[openssl-commits] [openssl] master update
Andy Polyakov
appro at openssl.org
Sun Aug 21 21:34:44 UTC 2016
The branch master has been updated
via e6ed2b9108830b23cda5632a4940b7f718f58676 (commit)
via c1a7dcbe16c6bff38390db1964b76c16b6802c7d (commit)
from 2e929e538caee6be857ae78ed4e03404857a074a (commit)
- Log -----------------------------------------------------------------
commit e6ed2b9108830b23cda5632a4940b7f718f58676
Author: Andy Polyakov <appro at openssl.org>
Date: Sun Aug 21 23:31:21 2016 +0200
Add test/bio_enc_test.c.
RT#4628
Reviewed-by: Rich Salz <rsalz at openssl.org>
commit c1a7dcbe16c6bff38390db1964b76c16b6802c7d
Author: Andy Polyakov <appro at openssl.org>
Date: Sun Aug 21 23:30:37 2016 +0200
evp/bio_enc.c: refine non-overlapping logic.
RT#4628
Reviewed-by: Rich Salz <rsalz at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/bio_enc.c | 69 ++++++----
test/bio_enc_test.c | 140 +++++++++++++++++++++
test/build.info | 6 +-
.../{01-test_sanity.t => 90-test_bio_enc.t} | 2 +-
4 files changed, 188 insertions(+), 29 deletions(-)
create mode 100644 test/bio_enc_test.c
copy test/recipes/{01-test_sanity.t => 90-test_bio_enc.t} (86%)
diff --git a/crypto/evp/bio_enc.c b/crypto/evp/bio_enc.c
index 47d0384..e3aaadb 100644
--- a/crypto/evp/bio_enc.c
+++ b/crypto/evp/bio_enc.c
@@ -27,7 +27,8 @@ static int enc_new(BIO *h);
static int enc_free(BIO *data);
static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps);
#define ENC_BLOCK_SIZE (1024*4)
-#define BUF_OFFSET (EVP_MAX_BLOCK_LENGTH*2)
+#define ENC_MIN_CHUNK (256)
+#define BUF_OFFSET (ENC_MIN_CHUNK + EVP_MAX_BLOCK_LENGTH)
typedef struct enc_struct {
int buf_len;
@@ -36,11 +37,12 @@ typedef struct enc_struct {
int finished;
int ok; /* bad decrypt */
EVP_CIPHER_CTX *cipher;
+ unsigned char *read_start, *read_end;
/*
* buf is larger than ENC_BLOCK_SIZE because EVP_DecryptUpdate can return
* up to a block more data than is presented to it
*/
- unsigned char buf[ENC_BLOCK_SIZE + BUF_OFFSET + 2];
+ unsigned char buf[BUF_OFFSET + ENC_BLOCK_SIZE];
} BIO_ENC_CTX;
static const BIO_METHOD methods_enc = {
@@ -75,6 +77,7 @@ static int enc_new(BIO *bi)
}
ctx->cont = 1;
ctx->ok = 1;
+ ctx->read_end = ctx->read_start = &(ctx->buf[BUF_OFFSET]);
BIO_set_data(bi, ctx);
BIO_set_init(bi, 1);
@@ -102,7 +105,7 @@ static int enc_free(BIO *a)
static int enc_read(BIO *b, char *out, int outl)
{
- int ret = 0, i;
+ int ret = 0, i, blocksize;
BIO_ENC_CTX *ctx;
BIO *next;
@@ -130,27 +133,24 @@ static int enc_read(BIO *b, char *out, int outl)
}
}
+ blocksize = EVP_CIPHER_CTX_block_size(ctx->cipher);
+ if (blocksize == 1)
+ blocksize = 0;
+
/*
* At this point, we have room of outl bytes and an empty buffer, so we
* should read in some more.
*/
while (outl > 0) {
- int buf_len;
-
if (ctx->cont <= 0)
break;
- buf_len = outl + EVP_MAX_BLOCK_LENGTH - 1;
- buf_len -= buf_len % EVP_MAX_BLOCK_LENGTH;
- if (buf_len > ENC_BLOCK_SIZE) {
- buf_len = ENC_BLOCK_SIZE;
+ if (ctx->read_start == ctx->read_end) { /* time to read more data */
+ ctx->read_end = ctx->read_start = &(ctx->buf[BUF_OFFSET]);
+ ctx->read_end += BIO_read(next, ctx->read_start, ENC_BLOCK_SIZE);
}
-
- /*
- * read in at IV offset, read the EVP_Cipher documentation about why
- */
- i = BIO_read(next, &(ctx->buf[BUF_OFFSET]), buf_len);
+ i = ctx->read_end - ctx->read_start;
if (i <= 0) {
/* Should be continue next time we are called? */
@@ -164,26 +164,41 @@ static int enc_read(BIO *b, char *out, int outl)
ret = (ret == 0) ? i : ret;
break;
}
- } else if (outl >= EVP_MAX_BLOCK_LENGTH) {
- if (!EVP_CipherUpdate(ctx->cipher,
- (unsigned char *)out, &buf_len,
- &(ctx->buf[BUF_OFFSET]), i)) {
- BIO_clear_retry_flags(b);
- return 0;
- }
- ret += buf_len;
- outl -= buf_len;
- out += buf_len;
-
- continue;
} else {
+ if (outl > ENC_MIN_CHUNK) {
+ /*
+ * Depending on flags block cipher decrypt can write
+ * one extra block and then back off, i.e. output buffer
+ * has to accommodate extra block...
+ */
+ int j = outl - blocksize, buf_len;
+
+ if (!EVP_CipherUpdate(ctx->cipher,
+ (unsigned char *)out, &buf_len,
+ ctx->read_start, i > j ? j : i)) {
+ BIO_clear_retry_flags(b);
+ return 0;
+ }
+ ret += buf_len;
+ out += buf_len;
+ outl -= buf_len;
+
+ if ((i -= j) <= 0) {
+ ctx->read_start = ctx->read_end;
+ continue;
+ }
+ ctx->read_start += j;
+ }
+ if (i > ENC_MIN_CHUNK)
+ i = ENC_MIN_CHUNK;
if (!EVP_CipherUpdate(ctx->cipher,
ctx->buf, &ctx->buf_len,
- &(ctx->buf[BUF_OFFSET]), i)) {
+ ctx->read_start, i)) {
BIO_clear_retry_flags(b);
ctx->ok = 0;
return 0;
}
+ ctx->read_start += i;
ctx->cont = 1;
/*
* Note: it is possible for EVP_CipherUpdate to decrypt zero
diff --git a/test/bio_enc_test.c b/test/bio_enc_test.c
new file mode 100644
index 0000000..ce55318
--- /dev/null
+++ b/test/bio_enc_test.c
@@ -0,0 +1,140 @@
+/*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+#include <stdio.h>
+#include <string.h>
+#include <openssl/evp.h>
+#include <openssl/bio.h>
+
+int main()
+{
+ BIO *b;
+ static const unsigned char key[16] = { 0 };
+ static unsigned char inp[1024] = { 0 };
+ unsigned char out[1024], ref[1024];
+ int i, lref, len;
+
+ b = BIO_new(BIO_f_cipher());
+ if (!BIO_set_cipher(b, EVP_camellia_128_ctr(), key, NULL, 0))
+ return -1;
+ BIO_push(b, BIO_new_mem_buf(inp, sizeof(inp)));
+ lref = BIO_read(b, inp, sizeof(inp));
+ BIO_free_all(b);
+
+ /*
+ * Exercise CBC cipher
+ */
+
+ /* reference output for single-chunk operation */
+ b = BIO_new(BIO_f_cipher());
+ if (!BIO_set_cipher(b, EVP_aes_128_cbc(), key, NULL, 0))
+ return -1;
+ BIO_push(b, BIO_new_mem_buf(inp, sizeof(inp)));
+ lref = BIO_read(b, ref, sizeof(ref));
+ BIO_free_all(b);
+
+ /* perform split operations and compare to reference */
+ for (i = 1; i < lref; i++) {
+ b = BIO_new(BIO_f_cipher());
+ if (!BIO_set_cipher(b, EVP_aes_128_cbc(), key, NULL, 0))
+ return -1;
+ BIO_push(b, BIO_new_mem_buf(inp, sizeof(inp)));
+ memset(out, 0, sizeof(out));
+ out[i] = ~ref[i];
+ len = BIO_read(b, out, i);
+ /* check for overstep */
+ if (out[i] != (unsigned char)~ref[i]) {
+ fprintf(stderr, "CBC output overstep@%d\n", i);
+ return 1;
+ }
+ len += BIO_read(b, out + len, sizeof(out) - len);
+ BIO_free_all(b);
+
+ if (len != lref || memcmp(out, ref, len)) {
+ fprintf(stderr, "CBC output mismatch@%d\n", i);
+ return 2;
+ }
+ }
+
+ /* perform small-chunk operations and compare to reference */
+ for (i = 1; i < lref / 2; i++) {
+ int delta;
+
+ b = BIO_new(BIO_f_cipher());
+ if (!BIO_set_cipher(b, EVP_aes_128_cbc(), key, NULL, 0))
+ return -1;
+ BIO_push(b, BIO_new_mem_buf(inp, sizeof(inp)));
+ memset(out, 0, sizeof(out));
+ for (len = 0; (delta = BIO_read(b, out + len, i)); ) {
+ len += delta;
+ }
+ BIO_free_all(b);
+
+ if (len != lref || memcmp(out, ref, len)) {
+ fprintf(stderr, "CBC output mismatch@%d\n", i);
+ return 3;
+ }
+ }
+
+ /*
+ * Exercise CTR cipher
+ */
+
+ /* reference output for single-chunk operation */
+ b = BIO_new(BIO_f_cipher());
+ if (!BIO_set_cipher(b, EVP_aes_128_cbc(), key, NULL, 0))
+ return -1;
+ BIO_push(b, BIO_new_mem_buf(inp, sizeof(inp)));
+ lref = BIO_read(b, ref, sizeof(ref));
+ BIO_free_all(b);
+
+ /* perform split operations and compare to reference */
+ for (i = 1; i < lref; i++) {
+ b = BIO_new(BIO_f_cipher());
+ if (!BIO_set_cipher(b, EVP_aes_128_cbc(), key, NULL, 0))
+ return -1;
+ BIO_push(b, BIO_new_mem_buf(inp, sizeof(inp)));
+ memset(out, 0, sizeof(out));
+ out[i] = ~ref[i];
+ len = BIO_read(b, out, i);
+ /* check for overstep */
+ if (out[i] != (unsigned char)~ref[i]) {
+ fprintf(stderr, "CTR output overstep@%d\n", i);
+ return 4;
+ }
+ len += BIO_read(b, out + len, sizeof(out) - len);
+ BIO_free_all(b);
+
+ if (len != lref || memcmp(out, ref, len)) {
+ fprintf(stderr, "CTR output mismatch@%d\n", i);
+ return 5;
+ }
+ }
+
+ /* perform small-chunk operations and compare to reference */
+ for (i = 1; i < lref / 2; i++) {
+ int delta;
+
+ b = BIO_new(BIO_f_cipher());
+ if (!BIO_set_cipher(b, EVP_aes_128_cbc(), key, NULL, 0))
+ return -1;
+ BIO_push(b, BIO_new_mem_buf(inp, sizeof(inp)));
+ memset(out, 0, sizeof(out));
+ for (len = 0; (delta = BIO_read(b, out + len, i)); ) {
+ len += delta;
+ }
+ BIO_free_all(b);
+
+ if (len != lref || memcmp(out, ref, len)) {
+ fprintf(stderr, "CTR output mismatch@%d\n", i);
+ return 6;
+ }
+ }
+
+ return 0;
+}
diff --git a/test/build.info b/test/build.info
index ec450c2..b8fc431 100644
--- a/test/build.info
+++ b/test/build.info
@@ -16,7 +16,7 @@ IF[{- !$disabled{tests} -}]
packettest asynctest secmemtest srptest memleaktest \
dtlsv1listentest ct_test threadstest afalgtest d2i_test \
ssl_test_ctx_test ssl_test x509aux cipherlist_test asynciotest \
- bioprinttest sslapitest dtlstest
+ bioprinttest sslapitest dtlstest bio_enc_test
SOURCE[aborttest]=aborttest.c
INCLUDE[aborttest]=../include
@@ -270,6 +270,10 @@ IF[{- !$disabled{tests} -}]
SOURCE[dtlstest]=dtlstest.c ssltestlib.c testutil.c
INCLUDE[dtlstest]=../include .
DEPEND[dtlstest]=../libcrypto ../libssl
+
+ SOURCE[bio_enc_test]=bio_enc_test.c
+ INCLUDE[bio_enc_test]=../include
+ DEPEND[bio_enc_test]=../libcrypto
ENDIF
{-
diff --git a/test/recipes/01-test_sanity.t b/test/recipes/90-test_bio_enc.t
similarity index 86%
copy from test/recipes/01-test_sanity.t
copy to test/recipes/90-test_bio_enc.t
index f01466d..aa7e42a 100644
--- a/test/recipes/01-test_sanity.t
+++ b/test/recipes/90-test_bio_enc.t
@@ -9,4 +9,4 @@
use OpenSSL::Test::Simple;
-simple_test("test_sanity", "sanitytest");
+simple_test("test_bio_enc", "bio_enc_test", "bio_enc");
More information about the openssl-commits
mailing list