diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/regress/lib/libcrypto/wycheproof/wycheproof.go | 94 |
1 files changed, 59 insertions, 35 deletions
diff --git a/src/regress/lib/libcrypto/wycheproof/wycheproof.go b/src/regress/lib/libcrypto/wycheproof/wycheproof.go index 086d583e47..e7d8140cd6 100644 --- a/src/regress/lib/libcrypto/wycheproof/wycheproof.go +++ b/src/regress/lib/libcrypto/wycheproof/wycheproof.go | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: wycheproof.go,v 1.2 2018/08/10 16:12:19 jsing Exp $ */ | 1 | /* $OpenBSD: wycheproof.go,v 1.3 2018/08/10 16:14:40 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2018 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -44,7 +44,7 @@ import ( | |||
| 44 | 44 | ||
| 45 | const testVectorPath = "/usr/local/share/wycheproof/testvectors" | 45 | const testVectorPath = "/usr/local/share/wycheproof/testvectors" |
| 46 | 46 | ||
| 47 | type wycheproofTest struct { | 47 | type wycheproofTestRSA struct { |
| 48 | TCID int `json:"tcId"` | 48 | TCID int `json:"tcId"` |
| 49 | Comment string `json:"comment"` | 49 | Comment string `json:"comment"` |
| 50 | Msg string `json:"msg"` | 50 | Msg string `json:"msg"` |
| @@ -54,7 +54,7 @@ type wycheproofTest struct { | |||
| 54 | Flags []string `json:"flags"` | 54 | Flags []string `json:"flags"` |
| 55 | } | 55 | } |
| 56 | 56 | ||
| 57 | type wycheproofTestGroup struct { | 57 | type wycheproofTestGroupRSA struct { |
| 58 | E string `json:"e"` | 58 | E string `json:"e"` |
| 59 | KeyASN string `json:"keyAsn"` | 59 | KeyASN string `json:"keyAsn"` |
| 60 | KeyDER string `json:"keyDer"` | 60 | KeyDER string `json:"keyDer"` |
| @@ -63,7 +63,7 @@ type wycheproofTestGroup struct { | |||
| 63 | N string `json:"n"` | 63 | N string `json:"n"` |
| 64 | SHA string `json:"sha"` | 64 | SHA string `json:"sha"` |
| 65 | Type string `json:"type"` | 65 | Type string `json:"type"` |
| 66 | Tests []*wycheproofTest `json:"tests"` | 66 | Tests []*wycheproofTestRSA `json:"tests"` |
| 67 | } | 67 | } |
| 68 | 68 | ||
| 69 | type wycheproofTestVectors struct { | 69 | type wycheproofTestVectors struct { |
| @@ -72,7 +72,7 @@ type wycheproofTestVectors struct { | |||
| 72 | Notes map[string]string `json:"notes"` | 72 | Notes map[string]string `json:"notes"` |
| 73 | NumberOfTests int `json:"numberOfTests"` | 73 | NumberOfTests int `json:"numberOfTests"` |
| 74 | // Header | 74 | // Header |
| 75 | TestGroups []*wycheproofTestGroup `json:"testGroups"` | 75 | TestGroups []json.RawMessage `json:"testGroups"` |
| 76 | } | 76 | } |
| 77 | 77 | ||
| 78 | var nids = map[string]int{ | 78 | var nids = map[string]int{ |
| @@ -108,7 +108,7 @@ func hashFromString(hs string) (hash.Hash, error) { | |||
| 108 | } | 108 | } |
| 109 | } | 109 | } |
| 110 | 110 | ||
| 111 | func runRSATest(rsa *C.RSA, nid int, h hash.Hash, wt *wycheproofTest) bool { | 111 | func runRSATest(rsa *C.RSA, nid int, h hash.Hash, wt *wycheproofTestRSA) bool { |
| 112 | msg, err := hex.DecodeString(wt.Msg) | 112 | msg, err := hex.DecodeString(wt.Msg) |
| 113 | if err != nil { | 113 | if err != nil { |
| 114 | log.Fatalf("Failed to decode message %q: %v", wt.Msg, err) | 114 | log.Fatalf("Failed to decode message %q: %v", wt.Msg, err) |
| @@ -135,15 +135,15 @@ func runRSATest(rsa *C.RSA, nid int, h hash.Hash, wt *wycheproofTest) bool { | |||
| 135 | (*C.uchar)(unsafe.Pointer(&sig[0])), C.uint(sigLen), rsa) | 135 | (*C.uchar)(unsafe.Pointer(&sig[0])), C.uint(sigLen), rsa) |
| 136 | 136 | ||
| 137 | // XXX audit acceptable cases... | 137 | // XXX audit acceptable cases... |
| 138 | succeeded := true | 138 | success := true |
| 139 | if (ret == 1) != (wt.Result == "valid") && wt.Result != "acceptable" { | 139 | if (ret == 1) != (wt.Result == "valid") && wt.Result != "acceptable" { |
| 140 | fmt.Printf("FAIL: Test case %d - RSA_verify() = %d, want %v\n", wt.TCID, int(ret), wt.Result) | 140 | fmt.Printf("FAIL: Test case %d (%q) - RSA_verify() = %d, want %v\n", wt.TCID, wt.Comment, int(ret), wt.Result) |
| 141 | succeeded = false | 141 | success = false |
| 142 | } | 142 | } |
| 143 | return succeeded | 143 | return success |
| 144 | } | 144 | } |
| 145 | 145 | ||
| 146 | func runRSATestGroup(wtg *wycheproofTestGroup) bool { | 146 | func runRSATestGroup(wtg *wycheproofTestGroupRSA) bool { |
| 147 | fmt.Printf("Running RSA test group %v with key size %d and %v...\n", wtg.Type, wtg.KeySize, wtg.SHA) | 147 | fmt.Printf("Running RSA test group %v with key size %d and %v...\n", wtg.Type, wtg.KeySize, wtg.SHA) |
| 148 | 148 | ||
| 149 | rsa := C.RSA_new() | 149 | rsa := C.RSA_new() |
| @@ -154,13 +154,13 @@ func runRSATestGroup(wtg *wycheproofTestGroup) bool { | |||
| 154 | 154 | ||
| 155 | e := C.CString(wtg.E) | 155 | e := C.CString(wtg.E) |
| 156 | if C.BN_hex2bn(&rsa.e, e) == 0 { | 156 | if C.BN_hex2bn(&rsa.e, e) == 0 { |
| 157 | log.Fatalf("Failed to set RSA e") | 157 | log.Fatal("Failed to set RSA e") |
| 158 | } | 158 | } |
| 159 | C.free(unsafe.Pointer(e)) | 159 | C.free(unsafe.Pointer(e)) |
| 160 | 160 | ||
| 161 | n := C.CString(wtg.N) | 161 | n := C.CString(wtg.N) |
| 162 | if C.BN_hex2bn(&rsa.n, n) == 0 { | 162 | if C.BN_hex2bn(&rsa.n, n) == 0 { |
| 163 | log.Fatalf("Failed to set RSA n") | 163 | log.Fatal("Failed to set RSA n") |
| 164 | } | 164 | } |
| 165 | C.free(unsafe.Pointer(n)) | 165 | C.free(unsafe.Pointer(n)) |
| 166 | 166 | ||
| @@ -173,16 +173,16 @@ func runRSATestGroup(wtg *wycheproofTestGroup) bool { | |||
| 173 | log.Fatalf("Failed to get hash: %v", err) | 173 | log.Fatalf("Failed to get hash: %v", err) |
| 174 | } | 174 | } |
| 175 | 175 | ||
| 176 | succeeded := true | 176 | success := true |
| 177 | for _, wt := range wtg.Tests { | 177 | for _, wt := range wtg.Tests { |
| 178 | if !runRSATest(rsa, nid, h, wt) { | 178 | if !runRSATest(rsa, nid, h, wt) { |
| 179 | succeeded = false | 179 | success = false |
| 180 | } | 180 | } |
| 181 | } | 181 | } |
| 182 | return succeeded | 182 | return success |
| 183 | } | 183 | } |
| 184 | 184 | ||
| 185 | func runRSATestVectors(path string) bool { | 185 | func runTestVectors(path string) bool { |
| 186 | b, err := ioutil.ReadFile(path) | 186 | b, err := ioutil.ReadFile(path) |
| 187 | if err != nil { | 187 | if err != nil { |
| 188 | log.Fatalf("Failed to read test vectors: %v", err) | 188 | log.Fatalf("Failed to read test vectors: %v", err) |
| @@ -191,15 +191,31 @@ func runRSATestVectors(path string) bool { | |||
| 191 | if err := json.Unmarshal(b, wtv); err != nil { | 191 | if err := json.Unmarshal(b, wtv); err != nil { |
| 192 | log.Fatalf("Failed to unmarshal JSON: %v", err) | 192 | log.Fatalf("Failed to unmarshal JSON: %v", err) |
| 193 | } | 193 | } |
| 194 | fmt.Printf("Loaded Wycheproof test vectors for %v with %d tests\n", wtv.Algorithm, wtv.NumberOfTests) | 194 | fmt.Printf("Loaded Wycheproof test vectors for %v with %d tests from %q\n", wtv.Algorithm, wtv.NumberOfTests, filepath.Base(path)) |
| 195 | 195 | ||
| 196 | succeeded := true | 196 | var wtg interface{} |
| 197 | for _, wtg := range wtv.TestGroups { | 197 | switch wtv.Algorithm { |
| 198 | if !runRSATestGroup(wtg) { | 198 | case "RSASig": |
| 199 | succeeded = false | 199 | wtg = &wycheproofTestGroupRSA{} |
| 200 | default: | ||
| 201 | log.Fatalf("Unknown test vector algorithm %q", wtv.Algorithm) | ||
| 202 | } | ||
| 203 | |||
| 204 | success := true | ||
| 205 | for _, tg := range wtv.TestGroups { | ||
| 206 | if err := json.Unmarshal(tg, wtg); err != nil { | ||
| 207 | log.Fatalf("Failed to unmarshal test groups JSON: %v", err) | ||
| 208 | } | ||
| 209 | switch wtv.Algorithm { | ||
| 210 | case "RSASig": | ||
| 211 | if !runRSATestGroup(wtg.(*wycheproofTestGroupRSA)) { | ||
| 212 | success = false | ||
| 213 | } | ||
| 214 | default: | ||
| 215 | log.Fatalf("Unknown test vector algorithm %q", wtv.Algorithm) | ||
| 200 | } | 216 | } |
| 201 | } | 217 | } |
| 202 | return succeeded | 218 | return success |
| 203 | } | 219 | } |
| 204 | 220 | ||
| 205 | func main() { | 221 | func main() { |
| @@ -209,24 +225,32 @@ func main() { | |||
| 209 | os.Exit(0) | 225 | os.Exit(0) |
| 210 | } | 226 | } |
| 211 | 227 | ||
| 212 | tvs, err := filepath.Glob(filepath.Join(testVectorPath, "*.json")) | 228 | // TODO: AES, Chacha20Poly1305, DSA, ECDH, ECDSA, X25519 |
| 213 | if err != nil || len(tvs) == 0 { | 229 | tests := []struct{ |
| 214 | log.Fatalf("Failed to find test vectors at %q\n", testVectorPath) | 230 | name string |
| 231 | pattern string | ||
| 232 | }{ | ||
| 233 | {"RSA signature", "rsa_signature_*test.json"}, | ||
| 215 | } | 234 | } |
| 216 | 235 | ||
| 217 | succeeded := true | 236 | success := true |
| 218 | 237 | ||
| 219 | tvs, err = filepath.Glob(filepath.Join(testVectorPath, "rsa_signature_*test.json")) | 238 | for _, test := range tests { |
| 220 | if err != nil { | 239 | tvs, err := filepath.Glob(filepath.Join(testVectorPath, test.pattern)) |
| 221 | log.Fatalf("Failed to find RSA test vectors: %v", err) | 240 | if err != nil { |
| 222 | } | 241 | log.Fatalf("Failed to glob %v test vectors: %v", test.name, err) |
| 223 | for _, tv := range tvs { | 242 | } |
| 224 | if !runRSATestVectors(tv) { | 243 | if len(tvs) == 0 { |
| 225 | succeeded = false | 244 | log.Fatalf("Failed to find %v test vectors at %q\n", test.name, testVectorPath) |
| 245 | } | ||
| 246 | for _, tv := range tvs { | ||
| 247 | if !runTestVectors(tv) { | ||
| 248 | success = false | ||
| 249 | } | ||
| 226 | } | 250 | } |
| 227 | } | 251 | } |
| 228 | 252 | ||
| 229 | if !succeeded { | 253 | if !success { |
| 230 | os.Exit(1) | 254 | os.Exit(1) |
| 231 | } | 255 | } |
| 232 | } | 256 | } |