int test_main(int argc, char **argv) { if (argc != 4) { TEST_error("Unexpected number of arguments"); return EXIT_FAILURE; } if (strcmp(argv[1], "-crypto_first") == 0) { test_type = CRYPTO_FIRST; } else if (strcmp(argv[1], "-ssl_first") == 0) { test_type = SSL_FIRST; } else if (strcmp(argv[1], "-just_crypto") == 0) { test_type = JUST_CRYPTO; } else { TEST_error("Unrecognised argument"); return EXIT_FAILURE; } path_crypto = argv[2]; path_ssl = argv[3]; #if defined(DSO_DLFCN) || defined(DSO_WIN32) ADD_TEST(test_lib); #endif return run_tests(argv[0]); }
static int check_alerts(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) { if (!TEST_int_eq(result->client_alert_sent, result->client_alert_received)) { TEST_info("Client sent alert %s but server received %s.", print_alert(result->client_alert_sent), print_alert(result->client_alert_received)); /* * We can't bail here because the peer doesn't always get far enough * to process a received alert. Specifically, in protocol version * negotiation tests, we have the following scenario. * Client supports TLS v1.2 only; Server supports TLS v1.1. * Client proposes TLS v1.2; server responds with 1.1; * Client now sends a protocol alert, using TLS v1.2 in the header. * The server, however, rejects the alert because of version mismatch * in the record layer; therefore, the server appears to never * receive the alert. */ /* return 0; */ } if (!TEST_int_eq(result->server_alert_sent, result->server_alert_received)) { TEST_info("Server sent alert %s but client received %s.", print_alert(result->server_alert_sent), print_alert(result->server_alert_received)); /* return 0; */ } /* Tolerate an alert if one wasn't explicitly specified in the test. */ if (test_ctx->expected_client_alert /* * The info callback alert value is computed as * (s->s3->send_alert[0] << 8) | s->s3->send_alert[1] * where the low byte is the alert code and the high byte is other stuff. */ && (result->client_alert_sent & 0xff) != test_ctx->expected_client_alert) { TEST_error("ClientAlert mismatch: expected %s, got %s.", print_alert(test_ctx->expected_client_alert), print_alert(result->client_alert_sent)); return 0; } if (test_ctx->expected_server_alert && (result->server_alert_sent & 0xff) != test_ctx->expected_server_alert) { TEST_error("ServerAlert mismatch: expected %s, got %s.", print_alert(test_ctx->expected_server_alert), print_alert(result->server_alert_sent)); return 0; } if (!TEST_int_le(result->client_num_fatal_alerts_sent, 1)) return 0; if (!TEST_int_le(result->server_num_fatal_alerts_sent, 1)) return 0; return 1; }
/* * Usage: d2i_test <type> <file>, e.g. * d2i_test generalname bad_generalname.der */ int test_main(int argc, char *argv[]) { const char *test_type_name; const char *expected_error_string; size_t i; static error_enum expected_errors[] = { {"OK", ASN1_OK}, {"BIO", ASN1_BIO}, {"decode", ASN1_DECODE}, {"encode", ASN1_ENCODE}, {"compare", ASN1_COMPARE} }; if (!TEST_int_eq(argc, 4)) { fprintf(stderr, "Usage: d2i_test item_name expected_error file.der\n"); return 1; } test_type_name = argv[1]; expected_error_string = argv[2]; test_file = argv[3]; item_type = ASN1_ITEM_lookup(test_type_name); if (item_type == NULL) { TEST_error("Unknown type %s\n", test_type_name); fprintf(stderr, "Supported types:\n"); for (i = 0;; i++) { const ASN1_ITEM *it = ASN1_ITEM_get(i); if (it == NULL) break; fprintf(stderr, "\t%s\n", it->sname); } return 1; } for (i = 0; i < OSSL_NELEM(expected_errors); i++) { if (strcmp(expected_errors[i].str, expected_error_string) == 0) { expected_error = expected_errors[i].code; break; } } if (expected_error == ASN1_UNKNOWN) { TEST_error("Unknown expected error %s\n", expected_error_string); return 1; } ADD_TEST(test_bad_asn1); return run_tests(argv[0]); }
static int test_fatalerr(void) { SSL_CTX *sctx = NULL, *cctx = NULL; SSL *sssl = NULL, *cssl = NULL; const char *msg = "Dummy"; BIO *wbio = NULL; int ret = 0, len; char buf[80]; unsigned char dummyrec[] = { 0x17, 0x03, 0x03, 0x00, 0x05, 'D', 'u', 'm', 'm', 'y' }; if (!TEST_true(create_ssl_ctx_pair(TLS_method(), TLS_method(), &sctx, &cctx, cert, privkey))) goto err; /* * Deliberately set the cipher lists for client and server to be different * to force a handshake failure. */ if (!TEST_true(SSL_CTX_set_cipher_list(sctx, "AES128-SHA")) || !TEST_true(SSL_CTX_set_cipher_list(cctx, "AES256-SHA")) || !TEST_true(create_ssl_objects(sctx, cctx, &sssl, &cssl, NULL, NULL))) goto err; wbio = SSL_get_wbio(cssl); if (!TEST_ptr(wbio)) { printf("Unexpected NULL bio received\n"); goto err; } /* Connection should fail */ if (!TEST_false(create_ssl_connection(sssl, cssl, SSL_ERROR_NONE))) goto err; ERR_clear_error(); /* Inject a plaintext record from client to server */ if (!TEST_int_gt(BIO_write(wbio, dummyrec, sizeof(dummyrec)), 0)) goto err; /* SSL_read()/SSL_write should fail because of a previous fatal error */ if (!TEST_int_le(len = SSL_read(sssl, buf, sizeof(buf - 1)), 0)) { buf[len] = '\0'; TEST_error("Unexpected success reading data: %s\n", buf); goto err; } if (!TEST_int_le(SSL_write(sssl, msg, strlen(msg)), 0)) goto err; ret = 1; err: SSL_free(sssl); SSL_free(cssl); SSL_CTX_free(sctx); SSL_CTX_free(cctx); return ret; }
/* Test of EVP_PKEY_ASN1_METHOD ordering */ static int test_asn1_meths(void) { int i; int prev = -1; int good = 1; int pkey_id; const EVP_PKEY_ASN1_METHOD *ameth; for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) { ameth = EVP_PKEY_asn1_get0(i); EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, ameth); if (pkey_id < prev) good = 0; prev = pkey_id; } if (!good) { TEST_error("EVP_PKEY_ASN1_METHOD table out of order"); for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) { const char *info; ameth = EVP_PKEY_asn1_get0(i); EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, &info, NULL, ameth); if (info == NULL) info = "<NO NAME>"; TEST_note("%d : %s : %s", pkey_id, OBJ_nid2ln(pkey_id), info); } } return good; }
/* Test of EVP_PKEY_METHOD ordering */ static int test_pkey_meths(void) { size_t i; int prev = -1; int good = 1; int pkey_id; const EVP_PKEY_METHOD *pmeth; for (i = 0; i < EVP_PKEY_meth_get_count(); i++) { pmeth = EVP_PKEY_meth_get0(i); EVP_PKEY_meth_get0_info(&pkey_id, NULL, pmeth); if (pkey_id < prev) good = 0; prev = pkey_id; } if (!good) { TEST_error("EVP_PKEY_METHOD table out of order"); for (i = 0; i < EVP_PKEY_meth_get_count(); i++) { pmeth = EVP_PKEY_meth_get0(i); EVP_PKEY_meth_get0_info(&pkey_id, NULL, pmeth); TEST_note("%d : %s", pkey_id, OBJ_nid2ln(pkey_id)); } } return good; }
/* * Stress test the curve. If the '-num' argument is given, runs the loop * |num| times and prints the resulting X-coordinate. Otherwise runs the test * the default number of times and compares against the expected result. */ int setup_tests(void) { const char *p; if (!atoi64(NUM_REPEATS, &num_repeats)) { TEST_error("Cannot parse " NUM_REPEATS); return 0; } /* * TODO(openssl-team): code under test/ should be able to reuse the option * parsing framework currently in apps/. */ p = test_get_option_argument("-num"); if (p != NULL) { if (!atoi64(p, &num_repeats) || num_repeats < 0) return 0; print_mode = 1; } #ifndef OPENSSL_NO_EC ADD_TEST(test_curve); #endif return 1; }
/* * Stress test the curve. If the '-num' argument is given, runs the loop * |num| times and prints the resulting X-coordinate. Otherwise runs the test * the default number of times and compares against the expected result. */ int setup_tests(void) { OPTION_CHOICE o; if (!opt_imax(NUM_REPEATS, &num_repeats)) { TEST_error("Cannot parse " NUM_REPEATS); return 0; } while ((o = opt_next()) != OPT_EOF) { switch (o) { case OPT_NUM_REPEATS: if (!opt_imax(opt_arg(), &num_repeats) || num_repeats < 0) return 0; print_mode = 1; break; case OPT_TEST_CASES: break; default: case OPT_ERR: return 0; } } #ifndef OPENSSL_NO_EC ADD_TEST(test_curve); #endif return 1; }
static int test_sanity_range(void) { /* This isn't possible to check using the framework functions */ if (SIZE_MAX < INT_MAX) { TEST_error("int must not be wider than size_t"); return 0; } return 1; }
static int check_nid(const char *name, int expected_nid, int nid) { if (expected_nid == 0 || expected_nid == nid) return 1; TEST_error("%s type mismatch, %s vs %s\n", name, OBJ_nid2ln(expected_nid), nid == NID_undef ? "absent" : OBJ_nid2ln(nid)); return 0; }
static int test_secret(SSL *s, unsigned char *prk, const unsigned char *label, size_t labellen, const unsigned char *ref_secret, const unsigned char *ref_key, const unsigned char *ref_iv) { size_t hashsize; unsigned char gensecret[EVP_MAX_MD_SIZE]; unsigned char hash[EVP_MAX_MD_SIZE]; unsigned char key[KEYLEN]; unsigned char iv[IVLEN]; const EVP_MD *md = ssl_handshake_md(s); if (!ssl_handshake_hash(s, hash, sizeof(hash), &hashsize)) { TEST_error("Failed to get hash"); return 0; } if (!tls13_hkdf_expand(s, md, prk, label, labellen, hash, hashsize, gensecret, hashsize)) { TEST_error("Secret generation failed"); return 0; } if (!TEST_mem_eq(gensecret, hashsize, ref_secret, hashsize)) return 0; if (!tls13_derive_key(s, md, gensecret, key, KEYLEN)) { TEST_error("Key generation failed"); return 0; } if (!TEST_mem_eq(key, KEYLEN, ref_key, KEYLEN)) return 0; if (!tls13_derive_iv(s, md, gensecret, iv, IVLEN)) { TEST_error("IV generation failed"); return 0; } if (!TEST_mem_eq(iv, IVLEN, ref_iv, IVLEN)) return 0; return 1; }
/* * Test that r == 0 in test_exp_mod_zero(). Returns one on success, * returns zero and prints debug output otherwise. */ static int a_is_zero_mod_one(const char *method, const BIGNUM *r, const BIGNUM *a) { if (!BN_is_zero(r)) { TEST_error("%s failed: a ** 0 mod 1 = r (should be 0)", method); BN_print_var(a); BN_print_var(r); return 0; } return 1; }
static int parse_boolean(const char *value, int *result) { if (strcasecmp(value, "Yes") == 0) { *result = 1; return 1; } else if (strcasecmp(value, "No") == 0) { *result = 0; return 1; } TEST_error("parse_boolean given: '%s'", value); return 0; }
static int check_bn(const char *name, const BIGNUM *bn, const char *hexbn) { BIGNUM *tmp = NULL; int r; if (!TEST_true(BN_hex2bn(&tmp, hexbn))) return 0; if (BN_cmp(bn, tmp) != 0) TEST_error("unexpected %s value", name); r = TEST_BN_eq(bn, tmp); BN_free(tmp); return r; }
static int check_message(const struct set_name_fn *fn, const char *op, const char *nameincert, int match, const char *name) { char msg[1024]; if (match < 0) return 1; BIO_snprintf(msg, sizeof(msg), "%s: %s: [%s] %s [%s]", fn->name, op, nameincert, match ? "matches" : "does not match", name); if (is_exception(msg)) return 1; TEST_error("%s", msg); return 0; }
static int dsa_cb(int p, int n, BN_GENCB *arg) { static int ok = 0, num = 0; if (p == 0) num++; if (p == 2) ok++; if (!ok && (p == 0) && (num > 1)) { TEST_error("dsa_cb error"); return 0; } return 1; }
static int test_kdf_hkdf(void) { int ret = 0; EVP_PKEY_CTX *pctx; unsigned char out[10]; size_t outlen = sizeof(out); if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)) == NULL) { TEST_error("EVP_PKEY_HKDF"); goto err; } if (EVP_PKEY_derive_init(pctx) <= 0) { TEST_error("EVP_PKEY_derive_init"); goto err; } if (EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()) <= 0) { TEST_error("EVP_PKEY_CTX_set_hkdf_md"); goto err; } if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, "salt", 4) <= 0) { TEST_error("EVP_PKEY_CTX_set1_hkdf_salt"); goto err; } if (EVP_PKEY_CTX_set1_hkdf_key(pctx, "secret", 6) <= 0) { TEST_error("EVP_PKEY_CTX_set1_hkdf_key"); goto err; } if (EVP_PKEY_CTX_add1_hkdf_info(pctx, "label", 5) <= 0) { TEST_error("EVP_PKEY_CTX_set1_hkdf_info"); goto err; } if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) { TEST_error("EVP_PKEY_derive"); goto err; } { const unsigned char expected[sizeof(out)] = { 0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8, 0xde, 0x13 }; if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { goto err; } } ret = 1; err: EVP_PKEY_CTX_free(pctx); return ret; }
static int do_test_cert_table(int nid, uint32_t amask, size_t idx, const char *idxname) { const SSL_CERT_LOOKUP *clu = &ssl_cert_info[idx]; if (clu->nid == nid && clu->amask == amask) return 1; TEST_error("Invalid table entry for certificate type %s, index %zu", idxname, idx); if (clu->nid != nid) TEST_note("Expected %s, got %s\n", OBJ_nid2sn(nid), OBJ_nid2sn(clu->nid)); if (clu->amask != amask) TEST_note("Expected auth mask 0x%x, got 0x%x\n", amask, clu->amask); return 0; }
static int test_standard_exts(void) { size_t i; int prev = -1, good = 1; const X509V3_EXT_METHOD **tmp; tmp = standard_exts; for (i = 0; i < OSSL_NELEM(standard_exts); i++, tmp++) { if ((*tmp)->ext_nid < prev) good = 0; prev = (*tmp)->ext_nid; } if (!good) { tmp = standard_exts; TEST_error("Extensions out of order!"); for (i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++) TEST_note("%d : %s", (*tmp)->ext_nid, OBJ_nid2sn((*tmp)->ext_nid)); } return good; }
static CT_TEST_FIXTURE set_up(const char *const test_case_name) { CT_TEST_FIXTURE fixture; int ok = 0; memset(&fixture, 0, sizeof(fixture)); fixture.test_case_name = test_case_name; fixture.epoch_time_in_ms = 1473269626000; /* Sep 7 17:33:46 2016 GMT */ if (!TEST_ptr(fixture.ctlog_store = CTLOG_STORE_new()) || !TEST_int_eq( CTLOG_STORE_load_default_file(fixture.ctlog_store), 1)) goto end; ok = 1; end: if (!ok) { CTLOG_STORE_free(fixture.ctlog_store); TEST_error("Failed to setup"); exit(EXIT_FAILURE); } return fixture; }
static int test_kdf_tls1_prf(void) { int ret = 0; EVP_PKEY_CTX *pctx; unsigned char out[16]; size_t outlen = sizeof(out); if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL)) == NULL) { TEST_error("EVP_PKEY_TLS1_PRF"); goto err; } if (EVP_PKEY_derive_init(pctx) <= 0) { TEST_error("EVP_PKEY_derive_init"); goto err; } if (EVP_PKEY_CTX_set_tls1_prf_md(pctx, EVP_sha256()) <= 0) { TEST_error("EVP_PKEY_CTX_set_tls1_prf_md"); goto err; } if (EVP_PKEY_CTX_set1_tls1_prf_secret(pctx, "secret", 6) <= 0) { TEST_error("EVP_PKEY_CTX_set1_tls1_prf_secret"); goto err; } if (EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, "seed", 4) <= 0) { TEST_error("EVP_PKEY_CTX_add1_tls1_prf_seed"); goto err; } if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) { TEST_error("EVP_PKEY_derive"); goto err; } { const unsigned char expected[sizeof(out)] = { 0x8e, 0x4d, 0x93, 0x25, 0x30, 0xd7, 0x65, 0xa0, 0xaa, 0xe9, 0x74, 0xc3, 0x04, 0x73, 0x5e, 0xcc }; if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { goto err; } } ret = 1; err: EVP_PKEY_CTX_free(pctx); return ret; }
static int sign_and_verify(int len) { /* * Per FIPS 186-4, the hash is recommended to be the same length as q. * If the hash is longer than q, the leftmost N bits are used; if the hash * is shorter, then we left-pad (see appendix C.2.1). */ size_t sigLength; int digestlen = BN_num_bytes(DSA_get0_q(dsakey)); int ok = 0; unsigned char *dataToSign = OPENSSL_malloc(len); unsigned char *paddedData = OPENSSL_malloc(digestlen); unsigned char *signature = NULL; EVP_PKEY_CTX *ctx = NULL; EVP_PKEY *pkey = NULL; if (!TEST_ptr(dataToSign) || !TEST_ptr(paddedData) || !TEST_int_eq(RAND_bytes(dataToSign, len), 1)) goto end; memset(paddedData, 0, digestlen); if (len > digestlen) memcpy(paddedData, dataToSign, digestlen); else memcpy(paddedData + digestlen - len, dataToSign, len); if (!TEST_ptr(pkey = EVP_PKEY_new())) goto end; EVP_PKEY_set1_DSA(pkey, dsakey); if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, NULL))) goto end; if (!TEST_int_eq(EVP_PKEY_sign_init(ctx), 1)) goto end; if (EVP_PKEY_sign(ctx, NULL, &sigLength, dataToSign, len) != 1) { TEST_error("Failed to get signature length, len=%d", len); goto end; } if (!TEST_ptr(signature = OPENSSL_malloc(sigLength))) goto end; if (EVP_PKEY_sign(ctx, signature, &sigLength, dataToSign, len) != 1) { TEST_error("Failed to sign, len=%d", len); goto end; } /* Check that the signature is okay via the EVP interface */ if (!TEST_int_eq(EVP_PKEY_verify_init(ctx), 1)) goto end; /* ... using the same data we just signed */ if (EVP_PKEY_verify(ctx, signature, sigLength, dataToSign, len) != 1) { TEST_error("EVP verify with unpadded length %d failed\n", len); goto end; } /* ... padding/truncating the data to the appropriate digest size */ if (EVP_PKEY_verify(ctx, signature, sigLength, paddedData, digestlen) != 1) { TEST_error("EVP verify with length %d failed\n", len); goto end; } /* Verify again using the raw DSA interface */ if (DSA_verify(0, dataToSign, len, signature, sigLength, dsakey) != 1) { TEST_error("Verification with unpadded data failed, len=%d", len); goto end; } if (DSA_verify(0, paddedData, digestlen, signature, sigLength, dsakey) != 1) { TEST_error("verify with length %d failed\n", len); goto end; } ok = 1; end: EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(pkey); OPENSSL_free(signature); OPENSSL_free(paddedData); OPENSSL_free(dataToSign); return ok; }
static int test_x509_check_cert_pkey(void) { BIO *bio = NULL; X509 *x509 = NULL; X509_REQ *x509_req = NULL; EVP_PKEY *pkey = NULL; int ret = 0, type = 0, expected = 0, result = 0; /* * we check them first thus if fails we don't need to do * those PEM parsing operations. */ if (strcmp(t, "cert") == 0) { type = 1; } else if (strcmp(t, "req") == 0) { type = 2; } else { TEST_error("invalid 'type'"); goto failed; } if (strcmp(e, "ok") == 0) { expected = 1; } else if (strcmp(e, "failed") == 0) { expected = 0; } else { TEST_error("invalid 'expected'"); goto failed; } /* process private key */ if (!TEST_ptr(bio = BIO_new_file(k, "r"))) goto failed; if (!TEST_ptr(pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL))) goto failed; BIO_free(bio); /* process cert or cert request, use the same local var */ if (!TEST_ptr(bio = BIO_new_file(c, "r"))) goto failed; switch (type) { case 1: x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL); if (x509 == NULL) { TEST_error("read PEM x509 failed"); goto failed; } result = X509_check_private_key(x509, pkey); break; case 2: x509_req = PEM_read_bio_X509_REQ(bio, NULL, NULL, NULL); if (x509_req == NULL) { TEST_error("read PEM x509 req failed"); goto failed; } result = X509_REQ_check_private_key(x509_req, pkey); break; default: /* should never be here */ break; } if (!TEST_int_eq(result, expected)) { TEST_error("check private key: expected: %d, got: %d", expected, result); goto failed; } ret = 1; failed: BIO_free(bio); X509_free(x509); X509_REQ_free(x509_req); EVP_PKEY_free(pkey); return ret; }
static int test_tls13_encryption(void) { SSL_CTX *ctx = NULL; SSL *s = NULL; SSL3_RECORD rec; unsigned char *key = NULL, *iv = NULL, *seq = NULL; const EVP_CIPHER *ciph = EVP_aes_128_gcm(); int ret = 0; size_t ivlen, ctr; /* * Encrypted TLSv1.3 records always have an outer content type of * application data, and a record version of TLSv1.2. */ rec.data = NULL; rec.type = SSL3_RT_APPLICATION_DATA; rec.rec_version = TLS1_2_VERSION; ctx = SSL_CTX_new(TLS_method()); if (!TEST_ptr(ctx)) { TEST_info("Failed creating SSL_CTX"); goto err; } s = SSL_new(ctx); if (!TEST_ptr(s)) { TEST_info("Failed creating SSL"); goto err; } s->enc_read_ctx = EVP_CIPHER_CTX_new(); if (!TEST_ptr(s->enc_read_ctx)) goto err; s->enc_write_ctx = EVP_CIPHER_CTX_new(); if (!TEST_ptr(s->enc_write_ctx)) goto err; s->s3->tmp.new_cipher = SSL_CIPHER_find(s, TLS13_AES_128_GCM_SHA256_BYTES); if (!TEST_ptr(s->s3->tmp.new_cipher)) { TEST_info("Failed to find cipher"); goto err; } for (ctr = 0; ctr < OSSL_NELEM(refdata); ctr++) { /* Load the record */ ivlen = EVP_CIPHER_iv_length(ciph); if (!load_record(&rec, &refdata[ctr], &key, s->read_iv, ivlen, RECORD_LAYER_get_read_sequence(&s->rlayer))) { TEST_error("Failed loading key into EVP_CIPHER_CTX"); goto err; } /* Set up the read/write sequences */ memcpy(RECORD_LAYER_get_write_sequence(&s->rlayer), RECORD_LAYER_get_read_sequence(&s->rlayer), SEQ_NUM_SIZE); memcpy(s->write_iv, s->read_iv, ivlen); /* Load the key into the EVP_CIPHER_CTXs */ if (EVP_CipherInit_ex(s->enc_write_ctx, ciph, NULL, key, NULL, 1) <= 0 || EVP_CipherInit_ex(s->enc_read_ctx, ciph, NULL, key, NULL, 0) <= 0) { TEST_error("Failed loading key into EVP_CIPHER_CTX\n"); goto err; } /* Encrypt it */ if (!TEST_size_t_eq(tls13_enc(s, &rec, 1, 1), 1)) { TEST_info("Failed to encrypt record %zu", ctr); goto err; } if (!TEST_true(test_record(&rec, &refdata[ctr], 1))) { TEST_info("Record %zu encryption test failed", ctr); goto err; } /* Decrypt it */ if (!TEST_int_eq(tls13_enc(s, &rec, 1, 0), 1)) { TEST_info("Failed to decrypt record %zu", ctr); goto err; } if (!TEST_true(test_record(&rec, &refdata[ctr], 0))) { TEST_info("Record %zu decryption test failed", ctr); goto err; } OPENSSL_free(rec.data); OPENSSL_free(key); OPENSSL_free(iv); OPENSSL_free(seq); rec.data = NULL; key = NULL; iv = NULL; seq = NULL; } TEST_note("PASS: %zu records tested", ctr); ret = 1; err: OPENSSL_free(rec.data); OPENSSL_free(key); OPENSSL_free(iv); OPENSSL_free(seq); SSL_free(s); SSL_CTX_free(ctx); return ret; }
static int rfc5114_test(void) { int i; DH *dhA = NULL; DH *dhB = NULL; unsigned char *Z1 = NULL; unsigned char *Z2 = NULL; const rfc5114_td *td = NULL; BIGNUM *bady = NULL, *priv_key = NULL, *pub_key = NULL; const BIGNUM *pub_key_tmp; for (i = 0; i < (int)OSSL_NELEM(rfctd); i++) { td = rfctd + i; /* Set up DH structures setting key components */ if (!TEST_ptr(dhA = td->get_param()) || !TEST_ptr(dhB = td->get_param())) goto bad_err; if (!TEST_ptr(priv_key = BN_bin2bn(td->xA, td->xA_len, NULL)) || !TEST_ptr(pub_key = BN_bin2bn(td->yA, td->yA_len, NULL)) || !TEST_true(DH_set0_key(dhA, pub_key, priv_key))) goto bad_err; if (!TEST_ptr(priv_key = BN_bin2bn(td->xB, td->xB_len, NULL)) || !TEST_ptr(pub_key = BN_bin2bn(td->yB, td->yB_len, NULL)) || !TEST_true( DH_set0_key(dhB, pub_key, priv_key))) goto bad_err; priv_key = pub_key = NULL; if (!TEST_uint_eq(td->Z_len, (size_t)DH_size(dhA)) || !TEST_uint_eq(td->Z_len, (size_t)DH_size(dhB))) goto err; if (!TEST_ptr(Z1 = OPENSSL_malloc(DH_size(dhA))) || !TEST_ptr(Z2 = OPENSSL_malloc(DH_size(dhB)))) goto bad_err; /* * Work out shared secrets using both sides and compare with expected * values. */ DH_get0_key(dhB, &pub_key_tmp, NULL); if (!TEST_int_ne(DH_compute_key(Z1, pub_key_tmp, dhA), -1)) goto bad_err; DH_get0_key(dhA, &pub_key_tmp, NULL); if (!TEST_int_ne(DH_compute_key(Z2, pub_key_tmp, dhB), -1)) goto bad_err; if (!TEST_mem_eq(Z1, td->Z_len, td->Z, td->Z_len) || !TEST_mem_eq(Z2, td->Z_len, td->Z, td->Z_len)) goto err; DH_free(dhA); dhA = NULL; DH_free(dhB); dhB = NULL; OPENSSL_free(Z1); Z1 = NULL; OPENSSL_free(Z2); Z2 = NULL; } /* Now i == OSSL_NELEM(rfctd) */ /* RFC5114 uses unsafe primes, so now test an invalid y value */ if (!TEST_ptr(dhA = DH_get_2048_224()) || !TEST_ptr(Z1 = OPENSSL_malloc(DH_size(dhA)))) goto bad_err; if (!TEST_ptr(bady = BN_bin2bn(dhtest_rfc5114_2048_224_bad_y, sizeof(dhtest_rfc5114_2048_224_bad_y), NULL))) goto bad_err; if (!DH_generate_key(dhA)) goto bad_err; if (DH_compute_key(Z1, bady, dhA) != -1) { /* * DH_compute_key should fail with -1. If we get here we unexpectedly * allowed an invalid y value */ goto err; } /* We'll have a stale error on the queue from the above test so clear it */ ERR_clear_error(); BN_free(bady); DH_free(dhA); OPENSSL_free(Z1); return 1; bad_err: BN_free(bady); DH_free(dhA); DH_free(dhB); BN_free(pub_key); BN_free(priv_key); OPENSSL_free(Z1); OPENSSL_free(Z2); TEST_error("Initialisation error RFC5114 set %d\n", i + 1); return 0; err: BN_free(bady); DH_free(dhA); DH_free(dhB); OPENSSL_free(Z1); OPENSSL_free(Z2); TEST_error("Test failed RFC5114 set %d\n", i + 1); return 0; }
static int test_table(struct testdata *tbl, int idx) { int error = 0; ASN1_TIME atime; ASN1_TIME *ptime; struct testdata *td = &tbl[idx]; int day, sec; atime.data = (unsigned char*)td->data; atime.length = strlen((char*)atime.data); atime.type = td->type; atime.flags = 0; if (!TEST_int_eq(ASN1_TIME_check(&atime), td->check_result)) { TEST_info("ASN1_TIME_check(%s) unexpected result", atime.data); error = 1; } if (td->check_result == 0) return 1; if (!TEST_int_eq(ASN1_TIME_cmp_time_t(&atime, td->t), 0)) { TEST_info("ASN1_TIME_cmp_time_t(%s vs %ld) compare failed", atime.data, (long)td->t); error = 1; } if (!TEST_true(ASN1_TIME_diff(&day, &sec, &atime, &atime))) { TEST_info("ASN1_TIME_diff(%s) to self failed", atime.data); error = 1; } if (!TEST_int_eq(day, 0) || !TEST_int_eq(sec, 0)) { TEST_info("ASN1_TIME_diff(%s) to self not equal", atime.data); error = 1; } if (!TEST_true(ASN1_TIME_diff(&day, &sec, >ime, &atime))) { TEST_info("ASN1_TIME_diff(%s) to baseline failed", atime.data); error = 1; } else if (!((td->cmp_result == 0 && TEST_true((day == 0 && sec == 0))) || (td->cmp_result == -1 && TEST_true((day < 0 || sec < 0))) || (td->cmp_result == 1 && TEST_true((day > 0 || sec > 0))))) { TEST_info("ASN1_TIME_diff(%s) to baseline bad comparison", atime.data); error = 1; } if (!TEST_int_eq(ASN1_TIME_cmp_time_t(&atime, gtime_t), td->cmp_result)) { TEST_info("ASN1_TIME_cmp_time_t(%s) to baseline bad comparison", atime.data); error = 1; } ptime = ASN1_TIME_set(NULL, td->t); if (!TEST_ptr(ptime)) { TEST_info("ASN1_TIME_set(%ld) failed", (long)td->t); error = 1; } else { int local_error = 0; if (!TEST_int_eq(ASN1_TIME_cmp_time_t(ptime, td->t), 0)) { TEST_info("ASN1_TIME_set(%ld) compare failed (%s->%s)", (long)td->t, td->data, ptime->data); local_error = error = 1; } if (!TEST_int_eq(ptime->type, td->expected_type)) { TEST_info("ASN1_TIME_set(%ld) unexpected type", (long)td->t); local_error = error = 1; } if (local_error) TEST_info("ASN1_TIME_set() = %*s", ptime->length, ptime->data); ASN1_TIME_free(ptime); } ptime = ASN1_TIME_new(); if (!TEST_ptr(ptime)) { TEST_info("ASN1_TIME_new() failed"); error = 1; } else { int local_error = 0; if (!TEST_int_eq(ASN1_TIME_set_string(ptime, td->data), td->check_result)) { TEST_info("ASN1_TIME_set_string_gmt(%s) failed", td->data); local_error = error = 1; } if (!TEST_int_eq(ASN1_TIME_normalize(ptime), td->check_result)) { TEST_info("ASN1_TIME_normalize(%s) failed", td->data); local_error = error = 1; } if (!TEST_int_eq(ptime->type, td->expected_type)) { TEST_info("ASN1_TIME_set_string_gmt(%s) unexpected type", td->data); local_error = error = 1; } day = sec = 0; if (!TEST_true(ASN1_TIME_diff(&day, &sec, ptime, &atime)) || !TEST_int_eq(day, 0) || !TEST_int_eq(sec, 0)) { TEST_info("ASN1_TIME_diff(day=%d, sec=%d, %s) after ASN1_TIME_set_string_gmt() failed", day, sec, td->data); local_error = error = 1; } if (!TEST_int_eq(ASN1_TIME_cmp_time_t(ptime, gtime_t), td->cmp_result)) { TEST_info("ASN1_TIME_cmp_time_t(%s) after ASN1_TIME_set_string_gnt() to baseline bad comparison", td->data); local_error = error = 1; } if (local_error) TEST_info("ASN1_TIME_set_string_gmt() = %*s", ptime->length, ptime->data); ASN1_TIME_free(ptime); } ptime = ASN1_TIME_new(); if (!TEST_ptr(ptime)) { TEST_info("ASN1_TIME_new() failed"); error = 1; } else { int local_error = 0; if (!TEST_int_eq(ASN1_TIME_set_string(ptime, td->data), td->check_result)) { TEST_info("ASN1_TIME_set_string(%s) failed", td->data); local_error = error = 1; } day = sec = 0; if (!TEST_true(ASN1_TIME_diff(&day, &sec, ptime, &atime)) || !TEST_int_eq(day, 0) || !TEST_int_eq(sec, 0)) { TEST_info("ASN1_TIME_diff(day=%d, sec=%d, %s) after ASN1_TIME_set_string() failed", day, sec, td->data); local_error = error = 1; } if (!TEST_int_eq(ASN1_TIME_cmp_time_t(ptime, gtime_t), td->cmp_result)) { TEST_info("ASN1_TIME_cmp_time_t(%s) after ASN1_TIME_set_string() to baseline bad comparison", td->data); local_error = error = 1; } if (local_error) TEST_info("ASN1_TIME_set_string() = %*s", ptime->length, ptime->data); ASN1_TIME_free(ptime); } if (td->type == V_ASN1_UTCTIME) { ptime = ASN1_TIME_to_generalizedtime(&atime, NULL); if (td->convert_result == 1 && !TEST_ptr(ptime)) { TEST_info("ASN1_TIME_to_generalizedtime(%s) failed", atime.data); error = 1; } else if (td->convert_result == 0 && !TEST_ptr_null(ptime)) { TEST_info("ASN1_TIME_to_generalizedtime(%s) should have failed", atime.data); error = 1; } if (ptime != NULL && !TEST_int_eq(ASN1_TIME_cmp_time_t(ptime, td->t), 0)) { TEST_info("ASN1_TIME_to_generalizedtime(%s->%s) bad result", atime.data, ptime->data); error = 1; } ASN1_TIME_free(ptime); } /* else cannot simply convert GENERALIZEDTIME to UTCTIME */ if (error) TEST_error("atime=%s", atime.data); return !error; }
/* * test_mod_exp_zero tests that x**0 mod 1 == 0. It returns zero on success. */ static int test_mod_exp_zero(void) { BIGNUM *a = NULL, *p = NULL, *m = NULL; BIGNUM *r = NULL; BN_ULONG one_word = 1; BN_CTX *ctx = BN_CTX_new(); int ret = 1, failed = 0; if (!TEST_ptr(m = BN_new()) || !TEST_ptr(a = BN_new()) || !TEST_ptr(p = BN_new()) || !TEST_ptr(r = BN_new())) goto err; BN_one(m); BN_one(a); BN_zero(p); if (!TEST_true(BN_rand(a, 1024, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY))) goto err; if (!TEST_true(BN_mod_exp(r, a, p, m, ctx))) goto err; if (!TEST_true(a_is_zero_mod_one("BN_mod_exp", r, a))) failed = 1; if (!TEST_true(BN_mod_exp_recp(r, a, p, m, ctx))) goto err; if (!TEST_true(a_is_zero_mod_one("BN_mod_exp_recp", r, a))) failed = 1; if (!TEST_true(BN_mod_exp_simple(r, a, p, m, ctx))) goto err; if (!TEST_true(a_is_zero_mod_one("BN_mod_exp_simple", r, a))) failed = 1; if (!TEST_true(BN_mod_exp_mont(r, a, p, m, ctx, NULL))) goto err; if (!TEST_true(a_is_zero_mod_one("BN_mod_exp_mont", r, a))) failed = 1; if (!TEST_true(BN_mod_exp_mont_consttime(r, a, p, m, ctx, NULL))) goto err; if (!TEST_true(a_is_zero_mod_one("BN_mod_exp_mont_consttime", r, a))) failed = 1; /* * A different codepath exists for single word multiplication * in non-constant-time only. */ if (!TEST_true(BN_mod_exp_mont_word(r, one_word, p, m, ctx, NULL))) goto err; if (!TEST_BN_eq_zero(r)) { TEST_error("BN_mod_exp_mont_word failed: " "1 ** 0 mod 1 = r (should be 0)"); BN_print_var(r); goto err; } ret = !failed; err: BN_free(r); BN_free(a); BN_free(p); BN_free(m); BN_CTX_free(ctx); return ret; }
static int test_tls13ccs(int tst) { SSL_CTX *sctx = NULL, *cctx = NULL; SSL *sssl = NULL, *cssl = NULL; int ret = 0; const char msg[] = "Dummy data"; char buf[80]; size_t written, readbytes; SSL_SESSION *sess = NULL; chseen = shseen = sccsseen = ccsaftersh = ccsbeforesh = 0; sappdataseen = cappdataseen = badccs = badvers = badsessid = 0; chsessidlen = 0; if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), TLS1_VERSION, 0, &sctx, &cctx, cert, privkey)) || !TEST_true(SSL_CTX_set_max_early_data(sctx, SSL3_RT_MAX_PLAIN_LENGTH))) goto err; /* * Test 0: Simple Handshake * Test 1: Simple Handshake, client middlebox compat mode disabled * Test 2: Simple Handshake, server middlebox compat mode disabled * Test 3: HRR Handshake * Test 4: HRR Handshake, client middlebox compat mode disabled * Test 5: HRR Handshake, server middlebox compat mode disabled * Test 6: Early data handshake * Test 7: Early data handshake, client middlebox compat mode disabled * Test 8: Early data handshake, server middlebox compat mode disabled * Test 9: Early data then HRR * Test 10: Early data then HRR, client middlebox compat mode disabled * Test 11: Early data then HRR, server middlebox compat mode disabled */ switch (tst) { case 0: case 3: case 6: case 9: break; case 1: case 4: case 7: case 10: SSL_CTX_clear_options(cctx, SSL_OP_ENABLE_MIDDLEBOX_COMPAT); break; case 2: case 5: case 8: case 11: SSL_CTX_clear_options(sctx, SSL_OP_ENABLE_MIDDLEBOX_COMPAT); break; default: TEST_error("Invalid test value"); goto err; } if (tst >= 6) { /* Get a session suitable for early_data */ if (!TEST_true(create_ssl_objects(sctx, cctx, &sssl, &cssl, NULL, NULL)) || !TEST_true(create_ssl_connection(sssl, cssl, SSL_ERROR_NONE))) goto err; sess = SSL_get1_session(cssl); if (!TEST_ptr(sess)) goto err; SSL_shutdown(cssl); SSL_shutdown(sssl); SSL_free(sssl); SSL_free(cssl); sssl = cssl = NULL; } if ((tst >= 3 && tst <= 5) || tst >= 9) { /* HRR handshake */ if (!TEST_true(SSL_CTX_set1_groups_list(sctx, "P-256"))) goto err; } s_to_c_fbio = BIO_new(bio_f_watchccs_filter()); c_to_s_fbio = BIO_new(bio_f_watchccs_filter()); if (!TEST_ptr(s_to_c_fbio) || !TEST_ptr(c_to_s_fbio)) { BIO_free(s_to_c_fbio); BIO_free(c_to_s_fbio); goto err; } /* BIOs get freed on error */ if (!TEST_true(create_ssl_objects(sctx, cctx, &sssl, &cssl, s_to_c_fbio, c_to_s_fbio))) goto err; if (tst >= 6) { /* Early data */ if (!TEST_true(SSL_set_session(cssl, sess)) || !TEST_true(SSL_write_early_data(cssl, msg, strlen(msg), &written)) || (tst <= 8 && !TEST_int_eq(SSL_read_early_data(sssl, buf, sizeof(buf), &readbytes), SSL_READ_EARLY_DATA_SUCCESS))) goto err; if (tst <= 8) { if (!TEST_int_gt(SSL_connect(cssl), 0)) goto err; } else { if (!TEST_int_le(SSL_connect(cssl), 0)) goto err; } if (!TEST_int_eq(SSL_read_early_data(sssl, buf, sizeof(buf), &readbytes), SSL_READ_EARLY_DATA_FINISH)) goto err; } /* Perform handshake (or complete it if doing early data ) */ if (!TEST_true(create_ssl_connection(sssl, cssl, SSL_ERROR_NONE))) goto err; /* * Check there were no unexpected CCS messages, all record versions * were as expected, and that the session ids were reflected by the server * correctly. */ if (!TEST_false(badccs) || !TEST_false(badvers) || !TEST_false(badsessid)) goto err; switch (tst) { case 0: if (!TEST_true(sccsseen) || !TEST_true(ccsaftersh) || !TEST_false(ccsbeforesh) || !TEST_size_t_gt(chsessidlen, 0)) goto err; break; case 1: if (!TEST_true(sccsseen) || !TEST_false(ccsaftersh) || !TEST_false(ccsbeforesh) || !TEST_size_t_eq(chsessidlen, 0)) goto err; break; case 2: if (!TEST_false(sccsseen) || !TEST_true(ccsaftersh) || !TEST_false(ccsbeforesh) || !TEST_size_t_gt(chsessidlen, 0)) goto err; break; case 3: if (!TEST_true(sccsseen) || !TEST_true(ccsaftersh) || !TEST_false(ccsbeforesh) || !TEST_size_t_gt(chsessidlen, 0)) goto err; break; case 4: if (!TEST_true(sccsseen) || !TEST_false(ccsaftersh) || !TEST_false(ccsbeforesh) || !TEST_size_t_eq(chsessidlen, 0)) goto err; break; case 5: if (!TEST_false(sccsseen) || !TEST_true(ccsaftersh) || !TEST_false(ccsbeforesh) || !TEST_size_t_gt(chsessidlen, 0)) goto err; break; case 6: if (!TEST_true(sccsseen) || !TEST_false(ccsaftersh) || !TEST_true(ccsbeforesh) || !TEST_size_t_gt(chsessidlen, 0)) goto err; break; case 7: if (!TEST_true(sccsseen) || !TEST_false(ccsaftersh) || !TEST_false(ccsbeforesh) || !TEST_size_t_eq(chsessidlen, 0)) goto err; break; case 8: if (!TEST_false(sccsseen) || !TEST_false(ccsaftersh) || !TEST_true(ccsbeforesh) || !TEST_size_t_gt(chsessidlen, 0)) goto err; break; case 9: if (!TEST_true(sccsseen) || !TEST_false(ccsaftersh) || !TEST_true(ccsbeforesh) || !TEST_size_t_gt(chsessidlen, 0)) goto err; break; case 10: if (!TEST_true(sccsseen) || !TEST_false(ccsaftersh) || !TEST_false(ccsbeforesh) || !TEST_size_t_eq(chsessidlen, 0)) goto err; break; case 11: if (!TEST_false(sccsseen) || !TEST_false(ccsaftersh) || !TEST_true(ccsbeforesh) || !TEST_size_t_gt(chsessidlen, 0)) goto err; break; default: TEST_error("Invalid test value"); goto err; } ret = 1; err: SSL_SESSION_free(sess); SSL_free(sssl); SSL_free(cssl); SSL_CTX_free(sctx); SSL_CTX_free(cctx); return ret; }
static int test_kdf_scrypt(void) { int ret = 0; EVP_PKEY_CTX *pctx; unsigned char out[64]; size_t outlen = sizeof(out); if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SCRYPT, NULL)) == NULL) { TEST_error("EVP_PKEY_SCRYPT"); goto err; } if (EVP_PKEY_derive_init(pctx) <= 0) { TEST_error("EVP_PKEY_derive_init"); goto err; } if (EVP_PKEY_CTX_set1_pbe_pass(pctx, "password", 8) <= 0) { TEST_error("EVP_PKEY_CTX_set1_pbe_pass"); goto err; } if (EVP_PKEY_CTX_set1_scrypt_salt(pctx, "NaCl", 4) <= 0) { TEST_error("EVP_PKEY_CTX_set1_scrypt_salt"); goto err; } if (EVP_PKEY_CTX_set_scrypt_N(pctx, 1024) <= 0) { TEST_error("EVP_PKEY_CTX_set_scrypt_N"); goto err; } if (EVP_PKEY_CTX_set_scrypt_r(pctx, 8) <= 0) { TEST_error("EVP_PKEY_CTX_set_scrypt_r"); goto err; } if (EVP_PKEY_CTX_set_scrypt_p(pctx, 16) <= 0) { TEST_error("EVP_PKEY_CTX_set_scrypt_p"); goto err; } if (EVP_PKEY_CTX_set_scrypt_maxmem_bytes(pctx, 16) <= 0) { TEST_error("EVP_PKEY_CTX_set_maxmem_bytes"); goto err; } if (EVP_PKEY_derive(pctx, out, &outlen) > 0) { TEST_error("EVP_PKEY_derive should have failed"); goto err; } if (EVP_PKEY_CTX_set_scrypt_maxmem_bytes(pctx, 10 * 1024 * 1024) <= 0) { TEST_error("EVP_PKEY_CTX_set_maxmem_bytes"); goto err; } if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) { TEST_error("EVP_PKEY_derive"); goto err; } { const unsigned char expected[sizeof(out)] = { 0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00, 0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe, 0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30, 0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62, 0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88, 0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda, 0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d, 0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40 }; if (!TEST_mem_eq(out, sizeof(out), expected, sizeof(expected))) { goto err; } } ret = 1; err: EVP_PKEY_CTX_free(pctx); return ret; }
static int test_intern(const TEST_PACKAGE *package) { unsigned int i; size_t nelems; int fail = 0; if (package->skip) return 1; /* Do decode_custom checks */ nelems = package->encode_expectations_size / package->encode_expectations_elem_size; OPENSSL_assert(nelems == sizeof(test_custom_data) / sizeof(test_custom_data[0])); for (i = 0; i < nelems; i++) { size_t pos = i * package->encode_expectations_elem_size; switch (do_encode_custom((EXPECTED *)&((unsigned char *)package ->encode_expectations)[pos], &test_custom_data[i], package)) { case -1: TEST_error("Failed custom encode round trip %u of %s", i, package->name); TEST_openssl_errors(); fail++; break; case 0: TEST_error("Custom encode round trip %u of %s mismatch", i, package->name); TEST_openssl_errors(); fail++; break; case 1: break; default: OPENSSL_die("do_encode_custom() return unknown value", __FILE__, __LINE__); } switch (do_decode_custom(&test_custom_data[i], (EXPECTED *)&((unsigned char *)package ->encode_expectations)[pos], package->encode_expectations_elem_size, package)) { case -1: TEST_error("Failed custom decode round trip %u of %s", i, package->name); TEST_openssl_errors(); fail++; break; case 0: TEST_error("Custom decode round trip %u of %s mismatch", i, package->name); TEST_openssl_errors(); fail++; break; case 1: break; default: OPENSSL_die("do_decode_custom() return unknown value", __FILE__, __LINE__); } } /* Do enc_dec checks */ nelems = package->encdec_data_size / package->encdec_data_elem_size; for (i = 0; i < nelems; i++) { size_t pos = i * package->encdec_data_elem_size; switch (do_enc_dec((EXPECTED *)&((unsigned char *)package ->encdec_data)[pos], package->encdec_data_elem_size, package)) { case -1: TEST_error("Failed encode/decode round trip %u of %s", i, package->name); TEST_openssl_errors(); fail++; break; case 0: TEST_error("Encode/decode round trip %u of %s mismatch", i, package->name); fail++; break; case 1: break; default: OPENSSL_die("do_enc_dec() return unknown value", __FILE__, __LINE__); } } if (!do_print_item(package)) { TEST_error("Printing of %s failed", package->name); TEST_openssl_errors(); fail++; } return fail == 0; }