Use maps to retrieve various AES variants

author: tb <> 2023-11-07 16:37:02 +0000
committer: tb <> 2023-11-07 16:37:02 +0000
commit: c04812f8ed8b3ee4fd760e7d319f9676c9128010 (patch)
tree: b5738f2076ac1f8a12aeed763483efb7693020fb
parent: 0e746a7f919aef7f9f23a9b2769212d7da9c6c2a (diff)
download: openbsd-c04812f8ed8b3ee4fd760e7d319f9676c9128010.tar.gz
openbsd-c04812f8ed8b3ee4fd760e7d319f9676c9128010.tar.bz2
openbsd-c04812f8ed8b3ee4fd760e7d319f9676c9128010.zip
1 files changed, 72 insertions, 60 deletions
diff --git a/src/regress/lib/libcrypto/wycheproof/wycheproof.go b/src/regress/lib/libcrypto/wycheproof/wycheproof.go
index 863e46cba7..6f33fe56c6 100644
--- a/src/regress/lib/libcrypto/wycheproof/wycheproof.go
+++ b/src/regress/lib/libcrypto/wycheproof/wycheproof.go
@@ -1,4 +1,4 @@
-/* $OpenBSD: wycheproof.go,v 1.153 2023/11/07 16:35:55 tb Exp $ */
+/* $OpenBSD: wycheproof.go,v 1.154 2023/11/07 16:37:02 tb Exp $ */
 /*
 * Copyright (c) 2018 Joel Sing <jsing@openbsd.org>
 * Copyright (c) 2018,2019,2022 Theo Buehler <tb@openbsd.org>
@@ -642,17 +642,17 @@ func nidFromString(ns string) (int, error) {
 }
 var evpMds = map[string]*C.EVP_MD{
-        "SHA-1": C.EVP_sha1(),
+        "SHA-1":       C.EVP_sha1(),
-        "SHA-224": C.EVP_sha224(),
+        "SHA-224":     C.EVP_sha224(),
-        "SHA-256": C.EVP_sha256(),
+        "SHA-256":     C.EVP_sha256(),
-        "SHA-384": C.EVP_sha384(),
+        "SHA-384":     C.EVP_sha384(),
-        "SHA-512": C.EVP_sha512(),
+        "SHA-512":     C.EVP_sha512(),
        "SHA-512/224": C.EVP_sha512_224(),
        "SHA-512/256": C.EVP_sha512_256(),
-        "SHA3-224": C.EVP_sha3_224(),
+        "SHA3-224":    C.EVP_sha3_224(),
-        "SHA3-256": C.EVP_sha3_256(),
+        "SHA3-256":    C.EVP_sha3_256(),
-        "SHA3-384": C.EVP_sha3_384(),
+        "SHA3-384":    C.EVP_sha3_384(),
-        "SHA3-512": C.EVP_sha3_512(),
+        "SHA3-512":    C.EVP_sha3_512(),
 }
 func hashEvpMdFromString(hs string) (*C.EVP_MD, error) {
@@ -663,6 +663,52 @@ func hashEvpMdFromString(hs string) (*C.EVP_MD, error) {
        return nil, fmt.Errorf("unknown hash %q", hs)
 }
+var aesCbcs = map[int]*C.EVP_CIPHER{
+        128: C.EVP_aes_128_cbc(),
+        192: C.EVP_aes_192_cbc(),
+        256: C.EVP_aes_256_cbc(),
+}
+var aesCcms = map[int]*C.EVP_CIPHER{
+        128: C.EVP_aes_128_ccm(),
+        192: C.EVP_aes_192_ccm(),
+        256: C.EVP_aes_256_ccm(),
+}
+var aesGcms = map[int]*C.EVP_CIPHER{
+        128: C.EVP_aes_128_gcm(),
+        192: C.EVP_aes_192_gcm(),
+        256: C.EVP_aes_256_gcm(),
+}
+var aeses = map[string]map[int]*C.EVP_CIPHER{
+        "AES-CBC": aesCbcs,
+        "AES-CCM": aesCcms,
+        "AES-GCM": aesGcms,
+}
+func cipherAes(algorithm string, size int) (*C.EVP_CIPHER, error) {
+        cipher, ok := aeses[algorithm][size]
+        if ok {
+                return cipher, nil
+        }
+        return nil, fmt.Errorf("invalid key size: %d", size)
+}
+var aesAeads = map[int]*C.EVP_AEAD{
+        128: C.EVP_aead_aes_128_gcm(),
+        192: nil,
+        256: C.EVP_aead_aes_256_gcm(),
+}
+func aeadAes(size int) (*C.EVP_AEAD, error) {
+        aead, ok := aesAeads[size]
+        if ok {
+                return aead, nil
+        }
+        return nil, fmt.Errorf("invalid key size: %d", size)
+}
 func hashEvpDigestMessage(md *C.EVP_MD, msg []byte) ([]byte, int, error) {
        size := C.EVP_MD_size(md)
        if size <= 0 || size > C.EVP_MAX_MD_SIZE {
@@ -786,16 +832,9 @@ func (wtg *wycheproofTestGroupAesCbcPkcs5) run(algorithm string, variant testVar
        fmt.Printf("Running %v test group %v with IV size %d and key size %d...\n",
                algorithm, wtg.Type, wtg.IVSize, wtg.KeySize)
-        var cipher *C.EVP_CIPHER
+        cipher, err := cipherAes("AES-CBC", wtg.KeySize)
-        switch wtg.KeySize {
+        if err != nil {
-        case 128:
+                log.Fatal(err)
-                cipher = C.EVP_aes_128_cbc()
-        case 192:
-                cipher = C.EVP_aes_192_cbc()
-        case 256:
-                cipher = C.EVP_aes_256_cbc()
-        default:
-                log.Fatalf("Unsupported key size: %d", wtg.KeySize)
        }
        ctx := C.EVP_CIPHER_CTX_new()
@@ -1040,37 +1079,17 @@ func (wtg *wycheproofTestGroupAesAead) run(algorithm string, variant testVariant
        fmt.Printf("Running %v test group %v with IV size %d, key size %d and tag size %d...\n",
                algorithm, wtg.Type, wtg.IVSize, wtg.KeySize, wtg.TagSize)
-        var cipher *C.EVP_CIPHER
+        cipher, err := cipherAes(algorithm, wtg.KeySize)
+        if err != nil {
+                fmt.Printf("INFO: Skipping tests with %s\n", err)
+                return true
+        }
        var aead *C.EVP_AEAD
-        switch algorithm {
+        if algorithm == "AES-GCM" {
-        case "AES-CCM":
+                aead, err = aeadAes(wtg.KeySize)
-                switch wtg.KeySize {
+                if err != nil {
-                case 128:
+                        log.Fatalf("%s", err)
-                        cipher = C.EVP_aes_128_ccm()
-                case 192:
-                        cipher = C.EVP_aes_192_ccm()
-                case 256:
-                        cipher = C.EVP_aes_256_ccm()
-                default:
-                        fmt.Printf("INFO: Skipping tests with invalid key size %d\n", wtg.KeySize)
-                        return true
-                }
-        case "AES-GCM":
-                switch wtg.KeySize {
-                case 128:
-                        cipher = C.EVP_aes_128_gcm()
-                        aead = C.EVP_aead_aes_128_gcm()
-                case 192:
-                        cipher = C.EVP_aes_192_gcm()
-                case 256:
-                        cipher = C.EVP_aes_256_gcm()
-                        aead = C.EVP_aead_aes_256_gcm()
-                default:
-                        fmt.Printf("INFO: Skipping tests with invalid key size %d\n", wtg.KeySize)
-                        return true
                }
-        default:
-                log.Fatalf("runAesAeadTestGroup() - unhandled algorithm: %v", algorithm)
        }
        ctx := C.EVP_CIPHER_CTX_new()
@@ -1158,17 +1177,10 @@ func runAesCmacTest(cipher *C.EVP_CIPHER, wt *wycheproofTestAesCmac) bool {
 func (wtg *wycheproofTestGroupAesCmac) run(algorithm string, variant testVariant) bool {
        fmt.Printf("Running %v test group %v with key size %d and tag size %d...\n",
                algorithm, wtg.Type, wtg.KeySize, wtg.TagSize)
-        var cipher *C.EVP_CIPHER
+        cipher, err := cipherAes("AES-CBC", wtg.KeySize)
-        switch wtg.KeySize {
+        if err != nil {
-        case 128:
+                fmt.Printf("INFO: Skipping tests with %d.\n", err)
-                cipher = C.EVP_aes_128_cbc()
-        case 192:
-                cipher = C.EVP_aes_192_cbc()
-        case 256:
-                cipher = C.EVP_aes_256_cbc()
-        default:
-                fmt.Printf("INFO: Skipping tests with invalid key size %d\n", wtg.KeySize)
                return true
        }
author	tb <>	2023-11-07 16:37:02 +0000
committer	tb <>	2023-11-07 16:37:02 +0000
commit	c04812f8ed8b3ee4fd760e7d319f9676c9128010 (patch)
tree	b5738f2076ac1f8a12aeed763483efb7693020fb
parent	0e746a7f919aef7f9f23a9b2769212d7da9c6c2a (diff)
download	openbsd-c04812f8ed8b3ee4fd760e7d319f9676c9128010.tar.gz openbsd-c04812f8ed8b3ee4fd760e7d319f9676c9128010.tar.bz2 openbsd-c04812f8ed8b3ee4fd760e7d319f9676c9128010.zip

diff --git a/src/regress/lib/libcrypto/wycheproof/wycheproof.go b/src/regress/lib/libcrypto/wycheproof/wycheproof.go index 863e46cba7..6f33fe56c6 100644 --- a/src/regress/lib/libcrypto/wycheproof/wycheproof.go +++ b/src/regress/lib/libcrypto/wycheproof/wycheproof.go
@@ -1,4 +1,4 @@
1	/* $OpenBSD: wycheproof.go,v 1.153 2023/11/07 16:35:55 tb Exp $ */	1	/* $OpenBSD: wycheproof.go,v 1.154 2023/11/07 16:37:02 tb Exp $ */
2	/*	2	/*
3	* Copyright (c) 2018 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2018 Joel Sing <jsing@openbsd.org>
4	* Copyright (c) 2018,2019,2022 Theo Buehler <tb@openbsd.org>	4	* Copyright (c) 2018,2019,2022 Theo Buehler <tb@openbsd.org>
@@ -642,17 +642,17 @@ func nidFromString(ns string) (int, error) {
642	}	642	}
643		643
644	var evpMds = map[string]*C.EVP_MD{	644	var evpMds = map[string]*C.EVP_MD{
645	"SHA-1": C.EVP_sha1(),	645	"SHA-1": C.EVP_sha1(),
646	"SHA-224": C.EVP_sha224(),	646	"SHA-224": C.EVP_sha224(),
647	"SHA-256": C.EVP_sha256(),	647	"SHA-256": C.EVP_sha256(),
648	"SHA-384": C.EVP_sha384(),	648	"SHA-384": C.EVP_sha384(),
649	"SHA-512": C.EVP_sha512(),	649	"SHA-512": C.EVP_sha512(),
650	"SHA-512/224": C.EVP_sha512_224(),	650	"SHA-512/224": C.EVP_sha512_224(),
651	"SHA-512/256": C.EVP_sha512_256(),	651	"SHA-512/256": C.EVP_sha512_256(),
652	"SHA3-224": C.EVP_sha3_224(),	652	"SHA3-224": C.EVP_sha3_224(),
653	"SHA3-256": C.EVP_sha3_256(),	653	"SHA3-256": C.EVP_sha3_256(),
654	"SHA3-384": C.EVP_sha3_384(),	654	"SHA3-384": C.EVP_sha3_384(),
655	"SHA3-512": C.EVP_sha3_512(),	655	"SHA3-512": C.EVP_sha3_512(),
656	}	656	}
657		657
658	func hashEvpMdFromString(hs string) (*C.EVP_MD, error) {	658	func hashEvpMdFromString(hs string) (*C.EVP_MD, error) {
@@ -663,6 +663,52 @@ func hashEvpMdFromString(hs string) (*C.EVP_MD, error) {
663	return nil, fmt.Errorf("unknown hash %q", hs)	663	return nil, fmt.Errorf("unknown hash %q", hs)
664	}	664	}
665		665
		666	var aesCbcs = map[int]*C.EVP_CIPHER{
		667	128: C.EVP_aes_128_cbc(),
		668	192: C.EVP_aes_192_cbc(),
		669	256: C.EVP_aes_256_cbc(),
		670	}
		671
		672	var aesCcms = map[int]*C.EVP_CIPHER{
		673	128: C.EVP_aes_128_ccm(),
		674	192: C.EVP_aes_192_ccm(),
		675	256: C.EVP_aes_256_ccm(),
		676	}
		677
		678	var aesGcms = map[int]*C.EVP_CIPHER{
		679	128: C.EVP_aes_128_gcm(),
		680	192: C.EVP_aes_192_gcm(),
		681	256: C.EVP_aes_256_gcm(),
		682	}
		683
		684	var aeses = map[string]map[int]*C.EVP_CIPHER{
		685	"AES-CBC": aesCbcs,
		686	"AES-CCM": aesCcms,
		687	"AES-GCM": aesGcms,
		688	}
		689
		690	func cipherAes(algorithm string, size int) (*C.EVP_CIPHER, error) {
		691	cipher, ok := aeses[algorithm][size]
		692	if ok {
		693	return cipher, nil
		694	}
		695	return nil, fmt.Errorf("invalid key size: %d", size)
		696	}
		697
		698	var aesAeads = map[int]*C.EVP_AEAD{
		699	128: C.EVP_aead_aes_128_gcm(),
		700	192: nil,
		701	256: C.EVP_aead_aes_256_gcm(),
		702	}
		703
		704	func aeadAes(size int) (*C.EVP_AEAD, error) {
		705	aead, ok := aesAeads[size]
		706	if ok {
		707	return aead, nil
		708	}
		709	return nil, fmt.Errorf("invalid key size: %d", size)
		710	}
		711
666	func hashEvpDigestMessage(md *C.EVP_MD, msg []byte) ([]byte, int, error) {	712	func hashEvpDigestMessage(md *C.EVP_MD, msg []byte) ([]byte, int, error) {
667	size := C.EVP_MD_size(md)	713	size := C.EVP_MD_size(md)
668	if size <= 0 \|\| size > C.EVP_MAX_MD_SIZE {	714	if size <= 0 \|\| size > C.EVP_MAX_MD_SIZE {
@@ -786,16 +832,9 @@ func (wtg *wycheproofTestGroupAesCbcPkcs5) run(algorithm string, variant testVar
786	fmt.Printf("Running %v test group %v with IV size %d and key size %d...\n",	832	fmt.Printf("Running %v test group %v with IV size %d and key size %d...\n",
787	algorithm, wtg.Type, wtg.IVSize, wtg.KeySize)	833	algorithm, wtg.Type, wtg.IVSize, wtg.KeySize)
788		834
789	var cipher *C.EVP_CIPHER	835	cipher, err := cipherAes("AES-CBC", wtg.KeySize)
790	switch wtg.KeySize {	836	if err != nil {
791	case 128:	837	log.Fatal(err)
792	cipher = C.EVP_aes_128_cbc()
793	case 192:
794	cipher = C.EVP_aes_192_cbc()
795	case 256:
796	cipher = C.EVP_aes_256_cbc()
797	default:
798	log.Fatalf("Unsupported key size: %d", wtg.KeySize)
799	}	838	}
800		839
801	ctx := C.EVP_CIPHER_CTX_new()	840	ctx := C.EVP_CIPHER_CTX_new()
@@ -1040,37 +1079,17 @@ func (wtg *wycheproofTestGroupAesAead) run(algorithm string, variant testVariant
1040	fmt.Printf("Running %v test group %v with IV size %d, key size %d and tag size %d...\n",	1079	fmt.Printf("Running %v test group %v with IV size %d, key size %d and tag size %d...\n",
1041	algorithm, wtg.Type, wtg.IVSize, wtg.KeySize, wtg.TagSize)	1080	algorithm, wtg.Type, wtg.IVSize, wtg.KeySize, wtg.TagSize)
1042		1081
1043	var cipher *C.EVP_CIPHER	1082	cipher, err := cipherAes(algorithm, wtg.KeySize)
		1083	if err != nil {
		1084	fmt.Printf("INFO: Skipping tests with %s\n", err)
		1085	return true
		1086	}
1044	var aead *C.EVP_AEAD	1087	var aead *C.EVP_AEAD
1045	switch algorithm {	1088	if algorithm == "AES-GCM" {
1046	case "AES-CCM":	1089	aead, err = aeadAes(wtg.KeySize)
1047	switch wtg.KeySize {	1090	if err != nil {
1048	case 128:	1091	log.Fatalf("%s", err)
1049	cipher = C.EVP_aes_128_ccm()
1050	case 192:
1051	cipher = C.EVP_aes_192_ccm()
1052	case 256:
1053	cipher = C.EVP_aes_256_ccm()
1054	default:
1055	fmt.Printf("INFO: Skipping tests with invalid key size %d\n", wtg.KeySize)
1056	return true
1057	}
1058	case "AES-GCM":
1059	switch wtg.KeySize {
1060	case 128:
1061	cipher = C.EVP_aes_128_gcm()
1062	aead = C.EVP_aead_aes_128_gcm()
1063	case 192:
1064	cipher = C.EVP_aes_192_gcm()
1065	case 256:
1066	cipher = C.EVP_aes_256_gcm()
1067	aead = C.EVP_aead_aes_256_gcm()
1068	default:
1069	fmt.Printf("INFO: Skipping tests with invalid key size %d\n", wtg.KeySize)
1070	return true
1071	}	1092	}
1072	default:
1073	log.Fatalf("runAesAeadTestGroup() - unhandled algorithm: %v", algorithm)
1074	}	1093	}
1075		1094
1076	ctx := C.EVP_CIPHER_CTX_new()	1095	ctx := C.EVP_CIPHER_CTX_new()
@@ -1158,17 +1177,10 @@ func runAesCmacTest(cipher C.EVP_CIPHER, wt wycheproofTestAesCmac) bool {
1158	func (wtg *wycheproofTestGroupAesCmac) run(algorithm string, variant testVariant) bool {	1177	func (wtg *wycheproofTestGroupAesCmac) run(algorithm string, variant testVariant) bool {
1159	fmt.Printf("Running %v test group %v with key size %d and tag size %d...\n",	1178	fmt.Printf("Running %v test group %v with key size %d and tag size %d...\n",
1160	algorithm, wtg.Type, wtg.KeySize, wtg.TagSize)	1179	algorithm, wtg.Type, wtg.KeySize, wtg.TagSize)
1161	var cipher *C.EVP_CIPHER	1180
1162		1181	cipher, err := cipherAes("AES-CBC", wtg.KeySize)
1163	switch wtg.KeySize {	1182	if err != nil {
1164	case 128:	1183	fmt.Printf("INFO: Skipping tests with %d.\n", err)
1165	cipher = C.EVP_aes_128_cbc()
1166	case 192:
1167	cipher = C.EVP_aes_192_cbc()
1168	case 256:
1169	cipher = C.EVP_aes_256_cbc()
1170	default:
1171	fmt.Printf("INFO: Skipping tests with invalid key size %d\n", wtg.KeySize)
1172	return true	1184	return true
1173	}	1185	}
1174		1186