1 /* $NetBSD: t_sha512trunc.c,v 1.2 2024/03/15 18:10:37 riastradh Exp $ */
2
3 /*-
4 * Copyright (c) 2024 The NetBSD Foundation, Inc.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
17 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
18 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
19 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
20 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
21 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
22 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
24 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
25 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
26 * POSSIBILITY OF SUCH DAMAGE.
27 */
28
29 #include <sys/cdefs.h>
30 __RCSID("$NetBSD: t_sha512trunc.c,v 1.2 2024/03/15 18:10:37 riastradh Exp $");
31
32 #include <stddef.h>
33
34 #include <atf-c.h>
35
36 #include <openssl/evp.h>
37
38 #include "h_macros.h"
39
40 struct testcase {
41 const unsigned char in[128];
42 size_t inlen;
43 const unsigned char out[32];
44 };
45
46 static void
check(const struct testcase * C,size_t n,size_t digestlen,const EVP_MD * md)47 check(const struct testcase *C, size_t n, size_t digestlen, const EVP_MD *md)
48 {
49 enum { C0 = 0xc0, C1 = 0xc1 };
50 unsigned char *buf, *digest, *p0, *p1;
51 size_t i;
52
53 ATF_REQUIRE_MSG(digestlen <= INT_MAX, "digestlen=%zu", digestlen);
54 ATF_REQUIRE_EQ_MSG((int)digestlen, EVP_MD_size(md),
55 "expected %d, got %d", (int)digestlen, EVP_MD_size(md));
56
57 ATF_REQUIRE_MSG(digestlen < SIZE_MAX - 2048,
58 "digestlen=%zu", digestlen);
59 REQUIRE_LIBC(buf = malloc(digestlen + 2048), NULL);
60 p0 = buf;
61 digest = buf + 1;
62 p1 = buf + 1 + digestlen;
63
64 for (i = 0; i < n; i++) {
65 EVP_MD_CTX *ctx;
66 unsigned digestlen1;
67
68 *p0 = C0;
69 *p1 = C1;
70
71 #define REQUIRE(x) ATF_REQUIRE_MSG((x), "i=%zu", i)
72 REQUIRE(ctx = EVP_MD_CTX_new());
73 REQUIRE(EVP_DigestInit_ex(ctx, md, NULL));
74 REQUIRE(EVP_DigestUpdate(ctx, C->in, C->inlen));
75 REQUIRE(EVP_DigestFinal_ex(ctx, digest, &digestlen1));
76 #undef REQUIRE
77 ATF_CHECK_MSG(digestlen == digestlen1,
78 "i=%zu: expected %zu got %u", i, digestlen, digestlen1);
79 EVP_MD_CTX_free(ctx);
80
81 ATF_CHECK_MSG(memcmp(digest, C->out, digestlen) == 0,
82 "i=%zu", i);
83
84 ATF_CHECK_EQ_MSG(*p0, C0, "expected 0x%x got 0x%hhx", C0, *p0);
85 ATF_CHECK_EQ_MSG(*p1, C1, "expected 0x%x got 0x%hhx", C1, *p1);
86 }
87 }
88
89 /*
90 * Test vectors from:
91 *
92 * https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Secure-Hashing#Testing
93 */
94
95 ATF_TC(sha512_224);
ATF_TC_HEAD(sha512_224,tc)96 ATF_TC_HEAD(sha512_224, tc)
97 {
98 atf_tc_set_md_var(tc, "descr", "Test SHA512-224");
99 }
ATF_TC_BODY(sha512_224,tc)100 ATF_TC_BODY(sha512_224, tc)
101 {
102 static const struct testcase C[] = {
103 [0] = {
104 .inlen = 0,
105 .out = {
106 0x6e,0xd0,0xdd,0x02, 0x80,0x6f,0xa8,0x9e,
107 0x25,0xde,0x06,0x0c, 0x19,0xd3,0xac,0x86,
108 0xca,0xbb,0x87,0xd6, 0xa0,0xdd,0xd0,0x5c,
109 0x33,0x3b,0x84,0xf4,
110 },
111 },
112 [1] = {
113 .inlen = 1,
114 .in = {
115 0xcf,
116 },
117 .out = {
118 0x41,0x99,0x23,0x9e, 0x87,0xd4,0x7b,0x6f,
119 0xed,0xa0,0x16,0x80, 0x2b,0xf3,0x67,0xfb,
120 0x6e,0x8b,0x56,0x55, 0xef,0xf6,0x22,0x5c,
121 0xb2,0x66,0x8f,0x4a,
122 },
123 },
124 };
125
126 check(C, __arraycount(C), 28, EVP_sha512_224());
127 }
128
129 ATF_TC(sha512_256);
ATF_TC_HEAD(sha512_256,tc)130 ATF_TC_HEAD(sha512_256, tc)
131 {
132 atf_tc_set_md_var(tc, "descr", "Test SHA512-256");
133 }
ATF_TC_BODY(sha512_256,tc)134 ATF_TC_BODY(sha512_256, tc)
135 {
136 static const struct testcase C[] = {
137 [0] = {
138 .inlen = 0,
139 .out = {
140 0xc6,0x72,0xb8,0xd1, 0xef,0x56,0xed,0x28,
141 0xab,0x87,0xc3,0x62, 0x2c,0x51,0x14,0x06,
142 0x9b,0xdd,0x3a,0xd7, 0xb8,0xf9,0x73,0x74,
143 0x98,0xd0,0xc0,0x1e, 0xce,0xf0,0x96,0x7a,
144 },
145 },
146 [1] = {
147 .inlen = 1,
148 .in = {
149 0xfa,
150 },
151 .out = {
152 0xc4,0xef,0x36,0x92, 0x3c,0x64,0xe5,0x1e,
153 0x87,0x57,0x20,0xe5, 0x50,0x29,0x8a,0x5a,
154 0xb8,0xa3,0xf2,0xf8, 0x75,0xb1,0xe1,0xa4,
155 0xc9,0xb9,0x5b,0xab, 0xf7,0x34,0x4f,0xef,
156 },
157 },
158 };
159
160 check(C, __arraycount(C), 32, EVP_sha512_256());
161 }
162
ATF_TP_ADD_TCS(tp)163 ATF_TP_ADD_TCS(tp)
164 {
165
166 ATF_TP_ADD_TC(tp, sha512_224);
167 ATF_TP_ADD_TC(tp, sha512_256);
168
169 return atf_no_error();
170 }
171