summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authortb <>2023-04-06 08:38:53 +0000
committertb <>2023-04-06 08:38:53 +0000
commitb95a82a8db13f8e79ab8027f1fdfee0836bf02ec (patch)
tree835e550e13e5639089fd60857dd814eb4a0b1472
parent1fc713cc1f1d499ef5e37a149d8bf968e3b122c2 (diff)
downloadopenbsd-b95a82a8db13f8e79ab8027f1fdfee0836bf02ec.tar.gz
openbsd-b95a82a8db13f8e79ab8027f1fdfee0836bf02ec.tar.bz2
openbsd-b95a82a8db13f8e79ab8027f1fdfee0836bf02ec.zip
wycheproof: use EVP_MD instead of importing "hash"
Diffstat
-rw-r--r--src/regress/lib/libcrypto/wycheproof/wycheproof.go122
1 files changed, 52 insertions, 70 deletions
diff --git a/src/regress/lib/libcrypto/wycheproof/wycheproof.go b/src/regress/lib/libcrypto/wycheproof/wycheproof.go
index b3c9225bb6..0698ac90b7 100644
--- a/src/regress/lib/libcrypto/wycheproof/wycheproof.go
+++ b/src/regress/lib/libcrypto/wycheproof/wycheproof.go
@@ -1,4 +1,4 @@
1/* $OpenBSD: wycheproof.go,v 1.141 2023/03/25 09:21:17 tb Exp $ */ 1/* $OpenBSD: wycheproof.go,v 1.142 2023/04/06 08:38:53 tb Exp $ */
2/* 2/*
3 * Copyright (c) 2018 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2018 Joel Sing <jsing@openbsd.org>
4 * Copyright (c) 2018,2019,2022 Theo Buehler <tb@openbsd.org> 4 * Copyright (c) 2018,2019,2022 Theo Buehler <tb@openbsd.org>
@@ -75,14 +75,10 @@ import "C"
75 75
76import ( 76import (
77 "bytes" 77 "bytes"
78 "crypto/sha1"
79 "crypto/sha256"
80 "crypto/sha512"
81 "encoding/base64" 78 "encoding/base64"
82 "encoding/hex" 79 "encoding/hex"
83 "encoding/json" 80 "encoding/json"
84 "fmt" 81 "fmt"
85 "hash"
86 "io/ioutil" 82 "io/ioutil"
87 "log" 83 "log"
88 "os" 84 "os"
@@ -564,23 +560,6 @@ func nidFromString(ns string) (int, error) {
564 return -1, fmt.Errorf("unknown NID %q", ns) 560 return -1, fmt.Errorf("unknown NID %q", ns)
565} 561}
566 562
567func hashFromString(hs string) (hash.Hash, error) {
568 switch hs {
569 case "SHA-1":
570 return sha1.New(), nil
571 case "SHA-224":
572 return sha256.New224(), nil
573 case "SHA-256":
574 return sha256.New(), nil
575 case "SHA-384":
576 return sha512.New384(), nil
577 case "SHA-512":
578 return sha512.New(), nil
579 default:
580 return nil, fmt.Errorf("unknown hash %q", hs)
581 }
582}
583
584func hashEvpMdFromString(hs string) (*C.EVP_MD, error) { 563func hashEvpMdFromString(hs string) (*C.EVP_MD, error) {
585 switch hs { 564 switch hs {
586 case "SHA-1": 565 case "SHA-1":
@@ -598,6 +577,26 @@ func hashEvpMdFromString(hs string) (*C.EVP_MD, error) {
598 } 577 }
599} 578}
600 579
580func hashEvpDigestMessage(md *C.EVP_MD, msg []byte) ([]byte, C.size, error) {
581 size := C.EVP_MD_size(md)
582 if size <= 0 || size > C.EVP_MAX_MD_SIZE {
583 return nil, 0, fmt.Errorf("unexpected MD size %d", size)
584 }
585
586 msgLen := len(msg)
587 if msgLen == 0 {
588 msg = append(msg, 0)
589 }
590
591 digest := make([]byte, size)
592
593 if C.EVP_Digest(unsafe.Pointer(&msg[0]), C.size_t(msgLen), (*C.uchar)(unsafe.Pointer(&digest[0])), nil, md, nil) != 1 {
594 return nil, 0, fmt.Errorf("EVP_Digest failed")
595 }
596
597 return digest, int(size), nil
598}
599
601func checkAesCbcPkcs5(ctx *C.EVP_CIPHER_CTX, doEncrypt int, key []byte, keyLen int, 600func checkAesCbcPkcs5(ctx *C.EVP_CIPHER_CTX, doEncrypt int, key []byte, keyLen int,
602 iv []byte, ivLen int, in []byte, inLen int, out []byte, outLen int, 601 iv []byte, ivLen int, in []byte, inLen int, out []byte, outLen int,
603 wt *wycheproofTestAesCbcPkcs5) bool { 602 wt *wycheproofTestAesCbcPkcs5) bool {
@@ -1337,19 +1336,15 @@ func encodeDSAP1363Sig(wtSig string) (*C.uchar, C.int) {
1337 return cDer, derLen 1336 return cDer, derLen
1338} 1337}
1339 1338
1340func runDSATest(dsa *C.DSA, variant testVariant, h hash.Hash, wt *wycheproofTestDSA) bool { 1339func runDSATest(dsa *C.DSA, md *C.EVP_MD, variant testVariant, wt *wycheproofTestDSA) bool {
1341 msg, err := hex.DecodeString(wt.Msg) 1340 msg, err := hex.DecodeString(wt.Msg)
1342 if err != nil { 1341 if err != nil {
1343 log.Fatalf("Failed to decode message %q: %v", wt.Msg, err) 1342 log.Fatalf("Failed to decode message %q: %v", wt.Msg, err)
1344 } 1343 }
1345 1344
1346 h.Reset() 1345 msg, msgLen, err := hashEvpDigestMessage(md, msg)
1347 h.Write(msg) 1346 if err != nil {
1348 msg = h.Sum(nil) 1347 log.Fatalf("%v", err)
1349
1350 msgLen := len(msg)
1351 if msgLen == 0 {
1352 msg = append(msg, 0)
1353 } 1348 }
1354 1349
1355 var ret C.int 1350 var ret C.int
@@ -1433,7 +1428,7 @@ func runDSATestGroup(algorithm string, variant testVariant, wtg *wycheproofTestG
1433 log.Fatalf("DSA_set0_key returned %d", ret) 1428 log.Fatalf("DSA_set0_key returned %d", ret)
1434 } 1429 }
1435 1430
1436 h, err := hashFromString(wtg.SHA) 1431 md, err := hashEvpMdFromString(wtg.SHA)
1437 if err != nil { 1432 if err != nil {
1438 log.Fatalf("Failed to get hash: %v", err) 1433 log.Fatalf("Failed to get hash: %v", err)
1439 } 1434 }
@@ -1475,13 +1470,13 @@ func runDSATestGroup(algorithm string, variant testVariant, wtg *wycheproofTestG
1475 1470
1476 success := true 1471 success := true
1477 for _, wt := range wtg.Tests { 1472 for _, wt := range wtg.Tests {
1478 if !runDSATest(dsa, variant, h, wt) { 1473 if !runDSATest(dsa, md, variant, wt) {
1479 success = false 1474 success = false
1480 } 1475 }
1481 if !runDSATest(dsaDER, variant, h, wt) { 1476 if !runDSATest(dsaDER, md, variant, wt) {
1482 success = false 1477 success = false
1483 } 1478 }
1484 if !runDSATest(dsaPEM, variant, h, wt) { 1479 if !runDSATest(dsaPEM, md, variant, wt) {
1485 success = false 1480 success = false
1486 } 1481 }
1487 } 1482 }
@@ -1722,19 +1717,15 @@ func runECDHWebCryptoTestGroup(algorithm string, wtg *wycheproofTestGroupECDHWeb
1722 return success 1717 return success
1723} 1718}
1724 1719
1725func runECDSATest(ecKey *C.EC_KEY, nid int, h hash.Hash, variant testVariant, wt *wycheproofTestECDSA) bool { 1720func runECDSATest(ecKey *C.EC_KEY, md *C.EVP_MD, nid int, variant testVariant, wt *wycheproofTestECDSA) bool {
1726 msg, err := hex.DecodeString(wt.Msg) 1721 msg, err := hex.DecodeString(wt.Msg)
1727 if err != nil { 1722 if err != nil {
1728 log.Fatalf("Failed to decode message %q: %v", wt.Msg, err) 1723 log.Fatalf("Failed to decode message %q: %v", wt.Msg, err)
1729 } 1724 }
1730 1725
1731 h.Reset() 1726 msg, msgLen, err := hashEvpDigestMessage(md, msg)
1732 h.Write(msg) 1727 if err != nil {
1733 msg = h.Sum(nil) 1728 log.Fatalf("%v", err)
1734
1735 msgLen := len(msg)
1736 if msgLen == 0 {
1737 msg = append(msg, 0)
1738 } 1729 }
1739 1730
1740 var ret C.int 1731 var ret C.int
@@ -1810,14 +1801,14 @@ func runECDSATestGroup(algorithm string, variant testVariant, wtg *wycheproofTes
1810 if err != nil { 1801 if err != nil {
1811 log.Fatalf("Failed to get MD NID: %v", err) 1802 log.Fatalf("Failed to get MD NID: %v", err)
1812 } 1803 }
1813 h, err := hashFromString(wtg.SHA) 1804 md, err := hashEvpMdFromString(wtg.SHA)
1814 if err != nil { 1805 if err != nil {
1815 log.Fatalf("Failed to get hash: %v", err) 1806 log.Fatalf("Failed to get hash: %v", err)
1816 } 1807 }
1817 1808
1818 success := true 1809 success := true
1819 for _, wt := range wtg.Tests { 1810 for _, wt := range wtg.Tests {
1820 if !runECDSATest(ecKey, nid, h, variant, wt) { 1811 if !runECDSATest(ecKey, md, nid, variant, wt) {
1821 success = false 1812 success = false
1822 } 1813 }
1823 } 1814 }
@@ -1914,14 +1905,14 @@ func runECDSAWebCryptoTestGroup(algorithm string, wtg *wycheproofTestGroupECDSAW
1914 if err != nil { 1905 if err != nil {
1915 log.Fatalf("Failed to get MD NID: %v", err) 1906 log.Fatalf("Failed to get MD NID: %v", err)
1916 } 1907 }
1917 h, err := hashFromString(wtg.SHA) 1908 md, err := hashEvpMdFromString(wtg.SHA)
1918 if err != nil { 1909 if err != nil {
1919 log.Fatalf("Failed to get hash: %v", err) 1910 log.Fatalf("Failed to get hash: %v", err)
1920 } 1911 }
1921 1912
1922 success := true 1913 success := true
1923 for _, wt := range wtg.Tests { 1914 for _, wt := range wtg.Tests {
1924 if !runECDSATest(ecKey, nid, h, Webcrypto, wt) { 1915 if !runECDSATest(ecKey, md, nid, Webcrypto, wt) {
1925 success = false 1916 success = false
1926 } 1917 }
1927 } 1918 }
@@ -2512,25 +2503,23 @@ func runRsaesPkcs1TestGroup(algorithm string, wtg *wycheproofTestGroupRsaesPkcs1
2512 return success 2503 return success
2513} 2504}
2514 2505
2515func runRsassaTest(rsa *C.RSA, h hash.Hash, sha *C.EVP_MD, mgfSha *C.EVP_MD, sLen int, wt *wycheproofTestRsassa) bool { 2506func runRsassaTest(rsa *C.RSA, sha *C.EVP_MD, mgfSha *C.EVP_MD, sLen int, wt *wycheproofTestRsassa) bool {
2516 msg, err := hex.DecodeString(wt.Msg) 2507 msg, err := hex.DecodeString(wt.Msg)
2517 if err != nil { 2508 if err != nil {
2518 log.Fatalf("Failed to decode message %q: %v", wt.Msg, err) 2509 log.Fatalf("Failed to decode message %q: %v", wt.Msg, err)
2519 } 2510 }
2520 2511
2521 h.Reset() 2512 msg, _, err = hashEvpDigestMessage(sha, msg)
2522 h.Write(msg) 2513 if err != nil {
2523 msg = h.Sum(nil) 2514 log.Fatalf("%v", err)
2515 }
2524 2516
2525 sig, err := hex.DecodeString(wt.Sig) 2517 sig, err := hex.DecodeString(wt.Sig)
2526 if err != nil { 2518 if err != nil {
2527 log.Fatalf("Failed to decode signature %q: %v", wt.Sig, err) 2519 log.Fatalf("Failed to decode signature %q: %v", wt.Sig, err)
2528 } 2520 }
2529 2521
2530 msgLen, sigLen := len(msg), len(sig) 2522 sigLen := len(sig)
2531 if msgLen == 0 {
2532 msg = append(msg, 0)
2533 }
2534 if sigLen == 0 { 2523 if sigLen == 0 {
2535 sig = append(sig, 0) 2524 sig = append(sig, 0)
2536 } 2525 }
@@ -2599,11 +2588,6 @@ func runRsassaTestGroup(algorithm string, wtg *wycheproofTestGroupRsassa) bool {
2599 rsaN = nil 2588 rsaN = nil
2600 rsaE = nil 2589 rsaE = nil
2601 2590
2602 h, err := hashFromString(wtg.SHA)
2603 if err != nil {
2604 log.Fatalf("Failed to get hash: %v", err)
2605 }
2606
2607 sha, err := hashEvpMdFromString(wtg.SHA) 2591 sha, err := hashEvpMdFromString(wtg.SHA)
2608 if err != nil { 2592 if err != nil {
2609 log.Fatalf("Failed to get hash: %v", err) 2593 log.Fatalf("Failed to get hash: %v", err)
@@ -2616,32 +2600,30 @@ func runRsassaTestGroup(algorithm string, wtg *wycheproofTestGroupRsassa) bool {
2616 2600
2617 success := true 2601 success := true
2618 for _, wt := range wtg.Tests { 2602 for _, wt := range wtg.Tests {
2619 if !runRsassaTest(rsa, h, sha, mgfSha, wtg.SLen, wt) { 2603 if !runRsassaTest(rsa, sha, mgfSha, wtg.SLen, wt) {
2620 success = false 2604 success = false
2621 } 2605 }
2622 } 2606 }
2623 return success 2607 return success
2624} 2608}
2625 2609
2626func runRSATest(rsa *C.RSA, nid int, h hash.Hash, wt *wycheproofTestRSA) bool { 2610func runRSATest(rsa *C.RSA, md *C.EVP_MD, nid int, wt *wycheproofTestRSA) bool {
2627 msg, err := hex.DecodeString(wt.Msg) 2611 msg, err := hex.DecodeString(wt.Msg)
2628 if err != nil { 2612 if err != nil {
2629 log.Fatalf("Failed to decode message %q: %v", wt.Msg, err) 2613 log.Fatalf("Failed to decode message %q: %v", wt.Msg, err)
2630 } 2614 }
2631 2615
2632 h.Reset() 2616 msg, msgLen, err := hashEvpDigestMessage(md, msg)
2633 h.Write(msg) 2617 if err != nil {
2634 msg = h.Sum(nil) 2618 log.Fatalf("%v", err)
2619 }
2635 2620
2636 sig, err := hex.DecodeString(wt.Sig) 2621 sig, err := hex.DecodeString(wt.Sig)
2637 if err != nil { 2622 if err != nil {
2638 log.Fatalf("Failed to decode signature %q: %v", wt.Sig, err) 2623 log.Fatalf("Failed to decode signature %q: %v", wt.Sig, err)
2639 } 2624 }
2640 2625
2641 msgLen, sigLen := len(msg), len(sig) 2626 sigLen := len(sig)
2642 if msgLen == 0 {
2643 msg = append(msg, 0)
2644 }
2645 if sigLen == 0 { 2627 if sigLen == 0 {
2646 sig = append(sig, 0) 2628 sig = append(sig, 0)
2647 } 2629 }
@@ -2695,14 +2677,14 @@ func runRSATestGroup(algorithm string, wtg *wycheproofTestGroupRSA) bool {
2695 if err != nil { 2677 if err != nil {
2696 log.Fatalf("Failed to get MD NID: %v", err) 2678 log.Fatalf("Failed to get MD NID: %v", err)
2697 } 2679 }
2698 h, err := hashFromString(wtg.SHA) 2680 md, err := hashEvpMdFromString(wtg.SHA)
2699 if err != nil { 2681 if err != nil {
2700 log.Fatalf("Failed to get hash: %v", err) 2682 log.Fatalf("Failed to get hash: %v", err)
2701 } 2683 }
2702 2684
2703 success := true 2685 success := true
2704 for _, wt := range wtg.Tests { 2686 for _, wt := range wtg.Tests {
2705 if !runRSATest(rsa, nid, h, wt) { 2687 if !runRSATest(rsa, md, nid, wt) {
2706 success = false 2688 success = false
2707 } 2689 }
2708 } 2690 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-02 04:05:33 +0000