diff options
Diffstat (limited to 'src/regress/lib/libcrypto')
| -rw-r--r-- | src/regress/lib/libcrypto/wycheproof/wycheproof.go | 95 | 
1 files changed, 1 insertions, 94 deletions
| diff --git a/src/regress/lib/libcrypto/wycheproof/wycheproof.go b/src/regress/lib/libcrypto/wycheproof/wycheproof.go index 6aeff9a5c1..5567e02a6c 100644 --- a/src/regress/lib/libcrypto/wycheproof/wycheproof.go +++ b/src/regress/lib/libcrypto/wycheproof/wycheproof.go | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: wycheproof.go,v 1.135 2023/03/01 12:34:12 tb Exp $ */ | 1 | /* $OpenBSD: wycheproof.go,v 1.136 2023/03/08 05:17:33 jsing Exp $ */ | 
| 2 | /* | 2 | /* | 
| 3 | * Copyright (c) 2018 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2018 Joel Sing <jsing@openbsd.org> | 
| 4 | * Copyright (c) 2018,2019,2022 Theo Buehler <tb@openbsd.org> | 4 | * Copyright (c) 2018,2019,2022 Theo Buehler <tb@openbsd.org> | 
| @@ -81,7 +81,6 @@ import ( | |||
| 81 | "encoding/base64" | 81 | "encoding/base64" | 
| 82 | "encoding/hex" | 82 | "encoding/hex" | 
| 83 | "encoding/json" | 83 | "encoding/json" | 
| 84 | "flag" | ||
| 85 | "fmt" | 84 | "fmt" | 
| 86 | "hash" | 85 | "hash" | 
| 87 | "io/ioutil" | 86 | "io/ioutil" | 
| @@ -89,7 +88,6 @@ import ( | |||
| 89 | "os" | 88 | "os" | 
| 90 | "path/filepath" | 89 | "path/filepath" | 
| 91 | "regexp" | 90 | "regexp" | 
| 92 | "sort" | ||
| 93 | "strings" | 91 | "strings" | 
| 94 | "unsafe" | 92 | "unsafe" | 
| 95 | ) | 93 | ) | 
| @@ -557,51 +555,6 @@ var nids = map[string]int{ | |||
| 557 | "SHA-512": C.NID_sha512, | 555 | "SHA-512": C.NID_sha512, | 
| 558 | } | 556 | } | 
| 559 | 557 | ||
| 560 | func gatherAcceptableStatistics(testcase int, comment string, flags []string) { | ||
| 561 | fmt.Printf("AUDIT: Test case %d (%q) %v\n", testcase, comment, flags) | ||
| 562 | |||
| 563 | if comment == "" { | ||
| 564 | acceptableComments["No comment"]++ | ||
| 565 | } else { | ||
| 566 | acceptableComments[comment]++ | ||
| 567 | } | ||
| 568 | |||
| 569 | if len(flags) == 0 { | ||
| 570 | acceptableFlags["NoFlag"]++ | ||
| 571 | } else { | ||
| 572 | for _, flag := range flags { | ||
| 573 | acceptableFlags[flag]++ | ||
| 574 | } | ||
| 575 | } | ||
| 576 | } | ||
| 577 | |||
| 578 | func printAcceptableStatistics() { | ||
| 579 | fmt.Printf("\nComment statistics:\n") | ||
| 580 | |||
| 581 | var comments []string | ||
| 582 | for comment := range acceptableComments { | ||
| 583 | comments = append(comments, comment) | ||
| 584 | } | ||
| 585 | sort.Strings(comments) | ||
| 586 | for _, comment := range comments { | ||
| 587 | prcomment := comment | ||
| 588 | if len(comment) > 45 { | ||
| 589 | prcomment = comment[0:42] + "..." | ||
| 590 | } | ||
| 591 | fmt.Printf("%-45v %5d\n", prcomment, acceptableComments[comment]) | ||
| 592 | } | ||
| 593 | |||
| 594 | fmt.Printf("\nFlag statistics:\n") | ||
| 595 | var flags []string | ||
| 596 | for flag := range acceptableFlags { | ||
| 597 | flags = append(flags, flag) | ||
| 598 | } | ||
| 599 | sort.Strings(flags) | ||
| 600 | for _, flag := range flags { | ||
| 601 | fmt.Printf("%-45v %5d\n", flag, acceptableFlags[flag]) | ||
| 602 | } | ||
| 603 | } | ||
| 604 | |||
| 605 | func nidFromString(ns string) (int, error) { | 558 | func nidFromString(ns string) (int, error) { | 
| 606 | nid, ok := nids[ns] | 559 | nid, ok := nids[ns] | 
| 607 | if ok { | 560 | if ok { | 
| @@ -702,9 +655,6 @@ func checkAesCbcPkcs5(ctx *C.EVP_CIPHER_CTX, doEncrypt int, key []byte, keyLen i | |||
| 702 | success := false | 655 | success := false | 
| 703 | if bytes.Equal(openedMsg, out) == (wt.Result != "invalid") { | 656 | if bytes.Equal(openedMsg, out) == (wt.Result != "invalid") { | 
| 704 | success = true | 657 | success = true | 
| 705 | if acceptableAudit && wt.Result == "acceptable" { | ||
| 706 | gatherAcceptableStatistics(wt.TCID, wt.Comment, wt.Flags) | ||
| 707 | } | ||
| 708 | } else { | 658 | } else { | 
| 709 | fmt.Printf("FAIL: Test case %d (%q) [%v] %v - msg match: %t; want %v\n", | 659 | fmt.Printf("FAIL: Test case %d (%q) [%v] %v - msg match: %t; want %v\n", | 
| 710 | wt.TCID, wt.Comment, action, wt.Flags, bytes.Equal(openedMsg, out), wt.Result) | 660 | wt.TCID, wt.Comment, action, wt.Flags, bytes.Equal(openedMsg, out), wt.Result) | 
| @@ -933,9 +883,6 @@ func checkAesAead(algorithm string, ctx *C.EVP_CIPHER_CTX, doEncrypt int, | |||
| 933 | wt.TCID, wt.Comment, action, wt.Flags, ret, wt.Result) | 883 | wt.TCID, wt.Comment, action, wt.Flags, ret, wt.Result) | 
| 934 | success = false | 884 | success = false | 
| 935 | } | 885 | } | 
| 936 | if acceptableAudit && bytes.Equal(tagOut, tag) && wt.Result == "acceptable" { | ||
| 937 | gatherAcceptableStatistics(wt.TCID, wt.Comment, wt.Flags) | ||
| 938 | } | ||
| 939 | } | 886 | } | 
| 940 | return success | 887 | return success | 
| 941 | } | 888 | } | 
| @@ -1210,9 +1157,6 @@ func checkAeadOpen(ctx *C.EVP_AEAD_CTX, iv []byte, ivLen int, aad []byte, aadLen | |||
| 1210 | 1157 | ||
| 1211 | success := false | 1158 | success := false | 
| 1212 | if bytes.Equal(openedMsg, msg) == (wt.Result != "invalid") { | 1159 | if bytes.Equal(openedMsg, msg) == (wt.Result != "invalid") { | 
| 1213 | if acceptableAudit && wt.Result == "acceptable" { | ||
| 1214 | gatherAcceptableStatistics(wt.TCID, wt.Comment, wt.Flags) | ||
| 1215 | } | ||
| 1216 | success = true | 1160 | success = true | 
| 1217 | } else { | 1161 | } else { | 
| 1218 | fmt.Printf("FAIL: Test case %d (%q) %v - msg match: %t; want %v\n", | 1162 | fmt.Printf("FAIL: Test case %d (%q) %v - msg match: %t; want %v\n", | 
| @@ -1256,9 +1200,6 @@ func checkAeadSeal(ctx *C.EVP_AEAD_CTX, iv []byte, ivLen int, aad []byte, aadLen | |||
| 1256 | 1200 | ||
| 1257 | success := false | 1201 | success := false | 
| 1258 | if (bytes.Equal(sealedCt, ct) && bytes.Equal(sealedTag, tag)) == (wt.Result != "invalid") { | 1202 | if (bytes.Equal(sealedCt, ct) && bytes.Equal(sealedTag, tag)) == (wt.Result != "invalid") { | 
| 1259 | if acceptableAudit && wt.Result == "acceptable" { | ||
| 1260 | gatherAcceptableStatistics(wt.TCID, wt.Comment, wt.Flags) | ||
| 1261 | } | ||
| 1262 | success = true | 1203 | success = true | 
| 1263 | } else { | 1204 | } else { | 
| 1264 | fmt.Printf("FAIL: Test case %d (%q) %v - EVP_AEAD_CTX_seal() = %d, ct match: %t, tag match: %t; want %v\n", | 1205 | fmt.Printf("FAIL: Test case %d (%q) %v - EVP_AEAD_CTX_seal() = %d, ct match: %t, tag match: %t; want %v\n", | 
| @@ -1653,9 +1594,6 @@ func runECDHTest(nid int, variant testVariant, wt *wycheproofTestECDH) bool { | |||
| 1653 | wt.TCID, wt.Comment, wt.Flags, wt.Result) | 1594 | wt.TCID, wt.Comment, wt.Flags, wt.Result) | 
| 1654 | success = false | 1595 | success = false | 
| 1655 | } | 1596 | } | 
| 1656 | if acceptableAudit && success && wt.Result == "acceptable" { | ||
| 1657 | gatherAcceptableStatistics(wt.TCID, wt.Comment, wt.Flags) | ||
| 1658 | } | ||
| 1659 | return success | 1597 | return success | 
| 1660 | } | 1598 | } | 
| 1661 | 1599 | ||
| @@ -1773,9 +1711,6 @@ func runECDHWebCryptoTest(nid int, wt *wycheproofTestECDHWebCrypto) bool { | |||
| 1773 | wt.TCID, wt.Comment, wt.Flags, wt.Result) | 1711 | wt.TCID, wt.Comment, wt.Flags, wt.Result) | 
| 1774 | success = false | 1712 | success = false | 
| 1775 | } | 1713 | } | 
| 1776 | if acceptableAudit && success && wt.Result == "acceptable" { | ||
| 1777 | gatherAcceptableStatistics(wt.TCID, wt.Comment, wt.Flags) | ||
| 1778 | } | ||
| 1779 | return success | 1714 | return success | 
| 1780 | } | 1715 | } | 
| 1781 | 1716 | ||
| @@ -1844,9 +1779,6 @@ func runECDSATest(ecKey *C.EC_KEY, nid int, h hash.Hash, variant testVariant, wt | |||
| 1844 | wt.TCID, wt.Comment, wt.Flags, int(ret), wt.Result) | 1779 | wt.TCID, wt.Comment, wt.Flags, int(ret), wt.Result) | 
| 1845 | success = false | 1780 | success = false | 
| 1846 | } | 1781 | } | 
| 1847 | if acceptableAudit && ret == 1 && wt.Result == "acceptable" { | ||
| 1848 | gatherAcceptableStatistics(wt.TCID, wt.Comment, wt.Flags) | ||
| 1849 | } | ||
| 1850 | return success | 1782 | return success | 
| 1851 | } | 1783 | } | 
| 1852 | 1784 | ||
| @@ -2259,9 +2191,6 @@ func runKWTestWrap(keySize int, key []byte, keyLen int, msg []byte, msgLen int, | |||
| 2259 | ret = C.AES_wrap_key((*C.AES_KEY)(unsafe.Pointer(&aesKey)), nil, (*C.uchar)(unsafe.Pointer(&out[0])), (*C.uchar)(unsafe.Pointer(&out[0])), (C.uint)(msgLen)) | 2191 | ret = C.AES_wrap_key((*C.AES_KEY)(unsafe.Pointer(&aesKey)), nil, (*C.uchar)(unsafe.Pointer(&out[0])), (*C.uchar)(unsafe.Pointer(&out[0])), (C.uint)(msgLen)) | 
| 2260 | success := false | 2192 | success := false | 
| 2261 | if ret == C.int(len(out)) && bytes.Equal(out, ct) { | 2193 | if ret == C.int(len(out)) && bytes.Equal(out, ct) { | 
| 2262 | if acceptableAudit && wt.Result == "acceptable" { | ||
| 2263 | gatherAcceptableStatistics(wt.TCID, wt.Comment, wt.Flags) | ||
| 2264 | } | ||
| 2265 | if wt.Result != "invalid" { | 2194 | if wt.Result != "invalid" { | 
| 2266 | success = true | 2195 | success = true | 
| 2267 | } | 2196 | } | 
| @@ -2293,9 +2222,6 @@ func runKWTestUnWrap(keySize int, key []byte, keyLen int, msg []byte, msgLen int | |||
| 2293 | ret = C.AES_unwrap_key((*C.AES_KEY)(unsafe.Pointer(&aesKey)), nil, (*C.uchar)(unsafe.Pointer(&out[0])), (*C.uchar)(unsafe.Pointer(&out[0])), (C.uint)(ctLen)) | 2222 | ret = C.AES_unwrap_key((*C.AES_KEY)(unsafe.Pointer(&aesKey)), nil, (*C.uchar)(unsafe.Pointer(&out[0])), (*C.uchar)(unsafe.Pointer(&out[0])), (C.uint)(ctLen)) | 
| 2294 | success := false | 2223 | success := false | 
| 2295 | if ret == C.int(ctLen-8) && bytes.Equal(out[0:ret], msg[0:ret]) { | 2224 | if ret == C.int(ctLen-8) && bytes.Equal(out[0:ret], msg[0:ret]) { | 
| 2296 | if acceptableAudit && wt.Result == "acceptable" { | ||
| 2297 | gatherAcceptableStatistics(wt.TCID, wt.Comment, wt.Flags) | ||
| 2298 | } | ||
| 2299 | if wt.Result != "invalid" { | 2225 | if wt.Result != "invalid" { | 
| 2300 | success = true | 2226 | success = true | 
| 2301 | } | 2227 | } | 
| @@ -2642,9 +2568,6 @@ func runRsassaTest(rsa *C.RSA, h hash.Hash, sha *C.EVP_MD, mgfSha *C.EVP_MD, sLe | |||
| 2642 | if ret == 1 && (wt.Result == "valid" || wt.Result == "acceptable") { | 2568 | if ret == 1 && (wt.Result == "valid" || wt.Result == "acceptable") { | 
| 2643 | // All acceptable cases that pass use SHA-1 and are flagged: | 2569 | // All acceptable cases that pass use SHA-1 and are flagged: | 
| 2644 | // "WeakHash" : "The key for this test vector uses a weak hash function." | 2570 | // "WeakHash" : "The key for this test vector uses a weak hash function." | 
| 2645 | if acceptableAudit && wt.Result == "acceptable" { | ||
| 2646 | gatherAcceptableStatistics(wt.TCID, wt.Comment, wt.Flags) | ||
| 2647 | } | ||
| 2648 | success = true | 2571 | success = true | 
| 2649 | } else if ret == 0 && (wt.Result == "invalid" || wt.Result == "acceptable") { | 2572 | } else if ret == 0 && (wt.Result == "invalid" || wt.Result == "acceptable") { | 
| 2650 | success = true | 2573 | success = true | 
| @@ -2743,9 +2666,6 @@ func runRSATest(rsa *C.RSA, nid int, h hash.Hash, wt *wycheproofTestRSA) bool { | |||
| 2743 | wt.TCID, wt.Comment, wt.Flags, int(ret), wt.Result) | 2666 | wt.TCID, wt.Comment, wt.Flags, int(ret), wt.Result) | 
| 2744 | success = false | 2667 | success = false | 
| 2745 | } | 2668 | } | 
| 2746 | if acceptableAudit && ret == 1 && wt.Result == "acceptable" { | ||
| 2747 | gatherAcceptableStatistics(wt.TCID, wt.Comment, wt.Flags) | ||
| 2748 | } | ||
| 2749 | return success | 2669 | return success | 
| 2750 | } | 2670 | } | 
| 2751 | 2671 | ||
| @@ -2829,9 +2749,6 @@ func runX25519Test(wt *wycheproofTestX25519) bool { | |||
| 2829 | wt.TCID, wt.Comment, wt.Flags, wt.Result) | 2749 | wt.TCID, wt.Comment, wt.Flags, wt.Result) | 
| 2830 | success = false | 2750 | success = false | 
| 2831 | } | 2751 | } | 
| 2832 | if acceptableAudit && result && wt.Result == "acceptable" { | ||
| 2833 | gatherAcceptableStatistics(wt.TCID, wt.Comment, wt.Flags) | ||
| 2834 | } | ||
| 2835 | return success | 2752 | return success | 
| 2836 | } | 2753 | } | 
| 2837 | 2754 | ||
| @@ -3018,12 +2935,6 @@ func main() { | |||
| 3018 | os.Exit(0) | 2935 | os.Exit(0) | 
| 3019 | } | 2936 | } | 
| 3020 | 2937 | ||
| 3021 | flag.BoolVar(&acceptableAudit, "v", false, "audit acceptable cases") | ||
| 3022 | flag.Parse() | ||
| 3023 | |||
| 3024 | acceptableComments = make(map[string]int) | ||
| 3025 | acceptableFlags = make(map[string]int) | ||
| 3026 | |||
| 3027 | tests := []struct { | 2938 | tests := []struct { | 
| 3028 | name string | 2939 | name string | 
| 3029 | pattern string | 2940 | pattern string | 
| @@ -3080,10 +2991,6 @@ func main() { | |||
| 3080 | } | 2991 | } | 
| 3081 | } | 2992 | } | 
| 3082 | 2993 | ||
| 3083 | if acceptableAudit { | ||
| 3084 | printAcceptableStatistics() | ||
| 3085 | } | ||
| 3086 | |||
| 3087 | if !success { | 2994 | if !success { | 
| 3088 | os.Exit(1) | 2995 | os.Exit(1) | 
| 3089 | } | 2996 | } | 
