3 files changed, 0 insertions, 477 deletions
diff --git a/src/regress/lib/libcrypto/aead/Makefile b/src/regress/lib/libcrypto/aead/Makefile
deleted file mode 100644
index 344bdcbbf1..0000000000
--- a/src/regress/lib/libcrypto/aead/Makefile
+++ /dev/null
@@ -1,14 +0,0 @@
-#       $OpenBSD: Makefile,v 1.3 2014/07/08 15:53:52 jsing Exp $
-PROG=   aeadtest
-LDADD=  -lcrypto
-DPADD=  ${LIBCRYPTO}
-WARNINGS=       Yes
-CFLAGS+=        -DLIBRESSL_INTERNAL -Werror
-REGRESS_TARGETS=regress-aeadtest
-regress-aeadtest: ${PROG}
-        ./${PROG} ${.CURDIR}/aeadtests.txt
-.include <bsd.regress.mk>
diff --git a/src/regress/lib/libcrypto/aead/aeadtest.c b/src/regress/lib/libcrypto/aead/aeadtest.c
deleted file mode 100644
index 1b144c2615..0000000000
--- a/src/regress/lib/libcrypto/aead/aeadtest.c
+++ /dev/null
@@ -1,377 +0,0 @@
-/*      $OpenBSD: aeadtest.c,v 1.12 2019/01/22 00:59:21 dlg Exp $       */
-/* ====================================================================
- * Copyright (c) 2011-2013 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <stdint.h>
-#include <unistd.h>
-#include <ctype.h>
-#include <openssl/evp.h>
-#include <openssl/err.h>
-/* This program tests an AEAD against a series of test vectors from a file. The
- * test vector file consists of key-value lines where the key and value are
- * separated by a colon and optional whitespace. The keys are listed in
- * NAMES, below. The values are hex-encoded data.
- *
- * After a number of key-value lines, a blank line indicates the end of the
- * test case.
- *
- * For example, here's a valid test case:
- *
- *   AEAD: chacha20-poly1305
- *   KEY: bcb2639bf989c6251b29bf38d39a9bdce7c55f4b2ac12a39c8a37b5d0a5cc2b5
- *   NONCE: 1e8b4c510f5ca083
- *   IN: 8c8419bc27
- *   AD: 34ab88c265
- *   CT: 1a7c2f33f5
- *   TAG: 2875c659d0f2808de3a40027feff91a4
- */
-#define BUF_MAX 1024
-/* These are the different types of line that are found in the input file. */
-enum {
-        AEAD = 0,       /* name of the AEAD algorithm. */
-        KEY,            /* hex encoded key. */
-        NONCE,          /* hex encoded nonce. */
-        IN,             /* hex encoded plaintext. */
-        AD,             /* hex encoded additional data. */
-        CT,             /* hex encoded ciphertext (not including the
-                         * authenticator, which is next. */
-        TAG,            /* hex encoded authenticator. */
-        NUM_TYPES
-};
-static const char NAMES[NUM_TYPES][6] = {
-        "AEAD",
-        "KEY",
-        "NONCE",
-        "IN",
-        "AD",
-        "CT",
-        "TAG",
-};
-static unsigned char
-hex_digit(char h)
-{
-        if (h >= '0' && h <= '9')
-                return h - '0';
-        else if (h >= 'a' && h <= 'f')
-                return h - 'a' + 10;
-        else if (h >= 'A' && h <= 'F')
-                return h - 'A' + 10;
-        else
-                return 16;
-}
-static int
-aead_from_name(const EVP_AEAD **aead, const char *name)
-{
-        *aead = NULL;
-        if (strcmp(name, "aes-128-gcm") == 0) {
-#ifndef OPENSSL_NO_AES
-                *aead = EVP_aead_aes_128_gcm();
-#else
-                fprintf(stderr, "No AES support.\n");
-#endif
-        } else if (strcmp(name, "aes-256-gcm") == 0) {
-#ifndef OPENSSL_NO_AES
-                *aead = EVP_aead_aes_256_gcm();
-#else
-                fprintf(stderr, "No AES support.\n");
-#endif
-        } else if (strcmp(name, "chacha20-poly1305") == 0) {
-#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
-                *aead = EVP_aead_chacha20_poly1305();
-#else
-                fprintf(stderr, "No chacha20-poly1305 support.\n");
-#endif
-        } else if (strcmp(name, "xchacha20-poly1305") == 0) {
-#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
-                *aead = EVP_aead_xchacha20_poly1305();
-#else
-                fprintf(stderr, "No xchacha20-poly1305 support.\n");
-#endif
-        } else {
-                fprintf(stderr, "Unknown AEAD: %s\n", name);
-                return -1;
-        }
-        if (*aead == NULL)
-                return 0;
-        return 1;
-}
-static int
-run_test_case(const EVP_AEAD* aead, unsigned char bufs[NUM_TYPES][BUF_MAX],
-    const unsigned int lengths[NUM_TYPES], unsigned int line_no)
-{
-        EVP_AEAD_CTX ctx;
-        unsigned char out[BUF_MAX + EVP_AEAD_MAX_TAG_LENGTH], out2[BUF_MAX];
-        size_t out_len, out_len2;
-        if (!EVP_AEAD_CTX_init(&ctx, aead, bufs[KEY], lengths[KEY],
-            lengths[TAG], NULL)) {
-                fprintf(stderr, "Failed to init AEAD on line %u\n", line_no);
-                return 0;
-        }
-        if (!EVP_AEAD_CTX_seal(&ctx, out, &out_len, sizeof(out), bufs[NONCE],
-            lengths[NONCE], bufs[IN], lengths[IN], bufs[AD], lengths[AD])) {
-                fprintf(stderr, "Failed to run AEAD on line %u\n", line_no);
-                return 0;
-        }
-        if (out_len != lengths[CT] + lengths[TAG]) {
-                fprintf(stderr, "Bad output length on line %u: %zu vs %u\n",
-                    line_no, out_len, (unsigned)(lengths[CT] + lengths[TAG]));
-                return 0;
-        }
-        if (memcmp(out, bufs[CT], lengths[CT]) != 0) {
-                fprintf(stderr, "Bad output on line %u\n", line_no);
-                return 0;
-        }
-        if (memcmp(out + lengths[CT], bufs[TAG], lengths[TAG]) != 0) {
-                fprintf(stderr, "Bad tag on line %u\n", line_no);
-                return 0;
-        }
-        if (!EVP_AEAD_CTX_open(&ctx, out2, &out_len2, lengths[IN], bufs[NONCE],
-            lengths[NONCE], out, out_len, bufs[AD], lengths[AD])) {
-                fprintf(stderr, "Failed to decrypt on line %u\n", line_no);
-                return 0;
-        }
-        if (out_len2 != lengths[IN]) {
-                fprintf(stderr, "Bad decrypt on line %u: %zu\n",
-                    line_no, out_len2);
-                return 0;
-        }
-        if (memcmp(out2, bufs[IN], out_len2) != 0) {
-                fprintf(stderr, "Plaintext mismatch on line %u\n", line_no);
-                return 0;
-        }
-        out[0] ^= 0x80;
-        if (EVP_AEAD_CTX_open(&ctx, out2, &out_len2, lengths[IN], bufs[NONCE],
-            lengths[NONCE], out, out_len, bufs[AD], lengths[AD])) {
-                fprintf(stderr, "Decrypted bad data on line %u\n", line_no);
-                return 0;
-        }
-        EVP_AEAD_CTX_cleanup(&ctx);
-        return 1;
-}
-int
-main(int argc, char **argv)
-{
-        FILE *f;
-        const EVP_AEAD *aead = NULL;
-        unsigned int line_no = 0, num_tests = 0, j;
-        unsigned char bufs[NUM_TYPES][BUF_MAX];
-        unsigned int lengths[NUM_TYPES];
-        if (argc != 2) {
-                fprintf(stderr, "%s <test file.txt>\n", argv[0]);
-                return 1;
-        }
-        f = fopen(argv[1], "r");
-        if (f == NULL) {
-                perror("failed to open input");
-                return 1;
-        }
-        for (j = 0; j < NUM_TYPES; j++)
-                lengths[j] = 0;
-        for (;;) {
-                char line[4096];
-                unsigned int i, type_len = 0;
-                unsigned char *buf = NULL;
-                unsigned int *buf_len = NULL;
-                if (!fgets(line, sizeof(line), f))
-                        break;
-                line_no++;
-                if (line[0] == '#')
-                        continue;
-                if (line[0] == '\n' || line[0] == 0) {
-                        /* Run a test, if possible. */
-                        char any_values_set = 0;
-                        for (j = 0; j < NUM_TYPES; j++) {
-                                if (lengths[j] != 0) {
-                                        any_values_set = 1;
-                                        break;
-                                }
-                        }
-                        if (!any_values_set)
-                                continue;
-                        switch (aead_from_name(&aead, bufs[AEAD])) {
-                        case 0:
-                                fprintf(stderr, "Skipping test...\n");
-                                continue;
-                        case -1:
-                                fprintf(stderr, "Aborting...\n");
-                                return 4;
-                        }
-                        if (!run_test_case(aead, bufs, lengths, line_no))
-                                return 4;
-                        for (j = 0; j < NUM_TYPES; j++)
-                                lengths[j] = 0;
-                        num_tests++;
-                        continue;
-                }
-                /* Each line looks like:
-                 *   TYPE: 0123abc
-                 * Where "TYPE" is the type of the data on the line,
-                 * e.g. "KEY". */
-                for (i = 0; line[i] != 0 && line[i] != '\n'; i++) {
-                        if (line[i] == ':') {
-                                type_len = i;
-                                break;
-                        }
-                }
-                i++;
-                if (type_len == 0) {
-                        fprintf(stderr, "Parse error on line %u\n", line_no);
-                        return 3;
-                }
-                /* After the colon, there's optional whitespace. */
-                for (; line[i] != 0 && line[i] != '\n'; i++) {
-                        if (line[i] != ' ' && line[i] != '\t')
-                                break;
-                }
-                line[type_len] = 0;
-                for (j = 0; j < NUM_TYPES; j++) {
-                        if (strcmp(line, NAMES[j]) != 0)
-                                continue;
-                        if (lengths[j] != 0) {
-                                fprintf(stderr, "Duplicate value on line %u\n",
-                                    line_no);
-                                return 3;
-                        }
-                        buf = bufs[j];
-                        buf_len = &lengths[j];
-                        break;
-                }
-                if (buf == NULL) {
-                        fprintf(stderr, "Unknown line type on line %u\n",
-                            line_no);
-                        return 3;
-                }
-                if (j == AEAD) {
-                        *buf_len = strlcpy(buf, line + i, BUF_MAX);
-                        for (j = 0; j < BUF_MAX; j++) {
-                                if (buf[j] == '\n')
-                                        buf[j] = '\0';
-                        }
-                        continue;
-                }
-                for (j = 0; line[i] != 0 && line[i] != '\n'; i++) {
-                        unsigned char v, v2;
-                        v = hex_digit(line[i++]);
-                        if (line[i] == 0 || line[i] == '\n') {
-                                fprintf(stderr, "Odd-length hex data on "
-                                    "line %u\n", line_no);
-                                return 3;
-                        }
-                        v2 = hex_digit(line[i]);
-                        if (v > 15 || v2 > 15) {
-                                fprintf(stderr, "Invalid hex char on line %u\n",
-                                    line_no);
-                                return 3;
-                        }
-                        v <<= 4;
-                        v |= v2;
-                        if (j == BUF_MAX) {
-                                fprintf(stderr, "Too much hex data on line %u "
-                                    "(max is %u bytes)\n",
-                                    line_no, (unsigned) BUF_MAX);
-                                return 3;
-                        }
-                        buf[j++] = v;
-                        *buf_len = *buf_len + 1;
-                }
-        }
-        printf("Completed %u test cases\n", num_tests);
-        printf("PASS\n");
-        fclose(f);
-        return 0;
-}
diff --git a/src/regress/lib/libcrypto/aead/aeadtests.txt b/src/regress/lib/libcrypto/aead/aeadtests.txt
deleted file mode 100644
index 4ca47303b2..0000000000
--- a/src/regress/lib/libcrypto/aead/aeadtests.txt
+++ /dev/null
@@ -1,86 +0,0 @@
-#       $OpenBSD: aeadtests.txt,v 1.8 2019/01/22 00:59:21 dlg Exp $
-#
-# MACsec GCM-AES Test Vectors (bn-randall-test-vectors-0511-v1.pdf)
-#
-# 2.5.1 65-byte Packet Authentication Using GCM-AES-128
-AEAD: aes-128-gcm
-KEY: 013FE00B5F11BE7F866D0CBBC55A7A90
-NONCE: 7CFDE9F9E33724C68932D612
-IN:
-AD: 84C5D513D2AAF6E5BBD2727788E523008932D6127CFDE9F9E33724C608000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F0005
-CT:
-TAG: 217867E50C2DAD74C28C3B50ABDF695A
-# 2.5.2 65-byte Packet Authentication Using GCM-AES-256
-AEAD: aes-256-gcm
-KEY: 83C093B58DE7FFE1C0DA926AC43FB3609AC1C80FEE1B624497EF942E2F79A823
-NONCE: 7CFDE9F9E33724C68932D612
-IN:
-AD: 84C5D513D2AAF6E5BBD2727788E523008932D6127CFDE9F9E33724C608000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F0005
-CT:
-TAG: 6EE160E8FAECA4B36C86B234920CA975
-# 2.8.1 75-byte Packet Encryption Using GCM-AES-128
-AEAD: aes-128-gcm
-KEY: 88EE087FD95DA9FBF6725AA9D757B0CD
-NONCE: 7AE8E2CA4EC500012E58495C
-IN: 08000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748490008
-AD: 68F2E77696CE7AE8E2CA4EC588E54D002E58495C
-CT: C31F53D99E5687F7365119B832D2AAE70741D593F1F9E2AB3455779B078EB8FEACDFEC1F8E3E5277F8180B43361F6512ADB16D2E38548A2C719DBA7228D840
-TAG: 88F8757ADB8AA788D8F65AD668BE70E7
-# 2.8.2 75-byte Packet Encryption Using GCM-AES-256
-AEAD: aes-256-gcm
-KEY: 4C973DBC7364621674F8B5B89E5C15511FCED9216490FB1C1A2CAA0FFE0407E5
-NONCE: 7AE8E2CA4EC500012E58495C
-IN: 08000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748490008
-AD: 68F2E77696CE7AE8E2CA4EC588E54D002E58495C
-CT: BA8AE31BC506486D6873E4FCE460E7DC57591FF00611F31C3834FE1C04AD80B66803AFCF5B27E6333FA67C99DA47C2F0CED68D531BD741A943CFF7A6713BD0
-TAG: 2611CD7DAA01D61C5C886DC1A8170107
-# Test vector from RFC7539 2.8.2
-AEAD: chacha20-poly1305
-KEY: 808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f
-NONCE: 070000004041424344454647
-IN: 4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e
-AD: 50515253c0c1c2c3c4c5c6c7
-CT: d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b6116
-TAG: 1ae10b594f09e26a7e902ecbd0600691
-# Test vector from RFC7539 Appendix A.5
-AEAD: chacha20-poly1305
-KEY: 1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0
-NONCE: 000000000102030405060708
-IN: 496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67726573732e2fe2809d
-AD: f33388860000000000004e91
-CT: 64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c29a6ad5cb4022b02709b
-TAG: eead9d67890cbb22392336fea1851f38
-# Test vector from RFC7634 Appendix A
-AEAD: chacha20-poly1305
-KEY: 808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f
-NONCE: a0a1a2a31011121314151617
-IN: 45000054a6f200004001e778c6336405c000020508005b7a3a080000553bec100007362708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363701020204
-AD: 0102030400000005
-CT: 24039428b97f417e3c13753a4f05087b67c352e6a7fab1b982d466ef407ae5c614ee8099d52844eb61aa95dfab4c02f72aa71e7c4c4f64c9befe2facc638e8f3cbec163fac469b502773f6fb94e664da9165b82829f641e0
-TAG: 76aaa8266b7fb0f7b11b369907e1ad43
-# Test vector from RFC7634 Appendix B
-AEAD: chacha20-poly1305
-KEY: 808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f
-NONCE: a0a1a2a31011121314151617
-IN: 0000000c000040010000000a00
-AD: c0c1c2c3c4c5c6c7d0d1d2d3d4d5d6d72e202500000000090000004529000029
-CT: 610394701f8d017f7c12924889
-TAG: 6b71bfe25236efd7cdc67066906315b2
-# Test vector from draft-arciszewski-xchacha-02
-AEAD: xchacha20-poly1305
-KEY: 808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f
-NONCE: 404142434445464748494a4b4c4d4e4f5051525354555657
-IN: 4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e
-AD: 50515253c0c1c2c3c4c5c6c7
-CT: bd6d179d3e83d43b9576579493c0e939572a1700252bfaccbed2902c21396cbb731c7f1b0b4aa6440bf3a82f4eda7e39ae64c6708c54c216cb96b72e1213b4522f8c9ba40db5d945b11b69b982c1bb9e3f3fac2bc369488f76b2383565d3fff921f9664c97637da9768812f615c68b13b52e
-TAG: c0875924c1c7987947deafd8780acf49

diff --git a/src/regress/lib/libcrypto/aead/Makefile b/src/regress/lib/libcrypto/aead/Makefile deleted file mode 100644 index 344bdcbbf1..0000000000 --- a/src/regress/lib/libcrypto/aead/Makefile +++ /dev/null
@@ -1,14 +0,0 @@
1	# $OpenBSD: Makefile,v 1.3 2014/07/08 15:53:52 jsing Exp $
2
3	PROG= aeadtest
4	LDADD= -lcrypto
5	DPADD= ${LIBCRYPTO}
6	WARNINGS= Yes
7	CFLAGS+= -DLIBRESSL_INTERNAL -Werror
8
9	REGRESS_TARGETS=regress-aeadtest
10
11	regress-aeadtest: ${PROG}
12	./${PROG} ${.CURDIR}/aeadtests.txt
13
14	.include <bsd.regress.mk>


diff --git a/src/regress/lib/libcrypto/aead/aeadtest.c b/src/regress/lib/libcrypto/aead/aeadtest.c deleted file mode 100644 index 1b144c2615..0000000000 --- a/src/regress/lib/libcrypto/aead/aeadtest.c +++ /dev/null
@@ -1,377 +0,0 @@
1	/* $OpenBSD: aeadtest.c,v 1.12 2019/01/22 00:59:21 dlg Exp $ */
2	/* ====================================================================
3	* Copyright (c) 2011-2013 The OpenSSL Project. All rights reserved.
4	*
5	* Redistribution and use in source and binary forms, with or without
6	* modification, are permitted provided that the following conditions
7	* are met:
8	*
9	* 1. Redistributions of source code must retain the above copyright
10	* notice, this list of conditions and the following disclaimer.
11	*
12	* 2. Redistributions in binary form must reproduce the above copyright
13	* notice, this list of conditions and the following disclaimer in
14	* the documentation and/or other materials provided with the
15	* distribution.
16	*
17	* 3. All advertising materials mentioning features or use of this
18	* software must display the following acknowledgment:
19	* "This product includes software developed by the OpenSSL Project
20	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21	*
22	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23	* endorse or promote products derived from this software without
24	* prior written permission. For written permission, please contact
25	* licensing@OpenSSL.org.
26	*
27	* 5. Products derived from this software may not be called "OpenSSL"
28	* nor may "OpenSSL" appear in their names without prior written
29	* permission of the OpenSSL Project.
30	*
31	* 6. Redistributions of any form whatsoever must retain the following
32	* acknowledgment:
33	* "This product includes software developed by the OpenSSL Project
34	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35	*
36	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47	* OF THE POSSIBILITY OF SUCH DAMAGE.
48	* ====================================================================
49	*/
50
51	#include <stdio.h>
52	#include <stdlib.h>
53	#include <string.h>
54	#include <stdint.h>
55	#include <unistd.h>
56	#include <ctype.h>
57
58	#include <openssl/evp.h>
59	#include <openssl/err.h>
60
61	/* This program tests an AEAD against a series of test vectors from a file. The
62	* test vector file consists of key-value lines where the key and value are
63	* separated by a colon and optional whitespace. The keys are listed in
64	* NAMES, below. The values are hex-encoded data.
65	*
66	* After a number of key-value lines, a blank line indicates the end of the
67	* test case.
68	*
69	* For example, here's a valid test case:
70	*
71	* AEAD: chacha20-poly1305
72	* KEY: bcb2639bf989c6251b29bf38d39a9bdce7c55f4b2ac12a39c8a37b5d0a5cc2b5
73	* NONCE: 1e8b4c510f5ca083
74	* IN: 8c8419bc27
75	* AD: 34ab88c265
76	* CT: 1a7c2f33f5
77	* TAG: 2875c659d0f2808de3a40027feff91a4
78	*/
79
80	#define BUF_MAX 1024
81
82	/* These are the different types of line that are found in the input file. */
83	enum {
84	AEAD = 0, /* name of the AEAD algorithm. */
85	KEY, /* hex encoded key. */
86	NONCE, /* hex encoded nonce. */
87	IN, /* hex encoded plaintext. */
88	AD, /* hex encoded additional data. */
89	CT, /* hex encoded ciphertext (not including the
90	* authenticator, which is next. */
91	TAG, /* hex encoded authenticator. */
92	NUM_TYPES
93	};
94
95	static const char NAMES[NUM_TYPES][6] = {
96	"AEAD",
97	"KEY",
98	"NONCE",
99	"IN",
100	"AD",
101	"CT",
102	"TAG",
103	};
104
105	static unsigned char
106	hex_digit(char h)
107	{
108	if (h >= '0' && h <= '9')
109	return h - '0';
110	else if (h >= 'a' && h <= 'f')
111	return h - 'a' + 10;
112	else if (h >= 'A' && h <= 'F')
113	return h - 'A' + 10;
114	else
115	return 16;
116	}
117
118	static int
119	aead_from_name(const EVP_AEAD *aead, const char name)
120	{
121	*aead = NULL;
122
123	if (strcmp(name, "aes-128-gcm") == 0) {
124	#ifndef OPENSSL_NO_AES
125	*aead = EVP_aead_aes_128_gcm();
126	#else
127	fprintf(stderr, "No AES support.\n");
128	#endif
129	} else if (strcmp(name, "aes-256-gcm") == 0) {
130	#ifndef OPENSSL_NO_AES
131	*aead = EVP_aead_aes_256_gcm();
132	#else
133	fprintf(stderr, "No AES support.\n");
134	#endif
135	} else if (strcmp(name, "chacha20-poly1305") == 0) {
136	#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
137	*aead = EVP_aead_chacha20_poly1305();
138	#else
139	fprintf(stderr, "No chacha20-poly1305 support.\n");
140	#endif
141	} else if (strcmp(name, "xchacha20-poly1305") == 0) {
142	#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
143	*aead = EVP_aead_xchacha20_poly1305();
144	#else
145	fprintf(stderr, "No xchacha20-poly1305 support.\n");
146	#endif
147	} else {
148	fprintf(stderr, "Unknown AEAD: %s\n", name);
149	return -1;
150	}
151
152	if (*aead == NULL)
153	return 0;
154
155	return 1;
156	}
157
158	static int
159	run_test_case(const EVP_AEAD* aead, unsigned char bufs[NUM_TYPES][BUF_MAX],
160	const unsigned int lengths[NUM_TYPES], unsigned int line_no)
161	{
162	EVP_AEAD_CTX ctx;
163	unsigned char out[BUF_MAX + EVP_AEAD_MAX_TAG_LENGTH], out2[BUF_MAX];
164	size_t out_len, out_len2;
165
166	if (!EVP_AEAD_CTX_init(&ctx, aead, bufs[KEY], lengths[KEY],
167	lengths[TAG], NULL)) {
168	fprintf(stderr, "Failed to init AEAD on line %u\n", line_no);
169	return 0;
170	}
171
172	if (!EVP_AEAD_CTX_seal(&ctx, out, &out_len, sizeof(out), bufs[NONCE],
173	lengths[NONCE], bufs[IN], lengths[IN], bufs[AD], lengths[AD])) {
174	fprintf(stderr, "Failed to run AEAD on line %u\n", line_no);
175	return 0;
176	}
177
178	if (out_len != lengths[CT] + lengths[TAG]) {
179	fprintf(stderr, "Bad output length on line %u: %zu vs %u\n",
180	line_no, out_len, (unsigned)(lengths[CT] + lengths[TAG]));
181	return 0;
182	}
183
184	if (memcmp(out, bufs[CT], lengths[CT]) != 0) {
185	fprintf(stderr, "Bad output on line %u\n", line_no);
186	return 0;
187	}
188
189	if (memcmp(out + lengths[CT], bufs[TAG], lengths[TAG]) != 0) {
190	fprintf(stderr, "Bad tag on line %u\n", line_no);
191	return 0;
192	}
193
194	if (!EVP_AEAD_CTX_open(&ctx, out2, &out_len2, lengths[IN], bufs[NONCE],
195	lengths[NONCE], out, out_len, bufs[AD], lengths[AD])) {
196	fprintf(stderr, "Failed to decrypt on line %u\n", line_no);
197	return 0;
198	}
199
200	if (out_len2 != lengths[IN]) {
201	fprintf(stderr, "Bad decrypt on line %u: %zu\n",
202	line_no, out_len2);
203	return 0;
204	}
205
206	if (memcmp(out2, bufs[IN], out_len2) != 0) {
207	fprintf(stderr, "Plaintext mismatch on line %u\n", line_no);
208	return 0;
209	}
210
211	out[0] ^= 0x80;
212	if (EVP_AEAD_CTX_open(&ctx, out2, &out_len2, lengths[IN], bufs[NONCE],
213	lengths[NONCE], out, out_len, bufs[AD], lengths[AD])) {
214	fprintf(stderr, "Decrypted bad data on line %u\n", line_no);
215	return 0;
216	}
217
218	EVP_AEAD_CTX_cleanup(&ctx);
219	return 1;
220	}
221
222	int
223	main(int argc, char **argv)
224	{
225	FILE *f;
226	const EVP_AEAD *aead = NULL;
227	unsigned int line_no = 0, num_tests = 0, j;
228
229	unsigned char bufs[NUM_TYPES][BUF_MAX];
230	unsigned int lengths[NUM_TYPES];
231
232	if (argc != 2) {
233	fprintf(stderr, "%s <test file.txt>\n", argv[0]);
234	return 1;
235	}
236
237	f = fopen(argv[1], "r");
238	if (f == NULL) {
239	perror("failed to open input");
240	return 1;
241	}
242
243	for (j = 0; j < NUM_TYPES; j++)
244	lengths[j] = 0;
245
246	for (;;) {
247	char line[4096];
248	unsigned int i, type_len = 0;
249
250	unsigned char *buf = NULL;
251	unsigned int *buf_len = NULL;
252
253	if (!fgets(line, sizeof(line), f))
254	break;
255
256	line_no++;
257	if (line[0] == '#')
258	continue;
259
260	if (line[0] == '\n' \|\| line[0] == 0) {
261	/* Run a test, if possible. */
262	char any_values_set = 0;
263	for (j = 0; j < NUM_TYPES; j++) {
264	if (lengths[j] != 0) {
265	any_values_set = 1;
266	break;
267	}
268	}
269
270	if (!any_values_set)
271	continue;
272
273	switch (aead_from_name(&aead, bufs[AEAD])) {
274	case 0:
275	fprintf(stderr, "Skipping test...\n");
276	continue;
277	case -1:
278	fprintf(stderr, "Aborting...\n");
279	return 4;
280	}
281
282	if (!run_test_case(aead, bufs, lengths, line_no))
283	return 4;
284
285	for (j = 0; j < NUM_TYPES; j++)
286	lengths[j] = 0;
287
288	num_tests++;
289	continue;
290	}
291
292	/* Each line looks like:
293	* TYPE: 0123abc
294	* Where "TYPE" is the type of the data on the line,
295	* e.g. "KEY". */
296	for (i = 0; line[i] != 0 && line[i] != '\n'; i++) {
297	if (line[i] == ':') {
298	type_len = i;
299	break;
300	}
301	}
302	i++;
303
304	if (type_len == 0) {
305	fprintf(stderr, "Parse error on line %u\n", line_no);
306	return 3;
307	}
308
309	/* After the colon, there's optional whitespace. */
310	for (; line[i] != 0 && line[i] != '\n'; i++) {
311	if (line[i] != ' ' && line[i] != '\t')
312	break;
313	}
314
315	line[type_len] = 0;
316	for (j = 0; j < NUM_TYPES; j++) {
317	if (strcmp(line, NAMES[j]) != 0)
318	continue;
319	if (lengths[j] != 0) {
320	fprintf(stderr, "Duplicate value on line %u\n",
321	line_no);
322	return 3;
323	}
324	buf = bufs[j];
325	buf_len = &lengths[j];
326	break;
327	}
328
329	if (buf == NULL) {
330	fprintf(stderr, "Unknown line type on line %u\n",
331	line_no);
332	return 3;
333	}
334
335	if (j == AEAD) {
336	*buf_len = strlcpy(buf, line + i, BUF_MAX);
337	for (j = 0; j < BUF_MAX; j++) {
338	if (buf[j] == '\n')
339	buf[j] = '\0';
340	}
341	continue;
342	}
343
344	for (j = 0; line[i] != 0 && line[i] != '\n'; i++) {
345	unsigned char v, v2;
346	v = hex_digit(line[i++]);
347	if (line[i] == 0 \|\| line[i] == '\n') {
348	fprintf(stderr, "Odd-length hex data on "
349	"line %u\n", line_no);
350	return 3;
351	}
352	v2 = hex_digit(line[i]);
353	if (v > 15 \|\| v2 > 15) {
354	fprintf(stderr, "Invalid hex char on line %u\n",
355	line_no);
356	return 3;
357	}
358	v <<= 4;
359	v \|= v2;
360
361	if (j == BUF_MAX) {
362	fprintf(stderr, "Too much hex data on line %u "
363	"(max is %u bytes)\n",
364	line_no, (unsigned) BUF_MAX);
365	return 3;
366	}
367	buf[j++] = v;
368	buf_len = buf_len + 1;
369	}
370	}
371
372	printf("Completed %u test cases\n", num_tests);
373	printf("PASS\n");
374	fclose(f);
375
376	return 0;
377	}


diff --git a/src/regress/lib/libcrypto/aead/aeadtests.txt b/src/regress/lib/libcrypto/aead/aeadtests.txt deleted file mode 100644 index 4ca47303b2..0000000000 --- a/src/regress/lib/libcrypto/aead/aeadtests.txt +++ /dev/null
@@ -1,86 +0,0 @@
1	# $OpenBSD: aeadtests.txt,v 1.8 2019/01/22 00:59:21 dlg Exp $
2	#
3	# MACsec GCM-AES Test Vectors (bn-randall-test-vectors-0511-v1.pdf)
4	#
5
6	# 2.5.1 65-byte Packet Authentication Using GCM-AES-128
7	AEAD: aes-128-gcm
8	KEY: 013FE00B5F11BE7F866D0CBBC55A7A90
9	NONCE: 7CFDE9F9E33724C68932D612
10	IN:
11	AD: 84C5D513D2AAF6E5BBD2727788E523008932D6127CFDE9F9E33724C608000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F0005
12	CT:
13	TAG: 217867E50C2DAD74C28C3B50ABDF695A
14
15	# 2.5.2 65-byte Packet Authentication Using GCM-AES-256
16	AEAD: aes-256-gcm
17	KEY: 83C093B58DE7FFE1C0DA926AC43FB3609AC1C80FEE1B624497EF942E2F79A823
18	NONCE: 7CFDE9F9E33724C68932D612
19	IN:
20	AD: 84C5D513D2AAF6E5BBD2727788E523008932D6127CFDE9F9E33724C608000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F0005
21	CT:
22	TAG: 6EE160E8FAECA4B36C86B234920CA975
23
24	# 2.8.1 75-byte Packet Encryption Using GCM-AES-128
25	AEAD: aes-128-gcm
26	KEY: 88EE087FD95DA9FBF6725AA9D757B0CD
27	NONCE: 7AE8E2CA4EC500012E58495C
28	IN: 08000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748490008
29	AD: 68F2E77696CE7AE8E2CA4EC588E54D002E58495C
30	CT: C31F53D99E5687F7365119B832D2AAE70741D593F1F9E2AB3455779B078EB8FEACDFEC1F8E3E5277F8180B43361F6512ADB16D2E38548A2C719DBA7228D840
31	TAG: 88F8757ADB8AA788D8F65AD668BE70E7
32
33	# 2.8.2 75-byte Packet Encryption Using GCM-AES-256
34	AEAD: aes-256-gcm
35	KEY: 4C973DBC7364621674F8B5B89E5C15511FCED9216490FB1C1A2CAA0FFE0407E5
36	NONCE: 7AE8E2CA4EC500012E58495C
37	IN: 08000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748490008
38	AD: 68F2E77696CE7AE8E2CA4EC588E54D002E58495C
39	CT: BA8AE31BC506486D6873E4FCE460E7DC57591FF00611F31C3834FE1C04AD80B66803AFCF5B27E6333FA67C99DA47C2F0CED68D531BD741A943CFF7A6713BD0
40	TAG: 2611CD7DAA01D61C5C886DC1A8170107
41
42	# Test vector from RFC7539 2.8.2
43	AEAD: chacha20-poly1305
44	KEY: 808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f
45	NONCE: 070000004041424344454647
46	IN: 4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e
47	AD: 50515253c0c1c2c3c4c5c6c7
48	CT: d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b6116
49	TAG: 1ae10b594f09e26a7e902ecbd0600691
50
51	# Test vector from RFC7539 Appendix A.5
52	AEAD: chacha20-poly1305
53	KEY: 1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0
54	NONCE: 000000000102030405060708
55	IN: 496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67726573732e2fe2809d
56	AD: f33388860000000000004e91
57	CT: 64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c29a6ad5cb4022b02709b
58	TAG: eead9d67890cbb22392336fea1851f38
59
60	# Test vector from RFC7634 Appendix A
61	AEAD: chacha20-poly1305
62	KEY: 808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f
63	NONCE: a0a1a2a31011121314151617
64	IN: 45000054a6f200004001e778c6336405c000020508005b7a3a080000553bec100007362708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363701020204
65	AD: 0102030400000005
66	CT: 24039428b97f417e3c13753a4f05087b67c352e6a7fab1b982d466ef407ae5c614ee8099d52844eb61aa95dfab4c02f72aa71e7c4c4f64c9befe2facc638e8f3cbec163fac469b502773f6fb94e664da9165b82829f641e0
67	TAG: 76aaa8266b7fb0f7b11b369907e1ad43
68
69	# Test vector from RFC7634 Appendix B
70	AEAD: chacha20-poly1305
71	KEY: 808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f
72	NONCE: a0a1a2a31011121314151617
73	IN: 0000000c000040010000000a00
74	AD: c0c1c2c3c4c5c6c7d0d1d2d3d4d5d6d72e202500000000090000004529000029
75	CT: 610394701f8d017f7c12924889
76	TAG: 6b71bfe25236efd7cdc67066906315b2
77
78	# Test vector from draft-arciszewski-xchacha-02
79	AEAD: xchacha20-poly1305
80	KEY: 808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f
81	NONCE: 404142434445464748494a4b4c4d4e4f5051525354555657
82	IN: 4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e
83	AD: 50515253c0c1c2c3c4c5c6c7
84	CT: bd6d179d3e83d43b9576579493c0e939572a1700252bfaccbed2902c21396cbb731c7f1b0b4aa6440bf3a82f4eda7e39ae64c6708c54c216cb96b72e1213b4522f8c9ba40db5d945b11b69b982c1bb9e3f3fac2bc369488f76b2383565d3fff921f9664c97637da9768812f615c68b13b52e
85	TAG: c0875924c1c7987947deafd8780acf49
86