static int luaclose_openssl(lua_State *L)
{
if(atomic_fetch_sub(&init, 1) > 1)
return 0;
#if !defined(LIBRESSL_VERSION_NUMBER)
FIPS_mode_set(0);
#endif
OBJ_cleanup();
EVP_cleanup();
ENGINE_cleanup();
RAND_cleanup();
#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
SSL_COMP_free_compression_methods();
#endif
COMP_zlib_cleanup();
#if OPENSSL_VERSION_NUMBER < 0x10000000L
ERR_remove_state(0);
#elif OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
ERR_remove_thread_state(NULL);
#endif
#if defined(OPENSSL_THREADS)
CRYPTO_thread_cleanup();
#endif
CRYPTO_set_locking_callback(NULL);
CRYPTO_set_id_callback(NULL);
CRYPTO_cleanup_all_ex_data();
ERR_free_strings();
CONF_modules_free();
CONF_modules_unload(1);
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
#if !(defined(OPENSSL_NO_STDIO) || defined(OPENSSL_NO_FP_API))
#if defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10101000L
CRYPTO_mem_leaks_fp(stderr);
#else
if(CRYPTO_mem_leaks_fp(stderr)!=1)
{
fprintf(stderr,
"Please report a bug on https://github.com/zhaozg/lua-openssl."
"And if can, please provide a reproduce method and minimal code.\n"
"\n\tThank You.");
}
#endif
#endif /* OPENSSL_NO_STDIO or OPENSSL_NO_FP_API */
#endif /* OPENSSL_NO_CRYPTO_MDEBUG */
return 0;
}
int main(int argc, char *argv[])
{
/* enable memory leak checking unless explicitly disabled */
if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
{
CRYPTO_malloc_debug_init();
CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
}
else
{
/* OPENSSL_DEBUG_MEMORY=off */
CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
}
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
ERR_load_crypto_strings();
RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */
prime_field_tests();
puts("");
char2_field_tests();
/* test the internal curves */
internal_curve_test();
#ifndef OPENSSL_NO_ENGINE
ENGINE_cleanup();
#endif
CRYPTO_cleanup_all_ex_data();
ERR_free_strings();
ERR_remove_state(0);
CRYPTO_mem_leaks_fp(stderr);
return 0;
}
static int
crypto( const char *key,
bool decrypt,
const bytes_t &bytes,
bytes_t &crypt )
{
CRYPTO_malloc_debug_init();
CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
RAND_seed(rnd_seed, sizeof(rnd_seed)); /* or OAEP may fail */
RSA *rsa = NULL;
int rval = loadKey(key, decrypt, &rsa);
if ( rval == 0 )
rval = crypto(rsa, decrypt, bytes, crypt);
RSA_free(rsa);
ERR_print_errors_fp(stdout);
CRYPTO_cleanup_all_ex_data();
EVP_cleanup();
ERR_remove_state(0);
CRYPTO_mem_leaks_fp(stderr);
return ( rval );
}
int main(int argc, char **argv)
{
int i;
testdata *test = test_cases;
CRYPTO_malloc_debug_init();
CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
OpenSSL_add_all_digests();
# ifndef OPENSSL_NO_ENGINE
ENGINE_load_builtin_engines();
ENGINE_register_all_digests();
# endif
printf("PKCS5_PBKDF2_HMAC() tests ");
for (i = 0; test->pass != NULL; i++, test++) {
test_p5_pbkdf2(i, "sha1", test, sha1_results[i]);
test_p5_pbkdf2(i, "sha256", test, sha256_results[i]);
test_p5_pbkdf2(i, "sha512", test, sha512_results[i]);
printf(".");
}
printf(" done\n");
# ifndef OPENSSL_NO_ENGINE
ENGINE_cleanup();
# endif
EVP_cleanup();
CRYPTO_cleanup_all_ex_data();
ERR_remove_thread_state(NULL);
ERR_free_strings();
CRYPTO_mem_leaks_fp(stderr);
return 0;
}
int main(int argc, char **argv)
{
#ifdef CRYPTO_MDEBUG
char *p;
char *lost;
p = getenv("OPENSSL_DEBUG_MEMORY");
if (p != NULL && strcmp(p, "on") == 0)
CRYPTO_set_mem_debug(1);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
lost = OPENSSL_malloc(3);
if (lost == NULL) {
fprintf(stderr, "OPENSSL_malloc failed\n");
return 1;
}
if (argv[1] && strcmp(argv[1], "freeit") == 0)
OPENSSL_free(lost);
CRYPTO_mem_leaks_fp(stderr);
return 0;
#else
if (argv[1] && strcmp(argv[1], "freeit") == 0)
return 0;
fprintf(stderr, "Leak simulated\n");
return 1;
#endif
}
void
crypto_uninit_lib (void)
{
#ifndef ENABLE_SSL
/* If SSL is enabled cleanup is taken care of in ssl_openssl.c */
EVP_cleanup ();
#ifndef ENABLE_SMALL
ERR_free_strings ();
#endif
#endif
#ifdef CRYPTO_MDEBUG
FILE* fp = fopen ("sdlog", "w");
ASSERT (fp);
CRYPTO_mem_leaks_fp (fp);
fclose (fp);
#endif
#if HAVE_OPENSSL_ENGINE
if (engine_initialized)
{
ENGINE_cleanup ();
engine_persist = NULL;
engine_initialized = false;
}
#endif
}
int main(int argc, char **argv)
{
CRYPTO_set_mem_debug(1);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
ERR_load_crypto_strings();
OpenSSL_add_all_digests();
if (argc != 4) {
fprintf(stderr, "usage: verify_extra_test roots.pem untrusted.pem bad.pem\n");
return 1;
}
if (!test_alt_chains_cert_forgery(argv[1], argv[2], argv[3])) {
fprintf(stderr, "Test alt chains cert forgery failed\n");
return 1;
}
EVP_cleanup();
CRYPTO_cleanup_all_ex_data();
ERR_remove_thread_state(NULL);
ERR_free_strings();
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
if (CRYPTO_mem_leaks_fp(stderr) <= 0)
return 1;
#endif
printf("PASS\n");
return 0;
}
int main(int argc, char *argv[])
{
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
char *p;
char *lost;
int noleak;
p = getenv("OPENSSL_DEBUG_MEMORY");
if (p != NULL && strcmp(p, "on") == 0)
CRYPTO_set_mem_debug(1);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
lost = OPENSSL_malloc(3);
if (!TEST_ptr(lost))
return EXIT_FAILURE;
if (argv[1] && strcmp(argv[1], "freeit") == 0) {
OPENSSL_free(lost);
lost = NULL;
}
noleak = CRYPTO_mem_leaks_fp(stderr);
/* If -1 return value something bad happened */
if (!TEST_int_ne(noleak, -1))
return EXIT_FAILURE;
return TEST_int_eq(lost != NULL, noleak == 0) ? EXIT_SUCCESS : EXIT_FAILURE;
#else
return EXIT_SUCCESS;
#endif
}
int main(int argc, char **argv)
{
int i;
testdata *test = test_cases;
CRYPTO_set_mem_debug(1);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_ALL_BUILTIN, NULL);
printf("PKCS5_PBKDF2_HMAC() tests ");
for (i = 0; test->pass != NULL; i++, test++) {
test_p5_pbkdf2(i, "sha1", test, sha1_results[i]);
test_p5_pbkdf2(i, "sha256", test, sha256_results[i]);
test_p5_pbkdf2(i, "sha512", test, sha512_results[i]);
printf(".");
}
printf(" done\n");
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
if (CRYPTO_mem_leaks_fp(stderr) <= 0)
return 1;
# endif
return 0;
}
int finish_test(int ret)
{
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
if (should_report_leaks() && CRYPTO_mem_leaks_fp(stderr) <= 0)
return EXIT_FAILURE;
#endif
return ret;
}
int ssl_test_ecdh(int argc, char *argv[])
{
BN_CTX *ctx=NULL;
int ret=1;
BIO *out;
CRYPTO_malloc_debug_init();
CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
#ifdef OPENSSL_SYS_WIN32
CRYPTO_malloc_init();
#endif
RAND_seed(rnd_seed, sizeof rnd_seed);
#ifndef OPENSSL_SYS_WINDOWS
out = BIO_new(BIO_s_mem());
if (out == NULL) return(1);
#else
out=BIO_new(BIO_s_file());
if (out == NULL) return(1);
BIO_set_fp(out,OPENSSL_TYPE__FILE_STDOUT,BIO_NOCLOSE);
#endif
if ((ctx=BN_CTX_new()) == NULL) goto err;
/* NIST PRIME CURVES TESTS */
if (!test_ecdh_curve(NID_X9_62_prime192v1, "NIST Prime-Curve P-192", ctx, out)) goto err;
if (!test_ecdh_curve(NID_secp224r1, "NIST Prime-Curve P-224", ctx, out)) goto err;
if (!test_ecdh_curve(NID_X9_62_prime256v1, "NIST Prime-Curve P-256", ctx, out)) goto err;
if (!test_ecdh_curve(NID_secp384r1, "NIST Prime-Curve P-384", ctx, out)) goto err;
if (!test_ecdh_curve(NID_secp521r1, "NIST Prime-Curve P-521", ctx, out)) goto err;
/* NIST BINARY CURVES TESTS */
if (!test_ecdh_curve(NID_sect163k1, "NIST Binary-Curve K-163", ctx, out)) goto err;
if (!test_ecdh_curve(NID_sect163r2, "NIST Binary-Curve B-163", ctx, out)) goto err;
if (!test_ecdh_curve(NID_sect233k1, "NIST Binary-Curve K-233", ctx, out)) goto err;
if (!test_ecdh_curve(NID_sect233r1, "NIST Binary-Curve B-233", ctx, out)) goto err;
if (!test_ecdh_curve(NID_sect283k1, "NIST Binary-Curve K-283", ctx, out)) goto err;
if (!test_ecdh_curve(NID_sect283r1, "NIST Binary-Curve B-283", ctx, out)) goto err;
if (!test_ecdh_curve(NID_sect409k1, "NIST Binary-Curve K-409", ctx, out)) goto err;
if (!test_ecdh_curve(NID_sect409r1, "NIST Binary-Curve B-409", ctx, out)) goto err;
if (!test_ecdh_curve(NID_sect571k1, "NIST Binary-Curve K-571", ctx, out)) goto err;
if (!test_ecdh_curve(NID_sect571r1, "NIST Binary-Curve B-571", ctx, out)) goto err;
ret = 0;
err:
ERR_print_errors_fp(OPENSSL_TYPE__FILE_STDERR);
if (ctx) BN_CTX_free(ctx);
BIO_free(out);
CRYPTO_cleanup_all_ex_data();
ERR_remove_thread_state(NULL);
CRYPTO_mem_leaks_fp(OPENSSL_TYPE__FILE_STDERR);
return(ret);
}
int main(void)
{
CRYPTO_set_mem_debug(1);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
ERR_load_crypto_strings();
/* Load up the software EVP_CIPHER and EVP_MD definitions */
OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests();
if (!test_EVP_DigestSignInit()) {
fprintf(stderr, "EVP_DigestSignInit failed\n");
return 1;
}
if (!test_EVP_DigestVerifyInit()) {
fprintf(stderr, "EVP_DigestVerifyInit failed\n");
return 1;
}
if (!test_d2i_AutoPrivateKey(kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER),
EVP_PKEY_RSA)) {
fprintf(stderr, "d2i_AutoPrivateKey(kExampleRSAKeyDER) failed\n");
return 1;
}
if (!test_d2i_AutoPrivateKey
(kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8), EVP_PKEY_RSA)) {
fprintf(stderr, "d2i_AutoPrivateKey(kExampleRSAKeyPKCS8) failed\n");
return 1;
}
#ifndef OPENSSL_NO_EC
if (!test_d2i_AutoPrivateKey(kExampleECKeyDER, sizeof(kExampleECKeyDER),
EVP_PKEY_EC)) {
fprintf(stderr, "d2i_AutoPrivateKey(kExampleECKeyDER) failed\n");
return 1;
}
if (!test_EVP_PKCS82PKEY()) {
fprintf(stderr, "test_EVP_PKCS82PKEY failed\n");
return 1;
}
#endif
EVP_cleanup();
CRYPTO_cleanup_all_ex_data();
ERR_remove_thread_state(NULL);
ERR_free_strings();
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
if (CRYPTO_mem_leaks_fp(stderr) <= 0)
return 1;
#endif
printf("PASS\n");
return 0;
}
/**
\ingroup Core_Crypto
\brief Finalise openssl
\note Would usually call ops_finish() instead
\sa ops_finish()
*/
void ops_crypto_finish()
{
CRYPTO_cleanup_all_ex_data();
// FIXME: what should we do instead (function is deprecated)?
// ERR_remove_state(0);
#ifdef DMALLOC
CRYPTO_mem_leaks_fp(stderr);
#endif
}
int main(int argc, char *argv[])
{
BN_CTX *ctx = NULL;
int nid, ret = 1;
EC_builtin_curve *curves = NULL;
size_t crv_len = 0, n = 0;
BIO *out;
CRYPTO_set_mem_debug(1);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
RAND_seed(rnd_seed, sizeof rnd_seed);
out = BIO_new(BIO_s_file());
if (out == NULL)
EXIT(1);
BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
if ((ctx = BN_CTX_new()) == NULL)
goto err;
/* get a list of all internal curves */
crv_len = EC_get_builtin_curves(NULL, 0);
curves = OPENSSL_malloc(sizeof(*curves) * crv_len);
if (curves == NULL) goto err;
if (!EC_get_builtin_curves(curves, crv_len)) goto err;
/* NAMED CURVES TESTS */
for (n = 0; n < crv_len; n++) {
nid = curves[n].nid;
if (!test_ecdh_curve(nid, ctx, out)) goto err;
}
/* KATs */
for (n = 0; n < (sizeof(ecdh_kats)/sizeof(ecdh_kat_t)); n++) {
if (!ecdh_kat(out, &ecdh_kats[n]))
goto err;
}
ret = 0;
err:
ERR_print_errors_fp(stderr);
OPENSSL_free(curves);
BN_CTX_free(ctx);
BIO_free(out);
CRYPTO_cleanup_all_ex_data();
ERR_remove_thread_state(NULL);
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
if (CRYPTO_mem_leaks_fp(stderr) <= 0)
ret = 1;
#endif
EXIT(ret);
}
/*
* call-seq:
* OpenSSL.print_mem_leaks -> true | false
*
* For debugging the Ruby/OpenSSL library. Calls CRYPTO_mem_leaks_fp(stderr).
* Prints detected memory leaks to standard error. This cleans the global state
* up thus you cannot use any methods of the library after calling this.
*
* Returns +true+ if leaks detected, +false+ otherwise.
*
* This is available only when built with a capable OpenSSL and --enable-debug
* configure option.
*
* === Example
* OpenSSL.mem_check_start
* NOT_GCED = OpenSSL::PKey::RSA.new(256)
*
* END {
* GC.start
* OpenSSL.print_mem_leaks # will print the leakage
* }
*/
static VALUE
print_mem_leaks(VALUE self)
{
#if OPENSSL_VERSION_NUMBER >= 0x10100000
int ret;
#endif
BN_CTX_free(ossl_bn_ctx);
ossl_bn_ctx = NULL;
#if OPENSSL_VERSION_NUMBER >= 0x10100000
ret = CRYPTO_mem_leaks_fp(stderr);
if (ret < 0)
ossl_raise(eOSSLError, "CRYPTO_mem_leaks_fp");
return ret ? Qfalse : Qtrue;
#else
CRYPTO_mem_leaks_fp(stderr);
return Qnil;
#endif
}
int main(int argc, char *argv[]) {
int ret = 1;
BIO *out;
CRYPTO_malloc_debug_init();
CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
#ifdef OPENSSL_SYS_WIN32
CRYPTO_malloc_init();
#endif
RAND_seed(rnd_seed, sizeof rnd_seed);
out = BIO_new(BIO_s_file());
if (out == NULL) EXIT(1);
BIO_set_fp(out, stdout, BIO_NOCLOSE);
if (argc == 1) {
if (!test_lwekex(out, 1)) goto err;
} else if (argc == 2 && !strcmp((const char *)argv[1], "cont")) {
BIO_printf(out, "Running continuous test. ^C to quit.\n\n");
int iterations = 0;
int failures = 0;
time_t starttime = time(NULL);
while (1) {
iterations++;
if (test_lwekex(out, 0) == 1) {
} else {
failures++;
}
if ((iterations % 100) == 0) {
BIO_printf(out, "Iterations: %d, failures: %d, elapsed time: %ld\n",
iterations, failures, time(NULL) - starttime);
if (iterations > (1 << 20)) break;
}
}
} else {
BIO_printf(out,
"Error: argument must be \"cont\" for invoking \
continuously run test.\n");
}
ret = 0;
err:
ERR_print_errors_fp(stderr);
BIO_free(out);
CRYPTO_cleanup_all_ex_data();
ERR_remove_thread_state(NULL);
CRYPTO_mem_leaks_fp(stderr);
EXIT(ret);
return (ret);
}
void
dst__openssl_destroy() {
/*
* Sequence taken from apps_shutdown() in <apps/apps.h>.
*/
#if (OPENSSL_VERSION_NUMBER >= 0x00907000L)
CONF_modules_unload(1);
#endif
EVP_cleanup();
#if defined(USE_ENGINE) && OPENSSL_VERSION_NUMBER >= 0x00907000L
ENGINE_cleanup();
#endif
#if (OPENSSL_VERSION_NUMBER >= 0x00907000L)
CRYPTO_cleanup_all_ex_data();
#endif
ERR_clear_error();
ERR_free_strings();
ERR_remove_state(0);
#ifdef DNS_CRYPTO_LEAKS
CRYPTO_mem_leaks_fp(stderr);
#endif
#if 0
/*
* The old error sequence that leaked. Remove for 9.4.1 if
* there are no issues by then.
*/
ERR_clear_error();
#ifdef USE_ENGINE
if (e != NULL) {
ENGINE_free(e);
e = NULL;
}
#endif
#endif
if (rm != NULL) {
#if OPENSSL_VERSION_NUMBER >= 0x00907000L
RAND_cleanup();
#endif
mem_free(rm);
}
if (locks != NULL) {
CRYPTO_set_locking_callback(NULL);
DESTROYMUTEXBLOCK(locks, nlocks);
mem_free(locks);
}
}
void
Application::closeSSL()
{
if ( sRSA )
{
RSA_free(sRSA);
sRSA = NULL;
}
ERR_print_errors_fp(stdout);
CRYPTO_cleanup_all_ex_data();
EVP_cleanup();
ERR_remove_state(0);
CRYPTO_mem_leaks_fp(stderr);
}
void
dst__openssl_destroy(void) {
/*
* Sequence taken from apps_shutdown() in <apps/apps.h>.
*/
if (rm != NULL) {
#if OPENSSL_VERSION_NUMBER >= 0x00907000L
RAND_cleanup();
#endif
mem_free(rm);
rm = NULL;
}
#if (OPENSSL_VERSION_NUMBER >= 0x00907000L)
CONF_modules_free();
#endif
OBJ_cleanup();
EVP_cleanup();
#if defined(USE_ENGINE)
if (e != NULL)
ENGINE_free(e);
e = NULL;
#if defined(USE_ENGINE) && OPENSSL_VERSION_NUMBER >= 0x00907000L
ENGINE_cleanup();
#endif
#endif
#if (OPENSSL_VERSION_NUMBER >= 0x00907000L)
CRYPTO_cleanup_all_ex_data();
#endif
ERR_clear_error();
#if OPENSSL_VERSION_NUMBER < 0x10100000L
ERR_remove_state(0);
#endif
ERR_free_strings();
#ifdef DNS_CRYPTO_LEAKS
CRYPTO_mem_leaks_fp(stderr);
#endif
if (locks != NULL) {
CRYPTO_set_locking_callback(NULL);
DESTROYMUTEXBLOCK(locks, nlocks);
mem_free(locks);
locks = NULL;
}
}
void
crypto_uninit_lib(void)
{
#ifdef CRYPTO_MDEBUG
FILE *fp = fopen("sdlog", "w");
ASSERT(fp);
CRYPTO_mem_leaks_fp(fp);
fclose(fp);
#endif
#if HAVE_OPENSSL_ENGINE
if (engine_initialized)
{
ENGINE_cleanup();
engine_persist = NULL;
engine_initialized = false;
}
#endif
}
int main(int argc, char *argv[])
{
BN_GENCB *_cb = NULL;
DH *a = NULL;
DH *b = NULL;
BIGNUM *ap = NULL, *ag = NULL, *bp = NULL, *bg = NULL, *apub_key = NULL;
BIGNUM *bpub_key = NULL, *priv_key = NULL;
char buf[12] = {0};
unsigned char *abuf = NULL;
unsigned char *bbuf = NULL;
int i, alen, blen, aout, bout;
int ret = 1;
BIO *out = NULL;
CRYPTO_set_mem_debug(1);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
RAND_seed(rnd_seed, sizeof rnd_seed);
out = BIO_new(BIO_s_file());
if (out == NULL)
EXIT(1);
BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
_cb = BN_GENCB_new();
if (_cb == NULL)
goto err;
BN_GENCB_set(_cb, &cb, out);
if (((a = DH_new()) == NULL)
|| (!DH_generate_parameters_ex(a, 64, DH_GENERATOR_5, _cb)))
goto err;
if (!DH_check(a, &i))
goto err;
if (i & DH_CHECK_P_NOT_PRIME)
BIO_puts(out, "p value is not prime\n");
if (i & DH_CHECK_P_NOT_SAFE_PRIME)
BIO_puts(out, "p value is not a safe prime\n");
if (i & DH_UNABLE_TO_CHECK_GENERATOR)
BIO_puts(out, "unable to check the generator value\n");
if (i & DH_NOT_SUITABLE_GENERATOR)
BIO_puts(out, "the g value is not a generator\n");
DH_get0_pqg(a, &ap, NULL, &ag);
BIO_puts(out, "\np =");
BN_print(out, ap);
BIO_puts(out, "\ng =");
BN_print(out, ag);
BIO_puts(out, "\n");
b = DH_new();
if (b == NULL)
goto err;
bp = BN_dup(ap);
bg = BN_dup(ag);
if ((bp == NULL) || (bg == NULL) || !DH_set0_pqg(b, bp, NULL, bg))
goto err;
bp = bg = NULL;
if (!DH_generate_key(a))
goto err;
DH_get0_key(a, &apub_key, &priv_key);
BIO_puts(out, "pri 1=");
BN_print(out, priv_key);
BIO_puts(out, "\npub 1=");
BN_print(out, apub_key);
BIO_puts(out, "\n");
if (!DH_generate_key(b))
goto err;
DH_get0_key(b, &bpub_key, &priv_key);
BIO_puts(out, "pri 2=");
BN_print(out, priv_key);
BIO_puts(out, "\npub 2=");
BN_print(out, bpub_key);
BIO_puts(out, "\n");
alen = DH_size(a);
abuf = OPENSSL_malloc(alen);
if (abuf == NULL)
goto err;
aout = DH_compute_key(abuf, bpub_key, a);
BIO_puts(out, "key1 =");
for (i = 0; i < aout; i++) {
sprintf(buf, "%02X", abuf[i]);
BIO_puts(out, buf);
}
BIO_puts(out, "\n");
blen = DH_size(b);
bbuf = OPENSSL_malloc(blen);
if (bbuf == NULL)
goto err;
bout = DH_compute_key(bbuf, apub_key, b);
BIO_puts(out, "key2 =");
for (i = 0; i < bout; i++) {
sprintf(buf, "%02X", bbuf[i]);
BIO_puts(out, buf);
}
BIO_puts(out, "\n");
if ((aout < 4) || (bout != aout) || (memcmp(abuf, bbuf, aout) != 0)) {
fprintf(stderr, "Error in DH routines\n");
ret = 1;
} else
ret = 0;
if (!run_rfc5114_tests())
ret = 1;
err:
(void)BIO_flush(out);
ERR_print_errors_fp(stderr);
OPENSSL_free(abuf);
OPENSSL_free(bbuf);
DH_free(b);
DH_free(a);
BN_free(bp);
BN_free(bg);
BN_GENCB_free(_cb);
BIO_free(out);
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
if (CRYPTO_mem_leaks_fp(stderr) <= 0)
ret = 1;
#endif
EXIT(ret);
}
int main(int argc, char *argv[])
{
BN_CTX *ctx = NULL;
int ret = 1;
BIO *out;
CRYPTO_malloc_debug_init();
CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
# ifdef OPENSSL_SYS_WIN32
CRYPTO_malloc_init();
# endif
RAND_seed(rnd_seed, sizeof(rnd_seed));
out = BIO_new(BIO_s_file());
if (out == NULL)
EXIT(1);
BIO_set_fp(out, stdout, BIO_NOCLOSE);
if ((ctx = BN_CTX_new()) == NULL)
goto err;
/* NIST PRIME CURVES TESTS */
if (!test_ecdh_curve
(NID_X9_62_prime192v1, "NIST Prime-Curve P-192", ctx, out))
goto err;
if (!test_ecdh_curve(NID_secp224r1, "NIST Prime-Curve P-224", ctx, out))
goto err;
if (!test_ecdh_curve
(NID_X9_62_prime256v1, "NIST Prime-Curve P-256", ctx, out))
goto err;
if (!test_ecdh_curve(NID_secp384r1, "NIST Prime-Curve P-384", ctx, out))
goto err;
if (!test_ecdh_curve(NID_secp521r1, "NIST Prime-Curve P-521", ctx, out))
goto err;
# ifndef OPENSSL_NO_EC2M
/* NIST BINARY CURVES TESTS */
if (!test_ecdh_curve(NID_sect163k1, "NIST Binary-Curve K-163", ctx, out))
goto err;
if (!test_ecdh_curve(NID_sect163r2, "NIST Binary-Curve B-163", ctx, out))
goto err;
if (!test_ecdh_curve(NID_sect233k1, "NIST Binary-Curve K-233", ctx, out))
goto err;
if (!test_ecdh_curve(NID_sect233r1, "NIST Binary-Curve B-233", ctx, out))
goto err;
if (!test_ecdh_curve(NID_sect283k1, "NIST Binary-Curve K-283", ctx, out))
goto err;
if (!test_ecdh_curve(NID_sect283r1, "NIST Binary-Curve B-283", ctx, out))
goto err;
if (!test_ecdh_curve(NID_sect409k1, "NIST Binary-Curve K-409", ctx, out))
goto err;
if (!test_ecdh_curve(NID_sect409r1, "NIST Binary-Curve B-409", ctx, out))
goto err;
if (!test_ecdh_curve(NID_sect571k1, "NIST Binary-Curve K-571", ctx, out))
goto err;
if (!test_ecdh_curve(NID_sect571r1, "NIST Binary-Curve B-571", ctx, out))
goto err;
# endif
if (!test_ecdh_kat(out, "Brainpool Prime-Curve brainpoolP256r1", 256))
goto err;
if (!test_ecdh_kat(out, "Brainpool Prime-Curve brainpoolP384r1", 384))
goto err;
if (!test_ecdh_kat(out, "Brainpool Prime-Curve brainpoolP512r1", 512))
goto err;
ret = 0;
err:
ERR_print_errors_fp(stderr);
if (ctx)
BN_CTX_free(ctx);
BIO_free(out);
CRYPTO_cleanup_all_ex_data();
ERR_remove_thread_state(NULL);
CRYPTO_mem_leaks_fp(stderr);
EXIT(ret);
return (ret);
}
int main (int argc, char *argv[])
{
int err = 0;
int v;
RSA *key;
unsigned char ptext[256];
unsigned char ctext[256];
//static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a";
static unsigned char ptext_ex[] = "hello world";
unsigned char ctext_ex[256];
int plen;
int clen = 0;
int num;
int n;
memset(ptext,0,256);
memset(ctext,0,256);
CRYPTO_malloc_debug_init ();
CRYPTO_dbg_set_options (V_CRYPTO_MDEBUG_ALL);
CRYPTO_mem_ctrl (CRYPTO_MEM_CHECK_ON);
RAND_seed (rnd_seed, sizeof rnd_seed); /* or OAEP may fail */
plen = sizeof (ptext_ex) - 1;
key = RSA_new ();
switch (v % 3)
{
case 0:
clen = key1 (key, ctext_ex);
break;
case 1:
clen = key2 (key, ctext_ex);
break;
case 2:
clen = key3 (key, ctext_ex);
break;
}
if (v / 3 >= 1)
key->flags |= RSA_FLAG_NO_CONSTTIME;
printf("before public encrypt : %s\n", ptext_ex);
num = RSA_public_encrypt (plen, ptext_ex, ctext, key, RSA_PKCS1_PADDING);
if (num != clen)
{
printf ("PKCS#1 v1.5 encryption failed!\n");
err = 1;
}
printf("after public encrypt : %s\n",ctext);
num = RSA_private_decrypt (num, ctext, ptext, key, RSA_PKCS1_PADDING);
if (num != plen || memcmp (ptext, ptext_ex, num) != 0)
{
printf ("PKCS#1 v1.5 decryption failed!\n");
err = 1;
}
else
printf ("PKCS #1 v1.5 encryption/decryption ok\n");
printf("after private decrypt : %s\n",ptext);
RSA_free (key);
CRYPTO_cleanup_all_ex_data ();
ERR_remove_thread_state (NULL);
CRYPTO_mem_leaks_fp (stderr);
return err;
}
int main(int argc, char **argv)
{
static char buf[1024];
char **args = argv + 1;
const char *sname = "fipstests.sh";
ARGS arg;
int xargc;
char **xargv;
int lineno = 0, badarg = 0;
int nerr = 0, quiet = 0, verbose = 0;
int rv;
FILE *in = NULL;
#ifdef FIPS_ALGVS_MEMCHECK
CRYPTO_malloc_debug_init();
OPENSSL_init();
CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
#endif
#if defined(_TMS320C6400_PLUS)
SysInit();
#endif
#if (defined(__arm__) || defined(__aarch64__))
if (*args && !strcmp(*args, "-noaccel"))
{
extern unsigned int OPENSSL_armcap_P;
OPENSSL_armcap_P=0;
args++;
argc--;
}
#endif
if (*args && *args[0] != '-')
{
rv = run_prg(argc - 1, args);
#ifdef FIPS_ALGVS_MEMCHECK
CRYPTO_mem_leaks_fp(stderr);
#endif
return rv;
}
while (!badarg && *args && *args[0] == '-')
{
if (!strcmp(*args, "-script"))
{
if (args[1])
{
args++;
sname = *args;
}
else
badarg = 1;
}
else if (!strcmp(*args, "-quiet"))
quiet = 1;
else if (!strcmp(*args, "-verbose"))
verbose = 1;
else
badarg = 1;
args++;
}
if (badarg)
{
fprintf(stderr, "Error processing arguments\n");
return 1;
}
in = fopen(sname, "r");
if (!in)
{
fprintf(stderr, "Error opening script file \"%s\"\n", sname);
return 1;
}
arg.data = NULL;
arg.count = 0;
while (fgets(buf, sizeof(buf), in))
{
lineno++;
if (!chopup_args(&arg, buf, &xargc, &xargv))
fprintf(stderr, "Error processing line %d\n", lineno);
else
{
if (!quiet)
{
int i;
int narg = verbose ? xargc : xargc - 2;
printf("Running command line:");
for (i = 0; i < narg; i++)
printf(" %s", xargv[i]);
printf("\n");
}
rv = run_prg(xargc, xargv);
if (FIPS_module_mode())
FIPS_module_mode_set(0, NULL);
if (rv != 0)
nerr++;
if (rv == -100)
fprintf(stderr, "ERROR: Command not found\n");
else if (rv != 0)
fprintf(stderr, "ERROR: returned %d\n", rv);
else if (verbose)
printf("\tCommand run successfully\n");
}
}
if (!quiet)
printf("Completed with %d errors\n", nerr);
if (arg.data)
OPENSSL_free(arg.data);
fclose(in);
#ifdef FIPS_ALGVS_MEMCHECK
CRYPTO_mem_leaks_fp(stderr);
#endif
if (nerr == 0)
return 0;
return 1;
}
int main(int argc, char *argv[]) {
void *bb;
BN_CTX *ctx = NULL;
int nid;
BIO *out;
CRYPTO_malloc_debug_init();
CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
const char *text = "NIST Prime-Curve P-192";
#ifdef OPENSSL_SYS_WIN32
CRYPTO_malloc_init();
#endif
RAND_seed(rnd_seed, sizeof rnd_seed);
out = BIO_new(BIO_s_file());
if (out == NULL)
EXIT(1);
BIO_set_fp(out, stdout, BIO_NOCLOSE);
if ((ctx = BN_CTX_new()) == NULL)
goto err;
nid = NID_X9_62_prime192v1;
//EC_POINT *bb;
EC_KEY *a = NULL; //EC_KEY is a structure
BIGNUM *x_a = NULL, *y_a = NULL;
char buf[12];
//unsigned char *abuf=NULL,*bbuf=NULL;
int i, alen, blen, aout, bout;
const EC_GROUP *group;
a = EC_KEY_new_by_curve_name(nid);
if (a == NULL)
goto err;
group = EC_KEY_get0_group(a);
if ((x_a = BN_new()) == NULL)
goto err;
//BN_new returns a pointer to the bignum
if ((y_a = BN_new()) == NULL)
goto err;
BIO_puts(out, "Testing key generation with ");
BIO_puts(out, text);
if (!EC_KEY_generate_key(a))
goto err;
printf("\n1 ) generating keys\n");
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group))
== NID_X9_62_prime_field) {
if (!EC_POINT_get_affine_coordinates_GFp(group,
EC_KEY_get0_public_key(a), x_a, y_a, ctx))
goto err;
}
//returns the public key
else {
if (!EC_POINT_get_affine_coordinates_GF2m(group,
EC_KEY_get0_public_key(a), x_a, y_a, ctx))
goto err;
}
BIO_puts(out, " pri 1=");
BN_print(out, EC_KEY_get0_private_key(a));
BIO_puts(out, "\n pub 1=");
BN_print(out, x_a);
BIO_puts(out, ",");
BN_print(out, y_a);
BIO_puts(out, "\n");
func(EC_KEY_get0_public_key(a));
err: ERR_print_errors_fp(stderr);
if (x_a)
BN_free(x_a);
if (y_a)
BN_free(y_a);
if (a)
EC_KEY_free(a);
if (ctx)
BN_CTX_free(ctx);
BIO_free(out);
CRYPTO_cleanup_all_ex_data();
ERR_remove_state(0);
CRYPTO_mem_leaks_fp(stderr);
return 0;
}
int main(int argc, char *argv[])
{
int err=0;
int v;
RSA *key;
unsigned char ptext[256];
unsigned char ctext[256];
static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a";
unsigned char ctext_ex[256];
int plen;
int clen = 0;
int num;
CRYPTO_malloc_debug_init();
CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */
plen = sizeof(ptext_ex) - 1;
for (v = 0; v < 3; v++)
{
key = RSA_new();
switch (v) {
case 0:
clen = key1(key, ctext_ex);
break;
case 1:
clen = key2(key, ctext_ex);
break;
case 2:
clen = key3(key, ctext_ex);
break;
}
num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
RSA_PKCS1_PADDING);
if (num != clen)
{
printf("PKCS#1 v1.5 encryption failed!\n");
err=1;
goto oaep;
}
num = RSA_private_decrypt(num, ctext, ptext, key,
RSA_PKCS1_PADDING);
if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
{
printf("PKCS#1 v1.5 decryption failed!\n");
err=1;
}
else
printf("PKCS #1 v1.5 encryption/decryption ok\n");
oaep:
ERR_clear_error();
num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
RSA_PKCS1_OAEP_PADDING);
if (num == -1 && pad_unknown())
{
printf("No OAEP support\n");
goto next;
}
if (num != clen)
{
printf("OAEP encryption failed!\n");
err=1;
goto next;
}
num = RSA_private_decrypt(num, ctext, ptext, key,
RSA_PKCS1_OAEP_PADDING);
if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
{
printf("OAEP decryption (encrypted data) failed!\n");
err=1;
}
else if (memcmp(ctext, ctext_ex, num) == 0)
{
printf("OAEP test vector %d passed!\n", v);
goto next;
}
/* Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT).
Try decrypting ctext_ex */
num = RSA_private_decrypt(clen, ctext_ex, ptext, key,
RSA_PKCS1_OAEP_PADDING);
if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
{
printf("OAEP decryption (test vector data) failed!\n");
err=1;
}
else
printf("OAEP encryption/decryption ok\n");
next:
RSA_free(key);
}
CRYPTO_cleanup_all_ex_data();
ERR_remove_state(0);
CRYPTO_mem_leaks_fp(stderr);
return err;
}
int main(int argc, char *argv[])
{
ENGINE *block[512];
char buf[256];
const char *id, *name;
ENGINE *ptr;
int loop;
int to_return = 1;
ENGINE *new_h1 = NULL;
ENGINE *new_h2 = NULL;
ENGINE *new_h3 = NULL;
ENGINE *new_h4 = NULL;
/* enable memory leak checking unless explicitly disabled */
if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
{
CRYPTO_malloc_debug_init();
CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
}
else
{
/* OPENSSL_DEBUG_MEMORY=off */
CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
}
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
ERR_load_crypto_strings();
memset(block, 0, 512 * sizeof(ENGINE *));
if(((new_h1 = ENGINE_new()) == NULL) ||
!ENGINE_set_id(new_h1, "test_id0") ||
!ENGINE_set_name(new_h1, "First test item") ||
((new_h2 = ENGINE_new()) == NULL) ||
!ENGINE_set_id(new_h2, "test_id1") ||
!ENGINE_set_name(new_h2, "Second test item") ||
((new_h3 = ENGINE_new()) == NULL) ||
!ENGINE_set_id(new_h3, "test_id2") ||
!ENGINE_set_name(new_h3, "Third test item") ||
((new_h4 = ENGINE_new()) == NULL) ||
!ENGINE_set_id(new_h4, "test_id3") ||
!ENGINE_set_name(new_h4, "Fourth test item"))
{
printf("Couldn't set up test ENGINE structures\n");
goto end;
}
printf("\nenginetest beginning\n\n");
display_engine_list();
if(!ENGINE_add(new_h1))
{
printf("Add failed!\n");
goto end;
}
display_engine_list();
ptr = ENGINE_get_first();
if(!ENGINE_remove(ptr))
{
printf("Remove failed!\n");
goto end;
}
if (ptr)
ENGINE_free(ptr);
display_engine_list();
if(!ENGINE_add(new_h3) || !ENGINE_add(new_h2))
{
printf("Add failed!\n");
goto end;
}
display_engine_list();
if(!ENGINE_remove(new_h2))
{
printf("Remove failed!\n");
goto end;
}
display_engine_list();
if(!ENGINE_add(new_h4))
{
printf("Add failed!\n");
goto end;
}
display_engine_list();
if(ENGINE_add(new_h3))
{
printf("Add *should* have failed but didn't!\n");
goto end;
}
else
printf("Add that should fail did.\n");
ERR_clear_error();
if(ENGINE_remove(new_h2))
{
printf("Remove *should* have failed but didn't!\n");
goto end;
}
else
printf("Remove that should fail did.\n");
ERR_clear_error();
if(!ENGINE_remove(new_h3))
{
printf("Remove failed!\n");
goto end;
}
display_engine_list();
if(!ENGINE_remove(new_h4))
{
printf("Remove failed!\n");
goto end;
}
display_engine_list();
/* Depending on whether there's any hardware support compiled
* in, this remove may be destined to fail. */
ptr = ENGINE_get_first();
if(ptr)
if(!ENGINE_remove(ptr))
printf("Remove failed!i - probably no hardware "
"support present.\n");
if (ptr)
ENGINE_free(ptr);
display_engine_list();
if(!ENGINE_add(new_h1) || !ENGINE_remove(new_h1))
{
printf("Couldn't add and remove to an empty list!\n");
goto end;
}
else
printf("Successfully added and removed to an empty list!\n");
printf("About to beef up the engine-type list\n");
for(loop = 0; loop < 512; loop++)
{
sprintf(buf, "id%i", loop);
id = BUF_strdup(buf);
sprintf(buf, "Fake engine type %i", loop);
name = BUF_strdup(buf);
if(((block[loop] = ENGINE_new()) == NULL) ||
!ENGINE_set_id(block[loop], id) ||
!ENGINE_set_name(block[loop], name))
{
printf("Couldn't create block of ENGINE structures.\n"
"I'll probably also core-dump now, damn.\n");
goto end;
}
}
for(loop = 0; loop < 512; loop++)
{
if(!ENGINE_add(block[loop]))
{
printf("\nAdding stopped at %i, (%s,%s)\n",
loop, ENGINE_get_id(block[loop]),
ENGINE_get_name(block[loop]));
goto cleanup_loop;
}
else
printf("."); fflush(stdout);
}
cleanup_loop:
printf("\nAbout to empty the engine-type list\n");
while((ptr = ENGINE_get_first()) != NULL)
{
if(!ENGINE_remove(ptr))
{
printf("\nRemove failed!\n");
goto end;
}
ENGINE_free(ptr);
printf("."); fflush(stdout);
}
for(loop = 0; loop < 512; loop++)
{
OPENSSL_free((void *)ENGINE_get_id(block[loop]));
OPENSSL_free((void *)ENGINE_get_name(block[loop]));
}
printf("\nTests completed happily\n");
to_return = 0;
end:
if(to_return)
ERR_print_errors_fp(stderr);
if(new_h1) ENGINE_free(new_h1);
if(new_h2) ENGINE_free(new_h2);
if(new_h3) ENGINE_free(new_h3);
if(new_h4) ENGINE_free(new_h4);
for(loop = 0; loop < 512; loop++)
if(block[loop])
ENGINE_free(block[loop]);
ENGINE_cleanup();
CRYPTO_cleanup_all_ex_data();
ERR_free_strings();
ERR_remove_thread_state(NULL);
CRYPTO_mem_leaks_fp(stderr);
return to_return;
}
int main(int argc, char *argv[])
{
ENGINE *block[512];
char buf[256];
const char *id, *name, *p;
ENGINE *ptr;
int loop;
int to_return = 1;
ENGINE *new_h1 = NULL;
ENGINE *new_h2 = NULL;
ENGINE *new_h3 = NULL;
ENGINE *new_h4 = NULL;
p = getenv("OPENSSL_DEBUG_MEMORY");
if (p != NULL && strcmp(p, "on") == 0)
CRYPTO_set_mem_debug(1);
memset(block, 0, sizeof(block));
if (((new_h1 = ENGINE_new()) == NULL) ||
!ENGINE_set_id(new_h1, "test_id0") ||
!ENGINE_set_name(new_h1, "First test item") ||
((new_h2 = ENGINE_new()) == NULL) ||
!ENGINE_set_id(new_h2, "test_id1") ||
!ENGINE_set_name(new_h2, "Second test item") ||
((new_h3 = ENGINE_new()) == NULL) ||
!ENGINE_set_id(new_h3, "test_id2") ||
!ENGINE_set_name(new_h3, "Third test item") ||
((new_h4 = ENGINE_new()) == NULL) ||
!ENGINE_set_id(new_h4, "test_id3") ||
!ENGINE_set_name(new_h4, "Fourth test item")) {
printf("Couldn't set up test ENGINE structures\n");
goto end;
}
printf("\nenginetest beginning\n\n");
display_engine_list();
if (!ENGINE_add(new_h1)) {
printf("Add failed!\n");
goto end;
}
display_engine_list();
ptr = ENGINE_get_first();
if (!ENGINE_remove(ptr)) {
printf("Remove failed!\n");
goto end;
}
ENGINE_free(ptr);
display_engine_list();
if (!ENGINE_add(new_h3) || !ENGINE_add(new_h2)) {
printf("Add failed!\n");
goto end;
}
display_engine_list();
if (!ENGINE_remove(new_h2)) {
printf("Remove failed!\n");
goto end;
}
display_engine_list();
if (!ENGINE_add(new_h4)) {
printf("Add failed!\n");
goto end;
}
display_engine_list();
if (ENGINE_add(new_h3)) {
printf("Add *should* have failed but didn't!\n");
goto end;
} else
printf("Add that should fail did.\n");
ERR_clear_error();
if (ENGINE_remove(new_h2)) {
printf("Remove *should* have failed but didn't!\n");
goto end;
} else
printf("Remove that should fail did.\n");
ERR_clear_error();
if (!ENGINE_remove(new_h3)) {
printf("Remove failed!\n");
goto end;
}
display_engine_list();
if (!ENGINE_remove(new_h4)) {
printf("Remove failed!\n");
goto end;
}
display_engine_list();
/*
* Depending on whether there's any hardware support compiled in, this
* remove may be destined to fail.
*/
ptr = ENGINE_get_first();
if (ptr)
if (!ENGINE_remove(ptr))
printf("Remove failed!i - probably no hardware "
"support present.\n");
ENGINE_free(ptr);
display_engine_list();
if (!ENGINE_add(new_h1) || !ENGINE_remove(new_h1)) {
printf("Couldn't add and remove to an empty list!\n");
goto end;
} else
printf("Successfully added and removed to an empty list!\n");
printf("About to beef up the engine-type list\n");
for (loop = 0; loop < 512; loop++) {
sprintf(buf, "id%i", loop);
id = OPENSSL_strdup(buf);
sprintf(buf, "Fake engine type %i", loop);
name = OPENSSL_strdup(buf);
if (((block[loop] = ENGINE_new()) == NULL) ||
!ENGINE_set_id(block[loop], id) ||
!ENGINE_set_name(block[loop], name)) {
printf("Couldn't create block of ENGINE structures.\n"
"I'll probably also core-dump now, damn.\n");
goto end;
}
}
for (loop = 0; loop < 512; loop++) {
if (!ENGINE_add(block[loop])) {
printf("\nAdding stopped at %i, (%s,%s)\n",
loop, ENGINE_get_id(block[loop]),
ENGINE_get_name(block[loop]));
goto cleanup_loop;
} else
printf(".");
fflush(stdout);
}
cleanup_loop:
printf("\nAbout to empty the engine-type list\n");
while ((ptr = ENGINE_get_first()) != NULL) {
if (!ENGINE_remove(ptr)) {
printf("\nRemove failed!\n");
goto end;
}
ENGINE_free(ptr);
printf(".");
fflush(stdout);
}
for (loop = 0; loop < 512; loop++) {
OPENSSL_free((void *)ENGINE_get_id(block[loop]));
OPENSSL_free((void *)ENGINE_get_name(block[loop]));
}
printf("\nTests completed happily\n");
to_return = 0;
end:
if (to_return)
ERR_print_errors_fp(stderr);
ENGINE_free(new_h1);
ENGINE_free(new_h2);
ENGINE_free(new_h3);
ENGINE_free(new_h4);
for (loop = 0; loop < 512; loop++)
ENGINE_free(block[loop]);
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
if (CRYPTO_mem_leaks_fp(stderr) <= 0)
to_return = 1;
#endif
return to_return;
}
int main(int argc,char **argv)
{
const char *szTestFile;
FILE *f;
if(argc != 2)
{
fprintf(stderr,"%s <test file>\n",argv[0]);
EXIT(1);
}
CRYPTO_malloc_debug_init();
CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
szTestFile=argv[1];
f=fopen(szTestFile,"r");
if(!f)
{
perror(szTestFile);
EXIT(2);
}
/* Load up the software EVP_CIPHER and EVP_MD definitions */
OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests();
#ifndef OPENSSL_NO_ENGINE
/* Load all compiled-in ENGINEs */
ENGINE_load_builtin_engines();
#endif
#if 0
OPENSSL_config();
#endif
#ifndef OPENSSL_NO_ENGINE
/* Register all available ENGINE implementations of ciphers and digests.
* This could perhaps be changed to "ENGINE_register_all_complete()"? */
ENGINE_register_all_ciphers();
ENGINE_register_all_digests();
/* If we add command-line options, this statement should be switchable.
* It'll prevent ENGINEs being ENGINE_init()ialised for cipher/digest use if
* they weren't already initialised. */
/* ENGINE_set_cipher_flags(ENGINE_CIPHER_FLAG_NOINIT); */
#endif
for( ; ; )
{
char line[4096];
char *p;
char *cipher;
unsigned char *iv,*key,*plaintext,*ciphertext;
int encdec;
int kn,in,pn,cn;
if(!fgets((char *)line,sizeof line,f))
break;
if(line[0] == '#' || line[0] == '\n')
continue;
p=line;
cipher=sstrsep(&p,":");
key=ustrsep(&p,":");
iv=ustrsep(&p,":");
plaintext=ustrsep(&p,":");
ciphertext=ustrsep(&p,":");
if (p[-1] == '\n') {
p[-1] = '\0';
encdec = -1;
} else {
encdec = atoi(sstrsep(&p,"\n"));
}
kn=convert(key);
in=convert(iv);
pn=convert(plaintext);
cn=convert(ciphertext);
if(!test_cipher(cipher,key,kn,iv,in,plaintext,pn,ciphertext,cn,encdec)
&& !test_digest(cipher,plaintext,pn,ciphertext,cn))
{
#ifdef OPENSSL_NO_AES
if (strstr(cipher, "AES") == cipher)
{
fprintf(stdout, "Cipher disabled, skipping %s\n", cipher);
continue;
}
#endif
#ifdef OPENSSL_NO_DES
if (strstr(cipher, "DES") == cipher)
{
fprintf(stdout, "Cipher disabled, skipping %s\n", cipher);
continue;
}
#endif
#ifdef OPENSSL_NO_RC4
if (strstr(cipher, "RC4") == cipher)
{
fprintf(stdout, "Cipher disabled, skipping %s\n", cipher);
continue;
}
#endif
#ifdef OPENSSL_NO_CAMELLIA
if (strstr(cipher, "CAMELLIA") == cipher)
{
fprintf(stdout, "Cipher disabled, skipping %s\n", cipher);
continue;
}
#endif
fprintf(stderr,"Can't find %s\n",cipher);
EXIT(3);
}
}
#ifndef OPENSSL_NO_ENGINE
ENGINE_cleanup();
#endif
EVP_cleanup();
CRYPTO_cleanup_all_ex_data();
ERR_remove_state(0);
ERR_free_strings();
CRYPTO_mem_leaks_fp(stderr);
return 0;
}
int main(int argc, char *argv[])
{
int err = 0;
int v;
RSA *key;
unsigned char ptext[256];
unsigned char ctext[256];
static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a";
unsigned char ctext_ex[256];
int plen;
int clen = 0;
int num;
int n;
CRYPTO_set_mem_debug(1);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
RAND_seed(rnd_seed, sizeof(rnd_seed)); /* or OAEP may fail */
plen = sizeof(ptext_ex) - 1;
for (v = 0; v < 3; v++) {
key = RSA_new();
switch (v) {
case 0:
clen = key1(key, ctext_ex);
break;
case 1:
clen = key2(key, ctext_ex);
break;
case 2:
clen = key3(key, ctext_ex);
break;
}
num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
RSA_PKCS1_PADDING);
if (num != clen) {
printf("PKCS#1 v1.5 encryption failed!\n");
err = 1;
goto oaep;
}
num = RSA_private_decrypt(num, ctext, ptext, key, RSA_PKCS1_PADDING);
if (num != plen || memcmp(ptext, ptext_ex, num) != 0) {
printf("PKCS#1 v1.5 decryption failed!\n");
err = 1;
} else
printf("PKCS #1 v1.5 encryption/decryption ok\n");
oaep:
ERR_clear_error();
num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
RSA_PKCS1_OAEP_PADDING);
if (num == -1 && pad_unknown()) {
printf("No OAEP support\n");
goto next;
}
if (num != clen) {
printf("OAEP encryption failed!\n");
err = 1;
goto next;
}
num = RSA_private_decrypt(num, ctext, ptext, key,
RSA_PKCS1_OAEP_PADDING);
if (num != plen || memcmp(ptext, ptext_ex, num) != 0) {
printf("OAEP decryption (encrypted data) failed!\n");
err = 1;
} else if (memcmp(ctext, ctext_ex, num) == 0)
printf("OAEP test vector %d passed!\n", v);
/*
* Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT). Try
* decrypting ctext_ex
*/
num = RSA_private_decrypt(clen, ctext_ex, ptext, key,
RSA_PKCS1_OAEP_PADDING);
if (num != plen || memcmp(ptext, ptext_ex, num) != 0) {
printf("OAEP decryption (test vector data) failed!\n");
err = 1;
} else
printf("OAEP encryption/decryption ok\n");
/* Try decrypting corrupted ciphertexts. */
for (n = 0; n < clen; ++n) {
ctext[n] ^= 1;
num = RSA_private_decrypt(clen, ctext, ptext, key,
RSA_PKCS1_OAEP_PADDING);
if (num > 0) {
printf("Corrupt data decrypted!\n");
err = 1;
break;
}
ctext[n] ^= 1;
}
/* Test truncated ciphertexts, as well as negative length. */
for (n = -1; n < clen; ++n) {
num = RSA_private_decrypt(n, ctext, ptext, key,
RSA_PKCS1_OAEP_PADDING);
if (num > 0) {
printf("Truncated data decrypted!\n");
err = 1;
break;
}
}
next:
RSA_free(key);
}
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
if (CRYPTO_mem_leaks_fp(stderr) <= 0)
err = 1;
#endif
return err;
}
