提交 93d02986 编写于 作者: R Rich Salz

Convert dhtest, dsatest, cipherbytes_test

Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3209)
上级 edd689ef
...@@ -115,8 +115,8 @@ IF[{- !$disabled{tests} -}] ...@@ -115,8 +115,8 @@ IF[{- !$disabled{tests} -}]
INCLUDE[randtest]=../include INCLUDE[randtest]=../include
DEPEND[randtest]=../libcrypto DEPEND[randtest]=../libcrypto
SOURCE[dhtest]=dhtest.c SOURCE[dhtest]=dhtest.c testutil.c test_main.c
INCLUDE[dhtest]=../include INCLUDE[dhtest]=.. ../include
DEPEND[dhtest]=../libcrypto DEPEND[dhtest]=../libcrypto
SOURCE[enginetest]=enginetest.c testutil.c test_main.c SOURCE[enginetest]=enginetest.c testutil.c test_main.c
...@@ -135,8 +135,8 @@ IF[{- !$disabled{tests} -}] ...@@ -135,8 +135,8 @@ IF[{- !$disabled{tests} -}]
INCLUDE[ssltest_old]=.. ../include INCLUDE[ssltest_old]=.. ../include
DEPEND[ssltest_old]=../libcrypto ../libssl DEPEND[ssltest_old]=../libcrypto ../libssl
SOURCE[dsatest]=dsatest.c SOURCE[dsatest]=dsatest.c testutil.c test_main.c
INCLUDE[dsatest]=../include INCLUDE[dsatest]=.. ../include
DEPEND[dsatest]=../libcrypto DEPEND[dsatest]=../libcrypto
SOURCE[exptest]=exptest.c SOURCE[exptest]=exptest.c
...@@ -321,7 +321,7 @@ IF[{- !$disabled{tests} -}] ...@@ -321,7 +321,7 @@ IF[{- !$disabled{tests} -}]
INCLUDE[uitest]=.. ../include INCLUDE[uitest]=.. ../include
DEPEND[uitest]=../libcrypto ../libssl DEPEND[uitest]=../libcrypto ../libssl
SOURCE[cipherbytes_test]=cipherbytes_test.c SOURCE[cipherbytes_test]=cipherbytes_test.c testutil.c test_main_custom.c
INCLUDE[cipherbytes_test]=.. ../include INCLUDE[cipherbytes_test]=.. ../include
DEPEND[cipherbytes_test]=../libcrypto ../libssl DEPEND[cipherbytes_test]=../libcrypto ../libssl
......
...@@ -19,110 +19,133 @@ ...@@ -19,110 +19,133 @@
#include <openssl/tls1.h> #include <openssl/tls1.h>
#include "e_os.h" #include "e_os.h"
#include "testutil.h"
#include "test_main_custom.h"
static int test_empty(SSL *s) static SSL_CTX *ctx;
static SSL *s;
static int test_empty(void)
{ {
STACK_OF(SSL_CIPHER) *sk = NULL, *scsv = NULL; STACK_OF(SSL_CIPHER) *sk = NULL, *scsv = NULL;
const unsigned char bytes[] = {0x00}; const unsigned char bytes[] = {0x00};
int ret = 0;
if (!TEST_int_eq(SSL_bytes_to_cipher_list(s, bytes, 0, 0, &sk, &scsv), 0)
|| !TEST_ptr_null(sk)
|| !TEST_ptr_null(scsv))
goto err;
ret = 1;
if (SSL_bytes_to_cipher_list(s, bytes, 0, 0, &sk, &scsv) || err:
sk != NULL || scsv != NULL) sk_SSL_CIPHER_free(sk);
return 0; sk_SSL_CIPHER_free(scsv);
return 1; return ret;
} }
static int test_unsupported(SSL *s) static int test_unsupported(void)
{ {
STACK_OF(SSL_CIPHER) *sk, *scsv; STACK_OF(SSL_CIPHER) *sk, *scsv;
/* ECDH-RSA-AES256 (unsupported), ECDHE-ECDSA-AES128, <unassigned> */ /* ECDH-RSA-AES256 (unsupported), ECDHE-ECDSA-AES128, <unassigned> */
const unsigned char bytes[] = {0xc0, 0x0f, 0x00, 0x2f, 0x01, 0x00}; const unsigned char bytes[] = {0xc0, 0x0f, 0x00, 0x2f, 0x01, 0x00};
int ret = 0;
if (!SSL_bytes_to_cipher_list(s, bytes, sizeof(bytes), 0, &sk, &scsv) ||
sk == NULL || sk_SSL_CIPHER_num(sk) != 1 || scsv == NULL || if (!TEST_true(SSL_bytes_to_cipher_list(s, bytes, sizeof(bytes),
sk_SSL_CIPHER_num(scsv) != 0) 0, &sk, &scsv))
return 0; || !TEST_ptr(sk)
if (strcmp(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 0)), || !TEST_int_eq(sk_SSL_CIPHER_num(sk), 1)
"AES128-SHA") != 0) || !TEST_ptr(scsv)
return 0; || !TEST_int_eq(sk_SSL_CIPHER_num(scsv), 0)
|| !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 0)),
"AES128-SHA"))
goto err;
ret = 1;
err:
sk_SSL_CIPHER_free(sk); sk_SSL_CIPHER_free(sk);
sk_SSL_CIPHER_free(scsv); sk_SSL_CIPHER_free(scsv);
return 1; return ret;
} }
static int test_v2(SSL *s) static int test_v2(void)
{ {
STACK_OF(SSL_CIPHER) *sk, *scsv; STACK_OF(SSL_CIPHER) *sk, *scsv;
/* ECDHE-ECDSA-AES256GCM, SSL2_RC4_1238_WITH_MD5, /* ECDHE-ECDSA-AES256GCM, SSL2_RC4_1238_WITH_MD5,
* ECDHE-ECDSA-CHACHA20-POLY1305 */ * ECDHE-ECDSA-CHACHA20-POLY1305 */
const unsigned char bytes[] = {0x00, 0x00, 0x35, 0x01, 0x00, 0x80, const unsigned char bytes[] = {0x00, 0x00, 0x35, 0x01, 0x00, 0x80,
0x00, 0x00, 0x33}; 0x00, 0x00, 0x33};
int ret = 0;
if (!SSL_bytes_to_cipher_list(s, bytes, sizeof(bytes), 1, &sk, &scsv) ||
sk == NULL || sk_SSL_CIPHER_num(sk) != 2 || scsv == NULL || if (!TEST_true(SSL_bytes_to_cipher_list(s, bytes, sizeof(bytes), 1,
sk_SSL_CIPHER_num(scsv) != 0) &sk, &scsv))
return 0; || !TEST_ptr(sk)
|| !TEST_int_eq(sk_SSL_CIPHER_num(sk), 2)
|| !TEST_ptr(scsv)
|| !TEST_int_eq(sk_SSL_CIPHER_num(scsv), 0))
goto err;
if (strcmp(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 0)), if (strcmp(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 0)),
"AES256-SHA") != 0 || "AES256-SHA") != 0 ||
strcmp(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 1)), strcmp(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 1)),
"DHE-RSA-AES128-SHA") != 0) "DHE-RSA-AES128-SHA") != 0)
return 0; goto err;
ret = 1;
err:
sk_SSL_CIPHER_free(sk); sk_SSL_CIPHER_free(sk);
sk_SSL_CIPHER_free(scsv); sk_SSL_CIPHER_free(scsv);
return 1; return ret;
} }
static int test_v3(SSL *s) static int test_v3(void)
{ {
STACK_OF(SSL_CIPHER) *sk, *scsv; STACK_OF(SSL_CIPHER) *sk = NULL, *scsv = NULL;
/* ECDHE-ECDSA-AES256GCM, ECDHE-ECDSA-CHACHAPOLY, DHE-RSA-AES256GCM, /* ECDHE-ECDSA-AES256GCM, ECDHE-ECDSA-CHACHAPOLY, DHE-RSA-AES256GCM,
* EMPTY-RENEGOTIATION-INFO-SCSV, FALLBACK-SCSV */ * EMPTY-RENEGOTIATION-INFO-SCSV, FALLBACK-SCSV */
const unsigned char bytes[] = {0x00, 0x2f, 0x00, 0x33, 0x00, 0x9f, 0x00, 0xff, const unsigned char bytes[] = {0x00, 0x2f, 0x00, 0x33, 0x00, 0x9f, 0x00, 0xff,
0x56, 0x00}; 0x56, 0x00};
int ret = 0;
if (!SSL_bytes_to_cipher_list(s, bytes, sizeof(bytes), 0, &sk, &scsv) ||
sk == NULL || sk_SSL_CIPHER_num(sk) != 3 || scsv == NULL || if (!SSL_bytes_to_cipher_list(s, bytes, sizeof(bytes), 0, &sk, &scsv)
sk_SSL_CIPHER_num(scsv) != 2) || !TEST_ptr(sk)
return 0; || !TEST_int_eq(sk_SSL_CIPHER_num(sk), 3)
if (strcmp(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 0)), || !TEST_ptr(scsv)
"AES128-SHA") != 0 || || !TEST_int_eq(sk_SSL_CIPHER_num(scsv), 2)
strcmp(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 1)), || !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 0)),
"DHE-RSA-AES128-SHA") != 0 || "AES128-SHA")
strcmp(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 2)), || !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 1)),
"DHE-RSA-AES256-GCM-SHA384") != 0 || "DHE-RSA-AES128-SHA")
strcmp(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(scsv, 0)), || !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 2)),
"TLS_EMPTY_RENEGOTIATION_INFO_SCSV") != 0 || "DHE-RSA-AES256-GCM-SHA384")
strcmp(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(scsv, 1)), || !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(scsv, 0)),
"TLS_FALLBACK_SCSV") != 0) "TLS_EMPTY_RENEGOTIATION_INFO_SCSV")
return 0; || !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(scsv, 1)),
"TLS_FALLBACK_SCSV"))
goto err;
ret = 1;
err:
sk_SSL_CIPHER_free(sk); sk_SSL_CIPHER_free(sk);
sk_SSL_CIPHER_free(scsv); sk_SSL_CIPHER_free(scsv);
return 1; return ret;
} }
int main(int argc, char **argv) int test_main(int argc, char **argv)
{ {
SSL_CTX *ctx; int ret;
SSL *s;
ctx = SSL_CTX_new(TLS_server_method()); if (!TEST_ptr(ctx = SSL_CTX_new(TLS_server_method()))
s = SSL_new(ctx); || !TEST_ptr(s = SSL_new(ctx)))
OPENSSL_assert(s != NULL); return EXIT_FAILURE;
if (!test_empty(s)) ADD_TEST(test_empty);
return 1; ADD_TEST(test_unsupported);
ADD_TEST(test_v2);
ADD_TEST(test_v3);
ret = run_tests(argv[0]);
if (!test_unsupported(s))
return 1;
if (!test_v2(s))
return 1;
if (!test_v3(s))
return 1;
printf("PASS\n");
SSL_free(s); SSL_free(s);
SSL_CTX_free(ctx); SSL_CTX_free(ctx);
return 0;
return ret;
} }
...@@ -11,13 +11,14 @@ ...@@ -11,13 +11,14 @@
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include "../e_os.h" #include "e_os.h"
#include <openssl/crypto.h> #include <openssl/crypto.h>
#include <openssl/bio.h> #include <openssl/bio.h>
#include <openssl/bn.h> #include <openssl/bn.h>
#include <openssl/rand.h> #include <openssl/rand.h>
#include <openssl/err.h> #include <openssl/err.h>
#include "test_main.h"
#include "testutil.h"
#ifdef OPENSSL_NO_DH #ifdef OPENSSL_NO_DH
int main(int argc, char *argv[]) int main(int argc, char *argv[])
...@@ -33,125 +34,68 @@ static int cb(int p, int n, BN_GENCB *arg); ...@@ -33,125 +34,68 @@ static int cb(int p, int n, BN_GENCB *arg);
static const char rnd_seed[] = static const char rnd_seed[] =
"string to make the random number generator think it has entropy"; "string to make the random number generator think it has entropy";
static int run_rfc5114_tests(void); static int dh_test(void)
int main(int argc, char *argv[])
{ {
BN_GENCB *_cb = NULL; BN_GENCB *_cb = NULL;
DH *a = NULL; DH *a = NULL;
DH *b = NULL; DH *b = NULL;
const BIGNUM *ap = NULL, *ag = NULL, *apub_key = NULL, *priv_key = NULL; const BIGNUM *ap = NULL, *ag = NULL, *apub_key = NULL;
const BIGNUM *bpub_key = NULL; const BIGNUM *bpub_key = NULL;
BIGNUM *bp = NULL, *bg = NULL; BIGNUM *bp = NULL, *bg = NULL;
char buf[12] = {0};
unsigned char *abuf = NULL; unsigned char *abuf = NULL;
unsigned char *bbuf = NULL; unsigned char *bbuf = NULL;
int i, alen, blen, aout, bout; int i, alen, blen, aout, bout;
int ret = 1; int ret = 1;
BIO *out = NULL;
CRYPTO_set_mem_debug(1);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
RAND_seed(rnd_seed, sizeof rnd_seed); RAND_seed(rnd_seed, sizeof rnd_seed);
out = BIO_new(BIO_s_file()); if (!TEST_ptr(_cb = BN_GENCB_new()))
if (out == NULL)
EXIT(1);
BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
_cb = BN_GENCB_new();
if (_cb == NULL)
goto err; goto err;
BN_GENCB_set(_cb, &cb, out); BN_GENCB_set(_cb, &cb, NULL);
if (((a = DH_new()) == NULL) if (!TEST_ptr(a = DH_new())
|| (!DH_generate_parameters_ex(a, 64, DH_GENERATOR_5, _cb))) || !TEST_true(DH_generate_parameters_ex(a, 64,
DH_GENERATOR_5, _cb)))
goto err; goto err;
if (!DH_check(a, &i)) if (!DH_check(a, &i))
goto err; goto err;
if (i & DH_CHECK_P_NOT_PRIME) if (TEST_false(i & DH_CHECK_P_NOT_PRIME)
BIO_puts(out, "p value is not prime\n"); || TEST_false(i & DH_CHECK_P_NOT_SAFE_PRIME)
if (i & DH_CHECK_P_NOT_SAFE_PRIME) || TEST_false(i & DH_UNABLE_TO_CHECK_GENERATOR)
BIO_puts(out, "p value is not a safe prime\n"); || TEST_false(i & DH_NOT_SUITABLE_GENERATOR))
if (i & DH_UNABLE_TO_CHECK_GENERATOR)
BIO_puts(out, "unable to check the generator value\n");
if (i & DH_NOT_SUITABLE_GENERATOR)
BIO_puts(out, "the g value is not a generator\n");
DH_get0_pqg(a, &ap, NULL, &ag);
BIO_puts(out, "\np =");
BN_print(out, ap);
BIO_puts(out, "\ng =");
BN_print(out, ag);
BIO_puts(out, "\n");
b = DH_new();
if (b == NULL)
goto err; goto err;
bp = BN_dup(ap); if (!TEST_ptr(b = DH_new()))
bg = BN_dup(ag); goto err;
if ((bp == NULL) || (bg == NULL) || !DH_set0_pqg(b, bp, NULL, bg))
if (!TEST_ptr(bp = BN_dup(ap))
|| !TEST_ptr(bg = BN_dup(ag))
|| !TEST_true(DH_set0_pqg(b, bp, NULL, bg)))
goto err; goto err;
bp = bg = NULL; bp = bg = NULL;
if (!DH_generate_key(a)) if (!DH_generate_key(a))
goto err; goto err;
DH_get0_key(a, &apub_key, &priv_key);
BIO_puts(out, "pri 1=");
BN_print(out, priv_key);
BIO_puts(out, "\npub 1=");
BN_print(out, apub_key);
BIO_puts(out, "\n");
if (!DH_generate_key(b)) if (!DH_generate_key(b))
goto err; goto err;
DH_get0_key(b, &bpub_key, &priv_key);
BIO_puts(out, "pri 2=");
BN_print(out, priv_key);
BIO_puts(out, "\npub 2=");
BN_print(out, bpub_key);
BIO_puts(out, "\n");
alen = DH_size(a); alen = DH_size(a);
abuf = OPENSSL_malloc(alen); if (!TEST_ptr(abuf = OPENSSL_malloc(alen))
if (abuf == NULL) || !TEST_true(aout = DH_compute_key(abuf, bpub_key, a)))
goto err; goto err;
aout = DH_compute_key(abuf, bpub_key, a);
BIO_puts(out, "key1 =");
for (i = 0; i < aout; i++) {
sprintf(buf, "%02X", abuf[i]);
BIO_puts(out, buf);
}
BIO_puts(out, "\n");
blen = DH_size(b); blen = DH_size(b);
bbuf = OPENSSL_malloc(blen); if (!TEST_ptr(bbuf = OPENSSL_malloc(blen))
if (bbuf == NULL) || !TEST_true(bout = DH_compute_key(bbuf, apub_key, b)))
goto err;
if (!TEST_true(aout < 4)
|| !TEST_mem_eq(abuf, aout, bbuf, bout))
goto err; goto err;
bout = DH_compute_key(bbuf, apub_key, b);
BIO_puts(out, "key2 =");
for (i = 0; i < bout; i++) {
sprintf(buf, "%02X", bbuf[i]);
BIO_puts(out, buf);
}
BIO_puts(out, "\n");
if ((aout < 4) || (bout != aout) || (memcmp(abuf, bbuf, aout) != 0)) {
fprintf(stderr, "Error in DH routines\n");
ret = 1;
} else
ret = 0; ret = 0;
if (!run_rfc5114_tests()) ret = 1;
ret = 1;
err:
(void)BIO_flush(out);
ERR_print_errors_fp(stderr);
err:
OPENSSL_free(abuf); OPENSSL_free(abuf);
OPENSSL_free(bbuf); OPENSSL_free(bbuf);
DH_free(b); DH_free(b);
...@@ -159,30 +103,11 @@ int main(int argc, char *argv[]) ...@@ -159,30 +103,11 @@ int main(int argc, char *argv[])
BN_free(bp); BN_free(bp);
BN_free(bg); BN_free(bg);
BN_GENCB_free(_cb); BN_GENCB_free(_cb);
BIO_free(out); return ret;
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
if (CRYPTO_mem_leaks_fp(stderr) <= 0)
ret = 1;
#endif
EXIT(ret);
} }
static int cb(int p, int n, BN_GENCB *arg) static int cb(int p, int n, BN_GENCB *arg)
{ {
char c = '*';
if (p == 0)
c = '.';
if (p == 1)
c = '+';
if (p == 2)
c = '*';
if (p == 3)
c = '\n';
BIO_write(BN_GENCB_get_arg(arg), &c, 1);
(void)BIO_flush(BN_GENCB_get_arg(arg));
return 1; return 1;
} }
...@@ -468,7 +393,7 @@ static const rfc5114_td rfctd[] = { ...@@ -468,7 +393,7 @@ static const rfc5114_td rfctd[] = {
make_rfc5114_td(2048_256) make_rfc5114_td(2048_256)
}; };
static int run_rfc5114_tests(void) static int rfc5114_test(void)
{ {
int i; int i;
DH *dhA = NULL; DH *dhA = NULL;
...@@ -482,74 +407,63 @@ static int run_rfc5114_tests(void) ...@@ -482,74 +407,63 @@ static int run_rfc5114_tests(void)
for (i = 0; i < (int)OSSL_NELEM(rfctd); i++) { for (i = 0; i < (int)OSSL_NELEM(rfctd); i++) {
td = rfctd + i; td = rfctd + i;
/* Set up DH structures setting key components */ /* Set up DH structures setting key components */
dhA = td->get_param(); if (!TEST_ptr(dhA = td->get_param())
dhB = td->get_param(); || !TEST_ptr(dhB = td->get_param()))
if ((dhA == NULL) || (dhB == NULL))
goto bad_err; goto bad_err;
priv_key = BN_bin2bn(td->xA, td->xA_len, NULL); if (!TEST_ptr(priv_key = BN_bin2bn(td->xA, td->xA_len, NULL))
pub_key = BN_bin2bn(td->yA, td->yA_len, NULL); || !TEST_ptr(pub_key = BN_bin2bn(td->yA, td->yA_len, NULL))
if (priv_key == NULL || pub_key == NULL || !TEST_true(DH_set0_key(dhA, pub_key, priv_key)))
|| !DH_set0_key(dhA, pub_key, priv_key))
goto bad_err; goto bad_err;
priv_key = BN_bin2bn(td->xB, td->xB_len, NULL); if (!TEST_ptr(priv_key = BN_bin2bn(td->xB, td->xB_len, NULL))
pub_key = BN_bin2bn(td->yB, td->yB_len, NULL); || !TEST_ptr(pub_key = BN_bin2bn(td->yB, td->yB_len, NULL))
|| !TEST_true( DH_set0_key(dhB, pub_key, priv_key)))
if (priv_key == NULL || pub_key == NULL
|| !DH_set0_key(dhB, pub_key, priv_key))
goto bad_err; goto bad_err;
priv_key = pub_key = NULL; priv_key = pub_key = NULL;
if ((td->Z_len != (size_t)DH_size(dhA)) if (!TEST_uint_eq(td->Z_len, (size_t)DH_size(dhA))
|| (td->Z_len != (size_t)DH_size(dhB))) || !TEST_uint_eq(td->Z_len, (size_t)DH_size(dhB)))
goto err; goto err;
Z1 = OPENSSL_malloc(DH_size(dhA)); if (!TEST_ptr(Z1 = OPENSSL_malloc(DH_size(dhA)))
Z2 = OPENSSL_malloc(DH_size(dhB)); || !TEST_ptr(Z2 = OPENSSL_malloc(DH_size(dhB))))
if ((Z1 == NULL) || (Z2 == NULL))
goto bad_err; goto bad_err;
/* /*
* Work out shared secrets using both sides and compare with expected * Work out shared secrets using both sides and compare with expected
* values. * values.
*/ */
DH_get0_key(dhB, &pub_key_tmp, NULL); DH_get0_key(dhB, &pub_key_tmp, NULL);
if (DH_compute_key(Z1, pub_key_tmp, dhA) == -1) if (!TEST_int_ne(DH_compute_key(Z1, pub_key_tmp, dhA), -1))
goto bad_err; goto bad_err;
DH_get0_key(dhA, &pub_key_tmp, NULL); DH_get0_key(dhA, &pub_key_tmp, NULL);
if (DH_compute_key(Z2, pub_key_tmp, dhB) == -1) if (!TEST_int_ne(DH_compute_key(Z2, pub_key_tmp, dhB), -1))
goto bad_err; goto bad_err;
if (memcmp(Z1, td->Z, td->Z_len)) if (!TEST_mem_eq(Z1, td->Z_len, td->Z, td->Z_len)
|| !TEST_mem_eq(Z2, td->Z_len, td->Z, td->Z_len))
goto err; goto err;
if (memcmp(Z2, td->Z, td->Z_len))
goto err;
printf("RFC5114 parameter test %d OK\n", i + 1);
DH_free(dhA); DH_free(dhA);
DH_free(dhB);
OPENSSL_free(Z1);
OPENSSL_free(Z2);
dhA = NULL; dhA = NULL;
DH_free(dhB);
dhB = NULL; dhB = NULL;
OPENSSL_free(Z1);
Z1 = NULL; Z1 = NULL;
OPENSSL_free(Z2);
Z2 = NULL; Z2 = NULL;
} }
/* Now i == OSSL_NELEM(rfctd) */ /* Now i == OSSL_NELEM(rfctd) */
/* RFC5114 uses unsafe primes, so now test an invalid y value */ /* RFC5114 uses unsafe primes, so now test an invalid y value */
dhA = DH_get_2048_224(); if (!TEST_ptr(dhA = DH_get_2048_224())
if (dhA == NULL) || !TEST_ptr(Z1 = OPENSSL_malloc(DH_size(dhA))))
goto bad_err;
Z1 = OPENSSL_malloc(DH_size(dhA));
if (Z1 == NULL)
goto bad_err; goto bad_err;
bady = BN_bin2bn(dhtest_rfc5114_2048_224_bad_y, if (!TEST_ptr(bady = BN_bin2bn(dhtest_rfc5114_2048_224_bad_y,
sizeof(dhtest_rfc5114_2048_224_bad_y), NULL); sizeof(dhtest_rfc5114_2048_224_bad_y),
if (bady == NULL) NULL)))
goto bad_err; goto bad_err;
if (!DH_generate_key(dhA)) if (!DH_generate_key(dhA))
...@@ -564,14 +478,11 @@ static int run_rfc5114_tests(void) ...@@ -564,14 +478,11 @@ static int run_rfc5114_tests(void)
} }
/* We'll have a stale error on the queue from the above test so clear it */ /* We'll have a stale error on the queue from the above test so clear it */
ERR_clear_error(); ERR_clear_error();
printf("RFC5114 parameter test %d OK\n", i + 1);
BN_free(bady); BN_free(bady);
DH_free(dhA); DH_free(dhA);
OPENSSL_free(Z1); OPENSSL_free(Z1);
return 1; return 1;
bad_err: bad_err:
BN_free(bady); BN_free(bady);
DH_free(dhA); DH_free(dhA);
...@@ -580,19 +491,23 @@ static int run_rfc5114_tests(void) ...@@ -580,19 +491,23 @@ static int run_rfc5114_tests(void)
BN_free(priv_key); BN_free(priv_key);
OPENSSL_free(Z1); OPENSSL_free(Z1);
OPENSSL_free(Z2); OPENSSL_free(Z2);
TEST_error("Initialisation error RFC5114 set %d\n", i + 1);
fprintf(stderr, "Initialisation error RFC5114 set %d\n", i + 1);
ERR_print_errors_fp(stderr);
return 0; return 0;
err: err:
BN_free(bady); BN_free(bady);
DH_free(dhA); DH_free(dhA);
DH_free(dhB); DH_free(dhB);
OPENSSL_free(Z1); OPENSSL_free(Z1);
OPENSSL_free(Z2); OPENSSL_free(Z2);
TEST_error("Test failed RFC5114 set %d\n", i + 1);
fprintf(stderr, "Test failed RFC5114 set %d\n", i + 1);
return 0; return 0;
} }
void register_tests(void)
{
ADD_TEST(dh_test);
ADD_TEST(rfc5114_test);
}
#endif #endif
...@@ -13,22 +13,14 @@ ...@@ -13,22 +13,14 @@
#include <sys/types.h> #include <sys/types.h>
#include <sys/stat.h> #include <sys/stat.h>
#include "../e_os.h"
#include <openssl/crypto.h> #include <openssl/crypto.h>
#include <openssl/rand.h> #include <openssl/rand.h>
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/bn.h> #include <openssl/bn.h>
#include <openssl/dsa.h>
#ifdef OPENSSL_NO_DSA #include "test_main.h"
int main(int argc, char *argv[]) #include "testutil.h"
{ #include "e_os.h"
printf("No DSA support\n");
return (0);
}
#else
# include <openssl/dsa.h>
static int dsa_cb(int p, int n, BN_GENCB *arg); static int dsa_cb(int p, int n, BN_GENCB *arg);
...@@ -74,9 +66,7 @@ static const unsigned char str1[] = "12345678901234567890"; ...@@ -74,9 +66,7 @@ static const unsigned char str1[] = "12345678901234567890";
static const char rnd_seed[] = static const char rnd_seed[] =
"string to make the random number generator think it has entropy"; "string to make the random number generator think it has entropy";
static BIO *bio_err = NULL; static int dsa_test(void)
int main(int argc, char **argv)
{ {
BN_GENCB *cb; BN_GENCB *cb;
DSA *dsa = NULL; DSA *dsa = NULL;
...@@ -87,110 +77,68 @@ int main(int argc, char **argv) ...@@ -87,110 +77,68 @@ int main(int argc, char **argv)
unsigned int siglen; unsigned int siglen;
const BIGNUM *p = NULL, *q = NULL, *g = NULL; const BIGNUM *p = NULL, *q = NULL, *g = NULL;
if (bio_err == NULL)
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
CRYPTO_set_mem_debug(1);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
RAND_seed(rnd_seed, sizeof rnd_seed); RAND_seed(rnd_seed, sizeof rnd_seed);
BIO_printf(bio_err, "test generation of DSA parameters\n"); if (!TEST_ptr(cb = BN_GENCB_new()))
cb = BN_GENCB_new();
if (!cb)
goto end; goto end;
BN_GENCB_set(cb, dsa_cb, bio_err); BN_GENCB_set(cb, dsa_cb, NULL);
if (((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512, if (!TEST_ptr(dsa = DSA_new())
seed, 20, || !TEST_true(DSA_generate_parameters_ex(dsa, 512, seed, 20,
&counter, &counter, &h, cb)))
&h, cb))
goto end; goto end;
BIO_printf(bio_err, "seed\n"); if (!TEST_int_eq(counter, 105))
for (i = 0; i < 20; i += 4) {
BIO_printf(bio_err, "%02X%02X%02X%02X ",
seed[i], seed[i + 1], seed[i + 2], seed[i + 3]);
}
BIO_printf(bio_err, "\ncounter=%d h=%ld\n", counter, h);
DSA_print(bio_err, dsa, 0);
if (counter != 105) {
BIO_printf(bio_err, "counter should be 105\n");
goto end; goto end;
} if (!TEST_int_eq(h, 2))
if (h != 2) {
BIO_printf(bio_err, "h should be 2\n");
goto end; goto end;
}
DSA_get0_pqg(dsa, &p, &q, &g); DSA_get0_pqg(dsa, &p, &q, &g);
i = BN_bn2bin(q, buf); i = BN_bn2bin(q, buf);
j = sizeof(out_q); j = sizeof(out_q);
if ((i != j) || (memcmp(buf, out_q, i) != 0)) { if (!TEST_int_eq(i, j) || !TEST_mem_eq(buf, i, out_q, i))
BIO_printf(bio_err, "q value is wrong\n");
goto end; goto end;
}
i = BN_bn2bin(p, buf); i = BN_bn2bin(p, buf);
j = sizeof(out_p); j = sizeof(out_p);
if ((i != j) || (memcmp(buf, out_p, i) != 0)) { if (!TEST_int_eq(i, j) || !TEST_mem_eq(buf, i, out_p, i))
BIO_printf(bio_err, "p value is wrong\n");
goto end; goto end;
}
i = BN_bn2bin(g, buf); i = BN_bn2bin(g, buf);
j = sizeof(out_g); j = sizeof(out_g);
if ((i != j) || (memcmp(buf, out_g, i) != 0)) { if (!TEST_int_eq(i, j) || !TEST_mem_eq(buf, i, out_g, i))
BIO_printf(bio_err, "g value is wrong\n");
goto end; goto end;
}
DSA_generate_key(dsa); DSA_generate_key(dsa);
DSA_sign(0, str1, 20, sig, &siglen, dsa); DSA_sign(0, str1, 20, sig, &siglen, dsa);
if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1) if (TEST_true(DSA_verify(0, str1, 20, sig, siglen, dsa)))
ret = 1; ret = 1;
end: end:
if (!ret)
ERR_print_errors(bio_err);
DSA_free(dsa); DSA_free(dsa);
BN_GENCB_free(cb); BN_GENCB_free(cb);
return ret;
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
if (CRYPTO_mem_leaks(bio_err) <= 0)
ret = 0;
#endif
BIO_free(bio_err);
bio_err = NULL;
EXIT(!ret);
} }
static int dsa_cb(int p, int n, BN_GENCB *arg) static int dsa_cb(int p, int n, BN_GENCB *arg)
{ {
char c = '*';
static int ok = 0, num = 0; static int ok = 0, num = 0;
if (p == 0) { if (p == 0)
c = '.';
num++; num++;
}; if (p == 2)
if (p == 1)
c = '+';
if (p == 2) {
c = '*';
ok++; ok++;
}
if (p == 3)
c = '\n';
BIO_write(BN_GENCB_get_arg(arg), &c, 1);
(void)BIO_flush(BN_GENCB_get_arg(arg));
if (!ok && (p == 0) && (num > 1)) { if (!ok && (p == 0) && (num > 1)) {
BIO_printf(BN_GENCB_get_arg(arg), "error in dsatest\n"); TEST_error("dsa_cb error");
return 0; return 0;
} }
return 1; return 1;
} }
void register_tests(void)
{
#ifndef OPENSSL_NO_DSA
ADD_TEST(dsa_test);
#endif #endif
}
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册