The branch master has been updated via 231efb936548320e81c3259b41c26bb71e83720a (commit) via d95466931ddf6f26f840ae3e42594924d25f395e (commit) from 66c103bdaba21749555c8073a3f20b7741fa5869 (commit)
- Log ----------------------------------------------------------------- commit 231efb936548320e81c3259b41c26bb71e83720a Author: Dr. Stephen Henson <st...@openssl.org> Date: Thu Sep 3 16:25:03 2015 +0100 make update Reviewed-by: Matt Caswell <m...@openssl.org> commit d95466931ddf6f26f840ae3e42594924d25f395e Author: Dr. Stephen Henson <st...@openssl.org> Date: Thu Sep 3 15:46:43 2015 +0100 PBE lookup test Add test to check PBE lookups: these can fail if the PBE table is not correctly orders. Add to "make test". Reviewed-by: Matt Caswell <m...@openssl.org> ----------------------------------------------------------------------- Summary of changes: crypto/evp/evp_pbe.c | 40 ++++++++----------- include/openssl/evp.h | 1 + test/Makefile | 23 +++++++++-- crypto/rsa/rsa_prn.c => test/pbelutest.c | 66 ++++++++++++++++---------------- util/libeay.num | 1 + 5 files changed, 69 insertions(+), 62 deletions(-) copy crypto/rsa/rsa_prn.c => test/pbelutest.c (72%) diff --git a/crypto/evp/evp_pbe.c b/crypto/evp/evp_pbe.c index 13d9658..b9330f5 100644 --- a/crypto/evp/evp_pbe.c +++ b/crypto/evp/evp_pbe.c @@ -122,31 +122,6 @@ static const EVP_PBE_CTL builtin_pbe[] = { {EVP_PBE_TYPE_KDF, NID_id_scrypt, -1, -1, PKCS5_v2_scrypt_keyivgen} }; -#ifdef TEST -int main(int argc, char **argv) -{ - int i, nid_md, nid_cipher; - EVP_PBE_CTL *tpbe, *tpbe2; - /* - * OpenSSL_add_all_algorithms(); - */ - - for (i = 0; i < OSSL_NELEM(builtin_pbe); i++) { - tpbe = builtin_pbe + i; - fprintf(stderr, "%d %d %s ", tpbe->pbe_type, tpbe->pbe_nid, - OBJ_nid2sn(tpbe->pbe_nid)); - if (EVP_PBE_find(tpbe->pbe_type, tpbe->pbe_nid, - &nid_cipher, &nid_md, 0)) - fprintf(stderr, "Found %s %s\n", - OBJ_nid2sn(nid_cipher), OBJ_nid2sn(nid_md)); - else - fprintf(stderr, "Find ERROR!!\n"); - } - - return 0; -} -#endif - int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen, ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de) { @@ -302,3 +277,18 @@ void EVP_PBE_cleanup(void) sk_EVP_PBE_CTL_pop_free(pbe_algs, free_evp_pbe_ctl); pbe_algs = NULL; } + +int EVP_PBE_get(int *ptype, int *ppbe_nid, size_t num) +{ + const EVP_PBE_CTL *tpbe; + + if (num >= OSSL_NELEM(builtin_pbe)) + return 0; + + tpbe = builtin_pbe + num; + if (ptype) + *ptype = tpbe->pbe_type; + if (ppbe_nid) + *ppbe_nid = tpbe->pbe_nid; + return 1; +} diff --git a/include/openssl/evp.h b/include/openssl/evp.h index ddefbf6..d5333e2 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -1105,6 +1105,7 @@ int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md, int EVP_PBE_find(int type, int pbe_nid, int *pcnid, int *pmnid, EVP_PBE_KEYGEN **pkeygen); void EVP_PBE_cleanup(void); +int EVP_PBE_get(int *ptype, int *ppbe_nid, size_t num); # define ASN1_PKEY_ALIAS 0x1 # define ASN1_PKEY_DYNAMIC 0x2 diff --git a/test/Makefile b/test/Makefile index 4c41f51..8692347 100644 --- a/test/Makefile +++ b/test/Makefile @@ -35,6 +35,7 @@ ECDSATEST= ecdsatest ECDHTEST= ecdhtest EXPTEST= exptest GMDIFFTEST= gmdifftest +PBELUTEST= pbelutest IDEATEST= ideatest SHA1TEST= sha1test SHA256TEST= sha256t @@ -79,7 +80,7 @@ SSLSKEWITH0PTEST= sslskewith0ptest.pl TESTS= alltests -EXE= $(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT) $(ECDSATEST)$(EXE_EXT) $(ECDHTEST)$(EXE_EXT) $(GMDIFFTEST)$(EXE_EXT) $(IDEATEST)$(EXE_EXT) \ +EXE= $(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT) $(ECDSATEST)$(EXE_EXT) $(ECDHTEST)$(EXE_EXT) $(GMDIFFTEST)$(EXE_EXT) $(PBELUTEST)$(EXE_EXT) $(IDEATEST)$(EXE_EXT) \ $(MD2TEST)$(EXE_EXT) $(MD4TEST)$(EXE_EXT) $(MD5TEST)$(EXE_EXT) $(HMACTEST)$(EXE_EXT) $(WPTEST)$(EXE_EXT) \ $(RC2TEST)$(EXE_EXT) $(RC4TEST)$(EXE_EXT) $(RC5TEST)$(EXE_EXT) \ $(DESTEST)$(EXE_EXT) $(SHA1TEST)$(EXE_EXT) $(SHA256TEST)$(EXE_EXT) $(SHA512TEST)$(EXE_EXT) \ @@ -97,7 +98,7 @@ EXE= $(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT) $(ECDSATEST)$(EXE_EXT) $(ECDHTEST) # $(METHTEST)$(EXE_EXT) -OBJ= $(BNTEST).o $(ECTEST).o $(ECDSATEST).o $(ECDHTEST).o $(GMDIFFTEST).o $(IDEATEST).o \ +OBJ= $(BNTEST).o $(ECTEST).o $(ECDSATEST).o $(ECDHTEST).o $(GMDIFFTEST).o $(PBELUTEST).o $(IDEATEST).o \ $(MD2TEST).o $(MD4TEST).o $(MD5TEST).o \ $(HMACTEST).o $(WPTEST).o \ $(RC2TEST).o $(RC4TEST).o $(RC5TEST).o \ @@ -110,7 +111,7 @@ OBJ= $(BNTEST).o $(ECTEST).o $(ECDSATEST).o $(ECDHTEST).o $(GMDIFFTEST).o $(IDE $(CONSTTIMETEST).o $(VERIFYEXTRATEST).o $(CLIENTHELLOTEST).o \ $(PACKETTEST).o testutil.o -SRC= $(BNTEST).c $(ECTEST).c $(ECDSATEST).c $(ECDHTEST).c $(GMDIFFTEST).c $(IDEATEST).c \ +SRC= $(BNTEST).c $(ECTEST).c $(ECDSATEST).c $(ECDHTEST).c $(GMDIFFTEST).c $(PBELUTEST).c $(IDEATEST).c \ $(MD2TEST).c $(MD4TEST).c $(MD5TEST).c \ $(HMACTEST).c $(WPTEST).c \ $(RC2TEST).c $(RC4TEST).c $(RC5TEST).c \ @@ -152,7 +153,7 @@ apps: alltests: \ test_des test_gmdiff test_idea test_sha test_md4 test_md5 test_hmac \ - test_md2 test_mdc2 test_wp \ + test_pbelu test_md2 test_mdc2 test_wp \ test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast \ test_rand test_bn test_ec test_ecdsa test_ecdh \ test_enc test_x509 test_rsa test_crl test_sid \ @@ -184,6 +185,10 @@ test_gmdiff: $(GMDIFFTEST)$(EXE_EXT) @echo $(START) $@ ../util/shlib_wrap.sh ./$(GMDIFFTEST) +test_pbelu: $(PBELUTEST)$(EXE_EXT) + @echo $(START) $@ + ../util/shlib_wrap.sh ./$(PBELUTEST) + test_idea: $(IDEATEST)$(EXE_EXT) @echo $(START) $@ ../util/shlib_wrap.sh ./$(IDEATEST) @@ -504,6 +509,9 @@ $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO) $(GMDIFFTEST)$(EXE_EXT): $(GMDIFFTEST).o $(DLIBCRYPTO) @target=$(GMDIFFTEST); $(BUILD_CMD) +$(PBELUTEST)$(EXE_EXT): $(PBELUTEST).o $(DLIBCRYPTO) + @target=$(PBELUTEST); $(BUILD_CMD) + $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO) @target=$(MD2TEST); $(BUILD_CMD) @@ -902,6 +910,13 @@ packettest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h packettest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h packettest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h packettest.o: ../ssl/packet_locl.h packettest.c +pbelutest.o: ../include/openssl/asn1.h ../include/openssl/bio.h +pbelutest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +pbelutest.o: ../include/openssl/evp.h ../include/openssl/obj_mac.h +pbelutest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +pbelutest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +pbelutest.o: ../include/openssl/safestack.h ../include/openssl/stack.h +pbelutest.o: ../include/openssl/symhacks.h pbelutest.c randtest.o: ../e_os.h ../include/openssl/e_os2.h randtest.o: ../include/openssl/opensslconf.h ../include/openssl/ossl_typ.h randtest.o: ../include/openssl/rand.h randtest.c diff --git a/crypto/rsa/rsa_prn.c b/test/pbelutest.c similarity index 72% copy from crypto/rsa/rsa_prn.c copy to test/pbelutest.c index 3d8c800..dafae78 100644 --- a/crypto/rsa/rsa_prn.c +++ b/test/pbelutest.c @@ -1,10 +1,5 @@ -/* crypto/rsa/rsa_prn.c */ -/* - * Written by Dr Stephen N Henson (st...@openssl.org) for the OpenSSL project - * 2006. - */ /* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. + * Copyright (c) 2015 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -57,36 +52,41 @@ * */ -#include <stdio.h> -#include "internal/cryptlib.h" -#include <openssl/rsa.h> #include <openssl/evp.h> +#include <stdio.h> +#include <string.h> -#ifndef OPENSSL_NO_STDIO -int RSA_print_fp(FILE *fp, const RSA *x, int off) -{ - BIO *b; - int ret; - - if ((b = BIO_new(BIO_s_file())) == NULL) { - RSAerr(RSA_F_RSA_PRINT_FP, ERR_R_BUF_LIB); - return (0); - } - BIO_set_fp(b, fp, BIO_NOCLOSE); - ret = RSA_print(b, x, off); - BIO_free(b); - return (ret); -} -#endif +/* + * Password based encryption (PBE) table ordering test. + * Attempt to look up all supported algorithms. + */ -int RSA_print(BIO *bp, const RSA *x, int off) +int main(int argc, char **argv) { - EVP_PKEY *pk; - int ret; - pk = EVP_PKEY_new(); - if (!pk || !EVP_PKEY_set1_RSA(pk, (RSA *)x)) + size_t i; + int rv = 0; + int pbe_type, pbe_nid; + int last_type = -1, last_nid = -1; + for (i = 0; EVP_PBE_get(&pbe_type, &pbe_nid, i) != 0; i++) { + if (EVP_PBE_find(pbe_type, pbe_nid, NULL, NULL, 0) == 0) { + rv = 1; + break; + } + } + if (rv == 0) return 0; - ret = EVP_PKEY_print_private(bp, pk, off, NULL); - EVP_PKEY_free(pk); - return ret; + /* Error: print out whole table */ + for (i = 0; EVP_PBE_get(&pbe_type, &pbe_nid, i) != 0; i++) { + if (pbe_type > last_type) + rv = 0; + else if (pbe_type < last_type || pbe_nid < last_nid) + rv = 1; + else + rv = 0; + fprintf(stderr, "PBE type=%d %d (%s): %s\n", pbe_type, pbe_nid, + OBJ_nid2sn(pbe_nid), rv ? "ERROR" : "OK"); + last_type = pbe_type; + last_nid = pbe_nid; + } + return 1; } diff --git a/util/libeay.num b/util/libeay.num index 3563dba..bfdd162 100755 --- a/util/libeay.num +++ b/util/libeay.num @@ -4602,3 +4602,4 @@ X509_CRL_get0_signature 4960 EXIST::FUNCTION: X509_CRL_get_REVOKED 4961 EXIST::FUNCTION: X509_CRL_get_version 4962 EXIST::FUNCTION: X509_CRL_get_lastUpdate 4963 EXIST::FUNCTION: +EVP_PBE_get 4964 EXIST::FUNCTION: _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits