1 /* 2 * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <stdio.h> 11 #include <string.h> 12 #include <stdlib.h> 13 #include <ctype.h> 14 #include <openssl/evp.h> 15 #include <openssl/pem.h> 16 #include <openssl/err.h> 17 #include <openssl/x509v3.h> 18 #include <openssl/pkcs12.h> 19 #include <openssl/kdf.h> 20 #include "internal/numbers.h" 21 22 /* Remove spaces from beginning and end of a string */ 23 24 static void remove_space(char **pval) 25 { 26 unsigned char *p = (unsigned char *)*pval; 27 28 while (isspace(*p)) 29 p++; 30 31 *pval = (char *)p; 32 33 p = p + strlen(*pval) - 1; 34 35 /* Remove trailing space */ 36 while (isspace(*p)) 37 *p-- = 0; 38 } 39 40 /* 41 * Given a line of the form: 42 * name = value # comment 43 * extract name and value. NB: modifies passed buffer. 44 */ 45 46 static int parse_line(char **pkw, char **pval, char *linebuf) 47 { 48 char *p; 49 50 p = linebuf + strlen(linebuf) - 1; 51 52 if (*p != '\n') { 53 fprintf(stderr, "FATAL: missing EOL\n"); 54 exit(1); 55 } 56 57 /* Look for # */ 58 59 p = strchr(linebuf, '#'); 60 61 if (p) 62 *p = '\0'; 63 64 /* Look for = sign */ 65 p = strchr(linebuf, '='); 66 67 /* If no '=' exit */ 68 if (!p) 69 return 0; 70 71 *p++ = '\0'; 72 73 *pkw = linebuf; 74 *pval = p; 75 76 /* Remove spaces from keyword and value */ 77 remove_space(pkw); 78 remove_space(pval); 79 80 return 1; 81 } 82 83 /* 84 * Unescape some escape sequences in string literals. 85 * Return the result in a newly allocated buffer. 86 * Currently only supports '\n'. 87 * If the input length is 0, returns a valid 1-byte buffer, but sets 88 * the length to 0. 89 */ 90 static unsigned char* unescape(const char *input, size_t input_len, 91 size_t *out_len) 92 { 93 unsigned char *ret, *p; 94 size_t i; 95 if (input_len == 0) { 96 *out_len = 0; 97 return OPENSSL_zalloc(1); 98 } 99 100 /* Escaping is non-expanding; over-allocate original size for simplicity. */ 101 ret = p = OPENSSL_malloc(input_len); 102 if (ret == NULL) 103 return NULL; 104 105 for (i = 0; i < input_len; i++) { 106 if (input[i] == '\\') { 107 if (i == input_len - 1 || input[i+1] != 'n') 108 goto err; 109 *p++ = '\n'; 110 i++; 111 } else { 112 *p++ = input[i]; 113 } 114 } 115 116 *out_len = p - ret; 117 return ret; 118 119 err: 120 OPENSSL_free(ret); 121 return NULL; 122 } 123 124 /* For a hex string "value" convert to a binary allocated buffer */ 125 static int test_bin(const char *value, unsigned char **buf, size_t *buflen) 126 { 127 long len; 128 129 *buflen = 0; 130 131 /* Check for empty value */ 132 if (!*value) { 133 /* 134 * Don't return NULL for zero length buffer. 135 * This is needed for some tests with empty keys: HMAC_Init_ex() expects 136 * a non-NULL key buffer even if the key length is 0, in order to detect 137 * key reset. 138 */ 139 *buf = OPENSSL_malloc(1); 140 if (!*buf) 141 return 0; 142 **buf = 0; 143 *buflen = 0; 144 return 1; 145 } 146 147 /* Check for NULL literal */ 148 if (strcmp(value, "NULL") == 0) { 149 *buf = NULL; 150 *buflen = 0; 151 return 1; 152 } 153 154 /* Check for string literal */ 155 if (value[0] == '"') { 156 size_t vlen; 157 value++; 158 vlen = strlen(value); 159 if (value[vlen - 1] != '"') 160 return 0; 161 vlen--; 162 *buf = unescape(value, vlen, buflen); 163 if (*buf == NULL) 164 return 0; 165 return 1; 166 } 167 168 /* Otherwise assume as hex literal and convert it to binary buffer */ 169 *buf = OPENSSL_hexstr2buf(value, &len); 170 if (!*buf) { 171 fprintf(stderr, "Value=%s\n", value); 172 ERR_print_errors_fp(stderr); 173 return -1; 174 } 175 /* Size of input buffer means we'll never overflow */ 176 *buflen = len; 177 return 1; 178 } 179 #ifndef OPENSSL_NO_SCRYPT 180 /* Currently only used by scrypt tests */ 181 /* Parse unsigned decimal 64 bit integer value */ 182 static int test_uint64(const char *value, uint64_t *pr) 183 { 184 const char *p = value; 185 if (!*p) { 186 fprintf(stderr, "Invalid empty integer value\n"); 187 return -1; 188 } 189 *pr = 0; 190 while (*p) { 191 if (*pr > UINT64_MAX/10) { 192 fprintf(stderr, "Integer string overflow value=%s\n", value); 193 return -1; 194 } 195 *pr *= 10; 196 if (*p < '0' || *p > '9') { 197 fprintf(stderr, "Invalid integer string value=%s\n", value); 198 return -1; 199 } 200 *pr += *p - '0'; 201 p++; 202 } 203 return 1; 204 } 205 #endif 206 207 /* Structure holding test information */ 208 struct evp_test { 209 /* file being read */ 210 BIO *in; 211 /* temp memory BIO for reading in keys */ 212 BIO *key; 213 /* List of public and private keys */ 214 struct key_list *private; 215 struct key_list *public; 216 /* method for this test */ 217 const struct evp_test_method *meth; 218 /* current line being processed */ 219 unsigned int line; 220 /* start line of current test */ 221 unsigned int start_line; 222 /* Error string for test */ 223 const char *err, *aux_err; 224 /* Expected error value of test */ 225 char *expected_err; 226 /* Expected error function string */ 227 char *func; 228 /* Expected error reason string */ 229 char *reason; 230 /* Number of tests */ 231 int ntests; 232 /* Error count */ 233 int errors; 234 /* Number of tests skipped */ 235 int nskip; 236 /* If output mismatch expected and got value */ 237 unsigned char *out_received; 238 size_t out_received_len; 239 unsigned char *out_expected; 240 size_t out_expected_len; 241 /* test specific data */ 242 void *data; 243 /* Current test should be skipped */ 244 int skip; 245 }; 246 247 struct key_list { 248 char *name; 249 EVP_PKEY *key; 250 struct key_list *next; 251 }; 252 253 /* Test method structure */ 254 struct evp_test_method { 255 /* Name of test as it appears in file */ 256 const char *name; 257 /* Initialise test for "alg" */ 258 int (*init) (struct evp_test * t, const char *alg); 259 /* Clean up method */ 260 void (*cleanup) (struct evp_test * t); 261 /* Test specific name value pair processing */ 262 int (*parse) (struct evp_test * t, const char *name, const char *value); 263 /* Run the test itself */ 264 int (*run_test) (struct evp_test * t); 265 }; 266 267 static const struct evp_test_method digest_test_method, cipher_test_method; 268 static const struct evp_test_method mac_test_method; 269 static const struct evp_test_method psign_test_method, pverify_test_method; 270 static const struct evp_test_method pdecrypt_test_method; 271 static const struct evp_test_method pverify_recover_test_method; 272 static const struct evp_test_method pderive_test_method; 273 static const struct evp_test_method pbe_test_method; 274 static const struct evp_test_method encode_test_method; 275 static const struct evp_test_method kdf_test_method; 276 static const struct evp_test_method keypair_test_method; 277 278 static const struct evp_test_method *evp_test_list[] = { 279 &digest_test_method, 280 &cipher_test_method, 281 &mac_test_method, 282 &psign_test_method, 283 &pverify_test_method, 284 &pdecrypt_test_method, 285 &pverify_recover_test_method, 286 &pderive_test_method, 287 &pbe_test_method, 288 &encode_test_method, 289 &kdf_test_method, 290 &keypair_test_method, 291 NULL 292 }; 293 294 static const struct evp_test_method *evp_find_test(const char *name) 295 { 296 const struct evp_test_method **tt; 297 298 for (tt = evp_test_list; *tt; tt++) { 299 if (strcmp(name, (*tt)->name) == 0) 300 return *tt; 301 } 302 return NULL; 303 } 304 305 static void hex_print(const char *name, const unsigned char *buf, size_t len) 306 { 307 size_t i; 308 fprintf(stderr, "%s ", name); 309 for (i = 0; i < len; i++) 310 fprintf(stderr, "%02X", buf[i]); 311 fputs("\n", stderr); 312 } 313 314 static void free_expected(struct evp_test *t) 315 { 316 OPENSSL_free(t->expected_err); 317 t->expected_err = NULL; 318 OPENSSL_free(t->func); 319 t->func = NULL; 320 OPENSSL_free(t->reason); 321 t->reason = NULL; 322 OPENSSL_free(t->out_expected); 323 OPENSSL_free(t->out_received); 324 t->out_expected = NULL; 325 t->out_received = NULL; 326 t->out_expected_len = 0; 327 t->out_received_len = 0; 328 /* Literals. */ 329 t->err = NULL; 330 } 331 332 static void print_expected(struct evp_test *t) 333 { 334 if (t->out_expected == NULL && t->out_received == NULL) 335 return; 336 hex_print("Expected:", t->out_expected, t->out_expected_len); 337 hex_print("Got: ", t->out_received, t->out_received_len); 338 free_expected(t); 339 } 340 341 static int check_test_error(struct evp_test *t) 342 { 343 unsigned long err; 344 const char *func; 345 const char *reason; 346 if (!t->err && !t->expected_err) 347 return 1; 348 if (t->err && !t->expected_err) { 349 if (t->aux_err != NULL) { 350 fprintf(stderr, "Test line %d(%s): unexpected error %s\n", 351 t->start_line, t->aux_err, t->err); 352 } else { 353 fprintf(stderr, "Test line %d: unexpected error %s\n", 354 t->start_line, t->err); 355 } 356 print_expected(t); 357 return 0; 358 } 359 if (!t->err && t->expected_err) { 360 fprintf(stderr, "Test line %d: succeeded expecting %s\n", 361 t->start_line, t->expected_err); 362 return 0; 363 } 364 365 if (strcmp(t->err, t->expected_err) != 0) { 366 fprintf(stderr, "Test line %d: expecting %s got %s\n", 367 t->start_line, t->expected_err, t->err); 368 return 0; 369 } 370 371 if (t->func == NULL && t->reason == NULL) 372 return 1; 373 374 if (t->func == NULL || t->reason == NULL) { 375 fprintf(stderr, "Test line %d: missing function or reason code\n", 376 t->start_line); 377 return 0; 378 } 379 380 err = ERR_peek_error(); 381 if (err == 0) { 382 fprintf(stderr, "Test line %d, expected error \"%s:%s\" not set\n", 383 t->start_line, t->func, t->reason); 384 return 0; 385 } 386 387 func = ERR_func_error_string(err); 388 reason = ERR_reason_error_string(err); 389 390 if (func == NULL && reason == NULL) { 391 fprintf(stderr, "Test line %d: expected error \"%s:%s\", no strings available. Skipping...\n", 392 t->start_line, t->func, t->reason); 393 return 1; 394 } 395 396 if (strcmp(func, t->func) == 0 && strcmp(reason, t->reason) == 0) 397 return 1; 398 399 fprintf(stderr, "Test line %d: expected error \"%s:%s\", got \"%s:%s\"\n", 400 t->start_line, t->func, t->reason, func, reason); 401 402 return 0; 403 } 404 405 /* Setup a new test, run any existing test */ 406 407 static int setup_test(struct evp_test *t, const struct evp_test_method *tmeth) 408 { 409 /* If we already have a test set up run it */ 410 if (t->meth) { 411 t->ntests++; 412 if (t->skip) { 413 t->nskip++; 414 } else { 415 /* run the test */ 416 if (t->err == NULL && t->meth->run_test(t) != 1) { 417 fprintf(stderr, "%s test error line %d\n", 418 t->meth->name, t->start_line); 419 return 0; 420 } 421 if (!check_test_error(t)) { 422 if (t->err) 423 ERR_print_errors_fp(stderr); 424 t->errors++; 425 } 426 } 427 /* clean it up */ 428 ERR_clear_error(); 429 if (t->data != NULL) { 430 t->meth->cleanup(t); 431 OPENSSL_free(t->data); 432 t->data = NULL; 433 } 434 OPENSSL_free(t->expected_err); 435 t->expected_err = NULL; 436 free_expected(t); 437 } 438 t->meth = tmeth; 439 return 1; 440 } 441 442 static int find_key(EVP_PKEY **ppk, const char *name, struct key_list *lst) 443 { 444 for (; lst; lst = lst->next) { 445 if (strcmp(lst->name, name) == 0) { 446 if (ppk) 447 *ppk = lst->key; 448 return 1; 449 } 450 } 451 return 0; 452 } 453 454 static void free_key_list(struct key_list *lst) 455 { 456 while (lst != NULL) { 457 struct key_list *ltmp; 458 EVP_PKEY_free(lst->key); 459 OPENSSL_free(lst->name); 460 ltmp = lst->next; 461 OPENSSL_free(lst); 462 lst = ltmp; 463 } 464 } 465 466 static int check_unsupported(void) 467 { 468 long err = ERR_peek_error(); 469 if (ERR_GET_LIB(err) == ERR_LIB_EVP 470 && ERR_GET_REASON(err) == EVP_R_UNSUPPORTED_ALGORITHM) { 471 ERR_clear_error(); 472 return 1; 473 } 474 #ifndef OPENSSL_NO_EC 475 /* 476 * If EC support is enabled we should catch also EC_R_UNKNOWN_GROUP as an 477 * hint to an unsupported algorithm/curve (e.g. if binary EC support is 478 * disabled). 479 */ 480 if (ERR_GET_LIB(err) == ERR_LIB_EC 481 && ERR_GET_REASON(err) == EC_R_UNKNOWN_GROUP) { 482 ERR_clear_error(); 483 return 1; 484 } 485 #endif /* OPENSSL_NO_EC */ 486 return 0; 487 } 488 489 490 static int read_key(struct evp_test *t) 491 { 492 char tmpbuf[80]; 493 if (t->key == NULL) 494 t->key = BIO_new(BIO_s_mem()); 495 else if (BIO_reset(t->key) <= 0) 496 return 0; 497 if (t->key == NULL) { 498 fprintf(stderr, "Error allocating key memory BIO\n"); 499 return 0; 500 } 501 /* Read to PEM end line and place content in memory BIO */ 502 while (BIO_gets(t->in, tmpbuf, sizeof(tmpbuf))) { 503 t->line++; 504 if (BIO_puts(t->key, tmpbuf) <= 0) { 505 fprintf(stderr, "Error writing to key memory BIO\n"); 506 return 0; 507 } 508 if (strncmp(tmpbuf, "-----END", 8) == 0) 509 return 1; 510 } 511 fprintf(stderr, "Can't find key end\n"); 512 return 0; 513 } 514 515 static int process_test(struct evp_test *t, char *buf, int verbose) 516 { 517 char *keyword = NULL, *value = NULL; 518 int rv = 0, add_key = 0; 519 struct key_list **lst = NULL, *key = NULL; 520 EVP_PKEY *pk = NULL; 521 const struct evp_test_method *tmeth = NULL; 522 if (verbose) 523 fputs(buf, stdout); 524 if (!parse_line(&keyword, &value, buf)) 525 return 1; 526 if (strcmp(keyword, "PrivateKey") == 0) { 527 if (!read_key(t)) 528 return 0; 529 pk = PEM_read_bio_PrivateKey(t->key, NULL, 0, NULL); 530 if (pk == NULL && !check_unsupported()) { 531 fprintf(stderr, "Error reading private key %s\n", value); 532 ERR_print_errors_fp(stderr); 533 return 0; 534 } 535 lst = &t->private; 536 add_key = 1; 537 } 538 if (strcmp(keyword, "PublicKey") == 0) { 539 if (!read_key(t)) 540 return 0; 541 pk = PEM_read_bio_PUBKEY(t->key, NULL, 0, NULL); 542 if (pk == NULL && !check_unsupported()) { 543 fprintf(stderr, "Error reading public key %s\n", value); 544 ERR_print_errors_fp(stderr); 545 return 0; 546 } 547 lst = &t->public; 548 add_key = 1; 549 } 550 /* If we have a key add to list */ 551 if (add_key) { 552 if (find_key(NULL, value, *lst)) { 553 fprintf(stderr, "Duplicate key %s\n", value); 554 return 0; 555 } 556 key = OPENSSL_malloc(sizeof(*key)); 557 if (!key) 558 return 0; 559 key->name = OPENSSL_strdup(value); 560 key->key = pk; 561 key->next = *lst; 562 *lst = key; 563 return 1; 564 } 565 566 /* See if keyword corresponds to a test start */ 567 tmeth = evp_find_test(keyword); 568 if (tmeth) { 569 if (!setup_test(t, tmeth)) 570 return 0; 571 t->start_line = t->line; 572 t->skip = 0; 573 if (!tmeth->init(t, value)) { 574 fprintf(stderr, "Unknown %s: %s\n", keyword, value); 575 return 0; 576 } 577 return 1; 578 } else if (t->skip) { 579 return 1; 580 } else if (strcmp(keyword, "Result") == 0) { 581 if (t->expected_err) { 582 fprintf(stderr, "Line %d: multiple result lines\n", t->line); 583 return 0; 584 } 585 t->expected_err = OPENSSL_strdup(value); 586 if (t->expected_err == NULL) 587 return 0; 588 } else if (strcmp(keyword, "Function") == 0) { 589 if (t->func != NULL) { 590 fprintf(stderr, "Line %d: multiple function lines\n", t->line); 591 return 0; 592 } 593 t->func = OPENSSL_strdup(value); 594 if (t->func == NULL) 595 return 0; 596 } else if (strcmp(keyword, "Reason") == 0) { 597 if (t->reason != NULL) { 598 fprintf(stderr, "Line %d: multiple reason lines\n", t->line); 599 return 0; 600 } 601 t->reason = OPENSSL_strdup(value); 602 if (t->reason == NULL) 603 return 0; 604 } else { 605 /* Must be test specific line: try to parse it */ 606 if (t->meth) 607 rv = t->meth->parse(t, keyword, value); 608 609 if (rv == 0) 610 fprintf(stderr, "line %d: unexpected keyword %s\n", 611 t->line, keyword); 612 613 if (rv < 0) 614 fprintf(stderr, "line %d: error processing keyword %s\n", 615 t->line, keyword); 616 if (rv <= 0) 617 return 0; 618 } 619 return 1; 620 } 621 622 static int check_var_length_output(struct evp_test *t, 623 const unsigned char *expected, 624 size_t expected_len, 625 const unsigned char *received, 626 size_t received_len) 627 { 628 if (expected_len == received_len && 629 memcmp(expected, received, expected_len) == 0) { 630 return 0; 631 } 632 633 /* The result printing code expects a non-NULL buffer. */ 634 t->out_expected = OPENSSL_memdup(expected, expected_len ? expected_len : 1); 635 t->out_expected_len = expected_len; 636 t->out_received = OPENSSL_memdup(received, received_len ? received_len : 1); 637 t->out_received_len = received_len; 638 if (t->out_expected == NULL || t->out_received == NULL) { 639 fprintf(stderr, "Memory allocation error!\n"); 640 exit(1); 641 } 642 return 1; 643 } 644 645 static int check_output(struct evp_test *t, 646 const unsigned char *expected, 647 const unsigned char *received, 648 size_t len) 649 { 650 return check_var_length_output(t, expected, len, received, len); 651 } 652 653 int main(int argc, char **argv) 654 { 655 BIO *in = NULL; 656 char buf[10240]; 657 struct evp_test t; 658 659 if (argc != 2) { 660 fprintf(stderr, "usage: evp_test testfile.txt\n"); 661 return 1; 662 } 663 664 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); 665 666 memset(&t, 0, sizeof(t)); 667 t.start_line = -1; 668 in = BIO_new_file(argv[1], "rb"); 669 if (in == NULL) { 670 fprintf(stderr, "Can't open %s for reading\n", argv[1]); 671 return 1; 672 } 673 t.in = in; 674 t.err = NULL; 675 while (BIO_gets(in, buf, sizeof(buf))) { 676 t.line++; 677 if (!process_test(&t, buf, 0)) 678 exit(1); 679 } 680 /* Run any final test we have */ 681 if (!setup_test(&t, NULL)) 682 exit(1); 683 fprintf(stderr, "%d tests completed with %d errors, %d skipped\n", 684 t.ntests, t.errors, t.nskip); 685 free_key_list(t.public); 686 free_key_list(t.private); 687 BIO_free(t.key); 688 BIO_free(in); 689 690 #ifndef OPENSSL_NO_CRYPTO_MDEBUG 691 if (CRYPTO_mem_leaks_fp(stderr) <= 0) 692 return 1; 693 #endif 694 if (t.errors) 695 return 1; 696 return 0; 697 } 698 699 static void test_free(void *d) 700 { 701 OPENSSL_free(d); 702 } 703 704 /* Message digest tests */ 705 706 struct digest_data { 707 /* Digest this test is for */ 708 const EVP_MD *digest; 709 /* Input to digest */ 710 unsigned char *input; 711 size_t input_len; 712 /* Repeat count for input */ 713 size_t nrpt; 714 /* Expected output */ 715 unsigned char *output; 716 size_t output_len; 717 }; 718 719 static int digest_test_init(struct evp_test *t, const char *alg) 720 { 721 const EVP_MD *digest; 722 struct digest_data *mdat; 723 digest = EVP_get_digestbyname(alg); 724 if (!digest) { 725 /* If alg has an OID assume disabled algorithm */ 726 if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) { 727 t->skip = 1; 728 return 1; 729 } 730 return 0; 731 } 732 mdat = OPENSSL_malloc(sizeof(*mdat)); 733 mdat->digest = digest; 734 mdat->input = NULL; 735 mdat->output = NULL; 736 mdat->nrpt = 1; 737 t->data = mdat; 738 return 1; 739 } 740 741 static void digest_test_cleanup(struct evp_test *t) 742 { 743 struct digest_data *mdat = t->data; 744 test_free(mdat->input); 745 test_free(mdat->output); 746 } 747 748 static int digest_test_parse(struct evp_test *t, 749 const char *keyword, const char *value) 750 { 751 struct digest_data *mdata = t->data; 752 if (strcmp(keyword, "Input") == 0) 753 return test_bin(value, &mdata->input, &mdata->input_len); 754 if (strcmp(keyword, "Output") == 0) 755 return test_bin(value, &mdata->output, &mdata->output_len); 756 if (strcmp(keyword, "Count") == 0) { 757 long nrpt = atoi(value); 758 if (nrpt <= 0) 759 return 0; 760 mdata->nrpt = (size_t)nrpt; 761 return 1; 762 } 763 return 0; 764 } 765 766 static int digest_test_run(struct evp_test *t) 767 { 768 struct digest_data *mdata = t->data; 769 size_t i; 770 const char *err = "INTERNAL_ERROR"; 771 EVP_MD_CTX *mctx; 772 unsigned char md[EVP_MAX_MD_SIZE]; 773 unsigned int md_len; 774 mctx = EVP_MD_CTX_new(); 775 if (!mctx) 776 goto err; 777 err = "DIGESTINIT_ERROR"; 778 if (!EVP_DigestInit_ex(mctx, mdata->digest, NULL)) 779 goto err; 780 err = "DIGESTUPDATE_ERROR"; 781 for (i = 0; i < mdata->nrpt; i++) { 782 if (!EVP_DigestUpdate(mctx, mdata->input, mdata->input_len)) 783 goto err; 784 } 785 err = "DIGESTFINAL_ERROR"; 786 if (!EVP_DigestFinal(mctx, md, &md_len)) 787 goto err; 788 err = "DIGEST_LENGTH_MISMATCH"; 789 if (md_len != mdata->output_len) 790 goto err; 791 err = "DIGEST_MISMATCH"; 792 if (check_output(t, mdata->output, md, md_len)) 793 goto err; 794 err = NULL; 795 err: 796 EVP_MD_CTX_free(mctx); 797 t->err = err; 798 return 1; 799 } 800 801 static const struct evp_test_method digest_test_method = { 802 "Digest", 803 digest_test_init, 804 digest_test_cleanup, 805 digest_test_parse, 806 digest_test_run 807 }; 808 809 /* Cipher tests */ 810 struct cipher_data { 811 const EVP_CIPHER *cipher; 812 int enc; 813 /* EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE or EVP_CIPH_OCB_MODE if AEAD */ 814 int aead; 815 unsigned char *key; 816 size_t key_len; 817 unsigned char *iv; 818 size_t iv_len; 819 unsigned char *plaintext; 820 size_t plaintext_len; 821 unsigned char *ciphertext; 822 size_t ciphertext_len; 823 /* GCM, CCM only */ 824 unsigned char *aad; 825 size_t aad_len; 826 unsigned char *tag; 827 size_t tag_len; 828 }; 829 830 static int cipher_test_init(struct evp_test *t, const char *alg) 831 { 832 const EVP_CIPHER *cipher; 833 struct cipher_data *cdat = t->data; 834 cipher = EVP_get_cipherbyname(alg); 835 if (!cipher) { 836 /* If alg has an OID assume disabled algorithm */ 837 if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) { 838 t->skip = 1; 839 return 1; 840 } 841 return 0; 842 } 843 cdat = OPENSSL_malloc(sizeof(*cdat)); 844 cdat->cipher = cipher; 845 cdat->enc = -1; 846 cdat->key = NULL; 847 cdat->iv = NULL; 848 cdat->ciphertext = NULL; 849 cdat->plaintext = NULL; 850 cdat->aad = NULL; 851 cdat->tag = NULL; 852 t->data = cdat; 853 if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE 854 || EVP_CIPHER_mode(cipher) == EVP_CIPH_OCB_MODE 855 || EVP_CIPHER_mode(cipher) == EVP_CIPH_CCM_MODE) 856 cdat->aead = EVP_CIPHER_mode(cipher); 857 else if (EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) 858 cdat->aead = -1; 859 else 860 cdat->aead = 0; 861 862 return 1; 863 } 864 865 static void cipher_test_cleanup(struct evp_test *t) 866 { 867 struct cipher_data *cdat = t->data; 868 test_free(cdat->key); 869 test_free(cdat->iv); 870 test_free(cdat->ciphertext); 871 test_free(cdat->plaintext); 872 test_free(cdat->aad); 873 test_free(cdat->tag); 874 } 875 876 static int cipher_test_parse(struct evp_test *t, const char *keyword, 877 const char *value) 878 { 879 struct cipher_data *cdat = t->data; 880 if (strcmp(keyword, "Key") == 0) 881 return test_bin(value, &cdat->key, &cdat->key_len); 882 if (strcmp(keyword, "IV") == 0) 883 return test_bin(value, &cdat->iv, &cdat->iv_len); 884 if (strcmp(keyword, "Plaintext") == 0) 885 return test_bin(value, &cdat->plaintext, &cdat->plaintext_len); 886 if (strcmp(keyword, "Ciphertext") == 0) 887 return test_bin(value, &cdat->ciphertext, &cdat->ciphertext_len); 888 if (cdat->aead) { 889 if (strcmp(keyword, "AAD") == 0) 890 return test_bin(value, &cdat->aad, &cdat->aad_len); 891 if (strcmp(keyword, "Tag") == 0) 892 return test_bin(value, &cdat->tag, &cdat->tag_len); 893 } 894 895 if (strcmp(keyword, "Operation") == 0) { 896 if (strcmp(value, "ENCRYPT") == 0) 897 cdat->enc = 1; 898 else if (strcmp(value, "DECRYPT") == 0) 899 cdat->enc = 0; 900 else 901 return 0; 902 return 1; 903 } 904 return 0; 905 } 906 907 static int cipher_test_enc(struct evp_test *t, int enc, 908 size_t out_misalign, size_t inp_misalign, int frag) 909 { 910 struct cipher_data *cdat = t->data; 911 unsigned char *in, *out, *tmp = NULL; 912 size_t in_len, out_len, donelen = 0; 913 int tmplen, chunklen, tmpflen; 914 EVP_CIPHER_CTX *ctx = NULL; 915 const char *err; 916 err = "INTERNAL_ERROR"; 917 ctx = EVP_CIPHER_CTX_new(); 918 if (!ctx) 919 goto err; 920 EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW); 921 if (enc) { 922 in = cdat->plaintext; 923 in_len = cdat->plaintext_len; 924 out = cdat->ciphertext; 925 out_len = cdat->ciphertext_len; 926 } else { 927 in = cdat->ciphertext; 928 in_len = cdat->ciphertext_len; 929 out = cdat->plaintext; 930 out_len = cdat->plaintext_len; 931 } 932 if (inp_misalign == (size_t)-1) { 933 /* 934 * Exercise in-place encryption 935 */ 936 tmp = OPENSSL_malloc(out_misalign + in_len + 2 * EVP_MAX_BLOCK_LENGTH); 937 if (!tmp) 938 goto err; 939 in = memcpy(tmp + out_misalign, in, in_len); 940 } else { 941 inp_misalign += 16 - ((out_misalign + in_len) & 15); 942 /* 943 * 'tmp' will store both output and copy of input. We make the copy 944 * of input to specifically aligned part of 'tmp'. So we just 945 * figured out how much padding would ensure the required alignment, 946 * now we allocate extended buffer and finally copy the input just 947 * past inp_misalign in expression below. Output will be written 948 * past out_misalign... 949 */ 950 tmp = OPENSSL_malloc(out_misalign + in_len + 2 * EVP_MAX_BLOCK_LENGTH + 951 inp_misalign + in_len); 952 if (!tmp) 953 goto err; 954 in = memcpy(tmp + out_misalign + in_len + 2 * EVP_MAX_BLOCK_LENGTH + 955 inp_misalign, in, in_len); 956 } 957 err = "CIPHERINIT_ERROR"; 958 if (!EVP_CipherInit_ex(ctx, cdat->cipher, NULL, NULL, NULL, enc)) 959 goto err; 960 err = "INVALID_IV_LENGTH"; 961 if (cdat->iv) { 962 if (cdat->aead) { 963 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, 964 cdat->iv_len, 0)) 965 goto err; 966 } else if (cdat->iv_len != (size_t)EVP_CIPHER_CTX_iv_length(ctx)) 967 goto err; 968 } 969 if (cdat->aead) { 970 unsigned char *tag; 971 /* 972 * If encrypting or OCB just set tag length initially, otherwise 973 * set tag length and value. 974 */ 975 if (enc || cdat->aead == EVP_CIPH_OCB_MODE) { 976 err = "TAG_LENGTH_SET_ERROR"; 977 tag = NULL; 978 } else { 979 err = "TAG_SET_ERROR"; 980 tag = cdat->tag; 981 } 982 if (tag || cdat->aead != EVP_CIPH_GCM_MODE) { 983 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 984 cdat->tag_len, tag)) 985 goto err; 986 } 987 } 988 989 err = "INVALID_KEY_LENGTH"; 990 if (!EVP_CIPHER_CTX_set_key_length(ctx, cdat->key_len)) 991 goto err; 992 err = "KEY_SET_ERROR"; 993 if (!EVP_CipherInit_ex(ctx, NULL, NULL, cdat->key, cdat->iv, -1)) 994 goto err; 995 996 if (!enc && cdat->aead == EVP_CIPH_OCB_MODE) { 997 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 998 cdat->tag_len, cdat->tag)) { 999 err = "TAG_SET_ERROR"; 1000 goto err; 1001 } 1002 } 1003 1004 if (cdat->aead == EVP_CIPH_CCM_MODE) { 1005 if (!EVP_CipherUpdate(ctx, NULL, &tmplen, NULL, out_len)) { 1006 err = "CCM_PLAINTEXT_LENGTH_SET_ERROR"; 1007 goto err; 1008 } 1009 } 1010 if (cdat->aad) { 1011 err = "AAD_SET_ERROR"; 1012 if (!frag) { 1013 if (!EVP_CipherUpdate(ctx, NULL, &chunklen, cdat->aad, 1014 cdat->aad_len)) 1015 goto err; 1016 } else { 1017 /* 1018 * Supply the AAD in chunks less than the block size where possible 1019 */ 1020 if (cdat->aad_len > 0) { 1021 if (!EVP_CipherUpdate(ctx, NULL, &chunklen, cdat->aad, 1)) 1022 goto err; 1023 donelen++; 1024 } 1025 if (cdat->aad_len > 2) { 1026 if (!EVP_CipherUpdate(ctx, NULL, &chunklen, cdat->aad + donelen, 1027 cdat->aad_len - 2)) 1028 goto err; 1029 donelen += cdat->aad_len - 2; 1030 } 1031 if (cdat->aad_len > 1 1032 && !EVP_CipherUpdate(ctx, NULL, &chunklen, 1033 cdat->aad + donelen, 1)) 1034 goto err; 1035 } 1036 } 1037 EVP_CIPHER_CTX_set_padding(ctx, 0); 1038 err = "CIPHERUPDATE_ERROR"; 1039 tmplen = 0; 1040 if (!frag) { 1041 /* We supply the data all in one go */ 1042 if (!EVP_CipherUpdate(ctx, tmp + out_misalign, &tmplen, in, in_len)) 1043 goto err; 1044 } else { 1045 /* Supply the data in chunks less than the block size where possible */ 1046 if (in_len > 0) { 1047 if (!EVP_CipherUpdate(ctx, tmp + out_misalign, &chunklen, in, 1)) 1048 goto err; 1049 tmplen += chunklen; 1050 in++; 1051 in_len--; 1052 } 1053 if (in_len > 1) { 1054 if (!EVP_CipherUpdate(ctx, tmp + out_misalign + tmplen, &chunklen, 1055 in, in_len - 1)) 1056 goto err; 1057 tmplen += chunklen; 1058 in += in_len - 1; 1059 in_len = 1; 1060 } 1061 if (in_len > 0 ) { 1062 if (!EVP_CipherUpdate(ctx, tmp + out_misalign + tmplen, &chunklen, 1063 in, 1)) 1064 goto err; 1065 tmplen += chunklen; 1066 } 1067 } 1068 if (cdat->aead == EVP_CIPH_CCM_MODE) 1069 tmpflen = 0; 1070 else { 1071 err = "CIPHERFINAL_ERROR"; 1072 if (!EVP_CipherFinal_ex(ctx, tmp + out_misalign + tmplen, &tmpflen)) 1073 goto err; 1074 } 1075 err = "LENGTH_MISMATCH"; 1076 if (out_len != (size_t)(tmplen + tmpflen)) 1077 goto err; 1078 err = "VALUE_MISMATCH"; 1079 if (check_output(t, out, tmp + out_misalign, out_len)) 1080 goto err; 1081 if (enc && cdat->aead) { 1082 unsigned char rtag[16]; 1083 if (cdat->tag_len > sizeof(rtag)) { 1084 err = "TAG_LENGTH_INTERNAL_ERROR"; 1085 goto err; 1086 } 1087 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 1088 cdat->tag_len, rtag)) { 1089 err = "TAG_RETRIEVE_ERROR"; 1090 goto err; 1091 } 1092 if (check_output(t, cdat->tag, rtag, cdat->tag_len)) { 1093 err = "TAG_VALUE_MISMATCH"; 1094 goto err; 1095 } 1096 } 1097 err = NULL; 1098 err: 1099 OPENSSL_free(tmp); 1100 EVP_CIPHER_CTX_free(ctx); 1101 t->err = err; 1102 return err ? 0 : 1; 1103 } 1104 1105 static int cipher_test_run(struct evp_test *t) 1106 { 1107 struct cipher_data *cdat = t->data; 1108 int rv, frag = 0; 1109 size_t out_misalign, inp_misalign; 1110 1111 if (!cdat->key) { 1112 t->err = "NO_KEY"; 1113 return 0; 1114 } 1115 if (!cdat->iv && EVP_CIPHER_iv_length(cdat->cipher)) { 1116 /* IV is optional and usually omitted in wrap mode */ 1117 if (EVP_CIPHER_mode(cdat->cipher) != EVP_CIPH_WRAP_MODE) { 1118 t->err = "NO_IV"; 1119 return 0; 1120 } 1121 } 1122 if (cdat->aead && !cdat->tag) { 1123 t->err = "NO_TAG"; 1124 return 0; 1125 } 1126 for (out_misalign = 0; out_misalign <= 1;) { 1127 static char aux_err[64]; 1128 t->aux_err = aux_err; 1129 for (inp_misalign = (size_t)-1; inp_misalign != 2; inp_misalign++) { 1130 if (inp_misalign == (size_t)-1) { 1131 /* kludge: inp_misalign == -1 means "exercise in-place" */ 1132 BIO_snprintf(aux_err, sizeof(aux_err), 1133 "%s in-place, %sfragmented", 1134 out_misalign ? "misaligned" : "aligned", 1135 frag ? "" : "not "); 1136 } else { 1137 BIO_snprintf(aux_err, sizeof(aux_err), 1138 "%s output and %s input, %sfragmented", 1139 out_misalign ? "misaligned" : "aligned", 1140 inp_misalign ? "misaligned" : "aligned", 1141 frag ? "" : "not "); 1142 } 1143 if (cdat->enc) { 1144 rv = cipher_test_enc(t, 1, out_misalign, inp_misalign, frag); 1145 /* Not fatal errors: return */ 1146 if (rv != 1) { 1147 if (rv < 0) 1148 return 0; 1149 return 1; 1150 } 1151 } 1152 if (cdat->enc != 1) { 1153 rv = cipher_test_enc(t, 0, out_misalign, inp_misalign, frag); 1154 /* Not fatal errors: return */ 1155 if (rv != 1) { 1156 if (rv < 0) 1157 return 0; 1158 return 1; 1159 } 1160 } 1161 } 1162 1163 if (out_misalign == 1 && frag == 0) { 1164 /* 1165 * XTS, CCM and Wrap modes have special requirements about input 1166 * lengths so we don't fragment for those 1167 */ 1168 if (cdat->aead == EVP_CIPH_CCM_MODE 1169 || EVP_CIPHER_mode(cdat->cipher) == EVP_CIPH_XTS_MODE 1170 || EVP_CIPHER_mode(cdat->cipher) == EVP_CIPH_WRAP_MODE) 1171 break; 1172 out_misalign = 0; 1173 frag++; 1174 } else { 1175 out_misalign++; 1176 } 1177 } 1178 t->aux_err = NULL; 1179 1180 return 1; 1181 } 1182 1183 static const struct evp_test_method cipher_test_method = { 1184 "Cipher", 1185 cipher_test_init, 1186 cipher_test_cleanup, 1187 cipher_test_parse, 1188 cipher_test_run 1189 }; 1190 1191 struct mac_data { 1192 /* MAC type */ 1193 int type; 1194 /* Algorithm string for this MAC */ 1195 char *alg; 1196 /* MAC key */ 1197 unsigned char *key; 1198 size_t key_len; 1199 /* Input to MAC */ 1200 unsigned char *input; 1201 size_t input_len; 1202 /* Expected output */ 1203 unsigned char *output; 1204 size_t output_len; 1205 }; 1206 1207 static int mac_test_init(struct evp_test *t, const char *alg) 1208 { 1209 int type; 1210 struct mac_data *mdat; 1211 if (strcmp(alg, "HMAC") == 0) { 1212 type = EVP_PKEY_HMAC; 1213 } else if (strcmp(alg, "CMAC") == 0) { 1214 #ifndef OPENSSL_NO_CMAC 1215 type = EVP_PKEY_CMAC; 1216 #else 1217 t->skip = 1; 1218 return 1; 1219 #endif 1220 } else 1221 return 0; 1222 1223 mdat = OPENSSL_malloc(sizeof(*mdat)); 1224 mdat->type = type; 1225 mdat->alg = NULL; 1226 mdat->key = NULL; 1227 mdat->input = NULL; 1228 mdat->output = NULL; 1229 t->data = mdat; 1230 return 1; 1231 } 1232 1233 static void mac_test_cleanup(struct evp_test *t) 1234 { 1235 struct mac_data *mdat = t->data; 1236 test_free(mdat->alg); 1237 test_free(mdat->key); 1238 test_free(mdat->input); 1239 test_free(mdat->output); 1240 } 1241 1242 static int mac_test_parse(struct evp_test *t, 1243 const char *keyword, const char *value) 1244 { 1245 struct mac_data *mdata = t->data; 1246 if (strcmp(keyword, "Key") == 0) 1247 return test_bin(value, &mdata->key, &mdata->key_len); 1248 if (strcmp(keyword, "Algorithm") == 0) { 1249 mdata->alg = OPENSSL_strdup(value); 1250 if (!mdata->alg) 1251 return 0; 1252 return 1; 1253 } 1254 if (strcmp(keyword, "Input") == 0) 1255 return test_bin(value, &mdata->input, &mdata->input_len); 1256 if (strcmp(keyword, "Output") == 0) 1257 return test_bin(value, &mdata->output, &mdata->output_len); 1258 return 0; 1259 } 1260 1261 static int mac_test_run(struct evp_test *t) 1262 { 1263 struct mac_data *mdata = t->data; 1264 const char *err = "INTERNAL_ERROR"; 1265 EVP_MD_CTX *mctx = NULL; 1266 EVP_PKEY_CTX *pctx = NULL, *genctx = NULL; 1267 EVP_PKEY *key = NULL; 1268 const EVP_MD *md = NULL; 1269 unsigned char *mac = NULL; 1270 size_t mac_len; 1271 1272 #ifdef OPENSSL_NO_DES 1273 if (mdata->alg != NULL && strstr(mdata->alg, "DES") != NULL) { 1274 /* Skip DES */ 1275 err = NULL; 1276 goto err; 1277 } 1278 #endif 1279 1280 err = "MAC_PKEY_CTX_ERROR"; 1281 genctx = EVP_PKEY_CTX_new_id(mdata->type, NULL); 1282 if (!genctx) 1283 goto err; 1284 1285 err = "MAC_KEYGEN_INIT_ERROR"; 1286 if (EVP_PKEY_keygen_init(genctx) <= 0) 1287 goto err; 1288 if (mdata->type == EVP_PKEY_CMAC) { 1289 err = "MAC_ALGORITHM_SET_ERROR"; 1290 if (EVP_PKEY_CTX_ctrl_str(genctx, "cipher", mdata->alg) <= 0) 1291 goto err; 1292 } 1293 1294 err = "MAC_KEY_SET_ERROR"; 1295 if (EVP_PKEY_CTX_set_mac_key(genctx, mdata->key, mdata->key_len) <= 0) 1296 goto err; 1297 1298 err = "MAC_KEY_GENERATE_ERROR"; 1299 if (EVP_PKEY_keygen(genctx, &key) <= 0) 1300 goto err; 1301 if (mdata->type == EVP_PKEY_HMAC) { 1302 err = "MAC_ALGORITHM_SET_ERROR"; 1303 md = EVP_get_digestbyname(mdata->alg); 1304 if (!md) 1305 goto err; 1306 } 1307 mctx = EVP_MD_CTX_new(); 1308 if (!mctx) 1309 goto err; 1310 err = "DIGESTSIGNINIT_ERROR"; 1311 if (!EVP_DigestSignInit(mctx, &pctx, md, NULL, key)) 1312 goto err; 1313 1314 err = "DIGESTSIGNUPDATE_ERROR"; 1315 if (!EVP_DigestSignUpdate(mctx, mdata->input, mdata->input_len)) 1316 goto err; 1317 err = "DIGESTSIGNFINAL_LENGTH_ERROR"; 1318 if (!EVP_DigestSignFinal(mctx, NULL, &mac_len)) 1319 goto err; 1320 mac = OPENSSL_malloc(mac_len); 1321 if (!mac) { 1322 fprintf(stderr, "Error allocating mac buffer!\n"); 1323 exit(1); 1324 } 1325 if (!EVP_DigestSignFinal(mctx, mac, &mac_len)) 1326 goto err; 1327 err = "MAC_LENGTH_MISMATCH"; 1328 if (mac_len != mdata->output_len) 1329 goto err; 1330 err = "MAC_MISMATCH"; 1331 if (check_output(t, mdata->output, mac, mac_len)) 1332 goto err; 1333 err = NULL; 1334 err: 1335 EVP_MD_CTX_free(mctx); 1336 OPENSSL_free(mac); 1337 EVP_PKEY_CTX_free(genctx); 1338 EVP_PKEY_free(key); 1339 t->err = err; 1340 return 1; 1341 } 1342 1343 static const struct evp_test_method mac_test_method = { 1344 "MAC", 1345 mac_test_init, 1346 mac_test_cleanup, 1347 mac_test_parse, 1348 mac_test_run 1349 }; 1350 1351 /* 1352 * Public key operations. These are all very similar and can share 1353 * a lot of common code. 1354 */ 1355 1356 struct pkey_data { 1357 /* Context for this operation */ 1358 EVP_PKEY_CTX *ctx; 1359 /* Key operation to perform */ 1360 int (*keyop) (EVP_PKEY_CTX *ctx, 1361 unsigned char *sig, size_t *siglen, 1362 const unsigned char *tbs, size_t tbslen); 1363 /* Input to MAC */ 1364 unsigned char *input; 1365 size_t input_len; 1366 /* Expected output */ 1367 unsigned char *output; 1368 size_t output_len; 1369 }; 1370 1371 /* 1372 * Perform public key operation setup: lookup key, allocated ctx and call 1373 * the appropriate initialisation function 1374 */ 1375 static int pkey_test_init(struct evp_test *t, const char *name, 1376 int use_public, 1377 int (*keyopinit) (EVP_PKEY_CTX *ctx), 1378 int (*keyop) (EVP_PKEY_CTX *ctx, 1379 unsigned char *sig, size_t *siglen, 1380 const unsigned char *tbs, 1381 size_t tbslen) 1382 ) 1383 { 1384 struct pkey_data *kdata; 1385 EVP_PKEY *pkey = NULL; 1386 int rv = 0; 1387 if (use_public) 1388 rv = find_key(&pkey, name, t->public); 1389 if (!rv) 1390 rv = find_key(&pkey, name, t->private); 1391 if (!rv || pkey == NULL) { 1392 t->skip = 1; 1393 return 1; 1394 } 1395 1396 kdata = OPENSSL_malloc(sizeof(*kdata)); 1397 if (!kdata) { 1398 EVP_PKEY_free(pkey); 1399 return 0; 1400 } 1401 kdata->ctx = NULL; 1402 kdata->input = NULL; 1403 kdata->output = NULL; 1404 kdata->keyop = keyop; 1405 t->data = kdata; 1406 kdata->ctx = EVP_PKEY_CTX_new(pkey, NULL); 1407 if (!kdata->ctx) 1408 return 0; 1409 if (keyopinit(kdata->ctx) <= 0) 1410 t->err = "KEYOP_INIT_ERROR"; 1411 return 1; 1412 } 1413 1414 static void pkey_test_cleanup(struct evp_test *t) 1415 { 1416 struct pkey_data *kdata = t->data; 1417 1418 OPENSSL_free(kdata->input); 1419 OPENSSL_free(kdata->output); 1420 EVP_PKEY_CTX_free(kdata->ctx); 1421 } 1422 1423 static int pkey_test_ctrl(struct evp_test *t, EVP_PKEY_CTX *pctx, 1424 const char *value) 1425 { 1426 int rv; 1427 char *p, *tmpval; 1428 1429 tmpval = OPENSSL_strdup(value); 1430 if (tmpval == NULL) 1431 return 0; 1432 p = strchr(tmpval, ':'); 1433 if (p != NULL) 1434 *p++ = 0; 1435 rv = EVP_PKEY_CTX_ctrl_str(pctx, tmpval, p); 1436 if (rv == -2) { 1437 t->err = "PKEY_CTRL_INVALID"; 1438 rv = 1; 1439 } else if (p != NULL && rv <= 0) { 1440 /* If p has an OID and lookup fails assume disabled algorithm */ 1441 int nid = OBJ_sn2nid(p); 1442 if (nid == NID_undef) 1443 nid = OBJ_ln2nid(p); 1444 if ((nid != NID_undef) && EVP_get_digestbynid(nid) == NULL && 1445 EVP_get_cipherbynid(nid) == NULL) { 1446 t->skip = 1; 1447 rv = 1; 1448 } else { 1449 t->err = "PKEY_CTRL_ERROR"; 1450 rv = 1; 1451 } 1452 } 1453 OPENSSL_free(tmpval); 1454 return rv > 0; 1455 } 1456 1457 static int pkey_test_parse(struct evp_test *t, 1458 const char *keyword, const char *value) 1459 { 1460 struct pkey_data *kdata = t->data; 1461 if (strcmp(keyword, "Input") == 0) 1462 return test_bin(value, &kdata->input, &kdata->input_len); 1463 if (strcmp(keyword, "Output") == 0) 1464 return test_bin(value, &kdata->output, &kdata->output_len); 1465 if (strcmp(keyword, "Ctrl") == 0) 1466 return pkey_test_ctrl(t, kdata->ctx, value); 1467 return 0; 1468 } 1469 1470 static int pkey_test_run(struct evp_test *t) 1471 { 1472 struct pkey_data *kdata = t->data; 1473 unsigned char *out = NULL; 1474 size_t out_len; 1475 const char *err = "KEYOP_LENGTH_ERROR"; 1476 if (kdata->keyop(kdata->ctx, NULL, &out_len, kdata->input, 1477 kdata->input_len) <= 0) 1478 goto err; 1479 out = OPENSSL_malloc(out_len); 1480 if (!out) { 1481 fprintf(stderr, "Error allocating output buffer!\n"); 1482 exit(1); 1483 } 1484 err = "KEYOP_ERROR"; 1485 if (kdata->keyop 1486 (kdata->ctx, out, &out_len, kdata->input, kdata->input_len) <= 0) 1487 goto err; 1488 err = "KEYOP_LENGTH_MISMATCH"; 1489 if (out_len != kdata->output_len) 1490 goto err; 1491 err = "KEYOP_MISMATCH"; 1492 if (check_output(t, kdata->output, out, out_len)) 1493 goto err; 1494 err = NULL; 1495 err: 1496 OPENSSL_free(out); 1497 t->err = err; 1498 return 1; 1499 } 1500 1501 static int sign_test_init(struct evp_test *t, const char *name) 1502 { 1503 return pkey_test_init(t, name, 0, EVP_PKEY_sign_init, EVP_PKEY_sign); 1504 } 1505 1506 static const struct evp_test_method psign_test_method = { 1507 "Sign", 1508 sign_test_init, 1509 pkey_test_cleanup, 1510 pkey_test_parse, 1511 pkey_test_run 1512 }; 1513 1514 static int verify_recover_test_init(struct evp_test *t, const char *name) 1515 { 1516 return pkey_test_init(t, name, 1, EVP_PKEY_verify_recover_init, 1517 EVP_PKEY_verify_recover); 1518 } 1519 1520 static const struct evp_test_method pverify_recover_test_method = { 1521 "VerifyRecover", 1522 verify_recover_test_init, 1523 pkey_test_cleanup, 1524 pkey_test_parse, 1525 pkey_test_run 1526 }; 1527 1528 static int decrypt_test_init(struct evp_test *t, const char *name) 1529 { 1530 return pkey_test_init(t, name, 0, EVP_PKEY_decrypt_init, 1531 EVP_PKEY_decrypt); 1532 } 1533 1534 static const struct evp_test_method pdecrypt_test_method = { 1535 "Decrypt", 1536 decrypt_test_init, 1537 pkey_test_cleanup, 1538 pkey_test_parse, 1539 pkey_test_run 1540 }; 1541 1542 static int verify_test_init(struct evp_test *t, const char *name) 1543 { 1544 return pkey_test_init(t, name, 1, EVP_PKEY_verify_init, 0); 1545 } 1546 1547 static int verify_test_run(struct evp_test *t) 1548 { 1549 struct pkey_data *kdata = t->data; 1550 if (EVP_PKEY_verify(kdata->ctx, kdata->output, kdata->output_len, 1551 kdata->input, kdata->input_len) <= 0) 1552 t->err = "VERIFY_ERROR"; 1553 return 1; 1554 } 1555 1556 static const struct evp_test_method pverify_test_method = { 1557 "Verify", 1558 verify_test_init, 1559 pkey_test_cleanup, 1560 pkey_test_parse, 1561 verify_test_run 1562 }; 1563 1564 1565 static int pderive_test_init(struct evp_test *t, const char *name) 1566 { 1567 return pkey_test_init(t, name, 0, EVP_PKEY_derive_init, 0); 1568 } 1569 1570 static int pderive_test_parse(struct evp_test *t, 1571 const char *keyword, const char *value) 1572 { 1573 struct pkey_data *kdata = t->data; 1574 1575 if (strcmp(keyword, "PeerKey") == 0) { 1576 EVP_PKEY *peer; 1577 if (find_key(&peer, value, t->public) == 0) 1578 return 0; 1579 if (EVP_PKEY_derive_set_peer(kdata->ctx, peer) <= 0) 1580 return 0; 1581 return 1; 1582 } 1583 if (strcmp(keyword, "SharedSecret") == 0) 1584 return test_bin(value, &kdata->output, &kdata->output_len); 1585 if (strcmp(keyword, "Ctrl") == 0) 1586 return pkey_test_ctrl(t, kdata->ctx, value); 1587 return 0; 1588 } 1589 1590 static int pderive_test_run(struct evp_test *t) 1591 { 1592 struct pkey_data *kdata = t->data; 1593 unsigned char *out = NULL; 1594 size_t out_len; 1595 const char *err = "INTERNAL_ERROR"; 1596 1597 out_len = kdata->output_len; 1598 out = OPENSSL_malloc(out_len); 1599 if (!out) { 1600 fprintf(stderr, "Error allocating output buffer!\n"); 1601 exit(1); 1602 } 1603 err = "DERIVE_ERROR"; 1604 if (EVP_PKEY_derive(kdata->ctx, out, &out_len) <= 0) 1605 goto err; 1606 err = "SHARED_SECRET_LENGTH_MISMATCH"; 1607 if (out_len != kdata->output_len) 1608 goto err; 1609 err = "SHARED_SECRET_MISMATCH"; 1610 if (check_output(t, kdata->output, out, out_len)) 1611 goto err; 1612 err = NULL; 1613 err: 1614 OPENSSL_free(out); 1615 t->err = err; 1616 return 1; 1617 } 1618 1619 static const struct evp_test_method pderive_test_method = { 1620 "Derive", 1621 pderive_test_init, 1622 pkey_test_cleanup, 1623 pderive_test_parse, 1624 pderive_test_run 1625 }; 1626 1627 /* PBE tests */ 1628 1629 #define PBE_TYPE_SCRYPT 1 1630 #define PBE_TYPE_PBKDF2 2 1631 #define PBE_TYPE_PKCS12 3 1632 1633 struct pbe_data { 1634 1635 int pbe_type; 1636 1637 /* scrypt parameters */ 1638 uint64_t N, r, p, maxmem; 1639 1640 /* PKCS#12 parameters */ 1641 int id, iter; 1642 const EVP_MD *md; 1643 1644 /* password */ 1645 unsigned char *pass; 1646 size_t pass_len; 1647 1648 /* salt */ 1649 unsigned char *salt; 1650 size_t salt_len; 1651 1652 /* Expected output */ 1653 unsigned char *key; 1654 size_t key_len; 1655 }; 1656 1657 #ifndef OPENSSL_NO_SCRYPT 1658 static int scrypt_test_parse(struct evp_test *t, 1659 const char *keyword, const char *value) 1660 { 1661 struct pbe_data *pdata = t->data; 1662 1663 if (strcmp(keyword, "N") == 0) 1664 return test_uint64(value, &pdata->N); 1665 if (strcmp(keyword, "p") == 0) 1666 return test_uint64(value, &pdata->p); 1667 if (strcmp(keyword, "r") == 0) 1668 return test_uint64(value, &pdata->r); 1669 if (strcmp(keyword, "maxmem") == 0) 1670 return test_uint64(value, &pdata->maxmem); 1671 return 0; 1672 } 1673 #endif 1674 1675 static int pbkdf2_test_parse(struct evp_test *t, 1676 const char *keyword, const char *value) 1677 { 1678 struct pbe_data *pdata = t->data; 1679 1680 if (strcmp(keyword, "iter") == 0) { 1681 pdata->iter = atoi(value); 1682 if (pdata->iter <= 0) 1683 return 0; 1684 return 1; 1685 } 1686 if (strcmp(keyword, "MD") == 0) { 1687 pdata->md = EVP_get_digestbyname(value); 1688 if (pdata->md == NULL) 1689 return 0; 1690 return 1; 1691 } 1692 return 0; 1693 } 1694 1695 static int pkcs12_test_parse(struct evp_test *t, 1696 const char *keyword, const char *value) 1697 { 1698 struct pbe_data *pdata = t->data; 1699 1700 if (strcmp(keyword, "id") == 0) { 1701 pdata->id = atoi(value); 1702 if (pdata->id <= 0) 1703 return 0; 1704 return 1; 1705 } 1706 return pbkdf2_test_parse(t, keyword, value); 1707 } 1708 1709 static int pbe_test_init(struct evp_test *t, const char *alg) 1710 { 1711 struct pbe_data *pdat; 1712 int pbe_type = 0; 1713 1714 if (strcmp(alg, "scrypt") == 0) { 1715 #ifndef OPENSSL_NO_SCRYPT 1716 pbe_type = PBE_TYPE_SCRYPT; 1717 #else 1718 t->skip = 1; 1719 return 1; 1720 #endif 1721 } else if (strcmp(alg, "pbkdf2") == 0) { 1722 pbe_type = PBE_TYPE_PBKDF2; 1723 } else if (strcmp(alg, "pkcs12") == 0) { 1724 pbe_type = PBE_TYPE_PKCS12; 1725 } else { 1726 fprintf(stderr, "Unknown pbe algorithm %s\n", alg); 1727 } 1728 pdat = OPENSSL_malloc(sizeof(*pdat)); 1729 pdat->pbe_type = pbe_type; 1730 pdat->pass = NULL; 1731 pdat->salt = NULL; 1732 pdat->N = 0; 1733 pdat->r = 0; 1734 pdat->p = 0; 1735 pdat->maxmem = 0; 1736 pdat->id = 0; 1737 pdat->iter = 0; 1738 pdat->md = NULL; 1739 t->data = pdat; 1740 return 1; 1741 } 1742 1743 static void pbe_test_cleanup(struct evp_test *t) 1744 { 1745 struct pbe_data *pdat = t->data; 1746 test_free(pdat->pass); 1747 test_free(pdat->salt); 1748 test_free(pdat->key); 1749 } 1750 1751 static int pbe_test_parse(struct evp_test *t, 1752 const char *keyword, const char *value) 1753 { 1754 struct pbe_data *pdata = t->data; 1755 1756 if (strcmp(keyword, "Password") == 0) 1757 return test_bin(value, &pdata->pass, &pdata->pass_len); 1758 if (strcmp(keyword, "Salt") == 0) 1759 return test_bin(value, &pdata->salt, &pdata->salt_len); 1760 if (strcmp(keyword, "Key") == 0) 1761 return test_bin(value, &pdata->key, &pdata->key_len); 1762 if (pdata->pbe_type == PBE_TYPE_PBKDF2) 1763 return pbkdf2_test_parse(t, keyword, value); 1764 else if (pdata->pbe_type == PBE_TYPE_PKCS12) 1765 return pkcs12_test_parse(t, keyword, value); 1766 #ifndef OPENSSL_NO_SCRYPT 1767 else if (pdata->pbe_type == PBE_TYPE_SCRYPT) 1768 return scrypt_test_parse(t, keyword, value); 1769 #endif 1770 return 0; 1771 } 1772 1773 static int pbe_test_run(struct evp_test *t) 1774 { 1775 struct pbe_data *pdata = t->data; 1776 const char *err = "INTERNAL_ERROR"; 1777 unsigned char *key; 1778 1779 key = OPENSSL_malloc(pdata->key_len); 1780 if (!key) 1781 goto err; 1782 if (pdata->pbe_type == PBE_TYPE_PBKDF2) { 1783 err = "PBKDF2_ERROR"; 1784 if (PKCS5_PBKDF2_HMAC((char *)pdata->pass, pdata->pass_len, 1785 pdata->salt, pdata->salt_len, 1786 pdata->iter, pdata->md, 1787 pdata->key_len, key) == 0) 1788 goto err; 1789 #ifndef OPENSSL_NO_SCRYPT 1790 } else if (pdata->pbe_type == PBE_TYPE_SCRYPT) { 1791 err = "SCRYPT_ERROR"; 1792 if (EVP_PBE_scrypt((const char *)pdata->pass, pdata->pass_len, 1793 pdata->salt, pdata->salt_len, 1794 pdata->N, pdata->r, pdata->p, pdata->maxmem, 1795 key, pdata->key_len) == 0) 1796 goto err; 1797 #endif 1798 } else if (pdata->pbe_type == PBE_TYPE_PKCS12) { 1799 err = "PKCS12_ERROR"; 1800 if (PKCS12_key_gen_uni(pdata->pass, pdata->pass_len, 1801 pdata->salt, pdata->salt_len, 1802 pdata->id, pdata->iter, pdata->key_len, 1803 key, pdata->md) == 0) 1804 goto err; 1805 } 1806 err = "KEY_MISMATCH"; 1807 if (check_output(t, pdata->key, key, pdata->key_len)) 1808 goto err; 1809 err = NULL; 1810 err: 1811 OPENSSL_free(key); 1812 t->err = err; 1813 return 1; 1814 } 1815 1816 static const struct evp_test_method pbe_test_method = { 1817 "PBE", 1818 pbe_test_init, 1819 pbe_test_cleanup, 1820 pbe_test_parse, 1821 pbe_test_run 1822 }; 1823 1824 /* Base64 tests */ 1825 1826 typedef enum { 1827 BASE64_CANONICAL_ENCODING = 0, 1828 BASE64_VALID_ENCODING = 1, 1829 BASE64_INVALID_ENCODING = 2 1830 } base64_encoding_type; 1831 1832 struct encode_data { 1833 /* Input to encoding */ 1834 unsigned char *input; 1835 size_t input_len; 1836 /* Expected output */ 1837 unsigned char *output; 1838 size_t output_len; 1839 base64_encoding_type encoding; 1840 }; 1841 1842 static int encode_test_init(struct evp_test *t, const char *encoding) 1843 { 1844 struct encode_data *edata = OPENSSL_zalloc(sizeof(*edata)); 1845 1846 if (strcmp(encoding, "canonical") == 0) { 1847 edata->encoding = BASE64_CANONICAL_ENCODING; 1848 } else if (strcmp(encoding, "valid") == 0) { 1849 edata->encoding = BASE64_VALID_ENCODING; 1850 } else if (strcmp(encoding, "invalid") == 0) { 1851 edata->encoding = BASE64_INVALID_ENCODING; 1852 t->expected_err = OPENSSL_strdup("DECODE_ERROR"); 1853 if (t->expected_err == NULL) 1854 return 0; 1855 } else { 1856 fprintf(stderr, "Bad encoding: %s. Should be one of " 1857 "{canonical, valid, invalid}\n", encoding); 1858 return 0; 1859 } 1860 t->data = edata; 1861 return 1; 1862 } 1863 1864 static void encode_test_cleanup(struct evp_test *t) 1865 { 1866 struct encode_data *edata = t->data; 1867 test_free(edata->input); 1868 test_free(edata->output); 1869 memset(edata, 0, sizeof(*edata)); 1870 } 1871 1872 static int encode_test_parse(struct evp_test *t, 1873 const char *keyword, const char *value) 1874 { 1875 struct encode_data *edata = t->data; 1876 if (strcmp(keyword, "Input") == 0) 1877 return test_bin(value, &edata->input, &edata->input_len); 1878 if (strcmp(keyword, "Output") == 0) 1879 return test_bin(value, &edata->output, &edata->output_len); 1880 return 0; 1881 } 1882 1883 static int encode_test_run(struct evp_test *t) 1884 { 1885 struct encode_data *edata = t->data; 1886 unsigned char *encode_out = NULL, *decode_out = NULL; 1887 int output_len, chunk_len; 1888 const char *err = "INTERNAL_ERROR"; 1889 EVP_ENCODE_CTX *decode_ctx = EVP_ENCODE_CTX_new(); 1890 1891 if (decode_ctx == NULL) 1892 goto err; 1893 1894 if (edata->encoding == BASE64_CANONICAL_ENCODING) { 1895 EVP_ENCODE_CTX *encode_ctx = EVP_ENCODE_CTX_new(); 1896 if (encode_ctx == NULL) 1897 goto err; 1898 encode_out = OPENSSL_malloc(EVP_ENCODE_LENGTH(edata->input_len)); 1899 if (encode_out == NULL) 1900 goto err; 1901 1902 EVP_EncodeInit(encode_ctx); 1903 EVP_EncodeUpdate(encode_ctx, encode_out, &chunk_len, 1904 edata->input, edata->input_len); 1905 output_len = chunk_len; 1906 1907 EVP_EncodeFinal(encode_ctx, encode_out + chunk_len, &chunk_len); 1908 output_len += chunk_len; 1909 1910 EVP_ENCODE_CTX_free(encode_ctx); 1911 1912 if (check_var_length_output(t, edata->output, edata->output_len, 1913 encode_out, output_len)) { 1914 err = "BAD_ENCODING"; 1915 goto err; 1916 } 1917 } 1918 1919 decode_out = OPENSSL_malloc(EVP_DECODE_LENGTH(edata->output_len)); 1920 if (decode_out == NULL) 1921 goto err; 1922 1923 EVP_DecodeInit(decode_ctx); 1924 if (EVP_DecodeUpdate(decode_ctx, decode_out, &chunk_len, edata->output, 1925 edata->output_len) < 0) { 1926 err = "DECODE_ERROR"; 1927 goto err; 1928 } 1929 output_len = chunk_len; 1930 1931 if (EVP_DecodeFinal(decode_ctx, decode_out + chunk_len, &chunk_len) != 1) { 1932 err = "DECODE_ERROR"; 1933 goto err; 1934 } 1935 output_len += chunk_len; 1936 1937 if (edata->encoding != BASE64_INVALID_ENCODING && 1938 check_var_length_output(t, edata->input, edata->input_len, 1939 decode_out, output_len)) { 1940 err = "BAD_DECODING"; 1941 goto err; 1942 } 1943 1944 err = NULL; 1945 err: 1946 t->err = err; 1947 OPENSSL_free(encode_out); 1948 OPENSSL_free(decode_out); 1949 EVP_ENCODE_CTX_free(decode_ctx); 1950 return 1; 1951 } 1952 1953 static const struct evp_test_method encode_test_method = { 1954 "Encoding", 1955 encode_test_init, 1956 encode_test_cleanup, 1957 encode_test_parse, 1958 encode_test_run, 1959 }; 1960 1961 /* KDF operations */ 1962 1963 struct kdf_data { 1964 /* Context for this operation */ 1965 EVP_PKEY_CTX *ctx; 1966 /* Expected output */ 1967 unsigned char *output; 1968 size_t output_len; 1969 }; 1970 1971 /* 1972 * Perform public key operation setup: lookup key, allocated ctx and call 1973 * the appropriate initialisation function 1974 */ 1975 static int kdf_test_init(struct evp_test *t, const char *name) 1976 { 1977 struct kdf_data *kdata; 1978 1979 kdata = OPENSSL_malloc(sizeof(*kdata)); 1980 if (kdata == NULL) 1981 return 0; 1982 kdata->ctx = NULL; 1983 kdata->output = NULL; 1984 t->data = kdata; 1985 kdata->ctx = EVP_PKEY_CTX_new_id(OBJ_sn2nid(name), NULL); 1986 if (kdata->ctx == NULL) 1987 return 0; 1988 if (EVP_PKEY_derive_init(kdata->ctx) <= 0) 1989 return 0; 1990 return 1; 1991 } 1992 1993 static void kdf_test_cleanup(struct evp_test *t) 1994 { 1995 struct kdf_data *kdata = t->data; 1996 OPENSSL_free(kdata->output); 1997 EVP_PKEY_CTX_free(kdata->ctx); 1998 } 1999 2000 static int kdf_test_parse(struct evp_test *t, 2001 const char *keyword, const char *value) 2002 { 2003 struct kdf_data *kdata = t->data; 2004 if (strcmp(keyword, "Output") == 0) 2005 return test_bin(value, &kdata->output, &kdata->output_len); 2006 if (strncmp(keyword, "Ctrl", 4) == 0) 2007 return pkey_test_ctrl(t, kdata->ctx, value); 2008 return 0; 2009 } 2010 2011 static int kdf_test_run(struct evp_test *t) 2012 { 2013 struct kdf_data *kdata = t->data; 2014 unsigned char *out = NULL; 2015 size_t out_len = kdata->output_len; 2016 const char *err = "INTERNAL_ERROR"; 2017 out = OPENSSL_malloc(out_len); 2018 if (!out) { 2019 fprintf(stderr, "Error allocating output buffer!\n"); 2020 exit(1); 2021 } 2022 err = "KDF_DERIVE_ERROR"; 2023 if (EVP_PKEY_derive(kdata->ctx, out, &out_len) <= 0) 2024 goto err; 2025 err = "KDF_LENGTH_MISMATCH"; 2026 if (out_len != kdata->output_len) 2027 goto err; 2028 err = "KDF_MISMATCH"; 2029 if (check_output(t, kdata->output, out, out_len)) 2030 goto err; 2031 err = NULL; 2032 err: 2033 OPENSSL_free(out); 2034 t->err = err; 2035 return 1; 2036 } 2037 2038 static const struct evp_test_method kdf_test_method = { 2039 "KDF", 2040 kdf_test_init, 2041 kdf_test_cleanup, 2042 kdf_test_parse, 2043 kdf_test_run 2044 }; 2045 2046 struct keypair_test_data { 2047 EVP_PKEY *privk; 2048 EVP_PKEY *pubk; 2049 }; 2050 2051 static int keypair_test_init(struct evp_test *t, const char *pair) 2052 { 2053 int rv = 0; 2054 EVP_PKEY *pk = NULL, *pubk = NULL; 2055 char *pub, *priv = NULL; 2056 const char *err = "INTERNAL_ERROR"; 2057 struct keypair_test_data *data; 2058 2059 priv = OPENSSL_strdup(pair); 2060 if (priv == NULL) 2061 return 0; 2062 pub = strchr(priv, ':'); 2063 if ( pub == NULL ) { 2064 fprintf(stderr, "Wrong syntax \"%s\"\n", pair); 2065 goto end; 2066 } 2067 *pub++ = 0; /* split priv and pub strings */ 2068 2069 if (find_key(&pk, priv, t->private) == 0) { 2070 fprintf(stderr, "Cannot find private key: %s\n", priv); 2071 err = "MISSING_PRIVATE_KEY"; 2072 goto end; 2073 } 2074 if (find_key(&pubk, pub, t->public) == 0) { 2075 fprintf(stderr, "Cannot find public key: %s\n", pub); 2076 err = "MISSING_PUBLIC_KEY"; 2077 goto end; 2078 } 2079 2080 if (pk == NULL && pubk == NULL) { 2081 /* Both keys are listed but unsupported: skip this test */ 2082 t->skip = 1; 2083 rv = 1; 2084 goto end; 2085 } 2086 2087 data = OPENSSL_malloc(sizeof(*data)); 2088 if (data == NULL ) 2089 goto end; 2090 2091 data->privk = pk; 2092 data->pubk = pubk; 2093 t->data = data; 2094 2095 rv = 1; 2096 err = NULL; 2097 2098 end: 2099 if (priv) 2100 OPENSSL_free(priv); 2101 t->err = err; 2102 return rv; 2103 } 2104 2105 static void keypair_test_cleanup(struct evp_test *t) 2106 { 2107 struct keypair_test_data *data = t->data; 2108 t->data = NULL; 2109 if (data) 2110 test_free(data); 2111 return; 2112 } 2113 2114 /* For test that do not accept any custom keyword: 2115 * return 0 if called 2116 */ 2117 static int void_test_parse(struct evp_test *t, const char *keyword, const char *value) 2118 { 2119 return 0; 2120 } 2121 2122 static int keypair_test_run(struct evp_test *t) 2123 { 2124 int rv = 0; 2125 const struct keypair_test_data *pair = t->data; 2126 const char *err = "INTERNAL_ERROR"; 2127 2128 if (pair == NULL) 2129 goto end; 2130 2131 if (pair->privk == NULL || pair->pubk == NULL) { 2132 /* this can only happen if only one of the keys is not set 2133 * which means that one of them was unsupported while the 2134 * other isn't: hence a key type mismatch. 2135 */ 2136 err = "KEYPAIR_TYPE_MISMATCH"; 2137 rv = 1; 2138 goto end; 2139 } 2140 2141 if ((rv = EVP_PKEY_cmp(pair->privk, pair->pubk)) != 1 ) { 2142 if ( 0 == rv ) { 2143 err = "KEYPAIR_MISMATCH"; 2144 } else if ( -1 == rv ) { 2145 err = "KEYPAIR_TYPE_MISMATCH"; 2146 } else if ( -2 == rv ) { 2147 err = "UNSUPPORTED_KEY_COMPARISON"; 2148 } else { 2149 fprintf(stderr, "Unexpected error in key comparison\n"); 2150 rv = 0; 2151 goto end; 2152 } 2153 rv = 1; 2154 goto end; 2155 } 2156 2157 rv = 1; 2158 err = NULL; 2159 2160 end: 2161 t->err = err; 2162 return rv; 2163 } 2164 2165 static const struct evp_test_method keypair_test_method = { 2166 "PrivPubKeyPair", 2167 keypair_test_init, 2168 keypair_test_cleanup, 2169 void_test_parse, 2170 keypair_test_run 2171 }; 2172 2173