 0x4c, 0x0b, 0xf3, 0xf9, 0x9b, 0x2b}, 16, /* valid */ 1, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x79, 0x42, 0x2d, 0xdd, 0x91, 0xc4, 0xee, 0xe2, 0xde, 0xae, 0xf1, 0xf9, 0x68, 0x30, 0x53, 0x04}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32, /* ct, ct length */ {0x4d, 0x2c, 0x15, 0x24, 0xca, 0x4b, 0xaa, 0x4e, 0xef, 0xcc, 0xe6, 0xb9, 0x1b, 0x22, 0x7e, 0xe8, 0x3a, 0xba, 0xff, 0x81, 0x05, 0xdc, 0xaf, 0xa2, 0xab, 0x19, 0x1f, 0x5d, 0xf2, 0x57, 0x50, 0x35}, 32, /* tag, tag length */ {0xe2, 0xc8, 0x65, 0xce, 0x2d, 0x7a, 0xbd, 0xac, 0x02, 0x4c, 0x6f, 0x99, 0x1a, 0x84, 0x83, 0x90}, 16, /* valid */ 1, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x0a, 0xf5, 0xaa, 0x7a, 0x76, 0x76, 0xe2, 0x83, 0x06, 0x30, 0x6b, 0xcd, 0x9b, 0xf2, 0x00, 0x3a}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32, /* ct, ct length */ {0x8e, 0xb0, 0x1e, 0x62, 0x18, 0x5d, 0x78, 0x2e, 0xb9, 0x28, 0x7a, 0x34, 0x1a, 0x68, 0x62, 0xac, 0x52, 0x57, 0xd6, 0xf9, 0xad, 0xc9, 0x9e, 0xe0, 0xa2, 0x4d, 0x9c, 0x22, 0xb3, 0xe9, 0xb3, 0x8a}, 32, /* tag, tag length */ {0x39, 0xc3, 0x39, 0xbc, 0x8a, 0x74, 0xc7, 0x5e, 0x2c, 0x65, 0xc6, 0x11, 0x95, 0x44, 0xd6, 0x1e}, 16, /* valid */ 1, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0xaf, 0x5a, 0x03, 0xae, 0x7e, 0xdd, 0x73, 0x47, 0x1b, 0xdc, 0xdf, 0xac, 0x5e, 0x19, 0x4a, 0x60}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32, /* ct, ct length */ {0x94, 0xc5, 0xd2, 0xac, 0xa6, 0xdb, 0xbc, 0xe8, 0xc2, 0x45, 0x13, 0xa2, 0x5e, 0x09, 0x5c, 0x0e, 0x54, 0xa9, 0x42, 0x86, 0x0d, 0x32, 0x7a, 0x22, 0x2a, 0x81, 0x5c, 0xc7, 0x13, 0xb1, 0x63, 0xb4}, 32, /* tag, tag length */ {0xf5, 0x0b, 0x30, 0x30, 0x4e, 0x45, 0xc9, 0xd4, 0x11, 0xe8, 0xdf, 0x45, 0x08, 0xa9, 0x86, 0x12}, 16, /* valid */ 1, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0xb3, 0x70, 0x87, 0x68, 0x0f, 0x0e, 0xdd, 0x5a, 0x52, 0x22, 0x8b, 0x8c, 0x7a, 0xae, 0xa6, 0x64}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33}, 64, /* ct, ct length */ {0x3b, 0xb6, 0x17, 0x3e, 0x37, 0x72, 0xd4, 0xb6, 0x2e, 0xef, 0x37, 0xf9, 0xef, 0x07, 0x81, 0xf3, 0x60, 0xb6, 0xc7, 0x4b, 0xe3, 0xbf, 0x6b, 0x37, 0x10, 0x67, 0xbc, 0x1b, 0x09, 0x0d, 0x9d, 0x66, 0x22, 0xa1, 0xfb, 0xec, 0x6a, 0xc4, 0x71, 0xb3, 0x34, 0x9c, 0xd4, 0x27, 0x7a, 0x10, 0x1d, 0x40, 0x89, 0x0f, 0xbf, 0x27, 0xdf, 0xdc, 0xd0, 0xb4, 0xe3, 0x78, 0x1f, 0x98, 0x06, 0xda, 0xab, 0xb6}, 64, /* tag, tag length */ {0xa0, 0x49, 0x87, 0x45, 0xe5, 0x99, 0x99, 0xdd, 0xc3, 0x2d, 0x5b, 0x14, 0x02, 0x41, 0x12, 0x4e}, 16, /* valid */ 1, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x4f, 0x80, 0x2d, 0xa6, 0x2a, 0x38, 0x45, 0x55, 0xa1, 0x9b, 0xc2, 0xb3, 0x82, 0xeb, 0x25, 0xaf}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44}, 80, /* ct, ct length */ {0xe9, 0xb0, 0xbb, 0x88, 0x57, 0x81, 0x8c, 0xe3, 0x20, 0x1c, 0x36, 0x90, 0xd2, 0x1d, 0xaa, 0x7f, 0x26, 0x4f, 0xb8, 0xee, 0x93, 0xcc, 0x7a, 0x46, 0x74, 0xea, 0x2f, 0xc3, 0x2b, 0xf1, 0x82, 0xfb, 0x2a, 0x7e, 0x8a, 0xd5, 0x15, 0x07, 0xad, 0x4f, 0x31, 0xce, 0xfc, 0x23, 0x56, 0xfe, 0x79, 0x36, 0xa7, 0xf6, 0xe1, 0x9f, 0x95, 0xe8, 0x8f, 0xdb, 0xf1, 0x76, 0x20, 0x91, 0x6d, 0x3a, 0x6f, 0x3d, 0x01, 0xfc, 0x17, 0xd3, 0x58, 0x67, 0x2f, 0x77, 0x7f, 0xd4, 0x09, 0x92, 0x46, 0xe4, 0x36, 0xe1}, 80, /* tag, tag length */ {0x67, 0x91, 0x0b, 0xe7, 0x44, 0xb8, 0x31, 0x5a, 0xe0, 0xeb, 0x61, 0x24, 0x59, 0x0c, 0x5d, 0x8b}, 16, /* valid */ 1, }, { /* key, key length */ {0xb6, 0x7b, 0x1a, 0x6e, 0xfd, 0xd4, 0x0d, 0x37, 0x08, 0x0f, 0xbe, 0x8f, 0x80, 0x47, 0xae, 0xb9}, 16, /* iv, iv length */ {0xfa, 0x29, 0x4b, 0x12, 0x99, 0x72, 0xf7, 0xfc, 0x5b, 0xbd, 0x5b, 0x96, 0xbb, 0xa8, 0x37, 0xc9}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x00}, 0, /* ct, ct length */ {0x00}, 0, /* tag, tag length */ {0xb1, 0x4b, 0x64, 0xfb, 0x58, 0x98, 0x99, 0x69, 0x95, 0x70, 0xcc, 0x91, 0x60, 0xe3, 0x98, 0x96}, 16, /* valid */ 1, }, { /* key, key length */ {0x20, 0x9e, 0x6d, 0xbf, 0x2a, 0xd2, 0x6a, 0x10, 0x54, 0x45, 0xfc, 0x02, 0x07, 0xcd, 0x9e, 0x9a}, 16, /* iv, iv length */ {0x94, 0x77, 0x84, 0x9d, 0x6c, 0xcd, 0xfc, 0xa1, 0x12, 0xd9, 0x2e, 0x53, 0xfa, 0xe4, 0xa7, 0xca}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x01}, 1, /* ct, ct length */ {0x1d}, 1, /* tag, tag length */ {0x52, 0xa5, 0xf6, 0x00, 0xfe, 0x53, 0x38, 0x02, 0x6a, 0x7c, 0xb0, 0x9c, 0x11, 0x64, 0x00, 0x82}, 16, /* valid */ 1, }, { /* key, key length */ {0xa5, 0x49, 0x44, 0x2e, 0x35, 0x15, 0x40, 0x32, 0xd0, 0x7c, 0x86, 0x66, 0x00, 0x6a, 0xa6, 0xa2}, 16, /* iv, iv length */ {0x51, 0x71, 0x52, 0x45, 0x68, 0xe8, 0x1d, 0x97, 0xe8, 0xc4, 0xde, 0x4b, 0xa5, 0x6c, 0x10, 0xa0}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x11, 0x82, 0xe9, 0x35, 0x96, 0xca, 0xc5, 0x60, 0x89, 0x46, 0x40, 0x0b, 0xc7, 0x3f, 0x3a}, 15, /* ct, ct length */ {0xd7, 0xb8, 0xa6, 0xb4, 0x3d, 0x2e, 0x9f, 0x98, 0xc2, 0xb4, 0x4c, 0xe5, 0xe3, 0xcf, 0xdb}, 15, /* tag, tag length */ {0x1b, 0xdd, 0x52, 0xfc, 0x98, 0x7d, 0xaf, 0x0e, 0xe1, 0x92, 0x34, 0xc9, 0x05, 0xea, 0x64, 0x5f}, 16, /* valid */ 1, }, { /* key, key length */ {0x95, 0x8b, 0xcd, 0xb6, 0x6a, 0x39, 0x52, 0xb5, 0x37, 0x01, 0x58, 0x2a, 0x68, 0xa0, 0xe4, 0x74}, 16, /* iv, iv length */ {0x0e, 0x6e, 0xc8, 0x79, 0xb0, 0x2c, 0x6f, 0x51, 0x69, 0x76, 0xe3, 0x58, 0x98, 0x42, 0x8d, 0xa7}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x14, 0x04, 0x15, 0x82, 0x3e, 0xcc, 0x89, 0x32, 0xa0, 0x58, 0x38, 0x4b, 0x73, 0x8e, 0xa6, 0xea, 0x6d, 0x4d, 0xfe, 0x3b, 0xbe, 0xee}, 22, /* ct, ct length */ {0x73, 0xe5, 0xc6, 0xf0, 0xe7, 0x03, 0xa5, 0x2d, 0x02, 0xf7, 0xf7, 0xfa, 0xeb, 0x1b, 0x77, 0xfd, 0x4f, 0xd0, 0xcb, 0x42, 0x1e, 0xaf}, 22, /* tag, tag length */ {0x6c, 0x15, 0x4a, 0x85, 0x96, 0x8e, 0xdd, 0x74, 0x77, 0x65, 0x75, 0xa4, 0x45, 0x0b, 0xd8, 0x97}, 16, /* valid */ 1, }, { /* key, key length */ {0x96, 0x5b, 0x75, 0x7b, 0xa5, 0x01, 0x8a, 0x8d, 0x66, 0xed, 0xc7, 0x8e, 0x0c, 0xee, 0xe8, 0x6b}, 16, /* iv, iv length */ {0x2e, 0x35, 0x90, 0x1a, 0xe7, 0xd4, 0x91, 0xee, 0xcc, 0x88, 0x38, 0xfe, 0xdd, 0x63, 0x14, 0x05}, 16, /* aad, aad length */ {0xdf, 0x10, 0xd0, 0xd2, 0x12, 0x24, 0x24, 0x50}, 8, /* msg, msg length */ {0x36, 0xe5, 0x7a, 0x76, 0x39, 0x58, 0xb0, 0x2c, 0xea, 0x9d, 0x6a, 0x67, 0x6e, 0xbc, 0xe8, 0x1f}, 16, /* ct, ct length */ {0x93, 0x6b, 0x69, 0xb6, 0xc9, 0x55, 0xad, 0xfd, 0x15, 0x53, 0x9b, 0x9b, 0xe4, 0x98, 0x9c, 0xb6}, 16, /* tag, tag length */ {0xee, 0x15, 0xa1, 0x45, 0x4e, 0x88, 0xfa, 0xad, 0x8e, 0x48, 0xa8, 0xdf, 0x29, 0x83, 0xb4, 0x25}, 16, /* valid */ 1, }, { /* key, key length */ {0x88, 0xd0, 0x20, 0x33, 0x78, 0x1c, 0x7b, 0x41, 0x64, 0x71, 0x1a, 0x05, 0x42, 0x0f, 0x25, 0x6e}, 16, /* iv, iv length */ {0x7f, 0x29, 0x85, 0x29, 0x63, 0x15, 0x50, 0x7a, 0xa4, 0xc0, 0xa9, 0x3d, 0x5c, 0x12, 0xbd, 0x77}, 16, /* aad, aad length */ {0x7c, 0x57, 0x1d, 0x2f, 0xbb, 0x5f, 0x62, 0x52, 0x3c, 0x0e, 0xb3, 0x38, 0xbe, 0xf9, 0xa9}, 15, /* msg, msg length */ {0xd9, 0x8a, 0xdc, 0x03, 0xd9, 0xd5, 0x82, 0x73, 0x2e, 0xb0, 0x7d, 0xf2, 0x3d, 0x7b, 0x9f, 0x74}, 16, /* ct, ct length */ {0x67, 0xca, 0xac, 0x35, 0x44, 0x3a, 0x31, 0x38, 0xd2, 0xcb, 0x81, 0x1f, 0x0c, 0xe0, 0x4d, 0xd2}, 16, /* tag, tag length */ {0xb7, 0x96, 0x8e, 0x0b, 0x56, 0x40, 0xe3, 0xb2, 0x36, 0x56, 0x96, 0x53, 0x20, 0x8b, 0x9d, 0xeb}, 16, /* valid */ 1, }, { /* key, key length */ {0x51, 0x58, 0x40, 0xcf, 0x67, 0xd2, 0xe4, 0x0e, 0xb6, 0x5e, 0x54, 0xa2, 0x4c, 0x72, 0xcb, 0xf2}, 16, /* iv, iv length */ {0xbf, 0x47, 0xaf, 0xdf, 0xd4, 0x92, 0x13, 0x7a, 0x24, 0x23, 0x6b, 0xc3, 0x67, 0x97, 0xa8, 0x8e}, 16, /* aad, aad length */ {0x16, 0x84, 0x3c, 0x09, 0x1d, 0x43, 0xb0, 0xa1, 0x91, 0xd0, 0xc7, 0x3d, 0x15, 0x60, 0x1b, 0xe9}, 16, /* msg, msg length */ {0xc8, 0x34, 0x58, 0x8c, 0xb6, 0xda, 0xf9, 0xf0, 0x6d, 0xd2, 0x35, 0x19, 0xf4, 0xbe, 0x9f, 0x56}, 16, /* ct, ct length */ {0x20, 0x0a, 0xc4, 0x51, 0xfb, 0xeb, 0x0f, 0x61, 0x51, 0xd6, 0x15, 0x83, 0xa4, 0x3b, 0x73, 0x43}, 16, /* tag, tag length */ {0x2a, 0xd4, 0x3e, 0x4c, 0xaa, 0x51, 0x98, 0x3a, 0x9d, 0x4d, 0x24, 0x48, 0x1b, 0xf4, 0xc8, 0x39}, 16, /* valid */ 1, }, { /* key, key length */ {0x2e, 0x44, 0x92, 0xd4, 0x44, 0xe5, 0xb6, 0xf4, 0xce, 0xc8, 0xc2, 0xd3, 0x61, 0x5a, 0xc8, 0x58}, 16, /* iv, iv length */ {0xd0, 0x2b, 0xf0, 0x76, 0x3a, 0x9f, 0xef, 0xbf, 0x70, 0xc3, 0x3a, 0xee, 0x1e, 0x9d, 0xa1, 0xd6}, 16, /* aad, aad length */ {0x90, 0x4d, 0x86, 0xf1, 0x33, 0xce, 0xc1, 0x5a, 0x0c, 0x3c, 0xaf, 0x14, 0xd7, 0xe0, 0x29, 0xc8, 0x2a, 0x07, 0x70, 0x5a, 0x23, 0xf0, 0xd0, 0x80}, 24, /* msg, msg length */ {0x9e, 0x62, 0xd6, 0x51, 0x1b, 0x0b, 0xda, 0x7d, 0xd7, 0x74, 0x0b, 0x61, 0x4d, 0x97, 0xba, 0xe0}, 16, /* ct, ct length */ {0x27, 0xc6, 0xe9, 0xa6, 0x53, 0xc5, 0x25, 0x3c, 0xa1, 0xc5, 0x67, 0x3f, 0x97, 0xb9, 0xb3, 0x3e}, 16, /* tag, tag length */ {0x2d, 0x58, 0x12, 0x71, 0xe1, 0xfa, 0x9e, 0x36, 0x86, 0x13, 0x6c, 0xaa, 0x8f, 0x4d, 0x6c, 0x8e}, 16, /* valid */ 1, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0xe7, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2, 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0xe4, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2, 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0x66, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2, 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0xe6, 0x0f, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2, 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0xe6, 0x0e, 0x7c, 0xd0, 0x13, 0xa6, 0xdb, 0xf2, 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0xe6, 0x0e, 0x7c, 0x50, 0x12, 0xa6, 0xdb, 0xf2, 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0xe6, 0x0e, 0x7c, 0x50, 0x11, 0xa6, 0xdb, 0xf2, 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0x72, 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2, 0x53, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2, 0xd2, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2, 0x52, 0xb8, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2, 0x52, 0x98, 0xb0, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2, 0x52, 0x98, 0xb1, 0x92, 0x9a, 0xc3, 0x56, 0xa7}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2, 0x52, 0x98, 0xb1, 0x92, 0x99, 0xc3, 0x56, 0xa7}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2, 0x52, 0x98, 0xb1, 0x92, 0x1b, 0xc3, 0x56, 0xa7}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2, 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa6}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2, 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa5}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2, 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xe7}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2, 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0x27}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0xe7, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2, 0x53, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0xe6, 0x0e, 0x7c, 0xd0, 0x13, 0xa6, 0xdb, 0x72, 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0x72, 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0x27}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0x19, 0xf1, 0x83, 0xaf, 0xec, 0x59, 0x24, 0x0d, 0xad, 0x67, 0x4e, 0x6d, 0x64, 0x3c, 0xa9, 0x58}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0x66, 0x8e, 0xfc, 0xd0, 0x93, 0x26, 0x5b, 0x72, 0xd2, 0x18, 0x31, 0x12, 0x1b, 0x43, 0xd6, 0x27}, 16, /* valid */ 0, }, { /* key, key length */ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16, /* iv, iv length */ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16, /* aad, aad length */ {0x00}, 0, /* msg, msg length */ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16, /* ct, ct length */ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54, 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16, /* tag, tag length */ {0xe7, 0x0f, 0x7d, 0x51, 0x12, 0xa7, 0xda, 0xf3, 0x53, 0x99, 0xb0, 0x93, 0x9a, 0xc2, 0x57, 0xa6}, 16, /* valid */ 0, }, }; byte ciphertext[sizeof(vectors[0].ct)]; byte authtag[sizeof(vectors[0].tag)]; int i; int len; int ret; for (i = 0; i < (int)(sizeof(vectors)/sizeof(vectors[0])); i++) { XMEMSET(ciphertext, 0, sizeof(ciphertext)); len = sizeof(authtag); ExpectIntEQ(wc_AesEaxEncryptAuth(vectors[i].key, vectors[i].key_length, ciphertext, vectors[i].msg, vectors[i].msg_length, vectors[i].iv, vectors[i].iv_length, authtag, len, vectors[i].aad, vectors[i].aad_length), 0); /* check ciphertext matches vector */ ExpectIntEQ(XMEMCMP(ciphertext, vectors[i].ct, vectors[i].ct_length), 0); /* check that computed tag matches vector only for vectors marked as valid */ ret = XMEMCMP(authtag, vectors[i].tag, len); if (vectors[i].valid) { ExpectIntEQ(ret, 0); } else { ExpectIntNE(ret, 0); } XMEMSET(ciphertext, 0, sizeof(ciphertext)); /* Decrypt, checking that the computed auth tags match */ ExpectIntEQ(wc_AesEaxDecryptAuth(vectors[i].key, vectors[i].key_length, ciphertext, vectors[i].ct, vectors[i].ct_length, vectors[i].iv, vectors[i].iv_length, authtag, len, vectors[i].aad, vectors[i].aad_length), 0); /* check decrypted ciphertext matches vector plaintext */ ExpectIntEQ(XMEMCMP(ciphertext, vectors[i].msg, vectors[i].msg_length), 0); } return EXPECT_RESULT(); } /* END test_wc_AesEaxVectors */ /* * Testing test_wc_AesEaxEncryptAuth() */ static int test_wc_AesEaxEncryptAuth(void) { EXPECT_DECLS; const byte key[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F}; const byte iv[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F}; const byte aad[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07}; const byte msg[] = {0x00, 0x01, 0x02, 0x03, 0x04}; byte ciphertext[sizeof(msg)]; byte authtag[AES_BLOCK_SIZE]; int i; int len; len = sizeof(authtag); ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key), ciphertext, msg, sizeof(msg), iv, sizeof(iv), authtag, len, aad, sizeof(aad)), 0); /* Test null checking */ ExpectIntEQ(wc_AesEaxEncryptAuth(NULL, sizeof(key), ciphertext, msg, sizeof(msg), iv, sizeof(iv), authtag, len, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key), NULL, msg, sizeof(msg), iv, sizeof(iv), authtag, len, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key), ciphertext, NULL, sizeof(msg), iv, sizeof(iv), authtag, len, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key), ciphertext, msg, sizeof(msg), NULL, sizeof(iv), authtag, len, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key), ciphertext, msg, sizeof(msg), iv, sizeof(iv), NULL, len, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key), ciphertext, msg, sizeof(msg), iv, sizeof(iv), authtag, len, NULL, sizeof(aad)), BAD_FUNC_ARG); /* Test bad key lengths */ for (i = 0; i <= 32; i++) { int exp_ret; if (i == AES_128_KEY_SIZE || i == AES_192_KEY_SIZE || i == AES_256_KEY_SIZE) { exp_ret = 0; } else { exp_ret = BAD_FUNC_ARG; } ExpectIntEQ(wc_AesEaxEncryptAuth(key, i, ciphertext, msg, sizeof(msg), iv, sizeof(iv), authtag, len, aad, sizeof(aad)), exp_ret); } /* Test auth tag size out of range */ len = AES_BLOCK_SIZE + 1; ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key), ciphertext, msg, sizeof(msg), iv, sizeof(iv), authtag, len, aad, sizeof(aad)), BAD_FUNC_ARG); return EXPECT_RESULT(); } /* END test_wc_AesEaxEncryptAuth() */ /* * Testing test_wc_AesEaxDecryptAuth() */ static int test_wc_AesEaxDecryptAuth(void) { EXPECT_DECLS; const byte key[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F}; const byte iv[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F}; const byte aad[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07}; const byte ct[] = {0x00, 0x01, 0x02, 0x03, 0x04}; /* Garbage tag that should always fail for above aad */ const byte tag[] = {0xFE, 0xED, 0xBE, 0xEF, 0xDE, 0xAD, 0xC0, 0xDE, 0xCA, 0xFE, 0xBE, 0xEF, 0xDE, 0xAF, 0xBE, 0xEF}; byte plaintext[sizeof(ct)]; int i; int len; len = sizeof(tag); ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key), plaintext, ct, sizeof(ct), iv, sizeof(iv), tag, len, aad, sizeof(aad)), AES_EAX_AUTH_E); /* Test null checking */ ExpectIntEQ(wc_AesEaxDecryptAuth(NULL, sizeof(key), plaintext, ct, sizeof(ct), iv, sizeof(iv), tag, len, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key), NULL, ct, sizeof(ct), iv, sizeof(iv), tag, len, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key), plaintext, NULL, sizeof(ct), iv, sizeof(iv), tag, len, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key), plaintext, ct, sizeof(ct), NULL, sizeof(iv), tag, len, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key), plaintext, ct, sizeof(ct), iv, sizeof(iv), NULL, len, aad, sizeof(aad)), BAD_FUNC_ARG); ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key), plaintext, ct, sizeof(ct), iv, sizeof(iv), tag, len, NULL, sizeof(aad)), BAD_FUNC_ARG); /* Test bad key lengths */ for (i = 0; i <= 32; i++) { int exp_ret; if (i == AES_128_KEY_SIZE || i == AES_192_KEY_SIZE || i == AES_256_KEY_SIZE) { exp_ret = AES_EAX_AUTH_E; } else { exp_ret = BAD_FUNC_ARG; } ExpectIntEQ(wc_AesEaxDecryptAuth(key, i, plaintext, ct, sizeof(ct), iv, sizeof(iv), tag, len, aad, sizeof(aad)), exp_ret); } /* Test auth tag size out of range */ len = AES_BLOCK_SIZE + 1; ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key), plaintext, ct, sizeof(ct), iv, sizeof(iv), tag, len, aad, sizeof(aad)), BAD_FUNC_ARG); return EXPECT_RESULT(); } /* END test_wc_AesEaxDecryptAuth() */ #endif /* WOLFSSL_AES_EAX && * (!HAVE_FIPS || FIPS_VERSION_GE(5, 3)) && !HAVE_SELFTEST */ /* * Testing wc_InitDsaKey() */ static int test_wc_InitDsaKey(void) { EXPECT_DECLS; #ifndef NO_DSA DsaKey key; XMEMSET(&key, 0, sizeof(DsaKey)); ExpectIntEQ(wc_InitDsaKey(&key), 0); /* Pass in bad args. */ ExpectIntEQ(wc_InitDsaKey(NULL), BAD_FUNC_ARG); wc_FreeDsaKey(&key); #endif return EXPECT_RESULT(); } /* END test_wc_InitDsaKey */ /* * Testing wc_DsaSign() and wc_DsaVerify() */ static int test_wc_DsaSignVerify(void) { EXPECT_DECLS; #if !defined(NO_DSA) DsaKey key; WC_RNG rng; wc_Sha sha; byte signature[DSA_SIG_SIZE]; byte hash[WC_SHA_DIGEST_SIZE]; word32 idx = 0; word32 bytes; int answer; #ifdef USE_CERT_BUFFERS_1024 byte tmp[ONEK_BUF]; XMEMSET(tmp, 0, sizeof(tmp)); XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024); bytes = sizeof_dsa_key_der_1024; #elif defined(USE_CERT_BUFFERS_2048) byte tmp[TWOK_BUF]; XMEMSET(tmp, 0, sizeof(tmp)); XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048); bytes = sizeof_dsa_key_der_2048; #else byte tmp[TWOK_BUF]; XFILE fp = XBADFILE; XMEMSET(tmp, 0, sizeof(tmp)); ExpectTrue((fp = XFOPEN("./certs/dsa2048.der", "rb")) != XBADFILE); ExpectTrue((bytes = (word32)XFREAD(tmp, 1, sizeof(tmp), fp)) > 0); if (fp != XBADFILE) XFCLOSE(fp); #endif /* END USE_CERT_BUFFERS_1024 */ ExpectIntEQ(wc_InitSha(&sha), 0); ExpectIntEQ(wc_ShaUpdate(&sha, tmp, bytes), 0); ExpectIntEQ(wc_ShaFinal(&sha, hash), 0); ExpectIntEQ(wc_InitDsaKey(&key), 0); ExpectIntEQ(wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes), 0); ExpectIntEQ(wc_InitRng(&rng), 0); /* Sign. */ ExpectIntEQ(wc_DsaSign(hash, signature, &key, &rng), 0); /* Test bad args. */ ExpectIntEQ(wc_DsaSign(NULL, signature, &key, &rng), BAD_FUNC_ARG); ExpectIntEQ(wc_DsaSign(hash, NULL, &key, &rng), BAD_FUNC_ARG); ExpectIntEQ(wc_DsaSign(hash, signature, NULL, &rng), BAD_FUNC_ARG); ExpectIntEQ(wc_DsaSign(hash, signature, &key, NULL), BAD_FUNC_ARG); /* Verify. */ ExpectIntEQ(wc_DsaVerify(hash, signature, &key, &answer), 0); ExpectIntEQ(answer, 1); /* Pass in bad args. */ ExpectIntEQ(wc_DsaVerify(NULL, signature, &key, &answer), BAD_FUNC_ARG); ExpectIntEQ(wc_DsaVerify(hash, NULL, &key, &answer), BAD_FUNC_ARG); ExpectIntEQ(wc_DsaVerify(hash, signature, NULL, &answer), BAD_FUNC_ARG); ExpectIntEQ(wc_DsaVerify(hash, signature, &key, NULL), BAD_FUNC_ARG); #if !defined(HAVE_FIPS) && defined(WOLFSSL_PUBLIC_MP) /* hard set q to 0 and test fail case */ mp_free(&key.q); mp_init(&key.q); ExpectIntEQ(wc_DsaSign(hash, signature, &key, &rng), BAD_FUNC_ARG); mp_set(&key.q, 1); ExpectIntEQ(wc_DsaSign(hash, signature, &key, &rng), BAD_FUNC_ARG); #endif DoExpectIntEQ(wc_FreeRng(&rng),0); wc_FreeDsaKey(&key); wc_ShaFree(&sha); #endif return EXPECT_RESULT(); } /* END test_wc_DsaSign */ /* * Testing wc_DsaPrivateKeyDecode() and wc_DsaPublicKeyDecode() */ static int test_wc_DsaPublicPrivateKeyDecode(void) { EXPECT_DECLS; #if !defined(NO_DSA) DsaKey key; word32 bytes = 0; word32 idx = 0; int ret = 0; #ifdef USE_CERT_BUFFERS_1024 byte tmp[ONEK_BUF]; XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024); bytes = sizeof_dsa_key_der_1024; #elif defined(USE_CERT_BUFFERS_2048) byte tmp[TWOK_BUF]; XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048); bytes = sizeof_dsa_key_der_2048; #else byte tmp[TWOK_BUF]; XFILE fp = XBADFILE; XMEMSET(tmp, 0, sizeof(tmp)); ExpectTrue((fp = XFOPEN("./certs/dsa2048.der", "rb")) != XBADFILE); ExpectTrue((bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp)) > 0); if (fp != XBADFILE) XFCLOSE(fp); #endif /* END USE_CERT_BUFFERS_1024 */ ExpectIntEQ(wc_InitDsaKey(&key), 0); ExpectIntEQ(wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes), 0); /* Test bad args. */ ExpectIntEQ(wc_DsaPrivateKeyDecode(NULL, &idx, &key, bytes), BAD_FUNC_ARG); ExpectIntEQ(wc_DsaPrivateKeyDecode(tmp, NULL, &key, bytes), BAD_FUNC_ARG); ExpectIntEQ(wc_DsaPrivateKeyDecode(tmp, &idx, NULL, bytes), BAD_FUNC_ARG); ExpectIntLT(ret = wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes), 0); ExpectTrue((ret == ASN_PARSE_E) || (ret == BUFFER_E)); wc_FreeDsaKey(&key); ExpectIntEQ(wc_InitDsaKey(&key), 0); idx = 0; /* Reset */ ExpectIntEQ(wc_DsaPublicKeyDecode(tmp, &idx, &key, bytes), 0); /* Test bad args. */ ExpectIntEQ(wc_DsaPublicKeyDecode(NULL, &idx, &key, bytes), BAD_FUNC_ARG); ExpectIntEQ(wc_DsaPublicKeyDecode(tmp, NULL, &key, bytes), BAD_FUNC_ARG); ExpectIntEQ(wc_DsaPublicKeyDecode(tmp, &idx, NULL, bytes), BAD_FUNC_ARG); ExpectIntLT(ret = wc_DsaPublicKeyDecode(tmp, &idx, &key, bytes), 0); ExpectTrue((ret == ASN_PARSE_E) || (ret == BUFFER_E)); wc_FreeDsaKey(&key); #endif /* !NO_DSA */ return EXPECT_RESULT(); } /* END test_wc_DsaPublicPrivateKeyDecode */ /* * Testing wc_MakeDsaKey() and wc_MakeDsaParameters() */ static int test_wc_MakeDsaKey(void) { EXPECT_DECLS; #if !defined(NO_DSA) && defined(WOLFSSL_KEY_GEN) DsaKey genKey; WC_RNG rng; XMEMSET(&genKey, 0, sizeof(genKey)); XMEMSET(&rng, 0, sizeof(rng)); ExpectIntEQ(wc_InitDsaKey(&genKey), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_MakeDsaParameters(&rng, ONEK_BUF, &genKey), 0); /* Test bad args. */ ExpectIntEQ(wc_MakeDsaParameters(NULL, ONEK_BUF, &genKey), BAD_FUNC_ARG); ExpectIntEQ(wc_MakeDsaParameters(&rng, ONEK_BUF, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_MakeDsaParameters(&rng, ONEK_BUF + 1, &genKey), BAD_FUNC_ARG); ExpectIntEQ(wc_MakeDsaKey(&rng, &genKey), 0); /* Test bad args. */ ExpectIntEQ(wc_MakeDsaKey(NULL, &genKey), BAD_FUNC_ARG); ExpectIntEQ(wc_MakeDsaKey(&rng, NULL), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_FreeDsaKey(&genKey); #endif return EXPECT_RESULT(); } /* END test_wc_MakeDsaKey */ /* * Testing wc_DsaKeyToDer() */ static int test_wc_DsaKeyToDer(void) { EXPECT_DECLS; #if !defined(NO_DSA) && defined(WOLFSSL_KEY_GEN) DsaKey key; word32 bytes; word32 idx = 0; #ifdef USE_CERT_BUFFERS_1024 byte tmp[ONEK_BUF]; byte der[ONEK_BUF]; XMEMSET(tmp, 0, sizeof(tmp)); XMEMSET(der, 0, sizeof(der)); XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024); bytes = sizeof_dsa_key_der_1024; #elif defined(USE_CERT_BUFFERS_2048) byte tmp[TWOK_BUF]; byte der[TWOK_BUF]; XMEMSET(tmp, 0, sizeof(tmp)); XMEMSET(der, 0, sizeof(der)); XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048); bytes = sizeof_dsa_key_der_2048; #else byte tmp[TWOK_BUF]; byte der[TWOK_BUF]; XFILE fp = XBADFILE; XMEMSET(tmp, 0, sizeof(tmp)); XMEMSET(der, 0, sizeof(der)); ExpectTrue((fp = XFOPEN("./certs/dsa2048.der", "rb")) != XBADFILE); ExpectTrue((bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp)) > 0); if (fp != XBADFILE) XFCLOSE(fp); #endif /* END USE_CERT_BUFFERS_1024 */ XMEMSET(&key, 0, sizeof(DsaKey)); ExpectIntEQ(wc_InitDsaKey(&key), 0); ExpectIntEQ(wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes), 0); ExpectIntGE(wc_DsaKeyToDer(&key, der, bytes), 0); ExpectIntEQ(XMEMCMP(der, tmp, bytes), 0); /* Test bad args. */ ExpectIntEQ(wc_DsaKeyToDer(NULL, der, FOURK_BUF), BAD_FUNC_ARG); ExpectIntEQ(wc_DsaKeyToDer(&key, NULL, FOURK_BUF), BAD_FUNC_ARG); wc_FreeDsaKey(&key); #endif /* !NO_DSA && WOLFSSL_KEY_GEN */ return EXPECT_RESULT(); } /* END test_wc_DsaKeyToDer */ /* * Testing wc_DsaKeyToPublicDer() * (indirectly testing setDsaPublicKey()) */ static int test_wc_DsaKeyToPublicDer(void) { EXPECT_DECLS; #ifndef HAVE_SELFTEST #if !defined(NO_DSA) && defined(WOLFSSL_KEY_GEN) DsaKey key; WC_RNG rng; byte* der = NULL; word32 sz = 0; word32 idx = 0; XMEMSET(&key, 0, sizeof(DsaKey)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectNotNull(der = (byte*)XMALLOC(ONEK_BUF, NULL, DYNAMIC_TYPE_TMP_BUFFER)); ExpectIntEQ(wc_InitDsaKey(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_MakeDsaParameters(&rng, ONEK_BUF, &key), 0); ExpectIntEQ(wc_MakeDsaKey(&rng, &key), 0); ExpectIntGE(sz = wc_DsaKeyToPublicDer(&key, der, ONEK_BUF), 0); wc_FreeDsaKey(&key); idx = 0; ExpectIntEQ(wc_DsaPublicKeyDecode(der, &idx, &key, sz), 0); /* Test without the SubjectPublicKeyInfo header */ ExpectIntGE(sz = wc_SetDsaPublicKey(der, &key, ONEK_BUF, 0), 0); wc_FreeDsaKey(&key); idx = 0; ExpectIntEQ(wc_DsaPublicKeyDecode(der, &idx, &key, sz), 0); /* Test bad args. */ ExpectIntEQ(wc_DsaKeyToPublicDer(NULL, der, FOURK_BUF), BAD_FUNC_ARG); ExpectIntEQ(wc_DsaKeyToPublicDer(&key, NULL, FOURK_BUF), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_FreeDsaKey(&key); XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); #endif /* !NO_DSA && WOLFSSL_KEY_GEN */ #endif /* !HAVE_SELFTEST */ return EXPECT_RESULT(); } /* END test_wc_DsaKeyToPublicDer */ /* * Testing wc_DsaImportParamsRaw() */ static int test_wc_DsaImportParamsRaw(void) { EXPECT_DECLS; #if !defined(NO_DSA) DsaKey key; /* [mod = L=1024, N=160], from CAVP KeyPair */ const char* p = "d38311e2cd388c3ed698e82fdf88eb92b5a9a483dc88005d" "4b725ef341eabb47cf8a7a8a41e792a156b7ce97206c4f9c" "5ce6fc5ae7912102b6b502e59050b5b21ce263dddb2044b6" "52236f4d42ab4b5d6aa73189cef1ace778d7845a5c1c1c71" "47123188f8dc551054ee162b634d60f097f719076640e209" "80a0093113a8bd73"; const char* q = "96c5390a8b612c0e422bb2b0ea194a3ec935a281"; const char* g = "06b7861abbd35cc89e79c52f68d20875389b127361ca66822" "138ce4991d2b862259d6b4548a6495b195aa0e0b6137ca37e" "b23b94074d3c3d300042bdf15762812b6333ef7b07ceba786" "07610fcc9ee68491dbc1e34cd12615474e52b18bc934fb00c" "61d39e7da8902291c4434a4e2224c3f4fd9f93cd6f4f17fc0" "76341a7e7d9"; /* invalid p and q parameters */ const char* invalidP = "d38311e2cd388c3ed698e82fdf88eb92b5a9a483dc88005d"; const char* invalidQ = "96c5390a"; XMEMSET(&key, 0, sizeof(DsaKey)); ExpectIntEQ(wc_InitDsaKey(&key), 0); ExpectIntEQ(wc_DsaImportParamsRaw(&key, p, q, g), 0); /* test bad args */ /* null key struct */ ExpectIntEQ(wc_DsaImportParamsRaw(NULL, p, q, g), BAD_FUNC_ARG); /* null param pointers */ ExpectIntEQ(wc_DsaImportParamsRaw(&key, NULL, NULL, NULL), BAD_FUNC_ARG); /* illegal p length */ ExpectIntEQ(wc_DsaImportParamsRaw(&key, invalidP, q, g), BAD_FUNC_ARG); /* illegal q length */ ExpectIntEQ(wc_DsaImportParamsRaw(&key, p, invalidQ, g), BAD_FUNC_ARG); wc_FreeDsaKey(&key); #endif return EXPECT_RESULT(); } /* END test_wc_DsaImportParamsRaw */ /* * Testing wc_DsaImportParamsRawCheck() */ static int test_wc_DsaImportParamsRawCheck(void) { EXPECT_DECLS; #if !defined(NO_DSA) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) DsaKey key; int trusted = 0; /* [mod = L=1024, N=160], from CAVP KeyPair */ const char* p = "d38311e2cd388c3ed698e82fdf88eb92b5a9a483dc88005d" "4b725ef341eabb47cf8a7a8a41e792a156b7ce97206c4f9c" "5ce6fc5ae7912102b6b502e59050b5b21ce263dddb2044b6" "52236f4d42ab4b5d6aa73189cef1ace778d7845a5c1c1c71" "47123188f8dc551054ee162b634d60f097f719076640e209" "80a0093113a8bd73"; const char* q = "96c5390a8b612c0e422bb2b0ea194a3ec935a281"; const char* g = "06b7861abbd35cc89e79c52f68d20875389b127361ca66822" "138ce4991d2b862259d6b4548a6495b195aa0e0b6137ca37e" "b23b94074d3c3d300042bdf15762812b6333ef7b07ceba786" "07610fcc9ee68491dbc1e34cd12615474e52b18bc934fb00c" "61d39e7da8902291c4434a4e2224c3f4fd9f93cd6f4f17fc0" "76341a7e7d9"; /* invalid p and q parameters */ const char* invalidP = "d38311e2cd388c3ed698e82fdf88eb92b5a9a483dc88005d"; const char* invalidQ = "96c5390a"; ExpectIntEQ(wc_InitDsaKey(&key), 0); ExpectIntEQ(wc_DsaImportParamsRawCheck(&key, p, q, g, trusted, NULL), 0); /* test bad args */ /* null key struct */ ExpectIntEQ(wc_DsaImportParamsRawCheck(NULL, p, q, g, trusted, NULL), BAD_FUNC_ARG); /* null param pointers */ ExpectIntEQ(wc_DsaImportParamsRawCheck(&key, NULL, NULL, NULL, trusted, NULL), BAD_FUNC_ARG); /* illegal p length */ ExpectIntEQ(wc_DsaImportParamsRawCheck(&key, invalidP, q, g, trusted, NULL), BAD_FUNC_ARG); /* illegal q length */ ExpectIntEQ(wc_DsaImportParamsRawCheck(&key, p, invalidQ, g, trusted, NULL), BAD_FUNC_ARG); wc_FreeDsaKey(&key); #endif return EXPECT_RESULT(); } /* END test_wc_DsaImportParamsRawCheck */ /* * Testing wc_DsaExportParamsRaw() */ static int test_wc_DsaExportParamsRaw(void) { EXPECT_DECLS; #if !defined(NO_DSA) DsaKey key; /* [mod = L=1024, N=160], from CAVP KeyPair */ const char* p = "d38311e2cd388c3ed698e82fdf88eb92b5a9a483dc88005d" "4b725ef341eabb47cf8a7a8a41e792a156b7ce97206c4f9c" "5ce6fc5ae7912102b6b502e59050b5b21ce263dddb2044b6" "52236f4d42ab4b5d6aa73189cef1ace778d7845a5c1c1c71" "47123188f8dc551054ee162b634d60f097f719076640e209" "80a0093113a8bd73"; const char* q = "96c5390a8b612c0e422bb2b0ea194a3ec935a281"; const char* g = "06b7861abbd35cc89e79c52f68d20875389b127361ca66822" "138ce4991d2b862259d6b4548a6495b195aa0e0b6137ca37e" "b23b94074d3c3d300042bdf15762812b6333ef7b07ceba786" "07610fcc9ee68491dbc1e34cd12615474e52b18bc934fb00c" "61d39e7da8902291c4434a4e2224c3f4fd9f93cd6f4f17fc0" "76341a7e7d9"; const char* pCompare = "\xd3\x83\x11\xe2\xcd\x38\x8c\x3e\xd6\x98\xe8\x2f" "\xdf\x88\xeb\x92\xb5\xa9\xa4\x83\xdc\x88\x00\x5d" "\x4b\x72\x5e\xf3\x41\xea\xbb\x47\xcf\x8a\x7a\x8a" "\x41\xe7\x92\xa1\x56\xb7\xce\x97\x20\x6c\x4f\x9c" "\x5c\xe6\xfc\x5a\xe7\x91\x21\x02\xb6\xb5\x02\xe5" "\x90\x50\xb5\xb2\x1c\xe2\x63\xdd\xdb\x20\x44\xb6" "\x52\x23\x6f\x4d\x42\xab\x4b\x5d\x6a\xa7\x31\x89" "\xce\xf1\xac\xe7\x78\xd7\x84\x5a\x5c\x1c\x1c\x71" "\x47\x12\x31\x88\xf8\xdc\x55\x10\x54\xee\x16\x2b" "\x63\x4d\x60\xf0\x97\xf7\x19\x07\x66\x40\xe2\x09" "\x80\xa0\x09\x31\x13\xa8\xbd\x73"; const char* qCompare = "\x96\xc5\x39\x0a\x8b\x61\x2c\x0e\x42\x2b\xb2\xb0" "\xea\x19\x4a\x3e\xc9\x35\xa2\x81"; const char* gCompare = "\x06\xb7\x86\x1a\xbb\xd3\x5c\xc8\x9e\x79\xc5\x2f" "\x68\xd2\x08\x75\x38\x9b\x12\x73\x61\xca\x66\x82" "\x21\x38\xce\x49\x91\xd2\xb8\x62\x25\x9d\x6b\x45" "\x48\xa6\x49\x5b\x19\x5a\xa0\xe0\xb6\x13\x7c\xa3" "\x7e\xb2\x3b\x94\x07\x4d\x3c\x3d\x30\x00\x42\xbd" "\xf1\x57\x62\x81\x2b\x63\x33\xef\x7b\x07\xce\xba" "\x78\x60\x76\x10\xfc\xc9\xee\x68\x49\x1d\xbc\x1e" "\x34\xcd\x12\x61\x54\x74\xe5\x2b\x18\xbc\x93\x4f" "\xb0\x0c\x61\xd3\x9e\x7d\xa8\x90\x22\x91\xc4\x43" "\x4a\x4e\x22\x24\xc3\xf4\xfd\x9f\x93\xcd\x6f\x4f" "\x17\xfc\x07\x63\x41\xa7\xe7\xd9"; byte pOut[MAX_DSA_PARAM_SIZE]; byte qOut[MAX_DSA_PARAM_SIZE]; byte gOut[MAX_DSA_PARAM_SIZE]; word32 pOutSz; word32 qOutSz; word32 gOutSz; XMEMSET(&key, 0, sizeof(DsaKey)); ExpectIntEQ(wc_InitDsaKey(&key), 0); /* first test using imported raw parameters, for expected */ ExpectIntEQ(wc_DsaImportParamsRaw(&key, p, q, g), 0); pOutSz = sizeof(pOut); qOutSz = sizeof(qOut); gOutSz = sizeof(gOut); ExpectIntEQ(wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz, gOut, &gOutSz), 0); /* validate exported parameters are correct */ ExpectIntEQ(XMEMCMP(pOut, pCompare, pOutSz), 0); ExpectIntEQ(XMEMCMP(qOut, qCompare, qOutSz), 0); ExpectIntEQ(XMEMCMP(gOut, gCompare, gOutSz), 0); /* test bad args */ /* null key struct */ ExpectIntEQ(wc_DsaExportParamsRaw(NULL, pOut, &pOutSz, qOut, &qOutSz, gOut, &gOutSz), BAD_FUNC_ARG); /* null output pointers */ ExpectIntEQ(wc_DsaExportParamsRaw(&key, NULL, &pOutSz, NULL, &qOutSz, NULL, &gOutSz), LENGTH_ONLY_E); /* null output size pointers */ ExpectIntEQ( wc_DsaExportParamsRaw(&key, pOut, NULL, qOut, NULL, gOut, NULL), BAD_FUNC_ARG); /* p output buffer size too small */ pOutSz = 1; ExpectIntEQ(wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz, gOut, &gOutSz), BUFFER_E); pOutSz = sizeof(pOut); /* q output buffer size too small */ qOutSz = 1; ExpectIntEQ(wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz, gOut, &gOutSz), BUFFER_E); qOutSz = sizeof(qOut); /* g output buffer size too small */ gOutSz = 1; ExpectIntEQ(wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz, gOut, &gOutSz), BUFFER_E); wc_FreeDsaKey(&key); #endif return EXPECT_RESULT(); } /* END test_wc_DsaExportParamsRaw */ /* * Testing wc_DsaExportKeyRaw() */ static int test_wc_DsaExportKeyRaw(void) { EXPECT_DECLS; #if !defined(NO_DSA) && defined(WOLFSSL_KEY_GEN) DsaKey key; WC_RNG rng; byte xOut[MAX_DSA_PARAM_SIZE]; byte yOut[MAX_DSA_PARAM_SIZE]; word32 xOutSz, yOutSz; XMEMSET(&key, 0, sizeof(key)); XMEMSET(&rng, 0, sizeof(rng)); ExpectIntEQ(wc_InitDsaKey(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_MakeDsaParameters(&rng, 1024, &key), 0); ExpectIntEQ(wc_MakeDsaKey(&rng, &key), 0); /* try successful export */ xOutSz = sizeof(xOut); yOutSz = sizeof(yOut); ExpectIntEQ(wc_DsaExportKeyRaw(&key, xOut, &xOutSz, yOut, &yOutSz), 0); /* test bad args */ /* null key struct */ ExpectIntEQ(wc_DsaExportKeyRaw(NULL, xOut, &xOutSz, yOut, &yOutSz), BAD_FUNC_ARG); /* null output pointers */ ExpectIntEQ(wc_DsaExportKeyRaw(&key, NULL, &xOutSz, NULL, &yOutSz), LENGTH_ONLY_E); /* null output size pointers */ ExpectIntEQ(wc_DsaExportKeyRaw(&key, xOut, NULL, yOut, NULL), BAD_FUNC_ARG); /* x output buffer size too small */ xOutSz = 1; ExpectIntEQ(wc_DsaExportKeyRaw(&key, xOut, &xOutSz, yOut, &yOutSz), BUFFER_E); xOutSz = sizeof(xOut); /* y output buffer size too small */ yOutSz = 1; ExpectIntEQ(wc_DsaExportKeyRaw(&key, xOut, &xOutSz, yOut, &yOutSz), BUFFER_E); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_FreeDsaKey(&key); #endif return EXPECT_RESULT(); } /* END test_wc_DsaExportParamsRaw */ /* * Testing wc_ed25519_make_key(). */ static int test_wc_ed25519_make_key(void) { EXPECT_DECLS; #if defined(HAVE_ED25519) && defined(HAVE_ED25519_MAKE_KEY) ed25519_key key; WC_RNG rng; unsigned char pubkey[ED25519_PUB_KEY_SIZE+1]; int pubkey_sz = ED25519_PUB_KEY_SIZE; XMEMSET(&key, 0, sizeof(ed25519_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_ed25519_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_ed25519_make_public(&key, pubkey, pubkey_sz), ECC_PRIV_KEY_E); ExpectIntEQ(wc_ed25519_make_public(&key, pubkey+1, pubkey_sz), ECC_PRIV_KEY_E); ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0); /* Test bad args. */ ExpectIntEQ(wc_ed25519_make_key(NULL, ED25519_KEY_SIZE, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE - 1, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE + 1, &key), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ed25519_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_ed25519_make_key */ /* * Testing wc_ed25519_init() */ static int test_wc_ed25519_init(void) { EXPECT_DECLS; #if defined(HAVE_ED25519) ed25519_key key; XMEMSET(&key, 0, sizeof(ed25519_key)); ExpectIntEQ(wc_ed25519_init(&key), 0); /* Test bad args. */ ExpectIntEQ(wc_ed25519_init(NULL), BAD_FUNC_ARG); wc_ed25519_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_ed25519_init */ /* * Test wc_ed25519_sign_msg() and wc_ed25519_verify_msg() */ static int test_wc_ed25519_sign_msg(void) { EXPECT_DECLS; #if defined(HAVE_ED25519) && defined(HAVE_ED25519_SIGN) WC_RNG rng; ed25519_key key; byte msg[] = "Everybody gets Friday off.\n"; byte sig[ED25519_SIG_SIZE+1]; word32 msglen = sizeof(msg); word32 siglen = ED25519_SIG_SIZE; word32 badSigLen = ED25519_SIG_SIZE - 1; #ifdef HAVE_ED25519_VERIFY int verify_ok = 0; /*1 = Verify success.*/ #endif /* Initialize stack variables. */ XMEMSET(&key, 0, sizeof(ed25519_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); XMEMSET(sig, 0, sizeof(sig)); /* Initialize key. */ ExpectIntEQ(wc_ed25519_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0); ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, sig, &siglen, &key), 0); ExpectIntEQ(siglen, ED25519_SIG_SIZE); ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, sig+1, &siglen, &key), 0); ExpectIntEQ(siglen, ED25519_SIG_SIZE); /* Test bad args. */ ExpectIntEQ(wc_ed25519_sign_msg(NULL, msglen, sig, &siglen, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, NULL, &siglen, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, sig, NULL, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, sig, &siglen, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, sig, &badSigLen, &key), BUFFER_E); ExpectIntEQ(badSigLen, ED25519_SIG_SIZE); badSigLen -= 1; #ifdef HAVE_ED25519_VERIFY ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen, msg, msglen, &verify_ok, &key), 0); ExpectIntEQ(verify_ok, 1); /* Test bad args. */ ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen - 1, msg, msglen, &verify_ok, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen + 1, msg, msglen, &verify_ok, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_verify_msg(NULL, siglen, msg, msglen, &verify_ok, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen, NULL, msglen, &verify_ok, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen, msg, msglen, NULL, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen, msg, msglen, &verify_ok, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_verify_msg(sig+1, badSigLen, msg, msglen, &verify_ok, &key), BAD_FUNC_ARG); #endif /* Verify. */ DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ed25519_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_ed25519_sign_msg */ /* * Testing wc_ed25519_import_public() */ static int test_wc_ed25519_import_public(void) { EXPECT_DECLS; #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT) ed25519_key pubKey; WC_RNG rng; const byte in[] = "Ed25519PublicKeyUnitTest......\n"; word32 inlen = sizeof(in); XMEMSET(&pubKey, 0, sizeof(ed25519_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_ed25519_init(&pubKey), 0); ExpectIntEQ(wc_InitRng(&rng), 0); #ifdef HAVE_ED25519_MAKE_KEY ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &pubKey), 0); #endif ExpectIntEQ(wc_ed25519_import_public_ex(in, inlen, &pubKey, 1), 0); ExpectIntEQ(XMEMCMP(in, pubKey.p, inlen), 0); /* Test bad args. */ ExpectIntEQ(wc_ed25519_import_public(NULL, inlen, &pubKey), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_import_public(in, inlen, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_import_public(in, inlen - 1, &pubKey), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ed25519_free(&pubKey); #endif return EXPECT_RESULT(); } /* END wc_ed25519_import_public */ /* * Testing wc_ed25519_import_private_key() */ static int test_wc_ed25519_import_private_key(void) { EXPECT_DECLS; #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT) ed25519_key key; WC_RNG rng; const byte privKey[] = "Ed25519PrivateKeyUnitTest.....\n"; const byte pubKey[] = "Ed25519PublicKeyUnitTest......\n"; word32 privKeySz = sizeof(privKey); word32 pubKeySz = sizeof(pubKey); #ifdef HAVE_ED25519_KEY_EXPORT byte bothKeys[sizeof(privKey) + sizeof(pubKey)]; word32 bothKeysSz = sizeof(bothKeys); #endif XMEMSET(&key, 0, sizeof(ed25519_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_ed25519_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); #ifdef HAVE_ED25519_MAKE_KEY ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0); #endif ExpectIntEQ(wc_ed25519_import_private_key_ex(privKey, privKeySz, pubKey, pubKeySz, &key, 1), 0); ExpectIntEQ(XMEMCMP(pubKey, key.p, privKeySz), 0); ExpectIntEQ(XMEMCMP(privKey, key.k, pubKeySz), 0); #ifdef HAVE_ED25519_KEY_EXPORT ExpectIntEQ(wc_ed25519_export_private(&key, bothKeys, &bothKeysSz), 0); ExpectIntEQ(wc_ed25519_import_private_key_ex(bothKeys, bothKeysSz, NULL, 0, &key, 1), 0); ExpectIntEQ(XMEMCMP(pubKey, key.p, privKeySz), 0); ExpectIntEQ(XMEMCMP(privKey, key.k, pubKeySz), 0); #endif /* Test bad args. */ ExpectIntEQ(wc_ed25519_import_private_key(NULL, privKeySz, pubKey, pubKeySz, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_import_private_key(privKey, privKeySz, NULL, pubKeySz, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_import_private_key(privKey, privKeySz, pubKey, pubKeySz, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_import_private_key(privKey, privKeySz - 1, pubKey, pubKeySz, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_import_private_key(privKey, privKeySz, pubKey, pubKeySz - 1, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_import_private_key(privKey, privKeySz, NULL, 0, &key), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ed25519_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_ed25519_import_private_key */ /* * Testing wc_ed25519_export_public() and wc_ed25519_export_private_only() */ static int test_wc_ed25519_export(void) { EXPECT_DECLS; #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT) ed25519_key key; WC_RNG rng; byte priv[ED25519_PRV_KEY_SIZE]; byte pub[ED25519_PUB_KEY_SIZE]; word32 privSz = sizeof(priv); word32 pubSz = sizeof(pub); #ifndef HAVE_ED25519_MAKE_KEY const byte privKey[] = { 0xf8, 0x55, 0xb7, 0xb6, 0x49, 0x3f, 0x99, 0x9c, 0x88, 0xe3, 0xc5, 0x42, 0x6a, 0xa4, 0x47, 0x4a, 0xe4, 0x95, 0xda, 0xdb, 0xbf, 0xf8, 0xa7, 0x42, 0x9d, 0x0e, 0xe7, 0xd0, 0x57, 0x8f, 0x16, 0x69 }; const byte pubKey[] = { 0x42, 0x3b, 0x7a, 0xf9, 0x82, 0xcf, 0xf9, 0xdf, 0x19, 0xdd, 0xf3, 0xf0, 0x32, 0x29, 0x6d, 0xfa, 0xfd, 0x76, 0x4f, 0x68, 0xc2, 0xc2, 0xe0, 0x6c, 0x47, 0xae, 0xc2, 0x55, 0x68, 0xac, 0x0d, 0x4d }; #endif XMEMSET(&key, 0, sizeof(ed25519_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_ed25519_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); #ifdef HAVE_ED25519_MAKE_KEY ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0); #else ExpectIntEQ(wc_ed25519_import_private_key_ex(privKey, sizeof(privKey), pubKey, sizeof(pubKey), &key, 1), 0); #endif ExpectIntEQ(wc_ed25519_export_public(&key, pub, &pubSz), 0); ExpectIntEQ(pubSz, ED25519_KEY_SIZE); ExpectIntEQ(XMEMCMP(key.p, pub, pubSz), 0); /* Test bad args. */ ExpectIntEQ(wc_ed25519_export_public(NULL, pub, &pubSz), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_export_public(&key, NULL, &pubSz), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_export_public(&key, pub, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_export_private_only(&key, priv, &privSz), 0); ExpectIntEQ(privSz, ED25519_KEY_SIZE); ExpectIntEQ(XMEMCMP(key.k, priv, privSz), 0); /* Test bad args. */ ExpectIntEQ(wc_ed25519_export_private_only(NULL, priv, &privSz), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_export_private_only(&key, NULL, &privSz), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_export_private_only(&key, priv, NULL), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ed25519_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_ed25519_export */ /* * Testing wc_ed25519_size() */ static int test_wc_ed25519_size(void) { EXPECT_DECLS; #if defined(HAVE_ED25519) ed25519_key key; WC_RNG rng; #ifndef HAVE_ED25519_MAKE_KEY const byte privKey[] = { 0xf8, 0x55, 0xb7, 0xb6, 0x49, 0x3f, 0x99, 0x9c, 0x88, 0xe3, 0xc5, 0x42, 0x6a, 0xa4, 0x47, 0x4a, 0xe4, 0x95, 0xda, 0xdb, 0xbf, 0xf8, 0xa7, 0x42, 0x9d, 0x0e, 0xe7, 0xd0, 0x57, 0x8f, 0x16, 0x69 }; const byte pubKey[] = { 0x42, 0x3b, 0x7a, 0xf9, 0x82, 0xcf, 0xf9, 0xdf, 0x19, 0xdd, 0xf3, 0xf0, 0x32, 0x29, 0x6d, 0xfa, 0xfd, 0x76, 0x4f, 0x68, 0xc2, 0xc2, 0xe0, 0x6c, 0x47, 0xae, 0xc2, 0x55, 0x68, 0xac, 0x0d, 0x4d }; #endif XMEMSET(&key, 0, sizeof(ed25519_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_ed25519_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); #ifdef HAVE_ED25519_MAKE_KEY ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0); #else ExpectIntEQ(wc_ed25519_import_private_key_ex(privKey, sizeof(privKey), pubKey, sizeof(pubKey), &key, 1), 0); #endif ExpectIntEQ(wc_ed25519_size(&key), ED25519_KEY_SIZE); /* Test bad args. */ ExpectIntEQ(wc_ed25519_size(NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_sig_size(&key), ED25519_SIG_SIZE); /* Test bad args. */ ExpectIntEQ(wc_ed25519_sig_size(NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_pub_size(&key), ED25519_PUB_KEY_SIZE); /* Test bad args. */ ExpectIntEQ(wc_ed25519_pub_size(NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_priv_size(&key), ED25519_PRV_KEY_SIZE); /* Test bad args. */ ExpectIntEQ(wc_ed25519_priv_size(NULL), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ed25519_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_ed25519_size */ /* * Testing wc_ed25519_export_private() and wc_ed25519_export_key() */ static int test_wc_ed25519_exportKey(void) { EXPECT_DECLS; #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT) WC_RNG rng; ed25519_key key; byte priv[ED25519_PRV_KEY_SIZE]; byte pub[ED25519_PUB_KEY_SIZE]; byte privOnly[ED25519_PRV_KEY_SIZE]; word32 privSz = sizeof(priv); word32 pubSz = sizeof(pub); word32 privOnlySz = sizeof(privOnly); #ifndef HAVE_ED25519_MAKE_KEY const byte privKey[] = { 0xf8, 0x55, 0xb7, 0xb6, 0x49, 0x3f, 0x99, 0x9c, 0x88, 0xe3, 0xc5, 0x42, 0x6a, 0xa4, 0x47, 0x4a, 0xe4, 0x95, 0xda, 0xdb, 0xbf, 0xf8, 0xa7, 0x42, 0x9d, 0x0e, 0xe7, 0xd0, 0x57, 0x8f, 0x16, 0x69 }; const byte pubKey[] = { 0x42, 0x3b, 0x7a, 0xf9, 0x82, 0xcf, 0xf9, 0xdf, 0x19, 0xdd, 0xf3, 0xf0, 0x32, 0x29, 0x6d, 0xfa, 0xfd, 0x76, 0x4f, 0x68, 0xc2, 0xc2, 0xe0, 0x6c, 0x47, 0xae, 0xc2, 0x55, 0x68, 0xac, 0x0d, 0x4d }; #endif XMEMSET(&key, 0, sizeof(ed25519_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_ed25519_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); #ifdef HAVE_ED25519_MAKE_KEY ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0); #else ExpectIntEQ(wc_ed25519_import_private_key_ex(privKey, sizeof(privKey), pubKey, sizeof(pubKey), &key, 1), 0); #endif ExpectIntEQ(wc_ed25519_export_private(&key, privOnly, &privOnlySz), 0); /* Test bad args. */ ExpectIntEQ(wc_ed25519_export_private(NULL, privOnly, &privOnlySz), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_export_private(&key, NULL, &privOnlySz), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_export_private(&key, privOnly, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_export_key(&key, priv, &privSz, pub, &pubSz), 0); /* Test bad args. */ ExpectIntEQ(wc_ed25519_export_key(NULL, priv, &privSz, pub, &pubSz), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_export_key(&key, NULL, &privSz, pub, &pubSz), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_export_key(&key, priv, NULL, pub, &pubSz), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_export_key(&key, priv, &privSz, NULL, &pubSz), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_export_key(&key, priv, &privSz, pub, NULL), BAD_FUNC_ARG); /* Cross check output. */ ExpectIntEQ(XMEMCMP(priv, privOnly, privSz), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ed25519_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_ed25519_exportKey */ /* * Testing wc_Ed25519PublicKeyToDer */ static int test_wc_Ed25519PublicKeyToDer(void) { EXPECT_DECLS; #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT) && \ (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)) ed25519_key key; byte derBuf[1024]; XMEMSET(&key, 0, sizeof(ed25519_key)); /* Test bad args */ ExpectIntEQ(wc_Ed25519PublicKeyToDer(NULL, NULL, 0, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_ed25519_init(&key), 0); ExpectIntEQ(wc_Ed25519PublicKeyToDer(&key, derBuf, 0, 0), BUFFER_E); wc_ed25519_free(&key); /* Test good args */ if (EXPECT_SUCCESS()) { WC_RNG rng; XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_ed25519_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0); ExpectIntGT(wc_Ed25519PublicKeyToDer(&key, derBuf, 1024, 1), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ed25519_free(&key); } #endif return EXPECT_RESULT(); } /* END testing wc_Ed25519PublicKeyToDer */ /* * Testing wc_curve25519_init and wc_curve25519_free. */ static int test_wc_curve25519_init(void) { EXPECT_DECLS; #if defined(HAVE_CURVE25519) curve25519_key key; ExpectIntEQ(wc_curve25519_init(&key), 0); /* Test bad args for wc_curve25519_init */ ExpectIntEQ(wc_curve25519_init(NULL), BAD_FUNC_ARG); /* Test good args for wc_curve_25519_free */ wc_curve25519_free(&key); /* Test bad args for wc_curve25519 free. */ wc_curve25519_free(NULL); #endif return EXPECT_RESULT(); } /* END test_wc_curve25519_init and wc_curve_25519_free*/ /* * Testing test_wc_curve25519_size. */ static int test_wc_curve25519_size(void) { EXPECT_DECLS; #if defined(HAVE_CURVE25519) curve25519_key key; ExpectIntEQ(wc_curve25519_init(&key), 0); /* Test good args for wc_curve25519_size */ ExpectIntEQ(wc_curve25519_size(&key), CURVE25519_KEYSIZE); /* Test bad args for wc_curve25519_size */ ExpectIntEQ(wc_curve25519_size(NULL), 0); wc_curve25519_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_curve25519_size*/ /* * Testing test_wc_curve25519_export_key_raw(). */ static int test_wc_curve25519_export_key_raw(void) { EXPECT_DECLS; #if defined(HAVE_CURVE25519) && defined(HAVE_CURVE25519_KEY_EXPORT) curve25519_key key; WC_RNG rng; byte privateKey[CURVE25519_KEYSIZE]; byte publicKey[CURVE25519_KEYSIZE]; word32 prvkSz; word32 pubkSz; byte prik[CURVE25519_KEYSIZE]; byte pubk[CURVE25519_KEYSIZE]; word32 prksz; word32 pbksz; XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_curve25519_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0); /* bad-argument-test cases - target function should return BAD_FUNC_ARG */ prvkSz = CURVE25519_KEYSIZE; pubkSz = CURVE25519_KEYSIZE; ExpectIntEQ(wc_curve25519_export_key_raw(NULL, privateKey, &prvkSz, publicKey, &pubkSz), BAD_FUNC_ARG); prvkSz = CURVE25519_KEYSIZE; pubkSz = CURVE25519_KEYSIZE; ExpectIntEQ(wc_curve25519_export_key_raw(&key, NULL, &prvkSz, publicKey, &pubkSz), BAD_FUNC_ARG); prvkSz = CURVE25519_KEYSIZE; pubkSz = CURVE25519_KEYSIZE; ExpectIntEQ(wc_curve25519_export_key_raw(&key, privateKey, NULL, publicKey, &pubkSz), BAD_FUNC_ARG); /* prvkSz = CURVE25519_KEYSIZE; */ pubkSz = CURVE25519_KEYSIZE; ExpectIntEQ(wc_curve25519_export_key_raw(&key, privateKey, &prvkSz, NULL, &pubkSz), BAD_FUNC_ARG); prvkSz = CURVE25519_KEYSIZE; pubkSz = CURVE25519_KEYSIZE; ExpectIntEQ(wc_curve25519_export_key_raw(&key, privateKey, &prvkSz, publicKey, NULL), BAD_FUNC_ARG); /* cross-testing */ prksz = CURVE25519_KEYSIZE; ExpectIntEQ(wc_curve25519_export_private_raw(&key, prik, &prksz), 0); pbksz = CURVE25519_KEYSIZE; ExpectIntEQ(wc_curve25519_export_public(&key, pubk, &pbksz), 0); prvkSz = CURVE25519_KEYSIZE; /* pubkSz = CURVE25519_KEYSIZE; */ ExpectIntEQ(wc_curve25519_export_key_raw(&key, privateKey, &prvkSz, publicKey, &pubkSz), 0); ExpectIntEQ(prksz, CURVE25519_KEYSIZE); ExpectIntEQ(pbksz, CURVE25519_KEYSIZE); ExpectIntEQ(prvkSz, CURVE25519_KEYSIZE); ExpectIntEQ(pubkSz, CURVE25519_KEYSIZE); ExpectIntEQ(XMEMCMP(privateKey, prik, CURVE25519_KEYSIZE), 0); ExpectIntEQ(XMEMCMP(publicKey, pubk, CURVE25519_KEYSIZE), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_curve25519_free(&key); #endif return EXPECT_RESULT(); } /* end of test_wc_curve25519_export_key_raw */ /* * Testing test_wc_curve25519_export_key_raw_ex(). */ static int test_wc_curve25519_export_key_raw_ex(void) { EXPECT_DECLS; #if defined(HAVE_CURVE25519) && defined(HAVE_CURVE25519_KEY_EXPORT) curve25519_key key; WC_RNG rng; byte privateKey[CURVE25519_KEYSIZE]; byte publicKey[CURVE25519_KEYSIZE]; word32 prvkSz; word32 pubkSz; byte prik[CURVE25519_KEYSIZE]; byte pubk[CURVE25519_KEYSIZE]; word32 prksz; word32 pbksz; XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_curve25519_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0); /* bad-argument-test cases - target function should return BAD_FUNC_ARG */ prvkSz = CURVE25519_KEYSIZE; pubkSz = CURVE25519_KEYSIZE; ExpectIntEQ(wc_curve25519_export_key_raw_ex(NULL, privateKey, &prvkSz, publicKey, &pubkSz, EC25519_LITTLE_ENDIAN), BAD_FUNC_ARG); prvkSz = CURVE25519_KEYSIZE; pubkSz = CURVE25519_KEYSIZE; ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, NULL, &prvkSz, publicKey, &pubkSz, EC25519_LITTLE_ENDIAN), BAD_FUNC_ARG); prvkSz = CURVE25519_KEYSIZE; pubkSz = CURVE25519_KEYSIZE; ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey, NULL, publicKey, &pubkSz, EC25519_LITTLE_ENDIAN), BAD_FUNC_ARG); /* prvkSz = CURVE25519_KEYSIZE; */ pubkSz = CURVE25519_KEYSIZE; ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey, &prvkSz, NULL, &pubkSz, EC25519_LITTLE_ENDIAN), BAD_FUNC_ARG); prvkSz = CURVE25519_KEYSIZE; pubkSz = CURVE25519_KEYSIZE; ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey, &prvkSz, publicKey, NULL, EC25519_LITTLE_ENDIAN), BAD_FUNC_ARG); prvkSz = CURVE25519_KEYSIZE; /* pubkSz = CURVE25519_KEYSIZE; */ ExpectIntEQ(wc_curve25519_export_key_raw_ex(NULL, privateKey, &prvkSz, publicKey, &pubkSz, EC25519_BIG_ENDIAN), BAD_FUNC_ARG); prvkSz = CURVE25519_KEYSIZE; pubkSz = CURVE25519_KEYSIZE; ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, NULL, &prvkSz, publicKey, &pubkSz, EC25519_BIG_ENDIAN), BAD_FUNC_ARG); prvkSz = CURVE25519_KEYSIZE; pubkSz = CURVE25519_KEYSIZE; ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey, NULL, publicKey, &pubkSz, EC25519_BIG_ENDIAN), BAD_FUNC_ARG); /* prvkSz = CURVE25519_KEYSIZE; */ pubkSz = CURVE25519_KEYSIZE; ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey, &prvkSz, NULL, &pubkSz, EC25519_BIG_ENDIAN), BAD_FUNC_ARG); prvkSz = CURVE25519_KEYSIZE; pubkSz = CURVE25519_KEYSIZE; ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey, &prvkSz, publicKey, NULL, EC25519_BIG_ENDIAN), BAD_FUNC_ARG); /* illegal value for endian */ prvkSz = CURVE25519_KEYSIZE; /* pubkSz = CURVE25519_KEYSIZE; */ ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey, &prvkSz, publicKey, NULL, EC25519_BIG_ENDIAN + 10), BAD_FUNC_ARG); /* cross-testing */ prksz = CURVE25519_KEYSIZE; ExpectIntEQ(wc_curve25519_export_private_raw( &key, prik, &prksz), 0); pbksz = CURVE25519_KEYSIZE; ExpectIntEQ(wc_curve25519_export_public( &key, pubk, &pbksz), 0); prvkSz = CURVE25519_KEYSIZE; /* pubkSz = CURVE25519_KEYSIZE; */ ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey, &prvkSz, publicKey, &pubkSz, EC25519_BIG_ENDIAN), 0); ExpectIntEQ(prksz, CURVE25519_KEYSIZE); ExpectIntEQ(pbksz, CURVE25519_KEYSIZE); ExpectIntEQ(prvkSz, CURVE25519_KEYSIZE); ExpectIntEQ(pubkSz, CURVE25519_KEYSIZE); ExpectIntEQ(XMEMCMP(privateKey, prik, CURVE25519_KEYSIZE), 0); ExpectIntEQ(XMEMCMP(publicKey, pubk, CURVE25519_KEYSIZE), 0); ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey, &prvkSz, publicKey, &pubkSz, EC25519_LITTLE_ENDIAN), 0); ExpectIntEQ(prvkSz, CURVE25519_KEYSIZE); ExpectIntEQ(pubkSz, CURVE25519_KEYSIZE); /* try once with another endian */ prvkSz = CURVE25519_KEYSIZE; pubkSz = CURVE25519_KEYSIZE; ExpectIntEQ(wc_curve25519_export_key_raw_ex( &key, privateKey, &prvkSz, publicKey, &pubkSz, EC25519_BIG_ENDIAN), 0); ExpectIntEQ(prvkSz, CURVE25519_KEYSIZE); ExpectIntEQ(pubkSz, CURVE25519_KEYSIZE); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_curve25519_free(&key); #endif return EXPECT_RESULT(); } /* end of test_wc_curve25519_export_key_raw_ex */ /* * Testing wc_curve25519_make_key */ static int test_wc_curve25519_make_key(void) { EXPECT_DECLS; #if defined(HAVE_CURVE25519) curve25519_key key; WC_RNG rng; int keysize; XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_curve25519_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0); ExpectIntEQ(keysize = wc_curve25519_size(&key), CURVE25519_KEYSIZE); ExpectIntEQ(wc_curve25519_make_key(&rng, keysize, &key), 0); /* test bad cases*/ ExpectIntEQ(wc_curve25519_make_key(NULL, 0, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_curve25519_make_key(&rng, keysize, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_curve25519_make_key(NULL, keysize, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_curve25519_make_key(&rng, 0, &key), ECC_BAD_ARG_E); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_curve25519_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_curve25519_make_key*/ /* * Testing wc_curve25519_shared_secret_ex */ static int test_wc_curve25519_shared_secret_ex(void) { EXPECT_DECLS; #if defined(HAVE_CURVE25519) curve25519_key private_key; curve25519_key public_key; WC_RNG rng; byte out[CURVE25519_KEYSIZE]; word32 outLen = sizeof(out); int endian = EC25519_BIG_ENDIAN; ExpectIntEQ(wc_curve25519_init(&private_key), 0); ExpectIntEQ(wc_curve25519_init(&public_key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &private_key), 0); ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &public_key), 0); ExpectIntEQ(wc_curve25519_shared_secret_ex(&private_key, &public_key, out, &outLen, endian), 0); /* test bad cases*/ ExpectIntEQ(wc_curve25519_shared_secret_ex(NULL, NULL, NULL, 0, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve25519_shared_secret_ex(NULL, &public_key, out, &outLen, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve25519_shared_secret_ex(&private_key, NULL, out, &outLen, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve25519_shared_secret_ex(&private_key, &public_key, NULL, &outLen, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve25519_shared_secret_ex(&private_key, &public_key, out, NULL, endian), BAD_FUNC_ARG); /* curve25519.c is checking for public_key size less than or equal to 0x7f, * increasing to 0x8f checks for error being returned*/ public_key.p.point[CURVE25519_KEYSIZE-1] = 0x8F; ExpectIntEQ(wc_curve25519_shared_secret_ex(&private_key, &public_key, out, &outLen, endian), ECC_BAD_ARG_E); outLen = outLen - 2; ExpectIntEQ(wc_curve25519_shared_secret_ex(&private_key, &public_key, out, &outLen, endian), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_curve25519_free(&private_key); wc_curve25519_free(&public_key); #endif return EXPECT_RESULT(); } /* END test_wc_curve25519_shared_secret_ex*/ /* * Testing wc_curve25519_make_pub */ static int test_wc_curve25519_make_pub(void) { EXPECT_DECLS; #ifdef HAVE_CURVE25519 curve25519_key key; WC_RNG rng; byte out[CURVE25519_KEYSIZE]; XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_curve25519_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0); ExpectIntEQ(wc_curve25519_make_pub((int)sizeof(out), out, (int)sizeof(key.k), key.k), 0); /* test bad cases*/ ExpectIntEQ(wc_curve25519_make_pub((int)sizeof(key.k) - 1, key.k, (int)sizeof out, out), ECC_BAD_ARG_E); ExpectIntEQ(wc_curve25519_make_pub((int)sizeof out, out, (int)sizeof(key.k), NULL), ECC_BAD_ARG_E); ExpectIntEQ(wc_curve25519_make_pub((int)sizeof out - 1, out, (int)sizeof(key.k), key.k), ECC_BAD_ARG_E); ExpectIntEQ(wc_curve25519_make_pub((int)sizeof out, NULL, (int)sizeof(key.k), key.k), ECC_BAD_ARG_E); /* verify clamping test */ key.k[0] |= ~248; ExpectIntEQ(wc_curve25519_make_pub((int)sizeof out, out, (int)sizeof(key.k), key.k), ECC_BAD_ARG_E); key.k[0] &= 248; /* repeat the expected-to-succeed test. */ ExpectIntEQ(wc_curve25519_make_pub((int)sizeof out, out, (int)sizeof(key.k), key.k), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_curve25519_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_curve25519_make_pub */ /* * Testing test_wc_curve25519_export_public_ex */ static int test_wc_curve25519_export_public_ex(void) { EXPECT_DECLS; #if defined(HAVE_CURVE25519) curve25519_key key; WC_RNG rng; byte out[CURVE25519_KEYSIZE]; word32 outLen = sizeof(out); int endian = EC25519_BIG_ENDIAN; XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_curve25519_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0); ExpectIntEQ(wc_curve25519_export_public(&key, out, &outLen), 0); ExpectIntEQ(wc_curve25519_export_public_ex(&key, out, &outLen, endian), 0); /* test bad cases*/ ExpectIntEQ(wc_curve25519_export_public_ex(NULL, NULL, NULL, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve25519_export_public_ex(NULL, out, &outLen, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve25519_export_public_ex(&key, NULL, &outLen, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve25519_export_public_ex(&key, out, NULL, endian), BAD_FUNC_ARG); outLen = outLen - 2; ExpectIntEQ(wc_curve25519_export_public_ex(&key, out, &outLen, endian), ECC_BAD_ARG_E); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_curve25519_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_curve25519_export_public_ex*/ /* * Testing test_wc_curve25519_import_private_raw_ex */ static int test_wc_curve25519_import_private_raw_ex(void) { EXPECT_DECLS; #if defined(HAVE_CURVE25519) curve25519_key key; WC_RNG rng; byte priv[CURVE25519_KEYSIZE]; byte pub[CURVE25519_KEYSIZE]; word32 privSz = sizeof(priv); word32 pubSz = sizeof(pub); int endian = EC25519_BIG_ENDIAN; XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_curve25519_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0); ExpectIntEQ(wc_curve25519_export_private_raw_ex(&key, priv, &privSz, endian), 0); ExpectIntEQ(wc_curve25519_export_public(&key, pub, &pubSz), 0); ExpectIntEQ(wc_curve25519_import_private_raw_ex(priv, privSz, pub, pubSz, &key, endian), 0); /* test bad cases*/ ExpectIntEQ(wc_curve25519_import_private_raw_ex(NULL, 0, NULL, 0, NULL, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve25519_import_private_raw_ex(NULL, privSz, pub, pubSz, &key, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve25519_import_private_raw_ex(priv, privSz, NULL, pubSz, &key, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve25519_import_private_raw_ex(priv, privSz, pub, pubSz, NULL, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve25519_import_private_raw_ex(priv, 0, pub, pubSz, &key, endian), ECC_BAD_ARG_E); ExpectIntEQ(wc_curve25519_import_private_raw_ex(priv, privSz, pub, 0, &key, endian), ECC_BAD_ARG_E); ExpectIntEQ(wc_curve25519_import_private_raw_ex(priv, privSz, pub, pubSz, &key, EC25519_LITTLE_ENDIAN), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_curve25519_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_curve25519_import_private_raw_ex*/ /* * Testing test_wc_curve25519_import_private */ static int test_wc_curve25519_import_private(void) { EXPECT_DECLS; #if defined(HAVE_CURVE25519) curve25519_key key; WC_RNG rng; byte priv[CURVE25519_KEYSIZE]; word32 privSz = sizeof(priv); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_curve25519_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0); ExpectIntEQ(wc_curve25519_export_private_raw(&key, priv, &privSz), 0); ExpectIntEQ(wc_curve25519_import_private(priv, privSz, &key), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_curve25519_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_curve25519_import*/ /* * Testing test_wc_curve25519_export_private_raw_ex */ static int test_wc_curve25519_export_private_raw_ex(void) { EXPECT_DECLS; #if defined(HAVE_CURVE25519) curve25519_key key; byte out[CURVE25519_KEYSIZE]; word32 outLen = sizeof(out); int endian = EC25519_BIG_ENDIAN; ExpectIntEQ(wc_curve25519_init(&key), 0); ExpectIntEQ(wc_curve25519_export_private_raw_ex(&key, out, &outLen, endian), 0); /* test bad cases*/ ExpectIntEQ(wc_curve25519_export_private_raw_ex(NULL, NULL, NULL, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve25519_export_private_raw_ex(NULL, out, &outLen, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve25519_export_private_raw_ex(&key, NULL, &outLen, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve25519_export_private_raw_ex(&key, out, NULL, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve25519_export_private_raw_ex(&key, out, &outLen, EC25519_LITTLE_ENDIAN), 0); outLen = outLen - 2; ExpectIntEQ(wc_curve25519_export_private_raw_ex(&key, out, &outLen, endian), ECC_BAD_ARG_E); wc_curve25519_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_curve25519_export_private_raw_ex*/ /* * Testing wc_ed448_make_key(). */ static int test_wc_ed448_make_key(void) { EXPECT_DECLS; #if defined(HAVE_ED448) ed448_key key; WC_RNG rng; unsigned char pubkey[ED448_PUB_KEY_SIZE]; XMEMSET(&key, 0, sizeof(ed448_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_ed448_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_ed448_make_public(&key, pubkey, sizeof(pubkey)), ECC_PRIV_KEY_E); ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0); /* Test bad args. */ ExpectIntEQ(wc_ed448_make_key(NULL, ED448_KEY_SIZE, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE - 1, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE + 1, &key), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ed448_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_ed448_make_key */ /* * Testing wc_ed448_init() */ static int test_wc_ed448_init(void) { EXPECT_DECLS; #if defined(HAVE_ED448) ed448_key key; XMEMSET(&key, 0, sizeof(ed448_key)); ExpectIntEQ(wc_ed448_init(&key), 0); /* Test bad args. */ ExpectIntEQ(wc_ed448_init(NULL), BAD_FUNC_ARG); wc_ed448_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_ed448_init */ /* * Test wc_ed448_sign_msg() and wc_ed448_verify_msg() */ static int test_wc_ed448_sign_msg(void) { EXPECT_DECLS; #if defined(HAVE_ED448) && defined(HAVE_ED448_SIGN) ed448_key key; WC_RNG rng; byte msg[] = "Everybody gets Friday off.\n"; byte sig[ED448_SIG_SIZE]; word32 msglen = sizeof(msg); word32 siglen = sizeof(sig); word32 badSigLen = sizeof(sig) - 1; #ifdef HAVE_ED448_VERIFY int verify_ok = 0; /*1 = Verify success.*/ #endif /* Initialize stack variables. */ XMEMSET(&key, 0, sizeof(ed448_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); XMEMSET(sig, 0, siglen); /* Initialize key. */ ExpectIntEQ(wc_ed448_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0); ExpectIntEQ(wc_ed448_sign_msg(msg, msglen, sig, &siglen, &key, NULL, 0), 0); ExpectIntEQ(siglen, ED448_SIG_SIZE); /* Test bad args. */ ExpectIntEQ(wc_ed448_sign_msg(NULL, msglen, sig, &siglen, &key, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_sign_msg(msg, msglen, NULL, &siglen, &key, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_sign_msg(msg, msglen, sig, NULL, &key, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_sign_msg(msg, msglen, sig, &siglen, NULL, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_sign_msg(msg, msglen, sig, &badSigLen, &key, NULL, 0), BUFFER_E); ExpectIntEQ(badSigLen, ED448_SIG_SIZE); badSigLen -= 1; #ifdef HAVE_ED448_VERIFY ExpectIntEQ(wc_ed448_verify_msg(sig, siglen, msg, msglen, &verify_ok, &key, NULL, 0), 0); ExpectIntEQ(verify_ok, 1); /* Test bad args. */ ExpectIntEQ(wc_ed448_verify_msg(sig, siglen - 1, msg, msglen, &verify_ok, &key, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_verify_msg(sig, siglen + 1, msg, msglen, &verify_ok, &key, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_verify_msg(NULL, siglen, msg, msglen, &verify_ok, &key, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_verify_msg(sig, siglen, NULL, msglen, &verify_ok, &key, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_verify_msg(sig, siglen, msg, msglen, NULL, &key, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_verify_msg(sig, siglen, msg, msglen, &verify_ok, NULL, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_verify_msg(sig, badSigLen, msg, msglen, &verify_ok, &key, NULL, 0), BAD_FUNC_ARG); #endif /* Verify. */ DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ed448_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_ed448_sign_msg */ /* * Testing wc_ed448_import_public() */ static int test_wc_ed448_import_public(void) { EXPECT_DECLS; #if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT) ed448_key pubKey; WC_RNG rng; const byte in[] = "Ed448PublicKeyUnitTest.................................\n"; word32 inlen = sizeof(in); XMEMSET(&pubKey, 0, sizeof(ed448_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_ed448_init(&pubKey), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &pubKey), 0); ExpectIntEQ(wc_ed448_import_public_ex(in, inlen, &pubKey, 1), 0); ExpectIntEQ(XMEMCMP(in, pubKey.p, inlen), 0); /* Test bad args. */ ExpectIntEQ(wc_ed448_import_public(NULL, inlen, &pubKey), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_import_public(in, inlen, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_import_public(in, inlen - 1, &pubKey), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ed448_free(&pubKey); #endif return EXPECT_RESULT(); } /* END wc_ed448_import_public */ /* * Testing wc_ed448_import_private_key() */ static int test_wc_ed448_import_private_key(void) { EXPECT_DECLS; #if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT) ed448_key key; WC_RNG rng; const byte privKey[] = "Ed448PrivateKeyUnitTest................................\n"; const byte pubKey[] = "Ed448PublicKeyUnitTest.................................\n"; word32 privKeySz = sizeof(privKey); word32 pubKeySz = sizeof(pubKey); #ifdef HAVE_ED448_KEY_EXPORT byte bothKeys[sizeof(privKey) + sizeof(pubKey)]; word32 bothKeysSz = sizeof(bothKeys); #endif XMEMSET(&key, 0, sizeof(ed448_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_ed448_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0); ExpectIntEQ(wc_ed448_import_private_key_ex(privKey, privKeySz, pubKey, pubKeySz, &key, 1), 0); ExpectIntEQ(XMEMCMP(pubKey, key.p, privKeySz), 0); ExpectIntEQ(XMEMCMP(privKey, key.k, pubKeySz), 0); #ifdef HAVE_ED448_KEY_EXPORT ExpectIntEQ(wc_ed448_export_private(&key, bothKeys, &bothKeysSz), 0); ExpectIntEQ(wc_ed448_import_private_key_ex(bothKeys, bothKeysSz, NULL, 0, &key, 1), 0); ExpectIntEQ(XMEMCMP(pubKey, key.p, privKeySz), 0); ExpectIntEQ(XMEMCMP(privKey, key.k, pubKeySz), 0); #endif /* Test bad args. */ ExpectIntEQ(wc_ed448_import_private_key(NULL, privKeySz, pubKey, pubKeySz, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_import_private_key(privKey, privKeySz, NULL, pubKeySz, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_import_private_key(privKey, privKeySz, pubKey, pubKeySz, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_import_private_key(privKey, privKeySz - 1, pubKey, pubKeySz, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_import_private_key(privKey, privKeySz, pubKey, pubKeySz - 1, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_import_private_key(privKey, privKeySz, NULL, 0, &key), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ed448_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_ed448_import_private_key */ /* * Testing wc_ed448_export_public() and wc_ed448_export_private_only() */ static int test_wc_ed448_export(void) { EXPECT_DECLS; #if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) ed448_key key; WC_RNG rng; byte priv[ED448_PRV_KEY_SIZE]; byte pub[ED448_PUB_KEY_SIZE]; word32 privSz = sizeof(priv); word32 pubSz = sizeof(pub); XMEMSET(&key, 0, sizeof(ed448_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_ed448_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0); ExpectIntEQ(wc_ed448_export_public(&key, pub, &pubSz), 0); ExpectIntEQ(pubSz, ED448_KEY_SIZE); ExpectIntEQ(XMEMCMP(key.p, pub, pubSz), 0); /* Test bad args. */ ExpectIntEQ(wc_ed448_export_public(NULL, pub, &pubSz), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_export_public(&key, NULL, &pubSz), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_export_public(&key, pub, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_export_private_only(&key, priv, &privSz), 0); ExpectIntEQ(privSz, ED448_KEY_SIZE); ExpectIntEQ(XMEMCMP(key.k, priv, privSz), 0); /* Test bad args. */ ExpectIntEQ(wc_ed448_export_private_only(NULL, priv, &privSz), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_export_private_only(&key, NULL, &privSz), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_export_private_only(&key, priv, NULL), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ed448_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_ed448_export */ /* * Testing wc_ed448_size() */ static int test_wc_ed448_size(void) { EXPECT_DECLS; #if defined(HAVE_ED448) ed448_key key; WC_RNG rng; XMEMSET(&key, 0, sizeof(ed448_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_ed448_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0); ExpectIntEQ(wc_ed448_size(&key), ED448_KEY_SIZE); /* Test bad args. */ ExpectIntEQ(wc_ed448_size(NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_sig_size(&key), ED448_SIG_SIZE); /* Test bad args. */ ExpectIntEQ(wc_ed448_sig_size(NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_pub_size(&key), ED448_PUB_KEY_SIZE); /* Test bad args. */ ExpectIntEQ(wc_ed448_pub_size(NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_priv_size(&key), ED448_PRV_KEY_SIZE); /* Test bad args. */ ExpectIntEQ(wc_ed448_priv_size(NULL), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ed448_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_ed448_size */ /* * Testing wc_ed448_export_private() and wc_ed448_export_key() */ static int test_wc_ed448_exportKey(void) { EXPECT_DECLS; #if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) ed448_key key; WC_RNG rng; byte priv[ED448_PRV_KEY_SIZE]; byte pub[ED448_PUB_KEY_SIZE]; byte privOnly[ED448_PRV_KEY_SIZE]; word32 privSz = sizeof(priv); word32 pubSz = sizeof(pub); word32 privOnlySz = sizeof(privOnly); XMEMSET(&key, 0, sizeof(ed448_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_ed448_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0); ExpectIntEQ(wc_ed448_export_private(&key, privOnly, &privOnlySz), 0); /* Test bad args. */ ExpectIntEQ(wc_ed448_export_private(NULL, privOnly, &privOnlySz), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_export_private(&key, NULL, &privOnlySz), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_export_private(&key, privOnly, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_export_key(&key, priv, &privSz, pub, &pubSz), 0); /* Test bad args. */ ExpectIntEQ(wc_ed448_export_key(NULL, priv, &privSz, pub, &pubSz), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_export_key(&key, NULL, &privSz, pub, &pubSz), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_export_key(&key, priv, NULL, pub, &pubSz), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_export_key(&key, priv, &privSz, NULL, &pubSz), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_export_key(&key, priv, &privSz, pub, NULL), BAD_FUNC_ARG); /* Cross check output. */ ExpectIntEQ(XMEMCMP(priv, privOnly, privSz), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ed448_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_ed448_exportKey */ /* * Testing wc_Ed448PublicKeyToDer */ static int test_wc_Ed448PublicKeyToDer(void) { EXPECT_DECLS; #if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) && \ (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)) ed448_key key; byte derBuf[1024]; XMEMSET(&key, 0, sizeof(ed448_key)); /* Test bad args */ ExpectIntEQ(wc_Ed448PublicKeyToDer(NULL, NULL, 0, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_ed448_init(&key), 0); ExpectIntEQ(wc_Ed448PublicKeyToDer(&key, derBuf, 0, 0), BUFFER_E); wc_ed448_free(&key); /* Test good args */ if (EXPECT_SUCCESS()) { WC_RNG rng; XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_ed448_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0); ExpectIntGT(wc_Ed448PublicKeyToDer(&key, derBuf, 1024, 1), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ed448_free(&key); } #endif return EXPECT_RESULT(); } /* END testing wc_Ed448PublicKeyToDer */ /* * Testing wc_curve448_init and wc_curve448_free. */ static int test_wc_curve448_init(void) { EXPECT_DECLS; #if defined(HAVE_CURVE448) curve448_key key; /* Test bad args for wc_curve448_init */ ExpectIntEQ(wc_curve448_init(&key), 0); /* Test bad args for wc_curve448_init */ ExpectIntEQ(wc_curve448_init(NULL), BAD_FUNC_ARG); /* Test good args for wc_curve_448_free */ wc_curve448_free(&key); /* Test bad args for wc_curve448_free */ wc_curve448_free(NULL); #endif return EXPECT_RESULT(); } /* END test_wc_curve448_init and wc_curve_448_free*/ /* * Testing wc_curve448_make_key */ static int test_wc_curve448_make_key(void) { EXPECT_DECLS; #if defined(HAVE_CURVE448) curve448_key key; WC_RNG rng; int keysize; XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_curve448_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key), 0); ExpectIntEQ(keysize = wc_curve448_size(&key), CURVE448_KEY_SIZE); ExpectIntEQ(wc_curve448_make_key(&rng, keysize, &key), 0); /* test bad cases */ ExpectIntEQ(wc_curve448_make_key(NULL, 0, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_curve448_make_key(&rng, keysize, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_curve448_make_key(NULL, keysize, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_curve448_make_key(&rng, 0, &key), ECC_BAD_ARG_E); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_curve448_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_curve448_make_key*/ /* * Testing test_wc_curve448_shared_secret_ex */ static int test_wc_curve448_shared_secret_ex(void) { EXPECT_DECLS; #if defined(HAVE_CURVE448) curve448_key private_key; curve448_key public_key; WC_RNG rng; byte out[CURVE448_KEY_SIZE]; word32 outLen = sizeof(out); int endian = EC448_BIG_ENDIAN; XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_curve448_init(&private_key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &private_key), 0); ExpectIntEQ(wc_curve448_init(&public_key), 0); ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &public_key), 0); ExpectIntEQ(wc_curve448_shared_secret_ex(&private_key, &public_key, out, &outLen, endian), 0); /* test bad cases */ ExpectIntEQ(wc_curve448_shared_secret_ex(NULL, NULL, NULL, 0, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve448_shared_secret_ex(NULL, &public_key, out, &outLen, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve448_shared_secret_ex(&private_key, NULL, out, &outLen, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve448_shared_secret_ex(&private_key, &public_key, NULL, &outLen, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve448_shared_secret_ex(&private_key, &public_key, out, NULL, endian), BAD_FUNC_ARG); outLen = outLen - 2; ExpectIntEQ(wc_curve448_shared_secret_ex(&private_key, &public_key, out, &outLen, endian), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_curve448_free(&private_key); wc_curve448_free(&public_key); #endif return EXPECT_RESULT(); } /* END test_wc_curve448_shared_secret_ex*/ /* * Testing test_wc_curve448_export_public_ex */ static int test_wc_curve448_export_public_ex(void) { EXPECT_DECLS; #if defined(HAVE_CURVE448) WC_RNG rng; curve448_key key; byte out[CURVE448_KEY_SIZE]; word32 outLen = sizeof(out); int endian = EC448_BIG_ENDIAN; XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_curve448_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key), 0); ExpectIntEQ(wc_curve448_export_public(&key, out, &outLen), 0); ExpectIntEQ(wc_curve448_export_public_ex(&key, out, &outLen, endian), 0); /* test bad cases*/ ExpectIntEQ(wc_curve448_export_public_ex(NULL, NULL, NULL, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve448_export_public_ex(NULL, out, &outLen, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve448_export_public_ex(&key, NULL, &outLen, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve448_export_public_ex(&key, out, NULL, endian), BAD_FUNC_ARG); outLen = outLen - 2; ExpectIntEQ(wc_curve448_export_public_ex(&key, out, &outLen, endian), ECC_BAD_ARG_E); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_curve448_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_curve448_export_public_ex*/ /* * Testing test_wc_curve448_export_private_raw_ex */ static int test_wc_curve448_export_private_raw_ex(void) { EXPECT_DECLS; #if defined(HAVE_CURVE448) curve448_key key; byte out[CURVE448_KEY_SIZE]; word32 outLen = sizeof(out); int endian = EC448_BIG_ENDIAN; ExpectIntEQ(wc_curve448_init(&key), 0); ExpectIntEQ(wc_curve448_export_private_raw_ex(&key, out, &outLen, endian), 0); /* test bad cases*/ ExpectIntEQ(wc_curve448_export_private_raw_ex(NULL, NULL, NULL, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve448_export_private_raw_ex(NULL, out, &outLen, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve448_export_private_raw_ex(&key, NULL, &outLen, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve448_export_private_raw_ex(&key, out, NULL, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve448_export_private_raw_ex(&key, out, &outLen, EC448_LITTLE_ENDIAN), 0); outLen = outLen - 2; ExpectIntEQ(wc_curve448_export_private_raw_ex(&key, out, &outLen, endian), ECC_BAD_ARG_E); wc_curve448_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_curve448_export_private_raw_ex*/ /* * Testing test_wc_curve448_import_private_raw_ex */ static int test_wc_curve448_import_private_raw_ex(void) { EXPECT_DECLS; #if defined(HAVE_CURVE448) curve448_key key; WC_RNG rng; byte priv[CURVE448_KEY_SIZE]; byte pub[CURVE448_KEY_SIZE]; word32 privSz = sizeof(priv); word32 pubSz = sizeof(pub); int endian = EC448_BIG_ENDIAN; XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_curve448_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key), 0); ExpectIntEQ(wc_curve448_export_private_raw(&key, priv, &privSz), 0); ExpectIntEQ(wc_curve448_export_public(&key, pub, &pubSz), 0); ExpectIntEQ(wc_curve448_import_private_raw_ex(priv, privSz, pub, pubSz, &key, endian), 0); /* test bad cases */ ExpectIntEQ(wc_curve448_import_private_raw_ex(NULL, 0, NULL, 0, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_curve448_import_private_raw_ex(NULL, privSz, pub, pubSz, &key, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve448_import_private_raw_ex(priv, privSz, NULL, pubSz, &key, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve448_import_private_raw_ex(priv, privSz, pub, pubSz, NULL, endian), BAD_FUNC_ARG); ExpectIntEQ(wc_curve448_import_private_raw_ex(priv, 0, pub, pubSz, &key, endian), ECC_BAD_ARG_E); ExpectIntEQ(wc_curve448_import_private_raw_ex(priv, privSz, pub, 0, &key, endian), ECC_BAD_ARG_E); ExpectIntEQ(wc_curve448_import_private_raw_ex(priv, privSz, pub, pubSz, &key, EC448_LITTLE_ENDIAN), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_curve448_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_curve448_import_private_raw_ex*/ /* * Testing test_curve448_export_key_raw */ static int test_wc_curve448_export_key_raw(void) { EXPECT_DECLS; #if defined(HAVE_CURVE448) curve448_key key; WC_RNG rng; byte priv[CURVE448_KEY_SIZE]; byte pub[CURVE448_KEY_SIZE]; word32 privSz = sizeof(priv); word32 pubSz = sizeof(pub); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_curve448_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key), 0); ExpectIntEQ(wc_curve448_export_private_raw(&key, priv, &privSz), 0); ExpectIntEQ(wc_curve448_export_public(&key, pub, &pubSz), 0); ExpectIntEQ(wc_curve448_export_key_raw(&key, priv, &privSz, pub, &pubSz), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_curve448_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_curve448_import_private_raw_ex*/ /* * Testing test_wc_curve448_import_private */ static int test_wc_curve448_import_private(void) { EXPECT_DECLS; #if defined(HAVE_CURVE448) curve448_key key; WC_RNG rng; byte priv[CURVE448_KEY_SIZE]; word32 privSz = sizeof(priv); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_curve448_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key), 0); ExpectIntEQ(wc_curve448_export_private_raw(&key, priv, &privSz), 0); ExpectIntEQ(wc_curve448_import_private(priv, privSz, &key), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_curve448_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_curve448_import*/ /* * Testing test_wc_curve448_size. */ static int test_wc_curve448_size(void) { EXPECT_DECLS; #if defined(HAVE_CURVE448) curve448_key key; ExpectIntEQ(wc_curve448_init(&key), 0); /* Test good args for wc_curve448_size */ ExpectIntEQ(wc_curve448_size(&key), CURVE448_KEY_SIZE); /* Test bad args for wc_curve448_size */ ExpectIntEQ(wc_curve448_size(NULL), 0); wc_curve448_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_curve448_size*/ /* * Testing wc_ecc_make_key. */ static int test_wc_ecc_make_key(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && !defined(WC_NO_RNG) ecc_key key; WC_RNG rng; int ret; XMEMSET(&key, 0, sizeof(ecc_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_ecc_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ret = wc_ecc_make_key(&rng, KEY14, &key); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); #endif ExpectIntEQ(ret, 0); /* Pass in bad args. */ ExpectIntEQ(wc_ecc_make_key(NULL, KEY14, &key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_make_key(&rng, KEY14, NULL), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ecc_free(&key); #ifdef FP_ECC wc_ecc_fp_free(); #endif #endif return EXPECT_RESULT(); } /* END test_wc_ecc_make_key */ /* * Testing wc_ecc_init() */ static int test_wc_ecc_init(void) { EXPECT_DECLS; #ifdef HAVE_ECC ecc_key key; XMEMSET(&key, 0, sizeof(ecc_key)); ExpectIntEQ(wc_ecc_init(&key), 0); /* Pass in bad args. */ ExpectIntEQ(wc_ecc_init(NULL), BAD_FUNC_ARG); wc_ecc_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_ecc_init */ /* * Testing wc_ecc_check_key() */ static int test_wc_ecc_check_key(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && !defined(WC_NO_RNG) ecc_key key; WC_RNG rng; int ret; XMEMSET(&rng, 0, sizeof(rng)); XMEMSET(&key, 0, sizeof(key)); ExpectIntEQ(wc_ecc_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ret = wc_ecc_make_key(&rng, KEY14, &key); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); #endif ExpectIntEQ(ret, 0); ExpectIntEQ(wc_ecc_check_key(&key), 0); /* Pass in bad args. */ ExpectIntEQ(wc_ecc_check_key(NULL), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ecc_free(&key); #ifdef FP_ECC wc_ecc_fp_free(); #endif #endif return EXPECT_RESULT(); } /* END test_wc_ecc_check_key */ /* * Testing wc_ecc_get_generator() */ static int test_wc_ecc_get_generator(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && !defined(WC_NO_RNG) && !defined(HAVE_SELFTEST) && \ !defined(HAVE_FIPS) && defined(OPENSSL_EXTRA) ecc_point* pt = NULL; ExpectNotNull(pt = wc_ecc_new_point()); ExpectIntEQ(wc_ecc_get_generator(pt, wc_ecc_get_curve_idx(ECC_SECP256R1)), MP_OKAY); /* Test bad args. */ /* Returns Zero for bad arg. */ ExpectIntNE(wc_ecc_get_generator(pt, -1), MP_OKAY); ExpectIntNE(wc_ecc_get_generator(NULL, wc_ecc_get_curve_idx(ECC_SECP256R1)), MP_OKAY); /* If we ever get to 1000 curves increase this number */ ExpectIntNE(wc_ecc_get_generator(pt, 1000), MP_OKAY); ExpectIntNE(wc_ecc_get_generator(NULL, -1), MP_OKAY); wc_ecc_del_point(pt); #endif return EXPECT_RESULT(); } /* END test_wc_ecc_get_generator */ /* * Testing wc_ecc_size() */ static int test_wc_ecc_size(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && !defined(WC_NO_RNG) WC_RNG rng; ecc_key key; int ret; XMEMSET(&key, 0, sizeof(ecc_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_ecc_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ret = wc_ecc_make_key(&rng, KEY14, &key); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); #endif ExpectIntEQ(ret, 0); ExpectIntEQ(wc_ecc_size(&key), KEY14); /* Test bad args. */ /* Returns Zero for bad arg. */ ExpectIntEQ(wc_ecc_size(NULL), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ecc_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_ecc_size */ static int test_wc_ecc_params(void) { EXPECT_DECLS; /* FIPS/CAVP self-test modules do not have `wc_ecc_get_curve_params`. It was added after certifications */ #if defined(HAVE_ECC) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) const ecc_set_type* ecc_set; #if !defined(NO_ECC256) && !defined(NO_ECC_SECP) /* Test for SECP256R1 curve */ int curve_id = ECC_SECP256R1; int curve_idx; ExpectIntNE(curve_idx = wc_ecc_get_curve_idx(curve_id), ECC_CURVE_INVALID); ExpectNotNull(ecc_set = wc_ecc_get_curve_params(curve_idx)); ExpectIntEQ(ecc_set->id, curve_id); #endif /* Test case when SECP256R1 is not enabled */ /* Test that we get curve params for index 0 */ ExpectNotNull(ecc_set = wc_ecc_get_curve_params(0)); #endif /* HAVE_ECC && !HAVE_FIPS && !HAVE_SELFTEST */ return EXPECT_RESULT(); } /* * Testing wc_ecc_sign_hash() and wc_ecc_verify_hash() */ static int test_wc_ecc_signVerify_hash(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && defined(HAVE_ECC_SIGN) && !defined(NO_ASN) && !defined(WC_NO_RNG) ecc_key key; WC_RNG rng; int ret; #ifdef HAVE_ECC_VERIFY int verify = 0; #endif word32 siglen = ECC_BUFSIZE; byte sig[ECC_BUFSIZE]; byte adjustedSig[ECC_BUFSIZE+1]; byte digest[] = TEST_STRING; word32 digestlen = (word32)TEST_STRING_SZ; /* Init stack var */ XMEMSET(&key, 0, sizeof(ecc_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); XMEMSET(sig, 0, siglen); XMEMSET(adjustedSig, 0, ECC_BUFSIZE+1); /* Init structs. */ ExpectIntEQ(wc_ecc_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ret = wc_ecc_make_key(&rng, KEY14, &key); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); #endif ExpectIntEQ(ret, 0); ExpectIntEQ(wc_ecc_sign_hash(digest, digestlen, sig, &siglen, &rng, &key), 0); /* Check bad args. */ ExpectIntEQ(wc_ecc_sign_hash(NULL, digestlen, sig, &siglen, &rng, &key), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_sign_hash(digest, digestlen, NULL, &siglen, &rng, &key), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_sign_hash(digest, digestlen, sig, NULL, &rng, &key), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_sign_hash(digest, digestlen, sig, &siglen, NULL, &key), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_sign_hash(digest, digestlen, sig, &siglen, &rng, NULL), ECC_BAD_ARG_E); #ifdef HAVE_ECC_VERIFY ExpectIntEQ(wc_ecc_verify_hash(sig, siglen, digest, digestlen, &verify, &key), 0); ExpectIntEQ(verify, 1); /* test check on length of signature passed in */ XMEMCPY(adjustedSig, sig, siglen); adjustedSig[1] = adjustedSig[1] + 1; /* add 1 to length for extra byte*/ #ifndef NO_STRICT_ECDSA_LEN ExpectIntNE(wc_ecc_verify_hash(adjustedSig, siglen+1, digest, digestlen, &verify, &key), 0); #else /* if NO_STRICT_ECDSA_LEN is set then extra bytes after the signature * is allowed */ ExpectIntEQ(wc_ecc_verify_hash(adjustedSig, siglen+1, digest, digestlen, &verify, &key), 0); #endif /* Test bad args. */ ExpectIntEQ(wc_ecc_verify_hash(NULL, siglen, digest, digestlen, &verify, &key), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_verify_hash(sig, siglen, NULL, digestlen, &verify, &key), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_verify_hash(sig, siglen, digest, digestlen, NULL, &key), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_verify_hash(sig, siglen, digest, digestlen, &verify, NULL), ECC_BAD_ARG_E); #endif /* HAVE_ECC_VERIFY */ DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ecc_free(&key); #ifdef FP_ECC wc_ecc_fp_free(); #endif #endif return EXPECT_RESULT(); } /* END test_wc_ecc_sign_hash */ /* * Testing wc_ecc_shared_secret() */ static int test_wc_ecc_shared_secret(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && defined(HAVE_ECC_DHE) && !defined(WC_NO_RNG) ecc_key key; ecc_key pubKey; WC_RNG rng; #if defined(NO_ECC256) int ret; #endif byte out[KEY32]; int keySz = sizeof(out); word32 outlen = (word32)sizeof(out); #if defined(HAVE_ECC) && !defined(NO_ECC256) const char* qx = "bb33ac4c27504ac64aa504c33cde9f36db722dce94ea2bfacb2009392c16e861"; const char* qy = "02e9af4dd302939a315b9792217ff0cf18da9111023486e82058330b803489d8"; const char* d = "45b66902739c6c85a1385b72e8e8c7acc4038d533504fa6c28dc348de1a8098c"; const char* curveName = "SECP256R1"; const byte expected_shared_secret[] = { 0x65, 0xc0, 0xd4, 0x61, 0x17, 0xe6, 0x09, 0x75, 0xf0, 0x12, 0xa0, 0x4d, 0x0b, 0x41, 0x30, 0x7a, 0x51, 0xf0, 0xb3, 0xaf, 0x23, 0x8f, 0x0f, 0xdf, 0xf1, 0xff, 0x23, 0x64, 0x28, 0xca, 0xf8, 0x06 }; #endif PRIVATE_KEY_UNLOCK(); /* Initialize variables. */ XMEMSET(&key, 0, sizeof(ecc_key)); XMEMSET(&pubKey, 0, sizeof(ecc_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); XMEMSET(out, 0, keySz); ExpectIntEQ(wc_ecc_init(&key), 0); ExpectIntEQ(wc_ecc_init(&pubKey), 0); ExpectIntEQ(wc_InitRng(&rng), 0); #if !defined(NO_ECC256) ExpectIntEQ(wc_ecc_import_raw(&key, qx, qy, d, curveName), 0); ExpectIntEQ(wc_ecc_import_raw(&pubKey, qx, qy, NULL, curveName), 0); #else ret = wc_ecc_make_key(&rng, keySz, &key); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); #endif ExpectIntEQ(ret, 0); ret = wc_ecc_make_key(&rng, keySz, &key); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); #endif ExpectIntEQ(ret, 0); #endif #if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \ !defined(HAVE_SELFTEST) ExpectIntEQ(wc_ecc_set_rng(&key, &rng), 0); #endif ExpectIntEQ(wc_ecc_shared_secret(&key, &pubKey, out, &outlen), 0); #if !defined(NO_ECC256) ExpectIntEQ(XMEMCMP(out, expected_shared_secret, outlen), 0); #endif /* Test bad args. */ ExpectIntEQ(wc_ecc_shared_secret(NULL, &pubKey, out, &outlen), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_shared_secret(&key, NULL, out, &outlen), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_shared_secret(&key, &pubKey, NULL, &outlen), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_shared_secret(&key, &pubKey, out, NULL), BAD_FUNC_ARG); /* Invalid length */ outlen = 1; ExpectIntEQ(wc_ecc_shared_secret(&key, &pubKey, out, &outlen), BUFFER_E); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ecc_free(&pubKey); wc_ecc_free(&key); #ifdef FP_ECC wc_ecc_fp_free(); #endif PRIVATE_KEY_LOCK(); #endif return EXPECT_RESULT(); } /* END tests_wc_ecc_shared_secret */ /* * testint wc_ecc_export_x963() */ static int test_wc_ecc_export_x963(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG) ecc_key key; WC_RNG rng; byte out[ECC_ASN963_MAX_BUF_SZ]; word32 outlen = sizeof(out); int ret; PRIVATE_KEY_UNLOCK(); /* Initialize variables. */ XMEMSET(&key, 0, sizeof(ecc_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); XMEMSET(out, 0, outlen); ExpectIntEQ(wc_ecc_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ret = wc_ecc_make_key(&rng, KEY20, &key); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); #endif ExpectIntEQ(ret, 0); ExpectIntEQ(wc_ecc_export_x963(&key, out, &outlen), 0); /* Test bad args. */ ExpectIntEQ(wc_ecc_export_x963(NULL, out, &outlen), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_export_x963(&key, NULL, &outlen), LENGTH_ONLY_E); ExpectIntEQ(wc_ecc_export_x963(&key, out, NULL), ECC_BAD_ARG_E); key.idx = -4; ExpectIntEQ(wc_ecc_export_x963(&key, out, &outlen), ECC_BAD_ARG_E); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ecc_free(&key); #ifdef FP_ECC wc_ecc_fp_free(); #endif PRIVATE_KEY_LOCK(); #endif return EXPECT_RESULT(); } /* END test_wc_ecc_export_x963 */ /* * Testing wc_ecc_export_x963_ex() * compile with --enable-compkey will use compression. */ static int test_wc_ecc_export_x963_ex(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG) ecc_key key; WC_RNG rng; int ret; byte out[ECC_ASN963_MAX_BUF_SZ]; word32 outlen = sizeof(out); #ifdef HAVE_COMP_KEY word32 badOutLen = 5; #endif /* Init stack variables. */ XMEMSET(&key, 0, sizeof(ecc_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); XMEMSET(out, 0, outlen); ExpectIntEQ(wc_ecc_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ret = wc_ecc_make_key(&rng, KEY64, &key); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); #endif ExpectIntEQ(ret, 0); #ifdef HAVE_COMP_KEY ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &outlen, COMP), 0); #else ExpectIntEQ(ret = wc_ecc_export_x963_ex(&key, out, &outlen, NOCOMP), 0); #endif /* Test bad args. */ #ifdef HAVE_COMP_KEY ExpectIntEQ(wc_ecc_export_x963_ex(NULL, out, &outlen, COMP), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_export_x963_ex(&key, NULL, &outlen, COMP), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, NULL, COMP), BAD_FUNC_ARG); #if defined(HAVE_FIPS) && (!defined(FIPS_VERSION_LT) || FIPS_VERSION_LT(5,3)) ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &badOutLen, COMP), BUFFER_E); #else ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &badOutLen, COMP), LENGTH_ONLY_E); #endif key.idx = -4; ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &outlen, COMP), ECC_BAD_ARG_E); #else ExpectIntEQ(wc_ecc_export_x963_ex(NULL, out, &outlen, NOCOMP), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_export_x963_ex(&key, NULL, &outlen, NOCOMP), LENGTH_ONLY_E); ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &outlen, 1), NOT_COMPILED_IN); ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, NULL, NOCOMP), ECC_BAD_ARG_E); key.idx = -4; ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &outlen, NOCOMP), ECC_BAD_ARG_E); #endif DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ecc_free(&key); #ifdef FP_ECC wc_ecc_fp_free(); #endif #endif return EXPECT_RESULT(); } /* END test_wc_ecc_export_x963_ex */ /* * testing wc_ecc_import_x963() */ static int test_wc_ecc_import_x963(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_IMPORT) && \ defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG) ecc_key pubKey; ecc_key key; WC_RNG rng; byte x963[ECC_ASN963_MAX_BUF_SZ]; word32 x963Len = (word32)sizeof(x963); int ret; /* Init stack variables. */ XMEMSET(&key, 0, sizeof(ecc_key)); XMEMSET(&pubKey, 0, sizeof(ecc_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); XMEMSET(x963, 0, x963Len); ExpectIntEQ(wc_ecc_init(&pubKey), 0); ExpectIntEQ(wc_ecc_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ret = wc_ecc_make_key(&rng, KEY24, &key); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); #endif ExpectIntEQ(ret, 0); PRIVATE_KEY_UNLOCK(); ExpectIntEQ(wc_ecc_export_x963(&key, x963, &x963Len), 0); PRIVATE_KEY_LOCK(); ExpectIntEQ(wc_ecc_import_x963(x963, x963Len, &pubKey), 0); /* Test bad args. */ ExpectIntEQ(wc_ecc_import_x963(NULL, x963Len, &pubKey), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_import_x963(x963, x963Len, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_import_x963(x963, x963Len + 1, &pubKey), ECC_BAD_ARG_E); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ecc_free(&key); wc_ecc_free(&pubKey); #ifdef FP_ECC wc_ecc_fp_free(); #endif #endif return EXPECT_RESULT(); } /* END wc_ecc_import_x963 */ /* * testing wc_ecc_import_private_key() */ static int test_wc_ecc_import_private_key(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_IMPORT) && \ defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG) ecc_key key; ecc_key keyImp; WC_RNG rng; byte privKey[ECC_PRIV_KEY_BUF]; /* Raw private key.*/ byte x963Key[ECC_ASN963_MAX_BUF_SZ]; word32 privKeySz = (word32)sizeof(privKey); word32 x963KeySz = (word32)sizeof(x963Key); int ret; /* Init stack variables. */ XMEMSET(&key, 0, sizeof(ecc_key)); XMEMSET(&keyImp, 0, sizeof(ecc_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); XMEMSET(privKey, 0, privKeySz); XMEMSET(x963Key, 0, x963KeySz); ExpectIntEQ(wc_ecc_init(&key), 0); ExpectIntEQ(wc_ecc_init(&keyImp), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ret = wc_ecc_make_key(&rng, KEY48, &key); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); #endif ExpectIntEQ(ret, 0); PRIVATE_KEY_UNLOCK(); ExpectIntEQ(wc_ecc_export_x963(&key, x963Key, &x963KeySz), 0); PRIVATE_KEY_LOCK(); ExpectIntEQ(wc_ecc_export_private_only(&key, privKey, &privKeySz), 0); ExpectIntEQ(wc_ecc_import_private_key(privKey, privKeySz, x963Key, x963KeySz, &keyImp), 0); /* Pass in bad args. */ ExpectIntEQ(wc_ecc_import_private_key(privKey, privKeySz, x963Key, x963KeySz, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_import_private_key(NULL, privKeySz, x963Key, x963KeySz, &keyImp), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ecc_free(&keyImp); wc_ecc_free(&key); #ifdef FP_ECC wc_ecc_fp_free(); #endif #endif return EXPECT_RESULT(); } /* END test_wc_ecc_import_private_key */ /* * Testing wc_ecc_export_private_only() */ static int test_wc_ecc_export_private_only(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG) ecc_key key; WC_RNG rng; byte out[ECC_PRIV_KEY_BUF]; word32 outlen = sizeof(out); int ret; /* Init stack variables. */ XMEMSET(&key, 0, sizeof(ecc_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); XMEMSET(out, 0, outlen); ExpectIntEQ(wc_ecc_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ret = wc_ecc_make_key(&rng, KEY32, &key); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); #endif ExpectIntEQ(ret, 0); ExpectIntEQ(wc_ecc_export_private_only(&key, out, &outlen), 0); /* Pass in bad args. */ ExpectIntEQ(wc_ecc_export_private_only(NULL, out, &outlen), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_export_private_only(&key, NULL, &outlen), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_export_private_only(&key, out, NULL), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ecc_free(&key); #ifdef FP_ECC wc_ecc_fp_free(); #endif #endif return EXPECT_RESULT(); } /* END test_wc_ecc_export_private_only */ /* * Testing wc_ecc_rs_to_sig() */ static int test_wc_ecc_rs_to_sig(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && !defined(NO_ASN) /* first [P-192,SHA-1] vector from FIPS 186-3 NIST vectors */ const char* R = "6994d962bdd0d793ffddf855ec5bf2f91a9698b46258a63e"; const char* S = "02ba6465a234903744ab02bc8521405b73cf5fc00e1a9f41"; const char* zeroStr = "0"; byte sig[ECC_MAX_SIG_SIZE]; word32 siglen = (word32)sizeof(sig); /* R and S max size is the order of curve. 2^192.*/ int keySz = KEY24; byte r[KEY24]; byte s[KEY24]; word32 rlen = (word32)sizeof(r); word32 slen = (word32)sizeof(s); /* Init stack variables. */ XMEMSET(sig, 0, ECC_MAX_SIG_SIZE); XMEMSET(r, 0, keySz); XMEMSET(s, 0, keySz); ExpectIntEQ(wc_ecc_rs_to_sig(R, S, sig, &siglen), 0); ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, r, &rlen, s, &slen), 0); /* Test bad args. */ ExpectIntEQ(wc_ecc_rs_to_sig(NULL, S, sig, &siglen), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_rs_to_sig(R, NULL, sig, &siglen), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_rs_to_sig(R, S, sig, NULL), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_rs_to_sig(R, S, NULL, &siglen), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_rs_to_sig(R, zeroStr, sig, &siglen), MP_ZERO_E); ExpectIntEQ(wc_ecc_rs_to_sig(zeroStr, S, sig, &siglen), MP_ZERO_E); ExpectIntEQ(wc_ecc_sig_to_rs(NULL, siglen, r, &rlen, s, &slen), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, NULL, &rlen, s, &slen), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, r, NULL, s, &slen), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, r, &rlen, NULL, &slen), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, r, &rlen, s, NULL), ECC_BAD_ARG_E); #endif return EXPECT_RESULT(); } /* END test_wc_ecc_rs_to_sig */ static int test_wc_ecc_import_raw(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && !defined(NO_ECC256) ecc_key key; const char* qx = "bb33ac4c27504ac64aa504c33cde9f36db722dce94ea2bfacb2009392c16e861"; const char* qy = "02e9af4dd302939a315b9792217ff0cf18da9111023486e82058330b803489d8"; const char* d = "45b66902739c6c85a1385b72e8e8c7acc4038d533504fa6c28dc348de1a8098c"; const char* curveName = "SECP256R1"; #ifdef WOLFSSL_VALIDATE_ECC_IMPORT const char* kNullStr = ""; int ret; #endif XMEMSET(&key, 0, sizeof(ecc_key)); ExpectIntEQ(wc_ecc_init(&key), 0); /* Test good import */ ExpectIntEQ(wc_ecc_import_raw(&key, qx, qy, d, curveName), 0); /* Test bad args. */ ExpectIntEQ(wc_ecc_import_raw(NULL, qx, qy, d, curveName), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_import_raw(&key, NULL, qy, d, curveName), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_import_raw(&key, qx, NULL, d, curveName), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_import_raw(&key, qx, qy, d, NULL), BAD_FUNC_ARG); #ifdef WOLFSSL_VALIDATE_ECC_IMPORT #if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH) wc_ecc_free(&key); #endif ExpectIntLT(ret = wc_ecc_import_raw(&key, kNullStr, kNullStr, kNullStr, curveName), 0); ExpectTrue((ret == ECC_INF_E) || (ret == BAD_FUNC_ARG)); #endif #if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) #if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH) wc_ecc_free(&key); #endif #ifdef WOLFSSL_VALIDATE_ECC_IMPORT ExpectIntLT(ret = wc_ecc_import_raw(&key, "0", qy, d, curveName), 0); ExpectTrue((ret == BAD_FUNC_ARG) || (ret == MP_VAL)); #else ExpectIntEQ(wc_ecc_import_raw(&key, "0", qy, d, curveName), 0); #endif #if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH) wc_ecc_free(&key); #endif #ifdef WOLFSSL_VALIDATE_ECC_IMPORT ExpectIntLT(ret = wc_ecc_import_raw(&key, qx, "0", d, curveName), 0); ExpectTrue((ret == BAD_FUNC_ARG) || (ret == MP_VAL)); #else ExpectIntEQ(wc_ecc_import_raw(&key, qx, "0", d, curveName), 0); #endif #if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH) wc_ecc_free(&key); #endif ExpectIntEQ(wc_ecc_import_raw(&key, "0", "0", d, curveName), ECC_INF_E); #endif wc_ecc_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_ecc_import_raw */ static int test_wc_ecc_import_unsigned(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && !defined(NO_ECC256) && !defined(HAVE_SELFTEST) && \ (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \ HAVE_FIPS_VERSION >= 2)) ecc_key key; const byte qx[] = { 0xbb, 0x33, 0xac, 0x4c, 0x27, 0x50, 0x4a, 0xc6, 0x4a, 0xa5, 0x04, 0xc3, 0x3c, 0xde, 0x9f, 0x36, 0xdb, 0x72, 0x2d, 0xce, 0x94, 0xea, 0x2b, 0xfa, 0xcb, 0x20, 0x09, 0x39, 0x2c, 0x16, 0xe8, 0x61 }; const byte qy[] = { 0x02, 0xe9, 0xaf, 0x4d, 0xd3, 0x02, 0x93, 0x9a, 0x31, 0x5b, 0x97, 0x92, 0x21, 0x7f, 0xf0, 0xcf, 0x18, 0xda, 0x91, 0x11, 0x02, 0x34, 0x86, 0xe8, 0x20, 0x58, 0x33, 0x0b, 0x80, 0x34, 0x89, 0xd8 }; const byte d[] = { 0x45, 0xb6, 0x69, 0x02, 0x73, 0x9c, 0x6c, 0x85, 0xa1, 0x38, 0x5b, 0x72, 0xe8, 0xe8, 0xc7, 0xac, 0xc4, 0x03, 0x8d, 0x53, 0x35, 0x04, 0xfa, 0x6c, 0x28, 0xdc, 0x34, 0x8d, 0xe1, 0xa8, 0x09, 0x8c }; #ifdef WOLFSSL_VALIDATE_ECC_IMPORT const byte nullBytes[32] = {0}; int ret; #endif int curveId = ECC_SECP256R1; XMEMSET(&key, 0, sizeof(ecc_key)); ExpectIntEQ(wc_ecc_init(&key), 0); ExpectIntEQ(wc_ecc_import_unsigned(&key, (byte*)qx, (byte*)qy, (byte*)d, curveId), 0); /* Test bad args. */ ExpectIntEQ(wc_ecc_import_unsigned(NULL, (byte*)qx, (byte*)qy, (byte*)d, curveId), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_import_unsigned(&key, NULL, (byte*)qy, (byte*)d, curveId), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_import_unsigned(&key, (byte*)qx, NULL, (byte*)d, curveId), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_import_unsigned(&key, (byte*)qx, (byte*)qy, (byte*)d, ECC_CURVE_INVALID), BAD_FUNC_ARG); #ifdef WOLFSSL_VALIDATE_ECC_IMPORT ExpectIntLT(ret = wc_ecc_import_unsigned(&key, (byte*)nullBytes, (byte*)nullBytes, (byte*)nullBytes, curveId), 0); ExpectTrue((ret == ECC_INF_E) || (ret == BAD_FUNC_ARG)); #endif wc_ecc_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_ecc_import_unsigned */ /* * Testing wc_ecc_sig_size() */ static int test_wc_ecc_sig_size(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && !defined(WC_NO_RNG) ecc_key key; WC_RNG rng; int keySz = KEY16; int ret; XMEMSET(&rng, 0, sizeof(rng)); XMEMSET(&key, 0, sizeof(key)); ExpectIntEQ(wc_ecc_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ret = wc_ecc_make_key(&rng, keySz, &key); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); #endif ExpectIntEQ(ret, 0); ExpectIntLE(wc_ecc_sig_size(&key), (2 * keySz + SIG_HEADER_SZ + ECC_MAX_PAD_SZ)); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ecc_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_ecc_sig_size */ /* * Testing wc_ecc_ctx_new() */ static int test_wc_ecc_ctx_new(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG) WC_RNG rng; ecEncCtx* cli = NULL; ecEncCtx* srv = NULL; XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectNotNull(cli = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng)); ExpectNotNull(srv = wc_ecc_ctx_new(REQ_RESP_SERVER, &rng)); wc_ecc_ctx_free(cli); cli = NULL; wc_ecc_ctx_free(srv); /* Test bad args. */ /* wc_ecc_ctx_new_ex() will free if returned NULL. */ ExpectNull(cli = wc_ecc_ctx_new(0, &rng)); ExpectNull(cli = wc_ecc_ctx_new(REQ_RESP_CLIENT, NULL)); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ecc_ctx_free(cli); #endif return EXPECT_RESULT(); } /* END test_wc_ecc_ctx_new */ /* * Tesing wc_ecc_reset() */ static int test_wc_ecc_ctx_reset(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG) ecEncCtx* ctx = NULL; WC_RNG rng; XMEMSET(&rng, 0, sizeof(rng)); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectNotNull(ctx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng)); ExpectIntEQ(wc_ecc_ctx_reset(ctx, &rng), 0); /* Pass in bad args. */ ExpectIntEQ(wc_ecc_ctx_reset(NULL, &rng), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_ctx_reset(ctx, NULL), BAD_FUNC_ARG); wc_ecc_ctx_free(ctx); DoExpectIntEQ(wc_FreeRng(&rng), 0); #endif return EXPECT_RESULT(); } /* END test_wc_ecc_ctx_reset */ /* * Testing wc_ecc_ctx_set_peer_salt() and wc_ecc_ctx_get_own_salt() */ static int test_wc_ecc_ctx_set_peer_salt(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG) WC_RNG rng; ecEncCtx* cliCtx = NULL; ecEncCtx* servCtx = NULL; const byte* cliSalt = NULL; const byte* servSalt = NULL; XMEMSET(&rng, 0, sizeof(rng)); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectNotNull(cliCtx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng)); ExpectNotNull(servCtx = wc_ecc_ctx_new(REQ_RESP_SERVER, &rng)); /* Test bad args. */ ExpectNull(cliSalt = wc_ecc_ctx_get_own_salt(NULL)); ExpectNotNull(cliSalt = wc_ecc_ctx_get_own_salt(cliCtx)); ExpectNotNull(servSalt = wc_ecc_ctx_get_own_salt(servCtx)); ExpectIntEQ(wc_ecc_ctx_set_peer_salt(cliCtx, servSalt), 0); /* Test bad args. */ ExpectIntEQ(wc_ecc_ctx_set_peer_salt(NULL, servSalt), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_ctx_set_peer_salt(cliCtx, NULL), BAD_FUNC_ARG); wc_ecc_ctx_free(cliCtx); wc_ecc_ctx_free(servCtx); DoExpectIntEQ(wc_FreeRng(&rng), 0); #endif return EXPECT_RESULT(); } /* END test_wc_ecc_ctx_set_peer_salt */ /* * Testing wc_ecc_ctx_set_info() */ static int test_wc_ecc_ctx_set_info(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG) ecEncCtx* ctx = NULL; WC_RNG rng; const char* optInfo = "Optional Test Info."; int optInfoSz = (int)XSTRLEN(optInfo); const char* badOptInfo = NULL; XMEMSET(&rng, 0, sizeof(rng)); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectNotNull(ctx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng)); ExpectIntEQ(wc_ecc_ctx_set_info(ctx, (byte*)optInfo, optInfoSz), 0); /* Test bad args. */ ExpectIntEQ(wc_ecc_ctx_set_info(NULL, (byte*)optInfo, optInfoSz), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_ctx_set_info(ctx, (byte*)badOptInfo, optInfoSz), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_ctx_set_info(ctx, (byte*)optInfo, -1), BAD_FUNC_ARG); wc_ecc_ctx_free(ctx); DoExpectIntEQ(wc_FreeRng(&rng), 0); #endif return EXPECT_RESULT(); } /* END test_wc_ecc_ctx_set_info */ /* * Testing wc_ecc_encrypt() and wc_ecc_decrypt() */ static int test_wc_ecc_encryptDecrypt(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG) && \ defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128) ecc_key srvKey; ecc_key cliKey; ecc_key tmpKey; WC_RNG rng; int ret; const char* msg = "EccBlock Size 16"; word32 msgSz = (word32)XSTRLEN("EccBlock Size 16"); #ifdef WOLFSSL_ECIES_OLD byte out[(sizeof("EccBlock Size 16") - 1) + WC_SHA256_DIGEST_SIZE]; #elif defined(WOLFSSL_ECIES_GEN_IV) byte out[KEY20 * 2 + 1 + AES_BLOCK_SIZE + (sizeof("EccBlock Size 16") - 1) + WC_SHA256_DIGEST_SIZE]; #else byte out[KEY20 * 2 + 1 + (sizeof("EccBlock Size 16") - 1) + WC_SHA256_DIGEST_SIZE]; #endif word32 outSz = (word32)sizeof(out); byte plain[sizeof("EccBlock Size 16")]; word32 plainSz = (word32)sizeof(plain); int keySz = KEY20; /* Init stack variables. */ XMEMSET(out, 0, outSz); XMEMSET(plain, 0, plainSz); XMEMSET(&rng, 0, sizeof(rng)); XMEMSET(&srvKey, 0, sizeof(ecc_key)); XMEMSET(&cliKey, 0, sizeof(ecc_key)); XMEMSET(&tmpKey, 0, sizeof(ecc_key)); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_ecc_init(&cliKey), 0); ret = wc_ecc_make_key(&rng, keySz, &cliKey); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &cliKey.asyncDev, WC_ASYNC_FLAG_NONE); #endif ExpectIntEQ(ret, 0); ExpectIntEQ(wc_ecc_init(&srvKey), 0); ret = wc_ecc_make_key(&rng, keySz, &srvKey); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &srvKey.asyncDev, WC_ASYNC_FLAG_NONE); #endif ExpectIntEQ(ret, 0); ExpectIntEQ(wc_ecc_init(&tmpKey), 0); #if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \ !defined(HAVE_SELFTEST) ExpectIntEQ(wc_ecc_set_rng(&srvKey, &rng), 0); ExpectIntEQ(wc_ecc_set_rng(&cliKey, &rng), 0); #endif ExpectIntEQ(wc_ecc_encrypt(&cliKey, &srvKey, (byte*)msg, msgSz, out, &outSz, NULL), 0); /* Test bad args. */ ExpectIntEQ(wc_ecc_encrypt(NULL, &srvKey, (byte*)msg, msgSz, out, &outSz, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_encrypt(&cliKey, NULL, (byte*)msg, msgSz, out, &outSz, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_encrypt(&cliKey, &srvKey, NULL, msgSz, out, &outSz, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_encrypt(&cliKey, &srvKey, (byte*)msg, msgSz, NULL, &outSz, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_encrypt(&cliKey, &srvKey, (byte*)msg, msgSz, out, NULL, NULL), BAD_FUNC_ARG); #ifdef WOLFSSL_ECIES_OLD tmpKey.dp = cliKey.dp; ExpectIntEQ(wc_ecc_copy_point(&cliKey.pubkey, &tmpKey.pubkey), 0); #endif ExpectIntEQ(wc_ecc_decrypt(&srvKey, &tmpKey, out, outSz, plain, &plainSz, NULL), 0); ExpectIntEQ(wc_ecc_decrypt(NULL, &tmpKey, out, outSz, plain, &plainSz, NULL), BAD_FUNC_ARG); #ifdef WOLFSSL_ECIES_OLD /* NULL parameter allowed in new implementations - public key comes from * the message. */ ExpectIntEQ(wc_ecc_decrypt(&srvKey, NULL, out, outSz, plain, &plainSz, NULL), BAD_FUNC_ARG); #endif ExpectIntEQ(wc_ecc_decrypt(&srvKey, &tmpKey, NULL, outSz, plain, &plainSz, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_decrypt(&srvKey, &tmpKey, out, outSz, NULL, &plainSz, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_decrypt(&srvKey, &tmpKey, out, outSz, plain, NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(XMEMCMP(msg, plain, msgSz), 0); wc_ecc_free(&tmpKey); wc_ecc_free(&srvKey); wc_ecc_free(&cliKey); DoExpectIntEQ(wc_FreeRng(&rng), 0); #endif return EXPECT_RESULT(); } /* END test_wc_ecc_encryptDecrypt */ /* * Testing wc_ecc_del_point() and wc_ecc_new_point() */ static int test_wc_ecc_del_point(void) { EXPECT_DECLS; #if defined(HAVE_ECC) ecc_point* pt = NULL; ExpectNotNull(pt = wc_ecc_new_point()); wc_ecc_del_point(pt); #endif return EXPECT_RESULT(); } /* END test_wc_ecc_del_point */ /* * Testing wc_ecc_point_is_at_infinity(), wc_ecc_export_point_der(), * wc_ecc_import_point_der(), wc_ecc_copy_point(), wc_ecc_point_is_on_curve(), * and wc_ecc_cmp_point() */ static int test_wc_ecc_pointFns(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && \ !defined(WC_NO_RNG) && !defined(WOLFSSL_ATECC508A) && \ !defined(WOLFSSL_ATECC608A) ecc_key key; WC_RNG rng; int ret; ecc_point* point = NULL; ecc_point* cpypt = NULL; int idx = 0; int keySz = KEY32; byte der[DER_SZ(KEY32)]; word32 derlenChk = 0; word32 derSz = DER_SZ(KEY32); /* Init stack variables. */ XMEMSET(der, 0, derSz); XMEMSET(&key, 0, sizeof(ecc_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_ecc_init(&key), 0); ret = wc_ecc_make_key(&rng, keySz, &key); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); #endif ExpectIntEQ(ret, 0); ExpectNotNull(point = wc_ecc_new_point()); ExpectNotNull(cpypt = wc_ecc_new_point()); /* Export */ ExpectIntEQ(wc_ecc_export_point_der((idx = key.idx), &key.pubkey, NULL, &derlenChk), LENGTH_ONLY_E); /* Check length value. */ ExpectIntEQ(derSz, derlenChk); ExpectIntEQ(wc_ecc_export_point_der((idx = key.idx), &key.pubkey, der, &derSz), 0); /* Test bad args. */ ExpectIntEQ(wc_ecc_export_point_der(-2, &key.pubkey, der, &derSz), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_export_point_der((idx = key.idx), NULL, der, &derSz), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_export_point_der((idx = key.idx), &key.pubkey, der, NULL), ECC_BAD_ARG_E); /* Import */ ExpectIntEQ(wc_ecc_import_point_der(der, derSz, idx, point), 0); ExpectIntEQ(wc_ecc_cmp_point(&key.pubkey, point), 0); /* Test bad args. */ ExpectIntEQ( wc_ecc_import_point_der(NULL, derSz, idx, point), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_import_point_der(der, derSz, idx, NULL), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_import_point_der(der, derSz, -1, point), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_import_point_der(der, derSz + 1, idx, point), ECC_BAD_ARG_E); /* Copy */ ExpectIntEQ(wc_ecc_copy_point(point, cpypt), 0); /* Test bad args. */ ExpectIntEQ(wc_ecc_copy_point(NULL, cpypt), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_copy_point(point, NULL), ECC_BAD_ARG_E); /* Compare point */ ExpectIntEQ(wc_ecc_cmp_point(point, cpypt), 0); /* Test bad args. */ ExpectIntEQ(wc_ecc_cmp_point(NULL, cpypt), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_cmp_point(point, NULL), BAD_FUNC_ARG); /* At infinity if return == 1, otherwise return == 0. */ ExpectIntEQ(wc_ecc_point_is_at_infinity(point), 0); /* Test bad args. */ ExpectIntEQ(wc_ecc_point_is_at_infinity(NULL), BAD_FUNC_ARG); #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))) #ifdef USE_ECC_B_PARAM /* On curve if ret == 0 */ ExpectIntEQ(wc_ecc_point_is_on_curve(point, idx), 0); /* Test bad args. */ ExpectIntEQ(wc_ecc_point_is_on_curve(NULL, idx), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_point_is_on_curve(point, 1000), ECC_BAD_ARG_E); #endif /* USE_ECC_B_PARAM */ #endif /* !HAVE_SELFTEST && (!HAVE_FIPS || HAVE_FIPS_VERSION > 2) */ /* Free */ wc_ecc_del_point(point); wc_ecc_del_point(cpypt); wc_ecc_free(&key); DoExpectIntEQ(wc_FreeRng(&rng), 0); #endif return EXPECT_RESULT(); } /* END test_wc_ecc_pointFns */ /* * Testing wc_ecc_shared_secret_ssh() */ static int test_wc_ecc_shared_secret_ssh(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && defined(HAVE_ECC_DHE) && \ !defined(WC_NO_RNG) && !defined(WOLFSSL_ATECC508A) && \ !defined(WOLFSSL_ATECC608A) && !defined(PLUTON_CRYPTO_ECC) && \ !defined(WOLFSSL_CRYPTOCELL) ecc_key key; ecc_key key2; WC_RNG rng; int ret; int keySz = KEY32; int key2Sz = KEY24; byte secret[KEY32]; word32 secretLen = keySz; /* Init stack variables. */ XMEMSET(&key, 0, sizeof(ecc_key)); XMEMSET(&key2, 0, sizeof(ecc_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); XMEMSET(secret, 0, secretLen); /* Make keys */ ExpectIntEQ(wc_ecc_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ret = wc_ecc_make_key(&rng, keySz, &key); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); #endif ExpectIntEQ(ret, 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); ExpectIntEQ(wc_ecc_init(&key2), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ret = wc_ecc_make_key(&rng, key2Sz, &key2); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &key2.asyncDev, WC_ASYNC_FLAG_NONE); #endif ExpectIntEQ(ret, 0); #if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \ !defined(HAVE_SELFTEST) ExpectIntEQ(wc_ecc_set_rng(&key, &rng), 0); #endif ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, &key2.pubkey, secret, &secretLen), 0); /* Pass in bad args. */ ExpectIntEQ(wc_ecc_shared_secret_ssh(NULL, &key2.pubkey, secret, &secretLen), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, NULL, secret, &secretLen), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, &key2.pubkey, NULL, &secretLen), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, &key2.pubkey, secret, NULL), BAD_FUNC_ARG); key.type = ECC_PUBLICKEY; ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, &key2.pubkey, secret, &secretLen), ECC_BAD_ARG_E); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ecc_free(&key); wc_ecc_free(&key2); #ifdef FP_ECC wc_ecc_fp_free(); #endif #endif return EXPECT_RESULT(); } /* END test_wc_ecc_shared_secret_ssh */ /* * Testing wc_ecc_verify_hash_ex() and wc_ecc_verify_hash_ex() */ static int test_wc_ecc_verify_hash_ex(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && defined(HAVE_ECC_SIGN) && defined(WOLFSSL_PUBLIC_MP) \ && !defined(WC_NO_RNG) && !defined(WOLFSSL_ATECC508A) && \ !defined(WOLFSSL_ATECC608A) && !defined(WOLFSSL_KCAPI_ECC) ecc_key key; WC_RNG rng; int ret; mp_int r; mp_int s; mp_int z; unsigned char hash[] = "Everyone gets Friday off.EccSig"; unsigned char iHash[] = "Everyone gets Friday off......."; unsigned char shortHash[] = TEST_STRING; word32 hashlen = sizeof(hash); word32 iHashLen = sizeof(iHash); word32 shortHashLen = sizeof(shortHash); int keySz = KEY32; int verify_ok = 0; XMEMSET(&key, 0, sizeof(ecc_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); XMEMSET(&r, 0, sizeof(mp_int)); XMEMSET(&s, 0, sizeof(mp_int)); XMEMSET(&z, 0, sizeof(mp_int)); /* Initialize r, s and z. */ ExpectIntEQ(mp_init_multi(&r, &s, &z, NULL, NULL, NULL), MP_OKAY); ExpectIntEQ(wc_ecc_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ret = wc_ecc_make_key(&rng, keySz, &key); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); #endif ExpectIntEQ(ret, 0); ExpectIntEQ(wc_ecc_sign_hash_ex(hash, hashlen, &rng, &key, &r, &s), 0); /* verify_ok should be 1. */ ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, hash, hashlen, &verify_ok, &key), 0); ExpectIntEQ(verify_ok, 1); /* verify_ok should be 0 */ ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, iHash, iHashLen, &verify_ok, &key), 0); ExpectIntEQ(verify_ok, 0); /* verify_ok should be 0. */ ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, shortHash, shortHashLen, &verify_ok, &key), 0); ExpectIntEQ(verify_ok, 0); /* Test bad args. */ ExpectIntEQ(wc_ecc_sign_hash_ex(NULL, hashlen, &rng, &key, &r, &s), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_sign_hash_ex(hash, hashlen, NULL, &key, &r, &s), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_sign_hash_ex(hash, hashlen, &rng, NULL, &r, &s), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_sign_hash_ex(hash, hashlen, &rng, &key, NULL, &s), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_sign_hash_ex(hash, hashlen, &rng, &key, &r, NULL), ECC_BAD_ARG_E); /* Test bad args. */ ExpectIntEQ(wc_ecc_verify_hash_ex(NULL, &s, shortHash, shortHashLen, &verify_ok, &key), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_verify_hash_ex(&r, NULL, shortHash, shortHashLen, &verify_ok, &key), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_verify_hash_ex(&z, &s, shortHash, shortHashLen, &verify_ok, &key), MP_ZERO_E); ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &z, shortHash, shortHashLen, &verify_ok, &key), MP_ZERO_E); ExpectIntEQ(wc_ecc_verify_hash_ex(&z, &z, shortHash, shortHashLen, &verify_ok, &key), MP_ZERO_E); ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, NULL, shortHashLen, &verify_ok, &key), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, shortHash, shortHashLen, NULL, &key), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, shortHash, shortHashLen, &verify_ok, NULL), ECC_BAD_ARG_E); wc_ecc_free(&key); mp_free(&r); mp_free(&s); DoExpectIntEQ(wc_FreeRng(&rng), 0); #endif return EXPECT_RESULT(); } /* END test_wc_ecc_verify_hash_ex */ /* * Testing wc_ecc_mulmod() */ static int test_wc_ecc_mulmod(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && !defined(WC_NO_RNG) && \ !(defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \ defined(WOLFSSL_VALIDATE_ECC_IMPORT)) ecc_key key1; ecc_key key2; ecc_key key3; WC_RNG rng; int ret; XMEMSET(&key1, 0, sizeof(ecc_key)); XMEMSET(&key2, 0, sizeof(ecc_key)); XMEMSET(&key3, 0, sizeof(ecc_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_ecc_init(&key1), 0); ExpectIntEQ(wc_ecc_init(&key2), 0); ExpectIntEQ(wc_ecc_init(&key3), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ret = wc_ecc_make_key(&rng, KEY32, &key1); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &key1.asyncDev, WC_ASYNC_FLAG_NONE); #endif ExpectIntEQ(ret, 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); ExpectIntEQ(wc_ecc_import_raw_ex(&key2, key1.dp->Gx, key1.dp->Gy, key1.dp->Af, ECC_SECP256R1), 0); ExpectIntEQ(wc_ecc_import_raw_ex(&key3, key1.dp->Gx, key1.dp->Gy, key1.dp->prime, ECC_SECP256R1), 0); ExpectIntEQ(wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), &key2.pubkey, &key3.pubkey, wc_ecc_key_get_priv(&key2), wc_ecc_key_get_priv(&key3), 1), 0); /* Test bad args. */ ExpectIntEQ(ret = wc_ecc_mulmod(NULL, &key2.pubkey, &key3.pubkey, wc_ecc_key_get_priv(&key2), wc_ecc_key_get_priv(&key3), 1), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), NULL, &key3.pubkey, wc_ecc_key_get_priv(&key2), wc_ecc_key_get_priv(&key3), 1), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), &key2.pubkey, NULL, wc_ecc_key_get_priv(&key2), wc_ecc_key_get_priv(&key3), 1), ECC_BAD_ARG_E); ExpectIntEQ(wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), &key2.pubkey, &key3.pubkey, wc_ecc_key_get_priv(&key2), NULL, 1), ECC_BAD_ARG_E); wc_ecc_free(&key1); wc_ecc_free(&key2); wc_ecc_free(&key3); #ifdef FP_ECC wc_ecc_fp_free(); #endif #endif /* HAVE_ECC && !WOLFSSL_ATECC508A */ return EXPECT_RESULT(); } /* END test_wc_ecc_mulmod */ /* * Testing wc_ecc_is_valid_idx() */ static int test_wc_ecc_is_valid_idx(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && !defined(WC_NO_RNG) ecc_key key; WC_RNG rng; int ret; int iVal = -2; int iVal2 = 3000; XMEMSET(&key, 0, sizeof(ecc_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_ecc_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ret = wc_ecc_make_key(&rng, 32, &key); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); #endif ExpectIntEQ(ret, 0); ExpectIntEQ(wc_ecc_is_valid_idx(key.idx), 1); /* Test bad args. */ ExpectIntEQ(wc_ecc_is_valid_idx(iVal), 0); ExpectIntEQ(wc_ecc_is_valid_idx(iVal2), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ecc_free(&key); #ifdef FP_ECC wc_ecc_fp_free(); #endif #endif return EXPECT_RESULT(); } /* END test_wc_ecc_is_valid_idx */ /* * Testing wc_ecc_get_curve_id_from_oid() */ static int test_wc_ecc_get_curve_id_from_oid(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && !defined(NO_ECC256) && !defined(HAVE_SELFTEST) && \ !defined(HAVE_FIPS) const byte oid[] = {0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07}; word32 len = sizeof(oid); /* Bad Cases */ ExpectIntEQ(wc_ecc_get_curve_id_from_oid(NULL, len), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_get_curve_id_from_oid(oid, 0), ECC_CURVE_INVALID); /* Good Case */ ExpectIntEQ(wc_ecc_get_curve_id_from_oid(oid, len), ECC_SECP256R1); #endif return EXPECT_RESULT(); } /* END test_wc_ecc_get_curve_id_from_oid */ /* * Testing wc_ecc_sig_size_calc() */ static int test_wc_ecc_sig_size_calc(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && !defined(WC_NO_RNG) && !defined(HAVE_SELFTEST) ecc_key key; WC_RNG rng; int sz = 0; int ret; XMEMSET(&key, 0, sizeof(ecc_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_ecc_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ret = wc_ecc_make_key(&rng, 16, &key); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE); #endif ExpectIntEQ(ret, 0); sz = key.dp->size; ExpectIntGT(wc_ecc_sig_size_calc(sz), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ecc_free(&key); #endif return EXPECT_RESULT(); } /* END test_wc_ecc_sig_size_calc */ /* * Testing wc_ecc_sm2_make_key() */ static int test_wc_ecc_sm2_make_key(void) { int res = TEST_SKIPPED; #if defined(HAVE_ECC) && defined(WOLFSSL_SM2) EXPECT_DECLS; WC_RNG rng[1]; ecc_key key[1]; XMEMSET(rng, 0, sizeof(*rng)); XMEMSET(key, 0, sizeof(*key)); ExpectIntEQ(wc_InitRng(rng), 0); ExpectIntEQ(wc_ecc_init(key), 0); /* Test invalid parameters. */ ExpectIntEQ(wc_ecc_sm2_make_key(NULL, NULL, WC_ECC_FLAG_NONE), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_make_key(rng, NULL, WC_ECC_FLAG_NONE), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_make_key(NULL, key, WC_ECC_FLAG_NONE), BAD_FUNC_ARG); /* Test valid parameters. */ ExpectIntEQ(wc_ecc_sm2_make_key(rng, key, WC_ECC_FLAG_NONE), 0); ExpectIntEQ(key->dp->id, ECC_SM2P256V1); wc_ecc_free(key); wc_FreeRng(rng); #ifdef FP_ECC wc_ecc_fp_free(); #endif res = EXPECT_RESULT(); #endif return res; } /* * Testing wc_ecc_sm2_shared_secret() */ static int test_wc_ecc_sm2_shared_secret(void) { int res = TEST_SKIPPED; #if defined(HAVE_ECC) && defined(WOLFSSL_SM2) EXPECT_DECLS; WC_RNG rng[1]; ecc_key keyA[1]; ecc_key keyB[1]; byte outA[32]; byte outB[32]; word32 outALen = 32; word32 outBLen = 32; XMEMSET(rng, 0, sizeof(*rng)); XMEMSET(keyA, 0, sizeof(*keyA)); XMEMSET(keyB, 0, sizeof(*keyB)); ExpectIntEQ(wc_InitRng(rng), 0); ExpectIntEQ(wc_ecc_init(keyA), 0); ExpectIntEQ(wc_ecc_init(keyB), 0); ExpectIntEQ(wc_ecc_sm2_make_key(rng, keyA, WC_ECC_FLAG_NONE), 0); ExpectIntEQ(wc_ecc_sm2_make_key(rng, keyB, WC_ECC_FLAG_NONE), 0); #ifdef ECC_TIMING_RESISTANT ExpectIntEQ(wc_ecc_set_rng(keyA, rng), 0); ExpectIntEQ(wc_ecc_set_rng(keyB, rng), 0); #endif /* Test invalid parameters. */ ExpectIntEQ(wc_ecc_sm2_shared_secret(NULL, NULL, NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_shared_secret(keyA, NULL, NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_shared_secret(NULL, keyB, NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_shared_secret(NULL, NULL, outA, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_shared_secret(NULL, NULL, NULL, &outALen), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_shared_secret(NULL, keyB, outA, &outALen), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_shared_secret(keyA, NULL, outA, &outALen), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_shared_secret(keyA, keyB, NULL, &outALen), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_shared_secret(keyA, keyB, outA, NULL), BAD_FUNC_ARG); /* Test valid parameters. */ ExpectIntEQ(wc_ecc_sm2_shared_secret(keyA, keyB, outA, &outALen), 0); ExpectIntLE(outALen, 32); ExpectIntEQ(wc_ecc_sm2_shared_secret(keyB, keyA, outB, &outBLen), 0); ExpectIntLE(outBLen, 32); ExpectIntEQ(outALen, outBLen); ExpectBufEQ(outA, outB, outALen); wc_ecc_free(keyB); wc_ecc_free(keyA); wc_FreeRng(rng); #ifdef FP_ECC wc_ecc_fp_free(); #endif res = EXPECT_RESULT(); #endif return res; } /* * Testing wc_ecc_sm2_create_digest() */ static int test_wc_ecc_sm2_create_digest(void) { int res = TEST_SKIPPED; #if defined(HAVE_ECC) && defined(WOLFSSL_SM2) && !defined(NO_HASH_WRAPPER) && \ (defined(WOLFSSL_SM3) || !defined(NO_SHA256)) EXPECT_DECLS; ecc_key key[1]; enum wc_HashType hashType; unsigned char pub[] = { 0x04, 0x63, 0x7F, 0x1B, 0x13, 0x50, 0x36, 0xC9, 0x33, 0xDC, 0x3F, 0x7A, 0x8E, 0xBB, 0x1B, 0x7B, 0x2F, 0xD1, 0xDF, 0xBD, 0x26, 0x8D, 0x4F, 0x89, 0x4B, 0x5A, 0xD4, 0x7D, 0xBD, 0xBE, 0xCD, 0x55, 0x8F, 0xE8, 0x81, 0x01, 0xD0, 0x80, 0x48, 0xE3, 0x6C, 0xCB, 0xF6, 0x1C, 0xA3, 0x8D, 0xDF, 0x7A, 0xBA, 0x54, 0x2B, 0x44, 0x86, 0xE9, 0x9E, 0x49, 0xF3, 0xA7, 0x47, 0x0A, 0x85, 0x7A, 0x09, 0x64, 0x33 }; unsigned char id[] = { 0x01, 0x02, 0x03, }; unsigned char msg[] = { 0x01, 0x02, 0x03, }; unsigned char hash[32]; #ifdef WOLFSSL_SM3 unsigned char expHash[32] = { 0xc1, 0xdd, 0x92, 0xc5, 0x60, 0xd3, 0x94, 0x28, 0xeb, 0x0f, 0x57, 0x79, 0x3f, 0xc9, 0x96, 0xc5, 0xfa, 0xf5, 0x90, 0xb2, 0x64, 0x2f, 0xaf, 0x9c, 0xc8, 0x57, 0x21, 0x6a, 0x52, 0x7e, 0xf1, 0x95 }; #else unsigned char expHash[32] = { 0xea, 0x41, 0x55, 0x21, 0x61, 0x00, 0x5c, 0x9a, 0x57, 0x35, 0x6b, 0x49, 0xca, 0x8f, 0x65, 0xc2, 0x0e, 0x29, 0x0c, 0xa0, 0x1d, 0xa7, 0xc4, 0xed, 0xdd, 0x51, 0x12, 0xf6, 0xe7, 0x55, 0xc5, 0xf4 }; #endif #ifdef WOLFSSL_SM3 hashType = WC_HASH_TYPE_SM3; #else hashType = WC_HASH_TYPE_SHA256; #endif XMEMSET(key, 0, sizeof(*key)); ExpectIntEQ(wc_ecc_init(key), 0); /* Test with no curve set. */ ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), msg, sizeof(msg), hashType, hash, sizeof(hash), key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_import_x963_ex(pub, sizeof(pub), key, ECC_SM2P256V1), 0); /* Test invalid parameters. */ ExpectIntEQ(wc_ecc_sm2_create_digest(NULL, sizeof(id), NULL, sizeof(msg), hashType, NULL, sizeof(hash), NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), NULL, sizeof(msg), hashType, NULL, sizeof(hash), NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_create_digest(NULL, sizeof(id), msg, sizeof(msg), hashType, NULL, sizeof(hash), NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_create_digest(NULL, sizeof(id), NULL, sizeof(msg), hashType, hash, sizeof(hash), NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_create_digest(NULL, sizeof(id), NULL, sizeof(msg), hashType, NULL, sizeof(hash), key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_create_digest(NULL, sizeof(id), msg, sizeof(msg), hashType, hash, sizeof(hash), key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), NULL, sizeof(msg), hashType, hash, sizeof(hash), key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), msg, sizeof(msg), hashType, NULL, sizeof(hash), key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), msg, sizeof(msg), hashType, hash, sizeof(hash), NULL), BAD_FUNC_ARG); /* Bad hash type. */ ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), msg, sizeof(msg), -1, hash, 0, key), BAD_FUNC_ARG); /* Bad hash size. */ ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), msg, sizeof(msg), hashType, hash, 0, key), BUFFER_E); /* Test valid parameters. */ ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), msg, sizeof(msg), hashType, hash, sizeof(hash), key), 0); ExpectBufEQ(hash, expHash, sizeof(expHash)); wc_ecc_free(key); res = EXPECT_RESULT(); #endif return res; } /* * Testing wc_ecc_sm2_verify_hash_ex() */ static int test_wc_ecc_sm2_verify_hash_ex(void) { int res = TEST_SKIPPED; #if defined(HAVE_ECC) && defined(WOLFSSL_SM2) && defined(HAVE_ECC_VERIFY) && \ defined(WOLFSSL_PUBLIC_MP) EXPECT_DECLS; ecc_key key[1]; mp_int r[1]; mp_int s[1]; int verified; unsigned char pub[] = { 0x04, 0x63, 0x7F, 0x1B, 0x13, 0x50, 0x36, 0xC9, 0x33, 0xDC, 0x3F, 0x7A, 0x8E, 0xBB, 0x1B, 0x7B, 0x2F, 0xD1, 0xDF, 0xBD, 0x26, 0x8D, 0x4F, 0x89, 0x4B, 0x5A, 0xD4, 0x7D, 0xBD, 0xBE, 0xCD, 0x55, 0x8F, 0xE8, 0x81, 0x01, 0xD0, 0x80, 0x48, 0xE3, 0x6C, 0xCB, 0xF6, 0x1C, 0xA3, 0x8D, 0xDF, 0x7A, 0xBA, 0x54, 0x2B, 0x44, 0x86, 0xE9, 0x9E, 0x49, 0xF3, 0xA7, 0x47, 0x0A, 0x85, 0x7A, 0x09, 0x64, 0x33 }; unsigned char hash[] = { 0x3B, 0xFA, 0x5F, 0xFB, 0xC4, 0x27, 0x8C, 0x9D, 0x02, 0x3A, 0x19, 0xCB, 0x1E, 0xAA, 0xD2, 0xF1, 0x50, 0x69, 0x5B, 0x20 }; unsigned char rData[] = { 0xD2, 0xFC, 0xA3, 0x88, 0xE3, 0xDF, 0xA3, 0x00, 0x73, 0x9B, 0x3C, 0x2A, 0x0D, 0xAD, 0x44, 0xA2, 0xFC, 0x62, 0xD5, 0x6B, 0x84, 0x54, 0xD8, 0x40, 0x22, 0x62, 0x3D, 0x5C, 0xA6, 0x61, 0x9B, 0xE7, }; unsigned char sData[] = { 0x1D, 0xB5, 0xB5, 0xD9, 0xD8, 0xF1, 0x20, 0xDD, 0x97, 0x92, 0xBF, 0x7E, 0x9B, 0x3F, 0xE6, 0x3C, 0x4B, 0x03, 0xD8, 0x80, 0xBD, 0xB7, 0x27, 0x7E, 0x6A, 0x84, 0x23, 0xDE, 0x61, 0x7C, 0x8D, 0xDC }; unsigned char rBadData[] = { 0xD2, 0xFC, 0xA3, 0x88, 0xE3, 0xDF, 0xA3, 0x00, 0x73, 0x9B, 0x3C, 0x2A, 0x0D, 0xAD, 0x44, 0xA2, 0xFC, 0x62, 0xD5, 0x6B, 0x84, 0x54, 0xD8, 0x40, 0x22, 0x62, 0x3D, 0x5C, 0xA6, 0x61, 0x9B, 0xE8, }; XMEMSET(key, 0, sizeof(*key)); XMEMSET(r, 0, sizeof(*r)); XMEMSET(s, 0, sizeof(*s)); ExpectIntEQ(mp_init(r), 0); ExpectIntEQ(mp_init(s), 0); ExpectIntEQ(mp_read_unsigned_bin(r, rData, sizeof(rData)), 0); ExpectIntEQ(mp_read_unsigned_bin(s, sData, sizeof(sData)), 0); ExpectIntEQ(wc_ecc_init(key), 0); /* Test with no curve set. */ ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash), &verified, key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_import_x963_ex(pub, sizeof(pub), key, ECC_SM2P256V1), 0); /* Test invalid parameters. */ ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(NULL, NULL, NULL, sizeof(hash), NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, NULL, NULL, sizeof(hash), NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(NULL, s, NULL, sizeof(hash), NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(NULL, NULL, hash, sizeof(hash), NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(NULL, NULL, NULL, sizeof(hash), &verified, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(NULL, NULL, NULL, sizeof(hash), NULL, key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(NULL, s, hash, sizeof(hash), &verified, key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, NULL, hash, sizeof(hash), &verified, key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, NULL, sizeof(hash), &verified, key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash), NULL, key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash), &verified, NULL), BAD_FUNC_ARG); /* Make key not on the SM2 curve. */ ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SECP256R1), 0); ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash), &verified, key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SM2P256V1), 0); /* Test valid parameters. */ ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash), &verified, key), 0); ExpectIntEQ(verified, 1); ExpectIntEQ(mp_read_unsigned_bin(r, rBadData, sizeof(rBadData)), 0); ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash), &verified, key), 0); ExpectIntEQ(verified, 0); mp_free(s); mp_free(r); wc_ecc_free(key); #ifdef FP_ECC wc_ecc_fp_free(); #endif res = EXPECT_RESULT(); #endif return res; } /* * Testing wc_ecc_sm2_verify_hash() */ static int test_wc_ecc_sm2_verify_hash(void) { int res = TEST_SKIPPED; #if defined(HAVE_ECC) && defined(WOLFSSL_SM2) && defined(HAVE_ECC_VERIFY) EXPECT_DECLS; ecc_key key[1]; int verified; unsigned char pub[] = { 0x04, 0x63, 0x7F, 0x1B, 0x13, 0x50, 0x36, 0xC9, 0x33, 0xDC, 0x3F, 0x7A, 0x8E, 0xBB, 0x1B, 0x7B, 0x2F, 0xD1, 0xDF, 0xBD, 0x26, 0x8D, 0x4F, 0x89, 0x4B, 0x5A, 0xD4, 0x7D, 0xBD, 0xBE, 0xCD, 0x55, 0x8F, 0xE8, 0x81, 0x01, 0xD0, 0x80, 0x48, 0xE3, 0x6C, 0xCB, 0xF6, 0x1C, 0xA3, 0x8D, 0xDF, 0x7A, 0xBA, 0x54, 0x2B, 0x44, 0x86, 0xE9, 0x9E, 0x49, 0xF3, 0xA7, 0x47, 0x0A, 0x85, 0x7A, 0x09, 0x64, 0x33 }; unsigned char hash[] = { 0x3B, 0xFA, 0x5F, 0xFB, 0xC4, 0x27, 0x8C, 0x9D, 0x02, 0x3A, 0x19, 0xCB, 0x1E, 0xAA, 0xD2, 0xF1, 0x50, 0x69, 0x5B, 0x20 }; unsigned char sig[] = { 0x30, 0x45, 0x02, 0x21, 0x00, 0xD2, 0xFC, 0xA3, 0x88, 0xE3, 0xDF, 0xA3, 0x00, 0x73, 0x9B, 0x3C, 0x2A, 0x0D, 0xAD, 0x44, 0xA2, 0xFC, 0x62, 0xD5, 0x6B, 0x84, 0x54, 0xD8, 0x40, 0x22, 0x62, 0x3D, 0x5C, 0xA6, 0x61, 0x9B, 0xE7, 0x02, 0x20, 0x1D, 0xB5, 0xB5, 0xD9, 0xD8, 0xF1, 0x20, 0xDD, 0x97, 0x92, 0xBF, 0x7E, 0x9B, 0x3F, 0xE6, 0x3C, 0x4B, 0x03, 0xD8, 0x80, 0xBD, 0xB7, 0x27, 0x7E, 0x6A, 0x84, 0x23, 0xDE, 0x61, 0x7C, 0x8D, 0xDC }; unsigned char sigBad[] = { 0x30, 0x45, 0x02, 0x21, 0x00, 0xD2, 0xFC, 0xA3, 0x88, 0xE3, 0xDF, 0xA3, 0x00, 0x73, 0x9B, 0x3C, 0x2A, 0x0D, 0xAD, 0x44, 0xA2, 0xFC, 0x62, 0xD5, 0x6B, 0x84, 0x54, 0xD8, 0x40, 0x22, 0x62, 0x3D, 0x5C, 0xA6, 0x61, 0x9B, 0xE7, 0x02, 0x20, 0x1D, 0xB5, 0xB5, 0xD9, 0xD8, 0xF1, 0x20, 0xDD, 0x97, 0x92, 0xBF, 0x7E, 0x9B, 0x3F, 0xE6, 0x3C, 0x4B, 0x03, 0xD8, 0x80, 0xBD, 0xB7, 0x27, 0x7E, 0x6A, 0x84, 0x23, 0xDE, 0x61, 0x7C, 0x8D, 0xDD }; XMEMSET(key, 0, sizeof(*key)); ExpectIntEQ(wc_ecc_init(key), 0); /* Test with no curve set. */ ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), hash, sizeof(hash), &verified, key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_import_x963_ex(pub, sizeof(pub), key, ECC_SM2P256V1), 0); /* Test invalid parameters. */ ExpectIntEQ(wc_ecc_sm2_verify_hash(NULL, sizeof(sig), NULL, sizeof(hash), NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), NULL, sizeof(hash), NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_verify_hash(NULL, sizeof(sig), hash, sizeof(hash), NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_verify_hash(NULL, sizeof(sig), NULL, sizeof(hash), &verified, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_verify_hash(NULL, sizeof(sig), NULL, sizeof(hash), NULL, key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_verify_hash(NULL, sizeof(sig), hash, sizeof(hash), &verified, key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), NULL, sizeof(hash), &verified, key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), hash, sizeof(hash), NULL, key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), hash, sizeof(hash), &verified, NULL), BAD_FUNC_ARG); /* Make key not on the SM2 curve. */ ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SECP256R1), 0); ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), hash, sizeof(hash), &verified, key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SM2P256V1), 0); /* Test valid parameters. */ ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), hash, sizeof(hash), &verified, key), 0); ExpectIntEQ(verified, 1); ExpectIntEQ(wc_ecc_sm2_verify_hash(sigBad, sizeof(sigBad), hash, sizeof(hash), &verified, key), 0); ExpectIntEQ(verified, 0); wc_ecc_free(key); #ifdef FP_ECC wc_ecc_fp_free(); #endif res = EXPECT_RESULT(); #endif return res; } /* * Testing wc_ecc_sm2_verify_hash_ex() */ static int test_wc_ecc_sm2_sign_hash_ex(void) { int res = TEST_SKIPPED; #if defined(HAVE_ECC) && defined(WOLFSSL_SM2) && defined(HAVE_ECC_SIGN) && \ defined(WOLFSSL_PUBLIC_MP) EXPECT_DECLS; WC_RNG rng[1]; ecc_key key[1]; mp_int r[1]; mp_int s[1]; unsigned char hash[32]; #ifdef HAVE_ECC_VERIFY int verified; #endif XMEMSET(rng, 0, sizeof(*rng)); XMEMSET(key, 0, sizeof(*key)); XMEMSET(r, 0, sizeof(*r)); XMEMSET(s, 0, sizeof(*s)); ExpectIntEQ(wc_InitRng(rng), 0); ExpectIntEQ(mp_init(r), 0); ExpectIntEQ(mp_init(s), 0); ExpectIntEQ(wc_RNG_GenerateBlock(rng, hash, sizeof(hash)), 0); ExpectIntEQ(wc_ecc_init(key), 0); /* Test with no curve set. */ ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, key, r, s), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_make_key(rng, key, WC_ECC_FLAG_NONE), 0); /* Test invalid parameters. */ ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(NULL, sizeof(hash), NULL, NULL, NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), NULL, NULL, NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(NULL, sizeof(hash), rng, NULL, NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(NULL, sizeof(hash), NULL, key, NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(NULL, sizeof(hash), NULL, NULL, r, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(NULL, sizeof(hash), NULL, NULL, NULL, s), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(NULL, sizeof(hash), rng, key, r, s), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), NULL, key, r, s), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, NULL, r, s), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, key, NULL, s), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, key, r, NULL), BAD_FUNC_ARG); /* Make key not on the SM2 curve. */ ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SECP256R1), 0); ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, key, r, s), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SM2P256V1), 0); #ifdef WOLFSSL_SP_MATH_ALL { mp_int smallR[1]; sp_init_size(smallR, 1); /* Force failure in _ecc_sm2_calc_r_s by r being too small. */ ExpectIntLT(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, key, smallR, s), 0); } #endif /* Test valid parameters. */ ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, key, r, s), 0); #ifdef HAVE_ECC_VERIFY ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash), &verified, key), 0); ExpectIntEQ(verified, 1); #endif mp_free(s); mp_free(r); wc_ecc_free(key); wc_FreeRng(rng); #ifdef FP_ECC wc_ecc_fp_free(); #endif res = EXPECT_RESULT(); #endif return res; } /* * Testing wc_ecc_sm2_verify_hash() */ static int test_wc_ecc_sm2_sign_hash(void) { int res = TEST_SKIPPED; #if defined(HAVE_ECC) && defined(WOLFSSL_SM2) && defined(HAVE_ECC_SIGN) EXPECT_DECLS; WC_RNG rng[1]; ecc_key key[1]; unsigned char hash[32]; unsigned char sig[72]; word32 sigSz = sizeof(sig); #ifdef HAVE_ECC_VERIFY int verified; #endif XMEMSET(rng, 0, sizeof(*rng)); XMEMSET(key, 0, sizeof(*key)); ExpectIntEQ(wc_InitRng(rng), 0); ExpectIntEQ(wc_RNG_GenerateBlock(rng, hash, sizeof(hash)), 0); ExpectIntEQ(wc_ecc_init(key), 0); /* Test with no curve set. */ ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), sig, &sigSz, rng, key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_make_key(rng, key, WC_ECC_FLAG_NONE), 0); /* Test invalid parameters. */ ExpectIntEQ(wc_ecc_sm2_sign_hash(NULL, sizeof(hash), NULL, NULL, NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), NULL, NULL, NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_sign_hash(NULL, sizeof(hash), sig, NULL, NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_sign_hash(NULL, sizeof(hash), NULL, &sigSz, NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_sign_hash(NULL, sizeof(hash), NULL, NULL, rng, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_sign_hash(NULL, sizeof(hash), NULL, NULL, NULL, key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_sign_hash(NULL, sizeof(hash), sig, &sigSz, rng, key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), NULL, &sigSz, rng, key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), sig, NULL, rng, key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), sig, &sigSz, NULL, key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), sig, &sigSz, rng, NULL), BAD_FUNC_ARG); /* Make key not on the SM2 curve. */ ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SECP256R1), 0); ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), sig, &sigSz, rng, key), BAD_FUNC_ARG); ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SM2P256V1), 0); /* Test valid parameters. */ ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), sig, &sigSz, rng, key), 0); #ifdef HAVE_ECC_VERIFY ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sigSz, hash, sizeof(hash), &verified, key), 0); ExpectIntEQ(verified, 1); #endif wc_ecc_free(key); wc_FreeRng(rng); #ifdef FP_ECC wc_ecc_fp_free(); #endif res = EXPECT_RESULT(); #endif return res; } /* * Testing ToTraditional */ static int test_ToTraditional(void) { EXPECT_DECLS; #if !defined(NO_ASN) && (defined(HAVE_PKCS8) || defined(HAVE_PKCS12)) && \ (defined(WOLFSSL_TEST_CERT) || defined(OPENSSL_EXTRA) || \ defined(OPENSSL_EXTRA_X509_SMALL)) && !defined(NO_FILESYSTEM) XFILE f = XBADFILE; byte input[TWOK_BUF]; word32 sz = 0; ExpectTrue((f = XFOPEN("./certs/server-keyPkcs8.der", "rb")) != XBADFILE); ExpectTrue((sz = (word32)XFREAD(input, 1, sizeof(input), f)) > 0); if (f != XBADFILE) XFCLOSE(f); /* Good case */ ExpectIntGT(ToTraditional(input, sz), 0); /* Bad cases */ ExpectIntEQ(ToTraditional(NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(ToTraditional(NULL, sz), BAD_FUNC_ARG); #ifdef WOLFSSL_ASN_TEMPLATE ExpectIntEQ(ToTraditional(input, 0), BUFFER_E); #else ExpectIntEQ(ToTraditional(input, 0), ASN_PARSE_E); #endif #endif return EXPECT_RESULT(); } /* End test_ToTraditional*/ /* * Testing wc_EccPrivateKeyToDer */ static int test_wc_EccPrivateKeyToDer(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG) byte output[ONEK_BUF]; ecc_key eccKey; WC_RNG rng; word32 inLen; word32 outLen = 0; int ret; XMEMSET(&eccKey, 0, sizeof(ecc_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_ecc_init(&eccKey), 0); ret = wc_ecc_make_key(&rng, KEY14, &eccKey); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE); #endif ExpectIntEQ(ret, 0); inLen = (word32)sizeof(output); /* Bad Cases */ ExpectIntEQ(wc_EccPrivateKeyToDer(NULL, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_EccPrivateKeyToDer(NULL, output, inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_EccPrivateKeyToDer(&eccKey, NULL, inLen), LENGTH_ONLY_E); ExpectIntEQ(wc_EccPrivateKeyToDer(&eccKey, output, 0), BAD_FUNC_ARG); /* Good Case */ ExpectIntGT(outLen = wc_EccPrivateKeyToDer(&eccKey, output, inLen), 0); wc_ecc_free(&eccKey); DoExpectIntEQ(wc_FreeRng(&rng), 0); #if defined(OPENSSL_EXTRA) && defined(HAVE_ALL_CURVES) { /* test importing private only into a PKEY struct */ EC_KEY* ec = NULL; EVP_PKEY* pkey = NULL; const unsigned char* der; der = output; ExpectNotNull(pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &der, outLen)); der = output; ExpectNotNull(ec = d2i_ECPrivateKey(NULL, &der, outLen)); ExpectIntEQ(EVP_PKEY_assign_EC_KEY(pkey, ec), SSL_SUCCESS); if (EXPECT_FAIL()) { EC_KEY_free(ec); } EVP_PKEY_free(pkey); /* EC_KEY should be free'd by free'ing pkey */ } #endif #endif return EXPECT_RESULT(); } /* End test_wc_EccPrivateKeyToDer*/ /* * Testing wc_DhPublicKeyDecode */ static int test_wc_DhPublicKeyDecode(void) { EXPECT_DECLS; #ifndef NO_DH #if defined(WOLFSSL_DH_EXTRA) && defined(USE_CERT_BUFFERS_2048) DhKey key; word32 inOutIdx; XMEMSET(&key, 0, sizeof(DhKey)); ExpectIntEQ(wc_InitDhKey(&key), 0); ExpectIntEQ(wc_DhPublicKeyDecode(NULL,NULL,NULL,0), BAD_FUNC_ARG); ExpectIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,NULL,NULL,0), BAD_FUNC_ARG); ExpectIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,NULL,NULL,0), BAD_FUNC_ARG); inOutIdx = 0; ExpectIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,&inOutIdx,NULL, 0), BAD_FUNC_ARG); inOutIdx = 0; ExpectIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,&inOutIdx,&key, 0), BAD_FUNC_ARG); inOutIdx = 0; ExpectIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,&inOutIdx,&key, sizeof_dh_pub_key_der_2048), 0); ExpectIntNE(key.p.used, 0); ExpectIntNE(key.g.used, 0); ExpectIntEQ(key.q.used, 0); ExpectIntNE(key.pub.used, 0); ExpectIntEQ(key.priv.used, 0); DoExpectIntEQ(wc_FreeDhKey(&key), 0); #endif #endif /* !NO_DH */ return EXPECT_RESULT(); } /* * Testing wc_Ed25519KeyToDer */ static int test_wc_Ed25519KeyToDer(void) { EXPECT_DECLS; #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT) && \ (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)) byte output[ONEK_BUF]; ed25519_key ed25519Key; WC_RNG rng; word32 inLen; XMEMSET(&ed25519Key, 0, sizeof(ed25519_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_ed25519_init(&ed25519Key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &ed25519Key), 0); inLen = (word32)sizeof(output); /* Bad Cases */ ExpectIntEQ(wc_Ed25519KeyToDer(NULL, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Ed25519KeyToDer(NULL, output, inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_Ed25519KeyToDer(&ed25519Key, output, 0), BAD_FUNC_ARG); /* Good Cases */ /* length only */ ExpectIntGT(wc_Ed25519KeyToDer(&ed25519Key, NULL, inLen), 0); ExpectIntGT(wc_Ed25519KeyToDer(&ed25519Key, output, inLen), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ed25519_free(&ed25519Key); #endif return EXPECT_RESULT(); } /* End test_wc_Ed25519KeyToDer*/ /* * Testing wc_Ed25519PrivateKeyToDer */ static int test_wc_Ed25519PrivateKeyToDer(void) { EXPECT_DECLS; #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT) && \ (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)) byte output[ONEK_BUF]; ed25519_key ed25519PrivKey; WC_RNG rng; word32 inLen; XMEMSET(&ed25519PrivKey, 0, sizeof(ed25519_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_ed25519_init(&ed25519PrivKey), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &ed25519PrivKey), 0); inLen = (word32)sizeof(output); /* Bad Cases */ ExpectIntEQ(wc_Ed25519PrivateKeyToDer(NULL, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Ed25519PrivateKeyToDer(NULL, output, inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, output, 0), BAD_FUNC_ARG); /* Good Cases */ /* length only */ ExpectIntGT(wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, NULL, inLen), 0); ExpectIntGT(wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, output, inLen), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ed25519_free(&ed25519PrivKey); #endif return EXPECT_RESULT(); } /* End test_wc_Ed25519PrivateKeyToDer*/ /* * Testing wc_Ed448KeyToDer */ static int test_wc_Ed448KeyToDer(void) { EXPECT_DECLS; #if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) && \ (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)) byte output[ONEK_BUF]; ed448_key ed448Key; WC_RNG rng; word32 inLen; XMEMSET(&ed448Key, 0, sizeof(ed448_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_ed448_init(&ed448Key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &ed448Key), 0); inLen = (word32)sizeof(output); /* Bad Cases */ ExpectIntEQ(wc_Ed448KeyToDer(NULL, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Ed448KeyToDer(NULL, output, inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_Ed448KeyToDer(&ed448Key, output, 0), BAD_FUNC_ARG); /* Good Cases */ /* length only */ ExpectIntGT(wc_Ed448KeyToDer(&ed448Key, NULL, inLen), 0); ExpectIntGT(wc_Ed448KeyToDer(&ed448Key, output, inLen), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ed448_free(&ed448Key); #endif return EXPECT_RESULT(); } /* End test_wc_Ed448KeyToDer*/ /* * Testing wc_Ed448PrivateKeyToDer */ static int test_wc_Ed448PrivateKeyToDer(void) { EXPECT_DECLS; #if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) && \ (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)) byte output[ONEK_BUF]; ed448_key ed448PrivKey; WC_RNG rng; word32 inLen; XMEMSET(&ed448PrivKey, 0, sizeof(ed448_key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_ed448_init(&ed448PrivKey), 0); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &ed448PrivKey), 0); inLen = (word32)sizeof(output); /* Bad Cases */ ExpectIntEQ(wc_Ed448PrivateKeyToDer(NULL, NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_Ed448PrivateKeyToDer(NULL, output, inLen), BAD_FUNC_ARG); ExpectIntEQ(wc_Ed448PrivateKeyToDer(&ed448PrivKey, output, 0), BAD_FUNC_ARG); /* Good cases */ /* length only */ ExpectIntGT(wc_Ed448PrivateKeyToDer(&ed448PrivKey, NULL, inLen), 0); ExpectIntGT(wc_Ed448PrivateKeyToDer(&ed448PrivKey, output, inLen), 0); DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_ed448_free(&ed448PrivKey); #endif return EXPECT_RESULT(); } /* End test_wc_Ed448PrivateKeyToDer*/ /* * Testing wc_SetSubjectBuffer */ static int test_wc_SetSubjectBuffer(void) { EXPECT_DECLS; #if defined(WOLFSSL_CERT_GEN) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) Cert cert; XFILE file = XBADFILE; byte* der = NULL; word32 derSz; derSz = FOURK_BUF; ExpectNotNull(der = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); ExpectTrue((file = XFOPEN("./certs/ca-cert.der", "rb")) != XBADFILE); ExpectTrue((derSz = (word32)XFREAD(der, 1, FOURK_BUF, file)) > 0); if (file != XBADFILE) XFCLOSE(file); ExpectIntEQ(wc_InitCert(&cert), 0); ExpectIntEQ(wc_SetSubjectBuffer(&cert, der, derSz), 0); ExpectIntEQ(wc_SetSubjectBuffer(NULL, der, derSz), BAD_FUNC_ARG); XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); #endif return EXPECT_RESULT(); } /* End test_wc_SetSubjectBuffer*/ /* * Testing wc_SetSubjectKeyIdFromPublicKey_ex */ static int test_wc_SetSubjectKeyIdFromPublicKey_ex(void) { EXPECT_DECLS; #if defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN) WC_RNG rng; Cert cert; #if !defined(NO_RSA) && defined(HAVE_RSA) RsaKey rsaKey; int bits = 2048; #endif #if defined(HAVE_ECC) ecc_key eccKey; int ret; #endif #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT) ed25519_key ed25519Key; #endif #if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) ed448_key ed448Key; #endif #ifndef HAVE_FIPS ExpectIntEQ(wc_InitRng_ex(&rng, HEAP_HINT, testDevId), 0); #else ExpectIntEQ(wc_InitRng(&rng), 0); #endif ExpectIntEQ(wc_InitCert(&cert), 0); #if !defined(NO_RSA) && defined(HAVE_RSA) && defined(WOLFSSL_KEY_GEN) /* RSA */ XMEMSET(&rsaKey, 0, sizeof(RsaKey)); ExpectIntEQ(wc_InitRsaKey(&rsaKey, HEAP_HINT), 0); ExpectIntEQ(MAKE_RSA_KEY(&rsaKey, bits, WC_RSA_EXPONENT, &rng), 0); ExpectIntEQ(wc_SetSubjectKeyIdFromPublicKey_ex(&cert, RSA_TYPE, &rsaKey), 0); DoExpectIntEQ(wc_FreeRsaKey(&rsaKey), 0); #endif #if defined(HAVE_ECC) /* ECC */ XMEMSET(&eccKey, 0, sizeof(ecc_key)); ExpectIntEQ(wc_ecc_init(&eccKey), 0); ret = wc_ecc_make_key(&rng, KEY14, &eccKey); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE); #endif ExpectIntEQ(ret, 0); ExpectIntEQ(wc_SetSubjectKeyIdFromPublicKey_ex(&cert, ECC_TYPE, &eccKey), 0); DoExpectIntEQ(wc_ecc_free(&eccKey), 0); #endif #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT) /* ED25519 */ XMEMSET(&ed25519Key, 0, sizeof(ed25519_key)); ExpectIntEQ(wc_ed25519_init(&ed25519Key), 0); ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &ed25519Key), 0); ExpectIntEQ(wc_SetSubjectKeyIdFromPublicKey_ex(&cert, ED25519_TYPE, &ed25519Key), 0); wc_ed25519_free(&ed25519Key); #endif #if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) /* ED448 */ XMEMSET(&ed448Key, 0, sizeof(ed448_key)); ExpectIntEQ(wc_ed448_init(&ed448Key), 0); ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &ed448Key), 0); ExpectIntEQ(wc_SetSubjectKeyIdFromPublicKey_ex(&cert, ED448_TYPE, &ed448Key), 0); wc_ed448_free(&ed448Key); #endif wc_FreeRng(&rng); DoExpectIntEQ(wc_FreeRng(&rng), 0); #endif /* WOLFSSL_CERT_EXT && WOLFSSL_CERT_GEN */ return EXPECT_RESULT(); } /* End test_wc_SetSubjectKeyIdFromPublicKey_ex*/ /* * Testing wc_SetAuthKeyIdFromPublicKey_ex */ static int test_wc_SetAuthKeyIdFromPublicKey_ex(void) { EXPECT_DECLS; #if defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN) WC_RNG rng; Cert cert; #if !defined(NO_RSA) && defined(HAVE_RSA) RsaKey rsaKey; int bits = 2048; #endif #if defined(HAVE_ECC) ecc_key eccKey; int ret; #endif #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT) ed25519_key ed25519Key; #endif #if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) ed448_key ed448Key; #endif #ifndef HAVE_FIPS ExpectIntEQ(wc_InitRng_ex(&rng, HEAP_HINT, testDevId), 0); #else ExpectIntEQ(wc_InitRng(&rng), 0); #endif ExpectIntEQ(wc_InitCert(&cert), 0); #if !defined(NO_RSA) && defined(HAVE_RSA) && defined(WOLFSSL_KEY_GEN) /* RSA */ XMEMSET(&rsaKey, 0, sizeof(RsaKey)); ExpectIntEQ(wc_InitRsaKey(&rsaKey, HEAP_HINT), 0); ExpectIntEQ(MAKE_RSA_KEY(&rsaKey, bits, WC_RSA_EXPONENT, &rng), 0); ExpectIntEQ(wc_SetAuthKeyIdFromPublicKey_ex(&cert, RSA_TYPE, &rsaKey), 0); DoExpectIntEQ(wc_FreeRsaKey(&rsaKey), 0); #endif #if defined(HAVE_ECC) /* ECC */ XMEMSET(&eccKey, 0, sizeof(ecc_key)); ExpectIntEQ(wc_ecc_init(&eccKey), 0); ret = wc_ecc_make_key(&rng, KEY14, &eccKey); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE); #endif ExpectIntEQ(ret, 0); ExpectIntEQ(wc_SetAuthKeyIdFromPublicKey_ex(&cert, ECC_TYPE, &eccKey), 0); DoExpectIntEQ(wc_ecc_free(&eccKey), 0); #endif #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT) /* ED25519 */ XMEMSET(&ed25519Key, 0, sizeof(ed25519_key)); ExpectIntEQ(wc_ed25519_init(&ed25519Key), 0); ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &ed25519Key), 0); ExpectIntEQ(wc_SetAuthKeyIdFromPublicKey_ex(&cert, ED25519_TYPE, &ed25519Key), 0); wc_ed25519_free(&ed25519Key); #endif #if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) /* ED448 */ XMEMSET(&ed448Key, 0, sizeof(ed448_key)); ExpectIntEQ(wc_ed448_init(&ed448Key), 0); ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &ed448Key), 0); ExpectIntEQ(wc_SetAuthKeyIdFromPublicKey_ex(&cert, ED448_TYPE, &ed448Key), 0); wc_ed448_free(&ed448Key); #endif DoExpectIntEQ(wc_FreeRng(&rng), 0); #endif /* defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)*/ return EXPECT_RESULT(); } /* End test_wc_SetAuthKeyIdFromPublicKey_ex*/ /* * Testing wc_PKCS7_New() */ static int test_wc_PKCS7_New(void) { EXPECT_DECLS; #if defined(HAVE_PKCS7) PKCS7* pkcs7 = NULL; ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, testDevId)); wc_PKCS7_Free(pkcs7); #endif return EXPECT_RESULT(); } /* END test-wc_PKCS7_New */ /* * Testing wc_PKCS7_Init() */ static int test_wc_PKCS7_Init(void) { EXPECT_DECLS; #if defined(HAVE_PKCS7) PKCS7* pkcs7 = NULL; void* heap = NULL; ExpectNotNull(pkcs7 = wc_PKCS7_New(heap, testDevId)); ExpectIntEQ(wc_PKCS7_Init(pkcs7, heap, testDevId), 0); /* Pass in bad args. */ ExpectIntEQ(wc_PKCS7_Init(NULL, heap, testDevId), BAD_FUNC_ARG); wc_PKCS7_Free(pkcs7); #endif return EXPECT_RESULT(); } /* END test-wc_PKCS7_Init */ /* * Testing wc_PKCS7_InitWithCert() */ static int test_wc_PKCS7_InitWithCert(void) { EXPECT_DECLS; #if defined(HAVE_PKCS7) PKCS7* pkcs7 = NULL; #ifndef NO_RSA #if defined(USE_CERT_BUFFERS_2048) unsigned char cert[sizeof(client_cert_der_2048)]; int certSz = (int)sizeof(cert); XMEMSET(cert, 0, certSz); XMEMCPY(cert, client_cert_der_2048, sizeof(client_cert_der_2048)); #elif defined(USE_CERT_BUFFERS_1024) unsigned char cert[sizeof(client_cert_der_1024)]; int certSz = (int)sizeof(cert); XMEMSET(cert, 0, certSz); XMEMCPY(cert, client_cert_der_1024, sizeof_client_cert_der_1024); #else unsigned char cert[ONEK_BUF]; XFILE fp = XBADFILE; int certSz; ExpectTrue((fp = XFOPEN("./certs/1024/client-cert.der", "rb")) != XBADFILE); ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024, fp), 0); if (fp != XBADFILE) XFCLOSE(fp); #endif #elif defined(HAVE_ECC) #if defined(USE_CERT_BUFFERS_256) unsigned char cert[sizeof(cliecc_cert_der_256)]; int certSz = (int)sizeof(cert); XMEMSET(cert, 0, certSz); XMEMCPY(cert, cliecc_cert_der_256, sizeof(cliecc_cert_der_256)); #else unsigned char cert[ONEK_BUF]; XFILE fp = XBADFILE; int certSz; ExpectTrue((fp = XFOPEN("./certs/client-ecc-cert.der", "rb")) != XBADFILE); ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof(cliecc_cert_der_256), fp), 0); if (fp != XBADFILE) XFCLOSE(fp); #endif #else #error PKCS7 requires ECC or RSA #endif #ifdef HAVE_ECC { /* bad test case from ZD 11011, malformed cert gives bad ECC key */ static unsigned char certWithInvalidEccKey[] = { 0x30, 0x82, 0x03, 0x5F, 0x30, 0x82, 0x03, 0x04, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x14, 0x61, 0xB3, 0x1E, 0x59, 0xF3, 0x68, 0x6C, 0xA4, 0x79, 0x42, 0x83, 0x2F, 0x1A, 0x50, 0x71, 0x03, 0xBE, 0x31, 0xAA, 0x2C, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x8D, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x06, 0x4F, 0x72, 0x65, 0x67, 0x6F, 0x6E, 0x31, 0x0E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x05, 0x53, 0x61, 0x6C, 0x65, 0x6D, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0A, 0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, 0x45, 0x43, 0x43, 0x31, 0x0D, 0x30, 0x0B, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x04, 0x46, 0x61, 0x73, 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, 0x31, 0x39, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x17, 0x0D, 0x32, 0x33, 0x30, 0x33, 0x31, 0x36, 0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x30, 0x81, 0x8D, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x06, 0x4F, 0x72, 0x65, 0x67, 0x6F, 0x6E, 0x31, 0x0E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x05, 0x53, 0x61, 0x6C, 0x65, 0x6D, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0A, 0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, 0x45, 0x43, 0x43, 0x31, 0x0D, 0x30, 0x0B, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x04, 0x46, 0x61, 0x73, 0x74, 0x31, 0x18, 0x30, 0x26, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, 0x02, 0x00, 0x04, 0x55, 0xBF, 0xF4, 0x0F, 0x44, 0x50, 0x9A, 0x3D, 0xCE, 0x9B, 0xB7, 0xF0, 0xC5, 0x4D, 0xF5, 0x70, 0x7B, 0xD4, 0xEC, 0x24, 0x8E, 0x19, 0x80, 0xEC, 0x5A, 0x4C, 0xA2, 0x24, 0x03, 0x62, 0x2C, 0x9B, 0xDA, 0xEF, 0xA2, 0x35, 0x12, 0x43, 0x84, 0x76, 0x16, 0xC6, 0x56, 0x95, 0x06, 0xCC, 0x01, 0xA9, 0xBD, 0xF6, 0x75, 0x1A, 0x42, 0xF7, 0xBD, 0xA9, 0xB2, 0x36, 0x22, 0x5F, 0xC7, 0x5D, 0x7F, 0xB4, 0xA3, 0x82, 0x01, 0x3E, 0x30, 0x82, 0x01, 0x3A, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xEB, 0xD4, 0x4B, 0x59, 0x6B, 0x95, 0x61, 0x3F, 0x51, 0x57, 0xB6, 0x04, 0x4D, 0x89, 0x41, 0x88, 0x44, 0x5C, 0xAB, 0xF2, 0x30, 0x81, 0xCD, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xC5, 0x30, 0x81, 0xC2, 0x80, 0x14, 0xEB, 0xD4, 0x4B, 0x59, 0x72, 0x95, 0x61, 0x3F, 0x51, 0x57, 0xB6, 0x04, 0x4D, 0x89, 0x41, 0x88, 0x44, 0x5C, 0xAB, 0xF2, 0xA1, 0x81, 0x93, 0xA4, 0x81, 0x90, 0x30, 0x81, 0x8D, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, 0x08, 0x08, 0x0C, 0x06, 0x4F, 0x72, 0x65, 0x67, 0x6F, 0x6E, 0x31, 0x0E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x05, 0x53, 0x61, 0x6C, 0x65, 0x6D, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0A, 0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, 0x45, 0x43, 0x43, 0x31, 0x0D, 0x30, 0x0B, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x04, 0x46, 0x61, 0x73, 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x61, 0xB3, 0x1E, 0x59, 0xF3, 0x68, 0x6C, 0xA4, 0x79, 0x42, 0x83, 0x2F, 0x1A, 0x50, 0x71, 0x03, 0xBE, 0x32, 0xAA, 0x2C, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x23, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x03, 0x49, 0x00, 0x30, 0x46, 0x02, 0x21, 0x00, 0xE4, 0xA0, 0x23, 0x26, 0x2B, 0x0B, 0x42, 0x0F, 0x97, 0x37, 0x6D, 0xCB, 0x14, 0x23, 0xC3, 0xC3, 0xE6, 0x44, 0xCF, 0x5F, 0x4C, 0x26, 0xA3, 0x72, 0x64, 0x7A, 0x9C, 0xCB, 0x64, 0xAB, 0xA6, 0xBE, 0x02, 0x21, 0x00, 0xAA, 0xC5, 0xA3, 0x50, 0xF6, 0xF1, 0xA5, 0xDB, 0x05, 0xE0, 0x75, 0xD2, 0xF7, 0xBA, 0x49, 0x5F, 0x8F, 0x7D, 0x1C, 0x44, 0xB1, 0x6E, 0xDF, 0xC8, 0xDA, 0x10, 0x48, 0x2D, 0x53, 0x08, 0xA8, 0xB4 }; #endif ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); /* If initialization is not successful, it's free'd in init func. */ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)cert, (word32)certSz), 0); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); /* Valid initialization usage. */ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); /* Pass in bad args. No need free for null checks, free at end.*/ ExpectIntEQ(wc_PKCS7_InitWithCert(NULL, (byte*)cert, (word32)certSz), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, (word32)certSz), BAD_FUNC_ARG); #ifdef HAVE_ECC ExpectIntLT(wc_PKCS7_InitWithCert(pkcs7, certWithInvalidEccKey, sizeof(certWithInvalidEccKey)), 0); } #endif wc_PKCS7_Free(pkcs7); #endif return EXPECT_RESULT(); } /* END test_wc_PKCS7_InitWithCert */ /* * Testing wc_PKCS7_EncodeData() */ static int test_wc_PKCS7_EncodeData(void) { EXPECT_DECLS; #if defined(HAVE_PKCS7) PKCS7* pkcs7 = NULL; byte output[FOURK_BUF]; byte data[] = "My encoded DER cert."; #ifndef NO_RSA #if defined(USE_CERT_BUFFERS_2048) unsigned char cert[sizeof(client_cert_der_2048)]; unsigned char key[sizeof(client_key_der_2048)]; int certSz = (int)sizeof(cert); int keySz = (int)sizeof(key); XMEMSET(cert, 0, certSz); XMEMSET(key, 0, keySz); XMEMCPY(cert, client_cert_der_2048, certSz); XMEMCPY(key, client_key_der_2048, keySz); #elif defined(USE_CERT_BUFFERS_1024) unsigned char cert[sizeof(sizeof_client_cert_der_1024)]; unsigned char key[sizeof_client_key_der_1024]; int certSz = (int)sizeof(cert); int keySz = (int)sizeof(key); XMEMSET(cert, 0, certSz); XMEMSET(key, 0, keySz); XMEMCPY(cert, client_cert_der_1024, certSz); XMEMCPY(key, client_key_der_1024, keySz); #else unsigned char cert[ONEK_BUF]; unsigned char key[ONEK_BUF]; XFILE fp = XBADFILE; int certSz; int keySz; ExpectTrue((fp = XFOPEN("./certs/1024/client-cert.der", "rb")) != XBADFILE); ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024, fp), 0); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } ExpectTrue((fp = XFOPEN("./certs/1024/client-key.der", "rb")) != XBADFILE); ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_client_key_der_1024, fp), 0); if (fp != XBADFILE) XFCLOSE(fp); #endif #elif defined(HAVE_ECC) #if defined(USE_CERT_BUFFERS_256) unsigned char cert[sizeof(cliecc_cert_der_256)]; unsigned char key[sizeof(ecc_clikey_der_256)]; int certSz = (int)sizeof(cert); int keySz = (int)sizeof(key); XMEMSET(cert, 0, certSz); XMEMSET(key, 0, keySz); XMEMCPY(cert, cliecc_cert_der_256, sizeof_cliecc_cert_der_256); XMEMCPY(key, ecc_clikey_der_256, sizeof_ecc_clikey_der_256); #else unsigned char cert[ONEK_BUF]; unsigned char key[ONEK_BUF]; XFILE fp = XBADFILE; int certSz, keySz; ExpectTrue((fp = XFOPEN("./certs/client-ecc-cert.der", "rb")) != XBADFILE); ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_cliecc_cert_der_256, fp), 0); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } ExpectTrue((fp = XFOPEN("./certs/client-ecc-key.der", "rb")) != XBADFILE); ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_ecc_clikey_der_256, fp), 0); if (fp != XBADFILE) XFCLOSE(fp); #endif #endif XMEMSET(output, 0, sizeof(output)); ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)cert, certSz), 0); if (pkcs7 != NULL) { pkcs7->content = data; pkcs7->contentSz = sizeof(data); pkcs7->privateKey = key; pkcs7->privateKeySz = keySz; } ExpectIntGT(wc_PKCS7_EncodeData(pkcs7, output, (word32)sizeof(output)), 0); /* Test bad args. */ ExpectIntEQ(wc_PKCS7_EncodeData(NULL, output, (word32)sizeof(output)), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_EncodeData(pkcs7, NULL, (word32)sizeof(output)), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_EncodeData(pkcs7, output, 5), BUFFER_E); wc_PKCS7_Free(pkcs7); #endif return EXPECT_RESULT(); } /* END test_wc_PKCS7_EncodeData */ #if defined(HAVE_PKCS7) && defined(HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK) && \ !defined(NO_RSA) && !defined(NO_SHA256) /* RSA sign raw digest callback */ static int rsaSignRawDigestCb(PKCS7* pkcs7, byte* digest, word32 digestSz, byte* out, word32 outSz, byte* privateKey, word32 privateKeySz, int devid, int hashOID) { /* specific DigestInfo ASN.1 encoding prefix for a SHA2565 digest */ byte digInfoEncoding[] = { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20 }; int ret; byte digestInfo[ONEK_BUF]; byte sig[FOURK_BUF]; word32 digestInfoSz = 0; word32 idx = 0; RsaKey rsa; /* SHA-256 required only for this example callback due to above * digInfoEncoding[] */ if (pkcs7 == NULL || digest == NULL || out == NULL || (sizeof(digestInfo) < sizeof(digInfoEncoding) + digestSz) || (hashOID != SHA256h)) { return -1; } /* build DigestInfo */ XMEMCPY(digestInfo, digInfoEncoding, sizeof(digInfoEncoding)); digestInfoSz += sizeof(digInfoEncoding); XMEMCPY(digestInfo + digestInfoSz, digest, digestSz); digestInfoSz += digestSz; /* set up RSA key */ ret = wc_InitRsaKey_ex(&rsa, pkcs7->heap, devid); if (ret != 0) { return ret; } ret = wc_RsaPrivateKeyDecode(privateKey, &idx, &rsa, privateKeySz); /* sign DigestInfo */ if (ret == 0) { ret = wc_RsaSSL_Sign(digestInfo, digestInfoSz, sig, sizeof(sig), &rsa, pkcs7->rng); if (ret > 0) { if (ret > (int)outSz) { /* output buffer too small */ ret = -1; } else { /* success, ret holds sig size */ XMEMCPY(out, sig, ret); } } } wc_FreeRsaKey(&rsa); return ret; } #endif #if defined(HAVE_PKCS7) && defined(ASN_BER_TO_DER) typedef struct encodeSignedDataStream { byte out[FOURK_BUF*3]; int idx; word32 outIdx; } encodeSignedDataStream; /* content is 8k of partially created bundle */ static int GetContentCB(PKCS7* pkcs7, byte** content, void* ctx) { int ret = 0; encodeSignedDataStream* strm = (encodeSignedDataStream*)ctx; if (strm->outIdx < pkcs7->contentSz) { ret = (pkcs7->contentSz > strm->outIdx + FOURK_BUF)? FOURK_BUF : pkcs7->contentSz - strm->outIdx; *content = strm->out + strm->outIdx; strm->outIdx += ret; } (void)pkcs7; return ret; } static int StreamOutputCB(PKCS7* pkcs7, const byte* output, word32 outputSz, void* ctx) { encodeSignedDataStream* strm = (encodeSignedDataStream*)ctx; XMEMCPY(strm->out + strm->idx, output, outputSz); strm->idx += outputSz; (void)pkcs7; return 0; } #endif /* * Testing wc_PKCS7_EncodeSignedData() */ static int test_wc_PKCS7_EncodeSignedData(void) { EXPECT_DECLS; #if defined(HAVE_PKCS7) PKCS7* pkcs7 = NULL; WC_RNG rng; byte output[FOURK_BUF]; byte badOut[1]; word32 outputSz = (word32)sizeof(output); word32 badOutSz = 0; byte data[] = "Test data to encode."; #ifndef NO_RSA #if defined(USE_CERT_BUFFERS_2048) byte key[sizeof(client_key_der_2048)]; byte cert[sizeof(client_cert_der_2048)]; word32 keySz = (word32)sizeof(key); word32 certSz = (word32)sizeof(cert); XMEMSET(key, 0, keySz); XMEMSET(cert, 0, certSz); XMEMCPY(key, client_key_der_2048, keySz); XMEMCPY(cert, client_cert_der_2048, certSz); #elif defined(USE_CERT_BUFFERS_1024) byte key[sizeof_client_key_der_1024]; byte cert[sizeof(sizeof_client_cert_der_1024)]; word32 keySz = (word32)sizeof(key); word32 certSz = (word32)sizeof(cert); XMEMSET(key, 0, keySz); XMEMSET(cert, 0, certSz); XMEMCPY(key, client_key_der_1024, keySz); XMEMCPY(cert, client_cert_der_1024, certSz); #else unsigned char cert[ONEK_BUF]; unsigned char key[ONEK_BUF]; XFILE fp = XBADFILE; int certSz; int keySz; ExpectTrue((fp = XFOPEN("./certs/1024/client-cert.der", "rb")) != XBADFILE); ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024, fp), 0); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } ExpectTrue((fp = XFOPEN("./certs/1024/client-key.der", "rb")) != XBADFILE); ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_client_key_der_1024, fp), 0); if (fp != XBADFILE) XFCLOSE(fp); #endif #elif defined(HAVE_ECC) #if defined(USE_CERT_BUFFERS_256) unsigned char cert[sizeof(cliecc_cert_der_256)]; unsigned char key[sizeof(ecc_clikey_der_256)]; int certSz = (int)sizeof(cert); int keySz = (int)sizeof(key); XMEMSET(cert, 0, certSz); XMEMSET(key, 0, keySz); XMEMCPY(cert, cliecc_cert_der_256, certSz); XMEMCPY(key, ecc_clikey_der_256, keySz); #else unsigned char cert[ONEK_BUF]; unsigned char key[ONEK_BUF]; XFILE fp = XBADFILE; int certSz; int keySz; ExpectTrue((fp = XFOPEN("./certs/client-ecc-cert.der", "rb")) != XBADFILE); ExpectIntGT(certSz = (int)XFREAD(cert, 1, ONEK_BUF, fp), 0); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } ExpectTrue((fp = XFOPEN("./certs/client-ecc-key.der", "rb")) != XBADFILE); ExpectIntGT(keySz = (int)XFREAD(key, 1, ONEK_BUF, fp), 0); if (fp != XBADFILE) XFCLOSE(fp); #endif #endif XMEMSET(&rng, 0, sizeof(WC_RNG)); XMEMSET(output, 0, outputSz); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0); if (pkcs7 != NULL) { pkcs7->content = data; pkcs7->contentSz = (word32)sizeof(data); pkcs7->privateKey = key; pkcs7->privateKeySz = (word32)sizeof(key); pkcs7->encryptOID = RSAk; #ifdef NO_SHA pkcs7->hashOID = SHA256h; #else pkcs7->hashOID = SHAh; #endif pkcs7->rng = &rng; } ExpectIntGT(wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz), 0); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0); #ifdef ASN_BER_TO_DER wc_PKCS7_Free(pkcs7); /* reinitialize and test setting stream mode */ { int signedSz; encodeSignedDataStream strm; ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0); if (pkcs7 != NULL) { pkcs7->content = data; pkcs7->contentSz = (word32)sizeof(data); pkcs7->privateKey = key; pkcs7->privateKeySz = (word32)sizeof(key); pkcs7->encryptOID = RSAk; #ifdef NO_SHA pkcs7->hashOID = SHA256h; #else pkcs7->hashOID = SHAh; #endif pkcs7->rng = &rng; } ExpectIntEQ(wc_PKCS7_GetStreamMode(pkcs7), 0); ExpectIntEQ(wc_PKCS7_SetStreamMode(pkcs7, 1, NULL, NULL, NULL), 0); ExpectIntEQ(wc_PKCS7_SetStreamMode(NULL, 1, NULL, NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_GetStreamMode(pkcs7), 1); ExpectIntGT(signedSz = wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz), 0); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); /* use exact signed buffer size since BER encoded */ ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, signedSz), 0); wc_PKCS7_Free(pkcs7); /* now try with using callbacks for IO */ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0); if (pkcs7 != NULL) { pkcs7->contentSz = FOURK_BUF*2; pkcs7->privateKey = key; pkcs7->privateKeySz = (word32)sizeof(key); pkcs7->encryptOID = RSAk; #ifdef NO_SHA pkcs7->hashOID = SHA256h; #else pkcs7->hashOID = SHAh; #endif pkcs7->rng = &rng; } XMEMSET(&strm, 0, sizeof(strm)); ExpectIntEQ(wc_PKCS7_SetStreamMode(pkcs7, 1, GetContentCB, StreamOutputCB, (void*)&strm), 0); ExpectIntGT(signedSz = wc_PKCS7_EncodeSignedData(pkcs7, NULL, 0), 0); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); /* use exact signed buffer size since BER encoded */ ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, strm.out, signedSz), 0); } #endif #ifndef NO_PKCS7_STREAM wc_PKCS7_Free(pkcs7); pkcs7 = NULL; { word32 z; int ret; ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); /* test for streaming mode */ ret = -1; for (z = 0; z < outputSz && ret != 0; z++) { ret = wc_PKCS7_VerifySignedData(pkcs7, output + z, 1); if (ret < 0){ ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E); } } ExpectIntEQ(ret, 0); ExpectIntNE(pkcs7->contentSz, 0); ExpectNotNull(pkcs7->contentDynamic); } #endif /* !NO_PKCS7_STREAM */ /* Pass in bad args. */ ExpectIntEQ(wc_PKCS7_EncodeSignedData(NULL, output, outputSz), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_EncodeSignedData(pkcs7, NULL, outputSz), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_EncodeSignedData(pkcs7, badOut, badOutSz), BAD_FUNC_ARG); if (pkcs7 != NULL) { pkcs7->hashOID = 0; /* bad hashOID */ } ExpectIntEQ(wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz), BAD_FUNC_ARG); #if defined(HAVE_PKCS7) && defined(HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK) && \ !defined(NO_RSA) && !defined(NO_SHA256) /* test RSA sign raw digest callback, if using RSA and compiled in. * Example callback assumes SHA-256, so only run test if compiled in. */ wc_PKCS7_Free(pkcs7); pkcs7 = NULL; ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0); if (pkcs7 != NULL) { pkcs7->content = data; pkcs7->contentSz = (word32)sizeof(data); pkcs7->privateKey = key; pkcs7->privateKeySz = (word32)sizeof(key); pkcs7->encryptOID = RSAk; pkcs7->hashOID = SHA256h; pkcs7->rng = &rng; } ExpectIntEQ(wc_PKCS7_SetRsaSignRawDigestCb(pkcs7, rsaSignRawDigestCb), 0); ExpectIntGT(wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz), 0); #endif wc_PKCS7_Free(pkcs7); DoExpectIntEQ(wc_FreeRng(&rng), 0); #endif return EXPECT_RESULT(); } /* END test_wc_PKCS7_EncodeSignedData */ /* * Testing wc_PKCS7_EncodeSignedData_ex() and wc_PKCS7_VerifySignedData_ex() */ static int test_wc_PKCS7_EncodeSignedData_ex(void) { EXPECT_DECLS; #if defined(HAVE_PKCS7) int i; PKCS7* pkcs7 = NULL; WC_RNG rng; byte outputHead[FOURK_BUF/2]; byte outputFoot[FOURK_BUF/2]; word32 outputHeadSz = (word32)sizeof(outputHead); word32 outputFootSz = (word32)sizeof(outputFoot); byte data[FOURK_BUF]; wc_HashAlg hash; #ifdef NO_SHA enum wc_HashType hashType = WC_HASH_TYPE_SHA256; #else enum wc_HashType hashType = WC_HASH_TYPE_SHA; #endif byte hashBuf[WC_MAX_DIGEST_SIZE]; word32 hashSz = wc_HashGetDigestSize(hashType); #ifndef NO_RSA #if defined(USE_CERT_BUFFERS_2048) byte key[sizeof(client_key_der_2048)]; byte cert[sizeof(client_cert_der_2048)]; word32 keySz = (word32)sizeof(key); word32 certSz = (word32)sizeof(cert); XMEMSET(key, 0, keySz); XMEMSET(cert, 0, certSz); XMEMCPY(key, client_key_der_2048, keySz); XMEMCPY(cert, client_cert_der_2048, certSz); #elif defined(USE_CERT_BUFFERS_1024) byte key[sizeof_client_key_der_1024]; byte cert[sizeof(sizeof_client_cert_der_1024)]; word32 keySz = (word32)sizeof(key); word32 certSz = (word32)sizeof(cert); XMEMSET(key, 0, keySz); XMEMSET(cert, 0, certSz); XMEMCPY(key, client_key_der_1024, keySz); XMEMCPY(cert, client_cert_der_1024, certSz); #else unsigned char cert[ONEK_BUF]; unsigned char key[ONEK_BUF]; XFILE fp = XBADFILE; int certSz; int keySz; ExpectTure((fp = XFOPEN("./certs/1024/client-cert.der", "rb")) != XBADFILE); ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024, fp), 0); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } ExpectTrue((fp = XFOPEN("./certs/1024/client-key.der", "rb")) != XBADFILE); ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_client_key_der_1024, fp), 0); if (fp != XBADFILE) XFCLOSE(fp); #endif #elif defined(HAVE_ECC) #if defined(USE_CERT_BUFFERS_256) unsigned char cert[sizeof(cliecc_cert_der_256)]; unsigned char key[sizeof(ecc_clikey_der_256)]; int certSz = (int)sizeof(cert); int keySz = (int)sizeof(key); XMEMSET(cert, 0, certSz); XMEMSET(key, 0, keySz); XMEMCPY(cert, cliecc_cert_der_256, sizeof_cliecc_cert_der_256); XMEMCPY(key, ecc_clikey_der_256, sizeof_ecc_clikey_der_256); #else unsigned char cert[ONEK_BUF]; unsigned char key[ONEK_BUF]; XFILE fp = XBADFILE; int certSz; int keySz; ExpectTrue((fp = XFOPEN("./certs/client-ecc-cert.der", "rb")) != XBADFILE); ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_cliecc_cert_der_256, fp), 0); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } ExpectTrue((fp = XFOPEN("./certs/client-ecc-key.der", "rb")) != XBADFILE); ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_ecc_clikey_der_256, fp), 0); if (fp != XBADFILE) XFCLOSE(fp); #endif #endif XMEMSET(&rng, 0, sizeof(WC_RNG)); /* initialize large data with sequence */ for (i=0; i<(int)sizeof(data); i++) data[i] = i & 0xff; XMEMSET(outputHead, 0, outputHeadSz); XMEMSET(outputFoot, 0, outputFootSz); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0); if (pkcs7 != NULL) { pkcs7->content = NULL; /* not used for ex */ pkcs7->contentSz = (word32)sizeof(data); pkcs7->privateKey = key; pkcs7->privateKeySz = (word32)sizeof(key); pkcs7->encryptOID = RSAk; #ifdef NO_SHA pkcs7->hashOID = SHA256h; #else pkcs7->hashOID = SHAh; #endif pkcs7->rng = &rng; } /* calculate hash for content */ XMEMSET(&hash, 0, sizeof(wc_HashAlg)); ExpectIntEQ(wc_HashInit(&hash, hashType), 0); ExpectIntEQ(wc_HashUpdate(&hash, hashType, data, sizeof(data)), 0); ExpectIntEQ(wc_HashFinal(&hash, hashType, hashBuf), 0); DoExpectIntEQ(wc_HashFree(&hash, hashType), 0); /* Perform PKCS7 sign using hash directly */ ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz, outputHead, &outputHeadSz, outputFoot, &outputFootSz), 0); ExpectIntGT(outputHeadSz, 0); ExpectIntGT(outputFootSz, 0); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); /* required parameter even on verify when using _ex, if using outputHead * and outputFoot */ if (pkcs7 != NULL) { pkcs7->contentSz = (word32)sizeof(data); } ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz, outputHead, outputHeadSz, outputFoot, outputFootSz), 0); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; /* assembly complete PKCS7 sign and use normal verify */ { byte* output = NULL; word32 outputSz = 0; #ifndef NO_PKCS7_STREAM word32 z; int ret; #endif /* !NO_PKCS7_STREAM */ ExpectNotNull(output = (byte*)XMALLOC( outputHeadSz + sizeof(data) + outputFootSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); if (output != NULL) { XMEMCPY(&output[outputSz], outputHead, outputHeadSz); outputSz += outputHeadSz; XMEMCPY(&output[outputSz], data, sizeof(data)); outputSz += sizeof(data); XMEMCPY(&output[outputSz], outputFoot, outputFootSz); outputSz += outputFootSz; } ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0); #ifndef NO_PKCS7_STREAM wc_PKCS7_Free(pkcs7); pkcs7 = NULL; ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); /* test for streaming mode */ ret = -1; for (z = 0; z < outputSz && ret != 0; z++) { ret = wc_PKCS7_VerifySignedData(pkcs7, output + z, 1); if (ret < 0){ ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E); } } ExpectIntEQ(ret, 0); ExpectIntNE(pkcs7->contentSz, 0); ExpectNotNull(pkcs7->contentDynamic); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); #endif /* !NO_PKCS7_STREAM */ XFREE(output, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); } /* Pass in bad args. */ ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(NULL, hashBuf, hashSz, outputHead, &outputHeadSz, outputFoot, &outputFootSz), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, NULL, hashSz, outputHead, &outputHeadSz, outputFoot, &outputFootSz), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, 0, outputHead, &outputHeadSz, outputFoot, &outputFootSz), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz, NULL, &outputHeadSz, outputFoot, &outputFootSz), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz, outputHead, NULL, outputFoot, &outputFootSz), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz, outputHead, &outputHeadSz, NULL, &outputFootSz), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz, outputHead, &outputHeadSz, outputFoot, NULL), BAD_FUNC_ARG); if (pkcs7 != NULL) { pkcs7->hashOID = 0; /* bad hashOID */ } ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz, outputHead, &outputHeadSz, outputFoot, &outputFootSz), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(NULL, hashBuf, hashSz, outputHead, outputHeadSz, outputFoot, outputFootSz), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, NULL, hashSz, outputHead, outputHeadSz, outputFoot, outputFootSz), BAD_FUNC_ARG); #ifndef NO_PKCS7_STREAM ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, 0, outputHead, outputHeadSz, outputFoot, outputFootSz), WC_PKCS7_WANT_READ_E); #else ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, 0, outputHead, outputHeadSz, outputFoot, outputFootSz), BUFFER_E); #endif ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz, NULL, outputHeadSz, outputFoot, outputFootSz), BAD_FUNC_ARG); #ifndef NO_PKCS7_STREAM /* can pass in 0 buffer length with streaming API */ ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz, outputHead, 0, outputFoot, outputFootSz), WC_PKCS7_WANT_READ_E); #else ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz, outputHead, 0, outputFoot, outputFootSz), BAD_FUNC_ARG); #endif ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz, outputHead, outputHeadSz, NULL, outputFootSz), BAD_FUNC_ARG); #ifndef NO_PKCS7_STREAM ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz, outputHead, outputHeadSz, outputFoot, 0), WC_PKCS7_WANT_READ_E); #else ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz, outputHead, outputHeadSz, outputFoot, 0), BUFFER_E); #endif wc_PKCS7_Free(pkcs7); DoExpectIntEQ(wc_FreeRng(&rng), 0); #endif return EXPECT_RESULT(); } /* END test_wc_PKCS7_EncodeSignedData_ex */ #if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) /** * Loads certs/keys from files or buffers into the argument buffers, * helper function called by CreatePKCS7SignedData(). * * Returns 0 on success, negative on error. */ static int LoadPKCS7SignedDataCerts( int useIntermediateCertChain, int pkAlgoType, byte* intCARoot, word32* intCARootSz, byte* intCA1, word32* intCA1Sz, byte* intCA2, word32* intCA2Sz, byte* cert, word32* certSz, byte* key, word32* keySz) { EXPECT_DECLS; int ret = 0; XFILE fp = XBADFILE; #ifndef NO_RSA const char* intCARootRSA = "./certs/ca-cert.der"; const char* intCA1RSA = "./certs/intermediate/ca-int-cert.der"; const char* intCA2RSA = "./certs/intermediate/ca-int2-cert.der"; const char* intServCertRSA = "./certs/intermediate/server-int-cert.der"; const char* intServKeyRSA = "./certs/server-key.der"; #if !defined(USE_CERT_BUFFERS_2048) && !defined(USE_CERT_BUFFERS_1024) const char* cli1024Cert = "./certs/1024/client-cert.der"; const char* cli1024Key = "./certs/1024/client-key.der"; #endif #endif #ifdef HAVE_ECC const char* intCARootECC = "./certs/ca-ecc-cert.der"; const char* intCA1ECC = "./certs/intermediate/ca-int-ecc-cert.der"; const char* intCA2ECC = "./certs/intermediate/ca-int2-ecc-cert.der"; const char* intServCertECC = "./certs/intermediate/server-int-ecc-cert.der"; const char* intServKeyECC = "./certs/ecc-key.der"; #ifndef USE_CERT_BUFFERS_256 const char* cliEccCert = "./certs/client-ecc-cert.der"; const char* cliEccKey = "./certs/client-ecc-key.der"; #endif #endif if (cert == NULL || certSz == NULL || key == NULL || keySz == NULL || ((useIntermediateCertChain == 1) && (intCARoot == NULL || intCARootSz == NULL || intCA1 == NULL || intCA1Sz == NULL || intCA2 == NULL || intCA2Sz == NULL))) { return BAD_FUNC_ARG; } /* Read/load certs and keys to use for signing based on PK type and chain */ switch (pkAlgoType) { #ifndef NO_RSA case RSA_TYPE: if (useIntermediateCertChain == 1) { ExpectTrue((fp = XFOPEN(intCARootRSA, "rb")) != XBADFILE); *intCARootSz = (word32)XFREAD(intCARoot, 1, *intCARootSz, fp); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } ExpectIntGT(*intCARootSz, 0); ExpectTrue((fp = XFOPEN(intCA1RSA, "rb")) != XBADFILE); if (fp != XBADFILE) { *intCA1Sz = (word32)XFREAD(intCA1, 1, *intCA1Sz, fp); XFCLOSE(fp); fp = XBADFILE; } ExpectIntGT(*intCA1Sz, 0); ExpectTrue((fp = XFOPEN(intCA2RSA, "rb")) != XBADFILE); if (fp != XBADFILE) { *intCA2Sz = (word32)XFREAD(intCA2, 1, *intCA2Sz, fp); XFCLOSE(fp); fp = XBADFILE; } ExpectIntGT(*intCA2Sz, 0); ExpectTrue((fp = XFOPEN(intServCertRSA, "rb")) != XBADFILE); if (fp != XBADFILE) { *certSz = (word32)XFREAD(cert, 1, *certSz, fp); XFCLOSE(fp); fp = XBADFILE; } ExpectIntGT(*certSz, 0); ExpectTrue((fp = XFOPEN(intServKeyRSA, "rb")) != XBADFILE); if (fp != XBADFILE) { *keySz = (word32)XFREAD(key, 1, *keySz, fp); XFCLOSE(fp); fp = XBADFILE; } ExpectIntGT(*keySz, 0); } else { #if defined(USE_CERT_BUFFERS_2048) *keySz = sizeof_client_key_der_2048; *certSz = sizeof_client_cert_der_2048; XMEMCPY(key, client_key_der_2048, *keySz); XMEMCPY(cert, client_cert_der_2048, *certSz); #elif defined(USE_CERT_BUFFERS_1024) *keySz = sizeof_client_key_der_1024; *certSz = sizeof_client_cert_der_1024; XMEMCPY(key, client_key_der_1024, *keySz); XMEMCPY(cert, client_cert_der_1024, *certSz); #else ExpectTrue((fp = XFOPEN(cli1024Key, "rb")) != XBADFILE); if (fp != XBADFILE) { *keySz = (word32)XFREAD(key, 1, *keySz, fp); XFCLOSE(fp); fp = XBADFILE; } ExpectIntGT(*keySz, 0); ExpectTrue((fp = XFOPEN(cli1024Cert, "rb")) != XBADFILE); if (fp != XBADFILE) { *certSz = (word32)XFREAD(cert, 1, *certSz, fp); XFCLOSE(fp); fp = XBADFILE; } ExpectIntGT(*certSz, 0); #endif /* USE_CERT_BUFFERS_2048 */ } break; #endif /* !NO_RSA */ #ifdef HAVE_ECC case ECC_TYPE: if (useIntermediateCertChain == 1) { ExpectTrue((fp = XFOPEN(intCARootECC, "rb")) != XBADFILE); if (fp != XBADFILE) { *intCARootSz = (word32)XFREAD(intCARoot, 1, *intCARootSz, fp); XFCLOSE(fp); fp = XBADFILE; } ExpectIntGT(*intCARootSz, 0); ExpectTrue((fp = XFOPEN(intCA1ECC, "rb")) != XBADFILE); if (fp != XBADFILE) { *intCA1Sz = (word32)XFREAD(intCA1, 1, *intCA1Sz, fp); XFCLOSE(fp); fp = XBADFILE; } ExpectIntGT(*intCA1Sz, 0); ExpectTrue((fp = XFOPEN(intCA2ECC, "rb")) != XBADFILE); if (fp != XBADFILE) { *intCA2Sz = (word32)XFREAD(intCA2, 1, *intCA2Sz, fp); XFCLOSE(fp); fp = XBADFILE; } ExpectIntGT(*intCA2Sz, 0); ExpectTrue((fp = XFOPEN(intServCertECC, "rb")) != XBADFILE); if (fp != XBADFILE) { *certSz = (word32)XFREAD(cert, 1, *certSz, fp); XFCLOSE(fp); fp = XBADFILE; } ExpectIntGT(*certSz, 0); ExpectTrue((fp = XFOPEN(intServKeyECC, "rb")) != XBADFILE); if (fp != XBADFILE) { *keySz = (word32)XFREAD(key, 1, *keySz, fp); XFCLOSE(fp); fp = XBADFILE; } ExpectIntGT(*keySz, 0); } else { #if defined(USE_CERT_BUFFERS_256) *keySz = sizeof_ecc_clikey_der_256; *certSz = sizeof_cliecc_cert_der_256; XMEMCPY(key, ecc_clikey_der_256, *keySz); XMEMCPY(cert, cliecc_cert_der_256, *certSz); #else ExpectTrue((fp = XFOPEN(cliEccKey, "rb")) != XBADFILE); if (fp != XBADFILE) { *keySz = (word32)XFREAD(key, 1, *keySz, fp); XFCLOSE(fp); fp = XBADFILE; } ExpectIntGT(*keySz, 0); ExpectTrue((fp = XFOPEN(cliEccCert, "rb")) != XBADFILE); if (fp != XBADFILE) { *certSz = (word32)XFREAD(cert, 1, *certSz, fp); XFCLOSE(fp); fp = XBADFILE; } ExpectIntGT(*certSz, 0); #endif /* USE_CERT_BUFFERS_256 */ } break; #endif /* HAVE_ECC */ default: WOLFSSL_MSG("Unsupported SignedData PK type"); ret = BAD_FUNC_ARG; break; } if (EXPECT_FAIL() && (ret == 0)) { ret = BAD_FUNC_ARG; } return ret; } /** * Creates a PKCS7/CMS SignedData bundle to use for testing. * * output output buffer to place SignedData * outputSz size of output buffer * data data buffer to be signed * dataSz size of data buffer * withAttribs [1/0] include attributes in SignedData message * detachedSig [1/0] create detached signature, no content * useIntCertChain [1/0] use certificate chain and include intermediate and * root CAs in bundle * pkAlgoType RSA_TYPE or ECC_TYPE, choose what key/cert type to use * * Return size of bundle created on success, negative on error */ static int CreatePKCS7SignedData(unsigned char* output, int outputSz, byte* data, word32 dataSz, int withAttribs, int detachedSig, int useIntermediateCertChain, int pkAlgoType) { EXPECT_DECLS; int ret = 0; WC_RNG rng; PKCS7* pkcs7 = NULL; static byte messageTypeOid[] = { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, 0x09, 0x02 }; static byte messageType[] = { 0x13, 2, '1', '9' }; PKCS7Attrib attribs[] = { { messageTypeOid, sizeof(messageTypeOid), messageType, sizeof(messageType) } }; byte intCARoot[TWOK_BUF]; byte intCA1[TWOK_BUF]; byte intCA2[TWOK_BUF]; byte cert[TWOK_BUF]; byte key[TWOK_BUF]; word32 intCARootSz = sizeof(intCARoot); word32 intCA1Sz = sizeof(intCA1); word32 intCA2Sz = sizeof(intCA2); word32 certSz = sizeof(cert); word32 keySz = sizeof(key); XMEMSET(intCARoot, 0, intCARootSz); XMEMSET(intCA1, 0, intCA1Sz); XMEMSET(intCA2, 0, intCA2Sz); XMEMSET(cert, 0, certSz); XMEMSET(key, 0, keySz); ret = LoadPKCS7SignedDataCerts(useIntermediateCertChain, pkAlgoType, intCARoot, &intCARootSz, intCA1, &intCA1Sz, intCA2, &intCA2Sz, cert, &certSz, key, &keySz); ExpectIntEQ(ret, 0); XMEMSET(output, 0, outputSz); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0); if (useIntermediateCertChain == 1) { /* Add intermediate and root CA certs into SignedData Certs SET */ ExpectIntEQ(wc_PKCS7_AddCertificate(pkcs7, intCA2, intCA2Sz), 0); ExpectIntEQ(wc_PKCS7_AddCertificate(pkcs7, intCA1, intCA1Sz), 0); ExpectIntEQ(wc_PKCS7_AddCertificate(pkcs7, intCARoot, intCARootSz), 0); } if (pkcs7 != NULL) { pkcs7->content = data; pkcs7->contentSz = dataSz; pkcs7->privateKey = key; pkcs7->privateKeySz = (word32)sizeof(key); if (pkAlgoType == RSA_TYPE) { pkcs7->encryptOID = RSAk; } else { pkcs7->encryptOID = ECDSAk; } #ifdef NO_SHA pkcs7->hashOID = SHA256h; #else pkcs7->hashOID = SHAh; #endif pkcs7->rng = &rng; if (withAttribs) { /* include a signed attribute */ pkcs7->signedAttribs = attribs; pkcs7->signedAttribsSz = (sizeof(attribs)/sizeof(PKCS7Attrib)); } } if (detachedSig) { ExpectIntEQ(wc_PKCS7_SetDetached(pkcs7, 1), 0); } outputSz = wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz); ExpectIntGT(outputSz, 0); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); if (detachedSig && (pkcs7 != NULL)) { pkcs7->content = data; pkcs7->contentSz = dataSz; } ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0); wc_PKCS7_Free(pkcs7); wc_FreeRng(&rng); if (EXPECT_FAIL()) { outputSz = 0; } return outputSz; } #endif /* * Testing wc_PKCS_VerifySignedData() */ static int test_wc_PKCS7_VerifySignedData_RSA(void) { EXPECT_DECLS; #if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) PKCS7* pkcs7 = NULL; byte output[6000]; /* Large size needed for bundles with int CA certs */ word32 outputSz = sizeof(output); byte data[] = "Test data to encode."; byte badOut[1]; word32 badOutSz = 0; byte badContent[] = "This is different content than was signed"; wc_HashAlg hash; #ifdef NO_SHA enum wc_HashType hashType = WC_HASH_TYPE_SHA256; #else enum wc_HashType hashType = WC_HASH_TYPE_SHA; #endif byte hashBuf[WC_MAX_DIGEST_SIZE]; word32 hashSz = wc_HashGetDigestSize(hashType); #ifndef NO_RSA PKCS7DecodedAttrib* decodedAttrib = NULL; /* contentType OID (1.2.840.113549.1.9.3) */ static const byte contentTypeOid[] = { 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xF7, 0x0d, 0x01, 0x09, 0x03 }; /* PKCS#7 DATA content type (contentType defaults to DATA) */ static const byte dataType[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x01 }; /* messageDigest OID (1.2.840.113549.1.9.4) */ static const byte messageDigestOid[] = { 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x04 }; #ifndef NO_ASN_TIME /* signingTime OID () */ static const byte signingTimeOid[] = { 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x05}; #endif #if !defined(NO_ASN) && !defined(NO_ASN_TIME) int dateLength = 0; byte dateFormat; const byte* datePart = NULL; struct tm timearg; time_t now; struct tm* nowTm = NULL; #ifdef NEED_TMP_TIME struct tm tmpTimeStorage; struct tm* tmpTime = &tmpTimeStorage; #endif #endif /* !NO_ASN && !NO_ASN_TIME */ #ifndef NO_PKCS7_STREAM word32 z; int ret; #endif /* !NO_PKCS7_STREAM */ XMEMSET(&hash, 0, sizeof(wc_HashAlg)); /* Success test with RSA certs/key */ ExpectIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data, (word32)sizeof(data), 0, 0, 0, RSA_TYPE)), 0); /* calculate hash for content, used later */ ExpectIntEQ(wc_HashInit(&hash, hashType), 0); ExpectIntEQ(wc_HashUpdate(&hash, hashType, data, sizeof(data)), 0); ExpectIntEQ(wc_HashFinal(&hash, hashType, hashBuf), 0); DoExpectIntEQ(wc_HashFree(&hash, hashType), 0); ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0); #ifndef NO_PKCS7_STREAM wc_PKCS7_Free(pkcs7); pkcs7 = NULL; ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); /* test for streaming */ ret = -1; for (z = 0; z < outputSz && ret != 0; z++) { ret = wc_PKCS7_VerifySignedData(pkcs7, output + z, 1); if (ret < 0){ ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E); } } ExpectIntEQ(ret, 0); ExpectIntNE(pkcs7->contentSz, 0); ExpectNotNull(pkcs7->contentDynamic); #endif /* !NO_PKCS7_STREAM */ /* Check that decoded signed attributes are correct */ /* messageDigest should be first */ if (pkcs7 != NULL) { decodedAttrib = pkcs7->decodedAttrib; } ExpectNotNull(decodedAttrib); ExpectIntEQ(decodedAttrib->oidSz, (word32)sizeof(messageDigestOid)); ExpectIntEQ(XMEMCMP(decodedAttrib->oid, messageDigestOid, decodedAttrib->oidSz), 0); /* + 2 for OCTET STRING and length bytes */ ExpectIntEQ(decodedAttrib->valueSz, hashSz + 2); ExpectNotNull(decodedAttrib->value); ExpectIntEQ(XMEMCMP(decodedAttrib->value + 2, hashBuf, hashSz), 0); #ifndef NO_ASN_TIME /* signingTime should be second */ if (decodedAttrib != NULL) { decodedAttrib = decodedAttrib->next; } ExpectNotNull(decodedAttrib); ExpectIntEQ(decodedAttrib->oidSz, (word32)sizeof(signingTimeOid)); ExpectIntEQ(XMEMCMP(decodedAttrib->oid, signingTimeOid, decodedAttrib->oidSz), 0); ExpectIntGT(decodedAttrib->valueSz, 0); ExpectNotNull(decodedAttrib->value); #endif /* Verify signingTime if ASN and time are available */ #if !defined(NO_ASN) && !defined(NO_ASN_TIME) ExpectIntEQ(wc_GetDateInfo(decodedAttrib->value, decodedAttrib->valueSz, &datePart, &dateFormat, &dateLength), 0); ExpectNotNull(datePart); ExpectIntGT(dateLength, 0); XMEMSET(&timearg, 0, sizeof(timearg)); ExpectIntEQ(wc_GetDateAsCalendarTime(datePart, dateLength, dateFormat, &timearg), 0); /* Get current time and compare year/month/day against attribute value */ ExpectIntEQ(wc_GetTime(&now, sizeof(now)), 0); nowTm = (struct tm*)XGMTIME((time_t*)&now, tmpTime); ExpectNotNull(nowTm); ExpectIntEQ(timearg.tm_year, nowTm->tm_year); ExpectIntEQ(timearg.tm_mon, nowTm->tm_mon); ExpectIntEQ(timearg.tm_mday, nowTm->tm_mday); #endif /* !NO_ASN && !NO_ASN_TIME */ /* contentType should be third */ if (decodedAttrib != NULL) { decodedAttrib = decodedAttrib->next; } ExpectNotNull(decodedAttrib); ExpectIntEQ(decodedAttrib->oidSz, (word32)sizeof(contentTypeOid)); ExpectIntEQ(XMEMCMP(decodedAttrib->oid, contentTypeOid, decodedAttrib->oidSz), 0); ExpectIntEQ(decodedAttrib->valueSz, (int)sizeof(dataType) + 2); ExpectNotNull(decodedAttrib->value); ExpectIntEQ(XMEMCMP(decodedAttrib->value + 2, dataType, sizeof(dataType)), 0); #endif /* !NO_RSA */ /* Test bad args. */ ExpectIntEQ(wc_PKCS7_VerifySignedData(NULL, output, outputSz), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, NULL, outputSz), BAD_FUNC_ARG); #ifndef NO_PKCS7_STREAM /* can pass in 0 buffer length with streaming API */ ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, badOut, badOutSz), WC_PKCS7_WANT_READ_E); #else ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, badOut, badOutSz), BAD_FUNC_ARG); #endif wc_PKCS7_Free(pkcs7); pkcs7 = NULL; #ifndef NO_RSA /* Try RSA certs/key/sig first */ outputSz = sizeof(output); XMEMSET(output, 0, outputSz); ExpectIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data, (word32)sizeof(data), 1, 1, 0, RSA_TYPE)), 0); ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); if (pkcs7 != NULL) { pkcs7->content = badContent; pkcs7->contentSz = sizeof(badContent); } ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), SIG_VERIFY_E); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; #ifndef NO_PKCS7_STREAM ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); if (pkcs7 != NULL) { pkcs7->content = badContent; pkcs7->contentSz = sizeof(badContent); } /* test for streaming */ ret = -1; for (z = 0; z < outputSz && ret != 0; z++) { ret = wc_PKCS7_VerifySignedData(pkcs7, output + z, 1); if (ret == WC_PKCS7_WANT_READ_E){ continue; } else if (ret < 0) { break; } } ExpectIntEQ(ret, SIG_VERIFY_E); ExpectIntNE(pkcs7->contentSz, 0); ExpectNotNull(pkcs7->contentDynamic); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; #endif /* !NO_PKCS7_STREAM */ /* Test success case with detached signature and valid content */ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); if (pkcs7 != NULL) { pkcs7->content = data; pkcs7->contentSz = sizeof(data); } ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; #ifndef NO_PKCS7_STREAM ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); if (pkcs7 != NULL) { pkcs7->content = data; pkcs7->contentSz = sizeof(data); } /* test for streaming */ ret = -1; for (z = 0; z < outputSz && ret != 0; z++) { ret = wc_PKCS7_VerifySignedData(pkcs7, output + z, 1); if (ret < 0){ ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E); } } ExpectIntEQ(ret, 0); ExpectIntNE(pkcs7->contentSz, 0); ExpectNotNull(pkcs7->contentDynamic); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; #endif /* !NO_PKCS7_STREAM */ /* verify using pre-computed content digest only (no content) */ { ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_Init(pkcs7, NULL, 0), 0); ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz, output, outputSz, NULL, 0), 0); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; } #endif /* !NO_RSA */ /* Test verify on signedData containing intermediate/root CA certs */ #ifndef NO_RSA outputSz = sizeof(output); XMEMSET(output, 0, outputSz); ExpectIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data, (word32)sizeof(data), 0, 0, 1, RSA_TYPE)), 0); ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; #ifndef NO_PKCS7_STREAM ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); /* test for streaming */ ret = -1; for (z = 0; z < outputSz && ret != 0; z++) { ret = wc_PKCS7_VerifySignedData(pkcs7, output + z, 1); if (ret < 0){ ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E); } } ExpectIntEQ(ret, 0); ExpectIntNE(pkcs7->contentSz, 0); ExpectNotNull(pkcs7->contentDynamic); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; #endif /* !NO_PKCS7_STREAM */ #endif /* !NO_RSA */ #if defined(ASN_BER_TO_DER) && !defined(NO_PKCS7_STREAM) && \ !defined(NO_FILESYSTEM) { XFILE signedBundle = XBADFILE; int signedBundleSz = 0; int chunkSz = 1; int i, rc = 0; byte* buf = NULL; ExpectTrue((signedBundle = XFOPEN("./certs/test-stream-sign.p7b", "rb")) != XBADFILE); ExpectTrue(XFSEEK(signedBundle, 0, XSEEK_END) == 0); ExpectIntGT(signedBundleSz = (int)XFTELL(signedBundle), 0); ExpectTrue(XFSEEK(signedBundle, 0, XSEEK_SET) == 0); ExpectNotNull(buf = (byte*)XMALLOC(signedBundleSz, HEAP_HINT, DYNAMIC_TYPE_FILE)); if (buf != NULL) { ExpectIntEQ(XFREAD(buf, 1, signedBundleSz, signedBundle), signedBundleSz); } if (signedBundle != XBADFILE) { XFCLOSE(signedBundle); signedBundle = XBADFILE; } if (buf != NULL) { ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); for (i = 0; i < signedBundleSz;) { int sz = (i + chunkSz > signedBundleSz)? signedBundleSz - i : chunkSz; rc = wc_PKCS7_VerifySignedData(pkcs7, buf + i, sz); if (rc < 0 ) { if (rc == WC_PKCS7_WANT_READ_E) { i += sz; continue; } break; } else { break; } } ExpectIntEQ(rc, PKCS7_SIGNEEDS_CHECK); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; } /* now try with malformed bundle */ if (buf != NULL) { ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); buf[signedBundleSz - 2] = buf[signedBundleSz - 2] + 1; for (i = 0; i < signedBundleSz;) { int sz = (i + chunkSz > signedBundleSz)? signedBundleSz - i : chunkSz; rc = wc_PKCS7_VerifySignedData(pkcs7, buf + i, sz); if (rc < 0 ) { if (rc == WC_PKCS7_WANT_READ_E) { i += sz; continue; } break; } else { break; } } ExpectIntEQ(rc, ASN_PARSE_E); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; } if (buf != NULL) XFREE(buf, HEAP_HINT, DYNAMIC_TYPE_FILE); } #endif /* BER and stream */ #endif return EXPECT_RESULT(); } /* END test_wc_PKCS7_VerifySignedData()_RSA */ /* * Testing wc_PKCS_VerifySignedData() */ static int test_wc_PKCS7_VerifySignedData_ECC(void) { EXPECT_DECLS; #if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && defined(HAVE_ECC) PKCS7* pkcs7 = NULL; byte output[6000]; /* Large size needed for bundles with int CA certs */ word32 outputSz = sizeof(output); byte data[] = "Test data to encode."; byte badContent[] = "This is different content than was signed"; wc_HashAlg hash; #ifndef NO_PKCS7_STREAM word32 z; int ret; #endif /* !NO_PKCS7_STREAM */ #ifdef NO_SHA enum wc_HashType hashType = WC_HASH_TYPE_SHA256; #else enum wc_HashType hashType = WC_HASH_TYPE_SHA; #endif byte hashBuf[WC_MAX_DIGEST_SIZE]; word32 hashSz = wc_HashGetDigestSize(hashType); XMEMSET(&hash, 0, sizeof(wc_HashAlg)); /* Success test with ECC certs/key */ outputSz = sizeof(output); XMEMSET(output, 0, outputSz); ExpectIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data, (word32)sizeof(data), 0, 0, 0, ECC_TYPE)), 0); ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; #ifndef NO_PKCS7_STREAM ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); /* test for streaming */ ret = -1; for (z = 0; z < outputSz && ret != 0; z++) { ret = wc_PKCS7_VerifySignedData(pkcs7, output + z, 1); if (ret < 0){ ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E); } } ExpectIntEQ(ret, 0); ExpectIntNE(pkcs7->contentSz, 0); ExpectNotNull(pkcs7->contentDynamic); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; #endif /* !NO_PKCS7_STREAM */ /* Invalid content should error, use detached signature so we can * easily change content */ outputSz = sizeof(output); XMEMSET(output, 0, outputSz); ExpectIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data, (word32)sizeof(data), 1, 1, 0, ECC_TYPE)), 0); ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); if (pkcs7 != NULL) { pkcs7->content = badContent; pkcs7->contentSz = sizeof(badContent); } ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), SIG_VERIFY_E); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; #ifndef NO_PKCS7_STREAM ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); if (pkcs7 != NULL) { pkcs7->content = badContent; pkcs7->contentSz = sizeof(badContent); } /* test for streaming */ ret = -1; for (z = 0; z < outputSz && ret != 0; z++) { ret = wc_PKCS7_VerifySignedData(pkcs7, output + z, 1); if (ret == WC_PKCS7_WANT_READ_E){ continue; } else if (ret < 0) { break; } } ExpectIntEQ(ret, SIG_VERIFY_E); ExpectIntNE(pkcs7->contentSz, 0); ExpectNotNull(pkcs7->contentDynamic); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; #endif /* !NO_PKCS7_STREAM */ /* Test success case with detached signature and valid content */ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); if (pkcs7 != NULL) { pkcs7->content = data; pkcs7->contentSz = sizeof(data); } ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; #ifndef NO_PKCS7_STREAM ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); if (pkcs7 != NULL) { pkcs7->content = data; pkcs7->contentSz = sizeof(data); } /* test for streaming */ ret = -1; for (z = 0; z < outputSz && ret != 0; z++) { ret = wc_PKCS7_VerifySignedData(pkcs7, output + z, 1); if (ret < 0){ ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E); } } ExpectIntEQ(ret, 0); ExpectIntNE(pkcs7->contentSz, 0); ExpectNotNull(pkcs7->contentDynamic); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; #endif /* !NO_PKCS7_STREAM */ /* verify using pre-computed content digest only (no content) */ { /* calculate hash for content */ ExpectIntEQ(wc_HashInit(&hash, hashType), 0); ExpectIntEQ(wc_HashUpdate(&hash, hashType, data, sizeof(data)), 0); ExpectIntEQ(wc_HashFinal(&hash, hashType, hashBuf), 0); ExpectIntEQ(wc_HashFree(&hash, hashType), 0); ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_Init(pkcs7, NULL, 0), 0); ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz, output, outputSz, NULL, 0), 0); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; } /* Test verify on signedData containing intermediate/root CA certs */ outputSz = sizeof(output); XMEMSET(output, 0, outputSz); ExpectIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data, (word32)sizeof(data), 0, 0, 1, ECC_TYPE)), 0); ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; #ifndef NO_PKCS7_STREAM ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); /* test for streaming */ ret = -1; for (z = 0; z < outputSz && ret != 0; z++) { ret = wc_PKCS7_VerifySignedData(pkcs7, output + z, 1); if (ret < 0){ ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E); } } ExpectIntEQ(ret, 0); ExpectIntNE(pkcs7->contentSz, 0); ExpectNotNull(pkcs7->contentDynamic); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; #endif /* !NO_PKCS7_STREAM */ #endif return EXPECT_RESULT(); } /* END test_wc_PKCS7_VerifySignedData_ECC() */ #if defined(HAVE_PKCS7) && !defined(NO_AES) && defined(HAVE_AES_CBC) && \ !defined(NO_AES_256) static const byte defKey[] = { 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08, 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08, 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08, 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08 }; static byte aesHandle[32]; /* simulated hardware key handle */ /* return 0 on success */ static int myDecryptionFunc(PKCS7* pkcs7, int encryptOID, byte* iv, int ivSz, byte* aad, word32 aadSz, byte* authTag, word32 authTagSz, byte* in, int inSz, byte* out, void* usrCtx) { int ret; Aes aes; if (usrCtx == NULL) { /* no simulated handle passed in */ return -1; } switch (encryptOID) { case AES256CBCb: if (ivSz != AES_BLOCK_SIZE) return BAD_FUNC_ARG; break; default: WOLFSSL_MSG("Unsupported content cipher type for test"); return ALGO_ID_E; }; /* simulate using handle to get key */ ret = wc_AesInit(&aes, HEAP_HINT, INVALID_DEVID); if (ret == 0) { ret = wc_AesSetKey(&aes, (byte*)usrCtx, 32, iv, AES_DECRYPTION); if (ret == 0) ret = wc_AesCbcDecrypt(&aes, out, in, inSz); wc_AesFree(&aes); } (void)aad; (void)aadSz; (void)authTag; (void)authTagSz; (void)pkcs7; return ret; } /* returns key size on success */ static int myCEKwrapFunc(PKCS7* pkcs7, byte* cek, word32 cekSz, byte* keyId, word32 keyIdSz, byte* orginKey, word32 orginKeySz, byte* out, word32 outSz, int keyWrapAlgo, int type, int direction) { int ret = -1; (void)cekSz; (void)cek; (void)outSz; (void)keyIdSz; (void)direction; (void)orginKey; /* used with KAKRI */ (void)orginKeySz; if (out == NULL) return BAD_FUNC_ARG; if (keyId[0] != 0x00) { return -1; } if (type != (int)PKCS7_KEKRI) { return -1; } switch (keyWrapAlgo) { case AES256_WRAP: /* simulate setting a handle for later decryption but use key * as handle in the test case here */ ret = wc_AesKeyUnWrap(defKey, sizeof(defKey), cek, cekSz, aesHandle, sizeof(aesHandle), NULL); if (ret < 0) return ret; ret = wc_PKCS7_SetDecodeEncryptedCtx(pkcs7, (void*)aesHandle); if (ret < 0) return ret; /* return key size on success */ return sizeof(defKey); default: WOLFSSL_MSG("Unsupported key wrap algorithm in example"); return BAD_KEYWRAP_ALG_E; }; } #endif /* HAVE_PKCS7 && !NO_AES && HAVE_AES_CBC && !NO_AES_256 */ /* * Testing wc_PKCS7_EncodeEnvelopedData() */ static int test_wc_PKCS7_EncodeDecodeEnvelopedData(void) { EXPECT_DECLS; #if defined(HAVE_PKCS7) PKCS7* pkcs7 = NULL; #ifdef ASN_BER_TO_DER int encodedSz = 0; #endif #ifdef ECC_TIMING_RESISTANT WC_RNG rng; #endif word32 tempWrd32 = 0; byte* tmpBytePtr = NULL; const char input[] = "Test data to encode."; int i; int testSz = 0; #if !defined(NO_RSA) && (!defined(NO_AES) || (!defined(NO_SHA) || \ !defined(NO_SHA256) || defined(WOLFSSL_SHA512))) byte* rsaCert = NULL; byte* rsaPrivKey = NULL; word32 rsaCertSz; word32 rsaPrivKeySz; #if !defined(NO_FILESYSTEM) && (!defined(USE_CERT_BUFFERS_1024) && \ !defined(USE_CERT_BUFFERS_2048) ) static const char* rsaClientCert = "./certs/client-cert.der"; static const char* rsaClientKey = "./certs/client-key.der"; rsaCertSz = (word32)sizeof(rsaClientCert); rsaPrivKeySz = (word32)sizeof(rsaClientKey); #endif #endif #if defined(HAVE_ECC) && (!defined(NO_AES) || (!defined(NO_SHA) ||\ !defined(NO_SHA256) || defined(WOLFSSL_SHA512))) byte* eccCert = NULL; byte* eccPrivKey = NULL; word32 eccCertSz; word32 eccPrivKeySz; #if !defined(NO_FILESYSTEM) && !defined(USE_CERT_BUFFERS_256) static const char* eccClientCert = "./certs/client-ecc-cert.der"; static const char* eccClientKey = "./certs/ecc-client-key.der"; #endif #endif /* Generic buffer size. */ byte output[ONEK_BUF]; byte decoded[sizeof(input)/sizeof(char)]; int decodedSz = 0; #ifndef NO_FILESYSTEM XFILE certFile = XBADFILE; XFILE keyFile = XBADFILE; #endif #ifdef ECC_TIMING_RESISTANT XMEMSET(&rng, 0, sizeof(WC_RNG)); #endif #if !defined(NO_RSA) && (!defined(NO_AES) || (!defined(NO_SHA) ||\ !defined(NO_SHA256) || defined(WOLFSSL_SHA512))) /* RSA certs and keys. */ #if defined(USE_CERT_BUFFERS_1024) rsaCertSz = (word32)sizeof_client_cert_der_1024; /* Allocate buffer space. */ ExpectNotNull(rsaCert = (byte*)XMALLOC(rsaCertSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); /* Init buffer. */ if (rsaCert != NULL) { XMEMCPY(rsaCert, client_cert_der_1024, rsaCertSz); } rsaPrivKeySz = (word32)sizeof_client_key_der_1024; ExpectNotNull(rsaPrivKey = (byte*)XMALLOC(rsaPrivKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); if (rsaPrivKey != NULL) { XMEMCPY(rsaPrivKey, client_key_der_1024, rsaPrivKeySz); } #elif defined(USE_CERT_BUFFERS_2048) rsaCertSz = (word32)sizeof_client_cert_der_2048; /* Allocate buffer */ ExpectNotNull(rsaCert = (byte*)XMALLOC(rsaCertSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); /* Init buffer. */ if (rsaCert != NULL) { XMEMCPY(rsaCert, client_cert_der_2048, rsaCertSz); } rsaPrivKeySz = (word32)sizeof_client_key_der_2048; ExpectNotNull(rsaPrivKey = (byte*)XMALLOC(rsaPrivKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); if (rsaPrivKey != NULL) { XMEMCPY(rsaPrivKey, client_key_der_2048, rsaPrivKeySz); } #else /* File system. */ ExpectTrue((certFile = XFOPEN(rsaClientCert, "rb")) != XBADFILE); rsaCertSz = (word32)FOURK_BUF; ExpectNotNull(rsaCert = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); ExpectTrue((rsaCertSz = (word32)XFREAD(rsaCert, 1, rsaCertSz, certFile)) > 0); if (certFile != XBADFILE) XFCLOSE(certFile); ExpectTrue((keyFile = XFOPEN(rsaClientKey, "rb")) != XBADFILE); ExpectNotNull(rsaPrivKey = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); rsaPrivKeySz = (word32)FOURK_BUF; ExpectTrue((rsaPrivKeySz = (word32)XFREAD(rsaPrivKey, 1, rsaPrivKeySz, keyFile)) > 0); if (keyFile != XBADFILE) XFCLOSE(keyFile); #endif /* USE_CERT_BUFFERS */ #endif /* NO_RSA */ /* ECC */ #if defined(HAVE_ECC) && (!defined(NO_AES) || (!defined(NO_SHA) ||\ !defined(NO_SHA256) || defined(WOLFSSL_SHA512))) #ifdef USE_CERT_BUFFERS_256 ExpectNotNull(eccCert = (byte*)XMALLOC(TWOK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); /* Init buffer. */ eccCertSz = (word32)sizeof_cliecc_cert_der_256; if (eccCert != NULL) { XMEMCPY(eccCert, cliecc_cert_der_256, eccCertSz); } ExpectNotNull(eccPrivKey = (byte*)XMALLOC(TWOK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); eccPrivKeySz = (word32)sizeof_ecc_clikey_der_256; if (eccPrivKey != NULL) { XMEMCPY(eccPrivKey, ecc_clikey_der_256, eccPrivKeySz); } #else /* File system. */ ExpectTrue((certFile = XFOPEN(eccClientCert, "rb")) != XBADFILE); eccCertSz = (word32)FOURK_BUF; ExpectNotNull(eccCert = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); ExpectTrue((eccCertSz = (word32)XFREAD(eccCert, 1, eccCertSz, certFile)) > 0); if (certFile != XBADFILE) { XFCLOSE(certFile); } ExpectTrue((keyFile = XFOPEN(eccClientKey, "rb")) != XBADFILE); eccPrivKeySz = (word32)FOURK_BUF; ExpectNotNull(eccPrivKey = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); ExpectTrue((eccPrivKeySz = (word32)XFREAD(eccPrivKey, 1, eccPrivKeySz, keyFile)) > 0); if (keyFile != XBADFILE) { XFCLOSE(keyFile); } #endif /* USE_CERT_BUFFERS_256 */ #endif /* END HAVE_ECC */ #ifndef NO_FILESYSTEM /* Silence. */ (void)keyFile; (void)certFile; #endif { const pkcs7EnvelopedVector testVectors[] = { /* DATA is a global variable defined in the makefile. */ #if !defined(NO_RSA) #ifndef NO_DES3 {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, DES3b, 0, 0, rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz}, #endif /* NO_DES3 */ #if !defined(NO_AES) && defined(HAVE_AES_CBC) #ifndef NO_AES_128 {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, AES128CBCb, 0, 0, rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz}, #endif #ifndef NO_AES_192 {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, AES192CBCb, 0, 0, rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz}, #endif #ifndef NO_AES_256 {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, AES256CBCb, 0, 0, rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz}, #endif #endif /* NO_AES && HAVE_AES_CBC */ #endif /* NO_RSA */ #if defined(HAVE_ECC) #if !defined(NO_AES) && defined(HAVE_AES_CBC) #if !defined(NO_SHA) && !defined(NO_AES_128) {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, AES128CBCb, AES128_WRAP, dhSinglePass_stdDH_sha1kdf_scheme, eccCert, eccCertSz, eccPrivKey, eccPrivKeySz}, #endif #if !defined(NO_SHA256) && !defined(NO_AES_256) {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, AES256CBCb, AES256_WRAP, dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey, eccPrivKeySz}, #endif #if defined(WOLFSSL_SHA512) && !defined(NO_AES_256) {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, AES256CBCb, AES256_WRAP, dhSinglePass_stdDH_sha512kdf_scheme, eccCert, eccCertSz, eccPrivKey, eccPrivKeySz}, #endif #endif /* NO_AES && HAVE_AES_CBC*/ #endif /* END HAVE_ECC */ }; /* END pkcs7EnvelopedVector */ #ifdef ECC_TIMING_RESISTANT ExpectIntEQ(wc_InitRng(&rng), 0); #endif ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0); testSz = (int)sizeof(testVectors)/(int)sizeof(pkcs7EnvelopedVector); for (i = 0; i < testSz; i++) { #ifdef ASN_BER_TO_DER encodeSignedDataStream strm; /* test setting stream mode, the first one using IO callbacks */ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, (testVectors + i)->cert, (word32)(testVectors + i)->certSz), 0); if (pkcs7 != NULL) { #ifdef ECC_TIMING_RESISTANT pkcs7->rng = &rng; #endif if (i != 0) pkcs7->content = (byte*)(testVectors + i)->content; pkcs7->contentSz = (testVectors + i)->contentSz; pkcs7->contentOID = (testVectors + i)->contentOID; pkcs7->encryptOID = (testVectors + i)->encryptOID; pkcs7->keyWrapOID = (testVectors + i)->keyWrapOID; pkcs7->keyAgreeOID = (testVectors + i)->keyAgreeOID; pkcs7->privateKey = (testVectors + i)->privateKey; pkcs7->privateKeySz = (testVectors + i)->privateKeySz; } if (i == 0) { XMEMSET(&strm, 0, sizeof(strm)); ExpectIntEQ(wc_PKCS7_SetStreamMode(pkcs7, 1, GetContentCB, StreamOutputCB, (void*)&strm), 0); encodedSz = wc_PKCS7_EncodeEnvelopedData(pkcs7, NULL, 0); } else { ExpectIntEQ(wc_PKCS7_SetStreamMode(pkcs7, 1, NULL, NULL, NULL), 0); encodedSz = wc_PKCS7_EncodeEnvelopedData(pkcs7, output, (word32)sizeof(output)); } switch ((testVectors + i)->encryptOID) { #ifndef NO_DES3 case DES3b: case DESb: ExpectIntEQ(encodedSz, BAD_FUNC_ARG); break; #endif #ifdef HAVE_AESCCM #ifdef WOLFSSL_AES_128 case AES128CCMb: ExpectIntEQ(encodedSz, BAD_FUNC_ARG); break; #endif #ifdef WOLFSSL_AES_192 case AES192CCMb: ExpectIntEQ(encodedSz, BAD_FUNC_ARG); break; #endif #ifdef WOLFSSL_AES_256 case AES256CCMb: ExpectIntEQ(encodedSz, BAD_FUNC_ARG); break; #endif #endif default: ExpectIntGE(encodedSz, 0); } if (encodedSz > 0) { if (i == 0) { decodedSz = wc_PKCS7_DecodeEnvelopedData(pkcs7, strm.out, (word32)encodedSz, decoded, (word32)sizeof(decoded)); } else { decodedSz = wc_PKCS7_DecodeEnvelopedData(pkcs7, output, (word32)encodedSz, decoded, (word32)sizeof(decoded)); } ExpectIntGE(decodedSz, 0); /* Verify the size of each buffer. */ ExpectIntEQ((word32)sizeof(input)/sizeof(char), decodedSz); } wc_PKCS7_Free(pkcs7); pkcs7 = NULL; ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); #endif ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, (testVectors + i)->cert, (word32)(testVectors + i)->certSz), 0); if (pkcs7 != NULL) { #ifdef ECC_TIMING_RESISTANT pkcs7->rng = &rng; #endif pkcs7->content = (byte*)(testVectors + i)->content; pkcs7->contentSz = (testVectors + i)->contentSz; pkcs7->contentOID = (testVectors + i)->contentOID; pkcs7->encryptOID = (testVectors + i)->encryptOID; pkcs7->keyWrapOID = (testVectors + i)->keyWrapOID; pkcs7->keyAgreeOID = (testVectors + i)->keyAgreeOID; pkcs7->privateKey = (testVectors + i)->privateKey; pkcs7->privateKeySz = (testVectors + i)->privateKeySz; } #ifdef ASN_BER_TO_DER /* test without setting stream mode */ ExpectIntEQ(wc_PKCS7_GetStreamMode(pkcs7), 0); #endif ExpectIntGE(wc_PKCS7_EncodeEnvelopedData(pkcs7, output, (word32)sizeof(output)), 0); decodedSz = wc_PKCS7_DecodeEnvelopedData(pkcs7, output, (word32)sizeof(output), decoded, (word32)sizeof(decoded)); ExpectIntGE(decodedSz, 0); /* Verify the size of each buffer. */ ExpectIntEQ((word32)sizeof(input)/sizeof(char), decodedSz); /* Don't free the last time through the loop. */ if (i < testSz - 1) { wc_PKCS7_Free(pkcs7); pkcs7 = NULL; ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); } } /* END test loop. */ } /* Test bad args. */ ExpectIntEQ(wc_PKCS7_EncodeEnvelopedData(NULL, output, (word32)sizeof(output)), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_EncodeEnvelopedData(pkcs7, NULL, (word32)sizeof(output)), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_EncodeEnvelopedData(pkcs7, output, 0), BAD_FUNC_ARG); /* Decode. */ ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(NULL, output, (word32)sizeof(output), decoded, (word32)sizeof(decoded)), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output, (word32)sizeof(output), NULL, (word32)sizeof(decoded)), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output, (word32)sizeof(output), decoded, 0), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, NULL, (word32)sizeof(output), decoded, (word32)sizeof(decoded)), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output, 0, decoded, (word32)sizeof(decoded)), BAD_FUNC_ARG); /* Should get a return of BAD_FUNC_ARG with structure data. Order matters.*/ #if defined(HAVE_ECC) && !defined(NO_AES) && defined(HAVE_AES_CBC) /* only a failure for KARI test cases */ if (pkcs7 != NULL) { tempWrd32 = pkcs7->singleCertSz; pkcs7->singleCertSz = 0; } #if defined(WOLFSSL_ASN_TEMPLATE) ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output, (word32)sizeof(output), decoded, (word32)sizeof(decoded)), BUFFER_E); #else ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output, (word32)sizeof(output), decoded, (word32)sizeof(decoded)), ASN_PARSE_E); #endif if (pkcs7 != NULL) { pkcs7->singleCertSz = tempWrd32; tmpBytePtr = pkcs7->singleCert; pkcs7->singleCert = NULL; } #ifndef NO_RSA #if defined(NO_PKCS7_STREAM) /* when none streaming mode is used and PKCS7 is in bad state buffer error * is returned from kari parse which gets set to bad func arg */ ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output, (word32)sizeof(output), decoded, (word32)sizeof(decoded)), BAD_FUNC_ARG); #else ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output, (word32)sizeof(output), decoded, (word32)sizeof(decoded)), ASN_PARSE_E); #endif #endif /* !NO_RSA */ if (pkcs7 != NULL) { pkcs7->singleCert = tmpBytePtr; } #endif if (pkcs7 != NULL) { tempWrd32 = pkcs7->privateKeySz; pkcs7->privateKeySz = 0; } ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output, (word32)sizeof(output), decoded, (word32)sizeof(decoded)), BAD_FUNC_ARG); if (pkcs7 != NULL) { pkcs7->privateKeySz = tempWrd32; tmpBytePtr = pkcs7->privateKey; pkcs7->privateKey = NULL; } ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output, (word32)sizeof(output), decoded, (word32)sizeof(decoded)), BAD_FUNC_ARG); if (pkcs7 != NULL) { pkcs7->privateKey = tmpBytePtr; } wc_PKCS7_Free(pkcs7); pkcs7 = NULL; #if !defined(NO_AES) && defined(HAVE_AES_CBC) && !defined(NO_AES_256) /* test of decrypt callback with KEKRI enveloped data */ { int envelopedSz = 0; const byte keyId[] = { 0x00 }; ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); if (pkcs7 != NULL) { pkcs7->content = (byte*)input; pkcs7->contentSz = (word32)(sizeof(input)/sizeof(char)); pkcs7->contentOID = DATA; pkcs7->encryptOID = AES256CBCb; } ExpectIntGT(wc_PKCS7_AddRecipient_KEKRI(pkcs7, AES256_WRAP, (byte*)defKey, sizeof(defKey), (byte*)keyId, sizeof(keyId), NULL, NULL, 0, NULL, 0, 0), 0); ExpectIntEQ(wc_PKCS7_SetSignerIdentifierType(pkcs7, CMS_SKID), 0); ExpectIntGT((envelopedSz = wc_PKCS7_EncodeEnvelopedData(pkcs7, output, (word32)sizeof(output))), 0); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; /* decode envelopedData */ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_SetWrapCEKCb(pkcs7, myCEKwrapFunc), 0); ExpectIntEQ(wc_PKCS7_SetDecodeEncryptedCb(pkcs7, myDecryptionFunc), 0); ExpectIntGT((decodedSz = wc_PKCS7_DecodeEnvelopedData(pkcs7, output, envelopedSz, decoded, sizeof(decoded))), 0); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; } #endif /* !NO_AES && !NO_AES_256 */ #ifndef NO_RSA XFREE(rsaCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(rsaPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); #endif /* NO_RSA */ #ifdef HAVE_ECC XFREE(eccCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(eccPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); #endif /* HAVE_ECC */ #ifdef ECC_TIMING_RESISTANT DoExpectIntEQ(wc_FreeRng(&rng), 0); #endif #if defined(USE_CERT_BUFFERS_2048) && !defined(NO_DES3) && \ !defined(NO_RSA) && !defined(NO_SHA) { byte out[7]; byte *cms = NULL; word32 cmsSz; XFILE cmsFile = XBADFILE; XMEMSET(out, 0, sizeof(out)); ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectTrue((cmsFile = XFOPEN("./certs/test/ktri-keyid-cms.msg", "rb")) != XBADFILE); cmsSz = (word32)FOURK_BUF; ExpectNotNull(cms = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); ExpectTrue((cmsSz = (word32)XFREAD(cms, 1, cmsSz, cmsFile)) > 0); if (cmsFile != XBADFILE) XFCLOSE(cmsFile); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)client_cert_der_2048, sizeof_client_cert_der_2048), 0); if (pkcs7 != NULL) { pkcs7->privateKey = (byte*)client_key_der_2048; pkcs7->privateKeySz = sizeof_client_key_der_2048; } ExpectIntLT(wc_PKCS7_DecodeEnvelopedData(pkcs7, cms, cmsSz, out, 2), 0); ExpectIntGT(wc_PKCS7_DecodeEnvelopedData(pkcs7, cms, cmsSz, out, sizeof(out)), 0); XFREE(cms, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); ExpectIntEQ(XMEMCMP(out, "test", 4), 0); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; } #endif /* USE_CERT_BUFFERS_2048 && !NO_DES3 && !NO_RSA && !NO_SHA */ #endif /* HAVE_PKCS7 */ return EXPECT_RESULT(); } /* END test_wc_PKCS7_EncodeDecodeEnvelopedData() */ /* * Testing wc_PKCS7_EncodeEncryptedData() */ static int test_wc_PKCS7_EncodeEncryptedData(void) { EXPECT_DECLS; #if defined(HAVE_PKCS7) && !defined(NO_PKCS7_ENCRYPTED_DATA) PKCS7* pkcs7 = NULL; byte* tmpBytePtr = NULL; byte encrypted[TWOK_BUF]; byte decoded[TWOK_BUF]; word32 tmpWrd32 = 0; int tmpInt = 0; int decodedSz = 0; int encryptedSz = 0; int testSz = 0; int i = 0; const byte data[] = { /* Hello World */ 0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f, 0x72,0x6c,0x64 }; #ifndef NO_DES3 byte desKey[] = { 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef }; byte des3Key[] = { 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10, 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67 }; #endif #if !defined(NO_AES) && defined(HAVE_AES_CBC) #ifndef NO_AES_128 byte aes128Key[] = { 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08, 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08 }; #endif #ifndef NO_AES_192 byte aes192Key[] = { 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08, 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08, 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08 }; #endif #ifndef NO_AES_256 byte aes256Key[] = { 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08, 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08, 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08, 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08 }; #endif #endif /* !NO_AES && HAVE_AES_CBC */ const pkcs7EncryptedVector testVectors[] = { #ifndef NO_DES3 {data, (word32)sizeof(data), DATA, DES3b, des3Key, sizeof(des3Key)}, {data, (word32)sizeof(data), DATA, DESb, desKey, sizeof(desKey)}, #endif /* !NO_DES3 */ #if !defined(NO_AES) && defined(HAVE_AES_CBC) #ifndef NO_AES_128 {data, (word32)sizeof(data), DATA, AES128CBCb, aes128Key, sizeof(aes128Key)}, #endif #ifndef NO_AES_192 {data, (word32)sizeof(data), DATA, AES192CBCb, aes192Key, sizeof(aes192Key)}, #endif #ifndef NO_AES_256 {data, (word32)sizeof(data), DATA, AES256CBCb, aes256Key, sizeof(aes256Key)}, #endif #endif /* !NO_AES && HAVE_AES_CBC */ }; testSz = sizeof(testVectors) / sizeof(pkcs7EncryptedVector); for (i = 0; i < testSz; i++) { ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0); if (pkcs7 != NULL) { pkcs7->content = (byte*)testVectors[i].content; pkcs7->contentSz = testVectors[i].contentSz; pkcs7->contentOID = testVectors[i].contentOID; pkcs7->encryptOID = testVectors[i].encryptOID; pkcs7->encryptionKey = testVectors[i].encryptionKey; pkcs7->encryptionKeySz = testVectors[i].encryptionKeySz; pkcs7->heap = HEAP_HINT; } /* encode encryptedData */ ExpectIntGT(encryptedSz = wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted, sizeof(encrypted)), 0); /* Decode encryptedData */ ExpectIntGT(decodedSz = wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, encryptedSz, decoded, sizeof(decoded)), 0); ExpectIntEQ(XMEMCMP(decoded, data, decodedSz), 0); /* Keep values for last itr. */ if (i < testSz - 1) { wc_PKCS7_Free(pkcs7); pkcs7 = NULL; } } if (pkcs7 == NULL || testSz == 0) { ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0); } ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(NULL, encrypted, sizeof(encrypted)),BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, NULL, sizeof(encrypted)), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted, 0), BAD_FUNC_ARG); /* Testing the struct. */ if (pkcs7 != NULL) { tmpBytePtr = pkcs7->content; pkcs7->content = NULL; } ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted, sizeof(encrypted)), BAD_FUNC_ARG); if (pkcs7 != NULL) { pkcs7->content = tmpBytePtr; tmpWrd32 = pkcs7->contentSz; pkcs7->contentSz = 0; } ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted, sizeof(encrypted)), BAD_FUNC_ARG); if (pkcs7 != NULL) { pkcs7->contentSz = tmpWrd32; tmpInt = pkcs7->encryptOID; pkcs7->encryptOID = 0; } ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted, sizeof(encrypted)), BAD_FUNC_ARG); if (pkcs7 != NULL) { pkcs7->encryptOID = tmpInt; tmpBytePtr = pkcs7->encryptionKey; pkcs7->encryptionKey = NULL; } ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted, sizeof(encrypted)), BAD_FUNC_ARG); if (pkcs7 != NULL) { pkcs7->encryptionKey = tmpBytePtr; tmpWrd32 = pkcs7->encryptionKeySz; pkcs7->encryptionKeySz = 0; } ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted, sizeof(encrypted)), BAD_FUNC_ARG); if (pkcs7 != NULL) { pkcs7->encryptionKeySz = tmpWrd32; } ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(NULL, encrypted, encryptedSz, decoded, sizeof(decoded)), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, NULL, encryptedSz, decoded, sizeof(decoded)), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, 0, decoded, sizeof(decoded)), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, encryptedSz, NULL, sizeof(decoded)), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, encryptedSz, decoded, 0), BAD_FUNC_ARG); /* Test struct fields */ if (pkcs7 != NULL) { tmpBytePtr = pkcs7->encryptionKey; pkcs7->encryptionKey = NULL; } ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, encryptedSz, decoded, sizeof(decoded)), BAD_FUNC_ARG); if (pkcs7 != NULL) { pkcs7->encryptionKey = tmpBytePtr; pkcs7->encryptionKeySz = 0; } ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, encryptedSz, decoded, sizeof(decoded)), BAD_FUNC_ARG); wc_PKCS7_Free(pkcs7); #endif return EXPECT_RESULT(); } /* END test_wc_PKCS7_EncodeEncryptedData() */ /* * Testing wc_PKCS7_Degenerate() */ static int test_wc_PKCS7_Degenerate(void) { EXPECT_DECLS; #if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) PKCS7* pkcs7 = NULL; char fName[] = "./certs/test-degenerate.p7b"; XFILE f = XBADFILE; byte der[4096]; word32 derSz = 0; #ifndef NO_PKCS7_STREAM word32 z; int ret; #endif /* !NO_PKCS7_STREAM */ ExpectTrue((f = XFOPEN(fName, "rb")) != XBADFILE); ExpectTrue((derSz = (word32)XFREAD(der, 1, sizeof(der), f)) > 0); if (f != XBADFILE) XFCLOSE(f); /* test degenerate success */ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); #ifndef NO_RSA ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), 0); #ifndef NO_PKCS7_STREAM wc_PKCS7_Free(pkcs7); pkcs7 = NULL; ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); /* test for streaming */ ret = -1; for (z = 0; z < derSz && ret != 0; z++) { ret = wc_PKCS7_VerifySignedData(pkcs7, der + z, 1); if (ret < 0){ ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E); } } ExpectIntEQ(ret, 0); #endif /* !NO_PKCS7_STREAM */ #else ExpectIntNE(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), 0); #endif /* NO_RSA */ wc_PKCS7_Free(pkcs7); pkcs7 = NULL; /* test with turning off degenerate cases */ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); wc_PKCS7_AllowDegenerate(pkcs7, 0); /* override allowing degenerate case */ ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), PKCS7_NO_SIGNER_E); #ifndef NO_PKCS7_STREAM wc_PKCS7_Free(pkcs7); pkcs7 = NULL; ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); wc_PKCS7_AllowDegenerate(pkcs7, 0); /* override allowing degenerate case */ /* test for streaming */ ret = -1; for (z = 0; z < derSz && ret != 0; z++) { ret = wc_PKCS7_VerifySignedData(pkcs7, der + z, 1); if (ret == WC_PKCS7_WANT_READ_E){ continue; } else break; } ExpectIntEQ(ret, PKCS7_NO_SIGNER_E); #endif /* !NO_PKCS7_STREAM */ wc_PKCS7_Free(pkcs7); #endif return EXPECT_RESULT(); } /* END test_wc_PKCS7_Degenerate() */ #if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && \ defined(ASN_BER_TO_DER) && !defined(NO_DES3) && !defined(NO_SHA) static byte berContent[] = { 0x30, 0x80, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x03, 0xA0, 0x80, 0x30, 0x80, 0x02, 0x01, 0x00, 0x31, 0x82, 0x01, 0x48, 0x30, 0x82, 0x01, 0x44, 0x02, 0x01, 0x00, 0x30, 0x81, 0xAC, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x31, 0x30, 0x32, 0x34, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x02, 0x09, 0x00, 0xBB, 0xD3, 0x10, 0x03, 0xE6, 0x9D, 0x28, 0x03, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x81, 0x80, 0x2F, 0xF9, 0x77, 0x4F, 0x04, 0x5C, 0x16, 0x62, 0xF0, 0x77, 0x8D, 0x95, 0x4C, 0xB1, 0x44, 0x9A, 0x8C, 0x3C, 0x8C, 0xE4, 0xD1, 0xC1, 0x14, 0x72, 0xD0, 0x4A, 0x1A, 0x94, 0x27, 0x0F, 0xAA, 0xE8, 0xD0, 0xA2, 0xE7, 0xED, 0x4C, 0x7F, 0x0F, 0xC7, 0x1B, 0xFB, 0x81, 0x0E, 0x76, 0x8F, 0xDD, 0x32, 0x11, 0x68, 0xA0, 0x13, 0xD2, 0x8D, 0x95, 0xEF, 0x80, 0x53, 0x81, 0x0E, 0x1F, 0xC8, 0xD6, 0x76, 0x5C, 0x31, 0xD3, 0x77, 0x33, 0x29, 0xA6, 0x1A, 0xD3, 0xC6, 0x14, 0x36, 0xCA, 0x8E, 0x7D, 0x72, 0xA0, 0x29, 0x4C, 0xC7, 0x3A, 0xAF, 0xFE, 0xF7, 0xFC, 0xD7, 0xE2, 0x8F, 0x6A, 0x20, 0x46, 0x09, 0x40, 0x22, 0x2D, 0x79, 0x38, 0x11, 0xB1, 0x4A, 0xE3, 0x48, 0xE8, 0x10, 0x37, 0xA0, 0x22, 0xF7, 0xB4, 0x79, 0xD1, 0xA9, 0x3D, 0xC2, 0xAB, 0x37, 0xAE, 0x82, 0x68, 0x1A, 0x16, 0xEF, 0x33, 0x0C, 0x30, 0x80, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x01, 0x30, 0x14, 0x06, 0x08, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x03, 0x07, 0x04, 0x08, 0xAD, 0xD0, 0x38, 0x9B, 0x16, 0x4B, 0x7F, 0x99, 0xA0, 0x80, 0x04, 0x82, 0x03, 0xE8, 0x6D, 0x48, 0xFB, 0x8A, 0xBD, 0xED, 0x6C, 0xCD, 0xC6, 0x48, 0xFD, 0xB7, 0xB0, 0x7C, 0x86, 0x2C, 0x8D, 0xF0, 0x23, 0x12, 0xD8, 0xA3, 0x2A, 0x21, 0x6F, 0x8B, 0x75, 0xBB, 0x47, 0x7F, 0xC9, 0xBA, 0xBA, 0xFF, 0x91, 0x09, 0x01, 0x7A, 0x5C, 0x96, 0x02, 0xB8, 0x8E, 0xF8, 0x67, 0x7E, 0x8F, 0xF9, 0x51, 0x0E, 0xFF, 0x8E, 0xE2, 0x61, 0xC0, 0xDF, 0xFA, 0xE2, 0x4C, 0x50, 0x90, 0xAE, 0xA1, 0x15, 0x38, 0x3D, 0xBE, 0x88, 0xD7, 0x57, 0xC0, 0x11, 0x44, 0xA2, 0x61, 0x05, 0x49, 0x6A, 0x94, 0x04, 0x10, 0xD9, 0xC2, 0x2D, 0x15, 0x20, 0x0D, 0xBD, 0xA2, 0xEF, 0xE4, 0x68, 0xFA, 0x39, 0x75, 0x7E, 0xD8, 0x64, 0x44, 0xCB, 0xE0, 0x00, 0x6D, 0x57, 0x4E, 0x8A, 0x17, 0xA9, 0x83, 0x6C, 0x7F, 0xFE, 0x01, 0xEE, 0xDE, 0x99, 0x3A, 0xB2, 0xFF, 0xD3, 0x72, 0x78, 0xBA, 0xF1, 0x23, 0x54, 0x48, 0x02, 0xD8, 0x38, 0xA9, 0x54, 0xE5, 0x4A, 0x81, 0xB9, 0xC0, 0x67, 0xB2, 0x7D, 0x3C, 0x6F, 0xCE, 0xA4, 0xDD, 0x34, 0x5F, 0x60, 0xB1, 0xA3, 0x7A, 0xE4, 0x43, 0xF2, 0x89, 0x64, 0x35, 0x09, 0x32, 0x51, 0xFB, 0x5C, 0x67, 0x0C, 0x3B, 0xFC, 0x36, 0x6B, 0x37, 0x43, 0x6C, 0x03, 0xCD, 0x44, 0xC7, 0x2B, 0x62, 0xD6, 0xD1, 0xF4, 0x07, 0x7B, 0x19, 0x91, 0xF0, 0xD7, 0xF5, 0x54, 0xBC, 0x0F, 0x42, 0x6B, 0x69, 0xF7, 0xA3, 0xC8, 0xEE, 0xB9, 0x7A, 0x9E, 0x3D, 0xDF, 0x53, 0x47, 0xF7, 0x50, 0x67, 0x00, 0xCF, 0x2B, 0x3B, 0xE9, 0x85, 0xEE, 0xBD, 0x4C, 0x64, 0x66, 0x0B, 0x77, 0x80, 0x9D, 0xEF, 0x11, 0x32, 0x77, 0xA8, 0xA4, 0x5F, 0xEE, 0x2D, 0xE0, 0x43, 0x87, 0x76, 0x87, 0x53, 0x4E, 0xD7, 0x1A, 0x04, 0x7B, 0xE1, 0xD1, 0xE1, 0xF5, 0x87, 0x51, 0x13, 0xE0, 0xC2, 0xAA, 0xA3, 0x4B, 0xAA, 0x9E, 0xB4, 0xA6, 0x1D, 0x4E, 0x28, 0x57, 0x0B, 0x80, 0x90, 0x81, 0x4E, 0x04, 0xF5, 0x30, 0x8D, 0x51, 0xCE, 0x57, 0x2F, 0x88, 0xC5, 0x70, 0xC4, 0x06, 0x8F, 0xDD, 0x37, 0xC1, 0x34, 0x1E, 0x0E, 0x15, 0x32, 0x23, 0x92, 0xAB, 0x40, 0xEA, 0xF7, 0x43, 0xE2, 0x1D, 0xE2, 0x4B, 0xC9, 0x91, 0xF4, 0x63, 0x21, 0x34, 0xDB, 0xE9, 0x86, 0x83, 0x1A, 0xD2, 0x52, 0xEF, 0x7A, 0xA2, 0xEE, 0xA4, 0x11, 0x56, 0xD3, 0x6C, 0xF5, 0x6D, 0xE4, 0xA5, 0x2D, 0x99, 0x02, 0x10, 0xDF, 0x29, 0xC5, 0xE3, 0x0B, 0xC4, 0xA1, 0xEE, 0x5F, 0x4A, 0x10, 0xEE, 0x85, 0x73, 0x2A, 0x92, 0x15, 0x2C, 0xC8, 0xF4, 0x8C, 0xD7, 0x3D, 0xBC, 0xAD, 0x18, 0xE0, 0x59, 0xD3, 0xEE, 0x75, 0x90, 0x1C, 0xCC, 0x76, 0xC6, 0x64, 0x17, 0xD2, 0xD0, 0x91, 0xA6, 0xD0, 0xC1, 0x4A, 0xAA, 0x58, 0x22, 0xEC, 0x45, 0x98, 0xF2, 0xCC, 0x4C, 0xE4, 0xBF, 0xED, 0xF6, 0x44, 0x72, 0x36, 0x65, 0x3F, 0xE3, 0xB5, 0x8B, 0x3E, 0x54, 0x9C, 0x82, 0x86, 0x5E, 0xB0, 0xF2, 0x12, 0xE5, 0x69, 0xFA, 0x46, 0xA2, 0x54, 0xFC, 0xF5, 0x4B, 0xE0, 0x24, 0x3B, 0x99, 0x04, 0x1A, 0x7A, 0xF7, 0xD1, 0xFF, 0x68, 0x97, 0xB2, 0x85, 0x82, 0x95, 0x27, 0x2B, 0xF4, 0xE7, 0x1A, 0x74, 0x19, 0xEC, 0x8C, 0x4E, 0xA7, 0x0F, 0xAD, 0x4F, 0x5A, 0x02, 0x80, 0xC1, 0x6A, 0x9E, 0x54, 0xE4, 0x8E, 0xA3, 0x41, 0x3F, 0x6F, 0x9C, 0x82, 0x9F, 0x83, 0xB0, 0x44, 0x01, 0x5F, 0x10, 0x9D, 0xD3, 0xB6, 0x33, 0x5B, 0xAF, 0xAC, 0x6B, 0x57, 0x2A, 0x01, 0xED, 0x0E, 0x17, 0xB9, 0x80, 0x76, 0x12, 0x1C, 0x51, 0x56, 0xDD, 0x6D, 0x94, 0xAB, 0xD2, 0xE5, 0x15, 0x2D, 0x3C, 0xC5, 0xE8, 0x62, 0x05, 0x8B, 0x40, 0xB1, 0xC2, 0x83, 0xCA, 0xAC, 0x4B, 0x8B, 0x39, 0xF7, 0xA0, 0x08, 0x43, 0x5C, 0xF7, 0xE8, 0xED, 0x40, 0x72, 0x73, 0xE3, 0x6B, 0x18, 0x67, 0xA0, 0xB6, 0x0F, 0xED, 0x8F, 0x9A, 0xE4, 0x27, 0x62, 0x23, 0xAA, 0x6D, 0x6C, 0x31, 0xC9, 0x9D, 0x6B, 0xE0, 0xBF, 0x9D, 0x7D, 0x2E, 0x76, 0x71, 0x06, 0x39, 0xAC, 0x96, 0x1C, 0xAF, 0x30, 0xF2, 0x62, 0x9C, 0x84, 0x3F, 0x43, 0x5E, 0x19, 0xA8, 0xE5, 0x3C, 0x9D, 0x43, 0x3C, 0x43, 0x41, 0xE8, 0x82, 0xE7, 0x5B, 0xF3, 0xE2, 0x15, 0xE3, 0x52, 0x20, 0xFD, 0x0D, 0xB2, 0x4D, 0x48, 0xAD, 0x53, 0x7E, 0x0C, 0xF0, 0xB9, 0xBE, 0xC9, 0x58, 0x4B, 0xC8, 0xA8, 0xA3, 0x36, 0xF1, 0x2C, 0xD2, 0xE1, 0xC8, 0xC4, 0x3C, 0x48, 0x70, 0xC2, 0x6D, 0x6C, 0x3D, 0x99, 0xAC, 0x43, 0x19, 0x69, 0xCA, 0x67, 0x1A, 0xC9, 0xE1, 0x47, 0xFA, 0x0A, 0xE6, 0x5B, 0x6F, 0x61, 0xD0, 0x03, 0xE4, 0x03, 0x4B, 0xFD, 0xE2, 0xA5, 0x8D, 0x83, 0x01, 0x7E, 0xC0, 0x7B, 0x2E, 0x0B, 0x29, 0xDD, 0xD6, 0xDC, 0x71, 0x46, 0xBD, 0x9A, 0x40, 0x46, 0x1E, 0x0A, 0xB1, 0x00, 0xE7, 0x71, 0x29, 0x77, 0xFC, 0x9A, 0x76, 0x8A, 0x5F, 0x66, 0x9B, 0x63, 0x91, 0x12, 0x78, 0xBF, 0x67, 0xAD, 0xA1, 0x72, 0x9E, 0xC5, 0x3E, 0xE5, 0xCB, 0xAF, 0xD6, 0x5A, 0x0D, 0xB6, 0x9B, 0xA3, 0x78, 0xE8, 0xB0, 0x8F, 0x69, 0xED, 0xC1, 0x73, 0xD5, 0xE5, 0x1C, 0x18, 0xA0, 0x58, 0x4C, 0x49, 0xBD, 0x91, 0xCE, 0x15, 0x0D, 0xAA, 0x5A, 0x07, 0xEA, 0x1C, 0xA7, 0x4B, 0x11, 0x31, 0x80, 0xAF, 0xA1, 0x0A, 0xED, 0x6C, 0x70, 0xE4, 0xDB, 0x75, 0x86, 0xAE, 0xBF, 0x4A, 0x05, 0x72, 0xDE, 0x84, 0x8C, 0x7B, 0x59, 0x81, 0x58, 0xE0, 0xC0, 0x15, 0xB5, 0xF3, 0xD5, 0x73, 0x78, 0x83, 0x53, 0xDA, 0x92, 0xC1, 0xE6, 0x71, 0x74, 0xC7, 0x7E, 0xAA, 0x36, 0x06, 0xF0, 0xDF, 0xBA, 0xFB, 0xEF, 0x54, 0xE8, 0x11, 0xB2, 0x33, 0xA3, 0x0B, 0x9E, 0x0C, 0x59, 0x75, 0x13, 0xFA, 0x7F, 0x88, 0xB9, 0x86, 0xBD, 0x1A, 0xDB, 0x52, 0x12, 0xFB, 0x6D, 0x1A, 0xCB, 0x49, 0x94, 0x94, 0xC4, 0xA9, 0x99, 0xC0, 0xA4, 0xB6, 0x60, 0x36, 0x09, 0x94, 0x2A, 0xD5, 0xC4, 0x26, 0xF4, 0xA3, 0x6A, 0x0E, 0x57, 0x8B, 0x7C, 0xA4, 0x1D, 0x75, 0xE8, 0x2A, 0xF3, 0xC4, 0x3C, 0x7D, 0x45, 0x6D, 0xD8, 0x24, 0xD1, 0x3B, 0xF7, 0xCF, 0xE4, 0x45, 0x2A, 0x55, 0xE5, 0xA9, 0x1F, 0x1C, 0x8F, 0x55, 0x8D, 0xC1, 0xF7, 0x74, 0xCC, 0x26, 0xC7, 0xBA, 0x2E, 0x5C, 0xC1, 0x71, 0x0A, 0xAA, 0xD9, 0x6D, 0x76, 0xA7, 0xF9, 0xD1, 0x18, 0xCB, 0x5A, 0x52, 0x98, 0xA8, 0x0D, 0x3F, 0x06, 0xFC, 0x49, 0x11, 0x21, 0x5F, 0x86, 0x19, 0x33, 0x81, 0xB5, 0x7A, 0xDA, 0xA1, 0x47, 0xBF, 0x7C, 0xD7, 0x05, 0x96, 0xC7, 0xF5, 0xC1, 0x61, 0xE5, 0x18, 0xA5, 0x38, 0x68, 0xED, 0xB4, 0x17, 0x62, 0x0D, 0x01, 0x5E, 0xC3, 0x04, 0xA6, 0xBA, 0xB1, 0x01, 0x60, 0x5C, 0xC1, 0x3A, 0x34, 0x97, 0xD6, 0xDB, 0x67, 0x73, 0x4D, 0x33, 0x96, 0x01, 0x67, 0x44, 0xEA, 0x47, 0x5E, 0x44, 0xB5, 0xE5, 0xD1, 0x6C, 0x20, 0xA9, 0x6D, 0x4D, 0xBC, 0x02, 0xF0, 0x70, 0xE4, 0xDD, 0xE9, 0xD5, 0x5C, 0x28, 0x29, 0x0B, 0xB4, 0x60, 0x2A, 0xF1, 0xF7, 0x1A, 0xF0, 0x36, 0xAE, 0x51, 0x3A, 0xAE, 0x6E, 0x48, 0x7D, 0xC7, 0x5C, 0xF3, 0xDC, 0xF6, 0xED, 0x27, 0x4E, 0x8E, 0x48, 0x18, 0x3E, 0x08, 0xF1, 0xD8, 0x3D, 0x0D, 0xE7, 0x2F, 0x65, 0x8A, 0x6F, 0xE2, 0x1E, 0x06, 0xC1, 0x04, 0x58, 0x7B, 0x4A, 0x75, 0x60, 0x92, 0x13, 0xC6, 0x40, 0x2D, 0x3A, 0x8A, 0xD1, 0x03, 0x05, 0x1F, 0x28, 0x66, 0xC2, 0x57, 0x2A, 0x4C, 0xE1, 0xA3, 0xCB, 0xA1, 0x95, 0x30, 0x10, 0xED, 0xDF, 0xAE, 0x70, 0x49, 0x4E, 0xF6, 0xB4, 0x5A, 0xB6, 0x22, 0x56, 0x37, 0x05, 0xE7, 0x3E, 0xB2, 0xE3, 0x96, 0x62, 0xEC, 0x09, 0x53, 0xC0, 0x50, 0x3D, 0xA7, 0xBC, 0x9B, 0x39, 0x02, 0x26, 0x16, 0xB5, 0x34, 0x17, 0xD4, 0xCA, 0xFE, 0x1D, 0xE4, 0x5A, 0xDA, 0x4C, 0xC2, 0xCA, 0x8E, 0x79, 0xBF, 0xD8, 0x4C, 0xBB, 0xFA, 0x30, 0x7B, 0xA9, 0x3E, 0x52, 0x19, 0xB1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; #endif /* HAVE_PKCS7 && !NO_FILESYSTEM && ASN_BER_TO_DER && * !NO_DES3 && !NO_SHA */ /* * Testing wc_PKCS7_BER() */ static int test_wc_PKCS7_BER(void) { EXPECT_DECLS; #if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && \ !defined(NO_SHA) && defined(ASN_BER_TO_DER) PKCS7* pkcs7 = NULL; char fName[] = "./certs/test-ber-exp02-05-2022.p7b"; XFILE f = XBADFILE; byte der[4096]; #ifndef NO_DES3 byte decoded[2048]; #endif word32 derSz = 0; #ifndef NO_PKCS7_STREAM word32 z; int ret; #endif /* !NO_PKCS7_STREAM */ ExpectTrue((f = XFOPEN(fName, "rb")) != XBADFILE); ExpectTrue((derSz = (word32)XFREAD(der, 1, sizeof(der), f)) > 0); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); #ifndef NO_RSA ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), 0); #ifndef NO_PKCS7_STREAM wc_PKCS7_Free(pkcs7); pkcs7 = NULL; ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); /* test for streaming */ ret = -1; for (z = 0; z < derSz && ret != 0; z++) { ret = wc_PKCS7_VerifySignedData(pkcs7, der + z, 1); if (ret < 0){ ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E); } } ExpectIntEQ(ret, 0); #endif /* !NO_PKCS7_STREAM */ #else ExpectIntNE(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), 0); #endif wc_PKCS7_Free(pkcs7); pkcs7 = NULL; #ifndef NO_DES3 /* decode BER content */ ExpectTrue((f = XFOPEN("./certs/1024/client-cert.der", "rb")) != XBADFILE); ExpectTrue((derSz = (word32)XFREAD(der, 1, sizeof(der), f)) > 0); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); #ifndef NO_RSA ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, der, derSz), 0); #else ExpectIntNE(wc_PKCS7_InitWithCert(pkcs7, der, derSz), 0); #endif ExpectTrue((f = XFOPEN("./certs/1024/client-key.der", "rb")) != XBADFILE); ExpectTrue((derSz = (word32)XFREAD(der, 1, sizeof(der), f)) > 0); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } if (pkcs7 != NULL) { pkcs7->privateKey = der; pkcs7->privateKeySz = derSz; } #ifndef NO_RSA #ifdef WOLFSSL_SP_MATH ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, berContent, sizeof(berContent), decoded, sizeof(decoded)), WC_KEY_SIZE_E); #else ExpectIntGT(wc_PKCS7_DecodeEnvelopedData(pkcs7, berContent, sizeof(berContent), decoded, sizeof(decoded)), 0); #endif #else ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, berContent, sizeof(berContent), decoded, sizeof(decoded)), NOT_COMPILED_IN); #endif wc_PKCS7_Free(pkcs7); #endif /* !NO_DES3 */ #endif return EXPECT_RESULT(); } /* END test_wc_PKCS7_BER() */ static int test_wc_PKCS7_signed_enveloped(void) { EXPECT_DECLS; #if defined(HAVE_PKCS7) && !defined(NO_RSA) && !defined(NO_AES) && \ !defined(NO_FILESYSTEM) XFILE f = XBADFILE; PKCS7* pkcs7 = NULL; #ifdef HAVE_AES_CBC PKCS7* inner = NULL; #endif WC_RNG rng; unsigned char key[FOURK_BUF/2]; unsigned char cert[FOURK_BUF/2]; unsigned char env[FOURK_BUF]; int envSz = FOURK_BUF; int keySz = 0; int certSz = 0; unsigned char sig[FOURK_BUF * 2]; int sigSz = FOURK_BUF * 2; #ifdef HAVE_AES_CBC unsigned char decoded[FOURK_BUF]; int decodedSz = FOURK_BUF; #endif #ifndef NO_PKCS7_STREAM int z; int ret; #endif /* !NO_PKCS7_STREAM */ XMEMSET(&rng, 0, sizeof(WC_RNG)); /* load cert */ ExpectTrue((f = XFOPEN(cliCertDerFile, "rb")) != XBADFILE); ExpectIntGT((certSz = (int)XFREAD(cert, 1, sizeof(cert), f)), 0); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } /* load key */ ExpectTrue((f = XFOPEN(cliKeyFile, "rb")) != XBADFILE); ExpectIntGT((keySz = (int)XFREAD(key, 1, sizeof(key), f)), 0); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } ExpectIntGT(keySz = wolfSSL_KeyPemToDer(key, keySz, key, keySz, NULL), 0); /* sign cert for envelope */ ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0)); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0); if (pkcs7 != NULL) { pkcs7->content = cert; pkcs7->contentSz = certSz; pkcs7->contentOID = DATA; pkcs7->privateKey = key; pkcs7->privateKeySz = keySz; pkcs7->encryptOID = RSAk; pkcs7->hashOID = SHA256h; pkcs7->rng = &rng; } ExpectIntGT((sigSz = wc_PKCS7_EncodeSignedData(pkcs7, sig, sigSz)), 0); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; DoExpectIntEQ(wc_FreeRng(&rng), 0); #ifdef HAVE_AES_CBC /* create envelope */ ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0); if (pkcs7 != NULL) { pkcs7->content = sig; pkcs7->contentSz = sigSz; pkcs7->contentOID = DATA; pkcs7->encryptOID = AES256CBCb; pkcs7->privateKey = key; pkcs7->privateKeySz = keySz; } ExpectIntGT((envSz = wc_PKCS7_EncodeEnvelopedData(pkcs7, env, envSz)), 0); ExpectIntLT(wc_PKCS7_EncodeEnvelopedData(pkcs7, env, 2), 0); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; #endif /* create bad signed enveloped data */ sigSz = FOURK_BUF * 2; ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0)); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0); if (pkcs7 != NULL) { pkcs7->content = env; pkcs7->contentSz = envSz; pkcs7->contentOID = DATA; pkcs7->privateKey = key; pkcs7->privateKeySz = keySz; pkcs7->encryptOID = RSAk; pkcs7->hashOID = SHA256h; pkcs7->rng = &rng; } /* Set no certs in bundle for this test. */ if (pkcs7 != NULL) { ExpectIntEQ(wc_PKCS7_SetNoCerts(pkcs7, 1), 0); ExpectIntEQ(wc_PKCS7_SetNoCerts(NULL, 1), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_GetNoCerts(pkcs7), 1); } ExpectIntGT((sigSz = wc_PKCS7_EncodeSignedData(pkcs7, sig, sigSz)), 0); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; /* check verify fails */ ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, sig, sigSz), PKCS7_SIGNEEDS_CHECK); /* try verifying the signature manually */ { RsaKey rKey; word32 idx = 0; byte digest[MAX_SEQ_SZ + MAX_ALGO_SZ + MAX_OCTET_STR_SZ + WC_MAX_DIGEST_SIZE]; int digestSz = 0; ExpectIntEQ(wc_InitRsaKey(&rKey, HEAP_HINT), 0); ExpectIntEQ(wc_RsaPrivateKeyDecode(key, &idx, &rKey, keySz), 0); ExpectIntGT(digestSz = wc_RsaSSL_Verify(pkcs7->signature, pkcs7->signatureSz, digest, sizeof(digest), &rKey), 0); ExpectIntEQ(digestSz, pkcs7->pkcs7DigestSz); ExpectIntEQ(XMEMCMP(digest, pkcs7->pkcs7Digest, digestSz), 0); ExpectIntEQ(wc_FreeRsaKey(&rKey), 0); /* verify was success */ } wc_PKCS7_Free(pkcs7); pkcs7 = NULL; /* initializing the PKCS7 struct with the signing certificate should pass */ ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0); ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, sig, sigSz), 0); #ifndef NO_PKCS7_STREAM wc_PKCS7_Free(pkcs7); pkcs7 = NULL; ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0); /* test for streaming */ ret = -1; for (z = 0; z < sigSz && ret != 0; z++) { ret = wc_PKCS7_VerifySignedData(pkcs7, sig + z, 1); if (ret < 0){ ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E); } } ExpectIntEQ(ret, 0); #endif /* !NO_PKCS7_STREAM */ wc_PKCS7_Free(pkcs7); pkcs7 = NULL; /* create valid degenerate bundle */ sigSz = FOURK_BUF * 2; ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0)); if (pkcs7 != NULL) { pkcs7->content = env; pkcs7->contentSz = envSz; pkcs7->contentOID = DATA; pkcs7->privateKey = key; pkcs7->privateKeySz = keySz; pkcs7->encryptOID = RSAk; pkcs7->hashOID = SHA256h; pkcs7->rng = &rng; } ExpectIntEQ(wc_PKCS7_SetSignerIdentifierType(pkcs7, DEGENERATE_SID), 0); ExpectIntGT((sigSz = wc_PKCS7_EncodeSignedData(pkcs7, sig, sigSz)), 0); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; wc_FreeRng(&rng); /* check verify */ ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0)); ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, sig, sigSz), 0); ExpectNotNull(pkcs7->content); #ifndef NO_PKCS7_STREAM wc_PKCS7_Free(pkcs7); pkcs7 = NULL; /* create valid degenerate bundle */ sigSz = FOURK_BUF * 2; ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0)); if (pkcs7 != NULL) { pkcs7->content = env; pkcs7->contentSz = envSz; pkcs7->contentOID = DATA; pkcs7->privateKey = key; pkcs7->privateKeySz = keySz; pkcs7->encryptOID = RSAk; pkcs7->hashOID = SHA256h; pkcs7->rng = &rng; } ExpectIntEQ(wc_PKCS7_SetSignerIdentifierType(pkcs7, DEGENERATE_SID), 0); ExpectIntGT((sigSz = wc_PKCS7_EncodeSignedData(pkcs7, sig, sigSz)), 0); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; wc_FreeRng(&rng); /* check verify */ ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0)); ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0); /* test for streaming */ ret = -1; for (z = 0; z < sigSz && ret != 0; z++) { ret = wc_PKCS7_VerifySignedData(pkcs7, sig + z, 1); if (ret < 0){ ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E); } } ExpectIntEQ(ret, 0); #endif /* !NO_PKCS7_STREAM */ #ifdef HAVE_AES_CBC /* check decode */ ExpectNotNull(inner = wc_PKCS7_New(NULL, 0)); ExpectIntEQ(wc_PKCS7_InitWithCert(inner, cert, certSz), 0); if (inner != NULL) { inner->privateKey = key; inner->privateKeySz = keySz; } ExpectIntGT((decodedSz = wc_PKCS7_DecodeEnvelopedData(inner, pkcs7->content, pkcs7->contentSz, decoded, decodedSz)), 0); wc_PKCS7_Free(inner); inner = NULL; #endif wc_PKCS7_Free(pkcs7); pkcs7 = NULL; #ifdef HAVE_AES_CBC /* check cert set */ ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, decoded, decodedSz), 0); ExpectNotNull(pkcs7->singleCert); ExpectIntNE(pkcs7->singleCertSz, 0); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; #ifndef NO_PKCS7_STREAM ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); /* test for streaming */ ret = -1; for (z = 0; z < decodedSz && ret != 0; z++) { ret = wc_PKCS7_VerifySignedData(pkcs7, decoded + z, 1); if (ret < 0){ ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E); } } ExpectIntEQ(ret, 0); ExpectNotNull(pkcs7->singleCert); ExpectIntNE(pkcs7->singleCertSz, 0); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; #endif /* !NO_PKCS7_STREAM */ #endif #endif /* HAVE_PKCS7 && !NO_RSA && !NO_AES */ return EXPECT_RESULT(); } static int test_wc_PKCS7_NoDefaultSignedAttribs(void) { EXPECT_DECLS; #if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) \ && !defined(NO_AES) PKCS7* pkcs7 = NULL; void* heap = NULL; ExpectNotNull(pkcs7 = wc_PKCS7_New(heap, testDevId)); ExpectIntEQ(wc_PKCS7_Init(pkcs7, heap, testDevId), 0); ExpectIntEQ(wc_PKCS7_NoDefaultSignedAttribs(NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_NoDefaultSignedAttribs(pkcs7), 0); wc_PKCS7_Free(pkcs7); #endif return EXPECT_RESULT(); } static int test_wc_PKCS7_SetOriEncryptCtx(void) { EXPECT_DECLS; #if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) \ && !defined(NO_AES) PKCS7* pkcs7 = NULL; void* heap = NULL; WOLFSSL_CTX* ctx = NULL; ExpectNotNull(pkcs7 = wc_PKCS7_New(heap, testDevId)); ExpectIntEQ(wc_PKCS7_Init(pkcs7, heap, testDevId), 0); ExpectIntEQ(wc_PKCS7_SetOriEncryptCtx(NULL, ctx), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_SetOriEncryptCtx(pkcs7, ctx), 0); wc_PKCS7_Free(pkcs7); #endif return EXPECT_RESULT(); } static int test_wc_PKCS7_SetOriDecryptCtx(void) { EXPECT_DECLS; #if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) \ && !defined(NO_AES) PKCS7* pkcs7 = NULL; void* heap = NULL; WOLFSSL_CTX* ctx = NULL; ExpectNotNull(pkcs7 = wc_PKCS7_New(heap, testDevId)); ExpectIntEQ(wc_PKCS7_Init(pkcs7, heap, testDevId), 0); ExpectIntEQ(wc_PKCS7_SetOriDecryptCtx(NULL, ctx), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_SetOriDecryptCtx(pkcs7, ctx), 0); wc_PKCS7_Free(pkcs7); #endif return EXPECT_RESULT(); } static int test_wc_PKCS7_DecodeCompressedData(void) { EXPECT_DECLS; #if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) \ && !defined(NO_AES) && defined(HAVE_LIBZ) PKCS7* pkcs7 = NULL; void* heap = NULL; byte out[4096]; byte* decompressed = NULL; int outSz; int decompressedSz; const char* cert = "./certs/client-cert.pem"; byte* cert_buf = NULL; size_t cert_sz = 0; ExpectIntEQ(load_file(cert, &cert_buf, &cert_sz), 0); ExpectNotNull((decompressed = (byte*)XMALLOC(cert_sz, heap, DYNAMIC_TYPE_TMP_BUFFER))); decompressedSz = (int)cert_sz; ExpectNotNull((pkcs7 = wc_PKCS7_New(heap, testDevId))); if (pkcs7 != NULL) { pkcs7->content = (byte*)cert_buf; pkcs7->contentSz = (word32)cert_sz; pkcs7->contentOID = DATA; } ExpectIntGT((outSz = wc_PKCS7_EncodeCompressedData(pkcs7, out, sizeof(out))), 0); wc_PKCS7_Free(pkcs7); pkcs7 = NULL; /* compressed key should be smaller than when started */ ExpectIntLT(outSz, cert_sz); /* test decompression */ ExpectNotNull((pkcs7 = wc_PKCS7_New(heap, testDevId))); ExpectIntEQ(pkcs7->contentOID, 0); /* fail case with out buffer too small */ ExpectIntLT(wc_PKCS7_DecodeCompressedData(pkcs7, out, outSz, decompressed, outSz), 0); /* success case */ ExpectIntEQ(wc_PKCS7_DecodeCompressedData(pkcs7, out, outSz, decompressed, decompressedSz), cert_sz); ExpectIntEQ(pkcs7->contentOID, DATA); ExpectIntEQ(XMEMCMP(decompressed, cert_buf, cert_sz), 0); XFREE(decompressed, heap, DYNAMIC_TYPE_TMP_BUFFER); decompressed = NULL; /* test decompression function with different 'max' inputs */ outSz = sizeof(out); ExpectIntGT((outSz = wc_Compress(out, outSz, cert_buf, (word32)cert_sz, 0)), 0); ExpectIntLT(wc_DeCompressDynamic(&decompressed, 1, DYNAMIC_TYPE_TMP_BUFFER, out, outSz, 0, heap), 0); ExpectNull(decompressed); ExpectIntGT(wc_DeCompressDynamic(&decompressed, -1, DYNAMIC_TYPE_TMP_BUFFER, out, outSz, 0, heap), 0); ExpectNotNull(decompressed); ExpectIntEQ(XMEMCMP(decompressed, cert_buf, cert_sz), 0); XFREE(decompressed, heap, DYNAMIC_TYPE_TMP_BUFFER); decompressed = NULL; ExpectIntGT(wc_DeCompressDynamic(&decompressed, DYNAMIC_TYPE_TMP_BUFFER, 5, out, outSz, 0, heap), 0); ExpectNotNull(decompressed); ExpectIntEQ(XMEMCMP(decompressed, cert_buf, cert_sz), 0); XFREE(decompressed, heap, DYNAMIC_TYPE_TMP_BUFFER); if (cert_buf != NULL) free(cert_buf); wc_PKCS7_Free(pkcs7); #endif return EXPECT_RESULT(); } static int test_wc_i2d_PKCS12(void) { EXPECT_DECLS; #if !defined(NO_ASN) && !defined(NO_PWDBASED) && defined(HAVE_PKCS12) \ && !defined(NO_FILESYSTEM) && !defined(NO_RSA) \ && !defined(NO_AES) && !defined(NO_DES3) && !defined(NO_SHA) WC_PKCS12* pkcs12 = NULL; unsigned char der[FOURK_BUF * 2]; unsigned char* pt; int derSz = 0; unsigned char out[FOURK_BUF * 2]; int outSz = FOURK_BUF * 2; const char p12_f[] = "./certs/test-servercert.p12"; XFILE f = XBADFILE; ExpectTrue((f = XFOPEN(p12_f, "rb")) != XBADFILE); ExpectIntGT(derSz = (int)XFREAD(der, 1, sizeof(der), f), 0); if (f != XBADFILE) XFCLOSE(f); ExpectNotNull(pkcs12 = wc_PKCS12_new()); ExpectIntEQ(wc_d2i_PKCS12(der, derSz, pkcs12), 0); ExpectIntEQ(wc_i2d_PKCS12(pkcs12, NULL, &outSz), LENGTH_ONLY_E); ExpectIntEQ(outSz, derSz); outSz = derSz - 1; pt = out; ExpectIntLE(wc_i2d_PKCS12(pkcs12, &pt, &outSz), 0); outSz = derSz; ExpectIntEQ(wc_i2d_PKCS12(pkcs12, &pt, &outSz), derSz); ExpectIntEQ((pt == out), 0); pt = NULL; ExpectIntEQ(wc_i2d_PKCS12(pkcs12, &pt, NULL), derSz); XFREE(pt, NULL, DYNAMIC_TYPE_PKCS); wc_PKCS12_free(pkcs12); pkcs12 = NULL; /* Run the same test but use wc_d2i_PKCS12_fp. */ ExpectNotNull(pkcs12 = wc_PKCS12_new()); ExpectIntEQ(wc_d2i_PKCS12_fp("./certs/test-servercert.p12", &pkcs12), 0); ExpectIntEQ(wc_i2d_PKCS12(pkcs12, NULL, &outSz), LENGTH_ONLY_E); ExpectIntEQ(outSz, derSz); wc_PKCS12_free(pkcs12); pkcs12 = NULL; /* wc_d2i_PKCS12_fp can also allocate the PKCS12 object for the caller. */ ExpectIntEQ(wc_d2i_PKCS12_fp("./certs/test-servercert.p12", &pkcs12), 0); ExpectIntEQ(wc_i2d_PKCS12(pkcs12, NULL, &outSz), LENGTH_ONLY_E); ExpectIntEQ(outSz, derSz); wc_PKCS12_free(pkcs12); pkcs12 = NULL; #endif return EXPECT_RESULT(); } /* Testing wc_SignatureGetSize() for signature type ECC */ static int test_wc_SignatureGetSize_ecc(void) { EXPECT_DECLS; #if !defined(NO_SIG_WRAPPER) && defined(HAVE_ECC) && !defined(NO_ECC256) enum wc_SignatureType sig_type; word32 key_len; ecc_key ecc; const char* qx = "fa2737fb93488d19caef11ae7faf6b7f4bcd67b286e3fc54e8a65c2b74aeccb0"; const char* qy = "d4ccd6dae698208aa8c3a6f39e45510d03be09b2f124bfc067856c324f9b4d09"; const char* d = "be34baa8d040a3b991f9075b56ba292f755b90e4b6dc10dad36715c33cfdac25"; XMEMSET(&ecc, 0, sizeof(ecc_key)); ExpectIntEQ(wc_ecc_init(&ecc), 0); ExpectIntEQ(wc_ecc_import_raw(&ecc, qx, qy, d, "SECP256R1"), 0); /* Input for signature type ECC */ sig_type = WC_SIGNATURE_TYPE_ECC; key_len = sizeof(ecc_key); ExpectIntGT(wc_SignatureGetSize(sig_type, &ecc, key_len), 0); /* Test bad args */ /* // NOLINTBEGIN(clang-analyzer-optin.core.EnumCastOutOfRange) */ sig_type = (enum wc_SignatureType) 100; /* // NOLINTEND(clang-analyzer-optin.core.EnumCastOutOfRange) */ ExpectIntEQ(wc_SignatureGetSize(sig_type, &ecc, key_len), BAD_FUNC_ARG); sig_type = WC_SIGNATURE_TYPE_ECC; ExpectIntEQ(wc_SignatureGetSize(sig_type, NULL, key_len), 0); key_len = (word32)0; ExpectIntEQ(wc_SignatureGetSize(sig_type, &ecc, key_len), BAD_FUNC_ARG); DoExpectIntEQ(wc_ecc_free(&ecc), 0); #endif /* !NO_SIG_WRAPPER && HAVE_ECC && !NO_ECC256 */ return EXPECT_RESULT(); } /* END test_wc_SignatureGetSize_ecc() */ /* Testing wc_SignatureGetSize() for signature type rsa */ static int test_wc_SignatureGetSize_rsa(void) { EXPECT_DECLS; #if !defined(NO_SIG_WRAPPER) && !defined(NO_RSA) enum wc_SignatureType sig_type; word32 key_len; word32 idx = 0; RsaKey rsa_key; byte* tmp = NULL; size_t bytes; XMEMSET(&rsa_key, 0, sizeof(RsaKey)); #ifdef USE_CERT_BUFFERS_1024 bytes = (size_t)sizeof_client_key_der_1024; if (bytes < (size_t)sizeof_client_key_der_1024) bytes = (size_t)sizeof_client_cert_der_1024; #elif defined(USE_CERT_BUFFERS_2048) bytes = (size_t)sizeof_client_key_der_2048; if (bytes < (size_t)sizeof_client_cert_der_2048) bytes = (size_t)sizeof_client_cert_der_2048; #else bytes = FOURK_BUF; #endif ExpectNotNull(tmp = (byte*)XMALLOC(bytes, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); if (tmp != NULL) { #ifdef USE_CERT_BUFFERS_1024 XMEMCPY(tmp, client_key_der_1024, (size_t)sizeof_client_key_der_1024); #elif defined(USE_CERT_BUFFERS_2048) XMEMCPY(tmp, client_key_der_2048, (size_t)sizeof_client_key_der_2048); #elif !defined(NO_FILESYSTEM) XFILE file = XBADFILE; ExpectTrue((file = XFOPEN(clientKey, "rb")) != XBADFILE); ExpectIntGT(bytes = (size_t)XFREAD(tmp, 1, FOURK_BUF, file), 0); if (file != XBADFILE) XFCLOSE(file); } #else ExpectFail(); #endif } ExpectIntEQ(wc_InitRsaKey_ex(&rsa_key, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_RsaPrivateKeyDecode(tmp, &idx, &rsa_key, (word32)bytes), 0); /* Input for signature type RSA */ sig_type = WC_SIGNATURE_TYPE_RSA; key_len = sizeof(RsaKey); ExpectIntGT(wc_SignatureGetSize(sig_type, &rsa_key, key_len), 0); /* Test bad args */ /* // NOLINTBEGIN(clang-analyzer-optin.core.EnumCastOutOfRange) */ sig_type = (enum wc_SignatureType)100; /* // NOLINTEND(clang-analyzer-optin.core.EnumCastOutOfRange) */ ExpectIntEQ(wc_SignatureGetSize(sig_type, &rsa_key, key_len), BAD_FUNC_ARG); sig_type = WC_SIGNATURE_TYPE_RSA; ExpectIntEQ(wc_SignatureGetSize(sig_type, NULL, key_len), BAD_FUNC_ARG); key_len = (word32)0; ExpectIntEQ(wc_SignatureGetSize(sig_type, &rsa_key, key_len), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRsaKey(&rsa_key), 0); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); #endif /* !NO_SIG_WRAPPER && !NO_RSA */ return EXPECT_RESULT(); } /* END test_wc_SignatureGetSize_rsa(void) */ /*----------------------------------------------------------------------------* | hash.h Tests *----------------------------------------------------------------------------*/ static int test_wc_HashInit(void) { EXPECT_DECLS; int i; /* 0 indicates tests passed, 1 indicates failure */ wc_HashAlg hash; /* enum for holding supported algorithms, #ifndef's restrict if disabled */ enum wc_HashType enumArray[] = { #ifndef NO_MD5 WC_HASH_TYPE_MD5, #endif #ifndef NO_SHA WC_HASH_TYPE_SHA, #endif #ifdef WOLFSSL_SHA224 WC_HASH_TYPE_SHA224, #endif #ifndef NO_SHA256 WC_HASH_TYPE_SHA256, #endif #ifdef WOLFSSL_SHA384 WC_HASH_TYPE_SHA384, #endif #ifdef WOLFSSL_SHA512 WC_HASH_TYPE_SHA512, #endif }; /* dynamically finds the length */ int enumlen = (sizeof(enumArray)/sizeof(enum wc_HashType)); /* For loop to test various arguments... */ for (i = 0; i < enumlen; i++) { /* check for bad args */ ExpectIntEQ(wc_HashInit(&hash, enumArray[i]), 0); wc_HashFree(&hash, enumArray[i]); /* check for null ptr */ ExpectIntEQ(wc_HashInit(NULL, enumArray[i]), BAD_FUNC_ARG); } /* end of for loop */ return EXPECT_RESULT(); } /* end of test_wc_HashInit */ /* * Unit test function for wc_HashSetFlags() */ static int test_wc_HashSetFlags(void) { EXPECT_DECLS; #ifdef WOLFSSL_HASH_FLAGS wc_HashAlg hash; word32 flags = 0; int i, j; int notSupportedLen; /* enum for holding supported algorithms, #ifndef's restrict if disabled */ enum wc_HashType enumArray[] = { #ifndef NO_MD5 WC_HASH_TYPE_MD5, #endif #ifndef NO_SHA WC_HASH_TYPE_SHA, #endif #ifdef WOLFSSL_SHA224 WC_HASH_TYPE_SHA224, #endif #ifndef NO_SHA256 WC_HASH_TYPE_SHA256, #endif #ifdef WOLFSSL_SHA384 WC_HASH_TYPE_SHA384, #endif #ifdef WOLFSSL_SHA512 WC_HASH_TYPE_SHA512, #endif #ifdef WOLFSSL_SHA3 WC_HASH_TYPE_SHA3_224, #endif }; enum wc_HashType notSupported[] = { WC_HASH_TYPE_MD5_SHA, WC_HASH_TYPE_MD2, WC_HASH_TYPE_MD4, WC_HASH_TYPE_BLAKE2B, WC_HASH_TYPE_BLAKE2S, WC_HASH_TYPE_NONE, }; /* dynamically finds the length */ int enumlen = (sizeof(enumArray)/sizeof(enum wc_HashType)); /* For loop to test various arguments... */ for (i = 0; i < enumlen; i++) { ExpectIntEQ(wc_HashInit(&hash, enumArray[i]), 0); ExpectIntEQ(wc_HashSetFlags(&hash, enumArray[i], flags), 0); ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0); ExpectIntEQ(wc_HashSetFlags(NULL, enumArray[i], flags), BAD_FUNC_ARG); wc_HashFree(&hash, enumArray[i]); } /* For loop to test not supported cases */ notSupportedLen = (sizeof(notSupported)/sizeof(enum wc_HashType)); for (j = 0; j < notSupportedLen; j++) { ExpectIntEQ(wc_HashInit(&hash, notSupported[j]), BAD_FUNC_ARG); ExpectIntEQ(wc_HashSetFlags(&hash, notSupported[j], flags), BAD_FUNC_ARG); ExpectIntEQ(wc_HashFree(&hash, notSupported[j]), BAD_FUNC_ARG); } #endif return EXPECT_RESULT(); } /* END test_wc_HashSetFlags */ /* * Unit test function for wc_HashGetFlags() */ static int test_wc_HashGetFlags(void) { EXPECT_DECLS; #ifdef WOLFSSL_HASH_FLAGS wc_HashAlg hash; word32 flags = 0; int i, j; /* enum for holding supported algorithms, #ifndef's restrict if disabled */ enum wc_HashType enumArray[] = { #ifndef NO_MD5 WC_HASH_TYPE_MD5, #endif #ifndef NO_SHA WC_HASH_TYPE_SHA, #endif #ifdef WOLFSSL_SHA224 WC_HASH_TYPE_SHA224, #endif #ifndef NO_SHA256 WC_HASH_TYPE_SHA256, #endif #ifdef WOLFSSL_SHA384 WC_HASH_TYPE_SHA384, #endif #ifdef WOLFSSL_SHA512 WC_HASH_TYPE_SHA512, #endif #ifdef WOLFSSL_SHA3 WC_HASH_TYPE_SHA3_224, #endif }; enum wc_HashType notSupported[] = { WC_HASH_TYPE_MD5_SHA, WC_HASH_TYPE_MD2, WC_HASH_TYPE_MD4, WC_HASH_TYPE_BLAKE2B, WC_HASH_TYPE_BLAKE2S, WC_HASH_TYPE_NONE, }; int enumlen = (sizeof(enumArray)/sizeof(enum wc_HashType)); int notSupportedLen; /* For loop to test various arguments... */ for (i = 0; i < enumlen; i++) { ExpectIntEQ(wc_HashInit(&hash, enumArray[i]), 0); ExpectIntEQ(wc_HashGetFlags(&hash, enumArray[i], &flags), 0); ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0); ExpectIntEQ(wc_HashGetFlags(NULL, enumArray[i], &flags), BAD_FUNC_ARG); wc_HashFree(&hash, enumArray[i]); } /* For loop to test not supported cases */ notSupportedLen = (sizeof(notSupported)/sizeof(enum wc_HashType)); for (j = 0; j < notSupportedLen; j++) { ExpectIntEQ(wc_HashInit(&hash, notSupported[j]), BAD_FUNC_ARG); ExpectIntEQ(wc_HashGetFlags(&hash, notSupported[j], &flags), BAD_FUNC_ARG); ExpectIntEQ(wc_HashFree(&hash, notSupported[j]), BAD_FUNC_ARG); } #endif return EXPECT_RESULT(); } /* END test_wc_HashGetFlags */ /*----------------------------------------------------------------------------* | Compatibility Tests *----------------------------------------------------------------------------*/ /*----------------------------------------------------------------------------* | ASN.1 Tests *----------------------------------------------------------------------------*/ static int test_wolfSSL_ASN1_BIT_STRING(void) { EXPECT_DECLS; #if !defined(NO_CERTS) && defined(OPENSSL_ALL) ASN1_BIT_STRING* str = NULL; ExpectNotNull(str = ASN1_BIT_STRING_new()); /* Empty data testing. */ ExpectIntEQ(ASN1_BIT_STRING_get_bit(str, 1), 0); ASN1_BIT_STRING_free(str); str = NULL; ExpectNotNull(str = ASN1_BIT_STRING_new()); /* Invalid parameter testing. */ ExpectIntEQ(ASN1_BIT_STRING_set_bit(NULL, 42, 1), 0); ExpectIntEQ(ASN1_BIT_STRING_set_bit(str, -1, 1), 0); ExpectIntEQ(ASN1_BIT_STRING_set_bit(str, 42, 2), 0); ExpectIntEQ(ASN1_BIT_STRING_set_bit(str, 42, -1), 0); /* No bit string - bit is always 0. */ ExpectIntEQ(ASN1_BIT_STRING_get_bit(NULL, 42), 0); ExpectIntEQ(ASN1_BIT_STRING_get_bit(NULL, -1), 0); ExpectIntEQ(ASN1_BIT_STRING_get_bit(str, -1), 0); ExpectIntEQ(ASN1_BIT_STRING_get_bit(str, 0), 0); ExpectIntEQ(ASN1_BIT_STRING_set_bit(str, 42, 1), 1); ExpectIntEQ(ASN1_BIT_STRING_get_bit(str, 42), 1); ExpectIntEQ(ASN1_BIT_STRING_get_bit(str, 41), 0); ExpectIntEQ(ASN1_BIT_STRING_get_bit(str, -1), 0); ExpectIntEQ(ASN1_BIT_STRING_set_bit(str, 84, 1), 1); ExpectIntEQ(ASN1_BIT_STRING_get_bit(str, 84), 1); ExpectIntEQ(ASN1_BIT_STRING_get_bit(str, 83), 0); ExpectIntEQ(ASN1_BIT_STRING_set_bit(str, 91, 0), 1); ExpectIntEQ(ASN1_BIT_STRING_get_bit(str, 91), 0); ExpectIntEQ(ASN1_BIT_STRING_set_bit(str, 89, 0), 1); ExpectIntEQ(ASN1_BIT_STRING_get_bit(str, 89), 0); ExpectIntEQ(ASN1_BIT_STRING_set_bit(str, 42, 0), 1); ExpectIntEQ(ASN1_BIT_STRING_get_bit(str, 42), 0); ASN1_BIT_STRING_free(str); ASN1_BIT_STRING_free(NULL); #endif return EXPECT_RESULT(); } static int test_wolfSSL_ASN1_INTEGER(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) ASN1_INTEGER* a = NULL; ASN1_INTEGER* dup = NULL; const unsigned char invalidLenDer[] = { 0x02, 0x20, 0x00 }; const unsigned char longDer[] = { 0x02, 0x20, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 }; const unsigned char* p; /* Invalid parameter testing. */ ASN1_INTEGER_free(NULL); ExpectNull(wolfSSL_ASN1_INTEGER_dup(NULL)); ExpectNotNull(a = ASN1_INTEGER_new()); ExpectNotNull(dup = wolfSSL_ASN1_INTEGER_dup(a)); ASN1_INTEGER_free(dup); dup = NULL; ASN1_INTEGER_free(a); a = NULL; p = longDer; ExpectNull(d2i_ASN1_INTEGER(NULL, &p, sizeof(invalidLenDer))); p = longDer; ExpectNotNull(a = d2i_ASN1_INTEGER(NULL, &p, sizeof(longDer))); ExpectPtrNE(p, longDer); ExpectNotNull(dup = wolfSSL_ASN1_INTEGER_dup(a)); ASN1_INTEGER_free(dup); ASN1_INTEGER_free(a); #endif return EXPECT_RESULT(); } static int test_wolfSSL_ASN1_INTEGER_cmp(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) ASN1_INTEGER* a = NULL; ASN1_INTEGER* b = NULL; ExpectNotNull(a = ASN1_INTEGER_new()); ExpectNotNull(b = ASN1_INTEGER_new()); ExpectIntEQ(ASN1_INTEGER_set(a, 1), 1); ExpectIntEQ(ASN1_INTEGER_set(b, 1), 1); /* Invalid parameter testing. */ ExpectIntEQ(wolfSSL_ASN1_INTEGER_cmp(NULL, NULL), -1); ExpectIntEQ(wolfSSL_ASN1_INTEGER_cmp(a, NULL), -1); ExpectIntEQ(wolfSSL_ASN1_INTEGER_cmp(NULL, b), -1); ExpectIntEQ(wolfSSL_ASN1_INTEGER_cmp(a, b), 0); ExpectIntEQ(ASN1_INTEGER_set(b, -1), 1); ExpectIntGT(wolfSSL_ASN1_INTEGER_cmp(a, b), 0); ExpectIntEQ(ASN1_INTEGER_set(a, -2), 1); ExpectIntLT(wolfSSL_ASN1_INTEGER_cmp(a, b), 0); ExpectIntEQ(ASN1_INTEGER_set(b, 1), 1); ExpectIntLT(wolfSSL_ASN1_INTEGER_cmp(a, b), 0); ExpectIntEQ(ASN1_INTEGER_set(a, 0x01), 1); ExpectIntEQ(ASN1_INTEGER_set(b, 0x1000), 1); ExpectIntLT(wolfSSL_ASN1_INTEGER_cmp(a, b), 0); ExpectIntGT(wolfSSL_ASN1_INTEGER_cmp(b, a), 0); ASN1_INTEGER_free(b); ASN1_INTEGER_free(a); #endif return EXPECT_RESULT(); } static int test_wolfSSL_ASN1_INTEGER_BN(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) ASN1_INTEGER* ai = NULL; ASN1_INTEGER* ai2 = NULL; BIGNUM* bn = NULL; BIGNUM* bn2 = NULL; ExpectNotNull(ai = ASN1_INTEGER_new()); ExpectNotNull(bn2 = BN_new()); /* Invalid parameter testing. */ ExpectNull(bn = ASN1_INTEGER_to_BN(NULL, NULL)); ExpectNull(ai2 = BN_to_ASN1_INTEGER(NULL, NULL)); /* at the moment hard setting since no set function */ if (ai != NULL) { ai->data[0] = 0xff; /* No DER encoding. */ ai->length = 1; } #if defined(WOLFSSL_QT) || defined(WOLFSSL_HAPROXY) ExpectNotNull(bn = ASN1_INTEGER_to_BN(ai, NULL)); BN_free(bn); bn = NULL; #else ExpectNull(ASN1_INTEGER_to_BN(ai, NULL)); #endif if (ai != NULL) { ai->data[0] = 0x02; /* tag for ASN_INTEGER */ ai->data[1] = 0x04; /* bad length of integer */ ai->data[2] = 0x03; ai->length = 3; } #if defined(WOLFSSL_QT) || defined(WOLFSSL_HAPROXY) /* Interpreted as a number 0x020403. */ ExpectNotNull(bn = ASN1_INTEGER_to_BN(ai, NULL)); BN_free(bn); bn = NULL; #else ExpectNull(ASN1_INTEGER_to_BN(ai, NULL)); #endif if (ai != NULL) { ai->data[0] = 0x02; /* tag for ASN_INTEGER */ ai->data[1] = 0x01; /* length of integer */ ai->data[2] = 0x03; ai->length = 3; } ExpectNotNull(bn = ASN1_INTEGER_to_BN(ai, NULL)); ExpectNotNull(ai2 = BN_to_ASN1_INTEGER(bn, NULL)); ExpectIntEQ(ASN1_INTEGER_cmp(ai, ai2), 0); ExpectNotNull(bn2 = ASN1_INTEGER_to_BN(ai2, bn2)); ExpectIntEQ(BN_cmp(bn, bn2), 0); if (ai != NULL) { ai->data[0] = 0x02; /* tag for ASN_INTEGER */ ai->data[1] = 0x02; /* length of integer */ ai->data[2] = 0x00; /* padding byte to ensure positive */ ai->data[3] = 0xff; ai->length = 4; } ExpectNotNull(bn = ASN1_INTEGER_to_BN(ai, bn)); ExpectNotNull(ai2 = BN_to_ASN1_INTEGER(bn, ai2)); ExpectIntEQ(ASN1_INTEGER_cmp(ai, ai2), 0); ExpectNotNull(bn2 = ASN1_INTEGER_to_BN(ai2, bn2)); ExpectIntEQ(BN_cmp(bn, bn2), 0); if (ai != NULL) { ai->data[0] = 0x02; /* tag for ASN_INTEGER */ ai->data[1] = 0x01; /* length of integer */ ai->data[2] = 0x00; ai->length = 3; } ExpectNotNull(bn = ASN1_INTEGER_to_BN(ai, bn)); ExpectNotNull(ai2 = BN_to_ASN1_INTEGER(bn, ai2)); ExpectIntEQ(ASN1_INTEGER_cmp(ai, ai2), 0); ExpectNotNull(bn2 = ASN1_INTEGER_to_BN(ai2, bn2)); ExpectIntEQ(BN_cmp(bn, bn2), 0); if (ai != NULL) { ai->data[0] = 0x02; /* tag for ASN_INTEGER */ ai->data[1] = 0x01; /* length of integer */ ai->data[2] = 0x01; ai->length = 3; ai->negative = 1; } ExpectNotNull(bn = ASN1_INTEGER_to_BN(ai, bn)); ExpectNotNull(ai2 = BN_to_ASN1_INTEGER(bn, ai2)); ExpectIntEQ(ASN1_INTEGER_cmp(ai, ai2), 0); ExpectNotNull(bn2 = ASN1_INTEGER_to_BN(ai2, bn2)); ExpectIntEQ(BN_cmp(bn, bn2), 0); BN_free(bn2); BN_free(bn); ASN1_INTEGER_free(ai2); ASN1_INTEGER_free(ai); #endif return EXPECT_RESULT(); } static int test_wolfSSL_ASN1_INTEGER_get_set(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) ASN1_INTEGER *a = NULL; long val; ExpectNotNull(a = ASN1_INTEGER_new()); /* Invalid parameter testing. */ ExpectIntEQ(ASN1_INTEGER_get(NULL), 0); #if defined(WOLFSSL_QT) || defined(WOLFSSL_HAPROXY) ExpectIntEQ(ASN1_INTEGER_get(a), 0); #else ExpectIntEQ(ASN1_INTEGER_get(a), -1); #endif ASN1_INTEGER_free(a); a = NULL; ExpectNotNull(a = ASN1_INTEGER_new()); val = 0; ExpectIntEQ(ASN1_INTEGER_set(NULL, val), 0); ASN1_INTEGER_free(a); a = NULL; /* 0 */ ExpectNotNull(a = ASN1_INTEGER_new()); val = 0; ExpectIntEQ(ASN1_INTEGER_set(a, val), 1); ExpectTrue(ASN1_INTEGER_get(a) == val); ASN1_INTEGER_free(a); a = NULL; /* 40 */ ExpectNotNull(a = ASN1_INTEGER_new()); val = 40; ExpectIntEQ(ASN1_INTEGER_set(a, val), 1); ExpectTrue(ASN1_INTEGER_get(a) == val); ASN1_INTEGER_free(a); a = NULL; /* -40 */ ExpectNotNull(a = ASN1_INTEGER_new()); val = -40; ExpectIntEQ(ASN1_INTEGER_set(a, val), 1); ExpectTrue(ASN1_INTEGER_get(a) == val); ASN1_INTEGER_free(a); a = NULL; /* 128 */ ExpectNotNull(a = ASN1_INTEGER_new()); val = 128; ExpectIntEQ(ASN1_INTEGER_set(a, val), 1); ExpectTrue(ASN1_INTEGER_get(a) == val); ASN1_INTEGER_free(a); a = NULL; /* -128 */ ExpectNotNull(a = ASN1_INTEGER_new()); val = -128; ExpectIntEQ(ASN1_INTEGER_set(a, val), 1); ExpectTrue(ASN1_INTEGER_get(a) == val); ASN1_INTEGER_free(a); a = NULL; /* 200 */ ExpectNotNull(a = ASN1_INTEGER_new()); val = 200; ExpectIntEQ(ASN1_INTEGER_set(a, val), 1); ExpectTrue(ASN1_INTEGER_get(a) == val); ASN1_INTEGER_free(a); a = NULL; /* int max (2147483647) */ ExpectNotNull(a = ASN1_INTEGER_new()); val = 2147483647; ExpectIntEQ(ASN1_INTEGER_set(a, val), 1); ExpectTrue(ASN1_INTEGER_get(a) == val); ASN1_INTEGER_free(a); a = NULL; /* int min (-2147483648) */ ExpectNotNull(a = ASN1_INTEGER_new()); val = -2147483647 - 1; ExpectIntEQ(ASN1_INTEGER_set(a, val), 1); ExpectTrue(ASN1_INTEGER_get(a) == val); ASN1_INTEGER_free(a); a = NULL; /* long max positive */ ExpectNotNull(a = ASN1_INTEGER_new()); val = (long)(((unsigned long)-1) >> 1); ExpectIntEQ(ASN1_INTEGER_set(a, val), 1); ExpectTrue(ASN1_INTEGER_get(a) == val); ASN1_INTEGER_free(a); #endif return EXPECT_RESULT(); } #if defined(OPENSSL_EXTRA) typedef struct ASN1IntTestVector { const byte* der; const size_t derSz; const long value; } ASN1IntTestVector; #endif static int test_wolfSSL_d2i_ASN1_INTEGER(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) size_t i; WOLFSSL_ASN1_INTEGER* a = NULL; WOLFSSL_ASN1_INTEGER* b = NULL; WOLFSSL_ASN1_INTEGER* c = NULL; const byte* p = NULL; byte* p2 = NULL; byte* reEncoded = NULL; int reEncodedSz = 0; static const byte zeroDer[] = { 0x02, 0x01, 0x00 }; static const byte oneDer[] = { 0x02, 0x01, 0x01 }; static const byte negativeDer[] = { 0x02, 0x03, 0xC1, 0x16, 0x0D }; static const byte positiveDer[] = { 0x02, 0x03, 0x01, 0x00, 0x01 }; static const byte primeDer[] = { 0x02, 0x82, 0x01, 0x01, 0x00, 0xc0, 0x95, 0x08, 0xe1, 0x57, 0x41, 0xf2, 0x71, 0x6d, 0xb7, 0xd2, 0x45, 0x41, 0x27, 0x01, 0x65, 0xc6, 0x45, 0xae, 0xf2, 0xbc, 0x24, 0x30, 0xb8, 0x95, 0xce, 0x2f, 0x4e, 0xd6, 0xf6, 0x1c, 0x88, 0xbc, 0x7c, 0x9f, 0xfb, 0xa8, 0x67, 0x7f, 0xfe, 0x5c, 0x9c, 0x51, 0x75, 0xf7, 0x8a, 0xca, 0x07, 0xe7, 0x35, 0x2f, 0x8f, 0xe1, 0xbd, 0x7b, 0xc0, 0x2f, 0x7c, 0xab, 0x64, 0xa8, 0x17, 0xfc, 0xca, 0x5d, 0x7b, 0xba, 0xe0, 0x21, 0xe5, 0x72, 0x2e, 0x6f, 0x2e, 0x86, 0xd8, 0x95, 0x73, 0xda, 0xac, 0x1b, 0x53, 0xb9, 0x5f, 0x3f, 0xd7, 0x19, 0x0d, 0x25, 0x4f, 0xe1, 0x63, 0x63, 0x51, 0x8b, 0x0b, 0x64, 0x3f, 0xad, 0x43, 0xb8, 0xa5, 0x1c, 0x5c, 0x34, 0xb3, 0xae, 0x00, 0xa0, 0x63, 0xc5, 0xf6, 0x7f, 0x0b, 0x59, 0x68, 0x78, 0x73, 0xa6, 0x8c, 0x18, 0xa9, 0x02, 0x6d, 0xaf, 0xc3, 0x19, 0x01, 0x2e, 0xb8, 0x10, 0xe3, 0xc6, 0xcc, 0x40, 0xb4, 0x69, 0xa3, 0x46, 0x33, 0x69, 0x87, 0x6e, 0xc4, 0xbb, 0x17, 0xa6, 0xf3, 0xe8, 0xdd, 0xad, 0x73, 0xbc, 0x7b, 0x2f, 0x21, 0xb5, 0xfd, 0x66, 0x51, 0x0c, 0xbd, 0x54, 0xb3, 0xe1, 0x6d, 0x5f, 0x1c, 0xbc, 0x23, 0x73, 0xd1, 0x09, 0x03, 0x89, 0x14, 0xd2, 0x10, 0xb9, 0x64, 0xc3, 0x2a, 0xd0, 0xa1, 0x96, 0x4a, 0xbc, 0xe1, 0xd4, 0x1a, 0x5b, 0xc7, 0xa0, 0xc0, 0xc1, 0x63, 0x78, 0x0f, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xa1, 0x77, 0xba, 0x13, 0xd2, 0x97, 0x73, 0xe2, 0x5d, 0x25, 0xc9, 0x6a, 0x0d, 0xc3, 0x39, 0x60, 0xa4, 0xb4, 0xb0, 0x69, 0x42, 0x42, 0x09, 0xe9, 0xd8, 0x08, 0xbc, 0x33, 0x20, 0xb3, 0x58, 0x22, 0xa7, 0xaa, 0xeb, 0xc4, 0xe1, 0xe6, 0x61, 0x83, 0xc5, 0xd2, 0x96, 0xdf, 0xd9, 0xd0, 0x4f, 0xad, 0xd7 }; static const byte garbageDer[] = {0xDE, 0xAD, 0xBE, 0xEF}; static const ASN1IntTestVector testVectors[] = { {zeroDer, sizeof(zeroDer), 0}, {oneDer, sizeof(oneDer), 1}, {negativeDer, sizeof(negativeDer), -4123123}, {positiveDer, sizeof(positiveDer), 65537}, {primeDer, sizeof(primeDer), 0} }; static const size_t NUM_TEST_VECTORS = sizeof(testVectors)/sizeof(testVectors[0]); /* Check d2i error conditions */ /* NULL pointer to input. */ ExpectNull((a = wolfSSL_d2i_ASN1_INTEGER(&b, NULL, 1))); ExpectNull(b); /* NULL input. */ ExpectNull((a = wolfSSL_d2i_ASN1_INTEGER(&b, &p, 1))); ExpectNull(b); /* 0 length. */ p = testVectors[0].der; ExpectNull((a = wolfSSL_d2i_ASN1_INTEGER(&b, &p, 0))); ExpectNull(b); /* Negative length. */ p = testVectors[0].der; ExpectNull((a = wolfSSL_d2i_ASN1_INTEGER(&b, &p, -1))); ExpectNull(b); /* Garbage DER input. */ p = garbageDer; ExpectNull((a = wolfSSL_d2i_ASN1_INTEGER(&b, &p, sizeof(garbageDer)))); ExpectNull(b); /* Check i2d error conditions */ /* NULL input. */ ExpectIntLT(wolfSSL_i2d_ASN1_INTEGER(NULL, &p2), 0); /* 0 length input data buffer (a->length == 0). */ ExpectNotNull((a = wolfSSL_ASN1_INTEGER_new())); ExpectIntLT(wolfSSL_i2d_ASN1_INTEGER(a, &p2), 0); if (a != NULL) a->data = NULL; /* NULL input data buffer. */ ExpectIntLT(wolfSSL_i2d_ASN1_INTEGER(a, &p2), 0); if (a != NULL) { /* Reset a->data. */ a->data = a->intData; } /* Set a to valid value. */ ExpectIntEQ(wolfSSL_ASN1_INTEGER_set(a, 1), WOLFSSL_SUCCESS); /* NULL output buffer. */ ExpectIntLT(wolfSSL_i2d_ASN1_INTEGER(a, NULL), 0); wolfSSL_ASN1_INTEGER_free(a); a = NULL; for (i = 0; i < NUM_TEST_VECTORS; ++i) { p = testVectors[i].der; ExpectNotNull(a = wolfSSL_d2i_ASN1_INTEGER(&b, &p, testVectors[i].derSz)); ExpectIntEQ(wolfSSL_ASN1_INTEGER_cmp(a, b), 0); if (testVectors[i].derSz <= sizeof(long)) { ExpectNotNull(c = wolfSSL_ASN1_INTEGER_new()); ExpectIntEQ(wolfSSL_ASN1_INTEGER_set(c, testVectors[i].value), 1); ExpectIntEQ(wolfSSL_ASN1_INTEGER_cmp(a, c), 0); wolfSSL_ASN1_INTEGER_free(c); c = NULL; } /* Convert to DER without a pre-allocated output buffer. */ ExpectIntGT((reEncodedSz = wolfSSL_i2d_ASN1_INTEGER(a, &reEncoded)), 0); ExpectIntEQ(reEncodedSz, testVectors[i].derSz); ExpectIntEQ(XMEMCMP(reEncoded, testVectors[i].der, reEncodedSz), 0); /* Convert to DER with a pre-allocated output buffer. In this case, the * output buffer pointer should be incremented just past the end of the * encoded data. */ p2 = reEncoded; ExpectIntGT((reEncodedSz = wolfSSL_i2d_ASN1_INTEGER(a, &p2)), 0); ExpectIntEQ(reEncodedSz, testVectors[i].derSz); ExpectPtrEq(reEncoded, p2 - reEncodedSz); ExpectIntEQ(XMEMCMP(reEncoded, testVectors[i].der, reEncodedSz), 0); XFREE(reEncoded, NULL, DYNAMIC_TYPE_ASN1); reEncoded = NULL; wolfSSL_ASN1_INTEGER_free(a); a = NULL; } #endif /* OPENSSL_EXTRA */ return EXPECT_RESULT(); } static int test_wolfSSL_a2i_ASN1_INTEGER(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_BIO) BIO* bio = NULL; BIO* out = NULL; BIO* fixed = NULL; ASN1_INTEGER* ai = NULL; char buf[] = "123456\n12345\n1123456789123456\\\n78901234567890 \r\n\n"; char tmp[1024]; int tmpSz; const char expected1[] = "123456"; const char expected2[] = "112345678912345678901234567890"; char longStr[] = "123456781234567812345678123456781234567812345678\n" "123456781234567812345678123456781234567812345678\\\n12345678\n"; ExpectNotNull(out = BIO_new(BIO_s_mem())); ExpectNotNull(ai = ASN1_INTEGER_new()); ExpectNotNull(bio = BIO_new_mem_buf(buf, -1)); /* Invalid parameter testing. */ ExpectIntEQ(a2i_ASN1_INTEGER(NULL, NULL, NULL, -1), 0); ExpectIntEQ(a2i_ASN1_INTEGER(bio, NULL, NULL, -1), 0); ExpectIntEQ(a2i_ASN1_INTEGER(NULL, ai, NULL, -1), 0); ExpectIntEQ(a2i_ASN1_INTEGER(NULL, NULL, tmp, -1), 0); ExpectIntEQ(a2i_ASN1_INTEGER(NULL, NULL, NULL, 1024), 0); ExpectIntEQ(a2i_ASN1_INTEGER(NULL, ai, tmp, 1024), 0); ExpectIntEQ(a2i_ASN1_INTEGER(bio, NULL, tmp, 1024), 0); ExpectIntEQ(a2i_ASN1_INTEGER(bio, ai, NULL, 1024), 0); ExpectIntEQ(a2i_ASN1_INTEGER(bio, ai, tmp, -1), 0); ExpectIntEQ(i2a_ASN1_INTEGER(NULL, NULL), 0); ExpectIntEQ(i2a_ASN1_INTEGER(bio, NULL), 0); ExpectIntEQ(i2a_ASN1_INTEGER(NULL, ai), 0); /* No data to read from BIO. */ ExpectIntEQ(a2i_ASN1_INTEGER(out, ai, tmp, 1024), 0); /* read first line */ ExpectIntEQ(a2i_ASN1_INTEGER(bio, ai, tmp, 1024), 1); ExpectIntEQ(i2a_ASN1_INTEGER(out, ai), 6); XMEMSET(tmp, 0, 1024); tmpSz = BIO_read(out, tmp, 1024); ExpectIntEQ(tmpSz, 6); ExpectIntEQ(XMEMCMP(tmp, expected1, tmpSz), 0); /* fail on second line (not % 2) */ ExpectIntEQ(a2i_ASN1_INTEGER(bio, ai, tmp, 1024), 0); /* read 3rd long line */ ExpectIntEQ(a2i_ASN1_INTEGER(bio, ai, tmp, 1024), 1); ExpectIntEQ(i2a_ASN1_INTEGER(out, ai), 30); XMEMSET(tmp, 0, 1024); tmpSz = BIO_read(out, tmp, 1024); ExpectIntEQ(tmpSz, 30); ExpectIntEQ(XMEMCMP(tmp, expected2, tmpSz), 0); /* fail on empty line */ ExpectIntEQ(a2i_ASN1_INTEGER(bio, ai, tmp, 1024), 0); BIO_free(bio); bio = NULL; /* Make long integer, requiring dynamic memory, even longer. */ ExpectNotNull(bio = BIO_new_mem_buf(longStr, -1)); ExpectIntEQ(a2i_ASN1_INTEGER(bio, ai, tmp, 1024), 1); ExpectIntEQ(i2a_ASN1_INTEGER(out, ai), 48); XMEMSET(tmp, 0, 1024); tmpSz = BIO_read(out, tmp, 1024); ExpectIntEQ(tmpSz, 48); ExpectIntEQ(a2i_ASN1_INTEGER(bio, ai, tmp, 1024), 1); ExpectIntEQ(i2a_ASN1_INTEGER(out, ai), 56); XMEMSET(tmp, 0, 1024); tmpSz = BIO_read(out, tmp, 1024); ExpectIntEQ(tmpSz, 56); ExpectIntEQ(wolfSSL_ASN1_INTEGER_set(ai, 1), 1); BIO_free(bio); BIO_free(out); ExpectNotNull(fixed = BIO_new(wolfSSL_BIO_s_fixed_mem())); ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1); /* Ensure there is 0 bytes available to write into. */ ExpectIntEQ(BIO_write(fixed, tmp, 1), 1); ExpectIntEQ(i2a_ASN1_INTEGER(fixed, ai), 0); ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1); ExpectIntEQ(i2a_ASN1_INTEGER(fixed, ai), 0); BIO_free(fixed); ASN1_INTEGER_free(ai); #endif return EXPECT_RESULT(); } static int test_wolfSSL_i2c_ASN1_INTEGER(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) ASN1_INTEGER *a = NULL; unsigned char *pp = NULL,*tpp = NULL; int ret = 0; ExpectNotNull(a = wolfSSL_ASN1_INTEGER_new()); /* Invalid parameter testing. */ /* Set pp to an invalid value. */ pp = NULL; ExpectIntEQ(i2c_ASN1_INTEGER(NULL, &pp), 0); ExpectIntEQ(i2c_ASN1_INTEGER(a, &pp), 0); ExpectIntEQ(i2c_ASN1_INTEGER(NULL, NULL), 0); /* 40 */ if (a != NULL) { a->intData[0] = ASN_INTEGER; a->intData[1] = 1; a->intData[2] = 40; } ExpectIntEQ(ret = i2c_ASN1_INTEGER(a, NULL), 1); ExpectNotNull(pp = (unsigned char*)XMALLOC(ret + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER)); tpp = pp; ExpectNotNull(XMEMSET(tpp, 0, ret + 1)); ExpectIntEQ(i2c_ASN1_INTEGER(a, &tpp), 1); tpp--; ExpectIntEQ(*tpp, 40); XFREE(pp, NULL, DYNAMIC_TYPE_TMP_BUFFER); pp = NULL; /* 128 */ if (a != NULL) { a->intData[0] = ASN_INTEGER; a->intData[1] = 1; a->intData[2] = 128; } ExpectIntEQ(ret = i2c_ASN1_INTEGER(a, NULL), 2); ExpectNotNull(pp = (unsigned char*)XMALLOC(ret + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER)); tpp = pp; if (tpp != NULL) { ExpectNotNull(XMEMSET(tpp, 0, ret + 1)); ExpectIntEQ(i2c_ASN1_INTEGER(a, &tpp), 2); tpp--; ExpectIntEQ(*(tpp--), 128); ExpectIntEQ(*tpp, 0); } XFREE(pp, NULL, DYNAMIC_TYPE_TMP_BUFFER); pp = NULL; /* -40 */ if (a != NULL) { a->intData[0] = ASN_INTEGER; a->intData[1] = 1; a->intData[2] = 40; a->negative = 1; } ExpectIntEQ(ret = i2c_ASN1_INTEGER(a, NULL), 1); ExpectNotNull(pp = (unsigned char*)XMALLOC(ret + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER)); tpp = pp; if (tpp != NULL) { ExpectNotNull(XMEMSET(tpp, 0, ret + 1)); ExpectIntEQ(i2c_ASN1_INTEGER(a, &tpp), 1); tpp--; ExpectIntEQ(*tpp, 216); } XFREE(pp, NULL, DYNAMIC_TYPE_TMP_BUFFER); pp = NULL; /* -128 */ if (a != NULL) { a->intData[0] = ASN_INTEGER; a->intData[1] = 1; a->intData[2] = 128; a->negative = 1; } ExpectIntEQ(ret = i2c_ASN1_INTEGER(a, NULL), 1); ExpectNotNull(pp = (unsigned char*)XMALLOC(ret + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER)); tpp = pp; if (tpp != NULL) { ExpectNotNull(XMEMSET(tpp, 0, ret + 1)); ExpectIntEQ(i2c_ASN1_INTEGER(a, &tpp), 1); tpp--; ExpectIntEQ(*tpp, 128); } XFREE(pp, NULL, DYNAMIC_TYPE_TMP_BUFFER); pp = NULL; /* -200 */ if (a != NULL) { a->intData[0] = ASN_INTEGER; a->intData[1] = 1; a->intData[2] = 200; a->negative = 1; } ExpectIntEQ(ret = i2c_ASN1_INTEGER(a, NULL), 2); ExpectNotNull(pp = (unsigned char*)XMALLOC(ret + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER)); tpp = pp; if (tpp != NULL) { ExpectNotNull(XMEMSET(tpp, 0, ret + 1)); ExpectIntEQ(i2c_ASN1_INTEGER(a, &tpp), 2); tpp--; ExpectIntEQ(*(tpp--), 56); ExpectIntEQ(*tpp, 255); } XFREE(pp, NULL, DYNAMIC_TYPE_TMP_BUFFER); pp = NULL; /* Empty */ if (a != NULL) { a->intData[0] = ASN_INTEGER; a->intData[1] = 0; a->negative = 0; } ExpectIntEQ(ret = i2c_ASN1_INTEGER(a, NULL), 1); ExpectNotNull(pp = (unsigned char*)XMALLOC(ret + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER)); tpp = pp; if (tpp != NULL) { ExpectNotNull(XMEMSET(tpp, 0, ret + 1)); ExpectIntEQ(i2c_ASN1_INTEGER(a, &tpp), 1); tpp--; ExpectIntEQ(*tpp, 0); } XFREE(pp, NULL, DYNAMIC_TYPE_TMP_BUFFER); pp = NULL; /* 0 */ if (a != NULL) { a->intData[0] = ASN_INTEGER; a->intData[1] = 1; a->intData[2] = 0; a->negative = 1; } ExpectIntEQ(ret = i2c_ASN1_INTEGER(a, NULL), 1); ExpectNotNull(pp = (unsigned char*)XMALLOC(ret + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER)); if (tpp != NULL) { tpp = pp; ExpectNotNull(XMEMSET(tpp, 0, ret + 1)); ExpectIntEQ(i2c_ASN1_INTEGER(a, &tpp), 1); tpp--; ExpectIntEQ(*tpp, 0); } XFREE(pp, NULL, DYNAMIC_TYPE_TMP_BUFFER); pp = NULL; /* 0x100 */ if (a != NULL) { a->intData[0] = ASN_INTEGER; a->intData[1] = 2; a->intData[2] = 0x01; a->intData[3] = 0x00; a->negative = 0; } ExpectIntEQ(ret = i2c_ASN1_INTEGER(a, NULL), 2); ExpectNotNull(pp = (unsigned char*)XMALLOC(ret + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER)); if (tpp != NULL) { tpp = pp; ExpectNotNull(XMEMSET(tpp, 0, ret + 1)); ExpectIntEQ(i2c_ASN1_INTEGER(a, &tpp), 2); tpp -= 2; ExpectIntEQ(tpp[0], 0x01); ExpectIntEQ(tpp[1], 0x00); } XFREE(pp, NULL, DYNAMIC_TYPE_TMP_BUFFER); pp = NULL; /* -0x8000 => 0x8000 */ if (a != NULL) { a->intData[0] = ASN_INTEGER; a->intData[1] = 2; a->intData[2] = 0x80; a->intData[3] = 0x00; a->negative = 1; } ExpectIntEQ(ret = i2c_ASN1_INTEGER(a, NULL), 2); ExpectNotNull(pp = (unsigned char*)XMALLOC(ret + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER)); tpp = pp; if (tpp != NULL) { ExpectNotNull(XMEMSET(tpp, 0, ret + 1)); ExpectIntEQ(i2c_ASN1_INTEGER(a, &tpp), 2); tpp -= 2; ExpectIntEQ(tpp[0], 0x80); ExpectIntEQ(tpp[1], 0x00); } XFREE(pp, NULL, DYNAMIC_TYPE_TMP_BUFFER); pp = NULL; /* -0x8001 => 0xFF7FFF */ if (a != NULL) { a->intData[0] = ASN_INTEGER; a->intData[1] = 2; a->intData[2] = 0x80; a->intData[3] = 0x01; a->negative = 1; } ExpectIntEQ(ret = i2c_ASN1_INTEGER(a, NULL), 3); ExpectNotNull(pp = (unsigned char*)XMALLOC(ret + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER)); tpp = pp; if (tpp != NULL) { ExpectNotNull(XMEMSET(tpp, 0, ret + 1)); ExpectIntEQ(i2c_ASN1_INTEGER(a, &tpp), 3); tpp -= 3; ExpectIntEQ(tpp[0], 0xFF); ExpectIntEQ(tpp[1], 0x7F); ExpectIntEQ(tpp[2], 0xFF); } XFREE(pp, NULL, DYNAMIC_TYPE_TMP_BUFFER); wolfSSL_ASN1_INTEGER_free(a); #endif /* OPENSSL_EXTRA && !NO_ASN */ return EXPECT_RESULT(); } static int test_wolfSSL_ASN1_OBJECT(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) ASN1_OBJECT* a = NULL; ASN1_OBJECT s; const unsigned char der[] = { 0x06, 0x01, 0x00 }; /* Invalid parameter testing. */ ASN1_OBJECT_free(NULL); ExpectNull(wolfSSL_ASN1_OBJECT_dup(NULL)); /* Test that a static ASN1_OBJECT can be freed. */ XMEMSET(&s, 0, sizeof(ASN1_OBJECT)); ASN1_OBJECT_free(&s); ExpectNotNull(a = wolfSSL_ASN1_OBJECT_dup(&s)); ASN1_OBJECT_free(a); a = NULL; s.obj = der; s.objSz = sizeof(der); ExpectNotNull(a = wolfSSL_ASN1_OBJECT_dup(&s)); ASN1_OBJECT_free(a); ASN1_OBJECT_free(&s); #endif /* OPENSSL_EXTRA */ return EXPECT_RESULT(); } static int test_wolfSSL_ASN1_get_object(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256) const unsigned char* derBuf = cliecc_cert_der_256; const unsigned char* nullPtr = NULL; const unsigned char objDerInvalidLen[] = { 0x30, 0x81 }; const unsigned char objDerBadLen[] = { 0x30, 0x04 }; const unsigned char objDerNotObj[] = { 0x02, 0x01, 0x00 }; const unsigned char objDerNoData[] = { 0x06, 0x00 }; const unsigned char* p; unsigned char objDer[8]; unsigned char* der; unsigned char* derPtr; int len = sizeof_cliecc_cert_der_256; long asnLen = 0; int tag = 0; int cls = 0; ASN1_OBJECT* a = NULL; ASN1_OBJECT s; XMEMSET(&s, 0, sizeof(ASN1_OBJECT)); /* Invalid encoding at length. */ p = objDerInvalidLen; ExpectIntEQ(ASN1_get_object(&p, &asnLen, &tag, &cls, sizeof(objDerBadLen)), 0x80); p = objDerBadLen; /* Error = 0x80, Constructed = 0x20 */ ExpectIntEQ(ASN1_get_object(&p, &asnLen, &tag, &cls, sizeof(objDerBadLen)), 0x80 | 0x20); /* Read a couple TLV triplets and make sure they match the expected values */ /* SEQUENCE */ ExpectIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls, len) & 0x80, 0); ExpectIntEQ(asnLen, 861); ExpectIntEQ(tag, 0x10); ExpectIntEQ(cls, 0); /* SEQUENCE */ ExpectIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls, len - (derBuf - cliecc_cert_der_256)) & 0x80, 0); ExpectIntEQ(asnLen, 772); ExpectIntEQ(tag, 0x10); ExpectIntEQ(cls, 0); /* [0] */ ExpectIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls, len - (derBuf - cliecc_cert_der_256)) & 0x80, 0); ExpectIntEQ(asnLen, 3); ExpectIntEQ(tag, 0); ExpectIntEQ(cls, 0x80); /* INTEGER */ ExpectIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls, len - (derBuf - cliecc_cert_der_256)) & 0x80, 0); ExpectIntEQ(asnLen, 1); ExpectIntEQ(tag, 0x2); ExpectIntEQ(cls, 0); derBuf += asnLen; /* INTEGER */ ExpectIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls, len - (derBuf - cliecc_cert_der_256)) & 0x80, 0); ExpectIntEQ(asnLen, 20); ExpectIntEQ(tag, 0x2); ExpectIntEQ(cls, 0); derBuf += asnLen; /* SEQUENCE */ ExpectIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls, len - (derBuf - cliecc_cert_der_256)) & 0x80, 0); ExpectIntEQ(asnLen, 10); ExpectIntEQ(tag, 0x10); ExpectIntEQ(cls, 0); /* Found OBJECT_ID. */ /* Invalid parameter testing. */ ExpectIntEQ(ASN1_get_object(NULL, NULL, NULL, NULL, 0), 0x80); ExpectIntEQ(ASN1_get_object(&nullPtr, NULL, NULL, NULL, 0), 0x80); ExpectIntEQ(ASN1_get_object(NULL, &asnLen, &tag, &cls, len), 0x80); ExpectIntEQ(ASN1_get_object(&nullPtr, &asnLen, &tag, &cls, len), 0x80); ExpectIntEQ(ASN1_get_object(&derBuf, NULL, &tag, &cls, len), 0x80); ExpectIntEQ(ASN1_get_object(&derBuf, &asnLen, NULL, &cls, len), 0x80); ExpectIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, NULL, len), 0x80); ExpectIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls, 0), 0x80); ExpectIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls, -1), 0x80); ExpectNull(d2i_ASN1_OBJECT(NULL, NULL, -1)); ExpectNull(d2i_ASN1_OBJECT(NULL, &nullPtr, -1)); ExpectNull(d2i_ASN1_OBJECT(NULL, &derBuf, -1)); ExpectNull(d2i_ASN1_OBJECT(NULL, NULL, 0)); ExpectNull(d2i_ASN1_OBJECT(&a, NULL, len)); ExpectNull(d2i_ASN1_OBJECT(&a, &nullPtr, len)); ExpectNull(d2i_ASN1_OBJECT(&a, &derBuf, -1)); ExpectNull(c2i_ASN1_OBJECT(NULL, NULL, -1)); ExpectNull(c2i_ASN1_OBJECT(NULL, &nullPtr, -1)); ExpectNull(c2i_ASN1_OBJECT(NULL, &derBuf, -1)); ExpectNull(c2i_ASN1_OBJECT(NULL, NULL, 1)); ExpectNull(c2i_ASN1_OBJECT(NULL, &nullPtr, 1)); /* Invalid encoding at length. */ p = objDerInvalidLen; ExpectNull(d2i_ASN1_OBJECT(&a, &p, sizeof(objDerInvalidLen))); p = objDerBadLen; ExpectNull(d2i_ASN1_OBJECT(&a, &p, sizeof(objDerBadLen))); p = objDerNotObj; ExpectNull(d2i_ASN1_OBJECT(&a, &p, sizeof(objDerNotObj))); p = objDerNoData; ExpectNull(d2i_ASN1_OBJECT(&a, &p, sizeof(objDerNoData))); /* Create an ASN OBJECT from content */ p = derBuf + 2; ExpectNotNull(a = c2i_ASN1_OBJECT(NULL, &p, 8)); ASN1_OBJECT_free(a); a = NULL; /* Create an ASN OBJECT from DER */ ExpectNotNull(d2i_ASN1_OBJECT(&a, &derBuf, len)); /* Invalid parameter testing. */ ExpectIntEQ(i2d_ASN1_OBJECT(NULL, NULL), 0); ExpectIntEQ(i2d_ASN1_OBJECT(&s, NULL), 0); ExpectIntEQ(i2d_ASN1_OBJECT(a, NULL), 8); der = NULL; ExpectIntEQ(i2d_ASN1_OBJECT(a, &der), 8); derPtr = objDer; ExpectIntEQ(i2d_ASN1_OBJECT(a, &derPtr), 8); ExpectPtrNE(derPtr, objDer); ExpectIntEQ(XMEMCMP(der, objDer, 8), 0); XFREE(der, NULL, DYNAMIC_TYPE_OPENSSL); ASN1_OBJECT_free(a); #endif /* OPENSSL_EXTRA && HAVE_ECC && USE_CERT_BUFFERS_256 */ return EXPECT_RESULT(); } static int test_wolfSSL_i2a_ASN1_OBJECT(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(NO_BIO) ASN1_OBJECT* obj = NULL; ASN1_OBJECT* a = NULL; BIO *bio = NULL; const unsigned char notObjDer[] = { 0x04, 0x01, 0xff }; const unsigned char badLenDer[] = { 0x06, 0x04, 0x01 }; const unsigned char goodDer[] = { 0x06, 0x01, 0x01 }; const unsigned char* p; ExpectNotNull(obj = OBJ_nid2obj(NID_sha256)); ExpectTrue((bio = BIO_new(BIO_s_mem())) != NULL); ExpectIntGT(wolfSSL_i2a_ASN1_OBJECT(bio, obj), 0); ExpectIntGT(wolfSSL_i2a_ASN1_OBJECT(bio, NULL), 0); ExpectIntEQ(wolfSSL_i2a_ASN1_OBJECT(NULL, obj), 0); /* No DER encoding in ASN1_OBJECT. */ ExpectNotNull(a = wolfSSL_ASN1_OBJECT_new()); ExpectIntEQ(wolfSSL_i2a_ASN1_OBJECT(bio, a), 0); ASN1_OBJECT_free(a); a = NULL; /* DER encoding - not OBJECT_ID */ p = notObjDer; ExpectNotNull(a = c2i_ASN1_OBJECT(NULL, &p, 3)); ExpectIntEQ(wolfSSL_i2a_ASN1_OBJECT(bio, a), 0); ASN1_OBJECT_free(a); a = NULL; /* Bad length encoding. */ p = badLenDer; ExpectNotNull(a = c2i_ASN1_OBJECT(NULL, &p, 3)); ExpectIntEQ(wolfSSL_i2a_ASN1_OBJECT(bio, a), 0); ASN1_OBJECT_free(a); a = NULL; /* Good encoding - but unknown. */ p = goodDer; ExpectNotNull(a = c2i_ASN1_OBJECT(NULL, &p, 3)); ExpectIntGT(wolfSSL_i2a_ASN1_OBJECT(bio, a), 0); ASN1_OBJECT_free(a); BIO_free(bio); ASN1_OBJECT_free(obj); #endif return EXPECT_RESULT(); } static int test_wolfSSL_i2t_ASN1_OBJECT(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && \ defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN) char buf[50] = {0}; ASN1_OBJECT* obj; const char* oid = "2.5.29.19"; const char* ln = "X509v3 Basic Constraints"; obj = NULL; ExpectIntEQ(i2t_ASN1_OBJECT(NULL, sizeof(buf), obj), 0); ExpectIntEQ(i2t_ASN1_OBJECT(buf, sizeof(buf), NULL), 0); ExpectIntEQ(i2t_ASN1_OBJECT(buf, 0, NULL), 0); ExpectNotNull(obj = OBJ_txt2obj(oid, 0)); XMEMSET(buf, 0, sizeof(buf)); ExpectIntEQ(i2t_ASN1_OBJECT(buf, sizeof(buf), obj), XSTRLEN(ln)); ExpectIntEQ(XSTRNCMP(buf, ln, XSTRLEN(ln)), 0); ASN1_OBJECT_free(obj); #endif /* OPENSSL_EXTRA && WOLFSSL_CERT_EXT && WOLFSSL_CERT_GEN */ return EXPECT_RESULT(); } static int test_wolfSSL_sk_ASN1_OBJECT(void) { EXPECT_DECLS; #if !defined(NO_ASN) && (defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)) WOLFSSL_STACK* sk = NULL; WOLFSSL_ASN1_OBJECT* obj; ExpectNotNull(obj = wolfSSL_ASN1_OBJECT_new()); ExpectNotNull(sk = wolfSSL_sk_new_asn1_obj()); wolfSSL_sk_ASN1_OBJECT_free(sk); sk = NULL; ExpectNotNull(sk = wolfSSL_sk_new_asn1_obj()); ExpectIntEQ(wolfSSL_sk_ASN1_OBJECT_push(NULL, NULL), 0); ExpectIntEQ(wolfSSL_sk_ASN1_OBJECT_push(sk, NULL), 0); ExpectIntEQ(wolfSSL_sk_ASN1_OBJECT_push(NULL, obj), 0); ExpectIntEQ(wolfSSL_sk_ASN1_OBJECT_push(sk, obj), 1); wolfSSL_sk_ASN1_OBJECT_pop_free(sk, NULL); sk = NULL; /* obj freed in pop_free call. */ ExpectNotNull(obj = wolfSSL_ASN1_OBJECT_new()); ExpectNotNull(sk = wolfSSL_sk_new_asn1_obj()); ExpectIntEQ(wolfSSL_sk_ASN1_OBJECT_push(sk, obj), 1); ExpectPtrEq(obj, wolfSSL_sk_ASN1_OBJECT_pop(sk)); wolfSSL_sk_ASN1_OBJECT_free(sk); wolfSSL_ASN1_OBJECT_free(obj); #endif /* !NO_ASN && (OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL) */ return EXPECT_RESULT(); } static int test_wolfSSL_ASN1_STRING(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) ASN1_STRING* str = NULL; ASN1_STRING* c = NULL; const char data[] = "hello wolfSSL"; const char data2[] = "Same len data"; const char longData[] = "This string must be longer than CTC_NAME_SIZE that is defined as 64."; ExpectNotNull(str = ASN1_STRING_type_new(V_ASN1_OCTET_STRING)); ASN1_STRING_free(str); str = NULL; ExpectNotNull(str = ASN1_STRING_type_new(V_ASN1_OCTET_STRING)); ExpectIntEQ(ASN1_STRING_type(str), V_ASN1_OCTET_STRING); ExpectIntEQ(ASN1_STRING_type(NULL), 0); /* Check setting to NULL works. */ ExpectIntEQ(ASN1_STRING_set(str, NULL, 0), 1); ExpectIntEQ(ASN1_STRING_set(str, (const void*)data, sizeof(data)), 1); ExpectIntEQ(ASN1_STRING_set(str, (const void*)data, -1), 1); ExpectIntEQ(ASN1_STRING_set(str, NULL, -1), 0); ExpectIntEQ(ASN1_STRING_set(NULL, NULL, 0), 0); ExpectIntEQ(wolfSSL_ASN1_STRING_copy(NULL, NULL), 0); ExpectIntEQ(wolfSSL_ASN1_STRING_copy(str, NULL), 0); ExpectIntEQ(wolfSSL_ASN1_STRING_copy(NULL, str), 0); ExpectNull(wolfSSL_ASN1_STRING_dup(NULL)); ExpectNotNull(c = wolfSSL_ASN1_STRING_dup(str)); ExpectIntEQ(ASN1_STRING_cmp(NULL, NULL), -1); ExpectIntEQ(ASN1_STRING_cmp(str, NULL), -1); ExpectIntEQ(ASN1_STRING_cmp(NULL, c), -1); ExpectIntEQ(ASN1_STRING_cmp(str, c), 0); ExpectIntEQ(ASN1_STRING_set(c, (const void*)data2, -1), 1); ExpectIntGT(ASN1_STRING_cmp(str, c), 0); ExpectIntEQ(ASN1_STRING_set(str, (const void*)longData, -1), 1); ExpectIntEQ(wolfSSL_ASN1_STRING_copy(c, str), 1); ExpectIntEQ(ASN1_STRING_cmp(str, c), 0); /* Check setting back to smaller size frees dynamic data. */ ExpectIntEQ(ASN1_STRING_set(str, (const void*)data, -1), 1); ExpectIntLT(ASN1_STRING_cmp(str, c), 0); ExpectIntGT(ASN1_STRING_cmp(c, str), 0); ExpectNull(ASN1_STRING_get0_data(NULL)); ExpectNotNull(ASN1_STRING_get0_data(str)); ExpectNull(ASN1_STRING_data(NULL)); ExpectNotNull(ASN1_STRING_data(str)); ExpectIntEQ(ASN1_STRING_length(NULL), 0); ExpectIntGT(ASN1_STRING_length(str), 0); ASN1_STRING_free(c); ASN1_STRING_free(str); ASN1_STRING_free(NULL); #ifndef NO_WOLFSSL_STUB ExpectNull(d2i_DISPLAYTEXT(NULL, NULL, 0)); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_ASN1_STRING_to_UTF8(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_ASN) && !defined(NO_RSA) && \ !defined(NO_FILESYSTEM) WOLFSSL_X509* x509 = NULL; WOLFSSL_X509_NAME* subject = NULL; WOLFSSL_X509_NAME_ENTRY* e = NULL; WOLFSSL_ASN1_STRING* a = NULL; FILE* file = XBADFILE; int idx = 0; char targetOutput[16] = "www.wolfssl.com"; unsigned char* actual_output = NULL; int len = 0; ExpectNotNull(file = fopen("./certs/server-cert.pem", "rb")); ExpectNotNull(x509 = wolfSSL_PEM_read_X509(file, NULL, NULL, NULL)); if (file != NULL) fclose(file); /* wolfSSL_ASN1_STRING_to_UTF8(): NID_commonName */ ExpectNotNull(subject = wolfSSL_X509_get_subject_name(x509)); ExpectIntEQ((idx = wolfSSL_X509_NAME_get_index_by_NID(subject, NID_commonName, -1)), 5); ExpectNotNull(e = wolfSSL_X509_NAME_get_entry(subject, idx)); ExpectNotNull(a = wolfSSL_X509_NAME_ENTRY_get_data(e)); ExpectIntEQ((len = wolfSSL_ASN1_STRING_to_UTF8(&actual_output, a)), 15); ExpectIntEQ(strncmp((const char*)actual_output, targetOutput, len), 0); a = NULL; /* wolfSSL_ASN1_STRING_to_UTF8(NULL, valid) */ ExpectIntEQ((len = wolfSSL_ASN1_STRING_to_UTF8(NULL, a)), -1); /* wolfSSL_ASN1_STRING_to_UTF8(valid, NULL) */ ExpectIntEQ((len = wolfSSL_ASN1_STRING_to_UTF8(&actual_output, NULL)), -1); /* wolfSSL_ASN1_STRING_to_UTF8(NULL, NULL) */ ExpectIntEQ((len = wolfSSL_ASN1_STRING_to_UTF8(NULL, NULL)), -1); wolfSSL_X509_free(x509); XFREE(actual_output, NULL, DYNAMIC_TYPE_TMP_BUFFER); ExpectNotNull(a = ASN1_STRING_new()); ExpectIntEQ(wolfSSL_ASN1_STRING_to_UTF8(&actual_output, a), -1); ASN1_STRING_free(a); #endif return EXPECT_RESULT(); } static int test_wolfSSL_i2s_ASN1_STRING(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) WOLFSSL_ASN1_STRING* str = NULL; const char* data = "test_wolfSSL_i2s_ASN1_STRING"; char* ret = NULL; ExpectNotNull(str = ASN1_STRING_new()); ExpectNull(ret = wolfSSL_i2s_ASN1_STRING(NULL, NULL)); XFREE(ret, NULL, DYNAMIC_TYPE_TMP_BUFFER); ret = NULL; /* No data. */ ExpectNull(ret = wolfSSL_i2s_ASN1_STRING(NULL, str)); XFREE(ret, NULL, DYNAMIC_TYPE_TMP_BUFFER); ret = NULL; ExpectIntEQ(ASN1_STRING_set(str, data, 0), 1); ExpectNotNull(ret = wolfSSL_i2s_ASN1_STRING(NULL, str)); XFREE(ret, NULL, DYNAMIC_TYPE_TMP_BUFFER); ret = NULL; ExpectIntEQ(ASN1_STRING_set(str, data, -1), 1); /* No type. */ ExpectNotNull(ret = wolfSSL_i2s_ASN1_STRING(NULL, str)); XFREE(ret, NULL, DYNAMIC_TYPE_TMP_BUFFER); ASN1_STRING_free(str); #endif return EXPECT_RESULT(); } static int test_wolfSSL_ASN1_STRING_canon(void) { EXPECT_DECLS; #if defined(WOLFSSL_TEST_STATIC_BUILD) #if !defined(NO_CERTS) && (defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \ defined(OPENSSL_EXTRA_X509_SMALL)) WOLFSSL_ASN1_STRING* orig = NULL; WOLFSSL_ASN1_STRING* canon = NULL; const char* data = "test_wolfSSL_ASN1_STRING_canon"; const char* whitespaceOnly = "\t\r\n"; const char* modData = " \x01\f\t\x02\r\n\v\xff\nTt \n"; const char* canonData = "\x01 \x02 \xff tt"; const char longData[] = "This string must be longer than CTC_NAME_SIZE that is defined as 64."; ExpectNotNull(orig = ASN1_STRING_new()); ExpectNotNull(canon = ASN1_STRING_new()); /* Invalid parameter testing. */ ExpectIntEQ(wolfSSL_ASN1_STRING_canon(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_ASN1_STRING_canon(canon, NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_ASN1_STRING_canon(NULL, orig), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_ASN1_STRING_canon(canon, orig), 1); ExpectIntEQ(ASN1_STRING_cmp(orig, canon), 0); ExpectIntEQ(ASN1_STRING_set(orig, longData, (int)XSTRLEN(data)), 1); ExpectIntEQ(wolfSSL_ASN1_STRING_canon(canon, orig), 1); ExpectIntEQ(ASN1_STRING_cmp(orig, canon), 0); ExpectIntEQ(ASN1_STRING_set(orig, data, (int)XSTRLEN(data)), 1); ExpectIntEQ(wolfSSL_ASN1_STRING_canon(canon, orig), 1); ExpectIntEQ(ASN1_STRING_cmp(orig, canon), 0); ASN1_STRING_free(orig); orig = NULL; ExpectNotNull(orig = ASN1_STRING_type_new(MBSTRING_UTF8)); ExpectIntEQ(ASN1_STRING_set(orig, modData, 15), 1); ExpectIntEQ(wolfSSL_ASN1_STRING_canon(canon, orig), 1); ExpectIntEQ(ASN1_STRING_set(orig, canonData, 8), 1); ExpectIntEQ(ASN1_STRING_cmp(orig, canon), 0); ASN1_STRING_free(orig); orig = NULL; ExpectNotNull(orig = ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)); ExpectIntEQ(ASN1_STRING_set(orig, whitespaceOnly, 3), 1); ExpectIntEQ(wolfSSL_ASN1_STRING_canon(canon, orig), 1); ASN1_STRING_free(orig); orig = NULL; ExpectNotNull(orig = ASN1_STRING_type_new(MBSTRING_UTF8)); ExpectIntEQ(ASN1_STRING_cmp(orig, canon), 0); ASN1_STRING_free(orig); ASN1_STRING_free(canon); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_ASN1_STRING_print(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_ASN) && !defined(NO_CERTS) && \ !defined(NO_BIO) ASN1_STRING* asnStr = NULL; const char HELLO_DATA[]= \ {'H','e','l','l','o',' ','w','o','l','f','S','S','L','!'}; #define MAX_UNPRINTABLE_CHAR 32 #define MAX_BUF 255 unsigned char unprintableData[MAX_UNPRINTABLE_CHAR + sizeof(HELLO_DATA)]; unsigned char expected[sizeof(unprintableData)+1]; unsigned char rbuf[MAX_BUF]; BIO *bio = NULL; int p_len; int i; /* setup */ for (i = 0; i < (int)sizeof(HELLO_DATA); i++) { unprintableData[i] = HELLO_DATA[i]; expected[i] = HELLO_DATA[i]; } for (i = 0; i < (int)MAX_UNPRINTABLE_CHAR; i++) { unprintableData[sizeof(HELLO_DATA)+i] = i; if (i == (int)'\n' || i == (int)'\r') expected[sizeof(HELLO_DATA)+i] = i; else expected[sizeof(HELLO_DATA)+i] = '.'; } unprintableData[sizeof(unprintableData)-1] = '\0'; expected[sizeof(expected)-1] = '\0'; XMEMSET(rbuf, 0, MAX_BUF); ExpectNotNull(bio = BIO_new(BIO_s_mem())); ExpectIntEQ(BIO_set_write_buf_size(bio, MAX_BUF), 0); ExpectNotNull(asnStr = ASN1_STRING_type_new(V_ASN1_OCTET_STRING)); ExpectIntEQ(ASN1_STRING_set(asnStr,(const void*)unprintableData, (int)sizeof(unprintableData)), 1); /* test */ ExpectIntEQ(wolfSSL_ASN1_STRING_print(NULL, NULL), 0); ExpectIntEQ(wolfSSL_ASN1_STRING_print(bio, NULL), 0); ExpectIntEQ(wolfSSL_ASN1_STRING_print(NULL, asnStr), 0); ExpectIntEQ(p_len = wolfSSL_ASN1_STRING_print(bio, asnStr), 46); ExpectIntEQ(BIO_read(bio, (void*)rbuf, 46), 46); ExpectStrEQ((char*)rbuf, (const char*)expected); BIO_free(bio); bio = NULL; ExpectNotNull(bio = BIO_new(wolfSSL_BIO_s_fixed_mem())); ExpectIntEQ(BIO_set_write_buf_size(bio, 1), 1); /* Ensure there is 0 bytes available to write into. */ ExpectIntEQ(BIO_write(bio, rbuf, 1), 1); ExpectIntEQ(wolfSSL_ASN1_STRING_print(bio, asnStr), 0); ExpectIntEQ(BIO_set_write_buf_size(bio, 1), 1); ExpectIntEQ(wolfSSL_ASN1_STRING_print(bio, asnStr), 0); ExpectIntEQ(BIO_set_write_buf_size(bio, 45), 1); ExpectIntEQ(wolfSSL_ASN1_STRING_print(bio, asnStr), 0); BIO_free(bio); ASN1_STRING_free(asnStr); #endif /* OPENSSL_EXTRA && !NO_ASN && !NO_CERTS && !NO_BIO */ return EXPECT_RESULT(); } static int test_wolfSSL_ASN1_STRING_print_ex(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(NO_BIO) ASN1_STRING* asn_str = NULL; const char data[] = "Hello wolfSSL!"; ASN1_STRING* esc_str = NULL; const char esc_data[] = "a+;<>"; ASN1_STRING* neg_int = NULL; const char neg_int_data[] = "\xff"; ASN1_STRING* neg_enum = NULL; const char neg_enum_data[] = "\xff"; BIO *bio = NULL; BIO *fixed = NULL; unsigned long flags; int p_len; unsigned char rbuf[255]; /* setup */ XMEMSET(rbuf, 0, 255); ExpectNotNull(bio = BIO_new(BIO_s_mem())); ExpectIntEQ(BIO_set_write_buf_size(bio, 255), 0); ExpectNotNull(fixed = BIO_new(wolfSSL_BIO_s_fixed_mem())); ExpectNotNull(asn_str = ASN1_STRING_type_new(V_ASN1_OCTET_STRING)); ExpectIntEQ(ASN1_STRING_set(asn_str, (const void*)data, sizeof(data)), 1); ExpectNotNull(esc_str = ASN1_STRING_type_new(V_ASN1_OCTET_STRING)); ExpectIntEQ(ASN1_STRING_set(esc_str, (const void*)esc_data, sizeof(esc_data)), 1); ExpectNotNull(neg_int = ASN1_STRING_type_new(V_ASN1_NEG_INTEGER)); ExpectIntEQ(ASN1_STRING_set(neg_int, (const void*)neg_int_data, sizeof(neg_int_data) - 1), 1); ExpectNotNull(neg_enum = ASN1_STRING_type_new(V_ASN1_NEG_ENUMERATED)); ExpectIntEQ(ASN1_STRING_set(neg_enum, (const void*)neg_enum_data, sizeof(neg_enum_data) - 1), 1); /* Invalid parameter testing. */ ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(NULL, NULL, 0), 0); ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(bio, NULL, 0), 0); ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(NULL, asn_str, 0), 0); /* no flags */ XMEMSET(rbuf, 0, 255); flags = 0; ExpectIntEQ(p_len = wolfSSL_ASN1_STRING_print_ex(bio, asn_str, flags), 15); ExpectIntEQ(BIO_read(bio, (void*)rbuf, 15), 15); ExpectStrEQ((char*)rbuf, "Hello wolfSSL!"); ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1); /* Ensure there is 0 bytes available to write into. */ ExpectIntEQ(BIO_write(fixed, rbuf, 1), 1); ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0); ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1); ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0); ExpectIntEQ(BIO_set_write_buf_size(fixed, 14), 1); ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0); /* RFC2253 Escape */ XMEMSET(rbuf, 0, 255); flags = ASN1_STRFLGS_ESC_2253; ExpectIntEQ(p_len = wolfSSL_ASN1_STRING_print_ex(bio, esc_str, flags), 9); ExpectIntEQ(BIO_read(bio, (void*)rbuf, 9), 9); ExpectStrEQ((char*)rbuf, "a\\+\\;\\<\\>"); ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1); /* Ensure there is 0 bytes available to write into. */ ExpectIntEQ(BIO_write(fixed, rbuf, 1), 1); ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, esc_str, flags), 0); ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1); ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, esc_str, flags), 0); ExpectIntEQ(BIO_set_write_buf_size(fixed, 8), 1); ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, esc_str, flags), 0); /* Show type */ XMEMSET(rbuf, 0, 255); flags = ASN1_STRFLGS_SHOW_TYPE; ExpectIntEQ(p_len = wolfSSL_ASN1_STRING_print_ex(bio, asn_str, flags), 28); ExpectIntEQ(BIO_read(bio, (void*)rbuf, 28), 28); ExpectStrEQ((char*)rbuf, "OCTET STRING:Hello wolfSSL!"); ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1); /* Ensure there is 0 bytes available to write into. */ ExpectIntEQ(BIO_write(fixed, rbuf, 1), 1); ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0); ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1); ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0); ExpectIntEQ(BIO_set_write_buf_size(fixed, 12), 1); ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0); ExpectIntEQ(BIO_set_write_buf_size(fixed, 27), 1); ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0); /* Dump All */ XMEMSET(rbuf, 0, 255); flags = ASN1_STRFLGS_DUMP_ALL; ExpectIntEQ(p_len = wolfSSL_ASN1_STRING_print_ex(bio, asn_str, flags), 31); ExpectIntEQ(BIO_read(bio, (void*)rbuf, 31), 31); ExpectStrEQ((char*)rbuf, "#48656C6C6F20776F6C6653534C2100"); ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1); /* Ensure there is 0 bytes available to write into. */ ExpectIntEQ(BIO_write(fixed, rbuf, 1), 1); ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0); ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1); ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0); ExpectIntEQ(BIO_set_write_buf_size(fixed, 30), 1); ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0); /* Dump Der */ XMEMSET(rbuf, 0, 255); flags = ASN1_STRFLGS_DUMP_ALL | ASN1_STRFLGS_DUMP_DER; ExpectIntEQ(p_len = wolfSSL_ASN1_STRING_print_ex(bio, asn_str, flags), 35); ExpectIntEQ(BIO_read(bio, (void*)rbuf, 35), 35); ExpectStrEQ((char*)rbuf, "#040F48656C6C6F20776F6C6653534C2100"); ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1); /* Ensure there is 0 bytes available to write into. */ ExpectIntEQ(BIO_write(fixed, rbuf, 1), 1); ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0); ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1); ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0); ExpectIntEQ(BIO_set_write_buf_size(fixed, 2), 1); ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0); ExpectIntEQ(BIO_set_write_buf_size(fixed, 30), 1); ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0); /* Dump All + Show type */ XMEMSET(rbuf, 0, 255); flags = ASN1_STRFLGS_DUMP_ALL | ASN1_STRFLGS_SHOW_TYPE; ExpectIntEQ(p_len = wolfSSL_ASN1_STRING_print_ex(bio, asn_str, flags), 44); ExpectIntEQ(BIO_read(bio, (void*)rbuf, 44), 44); ExpectStrEQ((char*)rbuf, "OCTET STRING:#48656C6C6F20776F6C6653534C2100"); /* Dump All + Show type - Negative Integer. */ XMEMSET(rbuf, 0, 255); flags = ASN1_STRFLGS_DUMP_ALL | ASN1_STRFLGS_SHOW_TYPE; ExpectIntEQ(p_len = wolfSSL_ASN1_STRING_print_ex(bio, neg_int, flags), 11); ExpectIntEQ(BIO_read(bio, (void*)rbuf, 11), 11); ExpectStrEQ((char*)rbuf, "INTEGER:#FF"); /* Dump All + Show type - Negative Enumerated. */ XMEMSET(rbuf, 0, 255); flags = ASN1_STRFLGS_DUMP_ALL | ASN1_STRFLGS_SHOW_TYPE; ExpectIntEQ(p_len = wolfSSL_ASN1_STRING_print_ex(bio, neg_enum, flags), 14); ExpectIntEQ(BIO_read(bio, (void*)rbuf, 14), 14); ExpectStrEQ((char*)rbuf, "ENUMERATED:#FF"); BIO_free(fixed); BIO_free(bio); ASN1_STRING_free(asn_str); ASN1_STRING_free(esc_str); ASN1_STRING_free(neg_int); ASN1_STRING_free(neg_enum); ExpectStrEQ(wolfSSL_ASN1_tag2str(-1), "(unknown)"); ExpectStrEQ(wolfSSL_ASN1_tag2str(31), "(unknown)"); #endif return EXPECT_RESULT(); } static int test_wolfSSL_ASN1_UNIVERSALSTRING_to_string(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_ASN) ASN1_STRING* asn1str_test = NULL; ASN1_STRING* asn1str_answer = NULL; /* Each character is encoded using 4 bytes */ char input[] = { 0, 0, 0, 'T', 0, 0, 0, 'e', 0, 0, 0, 's', 0, 0, 0, 't', }; char output[] = "Test"; char badInput[] = { 1, 0, 0, 'T', 0, 1, 0, 'e', 0, 0, 1, 's', }; ExpectIntEQ(ASN1_UNIVERSALSTRING_to_string(NULL), 0); /* Test wrong type. */ ExpectNotNull(asn1str_test = ASN1_STRING_type_new(V_ASN1_OCTET_STRING)); ExpectIntEQ(ASN1_UNIVERSALSTRING_to_string(asn1str_test), 0); ASN1_STRING_free(asn1str_test); asn1str_test = NULL; ExpectNotNull(asn1str_test = ASN1_STRING_type_new(V_ASN1_UNIVERSALSTRING)); /* Test bad length. */ ExpectIntEQ(ASN1_STRING_set(asn1str_test, input, sizeof(input) - 1), 1); ExpectIntEQ(ASN1_UNIVERSALSTRING_to_string(asn1str_test), 0); /* Test bad input. */ ExpectIntEQ(ASN1_STRING_set(asn1str_test, badInput + 0, 4), 1); ExpectIntEQ(ASN1_UNIVERSALSTRING_to_string(asn1str_test), 0); ExpectIntEQ(ASN1_STRING_set(asn1str_test, badInput + 4, 4), 1); ExpectIntEQ(ASN1_UNIVERSALSTRING_to_string(asn1str_test), 0); ExpectIntEQ(ASN1_STRING_set(asn1str_test, badInput + 8, 4), 1); ExpectIntEQ(ASN1_UNIVERSALSTRING_to_string(asn1str_test), 0); ExpectIntEQ(ASN1_STRING_set(asn1str_test, input, sizeof(input)), 1); ExpectIntEQ(ASN1_UNIVERSALSTRING_to_string(asn1str_test), 1); ExpectNotNull( asn1str_answer = ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)); ExpectIntEQ(ASN1_STRING_set(asn1str_answer, output, sizeof(output)-1), 1); ExpectIntEQ(ASN1_STRING_cmp(asn1str_test, asn1str_answer), 0); ASN1_STRING_free(asn1str_test); ASN1_STRING_free(asn1str_answer); #endif /* OPENSSL_ALL && !NO_ASN */ return EXPECT_RESULT(); } static int test_wolfSSL_ASN1_GENERALIZEDTIME_free(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) WOLFSSL_ASN1_GENERALIZEDTIME* asn1_gtime = NULL; unsigned char nullstr[32]; XMEMSET(nullstr, 0, 32); ExpectNotNull(asn1_gtime = (WOLFSSL_ASN1_GENERALIZEDTIME*)XMALLOC( sizeof(WOLFSSL_ASN1_GENERALIZEDTIME), NULL, DYNAMIC_TYPE_TMP_BUFFER)); if (asn1_gtime != NULL) { XMEMCPY(asn1_gtime->data,"20180504123500Z",ASN_GENERALIZED_TIME_SIZE); wolfSSL_ASN1_GENERALIZEDTIME_free(asn1_gtime); ExpectIntEQ(0, XMEMCMP(asn1_gtime->data, nullstr, 32)); XFREE(asn1_gtime, NULL, DYNAMIC_TYPE_TMP_BUFFER); } wolfSSL_ASN1_GENERALIZEDTIME_free(NULL); #endif /* OPENSSL_EXTRA */ return EXPECT_RESULT(); } static int test_wolfSSL_ASN1_GENERALIZEDTIME_print(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_BIO) WOLFSSL_ASN1_GENERALIZEDTIME gtime; BIO* bio = NULL; unsigned char buf[24]; int i; ExpectNotNull(bio = BIO_new(BIO_s_mem())); BIO_set_write_buf_size(bio, 24); XMEMSET(>ime, 0, sizeof(WOLFSSL_ASN1_GENERALIZEDTIME)); XMEMCPY(gtime.data, "20180504123500Z", ASN_GENERALIZED_TIME_SIZE); gtime.length = ASN_GENERALIZED_TIME_SIZE; /* Type not set. */ ExpectIntEQ(wolfSSL_ASN1_GENERALIZEDTIME_print(bio, >ime), 0); gtime.type = V_ASN1_GENERALIZEDTIME; /* Invalid parameters testing. */ ExpectIntEQ(wolfSSL_ASN1_GENERALIZEDTIME_print(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_ASN1_GENERALIZEDTIME_print(bio, NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_ASN1_GENERALIZEDTIME_print(NULL, >ime), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_ASN1_GENERALIZEDTIME_print(bio, >ime), 1); ExpectIntEQ(BIO_read(bio, buf, sizeof(buf)), 20); ExpectIntEQ(XMEMCMP(buf, "May 04 12:35:00 2018", 20), 0); BIO_free(bio); bio = NULL; ExpectNotNull(bio = BIO_new(wolfSSL_BIO_s_fixed_mem())); ExpectIntEQ(BIO_set_write_buf_size(bio, 1), 1); /* Ensure there is 0 bytes available to write into. */ ExpectIntEQ(BIO_write(bio, buf, 1), 1); ExpectIntEQ(wolfSSL_ASN1_GENERALIZEDTIME_print(bio, >ime), 0); for (i = 1; i < 20; i++) { ExpectIntEQ(BIO_set_write_buf_size(bio, i), 1); ExpectIntEQ(wolfSSL_ASN1_GENERALIZEDTIME_print(bio, >ime), 0); } BIO_free(bio); wolfSSL_ASN1_GENERALIZEDTIME_free(>ime); #endif /* OPENSSL_EXTRA */ return EXPECT_RESULT(); } static int test_wolfSSL_ASN1_TIME(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) WOLFSSL_ASN1_TIME* asn_time = NULL; unsigned char *data; ExpectNotNull(asn_time = ASN1_TIME_new()); #ifndef NO_WOLFSSL_STUB ExpectNotNull(ASN1_TIME_set(asn_time, 1)); #endif ExpectIntEQ(ASN1_TIME_set_string(NULL, NULL), 0); ExpectIntEQ(ASN1_TIME_set_string(asn_time, NULL), 0); ExpectIntEQ(ASN1_TIME_set_string(NULL, "String longer than CTC_DATA_SIZE that is 32 bytes"), 0); ExpectIntEQ(ASN1_TIME_set_string(NULL, "101219181011Z"), 1); ExpectIntEQ(ASN1_TIME_set_string(asn_time, "101219181011Z"), 1); ExpectIntEQ(wolfSSL_ASN1_TIME_get_length(NULL), 0); ExpectIntEQ(wolfSSL_ASN1_TIME_get_length(asn_time), ASN_UTC_TIME_SIZE - 1); ExpectNull(wolfSSL_ASN1_TIME_get_data(NULL)); ExpectNotNull(data = wolfSSL_ASN1_TIME_get_data(asn_time)); ExpectIntEQ(XMEMCMP(data, "101219181011Z", 14), 0); ExpectIntEQ(ASN1_TIME_check(NULL), 0); ExpectIntEQ(ASN1_TIME_check(asn_time), 1); ASN1_TIME_free(asn_time); ASN1_TIME_free(NULL); #endif return EXPECT_RESULT(); } static int test_wolfSSL_ASN1_TIME_to_string(void) { EXPECT_DECLS; #ifndef NO_ASN_TIME #if defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) || \ defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) WOLFSSL_ASN1_TIME* t = NULL; char buf[ASN_GENERALIZED_TIME_SIZE]; ExpectNotNull((t = ASN1_TIME_new())); ExpectIntEQ(ASN1_TIME_set_string(t, "030222211515Z"), 1); /* Invalid parameter testing. */ ExpectNull(ASN1_TIME_to_string(NULL, NULL, 4)); ExpectNull(ASN1_TIME_to_string(t, NULL, 4)); ExpectNull(ASN1_TIME_to_string(NULL, buf, 4)); ExpectNull(ASN1_TIME_to_string(NULL, NULL, 5)); ExpectNull(ASN1_TIME_to_string(NULL, buf, 5)); ExpectNull(ASN1_TIME_to_string(t, NULL, 5)); ExpectNull(ASN1_TIME_to_string(t, buf, 4)); /* Buffer needs to be longer than minimum of 5 characters. */ ExpectNull(ASN1_TIME_to_string(t, buf, 5)); ASN1_TIME_free(t); #endif #endif /* NO_ASN_TIME */ return EXPECT_RESULT(); } static int test_wolfSSL_ASN1_TIME_diff_compare(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) ASN1_TIME* fromTime = NULL; ASN1_TIME* closeToTime = NULL; ASN1_TIME* toTime = NULL; ASN1_TIME* invalidTime = NULL; int daysDiff = 0; int secsDiff = 0; ExpectNotNull((fromTime = ASN1_TIME_new())); /* Feb 22, 2003, 21:15:15 */ ExpectIntEQ(ASN1_TIME_set_string(fromTime, "030222211515Z"), 1); ExpectNotNull((closeToTime = ASN1_TIME_new())); /* Feb 22, 2003, 21:16:15 */ ExpectIntEQ(ASN1_TIME_set_string(closeToTime, "030222211615Z"), 1); ExpectNotNull((toTime = ASN1_TIME_new())); /* Dec 19, 2010, 18:10:11 */ ExpectIntEQ(ASN1_TIME_set_string(toTime, "101219181011Z"), 1); ExpectNotNull((invalidTime = ASN1_TIME_new())); /* Dec 19, 2010, 18:10:11 but 'U' instead of 'Z' which is invalid. */ ExpectIntEQ(ASN1_TIME_set_string(invalidTime, "102519181011U"), 1); ExpectIntEQ(ASN1_TIME_diff(&daysDiff, &secsDiff, fromTime, invalidTime), 0); ExpectIntEQ(ASN1_TIME_diff(&daysDiff, &secsDiff, invalidTime, toTime), 0); ExpectIntEQ(ASN1_TIME_diff(&daysDiff, &secsDiff, fromTime, toTime), 1); /* Error conditions. */ ExpectIntEQ(ASN1_TIME_diff(NULL, &secsDiff, fromTime, toTime), 0); ExpectIntEQ(ASN1_TIME_diff(&daysDiff, NULL, fromTime, toTime), 0); /* If both times are NULL, difference is 0. */ ExpectIntEQ(ASN1_TIME_diff(&daysDiff, &secsDiff, NULL, NULL), 1); ExpectIntEQ(daysDiff, 0); ExpectIntEQ(secsDiff, 0); /* If one time is NULL, it defaults to the current time. */ ExpectIntEQ(ASN1_TIME_diff(&daysDiff, &secsDiff, NULL, toTime), 1); ExpectIntEQ(ASN1_TIME_diff(&daysDiff, &secsDiff, fromTime, NULL), 1); /* Normal operation. Both times non-NULL. */ ExpectIntEQ(ASN1_TIME_diff(&daysDiff, &secsDiff, fromTime, toTime), 1); ExpectIntEQ(daysDiff, 2856); ExpectIntEQ(secsDiff, 75296); /* Swapping the times should return negative values. */ ExpectIntEQ(ASN1_TIME_diff(&daysDiff, &secsDiff, toTime, fromTime), 1); ExpectIntEQ(daysDiff, -2856); ExpectIntEQ(secsDiff, -75296); /* Compare with invalid time string. */ ExpectIntEQ(ASN1_TIME_compare(fromTime, invalidTime), -2); ExpectIntEQ(ASN1_TIME_compare(invalidTime, toTime), -2); /* Compare with days difference of 0. */ ExpectIntEQ(ASN1_TIME_compare(fromTime, closeToTime), -1); ExpectIntEQ(ASN1_TIME_compare(closeToTime, fromTime), 1); /* Days and seconds differences not 0. */ ExpectIntEQ(ASN1_TIME_compare(fromTime, toTime), -1); ExpectIntEQ(ASN1_TIME_compare(toTime, fromTime), 1); /* Same time. */ ExpectIntEQ(ASN1_TIME_compare(fromTime, fromTime), 0); /* Compare regression test: No seconds difference, just difference in days. */ ASN1_TIME_set_string(fromTime, "19700101000000Z"); ASN1_TIME_set_string(toTime, "19800101000000Z"); ExpectIntEQ(ASN1_TIME_compare(fromTime, toTime), -1); ExpectIntEQ(ASN1_TIME_compare(toTime, fromTime), 1); ExpectIntEQ(ASN1_TIME_compare(fromTime, fromTime), 0); /* Edge case with Unix epoch. */ ExpectNotNull(ASN1_TIME_set_string(fromTime, "19700101000000Z")); ExpectNotNull(ASN1_TIME_set_string(toTime, "19800101000000Z")); ExpectIntEQ(ASN1_TIME_diff(&daysDiff, &secsDiff, fromTime, toTime), 1); ExpectIntEQ(daysDiff, 3652); ExpectIntEQ(secsDiff, 0); /* Edge case with year > 2038 (year 2038 problem). */ ExpectNotNull(ASN1_TIME_set_string(toTime, "99991231235959Z")); ExpectIntEQ(ASN1_TIME_diff(&daysDiff, &secsDiff, fromTime, toTime), 1); ExpectIntEQ(daysDiff, 2932896); ExpectIntEQ(secsDiff, 86399); ASN1_TIME_free(fromTime); ASN1_TIME_free(closeToTime); ASN1_TIME_free(toTime); ASN1_TIME_free(invalidTime); #endif return EXPECT_RESULT(); } static int test_wolfSSL_ASN1_TIME_adj(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) && \ !defined(USER_TIME) && !defined(TIME_OVERRIDES) const int year = 365*24*60*60; const int day = 24*60*60; const int hour = 60*60; const int mini = 60; const byte asn_utc_time = ASN_UTC_TIME; #if !defined(TIME_T_NOT_64BIT) && !defined(NO_64BIT) const byte asn_gen_time = ASN_GENERALIZED_TIME; #endif WOLFSSL_ASN1_TIME* asn_time = NULL; WOLFSSL_ASN1_TIME* s = NULL; int offset_day; long offset_sec; char date_str[CTC_DATE_SIZE + 1]; time_t t; ExpectNotNull(s = wolfSSL_ASN1_TIME_new()); /* UTC notation test */ /* 2000/2/15 20:30:00 */ t = (time_t)30 * year + 45 * day + 20 * hour + 30 * mini + 7 * day; offset_day = 7; offset_sec = 45 * mini; /* offset_sec = -45 * min;*/ ExpectNotNull(asn_time = wolfSSL_ASN1_TIME_adj(s, t, offset_day, offset_sec)); ExpectTrue(asn_time->type == asn_utc_time); ExpectNotNull(XSTRNCPY(date_str, (const char*)&asn_time->data, CTC_DATE_SIZE)); date_str[CTC_DATE_SIZE] = '\0'; ExpectIntEQ(0, XMEMCMP(date_str, "000222211500Z", 13)); /* negative offset */ offset_sec = -45 * mini; asn_time = wolfSSL_ASN1_TIME_adj(s, t, offset_day, offset_sec); ExpectNotNull(asn_time); ExpectTrue(asn_time->type == asn_utc_time); ExpectNotNull(XSTRNCPY(date_str, (const char*)&asn_time->data, CTC_DATE_SIZE)); date_str[CTC_DATE_SIZE] = '\0'; ExpectIntEQ(0, XMEMCMP(date_str, "000222194500Z", 13)); XFREE(s, NULL, DYNAMIC_TYPE_OPENSSL); s = NULL; XMEMSET(date_str, 0, sizeof(date_str)); /* Generalized time will overflow time_t if not long */ #if !defined(TIME_T_NOT_64BIT) && !defined(NO_64BIT) s = (WOLFSSL_ASN1_TIME*)XMALLOC(sizeof(WOLFSSL_ASN1_TIME), NULL, DYNAMIC_TYPE_OPENSSL); /* GeneralizedTime notation test */ /* 2055/03/01 09:00:00 */ t = (time_t)85 * year + 59 * day + 9 * hour + 21 * day; offset_day = 12; offset_sec = 10 * mini; ExpectNotNull(asn_time = wolfSSL_ASN1_TIME_adj(s, t, offset_day, offset_sec)); ExpectTrue(asn_time->type == asn_gen_time); ExpectNotNull(XSTRNCPY(date_str, (const char*)&asn_time->data, CTC_DATE_SIZE)); date_str[CTC_DATE_SIZE] = '\0'; ExpectIntEQ(0, XMEMCMP(date_str, "20550313091000Z", 15)); XFREE(s, NULL, DYNAMIC_TYPE_OPENSSL); s = NULL; XMEMSET(date_str, 0, sizeof(date_str)); #endif /* !TIME_T_NOT_64BIT && !NO_64BIT */ /* if WOLFSSL_ASN1_TIME struct is not allocated */ s = NULL; t = (time_t)30 * year + 45 * day + 20 * hour + 30 * mini + 15 + 7 * day; offset_day = 7; offset_sec = 45 * mini; ExpectNotNull(asn_time = wolfSSL_ASN1_TIME_adj(s, t, offset_day, offset_sec)); ExpectTrue(asn_time->type == asn_utc_time); ExpectNotNull(XSTRNCPY(date_str, (const char*)&asn_time->data, CTC_DATE_SIZE)); date_str[CTC_DATE_SIZE] = '\0'; ExpectIntEQ(0, XMEMCMP(date_str, "000222211515Z", 13)); XFREE(asn_time, NULL, DYNAMIC_TYPE_OPENSSL); asn_time = NULL; ExpectNotNull(asn_time = wolfSSL_ASN1_TIME_adj(NULL, t, offset_day, offset_sec)); ExpectTrue(asn_time->type == asn_utc_time); ExpectNotNull(XSTRNCPY(date_str, (const char*)&asn_time->data, CTC_DATE_SIZE)); date_str[CTC_DATE_SIZE] = '\0'; ExpectIntEQ(0, XMEMCMP(date_str, "000222211515Z", 13)); XFREE(asn_time, NULL, DYNAMIC_TYPE_OPENSSL); #endif return EXPECT_RESULT(); } static int test_wolfSSL_ASN1_TIME_to_tm(void) { EXPECT_DECLS; #if (defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) || \ defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || \ defined(OPENSSL_ALL)) && !defined(NO_ASN_TIME) ASN1_TIME asnTime; struct tm tm; time_t testTime = 1683926567; /* Fri May 12 09:22:47 PM UTC 2023 */ XMEMSET(&tm, 0, sizeof(struct tm)); XMEMSET(&asnTime, 0, sizeof(ASN1_TIME)); ExpectIntEQ(ASN1_TIME_set_string(&asnTime, "000222211515Z"), 1); ExpectIntEQ(ASN1_TIME_to_tm(&asnTime, NULL), 1); ExpectIntEQ(ASN1_TIME_to_tm(&asnTime, &tm), 1); ExpectIntEQ(tm.tm_sec, 15); ExpectIntEQ(tm.tm_min, 15); ExpectIntEQ(tm.tm_hour, 21); ExpectIntEQ(tm.tm_mday, 22); ExpectIntEQ(tm.tm_mon, 1); ExpectIntEQ(tm.tm_year, 100); ExpectIntEQ(tm.tm_isdst, 0); #ifdef XMKTIME ExpectIntEQ(tm.tm_wday, 2); ExpectIntEQ(tm.tm_yday, 52); #endif ExpectIntEQ(ASN1_TIME_set_string(&asnTime, "500222211515Z"), 1); ExpectIntEQ(ASN1_TIME_to_tm(&asnTime, &tm), 1); ExpectIntEQ(tm.tm_year, 50); /* Get current time. */ ExpectIntEQ(ASN1_TIME_to_tm(NULL, NULL), 0); ExpectIntEQ(ASN1_TIME_to_tm(NULL, &tm), 1); XMEMSET(&asnTime, 0, sizeof(ASN1_TIME)); /* 0 length. */ ExpectIntEQ(ASN1_TIME_to_tm(&asnTime, &tm), 0); /* No type. */ asnTime.length = 1; ExpectIntEQ(ASN1_TIME_to_tm(&asnTime, &tm), 0); /* Not UTCTIME length. */ asnTime.type = V_ASN1_UTCTIME; ExpectIntEQ(ASN1_TIME_to_tm(&asnTime, &tm), 0); /* Not GENERALIZEDTIME length. */ asnTime.type = V_ASN1_GENERALIZEDTIME; ExpectIntEQ(ASN1_TIME_to_tm(&asnTime, &tm), 0); /* Not Zulu timezone. */ ExpectIntEQ(ASN1_TIME_set_string(&asnTime, "000222211515U"), 1); ExpectIntEQ(ASN1_TIME_to_tm(&asnTime, &tm), 0); ExpectIntEQ(ASN1_TIME_set_string(&asnTime, "20000222211515U"), 1); ExpectIntEQ(ASN1_TIME_to_tm(&asnTime, &tm), 0); #ifdef XMKTIME ExpectNotNull(ASN1_TIME_adj(&asnTime, testTime, 0, 0)); ExpectIntEQ(ASN1_TIME_to_tm(&asnTime, &tm), 1); ExpectIntEQ(tm.tm_sec, 47); ExpectIntEQ(tm.tm_min, 22); ExpectIntEQ(tm.tm_hour, 21); ExpectIntEQ(tm.tm_mday, 12); ExpectIntEQ(tm.tm_mon, 4); ExpectIntEQ(tm.tm_year, 123); ExpectIntEQ(tm.tm_wday, 5); ExpectIntEQ(tm.tm_yday, 131); /* Confirm that when used with a tm struct from ASN1_TIME_adj, all other fields are zeroed out as expected. */ ExpectIntEQ(tm.tm_isdst, 0); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_ASN1_TIME_to_generalizedtime(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) WOLFSSL_ASN1_TIME *t = NULL; WOLFSSL_ASN1_TIME *out = NULL; WOLFSSL_ASN1_TIME *gtime = NULL; int tlen = 0; unsigned char *data = NULL; ExpectNotNull(t = wolfSSL_ASN1_TIME_new()); ExpectNull(wolfSSL_ASN1_TIME_to_generalizedtime(NULL, &out)); /* type not set. */ ExpectNull(wolfSSL_ASN1_TIME_to_generalizedtime(t, &out)); XFREE(t, NULL, DYNAMIC_TYPE_TMP_BUFFER); t = NULL; /* UTC Time test */ ExpectNotNull(t = wolfSSL_ASN1_TIME_new()); if (t != NULL) { XMEMSET(t->data, 0, ASN_GENERALIZED_TIME_SIZE); t->type = ASN_UTC_TIME; t->length = ASN_UTC_TIME_SIZE; XMEMCPY(t->data, "050727123456Z", ASN_UTC_TIME_SIZE); } ExpectIntEQ(tlen = wolfSSL_ASN1_TIME_get_length(t), ASN_UTC_TIME_SIZE); ExpectStrEQ((char*)(data = wolfSSL_ASN1_TIME_get_data(t)), "050727123456Z"); out = NULL; ExpectNotNull(gtime = wolfSSL_ASN1_TIME_to_generalizedtime(t, &out)); wolfSSL_ASN1_TIME_free(gtime); gtime = NULL; ExpectNotNull(out = wolfSSL_ASN1_TIME_new()); ExpectNotNull(gtime = wolfSSL_ASN1_TIME_to_generalizedtime(t, &out)); ExpectPtrEq(gtime, out); ExpectIntEQ(gtime->type, ASN_GENERALIZED_TIME); ExpectIntEQ(gtime->length, ASN_GENERALIZED_TIME_SIZE); ExpectStrEQ((char*)gtime->data, "20050727123456Z"); /* Generalized Time test */ ExpectNotNull(XMEMSET(t, 0, ASN_GENERALIZED_TIME_SIZE)); ExpectNotNull(XMEMSET(out, 0, ASN_GENERALIZED_TIME_SIZE)); ExpectNotNull(XMEMSET(data, 0, ASN_GENERALIZED_TIME_SIZE)); if (t != NULL) { t->type = ASN_GENERALIZED_TIME; t->length = ASN_GENERALIZED_TIME_SIZE; XMEMCPY(t->data, "20050727123456Z", ASN_GENERALIZED_TIME_SIZE); } ExpectIntEQ(tlen = wolfSSL_ASN1_TIME_get_length(t), ASN_GENERALIZED_TIME_SIZE); ExpectStrEQ((char*)(data = wolfSSL_ASN1_TIME_get_data(t)), "20050727123456Z"); ExpectNotNull(gtime = wolfSSL_ASN1_TIME_to_generalizedtime(t, &out)); ExpectIntEQ(gtime->type, ASN_GENERALIZED_TIME); ExpectIntEQ(gtime->length, ASN_GENERALIZED_TIME_SIZE); ExpectStrEQ((char*)gtime->data, "20050727123456Z"); /* UTC Time to Generalized Time 1900's test */ ExpectNotNull(XMEMSET(t, 0, ASN_GENERALIZED_TIME_SIZE)); ExpectNotNull(XMEMSET(out, 0, ASN_GENERALIZED_TIME_SIZE)); ExpectNotNull(XMEMSET(data, 0, ASN_GENERALIZED_TIME_SIZE)); if (t != NULL) { t->type = ASN_UTC_TIME; t->length = ASN_UTC_TIME_SIZE; XMEMCPY(t->data, "500727123456Z", ASN_UTC_TIME_SIZE); } ExpectNotNull(gtime = wolfSSL_ASN1_TIME_to_generalizedtime(t, &out)); ExpectIntEQ(gtime->type, ASN_GENERALIZED_TIME); ExpectIntEQ(gtime->length, ASN_GENERALIZED_TIME_SIZE); ExpectStrEQ((char*)gtime->data, "19500727123456Z"); XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER); /* Null parameter test */ ExpectNotNull(XMEMSET(t, 0, ASN_GENERALIZED_TIME_SIZE)); gtime = NULL; out = NULL; if (t != NULL) { t->type = ASN_UTC_TIME; t->length = ASN_UTC_TIME_SIZE; XMEMCPY(t->data, "050727123456Z", ASN_UTC_TIME_SIZE); } ExpectNotNull(gtime = wolfSSL_ASN1_TIME_to_generalizedtime(t, NULL)); ExpectIntEQ(gtime->type, ASN_GENERALIZED_TIME); ExpectIntEQ(gtime->length, ASN_GENERALIZED_TIME_SIZE); ExpectStrEQ((char*)gtime->data, "20050727123456Z"); XFREE(gtime, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(t, NULL, DYNAMIC_TYPE_TMP_BUFFER); #endif return EXPECT_RESULT(); } static int test_wolfSSL_ASN1_TIME_print(void) { EXPECT_DECLS; #if !defined(NO_CERTS) && !defined(NO_RSA) && !defined(NO_BIO) && \ (defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) || \ defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || \ defined(OPENSSL_ALL)) && defined(USE_CERT_BUFFERS_2048) && \ !defined(NO_ASN_TIME) BIO* bio = NULL; BIO* fixed = NULL; X509* x509 = NULL; const unsigned char* der = client_cert_der_2048; ASN1_TIME* notAfter = NULL; ASN1_TIME* notBefore = NULL; unsigned char buf[25]; ExpectNotNull(bio = BIO_new(BIO_s_mem())); ExpectNotNull(fixed = BIO_new(wolfSSL_BIO_s_fixed_mem())); ExpectNotNull(x509 = wolfSSL_X509_load_certificate_buffer(der, sizeof_client_cert_der_2048, WOLFSSL_FILETYPE_ASN1)); ExpectNotNull(notBefore = X509_get_notBefore(x509)); ExpectIntEQ(ASN1_TIME_print(NULL, NULL), 0); ExpectIntEQ(ASN1_TIME_print(bio, NULL), 0); ExpectIntEQ(ASN1_TIME_print(NULL, notBefore), 0); ExpectIntEQ(ASN1_TIME_print(bio, notBefore), 1); ExpectIntEQ(BIO_read(bio, buf, sizeof(buf)), 24); ExpectIntEQ(XMEMCMP(buf, "Dec 13 22:19:28 2023 GMT", sizeof(buf) - 1), 0); /* Test BIO_write fails. */ ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1); /* Ensure there is 0 bytes available to write into. */ ExpectIntEQ(BIO_write(fixed, buf, 1), 1); ExpectIntEQ(ASN1_TIME_print(fixed, notBefore), 0); ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1); ExpectIntEQ(ASN1_TIME_print(fixed, notBefore), 0); ExpectIntEQ(BIO_set_write_buf_size(fixed, 23), 1); ExpectIntEQ(ASN1_TIME_print(fixed, notBefore), 0); /* create a bad time and test results */ ExpectNotNull(notAfter = X509_get_notAfter(x509)); ExpectIntEQ(ASN1_TIME_check(notAfter), 1); if (EXPECT_SUCCESS()) { notAfter->data[8] = 0; notAfter->data[3] = 0; } ExpectIntNE(ASN1_TIME_print(bio, notAfter), 1); ExpectIntEQ(BIO_read(bio, buf, sizeof(buf)), 14); ExpectIntEQ(XMEMCMP(buf, "Bad time value", 14), 0); ExpectIntEQ(ASN1_TIME_check(notAfter), 0); BIO_free(bio); BIO_free(fixed); X509_free(x509); #endif return EXPECT_RESULT(); } static int test_wolfSSL_ASN1_UTCTIME_print(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) && !defined(NO_BIO) BIO* bio = NULL; ASN1_UTCTIME* utc = NULL; unsigned char buf[25]; const char* validDate = "190424111501Z"; /* UTC = YYMMDDHHMMSSZ */ const char* invalidDate = "190424111501X"; /* UTC = YYMMDDHHMMSSZ */ const char* genDate = "20190424111501Z"; /* GEN = YYYYMMDDHHMMSSZ */ /* Valid date */ ExpectNotNull(bio = BIO_new(BIO_s_mem())); ExpectNotNull(utc = (ASN1_UTCTIME*)XMALLOC(sizeof(ASN1_UTCTIME), NULL, DYNAMIC_TYPE_ASN1)); if (utc != NULL) { utc->type = ASN_UTC_TIME; utc->length = ASN_UTC_TIME_SIZE; XMEMCPY(utc->data, (byte*)validDate, ASN_UTC_TIME_SIZE); } ExpectIntEQ(ASN1_UTCTIME_print(NULL, NULL), 0); ExpectIntEQ(ASN1_UTCTIME_print(bio, NULL), 0); ExpectIntEQ(ASN1_UTCTIME_print(NULL, utc), 0); ExpectIntEQ(ASN1_UTCTIME_print(bio, utc), 1); ExpectIntEQ(BIO_read(bio, buf, sizeof(buf)), 24); ExpectIntEQ(XMEMCMP(buf, "Apr 24 11:15:01 2019 GMT", sizeof(buf)-1), 0); XMEMSET(buf, 0, sizeof(buf)); BIO_free(bio); bio = NULL; /* Invalid format */ ExpectNotNull(bio = BIO_new(BIO_s_mem())); if (utc != NULL) { utc->type = ASN_UTC_TIME; utc->length = ASN_UTC_TIME_SIZE; XMEMCPY(utc->data, (byte*)invalidDate, ASN_UTC_TIME_SIZE); } ExpectIntEQ(ASN1_UTCTIME_print(bio, utc), 0); ExpectIntEQ(BIO_read(bio, buf, sizeof(buf)), 14); ExpectIntEQ(XMEMCMP(buf, "Bad time value", 14), 0); /* Invalid type */ if (utc != NULL) { utc->type = ASN_GENERALIZED_TIME; utc->length = ASN_GENERALIZED_TIME_SIZE; XMEMCPY(utc->data, (byte*)genDate, ASN_GENERALIZED_TIME_SIZE); } ExpectIntEQ(ASN1_UTCTIME_print(bio, utc), 0); XFREE(utc, NULL, DYNAMIC_TYPE_ASN1); BIO_free(bio); #endif /* OPENSSL_EXTRA && !NO_ASN_TIME && !NO_BIO */ return EXPECT_RESULT(); } static int test_wolfSSL_ASN1_TYPE(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD) || \ defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_WPAS) WOLFSSL_ASN1_TYPE* t = NULL; WOLFSSL_ASN1_OBJECT* obj = NULL; #ifndef NO_ASN_TIME WOLFSSL_ASN1_TIME* time = NULL; #endif WOLFSSL_ASN1_STRING* str = NULL; unsigned char data[] = { 0x00 }; ASN1_TYPE_set(NULL, V_ASN1_NULL, NULL); ExpectNotNull(t = wolfSSL_ASN1_TYPE_new()); ASN1_TYPE_set(t, V_ASN1_EOC, NULL); wolfSSL_ASN1_TYPE_free(t); t = NULL; ExpectNotNull(t = wolfSSL_ASN1_TYPE_new()); ASN1_TYPE_set(t, V_ASN1_NULL, NULL); ASN1_TYPE_set(t, V_ASN1_NULL, data); wolfSSL_ASN1_TYPE_free(t); t = NULL; ExpectNotNull(t = wolfSSL_ASN1_TYPE_new()); ExpectNotNull(obj = wolfSSL_ASN1_OBJECT_new()); ASN1_TYPE_set(t, V_ASN1_OBJECT, obj); wolfSSL_ASN1_TYPE_free(t); t = NULL; #ifndef NO_ASN_TIME ExpectNotNull(t = wolfSSL_ASN1_TYPE_new()); ExpectNotNull(time = wolfSSL_ASN1_TIME_new()); ASN1_TYPE_set(t, V_ASN1_UTCTIME, time); wolfSSL_ASN1_TYPE_free(t); t = NULL; ExpectNotNull(t = wolfSSL_ASN1_TYPE_new()); ExpectNotNull(time = wolfSSL_ASN1_TIME_new()); ASN1_TYPE_set(t, V_ASN1_GENERALIZEDTIME, time); wolfSSL_ASN1_TYPE_free(t); t = NULL; #endif ExpectNotNull(t = wolfSSL_ASN1_TYPE_new()); ExpectNotNull(str = wolfSSL_ASN1_STRING_new()); ASN1_TYPE_set(t, V_ASN1_UTF8STRING, str); wolfSSL_ASN1_TYPE_free(t); t = NULL; ExpectNotNull(t = wolfSSL_ASN1_TYPE_new()); ExpectNotNull(str = wolfSSL_ASN1_STRING_new()); ASN1_TYPE_set(t, V_ASN1_PRINTABLESTRING, str); wolfSSL_ASN1_TYPE_free(t); t = NULL; ExpectNotNull(t = wolfSSL_ASN1_TYPE_new()); ExpectNotNull(str = wolfSSL_ASN1_STRING_new()); ASN1_TYPE_set(t, V_ASN1_T61STRING, str); wolfSSL_ASN1_TYPE_free(t); t = NULL; ExpectNotNull(t = wolfSSL_ASN1_TYPE_new()); ExpectNotNull(str = wolfSSL_ASN1_STRING_new()); ASN1_TYPE_set(t, V_ASN1_IA5STRING, str); wolfSSL_ASN1_TYPE_free(t); t = NULL; ExpectNotNull(t = wolfSSL_ASN1_TYPE_new()); ExpectNotNull(str = wolfSSL_ASN1_STRING_new()); ASN1_TYPE_set(t, V_ASN1_UNIVERSALSTRING, str); wolfSSL_ASN1_TYPE_free(t); t = NULL; ExpectNotNull(t = wolfSSL_ASN1_TYPE_new()); ExpectNotNull(str = wolfSSL_ASN1_STRING_new()); ASN1_TYPE_set(t, V_ASN1_SEQUENCE, str); wolfSSL_ASN1_TYPE_free(t); t = NULL; #endif return EXPECT_RESULT(); } /* Testing code used in dpp.c in hostap */ #if defined(OPENSSL_ALL) && defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256) typedef struct { /* AlgorithmIdentifier ecPublicKey with optional parameters present * as an OID identifying the curve */ X509_ALGOR *alg; /* Compressed format public key per ANSI X9.63 */ ASN1_BIT_STRING *pub_key; } DPP_BOOTSTRAPPING_KEY; ASN1_SEQUENCE(DPP_BOOTSTRAPPING_KEY) = { ASN1_SIMPLE(DPP_BOOTSTRAPPING_KEY, alg, X509_ALGOR), ASN1_SIMPLE(DPP_BOOTSTRAPPING_KEY, pub_key, ASN1_BIT_STRING) } ASN1_SEQUENCE_END(DPP_BOOTSTRAPPING_KEY) IMPLEMENT_ASN1_FUNCTIONS(DPP_BOOTSTRAPPING_KEY) typedef struct { ASN1_INTEGER *integer; } TEST_ASN1; ASN1_SEQUENCE(TEST_ASN1) = { ASN1_SIMPLE(TEST_ASN1, integer, ASN1_INTEGER), } ASN1_SEQUENCE_END(TEST_ASN1) IMPLEMENT_ASN1_FUNCTIONS(TEST_ASN1) typedef struct { ASN1_OCTET_STRING *octet_string; } TEST_FAIL_ASN1; #define WOLFSSL_ASN1_OCTET_STRING_ASN1 4 ASN1_SEQUENCE(TEST_FAIL_ASN1) = { ASN1_SIMPLE(TEST_FAIL_ASN1, octet_string, ASN1_OCTET_STRING), } ASN1_SEQUENCE_END(TEST_FAIL_ASN1) IMPLEMENT_ASN1_FUNCTIONS(TEST_FAIL_ASN1) #endif static int test_wolfSSL_IMPLEMENT_ASN1_FUNCTIONS(void) { EXPECT_DECLS; /* Testing code used in dpp.c in hostap */ #if defined(OPENSSL_ALL) && defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) EC_KEY *eckey = NULL; EVP_PKEY *key = NULL; size_t len = 0; unsigned char *der = NULL; DPP_BOOTSTRAPPING_KEY *bootstrap = NULL; const unsigned char *in = ecc_clikey_der_256; WOLFSSL_ASN1_OBJECT* ec_obj = NULL; WOLFSSL_ASN1_OBJECT* group_obj = NULL; const EC_GROUP *group = NULL; const EC_POINT *point = NULL; int nid; TEST_ASN1 *test_asn1 = NULL; TEST_FAIL_ASN1 test_fail_asn1; const unsigned char badObjDer[] = { 0x06, 0x00 }; const unsigned char goodObjDer[] = { 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01 }; WOLFSSL_ASN1_ITEM emptyTemplate; XMEMSET(&emptyTemplate, 0, sizeof(WOLFSSL_ASN1_ITEM)); ExpectNotNull(bootstrap = DPP_BOOTSTRAPPING_KEY_new()); der = NULL; ExpectIntEQ(i2d_DPP_BOOTSTRAPPING_KEY(NULL, &der), 0); ExpectIntEQ(wolfSSL_ASN1_item_i2d(bootstrap, &der, NULL), 0); ExpectIntEQ(i2d_DPP_BOOTSTRAPPING_KEY(bootstrap, &der), 0); ExpectNotNull(key = d2i_PrivateKey(EVP_PKEY_EC, NULL, &in, (long)sizeof_ecc_clikey_der_256)); ExpectNotNull(eckey = EVP_PKEY_get1_EC_KEY(key)); ExpectNotNull(group = EC_KEY_get0_group(eckey)); ExpectNotNull(point = EC_KEY_get0_public_key(eckey)); nid = EC_GROUP_get_curve_name(group); ec_obj = OBJ_nid2obj(EVP_PKEY_EC); group_obj = OBJ_nid2obj(nid); if ((ec_obj != NULL) && (group_obj != NULL)) { ExpectIntEQ(X509_ALGOR_set0(bootstrap->alg, ec_obj, V_ASN1_OBJECT, group_obj), 1); if (EXPECT_SUCCESS()) { ec_obj = NULL; group_obj = NULL; } } wolfSSL_ASN1_OBJECT_free(group_obj); wolfSSL_ASN1_OBJECT_free(ec_obj); ExpectIntEQ(EC_POINT_point2oct(group, point, 0, NULL, 0, NULL), 0); #ifdef HAVE_COMP_KEY ExpectIntGT((len = EC_POINT_point2oct( group, point, POINT_CONVERSION_COMPRESSED, NULL, 0, NULL)), 0); #else ExpectIntGT((len = EC_POINT_point2oct( group, point, POINT_CONVERSION_UNCOMPRESSED, NULL, 0, NULL)), 0); #endif ExpectNotNull(der = (unsigned char*)XMALLOC(len, NULL, DYNAMIC_TYPE_ASN1)); #ifdef HAVE_COMP_KEY ExpectIntEQ(EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, der, len-1, NULL), 0); ExpectIntEQ(EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, der, len, NULL), len); #else ExpectIntEQ(EC_POINT_point2oct(group, point, POINT_CONVERSION_UNCOMPRESSED, der, len-1, NULL), 0); ExpectIntEQ(EC_POINT_point2oct(group, point, POINT_CONVERSION_UNCOMPRESSED, der, len, NULL), len); #endif if (EXPECT_SUCCESS()) { bootstrap->pub_key->data = der; bootstrap->pub_key->length = (int)len; /* Not actually used */ bootstrap->pub_key->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); bootstrap->pub_key->flags |= ASN1_STRING_FLAG_BITS_LEFT; } ExpectIntGT(i2d_DPP_BOOTSTRAPPING_KEY(bootstrap, NULL), 0); der = NULL; ExpectIntGT(i2d_DPP_BOOTSTRAPPING_KEY(bootstrap, &der), 0); ExpectIntGT(i2d_DPP_BOOTSTRAPPING_KEY(bootstrap, &der), 0); XFREE(der, NULL, DYNAMIC_TYPE_ASN1); EVP_PKEY_free(key); EC_KEY_free(eckey); DPP_BOOTSTRAPPING_KEY_free(bootstrap); bootstrap = NULL; DPP_BOOTSTRAPPING_KEY_free(NULL); /* Create bootstrap key with bad OBJECT_ID DER data, parameter that is * a NULL and an empty BIT_STRING. */ ExpectNotNull(bootstrap = DPP_BOOTSTRAPPING_KEY_new()); ExpectNotNull(bootstrap->alg->algorithm = wolfSSL_ASN1_OBJECT_new()); if (EXPECT_SUCCESS()) { bootstrap->alg->algorithm->obj = badObjDer; bootstrap->alg->algorithm->objSz = (unsigned int)sizeof(badObjDer); } ExpectNotNull(bootstrap->alg->parameter = wolfSSL_ASN1_TYPE_new()); if (EXPECT_SUCCESS()) { bootstrap->alg->parameter->type = V_ASN1_NULL; bootstrap->alg->parameter->value.ptr = NULL; bootstrap->pub_key->data = NULL; bootstrap->pub_key->length = 0; /* Not actually used */ bootstrap->pub_key->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); bootstrap->pub_key->flags |= ASN1_STRING_FLAG_BITS_LEFT; } /* Encode with bad OBJECT_ID. */ der = NULL; ExpectIntEQ(i2d_DPP_BOOTSTRAPPING_KEY(bootstrap, &der), 0); /* Fix OBJECT_ID and encode with empty BIT_STRING. */ if (EXPECT_SUCCESS()) { bootstrap->alg->algorithm->obj = goodObjDer; bootstrap->alg->algorithm->objSz = (unsigned int)sizeof(goodObjDer); bootstrap->alg->algorithm->grp = 2; } der = NULL; ExpectIntEQ(i2d_DPP_BOOTSTRAPPING_KEY(bootstrap, &der), 16); ExpectIntEQ(wolfSSL_ASN1_item_i2d(bootstrap, &der, &emptyTemplate), 0); XFREE(der, NULL, DYNAMIC_TYPE_ASN1); DPP_BOOTSTRAPPING_KEY_free(bootstrap); /* Test integer */ ExpectNotNull(test_asn1 = TEST_ASN1_new()); der = NULL; ExpectIntEQ(ASN1_INTEGER_set(test_asn1->integer, 100), 1); ExpectIntEQ(i2d_TEST_ASN1(test_asn1, &der), 5); XFREE(der, NULL, DYNAMIC_TYPE_ASN1); TEST_ASN1_free(test_asn1); /* Test integer cases. */ ExpectNull(wolfSSL_ASN1_item_new(NULL)); TEST_ASN1_free(NULL); /* Test error cases. */ ExpectNull(TEST_FAIL_ASN1_new()); ExpectNull(wolfSSL_ASN1_item_new(NULL)); TEST_FAIL_ASN1_free(NULL); XMEMSET(&test_fail_asn1, 0, sizeof(TEST_FAIL_ASN1)); ExpectIntEQ(i2d_TEST_FAIL_ASN1(&test_fail_asn1, &der), 0); #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ #endif /* OPENSSL_ALL && HAVE_ECC && USE_CERT_BUFFERS_256 */ return EXPECT_RESULT(); } static int test_wolfSSL_lhash(void) { EXPECT_DECLS; #ifdef OPENSSL_ALL const char testStr[] = "Like a true nature's child\n" "We were born\n" "Born to be wild"; #ifdef NO_SHA ExpectIntEQ(lh_strhash(testStr), 0xf9dc8a43); #else ExpectIntEQ(lh_strhash(testStr), 0x5b7541dc); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_NAME(void) { EXPECT_DECLS; #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \ !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \ !defined(NO_RSA) && defined(WOLFSSL_CERT_GEN) && \ (defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT) || \ defined(OPENSSL_EXTRA)) X509* x509 = NULL; const unsigned char* c = NULL; unsigned char buf[4096]; int bytes = 0; XFILE f = XBADFILE; const X509_NAME* a = NULL; const X509_NAME* b = NULL; X509_NAME* d2i_name = NULL; int sz = 0; unsigned char* tmp = NULL; char file[] = "./certs/ca-cert.der"; #ifndef OPENSSL_EXTRA_X509_SMALL byte empty[] = { /* CN=empty emailAddress= */ 0x30, 0x21, 0x31, 0x0E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x05, 0x65, 0x6D, 0x70, 0x74, 0x79, 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x00 }; #endif #ifndef OPENSSL_EXTRA_X509_SMALL /* test compile of deprecated function, returns 0 */ ExpectIntEQ(CRYPTO_thread_id(), 0); #endif ExpectNotNull(a = X509_NAME_new()); X509_NAME_free((X509_NAME*)a); a = NULL; ExpectTrue((f = XFOPEN(file, "rb")) != XBADFILE); ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0); if (f != XBADFILE) XFCLOSE(f); c = buf; ExpectNotNull(x509 = wolfSSL_X509_d2i_ex(NULL, c, bytes, HEAP_HINT)); /* test cmp function */ ExpectNotNull(a = X509_get_issuer_name(x509)); ExpectNotNull(b = X509_get_subject_name(x509)); #ifndef OPENSSL_EXTRA_X509_SMALL ExpectIntEQ(X509_NAME_cmp(a, b), 0); /* self signed should be 0 */ #endif tmp = buf; ExpectIntGT((sz = i2d_X509_NAME((X509_NAME*)a, &tmp)), 0); if (sz > 0 && tmp == buf) { fprintf(stderr, "\nERROR - %s line %d failed with:", __FILE__, __LINE__); fprintf(stderr, " Expected pointer to be incremented\n"); abort(); } #ifndef OPENSSL_EXTRA_X509_SMALL tmp = buf; ExpectNotNull(d2i_name = d2i_X509_NAME(NULL, &tmp, sz)); #endif /* if output parameter is NULL, should still return required size. */ ExpectIntGT((sz = i2d_X509_NAME((X509_NAME*)b, NULL)), 0); /* retry but with the function creating a buffer */ tmp = NULL; ExpectIntGT((sz = i2d_X509_NAME((X509_NAME*)b, &tmp)), 0); XFREE(tmp, NULL, DYNAMIC_TYPE_OPENSSL); tmp = NULL; #ifdef WOLFSSL_CERT_NAME_ALL /* test for givenName and name */ { WOLFSSL_X509_NAME_ENTRY* entry = NULL; const byte gName[] = "test-given-name"; const byte name[] = "test-name"; ExpectNotNull(entry = wolfSSL_X509_NAME_ENTRY_create_by_NID(NULL, NID_givenName, ASN_UTF8STRING, gName, sizeof(gName))); ExpectIntEQ(wolfSSL_X509_NAME_add_entry((X509_NAME*)b, entry, -1, 0), 1); wolfSSL_X509_NAME_ENTRY_free(entry); entry = NULL; ExpectNotNull(entry = wolfSSL_X509_NAME_ENTRY_create_by_NID(NULL, NID_name, ASN_UTF8STRING, name, sizeof(name))); ExpectIntEQ(wolfSSL_X509_NAME_add_entry((X509_NAME*)b, entry, -1, 0), 1); wolfSSL_X509_NAME_ENTRY_free(entry); tmp = NULL; ExpectIntGT((sz = i2d_X509_NAME((X509_NAME*)b, &tmp)), 0); XFREE(tmp, NULL, DYNAMIC_TYPE_OPENSSL); } #endif b = NULL; ExpectNotNull(b = X509_NAME_dup((X509_NAME*)a)); #ifndef OPENSSL_EXTRA_X509_SMALL ExpectIntEQ(X509_NAME_cmp(a, b), 0); #endif X509_NAME_free((X509_NAME*)b); X509_NAME_free(d2i_name); d2i_name = NULL; X509_free(x509); #ifndef OPENSSL_EXTRA_X509_SMALL /* test with an empty domain component */ tmp = empty; sz = sizeof(empty); ExpectNotNull(d2i_name = d2i_X509_NAME(NULL, &tmp, sz)); ExpectIntEQ(X509_NAME_entry_count(d2i_name), 2); /* size of empty emailAddress will be 0 */ tmp = buf; ExpectIntEQ(X509_NAME_get_text_by_NID(d2i_name, NID_emailAddress, (char*)tmp, sizeof(buf)), 0); /* should contain no organization name */ tmp = buf; ExpectIntEQ(X509_NAME_get_text_by_NID(d2i_name, NID_organizationName, (char*)tmp, sizeof(buf)), -1); X509_NAME_free(d2i_name); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_NAME_hash(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && \ !defined(NO_RSA) && !defined(NO_SHA) && !defined(NO_BIO) BIO* bio = NULL; X509* x509 = NULL; ExpectNotNull(bio = BIO_new(BIO_s_file())); ExpectIntGT(BIO_read_filename(bio, svrCertFile), 0); ExpectNotNull(PEM_read_bio_X509(bio, &x509, NULL, NULL)); ExpectIntEQ(X509_NAME_hash(X509_get_subject_name(x509)), 0x137DC03F); ExpectIntEQ(X509_NAME_hash(X509_get_issuer_name(x509)), 0xFDB2DA4); X509_free(x509); BIO_free(bio); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_NAME_print_ex(void) { EXPECT_DECLS; #if (defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && \ (defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \ defined(HAVE_LIGHTY) || defined(WOLFSSL_HAPROXY) || \ defined(WOLFSSL_OPENSSH) || defined(HAVE_SBLIM_SFCB)))) && \ !defined(NO_BIO) && !defined(NO_RSA) int memSz = 0; byte* mem = NULL; BIO* bio = NULL; BIO* membio = NULL; X509* x509 = NULL; X509_NAME* name = NULL; const char* expNormal = "C=US, CN=wolfssl.com"; const char* expReverse = "CN=wolfssl.com, C=US"; const char* expNotEscaped = "C= US,+\"\\ , CN=#wolfssl.com<>;"; const char* expNotEscapedRev = "CN=#wolfssl.com<>;, C= US,+\"\\ "; const char* expRFC5523 = "CN=\\#wolfssl.com\\<\\>\\;, C=\\ US\\,\\+\\\"\\\\\\ "; /* Test with real cert (svrCertFile) first */ ExpectNotNull(bio = BIO_new(BIO_s_file())); ExpectIntGT(BIO_read_filename(bio, svrCertFile), 0); ExpectNotNull(PEM_read_bio_X509(bio, &x509, NULL, NULL)); ExpectNotNull(name = X509_get_subject_name(x509)); /* Test without flags */ ExpectNotNull(membio = BIO_new(BIO_s_mem())); ExpectIntEQ(X509_NAME_print_ex(membio, name, 0, 0), WOLFSSL_SUCCESS); BIO_free(membio); membio = NULL; /* Test flag: XN_FLAG_RFC2253 */ ExpectNotNull(membio = BIO_new(BIO_s_mem())); ExpectIntEQ(X509_NAME_print_ex(membio, name, 0, XN_FLAG_RFC2253), WOLFSSL_SUCCESS); BIO_free(membio); membio = NULL; /* Test flag: XN_FLAG_RFC2253 | XN_FLAG_DN_REV */ ExpectNotNull(membio = BIO_new(BIO_s_mem())); ExpectIntEQ(X509_NAME_print_ex(membio, name, 0, XN_FLAG_RFC2253 | XN_FLAG_DN_REV), WOLFSSL_SUCCESS); BIO_free(membio); membio = NULL; X509_free(x509); BIO_free(bio); name = NULL; /* Test normal case without escaped characters */ { /* Create name: "/C=US/CN=wolfssl.com" */ ExpectNotNull(name = X509_NAME_new()); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8, (byte*)"US", 2, -1, 0), WOLFSSL_SUCCESS); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8, (byte*)"wolfssl.com", 11, -1, 0), WOLFSSL_SUCCESS); /* Test without flags */ ExpectNotNull(membio = BIO_new(BIO_s_mem())); ExpectIntEQ(X509_NAME_print_ex(membio, name, 0, 0), WOLFSSL_SUCCESS); ExpectIntGE((memSz = BIO_get_mem_data(membio, &mem)), 0); ExpectIntEQ(memSz, XSTRLEN(expNormal)); ExpectIntEQ(XSTRNCMP((char*)mem, expNormal, XSTRLEN(expNormal)), 0); BIO_free(membio); membio = NULL; /* Test flags: XN_FLAG_RFC2253 - should be reversed */ ExpectNotNull(membio = BIO_new(BIO_s_mem())); ExpectIntEQ(X509_NAME_print_ex(membio, name, 0, XN_FLAG_RFC2253), WOLFSSL_SUCCESS); ExpectIntGE((memSz = BIO_get_mem_data(membio, &mem)), 0); ExpectIntEQ(memSz, XSTRLEN(expReverse)); BIO_free(membio); membio = NULL; /* Test flags: XN_FLAG_DN_REV - reversed */ ExpectNotNull(membio = BIO_new(BIO_s_mem())); ExpectIntEQ(X509_NAME_print_ex(membio, name, 0, XN_FLAG_DN_REV), WOLFSSL_SUCCESS); ExpectIntGE((memSz = BIO_get_mem_data(membio, &mem)), 0); ExpectIntEQ(memSz, XSTRLEN(expReverse)); ExpectIntEQ(XSTRNCMP((char*)mem, expReverse, XSTRLEN(expReverse)), 0); BIO_free(membio); membio = NULL; X509_NAME_free(name); name = NULL; } /* Test RFC2253 characters are escaped with backslashes */ { ExpectNotNull(name = X509_NAME_new()); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", /* space at beginning and end, and: ,+"\ */ MBSTRING_UTF8, (byte*)" US,+\"\\ ", 8, -1, 0), WOLFSSL_SUCCESS); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", /* # at beginning, and: <>;*/ MBSTRING_UTF8, (byte*)"#wolfssl.com<>;", 15, -1, 0), WOLFSSL_SUCCESS); /* Test without flags */ ExpectNotNull(membio = BIO_new(BIO_s_mem())); ExpectIntEQ(X509_NAME_print_ex(membio, name, 0, 0), WOLFSSL_SUCCESS); ExpectIntGE((memSz = BIO_get_mem_data(membio, &mem)), 0); ExpectIntEQ(memSz, XSTRLEN(expNotEscaped)); ExpectIntEQ(XSTRNCMP((char*)mem, expNotEscaped, XSTRLEN(expNotEscaped)), 0); BIO_free(membio); membio = NULL; /* Test flags: XN_FLAG_RFC5523 - should be reversed and escaped */ ExpectNotNull(membio = BIO_new(BIO_s_mem())); ExpectIntEQ(X509_NAME_print_ex(membio, name, 0, XN_FLAG_RFC2253), WOLFSSL_SUCCESS); ExpectIntGE((memSz = BIO_get_mem_data(membio, &mem)), 0); ExpectIntEQ(memSz, XSTRLEN(expRFC5523)); ExpectIntEQ(XSTRNCMP((char*)mem, expRFC5523, XSTRLEN(expRFC5523)), 0); BIO_free(membio); membio = NULL; /* Test flags: XN_FLAG_DN_REV - reversed but not escaped */ ExpectNotNull(membio = BIO_new(BIO_s_mem())); ExpectIntEQ(X509_NAME_print_ex(membio, name, 0, XN_FLAG_DN_REV), WOLFSSL_SUCCESS); ExpectIntGE((memSz = BIO_get_mem_data(membio, &mem)), 0); ExpectIntEQ(memSz, XSTRLEN(expNotEscapedRev)); ExpectIntEQ(XSTRNCMP((char*)mem, expNotEscapedRev, XSTRLEN(expNotEscapedRev)), 0); BIO_free(membio); X509_NAME_free(name); } #endif return EXPECT_RESULT(); } #ifndef NO_BIO static int test_wolfSSL_X509_INFO_multiple_info(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_RSA) STACK_OF(X509_INFO) *info_stack = NULL; X509_INFO *info = NULL; int len; int i; const char* files[] = { cliCertFile, cliKeyFile, /* This needs to be the order as svrCertFile contains the * intermediate cert as well. */ svrKeyFile, svrCertFile, NULL, }; const char** curFile; BIO *fileBIO = NULL; BIO *concatBIO = NULL; byte tmp[FOURK_BUF]; /* concatenate the cert and the key file to force PEM_X509_INFO_read_bio * to group objects together. */ ExpectNotNull(concatBIO = BIO_new(BIO_s_mem())); for (curFile = files; EXPECT_SUCCESS() && *curFile != NULL; curFile++) { int fileLen = 0; ExpectNotNull(fileBIO = BIO_new_file(*curFile, "rb")); ExpectIntGT(fileLen = wolfSSL_BIO_get_len(fileBIO), 0); if (EXPECT_SUCCESS()) { while ((len = BIO_read(fileBIO, tmp, sizeof(tmp))) > 0) { ExpectIntEQ(BIO_write(concatBIO, tmp, len), len); fileLen -= len; if (EXPECT_FAIL()) break; } /* Make sure we read the entire file */ ExpectIntEQ(fileLen, 0); } BIO_free(fileBIO); fileBIO = NULL; } ExpectNotNull(info_stack = PEM_X509_INFO_read_bio(concatBIO, NULL, NULL, NULL)); ExpectIntEQ(sk_X509_INFO_num(info_stack), 3); for (i = 0; i < sk_X509_INFO_num(info_stack); i++) { ExpectNotNull(info = sk_X509_INFO_value(info_stack, i)); ExpectNotNull(info->x509); ExpectNull(info->crl); if (i != 0) { ExpectNotNull(info->x_pkey); ExpectIntEQ(X509_check_private_key(info->x509, info->x_pkey->dec_pkey), 1); } else { ExpectNull(info->x_pkey); } } sk_X509_INFO_pop_free(info_stack, X509_INFO_free); BIO_free(concatBIO); #endif return EXPECT_RESULT(); } #endif #ifndef NO_BIO static int test_wolfSSL_X509_INFO(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_RSA) STACK_OF(X509_INFO) *info_stack = NULL; X509_INFO *info = NULL; BIO *cert = NULL; int i; /* PEM in hex format to avoid null terminator */ byte data[] = { 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x43, 0x45, 0x52, 0x54, 0x63, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x0a, 0x4d, 0x49, 0x49, 0x44, 0x4d, 0x54, 0x42, 0x75, 0x51, 0x3d, 0x0a, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x45, 0x4e, 0x44, 0x20, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d }; /* PEM in hex format to avoid null terminator */ byte data2[] = { 0x41, 0x53, 0x4e, 0x31, 0x20, 0x4f, 0x49, 0x44, 0x3a, 0x20, 0x70, 0x72, 0x69, 0x6d, 0x65, 0x32, 0x35, 0x36, 0x76, 0x31, 0x0a, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x45, 0x43, 0x20, 0x50, 0x41, 0x52, 0x41, 0x4d, 0x45, 0x54, 0x45, 0x52, 0x53, 0x2d, 0x2d, 0x2d, 0x2d, 0x43, 0x65, 0x72, 0x74, 0x69, 0x2d, 0x0a, 0x42, 0x67, 0x67, 0x71, 0x68, 0x6b, 0x6a, 0x4f, 0x50, 0x51, 0x4d, 0x42, 0x42, 0x77, 0x3d, 0x3d, 0x0a, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d }; ExpectNotNull(cert = BIO_new_file(cliCertFileExt, "rb")); ExpectNotNull(info_stack = PEM_X509_INFO_read_bio(cert, NULL, NULL, NULL)); for (i = 0; i < sk_X509_INFO_num(info_stack); i++) { ExpectNotNull(info = sk_X509_INFO_value(info_stack, i)); ExpectNotNull(info->x509); ExpectNull(info->crl); ExpectNull(info->x_pkey); } sk_X509_INFO_pop_free(info_stack, X509_INFO_free); info_stack = NULL; BIO_free(cert); cert = NULL; ExpectNotNull(cert = BIO_new_file(cliCertFileExt, "rb")); ExpectNotNull(info_stack = PEM_X509_INFO_read_bio(cert, NULL, NULL, NULL)); sk_X509_INFO_pop_free(info_stack, X509_INFO_free); info_stack = NULL; BIO_free(cert); cert = NULL; /* This case should fail due to invalid input. */ ExpectNotNull(cert = BIO_new(BIO_s_mem())); ExpectIntEQ(BIO_write(cert, data, sizeof(data)), sizeof(data)); ExpectNull(info_stack = PEM_X509_INFO_read_bio(cert, NULL, NULL, NULL)); sk_X509_INFO_pop_free(info_stack, X509_INFO_free); info_stack = NULL; BIO_free(cert); cert = NULL; ExpectNotNull(cert = BIO_new(BIO_s_mem())); ExpectIntEQ(BIO_write(cert, data2, sizeof(data2)), sizeof(data2)); ExpectNull(info_stack = PEM_X509_INFO_read_bio(cert, NULL, NULL, NULL)); sk_X509_INFO_pop_free(info_stack, X509_INFO_free); BIO_free(cert); #endif return EXPECT_RESULT(); } #endif static int test_wolfSSL_X509_subject_name_hash(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \ !defined(NO_RSA) && (!defined(NO_SHA) || !defined(NO_SHA256)) X509* x509 = NULL; X509_NAME* subjectName = NULL; unsigned long ret1 = 0; unsigned long ret2 = 0; ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile, SSL_FILETYPE_PEM)); ExpectNotNull(subjectName = wolfSSL_X509_get_subject_name(x509)); /* These two * - X509_subject_name_hash(x509) * - X509_NAME_hash(X509_get_subject_name(x509)) * should give the same hash, if !defined(NO_SHA) is true. */ ret1 = X509_subject_name_hash(x509); ExpectIntNE(ret1, 0); #if !defined(NO_SHA) ret2 = X509_NAME_hash(X509_get_subject_name(x509)); ExpectIntNE(ret2, 0); ExpectIntEQ(ret1, ret2); #else (void) ret2; #endif X509_free(x509); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_issuer_name_hash(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) \ && !defined(NO_RSA) && (!defined(NO_SHA) || !defined(NO_SHA256)) X509* x509 = NULL; X509_NAME* issuertName = NULL; unsigned long ret1 = 0; unsigned long ret2 = 0; ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile, SSL_FILETYPE_PEM)); ExpectNotNull(issuertName = wolfSSL_X509_get_issuer_name(x509)); /* These two * - X509_issuer_name_hash(x509) * - X509_NAME_hash(X509_get_issuer_name(x509)) * should give the same hash, if !defined(NO_SHA) is true. */ ret1 = X509_issuer_name_hash(x509); ExpectIntNE(ret1, 0); #if !defined(NO_SHA) ret2 = X509_NAME_hash(X509_get_issuer_name(x509)); ExpectIntNE(ret2, 0); ExpectIntEQ(ret1, ret2); #else (void) ret2; #endif X509_free(x509); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_check_host(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) \ && !defined(NO_SHA) && !defined(NO_RSA) X509* x509 = NULL; const char altName[] = "example.com"; ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile, SSL_FILETYPE_PEM)); ExpectIntEQ(X509_check_host(x509, altName, XSTRLEN(altName), 0, NULL), WOLFSSL_SUCCESS); ExpectIntEQ(X509_check_host(x509, NULL, 0, 0, NULL), WOLFSSL_FAILURE); X509_free(x509); ExpectIntEQ(X509_check_host(NULL, altName, XSTRLEN(altName), 0, NULL), WOLFSSL_FAILURE); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_check_email(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && !defined(NO_RSA) X509* x509 = NULL; const char goodEmail[] = "info@wolfssl.com"; const char badEmail[] = "disinfo@wolfssl.com"; ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile, SSL_FILETYPE_PEM)); /* Should fail on non-matching email address */ ExpectIntEQ(wolfSSL_X509_check_email(x509, badEmail, XSTRLEN(badEmail), 0), WOLFSSL_FAILURE); /* Should succeed on matching email address */ ExpectIntEQ(wolfSSL_X509_check_email(x509, goodEmail, XSTRLEN(goodEmail), 0), WOLFSSL_SUCCESS); /* Should compute length internally when not provided */ ExpectIntEQ(wolfSSL_X509_check_email(x509, goodEmail, 0, 0), WOLFSSL_SUCCESS); /* Should fail when email address is NULL */ ExpectIntEQ(wolfSSL_X509_check_email(x509, NULL, 0, 0), WOLFSSL_FAILURE); X509_free(x509); /* Should fail when x509 is NULL */ ExpectIntEQ(wolfSSL_X509_check_email(NULL, goodEmail, 0, 0), WOLFSSL_FAILURE); #endif /* OPENSSL_EXTRA && WOLFSSL_CERT_GEN */ return EXPECT_RESULT(); } static int test_wc_PemToDer(void) { EXPECT_DECLS; #if !defined(NO_CERTS) && defined(WOLFSSL_PEM_TO_DER) && !defined(NO_FILESYSTEM) int ret; DerBuffer* pDer = NULL; const char* ca_cert = "./certs/server-cert.pem"; byte* cert_buf = NULL; size_t cert_sz = 0; int eccKey = 0; EncryptedInfo info; XMEMSET(&info, 0, sizeof(info)); ExpectIntEQ(ret = load_file(ca_cert, &cert_buf, &cert_sz), 0); ExpectIntEQ(ret = wc_PemToDer(cert_buf, cert_sz, CERT_TYPE, &pDer, NULL, &info, &eccKey), 0); wc_FreeDer(&pDer); pDer = NULL; if (cert_buf != NULL) { free(cert_buf); cert_buf = NULL; } #ifdef HAVE_ECC { const char* ecc_private_key = "./certs/ecc-privOnlyKey.pem"; byte key_buf[256] = {0}; /* Test fail of loading a key with cert type */ ExpectIntEQ(load_file(ecc_private_key, &cert_buf, &cert_sz), 0); key_buf[0] = '\n'; ExpectNotNull(XMEMCPY(key_buf + 1, cert_buf, cert_sz)); ExpectIntNE((ret = wc_PemToDer(key_buf, cert_sz + 1, CERT_TYPE, &pDer, NULL, &info, &eccKey)), 0); #ifdef OPENSSL_EXTRA ExpectIntEQ((ret = wc_PemToDer(key_buf, cert_sz + 1, PRIVATEKEY_TYPE, &pDer, NULL, &info, &eccKey)), 0); #endif wc_FreeDer(&pDer); if (cert_buf != NULL) free(cert_buf); } #endif #endif return EXPECT_RESULT(); } static int test_wc_AllocDer(void) { EXPECT_DECLS; #if !defined(NO_CERTS) DerBuffer* pDer = NULL; word32 testSize = 1024; ExpectIntEQ(wc_AllocDer(NULL, testSize, CERT_TYPE, HEAP_HINT), BAD_FUNC_ARG); ExpectIntEQ(wc_AllocDer(&pDer, testSize, CERT_TYPE, HEAP_HINT), 0); ExpectNotNull(pDer); wc_FreeDer(&pDer); #endif return EXPECT_RESULT(); } static int test_wc_CertPemToDer(void) { EXPECT_DECLS; #if !defined(NO_CERTS) && defined(WOLFSSL_PEM_TO_DER) && !defined(NO_FILESYSTEM) const char* ca_cert = "./certs/ca-cert.pem"; byte* cert_buf = NULL; size_t cert_sz = 0; size_t cert_dersz = 0; byte* cert_der = NULL; ExpectIntEQ(load_file(ca_cert, &cert_buf, &cert_sz), 0); cert_dersz = cert_sz; /* DER will be smaller than PEM */ ExpectNotNull(cert_der = (byte*)malloc(cert_dersz)); ExpectIntGE(wc_CertPemToDer(cert_buf, (int)cert_sz, cert_der, (int)cert_dersz, CERT_TYPE), 0); ExpectIntEQ(wc_CertPemToDer(NULL, (int)cert_sz, NULL, -1, CERT_TYPE), BAD_FUNC_ARG); ExpectIntEQ(wc_CertPemToDer(cert_buf, (int)cert_sz, NULL, -1, CERT_TYPE), BAD_FUNC_ARG); ExpectIntEQ(wc_CertPemToDer(NULL, (int)cert_sz, cert_der, -1, CERT_TYPE), BAD_FUNC_ARG); ExpectIntEQ(wc_CertPemToDer(NULL, (int)cert_sz, NULL, (int)cert_dersz, CERT_TYPE), BAD_FUNC_ARG); ExpectIntEQ(wc_CertPemToDer(NULL, (int)cert_sz, cert_der, (int)cert_dersz, CERT_TYPE), BAD_FUNC_ARG); ExpectIntEQ(wc_CertPemToDer(cert_buf, (int)cert_sz, NULL, (int)cert_dersz, CERT_TYPE), BAD_FUNC_ARG); ExpectIntEQ(wc_CertPemToDer(cert_buf, (int)cert_sz, cert_der, -1, CERT_TYPE), BAD_FUNC_ARG); if (cert_der != NULL) free(cert_der); if (cert_buf != NULL) free(cert_buf); #endif return EXPECT_RESULT(); } static int test_wc_KeyPemToDer(void) { EXPECT_DECLS; #if defined(WOLFSSL_PEM_TO_DER) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) int ret = 0; const byte cert_buf[] = \ "-----BEGIN PRIVATE KEY-----\n" "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDMG5KgWxP002pA\n" "QJIdA4H5N0oM1Wf0LrHcos5RYUlrHDkC2b5p2BUpVRPmgDAFD2+8leim98x0BvcB\n" "k48TNzrVynuwyVEY664+iQyzEBO5v27HPRydOddprbLCvRO036XINGIjauy1jHFi\n" "HaDVx3bexSwgp9aefUGAszFXi4q1J4GacV7Cr2b/wBqUHqWv4ZXPu6R9/UYngTkD\n" "UDJL5gLlLfcLzNyyodKPHPCIAKdWn6mSVdcHk8XVpK4y9lgz4E7YDWA6ohKZgWgG\n" "2RDha8CMilFMDgYa0G0SiS9g3PQx0qh3AMXJJsKSVhScFCZufAE0kV6KvjP7jAqP\n" "XBiSkRGPAgMBAAECggEAW7hmRyY2jRX2UMJThrM9VIs6fRLnYI0dQ0tsEJj536ay\n" "nevQjArc05KWW0Yujg+WRDZPcry3RUqd9Djlmhp/F3Si6dpF1b+PMS3wJYVrf9Sd\n" "SO5W7faArU4vnyBNe0HnY1Ta5xSVI65lg1RSIs88RTZwsooJwXYDGf0shq0/21CE\n" "V8HOb27DDYNcEnm35lzaONjFnMqQQT2Vs9anRrPiSEXNleEvTgLVXZtGTyCGTz6v\n" "x86Y8eSWL9YNHvPE1I+mDPuocfSR7eRNgRu7SK3mn94W5mqd7Ns072YKX/2XN1mO\n" "66+ZFHO6v4dK1u7cSjuwrU1EhLHpUsgDz6Bna5InyQKBgQDv5l8RPy8UneKSADaf\n" "M5L/5675I/5t4nqVjvbnQje00YveLTAEjlJBNR93Biln3sYgnvNamYDCxyEuUZ/I\n" "S/vmBL9PoxfGZow4FcsIBOEbIn3E0SYJgCBNWthquUvGpKsYDnThJuhO+1cVmxAJ\n" "BUOjLFnJYHM0a+Vmk9GexT2OBwKBgQDZzkUBOK7Im3eiYytFocUJyhqMH30d49X9\n" "ujC7kGw4UWAqVe7YCSvlBa8nzWpRWK2kRpu3M0272RU0V4geyWqT+nr/SvRRPtNP\n" "F5dY8l3yR7hjtSejqqjOfBcZT6ETJxI4tiG0+Nl5BlfM5M+0nxnkWpRcHuOR3j79\n" "YUFERyN+OQKBgQCjlOKeUAc6d65W/+4/AFvsQ378Q57qLtSHxsR1TKHPmlNVXFqx\n" "wJo1/JNIBduWCEHxXHF0BdfW+RGXE/FwEt/hKLuLAhrkHmjelX2sKieU6R/5ZOQa\n" "9lMQbDHGFDOncAF6leD85hriQGBRSzrT69MDIOrYdfwYcroqCAGX0cb3YQKBgQC8\n" "iIFQylj5SyHmjcMSNjKSA8CxFDzAV8yPIdE3Oo+CvGXqn5HsrRuy1hXE9VmXapR8\n" "A6ackSszdHiXY0FvrNe1mfdH7wDHJwPQjdIzazCJHS3uGQxj7sDKY7226ie6pXJv\n" "ZrCMr2/IBAaSVGm6ppHKCeIsT4ybYm7R85KEYLPHeQKBgBeJOMBinXQfWN/1jT9b\n" "6Ywrutvp2zP8hVxQGSZJ0WG4iewZyFLsPUlbWRXOSYNPElHmdD0ZomdLVm+lSpAA\n" "XSH5FJ/IFCwqq7Eft6Gf8NFRV+NjPMUny+PnjHe4oFP8YK/Ek22K3ttNG8Hw69Aw\n" "AQue5o6oVfhgLiJzMdo/77gw\n" "-----END PRIVATE KEY-----\n"; const int cert_sz = sizeof(cert_buf); const char cert_pw[] = "password"; int cert_dersz = 0; byte* cert_der = NULL; /* Bad arg: Cert buffer is NULL */ ExpectIntEQ(wc_KeyPemToDer(NULL, cert_sz, cert_der, cert_dersz, ""), BAD_FUNC_ARG); /* Bad arg: Cert DER buffer non-NULL but size zero (or less) */ ExpectIntEQ(wc_KeyPemToDer(cert_buf, cert_sz, (byte*)&cert_der, 0, ""), BAD_FUNC_ARG); /* Test normal operation */ cert_dersz = cert_sz; /* DER will be smaller than PEM */ ExpectNotNull(cert_der = (byte*)malloc(cert_dersz)); ExpectIntGE(ret = wc_KeyPemToDer(cert_buf, cert_sz, cert_der, cert_dersz, cert_pw), 0); ExpectIntLE(ret, cert_sz); if (cert_der != NULL) { free(cert_der); cert_der = NULL; } /* Test NULL for DER buffer to return needed DER buffer size */ ExpectIntGT(ret = wc_KeyPemToDer(cert_buf, cert_sz, NULL, 0, ""), 0); ExpectIntLE(ret, cert_sz); if (EXPECT_SUCCESS()) cert_dersz = ret; ExpectNotNull(cert_der = (byte*)malloc(cert_dersz)); ExpectIntGE(ret = wc_KeyPemToDer(cert_buf, cert_sz, cert_der, cert_dersz, cert_pw), 0); ExpectIntLE(ret, cert_sz); if (cert_der != NULL) free(cert_der); #endif return EXPECT_RESULT(); } static int test_wc_PubKeyPemToDer(void) { EXPECT_DECLS; #if defined(WOLFSSL_PEM_TO_DER) && !defined(NO_FILESYSTEM) && \ (defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER)) int ret = 0; const char* key = "./certs/ecc-client-keyPub.pem"; byte* cert_buf = NULL; size_t cert_sz = 0, cert_dersz = 0; byte* cert_der = NULL; ExpectIntEQ(wc_PubKeyPemToDer(cert_buf, (int)cert_sz, cert_der, (int)cert_dersz), BAD_FUNC_ARG); ExpectIntEQ(load_file(key, &cert_buf, &cert_sz), 0); cert_dersz = cert_sz; /* DER will be smaller than PEM */ ExpectNotNull(cert_der = (byte*)malloc(cert_dersz)); ExpectIntGE(wc_PubKeyPemToDer(cert_buf, (int)cert_sz, cert_der, (int)cert_dersz), 0); if (cert_der != NULL) { free(cert_der); cert_der = NULL; } /* Test NULL for DER buffer to return needed DER buffer size */ ExpectIntGT(ret = wc_PubKeyPemToDer(cert_buf, (int)cert_sz, NULL, 0), 0); ExpectIntLE(ret, cert_sz); cert_dersz = ret; ExpectNotNull(cert_der = (byte*)malloc(cert_dersz)); ExpectIntGE(wc_PubKeyPemToDer(cert_buf, (int)cert_sz, cert_der, (int)cert_dersz), 0); if (cert_der != NULL) { free(cert_der); } if (cert_buf != NULL) { free(cert_buf); } #endif return EXPECT_RESULT(); } static int test_wc_PemPubKeyToDer(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && \ (defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER)) const char* key = "./certs/ecc-client-keyPub.pem"; size_t cert_dersz = 1024; byte* cert_der = NULL; ExpectIntGE(wc_PemPubKeyToDer(NULL, cert_der, (int)cert_dersz), BAD_FUNC_ARG); ExpectNotNull(cert_der = (byte*)malloc(cert_dersz)); ExpectIntGE(wc_PemPubKeyToDer(key, cert_der, (int)cert_dersz), 0); if (cert_der != NULL) { free(cert_der); } #endif return EXPECT_RESULT(); } static int test_wc_GetPubKeyDerFromCert(void) { EXPECT_DECLS; #if !defined(NO_RSA) || defined(HAVE_ECC) int ret; word32 idx = 0; byte keyDer[TWOK_BUF]; /* large enough for up to RSA 2048 */ word32 keyDerSz = (word32)sizeof(keyDer); DecodedCert decoded; #if !defined(NO_RSA) && defined(WOLFSSL_CERT_REQ) && !defined(NO_FILESYSTEM) byte certBuf[6000]; /* for PEM and CSR, client-cert.pem is 5-6kB */ word32 certBufSz = sizeof(certBuf); #endif #if ((!defined(USE_CERT_BUFFERS_2048) && !defined(USE_CERT_BUFFERS_1024)) || \ defined(WOLFSSL_CERT_REQ)) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) XFILE fp = XBADFILE; #endif #ifndef NO_RSA RsaKey rsaKey; #if defined(USE_CERT_BUFFERS_2048) byte* rsaCertDer = (byte*)client_cert_der_2048; word32 rsaCertDerSz = sizeof_client_cert_der_2048; #elif defined(USE_CERT_BUFFERS_1024) byte* rsaCertDer = (byte*)client_cert_der_1024; word32 rsaCertDerSz = sizeof_client_cert_der_1024; #else unsigned char rsaCertDer[TWOK_BUF]; word32 rsaCertDerSz; #endif #endif #ifdef HAVE_ECC ecc_key eccKey; #if defined(USE_CERT_BUFFERS_256) byte* eccCert = (byte*)cliecc_cert_der_256; word32 eccCertSz = sizeof_cliecc_cert_der_256; #else unsigned char eccCert[ONEK_BUF]; word32 eccCertSz; XFILE fp2 = XBADFILE; #endif #endif #ifndef NO_RSA #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) ExpectTrue((fp = XFOPEN("./certs/1024/client-cert.der", "rb")) != XBADFILE); ExpectIntGT(rsaCertDerSz = (word32)XFREAD(rsaCertDer, 1, sizeof(rsaCertDer), fp), 0); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } #endif /* good test case - RSA DER cert */ wc_InitDecodedCert(&decoded, rsaCertDer, rsaCertDerSz, NULL); ExpectIntEQ(wc_ParseCert(&decoded, CERT_TYPE, NO_VERIFY, NULL), 0); ExpectIntEQ(wc_GetPubKeyDerFromCert(&decoded, keyDer, &keyDerSz), 0); ExpectIntGT(keyDerSz, 0); /* sanity check, verify we can import DER public key */ ret = wc_InitRsaKey(&rsaKey, HEAP_HINT); ExpectIntEQ(ret, 0); ExpectIntEQ(wc_RsaPublicKeyDecode(keyDer, &idx, &rsaKey, keyDerSz), 0); if (ret == 0) { wc_FreeRsaKey(&rsaKey); } /* test LENGTH_ONLY_E case */ keyDerSz = 0; ExpectIntEQ(wc_GetPubKeyDerFromCert(&decoded, NULL, &keyDerSz), LENGTH_ONLY_E); ExpectIntGT(keyDerSz, 0); /* bad args: DecodedCert NULL */ ExpectIntEQ(wc_GetPubKeyDerFromCert(NULL, keyDer, &keyDerSz), BAD_FUNC_ARG); /* bad args: output key buff size */ ExpectIntEQ(wc_GetPubKeyDerFromCert(&decoded, keyDer, NULL), BAD_FUNC_ARG); /* bad args: zero size output key buffer */ keyDerSz = 0; ExpectIntEQ(ret = wc_GetPubKeyDerFromCert(&decoded, keyDer, &keyDerSz), BAD_FUNC_ARG); wc_FreeDecodedCert(&decoded); /* Certificate Request Tests */ #if defined(WOLFSSL_CERT_REQ) && !defined(NO_FILESYSTEM) { XMEMSET(certBuf, 0, sizeof(certBuf)); ExpectTrue((fp = XFOPEN("./certs/csr.signed.der", "rb")) != XBADFILE); ExpectIntGT(certBufSz = (word32)XFREAD(certBuf, 1, certBufSz, fp), 0); if (fp != XBADFILE) { XFCLOSE(fp); } wc_InitDecodedCert(&decoded, certBuf, certBufSz, NULL); ExpectIntEQ(wc_ParseCert(&decoded, CERTREQ_TYPE, VERIFY, NULL), 0); /* good test case - RSA DER certificate request */ keyDerSz = sizeof(keyDer); ExpectIntEQ(ret = wc_GetPubKeyDerFromCert(&decoded, keyDer, &keyDerSz), 0); ExpectIntGT(keyDerSz, 0); /* sanity check, verify we can import DER public key */ ret = wc_InitRsaKey(&rsaKey, HEAP_HINT); ExpectIntEQ(ret, 0); idx = 0; ExpectIntEQ(wc_RsaPublicKeyDecode(keyDer, &idx, &rsaKey, keyDerSz), 0); if (ret == 0) { wc_FreeRsaKey(&rsaKey); } wc_FreeDecodedCert(&decoded); } #endif /* WOLFSSL_CERT_REQ */ #endif /* NO_RSA */ #ifdef HAVE_ECC #ifndef USE_CERT_BUFFERS_256 ExpectTrue((fp2 = XFOPEN("./certs/client-ecc-cert.der", "rb")) != XBADFILE); ExpectIntGT(eccCertSz = (word32)XFREAD(eccCert, 1, ONEK_BUF, fp2), 0); if (fp2 != XBADFILE) { XFCLOSE(fp2); } #endif wc_InitDecodedCert(&decoded, eccCert, eccCertSz, NULL); ExpectIntEQ(wc_ParseCert(&decoded, CERT_TYPE, NO_VERIFY, NULL), 0); /* good test case - ECC */ XMEMSET(keyDer, 0, sizeof(keyDer)); keyDerSz = sizeof(keyDer); ExpectIntEQ(wc_GetPubKeyDerFromCert(&decoded, keyDer, &keyDerSz), 0); ExpectIntGT(keyDerSz, 0); /* sanity check, verify we can import DER public key */ ret = wc_ecc_init(&eccKey); ExpectIntEQ(ret, 0); idx = 0; /* reset idx to 0, used above in RSA case */ ExpectIntEQ(wc_EccPublicKeyDecode(keyDer, &idx, &eccKey, keyDerSz), 0); if (ret == 0) { wc_ecc_free(&eccKey); } /* test LENGTH_ONLY_E case */ keyDerSz = 0; ExpectIntEQ(wc_GetPubKeyDerFromCert(&decoded, NULL, &keyDerSz), LENGTH_ONLY_E); ExpectIntGT(keyDerSz, 0); wc_FreeDecodedCert(&decoded); #endif #endif /* !NO_RSA || HAVE_ECC */ return EXPECT_RESULT(); } static int test_wc_CheckCertSigPubKey(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \ !defined(NO_RSA) && defined(WOLFSSL_PEM_TO_DER) && defined(HAVE_ECC) int ret = 0; const char* ca_cert = "./certs/ca-cert.pem"; byte* cert_buf = NULL; size_t cert_sz = 0; byte* cert_der = NULL; word32 cert_dersz = 0; byte keyDer[TWOK_BUF]; /* large enough for up to RSA 2048 */ word32 keyDerSz = (word32)sizeof(keyDer); DecodedCert decoded; ExpectIntEQ(load_file(ca_cert, &cert_buf, &cert_sz), 0); cert_dersz = (word32)cert_sz; /* DER will be smaller than PEM */ ExpectNotNull(cert_der = (byte*)malloc(cert_dersz)); ExpectIntGE(ret = wc_CertPemToDer(cert_buf, (int)cert_sz, cert_der, (int)cert_dersz, CERT_TYPE), 0); wc_InitDecodedCert(&decoded, cert_der, cert_dersz, NULL); ExpectIntEQ(wc_ParseCert(&decoded, CERT_TYPE, NO_VERIFY, NULL), 0); ExpectIntEQ(wc_GetPubKeyDerFromCert(&decoded, keyDer, &keyDerSz), 0); ExpectIntGT(keyDerSz, 0); /* Good test case. */ ExpectIntEQ(wc_CheckCertSigPubKey(cert_der, cert_dersz, NULL, keyDer, keyDerSz, RSAk), 0); /* No certificate. */ ExpectIntEQ(wc_CheckCertSigPubKey(NULL, cert_dersz, NULL, keyDer, keyDerSz, ECDSAk), BAD_FUNC_ARG); /* Bad cert size. */ ExpectIntNE(ret = wc_CheckCertSigPubKey(cert_der, 0, NULL, keyDer, keyDerSz, RSAk), 0); ExpectTrue(ret == ASN_PARSE_E || ret == BUFFER_E); /* No public key. */ ExpectIntEQ(wc_CheckCertSigPubKey(cert_der, cert_dersz, NULL, NULL, keyDerSz, RSAk), ASN_NO_SIGNER_E); /* Bad public key size. */ ExpectIntEQ(wc_CheckCertSigPubKey(cert_der, cert_dersz, NULL, keyDer, 0, RSAk), BAD_FUNC_ARG); /* Wrong aglo. */ ExpectIntEQ(wc_CheckCertSigPubKey(cert_der, cert_dersz, NULL, keyDer, keyDerSz, ECDSAk), ASN_PARSE_E); wc_FreeDecodedCert(&decoded); if (cert_der != NULL) free(cert_der); if (cert_buf != NULL) free(cert_buf); #endif return EXPECT_RESULT(); } static int test_wolfSSL_certs(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \ !defined(NO_RSA) X509* x509ext = NULL; #ifdef OPENSSL_ALL X509* x509 = NULL; WOLFSSL_X509_EXTENSION* ext = NULL; ASN1_OBJECT* obj = NULL; #endif WOLFSSL* ssl = NULL; WOLFSSL_CTX* ctx = NULL; STACK_OF(ASN1_OBJECT)* sk = NULL; ASN1_STRING* asn1_str = NULL; AUTHORITY_KEYID* akey = NULL; BASIC_CONSTRAINTS* bc = NULL; int crit = 0; #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = SSL_CTX_new(SSLv23_server_method())); #else ExpectNotNull(ctx = SSL_CTX_new(SSLv23_client_method())); #endif ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile, SSL_FILETYPE_PEM)); ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM)); ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, SSL_FILETYPE_PEM)); #if !defined(NO_CHECK_PRIVATE_KEY) ExpectIntEQ(SSL_CTX_check_private_key(ctx), SSL_FAILURE); #endif ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM)); #if !defined(NO_CHECK_PRIVATE_KEY) ExpectIntEQ(SSL_CTX_check_private_key(ctx), SSL_SUCCESS); #endif ExpectNotNull(ssl = SSL_new(ctx)); #if !defined(NO_CHECK_PRIVATE_KEY) ExpectIntEQ(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS); #endif #ifdef HAVE_PK_CALLBACKS ExpectIntEQ((int)SSL_set_tlsext_debug_arg(ssl, NULL), WOLFSSL_SUCCESS); #endif /* HAVE_PK_CALLBACKS */ /* create and use x509 */ #ifdef OPENSSL_ALL ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile, WOLFSSL_FILETYPE_PEM)); #endif ExpectNotNull(x509ext = wolfSSL_X509_load_certificate_file(cliCertFileExt, WOLFSSL_FILETYPE_PEM)); ExpectIntEQ(SSL_use_certificate(ssl, x509ext), WOLFSSL_SUCCESS); #if !defined(NO_CHECK_PRIVATE_KEY) /* with loading in a new cert the check on private key should now fail */ ExpectIntNE(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS); #endif #if defined(USE_CERT_BUFFERS_2048) ExpectIntEQ(SSL_use_certificate_ASN1(ssl, (unsigned char*)server_cert_der_2048, sizeof_server_cert_der_2048), WOLFSSL_SUCCESS); #endif #if !defined(NO_SHA) && !defined(NO_SHA256) && !defined(NO_PWDBASED) /************* Get Digest of Certificate ******************/ { byte digest[64]; /* max digest size */ word32 digestSz; XMEMSET(digest, 0, sizeof(digest)); ExpectIntEQ(X509_digest(x509ext, wolfSSL_EVP_sha1(), digest, &digestSz), WOLFSSL_SUCCESS); ExpectIntEQ(X509_digest(x509ext, wolfSSL_EVP_sha256(), digest, &digestSz), WOLFSSL_SUCCESS); ExpectIntEQ(X509_digest(NULL, wolfSSL_EVP_sha1(), digest, &digestSz), WOLFSSL_FAILURE); } #endif /* !NO_SHA && !NO_SHA256 && !NO_PWDBASED */ /* test and checkout X509 extensions */ ExpectNotNull(bc = (BASIC_CONSTRAINTS*)X509_get_ext_d2i(x509ext, NID_basic_constraints, &crit, NULL)); ExpectIntEQ(crit, 0); #ifdef OPENSSL_ALL ExpectNotNull(ext = X509V3_EXT_i2d(NID_basic_constraints, crit, bc)); X509_EXTENSION_free(ext); ext = NULL; ExpectNotNull(ext = X509_EXTENSION_new()); X509_EXTENSION_set_critical(ext, 1); ExpectNotNull(obj = OBJ_nid2obj(NID_basic_constraints)); ExpectIntEQ(X509_EXTENSION_set_object(ext, obj), SSL_SUCCESS); ASN1_OBJECT_free(obj); obj = NULL; X509_EXTENSION_free(ext); ext = NULL; ExpectNotNull(ext = X509_EXTENSION_new()); X509_EXTENSION_set_critical(ext, 0); ExpectIntEQ(X509_EXTENSION_set_data(ext, NULL), SSL_FAILURE); asn1_str = (ASN1_STRING*)X509_get_ext_d2i(x509ext, NID_key_usage, &crit, NULL); ExpectIntEQ(X509_EXTENSION_set_data(ext, asn1_str), SSL_SUCCESS); ASN1_STRING_free(asn1_str); /* X509_EXTENSION_set_data has made a copy * and X509_get_ext_d2i has created new */ asn1_str = NULL; X509_EXTENSION_free(ext); ext = NULL; #endif BASIC_CONSTRAINTS_free(bc); bc = NULL; ExpectNotNull(asn1_str = (ASN1_STRING*)X509_get_ext_d2i(x509ext, NID_key_usage, &crit, NULL)); ExpectIntEQ(crit, 1); ExpectIntEQ(asn1_str->type, NID_key_usage); #ifdef OPENSSL_ALL ExpectNotNull(ext = X509V3_EXT_i2d(NID_key_usage, crit, asn1_str)); X509_EXTENSION_free(ext); ext = NULL; #endif ASN1_STRING_free(asn1_str); asn1_str = NULL; #ifdef OPENSSL_ALL ExpectNotNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_ext_key_usage, &crit, NULL)); ExpectNotNull(ext = X509V3_EXT_i2d(NID_ext_key_usage, crit, sk)); X509_EXTENSION_free(ext); ext = NULL; EXTENDED_KEY_USAGE_free(sk); sk = NULL; #else sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext, NID_ext_key_usage, &crit, NULL); ExpectNull(sk); #endif ExpectNotNull(akey = (AUTHORITY_KEYID*)X509_get_ext_d2i(x509ext, NID_authority_key_identifier, &crit, NULL)); #ifdef OPENSSL_ALL ExpectNotNull(ext = X509V3_EXT_i2d(NID_authority_key_identifier, crit, akey)); X509_EXTENSION_free(ext); ext = NULL; #endif wolfSSL_AUTHORITY_KEYID_free(akey); akey = NULL; /* NID not yet supported */ ExpectNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext, NID_private_key_usage_period, &crit, NULL)); ExpectIntEQ(crit, -1); sk_ASN1_OBJECT_free(sk); sk = NULL; ExpectNotNull(sk = (STACK_OF(GENERAL_NAME)*)X509_get_ext_d2i(x509ext, NID_subject_alt_name, &crit, NULL)); { int i; for (i = 0; i < sk_GENERAL_NAME_num(sk); i++) { GENERAL_NAME* gen = sk_GENERAL_NAME_value(sk, i); ExpectIntEQ(gen->type, GEN_DNS); ExpectIntEQ(gen->d.dNSName->type, V_ASN1_IA5STRING); } } sk_GENERAL_NAME_free(sk); sk = NULL; /* NID not yet supported */ ExpectNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext, NID_issuer_alt_name, &crit, NULL)); ExpectIntEQ(crit, -1); sk_ASN1_OBJECT_free(sk); sk = NULL; /* NID not yet supported */ ExpectNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext, NID_info_access, &crit, NULL)); sk_ASN1_OBJECT_free(sk); sk = NULL; /* NID not yet supported */ ExpectNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext, NID_sinfo_access, &crit, NULL)); ExpectIntEQ(crit, -1); sk_ASN1_OBJECT_free(sk); sk = NULL; /* NID not yet supported */ ExpectNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext, NID_name_constraints, &crit, NULL)); ExpectIntEQ(crit, -1); sk_ASN1_OBJECT_free(sk); sk = NULL; /* no cert policy set */ ExpectNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext, NID_certificate_policies, &crit, NULL)); sk_ASN1_OBJECT_free(sk); sk = NULL; /* NID not yet supported */ ExpectNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext, NID_policy_mappings, &crit, NULL)); ExpectIntEQ(crit, -1); sk_ASN1_OBJECT_free(sk); sk = NULL; /* NID not yet supported */ ExpectNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext, NID_policy_constraints, &crit, NULL)); ExpectIntEQ(crit, -1); sk_ASN1_OBJECT_free(sk); sk = NULL; /* NID not yet supported */ ExpectNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext, NID_inhibit_any_policy, &crit, NULL)); ExpectIntEQ(crit, -1); sk_ASN1_OBJECT_free(sk); sk = NULL; /* NID not yet supported */ ExpectNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext, NID_tlsfeature, &crit, NULL)); ExpectIntEQ(crit, -1); sk_ASN1_OBJECT_free(sk); sk = NULL; /* test invalid cases */ crit = 0; ExpectNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext, -1, &crit, NULL)); ExpectIntEQ(crit, -1); /* NULL passed for criticality. */ ExpectNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(NULL, NID_tlsfeature, NULL, NULL)); ExpectIntEQ(SSL_get_hit(ssl), 0); #ifdef OPENSSL_ALL X509_free(x509); #endif X509_free(x509ext); SSL_free(ssl); SSL_CTX_free(ctx); #endif /* OPENSSL_EXTRA && !NO_CERTS */ return EXPECT_RESULT(); } static int test_wolfSSL_X509_check_private_key(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA) && \ defined(USE_CERT_BUFFERS_2048) && !defined(NO_CHECK_PRIVATE_KEY) X509* x509 = NULL; EVP_PKEY* pkey = NULL; const byte* key; /* Check with correct key */ ExpectNotNull((x509 = X509_load_certificate_file(cliCertFile, SSL_FILETYPE_PEM))); key = client_key_der_2048; ExpectNotNull(d2i_PrivateKey(EVP_PKEY_RSA, &pkey, &key, (long)sizeof_client_key_der_2048)); ExpectIntEQ(X509_check_private_key(x509, pkey), 1); EVP_PKEY_free(pkey); pkey = NULL; /* Check with wrong key */ key = server_key_der_2048; ExpectNotNull(d2i_PrivateKey(EVP_PKEY_RSA, &pkey, &key, (long)sizeof_server_key_der_2048)); ExpectIntEQ(X509_check_private_key(x509, pkey), 0); /* test for incorrect parameter */ ExpectIntEQ(X509_check_private_key(NULL, pkey), 0); ExpectIntEQ(X509_check_private_key(x509, NULL), 0); ExpectIntEQ(X509_check_private_key(NULL, NULL), 0); EVP_PKEY_free(pkey); X509_free(x509); #endif return EXPECT_RESULT(); } static int test_wolfSSL_private_keys(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) WOLFSSL* ssl = NULL; WOLFSSL_CTX* ctx = NULL; EVP_PKEY* pkey = NULL; OpenSSL_add_all_digests(); OpenSSL_add_all_algorithms(); #ifndef NO_RSA #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method())); #else ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method())); #endif ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM)); /* Have to load a cert before you can check the private key against that * certificates public key! */ #if !defined(NO_CHECK_PRIVATE_KEY) ExpectIntEQ(wolfSSL_CTX_check_private_key(ctx), WOLFSSL_FAILURE); #endif ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM)); #if !defined(NO_CHECK_PRIVATE_KEY) ExpectIntEQ(wolfSSL_CTX_check_private_key(ctx), WOLFSSL_SUCCESS); #endif ExpectNotNull(ssl = SSL_new(ctx)); #if !defined(NO_CHECK_PRIVATE_KEY) ExpectIntEQ(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS); #endif #ifdef USE_CERT_BUFFERS_2048 { const unsigned char* server_key = (const unsigned char*)server_key_der_2048; unsigned char buf[FOURK_BUF]; word32 bufSz; ExpectIntEQ(SSL_use_RSAPrivateKey_ASN1(ssl, (unsigned char*)client_key_der_2048, sizeof_client_key_der_2048), WOLFSSL_SUCCESS); #if !defined(NO_CHECK_PRIVATE_KEY) /* Should mismatch now that a different private key loaded */ ExpectIntNE(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS); #endif ExpectIntEQ(SSL_use_PrivateKey_ASN1(0, ssl, (unsigned char*)server_key, sizeof_server_key_der_2048), WOLFSSL_SUCCESS); #if !defined(NO_CHECK_PRIVATE_KEY) /* After loading back in DER format of original key, should match */ ExpectIntEQ(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS); #endif /* test loading private key to the WOLFSSL_CTX */ ExpectIntEQ(SSL_CTX_use_PrivateKey_ASN1(0, ctx, (unsigned char*)client_key_der_2048, sizeof_client_key_der_2048), WOLFSSL_SUCCESS); #if !defined(NO_CHECK_PRIVATE_KEY) /* Should mismatch now that a different private key loaded */ ExpectIntNE(wolfSSL_CTX_check_private_key(ctx), WOLFSSL_SUCCESS); #endif ExpectIntEQ(SSL_CTX_use_PrivateKey_ASN1(0, ctx, (unsigned char*)server_key, sizeof_server_key_der_2048), WOLFSSL_SUCCESS); #if !defined(NO_CHECK_PRIVATE_KEY) /* After loading back in DER format of original key, should match */ ExpectIntEQ(wolfSSL_CTX_check_private_key(ctx), WOLFSSL_SUCCESS); #endif /* pkey not set yet, expecting to fail */ ExpectIntEQ(SSL_use_PrivateKey(ssl, pkey), WOLFSSL_FAILURE); /* set PKEY and test again */ ExpectNotNull(wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, &pkey, &server_key, (long)sizeof_server_key_der_2048)); ExpectIntEQ(SSL_use_PrivateKey(ssl, pkey), WOLFSSL_SUCCESS); /* reuse PKEY structure and test * this should be checked with a memory management sanity checker */ ExpectFalse(server_key == (const unsigned char*)server_key_der_2048); server_key = (const unsigned char*)server_key_der_2048; ExpectNotNull(wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, &pkey, &server_key, (long)sizeof_server_key_der_2048)); ExpectIntEQ(SSL_use_PrivateKey(ssl, pkey), WOLFSSL_SUCCESS); /* check striping PKCS8 header with wolfSSL_d2i_PrivateKey */ bufSz = FOURK_BUF; ExpectIntGT((bufSz = wc_CreatePKCS8Key(buf, &bufSz, (byte*)server_key_der_2048, sizeof_server_key_der_2048, RSAk, NULL, 0)), 0); server_key = (const unsigned char*)buf; ExpectNotNull(wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, &pkey, &server_key, (long)bufSz)); } #endif EVP_PKEY_free(pkey); pkey = NULL; SSL_free(ssl); /* frees x509 also since loaded into ssl */ ssl = NULL; SSL_CTX_free(ctx); ctx = NULL; #endif /* end of RSA private key match tests */ #ifdef HAVE_ECC #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method())); #else ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method())); #endif ExpectTrue(SSL_CTX_use_certificate_file(ctx, eccCertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, eccKeyFile, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(ssl = SSL_new(ctx)); #if !defined(NO_CHECK_PRIVATE_KEY) ExpectIntEQ(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS); #endif SSL_free(ssl); ssl = NULL; ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, cliEccKeyFile, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(ssl = SSL_new(ctx)); #ifdef WOLFSSL_VALIDATE_ECC_IMPORT ExpectIntNE(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS); #endif SSL_free(ssl); ssl = NULL; SSL_CTX_free(ctx); ctx = NULL; #endif /* end of ECC private key match tests */ #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT) #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method())); #else ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method())); #endif ExpectTrue(SSL_CTX_use_certificate_file(ctx, edCertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, edKeyFile, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(ssl = SSL_new(ctx)); #if !defined(NO_CHECK_PRIVATE_KEY) ExpectIntEQ(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS); #endif SSL_free(ssl); ssl = NULL; ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, cliEdKeyFile, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(ssl = SSL_new(ctx)); #if !defined(NO_CHECK_PRIVATE_KEY) ExpectIntNE(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS); #endif SSL_free(ssl); ssl = NULL; SSL_CTX_free(ctx); ctx = NULL; #endif /* end of Ed25519 private key match tests */ #if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT) #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method())); #else ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method())); #endif ExpectTrue(SSL_CTX_use_certificate_file(ctx, ed448CertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, ed448KeyFile, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(ssl = SSL_new(ctx)); #if !defined(NO_CHECK_PRIVATE_KEY) ExpectIntEQ(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS); #endif SSL_free(ssl); ssl = NULL; ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, cliEd448KeyFile, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(ssl = SSL_new(ctx)); #if !defined(NO_CHECK_PRIVATE_KEY) ExpectIntNE(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS); #endif SSL_free(ssl); ssl = NULL; SSL_CTX_free(ctx); ctx = NULL; #endif /* end of Ed448 private key match tests */ EVP_cleanup(); /* test existence of no-op macros in wolfssl/openssl/ssl.h */ CONF_modules_free(); ENGINE_cleanup(); CONF_modules_unload(); (void)ssl; (void)ctx; (void)pkey; #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */ return EXPECT_RESULT(); } static int test_wolfSSL_PEM_read_PrivateKey(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) \ && !defined(NO_FILESYSTEM) XFILE file = XBADFILE; const char* fname = "./certs/server-key.pem"; EVP_PKEY* pkey = NULL; RSA* rsa = NULL; WOLFSSL_EVP_PKEY_CTX* ctx = NULL; unsigned char* sig = NULL; size_t sigLen = 0; const unsigned char tbs[] = {0, 1, 2, 3, 4, 5, 6, 7}; size_t tbsLen = sizeof(tbs); /* Check error case. */ ExpectNull(pkey = PEM_read_PrivateKey(NULL, NULL, NULL, NULL)); /* Read in an RSA key. */ ExpectTrue((file = XFOPEN(fname, "rb")) != XBADFILE); ExpectNotNull(pkey = PEM_read_PrivateKey(file, NULL, NULL, NULL)); if (file != XBADFILE) XFCLOSE(file); /* Make sure the key is usable by signing some data with it. */ ExpectNotNull(rsa = EVP_PKEY_get0_RSA(pkey)); ExpectIntGT((sigLen = RSA_size(rsa)), 0); ExpectNotNull(sig = (unsigned char*)XMALLOC(sigLen, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL)); ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_sign(ctx, sig, &sigLen, tbs, tbsLen), WOLFSSL_SUCCESS); XFREE(sig, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(pkey); #endif return EXPECT_RESULT(); } static int test_wolfSSL_PEM_read_PUBKEY(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) \ && !defined(NO_FILESYSTEM) XFILE file = XBADFILE; const char* fname = "./certs/client-keyPub.pem"; EVP_PKEY* pkey = NULL; /* Check error case. */ ExpectNull(pkey = PEM_read_PUBKEY(NULL, NULL, NULL, NULL)); /* Read in an RSA key. */ ExpectTrue((file = XFOPEN(fname, "rb")) != XBADFILE); ExpectNotNull(pkey = PEM_read_PUBKEY(file, NULL, NULL, NULL)); EVP_PKEY_free(pkey); if (file != XBADFILE) XFCLOSE(file); #endif return EXPECT_RESULT(); } static int test_wolfSSL_PEM_PrivateKey(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ (!defined(NO_RSA) || defined(HAVE_ECC)) && defined(USE_CERT_BUFFERS_2048) #ifndef NO_BIO BIO* bio = NULL; #endif EVP_PKEY* pkey = NULL; const unsigned char* server_key = (const unsigned char*)server_key_der_2048; #ifndef NO_BIO /* test creating new EVP_PKEY with bad arg */ ExpectNull((pkey = PEM_read_bio_PrivateKey(NULL, NULL, NULL, NULL))); /* test loading RSA key using BIO */ #if !defined(NO_RSA) && !defined(NO_FILESYSTEM) { XFILE file = XBADFILE; const char* fname = "./certs/server-key.pem"; const char* fname_rsa_p8 = "./certs/server-keyPkcs8.pem"; size_t sz = 0; byte* buf = NULL; EVP_PKEY* pkey2 = NULL; EVP_PKEY* pkey3 = NULL; RSA* rsa_key = NULL; ExpectTrue((file = XFOPEN(fname, "rb")) != XBADFILE); ExpectTrue(XFSEEK(file, 0, XSEEK_END) == 0); ExpectIntGT(sz = XFTELL(file), 0); ExpectTrue(XFSEEK(file, 0, XSEEK_SET) == 0); ExpectNotNull(buf = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE)); if (buf != NULL) { ExpectIntEQ(XFREAD(buf, 1, sz, file), sz); } if (file != XBADFILE) { XFCLOSE(file); file = XBADFILE; } /* Test using BIO new mem and loading PEM private key */ ExpectNotNull(bio = BIO_new_mem_buf(buf, (int)sz)); ExpectNotNull((pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL))); XFREE(buf, NULL, DYNAMIC_TYPE_FILE); buf = NULL; BIO_free(bio); bio = NULL; ExpectNotNull(pkey2 = EVP_PKEY_new()); if (pkey2 != NULL) { pkey2->type = EVP_PKEY_RSA; } /* Test parameter copy */ ExpectIntEQ(EVP_PKEY_copy_parameters(pkey2, pkey), 0); EVP_PKEY_free(pkey2); EVP_PKEY_free(pkey); pkey = NULL; /* Qt unit test case : rsa pkcs8 key */ ExpectTrue((file = XFOPEN(fname_rsa_p8, "rb")) != XBADFILE); ExpectTrue(XFSEEK(file, 0, XSEEK_END) == 0); ExpectIntGT(sz = XFTELL(file), 0); ExpectTrue(XFSEEK(file, 0, XSEEK_SET) == 0); ExpectNotNull(buf = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE)); if (buf) { ExpectIntEQ(XFREAD(buf, 1, sz, file), sz); } if (file != XBADFILE) { XFCLOSE(file); file = XBADFILE; } ExpectNotNull(bio = BIO_new_mem_buf(buf, (int)sz)); ExpectNotNull((pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL))); XFREE(buf, NULL, DYNAMIC_TYPE_FILE); buf = NULL; BIO_free(bio); bio = NULL; ExpectNotNull(pkey3 = EVP_PKEY_new()); ExpectNotNull(rsa_key = EVP_PKEY_get1_RSA(pkey)); ExpectIntEQ(EVP_PKEY_set1_RSA(pkey3, rsa_key), WOLFSSL_SUCCESS); #ifdef WOLFSSL_ERROR_CODE_OPENSSL ExpectIntEQ(EVP_PKEY_cmp(pkey, pkey3), 1/* match */); #else ExpectIntEQ(EVP_PKEY_cmp(pkey, pkey3), 0); #endif RSA_free(rsa_key); EVP_PKEY_free(pkey3); EVP_PKEY_free(pkey); pkey = NULL; } #endif /* test loading ECC key using BIO */ #if defined(HAVE_ECC) && !defined(NO_FILESYSTEM) { XFILE file = XBADFILE; const char* fname = "./certs/ecc-key.pem"; const char* fname_ecc_p8 = "./certs/ecc-keyPkcs8.pem"; size_t sz = 0; byte* buf = NULL; EVP_PKEY* pkey2 = NULL; EVP_PKEY* pkey3 = NULL; EC_KEY* ec_key = NULL; int nid = 0; ExpectTrue((file = XFOPEN(fname, "rb")) != XBADFILE); ExpectTrue(XFSEEK(file, 0, XSEEK_END) == 0); ExpectIntGT(sz = XFTELL(file), 0); ExpectTrue(XFSEEK(file, 0, XSEEK_SET) == 0); ExpectNotNull(buf = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE)); if (buf) { ExpectIntEQ(XFREAD(buf, 1, sz, file), sz); } if (file != XBADFILE) { XFCLOSE(file); file = XBADFILE; } /* Test using BIO new mem and loading PEM private key */ ExpectNotNull(bio = BIO_new_mem_buf(buf, (int)sz)); ExpectNotNull((pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL))); XFREE(buf, NULL, DYNAMIC_TYPE_FILE); buf = NULL; BIO_free(bio); bio = NULL; ExpectNotNull(pkey2 = EVP_PKEY_new()); ExpectNotNull(pkey3 = EVP_PKEY_new()); if (pkey2 != NULL) { pkey2->type = EVP_PKEY_EC; } /* Test parameter copy */ ExpectIntEQ(EVP_PKEY_copy_parameters(pkey2, pkey), 1); /* Qt unit test case 1*/ ExpectNotNull(ec_key = EVP_PKEY_get1_EC_KEY(pkey)); ExpectIntEQ(EVP_PKEY_set1_EC_KEY(pkey3, ec_key), WOLFSSL_SUCCESS); #ifdef WOLFSSL_ERROR_CODE_OPENSSL ExpectIntEQ(EVP_PKEY_cmp(pkey, pkey3), 1/* match */); #else ExpectIntEQ(EVP_PKEY_cmp(pkey, pkey3), 0); #endif /* Test default digest */ ExpectIntEQ(EVP_PKEY_get_default_digest_nid(pkey, &nid), 1); ExpectIntEQ(nid, NID_sha256); EC_KEY_free(ec_key); ec_key = NULL; EVP_PKEY_free(pkey3); pkey3 = NULL; EVP_PKEY_free(pkey2); pkey2 = NULL; EVP_PKEY_free(pkey); pkey = NULL; /* Qt unit test case ec pkcs8 key */ ExpectTrue((file = XFOPEN(fname_ecc_p8, "rb")) != XBADFILE); ExpectTrue(XFSEEK(file, 0, XSEEK_END) == 0); ExpectIntGT(sz = XFTELL(file), 0); ExpectTrue(XFSEEK(file, 0, XSEEK_SET) == 0); ExpectNotNull(buf = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE)); if (buf) { ExpectIntEQ(XFREAD(buf, 1, sz, file), sz); } if (file != XBADFILE) { XFCLOSE(file); file = XBADFILE; } ExpectNotNull(bio = BIO_new_mem_buf(buf, (int)sz)); ExpectNotNull((pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL))); XFREE(buf, NULL, DYNAMIC_TYPE_FILE); buf = NULL; BIO_free(bio); bio = NULL; ExpectNotNull(pkey3 = EVP_PKEY_new()); /* Qt unit test case */ ExpectNotNull(ec_key = EVP_PKEY_get1_EC_KEY(pkey)); ExpectIntEQ(EVP_PKEY_set1_EC_KEY(pkey3, ec_key), WOLFSSL_SUCCESS); #ifdef WOLFSSL_ERROR_CODE_OPENSSL ExpectIntEQ(EVP_PKEY_cmp(pkey, pkey3), 1/* match */); #else ExpectIntEQ(EVP_PKEY_cmp(pkey, pkey3), 0); #endif EC_KEY_free(ec_key); EVP_PKEY_free(pkey3); EVP_PKEY_free(pkey); pkey = NULL; } #endif #if !defined(NO_BIO) && !defined(NO_RSA) && (defined(WOLFSSL_KEY_GEN) || \ defined(WOLFSSL_CERT_GEN)) { #define BIO_PEM_TEST_CHAR 'a' EVP_PKEY* pkey2 = NULL; unsigned char extra[10]; int i; BIO* pub_bio = NULL; XMEMSET(extra, BIO_PEM_TEST_CHAR, sizeof(extra)); ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem())); ExpectIntEQ(BIO_set_write_buf_size(bio, 4096), SSL_FAILURE); ExpectNotNull(pub_bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem())); ExpectIntEQ(BIO_set_write_buf_size(pub_bio, 4096), SSL_FAILURE); ExpectNull(d2i_PrivateKey(EVP_PKEY_EC, &pkey, &server_key, (long)sizeof_server_key_der_2048)); ExpectNull(pkey); ExpectNotNull(wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, &pkey, &server_key, (long)sizeof_server_key_der_2048)); ExpectIntEQ(PEM_write_bio_PrivateKey(NULL, pkey, NULL, NULL, 0, NULL, NULL), WOLFSSL_FAILURE); ExpectIntEQ(PEM_write_bio_PrivateKey(bio, NULL, NULL, NULL, 0, NULL, NULL), WOLFSSL_FAILURE); ExpectIntEQ(PEM_write_bio_PrivateKey(bio, pkey, NULL, NULL, 0, NULL, NULL), WOLFSSL_SUCCESS); ExpectIntGT(BIO_pending(bio), 0); ExpectIntEQ(BIO_pending(bio), 1679); /* Check if the pubkey API writes only the public key */ #ifdef WOLFSSL_KEY_GEN ExpectIntEQ(PEM_write_bio_PUBKEY(NULL, pkey), WOLFSSL_FAILURE); ExpectIntEQ(PEM_write_bio_PUBKEY(pub_bio, NULL), WOLFSSL_FAILURE); ExpectIntEQ(PEM_write_bio_PUBKEY(pub_bio, pkey), WOLFSSL_SUCCESS); ExpectIntGT(BIO_pending(pub_bio), 0); /* Previously both the private key and the pubkey calls would write * out the private key and the PEM header was the only difference. * The public PEM should be significantly shorter than the * private key versison. */ ExpectIntEQ(BIO_pending(pub_bio), 451); #endif /* test creating new EVP_PKEY with good args */ ExpectNotNull((pkey2 = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL))); if (pkey && pkey->pkey.ptr && pkey2 && pkey2->pkey.ptr) ExpectIntEQ((int)XMEMCMP(pkey->pkey.ptr, pkey2->pkey.ptr, pkey->pkey_sz), 0); /* test of reuse of EVP_PKEY */ ExpectNull(PEM_read_bio_PrivateKey(bio, &pkey, NULL, NULL)); ExpectIntEQ(BIO_pending(bio), 0); ExpectIntEQ(PEM_write_bio_PrivateKey(bio, pkey, NULL, NULL, 0, NULL, NULL), SSL_SUCCESS); ExpectIntEQ(BIO_write(bio, extra, 10), 10); /* add 10 extra bytes after PEM */ ExpectNotNull(PEM_read_bio_PrivateKey(bio, &pkey, NULL, NULL)); ExpectNotNull(pkey); if (pkey && pkey->pkey.ptr && pkey2 && pkey2->pkey.ptr) { ExpectIntEQ((int)XMEMCMP(pkey->pkey.ptr, pkey2->pkey.ptr, pkey->pkey_sz),0); } ExpectIntEQ(BIO_pending(bio), 10); /* check 10 extra bytes still there */ ExpectIntEQ(BIO_read(bio, extra, 10), 10); for (i = 0; i < 10; i++) { ExpectIntEQ(extra[i], BIO_PEM_TEST_CHAR); } BIO_free(pub_bio); BIO_free(bio); bio = NULL; EVP_PKEY_free(pkey); pkey = NULL; EVP_PKEY_free(pkey2); } #endif /* key is DES encrypted */ #if !defined(NO_DES3) && defined(WOLFSSL_ENCRYPTED_KEYS) && \ !defined(NO_RSA) && !defined(NO_BIO) && !defined(NO_FILESYSTEM) && \ !defined(NO_MD5) && defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) { XFILE f = XBADFILE; wc_pem_password_cb* passwd_cb = NULL; void* passwd_cb_userdata; SSL_CTX* ctx = NULL; char passwd[] = "bad password"; #ifndef WOLFSSL_NO_TLS12 #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = SSL_CTX_new(TLSv1_2_server_method())); #else ExpectNotNull(ctx = SSL_CTX_new(TLSv1_2_client_method())); #endif #else #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = SSL_CTX_new(wolfTLSv1_3_server_method())); #else ExpectNotNull(ctx = SSL_CTX_new(wolfTLSv1_3_client_method())); #endif #endif ExpectNotNull(bio = BIO_new_file("./certs/server-keyEnc.pem", "rb")); SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); ExpectNotNull(passwd_cb = SSL_CTX_get_default_passwd_cb(ctx)); ExpectNull(passwd_cb_userdata = SSL_CTX_get_default_passwd_cb_userdata(ctx)); /* fail case with password call back */ ExpectNull(pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, (void*)passwd)); BIO_free(bio); ExpectNotNull(bio = BIO_new_file("./certs/server-keyEnc.pem", "rb")); ExpectNull(pkey = PEM_read_bio_PrivateKey(bio, NULL, passwd_cb, (void*)passwd)); BIO_free(bio); ExpectTrue((f = XFOPEN("./certs/server-keyEnc.pem", "rb")) != XBADFILE); ExpectNotNull(bio = BIO_new_fp(f, BIO_CLOSE)); if ((bio == NULL) && (f != XBADFILE)) { XFCLOSE(f); } /* use callback that works */ ExpectNotNull(pkey = PEM_read_bio_PrivateKey(bio, NULL, passwd_cb, (void*)"yassl123")); ExpectIntEQ(SSL_CTX_use_PrivateKey(ctx, pkey), SSL_SUCCESS); EVP_PKEY_free(pkey); pkey = NULL; BIO_free(bio); bio = NULL; SSL_CTX_free(ctx); } #endif /* !defined(NO_DES3) */ #endif /* !NO_BIO */ #if defined(HAVE_ECC) && !defined(NO_FILESYSTEM) { unsigned char buf[2048]; size_t bytes = 0; XFILE f = XBADFILE; SSL_CTX* ctx = NULL; #ifndef WOLFSSL_NO_TLS12 #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = SSL_CTX_new(TLSv1_2_server_method())); #else ExpectNotNull(ctx = SSL_CTX_new(TLSv1_2_client_method())); #endif #else #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = SSL_CTX_new(wolfTLSv1_3_server_method())); #else ExpectNotNull(ctx = SSL_CTX_new(wolfTLSv1_3_client_method())); #endif #endif ExpectTrue((f = XFOPEN("./certs/ecc-key.der", "rb")) != XBADFILE); ExpectIntGT(bytes = (size_t)XFREAD(buf, 1, sizeof(buf), f), 0); if (f != XBADFILE) XFCLOSE(f); server_key = buf; pkey = NULL; ExpectNull(d2i_PrivateKey(EVP_PKEY_RSA, &pkey, &server_key, bytes)); ExpectNull(pkey); ExpectNotNull(d2i_PrivateKey(EVP_PKEY_EC, &pkey, &server_key, bytes)); ExpectIntEQ(SSL_CTX_use_PrivateKey(ctx, pkey), SSL_SUCCESS); EVP_PKEY_free(pkey); pkey = NULL; SSL_CTX_free(ctx); server_key = NULL; } #endif #ifndef NO_BIO (void)bio; #endif (void)pkey; (void)server_key; #endif /* OPENSSL_EXTRA && !NO_CERTS && !NO_RSA && USE_CERT_BUFFERS_2048 */ return EXPECT_RESULT(); } static int test_wolfSSL_PEM_file_RSAKey(void) { EXPECT_DECLS; #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && \ defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) && \ !defined(NO_FILESYSTEM) && !defined(NO_CERTS) RSA* rsa = NULL; XFILE fp = XBADFILE; ExpectTrue((fp = XFOPEN("./certs/rsa-pub-2048.pem", "rb")) != XBADFILE); ExpectNotNull((rsa = PEM_read_RSA_PUBKEY(fp, NULL, NULL, NULL))); if (fp != XBADFILE) XFCLOSE(fp); ExpectIntEQ(RSA_size(rsa), 256); ExpectIntEQ(PEM_write_RSAPublicKey(XBADFILE, rsa), WOLFSSL_FAILURE); ExpectIntEQ(PEM_write_RSAPublicKey(stderr, NULL), WOLFSSL_FAILURE); ExpectIntEQ(PEM_write_RSAPublicKey(stderr, rsa), WOLFSSL_SUCCESS); ExpectIntEQ(PEM_write_RSA_PUBKEY(XBADFILE, rsa), WOLFSSL_FAILURE); ExpectIntEQ(PEM_write_RSA_PUBKEY(stderr, NULL), WOLFSSL_FAILURE); ExpectIntEQ(PEM_write_RSA_PUBKEY(stderr, rsa), WOLFSSL_SUCCESS); RSA_free(rsa); #endif /* defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && \ (defined(WOLFSSL_KEY_GEN) || WOLFSSL_CERT_GEN) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) && !defined(NO_CERTS) */ return EXPECT_RESULT(); } static int test_wolfSSL_PEM_file_RSAPrivateKey(void) { EXPECT_DECLS; #if !defined(NO_RSA) && defined(OPENSSL_EXTRA) && defined(WOLFSSL_KEY_GEN) && \ !defined(NO_FILESYSTEM) && \ (defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM)) RSA* rsa = NULL; XFILE f = NULL; ExpectTrue((f = XFOPEN(svrKeyFile, "r")) != XBADFILE); ExpectNotNull((rsa = PEM_read_RSAPrivateKey(f, NULL, NULL, NULL))); ExpectIntEQ(RSA_size(rsa), 256); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } ExpectIntEQ(PEM_write_RSAPrivateKey(XBADFILE, rsa, NULL, NULL, 0, NULL, NULL), WOLFSSL_FAILURE); ExpectIntEQ(PEM_write_RSAPrivateKey(stderr, NULL, NULL, NULL, 0, NULL, NULL), WOLFSSL_FAILURE); ExpectIntEQ(PEM_write_RSAPrivateKey(stderr, rsa, NULL, NULL, 0, NULL, NULL), WOLFSSL_SUCCESS); RSA_free(rsa); #ifdef HAVE_ECC ExpectTrue((f = XFOPEN(eccKeyFile, "r")) != XBADFILE); ExpectNull((rsa = PEM_read_RSAPrivateKey(f, NULL, NULL, NULL))); if (f != XBADFILE) XFCLOSE(f); #endif /* HAVE_ECC */ #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */ return EXPECT_RESULT(); } static int test_wolfSSL_PEM_read_RSA_PUBKEY(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) XFILE file = XBADFILE; const char* fname = "./certs/client-keyPub.pem"; RSA *rsa = NULL; ExpectNull(wolfSSL_PEM_read_RSA_PUBKEY(XBADFILE, NULL, NULL, NULL)); ExpectTrue((file = XFOPEN(fname, "rb")) != XBADFILE); ExpectNotNull((rsa = PEM_read_RSA_PUBKEY(file, NULL, NULL, NULL))); ExpectIntEQ(RSA_size(rsa), 256); RSA_free(rsa); if (file != XBADFILE) XFCLOSE(file); #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */ return EXPECT_RESULT(); } #ifndef NO_BIO static int test_wolfSSL_PEM_bio_RSAKey(void) { EXPECT_DECLS; #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && \ defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) && \ !defined(NO_FILESYSTEM) && !defined(NO_CERTS) RSA* rsa = NULL; BIO* bio = NULL; /* PrivateKey */ ExpectNotNull(bio = BIO_new_file(svrKeyFile, "rb")); ExpectNull((rsa = PEM_read_bio_RSAPrivateKey(NULL, NULL, NULL, NULL))); ExpectNotNull(PEM_read_bio_RSAPrivateKey(bio, &rsa, NULL, NULL)); ExpectNotNull(rsa); ExpectIntEQ(RSA_size(rsa), 256); ExpectIntEQ(PEM_write_bio_RSAPrivateKey(NULL, NULL, NULL, NULL, 0, NULL, \ NULL), WOLFSSL_FAILURE); BIO_free(bio); bio = NULL; ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem())); ExpectIntEQ(PEM_write_bio_RSAPrivateKey(bio, rsa, NULL, NULL, 0, NULL, \ NULL), WOLFSSL_SUCCESS); BIO_free(bio); bio = NULL; RSA_free(rsa); rsa = NULL; /* PUBKEY */ ExpectNotNull(bio = BIO_new_file("./certs/rsa-pub-2048.pem", "rb")); ExpectNull((rsa = PEM_read_bio_RSA_PUBKEY(NULL, NULL, NULL, NULL))); ExpectNotNull((rsa = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL))); ExpectIntEQ(RSA_size(rsa), 256); ExpectIntEQ(PEM_write_bio_RSA_PUBKEY(NULL, NULL), WOLFSSL_FAILURE); BIO_free(bio); bio = NULL; ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem())); ExpectIntEQ(PEM_write_bio_RSA_PUBKEY(bio, rsa), WOLFSSL_SUCCESS); BIO_free(bio); bio = NULL; RSA_free(rsa); rsa = NULL; /* Ensure that keys beginning with BEGIN RSA PUBLIC KEY can be read, too. */ ExpectNotNull(bio = BIO_new_file("./certs/server-keyPub.pem", "rb")); ExpectNotNull((rsa = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL))); BIO_free(bio); bio = NULL; RSA_free(rsa); rsa = NULL; #ifdef HAVE_ECC /* ensure that non-rsa keys do not work */ ExpectNotNull(bio = BIO_new_file(eccKeyFile, "rb")); /* ecc key */ ExpectNull((rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL))); ExpectNull((rsa = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL))); BIO_free(bio); bio = NULL; RSA_free(rsa); rsa = NULL; #endif /* HAVE_ECC */ #endif /* defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && \ (defined(WOLFSSL_KEY_GEN) || WOLFSSL_CERT_GEN) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) && !defined(NO_CERTS) */ return EXPECT_RESULT(); } static int test_wolfSSL_PEM_bio_RSAPrivateKey(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) RSA* rsa = NULL; RSA* rsa_dup = NULL; BIO* bio = NULL; ExpectNotNull(bio = BIO_new_file(svrKeyFile, "rb")); ExpectNotNull((rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL))); ExpectIntEQ(RSA_size(rsa), 256); #if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) ExpectNull(rsa_dup = RSAPublicKey_dup(NULL)); /* Test duplicating empty key. */ ExpectNotNull(rsa_dup = RSA_new()); ExpectNull(RSAPublicKey_dup(rsa_dup)); RSA_free(rsa_dup); rsa_dup = NULL; ExpectNotNull(rsa_dup = RSAPublicKey_dup(rsa)); ExpectPtrNE(rsa_dup, rsa); #endif /* test if valgrind complains about unreleased memory */ RSA_up_ref(rsa); RSA_free(rsa); BIO_free(bio); bio = NULL; RSA_free(rsa); rsa = NULL; RSA_free(rsa_dup); rsa_dup = NULL; #ifdef HAVE_ECC ExpectNotNull(bio = BIO_new_file(eccKeyFile, "rb")); ExpectNull((rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL))); BIO_free(bio); #endif /* HAVE_ECC */ #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */ return EXPECT_RESULT(); } static int test_wolfSSL_PEM_bio_DSAKey(void) { EXPECT_DECLS; #ifndef HAVE_SELFTEST #if (defined(WOLFSSL_QT) || defined(OPENSSL_ALL)) && !defined(NO_CERTS) && \ defined(WOLFSSL_KEY_GEN) && !defined(NO_FILESYSTEM) && !defined(NO_DSA) DSA* dsa = NULL; BIO* bio = NULL; /* PrivateKey */ ExpectNotNull(bio = BIO_new_file("./certs/1024/dsa1024.pem", "rb")); ExpectNull((dsa = PEM_read_bio_DSAPrivateKey(NULL, NULL, NULL, NULL))); ExpectNotNull((dsa = PEM_read_bio_DSAPrivateKey(bio, NULL, NULL, NULL))); ExpectIntEQ(BN_num_bytes(dsa->g), 128); ExpectIntEQ(PEM_write_bio_DSAPrivateKey(NULL, NULL, NULL, NULL, 0, NULL, NULL), WOLFSSL_FAILURE); BIO_free(bio); bio = NULL; ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem())); ExpectIntEQ(PEM_write_bio_DSAPrivateKey(bio, dsa, NULL, NULL, 0, NULL, NULL), WOLFSSL_SUCCESS); BIO_free(bio); bio = NULL; DSA_free(dsa); dsa = NULL; /* PUBKEY */ ExpectNotNull(bio = BIO_new_file("./certs/1024/dsa-pub-1024.pem", "rb")); ExpectNull((dsa = PEM_read_bio_DSA_PUBKEY(NULL, NULL, NULL, NULL))); ExpectNotNull((dsa = PEM_read_bio_DSA_PUBKEY(bio, NULL, NULL, NULL))); ExpectIntEQ(BN_num_bytes(dsa->g), 128); ExpectIntEQ(PEM_write_bio_DSA_PUBKEY(NULL, NULL), WOLFSSL_FAILURE); BIO_free(bio); bio = NULL; ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem())); ExpectIntEQ(PEM_write_bio_DSA_PUBKEY(bio, dsa), WOLFSSL_SUCCESS); BIO_free(bio); bio = NULL; DSA_free(dsa); dsa = NULL; #ifdef HAVE_ECC /* ensure that non-dsa keys do not work */ ExpectNotNull(bio = BIO_new_file(eccKeyFile, "rb")); /* ecc key */ ExpectNull((dsa = PEM_read_bio_DSAPrivateKey(bio, NULL, NULL, NULL))); ExpectNull((dsa = PEM_read_bio_DSA_PUBKEY(bio, NULL, NULL, NULL))); BIO_free(bio); bio = NULL; DSA_free(dsa); dsa = NULL; #endif /* HAVE_ECC */ #endif /* defined(WOLFSSL_QT) || defined(OPENSSL_ALL)) && \ !defined(NO_CERTS) && defined(WOLFSSL_KEY_GEN) && \ !defined(NO_FILESYSTEM) && !defined(NO_DSA) */ #endif /* HAVE_SELFTEST */ return EXPECT_RESULT(); } static int test_wolfSSL_PEM_bio_ECKey(void) { EXPECT_DECLS; #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && \ defined(WOLFSSL_KEY_GEN) && !defined(NO_FILESYSTEM) && defined(HAVE_ECC) EC_KEY* ec = NULL; EC_KEY* ec2; BIO* bio = NULL; #if defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM) unsigned char* pem = NULL; int pLen; #endif static char ec_key_bad_1[] = "-----BEGIN PUBLIC KEY-----\n" "MAA=\n" "-----END PUBLIC KEY-----"; static char ec_priv_key_bad_1[] = "-----BEGIN EC PRIVATE KEY-----\n" "MAA=\n" "-----END EC PRIVATE KEY-----"; /* PrivateKey */ ExpectNotNull(bio = BIO_new_file("./certs/ecc-key.pem", "rb")); ExpectNull((ec = PEM_read_bio_ECPrivateKey(NULL, NULL, NULL, NULL))); ec2 = NULL; ExpectNotNull((ec = PEM_read_bio_ECPrivateKey(bio, &ec2, NULL, NULL))); ExpectIntEQ(ec == ec2, 1); ExpectIntEQ(wc_ecc_size((ecc_key*)ec->internal), 32); ExpectIntEQ(PEM_write_bio_ECPrivateKey(NULL, NULL, NULL, NULL, 0, NULL, NULL), WOLFSSL_FAILURE); ExpectIntEQ(PEM_write_bio_ECPrivateKey(bio, NULL, NULL, NULL, 0, NULL, NULL), WOLFSSL_FAILURE); ExpectIntEQ(PEM_write_bio_ECPrivateKey(NULL, ec, NULL, NULL, 0, NULL, NULL), WOLFSSL_FAILURE); BIO_free(bio); bio = NULL; /* Public key data - fail. */ ExpectNotNull(bio = BIO_new_file("./certs/ecc-client-keyPub.pem", "rb")); ExpectNull(PEM_read_bio_ECPrivateKey(bio, NULL, NULL, NULL)); BIO_free(bio); bio = NULL; ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem())); ExpectIntEQ(PEM_write_bio_ECPrivateKey(bio, ec, NULL, NULL, 0, NULL, \ NULL), WOLFSSL_SUCCESS); BIO_free(bio); bio = NULL; ExpectIntEQ(PEM_write_ECPrivateKey(XBADFILE, NULL, NULL, NULL, 0, NULL, NULL),WOLFSSL_FAILURE); ExpectIntEQ(PEM_write_ECPrivateKey(stderr, NULL, NULL, NULL, 0, NULL, NULL), WOLFSSL_FAILURE); ExpectIntEQ(PEM_write_ECPrivateKey(XBADFILE, ec, NULL, NULL, 0, NULL, NULL), WOLFSSL_FAILURE); ExpectIntEQ(PEM_write_ECPrivateKey(stderr, ec, NULL, NULL, 0, NULL, NULL), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_PEM_write_mem_ECPrivateKey(NULL, NULL, NULL, 0, NULL, NULL), 0); #if defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM) ExpectIntEQ(wolfSSL_PEM_write_mem_ECPrivateKey(ec, NULL, NULL, 0, NULL, NULL), 0); ExpectIntEQ(wolfSSL_PEM_write_mem_ECPrivateKey(NULL, NULL, NULL, 0, &pem, NULL), 0); ExpectIntEQ(wolfSSL_PEM_write_mem_ECPrivateKey(NULL, NULL, NULL, 0, NULL, &pLen), 0); ExpectIntEQ(wolfSSL_PEM_write_mem_ECPrivateKey(NULL, NULL, NULL, 0, &pem, &pLen), 0); ExpectIntEQ(wolfSSL_PEM_write_mem_ECPrivateKey(ec, NULL, NULL, 0, NULL, &pLen), 0); ExpectIntEQ(wolfSSL_PEM_write_mem_ECPrivateKey(ec, NULL, NULL, 0, &pem, NULL), 0); ExpectIntEQ(wolfSSL_PEM_write_mem_ECPrivateKey(ec, NULL, NULL, 0, &pem, &pLen), 1); ExpectIntGT(pLen, 0); XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER); #endif EC_KEY_free(ec); ec = NULL; /* PUBKEY */ ExpectNotNull(bio = BIO_new_file("./certs/ecc-client-keyPub.pem", "rb")); ExpectNull((ec = PEM_read_bio_EC_PUBKEY(NULL, NULL, NULL, NULL))); ec2 = NULL; ExpectNotNull((ec = PEM_read_bio_EC_PUBKEY(bio, &ec2, NULL, NULL))); ExpectIntEQ(ec == ec2, 1); ExpectIntEQ(wc_ecc_size((ecc_key*)ec->internal), 32); ExpectIntEQ(PEM_write_bio_EC_PUBKEY(NULL, NULL), WOLFSSL_FAILURE); BIO_free(bio); bio = NULL; /* Test 0x30, 0x00 fails. */ ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_key_bad_1, sizeof(ec_key_bad_1))); ExpectNull(PEM_read_bio_EC_PUBKEY(bio, NULL, NULL, NULL)); BIO_free(bio); bio = NULL; /* Private key data - fail. */ ExpectNotNull(bio = BIO_new_file("./certs/ecc-key.pem", "rb")); ExpectNull(PEM_read_bio_EC_PUBKEY(bio, NULL, NULL, NULL)); BIO_free(bio); bio = NULL; ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem())); ExpectIntEQ(PEM_write_bio_EC_PUBKEY(bio, ec), WOLFSSL_SUCCESS); BIO_free(bio); bio = NULL; /* Same test as above, but with a file pointer rather than a BIO. */ ExpectIntEQ(PEM_write_EC_PUBKEY(NULL, NULL), WOLFSSL_FAILURE); ExpectIntEQ(PEM_write_EC_PUBKEY(NULL, ec), WOLFSSL_FAILURE); ExpectIntEQ(PEM_write_EC_PUBKEY(stderr, NULL), WOLFSSL_FAILURE); ExpectIntEQ(PEM_write_EC_PUBKEY(stderr, ec), WOLFSSL_SUCCESS); EC_KEY_free(ec); ec = NULL; #ifndef NO_RSA /* ensure that non-ec keys do not work */ ExpectNotNull(bio = BIO_new_file(svrKeyFile, "rb")); /* rsa key */ ExpectNull((ec = PEM_read_bio_ECPrivateKey(bio, NULL, NULL, NULL))); ExpectNull((ec = PEM_read_bio_EC_PUBKEY(bio, NULL, NULL, NULL))); BIO_free(bio); bio = NULL; EC_KEY_free(ec); ec = NULL; #endif /* !NO_RSA */ /* Test 0x30, 0x00 fails. */ ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_priv_key_bad_1, sizeof(ec_priv_key_bad_1))); ExpectNull(PEM_read_bio_ECPrivateKey(bio, NULL, NULL, NULL)); BIO_free(bio); bio = NULL; #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */ return EXPECT_RESULT(); } static int test_wolfSSL_PEM_PUBKEY(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) BIO* bio = NULL; EVP_PKEY* pkey = NULL; /* test creating new EVP_PKEY with bad arg */ ExpectNull((pkey = PEM_read_bio_PUBKEY(NULL, NULL, NULL, NULL))); /* test loading ECC key using BIO */ #if defined(HAVE_ECC) && !defined(NO_FILESYSTEM) { XFILE file = XBADFILE; const char* fname = "./certs/ecc-client-keyPub.pem"; size_t sz; byte* buf = NULL; EVP_PKEY* pkey2 = NULL; EC_KEY* ec_key = NULL; ExpectTrue((file = XFOPEN(fname, "rb")) != XBADFILE); ExpectIntEQ(XFSEEK(file, 0, XSEEK_END), 0); ExpectIntGT(sz = XFTELL(file), 0); ExpectIntEQ(XFSEEK(file, 0, XSEEK_SET), 0); ExpectNotNull(buf = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE)); if (buf != NULL) { ExpectIntEQ(XFREAD(buf, 1, sz, file), sz); } if (file != XBADFILE) { XFCLOSE(file); } /* Test using BIO new mem and loading PEM private key */ ExpectNotNull(bio = BIO_new_mem_buf(buf, (int)sz)); ExpectNotNull((pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL))); XFREE(buf, NULL, DYNAMIC_TYPE_FILE); BIO_free(bio); bio = NULL; /* Qt unit test case*/ ExpectNotNull(pkey2 = EVP_PKEY_new()); ExpectNotNull(ec_key = EVP_PKEY_get1_EC_KEY(pkey)); ExpectIntEQ(EVP_PKEY_set1_EC_KEY(pkey2, ec_key), WOLFSSL_SUCCESS); #ifdef WOLFSSL_ERROR_CODE_OPENSSL ExpectIntEQ(EVP_PKEY_cmp(pkey, pkey2), 1/* match */); #else ExpectIntEQ(EVP_PKEY_cmp(pkey, pkey2), 0); #endif EC_KEY_free(ec_key); EVP_PKEY_free(pkey2); EVP_PKEY_free(pkey); pkey = NULL; } #endif (void)bio; (void)pkey; #endif return EXPECT_RESULT(); } #endif /* !NO_BIO */ static int test_DSA_do_sign_verify(void) { EXPECT_DECLS; #if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && \ !defined(NO_DSA) unsigned char digest[WC_SHA_DIGEST_SIZE]; DSA_SIG* sig = NULL; DSA* dsa = NULL; word32 bytes; byte sigBin[DSA_SIG_SIZE]; int dsacheck; #ifdef USE_CERT_BUFFERS_1024 byte tmp[ONEK_BUF]; XMEMSET(tmp, 0, sizeof(tmp)); XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024); bytes = sizeof_dsa_key_der_1024; #elif defined(USE_CERT_BUFFERS_2048) byte tmp[TWOK_BUF]; XMEMSET(tmp, 0, sizeof(tmp)); XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048); bytes = sizeof_dsa_key_der_2048; #else byte tmp[TWOK_BUF]; XFILE fp = XBADFILE; XMEMSET(tmp, 0, sizeof(tmp)); ExpectTrue((fp = XFOPEN("./certs/dsa2048.der", "rb") != XBADFILE); ExpectIntGT(bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp), 0); if (fp != XBADFILE) XFCLOSE(fp); #endif /* END USE_CERT_BUFFERS_1024 */ XMEMSET(digest, 202, sizeof(digest)); ExpectNotNull(dsa = DSA_new()); ExpectIntEQ(DSA_LoadDer(dsa, tmp, bytes), 1); ExpectIntEQ(wolfSSL_DSA_do_sign(digest, sigBin, dsa), 1); ExpectIntEQ(wolfSSL_DSA_do_verify(digest, sigBin, dsa, &dsacheck), 1); ExpectNotNull(sig = DSA_do_sign(digest, WC_SHA_DIGEST_SIZE, dsa)); ExpectIntEQ(DSA_do_verify(digest, WC_SHA_DIGEST_SIZE, sig, dsa), 1); DSA_SIG_free(sig); DSA_free(dsa); #endif #endif /* !HAVE_SELFTEST && !HAVE_FIPS */ return EXPECT_RESULT(); } static int test_wolfSSL_tmp_dh(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \ !defined(NO_DSA) && !defined(NO_RSA) && !defined(NO_DH) && !defined(NO_BIO) #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) byte buff[6000]; char file[] = "./certs/dsaparams.pem"; XFILE f = XBADFILE; int bytes = 0; DSA* dsa = NULL; DH* dh = NULL; #if defined(WOLFSSL_DH_EXTRA) && \ (defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH)) DH* dh2 = NULL; #endif BIO* bio = NULL; SSL* ssl = NULL; SSL_CTX* ctx = NULL; #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method())); #else ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method())); #endif ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(ssl = SSL_new(ctx)); ExpectTrue((f = XFOPEN(file, "rb")) != XBADFILE); ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0); if (f != XBADFILE) XFCLOSE(f); ExpectNotNull(bio = BIO_new_mem_buf((void*)buff, bytes)); dsa = wolfSSL_PEM_read_bio_DSAparams(bio, NULL, NULL, NULL); ExpectNotNull(dsa); dh = wolfSSL_DSA_dup_DH(dsa); ExpectNotNull(dh); #if defined(WOLFSSL_DH_EXTRA) && \ (defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH)) ExpectNotNull(dh2 = wolfSSL_DH_dup(dh)); #endif ExpectIntEQ((int)SSL_CTX_set_tmp_dh(ctx, dh), WOLFSSL_SUCCESS); #ifndef NO_WOLFSSL_SERVER ExpectIntEQ((int)SSL_set_tmp_dh(ssl, dh), WOLFSSL_SUCCESS); #else ExpectIntEQ((int)SSL_set_tmp_dh(ssl, dh), SIDE_ERROR); #endif BIO_free(bio); DSA_free(dsa); DH_free(dh); dh = NULL; #if defined(WOLFSSL_DH_EXTRA) && \ (defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH)) DH_free(dh2); dh2 = NULL; #endif SSL_free(ssl); SSL_CTX_free(ctx); #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ #endif return EXPECT_RESULT(); } static int test_wolfSSL_ctrl(void) { EXPECT_DECLS; #if defined (OPENSSL_EXTRA) && !defined(NO_BIO) byte buff[6000]; BIO* bio = NULL; int bytes; BUF_MEM* ptr = NULL; XMEMSET(buff, 0, sizeof(buff)); bytes = sizeof(buff); ExpectNotNull(bio = BIO_new_mem_buf((void*)buff, bytes)); ExpectNotNull(BIO_s_socket()); ExpectIntEQ((int)wolfSSL_BIO_get_mem_ptr(bio, &ptr), WOLFSSL_SUCCESS); /* needs tested after stubs filled out @TODO SSL_ctrl SSL_CTX_ctrl */ BIO_free(bio); #endif /* defined(OPENSSL_EXTRA) && !defined(NO_BIO) */ return EXPECT_RESULT(); } static int test_wolfSSL_EVP_PKEY_new_mac_key(void) { EXPECT_DECLS; #ifdef OPENSSL_EXTRA static const unsigned char pw[] = "password"; static const int pwSz = sizeof(pw) - 1; size_t checkPwSz = 0; const unsigned char* checkPw = NULL; WOLFSSL_EVP_PKEY* key = NULL; ExpectNull(key = wolfSSL_EVP_PKEY_new_mac_key(0, NULL, pw, pwSz)); ExpectNull(key = wolfSSL_EVP_PKEY_new_mac_key(0, NULL, NULL, pwSz)); ExpectNotNull(key = wolfSSL_EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, pw, pwSz)); if (key != NULL) { ExpectIntEQ(key->type, EVP_PKEY_HMAC); ExpectIntEQ(key->save_type, EVP_PKEY_HMAC); ExpectIntEQ(key->pkey_sz, pwSz); ExpectIntEQ(XMEMCMP(key->pkey.ptr, pw, pwSz), 0); } ExpectNotNull(checkPw = wolfSSL_EVP_PKEY_get0_hmac(key, &checkPwSz)); ExpectIntEQ((int)checkPwSz, pwSz); ExpectIntEQ(XMEMCMP(checkPw, pw, pwSz), 0); wolfSSL_EVP_PKEY_free(key); key = NULL; ExpectNotNull(key = wolfSSL_EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, pw, 0)); ExpectIntEQ(key->pkey_sz, 0); if (EXPECT_SUCCESS()) { /* Allocation for key->pkey.ptr may fail - OK key len is 0 */ checkPw = wolfSSL_EVP_PKEY_get0_hmac(key, &checkPwSz); } ExpectTrue((checkPwSz == 0) || (checkPw != NULL)); ExpectIntEQ((int)checkPwSz, 0); wolfSSL_EVP_PKEY_free(key); key = NULL; ExpectNotNull(key = wolfSSL_EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, NULL, 0)); ExpectIntEQ(key->pkey_sz, 0); if (EXPECT_SUCCESS()) { /* Allocation for key->pkey.ptr may fail - OK key len is 0 */ checkPw = wolfSSL_EVP_PKEY_get0_hmac(key, &checkPwSz); } ExpectTrue((checkPwSz == 0) || (checkPw != NULL)); ExpectIntEQ((int)checkPwSz, 0); wolfSSL_EVP_PKEY_free(key); key = NULL; #endif /* OPENSSL_EXTRA */ return EXPECT_RESULT(); } static int test_wolfSSL_EVP_PKEY_new_CMAC_key(void) { EXPECT_DECLS; #ifdef OPENSSL_EXTRA #if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_DIRECT) const char *priv = "ABCDEFGHIJKLMNOP"; const WOLFSSL_EVP_CIPHER* cipher = EVP_aes_128_cbc(); WOLFSSL_EVP_PKEY* key = NULL; ExpectNull(key = wolfSSL_EVP_PKEY_new_CMAC_key( NULL, NULL, AES_128_KEY_SIZE, cipher)); ExpectNull(key = wolfSSL_EVP_PKEY_new_CMAC_key( NULL, (const unsigned char *)priv, 0, cipher)); ExpectNull(key = wolfSSL_EVP_PKEY_new_CMAC_key( NULL, (const unsigned char *)priv, AES_128_KEY_SIZE, NULL)); ExpectNotNull(key = wolfSSL_EVP_PKEY_new_CMAC_key( NULL, (const unsigned char *)priv, AES_128_KEY_SIZE, cipher)); wolfSSL_EVP_PKEY_free(key); #endif /* WOLFSSL_CMAC && !NO_AES && WOLFSSL_AES_DIRECT */ #endif /* OPENSSL_EXTRA */ return EXPECT_RESULT(); } static int test_wolfSSL_EVP_Digest(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_SHA256) && !defined(NO_PWDBASED) const char* in = "abc"; int inLen = (int)XSTRLEN(in); byte out[WC_SHA256_DIGEST_SIZE]; unsigned int outLen; const char* expOut = "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22" "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00" "\x15\xAD"; ExpectIntEQ(wolfSSL_EVP_Digest((unsigned char*)in, inLen, out, &outLen, "SHA256", NULL), 1); ExpectIntEQ(outLen, WC_SHA256_DIGEST_SIZE); ExpectIntEQ(XMEMCMP(out, expOut, WC_SHA256_DIGEST_SIZE), 0); #endif /* OPEN_EXTRA && ! NO_SHA256 */ return EXPECT_RESULT(); } static int test_wolfSSL_EVP_Digest_all(void) { EXPECT_DECLS; #ifdef OPENSSL_EXTRA const char* digests[] = { #ifndef NO_MD5 "MD5", #endif #ifndef NO_SHA "SHA", #endif #ifdef WOLFSSL_SHA224 "SHA224", #endif #ifndef NO_SHA256 "SHA256", #endif #ifdef WOLFSSL_SHA384 "SHA384", #endif #ifdef WOLFSSL_SHA512 "SHA512", #endif #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) "SHA512_224", #endif #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) "SHA512_256", #endif #ifdef WOLFSSL_SHA3 #ifndef WOLFSSL_NOSHA3_224 "SHA3_224", #endif #ifndef WOLFSSL_NOSHA3_256 "SHA3_256", #endif "SHA3_384", #ifndef WOLFSSL_NOSHA3_512 "SHA3_512", #endif #endif /* WOLFSSL_SHA3 */ NULL }; const char** d; const unsigned char in[] = "abc"; int inLen = XSTR_SIZEOF(in); byte out[WC_MAX_DIGEST_SIZE]; unsigned int outLen; for (d = digests; *d != NULL; d++) { ExpectIntEQ(EVP_Digest(in, inLen, out, &outLen, *d, NULL), 1); ExpectIntGT(outLen, 0); ExpectIntEQ(EVP_MD_size(*d), outLen); } #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_MD_size(void) { EXPECT_DECLS; #ifdef OPENSSL_EXTRA WOLFSSL_EVP_MD_CTX mdCtx; #ifdef WOLFSSL_SHA3 #ifndef WOLFSSL_NOSHA3_224 wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, "SHA3_224"), 1); ExpectIntEQ(wolfSSL_EVP_MD_CTX_size(&mdCtx), WC_SHA3_224_DIGEST_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), WC_SHA3_224_BLOCK_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1); #endif #ifndef WOLFSSL_NOSHA3_256 wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, "SHA3_256"), 1); ExpectIntEQ(wolfSSL_EVP_MD_CTX_size(&mdCtx), WC_SHA3_256_DIGEST_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), WC_SHA3_256_BLOCK_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1); #endif wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, "SHA3_384"), 1); ExpectIntEQ(wolfSSL_EVP_MD_CTX_size(&mdCtx), WC_SHA3_384_DIGEST_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), WC_SHA3_384_BLOCK_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1); #ifndef WOLFSSL_NOSHA3_512 wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, "SHA3_512"), 1); ExpectIntEQ(wolfSSL_EVP_MD_CTX_size(&mdCtx), WC_SHA3_512_DIGEST_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), WC_SHA3_512_BLOCK_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1); #endif #endif /* WOLFSSL_SHA3 */ #ifndef NO_SHA256 wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, "SHA256"), 1); ExpectIntEQ(wolfSSL_EVP_MD_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)), WC_SHA256_DIGEST_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_block_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)), WC_SHA256_BLOCK_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_size(&mdCtx), WC_SHA256_DIGEST_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), WC_SHA256_BLOCK_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1); #endif #ifndef NO_MD5 wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, "MD5"), 1); ExpectIntEQ(wolfSSL_EVP_MD_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)), WC_MD5_DIGEST_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_block_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)), WC_MD5_BLOCK_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_size(&mdCtx), WC_MD5_DIGEST_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), WC_MD5_BLOCK_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1); #endif #ifdef WOLFSSL_SHA224 wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, "SHA224"), 1); ExpectIntEQ(wolfSSL_EVP_MD_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)), WC_SHA224_DIGEST_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_block_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)), WC_SHA224_BLOCK_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_size(&mdCtx), WC_SHA224_DIGEST_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), WC_SHA224_BLOCK_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1); #endif #ifdef WOLFSSL_SHA384 wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, "SHA384"), 1); ExpectIntEQ(wolfSSL_EVP_MD_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)), WC_SHA384_DIGEST_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_block_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)), WC_SHA384_BLOCK_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_size(&mdCtx), WC_SHA384_DIGEST_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), WC_SHA384_BLOCK_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1); #endif #ifdef WOLFSSL_SHA512 wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, "SHA512"), 1); ExpectIntEQ(wolfSSL_EVP_MD_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)), WC_SHA512_DIGEST_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_block_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)), WC_SHA512_BLOCK_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_size(&mdCtx), WC_SHA512_DIGEST_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), WC_SHA512_BLOCK_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1); #endif #ifndef NO_SHA wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, "SHA"), 1); ExpectIntEQ(wolfSSL_EVP_MD_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)), WC_SHA_DIGEST_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_block_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)), WC_SHA_BLOCK_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_size(&mdCtx), WC_SHA_DIGEST_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), WC_SHA_BLOCK_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1); wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, "SHA1"), 1); ExpectIntEQ(wolfSSL_EVP_MD_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)), WC_SHA_DIGEST_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_block_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)), WC_SHA_BLOCK_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_size(&mdCtx), WC_SHA_DIGEST_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), WC_SHA_BLOCK_SIZE); ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1); #endif /* error case */ wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, ""), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_EVP_MD_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), BAD_FUNC_ARG); /* Cleanup is valid on uninit'ed struct */ ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1); #endif /* OPENSSL_EXTRA */ return EXPECT_RESULT(); } static int test_wolfSSL_EVP_MD_pkey_type(void) { EXPECT_DECLS; #ifdef OPENSSL_EXTRA const WOLFSSL_EVP_MD* md; #ifndef NO_MD5 ExpectNotNull(md = EVP_md5()); ExpectIntEQ(EVP_MD_pkey_type(md), NID_md5WithRSAEncryption); #endif #ifndef NO_SHA ExpectNotNull(md = EVP_sha1()); ExpectIntEQ(EVP_MD_pkey_type(md), NID_sha1WithRSAEncryption); #endif #ifdef WOLFSSL_SHA224 ExpectNotNull(md = EVP_sha224()); ExpectIntEQ(EVP_MD_pkey_type(md), NID_sha224WithRSAEncryption); #endif ExpectNotNull(md = EVP_sha256()); ExpectIntEQ(EVP_MD_pkey_type(md), NID_sha256WithRSAEncryption); #ifdef WOLFSSL_SHA384 ExpectNotNull(md = EVP_sha384()); ExpectIntEQ(EVP_MD_pkey_type(md), NID_sha384WithRSAEncryption); #endif #ifdef WOLFSSL_SHA512 ExpectNotNull(md = EVP_sha512()); ExpectIntEQ(EVP_MD_pkey_type(md), NID_sha512WithRSAEncryption); #endif #endif return EXPECT_RESULT(); } #ifdef OPENSSL_EXTRA static int test_hmac_signing(const WOLFSSL_EVP_MD *type, const byte* testKey, size_t testKeySz, const char* testData, size_t testDataSz, const byte* testResult, size_t testResultSz) { EXPECT_DECLS; unsigned char check[WC_MAX_DIGEST_SIZE]; size_t checkSz = -1; WOLFSSL_EVP_PKEY* key = NULL; WOLFSSL_EVP_MD_CTX mdCtx; ExpectNotNull(key = wolfSSL_EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, testKey, (int)testKeySz)); wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, type, NULL, key), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData, (unsigned int)testDataSz), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1); ExpectIntEQ((int)checkSz, (int)testResultSz); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1); ExpectIntEQ((int)checkSz,(int)testResultSz); ExpectIntEQ(XMEMCMP(testResult, check, testResultSz), 0); ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, type, NULL, key), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData, (unsigned int)testDataSz), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, testResult, checkSz), 1); ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1); wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, type, NULL, key), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData, 4), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1); ExpectIntEQ((int)checkSz, (int)testResultSz); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1); ExpectIntEQ((int)checkSz,(int)testResultSz); ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData + 4, (unsigned int)testDataSz - 4), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1); ExpectIntEQ((int)checkSz,(int)testResultSz); ExpectIntEQ(XMEMCMP(testResult, check, testResultSz), 0); ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, type, NULL, key), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData, 4), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData + 4, (unsigned int)testDataSz - 4), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, testResult, checkSz), 1); ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1); wolfSSL_EVP_PKEY_free(key); return EXPECT_RESULT(); } #endif static int test_wolfSSL_EVP_MD_hmac_signing(void) { EXPECT_DECLS; #ifdef OPENSSL_EXTRA static const unsigned char testKey[] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b }; static const char testData[] = "Hi There"; #ifdef WOLFSSL_SHA224 static const unsigned char testResultSha224[] = { 0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68, 0x32, 0x10, 0x7c, 0xd4, 0x9d, 0xf3, 0x3f, 0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f, 0x53, 0x68, 0x4b, 0x22 }; #endif #ifndef NO_SHA256 static const unsigned char testResultSha256[] = { 0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf, 0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9, 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7 }; #endif #ifdef WOLFSSL_SHA384 static const unsigned char testResultSha384[] = { 0xaf, 0xd0, 0x39, 0x44, 0xd8, 0x48, 0x95, 0x62, 0x6b, 0x08, 0x25, 0xf4, 0xab, 0x46, 0x90, 0x7f, 0x15, 0xf9, 0xda, 0xdb, 0xe4, 0x10, 0x1e, 0xc6, 0x82, 0xaa, 0x03, 0x4c, 0x7c, 0xeb, 0xc5, 0x9c, 0xfa, 0xea, 0x9e, 0xa9, 0x07, 0x6e, 0xde, 0x7f, 0x4a, 0xf1, 0x52, 0xe8, 0xb2, 0xfa, 0x9c, 0xb6 }; #endif #ifdef WOLFSSL_SHA512 static const unsigned char testResultSha512[] = { 0x87, 0xaa, 0x7c, 0xde, 0xa5, 0xef, 0x61, 0x9d, 0x4f, 0xf0, 0xb4, 0x24, 0x1a, 0x1d, 0x6c, 0xb0, 0x23, 0x79, 0xf4, 0xe2, 0xce, 0x4e, 0xc2, 0x78, 0x7a, 0xd0, 0xb3, 0x05, 0x45, 0xe1, 0x7c, 0xde, 0xda, 0xa8, 0x33, 0xb7, 0xd6, 0xb8, 0xa7, 0x02, 0x03, 0x8b, 0x27, 0x4e, 0xae, 0xa3, 0xf4, 0xe4, 0xbe, 0x9d, 0x91, 0x4e, 0xeb, 0x61, 0xf1, 0x70, 0x2e, 0x69, 0x6c, 0x20, 0x3a, 0x12, 0x68, 0x54 }; #endif #ifdef WOLFSSL_SHA3 #ifndef WOLFSSL_NOSHA3_224 static const unsigned char testResultSha3_224[] = { 0x3b, 0x16, 0x54, 0x6b, 0xbc, 0x7b, 0xe2, 0x70, 0x6a, 0x03, 0x1d, 0xca, 0xfd, 0x56, 0x37, 0x3d, 0x98, 0x84, 0x36, 0x76, 0x41, 0xd8, 0xc5, 0x9a, 0xf3, 0xc8, 0x60, 0xf7 }; #endif #ifndef WOLFSSL_NOSHA3_256 static const unsigned char testResultSha3_256[] = { 0xba, 0x85, 0x19, 0x23, 0x10, 0xdf, 0xfa, 0x96, 0xe2, 0xa3, 0xa4, 0x0e, 0x69, 0x77, 0x43, 0x51, 0x14, 0x0b, 0xb7, 0x18, 0x5e, 0x12, 0x02, 0xcd, 0xcc, 0x91, 0x75, 0x89, 0xf9, 0x5e, 0x16, 0xbb }; #endif #ifndef WOLFSSL_NOSHA3_384 static const unsigned char testResultSha3_384[] = { 0x68, 0xd2, 0xdc, 0xf7, 0xfd, 0x4d, 0xdd, 0x0a, 0x22, 0x40, 0xc8, 0xa4, 0x37, 0x30, 0x5f, 0x61, 0xfb, 0x73, 0x34, 0xcf, 0xb5, 0xd0, 0x22, 0x6e, 0x1b, 0xc2, 0x7d, 0xc1, 0x0a, 0x2e, 0x72, 0x3a, 0x20, 0xd3, 0x70, 0xb4, 0x77, 0x43, 0x13, 0x0e, 0x26, 0xac, 0x7e, 0x3d, 0x53, 0x28, 0x86, 0xbd }; #endif #ifndef WOLFSSL_NOSHA3_512 static const unsigned char testResultSha3_512[] = { 0xeb, 0x3f, 0xbd, 0x4b, 0x2e, 0xaa, 0xb8, 0xf5, 0xc5, 0x04, 0xbd, 0x3a, 0x41, 0x46, 0x5a, 0xac, 0xec, 0x15, 0x77, 0x0a, 0x7c, 0xab, 0xac, 0x53, 0x1e, 0x48, 0x2f, 0x86, 0x0b, 0x5e, 0xc7, 0xba, 0x47, 0xcc, 0xb2, 0xc6, 0xf2, 0xaf, 0xce, 0x8f, 0x88, 0xd2, 0x2b, 0x6d, 0xc6, 0x13, 0x80, 0xf2, 0x3a, 0x66, 0x8f, 0xd3, 0x88, 0x8b, 0xb8, 0x05, 0x37, 0xc0, 0xa0, 0xb8, 0x64, 0x07, 0x68, 0x9e }; #endif #endif #ifndef NO_SHA256 ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha256(), testKey, sizeof(testKey), testData, XSTRLEN(testData), testResultSha256, sizeof(testResultSha256)), TEST_SUCCESS); #endif #ifdef WOLFSSL_SHA224 ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha224(), testKey, sizeof(testKey), testData, XSTRLEN(testData), testResultSha224, sizeof(testResultSha224)), TEST_SUCCESS); #endif #ifdef WOLFSSL_SHA384 ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha384(), testKey, sizeof(testKey), testData, XSTRLEN(testData), testResultSha384, sizeof(testResultSha384)), TEST_SUCCESS); #endif #ifdef WOLFSSL_SHA512 ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha512(), testKey, sizeof(testKey), testData, XSTRLEN(testData), testResultSha512, sizeof(testResultSha512)), TEST_SUCCESS); #endif #ifdef WOLFSSL_SHA3 #ifndef WOLFSSL_NOSHA3_224 ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha3_224(), testKey, sizeof(testKey), testData, XSTRLEN(testData), testResultSha3_224, sizeof(testResultSha3_224)), TEST_SUCCESS); #endif #ifndef WOLFSSL_NOSHA3_256 ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha3_256(), testKey, sizeof(testKey), testData, XSTRLEN(testData), testResultSha3_256, sizeof(testResultSha3_256)), TEST_SUCCESS); #endif #ifndef WOLFSSL_NOSHA3_384 ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha3_384(), testKey, sizeof(testKey), testData, XSTRLEN(testData), testResultSha3_384, sizeof(testResultSha3_384)), TEST_SUCCESS); #endif #ifndef WOLFSSL_NOSHA3_512 ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha3_512(), testKey, sizeof(testKey), testData, XSTRLEN(testData), testResultSha3_512, sizeof(testResultSha3_512)), TEST_SUCCESS); #endif #endif #endif /* OPENSSL_EXTRA */ return EXPECT_RESULT(); } static int test_wolfSSL_EVP_MD_rsa_signing(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048) WOLFSSL_EVP_PKEY* privKey = NULL; WOLFSSL_EVP_PKEY* pubKey = NULL; WOLFSSL_EVP_PKEY_CTX* keyCtx = NULL; const char testData[] = "Hi There"; WOLFSSL_EVP_MD_CTX mdCtx; WOLFSSL_EVP_MD_CTX mdCtxCopy; int ret; size_t checkSz = -1; int sz = 2048 / 8; const unsigned char* cp; const unsigned char* p; unsigned char check[2048/8]; size_t i; int paddings[] = { RSA_PKCS1_PADDING, #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && defined(WC_RSA_PSS) RSA_PKCS1_PSS_PADDING, #endif }; cp = client_key_der_2048; ExpectNotNull((privKey = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL, &cp, sizeof_client_key_der_2048))); p = client_keypub_der_2048; ExpectNotNull((pubKey = wolfSSL_d2i_PUBKEY(NULL, &p, sizeof_client_keypub_der_2048))); wolfSSL_EVP_MD_CTX_init(&mdCtx); wolfSSL_EVP_MD_CTX_init(&mdCtxCopy); ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, wolfSSL_EVP_sha256(), NULL, privKey), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData, (unsigned int)XSTRLEN(testData)), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1); ExpectIntEQ((int)checkSz, sz); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1); ExpectIntEQ((int)checkSz,sz); ExpectIntEQ(wolfSSL_EVP_MD_CTX_copy_ex(&mdCtxCopy, &mdCtx), 1); ExpectIntEQ(wolfSSL_EVP_MD_CTX_copy_ex(&mdCtxCopy, &mdCtx), 1); ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtxCopy); ExpectIntEQ(ret, 1); ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx); ExpectIntEQ(ret, 1); wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, wolfSSL_EVP_sha256(), NULL, pubKey), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData, (unsigned int)XSTRLEN(testData)), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, check, checkSz), 1); ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx); ExpectIntEQ(ret, 1); wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, wolfSSL_EVP_sha256(), NULL, privKey), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData, 4), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1); ExpectIntEQ((int)checkSz, sz); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1); ExpectIntEQ((int)checkSz, sz); ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData + 4, (unsigned int)XSTRLEN(testData) - 4), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1); ExpectIntEQ((int)checkSz, sz); ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx); ExpectIntEQ(ret, 1); wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, wolfSSL_EVP_sha256(), NULL, pubKey), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData, 4), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData + 4, (unsigned int)XSTRLEN(testData) - 4), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, check, checkSz), 1); ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx); ExpectIntEQ(ret, 1); /* Check all signing padding types */ for (i = 0; i < sizeof(paddings)/sizeof(int); i++) { wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, &keyCtx, wolfSSL_EVP_sha256(), NULL, privKey), 1); ExpectIntEQ(wolfSSL_EVP_PKEY_CTX_set_rsa_padding(keyCtx, paddings[i]), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData, (unsigned int)XSTRLEN(testData)), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1); ExpectIntEQ((int)checkSz, sz); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1); ExpectIntEQ((int)checkSz,sz); ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx); ExpectIntEQ(ret, 1); wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, &keyCtx, wolfSSL_EVP_sha256(), NULL, pubKey), 1); ExpectIntEQ(wolfSSL_EVP_PKEY_CTX_set_rsa_padding(keyCtx, paddings[i]), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData, (unsigned int)XSTRLEN(testData)), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, check, checkSz), 1); ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx); ExpectIntEQ(ret, 1); } wolfSSL_EVP_PKEY_free(pubKey); wolfSSL_EVP_PKEY_free(privKey); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_MD_ecc_signing(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256) WOLFSSL_EVP_PKEY* privKey = NULL; WOLFSSL_EVP_PKEY* pubKey = NULL; const char testData[] = "Hi There"; WOLFSSL_EVP_MD_CTX mdCtx; int ret; size_t checkSz = -1; const unsigned char* cp; const unsigned char* p; unsigned char check[2048/8]; cp = ecc_clikey_der_256; ExpectNotNull(privKey = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL, &cp, sizeof_ecc_clikey_der_256)); p = ecc_clikeypub_der_256; ExpectNotNull((pubKey = wolfSSL_d2i_PUBKEY(NULL, &p, sizeof_ecc_clikeypub_der_256))); wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, wolfSSL_EVP_sha256(), NULL, privKey), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData, (unsigned int)XSTRLEN(testData)), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1); ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx); ExpectIntEQ(ret, 1); wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, wolfSSL_EVP_sha256(), NULL, pubKey), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData, (unsigned int)XSTRLEN(testData)), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, check, checkSz), 1); ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx); ExpectIntEQ(ret, 1); wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, wolfSSL_EVP_sha256(), NULL, privKey), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData, 4), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData + 4, (unsigned int)XSTRLEN(testData) - 4), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1); ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx); ExpectIntEQ(ret, 1); wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, wolfSSL_EVP_sha256(), NULL, pubKey), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData, 4), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData + 4, (unsigned int)XSTRLEN(testData) - 4), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, check, checkSz), 1); ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx); ExpectIntEQ(ret, 1); wolfSSL_EVP_PKEY_free(pubKey); wolfSSL_EVP_PKEY_free(privKey); #endif return EXPECT_RESULT(); } static int test_wolfSSL_CTX_add_extra_chain_cert(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) && !defined(NO_BIO) #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) char caFile[] = "./certs/client-ca.pem"; char clientFile[] = "./certs/client-cert.pem"; SSL_CTX* ctx = NULL; X509* x509 = NULL; BIO *bio = NULL; X509 *cert = NULL; X509 *ca = NULL; STACK_OF(X509) *chain = NULL; STACK_OF(X509) *chain2 = NULL; #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method())); #else ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method())); #endif ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(caFile, WOLFSSL_FILETYPE_PEM)); ExpectIntEQ((int)SSL_CTX_add_extra_chain_cert(ctx, x509), WOLFSSL_SUCCESS); ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(clientFile, WOLFSSL_FILETYPE_PEM)); /* additional test of getting EVP_PKEY key size from X509 * Do not run with user RSA because wolfSSL_RSA_size is not currently * allowed with user RSA */ { EVP_PKEY* pkey = NULL; #if defined(HAVE_ECC) X509* ecX509 = NULL; #endif /* HAVE_ECC */ ExpectNotNull(pkey = X509_get_pubkey(x509)); /* current RSA key is 2048 bit (256 bytes) */ ExpectIntEQ(EVP_PKEY_size(pkey), 256); EVP_PKEY_free(pkey); pkey = NULL; #if defined(HAVE_ECC) #if defined(USE_CERT_BUFFERS_256) ExpectNotNull(ecX509 = wolfSSL_X509_load_certificate_buffer( cliecc_cert_der_256, sizeof_cliecc_cert_der_256, SSL_FILETYPE_ASN1)); #else ExpectNotNull(ecX509 = wolfSSL_X509_load_certificate_file( cliEccCertFile, SSL_FILETYPE_PEM)); #endif pkey = X509_get_pubkey(ecX509); ExpectNotNull(pkey); /* current ECC key is 256 bit (32 bytes) */ ExpectIntEQ(EVP_PKEY_size(pkey), 32); X509_free(ecX509); ecX509 = NULL; EVP_PKEY_free(pkey); pkey = NULL; #endif /* HAVE_ECC */ } ExpectIntEQ((int)SSL_CTX_add_extra_chain_cert(ctx, x509), SSL_SUCCESS); if (EXPECT_SUCCESS()) { x509 = NULL; } #ifdef WOLFSSL_ENCRYPTED_KEYS ExpectNull(SSL_CTX_get_default_passwd_cb(ctx)); ExpectNull(SSL_CTX_get_default_passwd_cb_userdata(ctx)); #endif SSL_CTX_free(ctx); ctx = NULL; #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method())); #else ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method())); #endif /* Test haproxy use case */ ExpectNotNull(bio = BIO_new_file(svrCertFile, "r")); /* Read Certificate */ ExpectNotNull(cert = PEM_read_bio_X509_AUX(bio, NULL, NULL, NULL)); ExpectNotNull(ca = PEM_read_bio_X509(bio, NULL, NULL, NULL)); ExpectNotNull(chain = sk_X509_new_null()); ExpectIntEQ(sk_X509_push(chain, ca), 1); if (EXPECT_SUCCESS()) { ca = NULL; } ExpectNotNull(chain2 = X509_chain_up_ref(chain)); ExpectNotNull(ca = sk_X509_shift(chain2)); ExpectIntEQ(SSL_CTX_use_certificate(ctx, cert), 1); ExpectIntEQ(SSL_CTX_add_extra_chain_cert(ctx, ca), 1); if (EXPECT_SUCCESS()) { ca = NULL; } BIO_free(bio); X509_free(cert); X509_free(ca); X509_free(x509); sk_X509_pop_free(chain, X509_free); sk_X509_pop_free(chain2, X509_free); SSL_CTX_free(ctx); #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) && !defined (NO_BIO) */ return EXPECT_RESULT(); } #if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) static int test_wolfSSL_ERR_peek_last_error_line(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && defined(DEBUG_WOLFSSL) && \ !defined(NO_OLD_TLS) && !defined(WOLFSSL_NO_TLS12) && \ defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(NO_ERROR_QUEUE) callback_functions client_cb; callback_functions server_cb; int line = 0; int flag = ERR_TXT_STRING; const char* file = NULL; const char* data = NULL; /* create a failed connection and inspect the error */ XMEMSET(&client_cb, 0, sizeof(callback_functions)); XMEMSET(&server_cb, 0, sizeof(callback_functions)); client_cb.method = wolfTLSv1_1_client_method; server_cb.method = wolfTLSv1_2_server_method; test_wolfSSL_client_server_nofail(&client_cb, &server_cb); ExpectIntGT(ERR_get_error_line_data(NULL, NULL, &data, &flag), 0); ExpectNotNull(data); /* check clearing error state */ ERR_remove_state(0); ExpectIntEQ((int)ERR_peek_last_error_line(NULL, NULL), 0); ERR_peek_last_error_line(NULL, &line); ExpectIntEQ(line, 0); ERR_peek_last_error_line(&file, NULL); ExpectNull(file); /* retry connection to fill error queue */ XMEMSET(&client_cb, 0, sizeof(callback_functions)); XMEMSET(&server_cb, 0, sizeof(callback_functions)); client_cb.method = wolfTLSv1_1_client_method; server_cb.method = wolfTLSv1_2_server_method; test_wolfSSL_client_server_nofail(&client_cb, &server_cb); /* check that error code was stored */ ExpectIntNE((int)ERR_peek_last_error_line(NULL, NULL), 0); ERR_peek_last_error_line(NULL, &line); ExpectIntNE(line, 0); ERR_peek_last_error_line(&file, NULL); ExpectNotNull(file); fprintf(stderr, "\nTesting error print out\n"); ERR_print_errors_fp(stderr); fprintf(stderr, "Done testing print out\n\n"); #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && * !defined(NO_FILESYSTEM) && !defined(DEBUG_WOLFSSL) */ return EXPECT_RESULT(); } #endif /* !NO_WOLFSSL_CLIENT && !NO_WOLFSSL_SERVER */ #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) static int verify_cb(int ok, X509_STORE_CTX *ctx) { (void) ok; (void) ctx; fprintf(stderr, "ENTER verify_cb\n"); return SSL_SUCCESS; } #endif static int test_wolfSSL_X509_Name_canon(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && !defined(NO_SHA) && \ defined(WOLFSSL_CERT_GEN) && \ (defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && !defined(NO_RSA) const long ex_hash1 = 0x0fdb2da4; const long ex_hash2 = 0x9f3e8c9e; X509_NAME *name = NULL; X509 *x509 = NULL; XFILE file = XBADFILE; unsigned long hash = 0; byte digest[WC_MAX_DIGEST_SIZE] = {0}; byte *pbuf = NULL; word32 len = 0; (void) ex_hash2; ExpectTrue((file = XFOPEN(caCertFile, "rb")) != XBADFILE); ExpectNotNull(x509 = PEM_read_X509(file, NULL, NULL, NULL)); ExpectNotNull(name = X509_get_issuer_name(x509)); /* When output buffer is NULL, should return necessary output buffer * length.*/ ExpectIntGT(wolfSSL_i2d_X509_NAME_canon(name, NULL), 0); ExpectIntGT((len = wolfSSL_i2d_X509_NAME_canon(name, &pbuf)), 0); ExpectIntEQ(wc_ShaHash((const byte*)pbuf, (word32)len, digest), 0); hash = (((unsigned long)digest[3] << 24) | ((unsigned long)digest[2] << 16) | ((unsigned long)digest[1] << 8) | ((unsigned long)digest[0])); ExpectIntEQ(hash, ex_hash1); if (file != XBADFILE) { XFCLOSE(file); file = XBADFILE; } X509_free(x509); x509 = NULL; XFREE(pbuf, NULL, DYNAMIC_TYPE_OPENSSL); pbuf = NULL; ExpectTrue((file = XFOPEN(cliCertFile, "rb")) != XBADFILE); ExpectNotNull(x509 = PEM_read_X509(file, NULL, NULL, NULL)); ExpectNotNull(name = X509_get_issuer_name(x509)); ExpectIntGT((len = wolfSSL_i2d_X509_NAME_canon(name, &pbuf)), 0); ExpectIntEQ(wc_ShaHash((const byte*)pbuf, (word32)len, digest), 0); hash = (((unsigned long)digest[3] << 24) | ((unsigned long)digest[2] << 16) | ((unsigned long)digest[1] << 8) | ((unsigned long)digest[0])); ExpectIntEQ(hash, ex_hash2); if (file != XBADFILE) XFCLOSE(file); X509_free(x509); XFREE(pbuf, NULL, DYNAMIC_TYPE_OPENSSL); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_LOOKUP_ctrl_hash_dir(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR) const int MAX_DIR = 4; const char paths[][32] = { "./certs/ed25519", "./certs/ecc", "./certs/crl", "./certs/", }; char CertCrl_path[MAX_FILENAME_SZ]; char *p; X509_STORE* str = NULL; X509_LOOKUP* lookup = NULL; WOLFSSL_STACK* sk = NULL; int len, total_len, i; (void)sk; XMEMSET(CertCrl_path, 0, MAX_FILENAME_SZ); /* illegal string */ ExpectNotNull((str = wolfSSL_X509_STORE_new())); ExpectNotNull(lookup = X509_STORE_add_lookup(str, X509_LOOKUP_file())); ExpectIntEQ(X509_LOOKUP_ctrl(lookup, X509_L_ADD_DIR, "", SSL_FILETYPE_PEM,NULL), 0); /* free store */ X509_STORE_free(str); str = NULL; /* short folder string */ ExpectNotNull((str = wolfSSL_X509_STORE_new())); ExpectNotNull(lookup = X509_STORE_add_lookup(str, X509_LOOKUP_file())); ExpectIntEQ(X509_LOOKUP_ctrl(lookup, X509_L_ADD_DIR, "./", SSL_FILETYPE_PEM,NULL), 1); #if defined(WOLFSSL_INT_H) /* only available when including internal.h */ ExpectNotNull(sk = lookup->dirs->dir_entry); #endif /* free store */ X509_STORE_free(str); str = NULL; /* typical function check */ p = &CertCrl_path[0]; total_len = 0; for (i = MAX_DIR - 1; i>=0 && total_len < MAX_FILENAME_SZ; i--) { len = (int)XSTRLEN((const char*)&paths[i]); total_len += len; XSTRNCPY(p, paths[i], MAX_FILENAME_SZ - total_len); p += len; if (i != 0) *(p++) = SEPARATOR_CHAR; } ExpectNotNull((str = wolfSSL_X509_STORE_new())); ExpectNotNull(lookup = X509_STORE_add_lookup(str, X509_LOOKUP_file())); ExpectIntEQ(X509_LOOKUP_ctrl(lookup, X509_L_ADD_DIR, CertCrl_path, SSL_FILETYPE_PEM,NULL), 1); #if defined(WOLFSSL_INT_H) /* only available when including internal.h */ ExpectNotNull(sk = lookup->dirs->dir_entry); #endif X509_STORE_free(str); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_LOOKUP_ctrl_file(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) && \ defined(WOLFSSL_SIGNER_DER_CERT) X509_STORE_CTX* ctx = NULL; X509_STORE* str = NULL; X509_LOOKUP* lookup = NULL; X509* cert1 = NULL; X509* x509Ca = NULL; X509* x509Svr = NULL; X509* issuer = NULL; WOLFSSL_STACK* sk = NULL; X509_NAME* caName = NULL; X509_NAME* issuerName = NULL; XFILE file1 = XBADFILE; int i; int cert_count = 0; int cmp; char der[] = "certs/ca-cert.der"; #ifdef HAVE_CRL char pem[][100] = { "./certs/crl/crl.pem", "./certs/crl/crl2.pem", "./certs/crl/caEccCrl.pem", "./certs/crl/eccCliCRL.pem", "./certs/crl/eccSrvCRL.pem", "" }; #endif ExpectTrue((file1 = XFOPEN("./certs/ca-cert.pem", "rb")) != XBADFILE); ExpectNotNull(cert1 = wolfSSL_PEM_read_X509(file1, NULL, NULL, NULL)); if (file1 != XBADFILE) XFCLOSE(file1); ExpectNotNull(ctx = X509_STORE_CTX_new()); ExpectNotNull((str = wolfSSL_X509_STORE_new())); ExpectNotNull(lookup = X509_STORE_add_lookup(str, X509_LOOKUP_file())); ExpectIntEQ(X509_LOOKUP_ctrl(lookup, X509_L_FILE_LOAD, caCertFile, SSL_FILETYPE_PEM,NULL), 1); ExpectNotNull(sk = wolfSSL_CertManagerGetCerts(str->cm)); ExpectIntEQ((cert_count = sk_X509_num(sk)), 1); /* check if CA cert is loaded into the store */ for (i = 0; i < cert_count; i++) { x509Ca = sk_X509_value(sk, i); ExpectIntEQ(0, wolfSSL_X509_cmp(x509Ca, cert1)); } ExpectNotNull((x509Svr = wolfSSL_X509_load_certificate_file(svrCertFile, SSL_FILETYPE_PEM))); ExpectIntEQ(X509_STORE_CTX_init(ctx, str, x509Svr, NULL), SSL_SUCCESS); ExpectNull(X509_STORE_CTX_get0_current_issuer(NULL)); issuer = X509_STORE_CTX_get0_current_issuer(ctx); ExpectNotNull(issuer); caName = X509_get_subject_name(x509Ca); ExpectNotNull(caName); issuerName = X509_get_subject_name(issuer); ExpectNotNull(issuerName); cmp = X509_NAME_cmp(caName, issuerName); ExpectIntEQ(cmp, 0); /* load der format */ X509_free(issuer); issuer = NULL; X509_STORE_CTX_free(ctx); ctx = NULL; X509_STORE_free(str); str = NULL; sk_X509_pop_free(sk, NULL); sk = NULL; X509_free(x509Svr); x509Svr = NULL; ExpectNotNull((str = wolfSSL_X509_STORE_new())); ExpectNotNull(lookup = X509_STORE_add_lookup(str, X509_LOOKUP_file())); ExpectIntEQ(X509_LOOKUP_ctrl(lookup, X509_L_FILE_LOAD, der, SSL_FILETYPE_ASN1,NULL), 1); ExpectNotNull(sk = wolfSSL_CertManagerGetCerts(str->cm)); ExpectIntEQ((cert_count = sk_X509_num(sk)), 1); /* check if CA cert is loaded into the store */ for (i = 0; i < cert_count; i++) { x509Ca = sk_X509_value(sk, i); ExpectIntEQ(0, wolfSSL_X509_cmp(x509Ca, cert1)); } X509_STORE_free(str); str = NULL; sk_X509_pop_free(sk, NULL); sk = NULL; X509_free(cert1); cert1 = NULL; #ifdef HAVE_CRL ExpectNotNull(str = wolfSSL_X509_STORE_new()); ExpectNotNull(lookup = X509_STORE_add_lookup(str, X509_LOOKUP_file())); ExpectIntEQ(X509_LOOKUP_ctrl(lookup, X509_L_FILE_LOAD, caCertFile, SSL_FILETYPE_PEM,NULL), 1); ExpectIntEQ(X509_LOOKUP_ctrl(lookup, X509_L_FILE_LOAD, "certs/server-revoked-cert.pem", SSL_FILETYPE_PEM,NULL), 1); if (str) { ExpectIntEQ(wolfSSL_CertManagerVerify(str->cm, svrCertFile, WOLFSSL_FILETYPE_PEM), 1); /* since store hasn't yet known the revoked cert*/ ExpectIntEQ(wolfSSL_CertManagerVerify(str->cm, "certs/server-revoked-cert.pem", WOLFSSL_FILETYPE_PEM), 1); } for (i = 0; pem[i][0] != '\0'; i++) { ExpectIntEQ(X509_LOOKUP_ctrl(lookup, X509_L_FILE_LOAD, pem[i], SSL_FILETYPE_PEM, NULL), 1); } if (str) { /* since store knows crl list */ ExpectIntEQ(wolfSSL_CertManagerVerify(str->cm, "certs/server-revoked-cert.pem", WOLFSSL_FILETYPE_PEM ), CRL_CERT_REVOKED); } ExpectIntEQ(X509_LOOKUP_ctrl(NULL, 0, NULL, 0, NULL), 0); X509_STORE_free(str); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_STORE_CTX_trusted_stack_cleanup(void) { int res = TEST_SKIPPED; #if defined(OPENSSL_EXTRA) X509_STORE_CTX_cleanup(NULL); X509_STORE_CTX_trusted_stack(NULL, NULL); res = TEST_SUCCESS; #endif return res; } static int test_wolfSSL_X509_STORE_CTX_get0_current_issuer(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) X509_STORE_CTX* ctx = NULL; X509_STORE* str = NULL; X509* x509Ca = NULL; X509* x509Svr = NULL; X509* issuer = NULL; X509_NAME* caName = NULL; X509_NAME* issuerName = NULL; ExpectNotNull(ctx = X509_STORE_CTX_new()); ExpectNotNull((str = wolfSSL_X509_STORE_new())); ExpectNotNull((x509Ca = wolfSSL_X509_load_certificate_file(caCertFile, SSL_FILETYPE_PEM))); ExpectIntEQ(X509_STORE_add_cert(str, x509Ca), SSL_SUCCESS); ExpectNotNull((x509Svr = wolfSSL_X509_load_certificate_file(svrCertFile, SSL_FILETYPE_PEM))); ExpectIntEQ(X509_STORE_CTX_init(ctx, str, x509Svr, NULL), SSL_SUCCESS); ExpectNull(X509_STORE_CTX_get0_current_issuer(NULL)); ExpectNotNull(issuer = X509_STORE_CTX_get0_current_issuer(ctx)); ExpectNotNull(caName = X509_get_subject_name(x509Ca)); ExpectNotNull(issuerName = X509_get_subject_name(issuer)); #ifdef WOLFSSL_SIGNER_DER_CERT ExpectIntEQ(X509_NAME_cmp(caName, issuerName), 0); #endif X509_free(issuer); X509_STORE_CTX_free(ctx); X509_free(x509Svr); X509_STORE_free(str); X509_free(x509Ca); #endif return EXPECT_RESULT(); } static int test_wolfSSL_PKCS7_certs(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_CERTS) && !defined(NO_BIO) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) && defined(HAVE_PKCS7) STACK_OF(X509)* sk = NULL; STACK_OF(X509_INFO)* info_sk = NULL; PKCS7 *p7 = NULL; BIO* bio = NULL; const byte* p = NULL; int buflen = 0; int i; /* Test twice. Once with d2i and once without to test * that everything is free'd correctly. */ for (i = 0; i < 2; i++) { ExpectNotNull(p7 = PKCS7_new()); if (p7 != NULL) { p7->version = 1; #ifdef NO_SHA p7->hashOID = SHA256h; #else p7->hashOID = SHAh; #endif } ExpectNotNull(bio = BIO_new(BIO_s_file())); ExpectIntGT(BIO_read_filename(bio, svrCertFile), 0); ExpectNotNull(info_sk = PEM_X509_INFO_read_bio(bio, NULL, NULL, NULL)); ExpectIntEQ(sk_X509_INFO_num(info_sk), 2); ExpectNotNull(sk = sk_X509_new_null()); while (EXPECT_SUCCESS() && (sk_X509_INFO_num(info_sk) > 0)) { X509_INFO* info = NULL; ExpectNotNull(info = sk_X509_INFO_shift(info_sk)); ExpectIntEQ(sk_X509_push(sk, info->x509), 1); if (EXPECT_SUCCESS() && (info != NULL)) { info->x509 = NULL; } X509_INFO_free(info); } sk_X509_INFO_pop_free(info_sk, X509_INFO_free); info_sk = NULL; BIO_free(bio); bio = NULL; ExpectNotNull(bio = BIO_new(BIO_s_mem())); ExpectIntEQ(wolfSSL_PKCS7_encode_certs(p7, sk, bio), 1); if ((sk != NULL) && ((p7 == NULL) || (bio == NULL))) { sk_X509_pop_free(sk, X509_free); } sk = NULL; ExpectIntGT((buflen = BIO_get_mem_data(bio, &p)), 0); if (i == 0) { PKCS7_free(p7); p7 = NULL; ExpectNotNull(d2i_PKCS7(&p7, &p, buflen)); if (p7 != NULL) { /* Reset certs to force wolfSSL_PKCS7_to_stack to regenerate * them */ ((WOLFSSL_PKCS7*)p7)->certs = NULL; } /* PKCS7_free free's the certs */ ExpectNotNull(wolfSSL_PKCS7_to_stack(p7)); } BIO_free(bio); bio = NULL; PKCS7_free(p7); p7 = NULL; } #endif /* defined(OPENSSL_ALL) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) && defined(HAVE_PKCS7) */ return EXPECT_RESULT(); } static int test_wolfSSL_X509_STORE_CTX(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) X509_STORE_CTX* ctx = NULL; X509_STORE* str = NULL; X509* x509 = NULL; #ifdef OPENSSL_ALL X509* x5092 = NULL; STACK_OF(X509) *sk = NULL; STACK_OF(X509) *sk2 = NULL; STACK_OF(X509) *sk3 = NULL; #endif ExpectNotNull(ctx = X509_STORE_CTX_new()); ExpectNotNull((str = wolfSSL_X509_STORE_new())); ExpectNotNull((x509 = wolfSSL_X509_load_certificate_file(svrCertFile, SSL_FILETYPE_PEM))); ExpectIntEQ(X509_STORE_add_cert(str, x509), SSL_SUCCESS); #ifdef OPENSSL_ALL /* sk_X509_new only in OPENSSL_ALL */ sk = sk_X509_new_null(); ExpectNotNull(sk); ExpectIntEQ(X509_STORE_CTX_init(ctx, str, x509, sk), SSL_SUCCESS); #else ExpectIntEQ(X509_STORE_CTX_init(ctx, str, x509, NULL), SSL_SUCCESS); #endif ExpectIntEQ(SSL_get_ex_data_X509_STORE_CTX_idx(), 0); X509_STORE_CTX_set_error(ctx, -5); X509_STORE_CTX_set_error(NULL, -5); X509_STORE_CTX_free(ctx); ctx = NULL; #ifdef OPENSSL_ALL sk_X509_pop_free(sk, NULL); sk = NULL; #endif X509_STORE_free(str); str = NULL; X509_free(x509); x509 = NULL; ExpectNotNull(ctx = X509_STORE_CTX_new()); X509_STORE_CTX_set_verify_cb(ctx, verify_cb); X509_STORE_CTX_free(ctx); ctx = NULL; #ifdef OPENSSL_ALL /* test X509_STORE_CTX_get(1)_chain */ ExpectNotNull((x509 = X509_load_certificate_file(svrCertFile, SSL_FILETYPE_PEM))); ExpectNotNull((x5092 = X509_load_certificate_file(cliCertFile, SSL_FILETYPE_PEM))); ExpectNotNull((sk = sk_X509_new_null())); ExpectIntEQ(sk_X509_push(sk, x509), 1); if (EXPECT_FAIL()) { X509_free(x509); x509 = NULL; } ExpectNotNull((str = X509_STORE_new())); ExpectNotNull((ctx = X509_STORE_CTX_new())); ExpectIntEQ(X509_STORE_CTX_init(ctx, str, x5092, sk), 1); ExpectNull((sk2 = X509_STORE_CTX_get_chain(NULL))); ExpectNotNull((sk2 = X509_STORE_CTX_get_chain(ctx))); ExpectIntEQ(sk_num(sk2), 1); /* sanity, make sure chain has 1 cert */ ExpectNull((sk3 = X509_STORE_CTX_get1_chain(NULL))); ExpectNotNull((sk3 = X509_STORE_CTX_get1_chain(ctx))); ExpectIntEQ(sk_num(sk3), 1); /* sanity, make sure chain has 1 cert */ X509_STORE_CTX_free(ctx); ctx = NULL; X509_STORE_free(str); str = NULL; /* CTX certs not freed yet */ X509_free(x5092); x5092 = NULL; sk_X509_pop_free(sk, NULL); sk = NULL; /* sk3 is dup so free here */ sk_X509_pop_free(sk3, NULL); sk3 = NULL; #endif /* test X509_STORE_CTX_get/set_ex_data */ { int i = 0, tmpData = 5; void* tmpDataRet; ExpectNotNull(ctx = X509_STORE_CTX_new()); #ifdef HAVE_EX_DATA for (i = 0; i < MAX_EX_DATA; i++) { ExpectIntEQ(X509_STORE_CTX_set_ex_data(ctx, i, &tmpData), WOLFSSL_SUCCESS); tmpDataRet = (int*)X509_STORE_CTX_get_ex_data(ctx, i); ExpectNotNull(tmpDataRet); ExpectIntEQ(tmpData, *(int*)tmpDataRet); } #else ExpectIntEQ(X509_STORE_CTX_set_ex_data(ctx, i, &tmpData), WOLFSSL_FAILURE); tmpDataRet = (int*)X509_STORE_CTX_get_ex_data(ctx, i); ExpectNull(tmpDataRet); #endif X509_STORE_CTX_free(ctx); ctx = NULL; } /* test X509_STORE_get/set_ex_data */ { int i = 0, tmpData = 99; void* tmpDataRet; ExpectNotNull(str = X509_STORE_new()); #ifdef HAVE_EX_DATA for (i = 0; i < MAX_EX_DATA; i++) { ExpectIntEQ(X509_STORE_set_ex_data(str, i, &tmpData), WOLFSSL_SUCCESS); tmpDataRet = (int*)X509_STORE_get_ex_data(str, i); ExpectNotNull(tmpDataRet); ExpectIntEQ(tmpData, *(int*)tmpDataRet); } #else ExpectIntEQ(X509_STORE_set_ex_data(str, i, &tmpData), WOLFSSL_FAILURE); tmpDataRet = (int*)X509_STORE_get_ex_data(str, i); ExpectNull(tmpDataRet); #endif X509_STORE_free(str); str = NULL; } #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ * !defined(NO_FILESYSTEM) && !defined(NO_RSA) */ return EXPECT_RESULT(); } #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) static int test_X509_STORE_untrusted_load_cert_to_stack(const char* filename, STACK_OF(X509)* chain) { EXPECT_DECLS; XFILE fp = XBADFILE; X509* cert = NULL; ExpectTrue((fp = XFOPEN(filename, "rb")) != XBADFILE); ExpectNotNull(cert = PEM_read_X509(fp, 0, 0, 0 )); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } ExpectIntEQ(sk_X509_push(chain, cert), 1); if (EXPECT_FAIL()) X509_free(cert); return EXPECT_RESULT(); } static int test_X509_STORE_untrusted_certs(const char** filenames, int ret, int err, int loadCA) { EXPECT_DECLS; X509_STORE_CTX* ctx = NULL; X509_STORE* str = NULL; XFILE fp = XBADFILE; X509* cert = NULL; STACK_OF(X509)* untrusted = NULL; ExpectTrue((fp = XFOPEN("./certs/intermediate/server-int-cert.pem", "rb")) != XBADFILE); ExpectNotNull(cert = PEM_read_X509(fp, 0, 0, 0 )); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } ExpectNotNull(str = X509_STORE_new()); ExpectNotNull(ctx = X509_STORE_CTX_new()); ExpectNotNull(untrusted = sk_X509_new_null()); ExpectIntEQ(X509_STORE_set_flags(str, 0), 1); if (loadCA) { ExpectIntEQ(X509_STORE_load_locations(str, "./certs/ca-cert.pem", NULL), 1); } for (; *filenames; filenames++) { ExpectIntEQ(test_X509_STORE_untrusted_load_cert_to_stack(*filenames, untrusted), TEST_SUCCESS); } ExpectIntEQ(X509_STORE_CTX_init(ctx, str, cert, untrusted), 1); ExpectIntEQ(X509_verify_cert(ctx), ret); ExpectIntEQ(X509_STORE_CTX_get_error(ctx), err); X509_free(cert); X509_STORE_free(str); X509_STORE_CTX_free(ctx); sk_X509_pop_free(untrusted, NULL); return EXPECT_RESULT(); } #endif static int test_X509_STORE_untrusted(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) const char* untrusted1[] = { "./certs/intermediate/ca-int2-cert.pem", NULL }; const char* untrusted2[] = { "./certs/intermediate/ca-int-cert.pem", "./certs/intermediate/ca-int2-cert.pem", NULL }; const char* untrusted3[] = { "./certs/intermediate/ca-int-cert.pem", "./certs/intermediate/ca-int2-cert.pem", "./certs/ca-cert.pem", NULL }; /* Adding unrelated certs that should be ignored */ const char* untrusted4[] = { "./certs/client-ca.pem", "./certs/intermediate/ca-int-cert.pem", "./certs/server-cert.pem", "./certs/intermediate/ca-int2-cert.pem", NULL }; /* Only immediate issuer in untrusted chain. Fails since can't build chain * to loaded CA. */ ExpectIntEQ(test_X509_STORE_untrusted_certs(untrusted1, 0, X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY, 1), TEST_SUCCESS); /* Succeeds because path to loaded CA is available. */ ExpectIntEQ(test_X509_STORE_untrusted_certs(untrusted2, 1, 0, 1), TEST_SUCCESS); /* Fails because root CA is in the untrusted stack */ ExpectIntEQ(test_X509_STORE_untrusted_certs(untrusted3, 0, X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY, 0), TEST_SUCCESS); /* Succeeds because path to loaded CA is available. */ ExpectIntEQ(test_X509_STORE_untrusted_certs(untrusted4, 1, 0, 1), TEST_SUCCESS); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_STORE_set_flags(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) X509_STORE* store = NULL; X509* x509 = NULL; ExpectNotNull((store = wolfSSL_X509_STORE_new())); ExpectNotNull((x509 = wolfSSL_X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM))); ExpectIntEQ(X509_STORE_add_cert(store, x509), WOLFSSL_SUCCESS); #ifdef HAVE_CRL ExpectIntEQ(X509_STORE_set_flags(store, WOLFSSL_CRL_CHECKALL), WOLFSSL_SUCCESS); #else ExpectIntEQ(X509_STORE_set_flags(store, WOLFSSL_CRL_CHECKALL), NOT_COMPILED_IN); #endif wolfSSL_X509_free(x509); wolfSSL_X509_STORE_free(store); #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && * !defined(NO_FILESYSTEM) && !defined(NO_RSA) */ return EXPECT_RESULT(); } static int test_wolfSSL_X509_LOOKUP_load_file(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_CRL) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)) WOLFSSL_X509_STORE* store = NULL; WOLFSSL_X509_LOOKUP* lookup = NULL; ExpectNotNull(store = wolfSSL_X509_STORE_new()); ExpectNotNull(lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file())); ExpectIntEQ(wolfSSL_X509_LOOKUP_load_file(lookup, "certs/client-ca.pem", X509_FILETYPE_PEM), 1); ExpectIntEQ(wolfSSL_X509_LOOKUP_load_file(lookup, "certs/crl/crl2.pem", X509_FILETYPE_PEM), 1); if (store != NULL) { ExpectIntEQ(wolfSSL_CertManagerVerify(store->cm, cliCertFile, WOLFSSL_FILETYPE_PEM), 1); ExpectIntEQ(wolfSSL_CertManagerVerify(store->cm, svrCertFile, WOLFSSL_FILETYPE_PEM), ASN_NO_SIGNER_E); } ExpectIntEQ(wolfSSL_X509_LOOKUP_load_file(lookup, "certs/ca-cert.pem", X509_FILETYPE_PEM), 1); if (store != NULL) { ExpectIntEQ(wolfSSL_CertManagerVerify(store->cm, svrCertFile, WOLFSSL_FILETYPE_PEM), 1); } wolfSSL_X509_STORE_free(store); #endif /* defined(OPENSSL_EXTRA) && defined(HAVE_CRL) && * !defined(NO_FILESYSTEM) && !defined(NO_RSA) */ return EXPECT_RESULT(); } static int test_wolfSSL_X509_STORE_CTX_set_time(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) WOLFSSL_X509_STORE_CTX* ctx = NULL; time_t c_time; ExpectNotNull(ctx = wolfSSL_X509_STORE_CTX_new()); c_time = 365*24*60*60; wolfSSL_X509_STORE_CTX_set_time(ctx, 0, c_time); ExpectTrue((ctx->param->flags & WOLFSSL_USE_CHECK_TIME) == WOLFSSL_USE_CHECK_TIME); ExpectTrue(ctx->param->check_time == c_time); wolfSSL_X509_STORE_CTX_free(ctx); #endif /* OPENSSL_EXTRA */ return EXPECT_RESULT(); } static int test_wolfSSL_CTX_get0_set1_param(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) SSL_CTX* ctx = NULL; WOLFSSL_X509_VERIFY_PARAM* pParam = NULL; WOLFSSL_X509_VERIFY_PARAM* pvpm = NULL; char testIPv4[] = "127.0.0.1"; char testhostName[] = "foo.hoge.com"; #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method())); #else ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method())); #endif ExpectNull(SSL_CTX_get0_param(NULL)); ExpectNotNull(pParam = SSL_CTX_get0_param(ctx)); ExpectNotNull(pvpm = (WOLFSSL_X509_VERIFY_PARAM *)XMALLOC( sizeof(WOLFSSL_X509_VERIFY_PARAM), NULL, DYNAMIC_TYPE_OPENSSL)); ExpectNotNull(XMEMSET(pvpm, 0, sizeof(WOLFSSL_X509_VERIFY_PARAM))); ExpectIntEQ(wolfSSL_X509_VERIFY_PARAM_set1_host(pvpm, testhostName, (int)XSTRLEN(testhostName)), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_X509_VERIFY_PARAM_set1_ip_asc(pvpm, testIPv4), WOLFSSL_SUCCESS); wolfSSL_X509_VERIFY_PARAM_set_hostflags(pvpm, 0x01); ExpectIntEQ(SSL_CTX_set1_param(ctx, pvpm), 1); ExpectIntEQ(0, XSTRNCMP(pParam->hostName, testhostName, (int)XSTRLEN(testhostName))); ExpectIntEQ(0x01, pParam->hostFlags); ExpectIntEQ(0, XSTRNCMP(pParam->ipasc, testIPv4, WOLFSSL_MAX_IPSTR)); /* test for incorrect parameter */ ExpectIntEQ(1,SSL_CTX_set1_param(ctx, NULL)); ExpectIntEQ(1,SSL_CTX_set1_param(NULL, pvpm)); ExpectIntEQ(1,SSL_CTX_set1_param(NULL, NULL)); SSL_CTX_free(ctx); XFREE(pvpm, NULL, DYNAMIC_TYPE_OPENSSL); #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ #endif /* OPENSSL_EXTRA && !defined(NO_RSA)*/ return EXPECT_RESULT(); } static int test_wolfSSL_get0_param(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) SSL_CTX* ctx = NULL; SSL* ssl = NULL; #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method())); #else ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method())); #endif ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile, SSL_FILETYPE_PEM)); ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM)); ExpectNotNull(ssl = SSL_new(ctx)); ExpectNotNull(SSL_get0_param(ssl)); SSL_free(ssl); SSL_CTX_free(ctx); #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ #endif /* OPENSSL_EXTRA && !defined(NO_RSA)*/ return EXPECT_RESULT(); } static int test_wolfSSL_X509_VERIFY_PARAM_set1_host(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) const char host[] = "www.example.com"; WOLFSSL_X509_VERIFY_PARAM* pParam = NULL; ExpectNotNull(pParam = (WOLFSSL_X509_VERIFY_PARAM*)XMALLOC( sizeof(WOLFSSL_X509_VERIFY_PARAM), HEAP_HINT, DYNAMIC_TYPE_OPENSSL)); if (pParam != NULL) { XMEMSET(pParam, 0, sizeof(WOLFSSL_X509_VERIFY_PARAM)); X509_VERIFY_PARAM_set1_host(pParam, host, sizeof(host)); ExpectIntEQ(XMEMCMP(pParam->hostName, host, sizeof(host)), 0); XMEMSET(pParam, 0, sizeof(WOLFSSL_X509_VERIFY_PARAM)); ExpectIntNE(XMEMCMP(pParam->hostName, host, sizeof(host)), 0); XFREE(pParam, HEAP_HINT, DYNAMIC_TYPE_OPENSSL); } #endif /* OPENSSL_EXTRA */ return EXPECT_RESULT(); } static int test_wolfSSL_set1_host(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) const char host[] = "www.test_wolfSSL_set1_host.com"; const char emptyStr[] = ""; SSL_CTX* ctx = NULL; SSL* ssl = NULL; WOLFSSL_X509_VERIFY_PARAM* pParam = NULL; #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method())); #else ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method())); #endif ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile, SSL_FILETYPE_PEM)); ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM)); ExpectNotNull(ssl = SSL_new(ctx)); pParam = SSL_get0_param(ssl); /* we should get back host string */ ExpectIntEQ(SSL_set1_host(ssl, host), WOLFSSL_SUCCESS); ExpectIntEQ(XMEMCMP(pParam->hostName, host, sizeof(host)), 0); /* we should get back empty string */ ExpectIntEQ(SSL_set1_host(ssl, emptyStr), WOLFSSL_SUCCESS); ExpectIntEQ(XMEMCMP(pParam->hostName, emptyStr, sizeof(emptyStr)), 0); /* we should get back host string */ ExpectIntEQ(SSL_set1_host(ssl, host), WOLFSSL_SUCCESS); ExpectIntEQ(XMEMCMP(pParam->hostName, host, sizeof(host)), 0); /* we should get back empty string */ ExpectIntEQ(SSL_set1_host(ssl, NULL), WOLFSSL_SUCCESS); ExpectIntEQ(XMEMCMP(pParam->hostName, emptyStr, sizeof(emptyStr)), 0); SSL_free(ssl); SSL_CTX_free(ctx); #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ #endif /* OPENSSL_EXTRA */ return EXPECT_RESULT(); } static int test_wolfSSL_X509_VERIFY_PARAM_set1_ip(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) unsigned char buf[16] = {0}; WOLFSSL_X509_VERIFY_PARAM* param = NULL; ExpectNotNull(param = X509_VERIFY_PARAM_new()); /* test 127.0.0.1 */ buf[0] =0x7f; buf[1] = 0; buf[2] = 0; buf[3] = 1; ExpectIntEQ(X509_VERIFY_PARAM_set1_ip(param, &buf[0], 4), SSL_SUCCESS); ExpectIntEQ(XSTRNCMP(param->ipasc, "127.0.0.1", sizeof(param->ipasc)), 0); /* test 2001:db8:3333:4444:5555:6666:7777:8888 */ buf[0]=32;buf[1]=1;buf[2]=13;buf[3]=184; buf[4]=51;buf[5]=51;buf[6]=68;buf[7]=68; buf[8]=85;buf[9]=85;buf[10]=102;buf[11]=102; buf[12]=119;buf[13]=119;buf[14]=136;buf[15]=136; ExpectIntEQ(X509_VERIFY_PARAM_set1_ip(param, &buf[0], 16), SSL_SUCCESS); ExpectIntEQ(XSTRNCMP(param->ipasc, "2001:db8:3333:4444:5555:6666:7777:8888", sizeof(param->ipasc)), 0); /* test 2001:db8:: */ buf[0]=32;buf[1]=1;buf[2]=13;buf[3]=184; buf[4]=0;buf[5]=0;buf[6]=0;buf[7]=0; buf[8]=0;buf[9]=0;buf[10]=0;buf[11]=0; buf[12]=0;buf[13]=0;buf[14]=0;buf[15]=0; ExpectIntEQ(X509_VERIFY_PARAM_set1_ip(param, &buf[0], 16), SSL_SUCCESS); ExpectIntEQ(XSTRNCMP(param->ipasc, "2001:db8::", sizeof(param->ipasc)), 0); /* test ::1234:5678 */ buf[0]=0;buf[1]=0;buf[2]=0;buf[3]=0; buf[4]=0;buf[5]=0;buf[6]=0;buf[7]=0; buf[8]=0;buf[9]=0;buf[10]=0;buf[11]=0; buf[12]=18;buf[13]=52;buf[14]=86;buf[15]=120; ExpectIntEQ(X509_VERIFY_PARAM_set1_ip(param, &buf[0], 16), SSL_SUCCESS); ExpectIntEQ(XSTRNCMP(param->ipasc, "::1234:5678", sizeof(param->ipasc)), 0); /* test 2001:db8::1234:5678 */ buf[0]=32;buf[1]=1;buf[2]=13;buf[3]=184; buf[4]=0;buf[5]=0;buf[6]=0;buf[7]=0; buf[8]=0;buf[9]=0;buf[10]=0;buf[11]=0; buf[12]=18;buf[13]=52;buf[14]=86;buf[15]=120; ExpectIntEQ(X509_VERIFY_PARAM_set1_ip(param, &buf[0], 16), SSL_SUCCESS); ExpectIntEQ(XSTRNCMP(param->ipasc, "2001:db8::1234:5678", sizeof(param->ipasc)), 0); /* test 2001:0db8:0001:0000:0000:0ab9:c0a8:0102*/ /* 2001:db8:1::ab9:c0a8:102 */ buf[0]=32;buf[1]=1;buf[2]=13;buf[3]=184; buf[4]=0;buf[5]=1;buf[6]=0;buf[7]=0; buf[8]=0;buf[9]=0;buf[10]=10;buf[11]=185; buf[12]=192;buf[13]=168;buf[14]=1;buf[15]=2; ExpectIntEQ(X509_VERIFY_PARAM_set1_ip(param, &buf[0], 16), SSL_SUCCESS); ExpectIntEQ(XSTRNCMP(param->ipasc, "2001:db8:1::ab9:c0a8:102", sizeof(param->ipasc)), 0); XFREE(param, HEAP_HINT, DYNAMIC_TYPE_OPENSSL); #endif /* OPENSSL_EXTRA */ return EXPECT_RESULT(); } static int test_wolfSSL_X509_STORE_CTX_get0_store(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) X509_STORE* store = NULL; X509_STORE_CTX* ctx = NULL; X509_STORE_CTX* ctx_no_init = NULL; ExpectNotNull((store = X509_STORE_new())); ExpectNotNull(ctx = X509_STORE_CTX_new()); ExpectNotNull(ctx_no_init = X509_STORE_CTX_new()); ExpectIntEQ(X509_STORE_CTX_init(ctx, store, NULL, NULL), SSL_SUCCESS); ExpectNull(X509_STORE_CTX_get0_store(NULL)); /* should return NULL if ctx has not bee initialized */ ExpectNull(X509_STORE_CTX_get0_store(ctx_no_init)); ExpectNotNull(X509_STORE_CTX_get0_store(ctx)); wolfSSL_X509_STORE_CTX_free(ctx); wolfSSL_X509_STORE_CTX_free(ctx_no_init); X509_STORE_free(store); #endif /* OPENSSL_EXTRA */ return EXPECT_RESULT(); } static int test_wolfSSL_CTX_set_client_CA_list(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_RSA) && !defined(NO_CERTS) && \ !defined(NO_WOLFSSL_CLIENT) && !defined(NO_BIO) WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; X509_NAME* name = NULL; STACK_OF(X509_NAME)* names = NULL; STACK_OF(X509_NAME)* ca_list = NULL; int names_len = 0; int i; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); /* Send two X501 names in cert request */ names = SSL_load_client_CA_file(cliCertFile); ExpectNotNull(names); ca_list = SSL_load_client_CA_file(caCertFile); ExpectNotNull(ca_list); ExpectNotNull(name = sk_X509_NAME_value(ca_list, 0)); ExpectIntEQ(sk_X509_NAME_push(names, name), 1); if (EXPECT_FAIL()) { wolfSSL_X509_NAME_free(name); name = NULL; } SSL_CTX_set_client_CA_list(ctx, names); /* This should only free the stack structure */ sk_X509_NAME_free(ca_list); ca_list = NULL; ExpectNotNull(ca_list = SSL_CTX_get_client_CA_list(ctx)); ExpectIntEQ(sk_X509_NAME_num(ca_list), sk_X509_NAME_num(names)); ExpectIntGT((names_len = sk_X509_NAME_num(names)), 0); for (i = 0; i < names_len; i++) { ExpectNotNull(name = sk_X509_NAME_value(names, i)); ExpectIntEQ(sk_X509_NAME_find(names, name), i); } /* Needed to be able to create ssl object */ ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile, SSL_FILETYPE_PEM)); ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM)); ExpectNotNull(ssl = wolfSSL_new(ctx)); /* load again as old names are responsibility of ctx to free*/ names = SSL_load_client_CA_file(cliCertFile); ExpectNotNull(names); SSL_set_client_CA_list(ssl, names); ExpectNotNull(ca_list = SSL_get_client_CA_list(ssl)); ExpectIntEQ(sk_X509_NAME_num(ca_list), sk_X509_NAME_num(names)); ExpectIntGT((names_len = sk_X509_NAME_num(names)), 0); for (i = 0; i < names_len; i++) { ExpectNotNull(name = sk_X509_NAME_value(names, i)); ExpectIntEQ(sk_X509_NAME_find(names, name), i); } #if !defined(SINGLE_THREADED) && defined(SESSION_CERTS) { tcp_ready ready; func_args server_args; callback_functions server_cb; THREAD_TYPE serverThread; WOLFSSL* ssl_client = NULL; WOLFSSL_CTX* ctx_client = NULL; SOCKET_T sockfd = 0; /* wolfSSL_get_client_CA_list() with handshake */ StartTCP(); InitTcpReady(&ready); XMEMSET(&server_args, 0, sizeof(func_args)); XMEMSET(&server_cb, 0, sizeof(callback_functions)); server_args.signal = &ready; server_args.callbacks = &server_cb; /* we are responsible for free'ing WOLFSSL_CTX */ server_cb.ctx = ctx; server_cb.isSharedCtx = 1; ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_load_verify_locations(ctx, cliCertFile, 0)); start_thread(test_server_nofail, &server_args, &serverThread); wait_tcp_ready(&server_args); tcp_connect(&sockfd, wolfSSLIP, server_args.signal->port, 0, 0, NULL); ExpectNotNull(ctx_client = wolfSSL_CTX_new(wolfTLSv1_2_client_method())); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_load_verify_locations( ctx_client, caCertFile, 0)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_certificate_file( ctx_client, cliCertFile, SSL_FILETYPE_PEM)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_PrivateKey_file( ctx_client, cliKeyFile, SSL_FILETYPE_PEM)); ExpectNotNull(ssl_client = wolfSSL_new(ctx_client)); ExpectIntEQ(wolfSSL_set_fd(ssl_client, sockfd), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_connect(ssl_client), WOLFSSL_SUCCESS); ExpectNotNull(ca_list = SSL_get_client_CA_list(ssl_client)); /* We are expecting two cert names to be sent */ ExpectIntEQ(sk_X509_NAME_num(ca_list), 2); ExpectNotNull(names = SSL_CTX_get_client_CA_list(ctx)); for (i=0; icallbacks; WOLFSSL_CTX* ctx = callbacks->ctx; WOLFSSL* ssl = NULL; SOCKET_T sfd = 0; SOCKET_T cfd = 0; word16 port; char input[1024]; int idx; int ret, err = 0; const char* privateName = "ech-private-name.com"; int privateNameLen = (int)XSTRLEN(privateName); ((func_args*)args)->return_code = TEST_FAIL; port = ((func_args*)args)->signal->port; AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_load_verify_locations(ctx, cliCertFile, 0)); AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM)); AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM)); if (callbacks->ctx_ready) callbacks->ctx_ready(ctx); ssl = wolfSSL_new(ctx); /* set the sni for the server */ wolfSSL_UseSNI(ssl, WOLFSSL_SNI_HOST_NAME, privateName, privateNameLen); tcp_accept(&sfd, &cfd, (func_args*)args, port, 0, 0, 0, 0, 1, NULL, NULL); CloseSocket(sfd); AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_set_fd(ssl, cfd)); if (callbacks->ssl_ready) callbacks->ssl_ready(ssl); do { err = 0; /* Reset error */ ret = wolfSSL_accept(ssl); if (ret != WOLFSSL_SUCCESS) { err = wolfSSL_get_error(ssl, 0); } } while (ret != WOLFSSL_SUCCESS && err == WC_PENDING_E); if (ret != WOLFSSL_SUCCESS) { char buff[WOLFSSL_MAX_ERROR_SZ]; fprintf(stderr, "error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buff)); } else { if (0 < (idx = wolfSSL_read(ssl, input, sizeof(input)-1))) { input[idx] = 0; fprintf(stderr, "Client message: %s\n", input); } AssertIntEQ(privateNameLen, wolfSSL_write(ssl, privateName, privateNameLen)); ((func_args*)args)->return_code = TEST_SUCCESS; } if (callbacks->on_result) callbacks->on_result(ssl); wolfSSL_shutdown(ssl); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); CloseSocket(cfd); #ifdef FP_ECC wc_ecc_fp_free(); #endif WOLFSSL_RETURN_FROM_THREAD(0); } #endif /* HAVE_ECH && WOLFSSL_TLS13 */ #if defined(OPENSSL_EXTRA) && defined(HAVE_SECRET_CALLBACK) static void keyLog_callback(const WOLFSSL* ssl, const char* line ) { AssertNotNull(ssl); AssertNotNull(line); XFILE fp; const byte lf = '\n'; fp = XFOPEN("./MyKeyLog.txt", "a"); XFWRITE( line, 1, strlen(line),fp); XFWRITE( (void*)&lf,1,1,fp); XFFLUSH(fp); XFCLOSE(fp); } #endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK */ static int test_wolfSSL_CTX_set_keylog_callback(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_SECRET_CALLBACK) && \ !defined(NO_WOLFSSL_CLIENT) SSL_CTX* ctx = NULL; ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method())); SSL_CTX_set_keylog_callback(ctx, keyLog_callback ); SSL_CTX_free(ctx); SSL_CTX_set_keylog_callback(NULL, NULL); #endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK && !NO_WOLFSSL_CLIENT */ return EXPECT_RESULT(); } static int test_wolfSSL_CTX_get_keylog_callback(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_SECRET_CALLBACK) && \ !defined(NO_WOLFSSL_CLIENT) SSL_CTX* ctx = NULL; ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method())); ExpectPtrEq(SSL_CTX_get_keylog_callback(ctx),NULL); SSL_CTX_set_keylog_callback(ctx, keyLog_callback ); ExpectPtrEq(SSL_CTX_get_keylog_callback(ctx),keyLog_callback); SSL_CTX_set_keylog_callback(ctx, NULL ); ExpectPtrEq(SSL_CTX_get_keylog_callback(ctx),NULL); SSL_CTX_free(ctx); #endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK && !NO_WOLFSSL_CLIENT */ return EXPECT_RESULT(); } #if defined(OPENSSL_EXTRA) && defined(HAVE_SECRET_CALLBACK) static int test_wolfSSL_Tls12_Key_Logging_client_ctx_ready(WOLFSSL_CTX* ctx) { /* set keylog callback */ wolfSSL_CTX_set_keylog_callback(ctx, keyLog_callback); return TEST_SUCCESS; } #endif static int test_wolfSSL_Tls12_Key_Logging_test(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_SECRET_CALLBACK) /* This test is intended for checking whether keylog callback is called * in client during TLS handshake between the client and a server. */ test_ssl_cbf server_cbf; test_ssl_cbf client_cbf; XFILE fp = XBADFILE; XMEMSET(&server_cbf, 0, sizeof(test_ssl_cbf)); XMEMSET(&client_cbf, 0, sizeof(test_ssl_cbf)); server_cbf.method = wolfTLSv1_2_server_method; client_cbf.ctx_ready = &test_wolfSSL_Tls12_Key_Logging_client_ctx_ready; /* clean up keylog file */ ExpectTrue((fp = XFOPEN("./MyKeyLog.txt", "w")) != XBADFILE); if (fp != XBADFILE) { XFFLUSH(fp); XFCLOSE(fp); fp = XBADFILE; } ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf, &server_cbf, NULL), TEST_SUCCESS); XSLEEP_MS(100); /* check if the keylog file exists */ char buff[300] = {0}; int found = 0; ExpectTrue((fp = XFOPEN("./MyKeyLog.txt", "r")) != XBADFILE); XFFLUSH(fp); /* Just to make sure any buffers get flushed */ while (EXPECT_SUCCESS() && XFGETS(buff, (int)sizeof(buff), fp) != NULL) { if (0 == strncmp(buff,"CLIENT_RANDOM ", sizeof("CLIENT_RANDOM ")-1)) { found = 1; break; } } if (fp != XBADFILE) { XFCLOSE(fp); } /* a log starting with "CLIENT_RANDOM " should exit in the file */ ExpectIntEQ(found, 1); /* clean up */ ExpectIntEQ(rem_file("./MyKeyLog.txt"), 0); #endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK */ return EXPECT_RESULT(); } #if defined(WOLFSSL_TLS13) && defined(OPENSSL_EXTRA) && \ defined(HAVE_SECRET_CALLBACK) static int test_wolfSSL_Tls13_Key_Logging_client_ctx_ready(WOLFSSL_CTX* ctx) { /* set keylog callback */ wolfSSL_CTX_set_keylog_callback(ctx, keyLog_callback); return TEST_SUCCESS; } #endif static int test_wolfSSL_Tls13_Key_Logging_test(void) { EXPECT_DECLS; #if defined(WOLFSSL_TLS13) && defined(OPENSSL_EXTRA) && \ defined(HAVE_SECRET_CALLBACK) /* This test is intended for checking whether keylog callback is called * in client during TLS handshake between the client and a server. */ test_ssl_cbf server_cbf; test_ssl_cbf client_cbf; XFILE fp = XBADFILE; XMEMSET(&server_cbf, 0, sizeof(test_ssl_cbf)); XMEMSET(&client_cbf, 0, sizeof(test_ssl_cbf)); server_cbf.method = wolfTLSv1_3_server_method; /* TLS1.3 */ client_cbf.ctx_ready = &test_wolfSSL_Tls13_Key_Logging_client_ctx_ready; /* clean up keylog file */ ExpectTrue((fp = XFOPEN("./MyKeyLog.txt", "w")) != XBADFILE); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf, &server_cbf, NULL), TEST_SUCCESS); /* check if the keylog file exists */ { char buff[300] = {0}; int found[4] = {0}; int numfnd = 0; int i; ExpectTrue((fp = XFOPEN("./MyKeyLog.txt", "r")) != XBADFILE); while (EXPECT_SUCCESS() && XFGETS(buff, (int)sizeof(buff), fp) != NULL) { if (0 == strncmp(buff, "CLIENT_HANDSHAKE_TRAFFIC_SECRET ", sizeof("CLIENT_HANDSHAKE_TRAFFIC_SECRET ")-1)) { found[0] = 1; continue; } else if (0 == strncmp(buff, "SERVER_HANDSHAKE_TRAFFIC_SECRET ", sizeof("SERVER_HANDSHAKE_TRAFFIC_SECRET ")-1)) { found[1] = 1; continue; } else if (0 == strncmp(buff, "CLIENT_TRAFFIC_SECRET_0 ", sizeof("CLIENT_TRAFFIC_SECRET_0 ")-1)) { found[2] = 1; continue; } else if (0 == strncmp(buff, "SERVER_TRAFFIC_SECRET_0 ", sizeof("SERVER_TRAFFIC_SECRET_0 ")-1)) { found[3] = 1; continue; } } if (fp != XBADFILE) XFCLOSE(fp); for (i = 0; i < 4; i++) { if (found[i] != 0) numfnd++; } ExpectIntEQ(numfnd, 4); } #endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK && WOLFSSL_TLS13 */ return EXPECT_RESULT(); } #if defined(WOLFSSL_TLS13) && defined(HAVE_ECH) && \ defined(HAVE_IO_TESTS_DEPENDENCIES) static int test_wolfSSL_Tls13_ECH_params(void) { EXPECT_DECLS; #if !defined(NO_WOLFSSL_CLIENT) word32 outputLen = 0; byte testBuf[72]; WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()); WOLFSSL *ssl = wolfSSL_new(ctx); ExpectNotNull(ctx); ExpectNotNull(ssl); /* invalid ctx */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_GenerateEchConfig(NULL, "ech-public-name.com", 0, 0, 0)); /* invalid public name */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_GenerateEchConfig(ctx, NULL, 0, 0, 0)); /* invalid algorithms */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_GenerateEchConfig(ctx, "ech-public-name.com", 1000, 1000, 1000)); /* invalid ctx */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_GetEchConfigs(NULL, NULL, &outputLen)); /* invalid output len */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_GetEchConfigs(ctx, NULL, NULL)); /* invalid ssl */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_SetEchConfigsBase64(NULL, (char*)testBuf, sizeof(testBuf))); /* invalid configs64 */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_SetEchConfigsBase64(ssl, NULL, sizeof(testBuf))); /* invalid size */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_SetEchConfigsBase64(ssl, (char*)testBuf, 0)); /* invalid ssl */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_SetEchConfigs(NULL, testBuf, sizeof(testBuf))); /* invalid configs */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_SetEchConfigs(ssl, NULL, sizeof(testBuf))); /* invalid size */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_SetEchConfigs(ssl, testBuf, 0)); /* invalid ssl */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_GetEchConfigs(NULL, NULL, &outputLen)); /* invalid size */ ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_GetEchConfigs(ssl, NULL, NULL)); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); #endif /* !NO_WOLFSSL_CLIENT */ return EXPECT_RESULT(); } static int test_wolfSSL_Tls13_ECH(void) { EXPECT_DECLS; tcp_ready ready; func_args client_args; func_args server_args; THREAD_TYPE serverThread; callback_functions server_cbf; callback_functions client_cbf; SOCKET_T sockfd = 0; WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; const char* publicName = "ech-public-name.com"; const char* privateName = "ech-private-name.com"; int privateNameLen = 20; char reply[1024]; int replyLen = 0; byte rawEchConfig[128]; word32 rawEchConfigLen = sizeof(rawEchConfig); InitTcpReady(&ready); ready.port = 22222; XMEMSET(&client_args, 0, sizeof(func_args)); XMEMSET(&server_args, 0, sizeof(func_args)); XMEMSET(&server_cbf, 0, sizeof(callback_functions)); XMEMSET(&client_cbf, 0, sizeof(callback_functions)); server_cbf.method = wolfTLSv1_3_server_method; /* TLS1.3 */ /* create the server context here so we can get the ech config */ ExpectNotNull(server_cbf.ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method())); /* generate ech config */ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_GenerateEchConfig(server_cbf.ctx, publicName, 0, 0, 0)); /* get the config for the client to use */ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_GetEchConfigs(server_cbf.ctx, rawEchConfig, &rawEchConfigLen)); server_args.callbacks = &server_cbf; server_args.signal = &ready; /* start server task */ start_thread(server_task_ech, &server_args, &serverThread); wait_tcp_ready(&server_args); /* run as a TLS1.3 client */ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method())); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, SSL_FILETYPE_PEM)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, SSL_FILETYPE_PEM)); tcp_connect(&sockfd, wolfSSLIP, server_args.signal->port, 0, 0, NULL); /* get connected the server task */ ExpectNotNull(ssl = wolfSSL_new(ctx)); /* set the ech configs for the client */ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetEchConfigs(ssl, rawEchConfig, rawEchConfigLen)); /* set the sni for the client */ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseSNI(ssl, WOLFSSL_SNI_HOST_NAME, privateName, privateNameLen)); ExpectIntEQ(wolfSSL_set_fd(ssl, sockfd), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_connect(ssl), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_write(ssl, privateName, privateNameLen), privateNameLen); ExpectIntGT((replyLen = wolfSSL_read(ssl, reply, sizeof(reply))), 0); /* add th null terminator for string compare */ reply[replyLen] = 0; /* check that the server replied with the private name */ ExpectStrEQ(privateName, reply); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); CloseSocket(sockfd); join_thread(serverThread); FreeTcpReady(&ready); return EXPECT_RESULT(); } #endif /* HAVE_ECH && WOLFSSL_TLS13 */ #if defined(HAVE_IO_TESTS_DEPENDENCIES) && \ defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH) static int post_auth_version_cb(WOLFSSL* ssl) { EXPECT_DECLS; /* do handshake and then test version error */ ExpectIntEQ(wolfSSL_accept(ssl), WOLFSSL_SUCCESS); ExpectStrEQ("TLSv1.2", wolfSSL_get_version(ssl)); return EXPECT_RESULT(); } static int post_auth_version_client_cb(WOLFSSL* ssl) { EXPECT_DECLS; /* do handshake and then test version error */ ExpectIntEQ(wolfSSL_connect(ssl), WOLFSSL_SUCCESS); ExpectStrEQ("TLSv1.2", wolfSSL_get_version(ssl)); ExpectIntEQ(wolfSSL_verify_client_post_handshake(ssl), WOLFSSL_FAILURE); #if defined(OPENSSL_ALL) && !defined(NO_ERROR_QUEUE) /* check was added to error queue */ ExpectIntEQ(wolfSSL_ERR_get_error(), -UNSUPPORTED_PROTO_VERSION); /* check the string matches expected string */ ExpectStrEQ(wolfSSL_ERR_error_string(-UNSUPPORTED_PROTO_VERSION, NULL), "WRONG_SSL_VERSION"); #endif return EXPECT_RESULT(); } static int post_auth_cb(WOLFSSL* ssl) { EXPECT_DECLS; WOLFSSL_X509* x509 = NULL; /* do handshake and then test version error */ ExpectIntEQ(wolfSSL_accept(ssl), WOLFSSL_SUCCESS); ExpectStrEQ("TLSv1.3", wolfSSL_get_version(ssl)); ExpectNull(x509 = wolfSSL_get_peer_certificate(ssl)); wolfSSL_X509_free(x509); ExpectIntEQ(wolfSSL_verify_client_post_handshake(ssl), WOLFSSL_SUCCESS); return EXPECT_RESULT(); } static int set_post_auth_cb(WOLFSSL* ssl) { if (!wolfSSL_is_server(ssl)) { EXPECT_DECLS; ExpectIntEQ(wolfSSL_allow_post_handshake_auth(ssl), 0); return EXPECT_RESULT(); } wolfSSL_set_verify(ssl, WOLFSSL_VERIFY_POST_HANDSHAKE, NULL); return TEST_SUCCESS; } #endif static int test_wolfSSL_Tls13_postauth(void) { EXPECT_DECLS; #if defined(HAVE_IO_TESTS_DEPENDENCIES) && \ defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH) test_ssl_cbf server_cbf; test_ssl_cbf client_cbf; /* test version failure doing post auth with TLS 1.2 connection */ XMEMSET(&server_cbf, 0, sizeof(server_cbf)); XMEMSET(&client_cbf, 0, sizeof(client_cbf)); server_cbf.method = wolfTLSv1_2_server_method; server_cbf.ssl_ready = set_post_auth_cb; server_cbf.on_result = post_auth_version_cb; client_cbf.ssl_ready = set_post_auth_cb; client_cbf.on_result = post_auth_version_client_cb; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf, &server_cbf, NULL), TEST_SUCCESS); /* tests on post auth with TLS 1.3 */ XMEMSET(&server_cbf, 0, sizeof(server_cbf)); XMEMSET(&client_cbf, 0, sizeof(client_cbf)); server_cbf.method = wolfTLSv1_3_server_method; server_cbf.ssl_ready = set_post_auth_cb; client_cbf.ssl_ready = set_post_auth_cb; server_cbf.on_result = post_auth_cb; client_cbf.on_result = NULL; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf, &server_cbf, NULL), TEST_SUCCESS); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_NID(void) { EXPECT_DECLS; #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \ !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048) && !defined(NO_ASN) int sigType; int nameSz; X509* cert = NULL; EVP_PKEY* pubKeyTmp = NULL; X509_NAME* name = NULL; char commonName[80]; char countryName[80]; char localityName[80]; char stateName[80]; char orgName[80]; char orgUnit[80]; /* ------ PARSE ORIGINAL SELF-SIGNED CERTIFICATE ------ */ /* convert cert from DER to internal WOLFSSL_X509 struct */ ExpectNotNull(cert = wolfSSL_X509_d2i_ex(&cert, client_cert_der_2048, sizeof_client_cert_der_2048, HEAP_HINT)); /* ------ EXTRACT CERTIFICATE ELEMENTS ------ */ /* extract PUBLIC KEY from cert */ ExpectNotNull(pubKeyTmp = X509_get_pubkey(cert)); /* extract signatureType */ ExpectIntNE((sigType = wolfSSL_X509_get_signature_type(cert)), 0); /* extract subjectName info */ ExpectNotNull(name = X509_get_subject_name(cert)); ExpectIntEQ(X509_NAME_get_text_by_NID(name, -1, NULL, 0), -1); ExpectIntGT((nameSz = X509_NAME_get_text_by_NID(name, NID_commonName, NULL, 0)), 0); ExpectIntEQ(nameSz, 15); ExpectIntGT((nameSz = X509_NAME_get_text_by_NID(name, NID_commonName, commonName, sizeof(commonName))), 0); ExpectIntEQ(nameSz, 15); ExpectIntEQ(XMEMCMP(commonName, "www.wolfssl.com", nameSz), 0); ExpectIntGT((nameSz = X509_NAME_get_text_by_NID(name, NID_commonName, commonName, 9)), 0); ExpectIntEQ(nameSz, 8); ExpectIntEQ(XMEMCMP(commonName, "www.wolf", nameSz), 0); ExpectIntGT((nameSz = X509_NAME_get_text_by_NID(name, NID_countryName, countryName, sizeof(countryName))), 0); ExpectIntEQ(XMEMCMP(countryName, "US", nameSz), 0); ExpectIntGT((nameSz = X509_NAME_get_text_by_NID(name, NID_localityName, localityName, sizeof(localityName))), 0); ExpectIntEQ(XMEMCMP(localityName, "Bozeman", nameSz), 0); ExpectIntGT((nameSz = X509_NAME_get_text_by_NID(name, NID_stateOrProvinceName, stateName, sizeof(stateName))), 0); ExpectIntEQ(XMEMCMP(stateName, "Montana", nameSz), 0); ExpectIntGT((nameSz = X509_NAME_get_text_by_NID(name, NID_organizationName, orgName, sizeof(orgName))), 0); ExpectIntEQ(XMEMCMP(orgName, "wolfSSL_2048", nameSz), 0); ExpectIntGT((nameSz = X509_NAME_get_text_by_NID(name, NID_organizationalUnitName, orgUnit, sizeof(orgUnit))), 0); ExpectIntEQ(XMEMCMP(orgUnit, "Programming-2048", nameSz), 0); EVP_PKEY_free(pubKeyTmp); X509_free(cert); #endif return EXPECT_RESULT(); } static int test_wolfSSL_CTX_set_srp_username(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) \ && !defined(NO_SHA256) && !defined(WC_NO_RNG) && !defined(NO_WOLFSSL_CLIENT) WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; const char *username = "TESTUSER"; const char *password = "TESTPASSWORD"; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); ExpectIntEQ(wolfSSL_CTX_set_srp_username(ctx, (char *)username), SSL_SUCCESS); wolfSSL_CTX_free(ctx); ctx = NULL; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); ExpectIntEQ(wolfSSL_CTX_set_srp_password(ctx, (char *)password), SSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_set_srp_username(ctx, (char *)username), SSL_SUCCESS); ExpectNotNull(ssl = SSL_new(ctx)); ExpectNotNull(SSL_get_srp_username(ssl)); ExpectStrEQ(SSL_get_srp_username(ssl), username); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); #endif /* OPENSSL_EXTRA && WOLFCRYPT_HAVE_SRP */ /* && !NO_SHA256 && !WC_NO_RNG && !NO_WOLFSSL_CLIENT */ return EXPECT_RESULT(); } static int test_wolfSSL_CTX_set_srp_password(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) && \ !defined(NO_SHA256) && !defined(WC_NO_RNG) && !defined(NO_WOLFSSL_CLIENT) WOLFSSL_CTX* ctx = NULL; const char *username = "TESTUSER"; const char *password = "TESTPASSWORD"; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); ExpectIntEQ(wolfSSL_CTX_set_srp_password(ctx, (char *)password), SSL_SUCCESS); wolfSSL_CTX_free(ctx); ctx = NULL; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); ExpectIntEQ(wolfSSL_CTX_set_srp_username(ctx, (char *)username), SSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_set_srp_password(ctx, (char *)password), SSL_SUCCESS); wolfSSL_CTX_free(ctx); #endif /* OPENSSL_EXTRA && WOLFCRYPT_HAVE_SRP */ /* && !NO_SHA256 && !WC_NO_RNG && !NO_WOLFSSL_CLIENT */ return EXPECT_RESULT(); } static int test_wolfSSL_X509_STORE(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) X509_STORE *store = NULL; #ifdef HAVE_CRL X509_STORE_CTX *storeCtx = NULL; X509_CRL *crl = NULL; X509 *ca = NULL; X509 *cert = NULL; const char crlPem[] = "./certs/crl/crl.revoked"; const char srvCert[] = "./certs/server-revoked-cert.pem"; const char caCert[] = "./certs/ca-cert.pem"; XFILE fp = XBADFILE; ExpectNotNull(store = (X509_STORE *)X509_STORE_new()); ExpectNotNull((ca = wolfSSL_X509_load_certificate_file(caCert, SSL_FILETYPE_PEM))); ExpectIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS); ExpectNotNull((cert = wolfSSL_X509_load_certificate_file(srvCert, SSL_FILETYPE_PEM))); ExpectNotNull((storeCtx = X509_STORE_CTX_new())); ExpectIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS); ExpectIntEQ(X509_verify_cert(storeCtx), SSL_SUCCESS); X509_STORE_free(store); store = NULL; X509_STORE_CTX_free(storeCtx); storeCtx = NULL; X509_free(cert); cert = NULL; X509_free(ca); ca = NULL; /* should fail to verify now after adding in CRL */ ExpectNotNull(store = (X509_STORE *)X509_STORE_new()); ExpectNotNull((ca = wolfSSL_X509_load_certificate_file(caCert, SSL_FILETYPE_PEM))); ExpectIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS); ExpectTrue((fp = XFOPEN(crlPem, "rb")) != XBADFILE); ExpectNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL, NULL, NULL)); if (fp != XBADFILE) XFCLOSE(fp); ExpectIntEQ(X509_STORE_add_crl(store, crl), SSL_SUCCESS); ExpectIntEQ(X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK),SSL_SUCCESS); ExpectNotNull((storeCtx = X509_STORE_CTX_new())); ExpectNotNull((cert = wolfSSL_X509_load_certificate_file(srvCert, SSL_FILETYPE_PEM))); ExpectIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS); ExpectIntNE(X509_verify_cert(storeCtx), SSL_SUCCESS); ExpectIntEQ(X509_STORE_CTX_get_error(storeCtx), WOLFSSL_X509_V_ERR_CERT_REVOKED); X509_CRL_free(crl); crl = NULL; X509_STORE_free(store); store = NULL; X509_STORE_CTX_free(storeCtx); storeCtx = NULL; X509_free(cert); cert = NULL; X509_free(ca); ca = NULL; #endif /* HAVE_CRL */ #ifndef WOLFCRYPT_ONLY { #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) SSL_CTX* ctx = NULL; SSL* ssl = NULL; int i; for (i = 0; i < 2; i++) { #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method())); #else ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method())); #endif ExpectNotNull(store = (X509_STORE *)X509_STORE_new()); SSL_CTX_set_cert_store(ctx, store); ExpectNotNull(store = (X509_STORE *)X509_STORE_new()); SSL_CTX_set_cert_store(ctx, store); ExpectNotNull(store = (X509_STORE *)X509_STORE_new()); ExpectIntEQ(SSL_CTX_use_certificate_file(ctx, svrCertFile, SSL_FILETYPE_PEM), SSL_SUCCESS); ExpectIntEQ(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM), SSL_SUCCESS); ExpectNotNull(ssl = SSL_new(ctx)); if (i == 0) { ExpectIntEQ(SSL_set0_verify_cert_store(ssl, store), SSL_SUCCESS); } else { ExpectIntEQ(SSL_set1_verify_cert_store(ssl, store), SSL_SUCCESS); #ifdef OPENSSL_ALL ExpectIntEQ(SSL_CTX_set1_verify_cert_store(ctx, store), SSL_SUCCESS); #endif } if (EXPECT_FAIL() || (i == 1)) { X509_STORE_free(store); store = NULL; } SSL_free(ssl); ssl = NULL; SSL_CTX_free(ctx); ctx = NULL; } #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ } #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_STORE_load_locations(void) { EXPECT_DECLS; #if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && \ !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR) && !defined(NO_RSA) SSL_CTX *ctx = NULL; X509_STORE *store = NULL; const char ca_file[] = "./certs/ca-cert.pem"; const char client_pem_file[] = "./certs/client-cert.pem"; const char client_der_file[] = "./certs/client-cert.der"; const char ecc_file[] = "./certs/ecc-key.pem"; const char certs_path[] = "./certs/"; const char bad_path[] = "./bad-path/"; #ifdef HAVE_CRL const char crl_path[] = "./certs/crl/"; const char crl_file[] = "./certs/crl/crl.pem"; #endif #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = SSL_CTX_new(SSLv23_server_method())); #else ExpectNotNull(ctx = SSL_CTX_new(SSLv23_client_method())); #endif ExpectNotNull(store = SSL_CTX_get_cert_store(ctx)); ExpectIntEQ(wolfSSL_CertManagerLoadCA(store->cm, ca_file, NULL), WOLFSSL_SUCCESS); /* Test bad arguments */ ExpectIntEQ(X509_STORE_load_locations(NULL, ca_file, NULL), WOLFSSL_FAILURE); ExpectIntEQ(X509_STORE_load_locations(store, NULL, NULL), WOLFSSL_FAILURE); ExpectIntEQ(X509_STORE_load_locations(store, client_der_file, NULL), WOLFSSL_FAILURE); ExpectIntEQ(X509_STORE_load_locations(store, ecc_file, NULL), WOLFSSL_FAILURE); ExpectIntEQ(X509_STORE_load_locations(store, NULL, bad_path), WOLFSSL_FAILURE); #ifdef HAVE_CRL /* Test with CRL */ ExpectIntEQ(X509_STORE_load_locations(store, crl_file, NULL), WOLFSSL_SUCCESS); ExpectIntEQ(X509_STORE_load_locations(store, NULL, crl_path), WOLFSSL_SUCCESS); #endif /* Test with CA */ ExpectIntEQ(X509_STORE_load_locations(store, ca_file, NULL), WOLFSSL_SUCCESS); /* Test with client_cert and certs path */ ExpectIntEQ(X509_STORE_load_locations(store, client_pem_file, NULL), WOLFSSL_SUCCESS); ExpectIntEQ(X509_STORE_load_locations(store, NULL, certs_path), WOLFSSL_SUCCESS); #if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) /* Clear nodes */ ERR_clear_error(); #endif SSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_X509_STORE_get0_objects(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && \ !defined(NO_WOLFSSL_DIR) && !defined(NO_RSA) X509_STORE *store = NULL; X509_STORE *store_cpy = NULL; SSL_CTX *ctx = NULL; X509_OBJECT *obj = NULL; STACK_OF(X509_OBJECT) *objs = NULL; int i; /* Setup store */ #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = SSL_CTX_new(SSLv23_server_method())); #else ExpectNotNull(ctx = SSL_CTX_new(SSLv23_client_method())); #endif ExpectNotNull(store_cpy = X509_STORE_new()); ExpectNotNull(store = SSL_CTX_get_cert_store(ctx)); ExpectIntEQ(X509_STORE_load_locations(store, cliCertFile, NULL), WOLFSSL_SUCCESS); ExpectIntEQ(X509_STORE_load_locations(store, caCertFile, NULL), WOLFSSL_SUCCESS); ExpectIntEQ(X509_STORE_load_locations(store, svrCertFile, NULL), WOLFSSL_SUCCESS); #ifdef HAVE_CRL ExpectIntEQ(X509_STORE_load_locations(store, NULL, crlPemDir), WOLFSSL_SUCCESS); #endif /* Store ready */ /* Similar to HaProxy ssl_set_cert_crl_file use case */ ExpectNotNull(objs = X509_STORE_get0_objects(store)); #ifdef HAVE_CRL #ifdef WOLFSSL_SIGNER_DER_CERT ExpectIntEQ(sk_X509_OBJECT_num(objs), 4); #else ExpectIntEQ(sk_X509_OBJECT_num(objs), 1); #endif #else #ifdef WOLFSSL_SIGNER_DER_CERT ExpectIntEQ(sk_X509_OBJECT_num(objs), 3); #else ExpectIntEQ(sk_X509_OBJECT_num(objs), 0); #endif #endif for (i = 0; i < sk_X509_OBJECT_num(objs); i++) { obj = (X509_OBJECT*)sk_X509_OBJECT_value(objs, i); switch (X509_OBJECT_get_type(obj)) { case X509_LU_X509: { WOLFSSL_X509* x509; ExpectNotNull(x509 = X509_OBJECT_get0_X509(obj)); ExpectIntEQ(X509_STORE_add_cert(store_cpy, x509), WOLFSSL_SUCCESS); break; } case X509_LU_CRL: #ifdef HAVE_CRL { WOLFSSL_CRL* crl = NULL; ExpectNotNull(crl = X509_OBJECT_get0_X509_CRL(obj)); ExpectIntEQ(X509_STORE_add_crl(store_cpy, crl), WOLFSSL_SUCCESS); break; } #endif case X509_LU_NONE: default: Fail(("X509_OBJECT_get_type should return x509 or crl " "(when built with crl support)"), ("Unrecognized X509_OBJECT type or none")); } } X509_STORE_free(store_cpy); SSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfSSL_BN_CTX(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \ !defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH) WOLFSSL_BN_CTX* bn_ctx = NULL; WOLFSSL_BIGNUM* t = NULL; ExpectNotNull(bn_ctx = wolfSSL_BN_CTX_new()); /* No implementation. */ BN_CTX_init(NULL); ExpectNotNull(t = BN_CTX_get(NULL)); BN_free(t); ExpectNotNull(t = BN_CTX_get(bn_ctx)); BN_free(t); #ifndef NO_WOLFSSL_STUB /* No implementation. */ BN_CTX_start(NULL); BN_CTX_start(bn_ctx); #endif BN_CTX_free(NULL); BN_CTX_free(bn_ctx); #endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */ return EXPECT_RESULT(); } static int test_wolfSSL_BN(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \ !defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH) BIGNUM* a = NULL; BIGNUM* b = NULL; BIGNUM* c = NULL; BIGNUM* d = NULL; BIGNUM emptyBN; /* Setup */ XMEMSET(&emptyBN, 0, sizeof(emptyBN)); /* internal not set emptyBN. */ ExpectNotNull(a = BN_new()); ExpectNotNull(b = BN_new()); ExpectNotNull(c = BN_dup(b)); ExpectNotNull(d = BN_new()); /* Invalid parameter testing. */ BN_free(NULL); ExpectNull(BN_dup(NULL)); ExpectNull(BN_dup(&emptyBN)); ExpectNull(BN_copy(NULL, NULL)); ExpectNull(BN_copy(b, NULL)); ExpectNull(BN_copy(NULL, c)); ExpectNull(BN_copy(b, &emptyBN)); ExpectNull(BN_copy(&emptyBN, c)); BN_clear(NULL); BN_clear(&emptyBN); ExpectIntEQ(BN_num_bytes(NULL), 0); ExpectIntEQ(BN_num_bytes(&emptyBN), 0); ExpectIntEQ(BN_num_bits(NULL), 0); ExpectIntEQ(BN_num_bits(&emptyBN), 0); ExpectIntEQ(BN_is_negative(NULL), 0); ExpectIntEQ(BN_is_negative(&emptyBN), 0); /* END Invalid Parameters */ ExpectIntEQ(BN_set_word(a, 3), SSL_SUCCESS); ExpectIntEQ(BN_set_word(b, 2), SSL_SUCCESS); ExpectIntEQ(BN_set_word(c, 5), SSL_SUCCESS); ExpectIntEQ(BN_num_bits(a), 2); ExpectIntEQ(BN_num_bytes(a), 1); #if !defined(WOLFSSL_SP_MATH) && (!defined(WOLFSSL_SP_MATH_ALL) || \ defined(WOLFSSL_SP_INT_NEGATIVE)) ExpectIntEQ(BN_set_word(a, 1), SSL_SUCCESS); ExpectIntEQ(BN_set_word(b, 5), SSL_SUCCESS); ExpectIntEQ(BN_is_word(a, (WOLFSSL_BN_ULONG)BN_get_word(a)), SSL_SUCCESS); ExpectIntEQ(BN_is_word(a, 3), SSL_FAILURE); ExpectIntEQ(BN_sub(c, a, b), SSL_SUCCESS); #if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) { /* Do additional tests on negative BN conversions. */ char* ret = NULL; ASN1_INTEGER* asn1 = NULL; BIGNUM* tmp = NULL; /* Sanity check we have a negative BN. */ ExpectIntEQ(BN_is_negative(c), 1); ExpectNotNull(ret = BN_bn2dec(c)); ExpectIntEQ(XMEMCMP(ret, "-4", sizeof("-4")), 0); XFREE(ret, NULL, DYNAMIC_TYPE_OPENSSL); ret = NULL; /* Convert to ASN1_INTEGER and back to BN. */ ExpectNotNull(asn1 = BN_to_ASN1_INTEGER(c, NULL)); ExpectNotNull(tmp = ASN1_INTEGER_to_BN(asn1, NULL)); /* After converting back BN should be negative and correct. */ ExpectIntEQ(BN_is_negative(tmp), 1); ExpectNotNull(ret = BN_bn2dec(tmp)); ExpectIntEQ(XMEMCMP(ret, "-4", sizeof("-4")), 0); XFREE(ret, NULL, DYNAMIC_TYPE_OPENSSL); ASN1_INTEGER_free(asn1); BN_free(tmp); } #endif ExpectIntEQ(BN_get_word(c), 4); #endif ExpectIntEQ(BN_set_word(a, 3), 1); ExpectIntEQ(BN_set_word(b, 3), 1); ExpectIntEQ(BN_set_word(c, 4), 1); /* NULL == NULL, NULL < num, num > NULL */ ExpectIntEQ(BN_cmp(NULL, NULL), 0); ExpectIntEQ(BN_cmp(&emptyBN, &emptyBN), 0); ExpectIntLT(BN_cmp(NULL, b), 0); ExpectIntLT(BN_cmp(&emptyBN, b), 0); ExpectIntGT(BN_cmp(a, NULL), 0); ExpectIntGT(BN_cmp(a, &emptyBN), 0); ExpectIntEQ(BN_cmp(a, b), 0); ExpectIntLT(BN_cmp(a, c), 0); ExpectIntGT(BN_cmp(c, b), 0); #if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) ExpectIntEQ(BN_print_fp(XBADFILE, NULL), 0); ExpectIntEQ(BN_print_fp(XBADFILE, &emptyBN), 0); ExpectIntEQ(BN_print_fp(stderr, NULL), 0); ExpectIntEQ(BN_print_fp(stderr, &emptyBN), 0); ExpectIntEQ(BN_print_fp(XBADFILE, a), 0); ExpectIntEQ(BN_print_fp(stderr, a), 1); #endif BN_clear(a); BN_free(a); BN_free(b); BN_free(c); BN_clear_free(d); #endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */ return EXPECT_RESULT(); } static int test_wolfSSL_BN_init(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \ !defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH) #if !defined(USE_INTEGER_HEAP_MATH) && !defined(HAVE_WOLF_BIGINT) BIGNUM* ap = NULL; BIGNUM bv; BIGNUM cv; BIGNUM dv; ExpectNotNull(ap = BN_new()); BN_init(NULL); XMEMSET(&bv, 0, sizeof(bv)); ExpectNull(BN_dup(&bv)); BN_init(&bv); BN_init(&cv); BN_init(&dv); ExpectIntEQ(BN_set_word(ap, 3), SSL_SUCCESS); ExpectIntEQ(BN_set_word(&bv, 2), SSL_SUCCESS); ExpectIntEQ(BN_set_word(&cv, 5), SSL_SUCCESS); /* a^b mod c = */ ExpectIntEQ(BN_mod_exp(&dv, NULL, &bv, &cv, NULL), WOLFSSL_FAILURE); ExpectIntEQ(BN_mod_exp(&dv, ap, &bv, &cv, NULL), WOLFSSL_SUCCESS); /* check result 3^2 mod 5 */ ExpectIntEQ(BN_get_word(&dv), 4); /* a*b mod c = */ ExpectIntEQ(BN_mod_mul(&dv, NULL, &bv, &cv, NULL), SSL_FAILURE); ExpectIntEQ(BN_mod_mul(&dv, ap, &bv, &cv, NULL), SSL_SUCCESS); /* check result 3*2 mod 5 */ ExpectIntEQ(BN_get_word(&dv), 1); BN_free(ap); #endif #endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */ return EXPECT_RESULT(); } static int test_wolfSSL_BN_enc_dec(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(WOLFSSL_SP_MATH) BIGNUM* a = NULL; BIGNUM* b = NULL; BIGNUM* c = NULL; BIGNUM emptyBN; char* str = NULL; const char* emptyStr = ""; const char* numberStr = "12345"; const char* badStr = "g12345"; #if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) const char* twoStr = "2"; #endif unsigned char binNum[] = { 0x01, 0x02, 0x03, 0x04, 0x05 }; unsigned char outNum[5]; /* Setup */ XMEMSET(&emptyBN, 0, sizeof(emptyBN)); ExpectNotNull(a = BN_new()); ExpectNotNull(b = BN_new()); ExpectIntEQ(BN_set_word(a, 2), 1); /* Invalid parameters */ ExpectIntEQ(BN_bn2bin(NULL, NULL), -1); ExpectIntEQ(BN_bn2bin(&emptyBN, NULL), -1); ExpectIntEQ(BN_bn2bin(NULL, outNum), -1); ExpectIntEQ(BN_bn2bin(&emptyBN, outNum), -1); ExpectNull(BN_bn2hex(NULL)); ExpectNull(BN_bn2hex(&emptyBN)); ExpectNull(BN_bn2dec(NULL)); ExpectNull(BN_bn2dec(&emptyBN)); ExpectNull(BN_bin2bn(NULL, sizeof(binNum), NULL)); ExpectNull(BN_bin2bn(NULL, sizeof(binNum), a)); ExpectNull(BN_bin2bn(binNum, -1, a)); ExpectNull(BN_bin2bn(binNum, -1, NULL)); ExpectNull(BN_bin2bn(binNum, sizeof(binNum), &emptyBN)); ExpectIntEQ(BN_hex2bn(NULL, NULL), 0); ExpectIntEQ(BN_hex2bn(NULL, numberStr), 0); ExpectIntEQ(BN_hex2bn(&a, NULL), 0); ExpectIntEQ(BN_hex2bn(&a, emptyStr), 0); ExpectIntEQ(BN_hex2bn(&a, badStr), 0); ExpectIntEQ(BN_hex2bn(&c, badStr), 0); ExpectIntEQ(BN_dec2bn(NULL, NULL), 0); ExpectIntEQ(BN_dec2bn(NULL, numberStr), 0); ExpectIntEQ(BN_dec2bn(&a, NULL), 0); ExpectIntEQ(BN_dec2bn(&a, emptyStr), 0); ExpectIntEQ(BN_dec2bn(&a, badStr), 0); ExpectIntEQ(BN_dec2bn(&c, badStr), 0); ExpectIntEQ(BN_set_word(a, 2), 1); ExpectIntEQ(BN_bn2bin(a, NULL), 1); ExpectIntEQ(BN_bn2bin(a, outNum), 1); ExpectNotNull(BN_bin2bn(outNum, 1, b)); ExpectIntEQ(BN_cmp(a, b), 0); ExpectNotNull(BN_bin2bn(binNum, sizeof(binNum), b)); ExpectIntEQ(BN_cmp(a, b), -1); ExpectNotNull(str = BN_bn2hex(a)); ExpectNotNull(BN_hex2bn(&b, str)); ExpectIntEQ(BN_cmp(a, b), 0); ExpectNotNull(BN_hex2bn(&b, numberStr)); ExpectIntEQ(BN_cmp(a, b), -1); XFREE(str, NULL, DYNAMIC_TYPE_OPENSSL); str = NULL; #if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) ExpectNotNull(str = BN_bn2dec(a)); ExpectStrEQ(str, twoStr); XFREE(str, NULL, DYNAMIC_TYPE_OPENSSL); str = NULL; #ifndef NO_RSA ExpectNotNull(str = BN_bn2dec(a)); ExpectNotNull(BN_dec2bn(&b, str)); ExpectIntEQ(BN_cmp(a, b), 0); ExpectNotNull(BN_dec2bn(&b, numberStr)); ExpectIntEQ(BN_cmp(a, b), -1); XFREE(str, NULL, DYNAMIC_TYPE_OPENSSL); str = NULL; #else /* No implementation - fail with good parameters. */ ExpectIntEQ(BN_dec2bn(&a, numberStr), 0); #endif #endif BN_free(b); BN_free(a); #endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */ return EXPECT_RESULT(); } static int test_wolfSSL_BN_word(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(WOLFSSL_SP_MATH) BIGNUM* a = NULL; BIGNUM* b = NULL; BIGNUM* c = NULL; BIGNUM av; ExpectNotNull(a = BN_new()); ExpectNotNull(b = BN_new()); ExpectNotNull(c = BN_new()); XMEMSET(&av, 0, sizeof(av)); /* Invalid parameter. */ ExpectIntEQ(BN_add_word(NULL, 3), 0); ExpectIntEQ(BN_add_word(&av, 3), 0); ExpectIntEQ(BN_sub_word(NULL, 3), 0); ExpectIntEQ(BN_sub_word(&av, 3), 0); ExpectIntEQ(BN_set_word(NULL, 3), 0); ExpectIntEQ(BN_set_word(&av, 3), 0); ExpectIntEQ(BN_get_word(NULL), 0); ExpectIntEQ(BN_get_word(&av), 0); ExpectIntEQ(BN_is_word(NULL, 3), 0); ExpectIntEQ(BN_is_word(&av, 3), 0); #if defined(WOLFSSL_KEY_GEN) && (!defined(NO_RSA) || !defined(NO_DH) || \ !defined(NO_DSA)) ExpectIntEQ(BN_mod_word(NULL, 3), -1); ExpectIntEQ(BN_mod_word(&av, 3), -1); #endif ExpectIntEQ(BN_one(NULL), 0); ExpectIntEQ(BN_one(&av), 0); BN_zero(NULL); BN_zero(&av); ExpectIntEQ(BN_is_one(NULL), 0); ExpectIntEQ(BN_is_one(&av), 0); ExpectIntEQ(BN_is_zero(NULL), 0); ExpectIntEQ(BN_is_zero(&av), 0); ExpectIntEQ(BN_set_word(a, 3), 1); ExpectIntEQ(BN_set_word(b, 2), 1); ExpectIntEQ(BN_set_word(c, 5), 1); /* a + 3 = */ ExpectIntEQ(BN_add_word(a, 3), 1); /* check result 3 + 3*/ ExpectIntEQ(BN_get_word(a), 6); ExpectIntEQ(BN_is_word(a, 6), 1); ExpectIntEQ(BN_is_word(a, 5), 0); /* set a back to 3 */ ExpectIntEQ(BN_set_word(a, 3), 1); /* a - 3 = */ ExpectIntEQ(BN_sub_word(a, 3), 1); /* check result 3 - 3*/ ExpectIntEQ(BN_get_word(a), 0); ExpectIntEQ(BN_one(a), 1); ExpectIntEQ(BN_is_word(a, 1), 1); ExpectIntEQ(BN_is_word(a, 0), 0); ExpectIntEQ(BN_is_one(a), 1); ExpectIntEQ(BN_is_zero(a), 0); BN_zero(a); ExpectIntEQ(BN_is_word(a, 0), 1); ExpectIntEQ(BN_is_word(a, 1), 0); ExpectIntEQ(BN_is_zero(a), 1); ExpectIntEQ(BN_is_one(a), 0); #if defined(WOLFSSL_KEY_GEN) && (!defined(NO_RSA) || !defined(NO_DH) || \ !defined(NO_DSA)) ExpectIntEQ(BN_set_word(a, 5), 1); ExpectIntEQ(BN_mod_word(a, 3), 2); ExpectIntEQ(BN_mod_word(a, 0), -1); #endif BN_free(c); BN_free(b); BN_free(a); #endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */ return EXPECT_RESULT(); } static int test_wolfSSL_BN_bits(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \ !defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH) BIGNUM* a = NULL; BIGNUM emptyBN; /* Setup */ XMEMSET(&emptyBN, 0, sizeof(emptyBN)); ExpectNotNull(a = BN_new()); /* Invalid parameters. */ ExpectIntEQ(BN_set_bit(NULL, 1), 0); ExpectIntEQ(BN_set_bit(&emptyBN, 1), 0); ExpectIntEQ(BN_set_bit(a, -1), 0); ExpectIntEQ(BN_clear_bit(NULL, 1), 0); ExpectIntEQ(BN_clear_bit(&emptyBN, 1), 0); ExpectIntEQ(BN_clear_bit(a, -1), 0); ExpectIntEQ(BN_is_bit_set(NULL, 1), 0); ExpectIntEQ(BN_is_bit_set(&emptyBN, 1), 0); ExpectIntEQ(BN_is_bit_set(a, -1), 0); ExpectIntEQ(BN_is_odd(NULL), 0); ExpectIntEQ(BN_is_odd(&emptyBN), 0); ExpectIntEQ(BN_set_word(a, 0), 1); ExpectIntEQ(BN_is_zero(a), 1); ExpectIntEQ(BN_set_bit(a, 0x45), 1); ExpectIntEQ(BN_is_zero(a), 0); ExpectIntEQ(BN_is_bit_set(a, 0x45), 1); ExpectIntEQ(BN_clear_bit(a, 0x45), 1); ExpectIntEQ(BN_is_bit_set(a, 0x45), 0); ExpectIntEQ(BN_is_zero(a), 1); ExpectIntEQ(BN_set_bit(a, 0), 1); ExpectIntEQ(BN_is_odd(a), 1); ExpectIntEQ(BN_clear_bit(a, 0), 1); ExpectIntEQ(BN_is_odd(a), 0); ExpectIntEQ(BN_set_bit(a, 1), 1); ExpectIntEQ(BN_is_odd(a), 0); ExpectIntEQ(BN_set_bit(a, 129), 1); ExpectIntEQ(BN_get_word(a), WOLFSSL_BN_MAX_VAL); #ifndef NO_WOLFSSL_STUB ExpectIntEQ(BN_mask_bits(a, 1), 0); #endif BN_free(a); #endif return EXPECT_RESULT(); } static int test_wolfSSL_BN_shift(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \ !defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH) BIGNUM* a = NULL; BIGNUM* b = NULL; BIGNUM emptyBN; /* Setup */ XMEMSET(&emptyBN, 0, sizeof(emptyBN)); ExpectNotNull(a = BN_new()); ExpectNotNull(b = BN_new()); /* Invalid parameters. */ ExpectIntEQ(BN_lshift(NULL, NULL, 1), 0); ExpectIntEQ(BN_lshift(&emptyBN, NULL, 1), 0); ExpectIntEQ(BN_lshift(NULL, &emptyBN, 1), 0); ExpectIntEQ(BN_lshift(b, NULL, 1), 0); ExpectIntEQ(BN_lshift(b, &emptyBN, 1), 0); ExpectIntEQ(BN_lshift(NULL, a, 1), 0); ExpectIntEQ(BN_lshift(&emptyBN, a, 1), 0); ExpectIntEQ(BN_lshift(b, a, -1), 0); ExpectIntEQ(BN_rshift(NULL, NULL, 1), 0); ExpectIntEQ(BN_rshift(&emptyBN, NULL, 1), 0); ExpectIntEQ(BN_rshift(NULL, &emptyBN, 1), 0); ExpectIntEQ(BN_rshift(b, NULL, 1), 0); ExpectIntEQ(BN_rshift(b, &emptyBN, 1), 0); ExpectIntEQ(BN_rshift(NULL, a, 1), 0); ExpectIntEQ(BN_rshift(&emptyBN, a, 1), 0); ExpectIntEQ(BN_rshift(b, a, -1), 0); ExpectIntEQ(BN_set_word(a, 1), 1); ExpectIntEQ(BN_lshift(b, a, 1), 1); ExpectIntEQ(BN_is_word(b, 2), 1); ExpectIntEQ(BN_lshift(a, a, 1), 1); ExpectIntEQ(BN_is_word(a, 2), 1); ExpectIntEQ(BN_rshift(b, a, 1), 1); ExpectIntEQ(BN_is_word(b, 1), 1); ExpectIntEQ(BN_rshift(a, a, 1), 1); ExpectIntEQ(BN_is_word(a, 1), 1); BN_free(b); BN_free(a); #endif return EXPECT_RESULT(); } static int test_wolfSSL_BN_math(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \ !defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH) BIGNUM* a = NULL; BIGNUM* b = NULL; BIGNUM* r = NULL; BIGNUM* rem = NULL; BIGNUM emptyBN; BN_ULONG val1; BN_ULONG val2; /* Setup */ XMEMSET(&emptyBN, 0, sizeof(emptyBN)); ExpectNotNull(a = BN_new()); ExpectNotNull(b = BN_new()); ExpectNotNull(r = BN_new()); ExpectNotNull(rem = BN_new()); /* Invalid parameters. */ ExpectIntEQ(BN_add(NULL, NULL, NULL), 0); ExpectIntEQ(BN_add(r, NULL, NULL), 0); ExpectIntEQ(BN_add(NULL, a, NULL), 0); ExpectIntEQ(BN_add(NULL, NULL, b), 0); ExpectIntEQ(BN_add(r, a, NULL), 0); ExpectIntEQ(BN_add(r, NULL, b), 0); ExpectIntEQ(BN_add(NULL, a, b), 0); ExpectIntEQ(BN_add(&emptyBN, &emptyBN, &emptyBN), 0); ExpectIntEQ(BN_add(r, &emptyBN, &emptyBN), 0); ExpectIntEQ(BN_add(&emptyBN, a, &emptyBN), 0); ExpectIntEQ(BN_add(&emptyBN, &emptyBN, b), 0); ExpectIntEQ(BN_add(r, a, &emptyBN), 0); ExpectIntEQ(BN_add(r, &emptyBN, b), 0); ExpectIntEQ(BN_add(&emptyBN, a, b), 0); ExpectIntEQ(BN_sub(NULL, NULL, NULL), 0); ExpectIntEQ(BN_sub(r, NULL, NULL), 0); ExpectIntEQ(BN_sub(NULL, a, NULL), 0); ExpectIntEQ(BN_sub(NULL, NULL, b), 0); ExpectIntEQ(BN_sub(r, a, NULL), 0); ExpectIntEQ(BN_sub(r, NULL, b), 0); ExpectIntEQ(BN_sub(NULL, a, b), 0); ExpectIntEQ(BN_sub(&emptyBN, &emptyBN, &emptyBN), 0); ExpectIntEQ(BN_sub(r, &emptyBN, &emptyBN), 0); ExpectIntEQ(BN_sub(&emptyBN, a, &emptyBN), 0); ExpectIntEQ(BN_sub(&emptyBN, &emptyBN, b), 0); ExpectIntEQ(BN_sub(r, a, &emptyBN), 0); ExpectIntEQ(BN_sub(r, &emptyBN, b), 0); ExpectIntEQ(BN_sub(&emptyBN, a, b), 0); ExpectIntEQ(BN_mul(NULL, NULL, NULL, NULL), 0); ExpectIntEQ(BN_mul(r, NULL, NULL, NULL), 0); ExpectIntEQ(BN_mul(NULL, a, NULL, NULL), 0); ExpectIntEQ(BN_mul(NULL, NULL, b, NULL), 0); ExpectIntEQ(BN_mul(r, a, NULL, NULL), 0); ExpectIntEQ(BN_mul(r, NULL, b, NULL), 0); ExpectIntEQ(BN_mul(NULL, a, b, NULL), 0); ExpectIntEQ(BN_mul(&emptyBN, &emptyBN, &emptyBN, NULL), 0); ExpectIntEQ(BN_mul(r, &emptyBN, &emptyBN, NULL), 0); ExpectIntEQ(BN_mul(&emptyBN, a, &emptyBN, NULL), 0); ExpectIntEQ(BN_mul(&emptyBN, &emptyBN, b, NULL), 0); ExpectIntEQ(BN_mul(r, a, &emptyBN, NULL), 0); ExpectIntEQ(BN_mul(r, &emptyBN, b, NULL), 0); ExpectIntEQ(BN_mul(&emptyBN, a, b, NULL), 0); ExpectIntEQ(BN_div(NULL, NULL, NULL, NULL, NULL), 0); ExpectIntEQ(BN_div(r, NULL, NULL, NULL, NULL), 0); ExpectIntEQ(BN_div(NULL, rem, NULL, NULL, NULL), 0); ExpectIntEQ(BN_div(NULL, NULL, a, NULL, NULL), 0); ExpectIntEQ(BN_div(NULL, NULL, NULL, b, NULL), 0); ExpectIntEQ(BN_div(NULL, rem, a, b, NULL), 0); ExpectIntEQ(BN_div(r, NULL, a, b, NULL), 0); ExpectIntEQ(BN_div(r, rem, NULL, b, NULL), 0); ExpectIntEQ(BN_div(r, rem, a, NULL, NULL), 0); ExpectIntEQ(BN_div(&emptyBN, &emptyBN, &emptyBN, &emptyBN, NULL), 0); ExpectIntEQ(BN_div(r, &emptyBN, &emptyBN, &emptyBN, NULL), 0); ExpectIntEQ(BN_div(&emptyBN, rem, &emptyBN, &emptyBN, NULL), 0); ExpectIntEQ(BN_div(&emptyBN, &emptyBN, a, &emptyBN, NULL), 0); ExpectIntEQ(BN_div(&emptyBN, &emptyBN, &emptyBN, b, NULL), 0); ExpectIntEQ(BN_div(&emptyBN, rem, a, b, NULL), 0); ExpectIntEQ(BN_div(r, &emptyBN, a, b, NULL), 0); ExpectIntEQ(BN_div(r, rem, &emptyBN, b, NULL), 0); ExpectIntEQ(BN_div(r, rem, a, &emptyBN, NULL), 0); ExpectIntEQ(BN_mod(NULL, NULL, NULL, NULL), 0); ExpectIntEQ(BN_mod(r, NULL, NULL, NULL), 0); ExpectIntEQ(BN_mod(NULL, a, NULL, NULL), 0); ExpectIntEQ(BN_mod(NULL, NULL, b, NULL), 0); ExpectIntEQ(BN_mod(r, a, NULL, NULL), 0); ExpectIntEQ(BN_mod(r, NULL, b, NULL), 0); ExpectIntEQ(BN_mod(NULL, a, b, NULL), 0); ExpectIntEQ(BN_mod(&emptyBN, &emptyBN, &emptyBN, NULL), 0); ExpectIntEQ(BN_mod(r, &emptyBN, &emptyBN, NULL), 0); ExpectIntEQ(BN_mod(&emptyBN, a, &emptyBN, NULL), 0); ExpectIntEQ(BN_mod(&emptyBN, &emptyBN, b, NULL), 0); ExpectIntEQ(BN_mod(r, a, &emptyBN, NULL), 0); ExpectIntEQ(BN_mod(r, &emptyBN, b, NULL), 0); ExpectIntEQ(BN_mod(&emptyBN, a, b, NULL), 0); /* END Invalid parameters. */ val1 = 8; val2 = 3; ExpectIntEQ(BN_set_word(a, val1), 1); ExpectIntEQ(BN_set_word(b, val2), 1); ExpectIntEQ(BN_add(r, a, b), 1); ExpectIntEQ(BN_is_word(r, val1 + val2), 1); ExpectIntEQ(BN_sub(r, a, b), 1); ExpectIntEQ(BN_is_word(r, val1 - val2), 1); ExpectIntEQ(BN_mul(r, a, b, NULL), 1); ExpectIntEQ(BN_is_word(r, val1 * val2), 1); ExpectIntEQ(BN_div(r, rem, a, b, NULL), 1); ExpectIntEQ(BN_is_word(r, val1 / val2), 1); ExpectIntEQ(BN_is_word(rem, val1 % val2), 1); ExpectIntEQ(BN_mod(r, a, b, NULL), 1); ExpectIntEQ(BN_is_word(r, val1 % val2), 1); BN_free(rem); BN_free(r); BN_free(b); BN_free(a); #endif return EXPECT_RESULT(); } static int test_wolfSSL_BN_math_mod(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \ !defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH) BIGNUM* a = NULL; BIGNUM* b = NULL; BIGNUM* m = NULL; BIGNUM* r = NULL; BIGNUM* t = NULL; BIGNUM emptyBN; BN_ULONG val1; BN_ULONG val2; BN_ULONG val3; /* Setup */ XMEMSET(&emptyBN, 0, sizeof(emptyBN)); ExpectNotNull(a = BN_new()); ExpectNotNull(b = BN_new()); ExpectNotNull(m = BN_new()); ExpectNotNull(r = BN_new()); /* Invalid parameters. */ ExpectIntEQ(BN_mod_add(NULL, NULL, NULL, NULL, NULL), 0); ExpectIntEQ(BN_mod_add(r, NULL, NULL, NULL, NULL), 0); ExpectIntEQ(BN_mod_add(NULL, a, NULL, NULL, NULL), 0); ExpectIntEQ(BN_mod_add(NULL, NULL, b, NULL, NULL), 0); ExpectIntEQ(BN_mod_add(NULL, NULL, NULL, m, NULL), 0); ExpectIntEQ(BN_mod_add(NULL, a, b, m, NULL), 0); ExpectIntEQ(BN_mod_add(r, NULL, b, m, NULL), 0); ExpectIntEQ(BN_mod_add(r, a, NULL, m, NULL), 0); ExpectIntEQ(BN_mod_add(r, a, m, NULL, NULL), 0); ExpectIntEQ(BN_mod_add(&emptyBN, &emptyBN, &emptyBN, &emptyBN, NULL), 0); ExpectIntEQ(BN_mod_add(r, &emptyBN, &emptyBN, &emptyBN, NULL), 0); ExpectIntEQ(BN_mod_add(&emptyBN, a, &emptyBN, &emptyBN, NULL), 0); ExpectIntEQ(BN_mod_add(&emptyBN, &emptyBN, b, &emptyBN, NULL), 0); ExpectIntEQ(BN_mod_add(&emptyBN, &emptyBN, &emptyBN, m, NULL), 0); ExpectIntEQ(BN_mod_add(&emptyBN, a, b, m, NULL), 0); ExpectIntEQ(BN_mod_add(r, &emptyBN, b, m, NULL), 0); ExpectIntEQ(BN_mod_add(r, a, &emptyBN, m, NULL), 0); ExpectIntEQ(BN_mod_add(r, a, m, &emptyBN, NULL), 0); ExpectIntEQ(BN_mod_mul(NULL, NULL, NULL, NULL, NULL), 0); ExpectIntEQ(BN_mod_mul(r, NULL, NULL, NULL, NULL), 0); ExpectIntEQ(BN_mod_mul(NULL, a, NULL, NULL, NULL), 0); ExpectIntEQ(BN_mod_mul(NULL, NULL, b, NULL, NULL), 0); ExpectIntEQ(BN_mod_mul(NULL, NULL, NULL, m, NULL), 0); ExpectIntEQ(BN_mod_mul(NULL, a, b, m, NULL), 0); ExpectIntEQ(BN_mod_mul(r, NULL, b, m, NULL), 0); ExpectIntEQ(BN_mod_mul(r, a, NULL, m, NULL), 0); ExpectIntEQ(BN_mod_mul(r, a, m, NULL, NULL), 0); ExpectIntEQ(BN_mod_mul(&emptyBN, &emptyBN, &emptyBN, &emptyBN, NULL), 0); ExpectIntEQ(BN_mod_mul(r, &emptyBN, &emptyBN, &emptyBN, NULL), 0); ExpectIntEQ(BN_mod_mul(&emptyBN, a, &emptyBN, &emptyBN, NULL), 0); ExpectIntEQ(BN_mod_mul(&emptyBN, &emptyBN, b, &emptyBN, NULL), 0); ExpectIntEQ(BN_mod_mul(&emptyBN, &emptyBN, &emptyBN, m, NULL), 0); ExpectIntEQ(BN_mod_mul(&emptyBN, a, b, m, NULL), 0); ExpectIntEQ(BN_mod_mul(r, &emptyBN, b, m, NULL), 0); ExpectIntEQ(BN_mod_mul(r, a, &emptyBN, m, NULL), 0); ExpectIntEQ(BN_mod_mul(r, a, m, &emptyBN, NULL), 0); ExpectIntEQ(BN_mod_exp(NULL, NULL, NULL, NULL, NULL), 0); ExpectIntEQ(BN_mod_exp(r, NULL, NULL, NULL, NULL), 0); ExpectIntEQ(BN_mod_exp(NULL, a, NULL, NULL, NULL), 0); ExpectIntEQ(BN_mod_exp(NULL, NULL, b, NULL, NULL), 0); ExpectIntEQ(BN_mod_exp(NULL, NULL, NULL, m, NULL), 0); ExpectIntEQ(BN_mod_exp(NULL, a, b, m, NULL), 0); ExpectIntEQ(BN_mod_exp(r, NULL, b, m, NULL), 0); ExpectIntEQ(BN_mod_exp(r, a, NULL, m, NULL), 0); ExpectIntEQ(BN_mod_exp(r, a, m, NULL, NULL), 0); ExpectIntEQ(BN_mod_exp(&emptyBN, &emptyBN, &emptyBN, &emptyBN, NULL), 0); ExpectIntEQ(BN_mod_exp(r, &emptyBN, &emptyBN, &emptyBN, NULL), 0); ExpectIntEQ(BN_mod_exp(&emptyBN, a, &emptyBN, &emptyBN, NULL), 0); ExpectIntEQ(BN_mod_exp(&emptyBN, &emptyBN, b, &emptyBN, NULL), 0); ExpectIntEQ(BN_mod_exp(&emptyBN, &emptyBN, &emptyBN, m, NULL), 0); ExpectIntEQ(BN_mod_exp(&emptyBN, a, b, m, NULL), 0); ExpectIntEQ(BN_mod_exp(r, &emptyBN, b, m, NULL), 0); ExpectIntEQ(BN_mod_exp(r, a, &emptyBN, m, NULL), 0); ExpectIntEQ(BN_mod_exp(r, a, m, &emptyBN, NULL), 0); ExpectNull(BN_mod_inverse(r, NULL, NULL, NULL)); ExpectNull(BN_mod_inverse(r, a, NULL, NULL)); ExpectNull(BN_mod_inverse(r, NULL, m, NULL)); ExpectNull(BN_mod_inverse(r, NULL, m, NULL)); ExpectNull(BN_mod_inverse(r, a, NULL, NULL)); ExpectNull(BN_mod_inverse(&emptyBN, &emptyBN, &emptyBN, NULL)); ExpectNull(BN_mod_inverse(r, &emptyBN, &emptyBN, NULL)); ExpectNull(BN_mod_inverse(&emptyBN, a, &emptyBN, NULL)); ExpectNull(BN_mod_inverse(&emptyBN, &emptyBN, m, NULL)); ExpectNull(BN_mod_inverse(&emptyBN, a, m, NULL)); ExpectNull(BN_mod_inverse(r, &emptyBN, m, NULL)); ExpectNull(BN_mod_inverse(r, a, &emptyBN, NULL)); /* END Invalid parameters. */ val1 = 9; val2 = 13; val3 = 5; ExpectIntEQ(BN_set_word(a, val1), 1); ExpectIntEQ(BN_set_word(b, val2), 1); ExpectIntEQ(BN_set_word(m, val3), 1); ExpectIntEQ(BN_mod_add(r, a, b, m, NULL), 1); ExpectIntEQ(BN_is_word(r, (val1 + val2) % val3), 1); ExpectIntEQ(BN_mod_mul(r, a, b, m, NULL), 1); ExpectIntEQ(BN_is_word(r, (val1 * val2) % val3), 1); ExpectIntEQ(BN_set_word(a, 2), 1); ExpectIntEQ(BN_set_word(b, 3), 1); ExpectIntEQ(BN_set_word(m, 5), 1); /* (2 ^ 3) % 5 = 8 % 5 = 3 */ ExpectIntEQ(BN_mod_exp(r, a, b, m, NULL), 1); ExpectIntEQ(BN_is_word(r, 3), 1); /* (2 * 3) % 5 = 6 % 5 = 1 => inv = 3 */ ExpectNotNull(BN_mod_inverse(r, a, m, NULL)); ExpectIntEQ(BN_is_word(r, 3), 1); ExpectNotNull(t = BN_mod_inverse(NULL, a, m, NULL)); ExpectIntEQ(BN_is_word(t, 3), 1); BN_free(t); /* No inverse case. No inverse when a divides b. */ ExpectIntEQ(BN_set_word(a, 3), 1); ExpectIntEQ(BN_set_word(m, 9), 1); ExpectNull(BN_mod_inverse(r, a, m, NULL)); BN_free(r); BN_free(m); BN_free(b); BN_free(a); #endif return EXPECT_RESULT(); } static int test_wolfSSL_BN_math_other(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \ !defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH) #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) BIGNUM* a = NULL; BIGNUM* b = NULL; BIGNUM* r = NULL; BIGNUM emptyBN; /* Setup */ XMEMSET(&emptyBN, 0, sizeof(emptyBN)); ExpectNotNull(a = BN_new()); ExpectNotNull(b = BN_new()); ExpectNotNull(r = BN_new()); /* Invalid parameters. */ ExpectIntEQ(BN_gcd(NULL, NULL, NULL, NULL), 0); ExpectIntEQ(BN_gcd(r, NULL, NULL, NULL), 0); ExpectIntEQ(BN_gcd(NULL, a, NULL, NULL), 0); ExpectIntEQ(BN_gcd(NULL, NULL, b, NULL), 0); ExpectIntEQ(BN_gcd(NULL, a, b, NULL), 0); ExpectIntEQ(BN_gcd(r, NULL, b, NULL), 0); ExpectIntEQ(BN_gcd(r, a, NULL, NULL), 0); ExpectIntEQ(BN_gcd(&emptyBN, &emptyBN, &emptyBN, NULL), 0); ExpectIntEQ(BN_gcd(r, &emptyBN, &emptyBN, NULL), 0); ExpectIntEQ(BN_gcd(&emptyBN, a, &emptyBN, NULL), 0); ExpectIntEQ(BN_gcd(&emptyBN, &emptyBN, b, NULL), 0); ExpectIntEQ(BN_gcd(&emptyBN, a, b, NULL), 0); ExpectIntEQ(BN_gcd(r, &emptyBN, b, NULL), 0); ExpectIntEQ(BN_gcd(r, a, &emptyBN, NULL), 0); /* END Invalid parameters. */ /* No common factors between 2 and 3. */ ExpectIntEQ(BN_set_word(a, 2), 1); ExpectIntEQ(BN_set_word(b, 3), 1); ExpectIntEQ(BN_gcd(r, a, b, NULL), 1); ExpectIntEQ(BN_is_word(r, 1), 1); /* 3 is largest value that divides both 6 and 9. */ ExpectIntEQ(BN_set_word(a, 6), 1); ExpectIntEQ(BN_set_word(b, 9), 1); ExpectIntEQ(BN_gcd(r, a, b, NULL), 1); ExpectIntEQ(BN_is_word(r, 3), 1); /* GCD of 0 and 0 is undefined. */ ExpectIntEQ(BN_set_word(a, 0), 1); ExpectIntEQ(BN_set_word(b, 0), 1); ExpectIntEQ(BN_gcd(r, a, b, NULL), 0); /* Teardown */ BN_free(r); BN_free(b); BN_free(a); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_BN_rand(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(OPENSSL_EXTRA_NO_BN) BIGNUM* bn = NULL; BIGNUM* range = NULL; BIGNUM emptyBN; XMEMSET(&emptyBN, 0, sizeof(emptyBN)); ExpectNotNull(bn = BN_new()); ExpectNotNull(range = BN_new()); /* Invalid parameters. */ ExpectIntEQ(BN_rand(NULL, -1, 0, 0), 0); ExpectIntEQ(BN_rand(bn, -1, 0, 0), 0); ExpectIntEQ(BN_rand(NULL, 1, 0, 0), 0); ExpectIntEQ(BN_rand(&emptyBN, -1, 0, 0), 0); ExpectIntEQ(BN_rand(bn, -1, 0, 0), 0); ExpectIntEQ(BN_rand(&emptyBN, 1, 0, 0), 0); ExpectIntEQ(BN_pseudo_rand(NULL, -1, 0, 0), 0); ExpectIntEQ(BN_pseudo_rand(bn, -1, 0, 0), 0); ExpectIntEQ(BN_pseudo_rand(NULL, 1, 0, 0), 0); ExpectIntEQ(BN_pseudo_rand(&emptyBN, -1, 0, 0), 0); ExpectIntEQ(BN_pseudo_rand(bn, -1, 0, 0), 0); ExpectIntEQ(BN_pseudo_rand(&emptyBN, 1, 0, 0), 0); ExpectIntEQ(BN_rand_range(NULL, NULL), 0); ExpectIntEQ(BN_rand_range(bn, NULL), 0); ExpectIntEQ(BN_rand_range(NULL, range), 0); ExpectIntEQ(BN_rand_range(&emptyBN, &emptyBN), 0); ExpectIntEQ(BN_rand_range(bn, &emptyBN), 0); ExpectIntEQ(BN_rand_range(&emptyBN, range), 0); /* 0 bit random value must be 0 and so cannot set bit in any position. */ ExpectIntEQ(BN_rand(bn, 0, WOLFSSL_BN_RAND_TOP_ONE, WOLFSSL_BN_RAND_BOTTOM_ODD), 0); ExpectIntEQ(BN_rand(bn, 0, WOLFSSL_BN_RAND_TOP_TWO, WOLFSSL_BN_RAND_BOTTOM_ODD), 0); ExpectIntEQ(BN_rand(bn, 0, WOLFSSL_BN_RAND_TOP_ANY, WOLFSSL_BN_RAND_BOTTOM_ODD), 0); ExpectIntEQ(BN_rand(bn, 0, WOLFSSL_BN_RAND_TOP_ONE, WOLFSSL_BN_RAND_BOTTOM_ANY), 0); ExpectIntEQ(BN_rand(bn, 0, WOLFSSL_BN_RAND_TOP_TWO, WOLFSSL_BN_RAND_BOTTOM_ANY), 0); ExpectIntEQ(BN_pseudo_rand(bn, 0, WOLFSSL_BN_RAND_TOP_ONE, WOLFSSL_BN_RAND_BOTTOM_ODD), 0); ExpectIntEQ(BN_pseudo_rand(bn, 0, WOLFSSL_BN_RAND_TOP_TWO, WOLFSSL_BN_RAND_BOTTOM_ODD), 0); ExpectIntEQ(BN_pseudo_rand(bn, 0, WOLFSSL_BN_RAND_TOP_ANY, WOLFSSL_BN_RAND_BOTTOM_ODD), 0); ExpectIntEQ(BN_pseudo_rand(bn, 0, WOLFSSL_BN_RAND_TOP_ONE, WOLFSSL_BN_RAND_BOTTOM_ANY), 0); ExpectIntEQ(BN_pseudo_rand(bn, 0, WOLFSSL_BN_RAND_TOP_TWO, WOLFSSL_BN_RAND_BOTTOM_ANY), 0); /* 1 bit random value must have no more than one top bit set. */ ExpectIntEQ(BN_rand(bn, 1, WOLFSSL_BN_RAND_TOP_TWO, WOLFSSL_BN_RAND_BOTTOM_ANY), 0); ExpectIntEQ(BN_rand(bn, 1, WOLFSSL_BN_RAND_TOP_TWO, WOLFSSL_BN_RAND_BOTTOM_ODD), 0); ExpectIntEQ(BN_pseudo_rand(bn, 1, WOLFSSL_BN_RAND_TOP_TWO, WOLFSSL_BN_RAND_BOTTOM_ANY), 0); ExpectIntEQ(BN_pseudo_rand(bn, 1, WOLFSSL_BN_RAND_TOP_TWO, WOLFSSL_BN_RAND_BOTTOM_ODD), 0); /* END Invalid parameters. */ /* 0 bit random: 0. */ ExpectIntEQ(BN_rand(bn, 0, WOLFSSL_BN_RAND_TOP_ANY, WOLFSSL_BN_RAND_BOTTOM_ANY), 1); ExpectIntEQ(BN_is_zero(bn), 1); ExpectIntEQ(BN_set_word(bn, 2), 1); /* Make sure not zero. */ ExpectIntEQ(BN_pseudo_rand(bn, 0, WOLFSSL_BN_RAND_TOP_ANY, WOLFSSL_BN_RAND_BOTTOM_ANY), 1); ExpectIntEQ(BN_is_zero(bn), 1); /* 1 bit random: 0 or 1. */ ExpectIntEQ(BN_rand(bn, 1, WOLFSSL_BN_RAND_TOP_ANY, WOLFSSL_BN_RAND_BOTTOM_ANY), 1); ExpectIntLT(BN_get_word(bn), 2); /* Make sure valid range. */ ExpectIntEQ(BN_rand(bn, 1, WOLFSSL_BN_RAND_TOP_ONE, WOLFSSL_BN_RAND_BOTTOM_ANY), 1); ExpectIntEQ(BN_get_word(bn), 1); ExpectIntEQ(BN_rand(bn, 1, WOLFSSL_BN_RAND_TOP_ONE, WOLFSSL_BN_RAND_BOTTOM_ODD), 1); ExpectIntEQ(BN_get_word(bn), 1); ExpectIntEQ(BN_pseudo_rand(bn, 1, WOLFSSL_BN_RAND_TOP_ANY, WOLFSSL_BN_RAND_BOTTOM_ANY), 1); ExpectIntLT(BN_get_word(bn), 2); /* Make sure valid range. */ ExpectIntEQ(BN_pseudo_rand(bn, 1, WOLFSSL_BN_RAND_TOP_ONE, WOLFSSL_BN_RAND_BOTTOM_ANY), 1); ExpectIntEQ(BN_get_word(bn), 1); ExpectIntEQ(BN_pseudo_rand(bn, 1, WOLFSSL_BN_RAND_TOP_ONE, WOLFSSL_BN_RAND_BOTTOM_ODD), 1); ExpectIntEQ(BN_get_word(bn), 1); ExpectIntEQ(BN_rand(bn, 8, WOLFSSL_BN_RAND_TOP_ONE, WOLFSSL_BN_RAND_BOTTOM_ANY), 1); ExpectIntEQ(BN_num_bits(bn), 8); ExpectIntEQ(BN_is_bit_set(bn, 7), 1); ExpectIntEQ(BN_pseudo_rand(bn, 8, WOLFSSL_BN_RAND_TOP_ONE, WOLFSSL_BN_RAND_BOTTOM_ANY), 1); ExpectIntEQ(BN_num_bits(bn), 8); ExpectIntEQ(BN_is_bit_set(bn, 7), 1); ExpectIntEQ(BN_rand(bn, 8, WOLFSSL_BN_RAND_TOP_TWO, WOLFSSL_BN_RAND_BOTTOM_ANY), 1); ExpectIntEQ(BN_is_bit_set(bn, 7), 1); ExpectIntEQ(BN_is_bit_set(bn, 6), 1); ExpectIntEQ(BN_pseudo_rand(bn, 8, WOLFSSL_BN_RAND_TOP_TWO, WOLFSSL_BN_RAND_BOTTOM_ANY), 1); ExpectIntEQ(BN_is_bit_set(bn, 7), 1); ExpectIntEQ(BN_is_bit_set(bn, 6), 1); ExpectIntEQ(BN_rand(bn, 8, WOLFSSL_BN_RAND_TOP_ONE, WOLFSSL_BN_RAND_BOTTOM_ODD), 1); ExpectIntEQ(BN_is_bit_set(bn, 0), 1); ExpectIntEQ(BN_pseudo_rand(bn, 8, WOLFSSL_BN_RAND_TOP_ONE, WOLFSSL_BN_RAND_BOTTOM_ODD), 1); ExpectIntEQ(BN_is_bit_set(bn, 0), 1); /* Regression test: Older versions of wolfSSL_BN_rand would round the * requested number of bits up to the nearest multiple of 8. E.g. in this * case, requesting a 13-bit random number would actually return a 16-bit * random number. */ ExpectIntEQ(BN_rand(bn, 13, WOLFSSL_BN_RAND_TOP_ONE, WOLFSSL_BN_RAND_BOTTOM_ANY), 1); ExpectIntEQ(BN_num_bits(bn), 13); ExpectIntEQ(BN_rand(range, 64, WOLFSSL_BN_RAND_TOP_ONE, WOLFSSL_BN_RAND_BOTTOM_ANY), 1); ExpectIntEQ(BN_rand_range(bn, range), 1); ExpectIntEQ(BN_set_word(range, 0), 1); ExpectIntEQ(BN_rand_range(bn, range), 1); ExpectIntEQ(BN_set_word(range, 1), 1); ExpectIntEQ(BN_rand_range(bn, range), 1); BN_free(bn); BN_free(range); #endif return EXPECT_RESULT(); } static int test_wolfSSL_BN_prime(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \ !defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH) #if defined(WOLFSSL_KEY_GEN) && (!defined(NO_RSA) || !defined(NO_DH) || !defined(NO_DSA)) BIGNUM* a = NULL; BIGNUM* add = NULL; BIGNUM* rem = NULL; BIGNUM emptyBN; XMEMSET(&emptyBN, 0, sizeof(emptyBN)); ExpectNotNull(a = BN_new()); ExpectNotNull(add = BN_new()); ExpectNotNull(rem = BN_new()); /* Invalid parameters. */ /* BN_generate_prime_ex() * prime - must have valid BIGNUM * bits - Greater then 0 * safe - not supported, must be 0 * add - not supported, must be NULL * rem - not supported, must be NULL * cb - anything */ ExpectIntEQ(BN_generate_prime_ex(NULL, -1, 1, add, rem, NULL), 0); ExpectIntEQ(BN_generate_prime_ex(&emptyBN, -1, 1, add, rem, NULL), 0); ExpectIntEQ(BN_generate_prime_ex(a, -1, 1, add, rem, NULL), 0); ExpectIntEQ(BN_generate_prime_ex(NULL, 2, 1, add, rem, NULL), 0); ExpectIntEQ(BN_generate_prime_ex(&emptyBN, 2, 1, add, rem, NULL), 0); ExpectIntEQ(BN_generate_prime_ex(NULL, -1, 0, add, rem, NULL), 0); ExpectIntEQ(BN_generate_prime_ex(&emptyBN, -1, 0, add, rem, NULL), 0); ExpectIntEQ(BN_generate_prime_ex(NULL, -1, 1, NULL, rem, NULL), 0); ExpectIntEQ(BN_generate_prime_ex(&emptyBN, -1, 1, NULL, rem, NULL), 0); ExpectIntEQ(BN_generate_prime_ex(NULL, -1, 1, add, NULL, NULL), 0); ExpectIntEQ(BN_generate_prime_ex(&emptyBN, -1, 1, add, NULL, NULL), 0); ExpectIntEQ(BN_generate_prime_ex(NULL, 2, 0, NULL, NULL, NULL), 0); ExpectIntEQ(BN_generate_prime_ex(&emptyBN, 2, 0, NULL, NULL, NULL), 0); ExpectIntEQ(BN_generate_prime_ex(a, -1, 0, NULL, NULL, NULL), 0); ExpectIntEQ(BN_generate_prime_ex(a, 0, 0, NULL, NULL, NULL), 0); ExpectIntEQ(BN_generate_prime_ex(a, 2, 1, NULL, NULL, NULL), 0); ExpectIntEQ(BN_generate_prime_ex(a, 2, 0, add, NULL, NULL), 0); ExpectIntEQ(BN_generate_prime_ex(a, 2, 0, NULL, rem, NULL), 0); ExpectIntEQ(BN_is_prime_ex(NULL, -1, NULL, NULL), -1); ExpectIntEQ(BN_is_prime_ex(&emptyBN, -1, NULL, NULL), -1); ExpectIntEQ(BN_is_prime_ex(a, -1, NULL, NULL), -1); ExpectIntEQ(BN_is_prime_ex(a, 2048, NULL, NULL), -1); ExpectIntEQ(BN_is_prime_ex(NULL, 1, NULL, NULL), -1); ExpectIntEQ(BN_is_prime_ex(&emptyBN, 1, NULL, NULL), -1); /* END Invalid parameters. */ ExpectIntEQ(BN_generate_prime_ex(a, 512, 0, NULL, NULL, NULL), 1); ExpectIntEQ(BN_is_prime_ex(a, 8, NULL, NULL), 1); ExpectIntEQ(BN_clear_bit(a, 0), 1); ExpectIntEQ(BN_is_prime_ex(a, 8, NULL, NULL), 0); BN_free(rem); BN_free(add); BN_free(a); #endif #endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */ return EXPECT_RESULT(); } #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) #define TEST_ARG 0x1234 static void msg_cb(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg) { (void)write_p; (void)version; (void)content_type; (void)buf; (void)len; (void)ssl; AssertTrue(arg == (void*)TEST_ARG); } #endif #if defined(OPENSSL_EXTRA) && defined(DEBUG_WOLFSSL) && \ defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) #if defined(SESSION_CERTS) #include "wolfssl/internal.h" #endif static int msgCb(SSL_CTX *ctx, SSL *ssl) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && defined(SESSION_CERTS) && !defined(NO_BIO) STACK_OF(X509)* sk = NULL; X509* x509 = NULL; int i, num; BIO* bio = NULL; #endif ExpectNotNull(ctx); ExpectNotNull(ssl); fprintf(stderr, "\n===== msgcb called ====\n"); #if defined(SESSION_CERTS) && defined(TEST_PEER_CERT_CHAIN) ExpectTrue(SSL_get_peer_cert_chain(ssl) != NULL); ExpectIntEQ(((WOLFSSL_X509_CHAIN *)SSL_get_peer_cert_chain(ssl))->count, 2); ExpectNotNull(SSL_get0_verified_chain(ssl)); #endif #if defined(OPENSSL_ALL) && defined(SESSION_CERTS) && !defined(NO_BIO) ExpectNotNull(bio = BIO_new_fp(stderr, BIO_NOCLOSE)); ExpectNotNull(sk = SSL_get_peer_cert_chain(ssl)); if (sk == NULL) { BIO_free(bio); return TEST_FAIL; } num = sk_X509_num(sk); ExpectTrue(num > 0); for (i = 0; i < num; i++) { ExpectNotNull(x509 = sk_X509_value(sk,i)); if (x509 == NULL) break; fprintf(stderr, "Certificate at index [%d] = :\n",i); X509_print(bio,x509); fprintf(stderr, "\n\n"); } BIO_free(bio); #endif return EXPECT_RESULT(); } #endif static int test_wolfSSL_msgCb(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(DEBUG_WOLFSSL) && \ defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) test_ssl_cbf client_cb; test_ssl_cbf server_cb; XMEMSET(&client_cb, 0, sizeof(client_cb)); XMEMSET(&server_cb, 0, sizeof(server_cb)); #ifndef WOLFSSL_NO_TLS12 client_cb.method = wolfTLSv1_2_client_method; server_cb.method = wolfTLSv1_2_server_method; #else client_cb.method = wolfTLSv1_3_client_method; server_cb.method = wolfTLSv1_3_server_method; #endif ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cb, &server_cb, msgCb), TEST_SUCCESS); #endif return EXPECT_RESULT(); } static int test_wolfSSL_either_side(void) { EXPECT_DECLS; #if (defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)) && \ defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) test_ssl_cbf client_cb; test_ssl_cbf server_cb; XMEMSET(&client_cb, 0, sizeof(client_cb)); XMEMSET(&server_cb, 0, sizeof(server_cb)); /* Use different CTX for client and server */ client_cb.ctx = wolfSSL_CTX_new(wolfSSLv23_method()); ExpectNotNull(client_cb.ctx); server_cb.ctx = wolfSSL_CTX_new(wolfSSLv23_method()); ExpectNotNull(server_cb.ctx); /* we are responsible for free'ing WOLFSSL_CTX */ server_cb.isSharedCtx = client_cb.isSharedCtx = 1; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cb, &server_cb, NULL), TEST_SUCCESS); wolfSSL_CTX_free(client_cb.ctx); wolfSSL_CTX_free(server_cb.ctx); #endif return EXPECT_RESULT(); } static int test_wolfSSL_DTLS_either_side(void) { EXPECT_DECLS; #if (defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)) && \ defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS) test_ssl_cbf client_cb; test_ssl_cbf server_cb; XMEMSET(&client_cb, 0, sizeof(client_cb)); XMEMSET(&server_cb, 0, sizeof(server_cb)); /* Use different CTX for client and server */ client_cb.ctx = wolfSSL_CTX_new(wolfDTLS_method()); ExpectNotNull(client_cb.ctx); server_cb.ctx = wolfSSL_CTX_new(wolfDTLS_method()); ExpectNotNull(server_cb.ctx); /* we are responsible for free'ing WOLFSSL_CTX */ server_cb.isSharedCtx = client_cb.isSharedCtx = 1; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cb, &server_cb, NULL), TEST_SUCCESS); wolfSSL_CTX_free(client_cb.ctx); wolfSSL_CTX_free(server_cb.ctx); #endif return EXPECT_RESULT(); } static int test_generate_cookie(void) { EXPECT_DECLS; #if defined(WOLFSSL_DTLS) && defined(OPENSSL_EXTRA) && defined(USE_WOLFSSL_IO) SSL_CTX* ctx = NULL; SSL* ssl = NULL; byte buf[FOURK_BUF] = {0}; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfDTLS_method())); ExpectNotNull(ssl = SSL_new(ctx)); /* Test unconnected */ ExpectIntEQ(EmbedGenerateCookie(ssl, buf, FOURK_BUF, NULL), GEN_COOKIE_E); wolfSSL_CTX_SetGenCookie(ctx, EmbedGenerateCookie); wolfSSL_SetCookieCtx(ssl, ctx); ExpectNotNull(wolfSSL_GetCookieCtx(ssl)); ExpectNull(wolfSSL_GetCookieCtx(NULL)); SSL_free(ssl); SSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfSSL_set_options(void) { EXPECT_DECLS; #if !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) WOLFSSL* ssl = NULL; WOLFSSL_CTX* ctx = NULL; #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) char appData[] = "extra msg"; #endif #ifdef OPENSSL_EXTRA unsigned char protos[] = { 7, 't', 'l', 's', '/', '1', '.', '2', 8, 'h', 't', 't', 'p', '/', '1', '.', '1' }; unsigned int len = sizeof(protos); void *arg = (void *)TEST_ARG; #endif #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); #endif ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(wolfSSL_CTX_set_options(ctx, WOLFSSL_OP_NO_TLSv1) == WOLFSSL_OP_NO_TLSv1); ExpectTrue(wolfSSL_CTX_get_options(ctx) == WOLFSSL_OP_NO_TLSv1); ExpectIntGT((int)wolfSSL_CTX_set_options(ctx, (WOLFSSL_OP_COOKIE_EXCHANGE | WOLFSSL_OP_NO_SSLv2)), 0); ExpectTrue((wolfSSL_CTX_set_options(ctx, WOLFSSL_OP_COOKIE_EXCHANGE) & WOLFSSL_OP_COOKIE_EXCHANGE) == WOLFSSL_OP_COOKIE_EXCHANGE); ExpectTrue((wolfSSL_CTX_set_options(ctx, WOLFSSL_OP_NO_TLSv1_2) & WOLFSSL_OP_NO_TLSv1_2) == WOLFSSL_OP_NO_TLSv1_2); ExpectTrue((wolfSSL_CTX_set_options(ctx, WOLFSSL_OP_NO_COMPRESSION) & WOLFSSL_OP_NO_COMPRESSION) == WOLFSSL_OP_NO_COMPRESSION); ExpectFalse((wolfSSL_CTX_clear_options(ctx, WOLFSSL_OP_NO_COMPRESSION) & WOLFSSL_OP_NO_COMPRESSION)); wolfSSL_CTX_free(ctx); ctx = NULL; #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); #endif ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM)); #ifdef OPENSSL_EXTRA ExpectTrue(wolfSSL_CTX_set_msg_callback(ctx, msg_cb) == WOLFSSL_SUCCESS); #endif ExpectNotNull(ssl = wolfSSL_new(ctx)); #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) #ifdef HAVE_EX_DATA ExpectIntEQ(wolfSSL_set_app_data(ssl, (void*)appData), WOLFSSL_SUCCESS); ExpectNotNull(wolfSSL_get_app_data((const WOLFSSL*)ssl)); if (ssl != NULL) { ExpectIntEQ(XMEMCMP(wolfSSL_get_app_data((const WOLFSSL*)ssl), appData, sizeof(appData)), 0); } #else ExpectIntEQ(wolfSSL_set_app_data(ssl, (void*)appData), WOLFSSL_FAILURE); ExpectNull(wolfSSL_get_app_data((const WOLFSSL*)ssl)); #endif #endif ExpectTrue(wolfSSL_set_options(ssl, WOLFSSL_OP_NO_TLSv1) == WOLFSSL_OP_NO_TLSv1); ExpectTrue(wolfSSL_get_options(ssl) == WOLFSSL_OP_NO_TLSv1); ExpectIntGT((int)wolfSSL_set_options(ssl, (WOLFSSL_OP_COOKIE_EXCHANGE | WOLFSSL_OP_NO_SSLv2)), 0); ExpectTrue((wolfSSL_set_options(ssl, WOLFSSL_OP_COOKIE_EXCHANGE) & WOLFSSL_OP_COOKIE_EXCHANGE) == WOLFSSL_OP_COOKIE_EXCHANGE); ExpectTrue((wolfSSL_set_options(ssl, WOLFSSL_OP_NO_TLSv1_2) & WOLFSSL_OP_NO_TLSv1_2) == WOLFSSL_OP_NO_TLSv1_2); ExpectTrue((wolfSSL_set_options(ssl, WOLFSSL_OP_NO_COMPRESSION) & WOLFSSL_OP_NO_COMPRESSION) == WOLFSSL_OP_NO_COMPRESSION); #ifdef OPENSSL_EXTRA ExpectFalse((wolfSSL_clear_options(ssl, WOLFSSL_OP_NO_COMPRESSION) & WOLFSSL_OP_NO_COMPRESSION)); #endif #ifdef OPENSSL_EXTRA ExpectTrue(wolfSSL_set_msg_callback(ssl, msg_cb) == WOLFSSL_SUCCESS); wolfSSL_set_msg_callback_arg(ssl, arg); #ifdef WOLFSSL_ERROR_CODE_OPENSSL ExpectTrue(wolfSSL_CTX_set_alpn_protos(ctx, protos, len) == 0); #else ExpectTrue(wolfSSL_CTX_set_alpn_protos(ctx, protos, len) == WOLFSSL_SUCCESS); #endif #endif #if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_ALL) || \ defined(HAVE_LIGHTY) || defined(HAVE_STUNNEL) #if defined(HAVE_ALPN) && !defined(NO_BIO) #ifdef WOLFSSL_ERROR_CODE_OPENSSL ExpectTrue(wolfSSL_set_alpn_protos(ssl, protos, len) == 0); #else ExpectTrue(wolfSSL_set_alpn_protos(ssl, protos, len) == WOLFSSL_SUCCESS); #endif #endif /* HAVE_ALPN && !NO_BIO */ #endif wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ #endif /* !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) */ return EXPECT_RESULT(); } static int test_wolfSSL_sk_SSL_CIPHER(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) SSL* ssl = NULL; SSL_CTX* ctx = NULL; STACK_OF(SSL_CIPHER) *sk = NULL; STACK_OF(SSL_CIPHER) *dupSk = NULL; #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method())); #else ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method())); #endif ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile, SSL_FILETYPE_PEM)); ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM)); ExpectNotNull(ssl = SSL_new(ctx)); ExpectNotNull(sk = SSL_get_ciphers(ssl)); ExpectNotNull(dupSk = sk_SSL_CIPHER_dup(sk)); ExpectIntGT(sk_SSL_CIPHER_num(sk), 0); ExpectIntEQ(sk_SSL_CIPHER_num(sk), sk_SSL_CIPHER_num(dupSk)); /* error case because connection has not been established yet */ ExpectIntEQ(sk_SSL_CIPHER_find(sk, SSL_get_current_cipher(ssl)), -1); sk_SSL_CIPHER_free(dupSk); /* sk is pointer to internal struct that should be free'd in SSL_free */ SSL_free(ssl); SSL_CTX_free(ctx); #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) */ return EXPECT_RESULT(); } static int test_wolfSSL_set1_curves_list(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) SSL* ssl = NULL; SSL_CTX* ctx = NULL; #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method())); #else ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method())); #endif ExpectTrue(SSL_CTX_use_certificate_file(ctx, eccCertFile, SSL_FILETYPE_PEM)); ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, eccKeyFile, SSL_FILETYPE_PEM)); ExpectNotNull(ssl = SSL_new(ctx)); ExpectIntEQ(SSL_CTX_set1_curves_list(ctx, NULL), WOLFSSL_FAILURE); #ifdef HAVE_ECC ExpectIntEQ(SSL_CTX_set1_curves_list(ctx, "P-25X"), WOLFSSL_FAILURE); ExpectIntEQ(SSL_CTX_set1_curves_list(ctx, "P-256"), WOLFSSL_SUCCESS); #endif #ifdef HAVE_CURVE25519 ExpectIntEQ(SSL_CTX_set1_curves_list(ctx, "X25519"), WOLFSSL_SUCCESS); #else ExpectIntEQ(SSL_CTX_set1_curves_list(ctx, "X25519"), WOLFSSL_FAILURE); #endif #ifdef HAVE_CURVE448 ExpectIntEQ(SSL_CTX_set1_curves_list(ctx, "X448"), WOLFSSL_SUCCESS); #else ExpectIntEQ(SSL_CTX_set1_curves_list(ctx, "X448"), WOLFSSL_FAILURE); #endif ExpectIntEQ(SSL_set1_curves_list(ssl, NULL), WOLFSSL_FAILURE); #ifdef HAVE_ECC ExpectIntEQ(SSL_set1_curves_list(ssl, "P-25X"), WOLFSSL_FAILURE); ExpectIntEQ(SSL_set1_curves_list(ssl, "P-256"), WOLFSSL_SUCCESS); #endif #ifdef HAVE_CURVE25519 ExpectIntEQ(SSL_set1_curves_list(ssl, "X25519"), WOLFSSL_SUCCESS); #else ExpectIntEQ(SSL_set1_curves_list(ssl, "X25519"), WOLFSSL_FAILURE); #endif #ifdef HAVE_CURVE448 ExpectIntEQ(SSL_set1_curves_list(ssl, "X448"), WOLFSSL_SUCCESS); #else ExpectIntEQ(SSL_set1_curves_list(ssl, "X448"), WOLFSSL_FAILURE); #endif SSL_free(ssl); SSL_CTX_free(ctx); #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ #endif return EXPECT_RESULT(); } static int test_wolfSSL_set1_sigalgs_list(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA) #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) SSL* ssl = NULL; SSL_CTX* ctx = NULL; #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method())); #else ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method())); #endif ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile, SSL_FILETYPE_PEM)); ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM)); ExpectNotNull(ssl = SSL_new(ctx)); ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(NULL, NULL), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, NULL), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_set1_sigalgs_list(NULL, NULL), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, NULL), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, ""), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, ""), WOLFSSL_FAILURE); #ifndef NO_RSA #ifndef NO_SHA256 ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(NULL, "RSA+SHA256"), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_set1_sigalgs_list(NULL, "RSA+SHA256"), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "RSA+SHA256"), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "RSA+SHA256"), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "RSA-SHA256"), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "RSA-SHA256"), WOLFSSL_FAILURE); #ifdef WC_RSA_PSS ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "RSA-PSS+SHA256"), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "RSA-PSS+SHA256"), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "PSS+SHA256"), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "PSS+SHA256"), WOLFSSL_SUCCESS); #endif #ifdef WOLFSSL_SHA512 ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "RSA+SHA256:RSA+SHA512"), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "RSA+SHA256:RSA+SHA512"), WOLFSSL_SUCCESS); #elif defined(WOLFSSL_SHA384) ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "RSA+SHA256:RSA+SHA384"), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "RSA+SHA256:RSA+SHA384"), WOLFSSL_SUCCESS); #endif ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "RSA"), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "RSA"), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "RSA:RSA+SHA256"), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "RSA:RSA+SHA256"), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "RSA+SHA256+SHA256"), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "RSA+SHA256+RSA"), WOLFSSL_FAILURE); #endif #endif #ifdef HAVE_ECC #ifndef NO_SHA256 ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "ECDSA+SHA256"), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "ECDSA+SHA256"), WOLFSSL_SUCCESS); #ifdef WOLFSSL_SHA512 ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "ECDSA+SHA256:ECDSA+SHA512"), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "ECDSA+SHA256:ECDSA+SHA512"), WOLFSSL_SUCCESS); #elif defined(WOLFSSL_SHA384) ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "ECDSA+SHA256:ECDSA+SHA384"), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "ECDSA+SHA256:ECDSA+SHA384"), WOLFSSL_SUCCESS); #endif #endif #endif #ifdef HAVE_ED25519 ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "ED25519"), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "ED25519"), WOLFSSL_SUCCESS); #endif #ifdef HAVE_ED448 ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "ED448"), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "ED448"), WOLFSSL_SUCCESS); #endif #ifndef NO_DSA #ifndef NO_SHA256 ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "DSA+SHA256"), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "DSA+SHA256"), WOLFSSL_SUCCESS); #endif #if !defined(NO_SHA) && (!defined(NO_OLD_TLS) || \ defined(WOLFSSL_ALLOW_TLS_SHA1)) ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "DSA+SHA1"), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "DSA+SHA1"), WOLFSSL_SUCCESS); #endif #endif SSL_free(ssl); SSL_CTX_free(ctx); #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ #endif return EXPECT_RESULT(); } /* Testing wolfSSL_set_tlsext_status_type function. * PRE: OPENSSL and HAVE_CERTIFICATE_STATUS_REQUEST defined. */ static int test_wolfSSL_set_tlsext_status_type(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_CERTIFICATE_STATUS_REQUEST) && \ !defined(NO_RSA) && !defined(NO_WOLFSSL_SERVER) SSL* ssl = NULL; SSL_CTX* ctx = NULL; ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method())); ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile, SSL_FILETYPE_PEM)); ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM)); ExpectNotNull(ssl = SSL_new(ctx)); ExpectIntEQ(SSL_set_tlsext_status_type(ssl,TLSEXT_STATUSTYPE_ocsp), SSL_SUCCESS); ExpectIntEQ(SSL_get_tlsext_status_type(ssl), TLSEXT_STATUSTYPE_ocsp); SSL_free(ssl); SSL_CTX_free(ctx); #endif /* OPENSSL_EXTRA && HAVE_CERTIFICATE_STATUS_REQUEST && !NO_RSA */ return EXPECT_RESULT(); } #ifndef NO_BIO static int test_wolfSSL_PEM_read_bio(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) byte buff[6000]; XFILE f = XBADFILE; int bytes; X509* x509 = NULL; BIO* bio = NULL; BUF_MEM* buf = NULL; ExpectTrue((f = XFOPEN(cliCertFile, "rb")) != XBADFILE); ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0); if (f != XBADFILE) XFCLOSE(f); ExpectNull(x509 = PEM_read_bio_X509_AUX(bio, NULL, NULL, NULL)); ExpectNotNull(bio = BIO_new_mem_buf((void*)buff, bytes)); ExpectIntEQ(BIO_set_mem_eof_return(bio, -0xDEAD), 1); ExpectNotNull(x509 = PEM_read_bio_X509_AUX(bio, NULL, NULL, NULL)); ExpectIntEQ((int)BIO_set_fd(bio, 0, BIO_CLOSE), 1); /* BIO should return the set EOF value */ ExpectIntEQ(BIO_read(bio, buff, sizeof(buff)), -0xDEAD); ExpectIntEQ(BIO_set_close(bio, BIO_NOCLOSE), 1); ExpectIntEQ(BIO_set_close(NULL, BIO_NOCLOSE), 1); ExpectIntEQ(SSL_SUCCESS, BIO_get_mem_ptr(bio, &buf)); BIO_free(bio); BUF_MEM_free(buf); X509_free(x509); #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && * !defined(NO_FILESYSTEM) && !defined(NO_RSA) */ return EXPECT_RESULT(); } #if defined(OPENSSL_EXTRA) static long bioCallback(BIO *bio, int cmd, const char* argp, int argi, long argl, long ret) { (void)bio; (void)cmd; (void)argp; (void)argi; (void)argl; return ret; } #endif static int test_wolfSSL_BIO(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) const unsigned char* p = NULL; byte buff[20]; BIO* bio1 = NULL; BIO* bio2 = NULL; BIO* bio3 = NULL; char* bufPt = NULL; int i; for (i = 0; i < 20; i++) { buff[i] = i; } /* test BIO_free with NULL */ ExpectIntEQ(BIO_free(NULL), WOLFSSL_FAILURE); /* Creating and testing type BIO_s_bio */ ExpectNotNull(bio1 = BIO_new(BIO_s_bio())); ExpectNotNull(bio2 = BIO_new(BIO_s_bio())); ExpectNotNull(bio3 = BIO_new(BIO_s_bio())); /* read/write before set up */ ExpectIntEQ(BIO_read(bio1, buff, 2), WOLFSSL_BIO_UNSET); ExpectIntEQ(BIO_write(bio1, buff, 2), WOLFSSL_BIO_UNSET); ExpectIntEQ(BIO_set_nbio(bio1, 1), 1); ExpectIntEQ(BIO_set_write_buf_size(bio1, 20), WOLFSSL_SUCCESS); ExpectIntEQ(BIO_set_write_buf_size(bio2, 8), WOLFSSL_SUCCESS); ExpectIntEQ(BIO_make_bio_pair(bio1, bio2), WOLFSSL_SUCCESS); ExpectIntEQ(BIO_nwrite(bio1, &bufPt, 10), 10); ExpectNotNull(XMEMCPY(bufPt, buff, 10)); ExpectIntEQ(BIO_write(bio1, buff + 10, 10), 10); /* write buffer full */ ExpectIntEQ(BIO_write(bio1, buff, 10), WOLFSSL_BIO_ERROR); ExpectIntEQ(BIO_flush(bio1), WOLFSSL_SUCCESS); ExpectIntEQ((int)BIO_ctrl_pending(bio1), 0); /* write the other direction with pair */ ExpectIntEQ((int)BIO_nwrite(bio2, &bufPt, 10), 8); ExpectNotNull(XMEMCPY(bufPt, buff, 8)); ExpectIntEQ(BIO_write(bio2, buff, 10), WOLFSSL_BIO_ERROR); /* try read */ ExpectIntEQ((int)BIO_ctrl_pending(bio1), 8); ExpectIntEQ((int)BIO_ctrl_pending(bio2), 20); /* try read using ctrl function */ ExpectIntEQ((int)BIO_ctrl(bio1, BIO_CTRL_WPENDING, 0, NULL), 8); ExpectIntEQ((int)BIO_ctrl(bio1, BIO_CTRL_PENDING, 0, NULL), 8); ExpectIntEQ((int)BIO_ctrl(bio2, BIO_CTRL_WPENDING, 0, NULL), 20); ExpectIntEQ((int)BIO_ctrl(bio2, BIO_CTRL_PENDING, 0, NULL), 20); ExpectIntEQ(BIO_nread(bio2, &bufPt, (int)BIO_ctrl_pending(bio2)), 20); for (i = 0; i < 20; i++) { ExpectIntEQ((int)bufPt[i], i); } ExpectIntEQ(BIO_nread(bio2, &bufPt, 1), 0); ExpectIntEQ(BIO_nread(bio1, &bufPt, (int)BIO_ctrl_pending(bio1)), 8); for (i = 0; i < 8; i++) { ExpectIntEQ((int)bufPt[i], i); } ExpectIntEQ(BIO_nread(bio1, &bufPt, 1), 0); ExpectIntEQ(BIO_ctrl_reset_read_request(bio1), 1); /* new pair */ ExpectIntEQ(BIO_make_bio_pair(bio1, bio3), WOLFSSL_FAILURE); BIO_free(bio2); /* free bio2 and automatically remove from pair */ bio2 = NULL; ExpectIntEQ(BIO_make_bio_pair(bio1, bio3), WOLFSSL_SUCCESS); ExpectIntEQ((int)BIO_ctrl_pending(bio3), 0); ExpectIntEQ(BIO_nread(bio3, &bufPt, 10), 0); /* test wrap around... */ ExpectIntEQ(BIO_reset(bio1), 0); ExpectIntEQ(BIO_reset(bio3), 0); /* fill write buffer, read only small amount then write again */ ExpectIntEQ(BIO_nwrite(bio1, &bufPt, 20), 20); ExpectNotNull(XMEMCPY(bufPt, buff, 20)); ExpectIntEQ(BIO_nread(bio3, &bufPt, 4), 4); for (i = 0; i < 4; i++) { ExpectIntEQ(bufPt[i], i); } /* try writing over read index */ ExpectIntEQ(BIO_nwrite(bio1, &bufPt, 5), 4); ExpectNotNull(XMEMSET(bufPt, 0, 4)); ExpectIntEQ((int)BIO_ctrl_pending(bio3), 20); /* read and write 0 bytes */ ExpectIntEQ(BIO_nread(bio3, &bufPt, 0), 0); ExpectIntEQ(BIO_nwrite(bio1, &bufPt, 0), 0); /* should read only to end of write buffer then need to read again */ ExpectIntEQ(BIO_nread(bio3, &bufPt, 20), 16); for (i = 0; i < 16; i++) { ExpectIntEQ(bufPt[i], buff[4 + i]); } ExpectIntEQ(BIO_nread(bio3, NULL, 0), WOLFSSL_FAILURE); ExpectIntEQ(BIO_nread0(bio3, &bufPt), 4); for (i = 0; i < 4; i++) { ExpectIntEQ(bufPt[i], 0); } /* read index should not have advanced with nread0 */ ExpectIntEQ(BIO_nread(bio3, &bufPt, 5), 4); for (i = 0; i < 4; i++) { ExpectIntEQ(bufPt[i], 0); } /* write and fill up buffer checking reset of index state */ ExpectIntEQ(BIO_nwrite(bio1, &bufPt, 20), 20); ExpectNotNull(XMEMCPY(bufPt, buff, 20)); /* test reset on data in bio1 write buffer */ ExpectIntEQ(BIO_reset(bio1), 0); ExpectIntEQ((int)BIO_ctrl_pending(bio3), 0); ExpectIntEQ(BIO_nread(bio3, &bufPt, 3), 0); ExpectIntEQ(BIO_nwrite(bio1, &bufPt, 20), 20); ExpectIntEQ((int)BIO_ctrl(bio1, BIO_CTRL_INFO, 0, &p), 20); ExpectNotNull(p); ExpectNotNull(XMEMCPY(bufPt, buff, 20)); ExpectIntEQ(BIO_nread(bio3, &bufPt, 6), 6); for (i = 0; i < 6; i++) { ExpectIntEQ(bufPt[i], i); } /* test case of writing twice with offset read index */ ExpectIntEQ(BIO_nwrite(bio1, &bufPt, 3), 3); ExpectIntEQ(BIO_nwrite(bio1, &bufPt, 4), 3); /* try overwriting */ ExpectIntEQ(BIO_nwrite(bio1, &bufPt, 4), WOLFSSL_BIO_ERROR); ExpectIntEQ(BIO_nread(bio3, &bufPt, 0), 0); ExpectIntEQ(BIO_nwrite(bio1, &bufPt, 4), WOLFSSL_BIO_ERROR); ExpectIntEQ(BIO_nread(bio3, &bufPt, 1), 1); ExpectIntEQ(BIO_nwrite(bio1, &bufPt, 4), 1); ExpectIntEQ(BIO_nwrite(bio1, &bufPt, 4), WOLFSSL_BIO_ERROR); BIO_free(bio1); bio1 = NULL; BIO_free(bio3); bio3 = NULL; #if defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO) { BIO* bioA = NULL; BIO* bioB = NULL; ExpectIntEQ(BIO_new_bio_pair(NULL, 256, NULL, 256), BAD_FUNC_ARG); ExpectIntEQ(BIO_new_bio_pair(&bioA, 256, &bioB, 256), WOLFSSL_SUCCESS); BIO_free(bioA); bioA = NULL; BIO_free(bioB); bioB = NULL; } #endif /* OPENSSL_ALL || WOLFSSL_ASIO */ /* BIOs with file pointers */ #if !defined(NO_FILESYSTEM) { XFILE f1 = XBADFILE; XFILE f2 = XBADFILE; BIO* f_bio1 = NULL; BIO* f_bio2 = NULL; unsigned char cert[300]; char testFile[] = "tests/bio_write_test.txt"; char msg[] = "bio_write_test.txt contains the first 300 bytes of certs/server-cert.pem\ncreated by tests/unit.test\n\n"; ExpectNotNull(f_bio1 = BIO_new(BIO_s_file())); ExpectNotNull(f_bio2 = BIO_new(BIO_s_file())); /* Failure due to wrong BIO type */ ExpectIntEQ((int)BIO_set_mem_eof_return(f_bio1, -1), 0); ExpectIntEQ((int)BIO_set_mem_eof_return(NULL, -1), 0); ExpectTrue((f1 = XFOPEN(svrCertFile, "rwb")) != XBADFILE); ExpectIntEQ((int)BIO_set_fp(f_bio1, f1, BIO_CLOSE), WOLFSSL_SUCCESS); ExpectIntEQ(BIO_write_filename(f_bio2, testFile), WOLFSSL_SUCCESS); ExpectIntEQ(BIO_read(f_bio1, cert, sizeof(cert)), sizeof(cert)); ExpectIntEQ(BIO_tell(f_bio1),sizeof(cert)); ExpectIntEQ(BIO_write(f_bio2, msg, sizeof(msg)), sizeof(msg)); ExpectIntEQ(BIO_tell(f_bio2),sizeof(msg)); ExpectIntEQ(BIO_write(f_bio2, cert, sizeof(cert)), sizeof(cert)); ExpectIntEQ(BIO_tell(f_bio2),sizeof(cert) + sizeof(msg)); ExpectIntEQ((int)BIO_get_fp(f_bio2, &f2), WOLFSSL_SUCCESS); ExpectIntEQ(BIO_reset(f_bio2), 0); ExpectIntEQ(BIO_tell(NULL),-1); ExpectIntEQ(BIO_tell(f_bio2),0); ExpectIntEQ(BIO_seek(f_bio2, 4), 0); ExpectIntEQ(BIO_tell(f_bio2),4); BIO_free(f_bio1); f_bio1 = NULL; BIO_free(f_bio2); f_bio2 = NULL; ExpectNotNull(f_bio1 = BIO_new_file(svrCertFile, "rwb")); ExpectIntEQ((int)BIO_set_mem_eof_return(f_bio1, -1), 0); ExpectIntEQ(BIO_read(f_bio1, cert, sizeof(cert)), sizeof(cert)); BIO_free(f_bio1); f_bio1 = NULL; } #endif /* !defined(NO_FILESYSTEM) */ /* BIO info callback */ { const char* testArg = "test"; BIO* cb_bio = NULL; ExpectNotNull(cb_bio = BIO_new(BIO_s_mem())); BIO_set_callback(cb_bio, bioCallback); ExpectNotNull(BIO_get_callback(cb_bio)); BIO_set_callback(cb_bio, NULL); ExpectNull(BIO_get_callback(cb_bio)); BIO_set_callback_arg(cb_bio, (char*)testArg); ExpectStrEQ(BIO_get_callback_arg(cb_bio), testArg); ExpectNull(BIO_get_callback_arg(NULL)); BIO_free(cb_bio); cb_bio = NULL; } /* BIO_vfree */ ExpectNotNull(bio1 = BIO_new(BIO_s_bio())); BIO_vfree(NULL); BIO_vfree(bio1); #endif return EXPECT_RESULT(); } static int test_wolfSSL_BIO_BIO_ring_read(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) BIO* bio1 = NULL; BIO* bio2 = NULL; byte data[50]; byte tmp[50]; XMEMSET(data, 42, sizeof(data)); ExpectIntEQ(BIO_new_bio_pair(&bio1, sizeof(data), &bio2, sizeof(data)), SSL_SUCCESS); ExpectIntEQ(BIO_write(bio1, data, 40), 40); ExpectIntEQ(BIO_read(bio1, tmp, 20), -1); ExpectIntEQ(BIO_read(bio2, tmp, 20), 20); ExpectBufEQ(tmp, data, 20); ExpectIntEQ(BIO_write(bio1, data, 20), 20); ExpectIntEQ(BIO_read(bio2, tmp, 40), 40); ExpectBufEQ(tmp, data, 40); BIO_free(bio1); BIO_free(bio2); #endif return EXPECT_RESULT(); } #endif /* !NO_BIO */ static int test_wolfSSL_a2i_IPADDRESS(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(WOLFSSL_USER_IO) const unsigned char* data = NULL; int dataSz = 0; ASN1_OCTET_STRING *st = NULL; const unsigned char ipv4_exp[] = {0x7F, 0, 0, 1}; const unsigned char ipv6_exp[] = { 0x20, 0x21, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x77, 0x77 }; const unsigned char ipv6_home[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }; ExpectNull(st = a2i_IPADDRESS("127.0.0.1bad")); ExpectNotNull(st = a2i_IPADDRESS("127.0.0.1")); ExpectNotNull(data = ASN1_STRING_get0_data(st)); ExpectIntEQ(dataSz = ASN1_STRING_length(st), WOLFSSL_IP4_ADDR_LEN); ExpectIntEQ(XMEMCMP(data, ipv4_exp, dataSz), 0); ASN1_STRING_free(st); st = NULL; ExpectNotNull(st = a2i_IPADDRESS("::1")); ExpectNotNull(data = ASN1_STRING_get0_data(st)); ExpectIntEQ(dataSz = ASN1_STRING_length(st), WOLFSSL_IP6_ADDR_LEN); ExpectIntEQ(XMEMCMP(data, ipv6_home, dataSz), 0); ASN1_STRING_free(st); st = NULL; ExpectNotNull(st = a2i_IPADDRESS("2021:db8::ff00:42:7777")); ExpectNotNull(data = ASN1_STRING_get0_data(st)); ExpectIntEQ(dataSz = ASN1_STRING_length(st), WOLFSSL_IP6_ADDR_LEN); ExpectIntEQ(XMEMCMP(data, ipv6_exp, dataSz), 0); ASN1_STRING_free(st); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_cmp_time(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) \ && !defined(USER_TIME) && !defined(TIME_OVERRIDES) WOLFSSL_ASN1_TIME asn_time; time_t t; ExpectIntEQ(0, wolfSSL_X509_cmp_time(NULL, &t)); XMEMSET(&asn_time, 0, sizeof(WOLFSSL_ASN1_TIME)); ExpectIntEQ(0, wolfSSL_X509_cmp_time(&asn_time, &t)); ExpectIntEQ(ASN1_TIME_set_string(&asn_time, "000222211515Z"), 1); ExpectIntEQ(-1, wolfSSL_X509_cmp_time(&asn_time, NULL)); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_time_adj(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) && \ !defined(USER_TIME) && !defined(TIME_OVERRIDES) && \ defined(USE_CERT_BUFFERS_2048) && !defined(NO_RSA) && \ !defined(NO_ASN_TIME) X509* x509 = NULL; time_t t; time_t not_before; time_t not_after; ExpectNotNull(x509 = wolfSSL_X509_load_certificate_buffer( client_cert_der_2048, sizeof_client_cert_der_2048, WOLFSSL_FILETYPE_ASN1)); t = 0; not_before = wc_Time(0); not_after = wc_Time(0) + (60 * 24 * 30); /* 30 days after */ ExpectNotNull(X509_time_adj(X509_get_notBefore(x509), not_before, &t)); ExpectNotNull(X509_time_adj(X509_get_notAfter(x509), not_after, &t)); /* Check X509_gmtime_adj, too. */ ExpectNotNull(X509_gmtime_adj(X509_get_notAfter(x509), not_after)); X509_free(x509); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \ !defined(NO_RSA) X509* x509 = NULL; #ifndef NO_BIO BIO* bio = NULL; X509_STORE_CTX* ctx = NULL; X509_STORE* store = NULL; #endif char der[] = "certs/ca-cert.der"; XFILE fp = XBADFILE; ExpectNotNull(x509 = X509_new()); X509_free(x509); x509 = NULL; #ifndef NO_BIO ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile, SSL_FILETYPE_PEM)); ExpectNotNull(bio = BIO_new(BIO_s_mem())); #ifdef WOLFSSL_CERT_GEN ExpectIntEQ(i2d_X509_bio(bio, x509), SSL_SUCCESS); #endif ExpectNotNull(ctx = X509_STORE_CTX_new()); ExpectIntEQ(X509_verify_cert(ctx), SSL_FATAL_ERROR); ExpectNotNull(store = X509_STORE_new()); ExpectIntEQ(X509_STORE_add_cert(store, x509), SSL_SUCCESS); ExpectIntEQ(X509_STORE_CTX_init(ctx, store, x509, NULL), SSL_SUCCESS); ExpectIntEQ(X509_verify_cert(ctx), SSL_SUCCESS); X509_STORE_CTX_free(ctx); X509_STORE_free(store); X509_free(x509); x509 = NULL; BIO_free(bio); #endif /** d2i_X509_fp test **/ ExpectTrue((fp = XFOPEN(der, "rb")) != XBADFILE); ExpectNotNull(x509 = (X509 *)d2i_X509_fp(fp, (X509 **)NULL)); ExpectNotNull(x509); X509_free(x509); x509 = NULL; if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } ExpectTrue((fp = XFOPEN(der, "rb")) != XBADFILE); ExpectNotNull((X509 *)d2i_X509_fp(fp, (X509 **)&x509)); ExpectNotNull(x509); X509_free(x509); if (fp != XBADFILE) XFCLOSE(fp); /* X509_up_ref test */ ExpectIntEQ(X509_up_ref(NULL), 0); ExpectNotNull(x509 = X509_new()); /* refCount = 1 */ ExpectIntEQ(X509_up_ref(x509), 1); /* refCount = 2 */ ExpectIntEQ(X509_up_ref(x509), 1); /* refCount = 3 */ X509_free(x509); /* refCount = 2 */ X509_free(x509); /* refCount = 1 */ X509_free(x509); /* refCount = 0, free */ #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_get_ext_count(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \ !defined(NO_RSA) int ret = 0; WOLFSSL_X509* x509 = NULL; const char ocspRootCaFile[] = "./certs/ocsp/root-ca-cert.pem"; XFILE f = XBADFILE; /* NULL parameter check */ ExpectIntEQ(X509_get_ext_count(NULL), WOLFSSL_FAILURE); ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile, SSL_FILETYPE_PEM)); ExpectIntEQ(X509_get_ext_count(x509), 5); wolfSSL_X509_free(x509); ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(ocspRootCaFile, SSL_FILETYPE_PEM)); ExpectIntEQ(X509_get_ext_count(x509), 5); wolfSSL_X509_free(x509); ExpectTrue((f = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE); ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL)); if (f != XBADFILE) XFCLOSE(f); /* wolfSSL_X509_get_ext_count() valid input */ ExpectIntEQ((ret = wolfSSL_X509_get_ext_count(x509)), 5); /* wolfSSL_X509_get_ext_count() NULL argument */ ExpectIntEQ((ret = wolfSSL_X509_get_ext_count(NULL)), WOLFSSL_FAILURE); wolfSSL_X509_free(x509); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_sign2(void) { EXPECT_DECLS; /* test requires WOLFSSL_AKID_NAME to match expected output */ #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_CERTS) && \ defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_ALT_NAMES) && \ defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_AKID_NAME) && \ (defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || \ defined(WOLFSSL_IP_ALT_NAME)) WOLFSSL_X509 *x509 = NULL; WOLFSSL_X509 *ca = NULL; const unsigned char *der = NULL; const unsigned char *pt = NULL; WOLFSSL_EVP_PKEY *priv = NULL; WOLFSSL_X509_NAME *name = NULL; int derSz; #ifndef NO_ASN_TIME WOLFSSL_ASN1_TIME *notBefore = NULL; WOLFSSL_ASN1_TIME *notAfter = NULL; const int year = 365*24*60*60; const int day = 24*60*60; const int hour = 60*60; const int mini = 60; time_t t; #endif const unsigned char expected[] = { 0x30, 0x82, 0x05, 0x13, 0x30, 0x82, 0x03, 0xFB, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x14, 0x08, 0xB0, 0x54, 0x7A, 0x03, 0x5A, 0xEC, 0x55, 0x8A, 0x12, 0xE8, 0xF9, 0x8E, 0x34, 0xB6, 0x13, 0xD9, 0x59, 0xB8, 0xE8, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x30, 0x30, 0x30, 0x32, 0x31, 0x35, 0x32, 0x30, 0x33, 0x30, 0x30, 0x30, 0x5A, 0x17, 0x0D, 0x30, 0x31, 0x30, 0x32, 0x31, 0x34, 0x32, 0x30, 0x33, 0x30, 0x30, 0x30, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x32, 0x30, 0x34, 0x38, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x32, 0x30, 0x34, 0x38, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC3, 0x03, 0xD1, 0x2B, 0xFE, 0x39, 0xA4, 0x32, 0x45, 0x3B, 0x53, 0xC8, 0x84, 0x2B, 0x2A, 0x7C, 0x74, 0x9A, 0xBD, 0xAA, 0x2A, 0x52, 0x07, 0x47, 0xD6, 0xA6, 0x36, 0xB2, 0x07, 0x32, 0x8E, 0xD0, 0xBA, 0x69, 0x7B, 0xC6, 0xC3, 0x44, 0x9E, 0xD4, 0x81, 0x48, 0xFD, 0x2D, 0x68, 0xA2, 0x8B, 0x67, 0xBB, 0xA1, 0x75, 0xC8, 0x36, 0x2C, 0x4A, 0xD2, 0x1B, 0xF7, 0x8B, 0xBA, 0xCF, 0x0D, 0xF9, 0xEF, 0xEC, 0xF1, 0x81, 0x1E, 0x7B, 0x9B, 0x03, 0x47, 0x9A, 0xBF, 0x65, 0xCC, 0x7F, 0x65, 0x24, 0x69, 0xA6, 0xE8, 0x14, 0x89, 0x5B, 0xE4, 0x34, 0xF7, 0xC5, 0xB0, 0x14, 0x93, 0xF5, 0x67, 0x7B, 0x3A, 0x7A, 0x78, 0xE1, 0x01, 0x56, 0x56, 0x91, 0xA6, 0x13, 0x42, 0x8D, 0xD2, 0x3C, 0x40, 0x9C, 0x4C, 0xEF, 0xD1, 0x86, 0xDF, 0x37, 0x51, 0x1B, 0x0C, 0xA1, 0x3B, 0xF5, 0xF1, 0xA3, 0x4A, 0x35, 0xE4, 0xE1, 0xCE, 0x96, 0xDF, 0x1B, 0x7E, 0xBF, 0x4E, 0x97, 0xD0, 0x10, 0xE8, 0xA8, 0x08, 0x30, 0x81, 0xAF, 0x20, 0x0B, 0x43, 0x14, 0xC5, 0x74, 0x67, 0xB4, 0x32, 0x82, 0x6F, 0x8D, 0x86, 0xC2, 0x88, 0x40, 0x99, 0x36, 0x83, 0xBA, 0x1E, 0x40, 0x72, 0x22, 0x17, 0xD7, 0x52, 0x65, 0x24, 0x73, 0xB0, 0xCE, 0xEF, 0x19, 0xCD, 0xAE, 0xFF, 0x78, 0x6C, 0x7B, 0xC0, 0x12, 0x03, 0xD4, 0x4E, 0x72, 0x0D, 0x50, 0x6D, 0x3B, 0xA3, 0x3B, 0xA3, 0x99, 0x5E, 0x9D, 0xC8, 0xD9, 0x0C, 0x85, 0xB3, 0xD9, 0x8A, 0xD9, 0x54, 0x26, 0xDB, 0x6D, 0xFA, 0xAC, 0xBB, 0xFF, 0x25, 0x4C, 0xC4, 0xD1, 0x79, 0xF4, 0x71, 0xD3, 0x86, 0x40, 0x18, 0x13, 0xB0, 0x63, 0xB5, 0x72, 0x4E, 0x30, 0xC4, 0x97, 0x84, 0x86, 0x2D, 0x56, 0x2F, 0xD7, 0x15, 0xF7, 0x7F, 0xC0, 0xAE, 0xF5, 0xFC, 0x5B, 0xE5, 0xFB, 0xA1, 0xBA, 0xD3, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x4F, 0x30, 0x82, 0x01, 0x4B, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x33, 0xD8, 0x45, 0x66, 0xD7, 0x68, 0x87, 0x18, 0x7E, 0x54, 0x0D, 0x70, 0x27, 0x91, 0xC7, 0x26, 0xD7, 0x85, 0x65, 0xC0, 0x30, 0x81, 0xDE, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xD6, 0x30, 0x81, 0xD3, 0x80, 0x14, 0x33, 0xD8, 0x45, 0x66, 0xD7, 0x68, 0x87, 0x18, 0x7E, 0x54, 0x0D, 0x70, 0x27, 0x91, 0xC7, 0x26, 0xD7, 0x85, 0x65, 0xC0, 0xA1, 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x32, 0x30, 0x34, 0x38, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x32, 0x30, 0x34, 0x38, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x08, 0xB0, 0x54, 0x7A, 0x03, 0x5A, 0xEC, 0x55, 0x8A, 0x12, 0xE8, 0xF9, 0x8E, 0x34, 0xB6, 0x13, 0xD9, 0x59, 0xB8, 0xE8, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x14, 0xFB, 0xD0, 0xCE, 0x31, 0x7F, 0xA5, 0x59, 0xFA, 0x7C, 0x68, 0x26, 0xA7, 0xE8, 0x0D, 0x9F, 0x50, 0x57, 0xFA, 0x1C, 0x7C, 0x5E, 0x43, 0xA4, 0x97, 0x47, 0xB6, 0x41, 0xAC, 0x63, 0xD3, 0x61, 0x8C, 0x1F, 0x42, 0xEF, 0x53, 0xD0, 0xBA, 0x31, 0x4D, 0x99, 0x74, 0xA4, 0x60, 0xDC, 0xC6, 0x6F, 0xCC, 0x1E, 0x25, 0x98, 0xE1, 0xA4, 0xA0, 0x67, 0x69, 0x97, 0xE3, 0x97, 0x7C, 0x83, 0x28, 0xF1, 0xF4, 0x7D, 0x03, 0xA8, 0x31, 0x77, 0xCC, 0xD1, 0x37, 0xEF, 0x7B, 0x4A, 0x71, 0x2D, 0x11, 0x7E, 0x92, 0xF5, 0x67, 0xB7, 0x56, 0xBA, 0x28, 0xF8, 0xD6, 0xCE, 0x2A, 0x71, 0xE3, 0x70, 0x6B, 0x09, 0x0F, 0x67, 0x6F, 0x7A, 0xE0, 0x89, 0xF6, 0x5E, 0x23, 0x0C, 0x0A, 0x44, 0x4E, 0x65, 0x8E, 0x7B, 0x68, 0xD0, 0xAD, 0x76, 0x3E, 0x2A, 0x0E, 0xA2, 0x05, 0x11, 0x74, 0x24, 0x08, 0x60, 0xED, 0x9F, 0x98, 0x18, 0xE9, 0x91, 0x58, 0x36, 0xEC, 0xEC, 0x25, 0x6B, 0xBA, 0x9C, 0x87, 0x38, 0x68, 0xDC, 0xDC, 0x15, 0x6F, 0x20, 0x68, 0xC4, 0xBF, 0x05, 0x5B, 0x4A, 0x0C, 0x44, 0x2B, 0x92, 0x3F, 0x10, 0x99, 0xDC, 0xF6, 0x6C, 0x0E, 0x34, 0x26, 0x6E, 0x6D, 0x4E, 0x12, 0xBC, 0x60, 0x8F, 0x27, 0x1D, 0x7A, 0x00, 0x50, 0xBE, 0x23, 0xDE, 0x48, 0x47, 0x9F, 0xAD, 0x2F, 0x94, 0x3D, 0x16, 0x73, 0x48, 0x6B, 0xC8, 0x97, 0xE6, 0xB4, 0xB3, 0x4B, 0xE1, 0x68, 0x08, 0xC3, 0xE5, 0x34, 0x5F, 0x9B, 0xDA, 0xAB, 0xCA, 0x6D, 0x55, 0x32, 0xEF, 0x6C, 0xEF, 0x9B, 0x8B, 0x5B, 0xC7, 0xF0, 0xC2, 0x0F, 0x8E, 0x93, 0x09, 0x60, 0x3C, 0x0B, 0xDC, 0xBD, 0xDB, 0x4A, 0x2D, 0xD0, 0x98, 0xAA, 0xAB, 0x6C, 0x6F, 0x6D, 0x6B, 0x6A, 0x5C, 0x33, 0xAC, 0xAD, 0xA8, 0x1B, 0x38, 0x5D, 0x9F, 0xDA, 0xE7, 0x70, 0x07 }; pt = ca_key_der_2048; ExpectNotNull(priv = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL, &pt, sizeof_ca_key_der_2048)); pt = client_cert_der_2048; ExpectNotNull(x509 = wolfSSL_d2i_X509(NULL, &pt, sizeof_client_cert_der_2048)); pt = ca_cert_der_2048; ExpectNotNull(ca = wolfSSL_d2i_X509(NULL, &pt, sizeof_ca_cert_der_2048)); ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca)); ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS); #ifndef NO_ASN_TIME t = (time_t)30 * year + 45 * day + 20 * hour + 30 * mini + 7 * day; ExpectNotNull(notBefore = wolfSSL_ASN1_TIME_adj(NULL, t, 0, 0)); ExpectNotNull(notAfter = wolfSSL_ASN1_TIME_adj(NULL, t, 365, 0)); ExpectIntEQ(notAfter->length, 13); ExpectTrue(wolfSSL_X509_set_notBefore(x509, notBefore)); ExpectTrue(wolfSSL_X509_set_notAfter(x509, notAfter)); #endif ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0); ExpectNotNull((der = wolfSSL_X509_get_der(x509, &derSz))); ExpectIntEQ(derSz, sizeof(expected)); #ifndef NO_ASN_TIME ExpectIntEQ(XMEMCMP(der, expected, derSz), 0); #endif wolfSSL_X509_free(ca); wolfSSL_X509_free(x509); wolfSSL_EVP_PKEY_free(priv); #ifndef NO_ASN_TIME wolfSSL_ASN1_TIME_free(notBefore); wolfSSL_ASN1_TIME_free(notAfter); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_sign(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_ASN_TIME) && \ defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && !defined(NO_RSA) int ret = 0; char *cn = NULL; word32 cnSz = 0; X509_NAME *name = NULL; X509 *x509 = NULL; X509 *ca = NULL; DecodedCert dCert; EVP_PKEY *pub = NULL; EVP_PKEY *priv = NULL; EVP_MD_CTX *mctx = NULL; #if defined(USE_CERT_BUFFERS_1024) const unsigned char* rsaPriv = client_key_der_1024; const unsigned char* rsaPub = client_keypub_der_1024; const unsigned char* certIssuer = client_cert_der_1024; long clientKeySz = (long)sizeof_client_key_der_1024; long clientPubKeySz = (long)sizeof_client_keypub_der_1024; long certIssuerSz = (long)sizeof_client_cert_der_1024; #elif defined(USE_CERT_BUFFERS_2048) const unsigned char* rsaPriv = client_key_der_2048; const unsigned char* rsaPub = client_keypub_der_2048; const unsigned char* certIssuer = client_cert_der_2048; long clientKeySz = (long)sizeof_client_key_der_2048; long clientPubKeySz = (long)sizeof_client_keypub_der_2048; long certIssuerSz = (long)sizeof_client_cert_der_2048; #endif byte sn[16]; int snSz = sizeof(sn); /* Set X509_NAME fields */ ExpectNotNull(name = X509_NAME_new()); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8, (byte*)"US", 2, -1, 0), SSL_SUCCESS); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8, (byte*)"wolfssl.com", 11, -1, 0), SSL_SUCCESS); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_UTF8, (byte*)"support@wolfssl.com", 19, -1, 0), SSL_SUCCESS); /* Get private and public keys */ ExpectNotNull(priv = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL, &rsaPriv, clientKeySz)); ExpectNotNull(pub = wolfSSL_d2i_PUBKEY(NULL, &rsaPub, clientPubKeySz)); ExpectNotNull(x509 = X509_new()); /* Set version 3 */ ExpectIntNE(X509_set_version(x509, 2L), 0); /* Set subject name, add pubkey, and sign certificate */ ExpectIntEQ(X509_set_subject_name(x509, name), SSL_SUCCESS); X509_NAME_free(name); name = NULL; ExpectIntEQ(X509_set_pubkey(x509, pub), SSL_SUCCESS); #ifdef WOLFSSL_ALT_NAMES /* Add some subject alt names */ ExpectIntNE(wolfSSL_X509_add_altname(NULL, "ipsum", ASN_DNS_TYPE), SSL_SUCCESS); ExpectIntEQ(wolfSSL_X509_add_altname(x509, NULL, ASN_DNS_TYPE), SSL_SUCCESS); ExpectIntEQ(wolfSSL_X509_add_altname(x509, "sphygmomanometer", ASN_DNS_TYPE), SSL_SUCCESS); ExpectIntEQ(wolfSSL_X509_add_altname(x509, "supercalifragilisticexpialidocious", ASN_DNS_TYPE), SSL_SUCCESS); ExpectIntEQ(wolfSSL_X509_add_altname(x509, "Llanfairpwllgwyngyllgogerychwyrndrobwllllantysiliogogogoch", ASN_DNS_TYPE), SSL_SUCCESS); #if defined(OPENSSL_ALL) || defined(WOLFSSL_IP_ALT_NAME) { unsigned char ip4_type[] = {127,128,0,255}; unsigned char ip6_type[] = {0xdd, 0xcc, 0xba, 0xab, 0xff, 0xee, 0x99, 0x88, 0x77, 0x66, 0x55, 0x44, 0x00, 0x33, 0x22, 0x11}; ExpectIntEQ(wolfSSL_X509_add_altname_ex(x509, (char*)ip4_type, sizeof(ip4_type), ASN_IP_TYPE), SSL_SUCCESS); ExpectIntEQ(wolfSSL_X509_add_altname_ex(x509, (char*)ip6_type, sizeof(ip6_type), ASN_IP_TYPE), SSL_SUCCESS); } #endif #endif /* WOLFSSL_ALT_NAMES */ /* test valid sign case */ ExpectIntGT(ret = X509_sign(x509, priv, EVP_sha256()), 0); /* test valid X509_sign_ctx case */ ExpectNotNull(mctx = EVP_MD_CTX_new()); ExpectIntEQ(EVP_DigestSignInit(mctx, NULL, EVP_sha256(), NULL, priv), 1); ExpectIntGT(X509_sign_ctx(x509, mctx), 0); #if defined(OPENSSL_ALL) && defined(WOLFSSL_ALT_NAMES) ExpectIntEQ(X509_get_ext_count(x509), 1); #endif #if defined(WOLFSSL_ALT_NAMES) && (defined(OPENSSL_ALL) || defined(WOLFSSL_IP_ALT_NAME)) ExpectIntEQ(wolfSSL_X509_check_ip_asc(x509, "127.128.0.255", 0), 1); ExpectIntEQ(wolfSSL_X509_check_ip_asc(x509, "DDCC:BAAB:FFEE:9988:7766:5544:0033:2211", 0), 1); #endif ExpectIntEQ(wolfSSL_X509_get_serial_number(x509, sn, &snSz), WOLFSSL_SUCCESS); DEBUG_WRITE_CERT_X509(x509, "signed.pem"); /* Variation in size depends on ASN.1 encoding when MSB is set. * WOLFSSL_ASN_TEMPLATE code does not generate a serial number * with the MSB set. See GenerateInteger in asn.c */ #ifndef USE_CERT_BUFFERS_1024 #ifndef WOLFSSL_ALT_NAMES /* Valid case - size should be 781-786 with 16 byte serial number */ ExpectTrue((781 + snSz <= ret) && (ret <= 781 + 5 + snSz)); #elif defined(OPENSSL_ALL) || defined(WOLFSSL_IP_ALT_NAME) /* Valid case - size should be 955-960 with 16 byte serial number */ ExpectTrue((939 + snSz <= ret) && (ret <= 939 + 5 + snSz)); #else /* Valid case - size should be 926-931 with 16 byte serial number */ ExpectTrue((910 + snSz <= ret) && (ret <= 910 + 5 + snSz)); #endif #else #ifndef WOLFSSL_ALT_NAMES /* Valid case - size should be 537-542 with 16 byte serial number */ ExpectTrue((521 + snSz <= ret) && (ret <= 521 + 5 + snSz)); #elif defined(OPENSSL_ALL) || defined(WOLFSSL_IP_ALT_NAME) /* Valid case - size should be 695-670 with 16 byte serial number */ ExpectTrue((679 + snSz <= ret) && (ret <= 679 + 5 + snSz)); #else /* Valid case - size should be 666-671 with 16 byte serial number */ ExpectTrue((650 + snSz <= ret) && (ret <= 650 + 5 + snSz)); #endif #endif /* check that issuer name is as expected after signature */ InitDecodedCert(&dCert, certIssuer, (word32)certIssuerSz, 0); ExpectIntEQ(ParseCert(&dCert, CERT_TYPE, NO_VERIFY, NULL), 0); ExpectNotNull(ca = d2i_X509(NULL, &certIssuer, (int)certIssuerSz)); ExpectNotNull(name = X509_get_subject_name(ca)); cnSz = X509_NAME_get_sz(name); ExpectNotNull(cn = (char*)XMALLOC(cnSz, HEAP_HINT, DYNAMIC_TYPE_OPENSSL)); ExpectNotNull(cn = X509_NAME_oneline(name, cn, cnSz)); ExpectIntEQ(0, XSTRNCMP(cn, dCert.subject, XSTRLEN(cn))); XFREE(cn, HEAP_HINT, DYNAMIC_TYPE_OPENSSL); cn = NULL; #ifdef WOLFSSL_MULTI_ATTRIB /* test adding multiple OU's to the signer */ ExpectNotNull(name = X509_get_subject_name(ca)); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "OU", MBSTRING_UTF8, (byte*)"OU1", 3, -1, 0), SSL_SUCCESS); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "OU", MBSTRING_UTF8, (byte*)"OU2", 3, -1, 0), SSL_SUCCESS); ExpectIntGT(X509_sign(ca, priv, EVP_sha256()), 0); #endif ExpectNotNull(name = X509_get_subject_name(ca)); ExpectIntEQ(X509_set_issuer_name(x509, name), SSL_SUCCESS); ExpectIntGT(X509_sign(x509, priv, EVP_sha256()), 0); ExpectNotNull(name = X509_get_issuer_name(x509)); cnSz = X509_NAME_get_sz(name); ExpectNotNull(cn = (char*)XMALLOC(cnSz, HEAP_HINT, DYNAMIC_TYPE_OPENSSL)); ExpectNotNull(cn = X509_NAME_oneline(name, cn, cnSz)); /* compare and don't include the multi-attrib "/OU=OU1/OU=OU2" above */ ExpectIntEQ(0, XSTRNCMP(cn, dCert.issuer, XSTRLEN(dCert.issuer))); XFREE(cn, HEAP_HINT, DYNAMIC_TYPE_OPENSSL); cn = NULL; FreeDecodedCert(&dCert); /* Test invalid parameters */ ExpectIntEQ(X509_sign(NULL, priv, EVP_sha256()), 0); ExpectIntEQ(X509_sign(x509, NULL, EVP_sha256()), 0); ExpectIntEQ(X509_sign(x509, priv, NULL), 0); ExpectIntEQ(X509_sign_ctx(NULL, mctx), 0); EVP_MD_CTX_free(mctx); mctx = NULL; ExpectNotNull(mctx = EVP_MD_CTX_new()); ExpectIntEQ(X509_sign_ctx(x509, mctx), 0); ExpectIntEQ(X509_sign_ctx(x509, NULL), 0); /* test invalid version number */ #if defined(OPENSSL_ALL) ExpectIntNE(X509_set_version(x509, 6L), 0); ExpectIntGT(X509_sign(x509, priv, EVP_sha256()), 0); /* uses ParseCert which fails on bad version number */ ExpectIntEQ(X509_get_ext_count(x509), SSL_FAILURE); #endif EVP_MD_CTX_free(mctx); EVP_PKEY_free(priv); EVP_PKEY_free(pub); X509_free(x509); X509_free(ca); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_get0_tbs_sigalg(void) { EXPECT_DECLS; #if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) X509* x509 = NULL; const X509_ALGOR* alg; ExpectNotNull(x509 = X509_new()); ExpectNull(alg = X509_get0_tbs_sigalg(NULL)); ExpectNotNull(alg = X509_get0_tbs_sigalg(x509)); X509_free(x509); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_ALGOR_get0(void) { EXPECT_DECLS; #if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && \ !defined(NO_SHA256) && !defined(NO_RSA) X509* x509 = NULL; const ASN1_OBJECT* obj = NULL; const X509_ALGOR* alg = NULL; int pptype = 0; const void *ppval = NULL; ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile, SSL_FILETYPE_PEM)); ExpectNotNull(alg = X509_get0_tbs_sigalg(x509)); /* Invalid case */ X509_ALGOR_get0(&obj, NULL, NULL, NULL); ExpectNull(obj); /* Valid case */ X509_ALGOR_get0(&obj, &pptype, &ppval, alg); ExpectNotNull(obj); ExpectNull(ppval); ExpectIntNE(pptype, 0); /* Make sure NID of X509_ALGOR is Sha256 with RSA */ ExpectIntEQ(OBJ_obj2nid(obj), NID_sha256WithRSAEncryption); X509_free(x509); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_VERIFY_PARAM(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) X509_VERIFY_PARAM *paramTo = NULL; X509_VERIFY_PARAM *paramFrom = NULL; char testIPv4[] = "127.0.0.1"; char testIPv6[] = "0001:0000:0000:0000:0000:0000:0000:0000/32"; char testhostName1[] = "foo.hoge.com"; char testhostName2[] = "foobar.hoge.com"; ExpectNotNull(paramTo = X509_VERIFY_PARAM_new()); ExpectNotNull(XMEMSET(paramTo, 0, sizeof(X509_VERIFY_PARAM))); ExpectNotNull(paramFrom = X509_VERIFY_PARAM_new()); ExpectNotNull(XMEMSET(paramFrom, 0, sizeof(X509_VERIFY_PARAM))); ExpectIntEQ(X509_VERIFY_PARAM_set1_host(paramFrom, testhostName1, (int)XSTRLEN(testhostName1)), 1); ExpectIntEQ(0, XSTRNCMP(paramFrom->hostName, testhostName1, (int)XSTRLEN(testhostName1))); X509_VERIFY_PARAM_set_hostflags(NULL, 0x00); X509_VERIFY_PARAM_set_hostflags(paramFrom, 0x01); ExpectIntEQ(0x01, paramFrom->hostFlags); ExpectIntEQ(X509_VERIFY_PARAM_set1_ip_asc(NULL, testIPv4), 0); ExpectIntEQ(X509_VERIFY_PARAM_set1_ip_asc(paramFrom, testIPv4), 1); ExpectIntEQ(0, XSTRNCMP(paramFrom->ipasc, testIPv4, WOLFSSL_MAX_IPSTR)); ExpectIntEQ(X509_VERIFY_PARAM_set1_ip_asc(paramFrom, NULL), 1); ExpectIntEQ(X509_VERIFY_PARAM_set1_ip_asc(paramFrom, testIPv6), 1); ExpectIntEQ(0, XSTRNCMP(paramFrom->ipasc, testIPv6, WOLFSSL_MAX_IPSTR)); /* null pointer */ ExpectIntEQ(X509_VERIFY_PARAM_set1(NULL, paramFrom), 0); /* in the case of "from" null, returns success */ ExpectIntEQ(X509_VERIFY_PARAM_set1(paramTo, NULL), 1); ExpectIntEQ(X509_VERIFY_PARAM_set1(NULL, NULL), 0); /* inherit flags test : VPARAM_DEFAULT */ ExpectIntEQ(X509_VERIFY_PARAM_set1(paramTo, paramFrom), 1); ExpectIntEQ(0, XSTRNCMP(paramTo->hostName, testhostName1, (int)XSTRLEN(testhostName1))); ExpectIntEQ(0x01, paramTo->hostFlags); ExpectIntEQ(0, XSTRNCMP(paramTo->ipasc, testIPv6, WOLFSSL_MAX_IPSTR)); /* inherit flags test : VPARAM OVERWRITE */ ExpectIntEQ(X509_VERIFY_PARAM_set1_host(paramTo, testhostName2, (int)XSTRLEN(testhostName2)), 1); ExpectIntEQ(X509_VERIFY_PARAM_set1_ip_asc(paramTo, testIPv4), 1); X509_VERIFY_PARAM_set_hostflags(paramTo, 0x00); if (paramTo != NULL) { paramTo->inherit_flags = X509_VP_FLAG_OVERWRITE; } ExpectIntEQ(X509_VERIFY_PARAM_set1(paramTo, paramFrom), 1); ExpectIntEQ(0, XSTRNCMP(paramTo->hostName, testhostName1, (int)XSTRLEN(testhostName1))); ExpectIntEQ(0x01, paramTo->hostFlags); ExpectIntEQ(0, XSTRNCMP(paramTo->ipasc, testIPv6, WOLFSSL_MAX_IPSTR)); /* inherit flags test : VPARAM_RESET_FLAGS */ ExpectIntEQ(X509_VERIFY_PARAM_set1_host(paramTo, testhostName2, (int)XSTRLEN(testhostName2)), 1); ExpectIntEQ(X509_VERIFY_PARAM_set1_ip_asc(paramTo, testIPv4), 1); X509_VERIFY_PARAM_set_hostflags(paramTo, 0x10); if (paramTo != NULL) { paramTo->inherit_flags = X509_VP_FLAG_RESET_FLAGS; } ExpectIntEQ(X509_VERIFY_PARAM_set1(paramTo, paramFrom), 1); ExpectIntEQ(0, XSTRNCMP(paramTo->hostName, testhostName1, (int)XSTRLEN(testhostName1))); ExpectIntEQ(0x01, paramTo->hostFlags); ExpectIntEQ(0, XSTRNCMP(paramTo->ipasc, testIPv6, WOLFSSL_MAX_IPSTR)); /* inherit flags test : VPARAM_LOCKED */ ExpectIntEQ(X509_VERIFY_PARAM_set1_host(paramTo, testhostName2, (int)XSTRLEN(testhostName2)), 1); ExpectIntEQ(X509_VERIFY_PARAM_set1_ip_asc(paramTo, testIPv4), 1); X509_VERIFY_PARAM_set_hostflags(paramTo, 0x00); if (paramTo != NULL) { paramTo->inherit_flags = X509_VP_FLAG_LOCKED; } ExpectIntEQ(X509_VERIFY_PARAM_set1(paramTo, paramFrom), 1); ExpectIntEQ(0, XSTRNCMP(paramTo->hostName, testhostName2, (int)XSTRLEN(testhostName2))); ExpectIntEQ(0x00, paramTo->hostFlags); ExpectIntEQ(0, XSTRNCMP(paramTo->ipasc, testIPv4, WOLFSSL_MAX_IPSTR)); /* test for incorrect parameters */ ExpectIntEQ(X509_VERIFY_PARAM_set_flags(NULL, X509_V_FLAG_CRL_CHECK_ALL), 0); ExpectIntEQ(X509_VERIFY_PARAM_set_flags(NULL, 0), 0); /* inherit flags test : VPARAM_ONCE, not testable yet */ ExpectIntEQ(X509_VERIFY_PARAM_set_flags(paramTo, X509_V_FLAG_CRL_CHECK_ALL), 1); ExpectIntEQ(X509_VERIFY_PARAM_get_flags(paramTo), X509_V_FLAG_CRL_CHECK_ALL); ExpectIntEQ(X509_VERIFY_PARAM_clear_flags(paramTo, X509_V_FLAG_CRL_CHECK_ALL), 1); ExpectIntEQ(X509_VERIFY_PARAM_get_flags(paramTo), 0); X509_VERIFY_PARAM_free(paramTo); X509_VERIFY_PARAM_free(paramFrom); X509_VERIFY_PARAM_free(NULL); /* to confirm NULL parameter gives no harm */ #endif return EXPECT_RESULT(); } #if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) static int test_wolfSSL_check_domain_verify_count = 0; static WC_INLINE int test_wolfSSL_check_domain_verify_cb(int preverify, WOLFSSL_X509_STORE_CTX* store) { EXPECT_DECLS; ExpectIntEQ(X509_STORE_CTX_get_error(store), 0); ExpectIntEQ(preverify, 1); ExpectIntGT(++test_wolfSSL_check_domain_verify_count, 0); return EXPECT_SUCCESS(); } static int test_wolfSSL_check_domain_client_cb(WOLFSSL* ssl) { EXPECT_DECLS; X509_VERIFY_PARAM *param = NULL; ExpectNotNull(param = SSL_get0_param(ssl)); /* Domain check should only be done on the leaf cert */ X509_VERIFY_PARAM_set_hostflags(param, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS); ExpectIntEQ(X509_VERIFY_PARAM_set1_host(param, "wolfSSL Server Chain", 0), 1); wolfSSL_set_verify(ssl, WOLFSSL_VERIFY_PEER, test_wolfSSL_check_domain_verify_cb); return EXPECT_RESULT(); } static int test_wolfSSL_check_domain_server_cb(WOLFSSL_CTX* ctx) { EXPECT_DECLS; /* Use a cert with different domains in chain */ ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_file(ctx, "certs/intermediate/server-chain.pem"), WOLFSSL_SUCCESS); return EXPECT_RESULT(); } static int test_wolfSSL_check_domain(void) { EXPECT_DECLS; test_ssl_cbf func_cb_client; test_ssl_cbf func_cb_server; XMEMSET(&func_cb_client, 0, sizeof(func_cb_client)); XMEMSET(&func_cb_server, 0, sizeof(func_cb_server)); func_cb_client.ssl_ready = &test_wolfSSL_check_domain_client_cb; func_cb_server.ctx_ready = &test_wolfSSL_check_domain_server_cb; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client, &func_cb_server, NULL), TEST_SUCCESS); /* Should have been called once for each cert in sent chain */ #ifdef WOLFSSL_VERIFY_CB_ALL_CERTS ExpectIntEQ(test_wolfSSL_check_domain_verify_count, 3); #else ExpectIntEQ(test_wolfSSL_check_domain_verify_count, 1); #endif return EXPECT_RESULT(); } #endif /* OPENSSL_EXTRA && HAVE_SSL_MEMIO_TESTS_DEPENDENCIES */ static int test_wolfSSL_X509_get_X509_PUBKEY(void) { EXPECT_DECLS; #if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) X509* x509 = NULL; X509_PUBKEY* pubKey; ExpectNotNull(x509 = X509_new()); ExpectNull(pubKey = wolfSSL_X509_get_X509_PUBKEY(NULL)); ExpectNotNull(pubKey = wolfSSL_X509_get_X509_PUBKEY(x509)); X509_free(x509); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_PUBKEY_RSA(void) { EXPECT_DECLS; #if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && \ !defined(NO_SHA256) && !defined(NO_RSA) X509* x509 = NULL; ASN1_OBJECT* obj = NULL; const ASN1_OBJECT* pa_oid = NULL; X509_PUBKEY* pubKey = NULL; X509_PUBKEY* pubKey2 = NULL; EVP_PKEY* evpKey = NULL; const unsigned char *pk = NULL; int ppklen; int pptype; X509_ALGOR *pa = NULL; const void *pval; ExpectNotNull(x509 = X509_load_certificate_file(cliCertFile, SSL_FILETYPE_PEM)); ExpectNotNull(pubKey = X509_get_X509_PUBKEY(x509)); ExpectIntEQ(X509_PUBKEY_get0_param(&obj, &pk, &ppklen, &pa, pubKey), 1); ExpectNotNull(pk); ExpectNotNull(pa); ExpectNotNull(pubKey); ExpectIntGT(ppklen, 0); ExpectIntEQ(OBJ_obj2nid(obj), NID_rsaEncryption); ExpectNotNull(evpKey = X509_PUBKEY_get(pubKey)); ExpectNotNull(pubKey2 = X509_PUBKEY_new()); ExpectIntEQ(X509_PUBKEY_set(&pubKey2, evpKey), 1); ExpectIntEQ(X509_PUBKEY_get0_param(&obj, &pk, &ppklen, &pa, pubKey2), 1); ExpectNotNull(pk); ExpectNotNull(pa); ExpectIntGT(ppklen, 0); X509_ALGOR_get0(&pa_oid, &pptype, &pval, pa); ExpectNotNull(pa_oid); ExpectNull(pval); ExpectIntEQ(pptype, V_ASN1_NULL); ExpectIntEQ(OBJ_obj2nid(pa_oid), EVP_PKEY_RSA); X509_PUBKEY_free(pubKey2); X509_free(x509); EVP_PKEY_free(evpKey); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_PUBKEY_EC(void) { EXPECT_DECLS; #if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && defined(HAVE_ECC) X509* x509 = NULL; ASN1_OBJECT* obj = NULL; ASN1_OBJECT* poid = NULL; const ASN1_OBJECT* pa_oid = NULL; X509_PUBKEY* pubKey = NULL; X509_PUBKEY* pubKey2 = NULL; EVP_PKEY* evpKey = NULL; const unsigned char *pk = NULL; int ppklen; int pptype; X509_ALGOR *pa = NULL; const void *pval; char buf[50]; ExpectNotNull(x509 = X509_load_certificate_file(cliEccCertFile, SSL_FILETYPE_PEM)); ExpectNotNull(pubKey = X509_get_X509_PUBKEY(x509)); ExpectNotNull(evpKey = X509_PUBKEY_get(pubKey)); ExpectNotNull(pubKey2 = X509_PUBKEY_new()); ExpectIntEQ(X509_PUBKEY_set(&pubKey2, evpKey), 1); ExpectIntEQ(X509_PUBKEY_get0_param(&obj, &pk, &ppklen, &pa, pubKey2), 1); ExpectNotNull(pk); ExpectNotNull(pa); ExpectIntGT(ppklen, 0); X509_ALGOR_get0(&pa_oid, &pptype, &pval, pa); ExpectNotNull(pa_oid); ExpectNotNull(pval); ExpectIntEQ(pptype, V_ASN1_OBJECT); ExpectIntEQ(OBJ_obj2nid(pa_oid), EVP_PKEY_EC); poid = (ASN1_OBJECT *)pval; ExpectIntGT(OBJ_obj2txt(buf, (int)sizeof(buf), poid, 0), 0); ExpectIntEQ(OBJ_txt2nid(buf), NID_X9_62_prime256v1); X509_PUBKEY_free(pubKey2); X509_free(x509); EVP_PKEY_free(evpKey); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_PUBKEY_DSA(void) { EXPECT_DECLS; #if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && !defined(NO_DSA) word32 bytes; #ifdef USE_CERT_BUFFERS_1024 byte tmp[ONEK_BUF]; #elif defined(USE_CERT_BUFFERS_2048) byte tmp[TWOK_BUF]; #else byte tmp[TWOK_BUF]; #endif /* END USE_CERT_BUFFERS_1024 */ const unsigned char* dsaKeyDer = tmp; ASN1_OBJECT* obj = NULL; ASN1_STRING* str; const ASN1_OBJECT* pa_oid = NULL; X509_PUBKEY* pubKey = NULL; EVP_PKEY* evpKey = NULL; const unsigned char *pk = NULL; int ppklen, pptype; X509_ALGOR *pa = NULL; const void *pval; #ifdef USE_CERT_BUFFERS_1024 XMEMSET(tmp, 0, sizeof(tmp)); XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024); bytes = sizeof_dsa_key_der_1024; #elif defined(USE_CERT_BUFFERS_2048) XMEMSET(tmp, 0, sizeof(tmp)); XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048); bytes = sizeof_dsa_key_der_2048; #else { XFILE fp = XBADFILE; XMEMSET(tmp, 0, sizeof(tmp)); ExpectTrue((fp = XFOPEN("./certs/dsa2048.der", "rb")) != XBADFILE); ExpectIntGT(bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp), 0); if (fp != XBADFILE) XFCLOSE(fp); } #endif /* Initialize pkey with der format dsa key */ ExpectNotNull(d2i_PrivateKey(EVP_PKEY_DSA, &evpKey, &dsaKeyDer, bytes)); ExpectNotNull(pubKey = X509_PUBKEY_new()); ExpectIntEQ(X509_PUBKEY_set(&pubKey, evpKey), 1); ExpectIntEQ(X509_PUBKEY_get0_param(&obj, &pk, &ppklen, &pa, pubKey), 1); ExpectNotNull(pk); ExpectNotNull(pa); ExpectIntGT(ppklen, 0); X509_ALGOR_get0(&pa_oid, &pptype, &pval, pa); ExpectNotNull(pa_oid); ExpectNotNull(pval); ExpectIntEQ(pptype, V_ASN1_SEQUENCE); ExpectIntEQ(OBJ_obj2nid(pa_oid), EVP_PKEY_DSA); str = (ASN1_STRING *)pval; DEBUG_WRITE_DER(ASN1_STRING_data(str), ASN1_STRING_length(str), "str.der"); #ifdef USE_CERT_BUFFERS_1024 ExpectIntEQ(ASN1_STRING_length(str), 291); #else ExpectIntEQ(ASN1_STRING_length(str), 549); #endif /* END USE_CERT_BUFFERS_1024 */ X509_PUBKEY_free(pubKey); EVP_PKEY_free(evpKey); #endif return EXPECT_RESULT(); } static int test_wolfSSL_BUF(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) BUF_MEM* buf = NULL; ExpectNotNull(buf = BUF_MEM_new()); ExpectIntEQ(BUF_MEM_grow(buf, 10), 10); ExpectIntEQ(BUF_MEM_grow(buf, -1), 0); BUF_MEM_free(buf); #endif return EXPECT_RESULT(); } #if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_NO_OPENSSL_RAND_CB) static int stub_rand_seed(const void *buf, int num) { (void)buf; (void)num; return 123; } static int stub_rand_bytes(unsigned char *buf, int num) { (void)buf; (void)num; return 456; } static byte* was_stub_rand_cleanup_called(void) { static byte was_called = 0; return &was_called; } static void stub_rand_cleanup(void) { byte* was_called = was_stub_rand_cleanup_called(); *was_called = 1; return; } static byte* was_stub_rand_add_called(void) { static byte was_called = 0; return &was_called; } static int stub_rand_add(const void *buf, int num, double entropy) { byte* was_called = was_stub_rand_add_called(); (void)buf; (void)num; (void)entropy; *was_called = 1; return 0; } static int stub_rand_pseudo_bytes(unsigned char *buf, int num) { (void)buf; (void)num; return 9876; } static int stub_rand_status(void) { return 5432; } #endif /* OPENSSL_EXTRA && !WOLFSSL_NO_OPENSSL_RAND_CB */ static int test_wolfSSL_RAND_set_rand_method(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_NO_OPENSSL_RAND_CB) RAND_METHOD rand_methods = {NULL, NULL, NULL, NULL, NULL, NULL}; unsigned char* buf = NULL; int num = 0; double entropy = 0; int ret; byte* was_cleanup_called = was_stub_rand_cleanup_called(); byte* was_add_called = was_stub_rand_add_called(); ExpectNotNull(buf = (byte*)XMALLOC(32 * sizeof(byte), NULL, DYNAMIC_TYPE_TMP_BUFFER)); ExpectIntNE(wolfSSL_RAND_status(), 5432); ExpectIntEQ(*was_cleanup_called, 0); RAND_cleanup(); ExpectIntEQ(*was_cleanup_called, 0); rand_methods.seed = &stub_rand_seed; rand_methods.bytes = &stub_rand_bytes; rand_methods.cleanup = &stub_rand_cleanup; rand_methods.add = &stub_rand_add; rand_methods.pseudorand = &stub_rand_pseudo_bytes; rand_methods.status = &stub_rand_status; ExpectIntEQ(RAND_set_rand_method(&rand_methods), WOLFSSL_SUCCESS); ExpectIntEQ(RAND_seed(buf, num), 123); ExpectIntEQ(RAND_bytes(buf, num), 456); ExpectIntEQ(RAND_pseudo_bytes(buf, num), 9876); ExpectIntEQ(RAND_status(), 5432); ExpectIntEQ(*was_add_called, 0); /* The function pointer for RAND_add returns int, but RAND_add itself * returns void. */ RAND_add(buf, num, entropy); ExpectIntEQ(*was_add_called, 1); was_add_called = 0; ExpectIntEQ(*was_cleanup_called, 0); RAND_cleanup(); ExpectIntEQ(*was_cleanup_called, 1); *was_cleanup_called = 0; ret = RAND_set_rand_method(NULL); ExpectIntEQ(ret, WOLFSSL_SUCCESS); ExpectIntNE(RAND_status(), 5432); ExpectIntEQ(*was_cleanup_called, 0); RAND_cleanup(); ExpectIntEQ(*was_cleanup_called, 0); RAND_set_rand_method(NULL); XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); #endif /* OPENSSL_EXTRA && !WOLFSSL_NO_OPENSSL_RAND_CB */ return EXPECT_RESULT(); } static int test_wolfSSL_RAND_bytes(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) const int size1 = RNG_MAX_BLOCK_LEN; /* in bytes */ const int size2 = RNG_MAX_BLOCK_LEN + 1; /* in bytes */ const int size3 = RNG_MAX_BLOCK_LEN * 2; /* in bytes */ const int size4 = RNG_MAX_BLOCK_LEN * 4; /* in bytes */ int max_bufsize; byte *my_buf = NULL; /* sanity check */ ExpectIntEQ(RAND_bytes(NULL, 16), 0); ExpectIntEQ(RAND_bytes(NULL, 0), 0); max_bufsize = size4; ExpectNotNull(my_buf = (byte*)XMALLOC(max_bufsize * sizeof(byte), NULL, DYNAMIC_TYPE_TMP_BUFFER)); ExpectIntEQ(RAND_bytes(my_buf, 0), 1); ExpectIntEQ(RAND_bytes(my_buf, -1), 0); ExpectNotNull(XMEMSET(my_buf, 0, max_bufsize)); ExpectIntEQ(RAND_bytes(my_buf, size1), 1); ExpectIntEQ(RAND_bytes(my_buf, size2), 1); ExpectIntEQ(RAND_bytes(my_buf, size3), 1); ExpectIntEQ(RAND_bytes(my_buf, size4), 1); XFREE(my_buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); #endif return EXPECT_RESULT(); } static int test_wolfSSL_RAND(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) byte seed[16]; XMEMSET(seed, 0, sizeof(seed)); /* No global methods set. */ ExpectIntEQ(RAND_seed(seed, sizeof(seed)), 1); ExpectIntEQ(RAND_poll(), 1); RAND_cleanup(); ExpectIntEQ(RAND_egd(NULL), -1); #ifndef NO_FILESYSTEM { char fname[100]; ExpectNotNull(RAND_file_name(fname, (sizeof(fname) - 1))); ExpectIntEQ(RAND_write_file(NULL), 0); } #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_PKCS8_Compat(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && defined(HAVE_ECC) && \ !defined(NO_BIO) PKCS8_PRIV_KEY_INFO* pt = NULL; BIO* bio = NULL; XFILE f = XBADFILE; int bytes; char pkcs8_buffer[512]; #if defined(OPENSSL_ALL) || defined(WOLFSSL_WPAS_SMALL) EVP_PKEY *pkey = NULL; #endif /* file from wolfssl/certs/ directory */ ExpectTrue((f = XFOPEN("./certs/ecc-keyPkcs8.pem", "rb")) != XBADFILE); ExpectIntGT((bytes = (int)XFREAD(pkcs8_buffer, 1, sizeof(pkcs8_buffer), f)), 0); if (f != XBADFILE) XFCLOSE(f); ExpectNotNull(bio = BIO_new_mem_buf((void*)pkcs8_buffer, bytes)); ExpectNotNull(pt = d2i_PKCS8_PRIV_KEY_INFO_bio(bio, NULL)); #if defined(OPENSSL_ALL) || defined(WOLFSSL_WPAS_SMALL) ExpectNotNull(pkey = EVP_PKCS82PKEY(pt)); ExpectIntEQ(EVP_PKEY_type(pkey->type), EVP_PKEY_EC); /* gets PKCS8 pointer to pkey */ ExpectNotNull(EVP_PKEY2PKCS8(pkey)); EVP_PKEY_free(pkey); #endif BIO_free(bio); PKCS8_PRIV_KEY_INFO_free(pt); #endif return EXPECT_RESULT(); } static int test_wolfSSL_PKCS8_d2i(void) { EXPECT_DECLS; #if !defined(HAVE_FIPS) && defined(OPENSSL_EXTRA) /* This test ends up using HMAC as a part of PBKDF2, and HMAC * requires a 12 byte password in FIPS mode. This test ends up * trying to use an 8 byte password. */ #ifndef NO_FILESYSTEM unsigned char pkcs8_buffer[2048]; const unsigned char* p = NULL; int bytes = 0; XFILE file = XBADFILE; WOLFSSL_EVP_PKEY* pkey = NULL; #ifndef NO_BIO BIO* bio = NULL; #if defined(OPENSSL_ALL) && \ ((!defined(NO_RSA) && !defined(NO_DES3)) || \ defined(HAVE_ECC)) && \ !defined(NO_BIO) && !defined(NO_PWDBASED) && defined(HAVE_PKCS8) WOLFSSL_EVP_PKEY* evpPkey = NULL; #endif #endif #ifndef NO_RSA const char rsaDerPkcs8File[] = "./certs/server-keyPkcs8.der"; const char rsaPemPkcs8File[] = "./certs/server-keyPkcs8.pem"; #ifndef NO_DES3 const char rsaDerPkcs8EncFile[] = "./certs/server-keyPkcs8Enc.der"; #endif #endif /* NO_RSA */ #ifdef HAVE_ECC const char ecDerPkcs8File[] = "certs/ecc-keyPkcs8.der"; const char ecPemPkcs8File[] = "certs/ecc-keyPkcs8.pem"; #ifndef NO_DES3 const char ecDerPkcs8EncFile[] = "certs/ecc-keyPkcs8Enc.der"; #endif #endif /* HAVE_ECC */ #endif /* !NO_FILESYSTEM */ #if defined(OPENSSL_ALL) && (!defined(NO_RSA) || defined(HAVE_ECC)) #ifndef NO_RSA #ifdef USE_CERT_BUFFERS_1024 const unsigned char* rsa = (unsigned char*)server_key_der_1024; int rsaSz = sizeof_server_key_der_1024; #else const unsigned char* rsa = (unsigned char*)server_key_der_2048; int rsaSz = sizeof_server_key_der_2048; #endif #endif #ifdef HAVE_ECC const unsigned char* ec = (unsigned char*)ecc_key_der_256; int ecSz = sizeof_ecc_key_der_256; #endif #endif /* OPENSSL_ALL && (!NO_RSA || HAVE_ECC) */ #ifndef NO_FILESYSTEM (void)pkcs8_buffer; (void)p; (void)bytes; (void)file; #ifndef NO_BIO (void)bio; #endif #endif #ifdef OPENSSL_ALL #ifndef NO_RSA /* Try to auto-detect normal RSA private key */ ExpectNotNull(pkey = d2i_AutoPrivateKey(NULL, &rsa, rsaSz)); EVP_PKEY_free(pkey); pkey = NULL; #endif #ifdef HAVE_ECC /* Try to auto-detect normal EC private key */ ExpectNotNull(pkey = d2i_AutoPrivateKey(NULL, &ec, ecSz)); EVP_PKEY_free(pkey); pkey = NULL; #endif #endif /* OPENSSL_ALL */ #ifndef NO_FILESYSTEM #ifndef NO_RSA /* Get DER encoded RSA PKCS#8 data. */ ExpectTrue((file = XFOPEN(rsaDerPkcs8File, "rb")) != XBADFILE); ExpectNotNull(XMEMSET(pkcs8_buffer, 0, sizeof(pkcs8_buffer))); ExpectIntGT((bytes = (int)XFREAD(pkcs8_buffer, 1, sizeof(pkcs8_buffer), file)), 0); if (file != XBADFILE) { XFCLOSE(file); file = XBADFILE; } p = pkcs8_buffer; #ifdef OPENSSL_ALL /* Try to decode - auto-detect key type. */ ExpectNotNull(pkey = d2i_AutoPrivateKey(NULL, &p, bytes)); #else ExpectNotNull(pkey = d2i_PrivateKey(EVP_PKEY_RSA, NULL, &p, bytes)); #endif /* Get PEM encoded RSA PKCS#8 data. */ ExpectTrue((file = XFOPEN(rsaPemPkcs8File, "rb")) != XBADFILE); ExpectIntGT((bytes = (int)XFREAD(pkcs8_buffer, 1, sizeof(pkcs8_buffer), file)), 0); if (file != XBADFILE) { XFCLOSE(file); file = XBADFILE; } #if defined(OPENSSL_ALL) && \ !defined(NO_BIO) && !defined(NO_PWDBASED) && defined(HAVE_PKCS8) ExpectNotNull(bio = BIO_new(BIO_s_mem())); /* Write PKCS#8 PEM to BIO. */ ExpectIntEQ(PEM_write_bio_PKCS8PrivateKey(bio, pkey, NULL, NULL, 0, NULL, NULL), bytes); /* Compare file and written data */ ExpectIntEQ(BIO_get_mem_data(bio, &p), bytes); ExpectIntEQ(XMEMCMP(p, pkcs8_buffer, bytes), 0); BIO_free(bio); bio = NULL; #if !defined(NO_DES3) && !defined(NO_SHA) ExpectNotNull(bio = BIO_new(BIO_s_mem())); /* Write Encrypted PKCS#8 PEM to BIO. */ bytes = 1834; ExpectIntEQ(PEM_write_bio_PKCS8PrivateKey(bio, pkey, EVP_des_ede3_cbc(), NULL, 0, PasswordCallBack, (void*)"yassl123"), bytes); ExpectNotNull(evpPkey = PEM_read_bio_PrivateKey(bio, NULL, PasswordCallBack, (void*)"yassl123")); EVP_PKEY_free(evpPkey); evpPkey = NULL; BIO_free(bio); bio = NULL; #endif /* !NO_DES3 && !NO_SHA */ #endif /* !NO_BIO && !NO_PWDBASED && HAVE_PKCS8 */ EVP_PKEY_free(pkey); pkey = NULL; /* PKCS#8 encrypted RSA key */ #ifndef NO_DES3 ExpectTrue((file = XFOPEN(rsaDerPkcs8EncFile, "rb")) != XBADFILE); ExpectNotNull(XMEMSET(pkcs8_buffer, 0, sizeof(pkcs8_buffer))); ExpectIntGT((bytes = (int)XFREAD(pkcs8_buffer, 1, sizeof(pkcs8_buffer), file)), 0); if (file != XBADFILE) { XFCLOSE(file); file = XBADFILE; } #if defined(OPENSSL_ALL) && \ !defined(NO_BIO) && !defined(NO_PWDBASED) && defined(HAVE_PKCS8) ExpectNotNull(bio = BIO_new_mem_buf((void*)pkcs8_buffer, bytes)); ExpectNotNull(pkey = d2i_PKCS8PrivateKey_bio(bio, NULL, PasswordCallBack, (void*)"yassl123")); EVP_PKEY_free(pkey); pkey = NULL; BIO_free(bio); bio = NULL; #endif /* OPENSSL_ALL && !NO_BIO && !NO_PWDBASED && HAVE_PKCS8 */ #endif /* !NO_DES3 */ #endif /* NO_RSA */ #ifdef HAVE_ECC /* PKCS#8 encode EC key */ ExpectTrue((file = XFOPEN(ecDerPkcs8File, "rb")) != XBADFILE); ExpectNotNull(XMEMSET(pkcs8_buffer, 0, sizeof(pkcs8_buffer))); ExpectIntGT((bytes = (int)XFREAD(pkcs8_buffer, 1, sizeof(pkcs8_buffer), file)), 0); if (file != XBADFILE) { XFCLOSE(file); file = XBADFILE; } p = pkcs8_buffer; #ifdef OPENSSL_ALL /* Try to decode - auto-detect key type. */ ExpectNotNull(pkey = d2i_AutoPrivateKey(NULL, &p, bytes)); #else ExpectNotNull(pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &p, bytes)); #endif /* Get PEM encoded RSA PKCS#8 data. */ ExpectTrue((file = XFOPEN(ecPemPkcs8File, "rb")) != XBADFILE); ExpectNotNull(XMEMSET(pkcs8_buffer, 0, sizeof(pkcs8_buffer))); ExpectIntGT((bytes = (int)XFREAD(pkcs8_buffer, 1, sizeof(pkcs8_buffer), file)), 0); if (file != XBADFILE) { XFCLOSE(file); file = XBADFILE; } #if defined(OPENSSL_ALL) && \ !defined(NO_BIO) && !defined(NO_PWDBASED) && defined(HAVE_PKCS8) && \ defined(HAVE_AES_CBC) ExpectNotNull(bio = BIO_new(BIO_s_mem())); /* Write PKCS#8 PEM to BIO. */ ExpectIntEQ(PEM_write_bio_PKCS8PrivateKey(bio, pkey, NULL, NULL, 0, NULL, NULL), bytes); /* Compare file and written data */ ExpectIntEQ(BIO_get_mem_data(bio, &p), bytes); ExpectIntEQ(XMEMCMP(p, pkcs8_buffer, bytes), 0); BIO_free(bio); bio = NULL; ExpectNotNull(bio = BIO_new(BIO_s_mem())); /* Write Encrypted PKCS#8 PEM to BIO. */ bytes = 379; ExpectIntEQ(PEM_write_bio_PKCS8PrivateKey(bio, pkey, EVP_aes_256_cbc(), NULL, 0, PasswordCallBack, (void*)"yassl123"), bytes); ExpectNotNull(evpPkey = PEM_read_bio_PrivateKey(bio, NULL, PasswordCallBack, (void*)"yassl123")); EVP_PKEY_free(evpPkey); evpPkey = NULL; BIO_free(bio); bio = NULL; #endif /* OPENSSL_ALL && !NO_BIO && !NO_PWDBASED && HAVE_PKCS8 && HAVE_AES_CBC */ EVP_PKEY_free(pkey); pkey = NULL; /* PKCS#8 encrypted EC key */ #ifndef NO_DES3 ExpectTrue((file = XFOPEN(ecDerPkcs8EncFile, "rb")) != XBADFILE); ExpectNotNull(XMEMSET(pkcs8_buffer, 0, sizeof(pkcs8_buffer))); ExpectIntGT((bytes = (int)XFREAD(pkcs8_buffer, 1, sizeof(pkcs8_buffer), file)), 0); if (file != XBADFILE) { XFCLOSE(file); file = XBADFILE; } #if defined(OPENSSL_ALL) && \ !defined(NO_BIO) && !defined(NO_PWDBASED) && defined(HAVE_PKCS8) ExpectNotNull(bio = BIO_new_mem_buf((void*)pkcs8_buffer, bytes)); ExpectNotNull(pkey = d2i_PKCS8PrivateKey_bio(bio, NULL, PasswordCallBack, (void*)"yassl123")); EVP_PKEY_free(pkey); pkey = NULL; BIO_free(bio); bio = NULL; #endif /* OPENSSL_ALL && !NO_BIO && !NO_PWDBASED && HAVE_PKCS8 */ #endif /* !NO_DES3 */ #endif /* HAVE_ECC */ #endif /* !NO_FILESYSTEM */ #endif /* HAVE_FIPS && OPENSSL_EXTRA */ return EXPECT_RESULT(); } #if defined(ERROR_QUEUE_PER_THREAD) && !defined(NO_ERROR_QUEUE) && \ defined(OPENSSL_EXTRA) && defined(DEBUG_WOLFSSL) #define LOGGING_THREADS 5 #define ERROR_COUNT 10 /* copied from logging.c since this is not exposed otherwise */ #ifndef ERROR_QUEUE_MAX #ifdef ERROR_QUEUE_PER_THREAD #define ERROR_QUEUE_MAX 16 #else /* this breaks from compat of unlimited error queue size */ #define ERROR_QUEUE_MAX 100 #endif #endif static volatile int loggingThreadsReady; static THREAD_RETURN WOLFSSL_THREAD test_logging(void* args) { const char* file; int line; unsigned long err; int errorCount = 0; int i; (void)args; while (!loggingThreadsReady); for (i = 0; i < ERROR_COUNT; i++) ERR_put_error(ERR_LIB_PEM, SYS_F_ACCEPT, -990 - i, __FILE__, __LINE__); while ((err = ERR_get_error_line(&file, &line))) { AssertIntEQ(err, 990 + errorCount); errorCount++; } AssertIntEQ(errorCount, ERROR_COUNT); /* test max queue behavior, trying to add an arbitrary 3 errors over */ ERR_clear_error(); /* ERR_get_error_line() does not remove */ errorCount = 0; for (i = 0; i < ERROR_QUEUE_MAX + 3; i++) ERR_put_error(ERR_LIB_PEM, SYS_F_ACCEPT, -990 - i, __FILE__, __LINE__); while ((err = ERR_get_error_line(&file, &line))) { AssertIntEQ(err, 990 + errorCount); errorCount++; } /* test that the 3 errors over the max were dropped */ AssertIntEQ(errorCount, ERROR_QUEUE_MAX); WOLFSSL_RETURN_FROM_THREAD(0); } #endif static int test_error_queue_per_thread(void) { int res = TEST_SKIPPED; #if defined(ERROR_QUEUE_PER_THREAD) && !defined(NO_ERROR_QUEUE) && \ defined(OPENSSL_EXTRA) && defined(DEBUG_WOLFSSL) THREAD_TYPE loggingThreads[LOGGING_THREADS]; int i; ERR_clear_error(); /* clear out any error nodes */ loggingThreadsReady = 0; for (i = 0; i < LOGGING_THREADS; i++) start_thread(test_logging, NULL, &loggingThreads[i]); loggingThreadsReady = 1; for (i = 0; i < LOGGING_THREADS; i++) join_thread(loggingThreads[i]); res = TEST_SUCCESS; #endif return res; } static int test_wolfSSL_ERR_put_error(void) { EXPECT_DECLS; #if !defined(NO_ERROR_QUEUE) && defined(OPENSSL_EXTRA) && \ defined(DEBUG_WOLFSSL) const char* file; int line; ERR_clear_error(); /* clear out any error nodes */ ERR_put_error(0,SYS_F_ACCEPT, 0, "this file", 0); ExpectIntEQ(ERR_get_error_line(&file, &line), 0); ERR_put_error(0,SYS_F_BIND, 1, "this file", 1); ExpectIntEQ(ERR_get_error_line(&file, &line), 1); ERR_put_error(0,SYS_F_CONNECT, 2, "this file", 2); ExpectIntEQ(ERR_get_error_line(&file, &line), 2); ERR_put_error(0,SYS_F_FOPEN, 3, "this file", 3); ExpectIntEQ(ERR_get_error_line(&file, &line), 3); ERR_put_error(0,SYS_F_FREAD, 4, "this file", 4); ExpectIntEQ(ERR_get_error_line(&file, &line), 4); ERR_put_error(0,SYS_F_GETADDRINFO, 5, "this file", 5); ExpectIntEQ(ERR_get_error_line(&file, &line), 5); ERR_put_error(0,SYS_F_GETSOCKOPT, 6, "this file", 6); ExpectIntEQ(ERR_get_error_line(&file, &line), 6); ERR_put_error(0,SYS_F_GETSOCKNAME, 7, "this file", 7); ExpectIntEQ(ERR_get_error_line(&file, &line), 7); ERR_put_error(0,SYS_F_GETHOSTBYNAME, 8, "this file", 8); ExpectIntEQ(ERR_get_error_line(&file, &line), 8); ERR_put_error(0,SYS_F_GETNAMEINFO, 9, "this file", 9); ExpectIntEQ(ERR_get_error_line(&file, &line), 9); ERR_put_error(0,SYS_F_GETSERVBYNAME, 10, "this file", 10); ExpectIntEQ(ERR_get_error_line(&file, &line), 10); ERR_put_error(0,SYS_F_IOCTLSOCKET, 11, "this file", 11); ExpectIntEQ(ERR_get_error_line(&file, &line), 11); ERR_put_error(0,SYS_F_LISTEN, 12, "this file", 12); ExpectIntEQ(ERR_get_error_line(&file, &line), 12); ERR_put_error(0,SYS_F_OPENDIR, 13, "this file", 13); ExpectIntEQ(ERR_get_error_line(&file, &line), 13); ERR_put_error(0,SYS_F_SETSOCKOPT, 14, "this file", 14); ExpectIntEQ(ERR_get_error_line(&file, &line), 14); ERR_put_error(0,SYS_F_SOCKET, 15, "this file", 15); ExpectIntEQ(ERR_get_error_line(&file, &line), 15); #if defined(OPENSSL_ALL) && defined(WOLFSSL_PYTHON) ERR_put_error(ERR_LIB_ASN1, SYS_F_ACCEPT, ASN1_R_HEADER_TOO_LONG, "this file", 100); ExpectIntEQ(wolfSSL_ERR_peek_last_error_line(&file, &line), (ERR_LIB_ASN1 << 24) | ASN1_R_HEADER_TOO_LONG); ExpectIntEQ(line, 100); ExpectIntEQ(wolfSSL_ERR_peek_error(), (ERR_LIB_ASN1 << 24) | ASN1_R_HEADER_TOO_LONG); ExpectIntEQ(ERR_get_error_line(&file, &line), ASN1_R_HEADER_TOO_LONG); #endif /* try reading past end of error queue */ file = NULL; ExpectIntEQ(ERR_get_error_line(&file, &line), 0); ExpectNull(file); ExpectIntEQ(ERR_get_error_line_data(&file, &line, NULL, NULL), 0); PEMerr(4,4); ExpectIntEQ(ERR_get_error(), 4); /* Empty and free up all error nodes */ ERR_clear_error(); /* Verify all nodes are cleared */ ERR_put_error(0,SYS_F_ACCEPT, 0, "this file", 0); ERR_clear_error(); ExpectIntEQ(ERR_get_error_line(&file, &line), 0); #endif return EXPECT_RESULT(); } /* * This is a regression test for a bug where the peek/get error functions were * drawing from the end of the queue rather than the front. */ static int test_wolfSSL_ERR_get_error_order(void) { EXPECT_DECLS; #if defined(WOLFSSL_HAVE_ERROR_QUEUE) && defined(OPENSSL_EXTRA) /* Empty the queue. */ wolfSSL_ERR_clear_error(); wolfSSL_ERR_put_error(0, 0, ASN_NO_SIGNER_E, "test", 0); wolfSSL_ERR_put_error(0, 0, ASN_SELF_SIGNED_E, "test", 0); ExpectIntEQ(wolfSSL_ERR_peek_error(), -ASN_NO_SIGNER_E); ExpectIntEQ(wolfSSL_ERR_get_error(), -ASN_NO_SIGNER_E); ExpectIntEQ(wolfSSL_ERR_peek_error(), -ASN_SELF_SIGNED_E); ExpectIntEQ(wolfSSL_ERR_get_error(), -ASN_SELF_SIGNED_E); #endif /* WOLFSSL_HAVE_ERROR_QUEUE && OPENSSL_EXTRA */ return EXPECT_RESULT(); } #ifndef NO_BIO static int test_wolfSSL_ERR_print_errors(void) { EXPECT_DECLS; #if !defined(NO_ERROR_QUEUE) && defined(OPENSSL_EXTRA) && \ defined(DEBUG_WOLFSSL) && !defined(NO_ERROR_STRINGS) BIO* bio = NULL; char buf[1024]; ExpectNotNull(bio = BIO_new(BIO_s_mem())); ERR_clear_error(); /* clear out any error nodes */ ERR_put_error(0,SYS_F_ACCEPT, -173, "ssl.c", 0); /* Choosing -600 as an unused errno. */ ERR_put_error(0,SYS_F_BIND, -600, "asn.c", 100); ERR_print_errors(bio); ExpectIntEQ(BIO_gets(bio, buf, sizeof(buf)), 56); ExpectIntEQ(XSTRNCMP( "error:173:wolfSSL library:Bad function argument:ssl.c:0", buf, 55), 0); ExpectIntEQ(BIO_gets(bio, buf, sizeof(buf)), 57); ExpectIntEQ(XSTRNCMP( "error:600:wolfSSL library:unknown error number:asn.c:100", buf, 56), 0); ExpectIntEQ(BIO_gets(bio, buf, sizeof(buf)), 1); ExpectIntEQ(buf[0], '\0'); ExpectIntEQ(ERR_get_error_line(NULL, NULL), 0); BIO_free(bio); #endif return EXPECT_RESULT(); } #if !defined(NO_ERROR_QUEUE) && defined(OPENSSL_EXTRA) && \ defined(DEBUG_WOLFSSL) static int test_wolfSSL_error_cb(const char *str, size_t len, void *u) { wolfSSL_BIO_write((BIO*)u, str, (int)len); return 0; } #endif static int test_wolfSSL_ERR_print_errors_cb(void) { EXPECT_DECLS; #if !defined(NO_ERROR_QUEUE) && defined(OPENSSL_EXTRA) && \ defined(DEBUG_WOLFSSL) BIO* bio = NULL; char buf[1024]; ExpectNotNull(bio = BIO_new(BIO_s_mem())); ERR_clear_error(); /* clear out any error nodes */ ERR_put_error(0,SYS_F_ACCEPT, -173, "ssl.c", 0); ERR_put_error(0,SYS_F_BIND, -275, "asn.c", 100); ERR_print_errors_cb(test_wolfSSL_error_cb, bio); ExpectIntEQ(BIO_gets(bio, buf, sizeof(buf)), 108); ExpectIntEQ(XSTRNCMP( "wolfSSL error occurred, error = 173 line:0 file:ssl.c", buf, 53), 0); ExpectIntEQ(XSTRNCMP( "wolfSSL error occurred, error = 275 line:100 file:asn.c", buf + 53, 55), 0); ExpectIntEQ(BIO_gets(bio, buf, sizeof(buf)), 0); BIO_free(bio); #endif return EXPECT_RESULT(); } /* * Testing WOLFSSL_ERROR_MSG */ static int test_WOLFSSL_ERROR_MSG(void) { int res = TEST_SKIPPED; #if defined(DEBUG_WOLFSSL) || defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) ||\ defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) const char* msg = TEST_STRING; WOLFSSL_ERROR_MSG(msg); res = TEST_SUCCESS; #endif return res; } /* End test_WOLFSSL_ERROR_MSG */ /* * Testing wc_ERR_remove_state */ static int test_wc_ERR_remove_state(void) { int res = TEST_SKIPPED; #if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) wc_ERR_remove_state(); res = TEST_SUCCESS; #endif return res; } /* End test_wc_ERR_remove_state */ /* * Testing wc_ERR_print_errors_fp */ static int test_wc_ERR_print_errors_fp(void) { EXPECT_DECLS; #if (defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)) && \ (!defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)) long sz; XFILE fp = XBADFILE; WOLFSSL_ERROR(BAD_FUNC_ARG); ExpectTrue((fp = XFOPEN("./tests/test-log-dump-to-file.txt", "ar")) != XBADFILE); wc_ERR_print_errors_fp(fp); #if defined(DEBUG_WOLFSSL) ExpectTrue(XFSEEK(fp, 0, XSEEK_END) == 0); #ifdef NO_ERROR_QUEUE ExpectIntEQ(sz = XFTELL(fp), 0); #else ExpectIntNE(sz = XFTELL(fp), 0); #endif #endif if (fp != XBADFILE) XFCLOSE(fp); (void)sz; #endif return EXPECT_RESULT(); } /* End test_wc_ERR_print_errors_fp */ #ifdef DEBUG_WOLFSSL static void Logging_cb(const int logLevel, const char *const logMessage) { (void)logLevel; (void)logMessage; } #endif /* * Testing wolfSSL_GetLoggingCb */ static int test_wolfSSL_GetLoggingCb(void) { EXPECT_DECLS; #ifdef DEBUG_WOLFSSL /* Testing without wolfSSL_SetLoggingCb() */ ExpectNull(wolfSSL_GetLoggingCb()); /* Testing with wolfSSL_SetLoggingCb() */ ExpectIntEQ(wolfSSL_SetLoggingCb(Logging_cb), 0); ExpectNotNull(wolfSSL_GetLoggingCb()); ExpectIntEQ(wolfSSL_SetLoggingCb(NULL), 0); #endif ExpectNull(wolfSSL_GetLoggingCb()); return EXPECT_RESULT(); } /* End test_wolfSSL_GetLoggingCb */ #endif /* !NO_BIO */ static int test_wolfSSL_MD4(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_MD4) MD4_CTX md4; unsigned char out[16]; /* MD4_DIGEST_SIZE */ const char* msg = "12345678901234567890123456789012345678901234567890123456" "789012345678901234567890"; const char* test = "\xe3\x3b\x4d\xdc\x9c\x38\xf2\x19\x9c\x3e\x7b\x16\x4f" "\xcc\x05\x36"; int msgSz = (int)XSTRLEN(msg); XMEMSET(out, 0, sizeof(out)); MD4_Init(&md4); MD4_Update(&md4, (const void*)msg, (unsigned long)msgSz); MD4_Final(out, &md4); ExpectIntEQ(XMEMCMP(out, test, sizeof(out)), 0); #endif return EXPECT_RESULT(); } static int test_wolfSSL_MD5(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_MD5) byte input1[] = ""; byte input2[] = "message digest"; byte hash[WC_MD5_DIGEST_SIZE]; unsigned char output1[] = "\xd4\x1d\x8c\xd9\x8f\x00\xb2\x04\xe9\x80\x09\x98\xec\xf8\x42\x7e"; unsigned char output2[] = "\xf9\x6b\x69\x7d\x7c\xb7\x93\x8d\x52\x5a\x2f\x31\xaa\xf1\x61\xd0"; WOLFSSL_MD5_CTX md5; XMEMSET(&md5, 0, sizeof(md5)); /* Test cases for illegal parameters */ ExpectIntEQ(MD5_Init(NULL), 0); ExpectIntEQ(MD5_Init(&md5), 1); ExpectIntEQ(MD5_Update(NULL, input1, 0), 0); ExpectIntEQ(MD5_Update(NULL, NULL, 0), 0); ExpectIntEQ(MD5_Update(&md5, NULL, 1), 0); ExpectIntEQ(MD5_Final(NULL, &md5), 0); ExpectIntEQ(MD5_Final(hash, NULL), 0); ExpectIntEQ(MD5_Final(NULL, NULL), 0); /* Init MD5 CTX */ ExpectIntEQ(wolfSSL_MD5_Init(&md5), 1); ExpectIntEQ(wolfSSL_MD5_Update(&md5, input1, XSTRLEN((const char*)&input1)), 1); ExpectIntEQ(wolfSSL_MD5_Final(hash, &md5), 1); ExpectIntEQ(XMEMCMP(&hash, output1, WC_MD5_DIGEST_SIZE), 0); /* Init MD5 CTX */ ExpectIntEQ(wolfSSL_MD5_Init(&md5), 1); ExpectIntEQ(wolfSSL_MD5_Update(&md5, input2, (int)XSTRLEN((const char*)input2)), 1); ExpectIntEQ(wolfSSL_MD5_Final(hash, &md5), 1); ExpectIntEQ(XMEMCMP(&hash, output2, WC_MD5_DIGEST_SIZE), 0); #if !defined(NO_OLD_NAMES) && \ (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))) ExpectPtrNE(MD5(NULL, 1, (byte*)&hash), &hash); ExpectPtrEq(MD5(input1, 0, (byte*)&hash), &hash); ExpectPtrNE(MD5(input1, 1, NULL), NULL); ExpectPtrNE(MD5(NULL, 0, NULL), NULL); ExpectPtrEq(MD5(input1, (int)XSTRLEN((const char*)&input1), (byte*)&hash), &hash); ExpectIntEQ(XMEMCMP(&hash, output1, WC_MD5_DIGEST_SIZE), 0); ExpectPtrEq(MD5(input2, (int)XSTRLEN((const char*)&input2), (byte*)&hash), &hash); ExpectIntEQ(XMEMCMP(&hash, output2, WC_MD5_DIGEST_SIZE), 0); { byte data[] = "Data to be hashed."; XMEMSET(hash, 0, WC_MD5_DIGEST_SIZE); ExpectNotNull(MD5(data, sizeof(data), NULL)); ExpectNotNull(MD5(data, sizeof(data), hash)); ExpectNotNull(MD5(NULL, 0, hash)); ExpectNull(MD5(NULL, sizeof(data), hash)); } #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_MD5_Transform(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_MD5) byte input1[] = ""; byte input2[] = "abc"; byte local[WC_MD5_BLOCK_SIZE]; word32 sLen = 0; #ifdef BIG_ENDIAN_ORDER unsigned char output1[] = "\x03\x1f\x1d\xac\x6e\xa5\x8e\xd0\x1f\xab\x67\xb7\x74\x31\x77\x91"; unsigned char output2[] = "\xef\xd3\x79\x8d\x67\x17\x25\x90\xa4\x13\x79\xc7\xe3\xa7\x7b\xbc"; #else unsigned char output1[] = "\xac\x1d\x1f\x03\xd0\x8e\xa5\x6e\xb7\x67\xab\x1f\x91\x77\x31\x74"; unsigned char output2[] = "\x8d\x79\xd3\xef\x90\x25\x17\x67\xc7\x79\x13\xa4\xbc\x7b\xa7\xe3"; #endif union { wc_Md5 native; MD5_CTX compat; } md5; XMEMSET(&md5.compat, 0, sizeof(md5.compat)); XMEMSET(&local, 0, sizeof(local)); /* sanity check */ ExpectIntEQ(MD5_Transform(NULL, NULL), 0); ExpectIntEQ(MD5_Transform(NULL, (const byte*)&input1), 0); ExpectIntEQ(MD5_Transform(&md5.compat, NULL), 0); ExpectIntEQ(wc_Md5Transform(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Md5Transform(NULL, (const byte*)&input1), BAD_FUNC_ARG); ExpectIntEQ(wc_Md5Transform(&md5.native, NULL), BAD_FUNC_ARG); /* Init MD5 CTX */ ExpectIntEQ(wolfSSL_MD5_Init(&md5.compat), 1); /* Do Transform*/ sLen = (word32)XSTRLEN((char*)input1); XMEMCPY(local, input1, sLen); ExpectIntEQ(MD5_Transform(&md5.compat, (const byte*)&local[0]), 1); ExpectIntEQ(XMEMCMP(md5.native.digest, output1, WC_MD5_DIGEST_SIZE), 0); /* Init MD5 CTX */ ExpectIntEQ(MD5_Init(&md5.compat), 1); sLen = (word32)XSTRLEN((char*)input2); XMEMSET(local, 0, WC_MD5_BLOCK_SIZE); XMEMCPY(local, input2, sLen); ExpectIntEQ(MD5_Transform(&md5.compat, (const byte*)&local[0]), 1); ExpectIntEQ(XMEMCMP(md5.native.digest, output2, WC_MD5_DIGEST_SIZE), 0); #endif return EXPECT_RESULT(); } static int test_wolfSSL_SHA(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(HAVE_SELFTEST) #if !defined(NO_SHA) && defined(NO_OLD_SHA_NAMES) && \ (!defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2)) { const unsigned char in[] = "abc"; unsigned char expected[] = "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E" "\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D"; unsigned char out[WC_SHA_DIGEST_SIZE]; unsigned char* p = NULL; WOLFSSL_SHA_CTX sha; XMEMSET(out, 0, WC_SHA_DIGEST_SIZE); ExpectNotNull(SHA1(in, XSTRLEN((char*)in), out)); ExpectIntEQ(XMEMCMP(out, expected, WC_SHA_DIGEST_SIZE), 0); /* SHA interface test */ XMEMSET(out, 0, WC_SHA_DIGEST_SIZE); ExpectNull(SHA(NULL, XSTRLEN((char*)in), out)); ExpectNotNull(SHA(in, 0, out)); ExpectNotNull(SHA(in, XSTRLEN((char*)in), NULL)); ExpectNotNull(SHA(NULL, 0, out)); ExpectNotNull(SHA(NULL, 0, NULL)); ExpectNotNull(SHA(in, XSTRLEN((char*)in), out)); ExpectIntEQ(XMEMCMP(out, expected, WC_SHA_DIGEST_SIZE), 0); ExpectNotNull(p = SHA(in, XSTRLEN((char*)in), NULL)); ExpectIntEQ(XMEMCMP(p, expected, WC_SHA_DIGEST_SIZE), 0); ExpectIntEQ(wolfSSL_SHA_Init(&sha), 1); ExpectIntEQ(wolfSSL_SHA_Update(&sha, in, XSTRLEN((char*)in)), 1); ExpectIntEQ(wolfSSL_SHA_Final(out, &sha), 1); ExpectIntEQ(XMEMCMP(out, expected, WC_SHA_DIGEST_SIZE), 0); ExpectIntEQ(wolfSSL_SHA1_Init(&sha), 1); ExpectIntEQ(wolfSSL_SHA1_Update(&sha, in, XSTRLEN((char*)in)), 1); ExpectIntEQ(wolfSSL_SHA1_Final(out, &sha), 1); ExpectIntEQ(XMEMCMP(out, expected, WC_SHA_DIGEST_SIZE), 0); } #endif #if !defined(NO_SHA256) { const unsigned char in[] = "abc"; unsigned char expected[] = "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22" "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00" "\x15\xAD"; unsigned char out[WC_SHA256_DIGEST_SIZE]; unsigned char* p = NULL; XMEMSET(out, 0, WC_SHA256_DIGEST_SIZE); #if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS) ExpectNotNull(SHA256(in, XSTRLEN((char*)in), out)); #else ExpectNotNull(wolfSSL_SHA256(in, XSTRLEN((char*)in), out)); #endif ExpectIntEQ(XMEMCMP(out, expected, WC_SHA256_DIGEST_SIZE), 0); #if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS) ExpectNotNull(p = SHA256(in, XSTRLEN((char*)in), NULL)); #else ExpectNotNull(p = wolfSSL_SHA256(in, XSTRLEN((char*)in), NULL)); #endif ExpectIntEQ(XMEMCMP(p, expected, WC_SHA256_DIGEST_SIZE), 0); } #endif #if defined(WOLFSSL_SHA384) { const unsigned char in[] = "abc"; unsigned char expected[] = "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50" "\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff" "\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34" "\xc8\x25\xa7"; unsigned char out[WC_SHA384_DIGEST_SIZE]; unsigned char* p = NULL; XMEMSET(out, 0, WC_SHA384_DIGEST_SIZE); #if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS) ExpectNotNull(SHA384(in, XSTRLEN((char*)in), out)); #else ExpectNotNull(wolfSSL_SHA384(in, XSTRLEN((char*)in), out)); #endif ExpectIntEQ(XMEMCMP(out, expected, WC_SHA384_DIGEST_SIZE), 0); #if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS) ExpectNotNull(p = SHA384(in, XSTRLEN((char*)in), NULL)); #else ExpectNotNull(p = wolfSSL_SHA384(in, XSTRLEN((char*)in), NULL)); #endif ExpectIntEQ(XMEMCMP(p, expected, WC_SHA384_DIGEST_SIZE), 0); } #endif #if defined(WOLFSSL_SHA512) { const unsigned char in[] = "abc"; unsigned char expected[] = "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41" "\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b\x55" "\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c\x23\xa3" "\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a\x9a\xc9\x4f" "\xa5\x4c\xa4\x9f"; unsigned char out[WC_SHA512_DIGEST_SIZE]; unsigned char* p = NULL; XMEMSET(out, 0, WC_SHA512_DIGEST_SIZE); #if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS) ExpectNotNull(SHA512(in, XSTRLEN((char*)in), out)); #else ExpectNotNull(wolfSSL_SHA512(in, XSTRLEN((char*)in), out)); #endif ExpectIntEQ(XMEMCMP(out, expected, WC_SHA512_DIGEST_SIZE), 0); #if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS) ExpectNotNull(p = SHA512(in, XSTRLEN((char*)in), NULL)); #else ExpectNotNull(p = wolfSSL_SHA512(in, XSTRLEN((char*)in), NULL)); #endif ExpectIntEQ(XMEMCMP(p, expected, WC_SHA512_DIGEST_SIZE), 0); } #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_SHA_Transform(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_SHA) #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) byte input1[] = ""; byte input2[] = "abc"; byte local[WC_SHA_BLOCK_SIZE]; word32 sLen = 0; #ifdef BIG_ENDIAN_ORDER unsigned char output1[] = "\x92\xb4\x04\xe5\x56\x58\x8c\xed\x6c\x1a\xcd\x4e\xbf\x05\x3f\x68" "\x09\xf7\x3a\x93"; unsigned char output2[] = "\x97\xb2\x74\x8b\x4f\x5b\xbc\xca\x5b\xc0\xe6\xea\x2d\x40\xb4\xa0" "\x7c\x6e\x08\xb8"; #else unsigned char output1[] = "\xe5\x04\xb4\x92\xed\x8c\x58\x56\x4e\xcd\x1a\x6c\x68\x3f\x05\xbf" "\x93\x3a\xf7\x09"; unsigned char output2[] = "\x8b\x74\xb2\x97\xca\xbc\x5b\x4f\xea\xe6\xc0\x5b\xa0\xb4\x40\x2d" "\xb8\x08\x6e\x7c"; #endif union { wc_Sha native; SHA_CTX compat; } sha; union { wc_Sha native; SHA_CTX compat; } sha1; XMEMSET(&sha.compat, 0, sizeof(sha.compat)); XMEMSET(&local, 0, sizeof(local)); /* sanity check */ ExpectIntEQ(SHA_Transform(NULL, NULL), 0); ExpectIntEQ(SHA_Transform(NULL, (const byte*)&input1), 0); ExpectIntEQ(SHA_Transform(&sha.compat, NULL), 0); ExpectIntEQ(SHA1_Transform(NULL, NULL), 0); ExpectIntEQ(SHA1_Transform(NULL, (const byte*)&input1), 0); ExpectIntEQ(SHA1_Transform(&sha.compat, NULL), 0); ExpectIntEQ(wc_ShaTransform(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_ShaTransform(NULL, (const byte*)&input1), BAD_FUNC_ARG); ExpectIntEQ(wc_ShaTransform(&sha.native, NULL), BAD_FUNC_ARG); /* Init SHA CTX */ ExpectIntEQ(SHA_Init(&sha.compat), 1); /* Do Transform*/ sLen = (word32)XSTRLEN((char*)input1); XMEMCPY(local, input1, sLen); ExpectIntEQ(SHA_Transform(&sha.compat, (const byte*)&local[0]), 1); ExpectIntEQ(XMEMCMP(sha.native.digest, output1, WC_SHA_DIGEST_SIZE), 0); ExpectIntEQ(SHA_Final(local, &sha.compat), 1); /* frees resources */ /* Init SHA CTX */ ExpectIntEQ(SHA_Init(&sha.compat), 1); sLen = (word32)XSTRLEN((char*)input2); XMEMSET(local, 0, WC_SHA_BLOCK_SIZE); XMEMCPY(local, input2, sLen); ExpectIntEQ(SHA_Transform(&sha.compat, (const byte*)&local[0]), 1); ExpectIntEQ(XMEMCMP(sha.native.digest, output2, WC_SHA_DIGEST_SIZE), 0); ExpectIntEQ(SHA_Final(local, &sha.compat), 1); /* frees resources */ /* SHA1 */ XMEMSET(local, 0, WC_SHA_BLOCK_SIZE); /* Init SHA CTX */ ExpectIntEQ(SHA1_Init(&sha1.compat), 1); /* Do Transform*/ sLen = (word32)XSTRLEN((char*)input1); XMEMCPY(local, input1, sLen); ExpectIntEQ(SHA1_Transform(&sha1.compat, (const byte*)&local[0]), 1); ExpectIntEQ(XMEMCMP(sha1.native.digest, output1, WC_SHA_DIGEST_SIZE), 0); ExpectIntEQ(SHA1_Final(local, &sha1.compat), 1); /* frees resources */ /* Init SHA CTX */ ExpectIntEQ(SHA1_Init(&sha1.compat), 1); sLen = (word32)XSTRLEN((char*)input2); XMEMSET(local, 0, WC_SHA_BLOCK_SIZE); XMEMCPY(local, input2, sLen); ExpectIntEQ(SHA1_Transform(&sha1.compat, (const byte*)&local[0]), 1); ExpectIntEQ(XMEMCMP(sha1.native.digest, output2, WC_SHA_DIGEST_SIZE), 0); ExpectIntEQ(SHA_Final(local, &sha1.compat), 1); /* frees resources */ #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_SHA224(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA224) && \ !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2)) unsigned char input[] = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; unsigned char output[] = "\x75\x38\x8b\x16\x51\x27\x76\xcc\x5d\xba\x5d\xa1\xfd\x89\x01" "\x50\xb0\xc6\x45\x5c\xb4\xf5\x8b\x19\x52\x52\x25\x25"; size_t inLen; byte hash[WC_SHA224_DIGEST_SIZE]; unsigned char* p; inLen = XSTRLEN((char*)input); XMEMSET(hash, 0, WC_SHA224_DIGEST_SIZE); ExpectNull(SHA224(NULL, inLen, hash)); ExpectNotNull(SHA224(input, 0, hash)); ExpectNotNull(SHA224(input, inLen, NULL)); ExpectNotNull(SHA224(NULL, 0, hash)); ExpectNotNull(SHA224(NULL, 0, NULL)); ExpectNotNull(SHA224(input, inLen, hash)); ExpectIntEQ(XMEMCMP(hash, output, WC_SHA224_DIGEST_SIZE), 0); ExpectNotNull(p = SHA224(input, inLen, NULL)); ExpectIntEQ(XMEMCMP(p, output, WC_SHA224_DIGEST_SIZE), 0); #endif return EXPECT_RESULT(); } static int test_wolfSSL_SHA256(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_SHA256) && \ defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) unsigned char input[] = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; unsigned char output[] = "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60" "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB" "\x06\xC1"; size_t inLen; byte hash[WC_SHA256_DIGEST_SIZE]; inLen = XSTRLEN((char*)input); XMEMSET(hash, 0, WC_SHA256_DIGEST_SIZE); ExpectNotNull(SHA256(input, inLen, hash)); ExpectIntEQ(XMEMCMP(hash, output, WC_SHA256_DIGEST_SIZE), 0); #endif return EXPECT_RESULT(); } static int test_wolfSSL_SHA256_Transform(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_SHA256) #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \ !defined(WOLFSSL_DEVCRYPTO_HASH) && !defined(WOLFSSL_AFALG_HASH) && \ !defined(WOLFSSL_KCAPI_HASH) byte input1[] = ""; byte input2[] = "abc"; byte local[WC_SHA256_BLOCK_SIZE]; word32 sLen = 0; #ifdef BIG_ENDIAN_ORDER unsigned char output1[] = "\xda\x56\x98\xbe\x17\xb9\xb4\x69\x62\x33\x57\x99\x77\x9f\xbe\xca" "\x8c\xe5\xd4\x91\xc0\xd2\x62\x43\xba\xfe\xf9\xea\x18\x37\xa9\xd8"; unsigned char output2[] = "\x1d\x4e\xd4\x67\x67\x7c\x61\x67\x44\x10\x76\x26\x78\x10\xff\xb8" "\x40\xc8\x9a\x39\x73\x16\x60\x8c\xa6\x61\xd6\x05\x91\xf2\x8c\x35"; #else unsigned char output1[] = "\xbe\x98\x56\xda\x69\xb4\xb9\x17\x99\x57\x33\x62\xca\xbe\x9f\x77" "\x91\xd4\xe5\x8c\x43\x62\xd2\xc0\xea\xf9\xfe\xba\xd8\xa9\x37\x18"; unsigned char output2[] = "\x67\xd4\x4e\x1d\x67\x61\x7c\x67\x26\x76\x10\x44\xb8\xff\x10\x78" "\x39\x9a\xc8\x40\x8c\x60\x16\x73\x05\xd6\x61\xa6\x35\x8c\xf2\x91"; #endif union { wc_Sha256 native; SHA256_CTX compat; } sha256; XMEMSET(&sha256.compat, 0, sizeof(sha256.compat)); XMEMSET(&local, 0, sizeof(local)); /* sanity check */ ExpectIntEQ(SHA256_Transform(NULL, NULL), 0); ExpectIntEQ(SHA256_Transform(NULL, (const byte*)&input1), 0); ExpectIntEQ(SHA256_Transform(&sha256.compat, NULL), 0); ExpectIntEQ(wc_Sha256Transform(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha256Transform(NULL, (const byte*)&input1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha256Transform(&sha256.native, NULL), BAD_FUNC_ARG); /* Init SHA256 CTX */ ExpectIntEQ(SHA256_Init(&sha256.compat), 1); /* Do Transform*/ sLen = (word32)XSTRLEN((char*)input1); XMEMCPY(local, input1, sLen); ExpectIntEQ(SHA256_Transform(&sha256.compat, (const byte*)&local[0]), 1); ExpectIntEQ(XMEMCMP(sha256.native.digest, output1, WC_SHA256_DIGEST_SIZE), 0); ExpectIntEQ(SHA256_Final(local, &sha256.compat), 1); /* frees resources */ /* Init SHA256 CTX */ ExpectIntEQ(SHA256_Init(&sha256.compat), 1); sLen = (word32)XSTRLEN((char*)input2); XMEMSET(local, 0, WC_SHA256_BLOCK_SIZE); XMEMCPY(local, input2, sLen); ExpectIntEQ(SHA256_Transform(&sha256.compat, (const byte*)&local[0]), 1); ExpectIntEQ(XMEMCMP(sha256.native.digest, output2, WC_SHA256_DIGEST_SIZE), 0); ExpectIntEQ(SHA256_Final(local, &sha256.compat), 1); /* frees resources */ #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_SHA512_Transform(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA512) #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \ !defined(WOLFSSL_KCAPI_HASH) byte input1[] = ""; byte input2[] = "abc"; byte local[WC_SHA512_BLOCK_SIZE]; word32 sLen = 0; #ifdef BIG_ENDIAN_ORDER unsigned char output1[] = "\xcf\x78\x81\xd5\x77\x4a\xcb\xe8\x53\x33\x62\xe0\xfb\xc7\x80\x70" "\x02\x67\x63\x9d\x87\x46\x0e\xda\x30\x86\xcb\x40\xe8\x59\x31\xb0" "\x71\x7d\xc9\x52\x88\xa0\x23\xa3\x96\xba\xb2\xc1\x4c\xe0\xb5\xe0" "\x6f\xc4\xfe\x04\xea\xe3\x3e\x0b\x91\xf4\xd8\x0c\xbd\x66\x8b\xee"; unsigned char output2[] = "\x11\x10\x93\x4e\xeb\xa0\xcc\x0d\xfd\x33\x43\x9c\xfb\x04\xc8\x21" "\xa9\xb4\x26\x3d\xca\xab\x31\x41\xe2\xc6\xaa\xaf\xe1\x67\xd7\xab" "\x31\x8f\x2e\x54\x2c\xba\x4e\x83\xbe\x88\xec\x9d\x8f\x2b\x38\x98" "\x14\xd2\x4e\x9d\x53\x8b\x5e\x4d\xde\x68\x6c\x69\xaf\x20\x96\xf0"; #else unsigned char output1[] = "\xe8\xcb\x4a\x77\xd5\x81\x78\xcf\x70\x80\xc7\xfb\xe0\x62\x33\x53" "\xda\x0e\x46\x87\x9d\x63\x67\x02\xb0\x31\x59\xe8\x40\xcb\x86\x30" "\xa3\x23\xa0\x88\x52\xc9\x7d\x71\xe0\xb5\xe0\x4c\xc1\xb2\xba\x96" "\x0b\x3e\xe3\xea\x04\xfe\xc4\x6f\xee\x8b\x66\xbd\x0c\xd8\xf4\x91"; unsigned char output2[] = "\x0d\xcc\xa0\xeb\x4e\x93\x10\x11\x21\xc8\x04\xfb\x9c\x43\x33\xfd" "\x41\x31\xab\xca\x3d\x26\xb4\xa9\xab\xd7\x67\xe1\xaf\xaa\xc6\xe2" "\x83\x4e\xba\x2c\x54\x2e\x8f\x31\x98\x38\x2b\x8f\x9d\xec\x88\xbe" "\x4d\x5e\x8b\x53\x9d\x4e\xd2\x14\xf0\x96\x20\xaf\x69\x6c\x68\xde"; #endif union { wc_Sha512 native; SHA512_CTX compat; } sha512; XMEMSET(&sha512.compat, 0, sizeof(sha512.compat)); XMEMSET(&local, 0, sizeof(local)); /* sanity check */ ExpectIntEQ(SHA512_Transform(NULL, NULL), 0); ExpectIntEQ(SHA512_Transform(NULL, (const byte*)&input1), 0); ExpectIntEQ(SHA512_Transform(&sha512.compat, NULL), 0); ExpectIntEQ(wc_Sha512Transform(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha512Transform(NULL, (const byte*)&input1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha512Transform(&sha512.native, NULL), BAD_FUNC_ARG); /* Init SHA512 CTX */ ExpectIntEQ(wolfSSL_SHA512_Init(&sha512.compat), 1); /* Do Transform*/ sLen = (word32)XSTRLEN((char*)input1); XMEMCPY(local, input1, sLen); ExpectIntEQ(SHA512_Transform(&sha512.compat, (const byte*)&local[0]), 1); ExpectIntEQ(XMEMCMP(sha512.native.digest, output1, WC_SHA512_DIGEST_SIZE), 0); ExpectIntEQ(SHA512_Final(local, &sha512.compat), 1); /* frees resources */ /* Init SHA512 CTX */ ExpectIntEQ(SHA512_Init(&sha512.compat), 1); sLen = (word32)XSTRLEN((char*)input2); XMEMSET(local, 0, WC_SHA512_BLOCK_SIZE); XMEMCPY(local, input2, sLen); ExpectIntEQ(SHA512_Transform(&sha512.compat, (const byte*)&local[0]), 1); ExpectIntEQ(XMEMCMP(sha512.native.digest, output2, WC_SHA512_DIGEST_SIZE), 0); ExpectIntEQ(SHA512_Final(local, &sha512.compat), 1); /* frees resources */ (void)input1; #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_SHA512_224_Transform(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA512) && \ !defined(WOLFSSL_NOSHA512_224) #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \ !defined(WOLFSSL_KCAPI_HASH) byte input1[] = ""; byte input2[] = "abc"; byte local[WC_SHA512_BLOCK_SIZE]; word32 sLen = 0; unsigned char output1[] = "\x94\x24\x66\xd4\x60\x3a\xeb\x23\x1d\xa8\x69\x31\x3c\xd2\xde\x11" "\x48\x0f\x4a\x5a\xdf\x3a\x8d\x87\xcf\xcd\xbf\xa5\x03\x21\x50\xf1" "\x8a\x0d\x0f\x0d\x3c\x07\xba\x52\xe0\xaa\x3c\xbb\xf1\xd3\x3f\xca" "\x12\xa7\x61\xf8\x47\xda\x0d\x1b\x79\xc2\x65\x13\x92\xc1\x9c\xa5"; unsigned char output2[] = "\x51\x28\xe7\x0b\xca\x1e\xbc\x5f\xd7\x34\x0b\x48\x30\xd7\xc2\x75" "\x6d\x8d\x48\x2c\x1f\xc7\x9e\x2b\x20\x5e\xbb\x0f\x0e\x4d\xb7\x61" "\x31\x76\x33\xa0\xb4\x3d\x5f\x93\xc1\x73\xac\xf7\x21\xff\x69\x17" "\xce\x66\xe5\x1e\x31\xe7\xf3\x22\x0f\x0b\x34\xd7\x5a\x57\xeb\xbf"; union { wc_Sha512 native; SHA512_CTX compat; } sha512; #ifdef BIG_ENDIAN_ORDER ByteReverseWords64((word64*)output1, (word64*)output1, sizeof(output1)); ByteReverseWords64((word64*)output2, (word64*)output2, sizeof(output2)); #endif XMEMSET(&sha512.compat, 0, sizeof(sha512.compat)); XMEMSET(&local, 0, sizeof(local)); /* sanity check */ ExpectIntEQ(SHA512_224_Transform(NULL, NULL), 0); ExpectIntEQ(SHA512_224_Transform(NULL, (const byte*)&input1), 0); ExpectIntEQ(SHA512_224_Transform(&sha512.compat, NULL), 0); ExpectIntEQ(wc_Sha512_224Transform(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha512_224Transform(NULL, (const byte*)&input1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha512_224Transform(&sha512.native, NULL), BAD_FUNC_ARG); /* Init SHA512 CTX */ ExpectIntEQ(wolfSSL_SHA512_224_Init(&sha512.compat), 1); /* Do Transform*/ sLen = (word32)XSTRLEN((char*)input1); XMEMCPY(local, input1, sLen); ExpectIntEQ(SHA512_224_Transform(&sha512.compat, (const byte*)&local[0]), 1); ExpectIntEQ(XMEMCMP(sha512.native.digest, output1, WC_SHA512_DIGEST_SIZE), 0); /* frees resources */ ExpectIntEQ(SHA512_224_Final(local, &sha512.compat), 1); /* Init SHA512 CTX */ ExpectIntEQ(SHA512_224_Init(&sha512.compat), 1); sLen = (word32)XSTRLEN((char*)input2); XMEMSET(local, 0, WC_SHA512_BLOCK_SIZE); XMEMCPY(local, input2, sLen); ExpectIntEQ(SHA512_224_Transform(&sha512.compat, (const byte*)&local[0]), 1); ExpectIntEQ(XMEMCMP(sha512.native.digest, output2, WC_SHA512_DIGEST_SIZE), 0); /* frees resources */ ExpectIntEQ(SHA512_224_Final(local, &sha512.compat), 1); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_SHA512_256_Transform(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA512) && \ !defined(WOLFSSL_NOSHA512_256) #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \ !defined(WOLFSSL_KCAPI_HASH) byte input1[] = ""; byte input2[] = "abc"; byte local[WC_SHA512_BLOCK_SIZE]; word32 sLen = 0; unsigned char output1[] = "\xf8\x37\x37\x5a\xd7\x2e\x56\xec\xe2\x51\xa8\x31\x3a\xa0\x63\x2b" "\x7e\x7c\x64\xcc\xd9\xff\x2b\x6b\xeb\xc3\xd4\x4d\x7f\x8a\x3a\xb5" "\x61\x85\x0b\x37\x30\x9f\x3b\x08\x5e\x7b\xd3\xbc\x6d\x00\x61\xc0" "\x65\x9a\xd7\x73\xda\x40\xbe\xc1\xe5\x2f\xc6\x5d\xb7\x9f\xbe\x60"; unsigned char output2[] = "\x22\xad\xc0\x30\xee\xd4\x6a\xef\x13\xee\x5a\x95\x8b\x1f\xb7\xb6" "\xb6\xba\xc0\x44\xb8\x18\x3b\xf0\xf6\x4b\x70\x9f\x03\xba\x64\xa1" "\xe1\xe3\x45\x15\x91\x7d\xcb\x0b\x9a\xf0\xd2\x8e\x47\x8b\x37\x78" "\x91\x41\xa6\xc4\xb0\x29\x8f\x8b\xdd\x78\x5c\xf2\x73\x3f\x21\x31"; union { wc_Sha512 native; SHA512_CTX compat; } sha512; #ifdef BIG_ENDIAN_ORDER ByteReverseWords64((word64*)output1, (word64*)output1, sizeof(output1)); ByteReverseWords64((word64*)output2, (word64*)output2, sizeof(output2)); #endif XMEMSET(&sha512.compat, 0, sizeof(sha512.compat)); XMEMSET(&local, 0, sizeof(local)); /* sanity check */ ExpectIntEQ(SHA512_256_Transform(NULL, NULL), 0); ExpectIntEQ(SHA512_256_Transform(NULL, (const byte*)&input1), 0); ExpectIntEQ(SHA512_256_Transform(&sha512.compat, NULL), 0); ExpectIntEQ(wc_Sha512_256Transform(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha512_256Transform(NULL, (const byte*)&input1), BAD_FUNC_ARG); ExpectIntEQ(wc_Sha512_256Transform(&sha512.native, NULL), BAD_FUNC_ARG); /* Init SHA512 CTX */ ExpectIntEQ(wolfSSL_SHA512_256_Init(&sha512.compat), 1); /* Do Transform*/ sLen = (word32)XSTRLEN((char*)input1); XMEMCPY(local, input1, sLen); ExpectIntEQ(SHA512_256_Transform(&sha512.compat, (const byte*)&local[0]), 1); ExpectIntEQ(XMEMCMP(sha512.native.digest, output1, WC_SHA512_DIGEST_SIZE), 0); /* frees resources */ ExpectIntEQ(SHA512_256_Final(local, &sha512.compat), 1); /* Init SHA512 CTX */ ExpectIntEQ(SHA512_256_Init(&sha512.compat), 1); sLen = (word32)XSTRLEN((char*)input2); XMEMSET(local, 0, WC_SHA512_BLOCK_SIZE); XMEMCPY(local, input2, sLen); ExpectIntEQ(SHA512_256_Transform(&sha512.compat, (const byte*)&local[0]), 1); ExpectIntEQ(XMEMCMP(sha512.native.digest, output2, WC_SHA512_DIGEST_SIZE), 0); /* frees resources */ ExpectIntEQ(SHA512_256_Final(local, &sha512.compat), 1); #endif #endif return EXPECT_RESULT(); } #if defined(OPENSSL_EXTRA) && !defined(NO_HMAC) /* helper function for test_wolfSSL_HMAC_CTX, digest size is expected to be a * buffer of 64 bytes. * * returns the size of the digest buffer on success and a negative value on * failure. */ static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest, int* sz) { EXPECT_DECLS; HMAC_CTX ctx1; HMAC_CTX ctx2; unsigned char key[] = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" "\x0b\x0b\x0b\x0b\x0b\x0b\x0b"; unsigned char long_key[] = "0123456789012345678901234567890123456789" "0123456789012345678901234567890123456789" "0123456789012345678901234567890123456789" "0123456789012345678901234567890123456789"; unsigned char msg[] = "message to hash"; unsigned int digestSz = 64; int keySz = sizeof(key); int long_keySz = sizeof(long_key); int msgSz = sizeof(msg); unsigned char digest2[64]; unsigned int digestSz2 = 64; HMAC_CTX_init(&ctx1); ExpectIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS); ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS); ExpectIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS); ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS); ExpectIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS); HMAC_CTX_cleanup(&ctx1); ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS); ExpectIntEQ(HMAC_Final(&ctx2, digest2, &digestSz2), SSL_SUCCESS); HMAC_CTX_cleanup(&ctx2); ExpectIntEQ(digestSz, digestSz2); ExpectIntEQ(XMEMCMP(digest, digest2, digestSz), 0); /* test HMAC_Init with NULL key */ /* init after copy */ HMAC_CTX_init(&ctx1); ExpectIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS); ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS); ExpectIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS); ExpectIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS); ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS); ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS); ExpectIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS); HMAC_CTX_cleanup(&ctx1); ExpectIntEQ(HMAC_Init(&ctx2, NULL, 0, NULL), SSL_SUCCESS); ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS); ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS); ExpectIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS); HMAC_CTX_cleanup(&ctx2); ExpectIntEQ(digestSz, digestSz2); ExpectIntEQ(XMEMCMP(digest, digest2, digestSz), 0); /* long key */ HMAC_CTX_init(&ctx1); ExpectIntEQ(HMAC_Init(&ctx1, (const void*)long_key, long_keySz, type), SSL_SUCCESS); ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS); ExpectIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS); ExpectIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS); ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS); ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS); ExpectIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS); HMAC_CTX_cleanup(&ctx1); ExpectIntEQ(HMAC_Init(&ctx2, NULL, 0, NULL), SSL_SUCCESS); ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS); ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS); ExpectIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS); HMAC_CTX_cleanup(&ctx2); ExpectIntEQ(digestSz, digestSz2); ExpectIntEQ(XMEMCMP(digest, digest2, digestSz), 0); /* init before copy */ HMAC_CTX_init(&ctx1); ExpectIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS); ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS); ExpectIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS); ExpectIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS); ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS); ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS); ExpectIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS); HMAC_CTX_cleanup(&ctx1); ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS); ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS); ExpectIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS); HMAC_CTX_cleanup(&ctx2); ExpectIntEQ(digestSz, digestSz2); ExpectIntEQ(XMEMCMP(digest, digest2, digestSz), 0); *sz = digestSz; return EXPECT_RESULT(); } #endif /* defined(OPENSSL_EXTRA) && !defined(NO_HMAC) */ static int test_wolfSSL_HMAC_CTX(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_HMAC) unsigned char digest[64]; int digestSz; WOLFSSL_HMAC_CTX* hmac_ctx = NULL; WOLFSSL_HMAC_CTX ctx1; WOLFSSL_HMAC_CTX ctx2; ExpectNotNull(hmac_ctx = wolfSSL_HMAC_CTX_new()); ExpectIntEQ(wolfSSL_HMAC_CTX_Init(NULL), 1); ExpectIntEQ(wolfSSL_HMAC_CTX_Init(hmac_ctx), 1); wolfSSL_HMAC_CTX_free(NULL); wolfSSL_HMAC_CTX_free(hmac_ctx); XMEMSET(&ctx2, 0, sizeof(WOLFSSL_HMAC_CTX)); ExpectIntEQ(HMAC_CTX_init(NULL), 1); ExpectIntEQ(HMAC_CTX_init(&ctx2), 1); ExpectIntEQ(HMAC_CTX_copy(NULL, NULL), 0); ExpectIntEQ(HMAC_CTX_copy(NULL, &ctx2), 0); ExpectIntEQ(HMAC_CTX_copy(&ctx2, NULL), 0); #if defined(HAVE_SELFTEST) || (defined(HAVE_FIPS) && \ ((! defined(HAVE_FIPS_VERSION)) || \ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION <= 2))) /* Copy object that hasn't had a digest set - MD5. */ ExpectIntEQ(HMAC_CTX_copy(&ctx1, &ctx2), 1); #else /* Copy object that hasn't had a digest set. */ ExpectIntEQ(HMAC_CTX_copy(&ctx1, &ctx2), 0); #endif HMAC_CTX_cleanup(NULL); HMAC_CTX_cleanup(&ctx2); ExpectNull(HMAC_CTX_get_md(NULL)); #ifndef NO_SHA ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha1(), digest, &digestSz)), TEST_SUCCESS); ExpectIntEQ(digestSz, 20); ExpectIntEQ(XMEMCMP("\xD9\x68\x77\x23\x70\xFB\x53\x70\x53\xBA\x0E\xDC\xDA" "\xBF\x03\x98\x31\x19\xB2\xCC", digest, digestSz), 0); #endif /* !NO_SHA */ #ifdef WOLFSSL_SHA224 ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha224(), digest, &digestSz)), TEST_SUCCESS); ExpectIntEQ(digestSz, 28); ExpectIntEQ(XMEMCMP("\x57\xFD\xF4\xE1\x2D\xB0\x79\xD7\x4B\x25\x7E\xB1\x95" "\x9C\x11\xAC\x2D\x1E\x78\x94\x4F\x3A\x0F\xED\xF8\xAD" "\x02\x0E", digest, digestSz), 0); #endif /* WOLFSSL_SHA224 */ #ifndef NO_SHA256 ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha256(), digest, &digestSz)), TEST_SUCCESS); ExpectIntEQ(digestSz, 32); ExpectIntEQ(XMEMCMP("\x13\xAB\x76\x91\x0C\x37\x86\x8D\xB3\x7E\x30\x0C\xFC" "\xB0\x2E\x8E\x4A\xD7\xD4\x25\xCC\x3A\xA9\x0F\xA2\xF2" "\x47\x1E\x62\x6F\x5D\xF2", digest, digestSz), 0); #endif /* !NO_SHA256 */ #ifdef WOLFSSL_SHA384 ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha384(), digest, &digestSz)), TEST_SUCCESS); ExpectIntEQ(digestSz, 48); ExpectIntEQ(XMEMCMP("\x9E\xCB\x07\x0C\x11\x76\x3F\x23\xC3\x25\x0E\xC4\xB7" "\x28\x77\x95\x99\xD5\x9D\x7A\xBB\x1A\x9F\xB7\xFD\x25" "\xC9\x72\x47\x9F\x8F\x86\x76\xD6\x20\x57\x87\xB7\xE7" "\xCD\xFB\xC2\xCC\x9F\x2B\xC5\x41\xAB", digest, digestSz), 0); #endif /* WOLFSSL_SHA384 */ #ifdef WOLFSSL_SHA512 ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha512(), digest, &digestSz)), TEST_SUCCESS); ExpectIntEQ(digestSz, 64); ExpectIntEQ(XMEMCMP("\xD4\x21\x0C\x8B\x60\x6F\xF4\xBF\x07\x2F\x26\xCC\xAD" "\xBC\x06\x0B\x34\x78\x8B\x4F\xD6\xC0\x42\xF1\x33\x10" "\x6C\x4F\x1E\x55\x59\xDD\x2A\x9F\x15\x88\x62\xF8\x60" "\xA3\x99\x91\xE2\x08\x7B\xF7\x95\x3A\xB0\x92\x48\x60" "\x88\x8B\x5B\xB8\x5F\xE9\xB6\xB1\x96\xE3\xB5\xF0", digest, digestSz), 0); #endif /* WOLFSSL_SHA512 */ #ifdef WOLFSSL_SHA3 #ifndef WOLFSSL_NOSHA3_224 ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha3_224(), digest, &digestSz)), TEST_SUCCESS); ExpectIntEQ(digestSz, 28); ExpectIntEQ(XMEMCMP("\xdc\x53\x25\x3f\xc0\x9d\x2b\x0c\x7f\x59\x11\x17\x08" "\x5c\xe8\x43\x31\x01\x5a\xb3\xe3\x08\x37\x71\x26\x0b" "\x29\x0f", digest, digestSz), 0); #endif #ifndef WOLFSSL_NOSHA3_256 ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha3_256(), digest, &digestSz)), TEST_SUCCESS); ExpectIntEQ(digestSz, 32); ExpectIntEQ(XMEMCMP("\x0f\x00\x89\x82\x15\xce\xd6\x45\x01\x83\xce\xc8\x35" "\xab\x71\x07\xc9\xfe\x61\x22\x38\xf9\x09\xad\x35\x65" "\x43\x77\x24\xd4\x1e\xf4", digest, digestSz), 0); #endif #ifndef WOLFSSL_NOSHA3_384 ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha3_384(), digest, &digestSz)), TEST_SUCCESS); ExpectIntEQ(digestSz, 48); ExpectIntEQ(XMEMCMP("\x0f\x6a\xc0\xfb\xc3\xf2\x80\xb1\xb4\x04\xb6\xc8\x45" "\x23\x3b\xb4\xbe\xc6\xea\x85\x07\xca\x8c\x71\xbb\x6e" "\x79\xf6\xf9\x2b\x98\xf5\xef\x11\x39\xd4\x5d\xd3\xca" "\xc0\xe6\x81\xf7\x73\xf9\x85\x5d\x4f", digest, digestSz), 0); #endif #ifndef WOLFSSL_NOSHA3_512 ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha3_512(), digest, &digestSz)), TEST_SUCCESS); ExpectIntEQ(digestSz, 64); ExpectIntEQ(XMEMCMP("\x3e\x77\xe3\x59\x42\x89\xed\xc3\xa4\x26\x3d\xa4\x75" "\xd2\x84\x8c\xb2\xf3\x25\x04\x47\x61\xce\x1c\x42\x86" "\xcd\xf4\x56\xaa\x2f\x84\xb1\x3b\x18\xed\xe6\xd6\x48" "\x15\xb0\x29\xc5\x9d\x32\xef\xdd\x3e\x09\xf6\xed\x9e" "\x70\xbc\x1c\x63\xf7\x3b\x3e\xe1\xdc\x84\x9c\x1c", digest, digestSz), 0); #endif #endif #if !defined(NO_MD5) && (!defined(HAVE_FIPS_VERSION) || \ HAVE_FIPS_VERSION <= 2) ExpectIntEQ((test_HMAC_CTX_helper(EVP_md5(), digest, &digestSz)), TEST_SUCCESS); ExpectIntEQ(digestSz, 16); ExpectIntEQ(XMEMCMP("\xB7\x27\xC4\x41\xE5\x2E\x62\xBA\x54\xED\x72\x70\x9F" "\xE4\x98\xDD", digest, digestSz), 0); #endif /* !NO_MD5 */ #endif return EXPECT_RESULT(); } #if defined(OPENSSL_EXTRA) && (!defined(NO_SHA256) || \ defined(WOLFSSL_SHA224) || defined(WOLFSSL_SHA384) || \ defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA3)) static int test_openssl_hmac(const WOLFSSL_EVP_MD* md, int md_len) { EXPECT_DECLS; static const unsigned char key[] = "simple test key"; HMAC_CTX* hmac = NULL; ENGINE* e = NULL; unsigned char hash[WC_MAX_DIGEST_SIZE]; unsigned int len; ExpectNotNull(hmac = HMAC_CTX_new()); HMAC_CTX_init(hmac); #if defined(HAVE_SELFTEST) || (defined(HAVE_FIPS) && \ ((! defined(HAVE_FIPS_VERSION)) || \ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION <= 2))) /* Get size on object that hasn't had a digest set - MD5. */ ExpectIntEQ(HMAC_size(hmac), 16); ExpectIntEQ(HMAC_Init(hmac, NULL, 0, NULL), 1); ExpectIntEQ(HMAC_Init(hmac, (void*)key, (int)sizeof(key), NULL), 1); ExpectIntEQ(HMAC_Init(hmac, NULL, 0, md), 1); #else ExpectIntEQ(HMAC_size(hmac), BAD_FUNC_ARG); ExpectIntEQ(HMAC_Init(hmac, NULL, 0, NULL), 0); ExpectIntEQ(HMAC_Init(hmac, (void*)key, (int)sizeof(key), NULL), 0); ExpectIntEQ(HMAC_Init(hmac, NULL, 0, md), 0); #endif ExpectIntEQ(HMAC_Init_ex(NULL, (void*)key, (int)sizeof(key), md, e), 0); ExpectIntEQ(HMAC_Init_ex(hmac, (void*)key, (int)sizeof(key), md, e), 1); /* re-using test key as data to hash */ ExpectIntEQ(HMAC_Update(NULL, key, (int)sizeof(key)), 0); ExpectIntEQ(HMAC_Update(hmac, key, (int)sizeof(key)), 1); ExpectIntEQ(HMAC_Update(hmac, key, 0), 1); ExpectIntEQ(HMAC_Update(hmac, NULL, 0), 1); ExpectIntEQ(HMAC_Update(hmac, NULL, (int)sizeof(key)), 1); ExpectIntEQ(HMAC_Final(NULL, NULL, &len), 0); ExpectIntEQ(HMAC_Final(hmac, NULL, &len), 0); ExpectIntEQ(HMAC_Final(NULL, hash, &len), 0); ExpectIntEQ(HMAC_Final(hmac, hash, &len), 1); ExpectIntEQ(HMAC_Final(hmac, hash, NULL), 1); ExpectIntEQ(len, md_len); ExpectIntEQ(HMAC_size(NULL), 0); ExpectIntEQ(HMAC_size(hmac), md_len); ExpectStrEQ(HMAC_CTX_get_md(hmac), md); HMAC_cleanup(NULL); HMAC_cleanup(hmac); HMAC_CTX_free(hmac); len = 0; ExpectNull(HMAC(NULL, key, (int)sizeof(key), NULL, 0, hash, &len)); ExpectNull(HMAC(md, NULL, (int)sizeof(key), NULL, 0, hash, &len)); ExpectNull(HMAC(md, key, (int)sizeof(key), NULL, 0, NULL, &len)); ExpectNotNull(HMAC(md, key, (int)sizeof(key), NULL, 0, hash, &len)); ExpectIntEQ(len, md_len); ExpectNotNull(HMAC(md, key, (int)sizeof(key), NULL, 0, hash, NULL)); /* With data. */ ExpectNotNull(HMAC(md, key, (int)sizeof(key), key, (int)sizeof(key), hash, &len)); /* With NULL data. */ ExpectNull(HMAC(md, key, (int)sizeof(key), NULL, (int)sizeof(key), hash, &len)); /* With zero length data. */ ExpectNotNull(HMAC(md, key, (int)sizeof(key), key, 0, hash, &len)); return EXPECT_RESULT(); } #endif static int test_wolfSSL_HMAC(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && (!defined(NO_SHA256) || \ defined(WOLFSSL_SHA224) || defined(WOLFSSL_SHA384) || \ defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA3)) #ifndef NO_SHA256 ExpectIntEQ(test_openssl_hmac(EVP_sha256(), (int)WC_SHA256_DIGEST_SIZE), TEST_SUCCESS); #endif #ifdef WOLFSSL_SHA224 ExpectIntEQ(test_openssl_hmac(EVP_sha224(), (int)WC_SHA224_DIGEST_SIZE), TEST_SUCCESS); #endif #ifdef WOLFSSL_SHA384 ExpectIntEQ(test_openssl_hmac(EVP_sha384(), (int)WC_SHA384_DIGEST_SIZE), TEST_SUCCESS); #endif #ifdef WOLFSSL_SHA512 ExpectIntEQ(test_openssl_hmac(EVP_sha512(), (int)WC_SHA512_DIGEST_SIZE), TEST_SUCCESS); #endif #ifdef WOLFSSL_SHA3 #ifndef WOLFSSL_NOSHA3_224 ExpectIntEQ(test_openssl_hmac(EVP_sha3_224(), (int)WC_SHA3_224_DIGEST_SIZE), TEST_SUCCESS); #endif #ifndef WOLFSSL_NOSHA3_256 ExpectIntEQ(test_openssl_hmac(EVP_sha3_256(), (int)WC_SHA3_256_DIGEST_SIZE), TEST_SUCCESS); #endif #ifndef WOLFSSL_NOSHA3_384 ExpectIntEQ(test_openssl_hmac(EVP_sha3_384(), (int)WC_SHA3_384_DIGEST_SIZE), TEST_SUCCESS); #endif #ifndef WOLFSSL_NOSHA3_512 ExpectIntEQ(test_openssl_hmac(EVP_sha3_512(), (int)WC_SHA3_512_DIGEST_SIZE), TEST_SUCCESS); #endif #endif #ifndef NO_SHA ExpectIntEQ(test_openssl_hmac(EVP_sha1(), (int)WC_SHA_DIGEST_SIZE), TEST_SUCCESS); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_CMAC(void) { EXPECT_DECLS; #if defined(WOLFSSL_CMAC) && defined(OPENSSL_EXTRA) && \ defined(WOLFSSL_AES_DIRECT) int i; byte key[AES_256_KEY_SIZE]; CMAC_CTX* cmacCtx = NULL; byte out[AES_BLOCK_SIZE]; size_t outLen = AES_BLOCK_SIZE; for (i=0; i < AES_256_KEY_SIZE; ++i) { key[i] = i; } ExpectNotNull(cmacCtx = CMAC_CTX_new()); /* Check CMAC_CTX_get0_cipher_ctx; return value not used. */ ExpectNotNull(CMAC_CTX_get0_cipher_ctx(cmacCtx)); ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_128_KEY_SIZE, EVP_aes_128_cbc(), NULL), 1); /* re-using test key as data to hash */ ExpectIntEQ(CMAC_Update(cmacCtx, key, AES_128_KEY_SIZE), 1); ExpectIntEQ(CMAC_Update(cmacCtx, NULL, 0), 1); ExpectIntEQ(CMAC_Final(cmacCtx, out, &outLen), 1); ExpectIntEQ(outLen, AES_BLOCK_SIZE); /* No Update works. */ ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_128_KEY_SIZE, EVP_aes_128_cbc(), NULL), 1); ExpectIntEQ(CMAC_Final(cmacCtx, out, NULL), 1); ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_128_KEY_SIZE, EVP_aes_128_cbc(), NULL), 1); /* Test parameters with CMAC_Update. */ ExpectIntEQ(CMAC_Update(NULL, NULL, 0), 0); ExpectIntEQ(CMAC_Update(NULL, key, 0), 0); ExpectIntEQ(CMAC_Update(NULL, NULL, AES_128_KEY_SIZE), 0); ExpectIntEQ(CMAC_Update(NULL, key, AES_128_KEY_SIZE), 0); ExpectIntEQ(CMAC_Update(cmacCtx, key, 0), 1); ExpectIntEQ(CMAC_Update(cmacCtx, NULL, 0), 1); ExpectIntEQ(CMAC_Update(cmacCtx, NULL, AES_128_KEY_SIZE), 1); /* Test parameters with CMAC_Final. */ ExpectIntEQ(CMAC_Final(NULL, NULL, NULL), 0); ExpectIntEQ(CMAC_Final(NULL, out, NULL), 0); ExpectIntEQ(CMAC_Final(NULL, NULL, &outLen), 0); ExpectIntEQ(CMAC_Final(NULL, out, &outLen), 0); ExpectIntEQ(CMAC_Final(cmacCtx, NULL, NULL), 1); ExpectIntEQ(CMAC_Final(cmacCtx, NULL, &outLen), 1); ExpectIntEQ(CMAC_Final(cmacCtx, out, NULL), 1); CMAC_CTX_free(cmacCtx); /* Test parameters with CMAC Init. */ cmacCtx = NULL; ExpectNotNull(cmacCtx = CMAC_CTX_new()); ExpectNotNull(CMAC_CTX_get0_cipher_ctx(cmacCtx)); ExpectIntEQ(CMAC_Init(NULL, NULL, 0, NULL, NULL), 0); ExpectIntEQ(CMAC_Init(NULL, key, AES_192_KEY_SIZE, EVP_aes_192_cbc(), NULL), 0); ExpectIntEQ(CMAC_Init(cmacCtx, NULL, AES_192_KEY_SIZE, EVP_aes_192_cbc(), NULL), 0); /* give a key too small for the cipher, verify we get failure */ ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_128_KEY_SIZE, EVP_aes_192_cbc(), NULL), 0); ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_192_KEY_SIZE, NULL, NULL), 0); #if defined(HAVE_AESGCM) && defined(WOLFSSL_AES_128) /* Only AES-CBC supported. */ ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_128_KEY_SIZE, EVP_aes_128_gcm(), NULL), 0); #endif CMAC_CTX_free(cmacCtx); ExpectNull(CMAC_CTX_get0_cipher_ctx(NULL)); cmacCtx = NULL; ExpectNotNull(cmacCtx = CMAC_CTX_new()); /* No Init. */ ExpectIntEQ(CMAC_Final(cmacCtx, out, &outLen), 0); CMAC_CTX_free(cmacCtx); /* Test AES-256-CBC */ cmacCtx = NULL; ExpectNotNull(cmacCtx = CMAC_CTX_new()); ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_256_KEY_SIZE, EVP_aes_256_cbc(), NULL), 1); ExpectIntEQ(CMAC_Update(cmacCtx, key, AES_128_KEY_SIZE), 1); ExpectIntEQ(CMAC_Final(cmacCtx, out, NULL), 1); CMAC_CTX_free(cmacCtx); /* Test AES-192-CBC */ cmacCtx = NULL; ExpectNotNull(cmacCtx = CMAC_CTX_new()); ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_192_KEY_SIZE, EVP_aes_192_cbc(), NULL), 1); ExpectIntEQ(CMAC_Update(cmacCtx, key, AES_128_KEY_SIZE), 1); ExpectIntEQ(CMAC_Final(cmacCtx, out, NULL), 1); CMAC_CTX_free(cmacCtx); cmacCtx = NULL; ExpectNotNull(cmacCtx = CMAC_CTX_new()); CMAC_CTX_free(cmacCtx); #endif /* WOLFSSL_CMAC && OPENSSL_EXTRA && WOLFSSL_AES_DIRECT */ return EXPECT_RESULT(); } static int test_wolfSSL_DES(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_DES3) const_DES_cblock myDes; DES_cblock iv; DES_key_schedule key; word32 i = 0; DES_LONG dl = 0; unsigned char msg[] = "hello wolfssl"; unsigned char weakKey[][8] = { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, { 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE }, { 0xE0, 0xE0, 0xE0, 0xE0, 0xF1, 0xF1, 0xF1, 0xF1 }, { 0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E } }; unsigned char semiWeakKey[][8] = { { 0x01, 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E }, { 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E, 0x01 }, { 0x01, 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1 }, { 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1, 0x01 }, { 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE }, { 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01 }, { 0x1F, 0xE0, 0x1F, 0xE0, 0x0E, 0xF1, 0x0E, 0xF1 }, { 0xE0, 0x1F, 0xE0, 0x1F, 0xF1, 0x0E, 0xF1, 0x0E }, { 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E, 0xFE }, { 0xFE, 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E }, { 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE }, { 0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1 } }; DES_check_key(1); DES_set_key(&myDes, &key); /* check, check of odd parity */ XMEMSET(myDes, 4, sizeof(const_DES_cblock)); myDes[0] = 6; /* set even parity */ XMEMSET(key, 5, sizeof(DES_key_schedule)); ExpectIntEQ(DES_set_key_checked(&myDes, &key), -1); ExpectIntNE(key[0], myDes[0]); /* should not have copied over key */ ExpectIntEQ(DES_set_key_checked(NULL, NULL), -2); ExpectIntEQ(DES_set_key_checked(&myDes, NULL), -2); ExpectIntEQ(DES_set_key_checked(NULL, &key), -2); /* set odd parity for success case */ DES_set_odd_parity(&myDes); ExpectIntEQ(DES_check_key_parity(&myDes), 1); fprintf(stderr, "%02x %02x %02x %02x", myDes[0], myDes[1], myDes[2], myDes[3]); ExpectIntEQ(DES_set_key_checked(&myDes, &key), 0); for (i = 0; i < sizeof(DES_key_schedule); i++) { ExpectIntEQ(key[i], myDes[i]); } ExpectIntEQ(DES_is_weak_key(&myDes), 0); /* check weak key */ XMEMSET(myDes, 1, sizeof(const_DES_cblock)); XMEMSET(key, 5, sizeof(DES_key_schedule)); ExpectIntEQ(DES_set_key_checked(&myDes, &key), -2); ExpectIntNE(key[0], myDes[0]); /* should not have copied over key */ DES_set_key_unchecked(NULL, NULL); DES_set_key_unchecked(&myDes, NULL); DES_set_key_unchecked(NULL, &key); /* compare arrays, should be the same */ /* now do unchecked copy of a weak key over */ DES_set_key_unchecked(&myDes, &key); /* compare arrays, should be the same */ for (i = 0; i < sizeof(DES_key_schedule); i++) { ExpectIntEQ(key[i], myDes[i]); } ExpectIntEQ(DES_is_weak_key(&myDes), 1); myDes[7] = 2; ExpectIntEQ(DES_set_key_checked(&myDes, &key), 0); ExpectIntEQ(DES_is_weak_key(&myDes), 0); ExpectIntEQ(DES_is_weak_key(NULL), 1); /* Test all weak keys. */ for (i = 0; i < sizeof(weakKey) / sizeof(*weakKey); i++) { ExpectIntEQ(DES_set_key_checked(&weakKey[i], &key), -2); } /* Test all semi-weak keys. */ for (i = 0; i < sizeof(semiWeakKey) / sizeof(*semiWeakKey); i++) { ExpectIntEQ(DES_set_key_checked(&semiWeakKey[i], &key), -2); } /* check DES_key_sched API */ XMEMSET(key, 1, sizeof(DES_key_schedule)); ExpectIntEQ(DES_key_sched(&myDes, NULL), 0); ExpectIntEQ(DES_key_sched(NULL, &key), 0); ExpectIntEQ(DES_key_sched(&myDes, &key), 0); /* compare arrays, should be the same */ for (i = 0; i < sizeof(DES_key_schedule); i++) { ExpectIntEQ(key[i], myDes[i]); } ExpectIntEQ((DES_cbc_cksum(NULL, NULL, 0, NULL, NULL)), 0); ExpectIntEQ((DES_cbc_cksum(msg, NULL, 0, NULL, NULL)), 0); ExpectIntEQ((DES_cbc_cksum(NULL, &key, 0, NULL, NULL)), 0); ExpectIntEQ((DES_cbc_cksum(NULL, NULL, 0, &myDes, NULL)), 0); ExpectIntEQ((DES_cbc_cksum(NULL, NULL, 0, NULL, &iv)), 0); ExpectIntEQ((DES_cbc_cksum(NULL, &key, sizeof(msg), &myDes, &iv)), 0); ExpectIntEQ((DES_cbc_cksum(msg, NULL, sizeof(msg), &myDes, &iv)), 0); ExpectIntEQ((DES_cbc_cksum(msg, &key, sizeof(msg), NULL, &iv)), 0); ExpectIntEQ((DES_cbc_cksum(msg, &key, sizeof(msg), &myDes, NULL)), 0); /* DES_cbc_cksum should return the last 4 of the last 8 bytes after * DES_cbc_encrypt on the input */ XMEMSET(iv, 0, sizeof(DES_cblock)); XMEMSET(myDes, 5, sizeof(DES_key_schedule)); ExpectIntGT((dl = DES_cbc_cksum(msg, &key, sizeof(msg), &myDes, &iv)), 0); ExpectIntEQ(dl, 480052723); #endif /* defined(OPENSSL_EXTRA) && !defined(NO_DES3) */ return EXPECT_RESULT(); } static int test_wolfSSL_DES_ncbc(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_DES3) const_DES_cblock myDes; DES_cblock iv = {1}; DES_key_schedule key = {0}; unsigned char msg[] = "hello wolfssl"; unsigned char out[DES_BLOCK_SIZE * 2] = {0}; unsigned char pln[DES_BLOCK_SIZE * 2] = {0}; unsigned char exp[] = {0x31, 0x98, 0x2F, 0x3A, 0x55, 0xBF, 0xD8, 0xC4}; unsigned char exp2[] = {0xC7, 0x45, 0x8B, 0x28, 0x10, 0x53, 0xE0, 0x58}; /* partial block test */ DES_set_key(&key, &myDes); DES_ncbc_encrypt(msg, out, 3, &myDes, &iv, DES_ENCRYPT); ExpectIntEQ(XMEMCMP(exp, out, DES_BLOCK_SIZE), 0); ExpectIntEQ(XMEMCMP(exp, iv, DES_BLOCK_SIZE), 0); DES_set_key(&key, &myDes); XMEMSET((byte*)&iv, 0, DES_BLOCK_SIZE); *((byte*)&iv) = 1; DES_ncbc_encrypt(out, pln, 3, &myDes, &iv, DES_DECRYPT); ExpectIntEQ(XMEMCMP(msg, pln, 3), 0); ExpectIntEQ(XMEMCMP(exp, iv, DES_BLOCK_SIZE), 0); /* full block test */ DES_set_key(&key, &myDes); XMEMSET(pln, 0, DES_BLOCK_SIZE); XMEMSET((byte*)&iv, 0, DES_BLOCK_SIZE); *((byte*)&iv) = 1; DES_ncbc_encrypt(msg, out, 8, &myDes, &iv, DES_ENCRYPT); ExpectIntEQ(XMEMCMP(exp2, out, DES_BLOCK_SIZE), 0); ExpectIntEQ(XMEMCMP(exp2, iv, DES_BLOCK_SIZE), 0); DES_set_key(&key, &myDes); XMEMSET((byte*)&iv, 0, DES_BLOCK_SIZE); *((byte*)&iv) = 1; DES_ncbc_encrypt(out, pln, 8, &myDes, &iv, DES_DECRYPT); ExpectIntEQ(XMEMCMP(msg, pln, 8), 0); ExpectIntEQ(XMEMCMP(exp2, iv, DES_BLOCK_SIZE), 0); #endif return EXPECT_RESULT(); } static int test_wolfSSL_DES_ecb_encrypt(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_DES3) && defined(WOLFSSL_DES_ECB) WOLFSSL_DES_cblock input1, input2, output1, output2, back1, back2; WOLFSSL_DES_key_schedule key; XMEMCPY(key, "12345678", sizeof(WOLFSSL_DES_key_schedule)); XMEMCPY(input1, "Iamhuman", sizeof(WOLFSSL_DES_cblock)); XMEMCPY(input2, "Whoisit?", sizeof(WOLFSSL_DES_cblock)); XMEMSET(output1, 0, sizeof(WOLFSSL_DES_cblock)); XMEMSET(output2, 0, sizeof(WOLFSSL_DES_cblock)); XMEMSET(back1, 0, sizeof(WOLFSSL_DES_cblock)); XMEMSET(back2, 0, sizeof(WOLFSSL_DES_cblock)); wolfSSL_DES_ecb_encrypt(NULL, NULL, NULL, DES_ENCRYPT); wolfSSL_DES_ecb_encrypt(&input1, NULL, NULL, DES_ENCRYPT); wolfSSL_DES_ecb_encrypt(NULL, &output1, NULL, DES_ENCRYPT); wolfSSL_DES_ecb_encrypt(NULL, NULL, &key, DES_ENCRYPT); wolfSSL_DES_ecb_encrypt(&input1, &output1, NULL, DES_ENCRYPT); wolfSSL_DES_ecb_encrypt(&input1, NULL, &key, DES_ENCRYPT); wolfSSL_DES_ecb_encrypt(NULL, &output1, &key, DES_ENCRYPT); /* Encrypt messages */ wolfSSL_DES_ecb_encrypt(&input1, &output1, &key, DES_ENCRYPT); wolfSSL_DES_ecb_encrypt(&input2, &output2, &key, DES_ENCRYPT); { /* Decrypt messages */ int ret1 = 0; int ret2 = 0; wolfSSL_DES_ecb_encrypt(&output1, &back1, &key, DES_DECRYPT); ExpectIntEQ(ret1 = XMEMCMP((unsigned char *)back1, (unsigned char *)input1, sizeof(WOLFSSL_DES_cblock)), 0); wolfSSL_DES_ecb_encrypt(&output2, &back2, &key, DES_DECRYPT); ExpectIntEQ(ret2 = XMEMCMP((unsigned char *)back2, (unsigned char *)input2, sizeof(WOLFSSL_DES_cblock)), 0); } #endif return EXPECT_RESULT(); } static int test_wolfSSL_DES_ede3_cbc_encrypt(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_DES3) unsigned char input1[8], input2[8]; unsigned char output1[8], output2[8]; unsigned char back1[8], back2[8]; WOLFSSL_DES_cblock iv1, iv2; WOLFSSL_DES_key_schedule key1, key2, key3; int i; XMEMCPY(key1, "12345678", sizeof(WOLFSSL_DES_key_schedule)); XMEMCPY(key2, "23456781", sizeof(WOLFSSL_DES_key_schedule)); XMEMCPY(key3, "34567823", sizeof(WOLFSSL_DES_key_schedule)); XMEMCPY(input1, "Iamhuman", sizeof(input1)); XMEMCPY(input2, "Whoisit?", sizeof(input2)); XMEMSET(output1, 0, sizeof(output1)); XMEMSET(output2, 0, sizeof(output2)); XMEMSET(back1, 0, sizeof(back1)); XMEMSET(back2, 0, sizeof(back2)); XMEMCPY(iv1, "87654321", sizeof(WOLFSSL_DES_cblock)); XMEMCPY(iv2, "98765432", sizeof(WOLFSSL_DES_cblock)); /* Encrypt messages */ wolfSSL_DES_ede3_cbc_encrypt(input1, output1, 8, &key1, &key2, &key3, &iv1, DES_ENCRYPT); wolfSSL_DES_ede3_cbc_encrypt(input2, output2, 8, &key1, &key2, &key3, &iv2, DES_ENCRYPT); { XMEMCPY(iv1, "87654321", sizeof(WOLFSSL_DES_cblock)); XMEMCPY(iv2, "98765432", sizeof(WOLFSSL_DES_cblock)); /* Decrypt messages */ wolfSSL_DES_ede3_cbc_encrypt(output1, back1, 8, &key1, &key2, &key3, &iv1, DES_DECRYPT); ExpectIntEQ(XMEMCMP(back1, input1, sizeof(input1)), 0); wolfSSL_DES_ede3_cbc_encrypt(output2, back2, 8, &key1, &key2, &key3, &iv2, DES_DECRYPT); ExpectIntEQ(XMEMCMP(back2, input2, sizeof(input2)), 0); } for (i = 0; i < 8; i++) { XMEMSET(output1, 0, sizeof(output1)); XMEMSET(output2, 0, sizeof(output2)); XMEMSET(back1, 0, sizeof(back1)); XMEMSET(back2, 0, sizeof(back2)); XMEMCPY(iv1, "87654321", sizeof(WOLFSSL_DES_cblock)); XMEMCPY(iv2, "98765432", sizeof(WOLFSSL_DES_cblock)); /* Encrypt partial messages */ wolfSSL_DES_ede3_cbc_encrypt(input1, output1, i, &key1, &key2, &key3, &iv1, DES_ENCRYPT); wolfSSL_DES_ede3_cbc_encrypt(input2, output2, i, &key1, &key2, &key3, &iv2, DES_ENCRYPT); { XMEMCPY(iv1, "87654321", sizeof(WOLFSSL_DES_cblock)); XMEMCPY(iv2, "98765432", sizeof(WOLFSSL_DES_cblock)); /* Decrypt messages */ wolfSSL_DES_ede3_cbc_encrypt(output1, back1, i, &key1, &key2, &key3, &iv1, DES_DECRYPT); ExpectIntEQ(XMEMCMP(back1, input1, i), 0); wolfSSL_DES_ede3_cbc_encrypt(output2, back2, i, &key1, &key2, &key3, &iv2, DES_DECRYPT); ExpectIntEQ(XMEMCMP(back2, input2, i), 0); } } #endif return EXPECT_RESULT(); } static int test_wolfSSL_AES_encrypt(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AES_ECB) \ && !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API) AES_KEY enc; AES_KEY dec; const byte msg[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a }; const byte exp[] = { 0xf3, 0xee, 0xd1, 0xbd, 0xb5, 0xd2, 0xa0, 0x3c, 0x06, 0x4b, 0x5a, 0x7e, 0x3d, 0xb1, 0x81, 0xf8, }; const byte key[] = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4 }; byte eout[sizeof(msg)]; byte dout[sizeof(msg)]; ExpectIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &enc), 0); ExpectIntEQ(AES_set_decrypt_key(key, sizeof(key)*8, &dec), 0); wolfSSL_AES_encrypt(NULL, NULL, NULL); wolfSSL_AES_encrypt(msg, NULL, NULL); wolfSSL_AES_encrypt(NULL, eout, NULL); wolfSSL_AES_encrypt(NULL, NULL, &enc); wolfSSL_AES_encrypt(msg, eout, NULL); wolfSSL_AES_encrypt(msg, NULL, &enc); wolfSSL_AES_encrypt(NULL, eout, &enc); wolfSSL_AES_decrypt(NULL, NULL, NULL); wolfSSL_AES_decrypt(eout, NULL, NULL); wolfSSL_AES_decrypt(NULL, dout, NULL); wolfSSL_AES_decrypt(NULL, NULL, &dec); wolfSSL_AES_decrypt(eout, dout, NULL); wolfSSL_AES_decrypt(eout, NULL, &dec); wolfSSL_AES_decrypt(NULL, dout, &dec); wolfSSL_AES_encrypt(msg, eout, &enc); ExpectIntEQ(XMEMCMP(eout, exp, AES_BLOCK_SIZE), 0); wolfSSL_AES_decrypt(eout, dout, &dec); ExpectIntEQ(XMEMCMP(dout, msg, AES_BLOCK_SIZE), 0); #endif return EXPECT_RESULT(); } static int test_wolfSSL_AES_ecb_encrypt(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AES_ECB) \ && !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API) AES_KEY aes; const byte msg[] = { 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96, 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a }; const byte verify[] = { 0xf3,0xee,0xd1,0xbd,0xb5,0xd2,0xa0,0x3c, 0x06,0x4b,0x5a,0x7e,0x3d,0xb1,0x81,0xf8 }; const byte key[] = { 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe, 0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81, 0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7, 0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4 }; byte out[AES_BLOCK_SIZE]; ExpectIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &aes), 0); XMEMSET(out, 0, AES_BLOCK_SIZE); AES_ecb_encrypt(msg, out, &aes, AES_ENCRYPT); ExpectIntEQ(XMEMCMP(out, verify, AES_BLOCK_SIZE), 0); #ifdef HAVE_AES_DECRYPT ExpectIntEQ(AES_set_decrypt_key(key, sizeof(key)*8, &aes), 0); XMEMSET(out, 0, AES_BLOCK_SIZE); AES_ecb_encrypt(verify, out, &aes, AES_DECRYPT); ExpectIntEQ(XMEMCMP(out, msg, AES_BLOCK_SIZE), 0); #endif /* test bad arguments */ AES_ecb_encrypt(NULL, out, &aes, AES_DECRYPT); AES_ecb_encrypt(verify, NULL, &aes, AES_DECRYPT); AES_ecb_encrypt(verify, out, NULL, AES_DECRYPT); #endif return EXPECT_RESULT(); } static int test_wolfSSL_AES_cbc_encrypt(void) { EXPECT_DECLS; #if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(OPENSSL_EXTRA) && \ !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API) AES_KEY aes; AES_KEY* aesN = NULL; size_t len = 0; size_t lenB = 0; int keySz0 = 0; int keySzN = -1; byte out[AES_BLOCK_SIZE] = {0}; byte* outN = NULL; /* Test vectors retrieved from: * * https://csrc.nist.gov/ * CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/ * documents/aes/KAT_AES.zip * */ const byte* pt128N = NULL; byte* key128N = NULL; byte* iv128N = NULL; byte iv128tmp[AES_BLOCK_SIZE] = {0}; const byte pt128[] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }; const byte ct128[] = { 0x87,0x85,0xb1,0xa7,0x5b,0x0f,0x3b,0xd9, 0x58,0xdc,0xd0,0xe2,0x93,0x18,0xc5,0x21 }; const byte iv128[] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }; byte key128[] = { 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff, 0xff,0xff,0xf0,0x00,0x00,0x00,0x00,0x00 }; len = sizeof(pt128); #define STRESS_T(a, b, c, d, e, f, g, h, i) \ wolfSSL_AES_cbc_encrypt(a, b, c, d, e, f); \ ExpectIntNE(XMEMCMP(b, g, h), i) #define RESET_IV(x, y) XMEMCPY(x, y, AES_BLOCK_SIZE) /* Stressing wolfSSL_AES_cbc_encrypt() */ STRESS_T(pt128N, out, len, &aes, iv128tmp, 1, ct128, AES_BLOCK_SIZE, 0); STRESS_T(pt128, out, len, &aes, iv128N, 1, ct128, AES_BLOCK_SIZE, 0); wolfSSL_AES_cbc_encrypt(pt128, outN, len, &aes, iv128tmp, AES_ENCRYPT); ExpectIntNE(XMEMCMP(out, ct128, AES_BLOCK_SIZE), 0); wolfSSL_AES_cbc_encrypt(pt128, out, len, aesN, iv128tmp, AES_ENCRYPT); ExpectIntNE(XMEMCMP(out, ct128, AES_BLOCK_SIZE), 0); STRESS_T(pt128, out, lenB, &aes, iv128tmp, 1, ct128, AES_BLOCK_SIZE, 0); /* Stressing wolfSSL_AES_set_encrypt_key */ ExpectIntNE(wolfSSL_AES_set_encrypt_key(key128N, sizeof(key128)*8, &aes),0); ExpectIntNE(wolfSSL_AES_set_encrypt_key(key128, sizeof(key128)*8, aesN),0); ExpectIntNE(wolfSSL_AES_set_encrypt_key(key128, keySz0, &aes), 0); ExpectIntNE(wolfSSL_AES_set_encrypt_key(key128, keySzN, &aes), 0); /* Stressing wolfSSL_AES_set_decrypt_key */ ExpectIntNE(wolfSSL_AES_set_decrypt_key(key128N, sizeof(key128)*8, &aes),0); ExpectIntNE(wolfSSL_AES_set_decrypt_key(key128N, sizeof(key128)*8, aesN),0); ExpectIntNE(wolfSSL_AES_set_decrypt_key(key128, keySz0, &aes), 0); ExpectIntNE(wolfSSL_AES_set_decrypt_key(key128, keySzN, &aes), 0); #ifdef WOLFSSL_AES_128 /* wolfSSL_AES_cbc_encrypt() 128-bit */ XMEMSET(out, 0, AES_BLOCK_SIZE); RESET_IV(iv128tmp, iv128); ExpectIntEQ(wolfSSL_AES_set_encrypt_key(key128, sizeof(key128)*8, &aes), 0); wolfSSL_AES_cbc_encrypt(pt128, out, len, &aes, iv128tmp, AES_ENCRYPT); ExpectIntEQ(XMEMCMP(out, ct128, AES_BLOCK_SIZE), 0); wc_AesFree((Aes*)&aes); #ifdef HAVE_AES_DECRYPT /* wolfSSL_AES_cbc_encrypt() 128-bit in decrypt mode */ XMEMSET(out, 0, AES_BLOCK_SIZE); RESET_IV(iv128tmp, iv128); len = sizeof(ct128); ExpectIntEQ(wolfSSL_AES_set_decrypt_key(key128, sizeof(key128)*8, &aes), 0); wolfSSL_AES_cbc_encrypt(ct128, out, len, &aes, iv128tmp, AES_DECRYPT); ExpectIntEQ(XMEMCMP(out, pt128, AES_BLOCK_SIZE), 0); wc_AesFree((Aes*)&aes); #endif #endif /* WOLFSSL_AES_128 */ #ifdef WOLFSSL_AES_192 { /* Test vectors from NIST Special Publication 800-38A, 2001 Edition * Appendix F.2.3 */ byte iv192tmp[AES_BLOCK_SIZE] = {0}; const byte pt192[] = { 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96, 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a }; const byte ct192[] = { 0x4f,0x02,0x1d,0xb2,0x43,0xbc,0x63,0x3d, 0x71,0x78,0x18,0x3a,0x9f,0xa0,0x71,0xe8 }; const byte iv192[] = { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07, 0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F }; byte key192[] = { 0x8e,0x73,0xb0,0xf7,0xda,0x0e,0x64,0x52, 0xc8,0x10,0xf3,0x2b,0x80,0x90,0x79,0xe5, 0x62,0xf8,0xea,0xd2,0x52,0x2c,0x6b,0x7b }; len = sizeof(pt192); /* wolfSSL_AES_cbc_encrypt() 192-bit */ XMEMSET(out, 0, AES_BLOCK_SIZE); RESET_IV(iv192tmp, iv192); ExpectIntEQ(wolfSSL_AES_set_encrypt_key(key192, sizeof(key192)*8, &aes), 0); wolfSSL_AES_cbc_encrypt(pt192, out, len, &aes, iv192tmp, AES_ENCRYPT); ExpectIntEQ(XMEMCMP(out, ct192, AES_BLOCK_SIZE), 0); wc_AesFree((Aes*)&aes); #ifdef HAVE_AES_DECRYPT /* wolfSSL_AES_cbc_encrypt() 192-bit in decrypt mode */ len = sizeof(ct192); RESET_IV(iv192tmp, iv192); XMEMSET(out, 0, AES_BLOCK_SIZE); ExpectIntEQ(wolfSSL_AES_set_decrypt_key(key192, sizeof(key192)*8, &aes), 0); wolfSSL_AES_cbc_encrypt(ct192, out, len, &aes, iv192tmp, AES_DECRYPT); ExpectIntEQ(XMEMCMP(out, pt192, AES_BLOCK_SIZE), 0); wc_AesFree((Aes*)&aes); #endif } #endif /* WOLFSSL_AES_192 */ #ifdef WOLFSSL_AES_256 { /* Test vectors from NIST Special Publication 800-38A, 2001 Edition, * Appendix F.2.5 */ byte iv256tmp[AES_BLOCK_SIZE] = {0}; const byte pt256[] = { 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96, 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a }; const byte ct256[] = { 0xf5,0x8c,0x4c,0x04,0xd6,0xe5,0xf1,0xba, 0x77,0x9e,0xab,0xfb,0x5f,0x7b,0xfb,0xd6 }; const byte iv256[] = { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07, 0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F }; byte key256[] = { 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe, 0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81, 0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7, 0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4 }; len = sizeof(pt256); /* wolfSSL_AES_cbc_encrypt() 256-bit */ XMEMSET(out, 0, AES_BLOCK_SIZE); RESET_IV(iv256tmp, iv256); ExpectIntEQ(wolfSSL_AES_set_encrypt_key(key256, sizeof(key256)*8, &aes), 0); wolfSSL_AES_cbc_encrypt(pt256, out, len, &aes, iv256tmp, AES_ENCRYPT); ExpectIntEQ(XMEMCMP(out, ct256, AES_BLOCK_SIZE), 0); wc_AesFree((Aes*)&aes); #ifdef HAVE_AES_DECRYPT /* wolfSSL_AES_cbc_encrypt() 256-bit in decrypt mode */ len = sizeof(ct256); RESET_IV(iv256tmp, iv256); XMEMSET(out, 0, AES_BLOCK_SIZE); ExpectIntEQ(wolfSSL_AES_set_decrypt_key(key256, sizeof(key256)*8, &aes), 0); wolfSSL_AES_cbc_encrypt(ct256, out, len, &aes, iv256tmp, AES_DECRYPT); ExpectIntEQ(XMEMCMP(out, pt256, AES_BLOCK_SIZE), 0); wc_AesFree((Aes*)&aes); #endif #if defined(HAVE_AES_KEYWRAP) && !defined(HAVE_FIPS) && \ !defined(HAVE_SELFTEST) { byte wrapCipher[sizeof(key256) + KEYWRAP_BLOCK_SIZE] = { 0 }; byte wrapPlain[sizeof(key256)] = { 0 }; byte wrapIV[KEYWRAP_BLOCK_SIZE] = { 0 }; /* wolfSSL_AES_wrap_key() 256-bit NULL iv */ ExpectIntEQ(wolfSSL_AES_set_encrypt_key(key256, sizeof(key256)*8, &aes), 0); ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, NULL, wrapCipher, key256, 15), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, NULL, wrapCipher, key256, sizeof(key256)), sizeof(wrapCipher)); wc_AesFree((Aes*)&aes); /* wolfSSL_AES_unwrap_key() 256-bit NULL iv */ ExpectIntEQ(wolfSSL_AES_set_decrypt_key(key256, sizeof(key256)*8, &aes), 0); ExpectIntEQ(wolfSSL_AES_unwrap_key(&aes, NULL, wrapPlain, wrapCipher, 23), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_AES_unwrap_key(&aes, NULL, wrapPlain, wrapCipher, sizeof(wrapCipher)), sizeof(wrapPlain)); ExpectIntEQ(XMEMCMP(wrapPlain, key256, sizeof(key256)), 0); XMEMSET(wrapCipher, 0, sizeof(wrapCipher)); XMEMSET(wrapPlain, 0, sizeof(wrapPlain)); wc_AesFree((Aes*)&aes); /* wolfSSL_AES_wrap_key() 256-bit custom iv */ ExpectIntEQ(wolfSSL_AES_set_encrypt_key(key256, sizeof(key256)*8, &aes), 0); ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, wrapIV, wrapCipher, key256, sizeof(key256)), sizeof(wrapCipher)); wc_AesFree((Aes*)&aes); /* wolfSSL_AES_unwrap_key() 256-bit custom iv */ ExpectIntEQ(wolfSSL_AES_set_decrypt_key(key256, sizeof(key256)*8, &aes), 0); ExpectIntEQ(wolfSSL_AES_unwrap_key(&aes, wrapIV, wrapPlain, wrapCipher, sizeof(wrapCipher)), sizeof(wrapPlain)); ExpectIntEQ(XMEMCMP(wrapPlain, key256, sizeof(key256)), 0); wc_AesFree((Aes*)&aes); ExpectIntEQ(wolfSSL_AES_wrap_key(NULL, NULL, NULL, NULL, 0), 0); ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, NULL, NULL, NULL, 0), 0); ExpectIntEQ(wolfSSL_AES_wrap_key(NULL, wrapIV, NULL, NULL, 0), 0); ExpectIntEQ(wolfSSL_AES_wrap_key(NULL, NULL, wrapCipher, NULL, 0), 0); ExpectIntEQ(wolfSSL_AES_wrap_key(NULL, NULL, NULL, key256, 0), 0); ExpectIntEQ(wolfSSL_AES_wrap_key(NULL, wrapIV, wrapCipher, key256, 0), 0); ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, NULL, wrapCipher, key256, 0), 0); ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, wrapIV, NULL, key256, 0), 0); ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, wrapIV, wrapCipher, NULL, 0), 0); ExpectIntEQ(wolfSSL_AES_unwrap_key(NULL, NULL, NULL, NULL, 0), 0); ExpectIntEQ(wolfSSL_AES_unwrap_key(&aes, NULL, NULL, NULL, 0), 0); ExpectIntEQ(wolfSSL_AES_unwrap_key(NULL, wrapIV, NULL, NULL, 0), 0); ExpectIntEQ(wolfSSL_AES_unwrap_key(NULL, NULL, wrapPlain, NULL, 0), 0); ExpectIntEQ(wolfSSL_AES_unwrap_key(NULL, NULL, NULL, wrapCipher, 0), 0); ExpectIntEQ(wolfSSL_AES_unwrap_key(NULL, wrapIV, wrapPlain, wrapCipher, 0), 0); ExpectIntEQ(wolfSSL_AES_unwrap_key(&aes, NULL, wrapPlain, wrapCipher, 0), 0); ExpectIntEQ(wolfSSL_AES_unwrap_key(&aes, wrapIV, NULL, wrapCipher, 0), 0); ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, wrapIV, wrapPlain, NULL, 0), 0); } #endif /* HAVE_AES_KEYWRAP */ } #endif /* WOLFSSL_AES_256 */ #endif return EXPECT_RESULT(); } static int test_wolfSSL_AES_cfb128_encrypt(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(WOLFSSL_AES_CFB) && \ !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API) AES_KEY aesEnc; AES_KEY aesDec; const byte msg[] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a }; const byte exp[] = { 0x16, 0xc9, 0x90, 0x6c, 0x04, 0x0c, 0xd1, 0x2f, 0x84, 0x7b, 0x18, 0xed, 0xed, 0x6a, 0xb5, 0xfd }; const byte key[] = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4 }; const byte ivData[] = { 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, }; byte out[AES_BLOCK_SIZE]; byte iv[AES_BLOCK_SIZE]; word32 i; int num; ExpectIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &aesEnc), 0); XMEMCPY(iv, ivData, sizeof(iv)); XMEMSET(out, 0, AES_BLOCK_SIZE); AES_cfb128_encrypt(msg, out, sizeof(msg), &aesEnc, iv, NULL, AES_ENCRYPT); ExpectIntEQ(XMEMCMP(out, exp, sizeof(msg)), 0); ExpectIntNE(XMEMCMP(iv, ivData, sizeof(iv)), 0); #ifdef HAVE_AES_DECRYPT ExpectIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &aesDec), 0); XMEMCPY(iv, ivData, sizeof(iv)); XMEMSET(out, 0, AES_BLOCK_SIZE); AES_cfb128_encrypt(exp, out, sizeof(msg), &aesDec, iv, NULL, AES_DECRYPT); ExpectIntEQ(XMEMCMP(out, msg, sizeof(msg)), 0); ExpectIntNE(XMEMCMP(iv, ivData, sizeof(iv)), 0); #endif for (i = 0; EXPECT_SUCCESS() && (i <= sizeof(msg)); i++) { ExpectIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &aesEnc), 0); XMEMCPY(iv, ivData, sizeof(iv)); XMEMSET(out, 0, AES_BLOCK_SIZE); AES_cfb128_encrypt(msg, out, i, &aesEnc, iv, &num, AES_ENCRYPT); ExpectIntEQ(num, i % AES_BLOCK_SIZE); ExpectIntEQ(XMEMCMP(out, exp, i), 0); if (i == 0) { ExpectIntEQ(XMEMCMP(iv, ivData, sizeof(iv)), 0); } else { ExpectIntNE(XMEMCMP(iv, ivData, sizeof(iv)), 0); } #ifdef HAVE_AES_DECRYPT ExpectIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &aesDec), 0); XMEMCPY(iv, ivData, sizeof(iv)); XMEMSET(out, 0, AES_BLOCK_SIZE); AES_cfb128_encrypt(exp, out, i, &aesDec, iv, &num, AES_DECRYPT); ExpectIntEQ(num, i % AES_BLOCK_SIZE); ExpectIntEQ(XMEMCMP(out, msg, i), 0); if (i == 0) { ExpectIntEQ(XMEMCMP(iv, ivData, sizeof(iv)), 0); } else { ExpectIntNE(XMEMCMP(iv, ivData, sizeof(iv)), 0); } #endif } if (EXPECT_SUCCESS()) { /* test bad arguments */ AES_cfb128_encrypt(NULL, NULL, 0, NULL, NULL, NULL, AES_DECRYPT); AES_cfb128_encrypt(msg, NULL, 0, NULL, NULL, NULL, AES_DECRYPT); AES_cfb128_encrypt(NULL, out, 0, NULL, NULL, NULL, AES_DECRYPT); AES_cfb128_encrypt(NULL, NULL, 0, &aesDec, NULL, NULL, AES_DECRYPT); AES_cfb128_encrypt(NULL, NULL, 0, NULL, iv, NULL, AES_DECRYPT); AES_cfb128_encrypt(NULL, out, 0, &aesDec, iv, NULL, AES_DECRYPT); AES_cfb128_encrypt(msg, NULL, 0, &aesDec, iv, NULL, AES_DECRYPT); AES_cfb128_encrypt(msg, out, 0, NULL, iv, NULL, AES_DECRYPT); AES_cfb128_encrypt(msg, out, 0, &aesDec, NULL, NULL, AES_DECRYPT); } #endif return EXPECT_RESULT(); } static int test_wolfSSL_CRYPTO_cts128(void) { EXPECT_DECLS; #if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(OPENSSL_EXTRA) && \ defined(HAVE_CTS) && !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API) byte tmp[64]; /* Largest vector size */ /* Test vectors taken form RFC3962 Appendix B */ const testVector vects[] = { { "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" "\x20", "\xc6\x35\x35\x68\xf2\xbf\x8c\xb4\xd8\xa5\x80\x36\x2d\xa7\xff\x7f" "\x97", 17, 17 }, { "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20", "\xfc\x00\x78\x3e\x0e\xfd\xb2\xc1\xd4\x45\xd4\xc8\xef\xf7\xed\x22" "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5", 31, 31 }, { "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43", "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8" "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84", 32, 32 }, { "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43" "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c", "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84" "\xb3\xff\xfd\x94\x0c\x16\xa1\x8c\x1b\x55\x49\xd2\xf8\x38\x02\x9e" "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5", 47, 47 }, { "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43" "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20", "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84" "\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8" "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8", 48, 48 }, { "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43" "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20" "\x61\x6e\x64\x20\x77\x6f\x6e\x74\x6f\x6e\x20\x73\x6f\x75\x70\x2e", "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84" "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8" "\x48\x07\xef\xe8\x36\xee\x89\xa5\x26\x73\x0d\xbc\x2f\x7b\xc8\x40" "\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8", 64, 64 } }; byte keyBytes[AES_128_KEY_SIZE] = { 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20, 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69 }; size_t i; AES_KEY encKey; byte iv[AES_IV_SIZE]; /* All-zero IV for all cases */ XMEMSET(tmp, 0, sizeof(tmp)); for (i = 0; i < sizeof(vects)/sizeof(vects[0]); i++) { AES_KEY decKey; ExpectIntEQ(AES_set_encrypt_key(keyBytes, AES_128_KEY_SIZE * 8, &encKey), 0); ExpectIntEQ(AES_set_decrypt_key(keyBytes, AES_128_KEY_SIZE * 8, &decKey), 0); XMEMSET(iv, 0, sizeof(iv)); ExpectIntEQ(CRYPTO_cts128_encrypt((const unsigned char*)vects[i].input, tmp, vects[i].inLen, &encKey, iv, (cbc128_f)AES_cbc_encrypt), vects[i].outLen); ExpectIntEQ(XMEMCMP(tmp, vects[i].output, vects[i].outLen), 0); XMEMSET(iv, 0, sizeof(iv)); ExpectIntEQ(CRYPTO_cts128_decrypt((const unsigned char*)vects[i].output, tmp, vects[i].outLen, &decKey, iv, (cbc128_f)AES_cbc_encrypt), vects[i].inLen); ExpectIntEQ(XMEMCMP(tmp, vects[i].input, vects[i].inLen), 0); } ExpectIntEQ(CRYPTO_cts128_encrypt(NULL, NULL, 17, NULL, NULL, NULL), 0); ExpectIntEQ(CRYPTO_cts128_encrypt(tmp, NULL, 17, NULL, NULL, NULL), 0); ExpectIntEQ(CRYPTO_cts128_encrypt(NULL, tmp, 17, NULL, NULL, NULL), 0); ExpectIntEQ(CRYPTO_cts128_encrypt(NULL, NULL, 17, &encKey, NULL, NULL), 0); ExpectIntEQ(CRYPTO_cts128_encrypt(NULL, NULL, 17, NULL, iv, NULL), 0); ExpectIntEQ(CRYPTO_cts128_encrypt(NULL, NULL, 17, NULL, NULL, (cbc128_f)AES_cbc_encrypt), 0); ExpectIntEQ(CRYPTO_cts128_encrypt(NULL, tmp, 17, &encKey, iv, (cbc128_f)AES_cbc_encrypt), 0); ExpectIntEQ(CRYPTO_cts128_encrypt(tmp, NULL, 17, &encKey, iv, (cbc128_f)AES_cbc_encrypt), 0); ExpectIntEQ(CRYPTO_cts128_encrypt(tmp, tmp, 17, NULL, iv, (cbc128_f)AES_cbc_encrypt), 0); ExpectIntEQ(CRYPTO_cts128_encrypt(tmp, tmp, 17, &encKey, NULL, (cbc128_f)AES_cbc_encrypt), 0); ExpectIntEQ(CRYPTO_cts128_encrypt(tmp, tmp, 17, &encKey, iv, NULL), 0); /* Length too small. */ ExpectIntEQ(CRYPTO_cts128_encrypt(tmp, tmp, 0, &encKey, iv, (cbc128_f)AES_cbc_encrypt), 0); ExpectIntEQ(CRYPTO_cts128_decrypt(NULL, NULL, 17, NULL, NULL, NULL), 0); ExpectIntEQ(CRYPTO_cts128_decrypt(tmp, NULL, 17, NULL, NULL, NULL), 0); ExpectIntEQ(CRYPTO_cts128_decrypt(NULL, tmp, 17, NULL, NULL, NULL), 0); ExpectIntEQ(CRYPTO_cts128_decrypt(NULL, NULL, 17, &encKey, NULL, NULL), 0); ExpectIntEQ(CRYPTO_cts128_decrypt(NULL, NULL, 17, NULL, iv, NULL), 0); ExpectIntEQ(CRYPTO_cts128_decrypt(NULL, NULL, 17, NULL, NULL, (cbc128_f)AES_cbc_encrypt), 0); ExpectIntEQ(CRYPTO_cts128_decrypt(NULL, tmp, 17, &encKey, iv, (cbc128_f)AES_cbc_encrypt), 0); ExpectIntEQ(CRYPTO_cts128_decrypt(tmp, NULL, 17, &encKey, iv, (cbc128_f)AES_cbc_encrypt), 0); ExpectIntEQ(CRYPTO_cts128_decrypt(tmp, tmp, 17, NULL, iv, (cbc128_f)AES_cbc_encrypt), 0); ExpectIntEQ(CRYPTO_cts128_decrypt(tmp, tmp, 17, &encKey, NULL, (cbc128_f)AES_cbc_encrypt), 0); ExpectIntEQ(CRYPTO_cts128_decrypt(tmp, tmp, 17, &encKey, iv, NULL), 0); /* Length too small. */ ExpectIntEQ(CRYPTO_cts128_decrypt(tmp, tmp, 0, &encKey, iv, (cbc128_f)AES_cbc_encrypt), 0); #endif /* !NO_AES && HAVE_AES_CBC && OPENSSL_EXTRA && HAVE_CTS */ return EXPECT_RESULT(); } static int test_wolfSSL_RC4(void) { EXPECT_DECLS; #if !defined(NO_RC4) && defined(OPENSSL_EXTRA) WOLFSSL_RC4_KEY rc4Key; unsigned char key[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, }; unsigned char data[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, }; unsigned char enc[sizeof(data)]; unsigned char dec[sizeof(data)]; word32 i; word32 j; wolfSSL_RC4_set_key(NULL, -1, NULL); wolfSSL_RC4_set_key(&rc4Key, -1, NULL); wolfSSL_RC4_set_key(NULL, 0, NULL); wolfSSL_RC4_set_key(NULL, -1, key); wolfSSL_RC4_set_key(&rc4Key, 0, NULL); wolfSSL_RC4_set_key(&rc4Key, -1, key); wolfSSL_RC4_set_key(NULL, 0, key); wolfSSL_RC4(NULL, 0, NULL, NULL); wolfSSL_RC4(&rc4Key, 0, NULL, NULL); wolfSSL_RC4(NULL, 0, data, NULL); wolfSSL_RC4(NULL, 0, NULL, enc); wolfSSL_RC4(&rc4Key, 0, data, NULL); wolfSSL_RC4(&rc4Key, 0, NULL, enc); wolfSSL_RC4(NULL, 0, data, enc); ExpectIntEQ(1, 1); for (i = 0; EXPECT_SUCCESS() && (i <= sizeof(key)); i++) { for (j = 0; EXPECT_SUCCESS() && (j <= sizeof(data)); j++) { XMEMSET(enc, 0, sizeof(enc)); XMEMSET(dec, 0, sizeof(dec)); /* Encrypt */ wolfSSL_RC4_set_key(&rc4Key, i, key); wolfSSL_RC4(&rc4Key, j, data, enc); /* Decrypt */ wolfSSL_RC4_set_key(&rc4Key, i, key); wolfSSL_RC4(&rc4Key, j, enc, dec); ExpectIntEQ(XMEMCMP(dec, data, j), 0); } } #endif return EXPECT_RESULT(); } static int test_wolfSSL_OBJ(void) { /* Password "wolfSSL test" is only 12 (96-bit) too short for testing in FIPS * mode */ EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_SHA256) && !defined(NO_ASN) && \ !defined(HAVE_FIPS) && !defined(NO_SHA) && defined(WOLFSSL_CERT_EXT) && \ defined(WOLFSSL_CERT_GEN) && !defined(NO_BIO) && \ !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) ASN1_OBJECT *obj = NULL; ASN1_OBJECT *obj2 = NULL; char buf[50]; XFILE fp = XBADFILE; X509 *x509 = NULL; X509_NAME *x509Name = NULL; X509_NAME_ENTRY *x509NameEntry = NULL; ASN1_OBJECT *asn1Name = NULL; int numNames = 0; BIO *bio = NULL; int nid; int i, j; const char *f[] = { #ifndef NO_RSA "./certs/ca-cert.der", #endif #ifdef HAVE_ECC "./certs/ca-ecc-cert.der", "./certs/ca-ecc384-cert.der", #endif NULL}; ASN1_OBJECT *field_name_obj = NULL; int lastpos = -1; int tmp = -1; ASN1_STRING *asn1 = NULL; unsigned char *buf_dyn = NULL; ExpectIntEQ(OBJ_obj2txt(buf, (int)sizeof(buf), obj, 1), SSL_FAILURE); ExpectNotNull(obj = OBJ_nid2obj(NID_any_policy)); ExpectIntEQ(OBJ_obj2nid(obj), NID_any_policy); ExpectIntEQ(OBJ_obj2txt(buf, (int)sizeof(buf), obj, 1), 11); ExpectIntGT(OBJ_obj2txt(buf, (int)sizeof(buf), obj, 0), 0); ASN1_OBJECT_free(obj); obj = NULL; ExpectNotNull(obj = OBJ_nid2obj(NID_sha256)); ExpectIntEQ(OBJ_obj2nid(obj), NID_sha256); ExpectIntEQ(OBJ_obj2txt(buf, (int)sizeof(buf), obj, 1), 22); #ifdef WOLFSSL_CERT_EXT ExpectIntEQ(OBJ_txt2nid(buf), NID_sha256); #endif ExpectIntGT(OBJ_obj2txt(buf, (int)sizeof(buf), obj, 0), 0); ExpectNotNull(obj2 = OBJ_dup(obj)); ExpectIntEQ(OBJ_cmp(obj, obj2), 0); ASN1_OBJECT_free(obj); obj = NULL; ASN1_OBJECT_free(obj2); obj2 = NULL; for (i = 0; f[i] != NULL; i++) { ExpectTrue((fp = XFOPEN(f[i], "rb")) != XBADFILE); ExpectNotNull(x509 = d2i_X509_fp(fp, NULL)); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } ExpectNotNull(x509Name = X509_get_issuer_name(x509)); ExpectIntNE((numNames = X509_NAME_entry_count(x509Name)), 0); /* Get the Common Name by using OBJ_txt2obj */ ExpectNotNull(field_name_obj = OBJ_txt2obj("CN", 0)); do { lastpos = tmp; tmp = X509_NAME_get_index_by_OBJ(x509Name, field_name_obj, lastpos); } while (tmp > -1); ExpectIntNE(lastpos, -1); ASN1_OBJECT_free(field_name_obj); field_name_obj = NULL; ExpectNotNull(x509NameEntry = X509_NAME_get_entry(x509Name, lastpos)); ExpectNotNull(asn1 = X509_NAME_ENTRY_get_data(x509NameEntry)); ExpectIntGE(ASN1_STRING_to_UTF8(&buf_dyn, asn1), 0); /* * All Common Names should be www.wolfssl.com * This makes testing easier as we can test for the expected value. */ ExpectStrEQ((char*)buf_dyn, "www.wolfssl.com"); OPENSSL_free(buf_dyn); buf_dyn = NULL; bio = BIO_new(BIO_s_mem()); ExpectTrue(bio != NULL); for (j = 0; j < numNames; j++) { ExpectNotNull(x509NameEntry = X509_NAME_get_entry(x509Name, j)); ExpectNotNull(asn1Name = X509_NAME_ENTRY_get_object(x509NameEntry)); ExpectTrue((nid = OBJ_obj2nid(asn1Name)) > 0); } BIO_free(bio); bio = NULL; X509_free(x509); x509 = NULL; } #ifdef HAVE_PKCS12 { PKCS12 *p12 = NULL; int boolRet; EVP_PKEY *pkey = NULL; const char *p12_f[] = { #if !defined(NO_DES3) && !defined(NO_RSA) "./certs/test-servercert.p12", #endif NULL}; for (i = 0; p12_f[i] != NULL; i++) { ExpectTrue((fp = XFOPEN(p12_f[i], "rb")) != XBADFILE); ExpectNotNull(p12 = d2i_PKCS12_fp(fp, NULL)); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } ExpectTrue((boolRet = PKCS12_parse(p12, "wolfSSL test", &pkey, &x509, NULL)) > 0); wc_PKCS12_free(p12); p12 = NULL; EVP_PKEY_free(pkey); x509Name = X509_get_issuer_name(x509); ExpectNotNull(x509Name); ExpectIntNE((numNames = X509_NAME_entry_count(x509Name)), 0); ExpectTrue((bio = BIO_new(BIO_s_mem())) != NULL); for (j = 0; j < numNames; j++) { ExpectNotNull(x509NameEntry = X509_NAME_get_entry(x509Name, j)); ExpectNotNull(asn1Name = X509_NAME_ENTRY_get_object(x509NameEntry)); ExpectTrue((nid = OBJ_obj2nid(asn1Name)) > 0); } BIO_free(bio); bio = NULL; X509_free(x509); x509 = NULL; } } #endif /* HAVE_PKCS12 */ #endif return EXPECT_RESULT(); } static int test_wolfSSL_OBJ_cmp(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_SHA256) ASN1_OBJECT *obj = NULL; ASN1_OBJECT *obj2 = NULL; ExpectNotNull(obj = OBJ_nid2obj(NID_any_policy)); ExpectNotNull(obj2 = OBJ_nid2obj(NID_sha256)); ExpectIntEQ(OBJ_cmp(NULL, NULL), WOLFSSL_FATAL_ERROR); ExpectIntEQ(OBJ_cmp(obj, NULL), WOLFSSL_FATAL_ERROR); ExpectIntEQ(OBJ_cmp(NULL, obj2), WOLFSSL_FATAL_ERROR); ExpectIntEQ(OBJ_cmp(obj, obj2), WOLFSSL_FATAL_ERROR); ExpectIntEQ(OBJ_cmp(obj, obj), 0); ExpectIntEQ(OBJ_cmp(obj2, obj2), 0); ASN1_OBJECT_free(obj); ASN1_OBJECT_free(obj2); #endif return EXPECT_RESULT(); } static int test_wolfSSL_OBJ_txt2nid(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \ defined(WOLFSSL_APACHE_HTTPD) int i; static const struct { const char* sn; const char* ln; const char* oid; int nid; } testVals[] = { #ifdef WOLFSSL_APACHE_HTTPD { "tlsfeature", "TLS Feature", "1.3.6.1.5.5.7.1.24", NID_tlsfeature }, { "id-on-dnsSRV", "SRVName", "1.3.6.1.5.5.7.8.7", NID_id_on_dnsSRV }, { "msUPN", "Microsoft User Principal Name", "1.3.6.1.4.1.311.20.2.3", NID_ms_upn }, #endif { NULL, NULL, NULL, NID_undef } }; /* Invalid cases */ ExpectIntEQ(OBJ_txt2nid(NULL), NID_undef); ExpectIntEQ(OBJ_txt2nid("Bad name"), NID_undef); /* Valid cases */ for (i = 0; testVals[i].sn != NULL; i++) { ExpectIntEQ(OBJ_txt2nid(testVals[i].sn), testVals[i].nid); ExpectIntEQ(OBJ_txt2nid(testVals[i].ln), testVals[i].nid); ExpectIntEQ(OBJ_txt2nid(testVals[i].oid), testVals[i].nid); } #endif return EXPECT_RESULT(); } static int test_wolfSSL_OBJ_txt2obj(void) { EXPECT_DECLS; #if defined(WOLFSSL_APACHE_HTTPD) || (defined(OPENSSL_EXTRA) && \ defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)) int i; char buf[50]; ASN1_OBJECT* obj = NULL; static const struct { const char* oidStr; const char* sn; const char* ln; } objs_list[] = { #if defined(WOLFSSL_APACHE_HTTPD) { "1.3.6.1.5.5.7.1.24", "tlsfeature", "TLS Feature" }, { "1.3.6.1.5.5.7.8.7", "id-on-dnsSRV", "SRVName" }, #endif { "2.5.29.19", "basicConstraints", "X509v3 Basic Constraints"}, { NULL, NULL, NULL } }; static const struct { const char* numeric; const char* name; } objs_named[] = { /* In dictionary but not in normal list. */ { "1.3.6.1.5.5.7.3.8", "Time Stamping" }, /* Made up OID. */ { "1.3.5.7", "1.3.5.7" }, { NULL, NULL } }; ExpectNull(obj = OBJ_txt2obj("Bad name", 0)); ASN1_OBJECT_free(obj); obj = NULL; ExpectNull(obj = OBJ_txt2obj(NULL, 0)); ASN1_OBJECT_free(obj); obj = NULL; for (i = 0; objs_list[i].oidStr != NULL; i++) { /* Test numerical value of oid (oidStr) */ ExpectNotNull(obj = OBJ_txt2obj(objs_list[i].oidStr, 1)); /* Convert object back to text to confirm oid is correct */ wolfSSL_OBJ_obj2txt(buf, (int)sizeof(buf), obj, 1); ExpectIntEQ(XSTRNCMP(buf, objs_list[i].oidStr, (int)XSTRLEN(buf)), 0); ASN1_OBJECT_free(obj); obj = NULL; XMEMSET(buf, 0, sizeof(buf)); /* Test short name (sn) */ ExpectNull(obj = OBJ_txt2obj(objs_list[i].sn, 1)); ExpectNotNull(obj = OBJ_txt2obj(objs_list[i].sn, 0)); /* Convert object back to text to confirm oid is correct */ wolfSSL_OBJ_obj2txt(buf, (int)sizeof(buf), obj, 1); ExpectIntEQ(XSTRNCMP(buf, objs_list[i].oidStr, (int)XSTRLEN(buf)), 0); ASN1_OBJECT_free(obj); obj = NULL; XMEMSET(buf, 0, sizeof(buf)); /* Test long name (ln) - should fail when no_name = 1 */ ExpectNull(obj = OBJ_txt2obj(objs_list[i].ln, 1)); ExpectNotNull(obj = OBJ_txt2obj(objs_list[i].ln, 0)); /* Convert object back to text to confirm oid is correct */ wolfSSL_OBJ_obj2txt(buf, (int)sizeof(buf), obj, 1); ExpectIntEQ(XSTRNCMP(buf, objs_list[i].oidStr, (int)XSTRLEN(buf)), 0); ASN1_OBJECT_free(obj); obj = NULL; XMEMSET(buf, 0, sizeof(buf)); } for (i = 0; objs_named[i].numeric != NULL; i++) { ExpectNotNull(obj = OBJ_txt2obj(objs_named[i].numeric, 1)); wolfSSL_OBJ_obj2txt(buf, (int)sizeof(buf), obj, 0); ExpectIntEQ(XSTRNCMP(buf, objs_named[i].name, (int)XSTRLEN(buf)), 0); wolfSSL_OBJ_obj2txt(buf, (int)sizeof(buf), obj, 1); ExpectIntEQ(XSTRNCMP(buf, objs_named[i].numeric, (int)XSTRLEN(buf)), 0); ASN1_OBJECT_free(obj); obj = NULL; } #endif return EXPECT_RESULT(); } static int test_wolfSSL_PEM_write_bio_X509(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(OPENSSL_ALL) && \ defined(WOLFSSL_AKID_NAME) && defined(WOLFSSL_CERT_EXT) && \ defined(WOLFSSL_CERT_GEN) && !defined(NO_BIO) && !defined(NO_RSA) && \ !defined(NO_FILESYSTEM) /* This test contains the hard coded expected * lengths. Update if necessary */ XFILE fp = XBADFILE; WOLFSSL_EVP_PKEY *priv = NULL; BIO* input = NULL; BIO* output = NULL; X509* x509a = NULL; X509* x509b = NULL; ASN1_TIME* notBeforeA = NULL; ASN1_TIME* notAfterA = NULL; #ifndef NO_ASN_TIME ASN1_TIME* notBeforeB = NULL; ASN1_TIME* notAfterB = NULL; #endif int expectedLen; ExpectTrue((fp = XFOPEN("certs/server-key.pem", "rb")) != XBADFILE); ExpectNotNull(priv = wolfSSL_PEM_read_PrivateKey(fp, NULL, NULL, NULL)); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } ExpectNotNull(input = BIO_new_file("certs/test/cert-ext-multiple.pem", "rb")); ExpectIntEQ(wolfSSL_BIO_get_len(input), 2000); /* read PEM into X509 struct, get notBefore / notAfter to verify against */ ExpectNotNull(PEM_read_bio_X509(input, &x509a, NULL, NULL)); ExpectNotNull(notBeforeA = X509_get_notBefore(x509a)); ExpectNotNull(notAfterA = X509_get_notAfter(x509a)); /* write X509 back to PEM BIO; no need to sign as nothing changed. */ ExpectNotNull(output = BIO_new(wolfSSL_BIO_s_mem())); ExpectIntEQ(PEM_write_bio_X509(output, x509a), WOLFSSL_SUCCESS); /* compare length against expected */ expectedLen = 2000; ExpectIntEQ(wolfSSL_BIO_get_len(output), expectedLen); #ifndef NO_ASN_TIME /* read exported X509 PEM back into struct, sanity check on export, * make sure notBefore/notAfter are the same and certs are identical. */ ExpectNotNull(PEM_read_bio_X509(output, &x509b, NULL, NULL)); ExpectNotNull(notBeforeB = X509_get_notBefore(x509b)); ExpectNotNull(notAfterB = X509_get_notAfter(x509b)); ExpectIntEQ(ASN1_TIME_compare(notBeforeA, notBeforeB), 0); ExpectIntEQ(ASN1_TIME_compare(notAfterA, notAfterB), 0); ExpectIntEQ(0, wolfSSL_X509_cmp(x509a, x509b)); X509_free(x509b); x509b = NULL; #endif /* Reset output buffer */ BIO_free(output); output = NULL; ExpectNotNull(output = BIO_new(wolfSSL_BIO_s_mem())); /* Test forcing the AKID to be generated just from KeyIdentifier */ if (EXPECT_SUCCESS() && x509a->authKeyIdSrc != NULL) { XMEMMOVE(x509a->authKeyIdSrc, x509a->authKeyId, x509a->authKeyIdSz); x509a->authKeyId = x509a->authKeyIdSrc; x509a->authKeyIdSrc = NULL; x509a->authKeyIdSrcSz = 0; } /* Resign to re-generate the der */ ExpectIntGT(wolfSSL_X509_sign(x509a, priv, EVP_sha256()), 0); ExpectIntEQ(PEM_write_bio_X509(output, x509a), WOLFSSL_SUCCESS); /* Check that we generate a smaller output since the AKID will * only contain the KeyIdentifier without any additional * information */ /* Here we copy the validity struct from the original */ expectedLen = 1688; ExpectIntEQ(wolfSSL_BIO_get_len(output), expectedLen); /* Reset buffers and x509 */ BIO_free(input); input = NULL; BIO_free(output); output = NULL; X509_free(x509a); x509a = NULL; /* test CA and basicConstSet values are encoded when * the cert is a CA */ ExpectNotNull(input = BIO_new_file("certs/server-cert.pem", "rb")); /* read PEM into X509 struct */ ExpectNotNull(PEM_read_bio_X509(input, &x509a, NULL, NULL)); /* write X509 back to PEM BIO; no need to sign as nothing changed */ ExpectNotNull(output = BIO_new(wolfSSL_BIO_s_mem())); ExpectIntEQ(PEM_write_bio_X509(output, x509a), WOLFSSL_SUCCESS); /* read exported X509 PEM back into struct, ensure isCa and basicConstSet * values are maintained and certs are identical.*/ ExpectNotNull(PEM_read_bio_X509(output, &x509b, NULL, NULL)); ExpectIntEQ(x509b->isCa, 1); ExpectIntEQ(x509b->basicConstSet, 1); ExpectIntEQ(0, wolfSSL_X509_cmp(x509a, x509b)); X509_free(x509a); x509a = NULL; X509_free(x509b); x509b = NULL; BIO_free(input); input = NULL; BIO_free(output); output = NULL; /* test CA and basicConstSet values are encoded when * the cert is not CA */ ExpectNotNull(input = BIO_new_file("certs/client-uri-cert.pem", "rb")); /* read PEM into X509 struct */ ExpectNotNull(PEM_read_bio_X509(input, &x509a, NULL, NULL)); /* write X509 back to PEM BIO; no need to sign as nothing changed */ ExpectNotNull(output = BIO_new(wolfSSL_BIO_s_mem())); ExpectIntEQ(PEM_write_bio_X509(output, x509a), WOLFSSL_SUCCESS); /* read exported X509 PEM back into struct, ensure isCa and * basicConstSet values are maintained and certs are identical */ ExpectNotNull(PEM_read_bio_X509(output, &x509b, NULL, NULL)); ExpectIntEQ(x509b->isCa, 0); ExpectIntEQ(x509b->basicConstSet, 1); ExpectIntEQ(0, wolfSSL_X509_cmp(x509a, x509b)); wolfSSL_EVP_PKEY_free(priv); X509_free(x509a); X509_free(x509b); BIO_free(input); BIO_free(output); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_NAME_ENTRY(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \ !defined(NO_RSA) && defined(WOLFSSL_CERT_GEN) X509* x509 = NULL; #ifndef NO_BIO BIO* bio = NULL; #endif X509_NAME* nm = NULL; X509_NAME_ENTRY* entry = NULL; unsigned char cn[] = "another name to add"; #ifdef OPENSSL_ALL int i; int names_len = 0; #endif ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile, SSL_FILETYPE_PEM)); #ifndef NO_BIO ExpectNotNull(bio = BIO_new(BIO_s_mem())); ExpectIntEQ(PEM_write_bio_X509_AUX(bio, x509), SSL_SUCCESS); #endif #ifdef WOLFSSL_CERT_REQ { X509_REQ* req = NULL; #ifndef NO_BIO BIO* bReq = NULL; #endif ExpectNotNull(req = wolfSSL_X509_load_certificate_file(cliCertFile, SSL_FILETYPE_PEM)); #ifndef NO_BIO ExpectNotNull(bReq = BIO_new(BIO_s_mem())); ExpectIntEQ(PEM_write_bio_X509_REQ(bReq, req), SSL_SUCCESS); BIO_free(bReq); #endif X509_free(req); } #endif ExpectNotNull(nm = X509_get_subject_name(x509)); /* Test add entry */ ExpectNotNull(entry = X509_NAME_ENTRY_create_by_NID(NULL, NID_commonName, 0x0c, cn, (int)sizeof(cn))); ExpectIntEQ(X509_NAME_add_entry(nm, entry, -1, 0), SSL_SUCCESS); #ifdef WOLFSSL_CERT_EXT ExpectIntEQ(X509_NAME_add_entry_by_txt(nm, "emailAddress", MBSTRING_UTF8, (byte*)"support@wolfssl.com", 19, -1, 1), WOLFSSL_SUCCESS); #endif X509_NAME_ENTRY_free(entry); entry = NULL; #ifdef WOLFSSL_CERT_REQ { unsigned char srv_pkcs9p[] = "Server"; unsigned char fvrtDrnk[] = "tequila"; unsigned char* der = NULL; char* subject = NULL; ExpectIntEQ(X509_NAME_add_entry_by_NID(nm, NID_pkcs9_contentType, MBSTRING_ASC, srv_pkcs9p, -1, -1, 0), SSL_SUCCESS); ExpectIntEQ(X509_NAME_add_entry_by_NID(nm, NID_favouriteDrink, MBSTRING_ASC, fvrtDrnk, -1, -1, 0), SSL_SUCCESS); ExpectIntGT(wolfSSL_i2d_X509_NAME(nm, &der), 0); ExpectNotNull(der); ExpectNotNull(subject = X509_NAME_oneline(nm, 0, 0)); ExpectNotNull(XSTRSTR(subject, "favouriteDrink=tequila")); ExpectNotNull(XSTRSTR(subject, "contentType=Server")); #ifdef DEBUG_WOLFSSL if (subject != NULL) { fprintf(stderr, "\n\t%s\n", subject); } #endif XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL); XFREE(der, NULL, DYNAMIC_TYPE_OPENSSL); } #endif /* Test add entry by text */ ExpectNotNull(entry = X509_NAME_ENTRY_create_by_txt(NULL, "commonName", 0x0c, cn, (int)sizeof(cn))); #if defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO) \ || defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_NGINX) ExpectNull(X509_NAME_ENTRY_create_by_txt(&entry, "unknown", V_ASN1_UTF8STRING, cn, (int)sizeof(cn))); #endif ExpectIntEQ(X509_NAME_add_entry(nm, entry, -1, 0), SSL_SUCCESS); X509_NAME_ENTRY_free(entry); entry = NULL; /* Test add entry by NID */ ExpectIntEQ(X509_NAME_add_entry_by_NID(nm, NID_commonName, MBSTRING_UTF8, cn, -1, -1, 0), SSL_SUCCESS); #ifdef OPENSSL_ALL /* stack of name entry */ ExpectIntGT((names_len = sk_X509_NAME_ENTRY_num(nm->entries)), 0); for (i = 0; i < names_len; i++) { ExpectNotNull(entry = sk_X509_NAME_ENTRY_value(nm->entries, i)); } #endif #ifndef NO_BIO BIO_free(bio); #endif X509_free(x509); /* free's nm */ #endif return EXPECT_RESULT(); } /* Note the lack of wolfSSL_ prefix...this is a compatibility layer test. */ static int test_GENERAL_NAME_set0_othername(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && \ defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ALT_NAMES) && \ defined(WOLFSSL_CERT_EXT) && !defined(NO_FILESYSTEM) && \ defined(WOLFSSL_FPKI) /* ./configure --enable-opensslall --enable-certgen --enable-certreq * --enable-certext --enable-debug 'CPPFLAGS=-DWOLFSSL_CUSTOM_OID * -DWOLFSSL_ALT_NAMES -DWOLFSSL_FPKI' */ const char * cert_fname = "./certs/server-cert.der"; const char * key_fname = "./certs/server-key.der"; X509* x509 = NULL; GENERAL_NAME* gn = NULL; GENERAL_NAMES* gns = NULL; ASN1_OBJECT* upn_oid = NULL; ASN1_UTF8STRING *utf8str = NULL; ASN1_TYPE *value = NULL; X509_EXTENSION * ext = NULL; byte* pt = NULL; byte der[4096]; int derSz = 0; EVP_PKEY* priv = NULL; XFILE f = XBADFILE; ExpectTrue((f = XFOPEN(cert_fname, "rb")) != XBADFILE); ExpectNotNull(x509 = d2i_X509_fp(f, NULL)); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } ExpectNotNull(gn = GENERAL_NAME_new()); ExpectNotNull(upn_oid = OBJ_txt2obj("1.3.6.1.4.1.311.20.2.3", 1)); ExpectNotNull(utf8str = ASN1_UTF8STRING_new()); ExpectIntEQ(ASN1_STRING_set(utf8str, "othername@wolfssl.com", -1), 1); ExpectNotNull(value = ASN1_TYPE_new()); ASN1_TYPE_set(value, V_ASN1_UTF8STRING, utf8str); if ((value == NULL) || (value->value.ptr != (char*)utf8str)) { wolfSSL_ASN1_STRING_free(utf8str); } ExpectIntEQ(GENERAL_NAME_set0_othername(gn, upn_oid, value), 1); if (EXPECT_FAIL()) { ASN1_TYPE_free(value); } ExpectNotNull(gns = sk_GENERAL_NAME_new(NULL)); ExpectIntEQ(sk_GENERAL_NAME_push(gns, gn), 1); if (EXPECT_FAIL()) { GENERAL_NAME_free(gn); gn = NULL; } ExpectNotNull(ext = X509V3_EXT_i2d(NID_subject_alt_name, 0, gns)); ExpectIntEQ(X509_add_ext(x509, ext, -1), 1); ExpectTrue((f = XFOPEN(key_fname, "rb")) != XBADFILE); ExpectIntGT(derSz = (int)XFREAD(der, 1, sizeof(der), f), 0); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } pt = der; ExpectNotNull(priv = d2i_PrivateKey(EVP_PKEY_RSA, NULL, (const unsigned char**)&pt, derSz)); ExpectIntGT(X509_sign(x509, priv, EVP_sha256()), 0); sk_GENERAL_NAME_pop_free(gns, GENERAL_NAME_free); gns = NULL; ExpectNotNull(gns = X509_get_ext_d2i(x509, NID_subject_alt_name, NULL, NULL)); ExpectIntEQ(sk_GENERAL_NAME_num(gns), 3); ExpectNotNull(gn = sk_GENERAL_NAME_value(gns, 2)); ExpectIntEQ(gn->type, 0); sk_GENERAL_NAME_pop_free(gns, GENERAL_NAME_free); ASN1_OBJECT_free(upn_oid); X509_EXTENSION_free(ext); X509_free(x509); EVP_PKEY_free(priv); #endif return EXPECT_RESULT(); } /* Note the lack of wolfSSL_ prefix...this is a compatibility layer test. */ static int test_othername_and_SID_ext(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && \ defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ALT_NAMES) && \ defined(WOLFSSL_CERT_EXT) && !defined(NO_FILESYSTEM) && \ defined(WOLFSSL_FPKI) && defined(WOLFSSL_ASN_TEMPLATE) /* ./configure --enable-opensslall --enable-certgen --enable-certreq * --enable-certext --enable-debug 'CPPFLAGS=-DWOLFSSL_CUSTOM_OID * -DWOLFSSL_ALT_NAMES -DWOLFSSL_FPKI' */ const char* csr_fname = "./certs/csr.signed.der"; const char* key_fname = "./certs/server-key.der"; byte der[4096]; int derSz = 0; X509_REQ* x509 = NULL; STACK_OF(X509_EXTENSION) *exts = NULL; X509_EXTENSION * san_ext = NULL; X509_EXTENSION * ext = NULL; GENERAL_NAME* gn = NULL; GENERAL_NAMES* gns = NULL; ASN1_OBJECT* upn_oid = NULL; ASN1_UTF8STRING *utf8str = NULL; ASN1_TYPE *value = NULL; ASN1_STRING *extval = NULL; /* SID extension. SID data format explained here: * https://blog.qdsecurity.se/2022/05/27/manually-injecting-a-sid-in-a-certificate/ */ uint8_t SidExtension[] = { 48, 64, 160, 62, 6, 10, 43, 6, 1, 4, 1, 130, 55, 25, 2, 1, 160, 48, 4, 46, 83, 45, 49, 45, 53, 45, 50, 49, 45, 50, 56, 52, 51, 57, 48, 55, 52, 49, 56, 45, 51, 57, 50, 54, 50, 55, 55, 52, 50, 49, 45, 51, 56, 49, 53, 57, 57, 51, 57, 55, 50, 45, 52, 54, 48, 49}; uint8_t expectedAltName[] = { 0x30, 0x27, 0xA0, 0x25, 0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x14, 0x02, 0x03, 0xA0, 0x17, 0x0C, 0x15, 0x6F, 0x74, 0x68, 0x65, 0x72, 0x6E, 0x61, 0x6D, 0x65, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D}; X509_EXTENSION *sid_ext = NULL; ASN1_OBJECT* sid_oid = NULL; ASN1_OCTET_STRING *sid_data = NULL; EVP_PKEY* priv = NULL; XFILE f = XBADFILE; byte* pt = NULL; BIO* bio = NULL; ExpectTrue((f = XFOPEN(csr_fname, "rb")) != XBADFILE); ExpectNotNull(x509 = d2i_X509_REQ_fp(f, NULL)); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } ExpectIntEQ(X509_REQ_set_version(x509, 2), 1); ExpectNotNull(gn = GENERAL_NAME_new()); ExpectNotNull(upn_oid = OBJ_txt2obj("1.3.6.1.4.1.311.20.2.3", 1)); ExpectNotNull(utf8str = ASN1_UTF8STRING_new()); ExpectIntEQ(ASN1_STRING_set(utf8str, "othername@wolfssl.com", -1), 1); ExpectNotNull(value = ASN1_TYPE_new()); ASN1_TYPE_set(value, V_ASN1_UTF8STRING, utf8str); if (EXPECT_FAIL()) { ASN1_UTF8STRING_free(utf8str); } ExpectIntEQ(GENERAL_NAME_set0_othername(gn, upn_oid, value), 1); if (EXPECT_FAIL()) { ASN1_TYPE_free(value); GENERAL_NAME_free(gn); gn = NULL; } ExpectNotNull(gns = sk_GENERAL_NAME_new(NULL)); ExpectIntEQ(sk_GENERAL_NAME_push(gns, gn), 1); if (EXPECT_FAIL()) { GENERAL_NAME_free(gn); } ExpectNotNull(san_ext = X509V3_EXT_i2d(NID_subject_alt_name, 0, gns)); ExpectNotNull(sid_oid = OBJ_txt2obj("1.3.6.1.4.1.311.25.2", 1)); ExpectNotNull(sid_data = ASN1_OCTET_STRING_new()); ASN1_OCTET_STRING_set(sid_data, SidExtension, sizeof(SidExtension)); ExpectNotNull(sid_ext = X509_EXTENSION_create_by_OBJ(NULL, sid_oid, 0, sid_data)); ExpectNotNull(exts = sk_X509_EXTENSION_new_null()); /* Ensure an empty stack doesn't raise an error. */ ExpectIntEQ(X509_REQ_add_extensions(x509, exts), 1); ExpectIntEQ(sk_X509_EXTENSION_push(exts, san_ext), 1); if (EXPECT_FAIL()) { X509_EXTENSION_free(san_ext); } ExpectIntEQ(sk_X509_EXTENSION_push(exts, sid_ext), 2); if (EXPECT_FAIL()) { X509_EXTENSION_free(sid_ext); } ExpectIntEQ(X509_REQ_add_extensions(x509, exts), 1); ExpectTrue((f = XFOPEN(key_fname, "rb")) != XBADFILE); ExpectIntGT(derSz = (int)XFREAD(der, 1, sizeof(der), f), 0); if (f != XBADFILE) XFCLOSE(f); pt = der; ExpectNotNull(priv = d2i_PrivateKey(EVP_PKEY_RSA, NULL, (const unsigned char**)&pt, derSz)); ExpectIntGT(X509_REQ_sign(x509, priv, EVP_sha256()), 0); pt = der; ExpectIntGT(derSz = i2d_X509_REQ(x509, &pt), 0); sk_GENERAL_NAME_pop_free(gns, GENERAL_NAME_free); gns = NULL; sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); exts = NULL; ASN1_OBJECT_free(upn_oid); ASN1_OBJECT_free(sid_oid); ASN1_OCTET_STRING_free(sid_data); X509_REQ_free(x509); x509 = NULL; EVP_PKEY_free(priv); /* At this point everything used to generate what is in der is cleaned up. * We now read back from der to confirm the extensions were inserted * correctly. */ bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()); ExpectNotNull(bio); ExpectIntEQ(BIO_write(bio, der, derSz), derSz); /* d2i consumes BIO */ ExpectNotNull(d2i_X509_REQ_bio(bio, &x509)); ExpectNotNull(x509); BIO_free(bio); ExpectNotNull(exts = (STACK_OF(X509_EXTENSION)*)X509_REQ_get_extensions( x509)); ExpectIntEQ(sk_X509_EXTENSION_num(exts), 2); /* Check the SID extension. */ ExpectNotNull(ext = sk_X509_EXTENSION_value(exts, 0)); ExpectNotNull(extval = X509_EXTENSION_get_data(ext)); ExpectIntEQ(extval->length, sizeof(SidExtension)); ExpectIntEQ(XMEMCMP(SidExtension, extval->data, sizeof(SidExtension)), 0); /* Check the AltNames extension. */ ExpectNotNull(ext = sk_X509_EXTENSION_value(exts, 1)); ExpectNotNull(extval = X509_EXTENSION_get_data(ext)); ExpectIntEQ(extval->length, sizeof(expectedAltName)); ExpectIntEQ(XMEMCMP(expectedAltName, extval->data, sizeof(expectedAltName)), 0); /* Cleanup */ ExpectNotNull(gns = X509_get_ext_d2i(x509, NID_subject_alt_name, NULL, NULL)); ExpectIntEQ(sk_GENERAL_NAME_num(gns), 1); ExpectNotNull(gn = sk_GENERAL_NAME_value(gns, 0)); ExpectIntEQ(gn->type, 0); sk_GENERAL_NAME_pop_free(gns, GENERAL_NAME_free); sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); X509_REQ_free(x509); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_set_name(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) X509* x509 = NULL; X509_NAME* name = NULL; ExpectNotNull(name = X509_NAME_new()); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8, (byte*)"wolfssl.com", 11, 0, 1), WOLFSSL_SUCCESS); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_UTF8, (byte*)"support@wolfssl.com", 19, -1, 1), WOLFSSL_SUCCESS); ExpectNotNull(x509 = X509_new()); ExpectIntEQ(X509_set_subject_name(NULL, NULL), WOLFSSL_FAILURE); ExpectIntEQ(X509_set_subject_name(x509, NULL), WOLFSSL_FAILURE); ExpectIntEQ(X509_set_subject_name(NULL, name), WOLFSSL_FAILURE); ExpectIntEQ(X509_set_subject_name(x509, name), WOLFSSL_SUCCESS); ExpectIntEQ(X509_set_issuer_name(NULL, NULL), WOLFSSL_FAILURE); ExpectIntEQ(X509_set_issuer_name(x509, NULL), WOLFSSL_FAILURE); ExpectIntEQ(X509_set_issuer_name(NULL, name), WOLFSSL_FAILURE); ExpectIntEQ(X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS); X509_free(x509); X509_NAME_free(name); #endif /* OPENSSL_ALL && !NO_CERTS */ return EXPECT_RESULT(); } static int test_wolfSSL_X509_set_notAfter(void) { EXPECT_DECLS; #if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) \ && !defined(NO_ASN_TIME) && !defined(USER_TIME) && \ !defined(TIME_OVERRIDES) && !defined(NO_CERTS) && \ defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) &&\ !defined(TIME_T_NOT_64BIT) && !defined(NO_64BIT) && !defined(NO_BIO) /* Generalized time will overflow time_t if not long */ X509* x = NULL; BIO* bio = NULL; ASN1_TIME *asn_time = NULL; ASN1_TIME *time_check = NULL; const int year = 365*24*60*60; const int day = 24*60*60; const int hour = 60*60; const int mini = 60; int offset_day; unsigned char buf[25]; time_t t; /* * Setup asn_time. APACHE HTTPD uses time(NULL) */ t = (time_t)107 * year + 31 * day + 34 * hour + 30 * mini + 7 * day; offset_day = 7; /* * Free these. */ asn_time = wolfSSL_ASN1_TIME_adj(NULL, t, offset_day, 0); ExpectNotNull(asn_time); ExpectNotNull(x = X509_new()); ExpectNotNull(bio = BIO_new(BIO_s_mem())); /* * Tests */ ExpectTrue(wolfSSL_X509_set_notAfter(x, asn_time)); /* time_check is simply (ANS1_TIME*)x->notAfter */ ExpectNotNull(time_check = X509_get_notAfter(x)); /* ANS1_TIME_check validates by checking if argument can be parsed */ ExpectIntEQ(ASN1_TIME_check(time_check), WOLFSSL_SUCCESS); /* Convert to human readable format and compare to intended date */ ExpectIntEQ(ASN1_TIME_print(bio, time_check), 1); ExpectIntEQ(BIO_read(bio, buf, sizeof(buf)), 24); ExpectIntEQ(XMEMCMP(buf, "Jan 20 10:30:00 2077 GMT", sizeof(buf) - 1), 0); ExpectFalse(wolfSSL_X509_set_notAfter(NULL, NULL)); ExpectFalse(wolfSSL_X509_set_notAfter(x, NULL)); ExpectFalse(wolfSSL_X509_set_notAfter(NULL, asn_time)); /* * Cleanup */ XFREE(asn_time, NULL, DYNAMIC_TYPE_OPENSSL); X509_free(x); BIO_free(bio); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_set_notBefore(void) { EXPECT_DECLS; #if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) \ && !defined(NO_ASN_TIME) && !defined(USER_TIME) && \ !defined(TIME_OVERRIDES) && !defined(NO_CERTS) && \ defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && !defined(NO_BIO) X509* x = NULL; BIO* bio = NULL; ASN1_TIME *asn_time = NULL; ASN1_TIME *time_check = NULL; const int year = 365*24*60*60; const int day = 24*60*60; const int hour = 60*60; const int mini = 60; int offset_day; unsigned char buf[25]; time_t t; /* * Setup asn_time. APACHE HTTPD uses time(NULL) */ t = (time_t)49 * year + 125 * day + 20 * hour + 30 * mini + 7 * day; offset_day = 7; /* * Free these. */ asn_time = wolfSSL_ASN1_TIME_adj(NULL, t, offset_day, 0); ExpectNotNull(asn_time); ExpectNotNull(x = X509_new()); ExpectNotNull(bio = BIO_new(BIO_s_mem())); ExpectIntEQ(ASN1_TIME_check(asn_time), WOLFSSL_SUCCESS); /* * Main Tests */ ExpectTrue(wolfSSL_X509_set_notBefore(x, asn_time)); /* time_check == (ANS1_TIME*)x->notBefore */ ExpectNotNull(time_check = X509_get_notBefore(x)); /* ANS1_TIME_check validates by checking if argument can be parsed */ ExpectIntEQ(ASN1_TIME_check(time_check), WOLFSSL_SUCCESS); /* Convert to human readable format and compare to intended date */ ExpectIntEQ(ASN1_TIME_print(bio, time_check), 1); ExpectIntEQ(BIO_read(bio, buf, sizeof(buf)), 24); ExpectIntEQ(XMEMCMP(buf, "May 8 20:30:00 2019 GMT", sizeof(buf) - 1), 0); ExpectFalse(wolfSSL_X509_set_notBefore(NULL, NULL)); ExpectFalse(wolfSSL_X509_set_notBefore(x, NULL)); ExpectFalse(wolfSSL_X509_set_notBefore(NULL, asn_time)); /* * Cleanup */ XFREE(asn_time, NULL, DYNAMIC_TYPE_OPENSSL); X509_free(x); BIO_free(bio); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_set_version(void) { EXPECT_DECLS; #if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && \ !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) X509* x509 = NULL; long v = 2L; long maxInt = INT_MAX; ExpectNotNull(x509 = X509_new()); /* These should pass. */ ExpectTrue(wolfSSL_X509_set_version(x509, v)); ExpectIntEQ(v, wolfSSL_X509_get_version(x509)); /* Fail Case: When v(long) is greater than x509->version(int). */ v = maxInt+1; ExpectFalse(wolfSSL_X509_set_version(x509, v)); ExpectFalse(wolfSSL_X509_set_version(NULL, 2L)); ExpectFalse(wolfSSL_X509_set_version(NULL, maxInt+1)); /* Cleanup */ X509_free(x509); #endif return EXPECT_RESULT(); } #ifndef NO_BIO static int test_wolfSSL_BIO_gets(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) BIO* bio = NULL; BIO* bio2 = NULL; char msg[] = "\nhello wolfSSL\n security plus\t---...**adf\na...b.c"; char emp[] = ""; char bio_buffer[20]; int bufferSz = 20; #ifdef OPENSSL_ALL BUF_MEM* emp_bm = NULL; BUF_MEM* msg_bm = NULL; #endif /* try with bad args */ ExpectNull(bio = BIO_new_mem_buf(NULL, sizeof(msg))); #ifdef OPENSSL_ALL ExpectIntEQ(BIO_set_mem_buf(bio, NULL, BIO_NOCLOSE), BAD_FUNC_ARG); #endif /* try with real msg */ ExpectNotNull(bio = BIO_new_mem_buf((void*)msg, -1)); XMEMSET(bio_buffer, 0, bufferSz); ExpectNotNull(BIO_push(bio, BIO_new(BIO_s_bio()))); ExpectNull(bio2 = BIO_find_type(bio, BIO_TYPE_FILE)); ExpectNotNull(bio2 = BIO_find_type(bio, BIO_TYPE_BIO)); ExpectFalse(bio2 != BIO_next(bio)); /* make buffer filled with no terminating characters */ XMEMSET(bio_buffer, 1, bufferSz); /* BIO_gets reads a line of data */ ExpectIntEQ(BIO_gets(bio, bio_buffer, -3), 0); ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 1); ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 14); ExpectStrEQ(bio_buffer, "hello wolfSSL\n"); ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 19); ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 8); ExpectIntEQ(BIO_gets(bio, bio_buffer, -1), 0); #ifdef OPENSSL_ALL /* test setting the mem_buf manually */ BIO_free(bio); ExpectNotNull(bio = BIO_new_mem_buf((void*)msg, -1)); ExpectNotNull(emp_bm = BUF_MEM_new()); ExpectNotNull(msg_bm = BUF_MEM_new()); ExpectIntEQ(BUF_MEM_grow(msg_bm, sizeof(msg)), sizeof(msg)); if (EXPECT_SUCCESS()) { XFREE(msg_bm->data, NULL, DYNAMIC_TYPE_OPENSSL); msg_bm->data = NULL; } /* emp size is 1 for terminator */ ExpectIntEQ(BUF_MEM_grow(emp_bm, sizeof(emp)), sizeof(emp)); if (EXPECT_SUCCESS()) { XFREE(emp_bm->data, NULL, DYNAMIC_TYPE_OPENSSL); emp_bm->data = emp; msg_bm->data = msg; } ExpectIntEQ(BIO_set_mem_buf(bio, emp_bm, BIO_CLOSE), WOLFSSL_SUCCESS); /* check reading an empty string */ ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 1); /* just terminator */ ExpectStrEQ(emp, bio_buffer); ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 0); /* Nothing to read */ /* BIO_gets reads a line of data */ ExpectIntEQ(BIO_set_mem_buf(bio, msg_bm, BIO_NOCLOSE), WOLFSSL_SUCCESS); ExpectIntEQ(BIO_gets(bio, bio_buffer, -3), 0); ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 1); ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 14); ExpectStrEQ(bio_buffer, "hello wolfSSL\n"); ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 19); ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 8); ExpectIntEQ(BIO_gets(bio, bio_buffer, -1), 0); if (EXPECT_SUCCESS()) emp_bm->data = NULL; BUF_MEM_free(emp_bm); if (EXPECT_SUCCESS()) msg_bm->data = NULL; BUF_MEM_free(msg_bm); #endif /* check not null terminated string */ BIO_free(bio); bio = NULL; msg[0] = 0x33; msg[1] = 0x33; msg[2] = 0x33; ExpectNotNull(bio = BIO_new_mem_buf((void*)msg, 3)); ExpectIntEQ(BIO_gets(bio, bio_buffer, 3), 2); ExpectIntEQ(bio_buffer[0], msg[0]); ExpectIntEQ(bio_buffer[1], msg[1]); ExpectIntNE(bio_buffer[2], msg[2]); BIO_free(bio); bio = NULL; msg[3] = 0x33; bio_buffer[3] = 0x33; ExpectNotNull(bio = BIO_new_mem_buf((void*)msg, 3)); ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 3); ExpectIntEQ(bio_buffer[0], msg[0]); ExpectIntEQ(bio_buffer[1], msg[1]); ExpectIntEQ(bio_buffer[2], msg[2]); ExpectIntNE(bio_buffer[3], 0x33); /* make sure null terminator was set */ /* check reading an empty string */ BIO_free(bio); bio = NULL; ExpectNotNull(bio = BIO_new_mem_buf((void*)emp, sizeof(emp))); ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 1); /* just terminator */ ExpectStrEQ(emp, bio_buffer); ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 0); /* Nothing to read */ /* check error cases */ BIO_free(bio); bio = NULL; ExpectIntEQ(BIO_gets(NULL, NULL, 0), SSL_FAILURE); ExpectNotNull(bio = BIO_new(BIO_s_mem())); ExpectIntEQ(BIO_gets(bio, bio_buffer, 2), 0); /* nothing to read */ #if !defined(NO_FILESYSTEM) { BIO* f_bio = NULL; XFILE f = XBADFILE; ExpectNotNull(f_bio = BIO_new(BIO_s_file())); ExpectIntLE(BIO_gets(f_bio, bio_buffer, bufferSz), 0); ExpectTrue((f = XFOPEN(svrCertFile, "rb")) != XBADFILE); ExpectIntEQ((int)BIO_set_fp(f_bio, f, BIO_CLOSE), SSL_SUCCESS); if (EXPECT_FAIL() && (f != XBADFILE)) { XFCLOSE(f); } ExpectIntGT(BIO_gets(f_bio, bio_buffer, bufferSz), 0); BIO_free(f_bio); f_bio = NULL; } #endif /* NO_FILESYSTEM */ BIO_free(bio); bio = NULL; BIO_free(bio2); bio2 = NULL; /* try with type BIO */ XMEMCPY(msg, "\nhello wolfSSL\n security plus\t---...**adf\na...b.c", sizeof(msg)); ExpectNotNull(bio = BIO_new(BIO_s_bio())); ExpectIntEQ(BIO_gets(bio, bio_buffer, 2), 0); /* nothing to read */ ExpectNotNull(bio2 = BIO_new(BIO_s_bio())); ExpectIntEQ(BIO_set_write_buf_size(bio, 10), SSL_SUCCESS); ExpectIntEQ(BIO_set_write_buf_size(bio2, sizeof(msg)), SSL_SUCCESS); ExpectIntEQ(BIO_make_bio_pair(bio, bio2), SSL_SUCCESS); ExpectIntEQ(BIO_write(bio2, msg, sizeof(msg)), sizeof(msg)); ExpectIntEQ(BIO_gets(bio, bio_buffer, -3), 0); ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 1); ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 14); ExpectStrEQ(bio_buffer, "hello wolfSSL\n"); ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 19); ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 8); ExpectIntEQ(BIO_gets(bio, bio_buffer, -1), 0); BIO_free(bio); bio = NULL; BIO_free(bio2); bio2 = NULL; /* check reading an empty string */ ExpectNotNull(bio = BIO_new(BIO_s_bio())); ExpectIntEQ(BIO_set_write_buf_size(bio, sizeof(emp)), SSL_SUCCESS); ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 0); /* Nothing to read */ ExpectStrEQ(emp, bio_buffer); BIO_free(bio); bio = NULL; #endif return EXPECT_RESULT(); } static int test_wolfSSL_BIO_puts(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) BIO* bio = NULL; char input[] = "hello\0world\n.....ok\n\0"; char output[128]; XMEMSET(output, 0, sizeof(output)); ExpectNotNull(bio = BIO_new(BIO_s_mem())); ExpectIntEQ(BIO_puts(bio, input), 5); ExpectIntEQ(BIO_pending(bio), 5); ExpectIntEQ(BIO_puts(bio, input + 6), 14); ExpectIntEQ(BIO_pending(bio), 19); ExpectIntEQ(BIO_gets(bio, output, sizeof(output)), 11); ExpectStrEQ(output, "helloworld\n"); ExpectIntEQ(BIO_pending(bio), 8); ExpectIntEQ(BIO_gets(bio, output, sizeof(output)), 8); ExpectStrEQ(output, ".....ok\n"); ExpectIntEQ(BIO_pending(bio), 0); ExpectIntEQ(BIO_puts(bio, ""), -1); BIO_free(bio); #endif return EXPECT_RESULT(); } static int test_wolfSSL_BIO_dump(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) BIO* bio; static const unsigned char data[] = { 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0x55, 0xBF, 0xF4, 0x0F, 0x44, 0x50, 0x9A, 0x3D, 0xCE, 0x9B, 0xB7, 0xF0, 0xC5, 0x4D, 0xF5, 0x70, 0x7B, 0xD4, 0xEC, 0x24, 0x8E, 0x19, 0x80, 0xEC, 0x5A, 0x4C, 0xA2, 0x24, 0x03, 0x62, 0x2C, 0x9B, 0xDA, 0xEF, 0xA2, 0x35, 0x12, 0x43, 0x84, 0x76, 0x16, 0xC6, 0x56, 0x95, 0x06, 0xCC, 0x01, 0xA9, 0xBD, 0xF6, 0x75, 0x1A, 0x42, 0xF7, 0xBD, 0xA9, 0xB2, 0x36, 0x22, 0x5F, 0xC7, 0x5D, 0x7F, 0xB4 }; /* Generated with OpenSSL. */ static const char expected[] = "0000 - 30 59 30 13 06 07 2a 86-48 ce 3d 02 01 06 08 2a 0Y0...*.H.=....*\n" "0010 - 86 48 ce 3d 03 01 07 03-42 00 04 55 bf f4 0f 44 .H.=....B..U...D\n" "0020 - 50 9a 3d ce 9b b7 f0 c5-4d f5 70 7b d4 ec 24 8e P.=.....M.p{..$.\n" "0030 - 19 80 ec 5a 4c a2 24 03-62 2c 9b da ef a2 35 12 ...ZL.$.b,....5.\n" "0040 - 43 84 76 16 c6 56 95 06-cc 01 a9 bd f6 75 1a 42 C.v..V.......u.B\n" "0050 - f7 bd a9 b2 36 22 5f c7-5d 7f b4 ....6\"_.]..\n"; static const char expectedAll[] = "0000 - 00 01 02 03 04 05 06 07-08 09 0a 0b 0c 0d 0e 0f ................\n" "0010 - 10 11 12 13 14 15 16 17-18 19 1a 1b 1c 1d 1e 1f ................\n" "0020 - 20 21 22 23 24 25 26 27-28 29 2a 2b 2c 2d 2e 2f !\"#$%&'()*+,-./\n" "0030 - 30 31 32 33 34 35 36 37-38 39 3a 3b 3c 3d 3e 3f 0123456789:;<=>?\n" "0040 - 40 41 42 43 44 45 46 47-48 49 4a 4b 4c 4d 4e 4f @ABCDEFGHIJKLMNO\n" "0050 - 50 51 52 53 54 55 56 57-58 59 5a 5b 5c 5d 5e 5f PQRSTUVWXYZ[\\]^_\n" "0060 - 60 61 62 63 64 65 66 67-68 69 6a 6b 6c 6d 6e 6f `abcdefghijklmno\n" "0070 - 70 71 72 73 74 75 76 77-78 79 7a 7b 7c 7d 7e 7f pqrstuvwxyz{|}~.\n" "0080 - 80 81 82 83 84 85 86 87-88 89 8a 8b 8c 8d 8e 8f ................\n" "0090 - 90 91 92 93 94 95 96 97-98 99 9a 9b 9c 9d 9e 9f ................\n" "00a0 - a0 a1 a2 a3 a4 a5 a6 a7-a8 a9 aa ab ac ad ae af ................\n" "00b0 - b0 b1 b2 b3 b4 b5 b6 b7-b8 b9 ba bb bc bd be bf ................\n" "00c0 - c0 c1 c2 c3 c4 c5 c6 c7-c8 c9 ca cb cc cd ce cf ................\n" "00d0 - d0 d1 d2 d3 d4 d5 d6 d7-d8 d9 da db dc dd de df ................\n" "00e0 - e0 e1 e2 e3 e4 e5 e6 e7-e8 e9 ea eb ec ed ee ef ................\n" "00f0 - f0 f1 f2 f3 f4 f5 f6 f7-f8 f9 fa fb fc fd fe ff ................\n"; char output[16 * 80]; int i; ExpectNotNull(bio = BIO_new(BIO_s_mem())); /* Example key dumped. */ ExpectIntEQ(BIO_dump(bio, (const char*)data, (int)sizeof(data)), sizeof(expected) - 1); ExpectIntEQ(BIO_read(bio, output, sizeof(output)), sizeof(expected) - 1); ExpectIntEQ(XMEMCMP(output, expected, sizeof(expected) - 1), 0); /* Try every possible value for a character. */ for (i = 0; i < 256; i++) output[i] = i; ExpectIntEQ(BIO_dump(bio, output, 256), sizeof(expectedAll) - 1); ExpectIntEQ(BIO_read(bio, output, sizeof(output)), sizeof(expectedAll) - 1); ExpectIntEQ(XMEMCMP(output, expectedAll, sizeof(expectedAll) - 1), 0); BIO_free(bio); #endif return EXPECT_RESULT(); } #if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ !defined(NO_RSA) && defined(HAVE_EXT_CACHE) && \ defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(USE_WOLFSSL_IO) static int forceWantRead(WOLFSSL *ssl, char *buf, int sz, void *ctx) { (void)ssl; (void)buf; (void)sz; (void)ctx; return WOLFSSL_CBIO_ERR_WANT_READ; } #endif static int test_wolfSSL_BIO_should_retry(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ !defined(NO_RSA) && defined(HAVE_EXT_CACHE) && \ defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(USE_WOLFSSL_IO) tcp_ready ready; func_args server_args; THREAD_TYPE serverThread; SOCKET_T sockfd = 0; WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; char msg[64] = "hello wolfssl!"; char reply[1024]; int msgSz = (int)XSTRLEN(msg); int ret; BIO* bio = NULL; XMEMSET(&server_args, 0, sizeof(func_args)); #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif StartTCP(); InitTcpReady(&ready); #if defined(USE_WINDOWS_API) /* use RNG to get random port if using windows */ ready.port = GetRandomPort(); #endif server_args.signal = &ready; start_thread(test_server_nofail, &server_args, &serverThread); wait_tcp_ready(&server_args); ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); #ifdef OPENSSL_COMPATIBLE_DEFAULTS ExpectIntEQ(wolfSSL_CTX_clear_mode(ctx, SSL_MODE_AUTO_RETRY), 0); #endif ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, SSL_FILETYPE_PEM)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, SSL_FILETYPE_PEM)); tcp_connect(&sockfd, wolfSSLIP, server_args.signal->port, 0, 0, NULL); /* force retry */ ExpectNotNull(bio = wolfSSL_BIO_new_ssl(ctx, 1)); ExpectIntEQ(BIO_get_ssl(bio, &ssl), 1); ExpectNotNull(ssl); ExpectIntEQ(wolfSSL_set_fd(ssl, sockfd), WOLFSSL_SUCCESS); wolfSSL_SSLSetIORecv(ssl, forceWantRead); if (EXPECT_FAIL()) { wolfSSL_free(ssl); ssl = NULL; } ExpectIntLE(BIO_write(bio, msg, msgSz), 0); ExpectIntNE(BIO_should_retry(bio), 0); ExpectIntEQ(BIO_should_read(bio), 0); ExpectIntEQ(BIO_should_write(bio), 0); /* now perform successful connection */ wolfSSL_SSLSetIORecv(ssl, EmbedReceive); ExpectIntEQ(BIO_write(bio, msg, msgSz), msgSz); ExpectIntNE(BIO_read(bio, reply, sizeof(reply)), 0); ret = wolfSSL_get_error(ssl, -1); if (ret == WOLFSSL_ERROR_WANT_READ || ret == WOLFSSL_ERROR_WANT_WRITE) { ExpectIntNE(BIO_should_retry(bio), 0); if (ret == WOLFSSL_ERROR_WANT_READ) ExpectIntEQ(BIO_should_read(bio), 1); else ExpectIntEQ(BIO_should_read(bio), 0); if (ret == WOLFSSL_ERROR_WANT_WRITE) ExpectIntEQ(BIO_should_write(bio), 1); else ExpectIntEQ(BIO_should_write(bio), 0); } else { ExpectIntEQ(BIO_should_retry(bio), 0); ExpectIntEQ(BIO_should_read(bio), 0); ExpectIntEQ(BIO_should_write(bio), 0); } ExpectIntEQ(XMEMCMP(reply, "I hear you fa shizzle!", XSTRLEN("I hear you fa shizzle!")), 0); BIO_free(bio); wolfSSL_CTX_free(ctx); CloseSocket(sockfd); join_thread(serverThread); FreeTcpReady(&ready); #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_BIO_connect(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \ defined(HAVE_HTTP_CLIENT) && !defined(NO_WOLFSSL_CLIENT) tcp_ready ready; func_args server_args; THREAD_TYPE serverThread; BIO *tcpBio = NULL; BIO *sslBio = NULL; SSL_CTX* ctx = NULL; SSL *ssl = NULL; SSL *sslPtr; char msg[] = "hello wolfssl!"; char reply[30]; char buff[10] = {0}; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, SSL_FILETYPE_PEM)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, SSL_FILETYPE_PEM)); /* Setup server */ XMEMSET(&server_args, 0, sizeof(func_args)); StartTCP(); InitTcpReady(&ready); #if defined(USE_WINDOWS_API) /* use RNG to get random port if using windows */ ready.port = GetRandomPort(); #endif server_args.signal = &ready; start_thread(test_server_nofail, &server_args, &serverThread); wait_tcp_ready(&server_args); ExpectIntGT(XSPRINTF(buff, "%d", ready.port), 0); /* Start the test proper */ /* Setup the TCP BIO */ ExpectNotNull(tcpBio = BIO_new_connect(wolfSSLIP)); ExpectIntEQ(BIO_set_conn_port(tcpBio, buff), 1); /* Setup the SSL object */ ExpectNotNull(ssl = SSL_new(ctx)); SSL_set_connect_state(ssl); /* Setup the SSL BIO */ ExpectNotNull(sslBio = BIO_new(BIO_f_ssl())); ExpectIntEQ(BIO_set_ssl(sslBio, ssl, BIO_CLOSE), 1); if (EXPECT_FAIL()) { wolfSSL_free(ssl); } /* Verify that BIO_get_ssl works. */ ExpectIntEQ(BIO_get_ssl(sslBio, &sslPtr), 1); ExpectPtrEq(ssl, sslPtr); /* Link BIO's so that sslBio uses tcpBio for IO */ ExpectPtrEq(BIO_push(sslBio, tcpBio), sslBio); /* Do TCP connect */ ExpectIntEQ(BIO_do_connect(sslBio), 1); /* Do TLS handshake */ ExpectIntEQ(BIO_do_handshake(sslBio), 1); /* Test writing */ ExpectIntEQ(BIO_write(sslBio, msg, sizeof(msg)), sizeof(msg)); /* Expect length of default wolfSSL reply */ ExpectIntEQ(BIO_read(sslBio, reply, sizeof(reply)), 23); /* Clean it all up */ BIO_free_all(sslBio); /* Server clean up */ join_thread(serverThread); FreeTcpReady(&ready); /* Run the same test, but use BIO_new_ssl_connect and set the IP and port * after. */ XMEMSET(&server_args, 0, sizeof(func_args)); StartTCP(); InitTcpReady(&ready); #if defined(USE_WINDOWS_API) /* use RNG to get random port if using windows */ ready.port = GetRandomPort(); #endif server_args.signal = &ready; start_thread(test_server_nofail, &server_args, &serverThread); wait_tcp_ready(&server_args); ExpectIntGT(XSPRINTF(buff, "%d", ready.port), 0); ExpectNotNull(sslBio = BIO_new_ssl_connect(ctx)); ExpectIntEQ(BIO_set_conn_hostname(sslBio, (char*)wolfSSLIP), 1); ExpectIntEQ(BIO_set_conn_port(sslBio, buff), 1); ExpectIntEQ(BIO_do_connect(sslBio), 1); ExpectIntEQ(BIO_do_handshake(sslBio), 1); ExpectIntEQ(BIO_write(sslBio, msg, sizeof(msg)), sizeof(msg)); ExpectIntEQ(BIO_read(sslBio, reply, sizeof(reply)), 23); /* Attempt to close the TLS connection gracefully. */ BIO_ssl_shutdown(sslBio); BIO_free_all(sslBio); join_thread(serverThread); FreeTcpReady(&ready); SSL_CTX_free(ctx); #if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS) wc_ecc_fp_free(); /* free per thread cache */ #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_BIO_tls(void) { EXPECT_DECLS; #if !defined(NO_BIO) && defined(OPENSSL_EXTRA) && !defined(NO_WOLFSSL_CLIENT) SSL_CTX* ctx = NULL; SSL *ssl = NULL; BIO *readBio = NULL; BIO *writeBio = NULL; int ret; int err = 0; ExpectNotNull(ctx = SSL_CTX_new(SSLv23_method())); ExpectNotNull(ssl = SSL_new(ctx)); ExpectNotNull(readBio = BIO_new(BIO_s_mem())); ExpectNotNull(writeBio = BIO_new(BIO_s_mem())); /* Qt reads data from write-bio, * then writes the read data into plain packet. * Qt reads data from plain packet, * then writes the read data into read-bio. */ SSL_set_bio(ssl, readBio, writeBio); do { #ifdef WOLFSSL_ASYNC_CRYPT if (err == WC_PENDING_E) { ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW); if (ret < 0) { break; } else if (ret == 0) { continue; } } #endif ret = SSL_connect(ssl); err = SSL_get_error(ssl, 0); } while (err == WC_PENDING_E); ExpectIntEQ(ret, WOLFSSL_FATAL_ERROR); /* in this use case, should return WANT READ * so that Qt will read the data from plain packet for next state. */ ExpectIntEQ(err, SSL_ERROR_WANT_READ); SSL_free(ssl); SSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } #if defined(OPENSSL_ALL) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \ defined(HAVE_HTTP_CLIENT) static THREAD_RETURN WOLFSSL_THREAD test_wolfSSL_BIO_accept_client(void* args) { BIO* clientBio; SSL* sslClient; SSL_CTX* ctx; char connectAddr[20]; /* IP + port */; (void)args; AssertIntGT(snprintf(connectAddr, sizeof(connectAddr), "%s:%d", wolfSSLIP, wolfSSLPort), 0); AssertNotNull(clientBio = BIO_new_connect(connectAddr)); AssertIntEQ(BIO_do_connect(clientBio), 1); AssertNotNull(ctx = SSL_CTX_new(SSLv23_method())); AssertNotNull(sslClient = SSL_new(ctx)); AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0), WOLFSSL_SUCCESS); SSL_set_bio(sslClient, clientBio, clientBio); AssertIntEQ(SSL_connect(sslClient), 1); SSL_free(sslClient); SSL_CTX_free(ctx); #if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS) wc_ecc_fp_free(); /* free per thread cache */ #endif WOLFSSL_RETURN_FROM_THREAD(0); } #endif static int test_wolfSSL_BIO_accept(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \ defined(HAVE_HTTP_CLIENT) BIO* serverBindBio = NULL; BIO* serverAcceptBio = NULL; SSL* sslServer = NULL; SSL_CTX* ctx = NULL; func_args args; THREAD_TYPE thread; char port[10]; /* 10 bytes should be enough to store the string * representation of the port */ ExpectIntGT(snprintf(port, sizeof(port), "%d", wolfSSLPort), 0); ExpectNotNull(serverBindBio = BIO_new_accept(port)); /* First BIO_do_accept binds the port */ ExpectIntEQ(BIO_do_accept(serverBindBio), 1); XMEMSET(&args, 0, sizeof(func_args)); start_thread(test_wolfSSL_BIO_accept_client, &args, &thread); ExpectIntEQ(BIO_do_accept(serverBindBio), 1); /* Let's plug it into SSL to test */ ExpectNotNull(ctx = SSL_CTX_new(SSLv23_method())); ExpectIntEQ(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, SSL_FILETYPE_PEM), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM), WOLFSSL_SUCCESS); ExpectNotNull(sslServer = SSL_new(ctx)); ExpectNotNull(serverAcceptBio = BIO_pop(serverBindBio)); SSL_set_bio(sslServer, serverAcceptBio, serverAcceptBio); ExpectIntEQ(SSL_accept(sslServer), 1); join_thread(thread); BIO_free(serverBindBio); SSL_free(sslServer); SSL_CTX_free(ctx); #if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS) wc_ecc_fp_free(); /* free per thread cache */ #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_BIO_write(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_ENCODE) BIO* bio = NULL; BIO* bio64 = NULL; BIO* bio_mem = NULL; BIO* ptr = NULL; int sz; char msg[] = "conversion test"; char out[40]; char expected[] = "Y29udmVyc2lvbiB0ZXN0AA==\n"; void* bufPtr = NULL; BUF_MEM* buf = NULL; ExpectNotNull(bio64 = BIO_new(BIO_f_base64())); ExpectNotNull(bio = BIO_push(bio64, BIO_new(BIO_s_mem()))); if (EXPECT_FAIL()) { BIO_free(bio64); } /* now should convert to base64 then write to memory */ ExpectIntEQ(BIO_write(bio, msg, sizeof(msg)), sizeof(msg)); BIO_flush(bio); /* test BIO chain */ ExpectIntEQ(SSL_SUCCESS, (int)BIO_get_mem_ptr(bio, &buf)); ExpectNotNull(buf); ExpectIntEQ(buf->length, 25); ExpectIntEQ(BIO_get_mem_data(bio, &bufPtr), 25); ExpectPtrEq(buf->data, bufPtr); ExpectNotNull(ptr = BIO_find_type(bio, BIO_TYPE_MEM)); sz = sizeof(out); XMEMSET(out, 0, sz); ExpectIntEQ((sz = BIO_read(ptr, out, sz)), 25); ExpectIntEQ(XMEMCMP(out, expected, sz), 0); /* write then read should return the same message */ ExpectIntEQ(BIO_write(bio, msg, sizeof(msg)), sizeof(msg)); sz = sizeof(out); XMEMSET(out, 0, sz); ExpectIntEQ(BIO_read(bio, out, sz), 16); ExpectIntEQ(XMEMCMP(out, msg, sizeof(msg)), 0); /* now try encoding with no line ending */ BIO_set_flags(bio64, BIO_FLAGS_BASE64_NO_NL); #ifdef HAVE_EX_DATA BIO_set_ex_data(bio64, 0, (void*) "data"); ExpectIntEQ(strcmp((const char*)BIO_get_ex_data(bio64, 0), "data"), 0); #endif ExpectIntEQ(BIO_write(bio, msg, sizeof(msg)), sizeof(msg)); BIO_flush(bio); sz = sizeof(out); XMEMSET(out, 0, sz); ExpectIntEQ((sz = BIO_read(ptr, out, sz)), 24); ExpectIntEQ(XMEMCMP(out, expected, sz), 0); BIO_free_all(bio); /* frees bio64 also */ bio = NULL; /* test with more than one bio64 in list */ ExpectNotNull(bio64 = BIO_new(BIO_f_base64())); ExpectNotNull(bio = BIO_push(BIO_new(BIO_f_base64()), bio64)); if (EXPECT_FAIL()) { BIO_free(bio64); bio64 = NULL; } ExpectNotNull(bio_mem = BIO_new(BIO_s_mem())); ExpectNotNull(BIO_push(bio64, bio_mem)); if (EXPECT_FAIL()) { BIO_free(bio_mem); } /* now should convert to base64 when stored and then decode with read */ ExpectIntEQ(BIO_write(bio, msg, sizeof(msg)), 25); BIO_flush(bio); sz = sizeof(out); XMEMSET(out, 0, sz); ExpectIntEQ((sz = BIO_read(bio, out, sz)), 16); ExpectIntEQ(XMEMCMP(out, msg, sz), 0); BIO_clear_flags(bio64, ~0); BIO_set_retry_read(bio); BIO_free_all(bio); /* frees bio64s also */ bio = NULL; ExpectNotNull(bio = BIO_new_mem_buf(out, 0)); ExpectIntEQ(BIO_write(bio, msg, sizeof(msg)), sizeof(msg)); BIO_free(bio); #endif return EXPECT_RESULT(); } static int test_wolfSSL_BIO_printf(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) BIO* bio = NULL; int sz = 7; char msg[] = "TLS 1.3 for the world"; char out[60]; char expected[] = "TLS 1.3 for the world : sz = 7"; XMEMSET(out, 0, sizeof(out)); ExpectNotNull(bio = BIO_new(BIO_s_mem())); ExpectIntEQ(BIO_printf(bio, "%s : sz = %d", msg, sz), 30); ExpectIntEQ(BIO_printf(NULL, ""), WOLFSSL_FATAL_ERROR); ExpectIntEQ(BIO_read(bio, out, sizeof(out)), 30); ExpectIntEQ(XSTRNCMP(out, expected, sizeof(expected)), 0); BIO_free(bio); #endif return EXPECT_RESULT(); } static int test_wolfSSL_BIO_f_md(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_SHA256) BIO* bio = NULL; BIO* mem = NULL; char msg[] = "message to hash"; char out[60]; EVP_MD_CTX* ctx = NULL; const unsigned char testKey[] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b }; const char testData[] = "Hi There"; const unsigned char testResult[] = { 0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf, 0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9, 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7 }; const unsigned char expectedHash[] = { 0x66, 0x49, 0x3C, 0xE8, 0x8A, 0x57, 0xB0, 0x60, 0xDC, 0x55, 0x7D, 0xFC, 0x1F, 0xA5, 0xE5, 0x07, 0x70, 0x5A, 0xF6, 0xD7, 0xC4, 0x1F, 0x1A, 0xE4, 0x2D, 0xA6, 0xFD, 0xD1, 0x29, 0x7D, 0x60, 0x0D }; const unsigned char emptyHash[] = { 0xE3, 0xB0, 0xC4, 0x42, 0x98, 0xFC, 0x1C, 0x14, 0x9A, 0xFB, 0xF4, 0xC8, 0x99, 0x6F, 0xB9, 0x24, 0x27, 0xAE, 0x41, 0xE4, 0x64, 0x9B, 0x93, 0x4C, 0xA4, 0x95, 0x99, 0x1B, 0x78, 0x52, 0xB8, 0x55 }; unsigned char check[sizeof(testResult) + 1]; size_t checkSz = -1; EVP_PKEY* key = NULL; XMEMSET(out, 0, sizeof(out)); ExpectNotNull(bio = BIO_new(BIO_f_md())); ExpectNotNull(mem = BIO_new(BIO_s_mem())); ExpectIntEQ(BIO_get_md_ctx(bio, &ctx), 1); ExpectIntEQ(EVP_DigestInit(ctx, EVP_sha256()), 1); /* should not be able to write/read yet since just digest wrapper and no * data is passing through the bio */ ExpectIntEQ(BIO_write(bio, msg, 0), 0); ExpectIntEQ(BIO_pending(bio), 0); ExpectIntEQ(BIO_read(bio, out, sizeof(out)), 0); ExpectIntEQ(BIO_gets(bio, out, 3), 0); ExpectIntEQ(BIO_gets(bio, out, sizeof(out)), 32); ExpectIntEQ(XMEMCMP(emptyHash, out, 32), 0); BIO_reset(bio); /* append BIO mem to bio in order to read/write */ ExpectNotNull(bio = BIO_push(bio, mem)); XMEMSET(out, 0, sizeof(out)); ExpectIntEQ(BIO_write(mem, msg, sizeof(msg)), 16); ExpectIntEQ(BIO_pending(bio), 16); /* this just reads the message and does not hash it (gets calls final) */ ExpectIntEQ(BIO_read(bio, out, sizeof(out)), 16); ExpectIntEQ(XMEMCMP(out, msg, sizeof(msg)), 0); /* create a message digest using BIO */ XMEMSET(out, 0, sizeof(out)); ExpectIntEQ(BIO_write(bio, msg, sizeof(msg)), 16); ExpectIntEQ(BIO_pending(mem), 16); ExpectIntEQ(BIO_pending(bio), 16); ExpectIntEQ(BIO_gets(bio, out, sizeof(out)), 32); ExpectIntEQ(XMEMCMP(expectedHash, out, 32), 0); BIO_free(bio); bio = NULL; BIO_free(mem); mem = NULL; /* test with HMAC */ XMEMSET(out, 0, sizeof(out)); ExpectNotNull(bio = BIO_new(BIO_f_md())); ExpectNotNull(mem = BIO_new(BIO_s_mem())); BIO_get_md_ctx(bio, &ctx); ExpectNotNull(key = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, testKey, (int)sizeof(testKey))); EVP_DigestSignInit(ctx, NULL, EVP_sha256(), NULL, key); ExpectNotNull(bio = BIO_push(bio, mem)); BIO_write(bio, testData, (int)strlen(testData)); ExpectIntEQ(EVP_DigestSignFinal(ctx, NULL, &checkSz), 1); ExpectIntEQ(EVP_DigestSignFinal(ctx, check, &checkSz), 1); ExpectIntEQ(XMEMCMP(check, testResult, sizeof(testResult)), 0); EVP_PKEY_free(key); BIO_free(bio); BIO_free(mem); #endif return EXPECT_RESULT(); } static int test_wolfSSL_BIO_up_ref(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) BIO* bio = NULL; ExpectNotNull(bio = BIO_new(BIO_f_md())); ExpectIntEQ(BIO_up_ref(NULL), 0); ExpectIntEQ(BIO_up_ref(bio), 1); BIO_free(bio); ExpectIntEQ(BIO_up_ref(bio), 1); BIO_free(bio); BIO_free(bio); #endif return EXPECT_RESULT(); } static int test_wolfSSL_BIO_reset(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) BIO* bio = NULL; byte buf[16]; ExpectNotNull(bio = BIO_new_mem_buf("secure your data", (word32)XSTRLEN("secure your data"))); ExpectIntEQ(BIO_read(bio, buf, 6), 6); ExpectIntEQ(XMEMCMP(buf, "secure", 6), 0); XMEMSET(buf, 0, 16); ExpectIntEQ(BIO_read(bio, buf, 16), 10); ExpectIntEQ(XMEMCMP(buf, " your data", 10), 0); /* You cannot write to MEM BIO with read-only mode. */ ExpectIntEQ(BIO_write(bio, "WriteToReadonly", 15), 0); ExpectIntEQ(BIO_read(bio, buf, 16), -1); XMEMSET(buf, 0, 16); ExpectIntEQ(BIO_reset(bio), 0); ExpectIntEQ(BIO_read(bio, buf, 16), 16); ExpectIntEQ(XMEMCMP(buf, "secure your data", 16), 0); BIO_free(bio); #endif return EXPECT_RESULT(); } #endif /* !NO_BIO */ #if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) /* test that the callback arg is correct */ static int certCbArg = 0; static int certCb(WOLFSSL* ssl, void* arg) { if (ssl == NULL || arg != &certCbArg) return 0; if (wolfSSL_is_server(ssl)) { if (wolfSSL_use_certificate_file(ssl, svrCertFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) return 0; if (wolfSSL_use_PrivateKey_file(ssl, svrKeyFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) return 0; } else { if (wolfSSL_use_certificate_file(ssl, cliCertFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) return 0; if (wolfSSL_use_PrivateKey_file(ssl, cliKeyFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) return 0; } return 1; } static int certSetupCb(WOLFSSL_CTX* ctx) { SSL_CTX_set_cert_cb(ctx, certCb, &certCbArg); return TEST_SUCCESS; } /** * This is only done because test_wolfSSL_client_server_nofail_memio has no way * to stop certificate and key loading */ static int certClearCb(WOLFSSL* ssl) { /* Clear the loaded certs to force the callbacks to set them up */ SSL_certs_clear(ssl); return TEST_SUCCESS; } #endif static int test_wolfSSL_cert_cb(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) test_ssl_cbf func_cb_client; test_ssl_cbf func_cb_server; XMEMSET(&func_cb_client, 0, sizeof(func_cb_client)); XMEMSET(&func_cb_server, 0, sizeof(func_cb_server)); func_cb_client.ctx_ready = certSetupCb; func_cb_client.ssl_ready = certClearCb; func_cb_server.ctx_ready = certSetupCb; func_cb_server.ssl_ready = certClearCb; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client, &func_cb_server, NULL), TEST_SUCCESS); #endif return EXPECT_RESULT(); } #if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) static const char* test_wolfSSL_cert_cb_dyn_ciphers_client_cipher = NULL; static const char* test_wolfSSL_cert_cb_dyn_ciphers_client_sigalgs = NULL; static int test_wolfSSL_cert_cb_dyn_ciphers_client_ctx_ready(WOLFSSL_CTX* ctx) { EXPECT_DECLS; ExpectIntEQ(wolfSSL_CTX_set_cipher_list(ctx, test_wolfSSL_cert_cb_dyn_ciphers_client_cipher), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, test_wolfSSL_cert_cb_dyn_ciphers_client_sigalgs), WOLFSSL_SUCCESS); return EXPECT_RESULT(); } static int test_wolfSSL_cert_cb_dyn_ciphers_certCB(WOLFSSL* ssl, void* arg) { const byte* suites = NULL; word16 suiteSz = 0; const byte* hashSigAlgo = NULL; word16 hashSigAlgoSz = 0; word16 idx = 0; int haveRSA = 0; int haveECC = 0; (void)arg; if (wolfSSL_get_client_suites_sigalgs(ssl, &suites, &suiteSz, &hashSigAlgo, &hashSigAlgoSz) != WOLFSSL_SUCCESS) return 0; if (suites == NULL || suiteSz == 0 || hashSigAlgo == NULL || hashSigAlgoSz == 0) return 0; for (idx = 0; idx < suiteSz; idx += 2) { WOLFSSL_CIPHERSUITE_INFO info = wolfSSL_get_ciphersuite_info(suites[idx], suites[idx+1]); if (info.rsaAuth) haveRSA = 1; else if (info.eccAuth) haveECC = 1; } if (hashSigAlgoSz > 0) { /* sigalgs extension takes precedence over ciphersuites */ haveRSA = 0; haveECC = 0; } for (idx = 0; idx < hashSigAlgoSz; idx += 2) { int hashAlgo = 0; int sigAlgo = 0; if (wolfSSL_get_sigalg_info(hashSigAlgo[idx+0], hashSigAlgo[idx+1], &hashAlgo, &sigAlgo) != 0) return 0; if (sigAlgo == RSAk || sigAlgo == RSAPSSk) haveRSA = 1; else if (sigAlgo == ECDSAk) haveECC = 1; } if (haveRSA) { if (wolfSSL_use_certificate_file(ssl, svrCertFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) return 0; if (wolfSSL_use_PrivateKey_file(ssl, svrKeyFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) return 0; } else if (haveECC) { if (wolfSSL_use_certificate_file(ssl, eccCertFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) return 0; if (wolfSSL_use_PrivateKey_file(ssl, eccKeyFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) return 0; } return 1; } static int test_wolfSSL_cert_cb_dyn_ciphers_server_ctx_ready(WOLFSSL_CTX* ctx) { SSL_CTX_set_cert_cb(ctx, test_wolfSSL_cert_cb_dyn_ciphers_certCB, NULL); wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, NULL); return TEST_SUCCESS; } #endif /* Testing dynamic ciphers offered by client */ static int test_wolfSSL_cert_cb_dyn_ciphers(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) test_ssl_cbf func_cb_client; test_ssl_cbf func_cb_server; struct { method_provider client_meth; const char* client_ciphers; const char* client_sigalgs; const char* client_ca; method_provider server_meth; } test_params[] = { #if !defined(NO_SHA256) && defined(HAVE_AESGCM) #ifdef WOLFSSL_TLS13 #if !defined(NO_RSA) && defined(WC_RSA_PSS) {wolfTLSv1_3_client_method, "TLS13-AES256-GCM-SHA384:TLS13-AES128-GCM-SHA256", "RSA-PSS+SHA256", caCertFile, wolfTLSv1_3_server_method}, #endif #ifdef HAVE_ECC {wolfTLSv1_3_client_method, "TLS13-AES256-GCM-SHA384:TLS13-AES128-GCM-SHA256", "ECDSA+SHA256", caEccCertFile, wolfTLSv1_3_server_method}, #endif #endif #ifndef WOLFSSL_NO_TLS12 #if !defined(NO_RSA) && defined(WC_RSA_PSS) && !defined(NO_DH) {wolfTLSv1_2_client_method, "DHE-RSA-AES128-GCM-SHA256", "RSA-PSS+SHA256", caCertFile, wolfTLSv1_2_server_method}, #endif #ifdef HAVE_ECC {wolfTLSv1_2_client_method, "ECDHE-ECDSA-AES128-GCM-SHA256", "ECDSA+SHA256", caEccCertFile, wolfTLSv1_2_server_method}, #endif #endif #endif }; size_t i; size_t testCount = sizeof(test_params)/sizeof(*test_params); if (testCount > 0) { for (i = 0; i < testCount; i++) { printf("\tTesting %s ciphers with %s sigalgs\n", test_params[i].client_ciphers, test_params[i].client_sigalgs); XMEMSET(&func_cb_client, 0, sizeof(func_cb_client)); XMEMSET(&func_cb_server, 0, sizeof(func_cb_server)); test_wolfSSL_cert_cb_dyn_ciphers_client_cipher = test_params[i].client_ciphers; test_wolfSSL_cert_cb_dyn_ciphers_client_sigalgs = test_params[i].client_sigalgs; func_cb_client.method = test_params[i].client_meth; func_cb_client.caPemFile = test_params[i].client_ca; func_cb_client.ctx_ready = test_wolfSSL_cert_cb_dyn_ciphers_client_ctx_ready; func_cb_server.ctx_ready = test_wolfSSL_cert_cb_dyn_ciphers_server_ctx_ready; func_cb_server.ssl_ready = certClearCb; /* Reuse from prev test */ func_cb_server.method = test_params[i].server_meth; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client, &func_cb_server, NULL), TEST_SUCCESS); } } #endif return EXPECT_RESULT(); } static int test_wolfSSL_ciphersuite_auth(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) WOLFSSL_CIPHERSUITE_INFO info; (void)info; #ifndef WOLFSSL_NO_TLS12 #ifdef HAVE_CHACHA info = wolfSSL_get_ciphersuite_info(CHACHA_BYTE, TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256); ExpectIntEQ(info.rsaAuth, 1); ExpectIntEQ(info.eccAuth, 0); ExpectIntEQ(info.eccStatic, 0); ExpectIntEQ(info.psk, 0); info = wolfSSL_get_ciphersuite_info(CHACHA_BYTE, TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256); ExpectIntEQ(info.rsaAuth, 0); ExpectIntEQ(info.eccAuth, 1); ExpectIntEQ(info.eccStatic, 0); ExpectIntEQ(info.psk, 0); info = wolfSSL_get_ciphersuite_info(CHACHA_BYTE, TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256); ExpectIntEQ(info.rsaAuth, 0); ExpectIntEQ(info.eccAuth, 0); ExpectIntEQ(info.eccStatic, 0); ExpectIntEQ(info.psk, 1); #endif #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448) #ifndef NO_RSA info = wolfSSL_get_ciphersuite_info(ECC_BYTE, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA); ExpectIntEQ(info.rsaAuth, 1); ExpectIntEQ(info.eccAuth, 0); ExpectIntEQ(info.eccStatic, 0); ExpectIntEQ(info.psk, 0); info = wolfSSL_get_ciphersuite_info(ECC_BYTE, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA); ExpectIntEQ(info.rsaAuth, 1); ExpectIntEQ(info.eccAuth, 0); ExpectIntEQ(info.eccStatic, 1); ExpectIntEQ(info.psk, 0); info = wolfSSL_get_ciphersuite_info(ECC_BYTE, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA); ExpectIntEQ(info.rsaAuth, 1); ExpectIntEQ(info.eccAuth, 0); ExpectIntEQ(info.eccStatic, 1); ExpectIntEQ(info.psk, 0); #endif info = wolfSSL_get_ciphersuite_info(ECC_BYTE, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA); ExpectIntEQ(info.rsaAuth, 0); ExpectIntEQ(info.eccAuth, 1); ExpectIntEQ(info.eccStatic, 0); ExpectIntEQ(info.psk, 0); info = wolfSSL_get_ciphersuite_info(ECC_BYTE, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA); ExpectIntEQ(info.rsaAuth, 0); ExpectIntEQ(info.eccAuth, 1); ExpectIntEQ(info.eccStatic, 1); ExpectIntEQ(info.psk, 0); info = wolfSSL_get_ciphersuite_info(ECDHE_PSK_BYTE, TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256); ExpectIntEQ(info.rsaAuth, 0); ExpectIntEQ(info.eccAuth, 0); ExpectIntEQ(info.eccStatic, 0); ExpectIntEQ(info.psk, 1); #endif #endif #ifdef WOLFSSL_TLS13 info = wolfSSL_get_ciphersuite_info(TLS13_BYTE, TLS_AES_128_GCM_SHA256); ExpectIntEQ(info.rsaAuth, 0); ExpectIntEQ(info.eccAuth, 0); ExpectIntEQ(info.eccStatic, 0); ExpectIntEQ(info.psk, 0); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_sigalg_info(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) byte hashSigAlgo[WOLFSSL_MAX_SIGALGO]; word16 len = 0; word16 idx = 0; int allSigAlgs = SIG_ECDSA | SIG_RSA | SIG_SM2 | SIG_FALCON | SIG_DILITHIUM; InitSuitesHashSigAlgo_ex2(hashSigAlgo, allSigAlgs, 1, 0xFFFFFFFF, &len); for (idx = 0; idx < len; idx += 2) { int hashAlgo = 0; int sigAlgo = 0; ExpectIntEQ(wolfSSL_get_sigalg_info(hashSigAlgo[idx+0], hashSigAlgo[idx+1], &hashAlgo, &sigAlgo), 0); ExpectIntNE(hashAlgo, 0); ExpectIntNE(sigAlgo, 0); } InitSuitesHashSigAlgo_ex2(hashSigAlgo, allSigAlgs | SIG_ANON, 1, 0xFFFFFFFF, &len); for (idx = 0; idx < len; idx += 2) { int hashAlgo = 0; int sigAlgo = 0; ExpectIntEQ(wolfSSL_get_sigalg_info(hashSigAlgo[idx+0], hashSigAlgo[idx+1], &hashAlgo, &sigAlgo), 0); ExpectIntNE(hashAlgo, 0); } #endif return EXPECT_RESULT(); } static int test_wolfSSL_SESSION(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ !defined(NO_RSA) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \ !defined(NO_SESSION_CACHE) WOLFSSL* ssl = NULL; WOLFSSL_CTX* ctx = NULL; WOLFSSL_SESSION* sess = NULL; WOLFSSL_SESSION* sess_copy = NULL; #ifdef OPENSSL_EXTRA #ifdef HAVE_EXT_CACHE unsigned char* sessDer = NULL; unsigned char* ptr = NULL; int sz = 0; #endif const unsigned char context[] = "user app context"; unsigned int contextSz = (unsigned int)sizeof(context); #endif int ret = 0, err = 0; SOCKET_T sockfd; tcp_ready ready; func_args server_args; THREAD_TYPE serverThread; char msg[80]; const char* sendGET = "GET"; /* TLS v1.3 requires session tickets */ /* CHACHA and POLY1305 required for myTicketEncCb */ #if defined(WOLFSSL_TLS13) && (!defined(HAVE_SESSION_TICKET) && \ !defined(WOLFSSL_NO_TLS12) || !(defined(HAVE_CHACHA) && \ defined(HAVE_POLY1305) && !defined(HAVE_AESGCM))) ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); #endif ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, WOLFSSL_FILETYPE_PEM)); ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0), WOLFSSL_SUCCESS); #ifdef WOLFSSL_ENCRYPTED_KEYS wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); #endif #ifdef HAVE_SESSION_TICKET /* Use session tickets, for ticket tests below */ ExpectIntEQ(wolfSSL_CTX_UseSessionTicket(ctx), WOLFSSL_SUCCESS); #endif XMEMSET(&server_args, 0, sizeof(func_args)); #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif StartTCP(); InitTcpReady(&ready); #if defined(USE_WINDOWS_API) /* use RNG to get random port if using windows */ ready.port = GetRandomPort(); #endif server_args.signal = &ready; start_thread(test_server_nofail, &server_args, &serverThread); wait_tcp_ready(&server_args); /* client connection */ ExpectNotNull(ssl = wolfSSL_new(ctx)); tcp_connect(&sockfd, wolfSSLIP, ready.port, 0, 0, ssl); ExpectIntEQ(wolfSSL_set_fd(ssl, sockfd), WOLFSSL_SUCCESS); #ifdef WOLFSSL_ASYNC_CRYPT err = 0; /* Reset error */ #endif do { #ifdef WOLFSSL_ASYNC_CRYPT if (err == WC_PENDING_E) { ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW); if (ret < 0) { break; } else if (ret == 0) { continue; } } #endif ret = wolfSSL_connect(ssl); err = wolfSSL_get_error(ssl, 0); } while (err == WC_PENDING_E); ExpectIntEQ(ret, WOLFSSL_SUCCESS); #ifdef WOLFSSL_ASYNC_CRYPT err = 0; /* Reset error */ #endif do { #ifdef WOLFSSL_ASYNC_CRYPT if (err == WC_PENDING_E) { ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW); if (ret < 0) { break; } else if (ret == 0) { continue; } } #endif ret = wolfSSL_write(ssl, sendGET, (int)XSTRLEN(sendGET)); err = wolfSSL_get_error(ssl, 0); } while (err == WC_PENDING_E); ExpectIntEQ(ret, (int)XSTRLEN(sendGET)); #ifdef WOLFSSL_ASYNC_CRYPT err = 0; /* Reset error */ #endif do { #ifdef WOLFSSL_ASYNC_CRYPT if (err == WC_PENDING_E) { ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW); if (ret < 0) { break; } else if (ret == 0) { continue; } } #endif ret = wolfSSL_read(ssl, msg, sizeof(msg)); err = wolfSSL_get_error(ssl, 0); } while (err == WC_PENDING_E); ExpectIntEQ(ret, 23); ExpectPtrNE((sess = wolfSSL_get1_session(ssl)), NULL); /* ref count 1 */ ExpectPtrNE((sess_copy = wolfSSL_get1_session(ssl)), NULL); /* ref count 2 */ #ifdef HAVE_EXT_CACHE ExpectPtrEq(sess, sess_copy); /* they should be the same pointer but without * HAVE_EXT_CACHE we get new objects each time */ #endif wolfSSL_SESSION_free(sess_copy); sess_copy = NULL; wolfSSL_SESSION_free(sess); sess = NULL; /* free session ref */ sess = wolfSSL_get_session(ssl); #ifdef OPENSSL_EXTRA ExpectIntEQ(SSL_SESSION_is_resumable(NULL), 0); ExpectIntEQ(SSL_SESSION_is_resumable(sess), 1); ExpectIntEQ(wolfSSL_SESSION_has_ticket(NULL), 0); ExpectIntEQ(wolfSSL_SESSION_get_ticket_lifetime_hint(NULL), 0); #ifdef HAVE_SESSION_TICKET ExpectIntEQ(wolfSSL_SESSION_has_ticket(sess), 1); ExpectIntEQ(wolfSSL_SESSION_get_ticket_lifetime_hint(sess), SESSION_TICKET_HINT_DEFAULT); #else ExpectIntEQ(wolfSSL_SESSION_has_ticket(sess), 0); #endif #else (void)sess; #endif /* OPENSSL_EXTRA */ /* Retain copy of the session for later testing */ ExpectNotNull(sess = wolfSSL_get1_session(ssl)); wolfSSL_shutdown(ssl); wolfSSL_free(ssl); ssl = NULL; CloseSocket(sockfd); join_thread(serverThread); FreeTcpReady(&ready); #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif #if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA) { X509 *x509 = NULL; char buf[30]; int bufSz = 0; ExpectNotNull(x509 = SSL_SESSION_get0_peer(sess)); ExpectIntGT((bufSz = X509_NAME_get_text_by_NID( X509_get_subject_name(x509), NID_organizationalUnitName, buf, sizeof(buf))), 0); ExpectIntNE((bufSz == 7 || bufSz == 16), 0); /* should be one of these*/ if (bufSz == 7) { ExpectIntEQ(XMEMCMP(buf, "Support", bufSz), 0); } if (bufSz == 16) { ExpectIntEQ(XMEMCMP(buf, "Programming-2048", bufSz), 0); } } #endif #ifdef HAVE_EXT_CACHE ExpectNotNull(sess_copy = wolfSSL_SESSION_dup(sess)); wolfSSL_SESSION_free(sess_copy); sess_copy = NULL; sess_copy = NULL; #endif #if defined(OPENSSL_EXTRA) && defined(HAVE_EXT_CACHE) /* get session from DER and update the timeout */ ExpectIntEQ(wolfSSL_i2d_SSL_SESSION(NULL, &sessDer), BAD_FUNC_ARG); ExpectIntGT((sz = wolfSSL_i2d_SSL_SESSION(sess, &sessDer)), 0); wolfSSL_SESSION_free(sess); sess = NULL; sess = NULL; ptr = sessDer; ExpectNull(sess = wolfSSL_d2i_SSL_SESSION(NULL, NULL, sz)); ExpectNotNull(sess = wolfSSL_d2i_SSL_SESSION(NULL, (const unsigned char**)&ptr, sz)); XFREE(sessDer, NULL, DYNAMIC_TYPE_OPENSSL); sessDer = NULL; ExpectIntGT(wolfSSL_SESSION_get_time(sess), 0); ExpectIntEQ(wolfSSL_SSL_SESSION_set_timeout(sess, 500), SSL_SUCCESS); #endif /* successful set session test */ ExpectNotNull(ssl = wolfSSL_new(ctx)); ExpectIntEQ(wolfSSL_set_session(ssl, sess), WOLFSSL_SUCCESS); #ifdef HAVE_SESSION_TICKET /* Test set/get session ticket */ { const char* ticket = "This is a session ticket"; char buf[64] = {0}; word32 bufSz = (word32)sizeof(buf); ExpectIntEQ(SSL_SUCCESS, wolfSSL_set_SessionTicket(ssl, (byte *)ticket, (word32)XSTRLEN(ticket))); ExpectIntEQ(SSL_SUCCESS, wolfSSL_get_SessionTicket(ssl, (byte *)buf, &bufSz)); ExpectStrEQ(ticket, buf); } #endif #ifdef OPENSSL_EXTRA /* session timeout case */ /* make the session to be expired */ ExpectIntEQ(SSL_SESSION_set_timeout(sess,1), SSL_SUCCESS); XSLEEP_MS(1200); /* SSL_set_session should reject specified session but return success * if WOLFSSL_ERROR_CODE_OPENSSL macro is defined for OpenSSL compatibility. */ #if defined(WOLFSSL_ERROR_CODE_OPENSSL) ExpectIntEQ(wolfSSL_set_session(ssl,sess), SSL_SUCCESS); #else ExpectIntEQ(wolfSSL_set_session(ssl,sess), SSL_FAILURE); #endif ExpectIntEQ(wolfSSL_SSL_SESSION_set_timeout(sess, 500), SSL_SUCCESS); #ifdef WOLFSSL_SESSION_ID_CTX /* fail case with miss match session context IDs (use compatibility API) */ ExpectIntEQ(SSL_set_session_id_context(ssl, context, contextSz), SSL_SUCCESS); ExpectIntEQ(wolfSSL_set_session(ssl, sess), SSL_FAILURE); wolfSSL_free(ssl); ssl = NULL; ExpectIntEQ(SSL_CTX_set_session_id_context(NULL, context, contextSz), SSL_FAILURE); ExpectIntEQ(SSL_CTX_set_session_id_context(ctx, context, contextSz), SSL_SUCCESS); ExpectNotNull(ssl = wolfSSL_new(ctx)); ExpectIntEQ(wolfSSL_set_session(ssl, sess), SSL_FAILURE); #endif #endif /* OPENSSL_EXTRA */ wolfSSL_free(ssl); wolfSSL_SESSION_free(sess); wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ !defined(NO_RSA) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \ !defined(NO_SESSION_CACHE) && defined(OPENSSL_EXTRA) && \ !defined(WOLFSSL_NO_TLS12) static WOLFSSL_SESSION* test_wolfSSL_SESSION_expire_sess = NULL; static void test_wolfSSL_SESSION_expire_downgrade_ctx_ready(WOLFSSL_CTX* ctx) { #ifdef WOLFSSL_ERROR_CODE_OPENSSL /* returns previous timeout value */ AssertIntEQ(wolfSSL_CTX_set_timeout(ctx, 1), 500); #else AssertIntEQ(wolfSSL_CTX_set_timeout(ctx, 1), WOLFSSL_SUCCESS); #endif } /* set the session to timeout in a second */ static void test_wolfSSL_SESSION_expire_downgrade_ssl_ready(WOLFSSL* ssl) { AssertIntEQ(wolfSSL_set_timeout(ssl, 2), 1); } /* store the client side session from the first successful connection */ static void test_wolfSSL_SESSION_expire_downgrade_ssl_result(WOLFSSL* ssl) { AssertPtrNE((test_wolfSSL_SESSION_expire_sess = wolfSSL_get1_session(ssl)), NULL); /* ref count 1 */ } /* wait till session is expired then set it in the WOLFSSL struct for use */ static void test_wolfSSL_SESSION_expire_downgrade_ssl_ready_wait(WOLFSSL* ssl) { AssertIntEQ(wolfSSL_set_timeout(ssl, 1), 1); AssertIntEQ(wolfSSL_set_session(ssl, test_wolfSSL_SESSION_expire_sess), WOLFSSL_SUCCESS); XSLEEP_MS(2000); /* wait 2 seconds for session to expire */ } /* set expired session in the WOLFSSL struct for use */ static void test_wolfSSL_SESSION_expire_downgrade_ssl_ready_set(WOLFSSL* ssl) { XSLEEP_MS(1200); /* wait a second for session to expire */ /* set the expired session, call to set session fails but continuing on after failure should be handled here */ #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_ERROR_CODE_OPENSSL) AssertIntEQ(wolfSSL_set_session(ssl, test_wolfSSL_SESSION_expire_sess), WOLFSSL_SUCCESS); #else AssertIntNE(wolfSSL_set_session(ssl, test_wolfSSL_SESSION_expire_sess), WOLFSSL_SUCCESS); #endif } /* check that the expired session was not reused */ static void test_wolfSSL_SESSION_expire_downgrade_ssl_result_reuse(WOLFSSL* ssl) { /* since the session has expired it should not have been reused */ AssertIntEQ(wolfSSL_session_reused(ssl), 0); } #endif static int test_wolfSSL_SESSION_expire_downgrade(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ !defined(NO_RSA) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \ !defined(NO_SESSION_CACHE) && defined(OPENSSL_EXTRA) && \ !defined(WOLFSSL_NO_TLS12) WOLFSSL_CTX* ctx = NULL; callback_functions server_cbf, client_cbf; XMEMSET(&server_cbf, 0, sizeof(callback_functions)); XMEMSET(&client_cbf, 0, sizeof(callback_functions)); /* force server side to use TLS 1.2 */ server_cbf.ctx = ctx; server_cbf.method = wolfTLSv1_2_server_method; client_cbf.method = wolfSSLv23_client_method; server_cbf.ctx_ready = test_wolfSSL_SESSION_expire_downgrade_ctx_ready; client_cbf.ssl_ready = test_wolfSSL_SESSION_expire_downgrade_ssl_ready; client_cbf.on_result = test_wolfSSL_SESSION_expire_downgrade_ssl_result; test_wolfSSL_client_server_nofail(&client_cbf, &server_cbf); ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS); ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS); /* set the previously created session and wait till expired */ server_cbf.ctx = ctx; client_cbf.method = wolfSSLv23_client_method; server_cbf.ctx_ready = test_wolfSSL_SESSION_expire_downgrade_ctx_ready; client_cbf.ssl_ready = test_wolfSSL_SESSION_expire_downgrade_ssl_ready_wait; client_cbf.on_result = test_wolfSSL_SESSION_expire_downgrade_ssl_result_reuse; test_wolfSSL_client_server_nofail(&client_cbf, &server_cbf); ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS); ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS); /* set the previously created expired session */ server_cbf.ctx = ctx; client_cbf.method = wolfSSLv23_client_method; server_cbf.ctx_ready = test_wolfSSL_SESSION_expire_downgrade_ctx_ready; client_cbf.ssl_ready = test_wolfSSL_SESSION_expire_downgrade_ssl_ready_set; client_cbf.on_result = test_wolfSSL_SESSION_expire_downgrade_ssl_result_reuse; test_wolfSSL_client_server_nofail(&client_cbf, &server_cbf); ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS); ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS); wolfSSL_SESSION_free(test_wolfSSL_SESSION_expire_sess); wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } #if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \ defined(HAVE_EX_DATA) && !defined(NO_SESSION_CACHE) static int clientSessRemCountMalloc = 0; static int serverSessRemCountMalloc = 0; static int clientSessRemCountFree = 0; static int serverSessRemCountFree = 0; static WOLFSSL_CTX* serverSessCtx = NULL; static WOLFSSL_SESSION* serverSess = NULL; #if (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)) || \ !defined(NO_SESSION_CACHE_REF) static WOLFSSL_CTX* clientSessCtx = NULL; static WOLFSSL_SESSION* clientSess = NULL; #endif static int serverSessRemIdx = 3; static int sessRemCtx_Server = WOLFSSL_SERVER_END; static int sessRemCtx_Client = WOLFSSL_CLIENT_END; static void SessRemCtxCb(WOLFSSL_CTX *ctx, WOLFSSL_SESSION *sess) { int* side; (void)ctx; side = (int*)SSL_SESSION_get_ex_data(sess, serverSessRemIdx); if (side != NULL) { if (*side == WOLFSSL_CLIENT_END) clientSessRemCountFree++; else serverSessRemCountFree++; SSL_SESSION_set_ex_data(sess, serverSessRemIdx, NULL); } } static int SessRemCtxSetupCb(WOLFSSL_CTX* ctx) { SSL_CTX_sess_set_remove_cb(ctx, SessRemCtxCb); #if defined(WOLFSSL_TLS13) && !defined(HAVE_SESSION_TICKET) && \ !defined(NO_SESSION_CACHE_REF) { EXPECT_DECLS; /* Allow downgrade, set min version, and disable TLS 1.3. * Do this because without NO_SESSION_CACHE_REF we will want to return a * reference to the session cache. But with WOLFSSL_TLS13 and without * HAVE_SESSION_TICKET we won't have a session ID to be able to place * the session in the cache. In this case we need to downgrade to * previous versions to just use the legacy session ID field. */ ExpectIntEQ(SSL_CTX_set_min_proto_version(ctx, SSL3_VERSION), SSL_SUCCESS); ExpectIntEQ(SSL_CTX_set_max_proto_version(ctx, TLS1_2_VERSION), SSL_SUCCESS); return EXPECT_RESULT(); } #else return TEST_SUCCESS; #endif } static int SessRemSslSetupCb(WOLFSSL* ssl) { EXPECT_DECLS; int* side; if (SSL_is_server(ssl)) { side = &sessRemCtx_Server; serverSessRemCountMalloc++; ExpectNotNull(serverSess = SSL_get1_session(ssl)); ExpectIntEQ(SSL_CTX_up_ref(serverSessCtx = SSL_get_SSL_CTX(ssl)), SSL_SUCCESS); } else { side = &sessRemCtx_Client; clientSessRemCountMalloc++; #if (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)) || \ !defined(NO_SESSION_CACHE_REF) ExpectNotNull(clientSess = SSL_get1_session(ssl)); ExpectIntEQ(SSL_CTX_up_ref(clientSessCtx = SSL_get_SSL_CTX(ssl)), SSL_SUCCESS); #endif } ExpectIntEQ(SSL_SESSION_set_ex_data(SSL_get_session(ssl), serverSessRemIdx, side), SSL_SUCCESS); return EXPECT_RESULT(); } #endif static int test_wolfSSL_CTX_sess_set_remove_cb(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \ defined(HAVE_EX_DATA) && !defined(NO_SESSION_CACHE) /* Check that the remove callback gets called for external data in a * session object */ test_ssl_cbf func_cb; XMEMSET(&func_cb, 0, sizeof(func_cb)); func_cb.ctx_ready = SessRemCtxSetupCb; func_cb.on_result = SessRemSslSetupCb; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb, &func_cb, NULL), TEST_SUCCESS); /* Both should have been allocated */ ExpectIntEQ(clientSessRemCountMalloc, 1); ExpectIntEQ(serverSessRemCountMalloc, 1); /* This should not be called yet. Session wasn't evicted from cache yet. */ ExpectIntEQ(clientSessRemCountFree, 0); #if (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)) || \ !defined(NO_SESSION_CACHE_REF) /* Force a cache lookup */ ExpectNotNull(SSL_SESSION_get_ex_data(clientSess, serverSessRemIdx)); /* Force a cache update */ ExpectNotNull(SSL_SESSION_set_ex_data(clientSess, serverSessRemIdx - 1, 0)); /* This should set the timeout to 0 and call the remove callback from within * the session cache. */ ExpectIntEQ(SSL_CTX_remove_session(clientSessCtx, clientSess), 0); ExpectNull(SSL_SESSION_get_ex_data(clientSess, serverSessRemIdx)); ExpectIntEQ(clientSessRemCountFree, 1); #endif /* Server session is in the cache so ex_data isn't free'd with the SSL * object */ ExpectIntEQ(serverSessRemCountFree, 0); /* Force a cache lookup */ ExpectNotNull(SSL_SESSION_get_ex_data(serverSess, serverSessRemIdx)); /* Force a cache update */ ExpectNotNull(SSL_SESSION_set_ex_data(serverSess, serverSessRemIdx - 1, 0)); /* This should set the timeout to 0 and call the remove callback from within * the session cache. */ ExpectIntEQ(SSL_CTX_remove_session(serverSessCtx, serverSess), 0); ExpectNull(SSL_SESSION_get_ex_data(serverSess, serverSessRemIdx)); ExpectIntEQ(serverSessRemCountFree, 1); /* Need to free the references that we kept */ SSL_CTX_free(serverSessCtx); SSL_SESSION_free(serverSess); #if (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)) || \ !defined(NO_SESSION_CACHE_REF) SSL_CTX_free(clientSessCtx); SSL_SESSION_free(clientSess); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_ticket_keys(void) { EXPECT_DECLS; #if defined(HAVE_SESSION_TICKET) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \ !defined(NO_WOLFSSL_SERVER) WOLFSSL_CTX* ctx = NULL; byte keys[WOLFSSL_TICKET_KEYS_SZ]; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(NULL, NULL, 0), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(ctx, NULL, 0), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(ctx, keys, 0), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(NULL, keys, 0), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(NULL, NULL, sizeof(keys)), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(ctx, NULL, sizeof(keys)), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(NULL, keys, sizeof(keys)), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(NULL, NULL, 0), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(ctx, NULL, 0), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(ctx, keys, 0), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(NULL, keys, 0), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(NULL, NULL, sizeof(keys)), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(ctx, NULL, sizeof(keys)), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(NULL, keys, sizeof(keys)), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(ctx, keys, sizeof(keys)), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(ctx, keys, sizeof(keys)), WOLFSSL_SUCCESS); wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } #ifndef NO_BIO static int test_wolfSSL_d2i_PUBKEY(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) BIO* bio = NULL; EVP_PKEY* pkey = NULL; ExpectNotNull(bio = BIO_new(BIO_s_mem())); ExpectNull(d2i_PUBKEY_bio(NULL, NULL)); #if defined(USE_CERT_BUFFERS_2048) && !defined(NO_RSA) /* RSA PUBKEY test */ ExpectIntGT(BIO_write(bio, client_keypub_der_2048, sizeof_client_keypub_der_2048), 0); ExpectNotNull(pkey = d2i_PUBKEY_bio(bio, NULL)); EVP_PKEY_free(pkey); pkey = NULL; #endif #if defined(USE_CERT_BUFFERS_256) && defined(HAVE_ECC) /* ECC PUBKEY test */ ExpectIntGT(BIO_write(bio, ecc_clikeypub_der_256, sizeof_ecc_clikeypub_der_256), 0); ExpectNotNull(pkey = d2i_PUBKEY_bio(bio, NULL)); EVP_PKEY_free(pkey); pkey = NULL; #endif #if defined(USE_CERT_BUFFERS_2048) && !defined(NO_DSA) /* DSA PUBKEY test */ ExpectIntGT(BIO_write(bio, dsa_pub_key_der_2048, sizeof_dsa_pub_key_der_2048), 0); ExpectNotNull(pkey = d2i_PUBKEY_bio(bio, NULL)); EVP_PKEY_free(pkey); pkey = NULL; #endif #if defined(USE_CERT_BUFFERS_2048) && !defined(NO_DH) && \ defined(OPENSSL_EXTRA) && defined(WOLFSSL_DH_EXTRA) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \ (HAVE_FIPS_VERSION > 2)) /* DH PUBKEY test */ ExpectIntGT(BIO_write(bio, dh_pub_key_der_2048, sizeof_dh_pub_key_der_2048), 0); ExpectNotNull(pkey = d2i_PUBKEY_bio(bio, NULL)); EVP_PKEY_free(pkey); pkey = NULL; #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ #endif /* USE_CERT_BUFFERS_2048 && !NO_DH && && OPENSSL_EXTRA */ BIO_free(bio); (void)pkey; #endif return EXPECT_RESULT(); } #if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)) && !defined(NO_RSA) static int test_wolfSSL_d2i_PrivateKeys_bio(void) { EXPECT_DECLS; BIO* bio = NULL; EVP_PKEY* pkey = NULL; WOLFSSL_CTX* ctx = NULL; #if defined(WOLFSSL_KEY_GEN) unsigned char buff[4096]; unsigned char* bufPtr = buff; #endif /* test creating new EVP_PKEY with bad arg */ ExpectNull((pkey = d2i_PrivateKey_bio(NULL, NULL))); /* test loading RSA key using BIO */ #if !defined(NO_RSA) && !defined(NO_FILESYSTEM) { XFILE file = XBADFILE; const char* fname = "./certs/server-key.der"; size_t sz = 0; byte* buf = NULL; ExpectTrue((file = XFOPEN(fname, "rb")) != XBADFILE); ExpectTrue(XFSEEK(file, 0, XSEEK_END) == 0); ExpectTrue((sz = XFTELL(file)) != 0); ExpectTrue(XFSEEK(file, 0, XSEEK_SET) == 0); ExpectNotNull(buf = (byte*)XMALLOC(sz, HEAP_HINT, DYNAMIC_TYPE_FILE)); ExpectIntEQ(XFREAD(buf, 1, sz, file), sz); if (file != XBADFILE) { XFCLOSE(file); } /* Test using BIO new mem and loading DER private key */ ExpectNotNull(bio = BIO_new_mem_buf(buf, (int)sz)); ExpectNotNull((pkey = d2i_PrivateKey_bio(bio, NULL))); XFREE(buf, HEAP_HINT, DYNAMIC_TYPE_FILE); BIO_free(bio); bio = NULL; EVP_PKEY_free(pkey); pkey = NULL; } #endif /* test loading ECC key using BIO */ #if defined(HAVE_ECC) && !defined(NO_FILESYSTEM) { XFILE file = XBADFILE; const char* fname = "./certs/ecc-key.der"; size_t sz = 0; byte* buf = NULL; ExpectTrue((file = XFOPEN(fname, "rb")) != XBADFILE); ExpectTrue(XFSEEK(file, 0, XSEEK_END) == 0); ExpectTrue((sz = XFTELL(file)) != 0); ExpectTrue(XFSEEK(file, 0, XSEEK_SET) == 0); ExpectNotNull(buf = (byte*)XMALLOC(sz, HEAP_HINT, DYNAMIC_TYPE_FILE)); ExpectIntEQ(XFREAD(buf, 1, sz, file), sz); if (file != XBADFILE) XFCLOSE(file); /* Test using BIO new mem and loading DER private key */ ExpectNotNull(bio = BIO_new_mem_buf(buf, (int)sz)); ExpectNotNull((pkey = d2i_PrivateKey_bio(bio, NULL))); XFREE(buf, HEAP_HINT, DYNAMIC_TYPE_FILE); BIO_free(bio); bio = NULL; EVP_PKEY_free(pkey); pkey = NULL; } #endif ExpectNotNull(bio = BIO_new(BIO_s_mem())); #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method())); #else ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method())); #endif #if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) { RSA* rsa = NULL; /* Tests bad parameters */ ExpectNull(d2i_RSAPrivateKey_bio(NULL, NULL)); /* RSA not set yet, expecting to fail*/ ExpectIntEQ(SSL_CTX_use_RSAPrivateKey(ctx, rsa), BAD_FUNC_ARG); #if defined(USE_CERT_BUFFERS_2048) && defined(WOLFSSL_KEY_GEN) /* set RSA using bio*/ ExpectIntGT(BIO_write(bio, client_key_der_2048, sizeof_client_key_der_2048), 0); ExpectNotNull(d2i_RSAPrivateKey_bio(bio, &rsa)); ExpectNotNull(rsa); ExpectIntEQ(SSL_CTX_use_RSAPrivateKey(ctx, rsa), WOLFSSL_SUCCESS); /* i2d RSAprivate key tests */ ExpectIntEQ(wolfSSL_i2d_RSAPrivateKey(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_i2d_RSAPrivateKey(rsa, NULL), 1192); ExpectIntEQ(wolfSSL_i2d_RSAPrivateKey(rsa, &bufPtr), sizeof_client_key_der_2048); bufPtr -= sizeof_client_key_der_2048; ExpectIntEQ(XMEMCMP(bufPtr, client_key_der_2048, sizeof_client_key_der_2048), 0); bufPtr = NULL; ExpectIntEQ(wolfSSL_i2d_RSAPrivateKey(rsa, &bufPtr), sizeof_client_key_der_2048); ExpectNotNull(bufPtr); ExpectIntEQ(XMEMCMP(bufPtr, client_key_der_2048, sizeof_client_key_der_2048), 0); XFREE(bufPtr, NULL, DYNAMIC_TYPE_OPENSSL); RSA_free(rsa); rsa = RSA_new(); ExpectIntEQ(wolfSSL_i2d_RSAPrivateKey(rsa, NULL), 0); #endif /* USE_CERT_BUFFERS_2048 WOLFSSL_KEY_GEN */ RSA_free(rsa); } #endif /* WOLFSSL_KEY_GEN && !NO_RSA */ SSL_CTX_free(ctx); ctx = NULL; BIO_free(bio); bio = NULL; return EXPECT_RESULT(); } #endif /* OPENSSL_ALL || (WOLFSSL_ASIO && !NO_RSA) */ #endif /* !NO_BIO */ static int test_wolfSSL_sk_GENERAL_NAME(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ !defined(NO_RSA) X509* x509 = NULL; GENERAL_NAME* gn = NULL; unsigned char buf[4096]; const unsigned char* bufPt = NULL; int bytes = 0; int i; int j; XFILE f = XBADFILE; STACK_OF(GENERAL_NAME)* sk = NULL; ExpectTrue((f = XFOPEN(cliCertDerFileExt, "rb")) != XBADFILE); ExpectIntGT((bytes = (int)XFREAD(buf, 1, sizeof(buf), f)), 0); if (f != XBADFILE) XFCLOSE(f); for (j = 0; j < 2; ++j) { bufPt = buf; ExpectNotNull(x509 = d2i_X509(NULL, &bufPt, bytes)); ExpectNotNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_subject_alt_name, NULL, NULL)); ExpectIntEQ(sk_GENERAL_NAME_num(sk), 1); for (i = 0; i < sk_GENERAL_NAME_num(sk); i++) { ExpectNotNull(gn = sk_GENERAL_NAME_value(sk, i)); if (gn != NULL) { switch (gn->type) { case GEN_DNS: fprintf(stderr, "found type GEN_DNS\n"); break; case GEN_EMAIL: fprintf(stderr, "found type GEN_EMAIL\n"); break; case GEN_URI: fprintf(stderr, "found type GEN_URI\n"); break; } } } X509_free(x509); x509 = NULL; if (j == 0) { sk_GENERAL_NAME_pop_free(sk, GENERAL_NAME_free); } else { /* * We had a bug where GENERAL_NAMES_free didn't free all the memory * it was supposed to. This is a regression test for that bug. */ GENERAL_NAMES_free(sk); } sk = NULL; } #endif return EXPECT_RESULT(); } static int test_wolfSSL_GENERAL_NAME_print(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_BIO) && !defined(NO_RSA) X509* x509 = NULL; GENERAL_NAME* gn = NULL; unsigned char buf[4096]; const unsigned char* bufPt = NULL; int bytes; XFILE f = XBADFILE; STACK_OF(GENERAL_NAME)* sk = NULL; BIO* out = NULL; unsigned char outbuf[128]; X509_EXTENSION* ext = NULL; AUTHORITY_INFO_ACCESS* aia = NULL; ACCESS_DESCRIPTION* ad = NULL; ASN1_IA5STRING *dnsname = NULL; const unsigned char v4Addr[] = {192,168,53,1}; const unsigned char v6Addr[] = {0x20, 0x21, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x77, 0x77}; const unsigned char email[] = {'i', 'n', 'f', 'o', '@', 'w', 'o', 'l', 'f', 's', 's', 'l', '.', 'c', 'o', 'm'}; const char* dnsStr = "DNS:example.com"; const char* uriStr = "URI:http://127.0.0.1:22220"; const char* v4addStr = "IP Address:192.168.53.1"; const char* v6addStr = "IP Address:2021:DB8:0:0:0:FF00:42:7777"; const char* emailStr = "email:info@wolfssl.com"; const char* othrStr = "othername:"; const char* x400Str = "X400Name:"; const char* ediStr = "EdiPartyName:"; /* BIO to output */ ExpectNotNull(out = BIO_new(BIO_s_mem())); /* test for NULL param */ gn = NULL; ExpectIntEQ(GENERAL_NAME_print(NULL, NULL), 0); ExpectIntEQ(GENERAL_NAME_print(NULL, gn), 0); ExpectIntEQ(GENERAL_NAME_print(out, NULL), 0); /* test for GEN_DNS */ ExpectTrue((f = XFOPEN(cliCertDerFileExt, "rb")) != XBADFILE); ExpectIntGT((bytes = (int)XFREAD(buf, 1, sizeof(buf), f)), 0); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } bufPt = buf; ExpectNotNull(x509 = d2i_X509(NULL, &bufPt, bytes)); ExpectNotNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_subject_alt_name, NULL, NULL)); ExpectNotNull(gn = sk_GENERAL_NAME_value(sk, 0)); ExpectIntEQ(GENERAL_NAME_print(out, gn), 1); XMEMSET(outbuf, 0, sizeof(outbuf)); ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0); ExpectIntEQ(XSTRNCMP((const char*)outbuf, dnsStr, XSTRLEN(dnsStr)), 0); sk_GENERAL_NAME_pop_free(sk, GENERAL_NAME_free); gn = NULL; sk = NULL; X509_free(x509); x509 = NULL; /* Lets test for setting as well. */ ExpectNotNull(gn = GENERAL_NAME_new()); ExpectNotNull(dnsname = ASN1_IA5STRING_new()); ExpectIntEQ(ASN1_STRING_set(dnsname, "example.com", -1), 1); GENERAL_NAME_set0_value(gn, GEN_DNS, dnsname); dnsname = NULL; ExpectIntEQ(GENERAL_NAME_print(out, gn), 1); XMEMSET(outbuf, 0, sizeof(outbuf)); ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0); ExpectIntEQ(XSTRNCMP((const char*)outbuf, dnsStr, XSTRLEN(dnsStr)), 0); GENERAL_NAME_free(gn); /* test for GEN_URI */ ExpectTrue((f = XFOPEN("./certs/ocsp/root-ca-cert.pem", "rb")) != XBADFILE); ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL)); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, 4)); ExpectNotNull(aia = (WOLFSSL_AUTHORITY_INFO_ACCESS*)wolfSSL_X509V3_EXT_d2i( ext)); ExpectNotNull(ad = (WOLFSSL_ACCESS_DESCRIPTION *)wolfSSL_sk_value(aia, 0)); if (ad != NULL) { gn = ad->location; } ExpectIntEQ(GENERAL_NAME_print(out, gn), 1); gn = NULL; XMEMSET(outbuf,0,sizeof(outbuf)); ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0); ExpectIntEQ(XSTRNCMP((const char*)outbuf, uriStr, XSTRLEN(uriStr)), 0); wolfSSL_sk_ACCESS_DESCRIPTION_pop_free(aia, NULL); aia = NULL; aia = (AUTHORITY_INFO_ACCESS*)wolfSSL_X509V3_EXT_d2i(ext); ExpectNotNull(aia); AUTHORITY_INFO_ACCESS_pop_free(aia, NULL); aia = NULL; X509_free(x509); x509 = NULL; /* test for GEN_IPADD */ /* ip v4 address */ ExpectNotNull(gn = wolfSSL_GENERAL_NAME_new()); if (gn != NULL) { gn->type = GEN_IPADD; if (gn->d.iPAddress != NULL) { gn->d.iPAddress->length = sizeof(v4Addr); } } ExpectIntEQ(wolfSSL_ASN1_STRING_set(gn->d.iPAddress, v4Addr, sizeof(v4Addr)), 1); ExpectIntEQ(GENERAL_NAME_print(out, gn), 1); XMEMSET(outbuf,0,sizeof(outbuf)); ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0); ExpectIntEQ(XSTRNCMP((const char*)outbuf, v4addStr, XSTRLEN(v4addStr)), 0); GENERAL_NAME_free(gn); gn = NULL; /* ip v6 address */ ExpectNotNull(gn = wolfSSL_GENERAL_NAME_new()); if (gn != NULL) { gn->type = GEN_IPADD; if (gn->d.iPAddress != NULL) { gn->d.iPAddress->length = sizeof(v6Addr); } } ExpectIntEQ(wolfSSL_ASN1_STRING_set(gn->d.iPAddress, v6Addr, sizeof(v6Addr)), 1); ExpectIntEQ(GENERAL_NAME_print(out, gn), 1); XMEMSET(outbuf,0,sizeof(outbuf)); ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0); ExpectIntEQ(XSTRNCMP((const char*)outbuf, v6addStr, XSTRLEN(v6addStr)), 0); GENERAL_NAME_free(gn); gn = NULL; /* test for GEN_EMAIL */ ExpectNotNull(gn = wolfSSL_GENERAL_NAME_new()); if (gn != NULL) { gn->type = GEN_EMAIL; if (gn->d.rfc822Name != NULL) { gn->d.rfc822Name->length = sizeof(email); } } ExpectIntEQ(wolfSSL_ASN1_STRING_set(gn->d.rfc822Name, email, sizeof(email)), 1); ExpectIntEQ(GENERAL_NAME_print(out, gn), 1); XMEMSET(outbuf,0,sizeof(outbuf)); ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0); ExpectIntEQ(XSTRNCMP((const char*)outbuf, emailStr, XSTRLEN(emailStr)), 0); GENERAL_NAME_free(gn); gn = NULL; /* test for GEN_OTHERNAME */ ExpectNotNull(gn = wolfSSL_GENERAL_NAME_new()); if (gn != NULL) { gn->type = GEN_OTHERNAME; } ExpectIntEQ(GENERAL_NAME_print(out, gn), 1); XMEMSET(outbuf,0,sizeof(outbuf)); ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0); ExpectIntEQ(XSTRNCMP((const char*)outbuf, othrStr, XSTRLEN(othrStr)), 0); GENERAL_NAME_free(gn); gn = NULL; /* test for GEN_X400 */ ExpectNotNull(gn = wolfSSL_GENERAL_NAME_new()); if (gn != NULL) { gn->type = GEN_X400; } ExpectIntEQ(GENERAL_NAME_print(out, gn), 1); XMEMSET(outbuf,0,sizeof(outbuf)); ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0); ExpectIntEQ(XSTRNCMP((const char*)outbuf, x400Str, XSTRLEN(x400Str)), 0); /* Restore to GEN_IA5 (default) to avoid memory leak. */ if (gn != NULL) { gn->type = GEN_IA5; } GENERAL_NAME_free(gn); gn = NULL; /* test for GEN_EDIPARTY */ ExpectNotNull(gn = wolfSSL_GENERAL_NAME_new()); if (gn != NULL) { gn->type = GEN_EDIPARTY; } ExpectIntEQ(GENERAL_NAME_print(out, gn), 1); XMEMSET(outbuf,0,sizeof(outbuf)); ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0); ExpectIntEQ(XSTRNCMP((const char*)outbuf, ediStr, XSTRLEN(ediStr)), 0); /* Restore to GEN_IA5 (default) to avoid memory leak. */ if (gn != NULL) { gn->type = GEN_IA5; } GENERAL_NAME_free(gn); gn = NULL; BIO_free(out); #endif /* OPENSSL_ALL */ return EXPECT_RESULT(); } static int test_wolfSSL_sk_DIST_POINT(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ !defined(NO_RSA) X509* x509 = NULL; unsigned char buf[4096]; const unsigned char* bufPt; int bytes = 0; int i = 0; int j = 0; XFILE f = XBADFILE; DIST_POINT* dp = NULL; DIST_POINT_NAME* dpn = NULL; GENERAL_NAME* gn = NULL; ASN1_IA5STRING* uri = NULL; STACK_OF(DIST_POINT)* dps = NULL; STACK_OF(GENERAL_NAME)* gns = NULL; const char cliCertDerCrlDistPoint[] = "./certs/client-crl-dist.der"; ExpectTrue((f = XFOPEN(cliCertDerCrlDistPoint, "rb")) != XBADFILE); ExpectIntGT((bytes = (int)XFREAD(buf, 1, sizeof(buf), f)), 0); if (f != XBADFILE) XFCLOSE(f); bufPt = buf; ExpectNotNull(x509 = d2i_X509(NULL, &bufPt, bytes)); ExpectNotNull(dps = (STACK_OF(DIST_POINT)*)X509_get_ext_d2i(x509, NID_crl_distribution_points, NULL, NULL)); ExpectIntEQ(sk_DIST_POINT_num(dps), 1); for (i = 0; i < sk_DIST_POINT_num(dps); i++) { ExpectNotNull(dp = sk_DIST_POINT_value(dps, i)); ExpectNotNull(dpn = dp->distpoint); /* this should be type 0, fullname */ ExpectIntEQ(dpn->type, 0); ExpectNotNull(gns = dp->distpoint->name.fullname); ExpectIntEQ(sk_GENERAL_NAME_num(gns), 1); for (j = 0; j < sk_GENERAL_NAME_num(gns); j++) { ExpectNotNull(gn = sk_GENERAL_NAME_value(gns, j)); ExpectIntEQ(gn->type, GEN_URI); ExpectNotNull(uri = gn->d.uniformResourceIdentifier); ExpectNotNull(uri->data); ExpectIntGT(uri->length, 0); } } X509_free(x509); CRL_DIST_POINTS_free(dps); #endif return EXPECT_RESULT(); } static int test_wolfSSL_verify_mode(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_RSA) WOLFSSL* ssl = NULL; WOLFSSL_CTX* ctx = NULL; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); ExpectNotNull(ssl = SSL_new(ctx)); ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_CTX_get_verify_mode(ctx)); SSL_free(ssl); ssl = NULL; SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0); ExpectNotNull(ssl = SSL_new(ctx)); ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_CTX_get_verify_mode(ctx)); ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_PEER); wolfSSL_set_verify(ssl, SSL_VERIFY_NONE, 0); ExpectIntEQ(SSL_CTX_get_verify_mode(ctx), SSL_VERIFY_PEER); ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_NONE); SSL_free(ssl); ssl = NULL; wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0); ExpectNotNull(ssl = SSL_new(ctx)); ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_CTX_get_verify_mode(ctx)); ExpectIntEQ(SSL_get_verify_mode(ssl), WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT); wolfSSL_set_verify(ssl, SSL_VERIFY_PEER, 0); ExpectIntEQ(SSL_CTX_get_verify_mode(ctx), WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT); ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_PEER); wolfSSL_set_verify(ssl, SSL_VERIFY_NONE, 0); ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_NONE); wolfSSL_set_verify(ssl, SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0); ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_FAIL_IF_NO_PEER_CERT); wolfSSL_set_verify(ssl, SSL_VERIFY_FAIL_EXCEPT_PSK, 0); ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_FAIL_EXCEPT_PSK); #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH) wolfSSL_set_verify(ssl, SSL_VERIFY_POST_HANDSHAKE, 0); ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_POST_HANDSHAKE); #endif ExpectIntEQ(SSL_CTX_get_verify_mode(ctx), WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT); SSL_free(ssl); SSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfSSL_verify_depth(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_WOLFSSL_CLIENT) WOLFSSL* ssl = NULL; WOLFSSL_CTX* ctx = NULL; long depth; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); ExpectIntGT((depth = SSL_CTX_get_verify_depth(ctx)), 0); ExpectNotNull(ssl = SSL_new(ctx)); ExpectIntEQ(SSL_get_verify_depth(ssl), SSL_CTX_get_verify_depth(ctx)); SSL_free(ssl); ssl = NULL; SSL_CTX_set_verify_depth(ctx, -1); ExpectIntEQ(depth, SSL_CTX_get_verify_depth(ctx)); SSL_CTX_set_verify_depth(ctx, 2); ExpectIntEQ(2, SSL_CTX_get_verify_depth(ctx)); ExpectNotNull(ssl = SSL_new(ctx)); ExpectIntEQ(2, SSL_get_verify_depth(ssl)); SSL_free(ssl); SSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfSSL_verify_result(void) { EXPECT_DECLS; #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \ defined(OPENSSL_ALL)) && !defined(NO_WOLFSSL_CLIENT) WOLFSSL* ssl = NULL; WOLFSSL_CTX* ctx = NULL; long result = 0xDEADBEEF; ExpectIntEQ(WOLFSSL_FAILURE, wolfSSL_get_verify_result(ssl)); ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); ExpectNotNull(ssl = SSL_new(ctx)); wolfSSL_set_verify_result(ssl, result); ExpectIntEQ(result, wolfSSL_get_verify_result(ssl)); SSL_free(ssl); SSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_WOLFSSL_CLIENT) static void sslMsgCb(int w, int version, int type, const void* buf, size_t sz, SSL* ssl, void* arg) { int i; unsigned char* pt = (unsigned char*)buf; fprintf(stderr, "%s %d bytes of version %d , type %d : ", (w)?"Writing":"Reading", (int)sz, version, type); for (i = 0; i < (int)sz; i++) fprintf(stderr, "%02X", pt[i]); fprintf(stderr, "\n"); (void)ssl; (void)arg; } #endif /* OPENSSL_EXTRA */ static int test_wolfSSL_msg_callback(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_WOLFSSL_CLIENT) WOLFSSL* ssl = NULL; WOLFSSL_CTX* ctx = NULL; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); ExpectNotNull(ssl = SSL_new(ctx)); ExpectIntEQ(SSL_set_msg_callback(ssl, NULL), SSL_SUCCESS); ExpectIntEQ(SSL_set_msg_callback(ssl, &sslMsgCb), SSL_SUCCESS); ExpectIntEQ(SSL_set_msg_callback(NULL, &sslMsgCb), SSL_FAILURE); SSL_free(ssl); SSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } /* test_EVP_Cipher_extra, Extra-test on EVP_CipherUpdate/Final. see also test.c */ #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) &&\ (!defined(NO_AES) && defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)) static void binary_dump(void *ptr, int size) { #ifdef WOLFSSL_EVP_PRINT int i = 0; unsigned char *p = (unsigned char *) ptr; fprintf(stderr, "{"); while ((p != NULL) && (i < size)) { if ((i % 8) == 0) { fprintf(stderr, "\n"); fprintf(stderr, " "); } fprintf(stderr, "0x%02x, ", p[i]); i++; } fprintf(stderr, "\n};\n"); #else (void) ptr; (void) size; #endif } static int last_val = 0x0f; static int check_result(unsigned char *data, int len) { int i; for ( ; len; ) { last_val = (last_val + 1) % 16; for (i = 0; i < 16; len--, i++, data++) if (*data != last_val) { return -1; } } return 0; } static int r_offset; static int w_offset; static void init_offset(void) { r_offset = 0; w_offset = 0; } static void get_record(unsigned char *data, unsigned char *buf, int len) { XMEMCPY(buf, data+r_offset, len); r_offset += len; } static void set_record(unsigned char *data, unsigned char *buf, int len) { XMEMCPY(data+w_offset, buf, len); w_offset += len; } static void set_plain(unsigned char *plain, int rec) { int i, j; unsigned char *p = plain; #define BLOCKSZ 16 for (i=0; i<(rec/BLOCKSZ); i++) { for (j=0; j 0 && keylen != klen) { ExpectIntNE(EVP_CIPHER_CTX_set_key_length(evp, keylen), 0); } ilen = EVP_CIPHER_CTX_iv_length(evp); if (ilen > 0 && ivlen != ilen) { ExpectIntNE(EVP_CIPHER_CTX_set_iv_length(evp, ivlen), 0); } ExpectIntNE((ret = EVP_CipherInit(evp, NULL, key, iv, 1)), 0); for (j = 0; j 0) set_record(cipher, outb, outl); } for (i = 0; test_drive[i]; i++) { last_val = 0x0f; ExpectIntNE((ret = EVP_CipherInit(evp, NULL, key, iv, 0)), 0); init_offset(); for (j = 0; test_drive[i][j]; j++) { inl = test_drive[i][j]; get_record(cipher, inb, inl); ExpectIntNE((ret = EVP_DecryptUpdate(evp, outb, &outl, inb, inl)), 0); binary_dump(outb, outl); ExpectIntEQ((ret = check_result(outb, outl)), 0); ExpectFalse(outl > ((inl/16+1)*16) && outl > 16); } ret = EVP_CipherFinal(evp, outb, &outl); binary_dump(outb, outl); ret = (((test_drive_len[i] % 16) != 0) && (ret == 0)) || (((test_drive_len[i] % 16) == 0) && (ret == 1)); ExpectTrue(ret); } ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(evp), WOLFSSL_SUCCESS); EVP_CIPHER_CTX_free(evp); evp = NULL; /* Do an extra test to verify correct behavior with empty input. */ ExpectNotNull(evp = EVP_CIPHER_CTX_new()); ExpectIntNE((ret = EVP_CipherInit(evp, type, NULL, iv, 0)), 0); ExpectIntEQ(EVP_CIPHER_CTX_nid(evp), NID_aes_128_cbc); klen = EVP_CIPHER_CTX_key_length(evp); if (klen > 0 && keylen != klen) { ExpectIntNE(EVP_CIPHER_CTX_set_key_length(evp, keylen), 0); } ilen = EVP_CIPHER_CTX_iv_length(evp); if (ilen > 0 && ivlen != ilen) { ExpectIntNE(EVP_CIPHER_CTX_set_iv_length(evp, ivlen), 0); } ExpectIntNE((ret = EVP_CipherInit(evp, NULL, key, iv, 1)), 0); /* outl should be set to 0 after passing NULL, 0 for input args. */ outl = -1; ExpectIntNE((ret = EVP_CipherUpdate(evp, outb, &outl, NULL, 0)), 0); ExpectIntEQ(outl, 0); EVP_CIPHER_CTX_free(evp); #endif /* test_EVP_Cipher */ return EXPECT_RESULT(); } static int test_wolfSSL_PEM_read_DHparams(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && \ !defined(NO_FILESYSTEM) DH* dh = NULL; XFILE fp = XBADFILE; unsigned char derOut[300]; unsigned char* derOutBuf = derOut; int derOutSz = 0; unsigned char derExpected[300]; int derExpectedSz = 0; XMEMSET(derOut, 0, sizeof(derOut)); XMEMSET(derExpected, 0, sizeof(derExpected)); /* open DH param file, read into DH struct */ ExpectTrue((fp = XFOPEN(dhParamFile, "rb")) != XBADFILE); /* bad args */ ExpectNull(dh = PEM_read_DHparams(NULL, &dh, NULL, NULL)); ExpectNull(dh = PEM_read_DHparams(NULL, NULL, NULL, NULL)); /* good args */ ExpectNotNull(dh = PEM_read_DHparams(fp, &dh, NULL, NULL)); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } /* read in certs/dh2048.der for comparison against exported params */ ExpectTrue((fp = XFOPEN("./certs/dh2048.der", "rb")) != XBADFILE); ExpectIntGT(derExpectedSz = (int)XFREAD(derExpected, 1, sizeof(derExpected), fp), 0); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } /* export DH back to DER and compare */ derOutSz = wolfSSL_i2d_DHparams(dh, &derOutBuf); ExpectIntEQ(derOutSz, derExpectedSz); ExpectIntEQ(XMEMCMP(derOut, derExpected, derOutSz), 0); DH_free(dh); dh = NULL; /* Test parsing with X9.42 header */ ExpectTrue((fp = XFOPEN("./certs/x942dh2048.pem", "rb")) != XBADFILE); ExpectNotNull(dh = PEM_read_DHparams(fp, &dh, NULL, NULL)); if (fp != XBADFILE) XFCLOSE(fp); DH_free(dh); dh = NULL; #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_get_serialNumber(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA) ASN1_INTEGER* a = NULL; BIGNUM* bn = NULL; X509* x509 = NULL; char *serialHex = NULL; byte serial[3]; int serialSz; ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile, SSL_FILETYPE_PEM)); ExpectNotNull(a = X509_get_serialNumber(x509)); /* check on value of ASN1 Integer */ ExpectNotNull(bn = ASN1_INTEGER_to_BN(a, NULL)); a = NULL; /* test setting serial number and then retrieving it */ ExpectNotNull(a = ASN1_INTEGER_new()); ExpectIntEQ(ASN1_INTEGER_set(a, 3), 1); ExpectIntEQ(X509_set_serialNumber(x509, a), WOLFSSL_SUCCESS); serialSz = sizeof(serial); ExpectIntEQ(wolfSSL_X509_get_serial_number(x509, serial, &serialSz), WOLFSSL_SUCCESS); ExpectIntEQ(serialSz, 1); ExpectIntEQ(serial[0], 3); ASN1_INTEGER_free(a); a = NULL; /* test setting serial number with 0's in it */ serial[0] = 0x01; serial[1] = 0x00; serial[2] = 0x02; ExpectNotNull(a = wolfSSL_ASN1_INTEGER_new()); if (a != NULL) { a->data[0] = ASN_INTEGER; a->data[1] = sizeof(serial); XMEMCPY(&a->data[2], serial, sizeof(serial)); a->length = sizeof(serial) + 2; } ExpectIntEQ(X509_set_serialNumber(x509, a), WOLFSSL_SUCCESS); XMEMSET(serial, 0, sizeof(serial)); serialSz = sizeof(serial); ExpectIntEQ(wolfSSL_X509_get_serial_number(x509, serial, &serialSz), WOLFSSL_SUCCESS); ExpectIntEQ(serialSz, 3); ExpectIntEQ(serial[0], 0x01); ExpectIntEQ(serial[1], 0x00); ExpectIntEQ(serial[2], 0x02); ASN1_INTEGER_free(a); a = NULL; X509_free(x509); /* free's a */ ExpectNotNull(serialHex = BN_bn2hex(bn)); #ifndef WC_DISABLE_RADIX_ZERO_PAD ExpectStrEQ(serialHex, "01"); #else ExpectStrEQ(serialHex, "1"); #endif OPENSSL_free(serialHex); ExpectIntEQ(BN_get_word(bn), 1); BN_free(bn); /* hard test free'ing with dynamic buffer to make sure there is no leaks */ ExpectNotNull(a = ASN1_INTEGER_new()); if (a != NULL) { ExpectNotNull(a->data = (unsigned char*)XMALLOC(100, NULL, DYNAMIC_TYPE_OPENSSL)); a->isDynamic = 1; ASN1_INTEGER_free(a); } #endif return EXPECT_RESULT(); } static int test_wolfSSL_OpenSSL_add_all_algorithms(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) ExpectIntEQ(wolfSSL_add_all_algorithms(), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_OpenSSL_add_all_algorithms_noconf(), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_OpenSSL_add_all_algorithms_conf(), WOLFSSL_SUCCESS); #endif return EXPECT_RESULT(); } static int test_wolfSSL_OPENSSL_hexstr2buf(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) #define MAX_HEXSTR_BUFSZ 9 #define NUM_CASES 5 struct Output { const unsigned char buffer[MAX_HEXSTR_BUFSZ]; long ret; }; int i; int j; const char* inputs[NUM_CASES] = { "aabcd1357e", "01:12:23:34:a5:b6:c7:d8:e9", ":01:02", "012", ":ab:ac:d" }; struct Output expectedOutputs[NUM_CASES] = { {{0xaa, 0xbc, 0xd1, 0x35, 0x7e}, 5}, {{0x01, 0x12, 0x23, 0x34, 0xa5, 0xb6, 0xc7, 0xd8, 0xe9}, 9}, {{0x01, 0x02}, 2}, {{0x00}, 0}, {{0x00}, 0} }; long len = 0; unsigned char* returnedBuf = NULL; for (i = 0; i < NUM_CASES && !EXPECT_FAIL(); ++i) { returnedBuf = wolfSSL_OPENSSL_hexstr2buf(inputs[i], &len); if (returnedBuf == NULL) { ExpectIntEQ(expectedOutputs[i].ret, 0); continue; } ExpectIntEQ(expectedOutputs[i].ret, len); for (j = 0; j < len; ++j) { ExpectIntEQ(expectedOutputs[i].buffer[j], returnedBuf[j]); } OPENSSL_free(returnedBuf); returnedBuf = NULL; } #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_CA_num(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \ defined(HAVE_ECC) && !defined(NO_RSA) WOLFSSL_X509_STORE *store = NULL; WOLFSSL_X509 *x509_1 = NULL; WOLFSSL_X509 *x509_2 = NULL; int ca_num = 0; ExpectNotNull(store = wolfSSL_X509_STORE_new()); ExpectNotNull(x509_1 = wolfSSL_X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM)); ExpectIntEQ(wolfSSL_X509_STORE_add_cert(store, x509_1), 1); ExpectIntEQ(ca_num = wolfSSL_X509_CA_num(store), 1); ExpectNotNull(x509_2 = wolfSSL_X509_load_certificate_file(eccCertFile, WOLFSSL_FILETYPE_PEM)); ExpectIntEQ(wolfSSL_X509_STORE_add_cert(store, x509_2), 1); ExpectIntEQ(ca_num = wolfSSL_X509_CA_num(store), 2); wolfSSL_X509_free(x509_1); wolfSSL_X509_free(x509_2); wolfSSL_X509_STORE_free(store); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_check_ca(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) WOLFSSL_X509 *x509 = NULL; ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM)); ExpectIntEQ(wolfSSL_X509_check_ca(x509), 1); wolfSSL_X509_free(x509); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_check_ip_asc(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) WOLFSSL_X509 *x509 = NULL; ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile, WOLFSSL_FILETYPE_PEM)); #if 0 /* TODO: add cert gen for testing positive case */ ExpectIntEQ(wolfSSL_X509_check_ip_asc(x509, "127.0.0.1", 0), 1); #endif ExpectIntEQ(wolfSSL_X509_check_ip_asc(x509, "0.0.0.0", 0), 0); ExpectIntEQ(wolfSSL_X509_check_ip_asc(x509, NULL, 0), 0); wolfSSL_X509_free(x509); #endif return EXPECT_RESULT(); } static int test_wolfSSL_make_cert(void) { EXPECT_DECLS; #if !defined(NO_RSA) && !defined(NO_ASN_TIME) && defined(WOLFSSL_CERT_GEN) && \ defined(WOLFSSL_CERT_EXT) int ret = 0; Cert cert; CertName name; RsaKey key; WC_RNG rng; byte der[FOURK_BUF]; word32 idx = 0; const byte mySerial[8] = {1,2,3,4,5,6,7,8}; #ifdef OPENSSL_EXTRA const unsigned char* pt = NULL; int certSz = 0; X509* x509 = NULL; X509_NAME* x509name = NULL; X509_NAME_ENTRY* entry = NULL; ASN1_STRING* entryValue = NULL; #endif XMEMSET(&name, 0, sizeof(CertName)); /* set up cert name */ XMEMCPY(name.country, "US", sizeof("US")); name.countryEnc = CTC_PRINTABLE; XMEMCPY(name.state, "Oregon", sizeof("Oregon")); name.stateEnc = CTC_UTF8; XMEMCPY(name.locality, "Portland", sizeof("Portland")); name.localityEnc = CTC_UTF8; XMEMCPY(name.sur, "Test", sizeof("Test")); name.surEnc = CTC_UTF8; XMEMCPY(name.org, "wolfSSL", sizeof("wolfSSL")); name.orgEnc = CTC_UTF8; XMEMCPY(name.unit, "Development", sizeof("Development")); name.unitEnc = CTC_UTF8; XMEMCPY(name.commonName, "www.wolfssl.com", sizeof("www.wolfssl.com")); name.commonNameEnc = CTC_UTF8; XMEMCPY(name.serialDev, "wolfSSL12345", sizeof("wolfSSL12345")); name.serialDevEnc = CTC_PRINTABLE; XMEMCPY(name.userId, "TestUserID", sizeof("TestUserID")); name.userIdEnc = CTC_PRINTABLE; #ifdef WOLFSSL_MULTI_ATTRIB #if CTC_MAX_ATTRIB > 2 { NameAttrib* n; n = &name.name[0]; n->id = ASN_DOMAIN_COMPONENT; n->type = CTC_UTF8; n->sz = sizeof("com"); XMEMCPY(n->value, "com", sizeof("com")); n = &name.name[1]; n->id = ASN_DOMAIN_COMPONENT; n->type = CTC_UTF8; n->sz = sizeof("wolfssl"); XMEMCPY(n->value, "wolfssl", sizeof("wolfssl")); } #endif #endif /* WOLFSSL_MULTI_ATTRIB */ ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0); #ifndef HAVE_FIPS ExpectIntEQ(wc_InitRng_ex(&rng, HEAP_HINT, testDevId), 0); #else ExpectIntEQ(wc_InitRng(&rng), 0); #endif /* load test RSA key */ idx = 0; #if defined(USE_CERT_BUFFERS_1024) ExpectIntEQ(wc_RsaPrivateKeyDecode(server_key_der_1024, &idx, &key, sizeof_server_key_der_1024), 0); #elif defined(USE_CERT_BUFFERS_2048) ExpectIntEQ(wc_RsaPrivateKeyDecode(server_key_der_2048, &idx, &key, sizeof_server_key_der_2048), 0); #else /* error case, no RSA key loaded, happens later */ (void)idx; #endif XMEMSET(&cert, 0 , sizeof(Cert)); ExpectIntEQ(wc_InitCert(&cert), 0); XMEMCPY(&cert.subject, &name, sizeof(CertName)); XMEMCPY(cert.serial, mySerial, sizeof(mySerial)); cert.serialSz = (int)sizeof(mySerial); cert.isCA = 1; #ifndef NO_SHA256 cert.sigType = CTC_SHA256wRSA; #else cert.sigType = CTC_SHAwRSA; #endif /* add SKID from the Public Key */ ExpectIntEQ(wc_SetSubjectKeyIdFromPublicKey(&cert, &key, NULL), 0); /* add AKID from the Public Key */ ExpectIntEQ(wc_SetAuthKeyIdFromPublicKey(&cert, &key, NULL), 0); ret = 0; do { #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_CALL_AGAIN); #endif if (ret >= 0) { ret = wc_MakeSelfCert(&cert, der, FOURK_BUF, &key, &rng); } } while (ret == WC_PENDING_E); ExpectIntGT(ret, 0); #ifdef OPENSSL_EXTRA /* der holds a certificate with DC's now check X509 parsing of it */ certSz = ret; pt = der; ExpectNotNull(x509 = d2i_X509(NULL, &pt, certSz)); ExpectNotNull(x509name = X509_get_subject_name(x509)); #ifdef WOLFSSL_MULTI_ATTRIB ExpectIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent, -1)), 5); ExpectIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent, idx)), 6); ExpectIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent, idx)), -1); #endif /* WOLFSSL_MULTI_ATTRIB */ /* compare DN at index 0 */ ExpectNotNull(entry = X509_NAME_get_entry(x509name, 0)); ExpectNotNull(entryValue = X509_NAME_ENTRY_get_data(entry)); ExpectIntEQ(ASN1_STRING_length(entryValue), 2); ExpectStrEQ((const char*)ASN1_STRING_data(entryValue), "US"); #ifndef WOLFSSL_MULTI_ATTRIB /* compare Serial Number */ ExpectIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_serialNumber, -1)), 7); ExpectNotNull(entry = X509_NAME_get_entry(x509name, idx)); ExpectNotNull(entryValue = X509_NAME_ENTRY_get_data(entry)); ExpectIntEQ(ASN1_STRING_length(entryValue), XSTRLEN("wolfSSL12345")); ExpectStrEQ((const char*)ASN1_STRING_data(entryValue), "wolfSSL12345"); #endif #ifdef WOLFSSL_MULTI_ATTRIB /* get first and second DC and compare result */ ExpectIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent, -1)), 5); ExpectNotNull(entry = X509_NAME_get_entry(x509name, idx)); ExpectNotNull(entryValue = X509_NAME_ENTRY_get_data(entry)); ExpectStrEQ((const char *)ASN1_STRING_data(entryValue), "com"); ExpectIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent, idx)), 6); ExpectNotNull(entry = X509_NAME_get_entry(x509name, idx)); ExpectNotNull(entryValue = X509_NAME_ENTRY_get_data(entry)); ExpectStrEQ((const char *)ASN1_STRING_data(entryValue), "wolfssl"); #endif /* WOLFSSL_MULTI_ATTRIB */ /* try invalid index locations for regression test and sanity check */ ExpectNull(entry = X509_NAME_get_entry(x509name, 11)); ExpectNull(entry = X509_NAME_get_entry(x509name, 20)); X509_free(x509); #endif /* OPENSSL_EXTRA */ wc_FreeRsaKey(&key); wc_FreeRng(&rng); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_get_version(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) WOLFSSL_X509 *x509 = NULL; ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM)); ExpectIntEQ((int)wolfSSL_X509_get_version(x509), 2); wolfSSL_X509_free(x509); #endif return EXPECT_RESULT(); } #if defined(OPENSSL_ALL) static int test_wolfSSL_sk_CIPHER_description(void) { EXPECT_DECLS; #if !defined(NO_RSA) const long flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_COMPRESSION; int i; int numCiphers = 0; const SSL_METHOD *method = NULL; const SSL_CIPHER *cipher = NULL; STACK_OF(SSL_CIPHER) *supportedCiphers = NULL; SSL_CTX *ctx = NULL; SSL *ssl = NULL; char buf[256]; char test_str[9] = "0000000"; const char badStr[] = "unknown"; const char certPath[] = "./certs/client-cert.pem"; XMEMSET(buf, 0, sizeof(buf)); ExpectNotNull(method = TLSv1_2_client_method()); ExpectNotNull(ctx = SSL_CTX_new(method)); SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0); SSL_CTX_set_verify_depth(ctx, 4); SSL_CTX_set_options(ctx, flags); ExpectIntEQ(SSL_CTX_load_verify_locations(ctx, certPath, NULL), WOLFSSL_SUCCESS); ExpectNotNull(ssl = SSL_new(ctx)); /* SSL_get_ciphers returns a stack of all configured ciphers * A flag, getCipherAtOffset, is set to later have SSL_CIPHER_description */ ExpectNotNull(supportedCiphers = SSL_get_ciphers(ssl)); /* loop through the amount of supportedCiphers */ numCiphers = sk_num(supportedCiphers); for (i = 0; i < numCiphers; ++i) { int j; /* sk_value increments "sk->data.cipher->cipherOffset". * wolfSSL_sk_CIPHER_description sets the description for * the cipher based on the provided offset. */ if ((cipher = (const WOLFSSL_CIPHER*)sk_value(supportedCiphers, i))) { SSL_CIPHER_description(cipher, buf, sizeof(buf)); } /* Search cipher description string for "unknown" descriptor */ for (j = 0; j < (int)XSTRLEN(buf); j++) { int k = 0; while ((k < (int)XSTRLEN(badStr)) && (buf[j] == badStr[k])) { test_str[k] = badStr[k]; j++; k++; } } /* Fail if test_str == badStr == "unknown" */ ExpectStrNE(test_str,badStr); } SSL_free(ssl); SSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfSSL_get_ciphers_compat(void) { EXPECT_DECLS; #if !defined(NO_RSA) const SSL_METHOD *method = NULL; const char certPath[] = "./certs/client-cert.pem"; STACK_OF(SSL_CIPHER) *supportedCiphers = NULL; SSL_CTX *ctx = NULL; WOLFSSL *ssl = NULL; const long flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_COMPRESSION; ExpectNotNull(method = SSLv23_client_method()); ExpectNotNull(ctx = SSL_CTX_new(method)); SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0); SSL_CTX_set_verify_depth(ctx, 4); SSL_CTX_set_options(ctx, flags); ExpectIntEQ(SSL_CTX_load_verify_locations(ctx, certPath, NULL), WOLFSSL_SUCCESS); ExpectNotNull(ssl = SSL_new(ctx)); /* Test Bad NULL input */ ExpectNull(supportedCiphers = SSL_get_ciphers(NULL)); /* Test for Good input */ ExpectNotNull(supportedCiphers = SSL_get_ciphers(ssl)); /* Further usage of SSL_get_ciphers/wolfSSL_get_ciphers_compat is * tested in test_wolfSSL_sk_CIPHER_description according to Qt usage */ SSL_free(ssl); SSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_PUBKEY_get(void) { EXPECT_DECLS; WOLFSSL_X509_PUBKEY pubkey; WOLFSSL_X509_PUBKEY* key; WOLFSSL_EVP_PKEY evpkey ; WOLFSSL_EVP_PKEY* evpPkey; WOLFSSL_EVP_PKEY* retEvpPkey; XMEMSET(&pubkey, 0, sizeof(WOLFSSL_X509_PUBKEY)); XMEMSET(&evpkey, 0, sizeof(WOLFSSL_EVP_PKEY)); key = &pubkey; evpPkey = &evpkey; evpPkey->type = WOLFSSL_SUCCESS; key->pkey = evpPkey; ExpectNotNull(retEvpPkey = wolfSSL_X509_PUBKEY_get(key)); ExpectIntEQ(retEvpPkey->type, WOLFSSL_SUCCESS); ExpectNull(retEvpPkey = wolfSSL_X509_PUBKEY_get(NULL)); key->pkey = NULL; ExpectNull(retEvpPkey = wolfSSL_X509_PUBKEY_get(key)); return EXPECT_RESULT(); } static int test_wolfSSL_EVP_PKEY_set1_get1_DSA(void) { EXPECT_DECLS; #if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN) DSA *dsa = NULL; DSA *setDsa = NULL; EVP_PKEY *pkey = NULL; EVP_PKEY *set1Pkey = NULL; SHA_CTX sha; byte signature[DSA_SIG_SIZE]; byte hash[WC_SHA_DIGEST_SIZE]; word32 bytes; int answer; #ifdef USE_CERT_BUFFERS_1024 const unsigned char* dsaKeyDer = dsa_key_der_1024; int dsaKeySz = sizeof_dsa_key_der_1024; byte tmp[ONEK_BUF]; XMEMSET(tmp, 0, sizeof(tmp)); XMEMCPY(tmp, dsaKeyDer , dsaKeySz); bytes = dsaKeySz; #elif defined(USE_CERT_BUFFERS_2048) const unsigned char* dsaKeyDer = dsa_key_der_2048; int dsaKeySz = sizeof_dsa_key_der_2048; byte tmp[TWOK_BUF]; XMEMSET(tmp, 0, sizeof(tmp)); XMEMCPY(tmp, dsaKeyDer , dsaKeySz); bytes = dsaKeySz; #else byte tmp[TWOK_BUF]; const unsigned char* dsaKeyDer = (const unsigned char*)tmp; int dsaKeySz; XFILE fp = XBADFILE; XMEMSET(tmp, 0, sizeof(tmp)); ExpectTrue((fp = XFOPEN("./certs/dsa2048.der", "rb")) != XBADFILE); ExpectIntGT(dsaKeySz = bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp), 0); if (fp != XBADFILE) XFCLOSE(fp); #endif /* END USE_CERT_BUFFERS_1024 */ /* Create hash to later Sign and Verify */ ExpectIntEQ(SHA1_Init(&sha), WOLFSSL_SUCCESS); ExpectIntEQ(SHA1_Update(&sha, tmp, bytes), WOLFSSL_SUCCESS); ExpectIntEQ(SHA1_Final(hash,&sha), WOLFSSL_SUCCESS); /* Initialize pkey with der format dsa key */ ExpectNotNull(d2i_PrivateKey(EVP_PKEY_DSA, &pkey, &dsaKeyDer, (long)dsaKeySz)); /* Test wolfSSL_EVP_PKEY_get1_DSA */ /* Should Fail: NULL argument */ ExpectNull(dsa = EVP_PKEY_get0_DSA(NULL)); ExpectNull(dsa = EVP_PKEY_get1_DSA(NULL)); /* Should Pass: Initialized pkey argument */ ExpectNotNull(dsa = EVP_PKEY_get0_DSA(pkey)); ExpectNotNull(dsa = EVP_PKEY_get1_DSA(pkey)); #ifdef USE_CERT_BUFFERS_1024 ExpectIntEQ(DSA_bits(dsa), 1024); #else ExpectIntEQ(DSA_bits(dsa), 2048); #endif /* Sign */ ExpectIntEQ(wolfSSL_DSA_do_sign(hash, signature, dsa), WOLFSSL_SUCCESS); /* Verify. */ ExpectIntEQ(wolfSSL_DSA_do_verify(hash, signature, dsa, &answer), WOLFSSL_SUCCESS); /* Test wolfSSL_EVP_PKEY_set1_DSA */ /* Should Fail: set1Pkey not initialized */ ExpectIntNE(EVP_PKEY_set1_DSA(set1Pkey, dsa), WOLFSSL_SUCCESS); /* Initialize set1Pkey */ set1Pkey = EVP_PKEY_new(); /* Should Fail Verify: setDsa not initialized from set1Pkey */ ExpectIntNE(wolfSSL_DSA_do_verify(hash,signature,setDsa,&answer), WOLFSSL_SUCCESS); /* Should Pass: set dsa into set1Pkey */ ExpectIntEQ(EVP_PKEY_set1_DSA(set1Pkey, dsa), WOLFSSL_SUCCESS); DSA_free(dsa); DSA_free(setDsa); EVP_PKEY_free(pkey); EVP_PKEY_free(set1Pkey); #endif /* !NO_DSA && !HAVE_SELFTEST && WOLFSSL_KEY_GEN */ return EXPECT_RESULT(); } /* END test_EVP_PKEY_set1_get1_DSA */ static int test_wolfSSL_DSA_generate_parameters(void) { EXPECT_DECLS; #if !defined(NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN) && \ !defined(HAVE_FIPS) DSA *dsa = NULL; ExpectNotNull(dsa = DSA_generate_parameters(2048, NULL, 0, NULL, NULL, NULL, NULL)); DSA_free(dsa); #endif return EXPECT_RESULT(); } static int test_wolfSSL_DSA_SIG(void) { EXPECT_DECLS; #if !defined(NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN) && \ !defined(HAVE_FIPS) DSA *dsa = NULL; DSA *dsa2 = NULL; DSA_SIG *sig = NULL; const BIGNUM *p = NULL; const BIGNUM *q = NULL; const BIGNUM *g = NULL; const BIGNUM *pub = NULL; const BIGNUM *priv = NULL; BIGNUM *dup_p = NULL; BIGNUM *dup_q = NULL; BIGNUM *dup_g = NULL; BIGNUM *dup_pub = NULL; BIGNUM *dup_priv = NULL; const byte digest[WC_SHA_DIGEST_SIZE] = {0}; ExpectNotNull(dsa = DSA_new()); ExpectIntEQ(DSA_generate_parameters_ex(dsa, 2048, NULL, 0, NULL, NULL, NULL), 1); ExpectIntEQ(DSA_generate_key(dsa), 1); DSA_get0_pqg(dsa, &p, &q, &g); DSA_get0_key(dsa, &pub, &priv); ExpectNotNull(dup_p = BN_dup(p)); ExpectNotNull(dup_q = BN_dup(q)); ExpectNotNull(dup_g = BN_dup(g)); ExpectNotNull(dup_pub = BN_dup(pub)); ExpectNotNull(dup_priv = BN_dup(priv)); ExpectNotNull(sig = DSA_do_sign(digest, sizeof(digest), dsa)); ExpectNotNull(dsa2 = DSA_new()); ExpectIntEQ(DSA_set0_pqg(dsa2, dup_p, dup_q, dup_g), 1); if (EXPECT_FAIL()) { BN_free(dup_p); BN_free(dup_q); BN_free(dup_g); } ExpectIntEQ(DSA_set0_key(dsa2, dup_pub, dup_priv), 1); if (EXPECT_FAIL()) { BN_free(dup_pub); BN_free(dup_priv); } ExpectIntEQ(DSA_do_verify(digest, sizeof(digest), sig, dsa2), 1); DSA_free(dsa); DSA_free(dsa2); DSA_SIG_free(sig); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_PKEY_set1_get1_EC_KEY (void) { EXPECT_DECLS; #ifdef HAVE_ECC WOLFSSL_EC_KEY* ecKey = NULL; WOLFSSL_EC_KEY* ecGet1 = NULL; EVP_PKEY* pkey = NULL; ExpectNotNull(ecKey = wolfSSL_EC_KEY_new()); ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); /* Test wolfSSL_EVP_PKEY_set1_EC_KEY */ ExpectIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(NULL, ecKey), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(pkey, NULL), WOLFSSL_FAILURE); /* Should fail since ecKey is empty */ ExpectIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(pkey, ecKey), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1); ExpectIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(pkey, ecKey), WOLFSSL_SUCCESS); /* Test wolfSSL_EVP_PKEY_get1_EC_KEY */ ExpectNull(wolfSSL_EVP_PKEY_get1_EC_KEY(NULL)); ExpectNotNull(ecGet1 = wolfSSL_EVP_PKEY_get1_EC_KEY(pkey)); wolfSSL_EC_KEY_free(ecKey); wolfSSL_EC_KEY_free(ecGet1); EVP_PKEY_free(pkey); #endif /* HAVE_ECC */ return EXPECT_RESULT(); } /* END test_EVP_PKEY_set1_get1_EC_KEY */ static int test_wolfSSL_EVP_PKEY_set1_get1_DH (void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || defined(WOLFSSL_OPENSSH) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) #if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && !defined(NO_FILESYSTEM) DH *dh = NULL; DH *setDh = NULL; EVP_PKEY *pkey = NULL; XFILE f = XBADFILE; unsigned char buf[4096]; const unsigned char* pt = buf; const char* dh2048 = "./certs/dh2048.der"; long len = 0; int code = -1; XMEMSET(buf, 0, sizeof(buf)); ExpectTrue((f = XFOPEN(dh2048, "rb")) != XBADFILE); ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0); if (f != XBADFILE) XFCLOSE(f); /* Load dh2048.der into DH with internal format */ ExpectNotNull(setDh = wolfSSL_d2i_DHparams(NULL, &pt, len)); ExpectIntEQ(wolfSSL_DH_check(setDh, &code), WOLFSSL_SUCCESS); ExpectIntEQ(code, 0); code = -1; ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); /* Set DH into PKEY */ ExpectIntEQ(wolfSSL_EVP_PKEY_set1_DH(pkey, setDh), WOLFSSL_SUCCESS); /* Get DH from PKEY */ ExpectNotNull(dh = wolfSSL_EVP_PKEY_get1_DH(pkey)); ExpectIntEQ(wolfSSL_DH_check(dh, &code), WOLFSSL_SUCCESS); ExpectIntEQ(code, 0); EVP_PKEY_free(pkey); DH_free(setDh); setDh = NULL; DH_free(dh); dh = NULL; #endif /* !NO_DH && WOLFSSL_DH_EXTRA && !NO_FILESYSTEM */ #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ #endif /* OPENSSL_ALL || WOLFSSL_QT || WOLFSSL_OPENSSH */ return EXPECT_RESULT(); } /* END test_EVP_PKEY_set1_get1_DH */ static int test_wolfSSL_CTX_ctrl(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) char caFile[] = "./certs/client-ca.pem"; char clientFile[] = "./certs/client-cert.pem"; SSL_CTX* ctx = NULL; X509* x509 = NULL; #if !defined(NO_DH) && !defined(NO_DSA) && !defined(NO_BIO) byte buf[6000]; char file[] = "./certs/dsaparams.pem"; XFILE f = XBADFILE; int bytes = 0; BIO* bio = NULL; DSA* dsa = NULL; DH* dh = NULL; #endif #ifdef HAVE_ECC WOLFSSL_EC_KEY* ecKey = NULL; #endif ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method())); ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(caFile, WOLFSSL_FILETYPE_PEM)); ExpectIntEQ((int)SSL_CTX_add_extra_chain_cert(ctx, x509), WOLFSSL_SUCCESS); if (EXPECT_FAIL()) { wolfSSL_X509_free(x509); } ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(clientFile, WOLFSSL_FILETYPE_PEM)); #if !defined(NO_DH) && !defined(NO_DSA) && !defined(NO_BIO) /* Initialize DH */ ExpectTrue((f = XFOPEN(file, "rb")) != XBADFILE); ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0); if (f != XBADFILE) XFCLOSE(f); ExpectNotNull(bio = BIO_new_mem_buf((void*)buf, bytes)); ExpectNotNull(dsa = wolfSSL_PEM_read_bio_DSAparams(bio, NULL, NULL, NULL)); ExpectNotNull(dh = wolfSSL_DSA_dup_DH(dsa)); #endif #ifdef HAVE_ECC /* Initialize WOLFSSL_EC_KEY */ ExpectNotNull(ecKey = wolfSSL_EC_KEY_new()); ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1); #endif /* additional test of getting EVP_PKEY key size from X509 * Do not run with user RSA because wolfSSL_RSA_size is not currently * allowed with user RSA */ { EVP_PKEY* pkey = NULL; #if defined(HAVE_ECC) X509* ecX509 = NULL; #endif /* HAVE_ECC */ ExpectNotNull(pkey = X509_get_pubkey(x509)); /* current RSA key is 2048 bit (256 bytes) */ ExpectIntEQ(EVP_PKEY_size(pkey), 256); EVP_PKEY_free(pkey); pkey = NULL; #if defined(HAVE_ECC) #if defined(USE_CERT_BUFFERS_256) ExpectNotNull(ecX509 = wolfSSL_X509_load_certificate_buffer( cliecc_cert_der_256, sizeof_cliecc_cert_der_256, SSL_FILETYPE_ASN1)); #else ExpectNotNull(ecX509 = wolfSSL_X509_load_certificate_file( cliEccCertFile, SSL_FILETYPE_PEM)); #endif ExpectNotNull(pkey = X509_get_pubkey(ecX509)); /* current ECC key is 256 bit (32 bytes) */ ExpectIntEQ(EVP_PKEY_size(pkey), 32); X509_free(ecX509); EVP_PKEY_free(pkey); #endif /* HAVE_ECC */ } /* Tests should fail with passed in NULL pointer */ ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, NULL), SSL_FAILURE); #if !defined(NO_DH) && !defined(NO_DSA) ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_DH, 0, NULL), SSL_FAILURE); #endif #ifdef HAVE_ECC ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH, 0, NULL), SSL_FAILURE); #endif /* Test with SSL_CTRL_EXTRA_CHAIN_CERT * wolfSSL_CTX_ctrl should succesffuly call SSL_CTX_add_extra_chain_cert */ ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, x509), SSL_SUCCESS); if (EXPECT_FAIL()) { wolfSSL_X509_free(x509); } /* Test with SSL_CTRL_OPTIONS * wolfSSL_CTX_ctrl should succesffuly call SSL_CTX_set_options */ ExpectTrue(wolfSSL_CTX_ctrl(ctx, SSL_CTRL_OPTIONS, SSL_OP_NO_TLSv1, NULL) == SSL_OP_NO_TLSv1); ExpectTrue(SSL_CTX_get_options(ctx) == SSL_OP_NO_TLSv1); /* Test with SSL_CTRL_SET_TMP_DH * wolfSSL_CTX_ctrl should succesffuly call wolfSSL_SSL_CTX_set_tmp_dh */ #if !defined(NO_DH) && !defined(NO_DSA) && !defined(NO_BIO) ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_DH, 0, dh), SSL_SUCCESS); #endif /* Test with SSL_CTRL_SET_TMP_ECDH * wolfSSL_CTX_ctrl should succesffuly call wolfSSL_SSL_CTX_set_tmp_ecdh */ #ifdef HAVE_ECC ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH, 0, ecKey), SSL_SUCCESS); #endif #ifdef WOLFSSL_ENCRYPTED_KEYS ExpectNull(SSL_CTX_get_default_passwd_cb(ctx)); ExpectNull(SSL_CTX_get_default_passwd_cb_userdata(ctx)); #endif /* Test for min/max proto */ #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION, 0, NULL), SSL_SUCCESS); ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION, TLS1_2_VERSION, NULL), SSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_2_VERSION); #endif #ifdef WOLFSSL_TLS13 ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION, 0, NULL), SSL_SUCCESS); ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION, TLS1_3_VERSION, NULL), SSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_get_max_proto_version(ctx), TLS1_3_VERSION); #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION, TLS1_2_VERSION, NULL), SSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_get_max_proto_version(ctx), TLS1_2_VERSION); #endif #endif /* Cleanup and Pass */ #if !defined(NO_DH) && !defined(NO_DSA) #ifndef NO_BIO BIO_free(bio); DSA_free(dsa); DH_free(dh); dh = NULL; #endif #endif #ifdef HAVE_ECC wolfSSL_EC_KEY_free(ecKey); #endif SSL_CTX_free(ctx); #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ * !defined(NO_FILESYSTEM) && !defined(NO_RSA) */ return EXPECT_RESULT(); } static int test_wolfSSL_EVP_PKEY_assign(void) { EXPECT_DECLS; #if !defined(NO_RSA) || !defined(NO_DSA) || defined(HAVE_ECC) int type; WOLFSSL_EVP_PKEY* pkey = NULL; #ifndef NO_RSA WOLFSSL_RSA* rsa = NULL; #endif #ifndef NO_DSA WOLFSSL_DSA* dsa = NULL; #endif #ifdef HAVE_ECC WOLFSSL_EC_KEY* ecKey = NULL; #endif #ifndef NO_RSA type = EVP_PKEY_RSA; ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectNotNull(rsa = wolfSSL_RSA_new()); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(NULL, type, rsa), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, NULL), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, -1, rsa), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, rsa), WOLFSSL_SUCCESS); if (EXPECT_FAIL()) { wolfSSL_RSA_free(rsa); } wolfSSL_EVP_PKEY_free(pkey); pkey = NULL; #endif /* NO_RSA */ #ifndef NO_DSA type = EVP_PKEY_DSA; ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectNotNull(dsa = wolfSSL_DSA_new()); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(NULL, type, dsa), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, NULL), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, -1, dsa), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, dsa), WOLFSSL_SUCCESS); if (EXPECT_FAIL()) { wolfSSL_DSA_free(dsa); } wolfSSL_EVP_PKEY_free(pkey); pkey = NULL; #endif /* NO_DSA */ #ifdef HAVE_ECC type = EVP_PKEY_EC; ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectNotNull(ecKey = wolfSSL_EC_KEY_new()); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(NULL, type, ecKey), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, NULL), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, -1, ecKey), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, ecKey), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, ecKey), WOLFSSL_SUCCESS); if (EXPECT_FAIL()) { wolfSSL_EC_KEY_free(ecKey); } wolfSSL_EVP_PKEY_free(pkey); pkey = NULL; #endif /* HAVE_ECC */ #endif /* !NO_RSA || !NO_DSA || HAVE_ECC */ return EXPECT_RESULT(); } static int test_wolfSSL_EVP_PKEY_assign_DH(void) { EXPECT_DECLS; #if !defined(NO_DH) && \ !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)) XFILE f = XBADFILE; unsigned char buf[4096]; const unsigned char* pt = buf; const char* params1 = "./certs/dh2048.der"; long len = 0; WOLFSSL_DH* dh = NULL; WOLFSSL_EVP_PKEY* pkey = NULL; XMEMSET(buf, 0, sizeof(buf)); /* Load DH parameters DER. */ ExpectTrue((f = XFOPEN(params1, "rb")) != XBADFILE); ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0); if (f != XBADFILE) XFCLOSE(f); ExpectNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len)); ExpectIntEQ(DH_generate_key(dh), WOLFSSL_SUCCESS); ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); /* Bad cases */ ExpectIntEQ(wolfSSL_EVP_PKEY_assign_DH(NULL, dh), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_EVP_PKEY_assign_DH(pkey, NULL), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_EVP_PKEY_assign_DH(NULL, NULL), WOLFSSL_FAILURE); /* Good case */ ExpectIntEQ(wolfSSL_EVP_PKEY_assign_DH(pkey, dh), WOLFSSL_SUCCESS); if (EXPECT_FAIL()) { wolfSSL_DH_free(dh); } EVP_PKEY_free(pkey); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_PKEY_base_id(void) { EXPECT_DECLS; WOLFSSL_EVP_PKEY* pkey = NULL; ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectIntEQ(wolfSSL_EVP_PKEY_base_id(NULL), NID_undef); ExpectIntEQ(wolfSSL_EVP_PKEY_base_id(pkey), EVP_PKEY_RSA); EVP_PKEY_free(pkey); return EXPECT_RESULT(); } static int test_wolfSSL_EVP_PKEY_id(void) { EXPECT_DECLS; WOLFSSL_EVP_PKEY* pkey = NULL; ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectIntEQ(wolfSSL_EVP_PKEY_id(NULL), 0); ExpectIntEQ(wolfSSL_EVP_PKEY_id(pkey), EVP_PKEY_RSA); EVP_PKEY_free(pkey); return EXPECT_RESULT(); } static int test_wolfSSL_EVP_PKEY_paramgen(void) { EXPECT_DECLS; /* ECC check taken from ecc.c. It is the condition that defines ECC256 */ #if defined(OPENSSL_ALL) && !defined(NO_ECC_SECP) && \ ((!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && \ ECC_MIN_KEY_SZ <= 256) EVP_PKEY_CTX* ctx = NULL; EVP_PKEY* pkey = NULL; /* Test error conditions. */ ExpectIntEQ(EVP_PKEY_paramgen(NULL, &pkey), WOLFSSL_FAILURE); ExpectNotNull(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)); ExpectIntEQ(EVP_PKEY_paramgen(ctx, NULL), WOLFSSL_FAILURE); #ifndef NO_RSA EVP_PKEY_CTX_free(ctx); /* Parameter generation for RSA not supported yet. */ ExpectNotNull(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)); ExpectIntEQ(EVP_PKEY_paramgen(ctx, &pkey), WOLFSSL_FAILURE); #endif #ifdef HAVE_ECC EVP_PKEY_CTX_free(ctx); ExpectNotNull(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)); ExpectIntEQ(EVP_PKEY_paramgen_init(ctx), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, NID_X9_62_prime256v1), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_paramgen(ctx, &pkey), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_set_ec_param_enc(ctx, OPENSSL_EC_NAMED_CURVE), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_keygen_init(ctx), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_keygen(ctx, &pkey), WOLFSSL_SUCCESS); #endif EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(pkey); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_PKEY_keygen(void) { EXPECT_DECLS; WOLFSSL_EVP_PKEY* pkey = NULL; EVP_PKEY_CTX* ctx = NULL; #if !defined(NO_DH) && (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0)) WOLFSSL_EVP_PKEY* params = NULL; DH* dh = NULL; const BIGNUM* pubkey = NULL; const BIGNUM* privkey = NULL; ASN1_INTEGER* asn1int = NULL; unsigned int length = 0; byte* derBuffer = NULL; #endif ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL)); /* Bad cases */ ExpectIntEQ(wolfSSL_EVP_PKEY_keygen(NULL, &pkey), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_EVP_PKEY_keygen(ctx, NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_EVP_PKEY_keygen(NULL, NULL), BAD_FUNC_ARG); /* Good case */ ExpectIntEQ(wolfSSL_EVP_PKEY_keygen(ctx, &pkey), 0); EVP_PKEY_CTX_free(ctx); ctx = NULL; EVP_PKEY_free(pkey); pkey = NULL; #if !defined(NO_DH) && (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0)) /* Test DH keygen */ { ExpectNotNull(params = wolfSSL_EVP_PKEY_new()); ExpectNotNull(dh = DH_get_2048_256()); ExpectIntEQ(EVP_PKEY_set1_DH(params, dh), WOLFSSL_SUCCESS); ExpectNotNull(ctx = EVP_PKEY_CTX_new(params, NULL)); ExpectIntEQ(EVP_PKEY_keygen_init(ctx), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_keygen(ctx, &pkey), WOLFSSL_SUCCESS); DH_free(dh); dh = NULL; EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(params); /* try exporting generated key to DER, to verify */ ExpectNotNull(dh = EVP_PKEY_get1_DH(pkey)); DH_get0_key(dh, &pubkey, &privkey); ExpectNotNull(pubkey); ExpectNotNull(privkey); ExpectNotNull(asn1int = BN_to_ASN1_INTEGER(pubkey, NULL)); ExpectIntGT((length = i2d_ASN1_INTEGER(asn1int, &derBuffer)), 0); ASN1_INTEGER_free(asn1int); DH_free(dh); dh = NULL; XFREE(derBuffer, NULL, DYNAMIC_TYPE_TMP_BUFFER); EVP_PKEY_free(pkey); } #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_PKEY_keygen_init(void) { EXPECT_DECLS; WOLFSSL_EVP_PKEY* pkey = NULL; EVP_PKEY_CTX *ctx = NULL; ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL)); ExpectIntEQ(wolfSSL_EVP_PKEY_keygen_init(ctx), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_EVP_PKEY_keygen_init(NULL), WOLFSSL_SUCCESS); EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(pkey); return EXPECT_RESULT(); } static int test_wolfSSL_EVP_PKEY_missing_parameters(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_WOLFSSL_STUB) WOLFSSL_EVP_PKEY* pkey = NULL; ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectIntEQ(wolfSSL_EVP_PKEY_missing_parameters(pkey), 0); ExpectIntEQ(wolfSSL_EVP_PKEY_missing_parameters(NULL), 0); EVP_PKEY_free(pkey); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_PKEY_copy_parameters(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_DH) && defined(WOLFSSL_KEY_GEN) && \ !defined(HAVE_SELFTEST) && (defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || \ defined(WOLFSSL_OPENSSH)) && defined(WOLFSSL_DH_EXTRA) && \ !defined(NO_FILESYSTEM) WOLFSSL_EVP_PKEY* params = NULL; WOLFSSL_EVP_PKEY* copy = NULL; DH* dh = NULL; BIGNUM* p1; BIGNUM* g1; BIGNUM* q1; BIGNUM* p2; BIGNUM* g2; BIGNUM* q2; /* create DH with DH_get_2048_256 params */ ExpectNotNull(params = wolfSSL_EVP_PKEY_new()); ExpectNotNull(dh = DH_get_2048_256()); ExpectIntEQ(EVP_PKEY_set1_DH(params, dh), WOLFSSL_SUCCESS); DH_get0_pqg(dh, (const BIGNUM**)&p1, (const BIGNUM**)&q1, (const BIGNUM**)&g1); DH_free(dh); dh = NULL; /* create DH with random generated DH params */ ExpectNotNull(copy = wolfSSL_EVP_PKEY_new()); ExpectNotNull(dh = DH_generate_parameters(2048, 2, NULL, NULL)); ExpectIntEQ(EVP_PKEY_set1_DH(copy, dh), WOLFSSL_SUCCESS); DH_free(dh); dh = NULL; ExpectIntEQ(EVP_PKEY_copy_parameters(copy, params), WOLFSSL_SUCCESS); ExpectNotNull(dh = EVP_PKEY_get1_DH(copy)); ExpectNotNull(dh->p); ExpectNotNull(dh->g); ExpectNotNull(dh->q); DH_get0_pqg(dh, (const BIGNUM**)&p2, (const BIGNUM**)&q2, (const BIGNUM**)&g2); ExpectIntEQ(BN_cmp(p1, p2), 0); ExpectIntEQ(BN_cmp(q1, q2), 0); ExpectIntEQ(BN_cmp(g1, g2), 0); DH_free(dh); dh = NULL; EVP_PKEY_free(copy); EVP_PKEY_free(params); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits(void) { EXPECT_DECLS; WOLFSSL_EVP_PKEY* pkey = NULL; EVP_PKEY_CTX* ctx = NULL; int bits = 2048; ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL)); ExpectIntEQ(wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits), WOLFSSL_SUCCESS); EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(pkey); return EXPECT_RESULT(); } static int test_wolfSSL_EVP_CIPHER_CTX_iv_length(void) { EXPECT_DECLS; /* This is large enough to be used for all key sizes */ byte key[AES_256_KEY_SIZE] = {0}; byte iv[AES_BLOCK_SIZE] = {0}; int i; int nids[] = { #ifdef HAVE_AES_CBC NID_aes_128_cbc, #endif #if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)) #ifdef HAVE_AESGCM NID_aes_128_gcm, #endif #endif /* (HAVE_FIPS && !HAVE_SELFTEST) || HAVE_FIPS_VERSION > 2 */ #ifdef WOLFSSL_AES_COUNTER NID_aes_128_ctr, #endif #ifndef NO_DES3 NID_des_cbc, NID_des_ede3_cbc, #endif }; int iv_lengths[] = { #ifdef HAVE_AES_CBC AES_BLOCK_SIZE, #endif #if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)) #ifdef HAVE_AESGCM GCM_NONCE_MID_SZ, #endif #endif /* (HAVE_FIPS && !HAVE_SELFTEST) || HAVE_FIPS_VERSION > 2 */ #ifdef WOLFSSL_AES_COUNTER AES_BLOCK_SIZE, #endif #ifndef NO_DES3 DES_BLOCK_SIZE, DES_BLOCK_SIZE, #endif }; int nidsLen = (sizeof(nids)/sizeof(int)); for (i = 0; i < nidsLen; i++) { const EVP_CIPHER* init = wolfSSL_EVP_get_cipherbynid(nids[i]); EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new(); wolfSSL_EVP_CIPHER_CTX_init(ctx); ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_iv_length(ctx), iv_lengths[i]); EVP_CIPHER_CTX_free(ctx); } return EXPECT_RESULT(); } static int test_wolfSSL_EVP_CIPHER_CTX_key_length(void) { EXPECT_DECLS; byte key[AES_256_KEY_SIZE] = {0}; byte iv[AES_BLOCK_SIZE] = {0}; int i; int nids[] = { #ifdef HAVE_AES_CBC NID_aes_128_cbc, NID_aes_256_cbc, #endif #if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)) #ifdef HAVE_AESGCM NID_aes_128_gcm, NID_aes_256_gcm, #endif #endif /* (HAVE_FIPS && !HAVE_SELFTEST) || HAVE_FIPS_VERSION > 2 */ #ifdef WOLFSSL_AES_COUNTER NID_aes_128_ctr, NID_aes_256_ctr, #endif #ifndef NO_DES3 NID_des_cbc, NID_des_ede3_cbc, #endif }; int key_lengths[] = { #ifdef HAVE_AES_CBC AES_128_KEY_SIZE, AES_256_KEY_SIZE, #endif #if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)) #ifdef HAVE_AESGCM AES_128_KEY_SIZE, AES_256_KEY_SIZE, #endif #endif /* (HAVE_FIPS && !HAVE_SELFTEST) || HAVE_FIPS_VERSION > 2 */ #ifdef WOLFSSL_AES_COUNTER AES_128_KEY_SIZE, AES_256_KEY_SIZE, #endif #ifndef NO_DES3 DES_KEY_SIZE, DES3_KEY_SIZE, #endif }; int nidsLen = (sizeof(nids)/sizeof(int)); for (i = 0; i < nidsLen; i++) { const EVP_CIPHER *init = wolfSSL_EVP_get_cipherbynid(nids[i]); EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new(); wolfSSL_EVP_CIPHER_CTX_init(ctx); ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_key_length(ctx), key_lengths[i]); ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_key_length(ctx, key_lengths[i]), WOLFSSL_SUCCESS); EVP_CIPHER_CTX_free(ctx); } return EXPECT_RESULT(); } static int test_wolfSSL_EVP_CIPHER_CTX_set_iv(void) { EXPECT_DECLS; #if defined(HAVE_AESGCM) && !defined(NO_DES3) int ivLen, keyLen; EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new(); #ifdef HAVE_AESGCM byte key[AES_128_KEY_SIZE] = {0}; byte iv[AES_BLOCK_SIZE] = {0}; const EVP_CIPHER *init = EVP_aes_128_gcm(); #else byte key[DES3_KEY_SIZE] = {0}; byte iv[DES_BLOCK_SIZE] = {0}; const EVP_CIPHER *init = EVP_des_ede3_cbc(); #endif wolfSSL_EVP_CIPHER_CTX_init(ctx); ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS); ivLen = wolfSSL_EVP_CIPHER_CTX_iv_length(ctx); keyLen = wolfSSL_EVP_CIPHER_CTX_key_length(ctx); /* Bad cases */ ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(NULL, iv, ivLen), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, NULL, ivLen), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, iv, 0), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(NULL, NULL, 0), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, iv, keyLen), WOLFSSL_FAILURE); /* Good case */ ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, iv, ivLen), 1); EVP_CIPHER_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_PKEY_CTX_new_id(void) { EXPECT_DECLS; WOLFSSL_ENGINE* e = NULL; int id = 0; EVP_PKEY_CTX *ctx = NULL; ExpectNotNull(ctx = wolfSSL_EVP_PKEY_CTX_new_id(id, e)); EVP_PKEY_CTX_free(ctx); return EXPECT_RESULT(); } static int test_wolfSSL_EVP_rc4(void) { EXPECT_DECLS; #if !defined(NO_RC4) ExpectNotNull(wolfSSL_EVP_rc4()); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_enc_null(void) { EXPECT_DECLS; ExpectNotNull(wolfSSL_EVP_enc_null()); return EXPECT_RESULT(); } static int test_wolfSSL_EVP_rc2_cbc(void) { EXPECT_DECLS; #if defined(WOLFSSL_QT) && !defined(NO_WOLFSSL_STUB) ExpectNull(wolfSSL_EVP_rc2_cbc()); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_mdc2(void) { EXPECT_DECLS; #if !defined(NO_WOLFSSL_STUB) ExpectNull(wolfSSL_EVP_mdc2()); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_md4(void) { EXPECT_DECLS; #if !defined(NO_MD4) ExpectNotNull(wolfSSL_EVP_md4()); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_aes_256_gcm(void) { EXPECT_DECLS; #ifdef HAVE_AESGCM ExpectNotNull(wolfSSL_EVP_aes_256_gcm()); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_aes_192_gcm(void) { EXPECT_DECLS; #ifdef HAVE_AESGCM ExpectNotNull(wolfSSL_EVP_aes_192_gcm()); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_aes_256_ccm(void) { EXPECT_DECLS; #ifdef HAVE_AESCCM ExpectNotNull(wolfSSL_EVP_aes_256_ccm()); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_aes_192_ccm(void) { EXPECT_DECLS; #ifdef HAVE_AESCCM ExpectNotNull(wolfSSL_EVP_aes_192_ccm()); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_aes_128_ccm(void) { EXPECT_DECLS; #ifdef HAVE_AESCCM ExpectNotNull(wolfSSL_EVP_aes_128_ccm()); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_ripemd160(void) { EXPECT_DECLS; #if !defined(NO_WOLFSSL_STUB) ExpectNull(wolfSSL_EVP_ripemd160()); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_get_digestbynid(void) { EXPECT_DECLS; #ifndef NO_MD5 ExpectNotNull(wolfSSL_EVP_get_digestbynid(NID_md5)); #endif #ifndef NO_SHA ExpectNotNull(wolfSSL_EVP_get_digestbynid(NID_sha1)); #endif #ifndef NO_SHA256 ExpectNotNull(wolfSSL_EVP_get_digestbynid(NID_sha256)); #endif ExpectNull(wolfSSL_EVP_get_digestbynid(0)); return EXPECT_RESULT(); } static int test_wolfSSL_EVP_MD_nid(void) { EXPECT_DECLS; #ifndef NO_MD5 ExpectIntEQ(EVP_MD_nid(EVP_md5()), NID_md5); #endif #ifndef NO_SHA ExpectIntEQ(EVP_MD_nid(EVP_sha1()), NID_sha1); #endif #ifndef NO_SHA256 ExpectIntEQ(EVP_MD_nid(EVP_sha256()), NID_sha256); #endif ExpectIntEQ(EVP_MD_nid(NULL), NID_undef); return EXPECT_RESULT(); } static int test_wolfSSL_EVP_PKEY_get0_EC_KEY(void) { EXPECT_DECLS; #if defined(HAVE_ECC) WOLFSSL_EVP_PKEY* pkey = NULL; ExpectNull(EVP_PKEY_get0_EC_KEY(NULL)); ExpectNotNull(pkey = EVP_PKEY_new()); ExpectNull(EVP_PKEY_get0_EC_KEY(pkey)); EVP_PKEY_free(pkey); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_X_STATE(void) { EXPECT_DECLS; #if !defined(NO_DES3) && !defined(NO_RC4) byte key[DES3_KEY_SIZE] = {0}; byte iv[DES_IV_SIZE] = {0}; EVP_CIPHER_CTX *ctx = NULL; const EVP_CIPHER *init = NULL; /* Bad test cases */ ExpectNotNull(ctx = EVP_CIPHER_CTX_new()); ExpectNotNull(init = EVP_des_ede3_cbc()); wolfSSL_EVP_CIPHER_CTX_init(ctx); ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS); ExpectNull(wolfSSL_EVP_X_STATE(NULL)); ExpectNull(wolfSSL_EVP_X_STATE(ctx)); EVP_CIPHER_CTX_free(ctx); ctx = NULL; /* Good test case */ ExpectNotNull(ctx = EVP_CIPHER_CTX_new()); ExpectNotNull(init = wolfSSL_EVP_rc4()); wolfSSL_EVP_CIPHER_CTX_init(ctx); ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS); ExpectNotNull(wolfSSL_EVP_X_STATE(ctx)); EVP_CIPHER_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_X_STATE_LEN(void) { EXPECT_DECLS; #if !defined(NO_DES3) && !defined(NO_RC4) byte key[DES3_KEY_SIZE] = {0}; byte iv[DES_IV_SIZE] = {0}; EVP_CIPHER_CTX *ctx = NULL; const EVP_CIPHER *init = NULL; /* Bad test cases */ ExpectNotNull(ctx = EVP_CIPHER_CTX_new()); ExpectNotNull(init = EVP_des_ede3_cbc()); wolfSSL_EVP_CIPHER_CTX_init(ctx); ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_EVP_X_STATE_LEN(NULL), 0); ExpectIntEQ(wolfSSL_EVP_X_STATE_LEN(ctx), 0); EVP_CIPHER_CTX_free(ctx); ctx = NULL; /* Good test case */ ExpectNotNull(ctx = EVP_CIPHER_CTX_new()); ExpectNotNull(init = wolfSSL_EVP_rc4()); wolfSSL_EVP_CIPHER_CTX_init(ctx); ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_EVP_X_STATE_LEN(ctx), sizeof(Arc4)); EVP_CIPHER_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_CIPHER_block_size(void) { EXPECT_DECLS; #if defined(HAVE_AES_CBC) || defined(HAVE_AESGCM) || \ defined(WOLFSSL_AES_COUNTER) || defined(HAVE_AES_ECB) || \ defined(WOLFSSL_AES_OFB) || !defined(NO_RC4) || \ (defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) #ifdef HAVE_AES_CBC #ifdef WOLFSSL_AES_128 ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_128_cbc()), AES_BLOCK_SIZE); #endif #ifdef WOLFSSL_AES_192 ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_192_cbc()), AES_BLOCK_SIZE); #endif #ifdef WOLFSSL_AES_256 ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_256_cbc()), AES_BLOCK_SIZE); #endif #endif #ifdef HAVE_AESGCM #ifdef WOLFSSL_AES_128 ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_128_gcm()), 1); #endif #ifdef WOLFSSL_AES_192 ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_192_gcm()), 1); #endif #ifdef WOLFSSL_AES_256 ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_256_gcm()), 1); #endif #endif #ifdef HAVE_AESCCM #ifdef WOLFSSL_AES_128 ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_128_ccm()), 1); #endif #ifdef WOLFSSL_AES_192 ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_192_ccm()), 1); #endif #ifdef WOLFSSL_AES_256 ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_256_ccm()), 1); #endif #endif #ifdef WOLFSSL_AES_COUNTER #ifdef WOLFSSL_AES_128 ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_128_ctr()), 1); #endif #ifdef WOLFSSL_AES_192 ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_192_ctr()), 1); #endif #ifdef WOLFSSL_AES_256 ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_256_ctr()), 1); #endif #endif #ifdef HAVE_AES_ECB #ifdef WOLFSSL_AES_128 ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_128_ecb()), AES_BLOCK_SIZE); #endif #ifdef WOLFSSL_AES_192 ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_192_ecb()), AES_BLOCK_SIZE); #endif #ifdef WOLFSSL_AES_256 ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_256_ecb()), AES_BLOCK_SIZE); #endif #endif #ifdef WOLFSSL_AES_OFB #ifdef WOLFSSL_AES_128 ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_128_ofb()), 1); #endif #ifdef WOLFSSL_AES_192 ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_192_ofb()), 1); #endif #ifdef WOLFSSL_AES_256 ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_256_ofb()), 1); #endif #endif #ifndef NO_RC4 ExpectIntEQ(EVP_CIPHER_block_size(wolfSSL_EVP_rc4()), 1); #endif #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) ExpectIntEQ(EVP_CIPHER_block_size(wolfSSL_EVP_chacha20_poly1305()), 1); #endif #endif #ifdef WOLFSSL_SM4_ECB ExpectIntEQ(EVP_CIPHER_block_size(EVP_sm4_ecb()), SM4_BLOCK_SIZE); #endif #ifdef WOLFSSL_SM4_CBC ExpectIntEQ(EVP_CIPHER_block_size(EVP_sm4_cbc()), SM4_BLOCK_SIZE); #endif #ifdef WOLFSSL_SM4_CTR ExpectIntEQ(EVP_CIPHER_block_size(EVP_sm4_ctr()), 1); #endif #ifdef WOLFSSL_SM4_GCM ExpectIntEQ(EVP_CIPHER_block_size(EVP_sm4_gcm()), 1); #endif #ifdef WOLFSSL_SM4_CCM ExpectIntEQ(EVP_CIPHER_block_size(EVP_sm4_ccm()), 1); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_CIPHER_iv_length(void) { EXPECT_DECLS; int nids[] = { #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT) #ifdef WOLFSSL_AES_128 NID_aes_128_cbc, #endif #ifdef WOLFSSL_AES_192 NID_aes_192_cbc, #endif #ifdef WOLFSSL_AES_256 NID_aes_256_cbc, #endif #endif /* HAVE_AES_CBC || WOLFSSL_AES_DIRECT */ #if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)) #ifdef HAVE_AESGCM #ifdef WOLFSSL_AES_128 NID_aes_128_gcm, #endif #ifdef WOLFSSL_AES_192 NID_aes_192_gcm, #endif #ifdef WOLFSSL_AES_256 NID_aes_256_gcm, #endif #endif /* HAVE_AESGCM */ #endif /* (HAVE_FIPS && !HAVE_SELFTEST) || HAVE_FIPS_VERSION > 2 */ #ifdef WOLFSSL_AES_COUNTER #ifdef WOLFSSL_AES_128 NID_aes_128_ctr, #endif #ifdef WOLFSSL_AES_192 NID_aes_192_ctr, #endif #ifdef WOLFSSL_AES_256 NID_aes_256_ctr, #endif #endif #ifndef NO_DES3 NID_des_cbc, NID_des_ede3_cbc, #endif #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) NID_chacha20_poly1305, #endif }; int iv_lengths[] = { #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT) #ifdef WOLFSSL_AES_128 AES_BLOCK_SIZE, #endif #ifdef WOLFSSL_AES_192 AES_BLOCK_SIZE, #endif #ifdef WOLFSSL_AES_256 AES_BLOCK_SIZE, #endif #endif /* HAVE_AES_CBC || WOLFSSL_AES_DIRECT */ #if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)) #ifdef HAVE_AESGCM #ifdef WOLFSSL_AES_128 GCM_NONCE_MID_SZ, #endif #ifdef WOLFSSL_AES_192 GCM_NONCE_MID_SZ, #endif #ifdef WOLFSSL_AES_256 GCM_NONCE_MID_SZ, #endif #endif /* HAVE_AESGCM */ #endif /* (HAVE_FIPS && !HAVE_SELFTEST) || HAVE_FIPS_VERSION > 2 */ #ifdef WOLFSSL_AES_COUNTER #ifdef WOLFSSL_AES_128 AES_BLOCK_SIZE, #endif #ifdef WOLFSSL_AES_192 AES_BLOCK_SIZE, #endif #ifdef WOLFSSL_AES_256 AES_BLOCK_SIZE, #endif #endif #ifndef NO_DES3 DES_BLOCK_SIZE, DES_BLOCK_SIZE, #endif #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) CHACHA20_POLY1305_AEAD_IV_SIZE, #endif }; int i; int nidsLen = (sizeof(nids)/sizeof(int)); for (i = 0; i < nidsLen; i++) { const EVP_CIPHER *c = EVP_get_cipherbynid(nids[i]); ExpectIntEQ(EVP_CIPHER_iv_length(c), iv_lengths[i]); } return EXPECT_RESULT(); } static int test_wolfSSL_EVP_SignInit_ex(void) { EXPECT_DECLS; WOLFSSL_EVP_MD_CTX mdCtx; WOLFSSL_ENGINE* e = 0; const EVP_MD* md = EVP_sha256(); wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_SignInit_ex(&mdCtx, md, e), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1); return EXPECT_RESULT(); } static int test_wolfSSL_EVP_DigestFinal_ex(void) { EXPECT_DECLS; #if !defined(NO_SHA256) WOLFSSL_EVP_MD_CTX mdCtx; unsigned int s = 0; unsigned char md[WC_SHA256_DIGEST_SIZE]; unsigned char md2[WC_SHA256_DIGEST_SIZE]; /* Bad Case */ #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \ (HAVE_FIPS_VERSION > 2)) wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestFinal_ex(&mdCtx, md, &s), 0); ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1); #else wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestFinal_ex(&mdCtx, md, &s), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), WOLFSSL_SUCCESS); #endif /* Good Case */ wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, EVP_sha256()), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_EVP_DigestFinal_ex(&mdCtx, md2, &s), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), WOLFSSL_SUCCESS); #endif return EXPECT_RESULT(); } static int test_wolfSSL_QT_EVP_PKEY_CTX_free(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) EVP_PKEY* pkey = NULL; EVP_PKEY_CTX* ctx = NULL; ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL)); #if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L /* void */ EVP_PKEY_CTX_free(ctx); #else /* int */ ExpectIntEQ(EVP_PKEY_CTX_free(ctx), WOLFSSL_SUCCESS); #endif EVP_PKEY_free(pkey); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_PKEY_param_check(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) #if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && !defined(NO_FILESYSTEM) DH *dh = NULL; DH *setDh = NULL; EVP_PKEY *pkey = NULL; EVP_PKEY_CTX* ctx = NULL; FILE* f = NULL; unsigned char buf[512]; const unsigned char* pt = buf; const char* dh2048 = "./certs/dh2048.der"; long len = 0; int code = -1; XMEMSET(buf, 0, sizeof(buf)); ExpectTrue((f = XFOPEN(dh2048, "rb")) != XBADFILE); ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0); if (f != XBADFILE) XFCLOSE(f); /* Load dh2048.der into DH with internal format */ ExpectNotNull(setDh = d2i_DHparams(NULL, &pt, len)); ExpectIntEQ(DH_check(setDh, &code), WOLFSSL_SUCCESS); ExpectIntEQ(code, 0); code = -1; pkey = wolfSSL_EVP_PKEY_new(); /* Set DH into PKEY */ ExpectIntEQ(EVP_PKEY_set1_DH(pkey, setDh), WOLFSSL_SUCCESS); /* create ctx from pkey */ ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL)); ExpectIntEQ(EVP_PKEY_param_check(ctx), 1/* valid */); /* TODO: more invalid cases */ ExpectIntEQ(EVP_PKEY_param_check(NULL), 0); EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(pkey); DH_free(setDh); setDh = NULL; DH_free(dh); dh = NULL; #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_BytesToKey(void) { EXPECT_DECLS; #if !defined(NO_AES) && defined(HAVE_AES_CBC) byte key[AES_BLOCK_SIZE] = {0}; byte iv[AES_BLOCK_SIZE] = {0}; int count = 0; const EVP_MD* md = EVP_sha256(); const EVP_CIPHER *type; const unsigned char *salt = (unsigned char *)"salt1234"; int sz = 5; const byte data[] = { 0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f, 0x72,0x6c,0x64 }; type = wolfSSL_EVP_get_cipherbynid(NID_aes_128_cbc); /* Bad cases */ ExpectIntEQ(EVP_BytesToKey(NULL, md, salt, data, sz, count, key, iv), 0); ExpectIntEQ(EVP_BytesToKey(type, md, salt, NULL, sz, count, key, iv), 16); md = "2"; ExpectIntEQ(EVP_BytesToKey(type, md, salt, data, sz, count, key, iv), WOLFSSL_FAILURE); /* Good case */ md = EVP_sha256(); ExpectIntEQ(EVP_BytesToKey(type, md, salt, data, sz, count, key, iv), 16); #endif return EXPECT_RESULT(); } static int test_evp_cipher_aes_gcm(void) { EXPECT_DECLS; #if defined(HAVE_AESGCM) && ((!defined(HAVE_FIPS) && \ !defined(HAVE_SELFTEST)) || (defined(HAVE_FIPS_VERSION) && \ (HAVE_FIPS_VERSION >= 2))) /* * This test checks data at various points in the encrypt/decrypt process * against known values produced using the same test with OpenSSL. This * interop testing is critical for verifying the correctness of our * EVP_Cipher implementation with AES-GCM. Specifically, this test exercises * a flow supported by OpenSSL that uses the control command * EVP_CTRL_GCM_IV_GEN to increment the IV between cipher operations without * the need to call EVP_CipherInit. OpenSSH uses this flow, for example. We * had a bug with OpenSSH where wolfSSL OpenSSH servers could only talk to * wolfSSL OpenSSH clients because there was a bug in this flow that * happened to "cancel out" if both sides of the connection had the bug. */ enum { NUM_ENCRYPTIONS = 3, AAD_SIZE = 4 }; byte plainText1[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23 }; byte plainText2[] = { 0x42, 0x49, 0x3b, 0x27, 0x03, 0x35, 0x59, 0x14, 0x41, 0x47, 0x37, 0x14, 0x0e, 0x34, 0x0d, 0x28, 0x63, 0x09, 0x0a, 0x5b, 0x22, 0x57, 0x42, 0x22, 0x0f, 0x5c, 0x1e, 0x53, 0x45, 0x15, 0x62, 0x08, 0x60, 0x43, 0x50, 0x2c }; byte plainText3[] = { 0x36, 0x0d, 0x2b, 0x09, 0x4a, 0x56, 0x3b, 0x4c, 0x21, 0x22, 0x58, 0x0e, 0x5b, 0x57, 0x10 }; byte* plainTexts[NUM_ENCRYPTIONS] = { plainText1, plainText2, plainText3 }; const int plainTextSzs[NUM_ENCRYPTIONS] = { sizeof(plainText1), sizeof(plainText2), sizeof(plainText3) }; byte aad1[AAD_SIZE] = { 0x00, 0x00, 0x00, 0x01 }; byte aad2[AAD_SIZE] = { 0x00, 0x00, 0x00, 0x10 }; byte aad3[AAD_SIZE] = { 0x00, 0x00, 0x01, 0x00 }; byte* aads[NUM_ENCRYPTIONS] = { aad1, aad2, aad3 }; const byte iv[GCM_NONCE_MID_SZ] = { 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF }; byte currentIv[GCM_NONCE_MID_SZ]; const byte key[] = { 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f }; const byte expIvs[NUM_ENCRYPTIONS][GCM_NONCE_MID_SZ] = { { 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF }, { 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xF0 }, { 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xF1 } }; const byte expTags[NUM_ENCRYPTIONS][AES_BLOCK_SIZE] = { { 0x65, 0x4F, 0xF7, 0xA0, 0xBB, 0x7B, 0x90, 0xB7, 0x9C, 0xC8, 0x14, 0x3D, 0x32, 0x18, 0x34, 0xA9 }, { 0x50, 0x3A, 0x13, 0x8D, 0x91, 0x1D, 0xEC, 0xBB, 0xBA, 0x5B, 0x57, 0xA2, 0xFD, 0x2D, 0x6B, 0x7F }, { 0x3B, 0xED, 0x18, 0x9C, 0xB3, 0xE3, 0x61, 0x1E, 0x11, 0xEB, 0x13, 0x5B, 0xEC, 0x52, 0x49, 0x32, } }; const byte expCipherText1[] = { 0xCB, 0x93, 0x4F, 0xC8, 0x22, 0xE2, 0xC0, 0x35, 0xAA, 0x6B, 0x41, 0x15, 0x17, 0x30, 0x2F, 0x97, 0x20, 0x74, 0x39, 0x28, 0xF8, 0xEB, 0xC5, 0x51, 0x7B, 0xD9, 0x8A, 0x36, 0xB8, 0xDA, 0x24, 0x80, 0xE7, 0x9E, 0x09, 0xDE }; const byte expCipherText2[] = { 0xF9, 0x32, 0xE1, 0x87, 0x37, 0x0F, 0x04, 0xC1, 0xB5, 0x59, 0xF0, 0x45, 0x3A, 0x0D, 0xA0, 0x26, 0xFF, 0xA6, 0x8D, 0x38, 0xFE, 0xB8, 0xE5, 0xC2, 0x2A, 0x98, 0x4A, 0x54, 0x8F, 0x1F, 0xD6, 0x13, 0x03, 0xB2, 0x1B, 0xC0 }; const byte expCipherText3[] = { 0xD0, 0x37, 0x59, 0x1C, 0x2F, 0x85, 0x39, 0x4D, 0xED, 0xC2, 0x32, 0x5B, 0x80, 0x5E, 0x6B, }; const byte* expCipherTexts[NUM_ENCRYPTIONS] = { expCipherText1, expCipherText2, expCipherText3 }; byte* cipherText = NULL; byte* calcPlainText = NULL; byte tag[AES_BLOCK_SIZE]; EVP_CIPHER_CTX* encCtx = NULL; EVP_CIPHER_CTX* decCtx = NULL; int i, j, outl; /****************************************************/ for (i = 0; i < 3; ++i) { ExpectNotNull(encCtx = EVP_CIPHER_CTX_new()); ExpectNotNull(decCtx = EVP_CIPHER_CTX_new()); /* First iteration, set key before IV. */ if (i == 0) { ExpectIntEQ(EVP_CipherInit(encCtx, EVP_aes_256_gcm(), key, NULL, 1), SSL_SUCCESS); /* * The call to EVP_CipherInit below (with NULL key) should clear the * authIvGenEnable flag set by EVP_CTRL_GCM_SET_IV_FIXED. As such, a * subsequent EVP_CTRL_GCM_IV_GEN should fail. This matches OpenSSL * behavior. */ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_SET_IV_FIXED, -1, (void*)iv), SSL_SUCCESS); ExpectIntEQ(EVP_CipherInit(encCtx, NULL, NULL, iv, 1), SSL_SUCCESS); ExpectIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_IV_GEN, -1, currentIv), SSL_FAILURE); ExpectIntEQ(EVP_CipherInit(decCtx, EVP_aes_256_gcm(), key, NULL, 0), SSL_SUCCESS); ExpectIntEQ(EVP_CipherInit(decCtx, NULL, NULL, iv, 0), SSL_SUCCESS); } /* Second iteration, IV before key. */ else { ExpectIntEQ(EVP_CipherInit(encCtx, EVP_aes_256_gcm(), NULL, iv, 1), SSL_SUCCESS); ExpectIntEQ(EVP_CipherInit(encCtx, NULL, key, NULL, 1), SSL_SUCCESS); ExpectIntEQ(EVP_CipherInit(decCtx, EVP_aes_256_gcm(), NULL, iv, 0), SSL_SUCCESS); ExpectIntEQ(EVP_CipherInit(decCtx, NULL, key, NULL, 0), SSL_SUCCESS); } /* * EVP_CTRL_GCM_IV_GEN should fail if EVP_CTRL_GCM_SET_IV_FIXED hasn't * been issued first. */ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_IV_GEN, -1, currentIv), SSL_FAILURE); ExpectIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_SET_IV_FIXED, -1, (void*)iv), SSL_SUCCESS); ExpectIntEQ(EVP_CIPHER_CTX_ctrl(decCtx, EVP_CTRL_GCM_SET_IV_FIXED, -1, (void*)iv), SSL_SUCCESS); for (j = 0; j < NUM_ENCRYPTIONS; ++j) { /*************** Encrypt ***************/ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_IV_GEN, -1, currentIv), SSL_SUCCESS); /* Check current IV against expected. */ ExpectIntEQ(XMEMCMP(currentIv, expIvs[j], GCM_NONCE_MID_SZ), 0); /* Add AAD. */ if (i == 2) { /* Test streaming API. */ ExpectIntEQ(EVP_CipherUpdate(encCtx, NULL, &outl, aads[j], AAD_SIZE), SSL_SUCCESS); } else { ExpectIntEQ(EVP_Cipher(encCtx, NULL, aads[j], AAD_SIZE), AAD_SIZE); } ExpectNotNull(cipherText = (byte*)XMALLOC(plainTextSzs[j], NULL, DYNAMIC_TYPE_TMP_BUFFER)); /* Encrypt plaintext. */ if (i == 2) { ExpectIntEQ(EVP_CipherUpdate(encCtx, cipherText, &outl, plainTexts[j], plainTextSzs[j]), SSL_SUCCESS); } else { ExpectIntEQ(EVP_Cipher(encCtx, cipherText, plainTexts[j], plainTextSzs[j]), plainTextSzs[j]); } if (i == 2) { ExpectIntEQ(EVP_CipherFinal(encCtx, cipherText, &outl), SSL_SUCCESS); } else { /* * Calling EVP_Cipher with NULL input and output for AES-GCM is * akin to calling EVP_CipherFinal. */ ExpectIntGE(EVP_Cipher(encCtx, NULL, NULL, 0), 0); } /* Check ciphertext against expected. */ ExpectIntEQ(XMEMCMP(cipherText, expCipherTexts[j], plainTextSzs[j]), 0); /* Get and check tag against expected. */ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_GET_TAG, sizeof(tag), tag), SSL_SUCCESS); ExpectIntEQ(XMEMCMP(tag, expTags[j], sizeof(tag)), 0); /*************** Decrypt ***************/ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(decCtx, EVP_CTRL_GCM_IV_GEN, -1, currentIv), SSL_SUCCESS); /* Check current IV against expected. */ ExpectIntEQ(XMEMCMP(currentIv, expIvs[j], GCM_NONCE_MID_SZ), 0); /* Add AAD. */ if (i == 2) { /* Test streaming API. */ ExpectIntEQ(EVP_CipherUpdate(decCtx, NULL, &outl, aads[j], AAD_SIZE), SSL_SUCCESS); } else { ExpectIntEQ(EVP_Cipher(decCtx, NULL, aads[j], AAD_SIZE), AAD_SIZE); } /* Set expected tag. */ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(decCtx, EVP_CTRL_GCM_SET_TAG, sizeof(tag), tag), SSL_SUCCESS); /* Decrypt ciphertext. */ ExpectNotNull(calcPlainText = (byte*)XMALLOC(plainTextSzs[j], NULL, DYNAMIC_TYPE_TMP_BUFFER)); if (i == 2) { ExpectIntEQ(EVP_CipherUpdate(decCtx, calcPlainText, &outl, cipherText, plainTextSzs[j]), SSL_SUCCESS); } else { /* This first EVP_Cipher call will check the tag, too. */ ExpectIntEQ(EVP_Cipher(decCtx, calcPlainText, cipherText, plainTextSzs[j]), plainTextSzs[j]); } if (i == 2) { ExpectIntEQ(EVP_CipherFinal(decCtx, calcPlainText, &outl), SSL_SUCCESS); } else { ExpectIntGE(EVP_Cipher(decCtx, NULL, NULL, 0), 0); } /* Check plaintext against expected. */ ExpectIntEQ(XMEMCMP(calcPlainText, plainTexts[j], plainTextSzs[j]), 0); XFREE(cipherText, NULL, DYNAMIC_TYPE_TMP_BUFFER); cipherText = NULL; XFREE(calcPlainText, NULL, DYNAMIC_TYPE_TMP_BUFFER); calcPlainText = NULL; } EVP_CIPHER_CTX_free(encCtx); encCtx = NULL; EVP_CIPHER_CTX_free(decCtx); decCtx = NULL; } #endif return EXPECT_RESULT(); } static int test_wolfSSL_OBJ_ln(void) { EXPECT_DECLS; const int nid_set[] = { NID_commonName, NID_serialNumber, NID_countryName, NID_localityName, NID_stateOrProvinceName, NID_organizationName, NID_organizationalUnitName, NID_domainComponent, NID_businessCategory, NID_jurisdictionCountryName, NID_jurisdictionStateOrProvinceName, NID_emailAddress }; const char* ln_set[] = { "commonName", "serialNumber", "countryName", "localityName", "stateOrProvinceName", "organizationName", "organizationalUnitName", "domainComponent", "businessCategory", "jurisdictionCountryName", "jurisdictionStateOrProvinceName", "emailAddress", }; size_t i = 0, maxIdx = sizeof(ln_set)/sizeof(char*); ExpectIntEQ(OBJ_ln2nid(NULL), NID_undef); #ifdef HAVE_ECC #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) { EC_builtin_curve r[27]; size_t nCurves = sizeof(r) / sizeof(r[0]); nCurves = EC_get_builtin_curves(r, nCurves); for (i = 0; i < nCurves; i++) { /* skip ECC_CURVE_INVALID */ if (r[i].nid != ECC_CURVE_INVALID) { ExpectIntEQ(OBJ_ln2nid(r[i].comment), r[i].nid); ExpectStrEQ(OBJ_nid2ln(r[i].nid), r[i].comment); } } } #endif #endif for (i = 0; i < maxIdx; i++) { ExpectIntEQ(OBJ_ln2nid(ln_set[i]), nid_set[i]); ExpectStrEQ(OBJ_nid2ln(nid_set[i]), ln_set[i]); } return EXPECT_RESULT(); } static int test_wolfSSL_OBJ_sn(void) { EXPECT_DECLS; int i = 0, maxIdx = 7; const int nid_set[] = {NID_commonName,NID_countryName,NID_localityName, NID_stateOrProvinceName,NID_organizationName, NID_organizationalUnitName,NID_emailAddress}; const char* sn_open_set[] = {"CN","C","L","ST","O","OU","emailAddress"}; const char* sn_wolf_set[] = {WOLFSSL_COMMON_NAME,WOLFSSL_COUNTRY_NAME, WOLFSSL_LOCALITY_NAME, WOLFSSL_STATE_NAME, WOLFSSL_ORG_NAME, WOLFSSL_ORGUNIT_NAME, WOLFSSL_EMAIL_ADDR}; ExpectIntEQ(wolfSSL_OBJ_sn2nid(NULL), NID_undef); for (i = 0; i < maxIdx; i++) { ExpectIntEQ(wolfSSL_OBJ_sn2nid(sn_wolf_set[i]), nid_set[i]); ExpectStrEQ(wolfSSL_OBJ_nid2sn(nid_set[i]), sn_open_set[i]); } return EXPECT_RESULT(); } #if !defined(NO_BIO) static unsigned long TXT_DB_hash(const WOLFSSL_STRING *s) { return lh_strhash(s[3]); } static int TXT_DB_cmp(const WOLFSSL_STRING *a, const WOLFSSL_STRING *b) { return XSTRCMP(a[3], b[3]); } #endif static int test_wolfSSL_TXT_DB(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_BIO) BIO *bio = NULL; TXT_DB *db = NULL; const int columns = 6; const char *fields[6] = { "V", "320926161116Z", "", "12BD", "unknown", "/CN=rsa doe", }; char** fields_copy = NULL; /* Test read */ ExpectNotNull(bio = BIO_new(BIO_s_file())); ExpectIntGT(BIO_read_filename(bio, "./tests/TXT_DB.txt"), 0); ExpectNotNull(db = TXT_DB_read(bio, columns)); ExpectNotNull(fields_copy = (char**)XMALLOC(sizeof(fields), NULL, DYNAMIC_TYPE_OPENSSL)); if (fields_copy != NULL) { XMEMCPY(fields_copy, fields, sizeof(fields)); } ExpectIntEQ(TXT_DB_insert(db, fields_copy), 1); if (EXPECT_FAIL()) { XFREE(fields_copy, NULL, DYNAMIC_TYPE_OPENSSL); } BIO_free(bio); bio = NULL; /* Test write */ ExpectNotNull(bio = BIO_new(BIO_s_mem())); ExpectIntEQ(TXT_DB_write(bio, db), 1484); BIO_free(bio); /* Test index */ ExpectIntEQ(TXT_DB_create_index(db, 3, NULL, (wolf_sk_hash_cb)TXT_DB_hash, (wolf_lh_compare_cb)TXT_DB_cmp), 1); ExpectNotNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields)); fields[3] = "12DA"; ExpectNotNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields)); fields[3] = "FFFF"; ExpectNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields)); fields[3] = ""; ExpectNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields)); TXT_DB_free(db); #endif return EXPECT_RESULT(); } static int test_wolfSSL_NCONF(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_BIO) const char* confFile = "./tests/NCONF_test.cnf"; CONF* conf = NULL; long eline = 0; long num = 0; ExpectNotNull(conf = NCONF_new(NULL)); ExpectIntEQ(NCONF_load(conf, confFile, &eline), 1); ExpectIntEQ(NCONF_get_number(conf, NULL, "port", &num), 1); ExpectIntEQ(num, 1234); ExpectIntEQ(NCONF_get_number(conf, "section2", "port", &num), 1); ExpectIntEQ(num, 4321); ExpectStrEQ(NCONF_get_string(conf, NULL, "dir"), "./test-dir"); ExpectStrEQ(NCONF_get_string(conf, "section1", "file1_copy"), "./test-dir/file1"); ExpectStrEQ(NCONF_get_string(conf, "section2", "file_list"), "./test-dir/file1:./test-dir/file2:./section1:file2"); NCONF_free(conf); #endif return EXPECT_RESULT(); } #endif /* OPENSSL_ALL */ static int test_wolfSSL_X509V3_EXT_get(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA) XFILE f = XBADFILE; int numOfExt =0; int extNid = 0; int i = 0; WOLFSSL_X509* x509 = NULL; WOLFSSL_X509_EXTENSION* ext = NULL; const WOLFSSL_v3_ext_method* method = NULL; ExpectTrue((f = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE); ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL)); if (f != XBADFILE) XFCLOSE(f); /* wolfSSL_X509V3_EXT_get() return struct and nid test */ ExpectIntEQ((numOfExt = wolfSSL_X509_get_ext_count(x509)), 5); for (i = 0; i < numOfExt; i++) { ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, i)); ExpectIntNE((extNid = ext->obj->nid), NID_undef); ExpectNotNull(method = wolfSSL_X509V3_EXT_get(ext)); ExpectIntEQ(method->ext_nid, extNid); } /* wolfSSL_X509V3_EXT_get() NULL argument test */ ExpectNull(method = wolfSSL_X509V3_EXT_get(NULL)); wolfSSL_X509_free(x509); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509V3_EXT_nconf(void) { EXPECT_DECLS; #ifdef OPENSSL_ALL const char *ext_names[] = { "subjectKeyIdentifier", "authorityKeyIdentifier", "subjectAltName", "keyUsage", "extendedKeyUsage", }; size_t ext_names_count = sizeof(ext_names)/sizeof(*ext_names); int ext_nids[] = { NID_subject_key_identifier, NID_authority_key_identifier, NID_subject_alt_name, NID_key_usage, NID_ext_key_usage, }; size_t ext_nids_count = sizeof(ext_nids)/sizeof(*ext_nids); const char *ext_values[] = { "hash", "hash", "DNS:example.com, IP:127.0.0.1", "digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment," "keyAgreement,keyCertSign,cRLSign,encipherOnly,decipherOnly", "serverAuth,clientAuth,codeSigning,emailProtection,timeStamping," "OCSPSigning", }; size_t i; X509_EXTENSION* ext = NULL; X509* x509 = NULL; unsigned int keyUsageFlags; unsigned int extKeyUsageFlags; ExpectNotNull(x509 = X509_new()); /* keyUsage / extKeyUsage should match string above */ keyUsageFlags = KU_DIGITAL_SIGNATURE | KU_NON_REPUDIATION | KU_KEY_ENCIPHERMENT | KU_DATA_ENCIPHERMENT | KU_KEY_AGREEMENT | KU_KEY_CERT_SIGN | KU_CRL_SIGN | KU_ENCIPHER_ONLY | KU_DECIPHER_ONLY; extKeyUsageFlags = XKU_SSL_CLIENT | XKU_SSL_SERVER | XKU_CODE_SIGN | XKU_SMIME | XKU_TIMESTAMP | XKU_OCSP_SIGN; for (i = 0; i < ext_names_count; i++) { ExpectNotNull(ext = X509V3_EXT_nconf(NULL, NULL, ext_names[i], ext_values[i])); X509_EXTENSION_free(ext); ext = NULL; } for (i = 0; i < ext_nids_count; i++) { ExpectNotNull(ext = X509V3_EXT_nconf_nid(NULL, NULL, ext_nids[i], ext_values[i])); X509_EXTENSION_free(ext); ext = NULL; } /* Test adding extension to X509 */ for (i = 0; i < ext_nids_count; i++) { ExpectNotNull(ext = X509V3_EXT_nconf(NULL, NULL, ext_names[i], ext_values[i])); ExpectIntEQ(X509_add_ext(x509, ext, -1), WOLFSSL_SUCCESS); if (ext_nids[i] == NID_key_usage) { ExpectIntEQ(X509_get_key_usage(x509), keyUsageFlags); } else if (ext_nids[i] == NID_ext_key_usage) { ExpectIntEQ(X509_get_extended_key_usage(x509), extKeyUsageFlags); } X509_EXTENSION_free(ext); ext = NULL; } X509_free(x509); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509V3_EXT(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA) XFILE f = XBADFILE; int numOfExt = 0, nid = 0, i = 0, expected, actual = 0; char* str = NULL; unsigned char* data = NULL; const WOLFSSL_v3_ext_method* method = NULL; WOLFSSL_X509* x509 = NULL; WOLFSSL_X509_EXTENSION* ext = NULL; WOLFSSL_X509_EXTENSION* ext2 = NULL; WOLFSSL_ASN1_OBJECT *obj = NULL; WOLFSSL_ASN1_OBJECT *adObj = NULL; WOLFSSL_ASN1_STRING* asn1str = NULL; WOLFSSL_AUTHORITY_KEYID* aKeyId = NULL; WOLFSSL_AUTHORITY_INFO_ACCESS* aia = NULL; WOLFSSL_BASIC_CONSTRAINTS* bc = NULL; WOLFSSL_ACCESS_DESCRIPTION* ad = NULL; WOLFSSL_GENERAL_NAME* gn = NULL; /* Check NULL argument */ ExpectNull(wolfSSL_X509V3_EXT_d2i(NULL)); /* Using OCSP cert with X509V3 extensions */ ExpectTrue((f = XFOPEN("./certs/ocsp/root-ca-cert.pem", "rb")) != XBADFILE); ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL)); if (f != XBADFILE) XFCLOSE(f); ExpectIntEQ((numOfExt = wolfSSL_X509_get_ext_count(x509)), 5); /* Basic Constraints */ ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, i)); ExpectNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext)); ExpectIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_basic_constraints); ExpectNotNull(bc = (WOLFSSL_BASIC_CONSTRAINTS*)wolfSSL_X509V3_EXT_d2i(ext)); ExpectIntEQ(bc->ca, 1); ExpectNull(bc->pathlen); wolfSSL_BASIC_CONSTRAINTS_free(bc); bc = NULL; i++; /* Subject Key Identifier */ ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, i)); ExpectNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext)); ExpectIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_subject_key_identifier); ExpectNotNull(asn1str = (WOLFSSL_ASN1_STRING*)wolfSSL_X509V3_EXT_d2i(ext)); ExpectNotNull(ext2 = wolfSSL_X509V3_EXT_i2d(NID_subject_key_identifier, 0, asn1str)); X509_EXTENSION_free(ext2); ext2 = NULL; ExpectNotNull(method = wolfSSL_X509V3_EXT_get(ext)); ExpectNotNull(method->i2s); ExpectNotNull(str = method->i2s((WOLFSSL_v3_ext_method*)method, asn1str)); wolfSSL_ASN1_STRING_free(asn1str); asn1str = NULL; if (str != NULL) { actual = strcmp(str, "73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21"); } ExpectIntEQ(actual, 0); XFREE(str, NULL, DYNAMIC_TYPE_TMP_BUFFER); str = NULL; i++; /* Authority Key Identifier */ ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, i)); ExpectNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext)); ExpectIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_authority_key_identifier); ExpectNotNull(aKeyId = (WOLFSSL_AUTHORITY_KEYID*)wolfSSL_X509V3_EXT_d2i( ext)); ExpectNotNull(method = wolfSSL_X509V3_EXT_get(ext)); ExpectNotNull(asn1str = aKeyId->keyid); ExpectNotNull(str = wolfSSL_i2s_ASN1_STRING((WOLFSSL_v3_ext_method*)method, asn1str)); asn1str = NULL; if (str != NULL) { actual = strcmp(str, "73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21"); } ExpectIntEQ(actual, 0); XFREE(str, NULL, DYNAMIC_TYPE_TMP_BUFFER); str = NULL; wolfSSL_AUTHORITY_KEYID_free(aKeyId); aKeyId = NULL; i++; /* Key Usage */ ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, i)); ExpectNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext)); ExpectIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_key_usage); ExpectNotNull(asn1str = (WOLFSSL_ASN1_STRING*)wolfSSL_X509V3_EXT_d2i(ext)); #if defined(WOLFSSL_QT) ExpectNotNull(data = (unsigned char*)ASN1_STRING_get0_data(asn1str)); #else ExpectNotNull(data = wolfSSL_ASN1_STRING_data(asn1str)); #endif expected = KEYUSE_KEY_CERT_SIGN | KEYUSE_CRL_SIGN; if (data != NULL) { #ifdef BIG_ENDIAN_ORDER actual = data[1]; #else actual = data[0]; #endif } ExpectIntEQ(actual, expected); wolfSSL_ASN1_STRING_free(asn1str); asn1str = NULL; #if 1 i++; /* Authority Info Access */ ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, i)); ExpectNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext)); ExpectIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_info_access); ExpectNotNull(aia = (WOLFSSL_AUTHORITY_INFO_ACCESS*)wolfSSL_X509V3_EXT_d2i( ext)); #if defined(WOLFSSL_QT) ExpectIntEQ(OPENSSL_sk_num(aia), 1); /* Only one URI entry for this cert */ #else ExpectIntEQ(wolfSSL_sk_num(aia), 1); /* Only one URI entry for this cert */ #endif /* URI entry is an ACCESS_DESCRIPTION type */ #if defined(WOLFSSL_QT) ExpectNotNull(ad = (WOLFSSL_ACCESS_DESCRIPTION*)wolfSSL_sk_value(aia, 0)); #else ExpectNotNull(ad = (WOLFSSL_ACCESS_DESCRIPTION*)OPENSSL_sk_value(aia, 0)); #endif ExpectNotNull(adObj = ad->method); /* Make sure nid is OCSP */ ExpectIntEQ(wolfSSL_OBJ_obj2nid(adObj), NID_ad_OCSP); /* GENERAL_NAME stores URI as an ASN1_STRING */ ExpectNotNull(gn = ad->location); ExpectIntEQ(gn->type, GEN_URI); /* Type should always be GEN_URI */ ExpectNotNull(asn1str = gn->d.uniformResourceIdentifier); ExpectIntEQ(wolfSSL_ASN1_STRING_length(asn1str), 22); #if defined(WOLFSSL_QT) ExpectNotNull(str = (char*)ASN1_STRING_get0_data(asn1str)); #else ExpectNotNull(str = (char*)wolfSSL_ASN1_STRING_data(asn1str)); #endif if (str != NULL) { actual = strcmp(str, "http://127.0.0.1:22220"); } ExpectIntEQ(actual, 0); wolfSSL_sk_ACCESS_DESCRIPTION_pop_free(aia, NULL); aia = NULL; #else (void) aia; (void) ad; (void) adObj; (void) gn; #endif wolfSSL_X509_free(x509); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_get_extension_flags(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_RSA) XFILE f = XBADFILE; X509* x509 = NULL; unsigned int extFlags; unsigned int keyUsageFlags; unsigned int extKeyUsageFlags; /* client-int-cert.pem has the following extension flags. */ extFlags = EXFLAG_KUSAGE | EXFLAG_XKUSAGE; /* and the following key usage flags. */ keyUsageFlags = KU_DIGITAL_SIGNATURE | KU_NON_REPUDIATION | KU_KEY_ENCIPHERMENT; /* and the following extended key usage flags. */ extKeyUsageFlags = XKU_SSL_CLIENT | XKU_SMIME; ExpectTrue((f = XFOPEN("./certs/intermediate/client-int-cert.pem", "rb")) != XBADFILE); ExpectNotNull(x509 = PEM_read_X509(f, NULL, NULL, NULL)); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } ExpectIntEQ(X509_get_extension_flags(x509), extFlags); ExpectIntEQ(X509_get_key_usage(x509), keyUsageFlags); ExpectIntEQ(X509_get_extended_key_usage(x509), extKeyUsageFlags); X509_free(x509); x509 = NULL; /* client-cert-ext.pem has the following extension flags. */ extFlags = EXFLAG_KUSAGE; /* and the following key usage flags. */ keyUsageFlags = KU_DIGITAL_SIGNATURE | KU_KEY_CERT_SIGN | KU_CRL_SIGN; ExpectTrue((f = fopen("./certs/client-cert-ext.pem", "rb")) != XBADFILE); ExpectNotNull(x509 = PEM_read_X509(f, NULL, NULL, NULL)); if (f != XBADFILE) XFCLOSE(f); ExpectIntEQ(X509_get_extension_flags(x509), extFlags); ExpectIntEQ(X509_get_key_usage(x509), keyUsageFlags); X509_free(x509); #endif /* OPENSSL_ALL */ return EXPECT_RESULT(); } static int test_wolfSSL_X509_get_ext(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA) int ret = 0; XFILE f = XBADFILE; WOLFSSL_X509* x509 = NULL; WOLFSSL_X509_EXTENSION* foundExtension; ExpectTrue((f = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE); ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL)); if (f != XBADFILE) XFCLOSE(f); ExpectIntEQ((ret = wolfSSL_X509_get_ext_count(x509)), 5); /* wolfSSL_X509_get_ext() valid input */ ExpectNotNull(foundExtension = wolfSSL_X509_get_ext(x509, 0)); /* wolfSSL_X509_get_ext() valid x509, idx out of bounds */ ExpectNull(foundExtension = wolfSSL_X509_get_ext(x509, -1)); ExpectNull(foundExtension = wolfSSL_X509_get_ext(x509, 100)); /* wolfSSL_X509_get_ext() NULL x509, idx out of bounds */ ExpectNull(foundExtension = wolfSSL_X509_get_ext(NULL, -1)); ExpectNull(foundExtension = wolfSSL_X509_get_ext(NULL, 100)); /* wolfSSL_X509_get_ext() NULL x509, valid idx */ ExpectNull(foundExtension = wolfSSL_X509_get_ext(NULL, 0)); wolfSSL_X509_free(x509); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_get_ext_by_NID(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_RSA) int rc = 0; XFILE f = XBADFILE; WOLFSSL_X509* x509 = NULL; ASN1_OBJECT* obj = NULL; ExpectTrue((f = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE); ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL)); if (f != XBADFILE) XFCLOSE(f); ExpectIntGE(rc = wolfSSL_X509_get_ext_by_NID(x509, NID_basic_constraints, -1), 0); /* Start search from last location (should fail) */ ExpectIntGE(rc = wolfSSL_X509_get_ext_by_NID(x509, NID_basic_constraints, rc), -1); ExpectIntGE(rc = wolfSSL_X509_get_ext_by_NID(x509, NID_basic_constraints, -2), -1); ExpectIntEQ(rc = wolfSSL_X509_get_ext_by_NID(NULL, NID_basic_constraints, -1), -1); ExpectIntEQ(rc = wolfSSL_X509_get_ext_by_NID(x509, NID_undef, -1), -1); /* NID_ext_key_usage, check also its nid and oid */ ExpectIntGT(rc = wolfSSL_X509_get_ext_by_NID(x509, NID_ext_key_usage, -1), -1); ExpectNotNull(obj = wolfSSL_X509_EXTENSION_get_object(wolfSSL_X509_get_ext( x509, rc))); ExpectIntEQ(obj->nid, NID_ext_key_usage); ExpectIntEQ(obj->type, EXT_KEY_USAGE_OID); wolfSSL_X509_free(x509); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_get_ext_subj_alt_name(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_RSA) int rc = 0; XFILE f = XBADFILE; WOLFSSL_X509* x509 = NULL; WOLFSSL_X509_EXTENSION* ext = NULL; WOLFSSL_ASN1_STRING* sanString = NULL; byte* sanDer = NULL; const byte expectedDer[] = { 0x30, 0x13, 0x82, 0x0b, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x87, 0x04, 0x7f, 0x00, 0x00, 0x01}; ExpectTrue((f = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE); ExpectNotNull(x509 = PEM_read_X509(f, NULL, NULL, NULL)); if (f != XBADFILE) XFCLOSE(f); ExpectIntNE(rc = X509_get_ext_by_NID(x509, NID_subject_alt_name, -1), -1); ExpectNotNull(ext = X509_get_ext(x509, rc)); ExpectNotNull(sanString = X509_EXTENSION_get_data(ext)); ExpectIntEQ(ASN1_STRING_length(sanString), sizeof(expectedDer)); ExpectNotNull(sanDer = ASN1_STRING_data(sanString)); ExpectIntEQ(XMEMCMP(sanDer, expectedDer, sizeof(expectedDer)), 0); X509_free(x509); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_EXTENSION_new(void) { EXPECT_DECLS; #if defined (OPENSSL_ALL) WOLFSSL_X509_EXTENSION* ext = NULL; ExpectNotNull(ext = wolfSSL_X509_EXTENSION_new()); ExpectNotNull(ext->obj = wolfSSL_ASN1_OBJECT_new()); wolfSSL_X509_EXTENSION_free(ext); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_EXTENSION_get_object(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA) WOLFSSL_X509* x509 = NULL; WOLFSSL_X509_EXTENSION* ext = NULL; WOLFSSL_ASN1_OBJECT* o = NULL; XFILE file = XBADFILE; ExpectTrue((file = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE); ExpectNotNull(x509 = wolfSSL_PEM_read_X509(file, NULL, NULL, NULL)); if (file != XBADFILE) XFCLOSE(file); /* wolfSSL_X509_EXTENSION_get_object() testing ext idx 0 */ ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, 0)); ExpectNull(wolfSSL_X509_EXTENSION_get_object(NULL)); ExpectNotNull(o = wolfSSL_X509_EXTENSION_get_object(ext)); ExpectIntEQ(o->nid, 128); /* wolfSSL_X509_EXTENSION_get_object() NULL argument */ ExpectNull(o = wolfSSL_X509_EXTENSION_get_object(NULL)); wolfSSL_X509_free(x509); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_EXTENSION_get_data(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA) WOLFSSL_X509* x509 = NULL; WOLFSSL_X509_EXTENSION* ext = NULL; WOLFSSL_ASN1_STRING* str = NULL; XFILE file = XBADFILE; ExpectTrue((file = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE); ExpectNotNull(x509 = wolfSSL_PEM_read_X509(file, NULL, NULL, NULL)); if (file != XBADFILE) XFCLOSE(file); ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, 0)); ExpectNull(str = wolfSSL_X509_EXTENSION_get_data(NULL)); ExpectNotNull(str = wolfSSL_X509_EXTENSION_get_data(ext)); wolfSSL_X509_free(x509); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_EXTENSION_get_critical(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA) WOLFSSL_X509* x509 = NULL; WOLFSSL_X509_EXTENSION* ext = NULL; XFILE file = XBADFILE; int crit = 0; ExpectTrue((file = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE); ExpectNotNull(x509 = wolfSSL_PEM_read_X509(file, NULL, NULL, NULL)); if (file != XBADFILE) XFCLOSE(file); ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, 0)); ExpectIntEQ(crit = wolfSSL_X509_EXTENSION_get_critical(NULL), BAD_FUNC_ARG); ExpectIntEQ(crit = wolfSSL_X509_EXTENSION_get_critical(ext), 0); wolfSSL_X509_free(x509); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509V3_EXT_print(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_BIO) && \ !defined(NO_RSA) { XFILE f = XBADFILE; WOLFSSL_X509* x509 = NULL; X509_EXTENSION * ext = NULL; int loc = 0; BIO *bio = NULL; ExpectTrue((f = XFOPEN(svrCertFile, "rb")) != XBADFILE); ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL)); if (f != XBADFILE) fclose(f); ExpectNotNull(bio = wolfSSL_BIO_new(BIO_s_mem())); ExpectIntGT(loc = wolfSSL_X509_get_ext_by_NID(x509, NID_basic_constraints, -1), -1); ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, loc)); ExpectIntEQ(wolfSSL_X509V3_EXT_print(bio, ext, 0, 0), WOLFSSL_SUCCESS); ExpectIntGT(loc = wolfSSL_X509_get_ext_by_NID(x509, NID_subject_key_identifier, -1), -1); ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, loc)); ExpectIntEQ(wolfSSL_X509V3_EXT_print(bio, ext, 0, 0), WOLFSSL_SUCCESS); ExpectIntGT(loc = wolfSSL_X509_get_ext_by_NID(x509, NID_authority_key_identifier, -1), -1); ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, loc)); ExpectIntEQ(wolfSSL_X509V3_EXT_print(bio, ext, 0, 0), WOLFSSL_SUCCESS); wolfSSL_BIO_free(bio); wolfSSL_X509_free(x509); } { X509 *x509 = NULL; BIO *bio = NULL; X509_EXTENSION *ext = NULL; unsigned int i = 0; unsigned int idx = 0; /* Some NIDs to test with */ int nids[] = { /* NID_key_usage, currently X509_get_ext returns this as a bit * string, which messes up X509V3_EXT_print */ /* NID_ext_key_usage, */ NID_subject_alt_name, }; int* n = NULL; ExpectNotNull(bio = BIO_new_fp(stderr, BIO_NOCLOSE)); ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFileExt, WOLFSSL_FILETYPE_PEM)); ExpectIntGT(fprintf(stderr, "\nPrinting extension values:\n"), 0); for (i = 0, n = nids; i<(sizeof(nids)/sizeof(int)); i++, n++) { /* X509_get_ext_by_NID should return 3 for now. If that changes then * update the index */ ExpectIntEQ((idx = X509_get_ext_by_NID(x509, *n, -1)), 3); ExpectNotNull(ext = X509_get_ext(x509, idx)); ExpectIntEQ(X509V3_EXT_print(bio, ext, 0, 0), 1); ExpectIntGT(fprintf(stderr, "\n"), 0); } BIO_free(bio); X509_free(x509); } #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_cmp(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_RSA) XFILE file1 = XBADFILE; XFILE file2 = XBADFILE; WOLFSSL_X509* cert1 = NULL; WOLFSSL_X509* cert2 = NULL; ExpectTrue((file1 = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE); ExpectTrue((file2 = XFOPEN("./certs/3072/client-cert.pem", "rb")) != XBADFILE); ExpectNotNull(cert1 = wolfSSL_PEM_read_X509(file1, NULL, NULL, NULL)); ExpectNotNull(cert2 = wolfSSL_PEM_read_X509(file2, NULL, NULL, NULL)); if (file1 != XBADFILE) fclose(file1); if (file2 != XBADFILE) fclose(file2); /* wolfSSL_X509_cmp() testing matching certs */ ExpectIntEQ(0, wolfSSL_X509_cmp(cert1, cert1)); /* wolfSSL_X509_cmp() testing mismatched certs */ ExpectIntEQ(-1, wolfSSL_X509_cmp(cert1, cert2)); /* wolfSSL_X509_cmp() testing NULL, valid args */ ExpectIntEQ(BAD_FUNC_ARG, wolfSSL_X509_cmp(NULL, cert2)); /* wolfSSL_X509_cmp() testing valid, NULL args */ ExpectIntEQ(BAD_FUNC_ARG, wolfSSL_X509_cmp(cert1, NULL)); /* wolfSSL_X509_cmp() testing NULL, NULL args */ ExpectIntEQ(BAD_FUNC_ARG, wolfSSL_X509_cmp(NULL, NULL)); wolfSSL_X509_free(cert1); wolfSSL_X509_free(cert2); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_PKEY_up_ref(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) EVP_PKEY* pkey; pkey = EVP_PKEY_new(); ExpectNotNull(pkey); ExpectIntEQ(EVP_PKEY_up_ref(NULL), 0); ExpectIntEQ(EVP_PKEY_up_ref(pkey), 1); EVP_PKEY_free(pkey); ExpectIntEQ(EVP_PKEY_up_ref(pkey), 1); EVP_PKEY_free(pkey); EVP_PKEY_free(pkey); #endif return EXPECT_RESULT(); } static int test_wolfSSL_d2i_and_i2d_PublicKey(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) EVP_PKEY* pkey = NULL; const unsigned char* p; unsigned char *der = NULL; unsigned char *tmp = NULL; int derLen; p = client_keypub_der_2048; /* Check that key can be successfully decoded. */ ExpectNotNull(pkey = wolfSSL_d2i_PublicKey(EVP_PKEY_RSA, NULL, &p, sizeof_client_keypub_der_2048)); /* Check that key can be successfully encoded. */ ExpectIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &der)), 0); /* Ensure that the encoded version matches the original. */ ExpectIntEQ(derLen, sizeof_client_keypub_der_2048); ExpectIntEQ(XMEMCMP(der, client_keypub_der_2048, derLen), 0); /* Do same test except with pre-allocated buffer to ensure the der pointer * is advanced. */ tmp = der; ExpectIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &tmp)), 0); ExpectIntEQ(derLen, sizeof_client_keypub_der_2048); ExpectIntEQ(XMEMCMP(der, client_keypub_der_2048, derLen), 0); ExpectTrue(der + derLen == tmp); XFREE(der, HEAP_HINT, DYNAMIC_TYPE_OPENSSL); EVP_PKEY_free(pkey); #endif return EXPECT_RESULT(); } static int test_wolfSSL_d2i_and_i2d_PublicKey_ecc(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && !defined(NO_CERTS) && \ !defined(NO_ASN) && !defined(NO_PWDBASED) EVP_PKEY* pkey = NULL; const unsigned char* p; unsigned char *der = NULL; unsigned char *tmp = NULL; int derLen; unsigned char pub_buf[65]; const int pub_len = 65; BN_CTX* ctx; EC_GROUP* curve = NULL; EC_KEY* ephemeral_key = NULL; const EC_POINT* h; /* Generate an x963 key pair and get public part into pub_buf */ ExpectNotNull(ctx = BN_CTX_new()); ExpectNotNull(curve = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1)); ExpectNotNull(ephemeral_key = EC_KEY_new_by_curve_name( NID_X9_62_prime256v1)); ExpectIntEQ(EC_KEY_generate_key(ephemeral_key), 1); ExpectNotNull(h = EC_KEY_get0_public_key(ephemeral_key)); ExpectIntEQ(pub_len, EC_POINT_point2oct(curve, h, POINT_CONVERSION_UNCOMPRESSED, pub_buf, pub_len, ctx)); /* Prepare the EVP_PKEY */ ExpectNotNull(pkey = EVP_PKEY_new()); p = pub_buf; /* Check that key can be successfully decoded. */ ExpectNotNull(wolfSSL_d2i_PublicKey(EVP_PKEY_EC, &pkey, &p, pub_len)); /* Check that key can be successfully encoded. */ ExpectIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &der)), 0); /* Ensure that the encoded version matches the original. */ ExpectIntEQ(derLen, pub_len); ExpectIntEQ(XMEMCMP(der, pub_buf, derLen), 0); /* Do same test except with pre-allocated buffer to ensure the der pointer * is advanced. */ tmp = der; ExpectIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &tmp)), 0); ExpectIntEQ(derLen, pub_len); ExpectIntEQ(XMEMCMP(der, pub_buf, derLen), 0); ExpectTrue(der + derLen == tmp); XFREE(der, HEAP_HINT, DYNAMIC_TYPE_OPENSSL); EVP_PKEY_free(pkey); EC_KEY_free(ephemeral_key); EC_GROUP_free(curve); #endif return EXPECT_RESULT(); } static int test_wolfSSL_d2i_and_i2d_DSAparams(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_DSA) DSA* dsa = NULL; byte derIn[] = { 0x30, 0x82, 0x01, 0x1f, 0x02, 0x81, 0x81, 0x00, 0xcd, 0xde, 0x25, 0x68, 0x80, 0x53, 0x0d, 0xe5, 0x77, 0xd6, 0xd2, 0x90, 0x39, 0x3f, 0x90, 0xa2, 0x3f, 0x33, 0x94, 0x6e, 0xe8, 0x4f, 0x2b, 0x63, 0xab, 0x30, 0xab, 0x15, 0xba, 0x11, 0xea, 0x8a, 0x5d, 0x8d, 0xcc, 0xb8, 0xd4, 0xa1, 0xd5, 0xc1, 0x47, 0x9d, 0x5a, 0x73, 0x6a, 0x62, 0x49, 0xd1, 0x06, 0x07, 0x67, 0xf6, 0x2f, 0xa3, 0x39, 0xbd, 0x4e, 0x0d, 0xb4, 0xd3, 0x22, 0x23, 0x84, 0xec, 0x93, 0x26, 0x5a, 0x49, 0xee, 0x7c, 0x89, 0x48, 0x66, 0x4d, 0xe8, 0xe8, 0xd8, 0x50, 0xfb, 0xa5, 0x71, 0x9f, 0x22, 0x18, 0xe5, 0xe6, 0x0b, 0x46, 0x87, 0x66, 0xee, 0x52, 0x8f, 0x46, 0x4f, 0xb5, 0x03, 0xce, 0xed, 0xe3, 0xbe, 0xe5, 0xb5, 0x81, 0xd2, 0x59, 0xe9, 0xc0, 0xad, 0x4d, 0xd0, 0x4d, 0x26, 0xf7, 0xba, 0x50, 0xe8, 0xc9, 0x8f, 0xfe, 0x24, 0x19, 0x3d, 0x2e, 0xa7, 0x52, 0x3c, 0x6d, 0x02, 0x15, 0x00, 0xfb, 0x47, 0xfb, 0xec, 0x81, 0x20, 0xc8, 0x1c, 0xe9, 0x4a, 0xba, 0x04, 0x6f, 0x19, 0x9b, 0x94, 0xee, 0x82, 0x67, 0xd3, 0x02, 0x81, 0x81, 0x00, 0x9b, 0x95, 0xbb, 0x85, 0xc5, 0x58, 0x4a, 0x32, 0x9c, 0xaa, 0x44, 0x85, 0xd6, 0x68, 0xdc, 0x3e, 0x14, 0xf4, 0xce, 0x6d, 0xa3, 0x49, 0x38, 0xea, 0xd6, 0x61, 0x48, 0x92, 0x5a, 0x40, 0x95, 0x49, 0x38, 0xaa, 0xe1, 0x39, 0x29, 0x68, 0x58, 0x47, 0x8a, 0x4b, 0x01, 0xe1, 0x2e, 0x8e, 0x6c, 0x63, 0x6f, 0x40, 0xca, 0x50, 0x3f, 0x8c, 0x0b, 0x99, 0xe4, 0x72, 0x42, 0xb8, 0xb1, 0xc2, 0x26, 0x48, 0xf1, 0x9c, 0x83, 0xc6, 0x37, 0x2e, 0x5a, 0xae, 0x11, 0x09, 0xd9, 0xf3, 0xad, 0x1f, 0x6f, 0xad, 0xad, 0x50, 0xe3, 0x78, 0x32, 0xe6, 0xde, 0x8e, 0xaa, 0xbf, 0xd1, 0x00, 0x9f, 0xb3, 0x02, 0x12, 0x19, 0xa2, 0x15, 0xec, 0x14, 0x18, 0x5c, 0x0e, 0x26, 0xce, 0xf9, 0xae, 0xcc, 0x7b, 0xb5, 0xd1, 0x26, 0xfc, 0x85, 0xfe, 0x14, 0x93, 0xb6, 0x9d, 0x7d, 0x76, 0xe3, 0x35, 0x97, 0x1e, 0xde, 0xc4 }; int derInLen = sizeof(derIn); byte* derOut = NULL; int derOutLen; byte* p = derIn; /* Check that params can be successfully decoded. */ ExpectNotNull(dsa = d2i_DSAparams(NULL, (const byte**)&p, derInLen)); /* Check that params can be successfully encoded. */ ExpectIntGE((derOutLen = i2d_DSAparams(dsa, &derOut)), 0); /* Ensure that the encoded version matches the original. */ ExpectIntEQ(derInLen, derOutLen); ExpectIntEQ(XMEMCMP(derIn, derOut, derInLen), 0); XFREE(derOut, HEAP_HINT, DYNAMIC_TYPE_OPENSSL); DSA_free(dsa); #endif return EXPECT_RESULT(); } static int test_wolfSSL_i2d_PrivateKey(void) { EXPECT_DECLS; #if (!defined(NO_RSA) || defined(HAVE_ECC)) && defined(OPENSSL_EXTRA) && \ !defined(NO_ASN) && !defined(NO_PWDBASED) #if !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048) { EVP_PKEY* pkey = NULL; const unsigned char* server_key = (const unsigned char*)server_key_der_2048; unsigned char buf[FOURK_BUF]; unsigned char* pt = NULL; int bufSz = 0; ExpectNotNull(pkey = d2i_PrivateKey(EVP_PKEY_RSA, NULL, &server_key, (long)sizeof_server_key_der_2048)); ExpectIntEQ(i2d_PrivateKey(pkey, NULL), 1193); pt = buf; ExpectIntEQ((bufSz = i2d_PrivateKey(pkey, &pt)), 1193); ExpectIntNE((pt - buf), 0); ExpectIntEQ(XMEMCMP(buf, server_key_der_2048, bufSz), 0); EVP_PKEY_free(pkey); } #endif #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256) { EVP_PKEY* pkey = NULL; const unsigned char* client_key = (const unsigned char*)ecc_clikey_der_256; unsigned char buf[FOURK_BUF]; unsigned char* pt = NULL; int bufSz = 0; ExpectNotNull((pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &client_key, (long)sizeof_ecc_clikey_der_256))); ExpectIntEQ(i2d_PrivateKey(pkey, NULL), 121); pt = buf; ExpectIntEQ((bufSz = i2d_PrivateKey(pkey, &pt)), 121); ExpectIntNE((pt - buf), 0); ExpectIntEQ(XMEMCMP(buf, ecc_clikey_der_256, bufSz), 0); EVP_PKEY_free(pkey); } #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_OCSP_id_get0_info(void) { EXPECT_DECLS; #if (defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY)) && \ defined(HAVE_OCSP) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) X509* cert = NULL; X509* issuer = NULL; OCSP_CERTID* id = NULL; OCSP_CERTID* id2 = NULL; ASN1_STRING* name = NULL; ASN1_OBJECT* pmd = NULL; ASN1_STRING* keyHash = NULL; ASN1_INTEGER* serial = NULL; ASN1_INTEGER* x509Int = NULL; ExpectNotNull(cert = wolfSSL_X509_load_certificate_file(svrCertFile, SSL_FILETYPE_PEM)); ExpectNotNull(issuer = wolfSSL_X509_load_certificate_file(caCertFile, SSL_FILETYPE_PEM)); ExpectNotNull(id = OCSP_cert_to_id(NULL, cert, issuer)); ExpectNotNull(id2 = OCSP_cert_to_id(NULL, cert, issuer)); ExpectIntEQ(OCSP_id_get0_info(NULL, NULL, NULL, NULL, NULL), 0); ExpectIntEQ(OCSP_id_get0_info(NULL, NULL, NULL, NULL, id), 1); /* name, pmd, keyHash not supported yet, expect failure if not NULL */ ExpectIntEQ(OCSP_id_get0_info(&name, NULL, NULL, NULL, id), 0); ExpectIntEQ(OCSP_id_get0_info(NULL, &pmd, NULL, NULL, id), 0); ExpectIntEQ(OCSP_id_get0_info(NULL, NULL, &keyHash, NULL, id), 0); ExpectIntEQ(OCSP_id_get0_info(NULL, NULL, NULL, &serial, id), 1); ExpectNotNull(serial); /* compare serial number to one in cert, should be equal */ ExpectNotNull(x509Int = X509_get_serialNumber(cert)); ExpectIntEQ(x509Int->length, serial->length); ExpectIntEQ(XMEMCMP(x509Int->data, serial->data, serial->length), 0); /* test OCSP_id_cmp */ ExpectIntNE(OCSP_id_cmp(NULL, NULL), 0); ExpectIntNE(OCSP_id_cmp(id, NULL), 0); ExpectIntNE(OCSP_id_cmp(NULL, id2), 0); ExpectIntEQ(OCSP_id_cmp(id, id2), 0); if (id != NULL) { id->issuerHash[0] = ~id->issuerHash[0]; } ExpectIntNE(OCSP_id_cmp(id, id2), 0); OCSP_CERTID_free(id); OCSP_CERTID_free(id2); X509_free(cert); /* free's x509Int */ X509_free(issuer); #endif return EXPECT_RESULT(); } static int test_wolfSSL_i2d_OCSP_CERTID(void) { EXPECT_DECLS; #if (defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY)) && defined(HAVE_OCSP) WOLFSSL_OCSP_CERTID certId; byte* targetBuffer = NULL; byte* p; /* OCSP CertID bytes taken from PCAP */ byte rawCertId[] = { 0x30, 0x49, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14, 0x80, 0x51, 0x06, 0x01, 0x32, 0xad, 0x9a, 0xc2, 0x7d, 0x51, 0x87, 0xa0, 0xe8, 0x87, 0xfb, 0x01, 0x62, 0x01, 0x55, 0xee, 0x04, 0x14, 0x03, 0xde, 0x50, 0x35, 0x56, 0xd1, 0x4c, 0xbb, 0x66, 0xf0, 0xa3, 0xe2, 0x1b, 0x1b, 0xc3, 0x97, 0xb2, 0x3d, 0xd1, 0x55, 0x02, 0x10, 0x01, 0xfd, 0xa3, 0xeb, 0x6e, 0xca, 0x75, 0xc8, 0x88, 0x43, 0x8b, 0x72, 0x4b, 0xcf, 0xbc, 0x91 }; int ret = 0; int i; XMEMSET(&certId, 0, sizeof(WOLFSSL_OCSP_CERTID)); certId.rawCertId = rawCertId; certId.rawCertIdSize = sizeof(rawCertId); ExpectNotNull(targetBuffer = (byte*)XMALLOC(sizeof(rawCertId), NULL, DYNAMIC_TYPE_TMP_BUFFER)); p = targetBuffer; /* Function returns the size of the encoded data. */ ExpectIntEQ(ret = wolfSSL_i2d_OCSP_CERTID(&certId, &p), sizeof(rawCertId)); /* If target buffer is not null, function increments targetBuffer to point * just past the end of the encoded data. */ ExpectPtrEq(p, (targetBuffer + sizeof(rawCertId))); for (i = 0; EXPECT_SUCCESS() && i < ret; ++i) { ExpectIntEQ(targetBuffer[i], rawCertId[i]); } XFREE(targetBuffer, NULL, DYNAMIC_TYPE_TMP_BUFFER); targetBuffer = NULL; /* If target buffer is null, function allocates memory for a buffer and * copies the encoded data into it. targetBuffer then points to the start of * this newly allocate buffer. */ ExpectIntEQ(ret = wolfSSL_i2d_OCSP_CERTID(&certId, &targetBuffer), sizeof(rawCertId)); for (i = 0; EXPECT_SUCCESS() && i < ret; ++i) { ExpectIntEQ(targetBuffer[i], rawCertId[i]); } XFREE(targetBuffer, NULL, DYNAMIC_TYPE_OPENSSL); #endif return EXPECT_RESULT(); } static int test_wolfSSL_d2i_OCSP_CERTID(void) { EXPECT_DECLS; #if (defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY)) && defined(HAVE_OCSP) WOLFSSL_OCSP_CERTID* certId; WOLFSSL_OCSP_CERTID* certIdGood; WOLFSSL_OCSP_CERTID* certIdBad; const unsigned char* rawCertIdPtr; const unsigned char rawCertId[] = { 0x30, 0x49, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14, 0x80, 0x51, 0x06, 0x01, 0x32, 0xad, 0x9a, 0xc2, 0x7d, 0x51, 0x87, 0xa0, 0xe8, 0x87, 0xfb, 0x01, 0x62, 0x01, 0x55, 0xee, 0x04, 0x14, 0x03, 0xde, 0x50, 0x35, 0x56, 0xd1, 0x4c, 0xbb, 0x66, 0xf0, 0xa3, 0xe2, 0x1b, 0x1b, 0xc3, 0x97, 0xb2, 0x3d, 0xd1, 0x55, 0x02, 0x10, 0x01, 0xfd, 0xa3, 0xeb, 0x6e, 0xca, 0x75, 0xc8, 0x88, 0x43, 0x8b, 0x72, 0x4b, 0xcf, 0xbc, 0x91 }; rawCertIdPtr = &rawCertId[0]; /* If the cert ID is NULL the function should allocate it and copy the * data to it. */ certId = NULL; ExpectNotNull(certId = wolfSSL_d2i_OCSP_CERTID(&certId, &rawCertIdPtr, sizeof(rawCertId))); ExpectIntEQ(certId->rawCertIdSize, sizeof(rawCertId)); if (certId != NULL) { XFREE(certId->rawCertId, NULL, DYNAMIC_TYPE_OPENSSL); XFREE(certId, NULL, DYNAMIC_TYPE_OPENSSL); } /* If the cert ID is not NULL the function will just copy the data to it. */ ExpectNotNull(certId = (WOLFSSL_OCSP_CERTID*)XMALLOC(sizeof(*certId), NULL, DYNAMIC_TYPE_TMP_BUFFER)); ExpectNotNull(certId); ExpectNotNull(XMEMSET(certId, 0, sizeof(*certId))); /* Reset rawCertIdPtr since it was push forward in the previous call. */ rawCertIdPtr = &rawCertId[0]; ExpectNotNull(certIdGood = wolfSSL_d2i_OCSP_CERTID(&certId, &rawCertIdPtr, sizeof(rawCertId))); ExpectPtrEq(certIdGood, certId); ExpectIntEQ(certId->rawCertIdSize, sizeof(rawCertId)); if (certId != NULL) { XFREE(certId->rawCertId, NULL, DYNAMIC_TYPE_OPENSSL); XFREE(certId, NULL, DYNAMIC_TYPE_TMP_BUFFER); certId = NULL; } /* The below tests should fail when passed bad parameters. NULL should * always be returned. */ ExpectNull(certIdBad = wolfSSL_d2i_OCSP_CERTID(NULL, &rawCertIdPtr, sizeof(rawCertId))); ExpectNull(certIdBad = wolfSSL_d2i_OCSP_CERTID(&certId, NULL, sizeof(rawCertId))); ExpectNull(certIdBad = wolfSSL_d2i_OCSP_CERTID(&certId, &rawCertIdPtr, 0)); #endif return EXPECT_RESULT(); } static int test_wolfSSL_OCSP_id_cmp(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && defined(HAVE_OCSP) OCSP_CERTID id1; OCSP_CERTID id2; XMEMSET(&id1, 0, sizeof(id1)); XMEMSET(&id2, 0, sizeof(id2)); ExpectIntEQ(OCSP_id_cmp(&id1, &id2), 0); ExpectIntNE(OCSP_id_cmp(NULL, NULL), 0); ExpectIntNE(OCSP_id_cmp(&id1, NULL), 0); ExpectIntNE(OCSP_id_cmp(NULL, &id2), 0); #endif return EXPECT_RESULT(); } static int test_wolfSSL_OCSP_SINGLERESP_get0_id(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && defined(HAVE_OCSP) WOLFSSL_OCSP_SINGLERESP single; const WOLFSSL_OCSP_CERTID* certId; XMEMSET(&single, 0, sizeof(single)); certId = wolfSSL_OCSP_SINGLERESP_get0_id(&single); ExpectPtrEq(&single, certId); ExpectNull(wolfSSL_OCSP_SINGLERESP_get0_id(NULL)); #endif return EXPECT_RESULT(); } static int test_wolfSSL_OCSP_single_get0_status(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && defined(HAVE_OCSP) WOLFSSL_OCSP_SINGLERESP single; CertStatus certStatus; WOLFSSL_ASN1_TIME* thisDate; WOLFSSL_ASN1_TIME* nextDate; int ret, i; XMEMSET(&single, 0, sizeof(WOLFSSL_OCSP_SINGLERESP)); XMEMSET(&certStatus, 0, sizeof(CertStatus)); /* Fill the date fields with some dummy data. */ for (i = 0; i < CTC_DATE_SIZE; ++i) { certStatus.thisDateParsed.data[i] = i; certStatus.nextDateParsed.data[i] = i; } certStatus.status = CERT_GOOD; single.status = &certStatus; ret = wolfSSL_OCSP_single_get0_status(&single, NULL, NULL, &thisDate, &nextDate); ExpectIntEQ(ret, CERT_GOOD); ExpectPtrEq(thisDate, &certStatus.thisDateParsed); ExpectPtrEq(nextDate, &certStatus.nextDateParsed); ExpectIntEQ(wolfSSL_OCSP_single_get0_status(NULL, NULL, NULL, NULL, NULL), CERT_GOOD); ExpectIntEQ(wolfSSL_OCSP_single_get0_status(&single, NULL, NULL, NULL, NULL), CERT_GOOD); #endif return EXPECT_RESULT(); } static int test_wolfSSL_OCSP_resp_count(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && defined(HAVE_OCSP) WOLFSSL_OCSP_BASICRESP basicResp; WOLFSSL_OCSP_SINGLERESP singleRespOne; WOLFSSL_OCSP_SINGLERESP singleRespTwo; XMEMSET(&basicResp, 0, sizeof(WOLFSSL_OCSP_BASICRESP)); XMEMSET(&singleRespOne, 0, sizeof(WOLFSSL_OCSP_SINGLERESP)); XMEMSET(&singleRespTwo, 0, sizeof(WOLFSSL_OCSP_SINGLERESP)); ExpectIntEQ(wolfSSL_OCSP_resp_count(&basicResp), 0); basicResp.single = &singleRespOne; ExpectIntEQ(wolfSSL_OCSP_resp_count(&basicResp), 1); singleRespOne.next = &singleRespTwo; ExpectIntEQ(wolfSSL_OCSP_resp_count(&basicResp), 2); #endif return EXPECT_RESULT(); } static int test_wolfSSL_OCSP_resp_get0(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && defined(HAVE_OCSP) WOLFSSL_OCSP_BASICRESP basicResp; WOLFSSL_OCSP_SINGLERESP singleRespOne; WOLFSSL_OCSP_SINGLERESP singleRespTwo; XMEMSET(&basicResp, 0, sizeof(WOLFSSL_OCSP_BASICRESP)); XMEMSET(&singleRespOne, 0, sizeof(WOLFSSL_OCSP_SINGLERESP)); XMEMSET(&singleRespTwo, 0, sizeof(WOLFSSL_OCSP_SINGLERESP)); basicResp.single = &singleRespOne; singleRespOne.next = &singleRespTwo; ExpectPtrEq(wolfSSL_OCSP_resp_get0(&basicResp, 0), &singleRespOne); ExpectPtrEq(wolfSSL_OCSP_resp_get0(&basicResp, 1), &singleRespTwo); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_PKEY_derive(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || defined(WOLFSSL_OPENSSH) #if (!defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)) || defined(HAVE_ECC) EVP_PKEY_CTX *ctx = NULL; unsigned char *skey = NULL; size_t skeylen; EVP_PKEY *pkey = NULL; EVP_PKEY *peerkey = NULL; const unsigned char* key; #if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) /* DH */ key = dh_key_der_2048; ExpectNotNull((pkey = d2i_PrivateKey(EVP_PKEY_DH, NULL, &key, sizeof_dh_key_der_2048))); ExpectIntEQ(DH_generate_key(EVP_PKEY_get0_DH(pkey)), 1); key = dh_key_der_2048; ExpectNotNull((peerkey = d2i_PrivateKey(EVP_PKEY_DH, NULL, &key, sizeof_dh_key_der_2048))); ExpectIntEQ(DH_generate_key(EVP_PKEY_get0_DH(peerkey)), 1); ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL)); ExpectIntEQ(EVP_PKEY_derive_init(ctx), 1); ExpectIntEQ(EVP_PKEY_derive_set_peer(ctx, peerkey), 1); ExpectIntEQ(EVP_PKEY_derive(ctx, NULL, &skeylen), 1); ExpectNotNull(skey = (unsigned char*)XMALLOC(skeylen, NULL, DYNAMIC_TYPE_OPENSSL)); ExpectIntEQ(EVP_PKEY_derive(ctx, skey, &skeylen), 1); EVP_PKEY_CTX_free(ctx); ctx = NULL; EVP_PKEY_free(peerkey); peerkey = NULL; EVP_PKEY_free(pkey); pkey = NULL; XFREE(skey, NULL, DYNAMIC_TYPE_OPENSSL); skey = NULL; #endif #ifdef HAVE_ECC /* ECDH */ key = ecc_clikey_der_256; ExpectNotNull((pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &key, sizeof_ecc_clikey_der_256))); key = ecc_clikeypub_der_256; ExpectNotNull((peerkey = d2i_PUBKEY(NULL, &key, sizeof_ecc_clikeypub_der_256))); ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL)); ExpectIntEQ(EVP_PKEY_derive_init(ctx), 1); ExpectIntEQ(EVP_PKEY_derive_set_peer(ctx, peerkey), 1); ExpectIntEQ(EVP_PKEY_derive(ctx, NULL, &skeylen), 1); ExpectNotNull(skey = (unsigned char*)XMALLOC(skeylen, NULL, DYNAMIC_TYPE_OPENSSL)); ExpectIntEQ(EVP_PKEY_derive(ctx, skey, &skeylen), 1); EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(peerkey); EVP_PKEY_free(pkey); XFREE(skey, NULL, DYNAMIC_TYPE_OPENSSL); #endif /* HAVE_ECC */ #endif /* (!NO_DH && WOLFSSL_DH_EXTRA) || HAVE_ECC */ #endif /* OPENSSL_ALL || WOLFSSL_QT || WOLFSSL_OPENSSH */ return EXPECT_RESULT(); } static int test_wolfSSL_EVP_PBE_scrypt(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_SCRYPT) && defined(HAVE_PBKDF2) && \ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 5)) #if !defined(NO_PWDBASED) && !defined(NO_SHA256) int ret; const char pwd[] = {'p','a','s','s','w','o','r','d'}; int pwdlen = sizeof(pwd); const byte salt[] = {'N','a','C','l'}; int saltlen = sizeof(salt); byte key[80]; word64 numOvr32 = (word64)INT32_MAX + 1; /* expected derived key for N:16, r:1, p:1 */ const byte expectedKey[] = { 0xAE, 0xC6, 0xB7, 0x48, 0x3E, 0xD2, 0x6E, 0x08, 0x80, 0x2B, 0x41, 0xF4, 0x03, 0x20, 0x86, 0xA0, 0xE8, 0x86, 0xBE, 0x7A, 0xC4, 0x8F, 0xCF, 0xD9, 0x2F, 0xF0, 0xCE, 0xF8, 0x10, 0x97, 0x52, 0xF4, 0xAC, 0x74, 0xB0, 0x77, 0x26, 0x32, 0x56, 0xA6, 0x5A, 0x99, 0x70, 0x1B, 0x7A, 0x30, 0x4D, 0x46, 0x61, 0x1C, 0x8A, 0xA3, 0x91, 0xE7, 0x99, 0xCE, 0x10, 0xA2, 0x77, 0x53, 0xE7, 0xE9, 0xC0, 0x9A}; /* N r p mx key keylen */ ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 0, 1, 1, 0, key, 64); ExpectIntEQ(ret, 0); /* N must be greater than 1 */ ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 3, 1, 1, 0, key, 64); ExpectIntEQ(ret, 0); /* N must be power of 2 */ ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 0, 1, 0, key, 64); ExpectIntEQ(ret, 0); /* r must be greater than 0 */ ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, 0, 0, key, 64); ExpectIntEQ(ret, 0); /* p must be greater than 0 */ ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, 1, 0, key, 0); ExpectIntEQ(ret, 0); /* keylen must be greater than 0 */ ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 9, 1, 0, key, 64); ExpectIntEQ(ret, 0); /* r must be smaller than 9 */ ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, 1, 0, NULL, 64); ExpectIntEQ(ret, 1); /* should succeed if key is NULL */ ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, 1, 0, key, 64); ExpectIntEQ(ret, 1); /* should succeed */ ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, numOvr32, 1, 0, key, 64); ExpectIntEQ(ret, 0); /* should fail since r is greater than INT32_MAC */ ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, numOvr32, 0, key, 64); ExpectIntEQ(ret, 0); /* should fail since p is greater than INT32_MAC */ ret = EVP_PBE_scrypt(pwd, pwdlen, NULL, 0, 2, 1, 1, 0, key, 64); ExpectIntEQ(ret, 1); /* should succeed even if salt is NULL */ ret = EVP_PBE_scrypt(pwd, pwdlen, NULL, 4, 2, 1, 1, 0, key, 64); ExpectIntEQ(ret, 0); /* if salt is NULL, saltlen must be 0, otherwise fail*/ ret = EVP_PBE_scrypt(NULL, 0, salt, saltlen, 2, 1, 1, 0, key, 64); ExpectIntEQ(ret, 1); /* should succeed if pwd is NULL and pwdlen is 0*/ ret = EVP_PBE_scrypt(NULL, 4, salt, saltlen, 2, 1, 1, 0, key, 64); ExpectIntEQ(ret, 0); /* if pwd is NULL, pwdlen must be 0 */ ret = EVP_PBE_scrypt(NULL, 0, NULL, 0, 2, 1, 1, 0, key, 64); ExpectIntEQ(ret, 1); /* should succeed even both pwd and salt are NULL */ ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 16, 1, 1, 0, key, 64); ExpectIntEQ(ret, 1); ret = XMEMCMP(expectedKey, key, sizeof(expectedKey)); ExpectIntEQ(ret, 0); /* derived key must be the same as expected-key */ #endif /* !NO_PWDBASED && !NO_SHA256 */ #endif /* OPENSSL_EXTRA && HAVE_SCRYPT && HAVE_PBKDF2 */ return EXPECT_RESULT(); } static int test_no_op_functions(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) /* this makes sure wolfSSL can compile and run these no-op functions */ SSL_load_error_strings(); ENGINE_load_builtin_engines(); OpenSSL_add_all_ciphers(); ExpectIntEQ(CRYPTO_malloc_init(), 0); #endif return EXPECT_RESULT(); } static int test_wolfSSL_CRYPTO_memcmp(void) { EXPECT_DECLS; #ifdef OPENSSL_EXTRA char a[] = "wolfSSL (formerly CyaSSL) is a small, fast, portable " "implementation of TLS/SSL for embedded devices to the cloud."; char b[] = "wolfSSL (formerly CyaSSL) is a small, fast, portable " "implementation of TLS/SSL for embedded devices to the cloud."; char c[] = "wolfSSL (formerly CyaSSL) is a small, fast, portable " "implementation of TLS/SSL for embedded devices to the cloud!"; ExpectIntEQ(CRYPTO_memcmp(a, b, sizeof(a)), 0); ExpectIntNE(CRYPTO_memcmp(a, c, sizeof(a)), 0); #endif return EXPECT_RESULT(); } /*----------------------------------------------------------------------------* | wolfCrypt ASN *----------------------------------------------------------------------------*/ static int test_wc_CreateEncryptedPKCS8Key(void) { EXPECT_DECLS; #if defined(HAVE_PKCS8) && !defined(NO_PWDBASED) && defined(WOLFSSL_AES_256) \ && !defined(NO_AES_CBC) && !defined(NO_RSA) && !defined(NO_SHA) WC_RNG rng; byte* encKey = NULL; word32 encKeySz = 0; word32 decKeySz = 0; const char password[] = "Lorem ipsum dolor sit amet"; word32 passwordSz = (word32)XSTRLEN(password); word32 tradIdx = 0; XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_InitRng(&rng), 0); /* Call with NULL for out buffer to get necessary length. */ ExpectIntEQ(wc_CreateEncryptedPKCS8Key((byte*)server_key_der_2048, sizeof_server_key_der_2048, NULL, &encKeySz, password, passwordSz, PKCS5, PBES2, AES256CBCb, NULL, 0, WC_PKCS12_ITT_DEFAULT, &rng, NULL), LENGTH_ONLY_E); ExpectNotNull(encKey = (byte*)XMALLOC(encKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); /* Call with the allocated out buffer. */ ExpectIntGT(wc_CreateEncryptedPKCS8Key((byte*)server_key_der_2048, sizeof_server_key_der_2048, encKey, &encKeySz, password, passwordSz, PKCS5, PBES2, AES256CBCb, NULL, 0, WC_PKCS12_ITT_DEFAULT, &rng, NULL), 0); /* Decrypt the encrypted PKCS8 key we just made. */ ExpectIntGT((decKeySz = wc_DecryptPKCS8Key(encKey, encKeySz, password, passwordSz)), 0); /* encKey now holds the decrypted key (decrypted in place). */ ExpectIntGT(wc_GetPkcs8TraditionalOffset(encKey, &tradIdx, decKeySz), 0); /* Check that the decrypted key matches the key prior to encryption. */ ExpectIntEQ(XMEMCMP(encKey + tradIdx, server_key_der_2048, sizeof_server_key_der_2048), 0); XFREE(encKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_FreeRng(&rng); #endif return EXPECT_RESULT(); } static int test_wc_GetPkcs8TraditionalOffset(void) { EXPECT_DECLS; #if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(HAVE_PKCS8) int length; int derSz = 0; word32 inOutIdx; const char* path = "./certs/server-keyPkcs8.der"; XFILE file = XBADFILE; byte der[2048]; ExpectTrue((file = XFOPEN(path, "rb")) != XBADFILE); ExpectIntGT(derSz = (int)XFREAD(der, 1, sizeof(der), file), 0); if (file != XBADFILE) XFCLOSE(file); /* valid case */ inOutIdx = 0; ExpectIntGT(length = wc_GetPkcs8TraditionalOffset(der, &inOutIdx, derSz), 0); /* inOutIdx > sz */ inOutIdx = 4000; ExpectIntEQ(length = wc_GetPkcs8TraditionalOffset(der, &inOutIdx, derSz), BAD_FUNC_ARG); /* null input */ inOutIdx = 0; ExpectIntEQ(length = wc_GetPkcs8TraditionalOffset(NULL, &inOutIdx, 0), BAD_FUNC_ARG); /* invalid input, fill buffer with 1's */ XMEMSET(der, 1, sizeof(der)); inOutIdx = 0; ExpectIntEQ(length = wc_GetPkcs8TraditionalOffset(der, &inOutIdx, derSz), ASN_PARSE_E); #endif /* NO_ASN */ return EXPECT_RESULT(); } static int test_wc_SetSubjectRaw(void) { EXPECT_DECLS; #if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \ defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT) && !defined(NO_RSA) const char* joiCertFile = "./certs/test/cert-ext-joi.der"; WOLFSSL_X509* x509 = NULL; int peerCertSz; const byte* peerCertBuf = NULL; Cert forgedCert; ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(joiCertFile, WOLFSSL_FILETYPE_ASN1)); ExpectNotNull(peerCertBuf = wolfSSL_X509_get_der(x509, &peerCertSz)); ExpectIntEQ(0, wc_InitCert(&forgedCert)); ExpectIntEQ(0, wc_SetSubjectRaw(&forgedCert, peerCertBuf, peerCertSz)); wolfSSL_FreeX509(x509); #endif return EXPECT_RESULT(); } static int test_wc_GetSubjectRaw(void) { EXPECT_DECLS; #if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \ defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT) Cert cert; byte *subjectRaw; ExpectIntEQ(0, wc_InitCert(&cert)); ExpectIntEQ(0, wc_GetSubjectRaw(&subjectRaw, &cert)); #endif return EXPECT_RESULT(); } static int test_wc_SetIssuerRaw(void) { EXPECT_DECLS; #if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \ defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT) && !defined(NO_RSA) const char* joiCertFile = "./certs/test/cert-ext-joi.der"; WOLFSSL_X509* x509 = NULL; int peerCertSz; const byte* peerCertBuf; Cert forgedCert; ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(joiCertFile, WOLFSSL_FILETYPE_ASN1)); ExpectNotNull(peerCertBuf = wolfSSL_X509_get_der(x509, &peerCertSz)); ExpectIntEQ(0, wc_InitCert(&forgedCert)); ExpectIntEQ(0, wc_SetIssuerRaw(&forgedCert, peerCertBuf, peerCertSz)); wolfSSL_FreeX509(x509); #endif return EXPECT_RESULT(); } static int test_wc_SetIssueBuffer(void) { EXPECT_DECLS; #if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \ defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT) && !defined(NO_RSA) const char* joiCertFile = "./certs/test/cert-ext-joi.der"; WOLFSSL_X509* x509 = NULL; int peerCertSz; const byte* peerCertBuf; Cert forgedCert; ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(joiCertFile, WOLFSSL_FILETYPE_ASN1)); ExpectNotNull(peerCertBuf = wolfSSL_X509_get_der(x509, &peerCertSz)); ExpectIntEQ(0, wc_InitCert(&forgedCert)); ExpectIntEQ(0, wc_SetIssuerBuffer(&forgedCert, peerCertBuf, peerCertSz)); wolfSSL_FreeX509(x509); #endif return EXPECT_RESULT(); } /* * Testing wc_SetSubjectKeyId */ static int test_wc_SetSubjectKeyId(void) { EXPECT_DECLS; #if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \ defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT) && defined(HAVE_ECC) Cert cert; const char* file = "certs/ecc-client-keyPub.pem"; ExpectIntEQ(0, wc_InitCert(&cert)); ExpectIntEQ(0, wc_SetSubjectKeyId(&cert, file)); ExpectIntEQ(BAD_FUNC_ARG, wc_SetSubjectKeyId(NULL, file)); ExpectIntGT(0, wc_SetSubjectKeyId(&cert, "badfile.name")); #endif return EXPECT_RESULT(); } /* END test_wc_SetSubjectKeyId */ /* * Testing wc_SetSubject */ static int test_wc_SetSubject(void) { EXPECT_DECLS; #if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \ defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT) && defined(HAVE_ECC) Cert cert; const char* file = "./certs/ca-ecc-cert.pem"; ExpectIntEQ(0, wc_InitCert(&cert)); ExpectIntEQ(0, wc_SetSubject(&cert, file)); ExpectIntEQ(BAD_FUNC_ARG, wc_SetSubject(NULL, file)); ExpectIntGT(0, wc_SetSubject(&cert, "badfile.name")); #endif return EXPECT_RESULT(); } /* END test_wc_SetSubject */ static int test_CheckCertSignature(void) { EXPECT_DECLS; #if !defined(NO_CERTS) && defined(WOLFSSL_SMALL_CERT_VERIFY) WOLFSSL_CERT_MANAGER* cm = NULL; #if !defined(NO_FILESYSTEM) && (!defined(NO_RSA) || defined(HAVE_ECC)) XFILE fp = XBADFILE; byte cert[4096]; int certSz; #endif ExpectIntEQ(BAD_FUNC_ARG, CheckCertSignature(NULL, 0, NULL, NULL)); ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL)); ExpectIntEQ(BAD_FUNC_ARG, CheckCertSignature(NULL, 0, NULL, cm)); #ifndef NO_RSA #ifdef USE_CERT_BUFFERS_1024 ExpectIntEQ(ASN_NO_SIGNER_E, CheckCertSignature(server_cert_der_1024, sizeof_server_cert_der_1024, NULL, cm)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCABuffer(cm, ca_cert_der_1024, sizeof_ca_cert_der_1024, WOLFSSL_FILETYPE_ASN1)); ExpectIntEQ(0, CheckCertSignature(server_cert_der_1024, sizeof_server_cert_der_1024, NULL, cm)); #elif defined(USE_CERT_BUFFERS_2048) ExpectIntEQ(ASN_NO_SIGNER_E, CheckCertSignature(server_cert_der_2048, sizeof_server_cert_der_2048, NULL, cm)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCABuffer(cm, ca_cert_der_2048, sizeof_ca_cert_der_2048, WOLFSSL_FILETYPE_ASN1)); ExpectIntEQ(0, CheckCertSignature(server_cert_der_2048, sizeof_server_cert_der_2048, NULL, cm)); #endif #endif #if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256) ExpectIntEQ(ASN_NO_SIGNER_E, CheckCertSignature(serv_ecc_der_256, sizeof_serv_ecc_der_256, NULL, cm)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCABuffer(cm, ca_ecc_cert_der_256, sizeof_ca_ecc_cert_der_256, WOLFSSL_FILETYPE_ASN1)); ExpectIntEQ(0, CheckCertSignature(serv_ecc_der_256, sizeof_serv_ecc_der_256, NULL, cm)); #endif #if !defined(NO_FILESYSTEM) wolfSSL_CertManagerFree(cm); cm = NULL; ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL)); #ifndef NO_RSA ExpectTrue((fp = XFOPEN("./certs/server-cert.der", "rb")) != XBADFILE); ExpectIntGT((certSz = (int)XFREAD(cert, 1, sizeof(cert), fp)), 0); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } ExpectIntEQ(ASN_NO_SIGNER_E, CheckCertSignature(cert, certSz, NULL, cm)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCA(cm, "./certs/ca-cert.pem", NULL)); ExpectIntEQ(0, CheckCertSignature(cert, certSz, NULL, cm)); #endif #ifdef HAVE_ECC ExpectTrue((fp = XFOPEN("./certs/server-ecc.der", "rb")) != XBADFILE); ExpectIntGT((certSz = (int)XFREAD(cert, 1, sizeof(cert), fp)), 0); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } ExpectIntEQ(ASN_NO_SIGNER_E, CheckCertSignature(cert, certSz, NULL, cm)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCA(cm, "./certs/ca-ecc-cert.pem", NULL)); ExpectIntEQ(0, CheckCertSignature(cert, certSz, NULL, cm)); #endif #endif #if !defined(NO_FILESYSTEM) && (!defined(NO_RSA) || defined(HAVE_ECC)) (void)fp; (void)cert; (void)certSz; #endif wolfSSL_CertManagerFree(cm); #endif return EXPECT_RESULT(); } static int test_wc_ParseCert(void) { EXPECT_DECLS; #if !defined(NO_CERTS) && !defined(NO_RSA) DecodedCert decodedCert; const byte* rawCert = client_cert_der_2048; const int rawCertSize = sizeof_client_cert_der_2048; wc_InitDecodedCert(&decodedCert, rawCert, rawCertSize, NULL); ExpectIntEQ(wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL), 0); #ifndef IGNORE_NAME_CONSTRAINTS /* check that the subjects emailAddress was not put in the alt name list */ ExpectNotNull(decodedCert.subjectEmail); ExpectNull(decodedCert.altEmailNames); #endif wc_FreeDecodedCert(&decodedCert); #endif return EXPECT_RESULT(); } /* Test wc_ParseCert decoding of various encodings and scenarios ensuring that * the API safely errors out on badly-formed ASN input. * NOTE: Test not compatible with released FIPS implementations! */ static int test_wc_ParseCert_Error(void) { EXPECT_DECLS; #if !defined(NO_CERTS) && !defined(NO_RSA) && !defined(HAVE_SELFTEST) && \ (!defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) DecodedCert decodedCert; int i; /* Certificate data */ const byte c0[] = { 0x30, 0x04, 0x30, 0x02, 0x02, 0x80, 0x00, 0x00}; const byte c1[] = { 0x30, 0x04, 0x30, 0x04, 0x02, 0x80, 0x00, 0x00}; const byte c2[] = { 0x30, 0x06, 0x30, 0x04, 0x02, 0x80, 0x00, 0x00}; const byte c3[] = { 0x30, 0x07, 0x30, 0x05, 0x02, 0x80, 0x10, 0x00, 0x00}; const byte c4[] = { 0x02, 0x80, 0x10, 0x00, 0x00}; /* Test data */ const struct testStruct { const byte* c; const int cSz; const int expRet; } t[] = { {c0, sizeof(c0), ASN_PARSE_E}, /* Invalid bit-string length */ {c1, sizeof(c1), ASN_PARSE_E}, /* Invalid bit-string length */ {c2, sizeof(c2), ASN_PARSE_E}, /* Invalid integer length (zero) */ {c3, sizeof(c3), ASN_PARSE_E}, /* Valid INTEGER, but buffer too short */ {c4, sizeof(c4), ASN_PARSE_E}, /* Valid INTEGER, but not in bit-string */ }; const int tSz = (int)(sizeof(t) / sizeof(struct testStruct)); for (i = 0; i < tSz; i++) { WOLFSSL_MSG_EX("i == %d", i); wc_InitDecodedCert(&decodedCert, t[i].c, t[i].cSz, NULL); ExpectIntEQ(wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL), t[i].expRet); wc_FreeDecodedCert(&decodedCert); } #endif return EXPECT_RESULT(); } static int test_MakeCertWithPathLen(void) { EXPECT_DECLS; #if defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME) && \ defined(WOLFSSL_CERT_GEN) && defined(HAVE_ECC) const byte expectedPathLen = 7; Cert cert; DecodedCert decodedCert; byte der[FOURK_BUF]; int derSize = 0; WC_RNG rng; ecc_key key; int ret; XMEMSET(&rng, 0, sizeof(WC_RNG)); XMEMSET(&key, 0, sizeof(ecc_key)); XMEMSET(&cert, 0, sizeof(Cert)); XMEMSET(&decodedCert, 0, sizeof(DecodedCert)); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_ecc_init(&key), 0); ExpectIntEQ(wc_ecc_make_key(&rng, 32, &key), 0); ExpectIntEQ(wc_InitCert(&cert), 0); (void)XSTRNCPY(cert.subject.country, "US", CTC_NAME_SIZE); (void)XSTRNCPY(cert.subject.state, "state", CTC_NAME_SIZE); (void)XSTRNCPY(cert.subject.locality, "Bozeman", CTC_NAME_SIZE); (void)XSTRNCPY(cert.subject.org, "yourOrgNameHere", CTC_NAME_SIZE); (void)XSTRNCPY(cert.subject.unit, "yourUnitNameHere", CTC_NAME_SIZE); (void)XSTRNCPY(cert.subject.commonName, "www.yourDomain.com", CTC_NAME_SIZE); (void)XSTRNCPY(cert.subject.email, "yourEmail@yourDomain.com", CTC_NAME_SIZE); cert.selfSigned = 1; cert.isCA = 1; cert.pathLen = expectedPathLen; cert.pathLenSet = 1; cert.sigType = CTC_SHA256wECDSA; #ifdef WOLFSSL_CERT_EXT cert.keyUsage |= KEYUSE_KEY_CERT_SIGN; #endif ExpectIntGE(wc_MakeCert(&cert, der, FOURK_BUF, NULL, &key, &rng), 0); ExpectIntGE(derSize = wc_SignCert(cert.bodySz, cert.sigType, der, FOURK_BUF, NULL, &key, &rng), 0); wc_InitDecodedCert(&decodedCert, der, derSize, NULL); ExpectIntEQ(wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL), 0); ExpectIntEQ(decodedCert.pathLength, expectedPathLen); wc_FreeDecodedCert(&decodedCert); ret = wc_ecc_free(&key); ExpectIntEQ(ret, 0); ret = wc_FreeRng(&rng); ExpectIntEQ(ret, 0); #endif return EXPECT_RESULT(); } static int test_MakeCertWithCaFalse(void) { EXPECT_DECLS; #if defined(WOLFSSL_ALLOW_ENCODING_CA_FALSE) && defined(WOLFSSL_CERT_REQ) && \ !defined(NO_ASN_TIME) && defined(WOLFSSL_CERT_GEN) && defined(HAVE_ECC) const byte expectedIsCa = 0; Cert cert; DecodedCert decodedCert; byte der[FOURK_BUF]; int derSize = 0; WC_RNG rng; ecc_key key; int ret; XMEMSET(&rng, 0, sizeof(WC_RNG)); XMEMSET(&key, 0, sizeof(ecc_key)); XMEMSET(&cert, 0, sizeof(Cert)); XMEMSET(&decodedCert, 0, sizeof(DecodedCert)); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_ecc_init(&key), 0); ExpectIntEQ(wc_ecc_make_key(&rng, 32, &key), 0); ExpectIntEQ(wc_InitCert(&cert), 0); (void)XSTRNCPY(cert.subject.country, "US", CTC_NAME_SIZE); (void)XSTRNCPY(cert.subject.state, "state", CTC_NAME_SIZE); (void)XSTRNCPY(cert.subject.locality, "Bozeman", CTC_NAME_SIZE); (void)XSTRNCPY(cert.subject.org, "yourOrgNameHere", CTC_NAME_SIZE); (void)XSTRNCPY(cert.subject.unit, "yourUnitNameHere", CTC_NAME_SIZE); (void)XSTRNCPY(cert.subject.commonName, "www.yourDomain.com", CTC_NAME_SIZE); (void)XSTRNCPY(cert.subject.email, "yourEmail@yourDomain.com", CTC_NAME_SIZE); cert.selfSigned = 1; cert.isCA = expectedIsCa; cert.isCaSet = 1; cert.sigType = CTC_SHA256wECDSA; ExpectIntGE(wc_MakeCert(&cert, der, FOURK_BUF, NULL, &key, &rng), 0); ExpectIntGE(derSize = wc_SignCert(cert.bodySz, cert.sigType, der, FOURK_BUF, NULL, &key, &rng), 0); wc_InitDecodedCert(&decodedCert, der, derSize, NULL); ExpectIntEQ(wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL), 0); ExpectIntEQ(decodedCert.isCA, expectedIsCa); wc_FreeDecodedCert(&decodedCert); ret = wc_ecc_free(&key); ExpectIntEQ(ret, 0); ret = wc_FreeRng(&rng); ExpectIntEQ(ret, 0); #endif return EXPECT_RESULT(); } /*----------------------------------------------------------------------------* | wolfCrypt ECC *----------------------------------------------------------------------------*/ static int test_wc_ecc_get_curve_size_from_name(void) { EXPECT_DECLS; #ifdef HAVE_ECC #if !defined(NO_ECC256) && !defined(NO_ECC_SECP) ExpectIntEQ(wc_ecc_get_curve_size_from_name("SECP256R1"), 32); #endif /* invalid case */ ExpectIntEQ(wc_ecc_get_curve_size_from_name("BADCURVE"), -1); /* NULL input */ ExpectIntEQ(wc_ecc_get_curve_size_from_name(NULL), BAD_FUNC_ARG); #endif /* HAVE_ECC */ return EXPECT_RESULT(); } static int test_wc_ecc_get_curve_id_from_name(void) { EXPECT_DECLS; #ifdef HAVE_ECC #if !defined(NO_ECC256) && !defined(NO_ECC_SECP) ExpectIntEQ(wc_ecc_get_curve_id_from_name("SECP256R1"), ECC_SECP256R1); #endif /* invalid case */ ExpectIntEQ(wc_ecc_get_curve_id_from_name("BADCURVE"), -1); /* NULL input */ ExpectIntEQ(wc_ecc_get_curve_id_from_name(NULL), BAD_FUNC_ARG); #endif /* HAVE_ECC */ return EXPECT_RESULT(); } #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && \ !defined(HAVE_SELFTEST) && \ !(defined(HAVE_FIPS) || defined(HAVE_FIPS_VERSION)) static int test_wc_ecc_get_curve_id_from_dp_params(void) { EXPECT_DECLS; #if !defined(NO_ECC256) && !defined(NO_ECC_SECP) ecc_key* key; const ecc_set_type* params = NULL; int ret; #endif WOLFSSL_EC_KEY *ecKey = NULL; #if !defined(NO_ECC256) && !defined(NO_ECC_SECP) ExpectIntEQ(wc_ecc_get_curve_id_from_name("SECP256R1"), ECC_SECP256R1); ExpectNotNull(ecKey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); if (EXPECT_SUCCESS()) { ret = EC_KEY_generate_key(ecKey); } else ret = 0; if (ret == 1) { /* normal test */ key = (ecc_key*)ecKey->internal; if (key != NULL) { params = key->dp; } ExpectIntEQ(wc_ecc_get_curve_id_from_dp_params(params), ECC_SECP256R1); } #endif /* invalid case, NULL input*/ ExpectIntEQ(wc_ecc_get_curve_id_from_dp_params(NULL), BAD_FUNC_ARG); wolfSSL_EC_KEY_free(ecKey); return EXPECT_RESULT(); } #endif /* defined(OPENSSL_EXTRA) && defined(HAVE_ECC) */ static int test_wc_ecc_get_curve_id_from_params(void) { EXPECT_DECLS; #ifdef HAVE_ECC const byte prime[] = { 0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x01, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF, 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF }; const byte primeInvalid[] = { 0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x01, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF, 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x01,0x01 }; const byte Af[] = { 0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x01, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF, 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFC }; const byte Bf[] = { 0x5A,0xC6,0x35,0xD8,0xAA,0x3A,0x93,0xE7, 0xB3,0xEB,0xBD,0x55,0x76,0x98,0x86,0xBC, 0x65,0x1D,0x06,0xB0,0xCC,0x53,0xB0,0xF6, 0x3B,0xCE,0x3C,0x3E,0x27,0xD2,0x60,0x4B }; const byte order[] = { 0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00, 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, 0xBC,0xE6,0xFA,0xAD,0xA7,0x17,0x9E,0x84, 0xF3,0xB9,0xCA,0xC2,0xFC,0x63,0x25,0x51 }; const byte Gx[] = { 0x6B,0x17,0xD1,0xF2,0xE1,0x2C,0x42,0x47, 0xF8,0xBC,0xE6,0xE5,0x63,0xA4,0x40,0xF2, 0x77,0x03,0x7D,0x81,0x2D,0xEB,0x33,0xA0, 0xF4,0xA1,0x39,0x45,0xD8,0x98,0xC2,0x96 }; const byte Gy[] = { 0x4F,0xE3,0x42,0xE2,0xFE,0x1A,0x7F,0x9B, 0x8E,0xE7,0xEB,0x4A,0x7C,0x0F,0x9E,0x16, 0x2B,0xCE,0x33,0x57,0x6B,0x31,0x5E,0xCE, 0xCB,0xB6,0x40,0x68,0x37,0xBF,0x51,0xF5 }; int cofactor = 1; int fieldSize = 256; #if !defined(NO_ECC256) && !defined(NO_ECC_SECP) ExpectIntEQ(wc_ecc_get_curve_id_from_params(fieldSize, prime, sizeof(prime), Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order), Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor), ECC_SECP256R1); #endif /* invalid case, fieldSize = 0 */ ExpectIntEQ(wc_ecc_get_curve_id_from_params(0, prime, sizeof(prime), Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order), Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor), ECC_CURVE_INVALID); /* invalid case, NULL prime */ ExpectIntEQ(wc_ecc_get_curve_id_from_params(fieldSize, NULL, sizeof(prime), Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order), Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor), BAD_FUNC_ARG); /* invalid case, invalid prime */ ExpectIntEQ(wc_ecc_get_curve_id_from_params(fieldSize, primeInvalid, sizeof(primeInvalid), Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order), Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor), ECC_CURVE_INVALID); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_PKEY_encrypt(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) WOLFSSL_RSA* rsa = NULL; WOLFSSL_EVP_PKEY* pkey = NULL; WOLFSSL_EVP_PKEY_CTX* ctx = NULL; const char* in = "What is easy to do is easy not to do."; size_t inlen = XSTRLEN(in); size_t outEncLen = 0; byte* outEnc = NULL; byte* outDec = NULL; size_t outDecLen = 0; size_t rsaKeySz = 2048/8; /* Bytes */ #if !defined(HAVE_FIPS) && defined(WC_RSA_NO_PADDING) byte* inTmp = NULL; byte* outEncTmp = NULL; byte* outDecTmp = NULL; #endif ExpectNotNull(outEnc = (byte*)XMALLOC(rsaKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); if (outEnc != NULL) { XMEMSET(outEnc, 0, rsaKeySz); } ExpectNotNull(outDec = (byte*)XMALLOC(rsaKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); if (outDec != NULL) { XMEMSET(outDec, 0, rsaKeySz); } ExpectNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL)); ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectIntEQ(EVP_PKEY_assign_RSA(pkey, rsa), WOLFSSL_SUCCESS); if (EXPECT_FAIL()) { RSA_free(rsa); } ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL)); ExpectIntEQ(EVP_PKEY_encrypt_init(ctx), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING), WOLFSSL_SUCCESS); /* Test pkey references count is decremented. pkey shouldn't be destroyed since ctx uses it.*/ ExpectIntEQ(pkey->ref.count, 2); EVP_PKEY_free(pkey); ExpectIntEQ(pkey->ref.count, 1); /* Encrypt data */ /* Check that we can get the required output buffer length by passing in a * NULL output buffer. */ ExpectIntEQ(EVP_PKEY_encrypt(ctx, NULL, &outEncLen, (const unsigned char*)in, inlen), WOLFSSL_SUCCESS); ExpectIntEQ(rsaKeySz, outEncLen); /* Now do the actual encryption. */ ExpectIntEQ(EVP_PKEY_encrypt(ctx, outEnc, &outEncLen, (const unsigned char*)in, inlen), WOLFSSL_SUCCESS); /* Decrypt data */ ExpectIntEQ(EVP_PKEY_decrypt_init(ctx), WOLFSSL_SUCCESS); /* Check that we can get the required output buffer length by passing in a * NULL output buffer. */ ExpectIntEQ(EVP_PKEY_decrypt(ctx, NULL, &outDecLen, outEnc, outEncLen), WOLFSSL_SUCCESS); ExpectIntEQ(rsaKeySz, outDecLen); /* Now do the actual decryption. */ ExpectIntEQ(EVP_PKEY_decrypt(ctx, outDec, &outDecLen, outEnc, outEncLen), WOLFSSL_SUCCESS); ExpectIntEQ(XMEMCMP(in, outDec, outDecLen), 0); #if !defined(HAVE_FIPS) && defined(WC_RSA_NO_PADDING) /* The input length must be the same size as the RSA key.*/ ExpectNotNull(inTmp = (byte*)XMALLOC(rsaKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); if (inTmp != NULL) { XMEMSET(inTmp, 9, rsaKeySz); } ExpectNotNull(outEncTmp = (byte*)XMALLOC(rsaKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); if (outEncTmp != NULL) { XMEMSET(outEncTmp, 0, rsaKeySz); } ExpectNotNull(outDecTmp = (byte*)XMALLOC(rsaKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); if (outDecTmp != NULL) { XMEMSET(outDecTmp, 0, rsaKeySz); } ExpectIntEQ(EVP_PKEY_encrypt_init(ctx), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_NO_PADDING), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_encrypt(ctx, outEncTmp, &outEncLen, inTmp, rsaKeySz), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_decrypt_init(ctx), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_decrypt(ctx, outDecTmp, &outDecLen, outEncTmp, outEncLen), WOLFSSL_SUCCESS); ExpectIntEQ(XMEMCMP(inTmp, outDecTmp, outDecLen), 0); #endif EVP_PKEY_CTX_free(ctx); XFREE(outEnc, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(outDec, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); #if !defined(HAVE_FIPS) && defined(WC_RSA_NO_PADDING) XFREE(inTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(outEncTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(outDecTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); #endif #endif return EXPECT_RESULT(); } #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \ !defined(HAVE_SELFTEST) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) #ifndef TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY #define TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY #endif #endif #endif #if defined(OPENSSL_EXTRA) #if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN) #ifndef TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY #define TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY #endif #endif #endif #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) #ifndef TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY #define TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY #endif #endif #endif #ifdef TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY static int test_wolfSSL_EVP_PKEY_sign_verify(int keyType) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \ !defined(HAVE_SELFTEST) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) WOLFSSL_RSA* rsa = NULL; #endif #endif #if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN) WOLFSSL_DSA* dsa = NULL; #endif /* !NO_DSA && !HAVE_SELFTEST && WOLFSSL_KEY_GEN */ #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) WOLFSSL_EC_KEY* ecKey = NULL; #endif #endif WOLFSSL_EVP_PKEY* pkey = NULL; WOLFSSL_EVP_PKEY_CTX* ctx = NULL; WOLFSSL_EVP_PKEY_CTX* ctx_verify = NULL; const char* in = "What is easy to do is easy not to do."; size_t inlen = XSTRLEN(in); byte hash[SHA256_DIGEST_LENGTH] = {0}; byte zero[SHA256_DIGEST_LENGTH] = {0}; SHA256_CTX c; byte* sig = NULL; byte* sigVerify = NULL; size_t siglen; size_t siglenOnlyLen; size_t keySz = 2048/8; /* Bytes */ ExpectNotNull(sig = (byte*)XMALLOC(keySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); ExpectNotNull(sigVerify = (byte*)XMALLOC(keySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); siglen = keySz; ExpectNotNull(XMEMSET(sig, 0, keySz)); ExpectNotNull(XMEMSET(sigVerify, 0, keySz)); /* Generate hash */ SHA256_Init(&c); SHA256_Update(&c, in, inlen); SHA256_Final(hash, &c); #ifdef WOLFSSL_SMALL_STACK_CACHE /* workaround for small stack cache case */ wc_Sha256Free((wc_Sha256*)&c); #endif /* Generate key */ ExpectNotNull(pkey = EVP_PKEY_new()); switch (keyType) { case EVP_PKEY_RSA: #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \ !defined(HAVE_SELFTEST) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) { ExpectNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL)); ExpectIntEQ(EVP_PKEY_assign_RSA(pkey, rsa), WOLFSSL_SUCCESS); } #endif #endif break; case EVP_PKEY_DSA: #if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN) ExpectNotNull(dsa = DSA_new()); ExpectIntEQ(DSA_generate_parameters_ex(dsa, 2048, NULL, 0, NULL, NULL, NULL), 1); ExpectIntEQ(DSA_generate_key(dsa), 1); ExpectIntEQ(EVP_PKEY_set1_DSA(pkey, dsa), WOLFSSL_SUCCESS); #endif /* !NO_DSA && !HAVE_SELFTEST && WOLFSSL_KEY_GEN */ break; case EVP_PKEY_EC: #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) { ExpectNotNull(ecKey = EC_KEY_new()); ExpectIntEQ(EC_KEY_generate_key(ecKey), 1); ExpectIntEQ( EVP_PKEY_assign_EC_KEY(pkey, ecKey), WOLFSSL_SUCCESS); if (EXPECT_FAIL()) { EC_KEY_free(ecKey); } } #endif #endif break; } ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL)); ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS); #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \ !defined(HAVE_SELFTEST) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) if (keyType == EVP_PKEY_RSA) ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING), WOLFSSL_SUCCESS); #endif #endif /* Check returning only length */ ExpectIntEQ(EVP_PKEY_sign(ctx, NULL, &siglenOnlyLen, hash, SHA256_DIGEST_LENGTH), WOLFSSL_SUCCESS); ExpectIntGT(siglenOnlyLen, 0); /* Sign data */ ExpectIntEQ(EVP_PKEY_sign(ctx, sig, &siglen, hash, SHA256_DIGEST_LENGTH), WOLFSSL_SUCCESS); ExpectIntGE(siglenOnlyLen, siglen); /* Verify signature */ ExpectNotNull(ctx_verify = EVP_PKEY_CTX_new(pkey, NULL)); ExpectIntEQ(EVP_PKEY_verify_init(ctx_verify), WOLFSSL_SUCCESS); #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \ !defined(HAVE_SELFTEST) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) if (keyType == EVP_PKEY_RSA) ExpectIntEQ( EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_PADDING), WOLFSSL_SUCCESS); #endif #endif ExpectIntEQ(EVP_PKEY_verify( ctx_verify, sig, siglen, hash, SHA256_DIGEST_LENGTH), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_verify( ctx_verify, sig, siglen, zero, SHA256_DIGEST_LENGTH), WOLFSSL_FAILURE); #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \ !defined(HAVE_SELFTEST) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) if (keyType == EVP_PKEY_RSA) { #if defined(WC_RSA_NO_PADDING) || defined(WC_RSA_DIRECT) /* Try RSA sign/verify with no padding. */ ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_NO_PADDING), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_sign(ctx, sigVerify, &siglen, sig, siglen), WOLFSSL_SUCCESS); ExpectIntGE(siglenOnlyLen, siglen); ExpectIntEQ(EVP_PKEY_verify_init(ctx_verify), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_NO_PADDING), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_verify(ctx_verify, sigVerify, siglen, sig, siglen), WOLFSSL_SUCCESS); #endif /* Wrong padding schemes. */ ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING), WOLFSSL_SUCCESS); ExpectIntNE(EVP_PKEY_sign(ctx, sigVerify, &siglen, sig, siglen), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_verify_init(ctx_verify), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_OAEP_PADDING), WOLFSSL_SUCCESS); ExpectIntNE(EVP_PKEY_verify(ctx_verify, sigVerify, siglen, sig, siglen), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_PADDING), WOLFSSL_SUCCESS); } #endif #endif /* error cases */ siglen = keySz; /* Reset because sig size may vary slightly */ ExpectIntNE(EVP_PKEY_sign_init(NULL), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS); ExpectIntNE(EVP_PKEY_sign(NULL, sig, &siglen, (byte*)in, inlen), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_sign(ctx, sig, &siglen, (byte*)in, inlen), WOLFSSL_SUCCESS); EVP_PKEY_free(pkey); pkey = NULL; #if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN) DSA_free(dsa); dsa = NULL; #endif /* !NO_DSA && !HAVE_SELFTEST && WOLFSSL_KEY_GEN */ EVP_PKEY_CTX_free(ctx_verify); ctx_verify = NULL; EVP_PKEY_CTX_free(ctx); ctx = NULL; XFREE(sig, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(sigVerify, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); #endif /* OPENSSL_EXTRA */ return EXPECT_RESULT(); } #endif static int test_wolfSSL_EVP_PKEY_sign_verify_rsa(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \ !defined(HAVE_SELFTEST) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) ExpectIntEQ(test_wolfSSL_EVP_PKEY_sign_verify(EVP_PKEY_RSA), TEST_SUCCESS); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_PKEY_sign_verify_dsa(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) #if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN) ExpectIntEQ(test_wolfSSL_EVP_PKEY_sign_verify(EVP_PKEY_DSA), TEST_SUCCESS); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_PKEY_sign_verify_ec(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) ExpectIntEQ(test_wolfSSL_EVP_PKEY_sign_verify(EVP_PKEY_EC), TEST_SUCCESS); #endif #endif return EXPECT_RESULT(); } static int test_EVP_PKEY_rsa(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) WOLFSSL_RSA* rsa = NULL; WOLFSSL_EVP_PKEY* pkey = NULL; ExpectNotNull(rsa = wolfSSL_RSA_new()); ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectIntEQ(EVP_PKEY_assign_RSA(NULL, rsa), WOLFSSL_FAILURE); ExpectIntEQ(EVP_PKEY_assign_RSA(pkey, NULL), WOLFSSL_FAILURE); ExpectIntEQ(EVP_PKEY_assign_RSA(pkey, rsa), WOLFSSL_SUCCESS); if (EXPECT_FAIL()) { wolfSSL_RSA_free(rsa); } ExpectPtrEq(EVP_PKEY_get0_RSA(pkey), rsa); wolfSSL_EVP_PKEY_free(pkey); #endif return EXPECT_RESULT(); } static int test_EVP_PKEY_ec(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) WOLFSSL_EC_KEY* ecKey = NULL; WOLFSSL_EVP_PKEY* pkey = NULL; ExpectNotNull(ecKey = wolfSSL_EC_KEY_new()); ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectIntEQ(EVP_PKEY_assign_EC_KEY(NULL, ecKey), WOLFSSL_FAILURE); ExpectIntEQ(EVP_PKEY_assign_EC_KEY(pkey, NULL), WOLFSSL_FAILURE); /* Should fail since ecKey is empty */ ExpectIntEQ(EVP_PKEY_assign_EC_KEY(pkey, ecKey), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1); ExpectIntEQ(EVP_PKEY_assign_EC_KEY(pkey, ecKey), WOLFSSL_SUCCESS); if (EXPECT_FAIL()) { wolfSSL_EC_KEY_free(ecKey); } wolfSSL_EVP_PKEY_free(pkey); #endif #endif return EXPECT_RESULT(); } static int test_EVP_PKEY_cmp(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) EVP_PKEY *a = NULL; EVP_PKEY *b = NULL; const unsigned char *in; #if !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048) in = client_key_der_2048; ExpectNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL, &in, (long)sizeof_client_key_der_2048)); in = client_key_der_2048; ExpectNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL, &in, (long)sizeof_client_key_der_2048)); /* Test success case RSA */ #if defined(WOLFSSL_ERROR_CODE_OPENSSL) ExpectIntEQ(EVP_PKEY_cmp(a, b), 1); #else ExpectIntEQ(EVP_PKEY_cmp(a, b), 0); #endif /* WOLFSSL_ERROR_CODE_OPENSSL */ EVP_PKEY_free(b); b = NULL; EVP_PKEY_free(a); a = NULL; #endif #if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256) in = ecc_clikey_der_256; ExpectNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL, &in, (long)sizeof_ecc_clikey_der_256)); in = ecc_clikey_der_256; ExpectNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL, &in, (long)sizeof_ecc_clikey_der_256)); /* Test success case ECC */ #if defined(WOLFSSL_ERROR_CODE_OPENSSL) ExpectIntEQ(EVP_PKEY_cmp(a, b), 1); #else ExpectIntEQ(EVP_PKEY_cmp(a, b), 0); #endif /* WOLFSSL_ERROR_CODE_OPENSSL */ EVP_PKEY_free(b); b = NULL; EVP_PKEY_free(a); a = NULL; #endif /* Test failure cases */ #if !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048) && \ defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256) in = client_key_der_2048; ExpectNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL, &in, (long)sizeof_client_key_der_2048)); in = ecc_clikey_der_256; ExpectNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL, &in, (long)sizeof_ecc_clikey_der_256)); #if defined(WOLFSSL_ERROR_CODE_OPENSSL) ExpectIntEQ(EVP_PKEY_cmp(a, b), -1); #else ExpectIntNE(EVP_PKEY_cmp(a, b), 0); #endif /* WOLFSSL_ERROR_CODE_OPENSSL */ EVP_PKEY_free(b); b = NULL; EVP_PKEY_free(a); a = NULL; #endif /* invalid or empty failure cases */ a = EVP_PKEY_new(); b = EVP_PKEY_new(); #if defined(WOLFSSL_ERROR_CODE_OPENSSL) ExpectIntEQ(EVP_PKEY_cmp(NULL, NULL), 0); ExpectIntEQ(EVP_PKEY_cmp(a, NULL), 0); ExpectIntEQ(EVP_PKEY_cmp(NULL, b), 0); #ifdef NO_RSA /* Type check will fail since RSA is the default EVP key type */ ExpectIntEQ(EVP_PKEY_cmp(a, b), -2); #else ExpectIntEQ(EVP_PKEY_cmp(a, b), 0); #endif #else ExpectIntNE(EVP_PKEY_cmp(NULL, NULL), 0); ExpectIntNE(EVP_PKEY_cmp(a, NULL), 0); ExpectIntNE(EVP_PKEY_cmp(NULL, b), 0); ExpectIntNE(EVP_PKEY_cmp(a, b), 0); #endif EVP_PKEY_free(b); EVP_PKEY_free(a); (void)in; #endif return EXPECT_RESULT(); } static int test_ERR_load_crypto_strings(void) { #if defined(OPENSSL_ALL) ERR_load_crypto_strings(); return TEST_SUCCESS; #else return TEST_SKIPPED; #endif } #if defined(OPENSSL_ALL) && !defined(NO_CERTS) static void free_x509(X509* x) { AssertIntEQ((x == (X509*)1 || x == (X509*)2), 1); } #endif static int test_sk_X509(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_CERTS) { STACK_OF(X509)* s = NULL; ExpectNotNull(s = sk_X509_new_null()); ExpectIntEQ(sk_X509_num(s), 0); sk_X509_pop_free(s, NULL); ExpectNotNull(s = sk_X509_new_null()); ExpectIntEQ(sk_X509_num(s), 0); sk_X509_pop_free(s, NULL); ExpectNotNull(s = sk_X509_new_null()); sk_X509_push(s, (X509*)1); ExpectIntEQ(sk_X509_num(s), 1); ExpectIntEQ((sk_X509_value(s, 0) == (X509*)1), 1); sk_X509_push(s, (X509*)2); ExpectIntEQ(sk_X509_num(s), 2); ExpectIntEQ((sk_X509_value(s, 0) == (X509*)2), 1); ExpectIntEQ((sk_X509_value(s, 1) == (X509*)1), 1); sk_X509_push(s, (X509*)2); sk_X509_pop_free(s, free_x509); } { /* Push a list of 10 X509s onto stack, then verify that * value(), push(), shift(), and pop() behave as expected. */ STACK_OF(X509)* s = NULL; X509* xList[10]; int i = 0; const int len = (sizeof(xList) / sizeof(xList[0])); for (i = 0; i < len; ++i) { xList[i] = NULL; ExpectNotNull(xList[i] = X509_new()); } /* test push, pop, and free */ ExpectNotNull(s = sk_X509_new_null()); for (i = 0; i < len; ++i) { sk_X509_push(s, xList[i]); ExpectIntEQ(sk_X509_num(s), i + 1); ExpectIntEQ((sk_X509_value(s, 0) == xList[i]), 1); ExpectIntEQ((sk_X509_value(s, i) == xList[0]), 1); } /* pop returns and removes last pushed on stack, which is index 0 * in sk_x509_value */ for (i = 0; i < len; ++i) { X509 * x = sk_X509_value(s, 0); X509 * y = sk_X509_pop(s); X509 * z = xList[len - 1 - i]; ExpectIntEQ((x == y), 1); ExpectIntEQ((x == z), 1); ExpectIntEQ(sk_X509_num(s), len - 1 - i); } sk_free(s); s = NULL; /* test push, shift, and free */ ExpectNotNull(s = sk_X509_new_null()); for (i = 0; i < len; ++i) { sk_X509_push(s, xList[i]); ExpectIntEQ(sk_X509_num(s), i + 1); ExpectIntEQ((sk_X509_value(s, 0) == xList[i]), 1); ExpectIntEQ((sk_X509_value(s, i) == xList[0]), 1); } /* shift returns and removes first pushed on stack, which is index i * in sk_x509_value() */ for (i = 0; i < len; ++i) { X509 * x = sk_X509_value(s, len - 1 - i); X509 * y = sk_X509_shift(s); X509 * z = xList[i]; ExpectIntEQ((x == y), 1); ExpectIntEQ((x == z), 1); ExpectIntEQ(sk_X509_num(s), len - 1 - i); } sk_free(s); for (i = 0; i < len; ++i) X509_free(xList[i]); } #endif return EXPECT_RESULT(); } static int test_sk_X509_CRL(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_CERTS) && defined(HAVE_CRL) X509_CRL* crl = NULL; XFILE fp = XBADFILE; STACK_OF(X509_CRL)* s = NULL; ExpectTrue((fp = XFOPEN("./certs/crl/crl.pem", "rb")) != XBADFILE); ExpectNotNull(crl = (X509_CRL*)PEM_read_X509_CRL(fp, (X509_CRL **)NULL, NULL, NULL)); if (fp != XBADFILE) XFCLOSE(fp); ExpectNotNull(s = sk_X509_CRL_new()); ExpectIntEQ(sk_X509_CRL_num(s), 0); ExpectIntEQ(sk_X509_CRL_push(s, crl), 1); if (EXPECT_FAIL()) { X509_CRL_free(crl); } ExpectIntEQ(sk_X509_CRL_num(s), 1); ExpectPtrEq(sk_X509_CRL_value(s, 0), crl); sk_X509_CRL_free(s); #endif return EXPECT_RESULT(); } static int test_X509_get_signature_nid(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) X509* x509 = NULL; ExpectIntEQ(X509_get_signature_nid(NULL), 0); ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile, SSL_FILETYPE_PEM)); ExpectIntEQ(X509_get_signature_nid(x509), NID_sha256WithRSAEncryption); X509_free(x509); #endif return EXPECT_RESULT(); } static int test_X509_REQ(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \ defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && !defined(NO_BIO) X509_NAME* name = NULL; #ifndef NO_RSA X509_NAME* subject = NULL; #endif #if !defined(NO_RSA) || defined(HAVE_ECC) X509_REQ* req = NULL; EVP_PKEY* priv = NULL; EVP_PKEY* pub = NULL; unsigned char* der = NULL; int len; #endif #ifndef NO_RSA EVP_MD_CTX *mctx = NULL; EVP_PKEY_CTX *pkctx = NULL; #ifdef USE_CERT_BUFFERS_1024 const unsigned char* rsaPriv = (const unsigned char*)client_key_der_1024; const unsigned char* rsaPub = (unsigned char*)client_keypub_der_1024; #elif defined(USE_CERT_BUFFERS_2048) const unsigned char* rsaPriv = (const unsigned char*)client_key_der_2048; const unsigned char* rsaPub = (unsigned char*)client_keypub_der_2048; #endif #endif #ifdef HAVE_ECC const unsigned char* ecPriv = (const unsigned char*)ecc_clikey_der_256; const unsigned char* ecPub = (unsigned char*)ecc_clikeypub_der_256; #endif ExpectNotNull(name = X509_NAME_new()); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8, (byte*)"wolfssl.com", 11, 0, 1), WOLFSSL_SUCCESS); ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_UTF8, (byte*)"support@wolfssl.com", 19, -1, 1), WOLFSSL_SUCCESS); #ifndef NO_RSA ExpectNotNull(priv = d2i_PrivateKey(EVP_PKEY_RSA, NULL, &rsaPriv, (long)sizeof_client_key_der_2048)); ExpectNotNull(pub = d2i_PUBKEY(NULL, &rsaPub, (long)sizeof_client_keypub_der_2048)); ExpectNotNull(req = X509_REQ_new()); ExpectIntEQ(X509_REQ_set_subject_name(NULL, name), WOLFSSL_FAILURE); ExpectIntEQ(X509_REQ_set_subject_name(req, NULL), WOLFSSL_FAILURE); ExpectIntEQ(X509_REQ_set_subject_name(req, name), WOLFSSL_SUCCESS); ExpectIntEQ(X509_REQ_set_pubkey(NULL, pub), WOLFSSL_FAILURE); ExpectIntEQ(X509_REQ_set_pubkey(req, NULL), WOLFSSL_FAILURE); ExpectIntEQ(X509_REQ_set_pubkey(req, pub), WOLFSSL_SUCCESS); ExpectIntEQ(X509_REQ_sign(NULL, priv, EVP_sha256()), WOLFSSL_FAILURE); ExpectIntEQ(X509_REQ_sign(req, NULL, EVP_sha256()), WOLFSSL_FAILURE); ExpectIntEQ(X509_REQ_sign(req, priv, NULL), WOLFSSL_FAILURE); ExpectIntEQ(X509_REQ_sign(req, priv, EVP_sha256()), WOLFSSL_SUCCESS); len = i2d_X509_REQ(req, &der); DEBUG_WRITE_DER(der, len, "req.der"); #ifdef USE_CERT_BUFFERS_1024 ExpectIntEQ(len, 381); #else ExpectIntEQ(len, 643); #endif XFREE(der, NULL, DYNAMIC_TYPE_OPENSSL); der = NULL; mctx = EVP_MD_CTX_new(); ExpectIntEQ(EVP_DigestSignInit(mctx, &pkctx, EVP_sha256(), NULL, priv), WOLFSSL_SUCCESS); ExpectIntEQ(X509_REQ_sign_ctx(req, mctx), WOLFSSL_SUCCESS); EVP_MD_CTX_free(mctx); mctx = NULL; X509_REQ_free(NULL); X509_REQ_free(req); req = NULL; /* Test getting the subject from a newly created X509_REQ */ ExpectNotNull(req = X509_REQ_new()); ExpectNotNull(subject = X509_REQ_get_subject_name(req)); ExpectIntEQ(X509_NAME_add_entry_by_NID(subject, NID_commonName, MBSTRING_UTF8, (unsigned char*)"www.wolfssl.com", -1, -1, 0), 1); ExpectIntEQ(X509_NAME_add_entry_by_NID(subject, NID_countryName, MBSTRING_UTF8, (unsigned char*)"US", -1, -1, 0), 1); ExpectIntEQ(X509_NAME_add_entry_by_NID(subject, NID_localityName, MBSTRING_UTF8, (unsigned char*)"Bozeman", -1, -1, 0), 1); ExpectIntEQ(X509_NAME_add_entry_by_NID(subject, NID_stateOrProvinceName, MBSTRING_UTF8, (unsigned char*)"Montana", -1, -1, 0), 1); ExpectIntEQ(X509_NAME_add_entry_by_NID(subject, NID_organizationName, MBSTRING_UTF8, (unsigned char*)"wolfSSL", -1, -1, 0), 1); ExpectIntEQ(X509_NAME_add_entry_by_NID(subject, NID_organizationalUnitName, MBSTRING_UTF8, (unsigned char*)"Testing", -1, -1, 0), 1); ExpectIntEQ(X509_REQ_set_pubkey(req, pub), WOLFSSL_SUCCESS); ExpectIntEQ(X509_REQ_sign(req, priv, EVP_sha256()), WOLFSSL_SUCCESS); len = i2d_X509_REQ(req, &der); DEBUG_WRITE_DER(der, len, "req2.der"); #ifdef USE_CERT_BUFFERS_1024 ExpectIntEQ(len, 435); #else ExpectIntEQ(len, 696); #endif XFREE(der, NULL, DYNAMIC_TYPE_OPENSSL); der = NULL; EVP_PKEY_free(pub); pub = NULL; EVP_PKEY_free(priv); priv = NULL; X509_REQ_free(req); req = NULL; #endif #ifdef HAVE_ECC ExpectNotNull(priv = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL, &ecPriv, sizeof_ecc_clikey_der_256)); ExpectNotNull(pub = wolfSSL_d2i_PUBKEY(NULL, &ecPub, sizeof_ecc_clikeypub_der_256)); ExpectNotNull(req = X509_REQ_new()); ExpectIntEQ(X509_REQ_set_subject_name(req, name), WOLFSSL_SUCCESS); ExpectIntEQ(X509_REQ_set_pubkey(req, pub), WOLFSSL_SUCCESS); ExpectIntEQ(X509_REQ_sign(req, priv, EVP_sha256()), WOLFSSL_SUCCESS); /* Signature is random and may be shorter or longer. */ ExpectIntGE((len = i2d_X509_REQ(req, &der)), 245); ExpectIntLE(len, 253); XFREE(der, NULL, DYNAMIC_TYPE_OPENSSL); X509_REQ_free(req); EVP_PKEY_free(pub); EVP_PKEY_free(priv); #ifdef FP_ECC wc_ecc_fp_free(); #endif #endif /* HAVE_ECC */ X509_NAME_free(name); #endif return EXPECT_RESULT(); } static int test_wolfssl_PKCS7(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) && !defined(NO_BIO) && \ !defined(NO_RSA) PKCS7* pkcs7 = NULL; byte data[FOURK_BUF]; word32 len = sizeof(data); const byte* p = data; byte content[] = "Test data to encode."; #if !defined(NO_RSA) & defined(USE_CERT_BUFFERS_2048) BIO* bio = NULL; byte key[sizeof(client_key_der_2048)]; word32 keySz = (word32)sizeof(key); byte* out = NULL; #endif ExpectIntGT((len = CreatePKCS7SignedData(data, len, content, (word32)sizeof(content), 0, 0, 0, RSA_TYPE)), 0); ExpectNull(pkcs7 = d2i_PKCS7(NULL, NULL, len)); ExpectNull(pkcs7 = d2i_PKCS7(NULL, &p, 0)); ExpectNotNull(pkcs7 = d2i_PKCS7(NULL, &p, len)); ExpectIntEQ(wolfSSL_PKCS7_verify(NULL, NULL, NULL, NULL, NULL, PKCS7_NOVERIFY), WOLFSSL_FAILURE); PKCS7_free(pkcs7); pkcs7 = NULL; /* fail case, without PKCS7_NOVERIFY */ p = data; ExpectNotNull(pkcs7 = d2i_PKCS7(NULL, &p, len)); ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, NULL, NULL, 0), WOLFSSL_FAILURE); PKCS7_free(pkcs7); pkcs7 = NULL; /* success case, with PKCS7_NOVERIFY */ p = data; ExpectNotNull(pkcs7 = d2i_PKCS7(NULL, &p, len)); ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, NULL, NULL, PKCS7_NOVERIFY), WOLFSSL_SUCCESS); #if !defined(NO_RSA) & defined(USE_CERT_BUFFERS_2048) /* test i2d */ XMEMCPY(key, client_key_der_2048, keySz); if (pkcs7 != NULL) { pkcs7->privateKey = key; pkcs7->privateKeySz = (word32)sizeof(key); pkcs7->encryptOID = RSAk; #ifdef NO_SHA pkcs7->hashOID = SHA256h; #else pkcs7->hashOID = SHAh; #endif } ExpectNotNull(bio = BIO_new(BIO_s_mem())); ExpectIntEQ(i2d_PKCS7_bio(bio, pkcs7), 1); #ifndef NO_ASN_TIME ExpectIntEQ(i2d_PKCS7(pkcs7, &out), 655); #else ExpectIntEQ(i2d_PKCS7(pkcs7, &out), 625); #endif XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER); BIO_free(bio); #endif PKCS7_free(NULL); PKCS7_free(pkcs7); #endif return EXPECT_RESULT(); } static int test_wolfSSL_PKCS7_sign(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) && !defined(NO_BIO) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) PKCS7* p7 = NULL; PKCS7* p7Ver = NULL; byte* out = NULL; byte* tmpPtr = NULL; int outLen = 0; int flags = 0; byte data[] = "Test data to encode."; const char* cert = "./certs/server-cert.pem"; const char* key = "./certs/server-key.pem"; const char* ca = "./certs/ca-cert.pem"; WOLFSSL_BIO* certBio = NULL; WOLFSSL_BIO* keyBio = NULL; WOLFSSL_BIO* caBio = NULL; WOLFSSL_BIO* inBio = NULL; X509* signCert = NULL; EVP_PKEY* signKey = NULL; X509* caCert = NULL; X509_STORE* store = NULL; #ifndef NO_PKCS7_STREAM int z; int ret; #endif /* !NO_PKCS7_STREAM */ /* read signer cert/key into BIO */ ExpectNotNull(certBio = BIO_new_file(cert, "r")); ExpectNotNull(keyBio = BIO_new_file(key, "r")); ExpectNotNull(signCert = PEM_read_bio_X509(certBio, NULL, 0, NULL)); ExpectNotNull(signKey = PEM_read_bio_PrivateKey(keyBio, NULL, 0, NULL)); /* read CA cert into store (for verify) */ ExpectNotNull(caBio = BIO_new_file(ca, "r")); ExpectNotNull(caCert = PEM_read_bio_X509(caBio, NULL, 0, NULL)); ExpectNotNull(store = X509_STORE_new()); ExpectIntEQ(X509_STORE_add_cert(store, caCert), 1); /* data to be signed into BIO */ ExpectNotNull(inBio = BIO_new(BIO_s_mem())); ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0); /* PKCS7_sign, bad args: signer NULL */ ExpectNull(p7 = PKCS7_sign(NULL, signKey, NULL, inBio, 0)); /* PKCS7_sign, bad args: signer key NULL */ ExpectNull(p7 = PKCS7_sign(signCert, NULL, NULL, inBio, 0)); /* PKCS7_sign, bad args: in data NULL without PKCS7_STREAM */ ExpectNull(p7 = PKCS7_sign(signCert, signKey, NULL, NULL, 0)); /* PKCS7_sign, bad args: PKCS7_NOCERTS flag not supported */ ExpectNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, PKCS7_NOCERTS)); /* PKCS7_sign, bad args: PKCS7_PARTIAL flag not supported */ ExpectNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, PKCS7_PARTIAL)); /* TEST SUCCESS: Not detached, not streaming, not MIME */ { flags = PKCS7_BINARY; ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags)); ExpectIntGT((outLen = i2d_PKCS7(p7, &out)), 0); /* verify with d2i_PKCS7 */ tmpPtr = out; ExpectNotNull(p7Ver = d2i_PKCS7(NULL, (const byte**)&tmpPtr, outLen)); ExpectIntEQ(PKCS7_verify(p7Ver, NULL, store, NULL, NULL, flags), 1); PKCS7_free(p7Ver); p7Ver = NULL; /* verify with wc_PKCS7_VerifySignedData */ ExpectNotNull(p7Ver = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_Init(p7Ver, HEAP_HINT, INVALID_DEVID), 0); ExpectIntEQ(wc_PKCS7_VerifySignedData(p7Ver, out, outLen), 0); #ifndef NO_PKCS7_STREAM /* verify with wc_PKCS7_VerifySignedData streaming */ wc_PKCS7_Free(p7Ver); p7Ver = NULL; ExpectNotNull(p7Ver = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_Init(p7Ver, HEAP_HINT, INVALID_DEVID), 0); /* test for streaming */ ret = -1; for (z = 0; z < outLen && ret != 0; z++) { ret = wc_PKCS7_VerifySignedData(p7Ver, out + z, 1); if (ret < 0){ ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E); } } ExpectIntEQ(ret, 0); #endif /* !NO_PKCS7_STREAM */ /* compare the signer found to expected signer */ ExpectIntNE(p7Ver->verifyCertSz, 0); tmpPtr = NULL; ExpectIntEQ(i2d_X509(signCert, &tmpPtr), p7Ver->verifyCertSz); ExpectIntEQ(XMEMCMP(tmpPtr, p7Ver->verifyCert, p7Ver->verifyCertSz), 0); XFREE(tmpPtr, NULL, DYNAMIC_TYPE_OPENSSL); tmpPtr = NULL; wc_PKCS7_Free(p7Ver); p7Ver = NULL; ExpectNotNull(out); XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER); out = NULL; PKCS7_free(p7); p7 = NULL; } /* TEST SUCCESS: Not detached, streaming, not MIME. Also bad arg * tests for PKCS7_final() while we have a PKCS7 pointer to use */ { /* re-populate input BIO, may have been consumed */ BIO_free(inBio); inBio = NULL; ExpectNotNull(inBio = BIO_new(BIO_s_mem())); ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0); flags = PKCS7_BINARY | PKCS7_STREAM; ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags)); ExpectIntEQ(PKCS7_final(p7, inBio, flags), 1); ExpectIntGT((outLen = i2d_PKCS7(p7, &out)), 0); /* PKCS7_final, bad args: PKCS7 null */ ExpectIntEQ(PKCS7_final(NULL, inBio, 0), 0); /* PKCS7_final, bad args: PKCS7 null */ ExpectIntEQ(PKCS7_final(p7, NULL, 0), 0); tmpPtr = out; ExpectNotNull(p7Ver = d2i_PKCS7(NULL, (const byte**)&tmpPtr, outLen)); ExpectIntEQ(PKCS7_verify(p7Ver, NULL, store, NULL, NULL, flags), 1); PKCS7_free(p7Ver); p7Ver = NULL; ExpectNotNull(out); XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER); out = NULL; PKCS7_free(p7); p7 = NULL; } /* TEST SUCCESS: Detached, not streaming, not MIME */ { /* re-populate input BIO, may have been consumed */ BIO_free(inBio); inBio = NULL; ExpectNotNull(inBio = BIO_new(BIO_s_mem())); ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0); flags = PKCS7_BINARY | PKCS7_DETACHED; ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags)); ExpectIntGT((outLen = i2d_PKCS7(p7, &out)), 0); /* verify with wolfCrypt, d2i_PKCS7 does not support detached content */ ExpectNotNull(p7Ver = wc_PKCS7_New(HEAP_HINT, testDevId)); if (p7Ver != NULL) { p7Ver->content = data; p7Ver->contentSz = sizeof(data); } ExpectIntEQ(wc_PKCS7_VerifySignedData(p7Ver, out, outLen), 0); wc_PKCS7_Free(p7Ver); p7Ver = NULL; #ifndef NO_PKCS7_STREAM /* verify with wc_PKCS7_VerifySignedData streaming */ ExpectNotNull(p7Ver = wc_PKCS7_New(HEAP_HINT, testDevId)); if (p7Ver != NULL) { p7Ver->content = data; p7Ver->contentSz = sizeof(data); } /* test for streaming */ ret = -1; for (z = 0; z < outLen && ret != 0; z++) { ret = wc_PKCS7_VerifySignedData(p7Ver, out + z, 1); if (ret < 0){ ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E); } } ExpectIntEQ(ret, 0); wc_PKCS7_Free(p7Ver); p7Ver = NULL; #endif /* !NO_PKCS7_STREAM */ /* verify expected failure (NULL return) from d2i_PKCS7, it does not * yet support detached content */ tmpPtr = out; ExpectNull(p7Ver = d2i_PKCS7(NULL, (const byte**)&tmpPtr, outLen)); PKCS7_free(p7Ver); p7Ver = NULL; ExpectNotNull(out); XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER); out = NULL; PKCS7_free(p7); p7 = NULL; } /* TEST SUCCESS: Detached, streaming, not MIME */ { /* re-populate input BIO, may have been consumed */ BIO_free(inBio); inBio = NULL; ExpectNotNull(inBio = BIO_new(BIO_s_mem())); ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0); flags = PKCS7_BINARY | PKCS7_DETACHED | PKCS7_STREAM; ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags)); ExpectIntEQ(PKCS7_final(p7, inBio, flags), 1); ExpectIntGT((outLen = i2d_PKCS7(p7, &out)), 0); /* verify with wolfCrypt, d2i_PKCS7 does not support detached content */ ExpectNotNull(p7Ver = wc_PKCS7_New(HEAP_HINT, testDevId)); if (p7Ver != NULL) { p7Ver->content = data; p7Ver->contentSz = sizeof(data); } ExpectIntEQ(wc_PKCS7_VerifySignedData(p7Ver, out, outLen), 0); wc_PKCS7_Free(p7Ver); p7Ver = NULL; ExpectNotNull(out); #ifndef NO_PKCS7_STREAM /* verify with wc_PKCS7_VerifySignedData streaming */ ExpectNotNull(p7Ver = wc_PKCS7_New(HEAP_HINT, testDevId)); if (p7Ver != NULL) { p7Ver->content = data; p7Ver->contentSz = sizeof(data); } /* test for streaming */ ret = -1; for (z = 0; z < outLen && ret != 0; z++) { ret = wc_PKCS7_VerifySignedData(p7Ver, out + z, 1); if (ret < 0){ ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E); } } ExpectIntEQ(ret, 0); ExpectNotNull(out); wc_PKCS7_Free(p7Ver); p7Ver = NULL; #endif /* !NO_PKCS7_STREAM */ XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER); PKCS7_free(p7); p7 = NULL; } X509_STORE_free(store); X509_free(caCert); X509_free(signCert); EVP_PKEY_free(signKey); BIO_free(inBio); BIO_free(keyBio); BIO_free(certBio); BIO_free(caBio); #endif return EXPECT_RESULT(); } static int test_wolfSSL_PKCS7_SIGNED_new(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) PKCS7_SIGNED* pkcs7 = NULL; ExpectNotNull(pkcs7 = PKCS7_SIGNED_new()); ExpectIntEQ(pkcs7->contentOID, SIGNED_DATA); PKCS7_SIGNED_free(pkcs7); #endif return EXPECT_RESULT(); } #ifndef NO_BIO static int test_wolfSSL_PEM_write_bio_PKCS7(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) PKCS7* pkcs7 = NULL; BIO* bio = NULL; const byte* cert_buf = NULL; int ret = 0; WC_RNG rng; const byte data[] = { /* Hello World */ 0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f, 0x72,0x6c,0x64 }; #ifndef NO_RSA #if defined(USE_CERT_BUFFERS_2048) byte key[sizeof(client_key_der_2048)]; byte cert[sizeof(client_cert_der_2048)]; word32 keySz = (word32)sizeof(key); word32 certSz = (word32)sizeof(cert); XMEMSET(key, 0, keySz); XMEMSET(cert, 0, certSz); XMEMCPY(key, client_key_der_2048, keySz); XMEMCPY(cert, client_cert_der_2048, certSz); #elif defined(USE_CERT_BUFFERS_1024) byte key[sizeof_client_key_der_1024]; byte cert[sizeof(sizeof_client_cert_der_1024)]; word32 keySz = (word32)sizeof(key); word32 certSz = (word32)sizeof(cert); XMEMSET(key, 0, keySz); XMEMSET(cert, 0, certSz); XMEMCPY(key, client_key_der_1024, keySz); XMEMCPY(cert, client_cert_der_1024, certSz); #else unsigned char cert[ONEK_BUF]; unsigned char key[ONEK_BUF]; XFILE fp = XBADFILE; int certSz; int keySz; ExpectTrue((fp = XFOPEN("./certs/1024/client-cert.der", "rb")) != XBADFILE); ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024, fp), 0); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } ExpectTrue((fp = XFOPEN("./certs/1024/client-key.der", "rb")) != XBADFILE); ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_client_key_der_1024, fp), 0); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } #endif #elif defined(HAVE_ECC) #if defined(USE_CERT_BUFFERS_256) unsigned char cert[sizeof(cliecc_cert_der_256)]; unsigned char key[sizeof(ecc_clikey_der_256)]; int certSz = (int)sizeof(cert); int keySz = (int)sizeof(key); XMEMSET(cert, 0, certSz); XMEMSET(key, 0, keySz); XMEMCPY(cert, cliecc_cert_der_256, sizeof_cliecc_cert_der_256); XMEMCPY(key, ecc_clikey_der_256, sizeof_ecc_clikey_der_256); #else unsigned char cert[ONEK_BUF]; unsigned char key[ONEK_BUF]; XFILE fp = XBADFILE; int certSz, keySz; ExpectTrue((fp = XFOPEN("./certs/client-ecc-cert.der", "rb")) != XBADFILE); ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_cliecc_cert_der_256, fp), 0); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } ExpectTrue((fp = XFOPEN("./certs/client-ecc-key.der", "rb")) != XBADFILE); ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_ecc_clikey_der_256, fp), 0); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } #endif #else #error PKCS7 requires ECC or RSA #endif ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); /* initialize with DER encoded cert */ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)cert, (word32)certSz), 0); /* init rng */ XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_InitRng(&rng), 0); if (pkcs7 != NULL) { pkcs7->rng = &rng; pkcs7->content = (byte*)data; /* not used for ex */ pkcs7->contentSz = (word32)sizeof(data); pkcs7->contentOID = SIGNED_DATA; pkcs7->privateKey = key; pkcs7->privateKeySz = (word32)sizeof(key); pkcs7->encryptOID = RSAk; #ifdef NO_SHA pkcs7->hashOID = SHA256h; #else pkcs7->hashOID = SHAh; #endif pkcs7->signedAttribs = NULL; pkcs7->signedAttribsSz = 0; } ExpectNotNull(bio = BIO_new(BIO_s_mem())); /* Write PKCS#7 PEM to BIO, the function converts the DER to PEM cert*/ ExpectIntEQ(PEM_write_bio_PKCS7(bio, pkcs7), WOLFSSL_SUCCESS); /* Read PKCS#7 PEM from BIO */ ret = wolfSSL_BIO_get_mem_data(bio, &cert_buf); ExpectIntGE(ret, 0); BIO_free(bio); wc_PKCS7_Free(pkcs7); wc_FreeRng(&rng); #endif return EXPECT_RESULT(); } #ifdef HAVE_SMIME static int test_wolfSSL_SMIME_read_PKCS7(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && \ !defined(NO_RSA) PKCS7* pkcs7 = NULL; BIO* bio = NULL; BIO* bcont = NULL; BIO* out = NULL; const byte* outBuf = NULL; int outBufLen = 0; static const char contTypeText[] = "Content-Type: text/plain\r\n\r\n"; XFILE smimeTestFile = XBADFILE; ExpectTrue((smimeTestFile = XFOPEN("./certs/test/smime-test.p7s", "r")) != XBADFILE); /* smime-test.p7s */ bio = wolfSSL_BIO_new(wolfSSL_BIO_s_file()); ExpectNotNull(bio); ExpectIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS); pkcs7 = wolfSSL_SMIME_read_PKCS7(bio, &bcont); ExpectNotNull(pkcs7); ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL, PKCS7_NOVERIFY), SSL_SUCCESS); XFCLOSE(smimeTestFile); if (bcont) BIO_free(bcont); bcont = NULL; wolfSSL_PKCS7_free(pkcs7); pkcs7 = NULL; /* smime-test-multipart.p7s */ smimeTestFile = XFOPEN("./certs/test/smime-test-multipart.p7s", "r"); ExpectIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS); pkcs7 = wolfSSL_SMIME_read_PKCS7(bio, &bcont); ExpectNotNull(pkcs7); ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL, PKCS7_NOVERIFY), SSL_SUCCESS); XFCLOSE(smimeTestFile); if (bcont) BIO_free(bcont); bcont = NULL; wolfSSL_PKCS7_free(pkcs7); pkcs7 = NULL; /* smime-test-multipart-badsig.p7s */ smimeTestFile = XFOPEN("./certs/test/smime-test-multipart-badsig.p7s", "r"); ExpectIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS); pkcs7 = wolfSSL_SMIME_read_PKCS7(bio, &bcont); ExpectNotNull(pkcs7); /* can read in the unverified smime bundle */ ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL, PKCS7_NOVERIFY), SSL_FAILURE); XFCLOSE(smimeTestFile); if (bcont) BIO_free(bcont); bcont = NULL; wolfSSL_PKCS7_free(pkcs7); pkcs7 = NULL; /* smime-test-canon.p7s */ smimeTestFile = XFOPEN("./certs/test/smime-test-canon.p7s", "r"); ExpectIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS); pkcs7 = wolfSSL_SMIME_read_PKCS7(bio, &bcont); ExpectNotNull(pkcs7); ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL, PKCS7_NOVERIFY), SSL_SUCCESS); XFCLOSE(smimeTestFile); if (bcont) BIO_free(bcont); bcont = NULL; wolfSSL_PKCS7_free(pkcs7); pkcs7 = NULL; /* Test PKCS7_TEXT, PKCS7_verify() should remove Content-Type: text/plain */ smimeTestFile = XFOPEN("./certs/test/smime-test-canon.p7s", "r"); ExpectIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS); pkcs7 = wolfSSL_SMIME_read_PKCS7(bio, &bcont); ExpectNotNull(pkcs7); out = wolfSSL_BIO_new(BIO_s_mem()); ExpectNotNull(out); ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, out, PKCS7_NOVERIFY | PKCS7_TEXT), SSL_SUCCESS); ExpectIntGT((outBufLen = BIO_get_mem_data(out, &outBuf)), 0); /* Content-Type should not show up at beginning of output buffer */ ExpectIntGT(outBufLen, XSTRLEN(contTypeText)); ExpectIntGT(XMEMCMP(outBuf, contTypeText, XSTRLEN(contTypeText)), 0); BIO_free(out); BIO_free(bio); if (bcont) BIO_free(bcont); wolfSSL_PKCS7_free(pkcs7); #endif return EXPECT_RESULT(); } static int test_wolfSSL_SMIME_write_PKCS7(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) && !defined(NO_RSA) PKCS7* p7 = NULL; PKCS7* p7Ver = NULL; int flags = 0; byte data[] = "Test data to encode."; const char* cert = "./certs/server-cert.pem"; const char* key = "./certs/server-key.pem"; const char* ca = "./certs/ca-cert.pem"; WOLFSSL_BIO* certBio = NULL; WOLFSSL_BIO* keyBio = NULL; WOLFSSL_BIO* caBio = NULL; WOLFSSL_BIO* inBio = NULL; WOLFSSL_BIO* outBio = NULL; WOLFSSL_BIO* content = NULL; X509* signCert = NULL; EVP_PKEY* signKey = NULL; X509* caCert = NULL; X509_STORE* store = NULL; /* read signer cert/key into BIO */ ExpectNotNull(certBio = BIO_new_file(cert, "r")); ExpectNotNull(keyBio = BIO_new_file(key, "r")); ExpectNotNull(signCert = PEM_read_bio_X509(certBio, NULL, 0, NULL)); ExpectNotNull(signKey = PEM_read_bio_PrivateKey(keyBio, NULL, 0, NULL)); /* read CA cert into store (for verify) */ ExpectNotNull(caBio = BIO_new_file(ca, "r")); ExpectNotNull(caCert = PEM_read_bio_X509(caBio, NULL, 0, NULL)); ExpectNotNull(store = X509_STORE_new()); ExpectIntEQ(X509_STORE_add_cert(store, caCert), 1); /* generate and verify SMIME: not detached */ { ExpectNotNull(inBio = BIO_new(BIO_s_mem())); ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0); flags = PKCS7_STREAM; ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags)); ExpectNotNull(outBio = BIO_new(BIO_s_mem())); ExpectIntEQ(SMIME_write_PKCS7(outBio, p7, inBio, flags), 1); /* bad arg: out NULL */ ExpectIntEQ(SMIME_write_PKCS7(NULL, p7, inBio, flags), 0); /* bad arg: pkcs7 NULL */ ExpectIntEQ(SMIME_write_PKCS7(outBio, NULL, inBio, flags), 0); ExpectNotNull(p7Ver = SMIME_read_PKCS7(outBio, &content)); ExpectIntEQ(PKCS7_verify(p7Ver, NULL, store, NULL, NULL, flags), 1); BIO_free(content); content = NULL; BIO_free(inBio); inBio = NULL; BIO_free(outBio); outBio = NULL; PKCS7_free(p7Ver); p7Ver = NULL; PKCS7_free(p7); p7 = NULL; } /* generate and verify SMIME: not detached, add Content-Type */ { ExpectNotNull(inBio = BIO_new(BIO_s_mem())); ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0); flags = PKCS7_STREAM | PKCS7_TEXT; ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags)); ExpectNotNull(outBio = BIO_new(BIO_s_mem())); ExpectIntEQ(SMIME_write_PKCS7(outBio, p7, inBio, flags), 1); ExpectNotNull(p7Ver = SMIME_read_PKCS7(outBio, &content)); ExpectIntEQ(PKCS7_verify(p7Ver, NULL, store, NULL, NULL, flags), 1); BIO_free(content); content = NULL; BIO_free(inBio); inBio = NULL; BIO_free(outBio); outBio = NULL; PKCS7_free(p7Ver); p7Ver = NULL; PKCS7_free(p7); p7 = NULL; } /* generate and verify SMIME: detached */ { ExpectNotNull(inBio = BIO_new(BIO_s_mem())); ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0); flags = PKCS7_DETACHED | PKCS7_STREAM; ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags)); ExpectNotNull(outBio = BIO_new(BIO_s_mem())); ExpectIntEQ(SMIME_write_PKCS7(outBio, p7, inBio, flags), 1); ExpectNotNull(p7Ver = SMIME_read_PKCS7(outBio, &content)); ExpectIntEQ(PKCS7_verify(p7Ver, NULL, store, content, NULL, flags), 1); BIO_free(content); content = NULL; BIO_free(inBio); inBio = NULL; BIO_free(outBio); outBio = NULL; PKCS7_free(p7Ver); p7Ver = NULL; PKCS7_free(p7); p7 = NULL; } /* generate and verify SMIME: PKCS7_TEXT to add Content-Type header */ { ExpectNotNull(inBio = BIO_new(BIO_s_mem())); ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0); flags = PKCS7_STREAM | PKCS7_DETACHED | PKCS7_TEXT; ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags)); ExpectNotNull(outBio = BIO_new(BIO_s_mem())); ExpectIntEQ(SMIME_write_PKCS7(outBio, p7, inBio, flags), 1); ExpectNotNull(p7Ver = SMIME_read_PKCS7(outBio, &content)); ExpectIntEQ(PKCS7_verify(p7Ver, NULL, store, content, NULL, flags), 1); BIO_free(content); content = NULL; BIO_free(inBio); inBio = NULL; BIO_free(outBio); outBio = NULL; PKCS7_free(p7Ver); p7Ver = NULL; PKCS7_free(p7); p7 = NULL; } X509_STORE_free(store); X509_free(caCert); X509_free(signCert); EVP_PKEY_free(signKey); BIO_free(keyBio); BIO_free(certBio); BIO_free(caBio); #endif return EXPECT_RESULT(); } #endif /* HAVE_SMIME */ #endif /* !NO_BIO */ /* Test of X509 store use outside of SSL context w/ CRL lookup (ALWAYS * returns 0) */ static int test_X509_STORE_No_SSL_CTX(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && defined(WOLFSSL_CERT_GEN) && \ (defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && \ !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR) && \ (defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)) && \ defined(HAVE_CRL) && !defined(NO_RSA) X509_STORE * store = NULL; X509_STORE_CTX * storeCtx = NULL; X509_CRL * crl = NULL; X509 * ca = NULL; X509 * cert = NULL; const char cliCrlPem[] = "./certs/crl/cliCrl.pem"; const char srvCert[] = "./certs/server-cert.pem"; const char caCert[] = "./certs/ca-cert.pem"; const char caDir[] = "./certs/crl/hash_pem"; XFILE fp = XBADFILE; X509_LOOKUP * lookup = NULL; ExpectNotNull(store = (X509_STORE *)X509_STORE_new()); /* Set up store with CA */ ExpectNotNull((ca = wolfSSL_X509_load_certificate_file(caCert, SSL_FILETYPE_PEM))); ExpectIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS); /* Add CRL lookup directory to store * NOTE: test uses ./certs/crl/hash_pem/0fdb2da4.r0, which is a copy * of crl.pem */ ExpectNotNull((lookup = X509_STORE_add_lookup(store, X509_LOOKUP_hash_dir()))); ExpectIntEQ(X509_LOOKUP_ctrl(lookup, X509_L_ADD_DIR, caDir, X509_FILETYPE_PEM, NULL), SSL_SUCCESS); ExpectIntEQ(X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK), SSL_SUCCESS); /* Add CRL to store NOT containing the verified certificate, which * forces use of the CRL lookup directory */ ExpectTrue((fp = XFOPEN(cliCrlPem, "rb")) != XBADFILE); ExpectNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL, NULL, NULL)); if (fp != XBADFILE) XFCLOSE(fp); ExpectIntEQ(X509_STORE_add_crl(store, crl), SSL_SUCCESS); /* Create verification context outside of an SSL session */ ExpectNotNull((storeCtx = X509_STORE_CTX_new())); ExpectNotNull((cert = wolfSSL_X509_load_certificate_file(srvCert, SSL_FILETYPE_PEM))); ExpectIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS); /* Perform verification, which should NOT indicate CRL missing due to the * store CM's X509 store pointer being NULL */ ExpectIntNE(X509_verify_cert(storeCtx), CRL_MISSING); X509_CRL_free(crl); X509_STORE_free(store); X509_STORE_CTX_free(storeCtx); X509_free(cert); X509_free(ca); #endif return EXPECT_RESULT(); } /* Test of X509 store use outside of SSL context w/ CRL lookup, but * with X509_LOOKUP_add_dir and X509_FILETYPE_ASN1. */ static int test_X509_LOOKUP_add_dir(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && defined(WOLFSSL_CERT_GEN) && \ (defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && \ !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR) && \ (defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)) && \ defined(HAVE_CRL) && !defined(NO_RSA) X509_STORE * store = NULL; X509_STORE_CTX * storeCtx = NULL; X509_CRL * crl = NULL; X509 * ca = NULL; X509 * cert = NULL; const char cliCrlPem[] = "./certs/crl/cliCrl.pem"; const char srvCert[] = "./certs/server-cert.pem"; const char caCert[] = "./certs/ca-cert.pem"; const char caDir[] = "./certs/crl/hash_der"; XFILE fp = XBADFILE; X509_LOOKUP * lookup = NULL; ExpectNotNull(store = (X509_STORE *)X509_STORE_new()); /* Set up store with CA */ ExpectNotNull((ca = wolfSSL_X509_load_certificate_file(caCert, SSL_FILETYPE_PEM))); ExpectIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS); /* Add CRL lookup directory to store. * Test uses ./certs/crl/hash_der/0fdb2da4.r0, which is a copy * of crl.der */ ExpectNotNull((lookup = X509_STORE_add_lookup(store, X509_LOOKUP_hash_dir()))); ExpectIntEQ(X509_LOOKUP_add_dir(lookup, caDir, X509_FILETYPE_ASN1), SSL_SUCCESS); ExpectIntEQ(X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK), SSL_SUCCESS); /* Add CRL to store NOT containing the verified certificate, which * forces use of the CRL lookup directory */ ExpectTrue((fp = XFOPEN(cliCrlPem, "rb")) != XBADFILE); ExpectNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL, NULL, NULL)); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } ExpectIntEQ(X509_STORE_add_crl(store, crl), SSL_SUCCESS); /* Create verification context outside of an SSL session */ ExpectNotNull((storeCtx = X509_STORE_CTX_new())); ExpectNotNull((cert = wolfSSL_X509_load_certificate_file(srvCert, SSL_FILETYPE_PEM))); ExpectIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS); /* Perform verification, which should NOT return CRL missing */ ExpectIntNE(X509_verify_cert(storeCtx), CRL_MISSING); X509_CRL_free(crl); crl = NULL; X509_STORE_free(store); store = NULL; X509_STORE_CTX_free(storeCtx); storeCtx = NULL; X509_free(cert); cert = NULL; X509_free(ca); ca = NULL; /* Now repeat the same, but look for X509_FILETYPE_PEM. * We should get CRL_MISSING at the end, because the lookup * dir has only ASN1 CRLs. */ ExpectNotNull(store = (X509_STORE *)X509_STORE_new()); ExpectNotNull((ca = wolfSSL_X509_load_certificate_file(caCert, SSL_FILETYPE_PEM))); ExpectIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS); ExpectNotNull((lookup = X509_STORE_add_lookup(store, X509_LOOKUP_hash_dir()))); ExpectIntEQ(X509_LOOKUP_add_dir(lookup, caDir, X509_FILETYPE_PEM), SSL_SUCCESS); ExpectIntEQ(X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK), SSL_SUCCESS); ExpectTrue((fp = XFOPEN(cliCrlPem, "rb")) != XBADFILE); ExpectNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL, NULL, NULL)); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } ExpectIntEQ(X509_STORE_add_crl(store, crl), SSL_SUCCESS); ExpectNotNull((storeCtx = X509_STORE_CTX_new())); ExpectNotNull((cert = wolfSSL_X509_load_certificate_file(srvCert, SSL_FILETYPE_PEM))); ExpectIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS); /* Now we SHOULD get CRL_MISSING, because we looked for PEM * in dir containing only ASN1/DER. */ ExpectIntEQ(X509_verify_cert(storeCtx), WOLFSSL_FAILURE); ExpectIntEQ(X509_STORE_CTX_get_error(storeCtx), CRL_MISSING); X509_CRL_free(crl); X509_STORE_free(store); X509_STORE_CTX_free(storeCtx); X509_free(cert); X509_free(ca); #endif return EXPECT_RESULT(); } /*----------------------------------------------------------------------------* | Certificate Failure Checks *----------------------------------------------------------------------------*/ #if !defined(NO_CERTS) && (!defined(NO_WOLFSSL_CLIENT) || \ !defined(WOLFSSL_NO_CLIENT_AUTH)) && !defined(NO_FILESYSTEM) #if !defined(NO_RSA) || defined(HAVE_ECC) /* Use the Cert Manager(CM) API to generate the error ASN_SIG_CONFIRM_E */ static int verify_sig_cm(const char* ca, byte* cert_buf, size_t cert_sz, int type) { int ret; WOLFSSL_CERT_MANAGER* cm = NULL; switch (type) { case TESTING_RSA: #ifdef NO_RSA fprintf(stderr, "RSA disabled, skipping test\n"); return ASN_SIG_CONFIRM_E; #else break; #endif case TESTING_ECC: #ifndef HAVE_ECC fprintf(stderr, "ECC disabled, skipping test\n"); return ASN_SIG_CONFIRM_E; #else break; #endif default: fprintf(stderr, "Bad function argument\n"); return BAD_FUNC_ARG; } cm = wolfSSL_CertManagerNew(); if (cm == NULL) { fprintf(stderr, "wolfSSL_CertManagerNew failed\n"); return -1; } #ifndef NO_FILESYSTEM ret = wolfSSL_CertManagerLoadCA(cm, ca, 0); if (ret != WOLFSSL_SUCCESS) { fprintf(stderr, "wolfSSL_CertManagerLoadCA failed\n"); wolfSSL_CertManagerFree(cm); return ret; } #else (void)ca; #endif ret = wolfSSL_CertManagerVerifyBuffer(cm, cert_buf, cert_sz, WOLFSSL_FILETYPE_ASN1); /* Let ExpectIntEQ handle return code */ wolfSSL_CertManagerFree(cm); return ret; } #endif #if !defined(NO_FILESYSTEM) static int test_RsaSigFailure_cm(void) { EXPECT_DECLS; #ifndef NO_RSA const char* ca_cert = "./certs/ca-cert.pem"; const char* server_cert = "./certs/server-cert.der"; byte* cert_buf = NULL; size_t cert_sz = 0; ExpectIntEQ(load_file(server_cert, &cert_buf, &cert_sz), 0); if (cert_buf != NULL) { /* corrupt DER - invert last byte, which is signature */ cert_buf[cert_sz-1] = ~cert_buf[cert_sz-1]; /* test bad cert */ #if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER) ExpectIntEQ(verify_sig_cm(ca_cert, cert_buf, cert_sz, TESTING_RSA), WOLFSSL_FATAL_ERROR); #else ExpectIntEQ(verify_sig_cm(ca_cert, cert_buf, cert_sz, TESTING_RSA), ASN_SIG_CONFIRM_E); #endif } /* load_file() uses malloc. */ if (cert_buf != NULL) { free(cert_buf); } #endif /* !NO_RSA */ return EXPECT_RESULT(); } static int test_EccSigFailure_cm(void) { EXPECT_DECLS; #ifdef HAVE_ECC /* self-signed ECC cert, so use server cert as CA */ const char* ca_cert = "./certs/ca-ecc-cert.pem"; const char* server_cert = "./certs/server-ecc.der"; byte* cert_buf = NULL; size_t cert_sz = 0; ExpectIntEQ(load_file(server_cert, &cert_buf, &cert_sz), 0); if (cert_buf != NULL) { /* corrupt DER - invert last byte, which is signature */ cert_buf[cert_sz-1] = ~cert_buf[cert_sz-1]; /* test bad cert */ #if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER) ExpectIntEQ(verify_sig_cm(ca_cert, cert_buf, cert_sz, TESTING_ECC), WOLFSSL_FATAL_ERROR); #else ExpectIntEQ(verify_sig_cm(ca_cert, cert_buf, cert_sz, TESTING_ECC), ASN_SIG_CONFIRM_E); #endif } /* load_file() uses malloc. */ if (cert_buf != NULL) { free(cert_buf); } #ifdef FP_ECC wc_ecc_fp_free(); #endif #endif /* HAVE_ECC */ return EXPECT_RESULT(); } #endif /* !NO_FILESYSTEM */ #endif /* NO_CERTS */ #ifdef WOLFSSL_TLS13 #if defined(WOLFSSL_SEND_HRR_COOKIE) && !defined(NO_WOLFSSL_SERVER) #ifdef WC_SHA384_DIGEST_SIZE static byte fixedKey[WC_SHA384_DIGEST_SIZE] = { 0, }; #else static byte fixedKey[WC_SHA256_DIGEST_SIZE] = { 0, }; #endif #endif #ifdef WOLFSSL_EARLY_DATA static const char earlyData[] = "Early Data"; static char earlyDataBuffer[1]; #endif static int test_tls13_apis(void) { EXPECT_DECLS; int ret; #ifndef WOLFSSL_NO_TLS12 #ifndef NO_WOLFSSL_CLIENT WOLFSSL_CTX* clientTls12Ctx = NULL; WOLFSSL* clientTls12Ssl = NULL; #endif #ifndef NO_WOLFSSL_SERVER WOLFSSL_CTX* serverTls12Ctx = NULL; WOLFSSL* serverTls12Ssl = NULL; #endif #endif #ifndef NO_WOLFSSL_CLIENT WOLFSSL_CTX* clientCtx = NULL; WOLFSSL* clientSsl = NULL; #endif #ifndef NO_WOLFSSL_SERVER WOLFSSL_CTX* serverCtx = NULL; WOLFSSL* serverSsl = NULL; #if !defined(NO_CERTS) && !defined(NO_FILESYSTEM) const char* ourCert = svrCertFile; const char* ourKey = svrKeyFile; #endif #endif int required; #ifdef WOLFSSL_EARLY_DATA int outSz; #endif #if defined(HAVE_ECC) && defined(HAVE_SUPPORTED_CURVES) int groups[2] = { WOLFSSL_ECC_SECP256R1, #ifdef HAVE_PQC WOLFSSL_KYBER_LEVEL1 #else WOLFSSL_ECC_SECP256R1 #endif }; #if !defined(NO_WOLFSSL_SERVER) || !defined(NO_WOLFSSL_CLIENT) int bad_groups[2] = { 0xDEAD, 0xBEEF }; #endif /* !NO_WOLFSSL_SERVER || !NO_WOLFSSL_CLIENT */ int numGroups = 2; #endif #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) char groupList[] = #ifndef NO_ECC_SECP #if (defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 521 "P-521:" #endif #if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 384 "P-384:" #endif #if (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 256 "P-256" #if defined(HAVE_PQC) && defined(HAVE_LIBOQS) ":P256_KYBER_LEVEL1" #endif #endif #endif /* !defined(NO_ECC_SECP) */ #ifdef HAVE_PQC ":KYBER_LEVEL1" #endif ""; #endif /* defined(OPENSSL_EXTRA) && defined(HAVE_ECC) */ (void)ret; #ifndef WOLFSSL_NO_TLS12 #ifndef NO_WOLFSSL_CLIENT clientTls12Ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()); clientTls12Ssl = wolfSSL_new(clientTls12Ctx); #endif #ifndef NO_WOLFSSL_SERVER serverTls12Ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method()); #if !defined(NO_CERTS) && !defined(NO_FILESYSTEM) wolfSSL_CTX_use_certificate_chain_file(serverTls12Ctx, ourCert); wolfSSL_CTX_use_PrivateKey_file(serverTls12Ctx, ourKey, WOLFSSL_FILETYPE_PEM); #endif serverTls12Ssl = wolfSSL_new(serverTls12Ctx); #endif #endif #ifndef NO_WOLFSSL_CLIENT clientCtx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()); clientSsl = wolfSSL_new(clientCtx); #endif #ifndef NO_WOLFSSL_SERVER serverCtx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()); #if !defined(NO_CERTS) && !defined(NO_FILESYSTEM) wolfSSL_CTX_use_certificate_chain_file(serverCtx, ourCert); wolfSSL_CTX_use_PrivateKey_file(serverCtx, ourKey, WOLFSSL_FILETYPE_PEM); #endif serverSsl = wolfSSL_new(serverCtx); ExpectNotNull(serverSsl); #endif #ifdef WOLFSSL_SEND_HRR_COOKIE ExpectIntEQ(wolfSSL_send_hrr_cookie(NULL, NULL, 0), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_CLIENT ExpectIntEQ(wolfSSL_send_hrr_cookie(clientSsl, NULL, 0), SIDE_ERROR); #endif #ifndef NO_WOLFSSL_SERVER #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_send_hrr_cookie(serverTls12Ssl, NULL, 0), BAD_FUNC_ARG); #endif ExpectIntEQ(wolfSSL_send_hrr_cookie(serverSsl, NULL, 0), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_send_hrr_cookie(serverSsl, fixedKey, sizeof(fixedKey)), WOLFSSL_SUCCESS); #endif #endif #ifdef HAVE_SUPPORTED_CURVES #ifdef HAVE_ECC ExpectIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_SECP256R1), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_SERVER do { ret = wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_SECP256R1); #ifdef WOLFSSL_ASYNC_CRYPT if (ret == WC_PENDING_E) wolfSSL_AsyncPoll(serverSsl, WOLF_POLL_FLAG_CHECK_HW); #endif } while (ret == WC_PENDING_E); ExpectIntEQ(ret, WOLFSSL_SUCCESS); #endif #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 do { ret = wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_SECP256R1); #ifdef WOLFSSL_ASYNC_CRYPT if (ret == WC_PENDING_E) wolfSSL_AsyncPoll(clientTls12Ssl, WOLF_POLL_FLAG_CHECK_HW); #endif } while (ret == WC_PENDING_E); ExpectIntEQ(ret, WOLFSSL_SUCCESS); #endif do { ret = wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_SECP256R1); #ifdef WOLFSSL_ASYNC_CRYPT if (ret == WC_PENDING_E) wolfSSL_AsyncPoll(clientSsl, WOLF_POLL_FLAG_CHECK_HW); #endif } while (ret == WC_PENDING_E); ExpectIntEQ(ret, WOLFSSL_SUCCESS); #endif #elif defined(HAVE_CURVE25519) ExpectIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_X25519), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_SERVER ExpectIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_X25519), WOLFSSL_SUCCESS); #endif #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_X25519), WOLFSSL_SUCCESS); #endif ExpectIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_X25519), WOLFSSL_SUCCESS); #endif #elif defined(HAVE_CURVE448) ExpectIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_X448), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_SERVER ExpectIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_X448), WOLFSSL_SUCCESS); #endif #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_X448), WOLFSSL_SUCCESS); #endif ExpectIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_X448), WOLFSSL_SUCCESS); #endif #else ExpectIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_SECP256R1), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_SECP256R1), NOT_COMPILED_IN); #endif ExpectIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_SECP256R1), NOT_COMPILED_IN); #endif #endif #if defined(HAVE_PQC) ExpectIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_KYBER_LEVEL3), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_SERVER ExpectIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_KYBER_LEVEL3), WOLFSSL_SUCCESS); #endif #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_KYBER_LEVEL3), BAD_FUNC_ARG); #endif ExpectIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_KYBER_LEVEL3), WOLFSSL_SUCCESS); #endif #endif ExpectIntEQ(wolfSSL_NoKeyShares(NULL), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_SERVER ExpectIntEQ(wolfSSL_NoKeyShares(serverSsl), SIDE_ERROR); #endif #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_NoKeyShares(clientTls12Ssl), WOLFSSL_SUCCESS); #endif ExpectIntEQ(wolfSSL_NoKeyShares(clientSsl), WOLFSSL_SUCCESS); #endif #endif /* HAVE_SUPPORTED_CURVES */ ExpectIntEQ(wolfSSL_CTX_no_ticket_TLSv13(NULL), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_CLIENT ExpectIntEQ(wolfSSL_CTX_no_ticket_TLSv13(clientCtx), SIDE_ERROR); #endif #ifndef NO_WOLFSSL_SERVER #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_CTX_no_ticket_TLSv13(serverTls12Ctx), BAD_FUNC_ARG); #endif ExpectIntEQ(wolfSSL_CTX_no_ticket_TLSv13(serverCtx), 0); #endif ExpectIntEQ(wolfSSL_no_ticket_TLSv13(NULL), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_CLIENT ExpectIntEQ(wolfSSL_no_ticket_TLSv13(clientSsl), SIDE_ERROR); #endif #ifndef NO_WOLFSSL_SERVER #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_no_ticket_TLSv13(serverTls12Ssl), BAD_FUNC_ARG); #endif ExpectIntEQ(wolfSSL_no_ticket_TLSv13(serverSsl), 0); #endif ExpectIntEQ(wolfSSL_CTX_no_dhe_psk(NULL), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_CTX_no_dhe_psk(clientTls12Ctx), BAD_FUNC_ARG); #endif ExpectIntEQ(wolfSSL_CTX_no_dhe_psk(clientCtx), 0); #endif #ifndef NO_WOLFSSL_SERVER ExpectIntEQ(wolfSSL_CTX_no_dhe_psk(serverCtx), 0); #endif ExpectIntEQ(wolfSSL_no_dhe_psk(NULL), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_no_dhe_psk(clientTls12Ssl), BAD_FUNC_ARG); #endif ExpectIntEQ(wolfSSL_no_dhe_psk(clientSsl), 0); #endif #ifndef NO_WOLFSSL_SERVER ExpectIntEQ(wolfSSL_no_dhe_psk(serverSsl), 0); #endif ExpectIntEQ(wolfSSL_update_keys(NULL), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_update_keys(clientTls12Ssl), BAD_FUNC_ARG); #endif ExpectIntEQ(wolfSSL_update_keys(clientSsl), BUILD_MSG_ERROR); #endif #ifndef NO_WOLFSSL_SERVER ExpectIntEQ(wolfSSL_update_keys(serverSsl), BUILD_MSG_ERROR); #endif ExpectIntEQ(wolfSSL_key_update_response(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_key_update_response(NULL, &required), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_key_update_response(clientTls12Ssl, &required), BAD_FUNC_ARG); #endif ExpectIntEQ(wolfSSL_key_update_response(clientSsl, NULL), BAD_FUNC_ARG); #endif #ifndef NO_WOLFSSL_SERVER ExpectIntEQ(wolfSSL_key_update_response(serverSsl, NULL), BAD_FUNC_ARG); #endif #if !defined(NO_CERTS) && defined(WOLFSSL_POST_HANDSHAKE_AUTH) ExpectIntEQ(wolfSSL_CTX_allow_post_handshake_auth(NULL), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_SERVER ExpectIntEQ(wolfSSL_CTX_allow_post_handshake_auth(serverCtx), SIDE_ERROR); #endif #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_CTX_allow_post_handshake_auth(clientTls12Ctx), BAD_FUNC_ARG); #endif ExpectIntEQ(wolfSSL_CTX_allow_post_handshake_auth(clientCtx), 0); #endif ExpectIntEQ(wolfSSL_allow_post_handshake_auth(NULL), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_SERVER ExpectIntEQ(wolfSSL_allow_post_handshake_auth(serverSsl), SIDE_ERROR); #endif #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_allow_post_handshake_auth(clientTls12Ssl), BAD_FUNC_ARG); #endif ExpectIntEQ(wolfSSL_allow_post_handshake_auth(clientSsl), 0); #endif ExpectIntEQ(wolfSSL_request_certificate(NULL), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_CLIENT ExpectIntEQ(wolfSSL_request_certificate(clientSsl), SIDE_ERROR); #endif #ifndef NO_WOLFSSL_SERVER #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_request_certificate(serverTls12Ssl), BAD_FUNC_ARG); #endif ExpectIntEQ(wolfSSL_request_certificate(serverSsl), NOT_READY_ERROR); #endif #endif #ifdef HAVE_ECC #ifndef WOLFSSL_NO_SERVER_GROUPS_EXT ExpectIntEQ(wolfSSL_preferred_group(NULL), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_SERVER ExpectIntEQ(wolfSSL_preferred_group(serverSsl), SIDE_ERROR); #endif #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_preferred_group(clientTls12Ssl), BAD_FUNC_ARG); #endif ExpectIntEQ(wolfSSL_preferred_group(clientSsl), NOT_READY_ERROR); #endif #endif #ifdef HAVE_SUPPORTED_CURVES ExpectIntEQ(wolfSSL_CTX_set_groups(NULL, NULL, 0), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_CLIENT ExpectIntEQ(wolfSSL_CTX_set_groups(clientCtx, NULL, 0), BAD_FUNC_ARG); #endif ExpectIntEQ(wolfSSL_CTX_set_groups(NULL, groups, numGroups), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_CTX_set_groups(clientTls12Ctx, groups, numGroups), BAD_FUNC_ARG); #endif ExpectIntEQ(wolfSSL_CTX_set_groups(clientCtx, groups, WOLFSSL_MAX_GROUP_COUNT + 1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_set_groups(clientCtx, groups, numGroups), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_set_groups(clientCtx, bad_groups, numGroups), BAD_FUNC_ARG); #endif #ifndef NO_WOLFSSL_SERVER ExpectIntEQ(wolfSSL_CTX_set_groups(serverCtx, groups, numGroups), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_set_groups(serverCtx, bad_groups, numGroups), BAD_FUNC_ARG); #endif ExpectIntEQ(wolfSSL_set_groups(NULL, NULL, 0), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_CLIENT ExpectIntEQ(wolfSSL_set_groups(clientSsl, NULL, 0), BAD_FUNC_ARG); #endif ExpectIntEQ(wolfSSL_set_groups(NULL, groups, numGroups), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_set_groups(clientTls12Ssl, groups, numGroups), BAD_FUNC_ARG); #endif ExpectIntEQ(wolfSSL_set_groups(clientSsl, groups, WOLFSSL_MAX_GROUP_COUNT + 1), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_set_groups(clientSsl, groups, numGroups), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_set_groups(clientSsl, bad_groups, numGroups), BAD_FUNC_ARG); #endif #ifndef NO_WOLFSSL_SERVER ExpectIntEQ(wolfSSL_set_groups(serverSsl, groups, numGroups), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_set_groups(serverSsl, bad_groups, numGroups), BAD_FUNC_ARG); #endif #ifdef OPENSSL_EXTRA ExpectIntEQ(wolfSSL_CTX_set1_groups_list(NULL, NULL), WOLFSSL_FAILURE); #ifndef NO_WOLFSSL_CLIENT ExpectIntEQ(wolfSSL_CTX_set1_groups_list(clientCtx, NULL), WOLFSSL_FAILURE); #endif ExpectIntEQ(wolfSSL_CTX_set1_groups_list(NULL, groupList), WOLFSSL_FAILURE); #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_CTX_set1_groups_list(clientTls12Ctx, groupList), WOLFSSL_FAILURE); #endif ExpectIntEQ(wolfSSL_CTX_set1_groups_list(clientCtx, groupList), WOLFSSL_SUCCESS); #endif #ifndef NO_WOLFSSL_SERVER ExpectIntEQ(wolfSSL_CTX_set1_groups_list(serverCtx, groupList), WOLFSSL_SUCCESS); #endif ExpectIntEQ(wolfSSL_set1_groups_list(NULL, NULL), WOLFSSL_FAILURE); #ifndef NO_WOLFSSL_CLIENT ExpectIntEQ(wolfSSL_set1_groups_list(clientSsl, NULL), WOLFSSL_FAILURE); #endif ExpectIntEQ(wolfSSL_set1_groups_list(NULL, groupList), WOLFSSL_FAILURE); #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_set1_groups_list(clientTls12Ssl, groupList), WOLFSSL_FAILURE); #endif ExpectIntEQ(wolfSSL_set1_groups_list(clientSsl, groupList), WOLFSSL_SUCCESS); #endif #ifndef NO_WOLFSSL_SERVER ExpectIntEQ(wolfSSL_set1_groups_list(serverSsl, groupList), WOLFSSL_SUCCESS); #endif #endif /* OPENSSL_EXTRA */ #endif /* HAVE_SUPPORTED_CURVES */ #endif /* HAVE_ECC */ #ifdef WOLFSSL_EARLY_DATA #ifndef OPENSSL_EXTRA ExpectIntEQ(wolfSSL_CTX_set_max_early_data(NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_get_max_early_data(NULL), BAD_FUNC_ARG); #else ExpectIntEQ(SSL_CTX_set_max_early_data(NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(SSL_CTX_get_max_early_data(NULL), BAD_FUNC_ARG); #endif #ifndef NO_WOLFSSL_CLIENT #ifndef OPENSSL_EXTRA ExpectIntEQ(wolfSSL_CTX_set_max_early_data(clientCtx, 0), SIDE_ERROR); ExpectIntEQ(wolfSSL_CTX_get_max_early_data(clientCtx), SIDE_ERROR); #else ExpectIntEQ(SSL_CTX_set_max_early_data(clientCtx, 0), SIDE_ERROR); ExpectIntEQ(SSL_CTX_get_max_early_data(clientCtx), SIDE_ERROR); #endif #endif #ifndef NO_WOLFSSL_SERVER #ifndef WOLFSSL_NO_TLS12 #ifndef OPENSSL_EXTRA ExpectIntEQ(wolfSSL_CTX_set_max_early_data(serverTls12Ctx, 0), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_get_max_early_data(serverTls12Ctx), BAD_FUNC_ARG); #else ExpectIntEQ(SSL_CTX_set_max_early_data(serverTls12Ctx, 0), BAD_FUNC_ARG); ExpectIntEQ(SSL_CTX_get_max_early_data(serverTls12Ctx), BAD_FUNC_ARG); #endif #endif #ifndef OPENSSL_EXTRA #ifdef WOLFSSL_ERROR_CODE_OPENSSL ExpectIntEQ(wolfSSL_CTX_set_max_early_data(serverCtx, 32), WOLFSSL_SUCCESS); #else ExpectIntEQ(wolfSSL_CTX_set_max_early_data(serverCtx, 32), 0); #endif ExpectIntEQ(wolfSSL_CTX_get_max_early_data(serverCtx), 32); #else ExpectIntEQ(SSL_CTX_set_max_early_data(serverCtx, 32), 1); ExpectIntEQ(SSL_CTX_get_max_early_data(serverCtx), 32); #endif #endif #ifndef OPENSSL_EXTRA ExpectIntEQ(wolfSSL_set_max_early_data(NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_get_max_early_data(NULL), BAD_FUNC_ARG); #else ExpectIntEQ(SSL_set_max_early_data(NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(SSL_get_max_early_data(NULL), BAD_FUNC_ARG); #endif #ifndef NO_WOLFSSL_CLIENT #ifndef OPENSSL_EXTRA #ifdef WOLFSSL_ERROR_CODE_OPENSSL ExpectIntEQ(wolfSSL_set_max_early_data(clientSsl, 17), WOLFSSL_SUCCESS); #else ExpectIntEQ(wolfSSL_set_max_early_data(clientSsl, 17), 0); #endif ExpectIntEQ(wolfSSL_get_max_early_data(clientSsl), 17); #else ExpectIntEQ(SSL_set_max_early_data(clientSsl, 17), WOLFSSL_SUCCESS); ExpectIntEQ(SSL_get_max_early_data(clientSsl), 17); #endif #endif #ifndef NO_WOLFSSL_SERVER #ifndef WOLFSSL_NO_TLS12 #ifndef OPENSSL_EXTRA ExpectIntEQ(wolfSSL_set_max_early_data(serverTls12Ssl, 0), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_get_max_early_data(serverTls12Ssl), BAD_FUNC_ARG); #else ExpectIntEQ(SSL_set_max_early_data(serverTls12Ssl, 0), BAD_FUNC_ARG); ExpectIntEQ(SSL_get_max_early_data(serverTls12Ssl), BAD_FUNC_ARG); #endif #endif #ifndef OPENSSL_EXTRA #ifdef WOLFSSL_ERROR_CODE_OPENSSL ExpectIntEQ(wolfSSL_set_max_early_data(serverSsl, 16), WOLFSSL_SUCCESS); #else ExpectIntEQ(wolfSSL_set_max_early_data(serverSsl, 16), 0); #endif ExpectIntEQ(wolfSSL_get_max_early_data(serverSsl), 16); #else ExpectIntEQ(SSL_set_max_early_data(serverSsl, 16), 1); ExpectIntEQ(SSL_get_max_early_data(serverSsl), 16); #endif #endif ExpectIntEQ(wolfSSL_write_early_data(NULL, earlyData, sizeof(earlyData), &outSz), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_CLIENT ExpectIntEQ(wolfSSL_write_early_data(clientSsl, NULL, sizeof(earlyData), &outSz), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_write_early_data(clientSsl, earlyData, -1, &outSz), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_write_early_data(clientSsl, earlyData, sizeof(earlyData), NULL), BAD_FUNC_ARG); #endif #ifndef NO_WOLFSSL_SERVER ExpectIntEQ(wolfSSL_write_early_data(serverSsl, earlyData, sizeof(earlyData), &outSz), SIDE_ERROR); #endif #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_write_early_data(clientTls12Ssl, earlyData, sizeof(earlyData), &outSz), BAD_FUNC_ARG); #endif ExpectIntEQ(wolfSSL_write_early_data(clientSsl, earlyData, sizeof(earlyData), &outSz), WOLFSSL_FATAL_ERROR); #endif ExpectIntEQ(wolfSSL_read_early_data(NULL, earlyDataBuffer, sizeof(earlyDataBuffer), &outSz), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_SERVER ExpectIntEQ(wolfSSL_read_early_data(serverSsl, NULL, sizeof(earlyDataBuffer), &outSz), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_read_early_data(serverSsl, earlyDataBuffer, -1, &outSz), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_read_early_data(serverSsl, earlyDataBuffer, sizeof(earlyDataBuffer), NULL), BAD_FUNC_ARG); #endif #ifndef NO_WOLFSSL_CLIENT ExpectIntEQ(wolfSSL_read_early_data(clientSsl, earlyDataBuffer, sizeof(earlyDataBuffer), &outSz), SIDE_ERROR); #endif #ifndef NO_WOLFSSL_SERVER #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_read_early_data(serverTls12Ssl, earlyDataBuffer, sizeof(earlyDataBuffer), &outSz), BAD_FUNC_ARG); #endif ExpectIntEQ(wolfSSL_read_early_data(serverSsl, earlyDataBuffer, sizeof(earlyDataBuffer), &outSz), WOLFSSL_FATAL_ERROR); #endif #endif #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_EARLY_DATA) ExpectIntLT(SSL_get_early_data_status(NULL), 0); #endif #ifndef NO_WOLFSSL_SERVER wolfSSL_free(serverSsl); wolfSSL_CTX_free(serverCtx); #endif #ifndef NO_WOLFSSL_CLIENT wolfSSL_free(clientSsl); wolfSSL_CTX_free(clientCtx); #endif #ifndef WOLFSSL_NO_TLS12 #ifndef NO_WOLFSSL_SERVER wolfSSL_free(serverTls12Ssl); wolfSSL_CTX_free(serverTls12Ctx); #endif #ifndef NO_WOLFSSL_CLIENT wolfSSL_free(clientTls12Ssl); wolfSSL_CTX_free(clientTls12Ctx); #endif #endif return EXPECT_RESULT(); } #if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) && \ defined(HAVE_ECC) && defined(BUILD_TLS_AES_128_GCM_SHA256) && \ defined(BUILD_TLS_AES_256_GCM_SHA384) /* Called when writing. */ static int CsSend(WOLFSSL* ssl, char* buf, int sz, void* ctx) { (void)ssl; (void)buf; (void)sz; (void)ctx; /* Force error return from wolfSSL_accept_TLSv13(). */ return WANT_WRITE; } /* Called when reading. */ static int CsRecv(WOLFSSL* ssl, char* buf, int sz, void* ctx) { WOLFSSL_BUFFER_INFO* msg = (WOLFSSL_BUFFER_INFO*)ctx; int len = (int)msg->length; (void)ssl; (void)sz; /* Pass back as much of message as will fit in buffer. */ if (len > sz) len = sz; XMEMCPY(buf, msg->buffer, len); /* Move over returned data. */ msg->buffer += len; msg->length -= len; /* Amount actually copied. */ return len; } #endif static int test_tls13_cipher_suites(void) { EXPECT_DECLS; #if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) && \ defined(HAVE_ECC) && defined(BUILD_TLS_AES_128_GCM_SHA256) && \ defined(BUILD_TLS_AES_256_GCM_SHA384) WOLFSSL_CTX* ctx = NULL; WOLFSSL *ssl = NULL; int i; byte clientHello[] = { 0x16, 0x03, 0x03, 0x01, 0x9b, 0x01, 0x00, 0x01, 0x97, 0x03, 0x03, 0xf4, 0x65, 0xbd, 0x22, 0xfe, 0x6e, 0xab, 0x66, 0xdd, 0xcf, 0xe9, 0x65, 0x55, 0xe8, 0xdf, 0xc3, 0x8e, 0x4b, 0x00, 0xbc, 0xf8, 0x23, 0x57, 0x1b, 0xa0, 0xc8, 0xa9, 0xe2, 0x8c, 0x91, 0x6e, 0xf9, 0x20, 0xf7, 0x5c, 0xc5, 0x5b, 0x75, 0x8c, 0x47, 0x0a, 0x0e, 0xc4, 0x1a, 0xda, 0xef, 0x75, 0xe5, 0x21, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, /* Cipher suites: 0x13, 0x01 = TLS13-AES128-GCM-SHA256, twice. */ 0x13, 0x01, 0x13, 0x01, 0x01, 0x00, 0x01, 0x4a, 0x00, 0x2d, 0x00, 0x03, 0x02, 0x00, 0x01, 0x00, 0x33, 0x00, 0x47, 0x00, 0x45, 0x00, 0x17, 0x00, 0x41, 0x04, 0x90, 0xfc, 0xe2, 0x97, 0x05, 0x7c, 0xb5, 0x23, 0x5d, 0x5f, 0x5b, 0xcd, 0x0c, 0x1e, 0xe0, 0xe9, 0xab, 0x38, 0x6b, 0x1e, 0x20, 0x5c, 0x1c, 0x90, 0x2a, 0x9e, 0x68, 0x8e, 0x70, 0x05, 0x10, 0xa8, 0x02, 0x1b, 0xf9, 0x5c, 0xef, 0xc9, 0xaf, 0xca, 0x1a, 0x3b, 0x16, 0x8b, 0xe4, 0x1b, 0x3c, 0x15, 0xb8, 0x0d, 0xbd, 0xaf, 0x62, 0x8d, 0xa7, 0x13, 0xa0, 0x7c, 0xe0, 0x59, 0x0c, 0x4f, 0x8a, 0x6d, 0x00, 0x2b, 0x00, 0x03, 0x02, 0x03, 0x04, 0x00, 0x0d, 0x00, 0x20, 0x00, 0x1e, 0x06, 0x03, 0x05, 0x03, 0x04, 0x03, 0x02, 0x03, 0x08, 0x06, 0x08, 0x0b, 0x08, 0x05, 0x08, 0x0a, 0x08, 0x04, 0x08, 0x09, 0x06, 0x01, 0x05, 0x01, 0x04, 0x01, 0x03, 0x01, 0x02, 0x01, 0x00, 0x0a, 0x00, 0x04, 0x00, 0x02, 0x00, 0x17, 0x00, 0x16, 0x00, 0x00, 0x00, 0x23, 0x00, 0x00, 0x00, 0x29, 0x00, 0xb9, 0x00, 0x94, 0x00, 0x8e, 0x0f, 0x12, 0xfa, 0x84, 0x1f, 0x76, 0x94, 0xd7, 0x09, 0x5e, 0xad, 0x08, 0x51, 0xb6, 0x80, 0x28, 0x31, 0x8b, 0xfd, 0xc6, 0xbd, 0x9e, 0xf5, 0x3b, 0x4d, 0x02, 0xbe, 0x1d, 0x73, 0xea, 0x13, 0x68, 0x00, 0x4c, 0xfd, 0x3d, 0x48, 0x51, 0xf9, 0x06, 0xbb, 0x92, 0xed, 0x42, 0x9f, 0x7f, 0x2c, 0x73, 0x9f, 0xd9, 0xb4, 0xef, 0x05, 0x26, 0x5b, 0x60, 0x5c, 0x0a, 0xfc, 0xa3, 0xbd, 0x2d, 0x2d, 0x8b, 0xf9, 0xaa, 0x5c, 0x96, 0x3a, 0xf2, 0xec, 0xfa, 0xe5, 0x57, 0x2e, 0x87, 0xbe, 0x27, 0xc5, 0x3d, 0x4f, 0x5d, 0xdd, 0xde, 0x1c, 0x1b, 0xb3, 0xcc, 0x27, 0x27, 0x57, 0x5a, 0xd9, 0xea, 0x99, 0x27, 0x23, 0xa6, 0x0e, 0xea, 0x9c, 0x0d, 0x85, 0xcb, 0x72, 0xeb, 0xd7, 0x93, 0xe3, 0xfe, 0xf7, 0x5c, 0xc5, 0x5b, 0x75, 0x8c, 0x47, 0x0a, 0x0e, 0xc4, 0x1a, 0xda, 0xef, 0x75, 0xe5, 0x21, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xfb, 0x92, 0xce, 0xaa, 0x00, 0x21, 0x20, 0xcb, 0x73, 0x25, 0x80, 0x46, 0x78, 0x4f, 0xe5, 0x34, 0xf6, 0x91, 0x13, 0x7f, 0xc8, 0x8d, 0xdc, 0x81, 0x04, 0xb7, 0x0d, 0x49, 0x85, 0x2e, 0x12, 0x7a, 0x07, 0x23, 0xe9, 0x13, 0xa4, 0x6d, 0x8c }; WOLFSSL_BUFFER_INFO msg; /* Offset into ClientHello message data of first cipher suite. */ const int csOff = 78; /* Server cipher list. */ const char* serverCs = "TLS13-AES256-GCM-SHA384:TLS13-AES128-GCM-SHA256"; /* Suite list with duplicates. */ const char* dupCs = "TLS13-AES128-GCM-SHA256:" "TLS13-AES128-GCM-SHA256:" "TLS13-AES256-GCM-SHA384:" "TLS13-AES256-GCM-SHA384:" "TLS13-AES128-GCM-SHA256"; #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_SET_CIPHER_BYTES) const byte dupCsBytes[] = { TLS13_BYTE, TLS_AES_256_GCM_SHA384, TLS13_BYTE, TLS_AES_256_GCM_SHA384, TLS13_BYTE, TLS_AES_128_GCM_SHA256, TLS13_BYTE, TLS_AES_128_GCM_SHA256, TLS13_BYTE, TLS_AES_256_GCM_SHA384 }; #endif /* Set up wolfSSL context. */ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method())); ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, eccCertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, eccKeyFile, WOLFSSL_FILETYPE_PEM)); /* Read from 'msg'. */ wolfSSL_SetIORecv(ctx, CsRecv); /* No where to send to - dummy sender. */ wolfSSL_SetIOSend(ctx, CsSend); /* Test cipher suite list with many copies of a cipher suite. */ ExpectNotNull(ssl = wolfSSL_new(ctx)); msg.buffer = clientHello; msg.length = (unsigned int)sizeof(clientHello); wolfSSL_SetIOReadCtx(ssl, &msg); /* Force server to have as many occurrences of same cipher suite as * possible. */ if (ssl != NULL) { Suites* suites = (Suites*)WOLFSSL_SUITES(ssl); suites->suiteSz = WOLFSSL_MAX_SUITE_SZ; for (i = 0; i < suites->suiteSz; i += 2) { suites->suites[i + 0] = TLS13_BYTE; suites->suites[i + 1] = TLS_AES_128_GCM_SHA256; } } /* Test multiple occurrences of same cipher suite. */ ExpectIntEQ(wolfSSL_accept_TLSv13(ssl), WOLFSSL_FATAL_ERROR); wolfSSL_free(ssl); ssl = NULL; /* Set client order opposite to server order: * TLS13-AES128-GCM-SHA256:TLS13-AES256-GCM-SHA384 */ clientHello[csOff + 0] = TLS13_BYTE; clientHello[csOff + 1] = TLS_AES_128_GCM_SHA256; clientHello[csOff + 2] = TLS13_BYTE; clientHello[csOff + 3] = TLS_AES_256_GCM_SHA384; /* Test server order negotiation. */ ExpectNotNull(ssl = wolfSSL_new(ctx)); msg.buffer = clientHello; msg.length = (unsigned int)sizeof(clientHello); wolfSSL_SetIOReadCtx(ssl, &msg); /* Server order: TLS13-AES256-GCM-SHA384:TLS13-AES128-GCM-SHA256 */ ExpectIntEQ(wolfSSL_set_cipher_list(ssl, serverCs), WOLFSSL_SUCCESS); /* Negotiate cipher suites in server order: TLS13-AES256-GCM-SHA384 */ ExpectIntEQ(wolfSSL_accept_TLSv13(ssl), WOLFSSL_FATAL_ERROR); /* Check refined order - server order. */ ExpectIntEQ(ssl->suites->suiteSz, 4); ExpectIntEQ(ssl->suites->suites[0], TLS13_BYTE); ExpectIntEQ(ssl->suites->suites[1], TLS_AES_256_GCM_SHA384); ExpectIntEQ(ssl->suites->suites[2], TLS13_BYTE); ExpectIntEQ(ssl->suites->suites[3], TLS_AES_128_GCM_SHA256); wolfSSL_free(ssl); ssl = NULL; /* Test client order negotiation. */ ExpectNotNull(ssl = wolfSSL_new(ctx)); msg.buffer = clientHello; msg.length = (unsigned int)sizeof(clientHello); wolfSSL_SetIOReadCtx(ssl, &msg); /* Server order: TLS13-AES256-GCM-SHA384:TLS13-AES128-GCM-SHA256 */ ExpectIntEQ(wolfSSL_set_cipher_list(ssl, serverCs), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_UseClientSuites(ssl), 0); /* Negotiate cipher suites in client order: TLS13-AES128-GCM-SHA256 */ ExpectIntEQ(wolfSSL_accept_TLSv13(ssl), WOLFSSL_FATAL_ERROR); /* Check refined order - client order. */ ExpectIntEQ(ssl->suites->suiteSz, 4); ExpectIntEQ(ssl->suites->suites[0], TLS13_BYTE); ExpectIntEQ(ssl->suites->suites[1], TLS_AES_128_GCM_SHA256); ExpectIntEQ(ssl->suites->suites[2], TLS13_BYTE); ExpectIntEQ(ssl->suites->suites[3], TLS_AES_256_GCM_SHA384); wolfSSL_free(ssl); ssl = NULL; /* Check duplicate detection is working. */ ExpectIntEQ(wolfSSL_CTX_set_cipher_list(ctx, dupCs), WOLFSSL_SUCCESS); ExpectIntEQ(ctx->suites->suiteSz, 4); ExpectIntEQ(ctx->suites->suites[0], TLS13_BYTE); ExpectIntEQ(ctx->suites->suites[1], TLS_AES_128_GCM_SHA256); ExpectIntEQ(ctx->suites->suites[2], TLS13_BYTE); ExpectIntEQ(ctx->suites->suites[3], TLS_AES_256_GCM_SHA384); #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_SET_CIPHER_BYTES) ExpectIntEQ(wolfSSL_CTX_set_cipher_list_bytes(ctx, dupCsBytes, sizeof(dupCsBytes)), WOLFSSL_SUCCESS); ExpectIntEQ(ctx->suites->suiteSz, 4); ExpectIntEQ(ctx->suites->suites[0], TLS13_BYTE); ExpectIntEQ(ctx->suites->suites[1], TLS_AES_256_GCM_SHA384); ExpectIntEQ(ctx->suites->suites[2], TLS13_BYTE); ExpectIntEQ(ctx->suites->suites[3], TLS_AES_128_GCM_SHA256); #endif wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } #endif #if defined(HAVE_PK_CALLBACKS) && !defined(WOLFSSL_NO_TLS12) #if !defined(NO_FILESYSTEM) && !defined(NO_DH) && \ !defined(NO_AES) && defined(HAVE_AES_CBC) && \ defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) static int my_DhCallback(WOLFSSL* ssl, struct DhKey* key, const unsigned char* priv, unsigned int privSz, const unsigned char* pubKeyDer, unsigned int pubKeySz, unsigned char* out, unsigned int* outlen, void* ctx) { int result; /* Test fail when context associated with WOLFSSL is NULL */ if (ctx == NULL) { return -1; } (void)ssl; /* return 0 on success */ PRIVATE_KEY_UNLOCK(); result = wc_DhAgree(key, out, outlen, priv, privSz, pubKeyDer, pubKeySz); PRIVATE_KEY_LOCK(); return result; } static int test_dh_ctx_setup(WOLFSSL_CTX* ctx) { EXPECT_DECLS; wolfSSL_CTX_SetDhAgreeCb(ctx, my_DhCallback); #if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128) ExpectIntEQ(wolfSSL_CTX_set_cipher_list(ctx, "DHE-RSA-AES128-SHA256"), WOLFSSL_SUCCESS); #endif #if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_256) ExpectIntEQ(wolfSSL_CTX_set_cipher_list(ctx, "DHE-RSA-AES256-SHA256"), WOLFSSL_SUCCESS); #endif return EXPECT_RESULT(); } static int test_dh_ssl_setup(WOLFSSL* ssl) { EXPECT_DECLS; static int dh_test_ctx = 1; int ret; wolfSSL_SetDhAgreeCtx(ssl, &dh_test_ctx); ExpectIntEQ(*((int*)wolfSSL_GetDhAgreeCtx(ssl)), dh_test_ctx); ret = wolfSSL_SetTmpDH_file(ssl, dhParamFile, WOLFSSL_FILETYPE_PEM); if (ret != WOLFSSL_SUCCESS && ret != SIDE_ERROR) { ExpectIntEQ(ret, WOLFSSL_SUCCESS); } return EXPECT_RESULT(); } static int test_dh_ssl_setup_fail(WOLFSSL* ssl) { EXPECT_DECLS; int ret; wolfSSL_SetDhAgreeCtx(ssl, NULL); ExpectNull(wolfSSL_GetDhAgreeCtx(ssl)); ret = wolfSSL_SetTmpDH_file(ssl, dhParamFile, WOLFSSL_FILETYPE_PEM); if (ret != WOLFSSL_SUCCESS && ret != SIDE_ERROR) { ExpectIntEQ(ret, WOLFSSL_SUCCESS); } return EXPECT_RESULT(); } #endif static int test_DhCallbacks(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_DH) && \ !defined(NO_AES) && defined(HAVE_AES_CBC) && \ defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) WOLFSSL_CTX *ctx = NULL; WOLFSSL *ssl = NULL; int test; test_ssl_cbf func_cb_client; test_ssl_cbf func_cb_server; /* Test that DH callback APIs work. */ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); ExpectIntEQ(wolfSSL_CTX_set_cipher_list(NULL, "NONE"), WOLFSSL_FAILURE); wolfSSL_CTX_SetDhAgreeCb(ctx, &my_DhCallback); /* load client ca cert */ ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0), WOLFSSL_SUCCESS); /* test with NULL arguments */ wolfSSL_SetDhAgreeCtx(NULL, &test); ExpectNull(wolfSSL_GetDhAgreeCtx(NULL)); /* test success case */ test = 1; ExpectNotNull(ssl = wolfSSL_new(ctx)); wolfSSL_SetDhAgreeCtx(ssl, &test); ExpectIntEQ(*((int*)wolfSSL_GetDhAgreeCtx(ssl)), test); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); XMEMSET(&func_cb_client, 0, sizeof(func_cb_client)); XMEMSET(&func_cb_server, 0, sizeof(func_cb_server)); /* set callbacks to use DH functions */ func_cb_client.ctx_ready = &test_dh_ctx_setup; func_cb_client.ssl_ready = &test_dh_ssl_setup; func_cb_client.method = wolfTLSv1_2_client_method; func_cb_server.ctx_ready = &test_dh_ctx_setup; func_cb_server.ssl_ready = &test_dh_ssl_setup; func_cb_server.method = wolfTLSv1_2_server_method; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client, &func_cb_server, NULL), TEST_SUCCESS); /* Test fail */ XMEMSET(&func_cb_client, 0, sizeof(func_cb_client)); XMEMSET(&func_cb_server, 0, sizeof(func_cb_server)); /* set callbacks to use DH functions */ func_cb_client.ctx_ready = &test_dh_ctx_setup; func_cb_client.ssl_ready = &test_dh_ssl_setup_fail; func_cb_client.method = wolfTLSv1_2_client_method; func_cb_server.ctx_ready = &test_dh_ctx_setup; func_cb_server.ssl_ready = &test_dh_ssl_setup_fail; func_cb_server.method = wolfTLSv1_2_server_method; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client, &func_cb_server, NULL), TEST_FAIL); #endif return EXPECT_RESULT(); } #endif /* HAVE_PK_CALLBACKS */ #ifdef HAVE_HASHDRBG #ifdef TEST_RESEED_INTERVAL static int test_wc_RNG_GenerateBlock_Reseed(void) { EXPECT_DECLS; int i; WC_RNG rng; byte key[32]; XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_InitRng(&rng), 0); for (i = 0; i < WC_RESEED_INTERVAL + 10; i++) { ExpectIntEQ(wc_RNG_GenerateBlock(&rng, key, sizeof(key)), 0); } DoExpectIntEQ(wc_FreeRng(&rng), 0); return EXPECT_RESULT(); } #endif /* TEST_RESEED_INTERVAL */ static int test_wc_RNG_GenerateBlock(void) { EXPECT_DECLS; int i; WC_RNG rng; byte key[32]; XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_InitRng(&rng), 0); for (i = 0; i < 10; i++) { ExpectIntEQ(wc_RNG_GenerateBlock(&rng, key, sizeof(key)), 0); } DoExpectIntEQ(wc_FreeRng(&rng), 0); return EXPECT_RESULT(); } #endif /* HAVE_HASHDRBG */ /* * Testing get_rand_digit */ static int test_get_rand_digit(void) { EXPECT_DECLS; #if !defined(WC_NO_RNG) && defined(WOLFSSL_PUBLIC_MP) WC_RNG rng; mp_digit d; XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(get_rand_digit(&rng, &d), 0); ExpectIntEQ(get_rand_digit(NULL, NULL), BAD_FUNC_ARG); ExpectIntEQ(get_rand_digit(NULL, &d), BAD_FUNC_ARG); ExpectIntEQ(get_rand_digit(&rng, NULL), BAD_FUNC_ARG); DoExpectIntEQ(wc_FreeRng(&rng), 0); #endif return EXPECT_RESULT(); } /* End test_get_rand_digit*/ /* * Testing get_digit_count */ static int test_get_digit_count(void) { EXPECT_DECLS; #if !defined(WOLFSSL_SP_MATH) && defined(WOLFSSL_PUBLIC_MP) mp_int a; XMEMSET(&a, 0, sizeof(mp_int)); ExpectIntEQ(mp_init(&a), 0); ExpectIntEQ(get_digit_count(NULL), 0); ExpectIntEQ(get_digit_count(&a), 0); mp_clear(&a); #endif return EXPECT_RESULT(); } /* End test_get_digit_count*/ /* * Testing mp_cond_copy */ static int test_mp_cond_copy(void) { EXPECT_DECLS; #if (defined(HAVE_ECC) || defined(WOLFSSL_MP_COND_COPY)) && \ defined(WOLFSSL_PUBLIC_MP) mp_int a; mp_int b; int copy = 0; XMEMSET(&a, 0, sizeof(mp_int)); XMEMSET(&b, 0, sizeof(mp_int)); ExpectIntEQ(mp_init(&a), MP_OKAY); ExpectIntEQ(mp_init(&b), MP_OKAY); ExpectIntEQ(mp_cond_copy(NULL, copy, NULL), BAD_FUNC_ARG); ExpectIntEQ(mp_cond_copy(NULL, copy, &b), BAD_FUNC_ARG); ExpectIntEQ(mp_cond_copy(&a, copy, NULL), BAD_FUNC_ARG); ExpectIntEQ(mp_cond_copy(&a, copy, &b), 0); mp_clear(&a); mp_clear(&b); #endif return EXPECT_RESULT(); } /* End test_mp_cond_copy*/ /* * Testing mp_rand */ static int test_mp_rand(void) { EXPECT_DECLS; #if defined(WC_RSA_BLINDING) && defined(WOLFSSL_PUBLIC_MP) mp_int a; WC_RNG rng; int digits = 1; XMEMSET(&a, 0, sizeof(mp_int)); XMEMSET(&rng, 0, sizeof(WC_RNG)); ExpectIntEQ(mp_init(&a), MP_OKAY); ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(mp_rand(&a, digits, NULL), MISSING_RNG_E); ExpectIntEQ(mp_rand(NULL, digits, &rng), BAD_FUNC_ARG); ExpectIntEQ(mp_rand(&a, 0, &rng), BAD_FUNC_ARG); ExpectIntEQ(mp_rand(&a, digits, &rng), 0); mp_clear(&a); DoExpectIntEQ(wc_FreeRng(&rng), 0); #endif return EXPECT_RESULT(); } /* End test_mp_rand*/ /* * Testing get_digit */ static int test_get_digit(void) { EXPECT_DECLS; #if defined(WOLFSSL_PUBLIC_MP) mp_int a; int n = 0; XMEMSET(&a, 0, sizeof(mp_int)); ExpectIntEQ(mp_init(&a), MP_OKAY); ExpectIntEQ(get_digit(NULL, n), 0); ExpectIntEQ(get_digit(&a, n), 0); mp_clear(&a); #endif return EXPECT_RESULT(); } /* End test_get_digit*/ /* * Testing wc_export_int */ static int test_wc_export_int(void) { EXPECT_DECLS; #if (defined(HAVE_ECC) || defined(WOLFSSL_EXPORT_INT)) && \ defined(WOLFSSL_PUBLIC_MP) mp_int mp; byte buf[32]; word32 keySz = (word32)sizeof(buf); word32 len = (word32)sizeof(buf); XMEMSET(&mp, 0, sizeof(mp_int)); ExpectIntEQ(mp_init(&mp), MP_OKAY); ExpectIntEQ(mp_set(&mp, 1234), 0); ExpectIntEQ(wc_export_int(NULL, buf, &len, keySz, WC_TYPE_UNSIGNED_BIN), BAD_FUNC_ARG); len = sizeof(buf)-1; ExpectIntEQ(wc_export_int(&mp, buf, &len, keySz, WC_TYPE_UNSIGNED_BIN), BUFFER_E); len = sizeof(buf); ExpectIntEQ(wc_export_int(&mp, buf, &len, keySz, WC_TYPE_UNSIGNED_BIN), 0); len = 4; /* test input too small */ ExpectIntEQ(wc_export_int(&mp, buf, &len, 0, WC_TYPE_HEX_STR), BUFFER_E); len = sizeof(buf); ExpectIntEQ(wc_export_int(&mp, buf, &len, 0, WC_TYPE_HEX_STR), 0); /* hex version of 1234 is 04D2 and should be 4 digits + 1 null */ ExpectIntEQ(len, 5); mp_clear(&mp); #endif return EXPECT_RESULT(); } /* End test_wc_export_int*/ static int test_wc_InitRngNonce(void) { EXPECT_DECLS; #if !defined(WC_NO_RNG) && !defined(HAVE_SELFTEST) && \ (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \ HAVE_FIPS_VERSION >= 2)) WC_RNG rng; byte nonce[] = "\x0D\x74\xDB\x42\xA9\x10\x77\xDE" "\x45\xAC\x13\x7A\xE1\x48\xAF\x16"; word32 nonceSz = sizeof(nonce); ExpectIntEQ(wc_InitRngNonce(&rng, nonce, nonceSz), 0); ExpectIntEQ(wc_FreeRng(&rng), 0); #endif return EXPECT_RESULT(); } /* End test_wc_InitRngNonce*/ /* * Testing wc_InitRngNonce_ex */ static int test_wc_InitRngNonce_ex(void) { EXPECT_DECLS; #if !defined(WC_NO_RNG) && !defined(HAVE_SELFTEST) && \ (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \ HAVE_FIPS_VERSION >= 2)) WC_RNG rng; byte nonce[] = "\x0D\x74\xDB\x42\xA9\x10\x77\xDE" "\x45\xAC\x13\x7A\xE1\x48\xAF\x16"; word32 nonceSz = sizeof(nonce); ExpectIntEQ(wc_InitRngNonce_ex(&rng, nonce, nonceSz, HEAP_HINT, testDevId), 0); ExpectIntEQ(wc_FreeRng(&rng), 0); #endif return EXPECT_RESULT(); } /* End test_wc_InitRngNonce_ex */ static int test_wolfSSL_X509_CRL(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_CRL) X509_CRL *crl = NULL; char pem[][100] = { "./certs/crl/crl.pem", "./certs/crl/crl2.pem", "./certs/crl/caEccCrl.pem", "./certs/crl/eccCliCRL.pem", "./certs/crl/eccSrvCRL.pem", "" }; #ifndef NO_BIO BIO *bio = NULL; #endif #ifdef HAVE_TEST_d2i_X509_CRL_fp char der[][100] = { "./certs/crl/crl.der", "./certs/crl/crl2.der", ""}; #endif XFILE fp = XBADFILE; int i; for (i = 0; pem[i][0] != '\0'; i++) { ExpectTrue((fp = XFOPEN(pem[i], "rb")) != XBADFILE); ExpectNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL, NULL, NULL)); ExpectNotNull(crl); X509_CRL_free(crl); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } ExpectTrue((fp = XFOPEN(pem[i], "rb")) != XBADFILE); ExpectNotNull((X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)&crl, NULL, NULL)); if (EXPECT_FAIL()) { crl = NULL; } ExpectNotNull(crl); X509_CRL_free(crl); crl = NULL; if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } } #ifndef NO_BIO for (i = 0; pem[i][0] != '\0'; i++) { ExpectNotNull(bio = BIO_new_file(pem[i], "rb")); ExpectNotNull(crl = PEM_read_bio_X509_CRL(bio, NULL, NULL, NULL)); X509_CRL_free(crl); crl = NULL; BIO_free(bio); bio = NULL; } #endif #ifdef HAVE_TEST_d2i_X509_CRL_fp for (i = 0; der[i][0] != '\0'; i++) { ExpectTrue((fp = XFOPEN(der[i], "rb")) != XBADFILE); ExpectTrue((fp != XBADFILE)); ExpectNotNull(crl = (X509_CRL *)d2i_X509_CRL_fp((fp, X509_CRL **)NULL)); ExpectNotNull(crl); X509_CRL_free(crl); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } fp = XFOPEN(der[i], "rb"); ExpectTrue((fp != XBADFILE)); ExpectNotNull((X509_CRL *)d2i_X509_CRL_fp(fp, (X509_CRL **)&crl)); if (EXPECT_FAIL()) { crl = NULL; } ExpectNotNull(crl); X509_CRL_free(crl); crl = NULL; if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } } #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_load_crl_file(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_CRL) && !defined(NO_FILESYSTEM) && \ !defined(NO_STDIO_FILESYSTEM) && !defined(NO_RSA) && !defined(NO_BIO) int i; char pem[][100] = { "./certs/crl/crl.pem", "./certs/crl/crl2.pem", "./certs/crl/caEccCrl.pem", "./certs/crl/eccCliCRL.pem", "./certs/crl/eccSrvCRL.pem", #ifdef WC_RSA_PSS "./certs/crl/crl_rsapss.pem", #endif "" }; char der[][100] = { "./certs/crl/crl.der", "./certs/crl/crl2.der", "" }; WOLFSSL_X509_STORE* store = NULL; WOLFSSL_X509_LOOKUP* lookup = NULL; ExpectNotNull(store = wolfSSL_X509_STORE_new()); ExpectNotNull(lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file())); ExpectIntEQ(X509_LOOKUP_load_file(lookup, "certs/ca-cert.pem", X509_FILETYPE_PEM), 1); #ifdef WC_RSA_PSS ExpectIntEQ(X509_LOOKUP_load_file(lookup, "certs/rsapss/ca-rsapss.pem", X509_FILETYPE_PEM), 1); #endif ExpectIntEQ(X509_LOOKUP_load_file(lookup, "certs/server-revoked-cert.pem", X509_FILETYPE_PEM), 1); if (store) { ExpectIntEQ(wolfSSL_CertManagerVerify(store->cm, svrCertFile, WOLFSSL_FILETYPE_PEM), 1); /* since store hasn't yet known the revoked cert*/ ExpectIntEQ(wolfSSL_CertManagerVerify(store->cm, "certs/server-revoked-cert.pem", WOLFSSL_FILETYPE_PEM), 1); } for (i = 0; pem[i][0] != '\0'; i++) { ExpectIntEQ(X509_load_crl_file(lookup, pem[i], WOLFSSL_FILETYPE_PEM), 1); } if (store) { /* since store knows crl list */ ExpectIntEQ(wolfSSL_CertManagerVerify(store->cm, "certs/server-revoked-cert.pem", WOLFSSL_FILETYPE_PEM), CRL_CERT_REVOKED); #ifdef WC_RSA_PSS ExpectIntEQ(wolfSSL_CertManagerVerify(store->cm, "certs/rsapss/server-rsapss-cert.pem", WOLFSSL_FILETYPE_PEM), CRL_CERT_REVOKED); #endif } /* once feeing store */ X509_STORE_free(store); store = NULL; ExpectNotNull(store = wolfSSL_X509_STORE_new()); ExpectNotNull(lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file())); ExpectIntEQ(X509_LOOKUP_load_file(lookup, "certs/ca-cert.pem", X509_FILETYPE_PEM), 1); ExpectIntEQ(X509_LOOKUP_load_file(lookup, "certs/server-revoked-cert.pem", X509_FILETYPE_PEM), 1); if (store) { ExpectIntEQ(wolfSSL_CertManagerVerify(store->cm, svrCertFile, WOLFSSL_FILETYPE_PEM), 1); /* since store hasn't yet known the revoked cert*/ ExpectIntEQ(wolfSSL_CertManagerVerify(store->cm, "certs/server-revoked-cert.pem", WOLFSSL_FILETYPE_PEM), 1); } for (i = 0; der[i][0] != '\0'; i++) { ExpectIntEQ(X509_load_crl_file(lookup, der[i], WOLFSSL_FILETYPE_ASN1), 1); } if (store) { /* since store knows crl list */ ExpectIntEQ(wolfSSL_CertManagerVerify(store->cm, "certs/server-revoked-cert.pem", WOLFSSL_FILETYPE_PEM), CRL_CERT_REVOKED); } /* test for incorrect parameter */ ExpectIntEQ(X509_load_crl_file(NULL, pem[0], 0), 0); ExpectIntEQ(X509_load_crl_file(lookup, NULL, 0), 0); ExpectIntEQ(X509_load_crl_file(NULL, NULL, 0), 0); X509_STORE_free(store); store = NULL; #endif return EXPECT_RESULT(); } static int test_wolfSSL_i2d_X509(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(USE_CERT_BUFFERS_2048) && !defined(NO_RSA) const unsigned char* cert_buf = server_cert_der_2048; unsigned char* out = NULL; unsigned char* tmp = NULL; X509* cert = NULL; ExpectNotNull(d2i_X509(&cert, &cert_buf, sizeof_server_cert_der_2048)); /* Pointer should be advanced */ ExpectPtrGT(cert_buf, server_cert_der_2048); ExpectIntGT(i2d_X509(cert, &out), 0); ExpectNotNull(out); tmp = out; ExpectIntGT(i2d_X509(cert, &tmp), 0); ExpectPtrGT(tmp, out); if (out != NULL) XFREE(out, NULL, DYNAMIC_TYPE_OPENSSL); X509_free(cert); #endif return EXPECT_RESULT(); } static int test_wolfSSL_d2i_X509_REQ(void) { EXPECT_DECLS; #if defined(WOLFSSL_CERT_REQ) && !defined(NO_RSA) && !defined(NO_BIO) && \ (defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)) && \ !defined(WOLFSSL_SP_MATH) /* ./certs/csr.signed.der, ./certs/csr.ext.der, and ./certs/csr.attr.der * were generated by libest * ./certs/csr.attr.der contains sample attributes * ./certs/csr.ext.der contains sample extensions */ const char* csrFile = "./certs/csr.signed.der"; const char* csrPopFile = "./certs/csr.attr.der"; const char* csrExtFile = "./certs/csr.ext.der"; /* ./certs/csr.dsa.pem is generated using * openssl req -newkey dsa:certs/dsaparams.pem \ * -keyout certs/csr.dsa.key.pem -keyform PEM -out certs/csr.dsa.pem \ * -outform PEM * with the passphrase "wolfSSL" */ #if !defined(NO_DSA) && !defined(HAVE_SELFTEST) const char* csrDsaFile = "./certs/csr.dsa.pem"; XFILE f = XBADFILE; #endif BIO* bio = NULL; X509* req = NULL; EVP_PKEY *pub_key = NULL; { ExpectNotNull(bio = BIO_new_file(csrFile, "rb")); ExpectNotNull(d2i_X509_REQ_bio(bio, &req)); /* * Extract the public key from the CSR */ ExpectNotNull(pub_key = X509_REQ_get_pubkey(req)); /* * Verify the signature in the CSR */ ExpectIntEQ(X509_REQ_verify(req, pub_key), 1); X509_free(req); req = NULL; BIO_free(bio); bio = NULL; EVP_PKEY_free(pub_key); pub_key = NULL; } { #ifdef OPENSSL_ALL X509_ATTRIBUTE* attr = NULL; ASN1_TYPE *at = NULL; #endif ExpectNotNull(bio = BIO_new_file(csrPopFile, "rb")); ExpectNotNull(d2i_X509_REQ_bio(bio, &req)); /* * Extract the public key from the CSR */ ExpectNotNull(pub_key = X509_REQ_get_pubkey(req)); /* * Verify the signature in the CSR */ ExpectIntEQ(X509_REQ_verify(req, pub_key), 1); #ifdef OPENSSL_ALL /* * Obtain the challenge password from the CSR */ ExpectIntEQ(X509_REQ_get_attr_by_NID(req, NID_pkcs9_challengePassword, -1), 1); ExpectNotNull(attr = X509_REQ_get_attr(req, 1)); ExpectNotNull(at = X509_ATTRIBUTE_get0_type(attr, 0)); ExpectNotNull(at->value.asn1_string); ExpectStrEQ((char*)ASN1_STRING_data(at->value.asn1_string), "2xIE+qqp/rhyTXP+"); ExpectIntEQ(X509_get_ext_by_NID(req, NID_subject_alt_name, -1), -1); #endif X509_free(req); req = NULL; BIO_free(bio); bio = NULL; EVP_PKEY_free(pub_key); pub_key = NULL; } { #ifdef OPENSSL_ALL X509_ATTRIBUTE* attr = NULL; ASN1_TYPE *at = NULL; STACK_OF(X509_EXTENSION) *exts = NULL; #endif ExpectNotNull(bio = BIO_new_file(csrExtFile, "rb")); /* This CSR contains an Extension Request attribute so * we test extension parsing in a CSR attribute here. */ ExpectNotNull(d2i_X509_REQ_bio(bio, &req)); /* * Extract the public key from the CSR */ ExpectNotNull(pub_key = X509_REQ_get_pubkey(req)); /* * Verify the signature in the CSR */ ExpectIntEQ(X509_REQ_verify(req, pub_key), 1); #ifdef OPENSSL_ALL ExpectNotNull(exts = (STACK_OF(X509_EXTENSION)*)X509_REQ_get_extensions( req)); ExpectIntEQ(sk_X509_EXTENSION_num(exts), 2); sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); /* * Obtain the challenge password from the CSR */ ExpectIntEQ(X509_REQ_get_attr_by_NID(req, NID_pkcs9_challengePassword, -1), 0); ExpectNotNull(attr = X509_REQ_get_attr(req, 0)); ExpectNotNull(at = X509_ATTRIBUTE_get0_type(attr, 0)); ExpectNotNull(at->value.asn1_string); ExpectStrEQ((char*)ASN1_STRING_data(at->value.asn1_string), "IGCu/xNL4/0/wOgo"); ExpectIntGE(X509_get_ext_by_NID(req, NID_key_usage, -1), 0); ExpectIntGE(X509_get_ext_by_NID(req, NID_subject_alt_name, -1), 0); #endif X509_free(req); req = NULL; BIO_free(bio); bio = NULL; EVP_PKEY_free(pub_key); pub_key = NULL; } #if !defined(NO_DSA) && !defined(HAVE_SELFTEST) { ExpectNotNull(bio = BIO_new_file(csrDsaFile, "rb")); ExpectNotNull(PEM_read_bio_X509_REQ(bio, &req, NULL, NULL)); /* * Extract the public key from the CSR */ ExpectNotNull(pub_key = X509_REQ_get_pubkey(req)); /* * Verify the signature in the CSR */ ExpectIntEQ(X509_REQ_verify(req, pub_key), 1); X509_free(req); req = NULL; BIO_free(bio); /* Run the same test, but with a file pointer instead of a BIO. * (PEM_read_X509_REQ)*/ ExpectTrue((f = XFOPEN(csrDsaFile, "rb")) != XBADFILE); ExpectNotNull(PEM_read_X509_REQ(f, &req, NULL, NULL)); ExpectIntEQ(X509_REQ_verify(req, pub_key), 1); X509_free(req); EVP_PKEY_free(pub_key); } #endif /* !NO_DSA && !HAVE_SELFTEST */ #endif /* WOLFSSL_CERT_REQ && (OPENSSL_ALL || OPENSSL_EXTRA) */ return EXPECT_RESULT(); } static int test_wolfSSL_PEM_read_X509(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_CRL) && !defined(NO_FILESYSTEM) && \ !defined(NO_RSA) X509 *x509 = NULL; XFILE fp = XBADFILE; ExpectTrue((fp = XFOPEN(svrCertFile, "rb")) != XBADFILE); ExpectNotNull(x509 = (X509 *)PEM_read_X509(fp, (X509 **)NULL, NULL, NULL)); X509_free(x509); if (fp != XBADFILE) XFCLOSE(fp); #endif return EXPECT_RESULT(); } static int test_wolfSSL_PEM_read(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_BIO) const char* filename = "./certs/server-keyEnc.pem"; XFILE fp = XBADFILE; char* name = NULL; char* header = NULL; byte* data = NULL; long len; EVP_CIPHER_INFO cipher; WOLFSSL_BIO* bio = NULL; byte* fileData = NULL; size_t fileDataSz = 0; byte* out; ExpectTrue((fp = XFOPEN(filename, "rb")) != XBADFILE); /* Fail cases. */ ExpectIntEQ(PEM_read(fp, NULL, &header, &data, &len), WOLFSSL_FAILURE); ExpectIntEQ(PEM_read(fp, &name, NULL, &data, &len), WOLFSSL_FAILURE); ExpectIntEQ(PEM_read(fp, &name, &header, NULL, &len), WOLFSSL_FAILURE); ExpectIntEQ(PEM_read(fp, &name, &header, &data, NULL), WOLFSSL_FAILURE); ExpectIntEQ(PEM_read(fp, &name, &header, &data, &len), WOLFSSL_SUCCESS); ExpectIntEQ(XSTRNCMP(name, "RSA PRIVATE KEY", 15), 0); ExpectIntGT(XSTRLEN(header), 0); ExpectIntGT(len, 0); ExpectIntEQ(XFSEEK(fp, 0, SEEK_END), 0); ExpectIntGT((fileDataSz = XFTELL(fp)), 0); ExpectIntEQ(XFSEEK(fp, 0, SEEK_SET), 0); ExpectNotNull(fileData = (unsigned char*)XMALLOC(fileDataSz, NULL, DYNAMIC_TYPE_TMP_BUFFER)); ExpectIntEQ(XFREAD(fileData, 1, fileDataSz, fp), fileDataSz); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem())); /* Fail cases. */ ExpectIntEQ(PEM_write_bio(NULL, name, header, data, len), 0); ExpectIntEQ(PEM_write_bio(bio, NULL, header, data, len), 0); ExpectIntEQ(PEM_write_bio(bio, name, NULL, data, len), 0); ExpectIntEQ(PEM_write_bio(bio, name, header, NULL, len), 0); ExpectIntEQ(PEM_write_bio(bio, name, header, data, len), fileDataSz); ExpectIntEQ(wolfSSL_BIO_get_mem_data(bio, &out), fileDataSz); ExpectIntEQ(XMEMCMP(out, fileData, fileDataSz), 0); /* Fail cases. */ ExpectIntEQ(PEM_get_EVP_CIPHER_INFO(NULL, &cipher), WOLFSSL_FAILURE); ExpectIntEQ(PEM_get_EVP_CIPHER_INFO(header, NULL), WOLFSSL_FAILURE); ExpectIntEQ(PEM_get_EVP_CIPHER_INFO((char*)"", &cipher), WOLFSSL_FAILURE); #ifndef NO_DES3 ExpectIntEQ(PEM_get_EVP_CIPHER_INFO(header, &cipher), WOLFSSL_SUCCESS); #endif /* Fail cases. */ ExpectIntEQ(PEM_do_header(&cipher, NULL, &len, PasswordCallBack, (void*)"yassl123"), WOLFSSL_FAILURE); ExpectIntEQ(PEM_do_header(&cipher, data, NULL, PasswordCallBack, (void*)"yassl123"), WOLFSSL_FAILURE); ExpectIntEQ(PEM_do_header(&cipher, data, &len, NULL, (void*)"yassl123"), WOLFSSL_FAILURE); #if !defined(NO_DES3) && !defined(NO_MD5) ExpectIntEQ(PEM_do_header(&cipher, data, &len, PasswordCallBack, (void*)"yassl123"), WOLFSSL_SUCCESS); #endif BIO_free(bio); bio = NULL; XFREE(fileData, NULL, DYNAMIC_TYPE_TMP_BUFFER); fileData = NULL; XFREE(name, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER); name = NULL; header = NULL; data = NULL; ExpectTrue((fp = XFOPEN(svrKeyFile, "rb")) != XBADFILE); ExpectIntEQ(PEM_read(fp, &name, &header, &data, &len), WOLFSSL_SUCCESS); ExpectIntEQ(XSTRNCMP(name, "RSA PRIVATE KEY", 15), 0); ExpectIntEQ(XSTRLEN(header), 0); ExpectIntGT(len, 0); ExpectIntEQ(XFSEEK(fp, 0, SEEK_END), 0); ExpectIntGT((fileDataSz = XFTELL(fp)), 0); ExpectIntEQ(XFSEEK(fp, 0, SEEK_SET), 0); ExpectNotNull(fileData = (unsigned char*)XMALLOC(fileDataSz, NULL, DYNAMIC_TYPE_TMP_BUFFER)); ExpectIntEQ(XFREAD(fileData, 1, fileDataSz, fp), fileDataSz); if (fp != XBADFILE) XFCLOSE(fp); ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem())); ExpectIntEQ(PEM_write_bio(bio, name, header, data, len), fileDataSz); ExpectIntEQ(wolfSSL_BIO_get_mem_data(bio, &out), fileDataSz); ExpectIntEQ(XMEMCMP(out, fileData, fileDataSz), 0); BIO_free(bio); XFREE(fileData, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(name, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER); #endif return EXPECT_RESULT(); } static int test_wolfssl_EVP_aes_gcm_AAD_2_parts(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AESGCM) && \ !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) const byte iv[12] = { 0 }; const byte key[16] = { 0 }; const byte cleartext[16] = { 0 }; const byte aad[] = { 0x01, 0x10, 0x00, 0x2a, 0x08, 0x00, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0xdc, 0x4d, 0xad, 0x6b, 0x06, 0x93, 0x4f }; byte out1Part[16]; byte outTag1Part[16]; byte out2Part[16]; byte outTag2Part[16]; byte decryptBuf[16]; int len = 0; int tlen; EVP_CIPHER_CTX* ctx = NULL; /* ENCRYPT */ /* Send AAD and data in 1 part */ ExpectNotNull(ctx = EVP_CIPHER_CTX_new()); tlen = 0; ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL), 1); ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), 1); ExpectIntEQ(EVP_EncryptUpdate(ctx, NULL, &len, aad, sizeof(aad)), 1); ExpectIntEQ(EVP_EncryptUpdate(ctx, out1Part, &len, cleartext, sizeof(cleartext)), 1); tlen += len; ExpectIntEQ(EVP_EncryptFinal_ex(ctx, out1Part, &len), 1); tlen += len; ExpectIntEQ(tlen, sizeof(cleartext)); ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16, outTag1Part), 1); EVP_CIPHER_CTX_free(ctx); ctx = NULL; /* DECRYPT */ /* Send AAD and data in 1 part */ ExpectNotNull(ctx = EVP_CIPHER_CTX_new()); tlen = 0; ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL), 1); ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), 1); ExpectIntEQ(EVP_DecryptUpdate(ctx, NULL, &len, aad, sizeof(aad)), 1); ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptBuf, &len, out1Part, sizeof(cleartext)), 1); tlen += len; ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16, outTag1Part), 1); ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptBuf, &len), 1); tlen += len; ExpectIntEQ(tlen, sizeof(cleartext)); EVP_CIPHER_CTX_free(ctx); ctx = NULL; ExpectIntEQ(XMEMCMP(decryptBuf, cleartext, len), 0); /* ENCRYPT */ /* Send AAD and data in 2 parts */ ExpectNotNull(ctx = EVP_CIPHER_CTX_new()); tlen = 0; ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL), 1); ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), 1); ExpectIntEQ(EVP_EncryptUpdate(ctx, NULL, &len, aad, 1), 1); ExpectIntEQ(EVP_EncryptUpdate(ctx, NULL, &len, aad + 1, sizeof(aad) - 1), 1); ExpectIntEQ(EVP_EncryptUpdate(ctx, out2Part, &len, cleartext, 1), 1); tlen += len; ExpectIntEQ(EVP_EncryptUpdate(ctx, out2Part + tlen, &len, cleartext + 1, sizeof(cleartext) - 1), 1); tlen += len; ExpectIntEQ(EVP_EncryptFinal_ex(ctx, out2Part + tlen, &len), 1); tlen += len; ExpectIntEQ(tlen, sizeof(cleartext)); ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16, outTag2Part), 1); ExpectIntEQ(XMEMCMP(out1Part, out2Part, sizeof(out1Part)), 0); ExpectIntEQ(XMEMCMP(outTag1Part, outTag2Part, sizeof(outTag1Part)), 0); EVP_CIPHER_CTX_free(ctx); ctx = NULL; /* DECRYPT */ /* Send AAD and data in 2 parts */ ExpectNotNull(ctx = EVP_CIPHER_CTX_new()); tlen = 0; ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL), 1); ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), 1); ExpectIntEQ(EVP_DecryptUpdate(ctx, NULL, &len, aad, 1), 1); ExpectIntEQ(EVP_DecryptUpdate(ctx, NULL, &len, aad + 1, sizeof(aad) - 1), 1); ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptBuf, &len, out1Part, 1), 1); tlen += len; ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptBuf + tlen, &len, out1Part + 1, sizeof(cleartext) - 1), 1); tlen += len; ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16, outTag1Part), 1); ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptBuf + tlen, &len), 1); tlen += len; ExpectIntEQ(tlen, sizeof(cleartext)); ExpectIntEQ(XMEMCMP(decryptBuf, cleartext, len), 0); /* Test AAD reuse */ EVP_CIPHER_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfssl_EVP_aes_gcm_zeroLen(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AESGCM) && \ !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) /* Zero length plain text */ byte key[] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }; /* align */ byte iv[] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }; /* align */ byte plaintxt[1]; int ivSz = 12; int plaintxtSz = 0; unsigned char tag[16]; unsigned char tag_kat[] = { 0x53,0x0f,0x8a,0xfb,0xc7,0x45,0x36,0xb9, 0xa9,0x63,0xb4,0xf1,0xc4,0xcb,0x73,0x8b }; byte ciphertxt[AES_BLOCK_SIZE * 4] = {0}; byte decryptedtxt[AES_BLOCK_SIZE * 4] = {0}; int ciphertxtSz = 0; int decryptedtxtSz = 0; int len = 0; EVP_CIPHER_CTX *en = EVP_CIPHER_CTX_new(); EVP_CIPHER_CTX *de = EVP_CIPHER_CTX_new(); ExpectIntEQ(1, EVP_EncryptInit_ex(en, EVP_aes_256_gcm(), NULL, key, iv)); ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL)); ExpectIntEQ(1, EVP_EncryptUpdate(en, ciphertxt, &ciphertxtSz , plaintxt, plaintxtSz)); ExpectIntEQ(1, EVP_EncryptFinal_ex(en, ciphertxt, &len)); ciphertxtSz += len; ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_GCM_GET_TAG, 16, tag)); ExpectIntEQ(1, EVP_CIPHER_CTX_cleanup(en)); ExpectIntEQ(0, ciphertxtSz); ExpectIntEQ(0, XMEMCMP(tag, tag_kat, sizeof(tag))); EVP_CIPHER_CTX_init(de); ExpectIntEQ(1, EVP_DecryptInit_ex(de, EVP_aes_256_gcm(), NULL, key, iv)); ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL)); ExpectIntEQ(1, EVP_DecryptUpdate(de, NULL, &len, ciphertxt, len)); decryptedtxtSz = len; ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_GCM_SET_TAG, 16, tag)); ExpectIntEQ(1, EVP_DecryptFinal_ex(de, decryptedtxt, &len)); decryptedtxtSz += len; ExpectIntEQ(0, decryptedtxtSz); EVP_CIPHER_CTX_free(en); EVP_CIPHER_CTX_free(de); #endif return EXPECT_RESULT(); } static int test_wolfssl_EVP_aes_gcm(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AESGCM) && \ !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) /* A 256 bit key, AES_128 will use the first 128 bit*/ byte *key = (byte*)"01234567890123456789012345678901"; /* A 128 bit IV */ byte *iv = (byte*)"0123456789012345"; int ivSz = AES_BLOCK_SIZE; /* Message to be encrypted */ byte *plaintxt = (byte*)"for things to change you have to change"; /* Additional non-confidential data */ byte *aad = (byte*)"Don't spend major time on minor things."; unsigned char tag[AES_BLOCK_SIZE] = {0}; int plaintxtSz = (int)XSTRLEN((char*)plaintxt); int aadSz = (int)XSTRLEN((char*)aad); byte ciphertxt[AES_BLOCK_SIZE * 4] = {0}; byte decryptedtxt[AES_BLOCK_SIZE * 4] = {0}; int ciphertxtSz = 0; int decryptedtxtSz = 0; int len = 0; int i = 0; EVP_CIPHER_CTX en[2]; EVP_CIPHER_CTX de[2]; for (i = 0; i < 2; i++) { EVP_CIPHER_CTX_init(&en[i]); if (i == 0) { /* Default uses 96-bits IV length */ #ifdef WOLFSSL_AES_128 ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_128_gcm(), NULL, key, iv)); #elif defined(WOLFSSL_AES_192) ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_192_gcm(), NULL, key, iv)); #elif defined(WOLFSSL_AES_256) ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_256_gcm(), NULL, key, iv)); #endif } else { #ifdef WOLFSSL_AES_128 ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_128_gcm(), NULL, NULL, NULL)); #elif defined(WOLFSSL_AES_192) ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_192_gcm(), NULL, NULL, NULL)); #elif defined(WOLFSSL_AES_256) ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_256_gcm(), NULL, NULL, NULL)); #endif /* non-default must to set the IV length first */ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL)); ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv)); } ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], NULL, &len, aad, aadSz)); ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], ciphertxt, &len, plaintxt, plaintxtSz)); ciphertxtSz = len; ExpectIntEQ(1, EVP_EncryptFinal_ex(&en[i], ciphertxt, &len)); ciphertxtSz += len; ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_GET_TAG, AES_BLOCK_SIZE, tag)); ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&en[i]), 1); EVP_CIPHER_CTX_init(&de[i]); if (i == 0) { /* Default uses 96-bits IV length */ #ifdef WOLFSSL_AES_128 ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_gcm(), NULL, key, iv)); #elif defined(WOLFSSL_AES_192) ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_gcm(), NULL, key, iv)); #elif defined(WOLFSSL_AES_256) ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_gcm(), NULL, key, iv)); #endif } else { #ifdef WOLFSSL_AES_128 ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_gcm(), NULL, NULL, NULL)); #elif defined(WOLFSSL_AES_192) ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_gcm(), NULL, NULL, NULL)); #elif defined(WOLFSSL_AES_256) ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_gcm(), NULL, NULL, NULL)); #endif /* non-default must to set the IV length first */ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL)); ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv)); } ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz)); ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt, ciphertxtSz)); decryptedtxtSz = len; ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG, AES_BLOCK_SIZE, tag)); ExpectIntEQ(1, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len)); decryptedtxtSz += len; ExpectIntEQ(ciphertxtSz, decryptedtxtSz); ExpectIntEQ(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz)); /* modify tag*/ if (i == 0) { /* Default uses 96-bits IV length */ #ifdef WOLFSSL_AES_128 ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_gcm(), NULL, key, iv)); #elif defined(WOLFSSL_AES_192) ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_gcm(), NULL, key, iv)); #elif defined(WOLFSSL_AES_256) ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_gcm(), NULL, key, iv)); #endif } else { #ifdef WOLFSSL_AES_128 ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_gcm(), NULL, NULL, NULL)); #elif defined(WOLFSSL_AES_192) ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_gcm(), NULL, NULL, NULL)); #elif defined(WOLFSSL_AES_256) ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_gcm(), NULL, NULL, NULL)); #endif /* non-default must to set the IV length first */ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL)); ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv)); } tag[AES_BLOCK_SIZE-1]+=0xBB; ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz)); ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG, AES_BLOCK_SIZE, tag)); /* fail due to wrong tag */ ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt, ciphertxtSz)); ExpectIntEQ(0, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len)); ExpectIntEQ(0, len); ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&de[i]), 1); } #endif /* OPENSSL_EXTRA && !NO_AES && HAVE_AESGCM */ return EXPECT_RESULT(); } static int test_wolfssl_EVP_aria_gcm(void) { int res = TEST_SKIPPED; #if defined(OPENSSL_EXTRA) && defined(HAVE_ARIA) && \ !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) /* A 256 bit key, AES_128 will use the first 128 bit*/ byte *key = (byte*)"01234567890123456789012345678901"; /* A 128 bit IV */ byte *iv = (byte*)"0123456789012345"; int ivSz = ARIA_BLOCK_SIZE; /* Message to be encrypted */ const int plaintxtSz = 40; byte plaintxt[WC_ARIA_GCM_GET_CIPHERTEXT_SIZE(plaintxtSz)]; XMEMCPY(plaintxt,"for things to change you have to change",plaintxtSz); /* Additional non-confidential data */ byte *aad = (byte*)"Don't spend major time on minor things."; unsigned char tag[ARIA_BLOCK_SIZE] = {0}; int aadSz = (int)XSTRLEN((char*)aad); byte ciphertxt[WC_ARIA_GCM_GET_CIPHERTEXT_SIZE(plaintxtSz)]; byte decryptedtxt[plaintxtSz]; int ciphertxtSz = 0; int decryptedtxtSz = 0; int len = 0; int i = 0; #define TEST_ARIA_GCM_COUNT 6 EVP_CIPHER_CTX en[TEST_ARIA_GCM_COUNT]; EVP_CIPHER_CTX de[TEST_ARIA_GCM_COUNT]; for (i = 0; i < TEST_ARIA_GCM_COUNT; i++) { EVP_CIPHER_CTX_init(&en[i]); switch (i) { case 0: /* Default uses 96-bits IV length */ AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aria_128_gcm(), NULL, key, iv)); break; case 1: /* Default uses 96-bits IV length */ AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aria_192_gcm(), NULL, key, iv)); break; case 2: /* Default uses 96-bits IV length */ AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aria_256_gcm(), NULL, key, iv)); break; case 3: AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aria_128_gcm(), NULL, NULL, NULL)); /* non-default must to set the IV length first */ AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL)); AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv)); break; case 4: AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aria_192_gcm(), NULL, NULL, NULL)); /* non-default must to set the IV length first */ AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL)); AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv)); break; case 5: AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aria_256_gcm(), NULL, NULL, NULL)); /* non-default must to set the IV length first */ AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL)); AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv)); break; } XMEMSET(ciphertxt,0,sizeof(ciphertxt)); AssertIntEQ(1, EVP_EncryptUpdate(&en[i], NULL, &len, aad, aadSz)); AssertIntEQ(1, EVP_EncryptUpdate(&en[i], ciphertxt, &len, plaintxt, plaintxtSz)); ciphertxtSz = len; AssertIntEQ(1, EVP_EncryptFinal_ex(&en[i], ciphertxt, &len)); AssertIntNE(0, XMEMCMP(plaintxt, ciphertxt, plaintxtSz)); ciphertxtSz += len; AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_GET_TAG, ARIA_BLOCK_SIZE, tag)); AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&en[i]), 1); EVP_CIPHER_CTX_init(&de[i]); switch (i) { case 0: /* Default uses 96-bits IV length */ AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aria_128_gcm(), NULL, key, iv)); break; case 1: /* Default uses 96-bits IV length */ AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aria_192_gcm(), NULL, key, iv)); break; case 2: /* Default uses 96-bits IV length */ AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aria_256_gcm(), NULL, key, iv)); break; case 3: AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aria_128_gcm(), NULL, NULL, NULL)); /* non-default must to set the IV length first */ AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL)); AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv)); break; case 4: AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aria_192_gcm(), NULL, NULL, NULL)); /* non-default must to set the IV length first */ AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL)); AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv)); break; case 5: AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aria_256_gcm(), NULL, NULL, NULL)); /* non-default must to set the IV length first */ AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL)); AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv)); break; } XMEMSET(decryptedtxt,0,sizeof(decryptedtxt)); AssertIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz)); AssertIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt, ciphertxtSz)); decryptedtxtSz = len; AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG, ARIA_BLOCK_SIZE, tag)); AssertIntEQ(1, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len)); decryptedtxtSz += len; AssertIntEQ(plaintxtSz, decryptedtxtSz); AssertIntEQ(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz)); XMEMSET(decryptedtxt,0,sizeof(decryptedtxt)); /* modify tag*/ tag[AES_BLOCK_SIZE-1]+=0xBB; AssertIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz)); AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG, ARIA_BLOCK_SIZE, tag)); /* fail due to wrong tag */ AssertIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt, ciphertxtSz)); AssertIntEQ(0, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len)); AssertIntEQ(0, len); AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&de[i]), 1); } res = TEST_RES_CHECK(1); #endif /* OPENSSL_EXTRA && !NO_AES && HAVE_AESGCM */ return res; } static int test_wolfssl_EVP_aes_ccm_zeroLen(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AESCCM) && \ !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) /* Zero length plain text */ byte key[] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }; /* align */ byte iv[] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }; /* align */ byte plaintxt[1]; int ivSz = 12; int plaintxtSz = 0; unsigned char tag[16]; byte ciphertxt[AES_BLOCK_SIZE * 4] = {0}; byte decryptedtxt[AES_BLOCK_SIZE * 4] = {0}; int ciphertxtSz = 0; int decryptedtxtSz = 0; int len = 0; EVP_CIPHER_CTX *en = EVP_CIPHER_CTX_new(); EVP_CIPHER_CTX *de = EVP_CIPHER_CTX_new(); ExpectIntEQ(1, EVP_EncryptInit_ex(en, EVP_aes_256_ccm(), NULL, key, iv)); ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL)); ExpectIntEQ(1, EVP_EncryptUpdate(en, ciphertxt, &ciphertxtSz , plaintxt, plaintxtSz)); ExpectIntEQ(1, EVP_EncryptFinal_ex(en, ciphertxt, &len)); ciphertxtSz += len; ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_CCM_GET_TAG, 16, tag)); ExpectIntEQ(1, EVP_CIPHER_CTX_cleanup(en)); ExpectIntEQ(0, ciphertxtSz); EVP_CIPHER_CTX_init(de); ExpectIntEQ(1, EVP_DecryptInit_ex(de, EVP_aes_256_ccm(), NULL, key, iv)); ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL)); ExpectIntEQ(1, EVP_DecryptUpdate(de, NULL, &len, ciphertxt, len)); decryptedtxtSz = len; ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_CCM_SET_TAG, 16, tag)); ExpectIntEQ(1, EVP_DecryptFinal_ex(de, decryptedtxt, &len)); decryptedtxtSz += len; ExpectIntEQ(0, decryptedtxtSz); EVP_CIPHER_CTX_free(en); EVP_CIPHER_CTX_free(de); #endif return EXPECT_RESULT(); } static int test_wolfssl_EVP_aes_ccm(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AESCCM) && \ !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) /* A 256 bit key, AES_128 will use the first 128 bit*/ byte *key = (byte*)"01234567890123456789012345678901"; /* A 128 bit IV */ byte *iv = (byte*)"0123456789012"; int ivSz = (int)XSTRLEN((char*)iv); /* Message to be encrypted */ byte *plaintxt = (byte*)"for things to change you have to change"; /* Additional non-confidential data */ byte *aad = (byte*)"Don't spend major time on minor things."; unsigned char tag[AES_BLOCK_SIZE] = {0}; int plaintxtSz = (int)XSTRLEN((char*)plaintxt); int aadSz = (int)XSTRLEN((char*)aad); byte ciphertxt[AES_BLOCK_SIZE * 4] = {0}; byte decryptedtxt[AES_BLOCK_SIZE * 4] = {0}; int ciphertxtSz = 0; int decryptedtxtSz = 0; int len = 0; int i = 0; int ret; EVP_CIPHER_CTX en[2]; EVP_CIPHER_CTX de[2]; for (i = 0; i < 2; i++) { EVP_CIPHER_CTX_init(&en[i]); if (i == 0) { /* Default uses 96-bits IV length */ #ifdef WOLFSSL_AES_128 ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_128_ccm(), NULL, key, iv)); #elif defined(WOLFSSL_AES_192) ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_192_ccm(), NULL, key, iv)); #elif defined(WOLFSSL_AES_256) ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_256_ccm(), NULL, key, iv)); #endif } else { #ifdef WOLFSSL_AES_128 ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_128_ccm(), NULL, NULL, NULL)); #elif defined(WOLFSSL_AES_192) ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_192_ccm(), NULL, NULL, NULL)); #elif defined(WOLFSSL_AES_256) ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_256_ccm(), NULL, NULL, NULL)); #endif /* non-default must to set the IV length first */ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL)); ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv)); } ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], NULL, &len, aad, aadSz)); ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], ciphertxt, &len, plaintxt, plaintxtSz)); ciphertxtSz = len; ExpectIntEQ(1, EVP_EncryptFinal_ex(&en[i], ciphertxt, &len)); ciphertxtSz += len; ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_CCM_GET_TAG, AES_BLOCK_SIZE, tag)); ret = wolfSSL_EVP_CIPHER_CTX_cleanup(&en[i]); ExpectIntEQ(ret, 1); EVP_CIPHER_CTX_init(&de[i]); if (i == 0) { /* Default uses 96-bits IV length */ #ifdef WOLFSSL_AES_128 ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_ccm(), NULL, key, iv)); #elif defined(WOLFSSL_AES_192) ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_ccm(), NULL, key, iv)); #elif defined(WOLFSSL_AES_256) ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_ccm(), NULL, key, iv)); #endif } else { #ifdef WOLFSSL_AES_128 ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_ccm(), NULL, NULL, NULL)); #elif defined(WOLFSSL_AES_192) ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_ccm(), NULL, NULL, NULL)); #elif defined(WOLFSSL_AES_256) ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_ccm(), NULL, NULL, NULL)); #endif /* non-default must to set the IV length first */ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL)); ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv)); } ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz)); ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt, ciphertxtSz)); decryptedtxtSz = len; ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_CCM_SET_TAG, AES_BLOCK_SIZE, tag)); ExpectIntEQ(1, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len)); decryptedtxtSz += len; ExpectIntEQ(ciphertxtSz, decryptedtxtSz); ExpectIntEQ(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz)); /* modify tag*/ tag[AES_BLOCK_SIZE-1]+=0xBB; ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz)); ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_CCM_SET_TAG, AES_BLOCK_SIZE, tag)); /* fail due to wrong tag */ ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt, ciphertxtSz)); ExpectIntEQ(0, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len)); ExpectIntEQ(0, len); ret = wolfSSL_EVP_CIPHER_CTX_cleanup(&de[i]); ExpectIntEQ(ret, 1); } #endif /* OPENSSL_EXTRA && !NO_AES && HAVE_AESCCM */ return EXPECT_RESULT(); } static int test_wolfssl_EVP_chacha20_poly1305(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_CHACHA) && defined(HAVE_POLY1305) byte key[CHACHA20_POLY1305_AEAD_KEYSIZE]; byte iv [CHACHA20_POLY1305_AEAD_IV_SIZE]; byte plainText[] = {0xDE, 0xAD, 0xBE, 0xEF}; byte aad[] = {0xAA, 0XBB, 0xCC, 0xDD, 0xEE, 0xFF}; byte cipherText[sizeof(plainText)]; byte decryptedText[sizeof(plainText)]; byte tag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]; EVP_CIPHER_CTX* ctx = NULL; int outSz; /* Encrypt. */ ExpectNotNull((ctx = EVP_CIPHER_CTX_new())); ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL, NULL, NULL), WOLFSSL_SUCCESS); /* Invalid IV length. */ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, CHACHA20_POLY1305_AEAD_IV_SIZE-1, NULL), WOLFSSL_FAILURE); /* Valid IV length. */ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, CHACHA20_POLY1305_AEAD_IV_SIZE, NULL), WOLFSSL_SUCCESS); /* Invalid tag length. */ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE-1, NULL), WOLFSSL_FAILURE); /* Valid tag length. */ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE, NULL), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_EncryptUpdate(ctx, NULL, &outSz, aad, sizeof(aad)), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, sizeof(aad)); ExpectIntEQ(EVP_EncryptUpdate(ctx, cipherText, &outSz, plainText, sizeof(plainText)), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, sizeof(plainText)); ExpectIntEQ(EVP_EncryptFinal_ex(ctx, cipherText, &outSz), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, 0); /* Invalid tag length. */ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE-1, tag), WOLFSSL_FAILURE); /* Valid tag length. */ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE, tag), WOLFSSL_SUCCESS); EVP_CIPHER_CTX_free(ctx); ctx = NULL; /* Decrypt. */ ExpectNotNull((ctx = EVP_CIPHER_CTX_new())); ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL, NULL, NULL), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, CHACHA20_POLY1305_AEAD_IV_SIZE, NULL), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE, tag), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_DecryptUpdate(ctx, NULL, &outSz, aad, sizeof(aad)), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, sizeof(aad)); ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText, sizeof(cipherText)), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, sizeof(cipherText)); ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, 0); EVP_CIPHER_CTX_free(ctx); ctx = NULL; /* Test partial Inits. CipherInit() allow setting of key and iv * in separate calls. */ ExpectNotNull((ctx = EVP_CIPHER_CTX_new())); ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, EVP_chacha20_poly1305(), key, NULL, 1), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, NULL, NULL, iv, 1), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_EVP_CipherUpdate(ctx, NULL, &outSz, aad, sizeof(aad)), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, sizeof(aad)); ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText, sizeof(cipherText)), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, sizeof(cipherText)); ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, 0); EVP_CIPHER_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfssl_EVP_chacha20(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_CHACHA) byte key[CHACHA_MAX_KEY_SZ]; byte iv [WOLFSSL_EVP_CHACHA_IV_BYTES]; byte plainText[] = {0xDE, 0xAD, 0xBE, 0xEF}; byte cipherText[sizeof(plainText)]; byte decryptedText[sizeof(plainText)]; EVP_CIPHER_CTX* ctx = NULL; int outSz; XMEMSET(key, 0, sizeof(key)); XMEMSET(iv, 0, sizeof(iv)); /* Encrypt. */ ExpectNotNull((ctx = EVP_CIPHER_CTX_new())); ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_chacha20(), NULL, NULL, NULL), WOLFSSL_SUCCESS); /* Any tag length must fail - not an AEAD cipher. */ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16, NULL), WOLFSSL_FAILURE); ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_EncryptUpdate(ctx, cipherText, &outSz, plainText, sizeof(plainText)), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, sizeof(plainText)); ExpectIntEQ(EVP_EncryptFinal_ex(ctx, cipherText, &outSz), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, 0); EVP_CIPHER_CTX_free(ctx); ctx = NULL; /* Decrypt. */ ExpectNotNull((ctx = EVP_CIPHER_CTX_new())); ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_chacha20(), NULL, NULL, NULL), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText, sizeof(cipherText)), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, sizeof(cipherText)); ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, 0); EVP_CIPHER_CTX_free(ctx); ctx = NULL; /* Test partial Inits. CipherInit() allow setting of key and iv * in separate calls. */ ExpectNotNull((ctx = EVP_CIPHER_CTX_new())); ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, EVP_chacha20(), key, NULL, 1), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, NULL, NULL, iv, 1), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText, sizeof(cipherText)), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, sizeof(cipherText)); ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, 0); EVP_CIPHER_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfssl_EVP_sm4_ecb(void) { int res = TEST_SKIPPED; #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_ECB) EXPECT_DECLS; byte key[SM4_KEY_SIZE]; byte plainText[SM4_BLOCK_SIZE] = { 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF }; byte cipherText[sizeof(plainText) + SM4_BLOCK_SIZE]; byte decryptedText[sizeof(plainText) + SM4_BLOCK_SIZE]; EVP_CIPHER_CTX* ctx; int outSz; XMEMSET(key, 0, sizeof(key)); /* Encrypt. */ ExpectNotNull((ctx = EVP_CIPHER_CTX_new())); ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_sm4_ecb(), NULL, NULL, NULL), WOLFSSL_SUCCESS); /* Any tag length must fail - not an AEAD cipher. */ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16, NULL), WOLFSSL_FAILURE); ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_EncryptUpdate(ctx, cipherText, &outSz, plainText, sizeof(plainText)), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, sizeof(plainText)); ExpectIntEQ(EVP_EncryptFinal_ex(ctx, cipherText + outSz, &outSz), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, SM4_BLOCK_SIZE); ExpectBufNE(cipherText, plainText, sizeof(plainText)); EVP_CIPHER_CTX_free(ctx); /* Decrypt. */ ExpectNotNull((ctx = EVP_CIPHER_CTX_new())); ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_sm4_ecb(), NULL, NULL, NULL), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, NULL), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText, sizeof(cipherText)), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, sizeof(plainText)); ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText + outSz, &outSz), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, 0); ExpectBufEQ(decryptedText, plainText, sizeof(plainText)); EVP_CIPHER_CTX_free(ctx); res = EXPECT_RESULT(); #endif return res; } static int test_wolfssl_EVP_sm4_cbc(void) { int res = TEST_SKIPPED; #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_CBC) EXPECT_DECLS; byte key[SM4_KEY_SIZE]; byte iv[SM4_BLOCK_SIZE]; byte plainText[SM4_BLOCK_SIZE] = { 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF }; byte cipherText[sizeof(plainText) + SM4_BLOCK_SIZE]; byte decryptedText[sizeof(plainText) + SM4_BLOCK_SIZE]; EVP_CIPHER_CTX* ctx; int outSz; XMEMSET(key, 0, sizeof(key)); XMEMSET(iv, 0, sizeof(iv)); /* Encrypt. */ ExpectNotNull((ctx = EVP_CIPHER_CTX_new())); ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_sm4_cbc(), NULL, NULL, NULL), WOLFSSL_SUCCESS); /* Any tag length must fail - not an AEAD cipher. */ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16, NULL), WOLFSSL_FAILURE); ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_EncryptUpdate(ctx, cipherText, &outSz, plainText, sizeof(plainText)), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, sizeof(plainText)); ExpectIntEQ(EVP_EncryptFinal_ex(ctx, cipherText + outSz, &outSz), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, SM4_BLOCK_SIZE); ExpectBufNE(cipherText, plainText, sizeof(plainText)); EVP_CIPHER_CTX_free(ctx); /* Decrypt. */ ExpectNotNull((ctx = EVP_CIPHER_CTX_new())); ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_sm4_cbc(), NULL, NULL, NULL), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText, sizeof(cipherText)), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, sizeof(plainText)); ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText + outSz, &outSz), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, 0); ExpectBufEQ(decryptedText, plainText, sizeof(plainText)); EVP_CIPHER_CTX_free(ctx); /* Test partial Inits. CipherInit() allow setting of key and iv * in separate calls. */ ExpectNotNull((ctx = EVP_CIPHER_CTX_new())); ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, EVP_sm4_cbc(), key, NULL, 0), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, NULL, NULL, iv, 0), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText, sizeof(cipherText)), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, sizeof(plainText)); ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText + outSz, &outSz), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, 0); ExpectBufEQ(decryptedText, plainText, sizeof(plainText)); EVP_CIPHER_CTX_free(ctx); res = EXPECT_RESULT(); #endif return res; } static int test_wolfssl_EVP_sm4_ctr(void) { int res = TEST_SKIPPED; #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_CTR) EXPECT_DECLS; byte key[SM4_KEY_SIZE]; byte iv[SM4_BLOCK_SIZE]; byte plainText[] = {0xDE, 0xAD, 0xBE, 0xEF}; byte cipherText[sizeof(plainText)]; byte decryptedText[sizeof(plainText)]; EVP_CIPHER_CTX* ctx; int outSz; XMEMSET(key, 0, sizeof(key)); XMEMSET(iv, 0, sizeof(iv)); /* Encrypt. */ ExpectNotNull((ctx = EVP_CIPHER_CTX_new())); ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_sm4_ctr(), NULL, NULL, NULL), WOLFSSL_SUCCESS); /* Any tag length must fail - not an AEAD cipher. */ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16, NULL), WOLFSSL_FAILURE); ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_EncryptUpdate(ctx, cipherText, &outSz, plainText, sizeof(plainText)), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, sizeof(plainText)); ExpectIntEQ(EVP_EncryptFinal_ex(ctx, cipherText, &outSz), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, 0); ExpectBufNE(cipherText, plainText, sizeof(plainText)); EVP_CIPHER_CTX_free(ctx); /* Decrypt. */ ExpectNotNull((ctx = EVP_CIPHER_CTX_new())); ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_sm4_ctr(), NULL, NULL, NULL), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText, sizeof(cipherText)), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, sizeof(cipherText)); ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, 0); ExpectBufEQ(decryptedText, plainText, sizeof(plainText)); EVP_CIPHER_CTX_free(ctx); /* Test partial Inits. CipherInit() allow setting of key and iv * in separate calls. */ ExpectNotNull((ctx = EVP_CIPHER_CTX_new())); ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, EVP_sm4_ctr(), key, NULL, 1), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, NULL, NULL, iv, 1), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText, sizeof(cipherText)), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, sizeof(cipherText)); ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz), WOLFSSL_SUCCESS); ExpectIntEQ(outSz, 0); ExpectBufEQ(decryptedText, plainText, sizeof(plainText)); EVP_CIPHER_CTX_free(ctx); res = EXPECT_RESULT(); #endif return res; } static int test_wolfssl_EVP_sm4_gcm_zeroLen(void) { int res = TEST_SKIPPED; #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_GCM) /* Zero length plain text */ EXPECT_DECLS; byte key[] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }; /* align */ byte iv[] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }; /* align */ byte plaintxt[1]; int ivSz = 12; int plaintxtSz = 0; unsigned char tag[16]; unsigned char tag_kat[16] = { 0x23,0x2f,0x0c,0xfe,0x30,0x8b,0x49,0xea, 0x6f,0xc8,0x82,0x29,0xb5,0xdc,0x85,0x8d }; byte ciphertxt[SM4_BLOCK_SIZE * 4] = {0}; byte decryptedtxt[SM4_BLOCK_SIZE * 4] = {0}; int ciphertxtSz = 0; int decryptedtxtSz = 0; int len = 0; EVP_CIPHER_CTX *en = EVP_CIPHER_CTX_new(); EVP_CIPHER_CTX *de = EVP_CIPHER_CTX_new(); ExpectIntEQ(1, EVP_EncryptInit_ex(en, EVP_sm4_gcm(), NULL, key, iv)); ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL)); ExpectIntEQ(1, EVP_EncryptUpdate(en, ciphertxt, &ciphertxtSz , plaintxt, plaintxtSz)); ExpectIntEQ(1, EVP_EncryptFinal_ex(en, ciphertxt, &len)); ciphertxtSz += len; ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_GCM_GET_TAG, 16, tag)); ExpectIntEQ(1, EVP_CIPHER_CTX_cleanup(en)); ExpectIntEQ(0, ciphertxtSz); ExpectIntEQ(0, XMEMCMP(tag, tag_kat, sizeof(tag))); EVP_CIPHER_CTX_init(de); ExpectIntEQ(1, EVP_DecryptInit_ex(de, EVP_sm4_gcm(), NULL, key, iv)); ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL)); ExpectIntEQ(1, EVP_DecryptUpdate(de, NULL, &len, ciphertxt, len)); decryptedtxtSz = len; ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_GCM_SET_TAG, 16, tag)); ExpectIntEQ(1, EVP_DecryptFinal_ex(de, decryptedtxt, &len)); decryptedtxtSz += len; ExpectIntEQ(0, decryptedtxtSz); EVP_CIPHER_CTX_free(en); EVP_CIPHER_CTX_free(de); res = EXPECT_RESULT(); #endif /* OPENSSL_EXTRA && WOLFSSL_SM4_GCM */ return res; } static int test_wolfssl_EVP_sm4_gcm(void) { int res = TEST_SKIPPED; #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_GCM) EXPECT_DECLS; byte *key = (byte*)"0123456789012345"; /* A 128 bit IV */ byte *iv = (byte*)"0123456789012345"; int ivSz = SM4_BLOCK_SIZE; /* Message to be encrypted */ byte *plaintxt = (byte*)"for things to change you have to change"; /* Additional non-confidential data */ byte *aad = (byte*)"Don't spend major time on minor things."; unsigned char tag[SM4_BLOCK_SIZE] = {0}; int plaintxtSz = (int)XSTRLEN((char*)plaintxt); int aadSz = (int)XSTRLEN((char*)aad); byte ciphertxt[SM4_BLOCK_SIZE * 4] = {0}; byte decryptedtxt[SM4_BLOCK_SIZE * 4] = {0}; int ciphertxtSz = 0; int decryptedtxtSz = 0; int len = 0; int i = 0; EVP_CIPHER_CTX en[2]; EVP_CIPHER_CTX de[2]; for (i = 0; i < 2; i++) { EVP_CIPHER_CTX_init(&en[i]); if (i == 0) { /* Default uses 96-bits IV length */ ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_sm4_gcm(), NULL, key, iv)); } else { ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_sm4_gcm(), NULL, NULL, NULL)); /* non-default must to set the IV length first */ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL)); ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv)); } ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], NULL, &len, aad, aadSz)); ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], ciphertxt, &len, plaintxt, plaintxtSz)); ciphertxtSz = len; ExpectIntEQ(1, EVP_EncryptFinal_ex(&en[i], ciphertxt, &len)); ciphertxtSz += len; ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_GET_TAG, SM4_BLOCK_SIZE, tag)); ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&en[i]), 1); EVP_CIPHER_CTX_init(&de[i]); if (i == 0) { /* Default uses 96-bits IV length */ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_sm4_gcm(), NULL, key, iv)); } else { ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_sm4_gcm(), NULL, NULL, NULL)); /* non-default must to set the IV length first */ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL)); ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv)); } ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz)); ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt, ciphertxtSz)); decryptedtxtSz = len; ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG, SM4_BLOCK_SIZE, tag)); ExpectIntEQ(1, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len)); decryptedtxtSz += len; ExpectIntEQ(ciphertxtSz, decryptedtxtSz); ExpectIntEQ(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz)); /* modify tag*/ tag[SM4_BLOCK_SIZE-1]+=0xBB; ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz)); ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG, SM4_BLOCK_SIZE, tag)); /* fail due to wrong tag */ ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt, ciphertxtSz)); ExpectIntEQ(0, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len)); ExpectIntEQ(0, len); ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&de[i]), 1); } res = EXPECT_RESULT(); #endif /* OPENSSL_EXTRA && WOLFSSL_SM4_GCM */ return res; } static int test_wolfssl_EVP_sm4_ccm_zeroLen(void) { int res = TEST_SKIPPED; #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_CCM) /* Zero length plain text */ EXPECT_DECLS; byte key[] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }; /* align */ byte iv[] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }; /* align */ byte plaintxt[1]; int ivSz = 12; int plaintxtSz = 0; unsigned char tag[16]; byte ciphertxt[SM4_BLOCK_SIZE * 4] = {0}; byte decryptedtxt[SM4_BLOCK_SIZE * 4] = {0}; int ciphertxtSz = 0; int decryptedtxtSz = 0; int len = 0; EVP_CIPHER_CTX *en = EVP_CIPHER_CTX_new(); EVP_CIPHER_CTX *de = EVP_CIPHER_CTX_new(); ExpectIntEQ(1, EVP_EncryptInit_ex(en, EVP_sm4_ccm(), NULL, key, iv)); ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL)); ExpectIntEQ(1, EVP_EncryptUpdate(en, ciphertxt, &ciphertxtSz , plaintxt, plaintxtSz)); ExpectIntEQ(1, EVP_EncryptFinal_ex(en, ciphertxt, &len)); ciphertxtSz += len; ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_CCM_GET_TAG, 16, tag)); ExpectIntEQ(1, EVP_CIPHER_CTX_cleanup(en)); ExpectIntEQ(0, ciphertxtSz); EVP_CIPHER_CTX_init(de); ExpectIntEQ(1, EVP_DecryptInit_ex(de, EVP_sm4_ccm(), NULL, key, iv)); ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL)); ExpectIntEQ(1, EVP_DecryptUpdate(de, NULL, &len, ciphertxt, len)); decryptedtxtSz = len; ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_CCM_SET_TAG, 16, tag)); ExpectIntEQ(1, EVP_DecryptFinal_ex(de, decryptedtxt, &len)); decryptedtxtSz += len; ExpectIntEQ(0, decryptedtxtSz); EVP_CIPHER_CTX_free(en); EVP_CIPHER_CTX_free(de); res = EXPECT_RESULT(); #endif /* OPENSSL_EXTRA && WOLFSSL_SM4_CCM */ return res; } static int test_wolfssl_EVP_sm4_ccm(void) { int res = TEST_SKIPPED; #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_CCM) EXPECT_DECLS; byte *key = (byte*)"0123456789012345"; byte *iv = (byte*)"0123456789012"; int ivSz = (int)XSTRLEN((char*)iv); /* Message to be encrypted */ byte *plaintxt = (byte*)"for things to change you have to change"; /* Additional non-confidential data */ byte *aad = (byte*)"Don't spend major time on minor things."; unsigned char tag[SM4_BLOCK_SIZE] = {0}; int plaintxtSz = (int)XSTRLEN((char*)plaintxt); int aadSz = (int)XSTRLEN((char*)aad); byte ciphertxt[SM4_BLOCK_SIZE * 4] = {0}; byte decryptedtxt[SM4_BLOCK_SIZE * 4] = {0}; int ciphertxtSz = 0; int decryptedtxtSz = 0; int len = 0; int i = 0; EVP_CIPHER_CTX en[2]; EVP_CIPHER_CTX de[2]; for (i = 0; i < 2; i++) { EVP_CIPHER_CTX_init(&en[i]); if (i == 0) { /* Default uses 96-bits IV length */ ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_sm4_ccm(), NULL, key, iv)); } else { ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_sm4_ccm(), NULL, NULL, NULL)); /* non-default must to set the IV length first */ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL)); ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv)); } ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], NULL, &len, aad, aadSz)); ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], ciphertxt, &len, plaintxt, plaintxtSz)); ciphertxtSz = len; ExpectIntEQ(1, EVP_EncryptFinal_ex(&en[i], ciphertxt, &len)); ciphertxtSz += len; ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_CCM_GET_TAG, SM4_BLOCK_SIZE, tag)); ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&en[i]), 1); EVP_CIPHER_CTX_init(&de[i]); if (i == 0) { /* Default uses 96-bits IV length */ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_sm4_ccm(), NULL, key, iv)); } else { ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_sm4_ccm(), NULL, NULL, NULL)); /* non-default must to set the IV length first */ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL)); ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv)); } ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz)); ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt, ciphertxtSz)); decryptedtxtSz = len; ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_CCM_SET_TAG, SM4_BLOCK_SIZE, tag)); ExpectIntEQ(1, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len)); decryptedtxtSz += len; ExpectIntEQ(ciphertxtSz, decryptedtxtSz); ExpectIntEQ(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz)); /* modify tag*/ tag[SM4_BLOCK_SIZE-1]+=0xBB; ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz)); ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_CCM_SET_TAG, SM4_BLOCK_SIZE, tag)); /* fail due to wrong tag */ ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt, ciphertxtSz)); ExpectIntEQ(0, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len)); ExpectIntEQ(0, len); ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&de[i]), 1); } res = EXPECT_RESULT(); #endif /* OPENSSL_EXTRA && WOLFSSL_SM4_CCM */ return res; } static int test_wolfSSL_EVP_PKEY_hkdf(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_HKDF) EVP_PKEY_CTX* ctx = NULL; byte salt[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F}; byte key[] = {0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F}; byte info[] = {0X01, 0x02, 0x03, 0x04, 0x05}; byte info2[] = {0X06, 0x07, 0x08, 0x09, 0x0A}; byte outKey[34]; size_t outKeySz = sizeof(outKey); /* These expected outputs were gathered by running the same test below using * OpenSSL. */ const byte extractAndExpand[] = { 0x8B, 0xEB, 0x90, 0xA9, 0x04, 0xFF, 0x05, 0x10, 0xE4, 0xB5, 0xB1, 0x10, 0x31, 0x34, 0xFF, 0x07, 0x5B, 0xE3, 0xC6, 0x93, 0xD4, 0xF8, 0xC7, 0xEE, 0x96, 0xDA, 0x78, 0x7A, 0xE2, 0x9A, 0x2D, 0x05, 0x4B, 0xF6 }; const byte extractOnly[] = { 0xE7, 0x6B, 0x9E, 0x0F, 0xE4, 0x02, 0x1D, 0x62, 0xEA, 0x97, 0x74, 0x5E, 0xF4, 0x3C, 0x65, 0x4D, 0xC1, 0x46, 0x98, 0xAA, 0x79, 0x9A, 0xCB, 0x9C, 0xCC, 0x3E, 0x7F, 0x2A, 0x2B, 0x41, 0xA1, 0x9E }; const byte expandOnly[] = { 0xFF, 0x29, 0x29, 0x56, 0x9E, 0xA7, 0x66, 0x02, 0xDB, 0x4F, 0xDB, 0x53, 0x7D, 0x21, 0x67, 0x52, 0xC3, 0x0E, 0xF3, 0xFC, 0x71, 0xCE, 0x67, 0x2B, 0xEA, 0x3B, 0xE9, 0xFC, 0xDD, 0xC8, 0xCC, 0xB7, 0x42, 0x74 }; const byte extractAndExpandAddInfo[] = { 0x5A, 0x74, 0x79, 0x83, 0xA3, 0xA4, 0x2E, 0xB7, 0xD4, 0x08, 0xC2, 0x6A, 0x2F, 0xA5, 0xE3, 0x4E, 0xF1, 0xF4, 0x87, 0x3E, 0xA6, 0xC7, 0x88, 0x45, 0xD7, 0xE2, 0x15, 0xBC, 0xB8, 0x10, 0xEF, 0x6C, 0x4D, 0x7A }; ExpectNotNull((ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL))); ExpectIntEQ(EVP_PKEY_derive_init(ctx), WOLFSSL_SUCCESS); /* NULL ctx. */ ExpectIntEQ(EVP_PKEY_CTX_set_hkdf_md(NULL, EVP_sha256()), WOLFSSL_FAILURE); /* NULL md. */ ExpectIntEQ(EVP_PKEY_CTX_set_hkdf_md(ctx, NULL), WOLFSSL_FAILURE); ExpectIntEQ(EVP_PKEY_CTX_set_hkdf_md(ctx, EVP_sha256()), WOLFSSL_SUCCESS); /* NULL ctx. */ ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(NULL, salt, sizeof(salt)), WOLFSSL_FAILURE); /* NULL salt is ok. */ ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, NULL, sizeof(salt)), WOLFSSL_SUCCESS); /* Salt length <= 0. */ /* Length 0 salt is ok. */ ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, salt, 0), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, salt, -1), WOLFSSL_FAILURE); ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, salt, sizeof(salt)), WOLFSSL_SUCCESS); /* NULL ctx. */ ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(NULL, key, sizeof(key)), WOLFSSL_FAILURE); /* NULL key. */ ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, NULL, sizeof(key)), WOLFSSL_FAILURE); /* Key length <= 0 */ ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, key, 0), WOLFSSL_FAILURE); ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, key, -1), WOLFSSL_FAILURE); ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, key, sizeof(key)), WOLFSSL_SUCCESS); /* NULL ctx. */ ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(NULL, info, sizeof(info)), WOLFSSL_FAILURE); /* NULL info is ok. */ ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, NULL, sizeof(info)), WOLFSSL_SUCCESS); /* Info length <= 0 */ /* Length 0 info is ok. */ ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info, 0), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info, -1), WOLFSSL_FAILURE); ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info, sizeof(info)), WOLFSSL_SUCCESS); /* NULL ctx. */ ExpectIntEQ(EVP_PKEY_CTX_hkdf_mode(NULL, EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY), WOLFSSL_FAILURE); /* Extract and expand (default). */ ExpectIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS); ExpectIntEQ(outKeySz, sizeof(extractAndExpand)); ExpectIntEQ(XMEMCMP(outKey, extractAndExpand, outKeySz), 0); /* Extract only. */ ExpectIntEQ(EVP_PKEY_CTX_hkdf_mode(ctx, EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS); ExpectIntEQ(outKeySz, sizeof(extractOnly)); ExpectIntEQ(XMEMCMP(outKey, extractOnly, outKeySz), 0); outKeySz = sizeof(outKey); /* Expand only. */ ExpectIntEQ(EVP_PKEY_CTX_hkdf_mode(ctx, EVP_PKEY_HKDEF_MODE_EXPAND_ONLY), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS); ExpectIntEQ(outKeySz, sizeof(expandOnly)); ExpectIntEQ(XMEMCMP(outKey, expandOnly, outKeySz), 0); outKeySz = sizeof(outKey); /* Extract and expand with appended additional info. */ ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info2, sizeof(info2)), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_hkdf_mode(ctx, EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS); ExpectIntEQ(outKeySz, sizeof(extractAndExpandAddInfo)); ExpectIntEQ(XMEMCMP(outKey, extractAndExpandAddInfo, outKeySz), 0); EVP_PKEY_CTX_free(ctx); #endif /* OPENSSL_EXTRA && HAVE_HKDF */ return EXPECT_RESULT(); } #ifndef NO_BIO static int test_wolfSSL_PEM_X509_INFO_read_bio(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) BIO* bio = NULL; X509_INFO* info = NULL; STACK_OF(X509_INFO)* sk = NULL; char* subject = NULL; char exp1[] = "/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/" "CN=www.wolfssl.com/emailAddress=info@wolfssl.com"; char exp2[] = "/C=US/ST=Montana/L=Bozeman/O=wolfSSL/OU=Support/" "CN=www.wolfssl.com/emailAddress=info@wolfssl.com"; ExpectNotNull(bio = BIO_new(BIO_s_file())); ExpectIntGT(BIO_read_filename(bio, svrCertFile), 0); ExpectNotNull(sk = PEM_X509_INFO_read_bio(bio, NULL, NULL, NULL)); ExpectIntEQ(sk_X509_INFO_num(sk), 2); /* using dereference to maintain testing for Apache port*/ ExpectNotNull(info = sk_X509_INFO_pop(sk)); ExpectNotNull(subject = X509_NAME_oneline(X509_get_subject_name(info->x509), 0, 0)); ExpectIntEQ(0, XSTRNCMP(subject, exp1, sizeof(exp1))); XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL); X509_INFO_free(info); info = NULL; ExpectNotNull(info = sk_X509_INFO_pop(sk)); ExpectNotNull(subject = X509_NAME_oneline(X509_get_subject_name(info->x509), 0, 0)); ExpectIntEQ(0, XSTRNCMP(subject, exp2, sizeof(exp2))); XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL); X509_INFO_free(info); ExpectNull(info = sk_X509_INFO_pop(sk)); sk_X509_INFO_pop_free(sk, X509_INFO_free); BIO_free(bio); #endif return EXPECT_RESULT(); } #endif /* !NO_BIO */ static int test_wolfSSL_X509_NAME_ENTRY_get_object(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) X509 *x509 = NULL; X509_NAME* name = NULL; int idx = 0; X509_NAME_ENTRY *ne = NULL; ASN1_OBJECT *object = NULL; ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(name = X509_get_subject_name(x509)); ExpectIntGE(idx = X509_NAME_get_index_by_NID(name, NID_commonName, -1), 0); ExpectNotNull(ne = X509_NAME_get_entry(name, idx)); ExpectNotNull(object = X509_NAME_ENTRY_get_object(ne)); X509_free(x509); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_STORE_get1_certs(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SIGNER_DER_CERT) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) X509_STORE_CTX *storeCtx = NULL; X509_STORE *store = NULL; X509 *caX509 = NULL; X509 *svrX509 = NULL; X509_NAME *subject = NULL; WOLF_STACK_OF(WOLFSSL_X509) *certs = NULL; ExpectNotNull(caX509 = X509_load_certificate_file(caCertFile, SSL_FILETYPE_PEM)); ExpectNotNull((svrX509 = wolfSSL_X509_load_certificate_file(svrCertFile, SSL_FILETYPE_PEM))); ExpectNotNull(storeCtx = X509_STORE_CTX_new()); ExpectNotNull(store = X509_STORE_new()); ExpectNotNull(subject = X509_get_subject_name(caX509)); /* Errors */ ExpectNull(X509_STORE_get1_certs(storeCtx, subject)); ExpectNull(X509_STORE_get1_certs(NULL, subject)); ExpectNull(X509_STORE_get1_certs(storeCtx, NULL)); ExpectIntEQ(X509_STORE_add_cert(store, caX509), SSL_SUCCESS); ExpectIntEQ(X509_STORE_CTX_init(storeCtx, store, caX509, NULL), SSL_SUCCESS); /* Should find the cert */ ExpectNotNull(certs = X509_STORE_get1_certs(storeCtx, subject)); ExpectIntEQ(1, wolfSSL_sk_X509_num(certs)); sk_X509_pop_free(certs, NULL); certs = NULL; /* Should not find the cert */ ExpectNotNull(subject = X509_get_subject_name(svrX509)); ExpectNotNull(certs = X509_STORE_get1_certs(storeCtx, subject)); ExpectIntEQ(0, wolfSSL_sk_X509_num(certs)); sk_X509_pop_free(certs, NULL); certs = NULL; X509_STORE_free(store); X509_STORE_CTX_free(storeCtx); X509_free(svrX509); X509_free(caX509); #endif /* OPENSSL_EXTRA && WOLFSSL_SIGNER_DER_CERT && !NO_FILESYSTEM */ return EXPECT_RESULT(); } static int test_wolfSSL_dup_CA_list(void) { int res = TEST_SKIPPED; #if defined(OPENSSL_ALL) EXPECT_DECLS; STACK_OF(X509_NAME) *originalStack = NULL; STACK_OF(X509_NAME) *copyStack = NULL; int originalCount = 0; int copyCount = 0; X509_NAME *name = NULL; int i; originalStack = sk_X509_NAME_new_null(); ExpectNotNull(originalStack); for (i = 0; i < 3; i++) { name = X509_NAME_new(); ExpectNotNull(name); AssertIntEQ(sk_X509_NAME_push(originalStack, name), WOLFSSL_SUCCESS); } copyStack = SSL_dup_CA_list(originalStack); ExpectNotNull(copyStack); originalCount = sk_X509_NAME_num(originalStack); copyCount = sk_X509_NAME_num(copyStack); AssertIntEQ(originalCount, copyCount); sk_X509_NAME_pop_free(originalStack, X509_NAME_free); sk_X509_NAME_pop_free(copyStack, X509_NAME_free); originalStack = NULL; copyStack = NULL; res = EXPECT_RESULT(); #endif /* OPENSSL_ALL */ return res; } static int test_ForceZero(void) { EXPECT_DECLS; unsigned char data[32]; unsigned int i, j, len; /* Test case with 0 length */ ForceZero(data, 0); /* Test ForceZero */ for (i = 0; i < sizeof(data); i++) { for (len = 1; len < sizeof(data) - i; len++) { for (j = 0; j < sizeof(data); j++) data[j] = j + 1; ForceZero(data + i, len); for (j = 0; j < sizeof(data); j++) { if (j < i || j >= i + len) { ExpectIntNE(data[j], 0x00); } else { ExpectIntEQ(data[j], 0x00); } } } } return EXPECT_RESULT(); } #ifndef NO_BIO static int test_wolfSSL_X509_print(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && \ !defined(NO_RSA) && defined(XSNPRINTF) X509 *x509 = NULL; BIO *bio = NULL; #if defined(OPENSSL_ALL) && !defined(NO_WOLFSSL_DIR) const X509_ALGOR *cert_sig_alg = NULL; #endif ExpectNotNull(x509 = X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM)); /* print to memory */ ExpectNotNull(bio = BIO_new(BIO_s_mem())); ExpectIntEQ(X509_print(bio, x509), SSL_SUCCESS); #if defined(OPENSSL_ALL) || defined(WOLFSSL_IP_ALT_NAME) #if defined(WC_DISABLE_RADIX_ZERO_PAD) /* Will print IP address subject alt name. */ ExpectIntEQ(BIO_get_mem_data(bio, NULL), 3349); #elif defined(NO_ASN_TIME) /* Will print IP address subject alt name but not Validity. */ ExpectIntEQ(BIO_get_mem_data(bio, NULL), 3235); #else /* Will print IP address subject alt name. */ ExpectIntEQ(BIO_get_mem_data(bio, NULL), 3350); #endif #elif defined(NO_ASN_TIME) /* With NO_ASN_TIME defined, X509_print skips printing Validity. */ ExpectIntEQ(BIO_get_mem_data(bio, NULL), 3213); #else ExpectIntEQ(BIO_get_mem_data(bio, NULL), 3328); #endif BIO_free(bio); bio = NULL; ExpectNotNull(bio = BIO_new_fd(STDERR_FILENO, BIO_NOCLOSE)); #if defined(OPENSSL_ALL) && !defined(NO_WOLFSSL_DIR) /* Print signature */ ExpectNotNull(cert_sig_alg = X509_get0_tbs_sigalg(x509)); ExpectIntEQ(X509_signature_print(bio, cert_sig_alg, NULL), SSL_SUCCESS); #endif /* print to stderr */ #if !defined(NO_WOLFSSL_DIR) ExpectIntEQ(X509_print(bio, x509), SSL_SUCCESS); #endif /* print again */ ExpectIntEQ(X509_print_fp(stderr, x509), SSL_SUCCESS); X509_free(x509); BIO_free(bio); #endif return EXPECT_RESULT(); } static int test_wolfSSL_X509_CRL_print(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && defined(HAVE_CRL)\ && !defined(NO_FILESYSTEM) && defined(XSNPRINTF) X509_CRL* crl = NULL; BIO *bio = NULL; XFILE fp = XBADFILE; ExpectTrue((fp = XFOPEN("./certs/crl/crl.pem", "rb")) != XBADFILE); ExpectNotNull(crl = (X509_CRL*)PEM_read_X509_CRL(fp, (X509_CRL **)NULL, NULL, NULL)); if (fp != XBADFILE) XFCLOSE(fp); ExpectNotNull(bio = BIO_new(BIO_s_mem())); ExpectIntEQ(X509_CRL_print(bio, crl), SSL_SUCCESS); X509_CRL_free(crl); BIO_free(bio); #endif return EXPECT_RESULT(); } static int test_wolfSSL_BIO_get_len(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_BIO) BIO *bio = NULL; const char txt[] = "Some example text to push to the BIO."; ExpectIntEQ(wolfSSL_BIO_get_len(bio), BAD_FUNC_ARG); ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem())); ExpectIntEQ(wolfSSL_BIO_write(bio, txt, sizeof(txt)), sizeof(txt)); ExpectIntEQ(wolfSSL_BIO_get_len(bio), sizeof(txt)); BIO_free(bio); bio = NULL; ExpectNotNull(bio = BIO_new_fd(STDERR_FILENO, BIO_NOCLOSE)); ExpectIntEQ(wolfSSL_BIO_get_len(bio), WOLFSSL_BAD_FILE); BIO_free(bio); #endif return EXPECT_RESULT(); } #endif /* !NO_BIO */ static int test_wolfSSL_RSA(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) RSA* rsa = NULL; const BIGNUM *n = NULL; const BIGNUM *e = NULL; const BIGNUM *d = NULL; const BIGNUM *p = NULL; const BIGNUM *q = NULL; const BIGNUM *dmp1 = NULL; const BIGNUM *dmq1 = NULL; const BIGNUM *iqmp = NULL; ExpectNotNull(rsa = RSA_new()); ExpectIntEQ(RSA_size(NULL), 0); ExpectIntEQ(RSA_size(rsa), 0); ExpectIntEQ(RSA_set0_key(rsa, NULL, NULL, NULL), 0); ExpectIntEQ(RSA_set0_crt_params(rsa, NULL, NULL, NULL), 0); ExpectIntEQ(RSA_set0_factors(rsa, NULL, NULL), 0); #ifdef WOLFSSL_RSA_KEY_CHECK ExpectIntEQ(RSA_check_key(rsa), 0); #endif RSA_free(rsa); rsa = NULL; ExpectNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL)); ExpectIntEQ(RSA_size(rsa), 256); #ifdef WOLFSSL_RSA_KEY_CHECK ExpectIntEQ(RSA_check_key(NULL), 0); ExpectIntEQ(RSA_check_key(rsa), 1); #endif /* sanity check */ ExpectIntEQ(RSA_bits(NULL), 0); /* key */ ExpectIntEQ(RSA_bits(rsa), 2048); RSA_get0_key(rsa, &n, &e, &d); ExpectPtrEq(rsa->n, n); ExpectPtrEq(rsa->e, e); ExpectPtrEq(rsa->d, d); n = NULL; e = NULL; d = NULL; ExpectNotNull(n = BN_new()); ExpectNotNull(e = BN_new()); ExpectNotNull(d = BN_new()); ExpectIntEQ(RSA_set0_key(rsa, (BIGNUM*)n, (BIGNUM*)e, (BIGNUM*)d), 1); if (EXPECT_FAIL()) { BN_free((BIGNUM*)n); BN_free((BIGNUM*)e); BN_free((BIGNUM*)d); } ExpectPtrEq(rsa->n, n); ExpectPtrEq(rsa->e, e); ExpectPtrEq(rsa->d, d); ExpectIntEQ(RSA_set0_key(rsa, NULL, NULL, NULL), 1); ExpectIntEQ(RSA_set0_key(NULL, (BIGNUM*)n, (BIGNUM*)e, (BIGNUM*)d), 0); /* crt_params */ RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp); ExpectPtrEq(rsa->dmp1, dmp1); ExpectPtrEq(rsa->dmq1, dmq1); ExpectPtrEq(rsa->iqmp, iqmp); dmp1 = NULL; dmq1 = NULL; iqmp = NULL; ExpectNotNull(dmp1 = BN_new()); ExpectNotNull(dmq1 = BN_new()); ExpectNotNull(iqmp = BN_new()); ExpectIntEQ(RSA_set0_crt_params(rsa, (BIGNUM*)dmp1, (BIGNUM*)dmq1, (BIGNUM*)iqmp), 1); if (EXPECT_FAIL()) { BN_free((BIGNUM*)dmp1); BN_free((BIGNUM*)dmq1); BN_free((BIGNUM*)iqmp); } ExpectPtrEq(rsa->dmp1, dmp1); ExpectPtrEq(rsa->dmq1, dmq1); ExpectPtrEq(rsa->iqmp, iqmp); ExpectIntEQ(RSA_set0_crt_params(rsa, NULL, NULL, NULL), 1); ExpectIntEQ(RSA_set0_crt_params(NULL, (BIGNUM*)dmp1, (BIGNUM*)dmq1, (BIGNUM*)iqmp), 0); RSA_get0_crt_params(NULL, NULL, NULL, NULL); RSA_get0_crt_params(rsa, NULL, NULL, NULL); RSA_get0_crt_params(NULL, &dmp1, &dmq1, &iqmp); ExpectNull(dmp1); ExpectNull(dmq1); ExpectNull(iqmp); /* factors */ RSA_get0_factors(rsa, NULL, NULL); RSA_get0_factors(rsa, &p, &q); ExpectPtrEq(rsa->p, p); ExpectPtrEq(rsa->q, q); p = NULL; q = NULL; ExpectNotNull(p = BN_new()); ExpectNotNull(q = BN_new()); ExpectIntEQ(RSA_set0_factors(rsa, (BIGNUM*)p, (BIGNUM*)q), 1); if (EXPECT_FAIL()) { BN_free((BIGNUM*)p); BN_free((BIGNUM*)q); } ExpectPtrEq(rsa->p, p); ExpectPtrEq(rsa->q, q); ExpectIntEQ(RSA_set0_factors(rsa, NULL, NULL), 1); ExpectIntEQ(RSA_set0_factors(NULL, (BIGNUM*)p, (BIGNUM*)q), 0); RSA_get0_factors(NULL, NULL, NULL); RSA_get0_factors(NULL, &p, &q); ExpectNull(p); ExpectNull(q); ExpectIntEQ(BN_hex2bn(&rsa->n, "1FFFFF"), 1); ExpectIntEQ(RSA_bits(rsa), 21); RSA_free(rsa); rsa = NULL; #if !defined(USE_FAST_MATH) || (FP_MAX_BITS >= (3072*2)) ExpectNotNull(rsa = RSA_generate_key(3072, 17, NULL, NULL)); ExpectIntEQ(RSA_size(rsa), 384); ExpectIntEQ(RSA_bits(rsa), 3072); RSA_free(rsa); rsa = NULL; #endif /* remove for now with odd key size until adjusting rsa key size check with wc_MakeRsaKey() ExpectNotNull(rsa = RSA_generate_key(2999, 65537, NULL, NULL)); RSA_free(rsa); rsa = NULL; */ ExpectNull(RSA_generate_key(-1, 3, NULL, NULL)); ExpectNull(RSA_generate_key(RSA_MIN_SIZE - 1, 3, NULL, NULL)); ExpectNull(RSA_generate_key(RSA_MAX_SIZE + 1, 3, NULL, NULL)); ExpectNull(RSA_generate_key(2048, 0, NULL, NULL)); #if !defined(NO_FILESYSTEM) && !defined(NO_ASN) { byte buff[FOURK_BUF]; byte der[FOURK_BUF]; const char PrivKeyPemFile[] = "certs/client-keyEnc.pem"; XFILE f = XBADFILE; int bytes = 0; /* test loading encrypted RSA private pem w/o password */ ExpectTrue((f = XFOPEN(PrivKeyPemFile, "rb")) != XBADFILE); ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0); if (f != XBADFILE) XFCLOSE(f); XMEMSET(der, 0, sizeof(der)); /* test that error value is returned with no password */ ExpectIntLT(wc_KeyPemToDer(buff, bytes, der, (word32)sizeof(der), ""), 0); } #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_RSA_DER(void) { EXPECT_DECLS; #if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) && defined(OPENSSL_EXTRA) RSA *rsa = NULL; int i; const unsigned char *buff = NULL; unsigned char *newBuff = NULL; struct tbl_s { const unsigned char *der; int sz; } tbl[] = { #ifdef USE_CERT_BUFFERS_1024 {client_key_der_1024, sizeof_client_key_der_1024}, {server_key_der_1024, sizeof_server_key_der_1024}, #endif #ifdef USE_CERT_BUFFERS_2048 {client_key_der_2048, sizeof_client_key_der_2048}, {server_key_der_2048, sizeof_server_key_der_2048}, #endif {NULL, 0} }; /* Public Key DER */ struct tbl_s pub[] = { #ifdef USE_CERT_BUFFERS_1024 {client_keypub_der_1024, sizeof_client_keypub_der_1024}, #endif #ifdef USE_CERT_BUFFERS_2048 {client_keypub_der_2048, sizeof_client_keypub_der_2048}, #endif {NULL, 0} }; ExpectNull(d2i_RSAPublicKey(&rsa, NULL, pub[0].sz)); buff = pub[0].der; ExpectNull(d2i_RSAPublicKey(&rsa, &buff, 1)); ExpectNull(d2i_RSAPrivateKey(&rsa, NULL, tbl[0].sz)); buff = tbl[0].der; ExpectNull(d2i_RSAPrivateKey(&rsa, &buff, 1)); ExpectIntEQ(i2d_RSAPublicKey(NULL, NULL), BAD_FUNC_ARG); rsa = RSA_new(); ExpectIntEQ(i2d_RSAPublicKey(rsa, NULL), 0); RSA_free(rsa); rsa = NULL; for (i = 0; tbl[i].der != NULL; i++) { /* Passing in pointer results in pointer moving. */ buff = tbl[i].der; ExpectNotNull(d2i_RSAPublicKey(&rsa, &buff, tbl[i].sz)); ExpectNotNull(rsa); RSA_free(rsa); rsa = NULL; } for (i = 0; tbl[i].der != NULL; i++) { /* Passing in pointer results in pointer moving. */ buff = tbl[i].der; ExpectNotNull(d2i_RSAPrivateKey(&rsa, &buff, tbl[i].sz)); ExpectNotNull(rsa); RSA_free(rsa); rsa = NULL; } for (i = 0; pub[i].der != NULL; i++) { buff = pub[i].der; ExpectNotNull(d2i_RSAPublicKey(&rsa, &buff, pub[i].sz)); ExpectNotNull(rsa); ExpectIntEQ(i2d_RSAPublicKey(rsa, NULL), pub[i].sz); newBuff = NULL; ExpectIntEQ(i2d_RSAPublicKey(rsa, &newBuff), pub[i].sz); ExpectNotNull(newBuff); ExpectIntEQ(XMEMCMP((void *)newBuff, (void *)pub[i].der, pub[i].sz), 0); XFREE((void *)newBuff, NULL, DYNAMIC_TYPE_TMP_BUFFER); RSA_free(rsa); rsa = NULL; } #endif return EXPECT_RESULT(); } static int test_wolfSSL_RSA_print(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && \ !defined(NO_STDIO_FILESYSTEM) && \ !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \ !defined(NO_BIO) && defined(XFPRINTF) BIO *bio = NULL; WOLFSSL_RSA* rsa = NULL; ExpectNotNull(bio = BIO_new_fd(STDERR_FILENO, BIO_NOCLOSE)); ExpectNotNull(rsa = RSA_new()); ExpectIntEQ(RSA_print(NULL, rsa, 0), -1); ExpectIntEQ(RSA_print_fp(XBADFILE, rsa, 0), 0); ExpectIntEQ(RSA_print(bio, NULL, 0), -1); ExpectIntEQ(RSA_print_fp(stderr, NULL, 0), 0); /* Some very large number of indent spaces. */ ExpectIntEQ(RSA_print(bio, rsa, 128), -1); /* RSA is empty. */ ExpectIntEQ(RSA_print(bio, rsa, 0), 0); ExpectIntEQ(RSA_print_fp(stderr, rsa, 0), 0); RSA_free(rsa); rsa = NULL; ExpectNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL)); ExpectIntEQ(RSA_print(bio, rsa, 0), 1); ExpectIntEQ(RSA_print(bio, rsa, 4), 1); ExpectIntEQ(RSA_print(bio, rsa, -1), 1); ExpectIntEQ(RSA_print_fp(stderr, rsa, 0), 1); ExpectIntEQ(RSA_print_fp(stderr, rsa, 4), 1); ExpectIntEQ(RSA_print_fp(stderr, rsa, -1), 1); BIO_free(bio); RSA_free(rsa); #endif return EXPECT_RESULT(); } static int test_wolfSSL_RSA_padding_add_PKCS1_PSS(void) { EXPECT_DECLS; #ifndef NO_RSA #if defined(OPENSSL_ALL) && defined(WC_RSA_PSS) && !defined(WC_NO_RNG) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) RSA *rsa = NULL; const unsigned char *derBuf = client_key_der_2048; unsigned char em[256] = {0}; /* len = 2048/8 */ /* Random data simulating a hash */ const unsigned char mHash[WC_SHA256_DIGEST_SIZE] = { 0x28, 0x6e, 0xfd, 0xf8, 0x76, 0xc7, 0x00, 0x3d, 0x91, 0x4e, 0x59, 0xe4, 0x8e, 0xb7, 0x40, 0x7b, 0xd1, 0x0c, 0x98, 0x4b, 0xe3, 0x3d, 0xb3, 0xeb, 0x6f, 0x8a, 0x3c, 0x42, 0xab, 0x21, 0xad, 0x28 }; ExpectNotNull(d2i_RSAPrivateKey(&rsa, &derBuf, sizeof_client_key_der_2048)); ExpectIntEQ(RSA_padding_add_PKCS1_PSS(NULL, em, mHash, EVP_sha256(), RSA_PSS_SALTLEN_DIGEST), 0); ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, NULL, mHash, EVP_sha256(), RSA_PSS_SALTLEN_DIGEST), 0); ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, NULL, EVP_sha256(), RSA_PSS_SALTLEN_DIGEST), 0); ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, NULL, RSA_PSS_SALTLEN_DIGEST), 0); ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(), -5), 0); ExpectIntEQ(RSA_verify_PKCS1_PSS(NULL, mHash, EVP_sha256(), em, RSA_PSS_SALTLEN_MAX_SIGN), 0); ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, NULL, EVP_sha256(), em, RSA_PSS_SALTLEN_MAX_SIGN), 0); ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, NULL, em, RSA_PSS_SALTLEN_MAX_SIGN), 0); ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), NULL, RSA_PSS_SALTLEN_MAX_SIGN), 0); ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em, RSA_PSS_SALTLEN_MAX_SIGN), 0); ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em, -5), 0); ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(), RSA_PSS_SALTLEN_DIGEST), 1); ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em, RSA_PSS_SALTLEN_DIGEST), 1); ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(), RSA_PSS_SALTLEN_MAX_SIGN), 1); ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em, RSA_PSS_SALTLEN_MAX_SIGN), 1); ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(), RSA_PSS_SALTLEN_MAX), 1); ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em, RSA_PSS_SALTLEN_MAX), 1); ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(), 10), 1); ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em, 10), 1); RSA_free(rsa); #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ #endif /* OPENSSL_ALL && WC_RSA_PSS && !WC_NO_RNG*/ #endif return EXPECT_RESULT(); } static int test_wolfSSL_RSA_sign_sha3(void) { EXPECT_DECLS; #if !defined(NO_RSA) && defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256) #if defined(OPENSSL_ALL) && defined(WC_RSA_PSS) && !defined(WC_NO_RNG) RSA* rsa = NULL; const unsigned char *derBuf = client_key_der_2048; unsigned char sigRet[256] = {0}; unsigned int sigLen = sizeof(sigRet); /* Random data simulating a hash */ const unsigned char mHash[WC_SHA3_256_DIGEST_SIZE] = { 0x28, 0x6e, 0xfd, 0xf8, 0x76, 0xc7, 0x00, 0x3d, 0x91, 0x4e, 0x59, 0xe4, 0x8e, 0xb7, 0x40, 0x7b, 0xd1, 0x0c, 0x98, 0x4b, 0xe3, 0x3d, 0xb3, 0xeb, 0x6f, 0x8a, 0x3c, 0x42, 0xab, 0x21, 0xad, 0x28 }; ExpectNotNull(d2i_RSAPrivateKey(&rsa, &derBuf, sizeof_client_key_der_2048)); ExpectIntEQ(RSA_sign(NID_sha3_256, mHash, sizeof(mHash), sigRet, &sigLen, rsa), 1); RSA_free(rsa); #endif /* OPENSSL_ALL && WC_RSA_PSS && !WC_NO_RNG*/ #endif /* !NO_RSA && WOLFSSL_SHA3 && !WOLFSSL_NOSHA3_256*/ return EXPECT_RESULT(); } static int test_wolfSSL_RSA_get0_key(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) RSA *rsa = NULL; const BIGNUM* n = NULL; const BIGNUM* e = NULL; const BIGNUM* d = NULL; const unsigned char* der; int derSz; #ifdef USE_CERT_BUFFERS_1024 der = client_key_der_1024; derSz = sizeof_client_key_der_1024; #elif defined(USE_CERT_BUFFERS_2048) der = client_key_der_2048; derSz = sizeof_client_key_der_2048; #else der = NULL; derSz = 0; #endif if (der != NULL) { RSA_get0_key(NULL, NULL, NULL, NULL); RSA_get0_key(rsa, NULL, NULL, NULL); RSA_get0_key(NULL, &n, &e, &d); ExpectNull(n); ExpectNull(e); ExpectNull(d); ExpectNotNull(d2i_RSAPrivateKey(&rsa, &der, derSz)); ExpectNotNull(rsa); RSA_get0_key(rsa, NULL, NULL, NULL); RSA_get0_key(rsa, &n, NULL, NULL); ExpectNotNull(n); RSA_get0_key(rsa, NULL, &e, NULL); ExpectNotNull(e); RSA_get0_key(rsa, NULL, NULL, &d); ExpectNotNull(d); RSA_get0_key(rsa, &n, &e, &d); ExpectNotNull(n); ExpectNotNull(e); ExpectNotNull(d); RSA_free(rsa); } #endif return EXPECT_RESULT(); } static int test_wolfSSL_RSA_meth(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) RSA *rsa = NULL; RSA_METHOD *rsa_meth = NULL; #ifdef WOLFSSL_KEY_GEN ExpectNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL)); RSA_free(rsa); rsa = NULL; #else ExpectNull(rsa = RSA_generate_key(2048, 3, NULL, NULL)); #endif ExpectNotNull(RSA_get_default_method()); wolfSSL_RSA_meth_free(NULL); ExpectNull(wolfSSL_RSA_meth_new(NULL, 0)); ExpectNotNull(rsa_meth = RSA_meth_new("placeholder RSA method", RSA_METHOD_FLAG_NO_CHECK)); #ifndef NO_WOLFSSL_STUB ExpectIntEQ(RSA_meth_set_pub_enc(rsa_meth, NULL), 1); ExpectIntEQ(RSA_meth_set_pub_dec(rsa_meth, NULL), 1); ExpectIntEQ(RSA_meth_set_priv_enc(rsa_meth, NULL), 1); ExpectIntEQ(RSA_meth_set_priv_dec(rsa_meth, NULL), 1); ExpectIntEQ(RSA_meth_set_init(rsa_meth, NULL), 1); ExpectIntEQ(RSA_meth_set_finish(rsa_meth, NULL), 1); ExpectIntEQ(RSA_meth_set0_app_data(rsa_meth, NULL), 1); #endif ExpectIntEQ(RSA_flags(NULL), 0); RSA_set_flags(NULL, RSA_FLAG_CACHE_PUBLIC); RSA_clear_flags(NULL, RSA_FLAG_CACHE_PUBLIC); ExpectIntEQ(RSA_test_flags(NULL, RSA_FLAG_CACHE_PUBLIC), 0); ExpectNotNull(rsa = RSA_new()); /* No method set. */ ExpectIntEQ(RSA_flags(rsa), 0); RSA_set_flags(rsa, RSA_FLAG_CACHE_PUBLIC); RSA_clear_flags(rsa, RSA_FLAG_CACHE_PUBLIC); ExpectIntEQ(RSA_test_flags(rsa, RSA_FLAG_CACHE_PUBLIC), 0); ExpectIntEQ(RSA_set_method(NULL, rsa_meth), 1); ExpectIntEQ(RSA_set_method(rsa, rsa_meth), 1); if (EXPECT_FAIL()) { wolfSSL_RSA_meth_free(rsa_meth); } ExpectNull(RSA_get_method(NULL)); ExpectPtrEq(RSA_get_method(rsa), rsa_meth); ExpectIntEQ(RSA_flags(rsa), RSA_METHOD_FLAG_NO_CHECK); RSA_set_flags(rsa, RSA_FLAG_CACHE_PUBLIC); ExpectIntNE(RSA_test_flags(rsa, RSA_FLAG_CACHE_PUBLIC), 0); ExpectIntEQ(RSA_flags(rsa), RSA_FLAG_CACHE_PUBLIC | RSA_METHOD_FLAG_NO_CHECK); RSA_clear_flags(rsa, RSA_FLAG_CACHE_PUBLIC); ExpectIntEQ(RSA_test_flags(rsa, RSA_FLAG_CACHE_PUBLIC), 0); ExpectIntNE(RSA_flags(rsa), RSA_FLAG_CACHE_PUBLIC); /* rsa_meth is freed here */ RSA_free(rsa); #endif return EXPECT_RESULT(); } static int test_wolfSSL_RSA_verify(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) #ifndef NO_BIO XFILE fp = XBADFILE; RSA *pKey = NULL; RSA *pubKey = NULL; X509 *cert = NULL; const char *text = "Hello wolfSSL !"; unsigned char hash[SHA256_DIGEST_LENGTH]; unsigned char signature[2048/8]; unsigned int signatureLength; byte *buf = NULL; BIO *bio = NULL; SHA256_CTX c; EVP_PKEY *evpPkey = NULL; EVP_PKEY *evpPubkey = NULL; size_t sz; /* generate hash */ SHA256_Init(&c); SHA256_Update(&c, text, strlen(text)); SHA256_Final(hash, &c); #ifdef WOLFSSL_SMALL_STACK_CACHE /* workaround for small stack cache case */ wc_Sha256Free((wc_Sha256*)&c); #endif /* read privete key file */ ExpectTrue((fp = XFOPEN(svrKeyFile, "rb")) != XBADFILE); ExpectIntEQ(XFSEEK(fp, 0, XSEEK_END), 0); ExpectTrue((sz = XFTELL(fp)) > 0); ExpectIntEQ(XFSEEK(fp, 0, XSEEK_SET), 0); ExpectNotNull(buf = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE)); ExpectIntEQ(XFREAD(buf, 1, sz, fp), sz); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } /* read private key and sign hash data */ ExpectNotNull(bio = BIO_new_mem_buf(buf, (int)sz)); ExpectNotNull(evpPkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL)); ExpectNotNull(pKey = EVP_PKEY_get1_RSA(evpPkey)); ExpectIntEQ(RSA_sign(NID_sha256, hash, SHA256_DIGEST_LENGTH, signature, &signatureLength, pKey), SSL_SUCCESS); /* read public key and verify signed data */ ExpectTrue((fp = XFOPEN(svrCertFile,"rb")) != XBADFILE); ExpectNotNull(cert = PEM_read_X509(fp, 0, 0, 0 )); if (fp != XBADFILE) XFCLOSE(fp); ExpectNotNull(evpPubkey = X509_get_pubkey(cert)); ExpectNotNull(pubKey = EVP_PKEY_get1_RSA(evpPubkey)); ExpectIntEQ(RSA_verify(NID_sha256, hash, SHA256_DIGEST_LENGTH, signature, signatureLength, pubKey), SSL_SUCCESS); ExpectIntEQ(RSA_verify(NID_sha256, NULL, SHA256_DIGEST_LENGTH, NULL, signatureLength, NULL), SSL_FAILURE); ExpectIntEQ(RSA_verify(NID_sha256, NULL, SHA256_DIGEST_LENGTH, signature, signatureLength, pubKey), SSL_FAILURE); ExpectIntEQ(RSA_verify(NID_sha256, hash, SHA256_DIGEST_LENGTH, NULL, signatureLength, pubKey), SSL_FAILURE); ExpectIntEQ(RSA_verify(NID_sha256, hash, SHA256_DIGEST_LENGTH, signature, signatureLength, NULL), SSL_FAILURE); RSA_free(pKey); EVP_PKEY_free(evpPkey); RSA_free(pubKey); EVP_PKEY_free(evpPubkey); X509_free(cert); BIO_free(bio); XFREE(buf, NULL, DYNAMIC_TYPE_FILE); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_RSA_sign(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) RSA *rsa; unsigned char hash[SHA256_DIGEST_LENGTH]; #ifdef USE_CERT_BUFFERS_1024 const unsigned char* privDer = client_key_der_1024; size_t privDerSz = sizeof_client_key_der_1024; const unsigned char* pubDer = client_keypub_der_1024; size_t pubDerSz = sizeof_client_keypub_der_1024; unsigned char signature[1024/8]; #else const unsigned char* privDer = client_key_der_2048; size_t privDerSz = sizeof_client_key_der_2048; const unsigned char* pubDer = client_keypub_der_2048; size_t pubDerSz = sizeof_client_keypub_der_2048; unsigned char signature[2048/8]; #endif unsigned int signatureLen; const unsigned char* der; XMEMSET(hash, 0, sizeof(hash)); der = privDer; rsa = NULL; ExpectNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz)); /* Invalid parameters. */ ExpectIntEQ(RSA_sign(NID_rsaEncryption, NULL, 0, NULL, NULL, NULL), 0); ExpectIntEQ(RSA_sign(NID_rsaEncryption, hash, sizeof(hash), signature, &signatureLen, rsa), 0); ExpectIntEQ(RSA_sign(NID_sha256, NULL, sizeof(hash), signature, &signatureLen, rsa), 0); ExpectIntEQ(RSA_sign(NID_sha256, hash, sizeof(hash), NULL, &signatureLen, rsa), 0); ExpectIntEQ(RSA_sign(NID_sha256, hash, sizeof(hash), signature, NULL, rsa), 0); ExpectIntEQ(RSA_sign(NID_sha256, hash, sizeof(hash), signature, &signatureLen, NULL), 0); ExpectIntEQ(RSA_sign(NID_sha256, hash, sizeof(hash), signature, &signatureLen, rsa), 1); RSA_free(rsa); der = pubDer; rsa = NULL; ExpectNotNull(d2i_RSAPublicKey(&rsa, &der, pubDerSz)); ExpectIntEQ(RSA_verify(NID_sha256, hash, sizeof(hash), signature, signatureLen, rsa), 1); RSA_free(rsa); #endif return EXPECT_RESULT(); } static int test_wolfSSL_RSA_sign_ex(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) RSA *rsa = NULL; unsigned char hash[SHA256_DIGEST_LENGTH]; #ifdef USE_CERT_BUFFERS_1024 const unsigned char* privDer = client_key_der_1024; size_t privDerSz = sizeof_client_key_der_1024; const unsigned char* pubDer = client_keypub_der_1024; size_t pubDerSz = sizeof_client_keypub_der_1024; unsigned char signature[1024/8]; #else const unsigned char* privDer = client_key_der_2048; size_t privDerSz = sizeof_client_key_der_2048; const unsigned char* pubDer = client_keypub_der_2048; size_t pubDerSz = sizeof_client_keypub_der_2048; unsigned char signature[2048/8]; #endif unsigned int signatureLen; const unsigned char* der; unsigned char encodedHash[51]; unsigned int encodedHashLen; const unsigned char expEncHash[] = { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20, /* Hash data */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, }; XMEMSET(hash, 0, sizeof(hash)); ExpectNotNull(rsa = wolfSSL_RSA_new()); ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature, &signatureLen, rsa, 1), 0); wolfSSL_RSA_free(rsa); der = privDer; rsa = NULL; ExpectNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz)); ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_rsaEncryption,NULL, 0, NULL, NULL, NULL, -1), 0); ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_rsaEncryption, hash, sizeof(hash), signature, &signatureLen, rsa, 1), 0); ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, NULL, sizeof(hash), signature, &signatureLen, rsa, 1), 0); ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), NULL, &signatureLen, rsa, 1), 0); ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature, NULL, rsa, 1), 0); ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature, &signatureLen, NULL, 1), 0); ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature, &signatureLen, rsa, -1), 0); ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, NULL, sizeof(hash), signature, &signatureLen, rsa, 0), 0); ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), NULL, &signatureLen, rsa, 0), 0); ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature, NULL, rsa, 0), 0); ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature, &signatureLen, rsa, 1), 1); /* Test returning encoded hash. */ ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), encodedHash, &encodedHashLen, rsa, 0), 1); ExpectIntEQ(encodedHashLen, sizeof(expEncHash)); ExpectIntEQ(XMEMCMP(encodedHash, expEncHash, sizeof(expEncHash)), 0); RSA_free(rsa); der = pubDer; rsa = NULL; ExpectNotNull(d2i_RSAPublicKey(&rsa, &der, pubDerSz)); ExpectIntEQ(RSA_verify(NID_sha256, hash, sizeof(hash), signature, signatureLen, rsa), 1); RSA_free(rsa); #endif return EXPECT_RESULT(); } static int test_wolfSSL_RSA_public_decrypt(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) RSA *rsa; unsigned char msg[SHA256_DIGEST_LENGTH]; #ifdef USE_CERT_BUFFERS_1024 const unsigned char* pubDer = client_keypub_der_1024; size_t pubDerSz = sizeof_client_keypub_der_1024; unsigned char decMsg[1024/8]; const unsigned char encMsg[] = { 0x45, 0x8e, 0x6e, 0x7a, 0x9c, 0xe1, 0x67, 0x36, 0x72, 0xfc, 0x9d, 0x05, 0xdf, 0xc2, 0xaf, 0x54, 0xc5, 0x2f, 0x94, 0xb8, 0xc7, 0x82, 0x40, 0xfa, 0xa7, 0x8c, 0xb1, 0x89, 0x40, 0xc3, 0x59, 0x5a, 0x77, 0x08, 0x54, 0x93, 0x43, 0x7f, 0xc4, 0xb7, 0xc4, 0x78, 0xf1, 0xf8, 0xab, 0xbf, 0xc2, 0x81, 0x5d, 0x97, 0xea, 0x7a, 0x60, 0x90, 0x51, 0xb7, 0x47, 0x78, 0x48, 0x1e, 0x88, 0x6b, 0x89, 0xde, 0xce, 0x41, 0x41, 0xae, 0x49, 0xf6, 0xfd, 0x2d, 0x2d, 0x9c, 0x70, 0x7d, 0xf9, 0xcf, 0x77, 0x5f, 0x06, 0xc7, 0x20, 0xe3, 0x57, 0xd4, 0xd8, 0x1a, 0x96, 0xa2, 0x39, 0xb0, 0x6e, 0x8e, 0x68, 0xf8, 0x57, 0x7b, 0x26, 0x88, 0x17, 0xc4, 0xb7, 0xf1, 0x59, 0xfa, 0xb6, 0x95, 0xdd, 0x1e, 0xe8, 0xd8, 0x4e, 0xbd, 0xcd, 0x41, 0xad, 0xc7, 0xe2, 0x39, 0xb8, 0x00, 0xca, 0xf5, 0x59, 0xdf, 0xf8, 0x43 }; #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2)) && \ defined(WC_RSA_NO_PADDING) const unsigned char encMsgNoPad[] = { 0x0d, 0x41, 0x5a, 0xc7, 0x60, 0xd7, 0xbe, 0xb6, 0x42, 0xd1, 0x65, 0xb1, 0x7e, 0x59, 0x54, 0xcc, 0x76, 0x62, 0xd0, 0x2f, 0x4d, 0xe3, 0x23, 0x62, 0xc8, 0x14, 0xfe, 0x5e, 0xa1, 0xc7, 0x05, 0xee, 0x9e, 0x28, 0x2e, 0xf5, 0xfd, 0xa4, 0xc0, 0x43, 0x55, 0xa2, 0x6b, 0x6b, 0x16, 0xa7, 0x63, 0x06, 0xa7, 0x78, 0x4f, 0xda, 0xae, 0x10, 0x6d, 0xd1, 0x2e, 0x1d, 0xbb, 0xbc, 0xc4, 0x1d, 0x82, 0xe4, 0xc6, 0x76, 0x77, 0xa6, 0x0a, 0xef, 0xd2, 0x89, 0xff, 0x30, 0x85, 0x22, 0xa0, 0x68, 0x88, 0x54, 0xa3, 0xd1, 0x92, 0xd1, 0x3f, 0x57, 0xe4, 0xc7, 0x43, 0x5a, 0x8b, 0xb3, 0x86, 0xaf, 0xd5, 0x6d, 0x07, 0xe1, 0xa0, 0x5f, 0xe1, 0x9a, 0x06, 0xba, 0x56, 0xd2, 0xb0, 0x73, 0xf5, 0xb3, 0xd0, 0x5f, 0xc0, 0xbf, 0x22, 0x4c, 0x54, 0x4e, 0x11, 0xe2, 0xc5, 0xf8, 0x66, 0x39, 0x9d, 0x70, 0x90, 0x31 }; #endif #else const unsigned char* pubDer = client_keypub_der_2048; size_t pubDerSz = sizeof_client_keypub_der_2048; unsigned char decMsg[2048/8]; const unsigned char encMsg[] = { 0x16, 0x5d, 0xbb, 0x00, 0x38, 0x73, 0x01, 0x34, 0xca, 0x59, 0xc6, 0x8b, 0x64, 0x70, 0x89, 0xf5, 0x50, 0x2d, 0x1d, 0x69, 0x1f, 0x07, 0x1e, 0x31, 0xae, 0x9b, 0xa6, 0x6e, 0xee, 0x80, 0xd9, 0x9e, 0x59, 0x33, 0x70, 0x30, 0x28, 0x42, 0x7d, 0x24, 0x36, 0x95, 0x6b, 0xf9, 0x0a, 0x23, 0xcb, 0xce, 0x66, 0xa5, 0x07, 0x5e, 0x11, 0xa7, 0xdc, 0xfb, 0xd9, 0xc2, 0x51, 0xf0, 0x05, 0xc9, 0x39, 0xb3, 0xae, 0xff, 0xfb, 0xe9, 0xb1, 0x9a, 0x54, 0xac, 0x1d, 0xca, 0x42, 0x1a, 0xfd, 0x7c, 0x97, 0xa0, 0x60, 0x2b, 0xcd, 0xb6, 0x36, 0x33, 0xfc, 0x44, 0x69, 0xf7, 0x2e, 0x8c, 0x3b, 0x5f, 0xb4, 0x9f, 0xa7, 0x02, 0x8f, 0x6d, 0x6b, 0x79, 0x10, 0x32, 0x7d, 0xf4, 0x5d, 0xa1, 0x63, 0x22, 0x59, 0xc4, 0x44, 0x8e, 0x44, 0x24, 0x8b, 0x14, 0x9d, 0x2b, 0xb5, 0xd3, 0xad, 0x9a, 0x87, 0x0d, 0xe7, 0x70, 0x6d, 0xe9, 0xae, 0xaa, 0x52, 0xbf, 0x1a, 0x9b, 0xc8, 0x3d, 0x45, 0x7c, 0xd1, 0x90, 0xe3, 0xd9, 0x57, 0xcf, 0xc3, 0x29, 0x69, 0x05, 0x07, 0x96, 0x2e, 0x46, 0x74, 0x0a, 0xa7, 0x76, 0x8b, 0xc0, 0x1c, 0x04, 0x80, 0x08, 0xa0, 0x94, 0x7e, 0xbb, 0x2d, 0x99, 0xe9, 0xab, 0x18, 0x4d, 0x48, 0x2d, 0x94, 0x5e, 0x50, 0x21, 0x42, 0xdf, 0xf5, 0x61, 0x42, 0x7d, 0x86, 0x5d, 0x9e, 0x89, 0xc9, 0x5b, 0x24, 0xab, 0xa1, 0xd8, 0x20, 0x45, 0xcb, 0x81, 0xcf, 0xc5, 0x25, 0x7d, 0x11, 0x6e, 0xbd, 0x80, 0xac, 0xba, 0xdc, 0xef, 0xb9, 0x05, 0x9c, 0xd5, 0xc2, 0x26, 0x57, 0x69, 0x8b, 0x08, 0x27, 0xc7, 0xea, 0xbe, 0xaf, 0x52, 0x21, 0x95, 0x9f, 0xa0, 0x2f, 0x2f, 0x53, 0x7c, 0x2f, 0xa3, 0x0b, 0x79, 0x39, 0x01, 0xa3, 0x37, 0x46, 0xa8, 0xc4, 0x34, 0x41, 0x20, 0x7c, 0x3f, 0x70, 0x9a, 0x47, 0xe8 }; #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2)) && \ defined(WC_RSA_NO_PADDING) const unsigned char encMsgNoPad[] = { 0x79, 0x69, 0xdc, 0x0d, 0xff, 0x09, 0xeb, 0x91, 0xbc, 0xda, 0xe4, 0xd3, 0xcd, 0xd5, 0xd3, 0x1c, 0xb9, 0x66, 0xa8, 0x02, 0xf3, 0x75, 0x40, 0xf1, 0x38, 0x4a, 0x37, 0x7b, 0x19, 0xc8, 0xcd, 0xea, 0x79, 0xa8, 0x51, 0x32, 0x00, 0x3f, 0x4c, 0xde, 0xaa, 0xe5, 0xe2, 0x7c, 0x10, 0xcd, 0x6e, 0x00, 0xc6, 0xc4, 0x63, 0x98, 0x58, 0x9b, 0x38, 0xca, 0xf0, 0x5d, 0xc8, 0xf0, 0x57, 0xf6, 0x21, 0x50, 0x3f, 0x63, 0x05, 0x9f, 0xbf, 0xb6, 0x3b, 0x50, 0x85, 0x06, 0x34, 0x08, 0x57, 0xb9, 0x44, 0xce, 0xe4, 0x66, 0xbf, 0x0c, 0xfe, 0x36, 0xa4, 0x5b, 0xed, 0x2d, 0x7d, 0xed, 0xf1, 0xbd, 0xda, 0x3e, 0x19, 0x1f, 0x99, 0xc8, 0xe4, 0xc2, 0xbb, 0xb5, 0x6c, 0x83, 0x22, 0xd1, 0xe7, 0x57, 0xcf, 0x1b, 0x91, 0x0c, 0xa5, 0x47, 0x06, 0x71, 0x8f, 0x93, 0xf3, 0xad, 0xdb, 0xe3, 0xf8, 0xa0, 0x0b, 0xcd, 0x89, 0x4e, 0xa5, 0xb5, 0x03, 0x68, 0x61, 0x89, 0x0b, 0xe2, 0x03, 0x8b, 0x1f, 0x54, 0xae, 0x0f, 0xfa, 0xf0, 0xb7, 0x0f, 0x8c, 0x84, 0x35, 0x13, 0x8d, 0x65, 0x1f, 0x2c, 0xd5, 0xce, 0xc4, 0x6c, 0x98, 0x67, 0xe4, 0x1a, 0x85, 0x67, 0x69, 0x17, 0x17, 0x5a, 0x5d, 0xfd, 0x23, 0xdd, 0x03, 0x3f, 0x6d, 0x7a, 0xb6, 0x8b, 0x99, 0xc0, 0xb6, 0x70, 0x86, 0xac, 0xf6, 0x02, 0xc2, 0x28, 0x42, 0xed, 0x06, 0xcf, 0xca, 0x3d, 0x07, 0x16, 0xf0, 0x0e, 0x04, 0x55, 0x1e, 0x59, 0x3f, 0x32, 0xc7, 0x12, 0xc5, 0x0d, 0x9d, 0x64, 0x7d, 0x2e, 0xd4, 0xbc, 0x8c, 0x24, 0x42, 0x94, 0x2b, 0xf6, 0x11, 0x7f, 0xb1, 0x1c, 0x09, 0x12, 0x6f, 0x5e, 0x2e, 0x7a, 0xc6, 0x01, 0xe0, 0x98, 0x31, 0xb7, 0x13, 0x03, 0xce, 0x29, 0xe1, 0xef, 0x9d, 0xdf, 0x9b, 0xa5, 0xba, 0x0b, 0xad, 0xf2, 0xeb, 0x2f, 0xf9, 0xd1 }; #endif #endif const unsigned char* der; #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2)) && \ defined(WC_RSA_NO_PADDING) int i; #endif XMEMSET(msg, 0, sizeof(msg)); der = pubDer; rsa = NULL; ExpectNotNull(d2i_RSAPublicKey(&rsa, &der, pubDerSz)); ExpectIntEQ(RSA_public_decrypt(0, NULL, NULL, NULL, 0), -1); ExpectIntEQ(RSA_public_decrypt(-1, encMsg, decMsg, rsa, RSA_PKCS1_PADDING), -1); ExpectIntEQ(RSA_public_decrypt(sizeof(encMsg), NULL, decMsg, rsa, RSA_PKCS1_PADDING), -1); ExpectIntEQ(RSA_public_decrypt(sizeof(encMsg), encMsg, NULL, rsa, RSA_PKCS1_PADDING), -1); ExpectIntEQ(RSA_public_decrypt(sizeof(encMsg), encMsg, decMsg, NULL, RSA_PKCS1_PADDING), -1); ExpectIntEQ(RSA_public_decrypt(sizeof(encMsg), encMsg, decMsg, rsa, RSA_PKCS1_PSS_PADDING), -1); ExpectIntEQ(RSA_public_decrypt(sizeof(encMsg), encMsg, decMsg, rsa, RSA_PKCS1_PADDING), 32); ExpectIntEQ(XMEMCMP(decMsg, msg, sizeof(msg)), 0); #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2)) && \ defined(WC_RSA_NO_PADDING) ExpectIntEQ(RSA_public_decrypt(sizeof(encMsgNoPad), encMsgNoPad, decMsg, rsa, RSA_NO_PADDING), sizeof(decMsg)); /* Zeros before actual data. */ for (i = 0; i < (int)(sizeof(decMsg) - sizeof(msg)); i += sizeof(msg)) { ExpectIntEQ(XMEMCMP(decMsg + i, msg, sizeof(msg)), 0); } /* Check actual data. */ XMEMSET(msg, 0x01, sizeof(msg)); ExpectIntEQ(XMEMCMP(decMsg + i, msg, sizeof(msg)), 0); #endif RSA_free(rsa); #endif return EXPECT_RESULT(); } static int test_wolfSSL_RSA_private_encrypt(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) RSA *rsa; unsigned char msg[SHA256_DIGEST_LENGTH]; #ifdef USE_CERT_BUFFERS_1024 const unsigned char* privDer = client_key_der_1024; size_t privDerSz = sizeof_client_key_der_1024; unsigned char encMsg[1024/8]; const unsigned char expEncMsg[] = { 0x45, 0x8e, 0x6e, 0x7a, 0x9c, 0xe1, 0x67, 0x36, 0x72, 0xfc, 0x9d, 0x05, 0xdf, 0xc2, 0xaf, 0x54, 0xc5, 0x2f, 0x94, 0xb8, 0xc7, 0x82, 0x40, 0xfa, 0xa7, 0x8c, 0xb1, 0x89, 0x40, 0xc3, 0x59, 0x5a, 0x77, 0x08, 0x54, 0x93, 0x43, 0x7f, 0xc4, 0xb7, 0xc4, 0x78, 0xf1, 0xf8, 0xab, 0xbf, 0xc2, 0x81, 0x5d, 0x97, 0xea, 0x7a, 0x60, 0x90, 0x51, 0xb7, 0x47, 0x78, 0x48, 0x1e, 0x88, 0x6b, 0x89, 0xde, 0xce, 0x41, 0x41, 0xae, 0x49, 0xf6, 0xfd, 0x2d, 0x2d, 0x9c, 0x70, 0x7d, 0xf9, 0xcf, 0x77, 0x5f, 0x06, 0xc7, 0x20, 0xe3, 0x57, 0xd4, 0xd8, 0x1a, 0x96, 0xa2, 0x39, 0xb0, 0x6e, 0x8e, 0x68, 0xf8, 0x57, 0x7b, 0x26, 0x88, 0x17, 0xc4, 0xb7, 0xf1, 0x59, 0xfa, 0xb6, 0x95, 0xdd, 0x1e, 0xe8, 0xd8, 0x4e, 0xbd, 0xcd, 0x41, 0xad, 0xc7, 0xe2, 0x39, 0xb8, 0x00, 0xca, 0xf5, 0x59, 0xdf, 0xf8, 0x43 }; #ifdef WC_RSA_NO_PADDING const unsigned char expEncMsgNoPad[] = { 0x0d, 0x41, 0x5a, 0xc7, 0x60, 0xd7, 0xbe, 0xb6, 0x42, 0xd1, 0x65, 0xb1, 0x7e, 0x59, 0x54, 0xcc, 0x76, 0x62, 0xd0, 0x2f, 0x4d, 0xe3, 0x23, 0x62, 0xc8, 0x14, 0xfe, 0x5e, 0xa1, 0xc7, 0x05, 0xee, 0x9e, 0x28, 0x2e, 0xf5, 0xfd, 0xa4, 0xc0, 0x43, 0x55, 0xa2, 0x6b, 0x6b, 0x16, 0xa7, 0x63, 0x06, 0xa7, 0x78, 0x4f, 0xda, 0xae, 0x10, 0x6d, 0xd1, 0x2e, 0x1d, 0xbb, 0xbc, 0xc4, 0x1d, 0x82, 0xe4, 0xc6, 0x76, 0x77, 0xa6, 0x0a, 0xef, 0xd2, 0x89, 0xff, 0x30, 0x85, 0x22, 0xa0, 0x68, 0x88, 0x54, 0xa3, 0xd1, 0x92, 0xd1, 0x3f, 0x57, 0xe4, 0xc7, 0x43, 0x5a, 0x8b, 0xb3, 0x86, 0xaf, 0xd5, 0x6d, 0x07, 0xe1, 0xa0, 0x5f, 0xe1, 0x9a, 0x06, 0xba, 0x56, 0xd2, 0xb0, 0x73, 0xf5, 0xb3, 0xd0, 0x5f, 0xc0, 0xbf, 0x22, 0x4c, 0x54, 0x4e, 0x11, 0xe2, 0xc5, 0xf8, 0x66, 0x39, 0x9d, 0x70, 0x90, 0x31 }; #endif #else const unsigned char* privDer = client_key_der_2048; size_t privDerSz = sizeof_client_key_der_2048; unsigned char encMsg[2048/8]; const unsigned char expEncMsg[] = { 0x16, 0x5d, 0xbb, 0x00, 0x38, 0x73, 0x01, 0x34, 0xca, 0x59, 0xc6, 0x8b, 0x64, 0x70, 0x89, 0xf5, 0x50, 0x2d, 0x1d, 0x69, 0x1f, 0x07, 0x1e, 0x31, 0xae, 0x9b, 0xa6, 0x6e, 0xee, 0x80, 0xd9, 0x9e, 0x59, 0x33, 0x70, 0x30, 0x28, 0x42, 0x7d, 0x24, 0x36, 0x95, 0x6b, 0xf9, 0x0a, 0x23, 0xcb, 0xce, 0x66, 0xa5, 0x07, 0x5e, 0x11, 0xa7, 0xdc, 0xfb, 0xd9, 0xc2, 0x51, 0xf0, 0x05, 0xc9, 0x39, 0xb3, 0xae, 0xff, 0xfb, 0xe9, 0xb1, 0x9a, 0x54, 0xac, 0x1d, 0xca, 0x42, 0x1a, 0xfd, 0x7c, 0x97, 0xa0, 0x60, 0x2b, 0xcd, 0xb6, 0x36, 0x33, 0xfc, 0x44, 0x69, 0xf7, 0x2e, 0x8c, 0x3b, 0x5f, 0xb4, 0x9f, 0xa7, 0x02, 0x8f, 0x6d, 0x6b, 0x79, 0x10, 0x32, 0x7d, 0xf4, 0x5d, 0xa1, 0x63, 0x22, 0x59, 0xc4, 0x44, 0x8e, 0x44, 0x24, 0x8b, 0x14, 0x9d, 0x2b, 0xb5, 0xd3, 0xad, 0x9a, 0x87, 0x0d, 0xe7, 0x70, 0x6d, 0xe9, 0xae, 0xaa, 0x52, 0xbf, 0x1a, 0x9b, 0xc8, 0x3d, 0x45, 0x7c, 0xd1, 0x90, 0xe3, 0xd9, 0x57, 0xcf, 0xc3, 0x29, 0x69, 0x05, 0x07, 0x96, 0x2e, 0x46, 0x74, 0x0a, 0xa7, 0x76, 0x8b, 0xc0, 0x1c, 0x04, 0x80, 0x08, 0xa0, 0x94, 0x7e, 0xbb, 0x2d, 0x99, 0xe9, 0xab, 0x18, 0x4d, 0x48, 0x2d, 0x94, 0x5e, 0x50, 0x21, 0x42, 0xdf, 0xf5, 0x61, 0x42, 0x7d, 0x86, 0x5d, 0x9e, 0x89, 0xc9, 0x5b, 0x24, 0xab, 0xa1, 0xd8, 0x20, 0x45, 0xcb, 0x81, 0xcf, 0xc5, 0x25, 0x7d, 0x11, 0x6e, 0xbd, 0x80, 0xac, 0xba, 0xdc, 0xef, 0xb9, 0x05, 0x9c, 0xd5, 0xc2, 0x26, 0x57, 0x69, 0x8b, 0x08, 0x27, 0xc7, 0xea, 0xbe, 0xaf, 0x52, 0x21, 0x95, 0x9f, 0xa0, 0x2f, 0x2f, 0x53, 0x7c, 0x2f, 0xa3, 0x0b, 0x79, 0x39, 0x01, 0xa3, 0x37, 0x46, 0xa8, 0xc4, 0x34, 0x41, 0x20, 0x7c, 0x3f, 0x70, 0x9a, 0x47, 0xe8 }; #ifdef WC_RSA_NO_PADDING const unsigned char expEncMsgNoPad[] = { 0x79, 0x69, 0xdc, 0x0d, 0xff, 0x09, 0xeb, 0x91, 0xbc, 0xda, 0xe4, 0xd3, 0xcd, 0xd5, 0xd3, 0x1c, 0xb9, 0x66, 0xa8, 0x02, 0xf3, 0x75, 0x40, 0xf1, 0x38, 0x4a, 0x37, 0x7b, 0x19, 0xc8, 0xcd, 0xea, 0x79, 0xa8, 0x51, 0x32, 0x00, 0x3f, 0x4c, 0xde, 0xaa, 0xe5, 0xe2, 0x7c, 0x10, 0xcd, 0x6e, 0x00, 0xc6, 0xc4, 0x63, 0x98, 0x58, 0x9b, 0x38, 0xca, 0xf0, 0x5d, 0xc8, 0xf0, 0x57, 0xf6, 0x21, 0x50, 0x3f, 0x63, 0x05, 0x9f, 0xbf, 0xb6, 0x3b, 0x50, 0x85, 0x06, 0x34, 0x08, 0x57, 0xb9, 0x44, 0xce, 0xe4, 0x66, 0xbf, 0x0c, 0xfe, 0x36, 0xa4, 0x5b, 0xed, 0x2d, 0x7d, 0xed, 0xf1, 0xbd, 0xda, 0x3e, 0x19, 0x1f, 0x99, 0xc8, 0xe4, 0xc2, 0xbb, 0xb5, 0x6c, 0x83, 0x22, 0xd1, 0xe7, 0x57, 0xcf, 0x1b, 0x91, 0x0c, 0xa5, 0x47, 0x06, 0x71, 0x8f, 0x93, 0xf3, 0xad, 0xdb, 0xe3, 0xf8, 0xa0, 0x0b, 0xcd, 0x89, 0x4e, 0xa5, 0xb5, 0x03, 0x68, 0x61, 0x89, 0x0b, 0xe2, 0x03, 0x8b, 0x1f, 0x54, 0xae, 0x0f, 0xfa, 0xf0, 0xb7, 0x0f, 0x8c, 0x84, 0x35, 0x13, 0x8d, 0x65, 0x1f, 0x2c, 0xd5, 0xce, 0xc4, 0x6c, 0x98, 0x67, 0xe4, 0x1a, 0x85, 0x67, 0x69, 0x17, 0x17, 0x5a, 0x5d, 0xfd, 0x23, 0xdd, 0x03, 0x3f, 0x6d, 0x7a, 0xb6, 0x8b, 0x99, 0xc0, 0xb6, 0x70, 0x86, 0xac, 0xf6, 0x02, 0xc2, 0x28, 0x42, 0xed, 0x06, 0xcf, 0xca, 0x3d, 0x07, 0x16, 0xf0, 0x0e, 0x04, 0x55, 0x1e, 0x59, 0x3f, 0x32, 0xc7, 0x12, 0xc5, 0x0d, 0x9d, 0x64, 0x7d, 0x2e, 0xd4, 0xbc, 0x8c, 0x24, 0x42, 0x94, 0x2b, 0xf6, 0x11, 0x7f, 0xb1, 0x1c, 0x09, 0x12, 0x6f, 0x5e, 0x2e, 0x7a, 0xc6, 0x01, 0xe0, 0x98, 0x31, 0xb7, 0x13, 0x03, 0xce, 0x29, 0xe1, 0xef, 0x9d, 0xdf, 0x9b, 0xa5, 0xba, 0x0b, 0xad, 0xf2, 0xeb, 0x2f, 0xf9, 0xd1 }; #endif #endif const unsigned char* der; XMEMSET(msg, 0x00, sizeof(msg)); der = privDer; rsa = NULL; ExpectNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz)); ExpectIntEQ(RSA_private_encrypt(0, NULL, NULL, NULL, 0), -1); ExpectIntEQ(RSA_private_encrypt(0, msg, encMsg, rsa, RSA_PKCS1_PADDING), -1); ExpectIntEQ(RSA_private_encrypt(sizeof(msg), NULL, encMsg, rsa, RSA_PKCS1_PADDING), -1); ExpectIntEQ(RSA_private_encrypt(sizeof(msg), msg, NULL, rsa, RSA_PKCS1_PADDING), -1); ExpectIntEQ(RSA_private_encrypt(sizeof(msg), msg, encMsg, NULL, RSA_PKCS1_PADDING), -1); ExpectIntEQ(RSA_private_encrypt(sizeof(msg), msg, encMsg, rsa, RSA_PKCS1_PSS_PADDING), -1); ExpectIntEQ(RSA_private_encrypt(sizeof(msg), msg, encMsg, rsa, RSA_PKCS1_PADDING), sizeof(encMsg)); ExpectIntEQ(XMEMCMP(encMsg, expEncMsg, sizeof(expEncMsg)), 0); #ifdef WC_RSA_NO_PADDING /* Non-zero message. */ XMEMSET(msg, 0x01, sizeof(msg)); ExpectIntEQ(RSA_private_encrypt(sizeof(msg), msg, encMsg, rsa, RSA_NO_PADDING), sizeof(encMsg)); ExpectIntEQ(XMEMCMP(encMsg, expEncMsgNoPad, sizeof(expEncMsgNoPad)), 0); #endif RSA_free(rsa); #endif return EXPECT_RESULT(); } static int test_wolfSSL_RSA_public_encrypt(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) RSA* rsa = NULL; const unsigned char msg[2048/8] = { 0 }; unsigned char encMsg[2048/8]; ExpectNotNull(rsa = RSA_new()); ExpectIntEQ(RSA_public_encrypt(-1, msg, encMsg, rsa, RSA_PKCS1_PADDING), -1); ExpectIntEQ(RSA_public_encrypt(sizeof(msg), NULL, encMsg, rsa, RSA_PKCS1_PADDING), -1); ExpectIntEQ(RSA_public_encrypt(sizeof(msg), msg, NULL, rsa, RSA_PKCS1_PADDING), -1); ExpectIntEQ(RSA_public_encrypt(sizeof(msg), msg, encMsg, NULL, RSA_PKCS1_PADDING), -1); ExpectIntEQ(RSA_public_encrypt(sizeof(msg), msg, encMsg, rsa, RSA_PKCS1_PSS_PADDING), -1); /* Empty RSA key. */ ExpectIntEQ(RSA_public_encrypt(sizeof(msg), msg, encMsg, rsa, RSA_PKCS1_PADDING), -1); RSA_free(rsa); #endif return EXPECT_RESULT(); } static int test_wolfSSL_RSA_private_decrypt(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) RSA* rsa = NULL; unsigned char msg[2048/8]; const unsigned char encMsg[2048/8] = { 0 }; ExpectNotNull(rsa = RSA_new()); ExpectIntEQ(RSA_private_decrypt(-1, encMsg, msg, rsa, RSA_PKCS1_PADDING), -1); ExpectIntEQ(RSA_private_decrypt(sizeof(encMsg), NULL, msg, rsa, RSA_PKCS1_PADDING), -1); ExpectIntEQ(RSA_private_decrypt(sizeof(encMsg), encMsg, NULL, rsa, RSA_PKCS1_PADDING), -1); ExpectIntEQ(RSA_private_decrypt(sizeof(encMsg), encMsg, msg, NULL, RSA_PKCS1_PADDING), -1); ExpectIntEQ(RSA_private_decrypt(sizeof(encMsg), encMsg, msg, rsa, RSA_PKCS1_PSS_PADDING), -1); /* Empty RSA key. */ ExpectIntEQ(RSA_private_decrypt(sizeof(encMsg), encMsg, msg, rsa, RSA_PKCS1_PADDING), -1); RSA_free(rsa); #endif return EXPECT_RESULT(); } static int test_wolfSSL_RSA_GenAdd(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) RSA *rsa; #ifdef USE_CERT_BUFFERS_1024 const unsigned char* privDer = client_key_der_1024; size_t privDerSz = sizeof_client_key_der_1024; const unsigned char* pubDer = client_keypub_der_1024; size_t pubDerSz = sizeof_client_keypub_der_1024; #else const unsigned char* privDer = client_key_der_2048; size_t privDerSz = sizeof_client_key_der_2048; const unsigned char* pubDer = client_keypub_der_2048; size_t pubDerSz = sizeof_client_keypub_der_2048; #endif const unsigned char* der; der = privDer; rsa = NULL; ExpectNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz)); ExpectIntEQ(wolfSSL_RSA_GenAdd(NULL), -1); #ifndef RSA_LOW_MEM ExpectIntEQ(wolfSSL_RSA_GenAdd(rsa), 1); #else /* dmp1 and dmq1 are not set (allocated) when RSA_LOW_MEM. */ ExpectIntEQ(wolfSSL_RSA_GenAdd(rsa), -1); #endif RSA_free(rsa); der = pubDer; rsa = NULL; ExpectNotNull(d2i_RSAPublicKey(&rsa, &der, pubDerSz)); /* Need private values. */ ExpectIntEQ(wolfSSL_RSA_GenAdd(rsa), -1); RSA_free(rsa); #endif return EXPECT_RESULT(); } static int test_wolfSSL_RSA_blinding_on(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_WOLFSSL_STUB) RSA *rsa; WOLFSSL_BN_CTX *bnCtx = NULL; #ifdef USE_CERT_BUFFERS_1024 const unsigned char* privDer = client_key_der_1024; size_t privDerSz = sizeof_client_key_der_1024; #else const unsigned char* privDer = client_key_der_2048; size_t privDerSz = sizeof_client_key_der_2048; #endif const unsigned char* der; der = privDer; rsa = NULL; ExpectNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz)); ExpectNotNull(bnCtx = wolfSSL_BN_CTX_new()); /* Does nothing so all parameters are valid. */ ExpectIntEQ(wolfSSL_RSA_blinding_on(NULL, NULL), 1); ExpectIntEQ(wolfSSL_RSA_blinding_on(rsa, NULL), 1); ExpectIntEQ(wolfSSL_RSA_blinding_on(NULL, bnCtx), 1); ExpectIntEQ(wolfSSL_RSA_blinding_on(rsa, bnCtx), 1); wolfSSL_BN_CTX_free(bnCtx); RSA_free(rsa); #endif return EXPECT_RESULT(); } static int test_wolfSSL_RSA_ex_data(void) { EXPECT_DECLS; #if !defined(NO_RSA) && defined(OPENSSL_EXTRA) RSA* rsa = NULL; unsigned char data[1]; ExpectNotNull(rsa = RSA_new()); ExpectNull(wolfSSL_RSA_get_ex_data(NULL, 0)); ExpectNull(wolfSSL_RSA_get_ex_data(rsa, 0)); #ifdef MAX_EX_DATA ExpectNull(wolfSSL_RSA_get_ex_data(rsa, MAX_EX_DATA)); ExpectIntEQ(wolfSSL_RSA_set_ex_data(rsa, MAX_EX_DATA, data), 0); #endif ExpectIntEQ(wolfSSL_RSA_set_ex_data(NULL, 0, NULL), 0); ExpectIntEQ(wolfSSL_RSA_set_ex_data(NULL, 0, data), 0); #ifdef HAVE_EX_DATA ExpectIntEQ(wolfSSL_RSA_set_ex_data(rsa, 0, NULL), 1); ExpectIntEQ(wolfSSL_RSA_set_ex_data(rsa, 0, data), 1); ExpectPtrEq(wolfSSL_RSA_get_ex_data(rsa, 0), data); #else ExpectIntEQ(wolfSSL_RSA_set_ex_data(rsa, 0, NULL), 0); ExpectIntEQ(wolfSSL_RSA_set_ex_data(rsa, 0, data), 0); ExpectNull(wolfSSL_RSA_get_ex_data(rsa, 0)); #endif RSA_free(rsa); #endif /* !NO_RSA && OPENSSL_EXTRA */ return EXPECT_RESULT(); } static int test_wolfSSL_RSA_LoadDer(void) { EXPECT_DECLS; #if !defined(NO_RSA) && (defined(OPENSSL_EXTRA) || \ defined(OPENSSL_EXTRA_X509_SMALL)) RSA *rsa = NULL; #ifdef USE_CERT_BUFFERS_1024 const unsigned char* privDer = client_key_der_1024; size_t privDerSz = sizeof_client_key_der_1024; #else const unsigned char* privDer = client_key_der_2048; size_t privDerSz = sizeof_client_key_der_2048; #endif ExpectNotNull(rsa = RSA_new()); ExpectIntEQ(wolfSSL_RSA_LoadDer(NULL, privDer, (int)privDerSz), -1); ExpectIntEQ(wolfSSL_RSA_LoadDer(rsa, NULL, (int)privDerSz), -1); ExpectIntEQ(wolfSSL_RSA_LoadDer(rsa, privDer, 0), -1); ExpectIntEQ(wolfSSL_RSA_LoadDer(rsa, privDer, (int)privDerSz), 1); RSA_free(rsa); #endif /* !NO_RSA && OPENSSL_EXTRA */ return EXPECT_RESULT(); } /* Local API. */ static int test_wolfSSL_RSA_To_Der(void) { EXPECT_DECLS; #ifdef WOLFSSL_TEST_STATIC_BUILD #if defined(WOLFSSL_KEY_GEN) && defined(OPENSSL_EXTRA) && !defined(NO_RSA) RSA* rsa; #ifdef USE_CERT_BUFFERS_1024 const unsigned char* privDer = client_key_der_1024; size_t privDerSz = sizeof_client_key_der_1024; const unsigned char* pubDer = client_keypub_der_1024; size_t pubDerSz = sizeof_client_keypub_der_1024; unsigned char out[sizeof(client_key_der_1024)]; #else const unsigned char* privDer = client_key_der_2048; size_t privDerSz = sizeof_client_key_der_2048; const unsigned char* pubDer = client_keypub_der_2048; size_t pubDerSz = sizeof_client_keypub_der_2048; unsigned char out[sizeof(client_key_der_2048)]; #endif const unsigned char* der; unsigned char* outDer = NULL; der = privDer; rsa = NULL; ExpectNotNull(wolfSSL_d2i_RSAPrivateKey(&rsa, &der, privDerSz)); ExpectIntEQ(wolfSSL_RSA_To_Der(NULL, &outDer, 0, HEAP_HINT), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 2, HEAP_HINT), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, NULL, 0, HEAP_HINT), privDerSz); outDer = out; ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 0, HEAP_HINT), privDerSz); ExpectIntEQ(XMEMCMP(out, privDer, privDerSz), 0); outDer = NULL; ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 0, HEAP_HINT), privDerSz); ExpectNotNull(outDer); ExpectIntEQ(XMEMCMP(outDer, privDer, privDerSz), 0); XFREE(outDer, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, NULL, 1, HEAP_HINT), pubDerSz); outDer = out; ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 1, HEAP_HINT), pubDerSz); ExpectIntEQ(XMEMCMP(out, pubDer, pubDerSz), 0); RSA_free(rsa); ExpectNotNull(rsa = RSA_new()); ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 0, HEAP_HINT), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 1, HEAP_HINT), BAD_FUNC_ARG); RSA_free(rsa); der = pubDer; rsa = NULL; ExpectNotNull(wolfSSL_d2i_RSAPublicKey(&rsa, &der, pubDerSz)); ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 0, HEAP_HINT), BAD_FUNC_ARG); RSA_free(rsa); #endif #endif return EXPECT_RESULT(); } /* wolfSSL_PEM_read_RSAPublicKey is a stub function. */ static int test_wolfSSL_PEM_read_RSAPublicKey(void) { EXPECT_DECLS; #if !defined(NO_RSA) && defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) XFILE file = XBADFILE; const char* fname = "./certs/server-keyPub.pem"; RSA *rsa = NULL; ExpectNull(wolfSSL_PEM_read_RSAPublicKey(XBADFILE, NULL, NULL, NULL)); ExpectTrue((file = XFOPEN(fname, "rb")) != XBADFILE); ExpectNotNull(rsa = PEM_read_RSA_PUBKEY(file, NULL, NULL, NULL)); ExpectIntEQ(RSA_size(rsa), 256); RSA_free(rsa); if (file != XBADFILE) XFCLOSE(file); #endif return EXPECT_RESULT(); } /* wolfSSL_PEM_read_RSAPublicKey is a stub function. */ static int test_wolfSSL_PEM_write_RSA_PUBKEY(void) { EXPECT_DECLS; #if !defined(NO_RSA) && defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && \ defined(WOLFSSL_KEY_GEN) RSA* rsa = NULL; ExpectIntEQ(wolfSSL_PEM_write_RSA_PUBKEY(XBADFILE, NULL), 0); ExpectIntEQ(wolfSSL_PEM_write_RSA_PUBKEY(stderr, NULL), 0); /* Valid but stub so returns 0. */ ExpectIntEQ(wolfSSL_PEM_write_RSA_PUBKEY(stderr, rsa), 0); #endif return EXPECT_RESULT(); } static int test_wolfSSL_PEM_write_RSAPrivateKey(void) { EXPECT_DECLS; #if !defined(NO_RSA) && defined(OPENSSL_EXTRA) && defined(WOLFSSL_KEY_GEN) && \ (defined(WOLFSSL_PEM_TO_DER) || \ defined(WOLFSSL_DER_TO_PEM)) && !defined(NO_FILESYSTEM) RSA* rsa = NULL; #ifdef USE_CERT_BUFFERS_1024 const unsigned char* privDer = client_key_der_1024; size_t privDerSz = sizeof_client_key_der_1024; #else const unsigned char* privDer = client_key_der_2048; size_t privDerSz = sizeof_client_key_der_2048; #endif const unsigned char* der; #ifndef NO_AES unsigned char passwd[] = "password"; #endif ExpectNotNull(rsa = RSA_new()); ExpectIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, rsa, NULL, NULL, 0, NULL, NULL), 0); RSA_free(rsa); der = privDer; rsa = NULL; ExpectNotNull(wolfSSL_d2i_RSAPrivateKey(&rsa, &der, privDerSz)); ExpectIntEQ(wolfSSL_PEM_write_RSAPrivateKey(XBADFILE, rsa, NULL, NULL, 0, NULL, NULL), 0); ExpectIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, NULL, NULL, NULL, 0, NULL, NULL), 0); ExpectIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, rsa, NULL, NULL, 0, NULL, NULL), 1); #ifndef NO_AES ExpectIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, rsa, EVP_aes_128_cbc(), NULL, 0, NULL, NULL), 1); ExpectIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, rsa, EVP_aes_128_cbc(), passwd, sizeof(passwd) - 1, NULL, NULL), 1); #endif RSA_free(rsa); #endif return EXPECT_RESULT(); } static int test_wolfSSL_PEM_write_mem_RSAPrivateKey(void) { EXPECT_DECLS; #if !defined(NO_RSA) && defined(OPENSSL_EXTRA) && defined(WOLFSSL_KEY_GEN) && \ (defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM)) RSA* rsa = NULL; #ifdef USE_CERT_BUFFERS_1024 const unsigned char* privDer = client_key_der_1024; size_t privDerSz = sizeof_client_key_der_1024; #else const unsigned char* privDer = client_key_der_2048; size_t privDerSz = sizeof_client_key_der_2048; #endif const unsigned char* der; #ifndef NO_AES unsigned char passwd[] = "password"; #endif unsigned char* pem = NULL; int plen; ExpectNotNull(rsa = RSA_new()); ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, NULL, NULL, 0, &pem, &plen), 0); RSA_free(rsa); der = privDer; rsa = NULL; ExpectNotNull(wolfSSL_d2i_RSAPrivateKey(&rsa, &der, privDerSz)); ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(NULL, NULL, NULL, 0, &pem, &plen), 0); ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, NULL, NULL, 0, NULL, &plen), 0); ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, NULL, NULL, 0, &pem, NULL), 0); ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, NULL, NULL, 0, &pem, &plen), 1); XFREE(pem, NULL, DYNAMIC_TYPE_KEY); pem = NULL; #ifndef NO_AES ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, EVP_aes_128_cbc(), NULL, 0, &pem, &plen), 1); XFREE(pem, NULL, DYNAMIC_TYPE_KEY); pem = NULL; ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, EVP_aes_128_cbc(), passwd, sizeof(passwd) - 1, &pem, &plen), 1); XFREE(pem, NULL, DYNAMIC_TYPE_KEY); #endif RSA_free(rsa); #endif return EXPECT_RESULT(); } static int test_wolfSSL_DH(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_DH) DH *dh = NULL; BIGNUM* p; BIGNUM* q; BIGNUM* g; BIGNUM* pub = NULL; BIGNUM* priv = NULL; #if defined(OPENSSL_ALL) #if !defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)) FILE* f = NULL; unsigned char buf[268]; const unsigned char* pt = buf; long len = 0; dh = NULL; XMEMSET(buf, 0, sizeof(buf)); /* Test 2048 bit parameters */ ExpectTrue((f = XFOPEN("./certs/dh2048.der", "rb")) != XBADFILE); ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0); if (f != XBADFILE) XFCLOSE(f); ExpectNotNull(dh = d2i_DHparams(NULL, &pt, len)); ExpectNotNull(dh->p); ExpectNotNull(dh->g); ExpectTrue(pt == buf); ExpectIntEQ(DH_generate_key(dh), 1); ExpectIntEQ(DH_generate_key(dh), 1); ExpectIntEQ(DH_compute_key(NULL, NULL, NULL), -1); ExpectNotNull(pub = BN_new()); ExpectIntEQ(BN_set_word(pub, 1), 1); ExpectIntEQ(DH_compute_key(buf, NULL, NULL), -1); ExpectIntEQ(DH_compute_key(NULL, pub, NULL), -1); ExpectIntEQ(DH_compute_key(NULL, NULL, dh), -1); ExpectIntEQ(DH_compute_key(buf, pub, NULL), -1); ExpectIntEQ(DH_compute_key(buf, NULL, dh), -1); ExpectIntEQ(DH_compute_key(NULL, pub, dh), -1); ExpectIntEQ(DH_compute_key(buf, pub, dh), -1); BN_free(pub); pub = NULL; DH_get0_pqg(dh, (const BIGNUM**)&p, (const BIGNUM**)&q, (const BIGNUM**)&g); ExpectPtrEq(p, dh->p); ExpectPtrEq(q, dh->q); ExpectPtrEq(g, dh->g); DH_get0_key(NULL, (const BIGNUM**)&pub, (const BIGNUM**)&priv); DH_get0_key(dh, (const BIGNUM**)&pub, (const BIGNUM**)&priv); ExpectPtrEq(pub, dh->pub_key); ExpectPtrEq(priv, dh->priv_key); DH_get0_key(dh, (const BIGNUM**)&pub, NULL); ExpectPtrEq(pub, dh->pub_key); DH_get0_key(dh, NULL, (const BIGNUM**)&priv); ExpectPtrEq(priv, dh->priv_key); pub = NULL; priv = NULL; ExpectNotNull(pub = BN_new()); ExpectNotNull(priv = BN_new()); ExpectIntEQ(DH_set0_key(NULL, pub, priv), 0); ExpectIntEQ(DH_set0_key(dh, pub, priv), 1); if (EXPECT_FAIL()) { BN_free(pub); BN_free(priv); } pub = NULL; priv = NULL; ExpectNotNull(pub = BN_new()); ExpectIntEQ(DH_set0_key(dh, pub, NULL), 1); if (EXPECT_FAIL()) { BN_free(pub); } ExpectNotNull(priv = BN_new()); ExpectIntEQ(DH_set0_key(dh, NULL, priv), 1); if (EXPECT_FAIL()) { BN_free(priv); } ExpectPtrEq(pub, dh->pub_key); ExpectPtrEq(priv, dh->priv_key); pub = NULL; priv = NULL; DH_free(dh); dh = NULL; ExpectNotNull(dh = DH_new()); p = NULL; ExpectNotNull(p = BN_new()); ExpectIntEQ(BN_set_word(p, 1), 1); ExpectIntEQ(DH_compute_key(buf, p, dh), -1); ExpectNotNull(pub = BN_new()); ExpectNotNull(priv = BN_new()); ExpectIntEQ(DH_set0_key(dh, pub, priv), 1); if (EXPECT_FAIL()) { BN_free(pub); BN_free(priv); } pub = NULL; priv = NULL; ExpectIntEQ(DH_compute_key(buf, p, dh), -1); BN_free(p); p = NULL; DH_free(dh); dh = NULL; #ifdef WOLFSSL_KEY_GEN ExpectNotNull(dh = DH_generate_parameters(2048, 2, NULL, NULL)); ExpectIntEQ(wolfSSL_DH_generate_parameters_ex(NULL, 2048, 2, NULL), 0); DH_free(dh); dh = NULL; #endif #endif /* !HAVE_FIPS || (HAVE_FIPS_VERSION && HAVE_FIPS_VERSION > 2) */ #endif /* OPENSSL_ALL */ (void)dh; (void)p; (void)q; (void)g; (void)pub; (void)priv; ExpectNotNull(dh = wolfSSL_DH_new()); /* invalid parameters test */ DH_get0_pqg(NULL, (const BIGNUM**)&p, (const BIGNUM**)&q, (const BIGNUM**)&g); DH_get0_pqg(dh, NULL, (const BIGNUM**)&q, (const BIGNUM**)&g); DH_get0_pqg(dh, NULL, NULL, (const BIGNUM**)&g); DH_get0_pqg(dh, NULL, NULL, NULL); DH_get0_pqg(dh, (const BIGNUM**)&p, (const BIGNUM**)&q, (const BIGNUM**)&g); ExpectPtrEq(p, NULL); ExpectPtrEq(q, NULL); ExpectPtrEq(g, NULL); DH_free(dh); dh = NULL; #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS) && !defined(WOLFSSL_DH_EXTRA)) \ || (defined(HAVE_FIPS_VERSION) && FIPS_VERSION_GT(2,0)) #if defined(OPENSSL_ALL) || \ defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L dh = wolfSSL_DH_new(); ExpectNotNull(dh); p = wolfSSL_BN_new(); ExpectNotNull(p); ExpectIntEQ(BN_set_word(p, 11), 1); g = wolfSSL_BN_new(); ExpectNotNull(g); ExpectIntEQ(BN_set_word(g, 2), 1); q = wolfSSL_BN_new(); ExpectNotNull(q); ExpectIntEQ(BN_set_word(q, 5), 1); ExpectIntEQ(wolfSSL_DH_set0_pqg(NULL, NULL, NULL, NULL), 0); ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, NULL, NULL), 0); ExpectIntEQ(wolfSSL_DH_set0_pqg(NULL, p, NULL, NULL), 0); ExpectIntEQ(wolfSSL_DH_set0_pqg(NULL, NULL, q, NULL), 0); ExpectIntEQ(wolfSSL_DH_set0_pqg(NULL, NULL, NULL, g), 0); ExpectIntEQ(wolfSSL_DH_set0_pqg(NULL, p, q, g), 0); ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, q, g), 0); ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, p, q, NULL), 0); /* Don't need q. */ ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, p, NULL, g), 1); if (EXPECT_FAIL()) { BN_free(p); BN_free(g); } p = NULL; g = NULL; /* Setting again will free the p and g. */ wolfSSL_BN_free(q); q = NULL; DH_free(dh); dh = NULL; dh = wolfSSL_DH_new(); ExpectNotNull(dh); p = wolfSSL_BN_new(); ExpectNotNull(p); ExpectIntEQ(BN_set_word(p, 11), 1); g = wolfSSL_BN_new(); ExpectNotNull(g); ExpectIntEQ(BN_set_word(g, 2), 1); q = wolfSSL_BN_new(); ExpectNotNull(q); ExpectIntEQ(BN_set_word(q, 5), 1); ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, p, q, g), 1); /* p, q and g are now owned by dh - don't free. */ if (EXPECT_FAIL()) { BN_free(p); BN_free(q); BN_free(g); } p = NULL; q = NULL; g = NULL; p = wolfSSL_BN_new(); ExpectNotNull(p); ExpectIntEQ(BN_set_word(p, 11), 1); g = wolfSSL_BN_new(); ExpectNotNull(g); ExpectIntEQ(BN_set_word(g, 2), 1); q = wolfSSL_BN_new(); ExpectNotNull(q); ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, p, NULL, NULL), 1); if (EXPECT_FAIL()) { BN_free(p); } p = NULL; ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, q, NULL), 1); if (EXPECT_FAIL()) { BN_free(q); } q = NULL; ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, NULL, g), 1); if (EXPECT_FAIL()) { BN_free(g); } g = NULL; ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, NULL, NULL), 1); /* p, q and g are now owned by dh - don't free. */ DH_free(dh); dh = NULL; ExpectIntEQ(DH_generate_key(NULL), 0); ExpectNotNull(dh = DH_new()); ExpectIntEQ(DH_generate_key(dh), 0); p = wolfSSL_BN_new(); ExpectNotNull(p); ExpectIntEQ(BN_set_word(p, 0), 1); g = wolfSSL_BN_new(); ExpectNotNull(g); ExpectIntEQ(BN_set_word(g, 2), 1); ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, p, NULL, g), 1); if (EXPECT_FAIL()) { BN_free(p); BN_free(g); } p = NULL; g = NULL; ExpectIntEQ(DH_generate_key(dh), 0); DH_free(dh); dh = NULL; #endif #endif /* Test DH_up_ref() */ dh = wolfSSL_DH_new(); ExpectNotNull(dh); ExpectIntEQ(wolfSSL_DH_up_ref(NULL), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_DH_up_ref(dh), WOLFSSL_SUCCESS); DH_free(dh); /* decrease ref count */ DH_free(dh); /* free WOLFSSL_DH */ dh = NULL; q = NULL; ExpectNull((dh = DH_new_by_nid(NID_sha1))); #if (defined(HAVE_PUBLIC_FFDHE) || (defined(HAVE_FIPS) && \ FIPS_VERSION_EQ(2,0))) || (!defined(HAVE_PUBLIC_FFDHE) && \ (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0))) #ifdef HAVE_FFDHE_2048 ExpectNotNull((dh = DH_new_by_nid(NID_ffdhe2048))); DH_free(dh); dh = NULL; q = NULL; #endif #ifdef HAVE_FFDHE_3072 ExpectNotNull((dh = DH_new_by_nid(NID_ffdhe3072))); DH_free(dh); dh = NULL; q = NULL; #endif #ifdef HAVE_FFDHE_4096 ExpectNotNull((dh = DH_new_by_nid(NID_ffdhe4096))); DH_free(dh); dh = NULL; q = NULL; #endif #else ExpectNull((dh = DH_new_by_nid(NID_ffdhe2048))); #endif /* (HAVE_PUBLIC_FFDHE || (HAVE_FIPS && HAVE_FIPS_VERSION == 2)) || * (!HAVE_PUBLIC_FFDHE && (!HAVE_FIPS || HAVE_FIPS_VERSION > 2))*/ ExpectIntEQ(wolfSSL_DH_size(NULL), -1); #endif /* OPENSSL_EXTRA && !NO_DH */ return EXPECT_RESULT(); } static int test_wolfSSL_DH_dup(void) { EXPECT_DECLS; #if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH) || \ defined(OPENSSL_EXTRA) DH *dh = NULL; DH *dhDup = NULL; ExpectNotNull(dh = wolfSSL_DH_new()); ExpectNull(dhDup = wolfSSL_DH_dup(NULL)); ExpectNull(dhDup = wolfSSL_DH_dup(dh)); #if defined(OPENSSL_ALL) || \ defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L { WOLFSSL_BIGNUM* p = NULL; WOLFSSL_BIGNUM* g = NULL; ExpectNotNull(p = wolfSSL_BN_new()); ExpectNotNull(g = wolfSSL_BN_new()); ExpectIntEQ(wolfSSL_BN_set_word(p, 11), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_BN_set_word(g, 2), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, p, NULL, g), 1); if (EXPECT_FAIL()) { wolfSSL_BN_free(p); wolfSSL_BN_free(g); } ExpectNotNull(dhDup = wolfSSL_DH_dup(dh)); wolfSSL_DH_free(dhDup); } #endif wolfSSL_DH_free(dh); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_DH_check(void) { EXPECT_DECLS; #ifdef OPENSSL_ALL #ifndef NO_DH #ifndef NO_BIO #ifndef NO_DSA byte buf[6000]; char file[] = "./certs/dsaparams.pem"; XFILE f = XBADFILE; int bytes; BIO* bio = NULL; DSA* dsa = NULL; #elif !defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0) static const byte dh2048[] = { 0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01, 0x00, 0xb0, 0xa1, 0x08, 0x06, 0x9c, 0x08, 0x13, 0xba, 0x59, 0x06, 0x3c, 0xbc, 0x30, 0xd5, 0xf5, 0x00, 0xc1, 0x4f, 0x44, 0xa7, 0xd6, 0xef, 0x4a, 0xc6, 0x25, 0x27, 0x1c, 0xe8, 0xd2, 0x96, 0x53, 0x0a, 0x5c, 0x91, 0xdd, 0xa2, 0xc2, 0x94, 0x84, 0xbf, 0x7d, 0xb2, 0x44, 0x9f, 0x9b, 0xd2, 0xc1, 0x8a, 0xc5, 0xbe, 0x72, 0x5c, 0xa7, 0xe7, 0x91, 0xe6, 0xd4, 0x9f, 0x73, 0x07, 0x85, 0x5b, 0x66, 0x48, 0xc7, 0x70, 0xfa, 0xb4, 0xee, 0x02, 0xc9, 0x3d, 0x9a, 0x4a, 0xda, 0x3d, 0xc1, 0x46, 0x3e, 0x19, 0x69, 0xd1, 0x17, 0x46, 0x07, 0xa3, 0x4d, 0x9f, 0x2b, 0x96, 0x17, 0x39, 0x6d, 0x30, 0x8d, 0x2a, 0xf3, 0x94, 0xd3, 0x75, 0xcf, 0xa0, 0x75, 0xe6, 0xf2, 0x92, 0x1f, 0x1a, 0x70, 0x05, 0xaa, 0x04, 0x83, 0x57, 0x30, 0xfb, 0xda, 0x76, 0x93, 0x38, 0x50, 0xe8, 0x27, 0xfd, 0x63, 0xee, 0x3c, 0xe5, 0xb7, 0xc8, 0x09, 0xae, 0x6f, 0x50, 0x35, 0x8e, 0x84, 0xce, 0x4a, 0x00, 0xe9, 0x12, 0x7e, 0x5a, 0x31, 0xd7, 0x33, 0xfc, 0x21, 0x13, 0x76, 0xcc, 0x16, 0x30, 0xdb, 0x0c, 0xfc, 0xc5, 0x62, 0xa7, 0x35, 0xb8, 0xef, 0xb7, 0xb0, 0xac, 0xc0, 0x36, 0xf6, 0xd9, 0xc9, 0x46, 0x48, 0xf9, 0x40, 0x90, 0x00, 0x2b, 0x1b, 0xaa, 0x6c, 0xe3, 0x1a, 0xc3, 0x0b, 0x03, 0x9e, 0x1b, 0xc2, 0x46, 0xe4, 0x48, 0x4e, 0x22, 0x73, 0x6f, 0xc3, 0x5f, 0xd4, 0x9a, 0xd6, 0x30, 0x07, 0x48, 0xd6, 0x8c, 0x90, 0xab, 0xd4, 0xf6, 0xf1, 0xe3, 0x48, 0xd3, 0x58, 0x4b, 0xa6, 0xb9, 0xcd, 0x29, 0xbf, 0x68, 0x1f, 0x08, 0x4b, 0x63, 0x86, 0x2f, 0x5c, 0x6b, 0xd6, 0xb6, 0x06, 0x65, 0xf7, 0xa6, 0xdc, 0x00, 0x67, 0x6b, 0xbb, 0xc3, 0xa9, 0x41, 0x83, 0xfb, 0xc7, 0xfa, 0xc8, 0xe2, 0x1e, 0x7e, 0xaf, 0x00, 0x3f, 0x93, 0x02, 0x01, 0x02 }; const byte* params; #endif DH* dh = NULL; WOLFSSL_BIGNUM* p = NULL; WOLFSSL_BIGNUM* g = NULL; WOLFSSL_BIGNUM* pTmp = NULL; WOLFSSL_BIGNUM* gTmp = NULL; int codes = -1; #ifndef NO_DSA /* Initialize DH */ ExpectTrue((f = XFOPEN(file, "rb")) != XBADFILE); ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0); if (f != XBADFILE) XFCLOSE(f); ExpectNotNull(bio = BIO_new_mem_buf((void*)buf, bytes)); ExpectNotNull(dsa = wolfSSL_PEM_read_bio_DSAparams(bio, NULL, NULL, NULL)); ExpectNotNull(dh = wolfSSL_DSA_dup_DH(dsa)); ExpectNotNull(dh); BIO_free(bio); DSA_free(dsa); #elif !defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0) params = dh2048; ExpectNotNull(dh = wolfSSL_d2i_DHparams(NULL, ¶ms, (long)sizeof(dh2048))); #else ExpectNotNull(dh = wolfSSL_DH_new_by_nid(NID_ffdhe2048)); #endif /* Test assumed to be valid dh. * Should return WOLFSSL_SUCCESS * codes should be 0 * Invalid codes = {DH_NOT_SUITABLE_GENERATOR, DH_CHECK_P_NOT_PRIME} */ ExpectIntEQ(wolfSSL_DH_check(dh, &codes), 1); ExpectIntEQ(codes, 0); /* Test NULL dh: expected BAD_FUNC_ARG */ ExpectIntEQ(wolfSSL_DH_check(NULL, &codes), 0); /* Break dh prime to test if codes = DH_CHECK_P_NOT_PRIME */ if (dh != NULL) { pTmp = dh->p; dh->p = NULL; } ExpectIntEQ(wolfSSL_DH_check(dh, &codes), 1); ExpectIntEQ(wolfSSL_DH_check(dh, NULL), 0); ExpectIntEQ(codes, DH_CHECK_P_NOT_PRIME); /* set dh->p back to normal so it won't fail on next tests */ if (dh != NULL) { dh->p = pTmp; pTmp = NULL; } /* Break dh generator to test if codes = DH_NOT_SUITABLE_GENERATOR */ if (dh != NULL) { gTmp = dh->g; dh->g = NULL; } ExpectIntEQ(wolfSSL_DH_check(dh, &codes), 1); ExpectIntEQ(wolfSSL_DH_check(dh, NULL), 0); ExpectIntEQ(codes, DH_NOT_SUITABLE_GENERATOR); if (dh != NULL) { dh->g = gTmp; gTmp = NULL; } /* Cleanup */ DH_free(dh); dh = NULL; dh = DH_new(); ExpectNotNull(dh); /* Check empty DH. */ ExpectIntEQ(wolfSSL_DH_check(dh, &codes), 1); ExpectIntEQ(wolfSSL_DH_check(dh, NULL), 0); ExpectIntEQ(codes, DH_NOT_SUITABLE_GENERATOR | DH_CHECK_P_NOT_PRIME); /* Check non-prime valued p. */ ExpectNotNull(p = BN_new()); ExpectIntEQ(BN_set_word(p, 4), 1); ExpectNotNull(g = BN_new()); ExpectIntEQ(BN_set_word(g, 2), 1); ExpectIntEQ(DH_set0_pqg(dh, p, NULL, g), 1); if (EXPECT_FAIL()) { wolfSSL_BN_free(p); wolfSSL_BN_free(g); } ExpectIntEQ(wolfSSL_DH_check(dh, &codes), 1); ExpectIntEQ(wolfSSL_DH_check(dh, NULL), 0); ExpectIntEQ(codes, DH_CHECK_P_NOT_PRIME); DH_free(dh); dh = NULL; #endif #endif /* !NO_DH && !NO_DSA */ #endif return EXPECT_RESULT(); } static int test_wolfSSL_DH_prime(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_DH) WOLFSSL_BIGNUM* bn = NULL; #if WOLFSSL_MAX_BN_BITS >= 768 WOLFSSL_BIGNUM* bn2 = NULL; #endif bn = wolfSSL_DH_768_prime(NULL); #if WOLFSSL_MAX_BN_BITS >= 768 ExpectNotNull(bn); bn2 = wolfSSL_DH_768_prime(bn); ExpectNotNull(bn2); ExpectTrue(bn == bn2); wolfSSL_BN_free(bn); bn = NULL; #else ExpectNull(bn); #endif bn = wolfSSL_DH_1024_prime(NULL); #if WOLFSSL_MAX_BN_BITS >= 1024 ExpectNotNull(bn); wolfSSL_BN_free(bn); bn = NULL; #else ExpectNull(bn); #endif bn = wolfSSL_DH_2048_prime(NULL); #if WOLFSSL_MAX_BN_BITS >= 2048 ExpectNotNull(bn); wolfSSL_BN_free(bn); bn = NULL; #else ExpectNull(bn); #endif bn = wolfSSL_DH_3072_prime(NULL); #if WOLFSSL_MAX_BN_BITS >= 3072 ExpectNotNull(bn); wolfSSL_BN_free(bn); bn = NULL; #else ExpectNull(bn); #endif bn = wolfSSL_DH_4096_prime(NULL); #if WOLFSSL_MAX_BN_BITS >= 4096 ExpectNotNull(bn); wolfSSL_BN_free(bn); bn = NULL; #else ExpectNull(bn); #endif bn = wolfSSL_DH_6144_prime(NULL); #if WOLFSSL_MAX_BN_BITS >= 6144 ExpectNotNull(bn); wolfSSL_BN_free(bn); bn = NULL; #else ExpectNull(bn); #endif bn = wolfSSL_DH_8192_prime(NULL); #if WOLFSSL_MAX_BN_BITS >= 8192 ExpectNotNull(bn); wolfSSL_BN_free(bn); bn = NULL; #else ExpectNull(bn); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_DH_1536_prime(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_DH) BIGNUM* bn = NULL; unsigned char bits[200]; int sz = 192; /* known binary size */ const byte expected[] = { 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, 0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1, 0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22, 0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B, 0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45, 0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B, 0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5, 0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D, 0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05, 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A, 0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F, 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96, 0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB, 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D, 0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04, 0xF1,0x74,0x6C,0x08,0xCA,0x23,0x73,0x27, 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, }; ExpectNotNull(bn = get_rfc3526_prime_1536(NULL)); ExpectIntEQ(sz, BN_bn2bin((const BIGNUM*)bn, bits)); ExpectIntEQ(0, XMEMCMP(expected, bits, sz)); BN_free(bn); #endif return EXPECT_RESULT(); } static int test_wolfSSL_DH_get_2048_256(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_DH) WOLFSSL_DH* dh = NULL; const WOLFSSL_BIGNUM* pBn; const WOLFSSL_BIGNUM* gBn; const WOLFSSL_BIGNUM* qBn; const byte pExpected[] = { 0x87, 0xA8, 0xE6, 0x1D, 0xB4, 0xB6, 0x66, 0x3C, 0xFF, 0xBB, 0xD1, 0x9C, 0x65, 0x19, 0x59, 0x99, 0x8C, 0xEE, 0xF6, 0x08, 0x66, 0x0D, 0xD0, 0xF2, 0x5D, 0x2C, 0xEE, 0xD4, 0x43, 0x5E, 0x3B, 0x00, 0xE0, 0x0D, 0xF8, 0xF1, 0xD6, 0x19, 0x57, 0xD4, 0xFA, 0xF7, 0xDF, 0x45, 0x61, 0xB2, 0xAA, 0x30, 0x16, 0xC3, 0xD9, 0x11, 0x34, 0x09, 0x6F, 0xAA, 0x3B, 0xF4, 0x29, 0x6D, 0x83, 0x0E, 0x9A, 0x7C, 0x20, 0x9E, 0x0C, 0x64, 0x97, 0x51, 0x7A, 0xBD, 0x5A, 0x8A, 0x9D, 0x30, 0x6B, 0xCF, 0x67, 0xED, 0x91, 0xF9, 0xE6, 0x72, 0x5B, 0x47, 0x58, 0xC0, 0x22, 0xE0, 0xB1, 0xEF, 0x42, 0x75, 0xBF, 0x7B, 0x6C, 0x5B, 0xFC, 0x11, 0xD4, 0x5F, 0x90, 0x88, 0xB9, 0x41, 0xF5, 0x4E, 0xB1, 0xE5, 0x9B, 0xB8, 0xBC, 0x39, 0xA0, 0xBF, 0x12, 0x30, 0x7F, 0x5C, 0x4F, 0xDB, 0x70, 0xC5, 0x81, 0xB2, 0x3F, 0x76, 0xB6, 0x3A, 0xCA, 0xE1, 0xCA, 0xA6, 0xB7, 0x90, 0x2D, 0x52, 0x52, 0x67, 0x35, 0x48, 0x8A, 0x0E, 0xF1, 0x3C, 0x6D, 0x9A, 0x51, 0xBF, 0xA4, 0xAB, 0x3A, 0xD8, 0x34, 0x77, 0x96, 0x52, 0x4D, 0x8E, 0xF6, 0xA1, 0x67, 0xB5, 0xA4, 0x18, 0x25, 0xD9, 0x67, 0xE1, 0x44, 0xE5, 0x14, 0x05, 0x64, 0x25, 0x1C, 0xCA, 0xCB, 0x83, 0xE6, 0xB4, 0x86, 0xF6, 0xB3, 0xCA, 0x3F, 0x79, 0x71, 0x50, 0x60, 0x26, 0xC0, 0xB8, 0x57, 0xF6, 0x89, 0x96, 0x28, 0x56, 0xDE, 0xD4, 0x01, 0x0A, 0xBD, 0x0B, 0xE6, 0x21, 0xC3, 0xA3, 0x96, 0x0A, 0x54, 0xE7, 0x10, 0xC3, 0x75, 0xF2, 0x63, 0x75, 0xD7, 0x01, 0x41, 0x03, 0xA4, 0xB5, 0x43, 0x30, 0xC1, 0x98, 0xAF, 0x12, 0x61, 0x16, 0xD2, 0x27, 0x6E, 0x11, 0x71, 0x5F, 0x69, 0x38, 0x77, 0xFA, 0xD7, 0xEF, 0x09, 0xCA, 0xDB, 0x09, 0x4A, 0xE9, 0x1E, 0x1A, 0x15, 0x97 }; const byte gExpected[] = { 0x3F, 0xB3, 0x2C, 0x9B, 0x73, 0x13, 0x4D, 0x0B, 0x2E, 0x77, 0x50, 0x66, 0x60, 0xED, 0xBD, 0x48, 0x4C, 0xA7, 0xB1, 0x8F, 0x21, 0xEF, 0x20, 0x54, 0x07, 0xF4, 0x79, 0x3A, 0x1A, 0x0B, 0xA1, 0x25, 0x10, 0xDB, 0xC1, 0x50, 0x77, 0xBE, 0x46, 0x3F, 0xFF, 0x4F, 0xED, 0x4A, 0xAC, 0x0B, 0xB5, 0x55, 0xBE, 0x3A, 0x6C, 0x1B, 0x0C, 0x6B, 0x47, 0xB1, 0xBC, 0x37, 0x73, 0xBF, 0x7E, 0x8C, 0x6F, 0x62, 0x90, 0x12, 0x28, 0xF8, 0xC2, 0x8C, 0xBB, 0x18, 0xA5, 0x5A, 0xE3, 0x13, 0x41, 0x00, 0x0A, 0x65, 0x01, 0x96, 0xF9, 0x31, 0xC7, 0x7A, 0x57, 0xF2, 0xDD, 0xF4, 0x63, 0xE5, 0xE9, 0xEC, 0x14, 0x4B, 0x77, 0x7D, 0xE6, 0x2A, 0xAA, 0xB8, 0xA8, 0x62, 0x8A, 0xC3, 0x76, 0xD2, 0x82, 0xD6, 0xED, 0x38, 0x64, 0xE6, 0x79, 0x82, 0x42, 0x8E, 0xBC, 0x83, 0x1D, 0x14, 0x34, 0x8F, 0x6F, 0x2F, 0x91, 0x93, 0xB5, 0x04, 0x5A, 0xF2, 0x76, 0x71, 0x64, 0xE1, 0xDF, 0xC9, 0x67, 0xC1, 0xFB, 0x3F, 0x2E, 0x55, 0xA4, 0xBD, 0x1B, 0xFF, 0xE8, 0x3B, 0x9C, 0x80, 0xD0, 0x52, 0xB9, 0x85, 0xD1, 0x82, 0xEA, 0x0A, 0xDB, 0x2A, 0x3B, 0x73, 0x13, 0xD3, 0xFE, 0x14, 0xC8, 0x48, 0x4B, 0x1E, 0x05, 0x25, 0x88, 0xB9, 0xB7, 0xD2, 0xBB, 0xD2, 0xDF, 0x01, 0x61, 0x99, 0xEC, 0xD0, 0x6E, 0x15, 0x57, 0xCD, 0x09, 0x15, 0xB3, 0x35, 0x3B, 0xBB, 0x64, 0xE0, 0xEC, 0x37, 0x7F, 0xD0, 0x28, 0x37, 0x0D, 0xF9, 0x2B, 0x52, 0xC7, 0x89, 0x14, 0x28, 0xCD, 0xC6, 0x7E, 0xB6, 0x18, 0x4B, 0x52, 0x3D, 0x1D, 0xB2, 0x46, 0xC3, 0x2F, 0x63, 0x07, 0x84, 0x90, 0xF0, 0x0E, 0xF8, 0xD6, 0x47, 0xD1, 0x48, 0xD4, 0x79, 0x54, 0x51, 0x5E, 0x23, 0x27, 0xCF, 0xEF, 0x98, 0xC5, 0x82, 0x66, 0x4B, 0x4C, 0x0F, 0x6C, 0xC4, 0x16, 0x59 }; const byte qExpected[] = { 0x8C, 0xF8, 0x36, 0x42, 0xA7, 0x09, 0xA0, 0x97, 0xB4, 0x47, 0x99, 0x76, 0x40, 0x12, 0x9D, 0xA2, 0x99, 0xB1, 0xA4, 0x7D, 0x1E, 0xB3, 0x75, 0x0B, 0xA3, 0x08, 0xB0, 0xFE, 0x64, 0xF5, 0xFB, 0xD3 }; int pSz = 0; int qSz = 0; int gSz = 0; byte* pReturned = NULL; byte* qReturned = NULL; byte* gReturned = NULL; ExpectNotNull((dh = wolfSSL_DH_get_2048_256())); wolfSSL_DH_get0_pqg(dh, &pBn, &qBn, &gBn); ExpectIntGT((pSz = wolfSSL_BN_num_bytes(pBn)), 0); ExpectNotNull(pReturned = (byte*)XMALLOC(pSz, NULL, DYNAMIC_TYPE_TMP_BUFFER)); ExpectIntGT((pSz = wolfSSL_BN_bn2bin(pBn, pReturned)), 0); ExpectIntEQ(pSz, sizeof(pExpected)); ExpectIntEQ(XMEMCMP(pExpected, pReturned, pSz), 0); ExpectIntGT((qSz = wolfSSL_BN_num_bytes(qBn)), 0); ExpectNotNull(qReturned = (byte*)XMALLOC(qSz, NULL, DYNAMIC_TYPE_TMP_BUFFER)); ExpectIntGT((qSz = wolfSSL_BN_bn2bin(qBn, qReturned)), 0); ExpectIntEQ(qSz, sizeof(qExpected)); ExpectIntEQ(XMEMCMP(qExpected, qReturned, qSz), 0); ExpectIntGT((gSz = wolfSSL_BN_num_bytes(gBn)), 0); ExpectNotNull(gReturned = (byte*)XMALLOC(gSz, NULL, DYNAMIC_TYPE_TMP_BUFFER)); ExpectIntGT((gSz = wolfSSL_BN_bn2bin(gBn, gReturned)), 0); ExpectIntEQ(gSz, sizeof(gExpected)); ExpectIntEQ(XMEMCMP(gExpected, gReturned, gSz), 0); wolfSSL_DH_free(dh); XFREE(pReturned, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(gReturned, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(qReturned, NULL, DYNAMIC_TYPE_TMP_BUFFER); #endif return EXPECT_RESULT(); } static int test_wolfSSL_PEM_write_DHparams(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_BIO) && \ !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && !defined(NO_FILESYSTEM) DH* dh = NULL; BIO* bio = NULL; XFILE fp = XBADFILE; byte pem[2048]; int pemSz = 0; const char expected[] = "-----BEGIN DH PARAMETERS-----\n" "MIIBCAKCAQEAsKEIBpwIE7pZBjy8MNX1AMFPRKfW70rGJScc6NKWUwpckd2iwpSE\n" "v32yRJ+b0sGKxb5yXKfnkebUn3MHhVtmSMdw+rTuAsk9mkraPcFGPhlp0RdGB6NN\n" "nyuWFzltMI0q85TTdc+gdebykh8acAWqBINXMPvadpM4UOgn/WPuPOW3yAmub1A1\n" "joTOSgDpEn5aMdcz/CETdswWMNsM/MVipzW477ewrMA29tnJRkj5QJAAKxuqbOMa\n" "wwsDnhvCRuRITiJzb8Nf1JrWMAdI1oyQq9T28eNI01hLprnNKb9oHwhLY4YvXGvW\n" "tgZl96bcAGdru8OpQYP7x/rI4h5+rwA/kwIBAg==\n" "-----END DH PARAMETERS-----\n"; const char badPem[] = "-----BEGIN DH PARAMETERS-----\n" "-----END DH PARAMETERS-----\n"; const char emptySeqPem[] = "-----BEGIN DH PARAMETERS-----\n" "MAA=\n" "-----END DH PARAMETERS-----\n"; ExpectTrue((fp = XFOPEN(dhParamFile, "rb")) != XBADFILE); ExpectIntGT((pemSz = (int)XFREAD(pem, 1, sizeof(pem), fp)), 0); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } ExpectNull(PEM_read_bio_DHparams(NULL, NULL, NULL, NULL)); ExpectNotNull(bio = BIO_new(BIO_s_mem())); ExpectNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL)); ExpectIntEQ(BIO_write(bio, badPem, (int)sizeof(badPem)), (int)sizeof(badPem)); ExpectNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL)); BIO_free(bio); bio = NULL; ExpectNotNull(bio = BIO_new(BIO_s_mem())); ExpectNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL)); ExpectIntEQ(BIO_write(bio, emptySeqPem, (int)sizeof(emptySeqPem)), (int)sizeof(emptySeqPem)); ExpectNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL)); BIO_free(bio); bio = NULL; ExpectNotNull(bio = BIO_new(BIO_s_mem())); ExpectIntEQ(BIO_write(bio, pem, pemSz), pemSz); ExpectNotNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL)); BIO_free(bio); bio = NULL; ExpectNotNull(fp = XFOPEN("./test-write-dhparams.pem", "wb")); ExpectIntEQ(PEM_write_DHparams(fp, dh), WOLFSSL_SUCCESS); ExpectIntEQ(PEM_write_DHparams(fp, NULL), WOLFSSL_FAILURE); DH_free(dh); dh = NULL; dh = wolfSSL_DH_new(); ExpectIntEQ(PEM_write_DHparams(fp, dh), WOLFSSL_FAILURE); if (fp != XBADFILE) { XFCLOSE(fp); fp = XBADFILE; } wolfSSL_DH_free(dh); dh = NULL; /* check results */ XMEMSET(pem, 0, sizeof(pem)); ExpectTrue((fp = XFOPEN("./test-write-dhparams.pem", "rb")) != XBADFILE); ExpectIntGT((pemSz = (int)XFREAD(pem, 1, sizeof(pem), fp)), 0); ExpectIntEQ(XMEMCMP(pem, expected, pemSz), 0); if (fp != XBADFILE) XFCLOSE(fp); #endif return EXPECT_RESULT(); } static int test_wolfSSL_d2i_DHparams(void) { EXPECT_DECLS; #ifdef OPENSSL_ALL #if !defined(NO_DH) && (defined(HAVE_FFDHE_2048) || defined(HAVE_FFDHE_3072)) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) XFILE f = XBADFILE; unsigned char buf[4096]; const unsigned char* pt = buf; #ifdef HAVE_FFDHE_2048 const char* params1 = "./certs/dh2048.der"; #endif #ifdef HAVE_FFDHE_3072 const char* params2 = "./certs/dh3072.der"; #endif long len = 0; WOLFSSL_DH* dh = NULL; XMEMSET(buf, 0, sizeof(buf)); /* Test 2048 bit parameters */ #ifdef HAVE_FFDHE_2048 ExpectTrue((f = XFOPEN(params1, "rb")) != XBADFILE); ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } /* Valid case */ ExpectNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len)); ExpectNotNull(dh->p); ExpectNotNull(dh->g); ExpectTrue(pt == buf); ExpectIntEQ(DH_set_length(NULL, BN_num_bits(dh->p)), 0); ExpectIntEQ(DH_set_length(dh, BN_num_bits(dh->p)), 1); ExpectIntEQ(DH_generate_key(dh), WOLFSSL_SUCCESS); /* Invalid cases */ ExpectNull(wolfSSL_d2i_DHparams(NULL, NULL, len)); ExpectNull(wolfSSL_d2i_DHparams(NULL, &pt, -1)); ExpectNull(wolfSSL_d2i_DHparams(NULL, &pt, 10)); DH_free(dh); dh = NULL; *buf = 0; pt = buf; #endif /* HAVE_FFDHE_2048 */ /* Test 3072 bit parameters */ #ifdef HAVE_FFDHE_3072 ExpectTrue((f = XFOPEN(params2, "rb")) != XBADFILE); ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } /* Valid case */ ExpectNotNull(dh = wolfSSL_d2i_DHparams(&dh, &pt, len)); ExpectNotNull(dh->p); ExpectNotNull(dh->g); ExpectTrue(pt != buf); ExpectIntEQ(DH_generate_key(dh), 1); /* Invalid cases */ ExpectNull(wolfSSL_d2i_DHparams(NULL, NULL, len)); ExpectNull(wolfSSL_d2i_DHparams(NULL, &pt, -1)); DH_free(dh); dh = NULL; #endif /* HAVE_FFDHE_3072 */ #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ #endif /* !NO_DH */ #endif return EXPECT_RESULT(); } static int test_wolfSSL_DH_LoadDer(void) { EXPECT_DECLS; #if !defined(NO_DH) && (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0)) && \ defined(OPENSSL_EXTRA) static const byte dh2048[] = { 0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01, 0x00, 0xb0, 0xa1, 0x08, 0x06, 0x9c, 0x08, 0x13, 0xba, 0x59, 0x06, 0x3c, 0xbc, 0x30, 0xd5, 0xf5, 0x00, 0xc1, 0x4f, 0x44, 0xa7, 0xd6, 0xef, 0x4a, 0xc6, 0x25, 0x27, 0x1c, 0xe8, 0xd2, 0x96, 0x53, 0x0a, 0x5c, 0x91, 0xdd, 0xa2, 0xc2, 0x94, 0x84, 0xbf, 0x7d, 0xb2, 0x44, 0x9f, 0x9b, 0xd2, 0xc1, 0x8a, 0xc5, 0xbe, 0x72, 0x5c, 0xa7, 0xe7, 0x91, 0xe6, 0xd4, 0x9f, 0x73, 0x07, 0x85, 0x5b, 0x66, 0x48, 0xc7, 0x70, 0xfa, 0xb4, 0xee, 0x02, 0xc9, 0x3d, 0x9a, 0x4a, 0xda, 0x3d, 0xc1, 0x46, 0x3e, 0x19, 0x69, 0xd1, 0x17, 0x46, 0x07, 0xa3, 0x4d, 0x9f, 0x2b, 0x96, 0x17, 0x39, 0x6d, 0x30, 0x8d, 0x2a, 0xf3, 0x94, 0xd3, 0x75, 0xcf, 0xa0, 0x75, 0xe6, 0xf2, 0x92, 0x1f, 0x1a, 0x70, 0x05, 0xaa, 0x04, 0x83, 0x57, 0x30, 0xfb, 0xda, 0x76, 0x93, 0x38, 0x50, 0xe8, 0x27, 0xfd, 0x63, 0xee, 0x3c, 0xe5, 0xb7, 0xc8, 0x09, 0xae, 0x6f, 0x50, 0x35, 0x8e, 0x84, 0xce, 0x4a, 0x00, 0xe9, 0x12, 0x7e, 0x5a, 0x31, 0xd7, 0x33, 0xfc, 0x21, 0x13, 0x76, 0xcc, 0x16, 0x30, 0xdb, 0x0c, 0xfc, 0xc5, 0x62, 0xa7, 0x35, 0xb8, 0xef, 0xb7, 0xb0, 0xac, 0xc0, 0x36, 0xf6, 0xd9, 0xc9, 0x46, 0x48, 0xf9, 0x40, 0x90, 0x00, 0x2b, 0x1b, 0xaa, 0x6c, 0xe3, 0x1a, 0xc3, 0x0b, 0x03, 0x9e, 0x1b, 0xc2, 0x46, 0xe4, 0x48, 0x4e, 0x22, 0x73, 0x6f, 0xc3, 0x5f, 0xd4, 0x9a, 0xd6, 0x30, 0x07, 0x48, 0xd6, 0x8c, 0x90, 0xab, 0xd4, 0xf6, 0xf1, 0xe3, 0x48, 0xd3, 0x58, 0x4b, 0xa6, 0xb9, 0xcd, 0x29, 0xbf, 0x68, 0x1f, 0x08, 0x4b, 0x63, 0x86, 0x2f, 0x5c, 0x6b, 0xd6, 0xb6, 0x06, 0x65, 0xf7, 0xa6, 0xdc, 0x00, 0x67, 0x6b, 0xbb, 0xc3, 0xa9, 0x41, 0x83, 0xfb, 0xc7, 0xfa, 0xc8, 0xe2, 0x1e, 0x7e, 0xaf, 0x00, 0x3f, 0x93, 0x02, 0x01, 0x02 }; WOLFSSL_DH* dh = NULL; ExpectNotNull(dh = wolfSSL_DH_new()); ExpectIntEQ(wolfSSL_DH_LoadDer(NULL, NULL, 0), -1); ExpectIntEQ(wolfSSL_DH_LoadDer(dh, NULL, 0), -1); ExpectIntEQ(wolfSSL_DH_LoadDer(NULL, dh2048, sizeof(dh2048)), -1); ExpectIntEQ(wolfSSL_DH_LoadDer(dh, dh2048, sizeof(dh2048)), 1); wolfSSL_DH_free(dh); #endif return EXPECT_RESULT(); } static int test_wolfSSL_i2d_DHparams(void) { EXPECT_DECLS; #ifdef OPENSSL_ALL #if !defined(NO_DH) && (defined(HAVE_FFDHE_2048) || defined(HAVE_FFDHE_3072)) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) XFILE f = XBADFILE; unsigned char buf[4096]; const unsigned char* pt; unsigned char* pt2; #ifdef HAVE_FFDHE_2048 const char* params1 = "./certs/dh2048.der"; #endif #ifdef HAVE_FFDHE_3072 const char* params2 = "./certs/dh3072.der"; #endif long len = 0; WOLFSSL_DH* dh = NULL; /* Test 2048 bit parameters */ #ifdef HAVE_FFDHE_2048 pt = buf; pt2 = buf; ExpectTrue((f = XFOPEN(params1, "rb")) != XBADFILE); ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } /* Valid case */ ExpectNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len)); ExpectTrue(pt == buf); ExpectIntEQ(DH_generate_key(dh), 1); ExpectIntEQ(wolfSSL_i2d_DHparams(dh, &pt2), 268); /* Invalid case */ ExpectIntEQ(wolfSSL_i2d_DHparams(NULL, &pt2), 0); /* Return length only */ ExpectIntEQ(wolfSSL_i2d_DHparams(dh, NULL), 268); DH_free(dh); dh = NULL; *buf = 0; #endif /* Test 3072 bit parameters */ #ifdef HAVE_FFDHE_3072 pt = buf; pt2 = buf; ExpectTrue((f = XFOPEN(params2, "rb")) != XBADFILE); ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0); if (f != XBADFILE) { XFCLOSE(f); f = XBADFILE; } /* Valid case */ ExpectNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len)); ExpectTrue(pt == buf); ExpectIntEQ(DH_generate_key(dh), 1); ExpectIntEQ(wolfSSL_i2d_DHparams(dh, &pt2), 396); /* Invalid case */ ExpectIntEQ(wolfSSL_i2d_DHparams(NULL, &pt2), 0); /* Return length only */ ExpectIntEQ(wolfSSL_i2d_DHparams(dh, NULL), 396); DH_free(dh); dh = NULL; #endif dh = DH_new(); ExpectNotNull(dh); pt2 = buf; ExpectIntEQ(wolfSSL_i2d_DHparams(dh, &pt2), 0); DH_free(dh); dh = NULL; #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ #endif /* !NO_DH && (HAVE_FFDHE_2048 || HAVE_FFDHE_3072) */ #endif return EXPECT_RESULT(); } #if defined(HAVE_ECC) && !defined(OPENSSL_NO_PK) /*----------------------------------------------------------------------------* | EC *----------------------------------------------------------------------------*/ static int test_wolfSSL_EC_GROUP(void) { EXPECT_DECLS; #ifdef OPENSSL_EXTRA EC_GROUP *group = NULL; EC_GROUP *group2 = NULL; EC_GROUP *group3 = NULL; #ifndef HAVE_ECC_BRAINPOOL EC_GROUP *group4 = NULL; #endif WOLFSSL_BIGNUM* order = NULL; int group_bits; int i; static const int knownEccNids[] = { NID_X9_62_prime192v1, NID_X9_62_prime192v2, NID_X9_62_prime192v3, NID_X9_62_prime239v1, NID_X9_62_prime239v2, NID_X9_62_prime239v3, NID_X9_62_prime256v1, NID_secp112r1, NID_secp112r2, NID_secp128r1, NID_secp128r2, NID_secp160r1, NID_secp160r2, NID_secp224r1, NID_secp384r1, NID_secp521r1, NID_secp160k1, NID_secp192k1, NID_secp224k1, NID_secp256k1, NID_brainpoolP160r1, NID_brainpoolP192r1, NID_brainpoolP224r1, NID_brainpoolP256r1, NID_brainpoolP320r1, NID_brainpoolP384r1, NID_brainpoolP512r1, }; int knowEccNidsLen = (int)(sizeof(knownEccNids) / sizeof(*knownEccNids)); static const int knownEccEnums[] = { ECC_SECP192R1, ECC_PRIME192V2, ECC_PRIME192V3, ECC_PRIME239V1, ECC_PRIME239V2, ECC_PRIME239V3, ECC_SECP256R1, ECC_SECP112R1, ECC_SECP112R2, ECC_SECP128R1, ECC_SECP128R2, ECC_SECP160R1, ECC_SECP160R2, ECC_SECP224R1, ECC_SECP384R1, ECC_SECP521R1, ECC_SECP160K1, ECC_SECP192K1, ECC_SECP224K1, ECC_SECP256K1, ECC_BRAINPOOLP160R1, ECC_BRAINPOOLP192R1, ECC_BRAINPOOLP224R1, ECC_BRAINPOOLP256R1, ECC_BRAINPOOLP320R1, ECC_BRAINPOOLP384R1, ECC_BRAINPOOLP512R1, }; int knowEccEnumsLen = (int)(sizeof(knownEccEnums) / sizeof(*knownEccEnums)); ExpectNotNull(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1)); ExpectNotNull(group2 = EC_GROUP_dup(group)); ExpectNotNull(group3 = wolfSSL_EC_GROUP_new_by_curve_name(NID_secp384r1)); #ifndef HAVE_ECC_BRAINPOOL ExpectNotNull(group4 = wolfSSL_EC_GROUP_new_by_curve_name( NID_brainpoolP256r1)); #endif ExpectNull(EC_GROUP_dup(NULL)); ExpectIntEQ(wolfSSL_EC_GROUP_get_curve_name(NULL), 0); ExpectIntEQ(wolfSSL_EC_GROUP_get_curve_name(group), NID_X9_62_prime256v1); ExpectIntEQ((group_bits = EC_GROUP_order_bits(NULL)), 0); ExpectIntEQ((group_bits = EC_GROUP_order_bits(group)), 256); #ifndef HAVE_ECC_BRAINPOOL ExpectIntEQ((group_bits = EC_GROUP_order_bits(group4)), 0); #endif ExpectIntEQ(wolfSSL_EC_GROUP_get_degree(NULL), 0); ExpectIntEQ(wolfSSL_EC_GROUP_get_degree(group), 256); ExpectNotNull(order = BN_new()); ExpectIntEQ(wolfSSL_EC_GROUP_get_order(NULL, NULL, NULL), 0); ExpectIntEQ(wolfSSL_EC_GROUP_get_order(group, NULL, NULL), 0); ExpectIntEQ(wolfSSL_EC_GROUP_get_order(NULL, order, NULL), 0); ExpectIntEQ(wolfSSL_EC_GROUP_get_order(group, order, NULL), 1); wolfSSL_BN_free(order); ExpectNotNull(EC_GROUP_method_of(group)); ExpectIntEQ(EC_METHOD_get_field_type(NULL), 0); ExpectIntEQ(EC_METHOD_get_field_type(EC_GROUP_method_of(group)), NID_X9_62_prime_field); ExpectIntEQ(wolfSSL_EC_GROUP_cmp(NULL, NULL, NULL), -1); ExpectIntEQ(wolfSSL_EC_GROUP_cmp(group, NULL, NULL), -1); ExpectIntEQ(wolfSSL_EC_GROUP_cmp(NULL, group, NULL), -1); ExpectIntEQ(wolfSSL_EC_GROUP_cmp(group, group3, NULL), 1); #ifndef NO_WOLFSSL_STUB wolfSSL_EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); #endif #ifndef HAVE_ECC_BRAINPOOL EC_GROUP_free(group4); #endif EC_GROUP_free(group3); EC_GROUP_free(group2); EC_GROUP_free(group); for (i = 0; i < knowEccNidsLen; i++) { group = NULL; ExpectNotNull(group = EC_GROUP_new_by_curve_name(knownEccNids[i])); ExpectIntGT(wolfSSL_EC_GROUP_get_degree(group), 0); EC_GROUP_free(group); } for (i = 0; i < knowEccEnumsLen; i++) { group = NULL; ExpectNotNull(group = EC_GROUP_new_by_curve_name(knownEccEnums[i])); ExpectIntEQ(wolfSSL_EC_GROUP_get_curve_name(group), knownEccNids[i]); EC_GROUP_free(group); } #endif return EXPECT_RESULT(); } static int test_wolfSSL_PEM_read_bio_ECPKParameters(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && !defined(NO_BIO) EC_GROUP *group = NULL; BIO* bio = NULL; #if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && \ ECC_MIN_KEY_SZ <= 384 && !defined(NO_ECC_SECP) EC_GROUP *ret = NULL; static char ec_nc_p384[] = "-----BEGIN EC PARAMETERS-----\n" "BgUrgQQAIg==\n" "-----END EC PARAMETERS-----"; #endif static char ec_nc_bad_1[] = "-----BEGIN EC PARAMETERS-----\n" "MAA=\n" "-----END EC PARAMETERS-----"; static char ec_nc_bad_2[] = "-----BEGIN EC PARAMETERS-----\n" "BgA=\n" "-----END EC PARAMETERS-----"; static char ec_nc_bad_3[] = "-----BEGIN EC PARAMETERS-----\n" "BgE=\n" "-----END EC PARAMETERS-----"; static char ec_nc_bad_4[] = "-----BEGIN EC PARAMETERS-----\n" "BgE*\n" "-----END EC PARAMETERS-----"; /* Test that first parameter, bio, being NULL fails. */ ExpectNull(PEM_read_bio_ECPKParameters(NULL, NULL, NULL, NULL)); /* Test that reading named parameters works. */ ExpectNotNull(bio = BIO_new(BIO_s_file())); ExpectIntEQ(BIO_read_filename(bio, eccKeyFile), WOLFSSL_SUCCESS); ExpectNotNull(group = PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL)); ExpectIntEQ(EC_GROUP_get_curve_name(group), NID_X9_62_prime256v1); BIO_free(bio); bio = NULL; EC_GROUP_free(group); group = NULL; #if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && \ ECC_MIN_KEY_SZ <= 384 && !defined(NO_ECC_SECP) /* Test that reusing group works. */ ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_p384, sizeof(ec_nc_p384))); ExpectNotNull(group = PEM_read_bio_ECPKParameters(bio, &group, NULL, NULL)); ExpectIntEQ(EC_GROUP_get_curve_name(group), NID_secp384r1); BIO_free(bio); bio = NULL; EC_GROUP_free(group); group = NULL; /* Test that returning through group works. */ ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_p384, sizeof(ec_nc_p384))); ExpectNotNull(ret = PEM_read_bio_ECPKParameters(bio, &group, NULL, NULL)); ExpectIntEQ(group == ret, 1); ExpectIntEQ(EC_GROUP_get_curve_name(group), NID_secp384r1); BIO_free(bio); bio = NULL; EC_GROUP_free(group); group = NULL; #endif /* Test 0x30, 0x00 (not and object id) fails. */ ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_bad_1, sizeof(ec_nc_bad_1))); ExpectNull(PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL)); BIO_free(bio); bio = NULL; /* Test 0x06, 0x00 (empty object id) fails. */ ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_bad_2, sizeof(ec_nc_bad_2))); ExpectNull(PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL)); BIO_free(bio); bio = NULL; /* Test 0x06, 0x01 (badly formed object id) fails. */ ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_bad_3, sizeof(ec_nc_bad_3))); ExpectNull(PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL)); BIO_free(bio); bio = NULL; /* Test invalid PEM encoding - invalid character. */ ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_bad_4, sizeof(ec_nc_bad_4))); ExpectNull(PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL)); BIO_free(bio); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EC_POINT(void) { EXPECT_DECLS; #if !defined(WOLFSSL_SP_MATH) && \ (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))) #ifdef OPENSSL_EXTRA BN_CTX* ctx = NULL; EC_GROUP* group = NULL; #ifndef HAVE_ECC_BRAINPOOL EC_GROUP* group2 = NULL; #endif EC_POINT* Gxy = NULL; EC_POINT* new_point = NULL; EC_POINT* set_point = NULL; EC_POINT* infinity = NULL; BIGNUM* k = NULL; BIGNUM* Gx = NULL; BIGNUM* Gy = NULL; BIGNUM* Gz = NULL; BIGNUM* X = NULL; BIGNUM* Y = NULL; BIGNUM* set_point_bn = NULL; char* hexStr = NULL; const char* kTest = "F4F8338AFCC562C5C3F3E1E46A7EFECD" "17AF381913FF7A96314EA47055EA0FD0"; /* NISTP256R1 Gx/Gy */ const char* kGx = "6B17D1F2E12C4247F8BCE6E563A440F2" "77037D812DEB33A0F4A13945D898C296"; const char* kGy = "4FE342E2FE1A7F9B8EE7EB4A7C0F9E16" "2BCE33576B315ECECBB6406837BF51F5"; #ifndef HAVE_SELFTEST EC_POINT *tmp = NULL; size_t bin_len; unsigned int blen = 0; unsigned char* buf = NULL; unsigned char bufInf[1] = { 0x00 }; const char* uncompG = "046B17D1F2E12C4247F8BCE6E563A440F2" "77037D812DEB33A0F4A13945D898C296" "4FE342E2FE1A7F9B8EE7EB4A7C0F9E16" "2BCE33576B315ECECBB6406837BF51F5"; const unsigned char binUncompG[] = { 0x04, 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47, 0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2, 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0, 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96, 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b, 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16, 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce, 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5, }; const unsigned char binUncompGBad[] = { 0x09, 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47, 0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2, 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0, 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96, 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b, 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16, 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce, 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5, }; const char* compG = "036B17D1F2E12C4247F8BCE6E563A440F2" "77037D812DEB33A0F4A13945D898C296"; #ifdef HAVE_COMP_KEY const unsigned char binCompG[] = { 0x03, 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47, 0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2, 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0, 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96, }; #endif #endif ExpectNotNull(ctx = BN_CTX_new()); ExpectNotNull(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1)); #ifndef HAVE_ECC_BRAINPOOL /* Used to make groups curve_idx == -1. */ ExpectNotNull(group2 = EC_GROUP_new_by_curve_name(NID_brainpoolP256r1)); #endif ExpectNull(EC_POINT_new(NULL)); ExpectNotNull(Gxy = EC_POINT_new(group)); ExpectNotNull(new_point = EC_POINT_new(group)); ExpectNotNull(set_point = EC_POINT_new(group)); ExpectNotNull(X = BN_new()); ExpectNotNull(Y = BN_new()); ExpectNotNull(set_point_bn = BN_new()); ExpectNotNull(infinity = EC_POINT_new(group)); /* load test values */ ExpectIntEQ(BN_hex2bn(&k, kTest), WOLFSSL_SUCCESS); ExpectIntEQ(BN_hex2bn(&Gx, kGx), WOLFSSL_SUCCESS); ExpectIntEQ(BN_hex2bn(&Gy, kGy), WOLFSSL_SUCCESS); ExpectIntEQ(BN_hex2bn(&Gz, "1"), WOLFSSL_SUCCESS); /* populate coordinates for input point */ if (Gxy != NULL) { Gxy->X = Gx; Gxy->Y = Gy; Gxy->Z = Gz; } /* Test handling of NULL point. */ EC_POINT_clear_free(NULL); ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, NULL, NULL, NULL, ctx), 0); ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, NULL, NULL, NULL, ctx), 0); ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, Gxy, NULL, NULL, ctx), 0); ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, NULL, X, NULL, ctx), 0); ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, NULL, NULL, Y, ctx), 0); ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, Gxy, X, Y, ctx), 0); ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, NULL, X, Y, ctx), 0); ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, Gxy, NULL, Y, ctx), 0); ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, Gxy, X, NULL, ctx), 0); /* Getting point at infinity returns an error. */ ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, infinity, X, Y, ctx), 0); #if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \ !defined(HAVE_SELFTEST) && !defined(WOLFSSL_SP_MATH) && \ !defined(WOLF_CRYPTO_CB_ONLY_ECC) ExpectIntEQ(EC_POINT_add(NULL, NULL, NULL, NULL, ctx), 0); ExpectIntEQ(EC_POINT_add(group, NULL, NULL, NULL, ctx), 0); ExpectIntEQ(EC_POINT_add(NULL, new_point, NULL, NULL, ctx), 0); ExpectIntEQ(EC_POINT_add(NULL, NULL, new_point, NULL, ctx), 0); ExpectIntEQ(EC_POINT_add(NULL, NULL, NULL, Gxy, ctx), 0); ExpectIntEQ(EC_POINT_add(NULL, new_point, new_point, Gxy, ctx), 0); ExpectIntEQ(EC_POINT_add(group, NULL, new_point, Gxy, ctx), 0); ExpectIntEQ(EC_POINT_add(group, new_point, NULL, Gxy, ctx), 0); ExpectIntEQ(EC_POINT_add(group, new_point, new_point, NULL, ctx), 0); ExpectIntEQ(EC_POINT_mul(NULL, NULL, Gx, Gxy, k, ctx), 0); ExpectIntEQ(EC_POINT_mul(NULL, new_point, Gx, Gxy, k, ctx), 0); ExpectIntEQ(EC_POINT_mul(group, NULL, Gx, Gxy, k, ctx), 0); ExpectIntEQ(EC_POINT_add(group, new_point, new_point, Gxy, ctx), 1); /* perform point multiplication */ ExpectIntEQ(EC_POINT_mul(group, new_point, Gx, Gxy, k, ctx), 1); ExpectIntEQ(BN_is_zero(new_point->X), 0); ExpectIntEQ(BN_is_zero(new_point->Y), 0); ExpectIntEQ(BN_is_zero(new_point->Z), 0); ExpectIntEQ(EC_POINT_mul(group, new_point, NULL, Gxy, k, ctx), 1); ExpectIntEQ(BN_is_zero(new_point->X), 0); ExpectIntEQ(BN_is_zero(new_point->Y), 0); ExpectIntEQ(BN_is_zero(new_point->Z), 0); ExpectIntEQ(EC_POINT_mul(group, new_point, Gx, NULL, NULL, ctx), 1); ExpectIntEQ(BN_is_zero(new_point->X), 0); ExpectIntEQ(BN_is_zero(new_point->Y), 0); ExpectIntEQ(BN_is_zero(new_point->Z), 0); ExpectIntEQ(EC_POINT_mul(group, new_point, NULL, NULL, NULL, ctx), 1); ExpectIntEQ(BN_is_zero(new_point->X), 1); ExpectIntEQ(BN_is_zero(new_point->Y), 1); ExpectIntEQ(BN_is_zero(new_point->Z), 1); /* Set point to something. */ ExpectIntEQ(EC_POINT_add(group, new_point, Gxy, Gxy, ctx), 1); #else ExpectIntEQ(EC_POINT_set_affine_coordinates_GFp(group, new_point, Gx, Gy, ctx), 1); ExpectIntEQ(BN_is_zero(new_point->X), 0); ExpectIntEQ(BN_is_zero(new_point->Y), 0); ExpectIntEQ(BN_is_zero(new_point->Z), 0); #endif /* check if point X coordinate is zero */ ExpectIntEQ(BN_is_zero(new_point->X), 0); #if defined(USE_ECC_B_PARAM) && !defined(HAVE_SELFTEST) && \ (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0)) ExpectIntEQ(EC_POINT_is_on_curve(group, new_point, ctx), 1); #endif /* extract the coordinates from point */ ExpectIntEQ(EC_POINT_get_affine_coordinates_GFp(group, new_point, X, Y, ctx), WOLFSSL_SUCCESS); /* check if point X coordinate is zero */ ExpectIntEQ(BN_is_zero(X), WOLFSSL_FAILURE); /* set the same X and Y points in another object */ ExpectIntEQ(EC_POINT_set_affine_coordinates_GFp(group, set_point, X, Y, ctx), WOLFSSL_SUCCESS); /* compare points as they should be the same */ ExpectIntEQ(EC_POINT_cmp(NULL, NULL, NULL, ctx), -1); ExpectIntEQ(EC_POINT_cmp(group, NULL, NULL, ctx), -1); ExpectIntEQ(EC_POINT_cmp(NULL, new_point, NULL, ctx), -1); ExpectIntEQ(EC_POINT_cmp(NULL, NULL, set_point, ctx), -1); ExpectIntEQ(EC_POINT_cmp(NULL, new_point, set_point, ctx), -1); ExpectIntEQ(EC_POINT_cmp(group, NULL, set_point, ctx), -1); ExpectIntEQ(EC_POINT_cmp(group, new_point, NULL, ctx), -1); ExpectIntEQ(EC_POINT_cmp(group, new_point, set_point, ctx), 0); /* Test copying */ ExpectIntEQ(EC_POINT_copy(NULL, NULL), 0); ExpectIntEQ(EC_POINT_copy(NULL, set_point), 0); ExpectIntEQ(EC_POINT_copy(new_point, NULL), 0); ExpectIntEQ(EC_POINT_copy(new_point, set_point), 1); /* Test inverting */ ExpectIntEQ(EC_POINT_invert(NULL, NULL, ctx), 0); ExpectIntEQ(EC_POINT_invert(NULL, new_point, ctx), 0); ExpectIntEQ(EC_POINT_invert(group, NULL, ctx), 0); ExpectIntEQ(EC_POINT_invert(group, new_point, ctx), 1); #if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \ !defined(HAVE_SELFTEST) && !defined(WOLFSSL_SP_MATH) && \ !defined(WOLF_CRYPTO_CB_ONLY_ECC) { EC_POINT* orig_point = NULL; ExpectNotNull(orig_point = EC_POINT_new(group)); ExpectIntEQ(EC_POINT_add(group, orig_point, set_point, set_point, NULL), 1); /* new_point should be set_point inverted so adding it will revert * the point back to set_point */ ExpectIntEQ(EC_POINT_add(group, orig_point, orig_point, new_point, NULL), 1); ExpectIntEQ(EC_POINT_cmp(group, orig_point, set_point, NULL), 0); EC_POINT_free(orig_point); } #endif /* Test getting affine converts from projective. */ ExpectIntEQ(EC_POINT_copy(set_point, new_point), 1); /* Force non-affine coordinates */ ExpectIntEQ(BN_add(new_point->Z, (WOLFSSL_BIGNUM*)BN_value_one(), (WOLFSSL_BIGNUM*)BN_value_one()), 1); if (new_point != NULL) { new_point->inSet = 0; } /* extract the coordinates from point */ ExpectIntEQ(EC_POINT_get_affine_coordinates_GFp(group, new_point, X, Y, ctx), WOLFSSL_SUCCESS); /* check if point ordinates have changed. */ ExpectIntNE(BN_cmp(X, set_point->X), 0); ExpectIntNE(BN_cmp(Y, set_point->Y), 0); /* Test check for infinity */ #ifndef WOLF_CRYPTO_CB_ONLY_ECC ExpectIntEQ(EC_POINT_is_at_infinity(NULL, NULL), 0); ExpectIntEQ(EC_POINT_is_at_infinity(NULL, infinity), 0); ExpectIntEQ(EC_POINT_is_at_infinity(group, NULL), 0); ExpectIntEQ(EC_POINT_is_at_infinity(group, infinity), 1); ExpectIntEQ(EC_POINT_is_at_infinity(group, Gxy), 0); #else ExpectIntEQ(EC_POINT_is_at_infinity(group, infinity), 0); #endif ExpectPtrEq(EC_POINT_point2bn(group, set_point, POINT_CONVERSION_UNCOMPRESSED, set_point_bn, ctx), set_point_bn); /* check bn2hex */ hexStr = BN_bn2hex(k); ExpectStrEQ(hexStr, kTest); #if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) && \ defined(XFPRINTF) BN_print_fp(stderr, k); fprintf(stderr, "\n"); #endif XFREE(hexStr, NULL, DYNAMIC_TYPE_ECC); hexStr = BN_bn2hex(Gx); ExpectStrEQ(hexStr, kGx); #if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) && \ defined(XFPRINTF) BN_print_fp(stderr, Gx); fprintf(stderr, "\n"); #endif XFREE(hexStr, NULL, DYNAMIC_TYPE_ECC); hexStr = BN_bn2hex(Gy); ExpectStrEQ(hexStr, kGy); #if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) && \ defined(XFPRINTF) BN_print_fp(stderr, Gy); fprintf(stderr, "\n"); #endif XFREE(hexStr, NULL, DYNAMIC_TYPE_ECC); #ifndef HAVE_SELFTEST /* Test point to hex */ ExpectNull(EC_POINT_point2hex(NULL, NULL, POINT_CONVERSION_UNCOMPRESSED, ctx)); ExpectNull(EC_POINT_point2hex(NULL, Gxy, POINT_CONVERSION_UNCOMPRESSED, ctx)); ExpectNull(EC_POINT_point2hex(group, NULL, POINT_CONVERSION_UNCOMPRESSED, ctx)); #ifndef HAVE_ECC_BRAINPOOL /* Group not supported in wolfCrypt. */ ExpectNull(EC_POINT_point2hex(group2, Gxy, POINT_CONVERSION_UNCOMPRESSED, ctx)); #endif hexStr = EC_POINT_point2hex(group, Gxy, POINT_CONVERSION_UNCOMPRESSED, ctx); ExpectNotNull(hexStr); ExpectStrEQ(hexStr, uncompG); XFREE(hexStr, NULL, DYNAMIC_TYPE_ECC); hexStr = EC_POINT_point2hex(group, Gxy, POINT_CONVERSION_COMPRESSED, ctx); ExpectNotNull(hexStr); ExpectStrEQ(hexStr, compG); XFREE(hexStr, NULL, DYNAMIC_TYPE_ECC); /* Test point to oct */ ExpectIntEQ(EC_POINT_point2oct(NULL, NULL, POINT_CONVERSION_UNCOMPRESSED, NULL, 0, ctx), 0); ExpectIntEQ(EC_POINT_point2oct(NULL, Gxy, POINT_CONVERSION_UNCOMPRESSED, NULL, 0, ctx), 0); ExpectIntEQ(EC_POINT_point2oct(group, NULL, POINT_CONVERSION_UNCOMPRESSED, NULL, 0, ctx), 0); bin_len = EC_POINT_point2oct(group, Gxy, POINT_CONVERSION_UNCOMPRESSED, NULL, 0, ctx); ExpectIntEQ(bin_len, sizeof(binUncompG)); ExpectNotNull(buf = (unsigned char*)XMALLOC(bin_len, NULL, DYNAMIC_TYPE_ECC)); ExpectIntEQ(EC_POINT_point2oct(group, Gxy, POINT_CONVERSION_UNCOMPRESSED, buf, bin_len, ctx), bin_len); ExpectIntEQ(XMEMCMP(buf, binUncompG, sizeof(binUncompG)), 0); XFREE(buf, NULL, DYNAMIC_TYPE_ECC); /* Infinity (x=0, y=0) encodes as '0x00'. */ ExpectIntEQ(EC_POINT_point2oct(group, infinity, POINT_CONVERSION_UNCOMPRESSED, NULL, 0, ctx), 1); ExpectIntEQ(EC_POINT_point2oct(group, infinity, POINT_CONVERSION_UNCOMPRESSED, bufInf, 0, ctx), 0); ExpectIntEQ(EC_POINT_point2oct(group, infinity, POINT_CONVERSION_UNCOMPRESSED, bufInf, 1, ctx), 1); ExpectIntEQ(bufInf[0], 0); wolfSSL_EC_POINT_dump(NULL, NULL); /* Test point i2d */ ExpectIntEQ(ECPoint_i2d(NULL, NULL, NULL, &blen), 0); ExpectIntEQ(ECPoint_i2d(NULL, Gxy, NULL, &blen), 0); ExpectIntEQ(ECPoint_i2d(group, NULL, NULL, &blen), 0); ExpectIntEQ(ECPoint_i2d(group, Gxy, NULL, NULL), 0); ExpectIntEQ(ECPoint_i2d(group, Gxy, NULL, &blen), 1); ExpectIntEQ(blen, sizeof(binUncompG)); ExpectNotNull(buf = (unsigned char*)XMALLOC(blen, NULL, DYNAMIC_TYPE_ECC)); blen -= 1; ExpectIntEQ(ECPoint_i2d(group, Gxy, buf, &blen), 0); blen += 1; ExpectIntEQ(ECPoint_i2d(group, Gxy, buf, &blen), 1); ExpectIntEQ(XMEMCMP(buf, binUncompG, sizeof(binUncompG)), 0); XFREE(buf, NULL, DYNAMIC_TYPE_ECC); #ifdef HAVE_COMP_KEY /* Test point to oct compressed */ bin_len = EC_POINT_point2oct(group, Gxy, POINT_CONVERSION_COMPRESSED, NULL, 0, ctx); ExpectIntEQ(bin_len, sizeof(binCompG)); ExpectNotNull(buf = (unsigned char*)XMALLOC(bin_len, NULL, DYNAMIC_TYPE_ECC)); ExpectIntEQ(EC_POINT_point2oct(group, Gxy, POINT_CONVERSION_COMPRESSED, buf, bin_len, ctx), bin_len); ExpectIntEQ(XMEMCMP(buf, binCompG, sizeof(binCompG)), 0); XFREE(buf, NULL, DYNAMIC_TYPE_ECC); #endif /* Test point BN */ ExpectNull(wolfSSL_EC_POINT_point2bn(NULL, NULL, POINT_CONVERSION_UNCOMPRESSED, NULL, ctx)); ExpectNull(wolfSSL_EC_POINT_point2bn(NULL, Gxy, POINT_CONVERSION_UNCOMPRESSED, NULL, ctx)); ExpectNull(wolfSSL_EC_POINT_point2bn(group, NULL, POINT_CONVERSION_UNCOMPRESSED, NULL, ctx)); ExpectNull(wolfSSL_EC_POINT_point2bn(group, Gxy, 0, NULL, ctx)); /* Test oct to point */ ExpectNotNull(tmp = EC_POINT_new(group)); ExpectIntEQ(EC_POINT_oct2point(NULL, NULL, binUncompG, sizeof(binUncompG), ctx), 0); ExpectIntEQ(EC_POINT_oct2point(NULL, tmp, binUncompG, sizeof(binUncompG), ctx), 0); ExpectIntEQ(EC_POINT_oct2point(group, NULL, binUncompG, sizeof(binUncompG), ctx), 0); ExpectIntEQ(EC_POINT_oct2point(group, tmp, binUncompGBad, sizeof(binUncompGBad), ctx), 0); ExpectIntEQ(EC_POINT_oct2point(group, tmp, binUncompG, sizeof(binUncompG), ctx), 1); ExpectIntEQ(EC_POINT_cmp(group, tmp, Gxy, ctx), 0); EC_POINT_free(tmp); tmp = NULL; /* Test setting BN ordinates. */ ExpectNotNull(tmp = EC_POINT_new(group)); ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, NULL, NULL, NULL, ctx), 0); ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, NULL, NULL, NULL, ctx), 0); ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, tmp, NULL, NULL, ctx), 0); ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, NULL, Gx, NULL, ctx), 0); ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, NULL, NULL, Gy, ctx), 0); ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, tmp, Gx, Gy, ctx), 0); ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, NULL, Gx, Gy, ctx), 0); ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, tmp, NULL, Gy, ctx), 0); ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, tmp, Gx, NULL, ctx), 0); ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, tmp, Gx, Gy, ctx), 1); EC_POINT_free(tmp); tmp = NULL; /* Test point d2i */ ExpectNotNull(tmp = EC_POINT_new(group)); ExpectIntEQ(ECPoint_d2i(NULL, sizeof(binUncompG), NULL, NULL), 0); ExpectIntEQ(ECPoint_d2i(binUncompG, sizeof(binUncompG), NULL, NULL), 0); ExpectIntEQ(ECPoint_d2i(NULL, sizeof(binUncompG), group, NULL), 0); ExpectIntEQ(ECPoint_d2i(NULL, sizeof(binUncompG), NULL, tmp), 0); ExpectIntEQ(ECPoint_d2i(NULL, sizeof(binUncompG), group, tmp), 0); ExpectIntEQ(ECPoint_d2i(binUncompG, sizeof(binUncompG), NULL, tmp), 0); ExpectIntEQ(ECPoint_d2i(binUncompG, sizeof(binUncompG), group, NULL), 0); ExpectIntEQ(ECPoint_d2i(binUncompGBad, sizeof(binUncompG), group, tmp), 0); ExpectIntEQ(ECPoint_d2i(binUncompG, sizeof(binUncompG), group, tmp), 1); ExpectIntEQ(EC_POINT_cmp(group, tmp, Gxy, ctx), 0); EC_POINT_free(tmp); tmp = NULL; #ifdef HAVE_COMP_KEY /* Test oct compressed to point */ ExpectNotNull(tmp = EC_POINT_new(group)); ExpectIntEQ(EC_POINT_oct2point(group, tmp, binCompG, sizeof(binCompG), ctx), 1); ExpectIntEQ(EC_POINT_cmp(group, tmp, Gxy, ctx), 0); EC_POINT_free(tmp); tmp = NULL; /* Test point d2i - compressed */ ExpectNotNull(tmp = EC_POINT_new(group)); ExpectIntEQ(ECPoint_d2i(binCompG, sizeof(binCompG), group, tmp), 1); ExpectIntEQ(EC_POINT_cmp(group, tmp, Gxy, ctx), 0); EC_POINT_free(tmp); tmp = NULL; #endif #endif /* test BN_mod_add */ ExpectIntEQ(BN_mod_add(new_point->Z, (WOLFSSL_BIGNUM*)BN_value_one(), (WOLFSSL_BIGNUM*)BN_value_one(), (WOLFSSL_BIGNUM*)BN_value_one(), NULL), 1); ExpectIntEQ(BN_is_zero(new_point->Z), 1); /* cleanup */ BN_free(X); BN_free(Y); BN_free(k); BN_free(set_point_bn); EC_POINT_free(infinity); EC_POINT_free(new_point); EC_POINT_free(set_point); EC_POINT_clear_free(Gxy); #ifndef HAVE_ECC_BRAINPOOL EC_GROUP_free(group2); #endif EC_GROUP_free(group); BN_CTX_free(ctx); #endif #endif /* !WOLFSSL_SP_MATH && ( !HAVE_FIPS || HAVE_FIPS_VERSION > 2) */ return EXPECT_RESULT(); } static int test_wolfSSL_SPAKE(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && !defined(WOLFSSL_ATECC508A) \ && !defined(WOLFSSL_ATECC608A) && !defined(HAVE_SELFTEST) && \ !defined(WOLFSSL_SP_MATH) && !defined(WOLF_CRYPTO_CB_ONLY_ECC) BIGNUM* x = NULL; /* kdc priv */ BIGNUM* y = NULL; /* client priv */ BIGNUM* w = NULL; /* shared value */ byte M_bytes[] = { /* uncompressed */ 0x04, /* x */ 0x88, 0x6e, 0x2f, 0x97, 0xac, 0xe4, 0x6e, 0x55, 0xba, 0x9d, 0xd7, 0x24, 0x25, 0x79, 0xf2, 0x99, 0x3b, 0x64, 0xe1, 0x6e, 0xf3, 0xdc, 0xab, 0x95, 0xaf, 0xd4, 0x97, 0x33, 0x3d, 0x8f, 0xa1, 0x2f, /* y */ 0x5f, 0xf3, 0x55, 0x16, 0x3e, 0x43, 0xce, 0x22, 0x4e, 0x0b, 0x0e, 0x65, 0xff, 0x02, 0xac, 0x8e, 0x5c, 0x7b, 0xe0, 0x94, 0x19, 0xc7, 0x85, 0xe0, 0xca, 0x54, 0x7d, 0x55, 0xa1, 0x2e, 0x2d, 0x20 }; EC_POINT* M = NULL; /* shared value */ byte N_bytes[] = { /* uncompressed */ 0x04, /* x */ 0xd8, 0xbb, 0xd6, 0xc6, 0x39, 0xc6, 0x29, 0x37, 0xb0, 0x4d, 0x99, 0x7f, 0x38, 0xc3, 0x77, 0x07, 0x19, 0xc6, 0x29, 0xd7, 0x01, 0x4d, 0x49, 0xa2, 0x4b, 0x4f, 0x98, 0xba, 0xa1, 0x29, 0x2b, 0x49, /* y */ 0x07, 0xd6, 0x0a, 0xa6, 0xbf, 0xad, 0xe4, 0x50, 0x08, 0xa6, 0x36, 0x33, 0x7f, 0x51, 0x68, 0xc6, 0x4d, 0x9b, 0xd3, 0x60, 0x34, 0x80, 0x8c, 0xd5, 0x64, 0x49, 0x0b, 0x1e, 0x65, 0x6e, 0xdb, 0xe7 }; EC_POINT* N = NULL; /* shared value */ EC_POINT* T = NULL; /* kdc pub */ EC_POINT* tmp1 = NULL; /* kdc pub */ EC_POINT* tmp2 = NULL; /* kdc pub */ EC_POINT* S = NULL; /* client pub */ EC_POINT* client_secret = NULL; EC_POINT* kdc_secret = NULL; EC_GROUP* group = NULL; BN_CTX* bn_ctx = NULL; /* Values taken from a test run of Kerberos 5 */ ExpectNotNull(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1)); ExpectNotNull(bn_ctx = BN_CTX_new()); ExpectNotNull(M = EC_POINT_new(group)); ExpectNotNull(N = EC_POINT_new(group)); ExpectNotNull(T = EC_POINT_new(group)); ExpectNotNull(tmp1 = EC_POINT_new(group)); ExpectNotNull(tmp2 = EC_POINT_new(group)); ExpectNotNull(S = EC_POINT_new(group)); ExpectNotNull(client_secret = EC_POINT_new(group)); ExpectNotNull(kdc_secret = EC_POINT_new(group)); ExpectIntEQ(BN_hex2bn(&x, "DAC3027CD692B4BDF0EDFE9B7D0E4E7" "E5D8768A725EAEEA6FC68EC239A17C0"), 1); ExpectIntEQ(BN_hex2bn(&y, "6F6A1D394E26B1655A54B26DCE30D49" "90CC47EBE08F809EF3FF7F6AEAABBB5"), 1); ExpectIntEQ(BN_hex2bn(&w, "1D992AB8BA851B9BA05353453D81EE9" "506AB395478F0AAB647752CF117B36250"), 1); ExpectIntEQ(EC_POINT_oct2point(group, M, M_bytes, sizeof(M_bytes), bn_ctx), 1); ExpectIntEQ(EC_POINT_oct2point(group, N, N_bytes, sizeof(N_bytes), bn_ctx), 1); /* Function pattern similar to ossl_keygen and ossl_result in krb5 */ /* kdc */ /* T=x*P+w*M */ /* All in one function call */ ExpectIntEQ(EC_POINT_mul(group, T, x, M, w, bn_ctx), 1); /* Spread into separate calls */ ExpectIntEQ(EC_POINT_mul(group, tmp1, x, NULL, NULL, bn_ctx), 1); ExpectIntEQ(EC_POINT_mul(group, tmp2, NULL, M, w, bn_ctx), 1); ExpectIntEQ(EC_POINT_add(group, tmp1, tmp1, tmp2, bn_ctx), 1); ExpectIntEQ(EC_POINT_cmp(group, T, tmp1, bn_ctx), 0); /* client */ /* S=y*P+w*N */ /* All in one function call */ ExpectIntEQ(EC_POINT_mul(group, S, y, N, w, bn_ctx), 1); /* Spread into separate calls */ ExpectIntEQ(EC_POINT_mul(group, tmp1, y, NULL, NULL, bn_ctx), 1); ExpectIntEQ(EC_POINT_mul(group, tmp2, NULL, N, w, bn_ctx), 1); ExpectIntEQ(EC_POINT_add(group, tmp1, tmp1, tmp2, bn_ctx), 1); ExpectIntEQ(EC_POINT_cmp(group, S, tmp1, bn_ctx), 0); /* K=y*(T-w*M) */ ExpectIntEQ(EC_POINT_mul(group, client_secret, NULL, M, w, bn_ctx), 1); ExpectIntEQ(EC_POINT_invert(group, client_secret, bn_ctx), 1); ExpectIntEQ(EC_POINT_add(group, client_secret, T, client_secret, bn_ctx), 1); ExpectIntEQ(EC_POINT_mul(group, client_secret, NULL, client_secret, y, bn_ctx), 1); /* kdc */ /* K=x*(S-w*N) */ ExpectIntEQ(EC_POINT_mul(group, kdc_secret, NULL, N, w, bn_ctx), 1); ExpectIntEQ(EC_POINT_invert(group, kdc_secret, bn_ctx), 1); ExpectIntEQ(EC_POINT_add(group, kdc_secret, S, kdc_secret, bn_ctx), 1); ExpectIntEQ(EC_POINT_mul(group, kdc_secret, NULL, kdc_secret, x, bn_ctx), 1); /* kdc_secret == client_secret */ ExpectIntEQ(EC_POINT_cmp(group, client_secret, kdc_secret, bn_ctx), 0); BN_free(x); BN_free(y); BN_free(w); EC_POINT_free(M); EC_POINT_free(N); EC_POINT_free(T); EC_POINT_free(tmp1); EC_POINT_free(tmp2); EC_POINT_free(S); EC_POINT_free(client_secret); EC_POINT_free(kdc_secret); EC_GROUP_free(group); BN_CTX_free(bn_ctx); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EC_KEY_generate(void) { EXPECT_DECLS; #ifdef OPENSSL_EXTRA WOLFSSL_EC_KEY* key = NULL; #ifndef HAVE_ECC_BRAINPOOL WOLFSSL_EC_GROUP* group = NULL; #endif ExpectNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); ExpectIntEQ(wolfSSL_EC_KEY_generate_key(NULL), 0); ExpectIntEQ(wolfSSL_EC_KEY_generate_key(key), 1); wolfSSL_EC_KEY_free(key); key = NULL; #ifndef HAVE_ECC_BRAINPOOL ExpectNotNull(group = wolfSSL_EC_GROUP_new_by_curve_name( NID_brainpoolP256r1)); ExpectNotNull(key = wolfSSL_EC_KEY_new()); ExpectIntEQ(wolfSSL_EC_KEY_set_group(key, group), 1); ExpectIntEQ(wolfSSL_EC_KEY_generate_key(key), 0); wolfSSL_EC_KEY_free(key); wolfSSL_EC_GROUP_free(group); #endif #endif return EXPECT_RESULT(); } static int test_EC_i2d(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(HAVE_FIPS) EC_KEY *key = NULL; EC_KEY *copy = NULL; int len = 0; unsigned char *buf = NULL; unsigned char *p = NULL; const unsigned char *tmp = NULL; const unsigned char octBad[] = { 0x09, 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47, 0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2, 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0, 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96, 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b, 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16, 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce, 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5, }; ExpectNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); ExpectIntEQ(EC_KEY_generate_key(key), 1); ExpectIntGT((len = i2d_EC_PUBKEY(key, NULL)), 0); ExpectNotNull(buf = (unsigned char*)XMALLOC(len, NULL, DYNAMIC_TYPE_TMP_BUFFER)); p = buf; ExpectIntEQ(i2d_EC_PUBKEY(key, &p), len); ExpectNull(o2i_ECPublicKey(NULL, NULL, -1)); ExpectNull(o2i_ECPublicKey(©, NULL, -1)); ExpectNull(o2i_ECPublicKey(&key, NULL, -1)); ExpectNull(o2i_ECPublicKey(NULL, &tmp, -1)); ExpectNull(o2i_ECPublicKey(NULL, NULL, 0)); ExpectNull(o2i_ECPublicKey(&key, NULL, 0)); ExpectNull(o2i_ECPublicKey(&key, &tmp, 0)); tmp = buf; ExpectNull(o2i_ECPublicKey(NULL, &tmp, 0)); ExpectNull(o2i_ECPublicKey(©, &tmp, 0)); ExpectNull(o2i_ECPublicKey(NULL, &tmp, -1)); ExpectNull(o2i_ECPublicKey(&key, &tmp, -1)); ExpectIntEQ(i2o_ECPublicKey(NULL, NULL), 0); ExpectIntEQ(i2o_ECPublicKey(NULL, &buf), 0); tmp = buf; ExpectNull(d2i_ECPrivateKey(NULL, &tmp, 0)); ExpectNull(d2i_ECPrivateKey(NULL, &tmp, 1)); ExpectNull(d2i_ECPrivateKey(©, &tmp, 0)); ExpectNull(d2i_ECPrivateKey(©, &tmp, 1)); ExpectNull(d2i_ECPrivateKey(&key, &tmp, 0)); ExpectIntEQ(i2d_ECPrivateKey(NULL, &p), 0); ExpectIntEQ(i2d_ECPrivateKey(NULL, NULL), 0); ExpectIntEQ(wolfSSL_EC_KEY_LoadDer(NULL, NULL, -1), -1); ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, NULL, -1, 0), -1); ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, NULL, -1, 0), -1); ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, buf, -1, 0), -1); ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, NULL, 0, 0), -1); ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, NULL, -1, WOLFSSL_EC_KEY_LOAD_PUBLIC), -1); ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, buf, len, WOLFSSL_EC_KEY_LOAD_PUBLIC), -1); ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, NULL, len, WOLFSSL_EC_KEY_LOAD_PUBLIC), -1); ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, buf, -1, WOLFSSL_EC_KEY_LOAD_PUBLIC), -1); ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, buf, len, 0), -1); ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, buf, len, WOLFSSL_EC_KEY_LOAD_PRIVATE), -1); ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, octBad, sizeof(octBad), WOLFSSL_EC_KEY_LOAD_PRIVATE), -1); ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, octBad, sizeof(octBad), WOLFSSL_EC_KEY_LOAD_PUBLIC), -1); XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); buf = NULL; buf = NULL; ExpectIntGT((len = i2d_ECPrivateKey(key, NULL)), 0); ExpectNotNull(buf = (unsigned char*)XMALLOC(len, NULL, DYNAMIC_TYPE_TMP_BUFFER)); p = buf; ExpectIntEQ(i2d_ECPrivateKey(key, &p), len); p = NULL; ExpectIntEQ(i2d_ECPrivateKey(key, &p), len); XFREE(p, NULL, DYNAMIC_TYPE_TMP_BUFFER); p = NULL; /* Bad point is also an invalid private key. */ tmp = octBad; ExpectNull(d2i_ECPrivateKey(©, &tmp, sizeof(octBad))); tmp = buf; ExpectNotNull(d2i_ECPrivateKey(©, &tmp, len)); XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); buf = NULL; buf = NULL; ExpectIntGT((len = i2o_ECPublicKey(key, NULL)), 0); ExpectNotNull(buf = (unsigned char*)XMALLOC(len, NULL, DYNAMIC_TYPE_TMP_BUFFER)); p = buf; ExpectIntGT((len = i2o_ECPublicKey(key, &p)), 0); p = NULL; ExpectIntGT((len = i2o_ECPublicKey(key, &p)), 0); tmp = buf; ExpectNotNull(o2i_ECPublicKey(©, &tmp, len)); tmp = octBad; ExpectNull(o2i_ECPublicKey(&key, &tmp, sizeof(octBad))); ExpectIntEQ(EC_KEY_check_key(NULL), 0); ExpectIntEQ(EC_KEY_check_key(key), 1); XFREE(p, NULL, DYNAMIC_TYPE_OPENSSL); XFREE(buf, NULL, DYNAMIC_TYPE_OPENSSL); EC_KEY_free(key); EC_KEY_free(copy); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EC_curve(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) int nid = NID_secp160k1; const char* nid_name = NULL; ExpectNull(EC_curve_nid2nist(NID_sha256)); ExpectNotNull(nid_name = EC_curve_nid2nist(nid)); ExpectIntEQ(XMEMCMP(nid_name, "K-160", XSTRLEN("K-160")), 0); ExpectIntEQ(EC_curve_nist2nid("INVALID"), 0); ExpectIntEQ(EC_curve_nist2nid(nid_name), nid); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EC_KEY_dup(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_CERTS) WOLFSSL_EC_KEY* ecKey = NULL; WOLFSSL_EC_KEY* dupKey = NULL; ecc_key* srcKey = NULL; ecc_key* destKey = NULL; ExpectNotNull(ecKey = wolfSSL_EC_KEY_new()); ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1); /* Valid cases */ ExpectNotNull(dupKey = wolfSSL_EC_KEY_dup(ecKey)); ExpectIntEQ(EC_KEY_check_key(dupKey), 1); /* Compare pubkey */ if (ecKey != NULL) { srcKey = (ecc_key*)ecKey->internal; } if (dupKey != NULL) { destKey = (ecc_key*)dupKey->internal; } ExpectIntEQ(wc_ecc_cmp_point(&srcKey->pubkey, &destKey->pubkey), 0); /* compare EC_GROUP */ ExpectIntEQ(wolfSSL_EC_GROUP_cmp(ecKey->group, dupKey->group, NULL), MP_EQ); /* compare EC_POINT */ ExpectIntEQ(wolfSSL_EC_POINT_cmp(ecKey->group, ecKey->pub_key, \ dupKey->pub_key, NULL), MP_EQ); /* compare BIGNUM */ ExpectIntEQ(wolfSSL_BN_cmp(ecKey->priv_key, dupKey->priv_key), MP_EQ); wolfSSL_EC_KEY_free(dupKey); dupKey = NULL; /* Invalid cases */ /* NULL key */ ExpectNull(dupKey = wolfSSL_EC_KEY_dup(NULL)); /* NULL ecc_key */ if (ecKey != NULL) { wc_ecc_free((ecc_key*)ecKey->internal); XFREE(ecKey->internal, NULL, DYNAMIC_TYPE_ECC); ecKey->internal = NULL; /* Set ecc_key to NULL */ } ExpectNull(dupKey = wolfSSL_EC_KEY_dup(ecKey)); wolfSSL_EC_KEY_free(ecKey); ecKey = NULL; wolfSSL_EC_KEY_free(dupKey); dupKey = NULL; /* NULL Group */ ExpectNotNull(ecKey = wolfSSL_EC_KEY_new()); ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1); if (ecKey != NULL) { wolfSSL_EC_GROUP_free(ecKey->group); ecKey->group = NULL; /* Set group to NULL */ } ExpectNull(dupKey = wolfSSL_EC_KEY_dup(ecKey)); wolfSSL_EC_KEY_free(ecKey); ecKey = NULL; wolfSSL_EC_KEY_free(dupKey); dupKey = NULL; /* NULL public key */ ExpectNotNull(ecKey = wolfSSL_EC_KEY_new()); ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1); if (ecKey != NULL) { wc_ecc_del_point((ecc_point*)ecKey->pub_key->internal); ecKey->pub_key->internal = NULL; /* Set ecc_point to NULL */ } ExpectNull(dupKey = wolfSSL_EC_KEY_dup(ecKey)); if (ecKey != NULL) { wolfSSL_EC_POINT_free(ecKey->pub_key); ecKey->pub_key = NULL; /* Set pub_key to NULL */ } ExpectNull(dupKey = wolfSSL_EC_KEY_dup(ecKey)); wolfSSL_EC_KEY_free(ecKey); ecKey = NULL; wolfSSL_EC_KEY_free(dupKey); dupKey = NULL; /* NULL private key */ ExpectNotNull(ecKey = wolfSSL_EC_KEY_new()); ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1); if (ecKey != NULL) { wolfSSL_BN_free(ecKey->priv_key); ecKey->priv_key = NULL; /* Set priv_key to NULL */ } ExpectNull(dupKey = wolfSSL_EC_KEY_dup(ecKey)); wolfSSL_EC_KEY_free(ecKey); ecKey = NULL; wolfSSL_EC_KEY_free(dupKey); dupKey = NULL; /* Test EC_KEY_up_ref */ ExpectNotNull(ecKey = wolfSSL_EC_KEY_new()); ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_EC_KEY_up_ref(NULL), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_EC_KEY_up_ref(ecKey), WOLFSSL_SUCCESS); /* reference count doesn't follow duplicate */ ExpectNotNull(dupKey = wolfSSL_EC_KEY_dup(ecKey)); ExpectIntEQ(wolfSSL_EC_KEY_up_ref(dupKey), WOLFSSL_SUCCESS); /* +1 */ ExpectIntEQ(wolfSSL_EC_KEY_up_ref(dupKey), WOLFSSL_SUCCESS); /* +2 */ wolfSSL_EC_KEY_free(dupKey); /* 3 */ wolfSSL_EC_KEY_free(dupKey); /* 2 */ wolfSSL_EC_KEY_free(dupKey); /* 1, free */ wolfSSL_EC_KEY_free(ecKey); /* 2 */ wolfSSL_EC_KEY_free(ecKey); /* 1, free */ #endif return EXPECT_RESULT(); } static int test_wolfSSL_EC_KEY_set_group(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && !defined(NO_ECC256) && !defined(NO_ECC_SECP) && \ defined(OPENSSL_EXTRA) EC_KEY *key = NULL; EC_GROUP *group = NULL; const EC_GROUP *group2 = NULL; ExpectNotNull(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1)); ExpectNotNull(key = EC_KEY_new()); ExpectNull(EC_KEY_get0_group(NULL)); ExpectIntEQ(EC_KEY_set_group(NULL, NULL), 0); ExpectIntEQ(EC_KEY_set_group(key, NULL), 0); ExpectIntEQ(EC_KEY_set_group(NULL, group), 0); ExpectIntEQ(EC_KEY_set_group(key, group), WOLFSSL_SUCCESS); ExpectNotNull(group2 = EC_KEY_get0_group(key)); ExpectIntEQ(EC_GROUP_cmp(group2, group, NULL), 0); EC_GROUP_free(group); EC_KEY_free(key); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EC_KEY_set_conv_form(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && defined(OPENSSL_EXTRA) && !defined(NO_BIO) BIO* bio = NULL; EC_KEY* key = NULL; /* Error condition: NULL key. */ ExpectIntLT(EC_KEY_get_conv_form(NULL), 0); ExpectNotNull(bio = BIO_new_file("./certs/ecc-keyPub.pem", "rb")); ExpectNotNull(key = PEM_read_bio_EC_PUBKEY(bio, NULL, NULL, NULL)); /* Conversion form defaults to uncompressed. */ ExpectIntEQ(EC_KEY_get_conv_form(key), POINT_CONVERSION_UNCOMPRESSED); #ifdef HAVE_COMP_KEY /* Explicitly set to compressed. */ EC_KEY_set_conv_form(key, POINT_CONVERSION_COMPRESSED); ExpectIntEQ(EC_KEY_get_conv_form(key), POINT_CONVERSION_COMPRESSED); #else /* Will still work just won't change anything. */ EC_KEY_set_conv_form(key, POINT_CONVERSION_COMPRESSED); ExpectIntEQ(EC_KEY_get_conv_form(key), POINT_CONVERSION_UNCOMPRESSED); EC_KEY_set_conv_form(key, POINT_CONVERSION_UNCOMPRESSED); ExpectIntEQ(EC_KEY_get_conv_form(key), POINT_CONVERSION_UNCOMPRESSED); #endif EC_KEY_set_conv_form(NULL, POINT_CONVERSION_UNCOMPRESSED); BIO_free(bio); EC_KEY_free(key); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EC_KEY_private_key(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_BIO) WOLFSSL_EC_KEY* key = NULL; WOLFSSL_BIGNUM* priv = NULL; WOLFSSL_BIGNUM* priv2 = NULL; WOLFSSL_BIGNUM* bn; ExpectNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); ExpectNotNull(priv = wolfSSL_BN_new()); ExpectNotNull(priv2 = wolfSSL_BN_new()); ExpectIntNE(BN_set_word(priv, 2), 0); ExpectIntNE(BN_set_word(priv2, 2), 0); ExpectNull(wolfSSL_EC_KEY_get0_private_key(NULL)); /* No private key set. */ ExpectNull(wolfSSL_EC_KEY_get0_private_key(key)); ExpectIntEQ(wolfSSL_EC_KEY_set_private_key(NULL, NULL), 0); ExpectIntEQ(wolfSSL_EC_KEY_set_private_key(key, NULL), 0); ExpectIntEQ(wolfSSL_EC_KEY_set_private_key(NULL, priv), 0); ExpectIntEQ(wolfSSL_EC_KEY_set_private_key(key, priv), 1); ExpectNotNull(bn = wolfSSL_EC_KEY_get0_private_key(key)); ExpectPtrNE(bn, priv); ExpectIntEQ(wolfSSL_EC_KEY_set_private_key(key, priv2), 1); ExpectNotNull(bn = wolfSSL_EC_KEY_get0_private_key(key)); ExpectPtrNE(bn, priv2); wolfSSL_BN_free(priv2); wolfSSL_BN_free(priv); wolfSSL_EC_KEY_free(key); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EC_KEY_public_key(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_BIO) WOLFSSL_EC_KEY* key = NULL; WOLFSSL_EC_POINT* pub = NULL; WOLFSSL_EC_POINT* point = NULL; ExpectNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); ExpectNull(wolfSSL_EC_KEY_get0_public_key(NULL)); ExpectNotNull(wolfSSL_EC_KEY_get0_public_key(key)); ExpectIntEQ(wolfSSL_EC_KEY_generate_key(key), 1); ExpectNotNull(pub = wolfSSL_EC_KEY_get0_public_key(key)); ExpectIntEQ(wolfSSL_EC_KEY_set_public_key(NULL, NULL), 0); ExpectIntEQ(wolfSSL_EC_KEY_set_public_key(key, NULL), 0); ExpectIntEQ(wolfSSL_EC_KEY_set_public_key(NULL, pub), 0); ExpectIntEQ(wolfSSL_EC_KEY_set_public_key(key, pub), 1); ExpectNotNull(point = wolfSSL_EC_KEY_get0_public_key(key)); ExpectPtrEq(point, pub); wolfSSL_EC_KEY_free(key); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EC_KEY_print_fp(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && ((defined(HAVE_ECC224) && defined(HAVE_ECC256)) || \ defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 224 && \ defined(OPENSSL_EXTRA) && defined(XFPRINTF) && !defined(NO_FILESYSTEM) && \ !defined(NO_STDIO_FILESYSTEM) EC_KEY* key = NULL; /* Bad file pointer. */ ExpectIntEQ(wolfSSL_EC_KEY_print_fp(NULL, key, 0), WOLFSSL_FAILURE); /* NULL key. */ ExpectIntEQ(wolfSSL_EC_KEY_print_fp(stderr, NULL, 0), WOLFSSL_FAILURE); ExpectNotNull((key = wolfSSL_EC_KEY_new_by_curve_name(NID_secp224r1))); /* Negative indent. */ ExpectIntEQ(wolfSSL_EC_KEY_print_fp(stderr, key, -1), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_EC_KEY_print_fp(stderr, key, 4), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_EC_KEY_generate_key(key), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_EC_KEY_print_fp(stderr, key, 4), WOLFSSL_SUCCESS); wolfSSL_EC_KEY_free(key); ExpectNotNull((key = wolfSSL_EC_KEY_new_by_curve_name( NID_X9_62_prime256v1))); ExpectIntEQ(wolfSSL_EC_KEY_generate_key(key), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_EC_KEY_print_fp(stderr, key, 4), WOLFSSL_SUCCESS); wolfSSL_EC_KEY_free(key); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EC_get_builtin_curves(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) EC_builtin_curve* curves = NULL; size_t crv_len = 0; size_t i = 0; ExpectIntGT((crv_len = EC_get_builtin_curves(NULL, 0)), 0); ExpectNotNull(curves = (EC_builtin_curve*)XMALLOC( sizeof(EC_builtin_curve) * crv_len, NULL, DYNAMIC_TYPE_TMP_BUFFER)); ExpectIntEQ((EC_get_builtin_curves(curves, 0)), crv_len); ExpectIntEQ(EC_get_builtin_curves(curves, crv_len), crv_len); for (i = 0; EXPECT_SUCCESS() && (i < crv_len); i++) { if (curves[i].comment != NULL) { ExpectStrEQ(OBJ_nid2sn(curves[i].nid), curves[i].comment); } } if (crv_len > 1) { ExpectIntEQ(EC_get_builtin_curves(curves, crv_len - 1), crv_len - 1); } XFREE(curves, NULL, DYNAMIC_TYPE_TMP_BUFFER); #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ #endif /* OPENSSL_EXTRA || OPENSSL_ALL */ return EXPECT_RESULT(); } static int test_wolfSSL_ECDSA_SIG(void) { EXPECT_DECLS; #ifdef OPENSSL_EXTRA WOLFSSL_ECDSA_SIG* sig = NULL; WOLFSSL_ECDSA_SIG* sig2 = NULL; WOLFSSL_BIGNUM* r = NULL; WOLFSSL_BIGNUM* s = NULL; const WOLFSSL_BIGNUM* r2 = NULL; const WOLFSSL_BIGNUM* s2 = NULL; const unsigned char* cp = NULL; unsigned char* p = NULL; unsigned char outSig[8]; unsigned char sigData[8] = { 0x30, 0x06, 0x02, 0x01, 0x01, 0x02, 0x01, 0x01 }; unsigned char sigDataBad[8] = { 0x30, 0x07, 0x02, 0x01, 0x01, 0x02, 0x01, 0x01 }; wolfSSL_ECDSA_SIG_free(NULL); ExpectNotNull(sig = wolfSSL_ECDSA_SIG_new()); ExpectNotNull(r = wolfSSL_BN_new()); ExpectNotNull(s = wolfSSL_BN_new()); ExpectIntEQ(wolfSSL_BN_set_word(r, 1), 1); ExpectIntEQ(wolfSSL_BN_set_word(s, 1), 1); wolfSSL_ECDSA_SIG_get0(NULL, NULL, NULL); wolfSSL_ECDSA_SIG_get0(NULL, &r2, NULL); wolfSSL_ECDSA_SIG_get0(NULL, NULL, &s2); wolfSSL_ECDSA_SIG_get0(NULL, &r2, &s2); ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(NULL, NULL, NULL), 0); ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(sig, NULL, NULL), 0); ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(NULL, r, NULL), 0); ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(NULL, NULL, s), 0); ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(NULL, r, s), 0); ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(sig, NULL, s), 0); ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(sig, r, NULL), 0); r2 = NULL; s2 = NULL; wolfSSL_ECDSA_SIG_get0(NULL, &r2, &s2); ExpectNull(r2); ExpectNull(s2); ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(sig, r, s), 1); if (EXPECT_FAIL()) { wolfSSL_BN_free(r); wolfSSL_BN_free(s); } wolfSSL_ECDSA_SIG_get0(sig, &r2, &s2); ExpectPtrEq(r2, r); ExpectPtrEq(s2, s); r2 = NULL; wolfSSL_ECDSA_SIG_get0(sig, &r2, NULL); ExpectPtrEq(r2, r); s2 = NULL; wolfSSL_ECDSA_SIG_get0(sig, NULL, &s2); ExpectPtrEq(s2, s); /* r and s are freed when sig is freed. */ wolfSSL_ECDSA_SIG_free(sig); sig = NULL; ExpectNull(wolfSSL_d2i_ECDSA_SIG(NULL, NULL, sizeof(sigData))); cp = sigDataBad; ExpectNull(wolfSSL_d2i_ECDSA_SIG(NULL, &cp, sizeof(sigDataBad))); cp = sigData; ExpectNotNull((sig = wolfSSL_d2i_ECDSA_SIG(NULL, &cp, sizeof(sigData)))); ExpectIntEQ((cp == sigData + 8), 1); cp = sigData; ExpectNull(wolfSSL_d2i_ECDSA_SIG(&sig, NULL, sizeof(sigData))); ExpectNotNull((sig2 = wolfSSL_d2i_ECDSA_SIG(&sig, &cp, sizeof(sigData)))); ExpectIntEQ((sig == sig2), 1); cp = outSig; p = outSig; ExpectIntEQ(wolfSSL_i2d_ECDSA_SIG(NULL, &p), 0); ExpectIntEQ(wolfSSL_i2d_ECDSA_SIG(NULL, NULL), 0); ExpectIntEQ(wolfSSL_i2d_ECDSA_SIG(sig, NULL), 8); ExpectIntEQ(wolfSSL_i2d_ECDSA_SIG(sig, &p), sizeof(sigData)); ExpectIntEQ((p == outSig + 8), 1); ExpectIntEQ(XMEMCMP(sigData, outSig, 8), 0); wolfSSL_ECDSA_SIG_free(sig); #endif return EXPECT_RESULT(); } static int test_ECDSA_size_sign(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ECC256) && !defined(NO_ECC_SECP) EC_KEY* key = NULL; ECDSA_SIG* ecdsaSig = NULL; int id; byte hash[WC_MAX_DIGEST_SIZE]; byte hash2[WC_MAX_DIGEST_SIZE]; byte sig[ECC_MAX_SIG_SIZE]; unsigned int sigSz = sizeof(sig); XMEMSET(hash, 123, sizeof(hash)); XMEMSET(hash2, 234, sizeof(hash2)); id = wc_ecc_get_curve_id_from_name("SECP256R1"); ExpectIntEQ(id, ECC_SECP256R1); ExpectNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); ExpectIntEQ(EC_KEY_generate_key(key), 1); ExpectIntGE(ECDSA_size(NULL), 0); ExpectIntEQ(ECDSA_sign(0, hash, sizeof(hash), sig, &sigSz, NULL), 0); ExpectIntEQ(ECDSA_sign(0, NULL, sizeof(hash), sig, &sigSz, key), 0); ExpectIntEQ(ECDSA_sign(0, hash, sizeof(hash), NULL, &sigSz, key), 0); ExpectIntEQ(ECDSA_verify(0, hash, sizeof(hash), sig, sigSz, NULL), 0); ExpectIntEQ(ECDSA_verify(0, NULL, sizeof(hash), sig, sigSz, key), 0); ExpectIntEQ(ECDSA_verify(0, hash, sizeof(hash), NULL, sigSz, key), 0); ExpectIntEQ(ECDSA_sign(0, hash, sizeof(hash), sig, &sigSz, key), 1); ExpectIntGE(ECDSA_size(key), sigSz); ExpectIntEQ(ECDSA_verify(0, hash, sizeof(hash), sig, sigSz, key), 1); ExpectIntEQ(ECDSA_verify(0, hash2, sizeof(hash2), sig, sigSz, key), 0); ExpectNull(ECDSA_do_sign(NULL, sizeof(hash), NULL)); ExpectNull(ECDSA_do_sign(NULL, sizeof(hash), key)); ExpectNull(ECDSA_do_sign(hash, sizeof(hash), NULL)); ExpectNotNull(ecdsaSig = ECDSA_do_sign(hash, sizeof(hash), key)); ExpectIntEQ(ECDSA_do_verify(NULL, sizeof(hash), NULL, NULL), -1); ExpectIntEQ(ECDSA_do_verify(hash, sizeof(hash), NULL, NULL), -1); ExpectIntEQ(ECDSA_do_verify(NULL, sizeof(hash), ecdsaSig, NULL), -1); ExpectIntEQ(ECDSA_do_verify(NULL, sizeof(hash), NULL, key), -1); ExpectIntEQ(ECDSA_do_verify(NULL, sizeof(hash), ecdsaSig, key), -1); ExpectIntEQ(ECDSA_do_verify(hash, sizeof(hash), NULL, key), -1); ExpectIntEQ(ECDSA_do_verify(hash, sizeof(hash), ecdsaSig, NULL), -1); ExpectIntEQ(ECDSA_do_verify(hash, sizeof(hash), ecdsaSig, key), 1); ExpectIntEQ(ECDSA_do_verify(hash2, sizeof(hash2), ecdsaSig, key), 0); ECDSA_SIG_free(ecdsaSig); EC_KEY_free(key); #endif /* OPENSSL_EXTRA && !NO_ECC256 && !NO_ECC_SECP */ return EXPECT_RESULT(); } static int test_ECDH_compute_key(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_ECC256) && !defined(NO_ECC_SECP) && \ !defined(WOLF_CRYPTO_CB_ONLY_ECC) EC_KEY* key1 = NULL; EC_KEY* key2 = NULL; EC_POINT* pub1 = NULL; EC_POINT* pub2 = NULL; byte secret1[32]; byte secret2[32]; int i; ExpectNotNull(key1 = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); ExpectIntEQ(EC_KEY_generate_key(key1), 1); ExpectNotNull(pub1 = wolfSSL_EC_KEY_get0_public_key(key1)); ExpectNotNull(key2 = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); ExpectIntEQ(EC_KEY_generate_key(key2), 1); ExpectNotNull(pub2 = wolfSSL_EC_KEY_get0_public_key(key2)); ExpectIntEQ(ECDH_compute_key(NULL, sizeof(secret1), NULL, NULL, NULL), 0); ExpectIntEQ(ECDH_compute_key(secret1, sizeof(secret1), NULL, NULL, NULL), 0); ExpectIntEQ(ECDH_compute_key(NULL, sizeof(secret1), pub2, NULL, NULL), 0); ExpectIntEQ(ECDH_compute_key(NULL, sizeof(secret1), NULL, key1, NULL), 0); ExpectIntEQ(ECDH_compute_key(NULL, sizeof(secret1), pub2, key1, NULL), 0); ExpectIntEQ(ECDH_compute_key(secret1, sizeof(secret1), NULL, key1, NULL), 0); ExpectIntEQ(ECDH_compute_key(secret1, sizeof(secret1), pub2, NULL, NULL), 0); ExpectIntEQ(ECDH_compute_key(secret1, sizeof(secret1) - 16, pub2, key1, NULL), 0); ExpectIntEQ(ECDH_compute_key(secret1, sizeof(secret1), pub2, key1, NULL), sizeof(secret1)); ExpectIntEQ(ECDH_compute_key(secret2, sizeof(secret2), pub1, key2, NULL), sizeof(secret2)); for (i = 0; i < (int)sizeof(secret1); i++) { ExpectIntEQ(secret1[i], secret2[i]); } EC_KEY_free(key2); EC_KEY_free(key1); #endif /* OPENSSL_EXTRA && !NO_ECC256 && !NO_ECC_SECP && * !WOLF_CRYPTO_CB_ONLY_ECC */ return EXPECT_RESULT(); } #endif /* HAVE_ECC && !OPENSSL_NO_PK */ #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && \ !defined(NO_ASN_TIME) static int test_openssl_make_self_signed_certificate(EVP_PKEY* pkey, int expectedDerSz) { EXPECT_DECLS; X509* x509 = NULL; BIGNUM* serial_number = NULL; X509_NAME* name = NULL; time_t epoch_off = 0; ASN1_INTEGER* asn1_serial_number; long not_before, not_after; int derSz; ExpectNotNull(x509 = X509_new()); ExpectIntNE(X509_set_pubkey(x509, pkey), 0); ExpectNotNull(serial_number = BN_new()); ExpectIntNE(BN_pseudo_rand(serial_number, 64, 0, 0), 0); ExpectNotNull(asn1_serial_number = X509_get_serialNumber(x509)); ExpectNotNull(BN_to_ASN1_INTEGER(serial_number, asn1_serial_number)); /* version 3 */ ExpectIntNE(X509_set_version(x509, 2L), 0); ExpectNotNull(name = X509_NAME_new()); ExpectIntNE(X509_NAME_add_entry_by_NID(name, NID_commonName, MBSTRING_UTF8, (unsigned char*)"www.wolfssl.com", -1, -1, 0), 0); ExpectIntNE(X509_NAME_add_entry_by_NID(name, NID_pkcs9_contentType, MBSTRING_UTF8,(unsigned char*)"Server", -1, -1, 0), 0); ExpectIntNE(X509_set_subject_name(x509, name), 0); ExpectIntNE(X509_set_issuer_name(x509, name), 0); not_before = (long)wc_Time(NULL); not_after = not_before + (365 * 24 * 60 * 60); ExpectNotNull(X509_time_adj(X509_get_notBefore(x509), not_before, &epoch_off)); ExpectNotNull(X509_time_adj(X509_get_notAfter(x509), not_after, &epoch_off)); ExpectIntNE(X509_sign(x509, pkey, EVP_sha256()), 0); ExpectNotNull(wolfSSL_X509_get_der(x509, &derSz)); ExpectIntGE(derSz, expectedDerSz); BN_free(serial_number); X509_NAME_free(name); X509_free(x509); return EXPECT_RESULT(); } #endif static int test_openssl_generate_key_and_cert(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) int expectedDerSz; EVP_PKEY* pkey = NULL; #ifdef HAVE_ECC EC_KEY* ec_key = NULL; #endif #if !defined(NO_RSA) int key_length = 2048; BIGNUM* exponent = NULL; RSA* rsa = NULL; ExpectNotNull(pkey = EVP_PKEY_new()); ExpectNotNull(exponent = BN_new()); ExpectNotNull(rsa = RSA_new()); ExpectIntNE(BN_set_word(exponent, WC_RSA_EXPONENT), 0); #ifndef WOLFSSL_KEY_GEN ExpectIntEQ(RSA_generate_key_ex(rsa, key_length, exponent, NULL), 0); #if defined(USE_CERT_BUFFERS_1024) ExpectIntNE(wolfSSL_RSA_LoadDer_ex(rsa, server_key_der_1024, sizeof_server_key_der_1024, WOLFSSL_RSA_LOAD_PRIVATE), 0); key_length = 1024; #elif defined(USE_CERT_BUFFERS_2048) ExpectIntNE(wolfSSL_RSA_LoadDer_ex(rsa, server_key_der_2048, sizeof_server_key_der_2048, WOLFSSL_RSA_LOAD_PRIVATE), 0); #else RSA_free(rsa); rsa = NULL; #endif #else ExpectIntEQ(RSA_generate_key_ex(NULL, key_length, exponent, NULL), 0); ExpectIntEQ(RSA_generate_key_ex(rsa, 0, exponent, NULL), 0); ExpectIntEQ(RSA_generate_key_ex(rsa, key_length, NULL, NULL), 0); ExpectIntNE(RSA_generate_key_ex(rsa, key_length, exponent, NULL), 0); #endif if (rsa) { ExpectIntNE(EVP_PKEY_assign_RSA(pkey, rsa), 0); if (EXPECT_FAIL()) { RSA_free(rsa); } #if !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && \ defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME) expectedDerSz = 743; ExpectIntEQ(test_openssl_make_self_signed_certificate(pkey, expectedDerSz), TEST_SUCCESS); #endif } EVP_PKEY_free(pkey); pkey = NULL; BN_free(exponent); #endif /* !NO_RSA */ #ifdef HAVE_ECC ExpectNotNull(pkey = EVP_PKEY_new()); ExpectNotNull(ec_key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); #ifndef NO_WOLFSSL_STUB EC_KEY_set_asn1_flag(ec_key, OPENSSL_EC_NAMED_CURVE); #endif ExpectIntNE(EC_KEY_generate_key(ec_key), 0); ExpectIntNE(EVP_PKEY_assign_EC_KEY(pkey, ec_key), 0); if (EXPECT_FAIL()) { EC_KEY_free(ec_key); } #if !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && \ defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME) expectedDerSz = 344; ExpectIntEQ(test_openssl_make_self_signed_certificate(pkey, expectedDerSz), TEST_SUCCESS); #endif EVP_PKEY_free(pkey); #endif /* HAVE_ECC */ (void)pkey; (void)expectedDerSz; #endif /* OPENSSL_EXTRA */ return EXPECT_RESULT(); } static int test_stubs_are_stubs(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_WOLFSSL_STUB) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) WOLFSSL_CTX* ctx = NULL; WOLFSSL_CTX* ctxN = NULL; #ifndef NO_WOLFSSL_CLIENT ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); #elif !defined(NO_WOLFSSL_SERVER) ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); #endif #define CHECKZERO_RET(x, y, z) ExpectIntEQ((int) x(y), 0); \ ExpectIntEQ((int) x(z), 0) /* test logic, all stubs return same result regardless of ctx being NULL * as there are no sanity checks, it's just a stub! If at some * point a stub is not a stub it should begin to return BAD_FUNC_ARG * if invalid inputs are supplied. Test calling both * with and without valid inputs, if a stub functionality remains unchanged. */ CHECKZERO_RET(wolfSSL_CTX_sess_accept, ctx, ctxN); CHECKZERO_RET(wolfSSL_CTX_sess_connect, ctx, ctxN); CHECKZERO_RET(wolfSSL_CTX_sess_accept_good, ctx, ctxN); CHECKZERO_RET(wolfSSL_CTX_sess_connect_good, ctx, ctxN); CHECKZERO_RET(wolfSSL_CTX_sess_accept_renegotiate, ctx, ctxN); CHECKZERO_RET(wolfSSL_CTX_sess_connect_renegotiate, ctx, ctxN); CHECKZERO_RET(wolfSSL_CTX_sess_hits, ctx, ctxN); CHECKZERO_RET(wolfSSL_CTX_sess_cb_hits, ctx, ctxN); CHECKZERO_RET(wolfSSL_CTX_sess_cache_full, ctx, ctxN); CHECKZERO_RET(wolfSSL_CTX_sess_misses, ctx, ctxN); CHECKZERO_RET(wolfSSL_CTX_sess_timeouts, ctx, ctxN); wolfSSL_CTX_free(ctx); ctx = NULL; #endif /* OPENSSL_EXTRA && !NO_WOLFSSL_STUB && (!NO_WOLFSSL_CLIENT || * !NO_WOLFSSL_SERVER) */ return EXPECT_RESULT(); } static int test_CONF_modules_xxx(void) { int res = TEST_SKIPPED; #if defined(OPENSSL_EXTRA) CONF_modules_free(); CONF_modules_unload(0); CONF_modules_unload(1); CONF_modules_unload(-1); res = TEST_SUCCESS; #endif /* OPENSSL_EXTRA */ return res; } static int test_CRYPTO_set_dynlock_xxx(void) { int res = TEST_SKIPPED; #if defined(OPENSSL_EXTRA) CRYPTO_set_dynlock_create_callback( (struct CRYPTO_dynlock_value *(*)(const char*, int))NULL); CRYPTO_set_dynlock_create_callback( (struct CRYPTO_dynlock_value *(*)(const char*, int))1); CRYPTO_set_dynlock_destroy_callback( (void (*)(struct CRYPTO_dynlock_value*, const char*, int))NULL); CRYPTO_set_dynlock_destroy_callback( (void (*)(struct CRYPTO_dynlock_value*, const char*, int))1); CRYPTO_set_dynlock_lock_callback( (void (*)(int, struct CRYPTO_dynlock_value *, const char*, int))NULL); CRYPTO_set_dynlock_lock_callback( (void (*)(int, struct CRYPTO_dynlock_value *, const char*, int))1); res = TEST_SUCCESS; #endif /* OPENSSL_EXTRA */ return res; } static int test_CRYPTO_THREADID_xxx(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) CRYPTO_THREADID_current((CRYPTO_THREADID*)NULL); CRYPTO_THREADID_current((CRYPTO_THREADID*)1); ExpectIntEQ(CRYPTO_THREADID_hash((const CRYPTO_THREADID*)NULL), 0); #endif /* OPENSSL_EXTRA */ return EXPECT_RESULT(); } static int test_ENGINE_cleanup(void) { int res = TEST_SKIPPED; #if defined(OPENSSL_EXTRA) ENGINE_cleanup(); res = TEST_SUCCESS; #endif /* OPENSSL_EXTRA */ return res; } static int test_wolfSSL_CTX_LoadCRL(void) { EXPECT_DECLS; #if defined(HAVE_CRL) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; const char* badPath = "dummypath"; const char* validPath = "./certs/crl"; const char* validFilePath = "./certs/crl/cliCrl.pem"; const char* issuerCert = "./certs/client-cert.pem"; int derType = WOLFSSL_FILETYPE_ASN1; int pemType = WOLFSSL_FILETYPE_PEM; #ifdef HAVE_CRL_MONITOR int monitor = WOLFSSL_CRL_MONITOR; #else int monitor = 0; #endif WOLFSSL_CERT_MANAGER* cm = NULL; #define FAIL_T1(x, y, z, p, d) ExpectIntEQ((int) x(y, z, p, d), \ BAD_FUNC_ARG) #define FAIL_T2(x, y, z, p, d) ExpectIntEQ((int) x(y, z, p, d), \ NOT_COMPILED_IN) #define SUCC_T(x, y, z, p, d) ExpectIntEQ((int) x(y, z, p, d), \ WOLFSSL_SUCCESS) #ifndef NO_WOLFSSL_CLIENT #define NEW_CTX(ctx) ExpectNotNull( \ (ctx) = wolfSSL_CTX_new(wolfSSLv23_client_method())) #elif !defined(NO_WOLFSSL_SERVER) #define NEW_CTX(ctx) ExpectNotNull( \ (ctx) = wolfSSL_CTX_new(wolfSSLv23_server_method())) #else #define NEW_CTX(ctx) return #endif FAIL_T1(wolfSSL_CTX_LoadCRL, ctx, validPath, pemType, monitor); NEW_CTX(ctx); #ifndef HAVE_CRL_MONITOR FAIL_T2(wolfSSL_CTX_LoadCRL, ctx, validPath, pemType, WOLFSSL_CRL_MONITOR); wolfSSL_CTX_free(ctx); NEW_CTX(ctx); #endif SUCC_T (wolfSSL_CTX_LoadCRL, ctx, validPath, pemType, monitor); SUCC_T (wolfSSL_CTX_LoadCRL, ctx, badPath, pemType, monitor); SUCC_T (wolfSSL_CTX_LoadCRL, ctx, badPath, derType, monitor); wolfSSL_CTX_free(ctx); ctx = NULL; NEW_CTX(ctx); ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, issuerCert, NULL), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx, validFilePath, pemType), WOLFSSL_SUCCESS); wolfSSL_CTX_free(ctx); ctx = NULL; NEW_CTX(ctx); ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, issuerCert, NULL), WOLFSSL_SUCCESS); ExpectNotNull(ssl = wolfSSL_new(ctx)); ExpectIntEQ(wolfSSL_LoadCRLFile(ssl, validFilePath, pemType), WOLFSSL_SUCCESS); wolfSSL_free(ssl); ssl = NULL; wolfSSL_CTX_free(ctx); ctx = NULL; ExpectNotNull(cm = wolfSSL_CertManagerNew()); ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm, issuerCert, NULL), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CertManagerLoadCRLFile(cm, validFilePath, pemType), WOLFSSL_SUCCESS); wolfSSL_CertManagerFree(cm); #endif return EXPECT_RESULT(); } #if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(HAVE_CRL) static int test_multiple_crls_same_issuer_ctx_ready(WOLFSSL_CTX* ctx) { EXPECT_DECLS; wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL); ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx, "./certs/crl/crl.pem", WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); return EXPECT_RESULT(); } #endif static int test_multiple_crls_same_issuer(void) { EXPECT_DECLS; #if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(HAVE_CRL) test_ssl_cbf client_cbs, server_cbs; struct { const char* server_cert; const char* server_key; } test_params[] = { { "./certs/server-cert.pem", "./certs/server-key.pem" }, { "./certs/server-revoked-cert.pem", "./certs/server-revoked-key.pem" } }; size_t i; for (i = 0; i < (sizeof(test_params)/sizeof(*test_params)); i++) { XMEMSET(&client_cbs, 0, sizeof(client_cbs)); XMEMSET(&server_cbs, 0, sizeof(server_cbs)); server_cbs.certPemFile = test_params[i].server_cert; server_cbs.keyPemFile = test_params[i].server_key; client_cbs.crlPemFile = "./certs/crl/extra-crls/general-server-crl.pem"; client_cbs.ctx_ready = test_multiple_crls_same_issuer_ctx_ready; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbs, &server_cbs, NULL), TEST_FAIL); } #endif return EXPECT_RESULT(); } static int test_SetTmpEC_DHE_Sz(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && !defined(NO_WOLFSSL_CLIENT) WOLFSSL_CTX *ctx = NULL; WOLFSSL *ssl = NULL; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpEC_DHE_Sz(ctx, 32)); ExpectNotNull(ssl = wolfSSL_new(ctx)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetTmpEC_DHE_Sz(ssl, 32)); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_wolfSSL_CTX_get0_privatekey(void) { EXPECT_DECLS; #ifdef OPENSSL_ALL WOLFSSL_CTX* ctx = NULL; (void)ctx; #ifndef NO_RSA ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_method())); ExpectNull(SSL_CTX_get0_privatekey(ctx)); ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM)); ExpectNull(SSL_CTX_get0_privatekey(ctx)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(SSL_CTX_get0_privatekey(ctx)); wolfSSL_CTX_free(ctx); ctx = NULL; #endif #ifdef HAVE_ECC ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_method())); ExpectNull(SSL_CTX_get0_privatekey(ctx)); ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, eccCertFile, WOLFSSL_FILETYPE_PEM)); ExpectNull(SSL_CTX_get0_privatekey(ctx)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, eccKeyFile, WOLFSSL_FILETYPE_PEM)); ExpectNotNull(SSL_CTX_get0_privatekey(ctx)); wolfSSL_CTX_free(ctx); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_dtls_set_mtu(void) { EXPECT_DECLS; #if (defined(WOLFSSL_DTLS_MTU) || defined(WOLFSSL_SCTP)) && \ !defined(NO_WOLFSSL_SERVER) && defined(WOLFSSL_DTLS) && \ !defined(WOLFSSL_NO_TLS12) WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; const char* testCertFile; const char* testKeyFile; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method())); #ifndef NO_RSA testCertFile = svrCertFile; testKeyFile = svrKeyFile; #elif defined(HAVE_ECC) testCertFile = eccCertFile; testKeyFile = eccKeyFile; #endif if (testCertFile != NULL && testKeyFile != NULL) { ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, testCertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, testKeyFile, WOLFSSL_FILETYPE_PEM)); } ExpectNotNull(ssl = wolfSSL_new(ctx)); ExpectIntEQ(wolfSSL_CTX_dtls_set_mtu(NULL, 1488), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_dtls_set_mtu(NULL, 1488), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_dtls_set_mtu(ctx, 20000), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_dtls_set_mtu(ssl, 20000), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_get_error(ssl, WOLFSSL_FAILURE), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_dtls_set_mtu(ctx, 1488), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_dtls_set_mtu(ssl, 1488), WOLFSSL_SUCCESS); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } #if defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(SINGLE_THREADED) && \ defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) static WC_INLINE void generateDTLSMsg(byte* out, int outSz, word32 seq, enum HandShakeType hsType, word16 length) { size_t idx = 0; byte* l; /* record layer */ /* handshake type */ out[idx++] = handshake; /* protocol version */ out[idx++] = 0xfe; out[idx++] = 0xfd; /* DTLS 1.2 */ /* epoch 0 */ XMEMSET(out + idx, 0, 2); idx += 2; /* sequence number */ XMEMSET(out + idx, 0, 6); c32toa(seq, out + idx + 2); idx += 6; /* length in BE */ if (length) c16toa(length, out + idx); else c16toa(outSz - idx - 2, out + idx); idx += 2; /* handshake layer */ /* handshake type */ out[idx++] = (byte)hsType; /* length */ l = out + idx; idx += 3; /* message seq */ c16toa(0, out + idx); idx += 2; /* frag offset */ c32to24(0, out + idx); idx += 3; /* frag length */ c32to24((word32)outSz - (word32)idx - 3, l); c32to24((word32)outSz - (word32)idx - 3, out + idx); idx += 3; XMEMSET(out + idx, 0, outSz - idx); } static void test_wolfSSL_dtls_plaintext_server(WOLFSSL* ssl) { byte msg[] = "This is a msg for the client"; byte reply[40]; AssertIntGT(wolfSSL_read(ssl, reply, sizeof(reply)),0); reply[sizeof(reply) - 1] = '\0'; fprintf(stderr, "Client message: %s\n", reply); AssertIntEQ(wolfSSL_write(ssl, msg, sizeof(msg)), sizeof(msg)); } static void test_wolfSSL_dtls_plaintext_client(WOLFSSL* ssl) { byte ch[50]; int fd = wolfSSL_get_fd(ssl); byte msg[] = "This is a msg for the server"; byte reply[40]; generateDTLSMsg(ch, sizeof(ch), 20, client_hello, 0); /* Server should ignore this datagram */ AssertIntEQ(send(fd, ch, sizeof(ch), 0), sizeof(ch)); generateDTLSMsg(ch, sizeof(ch), 20, client_hello, 10000); /* Server should ignore this datagram */ AssertIntEQ(send(fd, ch, sizeof(ch), 0), sizeof(ch)); AssertIntEQ(wolfSSL_write(ssl, msg, sizeof(msg)), sizeof(msg)); AssertIntGT(wolfSSL_read(ssl, reply, sizeof(reply)),0); reply[sizeof(reply) - 1] = '\0'; fprintf(stderr, "Server response: %s\n", reply); } static int test_wolfSSL_dtls_plaintext(void) { callback_functions func_cb_client; callback_functions func_cb_server; size_t i; struct test_params { method_provider client_meth; method_provider server_meth; ssl_callback on_result_server; ssl_callback on_result_client; } params[] = { {wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method, test_wolfSSL_dtls_plaintext_server, test_wolfSSL_dtls_plaintext_client}, }; for (i = 0; i < sizeof(params)/sizeof(*params); i++) { XMEMSET(&func_cb_client, 0, sizeof(callback_functions)); XMEMSET(&func_cb_server, 0, sizeof(callback_functions)); func_cb_client.doUdp = func_cb_server.doUdp = 1; func_cb_server.method = params[i].server_meth; func_cb_client.method = params[i].client_meth; func_cb_client.on_result = params[i].on_result_client; func_cb_server.on_result = params[i].on_result_server; test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server); if (!func_cb_client.return_code) return TEST_FAIL; if (!func_cb_server.return_code) return TEST_FAIL; } return TEST_RES_CHECK(1); } #else static int test_wolfSSL_dtls_plaintext(void) { return TEST_SKIPPED; } #endif #if defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(SINGLE_THREADED) && \ defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) static void test_wolfSSL_dtls12_fragments_spammer(WOLFSSL* ssl) { byte b[1100]; /* buffer for the messages to send */ size_t idx = 0; size_t seq_offset = 0; size_t msg_offset = 0; int i; int fd = wolfSSL_get_fd(ssl); int ret = wolfSSL_connect_cert(ssl); /* This gets us past the cookie */ word32 seq_number = 100; /* start high so server definitely reads this */ word16 msg_number = 50; /* start high so server has to buffer this */ AssertIntEQ(ret, 1); /* Now let's start spamming the peer with fragments it needs to store */ XMEMSET(b, -1, sizeof(b)); /* record layer */ /* handshake type */ b[idx++] = 22; /* protocol version */ b[idx++] = 0xfe; b[idx++] = 0xfd; /* DTLS 1.2 */ /* epoch 0 */ XMEMSET(b + idx, 0, 2); idx += 2; /* sequence number */ XMEMSET(b + idx, 0, 6); seq_offset = idx + 2; /* increment only the low 32 bits */ idx += 6; /* static length in BE */ c16toa(42, b + idx); idx += 2; /* handshake layer */ /* cert type */ b[idx++] = 11; /* length */ c32to24(1000, b + idx); idx += 3; /* message seq */ c16toa(0, b + idx); msg_offset = idx; idx += 2; /* frag offset */ c32to24(500, b + idx); idx += 3; /* frag length */ c32to24(30, b + idx); idx += 3; (void)idx; /* inhibit clang-analyzer-deadcode.DeadStores */ for (i = 0; i < DTLS_POOL_SZ * 2 && ret > 0; seq_number++, msg_number++, i++) { struct timespec delay; XMEMSET(&delay, 0, sizeof(delay)); delay.tv_nsec = 10000000; /* wait 0.01 seconds */ c32toa(seq_number, b + seq_offset); c16toa(msg_number, b + msg_offset); ret = (int)send(fd, b, 55, 0); nanosleep(&delay, NULL); } } #ifdef WOLFSSL_DTLS13 static void test_wolfSSL_dtls13_fragments_spammer(WOLFSSL* ssl) { const word16 sendCountMax = 100; byte b[150]; /* buffer for the messages to send */ size_t idx = 0; size_t msg_offset = 0; int fd = wolfSSL_get_fd(ssl); word16 msg_number = 10; /* start high so server has to buffer this */ int ret = wolfSSL_connect_cert(ssl); /* This gets us past the cookie */ AssertIntEQ(ret, 1); /* Now let's start spamming the peer with fragments it needs to store */ XMEMSET(b, -1, sizeof(b)); /* handshake type */ b[idx++] = 11; /* length */ c32to24(10000, b + idx); idx += 3; /* message_seq */ msg_offset = idx; idx += 2; /* fragment_offset */ c32to24(5000, b + idx); idx += 3; /* fragment_length */ c32to24(100, b + idx); idx += 3; /* fragment contents */ idx += 100; for (; ret > 0 && msg_number < sendCountMax; msg_number++) { byte sendBuf[150]; int sendSz = sizeof(sendBuf); struct timespec delay; XMEMSET(&delay, 0, sizeof(delay)); delay.tv_nsec = 10000000; /* wait 0.01 seconds */ c16toa(msg_number, b + msg_offset); sendSz = BuildTls13Message(ssl, sendBuf, sendSz, b, (int)idx, handshake, 0, 0, 0); ret = (int)send(fd, sendBuf, (size_t)sendSz, 0); nanosleep(&delay, NULL); } } #endif static int test_wolfSSL_dtls_fragments(void) { EXPECT_DECLS; callback_functions func_cb_client; callback_functions func_cb_server; size_t i; struct test_params { method_provider client_meth; method_provider server_meth; ssl_callback spammer; } params[] = { #if !defined(WOLFSSL_NO_TLS12) {wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method, test_wolfSSL_dtls12_fragments_spammer}, #endif #ifdef WOLFSSL_DTLS13 {wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method, test_wolfSSL_dtls13_fragments_spammer}, #endif }; for (i = 0; i < sizeof(params)/sizeof(*params); i++) { XMEMSET(&func_cb_client, 0, sizeof(callback_functions)); XMEMSET(&func_cb_server, 0, sizeof(callback_functions)); func_cb_client.doUdp = func_cb_server.doUdp = 1; func_cb_server.method = params[i].server_meth; func_cb_client.method = params[i].client_meth; func_cb_client.ssl_ready = params[i].spammer; test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server); ExpectFalse(func_cb_client.return_code); ExpectFalse(func_cb_server.return_code); /* The socket should be closed by the server resulting in a * socket error, fatal error or reading a close notify alert */ if (func_cb_client.last_err != SOCKET_ERROR_E && func_cb_client.last_err != WOLFSSL_ERROR_ZERO_RETURN && func_cb_client.last_err != FATAL_ERROR) { ExpectIntEQ(func_cb_client.last_err, SOCKET_ERROR_E); } /* Check the server returned an error indicating the msg buffer * was full */ ExpectIntEQ(func_cb_server.last_err, DTLS_TOO_MANY_FRAGMENTS_E); if (EXPECT_FAIL()) break; } return EXPECT_RESULT(); } static void test_wolfSSL_dtls_send_alert(WOLFSSL* ssl) { int fd, ret; byte alert_msg[] = { 0x15, /* alert type */ 0xfe, 0xfd, /* version */ 0x00, 0x00, /* epoch */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, /* seq number */ 0x00, 0x02, /* length */ 0x02, /* level: fatal */ 0x46 /* protocol version */ }; fd = wolfSSL_get_fd(ssl); ret = (int)send(fd, alert_msg, sizeof(alert_msg), 0); AssertIntGT(ret, 0); } static int _test_wolfSSL_ignore_alert_before_cookie(byte version12) { callback_functions client_cbs, server_cbs; XMEMSET(&client_cbs, 0, sizeof(client_cbs)); XMEMSET(&server_cbs, 0, sizeof(server_cbs)); client_cbs.doUdp = server_cbs.doUdp = 1; if (version12) { #if !defined(WOLFSSL_NO_TLS12) client_cbs.method = wolfDTLSv1_2_client_method; server_cbs.method = wolfDTLSv1_2_server_method; #else return TEST_SKIPPED; #endif } else { #ifdef WOLFSSL_DTLS13 client_cbs.method = wolfDTLSv1_3_client_method; server_cbs.method = wolfDTLSv1_3_server_method; #else return TEST_SKIPPED; #endif /* WOLFSSL_DTLS13 */ } client_cbs.ssl_ready = test_wolfSSL_dtls_send_alert; test_wolfSSL_client_server_nofail(&client_cbs, &server_cbs); if (!client_cbs.return_code) return TEST_FAIL; if (!server_cbs.return_code) return TEST_FAIL; return TEST_SUCCESS; } static int test_wolfSSL_ignore_alert_before_cookie(void) { int ret; ret =_test_wolfSSL_ignore_alert_before_cookie(0); if (ret != 0) return ret; ret =_test_wolfSSL_ignore_alert_before_cookie(1); if (ret != 0) return ret; return 0; } static void test_wolfSSL_send_bad_record(WOLFSSL* ssl) { int ret; int fd; byte bad_msg[] = { 0x17, /* app data */ 0xaa, 0xfd, /* bad version */ 0x00, 0x01, /* epoch 1 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x55, /* not seen seq number */ 0x00, 0x26, /* length: 38 bytes */ 0xae, 0x30, 0x31, 0xb1, 0xf1, 0xb9, 0x6f, 0xda, 0x17, 0x19, 0xd9, 0x57, 0xa9, 0x9d, 0x5c, 0x51, 0x9b, 0x53, 0x63, 0xa5, 0x24, 0x70, 0xa1, 0xae, 0xdf, 0x1c, 0xb9, 0xfc, 0xe3, 0xd7, 0x77, 0x6d, 0xb6, 0x89, 0x0f, 0x03, 0x18, 0x72 }; fd = wolfSSL_get_fd(ssl); AssertIntGE(fd, 0); ret = (int)send(fd, bad_msg, sizeof(bad_msg), 0); AssertIntEQ(ret, sizeof(bad_msg)); ret = wolfSSL_write(ssl, "badrecordtest", sizeof("badrecordtest")); AssertIntEQ(ret, sizeof("badrecordtest")); } static void test_wolfSSL_read_string(WOLFSSL* ssl) { byte buf[100]; int ret; ret = wolfSSL_read(ssl, buf, sizeof(buf)); AssertIntGT(ret, 0); AssertIntEQ(strcmp((char*)buf, "badrecordtest"), 0); } static int _test_wolfSSL_dtls_bad_record( method_provider client_method, method_provider server_method) { callback_functions client_cbs, server_cbs; XMEMSET(&client_cbs, 0, sizeof(client_cbs)); XMEMSET(&server_cbs, 0, sizeof(server_cbs)); client_cbs.doUdp = server_cbs.doUdp = 1; client_cbs.method = client_method; server_cbs.method = server_method; client_cbs.on_result = test_wolfSSL_send_bad_record; server_cbs.on_result = test_wolfSSL_read_string; test_wolfSSL_client_server_nofail(&client_cbs, &server_cbs); if (!client_cbs.return_code) return TEST_FAIL; if (!server_cbs.return_code) return TEST_FAIL; return TEST_SUCCESS; } static int test_wolfSSL_dtls_bad_record(void) { int ret = TEST_SUCCESS; #if !defined(WOLFSSL_NO_TLS12) ret = _test_wolfSSL_dtls_bad_record(wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method); #endif #ifdef WOLFSSL_DTLS13 if (ret == TEST_SUCCESS) { ret = _test_wolfSSL_dtls_bad_record(wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method); } #endif /* WOLFSSL_DTLS13 */ return ret; } #else static int test_wolfSSL_dtls_fragments(void) { return TEST_SKIPPED; } static int test_wolfSSL_ignore_alert_before_cookie(void) { return TEST_SKIPPED; } static int test_wolfSSL_dtls_bad_record(void) { return TEST_SKIPPED; } #endif #if defined(WOLFSSL_DTLS13) && !defined(WOLFSSL_TLS13_IGNORE_AEAD_LIMITS) && \ !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \ defined(HAVE_IO_TESTS_DEPENDENCIES) static byte test_AEAD_fail_decryption = 0; static byte test_AEAD_seq_num = 0; static byte test_AEAD_done = 0; static int test_AEAD_cbiorecv(WOLFSSL *ssl, char *buf, int sz, void *ctx) { int ret = (int)recv(wolfSSL_get_fd(ssl), buf, sz, 0); if (ret > 0) { if (test_AEAD_fail_decryption) { /* Modify the packet to trigger a decryption failure */ buf[ret/2] ^= 0xFF; if (test_AEAD_fail_decryption == 1) test_AEAD_fail_decryption = 0; } } (void)ctx; return ret; } static void test_AEAD_get_limits(WOLFSSL* ssl, w64wrapper* hardLimit, w64wrapper* keyUpdateLimit, w64wrapper* sendLimit) { if (sendLimit) w64Zero(sendLimit); switch (ssl->specs.bulk_cipher_algorithm) { case wolfssl_aes_gcm: if (sendLimit) *sendLimit = AEAD_AES_LIMIT; FALL_THROUGH; case wolfssl_chacha: if (hardLimit) *hardLimit = DTLS_AEAD_AES_GCM_CHACHA_FAIL_LIMIT; if (keyUpdateLimit) *keyUpdateLimit = DTLS_AEAD_AES_GCM_CHACHA_FAIL_KU_LIMIT; break; case wolfssl_aes_ccm: if (sendLimit) *sendLimit = DTLS_AEAD_AES_CCM_LIMIT; if (ssl->specs.aead_mac_size == AES_CCM_8_AUTH_SZ) { if (hardLimit) *hardLimit = DTLS_AEAD_AES_CCM_8_FAIL_LIMIT; if (keyUpdateLimit) *keyUpdateLimit = DTLS_AEAD_AES_CCM_8_FAIL_KU_LIMIT; } else { if (hardLimit) *hardLimit = DTLS_AEAD_AES_CCM_FAIL_LIMIT; if (keyUpdateLimit) *keyUpdateLimit = DTLS_AEAD_AES_CCM_FAIL_KU_LIMIT; } break; default: fprintf(stderr, "Unrecognized bulk cipher"); AssertFalse(1); break; } } static void test_AEAD_limit_client(WOLFSSL* ssl) { int ret; int i; int didReKey = 0; char msgBuf[20]; w64wrapper hardLimit; w64wrapper keyUpdateLimit; w64wrapper counter; w64wrapper sendLimit; test_AEAD_get_limits(ssl, &hardLimit, &keyUpdateLimit, &sendLimit); w64Zero(&counter); AssertTrue(w64Equal(Dtls13GetEpoch(ssl, ssl->dtls13Epoch)->dropCount, counter)); wolfSSL_SSLSetIORecv(ssl, test_AEAD_cbiorecv); for (i = 0; i < 10; i++) { /* Test some failed decryptions */ test_AEAD_fail_decryption = 1; w64Increment(&counter); ret = wolfSSL_read(ssl, msgBuf, sizeof(msgBuf)); /* Should succeed since decryption failures are dropped */ AssertIntGT(ret, 0); AssertTrue(w64Equal(Dtls13GetEpoch(ssl, ssl->dtls13PeerEpoch)->dropCount, counter)); } test_AEAD_fail_decryption = 1; Dtls13GetEpoch(ssl, ssl->dtls13PeerEpoch)->dropCount = keyUpdateLimit; w64Increment(&Dtls13GetEpoch(ssl, ssl->dtls13PeerEpoch)->dropCount); /* 100 read calls should be enough to complete the key update */ w64Zero(&counter); for (i = 0; i < 100; i++) { /* Key update should be sent and negotiated */ ret = wolfSSL_read(ssl, msgBuf, sizeof(msgBuf)); AssertIntGT(ret, 0); /* Epoch after one key update is 4 */ if (w64Equal(ssl->dtls13PeerEpoch, w64From32(0, 4)) && w64Equal(Dtls13GetEpoch(ssl, ssl->dtls13PeerEpoch)->dropCount, counter)) { didReKey = 1; break; } } AssertTrue(didReKey); if (!w64IsZero(sendLimit)) { /* Test the sending limit for AEAD ciphers */ Dtls13GetEpoch(ssl, ssl->dtls13Epoch)->nextSeqNumber = sendLimit; test_AEAD_seq_num = 1; ret = wolfSSL_write(ssl, msgBuf, sizeof(msgBuf)); AssertIntGT(ret, 0); didReKey = 0; w64Zero(&counter); /* 100 read calls should be enough to complete the key update */ for (i = 0; i < 100; i++) { /* Key update should be sent and negotiated */ ret = wolfSSL_read(ssl, msgBuf, sizeof(msgBuf)); AssertIntGT(ret, 0); /* Epoch after another key update is 5 */ if (w64Equal(ssl->dtls13Epoch, w64From32(0, 5)) && w64Equal(Dtls13GetEpoch(ssl, ssl->dtls13Epoch)->dropCount, counter)) { didReKey = 1; break; } } AssertTrue(didReKey); } test_AEAD_fail_decryption = 2; Dtls13GetEpoch(ssl, ssl->dtls13PeerEpoch)->dropCount = hardLimit; w64Decrement(&Dtls13GetEpoch(ssl, ssl->dtls13PeerEpoch)->dropCount); /* Connection should fail with a DECRYPT_ERROR */ ret = wolfSSL_read(ssl, msgBuf, sizeof(msgBuf)); AssertIntEQ(ret, WOLFSSL_FATAL_ERROR); AssertIntEQ(wolfSSL_get_error(ssl, ret), DECRYPT_ERROR); test_AEAD_done = 1; } int counter = 0; static void test_AEAD_limit_server(WOLFSSL* ssl) { char msgBuf[] = "Sending data"; int ret = WOLFSSL_SUCCESS; w64wrapper sendLimit; SOCKET_T fd = wolfSSL_get_fd(ssl); struct timespec delay; XMEMSET(&delay, 0, sizeof(delay)); delay.tv_nsec = 100000000; /* wait 0.1 seconds */ tcp_set_nonblocking(&fd); /* So that read doesn't block */ wolfSSL_dtls_set_using_nonblock(ssl, 1); test_AEAD_get_limits(ssl, NULL, NULL, &sendLimit); while (!test_AEAD_done && ret > 0) { counter++; if (test_AEAD_seq_num) { /* We need to update the seq number so that we can understand the * peer. Otherwise we will incorrectly interpret the seq number. */ Dtls13Epoch* e = Dtls13GetEpoch(ssl, ssl->dtls13PeerEpoch); AssertNotNull(e); e->nextPeerSeqNumber = sendLimit; test_AEAD_seq_num = 0; } (void)wolfSSL_read(ssl, msgBuf, sizeof(msgBuf)); ret = wolfSSL_write(ssl, msgBuf, sizeof(msgBuf)); nanosleep(&delay, NULL); } } static int test_wolfSSL_dtls_AEAD_limit(void) { callback_functions func_cb_client; callback_functions func_cb_server; XMEMSET(&func_cb_client, 0, sizeof(callback_functions)); XMEMSET(&func_cb_server, 0, sizeof(callback_functions)); func_cb_client.doUdp = func_cb_server.doUdp = 1; func_cb_server.method = wolfDTLSv1_3_server_method; func_cb_client.method = wolfDTLSv1_3_client_method; func_cb_server.on_result = test_AEAD_limit_server; func_cb_client.on_result = test_AEAD_limit_client; test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server); if (!func_cb_client.return_code) return TEST_FAIL; if (!func_cb_server.return_code) return TEST_FAIL; return TEST_SUCCESS; } #else static int test_wolfSSL_dtls_AEAD_limit(void) { return TEST_SKIPPED; } #endif #if defined(WOLFSSL_DTLS) && \ defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(SINGLE_THREADED) static void test_wolfSSL_dtls_send_ch(WOLFSSL* ssl) { int fd, ret; byte ch_msg[] = { 0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xfa, 0x01, 0x00, 0x01, 0xee, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xee, 0xfe, 0xfd, 0xc0, 0xca, 0xb5, 0x6f, 0x3d, 0x23, 0xcc, 0x53, 0x9a, 0x67, 0x17, 0x70, 0xd3, 0xfb, 0x23, 0x16, 0x9e, 0x4e, 0xd6, 0x7e, 0x29, 0xab, 0xfa, 0x4c, 0xa5, 0x84, 0x95, 0xc3, 0xdb, 0x21, 0x9a, 0x52, 0x00, 0x00, 0x00, 0x36, 0x13, 0x01, 0x13, 0x02, 0x13, 0x03, 0xc0, 0x2c, 0xc0, 0x2b, 0xc0, 0x30, 0xc0, 0x2f, 0x00, 0x9f, 0x00, 0x9e, 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xc0, 0x27, 0xc0, 0x23, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x14, 0xc0, 0x13, 0x00, 0x6b, 0x00, 0x67, 0x00, 0x39, 0x00, 0x33, 0xcc, 0x14, 0xcc, 0x13, 0xcc, 0x15, 0x01, 0x00, 0x01, 0x8e, 0x00, 0x2b, 0x00, 0x03, 0x02, 0xfe, 0xfc, 0x00, 0x0d, 0x00, 0x20, 0x00, 0x1e, 0x06, 0x03, 0x05, 0x03, 0x04, 0x03, 0x02, 0x03, 0x08, 0x06, 0x08, 0x0b, 0x08, 0x05, 0x08, 0x0a, 0x08, 0x04, 0x08, 0x09, 0x06, 0x01, 0x05, 0x01, 0x04, 0x01, 0x03, 0x01, 0x02, 0x01, 0x00, 0x0a, 0x00, 0x0c, 0x00, 0x0a, 0x00, 0x19, 0x00, 0x18, 0x00, 0x17, 0x00, 0x15, 0x01, 0x00, 0x00, 0x16, 0x00, 0x00, 0x00, 0x33, 0x01, 0x4b, 0x01, 0x49, 0x00, 0x17, 0x00, 0x41, 0x04, 0x96, 0xcb, 0x2e, 0x4e, 0xd9, 0x88, 0x71, 0xc7, 0xf3, 0x1a, 0x16, 0xdd, 0x7a, 0x7c, 0xf7, 0x67, 0x8a, 0x5d, 0x9a, 0x55, 0xa6, 0x4a, 0x90, 0xd9, 0xfb, 0xc7, 0xfb, 0xbe, 0x09, 0xa9, 0x8a, 0xb5, 0x7a, 0xd1, 0xde, 0x83, 0x74, 0x27, 0x31, 0x1c, 0xaa, 0xae, 0xef, 0x58, 0x43, 0x13, 0x7d, 0x15, 0x4d, 0x7f, 0x68, 0xf6, 0x8a, 0x38, 0xef, 0x0e, 0xb3, 0xcf, 0xb8, 0x4a, 0xa9, 0xb4, 0xd7, 0xcb, 0x01, 0x00, 0x01, 0x00, 0x1d, 0x0a, 0x22, 0x8a, 0xd1, 0x78, 0x85, 0x1e, 0x5a, 0xe1, 0x1d, 0x1e, 0xb7, 0x2d, 0xbc, 0x5f, 0x52, 0xbc, 0x97, 0x5d, 0x8b, 0x6a, 0x8b, 0x9d, 0x1e, 0xb1, 0xfc, 0x8a, 0xb2, 0x56, 0xcd, 0xed, 0x4b, 0xfb, 0x66, 0x3f, 0x59, 0x3f, 0x15, 0x5d, 0x09, 0x9e, 0x2f, 0x60, 0x5b, 0x31, 0x81, 0x27, 0xf0, 0x1c, 0xda, 0xcd, 0x48, 0x66, 0xc6, 0xbb, 0x25, 0xf0, 0x5f, 0xda, 0x4c, 0xcf, 0x1d, 0x88, 0xc8, 0xda, 0x1b, 0x53, 0xea, 0xbd, 0xce, 0x6d, 0xf6, 0x4a, 0x76, 0xdb, 0x75, 0x99, 0xaf, 0xcf, 0x76, 0x4a, 0xfb, 0xe3, 0xef, 0xb2, 0xcb, 0xae, 0x4a, 0xc0, 0xe8, 0x63, 0x1f, 0xd6, 0xe8, 0xe6, 0x45, 0xf9, 0xea, 0x0d, 0x06, 0x19, 0xfc, 0xb1, 0xfd, 0x5d, 0x92, 0x89, 0x7b, 0xc7, 0x9f, 0x1a, 0xb3, 0x2b, 0xc7, 0xad, 0x0e, 0xfb, 0x13, 0x41, 0x83, 0x84, 0x58, 0x3a, 0x25, 0xb9, 0x49, 0x35, 0x1c, 0x23, 0xcb, 0xd6, 0xe7, 0xc2, 0x8c, 0x4b, 0x2a, 0x73, 0xa1, 0xdf, 0x4f, 0x73, 0x9b, 0xb3, 0xd2, 0xb2, 0x95, 0x00, 0x3c, 0x26, 0x09, 0x89, 0x71, 0x05, 0x39, 0xc8, 0x98, 0x8f, 0xed, 0x32, 0x15, 0x78, 0xcd, 0xd3, 0x7e, 0xfb, 0x5a, 0x78, 0x2a, 0xdc, 0xca, 0x20, 0x09, 0xb5, 0x14, 0xf9, 0xd4, 0x58, 0xf6, 0x69, 0xf8, 0x65, 0x9f, 0xb7, 0xe4, 0x93, 0xf1, 0xa3, 0x84, 0x7e, 0x1b, 0x23, 0x5d, 0xea, 0x59, 0x3e, 0x4d, 0xca, 0xfd, 0xa5, 0x55, 0xdd, 0x99, 0xb5, 0x02, 0xf8, 0x0d, 0xe5, 0xf4, 0x06, 0xb0, 0x43, 0x9e, 0x2e, 0xbf, 0x05, 0x33, 0x65, 0x7b, 0x13, 0x8c, 0xf9, 0x16, 0x4d, 0xc5, 0x15, 0x0b, 0x40, 0x2f, 0x66, 0x94, 0xf2, 0x43, 0x95, 0xe7, 0xa9, 0xb6, 0x39, 0x99, 0x73, 0xb3, 0xb0, 0x06, 0xfe, 0x52, 0x9e, 0x57, 0xba, 0x75, 0xfd, 0x76, 0x7b, 0x20, 0x31, 0x68, 0x4c }; fd = wolfSSL_get_fd(ssl); ret = (int)send(fd, ch_msg, sizeof(ch_msg), 0); AssertIntGT(ret, 0); /* consume the HRR otherwise handshake will fail */ ret = (int)recv(fd, ch_msg, sizeof(ch_msg), 0); AssertIntGT(ret, 0); } #if defined(WOLFSSL_DTLS13) && defined(WOLFSSL_SEND_HRR_COOKIE) static void test_wolfSSL_dtls_send_ch_with_invalid_cookie(WOLFSSL* ssl) { int fd, ret; byte ch_msh_invalid_cookie[] = { 0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x02, 0x4e, 0x01, 0x00, 0x02, 0x42, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x02, 0x42, 0xfe, 0xfd, 0x69, 0xca, 0x77, 0x60, 0x6f, 0xfc, 0xd1, 0x5b, 0x60, 0x5d, 0xf1, 0xa6, 0x5c, 0x44, 0x71, 0xae, 0xca, 0x62, 0x19, 0x0c, 0xb6, 0xf7, 0x2c, 0xa6, 0xd5, 0xd2, 0x99, 0x9d, 0x18, 0xae, 0xac, 0x11, 0x00, 0x00, 0x00, 0x36, 0x13, 0x01, 0x13, 0x02, 0x13, 0x03, 0xc0, 0x2c, 0xc0, 0x2b, 0xc0, 0x30, 0xc0, 0x2f, 0x00, 0x9f, 0x00, 0x9e, 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xc0, 0x27, 0xc0, 0x23, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x14, 0xc0, 0x13, 0x00, 0x6b, 0x00, 0x67, 0x00, 0x39, 0x00, 0x33, 0xcc, 0x14, 0xcc, 0x13, 0xcc, 0x15, 0x01, 0x00, 0x01, 0xe2, 0x00, 0x2b, 0x00, 0x03, 0x02, 0xfe, 0xfc, 0x00, 0x0d, 0x00, 0x20, 0x00, 0x1e, 0x06, 0x03, 0x05, 0x03, 0x04, 0x03, 0x02, 0x03, 0x08, 0x06, 0x08, 0x0b, 0x08, 0x05, 0x08, 0x0a, 0x08, 0x04, 0x08, 0x09, 0x06, 0x01, 0x05, 0x01, 0x04, 0x01, 0x03, 0x01, 0x02, 0x01, 0x00, 0x2c, 0x00, 0x45, 0x00, 0x43, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x2d, 0x00, 0x03, 0x02, 0x00, 0x01, 0x00, 0x0a, 0x00, 0x0c, 0x00, 0x0a, 0x00, 0x19, 0x00, 0x18, 0x00, 0x17, 0x00, 0x15, 0x01, 0x00, 0x00, 0x16, 0x00, 0x00, 0x00, 0x33, 0x01, 0x4b, 0x01, 0x49, 0x00, 0x17, 0x00, 0x41, 0x04, 0x7c, 0x5a, 0xc2, 0x5a, 0xfd, 0xcd, 0x2b, 0x08, 0xb2, 0xeb, 0x8e, 0xc0, 0x02, 0x03, 0x9d, 0xb1, 0xc1, 0x0d, 0x7b, 0x7f, 0x46, 0x43, 0xdf, 0xf3, 0xee, 0x2b, 0x78, 0x0e, 0x29, 0x8c, 0x42, 0x11, 0x2c, 0xde, 0xd7, 0x41, 0x0f, 0x28, 0x94, 0x80, 0x41, 0x70, 0xc4, 0x17, 0xfd, 0x6d, 0xfa, 0xee, 0x9a, 0xf2, 0xc4, 0x15, 0x4c, 0x5f, 0x54, 0xb6, 0x78, 0x6e, 0xf9, 0x63, 0x27, 0x33, 0xb8, 0x7b, 0x01, 0x00, 0x01, 0x00, 0xd4, 0x46, 0x62, 0x9c, 0xbf, 0x8f, 0x1b, 0x65, 0x9b, 0xf0, 0x29, 0x64, 0xd8, 0x50, 0x0e, 0x74, 0xf1, 0x58, 0x10, 0xc9, 0xd9, 0x82, 0x5b, 0xd9, 0xbe, 0x14, 0xdf, 0xde, 0x86, 0xb4, 0x2e, 0x15, 0xee, 0x4f, 0xf6, 0x74, 0x9e, 0x59, 0x11, 0x36, 0x2d, 0xb9, 0x67, 0xaa, 0x5a, 0x09, 0x9b, 0x45, 0xf1, 0x01, 0x4c, 0x4e, 0xf6, 0xda, 0x6a, 0xae, 0xa7, 0x73, 0x7b, 0x2e, 0xb6, 0x24, 0x89, 0x99, 0xb7, 0x52, 0x16, 0x62, 0x0a, 0xab, 0x58, 0xf8, 0x3f, 0x10, 0x5b, 0x83, 0xfd, 0x7b, 0x81, 0x77, 0x81, 0x8d, 0xef, 0x24, 0x56, 0x6d, 0xba, 0x49, 0xd4, 0x8b, 0xb5, 0xa0, 0xb1, 0xc9, 0x8c, 0x32, 0x95, 0x1c, 0x5e, 0x0a, 0x4b, 0xf6, 0x00, 0x50, 0x0a, 0x87, 0x99, 0x59, 0xcf, 0x6f, 0x9d, 0x02, 0xd0, 0x1b, 0xa1, 0x96, 0x45, 0x28, 0x76, 0x40, 0x33, 0x28, 0xc9, 0xa1, 0xfd, 0x46, 0xab, 0x2c, 0x9e, 0x5e, 0xc6, 0x74, 0x19, 0x9a, 0xf5, 0x9b, 0x51, 0x11, 0x4f, 0xc8, 0xb9, 0x99, 0x6b, 0x4e, 0x3e, 0x31, 0x64, 0xb4, 0x92, 0xf4, 0x0d, 0x41, 0x4b, 0x2c, 0x65, 0x23, 0xf7, 0x47, 0xe3, 0xa5, 0x2e, 0xe4, 0x9c, 0x2b, 0xc9, 0x41, 0x22, 0x83, 0x8a, 0x23, 0xef, 0x29, 0x7e, 0x4f, 0x3f, 0xa3, 0xbf, 0x73, 0x2b, 0xd7, 0xcc, 0xc8, 0xc6, 0xe9, 0xbc, 0x01, 0xb7, 0x32, 0x63, 0xd4, 0x7e, 0x7f, 0x9a, 0xaf, 0x5f, 0x05, 0x31, 0x53, 0xd6, 0x1f, 0xa2, 0xd0, 0xdf, 0x67, 0x56, 0xf1, 0x9c, 0x4a, 0x9d, 0x83, 0xb4, 0xef, 0xb3, 0xf2, 0xcc, 0xf1, 0x91, 0x6c, 0x47, 0xc3, 0x8b, 0xd0, 0x92, 0x79, 0x3d, 0xa0, 0xc0, 0x3a, 0x57, 0x26, 0x6d, 0x0a, 0xad, 0x5f, 0xad, 0xb4, 0x74, 0x48, 0x4a, 0x51, 0xe1, 0xb5, 0x82, 0x0a, 0x4c, 0x4f, 0x9d, 0xaf, 0xee, 0x5a, 0xa2, 0x4d, 0x4d, 0x5f, 0xe0, 0x17, 0x00, 0x23, 0x00, 0x00 }; byte alert_reply[50]; byte expected_alert_reply[] = { 0x15, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x02, 0x02, 0x2f }; fd = wolfSSL_get_fd(ssl); ret = (int)send(fd, ch_msh_invalid_cookie, sizeof(ch_msh_invalid_cookie), 0); AssertIntGT(ret, 0); /* should reply with an illegal_parameter reply */ ret = (int)recv(fd, alert_reply, sizeof(alert_reply), 0); AssertIntEQ(ret, sizeof(expected_alert_reply)); AssertIntEQ(XMEMCMP(alert_reply, expected_alert_reply, sizeof(expected_alert_reply)), 0); } #endif static word32 test_wolfSSL_dtls_stateless_HashWOLFSSL(const WOLFSSL* ssl) { #ifndef NO_MD5 enum wc_HashType hashType = WC_HASH_TYPE_MD5; #elif !defined(NO_SHA) enum wc_HashType hashType = WC_HASH_TYPE_SHA; #elif !defined(NO_SHA256) enum wc_HashType hashType = WC_HASH_TYPE_SHA256; #else #error "We need a digest to hash the WOLFSSL object" #endif byte hashBuf[WC_MAX_DIGEST_SIZE]; wc_HashAlg hash; const TLSX* exts = ssl->extensions; WOLFSSL sslCopy; /* Use a copy to omit certain fields */ HS_Hashes* hsHashes = ssl->hsHashes; /* Is re-allocated in * InitHandshakeHashes */ XMEMCPY(&sslCopy, ssl, sizeof(*ssl)); XMEMSET(hashBuf, 0, sizeof(hashBuf)); /* Following fields are not important to compare */ XMEMSET(sslCopy.buffers.inputBuffer.staticBuffer, 0, STATIC_BUFFER_LEN); sslCopy.buffers.inputBuffer.buffer = NULL; sslCopy.buffers.inputBuffer.bufferSize = 0; sslCopy.buffers.inputBuffer.dynamicFlag = 0; sslCopy.buffers.inputBuffer.offset = 0; XMEMSET(sslCopy.buffers.outputBuffer.staticBuffer, 0, STATIC_BUFFER_LEN); sslCopy.buffers.outputBuffer.buffer = NULL; sslCopy.buffers.outputBuffer.bufferSize = 0; sslCopy.buffers.outputBuffer.dynamicFlag = 0; sslCopy.buffers.outputBuffer.offset = 0; sslCopy.error = 0; sslCopy.curSize = 0; sslCopy.curStartIdx = 0; sslCopy.keys.curSeq_lo = 0; XMEMSET(&sslCopy.curRL, 0, sizeof(sslCopy.curRL)); #ifdef WOLFSSL_DTLS13 XMEMSET(&sslCopy.keys.curSeq, 0, sizeof(sslCopy.keys.curSeq)); sslCopy.dtls13FastTimeout = 0; #endif sslCopy.keys.dtls_peer_handshake_number = 0; XMEMSET(&sslCopy.alert_history, 0, sizeof(sslCopy.alert_history)); sslCopy.hsHashes = NULL; #ifdef WOLFSSL_ASYNC_IO #ifdef WOLFSSL_ASYNC_CRYPT sslCopy.asyncDev = NULL; #endif sslCopy.async = NULL; #endif AssertIntEQ(wc_HashInit(&hash, hashType), 0); AssertIntEQ(wc_HashUpdate(&hash, hashType, (byte*)&sslCopy, sizeof(sslCopy)), 0); /* hash extension list */ while (exts != NULL) { AssertIntEQ(wc_HashUpdate(&hash, hashType, (byte*)exts, sizeof(*exts)), 0); exts = exts->next; } /* Hash suites */ if (sslCopy.suites != NULL) { AssertIntEQ(wc_HashUpdate(&hash, hashType, (byte*)sslCopy.suites, sizeof(struct Suites)), 0); } /* Hash hsHashes */ AssertIntEQ(wc_HashUpdate(&hash, hashType, (byte*)hsHashes, sizeof(*hsHashes)), 0); AssertIntEQ(wc_HashFinal(&hash, hashType, hashBuf), 0); AssertIntEQ(wc_HashFree(&hash, hashType), 0); return MakeWordFromHash(hashBuf); } static CallbackIORecv test_wolfSSL_dtls_compare_stateless_cb; static int test_wolfSSL_dtls_compare_stateless_cb_call_once; static int test_wolfSSL_dtls_compare_stateless_read_cb_once(WOLFSSL *ssl, char *buf, int sz, void *ctx) { if (test_wolfSSL_dtls_compare_stateless_cb_call_once) { test_wolfSSL_dtls_compare_stateless_cb_call_once = 0; return test_wolfSSL_dtls_compare_stateless_cb(ssl, buf, sz, ctx); } else { return WOLFSSL_CBIO_ERR_WANT_READ; } } static void test_wolfSSL_dtls_compare_stateless(WOLFSSL* ssl) { /* Compare the ssl object before and after one ClientHello msg */ SOCKET_T fd = wolfSSL_get_fd(ssl); int res; int err; word32 initHash; test_wolfSSL_dtls_compare_stateless_cb = ssl->CBIORecv; test_wolfSSL_dtls_compare_stateless_cb_call_once = 1; wolfSSL_dtls_set_using_nonblock(ssl, 1); ssl->CBIORecv = test_wolfSSL_dtls_compare_stateless_read_cb_once; initHash = test_wolfSSL_dtls_stateless_HashWOLFSSL(ssl); (void)initHash; res = tcp_select(fd, 5); /* We are expecting a msg. A timeout indicates failure. */ AssertIntEQ(res, TEST_RECV_READY); res = wolfSSL_accept(ssl); err = wolfSSL_get_error(ssl, res); AssertIntEQ(res, WOLFSSL_FATAL_ERROR); AssertIntEQ(err, WOLFSSL_ERROR_WANT_READ); AssertIntEQ(initHash, test_wolfSSL_dtls_stateless_HashWOLFSSL(ssl)); wolfSSL_dtls_set_using_nonblock(ssl, 0); ssl->CBIORecv = test_wolfSSL_dtls_compare_stateless_cb; } #if defined(WOLFSSL_DTLS13) && defined(WOLFSSL_SEND_HRR_COOKIE) static void test_wolfSSL_dtls_enable_hrrcookie(WOLFSSL* ssl) { int ret; ret = wolfSSL_send_hrr_cookie(ssl, NULL, 0); AssertIntEQ(ret, WOLFSSL_SUCCESS); test_wolfSSL_dtls_compare_stateless(ssl); } #endif static int test_wolfSSL_dtls_stateless(void) { callback_functions client_cbs, server_cbs; size_t i; struct { method_provider client_meth; method_provider server_meth; ssl_callback client_ssl_ready; ssl_callback server_ssl_ready; } test_params[] = { #if !defined(WOLFSSL_NO_TLS12) {wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method, test_wolfSSL_dtls_send_ch, test_wolfSSL_dtls_compare_stateless}, #endif #if defined(WOLFSSL_DTLS13) && defined(WOLFSSL_SEND_HRR_COOKIE) {wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method, test_wolfSSL_dtls_send_ch, test_wolfSSL_dtls_enable_hrrcookie}, {wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method, test_wolfSSL_dtls_send_ch_with_invalid_cookie, test_wolfSSL_dtls_enable_hrrcookie}, #endif }; if (0 == sizeof(test_params)){ return TEST_SKIPPED; } for (i = 0; i < sizeof(test_params)/sizeof(*test_params); i++) { XMEMSET(&client_cbs, 0, sizeof(client_cbs)); XMEMSET(&server_cbs, 0, sizeof(server_cbs)); client_cbs.doUdp = server_cbs.doUdp = 1; client_cbs.method = test_params[i].client_meth; server_cbs.method = test_params[i].server_meth; client_cbs.ssl_ready = test_params[i].client_ssl_ready; server_cbs.ssl_ready = test_params[i].server_ssl_ready; test_wolfSSL_client_server_nofail(&client_cbs, &server_cbs); if (!client_cbs.return_code) return TEST_FAIL; if (!server_cbs.return_code) return TEST_FAIL; } return TEST_SUCCESS; } #else static int test_wolfSSL_dtls_stateless(void) { return TEST_SKIPPED; } #endif /* WOLFSSL_DTLS13 && WOLFSSL_SEND_HRR_COOKIE && * HAVE_IO_TESTS_DEPENDENCIES && !SINGLE_THREADED */ #if !defined(NO_RSA) && !defined(NO_SHA) && !defined(NO_FILESYSTEM) && \ !defined(NO_CERTS) && (!defined(NO_WOLFSSL_CLIENT) || \ !defined(WOLFSSL_NO_CLIENT_AUTH)) static int load_ca_into_cm(WOLFSSL_CERT_MANAGER* cm, char* certA) { int ret; if ((ret = wolfSSL_CertManagerLoadCA(cm, certA, 0)) != WOLFSSL_SUCCESS) { fprintf(stderr, "loading cert %s failed\n", certA); fprintf(stderr, "Error: (%d): %s\n", ret, wolfSSL_ERR_reason_error_string(ret)); return -1; } return 0; } static int verify_cert_with_cm(WOLFSSL_CERT_MANAGER* cm, char* certA) { int ret; if ((ret = wolfSSL_CertManagerVerify(cm, certA, WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) { fprintf(stderr, "could not verify the cert: %s\n", certA); fprintf(stderr, "Error: (%d): %s\n", ret, wolfSSL_ERR_reason_error_string(ret)); return -1; } else { fprintf(stderr, "successfully verified: %s\n", certA); } return 0; } #define LOAD_ONE_CA(a, b, c, d) \ do { \ (a) = load_ca_into_cm(c, d); \ if ((a) != 0) \ return (b); \ else \ (b)--; \ } while(0) #define VERIFY_ONE_CERT(a, b, c, d) \ do { \ (a) = verify_cert_with_cm(c, d);\ if ((a) != 0) \ return (b); \ else \ (b)--; \ } while(0) static int test_chainG(WOLFSSL_CERT_MANAGER* cm) { int ret; int i = -1; /* Chain G is a valid chain per RFC 5280 section 4.2.1.9 */ char chainGArr[9][50] = {"certs/ca-cert.pem", "certs/test-pathlen/chainG-ICA7-pathlen100.pem", "certs/test-pathlen/chainG-ICA6-pathlen10.pem", "certs/test-pathlen/chainG-ICA5-pathlen20.pem", "certs/test-pathlen/chainG-ICA4-pathlen5.pem", "certs/test-pathlen/chainG-ICA3-pathlen99.pem", "certs/test-pathlen/chainG-ICA2-pathlen1.pem", "certs/test-pathlen/chainG-ICA1-pathlen0.pem", "certs/test-pathlen/chainG-entity.pem"}; LOAD_ONE_CA(ret, i, cm, chainGArr[0]); /* if failure, i = -1 here */ LOAD_ONE_CA(ret, i, cm, chainGArr[1]); /* if failure, i = -2 here */ LOAD_ONE_CA(ret, i, cm, chainGArr[2]); /* if failure, i = -3 here */ LOAD_ONE_CA(ret, i, cm, chainGArr[3]); /* if failure, i = -4 here */ LOAD_ONE_CA(ret, i, cm, chainGArr[4]); /* if failure, i = -5 here */ LOAD_ONE_CA(ret, i, cm, chainGArr[5]); /* if failure, i = -6 here */ LOAD_ONE_CA(ret, i, cm, chainGArr[6]); /* if failure, i = -7 here */ LOAD_ONE_CA(ret, i, cm, chainGArr[7]); /* if failure, i = -8 here */ VERIFY_ONE_CERT(ret, i, cm, chainGArr[1]); /* if failure, i = -9 here */ VERIFY_ONE_CERT(ret, i, cm, chainGArr[2]); /* if failure, i = -10 here */ VERIFY_ONE_CERT(ret, i, cm, chainGArr[3]); /* if failure, i = -11 here */ VERIFY_ONE_CERT(ret, i, cm, chainGArr[4]); /* if failure, i = -12 here */ VERIFY_ONE_CERT(ret, i, cm, chainGArr[5]); /* if failure, i = -13 here */ VERIFY_ONE_CERT(ret, i, cm, chainGArr[6]); /* if failure, i = -14 here */ VERIFY_ONE_CERT(ret, i, cm, chainGArr[7]); /* if failure, i = -15 here */ VERIFY_ONE_CERT(ret, i, cm, chainGArr[8]); /* if failure, i = -16 here */ /* test validating the entity twice, should have no effect on pathLen since * entity/leaf cert */ VERIFY_ONE_CERT(ret, i, cm, chainGArr[8]); /* if failure, i = -17 here */ return ret; } static int test_chainH(WOLFSSL_CERT_MANAGER* cm) { int ret; int i = -1; /* Chain H is NOT a valid chain per RFC5280 section 4.2.1.9: * ICA4-pathlen of 2 signing ICA3-pathlen of 2 (reduce max path len to 2) * ICA3-pathlen of 2 signing ICA2-pathlen of 2 (reduce max path len to 1) * ICA2-pathlen of 2 signing ICA1-pathlen of 0 (reduce max path len to 0) * ICA1-pathlen of 0 signing entity (pathlen is already 0, ERROR) * Test should successfully verify ICA4, ICA3, ICA2 and then fail on ICA1 */ char chainHArr[6][50] = {"certs/ca-cert.pem", "certs/test-pathlen/chainH-ICA4-pathlen2.pem", "certs/test-pathlen/chainH-ICA3-pathlen2.pem", "certs/test-pathlen/chainH-ICA2-pathlen2.pem", "certs/test-pathlen/chainH-ICA1-pathlen0.pem", "certs/test-pathlen/chainH-entity.pem"}; LOAD_ONE_CA(ret, i, cm, chainHArr[0]); /* if failure, i = -1 here */ LOAD_ONE_CA(ret, i, cm, chainHArr[1]); /* if failure, i = -2 here */ LOAD_ONE_CA(ret, i, cm, chainHArr[2]); /* if failure, i = -3 here */ LOAD_ONE_CA(ret, i, cm, chainHArr[3]); /* if failure, i = -4 here */ LOAD_ONE_CA(ret, i, cm, chainHArr[4]); /* if failure, i = -5 here */ VERIFY_ONE_CERT(ret, i, cm, chainHArr[1]); /* if failure, i = -6 here */ VERIFY_ONE_CERT(ret, i, cm, chainHArr[2]); /* if failure, i = -7 here */ VERIFY_ONE_CERT(ret, i, cm, chainHArr[3]); /* if failure, i = -8 here */ VERIFY_ONE_CERT(ret, i, cm, chainHArr[4]); /* if failure, i = -9 here */ VERIFY_ONE_CERT(ret, i, cm, chainHArr[5]); /* if failure, i = -10 here */ return ret; } static int test_chainI(WOLFSSL_CERT_MANAGER* cm) { int ret; int i = -1; /* Chain I is a valid chain per RFC5280 section 4.2.1.9: * ICA3-pathlen of 2 signing ICA2 without a pathlen (reduce maxPathLen to 2) * ICA2-no_pathlen signing ICA1-no_pathlen (reduce maxPathLen to 1) * ICA1-no_pathlen signing entity (reduce maxPathLen to 0) * Test should successfully verify ICA4, ICA3, ICA2 and then fail on ICA1 */ char chainIArr[5][50] = {"certs/ca-cert.pem", "certs/test-pathlen/chainI-ICA3-pathlen2.pem", "certs/test-pathlen/chainI-ICA2-no_pathlen.pem", "certs/test-pathlen/chainI-ICA1-no_pathlen.pem", "certs/test-pathlen/chainI-entity.pem"}; LOAD_ONE_CA(ret, i, cm, chainIArr[0]); /* if failure, i = -1 here */ LOAD_ONE_CA(ret, i, cm, chainIArr[1]); /* if failure, i = -2 here */ LOAD_ONE_CA(ret, i, cm, chainIArr[2]); /* if failure, i = -3 here */ LOAD_ONE_CA(ret, i, cm, chainIArr[3]); /* if failure, i = -4 here */ VERIFY_ONE_CERT(ret, i, cm, chainIArr[1]); /* if failure, i = -5 here */ VERIFY_ONE_CERT(ret, i, cm, chainIArr[2]); /* if failure, i = -6 here */ VERIFY_ONE_CERT(ret, i, cm, chainIArr[3]); /* if failure, i = -7 here */ VERIFY_ONE_CERT(ret, i, cm, chainIArr[4]); /* if failure, i = -8 here */ return ret; } static int test_chainJ(WOLFSSL_CERT_MANAGER* cm) { int ret; int i = -1; /* Chain J is NOT a valid chain per RFC5280 section 4.2.1.9: * ICA4-pathlen of 2 signing ICA3 without a pathlen (reduce maxPathLen to 2) * ICA3-pathlen of 2 signing ICA2 without a pathlen (reduce maxPathLen to 1) * ICA2-no_pathlen signing ICA1-no_pathlen (reduce maxPathLen to 0) * ICA1-no_pathlen signing entity (ERROR, pathlen zero and non-leaf cert) */ char chainJArr[6][50] = {"certs/ca-cert.pem", "certs/test-pathlen/chainJ-ICA4-pathlen2.pem", "certs/test-pathlen/chainJ-ICA3-no_pathlen.pem", "certs/test-pathlen/chainJ-ICA2-no_pathlen.pem", "certs/test-pathlen/chainJ-ICA1-no_pathlen.pem", "certs/test-pathlen/chainJ-entity.pem"}; LOAD_ONE_CA(ret, i, cm, chainJArr[0]); /* if failure, i = -1 here */ LOAD_ONE_CA(ret, i, cm, chainJArr[1]); /* if failure, i = -2 here */ LOAD_ONE_CA(ret, i, cm, chainJArr[2]); /* if failure, i = -3 here */ LOAD_ONE_CA(ret, i, cm, chainJArr[3]); /* if failure, i = -4 here */ LOAD_ONE_CA(ret, i, cm, chainJArr[4]); /* if failure, i = -5 here */ VERIFY_ONE_CERT(ret, i, cm, chainJArr[1]); /* if failure, i = -6 here */ VERIFY_ONE_CERT(ret, i, cm, chainJArr[2]); /* if failure, i = -7 here */ VERIFY_ONE_CERT(ret, i, cm, chainJArr[3]); /* if failure, i = -8 here */ VERIFY_ONE_CERT(ret, i, cm, chainJArr[4]); /* if failure, i = -9 here */ VERIFY_ONE_CERT(ret, i, cm, chainJArr[5]); /* if failure, i = -10 here */ return ret; } static int test_various_pathlen_chains(void) { EXPECT_DECLS; WOLFSSL_CERT_MANAGER* cm = NULL; /* Test chain G (large chain with varying pathLens) */ ExpectNotNull(cm = wolfSSL_CertManagerNew()); #if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER) ExpectIntEQ(test_chainG(cm), -1); #else ExpectIntEQ(test_chainG(cm), 0); #endif /* NO_WOLFSSL_CLIENT && NO_WOLFSSL_SERVER */ ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS); wolfSSL_CertManagerFree(cm); /* end test chain G */ /* Test chain H (5 chain with same pathLens) */ ExpectNotNull(cm = wolfSSL_CertManagerNew()); ExpectIntLT(test_chainH(cm), 0); ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS); wolfSSL_CertManagerFree(cm); ExpectNotNull(cm = wolfSSL_CertManagerNew()); ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS); wolfSSL_CertManagerFree(cm); /* end test chain H */ /* Test chain I (only first ICA has pathLen set and it's set to 2, * followed by 2 ICA's, should pass) */ ExpectNotNull(cm = wolfSSL_CertManagerNew()); #if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER) ExpectIntEQ(test_chainI(cm), -1); #else ExpectIntEQ(test_chainI(cm), 0); #endif /* NO_WOLFSSL_CLIENT && NO_WOLFSSL_SERVER */ ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS); wolfSSL_CertManagerFree(cm); ExpectNotNull(cm = wolfSSL_CertManagerNew()); ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS); wolfSSL_CertManagerFree(cm); /* Test chain J (Again only first ICA has pathLen set and it's set to 2, * this time followed by 3 ICA's, should fail */ ExpectNotNull(cm = wolfSSL_CertManagerNew()); ExpectIntLT(test_chainJ(cm), 0); ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS); wolfSSL_CertManagerFree(cm); ExpectNotNull(cm = wolfSSL_CertManagerNew()); ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS); wolfSSL_CertManagerFree(cm); return EXPECT_RESULT(); } #endif /* !NO_RSA && !NO_SHA && !NO_FILESYSTEM && !NO_CERTS */ #if defined(HAVE_KEYING_MATERIAL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) static int test_export_keying_material_cb(WOLFSSL_CTX *ctx, WOLFSSL *ssl) { EXPECT_DECLS; byte ekm[100] = {0}; (void)ctx; /* Success Cases */ ExpectIntEQ(wolfSSL_export_keying_material(ssl, ekm, sizeof(ekm), "Test label", XSTR_SIZEOF("Test label"), NULL, 0, 0), 1); ExpectIntEQ(wolfSSL_export_keying_material(ssl, ekm, sizeof(ekm), "Test label", XSTR_SIZEOF("Test label"), NULL, 0, 1), 1); /* Use some random context */ ExpectIntEQ(wolfSSL_export_keying_material(ssl, ekm, sizeof(ekm), "Test label", XSTR_SIZEOF("Test label"), ekm, 10, 1), 1); /* Failure cases */ ExpectIntEQ(wolfSSL_export_keying_material(ssl, ekm, sizeof(ekm), "client finished", XSTR_SIZEOF("client finished"), NULL, 0, 0), 0); ExpectIntEQ(wolfSSL_export_keying_material(ssl, ekm, sizeof(ekm), "server finished", XSTR_SIZEOF("server finished"), NULL, 0, 0), 0); ExpectIntEQ(wolfSSL_export_keying_material(ssl, ekm, sizeof(ekm), "master secret", XSTR_SIZEOF("master secret"), NULL, 0, 0), 0); ExpectIntEQ(wolfSSL_export_keying_material(ssl, ekm, sizeof(ekm), "extended master secret", XSTR_SIZEOF("extended master secret"), NULL, 0, 0), 0); ExpectIntEQ(wolfSSL_export_keying_material(ssl, ekm, sizeof(ekm), "key expansion", XSTR_SIZEOF("key expansion"), NULL, 0, 0), 0); return EXPECT_RESULT(); } static int test_export_keying_material_ssl_cb(WOLFSSL* ssl) { wolfSSL_KeepArrays(ssl); return TEST_SUCCESS; } static int test_export_keying_material(void) { EXPECT_DECLS; test_ssl_cbf serverCb; test_ssl_cbf clientCb; XMEMSET(&serverCb, 0, sizeof(serverCb)); XMEMSET(&clientCb, 0, sizeof(clientCb)); clientCb.ssl_ready = test_export_keying_material_ssl_cb; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&clientCb, &serverCb, test_export_keying_material_cb), TEST_SUCCESS); return EXPECT_RESULT(); } #endif /* HAVE_KEYING_MATERIAL */ static int test_wolfSSL_THREADID_hash(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) CRYPTO_THREADID id; CRYPTO_THREADID_current(NULL); /* Hash result is unsigned long. */ ExpectTrue(CRYPTO_THREADID_hash(NULL) == 0UL); XMEMSET(&id, 0, sizeof(id)); ExpectTrue(CRYPTO_THREADID_hash(&id) == 0UL); #endif /* OPENSSL_EXTRA */ return EXPECT_RESULT(); } static int test_wolfSSL_CTX_set_ecdh_auto(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) WOLFSSL_CTX* ctx = NULL; ExpectIntEQ(SSL_CTX_set_ecdh_auto(NULL,0), 1); ExpectIntEQ(SSL_CTX_set_ecdh_auto(NULL,1), 1); ExpectIntEQ(SSL_CTX_set_ecdh_auto(ctx,0), 1); ExpectIntEQ(SSL_CTX_set_ecdh_auto(ctx,1), 1); #endif /* OPENSSL_EXTRA */ return EXPECT_RESULT(); } #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_ERROR_CODE_OPENSSL) && \ defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_NO_TLS12) static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_server_thread(void* args) { EXPECT_DECLS; callback_functions* callbacks = NULL; WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; SOCKET_T sfd = 0; SOCKET_T cfd = 0; word16 port; char msg[] = "I hear you fa shizzle!"; int len = (int) XSTRLEN(msg); char input[1024]; int ret = 0; int err = 0; if (!args) WOLFSSL_RETURN_FROM_THREAD(0); ((func_args*)args)->return_code = TEST_FAIL; callbacks = ((func_args*)args)->callbacks; ctx = wolfSSL_CTX_new(callbacks->method()); #if defined(USE_WINDOWS_API) port = ((func_args*)args)->signal->port; #else /* Let tcp_listen assign port */ port = 0; #endif #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM)); #if !defined(NO_FILESYSTEM) && !defined(NO_DH) ExpectIntEQ(wolfSSL_CTX_SetTmpDH_file(ctx, dhParamFile, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); #elif !defined(NO_DH) SetDHCtx(ctx); /* will repick suites with DHE, higher priority than PSK */ #endif if (callbacks->ctx_ready) callbacks->ctx_ready(ctx); ssl = wolfSSL_new(ctx); ExpectNotNull(ssl); /* listen and accept */ tcp_accept(&sfd, &cfd, (func_args*)args, port, 0, 0, 0, 0, 1, 0, 0); CloseSocket(sfd); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_set_fd(ssl, cfd)); if (callbacks->ssl_ready) callbacks->ssl_ready(ssl); if (EXPECT_SUCCESS()) { do { err = 0; /* Reset error */ ret = wolfSSL_accept(ssl); if (ret != WOLFSSL_SUCCESS) { err = wolfSSL_get_error(ssl, 0); } } while (ret != WOLFSSL_SUCCESS && err == WC_PENDING_E); } ExpectIntEQ(ret, WOLFSSL_SUCCESS); /* read and write data */ XMEMSET(input, 0, sizeof(input)); while (EXPECT_SUCCESS()) { ret = wolfSSL_read(ssl, input, sizeof(input)); if (ret > 0) { break; } else { err = wolfSSL_get_error(ssl,ret); if (err == WOLFSSL_ERROR_WANT_READ) { continue; } break; } } if (EXPECT_SUCCESS() && (err == WOLFSSL_ERROR_ZERO_RETURN)) { do { ret = wolfSSL_write(ssl, msg, len); if (ret > 0) { break; } } while (ret < 0); } /* bidirectional shutdown */ while (EXPECT_SUCCESS()) { ret = wolfSSL_shutdown(ssl); ExpectIntNE(ret, WOLFSSL_FATAL_ERROR); if (ret == WOLFSSL_SUCCESS) { break; } } if (EXPECT_SUCCESS()) { /* wait for the peer to disconnect the tcp connection */ do { ret = wolfSSL_read(ssl, input, sizeof(input)); err = wolfSSL_get_error(ssl, ret); } while (ret > 0 || err != WOLFSSL_ERROR_ZERO_RETURN); } /* detect TCP disconnect */ ExpectIntLE(ret,WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_get_error(ssl, ret), WOLFSSL_ERROR_ZERO_RETURN); ((func_args*)args)->return_code = EXPECT_RESULT(); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); CloseSocket(cfd); #if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS) wc_ecc_fp_free(); /* free per thread cache */ #endif WOLFSSL_RETURN_FROM_THREAD(0); } static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_client_thread(void* args) { EXPECT_DECLS; callback_functions* callbacks = NULL; WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; SOCKET_T sfd = 0; char msg[] = "hello wolfssl server!"; int len = (int) XSTRLEN(msg); char input[1024]; int idx; int ret, err; if (!args) WOLFSSL_RETURN_FROM_THREAD(0); ((func_args*)args)->return_code = TEST_FAIL; callbacks = ((func_args*)args)->callbacks; ctx = wolfSSL_CTX_new(callbacks->method()); #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, WOLFSSL_FILETYPE_PEM)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, WOLFSSL_FILETYPE_PEM)); ExpectNotNull((ssl = wolfSSL_new(ctx))); tcp_connect(&sfd, wolfSSLIP, ((func_args*)args)->signal->port, 0, 0, ssl); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_set_fd(ssl, sfd)); if (EXPECT_SUCCESS()) { do { err = 0; /* Reset error */ ret = wolfSSL_connect(ssl); if (ret != WOLFSSL_SUCCESS) { err = wolfSSL_get_error(ssl, 0); } } while (ret != WOLFSSL_SUCCESS && err == WC_PENDING_E); } ExpectIntGE(wolfSSL_write(ssl, msg, len), 0); if (EXPECT_SUCCESS()) { if (0 < (idx = wolfSSL_read(ssl, input, sizeof(input)-1))) { input[idx] = 0; } } if (EXPECT_SUCCESS()) { ret = wolfSSL_shutdown(ssl); if (ret == WOLFSSL_SHUTDOWN_NOT_DONE) { ret = wolfSSL_shutdown(ssl); } } ExpectIntEQ(ret, WOLFSSL_SUCCESS); ((func_args*)args)->return_code = EXPECT_RESULT(); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); CloseSocket(sfd); #if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS) wc_ecc_fp_free(); /* free per thread cache */ #endif WOLFSSL_RETURN_FROM_THREAD(0); } #endif /* OPENSSL_EXTRA && WOLFSSL_ERROR_CODE_OPENSSL && HAVE_IO_TESTS_DEPENDENCIES && !WOLFSSL_NO_TLS12 */ /* This test is to check wolfSSL_read behaves as same as * openSSL when it is called after SSL_shutdown completes. */ static int test_wolfSSL_read_detect_TCP_disconnect(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_ERROR_CODE_OPENSSL) && \ defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_NO_TLS12) tcp_ready ready; func_args client_args; func_args server_args; THREAD_TYPE serverThread; THREAD_TYPE clientThread; callback_functions server_cbf; callback_functions client_cbf; #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif StartTCP(); InitTcpReady(&ready); #if defined(USE_WINDOWS_API) /* use RNG to get random port if using windows */ ready.port = GetRandomPort(); #endif XMEMSET(&client_args, 0, sizeof(func_args)); XMEMSET(&server_args, 0, sizeof(func_args)); XMEMSET(&server_cbf, 0, sizeof(callback_functions)); XMEMSET(&client_cbf, 0, sizeof(callback_functions)); server_cbf.method = wolfTLSv1_2_server_method; client_cbf.method = wolfTLSv1_2_client_method; server_args.callbacks = &server_cbf; client_args.callbacks = &client_cbf; server_args.signal = &ready; client_args.signal = &ready; start_thread(SSL_read_test_server_thread, &server_args, &serverThread); wait_tcp_ready(&server_args); start_thread(SSL_read_test_client_thread, &client_args, &clientThread); join_thread(clientThread); join_thread(serverThread); ExpectTrue(client_args.return_code); ExpectTrue(server_args.return_code); FreeTcpReady(&ready); #endif return EXPECT_RESULT(); } static int test_wolfSSL_CTX_get_min_proto_version(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) WOLFSSL_CTX *ctx = NULL; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_method())); ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, SSL3_VERSION), WOLFSSL_SUCCESS); #ifdef WOLFSSL_ALLOW_SSLV3 ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), SSL3_VERSION); #else ExpectIntGT(wolfSSL_CTX_get_min_proto_version(ctx), SSL3_VERSION); #endif wolfSSL_CTX_free(ctx); ctx = NULL; #ifdef WOLFSSL_ALLOW_TLSV10 ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_method())); #endif ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, TLS1_VERSION), WOLFSSL_SUCCESS); #ifdef WOLFSSL_ALLOW_TLSV10 ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_VERSION); #else ExpectIntGT(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_VERSION); #endif wolfSSL_CTX_free(ctx); ctx = NULL; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_method())); ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, TLS1_1_VERSION), WOLFSSL_SUCCESS); #ifndef NO_OLD_TLS ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_1_VERSION); #else ExpectIntGT(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_1_VERSION); #endif wolfSSL_CTX_free(ctx); ctx = NULL; #ifndef WOLFSSL_NO_TLS12 ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_method())); ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, TLS1_2_VERSION), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_2_VERSION); wolfSSL_CTX_free(ctx); ctx = NULL; #endif #ifdef WOLFSSL_TLS13 ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_method())); ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, TLS1_3_VERSION), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_3_VERSION); wolfSSL_CTX_free(ctx); ctx = NULL; #endif #endif /* defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) */ return EXPECT_RESULT(); } #if defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && \ (defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \ defined(HAVE_LIGHTY) || defined(WOLFSSL_HAPROXY) || \ defined(WOLFSSL_OPENSSH) || defined(HAVE_SBLIM_SFCB))) static int test_wolfSSL_set_SSL_CTX(void) { EXPECT_DECLS; #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) \ && !defined(WOLFSSL_NO_TLS12) && defined(WOLFSSL_TLS13) && \ !defined(NO_RSA) WOLFSSL_CTX *ctx1 = NULL; WOLFSSL_CTX *ctx2 = NULL; WOLFSSL *ssl = NULL; const byte *session_id1 = (const byte *)"CTX1"; const byte *session_id2 = (const byte *)"CTX2"; ExpectNotNull(ctx1 = wolfSSL_CTX_new(wolfTLS_server_method())); ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx1, svrCertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx1, svrKeyFile, WOLFSSL_FILETYPE_PEM)); ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx1, TLS1_2_VERSION), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx1), TLS1_2_VERSION); ExpectIntEQ(wolfSSL_CTX_get_max_proto_version(ctx1), TLS1_3_VERSION); ExpectIntEQ(wolfSSL_CTX_set_session_id_context(ctx1, session_id1, 4), WOLFSSL_SUCCESS); ExpectNotNull(ctx2 = wolfSSL_CTX_new(wolfTLS_server_method())); ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx2, svrCertFile, WOLFSSL_FILETYPE_PEM)); ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx2, svrKeyFile, WOLFSSL_FILETYPE_PEM)); ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx2, TLS1_2_VERSION), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_set_max_proto_version(ctx2, TLS1_2_VERSION), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx2), TLS1_2_VERSION); ExpectIntEQ(wolfSSL_CTX_get_max_proto_version(ctx2), TLS1_2_VERSION); ExpectIntEQ(wolfSSL_CTX_set_session_id_context(ctx2, session_id2, 4), WOLFSSL_SUCCESS); #ifdef HAVE_SESSION_TICKET ExpectIntEQ((wolfSSL_CTX_get_options(ctx1) & SSL_OP_NO_TICKET), 0); wolfSSL_CTX_set_options(ctx2, SSL_OP_NO_TICKET); ExpectIntNE((wolfSSL_CTX_get_options(ctx2) & SSL_OP_NO_TICKET), 0); #endif ExpectNotNull(ssl = wolfSSL_new(ctx2)); ExpectIntNE((wolfSSL_get_options(ssl) & WOLFSSL_OP_NO_TLSv1_3), 0); #ifdef WOLFSSL_INT_H #ifdef WOLFSSL_SESSION_ID_CTX ExpectIntEQ(XMEMCMP(ssl->sessionCtx, session_id2, 4), 0); #endif ExpectTrue(ssl->buffers.certificate == ctx2->certificate); ExpectTrue(ssl->buffers.certChain == ctx2->certChain); #endif #ifdef HAVE_SESSION_TICKET ExpectIntNE((wolfSSL_get_options(ssl) & SSL_OP_NO_TICKET), 0); #endif /* Set the ctx1 that has TLSv1.3 as max proto version */ ExpectNotNull(wolfSSL_set_SSL_CTX(ssl, ctx1)); /* MUST not change proto versions of ssl */ ExpectIntNE((wolfSSL_get_options(ssl) & WOLFSSL_OP_NO_TLSv1_3), 0); #ifdef HAVE_SESSION_TICKET /* MUST not change */ ExpectIntNE((wolfSSL_get_options(ssl) & SSL_OP_NO_TICKET), 0); #endif /* MUST change */ #ifdef WOLFSSL_INT_H ExpectTrue(ssl->buffers.certificate == ctx1->certificate); ExpectTrue(ssl->buffers.certChain == ctx1->certChain); #ifdef WOLFSSL_SESSION_ID_CTX ExpectIntEQ(XMEMCMP(ssl->sessionCtx, session_id1, 4), 0); #endif #endif wolfSSL_free(ssl); wolfSSL_CTX_free(ctx1); wolfSSL_CTX_free(ctx2); #endif /* defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) */ return EXPECT_RESULT(); } #endif /* defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && \ (defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \ defined(HAVE_LIGHTY) || defined(WOLFSSL_HAPROXY) || \ defined(WOLFSSL_OPENSSH) || defined(HAVE_SBLIM_SFCB))) */ static int test_wolfSSL_security_level(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) SSL_CTX *ctx = NULL; #ifdef WOLFSSL_TLS13 #ifdef NO_WOLFSSL_SERVER ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method())); #endif SSL_CTX_set_security_level(NULL, 1); SSL_CTX_set_security_level(ctx, 1); ExpectIntEQ(SSL_CTX_get_security_level(NULL), 0); /* Stub so nothing happens. */ ExpectIntEQ(SSL_CTX_get_security_level(ctx), 0); SSL_CTX_free(ctx); #else (void)ctx; #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_SSL_in_init(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_BIO) SSL_CTX* ctx = NULL; SSL* ssl = NULL; const char* testCertFile; const char* testKeyFile; #ifdef WOLFSSL_TLS13 #ifdef NO_WOLFSSL_SERVER ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method())); #endif #else #ifdef NO_WOLFSSL_SERVER ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); #endif #endif #ifndef NO_RSA testCertFile = svrCertFile; testKeyFile = svrKeyFile; #elif defined(HAVE_ECC) testCertFile = eccCertFile; testKeyFile = eccKeyFile; #else testCertFile = NULL; testKeyFile = NULL; #endif if ((testCertFile != NULL) && (testKeyFile != NULL)) { ExpectTrue(SSL_CTX_use_certificate_file(ctx, testCertFile, SSL_FILETYPE_PEM)); ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, testKeyFile, SSL_FILETYPE_PEM)); } ExpectNotNull(ssl = SSL_new(ctx)); ExpectIntEQ(SSL_in_init(ssl), 1); SSL_CTX_free(ctx); SSL_free(ssl); #endif return EXPECT_RESULT(); } static int test_wolfSSL_CTX_set_timeout(void) { EXPECT_DECLS; #if !defined(NO_WOLFSSL_SERVER) && !defined(NO_SESSION_CACHE) int timeout; WOLFSSL_CTX* ctx = NULL; (void)timeout; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); #if defined(WOLFSSL_ERROR_CODE_OPENSSL) /* in WOLFSSL_ERROR_CODE_OPENSSL macro guard, * wolfSSL_CTX_set_timeout returns previous timeout value on success. */ ExpectIntEQ(wolfSSL_CTX_set_timeout(NULL, 0), BAD_FUNC_ARG); /* giving 0 as timeout value sets default timeout */ timeout = wolfSSL_CTX_set_timeout(ctx, 0); ExpectIntEQ(wolfSSL_CTX_set_timeout(ctx, 20), timeout); ExpectIntEQ(wolfSSL_CTX_set_timeout(ctx, 30), 20); #else ExpectIntEQ(wolfSSL_CTX_set_timeout(NULL, 0), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_set_timeout(ctx, 100), 1); ExpectIntEQ(wolfSSL_CTX_set_timeout(ctx, 0), 1); #endif wolfSSL_CTX_free(ctx); #endif /* !NO_WOLFSSL_SERVER && !NO_SESSION_CACHE*/ return EXPECT_RESULT(); } static int test_wolfSSL_OpenSSL_version(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) const char* ver; #if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L ExpectNotNull(ver = OpenSSL_version(0)); #else ExpectNotNull(ver = OpenSSL_version()); #endif ExpectIntEQ(XMEMCMP(ver, "wolfSSL " LIBWOLFSSL_VERSION_STRING, XSTRLEN("wolfSSL " LIBWOLFSSL_VERSION_STRING)), 0); #endif return EXPECT_RESULT(); } static int test_CONF_CTX_CMDLINE(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) SSL_CTX* ctx = NULL; SSL_CONF_CTX* cctx = NULL; ExpectNotNull(cctx = SSL_CONF_CTX_new()); ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); SSL_CONF_CTX_set_ssl_ctx(cctx, ctx); /* set flags */ ExpectIntEQ(SSL_CONF_CTX_set_flags(cctx, WOLFSSL_CONF_FLAG_CMDLINE), WOLFSSL_CONF_FLAG_CMDLINE); ExpectIntEQ(SSL_CONF_CTX_set_flags(cctx, WOLFSSL_CONF_FLAG_CERTIFICATE), WOLFSSL_CONF_FLAG_CMDLINE | WOLFSSL_CONF_FLAG_CERTIFICATE); /* cmd invalid command */ ExpectIntEQ(SSL_CONF_cmd(cctx, "foo", "foobar"), -2); ExpectIntEQ(SSL_CONF_cmd(cctx, "foo", NULL), -2); ExpectIntEQ(SSL_CONF_cmd(cctx, NULL, NULL), WOLFSSL_FAILURE); ExpectIntEQ(SSL_CONF_cmd(cctx, NULL, "foobar"), WOLFSSL_FAILURE); ExpectIntEQ(SSL_CONF_cmd(NULL, "-curves", "foobar"), WOLFSSL_FAILURE); /* cmd Certificate and Private Key*/ { #if !defined(NO_CERTS) && !defined(NO_RSA) const char* ourCert = svrCertFile; const char* ourKey = svrKeyFile; ExpectIntEQ(SSL_CONF_cmd(cctx, "-cert", NULL), -3); ExpectIntEQ(SSL_CONF_cmd(cctx, "-cert", ourCert), WOLFSSL_SUCCESS); ExpectIntEQ(SSL_CONF_cmd(cctx, "-key", NULL), -3); ExpectIntEQ(SSL_CONF_cmd(cctx, "-key", ourKey), WOLFSSL_SUCCESS); ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS); #endif } /* cmd curves */ { #if defined(HAVE_ECC) const char* curve = "secp256r1"; ExpectIntEQ(SSL_CONF_cmd(cctx, "-curves", NULL), -3); ExpectIntEQ(SSL_CONF_cmd(cctx, "-curves", curve), WOLFSSL_SUCCESS); ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS); #endif } /* cmd CipherString */ { char* cipher = wolfSSL_get_cipher_list(0/*top priority*/); ExpectIntEQ(SSL_CONF_cmd(cctx, "-cipher", NULL), -3); ExpectIntEQ(SSL_CONF_cmd(cctx, "-cipher", cipher), WOLFSSL_SUCCESS); ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS); } /* cmd DH parameter */ { #if !defined(NO_DH) && !defined(NO_BIO) const char* ourdhcert = "./certs/dh2048.pem"; ExpectIntEQ(SSL_CONF_cmd(cctx, "-dhparam", NULL), -3); ExpectIntEQ(SSL_CONF_cmd(cctx, "-dhparam", ourdhcert), WOLFSSL_SUCCESS); ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS); #endif } SSL_CTX_free(ctx); SSL_CONF_CTX_free(cctx); #endif /* OPENSSL_EXTRA */ return EXPECT_RESULT(); } static int test_CONF_CTX_FILE(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) SSL_CTX* ctx = NULL; SSL_CONF_CTX* cctx = NULL; ExpectNotNull(cctx = SSL_CONF_CTX_new()); ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); SSL_CONF_CTX_set_ssl_ctx(cctx, ctx); /* set flags */ ExpectIntEQ(SSL_CONF_CTX_set_flags(cctx, WOLFSSL_CONF_FLAG_FILE), WOLFSSL_CONF_FLAG_FILE); ExpectIntEQ(SSL_CONF_CTX_set_flags(cctx, WOLFSSL_CONF_FLAG_CERTIFICATE), WOLFSSL_CONF_FLAG_FILE | WOLFSSL_CONF_FLAG_CERTIFICATE); /* sanity check */ ExpectIntEQ(SSL_CONF_cmd(cctx, "foo", "foobar"), -2); ExpectIntEQ(SSL_CONF_cmd(cctx, "foo", NULL), -2); ExpectIntEQ(SSL_CONF_cmd(cctx, NULL, NULL), WOLFSSL_FAILURE); ExpectIntEQ(SSL_CONF_cmd(cctx, NULL, "foobar"), WOLFSSL_FAILURE); ExpectIntEQ(SSL_CONF_cmd(NULL, "-curves", "foobar"), WOLFSSL_FAILURE); /* cmd Certificate and Private Key*/ { #if !defined(NO_CERTS) && !defined(NO_RSA) const char* ourCert = svrCertFile; const char* ourKey = svrKeyFile; ExpectIntEQ(SSL_CONF_cmd(cctx, "Certificate", NULL), -3); ExpectIntEQ(SSL_CONF_cmd(cctx, "PrivateKey", NULL), -3); ExpectIntEQ(SSL_CONF_cmd(cctx, "Certificate", ourCert), WOLFSSL_SUCCESS); ExpectIntEQ(SSL_CONF_cmd(cctx, "PrivateKey", ourKey), WOLFSSL_SUCCESS); ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS); #endif } /* cmd curves */ { #if defined(HAVE_ECC) const char* curve = "secp256r1"; ExpectIntEQ(SSL_CONF_cmd(cctx, "Curves", NULL), -3); ExpectIntEQ(SSL_CONF_cmd(cctx, "Curves", curve), WOLFSSL_SUCCESS); ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS); #endif } /* cmd CipherString */ { char* cipher = wolfSSL_get_cipher_list(0/*top priority*/); ExpectIntEQ(SSL_CONF_cmd(cctx, "CipherString", NULL), -3); ExpectIntEQ(SSL_CONF_cmd(cctx, "CipherString", cipher), WOLFSSL_SUCCESS); ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS); } /* cmd DH parameter */ { #if !defined(NO_DH) && !defined(NO_BIO) && defined(HAVE_FFDHE_3072) const char* ourdhcert = "./certs/dh3072.pem"; ExpectIntEQ(SSL_CONF_cmd(cctx, "DHParameters", NULL), -3); ExpectIntEQ(SSL_CONF_cmd(cctx, "DHParameters", ourdhcert), WOLFSSL_SUCCESS); ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS); #endif } SSL_CTX_free(ctx); SSL_CONF_CTX_free(cctx); #endif /* OPENSSL_EXTRA */ return EXPECT_RESULT(); } static int test_wolfSSL_CRYPTO_get_ex_new_index(void) { EXPECT_DECLS; #ifdef HAVE_EX_DATA int idx1, idx2; /* test for unsupported class index */ ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_X509_STORE, 0,NULL, NULL, NULL, NULL ), -1); ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index( WOLF_CRYPTO_EX_INDEX_X509_STORE_CTX, 0,NULL, NULL, NULL, NULL ), -1); ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_DH, 0,NULL, NULL, NULL, NULL ), -1); ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_DSA, 0,NULL, NULL, NULL, NULL ), -1); ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_EC_KEY, 0,NULL, NULL, NULL, NULL ), -1); ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_RSA, 0,NULL, NULL, NULL, NULL ), -1); ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_ENGINE, 0,NULL, NULL, NULL, NULL ), -1); ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_UI, 0,NULL, NULL, NULL, NULL ), -1); ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_BIO, 0,NULL, NULL, NULL, NULL ), -1); ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_APP, 0,NULL, NULL, NULL, NULL ), -1); ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_UI_METHOD, 0,NULL, NULL, NULL, NULL ), -1); ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_DRBG, 0,NULL, NULL, NULL, NULL ), -1); ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(20, 0,NULL, NULL, NULL, NULL ), -1); /* test for supported class index */ idx1 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL, 0,NULL, NULL, NULL, NULL ); idx2 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL, 0,NULL, NULL, NULL, NULL ); ExpectIntNE(idx1, -1); ExpectIntNE(idx2, -1); ExpectIntNE(idx1, idx2); idx1 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL_CTX, 0,NULL, NULL, NULL, NULL ); idx2 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL_CTX, 0,NULL, NULL, NULL, NULL ); ExpectIntNE(idx1, -1); ExpectIntNE(idx2, -1); ExpectIntNE(idx1, idx2); idx1 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_X509, 0,NULL, NULL, NULL, NULL ); idx2 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_X509, 0,NULL, NULL, NULL, NULL ); ExpectIntNE(idx1, -1); ExpectIntNE(idx2, -1); ExpectIntNE(idx1, idx2); idx1 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL_SESSION, 0,NULL, NULL, NULL, NULL ); idx2 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL_SESSION, 0,NULL, NULL, NULL, NULL ); ExpectIntNE(idx1, -1); ExpectIntNE(idx2, -1); ExpectIntNE(idx1, idx2); #endif /* HAVE_EX_DATA */ return EXPECT_RESULT(); } #if defined(HAVE_EX_DATA) && defined(HAVE_EXT_CACHE) && \ (defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && \ (defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \ defined(HAVE_LIGHTY) || defined(WOLFSSL_HAPROXY) || \ defined(WOLFSSL_OPENSSH) || defined(HAVE_SBLIM_SFCB)))) #define SESSION_NEW_IDX_LONG 0xDEADBEEF #define SESSION_NEW_IDX_VAL ((void*)0xAEADAEAD) #define SESSION_DUP_IDX_VAL ((void*)0xDEDEDEDE) #define SESSION_NEW_IDX_PTR "Testing" static void test_wolfSSL_SESSION_get_ex_new_index_new_cb(void* p, void* ptr, CRYPTO_EX_DATA* a, int idx, long argValue, void* arg) { AssertNotNull(p); AssertNull(ptr); AssertIntEQ(CRYPTO_set_ex_data(a, idx, SESSION_NEW_IDX_VAL), SSL_SUCCESS); AssertIntEQ(argValue, SESSION_NEW_IDX_LONG); AssertStrEQ(arg, SESSION_NEW_IDX_PTR); } static int test_wolfSSL_SESSION_get_ex_new_index_dup_cb(CRYPTO_EX_DATA* out, const CRYPTO_EX_DATA* in, void* inPtr, int idx, long argV, void* arg) { EXPECT_DECLS; ExpectNotNull(out); ExpectNotNull(in); ExpectPtrEq(*(void**)inPtr, SESSION_NEW_IDX_VAL); ExpectPtrEq(CRYPTO_get_ex_data(in, idx), SESSION_NEW_IDX_VAL); ExpectPtrEq(CRYPTO_get_ex_data(out, idx), SESSION_NEW_IDX_VAL); ExpectIntEQ(argV, SESSION_NEW_IDX_LONG); ExpectStrEQ(arg, SESSION_NEW_IDX_PTR); *(void**)inPtr = SESSION_DUP_IDX_VAL; if (EXPECT_SUCCESS()) { return SSL_SUCCESS; } else { return SSL_FAILURE; } } static int test_wolfSSL_SESSION_get_ex_new_index_free_cb_called = 0; static void test_wolfSSL_SESSION_get_ex_new_index_free_cb(void* p, void* ptr, CRYPTO_EX_DATA* a, int idx, long argValue, void* arg) { EXPECT_DECLS; ExpectNotNull(p); ExpectNull(ptr); ExpectPtrNE(CRYPTO_get_ex_data(a, idx), 0); ExpectIntEQ(argValue, SESSION_NEW_IDX_LONG); ExpectStrEQ(arg, SESSION_NEW_IDX_PTR); if (EXPECT_SUCCESS()) { test_wolfSSL_SESSION_get_ex_new_index_free_cb_called++; } } static int test_wolfSSL_SESSION_get_ex_new_index(void) { EXPECT_DECLS; int idx = SSL_SESSION_get_ex_new_index(SESSION_NEW_IDX_LONG, (void*)SESSION_NEW_IDX_PTR, test_wolfSSL_SESSION_get_ex_new_index_new_cb, test_wolfSSL_SESSION_get_ex_new_index_dup_cb, test_wolfSSL_SESSION_get_ex_new_index_free_cb); SSL_SESSION* s = SSL_SESSION_new(); SSL_SESSION* d = NULL; ExpectNotNull(s); ExpectPtrEq(SSL_SESSION_get_ex_data(s, idx), SESSION_NEW_IDX_VAL); ExpectNotNull(d = SSL_SESSION_dup(s)); ExpectPtrEq(SSL_SESSION_get_ex_data(d, idx), SESSION_DUP_IDX_VAL); SSL_SESSION_free(s); ExpectIntEQ(test_wolfSSL_SESSION_get_ex_new_index_free_cb_called, 1); SSL_SESSION_free(d); ExpectIntEQ(test_wolfSSL_SESSION_get_ex_new_index_free_cb_called, 2); crypto_ex_cb_free(crypto_ex_cb_ctx_session); crypto_ex_cb_ctx_session = NULL; return EXPECT_RESULT(); } #else static int test_wolfSSL_SESSION_get_ex_new_index(void) { return TEST_SKIPPED; } #endif static int test_wolfSSL_set_psk_use_session_callback(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_PSK) SSL_CTX* ctx = NULL; SSL* ssl = NULL; const char* testCertFile; const char* testKeyFile; #ifdef WOLFSSL_TLS13 #ifdef NO_WOLFSSL_SERVER ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method())); #endif #else #ifdef NO_WOLFSSL_SERVER ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); #endif #endif #ifndef NO_RSA testCertFile = svrCertFile; testKeyFile = svrKeyFile; #elif defined(HAVE_ECC) testCertFile = eccCertFile; testKeyFile = eccKeyFile; #else testCertFile = NULL; testKeyFile = NULL; #endif if ((testCertFile != NULL) && (testKeyFile != NULL)) { ExpectTrue(SSL_CTX_use_certificate_file(ctx, testCertFile, SSL_FILETYPE_PEM)); ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, testKeyFile, SSL_FILETYPE_PEM)); } ExpectNotNull(ssl = SSL_new(ctx)); SSL_set_psk_use_session_callback(ssl, my_psk_use_session_cb); SSL_CTX_free(ctx); SSL_free(ssl); #endif return EXPECT_RESULT(); } static int test_wolfSSL_ERR_strings(void) { EXPECT_DECLS; #if !defined(NO_ERROR_STRINGS) const char* err1 = "unsupported cipher suite"; const char* err2 = "wolfSSL PEM routines"; const char* err = NULL; (void)err; (void)err1; (void)err2; #if defined(OPENSSL_EXTRA) ExpectNotNull(err = ERR_reason_error_string(UNSUPPORTED_SUITE)); ExpectIntEQ(XSTRNCMP(err, err1, XSTRLEN(err1)), 0); ExpectNotNull(err = ERR_func_error_string(UNSUPPORTED_SUITE)); ExpectIntEQ((*err == '\0'), 1); ExpectNotNull(err = ERR_lib_error_string(PEM_R_PROBLEMS_GETTING_PASSWORD)); ExpectIntEQ(XSTRNCMP(err, err2, XSTRLEN(err2)), 0); #else ExpectNotNull(err = wolfSSL_ERR_reason_error_string(UNSUPPORTED_SUITE)); ExpectIntEQ(XSTRNCMP(err, err1, XSTRLEN(err1)), 0); ExpectNotNull(err = wolfSSL_ERR_func_error_string(UNSUPPORTED_SUITE)); ExpectIntEQ((*err == '\0'), 1); /* The value -MIN_CODE_E+2 is PEM_R_PROBLEMS_GETTING_PASSWORD. */ ExpectNotNull(err = wolfSSL_ERR_lib_error_string(-MIN_CODE_E+2)); ExpectIntEQ((*err == '\0'), 1); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_shake128(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA3) && \ defined(WOLFSSL_SHAKE128) const EVP_MD* md = NULL; ExpectNotNull(md = EVP_shake128()); ExpectIntEQ(XSTRNCMP(md, "SHAKE128", XSTRLEN("SHAKE128")), 0); #endif return EXPECT_RESULT(); } static int test_wolfSSL_EVP_shake256(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA3) && \ defined(WOLFSSL_SHAKE256) const EVP_MD* md = NULL; ExpectNotNull(md = EVP_shake256()); ExpectIntEQ(XSTRNCMP(md, "SHAKE256", XSTRLEN("SHAKE256")), 0); #endif return EXPECT_RESULT(); } /* * Testing EVP digest API with SM3 */ static int test_wolfSSL_EVP_sm3(void) { int res = TEST_SKIPPED; #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM3) EXPECT_DECLS; const EVP_MD* md = NULL; EVP_MD_CTX* mdCtx = NULL; byte data[WC_SM3_BLOCK_SIZE * 4]; byte hash[WC_SM3_DIGEST_SIZE]; byte calcHash[WC_SM3_DIGEST_SIZE]; byte expHash[WC_SM3_DIGEST_SIZE] = { 0x38, 0x48, 0x15, 0xa7, 0x0e, 0xae, 0x0b, 0x27, 0x5c, 0xde, 0x9d, 0xa5, 0xd1, 0xa4, 0x30, 0xa1, 0xca, 0xd4, 0x54, 0x58, 0x44, 0xa2, 0x96, 0x1b, 0xd7, 0x14, 0x80, 0x3f, 0x80, 0x1a, 0x07, 0xb6 }; word32 chunk; word32 i; unsigned int sz; int ret; XMEMSET(data, 0, sizeof(data)); md = EVP_sm3(); ExpectTrue(md != NULL); ExpectIntEQ(XSTRNCMP(md, "SM3", XSTRLEN("SM3")), 0); mdCtx = EVP_MD_CTX_new(); ExpectTrue(mdCtx != NULL); /* Invalid Parameters */ ExpectIntEQ(EVP_DigestInit(NULL, md), BAD_FUNC_ARG); /* Valid Parameters */ ExpectIntEQ(EVP_DigestInit(mdCtx, md), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_DigestUpdate(NULL, NULL, 1), WOLFSSL_FAILURE); ExpectIntEQ(EVP_DigestUpdate(mdCtx, NULL, 1), WOLFSSL_FAILURE); ExpectIntEQ(EVP_DigestUpdate(NULL, data, 1), WOLFSSL_FAILURE); /* Valid Parameters */ ExpectIntEQ(EVP_DigestUpdate(mdCtx, NULL, 0), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, 1), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, 1), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, WC_SM3_BLOCK_SIZE), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, WC_SM3_BLOCK_SIZE - 2), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, WC_SM3_BLOCK_SIZE * 2), WOLFSSL_SUCCESS); /* Ensure too many bytes for lengths. */ ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, WC_SM3_PAD_SIZE), WOLFSSL_SUCCESS); /* Invalid Parameters */ ExpectIntEQ(EVP_DigestFinal(NULL, NULL, NULL), WOLFSSL_FAILURE); ExpectIntEQ(EVP_DigestFinal(mdCtx, NULL, NULL), WOLFSSL_FAILURE); ExpectIntEQ(EVP_DigestFinal(NULL, hash, NULL), WOLFSSL_FAILURE); ExpectIntEQ(EVP_DigestFinal(NULL, hash, NULL), WOLFSSL_FAILURE); ExpectIntEQ(EVP_DigestFinal(mdCtx, NULL, NULL), WOLFSSL_FAILURE); /* Valid Parameters */ ExpectIntEQ(EVP_DigestFinal(mdCtx, hash, NULL), WOLFSSL_SUCCESS); ExpectBufEQ(hash, expHash, WC_SM3_DIGEST_SIZE); /* Chunk tests. */ ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, sizeof(data)), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_DigestFinal(mdCtx, calcHash, &sz), WOLFSSL_SUCCESS); ExpectIntEQ(sz, WC_SM3_DIGEST_SIZE); for (chunk = 1; chunk <= WC_SM3_BLOCK_SIZE + 1; chunk++) { for (i = 0; i + chunk <= (word32)sizeof(data); i += chunk) { ExpectIntEQ(EVP_DigestUpdate(mdCtx, data + i, chunk), WOLFSSL_SUCCESS); } if (i < (word32)sizeof(data)) { ExpectIntEQ(EVP_DigestUpdate(mdCtx, data + i, (word32)sizeof(data) - i), WOLFSSL_SUCCESS); } ExpectIntEQ(EVP_DigestFinal(mdCtx, hash, NULL), WOLFSSL_SUCCESS); ExpectBufEQ(hash, calcHash, WC_SM3_DIGEST_SIZE); } /* Not testing when the low 32-bit length overflows. */ ret = EVP_MD_CTX_cleanup(mdCtx); ExpectIntEQ(ret, WOLFSSL_SUCCESS); wolfSSL_EVP_MD_CTX_free(mdCtx); res = EXPECT_RESULT(); #endif return res; } /* END test_EVP_sm3 */ static int test_EVP_blake2(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && (defined(HAVE_BLAKE2) || defined(HAVE_BLAKE2S)) const EVP_MD* md = NULL; (void)md; #if defined(HAVE_BLAKE2) ExpectNotNull(md = EVP_blake2b512()); ExpectIntEQ(XSTRNCMP(md, "BLAKE2B512", XSTRLEN("BLAKE2B512")), 0); #endif #if defined(HAVE_BLAKE2S) ExpectNotNull(md = EVP_blake2s256()); ExpectIntEQ(XSTRNCMP(md, "BLAKE2S256", XSTRLEN("BLAKE2S256")), 0); #endif #endif return EXPECT_RESULT(); } #if defined(OPENSSL_EXTRA) static void list_md_fn(const EVP_MD* m, const char* from, const char* to, void* arg) { const char* mn; BIO *bio; (void) from; (void) to; (void) arg; (void) mn; (void) bio; if (!m) { /* alias */ AssertNull(m); AssertNotNull(to); } else { AssertNotNull(m); AssertNull(to); } AssertNotNull(from); #if !defined(NO_FILESYSTEM) && defined(DEBUG_WOLFSSL_VERBOSE) mn = EVP_get_digestbyname(from); /* print to stderr */ AssertNotNull(arg); bio = BIO_new(BIO_s_file()); BIO_set_fp(bio, arg, BIO_NOCLOSE); BIO_printf(bio, "Use %s message digest algorithm\n", mn); BIO_free(bio); #endif } #endif static int test_EVP_MD_do_all(void) { int res = TEST_SKIPPED; #if defined(OPENSSL_EXTRA) EVP_MD_do_all(NULL, stderr); EVP_MD_do_all(list_md_fn, stderr); res = TEST_SUCCESS; #endif return res; } #if defined(OPENSSL_EXTRA) static void obj_name_t(const OBJ_NAME* nm, void* arg) { (void)arg; (void)nm; AssertIntGT(nm->type, OBJ_NAME_TYPE_UNDEF); #if !defined(NO_FILESYSTEM) && defined(DEBUG_WOLFSSL_VERBOSE) /* print to stderr */ AssertNotNull(arg); BIO *bio = BIO_new(BIO_s_file()); BIO_set_fp(bio, arg, BIO_NOCLOSE); BIO_printf(bio, "%s\n", nm); BIO_free(bio); #endif } #endif static int test_OBJ_NAME_do_all(void) { int res = TEST_SKIPPED; #if defined(OPENSSL_EXTRA) OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH, NULL, NULL); OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH, NULL, stderr); OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH, obj_name_t, stderr); OBJ_NAME_do_all(OBJ_NAME_TYPE_PKEY_METH, obj_name_t, stderr); OBJ_NAME_do_all(OBJ_NAME_TYPE_COMP_METH, obj_name_t, stderr); OBJ_NAME_do_all(OBJ_NAME_TYPE_NUM, obj_name_t, stderr); OBJ_NAME_do_all(OBJ_NAME_TYPE_UNDEF, obj_name_t, stderr); OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH, obj_name_t, stderr); OBJ_NAME_do_all(-1, obj_name_t, stderr); res = TEST_SUCCESS; #endif return res; } static int test_SSL_CIPHER_get_xxx(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) const SSL_CIPHER* cipher = NULL; STACK_OF(SSL_CIPHER) *supportedCiphers = NULL; int i, numCiphers = 0; SSL_CTX* ctx = NULL; SSL* ssl = NULL; const char* testCertFile; const char* testKeyFile; char buf[256] = {0}; const char* cipher_id = NULL; int expect_nid1 = NID_undef; int expect_nid2 = NID_undef; int expect_nid3 = NID_undef; int expect_nid4 = NID_undef; int expect_nid5 = 0; const char* cipher_id2 = NULL; int expect_nid21 = NID_undef; int expect_nid22 = NID_undef; int expect_nid23 = NID_undef; int expect_nid24 = NID_undef; int expect_nid25 = 0; (void)cipher; (void)supportedCiphers; (void)i; (void)numCiphers; (void)ctx; (void)ssl; (void)testCertFile; (void)testKeyFile; #if defined(WOLFSSL_TLS13) cipher_id = "TLS13-AES128-GCM-SHA256"; expect_nid1 = NID_auth_rsa; expect_nid2 = NID_aes_128_gcm; expect_nid3 = NID_sha256; expect_nid4 = NID_kx_any; expect_nid5 = 1; #if !defined(WOLFSSL_NO_TLS12) cipher_id2 = "ECDHE-RSA-AES256-GCM-SHA384"; expect_nid21 = NID_auth_rsa; expect_nid22 = NID_aes_256_gcm; expect_nid23 = NID_sha384; expect_nid24 = NID_kx_ecdhe; expect_nid25 = 1; #endif #endif #ifdef NO_WOLFSSL_SERVER ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); #else ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); #endif if (cipher_id) { #ifndef NO_RSA testCertFile = svrCertFile; testKeyFile = svrKeyFile; #elif defined(HAVE_ECC) testCertFile = eccCertFile; testKeyFile = eccKeyFile; #else testCertFile = NULL; testKeyFile = NULL; #endif if (testCertFile != NULL && testKeyFile != NULL) { ExpectTrue(SSL_CTX_use_certificate_file(ctx, testCertFile, SSL_FILETYPE_PEM)); ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, testKeyFile, SSL_FILETYPE_PEM)); } ExpectNotNull(ssl = SSL_new(ctx)); ExpectIntEQ(SSL_in_init(ssl), 1); supportedCiphers = SSL_get_ciphers(ssl); numCiphers = sk_num(supportedCiphers); for (i = 0; i < numCiphers; ++i) { if ((cipher = (const WOLFSSL_CIPHER*)sk_value(supportedCiphers, i))) { SSL_CIPHER_description(cipher, buf, sizeof(buf)); } if (XMEMCMP(cipher_id, buf, XSTRLEN(cipher_id)) == 0) { break; } } /* test case for */ if (i != numCiphers) { ExpectIntEQ(wolfSSL_CIPHER_get_auth_nid(cipher), expect_nid1); ExpectIntEQ(wolfSSL_CIPHER_get_cipher_nid(cipher), expect_nid2); ExpectIntEQ(wolfSSL_CIPHER_get_digest_nid(cipher), expect_nid3); ExpectIntEQ(wolfSSL_CIPHER_get_kx_nid(cipher), expect_nid4); ExpectIntEQ(wolfSSL_CIPHER_is_aead(cipher), expect_nid5); } if (cipher_id2) { for (i = 0; i < numCiphers; ++i) { if ((cipher = (const WOLFSSL_CIPHER*)sk_value(supportedCiphers, i))) { SSL_CIPHER_description(cipher, buf, sizeof(buf)); } if (XMEMCMP(cipher_id2, buf, XSTRLEN(cipher_id2)) == 0) { break; } } /* test case for */ if (i != numCiphers) { ExpectIntEQ(wolfSSL_CIPHER_get_auth_nid(cipher), expect_nid21); ExpectIntEQ(wolfSSL_CIPHER_get_cipher_nid(cipher), expect_nid22); ExpectIntEQ(wolfSSL_CIPHER_get_digest_nid(cipher), expect_nid23); ExpectIntEQ(wolfSSL_CIPHER_get_kx_nid(cipher), expect_nid24); ExpectIntEQ(wolfSSL_CIPHER_is_aead(cipher), expect_nid25); } } } SSL_CTX_free(ctx); SSL_free(ssl); #endif return EXPECT_RESULT(); } #if defined(WOLF_CRYPTO_CB) && defined(HAVE_IO_TESTS_DEPENDENCIES) static int load_pem_key_file_as_der(const char* privKeyFile, DerBuffer** pDer, int* keyFormat) { int ret; byte* key_buf = NULL; size_t key_sz = 0; EncryptedInfo encInfo; XMEMSET(&encInfo, 0, sizeof(encInfo)); ret = load_file(privKeyFile, &key_buf, &key_sz); if (ret == 0) { ret = wc_PemToDer(key_buf, key_sz, PRIVATEKEY_TYPE, pDer, NULL, &encInfo, keyFormat); } if (key_buf != NULL) { free(key_buf); key_buf = NULL; } (void)encInfo; /* not used in this test */ #ifdef DEBUG_WOLFSSL fprintf(stderr, "%s (%d): Loading PEM %s (len %d) to DER (len %d)\n", (ret == 0) ? "Success" : "Failure", ret, privKeyFile, (int)key_sz, (*pDer)->length); #endif return ret; } static int test_CryptoCb_Func(int thisDevId, wc_CryptoInfo* info, void* ctx) { int ret = CRYPTOCB_UNAVAILABLE; const char* privKeyFile = (const char*)ctx; DerBuffer* pDer = NULL; int keyFormat = 0; if (info->algo_type == WC_ALGO_TYPE_PK) { #ifdef DEBUG_WOLFSSL fprintf(stderr, "test_CryptoCb_Func: Pk Type %d\n", info->pk.type); #endif #ifndef NO_RSA if (info->pk.type == WC_PK_TYPE_RSA) { switch (info->pk.rsa.type) { case RSA_PUBLIC_ENCRYPT: case RSA_PUBLIC_DECRYPT: /* perform software based RSA public op */ ret = CRYPTOCB_UNAVAILABLE; /* fallback to software */ break; case RSA_PRIVATE_ENCRYPT: case RSA_PRIVATE_DECRYPT: { RsaKey key; /* perform software based RSA private op */ #ifdef DEBUG_WOLFSSL fprintf(stderr, "test_CryptoCb_Func: RSA Priv\n"); #endif ret = load_pem_key_file_as_der(privKeyFile, &pDer, &keyFormat); if (ret != 0) { return ret; } ret = wc_InitRsaKey(&key, HEAP_HINT); if (ret == 0) { word32 keyIdx = 0; /* load RSA private key and perform private transform */ ret = wc_RsaPrivateKeyDecode(pDer->buffer, &keyIdx, &key, pDer->length); if (ret == 0) { ret = wc_RsaFunction( info->pk.rsa.in, info->pk.rsa.inLen, info->pk.rsa.out, info->pk.rsa.outLen, info->pk.rsa.type, &key, info->pk.rsa.rng); } else { /* if decode fails, then fall-back to software based crypto */ fprintf(stderr, "test_CryptoCb_Func: RSA private " "key decode failed %d, falling back to " "software\n", ret); ret = CRYPTOCB_UNAVAILABLE; } wc_FreeRsaKey(&key); } wc_FreeDer(&pDer); pDer = NULL; break; } } #ifdef DEBUG_WOLFSSL fprintf(stderr, "test_CryptoCb_Func: RSA Type %d, Ret %d, Out %d\n", info->pk.rsa.type, ret, *info->pk.rsa.outLen); #endif } #endif /* !NO_RSA */ #ifdef HAVE_ECC if (info->pk.type == WC_PK_TYPE_EC_KEYGEN) { /* mark this key as ephemeral */ if (info->pk.eckg.key != NULL) { XSTRNCPY(info->pk.eckg.key->label, "ephemeral", sizeof(info->pk.eckg.key->label)); info->pk.eckg.key->labelLen = (int)XSTRLEN(info->pk.eckg.key->label); } } else if (info->pk.type == WC_PK_TYPE_ECDSA_SIGN) { ecc_key key; /* perform software based ECC sign */ #ifdef DEBUG_WOLFSSL fprintf(stderr, "test_CryptoCb_Func: ECC Sign\n"); #endif if (info->pk.eccsign.key != NULL && XSTRCMP(info->pk.eccsign.key->label, "ephemeral") == 0) { /* this is an empheral key */ #ifdef DEBUG_WOLFSSL fprintf(stderr, "test_CryptoCb_Func: skipping signing op on " "ephemeral key\n"); #endif return CRYPTOCB_UNAVAILABLE; } ret = load_pem_key_file_as_der(privKeyFile, &pDer, &keyFormat); if (ret != 0) { return ret; } ret = wc_ecc_init(&key); if (ret == 0) { word32 keyIdx = 0; /* load ECC private key and perform private transform */ ret = wc_EccPrivateKeyDecode(pDer->buffer, &keyIdx, &key, pDer->length); if (ret == 0) { ret = wc_ecc_sign_hash( info->pk.eccsign.in, info->pk.eccsign.inlen, info->pk.eccsign.out, info->pk.eccsign.outlen, info->pk.eccsign.rng, &key); } else { /* if decode fails, then fall-back to software based crypto */ fprintf(stderr, "test_CryptoCb_Func: ECC private key " "decode failed %d, falling back to software\n", ret); ret = CRYPTOCB_UNAVAILABLE; } wc_ecc_free(&key); } wc_FreeDer(&pDer); pDer = NULL; #ifdef DEBUG_WOLFSSL fprintf(stderr, "test_CryptoCb_Func: ECC Ret %d, Out %d\n", ret, *info->pk.eccsign.outlen); #endif } #endif /* HAVE_ECC */ #ifdef HAVE_ED25519 if (info->pk.type == WC_PK_TYPE_ED25519_SIGN) { ed25519_key key; /* perform software based ED25519 sign */ #ifdef DEBUG_WOLFSSL fprintf(stderr, "test_CryptoCb_Func: ED25519 Sign\n"); #endif ret = load_pem_key_file_as_der(privKeyFile, &pDer, &keyFormat); if (ret != 0) { return ret; } ret = wc_ed25519_init(&key); if (ret == 0) { word32 keyIdx = 0; /* load ED25519 private key and perform private transform */ ret = wc_Ed25519PrivateKeyDecode(pDer->buffer, &keyIdx, &key, pDer->length); if (ret == 0) { /* calculate public key */ ret = wc_ed25519_make_public(&key, key.p, ED25519_PUB_KEY_SIZE); if (ret == 0) { key.pubKeySet = 1; ret = wc_ed25519_sign_msg_ex( info->pk.ed25519sign.in, info->pk.ed25519sign.inLen, info->pk.ed25519sign.out, info->pk.ed25519sign.outLen, &key, info->pk.ed25519sign.type, info->pk.ed25519sign.context, info->pk.ed25519sign.contextLen); } } else { /* if decode fails, then fall-back to software based crypto */ fprintf(stderr, "test_CryptoCb_Func: ED25519 private key " "decode failed %d, falling back to software\n", ret); ret = CRYPTOCB_UNAVAILABLE; } wc_ed25519_free(&key); } wc_FreeDer(&pDer); pDer = NULL; #ifdef DEBUG_WOLFSSL fprintf(stderr, "test_CryptoCb_Func: ED25519 Ret %d, Out %d\n", ret, *info->pk.ed25519sign.outLen); #endif } #endif /* HAVE_ED25519 */ } (void)thisDevId; (void)keyFormat; return ret; } /* tlsVer: WOLFSSL_TLSV1_2 or WOLFSSL_TLSV1_3 */ static int test_wc_CryptoCb_TLS(int tlsVer, const char* cliCaPemFile, const char* cliCertPemFile, const char* cliPrivKeyPemFile, const char* cliPubKeyPemFile, const char* svrCaPemFile, const char* svrCertPemFile, const char* svrPrivKeyPemFile, const char* svrPubKeyPemFile) { EXPECT_DECLS; callback_functions client_cbf; callback_functions server_cbf; XMEMSET(&client_cbf, 0, sizeof(client_cbf)); XMEMSET(&server_cbf, 0, sizeof(server_cbf)); if (tlsVer == WOLFSSL_TLSV1_3) { #ifdef WOLFSSL_TLS13 server_cbf.method = wolfTLSv1_3_server_method; client_cbf.method = wolfTLSv1_3_client_method; #endif } else if (tlsVer == WOLFSSL_TLSV1_2) { #ifndef WOLFSSL_NO_TLS12 server_cbf.method = wolfTLSv1_2_server_method; client_cbf.method = wolfTLSv1_2_client_method; #endif } else if (tlsVer == WOLFSSL_TLSV1_1) { #ifndef NO_OLD_TLS server_cbf.method = wolfTLSv1_1_server_method; client_cbf.method = wolfTLSv1_1_client_method; #endif } else if (tlsVer == WOLFSSL_TLSV1) { #if !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_TLSV10) server_cbf.method = wolfTLSv1_server_method; client_cbf.method = wolfTLSv1_client_method; #endif } else if (tlsVer == WOLFSSL_SSLV3) { #if !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_SSLV3) && \ defined(WOLFSSL_STATIC_RSA) server_cbf.method = wolfSSLv3_server_method; client_cbf.method = wolfSSLv3_client_method; #endif } else if (tlsVer == WOLFSSL_DTLSV1_2) { #if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) server_cbf.method = wolfDTLSv1_2_server_method; client_cbf.method = wolfDTLSv1_2_client_method; #endif } else if (tlsVer == WOLFSSL_DTLSV1) { #if defined(WOLFSSL_DTLS) && !defined(NO_OLD_TLS) server_cbf.method = wolfDTLSv1_server_method; client_cbf.method = wolfDTLSv1_client_method; #endif } if (server_cbf.method == NULL) { /* not enabled */ return TEST_SUCCESS; } /* Setup the keys for the TLS test */ client_cbf.certPemFile = cliCertPemFile; client_cbf.keyPemFile = cliPubKeyPemFile; client_cbf.caPemFile = cliCaPemFile; server_cbf.certPemFile = svrCertPemFile; server_cbf.keyPemFile = svrPubKeyPemFile; server_cbf.caPemFile = svrCaPemFile; /* Setup a crypto callback with pointer to private key file for testing */ client_cbf.devId = 1; wc_CryptoCb_RegisterDevice(client_cbf.devId, test_CryptoCb_Func, (void*)cliPrivKeyPemFile); server_cbf.devId = 2; wc_CryptoCb_RegisterDevice(server_cbf.devId, test_CryptoCb_Func, (void*)svrPrivKeyPemFile); /* Perform TLS server and client test */ /* First test is at WOLFSSL_CTX level */ test_wolfSSL_client_server(&client_cbf, &server_cbf); /* Check for success */ ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS); ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS); if (EXPECT_SUCCESS()) { /* Second test is a WOLFSSL object level */ client_cbf.loadToSSL = 1; server_cbf.loadToSSL = 1; test_wolfSSL_client_server(&client_cbf, &server_cbf); } /* Check for success */ ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS); ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS); /* Un register the devId's */ wc_CryptoCb_UnRegisterDevice(client_cbf.devId); client_cbf.devId = INVALID_DEVID; wc_CryptoCb_UnRegisterDevice(server_cbf.devId); server_cbf.devId = INVALID_DEVID; return EXPECT_RESULT(); } #endif /* WOLF_CRYPTO_CB && HAVE_IO_TESTS_DEPENDENCIES */ static int test_wc_CryptoCb(void) { EXPECT_DECLS; #ifdef WOLF_CRYPTO_CB /* TODO: Add crypto callback API tests */ #ifdef HAVE_IO_TESTS_DEPENDENCIES #if !defined(NO_RSA) || defined(HAVE_ECC) || defined(HAVE_ED25519) int tlsVer; #endif #ifndef NO_RSA for (tlsVer = WOLFSSL_SSLV3; tlsVer <= WOLFSSL_DTLSV1; tlsVer++) { ExpectIntEQ(test_wc_CryptoCb_TLS(tlsVer, svrCertFile, cliCertFile, cliKeyFile, cliKeyPubFile, cliCertFile, svrCertFile, svrKeyFile, svrKeyPubFile), TEST_SUCCESS); } #endif #ifdef HAVE_ECC for (tlsVer = WOLFSSL_TLSV1; tlsVer <= WOLFSSL_DTLSV1; tlsVer++) { ExpectIntEQ(test_wc_CryptoCb_TLS(tlsVer, caEccCertFile, cliEccCertFile, cliEccKeyFile, cliEccKeyPubFile, cliEccCertFile, eccCertFile, eccKeyFile, eccKeyPubFile), TEST_SUCCESS); } #endif #ifdef HAVE_ED25519 for (tlsVer = WOLFSSL_TLSV1_2; tlsVer <= WOLFSSL_DTLSV1_2; tlsVer++) { if (tlsVer == WOLFSSL_DTLSV1) continue; ExpectIntEQ(test_wc_CryptoCb_TLS(tlsVer, caEdCertFile, cliEdCertFile, cliEdKeyFile, cliEdKeyPubFile, cliEdCertFile, edCertFile, edKeyFile, edKeyPubFile), TEST_SUCCESS); } #endif #endif /* HAVE_IO_TESTS_DEPENDENCIES */ #endif /* WOLF_CRYPTO_CB */ return EXPECT_RESULT(); } #if defined(WOLFSSL_STATIC_MEMORY) && defined(HAVE_IO_TESTS_DEPENDENCIES) /* tlsVer: Example: WOLFSSL_TLSV1_2 or WOLFSSL_TLSV1_3 */ static int test_wolfSSL_CTX_StaticMemory_TLS(int tlsVer, const char* cliCaPemFile, const char* cliCertPemFile, const char* cliPrivKeyPemFile, const char* svrCaPemFile, const char* svrCertPemFile, const char* svrPrivKeyPemFile, byte* cliMem, word32 cliMemSz, byte* svrMem, word32 svrMemSz) { EXPECT_DECLS; callback_functions client_cbf; callback_functions server_cbf; XMEMSET(&client_cbf, 0, sizeof(client_cbf)); XMEMSET(&server_cbf, 0, sizeof(server_cbf)); if (tlsVer == WOLFSSL_TLSV1_3) { #ifdef WOLFSSL_TLS13 server_cbf.method_ex = wolfTLSv1_3_server_method_ex; client_cbf.method_ex = wolfTLSv1_3_client_method_ex; #endif } else if (tlsVer == WOLFSSL_TLSV1_2) { #ifndef WOLFSSL_NO_TLS12 server_cbf.method_ex = wolfTLSv1_2_server_method_ex; client_cbf.method_ex = wolfTLSv1_2_client_method_ex; #endif } else if (tlsVer == WOLFSSL_TLSV1_1) { #ifndef NO_OLD_TLS server_cbf.method_ex = wolfTLSv1_1_server_method_ex; client_cbf.method_ex = wolfTLSv1_1_client_method_ex; #endif } else if (tlsVer == WOLFSSL_TLSV1) { #if !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_TLSV10) server_cbf.method_ex = wolfTLSv1_server_method_ex; client_cbf.method_ex = wolfTLSv1_client_method_ex; #endif } else if (tlsVer == WOLFSSL_SSLV3) { #if !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_SSLV3) && \ defined(WOLFSSL_STATIC_RSA) server_cbf.method_ex = wolfSSLv3_server_method_ex; client_cbf.method_ex = wolfSSLv3_client_method_ex; #endif } else if (tlsVer == WOLFSSL_DTLSV1_2) { #if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) server_cbf.method_ex = wolfDTLSv1_2_server_method_ex; client_cbf.method_ex = wolfDTLSv1_2_client_method_ex; #endif } else if (tlsVer == WOLFSSL_DTLSV1) { #if defined(WOLFSSL_DTLS) && !defined(NO_OLD_TLS) server_cbf.method_ex = wolfDTLSv1_server_method_ex; client_cbf.method_ex = wolfDTLSv1_client_method_ex; #endif } if (server_cbf.method_ex == NULL) { /* not enabled */ return TEST_SUCCESS; } /* Setup the keys for the TLS test */ client_cbf.certPemFile = cliCertPemFile; client_cbf.keyPemFile = cliPrivKeyPemFile; client_cbf.caPemFile = cliCaPemFile; server_cbf.certPemFile = svrCertPemFile; server_cbf.keyPemFile = svrPrivKeyPemFile; server_cbf.caPemFile = svrCaPemFile; client_cbf.mem = cliMem; client_cbf.memSz = cliMemSz; server_cbf.mem = svrMem; server_cbf.memSz = svrMemSz; client_cbf.devId = INVALID_DEVID; server_cbf.devId = INVALID_DEVID; /* Perform TLS server and client test */ /* First test is at WOLFSSL_CTX level */ test_wolfSSL_client_server(&client_cbf, &server_cbf); /* Check for success */ ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS); ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS); if (EXPECT_SUCCESS()) { /* Second test is a WOLFSSL object level */ client_cbf.loadToSSL = 1; server_cbf.loadToSSL = 1; test_wolfSSL_client_server(&client_cbf, &server_cbf); } /* Check for success */ ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS); ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS); return EXPECT_RESULT(); } #endif /* WOLFSSL_STATIC_MEMORY && HAVE_IO_TESTS_DEPENDENCIES */ #if defined(WOLFSSL_STATIC_MEMORY) && !defined(WOLFCRYPT_ONLY) static int test_wolfSSL_CTX_StaticMemory_SSL(WOLFSSL_CTX* ctx) { EXPECT_DECLS; WOLFSSL *ssl1 = NULL, *ssl2 = NULL, *ssl3 = NULL; WOLFSSL_MEM_STATS mem_stats; WOLFSSL_MEM_CONN_STATS ssl_stats; #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) ExpectIntEQ(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); #endif ExpectNotNull((ssl1 = wolfSSL_new(ctx))); ExpectNotNull((ssl2 = wolfSSL_new(ctx))); /* this should fail because kMaxCtxClients == 2 */ ExpectNull((ssl3 = wolfSSL_new(ctx))); if (wolfSSL_is_static_memory(ssl1, &ssl_stats) == 1) { #ifdef DEBUG_WOLFSSL wolfSSL_PrintStatsConn(&ssl_stats); #endif (void)ssl_stats; } /* display collected statistics */ if (wolfSSL_CTX_is_static_memory(ctx, &mem_stats) == 1) { #ifdef DEBUG_WOLFSSL wolfSSL_PrintStats(&mem_stats); #endif (void)mem_stats; } wolfSSL_free(ssl1); wolfSSL_free(ssl2); return EXPECT_RESULT(); } #endif /* WOLFSSL_STATIC_MEMORY && !WOLFCRYPT_ONLY */ static int test_wolfSSL_CTX_StaticMemory(void) { EXPECT_DECLS; #if defined(WOLFSSL_STATIC_MEMORY) && !defined(WOLFCRYPT_ONLY) wolfSSL_method_func method_func; WOLFSSL_CTX* ctx; const int kMaxCtxClients = 2; #ifdef HAVE_IO_TESTS_DEPENDENCIES #if !defined(NO_RSA) || defined(HAVE_ECC) || defined(HAVE_ED25519) int tlsVer; byte cliMem[TEST_TLS_STATIC_MEMSZ]; #endif #endif byte svrMem[TEST_TLS_STATIC_MEMSZ]; #ifndef NO_WOLFSSL_SERVER #ifndef WOLFSSL_NO_TLS12 method_func = wolfTLSv1_2_server_method_ex; #else method_func = wolfTLSv1_3_server_method_ex; #endif #else #ifndef WOLFSSL_NO_TLS12 method_func = wolfTLSv1_2_client_method_ex; #else method_func = wolfTLSv1_3_client_method_ex; #endif #endif /* Test creating CTX directly from static memory pool */ ctx = NULL; ExpectIntEQ(wolfSSL_CTX_load_static_memory(&ctx, method_func, svrMem, sizeof(svrMem), 0, kMaxCtxClients), WOLFSSL_SUCCESS); ExpectIntEQ(test_wolfSSL_CTX_StaticMemory_SSL(ctx), TEST_SUCCESS); wolfSSL_CTX_free(ctx); ctx = NULL; /* Test for heap allocated CTX, then assigning static pool to it */ ExpectNotNull(ctx = wolfSSL_CTX_new(method_func(NULL))); ExpectIntEQ(wolfSSL_CTX_load_static_memory(&ctx, NULL, svrMem, sizeof(svrMem), 0, kMaxCtxClients), WOLFSSL_SUCCESS); ExpectIntEQ(test_wolfSSL_CTX_StaticMemory_SSL(ctx), TEST_SUCCESS); wolfSSL_CTX_free(ctx); /* TLS Level Tests using static memory */ #ifdef HAVE_IO_TESTS_DEPENDENCIES #ifndef NO_RSA for (tlsVer = WOLFSSL_SSLV3; tlsVer <= WOLFSSL_DTLSV1; tlsVer++) { ExpectIntEQ(test_wolfSSL_CTX_StaticMemory_TLS(tlsVer, svrCertFile, cliCertFile, cliKeyFile, cliCertFile, svrCertFile, svrKeyFile, cliMem, (word32)sizeof(cliMem), svrMem, (word32)sizeof(svrMem)), TEST_SUCCESS); } #endif #ifdef HAVE_ECC for (tlsVer = WOLFSSL_TLSV1; tlsVer <= WOLFSSL_DTLSV1; tlsVer++) { ExpectIntEQ(test_wolfSSL_CTX_StaticMemory_TLS(tlsVer, caEccCertFile, cliEccCertFile, cliEccKeyFile, cliEccCertFile, eccCertFile, eccKeyFile, cliMem, (word32)sizeof(cliMem), svrMem, (word32)sizeof(svrMem)), TEST_SUCCESS); } #endif #ifdef HAVE_ED25519 for (tlsVer = WOLFSSL_TLSV1_2; tlsVer <= WOLFSSL_DTLSV1_2; tlsVer++) { if (tlsVer == WOLFSSL_DTLSV1) continue; ExpectIntEQ(test_wolfSSL_CTX_StaticMemory_TLS(tlsVer, caEdCertFile, cliEdCertFile, cliEdKeyFile, cliEdCertFile, edCertFile, edKeyFile, cliMem, (word32)sizeof(cliMem), svrMem, (word32)sizeof(svrMem)), TEST_SUCCESS); } #endif #endif /* HAVE_IO_TESTS_DEPENDENCIES */ #endif /* WOLFSSL_STATIC_MEMORY && !WOLFCRYPT_ONLY */ return EXPECT_RESULT(); } static int test_openssl_FIPS_drbg(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(WC_NO_RNG) && defined(HAVE_HASHDRBG) DRBG_CTX* dctx = NULL; byte data1[32], data2[32], zeroData[32]; byte testSeed[16]; size_t dlen = sizeof(data1); int i; XMEMSET(data1, 0, dlen); XMEMSET(data2, 0, dlen); XMEMSET(zeroData, 0, sizeof(zeroData)); for (i = 0; i < (int)sizeof(testSeed); i++) { testSeed[i] = (byte)i; } ExpectNotNull(dctx = FIPS_get_default_drbg()); ExpectIntEQ(FIPS_drbg_init(dctx, 0, 0), WOLFSSL_SUCCESS); ExpectIntEQ(FIPS_drbg_set_callbacks(dctx, NULL, NULL, 20, NULL, NULL), WOLFSSL_SUCCESS); ExpectIntEQ(FIPS_drbg_instantiate(dctx, NULL, 0), WOLFSSL_SUCCESS); ExpectIntEQ(FIPS_drbg_generate(dctx, data1, dlen, 0, NULL, 0), WOLFSSL_SUCCESS); ExpectIntNE(XMEMCMP(data1, zeroData, dlen), 0); ExpectIntEQ(FIPS_drbg_reseed(dctx, testSeed, sizeof(testSeed)), WOLFSSL_SUCCESS); ExpectIntEQ(FIPS_drbg_generate(dctx, data2, dlen, 0, NULL, 0), WOLFSSL_SUCCESS); ExpectIntNE(XMEMCMP(data1, zeroData, dlen), 0); ExpectIntNE(XMEMCMP(data1, data2, dlen), 0); ExpectIntEQ(FIPS_drbg_uninstantiate(dctx), WOLFSSL_SUCCESS); #ifndef HAVE_GLOBAL_RNG /* gets freed by wolfSSL_Cleanup() when HAVE_GLOBAL_RNG defined */ wolfSSL_FIPS_drbg_free(dctx); #endif #endif return EXPECT_RESULT(); } static int test_wolfSSL_FIPS_mode(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) #ifdef HAVE_FIPS ExpectIntEQ(wolfSSL_FIPS_mode(), 1); ExpectIntEQ(wolfSSL_FIPS_mode_set(0), WOLFSSL_FAILURE); ExpectIntEQ(wolfSSL_FIPS_mode_set(1), WOLFSSL_SUCCESS); #else ExpectIntEQ(wolfSSL_FIPS_mode(), 0); ExpectIntEQ(wolfSSL_FIPS_mode_set(0), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_FIPS_mode_set(1), WOLFSSL_FAILURE); #endif #endif return EXPECT_RESULT(); } #ifdef WOLFSSL_DTLS /* Prints out the current window */ static void DUW_TEST_print_window_binary(word32 h, word32 l, word32* w) { #ifdef WOLFSSL_DEBUG_DTLS_WINDOW int i; for (i = WOLFSSL_DTLS_WINDOW_WORDS - 1; i >= 0; i--) { word32 b = w[i]; int j; /* Prints out a 32 bit binary number in big endian order */ for (j = 0; j < 32; j++, b <<= 1) { if (b & (((word32)1) << 31)) fprintf(stderr, "1"); else fprintf(stderr, "0"); } fprintf(stderr, " "); } fprintf(stderr, "cur_hi %u cur_lo %u\n", h, l); #else (void)h; (void)l; (void)w; #endif } /* a - cur_hi * b - cur_lo * c - next_hi * d - next_lo * e - window * f - expected next_hi * g - expected next_lo * h - expected window[1] * i - expected window[0] */ #define DUW_TEST(a,b,c,d,e,f,g,h,i) do { \ ExpectIntEQ(wolfSSL_DtlsUpdateWindow((a), (b), &(c), &(d), (e)), 1); \ DUW_TEST_print_window_binary((a), (b), (e)); \ ExpectIntEQ((c), (f)); \ ExpectIntEQ((d), (g)); \ ExpectIntEQ((e)[1], (h)); \ ExpectIntEQ((e)[0], (i)); \ } while (0) static int test_wolfSSL_DtlsUpdateWindow(void) { EXPECT_DECLS; word32 window[WOLFSSL_DTLS_WINDOW_WORDS]; word32 next_lo = 0; word16 next_hi = 0; #ifdef WOLFSSL_DEBUG_DTLS_WINDOW fprintf(stderr, "\n"); #endif XMEMSET(window, 0, sizeof window); DUW_TEST(0, 0, next_hi, next_lo, window, 0, 1, 0, 0x01); DUW_TEST(0, 1, next_hi, next_lo, window, 0, 2, 0, 0x03); DUW_TEST(0, 5, next_hi, next_lo, window, 0, 6, 0, 0x31); DUW_TEST(0, 4, next_hi, next_lo, window, 0, 6, 0, 0x33); DUW_TEST(0, 100, next_hi, next_lo, window, 0, 101, 0, 0x01); DUW_TEST(0, 101, next_hi, next_lo, window, 0, 102, 0, 0x03); DUW_TEST(0, 133, next_hi, next_lo, window, 0, 134, 0x03, 0x01); DUW_TEST(0, 200, next_hi, next_lo, window, 0, 201, 0, 0x01); DUW_TEST(0, 264, next_hi, next_lo, window, 0, 265, 0, 0x01); DUW_TEST(0, 0xFFFFFFFF, next_hi, next_lo, window, 1, 0, 0, 0x01); DUW_TEST(0, 0xFFFFFFFD, next_hi, next_lo, window, 1, 0, 0, 0x05); DUW_TEST(0, 0xFFFFFFFE, next_hi, next_lo, window, 1, 0, 0, 0x07); DUW_TEST(1, 3, next_hi, next_lo, window, 1, 4, 0, 0x71); DUW_TEST(1, 0, next_hi, next_lo, window, 1, 4, 0, 0x79); DUW_TEST(1, 0xFFFFFFFF, next_hi, next_lo, window, 2, 0, 0, 0x01); DUW_TEST(2, 3, next_hi, next_lo, window, 2, 4, 0, 0x11); DUW_TEST(2, 0, next_hi, next_lo, window, 2, 4, 0, 0x19); DUW_TEST(2, 25, next_hi, next_lo, window, 2, 26, 0, 0x6400001); DUW_TEST(2, 27, next_hi, next_lo, window, 2, 28, 0, 0x19000005); DUW_TEST(2, 29, next_hi, next_lo, window, 2, 30, 0, 0x64000015); DUW_TEST(2, 33, next_hi, next_lo, window, 2, 34, 6, 0x40000151); DUW_TEST(2, 60, next_hi, next_lo, window, 2, 61, 0x3200000A, 0x88000001); DUW_TEST(1, 0xFFFFFFF0, next_hi, next_lo, window, 2, 61, 0x3200000A, 0x88000001); DUW_TEST(2, 0xFFFFFFFD, next_hi, next_lo, window, 2, 0xFFFFFFFE, 0, 0x01); DUW_TEST(3, 1, next_hi, next_lo, window, 3, 2, 0, 0x11); DUW_TEST(99, 66, next_hi, next_lo, window, 99, 67, 0, 0x01); DUW_TEST(50, 66, next_hi, next_lo, window, 99, 67, 0, 0x01); DUW_TEST(100, 68, next_hi, next_lo, window, 100, 69, 0, 0x01); DUW_TEST(99, 50, next_hi, next_lo, window, 100, 69, 0, 0x01); DUW_TEST(99, 0xFFFFFFFF, next_hi, next_lo, window, 100, 69, 0, 0x01); DUW_TEST(150, 0xFFFFFFFF, next_hi, next_lo, window, 151, 0, 0, 0x01); DUW_TEST(152, 0xFFFFFFFF, next_hi, next_lo, window, 153, 0, 0, 0x01); return EXPECT_RESULT(); } #endif /* WOLFSSL_DTLS */ #ifdef WOLFSSL_DTLS static int DFB_TEST(WOLFSSL* ssl, word32 seq, word32 len, word32 f_offset, word32 f_len, word32 f_count, byte ready, word32 bytesReceived) { DtlsMsg* cur; static byte msg[100]; static byte msgInit = 0; if (!msgInit) { int i; for (i = 0; i < 100; i++) msg[i] = i + 1; msgInit = 1; } /* Sanitize test parameters */ if (len > sizeof(msg)) return -1; if (f_offset + f_len > sizeof(msg)) return -1; DtlsMsgStore(ssl, 0, seq, msg + f_offset, len, certificate, f_offset, f_len, NULL); if (ssl->dtls_rx_msg_list == NULL) return -100; if ((cur = DtlsMsgFind(ssl->dtls_rx_msg_list, 0, seq)) == NULL) return -200; if (cur->fragBucketListCount != f_count) return -300; if (cur->ready != ready) return -400; if (cur->bytesReceived != bytesReceived) return -500; if (ready) { if (cur->fragBucketList != NULL) return -600; if (XMEMCMP(cur->fullMsg, msg, cur->sz) != 0) return -700; } else { DtlsFragBucket* fb; if (cur->fragBucketList == NULL) return -800; for (fb = cur->fragBucketList; fb != NULL; fb = fb->m.m.next) { if (XMEMCMP(fb->buf, msg + fb->m.m.offset, fb->m.m.sz) != 0) return -900; } } return 0; } static int test_wolfSSL_DTLS_fragment_buckets(void) { EXPECT_DECLS; WOLFSSL ssl[1]; XMEMSET(ssl, 0, sizeof(*ssl)); ExpectIntEQ(DFB_TEST(ssl, 0, 100, 0, 100, 0, 1, 100), 0); /* 0-100 */ ExpectIntEQ(DFB_TEST(ssl, 1, 100, 0, 20, 1, 0, 20), 0); /* 0-20 */ ExpectIntEQ(DFB_TEST(ssl, 1, 100, 20, 20, 1, 0, 40), 0); /* 20-40 */ ExpectIntEQ(DFB_TEST(ssl, 1, 100, 40, 20, 1, 0, 60), 0); /* 40-60 */ ExpectIntEQ(DFB_TEST(ssl, 1, 100, 60, 20, 1, 0, 80), 0); /* 60-80 */ ExpectIntEQ(DFB_TEST(ssl, 1, 100, 80, 20, 0, 1, 100), 0); /* 80-100 */ /* Test all permutations of 3 regions */ /* 1 2 3 */ ExpectIntEQ(DFB_TEST(ssl, 2, 100, 0, 30, 1, 0, 30), 0); /* 0-30 */ ExpectIntEQ(DFB_TEST(ssl, 2, 100, 30, 30, 1, 0, 60), 0); /* 30-60 */ ExpectIntEQ(DFB_TEST(ssl, 2, 100, 60, 40, 0, 1, 100), 0); /* 60-100 */ /* 1 3 2 */ ExpectIntEQ(DFB_TEST(ssl, 3, 100, 0, 30, 1, 0, 30), 0); /* 0-30 */ ExpectIntEQ(DFB_TEST(ssl, 3, 100, 60, 40, 2, 0, 70), 0); /* 60-100 */ ExpectIntEQ(DFB_TEST(ssl, 3, 100, 30, 30, 0, 1, 100), 0); /* 30-60 */ /* 2 1 3 */ ExpectIntEQ(DFB_TEST(ssl, 4, 100, 30, 30, 1, 0, 30), 0); /* 30-60 */ ExpectIntEQ(DFB_TEST(ssl, 4, 100, 0, 30, 1, 0, 60), 0); /* 0-30 */ ExpectIntEQ(DFB_TEST(ssl, 4, 100, 60, 40, 0, 1, 100), 0); /* 60-100 */ /* 2 3 1 */ ExpectIntEQ(DFB_TEST(ssl, 5, 100, 30, 30, 1, 0, 30), 0); /* 30-60 */ ExpectIntEQ(DFB_TEST(ssl, 5, 100, 60, 40, 1, 0, 70), 0); /* 60-100 */ ExpectIntEQ(DFB_TEST(ssl, 5, 100, 0, 30, 0, 1, 100), 0); /* 0-30 */ /* 3 1 2 */ ExpectIntEQ(DFB_TEST(ssl, 6, 100, 60, 40, 1, 0, 40), 0); /* 60-100 */ ExpectIntEQ(DFB_TEST(ssl, 6, 100, 0, 30, 2, 0, 70), 0); /* 0-30 */ ExpectIntEQ(DFB_TEST(ssl, 6, 100, 30, 30, 0, 1, 100), 0); /* 30-60 */ /* 3 2 1 */ ExpectIntEQ(DFB_TEST(ssl, 7, 100, 60, 40, 1, 0, 40), 0); /* 60-100 */ ExpectIntEQ(DFB_TEST(ssl, 7, 100, 30, 30, 1, 0, 70), 0); /* 30-60 */ ExpectIntEQ(DFB_TEST(ssl, 7, 100, 0, 30, 0, 1, 100), 0); /* 0-30 */ /* Test overlapping regions */ ExpectIntEQ(DFB_TEST(ssl, 8, 100, 0, 30, 1, 0, 30), 0); /* 0-30 */ ExpectIntEQ(DFB_TEST(ssl, 8, 100, 20, 10, 1, 0, 30), 0); /* 20-30 */ ExpectIntEQ(DFB_TEST(ssl, 8, 100, 70, 10, 2, 0, 40), 0); /* 70-80 */ ExpectIntEQ(DFB_TEST(ssl, 8, 100, 20, 30, 2, 0, 60), 0); /* 20-50 */ ExpectIntEQ(DFB_TEST(ssl, 8, 100, 40, 60, 0, 1, 100), 0); /* 40-100 */ /* Test overlapping multiple regions */ ExpectIntEQ(DFB_TEST(ssl, 9, 100, 0, 20, 1, 0, 20), 0); /* 0-20 */ ExpectIntEQ(DFB_TEST(ssl, 9, 100, 30, 5, 2, 0, 25), 0); /* 30-35 */ ExpectIntEQ(DFB_TEST(ssl, 9, 100, 40, 5, 3, 0, 30), 0); /* 40-45 */ ExpectIntEQ(DFB_TEST(ssl, 9, 100, 50, 5, 4, 0, 35), 0); /* 50-55 */ ExpectIntEQ(DFB_TEST(ssl, 9, 100, 60, 5, 5, 0, 40), 0); /* 60-65 */ ExpectIntEQ(DFB_TEST(ssl, 9, 100, 70, 5, 6, 0, 45), 0); /* 70-75 */ ExpectIntEQ(DFB_TEST(ssl, 9, 100, 30, 25, 4, 0, 55), 0); /* 30-55 */ ExpectIntEQ(DFB_TEST(ssl, 9, 100, 55, 15, 2, 0, 65), 0); /* 55-70 */ ExpectIntEQ(DFB_TEST(ssl, 9, 100, 75, 25, 2, 0, 90), 0); /* 75-100 */ ExpectIntEQ(DFB_TEST(ssl, 9, 100, 10, 25, 0, 1, 100), 0); /* 10-35 */ ExpectIntEQ(DFB_TEST(ssl, 10, 100, 0, 20, 1, 0, 20), 0); /* 0-20 */ ExpectIntEQ(DFB_TEST(ssl, 10, 100, 30, 20, 2, 0, 40), 0); /* 30-50 */ ExpectIntEQ(DFB_TEST(ssl, 10, 100, 0, 40, 1, 0, 50), 0); /* 0-40 */ ExpectIntEQ(DFB_TEST(ssl, 10, 100, 50, 50, 0, 1, 100), 0); /* 10-35 */ DtlsMsgListDelete(ssl->dtls_rx_msg_list, ssl->heap); ssl->dtls_rx_msg_list = NULL; ssl->dtls_rx_msg_list_sz = 0; return EXPECT_RESULT(); } #endif #if !defined(NO_FILESYSTEM) && \ defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \ defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) static int test_wolfSSL_dtls_stateless2(void) { EXPECT_DECLS; WOLFSSL *ssl_c = NULL; WOLFSSL *ssl_c2 = NULL; WOLFSSL *ssl_s = NULL; struct test_memio_ctx test_ctx; WOLFSSL_CTX *ctx_c = NULL; WOLFSSL_CTX *ctx_s = NULL; XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method), 0); ExpectNotNull(ssl_c2 = wolfSSL_new(ctx_c)); wolfSSL_SetIOWriteCtx(ssl_c2, &test_ctx); wolfSSL_SetIOReadCtx(ssl_c2, &test_ctx); /* send CH */ ExpectTrue((wolfSSL_connect(ssl_c2) == WOLFSSL_FATAL_ERROR) && (ssl_c2->error == WANT_READ)); ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) && (ssl_s->error == WANT_READ)); ExpectIntNE(test_ctx.c_len, 0); /* consume HRR */ test_ctx.c_len = 0; ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0); wolfSSL_free(ssl_c2); wolfSSL_free(ssl_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_c); wolfSSL_CTX_free(ctx_s); return EXPECT_RESULT(); } #ifdef HAVE_MAX_FRAGMENT static int test_wolfSSL_dtls_stateless_maxfrag(void) { EXPECT_DECLS; WOLFSSL *ssl_c = NULL; WOLFSSL *ssl_c2 = NULL; WOLFSSL *ssl_s = NULL; struct test_memio_ctx test_ctx; WOLFSSL_CTX *ctx_c = NULL; WOLFSSL_CTX *ctx_s = NULL; word16 max_fragment = 0; XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method), 0); ExpectNotNull(ssl_c2 = wolfSSL_new(ctx_c)); ExpectIntEQ(wolfSSL_UseMaxFragment(ssl_c2, WOLFSSL_MFL_2_8), WOLFSSL_SUCCESS); wolfSSL_SetIOWriteCtx(ssl_c2, &test_ctx); wolfSSL_SetIOReadCtx(ssl_c2, &test_ctx); if (ssl_s != NULL) { max_fragment = ssl_s->max_fragment; } /* send CH */ ExpectTrue((wolfSSL_connect(ssl_c2) == WOLFSSL_FATAL_ERROR) && (ssl_c2->error == WANT_READ)); ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) && (ssl_s->error == WANT_READ)); /* CH without cookie shouldn't change state */ ExpectIntEQ(ssl_s->max_fragment, max_fragment); ExpectIntNE(test_ctx.c_len, 0); /* consume HRR from buffer */ test_ctx.c_len = 0; ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0); wolfSSL_free(ssl_c2); wolfSSL_free(ssl_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_c); wolfSSL_CTX_free(ctx_s); return EXPECT_RESULT(); } #endif /* HAVE_MAX_FRAGMENT */ #if defined(WOLFSSL_DTLS_NO_HVR_ON_RESUME) #define ROUNDS_WITH_HVR 4 #define ROUNDS_WITHOUT_HVR 2 #define HANDSHAKE_TYPE_OFFSET DTLS_RECORD_HEADER_SZ static int buf_is_hvr(const byte *data, int len) { if (len < DTLS_RECORD_HEADER_SZ + DTLS_HANDSHAKE_HEADER_SZ) return 0; return data[HANDSHAKE_TYPE_OFFSET] == hello_verify_request; } static int _test_wolfSSL_dtls_stateless_resume(byte useticket, byte bad) { EXPECT_DECLS; struct test_memio_ctx test_ctx; WOLFSSL_CTX *ctx_c = NULL; WOLFSSL_CTX *ctx_s = NULL; WOLFSSL *ssl_c = NULL; WOLFSSL *ssl_s = NULL; WOLFSSL_SESSION *sess = NULL; int round_trips; XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method), 0); #ifdef HAVE_SESSION_TICKET if (useticket) { ExpectIntEQ(wolfSSL_UseSessionTicket(ssl_c), WOLFSSL_SUCCESS); } #endif round_trips = ROUNDS_WITH_HVR; ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, round_trips, &round_trips), 0); ExpectIntEQ(round_trips, ROUNDS_WITH_HVR); ExpectNotNull(sess = wolfSSL_get1_session(ssl_c)); wolfSSL_shutdown(ssl_c); wolfSSL_shutdown(ssl_s); wolfSSL_free(ssl_c); ssl_c = NULL; wolfSSL_free(ssl_s); ssl_s = NULL; test_ctx.c_len = test_ctx.s_len = 0; /* make resumption invalid */ if (bad && (sess != NULL)) { if (useticket) { #ifdef HAVE_SESSION_TICKET if (sess->ticket != NULL) { sess->ticket[0] = !sess->ticket[0]; } #endif /* HAVE_SESSION_TICKET */ } else { sess->sessionID[0] = !sess->sessionID[0]; } } ExpectNotNull(ssl_c = wolfSSL_new(ctx_c)); ExpectNotNull(ssl_s = wolfSSL_new(ctx_s)); wolfSSL_SetIOWriteCtx(ssl_c, &test_ctx); wolfSSL_SetIOReadCtx(ssl_c, &test_ctx); wolfSSL_SetIOWriteCtx(ssl_s, &test_ctx); wolfSSL_SetIOReadCtx(ssl_s, &test_ctx); ExpectIntEQ(wolfSSL_set_session(ssl_c, sess), WOLFSSL_SUCCESS); ExpectTrue((wolfSSL_connect(ssl_c) == WOLFSSL_FATAL_ERROR) && (ssl_c->error == WANT_READ)); ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) && (ssl_s->error == WANT_READ)); ExpectFalse(bad && !buf_is_hvr(test_ctx.c_buff, test_ctx.c_len)); ExpectFalse(!bad && buf_is_hvr(test_ctx.c_buff, test_ctx.c_len)); if (!useticket) { ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, &round_trips), 0); ExpectFalse(bad && round_trips != ROUNDS_WITH_HVR - 1); ExpectFalse(!bad && round_trips != ROUNDS_WITHOUT_HVR - 1); } wolfSSL_SESSION_free(sess); wolfSSL_free(ssl_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_c); wolfSSL_CTX_free(ctx_s); return EXPECT_RESULT(); } static int test_wolfSSL_dtls_stateless_resume(void) { EXPECT_DECLS; #ifdef HAVE_SESSION_TICKET ExpectIntEQ(_test_wolfSSL_dtls_stateless_resume(1, 0), TEST_SUCCESS); ExpectIntEQ(_test_wolfSSL_dtls_stateless_resume(1, 1), TEST_SUCCESS); #endif /* HAVE_SESION_TICKET */ ExpectIntEQ(_test_wolfSSL_dtls_stateless_resume(0, 0), TEST_SUCCESS); ExpectIntEQ(_test_wolfSSL_dtls_stateless_resume(0, 1), TEST_SUCCESS); return EXPECT_RESULT(); } #endif /* WOLFSSL_DTLS_NO_HVR_ON_RESUME */ #if !defined(NO_OLD_TLS) static int test_wolfSSL_dtls_stateless_downgrade(void) { EXPECT_DECLS; WOLFSSL_CTX *ctx_c = NULL; WOLFSSL_CTX *ctx_c2 = NULL; WOLFSSL_CTX *ctx_s = NULL; WOLFSSL *ssl_c = NULL; WOLFSSL *ssl_c2 = NULL; WOLFSSL *ssl_s = NULL; struct test_memio_ctx test_ctx; XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method), 0); ExpectIntEQ(wolfSSL_CTX_SetMinVersion(ctx_s, WOLFSSL_DTLSV1), WOLFSSL_SUCCESS); ExpectNotNull(ctx_c2 = wolfSSL_CTX_new(wolfDTLSv1_client_method())); wolfSSL_SetIORecv(ctx_c2, test_memio_read_cb); wolfSSL_SetIOSend(ctx_c2, test_memio_write_cb); ExpectNotNull(ssl_c2 = wolfSSL_new(ctx_c2)); wolfSSL_SetIOWriteCtx(ssl_c2, &test_ctx); wolfSSL_SetIOReadCtx(ssl_c2, &test_ctx); /* send CH */ ExpectTrue((wolfSSL_connect(ssl_c2) == WOLFSSL_FATAL_ERROR) && (ssl_c2->error == WANT_READ)); ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) && (ssl_s->error == WANT_READ)); ExpectIntNE(test_ctx.c_len, 0); /* consume HRR */ test_ctx.c_len = 0; ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0); wolfSSL_free(ssl_c2); wolfSSL_free(ssl_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_c); wolfSSL_CTX_free(ctx_c2); wolfSSL_CTX_free(ctx_s); return EXPECT_RESULT(); } #endif /* !defined(NO_OLD_TLS) */ #endif /* defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \ !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)*/ #if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \ !defined(NO_OLD_TLS) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) static int test_WOLFSSL_dtls_version_alert(void) { EXPECT_DECLS; struct test_memio_ctx test_ctx; WOLFSSL_CTX *ctx_c = NULL; WOLFSSL_CTX *ctx_s = NULL; WOLFSSL *ssl_c = NULL; WOLFSSL *ssl_s = NULL; XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfDTLSv1_2_client_method, wolfDTLSv1_server_method), 0); /* client hello */ ExpectTrue((wolfSSL_connect(ssl_c) == WOLFSSL_FATAL_ERROR) && (ssl_c->error == WANT_READ)); /* hrr */ ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) && (ssl_s->error == WANT_READ)); /* client hello 1 */ ExpectTrue((wolfSSL_connect(ssl_c) == WOLFSSL_FATAL_ERROR) && (ssl_c->error == WANT_READ)); /* server hello */ ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) && (ssl_s->error == WANT_READ)); /* should fail */ ExpectTrue((wolfSSL_connect(ssl_c) == WOLFSSL_FATAL_ERROR) && (ssl_c->error == VERSION_ERROR)); /* shuould fail */ ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) && (ssl_s->error == VERSION_ERROR || ssl_s->error == FATAL_ERROR)); wolfSSL_free(ssl_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_c); wolfSSL_CTX_free(ctx_s); return EXPECT_RESULT(); } #else static int test_WOLFSSL_dtls_version_alert(void) { return TEST_SKIPPED; } #endif /* defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && * !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && * !defined(NO_OLD_TLS) && !defined(NO_RSA) */ #if defined(WOLFSSL_TICKET_NONCE_MALLOC) && defined(HAVE_SESSION_TICKET) \ && defined(WOLFSSL_TLS13) && \ (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))\ && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) static int send_new_session_ticket(WOLFSSL *ssl, byte nonceLength, byte filler) { struct test_memio_ctx *test_ctx; byte buf[2048]; int idx, sz; word32 tmp; int ret; idx = 5; /* space for record header */ buf[idx] = session_ticket; /* type */ idx++; tmp = OPAQUE32_LEN + OPAQUE32_LEN + OPAQUE8_LEN + nonceLength + OPAQUE16_LEN + OPAQUE8_LEN + OPAQUE16_LEN; c32to24(tmp, buf + idx); idx += OPAQUE24_LEN; c32toa((word32)12345, buf+idx); /* lifetime */ idx += OPAQUE32_LEN; c32toa((word32)12345, buf+idx); /* add */ idx += OPAQUE32_LEN; buf[idx] = nonceLength; /* nonce length */ idx++; XMEMSET(&buf[idx], filler, nonceLength); /* nonce */ idx += nonceLength; tmp = 1; /* ticket len */ c16toa((word16)tmp, buf+idx); idx += 2; buf[idx] = 0xFF; /* ticket */ idx++; tmp = 0; /* ext len */ c16toa((word16)tmp, buf+idx); idx += 2; sz = BuildTls13Message(ssl, buf, 2048, buf+5, idx - 5, handshake, 0, 0, 0); test_ctx = (struct test_memio_ctx*)wolfSSL_GetIOWriteCtx(ssl); ret = test_memio_write_cb(ssl, (char*)buf, sz, test_ctx); return !(ret == sz); } static int test_ticket_nonce_check(WOLFSSL_SESSION *sess, byte len) { int ret = 0; if ((sess == NULL) || (sess->ticketNonce.len != len)) { ret = -1; } else { int i; for (i = 0; i < len; i++) { if (sess->ticketNonce.data[i] != len) { ret = -1; break; } } } return ret; } static int test_ticket_nonce_malloc_do(WOLFSSL *ssl_s, WOLFSSL *ssl_c, byte len) { EXPECT_DECLS; char *buf[1024]; ExpectIntEQ(send_new_session_ticket(ssl_s, len, len), 0); ExpectTrue((wolfSSL_recv(ssl_c, buf, 1024, 0) == WOLFSSL_FATAL_ERROR) && (ssl_c->error == WANT_READ)); ExpectIntEQ(test_ticket_nonce_check(ssl_c->session, len), 0); return EXPECT_RESULT(); } static int test_ticket_nonce_cache(WOLFSSL *ssl_s, WOLFSSL *ssl_c, byte len) { EXPECT_DECLS; WOLFSSL_SESSION *sess = NULL; WOLFSSL_SESSION *cached = NULL; WOLFSSL_CTX *ctx = ssl_c->ctx; ExpectIntEQ(test_ticket_nonce_malloc_do(ssl_s, ssl_c, len), TEST_SUCCESS); ExpectNotNull(sess = wolfSSL_get1_session(ssl_c)); ExpectIntEQ(AddSessionToCache(ctx, sess, sess->sessionID, sess->sessionIDSz, NULL, ssl_c->options.side, 1,NULL), 0); ExpectNotNull(cached = wolfSSL_SESSION_new()); ExpectIntEQ(wolfSSL_GetSessionFromCache(ssl_c, cached), WOLFSSL_SUCCESS); ExpectIntEQ(test_ticket_nonce_check(cached, len), 0); wolfSSL_SESSION_free(cached); wolfSSL_SESSION_free(sess); return EXPECT_RESULT(); } static int test_ticket_nonce_malloc(void) { EXPECT_DECLS; struct test_memio_ctx test_ctx; WOLFSSL_CTX *ctx_c = NULL; WOLFSSL_CTX *ctx_s = NULL; WOLFSSL *ssl_c = NULL; WOLFSSL *ssl_s = NULL; byte small; byte medium; byte big; XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfTLSv1_3_client_method, wolfTLSv1_3_server_method), 0); /* will send ticket manually */ ExpectIntEQ(wolfSSL_no_ticket_TLSv13(ssl_s), 0); wolfSSL_set_verify(ssl_s, WOLFSSL_VERIFY_NONE, 0); wolfSSL_set_verify(ssl_c, WOLFSSL_VERIFY_NONE, 0); while (EXPECT_SUCCESS() && (ssl_c->options.handShakeDone == 0) && (ssl_s->options.handShakeDone == 0)) { ExpectTrue((wolfSSL_connect(ssl_c) == WOLFSSL_SUCCESS) || (ssl_c->error == WANT_READ)); ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_SUCCESS) || (ssl_s->error == WANT_READ)); } small = TLS13_TICKET_NONCE_STATIC_SZ; medium = small + 20 <= 255 ? small + 20 : 255; big = medium + 20 <= 255 ? small + 20 : 255; ExpectIntEQ(test_ticket_nonce_malloc_do(ssl_s, ssl_c, small), TEST_SUCCESS); ExpectPtrEq(ssl_c->session->ticketNonce.data, ssl_c->session->ticketNonce.dataStatic); ExpectIntEQ(test_ticket_nonce_malloc_do(ssl_s, ssl_c, medium), TEST_SUCCESS); ExpectIntEQ(test_ticket_nonce_malloc_do(ssl_s, ssl_c, big), TEST_SUCCESS); ExpectIntEQ(test_ticket_nonce_malloc_do(ssl_s, ssl_c, medium), TEST_SUCCESS); ExpectIntEQ(test_ticket_nonce_malloc_do(ssl_s, ssl_c, small), TEST_SUCCESS); ExpectIntEQ(test_ticket_nonce_cache(ssl_s, ssl_c, small), TEST_SUCCESS); ExpectIntEQ(test_ticket_nonce_cache(ssl_s, ssl_c, medium), TEST_SUCCESS); ExpectIntEQ(test_ticket_nonce_cache(ssl_s, ssl_c, big), TEST_SUCCESS); ExpectIntEQ(test_ticket_nonce_cache(ssl_s, ssl_c, medium), TEST_SUCCESS); ExpectIntEQ(test_ticket_nonce_cache(ssl_s, ssl_c, small), TEST_SUCCESS); wolfSSL_free(ssl_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_c); wolfSSL_CTX_free(ctx_s); return EXPECT_RESULT(); } #endif /* WOLFSSL_TICKET_NONCE_MALLOC */ #if defined(HAVE_SESSION_TICKET) && !defined(WOLFSSL_NO_TLS12) && \ !defined(WOLFSSL_TICKET_DECRYPT_NO_CREATE) && \ !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \ !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && !defined(NO_RSA) && \ defined(HAVE_ECC) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) static int test_ticket_ret_create(void) { EXPECT_DECLS; WOLFSSL_CTX *ctx_c = NULL; WOLFSSL_CTX *ctx_s = NULL; WOLFSSL *ssl_c = NULL; WOLFSSL *ssl_s = NULL; byte ticket[SESSION_TICKET_LEN]; struct test_memio_ctx test_ctx; WOLFSSL_SESSION *sess = NULL; word16 ticketLen = 0; XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfTLSv1_2_client_method, wolfTLSv1_2_server_method), 0); wolfSSL_set_verify(ssl_s, WOLFSSL_VERIFY_NONE, 0); wolfSSL_set_verify(ssl_c, WOLFSSL_VERIFY_NONE, 0); ExpectIntEQ(wolfSSL_CTX_UseSessionTicket(ctx_c), WOLFSSL_SUCCESS); ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0); ExpectNotNull(sess = wolfSSL_get1_session(ssl_c)); ExpectIntLE(sess->ticketLen, SESSION_TICKET_LEN); if (sess != NULL) { ticketLen = sess->ticketLen; XMEMCPY(ticket, sess->ticket, sess->ticketLen); } wolfSSL_free(ssl_c); ssl_c = NULL; wolfSSL_free(ssl_s); ssl_s = NULL; ExpectNotNull(ssl_s = wolfSSL_new(ctx_s)); wolfSSL_SetIOWriteCtx(ssl_s, &test_ctx); wolfSSL_SetIOReadCtx(ssl_s, &test_ctx); ExpectNotNull(ssl_c = wolfSSL_new(ctx_c)); wolfSSL_SetIOWriteCtx(ssl_c, &test_ctx); wolfSSL_SetIOReadCtx(ssl_c, &test_ctx); ExpectIntEQ(wolfSSL_set_session(ssl_c, sess), WOLFSSL_SUCCESS); ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0); ExpectIntLE(ssl_c->session->ticketLen, SESSION_TICKET_LEN); ExpectIntEQ(ssl_c->session->ticketLen, ticketLen); ExpectTrue(XMEMCMP(ssl_c->session->ticket, ticket, ticketLen) != 0); wolfSSL_SESSION_free(sess); wolfSSL_free(ssl_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_c); wolfSSL_CTX_free(ctx_s); return EXPECT_RESULT(); } #else static int test_ticket_ret_create(void) { return TEST_SKIPPED; } #endif #if defined(WOLFSSL_TLS13) && !defined(NO_PSK) && \ defined(HAVE_SESSION_TICKET) && defined(OPENSSL_EXTRA) && \ defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_AESGCM) && \ !defined(NO_SHA256) && defined(WOLFSSL_AES_128) && \ defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256) static void test_ticket_and_psk_mixing_on_result(WOLFSSL* ssl) { int ret; WOLFSSL_SESSION* session = NULL; AssertIntEQ(wolfSSL_get_current_cipher_suite(ssl), 0x1301); if (!wolfSSL_is_server(ssl)) { session = wolfSSL_SESSION_dup(wolfSSL_get_session(ssl)); AssertNotNull(session); } do { ret = wolfSSL_shutdown(ssl); } while (ret == WOLFSSL_SHUTDOWN_NOT_DONE); AssertIntEQ(wolfSSL_clear(ssl), WOLFSSL_SUCCESS); wolfSSL_set_psk_callback_ctx(ssl, (void*)"TLS13-AES256-GCM-SHA384"); #ifndef OPENSSL_COMPATIBLE_DEFAULTS /* OpenSSL considers PSK to be verified. We error out with NO_PEER_CERT. */ wolfSSL_set_verify(ssl, WOLFSSL_VERIFY_NONE, NULL); #endif if (!wolfSSL_is_server(ssl)) { /* client */ AssertIntEQ(wolfSSL_set_cipher_list(ssl, "TLS13-AES256-GCM-SHA384:" "TLS13-AES128-GCM-SHA256"), WOLFSSL_SUCCESS); wolfSSL_set_session(ssl, session); wolfSSL_SESSION_free(session); wolfSSL_set_psk_client_tls13_callback(ssl, my_psk_client_tls13_cb); AssertIntEQ(wolfSSL_connect(ssl), WOLFSSL_SUCCESS); } else { /* server */ /* Different ciphersuite so that the ticket will be invalidated based on * the ciphersuite */ AssertIntEQ(wolfSSL_set_cipher_list(ssl, "TLS13-AES256-GCM-SHA384"), WOLFSSL_SUCCESS); wolfSSL_set_psk_server_tls13_callback(ssl, my_psk_server_tls13_cb); AssertIntEQ(wolfSSL_accept(ssl), WOLFSSL_SUCCESS); } } static void test_ticket_and_psk_mixing_ssl_ready(WOLFSSL* ssl) { AssertIntEQ(wolfSSL_UseSessionTicket(ssl), WOLFSSL_SUCCESS); AssertIntEQ(wolfSSL_set_cipher_list(ssl, "TLS13-AES128-GCM-SHA256"), WOLFSSL_SUCCESS); } static int test_ticket_and_psk_mixing(void) { EXPECT_DECLS; /* Test mixing tickets and regular PSK */ callback_functions client_cbs, server_cbs; XMEMSET(&client_cbs, 0, sizeof(client_cbs)); XMEMSET(&server_cbs, 0, sizeof(server_cbs)); client_cbs.method = wolfTLSv1_3_client_method; server_cbs.method = wolfTLSv1_3_server_method; client_cbs.ssl_ready = test_ticket_and_psk_mixing_ssl_ready; client_cbs.on_result = test_ticket_and_psk_mixing_on_result; server_cbs.on_result = test_ticket_and_psk_mixing_on_result; test_wolfSSL_client_server_nofail(&client_cbs, &server_cbs); ExpectIntEQ(client_cbs.return_code, TEST_SUCCESS); ExpectIntEQ(server_cbs.return_code, TEST_SUCCESS); return EXPECT_RESULT(); } #else static int test_ticket_and_psk_mixing(void) { return TEST_SKIPPED; } #endif #if defined(WOLFSSL_TLS13) && !defined(NO_PSK) && defined(HAVE_SESSION_TICKET) \ && defined(OPENSSL_EXTRA) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \ defined(HAVE_AESGCM) && !defined(NO_SHA256) && defined(WOLFSSL_AES_128) && \ defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256) static int test_prioritize_psk_cb_called = FALSE; static unsigned int test_prioritize_psk_cb(WOLFSSL* ssl, const char* identity, unsigned char* key, unsigned int key_max_len, const char** ciphersuite) { test_prioritize_psk_cb_called = TRUE; return my_psk_server_tls13_cb(ssl, identity, key, key_max_len, ciphersuite); } static void test_prioritize_psk_on_result(WOLFSSL* ssl) { int ret; WOLFSSL_SESSION* session = NULL; AssertIntEQ(wolfSSL_get_current_cipher_suite(ssl), 0x1301); if (!wolfSSL_is_server(ssl)) { session = wolfSSL_SESSION_dup(wolfSSL_get_session(ssl)); AssertNotNull(session); } do { ret = wolfSSL_shutdown(ssl); } while (ret == WOLFSSL_SHUTDOWN_NOT_DONE); AssertIntEQ(wolfSSL_clear(ssl), WOLFSSL_SUCCESS); wolfSSL_set_psk_callback_ctx(ssl, (void*)"TLS13-AES256-GCM-SHA384"); /* Previous connection was made with TLS13-AES128-GCM-SHA256. Order is * important. */ AssertIntEQ(wolfSSL_set_cipher_list(ssl, "TLS13-AES256-GCM-SHA384:" "TLS13-AES128-GCM-SHA256"), WOLFSSL_SUCCESS); #ifndef OPENSSL_COMPATIBLE_DEFAULTS /* OpenSSL considers PSK to be verified. We error out with NO_PEER_CERT. */ wolfSSL_set_verify(ssl, WOLFSSL_VERIFY_NONE, NULL); #endif if (!wolfSSL_is_server(ssl)) { /* client */ wolfSSL_set_psk_client_tls13_callback(ssl, my_psk_client_tls13_cb); wolfSSL_set_session(ssl, session); wolfSSL_SESSION_free(session); AssertIntEQ(wolfSSL_connect(ssl), WOLFSSL_SUCCESS); } else { /* server */ wolfSSL_set_psk_server_tls13_callback(ssl, test_prioritize_psk_cb); AssertIntEQ(wolfSSL_accept(ssl), WOLFSSL_SUCCESS); #ifdef WOLFSSL_PRIORITIZE_PSK /* The ticket should be first tried with all ciphersuites and chosen */ AssertFalse(test_prioritize_psk_cb_called); #else /* Ciphersuites should be tried with each PSK. This triggers the PSK * callback that sets this var. */ AssertTrue(test_prioritize_psk_cb_called); #endif } } static void test_prioritize_psk_ssl_ready(WOLFSSL* ssl) { if (!wolfSSL_is_server(ssl)) AssertIntEQ(wolfSSL_set_cipher_list(ssl, "TLS13-AES128-GCM-SHA256"), WOLFSSL_SUCCESS); else AssertIntEQ(wolfSSL_set_cipher_list(ssl, "TLS13-AES256-GCM-SHA384:" "TLS13-AES128-GCM-SHA256"), WOLFSSL_SUCCESS); } static int test_prioritize_psk(void) { EXPECT_DECLS; /* We always send the ticket first. With WOLFSSL_PRIORITIZE_PSK the order * of the PSK's will be followed instead of the ciphersuite. */ callback_functions client_cbs, server_cbs; XMEMSET(&client_cbs, 0, sizeof(client_cbs)); XMEMSET(&server_cbs, 0, sizeof(server_cbs)); client_cbs.method = wolfTLSv1_3_client_method; server_cbs.method = wolfTLSv1_3_server_method; client_cbs.ssl_ready = test_prioritize_psk_ssl_ready; server_cbs.ssl_ready = test_prioritize_psk_ssl_ready; client_cbs.on_result = test_prioritize_psk_on_result; server_cbs.on_result = test_prioritize_psk_on_result; test_wolfSSL_client_server_nofail(&client_cbs, &server_cbs); ExpectIntEQ(client_cbs.return_code, TEST_SUCCESS); ExpectIntEQ(server_cbs.return_code, TEST_SUCCESS); return EXPECT_RESULT(); } #else static int test_prioritize_psk(void) { return TEST_SKIPPED; } #endif #if defined(WOLFSSL_TLS13) && defined(OPENSSL_EXTRA) && \ defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(HAVE_AESGCM) && \ !defined(NO_SHA256) && defined(WOLFSSL_AES_128) && \ !defined(WOLFSSL_NO_TLS12) static int test_wolfSSL_CTX_set_ciphersuites_ctx_ready_server(WOLFSSL_CTX* ctx) { EXPECT_DECLS; ExpectTrue(SSL_CTX_set_cipher_list(ctx, "DEFAULT")); /* Set TLS 1.3 specific suite */ ExpectTrue(SSL_CTX_set_ciphersuites(ctx, "TLS13-AES128-GCM-SHA256")); return EXPECT_RESULT(); } static int test_wolfSSL_CTX_set_ciphersuites(void) { EXPECT_DECLS; /* Test using SSL_CTX_set_cipher_list and SSL_CTX_set_ciphersuites and then * do a 1.2 connection. */ test_ssl_cbf client_cbs, server_cbs; XMEMSET(&client_cbs, 0, sizeof(client_cbs)); XMEMSET(&server_cbs, 0, sizeof(server_cbs)); client_cbs.method = wolfTLSv1_2_client_method; server_cbs.method = wolfTLS_server_method; /* Allow downgrade */ server_cbs.ctx_ready = test_wolfSSL_CTX_set_ciphersuites_ctx_ready_server; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbs, &server_cbs, NULL), TEST_SUCCESS); return EXPECT_RESULT(); } #else static int test_wolfSSL_CTX_set_ciphersuites(void) { return TEST_SKIPPED; } #endif #if defined(HAVE_CRL) && defined(WOLFSSL_CHECK_ALERT_ON_ERR) && \ defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) static int test_wolfSSL_CRL_CERT_REVOKED_alert_ctx_ready(WOLFSSL_CTX* ctx) { wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL); return TEST_SUCCESS; } static int test_wolfSSL_CRL_CERT_REVOKED_alert_on_cleanup(WOLFSSL* ssl) { EXPECT_DECLS; WOLFSSL_ALERT_HISTORY h; ExpectIntEQ(wolfSSL_get_alert_history(ssl, &h), WOLFSSL_SUCCESS); ExpectIntEQ(h.last_rx.level, alert_fatal); ExpectIntEQ(h.last_rx.code, certificate_revoked); return EXPECT_RESULT(); } static int test_wolfSSL_CRL_CERT_REVOKED_alert(void) { EXPECT_DECLS; test_ssl_cbf client_cbs, server_cbs; XMEMSET(&client_cbs, 0, sizeof(client_cbs)); XMEMSET(&server_cbs, 0, sizeof(server_cbs)); server_cbs.certPemFile = "./certs/server-revoked-cert.pem"; server_cbs.keyPemFile = "./certs/server-revoked-key.pem"; client_cbs.crlPemFile = "./certs/crl/crl.revoked"; client_cbs.ctx_ready = test_wolfSSL_CRL_CERT_REVOKED_alert_ctx_ready; server_cbs.on_cleanup = test_wolfSSL_CRL_CERT_REVOKED_alert_on_cleanup; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbs, &server_cbs, NULL), TEST_FAIL); return EXPECT_RESULT(); } #else static int test_wolfSSL_CRL_CERT_REVOKED_alert(void) { return TEST_SKIPPED; } #endif #if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET) \ && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(HAVE_AESGCM) && \ !defined(NO_SHA256) && defined(WOLFSSL_AES_128) && \ defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256) && \ !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) static WOLFSSL_CTX* test_TLS_13_ticket_different_ciphers_ctx = NULL; static WOLFSSL_SESSION* test_TLS_13_ticket_different_ciphers_session = NULL; static int test_TLS_13_ticket_different_ciphers_run = 0; static int test_TLS_13_ticket_different_ciphers_ssl_ready(WOLFSSL* ssl) { EXPECT_DECLS; switch (test_TLS_13_ticket_different_ciphers_run) { case 0: /* First run */ ExpectIntEQ(wolfSSL_set_cipher_list(ssl, "TLS13-AES128-GCM-SHA256"), WOLFSSL_SUCCESS); if (wolfSSL_is_server(ssl)) { ExpectNotNull(test_TLS_13_ticket_different_ciphers_ctx = wolfSSL_get_SSL_CTX(ssl)); ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_up_ref( test_TLS_13_ticket_different_ciphers_ctx)); } break; case 1: /* Second run */ ExpectIntEQ(wolfSSL_set_cipher_list(ssl, "TLS13-AES256-GCM-SHA384:" "TLS13-AES128-GCM-SHA256"), WOLFSSL_SUCCESS); if (!wolfSSL_is_server(ssl)) { ExpectIntEQ(wolfSSL_set_session(ssl, test_TLS_13_ticket_different_ciphers_session), WOLFSSL_SUCCESS); } break; default: /* Bad state? */ Fail(("Should not enter here"), ("Should not enter here")); } return EXPECT_RESULT(); } static int test_TLS_13_ticket_different_ciphers_on_result(WOLFSSL* ssl) { EXPECT_DECLS; switch (test_TLS_13_ticket_different_ciphers_run) { case 0: /* First run */ ExpectNotNull(test_TLS_13_ticket_different_ciphers_session = wolfSSL_get1_session(ssl)); break; case 1: /* Second run */ ExpectTrue(wolfSSL_session_reused(ssl)); break; default: /* Bad state? */ Fail(("Should not enter here"), ("Should not enter here")); } return EXPECT_RESULT(); } static int test_TLS_13_ticket_different_ciphers(void) { EXPECT_DECLS; /* Check that we handle the connection when the ticket doesn't match * the first ciphersuite. */ test_ssl_cbf client_cbs, server_cbs; struct test_params { method_provider client_meth; method_provider server_meth; int doUdp; } params[] = { #ifdef WOLFSSL_DTLS13 /* Test that the stateless code handles sessions correctly */ {wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method, 1}, #endif {wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, 0}, }; size_t i; for (i = 0; i < sizeof(params)/sizeof(*params); i++) { XMEMSET(&client_cbs, 0, sizeof(client_cbs)); XMEMSET(&server_cbs, 0, sizeof(server_cbs)); test_TLS_13_ticket_different_ciphers_run = 0; client_cbs.doUdp = server_cbs.doUdp = params[i].doUdp; client_cbs.method = params[i].client_meth; server_cbs.method = params[i].server_meth; client_cbs.ssl_ready = test_TLS_13_ticket_different_ciphers_ssl_ready; server_cbs.ssl_ready = test_TLS_13_ticket_different_ciphers_ssl_ready; client_cbs.on_result = test_TLS_13_ticket_different_ciphers_on_result; server_cbs.ticNoInit = 1; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbs, &server_cbs, NULL), TEST_SUCCESS); test_TLS_13_ticket_different_ciphers_run++; server_cbs.ctx = test_TLS_13_ticket_different_ciphers_ctx; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbs, &server_cbs, NULL), TEST_SUCCESS); wolfSSL_SESSION_free(test_TLS_13_ticket_different_ciphers_session); test_TLS_13_ticket_different_ciphers_session = NULL; wolfSSL_CTX_free(test_TLS_13_ticket_different_ciphers_ctx); test_TLS_13_ticket_different_ciphers_ctx = NULL; } return EXPECT_RESULT(); } #else static int test_TLS_13_ticket_different_ciphers(void) { return TEST_SKIPPED; } #endif #if defined(WOLFSSL_EXTRA_ALERTS) && !defined(WOLFSSL_NO_TLS12) && \ defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) #define TEST_WRONG_CS_CLIENT "DHE-RSA-AES128-SHA" /* AKA TLS_DHE_RSA_WITH_AES_128_CBC_SHA */ byte test_extra_alerts_wrong_cs_sh[] = { 0x16, 0x03, 0x03, 0x00, 0x56, 0x02, 0x00, 0x00, 0x52, 0x03, 0x03, 0xef, 0x0c, 0x30, 0x98, 0xa2, 0xac, 0xfa, 0x68, 0xe9, 0x3e, 0xaa, 0x5c, 0xcf, 0xa7, 0x42, 0x72, 0xaf, 0xa0, 0xe8, 0x39, 0x2b, 0x3e, 0x81, 0xa7, 0x7a, 0xa5, 0x62, 0x8a, 0x0e, 0x41, 0xba, 0xda, 0x20, 0x18, 0x9f, 0xe1, 0x8c, 0x1d, 0xc0, 0x37, 0x9c, 0xf4, 0x90, 0x5d, 0x8d, 0xa0, 0x79, 0xa7, 0x4b, 0xa8, 0x79, 0xdf, 0xcd, 0x8d, 0xf5, 0xb5, 0x50, 0x5f, 0xf1, 0xdb, 0x4d, 0xbb, 0x07, 0x54, 0x1c, 0x00, 0x02, /* TLS_RSA_WITH_NULL_SHA */ 0x00, 0x00, 0x0a, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x17, 0x00, 0x00 }; static int test_extra_alerts_wrong_cs(void) { EXPECT_DECLS; #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA struct test_memio_ctx test_ctx; WOLFSSL_CTX *ctx_c = NULL; WOLFSSL_ALERT_HISTORY h; WOLFSSL *ssl_c = NULL; XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, NULL, &ssl_c, NULL, wolfTLSv1_2_client_method, NULL), 0); ExpectIntEQ(wolfSSL_set_cipher_list(ssl_c, TEST_WRONG_CS_CLIENT), WOLFSSL_SUCCESS); /* CH */ ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR), WOLFSSL_ERROR_WANT_READ); /* consume CH */ test_ctx.s_len = 0; /* inject SH */ XMEMCPY(test_ctx.c_buff, test_extra_alerts_wrong_cs_sh, sizeof(test_extra_alerts_wrong_cs_sh)); test_ctx.c_len = sizeof(test_extra_alerts_wrong_cs_sh); ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS); ExpectIntNE(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR), WOLFSSL_ERROR_WANT_READ); ExpectIntEQ(wolfSSL_get_alert_history(ssl_c, &h), WOLFSSL_SUCCESS); ExpectIntEQ(h.last_tx.code, illegal_parameter); ExpectIntEQ(h.last_tx.level, alert_fatal); wolfSSL_free(ssl_c); wolfSSL_CTX_free(ctx_c); #endif return EXPECT_RESULT(); } #else static int test_extra_alerts_wrong_cs(void) { return TEST_SKIPPED; } #endif #if !defined(WOLFSSL_NO_TLS12) && defined(WOLFSSL_EXTRA_ALERTS) && \ defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_SP_MATH) static void test_remove_msg(byte *msg, int tail_len, int *len, int msg_length) { tail_len -= msg_length; XMEMMOVE(msg, msg + msg_length, tail_len); *len = *len - msg_length; } static int test_remove_hs_msg_from_buffer(byte *buf, int *len, byte type, byte *found) { const unsigned int _HANDSHAKE_HEADER_SZ = 4; const unsigned int _RECORD_HEADER_SZ = 5; const int _change_cipher_hs = 55; const int _change_cipher = 20; const int _handshake = 22; unsigned int tail_len; byte *idx, *curr; word8 currType; word16 rLength; word32 hLength; idx = buf; tail_len = *len; *found = 0; while (tail_len > _RECORD_HEADER_SZ) { curr = idx; currType = *idx; ato16(idx + 3, &rLength); idx += _RECORD_HEADER_SZ; tail_len -= _RECORD_HEADER_SZ; if (tail_len < rLength) return -1; if (type == _change_cipher_hs && currType == _change_cipher) { if (rLength != 1) return -1; /* match */ test_remove_msg(curr, *len - (int)(curr - buf), len, _RECORD_HEADER_SZ + 1); *found = 1; return 0; } if (currType != _handshake) { idx += rLength; tail_len -= rLength; continue; } if (rLength < _HANDSHAKE_HEADER_SZ) return -1; currType = *idx; ato24(idx+1, &hLength); hLength += _HANDSHAKE_HEADER_SZ; if (tail_len < hLength) return -1; if (currType != type) { idx += hLength; tail_len -= hLength; continue; } /* match */ test_remove_msg(curr, *len - (int)(curr - buf), len, hLength + _RECORD_HEADER_SZ); *found = 1; return 0; } /* not found */ return 0; } static int test_remove_hs_message(byte hs_message_type, int extra_round, byte alert_type) { EXPECT_DECLS; WOLFSSL_CTX *ctx_c = NULL; WOLFSSL_CTX *ctx_s = NULL; WOLFSSL *ssl_c = NULL; WOLFSSL *ssl_s = NULL; struct test_memio_ctx test_ctx; WOLFSSL_ALERT_HISTORY h; byte found = 0; XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfTLSv1_2_client_method, wolfTLSv1_2_server_method), 0); ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR), WOLFSSL_ERROR_WANT_READ); ExpectIntNE(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR), WOLFSSL_ERROR_WANT_READ); if (extra_round) { ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR), WOLFSSL_ERROR_WANT_READ); /* this will complete handshake from server side */ ExpectIntEQ(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS); } ExpectIntEQ(test_remove_hs_msg_from_buffer(test_ctx.c_buff, &test_ctx.c_len, hs_message_type, &found), 0); if (!found) { wolfSSL_free(ssl_c); wolfSSL_CTX_free(ctx_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_s); return TEST_SKIPPED; } ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS); ExpectIntNE(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR), WOLFSSL_ERROR_WANT_READ); ExpectIntEQ(wolfSSL_get_alert_history(ssl_c, &h), WOLFSSL_SUCCESS); ExpectTrue(alert_type == 0xff || h.last_tx.code == alert_type); ExpectIntEQ(h.last_tx.level, alert_fatal); wolfSSL_free(ssl_c); wolfSSL_CTX_free(ctx_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_s); return EXPECT_RESULT(); } static int test_extra_alerts_skip_hs(void) { EXPECT_DECLS; const byte _server_key_exchange = 12; const byte _server_hello = 2; const byte _certificate = 11; /* server_hello */ ExpectIntNE(test_remove_hs_message(_server_hello, 0, unexpected_message), TEST_FAIL); ExpectIntNE(test_remove_hs_message(_certificate, 0, 0xff), TEST_FAIL); ExpectIntNE(test_remove_hs_message(_server_key_exchange, 0, unexpected_message), TEST_FAIL); return EXPECT_RESULT(); } #else static int test_extra_alerts_skip_hs(void) { return TEST_SKIPPED; } #endif #if !defined(WOLFSSL_NO_TLS12) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)\ && defined(WOLFSSL_EXTRA_ALERTS) && !defined(NO_PSK) && !defined(NO_DH) static unsigned int test_server_psk_cb(WOLFSSL* ssl, const char* id, unsigned char* key, unsigned int key_max_len) { (void)ssl; (void)id; (void)key_max_len; /* zero means error */ key[0] = 0x10; return 1; } static int test_extra_alerts_bad_psk(void) { EXPECT_DECLS; WOLFSSL_CTX *ctx_c = NULL; WOLFSSL_CTX *ctx_s = NULL; WOLFSSL *ssl_c = NULL; WOLFSSL *ssl_s = NULL; struct test_memio_ctx test_ctx; WOLFSSL_ALERT_HISTORY h; XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfTLSv1_2_client_method, wolfTLSv1_2_server_method), 0); ExpectIntEQ(wolfSSL_set_cipher_list(ssl_c, "DHE-PSK-AES128-GCM-SHA256"), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_set_cipher_list(ssl_s, "DHE-PSK-AES128-GCM-SHA256"), WOLFSSL_SUCCESS); wolfSSL_set_psk_server_callback(ssl_s, test_server_psk_cb); ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR), WOLFSSL_ERROR_WANT_READ); ExpectIntNE(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS); ExpectIntEQ( wolfSSL_get_error(ssl_s, WOLFSSL_FATAL_ERROR), WOLFSSL_ERROR_WANT_READ); ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS); ExpectIntNE(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR), WOLFSSL_ERROR_WANT_READ); ExpectIntEQ(wolfSSL_get_alert_history(ssl_c, &h), WOLFSSL_SUCCESS); ExpectIntEQ(h.last_tx.code, handshake_failure); ExpectIntEQ(h.last_tx.level, alert_fatal); wolfSSL_free(ssl_c); wolfSSL_CTX_free(ctx_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_s); return EXPECT_RESULT(); } #else static int test_extra_alerts_bad_psk(void) { return TEST_SKIPPED; } #endif #if defined(WOLFSSL_TLS13) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)\ && !defined(NO_PSK) static unsigned int test_tls13_bad_psk_binder_client_cb(WOLFSSL* ssl, const char* hint, char* identity, unsigned int id_max_len, unsigned char* key, unsigned int key_max_len) { (void)ssl; (void)hint; (void)key_max_len; /* see internal.h MAX_PSK_ID_LEN for PSK identity limit */ XSTRNCPY(identity, "Client_identity", id_max_len); key[0] = 0x20; return 1; } static unsigned int test_tls13_bad_psk_binder_server_cb(WOLFSSL* ssl, const char* id, unsigned char* key, unsigned int key_max_len) { (void)ssl; (void)id; (void)key_max_len; /* zero means error */ key[0] = 0x10; return 1; } #endif static int test_tls13_bad_psk_binder(void) { EXPECT_DECLS; #if defined(WOLFSSL_TLS13) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)\ && !defined(NO_PSK) WOLFSSL_CTX *ctx_c = NULL; WOLFSSL_CTX *ctx_s = NULL; WOLFSSL *ssl_c = NULL; WOLFSSL *ssl_s = NULL; struct test_memio_ctx test_ctx; WOLFSSL_ALERT_HISTORY h; XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfTLSv1_3_client_method, wolfTLSv1_3_server_method), 0); wolfSSL_set_psk_client_callback(ssl_c, test_tls13_bad_psk_binder_client_cb); wolfSSL_set_psk_server_callback(ssl_s, test_tls13_bad_psk_binder_server_cb); ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR), WOLFSSL_ERROR_WANT_READ); ExpectIntNE(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS); ExpectIntEQ( wolfSSL_get_error(ssl_s, WOLFSSL_FATAL_ERROR), BAD_BINDER); ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR), FATAL_ERROR); ExpectIntEQ(wolfSSL_get_alert_history(ssl_c, &h), WOLFSSL_SUCCESS); ExpectIntEQ(h.last_rx.code, illegal_parameter); ExpectIntEQ(h.last_rx.level, alert_fatal); wolfSSL_free(ssl_c); wolfSSL_CTX_free(ctx_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_s); #endif return EXPECT_RESULT(); } #if defined(WOLFSSL_HARDEN_TLS) && !defined(WOLFSSL_NO_TLS12) && \ defined(HAVE_IO_TESTS_DEPENDENCIES) static int test_harden_no_secure_renegotiation_io_cb(WOLFSSL *ssl, char *buf, int sz, void *ctx) { static int sentServerHello = FALSE; if (!sentServerHello) { byte renegExt[] = { 0xFF, 0x01, 0x00, 0x01, 0x00 }; size_t i; if (sz < (int)sizeof(renegExt)) return WOLFSSL_CBIO_ERR_GENERAL; /* Remove SCR from ServerHello */ for (i = 0; i < sz - sizeof(renegExt); i++) { if (XMEMCMP(buf + i, renegExt, sizeof(renegExt)) == 0) { /* Found the extension. Change it to something unrecognized. */ buf[i+1] = 0x11; break; } } sentServerHello = TRUE; } return EmbedSend(ssl, buf, sz, ctx); } static void test_harden_no_secure_renegotiation_ssl_ready(WOLFSSL* ssl) { wolfSSL_SSLSetIOSend(ssl, test_harden_no_secure_renegotiation_io_cb); } static void test_harden_no_secure_renegotiation_on_cleanup(WOLFSSL* ssl) { WOLFSSL_ALERT_HISTORY h; AssertIntEQ(wolfSSL_get_alert_history(ssl, &h), WOLFSSL_SUCCESS); AssertIntEQ(h.last_rx.code, handshake_failure); AssertIntEQ(h.last_rx.level, alert_fatal); } static int test_harden_no_secure_renegotiation(void) { EXPECT_DECLS; callback_functions client_cbs, server_cbs; XMEMSET(&client_cbs, 0, sizeof(client_cbs)); XMEMSET(&server_cbs, 0, sizeof(server_cbs)); client_cbs.method = wolfTLSv1_2_client_method; server_cbs.method = wolfTLSv1_2_server_method; server_cbs.ssl_ready = test_harden_no_secure_renegotiation_ssl_ready; server_cbs.on_cleanup = test_harden_no_secure_renegotiation_on_cleanup; test_wolfSSL_client_server_nofail(&client_cbs, &server_cbs); ExpectIntEQ(client_cbs.return_code, TEST_FAIL); ExpectIntEQ(client_cbs.last_err, SECURE_RENEGOTIATION_E); ExpectIntEQ(server_cbs.return_code, TEST_FAIL); ExpectTrue(server_cbs.last_err == SOCKET_ERROR_E || server_cbs.last_err == FATAL_ERROR); return EXPECT_RESULT(); } #else static int test_harden_no_secure_renegotiation(void) { return TEST_SKIPPED; } #endif #if defined(HAVE_OCSP) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) static int test_override_alt_cert_chain_cert_cb(int preverify, WOLFSSL_X509_STORE_CTX* store) { fprintf(stderr, "preverify: %d\n", preverify); fprintf(stderr, "store->error: %d\n", store->error); fprintf(stderr, "error reason: %s\n", wolfSSL_ERR_reason_error_string(store->error)); if (store->error == OCSP_INVALID_STATUS) { fprintf(stderr, "Overriding OCSP error\n"); return 1; } #ifndef WOLFSSL_ALT_CERT_CHAINS else if ((store->error == ASN_NO_SIGNER_E || store->error == ASN_SELF_SIGNED_E #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \ defined(HAVE_WEBSERVER) || store->error == WOLFSSL_X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY #endif ) && store->error_depth == store->totalCerts - 1) { fprintf(stderr, "Overriding no signer error only for root cert\n"); return 1; } #endif else return preverify; } static int test_override_alt_cert_chain_ocsp_cb(void* ioCtx, const char* url, int urlSz, unsigned char* request, int requestSz, unsigned char** response) { (void)ioCtx; (void)url; (void)urlSz; (void)request; (void)requestSz; (void)response; return -1; } static int test_override_alt_cert_chain_client_ctx_ready(WOLFSSL_CTX* ctx) { EXPECT_DECLS; wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, test_override_alt_cert_chain_cert_cb); ExpectIntEQ(wolfSSL_CTX_EnableOCSP(ctx, WOLFSSL_OCSP_CHECKALL | WOLFSSL_OCSP_URL_OVERRIDE), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_SetOCSP_Cb(ctx, test_override_alt_cert_chain_ocsp_cb, NULL, NULL), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_SetOCSP_OverrideURL(ctx, "not a url"), WOLFSSL_SUCCESS); return EXPECT_RESULT(); } static int test_override_alt_cert_chain_client_ctx_ready2(WOLFSSL_CTX* ctx) { EXPECT_DECLS; wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL); ExpectIntEQ(wolfSSL_CTX_EnableOCSP(ctx, WOLFSSL_OCSP_CHECKALL | WOLFSSL_OCSP_URL_OVERRIDE), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_SetOCSP_Cb(ctx, test_override_alt_cert_chain_ocsp_cb, NULL, NULL), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_SetOCSP_OverrideURL(ctx, "not a url"), WOLFSSL_SUCCESS); return EXPECT_RESULT(); } static int test_override_alt_cert_chain_server_ctx_ready(WOLFSSL_CTX* ctx) { EXPECT_DECLS; ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_file(ctx, "./certs/intermediate/server-chain-alt.pem"), WOLFSSL_SUCCESS); return EXPECT_RESULT(); } static int test_override_alt_cert_chain(void) { EXPECT_DECLS; size_t i; struct test_params { ctx_cb client_ctx_cb; ctx_cb server_ctx_cb; int result; } params[] = { {test_override_alt_cert_chain_client_ctx_ready, test_override_alt_cert_chain_server_ctx_ready, TEST_SUCCESS}, {test_override_alt_cert_chain_client_ctx_ready2, test_override_alt_cert_chain_server_ctx_ready, TEST_FAIL}, }; for (i = 0; i < sizeof(params)/sizeof(*params); i++) { test_ssl_cbf client_cbs, server_cbs; XMEMSET(&client_cbs, 0, sizeof(client_cbs)); XMEMSET(&server_cbs, 0, sizeof(server_cbs)); fprintf(stderr, "test config: %d\n", (int)i); client_cbs.ctx_ready = params[i].client_ctx_cb; server_cbs.ctx_ready = params[i].server_ctx_cb; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbs, &server_cbs, NULL), params[i].result); ExpectIntEQ(client_cbs.return_code, params[i].result); ExpectIntEQ(server_cbs.return_code, params[i].result); } return EXPECT_RESULT(); } #else static int test_override_alt_cert_chain(void) { return TEST_SKIPPED; } #endif #if defined(HAVE_RPK) #define svrRpkCertFile "./certs/rpk/server-cert-rpk.der" #define clntRpkCertFile "./certs/rpk/client-cert-rpk.der" #if defined(WOLFSSL_ALWAYS_VERIFY_CB) static int MyRpkVerifyCb(int mode, WOLFSSL_X509_STORE_CTX* strctx) { int ret = WOLFSSL_SUCCESS; (void)mode; (void)strctx; WOLFSSL_ENTER("MyRpkVerifyCb"); return ret; } #endif /* WOLFSSL_ALWAYS_VERIFY_CB */ static WC_INLINE int test_rpk_memio_setup( struct test_memio_ctx *ctx, WOLFSSL_CTX **ctx_c, WOLFSSL_CTX **ctx_s, WOLFSSL **ssl_c, WOLFSSL **ssl_s, method_provider method_c, method_provider method_s, const char* certfile_c, int fmt_cc, /* client cert file path and format */ const char* certfile_s, int fmt_cs, /* server cert file path and format */ const char* pkey_c, int fmt_kc, /* client private key and format */ const char* pkey_s, int fmt_ks /* server private key and format */ ) { int ret; if (ctx_c != NULL && *ctx_c == NULL) { *ctx_c = wolfSSL_CTX_new(method_c()); if (*ctx_c == NULL) { return -1; } wolfSSL_CTX_set_verify(*ctx_c, WOLFSSL_VERIFY_PEER, NULL); ret = wolfSSL_CTX_load_verify_locations(*ctx_c, caCertFile, 0); if (ret != WOLFSSL_SUCCESS) { return -1; } wolfSSL_SetIORecv(*ctx_c, test_memio_read_cb); wolfSSL_SetIOSend(*ctx_c, test_memio_write_cb); ret = wolfSSL_CTX_use_certificate_file(*ctx_c, certfile_c, fmt_cc); if (ret != WOLFSSL_SUCCESS) { return -1; } ret = wolfSSL_CTX_use_PrivateKey_file(*ctx_c, pkey_c, fmt_kc); if (ret != WOLFSSL_SUCCESS) { return -1; } } if (ctx_s != NULL && *ctx_s == NULL) { *ctx_s = wolfSSL_CTX_new(method_s()); if (*ctx_s == NULL) { return -1; } wolfSSL_CTX_set_verify(*ctx_s, WOLFSSL_VERIFY_PEER, NULL); ret = wolfSSL_CTX_load_verify_locations(*ctx_s, cliCertFile, 0); if (ret != WOLFSSL_SUCCESS) { return -1; } ret = wolfSSL_CTX_use_PrivateKey_file(*ctx_s, pkey_s, fmt_ks); if (ret != WOLFSSL_SUCCESS) { return -1; } ret = wolfSSL_CTX_use_certificate_file(*ctx_s, certfile_s, fmt_cs); if (ret != WOLFSSL_SUCCESS) { return -1; } wolfSSL_SetIORecv(*ctx_s, test_memio_read_cb); wolfSSL_SetIOSend(*ctx_s, test_memio_write_cb); if (ctx->s_ciphers != NULL) { ret = wolfSSL_CTX_set_cipher_list(*ctx_s, ctx->s_ciphers); if (ret != WOLFSSL_SUCCESS) { return -1; } } } if (ctx_c != NULL && ssl_c != NULL) { *ssl_c = wolfSSL_new(*ctx_c); if (*ssl_c == NULL) { return -1; } wolfSSL_SetIOWriteCtx(*ssl_c, ctx); wolfSSL_SetIOReadCtx(*ssl_c, ctx); } if (ctx_s != NULL && ssl_s != NULL) { *ssl_s = wolfSSL_new(*ctx_s); if (*ssl_s == NULL) { return -1; } wolfSSL_SetIOWriteCtx(*ssl_s, ctx); wolfSSL_SetIOReadCtx(*ssl_s, ctx); #if !defined(NO_DH) SetDH(*ssl_s); #endif } return 0; } #endif /* HAVE_RPK */ static int test_rpk_set_xxx_cert_type(void) { EXPECT_DECLS; #if defined(HAVE_RPK) char ctype[MAX_CLIENT_CERT_TYPE_CNT + 1]; /* prepare bigger buffer */ WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; int tp; ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()); ExpectNotNull(ctx); ssl = wolfSSL_new(ctx); ExpectNotNull(ssl); /*--------------------------------------------*/ /* tests for wolfSSL_CTX_set_client_cert_type */ /*--------------------------------------------*/ /* illegal parameter test caces */ ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(NULL, ctype, MAX_CLIENT_CERT_TYPE_CNT), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, ctype, sizeof(ctype)), BAD_FUNC_ARG); ctype[0] = WOLFSSL_CERT_TYPE_RPK; /* set an identical cert type */ ctype[1] = WOLFSSL_CERT_TYPE_RPK; ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, ctype, MAX_CLIENT_CERT_TYPE_CNT), BAD_FUNC_ARG); ctype[0] = WOLFSSL_CERT_TYPE_X509; ctype[1] = 10; /* set unknown cert type */ ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, ctype, MAX_CLIENT_CERT_TYPE_CNT), BAD_FUNC_ARG); /* pass larger type count */ ctype[0] = WOLFSSL_CERT_TYPE_RPK; ctype[1] = WOLFSSL_CERT_TYPE_X509; ctype[2] = 1; /* pass unacceptable type count */ ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, ctype, MAX_CLIENT_CERT_TYPE_CNT + 1), BAD_FUNC_ARG); /* should accept NULL for type buffer */ ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, NULL, MAX_CLIENT_CERT_TYPE_CNT), WOLFSSL_SUCCESS); /* should accept zero for type count */ ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, ctype, 0), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, ctype, MAX_CLIENT_CERT_TYPE_CNT), WOLFSSL_SUCCESS); /*--------------------------------------------*/ /* tests for wolfSSL_CTX_set_server_cert_type */ /*--------------------------------------------*/ ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(NULL, ctype, MAX_SERVER_CERT_TYPE_CNT), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, ctype, sizeof(ctype)), BAD_FUNC_ARG); ctype[0] = WOLFSSL_CERT_TYPE_RPK; /* set an identical cert type */ ctype[1] = WOLFSSL_CERT_TYPE_RPK; ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, ctype, MAX_SERVER_CERT_TYPE_CNT), BAD_FUNC_ARG); ctype[0] = WOLFSSL_CERT_TYPE_X509; ctype[1] = 10; /* set unknown cert type */ ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, ctype, MAX_SERVER_CERT_TYPE_CNT), BAD_FUNC_ARG); /* pass larger type count */ ctype[0] = WOLFSSL_CERT_TYPE_RPK; ctype[1] = WOLFSSL_CERT_TYPE_X509; ctype[2] = 1; /* pass unacceptable type count */ ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, ctype, MAX_SERVER_CERT_TYPE_CNT + 1), BAD_FUNC_ARG); /* should accept NULL for type buffer */ ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, NULL, MAX_SERVER_CERT_TYPE_CNT), WOLFSSL_SUCCESS); /* should accept zero for type count */ ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, ctype, 0), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, ctype, MAX_CLIENT_CERT_TYPE_CNT), WOLFSSL_SUCCESS); /*--------------------------------------------*/ /* tests for wolfSSL_set_client_cert_type */ /*--------------------------------------------*/ ExpectIntEQ(wolfSSL_set_client_cert_type(NULL, ctype, MAX_CLIENT_CERT_TYPE_CNT), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, ctype, sizeof(ctype)), BAD_FUNC_ARG); ctype[0] = WOLFSSL_CERT_TYPE_RPK; /* set an identical cert type */ ctype[1] = WOLFSSL_CERT_TYPE_RPK; ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, ctype, MAX_CLIENT_CERT_TYPE_CNT), BAD_FUNC_ARG); ctype[0] = WOLFSSL_CERT_TYPE_X509; ctype[1] = 10; /* set unknown cert type */ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, ctype, MAX_CLIENT_CERT_TYPE_CNT), BAD_FUNC_ARG); /* pass larger type count */ ctype[0] = WOLFSSL_CERT_TYPE_RPK; ctype[1] = WOLFSSL_CERT_TYPE_X509; ctype[2] = 1; /* pass unacceptable type count */ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, ctype, MAX_CLIENT_CERT_TYPE_CNT + 1), BAD_FUNC_ARG); /* should accept NULL for type buffer */ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, NULL, MAX_CLIENT_CERT_TYPE_CNT), WOLFSSL_SUCCESS); /* should accept zero for type count */ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, ctype, 0), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, ctype, MAX_CLIENT_CERT_TYPE_CNT), WOLFSSL_SUCCESS); /*--------------------------------------------*/ /* tests for wolfSSL_CTX_set_server_cert_type */ /*--------------------------------------------*/ ExpectIntEQ(wolfSSL_set_server_cert_type(NULL, ctype, MAX_SERVER_CERT_TYPE_CNT), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, ctype, sizeof(ctype)), BAD_FUNC_ARG); ctype[0] = WOLFSSL_CERT_TYPE_RPK; /* set an identical cert type */ ctype[1] = WOLFSSL_CERT_TYPE_RPK; ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, ctype, MAX_SERVER_CERT_TYPE_CNT), BAD_FUNC_ARG); ctype[0] = WOLFSSL_CERT_TYPE_X509; ctype[1] = 10; /* set unknown cert type */ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, ctype, MAX_SERVER_CERT_TYPE_CNT), BAD_FUNC_ARG); /* pass larger type count */ ctype[0] = WOLFSSL_CERT_TYPE_RPK; ctype[1] = WOLFSSL_CERT_TYPE_X509; ctype[2] = 1; /* pass unacceptable type count */ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, ctype, MAX_SERVER_CERT_TYPE_CNT + 1), BAD_FUNC_ARG); /* should accept NULL for type buffer */ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, NULL, MAX_SERVER_CERT_TYPE_CNT), WOLFSSL_SUCCESS); /* should accept zero for type count */ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, ctype, 0), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, ctype, MAX_SERVER_CERT_TYPE_CNT), WOLFSSL_SUCCESS); /*------------------------------------------------*/ /* tests for wolfSSL_get_negotiated_xxx_cert_type */ /*------------------------------------------------*/ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(NULL, &tp), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl, NULL), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(NULL, &tp), BAD_FUNC_ARG); ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl, NULL), BAD_FUNC_ARG); /* clean up */ wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); #endif return EXPECT_RESULT(); } static int test_tls13_rpk_handshake(void) { EXPECT_DECLS; #if defined(HAVE_RPK) int ret = 0; WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL; WOLFSSL *ssl_c = NULL, *ssl_s = NULL; struct test_memio_ctx test_ctx; int err; char certType_c[MAX_CLIENT_CERT_TYPE_CNT]; char certType_s[MAX_CLIENT_CERT_TYPE_CNT]; int typeCnt_c; int typeCnt_s; int tp; (void)err; (void)typeCnt_c; (void)typeCnt_s; (void)certType_c; (void)certType_s; /* TLS1.2 * Both client and server load x509 cert and start handshaking. * Check no negotiation occurred. */ XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ( test_rpk_memio_setup( &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfTLSv1_2_client_method, wolfTLSv1_2_server_method, cliCertFile, WOLFSSL_FILETYPE_PEM, svrCertFile, WOLFSSL_FILETYPE_PEM, cliKeyFile, WOLFSSL_FILETYPE_PEM, svrKeyFile, WOLFSSL_FILETYPE_PEM) , 0); /* set client certificate type in client end */ certType_c[0] = WOLFSSL_CERT_TYPE_RPK; certType_c[1] = WOLFSSL_CERT_TYPE_X509; typeCnt_c = 2; certType_s[0] = WOLFSSL_CERT_TYPE_RPK; certType_s[1] = WOLFSSL_CERT_TYPE_X509; typeCnt_s = 2; /* both clien and server do not call client/server_cert_type APIs, * expecting default settings works and no negotiation performed. */ if (test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0) return TEST_FAIL; /* confirm no negotiation occurred */ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp), WOLFSSL_SUCCESS); ExpectIntEQ((int)tp, WOLFSSL_CERT_TYPE_UNKNOWN); ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN); ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN); ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN); wolfSSL_free(ssl_c); wolfSSL_CTX_free(ctx_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_s); ssl_c = ssl_s = NULL; ctx_c = ctx_s = NULL; /* Both client and server load x509 cert and start handshaking. * Check no negotiation occurred. */ XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ( test_rpk_memio_setup( &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, cliCertFile, WOLFSSL_FILETYPE_PEM, svrCertFile, WOLFSSL_FILETYPE_PEM, cliKeyFile, WOLFSSL_FILETYPE_PEM, svrKeyFile, WOLFSSL_FILETYPE_PEM ) , 0); /* set client certificate type in client end */ certType_c[0] = WOLFSSL_CERT_TYPE_RPK; certType_c[1] = WOLFSSL_CERT_TYPE_X509; typeCnt_c = 2; certType_s[0] = WOLFSSL_CERT_TYPE_RPK; certType_s[1] = WOLFSSL_CERT_TYPE_X509; typeCnt_s = 2; /* both clien and server do not call client/server_cert_type APIs, * expecting default settings works and no negotiation performed. */ if (test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0) return TEST_FAIL; /* confirm no negotiation occurred */ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp), WOLFSSL_SUCCESS); ExpectIntEQ((int)tp, WOLFSSL_CERT_TYPE_UNKNOWN); ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN); ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN); ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN); wolfSSL_free(ssl_c); wolfSSL_CTX_free(ctx_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_s); ssl_c = ssl_s = NULL; ctx_c = ctx_s = NULL; /* Both client and server load RPK cert and start handshaking. * Confirm negotiated cert types match as expected. */ XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ( test_rpk_memio_setup( &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, clntRpkCertFile, WOLFSSL_FILETYPE_ASN1, svrRpkCertFile, WOLFSSL_FILETYPE_ASN1, cliKeyFile, WOLFSSL_FILETYPE_PEM, svrKeyFile, WOLFSSL_FILETYPE_PEM ) , 0); /* set client certificate type in client end */ certType_c[0] = WOLFSSL_CERT_TYPE_RPK; certType_c[1] = WOLFSSL_CERT_TYPE_X509; typeCnt_c = 2; certType_s[0] = WOLFSSL_CERT_TYPE_RPK; certType_s[1] = WOLFSSL_CERT_TYPE_X509; typeCnt_s = 2; ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c), WOLFSSL_SUCCESS); /* set server certificate type in client end */ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s), WOLFSSL_SUCCESS); /* set client certificate type in server end */ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c), WOLFSSL_SUCCESS); /* set server certificate type in server end */ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_s, certType_s, typeCnt_s), WOLFSSL_SUCCESS); if (test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0) return TEST_FAIL; ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK); ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK); ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK); ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK); wolfSSL_free(ssl_c); wolfSSL_CTX_free(ctx_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_s); ssl_c = ssl_s = NULL; ctx_c = ctx_s = NULL; /* TLS1.2 * Both client and server load RPK cert and start handshaking. * Confirm negotiated cert types match as expected. */ XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ( test_rpk_memio_setup( &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfTLSv1_2_client_method, wolfTLSv1_2_server_method, clntRpkCertFile, WOLFSSL_FILETYPE_ASN1, svrRpkCertFile, WOLFSSL_FILETYPE_ASN1, cliKeyFile, WOLFSSL_FILETYPE_PEM, svrKeyFile, WOLFSSL_FILETYPE_PEM ) , 0); /* set client certificate type in client end */ certType_c[0] = WOLFSSL_CERT_TYPE_RPK; certType_c[1] = WOLFSSL_CERT_TYPE_X509; typeCnt_c = 2; certType_s[0] = WOLFSSL_CERT_TYPE_RPK; certType_s[1] = WOLFSSL_CERT_TYPE_X509; typeCnt_s = 2; ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c), WOLFSSL_SUCCESS); /* set server certificate type in client end */ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s), WOLFSSL_SUCCESS); /* set client certificate type in server end */ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c), WOLFSSL_SUCCESS); /* set server certificate type in server end */ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_s, certType_s, typeCnt_s), WOLFSSL_SUCCESS); if (test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0) return TEST_FAIL; ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK); ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK); ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK); ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK); wolfSSL_free(ssl_c); wolfSSL_CTX_free(ctx_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_s); ssl_c = ssl_s = NULL; ctx_c = ctx_s = NULL; /* Both client and server load x509 cert. * Have client call set_client_cert_type with both RPK and x509. * This doesn't makes client add client cert type extension to ClientHello, * since it does not load RPK cert actually. */ XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ( test_rpk_memio_setup( &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, cliCertFile, WOLFSSL_FILETYPE_PEM, svrCertFile, WOLFSSL_FILETYPE_PEM, cliKeyFile, WOLFSSL_FILETYPE_PEM, svrKeyFile, WOLFSSL_FILETYPE_PEM ) , 0); /* set client certificate type in client end */ certType_c[0] = WOLFSSL_CERT_TYPE_RPK; certType_c[1] = WOLFSSL_CERT_TYPE_X509; typeCnt_c = 2; /* client indicates both RPK and x509 certs are available but loaded RPK * cert only. It does not have client add client-cert-type extension in CH. */ certType_c[0] = WOLFSSL_CERT_TYPE_RPK; certType_c[1] = WOLFSSL_CERT_TYPE_X509; typeCnt_c = 2; ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c), WOLFSSL_SUCCESS); /* client indicates both RPK and x509 certs are acceptable */ certType_s[0] = WOLFSSL_CERT_TYPE_RPK; certType_s[1] = WOLFSSL_CERT_TYPE_X509; typeCnt_s = 2; ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s), WOLFSSL_SUCCESS); /* server indicates both RPK and x509 certs are acceptable */ certType_c[0] = WOLFSSL_CERT_TYPE_RPK; certType_c[1] = WOLFSSL_CERT_TYPE_X509; typeCnt_c = 2; ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c), WOLFSSL_SUCCESS); /* server should indicate only RPK cert is available */ certType_s[0] = WOLFSSL_CERT_TYPE_X509; certType_s[1] = -1; typeCnt_s = 1; ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_s, certType_s, typeCnt_s), WOLFSSL_SUCCESS); if (test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0) return TEST_FAIL; /* Negotiation for client-cert-type should NOT happen. Therefore -1 should * be returned as cert type. */ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN); ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509); ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN); ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509); wolfSSL_free(ssl_c); wolfSSL_CTX_free(ctx_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_s); ssl_c = ssl_s = NULL; ctx_c = ctx_s = NULL; /* Have client load RPK cert and have server load x509 cert. * Check the negotiation result from both ends. */ XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ( test_rpk_memio_setup( &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, clntRpkCertFile, WOLFSSL_FILETYPE_ASN1, svrCertFile, WOLFSSL_FILETYPE_PEM, cliKeyFile, WOLFSSL_FILETYPE_PEM, svrKeyFile, WOLFSSL_FILETYPE_PEM ) , 0); /* have client tell to use RPK cert */ certType_c[0] = WOLFSSL_CERT_TYPE_RPK; certType_c[1] = -1; typeCnt_c = 1; ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c), WOLFSSL_SUCCESS); /* have client tell to accept both RPK and x509 cert */ certType_s[0] = WOLFSSL_CERT_TYPE_X509; certType_s[1] = WOLFSSL_CERT_TYPE_RPK; typeCnt_s = 2; ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s), WOLFSSL_SUCCESS); /* have server accept to both RPK and x509 cert */ certType_c[0] = WOLFSSL_CERT_TYPE_X509; certType_c[1] = WOLFSSL_CERT_TYPE_RPK; typeCnt_c = 2; ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c), WOLFSSL_SUCCESS); /* does not call wolfSSL_set_server_cert_type intentionally in sesrver * end, expecting the default setting works. */ if (test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0) return TEST_FAIL; ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK); ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509); ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK); ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509); wolfSSL_free(ssl_c); wolfSSL_CTX_free(ctx_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_s); ssl_c = ssl_s = NULL; ctx_c = ctx_s = NULL; /* Have both client and server load RPK cert, however, have server * indicate its cert type x509. * Client is expected to detect the cert type mismatch then to send alert * with "unsupported_certificate". */ XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ( test_rpk_memio_setup( &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, clntRpkCertFile, WOLFSSL_FILETYPE_ASN1, svrRpkCertFile, WOLFSSL_FILETYPE_ASN1, /* server sends RPK cert */ cliKeyFile, WOLFSSL_FILETYPE_PEM, svrKeyFile, WOLFSSL_FILETYPE_PEM ) , 0); /* have client tell to use RPK cert */ certType_c[0] = WOLFSSL_CERT_TYPE_RPK; certType_c[1] = -1; typeCnt_c = 1; ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c), WOLFSSL_SUCCESS); /* have client tell to accept both RPK and x509 cert */ certType_s[0] = WOLFSSL_CERT_TYPE_X509; certType_s[1] = WOLFSSL_CERT_TYPE_RPK; typeCnt_s = 2; ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s), WOLFSSL_SUCCESS); /* have server accept to both RPK and x509 cert */ certType_c[0] = WOLFSSL_CERT_TYPE_X509; certType_c[1] = WOLFSSL_CERT_TYPE_RPK; typeCnt_c = 2; ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c), WOLFSSL_SUCCESS); /* have server tell to use x509 cert intentionally. This will bring * certificate type mismatch in client side. */ certType_s[0] = WOLFSSL_CERT_TYPE_X509; certType_s[1] = -1; typeCnt_s = 1; ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_s, certType_s, typeCnt_s), WOLFSSL_SUCCESS); /* expect client detect cert type mismatch then send Alert */ ret = test_memio_do_handshake(ssl_c, ssl_s, 10, NULL); if (ret != -1) return TEST_FAIL; ExpectIntEQ(wolfSSL_get_error(ssl_c, ret), UNSUPPORTED_CERTIFICATE); ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK); ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509); ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK); ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509); wolfSSL_free(ssl_c); wolfSSL_CTX_free(ctx_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_s); ssl_c = ssl_s = NULL; ctx_c = ctx_s = NULL; /* Have client load x509 cert and server load RPK cert, * however, have client indicate its cert type RPK. * Server is expected to detect the cert type mismatch then to send alert * with "unsupported_certificate". */ XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ( test_rpk_memio_setup( &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, cliCertFile, WOLFSSL_FILETYPE_PEM, svrRpkCertFile, WOLFSSL_FILETYPE_ASN1, cliKeyFile, WOLFSSL_FILETYPE_PEM, svrKeyFile, WOLFSSL_FILETYPE_PEM ) , 0); /* have client tell to use RPK cert intentionally */ certType_c[0] = WOLFSSL_CERT_TYPE_RPK; certType_c[1] = -1; typeCnt_c = 1; ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c), WOLFSSL_SUCCESS); /* have client tell to accept both RPK and x509 cert */ certType_s[0] = WOLFSSL_CERT_TYPE_X509; certType_s[1] = WOLFSSL_CERT_TYPE_RPK; typeCnt_s = 2; ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s), WOLFSSL_SUCCESS); /* have server accept to both RPK and x509 cert */ certType_c[0] = WOLFSSL_CERT_TYPE_X509; certType_c[1] = WOLFSSL_CERT_TYPE_RPK; typeCnt_c = 2; ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c), WOLFSSL_SUCCESS); /* have server tell to use x509 cert intentionally. This will bring * certificate type mismatch in client side. */ certType_s[0] = WOLFSSL_CERT_TYPE_X509; certType_s[1] = -1; typeCnt_s = 1; ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_s, certType_s, typeCnt_s), WOLFSSL_SUCCESS); ret = test_memio_do_handshake(ssl_c, ssl_s, 10, NULL); /* expect server detect cert type mismatch then send Alert */ ExpectIntNE(ret, 0); err = wolfSSL_get_error(ssl_c, ret); ExpectIntEQ(err, UNSUPPORTED_CERTIFICATE); /* client did not load RPK cert actually, so negotiation did not happen */ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN); ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509); /* client did not load RPK cert actually, so negotiation did not happen */ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN); ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509); wolfSSL_free(ssl_c); wolfSSL_CTX_free(ctx_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_s); ssl_c = ssl_s = NULL; ctx_c = ctx_s = NULL; #if defined(WOLFSSL_ALWAYS_VERIFY_CB) /* Both client and server load RPK cert and set certificate verify * callbacks then start handshaking. * Confirm both side can refer the peer's cert. */ XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ( test_rpk_memio_setup( &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, clntRpkCertFile, WOLFSSL_FILETYPE_ASN1, svrRpkCertFile, WOLFSSL_FILETYPE_ASN1, cliKeyFile, WOLFSSL_FILETYPE_PEM, svrKeyFile, WOLFSSL_FILETYPE_PEM ) , 0); /* set client certificate type in client end */ certType_c[0] = WOLFSSL_CERT_TYPE_RPK; certType_c[1] = WOLFSSL_CERT_TYPE_X509; typeCnt_c = 2; certType_s[0] = WOLFSSL_CERT_TYPE_RPK; certType_s[1] = WOLFSSL_CERT_TYPE_X509; typeCnt_s = 2; ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c), WOLFSSL_SUCCESS); /* set server certificate type in client end */ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s), WOLFSSL_SUCCESS); /* set client certificate type in server end */ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c), WOLFSSL_SUCCESS); /* set server certificate type in server end */ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_s, certType_s, typeCnt_s), WOLFSSL_SUCCESS); /* set certificate verify callback to both client and server */ int isServer = 0; wolfSSL_SetCertCbCtx(ssl_c, &isServer); wolfSSL_set_verify(ssl_c, SSL_VERIFY_PEER, MyRpkVerifyCb); isServer = 1; wolfSSL_SetCertCbCtx(ssl_c, &isServer); wolfSSL_set_verify(ssl_s, SSL_VERIFY_PEER, MyRpkVerifyCb); ret = test_memio_do_handshake(ssl_c, ssl_s, 10, NULL); if (ret != 0) return TEST_FAIL; ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK); ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK); ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK); ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp), WOLFSSL_SUCCESS); ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK); wolfSSL_free(ssl_c); wolfSSL_CTX_free(ctx_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_s); ssl_c = ssl_s = NULL; ctx_c = ctx_s = NULL; #endif /* WOLFSSL_ALWAYS_VERIFY_CB */ #endif /* HAVE_RPK */ return EXPECT_RESULT(); } #if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) static int test_dtls13_bad_epoch_ch(void) { EXPECT_DECLS; WOLFSSL_CTX *ctx_c = NULL; WOLFSSL_CTX *ctx_s = NULL; WOLFSSL *ssl_c = NULL; WOLFSSL *ssl_s = NULL; struct test_memio_ctx test_ctx; const int EPOCH_OFF = 3; XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0); /* disable hrr cookie so we can later check msgsReceived.got_client_hello * with just one message */ ExpectIntEQ(wolfSSL_disable_hrr_cookie(ssl_s), WOLFSSL_SUCCESS); ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR), WOLFSSL_ERROR_WANT_READ); ExpectIntGE(test_ctx.s_len, EPOCH_OFF + 2); /* first CH should use epoch 0x0 */ ExpectTrue((test_ctx.s_buff[EPOCH_OFF] == 0x0) && (test_ctx.s_buff[EPOCH_OFF + 1] == 0x0)); /* change epoch to 2 */ test_ctx.s_buff[EPOCH_OFF + 1] = 0x2; ExpectIntNE(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_get_error(ssl_s, WOLFSSL_FATAL_ERROR), WOLFSSL_ERROR_WANT_READ); ExpectIntNE(ssl_s->msgsReceived.got_client_hello, 1); /* resend the CH */ ExpectIntEQ(wolfSSL_dtls_got_timeout(ssl_c), WOLFSSL_SUCCESS); ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0); wolfSSL_free(ssl_c); wolfSSL_CTX_free(ctx_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_s); return EXPECT_RESULT(); } #else static int test_dtls13_bad_epoch_ch(void) { return TEST_SKIPPED; } #endif #if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && !defined(NO_SESSION_CACHE) static int test_short_session_id_ssl_ready(WOLFSSL* ssl) { EXPECT_DECLS; WOLFSSL_SESSION *sess = NULL; /* Setup the session to avoid errors */ ssl->session->timeout = -1; ssl->session->side = WOLFSSL_CLIENT_END; #if defined(SESSION_CERTS) || (defined(WOLFSSL_TLS13) && \ defined(HAVE_SESSION_TICKET)) ssl->session->version = ssl->version; #endif /* Force a short session ID to be sent */ ssl->session->sessionIDSz = 4; #ifndef NO_SESSION_CACHE_REF /* Allow the client cache to be used */ ssl->session->idLen = 4; #endif ssl->session->isSetup = 1; ExpectNotNull(sess = wolfSSL_get_session(ssl)); ExpectIntEQ(wolfSSL_set_session(ssl, sess), WOLFSSL_SUCCESS); return EXPECT_RESULT(); } static int test_short_session_id(void) { EXPECT_DECLS; test_ssl_cbf client_cbf; test_ssl_cbf server_cbf; size_t i; struct { method_provider client_meth; method_provider server_meth; const char* tls_version; } params[] = { #if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \ defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TICKET_HAVE_ID) && \ !defined(WOLFSSL_TLS13_MIDDLEBOX_COMPAT) /* With WOLFSSL_TLS13_MIDDLEBOX_COMPAT a short ID will result in an error */ { wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, "TLSv1_3" }, #ifdef WOLFSSL_DTLS13 { wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method, "DTLSv1_3" }, #endif #endif #ifndef WOLFSSL_NO_TLS12 { wolfTLSv1_2_client_method, wolfTLSv1_2_server_method, "TLSv1_2" }, #ifdef WOLFSSL_DTLS { wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method, "DTLSv1_2" }, #endif #endif #if !defined(NO_OLD_TLS) && ((!defined(NO_AES) && !defined(NO_AES_CBC)) || \ !defined(NO_DES3)) { wolfTLSv1_1_client_method, wolfTLSv1_1_server_method, "TLSv1_1" }, #ifdef WOLFSSL_DTLS { wolfDTLSv1_client_method, wolfDTLSv1_server_method, "DTLSv1_0" }, #endif #endif }; fprintf(stderr, "\n"); for (i = 0; i < sizeof(params)/sizeof(*params) && !EXPECT_FAIL(); i++) { XMEMSET(&client_cbf, 0, sizeof(client_cbf)); XMEMSET(&server_cbf, 0, sizeof(server_cbf)); fprintf(stderr, "\tTesting short ID with %s\n", params[i].tls_version); client_cbf.ssl_ready = test_short_session_id_ssl_ready; client_cbf.method = params[i].client_meth; server_cbf.method = params[i].server_meth; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf, &server_cbf, NULL), TEST_SUCCESS); } return EXPECT_RESULT(); } #else static int test_short_session_id(void) { return TEST_SKIPPED; } #endif #if defined(HAVE_NULL_CIPHER) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) \ && defined(WOLFSSL_DTLS13) static byte* test_find_string(const char *string, byte *buf, int buf_size) { int string_size, i; string_size = (int)XSTRLEN(string); for (i = 0; i < buf_size - string_size - 1; i++) { if (XSTRCMP((char*)&buf[i], string) == 0) return &buf[i]; } return NULL; } static int test_wolfSSL_dtls13_null_cipher(void) { EXPECT_DECLS; WOLFSSL_CTX *ctx_c = NULL; WOLFSSL_CTX *ctx_s = NULL; WOLFSSL *ssl_c = NULL; WOLFSSL *ssl_s = NULL; struct test_memio_ctx test_ctx; const char *test_str = "test"; int test_str_size; byte buf[255], *ptr = NULL; XMEMSET(&test_ctx, 0, sizeof(test_ctx)); test_ctx.c_ciphers = test_ctx.s_ciphers = "TLS13-SHA256-SHA256"; ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0); ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0); test_str_size = XSTRLEN("test") + 1; ExpectIntEQ(wolfSSL_write(ssl_c, test_str, test_str_size), test_str_size); ExpectIntEQ(wolfSSL_read(ssl_s, buf, sizeof(buf)), test_str_size); ExpectIntEQ(XSTRCMP((char*)buf, test_str), 0); ExpectIntEQ(wolfSSL_write(ssl_c, test_str, test_str_size), test_str_size); /* check that the packet was sent cleartext */ ExpectNotNull(ptr = test_find_string(test_str, test_ctx.s_buff, test_ctx.s_len)); if (ptr != NULL) { /* modify the message */ *ptr = 'H'; /* bad messages should be ignored in DTLS */ ExpectIntEQ(wolfSSL_read(ssl_s, buf, sizeof(buf)), -1); ExpectIntEQ(ssl_s->error, WANT_READ); } wolfSSL_free(ssl_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_c); wolfSSL_CTX_free(ctx_s); return TEST_SUCCESS; } #else static int test_wolfSSL_dtls13_null_cipher(void) { return TEST_SKIPPED; } #endif #if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \ !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \ !defined(SINGLE_THREADED) && !defined(NO_RSA) static int test_dtls_msg_get_connected_port(int fd, word16 *port) { SOCKADDR_S peer; XSOCKLENT len; int ret; XMEMSET((byte*)&peer, 0, sizeof(peer)); len = sizeof(peer); ret = getpeername(fd, (SOCKADDR*)&peer, &len); if (ret != 0 || len > (XSOCKLENT)sizeof(peer)) return -1; switch (peer.ss_family) { #ifdef WOLFSSL_IPV6 case WOLFSSL_IP6: { *port = ntohs(((SOCKADDR_IN6*)&peer)->sin6_port); break; } #endif /* WOLFSSL_IPV6 */ case WOLFSSL_IP4: *port = ntohs(((SOCKADDR_IN*)&peer)->sin_port); break; default: return -1; } return 0; } static int test_dtls_msg_from_other_peer_cb(WOLFSSL_CTX *ctx, WOLFSSL *ssl) { char buf[1] = {'t'}; SOCKADDR_IN_T addr; int sock_fd; word16 port; int err; (void)ssl; (void)ctx; if (ssl == NULL) return -1; err = test_dtls_msg_get_connected_port(wolfSSL_get_fd(ssl), &port); if (err != 0) return -1; sock_fd = socket(AF_INET_V, SOCK_DGRAM, 0); if (sock_fd == -1) return -1; build_addr(&addr, wolfSSLIP, port, 1, 0); /* send a packet to the server. Being another socket, the kernel will ensure * the source port will be different. */ err = (int)sendto(sock_fd, buf, sizeof(buf), 0, (SOCKADDR*)&addr, sizeof(addr)); close(sock_fd); if (err == -1) return -1; return 0; } /* setup a SSL session but just after the handshake send a packet to the server * with a source address different than the one of the connected client. The I/O * callback EmbedRecvFrom should just ignore the packet. Sending of the packet * is done in test_dtls_msg_from_other_peer_cb */ static int test_dtls_msg_from_other_peer(void) { EXPECT_DECLS; callback_functions client_cbs; callback_functions server_cbs; XMEMSET((byte*)&client_cbs, 0, sizeof(client_cbs)); XMEMSET((byte*)&server_cbs, 0, sizeof(server_cbs)); client_cbs.method = wolfDTLSv1_2_client_method; server_cbs.method = wolfDTLSv1_2_server_method; client_cbs.doUdp = 1; server_cbs.doUdp = 1; test_wolfSSL_client_server_nofail_ex(&client_cbs, &server_cbs, test_dtls_msg_from_other_peer_cb); ExpectIntEQ(client_cbs.return_code, WOLFSSL_SUCCESS); ExpectIntEQ(server_cbs.return_code, WOLFSSL_SUCCESS); return EXPECT_RESULT(); } #else static int test_dtls_msg_from_other_peer(void) { return TEST_SKIPPED; } #endif /* defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \ * !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \ * !defined(SINGLE_THREADED) && !defined(NO_RSA) */ #if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_IPV6) && \ !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \ defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_NO_TLS12) static int test_dtls_ipv6_check(void) { EXPECT_DECLS; WOLFSSL_CTX *ctx_c = NULL; WOLFSSL_CTX *ctx_s = NULL; WOLFSSL *ssl_c = NULL; WOLFSSL *ssl_s = NULL; SOCKADDR_IN fake_addr6; int sockfd = -1; ExpectNotNull(ctx_c = wolfSSL_CTX_new(wolfDTLSv1_2_client_method())); ExpectNotNull(ssl_c = wolfSSL_new(ctx_c)); ExpectNotNull(ctx_s = wolfSSL_CTX_new(wolfDTLSv1_2_server_method())); ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_file(ctx_s, svrKeyFile, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_use_certificate_file(ctx_s, svrCertFile, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); ExpectNotNull(ssl_s = wolfSSL_new(ctx_s)); XMEMSET((byte*)&fake_addr6, 0, sizeof(fake_addr6)); /* mimic a sockaddr_in6 struct, this way we can't test without * WOLFSSL_IPV6 */ fake_addr6.sin_family = WOLFSSL_IP6; ExpectIntNE(sockfd = socket(AF_INET, SOCK_DGRAM, 0), -1); ExpectIntEQ(wolfSSL_set_fd(ssl_c, sockfd), WOLFSSL_SUCCESS); /* can't return error here, as the peer is opaque for wolfssl library at * this point */ ExpectIntEQ(wolfSSL_dtls_set_peer(ssl_c, &fake_addr6, sizeof(fake_addr6)), WOLFSSL_SUCCESS); ExpectIntNE(fcntl(sockfd, F_SETFL, O_NONBLOCK), -1); wolfSSL_dtls_set_using_nonblock(ssl_c, 1); ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS); ExpectIntEQ(ssl_c->error, SOCKET_ERROR_E); ExpectIntEQ(wolfSSL_dtls_set_peer(ssl_s, &fake_addr6, sizeof(fake_addr6)), WOLFSSL_SUCCESS); /* reuse the socket */ ExpectIntEQ(wolfSSL_set_fd(ssl_c, sockfd), WOLFSSL_SUCCESS); wolfSSL_dtls_set_using_nonblock(ssl_s, 1); ExpectIntNE(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS); ExpectIntEQ(ssl_s->error, SOCKET_ERROR_E); if (sockfd != -1) close(sockfd); wolfSSL_free(ssl_c); wolfSSL_CTX_free(ctx_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_s); return EXPECT_RESULT(); } #else static int test_dtls_ipv6_check(void) { return TEST_SKIPPED; } #endif #if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \ defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_SECURE_RENEGOTIATION) static WOLFSSL_SESSION* test_wolfSSL_SCR_after_resumption_session = NULL; static void test_wolfSSL_SCR_after_resumption_ctx_ready(WOLFSSL_CTX* ctx) { AssertIntEQ(wolfSSL_CTX_UseSecureRenegotiation(ctx), WOLFSSL_SUCCESS); } static void test_wolfSSL_SCR_after_resumption_on_result(WOLFSSL* ssl) { if (test_wolfSSL_SCR_after_resumption_session == NULL) { test_wolfSSL_SCR_after_resumption_session = wolfSSL_get1_session(ssl); AssertNotNull(test_wolfSSL_SCR_after_resumption_session); } else { char testMsg[] = "Message after SCR"; char msgBuf[sizeof(testMsg)]; int ret; if (!wolfSSL_is_server(ssl)) { AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_set_session(ssl, test_wolfSSL_SCR_after_resumption_session)); } AssertIntEQ(wolfSSL_Rehandshake(ssl), WOLFSSL_SUCCESS); AssertIntEQ(wolfSSL_write(ssl, testMsg, sizeof(testMsg)), sizeof(testMsg)); ret = wolfSSL_read(ssl, msgBuf, sizeof(msgBuf)); if (ret != sizeof(msgBuf)) /* Possibly APP_DATA_READY error. Retry. */ ret = wolfSSL_read(ssl, msgBuf, sizeof(msgBuf)); AssertIntEQ(ret, sizeof(msgBuf)); } } static void test_wolfSSL_SCR_after_resumption_ssl_ready(WOLFSSL* ssl) { AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_set_session(ssl, test_wolfSSL_SCR_after_resumption_session)); } static int test_wolfSSL_SCR_after_resumption(void) { EXPECT_DECLS; callback_functions func_cb_client; callback_functions func_cb_server; XMEMSET(&func_cb_client, 0, sizeof(func_cb_client)); XMEMSET(&func_cb_server, 0, sizeof(func_cb_server)); func_cb_client.method = wolfTLSv1_2_client_method; func_cb_client.ctx_ready = test_wolfSSL_SCR_after_resumption_ctx_ready; func_cb_client.on_result = test_wolfSSL_SCR_after_resumption_on_result; func_cb_server.method = wolfTLSv1_2_server_method; func_cb_server.ctx_ready = test_wolfSSL_SCR_after_resumption_ctx_ready; test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server); ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS); ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS); func_cb_client.ssl_ready = test_wolfSSL_SCR_after_resumption_ssl_ready; func_cb_server.on_result = test_wolfSSL_SCR_after_resumption_on_result; test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server); ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS); ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS); wolfSSL_SESSION_free(test_wolfSSL_SCR_after_resumption_session); return EXPECT_RESULT(); } #else static int test_wolfSSL_SCR_after_resumption(void) { return TEST_SKIPPED; } #endif static int test_wolfSSL_configure_args(void) { EXPECT_DECLS; #if defined(LIBWOLFSSL_CONFIGURE_ARGS) && defined(HAVE_WC_INTROSPECTION) ExpectNotNull(wolfSSL_configure_args()); #endif return EXPECT_RESULT(); } static int test_dtls_no_extensions(void) { EXPECT_DECLS; #if defined(WOLFSSL_DTLS) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && \ !defined(WOLFSSL_NO_TLS12) WOLFSSL *ssl_s = NULL; WOLFSSL_CTX *ctx_s = NULL; struct test_memio_ctx test_ctx; const byte chNoExtensions[] = { /* Handshake type */ 0x16, /* Version */ 0xfe, 0xff, /* Epoch */ 0x00, 0x00, /* Seq number */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* Length */ 0x00, 0x40, /* CH type */ 0x01, /* Length */ 0x00, 0x00, 0x34, /* Msg Seq */ 0x00, 0x00, /* Frag offset */ 0x00, 0x00, 0x00, /* Frag length */ 0x00, 0x00, 0x34, /* Version */ 0xfe, 0xff, /* Random */ 0x62, 0xfe, 0xbc, 0xfe, 0x2b, 0xfe, 0x3f, 0xeb, 0x03, 0xc4, 0xea, 0x37, 0xe7, 0x47, 0x7e, 0x8a, 0xd9, 0xbf, 0x77, 0x0f, 0x6c, 0xb6, 0x77, 0x0b, 0x03, 0x3f, 0x82, 0x2b, 0x21, 0x64, 0x57, 0x1d, /* Session Length */ 0x00, /* Cookie Length */ 0x00, /* CS Length */ 0x00, 0x0c, /* CS */ 0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x14, 0xc0, 0x13, 0x00, 0x39, 0x00, 0x33, /* Comp Meths Length */ 0x01, /* Comp Meths */ 0x00 /* And finally... no extensions */ }; int i; #ifdef OPENSSL_EXTRA int repeats = 2; #else int repeats = 1; #endif for (i = 0; i < repeats; i++) { XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ssl_s = NULL; ctx_s = NULL; ExpectIntEQ(test_memio_setup(&test_ctx, NULL, &ctx_s, NULL, &ssl_s, NULL, wolfDTLS_server_method), 0); XMEMCPY(test_ctx.s_buff, chNoExtensions, sizeof(chNoExtensions)); test_ctx.s_len = sizeof(chNoExtensions); #ifdef OPENSSL_EXTRA if (i > 0) { ExpectIntEQ(wolfSSL_set_max_proto_version(ssl_s, DTLS1_2_VERSION), WOLFSSL_SUCCESS); } #endif ExpectIntEQ(wolfSSL_accept(ssl_s), -1); ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ); /* Expecting a handshake msg. Either HVR or SH. */ ExpectIntGT(test_ctx.c_len, 0); ExpectIntEQ(test_ctx.c_buff[0], 0x16); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_s); } #endif return EXPECT_RESULT(); } static int test_TLSX_CA_NAMES_bad_extension(void) { EXPECT_DECLS; #if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_TLS13) && \ !defined(NO_CERTS) && !defined(WOLFSSL_NO_CA_NAMES) && \ defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA384) && \ defined(HAVE_NULL_CIPHER) /* This test should only fail (with BUFFER_ERROR) when we actually try to * parse the CA Names extension. Otherwise it will return other non-related * errors. If CA Names will be parsed in more configurations, that should * be reflected in the macro guard above. */ WOLFSSL *ssl_c = NULL; WOLFSSL_CTX *ctx_c = NULL; struct test_memio_ctx test_ctx; /* HRR + SH using TLS_DHE_PSK_WITH_NULL_SHA384 */ const byte shBadCaNamesExt[] = { 0x16, 0x03, 0x04, 0x00, 0x3f, 0x02, 0x00, 0x00, 0x3b, 0x03, 0x03, 0xcf, 0x21, 0xad, 0x74, 0xe5, 0x9a, 0x61, 0x11, 0xbe, 0x1d, 0x8c, 0x02, 0x1e, 0x65, 0xb8, 0x91, 0xc2, 0xa2, 0x11, 0x16, 0x7a, 0xbb, 0x8c, 0x5e, 0x07, 0x9e, 0x09, 0xe2, 0xc8, 0xa8, 0x33, 0x9c, 0x00, 0x13, 0x03, 0x00, 0x00, 0x13, 0x94, 0x7e, 0x00, 0x03, 0x0b, 0xf7, 0x03, 0x00, 0x2b, 0x00, 0x02, 0x03, 0x04, 0x00, 0x33, 0x00, 0x02, 0x00, 0x19, 0x16, 0x03, 0x03, 0x00, 0x5c, 0x02, 0x00, 0x00, 0x3b, 0x03, 0x03, 0x03, 0xcf, 0x21, 0xad, 0x74, 0x00, 0x00, 0x83, 0x3f, 0x3b, 0x80, 0x01, 0xac, 0x65, 0x8c, 0x19, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x02, 0x00, 0x9e, 0x09, 0x1c, 0xe8, 0xa8, 0x09, 0x9c, 0x00, 0xc0, 0xb5, 0x00, 0x00, 0x11, 0x8f, 0x00, 0x00, 0x03, 0x3f, 0x00, 0x0c, 0x00, 0x2b, 0x00, 0x02, 0x03, 0x04, 0x13, 0x05, 0x00, 0x00, 0x08, 0x00, 0x00, 0x06, 0x00, 0x04, 0x00, 0x09, 0x00, 0x00, 0x0d, 0x00, 0x00, 0x11, 0x00, 0x00, 0x0d, 0x00, 0x2f, 0x00, 0x01, 0xff, 0xff, 0xff, 0xff, 0xfa, 0x0d, 0x00, 0x00, 0x00, 0xad, 0x02 }; const byte shBadCaNamesExt2[] = { 0x16, 0x03, 0x04, 0x00, 0x3f, 0x02, 0x00, 0x00, 0x3b, 0x03, 0x03, 0xcf, 0x21, 0xad, 0x74, 0xe5, 0x9a, 0x61, 0x11, 0xbe, 0x1d, 0x8c, 0x02, 0x1e, 0x65, 0xb8, 0x91, 0xc2, 0xa2, 0x11, 0x16, 0x7a, 0xbb, 0x8c, 0x5e, 0x07, 0x9e, 0x09, 0xe2, 0xc8, 0xa8, 0x33, 0x9c, 0x00, 0x13, 0x03, 0x00, 0x00, 0x13, 0x94, 0x7e, 0x00, 0x03, 0x0b, 0xf7, 0x03, 0x00, 0x2b, 0x00, 0x02, 0x03, 0x04, 0x00, 0x33, 0x00, 0x02, 0x00, 0x19, 0x16, 0x03, 0x03, 0x00, 0x5e, 0x02, 0x00, 0x00, 0x3b, 0x03, 0x03, 0x7f, 0xd0, 0x2d, 0xea, 0x6e, 0x53, 0xa1, 0x6a, 0xc9, 0xc8, 0x54, 0xef, 0x75, 0xe4, 0xd9, 0xc6, 0x3e, 0x74, 0xcb, 0x30, 0x80, 0xcc, 0x83, 0x3a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xc0, 0x5a, 0x00, 0xc0, 0xb5, 0x00, 0x00, 0x11, 0x8f, 0x00, 0x00, 0x03, 0x03, 0x00, 0x0c, 0x00, 0x2b, 0x00, 0x02, 0x03, 0x04, 0x53, 0x25, 0x00, 0x00, 0x08, 0x00, 0x00, 0x06, 0x00, 0x04, 0x02, 0x05, 0x00, 0x00, 0x0d, 0x00, 0x00, 0x11, 0x00, 0x00, 0x0d, 0x00, 0x2f, 0x00, 0x06, 0x00, 0x04, 0x00, 0x03, 0x30, 0x00, 0x13, 0x94, 0x00, 0x06, 0x00, 0x04, 0x02 }; int i = 0; for (i = 0; i < 2; i++) { XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, NULL, &ssl_c, NULL, wolfTLSv1_3_client_method, NULL), 0); switch (i) { case 0: XMEMCPY(test_ctx.c_buff, shBadCaNamesExt, sizeof(shBadCaNamesExt)); test_ctx.c_len = sizeof(shBadCaNamesExt); break; case 1: XMEMCPY(test_ctx.c_buff, shBadCaNamesExt2, sizeof(shBadCaNamesExt2)); test_ctx.c_len = sizeof(shBadCaNamesExt2); break; } ExpectIntEQ(wolfSSL_connect(ssl_c), -1); #ifndef WOLFSSL_DISABLE_EARLY_SANITY_CHECKS ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), OUT_OF_ORDER_E); #else ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), BUFFER_ERROR); #endif wolfSSL_free(ssl_c); ssl_c = NULL; wolfSSL_CTX_free(ctx_c); ctx_c = NULL; } #endif return EXPECT_RESULT(); } #if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \ defined(HAVE_IO_TESTS_DEPENDENCIES) static void test_dtls_1_0_hvr_downgrade_ctx_ready(WOLFSSL_CTX* ctx) { AssertIntEQ(wolfSSL_CTX_SetMinVersion(ctx, WOLFSSL_DTLSV1_2), WOLFSSL_SUCCESS); } static int test_dtls_1_0_hvr_downgrade(void) { EXPECT_DECLS; callback_functions func_cb_client; callback_functions func_cb_server; XMEMSET(&func_cb_client, 0, sizeof(callback_functions)); XMEMSET(&func_cb_server, 0, sizeof(callback_functions)); func_cb_client.doUdp = func_cb_server.doUdp = 1; func_cb_client.method = wolfDTLS_client_method; func_cb_server.method = wolfDTLSv1_2_server_method; func_cb_client.ctx_ready = test_dtls_1_0_hvr_downgrade_ctx_ready; test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server); ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS); ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS); return EXPECT_RESULT(); } #else static int test_dtls_1_0_hvr_downgrade(void) { EXPECT_DECLS; return EXPECT_RESULT(); } #endif #if defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_NO_TLS12) && \ defined(HAVE_SESSION_TICKET) static WOLFSSL_SESSION* test_session_ticket_no_id_session = NULL; static void test_session_ticket_no_id_on_result(WOLFSSL* ssl) { test_session_ticket_no_id_session = wolfSSL_get1_session(ssl); AssertNotNull(test_session_ticket_no_id_session); } static void test_session_ticket_no_id_ctx_ready(WOLFSSL_CTX* ctx) { AssertIntEQ(wolfSSL_CTX_UseSessionTicket(ctx), WOLFSSL_SUCCESS); } static void test_session_ticket_no_id_ssl_ready(WOLFSSL* ssl) { test_session_ticket_no_id_session->sessionIDSz = 0; AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_set_session(ssl, test_session_ticket_no_id_session)); } static int test_session_ticket_no_id(void) { /* We are testing an expired (invalid crypto context in out case since the * ctx changes) session ticket being sent with the session ID being 0 * length. */ EXPECT_DECLS; callback_functions func_cb_client; callback_functions func_cb_server; XMEMSET(&func_cb_client, 0, sizeof(func_cb_client)); XMEMSET(&func_cb_server, 0, sizeof(func_cb_server)); func_cb_client.method = wolfTLSv1_2_client_method; func_cb_client.ctx_ready = test_session_ticket_no_id_ctx_ready; func_cb_client.on_result = test_session_ticket_no_id_on_result; func_cb_server.method = wolfTLSv1_2_server_method; func_cb_server.ctx_ready = test_session_ticket_no_id_ctx_ready; test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server); ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS); ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS); XMEMSET(&func_cb_client, 0, sizeof(func_cb_client)); XMEMSET(&func_cb_server, 0, sizeof(func_cb_server)); func_cb_client.method = wolfTLSv1_2_client_method; func_cb_client.ctx_ready = test_session_ticket_no_id_ctx_ready; func_cb_client.ssl_ready = test_session_ticket_no_id_ssl_ready; func_cb_server.method = wolfTLSv1_2_server_method; func_cb_server.ctx_ready = test_session_ticket_no_id_ctx_ready; test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server); ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS); ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS); wolfSSL_SESSION_free(test_session_ticket_no_id_session); return EXPECT_RESULT(); } #else static int test_session_ticket_no_id(void) { EXPECT_DECLS; return EXPECT_RESULT(); } #endif static int test_session_ticket_hs_update(void) { EXPECT_DECLS; #if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_TLS13) && \ defined(HAVE_SESSION_TICKET) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) struct test_memio_ctx test_ctx; struct test_memio_ctx test_ctx2; struct test_memio_ctx test_ctx3; WOLFSSL_CTX *ctx_c = NULL; WOLFSSL_CTX *ctx_s = NULL; WOLFSSL *ssl_c = NULL; WOLFSSL *ssl_c2 = NULL; WOLFSSL *ssl_c3 = NULL; WOLFSSL *ssl_s = NULL; WOLFSSL *ssl_s2 = NULL; WOLFSSL *ssl_s3 = NULL; WOLFSSL_SESSION *sess = NULL; byte read_data[1]; XMEMSET(&test_ctx, 0, sizeof(test_ctx)); XMEMSET(&test_ctx2, 0, sizeof(test_ctx2)); XMEMSET(&test_ctx3, 0, sizeof(test_ctx3)); ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfTLSv1_3_client_method, wolfTLSv1_3_server_method), 0); /* Generate tickets */ ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0); wolfSSL_SetLoggingPrefix("client"); /* Read the ticket msg */ ExpectIntEQ(wolfSSL_read(ssl_c, read_data, sizeof(read_data)), WOLFSSL_FATAL_ERROR); ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR), WOLFSSL_ERROR_WANT_READ); wolfSSL_SetLoggingPrefix(NULL); ExpectIntEQ(test_memio_setup(&test_ctx2, &ctx_c, &ctx_s, &ssl_c2, &ssl_s2, wolfTLSv1_3_client_method, wolfTLSv1_3_server_method), 0); ExpectIntEQ(test_memio_setup(&test_ctx3, &ctx_c, &ctx_s, &ssl_c3, &ssl_s3, wolfTLSv1_3_client_method, wolfTLSv1_3_server_method), 0); ExpectNotNull(sess = wolfSSL_get1_session(ssl_c)); ExpectIntEQ(wolfSSL_set_session(ssl_c2, sess), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_set_session(ssl_c3, sess), WOLFSSL_SUCCESS); wolfSSL_SetLoggingPrefix("client"); /* Exchange initial flights for the second connection */ ExpectIntEQ(wolfSSL_connect(ssl_c2), WOLFSSL_FATAL_ERROR); ExpectIntEQ(wolfSSL_get_error(ssl_c2, WOLFSSL_FATAL_ERROR), WOLFSSL_ERROR_WANT_READ); wolfSSL_SetLoggingPrefix(NULL); wolfSSL_SetLoggingPrefix("server"); ExpectIntEQ(wolfSSL_accept(ssl_s2), WOLFSSL_FATAL_ERROR); ExpectIntEQ(wolfSSL_get_error(ssl_s2, WOLFSSL_FATAL_ERROR), WOLFSSL_ERROR_WANT_READ); wolfSSL_SetLoggingPrefix(NULL); /* Complete third connection so that new tickets are exchanged */ ExpectIntEQ(test_memio_do_handshake(ssl_c3, ssl_s3, 10, NULL), 0); /* Read the ticket msg */ wolfSSL_SetLoggingPrefix("client"); ExpectIntEQ(wolfSSL_read(ssl_c3, read_data, sizeof(read_data)), WOLFSSL_FATAL_ERROR); ExpectIntEQ(wolfSSL_get_error(ssl_c3, WOLFSSL_FATAL_ERROR), WOLFSSL_ERROR_WANT_READ); wolfSSL_SetLoggingPrefix(NULL); /* Complete second connection */ ExpectIntEQ(test_memio_do_handshake(ssl_c2, ssl_s2, 10, NULL), 0); ExpectIntEQ(wolfSSL_session_reused(ssl_c2), 1); ExpectIntEQ(wolfSSL_session_reused(ssl_c3), 1); wolfSSL_free(ssl_c); wolfSSL_free(ssl_c2); wolfSSL_free(ssl_c3); wolfSSL_free(ssl_s); wolfSSL_free(ssl_s2); wolfSSL_free(ssl_s3); wolfSSL_CTX_free(ctx_c); wolfSSL_CTX_free(ctx_s); wolfSSL_SESSION_free(sess); #endif return EXPECT_RESULT(); } #if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \ defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_SECURE_RENEGOTIATION) static void test_dtls_downgrade_scr_server_ctx_ready_server(WOLFSSL_CTX* ctx) { AssertIntEQ(wolfSSL_CTX_SetMinVersion(ctx, WOLFSSL_DTLSV1_2), WOLFSSL_SUCCESS); AssertIntEQ(wolfSSL_CTX_UseSecureRenegotiation(ctx), WOLFSSL_SUCCESS); } static void test_dtls_downgrade_scr_server_ctx_ready(WOLFSSL_CTX* ctx) { AssertIntEQ(wolfSSL_CTX_UseSecureRenegotiation(ctx), WOLFSSL_SUCCESS); } static void test_dtls_downgrade_scr_server_on_result(WOLFSSL* ssl) { char testMsg[] = "Message after SCR"; char msgBuf[sizeof(testMsg)]; if (wolfSSL_is_server(ssl)) { AssertIntEQ(wolfSSL_Rehandshake(ssl), WOLFSSL_FATAL_ERROR); AssertIntEQ(wolfSSL_get_error(ssl, -1), APP_DATA_READY); AssertIntEQ(wolfSSL_read(ssl, msgBuf, sizeof(msgBuf)), sizeof(msgBuf)); AssertIntEQ(wolfSSL_Rehandshake(ssl), WOLFSSL_SUCCESS); AssertIntEQ(wolfSSL_write(ssl, testMsg, sizeof(testMsg)), sizeof(testMsg)); } else { AssertIntEQ(wolfSSL_write(ssl, testMsg, sizeof(testMsg)), sizeof(testMsg)); AssertIntEQ(wolfSSL_read(ssl, msgBuf, sizeof(msgBuf)), sizeof(msgBuf)); } } static int test_dtls_downgrade_scr_server(void) { EXPECT_DECLS; callback_functions func_cb_client; callback_functions func_cb_server; XMEMSET(&func_cb_client, 0, sizeof(callback_functions)); XMEMSET(&func_cb_server, 0, sizeof(callback_functions)); func_cb_client.doUdp = func_cb_server.doUdp = 1; func_cb_client.method = wolfDTLSv1_2_client_method; func_cb_server.method = wolfDTLS_server_method; func_cb_client.ctx_ready = test_dtls_downgrade_scr_server_ctx_ready; func_cb_server.ctx_ready = test_dtls_downgrade_scr_server_ctx_ready_server; func_cb_client.on_result = test_dtls_downgrade_scr_server_on_result; func_cb_server.on_result = test_dtls_downgrade_scr_server_on_result; test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server); ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS); ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS); return EXPECT_RESULT(); } #else static int test_dtls_downgrade_scr_server(void) { EXPECT_DECLS; return EXPECT_RESULT(); } #endif #if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \ defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_SECURE_RENEGOTIATION) static void test_dtls_downgrade_scr_ctx_ready(WOLFSSL_CTX* ctx) { AssertIntEQ(wolfSSL_CTX_SetMinVersion(ctx, WOLFSSL_DTLSV1_2), WOLFSSL_SUCCESS); AssertIntEQ(wolfSSL_CTX_UseSecureRenegotiation(ctx), WOLFSSL_SUCCESS); } static void test_dtls_downgrade_scr_on_result(WOLFSSL* ssl) { char testMsg[] = "Message after SCR"; char msgBuf[sizeof(testMsg)]; if (wolfSSL_is_server(ssl)) { AssertIntEQ(wolfSSL_Rehandshake(ssl), WOLFSSL_FATAL_ERROR); AssertIntEQ(wolfSSL_get_error(ssl, -1), APP_DATA_READY); AssertIntEQ(wolfSSL_read(ssl, msgBuf, sizeof(msgBuf)), sizeof(msgBuf)); AssertIntEQ(wolfSSL_Rehandshake(ssl), WOLFSSL_SUCCESS); AssertIntEQ(wolfSSL_write(ssl, testMsg, sizeof(testMsg)), sizeof(testMsg)); } else { AssertIntEQ(wolfSSL_write(ssl, testMsg, sizeof(testMsg)), sizeof(testMsg)); AssertIntEQ(wolfSSL_read(ssl, msgBuf, sizeof(msgBuf)), sizeof(msgBuf)); } } static int test_dtls_downgrade_scr(void) { EXPECT_DECLS; callback_functions func_cb_client; callback_functions func_cb_server; XMEMSET(&func_cb_client, 0, sizeof(callback_functions)); XMEMSET(&func_cb_server, 0, sizeof(callback_functions)); func_cb_client.doUdp = func_cb_server.doUdp = 1; func_cb_client.method = wolfDTLS_client_method; func_cb_server.method = wolfDTLSv1_2_server_method; func_cb_client.ctx_ready = test_dtls_downgrade_scr_ctx_ready; func_cb_client.on_result = test_dtls_downgrade_scr_on_result; func_cb_server.on_result = test_dtls_downgrade_scr_on_result; test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server); ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS); ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS); return EXPECT_RESULT(); } #else static int test_dtls_downgrade_scr(void) { EXPECT_DECLS; return EXPECT_RESULT(); } #endif #if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) \ && !defined(WOLFSSL_NO_TLS12) static int test_dtls_client_hello_timeout_downgrade_read_cb(WOLFSSL *ssl, char *data, int sz, void *ctx) { static int call_counter = 0; call_counter++; (void)ssl; (void)data; (void)sz; (void)ctx; switch (call_counter) { case 1: case 2: return WOLFSSL_CBIO_ERR_TIMEOUT; case 3: return WOLFSSL_CBIO_ERR_WANT_READ; default: AssertIntLE(call_counter, 3); return -1; } } #endif /* Make sure we don't send acks before getting a server hello */ static int test_dtls_client_hello_timeout_downgrade(void) { EXPECT_DECLS; #if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) \ && !defined(WOLFSSL_NO_TLS12) WOLFSSL_CTX *ctx_c = NULL; WOLFSSL_CTX *ctx_s = NULL; WOLFSSL *ssl_c = NULL; WOLFSSL *ssl_s = NULL; struct test_memio_ctx test_ctx; DtlsRecordLayerHeader* dtlsRH; size_t len; byte sequence_number[8]; int i; for (i = 0; i < 2; i++) { XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfDTLS_client_method, wolfDTLSv1_2_server_method), 0); if (i == 0) { /* First time simulate timeout in IO layer */ /* CH1 */ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1); ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); /* HVR */ ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1); ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ); /* CH2 */ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1); ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); /* SH flight */ ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1); ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ); /* Drop the SH */ dtlsRH = (DtlsRecordLayerHeader*)(test_ctx.c_buff); len = (size_t)((dtlsRH->length[0] << 8) | dtlsRH->length[1]); XMEMMOVE(test_ctx.c_buff, test_ctx.c_buff + sizeof(DtlsRecordLayerHeader) + len, test_ctx.c_len - (sizeof(DtlsRecordLayerHeader) + len)); test_ctx.c_len -= sizeof(DtlsRecordLayerHeader) + len; /* Read the remainder of the flight */ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1); ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); wolfSSL_SSLSetIORecv(ssl_c, test_dtls_client_hello_timeout_downgrade_read_cb); /* CH3 */ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1); ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); wolfSSL_SSLSetIORecv(ssl_c, test_memio_read_cb); } else { /* Second time call wolfSSL_dtls_got_timeout */ /* CH1 */ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1); ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); /* HVR */ ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1); ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ); /* CH2 */ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1); ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); /* SH flight */ ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1); ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ); /* Drop the SH */ dtlsRH = (DtlsRecordLayerHeader*)(test_ctx.c_buff); len = (size_t)((dtlsRH->length[0] << 8) | dtlsRH->length[1]); XMEMMOVE(test_ctx.c_buff, test_ctx.c_buff + sizeof(DtlsRecordLayerHeader) + len, test_ctx.c_len - (sizeof(DtlsRecordLayerHeader) + len)); test_ctx.c_len -= sizeof(DtlsRecordLayerHeader) + len; /* Read the remainder of the flight */ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1); ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); /* Quick timeout should be set as we received at least one msg */ ExpectIntEQ(wolfSSL_dtls13_use_quick_timeout(ssl_c), 1); ExpectIntEQ(wolfSSL_dtls_got_timeout(ssl_c), WOLFSSL_SUCCESS); /* Quick timeout should be cleared after a quick timeout */ /* CH3 */ ExpectIntEQ(wolfSSL_dtls13_use_quick_timeout(ssl_c), 0); ExpectIntEQ(wolfSSL_dtls_got_timeout(ssl_c), WOLFSSL_SUCCESS); } /* Parse out to make sure we got exactly one ClientHello message */ XMEMSET(&sequence_number, 0, sizeof(sequence_number)); /* Second ClientHello after HVR */ sequence_number[7] = 2; dtlsRH = (DtlsRecordLayerHeader*)test_ctx.s_buff; ExpectIntEQ(dtlsRH->type, handshake); ExpectIntEQ(dtlsRH->pvMajor, DTLS_MAJOR); ExpectIntEQ(dtlsRH->pvMinor, DTLSv1_2_MINOR); ExpectIntEQ(XMEMCMP(sequence_number, dtlsRH->sequence_number, sizeof(sequence_number)), 0); len = (size_t)((dtlsRH->length[0] << 8) | dtlsRH->length[1]); ExpectIntEQ(sizeof(DtlsRecordLayerHeader) + len, test_ctx.s_len); /* Connection should be able to continue */ ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0); wolfSSL_free(ssl_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_c); wolfSSL_CTX_free(ctx_s); ssl_c = NULL; ssl_s = NULL; ctx_c = NULL; ctx_s = NULL; if (!EXPECT_SUCCESS()) break; } #endif return EXPECT_RESULT(); } #if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) static int test_dtls_client_hello_timeout_read_cb(WOLFSSL *ssl, char *data, int sz, void *ctx) { static int call_counter = 0; call_counter++; (void)ssl; (void)data; (void)sz; (void)ctx; switch (call_counter) { case 1: return WOLFSSL_CBIO_ERR_TIMEOUT; case 2: return WOLFSSL_CBIO_ERR_WANT_READ; default: AssertIntLE(call_counter, 2); return -1; } } #endif /* Make sure we don't send acks before getting a server hello */ static int test_dtls_client_hello_timeout(void) { EXPECT_DECLS; #if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) WOLFSSL *ssl_c = NULL; WOLFSSL_CTX *ctx_c = NULL; struct test_memio_ctx test_ctx; DtlsRecordLayerHeader* dtlsRH; size_t idx; size_t len; byte sequence_number[8]; int i; for (i = 0; i < 2; i++) { XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, NULL, &ssl_c, NULL, wolfDTLSv1_3_client_method, NULL), 0); if (i == 0) { /* First time simulate timeout in IO layer */ wolfSSL_SSLSetIORecv(ssl_c, test_dtls_client_hello_timeout_read_cb); ExpectIntEQ(wolfSSL_connect(ssl_c), -1); ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); } else { /* Second time call wolfSSL_dtls_got_timeout */ ExpectIntEQ(wolfSSL_connect(ssl_c), -1); ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); ExpectIntEQ(wolfSSL_dtls_got_timeout(ssl_c), WOLFSSL_SUCCESS); } /* Parse out to make sure we got exactly two ClientHello messages */ idx = 0; XMEMSET(&sequence_number, 0, sizeof(sequence_number)); /* First ClientHello */ dtlsRH = (DtlsRecordLayerHeader*)(test_ctx.s_buff + idx); ExpectIntEQ(dtlsRH->type, handshake); ExpectIntEQ(dtlsRH->pvMajor, DTLS_MAJOR); ExpectIntEQ(dtlsRH->pvMinor, DTLSv1_2_MINOR); ExpectIntEQ(XMEMCMP(sequence_number, dtlsRH->sequence_number, sizeof(sequence_number)), 0); len = (size_t)((dtlsRH->length[0] << 8) | dtlsRH->length[1]); ExpectIntLT(idx + sizeof(DtlsRecordLayerHeader) + len, test_ctx.s_len); idx += sizeof(DtlsRecordLayerHeader) + len; /* Second ClientHello */ sequence_number[7] = 1; dtlsRH = (DtlsRecordLayerHeader*)(test_ctx.s_buff + idx); ExpectIntEQ(dtlsRH->type, handshake); ExpectIntEQ(dtlsRH->pvMajor, DTLS_MAJOR); ExpectIntEQ(dtlsRH->pvMinor, DTLSv1_2_MINOR); ExpectIntEQ(XMEMCMP(sequence_number, dtlsRH->sequence_number, sizeof(sequence_number)), 0); len = (size_t)((dtlsRH->length[0] << 8) | dtlsRH->length[1]); ExpectIntEQ(idx + sizeof(DtlsRecordLayerHeader) + len, test_ctx.s_len); wolfSSL_free(ssl_c); wolfSSL_CTX_free(ctx_c); ssl_c = NULL; ctx_c = NULL; if (!EXPECT_SUCCESS()) break; } #endif return EXPECT_RESULT(); } /* DTLS test when dropping the changed cipher spec message */ static int test_dtls_dropped_ccs(void) { EXPECT_DECLS; #if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS) \ && !defined(WOLFSSL_NO_TLS12) WOLFSSL_CTX *ctx_c = NULL; WOLFSSL_CTX *ctx_s = NULL; WOLFSSL *ssl_c = NULL; WOLFSSL *ssl_s = NULL; struct test_memio_ctx test_ctx; DtlsRecordLayerHeader* dtlsRH; size_t len; byte data[1]; XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method), 0); /* CH1 */ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1); ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); /* HVR */ ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1); ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ); /* CH2 */ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1); ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); /* Server first flight */ ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1); ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ); /* Client flight */ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1); ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); /* Server ccs + finished */ ExpectIntEQ(wolfSSL_negotiate(ssl_s), 1); /* Drop the ccs */ dtlsRH = (DtlsRecordLayerHeader*)test_ctx.c_buff; len = (size_t)((dtlsRH->length[0] << 8) | dtlsRH->length[1]); ExpectIntEQ(len, 1); ExpectIntEQ(dtlsRH->type, change_cipher_spec); if (EXPECT_SUCCESS()) { XMEMMOVE(test_ctx.c_buff, test_ctx.c_buff + sizeof(DtlsRecordLayerHeader) + len, test_ctx.c_len - (sizeof(DtlsRecordLayerHeader) + len)); } test_ctx.c_len -= sizeof(DtlsRecordLayerHeader) + len; /* Client rtx flight */ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1); ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); ExpectIntEQ(wolfSSL_dtls_got_timeout(ssl_c), WOLFSSL_SUCCESS); /* Server ccs + finished rtx */ ExpectIntEQ(wolfSSL_read(ssl_s, data, sizeof(data)), -1); ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ); /* Client processes finished */ ExpectIntEQ(wolfSSL_negotiate(ssl_c), 1); wolfSSL_free(ssl_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_c); wolfSSL_CTX_free(ctx_s); #endif return EXPECT_RESULT(); } #if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS) \ && !defined(WOLFSSL_NO_TLS12) static int test_dtls_seq_num_downgrade_check_num(byte* ioBuf, int ioBufLen, byte seq_num) { EXPECT_DECLS; DtlsRecordLayerHeader* dtlsRH; byte sequence_number[8]; XMEMSET(&sequence_number, 0, sizeof(sequence_number)); ExpectIntGE(ioBufLen, sizeof(*dtlsRH)); dtlsRH = (DtlsRecordLayerHeader*)ioBuf; ExpectIntEQ(dtlsRH->type, handshake); ExpectIntEQ(dtlsRH->pvMajor, DTLS_MAJOR); ExpectIntEQ(dtlsRH->pvMinor, DTLSv1_2_MINOR); sequence_number[7] = seq_num; ExpectIntEQ(XMEMCMP(sequence_number, dtlsRH->sequence_number, sizeof(sequence_number)), 0); return EXPECT_RESULT(); } #endif /* * Make sure that we send the correct sequence number after a HelloVerifyRequest * and after a HelloRetryRequest. This is testing the server side as it is * operating statelessly and should copy the sequence number of the ClientHello. */ static int test_dtls_seq_num_downgrade(void) { EXPECT_DECLS; #if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS) \ && !defined(WOLFSSL_NO_TLS12) WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL; WOLFSSL *ssl_c = NULL, *ssl_s = NULL; struct test_memio_ctx test_ctx; XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfDTLSv1_2_client_method, wolfDTLS_server_method), 0); /* CH1 */ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1); ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); ExpectIntEQ(test_dtls_seq_num_downgrade_check_num(test_ctx.s_buff, test_ctx.s_len, 0), TEST_SUCCESS); /* HVR */ ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1); ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ); ExpectIntEQ(test_dtls_seq_num_downgrade_check_num(test_ctx.c_buff, test_ctx.c_len, 0), TEST_SUCCESS); /* CH2 */ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1); ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); ExpectIntEQ(test_dtls_seq_num_downgrade_check_num(test_ctx.s_buff, test_ctx.s_len, 1), TEST_SUCCESS); /* Server first flight */ ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1); ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ); ExpectIntEQ(test_dtls_seq_num_downgrade_check_num(test_ctx.c_buff, test_ctx.c_len, 1), TEST_SUCCESS); ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0); wolfSSL_free(ssl_c); wolfSSL_CTX_free(ctx_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_s); #endif return EXPECT_RESULT(); } /** * Make sure we don't send RSA Signature Hash Algorithms in the * CertificateRequest when we don't have any such ciphers set. * @return EXPECT_RESULT() */ static int test_certreq_sighash_algos(void) { EXPECT_DECLS; #if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && \ !defined(WOLFSSL_MAX_STRENGTH) && defined(HAVE_ECC) && \ defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256) && \ defined(HAVE_AES_CBC) && !defined(WOLFSSL_NO_TLS12) WOLFSSL_CTX *ctx_c = NULL; WOLFSSL_CTX *ctx_s = NULL; WOLFSSL *ssl_c = NULL; WOLFSSL *ssl_s = NULL; struct test_memio_ctx test_ctx; int idx = 0; int maxIdx = 0; XMEMSET(&test_ctx, 0, sizeof(test_ctx)); test_ctx.c_ciphers = test_ctx.s_ciphers = "ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA384"; ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfTLSv1_2_client_method, wolfTLSv1_2_server_method), 0); ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx_c, "./certs/ca-ecc-cert.pem", NULL), WOLFSSL_SUCCESS); wolfSSL_set_verify(ssl_s, WOLFSSL_VERIFY_PEER, NULL); ExpectIntEQ(wolfSSL_use_PrivateKey_file(ssl_s, "./certs/ecc-key.pem", WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_use_certificate_file(ssl_s, "./certs/server-ecc.pem", WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_connect(ssl_c), WOLFSSL_FATAL_ERROR); ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR), WOLFSSL_ERROR_WANT_READ); ExpectIntEQ(wolfSSL_accept(ssl_s), WOLFSSL_FATAL_ERROR); ExpectIntEQ(wolfSSL_get_error(ssl_s, WOLFSSL_FATAL_ERROR), WOLFSSL_ERROR_WANT_READ); /* Find the CertificateRequest message */ for (idx = 0; idx < test_ctx.c_len && EXPECT_SUCCESS();) { word16 len; ExpectIntEQ(test_ctx.c_buff[idx++], handshake); ExpectIntEQ(test_ctx.c_buff[idx++], SSLv3_MAJOR); ExpectIntEQ(test_ctx.c_buff[idx++], TLSv1_2_MINOR); ato16(test_ctx.c_buff + idx, &len); idx += OPAQUE16_LEN; if (test_ctx.c_buff[idx] == certificate_request) { idx++; /* length */ idx += OPAQUE24_LEN; /* cert types */ idx += 1 + test_ctx.c_buff[idx]; /* Sig algos */ ato16(test_ctx.c_buff + idx, &len); idx += OPAQUE16_LEN; maxIdx = idx + (int)len; for (; idx < maxIdx && EXPECT_SUCCESS(); idx += OPAQUE16_LEN) { if (test_ctx.c_buff[idx+1] == ED25519_SA_MINOR || test_ctx.c_buff[idx+1] == ED448_SA_MINOR) ExpectIntEQ(test_ctx.c_buff[idx], NEW_SA_MAJOR); else ExpectIntEQ(test_ctx.c_buff[idx+1], ecc_dsa_sa_algo); } break; } else { idx += (int)len; } } ExpectIntLT(idx, test_ctx.c_len); ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0); wolfSSL_free(ssl_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_c); wolfSSL_CTX_free(ctx_s); #endif return EXPECT_RESULT(); } #if defined(HAVE_CRL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) static int test_revoked_loaded_int_cert_ctx_ready1(WOLFSSL_CTX* ctx) { EXPECT_DECLS; wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, myVerify); myVerifyAction = VERIFY_USE_PREVERFIY; ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx, "./certs/ca-cert.pem", NULL, 0), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx, "./certs/intermediate/ca-int-cert.pem", NULL, 0), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_EnableCRL(ctx, WOLFSSL_CRL_CHECKALL), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx, "./certs/crl/extra-crls/ca-int-cert-revoked.pem", WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx, "./certs/crl/ca-int.pem", WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); return EXPECT_RESULT(); } static int test_revoked_loaded_int_cert_ctx_ready2(WOLFSSL_CTX* ctx) { EXPECT_DECLS; wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, myVerify); myVerifyAction = VERIFY_USE_PREVERFIY; ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx, "./certs/ca-cert.pem", NULL, 0), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx, "./certs/intermediate/ca-int-cert.pem", NULL, 0), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx, "./certs/intermediate/ca-int2-cert.pem", NULL, 0), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_EnableCRL(ctx, WOLFSSL_CRL_CHECKALL), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx, "./certs/crl/ca-int2.pem", WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx, "./certs/crl/extra-crls/ca-int-cert-revoked.pem", WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx, "./certs/crl/ca-int.pem", WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); return EXPECT_RESULT(); } #endif static int test_revoked_loaded_int_cert(void) { EXPECT_DECLS; #if defined(HAVE_CRL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) test_ssl_cbf client_cbf; test_ssl_cbf server_cbf; struct { const char* certPemFile; const char* keyPemFile; ctx_cb client_ctx_ready; } test_params[] = { {"./certs/intermediate/ca-int2-cert.pem", "./certs/intermediate/ca-int2-key.pem", test_revoked_loaded_int_cert_ctx_ready1}, {"./certs/intermediate/server-chain.pem", "./certs/server-key.pem", test_revoked_loaded_int_cert_ctx_ready2}, {"./certs/intermediate/server-chain-short.pem", "./certs/server-key.pem", test_revoked_loaded_int_cert_ctx_ready2}, }; size_t i; printf("\n"); for (i = 0; i < XELEM_CNT(test_params); i++) { XMEMSET(&client_cbf, 0, sizeof(client_cbf)); XMEMSET(&server_cbf, 0, sizeof(server_cbf)); printf("\tTesting with %s...\n", test_params[i].certPemFile); server_cbf.certPemFile = test_params[i].certPemFile; server_cbf.keyPemFile = test_params[i].keyPemFile; client_cbf.ctx_ready = test_params[i].client_ctx_ready; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf, &server_cbf, NULL), TEST_FAIL); #ifndef WOLFSSL_HAPROXY ExpectIntEQ(client_cbf.last_err, CRL_CERT_REVOKED); #else ExpectIntEQ(client_cbf.last_err, WOLFSSL_X509_V_ERR_CERT_REVOKED); #endif ExpectIntEQ(server_cbf.last_err, FATAL_ERROR); if (!EXPECT_SUCCESS()) break; printf("\t%s passed\n", test_params[i].certPemFile); } #endif return EXPECT_RESULT(); } static int test_dtls13_frag_ch_pq(void) { EXPECT_DECLS; #if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) \ && defined(WOLFSSL_DTLS_CH_FRAG) && defined(HAVE_LIBOQS) WOLFSSL_CTX *ctx_c = NULL; WOLFSSL_CTX *ctx_s = NULL; WOLFSSL *ssl_c = NULL; WOLFSSL *ssl_s = NULL; struct test_memio_ctx test_ctx; const char *test_str = "test"; int test_str_size; byte buf[255]; int group = WOLFSSL_KYBER_LEVEL5; XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0); /* Add in a large post-quantum key share to make the CH long. */ ExpectIntEQ(wolfSSL_set_groups(ssl_c, &group, 1), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_UseKeyShare(ssl_c, group), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_dtls13_allow_ch_frag(ssl_s, 1), WOLFSSL_SUCCESS); ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0); ExpectStrEQ(wolfSSL_get_curve_name(ssl_c), "KYBER_LEVEL5"); ExpectStrEQ(wolfSSL_get_curve_name(ssl_s), "KYBER_LEVEL5"); test_str_size = XSTRLEN("test") + 1; ExpectIntEQ(wolfSSL_write(ssl_c, test_str, test_str_size), test_str_size); ExpectIntEQ(wolfSSL_read(ssl_s, buf, sizeof(buf)), test_str_size); ExpectIntEQ(XSTRCMP((char*)buf, test_str), 0); ExpectIntEQ(wolfSSL_write(ssl_c, test_str, test_str_size), test_str_size); wolfSSL_free(ssl_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_c); wolfSSL_CTX_free(ctx_s); #endif return EXPECT_RESULT(); } #if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS) \ && defined(WOLFSSL_DTLS_MTU) && defined(WOLFSSL_DTLS_CH_FRAG) static int test_dtls_frag_ch_count_records(byte* b, int len) { DtlsRecordLayerHeader* dtlsRH; int records = 0; size_t recordLen; while (len > 0) { records++; dtlsRH = (DtlsRecordLayerHeader*)b; recordLen = (dtlsRH->length[0] << 8) | dtlsRH->length[1]; b += sizeof(DtlsRecordLayerHeader) + recordLen; len -= sizeof(DtlsRecordLayerHeader) + recordLen; } return records; } #endif static int test_dtls_frag_ch(void) { EXPECT_DECLS; #if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) \ && defined(WOLFSSL_DTLS_MTU) && defined(WOLFSSL_DTLS_CH_FRAG) WOLFSSL_CTX *ctx_c = NULL; WOLFSSL_CTX *ctx_s = NULL; WOLFSSL *ssl_c = NULL; WOLFSSL *ssl_s = NULL; struct test_memio_ctx test_ctx; static unsigned int DUMMY_MTU = 256; unsigned char four_frag_CH[] = { 0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xda, 0x01, 0x00, 0x02, 0xdc, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xce, 0xfe, 0xfd, 0xf3, 0x94, 0x01, 0x33, 0x2c, 0xcf, 0x2c, 0x47, 0xb1, 0xe5, 0xa1, 0x7b, 0x19, 0x3e, 0xac, 0x68, 0xdd, 0xe6, 0x17, 0x6b, 0x85, 0xad, 0x5f, 0xfc, 0x7f, 0x6e, 0xf0, 0xb9, 0xe0, 0x2e, 0xca, 0x47, 0x00, 0x00, 0x00, 0x36, 0x13, 0x01, 0x13, 0x02, 0x13, 0x03, 0xc0, 0x2c, 0xc0, 0x2b, 0xc0, 0x30, 0xc0, 0x2f, 0x00, 0x9f, 0x00, 0x9e, 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xc0, 0x27, 0xc0, 0x23, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x14, 0xc0, 0x13, 0x00, 0x6b, 0x00, 0x67, 0x00, 0x39, 0x00, 0x33, 0xcc, 0x14, 0xcc, 0x13, 0xcc, 0x15, 0x01, 0x00, 0x02, 0x7c, 0x00, 0x2b, 0x00, 0x03, 0x02, 0xfe, 0xfc, 0x00, 0x0d, 0x00, 0x20, 0x00, 0x1e, 0x06, 0x03, 0x05, 0x03, 0x04, 0x03, 0x02, 0x03, 0x08, 0x06, 0x08, 0x0b, 0x08, 0x05, 0x08, 0x0a, 0x08, 0x04, 0x08, 0x09, 0x06, 0x01, 0x05, 0x01, 0x04, 0x01, 0x03, 0x01, 0x02, 0x01, 0x00, 0x0a, 0x00, 0x0c, 0x00, 0x0a, 0x00, 0x19, 0x00, 0x18, 0x00, 0x17, 0x00, 0x15, 0x01, 0x00, 0x00, 0x16, 0x00, 0x00, 0x00, 0x33, 0x02, 0x39, 0x02, 0x37, 0x00, 0x17, 0x00, 0x41, 0x04, 0x94, 0xdf, 0x36, 0xd7, 0xb3, 0x90, 0x6d, 0x01, 0xa1, 0xe6, 0xed, 0x67, 0xf4, 0xd9, 0x9d, 0x2c, 0xac, 0x57, 0x74, 0xff, 0x19, 0xbe, 0x5a, 0xc9, 0x30, 0x11, 0xb7, 0x2b, 0x59, 0x47, 0x80, 0x7c, 0xa9, 0xb7, 0x31, 0x8c, 0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0xda, 0x01, 0x00, 0x02, 0xdc, 0x00, 0x00, 0x00, 0x00, 0xce, 0x00, 0x00, 0xce, 0x9e, 0x13, 0x74, 0x3b, 0x86, 0xba, 0x69, 0x1f, 0x12, 0xf7, 0xcd, 0x78, 0x53, 0xe8, 0x50, 0x4d, 0x71, 0x3f, 0x4b, 0x4e, 0xeb, 0x3e, 0xe5, 0x43, 0x54, 0x78, 0x17, 0x6d, 0x00, 0x18, 0x00, 0x61, 0x04, 0xd1, 0x99, 0x66, 0x4f, 0xda, 0xc7, 0x12, 0x3b, 0xff, 0xb2, 0xd6, 0x2f, 0x35, 0xb6, 0x17, 0x1f, 0xb3, 0xd0, 0xb6, 0x52, 0xff, 0x97, 0x8b, 0x01, 0xe8, 0xd9, 0x68, 0x71, 0x40, 0x02, 0xd5, 0x68, 0x3a, 0x58, 0xb2, 0x5d, 0xee, 0xa4, 0xe9, 0x5f, 0xf4, 0xaf, 0x3e, 0x30, 0x9c, 0x3e, 0x2b, 0xda, 0x61, 0x43, 0x99, 0x02, 0x35, 0x33, 0x9f, 0xcf, 0xb5, 0xd3, 0x28, 0x19, 0x9d, 0x1c, 0xbe, 0x69, 0x07, 0x9e, 0xfc, 0xe4, 0x8e, 0xcd, 0x86, 0x4a, 0x1b, 0xf0, 0xfc, 0x17, 0x94, 0x66, 0x53, 0xda, 0x24, 0x5e, 0xaf, 0xce, 0xec, 0x62, 0x4c, 0x06, 0xb4, 0x52, 0x94, 0xb1, 0x4a, 0x7a, 0x8c, 0x4f, 0x00, 0x19, 0x00, 0x85, 0x04, 0x00, 0x27, 0xeb, 0x99, 0x49, 0x7f, 0xcb, 0x2c, 0x46, 0x54, 0x2d, 0x93, 0x5d, 0x25, 0x92, 0x58, 0x5e, 0x06, 0xc3, 0x7c, 0xfb, 0x9a, 0xa7, 0xec, 0xcd, 0x9f, 0xe1, 0x6b, 0x2d, 0x78, 0xf5, 0x16, 0xa9, 0x20, 0x52, 0x48, 0x19, 0x0f, 0x1a, 0xd0, 0xce, 0xd8, 0x68, 0xb1, 0x4e, 0x7f, 0x33, 0x03, 0x7d, 0x0c, 0x39, 0xdb, 0x9c, 0x4b, 0xf4, 0xe7, 0xc2, 0xf5, 0xdd, 0x51, 0x9b, 0x03, 0xa8, 0x53, 0x2b, 0xe6, 0x00, 0x15, 0x4b, 0xff, 0xd2, 0xa0, 0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0xda, 0x01, 0x00, 0x02, 0xdc, 0x00, 0x00, 0x00, 0x01, 0x9c, 0x00, 0x00, 0xce, 0x58, 0x30, 0x10, 0x3d, 0x46, 0xcc, 0xca, 0x1a, 0x44, 0xc8, 0x58, 0x9b, 0x27, 0x17, 0x67, 0x31, 0x96, 0x8a, 0x66, 0x39, 0xf4, 0xcc, 0xc1, 0x9f, 0x12, 0x1f, 0x01, 0x30, 0x50, 0x16, 0xd6, 0x89, 0x97, 0xa3, 0x66, 0xd7, 0x99, 0x50, 0x09, 0x6e, 0x80, 0x87, 0xe4, 0xa2, 0x88, 0xae, 0xb4, 0x23, 0x57, 0x2f, 0x12, 0x60, 0xe7, 0x7d, 0x44, 0x2d, 0xad, 0xbe, 0xe9, 0x0d, 0x01, 0x00, 0x01, 0x00, 0xd5, 0xdd, 0x62, 0xee, 0xf3, 0x0e, 0xd9, 0x30, 0x0e, 0x38, 0xf3, 0x48, 0xf4, 0xc9, 0x8f, 0x8c, 0x20, 0xf7, 0xd3, 0xa8, 0xb3, 0x87, 0x3c, 0x98, 0x5d, 0x70, 0xc5, 0x03, 0x76, 0xb7, 0xd5, 0x0b, 0x7b, 0x23, 0x97, 0x6b, 0xe3, 0xb5, 0x18, 0xeb, 0x64, 0x55, 0x18, 0xb2, 0x8a, 0x90, 0x1a, 0x8f, 0x0e, 0x15, 0xda, 0xb1, 0x8e, 0x7f, 0xee, 0x1f, 0xe0, 0x3b, 0xb9, 0xed, 0xfc, 0x4e, 0x3f, 0x78, 0x16, 0x39, 0x95, 0x5f, 0xb7, 0xcb, 0x65, 0x55, 0x72, 0x7b, 0x7d, 0x86, 0x2f, 0x8a, 0xe5, 0xee, 0xf7, 0x57, 0x40, 0xf3, 0xc4, 0x96, 0x4f, 0x11, 0x4d, 0x85, 0xf9, 0x56, 0xfa, 0x3d, 0xf0, 0xc9, 0xa4, 0xec, 0x1e, 0xaa, 0x47, 0x90, 0x53, 0xdf, 0xe1, 0xb7, 0x78, 0x18, 0xeb, 0xdd, 0x0d, 0x89, 0xb7, 0xf6, 0x15, 0x0e, 0x55, 0x12, 0xb3, 0x23, 0x17, 0x0b, 0x59, 0x6f, 0x83, 0x05, 0x6b, 0xa6, 0xf8, 0x6c, 0x3a, 0x9b, 0x1b, 0x50, 0x93, 0x51, 0xea, 0x95, 0x2d, 0x99, 0x96, 0x38, 0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x00, 0x7e, 0x01, 0x00, 0x02, 0xdc, 0x00, 0x00, 0x00, 0x02, 0x6a, 0x00, 0x00, 0x72, 0x2d, 0x66, 0x3e, 0xf2, 0x36, 0x5a, 0xf2, 0x23, 0x8f, 0x28, 0x09, 0xa9, 0x55, 0x8c, 0x8f, 0xc0, 0x0d, 0x61, 0x98, 0x33, 0x56, 0x87, 0x7a, 0xfd, 0xa7, 0x50, 0x71, 0x84, 0x2e, 0x41, 0x58, 0x00, 0x87, 0xd9, 0x27, 0xe5, 0x7b, 0xf4, 0x6d, 0x84, 0x4e, 0x2e, 0x0c, 0x80, 0x0c, 0xf3, 0x8a, 0x02, 0x4b, 0x99, 0x3a, 0x1f, 0x9f, 0x18, 0x7d, 0x1c, 0xec, 0xad, 0x60, 0x54, 0xa6, 0xa3, 0x2c, 0x82, 0x5e, 0xf8, 0x8f, 0xae, 0xe1, 0xc4, 0x82, 0x7e, 0x43, 0x43, 0xc5, 0x99, 0x49, 0x05, 0xd3, 0xf6, 0xdf, 0xa1, 0xb5, 0x2d, 0x0c, 0x13, 0x2f, 0x1e, 0xb6, 0x28, 0x7c, 0x5c, 0xa1, 0x02, 0x6b, 0x8d, 0xa3, 0xeb, 0xd4, 0x58, 0xe6, 0xa0, 0x7e, 0x6b, 0xaa, 0x09, 0x43, 0x67, 0x71, 0x87, 0xa5, 0xcb, 0x68, 0xf3 }; XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0); /* Fragment msgs */ ExpectIntEQ(wolfSSL_dtls_set_mtu(ssl_c, DUMMY_MTU), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_dtls_set_mtu(ssl_s, DUMMY_MTU), WOLFSSL_SUCCESS); /* Add in some key shares to make the CH long */ ExpectIntEQ(wolfSSL_UseKeyShare(ssl_c, WOLFSSL_ECC_SECP256R1), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_UseKeyShare(ssl_c, WOLFSSL_ECC_SECP384R1), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_UseKeyShare(ssl_c, WOLFSSL_ECC_SECP521R1), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_UseKeyShare(ssl_c, WOLFSSL_FFDHE_2048), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_dtls13_allow_ch_frag(ssl_s, 1), WOLFSSL_SUCCESS); /* Reject fragmented first CH */ ExpectIntEQ(test_dtls_frag_ch_count_records(four_frag_CH, sizeof(four_frag_CH)), 4); XMEMCPY(test_ctx.s_buff, four_frag_CH, sizeof(four_frag_CH)); test_ctx.s_len = sizeof(four_frag_CH); while (test_ctx.s_len > 0 && EXPECT_SUCCESS()) { int s_len = test_ctx.s_len; ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1); ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ); /* Fail if we didn't advance the buffer to avoid infinite loops */ ExpectIntLT(test_ctx.s_len, s_len); } /* Expect all fragments read */ ExpectIntEQ(test_ctx.s_len, 0); /* Expect quietly dropping fragmented first CH */ ExpectIntEQ(test_ctx.c_len, 0); /* CH1 */ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1); ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); /* Count records. Expect 1 unfragmented CH */ ExpectIntEQ(test_dtls_frag_ch_count_records(test_ctx.s_buff, test_ctx.s_len), 1); /* HRR */ ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1); ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ); /* CH2 */ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1); ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); /* Count records. Expect fragmented CH */ ExpectIntGT(test_dtls_frag_ch_count_records(test_ctx.s_buff, test_ctx.s_len), 1); ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0); wolfSSL_free(ssl_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_c); wolfSSL_CTX_free(ctx_s); ssl_c = ssl_s = NULL; ctx_c = ctx_s = NULL; #endif return EXPECT_RESULT(); } static int test_dtls_empty_keyshare_with_cookie(void) { EXPECT_DECLS; #if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) WOLFSSL_CTX *ctx_s = NULL; WOLFSSL *ssl_s = NULL; struct test_memio_ctx test_ctx; unsigned char ch_empty_keyshare_with_cookie[] = { 0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x01, 0x12, 0x01, 0x00, 0x01, 0x06, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x01, 0x06, 0xfe, 0xfd, 0xfb, 0x8c, 0x9b, 0x28, 0xae, 0x50, 0x1c, 0x4d, 0xf3, 0xb8, 0xcf, 0x4d, 0xd8, 0x7e, 0x93, 0x13, 0x7b, 0x9e, 0xd9, 0xeb, 0xe9, 0x13, 0x4b, 0x0d, 0x7f, 0x2e, 0x43, 0x62, 0x8c, 0xe4, 0x57, 0x79, 0x00, 0x00, 0x00, 0x36, 0x13, 0x01, 0x13, 0x02, 0x13, 0x03, 0xc0, 0x2c, 0xc0, 0x2b, 0xc0, 0x30, 0xc0, 0x2f, 0x00, 0x9f, 0x00, 0x9e, 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xc0, 0x27, 0xc0, 0x23, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x14, 0xc0, 0x13, 0x00, 0x6b, 0x00, 0x67, 0x00, 0x39, 0x00, 0x33, 0xcc, 0x14, 0xcc, 0x13, 0xcc, 0x15, 0x01, 0x00, 0x00, 0xa6, 0x00, 0x2b, 0x00, 0x03, 0x02, 0xfe, 0xfc, 0x00, 0x2c, 0x00, 0x47, 0x00, 0x45, 0x20, 0xee, 0x4b, 0x17, 0x70, 0x63, 0xa0, 0x4c, 0x82, 0xbf, 0x43, 0x01, 0x7d, 0x8d, 0xc1, 0x1b, 0x4e, 0x9b, 0xa0, 0x3c, 0x53, 0x1f, 0xb7, 0xd1, 0x10, 0x81, 0xa8, 0xdf, 0xdf, 0x8c, 0x7f, 0xf3, 0x11, 0x13, 0x01, 0x02, 0x3d, 0x3b, 0x7d, 0x14, 0x2c, 0x31, 0xb3, 0x60, 0x72, 0x4d, 0xe5, 0x1a, 0xb2, 0xa3, 0x61, 0x77, 0x73, 0x03, 0x40, 0x0e, 0x5f, 0xc5, 0x61, 0x38, 0x43, 0x56, 0x21, 0x4a, 0x95, 0xd5, 0x35, 0xa8, 0x0d, 0x00, 0x0d, 0x00, 0x2a, 0x00, 0x28, 0x06, 0x03, 0x05, 0x03, 0x04, 0x03, 0x02, 0x03, 0xfe, 0x0b, 0xfe, 0x0e, 0xfe, 0xa0, 0xfe, 0xa3, 0xfe, 0xa5, 0x08, 0x06, 0x08, 0x0b, 0x08, 0x05, 0x08, 0x0a, 0x08, 0x04, 0x08, 0x09, 0x06, 0x01, 0x05, 0x01, 0x04, 0x01, 0x03, 0x01, 0x02, 0x01, 0x00, 0x0a, 0x00, 0x18, 0x00, 0x16, 0x00, 0x19, 0x00, 0x18, 0x00, 0x17, 0x00, 0x15, 0x01, 0x00, 0x02, 0x3a, 0x02, 0x3c, 0x02, 0x3d, 0x2f, 0x3a, 0x2f, 0x3c, 0x2f, 0x3d, 0x00, 0x16, 0x00, 0x00, 0x00, 0x33, 0x00, 0x02, 0x00, 0x00 }; DtlsRecordLayerHeader* dtlsRH; byte sequence_number[8]; XMEMSET(&sequence_number, 0, sizeof(sequence_number)); XMEMSET(&test_ctx, 0, sizeof(test_ctx)); XMEMCPY(test_ctx.s_buff, ch_empty_keyshare_with_cookie, sizeof(ch_empty_keyshare_with_cookie)); test_ctx.s_len = sizeof(ch_empty_keyshare_with_cookie); ExpectIntEQ(test_memio_setup(&test_ctx, NULL, &ctx_s, NULL, &ssl_s, NULL, wolfDTLSv1_3_server_method), 0); /* CH1 */ ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1); ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ); /* Expect an alert. A plaintext alert should be exactly 15 bytes. */ ExpectIntEQ(test_ctx.c_len, 15); dtlsRH = (DtlsRecordLayerHeader*)test_ctx.c_buff; ExpectIntEQ(dtlsRH->type, alert); ExpectIntEQ(dtlsRH->pvMajor, DTLS_MAJOR); ExpectIntEQ(dtlsRH->pvMinor, DTLSv1_2_MINOR); sequence_number[7] = 1; ExpectIntEQ(XMEMCMP(sequence_number, dtlsRH->sequence_number, sizeof(sequence_number)), 0); ExpectIntEQ(dtlsRH->length[0], 0); ExpectIntEQ(dtlsRH->length[1], 2); ExpectIntEQ(test_ctx.c_buff[13], alert_fatal); ExpectIntEQ(test_ctx.c_buff[14], illegal_parameter); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_s); #endif return EXPECT_RESULT(); } #if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(WOLFSSL_TLS13) && \ defined(HAVE_LIBOQS) static void test_tls13_pq_groups_ctx_ready(WOLFSSL_CTX* ctx) { int group = WOLFSSL_KYBER_LEVEL5; AssertIntEQ(wolfSSL_CTX_set_groups(ctx, &group, 1), WOLFSSL_SUCCESS); } static void test_tls13_pq_groups_on_result(WOLFSSL* ssl) { AssertStrEQ(wolfSSL_get_curve_name(ssl), "KYBER_LEVEL5"); } #endif static int test_tls13_pq_groups(void) { EXPECT_DECLS; #if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(WOLFSSL_TLS13) && \ defined(HAVE_LIBOQS) callback_functions func_cb_client; callback_functions func_cb_server; XMEMSET(&func_cb_client, 0, sizeof(callback_functions)); XMEMSET(&func_cb_server, 0, sizeof(callback_functions)); func_cb_client.method = wolfTLSv1_3_client_method; func_cb_server.method = wolfTLSv1_3_server_method; func_cb_client.ctx_ready = test_tls13_pq_groups_ctx_ready; func_cb_client.on_result = test_tls13_pq_groups_on_result; func_cb_server.on_result = test_tls13_pq_groups_on_result; test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server); ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS); ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS); #endif return EXPECT_RESULT(); } static int test_tls13_early_data(void) { EXPECT_DECLS; #if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && \ defined(WOLFSSL_EARLY_DATA) && defined(HAVE_SESSION_TICKET) int written = 0; int read = 0; size_t i; int splitEarlyData; char msg[] = "This is early data"; char msg2[] = "This is client data"; char msg3[] = "This is server data"; char msg4[] = "This is server immediate data"; char msgBuf[50]; struct { method_provider client_meth; method_provider server_meth; const char* tls_version; int isUdp; } params[] = { #ifdef WOLFSSL_TLS13 { wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, "TLS 1.3", 0 }, #endif #ifdef WOLFSSL_DTLS13 { wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method, "DTLS 1.3", 1 }, #endif }; for (i = 0; i < sizeof(params)/sizeof(*params) && !EXPECT_FAIL(); i++) { for (splitEarlyData = 0; splitEarlyData < 2; splitEarlyData++) { struct test_memio_ctx test_ctx; WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL; WOLFSSL *ssl_c = NULL, *ssl_s = NULL; WOLFSSL_SESSION *sess = NULL; XMEMSET(&test_ctx, 0, sizeof(test_ctx)); fprintf(stderr, "\tEarly data with %s\n", params[i].tls_version); ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, params[i].client_meth, params[i].server_meth), 0); /* Get a ticket so that we can do 0-RTT on the next connection */ ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0); /* Make sure we read the ticket */ ExpectIntEQ(wolfSSL_read(ssl_c, msgBuf, sizeof(msgBuf)), -1); ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); ExpectNotNull(sess = wolfSSL_get1_session(ssl_c)); wolfSSL_free(ssl_c); ssl_c = NULL; wolfSSL_free(ssl_s); ssl_s = NULL; XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, params[i].client_meth, params[i].server_meth), 0); ExpectIntEQ(wolfSSL_set_session(ssl_c, sess), WOLFSSL_SUCCESS); #ifdef WOLFSSL_DTLS13 if (params[i].isUdp) { #ifdef WOLFSSL_DTLS13_NO_HRR_ON_RESUME ExpectIntEQ(wolfSSL_dtls13_no_hrr_on_resume(ssl_s, 1), WOLFSSL_SUCCESS); #else /* Let's test this but we generally don't recommend turning off the * cookie exchange */ ExpectIntEQ(wolfSSL_disable_hrr_cookie(ssl_s), WOLFSSL_SUCCESS); #endif } #endif /* Test 0-RTT data */ ExpectIntEQ(wolfSSL_write_early_data(ssl_c, msg, sizeof(msg), &written), sizeof(msg)); ExpectIntEQ(written, sizeof(msg)); if (splitEarlyData) { ExpectIntEQ(wolfSSL_write_early_data(ssl_c, msg, sizeof(msg), &written), sizeof(msg)); ExpectIntEQ(written, sizeof(msg)); } /* Read first 0-RTT data (if split otherwise entire data) */ ExpectIntEQ(wolfSSL_read_early_data(ssl_s, msgBuf, sizeof(msgBuf), &read), sizeof(msg)); ExpectIntEQ(read, sizeof(msg)); ExpectStrEQ(msg, msgBuf); /* Test 0.5-RTT data */ ExpectIntEQ(wolfSSL_write(ssl_s, msg4, sizeof(msg4)), sizeof(msg4)); if (splitEarlyData) { /* Read second 0-RTT data */ ExpectIntEQ(wolfSSL_read_early_data(ssl_s, msgBuf, sizeof(msgBuf), &read), sizeof(msg)); ExpectIntEQ(read, sizeof(msg)); ExpectStrEQ(msg, msgBuf); } if (params[i].isUdp) { ExpectIntEQ(wolfSSL_connect(ssl_c), -1); ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), APP_DATA_READY); /* Read server 0.5-RTT data */ ExpectIntEQ(wolfSSL_read(ssl_c, msgBuf, sizeof(msgBuf)), sizeof(msg4)); ExpectStrEQ(msg4, msgBuf); /* Complete handshake */ ExpectIntEQ(wolfSSL_connect(ssl_c), -1); ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); /* Use wolfSSL_is_init_finished to check if handshake is complete. Normally * a user would loop until it is true but here we control both sides so we * just assert the expected value. wolfSSL_read_early_data does not provide * handshake status to us with non-blocking IO and we can't use * wolfSSL_accept as TLS layer may return ZERO_RETURN due to early data * parsing logic. */ ExpectFalse(wolfSSL_is_init_finished(ssl_s)); ExpectIntEQ(wolfSSL_read_early_data(ssl_s, msgBuf, sizeof(msgBuf), &read), 0); ExpectIntEQ(read, 0); ExpectTrue(wolfSSL_is_init_finished(ssl_s)); ExpectIntEQ(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS); } else { ExpectIntEQ(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS); ExpectFalse(wolfSSL_is_init_finished(ssl_s)); ExpectIntEQ(wolfSSL_read_early_data(ssl_s, msgBuf, sizeof(msgBuf), &read), 0); ExpectIntEQ(read, 0); ExpectTrue(wolfSSL_is_init_finished(ssl_s)); /* Read server 0.5-RTT data */ ExpectIntEQ(wolfSSL_read(ssl_c, msgBuf, sizeof(msgBuf)), sizeof(msg4)); ExpectStrEQ(msg4, msgBuf); } /* Test bi-directional write */ ExpectIntEQ(wolfSSL_write(ssl_c, msg2, sizeof(msg2)), sizeof(msg2)); ExpectIntEQ(wolfSSL_read(ssl_s, msgBuf, sizeof(msgBuf)), sizeof(msg2)); ExpectStrEQ(msg2, msgBuf); ExpectIntEQ(wolfSSL_write(ssl_s, msg3, sizeof(msg3)), sizeof(msg3)); ExpectIntEQ(wolfSSL_read(ssl_c, msgBuf, sizeof(msgBuf)), sizeof(msg3)); ExpectStrEQ(msg3, msgBuf); ExpectTrue(wolfSSL_session_reused(ssl_c)); ExpectTrue(wolfSSL_session_reused(ssl_s)); wolfSSL_SESSION_free(sess); wolfSSL_free(ssl_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_c); wolfSSL_CTX_free(ctx_s); } } #endif return EXPECT_RESULT(); } #ifdef HAVE_CERTIFICATE_STATUS_REQUEST static int test_self_signed_stapling_client_v1_ctx_ready(WOLFSSL_CTX* ctx) { EXPECT_DECLS; ExpectIntEQ(wolfSSL_CTX_EnableOCSPStapling(ctx), 1); ExpectIntEQ(wolfSSL_CTX_UseOCSPStapling(ctx, WOLFSSL_CSR_OCSP, WOLFSSL_CSR_OCSP_USE_NONCE), 1); return EXPECT_RESULT(); } #endif #ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2 static int test_self_signed_stapling_client_v2_ctx_ready(WOLFSSL_CTX* ctx) { EXPECT_DECLS; ExpectIntEQ(wolfSSL_CTX_EnableOCSPStapling(ctx), 1); ExpectIntEQ(wolfSSL_CTX_UseOCSPStaplingV2(ctx, WOLFSSL_CSR2_OCSP, WOLFSSL_CSR2_OCSP_USE_NONCE), 1); return EXPECT_RESULT(); } static int test_self_signed_stapling_client_v2_multi_ctx_ready(WOLFSSL_CTX* ctx) { EXPECT_DECLS; ExpectIntEQ(wolfSSL_CTX_EnableOCSPStapling(ctx), 1); ExpectIntEQ(wolfSSL_CTX_UseOCSPStaplingV2(ctx, WOLFSSL_CSR2_OCSP_MULTI, 0), 1); return EXPECT_RESULT(); } #endif #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \ || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) static int test_self_signed_stapling_server_ctx_ready(WOLFSSL_CTX* ctx) { EXPECT_DECLS; ExpectIntEQ(wolfSSL_CTX_EnableOCSPStapling(ctx), 1); return EXPECT_RESULT(); } #endif static int test_self_signed_stapling(void) { EXPECT_DECLS; #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \ || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) test_ssl_cbf client_cbf; test_ssl_cbf server_cbf; size_t i; struct { method_provider client_meth; method_provider server_meth; ctx_cb client_ctx; const char* tls_version; } params[] = { #if defined(WOLFSSL_TLS13) && defined(HAVE_CERTIFICATE_STATUS_REQUEST) { wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, test_self_signed_stapling_client_v1_ctx_ready, "TLSv1_3 v1" }, #endif #ifndef WOLFSSL_NO_TLS12 #ifdef HAVE_CERTIFICATE_STATUS_REQUEST { wolfTLSv1_2_client_method, wolfTLSv1_2_server_method, test_self_signed_stapling_client_v1_ctx_ready, "TLSv1_2 v1" }, #endif #ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2 { wolfTLSv1_2_client_method, wolfTLSv1_2_server_method, test_self_signed_stapling_client_v2_ctx_ready, "TLSv1_2 v2" }, { wolfTLSv1_2_client_method, wolfTLSv1_2_server_method, test_self_signed_stapling_client_v2_multi_ctx_ready, "TLSv1_2 v2 multi" }, #endif #endif }; for (i = 0; i < sizeof(params)/sizeof(*params) && !EXPECT_FAIL(); i++) { XMEMSET(&client_cbf, 0, sizeof(client_cbf)); XMEMSET(&server_cbf, 0, sizeof(server_cbf)); printf("\nTesting self-signed cert with status request: %s\n", params[i].tls_version); client_cbf.method = params[i].client_meth; client_cbf.ctx_ready = params[i].client_ctx; server_cbf.method = params[i].server_meth; server_cbf.certPemFile = "certs/ca-cert.pem"; server_cbf.keyPemFile = "certs/ca-key.pem"; server_cbf.ctx_ready = test_self_signed_stapling_server_ctx_ready; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf, &server_cbf, NULL), TEST_SUCCESS); } #endif return EXPECT_RESULT(); } static int test_tls_multi_handshakes_one_record(void) { EXPECT_DECLS; #if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_NO_TLS12) struct test_memio_ctx test_ctx; WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL; WOLFSSL *ssl_c = NULL, *ssl_s = NULL; RecordLayerHeader* rh = NULL; byte *len ; int newRecIdx = RECORD_HEADER_SZ; int idx = 0; XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfTLS_client_method, wolfTLSv1_2_server_method), 0); ExpectIntEQ(wolfSSL_connect(ssl_c), -1); ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); ExpectIntEQ(wolfSSL_accept(ssl_s), -1); ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ); /* Combine server handshake msgs into one record */ while (idx < test_ctx.c_len) { word16 recLen; rh = (RecordLayerHeader*)(test_ctx.c_buff + idx); len = &rh->length[0]; ato16((const byte*)len, &recLen); idx += RECORD_HEADER_SZ; XMEMMOVE(test_ctx.c_buff + newRecIdx, test_ctx.c_buff + idx, (size_t)recLen); newRecIdx += recLen; idx += recLen; } rh = (RecordLayerHeader*)(test_ctx.c_buff); len = &rh->length[0]; c16toa(newRecIdx - RECORD_HEADER_SZ, len); test_ctx.c_len = newRecIdx; ExpectIntEQ(wolfSSL_connect(ssl_c), -1); ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); wolfSSL_free(ssl_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_c); wolfSSL_CTX_free(ctx_s); #endif return EXPECT_RESULT(); } static int test_write_dup(void) { EXPECT_DECLS; #if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(HAVE_WRITE_DUP) size_t i, j; char hiWorld[] = "dup message"; char readData[sizeof(hiWorld) + 5]; struct { method_provider client_meth; method_provider server_meth; const char* version_name; int version; } methods[] = { #ifndef WOLFSSL_NO_TLS12 {wolfTLSv1_2_client_method, wolfTLSv1_2_server_method, "TLS 1.2", WOLFSSL_TLSV1_2}, #endif #ifdef WOLFSSL_TLS13 {wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, "TLS 1.3", WOLFSSL_TLSV1_3}, #endif }; struct { const char* cipher; int version; } ciphers[] = { /* For simplicity the macros are copied from internal.h */ /* TLS 1.2 */ #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && !defined(NO_SHA256) #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448) #ifndef NO_RSA {"ECDHE-RSA-CHACHA20-POLY1305", WOLFSSL_TLSV1_2}, #endif #endif #if !defined(NO_DH) && !defined(NO_RSA) && !defined(NO_TLS_DH) {"DHE-RSA-CHACHA20-POLY1305", WOLFSSL_TLSV1_2}, #endif #endif #if !defined(NO_DH) && !defined(NO_AES) && !defined(NO_TLS) && \ !defined(NO_RSA) && defined(HAVE_AESGCM) && !defined(NO_TLS_DH) #if !defined(NO_SHA256) && defined(WOLFSSL_AES_128) {"DHE-RSA-AES128-GCM-SHA256", WOLFSSL_TLSV1_2}, #endif #if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256) {"DHE-RSA-AES256-GCM-SHA384", WOLFSSL_TLSV1_2}, #endif #endif #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)) \ && !defined(NO_TLS) && !defined(NO_AES) #ifdef HAVE_AESGCM #if !defined(NO_SHA256) && defined(WOLFSSL_AES_128) #ifndef NO_RSA {"ECDHE-RSA-AES128-GCM-SHA256", WOLFSSL_TLSV1_2}, #endif #endif #if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256) #ifndef NO_RSA {"ECDHE-RSA-AES256-GCM-SHA384", WOLFSSL_TLSV1_2}, #endif #endif #endif #endif /* TLS 1.3 */ #ifdef WOLFSSL_TLS13 #ifdef HAVE_AESGCM #if !defined(NO_SHA256) && defined(WOLFSSL_AES_128) {"TLS13-AES128-GCM-SHA256", WOLFSSL_TLSV1_3}, #endif #if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256) {"TLS13-AES256-GCM-SHA384", WOLFSSL_TLSV1_3}, #endif #endif #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) #ifndef NO_SHA256 {"TLS13-CHACHA20-POLY1305-SHA256", WOLFSSL_TLSV1_3}, #endif #endif #ifdef HAVE_AESCCM #if !defined(NO_SHA256) && defined(WOLFSSL_AES_128) {"TLS13-AES128-CCM-SHA256", WOLFSSL_TLSV1_3}, #endif #endif #endif }; for (i = 0; i < XELEM_CNT(methods); i++) { for (j = 0; j < XELEM_CNT(ciphers) && !EXPECT_FAIL(); j++) { struct test_memio_ctx test_ctx; WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL; WOLFSSL *ssl_c = NULL, *ssl_s = NULL; WOLFSSL *ssl_c2 = NULL; if (methods[i].version != ciphers[j].version) continue; if (i == 0 && j == 0) printf("\n"); printf("Testing %s with %s... ", methods[i].version_name, ciphers[j].cipher); XMEMSET(&test_ctx, 0, sizeof(test_ctx)); test_ctx.c_ciphers = test_ctx.s_ciphers = ciphers[j].cipher; ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, methods[i].client_meth, methods[i].server_meth), 0); ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0); ExpectNotNull(ssl_c2 = wolfSSL_write_dup(ssl_c)); ExpectIntEQ(wolfSSL_write(ssl_c, hiWorld, sizeof(hiWorld)), WRITE_DUP_WRITE_E); ExpectIntEQ(wolfSSL_write(ssl_c2, hiWorld, sizeof(hiWorld)), sizeof(hiWorld)); ExpectIntEQ(wolfSSL_read(ssl_s, readData, sizeof(readData)), sizeof(hiWorld)); ExpectIntEQ(wolfSSL_write(ssl_s, hiWorld, sizeof(hiWorld)), sizeof(hiWorld)); ExpectIntEQ(wolfSSL_read(ssl_c2, readData, sizeof(readData)), WRITE_DUP_READ_E); ExpectIntEQ(wolfSSL_read(ssl_c, readData, sizeof(readData)), sizeof(hiWorld)); if (EXPECT_SUCCESS()) printf("ok\n"); else printf("failed\n"); wolfSSL_free(ssl_c); wolfSSL_free(ssl_c2); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_c); wolfSSL_CTX_free(ctx_s); } } #endif return EXPECT_RESULT(); } static int test_read_write_hs(void) { EXPECT_DECLS; #if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_NO_TLS12) WOLFSSL_CTX *ctx_s = NULL, *ctx_c = NULL; WOLFSSL *ssl_s = NULL, *ssl_c = NULL; struct test_memio_ctx test_ctx; uint8_t test_buffer[16]; unsigned int test; /* test == 0 : client writes, server reads */ /* test == 1 : server writes, client reads */ for (test = 0; test < 2; test++) { XMEMSET(&test_ctx, 0, sizeof(test_ctx)); ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfTLSv1_2_client_method, wolfTLSv1_2_server_method), 0); ExpectIntEQ(wolfSSL_set_group_messages(ssl_s), WOLFSSL_SUCCESS); /* CH -> */ if (test == 0) { ExpectIntEQ(wolfSSL_write(ssl_c, "hello", 5), -1); } else { ExpectIntEQ(wolfSSL_read(ssl_c, test_buffer, sizeof(test_buffer)), -1); } ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); /* <- SH + SKE + SHD */ if (test == 0) { ExpectIntEQ(wolfSSL_read(ssl_s, test_buffer, sizeof(test_buffer)), -1); } else { ExpectIntEQ(wolfSSL_write(ssl_s, "hello", 5), -1); } ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ); /* -> CKE + CLIENT FINISHED */ if (test == 0) { ExpectIntEQ(wolfSSL_write(ssl_c, "hello", 5), -1); } else { ExpectIntEQ(wolfSSL_read(ssl_c, test_buffer, sizeof(test_buffer)), -1); } ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); /* abide clang static analyzer */ if (ssl_s != NULL) { /* disable group message to separate sending of ChangeCipherspec * from Finished */ ssl_s->options.groupMessages = 0; } /* allow writing of CS, but not FINISHED */ test_ctx.c_len = TEST_MEMIO_BUF_SZ - 6; /* <- CS */ if (test == 0) { ExpectIntEQ(wolfSSL_read(ssl_s, test_buffer, sizeof(test_buffer)), -1); } else { ExpectIntEQ(wolfSSL_write(ssl_s, "hello", 5), -1); } ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_WRITE); /* move CS message where the client can read it */ memmove(test_ctx.c_buff, (test_ctx.c_buff + TEST_MEMIO_BUF_SZ - 6), 6); test_ctx.c_len = 6; /* read CS */ if (test == 0) { ExpectIntEQ(wolfSSL_write(ssl_c, "hello", 5), -1); } else { ExpectIntEQ(wolfSSL_read(ssl_c, test_buffer, sizeof(test_buffer)), -1); } ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); ExpectIntEQ(test_ctx.c_len, 0); if (test == 0) { /* send SERVER FINISHED */ ExpectIntEQ(wolfSSL_read(ssl_s, test_buffer, sizeof(test_buffer)), -1); ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ); } else { /* send SERVER FINISHED + App Data */ ExpectIntEQ(wolfSSL_write(ssl_s, "hello", 5), 5); } ExpectIntGT(test_ctx.c_len, 0); /* Send and receive the data */ if (test == 0) { ExpectIntEQ(wolfSSL_write(ssl_c, "hello", 5), 5); ExpectIntEQ(wolfSSL_read(ssl_s, test_buffer, sizeof(test_buffer)), 5); } else { ExpectIntEQ(wolfSSL_read(ssl_c, test_buffer, sizeof(test_buffer)), 5); } ExpectBufEQ(test_buffer, "hello", 5); wolfSSL_free(ssl_c); wolfSSL_free(ssl_s); wolfSSL_CTX_free(ctx_c); wolfSSL_CTX_free(ctx_s); ssl_c = ssl_s = NULL; ctx_c = ctx_s = NULL; } #endif return EXPECT_RESULT(); } #if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(OPENSSL_EXTRA) static const char* test_get_signature_nid_siglag; static int test_get_signature_nid_sig; static int test_get_signature_nid_hash; static int test_get_signature_nid_ssl_ready(WOLFSSL* ssl) { EXPECT_DECLS; ExpectIntEQ(wolfSSL_set_cipher_list(ssl, "ALL"), WOLFSSL_SUCCESS); if (!wolfSSL_is_server(ssl)) { ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, test_get_signature_nid_siglag), WOLFSSL_SUCCESS); } return EXPECT_RESULT(); } static int test_get_signature_nid_on_hs_client(WOLFSSL_CTX **ctx, WOLFSSL **ssl) { EXPECT_DECLS; int nid = 0; (void)ctx; if (XSTRSTR(wolfSSL_get_cipher(*ssl), "TLS_RSA_") == NULL) { ExpectIntEQ(SSL_get_peer_signature_type_nid(*ssl, &nid), WOLFSSL_SUCCESS); ExpectIntEQ(nid, test_get_signature_nid_sig); ExpectIntEQ(SSL_get_peer_signature_nid(*ssl, &nid), WOLFSSL_SUCCESS); ExpectIntEQ(nid, test_get_signature_nid_hash); } else /* No sigalg info on static ciphersuite */ return TEST_SUCCESS; return EXPECT_RESULT(); } static int test_get_signature_nid_on_hs_server(WOLFSSL_CTX **ctx, WOLFSSL **ssl) { EXPECT_DECLS; int nid = 0; (void)ctx; ExpectIntEQ(SSL_get_signature_type_nid(*ssl, &nid), WOLFSSL_SUCCESS); ExpectIntEQ(nid, test_get_signature_nid_sig); ExpectIntEQ(SSL_get_signature_nid(*ssl, &nid), WOLFSSL_SUCCESS); ExpectIntEQ(nid, test_get_signature_nid_hash); return EXPECT_RESULT(); } #endif static int test_get_signature_nid(void) { EXPECT_DECLS; #if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(OPENSSL_EXTRA) test_ssl_cbf client_cbf; test_ssl_cbf server_cbf; size_t i; #define TGSN_TLS12_RSA(sigalg, sig_nid, hash_nid) \ { sigalg, sig_nid, hash_nid, WOLFSSL_TLSV1_2, svrCertFile, svrKeyFile, \ caCertFile } #define TGSN_TLS12_ECDSA(sigalg, sig_nid, hash_nid) \ { sigalg, sig_nid, hash_nid, WOLFSSL_TLSV1_2, eccCertFile, eccKeyFile, \ caEccCertFile } #define TGSN_TLS13_RSA(sigalg, sig_nid, hash_nid) \ { sigalg, sig_nid, hash_nid, WOLFSSL_TLSV1_3, svrCertFile, svrKeyFile, \ caCertFile } #define TGSN_TLS13_ECDSA(sigalg, sig_nid, hash_nid) \ { sigalg, sig_nid, hash_nid, WOLFSSL_TLSV1_3, eccCertFile, eccKeyFile, \ caEccCertFile } #define TGSN_TLS13_ED25519(sigalg, sig_nid, hash_nid) \ { sigalg, sig_nid, hash_nid, WOLFSSL_TLSV1_3, edCertFile, edKeyFile, \ caEdCertFile } #define TGSN_TLS13_ED448(sigalg, sig_nid, hash_nid) \ { sigalg, sig_nid, hash_nid, WOLFSSL_TLSV1_3, ed448CertFile, ed448KeyFile, \ caEd448CertFile } struct { const char* siglag; int sig_nid; int hash_nid; int tls_ver; const char* server_cert; const char* server_key; const char* client_ca; } params[] = { #ifndef NO_RSA #ifndef NO_SHA256 TGSN_TLS12_RSA("RSA+SHA256", NID_rsaEncryption, NID_sha256), #ifdef WC_RSA_PSS TGSN_TLS12_RSA("RSA-PSS+SHA256", NID_rsassaPss, NID_sha256), TGSN_TLS13_RSA("RSA-PSS+SHA256", NID_rsassaPss, NID_sha256), #endif #endif #ifdef WOLFSSL_SHA512 TGSN_TLS12_RSA("RSA+SHA512", NID_rsaEncryption, NID_sha512), #ifdef WC_RSA_PSS TGSN_TLS12_RSA("RSA-PSS+SHA512", NID_rsassaPss, NID_sha512), TGSN_TLS13_RSA("RSA-PSS+SHA512", NID_rsassaPss, NID_sha512), #endif #endif #endif #ifdef HAVE_ECC #ifndef NO_SHA256 TGSN_TLS12_ECDSA("ECDSA+SHA256", NID_X9_62_id_ecPublicKey, NID_sha256), TGSN_TLS13_ECDSA("ECDSA+SHA256", NID_X9_62_id_ecPublicKey, NID_sha256), #endif #endif #ifdef HAVE_ED25519 TGSN_TLS13_ED25519("ED25519", NID_ED25519, NID_sha512), #endif #ifdef HAVE_ED448 TGSN_TLS13_ED448("ED448", NID_ED448, NID_sha512), #endif }; printf("\n"); for (i = 0; i < XELEM_CNT(params) && !EXPECT_FAIL(); i++) { XMEMSET(&client_cbf, 0, sizeof(client_cbf)); XMEMSET(&server_cbf, 0, sizeof(server_cbf)); printf("Testing %s with %s...", tls_desc[params[i].tls_ver], params[i].siglag); switch (params[i].tls_ver) { #ifndef WOLFSSL_NO_TLS12 case WOLFSSL_TLSV1_2: client_cbf.method = wolfTLSv1_2_client_method; server_cbf.method = wolfTLSv1_2_server_method; break; #endif #ifdef WOLFSSL_TLS13 case WOLFSSL_TLSV1_3: client_cbf.method = wolfTLSv1_3_client_method; server_cbf.method = wolfTLSv1_3_server_method; break; #endif default: printf("skipping\n"); continue; } test_get_signature_nid_siglag = params[i].siglag; test_get_signature_nid_sig = params[i].sig_nid; test_get_signature_nid_hash = params[i].hash_nid; client_cbf.ssl_ready = test_get_signature_nid_ssl_ready; server_cbf.ssl_ready = test_get_signature_nid_ssl_ready; client_cbf.on_handshake = test_get_signature_nid_on_hs_client; server_cbf.on_handshake = test_get_signature_nid_on_hs_server; server_cbf.certPemFile = params[i].server_cert; server_cbf.keyPemFile = params[i].server_key; client_cbf.caPemFile = params[i].client_ca; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf, &server_cbf, NULL), TEST_SUCCESS); if (EXPECT_SUCCESS()) printf("passed\n"); } #endif return EXPECT_RESULT(); } #if !defined(NO_CERTS) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) static word32 test_tls_cert_store_unchanged_HashCaTable(Signer** caTable) { #ifndef NO_MD5 enum wc_HashType hashType = WC_HASH_TYPE_MD5; #elif !defined(NO_SHA) enum wc_HashType hashType = WC_HASH_TYPE_SHA; #elif !defined(NO_SHA256) enum wc_HashType hashType = WC_HASH_TYPE_SHA256; #else #error "We need a digest to hash the Signer object" #endif byte hashBuf[WC_MAX_DIGEST_SIZE]; wc_HashAlg hash; size_t i; AssertIntEQ(wc_HashInit(&hash, hashType), 0); for (i = 0; i < CA_TABLE_SIZE; i++) { Signer* cur; for (cur = caTable[i]; cur != NULL; cur = cur->next) AssertIntEQ(wc_HashUpdate(&hash, hashType, (byte*)cur, sizeof(*cur)), 0); } AssertIntEQ(wc_HashFinal(&hash, hashType, hashBuf), 0); AssertIntEQ(wc_HashFree(&hash, hashType), 0); return MakeWordFromHash(hashBuf); } static word32 test_tls_cert_store_unchanged_before_hashes[2]; static size_t test_tls_cert_store_unchanged_before_hashes_idx; static word32 test_tls_cert_store_unchanged_after_hashes[2]; static size_t test_tls_cert_store_unchanged_after_hashes_idx; static int test_tls_cert_store_unchanged_ctx_ready(WOLFSSL_CTX* ctx) { EXPECT_DECLS; ExpectIntNE(test_tls_cert_store_unchanged_before_hashes [test_tls_cert_store_unchanged_before_hashes_idx++] = test_tls_cert_store_unchanged_HashCaTable(ctx->cm->caTable), 0); wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0); return EXPECT_RESULT(); } static int test_tls_cert_store_unchanged_ctx_cleanup(WOLFSSL_CTX* ctx) { EXPECT_DECLS; ExpectIntEQ(wolfSSL_CTX_UnloadIntermediateCerts(ctx), WOLFSSL_SUCCESS); ExpectIntNE(test_tls_cert_store_unchanged_after_hashes [test_tls_cert_store_unchanged_after_hashes_idx++] = test_tls_cert_store_unchanged_HashCaTable(ctx->cm->caTable), 0); return EXPECT_RESULT(); } static int test_tls_cert_store_unchanged_on_hs(WOLFSSL_CTX **ctx, WOLFSSL **ssl) { EXPECT_DECLS; WOLFSSL_CERT_MANAGER* cm; (void)ssl; /* WARNING: this approach bypasses the reference counter check in * wolfSSL_CTX_UnloadIntermediateCerts. It is not recommended as it may * cause unexpected behaviour when other active connections try accessing * the caTable. */ ExpectNotNull(cm = wolfSSL_CTX_GetCertManager(*ctx)); ExpectIntEQ(wolfSSL_CertManagerUnloadIntermediateCerts(cm), WOLFSSL_SUCCESS); ExpectIntNE(test_tls_cert_store_unchanged_after_hashes [test_tls_cert_store_unchanged_after_hashes_idx++] = test_tls_cert_store_unchanged_HashCaTable((*ctx)->cm->caTable), 0); return EXPECT_RESULT(); } static int test_tls_cert_store_unchanged_ssl_ready(WOLFSSL* ssl) { EXPECT_DECLS; WOLFSSL_CTX* ctx; ExpectNotNull(ctx = wolfSSL_get_SSL_CTX(ssl)); return EXPECT_RESULT(); } #endif static int test_tls_cert_store_unchanged(void) { EXPECT_DECLS; #if !defined(NO_CERTS) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) test_ssl_cbf client_cbf; test_ssl_cbf server_cbf; int i; for (i = 0; i < 2; i++) { XMEMSET(&client_cbf, 0, sizeof(client_cbf)); XMEMSET(&server_cbf, 0, sizeof(server_cbf)); test_tls_cert_store_unchanged_before_hashes_idx = 0; XMEMSET(test_tls_cert_store_unchanged_before_hashes, 0, sizeof(test_tls_cert_store_unchanged_before_hashes)); test_tls_cert_store_unchanged_after_hashes_idx = 0; XMEMSET(test_tls_cert_store_unchanged_after_hashes, 0, sizeof(test_tls_cert_store_unchanged_after_hashes)); client_cbf.ctx_ready = test_tls_cert_store_unchanged_ctx_ready; server_cbf.ctx_ready = test_tls_cert_store_unchanged_ctx_ready; client_cbf.ssl_ready = test_tls_cert_store_unchanged_ssl_ready; server_cbf.ssl_ready = test_tls_cert_store_unchanged_ssl_ready; switch (i) { case 0: client_cbf.on_ctx_cleanup = test_tls_cert_store_unchanged_ctx_cleanup; server_cbf.on_ctx_cleanup = test_tls_cert_store_unchanged_ctx_cleanup; break; case 1: client_cbf.on_handshake = test_tls_cert_store_unchanged_on_hs; server_cbf.on_handshake = test_tls_cert_store_unchanged_on_hs; break; default: Fail(("Should not enter here"), ("Entered here")); } client_cbf.certPemFile = "certs/intermediate/client-chain.pem"; server_cbf.certPemFile = "certs/intermediate/server-chain.pem"; server_cbf.caPemFile = caCertFile; ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf, &server_cbf, NULL), TEST_SUCCESS); ExpectBufEQ(test_tls_cert_store_unchanged_before_hashes, test_tls_cert_store_unchanged_after_hashes, sizeof(test_tls_cert_store_unchanged_after_hashes)); } #endif return EXPECT_RESULT(); } /*----------------------------------------------------------------------------* | Main *----------------------------------------------------------------------------*/ typedef int (*TEST_FUNC)(void); typedef struct { const char *name; TEST_FUNC func; byte run:1; byte fail:1; } TEST_CASE; #define TEST_DECL(func) { #func, func, 0, 0 } int testAll = 1; TEST_CASE testCases[] = { TEST_DECL(test_fileAccess), /********************************* * wolfcrypt *********************************/ TEST_DECL(test_ForceZero), TEST_DECL(test_wolfCrypt_Init), /* Locking with Compat Mutex */ TEST_DECL(test_wc_SetMutexCb), TEST_DECL(test_wc_LockMutex_ex), /* Digests */ TEST_DECL(test_wc_InitMd5), TEST_DECL(test_wc_Md5Update), TEST_DECL(test_wc_Md5Final), TEST_DECL(test_wc_InitSha), TEST_DECL(test_wc_ShaUpdate), TEST_DECL(test_wc_ShaFinal), TEST_DECL(test_wc_InitSha256), TEST_DECL(test_wc_Sha256Update), TEST_DECL(test_wc_Sha256Final), TEST_DECL(test_wc_Sha256FinalRaw), TEST_DECL(test_wc_Sha256GetFlags), TEST_DECL(test_wc_Sha256Free), TEST_DECL(test_wc_Sha256GetHash), TEST_DECL(test_wc_Sha256Copy), TEST_DECL(test_wc_InitSha224), TEST_DECL(test_wc_Sha224Update), TEST_DECL(test_wc_Sha224Final), TEST_DECL(test_wc_Sha224SetFlags), TEST_DECL(test_wc_Sha224GetFlags), TEST_DECL(test_wc_Sha224Free), TEST_DECL(test_wc_Sha224GetHash), TEST_DECL(test_wc_Sha224Copy), TEST_DECL(test_wc_InitSha512), TEST_DECL(test_wc_Sha512Update), TEST_DECL(test_wc_Sha512Final), TEST_DECL(test_wc_Sha512GetFlags), TEST_DECL(test_wc_Sha512FinalRaw), TEST_DECL(test_wc_Sha512Free), TEST_DECL(test_wc_Sha512GetHash), TEST_DECL(test_wc_Sha512Copy), TEST_DECL(test_wc_InitSha512_224), TEST_DECL(test_wc_Sha512_224Update), TEST_DECL(test_wc_Sha512_224Final), TEST_DECL(test_wc_Sha512_224GetFlags), TEST_DECL(test_wc_Sha512_224FinalRaw), TEST_DECL(test_wc_Sha512_224Free), TEST_DECL(test_wc_Sha512_224GetHash), TEST_DECL(test_wc_Sha512_224Copy), TEST_DECL(test_wc_InitSha512_256), TEST_DECL(test_wc_Sha512_256Update), TEST_DECL(test_wc_Sha512_256Final), TEST_DECL(test_wc_Sha512_256GetFlags), TEST_DECL(test_wc_Sha512_256FinalRaw), TEST_DECL(test_wc_Sha512_256Free), TEST_DECL(test_wc_Sha512_256GetHash), TEST_DECL(test_wc_Sha512_256Copy), TEST_DECL(test_wc_InitSha384), TEST_DECL(test_wc_Sha384Update), TEST_DECL(test_wc_Sha384Final), TEST_DECL(test_wc_Sha384GetFlags), TEST_DECL(test_wc_Sha384FinalRaw), TEST_DECL(test_wc_Sha384Free), TEST_DECL(test_wc_Sha384GetHash), TEST_DECL(test_wc_Sha384Copy), TEST_DECL(test_wc_InitBlake2b), TEST_DECL(test_wc_InitBlake2b_WithKey), TEST_DECL(test_wc_InitBlake2s_WithKey), TEST_DECL(test_wc_InitRipeMd), TEST_DECL(test_wc_RipeMdUpdate), TEST_DECL(test_wc_RipeMdFinal), TEST_DECL(test_wc_InitSha3), TEST_DECL(testing_wc_Sha3_Update), TEST_DECL(test_wc_Sha3_224_Final), TEST_DECL(test_wc_Sha3_256_Final), TEST_DECL(test_wc_Sha3_384_Final), TEST_DECL(test_wc_Sha3_512_Final), TEST_DECL(test_wc_Sha3_224_Copy), TEST_DECL(test_wc_Sha3_256_Copy), TEST_DECL(test_wc_Sha3_384_Copy), TEST_DECL(test_wc_Sha3_512_Copy), TEST_DECL(test_wc_Sha3_GetFlags), TEST_DECL(test_wc_InitShake256), TEST_DECL(testing_wc_Shake256_Update), TEST_DECL(test_wc_Shake256_Final), TEST_DECL(test_wc_Shake256_Copy), TEST_DECL(test_wc_Shake256Hash), /* SM3 Digest */ TEST_DECL(test_wc_InitSm3Free), TEST_DECL(test_wc_Sm3UpdateFinal), TEST_DECL(test_wc_Sm3GetHash), TEST_DECL(test_wc_Sm3Copy), TEST_DECL(test_wc_Sm3FinalRaw), TEST_DECL(test_wc_Sm3GetSetFlags), TEST_DECL(test_wc_Sm3Hash), TEST_DECL(test_wc_HashInit), TEST_DECL(test_wc_HashSetFlags), TEST_DECL(test_wc_HashGetFlags), /* HMAC */ TEST_DECL(test_wc_Md5HmacSetKey), TEST_DECL(test_wc_Md5HmacUpdate), TEST_DECL(test_wc_Md5HmacFinal), TEST_DECL(test_wc_ShaHmacSetKey), TEST_DECL(test_wc_ShaHmacUpdate), TEST_DECL(test_wc_ShaHmacFinal), TEST_DECL(test_wc_Sha224HmacSetKey), TEST_DECL(test_wc_Sha224HmacUpdate), TEST_DECL(test_wc_Sha224HmacFinal), TEST_DECL(test_wc_Sha256HmacSetKey), TEST_DECL(test_wc_Sha256HmacUpdate), TEST_DECL(test_wc_Sha256HmacFinal), TEST_DECL(test_wc_Sha384HmacSetKey), TEST_DECL(test_wc_Sha384HmacUpdate), TEST_DECL(test_wc_Sha384HmacFinal), /* CMAC */ TEST_DECL(test_wc_InitCmac), TEST_DECL(test_wc_CmacUpdate), TEST_DECL(test_wc_CmacFinal), TEST_DECL(test_wc_AesCmacGenerate), /* Cipher */ TEST_DECL(test_wc_AesGcmStream), TEST_DECL(test_wc_Des3_SetIV), TEST_DECL(test_wc_Des3_SetKey), TEST_DECL(test_wc_Des3_CbcEncryptDecrypt), TEST_DECL(test_wc_Des3_CbcEncryptDecryptWithKey), TEST_DECL(test_wc_Des3_EcbEncrypt), TEST_DECL(test_wc_Chacha_SetKey), TEST_DECL(test_wc_Chacha_Process), TEST_DECL(test_wc_ChaCha20Poly1305_aead), TEST_DECL(test_wc_Poly1305SetKey), TEST_DECL(test_wc_CamelliaSetKey), TEST_DECL(test_wc_CamelliaSetIV), TEST_DECL(test_wc_CamelliaEncryptDecryptDirect), TEST_DECL(test_wc_CamelliaCbcEncryptDecrypt), TEST_DECL(test_wc_Arc4SetKey), TEST_DECL(test_wc_Arc4Process), TEST_DECL(test_wc_Rc2SetKey), TEST_DECL(test_wc_Rc2SetIV), TEST_DECL(test_wc_Rc2EcbEncryptDecrypt), TEST_DECL(test_wc_Rc2CbcEncryptDecrypt), /* AES cipher and GMAC. */ TEST_DECL(test_wc_AesSetKey), TEST_DECL(test_wc_AesSetIV), TEST_DECL(test_wc_AesCbcEncryptDecrypt), TEST_DECL(test_wc_AesCtrEncryptDecrypt), TEST_DECL(test_wc_AesGcmSetKey), TEST_DECL(test_wc_AesGcmEncryptDecrypt), TEST_DECL(test_wc_AesGcmMixedEncDecLongIV), TEST_DECL(test_wc_GmacSetKey), TEST_DECL(test_wc_GmacUpdate), TEST_DECL(test_wc_AesCcmSetKey), TEST_DECL(test_wc_AesCcmEncryptDecrypt), #if defined(WOLFSSL_AES_EAX) && \ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST) TEST_DECL(test_wc_AesEaxVectors), TEST_DECL(test_wc_AesEaxEncryptAuth), TEST_DECL(test_wc_AesEaxDecryptAuth), #endif /* WOLFSSL_AES_EAX */ /* SM4 cipher */ TEST_DECL(test_wc_Sm4), TEST_DECL(test_wc_Sm4Ecb), TEST_DECL(test_wc_Sm4Cbc), TEST_DECL(test_wc_Sm4Ctr), TEST_DECL(test_wc_Sm4Gcm), TEST_DECL(test_wc_Sm4Ccm), /* RNG tests */ #ifdef HAVE_HASHDRBG #ifdef TEST_RESEED_INTERVAL TEST_DECL(test_wc_RNG_GenerateBlock_Reseed), #endif TEST_DECL(test_wc_RNG_GenerateBlock), #endif TEST_DECL(test_get_rand_digit), TEST_DECL(test_wc_InitRngNonce), TEST_DECL(test_wc_InitRngNonce_ex), /* MP API tests */ TEST_DECL(test_get_digit_count), TEST_DECL(test_mp_cond_copy), TEST_DECL(test_mp_rand), TEST_DECL(test_get_digit), TEST_DECL(test_wc_export_int), /* RSA */ TEST_DECL(test_wc_InitRsaKey), TEST_DECL(test_wc_RsaPrivateKeyDecode), TEST_DECL(test_wc_RsaPublicKeyDecode), TEST_DECL(test_wc_RsaPublicKeyDecodeRaw), TEST_DECL(test_wc_MakeRsaKey), TEST_DECL(test_wc_CheckProbablePrime), TEST_DECL(test_wc_RsaPSS_Verify), TEST_DECL(test_wc_RsaPSS_VerifyCheck), TEST_DECL(test_wc_RsaPSS_VerifyCheckInline), TEST_DECL(test_wc_RsaKeyToDer), TEST_DECL(test_wc_RsaKeyToPublicDer), TEST_DECL(test_wc_RsaPublicEncryptDecrypt), TEST_DECL(test_wc_RsaPublicEncryptDecrypt_ex), TEST_DECL(test_wc_RsaEncryptSize), TEST_DECL(test_wc_RsaSSL_SignVerify), TEST_DECL(test_wc_RsaFlattenPublicKey), TEST_DECL(test_RsaDecryptBoundsCheck), /* DSA */ TEST_DECL(test_wc_InitDsaKey), TEST_DECL(test_wc_DsaSignVerify), TEST_DECL(test_wc_DsaPublicPrivateKeyDecode), TEST_DECL(test_wc_MakeDsaKey), TEST_DECL(test_wc_DsaKeyToDer), TEST_DECL(test_wc_DsaKeyToPublicDer), TEST_DECL(test_wc_DsaImportParamsRaw), TEST_DECL(test_wc_DsaImportParamsRawCheck), TEST_DECL(test_wc_DsaExportParamsRaw), TEST_DECL(test_wc_DsaExportKeyRaw), /* DH */ TEST_DECL(test_wc_DhPublicKeyDecode), /* wolfCrypt ECC tests */ TEST_DECL(test_wc_ecc_get_curve_size_from_name), TEST_DECL(test_wc_ecc_get_curve_id_from_name), TEST_DECL(test_wc_ecc_get_curve_id_from_params), #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && \ !defined(HAVE_SELFTEST) && \ !(defined(HAVE_FIPS) || defined(HAVE_FIPS_VERSION)) TEST_DECL(test_wc_ecc_get_curve_id_from_dp_params), #endif TEST_DECL(test_wc_ecc_make_key), TEST_DECL(test_wc_ecc_init), TEST_DECL(test_wc_ecc_check_key), TEST_DECL(test_wc_ecc_get_generator), TEST_DECL(test_wc_ecc_size), TEST_DECL(test_wc_ecc_params), TEST_DECL(test_wc_ecc_signVerify_hash), TEST_DECL(test_wc_ecc_shared_secret), TEST_DECL(test_wc_ecc_export_x963), TEST_DECL(test_wc_ecc_export_x963_ex), TEST_DECL(test_wc_ecc_import_x963), TEST_DECL(test_wc_ecc_import_private_key), TEST_DECL(test_wc_ecc_export_private_only), TEST_DECL(test_wc_ecc_rs_to_sig), TEST_DECL(test_wc_ecc_import_raw), TEST_DECL(test_wc_ecc_import_unsigned), TEST_DECL(test_wc_ecc_sig_size), TEST_DECL(test_wc_ecc_ctx_new), TEST_DECL(test_wc_ecc_ctx_reset), TEST_DECL(test_wc_ecc_ctx_set_peer_salt), TEST_DECL(test_wc_ecc_ctx_set_info), TEST_DECL(test_wc_ecc_encryptDecrypt), TEST_DECL(test_wc_ecc_del_point), TEST_DECL(test_wc_ecc_pointFns), TEST_DECL(test_wc_ecc_shared_secret_ssh), TEST_DECL(test_wc_ecc_verify_hash_ex), TEST_DECL(test_wc_ecc_mulmod), TEST_DECL(test_wc_ecc_is_valid_idx), TEST_DECL(test_wc_ecc_get_curve_id_from_oid), TEST_DECL(test_wc_ecc_sig_size_calc), TEST_DECL(test_wc_EccPrivateKeyToDer), /* SM2 elliptic curve */ TEST_DECL(test_wc_ecc_sm2_make_key), TEST_DECL(test_wc_ecc_sm2_shared_secret), TEST_DECL(test_wc_ecc_sm2_create_digest), TEST_DECL(test_wc_ecc_sm2_verify_hash_ex), TEST_DECL(test_wc_ecc_sm2_verify_hash), TEST_DECL(test_wc_ecc_sm2_sign_hash_ex), TEST_DECL(test_wc_ecc_sm2_sign_hash), /* Curve25519 */ TEST_DECL(test_wc_curve25519_init), TEST_DECL(test_wc_curve25519_size), TEST_DECL(test_wc_curve25519_export_key_raw), TEST_DECL(test_wc_curve25519_export_key_raw_ex), TEST_DECL(test_wc_curve25519_make_key), TEST_DECL(test_wc_curve25519_shared_secret_ex), TEST_DECL(test_wc_curve25519_make_pub), TEST_DECL(test_wc_curve25519_export_public_ex), TEST_DECL(test_wc_curve25519_export_private_raw_ex), TEST_DECL(test_wc_curve25519_import_private_raw_ex), TEST_DECL(test_wc_curve25519_import_private), /* ED25519 */ TEST_DECL(test_wc_ed25519_make_key), TEST_DECL(test_wc_ed25519_init), TEST_DECL(test_wc_ed25519_sign_msg), TEST_DECL(test_wc_ed25519_import_public), TEST_DECL(test_wc_ed25519_import_private_key), TEST_DECL(test_wc_ed25519_export), TEST_DECL(test_wc_ed25519_size), TEST_DECL(test_wc_ed25519_exportKey), TEST_DECL(test_wc_Ed25519PublicKeyToDer), TEST_DECL(test_wc_Ed25519KeyToDer), TEST_DECL(test_wc_Ed25519PrivateKeyToDer), /* Curve448 */ TEST_DECL(test_wc_curve448_make_key), TEST_DECL(test_wc_curve448_shared_secret_ex), TEST_DECL(test_wc_curve448_export_public_ex), TEST_DECL(test_wc_curve448_export_private_raw_ex), TEST_DECL(test_wc_curve448_export_key_raw), TEST_DECL(test_wc_curve448_import_private_raw_ex), TEST_DECL(test_wc_curve448_import_private), TEST_DECL(test_wc_curve448_init), TEST_DECL(test_wc_curve448_size), /* Ed448 */ TEST_DECL(test_wc_ed448_make_key), TEST_DECL(test_wc_ed448_init), TEST_DECL(test_wc_ed448_sign_msg), TEST_DECL(test_wc_ed448_import_public), TEST_DECL(test_wc_ed448_import_private_key), TEST_DECL(test_wc_ed448_export), TEST_DECL(test_wc_ed448_size), TEST_DECL(test_wc_ed448_exportKey), TEST_DECL(test_wc_Ed448PublicKeyToDer), TEST_DECL(test_wc_Ed448KeyToDer), TEST_DECL(test_wc_Ed448PrivateKeyToDer), /* Signature API */ TEST_DECL(test_wc_SignatureGetSize_ecc), TEST_DECL(test_wc_SignatureGetSize_rsa), /* PEM and DER APIs. */ TEST_DECL(test_wc_PemToDer), TEST_DECL(test_wc_AllocDer), TEST_DECL(test_wc_CertPemToDer), TEST_DECL(test_wc_KeyPemToDer), TEST_DECL(test_wc_PubKeyPemToDer), TEST_DECL(test_wc_PemPubKeyToDer), TEST_DECL(test_wc_GetPubKeyDerFromCert), TEST_DECL(test_wc_CheckCertSigPubKey), /* wolfCrypt ASN tests */ TEST_DECL(test_ToTraditional), TEST_DECL(test_wc_CreateEncryptedPKCS8Key), TEST_DECL(test_wc_GetPkcs8TraditionalOffset), /* Certificate */ TEST_DECL(test_wc_SetSubjectRaw), TEST_DECL(test_wc_GetSubjectRaw), TEST_DECL(test_wc_SetIssuerRaw), TEST_DECL(test_wc_SetIssueBuffer), TEST_DECL(test_wc_SetSubjectKeyId), TEST_DECL(test_wc_SetSubject), TEST_DECL(test_CheckCertSignature), TEST_DECL(test_wc_ParseCert), TEST_DECL(test_wc_ParseCert_Error), TEST_DECL(test_MakeCertWithPathLen), TEST_DECL(test_MakeCertWithCaFalse), TEST_DECL(test_wc_SetKeyUsage), TEST_DECL(test_wc_SetAuthKeyIdFromPublicKey_ex), TEST_DECL(test_wc_SetSubjectBuffer), TEST_DECL(test_wc_SetSubjectKeyIdFromPublicKey_ex), /* wolfcrypt PKCS#7 */ TEST_DECL(test_wc_PKCS7_New), TEST_DECL(test_wc_PKCS7_Init), TEST_DECL(test_wc_PKCS7_InitWithCert), TEST_DECL(test_wc_PKCS7_EncodeData), TEST_DECL(test_wc_PKCS7_EncodeSignedData), TEST_DECL(test_wc_PKCS7_EncodeSignedData_ex), TEST_DECL(test_wc_PKCS7_VerifySignedData_RSA), TEST_DECL(test_wc_PKCS7_VerifySignedData_ECC), TEST_DECL(test_wc_PKCS7_EncodeDecodeEnvelopedData), TEST_DECL(test_wc_PKCS7_EncodeEncryptedData), TEST_DECL(test_wc_PKCS7_Degenerate), TEST_DECL(test_wc_PKCS7_BER), TEST_DECL(test_wc_PKCS7_signed_enveloped), TEST_DECL(test_wc_PKCS7_NoDefaultSignedAttribs), TEST_DECL(test_wc_PKCS7_SetOriEncryptCtx), TEST_DECL(test_wc_PKCS7_SetOriDecryptCtx), TEST_DECL(test_wc_PKCS7_DecodeCompressedData), /* wolfCrypt PKCS#12 */ TEST_DECL(test_wc_i2d_PKCS12), /* * test_wolfCrypt_Cleanup needs to come after the above wolfCrypt tests to * avoid memory leaks. */ TEST_DECL(test_wolfCrypt_Cleanup), TEST_DECL(test_wolfSSL_Init), TEST_DECL(test_dual_alg_support), /********************************* * OpenSSL compatibility API tests *********************************/ /* If at some point a stub get implemented this test should fail indicating * a need to implement a new test case */ TEST_DECL(test_stubs_are_stubs), /* ASN.1 compatibility API tests */ TEST_DECL(test_wolfSSL_ASN1_BIT_STRING), TEST_DECL(test_wolfSSL_ASN1_INTEGER), TEST_DECL(test_wolfSSL_ASN1_INTEGER_cmp), TEST_DECL(test_wolfSSL_ASN1_INTEGER_BN), TEST_DECL(test_wolfSSL_ASN1_INTEGER_get_set), TEST_DECL(test_wolfSSL_d2i_ASN1_INTEGER), TEST_DECL(test_wolfSSL_a2i_ASN1_INTEGER), TEST_DECL(test_wolfSSL_i2c_ASN1_INTEGER), TEST_DECL(test_wolfSSL_ASN1_OBJECT), TEST_DECL(test_wolfSSL_ASN1_get_object), TEST_DECL(test_wolfSSL_i2a_ASN1_OBJECT), TEST_DECL(test_wolfSSL_i2t_ASN1_OBJECT), TEST_DECL(test_wolfSSL_sk_ASN1_OBJECT), TEST_DECL(test_wolfSSL_ASN1_STRING), TEST_DECL(test_wolfSSL_ASN1_STRING_to_UTF8), TEST_DECL(test_wolfSSL_i2s_ASN1_STRING), TEST_DECL(test_wolfSSL_ASN1_STRING_canon), TEST_DECL(test_wolfSSL_ASN1_STRING_print), TEST_DECL(test_wolfSSL_ASN1_STRING_print_ex), TEST_DECL(test_wolfSSL_ASN1_UNIVERSALSTRING_to_string), TEST_DECL(test_wolfSSL_ASN1_GENERALIZEDTIME_free), TEST_DECL(test_wolfSSL_ASN1_GENERALIZEDTIME_print), TEST_DECL(test_wolfSSL_ASN1_TIME), TEST_DECL(test_wolfSSL_ASN1_TIME_to_string), TEST_DECL(test_wolfSSL_ASN1_TIME_diff_compare), TEST_DECL(test_wolfSSL_ASN1_TIME_adj), TEST_DECL(test_wolfSSL_ASN1_TIME_to_tm), TEST_DECL(test_wolfSSL_ASN1_TIME_to_generalizedtime), TEST_DECL(test_wolfSSL_ASN1_TIME_print), TEST_DECL(test_wolfSSL_ASN1_UTCTIME_print), TEST_DECL(test_wolfSSL_ASN1_TYPE), TEST_DECL(test_wolfSSL_IMPLEMENT_ASN1_FUNCTIONS), TEST_DECL(test_wolfSSL_lhash), TEST_DECL(test_wolfSSL_certs), TEST_DECL(test_wolfSSL_private_keys), TEST_DECL(test_wolfSSL_PEM_read_PrivateKey), TEST_DECL(test_wolfSSL_PEM_read_RSA_PUBKEY), TEST_DECL(test_wolfSSL_PEM_read_PUBKEY), TEST_DECL(test_wolfSSL_PEM_PrivateKey), TEST_DECL(test_wolfSSL_PEM_file_RSAKey), TEST_DECL(test_wolfSSL_PEM_file_RSAPrivateKey), #ifndef NO_BIO TEST_DECL(test_wolfSSL_BIO), TEST_DECL(test_wolfSSL_BIO_BIO_ring_read), TEST_DECL(test_wolfSSL_PEM_read_bio), TEST_DECL(test_wolfSSL_PEM_bio_RSAKey), TEST_DECL(test_wolfSSL_PEM_bio_DSAKey), TEST_DECL(test_wolfSSL_PEM_bio_ECKey), TEST_DECL(test_wolfSSL_PEM_bio_RSAPrivateKey), TEST_DECL(test_wolfSSL_PEM_PUBKEY), #endif /* EVP API testing */ TEST_DECL(test_wolfSSL_EVP_ENCODE_CTX_new), TEST_DECL(test_wolfSSL_EVP_ENCODE_CTX_free), TEST_DECL(test_wolfSSL_EVP_EncodeInit), TEST_DECL(test_wolfSSL_EVP_EncodeUpdate), TEST_DECL(test_wolfSSL_EVP_EncodeFinal), TEST_DECL(test_wolfSSL_EVP_DecodeInit), TEST_DECL(test_wolfSSL_EVP_DecodeUpdate), TEST_DECL(test_wolfSSL_EVP_DecodeFinal), TEST_DECL(test_wolfSSL_EVP_shake128), TEST_DECL(test_wolfSSL_EVP_shake256), TEST_DECL(test_wolfSSL_EVP_sm3), TEST_DECL(test_EVP_blake2), #ifdef OPENSSL_ALL TEST_DECL(test_wolfSSL_EVP_md4), TEST_DECL(test_wolfSSL_EVP_ripemd160), TEST_DECL(test_wolfSSL_EVP_get_digestbynid), TEST_DECL(test_wolfSSL_EVP_MD_nid), TEST_DECL(test_wolfSSL_EVP_DigestFinal_ex), #endif TEST_DECL(test_EVP_MD_do_all), TEST_DECL(test_wolfSSL_EVP_MD_size), TEST_DECL(test_wolfSSL_EVP_MD_pkey_type), TEST_DECL(test_wolfSSL_EVP_Digest), TEST_DECL(test_wolfSSL_EVP_Digest_all), TEST_DECL(test_wolfSSL_EVP_MD_hmac_signing), TEST_DECL(test_wolfSSL_EVP_MD_rsa_signing), TEST_DECL(test_wolfSSL_EVP_MD_ecc_signing), TEST_DECL(test_wolfssl_EVP_aes_gcm), TEST_DECL(test_wolfssl_EVP_aes_gcm_AAD_2_parts), TEST_DECL(test_wolfssl_EVP_aes_gcm_zeroLen), TEST_DECL(test_wolfssl_EVP_aes_ccm), TEST_DECL(test_wolfssl_EVP_aes_ccm_zeroLen), TEST_DECL(test_wolfssl_EVP_chacha20), TEST_DECL(test_wolfssl_EVP_chacha20_poly1305), TEST_DECL(test_wolfssl_EVP_sm4_ecb), TEST_DECL(test_wolfssl_EVP_sm4_cbc), TEST_DECL(test_wolfssl_EVP_sm4_ctr), TEST_DECL(test_wolfssl_EVP_sm4_gcm_zeroLen), TEST_DECL(test_wolfssl_EVP_sm4_gcm), TEST_DECL(test_wolfssl_EVP_sm4_ccm_zeroLen), TEST_DECL(test_wolfssl_EVP_sm4_ccm), #ifdef OPENSSL_ALL TEST_DECL(test_wolfSSL_EVP_aes_256_gcm), TEST_DECL(test_wolfSSL_EVP_aes_192_gcm), TEST_DECL(test_wolfSSL_EVP_aes_256_ccm), TEST_DECL(test_wolfSSL_EVP_aes_192_ccm), TEST_DECL(test_wolfSSL_EVP_aes_128_ccm), TEST_DECL(test_wolfSSL_EVP_rc4), TEST_DECL(test_wolfSSL_EVP_enc_null), TEST_DECL(test_wolfSSL_EVP_rc2_cbc), TEST_DECL(test_wolfSSL_EVP_mdc2), TEST_DECL(test_evp_cipher_aes_gcm), #endif TEST_DECL(test_wolfssl_EVP_aria_gcm), TEST_DECL(test_wolfSSL_EVP_Cipher_extra), #ifdef OPENSSL_EXTRA TEST_DECL(test_wolfSSL_EVP_get_cipherbynid), TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX), #endif #ifdef OPENSSL_ALL TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX_iv_length), TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX_key_length), TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX_set_iv), TEST_DECL(test_wolfSSL_EVP_CIPHER_block_size), TEST_DECL(test_wolfSSL_EVP_CIPHER_iv_length), TEST_DECL(test_wolfSSL_EVP_X_STATE), TEST_DECL(test_wolfSSL_EVP_X_STATE_LEN), TEST_DECL(test_wolfSSL_EVP_BytesToKey), #endif TEST_DECL(test_wolfSSL_EVP_PKEY_print_public), TEST_DECL(test_wolfSSL_EVP_PKEY_new_mac_key), TEST_DECL(test_wolfSSL_EVP_PKEY_new_CMAC_key), TEST_DECL(test_wolfSSL_EVP_PKEY_up_ref), TEST_DECL(test_wolfSSL_EVP_PKEY_hkdf), TEST_DECL(test_wolfSSL_EVP_PKEY_derive), TEST_DECL(test_wolfSSL_d2i_and_i2d_PublicKey), TEST_DECL(test_wolfSSL_d2i_and_i2d_PublicKey_ecc), #ifndef NO_BIO TEST_DECL(test_wolfSSL_d2i_PUBKEY), #endif TEST_DECL(test_wolfSSL_d2i_and_i2d_DSAparams), TEST_DECL(test_wolfSSL_i2d_PrivateKey), #if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)) && !defined(NO_RSA) #ifndef NO_BIO TEST_DECL(test_wolfSSL_d2i_PrivateKeys_bio), #endif /* !NO_BIO */ #endif #ifdef OPENSSL_ALL TEST_DECL(test_wolfSSL_EVP_PKEY_set1_get1_DSA), TEST_DECL(test_wolfSSL_EVP_PKEY_set1_get1_EC_KEY), TEST_DECL(test_wolfSSL_EVP_PKEY_set1_get1_DH), TEST_DECL(test_wolfSSL_EVP_PKEY_assign), TEST_DECL(test_wolfSSL_EVP_PKEY_assign_DH), TEST_DECL(test_wolfSSL_EVP_PKEY_base_id), TEST_DECL(test_wolfSSL_EVP_PKEY_id), TEST_DECL(test_wolfSSL_EVP_PKEY_paramgen), TEST_DECL(test_wolfSSL_EVP_PKEY_keygen), TEST_DECL(test_wolfSSL_EVP_PKEY_keygen_init), TEST_DECL(test_wolfSSL_EVP_PKEY_missing_parameters), TEST_DECL(test_wolfSSL_EVP_PKEY_copy_parameters), TEST_DECL(test_wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits), TEST_DECL(test_wolfSSL_EVP_PKEY_CTX_new_id), TEST_DECL(test_wolfSSL_EVP_PKEY_get0_EC_KEY), #endif TEST_DECL(test_EVP_PKEY_rsa), TEST_DECL(test_EVP_PKEY_ec), TEST_DECL(test_wolfSSL_EVP_PKEY_encrypt), TEST_DECL(test_wolfSSL_EVP_PKEY_sign_verify_rsa), TEST_DECL(test_wolfSSL_EVP_PKEY_sign_verify_dsa), TEST_DECL(test_wolfSSL_EVP_PKEY_sign_verify_ec), TEST_DECL(test_EVP_PKEY_cmp), #ifdef OPENSSL_ALL TEST_DECL(test_wolfSSL_EVP_SignInit_ex), TEST_DECL(test_wolfSSL_EVP_PKEY_param_check), TEST_DECL(test_wolfSSL_QT_EVP_PKEY_CTX_free), #endif TEST_DECL(test_wolfSSL_EVP_PBE_scrypt), TEST_DECL(test_wolfSSL_CTX_add_extra_chain_cert), #if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) TEST_DECL(test_wolfSSL_ERR_peek_last_error_line), #endif #ifndef NO_BIO TEST_DECL(test_wolfSSL_ERR_print_errors_cb), TEST_DECL(test_wolfSSL_GetLoggingCb), TEST_DECL(test_WOLFSSL_ERROR_MSG), TEST_DECL(test_wc_ERR_remove_state), TEST_DECL(test_wc_ERR_print_errors_fp), #endif TEST_DECL(test_wolfSSL_configure_args), TEST_DECL(test_wolfSSL_sk_SSL_CIPHER), TEST_DECL(test_wolfSSL_set1_curves_list), TEST_DECL(test_wolfSSL_set1_sigalgs_list), TEST_DECL(test_wolfSSL_OtherName), TEST_DECL(test_wolfSSL_FPKI), TEST_DECL(test_wolfSSL_URI), TEST_DECL(test_wolfSSL_TBS), TEST_DECL(test_wolfSSL_X509_STORE_CTX), TEST_DECL(test_X509_STORE_untrusted), TEST_DECL(test_wolfSSL_X509_STORE_CTX_trusted_stack_cleanup), TEST_DECL(test_wolfSSL_X509_STORE_CTX_get0_current_issuer), TEST_DECL(test_wolfSSL_X509_STORE_set_flags), TEST_DECL(test_wolfSSL_X509_LOOKUP_load_file), TEST_DECL(test_wolfSSL_X509_Name_canon), TEST_DECL(test_wolfSSL_X509_LOOKUP_ctrl_file), TEST_DECL(test_wolfSSL_X509_LOOKUP_ctrl_hash_dir), TEST_DECL(test_wolfSSL_X509_NID), TEST_DECL(test_wolfSSL_X509_STORE_CTX_set_time), TEST_DECL(test_wolfSSL_get0_param), TEST_DECL(test_wolfSSL_X509_VERIFY_PARAM_set1_host), TEST_DECL(test_wolfSSL_set1_host), TEST_DECL(test_wolfSSL_X509_VERIFY_PARAM_set1_ip), TEST_DECL(test_wolfSSL_X509_STORE_CTX_get0_store), TEST_DECL(test_wolfSSL_X509_STORE), TEST_DECL(test_wolfSSL_X509_STORE_load_locations), TEST_DECL(test_X509_STORE_get0_objects), TEST_DECL(test_wolfSSL_X509_load_crl_file), TEST_DECL(test_wolfSSL_X509_STORE_get1_certs), TEST_DECL(test_wolfSSL_X509_NAME_ENTRY_get_object), TEST_DECL(test_wolfSSL_X509_cmp_time), TEST_DECL(test_wolfSSL_X509_time_adj), /* X509 tests */ TEST_DECL(test_wolfSSL_X509_subject_name_hash), TEST_DECL(test_wolfSSL_X509_issuer_name_hash), TEST_DECL(test_wolfSSL_X509_check_host), TEST_DECL(test_wolfSSL_X509_check_email), TEST_DECL(test_wolfSSL_X509_check_private_key), TEST_DECL(test_wolfSSL_X509), TEST_DECL(test_wolfSSL_X509_VERIFY_PARAM), TEST_DECL(test_wolfSSL_X509_sign), TEST_DECL(test_wolfSSL_X509_sign2), TEST_DECL(test_wolfSSL_X509_verify), TEST_DECL(test_wolfSSL_X509_get0_tbs_sigalg), TEST_DECL(test_wolfSSL_X509_ALGOR_get0), TEST_DECL(test_wolfSSL_X509_get_X509_PUBKEY), TEST_DECL(test_wolfSSL_X509_PUBKEY_RSA), TEST_DECL(test_wolfSSL_X509_PUBKEY_EC), TEST_DECL(test_wolfSSL_X509_PUBKEY_DSA), TEST_DECL(test_wolfSSL_PEM_write_bio_X509), TEST_DECL(test_wolfSSL_X509_NAME_get_entry), TEST_DECL(test_wolfSSL_X509_NAME), TEST_DECL(test_wolfSSL_X509_NAME_hash), TEST_DECL(test_wolfSSL_X509_NAME_print_ex), TEST_DECL(test_wolfSSL_X509_NAME_ENTRY), TEST_DECL(test_wolfSSL_X509_set_name), TEST_DECL(test_wolfSSL_X509_set_notAfter), TEST_DECL(test_wolfSSL_X509_set_notBefore), TEST_DECL(test_wolfSSL_X509_set_version), TEST_DECL(test_wolfSSL_X509_get_serialNumber), TEST_DECL(test_wolfSSL_X509_CRL), TEST_DECL(test_wolfSSL_i2d_X509), TEST_DECL(test_wolfSSL_d2i_X509_REQ), TEST_DECL(test_wolfSSL_PEM_read_X509), TEST_DECL(test_wolfSSL_X509_check_ca), TEST_DECL(test_wolfSSL_X509_check_ip_asc), TEST_DECL(test_wolfSSL_make_cert), #ifndef NO_BIO TEST_DECL(test_wolfSSL_X509_INFO_multiple_info), TEST_DECL(test_wolfSSL_X509_INFO), TEST_DECL(test_wolfSSL_PEM_X509_INFO_read_bio), #endif #ifdef OPENSSL_ALL TEST_DECL(test_wolfSSL_X509_PUBKEY_get), #endif TEST_DECL(test_wolfSSL_X509_CA_num), TEST_DECL(test_wolfSSL_X509_get_version), #ifndef NO_BIO TEST_DECL(test_wolfSSL_X509_print), TEST_DECL(test_wolfSSL_X509_CRL_print), #endif TEST_DECL(test_X509_get_signature_nid), /* X509 extension testing. */ TEST_DECL(test_wolfSSL_X509_get_extension_flags), TEST_DECL(test_wolfSSL_X509_get_ext), TEST_DECL(test_wolfSSL_X509_get_ext_by_NID), TEST_DECL(test_wolfSSL_X509_get_ext_subj_alt_name), TEST_DECL(test_wolfSSL_X509_get_ext_count), TEST_DECL(test_wolfSSL_X509_EXTENSION_new), TEST_DECL(test_wolfSSL_X509_EXTENSION_get_object), TEST_DECL(test_wolfSSL_X509_EXTENSION_get_data), TEST_DECL(test_wolfSSL_X509_EXTENSION_get_critical), TEST_DECL(test_wolfSSL_X509V3_EXT_get), TEST_DECL(test_wolfSSL_X509V3_EXT_nconf), TEST_DECL(test_wolfSSL_X509V3_EXT), TEST_DECL(test_wolfSSL_X509V3_EXT_print), TEST_DECL(test_wolfSSL_X509_cmp), TEST_DECL(test_GENERAL_NAME_set0_othername), TEST_DECL(test_othername_and_SID_ext), TEST_DECL(test_wolfSSL_dup_CA_list), /* OpenSSL sk_X509 API test */ TEST_DECL(test_sk_X509), /* OpenSSL sk_X509_CRL API test */ TEST_DECL(test_sk_X509_CRL), /* OpenSSL X509 REQ API test */ TEST_DECL(test_X509_REQ), /* OpenSSL compatibility outside SSL context w/ CRL lookup directory */ TEST_DECL(test_X509_STORE_No_SSL_CTX), TEST_DECL(test_X509_LOOKUP_add_dir), /* RAND compatibility API */ TEST_DECL(test_wolfSSL_RAND_set_rand_method), TEST_DECL(test_wolfSSL_RAND_bytes), TEST_DECL(test_wolfSSL_RAND), /* BN compatibility API */ TEST_DECL(test_wolfSSL_BN_CTX), TEST_DECL(test_wolfSSL_BN), TEST_DECL(test_wolfSSL_BN_init), TEST_DECL(test_wolfSSL_BN_enc_dec), TEST_DECL(test_wolfSSL_BN_word), TEST_DECL(test_wolfSSL_BN_bits), TEST_DECL(test_wolfSSL_BN_shift), TEST_DECL(test_wolfSSL_BN_math), TEST_DECL(test_wolfSSL_BN_math_mod), TEST_DECL(test_wolfSSL_BN_math_other), TEST_DECL(test_wolfSSL_BN_rand), TEST_DECL(test_wolfSSL_BN_prime), /* OpenSSL PKCS5 API test */ TEST_DECL(test_wolfSSL_PKCS5), /* OpenSSL PKCS8 API test */ TEST_DECL(test_wolfSSL_PKCS8_Compat), TEST_DECL(test_wolfSSL_PKCS8_d2i), /* OpenSSL PKCS7 API test */ TEST_DECL(test_wolfssl_PKCS7), TEST_DECL(test_wolfSSL_PKCS7_certs), TEST_DECL(test_wolfSSL_PKCS7_sign), TEST_DECL(test_wolfSSL_PKCS7_SIGNED_new), #ifndef NO_BIO TEST_DECL(test_wolfSSL_PEM_write_bio_PKCS7), #ifdef HAVE_SMIME TEST_DECL(test_wolfSSL_SMIME_read_PKCS7), TEST_DECL(test_wolfSSL_SMIME_write_PKCS7), #endif /* HAVE_SMIME */ #endif /* !NO_BIO */ /* OpenSSL PKCS12 API test */ TEST_DECL(test_wolfSSL_PKCS12), /* Can't memory test as callbacks use Assert. */ TEST_DECL(test_error_queue_per_thread), TEST_DECL(test_wolfSSL_ERR_put_error), TEST_DECL(test_wolfSSL_ERR_get_error_order), #ifndef NO_BIO TEST_DECL(test_wolfSSL_ERR_print_errors), #endif TEST_DECL(test_OBJ_NAME_do_all), TEST_DECL(test_wolfSSL_OBJ), TEST_DECL(test_wolfSSL_OBJ_cmp), TEST_DECL(test_wolfSSL_OBJ_txt2nid), TEST_DECL(test_wolfSSL_OBJ_txt2obj), #ifdef OPENSSL_ALL TEST_DECL(test_wolfSSL_OBJ_ln), TEST_DECL(test_wolfSSL_OBJ_sn), #endif #ifndef NO_BIO TEST_DECL(test_wolfSSL_BIO_gets), TEST_DECL(test_wolfSSL_BIO_puts), TEST_DECL(test_wolfSSL_BIO_dump), /* Can't memory test as server hangs. */ TEST_DECL(test_wolfSSL_BIO_should_retry), TEST_DECL(test_wolfSSL_BIO_write), TEST_DECL(test_wolfSSL_BIO_printf), TEST_DECL(test_wolfSSL_BIO_f_md), TEST_DECL(test_wolfSSL_BIO_up_ref), TEST_DECL(test_wolfSSL_BIO_reset), TEST_DECL(test_wolfSSL_BIO_get_len), #endif #if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) TEST_DECL(test_wolfSSL_check_domain), #endif TEST_DECL(test_wolfSSL_cert_cb), TEST_DECL(test_wolfSSL_cert_cb_dyn_ciphers), TEST_DECL(test_wolfSSL_ciphersuite_auth), TEST_DECL(test_wolfSSL_sigalg_info), /* Can't memory test as tcp_connect aborts. */ TEST_DECL(test_wolfSSL_SESSION), TEST_DECL(test_wolfSSL_SESSION_expire_downgrade), TEST_DECL(test_wolfSSL_CTX_sess_set_remove_cb), TEST_DECL(test_wolfSSL_ticket_keys), TEST_DECL(test_wolfSSL_sk_GENERAL_NAME), TEST_DECL(test_wolfSSL_GENERAL_NAME_print), TEST_DECL(test_wolfSSL_sk_DIST_POINT), TEST_DECL(test_wolfSSL_verify_mode), TEST_DECL(test_wolfSSL_verify_depth), TEST_DECL(test_wolfSSL_verify_result), TEST_DECL(test_wolfSSL_msg_callback), TEST_DECL(test_wolfSSL_OCSP_id_get0_info), TEST_DECL(test_wolfSSL_i2d_OCSP_CERTID), TEST_DECL(test_wolfSSL_d2i_OCSP_CERTID), TEST_DECL(test_wolfSSL_OCSP_id_cmp), TEST_DECL(test_wolfSSL_OCSP_SINGLERESP_get0_id), TEST_DECL(test_wolfSSL_OCSP_single_get0_status), TEST_DECL(test_wolfSSL_OCSP_resp_count), TEST_DECL(test_wolfSSL_OCSP_resp_get0), TEST_DECL(test_wolfSSL_PEM_read), TEST_DECL(test_wolfSSL_OpenSSL_version), TEST_DECL(test_wolfSSL_OpenSSL_add_all_algorithms), TEST_DECL(test_wolfSSL_OPENSSL_hexstr2buf), TEST_DECL(test_CONF_modules_xxx), #ifdef OPENSSL_ALL TEST_DECL(test_wolfSSL_TXT_DB), TEST_DECL(test_wolfSSL_NCONF), #endif TEST_DECL(test_wolfSSL_CRYPTO_memcmp), TEST_DECL(test_wolfSSL_CRYPTO_get_ex_new_index), TEST_DECL(test_wolfSSL_SESSION_get_ex_new_index), TEST_DECL(test_CRYPTO_set_dynlock_xxx), TEST_DECL(test_CRYPTO_THREADID_xxx), TEST_DECL(test_ENGINE_cleanup), /* test the no op functions for compatibility */ TEST_DECL(test_no_op_functions), /* OpenSSL error API tests */ TEST_DECL(test_ERR_load_crypto_strings), #ifdef OPENSSL_ALL TEST_DECL(test_wolfSSL_sk_CIPHER_description), TEST_DECL(test_wolfSSL_get_ciphers_compat), TEST_DECL(test_wolfSSL_CTX_ctrl), #endif /* OPENSSL_ALL */ #if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)) && !defined(NO_RSA) TEST_DECL(test_wolfSSL_CTX_use_certificate_ASN1), #endif /* (OPENSSL_ALL || WOLFSSL_ASIO) && !NO_RSA */ /********************************* * Crypto API tests *********************************/ TEST_DECL(test_wolfSSL_MD4), TEST_DECL(test_wolfSSL_MD5), TEST_DECL(test_wolfSSL_MD5_Transform), TEST_DECL(test_wolfSSL_SHA), TEST_DECL(test_wolfSSL_SHA_Transform), TEST_DECL(test_wolfSSL_SHA224), TEST_DECL(test_wolfSSL_SHA256), TEST_DECL(test_wolfSSL_SHA256_Transform), TEST_DECL(test_wolfSSL_SHA512_Transform), TEST_DECL(test_wolfSSL_SHA512_224_Transform), TEST_DECL(test_wolfSSL_SHA512_256_Transform), TEST_DECL(test_wolfSSL_HMAC_CTX), TEST_DECL(test_wolfSSL_HMAC), TEST_DECL(test_wolfSSL_CMAC), TEST_DECL(test_wolfSSL_DES), TEST_DECL(test_wolfSSL_DES_ncbc), TEST_DECL(test_wolfSSL_DES_ecb_encrypt), TEST_DECL(test_wolfSSL_DES_ede3_cbc_encrypt), TEST_DECL(test_wolfSSL_AES_encrypt), TEST_DECL(test_wolfSSL_AES_ecb_encrypt), TEST_DECL(test_wolfSSL_AES_cbc_encrypt), TEST_DECL(test_wolfSSL_AES_cfb128_encrypt), TEST_DECL(test_wolfSSL_CRYPTO_cts128), TEST_DECL(test_wolfSSL_RC4), TEST_DECL(test_wolfSSL_RSA), TEST_DECL(test_wolfSSL_RSA_DER), TEST_DECL(test_wolfSSL_RSA_print), TEST_DECL(test_wolfSSL_RSA_padding_add_PKCS1_PSS), TEST_DECL(test_wolfSSL_RSA_sign_sha3), TEST_DECL(test_wolfSSL_RSA_get0_key), TEST_DECL(test_wolfSSL_RSA_meth), TEST_DECL(test_wolfSSL_RSA_verify), TEST_DECL(test_wolfSSL_RSA_sign), TEST_DECL(test_wolfSSL_RSA_sign_ex), TEST_DECL(test_wolfSSL_RSA_public_decrypt), TEST_DECL(test_wolfSSL_RSA_private_encrypt), TEST_DECL(test_wolfSSL_RSA_public_encrypt), TEST_DECL(test_wolfSSL_RSA_private_decrypt), TEST_DECL(test_wolfSSL_RSA_GenAdd), TEST_DECL(test_wolfSSL_RSA_blinding_on), TEST_DECL(test_wolfSSL_RSA_ex_data), TEST_DECL(test_wolfSSL_RSA_LoadDer), TEST_DECL(test_wolfSSL_RSA_To_Der), TEST_DECL(test_wolfSSL_PEM_read_RSAPublicKey), TEST_DECL(test_wolfSSL_PEM_write_RSA_PUBKEY), TEST_DECL(test_wolfSSL_PEM_write_RSAPrivateKey), TEST_DECL(test_wolfSSL_PEM_write_mem_RSAPrivateKey), TEST_DECL(test_wolfSSL_DH), TEST_DECL(test_wolfSSL_DH_dup), TEST_DECL(test_wolfSSL_DH_check), TEST_DECL(test_wolfSSL_DH_prime), TEST_DECL(test_wolfSSL_DH_1536_prime), TEST_DECL(test_wolfSSL_DH_get_2048_256), TEST_DECL(test_wolfSSL_PEM_write_DHparams), TEST_DECL(test_wolfSSL_PEM_read_DHparams), TEST_DECL(test_wolfSSL_d2i_DHparams), TEST_DECL(test_wolfSSL_DH_LoadDer), TEST_DECL(test_wolfSSL_i2d_DHparams), #if defined(HAVE_ECC) && !defined(OPENSSL_NO_PK) TEST_DECL(test_wolfSSL_EC_GROUP), TEST_DECL(test_wolfSSL_PEM_read_bio_ECPKParameters), TEST_DECL(test_wolfSSL_EC_POINT), TEST_DECL(test_wolfSSL_SPAKE), TEST_DECL(test_wolfSSL_EC_KEY_generate), TEST_DECL(test_EC_i2d), TEST_DECL(test_wolfSSL_EC_curve), TEST_DECL(test_wolfSSL_EC_KEY_dup), TEST_DECL(test_wolfSSL_EC_KEY_set_group), TEST_DECL(test_wolfSSL_EC_KEY_set_conv_form), TEST_DECL(test_wolfSSL_EC_KEY_private_key), TEST_DECL(test_wolfSSL_EC_KEY_public_key), TEST_DECL(test_wolfSSL_EC_KEY_print_fp), TEST_DECL(test_wolfSSL_EC_get_builtin_curves), TEST_DECL(test_wolfSSL_ECDSA_SIG), TEST_DECL(test_ECDSA_size_sign), TEST_DECL(test_ECDH_compute_key), #endif #ifdef OPENSSL_EXTRA TEST_DECL(test_ED25519), TEST_DECL(test_ED448), #endif TEST_DECL(test_DSA_do_sign_verify), #ifdef OPENSSL_ALL TEST_DECL(test_wolfSSL_DSA_generate_parameters), TEST_DECL(test_wolfSSL_DSA_SIG), #endif TEST_DECL(test_openssl_generate_key_and_cert), TEST_DECL(test_wolfSSL_FIPS_mode), TEST_DECL(test_openssl_FIPS_drbg), /********************************* * CertManager API tests *********************************/ TEST_DECL(test_wolfSSL_CertManagerAPI), TEST_DECL(test_wolfSSL_CertManagerLoadCABuffer), TEST_DECL(test_wolfSSL_CertManagerLoadCABuffer_ex), TEST_DECL(test_wolfSSL_CertManagerGetCerts), TEST_DECL(test_wolfSSL_CertManagerSetVerify), TEST_DECL(test_wolfSSL_CertManagerNameConstraint), TEST_DECL(test_wolfSSL_CertManagerNameConstraint2), TEST_DECL(test_wolfSSL_CertManagerNameConstraint3), TEST_DECL(test_wolfSSL_CertManagerNameConstraint4), TEST_DECL(test_wolfSSL_CertManagerNameConstraint5), TEST_DECL(test_wolfSSL_CertManagerCRL), TEST_DECL(test_wolfSSL_CertManagerCheckOCSPResponse), TEST_DECL(test_wolfSSL_CheckOCSPResponse), #if !defined(NO_RSA) && !defined(NO_SHA) && !defined(NO_FILESYSTEM) && \ !defined(NO_CERTS) && (!defined(NO_WOLFSSL_CLIENT) || \ !defined(WOLFSSL_NO_CLIENT_AUTH)) TEST_DECL(test_various_pathlen_chains), #endif /********************************* * SSL/TLS API tests *********************************/ TEST_DECL(test_wolfSSL_Method_Allocators), #ifndef NO_WOLFSSL_SERVER TEST_DECL(test_wolfSSL_CTX_new), #endif TEST_DECL(test_server_wolfSSL_new), TEST_DECL(test_client_wolfSSL_new), #if (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \ (!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(NO_FILESYSTEM) TEST_DECL(test_for_double_Free), #endif TEST_DECL(test_wolfSSL_set_options), #ifdef WOLFSSL_TLS13 /* TLS v1.3 API tests */ TEST_DECL(test_tls13_apis), TEST_DECL(test_tls13_cipher_suites), #endif TEST_DECL(test_wolfSSL_tmp_dh), TEST_DECL(test_wolfSSL_ctrl), #if defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && \ (defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \ defined(HAVE_LIGHTY) || defined(WOLFSSL_HAPROXY) || \ defined(WOLFSSL_OPENSSH) || defined(HAVE_SBLIM_SFCB))) TEST_DECL(test_wolfSSL_set_SSL_CTX), #endif TEST_DECL(test_wolfSSL_CTX_get_min_proto_version), TEST_DECL(test_wolfSSL_security_level), TEST_DECL(test_wolfSSL_SSL_in_init), TEST_DECL(test_wolfSSL_CTX_set_timeout), TEST_DECL(test_wolfSSL_set_psk_use_session_callback), TEST_DECL(test_CONF_CTX_FILE), TEST_DECL(test_CONF_CTX_CMDLINE), #if !defined(NO_CERTS) && (!defined(NO_WOLFSSL_CLIENT) || \ !defined(WOLFSSL_NO_CLIENT_AUTH)) && !defined(NO_FILESYSTEM) /* Use the Cert Manager(CM) API to generate the error ASN_SIG_CONFIRM_E */ /* Bad certificate signature tests */ TEST_DECL(test_EccSigFailure_cm), TEST_DECL(test_RsaSigFailure_cm), #endif /* NO_CERTS */ /* PKCS8 testing */ TEST_DECL(test_wolfSSL_no_password_cb), TEST_DECL(test_wolfSSL_PKCS8), TEST_DECL(test_wolfSSL_PKCS8_ED25519), TEST_DECL(test_wolfSSL_PKCS8_ED448), #ifdef HAVE_IO_TESTS_DEPENDENCIES TEST_DECL(test_wolfSSL_get_finished), /* Uses Assert in handshake callback. */ TEST_DECL(test_wolfSSL_CTX_add_session), /* Large number of memory allocations. */ TEST_DECL(test_wolfSSL_CTX_add_session_ext_tls13), /* Large number of memory allocations. */ TEST_DECL(test_wolfSSL_CTX_add_session_ext_dtls13), /* Large number of memory allocations. */ TEST_DECL(test_wolfSSL_CTX_add_session_ext_tls12), /* Large number of memory allocations. */ TEST_DECL(test_wolfSSL_CTX_add_session_ext_dtls12), /* Large number of memory allocations. */ TEST_DECL(test_wolfSSL_CTX_add_session_ext_tls11), /* Large number of memory allocations. */ TEST_DECL(test_wolfSSL_CTX_add_session_ext_dtls1), #endif TEST_DECL(test_SSL_CIPHER_get_xxx), TEST_DECL(test_wolfSSL_ERR_strings), TEST_DECL(test_wolfSSL_CTX_set_cipher_list_bytes), TEST_DECL(test_wolfSSL_CTX_use_certificate_file), TEST_DECL(test_wolfSSL_CTX_use_certificate_buffer), TEST_DECL(test_wolfSSL_CTX_use_PrivateKey_file), TEST_DECL(test_wolfSSL_CTX_load_verify_locations), /* Large number of memory allocations. */ TEST_DECL(test_wolfSSL_CTX_load_system_CA_certs), TEST_DECL(test_wolfSSL_CertRsaPss), TEST_DECL(test_wolfSSL_CTX_load_verify_locations_ex), TEST_DECL(test_wolfSSL_CTX_load_verify_buffer_ex), TEST_DECL(test_wolfSSL_CTX_load_verify_chain_buffer_format), TEST_DECL(test_wolfSSL_CTX_add1_chain_cert), TEST_DECL(test_wolfSSL_CTX_use_certificate_chain_file_format), TEST_DECL(test_wolfSSL_CTX_trust_peer_cert), TEST_DECL(test_wolfSSL_CTX_LoadCRL), TEST_DECL(test_multiple_crls_same_issuer), TEST_DECL(test_wolfSSL_CTX_SetTmpDH_file), TEST_DECL(test_wolfSSL_CTX_SetTmpDH_buffer), TEST_DECL(test_wolfSSL_CTX_SetMinMaxDhKey_Sz), TEST_DECL(test_wolfSSL_CTX_der_load_verify_locations), TEST_DECL(test_wolfSSL_CTX_enable_disable), TEST_DECL(test_wolfSSL_CTX_ticket_API), TEST_DECL(test_wolfSSL_SetTmpDH_file), TEST_DECL(test_wolfSSL_SetTmpDH_buffer), TEST_DECL(test_wolfSSL_SetMinMaxDhKey_Sz), TEST_DECL(test_SetTmpEC_DHE_Sz), TEST_DECL(test_wolfSSL_CTX_get0_privatekey), #ifdef WOLFSSL_DTLS TEST_DECL(test_wolfSSL_DtlsUpdateWindow), TEST_DECL(test_wolfSSL_DTLS_fragment_buckets), #endif TEST_DECL(test_wolfSSL_dtls_set_mtu), /* Uses Assert in handshake callback. */ TEST_DECL(test_wolfSSL_dtls_plaintext), #if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \ defined(HAVE_IO_TESTS_DEPENDENCIES) TEST_DECL(test_wolfSSL_read_write), /* Can't memory test as server hangs if client fails before second connect. */ TEST_DECL(test_wolfSSL_reuse_WOLFSSLobj), TEST_DECL(test_wolfSSL_CTX_verifyDepth_ServerClient_1), TEST_DECL(test_wolfSSL_CTX_verifyDepth_ServerClient_2), TEST_DECL(test_wolfSSL_CTX_verifyDepth_ServerClient_3), TEST_DECL(test_wolfSSL_CTX_set_cipher_list), /* Can't memory test as server hangs. */ TEST_DECL(test_wolfSSL_dtls_export), /* Uses Assert in handshake callback. */ TEST_DECL(test_wolfSSL_tls_export), #endif TEST_DECL(test_wolfSSL_dtls_export_peers), TEST_DECL(test_wolfSSL_SetMinVersion), TEST_DECL(test_wolfSSL_CTX_SetMinVersion), /* wolfSSL handshake APIs. */ TEST_DECL(test_wolfSSL_CTX_get0_set1_param), TEST_DECL(test_wolfSSL_a2i_IPADDRESS), TEST_DECL(test_wolfSSL_BUF), TEST_DECL(test_wolfSSL_set_tlsext_status_type), /* Can't memory test as server hangs. */ TEST_DECL(test_wolfSSL_CTX_set_client_CA_list), TEST_DECL(test_wolfSSL_CTX_add_client_CA), TEST_DECL(test_wolfSSL_CTX_set_srp_username), TEST_DECL(test_wolfSSL_CTX_set_srp_password), TEST_DECL(test_wolfSSL_CTX_set_keylog_callback), TEST_DECL(test_wolfSSL_CTX_get_keylog_callback), TEST_DECL(test_wolfSSL_Tls12_Key_Logging_test), /* Can't memory test as server hangs. */ TEST_DECL(test_wolfSSL_Tls13_Key_Logging_test), TEST_DECL(test_wolfSSL_Tls13_postauth), TEST_DECL(test_wolfSSL_CTX_set_ecdh_auto), TEST_DECL(test_wolfSSL_set_minmax_proto_version), TEST_DECL(test_wolfSSL_CTX_set_max_proto_version), TEST_DECL(test_wolfSSL_THREADID_hash), /* TLS extensions tests */ #ifdef HAVE_IO_TESTS_DEPENDENCIES #ifdef HAVE_SNI TEST_DECL(test_wolfSSL_UseSNI_params), /* Uses Assert in handshake callback. */ TEST_DECL(test_wolfSSL_UseSNI_connection), TEST_DECL(test_wolfSSL_SNI_GetFromBuffer), #endif /* HAVE_SNI */ #endif TEST_DECL(test_wolfSSL_UseTrustedCA), TEST_DECL(test_wolfSSL_UseMaxFragment), TEST_DECL(test_wolfSSL_UseTruncatedHMAC), TEST_DECL(test_wolfSSL_UseSupportedCurve), #if defined(HAVE_ALPN) && defined(HAVE_IO_TESTS_DEPENDENCIES) /* Uses Assert in handshake callback. */ TEST_DECL(test_wolfSSL_UseALPN_connection), TEST_DECL(test_wolfSSL_UseALPN_params), #endif #ifdef HAVE_ALPN_PROTOS_SUPPORT /* Uses Assert in handshake callback. */ TEST_DECL(test_wolfSSL_set_alpn_protos), #endif TEST_DECL(test_wolfSSL_DisableExtendedMasterSecret), TEST_DECL(test_wolfSSL_wolfSSL_UseSecureRenegotiation), TEST_DECL(test_wolfSSL_SCR_Reconnect), TEST_DECL(test_tls_ext_duplicate), #if defined(WOLFSSL_TLS13) && defined(HAVE_ECH) && \ defined(HAVE_IO_TESTS_DEPENDENCIES) TEST_DECL(test_wolfSSL_Tls13_ECH_params), /* Uses Assert in handshake callback. */ TEST_DECL(test_wolfSSL_Tls13_ECH), #endif TEST_DECL(test_wolfSSL_X509_TLS_version_test_1), TEST_DECL(test_wolfSSL_X509_TLS_version_test_2), /* OCSP Stapling */ TEST_DECL(test_wolfSSL_UseOCSPStapling), TEST_DECL(test_wolfSSL_UseOCSPStaplingV2), TEST_DECL(test_self_signed_stapling), /* Multicast */ TEST_DECL(test_wolfSSL_mcast), TEST_DECL(test_wolfSSL_read_detect_TCP_disconnect), TEST_DECL(test_wolfSSL_msgCb), TEST_DECL(test_wolfSSL_either_side), TEST_DECL(test_wolfSSL_DTLS_either_side), /* Uses Assert in handshake callback. */ TEST_DECL(test_wolfSSL_dtls_fragments), /* Uses Assert in handshake callback. */ TEST_DECL(test_wolfSSL_dtls_AEAD_limit), /* Uses Assert in handshake callback. */ TEST_DECL(test_wolfSSL_ignore_alert_before_cookie), /* Uses Assert in handshake callback. */ TEST_DECL(test_wolfSSL_dtls_bad_record), /* Uses Assert in handshake callback. */ TEST_DECL(test_wolfSSL_dtls_stateless), TEST_DECL(test_generate_cookie), #ifndef NO_BIO /* Can't memory test as server hangs. */ TEST_DECL(test_wolfSSL_BIO_connect), /* Can't memory test as server Asserts in thread. */ TEST_DECL(test_wolfSSL_BIO_accept), TEST_DECL(test_wolfSSL_BIO_tls), #endif #if defined(HAVE_PK_CALLBACKS) && !defined(WOLFSSL_NO_TLS12) TEST_DECL(test_DhCallbacks), #endif #if defined(HAVE_KEYING_MATERIAL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) TEST_DECL(test_export_keying_material), #endif /* Can't memory test as client/server Asserts in thread. */ TEST_DECL(test_ticket_and_psk_mixing), /* Can't memory test as client/server Asserts in thread. */ TEST_DECL(test_prioritize_psk), /* Can't memory test as client/server hangs. */ TEST_DECL(test_wc_CryptoCb), /* Can't memory test as client/server hangs. */ TEST_DECL(test_wolfSSL_CTX_StaticMemory), #if !defined(NO_FILESYSTEM) && \ defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \ !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) #ifdef WOLFSSL_DTLS_NO_HVR_ON_RESUME TEST_DECL(test_wolfSSL_dtls_stateless_resume), #endif /* WOLFSSL_DTLS_NO_HVR_ON_RESUME */ #ifdef HAVE_MAX_FRAGMENT TEST_DECL(test_wolfSSL_dtls_stateless_maxfrag), #endif /* HAVE_MAX_FRAGMENT */ #ifndef NO_RSA TEST_DECL(test_wolfSSL_dtls_stateless2), #if !defined(NO_OLD_TLS) TEST_DECL(test_wolfSSL_dtls_stateless_downgrade), #endif /* !defined(NO_OLD_TLS) */ #endif /* ! NO_RSA */ #endif /* defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \ * !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) */ TEST_DECL(test_wolfSSL_CTX_set_ciphersuites), TEST_DECL(test_wolfSSL_CRL_CERT_REVOKED_alert), TEST_DECL(test_TLS_13_ticket_different_ciphers), TEST_DECL(test_WOLFSSL_dtls_version_alert), #if defined(WOLFSSL_TICKET_NONCE_MALLOC) && defined(HAVE_SESSION_TICKET) \ && defined(WOLFSSL_TLS13) && \ (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3))) TEST_DECL(test_ticket_nonce_malloc), #endif TEST_DECL(test_ticket_ret_create), TEST_DECL(test_extra_alerts_wrong_cs), TEST_DECL(test_extra_alerts_skip_hs), TEST_DECL(test_extra_alerts_bad_psk), TEST_DECL(test_tls13_bad_psk_binder), /* Can't memory test as client/server Asserts. */ TEST_DECL(test_harden_no_secure_renegotiation), TEST_DECL(test_override_alt_cert_chain), TEST_DECL(test_rpk_set_xxx_cert_type), TEST_DECL(test_tls13_rpk_handshake), TEST_DECL(test_dtls13_bad_epoch_ch), TEST_DECL(test_short_session_id), TEST_DECL(test_wolfSSL_dtls13_null_cipher), /* Can't memory test as client/server hangs. */ TEST_DECL(test_dtls_msg_from_other_peer), TEST_DECL(test_dtls_ipv6_check), TEST_DECL(test_wolfSSL_SCR_after_resumption), TEST_DECL(test_dtls_no_extensions), TEST_DECL(test_TLSX_CA_NAMES_bad_extension), TEST_DECL(test_dtls_1_0_hvr_downgrade), TEST_DECL(test_session_ticket_no_id), TEST_DECL(test_session_ticket_hs_update), TEST_DECL(test_dtls_downgrade_scr_server), TEST_DECL(test_dtls_downgrade_scr), TEST_DECL(test_dtls_client_hello_timeout_downgrade), TEST_DECL(test_dtls_client_hello_timeout), TEST_DECL(test_dtls_dropped_ccs), TEST_DECL(test_dtls_seq_num_downgrade), TEST_DECL(test_certreq_sighash_algos), TEST_DECL(test_revoked_loaded_int_cert), TEST_DECL(test_dtls_frag_ch), TEST_DECL(test_dtls13_frag_ch_pq), TEST_DECL(test_dtls_empty_keyshare_with_cookie), TEST_DECL(test_tls13_pq_groups), TEST_DECL(test_tls13_early_data), TEST_DECL(test_tls_multi_handshakes_one_record), TEST_DECL(test_write_dup), TEST_DECL(test_read_write_hs), TEST_DECL(test_get_signature_nid), TEST_DECL(test_tls_cert_store_unchanged), /* This test needs to stay at the end to clean up any caches allocated. */ TEST_DECL(test_wolfSSL_Cleanup) }; #define TEST_CASE_CNT (int)(sizeof(testCases) / sizeof(*testCases)) static void TestSetup(void) { /* Stub, for now. Add common test setup code here. */ } static void TestCleanup(void) { #if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) /* Clear any errors added to the error queue during the test run. */ wolfSSL_ERR_clear_error(); #endif /* OPENSSL_EXTRA || DEBUG_WOLFSSL_VERBOSE */ } /* Print out all API test cases with numeric identifier. */ void ApiTest_PrintTestCases(void) { int i; printf("All Test Cases:\n"); for (i = 0; i < TEST_CASE_CNT; i++) { printf("%3d: %s\n", i + 1, testCases[i].name); } } /* Add test case with index to the list to run. * * @param [in] idx Index of test case to run starting at 1. * @return 0 on success. * @return BAD_FUNC_ARG when index is out of range of test case identifiers. */ int ApiTest_RunIdx(int idx) { if (idx < 1 || idx > TEST_CASE_CNT) { printf("Index out of range (1 - %d): %d\n", TEST_CASE_CNT, idx); return BAD_FUNC_ARG; } testAll = 0; testCases[idx-1].run = 1; return 0; } /* Add test case with name to the list to run. * * @param [in] name Name of test case to run. * @return 0 on success. * @return BAD_FUNC_ARG when name is not a known test case name. */ int ApiTest_RunName(char* name) { int i; for (i = 0; i < TEST_CASE_CNT; i++) { if (XSTRCMP(testCases[i].name, name) == 0) { testAll = 0; testCases[i].run = 1; return 0; } } printf("Test case name not found: %s\n", name); printf("Use --list to see all test case names.\n"); return BAD_FUNC_ARG; } /* Converts the result code to a string. * * @param [in] res Test result code. * @return String describing test result. */ static const char* apitest_res_string(int res) { const char* str = "invalid result"; switch (res) { case TEST_SUCCESS: str = "passed"; break; case TEST_FAIL: str = "failed"; break; case TEST_SKIPPED: str = "skipped"; break; } return str; } #ifndef WOLFSSL_UNIT_TEST_NO_TIMING static double gettime_secs(void) #if defined(_MSC_VER) && defined(_WIN32) { /* there's no gettimeofday for Windows, so we'll use system time */ #define EPOCH_DIFF 11644473600LL FILETIME currentFileTime; GetSystemTimePreciseAsFileTime(¤tFileTime); ULARGE_INTEGER uli = { 0, 0 }; uli.LowPart = currentFileTime.dwLowDateTime; uli.HighPart = currentFileTime.dwHighDateTime; /* Convert to seconds since Unix epoch */ return (double)((uli.QuadPart - (EPOCH_DIFF * 10000000)) / 10000000.0); } #else { struct timeval tv; LIBCALL_CHECK_RET(gettimeofday(&tv, 0)); return (double)tv.tv_sec + (double)tv.tv_usec / 1000000.0; } #endif #endif int ApiTest(void) { int i; int ret; int res = 0; #ifndef WOLFSSL_UNIT_TEST_NO_TIMING double timeDiff; #endif printf(" Begin API Tests\n"); fflush(stdout); /* we must perform init and cleanup if not all tests are running */ if (!testAll) { #ifdef WOLFCRYPT_ONLY if (wolfCrypt_Init() != 0) { printf("wolfCrypt Initialization failed\n"); res = 1; } #else if (wolfSSL_Init() != WOLFSSL_SUCCESS) { printf("wolfSSL Initialization failed\n"); res = 1; } #endif } #ifdef WOLFSSL_DUMP_MEMIO_STREAM if (res == 0) { if (create_tmp_dir(tmpDirName, sizeof(tmpDirName) - 1) == NULL) { printf("failed to create tmp dir\n"); res = 1; } else { tmpDirNameSet = 1; } } #endif if (res == 0) { for (i = 0; i < TEST_CASE_CNT; ++i) { EXPECT_DECLS; #ifdef WOLFSSL_DUMP_MEMIO_STREAM currentTestName = testCases[i].name; #endif /* When not testing all cases then skip if not marked for running. */ if (!testAll && !testCases[i].run) { continue; } TestSetup(); printf(" %3d: %-52s:", i + 1, testCases[i].name); fflush(stdout); #ifndef WOLFSSL_UNIT_TEST_NO_TIMING timeDiff = gettime_secs(); #endif ret = testCases[i].func(); #ifndef WOLFSSL_UNIT_TEST_NO_TIMING timeDiff = gettime_secs() - timeDiff; #endif #ifndef WOLFSSL_UNIT_TEST_NO_TIMING if (ret != TEST_SKIPPED) { printf(" %s (%9.5lf)\n", apitest_res_string(ret), timeDiff); } else #endif { printf(" %s\n", apitest_res_string(ret)); } fflush(stdout); /* if return code is < 0 and not skipped then assert error */ Expect((ret > 0 || ret == TEST_SKIPPED), ("Test failed\n"), ("ret %d", ret)); testCases[i].fail = ((ret <= 0) && (ret != TEST_SKIPPED)); res |= ((ret <= 0) && (ret != TEST_SKIPPED)); TestCleanup(); } } #if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS) \ && (defined(NO_MAIN_DRIVER) || defined(HAVE_STACK_SIZE)) wc_ecc_fp_free(); /* free per thread cache */ #endif if (!testAll) { #ifdef WOLFCRYPT_ONLY wolfCrypt_Cleanup(); #else wolfSSL_Cleanup(); #endif } (void)testDevId; if (res != 0) { printf("\nFAILURES:\n"); for (i = 0; i < TEST_CASE_CNT; ++i) { if (testCases[i].fail) { printf(" %3d: %s\n", i + 1, testCases[i].name); } } printf("\n"); fflush(stdout); } #ifdef WOLFSSL_DUMP_MEMIO_STREAM if (tmpDirNameSet) { printf("\nBinary dumps of the memio streams can be found in the\n" "%s directory. This can be imported into\n" "Wireshark by transforming the file with\n" "\tod -Ax -tx1 -v stream.dump > stream.dump.hex\n" "And then loading test_output.dump.hex into Wireshark using\n" "the \"Import from Hex Dump...\" option and selecting the\n" "TCP encapsulation option.\n", tmpDirName); } #endif printf(" End API Tests\n"); fflush(stdout); return res; }