This CL adds utility code to process NIST CAVP test vectors using the existing FileTest code. Also add binaries for processing AESAVS (AES) and GCMVS (AES-GCM) vector files. Change-Id: I8e5ebf751d7d4b5504bbb52f3e087b0065babbe0 Reviewed-on: https://boringssl-review.googlesource.com/15484 Reviewed-by: Adam Langley <agl@google.com>kris/onging/CECPQ3_patch15
@@ -122,6 +122,7 @@ add_subdirectory(pkcs8) | |||
add_subdirectory(test) | |||
add_subdirectory(fipsmodule) | |||
add_subdirectory(fipsoracle) | |||
add_library( | |||
crypto_base | |||
@@ -0,0 +1,24 @@ | |||
include_directories(../../include) | |||
if (FIPS) | |||
add_executable( | |||
cavp_aes_test | |||
cavp_aes_test.cc | |||
cavp_test_util.h | |||
cavp_test_util.cc | |||
$<TARGET_OBJECTS:test_support> | |||
) | |||
add_executable( | |||
cavp_aes_gcm_test | |||
cavp_aes_gcm_test.cc | |||
cavp_test_util.h | |||
cavp_test_util.cc | |||
$<TARGET_OBJECTS:test_support> | |||
) | |||
target_link_libraries(cavp_aes_test crypto) | |||
target_link_libraries(cavp_aes_gcm_test crypto) | |||
endif() |
@@ -0,0 +1,211 @@ | |||
/* Copyright (c) 2017, Google Inc. | |||
* | |||
* Permission to use, copy, modify, and/or distribute this software for any | |||
* purpose with or without fee is hereby granted, provided that the above | |||
* copyright notice and this permission notice appear in all copies. | |||
* | |||
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | |||
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | |||
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY | |||
* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | |||
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION | |||
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN | |||
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ | |||
// cavp_aes_gcm_test processes a NIST CAVP AES GCM test vector request file and | |||
// emits the corresponding response. An optional sample vector file can be | |||
// passed to verify the result. | |||
#include <stdlib.h> | |||
#include <openssl/aead.h> | |||
#include <openssl/cipher.h> | |||
#include <openssl/crypto.h> | |||
#include <openssl/err.h> | |||
#include "../test/file_test.h" | |||
#include "cavp_test_util.h" | |||
struct TestCtx { | |||
const EVP_AEAD *aead; | |||
std::unique_ptr<FileTest> response_sample; | |||
}; | |||
static const EVP_AEAD *GetAEAD(const std::string &name, const bool enc) { | |||
if (name == "aes-128-gcm") { | |||
return EVP_aead_aes_128_gcm_fips_testonly(); | |||
} else if (name == "aes-256-gcm") { | |||
return EVP_aead_aes_256_gcm_fips_testonly(); | |||
} | |||
return nullptr; | |||
} | |||
static bool TestAEADEncrypt(FileTest *t, void *arg) { | |||
TestCtx *ctx = reinterpret_cast<TestCtx *>(arg); | |||
std::string key_len_str, iv_len_str, pt_len_str, aad_len_str, tag_len_str; | |||
if (!t->GetInstruction(&key_len_str, "Keylen") || | |||
!t->GetInstruction(&iv_len_str, "IVlen") || | |||
!t->GetInstruction(&pt_len_str, "PTlen") || | |||
!t->GetInstruction(&aad_len_str, "AADlen") || | |||
!t->GetInstruction(&tag_len_str, "Taglen")) { | |||
return false; | |||
} | |||
std::string count; | |||
std::vector<uint8_t> key, iv, pt, aad, tag, ct; | |||
if (!t->GetAttribute(&count, "Count") || | |||
!t->GetBytes(&key, "Key") || | |||
!t->GetBytes(&aad, "AAD") || | |||
!t->GetBytes(&pt, "PT") || | |||
key.size() * 8 != strtoul(key_len_str.c_str(), nullptr, 0) || | |||
pt.size() * 8 != strtoul(pt_len_str.c_str(), nullptr, 0) || | |||
aad.size() * 8 != strtoul(aad_len_str.c_str(), nullptr, 0)) { | |||
return false; | |||
} | |||
size_t tag_len = strtoul(tag_len_str.c_str(), nullptr, 0) / 8; | |||
if (!AEADEncrypt(ctx->aead, &ct, &tag, tag_len, key, pt, aad, &iv)) { | |||
return false; | |||
} | |||
printf("%s", t->CurrentTestToString().c_str()); | |||
printf("IV = %s\r\n", EncodeHex(iv.data(), iv.size()).c_str()); | |||
printf("CT = %s\r\n", EncodeHex(ct.data(), ct.size()).c_str()); | |||
printf("Tag = %s\r\n\r\n", EncodeHex(tag.data(), tag.size()).c_str()); | |||
// Check if sample response file matches. | |||
if (ctx->response_sample) { | |||
ctx->response_sample->ReadNext(); | |||
std::string expected_count; | |||
std::vector<uint8_t> expected_iv, expected_ct, expected_tag; | |||
if (!ctx->response_sample->GetAttribute(&expected_count, "Count") || | |||
count != expected_count || | |||
!ctx->response_sample->GetBytes(&expected_iv, "IV") || | |||
!t->ExpectBytesEqual(expected_iv.data(), expected_iv.size(), iv.data(), | |||
iv.size()) || | |||
!ctx->response_sample->GetBytes(&expected_ct, "CT") || | |||
!t->ExpectBytesEqual(expected_ct.data(), expected_ct.size(), ct.data(), | |||
ct.size()) || | |||
!ctx->response_sample->GetBytes(&expected_tag, "Tag") || | |||
!t->ExpectBytesEqual(expected_tag.data(), expected_tag.size(), | |||
tag.data(), tag.size())) { | |||
t->PrintLine("result doesn't match"); | |||
return false; | |||
} | |||
} | |||
return true; | |||
} | |||
static bool TestAEADDecrypt(FileTest *t, void *arg) { | |||
TestCtx *ctx = reinterpret_cast<TestCtx *>(arg); | |||
std::string key_len, iv_len, pt_len_str, aad_len_str, tag_len; | |||
if (!t->GetInstruction(&key_len, "Keylen") || | |||
!t->GetInstruction(&iv_len, "IVlen") || | |||
!t->GetInstruction(&pt_len_str, "PTlen") || | |||
!t->GetInstruction(&aad_len_str, "AADlen") || | |||
!t->GetInstruction(&tag_len, "Taglen")) { | |||
t->PrintLine("Invalid instruction block."); | |||
return false; | |||
} | |||
size_t aad_len = strtoul(aad_len_str.c_str(), nullptr, 0) / 8; | |||
size_t pt_len = strtoul(pt_len_str.c_str(), nullptr, 0) / 8; | |||
std::string count; | |||
std::vector<uint8_t> key, iv, ct, aad, tag, pt; | |||
if (!t->GetAttribute(&count, "Count") || | |||
!t->GetBytes(&key, "Key") || | |||
!t->GetBytes(&aad, "AAD") || | |||
!t->GetBytes(&tag, "Tag") || | |||
!t->GetBytes(&iv, "IV") || | |||
!t->GetBytes(&ct, "CT") || | |||
key.size() * 8 != strtoul(key_len.c_str(), nullptr, 0) || | |||
iv.size() * 8 != strtoul(iv_len.c_str(), nullptr, 0) || | |||
ct.size() != pt_len || | |||
aad.size() != aad_len || | |||
tag.size() * 8 != strtoul(tag_len.c_str(), nullptr, 0)) { | |||
t->PrintLine("Invalid test case"); | |||
return false; | |||
} | |||
printf("%s", t->CurrentTestToString().c_str()); | |||
bool aead_result = | |||
AEADDecrypt(ctx->aead, &pt, &aad, pt_len, aad_len, key, ct, tag, iv); | |||
if (aead_result) { | |||
printf("PT = %s\r\n\r\n", EncodeHex(pt.data(), pt.size()).c_str()); | |||
} else { | |||
printf("FAIL\r\n\r\n"); | |||
} | |||
// Check if sample response file matches. | |||
if (ctx->response_sample) { | |||
ctx->response_sample->ReadNext(); | |||
std::string expected_count; | |||
std::vector<uint8_t> expected_pt; | |||
if (!ctx->response_sample->GetAttribute(&expected_count, "Count") || | |||
count != expected_count || | |||
(!aead_result && (ctx->response_sample->HasAttribute("PT") || | |||
!ctx->response_sample->HasAttribute("FAIL"))) || | |||
(aead_result && | |||
(ctx->response_sample->HasAttribute("FAIL") || | |||
!ctx->response_sample->GetBytes(&expected_pt, "PT") || | |||
!t->ExpectBytesEqual(expected_pt.data(), expected_pt.size(), | |||
pt.data(), pt.size())))) { | |||
t->PrintLine("result doesn't match"); | |||
return false; | |||
} | |||
} | |||
return true; | |||
} | |||
static int usage(char *arg) { | |||
fprintf(stderr, | |||
"usage: %s (enc|dec) <cipher> <test file> [<sample response file>]\n", | |||
arg); | |||
return 1; | |||
} | |||
int main(int argc, char **argv) { | |||
CRYPTO_library_init(); | |||
if (argc < 4 || argc > 5) { | |||
return usage(argv[0]); | |||
} | |||
const std::string mode(argv[1]); | |||
bool (*test_fn)(FileTest * t, void *arg); | |||
if (mode == "enc") { | |||
test_fn = &TestAEADEncrypt; | |||
} else if (mode == "dec") { | |||
test_fn = &TestAEADDecrypt; | |||
} else { | |||
return usage(argv[0]); | |||
} | |||
const EVP_AEAD *aead = GetAEAD(argv[2], mode == "enc"); | |||
if (aead == nullptr) { | |||
fprintf(stderr, "invalid aead: %s\n", argv[2]); | |||
return 1; | |||
} | |||
TestCtx ctx = {aead, nullptr}; | |||
if (argc == 5) { | |||
ctx.response_sample.reset(new FileTest(argv[4])); | |||
if (!ctx.response_sample->is_open()) { | |||
return 1; | |||
} | |||
ctx.response_sample->SetIgnoreUnusedAttributes(true); | |||
} | |||
printf("# Generated by"); | |||
for (int i = 0; i < argc; i++) { | |||
printf(" %s", argv[i]); | |||
} | |||
printf("\n\n"); | |||
return FileTestMainSilent(test_fn, &ctx, argv[3]); | |||
} |
@@ -0,0 +1,135 @@ | |||
/* Copyright (c) 2017, Google Inc. | |||
* | |||
* Permission to use, copy, modify, and/or distribute this software for any | |||
* purpose with or without fee is hereby granted, provided that the above | |||
* copyright notice and this permission notice appear in all copies. | |||
* | |||
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | |||
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | |||
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY | |||
* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | |||
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION | |||
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN | |||
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ | |||
// cavp_aes_test processes a NIST CAVP AES test vector request file and emits | |||
// the corresponding response. An optional sample vector file can be passed to | |||
// verify the result. | |||
#include <stdlib.h> | |||
#include <openssl/cipher.h> | |||
#include <openssl/crypto.h> | |||
#include <openssl/err.h> | |||
#include "../test/file_test.h" | |||
#include "cavp_test_util.h" | |||
struct TestCtx { | |||
const EVP_CIPHER *cipher; | |||
std::unique_ptr<FileTest> response_sample; | |||
bool has_iv; | |||
}; | |||
static bool TestCipher(FileTest *t, void *arg) { | |||
TestCtx *ctx = reinterpret_cast<TestCtx *>(arg); | |||
if (t->HasInstruction("ENCRYPT") == t->HasInstruction("DECRYPT")) { | |||
t->PrintLine("Want either ENCRYPT or DECRYPT"); | |||
return false; | |||
} | |||
enum { | |||
kEncrypt, | |||
kDecrypt, | |||
} operation = t->HasInstruction("ENCRYPT") ? kEncrypt : kDecrypt; | |||
std::string count; | |||
std::vector<uint8_t> key, iv, in, result; | |||
if (!t->GetAttribute(&count, "COUNT") || | |||
!t->GetBytes(&key, "KEY") || | |||
(ctx->has_iv && !t->GetBytes(&iv, "IV"))) { | |||
return false; | |||
} | |||
const EVP_CIPHER *cipher = ctx->cipher; | |||
if (operation == kEncrypt) { | |||
if (!t->GetBytes(&in, "PLAINTEXT") || | |||
!CipherOperation(cipher, &result, true /* encrypt */, key, iv, in)) { | |||
return false; | |||
} | |||
printf("%sCIPHERTEXT = %s\r\n\r\n", t->CurrentTestToString().c_str(), | |||
EncodeHex(result.data(), result.size()).c_str()); | |||
} else { | |||
if (!t->GetBytes(&in, "CIPHERTEXT") || | |||
!CipherOperation(cipher, &result, false /* decrypt */, key, iv, in)) { | |||
return false; | |||
} | |||
printf("%sPLAINTEXT = %s\r\n\r\n", t->CurrentTestToString().c_str(), | |||
EncodeHex(result.data(), result.size()).c_str()); | |||
} | |||
// Check if sample response file matches. | |||
if (ctx->response_sample) { | |||
if (ctx->response_sample->ReadNext() != FileTest::kReadSuccess) { | |||
t->PrintLine("invalid sample file"); | |||
return false; | |||
} | |||
std::string expected_count; | |||
std::vector<uint8_t> expected_result; | |||
if (!ctx->response_sample->GetAttribute(&expected_count, "COUNT") || | |||
count != expected_count || | |||
(operation == kEncrypt && | |||
(!ctx->response_sample->GetBytes(&expected_result, "CIPHERTEXT") || | |||
!t->ExpectBytesEqual(expected_result.data(), expected_result.size(), | |||
result.data(), result.size()))) || | |||
(operation == kDecrypt && | |||
(!ctx->response_sample->GetBytes(&expected_result, "PLAINTEXT") || | |||
!t->ExpectBytesEqual(expected_result.data(), expected_result.size(), | |||
result.data(), result.size())))) { | |||
t->PrintLine("result doesn't match"); | |||
return false; | |||
} | |||
} | |||
return true; | |||
} | |||
int main(int argc, char **argv) { | |||
CRYPTO_library_init(); | |||
if (argc < 3 || argc > 4) { | |||
fprintf(stderr, "usage: %s <cipher> <test file> [<sample response file>]\n", | |||
argv[0]); | |||
return 1; | |||
} | |||
const EVP_CIPHER *cipher = GetCipher(argv[1]); | |||
if (cipher == nullptr) { | |||
fprintf(stderr, "invalid cipher: %s\n", argv[1]); | |||
return 1; | |||
} | |||
const std::string cipher_name(argv[1]); | |||
const bool has_iv = | |||
(cipher_name != "aes-128-ecb" && | |||
cipher_name != "aes-192-ecb" && | |||
cipher_name != "aes-256-ecb"); | |||
TestCtx ctx = {cipher, nullptr, has_iv}; | |||
if (argc == 4) { | |||
ctx.response_sample.reset(new FileTest(argv[3])); | |||
if (!ctx.response_sample->is_open()) { | |||
return 1; | |||
} | |||
ctx.response_sample->SetIgnoreUnusedAttributes(true); | |||
} | |||
printf("# Generated by"); | |||
for (int i = 0; i < argc; i++) { | |||
printf(" %s", argv[i]); | |||
} | |||
printf("\r\n\r\n"); | |||
return FileTestMainSilent(TestCipher, &ctx, argv[2]); | |||
} |
@@ -0,0 +1,156 @@ | |||
/* Copyright (c) 2017, Google Inc. | |||
* | |||
* Permission to use, copy, modify, and/or distribute this software for any | |||
* purpose with or without fee is hereby granted, provided that the above | |||
* copyright notice and this permission notice appear in all copies. | |||
* | |||
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | |||
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | |||
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY | |||
* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | |||
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION | |||
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN | |||
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ | |||
#include "cavp_test_util.h" | |||
std::string EncodeHex(const uint8_t *in, size_t in_len) { | |||
static const char kHexDigits[] = "0123456789abcdef"; | |||
std::string ret; | |||
ret.reserve(in_len * 2); | |||
for (size_t i = 0; i < in_len; i++) { | |||
ret += kHexDigits[in[i] >> 4]; | |||
ret += kHexDigits[in[i] & 0xf]; | |||
} | |||
return ret; | |||
} | |||
const EVP_CIPHER *GetCipher(const std::string &name) { | |||
if (name == "des-cbc") { | |||
return EVP_des_cbc(); | |||
} else if (name == "des-ecb") { | |||
return EVP_des_ecb(); | |||
} else if (name == "des-ede") { | |||
return EVP_des_ede(); | |||
} else if (name == "des-ede3") { | |||
return EVP_des_ede3(); | |||
} else if (name == "des-ede-cbc") { | |||
return EVP_des_ede_cbc(); | |||
} else if (name == "des-ede3-cbc") { | |||
return EVP_des_ede3_cbc(); | |||
} else if (name == "rc4") { | |||
return EVP_rc4(); | |||
} else if (name == "aes-128-ecb") { | |||
return EVP_aes_128_ecb(); | |||
} else if (name == "aes-256-ecb") { | |||
return EVP_aes_256_ecb(); | |||
} else if (name == "aes-128-cbc") { | |||
return EVP_aes_128_cbc(); | |||
} else if (name == "aes-128-gcm") { | |||
return EVP_aes_128_gcm(); | |||
} else if (name == "aes-128-ofb") { | |||
return EVP_aes_128_ofb(); | |||
} else if (name == "aes-192-cbc") { | |||
return EVP_aes_192_cbc(); | |||
} else if (name == "aes-192-ctr") { | |||
return EVP_aes_192_ctr(); | |||
} else if (name == "aes-192-ecb") { | |||
return EVP_aes_192_ecb(); | |||
} else if (name == "aes-256-cbc") { | |||
return EVP_aes_256_cbc(); | |||
} else if (name == "aes-128-ctr") { | |||
return EVP_aes_128_ctr(); | |||
} else if (name == "aes-256-ctr") { | |||
return EVP_aes_256_ctr(); | |||
} else if (name == "aes-256-gcm") { | |||
return EVP_aes_256_gcm(); | |||
} else if (name == "aes-256-ofb") { | |||
return EVP_aes_256_ofb(); | |||
} | |||
return nullptr; | |||
} | |||
bool CipherOperation(const EVP_CIPHER *cipher, std::vector<uint8_t> *out, | |||
bool encrypt, const std::vector<uint8_t> &key, | |||
const std::vector<uint8_t> &iv, | |||
const std::vector<uint8_t> &in) { | |||
bssl::ScopedEVP_CIPHER_CTX ctx; | |||
if (!EVP_CipherInit_ex(ctx.get(), cipher, nullptr, nullptr, nullptr, | |||
encrypt ? 1 : 0)) { | |||
return false; | |||
} | |||
if (!iv.empty() && iv.size() != EVP_CIPHER_CTX_iv_length(ctx.get())) { | |||
return false; | |||
} | |||
int result_len1 = 0, result_len2; | |||
*out = std::vector<uint8_t>(in.size()); | |||
if (!EVP_CIPHER_CTX_set_key_length(ctx.get(), key.size()) || | |||
!EVP_CipherInit_ex(ctx.get(), nullptr, nullptr, key.data(), iv.data(), | |||
-1) || | |||
!EVP_CIPHER_CTX_set_padding(ctx.get(), 0) || | |||
!EVP_CipherUpdate(ctx.get(), out->data(), &result_len1, in.data(), | |||
in.size()) || | |||
!EVP_CipherFinal_ex(ctx.get(), out->data() + result_len1, &result_len2)) { | |||
return false; | |||
} | |||
out->resize(result_len1 + result_len2); | |||
return true; | |||
} | |||
bool AEADEncrypt(const EVP_AEAD *aead, std::vector<uint8_t> *ct, | |||
std::vector<uint8_t> *tag, size_t tag_len, | |||
const std::vector<uint8_t> &key, | |||
const std::vector<uint8_t> &pt, | |||
const std::vector<uint8_t> &aad, std::vector<uint8_t> *iv) { | |||
bssl::ScopedEVP_AEAD_CTX ctx; | |||
if (!EVP_AEAD_CTX_init_with_direction(ctx.get(), aead, key.data(), key.size(), | |||
tag->size(), evp_aead_seal)) { | |||
return false; | |||
} | |||
std::vector<uint8_t> out; | |||
out.resize(pt.size() + EVP_AEAD_max_overhead(aead)); | |||
size_t out_len; | |||
if (!EVP_AEAD_CTX_seal(ctx.get(), out.data(), &out_len, out.size(), | |||
nullptr /* iv */, 0 /* iv_len */, pt.data(), pt.size(), | |||
aad.data(), aad.size())) { | |||
return false; | |||
} | |||
static const size_t iv_len = EVP_AEAD_nonce_length(aead); | |||
iv->assign(out.begin(), out.begin() + iv_len); | |||
ct->assign(out.begin() + iv_len, out.end() - tag_len); | |||
tag->assign(out.end() - tag_len, out.end()); | |||
return true; | |||
} | |||
bool AEADDecrypt(const EVP_AEAD *aead, std::vector<uint8_t> *pt, | |||
std::vector<uint8_t> *aad, size_t pt_len, size_t aad_len, | |||
const std::vector<uint8_t> &key, | |||
const std::vector<uint8_t> &ct, | |||
const std::vector<uint8_t> &tag, std::vector<uint8_t> &iv) { | |||
bssl::ScopedEVP_AEAD_CTX ctx; | |||
if (!EVP_AEAD_CTX_init_with_direction(ctx.get(), aead, key.data(), key.size(), | |||
tag.size(), evp_aead_open)) { | |||
return false; | |||
} | |||
std::vector<uint8_t> in = iv; | |||
in.reserve(in.size() + ct.size() + tag.size()); | |||
in.insert(in.end(), ct.begin(), ct.end()); | |||
in.insert(in.end(), tag.begin(), tag.end()); | |||
pt->resize(pt_len); | |||
aad->resize(aad_len); | |||
size_t out_pt_len; | |||
if (!EVP_AEAD_CTX_open(ctx.get(), pt->data(), &out_pt_len, pt->size(), | |||
nullptr /* iv */, 0 /* iv_len */, in.data(), in.size(), | |||
aad->data(), aad->size()) || | |||
out_pt_len != pt_len) { | |||
return false; | |||
} | |||
return true; | |||
} |
@@ -0,0 +1,48 @@ | |||
/* Copyright (c) 2017, Google Inc. | |||
* | |||
* Permission to use, copy, modify, and/or distribute this software for any | |||
* purpose with or without fee is hereby granted, provided that the above | |||
* copyright notice and this permission notice appear in all copies. | |||
* | |||
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | |||
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | |||
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY | |||
* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | |||
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION | |||
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN | |||
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ | |||
#ifndef OPENSSL_HEADER_CRYPTO_FIPSMODULE_CAVP_TEST_UTIL_H | |||
#define OPENSSL_HEADER_CRYPTO_FIPSMODULE_CAVP_TEST_UTIL_H | |||
#include <stdlib.h> | |||
#include <string> | |||
#include <vector> | |||
#include <openssl/aead.h> | |||
#include <openssl/cipher.h> | |||
std::string EncodeHex(const uint8_t *in, size_t in_len); | |||
const EVP_CIPHER *GetCipher(const std::string &name); | |||
bool CipherOperation(const EVP_CIPHER *cipher, std::vector<uint8_t> *out, | |||
bool encrypt, const std::vector<uint8_t> &key, | |||
const std::vector<uint8_t> &iv, | |||
const std::vector<uint8_t> &in); | |||
bool AEADEncrypt(const EVP_AEAD *aead, std::vector<uint8_t> *ct, | |||
std::vector<uint8_t> *tag, size_t tag_len, | |||
const std::vector<uint8_t> &key, | |||
const std::vector<uint8_t> &pt, | |||
const std::vector<uint8_t> &aad, std::vector<uint8_t> *iv); | |||
bool AEADDecrypt(const EVP_AEAD *aead, std::vector<uint8_t> *pt, | |||
std::vector<uint8_t> *aad, size_t pt_len, size_t aad_len, | |||
const std::vector<uint8_t> &key, | |||
const std::vector<uint8_t> &ct, | |||
const std::vector<uint8_t> &tag, std::vector<uint8_t> &iv); | |||
#endif // OPENSSL_HEADER_CRYPTO_FIPSMODULE_CAVP_TEST_UTIL_H |
@@ -14,6 +14,7 @@ | |||
#include "file_test.h" | |||
#include <algorithm> | |||
#include <memory> | |||
#include <ctype.h> | |||
@@ -60,26 +61,46 @@ static std::string StripSpace(const char *str, size_t len) { | |||
str++; | |||
len--; | |||
} | |||
while (len > 0 && isspace(str[len-1])) { | |||
while (len > 0 && isspace(str[len - 1])) { | |||
len--; | |||
} | |||
return std::string(str, len); | |||
} | |||
static std::pair<std::string, std::string> ParseKeyValue(const char *str, const size_t len) { | |||
const char *delimiter = FindDelimiter(str); | |||
std::string key, value; | |||
if (delimiter == nullptr) { | |||
key = StripSpace(str, len); | |||
} else { | |||
key = StripSpace(str, delimiter - str); | |||
value = StripSpace(delimiter + 1, str + len - delimiter - 1); | |||
} | |||
return {key, value}; | |||
} | |||
FileTest::ReadResult FileTest::ReadNext() { | |||
// If the previous test had unused attributes, it is an error. | |||
if (!unused_attributes_.empty()) { | |||
// If the previous test had unused attributes or instructions, it is an error. | |||
if (!unused_attributes_.empty() && !ignore_unused_attributes_) { | |||
for (const std::string &key : unused_attributes_) { | |||
PrintLine("Unused attribute: %s", key.c_str()); | |||
} | |||
return kReadError; | |||
} | |||
if (!unused_instructions_.empty() && !ignore_unused_attributes_) { | |||
for (const std::string &key : unused_instructions_) { | |||
PrintLine("Unused instruction: %s", key.c_str()); | |||
} | |||
return kReadError; | |||
} | |||
ClearTest(); | |||
static const size_t kBufLen = 64 + 8192*2; | |||
static const size_t kBufLen = 64 + 8192 * 2; | |||
std::unique_ptr<char[]> buf(new char[kBufLen]); | |||
bool in_instruction_block = false; | |||
while (true) { | |||
// Read the next line. | |||
if (fgets(buf.get(), kBufLen, file_) == nullptr) { | |||
@@ -99,21 +120,51 @@ FileTest::ReadResult FileTest::ReadNext() { | |||
return kReadError; | |||
} | |||
if (buf[0] == '\n' || buf[0] == '\0') { | |||
if (buf[0] == '\n' || buf[0] == '\r' || buf[0] == '\0') { | |||
// Empty lines delimit tests. | |||
if (start_line_ > 0) { | |||
return kReadSuccess; | |||
} | |||
if (in_instruction_block) { | |||
in_instruction_block = false; | |||
// Delimit instruction block from test with a blank line. | |||
current_test_ += "\r\n"; | |||
} | |||
} else if (buf[0] == '[') { // Inside an instruction block. | |||
if (start_line_ != 0) { | |||
// Instructions should be separate blocks. | |||
fprintf(stderr, "Line %u is an instruction in a test case.\n", line_); | |||
return kReadError; | |||
} | |||
if (!in_instruction_block) { | |||
ClearInstructions(); | |||
in_instruction_block = true; | |||
} | |||
// Parse the line as an instruction ("[key = value]" or "[key]"). | |||
std::string kv = StripSpace(buf.get(), len); | |||
if (kv[kv.size() - 1] != ']') { | |||
fprintf(stderr, "Line %u, invalid instruction: %s\n", line_, | |||
kv.c_str()); | |||
return kReadError; | |||
} | |||
current_test_ += kv + "\r\n"; | |||
kv = std::string(kv.begin() + 1, kv.end() - 1); | |||
std::string key, value; | |||
std::tie(key, value) = ParseKeyValue(kv.c_str(), kv.size()); | |||
instructions_[key] = value; | |||
} else if (buf[0] != '#') { // Comment lines are ignored. | |||
// Parse the line as an attribute. | |||
const char *delimiter = FindDelimiter(buf.get()); | |||
if (delimiter == nullptr) { | |||
fprintf(stderr, "Line %u: Could not parse attribute.\n", line_); | |||
if (in_instruction_block) { | |||
// Test cases should be separate blocks. | |||
fprintf(stderr, "Line %u is a test case attribute in an instruction block.\n", | |||
line_); | |||
return kReadError; | |||
} | |||
std::string key = StripSpace(buf.get(), delimiter - buf.get()); | |||
std::string value = StripSpace(delimiter + 1, | |||
buf.get() + len - delimiter - 1); | |||
current_test_ += std::string(buf.get(), len); | |||
std::string key, value; | |||
std::tie(key, value) = ParseKeyValue(buf.get(), len); | |||
unused_attributes_.insert(key); | |||
attributes_[key] = value; | |||
@@ -122,6 +173,9 @@ FileTest::ReadResult FileTest::ReadNext() { | |||
type_ = key; | |||
parameter_ = value; | |||
start_line_ = line_; | |||
for (const auto &kv : instructions_) { | |||
unused_instructions_.insert(kv.first); | |||
} | |||
} | |||
} | |||
} | |||
@@ -171,6 +225,26 @@ const std::string &FileTest::GetAttributeOrDie(const std::string &key) { | |||
return attributes_[key]; | |||
} | |||
bool FileTest::HasInstruction(const std::string &key) { | |||
OnInstructionUsed(key); | |||
return instructions_.count(key) > 0; | |||
} | |||
bool FileTest::GetInstruction(std::string *out_value, const std::string &key) { | |||
OnInstructionUsed(key); | |||
auto iter = instructions_.find(key); | |||
if (iter == instructions_.end()) { | |||
PrintLine("Missing instruction '%s'.", key.c_str()); | |||
return false; | |||
} | |||
*out_value = iter->second; | |||
return true; | |||
} | |||
const std::string &FileTest::CurrentTestToString() const { | |||
return current_test_; | |||
} | |||
static bool FromHexDigit(uint8_t *out, char c) { | |||
if ('0' <= c && c <= '9') { | |||
*out = c - '0'; | |||
@@ -206,7 +280,7 @@ bool FileTest::GetBytes(std::vector<uint8_t> *out, const std::string &key) { | |||
out->reserve(value.size() / 2); | |||
for (size_t i = 0; i < value.size(); i += 2) { | |||
uint8_t hi, lo; | |||
if (!FromHexDigit(&hi, value[i]) || !FromHexDigit(&lo, value[i+1])) { | |||
if (!FromHexDigit(&hi, value[i]) || !FromHexDigit(&lo, value[i + 1])) { | |||
PrintLine("Error decoding value: %s", value.c_str()); | |||
return false; | |||
} | |||
@@ -246,14 +320,28 @@ void FileTest::ClearTest() { | |||
parameter_.clear(); | |||
attributes_.clear(); | |||
unused_attributes_.clear(); | |||
current_test_ = ""; | |||
} | |||
void FileTest::ClearInstructions() { | |||
instructions_.clear(); | |||
unused_attributes_.clear(); | |||
} | |||
void FileTest::OnKeyUsed(const std::string &key) { | |||
unused_attributes_.erase(key); | |||
} | |||
int FileTestMain(bool (*run_test)(FileTest *t, void *arg), void *arg, | |||
const char *path) { | |||
void FileTest::OnInstructionUsed(const std::string &key) { | |||
unused_instructions_.erase(key); | |||
} | |||
void FileTest::SetIgnoreUnusedAttributes(bool ignore) { | |||
ignore_unused_attributes_ = ignore; | |||
} | |||
int FileTestMainSilent(bool (*run_test)(FileTest *t, void *arg), void *arg, | |||
const char *path) { | |||
FileTest t(path); | |||
if (!t.is_open()) { | |||
return 1; | |||
@@ -278,8 +366,8 @@ int FileTestMain(bool (*run_test)(FileTest *t, void *arg), void *arg, | |||
uint32_t err = ERR_peek_error(); | |||
if (ERR_reason_error_string(err) != t.GetAttributeOrDie("Error")) { | |||
t.PrintLine("Unexpected error; wanted '%s', got '%s'.", | |||
t.GetAttributeOrDie("Error").c_str(), | |||
ERR_reason_error_string(err)); | |||
t.GetAttributeOrDie("Error").c_str(), | |||
ERR_reason_error_string(err)); | |||
failed = true; | |||
ERR_clear_error(); | |||
continue; | |||
@@ -295,10 +383,14 @@ int FileTestMain(bool (*run_test)(FileTest *t, void *arg), void *arg, | |||
} | |||
} | |||
if (failed) { | |||
return 1; | |||
} | |||
return failed ? 1 : 0; | |||
} | |||
printf("PASS\n"); | |||
return 0; | |||
int FileTestMain(bool (*run_test)(FileTest *t, void *arg), void *arg, | |||
const char *path) { | |||
int result = FileTestMainSilent(run_test, arg, path); | |||
if (!result) { | |||
printf("PASS\n"); | |||
} | |||
return result; | |||
} |
@@ -21,11 +21,11 @@ | |||
#include <stdio.h> | |||
OPENSSL_MSVC_PRAGMA(warning(push)) | |||
OPENSSL_MSVC_PRAGMA(warning(disable: 4702)) | |||
OPENSSL_MSVC_PRAGMA(warning(disable : 4702)) | |||
#include <string> | |||
#include <map> | |||
#include <set> | |||
#include <string> | |||
#include <vector> | |||
OPENSSL_MSVC_PRAGMA(warning(pop)) | |||
@@ -33,31 +33,46 @@ OPENSSL_MSVC_PRAGMA(warning(pop)) | |||
// File-based test framework. | |||
// | |||
// This module provides a file-based test framework. The file format is based on | |||
// that of OpenSSL upstream's evp_test and BoringSSL's aead_test. Each input | |||
// file is a sequence of attributes and blank lines. | |||
// that of OpenSSL upstream's evp_test and BoringSSL's aead_test. NIST CAVP test | |||
// vector files are also supported. Each input file is a sequence of attributes, | |||
// instructions and blank lines. | |||
// | |||
// Each attribute has the form: | |||
// | |||
// Name = Value | |||
// | |||
// Instructions are enclosed in square brackets and may appear without a value: | |||
// | |||
// [Name = Value] | |||
// | |||
// or | |||
// | |||
// [Name] | |||
// | |||
// Either '=' or ':' may be used to delimit the name from the value. Both the | |||
// name and value have leading and trailing spaces stripped. | |||
// | |||
// Lines beginning with # are ignored. | |||
// Each file contains a number of instruction blocks and test cases. | |||
// | |||
// An instruction block is a sequence of instructions followed by a blank line. | |||
// Instructions apply to all test cases following its appearance, until the next | |||
// instruction block. Instructions are unordered. | |||
// | |||
// A test is a sequence of one or more attributes followed by a blank line. For | |||
// tests that process multiple kinds of test cases, the first attribute is | |||
// parsed out as the test's type and parameter. Otherwise, attributes are | |||
// unordered. The first attribute is also included in the set of attributes, so | |||
// tests which do not dispatch may ignore this mechanism. | |||
// | |||
// A test is a sequence of one or more attributes followed by a blank line. | |||
// Blank lines are otherwise ignored. For tests that process multiple kinds of | |||
// test cases, the first attribute is parsed out as the test's type and | |||
// parameter. Otherwise, attributes are unordered. The first attribute is also | |||
// included in the set of attributes, so tests which do not dispatch may ignore | |||
// this mechanism. | |||
// Additional blank lines and lines beginning with # are ignored. | |||
// | |||
// Functions in this module freely output to |stderr| on failure. Tests should | |||
// also do so, and it is recommended they include the corresponding test's line | |||
// number in any output. |PrintLine| does this automatically. | |||
// | |||
// Each attribute in a test must be consumed. When a test completes, if any | |||
// attributes haven't been processed, the framework reports an error. | |||
// Each attribute in a test and all instructions applying to it must be | |||
// consumed. When a test completes, if any attributes or insturctions haven't | |||
// been processed, the framework reports an error. | |||
class FileTest { | |||
@@ -115,9 +130,28 @@ class FileTest { | |||
bool ExpectBytesEqual(const uint8_t *expected, size_t expected_len, | |||
const uint8_t *actual, size_t actual_len); | |||
// HasInstruction returns true if the current test has an instruction. | |||
bool HasInstruction(const std::string &key); | |||
// GetInstruction looks up the instruction with key |key|. It sets | |||
// |*out_value| to the value (empty string if the instruction has no value) | |||
// and returns true if it exists and returns false with an error to |stderr| | |||
// otherwise. | |||
bool GetInstruction(std::string *out_value, const std::string &key); | |||
// CurrentTestToString returns the file content parsed for the current test. | |||
// If the current test was preceded by an instruction block, the return test | |||
// case is preceded by the instruction block and a single blank line. All | |||
// other blank or comment lines are omitted. | |||
const std::string &CurrentTestToString() const; | |||
void SetIgnoreUnusedAttributes(bool ignore); | |||
private: | |||
void ClearTest(); | |||
void ClearInstructions(); | |||
void OnKeyUsed(const std::string &key); | |||
void OnInstructionUsed(const std::string &key); | |||
FILE *file_ = nullptr; | |||
// line_ is the number of lines read. | |||
@@ -131,12 +165,21 @@ class FileTest { | |||
std::string parameter_; | |||
// attributes_ contains all attributes in the test, including the first. | |||
std::map<std::string, std::string> attributes_; | |||
// instructions_ contains all instructions in scope for the test. | |||
std::map<std::string, std::string> instructions_; | |||
// unused_attributes_ is the set of attributes that have been queried. | |||
// unused_attributes_ is the set of attributes that have not been queried. | |||
std::set<std::string> unused_attributes_; | |||
FileTest(const FileTest&) = delete; | |||
FileTest &operator=(const FileTest&) = delete; | |||
// unused_instructions_ is the set of instructions that have not been queried. | |||
std::set<std::string> unused_instructions_; | |||
std::string current_test_; | |||
bool ignore_unused_attributes_ = false; | |||
FileTest(const FileTest &) = delete; | |||
FileTest &operator=(const FileTest &) = delete; | |||
}; | |||
// FileTestMain runs a file-based test out of |path| and returns an exit code | |||
@@ -153,5 +196,9 @@ class FileTest { | |||
int FileTestMain(bool (*run_test)(FileTest *t, void *arg), void *arg, | |||
const char *path); | |||
// FileTestMainSilent behaves like FileTestMain but does not print a final | |||
// FAIL/PASS message to stdout. | |||
int FileTestMainSilent(bool (*run_test)(FileTest *t, void *arg), void *arg, | |||
const char *path); | |||
#endif /* OPENSSL_HEADER_CRYPTO_TEST_FILE_TEST_H */ |