1 files changed, 76 insertions, 48 deletions
diff --git a/src/regress/lib/libcrypto/wycheproof/wycheproof.go b/src/regress/lib/libcrypto/wycheproof/wycheproof.go
index 137892f9d3..a981cb975e 100644
--- a/src/regress/lib/libcrypto/wycheproof/wycheproof.go
+++ b/src/regress/lib/libcrypto/wycheproof/wycheproof.go
@@ -1,4 +1,4 @@
-/* $OpenBSD: wycheproof.go,v 1.11 2018/08/20 21:18:03 tb Exp $ */
+/* $OpenBSD: wycheproof.go,v 1.12 2018/08/21 16:23:21 tb Exp $ */
 /*
 * Copyright (c) 2018 Joel Sing <jsing@openbsd.org>
 *
@@ -191,6 +191,77 @@ func hashFromString(hs string) (hash.Hash, error) {
        }
 }
+func checkChaCha20Poly1305Open(ctx *C.EVP_AEAD_CTX, iv []byte, ivLen int, aad []byte, aadLen int, msg []byte, msgLen int, ct []byte, ctLen int, tag []byte, tagLen int, wt *wycheproofTestChaCha20Poly1305) bool {
+        maxOutLen := ctLen + tagLen
+        opened := make([]byte, maxOutLen)
+        var openedMsgLen C.size_t
+        catCtTag := append(ct, tag...)
+        openRet := C.EVP_AEAD_CTX_open(ctx, (*C.uint8_t)(unsafe.Pointer(&opened[0])), (*C.size_t)(unsafe.Pointer(&openedMsgLen)), C.size_t(maxOutLen), (*C.uint8_t)(unsafe.Pointer(&iv[0])), C.size_t(ivLen), (*C.uint8_t)(unsafe.Pointer(&catCtTag[0])), C.size_t(len(catCtTag)), (*C.uint8_t)(unsafe.Pointer(&aad[0])), C.size_t(aadLen))
+        if openRet != 1 {
+                if wt.Result == "invalid" {
+                        return true
+                }
+                fmt.Printf("FAIL: Test case %d (%q) - EVP_AEAD_CTX_open() = %d, want %v\n", wt.TCID, wt.Comment, int(openRet), wt.Result)
+                return wt.Result == "invalid"
+        }
+        if (openedMsgLen != C.size_t(msgLen)) {
+                fmt.Printf("FAIL: Test case %d (%q) - open length mismatch: got %d, want %d\n", wt.TCID, wt.Comment, openedMsgLen, msgLen)
+                return false
+        }
+        
+        openedMsg := opened[0:openedMsgLen]
+        if (msgLen == 0) {
+                msg = nil
+        }
+        success := false
+        if (bytes.Equal(openedMsg, msg)) || wt.Result == "invalid" {
+                success = true
+        } else {
+                fmt.Printf("FAIL: Test case %d (%q) - EVP_AEAD_CTX_open() = %d, msg match: %t; want %v\n", wt.TCID, wt.Comment, int(openRet), bytes.Equal(openedMsg, msg), wt.Result)
+        }
+        return success
+}
+func checkChaCha20Poly1305Seal(ctx *C.EVP_AEAD_CTX, iv []byte, ivLen int, aad []byte, aadLen int, msg []byte, msgLen int, ct []byte, ctLen int, tag []byte, tagLen int, wt *wycheproofTestChaCha20Poly1305) bool {
+        maxOutLen := msgLen + tagLen
+        sealed := make([]byte, maxOutLen)
+        var sealedLen C.size_t
+        sealRet := C.EVP_AEAD_CTX_seal(ctx, (*C.uint8_t)(unsafe.Pointer(&sealed[0])), (*C.size_t)(unsafe.Pointer(&sealedLen)), C.size_t(maxOutLen), (*C.uint8_t)(unsafe.Pointer(&iv[0])), C.size_t(ivLen), (*C.uint8_t)(unsafe.Pointer(&msg[0])), C.size_t(msgLen), (*C.uint8_t)(unsafe.Pointer(&aad[0])), C.size_t(aadLen))
+        if sealRet != 1 {
+                if wt.Result == "invalid" {
+                        fmt.Printf("INFO: ")
+                } else {
+                        fmt.Printf("FAIL: ")
+                }
+                fmt.Printf("Test case %d (%q) - EVP_AEAD_CTX_seal() = %d, want %v\n", wt.TCID, wt.Comment, int(sealRet), wt.Result)
+                return wt.Result == "invalid"
+        }
+        if (sealedLen != C.size_t(maxOutLen)) {
+                fmt.Printf("FAIL: Test case %d (%q) - seal length mismatch: got %d, want %d\n", wt.TCID, wt.Comment, sealedLen, maxOutLen)
+                return false
+        }
+        sealedCt := sealed[0:msgLen]
+        sealedTag := sealed[msgLen: maxOutLen]
+        success := false
+        if (bytes.Equal(sealedCt, ct) && bytes.Equal(sealedTag, tag)) || wt.Result == "invalid" {
+                success = true
+        } else {
+                fmt.Printf("FAIL: Test case %d (%q) - EVP_AEAD_CTX_seal() = %d, ct match: %t, tag match: %t; want %v\n", wt.TCID, wt.Comment, int(sealRet), bytes.Equal(sealedCt, ct), bytes.Equal(sealedTag, tag), wt.Result)
+        }
+        return success
+}
 func runChaCha20Poly1305Test(iv_len int, key_len int, tag_len int, wt *wycheproofTestChaCha20Poly1305) bool {
        aead := C.EVP_aead_chacha20_poly1305()
        if aead == nil {
@@ -244,59 +315,16 @@ func runChaCha20Poly1305Test(iv_len int, key_len int, tag_len int, wt *wycheproo
                msg = append(msg, 0)
        }
-        maxOutLen := msgLen + tag_len
-        sealed := make([]byte, maxOutLen)
-        var sealedLen C.size_t
-        opened := make([]byte, maxOutLen)
-        var openedLen C.size_t
        var ctx C.EVP_AEAD_CTX
        if C.EVP_AEAD_CTX_init((*C.EVP_AEAD_CTX)(unsafe.Pointer(&ctx)), aead, (*C.uchar)(unsafe.Pointer(&key[0])), C.size_t(key_len), C.size_t(tag_len), nil) != 1 {
                log.Fatalf("Failed to initialize AEAD context")
        }
+        defer C.EVP_AEAD_CTX_cleanup((*C.EVP_AEAD_CTX)(unsafe.Pointer(&ctx)))
-        sealRet := C.EVP_AEAD_CTX_seal((*C.EVP_AEAD_CTX)(unsafe.Pointer(&ctx)), (*C.uint8_t)(unsafe.Pointer(&sealed[0])), (*C.size_t)(unsafe.Pointer(&sealedLen)), C.size_t(maxOutLen), (*C.uint8_t)(unsafe.Pointer(&iv[0])), C.size_t(ivLen), (*C.uint8_t)(unsafe.Pointer(&msg[0])), C.size_t(msgLen), (*C.uint8_t)(unsafe.Pointer(&aad[0])), C.size_t(aadLen))
+        openSuccess := checkChaCha20Poly1305Open((*C.EVP_AEAD_CTX)(unsafe.Pointer(&ctx)), iv, ivLen, aad, aadLen, msg, msgLen, ct, ctLen, tag, tagLen, wt)
+        sealSuccess := checkChaCha20Poly1305Seal((*C.EVP_AEAD_CTX)(unsafe.Pointer(&ctx)), iv, ivLen, aad, aadLen, msg, msgLen, ct, ctLen, tag, tagLen, wt)
-        concat := append(ct, tag...)
-        openRet := C.EVP_AEAD_CTX_open((*C.EVP_AEAD_CTX)(unsafe.Pointer(&ctx)), (*C.uint8_t)(unsafe.Pointer(&opened[0])), (*C.size_t)(unsafe.Pointer(&openedLen)), C.size_t(maxOutLen), (*C.uint8_t)(unsafe.Pointer(&iv[0])), C.size_t(ivLen), (*C.uint8_t)(unsafe.Pointer(&concat[0])), C.size_t(maxOutLen), (*C.uint8_t)(unsafe.Pointer(&aad[0])), C.size_t(aadLen))
-        C.EVP_AEAD_CTX_cleanup((*C.EVP_AEAD_CTX)(unsafe.Pointer(&ctx)))
-        if sealRet != 1 && wt.Result == "invalid" {
-                fmt.Printf("INFO: Test case %d (%q) - EVP_AEAD_CTX_seal() = %d, EVP_AEAD_CTX_open() = %d, want %v\n", wt.TCID, wt.Comment, int(sealRet), int(openRet), wt.Result)
-                return true
-        }
-        if openRet != 1 && wt.Result == "invalid" {
-                return true
-        }
-        if (sealedLen != C.size_t(maxOutLen)) {
-                fmt.Printf("FAIL: Test case %d (%q) - seal length mismatch: got %d, want %d\n", wt.TCID, wt.Comment, sealedLen, maxOutLen)
-                return false
-        }
-        if (openedLen != C.size_t(msgLen)) {
-                fmt.Printf("FAIL: Test case %d (%q) - open length mismatch: got %d, want %d\n", wt.TCID, wt.Comment, openedLen, msgLen)
-                return false
-        }
-        
-        sealedCt := sealed[0:msgLen]
-        sealedTag := sealed[msgLen: maxOutLen]
-        openedMsg := opened[0:openedLen]
+        return openSuccess && sealSuccess
-        if (msgLen == 0) {
-                msg = nil
-        }
-        success := false
-        if (bytes.Equal(sealedCt, ct) && bytes.Equal(sealedTag, tag) && bytes.Equal(openedMsg, msg)) || wt.Result == "invalid" {
-                success = true
-        } else {
-                fmt.Printf("FAIL: Test case %d (%q) - EVP_AEAD_CTX_seal() = %d, ct match: %t, tag match: %t; msg match: %t; want %v\n", wt.TCID, wt.Comment, int(sealRet), bytes.Equal(sealedCt, ct), bytes.Equal(sealedTag, tag), bytes.Equal(openedMsg, msg), wt.Result)
-        }
-        return success
 }
 func runChaCha20Poly1305TestGroup(wtg *wycheproofTestGroupChaCha20Poly1305) bool {

diff --git a/src/regress/lib/libcrypto/wycheproof/wycheproof.go b/src/regress/lib/libcrypto/wycheproof/wycheproof.go index 137892f9d3..a981cb975e 100644 --- a/src/regress/lib/libcrypto/wycheproof/wycheproof.go +++ b/src/regress/lib/libcrypto/wycheproof/wycheproof.go
@@ -1,4 +1,4 @@
1	/* $OpenBSD: wycheproof.go,v 1.11 2018/08/20 21:18:03 tb Exp $ */	1	/* $OpenBSD: wycheproof.go,v 1.12 2018/08/21 16:23:21 tb Exp $ */
2	/*	2	/*
3	* Copyright (c) 2018 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2018 Joel Sing <jsing@openbsd.org>
4	*	4	*
@@ -191,6 +191,77 @@ func hashFromString(hs string) (hash.Hash, error) {
191	}	191	}
192	}	192	}
193		193
		194	func checkChaCha20Poly1305Open(ctx C.EVP_AEAD_CTX, iv []byte, ivLen int, aad []byte, aadLen int, msg []byte, msgLen int, ct []byte, ctLen int, tag []byte, tagLen int, wt wycheproofTestChaCha20Poly1305) bool {
		195	maxOutLen := ctLen + tagLen
		196
		197	opened := make([]byte, maxOutLen)
		198	var openedMsgLen C.size_t
		199
		200	catCtTag := append(ct, tag...)
		201	openRet := C.EVP_AEAD_CTX_open(ctx, (C.uint8_t)(unsafe.Pointer(&opened[0])), (C.size_t)(unsafe.Pointer(&openedMsgLen)), C.size_t(maxOutLen), (C.uint8_t)(unsafe.Pointer(&iv[0])), C.size_t(ivLen), (C.uint8_t)(unsafe.Pointer(&catCtTag[0])), C.size_t(len(catCtTag)), (*C.uint8_t)(unsafe.Pointer(&aad[0])), C.size_t(aadLen))
		202
		203	if openRet != 1 {
		204	if wt.Result == "invalid" {
		205	return true
		206	}
		207	fmt.Printf("FAIL: Test case %d (%q) - EVP_AEAD_CTX_open() = %d, want %v\n", wt.TCID, wt.Comment, int(openRet), wt.Result)
		208	return wt.Result == "invalid"
		209	}
		210
		211	if (openedMsgLen != C.size_t(msgLen)) {
		212	fmt.Printf("FAIL: Test case %d (%q) - open length mismatch: got %d, want %d\n", wt.TCID, wt.Comment, openedMsgLen, msgLen)
		213	return false
		214	}
		215
		216	openedMsg := opened[0:openedMsgLen]
		217	if (msgLen == 0) {
		218	msg = nil
		219	}
		220
		221	success := false
		222	if (bytes.Equal(openedMsg, msg)) \|\| wt.Result == "invalid" {
		223	success = true
		224	} else {
		225	fmt.Printf("FAIL: Test case %d (%q) - EVP_AEAD_CTX_open() = %d, msg match: %t; want %v\n", wt.TCID, wt.Comment, int(openRet), bytes.Equal(openedMsg, msg), wt.Result)
		226	}
		227	return success
		228	}
		229
		230	func checkChaCha20Poly1305Seal(ctx C.EVP_AEAD_CTX, iv []byte, ivLen int, aad []byte, aadLen int, msg []byte, msgLen int, ct []byte, ctLen int, tag []byte, tagLen int, wt wycheproofTestChaCha20Poly1305) bool {
		231	maxOutLen := msgLen + tagLen
		232
		233	sealed := make([]byte, maxOutLen)
		234	var sealedLen C.size_t
		235
		236	sealRet := C.EVP_AEAD_CTX_seal(ctx, (C.uint8_t)(unsafe.Pointer(&sealed[0])), (C.size_t)(unsafe.Pointer(&sealedLen)), C.size_t(maxOutLen), (C.uint8_t)(unsafe.Pointer(&iv[0])), C.size_t(ivLen), (C.uint8_t)(unsafe.Pointer(&msg[0])), C.size_t(msgLen), (*C.uint8_t)(unsafe.Pointer(&aad[0])), C.size_t(aadLen))
		237
		238	if sealRet != 1 {
		239	if wt.Result == "invalid" {
		240	fmt.Printf("INFO: ")
		241	} else {
		242	fmt.Printf("FAIL: ")
		243	}
		244	fmt.Printf("Test case %d (%q) - EVP_AEAD_CTX_seal() = %d, want %v\n", wt.TCID, wt.Comment, int(sealRet), wt.Result)
		245	return wt.Result == "invalid"
		246	}
		247
		248	if (sealedLen != C.size_t(maxOutLen)) {
		249	fmt.Printf("FAIL: Test case %d (%q) - seal length mismatch: got %d, want %d\n", wt.TCID, wt.Comment, sealedLen, maxOutLen)
		250	return false
		251	}
		252
		253	sealedCt := sealed[0:msgLen]
		254	sealedTag := sealed[msgLen: maxOutLen]
		255
		256	success := false
		257	if (bytes.Equal(sealedCt, ct) && bytes.Equal(sealedTag, tag)) \|\| wt.Result == "invalid" {
		258	success = true
		259	} else {
		260	fmt.Printf("FAIL: Test case %d (%q) - EVP_AEAD_CTX_seal() = %d, ct match: %t, tag match: %t; want %v\n", wt.TCID, wt.Comment, int(sealRet), bytes.Equal(sealedCt, ct), bytes.Equal(sealedTag, tag), wt.Result)
		261	}
		262	return success
		263	}
		264
194	func runChaCha20Poly1305Test(iv_len int, key_len int, tag_len int, wt *wycheproofTestChaCha20Poly1305) bool {	265	func runChaCha20Poly1305Test(iv_len int, key_len int, tag_len int, wt *wycheproofTestChaCha20Poly1305) bool {
195	aead := C.EVP_aead_chacha20_poly1305()	266	aead := C.EVP_aead_chacha20_poly1305()
196	if aead == nil {	267	if aead == nil {
@@ -244,59 +315,16 @@ func runChaCha20Poly1305Test(iv_len int, key_len int, tag_len int, wt *wycheproo
244	msg = append(msg, 0)	315	msg = append(msg, 0)
245	}	316	}
246		317
247	maxOutLen := msgLen + tag_len
248
249	sealed := make([]byte, maxOutLen)
250	var sealedLen C.size_t
251
252	opened := make([]byte, maxOutLen)
253	var openedLen C.size_t
254
255	var ctx C.EVP_AEAD_CTX	318	var ctx C.EVP_AEAD_CTX
256	if C.EVP_AEAD_CTX_init((C.EVP_AEAD_CTX)(unsafe.Pointer(&ctx)), aead, (C.uchar)(unsafe.Pointer(&key[0])), C.size_t(key_len), C.size_t(tag_len), nil) != 1 {	319	if C.EVP_AEAD_CTX_init((C.EVP_AEAD_CTX)(unsafe.Pointer(&ctx)), aead, (C.uchar)(unsafe.Pointer(&key[0])), C.size_t(key_len), C.size_t(tag_len), nil) != 1 {
257	log.Fatalf("Failed to initialize AEAD context")	320	log.Fatalf("Failed to initialize AEAD context")
258	}	321	}
		322	defer C.EVP_AEAD_CTX_cleanup((*C.EVP_AEAD_CTX)(unsafe.Pointer(&ctx)))
259		323
260	sealRet := C.EVP_AEAD_CTX_seal((C.EVP_AEAD_CTX)(unsafe.Pointer(&ctx)), (C.uint8_t)(unsafe.Pointer(&sealed[0])), (C.size_t)(unsafe.Pointer(&sealedLen)), C.size_t(maxOutLen), (C.uint8_t)(unsafe.Pointer(&iv[0])), C.size_t(ivLen), (C.uint8_t)(unsafe.Pointer(&msg[0])), C.size_t(msgLen), (C.uint8_t)(unsafe.Pointer(&aad[0])), C.size_t(aadLen))	324	openSuccess := checkChaCha20Poly1305Open((*C.EVP_AEAD_CTX)(unsafe.Pointer(&ctx)), iv, ivLen, aad, aadLen, msg, msgLen, ct, ctLen, tag, tagLen, wt)
261		325	sealSuccess := checkChaCha20Poly1305Seal((*C.EVP_AEAD_CTX)(unsafe.Pointer(&ctx)), iv, ivLen, aad, aadLen, msg, msgLen, ct, ctLen, tag, tagLen, wt)
262	concat := append(ct, tag...)
263	openRet := C.EVP_AEAD_CTX_open((C.EVP_AEAD_CTX)(unsafe.Pointer(&ctx)), (C.uint8_t)(unsafe.Pointer(&opened[0])), (C.size_t)(unsafe.Pointer(&openedLen)), C.size_t(maxOutLen), (C.uint8_t)(unsafe.Pointer(&iv[0])), C.size_t(ivLen), (C.uint8_t)(unsafe.Pointer(&concat[0])), C.size_t(maxOutLen), (C.uint8_t)(unsafe.Pointer(&aad[0])), C.size_t(aadLen))
264
265	C.EVP_AEAD_CTX_cleanup((*C.EVP_AEAD_CTX)(unsafe.Pointer(&ctx)))
266
267	if sealRet != 1 && wt.Result == "invalid" {
268	fmt.Printf("INFO: Test case %d (%q) - EVP_AEAD_CTX_seal() = %d, EVP_AEAD_CTX_open() = %d, want %v\n", wt.TCID, wt.Comment, int(sealRet), int(openRet), wt.Result)
269	return true
270	}
271	if openRet != 1 && wt.Result == "invalid" {
272	return true
273	}
274
275	if (sealedLen != C.size_t(maxOutLen)) {
276	fmt.Printf("FAIL: Test case %d (%q) - seal length mismatch: got %d, want %d\n", wt.TCID, wt.Comment, sealedLen, maxOutLen)
277	return false
278	}
279	if (openedLen != C.size_t(msgLen)) {
280	fmt.Printf("FAIL: Test case %d (%q) - open length mismatch: got %d, want %d\n", wt.TCID, wt.Comment, openedLen, msgLen)
281	return false
282	}
283
284	sealedCt := sealed[0:msgLen]
285	sealedTag := sealed[msgLen: maxOutLen]
286		326
287	openedMsg := opened[0:openedLen]	327	return openSuccess && sealSuccess
288	if (msgLen == 0) {
289	msg = nil
290	}
291
292	success := false
293	if (bytes.Equal(sealedCt, ct) && bytes.Equal(sealedTag, tag) && bytes.Equal(openedMsg, msg)) \|\| wt.Result == "invalid" {
294	success = true
295	} else {
296	fmt.Printf("FAIL: Test case %d (%q) - EVP_AEAD_CTX_seal() = %d, ct match: %t, tag match: %t; msg match: %t; want %v\n", wt.TCID, wt.Comment, int(sealRet), bytes.Equal(sealedCt, ct), bytes.Equal(sealedTag, tag), bytes.Equal(openedMsg, msg), wt.Result)
297	}
298
299	return success
300	}	328	}
301		329
302	func runChaCha20Poly1305TestGroup(wtg *wycheproofTestGroupChaCha20Poly1305) bool {	330	func runChaCha20Poly1305TestGroup(wtg *wycheproofTestGroupChaCha20Poly1305) bool {