kris
/
boringssl
1
0
Форкнуть 0
Код Задачи 0 Pull Request'ы 0 Релизы 0 Вики Активность
Вы не можете выбрать более 25 тем Темы должны начинаться с буквы или цифры, могут содержать дефисы(-) и должны содержать не более 35 символов.
5212 коммитов
12 Ветки
38 MiB
 
 
 
 
 
 
Дерево: aca24c8724
Ветки Теги
${ item.name }
Создать ветку ${ searchTerm }
из 'aca24c8724'
${ noResults }
boringssl/crypto/digest_extra/digest_test.cc

278 строки
10 KiB
Исходник Вина История 

  1. /* Copyright (c) 2014, Google Inc.

  2.  *

  3.  * Permission to use, copy, modify, and/or distribute this software for any

  4.  * purpose with or without fee is hereby granted, provided that the above

  5.  * copyright notice and this permission notice appear in all copies.

  6.  *

  7.  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES

  8.  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF

  9.  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY

  10.  * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES

  11.  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION

  12.  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN

  13.  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

  14. 

  15. #include <stdint.h>

  16. #include <stdio.h>

  17. #include <string.h>

  18. 

  19. #include <memory>

  20. 

  21. #include <gtest/gtest.h>

  22. 

  23. #include <openssl/asn1.h>

  24. #include <openssl/bytestring.h>

  25. #include <openssl/crypto.h>

  26. #include <openssl/digest.h>

  27. #include <openssl/err.h>

  28. #include <openssl/md4.h>

  29. #include <openssl/md5.h>

  30. #include <openssl/nid.h>

  31. #include <openssl/obj.h>

  32. #include <openssl/sha.h>

  33. 

  34. #include "../internal.h"

  35. #include "../test/test_util.h"

  36. 

  37. 

  38. struct MD {

  39.   // name is the name of the digest.

  40.   const char* name;

  41.   // md_func is the digest to test.

  42.   const EVP_MD *(*func)(void);

  43.   // one_shot_func is the convenience one-shot version of the

  44.   // digest.

  45.   uint8_t *(*one_shot_func)(const uint8_t *, size_t, uint8_t *);

  46. };

  47. 

  48. static const MD md4 = { "MD4", &EVP_md4, nullptr };

  49. static const MD md5 = { "MD5", &EVP_md5, &MD5 };

  50. static const MD sha1 = { "SHA1", &EVP_sha1, &SHA1 };

  51. static const MD sha224 = { "SHA224", &EVP_sha224, &SHA224 };

  52. static const MD sha256 = { "SHA256", &EVP_sha256, &SHA256 };

  53. static const MD sha384 = { "SHA384", &EVP_sha384, &SHA384 };

  54. static const MD sha512 = { "SHA512", &EVP_sha512, &SHA512 };

  55. static const MD md5_sha1 = { "MD5-SHA1", &EVP_md5_sha1, nullptr };

  56. 

  57. struct TestVector {

  58.   // md is the digest to test.

  59.   const MD &md;

  60.   // input is a NUL-terminated string to hash.

  61.   const char *input;

  62.   // repeat is the number of times to repeat input.

  63.   size_t repeat;

  64.   // expected_hex is the expected digest in hexadecimal.

  65.   const char *expected_hex;

  66. };

  67. 

  68. static const TestVector kTestVectors[] = {

  69.     // MD4 tests, from RFC 1320. (crypto/md4 does not provide a

  70.     // one-shot MD4 function.)

  71.     { md4, "", 1, "31d6cfe0d16ae931b73c59d7e0c089c0" },

  72.     { md4, "a", 1, "bde52cb31de33e46245e05fbdbd6fb24" },

  73.     { md4, "abc", 1, "a448017aaf21d8525fc10ae87aa6729d" },

  74.     { md4, "message digest", 1, "d9130a8164549fe818874806e1c7014b" },

  75.     { md4, "abcdefghijklmnopqrstuvwxyz", 1,

  76.       "d79e1c308aa5bbcdeea8ed63df412da9" },

  77.     { md4,

  78.       "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", 1,

  79.       "043f8582f241db351ce627e153e7f0e4" },

  80.     { md4, "1234567890", 8, "e33b4ddc9c38f2199c3e7b164fcc0536" },

  81. 

  82.     // MD5 tests, from RFC 1321.

  83.     { md5, "", 1, "d41d8cd98f00b204e9800998ecf8427e" },

  84.     { md5, "a", 1, "0cc175b9c0f1b6a831c399e269772661" },

  85.     { md5, "abc", 1, "900150983cd24fb0d6963f7d28e17f72" },

  86.     { md5, "message digest", 1, "f96b697d7cb7938d525a2f31aaf161d0" },

  87.     { md5, "abcdefghijklmnopqrstuvwxyz", 1,

  88.       "c3fcd3d76192e4007dfb496cca67e13b" },

  89.     { md5,

  90.       "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", 1,

  91.       "d174ab98d277d9f5a5611c2c9f419d9f" },

  92.     { md5, "1234567890", 8, "57edf4a22be3c955ac49da2e2107b67a" },

  93. 

  94.     // SHA-1 tests, from RFC 3174.

  95.     { sha1, "abc", 1, "a9993e364706816aba3e25717850c26c9cd0d89d" },

  96.     { sha1,

  97.       "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 1,

  98.       "84983e441c3bd26ebaae4aa1f95129e5e54670f1" },

  99.     { sha1, "a", 1000000, "34aa973cd4c4daa4f61eeb2bdbad27316534016f" },

  100.     { sha1,

  101.       "0123456701234567012345670123456701234567012345670123456701234567", 10,

  102.       "dea356a2cddd90c7a7ecedc5ebb563934f460452" },

  103. 

  104.     // SHA-224 tests, from RFC 3874.

  105.     { sha224, "abc", 1,

  106.       "23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7" },

  107.     { sha224,

  108.       "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 1,

  109.       "75388b16512776cc5dba5da1fd890150b0c6455cb4f58b1952522525" },

  110.     { sha224,

  111.       "a", 1000000,

  112.       "20794655980c91d8bbb4c1ea97618a4bf03f42581948b2ee4ee7ad67" },

  113. 

  114.     // SHA-256 tests, from NIST.

  115.     { sha256, "abc", 1,

  116.       "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" },

  117.     { sha256,

  118.       "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 1,

  119.       "248d6a61d20638b8e5c026930c3e6039a33ce45964ff2167f6ecedd419db06c1" },

  120. 

  121.     // SHA-384 tests, from NIST.

  122.     { sha384, "abc", 1,

  123.       "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed"

  124.       "8086072ba1e7cc2358baeca134c825a7" },

  125.     { sha384,

  126.       "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"

  127.       "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", 1,

  128.       "09330c33f71147e83d192fc782cd1b4753111b173b3b05d22fa08086e3b0f712"

  129.       "fcc7c71a557e2db966c3e9fa91746039" },

  130. 

  131.     // SHA-512 tests, from NIST.

  132.     { sha512, "abc", 1,

  133.       "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a"

  134.       "2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f" },

  135.     { sha512,

  136.       "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"

  137.       "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", 1,

  138.       "8e959b75dae313da8cf4f72814fc143f8f7779c6eb9f7fa17299aeadb6889018"

  139.       "501d289e4900f7e4331b99dec4b5433ac7d329eeb6dd26545e96e55b874be909" },

  140. 

  141.     // MD5-SHA1 tests.

  142.     { md5_sha1, "abc", 1,

  143.       "900150983cd24fb0d6963f7d28e17f72a9993e364706816aba3e25717850c26c9cd0d89d" },

  144. };

  145. 

  146. static void CompareDigest(const TestVector *test,

  147.                           const uint8_t *digest,

  148.                           size_t digest_len) {

  149.   static const char kHexTable[] = "0123456789abcdef";

  150.   char digest_hex[2*EVP_MAX_MD_SIZE + 1];

  151. 

  152.   for (size_t i = 0; i < digest_len; i++) {

  153.     digest_hex[2*i] = kHexTable[digest[i] >> 4];

  154.     digest_hex[2*i + 1] = kHexTable[digest[i] & 0xf];

  155.   }

  156.   digest_hex[2*digest_len] = '\0';

  157. 

  158.   EXPECT_STREQ(test->expected_hex, digest_hex);

  159. }

  160. 

  161. static void TestDigest(const TestVector *test) {

  162.   bssl::ScopedEVP_MD_CTX ctx;

  163. 

  164.   // Test the input provided.

  165.   ASSERT_TRUE(EVP_DigestInit_ex(ctx.get(), test->md.func(), NULL));

  166.   for (size_t i = 0; i < test->repeat; i++) {

  167.     ASSERT_TRUE(EVP_DigestUpdate(ctx.get(), test->input, strlen(test->input)));

  168.   }

  169.   std::unique_ptr<uint8_t[]> digest(new uint8_t[EVP_MD_size(test->md.func())]);

  170.   unsigned digest_len;

  171.   ASSERT_TRUE(EVP_DigestFinal_ex(ctx.get(), digest.get(), &digest_len));

  172.   CompareDigest(test, digest.get(), digest_len);

  173. 

  174.   // Test the input one character at a time.

  175.   ASSERT_TRUE(EVP_DigestInit_ex(ctx.get(), test->md.func(), NULL));

  176.   ASSERT_TRUE(EVP_DigestUpdate(ctx.get(), NULL, 0));

  177.   for (size_t i = 0; i < test->repeat; i++) {

  178.     for (const char *p = test->input; *p; p++) {

  179.       ASSERT_TRUE(EVP_DigestUpdate(ctx.get(), p, 1));

  180.     }

  181.   }

  182.   ASSERT_TRUE(EVP_DigestFinal_ex(ctx.get(), digest.get(), &digest_len));

  183.   EXPECT_EQ(EVP_MD_size(test->md.func()), digest_len);

  184.   CompareDigest(test, digest.get(), digest_len);

  185. 

  186.   // Test the one-shot function.

  187.   if (test->md.one_shot_func && test->repeat == 1) {

  188.     uint8_t *out = test->md.one_shot_func((const uint8_t *)test->input,

  189.                                           strlen(test->input), digest.get());

  190.     // One-shot functions return their supplied buffers.

  191.     EXPECT_EQ(digest.get(), out);

  192.     CompareDigest(test, digest.get(), EVP_MD_size(test->md.func()));

  193.   }

  194. }

  195. 

  196. TEST(DigestTest, TestVectors) {

  197.   for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kTestVectors); i++) {

  198.     SCOPED_TRACE(i);

  199.     TestDigest(&kTestVectors[i]);

  200.   }

  201. }

  202. 

  203. TEST(DigestTest, Getters) {

  204.   EXPECT_EQ(EVP_sha512(), EVP_get_digestbyname("RSA-SHA512"));

  205.   EXPECT_EQ(EVP_sha512(), EVP_get_digestbyname("sha512WithRSAEncryption"));

  206.   EXPECT_EQ(nullptr, EVP_get_digestbyname("nonsense"));

  207.   EXPECT_EQ(EVP_sha512(), EVP_get_digestbyname("SHA512"));

  208.   EXPECT_EQ(EVP_sha512(), EVP_get_digestbyname("sha512"));

  209. 

  210.   EXPECT_EQ(EVP_sha512(), EVP_get_digestbynid(NID_sha512));

  211.   EXPECT_EQ(nullptr, EVP_get_digestbynid(NID_sha512WithRSAEncryption));

  212.   EXPECT_EQ(nullptr, EVP_get_digestbynid(NID_undef));

  213. 

  214.   bssl::UniquePtr<ASN1_OBJECT> obj(OBJ_txt2obj("1.3.14.3.2.26", 0));

  215.   ASSERT_TRUE(obj);

  216.   EXPECT_EQ(EVP_sha1(), EVP_get_digestbyobj(obj.get()));

  217.   EXPECT_EQ(EVP_md5_sha1(), EVP_get_digestbyobj(OBJ_nid2obj(NID_md5_sha1)));

  218.   EXPECT_EQ(EVP_sha1(), EVP_get_digestbyobj(OBJ_nid2obj(NID_sha1)));

  219. }

  220. 

  221. TEST(DigestTest, ASN1) {

  222.   bssl::ScopedCBB cbb;

  223.   ASSERT_TRUE(CBB_init(cbb.get(), 0));

  224.   EXPECT_FALSE(EVP_marshal_digest_algorithm(cbb.get(), EVP_md5_sha1()));

  225. 

  226.   static const uint8_t kSHA256[] = {0x30, 0x0d, 0x06, 0x09, 0x60,

  227.                                     0x86, 0x48, 0x01, 0x65, 0x03,

  228.                                     0x04, 0x02, 0x01, 0x05, 0x00};

  229.   static const uint8_t kSHA256NoParam[] = {0x30, 0x0b, 0x06, 0x09, 0x60,

  230.                                            0x86, 0x48, 0x01, 0x65, 0x03,

  231.                                            0x04, 0x02, 0x01};

  232.   static const uint8_t kSHA256GarbageParam[] = {

  233.       0x30, 0x0e, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01,

  234.       0x65, 0x03, 0x04, 0x02, 0x01, 0x02, 0x01, 0x2a};

  235. 

  236.   // Serialize SHA-256.

  237.   cbb.Reset();

  238.   ASSERT_TRUE(CBB_init(cbb.get(), 0));

  239.   ASSERT_TRUE(EVP_marshal_digest_algorithm(cbb.get(), EVP_sha256()));

  240.   uint8_t *der;

  241.   size_t der_len;

  242.   ASSERT_TRUE(CBB_finish(cbb.get(), &der, &der_len));

  243.   bssl::UniquePtr<uint8_t> free_der(der);

  244.   EXPECT_EQ(Bytes(kSHA256), Bytes(der, der_len));

  245. 

  246.   // Parse SHA-256.

  247.   CBS cbs;

  248.   CBS_init(&cbs, kSHA256, sizeof(kSHA256));

  249.   EXPECT_EQ(EVP_sha256(), EVP_parse_digest_algorithm(&cbs));

  250.   EXPECT_EQ(0u, CBS_len(&cbs));

  251. 

  252.   // Missing parameters are tolerated for compatibility.

  253.   CBS_init(&cbs, kSHA256NoParam, sizeof(kSHA256NoParam));

  254.   EXPECT_EQ(EVP_sha256(), EVP_parse_digest_algorithm(&cbs));

  255.   EXPECT_EQ(0u, CBS_len(&cbs));

  256. 

  257.   // Garbage parameters are not.

  258.   CBS_init(&cbs, kSHA256GarbageParam, sizeof(kSHA256GarbageParam));

  259.   EXPECT_FALSE(EVP_parse_digest_algorithm(&cbs));

  260. }

  261. 

  262. TEST(DigestTest, TransformBlocks) {

  263.   uint8_t blocks[SHA256_CBLOCK * 10];

  264.   for (size_t i = 0; i < sizeof(blocks); i++) {

  265.     blocks[i] = i*3;

  266.   }

  267. 

  268.   SHA256_CTX ctx1;

  269.   SHA256_Init(&ctx1);

  270.   SHA256_Update(&ctx1, blocks, sizeof(blocks));

  271. 

  272.   SHA256_CTX ctx2;

  273.   SHA256_Init(&ctx2);

  274.   SHA256_TransformBlocks(ctx2.h, blocks, sizeof(blocks) / SHA256_CBLOCK);

  275. 

  276.   EXPECT_TRUE(0 == OPENSSL_memcmp(ctx1.h, ctx2.h, sizeof(ctx1.h)));

  277. }