1*b077aed3SPierre Pronchery /*
2*b077aed3SPierre Pronchery * Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
3*b077aed3SPierre Pronchery *
4*b077aed3SPierre Pronchery * Licensed under the Apache License 2.0 (the "License"). You may not use
5*b077aed3SPierre Pronchery * this file except in compliance with the License. You can obtain a copy
6*b077aed3SPierre Pronchery * in the file LICENSE in the source distribution or at
7*b077aed3SPierre Pronchery * https://www.openssl.org/source/license.html
8*b077aed3SPierre Pronchery */
9*b077aed3SPierre Pronchery
10*b077aed3SPierre Pronchery #include <string.h>
11*b077aed3SPierre Pronchery #include <openssl/evp.h>
12*b077aed3SPierre Pronchery #include <openssl/kdf.h>
13*b077aed3SPierre Pronchery #include <openssl/core_names.h>
14*b077aed3SPierre Pronchery #include <openssl/param_build.h>
15*b077aed3SPierre Pronchery #include "internal/cryptlib.h"
16*b077aed3SPierre Pronchery #include "internal/nelem.h"
17*b077aed3SPierre Pronchery #include "self_test.h"
18*b077aed3SPierre Pronchery #include "self_test_data.inc"
19*b077aed3SPierre Pronchery
self_test_digest(const ST_KAT_DIGEST * t,OSSL_SELF_TEST * st,OSSL_LIB_CTX * libctx)20*b077aed3SPierre Pronchery static int self_test_digest(const ST_KAT_DIGEST *t, OSSL_SELF_TEST *st,
21*b077aed3SPierre Pronchery OSSL_LIB_CTX *libctx)
22*b077aed3SPierre Pronchery {
23*b077aed3SPierre Pronchery int ok = 0;
24*b077aed3SPierre Pronchery unsigned char out[EVP_MAX_MD_SIZE];
25*b077aed3SPierre Pronchery unsigned int out_len = 0;
26*b077aed3SPierre Pronchery EVP_MD_CTX *ctx = EVP_MD_CTX_new();
27*b077aed3SPierre Pronchery EVP_MD *md = EVP_MD_fetch(libctx, t->algorithm, NULL);
28*b077aed3SPierre Pronchery
29*b077aed3SPierre Pronchery OSSL_SELF_TEST_onbegin(st, OSSL_SELF_TEST_TYPE_KAT_DIGEST, t->desc);
30*b077aed3SPierre Pronchery
31*b077aed3SPierre Pronchery if (ctx == NULL
32*b077aed3SPierre Pronchery || md == NULL
33*b077aed3SPierre Pronchery || !EVP_DigestInit_ex(ctx, md, NULL)
34*b077aed3SPierre Pronchery || !EVP_DigestUpdate(ctx, t->pt, t->pt_len)
35*b077aed3SPierre Pronchery || !EVP_DigestFinal(ctx, out, &out_len))
36*b077aed3SPierre Pronchery goto err;
37*b077aed3SPierre Pronchery
38*b077aed3SPierre Pronchery /* Optional corruption */
39*b077aed3SPierre Pronchery OSSL_SELF_TEST_oncorrupt_byte(st, out);
40*b077aed3SPierre Pronchery
41*b077aed3SPierre Pronchery if (out_len != t->expected_len
42*b077aed3SPierre Pronchery || memcmp(out, t->expected, out_len) != 0)
43*b077aed3SPierre Pronchery goto err;
44*b077aed3SPierre Pronchery ok = 1;
45*b077aed3SPierre Pronchery err:
46*b077aed3SPierre Pronchery EVP_MD_free(md);
47*b077aed3SPierre Pronchery EVP_MD_CTX_free(ctx);
48*b077aed3SPierre Pronchery OSSL_SELF_TEST_onend(st, ok);
49*b077aed3SPierre Pronchery return ok;
50*b077aed3SPierre Pronchery }
51*b077aed3SPierre Pronchery
52*b077aed3SPierre Pronchery /*
53*b077aed3SPierre Pronchery * Helper function to setup a EVP_CipherInit
54*b077aed3SPierre Pronchery * Used to hide the complexity of Authenticated ciphers.
55*b077aed3SPierre Pronchery */
cipher_init(EVP_CIPHER_CTX * ctx,const EVP_CIPHER * cipher,const ST_KAT_CIPHER * t,int enc)56*b077aed3SPierre Pronchery static int cipher_init(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
57*b077aed3SPierre Pronchery const ST_KAT_CIPHER *t, int enc)
58*b077aed3SPierre Pronchery {
59*b077aed3SPierre Pronchery unsigned char *in_tag = NULL;
60*b077aed3SPierre Pronchery int pad = 0, tmp;
61*b077aed3SPierre Pronchery
62*b077aed3SPierre Pronchery /* Flag required for Key wrapping */
63*b077aed3SPierre Pronchery EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
64*b077aed3SPierre Pronchery if (t->tag == NULL) {
65*b077aed3SPierre Pronchery /* Use a normal cipher init */
66*b077aed3SPierre Pronchery return EVP_CipherInit_ex(ctx, cipher, NULL, t->key, t->iv, enc)
67*b077aed3SPierre Pronchery && EVP_CIPHER_CTX_set_padding(ctx, pad);
68*b077aed3SPierre Pronchery }
69*b077aed3SPierre Pronchery
70*b077aed3SPierre Pronchery /* The authenticated cipher init */
71*b077aed3SPierre Pronchery if (!enc)
72*b077aed3SPierre Pronchery in_tag = (unsigned char *)t->tag;
73*b077aed3SPierre Pronchery
74*b077aed3SPierre Pronchery return EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc)
75*b077aed3SPierre Pronchery && (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, t->iv_len, NULL) > 0)
76*b077aed3SPierre Pronchery && (in_tag == NULL
77*b077aed3SPierre Pronchery || EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, t->tag_len,
78*b077aed3SPierre Pronchery in_tag) > 0)
79*b077aed3SPierre Pronchery && EVP_CipherInit_ex(ctx, NULL, NULL, t->key, t->iv, enc)
80*b077aed3SPierre Pronchery && EVP_CIPHER_CTX_set_padding(ctx, pad)
81*b077aed3SPierre Pronchery && EVP_CipherUpdate(ctx, NULL, &tmp, t->aad, t->aad_len);
82*b077aed3SPierre Pronchery }
83*b077aed3SPierre Pronchery
84*b077aed3SPierre Pronchery /* Test a single KAT for encrypt/decrypt */
self_test_cipher(const ST_KAT_CIPHER * t,OSSL_SELF_TEST * st,OSSL_LIB_CTX * libctx)85*b077aed3SPierre Pronchery static int self_test_cipher(const ST_KAT_CIPHER *t, OSSL_SELF_TEST *st,
86*b077aed3SPierre Pronchery OSSL_LIB_CTX *libctx)
87*b077aed3SPierre Pronchery {
88*b077aed3SPierre Pronchery int ret = 0, encrypt = 1, len = 0, ct_len = 0, pt_len = 0;
89*b077aed3SPierre Pronchery EVP_CIPHER_CTX *ctx = NULL;
90*b077aed3SPierre Pronchery EVP_CIPHER *cipher = NULL;
91*b077aed3SPierre Pronchery unsigned char ct_buf[256] = { 0 };
92*b077aed3SPierre Pronchery unsigned char pt_buf[256] = { 0 };
93*b077aed3SPierre Pronchery
94*b077aed3SPierre Pronchery OSSL_SELF_TEST_onbegin(st, OSSL_SELF_TEST_TYPE_KAT_CIPHER, t->base.desc);
95*b077aed3SPierre Pronchery
96*b077aed3SPierre Pronchery ctx = EVP_CIPHER_CTX_new();
97*b077aed3SPierre Pronchery if (ctx == NULL)
98*b077aed3SPierre Pronchery goto err;
99*b077aed3SPierre Pronchery cipher = EVP_CIPHER_fetch(libctx, t->base.algorithm, NULL);
100*b077aed3SPierre Pronchery if (cipher == NULL)
101*b077aed3SPierre Pronchery goto err;
102*b077aed3SPierre Pronchery
103*b077aed3SPierre Pronchery /* Encrypt plain text message */
104*b077aed3SPierre Pronchery if ((t->mode & CIPHER_MODE_ENCRYPT) != 0) {
105*b077aed3SPierre Pronchery if (!cipher_init(ctx, cipher, t, encrypt)
106*b077aed3SPierre Pronchery || !EVP_CipherUpdate(ctx, ct_buf, &len, t->base.pt,
107*b077aed3SPierre Pronchery t->base.pt_len)
108*b077aed3SPierre Pronchery || !EVP_CipherFinal_ex(ctx, ct_buf + len, &ct_len))
109*b077aed3SPierre Pronchery goto err;
110*b077aed3SPierre Pronchery
111*b077aed3SPierre Pronchery OSSL_SELF_TEST_oncorrupt_byte(st, ct_buf);
112*b077aed3SPierre Pronchery ct_len += len;
113*b077aed3SPierre Pronchery if (ct_len != (int)t->base.expected_len
114*b077aed3SPierre Pronchery || memcmp(t->base.expected, ct_buf, ct_len) != 0)
115*b077aed3SPierre Pronchery goto err;
116*b077aed3SPierre Pronchery
117*b077aed3SPierre Pronchery if (t->tag != NULL) {
118*b077aed3SPierre Pronchery unsigned char tag[16] = { 0 };
119*b077aed3SPierre Pronchery
120*b077aed3SPierre Pronchery if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, t->tag_len,
121*b077aed3SPierre Pronchery tag) <= 0
122*b077aed3SPierre Pronchery || memcmp(tag, t->tag, t->tag_len) != 0)
123*b077aed3SPierre Pronchery goto err;
124*b077aed3SPierre Pronchery }
125*b077aed3SPierre Pronchery }
126*b077aed3SPierre Pronchery
127*b077aed3SPierre Pronchery /* Decrypt cipher text */
128*b077aed3SPierre Pronchery if ((t->mode & CIPHER_MODE_DECRYPT) != 0) {
129*b077aed3SPierre Pronchery if (!(cipher_init(ctx, cipher, t, !encrypt)
130*b077aed3SPierre Pronchery && EVP_CipherUpdate(ctx, pt_buf, &len,
131*b077aed3SPierre Pronchery t->base.expected, t->base.expected_len)
132*b077aed3SPierre Pronchery && EVP_CipherFinal_ex(ctx, pt_buf + len, &pt_len)))
133*b077aed3SPierre Pronchery goto err;
134*b077aed3SPierre Pronchery OSSL_SELF_TEST_oncorrupt_byte(st, pt_buf);
135*b077aed3SPierre Pronchery pt_len += len;
136*b077aed3SPierre Pronchery if (pt_len != (int)t->base.pt_len
137*b077aed3SPierre Pronchery || memcmp(pt_buf, t->base.pt, pt_len) != 0)
138*b077aed3SPierre Pronchery goto err;
139*b077aed3SPierre Pronchery }
140*b077aed3SPierre Pronchery
141*b077aed3SPierre Pronchery ret = 1;
142*b077aed3SPierre Pronchery err:
143*b077aed3SPierre Pronchery EVP_CIPHER_free(cipher);
144*b077aed3SPierre Pronchery EVP_CIPHER_CTX_free(ctx);
145*b077aed3SPierre Pronchery OSSL_SELF_TEST_onend(st, ret);
146*b077aed3SPierre Pronchery return ret;
147*b077aed3SPierre Pronchery }
148*b077aed3SPierre Pronchery
add_params(OSSL_PARAM_BLD * bld,const ST_KAT_PARAM * params,BN_CTX * ctx)149*b077aed3SPierre Pronchery static int add_params(OSSL_PARAM_BLD *bld, const ST_KAT_PARAM *params,
150*b077aed3SPierre Pronchery BN_CTX *ctx)
151*b077aed3SPierre Pronchery {
152*b077aed3SPierre Pronchery int ret = 0;
153*b077aed3SPierre Pronchery const ST_KAT_PARAM *p;
154*b077aed3SPierre Pronchery
155*b077aed3SPierre Pronchery if (params == NULL)
156*b077aed3SPierre Pronchery return 1;
157*b077aed3SPierre Pronchery for (p = params; p->data != NULL; ++p)
158*b077aed3SPierre Pronchery {
159*b077aed3SPierre Pronchery switch (p->type) {
160*b077aed3SPierre Pronchery case OSSL_PARAM_UNSIGNED_INTEGER: {
161*b077aed3SPierre Pronchery BIGNUM *bn = BN_CTX_get(ctx);
162*b077aed3SPierre Pronchery
163*b077aed3SPierre Pronchery if (bn == NULL
164*b077aed3SPierre Pronchery || (BN_bin2bn(p->data, p->data_len, bn) == NULL)
165*b077aed3SPierre Pronchery || !OSSL_PARAM_BLD_push_BN(bld, p->name, bn))
166*b077aed3SPierre Pronchery goto err;
167*b077aed3SPierre Pronchery break;
168*b077aed3SPierre Pronchery }
169*b077aed3SPierre Pronchery case OSSL_PARAM_UTF8_STRING: {
170*b077aed3SPierre Pronchery if (!OSSL_PARAM_BLD_push_utf8_string(bld, p->name, p->data,
171*b077aed3SPierre Pronchery p->data_len))
172*b077aed3SPierre Pronchery goto err;
173*b077aed3SPierre Pronchery break;
174*b077aed3SPierre Pronchery }
175*b077aed3SPierre Pronchery case OSSL_PARAM_OCTET_STRING: {
176*b077aed3SPierre Pronchery if (!OSSL_PARAM_BLD_push_octet_string(bld, p->name, p->data,
177*b077aed3SPierre Pronchery p->data_len))
178*b077aed3SPierre Pronchery goto err;
179*b077aed3SPierre Pronchery break;
180*b077aed3SPierre Pronchery }
181*b077aed3SPierre Pronchery case OSSL_PARAM_INTEGER: {
182*b077aed3SPierre Pronchery if (!OSSL_PARAM_BLD_push_int(bld, p->name, *(int *)p->data))
183*b077aed3SPierre Pronchery goto err;
184*b077aed3SPierre Pronchery break;
185*b077aed3SPierre Pronchery }
186*b077aed3SPierre Pronchery default:
187*b077aed3SPierre Pronchery break;
188*b077aed3SPierre Pronchery }
189*b077aed3SPierre Pronchery }
190*b077aed3SPierre Pronchery ret = 1;
191*b077aed3SPierre Pronchery err:
192*b077aed3SPierre Pronchery return ret;
193*b077aed3SPierre Pronchery }
194*b077aed3SPierre Pronchery
self_test_kdf(const ST_KAT_KDF * t,OSSL_SELF_TEST * st,OSSL_LIB_CTX * libctx)195*b077aed3SPierre Pronchery static int self_test_kdf(const ST_KAT_KDF *t, OSSL_SELF_TEST *st,
196*b077aed3SPierre Pronchery OSSL_LIB_CTX *libctx)
197*b077aed3SPierre Pronchery {
198*b077aed3SPierre Pronchery int ret = 0;
199*b077aed3SPierre Pronchery unsigned char out[128];
200*b077aed3SPierre Pronchery EVP_KDF *kdf = NULL;
201*b077aed3SPierre Pronchery EVP_KDF_CTX *ctx = NULL;
202*b077aed3SPierre Pronchery BN_CTX *bnctx = NULL;
203*b077aed3SPierre Pronchery OSSL_PARAM *params = NULL;
204*b077aed3SPierre Pronchery OSSL_PARAM_BLD *bld = NULL;
205*b077aed3SPierre Pronchery
206*b077aed3SPierre Pronchery OSSL_SELF_TEST_onbegin(st, OSSL_SELF_TEST_TYPE_KAT_KDF, t->desc);
207*b077aed3SPierre Pronchery
208*b077aed3SPierre Pronchery bld = OSSL_PARAM_BLD_new();
209*b077aed3SPierre Pronchery if (bld == NULL)
210*b077aed3SPierre Pronchery goto err;
211*b077aed3SPierre Pronchery
212*b077aed3SPierre Pronchery kdf = EVP_KDF_fetch(libctx, t->algorithm, "");
213*b077aed3SPierre Pronchery if (kdf == NULL)
214*b077aed3SPierre Pronchery goto err;
215*b077aed3SPierre Pronchery
216*b077aed3SPierre Pronchery ctx = EVP_KDF_CTX_new(kdf);
217*b077aed3SPierre Pronchery if (ctx == NULL)
218*b077aed3SPierre Pronchery goto err;
219*b077aed3SPierre Pronchery
220*b077aed3SPierre Pronchery bnctx = BN_CTX_new_ex(libctx);
221*b077aed3SPierre Pronchery if (bnctx == NULL)
222*b077aed3SPierre Pronchery goto err;
223*b077aed3SPierre Pronchery if (!add_params(bld, t->params, bnctx))
224*b077aed3SPierre Pronchery goto err;
225*b077aed3SPierre Pronchery params = OSSL_PARAM_BLD_to_param(bld);
226*b077aed3SPierre Pronchery if (params == NULL)
227*b077aed3SPierre Pronchery goto err;
228*b077aed3SPierre Pronchery
229*b077aed3SPierre Pronchery if (t->expected_len > sizeof(out))
230*b077aed3SPierre Pronchery goto err;
231*b077aed3SPierre Pronchery if (EVP_KDF_derive(ctx, out, t->expected_len, params) <= 0)
232*b077aed3SPierre Pronchery goto err;
233*b077aed3SPierre Pronchery
234*b077aed3SPierre Pronchery OSSL_SELF_TEST_oncorrupt_byte(st, out);
235*b077aed3SPierre Pronchery
236*b077aed3SPierre Pronchery if (memcmp(out, t->expected, t->expected_len) != 0)
237*b077aed3SPierre Pronchery goto err;
238*b077aed3SPierre Pronchery
239*b077aed3SPierre Pronchery ret = 1;
240*b077aed3SPierre Pronchery err:
241*b077aed3SPierre Pronchery EVP_KDF_free(kdf);
242*b077aed3SPierre Pronchery EVP_KDF_CTX_free(ctx);
243*b077aed3SPierre Pronchery BN_CTX_free(bnctx);
244*b077aed3SPierre Pronchery OSSL_PARAM_free(params);
245*b077aed3SPierre Pronchery OSSL_PARAM_BLD_free(bld);
246*b077aed3SPierre Pronchery OSSL_SELF_TEST_onend(st, ret);
247*b077aed3SPierre Pronchery return ret;
248*b077aed3SPierre Pronchery }
249*b077aed3SPierre Pronchery
self_test_drbg(const ST_KAT_DRBG * t,OSSL_SELF_TEST * st,OSSL_LIB_CTX * libctx)250*b077aed3SPierre Pronchery static int self_test_drbg(const ST_KAT_DRBG *t, OSSL_SELF_TEST *st,
251*b077aed3SPierre Pronchery OSSL_LIB_CTX *libctx)
252*b077aed3SPierre Pronchery {
253*b077aed3SPierre Pronchery int ret = 0;
254*b077aed3SPierre Pronchery unsigned char out[256];
255*b077aed3SPierre Pronchery EVP_RAND *rand;
256*b077aed3SPierre Pronchery EVP_RAND_CTX *test = NULL, *drbg = NULL;
257*b077aed3SPierre Pronchery unsigned int strength = 256;
258*b077aed3SPierre Pronchery int prediction_resistance = 1; /* Causes a reseed */
259*b077aed3SPierre Pronchery OSSL_PARAM drbg_params[3] = {
260*b077aed3SPierre Pronchery OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END
261*b077aed3SPierre Pronchery };
262*b077aed3SPierre Pronchery
263*b077aed3SPierre Pronchery OSSL_SELF_TEST_onbegin(st, OSSL_SELF_TEST_TYPE_DRBG, t->desc);
264*b077aed3SPierre Pronchery
265*b077aed3SPierre Pronchery rand = EVP_RAND_fetch(libctx, "TEST-RAND", NULL);
266*b077aed3SPierre Pronchery if (rand == NULL)
267*b077aed3SPierre Pronchery goto err;
268*b077aed3SPierre Pronchery
269*b077aed3SPierre Pronchery test = EVP_RAND_CTX_new(rand, NULL);
270*b077aed3SPierre Pronchery EVP_RAND_free(rand);
271*b077aed3SPierre Pronchery if (test == NULL)
272*b077aed3SPierre Pronchery goto err;
273*b077aed3SPierre Pronchery
274*b077aed3SPierre Pronchery drbg_params[0] = OSSL_PARAM_construct_uint(OSSL_RAND_PARAM_STRENGTH,
275*b077aed3SPierre Pronchery &strength);
276*b077aed3SPierre Pronchery if (!EVP_RAND_CTX_set_params(test, drbg_params))
277*b077aed3SPierre Pronchery goto err;
278*b077aed3SPierre Pronchery
279*b077aed3SPierre Pronchery rand = EVP_RAND_fetch(libctx, t->algorithm, NULL);
280*b077aed3SPierre Pronchery if (rand == NULL)
281*b077aed3SPierre Pronchery goto err;
282*b077aed3SPierre Pronchery
283*b077aed3SPierre Pronchery drbg = EVP_RAND_CTX_new(rand, test);
284*b077aed3SPierre Pronchery EVP_RAND_free(rand);
285*b077aed3SPierre Pronchery if (drbg == NULL)
286*b077aed3SPierre Pronchery goto err;
287*b077aed3SPierre Pronchery
288*b077aed3SPierre Pronchery strength = EVP_RAND_get_strength(drbg);
289*b077aed3SPierre Pronchery
290*b077aed3SPierre Pronchery drbg_params[0] = OSSL_PARAM_construct_utf8_string(t->param_name,
291*b077aed3SPierre Pronchery t->param_value, 0);
292*b077aed3SPierre Pronchery /* This is only used by HMAC-DRBG but it is ignored by the others */
293*b077aed3SPierre Pronchery drbg_params[1] =
294*b077aed3SPierre Pronchery OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_MAC, "HMAC", 0);
295*b077aed3SPierre Pronchery if (!EVP_RAND_CTX_set_params(drbg, drbg_params))
296*b077aed3SPierre Pronchery goto err;
297*b077aed3SPierre Pronchery
298*b077aed3SPierre Pronchery drbg_params[0] =
299*b077aed3SPierre Pronchery OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY,
300*b077aed3SPierre Pronchery (void *)t->entropyin,
301*b077aed3SPierre Pronchery t->entropyinlen);
302*b077aed3SPierre Pronchery drbg_params[1] =
303*b077aed3SPierre Pronchery OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_NONCE,
304*b077aed3SPierre Pronchery (void *)t->nonce, t->noncelen);
305*b077aed3SPierre Pronchery if (!EVP_RAND_instantiate(test, strength, 0, NULL, 0, drbg_params))
306*b077aed3SPierre Pronchery goto err;
307*b077aed3SPierre Pronchery if (!EVP_RAND_instantiate(drbg, strength, 0, t->persstr, t->persstrlen,
308*b077aed3SPierre Pronchery NULL))
309*b077aed3SPierre Pronchery goto err;
310*b077aed3SPierre Pronchery
311*b077aed3SPierre Pronchery drbg_params[0] =
312*b077aed3SPierre Pronchery OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY,
313*b077aed3SPierre Pronchery (void *)t->entropyinpr1,
314*b077aed3SPierre Pronchery t->entropyinpr1len);
315*b077aed3SPierre Pronchery if (!EVP_RAND_CTX_set_params(test, drbg_params))
316*b077aed3SPierre Pronchery goto err;
317*b077aed3SPierre Pronchery
318*b077aed3SPierre Pronchery if (!EVP_RAND_generate(drbg, out, t->expectedlen, strength,
319*b077aed3SPierre Pronchery prediction_resistance,
320*b077aed3SPierre Pronchery t->entropyaddin1, t->entropyaddin1len))
321*b077aed3SPierre Pronchery goto err;
322*b077aed3SPierre Pronchery
323*b077aed3SPierre Pronchery drbg_params[0] =
324*b077aed3SPierre Pronchery OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY,
325*b077aed3SPierre Pronchery (void *)t->entropyinpr2,
326*b077aed3SPierre Pronchery t->entropyinpr2len);
327*b077aed3SPierre Pronchery if (!EVP_RAND_CTX_set_params(test, drbg_params))
328*b077aed3SPierre Pronchery goto err;
329*b077aed3SPierre Pronchery
330*b077aed3SPierre Pronchery /*
331*b077aed3SPierre Pronchery * This calls ossl_prov_drbg_reseed() internally when
332*b077aed3SPierre Pronchery * prediction_resistance = 1
333*b077aed3SPierre Pronchery */
334*b077aed3SPierre Pronchery if (!EVP_RAND_generate(drbg, out, t->expectedlen, strength,
335*b077aed3SPierre Pronchery prediction_resistance,
336*b077aed3SPierre Pronchery t->entropyaddin2, t->entropyaddin2len))
337*b077aed3SPierre Pronchery goto err;
338*b077aed3SPierre Pronchery
339*b077aed3SPierre Pronchery OSSL_SELF_TEST_oncorrupt_byte(st, out);
340*b077aed3SPierre Pronchery
341*b077aed3SPierre Pronchery if (memcmp(out, t->expected, t->expectedlen) != 0)
342*b077aed3SPierre Pronchery goto err;
343*b077aed3SPierre Pronchery
344*b077aed3SPierre Pronchery if (!EVP_RAND_uninstantiate(drbg))
345*b077aed3SPierre Pronchery goto err;
346*b077aed3SPierre Pronchery /*
347*b077aed3SPierre Pronchery * Check that the DRBG data has been zeroized after
348*b077aed3SPierre Pronchery * ossl_prov_drbg_uninstantiate.
349*b077aed3SPierre Pronchery */
350*b077aed3SPierre Pronchery if (!EVP_RAND_verify_zeroization(drbg))
351*b077aed3SPierre Pronchery goto err;
352*b077aed3SPierre Pronchery
353*b077aed3SPierre Pronchery ret = 1;
354*b077aed3SPierre Pronchery err:
355*b077aed3SPierre Pronchery EVP_RAND_CTX_free(drbg);
356*b077aed3SPierre Pronchery EVP_RAND_CTX_free(test);
357*b077aed3SPierre Pronchery OSSL_SELF_TEST_onend(st, ret);
358*b077aed3SPierre Pronchery return ret;
359*b077aed3SPierre Pronchery }
360*b077aed3SPierre Pronchery
361*b077aed3SPierre Pronchery #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
self_test_ka(const ST_KAT_KAS * t,OSSL_SELF_TEST * st,OSSL_LIB_CTX * libctx)362*b077aed3SPierre Pronchery static int self_test_ka(const ST_KAT_KAS *t,
363*b077aed3SPierre Pronchery OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
364*b077aed3SPierre Pronchery {
365*b077aed3SPierre Pronchery int ret = 0;
366*b077aed3SPierre Pronchery EVP_PKEY_CTX *kactx = NULL, *dctx = NULL;
367*b077aed3SPierre Pronchery EVP_PKEY *pkey = NULL, *peerkey = NULL;
368*b077aed3SPierre Pronchery OSSL_PARAM *params = NULL;
369*b077aed3SPierre Pronchery OSSL_PARAM *params_peer = NULL;
370*b077aed3SPierre Pronchery unsigned char secret[256];
371*b077aed3SPierre Pronchery size_t secret_len = sizeof(secret);
372*b077aed3SPierre Pronchery OSSL_PARAM_BLD *bld = NULL;
373*b077aed3SPierre Pronchery BN_CTX *bnctx = NULL;
374*b077aed3SPierre Pronchery
375*b077aed3SPierre Pronchery OSSL_SELF_TEST_onbegin(st, OSSL_SELF_TEST_TYPE_KAT_KA, t->desc);
376*b077aed3SPierre Pronchery
377*b077aed3SPierre Pronchery bnctx = BN_CTX_new_ex(libctx);
378*b077aed3SPierre Pronchery if (bnctx == NULL)
379*b077aed3SPierre Pronchery goto err;
380*b077aed3SPierre Pronchery
381*b077aed3SPierre Pronchery bld = OSSL_PARAM_BLD_new();
382*b077aed3SPierre Pronchery if (bld == NULL)
383*b077aed3SPierre Pronchery goto err;
384*b077aed3SPierre Pronchery
385*b077aed3SPierre Pronchery if (!add_params(bld, t->key_group, bnctx)
386*b077aed3SPierre Pronchery || !add_params(bld, t->key_host_data, bnctx))
387*b077aed3SPierre Pronchery goto err;
388*b077aed3SPierre Pronchery params = OSSL_PARAM_BLD_to_param(bld);
389*b077aed3SPierre Pronchery
390*b077aed3SPierre Pronchery if (!add_params(bld, t->key_group, bnctx)
391*b077aed3SPierre Pronchery || !add_params(bld, t->key_peer_data, bnctx))
392*b077aed3SPierre Pronchery goto err;
393*b077aed3SPierre Pronchery
394*b077aed3SPierre Pronchery params_peer = OSSL_PARAM_BLD_to_param(bld);
395*b077aed3SPierre Pronchery if (params == NULL || params_peer == NULL)
396*b077aed3SPierre Pronchery goto err;
397*b077aed3SPierre Pronchery
398*b077aed3SPierre Pronchery /* Create a EVP_PKEY_CTX to load the DH keys into */
399*b077aed3SPierre Pronchery kactx = EVP_PKEY_CTX_new_from_name(libctx, t->algorithm, "");
400*b077aed3SPierre Pronchery if (kactx == NULL)
401*b077aed3SPierre Pronchery goto err;
402*b077aed3SPierre Pronchery if (EVP_PKEY_fromdata_init(kactx) <= 0
403*b077aed3SPierre Pronchery || EVP_PKEY_fromdata(kactx, &pkey, EVP_PKEY_KEYPAIR, params) <= 0)
404*b077aed3SPierre Pronchery goto err;
405*b077aed3SPierre Pronchery if (EVP_PKEY_fromdata_init(kactx) <= 0
406*b077aed3SPierre Pronchery || EVP_PKEY_fromdata(kactx, &peerkey, EVP_PKEY_KEYPAIR, params_peer) <= 0)
407*b077aed3SPierre Pronchery goto err;
408*b077aed3SPierre Pronchery
409*b077aed3SPierre Pronchery /* Create a EVP_PKEY_CTX to perform key derivation */
410*b077aed3SPierre Pronchery dctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, NULL);
411*b077aed3SPierre Pronchery if (dctx == NULL)
412*b077aed3SPierre Pronchery goto err;
413*b077aed3SPierre Pronchery
414*b077aed3SPierre Pronchery if (EVP_PKEY_derive_init(dctx) <= 0
415*b077aed3SPierre Pronchery || EVP_PKEY_derive_set_peer(dctx, peerkey) <= 0
416*b077aed3SPierre Pronchery || EVP_PKEY_derive(dctx, secret, &secret_len) <= 0)
417*b077aed3SPierre Pronchery goto err;
418*b077aed3SPierre Pronchery
419*b077aed3SPierre Pronchery OSSL_SELF_TEST_oncorrupt_byte(st, secret);
420*b077aed3SPierre Pronchery
421*b077aed3SPierre Pronchery if (secret_len != t->expected_len
422*b077aed3SPierre Pronchery || memcmp(secret, t->expected, t->expected_len) != 0)
423*b077aed3SPierre Pronchery goto err;
424*b077aed3SPierre Pronchery ret = 1;
425*b077aed3SPierre Pronchery err:
426*b077aed3SPierre Pronchery BN_CTX_free(bnctx);
427*b077aed3SPierre Pronchery EVP_PKEY_free(pkey);
428*b077aed3SPierre Pronchery EVP_PKEY_free(peerkey);
429*b077aed3SPierre Pronchery EVP_PKEY_CTX_free(kactx);
430*b077aed3SPierre Pronchery EVP_PKEY_CTX_free(dctx);
431*b077aed3SPierre Pronchery OSSL_PARAM_free(params_peer);
432*b077aed3SPierre Pronchery OSSL_PARAM_free(params);
433*b077aed3SPierre Pronchery OSSL_PARAM_BLD_free(bld);
434*b077aed3SPierre Pronchery OSSL_SELF_TEST_onend(st, ret);
435*b077aed3SPierre Pronchery return ret;
436*b077aed3SPierre Pronchery }
437*b077aed3SPierre Pronchery #endif /* !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC) */
438*b077aed3SPierre Pronchery
self_test_sign(const ST_KAT_SIGN * t,OSSL_SELF_TEST * st,OSSL_LIB_CTX * libctx)439*b077aed3SPierre Pronchery static int self_test_sign(const ST_KAT_SIGN *t,
440*b077aed3SPierre Pronchery OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
441*b077aed3SPierre Pronchery {
442*b077aed3SPierre Pronchery int ret = 0;
443*b077aed3SPierre Pronchery OSSL_PARAM *params = NULL, *params_sig = NULL;
444*b077aed3SPierre Pronchery OSSL_PARAM_BLD *bld = NULL;
445*b077aed3SPierre Pronchery EVP_PKEY_CTX *sctx = NULL, *kctx = NULL;
446*b077aed3SPierre Pronchery EVP_PKEY *pkey = NULL;
447*b077aed3SPierre Pronchery unsigned char sig[256];
448*b077aed3SPierre Pronchery BN_CTX *bnctx = NULL;
449*b077aed3SPierre Pronchery size_t siglen = sizeof(sig);
450*b077aed3SPierre Pronchery static const unsigned char dgst[] = {
451*b077aed3SPierre Pronchery 0x7f, 0x83, 0xb1, 0x65, 0x7f, 0xf1, 0xfc, 0x53, 0xb9, 0x2d, 0xc1, 0x81,
452*b077aed3SPierre Pronchery 0x48, 0xa1, 0xd6, 0x5d, 0xfc, 0x2d, 0x4b, 0x1f, 0xa3, 0xd6, 0x77, 0x28,
453*b077aed3SPierre Pronchery 0x4a, 0xdd, 0xd2, 0x00, 0x12, 0x6d, 0x90, 0x69
454*b077aed3SPierre Pronchery };
455*b077aed3SPierre Pronchery const char *typ = OSSL_SELF_TEST_TYPE_KAT_SIGNATURE;
456*b077aed3SPierre Pronchery
457*b077aed3SPierre Pronchery if (t->sig_expected == NULL)
458*b077aed3SPierre Pronchery typ = OSSL_SELF_TEST_TYPE_PCT_SIGNATURE;
459*b077aed3SPierre Pronchery
460*b077aed3SPierre Pronchery OSSL_SELF_TEST_onbegin(st, typ, t->desc);
461*b077aed3SPierre Pronchery
462*b077aed3SPierre Pronchery bnctx = BN_CTX_new_ex(libctx);
463*b077aed3SPierre Pronchery if (bnctx == NULL)
464*b077aed3SPierre Pronchery goto err;
465*b077aed3SPierre Pronchery
466*b077aed3SPierre Pronchery bld = OSSL_PARAM_BLD_new();
467*b077aed3SPierre Pronchery if (bld == NULL)
468*b077aed3SPierre Pronchery goto err;
469*b077aed3SPierre Pronchery
470*b077aed3SPierre Pronchery if (!add_params(bld, t->key, bnctx))
471*b077aed3SPierre Pronchery goto err;
472*b077aed3SPierre Pronchery params = OSSL_PARAM_BLD_to_param(bld);
473*b077aed3SPierre Pronchery
474*b077aed3SPierre Pronchery /* Create a EVP_PKEY_CTX to load the DSA key into */
475*b077aed3SPierre Pronchery kctx = EVP_PKEY_CTX_new_from_name(libctx, t->algorithm, "");
476*b077aed3SPierre Pronchery if (kctx == NULL || params == NULL)
477*b077aed3SPierre Pronchery goto err;
478*b077aed3SPierre Pronchery if (EVP_PKEY_fromdata_init(kctx) <= 0
479*b077aed3SPierre Pronchery || EVP_PKEY_fromdata(kctx, &pkey, EVP_PKEY_KEYPAIR, params) <= 0)
480*b077aed3SPierre Pronchery goto err;
481*b077aed3SPierre Pronchery
482*b077aed3SPierre Pronchery /* Create a EVP_PKEY_CTX to use for the signing operation */
483*b077aed3SPierre Pronchery sctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, NULL);
484*b077aed3SPierre Pronchery if (sctx == NULL
485*b077aed3SPierre Pronchery || EVP_PKEY_sign_init(sctx) <= 0)
486*b077aed3SPierre Pronchery goto err;
487*b077aed3SPierre Pronchery
488*b077aed3SPierre Pronchery /* set signature parameters */
489*b077aed3SPierre Pronchery if (!OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_SIGNATURE_PARAM_DIGEST,
490*b077aed3SPierre Pronchery t->mdalgorithm,
491*b077aed3SPierre Pronchery strlen(t->mdalgorithm) + 1))
492*b077aed3SPierre Pronchery goto err;
493*b077aed3SPierre Pronchery params_sig = OSSL_PARAM_BLD_to_param(bld);
494*b077aed3SPierre Pronchery if (EVP_PKEY_CTX_set_params(sctx, params_sig) <= 0)
495*b077aed3SPierre Pronchery goto err;
496*b077aed3SPierre Pronchery
497*b077aed3SPierre Pronchery if (EVP_PKEY_sign(sctx, sig, &siglen, dgst, sizeof(dgst)) <= 0
498*b077aed3SPierre Pronchery || EVP_PKEY_verify_init(sctx) <= 0
499*b077aed3SPierre Pronchery || EVP_PKEY_CTX_set_params(sctx, params_sig) <= 0)
500*b077aed3SPierre Pronchery goto err;
501*b077aed3SPierre Pronchery
502*b077aed3SPierre Pronchery /*
503*b077aed3SPierre Pronchery * Used by RSA, for other key types where the signature changes, we
504*b077aed3SPierre Pronchery * can only use the verify.
505*b077aed3SPierre Pronchery */
506*b077aed3SPierre Pronchery if (t->sig_expected != NULL
507*b077aed3SPierre Pronchery && (siglen != t->sig_expected_len
508*b077aed3SPierre Pronchery || memcmp(sig, t->sig_expected, t->sig_expected_len) != 0))
509*b077aed3SPierre Pronchery goto err;
510*b077aed3SPierre Pronchery
511*b077aed3SPierre Pronchery OSSL_SELF_TEST_oncorrupt_byte(st, sig);
512*b077aed3SPierre Pronchery if (EVP_PKEY_verify(sctx, sig, siglen, dgst, sizeof(dgst)) <= 0)
513*b077aed3SPierre Pronchery goto err;
514*b077aed3SPierre Pronchery ret = 1;
515*b077aed3SPierre Pronchery err:
516*b077aed3SPierre Pronchery BN_CTX_free(bnctx);
517*b077aed3SPierre Pronchery EVP_PKEY_free(pkey);
518*b077aed3SPierre Pronchery EVP_PKEY_CTX_free(kctx);
519*b077aed3SPierre Pronchery EVP_PKEY_CTX_free(sctx);
520*b077aed3SPierre Pronchery OSSL_PARAM_free(params);
521*b077aed3SPierre Pronchery OSSL_PARAM_free(params_sig);
522*b077aed3SPierre Pronchery OSSL_PARAM_BLD_free(bld);
523*b077aed3SPierre Pronchery OSSL_SELF_TEST_onend(st, ret);
524*b077aed3SPierre Pronchery return ret;
525*b077aed3SPierre Pronchery }
526*b077aed3SPierre Pronchery
527*b077aed3SPierre Pronchery /*
528*b077aed3SPierre Pronchery * Test an encrypt or decrypt KAT..
529*b077aed3SPierre Pronchery *
530*b077aed3SPierre Pronchery * FIPS 140-2 IG D.9 states that separate KAT tests are needed for encrypt
531*b077aed3SPierre Pronchery * and decrypt..
532*b077aed3SPierre Pronchery */
self_test_asym_cipher(const ST_KAT_ASYM_CIPHER * t,OSSL_SELF_TEST * st,OSSL_LIB_CTX * libctx)533*b077aed3SPierre Pronchery static int self_test_asym_cipher(const ST_KAT_ASYM_CIPHER *t, OSSL_SELF_TEST *st,
534*b077aed3SPierre Pronchery OSSL_LIB_CTX *libctx)
535*b077aed3SPierre Pronchery {
536*b077aed3SPierre Pronchery int ret = 0;
537*b077aed3SPierre Pronchery OSSL_PARAM *keyparams = NULL, *initparams = NULL;
538*b077aed3SPierre Pronchery OSSL_PARAM_BLD *keybld = NULL, *initbld = NULL;
539*b077aed3SPierre Pronchery EVP_PKEY_CTX *encctx = NULL, *keyctx = NULL;
540*b077aed3SPierre Pronchery EVP_PKEY *key = NULL;
541*b077aed3SPierre Pronchery BN_CTX *bnctx = NULL;
542*b077aed3SPierre Pronchery unsigned char out[256];
543*b077aed3SPierre Pronchery size_t outlen = sizeof(out);
544*b077aed3SPierre Pronchery
545*b077aed3SPierre Pronchery OSSL_SELF_TEST_onbegin(st, OSSL_SELF_TEST_TYPE_KAT_ASYM_CIPHER, t->desc);
546*b077aed3SPierre Pronchery
547*b077aed3SPierre Pronchery bnctx = BN_CTX_new_ex(libctx);
548*b077aed3SPierre Pronchery if (bnctx == NULL)
549*b077aed3SPierre Pronchery goto err;
550*b077aed3SPierre Pronchery
551*b077aed3SPierre Pronchery /* Load a public or private key from data */
552*b077aed3SPierre Pronchery keybld = OSSL_PARAM_BLD_new();
553*b077aed3SPierre Pronchery if (keybld == NULL
554*b077aed3SPierre Pronchery || !add_params(keybld, t->key, bnctx))
555*b077aed3SPierre Pronchery goto err;
556*b077aed3SPierre Pronchery keyparams = OSSL_PARAM_BLD_to_param(keybld);
557*b077aed3SPierre Pronchery keyctx = EVP_PKEY_CTX_new_from_name(libctx, t->algorithm, NULL);
558*b077aed3SPierre Pronchery if (keyctx == NULL || keyparams == NULL)
559*b077aed3SPierre Pronchery goto err;
560*b077aed3SPierre Pronchery if (EVP_PKEY_fromdata_init(keyctx) <= 0
561*b077aed3SPierre Pronchery || EVP_PKEY_fromdata(keyctx, &key, EVP_PKEY_KEYPAIR, keyparams) <= 0)
562*b077aed3SPierre Pronchery goto err;
563*b077aed3SPierre Pronchery
564*b077aed3SPierre Pronchery /* Create a EVP_PKEY_CTX to use for the encrypt or decrypt operation */
565*b077aed3SPierre Pronchery encctx = EVP_PKEY_CTX_new_from_pkey(libctx, key, NULL);
566*b077aed3SPierre Pronchery if (encctx == NULL
567*b077aed3SPierre Pronchery || (t->encrypt && EVP_PKEY_encrypt_init(encctx) <= 0)
568*b077aed3SPierre Pronchery || (!t->encrypt && EVP_PKEY_decrypt_init(encctx) <= 0))
569*b077aed3SPierre Pronchery goto err;
570*b077aed3SPierre Pronchery
571*b077aed3SPierre Pronchery /* Add any additional parameters such as padding */
572*b077aed3SPierre Pronchery if (t->postinit != NULL) {
573*b077aed3SPierre Pronchery initbld = OSSL_PARAM_BLD_new();
574*b077aed3SPierre Pronchery if (initbld == NULL)
575*b077aed3SPierre Pronchery goto err;
576*b077aed3SPierre Pronchery if (!add_params(initbld, t->postinit, bnctx))
577*b077aed3SPierre Pronchery goto err;
578*b077aed3SPierre Pronchery initparams = OSSL_PARAM_BLD_to_param(initbld);
579*b077aed3SPierre Pronchery if (initparams == NULL)
580*b077aed3SPierre Pronchery goto err;
581*b077aed3SPierre Pronchery if (EVP_PKEY_CTX_set_params(encctx, initparams) <= 0)
582*b077aed3SPierre Pronchery goto err;
583*b077aed3SPierre Pronchery }
584*b077aed3SPierre Pronchery
585*b077aed3SPierre Pronchery if (t->encrypt) {
586*b077aed3SPierre Pronchery if (EVP_PKEY_encrypt(encctx, out, &outlen,
587*b077aed3SPierre Pronchery t->in, t->in_len) <= 0)
588*b077aed3SPierre Pronchery goto err;
589*b077aed3SPierre Pronchery } else {
590*b077aed3SPierre Pronchery if (EVP_PKEY_decrypt(encctx, out, &outlen,
591*b077aed3SPierre Pronchery t->in, t->in_len) <= 0)
592*b077aed3SPierre Pronchery goto err;
593*b077aed3SPierre Pronchery }
594*b077aed3SPierre Pronchery /* Check the KAT */
595*b077aed3SPierre Pronchery OSSL_SELF_TEST_oncorrupt_byte(st, out);
596*b077aed3SPierre Pronchery if (outlen != t->expected_len
597*b077aed3SPierre Pronchery || memcmp(out, t->expected, t->expected_len) != 0)
598*b077aed3SPierre Pronchery goto err;
599*b077aed3SPierre Pronchery
600*b077aed3SPierre Pronchery ret = 1;
601*b077aed3SPierre Pronchery err:
602*b077aed3SPierre Pronchery BN_CTX_free(bnctx);
603*b077aed3SPierre Pronchery EVP_PKEY_free(key);
604*b077aed3SPierre Pronchery EVP_PKEY_CTX_free(encctx);
605*b077aed3SPierre Pronchery EVP_PKEY_CTX_free(keyctx);
606*b077aed3SPierre Pronchery OSSL_PARAM_free(keyparams);
607*b077aed3SPierre Pronchery OSSL_PARAM_BLD_free(keybld);
608*b077aed3SPierre Pronchery OSSL_PARAM_free(initparams);
609*b077aed3SPierre Pronchery OSSL_PARAM_BLD_free(initbld);
610*b077aed3SPierre Pronchery OSSL_SELF_TEST_onend(st, ret);
611*b077aed3SPierre Pronchery return ret;
612*b077aed3SPierre Pronchery }
613*b077aed3SPierre Pronchery
614*b077aed3SPierre Pronchery /*
615*b077aed3SPierre Pronchery * Test a data driven list of KAT's for digest algorithms.
616*b077aed3SPierre Pronchery * All tests are run regardless of if they fail or not.
617*b077aed3SPierre Pronchery * Return 0 if any test fails.
618*b077aed3SPierre Pronchery */
self_test_digests(OSSL_SELF_TEST * st,OSSL_LIB_CTX * libctx)619*b077aed3SPierre Pronchery static int self_test_digests(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
620*b077aed3SPierre Pronchery {
621*b077aed3SPierre Pronchery int i, ret = 1;
622*b077aed3SPierre Pronchery
623*b077aed3SPierre Pronchery for (i = 0; i < (int)OSSL_NELEM(st_kat_digest_tests); ++i) {
624*b077aed3SPierre Pronchery if (!self_test_digest(&st_kat_digest_tests[i], st, libctx))
625*b077aed3SPierre Pronchery ret = 0;
626*b077aed3SPierre Pronchery }
627*b077aed3SPierre Pronchery return ret;
628*b077aed3SPierre Pronchery }
629*b077aed3SPierre Pronchery
self_test_ciphers(OSSL_SELF_TEST * st,OSSL_LIB_CTX * libctx)630*b077aed3SPierre Pronchery static int self_test_ciphers(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
631*b077aed3SPierre Pronchery {
632*b077aed3SPierre Pronchery int i, ret = 1;
633*b077aed3SPierre Pronchery
634*b077aed3SPierre Pronchery for (i = 0; i < (int)OSSL_NELEM(st_kat_cipher_tests); ++i) {
635*b077aed3SPierre Pronchery if (!self_test_cipher(&st_kat_cipher_tests[i], st, libctx))
636*b077aed3SPierre Pronchery ret = 0;
637*b077aed3SPierre Pronchery }
638*b077aed3SPierre Pronchery return ret;
639*b077aed3SPierre Pronchery }
640*b077aed3SPierre Pronchery
self_test_asym_ciphers(OSSL_SELF_TEST * st,OSSL_LIB_CTX * libctx)641*b077aed3SPierre Pronchery static int self_test_asym_ciphers(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
642*b077aed3SPierre Pronchery {
643*b077aed3SPierre Pronchery int i, ret = 1;
644*b077aed3SPierre Pronchery
645*b077aed3SPierre Pronchery for (i = 0; i < (int)OSSL_NELEM(st_kat_asym_cipher_tests); ++i) {
646*b077aed3SPierre Pronchery if (!self_test_asym_cipher(&st_kat_asym_cipher_tests[i], st, libctx))
647*b077aed3SPierre Pronchery ret = 0;
648*b077aed3SPierre Pronchery }
649*b077aed3SPierre Pronchery return ret;
650*b077aed3SPierre Pronchery }
651*b077aed3SPierre Pronchery
self_test_kdfs(OSSL_SELF_TEST * st,OSSL_LIB_CTX * libctx)652*b077aed3SPierre Pronchery static int self_test_kdfs(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
653*b077aed3SPierre Pronchery {
654*b077aed3SPierre Pronchery int i, ret = 1;
655*b077aed3SPierre Pronchery
656*b077aed3SPierre Pronchery for (i = 0; i < (int)OSSL_NELEM(st_kat_kdf_tests); ++i) {
657*b077aed3SPierre Pronchery if (!self_test_kdf(&st_kat_kdf_tests[i], st, libctx))
658*b077aed3SPierre Pronchery ret = 0;
659*b077aed3SPierre Pronchery }
660*b077aed3SPierre Pronchery return ret;
661*b077aed3SPierre Pronchery }
662*b077aed3SPierre Pronchery
self_test_drbgs(OSSL_SELF_TEST * st,OSSL_LIB_CTX * libctx)663*b077aed3SPierre Pronchery static int self_test_drbgs(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
664*b077aed3SPierre Pronchery {
665*b077aed3SPierre Pronchery int i, ret = 1;
666*b077aed3SPierre Pronchery
667*b077aed3SPierre Pronchery for (i = 0; i < (int)OSSL_NELEM(st_kat_drbg_tests); ++i) {
668*b077aed3SPierre Pronchery if (!self_test_drbg(&st_kat_drbg_tests[i], st, libctx))
669*b077aed3SPierre Pronchery ret = 0;
670*b077aed3SPierre Pronchery }
671*b077aed3SPierre Pronchery return ret;
672*b077aed3SPierre Pronchery }
673*b077aed3SPierre Pronchery
self_test_kas(OSSL_SELF_TEST * st,OSSL_LIB_CTX * libctx)674*b077aed3SPierre Pronchery static int self_test_kas(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
675*b077aed3SPierre Pronchery {
676*b077aed3SPierre Pronchery int ret = 1;
677*b077aed3SPierre Pronchery #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
678*b077aed3SPierre Pronchery int i;
679*b077aed3SPierre Pronchery
680*b077aed3SPierre Pronchery for (i = 0; i < (int)OSSL_NELEM(st_kat_kas_tests); ++i) {
681*b077aed3SPierre Pronchery if (!self_test_ka(&st_kat_kas_tests[i], st, libctx))
682*b077aed3SPierre Pronchery ret = 0;
683*b077aed3SPierre Pronchery }
684*b077aed3SPierre Pronchery #endif
685*b077aed3SPierre Pronchery
686*b077aed3SPierre Pronchery return ret;
687*b077aed3SPierre Pronchery }
688*b077aed3SPierre Pronchery
self_test_signatures(OSSL_SELF_TEST * st,OSSL_LIB_CTX * libctx)689*b077aed3SPierre Pronchery static int self_test_signatures(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
690*b077aed3SPierre Pronchery {
691*b077aed3SPierre Pronchery int i, ret = 1;
692*b077aed3SPierre Pronchery
693*b077aed3SPierre Pronchery for (i = 0; i < (int)OSSL_NELEM(st_kat_sign_tests); ++i) {
694*b077aed3SPierre Pronchery if (!self_test_sign(&st_kat_sign_tests[i], st, libctx))
695*b077aed3SPierre Pronchery ret = 0;
696*b077aed3SPierre Pronchery }
697*b077aed3SPierre Pronchery return ret;
698*b077aed3SPierre Pronchery }
699*b077aed3SPierre Pronchery
700*b077aed3SPierre Pronchery /*
701*b077aed3SPierre Pronchery * Run the algorithm KAT's.
702*b077aed3SPierre Pronchery * Return 1 is successful, otherwise return 0.
703*b077aed3SPierre Pronchery * This runs all the tests regardless of if any fail.
704*b077aed3SPierre Pronchery */
SELF_TEST_kats(OSSL_SELF_TEST * st,OSSL_LIB_CTX * libctx)705*b077aed3SPierre Pronchery int SELF_TEST_kats(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
706*b077aed3SPierre Pronchery {
707*b077aed3SPierre Pronchery int ret = 1;
708*b077aed3SPierre Pronchery
709*b077aed3SPierre Pronchery if (!self_test_digests(st, libctx))
710*b077aed3SPierre Pronchery ret = 0;
711*b077aed3SPierre Pronchery if (!self_test_ciphers(st, libctx))
712*b077aed3SPierre Pronchery ret = 0;
713*b077aed3SPierre Pronchery if (!self_test_signatures(st, libctx))
714*b077aed3SPierre Pronchery ret = 0;
715*b077aed3SPierre Pronchery if (!self_test_kdfs(st, libctx))
716*b077aed3SPierre Pronchery ret = 0;
717*b077aed3SPierre Pronchery if (!self_test_drbgs(st, libctx))
718*b077aed3SPierre Pronchery ret = 0;
719*b077aed3SPierre Pronchery if (!self_test_kas(st, libctx))
720*b077aed3SPierre Pronchery ret = 0;
721*b077aed3SPierre Pronchery if (!self_test_asym_ciphers(st, libctx))
722*b077aed3SPierre Pronchery ret = 0;
723*b077aed3SPierre Pronchery
724*b077aed3SPierre Pronchery return ret;
725*b077aed3SPierre Pronchery }
726