1 files changed, 41 insertions, 30 deletions
diff --git a/src/regress/lib/libcrypto/wycheproof/wycheproof.go b/src/regress/lib/libcrypto/wycheproof/wycheproof.go
index 718369c5f4..c5fb81b94d 100644
--- a/src/regress/lib/libcrypto/wycheproof/wycheproof.go
+++ b/src/regress/lib/libcrypto/wycheproof/wycheproof.go
@@ -1,4 +1,4 @@
-/* $OpenBSD: wycheproof.go,v 1.184 2025/09/07 19:26:28 tb Exp $ */
+/* $OpenBSD: wycheproof.go,v 1.185 2025/09/08 06:47:34 tb Exp $ */
 /*
 * Copyright (c) 2018,2023 Joel Sing <jsing@openbsd.org>
 * Copyright (c) 2018,2019,2022-2025 Theo Buehler <tb@openbsd.org>
@@ -2725,53 +2725,64 @@ func (wtg *wycheproofTestGroupX25519) run(algorithm string, variant testVariant)
        return success
 }
-func testGroupFromAlgorithm(algorithm string, variant testVariant) wycheproofTestGroupRunner {
+func testGroupFromTestVector(wtv *wycheproofTestVectorsV1) (wycheproofTestGroupRunner, testVariant) {
-        if algorithm == "ECDH" && variant == Webcrypto {
+        variant := Normal
-                return &wycheproofTestGroupECDHWebCrypto{}
-        }
+        switch wtv.Algorithm {
-        switch algorithm {
        case "AES-CBC-PKCS5":
-                return &wycheproofTestGroupAesCbcPkcs5{}
+                return &wycheproofTestGroupAesCbcPkcs5{}, variant
        case "AES-CCM", "AES-GCM":
-                return &wycheproofTestGroupAesAead{}
+                return &wycheproofTestGroupAesAead{}, variant
        case "AES-CMAC":
-                return &wycheproofTestGroupAesCmac{}
+                return &wycheproofTestGroupAesCmac{}, variant
        case "AES-WRAP":
-                return &wycheproofTestGroupKW{}
+                return &wycheproofTestGroupKW{}, variant
        case "CHACHA20-POLY1305", "XCHACHA20-POLY1305":
-                return &wycheproofTestGroupChaCha{}
+                return &wycheproofTestGroupChaCha{}, variant
        case "DSA":
-                return &wycheproofTestGroupDSA{}
+                if wtv.Schema == "dsa_p1363_verify_schema_v1.json" {
+                        variant = P1363
+                }
+                return &wycheproofTestGroupDSA{}, variant
        case "EcCurveTest":
-                return &wycheproofTestGroupEcCurve{}
+                return &wycheproofTestGroupEcCurve{}, variant
        case "ECDH":
-                return &wycheproofTestGroupECDH{}
+                if wtv.Schema == "ecdh_webcrypto_test_schema_v1.json" {
+                        return &wycheproofTestGroupECDHWebCrypto{}, Webcrypto
+                }
+                if wtv.Schema == "ecdh_ecpoint_test_schema_v1.json" {
+                        variant = EcPoint
+                }
+                return &wycheproofTestGroupECDH{}, variant
        case "ECDSA":
-                return &wycheproofTestGroupECDSA{}
+                if wtv.Schema == "ecdsa_p1363_verify_schema_v1.json" {
+                        variant = P1363
+                }
+                return &wycheproofTestGroupECDSA{}, variant
        case "EDDSA":
-                return &wycheproofTestGroupEdDSA{}
+                return &wycheproofTestGroupEdDSA{}, variant
        case "HKDF-SHA-1", "HKDF-SHA-256", "HKDF-SHA-384", "HKDF-SHA-512":
-                return &wycheproofTestGroupHkdf{}
+                return &wycheproofTestGroupHkdf{}, variant
        case "HMACSHA1", "HMACSHA224", "HMACSHA256", "HMACSHA384", "HMACSHA512", "HMACSHA512/224", "HMACSHA512/256", "HMACSHA3-224", "HMACSHA3-256", "HMACSHA3-384", "HMACSHA3-512":
-                return &wycheproofTestGroupHmac{}
+                return &wycheproofTestGroupHmac{}, variant
        case "PrimalityTest":
-                return &wycheproofTestGroupPrimality{}
+                return &wycheproofTestGroupPrimality{}, variant
        case "RSAES-OAEP":
-                return &wycheproofTestGroupRsaesOaep{}
+                return &wycheproofTestGroupRsaesOaep{}, variant
        case "RSAES-PKCS1-v1_5":
-                return &wycheproofTestGroupRsaesPkcs1{}
+                return &wycheproofTestGroupRsaesPkcs1{}, variant
        case "RSASSA-PSS":
-                return &wycheproofTestGroupRsassa{}
+                return &wycheproofTestGroupRsassa{}, variant
        case "RSASSA-PKCS1-v1_5", "RSASig":
-                return &wycheproofTestGroupRSA{}
+                return &wycheproofTestGroupRSA{}, variant
        case "XDH", "X25519":
-                return &wycheproofTestGroupX25519{}
+                return &wycheproofTestGroupX25519{}, variant
        default:
-                return nil
+                return nil, Skip
        }
 }
-func runTestVectors(path string, variant testVariant) bool {
+func runTestVectors(path string) bool {
        var algorithm string
        var testGroups []json.RawMessage
        b, err := ioutil.ReadFile(path)
@@ -2788,7 +2799,7 @@ func runTestVectors(path string, variant testVariant) bool {
        success := true
        for _, tg := range testGroups {
-                wtg := testGroupFromAlgorithm(algorithm, variant)
+                wtg, variant := testGroupFromTestVector(wtv)
                if wtg == nil {
                        log.Printf("INFO: Unknown test vector algorithm %q", algorithm)
                        return false
@@ -2911,15 +2922,15 @@ func main() {
                        }
                        wg.Add(1)
                        <-vectorsRateLimitCh
-                        go func(tv string, variant testVariant) {
+                        go func(tv string) {
                                select {
-                                case resultCh <- runTestVectors(tv, variant):
+                                case resultCh <- runTestVectors(tv):
                                default:
                                        log.Fatal("result channel is full")
                                }
                                vectorsRateLimitCh <- true
                                wg.Done()
-                        }(tv, test.variant)
+                        }(tv)
                }
        }

diff --git a/src/regress/lib/libcrypto/wycheproof/wycheproof.go b/src/regress/lib/libcrypto/wycheproof/wycheproof.go index 718369c5f4..c5fb81b94d 100644 --- a/src/regress/lib/libcrypto/wycheproof/wycheproof.go +++ b/src/regress/lib/libcrypto/wycheproof/wycheproof.go
@@ -1,4 +1,4 @@
1	/* $OpenBSD: wycheproof.go,v 1.184 2025/09/07 19:26:28 tb Exp $ */	1	/* $OpenBSD: wycheproof.go,v 1.185 2025/09/08 06:47:34 tb Exp $ */
2	/*	2	/*
3	* Copyright (c) 2018,2023 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2018,2023 Joel Sing <jsing@openbsd.org>
4	* Copyright (c) 2018,2019,2022-2025 Theo Buehler <tb@openbsd.org>	4	* Copyright (c) 2018,2019,2022-2025 Theo Buehler <tb@openbsd.org>
@@ -2725,53 +2725,64 @@ func (wtg *wycheproofTestGroupX25519) run(algorithm string, variant testVariant)
2725	return success	2725	return success
2726	}	2726	}
2727		2727
2728	func testGroupFromAlgorithm(algorithm string, variant testVariant) wycheproofTestGroupRunner {	2728	func testGroupFromTestVector(wtv *wycheproofTestVectorsV1) (wycheproofTestGroupRunner, testVariant) {
2729	if algorithm == "ECDH" && variant == Webcrypto {	2729	variant := Normal
2730	return &wycheproofTestGroupECDHWebCrypto{}	2730
2731	}	2731	switch wtv.Algorithm {
2732	switch algorithm {
2733	case "AES-CBC-PKCS5":	2732	case "AES-CBC-PKCS5":
2734	return &wycheproofTestGroupAesCbcPkcs5{}	2733	return &wycheproofTestGroupAesCbcPkcs5{}, variant
2735	case "AES-CCM", "AES-GCM":	2734	case "AES-CCM", "AES-GCM":
2736	return &wycheproofTestGroupAesAead{}	2735	return &wycheproofTestGroupAesAead{}, variant
2737	case "AES-CMAC":	2736	case "AES-CMAC":
2738	return &wycheproofTestGroupAesCmac{}	2737	return &wycheproofTestGroupAesCmac{}, variant
2739	case "AES-WRAP":	2738	case "AES-WRAP":
2740	return &wycheproofTestGroupKW{}	2739	return &wycheproofTestGroupKW{}, variant
2741	case "CHACHA20-POLY1305", "XCHACHA20-POLY1305":	2740	case "CHACHA20-POLY1305", "XCHACHA20-POLY1305":
2742	return &wycheproofTestGroupChaCha{}	2741	return &wycheproofTestGroupChaCha{}, variant
2743	case "DSA":	2742	case "DSA":
2744	return &wycheproofTestGroupDSA{}	2743	if wtv.Schema == "dsa_p1363_verify_schema_v1.json" {
		2744	variant = P1363
		2745	}
		2746	return &wycheproofTestGroupDSA{}, variant
2745	case "EcCurveTest":	2747	case "EcCurveTest":
2746	return &wycheproofTestGroupEcCurve{}	2748	return &wycheproofTestGroupEcCurve{}, variant
2747	case "ECDH":	2749	case "ECDH":
2748	return &wycheproofTestGroupECDH{}	2750	if wtv.Schema == "ecdh_webcrypto_test_schema_v1.json" {
		2751	return &wycheproofTestGroupECDHWebCrypto{}, Webcrypto
		2752	}
		2753	if wtv.Schema == "ecdh_ecpoint_test_schema_v1.json" {
		2754	variant = EcPoint
		2755	}
		2756	return &wycheproofTestGroupECDH{}, variant
2749	case "ECDSA":	2757	case "ECDSA":
2750	return &wycheproofTestGroupECDSA{}	2758	if wtv.Schema == "ecdsa_p1363_verify_schema_v1.json" {
		2759	variant = P1363
		2760	}
		2761	return &wycheproofTestGroupECDSA{}, variant
2751	case "EDDSA":	2762	case "EDDSA":
2752	return &wycheproofTestGroupEdDSA{}	2763	return &wycheproofTestGroupEdDSA{}, variant
2753	case "HKDF-SHA-1", "HKDF-SHA-256", "HKDF-SHA-384", "HKDF-SHA-512":	2764	case "HKDF-SHA-1", "HKDF-SHA-256", "HKDF-SHA-384", "HKDF-SHA-512":
2754	return &wycheproofTestGroupHkdf{}	2765	return &wycheproofTestGroupHkdf{}, variant
2755	case "HMACSHA1", "HMACSHA224", "HMACSHA256", "HMACSHA384", "HMACSHA512", "HMACSHA512/224", "HMACSHA512/256", "HMACSHA3-224", "HMACSHA3-256", "HMACSHA3-384", "HMACSHA3-512":	2766	case "HMACSHA1", "HMACSHA224", "HMACSHA256", "HMACSHA384", "HMACSHA512", "HMACSHA512/224", "HMACSHA512/256", "HMACSHA3-224", "HMACSHA3-256", "HMACSHA3-384", "HMACSHA3-512":
2756	return &wycheproofTestGroupHmac{}	2767	return &wycheproofTestGroupHmac{}, variant
2757	case "PrimalityTest":	2768	case "PrimalityTest":
2758	return &wycheproofTestGroupPrimality{}	2769	return &wycheproofTestGroupPrimality{}, variant
2759	case "RSAES-OAEP":	2770	case "RSAES-OAEP":
2760	return &wycheproofTestGroupRsaesOaep{}	2771	return &wycheproofTestGroupRsaesOaep{}, variant
2761	case "RSAES-PKCS1-v1_5":	2772	case "RSAES-PKCS1-v1_5":
2762	return &wycheproofTestGroupRsaesPkcs1{}	2773	return &wycheproofTestGroupRsaesPkcs1{}, variant
2763	case "RSASSA-PSS":	2774	case "RSASSA-PSS":
2764	return &wycheproofTestGroupRsassa{}	2775	return &wycheproofTestGroupRsassa{}, variant
2765	case "RSASSA-PKCS1-v1_5", "RSASig":	2776	case "RSASSA-PKCS1-v1_5", "RSASig":
2766	return &wycheproofTestGroupRSA{}	2777	return &wycheproofTestGroupRSA{}, variant
2767	case "XDH", "X25519":	2778	case "XDH", "X25519":
2768	return &wycheproofTestGroupX25519{}	2779	return &wycheproofTestGroupX25519{}, variant
2769	default:	2780	default:
2770	return nil	2781	return nil, Skip
2771	}	2782	}
2772	}	2783	}
2773		2784
2774	func runTestVectors(path string, variant testVariant) bool {	2785	func runTestVectors(path string) bool {
2775	var algorithm string	2786	var algorithm string
2776	var testGroups []json.RawMessage	2787	var testGroups []json.RawMessage
2777	b, err := ioutil.ReadFile(path)	2788	b, err := ioutil.ReadFile(path)
@@ -2788,7 +2799,7 @@ func runTestVectors(path string, variant testVariant) bool {
2788		2799
2789	success := true	2800	success := true
2790	for _, tg := range testGroups {	2801	for _, tg := range testGroups {
2791	wtg := testGroupFromAlgorithm(algorithm, variant)	2802	wtg, variant := testGroupFromTestVector(wtv)
2792	if wtg == nil {	2803	if wtg == nil {
2793	log.Printf("INFO: Unknown test vector algorithm %q", algorithm)	2804	log.Printf("INFO: Unknown test vector algorithm %q", algorithm)
2794	return false	2805	return false
@@ -2911,15 +2922,15 @@ func main() {
2911	}	2922	}
2912	wg.Add(1)	2923	wg.Add(1)
2913	<-vectorsRateLimitCh	2924	<-vectorsRateLimitCh
2914	go func(tv string, variant testVariant) {	2925	go func(tv string) {
2915	select {	2926	select {
2916	case resultCh <- runTestVectors(tv, variant):	2927	case resultCh <- runTestVectors(tv):
2917	default:	2928	default:
2918	log.Fatal("result channel is full")	2929	log.Fatal("result channel is full")
2919	}	2930	}
2920	vectorsRateLimitCh <- true	2931	vectorsRateLimitCh <- true
2921	wg.Done()	2932	wg.Done()
2922	}(tv, test.variant)	2933	}(tv)
2923	}	2934	}
2924	}	2935	}
2925		2936