1 /* 2 * Copyright 2021-2023 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * https://www.openssl.org/source/license.html 8 * or in the file LICENSE in the source distribution. 9 */ 10 11 #include <string.h> 12 #include <openssl/core_names.h> 13 #include <openssl/core_object.h> 14 #include <openssl/rand.h> 15 #include <openssl/provider.h> 16 #include "testutil.h" 17 #include "fake_rsaprov.h" 18 19 static OSSL_FUNC_keymgmt_new_fn fake_rsa_keymgmt_new; 20 static OSSL_FUNC_keymgmt_free_fn fake_rsa_keymgmt_free; 21 static OSSL_FUNC_keymgmt_has_fn fake_rsa_keymgmt_has; 22 static OSSL_FUNC_keymgmt_query_operation_name_fn fake_rsa_keymgmt_query; 23 static OSSL_FUNC_keymgmt_import_fn fake_rsa_keymgmt_import; 24 static OSSL_FUNC_keymgmt_import_types_fn fake_rsa_keymgmt_imptypes; 25 static OSSL_FUNC_keymgmt_export_fn fake_rsa_keymgmt_export; 26 static OSSL_FUNC_keymgmt_export_types_fn fake_rsa_keymgmt_exptypes; 27 static OSSL_FUNC_keymgmt_load_fn fake_rsa_keymgmt_load; 28 29 static int has_selection; 30 static int imptypes_selection; 31 static int exptypes_selection; 32 static int query_id; 33 static int key_deleted; 34 35 struct fake_rsa_keydata { 36 int selection; 37 int status; 38 }; 39 40 void fake_rsa_restore_store_state(void) 41 { 42 key_deleted = 0; 43 } 44 45 static void *fake_rsa_keymgmt_new(void *provctx) 46 { 47 struct fake_rsa_keydata *key; 48 49 if (!TEST_ptr(key = OPENSSL_zalloc(sizeof(struct fake_rsa_keydata)))) 50 return NULL; 51 52 /* clear test globals */ 53 has_selection = 0; 54 imptypes_selection = 0; 55 exptypes_selection = 0; 56 query_id = 0; 57 58 return key; 59 } 60 61 static void fake_rsa_keymgmt_free(void *keydata) 62 { 63 OPENSSL_free(keydata); 64 } 65 66 static int fake_rsa_keymgmt_has(const void *key, int selection) 67 { 68 /* record global for checking */ 69 has_selection = selection; 70 71 return 1; 72 } 73 74 75 static const char *fake_rsa_keymgmt_query(int id) 76 { 77 /* record global for checking */ 78 query_id = id; 79 80 return "RSA"; 81 } 82 83 static int fake_rsa_keymgmt_import(void *keydata, int selection, 84 const OSSL_PARAM *p) 85 { 86 struct fake_rsa_keydata *fake_rsa_key = keydata; 87 88 /* key was imported */ 89 fake_rsa_key->status = 1; 90 91 return 1; 92 } 93 94 static unsigned char fake_rsa_n[] = 95 "\x00\xAA\x36\xAB\xCE\x88\xAC\xFD\xFF\x55\x52\x3C\x7F\xC4\x52\x3F" 96 "\x90\xEF\xA0\x0D\xF3\x77\x4A\x25\x9F\x2E\x62\xB4\xC5\xD9\x9C\xB5" 97 "\xAD\xB3\x00\xA0\x28\x5E\x53\x01\x93\x0E\x0C\x70\xFB\x68\x76\x93" 98 "\x9C\xE6\x16\xCE\x62\x4A\x11\xE0\x08\x6D\x34\x1E\xBC\xAC\xA0\xA1" 99 "\xF5"; 100 101 static unsigned char fake_rsa_e[] = "\x11"; 102 103 static unsigned char fake_rsa_d[] = 104 "\x0A\x03\x37\x48\x62\x64\x87\x69\x5F\x5F\x30\xBC\x38\xB9\x8B\x44" 105 "\xC2\xCD\x2D\xFF\x43\x40\x98\xCD\x20\xD8\xA1\x38\xD0\x90\xBF\x64" 106 "\x79\x7C\x3F\xA7\xA2\xCD\xCB\x3C\xD1\xE0\xBD\xBA\x26\x54\xB4\xF9" 107 "\xDF\x8E\x8A\xE5\x9D\x73\x3D\x9F\x33\xB3\x01\x62\x4A\xFD\x1D\x51"; 108 109 static unsigned char fake_rsa_p[] = 110 "\x00\xD8\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5" 111 "\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x12" 112 "\x0D"; 113 114 static unsigned char fake_rsa_q[] = 115 "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9" 116 "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D" 117 "\x89"; 118 119 static unsigned char fake_rsa_dmp1[] = 120 "\x59\x0B\x95\x72\xA2\xC2\xA9\xC4\x06\x05\x9D\xC2\xAB\x2F\x1D\xAF" 121 "\xEB\x7E\x8B\x4F\x10\xA7\x54\x9E\x8E\xED\xF5\xB4\xFC\xE0\x9E\x05"; 122 123 static unsigned char fake_rsa_dmq1[] = 124 "\x00\x8E\x3C\x05\x21\xFE\x15\xE0\xEA\x06\xA3\x6F\xF0\xF1\x0C\x99" 125 "\x52\xC3\x5B\x7A\x75\x14\xFD\x32\x38\xB8\x0A\xAD\x52\x98\x62\x8D" 126 "\x51"; 127 128 static unsigned char fake_rsa_iqmp[] = 129 "\x36\x3F\xF7\x18\x9D\xA8\xE9\x0B\x1D\x34\x1F\x71\xD0\x9B\x76\xA8" 130 "\xA9\x43\xE1\x1D\x10\xB2\x4D\x24\x9F\x2D\xEA\xFE\xF8\x0C\x18\x26"; 131 132 OSSL_PARAM *fake_rsa_key_params(int priv) 133 { 134 if (priv) { 135 OSSL_PARAM params[] = { 136 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_N, fake_rsa_n, 137 sizeof(fake_rsa_n) -1), 138 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, fake_rsa_e, 139 sizeof(fake_rsa_e) -1), 140 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_D, fake_rsa_d, 141 sizeof(fake_rsa_d) -1), 142 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR1, fake_rsa_p, 143 sizeof(fake_rsa_p) -1), 144 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR2, fake_rsa_q, 145 sizeof(fake_rsa_q) -1), 146 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT1, fake_rsa_dmp1, 147 sizeof(fake_rsa_dmp1) -1), 148 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT2, fake_rsa_dmq1, 149 sizeof(fake_rsa_dmq1) -1), 150 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, fake_rsa_iqmp, 151 sizeof(fake_rsa_iqmp) -1), 152 OSSL_PARAM_END 153 }; 154 return OSSL_PARAM_dup(params); 155 } else { 156 OSSL_PARAM params[] = { 157 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_N, fake_rsa_n, 158 sizeof(fake_rsa_n) -1), 159 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, fake_rsa_e, 160 sizeof(fake_rsa_e) -1), 161 OSSL_PARAM_END 162 }; 163 return OSSL_PARAM_dup(params); 164 } 165 } 166 167 static int fake_rsa_keymgmt_export(void *keydata, int selection, 168 OSSL_CALLBACK *param_callback, void *cbarg) 169 { 170 OSSL_PARAM *params = NULL; 171 int ret; 172 173 if (selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) 174 return 0; 175 176 if (!TEST_ptr(params = fake_rsa_key_params(0))) 177 return 0; 178 179 ret = param_callback(params, cbarg); 180 OSSL_PARAM_free(params); 181 return ret; 182 } 183 184 static const OSSL_PARAM fake_rsa_import_key_types[] = { 185 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_N, NULL, 0), 186 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, NULL, 0), 187 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_D, NULL, 0), 188 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR1, NULL, 0), 189 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR2, NULL, 0), 190 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT1, NULL, 0), 191 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT2, NULL, 0), 192 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, NULL, 0), 193 OSSL_PARAM_END 194 }; 195 196 static const OSSL_PARAM *fake_rsa_keymgmt_imptypes(int selection) 197 { 198 /* record global for checking */ 199 imptypes_selection = selection; 200 201 return fake_rsa_import_key_types; 202 } 203 204 static const OSSL_PARAM fake_rsa_export_key_types[] = { 205 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_N, NULL, 0), 206 OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, NULL, 0), 207 OSSL_PARAM_END 208 }; 209 210 static const OSSL_PARAM *fake_rsa_keymgmt_exptypes(int selection) 211 { 212 /* record global for checking */ 213 exptypes_selection = selection; 214 215 return fake_rsa_export_key_types; 216 } 217 218 static void *fake_rsa_keymgmt_load(const void *reference, size_t reference_sz) 219 { 220 struct fake_rsa_keydata *key = NULL; 221 222 if (reference_sz != sizeof(*key)) 223 return NULL; 224 225 key = *(struct fake_rsa_keydata **)reference; 226 if (key->status != 1) 227 return NULL; 228 229 /* detach the reference */ 230 *(struct fake_rsa_keydata **)reference = NULL; 231 232 return key; 233 } 234 235 static void *fake_rsa_gen_init(void *provctx, int selection, 236 const OSSL_PARAM params[]) 237 { 238 unsigned char *gctx = NULL; 239 240 if (!TEST_ptr(gctx = OPENSSL_malloc(1))) 241 return NULL; 242 243 *gctx = 1; 244 245 return gctx; 246 } 247 248 static void *fake_rsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) 249 { 250 unsigned char *gctx = genctx; 251 static const unsigned char inited[] = { 1 }; 252 struct fake_rsa_keydata *keydata; 253 254 if (!TEST_ptr(gctx) 255 || !TEST_mem_eq(gctx, sizeof(*gctx), inited, sizeof(inited))) 256 return NULL; 257 258 if (!TEST_ptr(keydata = fake_rsa_keymgmt_new(NULL))) 259 return NULL; 260 261 keydata->status = 2; 262 return keydata; 263 } 264 265 static void fake_rsa_gen_cleanup(void *genctx) 266 { 267 OPENSSL_free(genctx); 268 } 269 270 static const OSSL_DISPATCH fake_rsa_keymgmt_funcs[] = { 271 { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))fake_rsa_keymgmt_new }, 272 { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))fake_rsa_keymgmt_free} , 273 { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))fake_rsa_keymgmt_has }, 274 { OSSL_FUNC_KEYMGMT_QUERY_OPERATION_NAME, 275 (void (*)(void))fake_rsa_keymgmt_query }, 276 { OSSL_FUNC_KEYMGMT_IMPORT, (void (*)(void))fake_rsa_keymgmt_import }, 277 { OSSL_FUNC_KEYMGMT_IMPORT_TYPES, 278 (void (*)(void))fake_rsa_keymgmt_imptypes }, 279 { OSSL_FUNC_KEYMGMT_EXPORT, (void (*)(void))fake_rsa_keymgmt_export }, 280 { OSSL_FUNC_KEYMGMT_EXPORT_TYPES, 281 (void (*)(void))fake_rsa_keymgmt_exptypes }, 282 { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))fake_rsa_keymgmt_load }, 283 { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))fake_rsa_gen_init }, 284 { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))fake_rsa_gen }, 285 { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))fake_rsa_gen_cleanup }, 286 OSSL_DISPATCH_END 287 }; 288 289 static const OSSL_ALGORITHM fake_rsa_keymgmt_algs[] = { 290 { "RSA:rsaEncryption", "provider=fake-rsa", fake_rsa_keymgmt_funcs, "Fake RSA Key Management" }, 291 { NULL, NULL, NULL, NULL } 292 }; 293 294 static OSSL_FUNC_signature_newctx_fn fake_rsa_sig_newctx; 295 static OSSL_FUNC_signature_freectx_fn fake_rsa_sig_freectx; 296 static OSSL_FUNC_signature_sign_init_fn fake_rsa_sig_sign_init; 297 static OSSL_FUNC_signature_sign_fn fake_rsa_sig_sign; 298 299 static void *fake_rsa_sig_newctx(void *provctx, const char *propq) 300 { 301 unsigned char *sigctx = OPENSSL_zalloc(1); 302 303 TEST_ptr(sigctx); 304 305 return sigctx; 306 } 307 308 static void fake_rsa_sig_freectx(void *sigctx) 309 { 310 OPENSSL_free(sigctx); 311 } 312 313 static int fake_rsa_sig_sign_init(void *ctx, void *provkey, 314 const OSSL_PARAM params[]) 315 { 316 unsigned char *sigctx = ctx; 317 struct fake_rsa_keydata *keydata = provkey; 318 319 /* we must have a ctx */ 320 if (!TEST_ptr(sigctx)) 321 return 0; 322 323 /* we must have some initialized key */ 324 if (!TEST_ptr(keydata) || !TEST_int_gt(keydata->status, 0)) 325 return 0; 326 327 /* record that sign init was called */ 328 *sigctx = 1; 329 return 1; 330 } 331 332 static int fake_rsa_sig_sign(void *ctx, unsigned char *sig, 333 size_t *siglen, size_t sigsize, 334 const unsigned char *tbs, size_t tbslen) 335 { 336 unsigned char *sigctx = ctx; 337 338 /* we must have a ctx and init was called upon it */ 339 if (!TEST_ptr(sigctx) || !TEST_int_eq(*sigctx, 1)) 340 return 0; 341 342 *siglen = 256; 343 /* record that the real sign operation was called */ 344 if (sig != NULL) { 345 if (!TEST_int_ge(sigsize, *siglen)) 346 return 0; 347 *sigctx = 2; 348 /* produce a fake signature */ 349 memset(sig, 'a', *siglen); 350 } 351 352 return 1; 353 } 354 355 #define FAKE_DGSTSGN_SIGN 0x01 356 #define FAKE_DGSTSGN_VERIFY 0x02 357 #define FAKE_DGSTSGN_UPDATED 0x04 358 #define FAKE_DGSTSGN_FINALISED 0x08 359 #define FAKE_DGSTSGN_NO_DUP 0xA0 360 361 static void *fake_rsa_sig_dupctx(void *ctx) 362 { 363 unsigned char *sigctx = ctx; 364 unsigned char *newctx; 365 366 if ((*sigctx & FAKE_DGSTSGN_NO_DUP) != 0) 367 return NULL; 368 369 if (!TEST_ptr(newctx = OPENSSL_zalloc(1))) 370 return NULL; 371 372 *newctx = *sigctx; 373 return newctx; 374 } 375 376 static int fake_rsa_dgstsgnvfy_init(void *ctx, unsigned char type, 377 void *provkey, const OSSL_PARAM params[]) 378 { 379 unsigned char *sigctx = ctx; 380 struct fake_rsa_keydata *keydata = provkey; 381 382 /* we must have a ctx */ 383 if (!TEST_ptr(sigctx)) 384 return 0; 385 386 /* we must have some initialized key */ 387 if (!TEST_ptr(keydata) || !TEST_int_gt(keydata->status, 0)) 388 return 0; 389 390 /* record that sign/verify init was called */ 391 *sigctx = type; 392 393 if (params) { 394 const OSSL_PARAM *p; 395 int dup; 396 p = OSSL_PARAM_locate_const(params, "NO_DUP"); 397 if (p != NULL) { 398 if (OSSL_PARAM_get_int(p, &dup)) { 399 *sigctx |= FAKE_DGSTSGN_NO_DUP; 400 } 401 } 402 } 403 404 return 1; 405 } 406 407 static int fake_rsa_dgstsgn_init(void *ctx, const char *mdname, 408 void *provkey, const OSSL_PARAM params[]) 409 { 410 return fake_rsa_dgstsgnvfy_init(ctx, FAKE_DGSTSGN_SIGN, provkey, params); 411 } 412 413 static int fake_rsa_dgstvfy_init(void *ctx, const char *mdname, 414 void *provkey, const OSSL_PARAM params[]) 415 { 416 return fake_rsa_dgstsgnvfy_init(ctx, FAKE_DGSTSGN_VERIFY, provkey, params); 417 } 418 419 static int fake_rsa_dgstsgnvfy_update(void *ctx, const unsigned char *data, 420 size_t datalen) 421 { 422 unsigned char *sigctx = ctx; 423 424 /* we must have a ctx */ 425 if (!TEST_ptr(sigctx)) 426 return 0; 427 428 if (*sigctx == 0 || (*sigctx & FAKE_DGSTSGN_FINALISED) != 0) 429 return 0; 430 431 *sigctx |= FAKE_DGSTSGN_UPDATED; 432 return 1; 433 } 434 435 static int fake_rsa_dgstsgnvfy_final(void *ctx, unsigned char *sig, 436 size_t *siglen, size_t sigsize) 437 { 438 unsigned char *sigctx = ctx; 439 440 /* we must have a ctx */ 441 if (!TEST_ptr(sigctx)) 442 return 0; 443 444 if (*sigctx == 0 || (*sigctx & FAKE_DGSTSGN_FINALISED) != 0) 445 return 0; 446 447 if ((*sigctx & FAKE_DGSTSGN_SIGN) != 0 && (siglen == NULL)) 448 return 0; 449 450 if ((*sigctx & FAKE_DGSTSGN_VERIFY) != 0 && (siglen != NULL)) 451 return 0; 452 453 /* this is sign op */ 454 if (siglen) { 455 *siglen = 256; 456 /* record that the real sign operation was called */ 457 if (sig != NULL) { 458 if (!TEST_int_ge(sigsize, *siglen)) 459 return 0; 460 /* produce a fake signature */ 461 memset(sig, 'a', *siglen); 462 } 463 } 464 465 /* simulate inability to duplicate context and finalise it */ 466 if ((*sigctx & FAKE_DGSTSGN_NO_DUP) != 0) { 467 *sigctx |= FAKE_DGSTSGN_FINALISED; 468 } 469 return 1; 470 } 471 472 static int fake_rsa_dgstvfy_final(void *ctx, unsigned char *sig, 473 size_t siglen) 474 { 475 return fake_rsa_dgstsgnvfy_final(ctx, sig, NULL, siglen); 476 } 477 478 static int fake_rsa_dgstsgn(void *ctx, unsigned char *sig, size_t *siglen, 479 size_t sigsize, const unsigned char *tbs, 480 size_t tbslen) 481 { 482 if (!fake_rsa_dgstsgnvfy_update(ctx, tbs, tbslen)) 483 return 0; 484 485 return fake_rsa_dgstsgnvfy_final(ctx, sig, siglen, sigsize); 486 } 487 488 static int fake_rsa_dgstvfy(void *ctx, unsigned char *sig, size_t siglen, 489 const unsigned char *tbv, size_t tbvlen) 490 { 491 if (!fake_rsa_dgstsgnvfy_update(ctx, tbv, tbvlen)) 492 return 0; 493 494 return fake_rsa_dgstvfy_final(ctx, sig, siglen); 495 } 496 497 static const OSSL_DISPATCH fake_rsa_sig_funcs[] = { 498 { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))fake_rsa_sig_newctx }, 499 { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))fake_rsa_sig_freectx }, 500 { OSSL_FUNC_SIGNATURE_SIGN_INIT, (void (*)(void))fake_rsa_sig_sign_init }, 501 { OSSL_FUNC_SIGNATURE_SIGN, (void (*)(void))fake_rsa_sig_sign }, 502 { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))fake_rsa_sig_dupctx }, 503 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT, 504 (void (*)(void))fake_rsa_dgstsgn_init }, 505 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE, 506 (void (*)(void))fake_rsa_dgstsgnvfy_update }, 507 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL, 508 (void (*)(void))fake_rsa_dgstsgnvfy_final }, 509 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN, 510 (void (*)(void))fake_rsa_dgstsgn }, 511 { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT, 512 (void (*)(void))fake_rsa_dgstvfy_init }, 513 { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE, 514 (void (*)(void))fake_rsa_dgstsgnvfy_update }, 515 { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_FINAL, 516 (void (*)(void))fake_rsa_dgstvfy_final }, 517 { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY, 518 (void (*)(void))fake_rsa_dgstvfy }, 519 OSSL_DISPATCH_END 520 }; 521 522 static const OSSL_ALGORITHM fake_rsa_sig_algs[] = { 523 { "RSA:rsaEncryption", "provider=fake-rsa", fake_rsa_sig_funcs, "Fake RSA Signature" }, 524 { NULL, NULL, NULL, NULL } 525 }; 526 527 static OSSL_FUNC_store_open_fn fake_rsa_st_open; 528 static OSSL_FUNC_store_open_ex_fn fake_rsa_st_open_ex; 529 static OSSL_FUNC_store_settable_ctx_params_fn fake_rsa_st_settable_ctx_params; 530 static OSSL_FUNC_store_set_ctx_params_fn fake_rsa_st_set_ctx_params; 531 static OSSL_FUNC_store_load_fn fake_rsa_st_load; 532 static OSSL_FUNC_store_eof_fn fake_rsa_st_eof; 533 static OSSL_FUNC_store_close_fn fake_rsa_st_close; 534 static OSSL_FUNC_store_delete_fn fake_rsa_st_delete; 535 536 static const char fake_rsa_scheme[] = "fake_rsa:"; 537 static const char fake_rsa_openpwtest[] = "fake_rsa:openpwtest"; 538 static const char fake_rsa_prompt[] = "Fake Prompt Info"; 539 540 static void *fake_rsa_st_open_ex(void *provctx, const char *uri, 541 const OSSL_PARAM params[], 542 OSSL_PASSPHRASE_CALLBACK *pw_cb, 543 void *pw_cbarg) 544 { 545 unsigned char *storectx = NULL; 546 547 /* First check whether the uri is ours */ 548 if (strncmp(uri, fake_rsa_scheme, sizeof(fake_rsa_scheme) - 1) != 0) 549 return NULL; 550 551 if (strncmp(uri, fake_rsa_openpwtest, 552 sizeof(fake_rsa_openpwtest) - 1) == 0) { 553 const char *pw_check = FAKE_PASSPHRASE; 554 char fakepw[sizeof(FAKE_PASSPHRASE) + 1] = { 0 }; 555 size_t fakepw_len = 0; 556 OSSL_PARAM pw_params[2] = { 557 OSSL_PARAM_utf8_string(OSSL_PASSPHRASE_PARAM_INFO, 558 (void *)fake_rsa_prompt, 559 sizeof(fake_rsa_prompt) - 1), 560 OSSL_PARAM_END, 561 }; 562 563 if (pw_cb == NULL) { 564 return NULL; 565 } 566 567 if (!pw_cb(fakepw, sizeof(fakepw), &fakepw_len, pw_params, pw_cbarg)) { 568 TEST_info("fake_rsa_open_ex failed passphrase callback"); 569 return NULL; 570 } 571 if (strncmp(pw_check, fakepw, sizeof(pw_check) - 1) != 0) { 572 TEST_info("fake_rsa_open_ex failed passphrase check"); 573 return NULL; 574 } 575 } 576 577 storectx = OPENSSL_zalloc(1); 578 if (!TEST_ptr(storectx)) 579 return NULL; 580 581 TEST_info("fake_rsa_open_ex called"); 582 583 return storectx; 584 } 585 586 static void *fake_rsa_st_open(void *provctx, const char *uri) 587 { 588 unsigned char *storectx = NULL; 589 590 storectx = fake_rsa_st_open_ex(provctx, uri, NULL, NULL, NULL); 591 592 TEST_info("fake_rsa_open called"); 593 594 return storectx; 595 } 596 597 static const OSSL_PARAM *fake_rsa_st_settable_ctx_params(void *provctx) 598 { 599 static const OSSL_PARAM known_settable_ctx_params[] = { 600 OSSL_PARAM_END 601 }; 602 return known_settable_ctx_params; 603 } 604 605 static int fake_rsa_st_set_ctx_params(void *loaderctx, 606 const OSSL_PARAM params[]) 607 { 608 return 1; 609 } 610 611 static int fake_rsa_st_load(void *loaderctx, 612 OSSL_CALLBACK *object_cb, void *object_cbarg, 613 OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) 614 { 615 unsigned char *storectx = loaderctx; 616 OSSL_PARAM params[4]; 617 int object_type = OSSL_OBJECT_PKEY; 618 struct fake_rsa_keydata *key = NULL; 619 int rv = 0; 620 621 switch (*storectx) { 622 case 0: 623 if (key_deleted == 1) { 624 *storectx = 1; 625 break; 626 } 627 628 /* Construct a new key using our keymgmt functions */ 629 if (!TEST_ptr(key = fake_rsa_keymgmt_new(NULL))) 630 break; 631 if (!TEST_int_gt(fake_rsa_keymgmt_import(key, 0, NULL), 0)) 632 break; 633 params[0] = 634 OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &object_type); 635 params[1] = 636 OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE, 637 "RSA", 0); 638 /* The address of the key becomes the octet string */ 639 params[2] = 640 OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_REFERENCE, 641 &key, sizeof(*key)); 642 params[3] = OSSL_PARAM_construct_end(); 643 rv = object_cb(params, object_cbarg); 644 *storectx = 1; 645 break; 646 647 case 2: 648 TEST_info("fake_rsa_load() called in error state"); 649 break; 650 651 default: 652 TEST_info("fake_rsa_load() called in eof state"); 653 break; 654 } 655 656 TEST_info("fake_rsa_load called - rv: %d", rv); 657 658 if (rv == 0 && key_deleted == 0) { 659 fake_rsa_keymgmt_free(key); 660 *storectx = 2; 661 } 662 return rv; 663 } 664 665 static int fake_rsa_st_delete(void *loaderctx, const char *uri, 666 const OSSL_PARAM params[], 667 OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) 668 { 669 key_deleted = 1; 670 return 1; 671 } 672 673 static int fake_rsa_st_eof(void *loaderctx) 674 { 675 unsigned char *storectx = loaderctx; 676 677 /* just one key for now in the fake_rsa store */ 678 return *storectx != 0; 679 } 680 681 static int fake_rsa_st_close(void *loaderctx) 682 { 683 OPENSSL_free(loaderctx); 684 return 1; 685 } 686 687 static const OSSL_DISPATCH fake_rsa_store_funcs[] = { 688 { OSSL_FUNC_STORE_OPEN, (void (*)(void))fake_rsa_st_open }, 689 { OSSL_FUNC_STORE_OPEN_EX, (void (*)(void))fake_rsa_st_open_ex }, 690 { OSSL_FUNC_STORE_SETTABLE_CTX_PARAMS, 691 (void (*)(void))fake_rsa_st_settable_ctx_params }, 692 { OSSL_FUNC_STORE_SET_CTX_PARAMS, (void (*)(void))fake_rsa_st_set_ctx_params }, 693 { OSSL_FUNC_STORE_LOAD, (void (*)(void))fake_rsa_st_load }, 694 { OSSL_FUNC_STORE_EOF, (void (*)(void))fake_rsa_st_eof }, 695 { OSSL_FUNC_STORE_CLOSE, (void (*)(void))fake_rsa_st_close }, 696 { OSSL_FUNC_STORE_DELETE, (void (*)(void))fake_rsa_st_delete }, 697 OSSL_DISPATCH_END, 698 }; 699 700 static const OSSL_ALGORITHM fake_rsa_store_algs[] = { 701 { "fake_rsa", "provider=fake-rsa", fake_rsa_store_funcs }, 702 { NULL, NULL, NULL } 703 }; 704 705 static const OSSL_ALGORITHM *fake_rsa_query(void *provctx, 706 int operation_id, 707 int *no_cache) 708 { 709 *no_cache = 0; 710 switch (operation_id) { 711 case OSSL_OP_SIGNATURE: 712 return fake_rsa_sig_algs; 713 714 case OSSL_OP_KEYMGMT: 715 return fake_rsa_keymgmt_algs; 716 717 case OSSL_OP_STORE: 718 return fake_rsa_store_algs; 719 } 720 return NULL; 721 } 722 723 /* Functions we provide to the core */ 724 static const OSSL_DISPATCH fake_rsa_method[] = { 725 { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))OSSL_LIB_CTX_free }, 726 { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fake_rsa_query }, 727 OSSL_DISPATCH_END 728 }; 729 730 static int fake_rsa_provider_init(const OSSL_CORE_HANDLE *handle, 731 const OSSL_DISPATCH *in, 732 const OSSL_DISPATCH **out, void **provctx) 733 { 734 if (!TEST_ptr(*provctx = OSSL_LIB_CTX_new())) 735 return 0; 736 *out = fake_rsa_method; 737 return 1; 738 } 739 740 OSSL_PROVIDER *fake_rsa_start(OSSL_LIB_CTX *libctx) 741 { 742 OSSL_PROVIDER *p; 743 744 if (!TEST_true(OSSL_PROVIDER_add_builtin(libctx, "fake-rsa", 745 fake_rsa_provider_init)) 746 || !TEST_ptr(p = OSSL_PROVIDER_try_load(libctx, "fake-rsa", 1))) 747 return NULL; 748 749 return p; 750 } 751 752 void fake_rsa_finish(OSSL_PROVIDER *p) 753 { 754 OSSL_PROVIDER_unload(p); 755 } 756