diff --git a/test/ct_test.c b/test/ct_test.c index db03f868eeb0ce7c58e5be383f54c1dae89338a9..2553bc69228985ce847ab6af334912bb0d1a72cf 100644 --- a/test/ct_test.c +++ b/test/ct_test.c @@ -507,20 +507,20 @@ static int test_encode_tls_sct() SCT *sct = SCT_new(); if (!SCT_set_version(sct, SCT_VERSION_V1)) { fprintf(stderr, "Failed to set SCT version\n"); - return 1; + return 0; } if (!SCT_set1_log_id(sct, log_id, 32)) { fprintf(stderr, "Failed to set SCT log ID\n"); - return 1; + return 0; } SCT_set_timestamp(sct, 1); if (!SCT_set_signature_nid(sct, NID_ecdsa_with_SHA256)) { fprintf(stderr, "Failed to set SCT signature NID\n"); - return 1; + return 0; } if (!SCT_set1_signature(sct, signature, 71)) { fprintf(stderr, "Failed to set SCT signature\n"); - return 1; + return 0; } sk_SCT_push(sct_list, sct); diff --git a/test/mdc2_internal_test.c b/test/mdc2_internal_test.c index 3ed52de5ac630c2e94b46ba41c7d95a5cf2a5e7a..3353507c63196b88f5851274648bdb0b515a18cf 100644 --- a/test/mdc2_internal_test.c +++ b/test/mdc2_internal_test.c @@ -21,46 +21,6 @@ typedef struct { const unsigned char expected[MDC2_DIGEST_LENGTH]; } TESTDATA; -typedef struct { - const char *case_name; - int num; - const TESTDATA *data; -} SIMPLE_FIXTURE; - -/********************************************************************** - * - * Test of mdc2 internal functions - * - ***/ - -static SIMPLE_FIXTURE setup_mdc2(const char *const test_case_name) -{ - SIMPLE_FIXTURE fixture; - fixture.case_name = test_case_name; - return fixture; -} - -static int execute_mdc2(SIMPLE_FIXTURE fixture) -{ - unsigned char md[MDC2_DIGEST_LENGTH]; - MDC2_CTX c; - - MDC2_Init(&c); - MDC2_Update(&c, (const unsigned char *)fixture.data->input, - strlen(fixture.data->input)); - MDC2_Final(&(md[0]), &c); - - if (memcmp(fixture.data->expected, md, MDC2_DIGEST_LENGTH)) { - fprintf(stderr, "mdc2 test %d: unexpected output\n", fixture.num); - return 0; - } - - return 1; -} - -static void teardown_mdc2(SIMPLE_FIXTURE fixture) -{ -} /********************************************************************** * @@ -78,17 +38,34 @@ static TESTDATA tests[] = { } }; -static int drive_tests(int idx) +/********************************************************************** + * + * Test of mdc2 internal functions + * + ***/ + +static int test_mdc2(int idx) { - SETUP_TEST_FIXTURE(SIMPLE_FIXTURE, setup_mdc2); - fixture.num = idx; - fixture.data = &tests[idx]; - EXECUTE_TEST(execute_mdc2, teardown_mdc2); + unsigned char md[MDC2_DIGEST_LENGTH]; + MDC2_CTX c; + const TESTDATA testdata = tests[idx]; + + MDC2_Init(&c); + MDC2_Update(&c, (const unsigned char *)testdata.input, + strlen(testdata.input)); + MDC2_Final(&(md[0]), &c); + + if (memcmp(testdata.expected, md, MDC2_DIGEST_LENGTH)) { + fprintf(stderr, "mdc2 test %d: unexpected output\n", idx); + return 0; + } + + return 1; } int main(int argc, char **argv) { - ADD_ALL_TESTS(drive_tests, OSSL_NELEM(tests)); + ADD_ALL_TESTS(test_mdc2, OSSL_NELEM(tests)); return run_tests(argv[0]); } diff --git a/test/modes_internal_test.c b/test/modes_internal_test.c index 1e4f6e33675d635ba2b5411a8318bf2d5921f4d2..57045035e9b138c90f3ac3128b7af0a27e957c8b 100644 --- a/test/modes_internal_test.c +++ b/test/modes_internal_test.c @@ -29,316 +29,6 @@ typedef struct { * ***/ -typedef struct { - const char *case_name; - int num; - const AES_KEY *encrypt_key_schedule; - const AES_KEY *decrypt_key_schedule; - const unsigned char *input; - SIZED_DATA iv; - const SIZED_DATA *vector; -} CTS128_FIXTURE; - -static CTS128_FIXTURE setup_cts128(const char *const test_case_name) -{ - CTS128_FIXTURE fixture; - fixture.case_name = test_case_name; - return fixture; -} - -static int execute_cts128(CTS128_FIXTURE fixture) -{ - const unsigned char *test_iv = fixture.iv.data; - size_t test_iv_len = fixture.iv.size; - const unsigned char *vector = fixture.vector->data; - size_t len = fixture.vector->size; - const unsigned char *test_input = fixture.input; - const AES_KEY *encrypt_key_schedule = fixture.encrypt_key_schedule; - const AES_KEY *decrypt_key_schedule = fixture.decrypt_key_schedule; - unsigned char iv[16]; - unsigned char cleartext[64], ciphertext[64]; - size_t tail; - - fprintf(stderr, "vector_%" OSSLzu "\n", len); - fflush(stdout); - - if ((tail = len % 16) == 0) - tail = 16; - tail += 16; - - /* test block-based encryption */ - memcpy(iv, test_iv, test_iv_len); - CRYPTO_cts128_encrypt_block(test_input, ciphertext, len, - encrypt_key_schedule, iv, - (block128_f)AES_encrypt); - if (memcmp(ciphertext, vector, len)) { - fprintf(stderr, "block encrypt: output_%" OSSLzu " mismatch\n", len); - return 0; - } - if (memcmp(iv, vector + len - tail, sizeof(iv))) { - fprintf(stderr, "block encrypt: iv_%" OSSLzu " mismatch\n", len); - return 0; - } - - /* test block-based decryption */ - memcpy(iv, test_iv, test_iv_len); - CRYPTO_cts128_decrypt_block(ciphertext, cleartext, len, - decrypt_key_schedule, iv, - (block128_f)AES_decrypt); - if (memcmp(cleartext, test_input, len)) { - fprintf(stderr, "block decrypt: input_%" OSSLzu " mismatch\n", len); - return 0; - } - if (memcmp(iv, vector + len - tail, sizeof(iv))) { - fprintf(stderr, "block decrypt: iv_%" OSSLzu " mismatch\n", len); - return 0; - } - - /* test streamed encryption */ - memcpy(iv, test_iv, test_iv_len); - CRYPTO_cts128_encrypt(test_input, ciphertext, len, encrypt_key_schedule, - iv, (cbc128_f) AES_cbc_encrypt); - if (memcmp(ciphertext, vector, len)) { - fprintf(stderr, "stream encrypt: output_%" OSSLzu " mismatch\n", len); - return 0; - } - if (memcmp(iv, vector + len - tail, sizeof(iv))) { - fprintf(stderr, "stream encrypt: iv_%" OSSLzu " mismatch\n", len); - return 0; - } - - /* test streamed decryption */ - memcpy(iv, test_iv, test_iv_len); - CRYPTO_cts128_decrypt(ciphertext, cleartext, len, decrypt_key_schedule, iv, - (cbc128_f)AES_cbc_encrypt); - if (memcmp(cleartext, test_input, len)) { - fprintf(stderr, "stream decrypt: input_%" OSSLzu " mismatch\n", len); - return 0; - } - if (memcmp(iv, vector + len - tail, sizeof(iv))) { - fprintf(stderr, "stream decrypt: iv_%" OSSLzu " mismatch\n", len); - return 0; - } - - return 1; -} - -static int execute_cts128_nist(CTS128_FIXTURE fixture) -{ - const unsigned char *test_iv = fixture.iv.data; - size_t test_iv_len = fixture.iv.size; - const unsigned char *vector = fixture.vector->data; - size_t len = fixture.vector->size; - const unsigned char *test_input = fixture.input; - const AES_KEY *encrypt_key_schedule = fixture.encrypt_key_schedule; - const AES_KEY *decrypt_key_schedule = fixture.decrypt_key_schedule; - unsigned char iv[16]; - unsigned char cleartext[64], ciphertext[64], nistvector[64]; - size_t tail; - - fprintf(stderr, "nistvector_%" OSSLzu "\n", len); - fflush(stdout); - - if ((tail = len % 16) == 0) - tail = 16; - - len -= 16 + tail; - memcpy(nistvector, vector, len); - /* flip two last blocks */ - memcpy(nistvector + len, vector + len + 16, tail); - memcpy(nistvector + len + tail, vector + len, 16); - len += 16 + tail; - tail = 16; - - /* test block-based encryption */ - memcpy(iv, test_iv, test_iv_len); - CRYPTO_nistcts128_encrypt_block(test_input, ciphertext, len, - encrypt_key_schedule, iv, - (block128_f)AES_encrypt); - if (memcmp(ciphertext, nistvector, len)) { - fprintf(stderr, "output_%" OSSLzu " mismatch\n", len); - return 0; - } - if (memcmp(iv, nistvector + len - tail, sizeof(iv))) { - fprintf(stderr, "iv_%" OSSLzu " mismatch\n", len); - return 0; - } - - /* test block-based decryption */ - memcpy(iv, test_iv, test_iv_len); - CRYPTO_nistcts128_decrypt_block(ciphertext, cleartext, len, - decrypt_key_schedule, iv, - (block128_f)AES_decrypt); - if (memcmp(cleartext, test_input, len)) { - fprintf(stderr, "input_%" OSSLzu " mismatch\n", len); - return 0; - } - if (memcmp(iv, nistvector + len - tail, sizeof(iv))) { - fprintf(stderr, "iv_%" OSSLzu " mismatch\n", len); - return 0; - } - - /* test streamed encryption */ - memcpy(iv, test_iv, test_iv_len); - CRYPTO_nistcts128_encrypt(test_input, ciphertext, len, - encrypt_key_schedule, iv, - (cbc128_f)AES_cbc_encrypt); - if (memcmp(ciphertext, nistvector, len)) { - fprintf(stderr, "output_%" OSSLzu " mismatch\n", len); - return 0; - } - if (memcmp(iv, nistvector + len - tail, sizeof(iv))) { - fprintf(stderr, "iv_%" OSSLzu " mismatch\n", len); - return 0; - } - - /* test streamed decryption */ - memcpy(iv, test_iv, test_iv_len); - CRYPTO_nistcts128_decrypt(ciphertext, cleartext, len, decrypt_key_schedule, - iv, (cbc128_f)AES_cbc_encrypt); - if (memcmp(cleartext, test_input, len)) { - fprintf(stderr, "input_%" OSSLzu " mismatch\n", len); - return 0; - } - if (memcmp(iv, nistvector + len - tail, sizeof(iv))) { - fprintf(stderr, "iv_%" OSSLzu " mismatch\n", len); - return 0; - } - - return 1; -} - -static void teardown_cts128(CTS128_FIXTURE fixture) -{ -} - -/********************************************************************** - * - * Test of gcm128 - * - ***/ - -typedef struct { - const char *case_name; - int num; - SIZED_DATA K; - SIZED_DATA IV; - SIZED_DATA A; - SIZED_DATA P; - SIZED_DATA C; - SIZED_DATA T; -} GCM128_FIXTURE; - -static GCM128_FIXTURE setup_gcm128(const char *const test_case_name) -{ - GCM128_FIXTURE fixture; - fixture.case_name = test_case_name; - return fixture; -} - -static int execute_gcm128(GCM128_FIXTURE fixture) -{ - unsigned char out[512]; - SIZED_DATA *K = &fixture.K; - SIZED_DATA *IV = &fixture.IV; - SIZED_DATA *A = &fixture.A; - SIZED_DATA *P = &fixture.P; - SIZED_DATA *C = &fixture.C; - SIZED_DATA *T = &fixture.T; - int n = fixture.num; - GCM128_CONTEXT ctx; - AES_KEY key; - int err = 0; - - AES_set_encrypt_key(K->data, K->size * 8, &key); - - CRYPTO_gcm128_init(&ctx, &key, (block128_f)AES_encrypt); - CRYPTO_gcm128_setiv(&ctx, IV->data, IV->size); - memset(out, 0, P->size); - if (A->data) - CRYPTO_gcm128_aad(&ctx, A->data, A->size); - if (P->data) - CRYPTO_gcm128_encrypt( &ctx, P->data, out, P->size); - if (CRYPTO_gcm128_finish(&ctx, T->data, 16) - || (C->data && memcmp(out, C->data, P->size))) - err++, fprintf(stderr, "encrypt test#%d failed.\n", n); - - CRYPTO_gcm128_setiv(&ctx, IV->data, IV->size); - memset(out, 0, P->size); - if (A->data) - CRYPTO_gcm128_aad(&ctx, A->data, A->size); - if (C->data) - CRYPTO_gcm128_decrypt(&ctx, C->data, out, P->size); - if (CRYPTO_gcm128_finish(&ctx, T->data, 16) - || (P->data && memcmp(out, P->data, P->size))) - err++, fprintf(stderr, "decrypt test#%d failed.\n", n); - - return err == 0; -} - -static void teardown_gcm128(GCM128_FIXTURE fixture) -{ -} - -static void benchmark_gcm128(const unsigned char *K, size_t Klen, - const unsigned char *IV, size_t IVlen) -{ -#ifdef OPENSSL_CPUID_OBJ - GCM128_CONTEXT ctx; - AES_KEY key; - size_t start, gcm_t, ctr_t, OPENSSL_rdtsc(); - union { - u64 u; - u8 c[1024]; - } buf; - - AES_set_encrypt_key(K, Klen * 8, &key); - CRYPTO_gcm128_init(&ctx, &key, (block128_f) AES_encrypt); - CRYPTO_gcm128_setiv(&ctx, IV, IVlen); - - CRYPTO_gcm128_encrypt(&ctx, buf.c, buf.c, sizeof(buf)); - start = OPENSSL_rdtsc(); - CRYPTO_gcm128_encrypt(&ctx, buf.c, buf.c, sizeof(buf)); - gcm_t = OPENSSL_rdtsc() - start; - - CRYPTO_ctr128_encrypt(buf.c, buf.c, sizeof(buf), - &key, ctx.Yi.c, ctx.EKi.c, &ctx.mres, - (block128_f) AES_encrypt); - start = OPENSSL_rdtsc(); - CRYPTO_ctr128_encrypt(buf.c, buf.c, sizeof(buf), - &key, ctx.Yi.c, ctx.EKi.c, &ctx.mres, - (block128_f) AES_encrypt); - ctr_t = OPENSSL_rdtsc() - start; - - printf("%.2f-%.2f=%.2f\n", - gcm_t / (double)sizeof(buf), - ctr_t / (double)sizeof(buf), - (gcm_t - ctr_t) / (double)sizeof(buf)); -# ifdef GHASH - { - void (*gcm_ghash_p) (u64 Xi[2], const u128 Htable[16], - const u8 *inp, size_t len) = ctx.ghash; - - GHASH((&ctx), buf.c, sizeof(buf)); - start = OPENSSL_rdtsc(); - for (i = 0; i < 100; ++i) - GHASH((&ctx), buf.c, sizeof(buf)); - gcm_t = OPENSSL_rdtsc() - start; - printf("%.2f\n", gcm_t / (double)sizeof(buf) / (double)i); - } -# endif -#else - fprintf(stderr, - "Benchmarking of modes isn't available on this platform\n"); -#endif -} - -/********************************************************************** - * - * Test driver - * - ***/ - /* cts128 test vectors from RFC 3962 */ static const unsigned char cts128_test_key[16] = "chicken teriyaki"; static const unsigned char cts128_test_input[64] = @@ -433,32 +123,174 @@ static AES_KEY *cts128_decrypt_key_schedule() return &ks; } -static int drive_cts128_tests(int idx) +typedef struct { + const char *case_name; + int num; + size_t (*transform_output)(const unsigned char *in, unsigned char *out, + size_t len); + size_t (*encrypt_block)(const unsigned char *in, + unsigned char *out, size_t len, + const void *key, unsigned char ivec[16], + block128_f block); + size_t (*encrypt)(const unsigned char *in, unsigned char *out, + size_t len, const void *key, + unsigned char ivec[16], cbc128_f cbc); + size_t (*decrypt_block)(const unsigned char *in, + unsigned char *out, size_t len, + const void *key, unsigned char ivec[16], + block128_f block); + size_t (*decrypt)(const unsigned char *in, unsigned char *out, + size_t len, const void *key, + unsigned char ivec[16], cbc128_f cbc); +} CTS128_FIXTURE; + + +static CTS128_FIXTURE setup_cts128(const char *const test_case_name) +{ + CTS128_FIXTURE fixture; + fixture.case_name = test_case_name; + return fixture; +} + +static size_t transform_output(const unsigned char *in, unsigned char *out, + size_t len) +{ + size_t tail; + + memcpy(out, in, len); + if ((tail = len % 16) == 0) + tail = 16; + tail += 16; + + return tail; +} + +static size_t transform_output_nist(const unsigned char *in, unsigned char *out, + size_t len) +{ + size_t tail; + + if ((tail = len % 16) == 0) + tail = 16; + len -= 16 + tail; + memcpy(out, in, len); + /* flip two last blocks */ + memcpy(out + len, in + len + 16, tail); + memcpy(out + len + tail, in + len, 16); + len += 16 + tail; + tail = 16; + + return tail; +} + +static int execute_cts128(CTS128_FIXTURE fixture) +{ + const unsigned char *test_iv = cts128_test_iv; + size_t test_iv_len = sizeof(cts128_test_iv); + const unsigned char *orig_vector = cts128_vectors[fixture.num].data; + size_t len = cts128_vectors[fixture.num].size; + const unsigned char *test_input = cts128_test_input; + const AES_KEY *encrypt_key_schedule = cts128_encrypt_key_schedule(); + const AES_KEY *decrypt_key_schedule = cts128_decrypt_key_schedule(); + unsigned char iv[16]; + /* The largest test inputs are = 64 bytes. */ + unsigned char cleartext[64], ciphertext[64], vector[64]; + size_t tail; + + fprintf(stderr, "%s_vector_%" OSSLzu "\n", fixture.case_name, len); + fflush(stdout); + + tail = fixture.transform_output(orig_vector, vector, len); + + /* test block-based encryption */ + memcpy(iv, test_iv, test_iv_len); + fixture.encrypt_block(test_input, ciphertext, len, + encrypt_key_schedule, iv, + (block128_f)AES_encrypt); + if (memcmp(ciphertext, vector, len)) { + fprintf(stderr, "block encrypt: output_%" OSSLzu " mismatch\n", len); + return 0; + } + if (memcmp(iv, vector + len - tail, sizeof(iv))) { + fprintf(stderr, "block encrypt: iv_%" OSSLzu " mismatch\n", len); + return 0; + } + + /* test block-based decryption */ + memcpy(iv, test_iv, test_iv_len); + fixture.decrypt_block(ciphertext, cleartext, len, + decrypt_key_schedule, iv, + (block128_f)AES_decrypt); + if (memcmp(cleartext, test_input, len)) { + fprintf(stderr, "block decrypt: input_%" OSSLzu " mismatch\n", len); + return 0; + } + if (memcmp(iv, vector + len - tail, sizeof(iv))) { + fprintf(stderr, "block decrypt: iv_%" OSSLzu " mismatch\n", len); + return 0; + } + + /* test streamed encryption */ + memcpy(iv, test_iv, test_iv_len); + fixture.encrypt(test_input, ciphertext, len, encrypt_key_schedule, + iv, (cbc128_f) AES_cbc_encrypt); + if (memcmp(ciphertext, vector, len)) { + fprintf(stderr, "stream encrypt: output_%" OSSLzu " mismatch\n", len); + return 0; + } + if (memcmp(iv, vector + len - tail, sizeof(iv))) { + fprintf(stderr, "stream encrypt: iv_%" OSSLzu " mismatch\n", len); + return 0; + } + + /* test streamed decryption */ + memcpy(iv, test_iv, test_iv_len); + fixture.decrypt(ciphertext, cleartext, len, decrypt_key_schedule, iv, + (cbc128_f)AES_cbc_encrypt); + if (memcmp(cleartext, test_input, len)) { + fprintf(stderr, "stream decrypt: input_%" OSSLzu " mismatch\n", len); + return 0; + } + if (memcmp(iv, vector + len - tail, sizeof(iv))) { + fprintf(stderr, "stream decrypt: iv_%" OSSLzu " mismatch\n", len); + return 0; + } + + return 1; +} + +static int test_cts128(int idx) { SETUP_TEST_FIXTURE(CTS128_FIXTURE, setup_cts128); + fixture.transform_output = transform_output; + fixture.encrypt_block = CRYPTO_cts128_encrypt_block; + fixture.encrypt = CRYPTO_cts128_encrypt; + fixture.decrypt_block = CRYPTO_cts128_decrypt_block; + fixture.decrypt = CRYPTO_cts128_decrypt; + fixture.case_name = "cts128"; fixture.num = idx; - fixture.encrypt_key_schedule = cts128_encrypt_key_schedule(); - fixture.decrypt_key_schedule = cts128_decrypt_key_schedule(); - fixture.input = cts128_test_input; - fixture.iv.size = sizeof(cts128_test_iv); - fixture.iv.data = cts128_test_iv; - fixture.vector = &cts128_vectors[idx]; - EXECUTE_TEST(execute_cts128, teardown_cts128); + EXECUTE_TEST_NO_TEARDOWN(execute_cts128); } -static int drive_cts128_nist_tests(int idx) +static int test_cts128_nist(int idx) { SETUP_TEST_FIXTURE(CTS128_FIXTURE, setup_cts128); + fixture.transform_output = transform_output_nist; + fixture.encrypt_block = CRYPTO_nistcts128_encrypt_block; + fixture.encrypt = CRYPTO_nistcts128_encrypt; + fixture.decrypt_block = CRYPTO_nistcts128_decrypt_block; + fixture.decrypt = CRYPTO_nistcts128_decrypt; + fixture.case_name = "cts128_nist"; fixture.num = idx; - fixture.encrypt_key_schedule = cts128_encrypt_key_schedule(); - fixture.decrypt_key_schedule = cts128_decrypt_key_schedule(); - fixture.input = cts128_test_input; - fixture.iv.size = sizeof(cts128_test_iv); - fixture.iv.data = cts128_test_iv; - fixture.vector = &cts128_vectors[idx]; - EXECUTE_TEST(execute_cts128_nist, teardown_cts128); + EXECUTE_TEST_NO_TEARDOWN(execute_cts128); } +/********************************************************************** + * + * Test of gcm128 + * + ***/ + /* Test Case 1 */ static const u8 K1[16], P1[] = { 0 }, A1[] = { 0 }, IV1[12], C1[] = { 0 }; static const u8 T1[] = { @@ -1032,23 +864,104 @@ static struct gcm128_data { GCM128_TEST_VECTOR(20) }; -static int drive_gcm128_tests(int idx) +static int test_gcm128(int idx) { - SETUP_TEST_FIXTURE(GCM128_FIXTURE, setup_gcm128); - fixture.num = idx; - fixture.K.size = gcm128_vectors[idx].K.size; - fixture.K.data = fixture.K.size == 1 ? NULL : gcm128_vectors[idx].K.data; - fixture.IV.size = gcm128_vectors[idx].IV.size; - fixture.IV.data = fixture.IV.size == 1 ? NULL : gcm128_vectors[idx].IV.data; - fixture.A.size = gcm128_vectors[idx].A.size; - fixture.A.data = fixture.A.size == 1 ? NULL : gcm128_vectors[idx].A.data; - fixture.P.size = gcm128_vectors[idx].P.size; - fixture.P.data = fixture.P.size == 1 ? NULL : gcm128_vectors[idx].P.data; - fixture.C.size = gcm128_vectors[idx].C.size; - fixture.C.data = fixture.C.size == 1 ? NULL : gcm128_vectors[idx].C.data; - fixture.T.size = gcm128_vectors[idx].T.size; - fixture.T.data = fixture.T.size == 1 ? NULL : gcm128_vectors[idx].T.data; - EXECUTE_TEST(execute_gcm128, teardown_gcm128); + unsigned char out[512]; + SIZED_DATA K = gcm128_vectors[idx].K; + SIZED_DATA IV = gcm128_vectors[idx].IV; + SIZED_DATA A = gcm128_vectors[idx].A; + SIZED_DATA P = gcm128_vectors[idx].P; + SIZED_DATA C = gcm128_vectors[idx].C; + SIZED_DATA T = gcm128_vectors[idx].T; + GCM128_CONTEXT ctx; + AES_KEY key; + int err = 0; + + /* Size 1 inputs are special-cased to signal NULL. */ + if (A.size == 1) + A.data = NULL; + if (P.size == 1) + P.data = NULL; + if (C.size == 1) + C.data = NULL; + + AES_set_encrypt_key(K.data, K.size * 8, &key); + + CRYPTO_gcm128_init(&ctx, &key, (block128_f)AES_encrypt); + CRYPTO_gcm128_setiv(&ctx, IV.data, IV.size); + memset(out, 0, P.size); + if (A.data) + CRYPTO_gcm128_aad(&ctx, A.data, A.size); + if (P.data) + CRYPTO_gcm128_encrypt( &ctx, P.data, out, P.size); + if (CRYPTO_gcm128_finish(&ctx, T.data, 16) + || (C.data && memcmp(out, C.data, P.size))) + err++, fprintf(stderr, "encrypt test#%d failed.\n", idx); + + CRYPTO_gcm128_setiv(&ctx, IV.data, IV.size); + memset(out, 0, P.size); + if (A.data) + CRYPTO_gcm128_aad(&ctx, A.data, A.size); + if (C.data) + CRYPTO_gcm128_decrypt(&ctx, C.data, out, P.size); + if (CRYPTO_gcm128_finish(&ctx, T.data, 16) + || (P.data && memcmp(out, P.data, P.size))) + err++, fprintf(stderr, "decrypt test#%d failed.\n", idx); + + return err == 0; +} + +static void benchmark_gcm128(const unsigned char *K, size_t Klen, + const unsigned char *IV, size_t IVlen) +{ +#ifdef OPENSSL_CPUID_OBJ + GCM128_CONTEXT ctx; + AES_KEY key; + size_t start, gcm_t, ctr_t, OPENSSL_rdtsc(); + union { + u64 u; + u8 c[1024]; + } buf; + + AES_set_encrypt_key(K, Klen * 8, &key); + CRYPTO_gcm128_init(&ctx, &key, (block128_f) AES_encrypt); + CRYPTO_gcm128_setiv(&ctx, IV, IVlen); + + CRYPTO_gcm128_encrypt(&ctx, buf.c, buf.c, sizeof(buf)); + start = OPENSSL_rdtsc(); + CRYPTO_gcm128_encrypt(&ctx, buf.c, buf.c, sizeof(buf)); + gcm_t = OPENSSL_rdtsc() - start; + + CRYPTO_ctr128_encrypt(buf.c, buf.c, sizeof(buf), + &key, ctx.Yi.c, ctx.EKi.c, &ctx.mres, + (block128_f) AES_encrypt); + start = OPENSSL_rdtsc(); + CRYPTO_ctr128_encrypt(buf.c, buf.c, sizeof(buf), + &key, ctx.Yi.c, ctx.EKi.c, &ctx.mres, + (block128_f) AES_encrypt); + ctr_t = OPENSSL_rdtsc() - start; + + printf("%.2f-%.2f=%.2f\n", + gcm_t / (double)sizeof(buf), + ctr_t / (double)sizeof(buf), + (gcm_t - ctr_t) / (double)sizeof(buf)); +# ifdef GHASH + { + void (*gcm_ghash_p) (u64 Xi[2], const u128 Htable[16], + const u8 *inp, size_t len) = ctx.ghash; + + GHASH((&ctx), buf.c, sizeof(buf)); + start = OPENSSL_rdtsc(); + for (i = 0; i < 100; ++i) + GHASH((&ctx), buf.c, sizeof(buf)); + gcm_t = OPENSSL_rdtsc() - start; + printf("%.2f\n", gcm_t / (double)sizeof(buf) / (double)i); + } +# endif +#else + fprintf(stderr, + "Benchmarking of modes isn't available on this platform\n"); +#endif } int main(int argc, char **argv) @@ -1064,9 +977,9 @@ int main(int argc, char **argv) goto help; } - ADD_ALL_TESTS(drive_cts128_tests, OSSL_NELEM(cts128_vectors)); - ADD_ALL_TESTS(drive_cts128_nist_tests, OSSL_NELEM(cts128_vectors)); - ADD_ALL_TESTS(drive_gcm128_tests, OSSL_NELEM(gcm128_vectors)); + ADD_ALL_TESTS(test_cts128, OSSL_NELEM(cts128_vectors)); + ADD_ALL_TESTS(test_cts128_nist, OSSL_NELEM(cts128_vectors)); + ADD_ALL_TESTS(test_gcm128, OSSL_NELEM(gcm128_vectors)); result = run_tests(argv[0]); diff --git a/test/poly1305_internal_test.c b/test/poly1305_internal_test.c index 05ef878c535c1e2cbe2ea31368592a96591e4100..17746baed435cb63222d5b9b01adb4a433d7ecde 100644 --- a/test/poly1305_internal_test.c +++ b/test/poly1305_internal_test.c @@ -28,25 +28,12 @@ typedef struct { SIZED_DATA expected; } TESTDATA; -typedef struct { - const char *test_case_name; - int test_num; - const TESTDATA *test_data; -} SIMPLE_FIXTURE; - /********************************************************************** * * Test of poly1305 internal functions * ***/ -static SIMPLE_FIXTURE setup_poly1305(const char *const test_case_name) -{ - SIMPLE_FIXTURE fixture; - fixture.test_case_name = test_case_name; - return fixture; -} - /* TODO : hex decoder / encoder should be implemented in testutil.c */ static void hexdump(const unsigned char *a, size_t len) { @@ -56,96 +43,6 @@ static void hexdump(const unsigned char *a, size_t len) fprintf(stderr, "%02x", a[i]); } -static int execute_poly1305(SIMPLE_FIXTURE fixture) -{ - POLY1305 poly1305; - unsigned int i = fixture.test_num; - const TESTDATA *test = fixture.test_data; - const unsigned char *in = test->input.data; - size_t inlen = test->input.size; - const unsigned char *key = test->key.data; - const unsigned char *expected = test->expected.data; - size_t expectedlen = test->expected.size; - unsigned char out[16]; - - if (expectedlen != sizeof(out)) - return 0; - - Poly1305_Init(&poly1305, key); - Poly1305_Update(&poly1305, in, inlen); - Poly1305_Final(&poly1305, out); - - if (memcmp(out, expected, expectedlen) != 0) { - fprintf(stderr, "Poly1305 test #%d failed.\n", i); - fprintf(stderr, "got: "); - hexdump(out, sizeof(out)); - fprintf(stderr, "\nexpected: "); - hexdump(expected, expectedlen); - fprintf(stderr, "\n"); - return 0; - } - - if (inlen > 16) { - Poly1305_Init(&poly1305, key); - Poly1305_Update(&poly1305, in, 1); - Poly1305_Update(&poly1305, in+1, inlen-1); - Poly1305_Final(&poly1305, out); - - if (memcmp(out, expected, expectedlen) != 0) { - fprintf(stderr, "Poly1305 test #%d/1+(N-1) failed.\n", i); - fprintf(stderr, "got: "); - hexdump(out, sizeof(out)); - fprintf(stderr, "\nexpected: "); - hexdump(expected, expectedlen); - fprintf(stderr, "\n"); - return 0; - } - } - - if (inlen > 32) { - size_t half = inlen / 2; - - Poly1305_Init(&poly1305, key); - Poly1305_Update(&poly1305, in, half); - Poly1305_Update(&poly1305, in+half, inlen-half); - Poly1305_Final(&poly1305, out); - - if (memcmp(out, expected, expectedlen) != 0) { - fprintf(stderr, "Poly1305 test #%d/2 failed.\n", i); - fprintf(stderr, "got: "); - hexdump(out, sizeof(out)); - fprintf(stderr, "\nexpected: "); - hexdump(expected, expectedlen); - fprintf(stderr, "\n"); - return 0; - } - - for (half = 16; half < inlen; half += 16) { - Poly1305_Init(&poly1305, key); - Poly1305_Update(&poly1305, in, half); - Poly1305_Update(&poly1305, in+half, inlen-half); - Poly1305_Final(&poly1305, out); - - if (memcmp(out, expected, expectedlen) != 0) { - fprintf(stderr, "Poly1305 test #%d/%" OSSLzu "+%" OSSLzu " failed.\n", - i, half, inlen-half); - fprintf(stderr, "got: "); - hexdump(out, sizeof(out)); - fprintf(stderr, "\nexpected: "); - hexdump(expected, expectedlen); - fprintf(stderr, "\n"); - return 0; - } - } - } - - return 1; -} - -static void teardown_poly1305(SIMPLE_FIXTURE fixture) -{ -} - static void benchmark_poly1305() { # ifdef OPENSSL_CPUID_OBJ @@ -186,12 +83,6 @@ static void benchmark_poly1305() # endif } -/********************************************************************** - * - * Test driver - * - ***/ - static TESTDATA tests[] = { /* * RFC7539 @@ -1662,12 +1553,89 @@ static TESTDATA tests[] = { } }; -static int drive_tests(int idx) +static int test_poly1305(int idx) { - SETUP_TEST_FIXTURE(SIMPLE_FIXTURE, setup_poly1305); - fixture.test_num = idx; - fixture.test_data = &tests[idx]; - EXECUTE_TEST(execute_poly1305, teardown_poly1305); + POLY1305 poly1305; + const TESTDATA test = tests[idx]; + const unsigned char *in = test.input.data; + size_t inlen = test.input.size; + const unsigned char *key = test.key.data; + const unsigned char *expected = test.expected.data; + size_t expectedlen = test.expected.size; + unsigned char out[16]; + + if (expectedlen != sizeof(out)) + return 0; + + Poly1305_Init(&poly1305, key); + Poly1305_Update(&poly1305, in, inlen); + Poly1305_Final(&poly1305, out); + + if (memcmp(out, expected, expectedlen) != 0) { + fprintf(stderr, "Poly1305 test #%d failed.\n", idx); + fprintf(stderr, "got: "); + hexdump(out, sizeof(out)); + fprintf(stderr, "\nexpected: "); + hexdump(expected, expectedlen); + fprintf(stderr, "\n"); + return 0; + } + + if (inlen > 16) { + Poly1305_Init(&poly1305, key); + Poly1305_Update(&poly1305, in, 1); + Poly1305_Update(&poly1305, in+1, inlen-1); + Poly1305_Final(&poly1305, out); + + if (memcmp(out, expected, expectedlen) != 0) { + fprintf(stderr, "Poly1305 test #%d/1+(N-1) failed.\n", idx); + fprintf(stderr, "got: "); + hexdump(out, sizeof(out)); + fprintf(stderr, "\nexpected: "); + hexdump(expected, expectedlen); + fprintf(stderr, "\n"); + return 0; + } + } + + if (inlen > 32) { + size_t half = inlen / 2; + + Poly1305_Init(&poly1305, key); + Poly1305_Update(&poly1305, in, half); + Poly1305_Update(&poly1305, in+half, inlen-half); + Poly1305_Final(&poly1305, out); + + if (memcmp(out, expected, expectedlen) != 0) { + fprintf(stderr, "Poly1305 test #%d/2 failed.\n", idx); + fprintf(stderr, "got: "); + hexdump(out, sizeof(out)); + fprintf(stderr, "\nexpected: "); + hexdump(expected, expectedlen); + fprintf(stderr, "\n"); + return 0; + } + + for (half = 16; half < inlen; half += 16) { + Poly1305_Init(&poly1305, key); + Poly1305_Update(&poly1305, in, half); + Poly1305_Update(&poly1305, in+half, inlen-half); + Poly1305_Final(&poly1305, out); + + if (memcmp(out, expected, expectedlen) != 0) { + fprintf(stderr, "Poly1305 test #%d/%" OSSLzu "+%" OSSLzu " failed.\n", + idx, half, inlen-half); + fprintf(stderr, "got: "); + hexdump(out, sizeof(out)); + fprintf(stderr, "\nexpected: "); + hexdump(expected, expectedlen); + fprintf(stderr, "\n"); + return 0; + } + } + } + + return 1; } int main(int argc, char **argv) @@ -1683,7 +1651,7 @@ int main(int argc, char **argv) goto help; } - ADD_ALL_TESTS(drive_tests, OSSL_NELEM(tests)); + ADD_ALL_TESTS(test_poly1305, OSSL_NELEM(tests)); result = run_tests(argv[0]); diff --git a/test/ssl_test.c b/test/ssl_test.c index fb6214e9fed14d916bf6e430a6043dd44233d7cd..e53889b37a2780b26ad7d673fb4269d671c3f179 100644 --- a/test/ssl_test.c +++ b/test/ssl_test.c @@ -23,18 +23,6 @@ static CONF *conf = NULL; /* Currently the section names are of the form test-, e.g. test-15. */ #define MAX_TESTCASE_NAME_LENGTH 100 -typedef struct ssl_test_ctx_test_fixture { - const char *test_case_name; - char test_app[MAX_TESTCASE_NAME_LENGTH]; -} SSL_TEST_FIXTURE; - -static SSL_TEST_FIXTURE set_up(const char *const test_case_name) -{ - SSL_TEST_FIXTURE fixture; - fixture.test_case_name = test_case_name; - return fixture; -} - static const char *print_alert(int alert) { return alert ? SSL_alert_desc_string_long(alert) : "no alert"; @@ -222,15 +210,18 @@ static int check_test(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) return ret; } -static int execute_test(SSL_TEST_FIXTURE fixture) +static int test_handshake(int idx) { int ret = 0; SSL_CTX *server_ctx = NULL, *server2_ctx = NULL, *client_ctx = NULL, *resume_server_ctx = NULL, *resume_client_ctx = NULL; SSL_TEST_CTX *test_ctx = NULL; HANDSHAKE_RESULT *result = NULL; + char test_app[MAX_TESTCASE_NAME_LENGTH]; + + BIO_snprintf(test_app, sizeof(test_app), "test-%d", idx); - test_ctx = SSL_TEST_CTX_create(conf, fixture.test_app); + test_ctx = SSL_TEST_CTX_create(conf, test_app); if (test_ctx == NULL) goto err; @@ -272,7 +263,7 @@ static int execute_test(SSL_TEST_FIXTURE fixture) TEST_check(server_ctx != NULL); TEST_check(client_ctx != NULL); - TEST_check(CONF_modules_load(conf, fixture.test_app, 0) > 0); + TEST_check(CONF_modules_load(conf, test_app, 0) > 0); if (!SSL_CTX_config(server_ctx, "server") || !SSL_CTX_config(client_ctx, "client")) { @@ -305,23 +296,6 @@ err: return ret; } -static void tear_down(SSL_TEST_FIXTURE fixture) -{ -} - -#define SETUP_SSL_TEST_FIXTURE() \ - SETUP_TEST_FIXTURE(SSL_TEST_FIXTURE, set_up) -#define EXECUTE_SSL_TEST() \ - EXECUTE_TEST(execute_test, tear_down) - -static int test_handshake(int idx) -{ - SETUP_SSL_TEST_FIXTURE(); - BIO_snprintf(fixture.test_app, sizeof(fixture.test_app), - "test-%d", idx); - EXECUTE_SSL_TEST(); -} - int main(int argc, char **argv) { int result = 0; diff --git a/test/ssl_test_ctx_test.c b/test/ssl_test_ctx_test.c index c601e903eda21bdf92c2462010b13015f9012216..d8b9f830ee605db1c531e1dd91efaa13c4791025 100644 --- a/test/ssl_test_ctx_test.c +++ b/test/ssl_test_ctx_test.c @@ -216,20 +216,6 @@ static int execute_test(SSL_TEST_CTX_TEST_FIXTURE fixture) return success; } -static int execute_failure_test(SSL_TEST_CTX_TEST_FIXTURE fixture) -{ - SSL_TEST_CTX *ctx = SSL_TEST_CTX_create(conf, fixture.test_section); - - if (ctx != NULL) { - fprintf(stderr, "Parsing bad configuration %s succeeded.\n", - fixture.test_section); - SSL_TEST_CTX_free(ctx); - return 0; - } - - return 1; -} - static void tear_down(SSL_TEST_CTX_TEST_FIXTURE fixture) { SSL_TEST_CTX_free(fixture.expected_ctx); @@ -239,8 +225,6 @@ static void tear_down(SSL_TEST_CTX_TEST_FIXTURE fixture) SETUP_TEST_FIXTURE(SSL_TEST_CTX_TEST_FIXTURE, set_up) #define EXECUTE_SSL_TEST_CTX_TEST() \ EXECUTE_TEST(execute_test, tear_down) -#define EXECUTE_SSL_TEST_CTX_FAILURE_TEST() \ - EXECUTE_TEST(execute_failure_test, tear_down) static int test_empty_configuration() { @@ -307,9 +291,16 @@ static const char *bad_configurations[] = { static int test_bad_configuration(int idx) { - SETUP_SSL_TEST_CTX_TEST_FIXTURE(); - fixture.test_section = bad_configurations[idx]; - EXECUTE_SSL_TEST_CTX_FAILURE_TEST(); + SSL_TEST_CTX *ctx = SSL_TEST_CTX_create(conf, bad_configurations[idx]); + + if (ctx != NULL) { + fprintf(stderr, "Parsing bad configuration %s succeeded.\n", + bad_configurations[idx]); + SSL_TEST_CTX_free(ctx); + return 0; + } + + return 1; } int main(int argc, char **argv) diff --git a/test/testutil.h b/test/testutil.h index af7c48cc61669c58bde8d63bccdcc3825dec74e9..53d58bee5ca25f210acf3924fab53da9959b3567 100644 --- a/test/testutil.h +++ b/test/testutil.h @@ -60,6 +60,11 @@ tear_down(fixture);\ return result +/* Shorthand if tear_down does nothing. */ +# define EXECUTE_TEST_NO_TEARDOWN(execute_func)\ + result = execute_func(fixture);\ + return result + /* * TEST_CASE_NAME is defined as the name of the test case function where * possible; otherwise we get by with the file name and line number.