wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

PBE lookup test

Browse source 
Add test to check PBE lookups: these can fail if the PBE table is not
correctly orders. Add to "make test".

Reviewed-by: Matt Caswell <matt@openssl.org>
This commit is contained in:
Dr. Stephen Henson 2015-09-03 15:46:43 +01:00
parent 66c103bdab
commit d95466931d
4 changed files with 120 additions and 29 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
crypto/evp/evp_pbe.c
View file

@ -122,31 +122,6 @@ static const EVP_PBE_CTL builtin_pbe[] = {
{EVP_PBE_TYPE_KDF, NID_id_scrypt, -1, -1, PKCS5_v2_scrypt_keyivgen}
};
#ifdef TEST
int main(int argc, char **argv)
{
int i, nid_md, nid_cipher;
EVP_PBE_CTL *tpbe, *tpbe2;
/*
* OpenSSL_add_all_algorithms();
*/
for (i = 0; i < OSSL_NELEM(builtin_pbe); i++) {
tpbe = builtin_pbe + i;
fprintf(stderr, "%d %d %s ", tpbe->pbe_type, tpbe->pbe_nid,
OBJ_nid2sn(tpbe->pbe_nid));
if (EVP_PBE_find(tpbe->pbe_type, tpbe->pbe_nid,
&nid_cipher, &nid_md, 0))
fprintf(stderr, "Found %s %s\n",
OBJ_nid2sn(nid_cipher), OBJ_nid2sn(nid_md));
else
fprintf(stderr, "Find ERROR!!\n");
}
return 0;
}
#endif
int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de)
{
@ -302,3 +277,18 @@ void EVP_PBE_cleanup(void)
sk_EVP_PBE_CTL_pop_free(pbe_algs, free_evp_pbe_ctl);
pbe_algs = NULL;
}
int EVP_PBE_get(int *ptype, int *ppbe_nid, size_t num)
{
const EVP_PBE_CTL *tpbe;
if (num >= OSSL_NELEM(builtin_pbe))
return 0;
tpbe = builtin_pbe + num;
if (ptype)
*ptype = tpbe->pbe_type;
if (ppbe_nid)
*ppbe_nid = tpbe->pbe_nid;
return 1;
}

1
include/openssl/evp.h
View file

@ -1105,6 +1105,7 @@ int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
int EVP_PBE_find(int type, int pbe_nid, int *pcnid, int *pmnid,
EVP_PBE_KEYGEN **pkeygen);
void EVP_PBE_cleanup(void);
int EVP_PBE_get(int *ptype, int *ppbe_nid, size_t num);
# define ASN1_PKEY_ALIAS 0x1
# define ASN1_PKEY_DYNAMIC 0x2

16
test/Makefile
View file

@ -35,6 +35,7 @@ ECDSATEST= ecdsatest
ECDHTEST= ecdhtest
EXPTEST= exptest
GMDIFFTEST= gmdifftest
PBELUTEST= pbelutest
IDEATEST= ideatest
SHA1TEST= sha1test
SHA256TEST= sha256t
@ -79,7 +80,7 @@ SSLSKEWITH0PTEST= sslskewith0ptest.pl
TESTS= alltests
EXE= $(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT) $(ECDSATEST)$(EXE_EXT) $(ECDHTEST)$(EXE_EXT) $(GMDIFFTEST)$(EXE_EXT) $(IDEATEST)$(EXE_EXT) \
EXE= $(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT) $(ECDSATEST)$(EXE_EXT) $(ECDHTEST)$(EXE_EXT) $(GMDIFFTEST)$(EXE_EXT) $(PBELUTEST)$(EXE_EXT) $(IDEATEST)$(EXE_EXT) \
$(MD2TEST)$(EXE_EXT) $(MD4TEST)$(EXE_EXT) $(MD5TEST)$(EXE_EXT) $(HMACTEST)$(EXE_EXT) $(WPTEST)$(EXE_EXT) \
$(RC2TEST)$(EXE_EXT) $(RC4TEST)$(EXE_EXT) $(RC5TEST)$(EXE_EXT) \
$(DESTEST)$(EXE_EXT) $(SHA1TEST)$(EXE_EXT) $(SHA256TEST)$(EXE_EXT) $(SHA512TEST)$(EXE_EXT) \
@ -97,7 +98,7 @@ EXE= $(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT) $(ECDSATEST)$(EXE_EXT) $(ECDHTEST)
# $(METHTEST)$(EXE_EXT)
OBJ= $(BNTEST).o $(ECTEST).o $(ECDSATEST).o $(ECDHTEST).o $(GMDIFFTEST).o $(IDEATEST).o \
OBJ= $(BNTEST).o $(ECTEST).o $(ECDSATEST).o $(ECDHTEST).o $(GMDIFFTEST).o $(PBELUTEST).o $(IDEATEST).o \
$(MD2TEST).o $(MD4TEST).o $(MD5TEST).o \
$(HMACTEST).o $(WPTEST).o \
$(RC2TEST).o $(RC4TEST).o $(RC5TEST).o \
@ -110,7 +111,7 @@ OBJ= $(BNTEST).o $(ECTEST).o $(ECDSATEST).o $(ECDHTEST).o $(GMDIFFTEST).o $(IDE
$(CONSTTIMETEST).o $(VERIFYEXTRATEST).o $(CLIENTHELLOTEST).o \
$(PACKETTEST).o testutil.o
SRC= $(BNTEST).c $(ECTEST).c $(ECDSATEST).c $(ECDHTEST).c $(GMDIFFTEST).c $(IDEATEST).c \
SRC= $(BNTEST).c $(ECTEST).c $(ECDSATEST).c $(ECDHTEST).c $(GMDIFFTEST).c $(PBELUTEST).c $(IDEATEST).c \
$(MD2TEST).c $(MD4TEST).c $(MD5TEST).c \
$(HMACTEST).c $(WPTEST).c \
$(RC2TEST).c $(RC4TEST).c $(RC5TEST).c \
@ -152,7 +153,7 @@ apps:
alltests: \
test_des test_gmdiff test_idea test_sha test_md4 test_md5 test_hmac \
test_md2 test_mdc2 test_wp \
test_pbelu test_md2 test_mdc2 test_wp \
test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast \
test_rand test_bn test_ec test_ecdsa test_ecdh \
test_enc test_x509 test_rsa test_crl test_sid \
@ -184,6 +185,10 @@ test_gmdiff: $(GMDIFFTEST)$(EXE_EXT)
@echo $(START) $@
../util/shlib_wrap.sh ./$(GMDIFFTEST)
test_pbelu: $(PBELUTEST)$(EXE_EXT)
@echo $(START) $@
../util/shlib_wrap.sh ./$(PBELUTEST)
test_idea: $(IDEATEST)$(EXE_EXT)
@echo $(START) $@
../util/shlib_wrap.sh ./$(IDEATEST)
@ -504,6 +509,9 @@ $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO)
$(GMDIFFTEST)$(EXE_EXT): $(GMDIFFTEST).o $(DLIBCRYPTO)
@target=$(GMDIFFTEST); $(BUILD_CMD)
$(PBELUTEST)$(EXE_EXT): $(PBELUTEST).o $(DLIBCRYPTO)
@target=$(PBELUTEST); $(BUILD_CMD)
$(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO)
@target=$(MD2TEST); $(BUILD_CMD)

92
test/pbelutest.c Normal file
View file

@ -0,0 +1,92 @@
/* ====================================================================
* Copyright (c) 2015 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <openssl/evp.h>
#include <stdio.h>
#include <string.h>
/*
* Password based encryption (PBE) table ordering test.
* Attempt to look up all supported algorithms.
*/
int main(int argc, char **argv)
{
size_t i;
int rv = 0;
int pbe_type, pbe_nid;
int last_type = -1, last_nid = -1;
for (i = 0; EVP_PBE_get(&pbe_type, &pbe_nid, i) != 0; i++) {
if (EVP_PBE_find(pbe_type, pbe_nid, NULL, NULL, 0) == 0) {
rv = 1;
break;
}
}
if (rv == 0)
return 0;
/* Error: print out whole table */
for (i = 0; EVP_PBE_get(&pbe_type, &pbe_nid, i) != 0; i++) {
if (pbe_type > last_type)
rv = 0;
else if (pbe_type < last_type || pbe_nid < last_nid)
rv = 1;
else
rv = 0;
fprintf(stderr, "PBE type=%d %d (%s): %s\n", pbe_type, pbe_nid,
OBJ_nid2sn(pbe_nid), rv ? "ERROR" : "OK");
last_type = pbe_type;
last_nid = pbe_nid;
}
return 1;
}