kris
/
boringssl
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
262 Commits
12 Branches
38 MiB
 
 
 
 
 
 
Tree: 794bf6e0ce
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '794bf6e0ce'
${ noResults }
boringssl/crypto/cipher/cipher_test.c

410 lines
12 KiB
Raw Blame History 

  1. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

  2.  * All rights reserved.

  3.  *

  4.  * This package is an SSL implementation written

  5.  * by Eric Young (eay@cryptsoft.com).

  6.  * The implementation was written so as to conform with Netscapes SSL.

  7.  *

  8.  * This library is free for commercial and non-commercial use as long as

  9.  * the following conditions are aheared to.  The following conditions

  10.  * apply to all code found in this distribution, be it the RC4, RSA,

  11.  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation

  12.  * included with this distribution is covered by the same copyright terms

  13.  * except that the holder is Tim Hudson (tjh@cryptsoft.com).

  14.  *

  15.  * Copyright remains Eric Young's, and as such any Copyright notices in

  16.  * the code are not to be removed.

  17.  * If this package is used in a product, Eric Young should be given attribution

  18.  * as the author of the parts of the library used.

  19.  * This can be in the form of a textual message at program startup or

  20.  * in documentation (online or textual) provided with the package.

  21.  *

  22.  * Redistribution and use in source and binary forms, with or without

  23.  * modification, are permitted provided that the following conditions

  24.  * are met:

  25.  * 1. Redistributions of source code must retain the copyright

  26.  *    notice, this list of conditions and the following disclaimer.

  27.  * 2. Redistributions in binary form must reproduce the above copyright

  28.  *    notice, this list of conditions and the following disclaimer in the

  29.  *    documentation and/or other materials provided with the distribution.

  30.  * 3. All advertising materials mentioning features or use of this software

  31.  *    must display the following acknowledgement:

  32.  *    "This product includes cryptographic software written by

  33.  *     Eric Young (eay@cryptsoft.com)"

  34.  *    The word 'cryptographic' can be left out if the rouines from the library

  35.  *    being used are not cryptographic related :-).

  36.  * 4. If you include any Windows specific code (or a derivative thereof) from

  37.  *    the apps directory (application code) you must include an acknowledgement:

  38.  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

  39.  *

  40.  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND

  41.  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  42.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

  43.  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

  44.  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

  45.  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

  46.  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  47.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

  48.  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

  49.  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

  50.  * SUCH DAMAGE.

  51.  *

  52.  * The licence and distribution terms for any publically available version or

  53.  * derivative of this code cannot be changed.  i.e. this code cannot simply be

  54.  * copied and put under another distribution licence

  55.  * [including the GNU Public Licence.] */

  56. 

  57. #include <stdio.h>

  58. 

  59. #include <openssl/cipher.h>

  60. #include <openssl/err.h>

  61. #include <openssl/bio.h>

  62. 

  63. 

  64. static void hexdump(FILE *f, const char *title, const uint8_t *s, int l) {

  65.   int n = 0;

  66. 

  67.   fprintf(f, "%s", title);

  68.   for (; n < l; ++n) {

  69.     if ((n % 16) == 0)

  70.       fprintf(f, "\n%04x", n);

  71.     fprintf(f, " %02x", s[n]);

  72.   }

  73.   fprintf(f, "\n");

  74. }

  75. 

  76. static int convert(uint8_t *s) {

  77.   uint8_t *d;

  78. 

  79.   for (d = s; *s; s += 2, ++d) {

  80.     unsigned int n;

  81. 

  82.     if (!s[1]) {

  83.       fprintf(stderr, "Odd number of hex digits!");

  84.       exit(4);

  85.     }

  86.     sscanf((char *)s, "%2x", &n);

  87.     *d = (uint8_t)n;

  88.   }

  89.   return s - d;

  90. }

  91. 

  92. static char *sstrsep(char **string, const char *delim) {

  93.   char isdelim[256];

  94.   char *token = *string;

  95. 

  96.   if (**string == 0) {

  97.     return NULL;

  98.   }

  99. 

  100.   memset(isdelim, 0, 256);

  101.   isdelim[0] = 1;

  102. 

  103.   while (*delim) {

  104.     isdelim[(uint8_t)(*delim)] = 1;

  105.     delim++;

  106.   }

  107. 

  108.   while (!isdelim[(uint8_t)(**string)]) {

  109.     (*string)++;

  110.   }

  111. 

  112.   if (**string) {

  113.     **string = 0;

  114.     (*string)++;

  115.   }

  116. 

  117.   return token;

  118. }

  119. 

  120. static uint8_t *ustrsep(char **p, const char *sep) {

  121.   return (uint8_t *)sstrsep(p, sep);

  122. }

  123. 

  124. static void test1(const EVP_CIPHER *c, const uint8_t *key, int kn,

  125.                   const uint8_t *iv, int in, const uint8_t *plaintext, int pn,

  126.                   const uint8_t *ciphertext, int cn, const uint8_t *aad, int an,

  127.                   const uint8_t *tag, int tn, int encdec) {

  128.   EVP_CIPHER_CTX ctx;

  129.   uint8_t out[4096];

  130.   int outl, outl2, mode;

  131. 

  132.   printf("Testing cipher %s%s\n", EVP_CIPHER_name(c),

  133.          (encdec == 1 ? "(encrypt)"

  134.                       : (encdec == 0 ? "(decrypt)" : "(encrypt/decrypt)")));

  135.   hexdump(stdout, "Key", key, kn);

  136.   if (in) {

  137.     hexdump(stdout, "IV", iv, in);

  138.   }

  139.   hexdump(stdout, "Plaintext", plaintext, pn);

  140.   hexdump(stdout, "Ciphertext", ciphertext, cn);

  141.   if (an) {

  142.     hexdump(stdout, "AAD", aad, an);

  143.   }

  144.   if (tn) {

  145.     hexdump(stdout, "Tag", tag, tn);

  146.   }

  147.   mode = EVP_CIPHER_mode(c);

  148.   if (kn != EVP_CIPHER_key_length(c)) {

  149.     fprintf(stderr, "Key length doesn't match, got %d expected %lu\n", kn,

  150.             (unsigned long)EVP_CIPHER_key_length(c));

  151.     exit(5);

  152.   }

  153.   EVP_CIPHER_CTX_init(&ctx);

  154.   if (encdec != 0) {

  155.     if (mode == EVP_CIPH_GCM_MODE) {

  156.       if (!EVP_EncryptInit_ex(&ctx, c, NULL, NULL, NULL)) {

  157.         fprintf(stderr, "EncryptInit failed\n");

  158.         BIO_print_errors_fp(stderr);

  159.         exit(10);

  160.       }

  161.       if (!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN, in, NULL)) {

  162.         fprintf(stderr, "IV length set failed\n");

  163.         BIO_print_errors_fp(stderr);

  164.         exit(11);

  165.       }

  166.       if (!EVP_EncryptInit_ex(&ctx, NULL, NULL, key, iv)) {

  167.         fprintf(stderr, "Key/IV set failed\n");

  168.         BIO_print_errors_fp(stderr);

  169.         exit(12);

  170.       }

  171.       if (an && !EVP_EncryptUpdate(&ctx, NULL, &outl, aad, an)) {

  172.         fprintf(stderr, "AAD set failed\n");

  173.         BIO_print_errors_fp(stderr);

  174.         exit(13);

  175.       }

  176.     } else if (!EVP_EncryptInit_ex(&ctx, c, NULL, key, iv)) {

  177.       fprintf(stderr, "EncryptInit failed\n");

  178.       BIO_print_errors_fp(stderr);

  179.       exit(10);

  180.     }

  181.     EVP_CIPHER_CTX_set_padding(&ctx, 0);

  182. 

  183.     if (!EVP_EncryptUpdate(&ctx, out, &outl, plaintext, pn)) {

  184.       fprintf(stderr, "Encrypt failed\n");

  185.       BIO_print_errors_fp(stderr);

  186.       exit(6);

  187.     }

  188.     if (!EVP_EncryptFinal_ex(&ctx, out + outl, &outl2)) {

  189.       fprintf(stderr, "EncryptFinal failed\n");

  190.       BIO_print_errors_fp(stderr);

  191.       exit(7);

  192.     }

  193. 

  194.     if (outl + outl2 != cn) {

  195.       fprintf(stderr, "Ciphertext length mismatch got %d expected %d\n",

  196.               outl + outl2, cn);

  197.       exit(8);

  198.     }

  199. 

  200.     if (memcmp(out, ciphertext, cn)) {

  201.       fprintf(stderr, "Ciphertext mismatch\n");

  202.       hexdump(stderr, "Got", out, cn);

  203.       hexdump(stderr, "Expected", ciphertext, cn);

  204.       exit(9);

  205.     }

  206.     if (mode == EVP_CIPH_GCM_MODE) {

  207.       uint8_t rtag[16];

  208.       /* Note: EVP_CTRL_CCM_GET_TAG has same value as

  209.        * EVP_CTRL_GCM_GET_TAG

  210.        */

  211.       if (!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_GET_TAG, tn, rtag)) {

  212.         fprintf(stderr, "Get tag failed\n");

  213.         BIO_print_errors_fp(stderr);

  214.         exit(14);

  215.       }

  216.       if (memcmp(rtag, tag, tn)) {

  217.         fprintf(stderr, "Tag mismatch\n");

  218.         hexdump(stderr, "Got", rtag, tn);

  219.         hexdump(stderr, "Expected", tag, tn);

  220.         exit(9);

  221.       }

  222.     }

  223.   }

  224. 

  225.   if (encdec <= 0) {

  226.     if (mode == EVP_CIPH_GCM_MODE) {

  227.       if (!EVP_DecryptInit_ex(&ctx, c, NULL, NULL, NULL)) {

  228.         fprintf(stderr, "EncryptInit failed\n");

  229.         BIO_print_errors_fp(stderr);

  230.         exit(10);

  231.       }

  232.       if (!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN, in, NULL)) {

  233.         fprintf(stderr, "IV length set failed\n");

  234.         BIO_print_errors_fp(stderr);

  235.         exit(11);

  236.       }

  237.       if (!EVP_DecryptInit_ex(&ctx, NULL, NULL, key, iv)) {

  238.         fprintf(stderr, "Key/IV set failed\n");

  239.         BIO_print_errors_fp(stderr);

  240.         exit(12);

  241.       }

  242.       if (!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_TAG, tn, (void *)tag)) {

  243.         fprintf(stderr, "Set tag failed\n");

  244.         BIO_print_errors_fp(stderr);

  245.         exit(14);

  246.       }

  247.       if (an && !EVP_DecryptUpdate(&ctx, NULL, &outl, aad, an)) {

  248.         fprintf(stderr, "AAD set failed\n");

  249.         BIO_print_errors_fp(stderr);

  250.         exit(13);

  251.       }

  252.     } else if (!EVP_DecryptInit_ex(&ctx, c, NULL, key, iv)) {

  253.       fprintf(stderr, "DecryptInit failed\n");

  254.       BIO_print_errors_fp(stderr);

  255.       exit(11);

  256.     }

  257.     EVP_CIPHER_CTX_set_padding(&ctx, 0);

  258. 

  259.     if (!EVP_DecryptUpdate(&ctx, out, &outl, ciphertext, cn)) {

  260.       fprintf(stderr, "Decrypt failed\n");

  261.       BIO_print_errors_fp(stderr);

  262.       exit(6);

  263.     }

  264.     outl2 = 0;

  265.     if (!EVP_DecryptFinal_ex(&ctx, out + outl, &outl2)) {

  266.       fprintf(stderr, "DecryptFinal failed\n");

  267.       BIO_print_errors_fp(stderr);

  268.       exit(7);

  269.     }

  270. 

  271.     if (outl + outl2 != pn) {

  272.       fprintf(stderr, "Plaintext length mismatch got %d expected %d\n",

  273.               outl + outl2, pn);

  274.       exit(8);

  275.     }

  276. 

  277.     if (memcmp(out, plaintext, pn)) {

  278.       fprintf(stderr, "Plaintext mismatch\n");

  279.       hexdump(stderr, "Got", out, pn);

  280.       hexdump(stderr, "Expected", plaintext, pn);

  281.       exit(9);

  282.     }

  283.   }

  284. 

  285.   EVP_CIPHER_CTX_cleanup(&ctx);

  286. 

  287.   printf("\n");

  288. }

  289. 

  290. static int test_cipher(const char *cipher, const uint8_t *key, int kn,

  291.                        const uint8_t *iv, int in, const uint8_t *plaintext,

  292.                        int pn, const uint8_t *ciphertext, int cn,

  293.                        const uint8_t *aad, int an, const uint8_t *tag, int tn,

  294.                        int encdec) {

  295.   const EVP_CIPHER *c;

  296. 

  297.   if (strcmp(cipher, "DES-CBC") == 0) {

  298.     c = EVP_des_cbc();

  299.   } else if (strcmp(cipher, "DES-EDE3-CBC") == 0) {

  300.     c = EVP_des_ede3_cbc();

  301.   } else if (strcmp(cipher, "RC4") == 0) {

  302.     c = EVP_rc4();

  303.   } else if (strcmp(cipher, "AES-128-ECB") == 0) {

  304.     c = EVP_aes_128_ecb();

  305.   } else if (strcmp(cipher, "AES-256-ECB") == 0) {

  306.     c = EVP_aes_256_ecb();

  307.   } else if (strcmp(cipher, "AES-128-CBC") == 0) {

  308.     c = EVP_aes_128_cbc();

  309.   } else if (strcmp(cipher, "AES-128-GCM") == 0) {

  310.     c = EVP_aes_128_gcm();

  311.   } else if (strcmp(cipher, "AES-256-CBC") == 0) {

  312.     c = EVP_aes_256_cbc();

  313.   } else if (strcmp(cipher, "AES-128-CTR") == 0) {

  314.     c = EVP_aes_128_ctr();

  315.   } else if (strcmp(cipher, "AES-256-CTR") == 0) {

  316.     c = EVP_aes_256_ctr();

  317.   } else if (strcmp(cipher, "AES-256-GCM") == 0) {

  318.     c = EVP_aes_256_gcm();

  319.   } else {

  320.     fprintf(stderr, "Unknown cipher type %s\n", cipher);

  321.     return 0;

  322.   }

  323. 

  324.   test1(c, key, kn, iv, in, plaintext, pn, ciphertext, cn, aad, an, tag, tn,

  325.         encdec);

  326. 

  327.   return 1;

  328. }

  329. 

  330. int main(int argc, char **argv) {

  331.   const char *input_file;

  332.   FILE *f;

  333. 

  334.   if (argc != 2) {

  335.     fprintf(stderr, "%s <test file>\n", argv[0]);

  336.     return 1;

  337.   }

  338. 

  339.   input_file = argv[1];

  340. 

  341.   f = fopen(input_file, "r");

  342.   if (!f) {

  343.     perror(input_file);

  344.     return 2;

  345.   }

  346. 

  347.   ERR_load_crypto_strings();

  348. 

  349.   for (;;) {

  350.     char line[4096];

  351.     char *p;

  352.     char *cipher;

  353.     uint8_t *iv, *key, *plaintext, *ciphertext, *aad, *tag;

  354.     int encdec;

  355.     int kn, in, pn, cn;

  356.     int an = 0;

  357.     int tn = 0;

  358. 

  359.     if (!fgets((char *)line, sizeof line, f)) {

  360.       break;

  361.     }

  362.     if (line[0] == '#' || line[0] == '\n') {

  363.       continue;

  364.     }

  365.     p = line;

  366.     cipher = sstrsep(&p, ":");

  367.     key = ustrsep(&p, ":");

  368.     iv = ustrsep(&p, ":");

  369.     plaintext = ustrsep(&p, ":");

  370.     ciphertext = ustrsep(&p, ":");

  371.     if (p[-1] == '\n') {

  372.       encdec = -1;

  373.       p[-1] = '\0';

  374.       tag = aad = NULL;

  375.       an = tn = 0;

  376.     } else {

  377.       aad = ustrsep(&p, ":");

  378.       tag = ustrsep(&p, ":");

  379.       if (tag == NULL) {

  380.         p = (char *)aad;

  381.         tag = aad = NULL;

  382.         an = tn = 0;

  383.       }

  384.       if (p[-1] == '\n') {

  385.         encdec = -1;

  386.         p[-1] = '\0';

  387.       } else

  388.         encdec = atoi(sstrsep(&p, "\n"));

  389.     }

  390. 

  391.     kn = convert(key);

  392.     in = convert(iv);

  393.     pn = convert(plaintext);

  394.     cn = convert(ciphertext);

  395.     if (aad) {

  396.       an = convert(aad);

  397.       tn = convert(tag);

  398.     }

  399. 

  400.     if (!test_cipher(cipher, key, kn, iv, in, plaintext, pn, ciphertext, cn,

  401.                      aad, an, tag, tn, encdec)) {

  402.       return 3;

  403.     }

  404.   }

  405.   fclose(f);

  406. 

  407.   printf("PASS\n");

  408.   return 0;

  409. }