[openssl-commits] [openssl] master update

Dr. Stephen Henson steve at openssl.org
Fri Feb 27 14:52:45 UTC 2015


The branch master has been updated
       via  366448ec5e28df12d75e9e7f8908078573ef2585 (commit)
       via  2207ba7b449583631e939ee3f603287dd6d61307 (commit)
       via  578ce42d354b1b0411e9069883c23c7770a567be (commit)
       via  7406e3239663850d25005b3aee912a3cf8aa330e (commit)
       via  33a89fa66c9c30113f3129244392dc94ada72d57 (commit)
       via  35313768c77191a61bd6e34393d89e7b7cd78465 (commit)
      from  7a6c97924293757c572be01fb2ba3b181c7a4e9f (commit)


- Log -----------------------------------------------------------------
commit 366448ec5e28df12d75e9e7f8908078573ef2585
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Fri Feb 27 02:50:41 2015 +0000

    reformat evp_test.c
    
    Reviewed-by: Matt Caswell <matt at openssl.org>

commit 2207ba7b449583631e939ee3f603287dd6d61307
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Fri Feb 27 00:49:47 2015 +0000

    Add OCB support and test vectors for evp_test.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>

commit 578ce42d354b1b0411e9069883c23c7770a567be
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Thu Feb 26 19:58:20 2015 +0000

    Skip unsupported digests in evp_test
    
    Reviewed-by: Matt Caswell <matt at openssl.org>

commit 7406e3239663850d25005b3aee912a3cf8aa330e
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Thu Feb 26 19:46:03 2015 +0000

    add MD4 test data
    
    Reviewed-by: Matt Caswell <matt at openssl.org>

commit 33a89fa66c9c30113f3129244392dc94ada72d57
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Thu Feb 26 19:26:53 2015 +0000

    Skip unsupported ciphers in evp_test.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>

commit 35313768c77191a61bd6e34393d89e7b7cd78465
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Thu Feb 26 19:23:38 2015 +0000

    Make OpenSSL compile with no-rc4
    
    Reviewed-by: Matt Caswell <matt at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 apps/dsa.c              |    4 ++
 apps/rsa.c              |    5 +-
 crypto/evp/evp_test.c   |   65 ++++++++++--------
 crypto/evp/evptests.txt |  167 +++++++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 214 insertions(+), 27 deletions(-)

diff --git a/apps/dsa.c b/apps/dsa.c
index dedf8e1..7ff6ee9 100644
--- a/apps/dsa.c
+++ b/apps/dsa.c
@@ -113,7 +113,9 @@ int MAIN(int argc, char **argv)
     char *passin = NULL, *passout = NULL;
     int modulus = 0;
 
+#ifndef OPENSSL_NO_RC4
     int pvk_encr = 2;
+#endif
 
     apps_startup();
 
@@ -168,12 +170,14 @@ int MAIN(int argc, char **argv)
             engine = *(++argv);
         }
 # endif
+#ifndef OPENSSL_NO_RC4
         else if (strcmp(*argv, "-pvk-strong") == 0)
             pvk_encr = 2;
         else if (strcmp(*argv, "-pvk-weak") == 0)
             pvk_encr = 1;
         else if (strcmp(*argv, "-pvk-none") == 0)
             pvk_encr = 0;
+#endif
         else if (strcmp(*argv, "-noout") == 0)
             noout = 1;
         else if (strcmp(*argv, "-text") == 0)
diff --git a/apps/rsa.c b/apps/rsa.c
index e13c14f..419e504 100644
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -115,8 +115,9 @@ int MAIN(int argc, char **argv)
     char *engine = NULL;
 # endif
     int modulus = 0;
-
+#ifndef OPENSSL_NO_RC4
     int pvk_encr = 2;
+#endif
 
     apps_startup();
 
@@ -178,12 +179,14 @@ int MAIN(int argc, char **argv)
             pubin = 2;
         else if (strcmp(*argv, "-RSAPublicKey_out") == 0)
             pubout = 2;
+#ifndef OPENSSL_NO_RC4
         else if (strcmp(*argv, "-pvk-strong") == 0)
             pvk_encr = 2;
         else if (strcmp(*argv, "-pvk-weak") == 0)
             pvk_encr = 1;
         else if (strcmp(*argv, "-pvk-none") == 0)
             pvk_encr = 0;
+#endif
         else if (strcmp(*argv, "-noout") == 0)
             noout = 1;
         else if (strcmp(*argv, "-text") == 0)
diff --git a/crypto/evp/evp_test.c b/crypto/evp/evp_test.c
index 7d15332..cc7036a 100644
--- a/crypto/evp/evp_test.c
+++ b/crypto/evp/evp_test.c
@@ -290,6 +290,7 @@ static int setup_test(struct evp_test *t, const struct evp_test_method *tmeth)
     if (t->meth) {
         t->ntests++;
         if (t->skip) {
+            t->meth = tmeth;
             t->nskip++;
             return 1;
         }
@@ -332,12 +333,12 @@ static int find_key(EVP_PKEY **ppk, const char *name, struct key_list *lst)
 static void free_key_list(struct key_list *lst)
 {
     while (lst != NULL) {
-	struct key_list *ltmp;
+        struct key_list *ltmp;
         EVP_PKEY_free(lst->key);
         OPENSSL_free(lst->name);
-	ltmp = lst->next;
-	OPENSSL_free(lst);
-	lst = ltmp;
+        ltmp = lst->next;
+        OPENSSL_free(lst);
+        lst = ltmp;
     }
 }
 
@@ -345,7 +346,7 @@ static int check_unsupported()
 {
     long err = ERR_peek_error();
     if (ERR_GET_LIB(err) == ERR_LIB_EVP
-         && ERR_GET_REASON(err) == EVP_R_UNSUPPORTED_ALGORITHM) {
+        && ERR_GET_REASON(err) == EVP_R_UNSUPPORTED_ALGORITHM) {
         ERR_clear_error();
         return 1;
     }
@@ -482,7 +483,7 @@ int main(int argc, char **argv)
     ERR_load_crypto_strings();
     OpenSSL_add_all_algorithms();
 
-    memset(&t,0,sizeof(t));
+    memset(&t, 0, sizeof(t));
     t.meth = NULL;
     t.public = NULL;
     t.private = NULL;
@@ -543,8 +544,14 @@ static int digest_test_init(struct evp_test *t, const char *alg)
     const EVP_MD *digest;
     struct digest_data *mdat = t->data;
     digest = EVP_get_digestbyname(alg);
-    if (!digest)
+    if (!digest) {
+        /* If alg has an OID assume disabled algorithm */
+        if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) {
+            t->skip = 1;
+            return 1;
+        }
         return 0;
+    }
     mdat = OPENSSL_malloc(sizeof(struct digest_data));
     mdat->digest = digest;
     mdat->input = NULL;
@@ -616,7 +623,7 @@ static const struct evp_test_method digest_test_method = {
 struct cipher_data {
     const EVP_CIPHER *cipher;
     int enc;
-    /* Set to EVP_CIPH_GCM_MODE or EVP_CIPH_CCM_MODE if AEAD */
+    /* EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE or EVP_CIPH_OCB_MODE if AEAD */
     int aead;
     unsigned char *key;
     size_t key_len;
@@ -638,8 +645,14 @@ static int cipher_test_init(struct evp_test *t, const char *alg)
     const EVP_CIPHER *cipher;
     struct cipher_data *cdat = t->data;
     cipher = EVP_get_cipherbyname(alg);
-    if (!cipher)
+    if (!cipher) {
+        /* If alg has an OID assume disabled algorithm */
+        if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) {
+            t->skip = 1;
+            return 1;
+        }
         return 0;
+    }
     cdat = OPENSSL_malloc(sizeof(struct cipher_data));
     cdat->cipher = cipher;
     cdat->enc = -1;
@@ -651,6 +664,7 @@ static int cipher_test_init(struct evp_test *t, const char *alg)
     cdat->tag = NULL;
     t->data = cdat;
     if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE
+        || EVP_CIPHER_mode(cipher) == EVP_CIPH_OCB_MODE
         || EVP_CIPHER_mode(cipher) == EVP_CIPH_CCM_MODE)
         cdat->aead = EVP_CIPHER_mode(cipher);
     else
@@ -733,12 +747,8 @@ static int cipher_test_enc(struct evp_test *t, int enc)
         goto err;
     err = "INVALID_IV_LENGTH";
     if (cdat->iv) {
-        if (cdat->aead == EVP_CIPH_GCM_MODE) {
-            if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN,
-                                     cdat->iv_len, 0))
-                goto err;
-        } else if (cdat->aead == EVP_CIPH_CCM_MODE) {
-            if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN,
+        if (cdat->aead) {
+            if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
                                      cdat->iv_len, 0))
                 goto err;
         } else if (cdat->iv_len != (size_t)EVP_CIPHER_CTX_iv_length(ctx))
@@ -747,22 +757,18 @@ static int cipher_test_enc(struct evp_test *t, int enc)
     if (cdat->aead) {
         unsigned char *tag;
         /*
-         * If encrypting just set tag length. If decrypting set
-         * tag length and value.
+         * If encrypting or OCB just set tag length initially, otherwise
+         * set tag length and value.
          */
-        if (enc) {
+        if (enc || cdat->aead == EVP_CIPH_OCB_MODE) {
             err = "TAG_LENGTH_SET_ERROR";
             tag = NULL;
         } else {
             err = "TAG_SET_ERROR";
             tag = cdat->tag;
         }
-        if (cdat->aead == EVP_CIPH_GCM_MODE && tag) {
-            if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG,
-                                     cdat->tag_len, tag))
-                goto err;
-        } else if (cdat->aead == EVP_CIPH_CCM_MODE) {
-            if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG,
+        if (tag || cdat->aead != EVP_CIPH_GCM_MODE) {
+            if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
                                      cdat->tag_len, tag))
                 goto err;
         }
@@ -775,6 +781,14 @@ static int cipher_test_enc(struct evp_test *t, int enc)
     if (!EVP_CipherInit_ex(ctx, NULL, NULL, cdat->key, cdat->iv, -1))
         goto err;
 
+    if (!enc && cdat->aead == EVP_CIPH_OCB_MODE) {
+        if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
+                                 cdat->tag_len, cdat->tag)) {
+            err = "TAG_SET_ERROR";
+            goto err;
+        }
+    }
+
     if (cdat->aead == EVP_CIPH_CCM_MODE) {
         if (!EVP_CipherUpdate(ctx, NULL, &tmplen, NULL, out_len)) {
             err = "CCM_PLAINTEXT_LENGTH_SET_ERROR";
@@ -810,8 +824,7 @@ static int cipher_test_enc(struct evp_test *t, int enc)
             err = "TAG_LENGTH_INTERNAL_ERROR";
             goto err;
         }
-        /* EVP_CTRL_CCM_GET_TAG and EVP_CTRL_GCM_GET_TAG are equal. */
-        if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG,
+        if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
                                  cdat->tag_len, rtag)) {
             err = "TAG_RETRIEVE_ERROR";
             goto err;
diff --git a/crypto/evp/evptests.txt b/crypto/evp/evptests.txt
index 58d9159..91fb7dc 100644
--- a/crypto/evp/evptests.txt
+++ b/crypto/evp/evptests.txt
@@ -37,6 +37,28 @@ Digest = MD5
 Input = 3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930
 Output = 57edf4a22be3c955ac49da2e2107b67a
 
+# MD4 tests from md4test.c
+Digest = MD4
+Input = ""
+Output = 31d6cfe0d16ae931b73c59d7e0c089c0
+Digest = MD4
+Input = "a"
+Output = bde52cb31de33e46245e05fbdbd6fb24
+Digest = MD4
+Input = "abc"
+Output = a448017aaf21d8525fc10ae87aa6729d
+Digest = MD4
+Input = "message digest"
+Output = d9130a8164549fe818874806e1c7014b
+Digest = MD4
+Input = "abcdefghijklmnopqrstuvwxyz"
+Output = d79e1c308aa5bbcdeea8ed63df412da9
+Digest = MD4
+Input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
+Output = 043f8582f241db351ce627e153e7f0e4
+Digest = MD4
+Input = "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
+Output = e33b4ddc9c38f2199c3e7b164fcc0536
 
 # AES 128 ECB tests (from FIPS-197 test vectors, encrypt)
 
@@ -1630,6 +1652,151 @@ Tag = 3b629ccfbc1119b7319e1dce2cd6fd6d
 Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f
 Ciphertext = 6268c6fa2a80b2d137467f092f657ac04d89be2beaa623d61b5a868c8f03ff95d3dcee23ad2f1ab3a6c80eaf4b140eb05de3457f0fbc111a6b43d0763aa422a3013cf1dc37fe417d1fbfc449b75d4cc5
 
+#AES OCB Test vectors
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD =
+Tag = 197B9C3C441D3C83EAFB2BEF633B9182
+Plaintext =
+Ciphertext =
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 0001020304050607
+Tag = 16DC76A46D47E1EAD537209E8A96D14E
+Plaintext = 0001020304050607
+Ciphertext = 92B657130A74B85A
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 0001020304050607
+Tag = 98B91552C8C009185044E30A6EB2FE21
+Plaintext =
+Ciphertext =
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD =
+Tag = 971EFFCAE19AD4716F88E87B871FBEED
+Plaintext = 0001020304050607
+Ciphertext = 92B657130A74B85A
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F
+Tag = 776C9924D6723A1FC4524532AC3E5BEB
+Plaintext = 000102030405060708090A0B0C0D0E0F
+Ciphertext = BEA5E8798DBE7110031C144DA0B26122
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F
+Tag = 7DDB8E6CEA6814866212509619B19CC6
+Plaintext =
+Ciphertext =
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD =
+Tag = 13CC8B747807121A4CBB3E4BD6B456AF
+Plaintext = 000102030405060708090A0B0C0D0E0F
+Ciphertext = BEA5E8798DBE7110031C144DA0B26122
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F1011121314151617
+Tag = 5FA94FC3F38820F1DC3F3D1FD4E55E1C
+Plaintext = 000102030405060708090A0B0C0D0E0F1011121314151617
+Ciphertext = BEA5E8798DBE7110031C144DA0B26122FCFCEE7A2A8D4D48
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F1011121314151617
+Tag = 282026DA3068BC9FA118681D559F10F6
+Plaintext =
+Ciphertext =
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD =
+Tag = 6EF2F52587FDA0ED97DC7EEDE241DF68
+Plaintext = 000102030405060708090A0B0C0D0E0F1011121314151617
+Ciphertext = BEA5E8798DBE7110031C144DA0B26122FCFCEE7A2A8D4D48
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Tag = B2A040DD3BD5164372D76D7BB6824240
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Tag = E1E072633BADE51A60E85951D9C42A1B
+Plaintext =
+Ciphertext =
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD =
+Tag = 4A3BAE824465CFDAF8C41FC50C7DF9D9
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Tag = 659C623211DEEA0DE30D2C381879F4C8
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB68C65778B058A635
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Tag = 7AEB7A69A1687DD082CA27B0D9A37096
+Plaintext =
+Ciphertext =
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD =
+Tag = 060C8467F4ABAB5E8B3C2067A2E115DC
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB68C65778B058A635
+
+#AES OCB Non standard test vectors - generated from reference implementation
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B
+AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Tag = 1b6c44f34e3abb3cbf8976e7
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Ciphertext = 09a4fd29de949d9a9aa9924248422097ad4883b4713e6c214ff6567ada08a96766fc4e2ee3e3a5a1
+
+Cipher = aes-128-ocb
+Key = 000102030405060708090A0B0C0D0E0F
+IV = 000102030405060708090A0B0C0D0E
+AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Tag = 1ad62009901f40cba7cd7156f94a7324
+Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627
+Ciphertext = 5e2fa7367ffbdb3938845cfd415fcc71ec79634eb31451609d27505f5e2978f43c44213d8fa441ee
 
 # AES XTS test vectors from IEEE Std 1619-2007
 Cipher = aes-128-xts


More information about the openssl-commits mailing list