int test_d2i_ECPrivateKey(void) { int len, ret = 0; uint8_t *out = NULL, *outp; const uint8_t *inp; EC_KEY *key = NULL; BIGNUM *x = NULL, *y = NULL; const EC_POINT *public; char *x_hex = NULL, *y_hex = NULL; inp = kECKeyWithoutPublic; key = d2i_ECPrivateKey(NULL, &inp, sizeof(kECKeyWithoutPublic)); if (key == NULL || inp != kECKeyWithoutPublic + sizeof(kECKeyWithoutPublic)) { fprintf(stderr, "Failed to parse private key.\n"); BIO_print_errors_fp(stderr); goto out; } len = i2d_ECPrivateKey(key, NULL); out = malloc(len); outp = out; if (len != i2d_ECPrivateKey(key, &outp)) { fprintf(stderr, "Failed to serialize private key.\n"); BIO_print_errors_fp(stderr); goto out; } if (0 != memcmp(out, kECKeyWithoutPublic, len)) { fprintf(stderr, "Serialisation of key doesn't match original.\n"); goto out; } public = EC_KEY_get0_public_key(key);
static int test_d2i_AutoPrivateKey(const uint8_t *input, size_t input_len, int expected_id) { int ret = 0; const uint8_t *p; EVP_PKEY *pkey = NULL; p = input; pkey = d2i_AutoPrivateKey(NULL, &p, input_len); if (pkey == NULL || p != input + input_len) { fprintf(stderr, "d2i_AutoPrivateKey failed\n"); goto done; } if (EVP_PKEY_id(pkey) != expected_id) { fprintf(stderr, "Did not decode expected type\n"); goto done; } ret = 1; done: if (!ret) { BIO_print_errors_fp(stderr); } if (pkey != NULL) { EVP_PKEY_free(pkey); } return ret; }
static int test_EVP_DigestVerifyInit(void) { int ret = 0; EVP_PKEY *pkey = NULL; EVP_MD_CTX md_ctx; EVP_MD_CTX_init(&md_ctx); pkey = load_example_rsa_key(); if (pkey == NULL || !EVP_DigestVerifyInit(&md_ctx, NULL, EVP_sha256(), NULL, pkey) || !EVP_DigestVerifyUpdate(&md_ctx, kMsg, sizeof(kMsg)) || !EVP_DigestVerifyFinal(&md_ctx, kSignature, sizeof(kSignature))) { goto out; } ret = 1; out: if (!ret) { BIO_print_errors_fp(stderr); } EVP_MD_CTX_cleanup(&md_ctx); if (pkey) { EVP_PKEY_free(pkey); } return ret; }
static int test_EVP_DigestVerifyInitFromAlgorithm(void) { int ret = 0; CBS cert, cert_body, tbs_cert, algorithm, signature; uint8_t padding; X509_ALGOR *algor = NULL; const uint8_t *derp; EVP_PKEY *pkey = NULL; EVP_MD_CTX md_ctx; EVP_MD_CTX_init(&md_ctx); CBS_init(&cert, kExamplePSSCert, sizeof(kExamplePSSCert)); if (!CBS_get_asn1(&cert, &cert_body, CBS_ASN1_SEQUENCE) || CBS_len(&cert) != 0 || !CBS_get_any_asn1_element(&cert_body, &tbs_cert, NULL, NULL) || !CBS_get_asn1_element(&cert_body, &algorithm, CBS_ASN1_SEQUENCE) || !CBS_get_asn1(&cert_body, &signature, CBS_ASN1_BITSTRING) || CBS_len(&cert_body) != 0) { fprintf(stderr, "Failed to parse certificate\n"); goto out; } /* Signatures are BIT STRINGs, but they have are multiple of 8 bytes, so the leading phase byte is just a zero. */ if (!CBS_get_u8(&signature, &padding) || padding != 0) { fprintf(stderr, "Invalid signature padding\n"); goto out; } derp = CBS_data(&algorithm); if (!d2i_X509_ALGOR(&algor, &derp, CBS_len(&algorithm)) || derp != CBS_data(&algorithm) + CBS_len(&algorithm)) { fprintf(stderr, "Failed to parse algorithm\n"); } pkey = load_example_rsa_key(); if (pkey == NULL || !EVP_DigestVerifyInitFromAlgorithm(&md_ctx, algor, pkey) || !EVP_DigestVerifyUpdate(&md_ctx, CBS_data(&tbs_cert), CBS_len(&tbs_cert)) || !EVP_DigestVerifyFinal(&md_ctx, CBS_data(&signature), CBS_len(&signature))) { goto out; } ret = 1; out: if (!ret) { BIO_print_errors_fp(stderr); } EVP_MD_CTX_cleanup(&md_ctx); if (pkey) { EVP_PKEY_free(pkey); } return ret; }
static int test_EVP_DigestSignInit(void) { int ret = 0; EVP_PKEY *pkey = NULL; uint8_t *sig = NULL; size_t sig_len = 0; EVP_MD_CTX md_ctx, md_ctx_verify; EVP_MD_CTX_init(&md_ctx); EVP_MD_CTX_init(&md_ctx_verify); pkey = load_example_rsa_key(); if (pkey == NULL || !EVP_DigestSignInit(&md_ctx, NULL, EVP_sha256(), NULL, pkey) || !EVP_DigestSignUpdate(&md_ctx, kMsg, sizeof(kMsg))) { goto out; } /* Determine the size of the signature. */ if (!EVP_DigestSignFinal(&md_ctx, NULL, &sig_len)) { goto out; } /* Sanity check for testing. */ if (sig_len != EVP_PKEY_size(pkey)) { fprintf(stderr, "sig_len mismatch\n"); goto out; } sig = malloc(sig_len); if (sig == NULL || !EVP_DigestSignFinal(&md_ctx, sig, &sig_len)) { goto out; } /* Ensure that the signature round-trips. */ if (!EVP_DigestVerifyInit(&md_ctx_verify, NULL, EVP_sha256(), NULL, pkey) || !EVP_DigestVerifyUpdate(&md_ctx_verify, kMsg, sizeof(kMsg)) || !EVP_DigestVerifyFinal(&md_ctx_verify, sig, sig_len)) { goto out; } ret = 1; out: if (!ret) { BIO_print_errors_fp(stderr); } EVP_MD_CTX_cleanup(&md_ctx); EVP_MD_CTX_cleanup(&md_ctx_verify); if (pkey) { EVP_PKEY_free(pkey); } if (sig) { free(sig); } return ret; }
static int test_EVP_DigestSignAlgorithm(void) { int ret = 0; EVP_PKEY *pkey = NULL; EVP_MD_CTX md_ctx; EVP_PKEY_CTX *pkey_ctx; EVP_MD_CTX_init(&md_ctx); pkey = load_example_rsa_key(); if (pkey == NULL) { goto out; } /* Test a simple AlgorithmIdentifier. */ if (!EVP_DigestSignInit(&md_ctx, &pkey_ctx, EVP_sha256(), NULL, pkey) || !test_algorithm_roundtrip(&md_ctx, pkey)) { fprintf(stderr, "RSA with SHA-256 failed\n"); goto out; } EVP_MD_CTX_cleanup(&md_ctx); EVP_MD_CTX_init(&md_ctx); /* Test RSA-PSS with custom parameters. */ if (!EVP_DigestSignInit(&md_ctx, &pkey_ctx, EVP_sha256(), NULL, pkey) || !EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING) || !EVP_PKEY_CTX_set_rsa_mgf1_md(pkey_ctx, EVP_sha512()) || !test_algorithm_roundtrip(&md_ctx, pkey)) { fprintf(stderr, "RSA-PSS failed\n"); goto out; } ret = 1; out: if (!ret) { BIO_print_errors_fp(stderr); } EVP_MD_CTX_cleanup(&md_ctx); if (pkey) { EVP_PKEY_free(pkey); } return ret; }
static int test_socket_connect(void) { int listening_sock = socket(AF_INET, SOCK_STREAM, 0); int sock; struct sockaddr_in sin; socklen_t sockaddr_len = sizeof(sin); static const char kTestMessage[] = "test"; char hostname[80], buf[5]; BIO *bio; memset(&sin, 0, sizeof(sin)); sin.sin_family = AF_INET; if (!inet_pton(AF_INET, "127.0.0.1", &sin.sin_addr)) { print_socket_error("inet_pton"); return 0; } if (bind(listening_sock, (struct sockaddr *)&sin, sizeof(sin)) != 0) { print_socket_error("bind"); return 0; } if (listen(listening_sock, 1)) { print_socket_error("listen"); return 0; } if (getsockname(listening_sock, (struct sockaddr *)&sin, &sockaddr_len) || sockaddr_len != sizeof(sin)) { print_socket_error("getsockname"); return 0; } BIO_snprintf(hostname, sizeof(hostname), "%s:%d", "127.0.0.1", ntohs(sin.sin_port)); bio = BIO_new_connect(hostname); if (!bio) { fprintf(stderr, "BIO_new_connect failed.\n"); return 0; } if (BIO_write(bio, kTestMessage, sizeof(kTestMessage)) != sizeof(kTestMessage)) { fprintf(stderr, "BIO_write failed.\n"); BIO_print_errors_fp(stderr); return 0; } sock = accept(listening_sock, (struct sockaddr *) &sin, &sockaddr_len); if (sock < 0) { print_socket_error("accept"); return 0; } if (recv(sock, buf, sizeof(buf), 0) != sizeof(kTestMessage)) { print_socket_error("read"); return 0; } if (memcmp(buf, kTestMessage, sizeof(kTestMessage))) { return 0; } closesocket(sock); closesocket(listening_sock); BIO_free(bio); return 1; }