kris
/
boringssl
1
0
Разклонения 0
Код Задачи 0 Заявки за сливане 0 Версии 0 Уики Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1644 Ревизии
12 Клонове
38 MiB
 
 
 
 
 
 
ИН на ревизия: fc05994e24
Клонове Маркери
${ item.name }
Create branch ${ searchTerm }
от 'fc05994e24'
${ noResults }
boringssl/crypto/cipher/cipher_test.cc

288 lines
9.8 KiB
Директен файл Blame История 

  1. /*

  2.  * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL

  3.  * project.

  4.  */

  5. /* ====================================================================

  6.  * Copyright (c) 2015 The OpenSSL Project.  All rights reserved.

  7.  *

  8.  * Redistribution and use in source and binary forms, with or without

  9.  * modification, are permitted provided that the following conditions

  10.  * are met:

  11.  *

  12.  * 1. Redistributions of source code must retain the above copyright

  13.  *    notice, this list of conditions and the following disclaimer.

  14.  *

  15.  * 2. Redistributions in binary form must reproduce the above copyright

  16.  *    notice, this list of conditions and the following disclaimer in

  17.  *    the documentation and/or other materials provided with the

  18.  *    distribution.

  19.  *

  20.  * 3. All advertising materials mentioning features or use of this

  21.  *    software must display the following acknowledgment:

  22.  *    "This product includes software developed by the OpenSSL Project

  23.  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"

  24.  *

  25.  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to

  26.  *    endorse or promote products derived from this software without

  27.  *    prior written permission. For written permission, please contact

  28.  *    licensing@OpenSSL.org.

  29.  *

  30.  * 5. Products derived from this software may not be called "OpenSSL"

  31.  *    nor may "OpenSSL" appear in their names without prior written

  32.  *    permission of the OpenSSL Project.

  33.  *

  34.  * 6. Redistributions of any form whatsoever must retain the following

  35.  *    acknowledgment:

  36.  *    "This product includes software developed by the OpenSSL Project

  37.  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"

  38.  *

  39.  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY

  40.  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  41.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

  42.  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR

  43.  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

  44.  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

  45.  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

  46.  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  47.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

  48.  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

  49.  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

  50.  * OF THE POSSIBILITY OF SUCH DAMAGE.

  51.  * ====================================================================

  52.  */

  53. 

  54. #include <stdlib.h>

  55. #include <string.h>

  56. 

  57. #include <string>

  58. #include <vector>

  59. 

  60. #include <openssl/cipher.h>

  61. #include <openssl/crypto.h>

  62. #include <openssl/err.h>

  63. 

  64. #include "../test/file_test.h"

  65. #include "../test/scoped_types.h"

  66. #include "../test/stl_compat.h"

  67. 

  68. 

  69. static const EVP_CIPHER *GetCipher(const std::string &name) {

  70.   if (name == "DES-CBC") {

  71.     return EVP_des_cbc();

  72.   } else if (name == "DES-EDE3-CBC") {

  73.     return EVP_des_ede3_cbc();

  74.   } else if (name == "RC4") {

  75.     return EVP_rc4();

  76.   } else if (name == "AES-128-ECB") {

  77.     return EVP_aes_128_ecb();

  78.   } else if (name == "AES-256-ECB") {

  79.     return EVP_aes_256_ecb();

  80.   } else if (name == "AES-128-CBC") {

  81.     return EVP_aes_128_cbc();

  82.   } else if (name == "AES-128-GCM") {

  83.     return EVP_aes_128_gcm();

  84.   } else if (name == "AES-128-OFB") {

  85.     return EVP_aes_128_ofb();

  86.   } else if (name == "AES-192-CBC") {

  87.     return EVP_aes_192_cbc();

  88.   } else if (name == "AES-192-ECB") {

  89.     return EVP_aes_192_ecb();

  90.   } else if (name == "AES-256-CBC") {

  91.     return EVP_aes_256_cbc();

  92.   } else if (name == "AES-128-CTR") {

  93.     return EVP_aes_128_ctr();

  94.   } else if (name == "AES-256-CTR") {

  95.     return EVP_aes_256_ctr();

  96.   } else if (name == "AES-256-GCM") {

  97.     return EVP_aes_256_gcm();

  98.   } else if (name == "AES-256-OFB") {

  99.     return EVP_aes_256_ofb();

  100.   }

  101.   return nullptr;

  102. }

  103. 

  104. static bool TestOperation(FileTest *t,

  105.                           const EVP_CIPHER *cipher,

  106.                           bool encrypt,

  107.                           bool streaming,

  108.                           const std::vector<uint8_t> &key,

  109.                           const std::vector<uint8_t> &iv,

  110.                           const std::vector<uint8_t> &plaintext,

  111.                           const std::vector<uint8_t> &ciphertext,

  112.                           const std::vector<uint8_t> &aad,

  113.                           const std::vector<uint8_t> &tag) {

  114.   const std::vector<uint8_t> *in, *out;

  115.   if (encrypt) {

  116.     in = &plaintext;

  117.     out = &ciphertext;

  118.   } else {

  119.     in = &ciphertext;

  120.     out = &plaintext;

  121.   }

  122. 

  123.   bool is_aead = EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE;

  124. 

  125.   ScopedEVP_CIPHER_CTX ctx;

  126.   if (!EVP_CipherInit_ex(ctx.get(), cipher, nullptr, nullptr, nullptr,

  127.                          encrypt ? 1 : 0)) {

  128.     return false;

  129.   }

  130.   if (t->HasAttribute("IV")) {

  131.     if (is_aead) {

  132.       if (!EVP_CIPHER_CTX_ctrl(ctx.get(), EVP_CTRL_GCM_SET_IVLEN,

  133.                                iv.size(), 0)) {

  134.         return false;

  135.       }

  136.     } else if (iv.size() != (size_t)EVP_CIPHER_CTX_iv_length(ctx.get())) {

  137.       t->PrintLine("Bad IV length.");

  138.       return false;

  139.     }

  140.   }

  141.   if (is_aead && !encrypt &&

  142.       !EVP_CIPHER_CTX_ctrl(ctx.get(), EVP_CTRL_GCM_SET_TAG, tag.size(),

  143.                            const_cast<uint8_t*>(bssl::vector_data(&tag)))) {

  144.     return false;

  145.   }

  146.   // The ciphers are run with no padding. For each of the ciphers we test, the

  147.   // output size matches the input size.

  148.   std::vector<uint8_t> result(in->size());

  149.   if (in->size() != out->size()) {

  150.     t->PrintLine("Input/output size mismatch (%u vs %u).", (unsigned)in->size(),

  151.                  (unsigned)out->size());

  152.     return false;

  153.   }

  154.   // Note: the deprecated |EVP_CIPHER|-based AES-GCM API is sensitive to whether

  155.   // parameters are NULL, so it is important to skip the |in| and |aad|

  156.   // |EVP_CipherUpdate| calls when empty.

  157.   int unused, result_len1 = 0, result_len2;

  158.   if (!EVP_CIPHER_CTX_set_key_length(ctx.get(), key.size()) ||

  159.       !EVP_CipherInit_ex(ctx.get(), nullptr, nullptr, bssl::vector_data(&key),

  160.                          bssl::vector_data(&iv), -1) ||

  161.       (!aad.empty() &&

  162.        !EVP_CipherUpdate(ctx.get(), nullptr, &unused, bssl::vector_data(&aad),

  163.                          aad.size())) ||

  164.       !EVP_CIPHER_CTX_set_padding(ctx.get(), 0)) {

  165.     t->PrintLine("Operation failed.");

  166.     return false;

  167.   }

  168.   if (streaming) {

  169.     for (size_t i = 0; i < in->size(); i++) {

  170.       uint8_t c = (*in)[i];

  171.       int len;

  172.       if (!EVP_CipherUpdate(ctx.get(), bssl::vector_data(&result) + result_len1,

  173.                             &len, &c, 1)) {

  174.         t->PrintLine("Operation failed.");

  175.         return false;

  176.       }

  177.       result_len1 += len;

  178.     }

  179.   } else if (!in->empty() &&

  180.              !EVP_CipherUpdate(ctx.get(), bssl::vector_data(&result),

  181.                                &result_len1, bssl::vector_data(in),

  182.                                in->size())) {

  183.     t->PrintLine("Operation failed.");

  184.     return false;

  185.   }

  186.   if (!EVP_CipherFinal_ex(ctx.get(), bssl::vector_data(&result) + result_len1,

  187.                           &result_len2)) {

  188.     t->PrintLine("Operation failed.");

  189.     return false;

  190.   }

  191.   result.resize(result_len1 + result_len2);

  192.   if (!t->ExpectBytesEqual(bssl::vector_data(out), out->size(),

  193.                            bssl::vector_data(&result), result.size())) {

  194.     return false;

  195.   }

  196.   if (encrypt && is_aead) {

  197.     uint8_t rtag[16];

  198.     if (tag.size() > sizeof(rtag)) {

  199.       t->PrintLine("Bad tag length.");

  200.       return false;

  201.     }

  202.     if (!EVP_CIPHER_CTX_ctrl(ctx.get(), EVP_CTRL_GCM_GET_TAG, tag.size(),

  203.                              rtag) ||

  204.         !t->ExpectBytesEqual(bssl::vector_data(&tag), tag.size(), rtag,

  205.                              tag.size())) {

  206.       return false;

  207.     }

  208.   }

  209.   return true;

  210. }

  211. 

  212. static bool TestCipher(FileTest *t, void *arg) {

  213.   std::string cipher_str;

  214.   if (!t->GetAttribute(&cipher_str, "Cipher")) {

  215.     return false;

  216.   }

  217.   const EVP_CIPHER *cipher = GetCipher(cipher_str);

  218.   if (cipher == nullptr) {

  219.     t->PrintLine("Unknown cipher: '%s'.", cipher_str.c_str());

  220.     return false;

  221.   }

  222. 

  223.   std::vector<uint8_t> key, iv, plaintext, ciphertext, aad, tag;

  224.   if (!t->GetBytes(&key, "Key") ||

  225.       !t->GetBytes(&plaintext, "Plaintext") ||

  226.       !t->GetBytes(&ciphertext, "Ciphertext")) {

  227.     return false;

  228.   }

  229.   if (EVP_CIPHER_iv_length(cipher) > 0 &&

  230.       !t->GetBytes(&iv, "IV")) {

  231.     return false;

  232.   }

  233.   if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) {

  234.     if (!t->GetBytes(&aad, "AAD") ||

  235.         !t->GetBytes(&tag, "Tag")) {

  236.       return false;

  237.     }

  238.   }

  239. 

  240.   enum {

  241.     kEncrypt,

  242.     kDecrypt,

  243.     kBoth,

  244.   } operation = kBoth;

  245.   if (t->HasAttribute("Operation")) {

  246.     const std::string &str = t->GetAttributeOrDie("Operation");

  247.     if (str == "ENCRYPT") {

  248.       operation = kEncrypt;

  249.     } else if (str == "DECRYPT") {

  250.       operation = kDecrypt;

  251.     } else {

  252.       t->PrintLine("Unknown operation: '%s'.", str.c_str());

  253.       return false;

  254.     }

  255.   }

  256. 

  257.   // By default, both directions are run, unless overridden by the operation.

  258.   if (operation != kDecrypt) {

  259.     if (!TestOperation(t, cipher, true /* encrypt */, false /* single-shot */,

  260.                        key, iv, plaintext, ciphertext, aad, tag) ||

  261.         !TestOperation(t, cipher, true /* encrypt */, true /* streaming */, key,

  262.                        iv, plaintext, ciphertext, aad, tag)) {

  263.       return false;

  264.     }

  265.   }

  266.   if (operation != kEncrypt) {

  267.     if (!TestOperation(t, cipher, false /* decrypt */, false /* single-shot */,

  268.                        key, iv, plaintext, ciphertext, aad, tag) ||

  269.         !TestOperation(t, cipher, false /* decrypt */, true /* streaming */,

  270.                        key, iv, plaintext, ciphertext, aad, tag)) {

  271.       return false;

  272.     }

  273.   }

  274. 

  275.   return true;

  276. }

  277. 

  278. int main(int argc, char **argv) {

  279.   CRYPTO_library_init();

  280. 

  281.   if (argc != 2) {

  282.     fprintf(stderr, "%s <test file>\n", argv[0]);

  283.     return 1;

  284.   }

  285. 

  286.   return FileTestMain(TestCipher, nullptr, argv[1]);

  287. }